2 * This file is part of secnet.
3 * See README for full list of copyright holders.
5 * secnet is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 3 of the License, or
8 * (at your option) any later version.
10 * secnet is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * version 3 along with secnet; if not, see
17 * https://www.gnu.org/licenses/gpl.html.
23 #define DEFAULT_SIZE 5
24 #define DEFAULT_MAXPRIV_BYTES 4095
28 struct sigprivkey_if *sigpriv; /* 0 means none such */
33 struct privcache_if ops;
35 struct pathprefix_template path;
37 struct buffer_if databuf;
40 static bool_t uncached_load_file(
41 const struct sigscheme_info *scheme,
43 struct buffer_if *databuf,
44 struct sigprivkey_if **sigpriv_r,
45 closure_t **closure_r,
48 static struct sigprivkey_if *uncached_get(struct privcache *st,
49 const struct sigkeyid *id, struct log_if *log)
51 sprintf(st->path.write_here, SIGKEYID_PR_FMT, SIGKEYID_PR_VAL(id));
53 const char *path=st->path.buffer;
54 const struct sigscheme_info *scheme;
55 for (scheme=sigschemes;
58 if (scheme->algid == id->b[GRPIDSZ])
61 slilog(log,M_ERR,"private key file %s not loaded (unknown algid)",
66 struct sigprivkey_if *sigpriv;
68 bool_t ok=uncached_load_file(scheme,
74 return ok ? sigpriv : 0;
77 static bool_t uncached_load_file(
78 const struct sigscheme_info *scheme,
80 struct buffer_if *databuf,
81 struct sigprivkey_if **sigpriv_r,
82 closure_t **closure_r,
87 struct sigprivkey_if *sigpriv=0;
91 if (errno == ENOENT) {
92 slilog(log,M_DEBUG,"private key %s not found",
95 slilog(log,M_ERR,"failed to open private key file %s",
102 buffer_init(databuf,0);
103 ssize_t got=fread(databuf->base,1,databuf->alloclen,f);
105 slilog(log,M_ERR,"failed to read private-key file %s",
110 slilog(log,M_ERR,"private key file %s longer than max %d",
111 path, (int)databuf->alloclen);
116 databuf->start=databuf->base;
118 struct cloc loc = { .file=path, .line=0 };
119 ok=scheme->loadpriv(scheme, databuf, &sigpriv, closure_r, log, loc);
120 if (!ok) goto error_out; /* loadpriv will have logged */
129 if (sigpriv) sigpriv->dispose(sigpriv->st);
134 static struct sigprivkey_if *privcache_lookup(void *sst,
135 const struct sigkeyid *id,
136 struct log_if *log) {
137 struct privcache *st=sst;
141 for (was=0; was<st->used; was++) {
142 if (sigkeyid_equal(id, &st->ents[was].id)) {
143 result = st->ents[was];
148 if (st->used < st->alloc) {
153 if (st->ents[was].sigpriv) {
154 st->ents[was].sigpriv->dispose(st->ents[was].sigpriv->st);
158 COPY_OBJ(result.id, *id);
159 result.sigpriv=uncached_get(st,id,log);
162 memmove(&st->ents[1], &st->ents[0], sizeof(st->ents[0]) * was);
164 return result.sigpriv;
167 static list_t *privcache_apply(closure_t *self, struct cloc loc,
168 dict_t *context, list_t *args)
170 struct privcache *st;
175 st->cl.description="privcache";
176 st->cl.type=CL_PRIVCACHE;
178 st->cl.interface=&st->ops;
180 st->ops.lookup=privcache_lookup;
183 st->used=st->alloc=0;
185 item=list_elem(args,0);
186 if (!item || item->type!=t_dict)
187 cfgfatal(loc,"privcache","parameter must be a dictionary\n");
189 dict=item->data.dict;
191 st->alloc=dict_read_number(dict,"privcache-size",False,"privcache",loc,
193 NEW_ARY(st->ents,st->alloc);
196 int32_t buflen=dict_read_number(dict,"privkey-max",False,"privcache",loc,
197 DEFAULT_MAXPRIV_BYTES);
198 buffer_new(&st->databuf,buflen+1);
200 const char *path=dict_read_string(dict,"privkeys",True,"privcache",loc);
201 pathprefix_template_init(&st->path,path,KEYIDSZ*2);
203 return new_closure(&st->cl);
206 static list_t *loadprivate_apply(closure_t *self, struct cloc loc,
207 dict_t *context, list_t *args)
209 CL_GET_STR_ARG(0,algname,"algorithm name");
210 CL_GET_STR_ARG(1,path,"private key path");
212 const struct sigscheme_info *sch=sigscheme_lookup(algname);
213 if (!sch) cfgfatal(algname_i->loc,"load-private",
214 "unknown algorithm `%s'",algname);
216 struct buffer_if databuf;
217 buffer_new(&databuf,DEFAULT_MAXPRIV_BYTES);
218 BUF_ALLOC(&databuf,"load-private data buf");
220 struct cfgfile_log log;
221 cfgfile_log_init(&log,loc,"load-private");
223 struct sigprivkey_if *sigpriv;
226 uncached_load_file(sch,path,&databuf,&sigpriv,&cl,&log.log);
227 if (!ok) cfgfatal(loc,"load-private","private key loading failed");
230 buffer_destroy(&databuf);
231 return new_closure(cl);
234 void privcache_module(dict_t *dict)
236 add_closure(dict,"priv-cache",privcache_apply);
237 add_closure(dict,"load-private",loadprivate_apply);