Key Generator and Storage System

For this assignment, write a program that generates cryptographic keys
for users and stores them.  The keys are to be stored encrypted, and may
be retrieved by other users.

The deliverables include three programs: a generator/store program, a
retrieval program, and a deletion program.  Some of these programs
MUST be setUID.  I do not specify which because that is one of the
design choices you must make.

The first program, hwkeygen, generates 16 random bytes, encrypts
them with a user-specified passphrase, and stores them somewhere.
The user specifies a "key name"; this is used for the other
operations.  Users may have more than one key stored at any given
time.  The choice of API is up to you, but be prepared to justify
the security properties of your choice.

The second program, hwkeyget, retrieves keys.   It takes two
arguments:

	hwkeyget username keyname

That is, it gets for a specified key created by the specified user and
writes it to stdout.  It must decrypt the key, since keys are stored
encrypted.

The third program, hwkeydel, deletes a key:

	hwkeydel username keyname

To do encryption and decryption, use the SSL library routines
BF_set_key and BF_cbc_encrypt().  You'll need to use -lssl when you
compile.  The easiest way to do that is to add this line to your Makefile:

	LDFLAGS=-lssl

See the man page on BF_cbc_encrypt() on the CLIC machines.  Other useful
routines are getpwnam() and getpass(); again, see the man pages.  Use
the supplied passphase directly as the encryption key.  (There are
much better ways to do that, but they're out of scope for this class.)

As on homework 2, install this on your virtual machine.

Among the issues you must consider are where the encrypted keys are to
be stored.  In a per-user directory?  A per-system directory?  What access
controls should be applied to deletion requests?  Does the system detect
incorrect passphrases for decryption?  How?