[prev in list] [next in list] [prev in thread] [next in thread]
List: tmda-cvs
Subject: CVS: tmda/bin ChangeLog,1.74,1.75 tmda-keygen,1.10,1.11
From: "Jason R. Mastaler" <jasonrm () users ! sourceforge ! net>
Date: 2001-09-17 23:52:24
[Download RAW message or body]
Update of /cvsroot/tmda/tmda/bin
In directory usw-pr-cvs1:/tmp/cvs-serv17308/bin
Modified Files:
ChangeLog tmda-keygen
Log Message:
When /dev/urandom is not available, warn the user that use of a
cryptographic random number generator is preferred. This is because
the pseudo-random data collected from the system is more easily
guessed.
Index: ChangeLog
===================================================================
RCS file: /cvsroot/tmda/tmda/bin/ChangeLog,v
retrieving revision 1.74
retrieving revision 1.75
diff -u -r1.74 -r1.75
--- ChangeLog 2001/09/13 22:46:13 1.74
+++ ChangeLog 2001/09/17 23:52:22 1.75
@@ -1,3 +1,9 @@
+2001-09-17 Jason R. Mastaler <jasonrm@nightshade.la.mastaler.com>
+
+ * tmda-keygen (keygen): When /dev/urandom is not available, warn
+ the user that use of a cryptographic random number generator is
+ preferred.
+
2001-09-13 Jason R. Mastaler <jasonrm@nightshade.la.mastaler.com>
* tmda-filter (main): Support a "revoked" list of recipient
Index: tmda-keygen
===================================================================
RCS file: /cvsroot/tmda/tmda/bin/tmda-keygen,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- tmda-keygen 2001/09/13 16:04:48 1.10
+++ tmda-keygen 2001/09/17 23:52:22 1.11
@@ -7,7 +7,7 @@
Where:
-b
--batch
- Output only the CRYPT_KEY line.
+ Output only the CRYPT_KEY.
--help
-h
@@ -32,7 +32,8 @@
try:
opts, args = getopt.getopt(sys.argv[1:],
- 'bh', ['batch','help'])
+ 'bh',
+ ['batch','help'])
except getopt.error, msg:
usage(1, msg)
@@ -53,13 +54,23 @@
def keygen():
# Use the kernel's random number generator if available.
- if os.path.exists("/dev/urandom"):
- key = open("/dev/urandom","rb").read(20)
- # Otherwise generate some pseudo-random data from the system
- # and use the SHA of resulting key as the key.
+ randomdev = '/dev/urandom'
+ if os.path.exists(randomdev):
+ key = open(randomdev,'rb').read(20)
else:
+ # Otherwise generate some pseudo-random data from the system
+ # and use the SHA of resulting key as the key.
import sha
- print "Collecting pseudo-random data from the system..\n"
+ if not batch:
+ # Warn user that use of a cryptographic random number
+ # generator is preferred.
+ warning = ("key generation on a system without a "
+ + randomdev + " device is not recommended!")
+ print "WARNING:"
+ print '*' * len(warning)
+ print warning
+ print '*' * len(warning)
+ print
unpredictable = ( "date",
"fstat",
"iostat",
@@ -76,22 +87,29 @@
if commands.getstatusoutput(i)[0] == 0:
key_data = key_data + os.popen(i).read()
key = sha.new(key_data + "key").digest()
-
return Util.hexlify(key)
+
+
+def main():
+
+ if not batch:
+ print "Generating a unique, 160-bit private key, please wait a moment.."
+ print
+
+ key = keygen()
+
+ if len(key) != 40:
+ print "Oops, generated key is not 40-characters long, exiting!"
+ sys.exit()
+
+ print "CRYPT_KEY =", '"' + key + '"'
+
+ if not batch:
+ print
+ print "Now paste the above line into your ~/.tmdarc file,"
+ print "and make sure to keep your key secret!"
+
-if not batch:
- print "Generating a unique, 160-bit private key, please wait a moment.."
- print
-
-key = keygen()
-
-if len(key) != 40:
- print "Oops, generated key is not 40-characters long, exiting!"
- sys.exit()
-
-print "CRYPT_KEY =", '"' + key + '"'
-
-if not batch:
- print
- print "Now paste this line into your ~/.tmdarc file,"
- print "and make sure to keep your key secret!"
+# This is the end my friend.
+if __name__ == '__main__':
+ main()
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic