From a299afa8af5593c2114ca8242099d8f7971c428e Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sat, 14 Jul 2012 21:19:22 +0000 Subject: -new API for asyncronous generation of private RSA keys --- src/include/gnunet_crypto_lib.h | 54 +++++- src/util/crypto_rsa.c | 358 ++++++++++++++++++++++++++++++++++++---- src/util/gnunet-config.c | 2 +- src/util/gnunet-rsa.c | 42 ++++- src/util/test_crypto_rsa.c | 83 ++++++---- 5 files changed, 464 insertions(+), 75 deletions(-) (limited to 'src') diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h index 33842fc27..b73d26d1e 100644 --- a/src/include/gnunet_crypto_lib.h +++ b/src/include/gnunet_crypto_lib.h @@ -859,15 +859,6 @@ GNUNET_CRYPTO_kdf (void *result, size_t out_len, const void *xts, size_t xts_len, const void *skm, size_t skm_len, ...); -/** - * Create a new private key. Caller must free return value. - * - * @return fresh private key - */ -struct GNUNET_CRYPTO_RsaPrivateKey * -GNUNET_CRYPTO_rsa_key_create (void); - - /** * Convert a public key to a string. * @@ -925,11 +916,56 @@ GNUNET_CRYPTO_rsa_decode_key (const char *buf, uint16_t len); * @param filename name of file to use for storage * @return new private key, NULL on error (for example, * permission denied) + * @deprecated use 'GNUNET_CRYPTO_rsa_key_create_start' instead */ struct GNUNET_CRYPTO_RsaPrivateKey * GNUNET_CRYPTO_rsa_key_create_from_file (const char *filename); +/** + * Handle to cancel private key generation. + */ +struct GNUNET_CRYPTO_RsaKeyGenerationContext; + + +/** + * Function called upon completion of 'GNUNET_CRYPTO_rsa_key_create_async'. + * + * @param cls closure + * @param pk NULL on error, otherwise the private key (which must be free'd by the callee) + * @param emsg NULL on success, otherwise an error message + */ +typedef void (*GNUNET_CRYPTO_RsaKeyCallback)(void *cls, + struct GNUNET_CRYPTO_RsaPrivateKey *pk, + const char *emsg); + + +/** + * Create a new private key by reading it from a file. If the files + * does not exist, create a new key and write it to the file. If the + * contents of the file are invalid the old file is deleted and a + * fresh key is created. + * + * @param filename name of file to use for storage + * @param cont function to call when done (or on errors) + * @param cont_cls closure for 'cont' + * @return handle to abort operation, NULL on fatal errors (cont will not be called if NULL is returned) + */ +struct GNUNET_CRYPTO_RsaKeyGenerationContext * +GNUNET_CRYPTO_rsa_key_create_start (const char *filename, + GNUNET_CRYPTO_RsaKeyCallback cont, + void *cont_cls); + + +/** + * Abort RSA key generation. + * + * @param gc key generation context to abort + */ +void +GNUNET_CRYPTO_rsa_key_create_stop (struct GNUNET_CRYPTO_RsaKeyGenerationContext *gc); + + /** * Setup a hostkey file for a peer given the name of the * configuration file (!). This function is used so that diff --git a/src/util/crypto_rsa.c b/src/util/crypto_rsa.c index bbd73083d..6e92f0753 100644 --- a/src/util/crypto_rsa.c +++ b/src/util/crypto_rsa.c @@ -34,9 +34,7 @@ #include "platform.h" #include #include "gnunet_common.h" -#include "gnunet_crypto_lib.h" -#include "gnunet_disk_lib.h" -#include "gnunet_strings_lib.h" +#include "gnunet_util_lib.h" #define LOG(kind,...) GNUNET_log_from (kind, "util", __VA_ARGS__) @@ -44,9 +42,10 @@ #define LOG_STRERROR_FILE(kind,syscall,filename) GNUNET_log_from_strerror_file (kind, "util", syscall, filename) + /** * The private information of an RSA key pair. - * NOTE: this must match the definition in crypto_ksk.c + * NOTE: this must match the definition in crypto_ksk.c and gnunet-rsa.c! */ struct GNUNET_CRYPTO_RsaPrivateKey { @@ -81,31 +80,6 @@ adjust (unsigned char *buf, size_t size, size_t target) } } -/** - * Create a new private key. Caller must free return value. - * - * @return fresh private key - */ -struct GNUNET_CRYPTO_RsaPrivateKey * -GNUNET_CRYPTO_rsa_key_create () -{ - struct GNUNET_CRYPTO_RsaPrivateKey *ret; - gcry_sexp_t s_key; - gcry_sexp_t s_keyparam; - - GNUNET_assert (0 == - gcry_sexp_build (&s_keyparam, NULL, - "(genkey(rsa(nbits %d)(rsa-use-e 3:257)))", - HOSTKEY_LEN)); - GNUNET_assert (0 == gcry_pk_genkey (&s_key, s_keyparam)); - gcry_sexp_release (s_keyparam); -#if EXTRA_CHECKS - GNUNET_assert (0 == gcry_pk_testkey (s_key)); -#endif - ret = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_RsaPrivateKey)); - ret->sexp = s_key; - return ret; -} /** * Free memory occupied by hostkey @@ -118,6 +92,10 @@ GNUNET_CRYPTO_rsa_key_free (struct GNUNET_CRYPTO_RsaPrivateKey *hostkey) GNUNET_free (hostkey); } + +/** + * FIXME: document! + */ static int key_from_sexp (gcry_mpi_t * array, gcry_sexp_t sexp, const char *topname, const char *elems) @@ -593,6 +571,98 @@ GNUNET_CRYPTO_rsa_decode_key (const char *buf, uint16_t len) } +/** + * Create a new private key. Caller must free return value. + * + * @return fresh private key + */ +static struct GNUNET_CRYPTO_RsaPrivateKey * +rsa_key_create () +{ + struct GNUNET_CRYPTO_RsaPrivateKey *ret; + gcry_sexp_t s_key; + gcry_sexp_t s_keyparam; + + GNUNET_assert (0 == + gcry_sexp_build (&s_keyparam, NULL, + "(genkey(rsa(nbits %d)(rsa-use-e 3:257)))", + HOSTKEY_LEN)); + GNUNET_assert (0 == gcry_pk_genkey (&s_key, s_keyparam)); + gcry_sexp_release (s_keyparam); +#if EXTRA_CHECKS + GNUNET_assert (0 == gcry_pk_testkey (s_key)); +#endif + ret = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_RsaPrivateKey)); + ret->sexp = s_key; + return ret; +} + + +/** + * Try to read the private key from the given file. + * + * @param filename file to read the key from + * @return NULL on error + */ +static struct GNUNET_CRYPTO_RsaPrivateKey * +try_read_key (const char *filename) +{ + struct GNUNET_CRYPTO_RsaPrivateKey *ret; + struct GNUNET_CRYPTO_RsaPrivateKeyBinaryEncoded *enc; + struct GNUNET_DISK_FileHandle *fd; + OFF_T fs; + uint16_t len; + + if (GNUNET_YES != GNUNET_DISK_file_test (filename)) + return NULL; + + /* hostkey file exists already, read it! */ + if (NULL == (fd = GNUNET_DISK_file_open (filename, GNUNET_DISK_OPEN_READ, + GNUNET_DISK_PERM_NONE))) + { + LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_ERROR, "open", filename); + return NULL; + } + if (GNUNET_OK != (GNUNET_DISK_file_handle_size (fd, &fs))) + { + LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_ERROR, "stat", filename); + (void) GNUNET_DISK_file_close (fd); + return NULL; + } + if (fs > UINT16_MAX) + { + LOG (GNUNET_ERROR_TYPE_ERROR, + _("File `%s' does not contain a valid private key. Deleting it.\n"), + filename); + GNUNET_break (GNUNET_OK == GNUNET_DISK_file_close (fd)); + if (0 != UNLINK (filename)) + LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "unlink", filename); + return NULL; + } + + enc = GNUNET_malloc (fs); + GNUNET_break (fs == GNUNET_DISK_file_read (fd, enc, fs)); + len = ntohs (enc->len); + ret = NULL; + if ((len != fs) || + (NULL == (ret = GNUNET_CRYPTO_rsa_decode_key ((char *) enc, len)))) + { + LOG (GNUNET_ERROR_TYPE_ERROR, + _("File `%s' does not contain a valid private key. Deleting it.\n"), + filename); + GNUNET_break (GNUNET_OK == GNUNET_DISK_file_close (fd)); + if (0 != UNLINK (filename)) + LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "unlink", filename); + GNUNET_free (enc); + return NULL; + } + GNUNET_free (enc); + + GNUNET_break (GNUNET_OK == GNUNET_DISK_file_close (fd)); + return ret; +} + + /** * Create a new private key by reading it from a file. If the * files does not exist, create a new key and write it to the @@ -658,13 +728,13 @@ GNUNET_CRYPTO_rsa_key_create_from_file (const char *filename) { ec = errno; LOG (GNUNET_ERROR_TYPE_ERROR, - _("Could not aquire lock on file `%s': %s...\n"), filename, + _("Could not acquire lock on file `%s': %s...\n"), filename, STRERROR (ec)); } } LOG (GNUNET_ERROR_TYPE_INFO, _("Creating a new private key. This may take a while.\n")); - ret = GNUNET_CRYPTO_rsa_key_create (); + ret = rsa_key_create (); GNUNET_assert (ret != NULL); enc = GNUNET_CRYPTO_rsa_encode_key (ret); GNUNET_assert (enc != NULL); @@ -705,7 +775,7 @@ GNUNET_CRYPTO_rsa_key_create_from_file (const char *filename) { ec = errno; LOG (GNUNET_ERROR_TYPE_ERROR, - _("Could not aquire lock on file `%s': %s...\n"), filename, + _("Could not acquire lock on file `%s': %s...\n"), filename, STRERROR (ec)); LOG (GNUNET_ERROR_TYPE_ERROR, _ @@ -785,6 +855,230 @@ GNUNET_CRYPTO_rsa_key_create_from_file (const char *filename) } +/** + * Handle to cancel private key generation and state for the + * key generation operation. + */ +struct GNUNET_CRYPTO_RsaKeyGenerationContext +{ + + /** + * Continuation to call upon completion. + */ + GNUNET_CRYPTO_RsaKeyCallback cont; + + /** + * Closure for 'cont'. + */ + void *cont_cls; + + /** + * Name of the file. + */ + char *filename; + + /** + * Handle to the helper process which does the key generation. + */ + struct GNUNET_OS_Process *gnunet_rsa; + + /** + * Handle to 'stdout' of gnunet-rsa. We 'read' on stdout to detect + * process termination (instead of messing with SIGCHLD). + */ + struct GNUNET_DISK_PipeHandle *gnunet_rsa_out; + + /** + * Location where we store the private key if it already existed. + * (if this is used, 'filename', 'gnunet_rsa' and 'gnunet_rsa_out' will + * not be used). + */ + struct GNUNET_CRYPTO_RsaPrivateKey *pk; + + /** + * Task reading from 'gnunet_rsa_out' to wait for process termination. + */ + GNUNET_SCHEDULER_TaskIdentifier read_task; + +}; + + +/** + * Task called upon shutdown or process termination of 'gnunet-rsa' during + * RSA key generation. Check where we are and perform the appropriate + * action. + * + * @param cls the 'struct GNUNET_CRYPTO_RsaKeyGenerationContext' + * @param tc scheduler context + */ +static void +check_key_generation_completion (void *cls, + const struct GNUNET_SCHEDULER_TaskContext *tc) +{ + struct GNUNET_CRYPTO_RsaKeyGenerationContext *gc = cls; + enum GNUNET_OS_ProcessStatusType type; + unsigned long code; + struct GNUNET_CRYPTO_RsaPrivateKey *pk; + + gc->read_task = GNUNET_SCHEDULER_NO_TASK; + if (0 != (tc->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN)) + { + gc->cont (gc->cont_cls, NULL, _("interrupted by shutdown")); + GNUNET_CRYPTO_rsa_key_create_stop (gc); + return; + } + if (GNUNET_OK != + GNUNET_OS_process_status (gc->gnunet_rsa, + &type, &code)) + { + GNUNET_break (0); + gc->cont (gc->cont_cls, NULL, _("internal error")); + GNUNET_CRYPTO_rsa_key_create_stop (gc); + return; + } + GNUNET_OS_process_destroy (gc->gnunet_rsa); + gc->gnunet_rsa = NULL; + if ( (GNUNET_OS_PROCESS_EXITED != type) || + (0 != code) ) + { + gc->cont (gc->cont_cls, NULL, _("gnunet-rsa failed")); + GNUNET_CRYPTO_rsa_key_create_stop (gc); + return; + } + if (NULL == (pk = try_read_key (gc->filename))) + { + GNUNET_break (0); + gc->cont (gc->cont_cls, NULL, _("gnunet-rsa failed")); + GNUNET_CRYPTO_rsa_key_create_stop (gc); + return; + } + gc->cont (gc->cont_cls, pk, NULL); + GNUNET_free (gc->filename); + GNUNET_free (gc); +} + + +/** + * Return the private RSA key which already existed on disk + * (asynchronously) to the caller. + * + * @param cls the 'struct GNUNET_CRYPTO_RsaKeyGenerationContext' + * @param tc scheduler context (unused) + */ +static void +async_return_key (void *cls, + const struct GNUNET_SCHEDULER_TaskContext *tc) +{ + struct GNUNET_CRYPTO_RsaKeyGenerationContext *gc = cls; + + gc->cont (gc->cont_cls, + gc->pk, + NULL); + GNUNET_free (gc); +} + + +/** + * Create a new private key by reading it from a file. If the files + * does not exist, create a new key and write it to the file. If the + * contents of the file are invalid the old file is deleted and a + * fresh key is created. + * + * @param filename name of file to use for storage + * @param cont function to call when done (or on errors) + * @param cont_cls closure for 'cont' + * @return handle to abort operation, NULL on fatal errors (cont will not be called if NULL is returned) + */ +struct GNUNET_CRYPTO_RsaKeyGenerationContext * +GNUNET_CRYPTO_rsa_key_create_start (const char *filename, + GNUNET_CRYPTO_RsaKeyCallback cont, + void *cont_cls) +{ + struct GNUNET_CRYPTO_RsaKeyGenerationContext *gc; + struct GNUNET_CRYPTO_RsaPrivateKey *pk; + + if (NULL != (pk = try_read_key (filename))) + { + /* quick happy ending: key already exists! */ + gc = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_RsaKeyGenerationContext)); + gc->pk = pk; + gc->cont = cont; + gc->cont_cls = cont_cls; + gc->read_task = GNUNET_SCHEDULER_add_now (&async_return_key, + gc); + return gc; + } + gc = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_RsaKeyGenerationContext)); + gc->filename = GNUNET_strdup (filename); + gc->cont = cont; + gc->cont_cls = cont_cls; + gc->gnunet_rsa_out = GNUNET_DISK_pipe (GNUNET_NO, + GNUNET_NO, + GNUNET_NO, + GNUNET_YES); + if (NULL == gc->gnunet_rsa_out) + { + GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "pipe"); + GNUNET_free (gc->filename); + GNUNET_free (gc); + return NULL; + } + gc->gnunet_rsa = GNUNET_OS_start_process (GNUNET_YES, + GNUNET_OS_INHERIT_STD_ERR, + NULL, + gc->gnunet_rsa_out, + "gnunet-rsa", + "gnunet-rsa", + gc->filename, + NULL); + if (NULL == gc->gnunet_rsa) + { + GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "fork"); + GNUNET_DISK_pipe_close (gc->gnunet_rsa_out); + GNUNET_free (gc->filename); + GNUNET_free (gc); + return NULL; + } + GNUNET_assert (GNUNET_OK == + GNUNET_DISK_pipe_close_end (gc->gnunet_rsa_out, + GNUNET_DISK_PIPE_END_WRITE)); + gc->read_task = GNUNET_SCHEDULER_add_read_file (GNUNET_TIME_UNIT_FOREVER_REL, + GNUNET_DISK_pipe_handle (gc->gnunet_rsa_out, + GNUNET_DISK_PIPE_END_READ), + &check_key_generation_completion, + gc); + return gc; +} + + +/** + * Abort RSA key generation. + * + * @param gc key generation context to abort + */ +void +GNUNET_CRYPTO_rsa_key_create_stop (struct GNUNET_CRYPTO_RsaKeyGenerationContext *gc) +{ + GNUNET_SCHEDULER_cancel (gc->read_task); + if (NULL != gc->gnunet_rsa) + { + (void) GNUNET_OS_process_kill (gc->gnunet_rsa, SIGKILL); + GNUNET_break (GNUNET_OK == + GNUNET_OS_process_wait (gc->gnunet_rsa)); + GNUNET_OS_process_destroy (gc->gnunet_rsa); + } + if (NULL != gc->filename) + { + if (0 != UNLINK (gc->filename)) + GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, "unlink", gc->filename); + GNUNET_free (gc->filename); + } + if (NULL != gc->pk) + GNUNET_CRYPTO_rsa_key_free (gc->pk); + GNUNET_free (gc); +} + + /** * Setup a hostkey file for a peer given the name of the * configuration file (!). This function is used so that diff --git a/src/util/gnunet-config.c b/src/util/gnunet-config.c index 5c8a715de..c91153f69 100644 --- a/src/util/gnunet-config.c +++ b/src/util/gnunet-config.c @@ -146,7 +146,7 @@ run (void *cls, char *const *args, const char *cfgfile, /** - * The main function to obtain statistics in GNUnet. + * Program to manipulate configuration files. * * @param argc number of arguments from the command line * @param argv command line arguments diff --git a/src/util/gnunet-rsa.c b/src/util/gnunet-rsa.c index 8fc79565a..61e1b66df 100644 --- a/src/util/gnunet-rsa.c +++ b/src/util/gnunet-rsa.c @@ -25,6 +25,7 @@ */ #include "platform.h" #include "gnunet_util_lib.h" +#include /** @@ -43,6 +44,45 @@ static int print_peer_identity; static int print_short_identity; +/** + * The private information of an RSA key pair. + * NOTE: this must match the definition in crypto_ksk.c and crypto_rsa.c! + */ +struct GNUNET_CRYPTO_RsaPrivateKey +{ + gcry_sexp_t sexp; +}; + + +#if 0 +/** + * Create a new private key. Caller must free return value. + * + * @return fresh private key + */ +struct GNUNET_CRYPTO_RsaPrivateKey * +GNUNET_CRYPTO_rsa_key_create () +{ + struct GNUNET_CRYPTO_RsaPrivateKey *ret; + gcry_sexp_t s_key; + gcry_sexp_t s_keyparam; + + GNUNET_assert (0 == + gcry_sexp_build (&s_keyparam, NULL, + "(genkey(rsa(nbits %d)(rsa-use-e 3:257)))", + HOSTKEY_LEN)); + GNUNET_assert (0 == gcry_pk_genkey (&s_key, s_keyparam)); + gcry_sexp_release (s_keyparam); +#if EXTRA_CHECKS + GNUNET_assert (0 == gcry_pk_testkey (s_key)); +#endif + ret = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_RsaPrivateKey)); + ret->sexp = s_key; + return ret; +} +#endif + + /** * Main function that will be run by the scheduler. * @@ -100,7 +140,7 @@ run (void *cls, char *const *args, const char *cfgfile, /** - * The main function to obtain statistics in GNUnet. + * Program to manipulate RSA key files. * * @param argc number of arguments from the command line * @param argv command line arguments diff --git a/src/util/test_crypto_rsa.c b/src/util/test_crypto_rsa.c index f6800afcd..0113b7ad0 100644 --- a/src/util/test_crypto_rsa.c +++ b/src/util/test_crypto_rsa.c @@ -36,10 +36,12 @@ #define PERF GNUNET_YES +static struct GNUNET_CRYPTO_RsaPrivateKey *key; + + static int testEncryptDecrypt () { - struct GNUNET_CRYPTO_RsaPrivateKey *hostkey; struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pkey; struct GNUNET_CRYPTO_RsaEncryptedData target; char result[MAX_TESTVAL]; @@ -48,9 +50,7 @@ testEncryptDecrypt () int ok; FPRINTF (stderr, "%s", "W"); - hostkey = GNUNET_CRYPTO_rsa_key_create (); - GNUNET_CRYPTO_rsa_key_get_public (hostkey, &pkey); - + GNUNET_CRYPTO_rsa_key_get_public (key, &pkey); ok = 0; start = GNUNET_TIME_absolute_get (); for (i = 0; i < ITER; i++) @@ -65,7 +65,7 @@ testEncryptDecrypt () continue; } if (-1 == - GNUNET_CRYPTO_rsa_decrypt (hostkey, &target, result, + GNUNET_CRYPTO_rsa_decrypt (key, &target, result, strlen (TESTSTRING) + 1)) { FPRINTF (stderr, "%s", "GNUNET_CRYPTO_rsa_decrypt returned SYSERR\n"); @@ -84,18 +84,16 @@ testEncryptDecrypt () printf ("%d RSA encrypt/decrypt operations %llums (%d failures)\n", ITER, (unsigned long long) GNUNET_TIME_absolute_get_duration (start).rel_value, ok); - GNUNET_CRYPTO_rsa_key_free (hostkey); if (ok == 0) return GNUNET_OK; - else - return GNUNET_SYSERR; + return GNUNET_SYSERR; } + #if PERF static int testEncryptPerformance () { - struct GNUNET_CRYPTO_RsaPrivateKey *hostkey; struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pkey; struct GNUNET_CRYPTO_RsaEncryptedData target; int i; @@ -103,9 +101,7 @@ testEncryptPerformance () int ok; FPRINTF (stderr, "%s", "W"); - hostkey = GNUNET_CRYPTO_rsa_key_create (); - GNUNET_CRYPTO_rsa_key_get_public (hostkey, &pkey); - + GNUNET_CRYPTO_rsa_key_get_public (key, &pkey); ok = 0; start = GNUNET_TIME_absolute_get (); for (i = 0; i < ITER; i++) @@ -123,7 +119,6 @@ testEncryptPerformance () printf ("%d RSA encrypt operations %llu ms (%d failures)\n", ITER, (unsigned long long) GNUNET_TIME_absolute_get_duration (start).rel_value, ok); - GNUNET_CRYPTO_rsa_key_free (hostkey); if (ok != 0) return GNUNET_SYSERR; return GNUNET_OK; @@ -133,7 +128,6 @@ testEncryptPerformance () static int testEncryptDecryptSK () { - struct GNUNET_CRYPTO_RsaPrivateKey *hostkey; struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pkey; struct GNUNET_CRYPTO_RsaEncryptedData target; struct GNUNET_CRYPTO_AesSessionKey insk; @@ -143,9 +137,7 @@ testEncryptDecryptSK () int ok; FPRINTF (stderr, "%s", "W"); - hostkey = GNUNET_CRYPTO_rsa_key_create (); - GNUNET_CRYPTO_rsa_key_get_public (hostkey, &pkey); - + GNUNET_CRYPTO_rsa_key_get_public (key, &pkey); ok = 0; start = GNUNET_TIME_absolute_get (); for (i = 0; i < ITER; i++) @@ -162,7 +154,7 @@ testEncryptDecryptSK () continue; } if (-1 == - GNUNET_CRYPTO_rsa_decrypt (hostkey, &target, &outsk, + GNUNET_CRYPTO_rsa_decrypt (key, &target, &outsk, sizeof (struct GNUNET_CRYPTO_AesSessionKey))) { FPRINTF (stderr, "%s", "GNUNET_CRYPTO_rsa_decrypt returned SYSERR\n"); @@ -180,7 +172,6 @@ testEncryptDecryptSK () printf ("%d RSA encrypt/decrypt SK operations %llums (%d failures)\n", ITER, (unsigned long long) GNUNET_TIME_absolute_get_duration (start).rel_value, ok); - GNUNET_CRYPTO_rsa_key_free (hostkey); if (ok != 0) return GNUNET_SYSERR; return GNUNET_OK; @@ -190,7 +181,6 @@ testEncryptDecryptSK () static int testSignVerify () { - struct GNUNET_CRYPTO_RsaPrivateKey *hostkey; struct GNUNET_CRYPTO_RsaSignature sig; struct GNUNET_CRYPTO_RsaSignaturePurpose purp; struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pkey; @@ -199,8 +189,7 @@ testSignVerify () int ok = GNUNET_OK; FPRINTF (stderr, "%s", "W"); - hostkey = GNUNET_CRYPTO_rsa_key_create (); - GNUNET_CRYPTO_rsa_key_get_public (hostkey, &pkey); + GNUNET_CRYPTO_rsa_key_get_public (key, &pkey); start = GNUNET_TIME_absolute_get (); purp.size = htonl (sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose)); purp.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TEST); @@ -208,7 +197,7 @@ testSignVerify () for (i = 0; i < ITER; i++) { FPRINTF (stderr, "%s", "."); - if (GNUNET_SYSERR == GNUNET_CRYPTO_rsa_sign (hostkey, &purp, &sig)) + if (GNUNET_SYSERR == GNUNET_CRYPTO_rsa_sign (key, &purp, &sig)) { FPRINTF (stderr, "%s", "GNUNET_CRYPTO_rsa_sign returned SYSERR\n"); ok = GNUNET_SYSERR; @@ -234,7 +223,6 @@ testSignVerify () printf ("%d RSA sign/verify operations %llums\n", ITER, (unsigned long long) GNUNET_TIME_absolute_get_duration (start).rel_value); - GNUNET_CRYPTO_rsa_key_free (hostkey); return ok; } @@ -243,7 +231,6 @@ testSignVerify () static int testSignPerformance () { - struct GNUNET_CRYPTO_RsaPrivateKey *hostkey; struct GNUNET_CRYPTO_RsaSignaturePurpose purp; struct GNUNET_CRYPTO_RsaSignature sig; struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pkey; @@ -254,13 +241,12 @@ testSignPerformance () purp.size = htonl (sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose)); purp.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TEST); FPRINTF (stderr, "%s", "W"); - hostkey = GNUNET_CRYPTO_rsa_key_create (); - GNUNET_CRYPTO_rsa_key_get_public (hostkey, &pkey); + GNUNET_CRYPTO_rsa_key_get_public (key, &pkey); start = GNUNET_TIME_absolute_get (); for (i = 0; i < ITER; i++) { FPRINTF (stderr, "%s", "."); - if (GNUNET_SYSERR == GNUNET_CRYPTO_rsa_sign (hostkey, &purp, &sig)) + if (GNUNET_SYSERR == GNUNET_CRYPTO_rsa_sign (key, &purp, &sig)) { FPRINTF (stderr, "%s", "GNUNET_CRYPTO_rsa_sign returned SYSERR\n"); ok = GNUNET_SYSERR; @@ -270,7 +256,6 @@ testSignPerformance () printf ("%d RSA sign operations %llu ms\n", ITER, (unsigned long long) GNUNET_TIME_absolute_get_duration (start).rel_value); - GNUNET_CRYPTO_rsa_key_free (hostkey); return ok; } #endif @@ -279,7 +264,6 @@ testSignPerformance () static int testCreateFromFile () { - struct GNUNET_CRYPTO_RsaPrivateKey *key; struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded p1; struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded p2; @@ -297,12 +281,44 @@ testCreateFromFile () GNUNET_assert (NULL != key); GNUNET_CRYPTO_rsa_key_get_public (key, &p2); GNUNET_assert (0 != memcmp (&p1, &p2, sizeof (p1))); - GNUNET_CRYPTO_rsa_key_free (key); - GNUNET_assert (0 == UNLINK (KEYFILE)); return GNUNET_OK; } +static void +key_cont (void *cls, + struct GNUNET_CRYPTO_RsaPrivateKey *pk, + const char *emsg) +{ + const char *txt = cls; + struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pub1; + struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded pub2; + + GNUNET_assert (0 == strcmp ("ok", txt)); + GNUNET_CRYPTO_rsa_key_get_public (pk, &pub1); + GNUNET_CRYPTO_rsa_key_get_public (key, &pub2); + GNUNET_assert (0 == memcmp (&pub1, &pub2, + sizeof (pub1))); + GNUNET_CRYPTO_rsa_key_free (pk); +} + + +static void +test_async_creation (void *cls, + const struct GNUNET_SCHEDULER_TaskContext *tc) +{ + struct GNUNET_CRYPTO_RsaKeyGenerationContext *gc; + + gc = GNUNET_CRYPTO_rsa_key_create_start (KEYFILE, + &key_cont, + (void*) "bug"); + GNUNET_CRYPTO_rsa_key_create_stop (gc); + gc = GNUNET_CRYPTO_rsa_key_create_start (KEYFILE, + &key_cont, + (void*) "ok"); +} + + int main (int argc, char *argv[]) { @@ -312,6 +328,7 @@ main (int argc, char *argv[]) GNUNET_CRYPTO_random_disable_entropy_gathering (); if (GNUNET_OK != testCreateFromFile ()) failureCount++; + GNUNET_SCHEDULER_run (&test_async_creation, NULL); #if PERF if (GNUNET_OK != testEncryptPerformance ()) failureCount++; @@ -324,6 +341,8 @@ main (int argc, char *argv[]) failureCount++; if (GNUNET_OK != testSignVerify ()) failureCount++; + GNUNET_CRYPTO_rsa_key_free (key); + GNUNET_assert (0 == UNLINK (KEYFILE)); if (failureCount != 0) { -- cgit v1.2.3