6 #include "authcmdlib.h"
16 int convert(char**, int);
20 main(int argc, char *argv[])
46 /* get original key */
48 print("enter password file is encoded with\n");
49 getpass(&okey, nil, 0, 1);
54 print("enter password to reencode with\n");
55 getpass(&nkey, nil, 0, 1);
58 fd = open(file, ORDWR);
60 error("can't open %s: %r\n", file);
63 error("can't stat %s: %r\n", file);
67 error("out of memory");
68 if(read(fd, p, len) != len)
69 error("can't read key file: %r\n");
70 len = convert(&p, len);
71 if(pwrite(fd, p, len, 0) != len)
72 error("can't write key file: %r\n");
83 for (; *s != '\0'; s += n) {
84 n = chartorune(&r, s);
92 convert(char **db, int len)
94 int i, nu, keydblen, keydboff, keydbaes;
99 keydbaes = len > 24 && memcmp(p, "AES KEYS", 8) == 0;
101 keydblen += AESKEYLEN;
102 keydboff = 8+16; /* signature[8] + iv[16] */
107 fprint(2, "%s: file odd length; not converting %d bytes\n", argv0, len % keydblen);
108 len -= len % keydblen;
115 /* make sure we have aes key for decryption */
116 if(memcmp(okey.aes, zeros, AESKEYLEN) == 0){
117 fprint(2, "%s: no aes key in NVRAM\n", argv0);
120 setupAESstate(&s, okey.aes, AESKEYLEN, zeros);
121 aesCBCdecrypt((uchar*)p+8, len-8, &s);
126 des56to64((uchar*)okey.des, k);
127 setupDESstate(&s, k, zeros);
128 desCBCdecrypt((uchar*)p, len, &s);
132 for(i = keydboff; i < len; i += keydblen) {
133 if (badname(&p[i])) {
134 fprint(2, "%s: bad name %.30s... - aborting\n", argv0, &p[i]);
141 for(i = keydboff; i < len; i += keydblen)
142 print("%s\n", &p[i]);
146 if(convaes && !keydbaes){
150 keydblen += AESKEYLEN;
151 len = keydboff + keydblen*nu;
154 error("out of memory");
156 s = p + KEYDBOFF + nu*KEYDBLEN;
157 d = p + keydboff + nu*keydblen;
161 memmove(d, s, KEYDBLEN);
162 memset(d + KEYDBLEN, 0, keydblen-KEYDBLEN);
167 genrandom((uchar*)p, keydboff);
171 memmove(p, "AES KEYS", 8);
172 setupAESstate(&s, nkey.aes, AESKEYLEN, zeros);
173 aesCBCencrypt((uchar*)p+8, len-8, &s);
178 des56to64((uchar*)nkey.des, k);
179 setupDESstate(&s, k, zeros);
180 desCBCencrypt((uchar*)p, len, &s);
188 fprint(2, "usage: %s [-pva] keyfile\n", argv0);