Project

General

Profile

Statistics
| Branch: | Tag: | Revision:

gdp / gdp / gdp_crypto.c @ master

History | View | Annotate | Download (5.95 KB)

1
/* vim: set ai sw=4 sts=4 ts=4 : */
2

    
3
/*
4
**  ----- BEGIN LICENSE BLOCK -----
5
**        GDP: Global Data Plane Support Library
6
**        From the Ubiquitous Swarm Lab, 490 Cory Hall, U.C. Berkeley.
7
**
8
**        Copyright (c) 2015-2019, Regents of the University of California.
9
**        All rights reserved.
10
**
11
**        Permission is hereby granted, without written agreement and without
12
**        license or royalty fees, to use, copy, modify, and distribute this
13
**        software and its documentation for any purpose, provided that the above
14
**        copyright notice and the following two paragraphs appear in all copies
15
**        of this software.
16
**
17
**        IN NO EVENT SHALL REGENTS BE LIABLE TO ANY PARTY FOR DIRECT, INDIRECT,
18
**        SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, INCLUDING LOST
19
**        PROFITS, ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS DOCUMENTATION,
20
**        EVEN IF REGENTS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
21
**
22
**        REGENTS SPECIFICALLY DISCLAIMS ANY WARRANTIES, INCLUDING, BUT NOT
23
**        LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
24
**        FOR A PARTICULAR PURPOSE. THE SOFTWARE AND ACCOMPANYING DOCUMENTATION,
25
**        IF ANY, PROVIDED HEREUNDER IS PROVIDED "AS IS". REGENTS HAS NO
26
**        OBLIGATION TO PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS,
27
**        OR MODIFICATIONS.
28
**  ----- END LICENSE BLOCK -----
29
*/
30

    
31
#include <ep/ep.h>
32
#include <ep/ep_crypto.h>
33
#include <ep/ep_dbg.h>
34
#include <ep/ep_string.h>
35

    
36
#include "gdp.h"
37

    
38
#include <string.h>
39

    
40
static EP_DBG        Dbg = EP_DBG_INIT("gdp.crypto", "cryptographic operations for GDP");
41

    
42

    
43
/**********  Support for hash functions  **********/
44

    
45
/*
46
**  Allocate/Free/Reset hashes
47
**                Resetting leaves the data structure in an empty state.
48
*/
49

    
50
gdp_hash_t *
51
gdp_hash_new(int alg, void *hashbytes, size_t hashlen)
52
{
53
        gdp_buf_t *hashbuf = gdp_buf_new();
54
        if (hashbytes != NULL)
55
                gdp_buf_write(hashbuf, hashbytes, hashlen);
56
        return (gdp_hash_t *) hashbuf;
57
}
58

    
59
void
60
gdp_hash_free(gdp_hash_t *hash)
61
{
62
        gdp_buf_free((gdp_buf_t *) hash);
63
}
64

    
65
void
66
gdp_hash_reset(gdp_hash_t *hash)
67
{
68
        gdp_buf_reset((gdp_buf_t *) hash);
69
}
70

    
71
size_t
72
gdp_hash_getlength(gdp_hash_t *hash)
73
{
74
        return gdp_buf_getlength((gdp_buf_t *) hash);
75
}
76

    
77
void
78
gdp_hash_set(gdp_hash_t *hash, void *hashbytes, size_t hashlen)
79
{
80
        gdp_buf_t *hashbuf = (gdp_buf_t *) hash;
81
        gdp_buf_reset(hashbuf);
82
        gdp_buf_write(hashbuf, hashbytes, hashlen);
83
}
84

    
85
void *
86
gdp_hash_getptr(gdp_hash_t *hash, size_t *hashlen_ptr)
87
{
88
        gdp_buf_t *hashbuf = (gdp_buf_t *) hash;
89
        size_t l = gdp_buf_getlength(hashbuf);
90
        if (hashlen_ptr != NULL)
91
                *hashlen_ptr = l;
92
        return gdp_buf_getptr(hashbuf, l);
93
}
94

    
95
gdp_buf_t *
96
_gdp_hash_getbuf(gdp_hash_t *hash)
97
{
98
        return (gdp_buf_t *) hash;
99
}
100

    
101

    
102
bool
103
gdp_hash_equal(const gdp_hash_t *a1, const gdp_hash_t *b1)
104
{
105
        gdp_buf_t *a = (gdp_buf_t *) a1;
106
        gdp_buf_t *b = (gdp_buf_t *) b1;
107
        size_t l = gdp_buf_getlength(a);
108

    
109
        return (l == gdp_buf_getlength(b)) &&
110
                (memcmp(gdp_buf_getptr(a, l), gdp_buf_getptr(b, l), l) == 0);
111
}
112

    
113

    
114
/**********  Support for signatures  **********/
115

    
116
/*
117
**  Allocate/Free/Reset signatures
118
*/
119

    
120
gdp_sig_t *
121
gdp_sig_new(int al, void *sigbytes, size_t siglen)
122
{
123
        gdp_buf_t *sigbuf = gdp_buf_new();
124
        if (sigbytes != NULL)
125
                gdp_buf_write(sigbuf, sigbytes, siglen);
126
        return (gdp_sig_t *) sigbuf;
127
}
128

    
129
void
130
gdp_sig_free(gdp_sig_t *sig)
131
{
132
        gdp_buf_free((gdp_buf_t *) sig);
133
}
134

    
135
void
136
gdp_sig_reset(gdp_sig_t *sig)
137
{
138
        gdp_buf_reset((gdp_buf_t *) sig);
139
}
140

    
141
size_t
142
gdp_sig_getlength(gdp_sig_t *sig)
143
{
144
        return gdp_buf_getlength((gdp_buf_t *) sig);
145
}
146

    
147
void *
148
gdp_sig_getptr(gdp_sig_t *sig, size_t *siglen)
149
{
150
        gdp_buf_t *sigbuf = (gdp_buf_t *) sig;
151
        size_t l = gdp_buf_getlength(sigbuf);
152
        if (siglen != NULL)
153
                *siglen = l;
154
        return gdp_buf_getptr(sigbuf, l);
155
}
156

    
157
gdp_buf_t *
158
_gdp_sig_getbuf(gdp_sig_t *sig)
159
{
160
        return (gdp_buf_t *) sig;
161
}
162

    
163
gdp_sig_t *
164
gdp_sig_dup(gdp_sig_t *sig)
165
{
166
        return (gdp_sig_t *) gdp_buf_dup((gdp_buf_t *) sig);
167
}
168

    
169
void
170
gdp_sig_copy(gdp_sig_t *from, gdp_sig_t *to)
171
{
172
        gdp_buf_reset((gdp_buf_t *) to);
173
        gdp_buf_copy((gdp_buf_t *) from, (gdp_buf_t *) to);
174
}
175

    
176
void
177
gdp_sig_set(gdp_sig_t *sig, void *sigbytes, size_t siglen)
178
{
179
        gdp_buf_reset((gdp_buf_t *) sig);
180
        gdp_buf_write((gdp_buf_t *) sig, sigbytes, siglen);
181
}
182

    
183

    
184

    
185
/**********  Miscellaneous support  **********/
186

    
187
/*
188
**  Read a secret key
189
**
190
**  This should have a better way of handling password-protected keys.
191
**  At the moment it uses the OpenSSL built-in "read from keyboard"
192
**  method.
193
*/
194

    
195
EP_CRYPTO_KEY *
196
_gdp_crypto_skey_read(const char *searchpath, const char *filename)
197
{
198
        char *p = NULL;
199
        char *dir;
200
        int keyform = EP_CRYPTO_KEYFORM_PEM;
201
        int i;
202

    
203
        ep_dbg_cprintf(Dbg, 39, "_gdp_crypto_skey_read(%s)\n", filename);
204

    
205
        if ((i = strlen(filename)) > 4)
206
        {
207
                if (strcmp(&filename[i - 4], ".pem") == 0)
208
                        keyform = EP_CRYPTO_KEYFORM_PEM;
209
                else if (strcmp(&filename[i - 4], ".der") == 0)
210
                        keyform = EP_CRYPTO_KEYFORM_DER;
211
        }
212

    
213
        if (filename[0] == '/')
214
        {
215
                // absolute path name
216
                searchpath = "";
217
        }
218
        else if (searchpath == NULL)
219
        {
220
                // get the default search path
221
                searchpath = ep_adm_getstrparam("swarm.gdp.crypto.key.path",
222
                                "."
223
                                ":KEYS"
224
                                ":~/.swarm/gdp/keys"
225
                                ":/usr/local/etc/gdp/keys"
226
                                ":/usr/local/etc/swarm/gdp/keys"
227
                                ":/etc/gdp/keys"
228
                                ":/etc/swarm/gdp/keys");
229
        }
230

    
231
        char pbuf[strlen(searchpath) + 1];
232
        strlcpy(pbuf, searchpath, sizeof pbuf);
233
        for (dir = pbuf; dir != NULL; dir = p)
234
        {
235
                FILE *fp;
236
                EP_CRYPTO_KEY *key;
237
                char fnbuf[512];
238

    
239
                p = strchr(dir, ':');
240
                if (p != NULL)
241
                        *p++ = '\0';
242
                if (*dir == '\0' && filename[0] != '/')
243
                        continue;
244

    
245
                // create the candidate filename
246
                if (strncmp(dir, "~/", 2) == 0)
247
                {
248
                        char *home = getenv("HOME");
249

    
250
                        if (home == NULL)
251
                                continue;
252
                        snprintf(fnbuf, sizeof fnbuf, "%s%s/%s", home, dir + 1, filename);
253
                }
254
                else
255
                {
256
                        snprintf(fnbuf, sizeof fnbuf, "%s/%s", dir, filename);
257
                }
258

    
259
                ep_dbg_cprintf(Dbg, 40,
260
                                "_gdp_crypto_skey_read: trying %s\n",
261
                                fnbuf);
262
                fp = fopen(fnbuf, "r");
263
                if (fp == NULL)
264
                        continue;
265

    
266
                key = ep_crypto_key_read_fp(fp, fnbuf, keyform, EP_CRYPTO_F_SECRET);
267
                ep_dbg_cprintf(Dbg, 40,
268
                                "_gdp_crypto_skey_read: found file, key = %p\n",
269
                                key);
270
                fclose(fp);
271
                if (key != NULL)
272
                        return key;
273
        }
274
        return NULL;
275
}