#include "gnunet_common.h"
#include "gnunet_crypto_lib.h"
#include "gnunet_disk_lib.h"
+#include "gnunet_strings_lib.h"
+
+#define LOG(kind,...) GNUNET_log_from (kind, "util", __VA_ARGS__)
+
+#define LOG_STRERROR(kind,syscall) GNUNET_log_from_strerror (kind, "util", syscall)
+
+#define LOG_STRERROR_FILE(kind,syscall,filename) GNUNET_log_from_strerror_file (kind, "util", syscall, filename)
/**
* The private information of an RSA key pair.
};
-/**
- * GNUnet mandates a certain format for the encoding
- * of private RSA key information that is provided
- * by the RSA implementations. This format is used
- * to serialize a private RSA key (typically when
- * writing it to disk).
- */
-struct RsaPrivateKeyBinaryEncoded
-{
- /**
- * Total size of the structure, in bytes, in big-endian!
- */
- uint16_t len GNUNET_PACKED;
- uint16_t sizen GNUNET_PACKED; /* in big-endian! */
- uint16_t sizee GNUNET_PACKED; /* in big-endian! */
- uint16_t sized GNUNET_PACKED; /* in big-endian! */
- uint16_t sizep GNUNET_PACKED; /* in big-endian! */
- uint16_t sizeq GNUNET_PACKED; /* in big-endian! */
- uint16_t sizedmp1 GNUNET_PACKED; /* in big-endian! */
- uint16_t sizedmq1 GNUNET_PACKED; /* in big-endian! */
- /* followed by the actual values */
-};
-
-
#define HOSTKEY_LEN 2048
#define EXTRA_CHECKS ALLOW_EXTRA_CHECKS
* a failure of the command 'cmd' with the message given
* by gcry_strerror(rc).
*/
-#define LOG_GCRY(level, cmd, rc) do { GNUNET_log(level, _("`%s' failed at %s:%d with error: %s\n"), cmd, __FILE__, __LINE__, gcry_strerror(rc)); } while(0);
+#define LOG_GCRY(level, cmd, rc) do { LOG(level, _("`%s' failed at %s:%d with error: %s\n"), cmd, __FILE__, __LINE__, gcry_strerror(rc)); } while(0);
/**
* If target != size, move target bytes to the
}
/**
- * This HostKey implementation uses RSA.
+ * Create a new private key. Caller must free return value.
+ *
+ * @return fresh private key
*/
struct GNUNET_CRYPTO_RsaPrivateKey *
GNUNET_CRYPTO_rsa_key_create ()
gcry_sexp_t s_key;
gcry_sexp_t s_keyparam;
- GNUNET_assert (0 == gcry_sexp_build (&s_keyparam,
- NULL,
- "(genkey(rsa(nbits %d)(rsa-use-e 3:257)))",
- HOSTKEY_LEN));
+ GNUNET_assert (0 ==
+ gcry_sexp_build (&s_keyparam, NULL,
+ "(genkey(rsa(nbits %d)(rsa-use-e 3:257)))",
+ HOSTKEY_LEN));
GNUNET_assert (0 == gcry_pk_genkey (&s_key, s_keyparam));
gcry_sexp_release (s_keyparam);
#if EXTRA_CHECKS
/**
* Free memory occupied by hostkey
+ * @param hostkey pointer to the memory to free
*/
void
GNUNET_CRYPTO_rsa_key_free (struct GNUNET_CRYPTO_RsaPrivateKey *hostkey)
}
static int
-key_from_sexp (gcry_mpi_t * array,
- gcry_sexp_t sexp, const char *topname, const char *elems)
+key_from_sexp (gcry_mpi_t * array, gcry_sexp_t sexp, const char *topname,
+ const char *elems)
{
gcry_sexp_t list, l2;
const char *s;
void
GNUNET_CRYPTO_rsa_key_get_public (const struct GNUNET_CRYPTO_RsaPrivateKey
*priv,
- struct
- GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded *pub)
+ struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded
+ *pub)
{
gcry_mpi_t skey[2];
size_t size;
pub->sizen = htons (GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH);
pub->padding = 0;
size = GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH;
- GNUNET_assert (0 == gcry_mpi_print (GCRYMPI_FMT_USG,
- &pub->key[0], size, &size, skey[0]));
+ GNUNET_assert (0 ==
+ gcry_mpi_print (GCRYMPI_FMT_USG, &pub->key[0], size, &size,
+ skey[0]));
adjust (&pub->key[0], size, GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH);
size = GNUNET_CRYPTO_RSA_KEY_LENGTH - GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH;
GNUNET_assert (0 ==
gcry_mpi_print (GCRYMPI_FMT_USG,
&pub->key
- [GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH],
- size, &size, skey[1]));
+ [GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH], size,
+ &size, skey[1]));
adjust (&pub->key[GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH], size,
GNUNET_CRYPTO_RSA_KEY_LENGTH -
GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH);
}
+/**
+ * Convert a public key to a string.
+ *
+ * @param pub key to convert
+ * @return string representing 'pub'
+ */
+char *
+GNUNET_CRYPTO_rsa_public_key_to_string (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded *pub)
+{
+ char *pubkeybuf;
+ size_t keylen = (sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded)) * 8;
+ char *end;
+
+ if (keylen % 5 > 0)
+ keylen += 5 - keylen % 5;
+ keylen /= 5;
+ pubkeybuf = GNUNET_malloc (keylen + 1);
+ end = GNUNET_STRINGS_data_to_string ((unsigned char *) pub,
+ sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded),
+ pubkeybuf,
+ keylen);
+ if (NULL == end)
+ {
+ GNUNET_free (pubkeybuf);
+ return NULL;
+ }
+ *end = '\0';
+ return pubkeybuf;
+}
+
+
+/**
+ * Convert a string representing a public key to a public key.
+ *
+ * @param enc encoded public key
+ * @param enclen number of bytes in enc (without 0-terminator)
+ * @param pub where to store the public key
+ * @return GNUNET_OK on success
+ */
+int
+GNUNET_CRYPTO_rsa_public_key_from_string (const char *enc,
+ size_t enclen,
+ struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded *pub)
+{
+ size_t keylen = (sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded)) * 8;
+
+ if (keylen % 5 > 0)
+ keylen += 5 - keylen % 5;
+ keylen /= 5;
+ if (enclen != keylen)
+ return GNUNET_SYSERR;
+
+ if (GNUNET_OK != GNUNET_STRINGS_string_to_data (enc, enclen,
+ (unsigned char*) pub,
+ sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded)))
+ return GNUNET_SYSERR;
+ if ( (ntohs (pub->len) != sizeof (struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded)) ||
+ (ntohs (pub->padding) != 0) ||
+ (ntohs (pub->sizen) != GNUNET_CRYPTO_RSA_DATA_ENCODING_LENGTH) )
+ return GNUNET_SYSERR;
+ return GNUNET_OK;
+}
+
+
/**
* Internal: publicKey => RSA-Key.
*
gcry_mpi_release (n);
return NULL;
}
- rc = gcry_sexp_build (&result,
- &erroff, "(public-key(rsa(n %m)(e %m)))", n, e);
+ rc = gcry_sexp_build (&result, &erroff, "(public-key(rsa(n %m)(e %m)))", n,
+ e);
gcry_mpi_release (n);
gcry_mpi_release (e);
if (rc)
* @returns encoding of the private key.
* The first 4 bytes give the size of the array, as usual.
*/
-static struct RsaPrivateKeyBinaryEncoded *
-rsa_encode_key (const struct GNUNET_CRYPTO_RsaPrivateKey *hostkey)
+struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded *
+GNUNET_CRYPTO_rsa_encode_key (const struct GNUNET_CRYPTO_RsaPrivateKey *hostkey)
{
- struct RsaPrivateKeyBinaryEncoded *retval;
+ struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded *retval;
gcry_mpi_t pkv[6];
void *pbu[6];
size_t sizes[6];
if (rc)
rc = key_from_sexp (pkv, hostkey->sexp, "rsa", "ned");
GNUNET_assert (0 == rc);
- size = sizeof (struct RsaPrivateKeyBinaryEncoded);
+ size = sizeof (struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded);
for (i = 0; i < 6; i++)
{
if (pkv[i] != NULL)
{
- GNUNET_assert (0 == gcry_mpi_aprint (GCRYMPI_FMT_USG,
- (unsigned char **) &pbu[i],
- &sizes[i], pkv[i]));
+ GNUNET_assert (0 ==
+ gcry_mpi_aprint (GCRYMPI_FMT_USG,
+ (unsigned char **) &pbu[i], &sizes[i],
+ pkv[i]));
size += sizes[i];
}
else
return retval;
}
+
/**
* Decode the private key from the file-format back
* to the "normal", internal format.
GNUNET_CRYPTO_rsa_decode_key (const char *buf, uint16_t len)
{
struct GNUNET_CRYPTO_RsaPrivateKey *ret;
- const struct RsaPrivateKeyBinaryEncoded *encoding =
- (const struct RsaPrivateKeyBinaryEncoded *) buf;
+ const struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded *encoding =
+ (const struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded *) buf;
gcry_sexp_t res;
gcry_mpi_t n, e, d, p, q, u;
int rc;
pos = 0;
size = ntohs (encoding->sizen);
- rc = gcry_mpi_scan (&n,
- GCRYMPI_FMT_USG,
- &((const unsigned char *) (&encoding[1]))[pos],
- size, &size);
+ rc = gcry_mpi_scan (&n, GCRYMPI_FMT_USG,
+ &((const unsigned char *) (&encoding[1]))[pos], size,
+ &size);
pos += ntohs (encoding->sizen);
if (rc)
{
return NULL;
}
size = ntohs (encoding->sizee);
- rc = gcry_mpi_scan (&e,
- GCRYMPI_FMT_USG,
- &((const unsigned char *) (&encoding[1]))[pos],
- size, &size);
+ rc = gcry_mpi_scan (&e, GCRYMPI_FMT_USG,
+ &((const unsigned char *) (&encoding[1]))[pos], size,
+ &size);
pos += ntohs (encoding->sizee);
if (rc)
{
return NULL;
}
size = ntohs (encoding->sized);
- rc = gcry_mpi_scan (&d,
- GCRYMPI_FMT_USG,
- &((const unsigned char *) (&encoding[1]))[pos],
- size, &size);
+ rc = gcry_mpi_scan (&d, GCRYMPI_FMT_USG,
+ &((const unsigned char *) (&encoding[1]))[pos], size,
+ &size);
pos += ntohs (encoding->sized);
if (rc)
{
size = ntohs (encoding->sizep);
if (size > 0)
{
- rc = gcry_mpi_scan (&q,
- GCRYMPI_FMT_USG,
- &((const unsigned char *) (&encoding[1]))[pos],
- size, &size);
+ rc = gcry_mpi_scan (&q, GCRYMPI_FMT_USG,
+ &((const unsigned char *) (&encoding[1]))[pos], size,
+ &size);
pos += ntohs (encoding->sizep);
if (rc)
{
size = ntohs (encoding->sizeq);
if (size > 0)
{
- rc = gcry_mpi_scan (&p,
- GCRYMPI_FMT_USG,
- &((const unsigned char *) (&encoding[1]))[pos],
- size, &size);
+ rc = gcry_mpi_scan (&p, GCRYMPI_FMT_USG,
+ &((const unsigned char *) (&encoding[1]))[pos], size,
+ &size);
pos += ntohs (encoding->sizeq);
if (rc)
{
pos += ntohs (encoding->sizedmp1);
pos += ntohs (encoding->sizedmq1);
size =
- ntohs (encoding->len) - sizeof (struct RsaPrivateKeyBinaryEncoded) - pos;
+ ntohs (encoding->len) - sizeof (struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded) - pos;
if (size > 0)
{
- rc = gcry_mpi_scan (&u,
- GCRYMPI_FMT_USG,
- &((const unsigned char *) (&encoding[1]))[pos],
- size, &size);
+ rc = gcry_mpi_scan (&u, GCRYMPI_FMT_USG,
+ &((const unsigned char *) (&encoding[1]))[pos], size,
+ &size);
if (rc)
{
LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
* files does not exist, create a new key and write it to the
* file. Caller must free return value. Note that this function
* can not guarantee that another process might not be trying
- * the same operation on the same file at the same time.
+ * the same operation on the same file at the same time.
* If the contents of the file
* are invalid the old file is deleted and a fresh key is
* created.
GNUNET_CRYPTO_rsa_key_create_from_file (const char *filename)
{
struct GNUNET_CRYPTO_RsaPrivateKey *ret;
- struct RsaPrivateKeyBinaryEncoded *enc;
+ struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded *enc;
uint16_t len;
struct GNUNET_DISK_FileHandle *fd;
unsigned int cnt;
while (GNUNET_YES != GNUNET_DISK_file_test (filename))
{
fd = GNUNET_DISK_file_open (filename,
- GNUNET_DISK_OPEN_WRITE |
- GNUNET_DISK_OPEN_CREATE |
- GNUNET_DISK_OPEN_FAILIFEXISTS,
+ GNUNET_DISK_OPEN_WRITE | GNUNET_DISK_OPEN_CREATE
+ | GNUNET_DISK_OPEN_FAILIFEXISTS,
GNUNET_DISK_PERM_USER_READ |
GNUNET_DISK_PERM_USER_WRITE);
if (NULL == fd)
{
/* must exist but not be accessible, fail for good! */
if (0 != ACCESS (filename, R_OK))
- GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
- "access", filename);
+ LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_ERROR, "access", filename);
else
GNUNET_break (0); /* what is going on!? */
return NULL;
}
continue;
}
- GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, "open", filename);
+ LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_ERROR, "open", filename);
return NULL;
}
cnt = 0;
while (GNUNET_YES !=
GNUNET_DISK_file_lock (fd, 0,
- sizeof (struct
- RsaPrivateKeyBinaryEncoded),
+ sizeof (struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded),
GNUNET_YES))
{
sleep (1);
if (0 == ++cnt % 10)
{
ec = errno;
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- _
- ("Could not aquire lock on file `%s': %s...\n"),
- filename, STRERROR (ec));
+ LOG (GNUNET_ERROR_TYPE_ERROR,
+ _("Could not aquire lock on file `%s': %s...\n"), filename,
+ STRERROR (ec));
}
}
- GNUNET_log (GNUNET_ERROR_TYPE_INFO,
- _("Creating a new private key. This may take a while.\n"));
+ LOG (GNUNET_ERROR_TYPE_INFO,
+ _("Creating a new private key. This may take a while.\n"));
ret = GNUNET_CRYPTO_rsa_key_create ();
GNUNET_assert (ret != NULL);
- enc = rsa_encode_key (ret);
+ enc = GNUNET_CRYPTO_rsa_encode_key (ret);
GNUNET_assert (enc != NULL);
GNUNET_assert (ntohs (enc->len) ==
GNUNET_DISK_file_write (fd, enc, ntohs (enc->len)));
GNUNET_DISK_file_sync (fd);
if (GNUNET_YES !=
GNUNET_DISK_file_unlock (fd, 0,
- sizeof (struct RsaPrivateKeyBinaryEncoded)))
- GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename);
+ sizeof (struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded)))
+ LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename);
GNUNET_assert (GNUNET_YES == GNUNET_DISK_file_close (fd));
GNUNET_CRYPTO_rsa_key_get_public (ret, &pub);
GNUNET_CRYPTO_hash (&pub, sizeof (pub), &pid.hashPubKey);
- GNUNET_log (GNUNET_ERROR_TYPE_INFO,
- _("I am host `%s'. Stored new private key in `%s'.\n"),
- GNUNET_i2s (&pid), filename);
+ LOG (GNUNET_ERROR_TYPE_INFO,
+ _("I am host `%s'. Stored new private key in `%s'.\n"),
+ GNUNET_i2s (&pid), filename);
return ret;
}
/* hostkey file exists already, read it! */
GNUNET_DISK_PERM_NONE);
if (NULL == fd)
{
- GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, "open", filename);
+ LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_ERROR, "open", filename);
return NULL;
}
cnt = 0;
{
if (GNUNET_YES !=
GNUNET_DISK_file_lock (fd, 0,
- sizeof (struct RsaPrivateKeyBinaryEncoded),
+ sizeof (struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded),
GNUNET_NO))
{
if (0 == ++cnt % 60)
{
ec = errno;
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- _("Could not aquire lock on file `%s': %s...\n"),
- filename, STRERROR (ec));
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- _
- ("This may be ok if someone is currently generating a hostkey.\n"));
+ LOG (GNUNET_ERROR_TYPE_ERROR,
+ _("Could not aquire lock on file `%s': %s...\n"), filename,
+ STRERROR (ec));
+ LOG (GNUNET_ERROR_TYPE_ERROR,
+ _
+ ("This may be ok if someone is currently generating a hostkey.\n"));
}
sleep (1);
continue;
if (GNUNET_YES != GNUNET_DISK_file_test (filename))
{
/* eh, what!? File we opened is now gone!? */
- GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "stat", filename);
+ LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "stat", filename);
if (GNUNET_YES !=
GNUNET_DISK_file_unlock (fd, 0,
- sizeof (struct RsaPrivateKeyBinaryEncoded)))
- GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename);
+ sizeof (struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded)))
+ LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename);
GNUNET_assert (GNUNET_OK == GNUNET_DISK_file_close (fd));
return NULL;
}
if (GNUNET_YES != GNUNET_DISK_file_size (filename, &fs, GNUNET_YES))
fs = 0;
- if (fs < sizeof (struct RsaPrivateKeyBinaryEncoded))
+ if (fs < sizeof (struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded))
{
/* maybe we got the read lock before the hostkey generating
* process had a chance to get the write lock; give it up! */
if (GNUNET_YES !=
GNUNET_DISK_file_unlock (fd, 0,
- sizeof (struct RsaPrivateKeyBinaryEncoded)))
- GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename);
+ sizeof (struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded)))
+ LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename);
if (0 == ++cnt % 10)
{
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- _
- ("When trying to read hostkey file `%s' I found %u bytes but I need at least %u.\n"),
- filename, (unsigned int) fs,
- (unsigned int) sizeof (struct RsaPrivateKeyBinaryEncoded));
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- _
- ("This may be ok if someone is currently generating a hostkey.\n"));
+ LOG (GNUNET_ERROR_TYPE_ERROR,
+ _
+ ("When trying to read hostkey file `%s' I found %u bytes but I need at least %u.\n"),
+ filename, (unsigned int) fs,
+ (unsigned int) sizeof (struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded));
+ LOG (GNUNET_ERROR_TYPE_ERROR,
+ _
+ ("This may be ok if someone is currently generating a hostkey.\n"));
}
sleep (2); /* wait a bit longer! */
continue;
if ((len != fs) ||
(NULL == (ret = GNUNET_CRYPTO_rsa_decode_key ((char *) enc, len))))
{
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- _
- ("File `%s' does not contain a valid private key. Deleting it.\n"),
- filename);
+ LOG (GNUNET_ERROR_TYPE_ERROR,
+ _("File `%s' does not contain a valid private key. Deleting it.\n"),
+ filename);
if (0 != UNLINK (filename))
{
- GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "unlink", filename);
+ LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "unlink", filename);
}
}
GNUNET_free (enc);
if (GNUNET_YES !=
GNUNET_DISK_file_unlock (fd, 0,
- sizeof (struct RsaPrivateKeyBinaryEncoded)))
- GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename);
+ sizeof (struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded)))
+ LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename);
GNUNET_assert (GNUNET_YES == GNUNET_DISK_file_close (fd));
if (ret != NULL)
{
GNUNET_CRYPTO_rsa_key_get_public (ret, &pub);
GNUNET_CRYPTO_hash (&pub, sizeof (pub), &pid.hashPubKey);
- GNUNET_log (GNUNET_ERROR_TYPE_INFO,
- _("I am host `%s'. Read private key from `%s'.\n"),
- GNUNET_i2s (&pid), filename);
+ LOG (GNUNET_ERROR_TYPE_INFO,
+ _("I am host `%s'. Read private key from `%s'.\n"), GNUNET_i2s (&pid),
+ filename);
}
return ret;
}
+/**
+ * Setup a hostkey file for a peer given the name of the
+ * configuration file (!). This function is used so that
+ * at a later point code can be certain that reading a
+ * hostkey is fast (for example in time-dependent testcases).
+ *
+ * @param cfg_name name of the configuration file to use
+ */
+void
+GNUNET_CRYPTO_setup_hostkey (const char *cfg_name)
+{
+ struct GNUNET_CONFIGURATION_Handle *cfg;
+ struct GNUNET_CRYPTO_RsaPrivateKey *pk;
+ char *fn;
+
+ cfg = GNUNET_CONFIGURATION_create ();
+ (void) GNUNET_CONFIGURATION_load (cfg, cfg_name);
+ if (GNUNET_OK ==
+ GNUNET_CONFIGURATION_get_value_filename (cfg, "GNUNETD", "HOSTKEY", &fn))
+ {
+ pk = GNUNET_CRYPTO_rsa_key_create_from_file (fn);
+ if (NULL != pk)
+ GNUNET_CRYPTO_rsa_key_free (pk);
+ GNUNET_free (fn);
+ }
+ GNUNET_CONFIGURATION_destroy (cfg);
+}
+
+
/**
* Encrypt a block with the public key of another host that uses the
* same cipher.
* @returns GNUNET_SYSERR on error, GNUNET_OK if ok
*/
int
-GNUNET_CRYPTO_rsa_encrypt (const void *block,
- size_t size,
- const struct
- GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded *publicKey,
+GNUNET_CRYPTO_rsa_encrypt (const void *block, size_t size,
+ const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded
+ *publicKey,
struct GNUNET_CRYPTO_RsaEncryptedData *target)
{
gcry_sexp_t result;
GNUNET_assert (0 == key_from_sexp (&rval, result, "rsa", "a"));
gcry_sexp_release (result);
isize = sizeof (struct GNUNET_CRYPTO_RsaEncryptedData);
- GNUNET_assert (0 == gcry_mpi_print (GCRYMPI_FMT_USG,
- (unsigned char *) target, isize, &isize,
- rval));
+ GNUNET_assert (0 ==
+ gcry_mpi_print (GCRYMPI_FMT_USG, (unsigned char *) target,
+ isize, &isize, rval));
gcry_mpi_release (rval);
adjust (&target->encoding[0], isize,
sizeof (struct GNUNET_CRYPTO_RsaEncryptedData));
return GNUNET_OK;
}
+
/**
* Decrypt a given block with the hostkey.
*
*/
ssize_t
GNUNET_CRYPTO_rsa_decrypt (const struct GNUNET_CRYPTO_RsaPrivateKey * key,
- const struct GNUNET_CRYPTO_RsaEncryptedData *
- block, void *result, size_t max)
+ const struct GNUNET_CRYPTO_RsaEncryptedData * block,
+ void *result, size_t max)
{
gcry_sexp_t resultsexp;
gcry_sexp_t data;
GNUNET_assert (0 == gcry_pk_testkey (key->sexp));
#endif
size = sizeof (struct GNUNET_CRYPTO_RsaEncryptedData);
- GNUNET_assert (0 == gcry_mpi_scan (&val,
- GCRYMPI_FMT_USG, &block->encoding[0],
- size, &size));
GNUNET_assert (0 ==
- gcry_sexp_build (&data, &erroff,
- "(enc-val(flags)(rsa(a %m)))", val));
+ gcry_mpi_scan (&val, GCRYMPI_FMT_USG, &block->encoding[0],
+ size, &size));
+ GNUNET_assert (0 ==
+ gcry_sexp_build (&data, &erroff, "(enc-val(flags)(rsa(a %m)))",
+ val));
gcry_mpi_release (val);
GNUNET_assert (0 == gcry_pk_decrypt (&resultsexp, data, key->sexp));
gcry_sexp_release (data);
*/
int
GNUNET_CRYPTO_rsa_sign (const struct GNUNET_CRYPTO_RsaPrivateKey *key,
- const struct GNUNET_CRYPTO_RsaSignaturePurpose
- *purpose, struct GNUNET_CRYPTO_RsaSignature *sig)
+ const struct GNUNET_CRYPTO_RsaSignaturePurpose *purpose,
+ struct GNUNET_CRYPTO_RsaSignature *sig)
{
gcry_sexp_t result;
gcry_sexp_t data;
GNUNET_assert (0 == key_from_sexp (&rval, result, "rsa", "s"));
gcry_sexp_release (result);
ssize = sizeof (struct GNUNET_CRYPTO_RsaSignature);
- GNUNET_assert (0 == gcry_mpi_print (GCRYMPI_FMT_USG,
- (unsigned char *) sig, ssize, &ssize,
- rval));
+ GNUNET_assert (0 ==
+ gcry_mpi_print (GCRYMPI_FMT_USG, (unsigned char *) sig, ssize,
+ &ssize, rval));
gcry_mpi_release (rval);
adjust (sig->sig, ssize, sizeof (struct GNUNET_CRYPTO_RsaSignature));
return GNUNET_OK;
return GNUNET_SYSERR; /* purpose mismatch */
GNUNET_CRYPTO_hash (validate, ntohl (validate->size), &hc);
size = sizeof (struct GNUNET_CRYPTO_RsaSignature);
- GNUNET_assert (0 == gcry_mpi_scan (&val,
- GCRYMPI_FMT_USG,
- (const unsigned char *) sig, size, &size));
+ GNUNET_assert (0 ==
+ gcry_mpi_scan (&val, GCRYMPI_FMT_USG,
+ (const unsigned char *) sig, size, &size));
GNUNET_assert (0 ==
gcry_sexp_build (&sigdata, &erroff, "(sig-val(rsa(s %m)))",
val));
bufSize = strlen (FORMATSTRING) + 1;
buff = GNUNET_malloc (bufSize);
memcpy (buff, FORMATSTRING, bufSize);
- memcpy (&buff[strlen (FORMATSTRING) -
- strlen
- ("0123456789012345678901234567890123456789012345678901234567890123))")],
+ memcpy (&buff
+ [strlen (FORMATSTRING) -
+ strlen
+ ("0123456789012345678901234567890123456789012345678901234567890123))")],
&hc, sizeof (GNUNET_HashCode));
GNUNET_assert (0 == gcry_sexp_new (&data, buff, bufSize, 0));
GNUNET_free (buff);
gcry_sexp_release (sigdata);
if (rc)
{
- GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
- _("RSA signature verification failed at %s:%d: %s\n"),
- __FILE__, __LINE__, gcry_strerror (rc));
+ LOG (GNUNET_ERROR_TYPE_WARNING,
+ _("RSA signature verification failed at %s:%d: %s\n"), __FILE__,
+ __LINE__, gcry_strerror (rc));
return GNUNET_SYSERR;
}
return GNUNET_OK;
projects / oweals / gnunet.git / blobdiff