Merge remote-tracking branch 'upstream/hmac_support' into hmac_support
authorFranck Joncourt <franck@debian.org>
Sat, 9 Mar 2013 10:54:45 +0000 (11:54 +0100)
committerFranck Joncourt <franck@debian.org>
Sat, 9 Mar 2013 10:54:45 +0000 (11:54 +0100)
Conflicts:
client/cmd_opts.h
client/config_init.c

1  2 
client/cmd_opts.h
client/config_init.c
client/fwknop_common.h

@@@ -46,6 -46,11 +46,14 @@@ enum 
      RC_FILE_PATH,
      RESOLVE_URL,
      USE_HMAC,
+     SPA_ICMP_TYPE,
+     SPA_ICMP_CODE,
+     KEY_LEN,
+     HMAC_DIGEST_TYPE,
+     HMAC_KEY_LEN,
++    KEY_RIJNDAEL,
++    KEY_RIJNDAEL_BASE64,
++    KEY_HMAC_BASE64,    
      /* Put GPG-related items below the following line */
      GPG_ENCRYPTION      = 0x200,
      GPG_RECIP_KEY,
@@@ -90,9 -90,9 +93,12 @@@ static struct option cmd_opts[] 
      {"http-proxy",          1, NULL, 'H'},
      {"key-gen",             0, NULL, 'k'},
      {"key-gen-file",        1, NULL, 'K'},
 +    {"key-rijndael",        1, NULL, KEY_RIJNDAEL },
 +    {"key-rijndael-base64", 1, NULL, KEY_RIJNDAEL_BASE64 },
 +    {"key-hmac-base64",     1, NULL, KEY_HMAC_BASE64 },
+     {"key-len",             1, NULL, KEY_LEN},
+     {"hmac-key-len",        1, NULL, HMAC_KEY_LEN},
+     {"hmac-digest-type",    1, NULL, HMAC_DIGEST_TYPE},
      {"icmp-type",           1, NULL, SPA_ICMP_TYPE },
      {"icmp-code",           1, NULL, SPA_ICMP_CODE },
      {"last-cmd",            0, NULL, 'l'},
@@@ -1439,34 -842,34 +1460,62 @@@ config_init(fko_cli_options_t *options
                  options->key_gen = 1;
                  strlcpy(options->key_gen_file, optarg, MAX_PATH_LEN);
                  break;
 +            case KEY_RIJNDAEL:
 +                strlcpy(options->key, optarg, MAX_KEY_LEN);
 +                options->have_key = 1;
 +                cli_arg_bitmask |= FWKNOP_CLI_ARG_BM(FWKNOP_CLI_ARG_KEY_RIJNDAEL);
 +                break;
 +            case KEY_RIJNDAEL_BASE64:
 +                if (! is_base64((unsigned char *) optarg, strlen(optarg)))
 +                {
 +                    fprintf(stderr,
 +                        "Base64 encoded Rijndael argument '%s' doesn't look like base64-encoded data.\n",
 +                        optarg);
 +                    exit(EXIT_FAILURE);
 +                }
 +                strlcpy(options->key_base64, optarg, MAX_KEY_LEN);
 +                options->have_base64_key = 1;
 +                cli_arg_bitmask |= FWKNOP_CLI_ARG_BM(FWKNOP_CLI_ARG_KEY_RIJNDAEL_BASE64);
 +                break;
 +            case KEY_HMAC_BASE64:
 +                if (! is_base64((unsigned char *) optarg, strlen(optarg)))
 +                {
 +                    fprintf(stderr,
 +                        "Base64 encoded HMAC argument '%s' doesn't look like base64-encoded data.\n",
 +                        optarg);
 +                     exit(EXIT_FAILURE);
 +                }
 +                strlcpy(options->hmac_key_base64, optarg, MAX_KEY_LEN);
 +                options->have_hmac_base64_key = 1;
 +                cli_arg_bitmask |= FWKNOP_CLI_ARG_BM(FWKNOP_CLI_ARG_KEY_HMAC_BASE64);
+             case KEY_LEN:
+                 options->key_len = strtol_wrapper(optarg, 1,
+                         MAX_KEY_LEN, NO_EXIT_UPON_ERR, &is_err);
+                 if(is_err != FKO_SUCCESS)
+                 {
+                     fprintf(stderr, "Invalid key length '%s', must be in [%d-%d]\n",
+                             optarg, 1, MAX_KEY_LEN);
+                     exit(EXIT_FAILURE);
+                 }
+                 break;
+             case HMAC_DIGEST_TYPE:
+                 if((options->hmac_type = hmac_digest_strtoint(optarg)) < 0)
+                 {
+                     fprintf(stderr,
+                         "* Invalid hmac digest type: %s, use {md5,sha1,sha256,sha384,sha512}\n",
+                     optarg);
+                     exit(EXIT_FAILURE);
+                 }
+                 break;
+             case HMAC_KEY_LEN:
+                 options->hmac_key_len = strtol_wrapper(optarg, 1,
+                         MAX_KEY_LEN, NO_EXIT_UPON_ERR, &is_err);
+                 if(is_err != FKO_SUCCESS)
+                 {
+                     fprintf(stderr, "Invalid hmac key length '%s', must be in [%d-%d]\n",
+                             optarg, 1, MAX_KEY_LEN);
+                     exit(EXIT_FAILURE);
+                 }
                  break;
              case SPA_ICMP_TYPE:
                  options->spa_icmp_type = strtol_wrapper(optarg, 0,
Simple merge