X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=src%2Futil%2Fcrypto_ecc.c;h=3cec128680f7e2bd38d9d4baf26557b80260a655;hb=72c8645af31896829b674b575c5375706f362a30;hp=088d765cd67654d0fb55dc4b88a425b711090214;hpb=f6e6cf33fd48df1730685e788fd27dbf33a49791;p=oweals%2Fgnunet.git diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c index 088d765cd..3cec12868 100644 --- a/src/util/crypto_ecc.c +++ b/src/util/crypto_ecc.c @@ -216,8 +216,8 @@ GNUNET_CRYPTO_ecc_public_key_from_string (const char *enc, return GNUNET_SYSERR; if (GNUNET_OK != GNUNET_STRINGS_string_to_data (enc, enclen, - (unsigned char*) pub, - sizeof (struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded))) + pub, + sizeof (struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded))) return GNUNET_SYSERR; if ( (ntohs (pub->size) != sizeof (struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded)) || (ntohs (pub->len) > GNUNET_CRYPTO_ECC_SIGNATURE_DATA_ENCODING_LENGTH) ) @@ -404,72 +404,6 @@ GNUNET_CRYPTO_ecc_key_create () } -/** - * Try to read the private key from the given file. - * - * @param filename file to read the key from - * @return NULL on error - */ -static struct GNUNET_CRYPTO_EccPrivateKey * -try_read_key (const char *filename) -{ - struct GNUNET_CRYPTO_EccPrivateKey *ret; - struct GNUNET_DISK_FileHandle *fd; - OFF_T fs; - - if (GNUNET_YES != GNUNET_DISK_file_test (filename)) - return NULL; - - /* key file exists already, read it! */ - if (NULL == (fd = GNUNET_DISK_file_open (filename, GNUNET_DISK_OPEN_READ, - GNUNET_DISK_PERM_NONE))) - { - LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_ERROR, "open", filename); - return NULL; - } - if (GNUNET_OK != (GNUNET_DISK_file_handle_size (fd, &fs))) - { - LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_ERROR, "stat", filename); - (void) GNUNET_DISK_file_close (fd); - return NULL; - } - if (0 == fs) - { - GNUNET_break (GNUNET_OK == GNUNET_DISK_file_close (fd)); - return NULL; - } - if (fs > UINT16_MAX) - { - LOG (GNUNET_ERROR_TYPE_ERROR, - _("File `%s' does not contain a valid private key (too long, %llu bytes). Deleting it.\n"), - filename, - (unsigned long long) fs); - GNUNET_break (GNUNET_OK == GNUNET_DISK_file_close (fd)); - if (0 != UNLINK (filename)) - LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "unlink", filename); - return NULL; - } - { - char enc[fs]; - - GNUNET_break (fs == GNUNET_DISK_file_read (fd, enc, fs)); - if (NULL == (ret = GNUNET_CRYPTO_ecc_decode_key ((char *) enc, fs, GNUNET_YES))) - { - LOG (GNUNET_ERROR_TYPE_ERROR, - _("File `%s' does not contain a valid private key (failed decode, %llu bytes). Deleting it.\n"), - filename, - (unsigned long long) fs); - GNUNET_break (GNUNET_OK == GNUNET_DISK_file_close (fd)); - if (0 != UNLINK (filename)) - LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "unlink", filename); - return NULL; - } - } - GNUNET_break (GNUNET_OK == GNUNET_DISK_file_close (fd)); - return ret; -} - - /** * Wait for a short time (we're trying to lock a file or want * to give another process a shot at finishing a disk write, etc.). @@ -674,217 +608,24 @@ GNUNET_CRYPTO_ecc_key_create_from_file (const char *filename) /** - * Handle to cancel private key generation and state for the - * key generation operation. - */ -struct GNUNET_CRYPTO_EccKeyGenerationContext -{ - - /** - * Continuation to call upon completion. - */ - GNUNET_CRYPTO_EccKeyCallback cont; - - /** - * Closure for 'cont'. - */ - void *cont_cls; - - /** - * Name of the file. - */ - char *filename; - - /** - * Handle to the helper process which does the key generation. - */ - struct GNUNET_OS_Process *gnunet_ecc; - - /** - * Handle to 'stdout' of gnunet-ecc. We 'read' on stdout to detect - * process termination (instead of messing with SIGCHLD). - */ - struct GNUNET_DISK_PipeHandle *gnunet_ecc_out; - - /** - * Location where we store the private key if it already existed. - * (if this is used, 'filename', 'gnunet_ecc' and 'gnunet_ecc_out' will - * not be used). - */ - struct GNUNET_CRYPTO_EccPrivateKey *pk; - - /** - * Task reading from 'gnunet_ecc_out' to wait for process termination. - */ - GNUNET_SCHEDULER_TaskIdentifier read_task; - -}; - - -/** - * Abort ECC key generation. + * Create a new private key by reading our peer's key from + * the file specified in the configuration. * - * @param gc key generation context to abort - */ -void -GNUNET_CRYPTO_ecc_key_create_stop (struct GNUNET_CRYPTO_EccKeyGenerationContext *gc) -{ - if (GNUNET_SCHEDULER_NO_TASK != gc->read_task) - { - GNUNET_SCHEDULER_cancel (gc->read_task); - gc->read_task = GNUNET_SCHEDULER_NO_TASK; - } - if (NULL != gc->gnunet_ecc) - { - (void) GNUNET_OS_process_kill (gc->gnunet_ecc, SIGKILL); - GNUNET_break (GNUNET_OK == - GNUNET_OS_process_wait (gc->gnunet_ecc)); - GNUNET_OS_process_destroy (gc->gnunet_ecc); - GNUNET_DISK_pipe_close (gc->gnunet_ecc_out); - } - - if (NULL != gc->filename) - { - if (0 != UNLINK (gc->filename)) - GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "unlink", gc->filename); - GNUNET_free (gc->filename); - } - if (NULL != gc->pk) - GNUNET_CRYPTO_ecc_key_free (gc->pk); - GNUNET_free (gc); -} - - -/** - * Task called upon shutdown or process termination of 'gnunet-ecc' during - * ECC key generation. Check where we are and perform the appropriate - * action. - * - * @param cls the 'struct GNUNET_CRYPTO_EccKeyGenerationContext' - * @param tc scheduler context - */ -static void -check_key_generation_completion (void *cls, - const struct GNUNET_SCHEDULER_TaskContext *tc) -{ - struct GNUNET_CRYPTO_EccKeyGenerationContext *gc = cls; - struct GNUNET_CRYPTO_EccPrivateKey *pk; - - gc->read_task = GNUNET_SCHEDULER_NO_TASK; - if (0 != (tc->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN)) - { - gc->cont (gc->cont_cls, NULL, _("interrupted by shutdown")); - GNUNET_CRYPTO_ecc_key_create_stop (gc); - return; - } - GNUNET_assert (GNUNET_OK == - GNUNET_OS_process_wait (gc->gnunet_ecc)); - GNUNET_OS_process_destroy (gc->gnunet_ecc); - gc->gnunet_ecc = NULL; - if (NULL == (pk = try_read_key (gc->filename))) - { - GNUNET_break (0); - gc->cont (gc->cont_cls, NULL, _("gnunet-ecc failed")); - GNUNET_CRYPTO_ecc_key_create_stop (gc); - return; - } - gc->cont (gc->cont_cls, pk, NULL); - GNUNET_DISK_pipe_close (gc->gnunet_ecc_out); - GNUNET_free (gc->filename); - GNUNET_free (gc); -} - - -/** - * Return the private ECC key which already existed on disk - * (asynchronously) to the caller. - * - * @param cls the 'struct GNUNET_CRYPTO_EccKeyGenerationContext' - * @param tc scheduler context (unused) - */ -static void -async_return_key (void *cls, - const struct GNUNET_SCHEDULER_TaskContext *tc) -{ - struct GNUNET_CRYPTO_EccKeyGenerationContext *gc = cls; - - gc->cont (gc->cont_cls, - gc->pk, - NULL); - GNUNET_free (gc); -} - - -/** - * Create a new private key by reading it from a file. If the files - * does not exist, create a new key and write it to the file. If the - * contents of the file are invalid the old file is deleted and a - * fresh key is created. - * - * @param filename name of file to use for storage - * @param cont function to call when done (or on errors) - * @param cont_cls closure for 'cont' - * @return handle to abort operation, NULL on fatal errors (cont will not be called if NULL is returned) + * @return new private key, NULL on error (for example, + * permission denied) */ -struct GNUNET_CRYPTO_EccKeyGenerationContext * -GNUNET_CRYPTO_ecc_key_create_start (const char *filename, - GNUNET_CRYPTO_EccKeyCallback cont, - void *cont_cls) +struct GNUNET_CRYPTO_EccPrivateKey * +GNUNET_CRYPTO_ecc_key_create_from_configuration (const struct GNUNET_CONFIGURATION_Handle *cfg) { - struct GNUNET_CRYPTO_EccKeyGenerationContext *gc; struct GNUNET_CRYPTO_EccPrivateKey *pk; + char *fn; - if (NULL != (pk = try_read_key (filename))) - { - /* quick happy ending: key already exists! */ - gc = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_EccKeyGenerationContext)); - gc->pk = pk; - gc->cont = cont; - gc->cont_cls = cont_cls; - gc->read_task = GNUNET_SCHEDULER_add_now (&async_return_key, - gc); - return gc; - } - gc = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_EccKeyGenerationContext)); - gc->filename = GNUNET_strdup (filename); - gc->cont = cont; - gc->cont_cls = cont_cls; - gc->gnunet_ecc_out = GNUNET_DISK_pipe (GNUNET_NO, - GNUNET_NO, - GNUNET_NO, - GNUNET_YES); - if (NULL == gc->gnunet_ecc_out) - { - GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "pipe"); - GNUNET_free (gc->filename); - GNUNET_free (gc); - return NULL; - } - gc->gnunet_ecc = GNUNET_OS_start_process (GNUNET_NO, - GNUNET_OS_INHERIT_STD_ERR, - NULL, - gc->gnunet_ecc_out, - "gnunet-ecc", - "gnunet-ecc", - gc->filename, - NULL); - if (NULL == gc->gnunet_ecc) - { - GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "fork"); - GNUNET_DISK_pipe_close (gc->gnunet_ecc_out); - GNUNET_free (gc->filename); - GNUNET_free (gc); + if (GNUNET_OK != + GNUNET_CONFIGURATION_get_value_filename (cfg, "PEER", "PRIVATE_KEY", &fn)) return NULL; - } - GNUNET_assert (GNUNET_OK == - GNUNET_DISK_pipe_close_end (gc->gnunet_ecc_out, - GNUNET_DISK_PIPE_END_WRITE)); - gc->read_task = GNUNET_SCHEDULER_add_read_file (GNUNET_TIME_UNIT_FOREVER_REL, - GNUNET_DISK_pipe_handle (gc->gnunet_ecc_out, - GNUNET_DISK_PIPE_END_READ), - &check_key_generation_completion, - gc); - return gc; + pk = GNUNET_CRYPTO_ecc_key_create_from_file (fn); + GNUNET_free (fn); + return pk; } @@ -901,19 +642,41 @@ GNUNET_CRYPTO_ecc_setup_key (const char *cfg_name) { struct GNUNET_CONFIGURATION_Handle *cfg; struct GNUNET_CRYPTO_EccPrivateKey *pk; - char *fn; cfg = GNUNET_CONFIGURATION_create (); (void) GNUNET_CONFIGURATION_load (cfg, cfg_name); - if (GNUNET_OK == - GNUNET_CONFIGURATION_get_value_filename (cfg, "PEER", "PRIVATE_KEY", &fn)) + pk = GNUNET_CRYPTO_ecc_key_create_from_configuration (cfg); + if (NULL != pk) + GNUNET_CRYPTO_ecc_key_free (pk); + GNUNET_CONFIGURATION_destroy (cfg); +} + + +/** + * Retrieve the identity of the host's peer. + * + * @param cfg configuration to use + * @param dst pointer to where to write the peer identity + * @return GNUNET_OK on success, GNUNET_SYSERR if the identity + * could not be retrieved + */ +int +GNUNET_CRYPTO_get_host_identity (const struct GNUNET_CONFIGURATION_Handle *cfg, + struct GNUNET_PeerIdentity *dst) +{ + struct GNUNET_CRYPTO_EccPrivateKey *my_private_key; + struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded my_public_key; + + if (NULL == (my_private_key = GNUNET_CRYPTO_ecc_key_create_from_configuration (cfg))) { - pk = GNUNET_CRYPTO_ecc_key_create_from_file (fn); - if (NULL != pk) - GNUNET_CRYPTO_ecc_key_free (pk); - GNUNET_free (fn); + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + _("Could not load peer's private key\n")); + return GNUNET_SYSERR; } - GNUNET_CONFIGURATION_destroy (cfg); + GNUNET_CRYPTO_ecc_key_get_public (my_private_key, &my_public_key); + GNUNET_CRYPTO_ecc_key_free (my_private_key); + GNUNET_CRYPTO_hash (&my_public_key, sizeof (my_public_key), &dst->hashPubKey); + return GNUNET_OK; }