diff --git a/src/twadmin/keygeneration.cpp b/src/twadmin/keygeneration.cpp index 5edb2a8..f8843eb 100644 --- a/src/twadmin/keygeneration.cpp +++ b/src/twadmin/keygeneration.cpp @@ -42,13 +42,6 @@ #include "twadminstrings.h" #include "core/usernotify.h" - -#ifndef _DEBUG -const cElGamalSig::KeySize TRIPWIRE_PUBLIC_KEYSIZE = cElGamalSig::KEY1024; -#else -const cElGamalSig::KeySize TRIPWIRE_PUBLIC_KEYSIZE = cElGamalSig::KEY1024; -#endif - struct tGK { bool doneFlag; @@ -76,7 +69,7 @@ struct tGK } }; -static void GeneratePublicPrivateKeys(void* pParams) +static void GeneratePublicPrivateKeys(void* pParams, const cElGamalSig::KeySize key_size) { tGK* pGK = (tGK*)pParams; @@ -99,7 +92,7 @@ static void GeneratePublicPrivateKeys(void* pParams) try { - keyfile.GenerateKeys(TRIPWIRE_PUBLIC_KEYSIZE, pGK->passphrase, pGK->passphraseLen); + keyfile.GenerateKeys(key_size, pGK->passphrase, pGK->passphraseLen); } catch(eKeyFile&) { @@ -136,7 +129,7 @@ static void GeneratePublicPrivateKeys(void* pParams) return; } -bool GenerateKey(const TCHAR* keyPath, wc16_string passphrase) +bool GenerateKey(const TCHAR* keyPath, wc16_string passphrase, const cElGamalSig::KeySize key_size) { #ifndef WORDS_BIGENDIAN passphrase.swapbytes(); @@ -160,7 +153,7 @@ bool GenerateKey(const TCHAR* keyPath, wc16_string passphrase) gk.keyPath = keyPath; #if IS_UNIX - GeneratePublicPrivateKeys(&gk); + GeneratePublicPrivateKeys(&gk, key_size); #endif if (gk.retValue != tGK::OK) diff --git a/src/twadmin/keygeneration.h b/src/twadmin/keygeneration.h index d2fe8fc..69be7df 100644 --- a/src/twadmin/keygeneration.h +++ b/src/twadmin/keygeneration.h @@ -44,7 +44,9 @@ #include "core/wchar16.h" #endif -bool GenerateKey(const TCHAR* keyPath, wc16_string passphrase); +#include "twcrypto/crypto.h" + +bool GenerateKey(const TCHAR* keyPath, wc16_string passphrase, const cElGamalSig::KeySize key_size); #endif diff --git a/src/twadmin/twadmincl.cpp b/src/twadmin/twadmincl.cpp index 19dc79a..f259640 100644 --- a/src/twadmin/twadmincl.cpp +++ b/src/twadmin/twadmincl.cpp @@ -1625,6 +1625,7 @@ private: wc16_string mLocalPassphrase; bool mGenerateSite; // A Site key has been specified. bool mGenerateLocal; // A Local key has been specified. + cElGamalSig::KeySize mKeySize; }; cTWAModeGenerateKeys::cTWAModeGenerateKeys() @@ -1633,6 +1634,7 @@ cTWAModeGenerateKeys::cTWAModeGenerateKeys() mSiteProvided = false; mGenerateSite = false; mGenerateLocal = false; + mKeySize = cElGamalSig::KEY1024; } cTWAModeGenerateKeys::~cTWAModeGenerateKeys() @@ -1648,6 +1650,8 @@ void cTWAModeGenerateKeys::InitCmdLineParser(cCmdLineParser& parser) parser.AddArg(cTWAdminCmdLine::LOCAL_KEY_FILE, TSTRING(_T("L")), TSTRING(_T("local-keyfile")), cCmdLineParser::PARAM_ONE); parser.AddArg(cTWAdminCmdLine::SITEPASSPHRASE, TSTRING(_T("Q")), TSTRING(_T("site-passphrase")), cCmdLineParser::PARAM_ONE); parser.AddArg(cTWAdminCmdLine::LOCALPASSPHRASE, TSTRING(_T("P")), TSTRING(_T("local-passphrase")), cCmdLineParser::PARAM_ONE); + parser.AddArg(cTWAdminCmdLine::KEY_SIZE, TSTRING(_T("K")), TSTRING(_T("key-size")), + cCmdLineParser::PARAM_ONE); } bool cTWAModeGenerateKeys::Init(const cConfigFile* cf, const cCmdLineParser& parser) @@ -1679,6 +1683,14 @@ bool cTWAModeGenerateKeys::Init(const cConfigFile* cf, const cCmdLineParser& par case cTWAdminCmdLine::LOCAL_KEY_FILE: mGenerateLocal = true; break; + case cTWAdminCmdLine::KEY_SIZE: + if(iter.ParamAt(0) == "2048") + mKeySize = cElGamalSig::KEY2048; + else if(iter.ParamAt(0) == "1024") + mKeySize = cElGamalSig::KEY1024; + else + throw eBadCmdLine(TSS_GetString(cTWAdmin, twadmin::STR_ERR2_INVALID_KEY_SIZE)); + break; } } @@ -1810,7 +1822,7 @@ int cTWAModeGenerateKeys::Execute(cErrorQueue* pQueue) // backup current file if it exists cFileUtil::BackupFile(mSiteKeyFile); - if (GenerateKey(mSiteKeyFile.c_str(), mSitePassphrase) == false) + if (GenerateKey(mSiteKeyFile.c_str(), mSitePassphrase, mKeySize) == false) return 1; } @@ -1856,7 +1868,7 @@ int cTWAModeGenerateKeys::Execute(cErrorQueue* pQueue) // backup current file if it exists cFileUtil::BackupFile(mLocalKeyFile); - if (GenerateKey(mLocalKeyFile.c_str(), mLocalPassphrase) == false) + if (GenerateKey(mLocalKeyFile.c_str(), mLocalPassphrase, mKeySize) == false) return 1; } diff --git a/src/twadmin/twadmincl.h b/src/twadmin/twadmincl.h index 9d319b2..1278071 100644 --- a/src/twadmin/twadmincl.h +++ b/src/twadmin/twadmincl.h @@ -119,6 +119,7 @@ public: LOCALPASSPHRASE, SITEPASSPHRASEOLD, LOCALPASSPHRASEOLD, + KEY_SIZE, PARAMS, // the final params diff --git a/src/twadmin/twadminstrings.cpp b/src/twadmin/twadminstrings.cpp index d32e94b..769dc10 100644 --- a/src/twadmin/twadminstrings.cpp +++ b/src/twadmin/twadminstrings.cpp @@ -182,6 +182,7 @@ TSS_BeginStringtable( cTWAdmin ) _T(" -S sitekey --site-keyfile sitekey\n") _T(" -P passphrase --local-passphrase passphrase\n") _T(" -Q passphrase --site-passphrase passphrase\n") + _T(" -K size --key-size size [1024 or 2048]\n") _T("\n") _T("The -v and -s options are mutually exclusive.\n") _T("Exactly one of -S or -L must be specified.\n") @@ -301,5 +302,7 @@ TSS_BeginStringtable( cTWAdmin ) TSS_StringEntry( twadmin::STR_ERR2_CREATE_CFG_SITEKEY_MISMATCH2, _T("\" does not match the keyfile specified in the new config file text \"") ), TSS_StringEntry( twadmin::STR_ERR2_CREATE_CFG_SITEKEY_MISMATCH3, _T("\".") ), + TSS_StringEntry( twadmin::STR_ERR2_INVALID_KEY_SIZE, _T("Invalid key size specified. Valid sizes are 1024 & 2048 bits.") ), + TSS_EndStringtable( cTWAdmin ) diff --git a/src/twadmin/twadminstrings.h b/src/twadmin/twadminstrings.h index 63116fa..4acaf26 100644 --- a/src/twadmin/twadminstrings.h +++ b/src/twadmin/twadminstrings.h @@ -152,7 +152,9 @@ TSS_BeginStringIds( twadmin ) STR_ERR2_CREATE_CFG_MISSING_KEYFILE, STR_ERR2_CREATE_CFG_SITEKEY_MISMATCH1, STR_ERR2_CREATE_CFG_SITEKEY_MISMATCH2, - STR_ERR2_CREATE_CFG_SITEKEY_MISMATCH3 + STR_ERR2_CREATE_CFG_SITEKEY_MISMATCH3, + + STR_ERR2_INVALID_KEY_SIZE TSS_EndStringIds( twadmin )