X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=openssl.c;h=7d5bb25d53cf73009803fe0e62ca15d0167a05cb;hp=f786ce29bc715ab72c12e49088aaf15fb9cf8fb7;hb=9d232e636d79a2321e280fe3eee6839c8f45c36f;hpb=f1adf8b86e072e22353e0481d96d13f627c364b4 diff --git a/openssl.c b/openssl.c index f786ce29..7d5bb25d 100644 --- a/openssl.c +++ b/openssl.c @@ -16,9 +16,7 @@ #include "error.h" #include "string.h" #include "crypt.h" -#include "fd.h" #include "crypt_backend.h" -#include "base64.h" #include "portable_io.h" struct asymmetric_key { @@ -45,7 +43,7 @@ void get_random_bytes_or_die(unsigned char *buf, int num) * \sa RAND_load_file(3), \ref get_random_bytes_or_die(), srandom(3), * random(3), \ref para_random(). */ -void init_random_seed_or_die(void) +void crypt_init(void) { int seed, ret = RAND_load_file("/dev/urandom", 64); @@ -57,6 +55,11 @@ void init_random_seed_or_die(void) srandom(seed); } +void crypt_shutdown(void) +{ + CRYPTO_cleanup_all_ex_data(); +} + static int get_private_key(const char *path, RSA **rsa) { EVP_PKEY *pkey; @@ -139,53 +142,34 @@ fail: return ret; } -int get_public_key(const char *key_file, struct asymmetric_key **result) +int apc_get_pubkey(const char *key_file, struct asymmetric_key **result) { - struct asymmetric_key *key = NULL; - void *map = NULL; - unsigned char *blob = NULL; - size_t map_size, encoded_size, decoded_size; - int ret, ret2; - char *cp; + unsigned char *blob; + size_t decoded_size; + int ret; + struct asymmetric_key *key = para_malloc(sizeof(*key)); - key = para_malloc(sizeof(*key)); - ret = mmap_full_file(key_file, O_RDONLY, &map, &map_size, NULL); + ret = decode_ssh_key(key_file, &blob, &decoded_size); if (ret < 0) goto out; - ret = is_ssh_rsa_key(map, map_size); - if (!ret) { - ret = -E_SSH_PARSE; - goto out_unmap; - } - cp = map + ret; - encoded_size = map_size - ret; - PARA_INFO_LOG("decoding public rsa-ssh key %s\n", key_file); - ret = uudecode(cp, encoded_size, (char **)&blob, &decoded_size); - if (ret < 0) - goto out_unmap; - ret = check_ssh_key_header(blob, decoded_size); - if (ret < 0) - goto out_unmap; ret = read_rsa_bignums(blob + ret, decoded_size - ret, &key->rsa); if (ret < 0) - goto out_unmap; + goto free_blob; ret = RSA_size(key->rsa); -out_unmap: - ret2 = para_munmap(map, map_size); - if (ret >= 0 && ret2 < 0) - ret = ret2; + assert(ret > 0); + *result = key; +free_blob: + free(blob); out: if (ret < 0) { free(key); *result = NULL; - PARA_ERROR_LOG("key %s: %s\n", key_file, para_strerror(-ret)); - } else - *result = key; - free(blob); + PARA_ERROR_LOG("can not load key %s\n", key_file); + } return ret; } -void free_public_key(struct asymmetric_key *key) +void apc_free_pubkey(struct asymmetric_key *key) { if (!key) return; @@ -193,7 +177,7 @@ void free_public_key(struct asymmetric_key *key) free(key); } -int priv_decrypt(const char *key_file, unsigned char *outbuf, +int apc_priv_decrypt(const char *key_file, unsigned char *outbuf, unsigned char *inbuf, int inlen) { struct asymmetric_key *priv; @@ -228,7 +212,7 @@ out: return ret; } -int pub_encrypt(struct asymmetric_key *pub, unsigned char *inbuf, +int apc_pub_encrypt(struct asymmetric_key *pub, unsigned char *inbuf, unsigned len, unsigned char *outbuf) { int ret, flen = len; /* RSA_public_encrypt expects a signed int */