diff options
author | Matthias Wachs <wachs@net.in.tum.de> | 2012-02-29 19:21:20 +0000 |
---|---|---|
committer | Matthias Wachs <wachs@net.in.tum.de> | 2012-02-29 19:21:20 +0000 |
commit | e2eb1cbf30d6f59d9ad94e104317b245ef9b1d56 (patch) | |
tree | e4e4b8a6f03f5cff579ca093a333ca4a7a353591 /src | |
parent | 46ba82641c0feb4b04ff489038543e576a0c78ee (diff) | |
download | gnunet-e2eb1cbf30d6f59d9ad94e104317b245ef9b1d56.tar.gz gnunet-e2eb1cbf30d6f59d9ad94e104317b245ef9b1d56.zip |
serialize privat key
Diffstat (limited to 'src')
-rw-r--r-- | src/include/gnunet_crypto_lib.h | 35 | ||||
-rw-r--r-- | src/util/crypto_rsa.c | 61 |
2 files changed, 52 insertions, 44 deletions
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h index 63d3ee418..3d2c946b0 100644 --- a/src/include/gnunet_crypto_lib.h +++ b/src/include/gnunet_crypto_lib.h | |||
@@ -101,6 +101,32 @@ enum GNUNET_CRYPTO_Quality | |||
101 | */ | 101 | */ |
102 | struct GNUNET_CRYPTO_RsaPrivateKey; | 102 | struct GNUNET_CRYPTO_RsaPrivateKey; |
103 | 103 | ||
104 | GNUNET_NETWORK_STRUCT_BEGIN | ||
105 | |||
106 | /** | ||
107 | * GNUnet mandates a certain format for the encoding | ||
108 | * of private RSA key information that is provided | ||
109 | * by the RSA implementations. This format is used | ||
110 | * to serialize a private RSA key (typically when | ||
111 | * writing it to disk). | ||
112 | */ | ||
113 | struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded | ||
114 | { | ||
115 | /** | ||
116 | * Total size of the structure, in bytes, in big-endian! | ||
117 | */ | ||
118 | uint16_t len GNUNET_PACKED; | ||
119 | uint16_t sizen GNUNET_PACKED; /* in big-endian! */ | ||
120 | uint16_t sizee GNUNET_PACKED; /* in big-endian! */ | ||
121 | uint16_t sized GNUNET_PACKED; /* in big-endian! */ | ||
122 | uint16_t sizep GNUNET_PACKED; /* in big-endian! */ | ||
123 | uint16_t sizeq GNUNET_PACKED; /* in big-endian! */ | ||
124 | uint16_t sizedmp1 GNUNET_PACKED; /* in big-endian! */ | ||
125 | uint16_t sizedmq1 GNUNET_PACKED; /* in big-endian! */ | ||
126 | /* followed by the actual values */ | ||
127 | }; | ||
128 | GNUNET_NETWORK_STRUCT_END | ||
129 | |||
104 | 130 | ||
105 | /** | 131 | /** |
106 | * @brief 0-terminated ASCII encoding of a GNUNET_HashCode. | 132 | * @brief 0-terminated ASCII encoding of a GNUNET_HashCode. |
@@ -736,6 +762,15 @@ struct GNUNET_CRYPTO_RsaPrivateKey * | |||
736 | GNUNET_CRYPTO_rsa_key_create (void); | 762 | GNUNET_CRYPTO_rsa_key_create (void); |
737 | 763 | ||
738 | /** | 764 | /** |
765 | * Encode the private key in a format suitable for | ||
766 | * storing it into a file. | ||
767 | * @returns encoding of the private key. | ||
768 | * The first 4 bytes give the size of the array, as usual. | ||
769 | */ | ||
770 | struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded * | ||
771 | GNUNET_CRYPTO_rsa_encode_key (const struct GNUNET_CRYPTO_RsaPrivateKey *hostkey); | ||
772 | |||
773 | /** | ||
739 | * Decode the private key from the data-format back | 774 | * Decode the private key from the data-format back |
740 | * to the "normal", internal format. | 775 | * to the "normal", internal format. |
741 | * | 776 | * |
diff --git a/src/util/crypto_rsa.c b/src/util/crypto_rsa.c index 5e3a7762e..0b1c9a128 100644 --- a/src/util/crypto_rsa.c +++ b/src/util/crypto_rsa.c | |||
@@ -53,32 +53,6 @@ struct GNUNET_CRYPTO_RsaPrivateKey | |||
53 | }; | 53 | }; |
54 | 54 | ||
55 | 55 | ||
56 | GNUNET_NETWORK_STRUCT_BEGIN | ||
57 | |||
58 | /** | ||
59 | * GNUnet mandates a certain format for the encoding | ||
60 | * of private RSA key information that is provided | ||
61 | * by the RSA implementations. This format is used | ||
62 | * to serialize a private RSA key (typically when | ||
63 | * writing it to disk). | ||
64 | */ | ||
65 | struct RsaPrivateKeyBinaryEncoded | ||
66 | { | ||
67 | /** | ||
68 | * Total size of the structure, in bytes, in big-endian! | ||
69 | */ | ||
70 | uint16_t len GNUNET_PACKED; | ||
71 | uint16_t sizen GNUNET_PACKED; /* in big-endian! */ | ||
72 | uint16_t sizee GNUNET_PACKED; /* in big-endian! */ | ||
73 | uint16_t sized GNUNET_PACKED; /* in big-endian! */ | ||
74 | uint16_t sizep GNUNET_PACKED; /* in big-endian! */ | ||
75 | uint16_t sizeq GNUNET_PACKED; /* in big-endian! */ | ||
76 | uint16_t sizedmp1 GNUNET_PACKED; /* in big-endian! */ | ||
77 | uint16_t sizedmq1 GNUNET_PACKED; /* in big-endian! */ | ||
78 | /* followed by the actual values */ | ||
79 | }; | ||
80 | GNUNET_NETWORK_STRUCT_END | ||
81 | |||
82 | #define HOSTKEY_LEN 2048 | 56 | #define HOSTKEY_LEN 2048 |
83 | 57 | ||
84 | #define EXTRA_CHECKS ALLOW_EXTRA_CHECKS | 58 | #define EXTRA_CHECKS ALLOW_EXTRA_CHECKS |
@@ -297,17 +271,16 @@ public2PrivateKey (const struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded | |||
297 | return ret; | 271 | return ret; |
298 | } | 272 | } |
299 | 273 | ||
300 | |||
301 | /** | 274 | /** |
302 | * Encode the private key in a format suitable for | 275 | * Encode the private key in a format suitable for |
303 | * storing it into a file. | 276 | * storing it into a file. |
304 | * @returns encoding of the private key. | 277 | * @returns encoding of the private key. |
305 | * The first 4 bytes give the size of the array, as usual. | 278 | * The first 4 bytes give the size of the array, as usual. |
306 | */ | 279 | */ |
307 | static struct RsaPrivateKeyBinaryEncoded * | 280 | struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded * |
308 | rsa_encode_key (const struct GNUNET_CRYPTO_RsaPrivateKey *hostkey) | 281 | GNUNET_CRYPTO_rsa_encode_key (const struct GNUNET_CRYPTO_RsaPrivateKey *hostkey) |
309 | { | 282 | { |
310 | struct RsaPrivateKeyBinaryEncoded *retval; | 283 | struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded *retval; |
311 | gcry_mpi_t pkv[6]; | 284 | gcry_mpi_t pkv[6]; |
312 | void *pbu[6]; | 285 | void *pbu[6]; |
313 | size_t sizes[6]; | 286 | size_t sizes[6]; |
@@ -336,7 +309,7 @@ rsa_encode_key (const struct GNUNET_CRYPTO_RsaPrivateKey *hostkey) | |||
336 | if (rc) | 309 | if (rc) |
337 | rc = key_from_sexp (pkv, hostkey->sexp, "rsa", "ned"); | 310 | rc = key_from_sexp (pkv, hostkey->sexp, "rsa", "ned"); |
338 | GNUNET_assert (0 == rc); | 311 | GNUNET_assert (0 == rc); |
339 | size = sizeof (struct RsaPrivateKeyBinaryEncoded); | 312 | size = sizeof (struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded); |
340 | for (i = 0; i < 6; i++) | 313 | for (i = 0; i < 6; i++) |
341 | { | 314 | { |
342 | if (pkv[i] != NULL) | 315 | if (pkv[i] != NULL) |
@@ -397,8 +370,8 @@ struct GNUNET_CRYPTO_RsaPrivateKey * | |||
397 | GNUNET_CRYPTO_rsa_decode_key (const char *buf, uint16_t len) | 370 | GNUNET_CRYPTO_rsa_decode_key (const char *buf, uint16_t len) |
398 | { | 371 | { |
399 | struct GNUNET_CRYPTO_RsaPrivateKey *ret; | 372 | struct GNUNET_CRYPTO_RsaPrivateKey *ret; |
400 | const struct RsaPrivateKeyBinaryEncoded *encoding = | 373 | const struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded *encoding = |
401 | (const struct RsaPrivateKeyBinaryEncoded *) buf; | 374 | (const struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded *) buf; |
402 | gcry_sexp_t res; | 375 | gcry_sexp_t res; |
403 | gcry_mpi_t n, e, d, p, q, u; | 376 | gcry_mpi_t n, e, d, p, q, u; |
404 | int rc; | 377 | int rc; |
@@ -486,7 +459,7 @@ GNUNET_CRYPTO_rsa_decode_key (const char *buf, uint16_t len) | |||
486 | pos += ntohs (encoding->sizedmp1); | 459 | pos += ntohs (encoding->sizedmp1); |
487 | pos += ntohs (encoding->sizedmq1); | 460 | pos += ntohs (encoding->sizedmq1); |
488 | size = | 461 | size = |
489 | ntohs (encoding->len) - sizeof (struct RsaPrivateKeyBinaryEncoded) - pos; | 462 | ntohs (encoding->len) - sizeof (struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded) - pos; |
490 | if (size > 0) | 463 | if (size > 0) |
491 | { | 464 | { |
492 | rc = gcry_mpi_scan (&u, GCRYMPI_FMT_USG, | 465 | rc = gcry_mpi_scan (&u, GCRYMPI_FMT_USG, |
@@ -570,7 +543,7 @@ struct GNUNET_CRYPTO_RsaPrivateKey * | |||
570 | GNUNET_CRYPTO_rsa_key_create_from_file (const char *filename) | 543 | GNUNET_CRYPTO_rsa_key_create_from_file (const char *filename) |
571 | { | 544 | { |
572 | struct GNUNET_CRYPTO_RsaPrivateKey *ret; | 545 | struct GNUNET_CRYPTO_RsaPrivateKey *ret; |
573 | struct RsaPrivateKeyBinaryEncoded *enc; | 546 | struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded *enc; |
574 | uint16_t len; | 547 | uint16_t len; |
575 | struct GNUNET_DISK_FileHandle *fd; | 548 | struct GNUNET_DISK_FileHandle *fd; |
576 | unsigned int cnt; | 549 | unsigned int cnt; |
@@ -610,7 +583,7 @@ GNUNET_CRYPTO_rsa_key_create_from_file (const char *filename) | |||
610 | 583 | ||
611 | while (GNUNET_YES != | 584 | while (GNUNET_YES != |
612 | GNUNET_DISK_file_lock (fd, 0, | 585 | GNUNET_DISK_file_lock (fd, 0, |
613 | sizeof (struct RsaPrivateKeyBinaryEncoded), | 586 | sizeof (struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded), |
614 | GNUNET_YES)) | 587 | GNUNET_YES)) |
615 | { | 588 | { |
616 | sleep (1); | 589 | sleep (1); |
@@ -626,7 +599,7 @@ GNUNET_CRYPTO_rsa_key_create_from_file (const char *filename) | |||
626 | _("Creating a new private key. This may take a while.\n")); | 599 | _("Creating a new private key. This may take a while.\n")); |
627 | ret = GNUNET_CRYPTO_rsa_key_create (); | 600 | ret = GNUNET_CRYPTO_rsa_key_create (); |
628 | GNUNET_assert (ret != NULL); | 601 | GNUNET_assert (ret != NULL); |
629 | enc = rsa_encode_key (ret); | 602 | enc = GNUNET_CRYPTO_rsa_encode_key (ret); |
630 | GNUNET_assert (enc != NULL); | 603 | GNUNET_assert (enc != NULL); |
631 | GNUNET_assert (ntohs (enc->len) == | 604 | GNUNET_assert (ntohs (enc->len) == |
632 | GNUNET_DISK_file_write (fd, enc, ntohs (enc->len))); | 605 | GNUNET_DISK_file_write (fd, enc, ntohs (enc->len))); |
@@ -635,7 +608,7 @@ GNUNET_CRYPTO_rsa_key_create_from_file (const char *filename) | |||
635 | GNUNET_DISK_file_sync (fd); | 608 | GNUNET_DISK_file_sync (fd); |
636 | if (GNUNET_YES != | 609 | if (GNUNET_YES != |
637 | GNUNET_DISK_file_unlock (fd, 0, | 610 | GNUNET_DISK_file_unlock (fd, 0, |
638 | sizeof (struct RsaPrivateKeyBinaryEncoded))) | 611 | sizeof (struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded))) |
639 | LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename); | 612 | LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename); |
640 | GNUNET_assert (GNUNET_YES == GNUNET_DISK_file_close (fd)); | 613 | GNUNET_assert (GNUNET_YES == GNUNET_DISK_file_close (fd)); |
641 | GNUNET_CRYPTO_rsa_key_get_public (ret, &pub); | 614 | GNUNET_CRYPTO_rsa_key_get_public (ret, &pub); |
@@ -658,7 +631,7 @@ GNUNET_CRYPTO_rsa_key_create_from_file (const char *filename) | |||
658 | { | 631 | { |
659 | if (GNUNET_YES != | 632 | if (GNUNET_YES != |
660 | GNUNET_DISK_file_lock (fd, 0, | 633 | GNUNET_DISK_file_lock (fd, 0, |
661 | sizeof (struct RsaPrivateKeyBinaryEncoded), | 634 | sizeof (struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded), |
662 | GNUNET_NO)) | 635 | GNUNET_NO)) |
663 | { | 636 | { |
664 | if (0 == ++cnt % 60) | 637 | if (0 == ++cnt % 60) |
@@ -680,7 +653,7 @@ GNUNET_CRYPTO_rsa_key_create_from_file (const char *filename) | |||
680 | LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "stat", filename); | 653 | LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "stat", filename); |
681 | if (GNUNET_YES != | 654 | if (GNUNET_YES != |
682 | GNUNET_DISK_file_unlock (fd, 0, | 655 | GNUNET_DISK_file_unlock (fd, 0, |
683 | sizeof (struct RsaPrivateKeyBinaryEncoded))) | 656 | sizeof (struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded))) |
684 | LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename); | 657 | LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename); |
685 | GNUNET_assert (GNUNET_OK == GNUNET_DISK_file_close (fd)); | 658 | GNUNET_assert (GNUNET_OK == GNUNET_DISK_file_close (fd)); |
686 | 659 | ||
@@ -688,13 +661,13 @@ GNUNET_CRYPTO_rsa_key_create_from_file (const char *filename) | |||
688 | } | 661 | } |
689 | if (GNUNET_YES != GNUNET_DISK_file_size (filename, &fs, GNUNET_YES)) | 662 | if (GNUNET_YES != GNUNET_DISK_file_size (filename, &fs, GNUNET_YES)) |
690 | fs = 0; | 663 | fs = 0; |
691 | if (fs < sizeof (struct RsaPrivateKeyBinaryEncoded)) | 664 | if (fs < sizeof (struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded)) |
692 | { | 665 | { |
693 | /* maybe we got the read lock before the hostkey generating | 666 | /* maybe we got the read lock before the hostkey generating |
694 | * process had a chance to get the write lock; give it up! */ | 667 | * process had a chance to get the write lock; give it up! */ |
695 | if (GNUNET_YES != | 668 | if (GNUNET_YES != |
696 | GNUNET_DISK_file_unlock (fd, 0, | 669 | GNUNET_DISK_file_unlock (fd, 0, |
697 | sizeof (struct RsaPrivateKeyBinaryEncoded))) | 670 | sizeof (struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded))) |
698 | LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename); | 671 | LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename); |
699 | if (0 == ++cnt % 10) | 672 | if (0 == ++cnt % 10) |
700 | { | 673 | { |
@@ -702,7 +675,7 @@ GNUNET_CRYPTO_rsa_key_create_from_file (const char *filename) | |||
702 | _ | 675 | _ |
703 | ("When trying to read hostkey file `%s' I found %u bytes but I need at least %u.\n"), | 676 | ("When trying to read hostkey file `%s' I found %u bytes but I need at least %u.\n"), |
704 | filename, (unsigned int) fs, | 677 | filename, (unsigned int) fs, |
705 | (unsigned int) sizeof (struct RsaPrivateKeyBinaryEncoded)); | 678 | (unsigned int) sizeof (struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded)); |
706 | LOG (GNUNET_ERROR_TYPE_ERROR, | 679 | LOG (GNUNET_ERROR_TYPE_ERROR, |
707 | _ | 680 | _ |
708 | ("This may be ok if someone is currently generating a hostkey.\n")); | 681 | ("This may be ok if someone is currently generating a hostkey.\n")); |
@@ -730,7 +703,7 @@ GNUNET_CRYPTO_rsa_key_create_from_file (const char *filename) | |||
730 | GNUNET_free (enc); | 703 | GNUNET_free (enc); |
731 | if (GNUNET_YES != | 704 | if (GNUNET_YES != |
732 | GNUNET_DISK_file_unlock (fd, 0, | 705 | GNUNET_DISK_file_unlock (fd, 0, |
733 | sizeof (struct RsaPrivateKeyBinaryEncoded))) | 706 | sizeof (struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded))) |
734 | LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename); | 707 | LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "fcntl", filename); |
735 | GNUNET_assert (GNUNET_YES == GNUNET_DISK_file_close (fd)); | 708 | GNUNET_assert (GNUNET_YES == GNUNET_DISK_file_close (fd)); |
736 | if (ret != NULL) | 709 | if (ret != NULL) |