X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=src%2Futil%2Fcrypto_rsa.c;h=5820065301f0a20b541600b151bc74ab91dd6ec8;hb=d47f834c1f2de41c9fba74a4b6928e7c8e0679e0;hp=cbd9f8f372bc963940dbcca4385ce712914b3cf6;hpb=728f0ae2abed76d72ebb4222e83c660a18ad79ac;p=oweals%2Fgnunet.git diff --git a/src/util/crypto_rsa.c b/src/util/crypto_rsa.c index cbd9f8f37..582006530 100644 --- a/src/util/crypto_rsa.c +++ b/src/util/crypto_rsa.c @@ -566,25 +566,46 @@ GNUNET_CRYPTO_rsa_key_create_from_file (const char *filename) unsigned int cnt; int ec; uint64_t fs; + struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pub; + struct GNUNET_PeerIdentity pid; if (GNUNET_SYSERR == GNUNET_DISK_directory_create_for_file (filename)) return NULL; while (GNUNET_YES != GNUNET_DISK_file_test (filename)) { - fd = GNUNET_DISK_file_open (filename, - GNUNET_DISK_OPEN_WRITE | GNUNET_DISK_OPEN_CREATE | GNUNET_DISK_OPEN_FAILIFEXISTS, - GNUNET_DISK_PERM_USER_READ| GNUNET_DISK_PERM_USER_WRITE | GNUNET_DISK_PERM_GROUP_READ); + fd = GNUNET_DISK_file_open (filename, + GNUNET_DISK_OPEN_WRITE | + GNUNET_DISK_OPEN_CREATE | + GNUNET_DISK_OPEN_FAILIFEXISTS, + GNUNET_DISK_PERM_USER_READ | + GNUNET_DISK_PERM_USER_WRITE); if (NULL == fd) { if (errno == EEXIST) - continue; + { + if (GNUNET_YES != GNUNET_DISK_file_test (filename)) + { + /* must exist but not be accessible, fail for good! */ + if (0 != ACCESS (filename, R_OK)) + GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, + "access", filename); + else + GNUNET_break (0); /* what is going on!? */ + return NULL; + } + continue; + } GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, "open", filename); return NULL; } cnt = 0; - while (GNUNET_YES != GNUNET_DISK_file_lock (fd, 0, sizeof (struct RsaPrivateKeyBinaryEncoded), GNUNET_YES)) + while (GNUNET_YES != + GNUNET_DISK_file_lock (fd, 0, + sizeof (struct + RsaPrivateKeyBinaryEncoded), + GNUNET_YES)) { sleep (1); if (0 == ++cnt % 10) @@ -602,21 +623,29 @@ GNUNET_CRYPTO_rsa_key_create_from_file (const char *filename) GNUNET_assert (ret != NULL); enc = rsa_encode_key (ret); GNUNET_assert (enc != NULL); - GNUNET_assert (ntohs (enc->len) == GNUNET_DISK_file_write (fd, enc, ntohs (enc->len))); + GNUNET_assert (ntohs (enc->len) == + GNUNET_DISK_file_write (fd, enc, ntohs (enc->len))); GNUNET_free (enc); GNUNET_DISK_file_sync (fd); - if (GNUNET_YES != GNUNET_DISK_file_unlock (fd, 0, sizeof (struct RsaPrivateKeyBinaryEncoded))) - GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, - "fcntl", filename); + if (GNUNET_YES != + GNUNET_DISK_file_unlock (fd, 0, + sizeof (struct + RsaPrivateKeyBinaryEncoded))) + GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "fcntl", + filename); GNUNET_assert (GNUNET_YES == GNUNET_DISK_file_close (fd)); + GNUNET_CRYPTO_rsa_key_get_public (ret, &pub); + GNUNET_CRYPTO_hash (&pub, sizeof (pub), &pid.hashPubKey); GNUNET_log (GNUNET_ERROR_TYPE_INFO, - _("Stored new private key in `%s'.\n"), filename); + _("I am host `%s'. Stored new private key in `%s'.\n"), + GNUNET_i2s (&pid), + filename); return ret; } /* hostkey file exists already, read it! */ fd = GNUNET_DISK_file_open (filename, GNUNET_DISK_OPEN_READ, - GNUNET_DISK_PERM_NONE); + GNUNET_DISK_PERM_NONE); if (NULL == fd) { GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, "open", filename); @@ -625,9 +654,12 @@ GNUNET_CRYPTO_rsa_key_create_from_file (const char *filename) cnt = 0; while (1) { - if (GNUNET_YES != GNUNET_DISK_file_lock (fd, 0, sizeof (struct RsaPrivateKeyBinaryEncoded), GNUNET_NO)) + if (GNUNET_YES != + GNUNET_DISK_file_lock (fd, 0, + sizeof (struct RsaPrivateKeyBinaryEncoded), + GNUNET_NO)) { - if (0 == ++cnt % 10) + if (0 == ++cnt % 60) { ec = errno; GNUNET_log (GNUNET_ERROR_TYPE_ERROR, @@ -645,9 +677,12 @@ GNUNET_CRYPTO_rsa_key_create_from_file (const char *filename) /* eh, what!? File we opened is now gone!? */ GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "stat", filename); - if (GNUNET_YES != GNUNET_DISK_file_unlock (fd, 0, sizeof (struct RsaPrivateKeyBinaryEncoded))) - GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, - "fcntl", filename); + if (GNUNET_YES != + GNUNET_DISK_file_unlock (fd, 0, + sizeof (struct + RsaPrivateKeyBinaryEncoded))) + GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "fcntl", + filename); GNUNET_assert (GNUNET_OK == GNUNET_DISK_file_close (fd)); return NULL; @@ -658,9 +693,12 @@ GNUNET_CRYPTO_rsa_key_create_from_file (const char *filename) { /* maybe we got the read lock before the hostkey generating process had a chance to get the write lock; give it up! */ - if (GNUNET_YES != GNUNET_DISK_file_unlock (fd, 0, sizeof (struct RsaPrivateKeyBinaryEncoded))) - GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, - "fcntl", filename); + if (GNUNET_YES != + GNUNET_DISK_file_unlock (fd, 0, + sizeof (struct + RsaPrivateKeyBinaryEncoded))) + GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "fcntl", + filename); if (0 == ++cnt % 10) { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, @@ -686,13 +724,30 @@ GNUNET_CRYPTO_rsa_key_create_from_file (const char *filename) { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, _ - ("File `%s' does not contain a valid private key. You should delete it.\n"), + ("File `%s' does not contain a valid private key. Deleting it.\n"), filename); + if (0 != UNLINK (filename)) + { + GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, + "unlink", + filename); + } } GNUNET_free (enc); - if (GNUNET_YES != GNUNET_DISK_file_unlock (fd, 0, sizeof (struct RsaPrivateKeyBinaryEncoded))) + if (GNUNET_YES != + GNUNET_DISK_file_unlock (fd, 0, + sizeof (struct RsaPrivateKeyBinaryEncoded))) GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename); GNUNET_assert (GNUNET_YES == GNUNET_DISK_file_close (fd)); + if (ret != NULL) + { + GNUNET_CRYPTO_rsa_key_get_public (ret, &pub); + GNUNET_CRYPTO_hash (&pub, sizeof (pub), &pid.hashPubKey); + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + _("I am host `%s'. Read private key from `%s'.\n"), + GNUNET_i2s (&pid), + filename); + } return ret; } @@ -724,6 +779,8 @@ GNUNET_CRYPTO_rsa_encrypt (const void *block, GNUNET_assert (size <= sizeof (GNUNET_HashCode)); pubkey = public2PrivateKey (publicKey); + if (pubkey == NULL) + return GNUNET_SYSERR; isize = size; GNUNET_assert (0 == gcry_mpi_scan (&val, GCRYMPI_FMT_USG, block, isize, &isize)); @@ -758,10 +815,9 @@ GNUNET_CRYPTO_rsa_encrypt (const void *block, * @return the size of the decrypted block, -1 on error */ ssize_t -GNUNET_CRYPTO_rsa_decrypt (const struct GNUNET_CRYPTO_RsaPrivateKey *key, - const struct GNUNET_CRYPTO_RsaEncryptedData *block, - void *result, - size_t max) +GNUNET_CRYPTO_rsa_decrypt (const struct GNUNET_CRYPTO_RsaPrivateKey * key, + const struct GNUNET_CRYPTO_RsaEncryptedData * + block, void *result, size_t max) { gcry_sexp_t resultsexp; gcry_sexp_t data;