diff options
-rw-r--r-- | src/util/crypto_rsa.c | 55 |
1 files changed, 28 insertions, 27 deletions
diff --git a/src/util/crypto_rsa.c b/src/util/crypto_rsa.c index bc4ae6806..d4b87d3c9 100644 --- a/src/util/crypto_rsa.c +++ b/src/util/crypto_rsa.c | |||
@@ -22,15 +22,7 @@ | |||
22 | * @file util/crypto_rsa.c | 22 | * @file util/crypto_rsa.c |
23 | * @brief public key cryptography (RSA) with libgcrypt | 23 | * @brief public key cryptography (RSA) with libgcrypt |
24 | * @author Christian Grothoff | 24 | * @author Christian Grothoff |
25 | * | ||
26 | * Note that the code locks often needlessly on the gcrypt-locking api. | ||
27 | * One would think that simple MPI operations should not require locking | ||
28 | * (since only global operations on the random pool must be locked, | ||
29 | * strictly speaking). But libgcrypt does sometimes require locking in | ||
30 | * unexpected places, so the safe solution is to always lock even if it | ||
31 | * is not required. The performance impact is minimal anyway. | ||
32 | */ | 25 | */ |
33 | |||
34 | #include "platform.h" | 26 | #include "platform.h" |
35 | #include <gcrypt.h> | 27 | #include <gcrypt.h> |
36 | #include "gnunet_common.h" | 28 | #include "gnunet_common.h" |
@@ -42,6 +34,10 @@ | |||
42 | 34 | ||
43 | #define LOG_STRERROR_FILE(kind,syscall,filename) GNUNET_log_from_strerror_file (kind, "util", syscall, filename) | 35 | #define LOG_STRERROR_FILE(kind,syscall,filename) GNUNET_log_from_strerror_file (kind, "util", syscall, filename) |
44 | 36 | ||
37 | #define HOSTKEY_LEN 2048 | ||
38 | |||
39 | #define EXTRA_CHECKS ALLOW_EXTRA_CHECKS | ||
40 | |||
45 | 41 | ||
46 | /** | 42 | /** |
47 | * The private information of an RSA key pair. | 43 | * The private information of an RSA key pair. |
@@ -49,15 +45,12 @@ | |||
49 | */ | 45 | */ |
50 | struct GNUNET_CRYPTO_RsaPrivateKey | 46 | struct GNUNET_CRYPTO_RsaPrivateKey |
51 | { | 47 | { |
48 | /** | ||
49 | * Libgcrypt S-expression for the ECC key. | ||
50 | */ | ||
52 | gcry_sexp_t sexp; | 51 | gcry_sexp_t sexp; |
53 | }; | 52 | }; |
54 | 53 | ||
55 | |||
56 | #define HOSTKEY_LEN 2048 | ||
57 | |||
58 | #define EXTRA_CHECKS ALLOW_EXTRA_CHECKS | ||
59 | |||
60 | |||
61 | /** | 54 | /** |
62 | * Log an error message at log-level 'level' that indicates | 55 | * Log an error message at log-level 'level' that indicates |
63 | * a failure of the command 'cmd' with the message given | 56 | * a failure of the command 'cmd' with the message given |
@@ -69,6 +62,10 @@ struct GNUNET_CRYPTO_RsaPrivateKey | |||
69 | * If target != size, move target bytes to the | 62 | * If target != size, move target bytes to the |
70 | * end of the size-sized buffer and zero out the | 63 | * end of the size-sized buffer and zero out the |
71 | * first target-size bytes. | 64 | * first target-size bytes. |
65 | * | ||
66 | * @param buf original buffer | ||
67 | * @param size number of bytes in the buffer | ||
68 | * @param target target size of the buffer | ||
72 | */ | 69 | */ |
73 | static void | 70 | static void |
74 | adjust (unsigned char *buf, size_t size, size_t target) | 71 | adjust (unsigned char *buf, size_t size, size_t target) |
@@ -94,34 +91,37 @@ GNUNET_CRYPTO_rsa_key_free (struct GNUNET_CRYPTO_RsaPrivateKey *hostkey) | |||
94 | 91 | ||
95 | 92 | ||
96 | /** | 93 | /** |
97 | * FIXME: document! | 94 | * Extract values from an S-expression. |
95 | * | ||
96 | * @param array where to store the result(s) | ||
97 | * @param sexp S-expression to parse | ||
98 | * @param topname top-level name in the S-expression that is of interest | ||
99 | * @param elems names of the elements to extract | ||
100 | * @return 0 on success | ||
98 | */ | 101 | */ |
99 | static int | 102 | static int |
100 | key_from_sexp (gcry_mpi_t * array, gcry_sexp_t sexp, const char *topname, | 103 | key_from_sexp (gcry_mpi_t * array, gcry_sexp_t sexp, const char *topname, |
101 | const char *elems) | 104 | const char *elems) |
102 | { | 105 | { |
103 | gcry_sexp_t list, l2; | 106 | gcry_sexp_t list; |
107 | gcry_sexp_t l2; | ||
104 | const char *s; | 108 | const char *s; |
105 | int i, idx; | 109 | unsigned int i; |
110 | unsigned int idx; | ||
106 | 111 | ||
107 | list = gcry_sexp_find_token (sexp, topname, 0); | 112 | list = gcry_sexp_find_token (sexp, topname, 0); |
108 | if (!list) | 113 | if (! list) |
109 | { | 114 | return 1; |
110 | return 1; | ||
111 | } | ||
112 | l2 = gcry_sexp_cadr (list); | 115 | l2 = gcry_sexp_cadr (list); |
113 | gcry_sexp_release (list); | 116 | gcry_sexp_release (list); |
114 | list = l2; | 117 | list = l2; |
115 | if (!list) | 118 | if (! list) |
116 | { | ||
117 | return 2; | 119 | return 2; |
118 | } | ||
119 | |||
120 | idx = 0; | 120 | idx = 0; |
121 | for (s = elems; *s; s++, idx++) | 121 | for (s = elems; *s; s++, idx++) |
122 | { | 122 | { |
123 | l2 = gcry_sexp_find_token (list, s, 1); | 123 | l2 = gcry_sexp_find_token (list, s, 1); |
124 | if (!l2) | 124 | if (! l2) |
125 | { | 125 | { |
126 | for (i = 0; i < idx; i++) | 126 | for (i = 0; i < idx; i++) |
127 | { | 127 | { |
@@ -133,7 +133,7 @@ key_from_sexp (gcry_mpi_t * array, gcry_sexp_t sexp, const char *topname, | |||
133 | } | 133 | } |
134 | array[idx] = gcry_sexp_nth_mpi (l2, 1, GCRYMPI_FMT_USG); | 134 | array[idx] = gcry_sexp_nth_mpi (l2, 1, GCRYMPI_FMT_USG); |
135 | gcry_sexp_release (l2); | 135 | gcry_sexp_release (l2); |
136 | if (!array[idx]) | 136 | if (! array[idx]) |
137 | { | 137 | { |
138 | for (i = 0; i < idx; i++) | 138 | for (i = 0; i < idx; i++) |
139 | { | 139 | { |
@@ -148,6 +148,7 @@ key_from_sexp (gcry_mpi_t * array, gcry_sexp_t sexp, const char *topname, | |||
148 | return 0; | 148 | return 0; |
149 | } | 149 | } |
150 | 150 | ||
151 | |||
151 | /** | 152 | /** |
152 | * Extract the public key of the host. | 153 | * Extract the public key of the host. |
153 | * @param priv the private key | 154 | * @param priv the private key |