Re: MD5 key naming instead of IP's/hostnames

Mon, 27 Jun 2011 16:11:08 -0700 

Hello again,

I solved my problem, this code doesn't follow strictly the cfengine code
pattern but could be useful for someone as was usuful for me.

ncode@karoly:~/Devel/locaweb/cfengine/cfengine-3.1.5/src$ ./cf-hash -f
/tmp/ncode.pub
Using key: /tmp/ncode.pub
Key hash value: root-MD5=1107ecac56dc91d30b3b8f22d275eae4.pub
ncode@karoly:~/Devel/locaweb/cfengine/cfengine-3.1.5/src$ cat cf-hash.c
#include "cf3.defs.h"
#include "cf3.extern.h"

void GetMD5KeyHash(void);

int main(int argc, char **argv){

    THIS_AGENT_TYPE = cf_keygen;
    GenericInitialize(0, 0, "keygenerator");

    extern char *optarg;
    int optindex = 0;
    int c;

    while ((c=getopt_long(argc, argv, "f:", NULL, &optindex)) != EOF) {
        switch ((char) c){
            case 'f':
                snprintf(CFPUBKEYFILE, CF_BUFSIZE, "%s", optarg);
                break;
            default:
                printf("Usage cf-hash -f /path/to/key.pub\n");
                exit(1);
        }
    }

    if ((argc != 3) && (strcmp(argv[1], "-f") != 0)){
        printf("Usage cf-hash -f /path/to/key.pub\n");
        exit(1);
    }

    GetMD5KeyHash();
    GenericDeInitialize();
    return 0;
}

void GetMD5KeyHash() {

    FILE *fp;
    static char *passphrase = "Cfengine passphrase", name[CF_BUFSIZE],
source[CF_BUFSIZE];
    char guard[CF_MAXVARSIZE];
    unsigned char digest[EVP_MAX_MD_SIZE+1];
    unsigned long err;
    struct stat sb;

    printf("Using key: %s\n", CFPUBKEYFILE);

    if ((fp = fopen(CFPUBKEYFILE, "r")) == NULL){
        CfOut(cf_error, "fopen", "Couldn't find a public key (%s) - use
cf-key to get one", CFPUBKEYFILE);
        return;
    }

    if ((PUBKEY = PEM_read_RSAPublicKey(fp, NULL, NULL, passphrase)) ==
NULL){
        err = ERR_get_error();
        CfOut(cf_error, "PEM_read", "Error reading public Key = %s\n",
ERR_reason_error_string(err));
        PUBKEY = NULL;
        fclose(fp);
        return;
    }

    CfOut(cf_verbose, "", " -> Loaded public key %s\n", CFPUBKEYFILE);
    fclose(fp);

    if (BN_num_bits(PUBKEY->e) < 2 || !BN_is_odd(PUBKEY->e)){
        FatalError("RSA Exponent too small or not odd");
    }

    HashPubKey(PUBKEY, digest, CF_DEFAULT_DIGEST);
    snprintf(name, CF_MAXVARSIZE, "%s-%s.pub", "root",
HashPrint(CF_DEFAULT_DIGEST, digest));
    printf("Key hash value: %s\n", name);
}

On Mon, Jun 27, 2011 at 4:59 PM, Luiz Viana <[email protected]>wrote:

> **
> Is there any algorithm we can use to obtain the correct filename for the
> key on each server using any programming language instead of using
> cf-promises and cf-key tools?
>
> Thanks!
>
>   --
> *Luiz Viana*
>
> _______________________________________________
> Help-cfengine mailing list
> [email protected]
> https://cfengine.org/mailman/listinfo/help-cfengine
>
>

_______________________________________________
Help-cfengine mailing list
[email protected]
https://cfengine.org/mailman/listinfo/help-cfengine

Reply via email to