Home Explore Help
Sign In
sl1nk
/
tarsnap
mirror of https://github.com/Tarsnap/tarsnap.git
Watch 1
Star 0
Fork 0
Files Issues 0 Wiki
Tree: 1886226835
Branches Tags
tarsnap
/
keymgmt
/
keymgmt.c

keymgmt.c 8.2 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329 
  1. #include "platform.h"
    2. 

  2. 

  3. #include <sys/stat.h>
    4. 

  4. 

  5. #include <inttypes.h>
    6. 

  6. #include <stdint.h>
    7. 

  7. #include <stdio.h>
    8. 

  8. #include <stdlib.h>
    9. 

  9. #include <string.h>
    10. 

  10. 

  11. #include "crypto.h"
    12. 

  12. #include "getopt.h"
    13. 

  13. #include "humansize.h"
    14. 

  14. #include "keyfile.h"
    15. 

  15. #include "passphrase_entry.h"
    16. 

  16. #include "readpass.h"
    17. 

  17. #include "warnp.h"
    18. 

  18. 

  19. static void usage(void);
    20. 

  20. 

  21. static void
    22. 

  22. usage(void)
    23. 

  23. {
    24. 

  24. 

  25. 	fprintf(stderr, "usage: tarsnap-keymgmt %s %s %s %s %s key-file ...\n",
    26. 

  26. 	    "--outkeyfile new-key-file", "[--passphrased]",
    27. 

  27. 	    "[--passphrase-mem maxmem]", "[--passphrase-time maxtime]",
    28. 

  28. 	    "[-r] [-w] [-d] [--nuke]");
    29. 

  29. 	fprintf(stderr, "       tarsnap-keymgmt --print-key-id key-file\n");
    30. 

  30. 	fprintf(stderr, "       tarsnap-keymgmt --print-key-permissions "
    31. 

  31. 	    "key-file\n");
    32. 

  32. 	fprintf(stderr, "       tarsnap-keymgmt --version\n");
    33. 

  33. 	exit(1);
    34. 

  34. 

  35. 	/* NOTREACHED */
    36. 

  36. }
    37. 

  37. 

  38. static void
    39. 

  39. print_id(const char *keyfilename)
    40. 

  40. {
    41. 

  41. 	uint64_t machinenum = (uint64_t)(-1);
    42. 

  42. 

  43. 	/* Read keyfile and machine name. */
    44. 

  44. 	if (keyfile_read(keyfilename, &machinenum, ~0, 0,
    45. 

  45. 	    PASSPHRASE_TTY_STDIN, NULL)) {
    46. 

  46. 		warnp("Cannot read key file: %s", keyfilename);
    47. 

  47. 		exit(1);
    48. 

  48. 	}
    49. 

  49. 

  50. 	/* Print key ID. */
    51. 

  51. 	fprintf(stdout, "%" PRIu64 "\n", machinenum);
    52. 

  52. 	exit(0);
    53. 

  53. 

  54. 	/* NOTREACHED */
    55. 

  55. }
    56. 

  56. 

  57. static void
    58. 

  58. print_permissions(const char *keyfilename)
    59. 

  59. {
    60. 

  60. 	uint64_t machinenum = (uint64_t)(-1);
    61. 

  61. 	int has_read;
    62. 

  62. 	int has_write;
    63. 

  63. 	int has_delete;
    64. 

  64. 

  65. 	/* Read keyfile and machine name. */
    66. 

  66. 	if (keyfile_read(keyfilename, &machinenum, ~0, 0,
    67. 

  67. 	    PASSPHRASE_TTY_STDIN, NULL)) {
    68. 

  68. 		warnp("Cannot read key file: %s", keyfilename);
    69. 

  69. 		exit(1);
    70. 

  70. 	}
    71. 

  71. 

  72. 	/* Determine permissions. */
    73. 

  73. 	has_read = (crypto_keys_missing(CRYPTO_KEYMASK_READ) == NULL);
    74. 

  74. 	has_write = (crypto_keys_missing(CRYPTO_KEYMASK_WRITE) == NULL);
    75. 

  75. 	has_delete = (crypto_keys_missing(CRYPTO_KEYMASK_AUTH_DELETE) == NULL);
    76. 

  76. 

  77. 	/* Print key permissions. */
    78. 

  78. 	fprintf(stdout, "This key has permissions for: ");
    79. 

  79. 	if (has_read && has_write && has_delete)
    80. 

  80. 		fprintf(stdout, "reading, writing, and deleting.\n");
    81. 

  81. 	if (has_read && has_write && !has_delete)
    82. 

  82. 		fprintf(stdout, "reading and writing.\n");
    83. 

  83. 	if (has_read && !has_write && has_delete)
    84. 

  84. 		fprintf(stdout, "reading and deleting.\n");
    85. 

  85. 	if (has_read && !has_write && !has_delete)
    86. 

  86. 		fprintf(stdout, "reading.\n");
    87. 

  87. 	if (!has_read && has_write && has_delete)
    88. 

  88. 		fprintf(stdout, "writing and nuking.\n");
    89. 

  89. 	if (!has_read && has_write && !has_delete)
    90. 

  90. 		fprintf(stdout, "writing.\n");
    91. 

  91. 	if (!has_read && !has_write && has_delete)
    92. 

  92. 		fprintf(stdout, "nuking.\n");
    93. 

  93. 	if (!has_read && !has_write && !has_delete)
    94. 

  94. 		fprintf(stdout, "nothing.\n");
    95. 

  95. 	exit(0);
    96. 

  96. 

  97. 	/* NOTREACHED */
    98. 

  98. }
    99. 

  99. 

  100. int
    101. 

  101. main(int argc, char **argv)
    102. 

  102. {
    103. 

  103. 	const char * newkeyfile = NULL;
    104. 

  104. 	int keyswanted = 0;
    105. 

  105. 	char * tok, * brkb = NULL, * eptr;
    106. 

  106. 	long keynum;
    107. 

  107. 	uint64_t machinenum = (uint64_t)(-1);
    108. 

  108. 	uint64_t kfmachinenum;
    109. 

  109. 	const char * missingkey;
    110. 

  110. 	int passphrased = 0;
    111. 

  111. 	uint64_t maxmem = 0;
    112. 

  112. 	double maxtime = 1.0;
    113. 

  113. 	char * passphrase;
    114. 

  114. 	const char * print_key_id_file = NULL;
    115. 

  115. 	const char * print_key_permissions_file = NULL;
    116. 

  116. 	const char * ch;
    117. 

  117. 	char * optarg_copy;	/* for strtok_r. */
    118. 

  118. 

  119. 	WARNP_INIT;
    120. 

  120. 

  121. 	/* Initialize key cache. */
    122. 

  122. 	if (crypto_keys_init()) {
    123. 

  123. 		warnp("Key cache initialization failed");
    124. 

  124. 		exit(1);
    125. 

  125. 	}
    126. 

  126. 

  127. 	/* Parse arguments. */
    128. 

  128. 	while ((ch = GETOPT(argc, argv)) != NULL) {
    129. 

  129. 		GETOPT_SWITCH(ch) {
    130. 

  130. 		GETOPT_OPTARG("--outkeyfile"):
    131. 

  131. 			if (newkeyfile != NULL)
    132. 

  132. 				usage();
    133. 

  133. 			newkeyfile = optarg;
    134. 

  134. 			break;
    135. 

  135. 		GETOPT_OPT("-r"):
    136. 

  136. 			keyswanted |= CRYPTO_KEYMASK_READ;
    137. 

  137. 			break;
    138. 

  138. 		GETOPT_OPT("-w"):
    139. 

  139. 			keyswanted |= CRYPTO_KEYMASK_WRITE;
    140. 

  140. 			break;
    141. 

  141. 		GETOPT_OPT("-d"):
    142. 

  142. 			/*
    143. 

  143. 			 * Deleting data requires both delete authorization
    144. 

  144. 			 * and being able to read archives -- we need to be
    145. 

  145. 			 * able to figure out which bits are part of the
    146. 

  146. 			 * archive.
    147. 

  147. 			 */
    148. 

  148. 			keyswanted |= CRYPTO_KEYMASK_READ;
    149. 

  149. 			keyswanted |= CRYPTO_KEYMASK_AUTH_DELETE;
    150. 

  150. 			break;
    151. 

  151. 		GETOPT_OPT("--nuke"):
    152. 

  152. 			keyswanted |= CRYPTO_KEYMASK_AUTH_DELETE;
    153. 

  153. 			break;
    154. 

  154. 		GETOPT_OPTARG("--keylist"):
    155. 

  155. 			/*
    156. 

  156. 			 * This is a deliberately undocumented option used
    157. 

  157. 			 * mostly for testing purposes; it allows a list of
    158. 

  158. 			 * keys to be specified according to their numbers in
    159. 

  159. 			 * crypto/crypto.h instead of using the predefined
    160. 

  160. 			 * sets of "read", "write" and "delete" keys.
    161. 

  161. 			 */
    162. 

  162. 			if ((optarg_copy = strdup(optarg)) == NULL) {
    163. 

  163. 				warn0("Out of memory");
    164. 

  164. 				exit(0);
    165. 

  165. 			}
    166. 

  166. 			for (tok = strtok_r(optarg_copy, ",", &brkb);
    167. 

  167. 			     tok;
    168. 

  168. 			     tok = strtok_r(NULL, ",", &brkb)) {
    169. 

  169. 				keynum = strtol(tok, &eptr, 0);
    170. 

  170. 				if ((eptr == tok) ||
    171. 

  171. 				    (keynum < 0) || (keynum > 31)) {
    172. 

  172. 					warn0("Not a valid key number: %s",
    173. 

  173. 					    tok);
    174. 

  174. 					free(optarg_copy);
    175. 

  175. 					exit(1);
    176. 

  176. 				}
    177. 

  177. 				keyswanted |= (uint32_t)(1) << keynum;
    178. 

  178. 			}
    179. 

  179. 			free(optarg_copy);
    180. 

  180. 			break;
    181. 

  181. 		GETOPT_OPTARG("--passphrase-mem"):
    182. 

  182. 			if (maxmem != 0)
    183. 

  183. 				usage();
    184. 

  184. 			if (humansize_parse(optarg, &maxmem)) {
    185. 

  185. 				warnp("Cannot parse --passphrase-mem"
    186. 

  186. 				    " argument: %s", optarg);
    187. 

  187. 				exit(1);
    188. 

  188. 			}
    189. 

  189. 			if (maxmem > SIZE_MAX) {
    190. 

  190. 				fprintf(stderr,
    191. 

  191. 				    "Passphrase memory size is too large\n");
    192. 

  192. 				exit(1);
    193. 

  193. 			}
    194. 

  194. 			break;
    195. 

  195. 		GETOPT_OPTARG("--passphrase-time"):
    196. 

  196. 			if (maxtime != 1.0)
    197. 

  197. 				usage();
    198. 

  198. 			maxtime = strtod(optarg, NULL);
    199. 

  199. 			if ((maxtime < 0.05) || (maxtime > 86400)) {
    200. 

  200. 				warn0("Invalid --passphrase-time argument: %s",
    201. 

  201. 				    optarg);
    202. 

  202. 				exit(1);
    203. 

  203. 			}
    204. 

  204. 			break;
    205. 

  205. 		GETOPT_OPT("--passphrased"):
    206. 

  206. 			if (passphrased != 0)
    207. 

  207. 				usage();
    208. 

  208. 			passphrased = 1;
    209. 

  209. 			break;
    210. 

  210. 		GETOPT_OPTARG("--print-key-id"):
    211. 

  211. 			if (print_key_id_file != NULL)
    212. 

  212. 				usage();
    213. 

  213. 			print_key_id_file = optarg;
    214. 

  214. 			break;
    215. 

  215. 		GETOPT_OPTARG("--print-key-permissions"):
    216. 

  216. 			if (print_key_permissions_file != NULL)
    217. 

  217. 				usage();
    218. 

  218. 			print_key_permissions_file = optarg;
    219. 

  219. 			break;
    220. 

  220. 		GETOPT_OPT("--version"):
    221. 

  221. 			fprintf(stderr, "tarsnap-keymgmt %s\n",
    222. 

  222. 			    PACKAGE_VERSION);
    223. 

  223. 			exit(0);
    224. 

  224. 		GETOPT_MISSING_ARG:
    225. 

  225. 			warn0("Missing argument to %s", ch);
    226. 

  226. 			/* FALLTHROUGH */
    227. 

  227. 		GETOPT_DEFAULT:
    228. 

  228. 			usage();
    229. 

  229. 		}
    230. 

  230. 	}
    231. 

  231. 	argc -= optind;
    232. 

  232. 	argv += optind;
    233. 

  233. 

  234. 	/* We can't print ID and permissions at the same time. */
    235. 

  235. 	if ((print_key_id_file != NULL) && (print_key_permissions_file != NULL))
    236. 

  236. 		usage();
    237. 

  237. 

  238. 	if ((print_key_id_file != NULL) ||
    239. 

  239. 	    (print_key_permissions_file != NULL)) {
    240. 

  240. 		/* We can't combine printing info with generating a new key. */
    241. 

  241. 		if (newkeyfile != NULL)
    242. 

  242. 			usage();
    243. 

  243. 

  244. 		/* We should have processed all arguments. */
    245. 

  245. 		if (argc != 0)
    246. 

  246. 			usage();
    247. 

  247. 

  248. 		/* Print info. */
    249. 

  249. 		if (print_key_id_file != NULL)
    250. 

  250. 			print_id(print_key_id_file);
    251. 

  251. 		if (print_key_permissions_file != NULL)
    252. 

  252. 			print_permissions(print_key_permissions_file);
    253. 

  253. 	}
    254. 

  254. 

  255. 	/* We should have an output key file. */
    256. 

  256. 	if (newkeyfile == NULL)
    257. 

  257. 		usage();
    258. 

  258. 

  259. 	/*
    260. 

  260. 	 * It doesn't make sense to specify --passphrase-mem or
    261. 

  261. 	 * --passphrase-time if we're not using a passphrase.
    262. 

  262. 	 */
    263. 

  263. 	if (((maxmem != 0) || (maxtime != 1.0)) && (passphrased == 0))
    264. 

  264. 		usage();
    265. 

  265. 

  266. 	/* Warn the user if they're being silly. */
    267. 

  267. 	if (keyswanted == 0) {
    268. 

  268. 		warn0("None of {-r, -w, -d, --nuke} options are specified."
    269. 

  269. 		    "  This will create a key file with no keys, which is"
    270. 

  270. 		    " probably not what you intended.");
    271. 

  271. 	}
    272. 

  272. 

  273. 	/* Read the specified key files. */
    274. 

  274. 	while (argc-- > 0) {
    275. 

  275. 		/*
    276. 

  276. 		 * Suck in the key file.  We could mask this to only load the
    277. 

  277. 		 * keys we want to copy, but there's no point really since we
    278. 

  278. 		 * export keys selectively.
    279. 

  279. 		 */
    280. 

  280. 		if (keyfile_read(argv[0], &kfmachinenum, ~0, 0,
    281. 

  281. 		    PASSPHRASE_TTY_STDIN, NULL)) {
    282. 

  282. 			warnp("Cannot read key file: %s", argv[0]);
    283. 

  283. 			exit(1);
    284. 

  284. 		}
    285. 

  285. 

  286. 		/*
    287. 

  287. 		 * Check that we're not using key files which belong to
    288. 

  288. 		 * different machines.
    289. 

  289. 		 */
    290. 

  290. 		if (machinenum == (uint64_t)(-1)) {
    291. 

  291. 			machinenum = kfmachinenum;
    292. 

  292. 		} else if (machinenum != kfmachinenum) {
    293. 

  293. 			warn0("Keys from %s do not belong to the "
    294. 

  294. 			    "same machine as earlier keys", argv[0]);
    295. 

  295. 			exit(1);
    296. 

  296. 		}
    297. 

  297. 

  298. 		/* Move on to the next file. */
    299. 

  299. 		argv++;
    300. 

  300. 	}
    301. 

  301. 

  302. 	/* Make sure that we have the necessary keys. */
    303. 

  303. 	if ((missingkey = crypto_keys_missing(keyswanted)) != NULL) {
    304. 

  304. 		warn0("The %s key is required but not in any input key files",
    305. 

  305. 		    missingkey);
    306. 

  306. 		exit(1);
    307. 

  307. 	}
    308. 

  308. 

  309. 	/* If the user wants to passphrase the keyfile, get the passphrase. */
    310. 

  310. 	if (passphrased != 0) {
    311. 

  311. 		if (readpass(&passphrase,
    312. 

  312. 		    "Please enter passphrase for keyfile encryption",
    313. 

  313. 		    "Please confirm passphrase for keyfile encryption", 1)) {
    314. 

  314. 			warnp("Error reading password");
    315. 

  315. 			exit(1);
    316. 

  316. 		}
    317. 

  317. 	} else {
    318. 

  318. 		passphrase = NULL;
    319. 

  319. 	}
    320. 

  320. 

  321. 	/* Write out new key file. */
    322. 

  322. 	if (keyfile_write(newkeyfile, machinenum, keyswanted,
    323. 

  323. 	    passphrase, (size_t)maxmem, maxtime))
    324. 

  324. 		exit(1);
    325. 

  325. 

  326. 	/* Success! */
    327. 

  327. 	return (0);
    328. 

  328. }
    329. 

  329.