*/
#include "platform.h"
#include "gnunet_util_lib.h"
+#include <gcrypt.h>
/**
- * Flag for reverse lookup.
+ * Flag for printing public key.
*/
-static int print;
+static int print_public_key;
+
+/**
+ * Flag for printing hash of public key.
+ */
+static int print_peer_identity;
+
+/**
+ * Flag for printing short hash of public key.
+ */
+static int print_short_identity;
+
+/**
+ * Use weak random number generator for key generation.
+ */
+static int weak_random;
+
+/**
+ * Option set to create a bunch of keys at once.
+ */
+static unsigned int make_keys;
+
+/**
+ * The private information of an RSA key pair.
+ * NOTE: this must match the definition in crypto_ksk.c and crypto_rsa.c!
+ */
+struct GNUNET_CRYPTO_RsaPrivateKey
+{
+ gcry_sexp_t sexp;
+};
+
+
+/**
+ * Create a new private key. Caller must free return value.
+ *
+ * @return fresh private key
+ */
+static struct GNUNET_CRYPTO_RsaPrivateKey *
+rsa_key_create ()
+{
+ struct GNUNET_CRYPTO_RsaPrivateKey *ret;
+ gcry_sexp_t s_key;
+ gcry_sexp_t s_keyparam;
+
+ GNUNET_assert (0 ==
+ gcry_sexp_build (&s_keyparam, NULL,
+ "(genkey(rsa(nbits %d)(rsa-use-e 3:257)))",
+ 2048));
+ GNUNET_assert (0 == gcry_pk_genkey (&s_key, s_keyparam));
+ gcry_sexp_release (s_keyparam);
+#if EXTRA_CHECKS
+ GNUNET_assert (0 == gcry_pk_testkey (s_key));
+#endif
+ ret = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_RsaPrivateKey));
+ ret->sexp = s_key;
+ return ret;
+}
+
+
+/**
+ * Create a flat file with a large number of key pairs for testing.
+ */
+static void
+create_keys (const char *fn)
+{
+ FILE *f;
+ struct GNUNET_CRYPTO_RsaPrivateKey *pk;
+ struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded *enc;
+
+ if (NULL == (f = fopen (fn, "w+")))
+ {
+ fprintf (stderr,
+ _("Failed to open `%s': %s\n"),
+ fn,
+ STRERROR (errno));
+ return;
+ }
+ fprintf (stderr,
+ _("Generating %u keys, please wait"),
+ make_keys);
+ while (0 < make_keys--)
+ {
+ fprintf (stderr,
+ ".");
+ if (NULL == (pk = rsa_key_create ()))
+ {
+ GNUNET_break (0);
+ break;
+ }
+ enc = GNUNET_CRYPTO_rsa_encode_key (pk);
+ if (htons (enc->len) != fwrite (enc, 1, htons (enc->len), f))
+ {
+ fprintf (stderr,
+ _("\nFailed to write to `%s': %s\n"),
+ fn,
+ STRERROR (errno));
+ GNUNET_CRYPTO_rsa_key_free (pk);
+ GNUNET_free (enc);
+ break;
+ }
+ GNUNET_CRYPTO_rsa_key_free (pk);
+ GNUNET_free (enc);
+ }
+ if (0 == make_keys)
+ fprintf (stderr,
+ _("Finished!\n"));
+ fclose (f);
+}
/**
{
struct GNUNET_CRYPTO_RsaPrivateKey *pk;
struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pub;
- char *s;
+ struct GNUNET_PeerIdentity pid;
if (NULL == args[0])
{
fprintf (stderr, _("No hostkey file specified on command line\n"));
return;
}
+ if (0 != weak_random)
+ GNUNET_CRYPTO_random_disable_entropy_gathering ();
+ if (make_keys > 0)
+ {
+ create_keys (args[0]);
+ return;
+ }
pk = GNUNET_CRYPTO_rsa_key_create_from_file (args[0]);
- if (print)
+ if (NULL == pk)
+ return;
+ if (print_public_key)
{
+ char *s;
+
GNUNET_CRYPTO_rsa_key_get_public (pk, &pub);
s = GNUNET_CRYPTO_rsa_public_key_to_string (&pub);
fprintf (stdout, "%s\n", s);
GNUNET_free (s);
}
+ if (print_peer_identity)
+ {
+ struct GNUNET_CRYPTO_HashAsciiEncoded enc;
+
+ GNUNET_CRYPTO_rsa_key_get_public (pk, &pub);
+ GNUNET_CRYPTO_hash (&pub, sizeof (pub), &pid.hashPubKey);
+ GNUNET_CRYPTO_hash_to_enc (&pid.hashPubKey, &enc);
+ fprintf (stdout, "%s\n", enc.encoding);
+ }
+ if (print_short_identity)
+ {
+ struct GNUNET_CRYPTO_ShortHashAsciiEncoded enc;
+ struct GNUNET_CRYPTO_ShortHashCode sh;
+
+ GNUNET_CRYPTO_rsa_key_get_public (pk, &pub);
+ GNUNET_CRYPTO_short_hash (&pub, sizeof (pub), &sh);
+ GNUNET_CRYPTO_short_hash_to_enc (&sh, &enc);
+ fprintf (stdout, "%s\n", enc.short_encoding);
+ }
GNUNET_CRYPTO_rsa_key_free (pk);
}
/**
- * The main function to obtain statistics in GNUnet.
+ * Program to manipulate RSA key files.
*
* @param argc number of arguments from the command line
* @param argv command line arguments
main (int argc, char *const *argv)
{
static const struct GNUNET_GETOPT_CommandLineOption options[] = {
- { 'p', "print", NULL,
+ { 'g', "generate-keys", "COUNT",
+ gettext_noop ("create COUNT public-private key pairs (for testing)"),
+ 1, &GNUNET_GETOPT_set_uint, &make_keys },
+ { 'p', "print-public-key", NULL,
gettext_noop ("print the public key in ASCII format"),
- 0, &GNUNET_GETOPT_set_one, &print },
+ 0, &GNUNET_GETOPT_set_one, &print_public_key },
+ { 'P', "print-peer-identity", NULL,
+ gettext_noop ("print the hash of the public key in ASCII format"),
+ 0, &GNUNET_GETOPT_set_one, &print_peer_identity },
+ { 's', "print-short-identity", NULL,
+ gettext_noop ("print the short hash of the public key in ASCII format"),
+ 0, &GNUNET_GETOPT_set_one, &print_short_identity },
+ { 'w', "weak-random", NULL,
+ gettext_noop ("use insecure, weak random number generator for key generation (for testing only)"),
+ 0, &GNUNET_GETOPT_set_one, &weak_random },
GNUNET_GETOPT_OPTION_END
};
+
+ if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
+ return 2;
+
return (GNUNET_OK ==
GNUNET_PROGRAM_run (argc, argv, "gnunet-rsa [OPTIONS] keyfile",
gettext_noop ("Manipulate GNUnet private RSA key files"),