From 5c4626638cf38d7106d9549d05f768406849ea20 Mon Sep 17 00:00:00 2001
From: Vsevolod Stakhov <vsevolod@highsecure.ru>
Date: Fri, 25 Sep 2015 00:43:34 +0100
Subject: [PATCH] Implement generating keypairs via rspamadm.

---
 src/libutil/http.c          |   7 ++-
 src/libutil/http.h          |   3 +-
 src/rspamadm/CMakeLists.txt |   2 +-
 src/rspamadm/commands.c     |   4 +-
 src/rspamadm/keypair.c      | 119 ++++++++++++++++++++++++++++++++++++
 src/rspamd.c                |   2 +-
 6 files changed, 130 insertions(+), 7 deletions(-)
 create mode 100644 src/rspamadm/keypair.c

diff --git a/src/libutil/http.c b/src/libutil/http.c
index 4405e3fc5..f1a1dac75 100644
--- a/src/libutil/http.c
+++ b/src/libutil/http.c
@@ -2230,13 +2230,14 @@ rspamd_http_print_key_component (guchar *data, gsize datalen,
 		g_string_append_printf (res, "%s", b32);
 		g_free (b32);
 	}
+	else if (how & RSPAMD_KEYPAIR_HEX) {
+		rspamd_printf_gstring (res, "%*xs", (gint)datalen, data);
+	}
 	else {
 		g_string_append_len (res, data, datalen);
 	}
 
-	if (how & RSPAMD_KEYPAIR_HUMAN) {
-		g_string_append_c (res, '\n');
-	}
+	g_string_append_c (res, '\n');
 }
 
 GString *
diff --git a/src/libutil/http.h b/src/libutil/http.h
index efd6d1e17..ffc820ce8 100644
--- a/src/libutil/http.h
+++ b/src/libutil/http.h
@@ -199,7 +199,8 @@ gboolean rspamd_http_connection_is_encrypted (struct rspamd_http_connection *con
 /** Encode output with base 32 */
 #define RSPAMD_KEYPAIR_BASE32 0x8
 /** Human readable output */
-#define RSPAMD_KEYPAIR_HUMAN 0x16
+#define RSPAMD_KEYPAIR_HUMAN 0x10
+#define RSPAMD_KEYPAIR_HEX 0x20
 /**
  * Print keypair encoding it if needed
  * @param key key to print
diff --git a/src/rspamadm/CMakeLists.txt b/src/rspamadm/CMakeLists.txt
index 7518985a6..915dfc622 100644
--- a/src/rspamadm/CMakeLists.txt
+++ b/src/rspamadm/CMakeLists.txt
@@ -1,4 +1,4 @@
-SET(RSPAMADMSRC rspamadm.c commands.c pw.c)
+SET(RSPAMADMSRC rspamadm.c commands.c pw.c keypair.c)
 
 ADD_EXECUTABLE(rspamadm ${RSPAMADMSRC})
 TARGET_LINK_LIBRARIES(rspamadm rspamd-server)
diff --git a/src/rspamadm/commands.c b/src/rspamadm/commands.c
index c8e61b6a7..65725b261 100644
--- a/src/rspamadm/commands.c
+++ b/src/rspamadm/commands.c
@@ -24,10 +24,12 @@
 #include "rspamadm.h"
 
 extern struct rspamadm_command pw_command;
+extern struct rspamadm_command keypair_command;
 
 const struct rspamadm_command *commands[] = {
 	&help_command,
 	&pw_command,
+	&keypair_command,
 	NULL
 };
 
@@ -52,4 +54,4 @@ rspamadm_search_command (const gchar *name)
 	}
 
 	return ret;
-}
\ No newline at end of file
+}
diff --git a/src/rspamadm/keypair.c b/src/rspamadm/keypair.c
new file mode 100644
index 000000000..746a9c294
--- /dev/null
+++ b/src/rspamadm/keypair.c
@@ -0,0 +1,119 @@
+/*
+ * Copyright (c) 2015, Vsevolod Stakhov
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *	 * Redistributions of source code must retain the above copyright
+ *	   notice, this list of conditions and the following disclaimer.
+ *	 * Redistributions in binary form must reproduce the above copyright
+ *	   notice, this list of conditions and the following disclaimer in the
+ *	   documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY AUTHOR ''AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL AUTHOR BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+#include "rspamadm.h"
+#include "cryptobox.h"
+#include "printf.h"
+#include "http.h"
+
+static gboolean hex_encode = FALSE;
+static gboolean raw = FALSE;
+
+static void rspamadm_keypair (gint argc, gchar **argv);
+static const char *rspamadm_keypair_help (gboolean full_help);
+
+struct rspamadm_command keypair_command = {
+		.name = "keypair",
+		.flags = 0,
+		.help = rspamadm_keypair_help,
+		.run = rspamadm_keypair
+};
+
+static GOptionEntry entries[] = {
+		{"hex",  'x', 0, G_OPTION_ARG_NONE,   &hex_encode,
+				"Use hex encoding",                         NULL},
+		{"raw", 'r', 0, G_OPTION_ARG_NONE, &raw,
+				"Print just keys, no description", NULL},
+		{NULL,       0,   0, G_OPTION_ARG_NONE, NULL, NULL, NULL}
+};
+
+static const char *
+rspamadm_keypair_help (gboolean full_help)
+{
+	const char *help_str;
+
+	if (full_help) {
+		help_str = "Create key pairs for httpcrypt\n"
+				"Usage: rspamadm keypair [-x -r]\n"
+				"Where options are:\n"
+				"-x encode with hex instead of base32\n"
+				"-r print raw base32/hex\n"
+				"--help: shows available options and commands";
+	}
+	else {
+		help_str = "Create encryption key pairs";
+	}
+
+	return help_str;
+}
+
+static void
+rspamadm_keypair (gint argc, gchar **argv)
+{
+	GOptionContext *context;
+	GError *error = NULL;
+	gpointer keypair;
+	GString *keypair_out;
+	gint how;
+
+	context = g_option_context_new (
+			"keypair - create encryption keys");
+	g_option_context_set_summary (context,
+			"Summary:\n  Rspamd administration utility version "
+					RVERSION
+					"\n  Release id: "
+					RID);
+	g_option_context_add_main_entries (context, entries, NULL);
+
+	if (!g_option_context_parse (context, &argc, &argv, &error)) {
+		fprintf (stderr, "option parsing failed: %s\n", error->message);
+		g_error_free (error);
+		exit (1);
+	}
+
+	keypair = rspamd_http_connection_gen_key ();
+	if (keypair == NULL) {
+		exit (EXIT_FAILURE);
+	}
+
+	how = RSPAMD_KEYPAIR_PUBKEY | RSPAMD_KEYPAIR_PRIVKEY;
+
+	if (hex_encode) {
+		how |= RSPAMD_KEYPAIR_HEX;
+	}
+	else {
+		how |= RSPAMD_KEYPAIR_BASE32;
+	}
+
+	if (!raw) {
+		how |= RSPAMD_KEYPAIR_HUMAN|RSPAMD_KEYPAIR_ID;
+	}
+
+	keypair_out = rspamd_http_connection_print_key (keypair, how);
+	rspamd_printf ("%v", keypair_out);
+
+	rspamd_http_connection_key_unref (keypair);
+	rspamd_explicit_memzero (keypair_out->str, keypair_out->len);
+}
diff --git a/src/rspamd.c b/src/rspamd.c
index e15a598a4..4faa2d36c 100644
--- a/src/rspamd.c
+++ b/src/rspamd.c
@@ -1168,7 +1168,7 @@ main (gint argc, gchar **argv, gchar **env)
 		keypair_out = rspamd_http_connection_print_key (keypair,
 				RSPAMD_KEYPAIR_PUBKEY|RSPAMD_KEYPAIR_PRIVKEY|RSPAMD_KEYPAIR_ID|
 				RSPAMD_KEYPAIR_BASE32|RSPAMD_KEYPAIR_HUMAN);
-		rspamd_printf ("%V", keypair_out);
+		rspamd_printf ("%v", keypair_out);
 		exit (EXIT_SUCCESS);
 	}
 
-- 
2.39.5