Generate crypto keys, make sure new accounts don't overwrite built-in timelines

src/controller/admin.c

@@ -4,6 +4,7 @@
 #include "src/model/server.h"
 #include "src/model/owner.h"
 #include "src/model/account.h"
+#include "src/model/crypto/keys.h"
 
 // View
 
@@ -14,6 +15,7 @@
 #include "form.h"
 #include "format.h"
 #include "http/server/request.h"
+#include "ffdb/fs_list.h"
 
 // Platform Headers
 #include <string.h>
@@ -83,6 +85,15 @@ bool handle_admin_initial_owner_setup( struct http_request* req )
 			account_free(public);
 		}
 
+		fs_list_set( "data/accounts/HEAD", 3 );
+
+		// Create RSA public/private keys
+		struct crypto_keys* keys = crypto_keys_new();
+		crypt_keys_generate(keys);
+		crypto_keys_save_public(keys,"data/owner/public.pem");
+		crypto_keys_save_private(keys,"data/owner/private.pem");
+		crypto_keys_free(keys);
+
 		bool success = false;
 		char* password = NULL;
 		char* confirm = NULL;

src/model/crypto/keys.c

@@ -66,6 +66,41 @@ bool crypto_keys_load_public( struct crypto_keys* keys, const char* filename )
 
 	return !!keys->pubkey;
 }
+void crypt_keys_generate( struct crypto_keys* keys )
+{
+	if( keys->privkey ) {
+		EVP_PKEY_free( keys->privkey );
+		keys->privkey = NULL;
+	}
+	if( keys->pubkey ) {
+		EVP_PKEY_free( keys->pubkey );
+		keys->pubkey = NULL;
+	}
+
+	EVP_PKEY_CTX* pkey_context = EVP_PKEY_CTX_new_id( EVP_PKEY_RSA, NULL );
+	EVP_PKEY_keygen_init( pkey_context );
+	EVP_PKEY_CTX_set_rsa_keygen_bits( pkey_context, 2048 );
+	EVP_PKEY_keygen( pkey_context, &keys->privkey );
+
+	keys->pubkey = keys->privkey;
+	EVP_PKEY_up_ref(keys->pubkey);
+}
+void crypto_keys_save_public( struct crypto_keys* keys, const char* filename )
+{
+	FILE* f = fopen( filename, "w");
+	if( !f ) { return; }
+
+	PEM_write_PUBKEY( f, keys->pubkey );
+	fclose(f);
+}
+void crypto_keys_save_private( struct crypto_keys* keys, const char* filename )
+{
+	FILE* f = fopen( filename, "w");
+	if( !f ) { return; }
+
+	PEM_write_PrivateKey( f, keys->privkey, NULL, NULL, 0, NULL, NULL );
+	fclose(f);
+}
 
 char* crypto_keys_sign( struct crypto_keys* keys, void* data, unsigned int size )
 {

src/model/crypto/keys.h

@@ -10,6 +10,9 @@ void crypto_keys_free( struct crypto_keys* keys );
 
 bool crypto_keys_load_public ( struct crypto_keys* keys, const char* filename );
 bool crypto_keys_load_private( struct crypto_keys* keys, const char* filename );
+void crypt_keys_generate( struct crypto_keys* keys );
+void crypto_keys_save_public( struct crypto_keys* keys, const char* filename );
+void crypto_keys_save_private( struct crypto_keys* keys, const char* filename );
 
 char* crypto_keys_sign( struct crypto_keys* keys, void* data, unsigned int size );
 bool crypto_keys_verify( struct crypto_keys* keys, void* data, unsigned int size, char* signature );

src/util

@@ -1 +1 @@
-Subproject commit ba60545243b76be32b5b626c4bcf01929c099bfc
+Subproject commit 74376d45529aa0b5e845cddd00005ee2aedcc66f