From e63aa8fa568cda47a7ea4a50853f45754b6477d2 Mon Sep 17 00:00:00 2001 From: Ian Jackson Date: Thu, 13 Feb 2020 17:13:11 +0000 Subject: [PATCH] sig: Abolish sethash and defhash everywhere The only consumer of this wrongheaded interface was rsa1, which has been updated. Delete it all. There is nothing to delete in the documentation, mostly because much of this wasn't documented when we introduced it. Signed-off-by: Ian Jackson --- privcache.c | 21 +-------------------- pubkeys.c | 6 ------ pubkeys.fl.pl | 12 +----------- pubkeys.h | 5 ++--- rsa.c | 5 ----- secnet.h | 6 +----- site.c | 22 ++-------------------- 7 files changed, 7 insertions(+), 70 deletions(-) diff --git a/privcache.c b/privcache.c index 5377c90..d790c30 100644 --- a/privcache.c +++ b/privcache.c @@ -35,14 +35,12 @@ struct privcache { struct pathprefix_template path; struct ent *ents; struct buffer_if databuf; - struct hash_if *defhash; }; static bool_t uncached_load_file( const struct sigscheme_info *scheme, const char *path, struct buffer_if *databuf, - struct hash_if *defhash, struct sigprivkey_if **sigpriv_r, closure_t **closure_r, struct log_if *log); @@ -70,7 +68,6 @@ static struct sigprivkey_if *uncached_get(struct privcache *st, bool_t ok=uncached_load_file(scheme, path, &st->databuf, - st->defhash, &sigpriv, &cl, log); @@ -81,7 +78,6 @@ static bool_t uncached_load_file( const struct sigscheme_info *scheme, const char *path, struct buffer_if *databuf, - struct hash_if *defhash, struct sigprivkey_if **sigpriv_r, closure_t **closure_r, struct log_if *log) @@ -123,15 +119,6 @@ static bool_t uncached_load_file( ok=scheme->loadpriv(scheme, databuf, &sigpriv, closure_r, log, loc); if (!ok) goto error_out; /* loadpriv will have logged */ - if (sigpriv->sethash) { - if (!defhash) { - slilog(log,M_ERR, - "private key %s requires `hash' config key to load", - path); - goto error_out; - } - sigpriv->sethash(sigpriv->st,defhash); - } *sigpriv_r=sigpriv; out: @@ -194,7 +181,6 @@ static list_t *privcache_apply(closure_t *self, struct cloc loc, st->ents=0; st->path.buffer=0; st->used=st->alloc=0; - st->defhash=0; item=list_elem(args,0); if (!item || item->type!=t_dict) @@ -214,8 +200,6 @@ static list_t *privcache_apply(closure_t *self, struct cloc loc, const char *path=dict_read_string(dict,"privkeys",True,"privcache",loc); pathprefix_template_init(&st->path,path,KEYIDSZ*2); - st->defhash=find_cl_if(dict,"hash",CL_HASH,False,"site",loc); - return new_closure(&st->cl); } @@ -233,16 +217,13 @@ static list_t *loadprivate_apply(closure_t *self, struct cloc loc, buffer_new(&databuf,DEFAULT_MAXPRIV_BYTES); BUF_ALLOC(&databuf,"load-private data buf"); - struct hash_if *defhash= - find_cl_if(context,"hash",CL_HASH,False,"load-private",loc); - struct cfgfile_log log; cfgfile_log_init(&log,loc,"load-private"); struct sigprivkey_if *sigpriv; closure_t *cl; bool_t ok= - uncached_load_file(sch,path,&databuf,defhash,&sigpriv,&cl,&log.log); + uncached_load_file(sch,path,&databuf,&sigpriv,&cl,&log.log); if (!ok) cfgfatal(loc,"load-private","private key loading failed"); BUF_FREE(&databuf); diff --git a/pubkeys.c b/pubkeys.c index efcfa77..6dc741b 100644 --- a/pubkeys.c +++ b/pubkeys.c @@ -78,12 +78,6 @@ static list_t *makepublic_apply(closure_t *self, struct cloc loc, bool_t ok=sch->loadpub(sch,&buf,&pubkey,&cl,&log.log,loc); if (!ok) cfgfatal(loc,"make-public","public key loading failed"); - if (pubkey->sethash) { - struct hash_if *defhash= - find_cl_if(context,"hash",CL_HASH,True,"make-public",loc); - pubkey->sethash(pubkey->st,defhash); - } - BUF_FREE(&buf); buffer_destroy(&buf); return new_closure(cl); diff --git a/pubkeys.fl.pl b/pubkeys.fl.pl index d163e37..da1e4d4 100755 --- a/pubkeys.fl.pl +++ b/pubkeys.fl.pl @@ -161,7 +161,6 @@ struct pubkeyset_context { /* filled in during setup: */ struct cloc loc; /* line is runtime */ struct log_if *log; - struct hash_if *defhash; struct buffer_if *data_buf; struct peer_keyset *building; /* runtime: */ @@ -232,13 +231,6 @@ static struct pubkeyset_context c[1]; bool_t ok=c->scheme->loadpub(c->scheme,c->data_buf, &pubkey,&cl,c->log,c->loc); if (!ok) break; - if (pubkey->sethash) { - if (!c->defhash) { - pubkey->dispose(pubkey->st); - DOSKIP("public key requires default hash to load"); - } - pubkey->sethash(pubkey->st,c->defhash); - } struct peer_pubkey *fill=&c->building->keys[c->building->nkeys]; memcpy(fill->id.b,c->grpid,GRPIDSZ); assert(ALGIDSZ==1); /* otherwise need htons or htonl or something */ @@ -291,11 +283,9 @@ static struct pubkeyset_context c[1]; extern struct peer_keyset * keyset_load(const char *path, struct buffer_if *data_buf, - struct log_if *log, int logcl_enoent, - struct hash_if *defhash) { + struct log_if *log, int logcl_enoent) { assert(!c->building); c->log=log; - c->defhash=defhash; c->loc.file=path; pkyyin = fopen(path, "r"); if (!pkyyin) { diff --git a/pubkeys.h b/pubkeys.h index 782240f..a630d77 100644 --- a/pubkeys.h +++ b/pubkeys.h @@ -26,7 +26,7 @@ struct peer_pubkey { struct sigkeyid id; - struct sigpubkey_if *pubkey; /* does not need ->sethash calling */ + struct sigpubkey_if *pubkey; }; struct peer_keyset { @@ -38,8 +38,7 @@ struct peer_keyset { extern struct peer_keyset * keyset_load(const char *path, struct buffer_if *data_buf, - struct log_if *log, int logcl_enoent, - struct hash_if *defhash); + struct log_if *log, int logcl_enoent); extern void keyset_dispose(struct peer_keyset **ks); diff --git a/rsa.c b/rsa.c index b30fa01..6a89b21 100644 --- a/rsa.c +++ b/rsa.c @@ -141,9 +141,6 @@ static void rsa_sethash(struct load_ctx *l, *in_ops=hash; } -static void rsa_pub_sethash(void *sst, struct hash_if *hash) { } -static void rsa_priv_sethash(void *sst, struct hash_if *hash) { } - static void rsacommon_dispose(struct rsacommon *c) { free(c->hashbuf); @@ -344,7 +341,6 @@ static struct rsapub *rsa_loadpub_core(RSAPUB_BNS(RSAPUB_LOADCORE_DEFBN) st->cl.apply=NULL; st->cl.interface=&st->ops; st->ops.st=st; - st->ops.sethash=rsa_pub_sethash; st->common.hashbuf=NULL; st->ops.unpick=rsa_sig_unpick; st->ops.check=rsa_sig_check; @@ -508,7 +504,6 @@ static struct rsapriv *rsa_loadpriv_core(struct load_ctx *l, st->cl.apply=NULL; st->cl.interface=&st->ops; st->ops.st=st; - st->ops.sethash=rsa_priv_sethash; st->common.hashbuf=NULL; st->ops.sign=rsa_sign; st->ops.hash=0; diff --git a/secnet.h b/secnet.h index 3f5a197..d447ffb 100644 --- a/secnet.h +++ b/secnet.h @@ -506,7 +506,6 @@ struct random_if { /* SIGPUBKEY interface */ -typedef void sig_sethash_fn(void *st, struct hash_if *hash); typedef void sig_dispose_fn(void *st); typedef bool_t sig_unpick_fn(void *sst, struct buffer_if *msg, @@ -515,7 +514,6 @@ typedef bool_t sig_checksig_fn(void *st, uint8_t *data, int32_t datalen, const struct alg_msg_data *sig); struct sigpubkey_if { void *st; - sig_sethash_fn *sethash; /* must be called before use, if non-0 */ sig_unpick_fn *unpick; sig_checksig_fn *check; const struct hash_if *hash; @@ -530,7 +528,6 @@ typedef bool_t sig_makesig_fn(void *st, uint8_t *data, int32_t datalen, struct buffer_if *msg); struct sigprivkey_if { void *st; - sig_sethash_fn *sethash; /* must be called before use, if non-0 */ sig_makesig_fn *sign; const struct hash_if *hash; sig_dispose_fn *dispose; @@ -541,8 +538,7 @@ struct sigprivkey_if { typedef struct sigprivkey_if *privcache_lookup_fn(void *st, const struct sigkeyid *id, struct log_if*); - /* Return is valid only until you return from the current event! - * You do not need to call ->sethash. */ + /* Return is valid only until you return from the current event! */ struct privcache_if { void *st; diff --git a/site.c b/site.c index 89e415c..72cee24 100644 --- a/site.c +++ b/site.c @@ -318,7 +318,6 @@ struct site { int ncomms; struct resolver_if *resolver; struct log_if *log; - struct hash_if *defhash; struct random_if *random; struct privcache_if *privkeys; struct sigprivkey_if *privkey_fixed; @@ -902,7 +901,7 @@ static void peerkeys_maybe_incorporate(struct site *st, const char *file, int logcl_enoent) { struct peer_keyset *atsuffix= - keyset_load(file,&st->scratch,st->log,logcl_enoent,st->defhash); + keyset_load(file,&st->scratch,st->log,logcl_enoent); if (!atsuffix) return; if (st->peerkeys_current && @@ -2315,18 +2314,6 @@ static void site_childpersist_clearkeys(void *sst, uint32_t newphase) crypto operations, but that's a task for another day. */ } -static void setup_sethash(struct site *st, dict_t *dict, - struct cloc loc, - sig_sethash_fn *sethash, void *sigkey_st) { - if (!st->defhash) - cfgfatal(loc,"site","other settings imply `hash' key is needed"); - sethash(sigkey_st,st->defhash); -} -#define SETUP_SETHASH(k) do{ \ - if ((k)->sethash) \ - setup_sethash(st,dict,loc, (k)->sethash,(k)->st); \ -}while(0) - static list_t *site_apply(closure_t *self, struct cloc loc, dict_t *context, list_t *args) { @@ -2431,13 +2418,10 @@ static list_t *site_apply(closure_t *self, struct cloc loc, dict_t *context, st->resolver=find_cl_if(dict,"resolver",CL_RESOLVER,True,"site",loc); st->random=find_cl_if(dict,"random",CL_RANDOMSRC,True,"site",loc); - st->defhash=find_cl_if(dict,"hash",CL_HASH,True,"site",loc); - st->privkeys=find_cl_if(dict,"key-cache",CL_PRIVCACHE,False,"site",loc); if (!st->privkeys) { st->privkey_fixed= find_cl_if(dict,"local-key",CL_SIGPRIVKEY,True,"site",loc); - SETUP_SETHASH(st->privkey_fixed); } struct sigpubkey_if *fixed_pubkey @@ -2448,14 +2432,12 @@ static list_t *site_apply(closure_t *self, struct cloc loc, dict_t *context, pathprefix_template_init(&st->peerkeys_tmpl,st->peerkeys_path, PEERKEYS_SUFFIX_MAXLEN + 1 /* nul */); st->peerkeys_current=keyset_load(st->peerkeys_path, - &st->scratch,st->log,M_ERR, - st->defhash); + &st->scratch,st->log,M_ERR); if (fixed_pubkey) { fixed_pubkey->dispose(fixed_pubkey->st); } } else { assert(fixed_pubkey); - SETUP_SETHASH(fixed_pubkey); NEW(st->peerkeys_current); st->peerkeys_current->refcount=1; st->peerkeys_current->nkeys=1; -- 2.30.2