vss: Add documentation of MAP_POPULATE.

[paraslash.git] / openssl.c

diff --git a/openssl.c b/openssl.c
index f786ce29bc715ab72c12e49088aaf15fb9cf8fb7..4895e176ba9cf7f86962d365f3d9514aed0f0180 100644 (file)
--- a/openssl.c
+++ b/openssl.c
@@ -16,9 +16,7 @@
 #include "error.h"
 #include "string.h"
 #include "crypt.h"
 #include "error.h"
 #include "string.h"
 #include "crypt.h"

-#include "fd.h"

 #include "crypt_backend.h"
 #include "crypt_backend.h"

-#include "base64.h"

 #include "portable_io.h"
 
 struct asymmetric_key {
 #include "portable_io.h"
 
 struct asymmetric_key {


@@ -45,7 +43,7 @@ void get_random_bytes_or_die(unsigned char *buf, int num)
  * \sa RAND_load_file(3), \ref get_random_bytes_or_die(), srandom(3),
  * random(3), \ref para_random().
  */
  * \sa RAND_load_file(3), \ref get_random_bytes_or_die(), srandom(3),
  * random(3), \ref para_random().
  */

-void init_random_seed_or_die(void)
+void crypt_init(void)

 {
        int seed, ret = RAND_load_file("/dev/urandom", 64);
 
 {
        int seed, ret = RAND_load_file("/dev/urandom", 64);
 


@@ -57,6 +55,11 @@ void init_random_seed_or_die(void)
        srandom(seed);
 }
 
        srandom(seed);
 }
 

+void crypt_shutdown(void)
+{
+       CRYPTO_cleanup_all_ex_data();
+}
+

 static int get_private_key(const char *path, RSA **rsa)
 {
        EVP_PKEY *pkey;
 static int get_private_key(const char *path, RSA **rsa)
 {
        EVP_PKEY *pkey;


@@ -121,11 +124,11 @@ static int read_rsa_bignums(const unsigned char *blob, int blen, RSA **result)
                return -E_BIGNUM;
        ret = read_bignum(p, end - p, &e);
        if (ret < 0)
                return -E_BIGNUM;
        ret = read_bignum(p, end - p, &e);
        if (ret < 0)

-               goto fail;
+               goto free_rsa;

        p += ret;
        ret = read_bignum(p, end - p, &n);
        if (ret < 0)
        p += ret;
        ret = read_bignum(p, end - p, &n);
        if (ret < 0)

-               goto fail;
+               goto free_e;

 #ifdef HAVE_RSA_SET0_KEY
        RSA_set0_key(rsa, n, e, NULL);
 #else
 #ifdef HAVE_RSA_SET0_KEY
        RSA_set0_key(rsa, n, e, NULL);
 #else


@@ -134,58 +137,41 @@ static int read_rsa_bignums(const unsigned char *blob, int blen, RSA **result)
 #endif
        *result = rsa;
        return 1;
 #endif
        *result = rsa;
        return 1;

-fail:
+free_e:
+       BN_free(e);
+free_rsa:

        RSA_free(rsa);
        return ret;
 }
 
        RSA_free(rsa);
        return ret;
 }
 

-int get_public_key(const char *key_file, struct asymmetric_key **result)
+int apc_get_pubkey(const char *key_file, struct asymmetric_key **result)

 {
 {

-       struct asymmetric_key *key = NULL;
-       void *map = NULL;
-       unsigned char *blob = NULL;
-       size_t map_size, encoded_size, decoded_size;
-       int ret, ret2;
-       char *cp;
+       unsigned char *blob;
+       size_t decoded_size;
+       int ret;
+       struct asymmetric_key *key = para_malloc(sizeof(*key));

 
 

-       key = para_malloc(sizeof(*key));
-       ret = mmap_full_file(key_file, O_RDONLY, &map, &map_size, NULL);
+       ret = decode_ssh_key(key_file, &blob, &decoded_size);

        if (ret < 0)
                goto out;
        if (ret < 0)
                goto out;

-       ret = is_ssh_rsa_key(map, map_size);
-       if (!ret) {
-               ret = -E_SSH_PARSE;
-               goto out_unmap;
-       }
-       cp = map + ret;
-       encoded_size = map_size - ret;
-       PARA_INFO_LOG("decoding public rsa-ssh key %s\n", key_file);
-       ret = uudecode(cp, encoded_size, (char **)&blob, &decoded_size);
-       if (ret < 0)
-               goto out_unmap;
-       ret = check_ssh_key_header(blob, decoded_size);
-       if (ret < 0)
-               goto out_unmap;

        ret = read_rsa_bignums(blob + ret, decoded_size - ret, &key->rsa);
        if (ret < 0)
        ret = read_rsa_bignums(blob + ret, decoded_size - ret, &key->rsa);
        if (ret < 0)

-               goto out_unmap;
+               goto free_blob;

        ret = RSA_size(key->rsa);
        ret = RSA_size(key->rsa);

-out_unmap:
-       ret2 = para_munmap(map, map_size);
-       if (ret >= 0 && ret2 < 0)
-               ret = ret2;
+       assert(ret > 0);
+       *result = key;
+free_blob:
+       free(blob);

 out:
        if (ret < 0) {
                free(key);
                *result = NULL;
 out:
        if (ret < 0) {
                free(key);
                *result = NULL;

-               PARA_ERROR_LOG("key %s: %s\n", key_file, para_strerror(-ret));
-       } else
-               *result = key;
-       free(blob);
+               PARA_ERROR_LOG("can not load key %s\n", key_file);
+       }

        return ret;
 }
 
        return ret;
 }
 

-void free_public_key(struct asymmetric_key *key)
+void apc_free_pubkey(struct asymmetric_key *key)

 {
        if (!key)
                return;
 {
        if (!key)
                return;


@@ -193,7 +179,7 @@ void free_public_key(struct asymmetric_key *key)
        free(key);
 }
 
        free(key);
 }
 

-int priv_decrypt(const char *key_file, unsigned char *outbuf,
+int apc_priv_decrypt(const char *key_file, unsigned char *outbuf,

                unsigned char *inbuf, int inlen)
 {
        struct asymmetric_key *priv;
                unsigned char *inbuf, int inlen)
 {
        struct asymmetric_key *priv;


@@ -228,7 +214,7 @@ out:
        return ret;
 }
 
        return ret;
 }
 

-int pub_encrypt(struct asymmetric_key *pub, unsigned char *inbuf,
+int apc_pub_encrypt(struct asymmetric_key *pub, unsigned char *inbuf,

                unsigned len, unsigned char *outbuf)
 {
        int ret, flen = len; /* RSA_public_encrypt expects a signed int */
                unsigned len, unsigned char *outbuf)
 {
        int ret, flen = len; /* RSA_public_encrypt expects a signed int */