Browse Source

Reconstitute and write out the secret

master
Damien Goutte-Gattat 6 years ago
parent
commit
5757c68938
  1. 4
      src/Makefile.am
  2. 63
      src/gfsec-use.c
  3. 19
      src/util.c
  4. 3
      src/util.h

4
src/Makefile.am

@ -4,6 +4,6 @@ gfsec_use_SOURCES = gfsec-use.c util.c util.h share.c share.h \
secretcfg.c secretcfg.h \
mtp-support.c mtp-support.h
AM_CPPFLAGS = -I$(top_srcdir)/lib $(LIBMTP_CFLAGS)
AM_LDFLAGS = -L$(top_builddir)/lib $(LIBMTP_LIBS)
AM_CPPFLAGS = -I$(top_srcdir)/lib $(LIBGFSHARE_CFLAGS) $(LIBMTP_CFLAGS)
AM_LDFLAGS = -L$(top_builddir)/lib $(LIBGFSHARE_LIBS) $(LIBMTP_LIBS)
LDADD = -lgfsecret

63
src/gfsec-use.c

@ -24,10 +24,13 @@
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <sys/mman.h>
#include <getopt.h>
#include <err.h>
#include <libgfshare.h>
#include "util.h"
#include "share.h"
#include "secretcfg.h"
@ -218,6 +221,66 @@ main(int argc, char **argv)
share = share->next;
}
if ( have_full ) {
share = cfg->shares;
while ( share ) {
if ( share->data && (share->flags & GFSEC_SHARE_FLAGS_FULL) > 0 )
break;
share = share->next;
}
printf("Using full data in %s\n", get_share_display_name(share));
if ( write_file(cfg->output_file, share->data, share->length) == -1 )
err(EXIT_FAILURE, "Cannot write secret");
}
else if ( have_shares >= cfg->threshold ) {
gfshare_ctx *ctx;
unsigned char sharenrs[255], *secret;
unsigned n, size;
n = size = 0;
share = cfg->shares;
while ( share ) {
if ( share->data && share->share_nr > 0 ) {
sharenrs[n++] = share->share_nr;
if ( size == 0 )
size = share->length;
else if ( size != share->length )
errx(EXIT_FAILURE, "Shares have different sizes");
}
share = share->next;
}
if ( ! (secret = malloc(size)) || mlock(secret, size) == -1 )
err(EXIT_FAILURE, "Cannot allocated mlocked memory");
if ( ! (ctx = gfshare_ctx_init_dec(sharenrs, n, size)) )
errx(EXIT_FAILURE, "Cannot initialize libgfshare context");
n = 0;
share = cfg->shares;
while ( share ) {
if ( share->data && share->share_nr > 0 ) {
printf("using share data in %s\n", get_share_display_name(share));
gfshare_ctx_dec_giveshare(ctx, n++, share->data);
}
share = share->next;
}
gfshare_ctx_dec_extract(ctx, secret);
if ( write_file(cfg->output_file, secret, size) == -1 )
err(EXIT_FAILURE, "Cannot write secret");
memset(secret, 0, size);
munlock(secret, size);
free(secret);
}
else
errx(EXIT_FAILURE, "Not enough data to reconstitute secret");
gfsec_destroy_config(cfg);
return EXIT_SUCCESS;

19
src/util.c

@ -90,3 +90,22 @@ read_file(const char *filename, size_t *len)
return blob;
}
int
write_file(const char *filename, const unsigned char *contents, size_t len)
{
FILE *f;
int rc;
if ( ! filename || ! contents ) {
errno = EINVAL;
return -1;
}
if ( (f = fopen(filename, "w")) ) {
rc = fwrite(contents, sizeof(char), len, f) == len ? 0 : -1;
fclose(f);
}
return rc;
}

3
src/util.h

@ -35,6 +35,9 @@ get_file_size(FILE *f);
unsigned char *
read_file(const char *, size_t *);
int
write_file(const char *, const unsigned char *, size_t);
#ifdef __cplusplus
}
#endif

Loading…
Cancel
Save