case 'k':
options->key_gen = 1;
break;
+ case 'K':
+ options->key_gen = 1;
+ strlcpy(options->key_gen_file, optarg, MAX_PATH_LEN);
+ break;
case 'l':
options->run_last_command = 1;
break;
" line args as the last time it was executed\n"
" (args are read from the ~/.fwknop.run file).\n"
" -G, --get-key Load an encryption key/password from a file.\n"
+ " -k, --key-gen Generate SPA Rijndael + HMAC keys.\n"
+ " -K, --key-gen-file Write generated Rijndael + HMAC keys to a\n"
+ " file\n"
" -r, --rand-port Send the SPA packet over a randomly assigned\n"
" port (requires a broader pcap filter on the\n"
" server side than the default of udp 62201).\n"
char key[MAX_KEY_LEN+1] = {0};
char hmac_key[MAX_KEY_LEN+1] = {0};
int key_len = 0, hmac_key_len = 0;
+ FILE *key_gen_file_ptr = NULL;
fko_cli_options_t options;
if(options.key_gen)
{
fko_key_gen(options.key_base64, options.hmac_key_base64);
- printf("KEY_BASE64: %s\nHMAC_KEY_BASE64: %s\n", options.key_base64, options.hmac_key_base64);
+
+ if(options.key_gen_file != NULL && options.key_gen_file[0] != '\0')
+ {
+ if ((key_gen_file_ptr = fopen(options.key_gen_file, "w")) == NULL)
+ {
+ fprintf(stderr, "Unable to create key gen file: %s: %s\n",
+ options.key_gen_file, strerror(errno));
+ return(EXIT_FAILURE);
+ }
+ fprintf(key_gen_file_ptr, "KEY_BASE64: %s\nHMAC_KEY_BASE64: %s\n",
+ options.key_base64, options.hmac_key_base64);
+ fclose(key_gen_file_ptr);
+ printf("[+] Wrote Rijndael and HMAC keys to: %s\n",
+ options.key_gen_file);
+ }
+ else
+ {
+ printf("KEY_BASE64: %s\nHMAC_KEY_BASE64: %s\n", options.key_base64, options.hmac_key_base64);
+ }
return(EXIT_SUCCESS);
}
my $anonymize_results = 0;
my $curr_test_file = "$output_dir/init";
my $tarfile = 'test_fwknop.tar.gz';
+my $key_gen_file = "$output_dir/key_gen";
my $server_test_file = '';
my $use_valgrind = 0;
my $valgrind_str = '';
"--rc-file $cf{'rc_file_hmac_b64_key'}",
'fatal' => $NO
},
+ {
+ 'category' => 'Rijndael SPA',
+ 'subcategory' => 'client',
+ 'detail' => '--key-gen',
+ 'err_msg' => 'SPA packet not generated',
+ 'function' => \&generic_exec,
+ 'cmdline' => "LD_LIBRARY_PATH=$lib_dir " .
+ "$valgrind_str $fwknopCmd --key-gen",
+ 'positive_output_matches' => [qr/BASE64/, qw/HMAC/, qw/KEY/],
+ 'fatal' => $NO
+ },
+ {
+ 'category' => 'Rijndael SPA',
+ 'subcategory' => 'client',
+ 'detail' => '--key-gen to file',
+ 'err_msg' => 'SPA packet not generated',
+ 'function' => \&generic_exec,
+ 'cmdline' => "LD_LIBRARY_PATH=$lib_dir " .
+ "$valgrind_str $fwknopCmd --key-gen --key-gen-file $key_gen_file",
+ 'positive_output_matches' => [qr/Wrote.*\skeys/],
+ 'fatal' => $NO
+ },
{
'category' => 'Rijndael SPA',
$saved_last_results = 1;
}
- unless (-d $output_dir) {
- mkdir $output_dir or die "[*] Could not mkdir $output_dir: $!";
- }
- unless (-d $run_dir) {
- mkdir $run_dir or die "[*] Could not mkdir $run_dir: $!";
+ for my $dir ($output_dir, $run_dir) {
+ next if -d $dir;
+ mkdir $dir or die "[*] Could not mkdir $dir: $!";
}
- for my $file (glob("$output_dir/*.test")) {
+ for my $file (glob("$output_dir/*.test"), "$output_dir/init",
+ $tmp_rc_file, $logfile, $key_gen_file) {
+ next unless -d $file;
unlink $file or die "[*] Could not unlink($file)";
}
- if (-e "$output_dir/init") {
- unlink "$output_dir/init" or die $!;
- }
- if (-e $tmp_rc_file) {
- unlink $tmp_rc_file or die $!;
- }
-
- if (-e $logfile) {
- unlink $logfile or die $!;
- }
if ($test_include) {
@tests_to_include = split /\s*,\s*/, $test_include;
projects / fwknop.git / commitdiff