- add GPL-licensed keyrand replacement (#20254)

.cvsignore

@@ -1,4 +1 @@
-crypto-rand-1.1.tar.gz
-genkey.1
-certwatch.1
-i386
+*.rpm

crypto-utils.spec

@@ -1,16 +1,17 @@
 
-%define crver 1.1
+%define crver 1.3
 
 Summary: SSL certificate and key management utilities
 Name: crypto-utils
-Version: 2.2
-Release: 9.2.2
+Version: 2.3
+Release: 1
 Source: crypto-rand-%{crver}.tar.gz
 Source1: genkey.pl
 Source2: certwatch.c
 Source3: certwatch.cron
 Source4: certwatch.xml
 Source5: genkey.xml
+Source6: keyrand.c
 Group: Applications/System
 License: Various
 BuildRoot: %{_tmppath}/%{name}-%{version}-root
@@ -28,10 +29,14 @@ SSL certificates and keys.
 
 %build 
 %configure --with-newt=%{_prefix} CFLAGS="-fPIC $RPM_OPT_FLAGS -Wall"
-make
+make -C librand
 
 cc $RPM_OPT_FLAGS -Wall -Werror -I/usr/include/openssl \
    $RPM_SOURCE_DIR/certwatch.c -o certwatch -lcrypto
+
+cc $RPM_OPT_FLAGS -Wall -Werror \
+   $RPM_SOURCE_DIR/keyrand.c -o keyrand -lnewt
+
 for m in certwatch.xml genkey.xml; do
   xmlto man $RPM_SOURCE_DIR/$m
 done
@@ -70,7 +75,7 @@ mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/cron.daily \
          $RPM_BUILD_ROOT%{_bindir}
 
 # install keyrand
-install -c -m 755 keyrand/keyrand $RPM_BUILD_ROOT%{_bindir}/keyrand
+install -c -m 755 keyrand $RPM_BUILD_ROOT%{_bindir}/keyrand
 
 # install certwatch
 install -c -m 755 certwatch $RPM_BUILD_ROOT%{_bindir}/certwatch
@@ -101,6 +106,9 @@ sed -e "s|^\$bindir.*$|\$bindir = \"%{_bindir}\";|" \
 %{_mandir}/man1/*.1*
 
 %changelog
+* Thu Aug 17 2006 Joe Orton <jorton@redhat.com> 2.3-1
+- add GPL-licensed keyrand replacement (#20254)
+
 * Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 2.2-9.2.2
 - rebuild
 

keyrand.c

@@ -0,0 +1,155 @@
+/* 
+   keyrand implementation using /dev/random
+   Copyright (C) 2006 Red Hat, Inc.
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+  
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+  
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+*/
+
+#include <sys/types.h>
+
+#include <unistd.h>
+#include <string.h>
+#include <stdio.h>
+#include <fcntl.h>
+#include <errno.h>
+#include <stdlib.h>
+
+#include <slang/slang.h>
+#include <newt.h>
+
+static void collect_bytes(int fd, char *buffer, int total)
+{
+    int count;
+    newtComponent title, form, scale;
+    char message[1024];
+    newtGrid box;
+
+    box = newtCreateGrid(1, 3);
+
+    snprintf(message, sizeof message,
+             "To generate %u random bits from the "
+             "kernel random number generator, some "
+             "keyboard or mouse input may be necessary at the "
+             "console for this host.  Please try entering "
+             "some random text or moving the mouse, if "
+             "running this program locally.", total * 8);
+    
+    title = newtTextboxReflowed(1, 1, message, 60, 10, 0, 0);
+    
+    newtGridSetField(box, 0, 0, NEWT_GRID_COMPONENT, title,
+		     0, 0, 0, 0, 0, 0);
+    
+    /* The progress bar */
+    scale = newtScale(0, 0, 30, total);
+    newtScaleSet(scale, 0);
+    
+    newtGridSetField(box, 0, 1, NEWT_GRID_COMPONENT, scale,
+		     0, 1, 0, 0, 0, 0);
+
+    form = newtForm(NULL, NULL, 0);
+    newtGridAddComponentsToForm(box, form, 1);
+    
+    newtGridWrappedWindow(box, "Collecting random data");
+    
+    newtDrawForm(form);
+
+    count = 0;
+
+    do {
+        ssize_t rv;
+        
+        newtScaleSet(scale, count);
+        newtRefresh();
+
+        rv = read(fd, buffer + count, total - count);
+        if (rv == -1 && errno == EINTR) continue;
+        else if (rv < 0) {
+            newtWinMessage("Error", "Exit", 
+                           "Error reading from /dev/random");
+            newtFinished();
+            exit(1);
+        }
+
+	SLang_flush_input();
+        count += rv;
+    } while (count < total);
+
+    newtFormDestroy(form);
+}
+    
+
+int main(int argc, char **argv)
+{
+    const char *output;
+    int bits, bytes, fd, rfd;
+    char *buffer;
+
+    if (argc < 3) {
+        fprintf(stderr, "Usage: keyrand <number-of-bits> <output-file>\n");
+        exit(1);
+    }
+    
+    bits = atoi(argv[1]);
+    output = argv[2];
+    fd = open(output, O_APPEND|O_WRONLY);
+    rfd = open("/dev/random", O_RDONLY);
+    
+    newtInit();
+    newtCls();
+    
+    newtDrawRootText(0, 0, 
+                     "Red Hat Keypair Generation (c) 2006 Red Hat, Inc.");
+    
+    if (fd < 0) {
+        newtWinMessage("Error", "Exit", "Could not open output file");
+        newtFinished();
+        exit(1);
+    }
+    else if (rfd < 0) {
+        newtWinMessage("Error", "Exit", "Could not open /dev/random");
+        newtFinished();
+        exit(1);
+    }
+    else if (bits < 8 || bits > 800 * 1024) {
+        newtWinMessage("Error", "Exit", "More than 8 bits must be requested");
+        newtFinished();
+        exit(1);
+    }
+    
+    bytes = bits / 8;
+    buffer = malloc(bytes);
+    sleep(1);
+
+    collect_bytes(rfd, buffer, bytes);
+    
+    if (write(fd, buffer, bytes) != bytes || close(fd)) {
+        newtWinMessage("Error", "Exit", "Error writing to random file");
+        newtFinished();
+        exit(1);
+    }
+
+    newtFinished();
+    
+    newtRefresh();
+
+    sleep(1);
+    newtPopWindow();
+    SLang_flush_input();
+    newtClearKeyBuffer();
+
+    return 0;
+}
+

sources

@@ -1 +1,2 @@
-d641143f97864accb32debdebbff1994  crypto-rand-1.1.tar.gz
+baff6c3e015fb39c36342528e4b3eaf8  crypto-rand-1.2.tar.gz
+38d908834753ff50c454ec3c69f8de6c  crypto-rand-1.3.tar.gz