diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2015-06-05 15:58:00 +0200 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2016-06-25 16:48:39 +0200 |
commit | 8132305e54d45dbad65bf9ef6f6c5805c841d1da (patch) | |
tree | d0d9aae746ac41e2cf231d0c01b5f8aa62a04ce2 /src/genkey.c | |
download | wireguard-tools-8132305e54d45dbad65bf9ef6f6c5805c841d1da.tar.xz wireguard-tools-8132305e54d45dbad65bf9ef6f6c5805c841d1da.zip |
Initial commit
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'src/genkey.c')
-rw-r--r-- | src/genkey.c | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/src/genkey.c b/src/genkey.c new file mode 100644 index 0000000..1602ae1 --- /dev/null +++ b/src/genkey.c @@ -0,0 +1,59 @@ +/* Copyright 2015-2016 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */ + +#include <errno.h> +#include <stdio.h> +#include <unistd.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <syscall.h> +#include <unistd.h> +#include <string.h> + +#include "curve25519.h" +#include "base64.h" + +#ifdef __NR_getrandom +static inline ssize_t get_random_bytes(uint8_t *out, size_t len) +{ + return syscall(__NR_getrandom, out, len, 0); +} +#else +#include <fcntl.h> +static inline ssize_t get_random_bytes(uint8_t *out, size_t len) +{ + ssize_t ret; + int fd = open("/dev/urandom", O_RDONLY); + if (fd < 0) + return fd; + ret = read(fd, out, len); + close(fd); + return ret; +} +#endif + +int genkey_main(int argc, char *argv[]) +{ + unsigned char private_key[CURVE25519_POINT_SIZE]; + char private_key_base64[b64_len(CURVE25519_POINT_SIZE)]; + struct stat stat; + + if (!fstat(STDOUT_FILENO, &stat) && S_ISREG(stat.st_mode) && stat.st_mode & S_IRWXO) + fputs("Warning: writing to world accessible file.\nConsider setting the umask to 077 and trying again.\n", stderr); + + if (get_random_bytes(private_key, CURVE25519_POINT_SIZE) != CURVE25519_POINT_SIZE) { + perror("getrandom"); + return 1; + } + if (argc && !strcmp(argv[0], "genkey")) + curve25519_normalize_secret(private_key); + + if (b64_ntop(private_key, sizeof(private_key), private_key_base64, sizeof(private_key_base64)) < 0) { + errno = EINVAL; + perror("b64"); + return 1; + } + + puts(private_key_base64); + return 0; + +} |