1 files changed, 115 insertions, 0 deletions
diff --git a/src/authkey.c b/src/authkey.c
new file mode 100644
index 00000000..cd284fb5
--- /dev/null
+++ b/src/authkey.c
@@ -0,0 +1,115 @@
+#include <assert.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <string.h>
+#include <errno.h>
+#include <stdio.h>
+#include <inttypes.h>
+#include <stdlib.h>
+#include <time.h>
+#include <limits.h>
+
+#include "authkey.h"
+#include "util.h"
+
+#define RANDOM_DEVICE "/dev/urandom"
+
+static int load(const char *fn, void *data, size_t length) {
+    int fd = -1, ret = -1;
+    ssize_t r;
+    
+    assert(fn && data && length);
+
+    if ((fd = open(fn, O_RDONLY)) < 0)
+        goto finish;
+
+    if ((r = pa_loop_read(fd, data, length)) < 0 || (size_t) r != length) {
+        ret = -2;
+        goto finish;
+    }
+
+    ret = 0;
+    
+finish:
+    if (fd >= 0)
+        close(fd);
+
+    return ret;
+}
+
+static int generate(const char *fn, void *data, size_t length) {
+    int fd = -1, random_fd = -1, ret = -1;
+    ssize_t r;
+    assert(fn && data && length);
+
+    if ((fd = open(fn, O_WRONLY|O_EXCL|O_CREAT, S_IRUSR | S_IWUSR)) < 0)
+        goto finish;
+    
+    if ((random_fd = open(RANDOM_DEVICE, O_RDONLY)) >= 0) {
+
+        if ((r = pa_loop_read(random_fd, data, length)) < 0 || (size_t) r != length) {
+            ret = -2;
+            goto finish;
+        }
+        
+    } else {
+        uint8_t *p;
+        size_t l;
+        fprintf(stderr, "WARNING: Failed to open entropy device '"RANDOM_DEVICE"': %s, falling back to unsecure pseudo RNG.\n", strerror(errno));
+
+        srandom(time(NULL));
+        
+        for (p = data, l = length; l > 0; p++, l--)
+            *p = (uint8_t) random();
+    }
+
+    if ((r = pa_loop_write(fd, data, length)) < 0 || (size_t) r != length) {
+        ret =  -2;
+        goto finish;
+    }
+
+    ret = 0;
+
+finish:
+    if (fd >= 0) {
+        if (ret != 0)
+            unlink(fn);
+        close(fd);
+    }
+    if (random_fd >= 0)
+        close(random_fd);
+
+    return ret;
+}
+
+int pa_authkey_load(const char *path, void *data, size_t length) {
+    int ret, i;
+
+    assert(path && data && length);
+    
+    for (i = 0; i < 10; i++) {
+        if ((ret = load(path, data, length)) < 0)
+            if (ret == -1 && errno == ENOENT)
+                if ((ret = generate(path,  data, length)) < 0)
+                    if (ret == -1 && errno == EEXIST)
+                        continue;
+        break;
+    }
+
+    if (ret < 0)
+        fprintf(stderr, "Failed to load authorization key '%s': %s\n", path, (ret == -1) ? strerror(errno) : "file corrupt");
+
+    return ret;
+}
+
+int pa_authkey_load_from_home(const char *fn, void *data, size_t length) {
+    char *home;
+    char path[PATH_MAX];
+
+    if (!(home = getenv("HOME")))
+        return -2;
+    
+    snprintf(path, sizeof(path), "%s/%s", home, fn);
+
+    return pa_authkey_load(path, data, length);
+}