-clone elimination, adding some documentation

author: Christian Grothoff <christian@grothoff.org> 2012-03-17 16:04:18 +0000
committer: Christian Grothoff <christian@grothoff.org> 2012-03-17 16:04:18 +0000
commit: 37ec274916f6755483d9e65aabcc832f6cb1b2b7 (patch)
tree: e17c12c5398755577666a5e1bf6feea0b253c6e4 /src
parent: 9ceed8e771c4104534082ae97919677d6786f5c8 (diff)
download: gnunet-37ec274916f6755483d9e65aabcc832f6cb1b2b7.tar.gz
gnunet-37ec274916f6755483d9e65aabcc832f6cb1b2b7.zip
1 files changed, 29 insertions, 166 deletions
diff --git a/src/util/crypto_ksk.c b/src/util/crypto_ksk.c
index 0f5a29507..274457b61 100644
--- a/src/util/crypto_ksk.c
+++ b/src/util/crypto_ksk.c
@@ -557,202 +557,65 @@ makeKblockKeyInternal (const GNUNET_HashCode * hc)
 /**
- * Decode the internal format into the format used
+ * Entry in the KSK cache.
- * by libgcrypt.
 */
-static struct GNUNET_CRYPTO_RsaPrivateKey *
-ksk_decode_key (const struct KskRsaPrivateKeyBinaryEncoded *encoding)
-{
-  struct GNUNET_CRYPTO_RsaPrivateKey *ret;
-  gcry_sexp_t res;
-  gcry_mpi_t n, e, d, p, q, u;
-  int rc;
-  size_t size;
-  int pos;
-  pos = 0;
-  size = ntohs (encoding->sizen);
-  rc = gcry_mpi_scan (&n, GCRYMPI_FMT_USG,
-                      &((const unsigned char *) (&encoding[1]))[pos], size,
-                      &size);
-  pos += ntohs (encoding->sizen);
-  if (rc)
-  {
-    LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
-    return NULL;
-  }
-  size = ntohs (encoding->sizee);
-  rc = gcry_mpi_scan (&e, GCRYMPI_FMT_USG,
-                      &((const unsigned char *) (&encoding[1]))[pos], size,
-                      &size);
-  pos += ntohs (encoding->sizee);
-  if (rc)
-  {
-    LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
-    gcry_mpi_release (n);
-    return NULL;
-  }
-  size = ntohs (encoding->sized);
-  rc = gcry_mpi_scan (&d, GCRYMPI_FMT_USG,
-                      &((const unsigned char *) (&encoding[1]))[pos], size,
-                      &size);
-  pos += ntohs (encoding->sized);
-  if (rc)
-  {
-    LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
-    gcry_mpi_release (n);
-    gcry_mpi_release (e);
-    return NULL;
-  }
-  /* swap p and q! */
-  size = ntohs (encoding->sizep);
-  if (size > 0)
-  {
-    rc = gcry_mpi_scan (&q, GCRYMPI_FMT_USG,
-                        &((const unsigned char *) (&encoding[1]))[pos], size,
-                        &size);
-    pos += ntohs (encoding->sizep);
-    if (rc)
-    {
-      LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
-      gcry_mpi_release (n);
-      gcry_mpi_release (e);
-      gcry_mpi_release (d);
-      return NULL;
-    }
-  }
-  else
-    q = NULL;
-  size = ntohs (encoding->sizeq);
-  if (size > 0)
-  {
-    rc = gcry_mpi_scan (&p, GCRYMPI_FMT_USG,
-                        &((const unsigned char *) (&encoding[1]))[pos], size,
-                        &size);
-    pos += ntohs (encoding->sizeq);
-    if (rc)
-    {
-      LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
-      gcry_mpi_release (n);
-      gcry_mpi_release (e);
-      gcry_mpi_release (d);
-      if (q != NULL)
-        gcry_mpi_release (q);
-      return NULL;
-    }
-  }
-  else
-    p = NULL;
-  pos += ntohs (encoding->sizedmp1);
-  pos += ntohs (encoding->sizedmq1);
-  size =
-      ntohs (encoding->len) - sizeof (struct KskRsaPrivateKeyBinaryEncoded) -
-      pos;
-  if (size > 0)
-  {
-    rc = gcry_mpi_scan (&u, GCRYMPI_FMT_USG,
-                        &((const unsigned char *) (&encoding[1]))[pos], size,
-                        &size);
-    if (rc)
-    {
-      LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
-      gcry_mpi_release (n);
-      gcry_mpi_release (e);
-      gcry_mpi_release (d);
-      if (p != NULL)
-        gcry_mpi_release (p);
-      if (q != NULL)
-        gcry_mpi_release (q);
-      return NULL;
-    }
-  }
-  else
-    u = NULL;
-  if ((p != NULL) && (q != NULL) && (u != NULL))
-  {
-    rc = gcry_sexp_build (&res, &size,  /* erroff */
-                          "(private-key(rsa(n %m)(e %m)(d %m)(p %m)(q %m)(u %m)))",
-                          n, e, d, p, q, u);
-  }
-  else
-  {
-    if ((p != NULL) && (q != NULL))
-    {
-      rc = gcry_sexp_build (&res, &size,        /* erroff */
-                            "(private-key(rsa(n %m)(e %m)(d %m)(p %m)(q %m)))",
-                            n, e, d, p, q);
-    }
-    else
-    {
-      rc = gcry_sexp_build (&res, &size,        /* erroff */
-                            "(private-key(rsa(n %m)(e %m)(d %m)))", n, e, d);
-    }
-  }
-  gcry_mpi_release (n);
-  gcry_mpi_release (e);
-  gcry_mpi_release (d);
-  if (p != NULL)
-    gcry_mpi_release (p);
-  if (q != NULL)
-    gcry_mpi_release (q);
-  if (u != NULL)
-    gcry_mpi_release (u);
-  if (rc)
-    LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
-#if EXTRA_CHECKS
-  if (gcry_pk_testkey (res))
-  {
-    LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_pk_testkey", rc);
-    return NULL;
-  }
-#endif
-  ret = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_RsaPrivateKey));
-  ret->sexp = res;
-  return ret;
-}
 struct KBlockKeyCacheLine
 {
+  /**
+   * Hash from which the key was generated.
+   */
  GNUNET_HashCode hc;
+  /**
+   * The encoded key.
+   */
  struct KskRsaPrivateKeyBinaryEncoded *pke;
 };
+/**
+ * Cached KSK keys so that we don't have to recompute them
+ * all the time.
+ */
 static struct KBlockKeyCacheLine **cache;
+/**
+ * Size of the 'cache' array.
+ */
 static unsigned int cacheSize;
 /**
 * Deterministically (!) create a hostkey using only the
 * given HashCode as input to the PRNG.
+ *
+ * @param hc hash code to generate the key from
+ * @return corresponding private key; must not be freed!
 */
 struct GNUNET_CRYPTO_RsaPrivateKey *
 GNUNET_CRYPTO_rsa_key_create_from_hash (const GNUNET_HashCode * hc)
 {
-  struct GNUNET_CRYPTO_RsaPrivateKey *ret;
  struct KBlockKeyCacheLine *line;
  unsigned int i;
-  for (i = 0; i < cacheSize; i++)
+  for (i = 0; i < cacheSize; i++)  
-  {
    if (0 == memcmp (hc, &cache[i]->hc, sizeof (GNUNET_HashCode)))
-    {
+      return GNUNET_CRYPTO_rsa_decode_key ((const char*) cache[i]->pke,
-      ret = ksk_decode_key (cache[i]->pke);
+                                           ntohs (cache[i]->pke->len));  
-      return ret;
-    }
-  }
  line = GNUNET_malloc (sizeof (struct KBlockKeyCacheLine));
  line->hc = *hc;
  line->pke = makeKblockKeyInternal (hc);
  GNUNET_array_grow (cache, cacheSize, cacheSize + 1);
  cache[cacheSize - 1] = line;
-  return ksk_decode_key (line->pke);
+  return GNUNET_CRYPTO_rsa_decode_key ((const char*) line->pke,
+                                       ntohs (line->pke->len));
 }
+/**
+ * Destructor that frees the KSK cache.
+ */
 void __attribute__ ((destructor)) GNUNET_CRYPTO_ksk_fini ()
 {
  unsigned int i;
author	Christian Grothoff <christian@grothoff.org>	2012-03-17 16:04:18 +0000
committer	Christian Grothoff <christian@grothoff.org>	2012-03-17 16:04:18 +0000
commit	37ec274916f6755483d9e65aabcc832f6cb1b2b7 (patch)
tree	e17c12c5398755577666a5e1bf6feea0b253c6e4 /src
parent	9ceed8e771c4104534082ae97919677d6786f5c8 (diff)
download	gnunet-37ec274916f6755483d9e65aabcc832f6cb1b2b7.tar.gz gnunet-37ec274916f6755483d9e65aabcc832f6cb1b2b7.zip

diff --git a/src/util/crypto_ksk.c b/src/util/crypto_ksk.c index 0f5a29507..274457b61 100644 --- a/src/util/crypto_ksk.c +++ b/src/util/crypto_ksk.c
@@ -557,202 +557,65 @@ makeKblockKeyInternal (const GNUNET_HashCode * hc)
557		557
558		558
559	/**	559	/**
560	* Decode the internal format into the format used	560	* Entry in the KSK cache.
561	* by libgcrypt.
562	*/	561	*/
563	static struct GNUNET_CRYPTO_RsaPrivateKey *
564	ksk_decode_key (const struct KskRsaPrivateKeyBinaryEncoded *encoding)
565	{
566	struct GNUNET_CRYPTO_RsaPrivateKey *ret;
567	gcry_sexp_t res;
568	gcry_mpi_t n, e, d, p, q, u;
569	int rc;
570	size_t size;
571	int pos;
572
573	pos = 0;
574	size = ntohs (encoding->sizen);
575	rc = gcry_mpi_scan (&n, GCRYMPI_FMT_USG,
576	&((const unsigned char *) (&encoding[1]))[pos], size,
577	&size);
578	pos += ntohs (encoding->sizen);
579	if (rc)
580	{
581	LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
582	return NULL;
583	}
584	size = ntohs (encoding->sizee);
585	rc = gcry_mpi_scan (&e, GCRYMPI_FMT_USG,
586	&((const unsigned char *) (&encoding[1]))[pos], size,
587	&size);
588	pos += ntohs (encoding->sizee);
589	if (rc)
590	{
591	LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
592	gcry_mpi_release (n);
593	return NULL;
594	}
595	size = ntohs (encoding->sized);
596	rc = gcry_mpi_scan (&d, GCRYMPI_FMT_USG,
597	&((const unsigned char *) (&encoding[1]))[pos], size,
598	&size);
599	pos += ntohs (encoding->sized);
600	if (rc)
601	{
602	LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
603	gcry_mpi_release (n);
604	gcry_mpi_release (e);
605	return NULL;
606	}
607	/* swap p and q! */
608	size = ntohs (encoding->sizep);
609	if (size > 0)
610	{
611	rc = gcry_mpi_scan (&q, GCRYMPI_FMT_USG,
612	&((const unsigned char *) (&encoding[1]))[pos], size,
613	&size);
614	pos += ntohs (encoding->sizep);
615	if (rc)
616	{
617	LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
618	gcry_mpi_release (n);
619	gcry_mpi_release (e);
620	gcry_mpi_release (d);
621	return NULL;
622	}
623	}
624	else
625	q = NULL;
626	size = ntohs (encoding->sizeq);
627	if (size > 0)
628	{
629	rc = gcry_mpi_scan (&p, GCRYMPI_FMT_USG,
630	&((const unsigned char *) (&encoding[1]))[pos], size,
631	&size);
632	pos += ntohs (encoding->sizeq);
633	if (rc)
634	{
635	LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
636	gcry_mpi_release (n);
637	gcry_mpi_release (e);
638	gcry_mpi_release (d);
639	if (q != NULL)
640	gcry_mpi_release (q);
641	return NULL;
642	}
643	}
644	else
645	p = NULL;
646	pos += ntohs (encoding->sizedmp1);
647	pos += ntohs (encoding->sizedmq1);
648	size =
649	ntohs (encoding->len) - sizeof (struct KskRsaPrivateKeyBinaryEncoded) -
650	pos;
651	if (size > 0)
652	{
653	rc = gcry_mpi_scan (&u, GCRYMPI_FMT_USG,
654	&((const unsigned char *) (&encoding[1]))[pos], size,
655	&size);
656	if (rc)
657	{
658	LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
659	gcry_mpi_release (n);
660	gcry_mpi_release (e);
661	gcry_mpi_release (d);
662	if (p != NULL)
663	gcry_mpi_release (p);
664	if (q != NULL)
665	gcry_mpi_release (q);
666	return NULL;
667	}
668	}
669	else
670	u = NULL;
671
672	if ((p != NULL) && (q != NULL) && (u != NULL))
673	{
674	rc = gcry_sexp_build (&res, &size, /* erroff */
675	"(private-key(rsa(n %m)(e %m)(d %m)(p %m)(q %m)(u %m)))",
676	n, e, d, p, q, u);
677	}
678	else
679	{
680	if ((p != NULL) && (q != NULL))
681	{
682	rc = gcry_sexp_build (&res, &size, /* erroff */
683	"(private-key(rsa(n %m)(e %m)(d %m)(p %m)(q %m)))",
684	n, e, d, p, q);
685	}
686	else
687	{
688	rc = gcry_sexp_build (&res, &size, /* erroff */
689	"(private-key(rsa(n %m)(e %m)(d %m)))", n, e, d);
690	}
691	}
692	gcry_mpi_release (n);
693	gcry_mpi_release (e);
694	gcry_mpi_release (d);
695	if (p != NULL)
696	gcry_mpi_release (p);
697	if (q != NULL)
698	gcry_mpi_release (q);
699	if (u != NULL)
700	gcry_mpi_release (u);
701
702	if (rc)
703	LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
704	#if EXTRA_CHECKS
705	if (gcry_pk_testkey (res))
706	{
707	LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_pk_testkey", rc);
708	return NULL;
709	}
710	#endif
711	ret = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_RsaPrivateKey));
712	ret->sexp = res;
713	return ret;
714	}
715
716
717	struct KBlockKeyCacheLine	562	struct KBlockKeyCacheLine
718	{	563	{
		564	/**
		565	* Hash from which the key was generated.
		566	*/
719	GNUNET_HashCode hc;	567	GNUNET_HashCode hc;
		568
		569	/**
		570	* The encoded key.
		571	*/
720	struct KskRsaPrivateKeyBinaryEncoded *pke;	572	struct KskRsaPrivateKeyBinaryEncoded *pke;
721	};	573	};
722		574
		575
		576	/**
		577	* Cached KSK keys so that we don't have to recompute them
		578	* all the time.
		579	*/
723	static struct KBlockKeyCacheLine **cache;	580	static struct KBlockKeyCacheLine **cache;
724		581
		582
		583	/**
		584	* Size of the 'cache' array.
		585	*/
725	static unsigned int cacheSize;	586	static unsigned int cacheSize;
726		587
		588
727	/**	589	/**
728	* Deterministically (!) create a hostkey using only the	590	* Deterministically (!) create a hostkey using only the
729	* given HashCode as input to the PRNG.	591	* given HashCode as input to the PRNG.
		592	*
		593	* @param hc hash code to generate the key from
		594	* @return corresponding private key; must not be freed!
730	*/	595	*/
731	struct GNUNET_CRYPTO_RsaPrivateKey *	596	struct GNUNET_CRYPTO_RsaPrivateKey *
732	GNUNET_CRYPTO_rsa_key_create_from_hash (const GNUNET_HashCode * hc)	597	GNUNET_CRYPTO_rsa_key_create_from_hash (const GNUNET_HashCode * hc)
733	{	598	{
734	struct GNUNET_CRYPTO_RsaPrivateKey *ret;
735	struct KBlockKeyCacheLine *line;	599	struct KBlockKeyCacheLine *line;
736	unsigned int i;	600	unsigned int i;
737		601
738	for (i = 0; i < cacheSize; i++)	602	for (i = 0; i < cacheSize; i++)
739	{
740	if (0 == memcmp (hc, &cache[i]->hc, sizeof (GNUNET_HashCode)))	603	if (0 == memcmp (hc, &cache[i]->hc, sizeof (GNUNET_HashCode)))
741	{	604	return GNUNET_CRYPTO_rsa_decode_key ((const char*) cache[i]->pke,
742	ret = ksk_decode_key (cache[i]->pke);	605	ntohs (cache[i]->pke->len));
743	return ret;
744	}
745	}
746
747	line = GNUNET_malloc (sizeof (struct KBlockKeyCacheLine));	606	line = GNUNET_malloc (sizeof (struct KBlockKeyCacheLine));
748	line->hc = *hc;	607	line->hc = *hc;
749	line->pke = makeKblockKeyInternal (hc);	608	line->pke = makeKblockKeyInternal (hc);
750	GNUNET_array_grow (cache, cacheSize, cacheSize + 1);	609	GNUNET_array_grow (cache, cacheSize, cacheSize + 1);
751	cache[cacheSize - 1] = line;	610	cache[cacheSize - 1] = line;
752	return ksk_decode_key (line->pke);	611	return GNUNET_CRYPTO_rsa_decode_key ((const char*) line->pke,
		612	ntohs (line->pke->len));
753	}	613	}
754		614
755		615
		616	/**
		617	* Destructor that frees the KSK cache.
		618	*/
756	void __attribute__ ((destructor)) GNUNET_CRYPTO_ksk_fini ()	619	void __attribute__ ((destructor)) GNUNET_CRYPTO_ksk_fini ()
757	{	620	{
758	unsigned int i;	621	unsigned int i;