diff options
| author | Christian Grothoff <christian@grothoff.org> | 2011-10-11 09:43:04 +0000 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2011-10-11 09:43:04 +0000 |
| commit | d9d94d0e53d26af75ec8241383d166544ebd79f3 (patch) | |
| tree | 9080b73624389403a198257fe0547bb4634e64d2 /src/util/crypto_rsa.c | |
| parent | 2d792ee2e9cc0c993b8907e2c8edb0c2b8465343 (diff) | |
converting to GNUNET_LOG_from*
Diffstat (limited to 'src/util/crypto_rsa.c')
| -rw-r--r-- | src/util/crypto_rsa.c | 765 |
1 files changed, 391 insertions, 374 deletions
diff --git a/src/util/crypto_rsa.c b/src/util/crypto_rsa.c index 46778a8428..7f0c816924 100644 --- a/src/util/crypto_rsa.c +++ b/src/util/crypto_rsa.c @@ -37,6 +37,12 @@ #include "gnunet_crypto_lib.h" #include "gnunet_disk_lib.h" +#define LOG(kind,...) GNUNET_log_from (kind, "util", __VA_ARGS__) + +#define LOG_STRERROR(kind,syscall) GNUNET_log_from_strerror (kind, "util", syscall) + +#define LOG_STRERROR_FILE(kind,syscall,filename) GNUNET_log_from_strerror_file (kind, "util", syscall, filename) + /** * The private information of an RSA key pair. * NOTE: this must match the definition in crypto_ksk.c @@ -60,13 +66,13 @@ struct RsaPrivateKeyBinaryEncoded * Total size of the structure, in bytes, in big-endian! */ uint16_t len GNUNET_PACKED; - uint16_t sizen GNUNET_PACKED; /* in big-endian! */ - uint16_t sizee GNUNET_PACKED; /* in big-endian! */ - uint16_t sized GNUNET_PACKED; /* in big-endian! */ - uint16_t sizep GNUNET_PACKED; /* in big-endian! */ - uint16_t sizeq GNUNET_PACKED; /* in big-endian! */ - uint16_t sizedmp1 GNUNET_PACKED; /* in big-endian! */ - uint16_t sizedmq1 GNUNET_PACKED; /* in big-endian! */ + uint16_t sizen GNUNET_PACKED; /* in big-endian! */ + uint16_t sizee GNUNET_PACKED; /* in big-endian! */ + uint16_t sized GNUNET_PACKED; /* in big-endian! */ + uint16_t sizep GNUNET_PACKED; /* in big-endian! */ + uint16_t sizeq GNUNET_PACKED; /* in big-endian! */ + uint16_t sizedmp1 GNUNET_PACKED; /* in big-endian! */ + uint16_t sizedmq1 GNUNET_PACKED; /* in big-endian! */ /* followed by the actual values */ }; @@ -81,7 +87,7 @@ struct RsaPrivateKeyBinaryEncoded * a failure of the command 'cmd' with the message given * by gcry_strerror(rc). */ -#define LOG_GCRY(level, cmd, rc) do { GNUNET_log(level, _("`%s' failed at %s:%d with error: %s\n"), cmd, __FILE__, __LINE__, gcry_strerror(rc)); } while(0); +#define LOG_GCRY(level, cmd, rc) do { LOG(level, _("`%s' failed at %s:%d with error: %s\n"), cmd, __FILE__, __LINE__, gcry_strerror(rc)); } while(0); /** * If target != size, move target bytes to the @@ -92,10 +98,10 @@ static void adjust (unsigned char *buf, size_t size, size_t target) { if (size < target) - { - memmove (&buf[target - size], buf, size); - memset (buf, 0, target - size); - } + { + memmove (&buf[target - size], buf, size); + memset (buf, 0, target - size); + } } /** @@ -109,9 +115,9 @@ GNUNET_CRYPTO_rsa_key_create () gcry_sexp_t s_keyparam; GNUNET_assert (0 == - gcry_sexp_build (&s_keyparam, NULL, - "(genkey(rsa(nbits %d)(rsa-use-e 3:257)))", - HOSTKEY_LEN)); + gcry_sexp_build (&s_keyparam, NULL, + "(genkey(rsa(nbits %d)(rsa-use-e 3:257)))", + HOSTKEY_LEN)); GNUNET_assert (0 == gcry_pk_genkey (&s_key, s_keyparam)); gcry_sexp_release (s_keyparam); #if EXTRA_CHECKS @@ -134,7 +140,7 @@ GNUNET_CRYPTO_rsa_key_free (struct GNUNET_CRYPTO_RsaPrivateKey *hostkey) static int key_from_sexp (gcry_mpi_t * array, gcry_sexp_t sexp, const char *topname, - const char *elems) + const char *elems) { gcry_sexp_t list, l2; const char *s; @@ -142,44 +148,44 @@ key_from_sexp (gcry_mpi_t * array, gcry_sexp_t sexp, const char *topname, list = gcry_sexp_find_token (sexp, topname, 0); if (!list) - { - return 1; - } + { + return 1; + } l2 = gcry_sexp_cadr (list); gcry_sexp_release (list); list = l2; if (!list) - { - return 2; - } + { + return 2; + } idx = 0; for (s = elems; *s; s++, idx++) - { - l2 = gcry_sexp_find_token (list, s, 1); - if (!l2) - { - for (i = 0; i < idx; i++) - { - gcry_free (array[i]); - array[i] = NULL; - } - gcry_sexp_release (list); - return 3; /* required parameter not found */ - } - array[idx] = gcry_sexp_nth_mpi (l2, 1, GCRYMPI_FMT_USG); - gcry_sexp_release (l2); - if (!array[idx]) { - for (i = 0; i < idx; i++) - { - gcry_free (array[i]); - array[i] = NULL; - } - gcry_sexp_release (list); - return 4; /* required parameter is invalid */ + l2 = gcry_sexp_find_token (list, s, 1); + if (!l2) + { + for (i = 0; i < idx; i++) + { + gcry_free (array[i]); + array[i] = NULL; + } + gcry_sexp_release (list); + return 3; /* required parameter not found */ + } + array[idx] = gcry_sexp_nth_mpi (l2, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (l2); + if (!array[idx]) + { + for (i = 0; i < idx; i++) + { + gcry_free (array[i]); + array[i] = NULL; + } + gcry_sexp_release (list); + return 4; /* required parameter is invalid */ + } } - } gcry_sexp_release (list); return 0; } @@ -191,9 +197,10 @@ key_from_sexp (gcry_mpi_t * array, gcry_sexp_t sexp, const char *topname, */ void GNUNET_CRYPTO_rsa_key_get_public (const struct GNUNET_CRYPTO_RsaPrivateKey - *priv, - struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded - *pub) + *priv, + struct + GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded + *pub) { gcry_mpi_t skey[2]; size_t size; @@ -206,24 +213,25 @@ GNUNET_CRYPTO_rsa_key_get_public (const struct GNUNET_CRYPTO_RsaPrivateKey rc = key_from_sexp (skey, priv->sexp, "rsa", "ne"); GNUNET_assert (0 == rc); pub->len = - htons (sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded) - - sizeof (pub->padding)); + htons (sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded) - + sizeof (pub->padding)); pub->sizen = htons (GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH); pub->padding = 0; size = GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH; GNUNET_assert (0 == - gcry_mpi_print (GCRYMPI_FMT_USG, &pub->key[0], size, &size, - skey[0])); + gcry_mpi_print (GCRYMPI_FMT_USG, &pub->key[0], size, &size, + skey[0])); adjust (&pub->key[0], size, GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH); - size = GNUNET_CRYPTO_RSA_KEY_LENGTH - GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH; + size = + GNUNET_CRYPTO_RSA_KEY_LENGTH - GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH; GNUNET_assert (0 == - gcry_mpi_print (GCRYMPI_FMT_USG, - &pub->key - [GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH], size, - &size, skey[1])); + gcry_mpi_print (GCRYMPI_FMT_USG, + &pub->key + [GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH], + size, &size, skey[1])); adjust (&pub->key[GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH], size, - GNUNET_CRYPTO_RSA_KEY_LENGTH - - GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH); + GNUNET_CRYPTO_RSA_KEY_LENGTH - + GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH); gcry_mpi_release (skey[0]); gcry_mpi_release (skey[1]); } @@ -237,7 +245,7 @@ GNUNET_CRYPTO_rsa_key_get_public (const struct GNUNET_CRYPTO_RsaPrivateKey */ static struct GNUNET_CRYPTO_RsaPrivateKey * public2PrivateKey (const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded - *publicKey) + *publicKey) { struct GNUNET_CRYPTO_RsaPrivateKey *ret; gcry_sexp_t result; @@ -251,36 +259,38 @@ public2PrivateKey (const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded (ntohs (publicKey->len) != sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded) - sizeof (publicKey->padding))) - { - GNUNET_break (0); - return NULL; - } + { + GNUNET_break (0); + return NULL; + } size = GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH; rc = gcry_mpi_scan (&n, GCRYMPI_FMT_USG, &publicKey->key[0], size, &size); if (rc) - { - LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); - return NULL; - } - size = GNUNET_CRYPTO_RSA_KEY_LENGTH - GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH; - rc = gcry_mpi_scan (&e, GCRYMPI_FMT_USG, - &publicKey->key[GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH], - size, &size); + { + LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); + return NULL; + } + size = + GNUNET_CRYPTO_RSA_KEY_LENGTH - GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH; + rc = + gcry_mpi_scan (&e, GCRYMPI_FMT_USG, + &publicKey->key[GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH], + size, &size); if (rc) - { - LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); - gcry_mpi_release (n); - return NULL; - } + { + LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); + gcry_mpi_release (n); + return NULL; + } rc = gcry_sexp_build (&result, &erroff, "(public-key(rsa(n %m)(e %m)))", n, - e); + e); gcry_mpi_release (n); gcry_mpi_release (e); if (rc) - { - LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); /* erroff gives more info */ - return NULL; - } + { + LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); /* erroff gives more info */ + return NULL; + } ret = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_RsaPrivateKey)); ret->sexp = result; return ret; @@ -306,10 +316,10 @@ rsa_encode_key (const struct GNUNET_CRYPTO_RsaPrivateKey *hostkey) #if EXTRA_CHECKS if (gcry_pk_testkey (hostkey->sexp)) - { - GNUNET_break (0); - return NULL; - } + { + GNUNET_break (0); + return NULL; + } #endif memset (pkv, 0, sizeof (gcry_mpi_t) * 6); @@ -327,21 +337,21 @@ rsa_encode_key (const struct GNUNET_CRYPTO_RsaPrivateKey *hostkey) GNUNET_assert (0 == rc); size = sizeof (struct RsaPrivateKeyBinaryEncoded); for (i = 0; i < 6; i++) - { - if (pkv[i] != NULL) { - GNUNET_assert (0 == - gcry_mpi_aprint (GCRYMPI_FMT_USG, - (unsigned char **) &pbu[i], &sizes[i], - pkv[i])); - size += sizes[i]; + if (pkv[i] != NULL) + { + GNUNET_assert (0 == + gcry_mpi_aprint (GCRYMPI_FMT_USG, + (unsigned char **) &pbu[i], + &sizes[i], pkv[i])); + size += sizes[i]; + } + else + { + pbu[i] = NULL; + sizes[i] = 0; + } } - else - { - pbu[i] = NULL; - sizes[i] = 0; - } - } GNUNET_assert (size < 65536); retval = GNUNET_malloc (size); retval->len = htons (size); @@ -366,12 +376,12 @@ rsa_encode_key (const struct GNUNET_CRYPTO_RsaPrivateKey *hostkey) retval->sizedmq1 = htons (0); memcpy (&((char *) (&retval[1]))[i], pbu[5], sizes[5]); for (i = 0; i < 6; i++) - { - if (pkv[i] != NULL) - gcry_mpi_release (pkv[i]); - if (pbu[i] != NULL) - free (pbu[i]); - } + { + if (pkv[i] != NULL) + gcry_mpi_release (pkv[i]); + if (pbu[i] != NULL) + free (pbu[i]); + } return retval; } @@ -387,7 +397,7 @@ GNUNET_CRYPTO_rsa_decode_key (const char *buf, uint16_t len) { struct GNUNET_CRYPTO_RsaPrivateKey *ret; const struct RsaPrivateKeyBinaryEncoded *encoding = - (const struct RsaPrivateKeyBinaryEncoded *) buf; + (const struct RsaPrivateKeyBinaryEncoded *) buf; gcry_sexp_t res; gcry_mpi_t n, e, d, p, q, u; int rc; @@ -402,121 +412,122 @@ GNUNET_CRYPTO_rsa_decode_key (const char *buf, uint16_t len) pos = 0; size = ntohs (encoding->sizen); rc = gcry_mpi_scan (&n, GCRYMPI_FMT_USG, - &((const unsigned char *) (&encoding[1]))[pos], size, - &size); + &((const unsigned char *) (&encoding[1]))[pos], size, + &size); pos += ntohs (encoding->sizen); if (rc) - { - LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); - return NULL; - } + { + LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); + return NULL; + } size = ntohs (encoding->sizee); rc = gcry_mpi_scan (&e, GCRYMPI_FMT_USG, - &((const unsigned char *) (&encoding[1]))[pos], size, - &size); + &((const unsigned char *) (&encoding[1]))[pos], size, + &size); pos += ntohs (encoding->sizee); if (rc) - { - LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); - gcry_mpi_release (n); - return NULL; - } + { + LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); + gcry_mpi_release (n); + return NULL; + } size = ntohs (encoding->sized); rc = gcry_mpi_scan (&d, GCRYMPI_FMT_USG, - &((const unsigned char *) (&encoding[1]))[pos], size, - &size); + &((const unsigned char *) (&encoding[1]))[pos], size, + &size); pos += ntohs (encoding->sized); if (rc) - { - LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); - gcry_mpi_release (n); - gcry_mpi_release (e); - return NULL; - } - /* swap p and q! */ - size = ntohs (encoding->sizep); - if (size > 0) - { - rc = gcry_mpi_scan (&q, GCRYMPI_FMT_USG, - &((const unsigned char *) (&encoding[1]))[pos], size, - &size); - pos += ntohs (encoding->sizep); - if (rc) { LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); gcry_mpi_release (n); gcry_mpi_release (e); - gcry_mpi_release (d); return NULL; } - } + /* swap p and q! */ + size = ntohs (encoding->sizep); + if (size > 0) + { + rc = gcry_mpi_scan (&q, GCRYMPI_FMT_USG, + &((const unsigned char *) (&encoding[1]))[pos], + size, &size); + pos += ntohs (encoding->sizep); + if (rc) + { + LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); + gcry_mpi_release (n); + gcry_mpi_release (e); + gcry_mpi_release (d); + return NULL; + } + } else q = NULL; size = ntohs (encoding->sizeq); if (size > 0) - { - rc = gcry_mpi_scan (&p, GCRYMPI_FMT_USG, - &((const unsigned char *) (&encoding[1]))[pos], size, - &size); - pos += ntohs (encoding->sizeq); - if (rc) { - LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); - gcry_mpi_release (n); - gcry_mpi_release (e); - gcry_mpi_release (d); - if (q != NULL) - gcry_mpi_release (q); - return NULL; + rc = gcry_mpi_scan (&p, GCRYMPI_FMT_USG, + &((const unsigned char *) (&encoding[1]))[pos], + size, &size); + pos += ntohs (encoding->sizeq); + if (rc) + { + LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); + gcry_mpi_release (n); + gcry_mpi_release (e); + gcry_mpi_release (d); + if (q != NULL) + gcry_mpi_release (q); + return NULL; + } } - } else p = NULL; pos += ntohs (encoding->sizedmp1); pos += ntohs (encoding->sizedmq1); size = - ntohs (encoding->len) - sizeof (struct RsaPrivateKeyBinaryEncoded) - pos; + ntohs (encoding->len) - sizeof (struct RsaPrivateKeyBinaryEncoded) - pos; if (size > 0) - { - rc = gcry_mpi_scan (&u, GCRYMPI_FMT_USG, - &((const unsigned char *) (&encoding[1]))[pos], size, - &size); - if (rc) { - LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); - gcry_mpi_release (n); - gcry_mpi_release (e); - gcry_mpi_release (d); - if (p != NULL) - gcry_mpi_release (p); - if (q != NULL) - gcry_mpi_release (q); - return NULL; + rc = gcry_mpi_scan (&u, GCRYMPI_FMT_USG, + &((const unsigned char *) (&encoding[1]))[pos], + size, &size); + if (rc) + { + LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); + gcry_mpi_release (n); + gcry_mpi_release (e); + gcry_mpi_release (d); + if (p != NULL) + gcry_mpi_release (p); + if (q != NULL) + gcry_mpi_release (q); + return NULL; + } } - } else u = NULL; if ((p != NULL) && (q != NULL) && (u != NULL)) - { - rc = gcry_sexp_build (&res, &size, /* erroff */ - "(private-key(rsa(n %m)(e %m)(d %m)(p %m)(q %m)(u %m)))", - n, e, d, p, q, u); - } - else - { - if ((p != NULL) && (q != NULL)) { - rc = gcry_sexp_build (&res, &size, /* erroff */ - "(private-key(rsa(n %m)(e %m)(d %m)(p %m)(q %m)))", - n, e, d, p, q); + rc = gcry_sexp_build (&res, &size, /* erroff */ + "(private-key(rsa(n %m)(e %m)(d %m)(p %m)(q %m)(u %m)))", + n, e, d, p, q, u); } - else + else { - rc = gcry_sexp_build (&res, &size, /* erroff */ - "(private-key(rsa(n %m)(e %m)(d %m)))", n, e, d); + if ((p != NULL) && (q != NULL)) + { + rc = gcry_sexp_build (&res, &size, /* erroff */ + "(private-key(rsa(n %m)(e %m)(d %m)(p %m)(q %m)))", + n, e, d, p, q); + } + else + { + rc = gcry_sexp_build (&res, &size, /* erroff */ + "(private-key(rsa(n %m)(e %m)(d %m)))", n, e, + d); + } } - } gcry_mpi_release (n); gcry_mpi_release (e); gcry_mpi_release (d); @@ -531,10 +542,10 @@ GNUNET_CRYPTO_rsa_decode_key (const char *buf, uint16_t len) LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); #if EXTRA_CHECKS if (gcry_pk_testkey (res)) - { - LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_pk_testkey", rc); - return NULL; - } + { + LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_pk_testkey", rc); + return NULL; + } #endif ret = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_RsaPrivateKey)); ret->sexp = res; @@ -571,167 +582,172 @@ GNUNET_CRYPTO_rsa_key_create_from_file (const char *filename) if (GNUNET_SYSERR == GNUNET_DISK_directory_create_for_file (filename)) return NULL; while (GNUNET_YES != GNUNET_DISK_file_test (filename)) - { - fd = GNUNET_DISK_file_open (filename, - GNUNET_DISK_OPEN_WRITE | GNUNET_DISK_OPEN_CREATE - | GNUNET_DISK_OPEN_FAILIFEXISTS, - GNUNET_DISK_PERM_USER_READ | - GNUNET_DISK_PERM_USER_WRITE); - if (NULL == fd) - { - if (errno == EEXIST) - { - if (GNUNET_YES != GNUNET_DISK_file_test (filename)) - { - /* must exist but not be accessible, fail for good! */ - if (0 != ACCESS (filename, R_OK)) - GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, "access", - filename); - else - GNUNET_break (0); /* what is going on!? */ - return NULL; - } - continue; - } - GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, "open", filename); - return NULL; - } - cnt = 0; - - while (GNUNET_YES != - GNUNET_DISK_file_lock (fd, 0, - sizeof (struct RsaPrivateKeyBinaryEncoded), - GNUNET_YES)) { - sleep (1); - if (0 == ++cnt % 10) - { - ec = errno; - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - _("Could not aquire lock on file `%s': %s...\n"), filename, - STRERROR (ec)); - } + fd = GNUNET_DISK_file_open (filename, + GNUNET_DISK_OPEN_WRITE | + GNUNET_DISK_OPEN_CREATE | + GNUNET_DISK_OPEN_FAILIFEXISTS, + GNUNET_DISK_PERM_USER_READ | + GNUNET_DISK_PERM_USER_WRITE); + if (NULL == fd) + { + if (errno == EEXIST) + { + if (GNUNET_YES != GNUNET_DISK_file_test (filename)) + { + /* must exist but not be accessible, fail for good! */ + if (0 != ACCESS (filename, R_OK)) + LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_ERROR, "access", + filename); + else + GNUNET_break (0); /* what is going on!? */ + return NULL; + } + continue; + } + LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_ERROR, "open", filename); + return NULL; + } + cnt = 0; + + while (GNUNET_YES != + GNUNET_DISK_file_lock (fd, 0, + sizeof (struct + RsaPrivateKeyBinaryEncoded), + GNUNET_YES)) + { + sleep (1); + if (0 == ++cnt % 10) + { + ec = errno; + LOG (GNUNET_ERROR_TYPE_ERROR, + _("Could not aquire lock on file `%s': %s...\n"), filename, + STRERROR (ec)); + } + } + LOG (GNUNET_ERROR_TYPE_INFO, + _("Creating a new private key. This may take a while.\n")); + ret = GNUNET_CRYPTO_rsa_key_create (); + GNUNET_assert (ret != NULL); + enc = rsa_encode_key (ret); + GNUNET_assert (enc != NULL); + GNUNET_assert (ntohs (enc->len) == + GNUNET_DISK_file_write (fd, enc, ntohs (enc->len))); + GNUNET_free (enc); + + GNUNET_DISK_file_sync (fd); + if (GNUNET_YES != + GNUNET_DISK_file_unlock (fd, 0, + sizeof (struct + RsaPrivateKeyBinaryEncoded))) + LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename); + GNUNET_assert (GNUNET_YES == GNUNET_DISK_file_close (fd)); + GNUNET_CRYPTO_rsa_key_get_public (ret, &pub); + GNUNET_CRYPTO_hash (&pub, sizeof (pub), &pid.hashPubKey); + LOG (GNUNET_ERROR_TYPE_INFO, + _("I am host `%s'. Stored new private key in `%s'.\n"), + GNUNET_i2s (&pid), filename); + return ret; } - GNUNET_log (GNUNET_ERROR_TYPE_INFO, - _("Creating a new private key. This may take a while.\n")); - ret = GNUNET_CRYPTO_rsa_key_create (); - GNUNET_assert (ret != NULL); - enc = rsa_encode_key (ret); - GNUNET_assert (enc != NULL); - GNUNET_assert (ntohs (enc->len) == - GNUNET_DISK_file_write (fd, enc, ntohs (enc->len))); - GNUNET_free (enc); - - GNUNET_DISK_file_sync (fd); - if (GNUNET_YES != - GNUNET_DISK_file_unlock (fd, 0, - sizeof (struct RsaPrivateKeyBinaryEncoded))) - GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename); - GNUNET_assert (GNUNET_YES == GNUNET_DISK_file_close (fd)); - GNUNET_CRYPTO_rsa_key_get_public (ret, &pub); - GNUNET_CRYPTO_hash (&pub, sizeof (pub), &pid.hashPubKey); - GNUNET_log (GNUNET_ERROR_TYPE_INFO, - _("I am host `%s'. Stored new private key in `%s'.\n"), - GNUNET_i2s (&pid), filename); - return ret; - } /* hostkey file exists already, read it! */ fd = GNUNET_DISK_file_open (filename, GNUNET_DISK_OPEN_READ, - GNUNET_DISK_PERM_NONE); + GNUNET_DISK_PERM_NONE); if (NULL == fd) - { - GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, "open", filename); - return NULL; - } - cnt = 0; - while (1) - { - if (GNUNET_YES != - GNUNET_DISK_file_lock (fd, 0, - sizeof (struct RsaPrivateKeyBinaryEncoded), - GNUNET_NO)) { - if (0 == ++cnt % 60) - { - ec = errno; - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - _("Could not aquire lock on file `%s': %s...\n"), filename, - STRERROR (ec)); - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - _ - ("This may be ok if someone is currently generating a hostkey.\n")); - } - sleep (1); - continue; - } - if (GNUNET_YES != GNUNET_DISK_file_test (filename)) - { - /* eh, what!? File we opened is now gone!? */ - GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "stat", filename); - if (GNUNET_YES != - GNUNET_DISK_file_unlock (fd, 0, - sizeof (struct RsaPrivateKeyBinaryEncoded))) - GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename); - GNUNET_assert (GNUNET_OK == GNUNET_DISK_file_close (fd)); - + LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_ERROR, "open", filename); return NULL; } - if (GNUNET_YES != GNUNET_DISK_file_size (filename, &fs, GNUNET_YES)) - fs = 0; - if (fs < sizeof (struct RsaPrivateKeyBinaryEncoded)) + cnt = 0; + while (1) { - /* maybe we got the read lock before the hostkey generating - * process had a chance to get the write lock; give it up! */ if (GNUNET_YES != - GNUNET_DISK_file_unlock (fd, 0, - sizeof (struct RsaPrivateKeyBinaryEncoded))) - GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename); - if (0 == ++cnt % 10) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - _ - ("When trying to read hostkey file `%s' I found %u bytes but I need at least %u.\n"), - filename, (unsigned int) fs, - (unsigned int) sizeof (struct RsaPrivateKeyBinaryEncoded)); - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - _ - ("This may be ok if someone is currently generating a hostkey.\n")); - } - sleep (2); /* wait a bit longer! */ - continue; + GNUNET_DISK_file_lock (fd, 0, + sizeof (struct RsaPrivateKeyBinaryEncoded), + GNUNET_NO)) + { + if (0 == ++cnt % 60) + { + ec = errno; + LOG (GNUNET_ERROR_TYPE_ERROR, + _("Could not aquire lock on file `%s': %s...\n"), filename, + STRERROR (ec)); + LOG (GNUNET_ERROR_TYPE_ERROR, + _ + ("This may be ok if someone is currently generating a hostkey.\n")); + } + sleep (1); + continue; + } + if (GNUNET_YES != GNUNET_DISK_file_test (filename)) + { + /* eh, what!? File we opened is now gone!? */ + LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "stat", filename); + if (GNUNET_YES != + GNUNET_DISK_file_unlock (fd, 0, + sizeof (struct + RsaPrivateKeyBinaryEncoded))) + LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename); + GNUNET_assert (GNUNET_OK == GNUNET_DISK_file_close (fd)); + + return NULL; + } + if (GNUNET_YES != GNUNET_DISK_file_size (filename, &fs, GNUNET_YES)) + fs = 0; + if (fs < sizeof (struct RsaPrivateKeyBinaryEncoded)) + { + /* maybe we got the read lock before the hostkey generating + * process had a chance to get the write lock; give it up! */ + if (GNUNET_YES != + GNUNET_DISK_file_unlock (fd, 0, + sizeof (struct + RsaPrivateKeyBinaryEncoded))) + LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename); + if (0 == ++cnt % 10) + { + LOG (GNUNET_ERROR_TYPE_ERROR, + _ + ("When trying to read hostkey file `%s' I found %u bytes but I need at least %u.\n"), + filename, (unsigned int) fs, + (unsigned int) sizeof (struct RsaPrivateKeyBinaryEncoded)); + LOG (GNUNET_ERROR_TYPE_ERROR, + _ + ("This may be ok if someone is currently generating a hostkey.\n")); + } + sleep (2); /* wait a bit longer! */ + continue; + } + break; } - break; - } enc = GNUNET_malloc (fs); GNUNET_assert (fs == GNUNET_DISK_file_read (fd, enc, fs)); len = ntohs (enc->len); ret = NULL; if ((len != fs) || (NULL == (ret = GNUNET_CRYPTO_rsa_decode_key ((char *) enc, len)))) - { - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - _ - ("File `%s' does not contain a valid private key. Deleting it.\n"), - filename); - if (0 != UNLINK (filename)) { - GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "unlink", filename); + LOG (GNUNET_ERROR_TYPE_ERROR, + _ + ("File `%s' does not contain a valid private key. Deleting it.\n"), + filename); + if (0 != UNLINK (filename)) + { + LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "unlink", filename); + } } - } GNUNET_free (enc); if (GNUNET_YES != GNUNET_DISK_file_unlock (fd, 0, - sizeof (struct RsaPrivateKeyBinaryEncoded))) - GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename); + sizeof (struct RsaPrivateKeyBinaryEncoded))) + LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename); GNUNET_assert (GNUNET_YES == GNUNET_DISK_file_close (fd)); if (ret != NULL) - { - GNUNET_CRYPTO_rsa_key_get_public (ret, &pub); - GNUNET_CRYPTO_hash (&pub, sizeof (pub), &pid.hashPubKey); - GNUNET_log (GNUNET_ERROR_TYPE_INFO, - _("I am host `%s'. Read private key from `%s'.\n"), - GNUNET_i2s (&pid), filename); - } + { + GNUNET_CRYPTO_rsa_key_get_public (ret, &pub); + GNUNET_CRYPTO_hash (&pub, sizeof (pub), &pid.hashPubKey); + LOG (GNUNET_ERROR_TYPE_INFO, + _("I am host `%s'. Read private key from `%s'.\n"), + GNUNET_i2s (&pid), filename); + } return ret; } @@ -748,9 +764,9 @@ GNUNET_CRYPTO_rsa_key_create_from_file (const char *filename) */ int GNUNET_CRYPTO_rsa_encrypt (const void *block, size_t size, - const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded - *publicKey, - struct GNUNET_CRYPTO_RsaEncryptedData *target) + const struct + GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded *publicKey, + struct GNUNET_CRYPTO_RsaEncryptedData *target) { gcry_sexp_t result; gcry_sexp_t data; @@ -766,10 +782,10 @@ GNUNET_CRYPTO_rsa_encrypt (const void *block, size_t size, return GNUNET_SYSERR; isize = size; GNUNET_assert (0 == - gcry_mpi_scan (&val, GCRYMPI_FMT_USG, block, isize, &isize)); + gcry_mpi_scan (&val, GCRYMPI_FMT_USG, block, isize, &isize)); GNUNET_assert (0 == - gcry_sexp_build (&data, &erroff, - "(data (flags pkcs1)(value %m))", val)); + gcry_sexp_build (&data, &erroff, + "(data (flags pkcs1)(value %m))", val)); gcry_mpi_release (val); GNUNET_assert (0 == gcry_pk_encrypt (&result, data, pubkey->sexp)); gcry_sexp_release (data); @@ -779,11 +795,11 @@ GNUNET_CRYPTO_rsa_encrypt (const void *block, size_t size, gcry_sexp_release (result); isize = sizeof (struct GNUNET_CRYPTO_RsaEncryptedData); GNUNET_assert (0 == - gcry_mpi_print (GCRYMPI_FMT_USG, (unsigned char *) target, - isize, &isize, rval)); + gcry_mpi_print (GCRYMPI_FMT_USG, (unsigned char *) target, + isize, &isize, rval)); gcry_mpi_release (rval); adjust (&target->encoding[0], isize, - sizeof (struct GNUNET_CRYPTO_RsaEncryptedData)); + sizeof (struct GNUNET_CRYPTO_RsaEncryptedData)); return GNUNET_OK; } @@ -799,8 +815,8 @@ GNUNET_CRYPTO_rsa_encrypt (const void *block, size_t size, */ ssize_t GNUNET_CRYPTO_rsa_decrypt (const struct GNUNET_CRYPTO_RsaPrivateKey * key, - const struct GNUNET_CRYPTO_RsaEncryptedData * block, - void *result, size_t max) + const struct GNUNET_CRYPTO_RsaEncryptedData * + block, void *result, size_t max) { gcry_sexp_t resultsexp; gcry_sexp_t data; @@ -815,21 +831,22 @@ GNUNET_CRYPTO_rsa_decrypt (const struct GNUNET_CRYPTO_RsaPrivateKey * key, #endif size = sizeof (struct GNUNET_CRYPTO_RsaEncryptedData); GNUNET_assert (0 == - gcry_mpi_scan (&val, GCRYMPI_FMT_USG, &block->encoding[0], - size, &size)); + gcry_mpi_scan (&val, GCRYMPI_FMT_USG, &block->encoding[0], + size, &size)); GNUNET_assert (0 == - gcry_sexp_build (&data, &erroff, "(enc-val(flags)(rsa(a %m)))", - val)); + gcry_sexp_build (&data, &erroff, + "(enc-val(flags)(rsa(a %m)))", val)); gcry_mpi_release (val); GNUNET_assert (0 == gcry_pk_decrypt (&resultsexp, data, key->sexp)); gcry_sexp_release (data); /* resultsexp has format "(value %m)" */ GNUNET_assert (NULL != - (val = gcry_sexp_nth_mpi (resultsexp, 1, GCRYMPI_FMT_USG))); + (val = gcry_sexp_nth_mpi (resultsexp, 1, GCRYMPI_FMT_USG))); gcry_sexp_release (resultsexp); tmp = GNUNET_malloc (max + HOSTKEY_LEN / 8); size = max + HOSTKEY_LEN / 8; - GNUNET_assert (0 == gcry_mpi_print (GCRYMPI_FMT_USG, tmp, size, &size, val)); + GNUNET_assert (0 == + gcry_mpi_print (GCRYMPI_FMT_USG, tmp, size, &size, val)); gcry_mpi_release (val); endp = tmp; endp += (size - max); @@ -850,8 +867,8 @@ GNUNET_CRYPTO_rsa_decrypt (const struct GNUNET_CRYPTO_RsaPrivateKey * key, */ int GNUNET_CRYPTO_rsa_sign (const struct GNUNET_CRYPTO_RsaPrivateKey *key, - const struct GNUNET_CRYPTO_RsaSignaturePurpose *purpose, - struct GNUNET_CRYPTO_RsaSignature *sig) + const struct GNUNET_CRYPTO_RsaSignaturePurpose + *purpose, struct GNUNET_CRYPTO_RsaSignature *sig) { gcry_sexp_t result; gcry_sexp_t data; @@ -867,10 +884,10 @@ GNUNET_CRYPTO_rsa_sign (const struct GNUNET_CRYPTO_RsaPrivateKey *key, buff = GNUNET_malloc (bufSize); memcpy (buff, FORMATSTRING, bufSize); memcpy (&buff - [bufSize - - strlen - ("0123456789012345678901234567890123456789012345678901234567890123))") - - 1], &hc, sizeof (GNUNET_HashCode)); + [bufSize - + strlen + ("0123456789012345678901234567890123456789012345678901234567890123))") + - 1], &hc, sizeof (GNUNET_HashCode)); GNUNET_assert (0 == gcry_sexp_new (&data, buff, bufSize, 0)); GNUNET_free (buff); GNUNET_assert (0 == gcry_pk_sign (&result, data, key->sexp)); @@ -879,8 +896,8 @@ GNUNET_CRYPTO_rsa_sign (const struct GNUNET_CRYPTO_RsaPrivateKey *key, gcry_sexp_release (result); ssize = sizeof (struct GNUNET_CRYPTO_RsaSignature); GNUNET_assert (0 == - gcry_mpi_print (GCRYMPI_FMT_USG, (unsigned char *) sig, ssize, - &ssize, rval)); + gcry_mpi_print (GCRYMPI_FMT_USG, (unsigned char *) sig, + ssize, &ssize, rval)); gcry_mpi_release (rval); adjust (sig->sig, ssize, sizeof (struct GNUNET_CRYPTO_RsaSignature)); return GNUNET_OK; @@ -898,11 +915,11 @@ GNUNET_CRYPTO_rsa_sign (const struct GNUNET_CRYPTO_RsaPrivateKey *key, */ int GNUNET_CRYPTO_rsa_verify (uint32_t purpose, - const struct GNUNET_CRYPTO_RsaSignaturePurpose - *validate, - const struct GNUNET_CRYPTO_RsaSignature *sig, - const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded - *publicKey) + const struct GNUNET_CRYPTO_RsaSignaturePurpose + *validate, + const struct GNUNET_CRYPTO_RsaSignature *sig, + const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded + *publicKey) { gcry_sexp_t data; gcry_sexp_t sigdata; @@ -916,44 +933,44 @@ GNUNET_CRYPTO_rsa_verify (uint32_t purpose, int rc; if (purpose != ntohl (validate->purpose)) - return GNUNET_SYSERR; /* purpose mismatch */ + return GNUNET_SYSERR; /* purpose mismatch */ GNUNET_CRYPTO_hash (validate, ntohl (validate->size), &hc); size = sizeof (struct GNUNET_CRYPTO_RsaSignature); GNUNET_assert (0 == - gcry_mpi_scan (&val, GCRYMPI_FMT_USG, - (const unsigned char *) sig, size, &size)); + gcry_mpi_scan (&val, GCRYMPI_FMT_USG, + (const unsigned char *) sig, size, &size)); GNUNET_assert (0 == - gcry_sexp_build (&sigdata, &erroff, "(sig-val(rsa(s %m)))", - val)); + gcry_sexp_build (&sigdata, &erroff, "(sig-val(rsa(s %m)))", + val)); gcry_mpi_release (val); bufSize = strlen (FORMATSTRING) + 1; buff = GNUNET_malloc (bufSize); memcpy (buff, FORMATSTRING, bufSize); memcpy (&buff - [strlen (FORMATSTRING) - - strlen - ("0123456789012345678901234567890123456789012345678901234567890123))")], - &hc, sizeof (GNUNET_HashCode)); + [strlen (FORMATSTRING) - + strlen + ("0123456789012345678901234567890123456789012345678901234567890123))")], + &hc, sizeof (GNUNET_HashCode)); GNUNET_assert (0 == gcry_sexp_new (&data, buff, bufSize, 0)); GNUNET_free (buff); hostkey = public2PrivateKey (publicKey); if (hostkey == NULL) - { - gcry_sexp_release (data); - gcry_sexp_release (sigdata); - return GNUNET_SYSERR; - } + { + gcry_sexp_release (data); + gcry_sexp_release (sigdata); + return GNUNET_SYSERR; + } rc = gcry_pk_verify (sigdata, data, hostkey->sexp); GNUNET_CRYPTO_rsa_key_free (hostkey); gcry_sexp_release (data); gcry_sexp_release (sigdata); if (rc) - { - GNUNET_log (GNUNET_ERROR_TYPE_WARNING, - _("RSA signature verification failed at %s:%d: %s\n"), __FILE__, - __LINE__, gcry_strerror (rc)); - return GNUNET_SYSERR; - } + { + LOG (GNUNET_ERROR_TYPE_WARNING, + _("RSA signature verification failed at %s:%d: %s\n"), __FILE__, + __LINE__, gcry_strerror (rc)); + return GNUNET_SYSERR; + } return GNUNET_OK; } |