libzmq/tools/curve_keygen.c

/*
    Copyright (c) 2007-2013 Contributors as noted in the AUTHORS file

    This file is part of 0MQ.

    This tool generates a keypair for the libzmq CURVE security mechanism, 
    and encodes the keypair to give two printable strings that you can use 
    in configuration files or source code. The encoding uses Z85, which is 
    a base-85 format that is described in 0MQ RFC 32, and which has an 
    implementation in the Z85.c source used by this tool. The keypair 
    always works with the secret key held by one party and the public key 
    distributed (securely!) to peers wishing to connect to it. CURVE is 
    defined by http://rfc.zeromq.org/spec:25. Z85 is defined by 
    http://rfc.zeromq.org/spec:32.

    0MQ is free software; you can redistribute it and/or modify it under
    the terms of the GNU Lesser General Public License as published by
    the Free Software Foundation; either version 3 of the License, or
    (at your option) any later version.

    0MQ is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU Lesser General Public License for more details.

    You should have received a copy of the GNU Lesser General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/

#include <stdio.h>
#include <stdlib.h>
#include <assert.h>
#include <sodium.h>
#include "z85_codec.h"

int main (void)
{
#   if crypto_box_PUBLICKEYBYTES != 32 \
    || crypto_box_SECRETKEYBYTES != 32
#   error "libsodium not built correctly"
#   endif
    
    puts ("This tool generates a keypair for the libzmq CURVE security mechanism,");
    puts ("and encodes the keypair to give two printable strings that you can use");
    puts ("in configuration files or source code. The encoding uses Z85, which is");
    puts ("a base-85 format that is described in 0MQ RFC 32, and which has an");
    puts ("implementation in the Z85.c source used by this tool. The keypair");
    puts ("always works with the secret key held by one party and the public key");
    puts ("distributed (securely!) to peers wishing to connect to it. CURVE is");
    puts ("defined by http://rfc.zeromq.org/spec:25. Z85 is defined by");
    puts ("http://rfc.zeromq.org/spec:32.");

    uint8_t public_key [32];
    uint8_t secret_key [32];

    int rc = crypto_box_keypair (public_key, secret_key);
    assert (rc == 0);
    
    char encoded [41];
    Z85_encode (encoded, public_key, 32);
    puts ("\n== CURVE PUBLIC KEY ==");
    puts (encoded);
    
    Z85_encode (encoded, secret_key, 32);
    puts ("\n== CURVE SECRET KEY ==");
    puts (encoded);

    exit (0);
}
Added options for CURVE security - ZMQ_CURVE_PUBLICKEY for clients and servers - ZMQ_CURVE_SECRETKEY for clients - ZMQ_CURVE_SERVERKEY for clients - ZMQ_CURVE_SERVER for servers - added tools/curve_keygen.c as example - updated man pages 2013-06-20 18:09:12 +02:00			`/*`
			`Copyright (c) 2007-2013 Contributors as noted in the AUTHORS file`

			`This file is part of 0MQ.`

Added Z85 support The use of binary for CURVE keys is painful; you cannot easily copy these in e.g. email, or use them directly in source code. There are various encoding possibilities. Base16 and Base64 are not optimal. Ascii85 is not safe for source (it generates quotes and escapes). So, I've designed a new Base85 encoding, Z85, which is safe to use in code and elsewhere, and I've modified libzmq to use this where it also uses binary keys (in get/setsockopt). Very simply, if you use a 32-byte value, it's Base256 (binary), and if you use a 40-byte value, it's Base85 (Z85). I've put the Z85 codec into z85_codec.hpp, it's not elegant C++ but it is minimal and it works. Feel free to rewrap as a real class if this annoys you. 2013-06-28 22:10:22 +02:00			`This tool generates a keypair for the libzmq CURVE security mechanism,`
			`and encodes the keypair to give two printable strings that you can use`
			`in configuration files or source code. The encoding uses Z85, which is`
			`a base-85 format that is described in 0MQ RFC 32, and which has an`
			`implementation in the Z85.c source used by this tool. The keypair`
			`always works with the secret key held by one party and the public key`
			`distributed (securely!) to peers wishing to connect to it. CURVE is`
			`defined by http://rfc.zeromq.org/spec:25. Z85 is defined by`
			`http://rfc.zeromq.org/spec:32.`

Added options for CURVE security - ZMQ_CURVE_PUBLICKEY for clients and servers - ZMQ_CURVE_SECRETKEY for clients - ZMQ_CURVE_SERVERKEY for clients - ZMQ_CURVE_SERVER for servers - added tools/curve_keygen.c as example - updated man pages 2013-06-20 18:09:12 +02:00			`0MQ is free software; you can redistribute it and/or modify it under`
			`the terms of the GNU Lesser General Public License as published by`
			`the Free Software Foundation; either version 3 of the License, or`
			`(at your option) any later version.`

			`0MQ is distributed in the hope that it will be useful,`
			`but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`GNU Lesser General Public License for more details.`

			`You should have received a copy of the GNU Lesser General Public License`
			`along with this program. If not, see <http://www.gnu.org/licenses/>.`
			`*/`

			`#include <stdio.h>`
			`#include <stdlib.h>`
			`#include <assert.h>`
			`#include <sodium.h>`
Added Z85 support The use of binary for CURVE keys is painful; you cannot easily copy these in e.g. email, or use them directly in source code. There are various encoding possibilities. Base16 and Base64 are not optimal. Ascii85 is not safe for source (it generates quotes and escapes). So, I've designed a new Base85 encoding, Z85, which is safe to use in code and elsewhere, and I've modified libzmq to use this where it also uses binary keys (in get/setsockopt). Very simply, if you use a 32-byte value, it's Base256 (binary), and if you use a 40-byte value, it's Base85 (Z85). I've put the Z85 codec into z85_codec.hpp, it's not elegant C++ but it is minimal and it works. Feel free to rewrap as a real class if this annoys you. 2013-06-28 22:10:22 +02:00			`#include "z85_codec.h"`
Added options for CURVE security - ZMQ_CURVE_PUBLICKEY for clients and servers - ZMQ_CURVE_SECRETKEY for clients - ZMQ_CURVE_SERVERKEY for clients - ZMQ_CURVE_SERVER for servers - added tools/curve_keygen.c as example - updated man pages 2013-06-20 18:09:12 +02:00
			`int main (void)`
			`{`
			`# if crypto_box_PUBLICKEYBYTES != 32 \`
			`\|\| crypto_box_SECRETKEYBYTES != 32`
			`# error "libsodium not built correctly"`
			`# endif`
Added Z85 support The use of binary for CURVE keys is painful; you cannot easily copy these in e.g. email, or use them directly in source code. There are various encoding possibilities. Base16 and Base64 are not optimal. Ascii85 is not safe for source (it generates quotes and escapes). So, I've designed a new Base85 encoding, Z85, which is safe to use in code and elsewhere, and I've modified libzmq to use this where it also uses binary keys (in get/setsockopt). Very simply, if you use a 32-byte value, it's Base256 (binary), and if you use a 40-byte value, it's Base85 (Z85). I've put the Z85 codec into z85_codec.hpp, it's not elegant C++ but it is minimal and it works. Feel free to rewrap as a real class if this annoys you. 2013-06-28 22:10:22 +02:00
			`puts ("This tool generates a keypair for the libzmq CURVE security mechanism,");`
			`puts ("and encodes the keypair to give two printable strings that you can use");`
			`puts ("in configuration files or source code. The encoding uses Z85, which is");`
			`puts ("a base-85 format that is described in 0MQ RFC 32, and which has an");`
			`puts ("implementation in the Z85.c source used by this tool. The keypair");`
			`puts ("always works with the secret key held by one party and the public key");`
			`puts ("distributed (securely!) to peers wishing to connect to it. CURVE is");`
			`puts ("defined by http://rfc.zeromq.org/spec:25. Z85 is defined by");`
			`puts ("http://rfc.zeromq.org/spec:32.");`
Added options for CURVE security - ZMQ_CURVE_PUBLICKEY for clients and servers - ZMQ_CURVE_SECRETKEY for clients - ZMQ_CURVE_SERVERKEY for clients - ZMQ_CURVE_SERVER for servers - added tools/curve_keygen.c as example - updated man pages 2013-06-20 18:09:12 +02:00
			`uint8_t public_key [32];`
			`uint8_t secret_key [32];`

			`int rc = crypto_box_keypair (public_key, secret_key);`
			`assert (rc == 0);`
Added Z85 support The use of binary for CURVE keys is painful; you cannot easily copy these in e.g. email, or use them directly in source code. There are various encoding possibilities. Base16 and Base64 are not optimal. Ascii85 is not safe for source (it generates quotes and escapes). So, I've designed a new Base85 encoding, Z85, which is safe to use in code and elsewhere, and I've modified libzmq to use this where it also uses binary keys (in get/setsockopt). Very simply, if you use a 32-byte value, it's Base256 (binary), and if you use a 40-byte value, it's Base85 (Z85). I've put the Z85 codec into z85_codec.hpp, it's not elegant C++ but it is minimal and it works. Feel free to rewrap as a real class if this annoys you. 2013-06-28 22:10:22 +02:00
z85 encoding buffer overrun 2013-09-05 15:18:42 +02:00			`char encoded [41];`
Added Z85 support The use of binary for CURVE keys is painful; you cannot easily copy these in e.g. email, or use them directly in source code. There are various encoding possibilities. Base16 and Base64 are not optimal. Ascii85 is not safe for source (it generates quotes and escapes). So, I've designed a new Base85 encoding, Z85, which is safe to use in code and elsewhere, and I've modified libzmq to use this where it also uses binary keys (in get/setsockopt). Very simply, if you use a 32-byte value, it's Base256 (binary), and if you use a 40-byte value, it's Base85 (Z85). I've put the Z85 codec into z85_codec.hpp, it's not elegant C++ but it is minimal and it works. Feel free to rewrap as a real class if this annoys you. 2013-06-28 22:10:22 +02:00			`Z85_encode (encoded, public_key, 32);`
			`puts ("\n== CURVE PUBLIC KEY ==");`
			`puts (encoded);`

			`Z85_encode (encoded, secret_key, 32);`
			`puts ("\n== CURVE SECRET KEY ==");`
			`puts (encoded);`

Added options for CURVE security - ZMQ_CURVE_PUBLICKEY for clients and servers - ZMQ_CURVE_SECRETKEY for clients - ZMQ_CURVE_SERVERKEY for clients - ZMQ_CURVE_SERVER for servers - added tools/curve_keygen.c as example - updated man pages 2013-06-20 18:09:12 +02:00			`exit (0);`
			`}`