+/**
+ * Handle to cancel private key generation and state for the
+ * key generation operation.
+ */
+struct GNUNET_CRYPTO_RsaKeyGenerationContext
+{
+
+ /**
+ * Continuation to call upon completion.
+ */
+ GNUNET_CRYPTO_RsaKeyCallback cont;
+
+ /**
+ * Closure for 'cont'.
+ */
+ void *cont_cls;
+
+ /**
+ * Name of the file.
+ */
+ char *filename;
+
+ /**
+ * Handle to the helper process which does the key generation.
+ */
+ struct GNUNET_OS_Process *gnunet_rsa;
+
+ /**
+ * Handle to 'stdout' of gnunet-rsa. We 'read' on stdout to detect
+ * process termination (instead of messing with SIGCHLD).
+ */
+ struct GNUNET_DISK_PipeHandle *gnunet_rsa_out;
+
+ /**
+ * Location where we store the private key if it already existed.
+ * (if this is used, 'filename', 'gnunet_rsa' and 'gnunet_rsa_out' will
+ * not be used).
+ */
+ struct GNUNET_CRYPTO_RsaPrivateKey *pk;
+
+ /**
+ * Task reading from 'gnunet_rsa_out' to wait for process termination.
+ */
+ GNUNET_SCHEDULER_TaskIdentifier read_task;
+
+};
+
+
+/**
+ * Task called upon shutdown or process termination of 'gnunet-rsa' during
+ * RSA key generation. Check where we are and perform the appropriate
+ * action.
+ *
+ * @param cls the 'struct GNUNET_CRYPTO_RsaKeyGenerationContext'
+ * @param tc scheduler context
+ */
+static void
+check_key_generation_completion (void *cls,
+ const struct GNUNET_SCHEDULER_TaskContext *tc)
+{
+ struct GNUNET_CRYPTO_RsaKeyGenerationContext *gc = cls;
+ struct GNUNET_CRYPTO_RsaPrivateKey *pk;
+
+ gc->read_task = GNUNET_SCHEDULER_NO_TASK;
+ if (0 != (tc->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN))
+ {
+ gc->cont (gc->cont_cls, NULL, _("interrupted by shutdown"));
+ GNUNET_CRYPTO_rsa_key_create_stop (gc);
+ return;
+ }
+ GNUNET_assert (GNUNET_OK ==
+ GNUNET_OS_process_wait (gc->gnunet_rsa));
+ GNUNET_OS_process_destroy (gc->gnunet_rsa);
+ gc->gnunet_rsa = NULL;
+ if (NULL == (pk = try_read_key (gc->filename)))
+ {
+ GNUNET_break (0);
+ gc->cont (gc->cont_cls, NULL, _("gnunet-rsa failed"));
+ GNUNET_CRYPTO_rsa_key_create_stop (gc);
+ return;
+ }
+ gc->cont (gc->cont_cls, pk, NULL);
+ GNUNET_DISK_pipe_close (gc->gnunet_rsa_out);
+ GNUNET_free (gc->filename);
+ GNUNET_free (gc);
+}
+
+
+/**
+ * Return the private RSA key which already existed on disk
+ * (asynchronously) to the caller.
+ *
+ * @param cls the 'struct GNUNET_CRYPTO_RsaKeyGenerationContext'
+ * @param tc scheduler context (unused)
+ */
+static void
+async_return_key (void *cls,
+ const struct GNUNET_SCHEDULER_TaskContext *tc)
+{
+ struct GNUNET_CRYPTO_RsaKeyGenerationContext *gc = cls;
+
+ gc->cont (gc->cont_cls,
+ gc->pk,
+ NULL);
+ GNUNET_free (gc);
+}
+
+
+/**
+ * Create a new private key by reading it from a file. If the files
+ * does not exist, create a new key and write it to the file. If the
+ * contents of the file are invalid the old file is deleted and a
+ * fresh key is created.
+ *
+ * @param filename name of file to use for storage
+ * @param cont function to call when done (or on errors)
+ * @param cont_cls closure for 'cont'
+ * @return handle to abort operation, NULL on fatal errors (cont will not be called if NULL is returned)
+ */
+struct GNUNET_CRYPTO_RsaKeyGenerationContext *
+GNUNET_CRYPTO_rsa_key_create_start (const char *filename,
+ GNUNET_CRYPTO_RsaKeyCallback cont,
+ void *cont_cls)
+{
+ struct GNUNET_CRYPTO_RsaKeyGenerationContext *gc;
+ struct GNUNET_CRYPTO_RsaPrivateKey *pk;
+ const char *weak_random;
+
+ if (NULL != (pk = try_read_key (filename)))
+ {
+ /* quick happy ending: key already exists! */
+ gc = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_RsaKeyGenerationContext));
+ gc->pk = pk;
+ gc->cont = cont;
+ gc->cont_cls = cont_cls;
+ gc->read_task = GNUNET_SCHEDULER_add_now (&async_return_key,
+ gc);
+ return gc;
+ }
+ gc = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_RsaKeyGenerationContext));
+ gc->filename = GNUNET_strdup (filename);
+ gc->cont = cont;
+ gc->cont_cls = cont_cls;
+ gc->gnunet_rsa_out = GNUNET_DISK_pipe (GNUNET_NO,
+ GNUNET_NO,
+ GNUNET_NO,
+ GNUNET_YES);
+ if (NULL == gc->gnunet_rsa_out)
+ {
+ GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "pipe");
+ GNUNET_free (gc->filename);
+ GNUNET_free (gc);
+ return NULL;
+ }
+ weak_random = NULL;
+ if (GNUNET_YES ==
+ GNUNET_CRYPTO_random_is_weak ())
+ weak_random = "-w";
+ gc->gnunet_rsa = GNUNET_OS_start_process (GNUNET_NO,
+ GNUNET_OS_INHERIT_STD_ERR,
+ NULL,
+ gc->gnunet_rsa_out,
+ "gnunet-rsa",
+ "gnunet-rsa",
+ gc->filename,
+ weak_random,
+ NULL);
+ if (NULL == gc->gnunet_rsa)
+ {
+ GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "fork");
+ GNUNET_DISK_pipe_close (gc->gnunet_rsa_out);
+ GNUNET_free (gc->filename);
+ GNUNET_free (gc);
+ return NULL;
+ }
+ GNUNET_assert (GNUNET_OK ==
+ GNUNET_DISK_pipe_close_end (gc->gnunet_rsa_out,
+ GNUNET_DISK_PIPE_END_WRITE));
+ gc->read_task = GNUNET_SCHEDULER_add_read_file (GNUNET_TIME_UNIT_FOREVER_REL,
+ GNUNET_DISK_pipe_handle (gc->gnunet_rsa_out,
+ GNUNET_DISK_PIPE_END_READ),
+ &check_key_generation_completion,
+ gc);
+ return gc;
+}
+
+
+/**
+ * Abort RSA key generation.
+ *
+ * @param gc key generation context to abort
+ */
+void
+GNUNET_CRYPTO_rsa_key_create_stop (struct GNUNET_CRYPTO_RsaKeyGenerationContext *gc)
+{
+ if (GNUNET_SCHEDULER_NO_TASK != gc->read_task)
+ {
+ GNUNET_SCHEDULER_cancel (gc->read_task);
+ gc->read_task = GNUNET_SCHEDULER_NO_TASK;
+ }
+ if (NULL != gc->gnunet_rsa)
+ {
+ (void) GNUNET_OS_process_kill (gc->gnunet_rsa, SIGKILL);
+ GNUNET_break (GNUNET_OK ==
+ GNUNET_OS_process_wait (gc->gnunet_rsa));
+ GNUNET_OS_process_destroy (gc->gnunet_rsa);
+ GNUNET_DISK_pipe_close (gc->gnunet_rsa_out);
+ }
+
+ if (NULL != gc->filename)
+ {
+ if (0 != UNLINK (gc->filename))
+ GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "unlink", gc->filename);
+ GNUNET_free (gc->filename);
+ }
+ if (NULL != gc->pk)
+ GNUNET_CRYPTO_rsa_key_free (gc->pk);
+ GNUNET_free (gc);
+}
+
+
+/**
+ * Setup a key file for a peer given the name of the
+ * configuration file (!). This function is used so that
+ * at a later point code can be certain that reading a
+ * key is fast (for example in time-dependent testcases).
+ *
+ * @param cfg_name name of the configuration file to use
+ */
+void
+GNUNET_CRYPTO_rsa_setup_hostkey (const char *cfg_name)
+{
+ struct GNUNET_CONFIGURATION_Handle *cfg;
+ struct GNUNET_CRYPTO_RsaPrivateKey *pk;
+ char *fn;
+
+ cfg = GNUNET_CONFIGURATION_create ();
+ (void) GNUNET_CONFIGURATION_load (cfg, cfg_name);
+ if (GNUNET_OK ==
+ GNUNET_CONFIGURATION_get_value_filename (cfg, "GNUNETD", "HOSTKEY", &fn))
+ {
+ pk = GNUNET_CRYPTO_rsa_key_create_from_file (fn);
+ if (NULL != pk)
+ GNUNET_CRYPTO_rsa_key_free (pk);
+ GNUNET_free (fn);
+ }
+ GNUNET_CONFIGURATION_destroy (cfg);
+}
+
+