X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=rsa.c;h=28f9d865b2db2048b5f64c21683c0845f7f87cc1;hb=c43eabefac47d5cc1f2031e2bf677a25a88b6d48;hp=790f7cc0a0e7513d1e3dd9324f255e55b24531b1;hpb=dffca6e2220c60519e52ac03438f37a0aa513293;p=secnet.git

diff --git a/rsa.c b/rsa.c
index 790f7cc..28f9d86 100644
--- a/rsa.c
+++ b/rsa.c
@@ -328,31 +328,58 @@ static list_t *rsapub_apply(closure_t *self, struct cloc loc, dict_t *context,
     return new_closure(&st->cl);
 }
 
-static uint32_t keyfile_get_int(struct cloc loc, FILE *f)
+struct rsapriv_load_ctx {
+    void (*verror)(struct rsapriv_load_ctx *l,
+		   FILE *maybe_f, bool_t unsup,
+		   const char *message, va_list args);
+    bool_t (*postreadcheck)(struct rsapriv_load_ctx *l, FILE *f);
+    union {
+	struct {
+	    struct cloc loc;
+	} apply;
+	struct {
+	    struct log_if *log;
+	} tryload;
+    } u;
+};
+
+#define LDFATAL(...)      ({ load_error(l,0,0,__VA_ARGS__); goto error_out; })
+#define LDUNSUP(...)      ({ load_error(l,0,1,__VA_ARGS__); goto error_out; })
+#define LDFATAL_FILE(...) ({ load_error(l,f,0,__VA_ARGS__); goto error_out; })
+#define LDUNSUP_FILE(...) ({ load_error(l,f,1,__VA_ARGS__); goto error_out; })
+#define FREE(b)                ({ free((b)); (b)=0; })
+#define KEYFILE_GET(is)   ({					\
+	uint##is##_t keyfile_get_tmp=keyfile_get_##is(l,f);	\
+	if (!l->postreadcheck(l,f)) goto error_out;		\
+	keyfile_get_tmp;					\
+    })
+
+static uint32_t keyfile_get_32(struct rsapriv_load_ctx *l, FILE *f)
 {
     uint32_t r;
     r=fgetc(f)<<24;
     r|=fgetc(f)<<16;
     r|=fgetc(f)<<8;
     r|=fgetc(f);
-    cfgfile_postreadcheck(loc,f);
     return r;
 }
 
-static uint16_t keyfile_get_short(struct cloc loc, FILE *f)
+static uint16_t keyfile_get_16(struct rsapriv_load_ctx *l, FILE *f)
 {
     uint16_t r;
     r=fgetc(f)<<8;
     r|=fgetc(f);
-    cfgfile_postreadcheck(loc,f);
     return r;
 }
 
-#define LDFATAL(...)           cfgfatal(loc,"rsa-private",__VA_ARGS__)
-#define LDUNSUP(...)           cfgfatal(loc,"rsa-private",__VA_ARGS__)
-#define LDFATAL_FILE(...) cfgfatal_maybefile(f,loc,"rsa-private",__VA_ARGS__)
-#define LDUNSUP_FILE(...) cfgfatal_maybefile(f,loc,"rsa-private",__VA_ARGS__)
-#define FREE(b)                free(b)
+static void load_error(struct rsapriv_load_ctx *l, FILE *maybe_f,
+		       bool_t unsup, const char *fmt, ...)
+{
+    va_list al;
+    va_start(al,fmt);
+    l->verror(l,maybe_f,unsup,fmt,al);
+    va_end(al);
+}
 
 static void rsapriv_dispose(void *sst)
 {
@@ -365,9 +392,9 @@ static void rsapriv_dispose(void *sst)
     free(st);
 }
 
-static struct rsapriv *rsa_loadpriv_core(FILE *f, struct cloc loc,
-					 bool_t do_validity_check,
-					 const char *filename)
+static struct rsapriv *rsa_loadpriv_core(struct rsapriv_load_ctx *l,
+					 FILE *f, struct cloc loc,
+					 bool_t do_validity_check)
 {
     struct rsapriv *st=0;
     long length;
@@ -412,20 +439,19 @@ static struct rsapriv *rsa_loadpriv_core(FILE *f, struct cloc loc,
     b=safe_malloc(length,"rsapriv_apply");
     if (fread(b,length,1,f)!=1 || memcmp(b,AUTHFILE_ID_STRING,length)!=0) {
 	LDUNSUP_FILE("failed to read magic ID"
-			   " string from SSH1 private keyfile \"%s\"\n",
-			   filename);
+		     " string from SSH1 private keyfile\n");
     }
     FREE(b);
 
     cipher_type=fgetc(f);
-    keyfile_get_int(loc,f); /* "Reserved data" */
+    KEYFILE_GET(32); /* "Reserved data" */
     if (cipher_type != 0) {
 	LDUNSUP("we don't support encrypted keyfiles\n");
     }
 
     /* Read the public key */
-    keyfile_get_int(loc,f); /* Not sure what this is */
-    length=(keyfile_get_short(loc,f)+7)/8;
+    KEYFILE_GET(32); /* Not sure what this is */
+    length=(KEYFILE_GET(16)+7)/8;
     if (length>RSA_MAX_MODBYTES) {
 	LDFATAL("implausible length %ld for modulus\n",
 		 length);
@@ -436,7 +462,7 @@ static struct rsapriv *rsa_loadpriv_core(FILE *f, struct cloc loc,
     }
     read_mpbin(&st->n,b,length);
     FREE(b);
-    length=(keyfile_get_short(loc,f)+7)/8;
+    length=(KEYFILE_GET(16)+7)/8;
     if (length>RSA_MAX_MODBYTES) {
 	LDFATAL("implausible length %ld for e\n",length);
     }
@@ -447,7 +473,7 @@ static struct rsapriv *rsa_loadpriv_core(FILE *f, struct cloc loc,
     read_mpbin(&e,b,length);
     FREE(b);
     
-    length=keyfile_get_int(loc,f);
+    length=KEYFILE_GET(32);
     if (length>1024) {
 	LDFATAL("implausibly long (%ld) key comment\n",
 		 length);
@@ -461,12 +487,12 @@ static struct rsapriv *rsa_loadpriv_core(FILE *f, struct cloc loc,
     /* Check that the next two pairs of characters are identical - the
        keyfile is not encrypted, so they should be */
 
-    if (keyfile_get_short(loc,f) != keyfile_get_short(loc,f)) {
+    if (KEYFILE_GET(16) != KEYFILE_GET(16)) {
 	LDFATAL("corrupt keyfile\n");
     }
 
     /* Read d */
-    length=(keyfile_get_short(loc,f)+7)/8;
+    length=(KEYFILE_GET(16)+7)/8;
     if (length>RSA_MAX_MODBYTES) {
 	LDFATAL("implausibly long (%ld) decryption key\n",
 		 length);
@@ -478,7 +504,7 @@ static struct rsapriv *rsa_loadpriv_core(FILE *f, struct cloc loc,
     read_mpbin(&d,b,length);
     FREE(b);
     /* Read iqmp (inverse of q mod p) */
-    length=(keyfile_get_short(loc,f)+7)/8;
+    length=(KEYFILE_GET(16)+7)/8;
     if (length>RSA_MAX_MODBYTES) {
 	LDFATAL("implausibly long (%ld)"
 		 " iqmp auxiliary value\n", length);
@@ -490,7 +516,7 @@ static struct rsapriv *rsa_loadpriv_core(FILE *f, struct cloc loc,
     read_mpbin(&iqmp,b,length);
     FREE(b);
     /* Read q (the smaller of the two primes) */
-    length=(keyfile_get_short(loc,f)+7)/8;
+    length=(KEYFILE_GET(16)+7)/8;
     if (length>RSA_MAX_MODBYTES) {
 	LDFATAL("implausibly long (%ld) q value\n",
 		 length);
@@ -502,7 +528,7 @@ static struct rsapriv *rsa_loadpriv_core(FILE *f, struct cloc loc,
     read_mpbin(&st->q,b,length);
     FREE(b);
     /* Read p (the larger of the two primes) */
-    length=(keyfile_get_short(loc,f)+7)/8;
+    length=(KEYFILE_GET(16)+7)/8;
     if (length>RSA_MAX_MODBYTES) {
 	LDFATAL("implausibly long (%ld) p value\n",
 		 length);
@@ -571,21 +597,94 @@ static struct rsapriv *rsa_loadpriv_core(FILE *f, struct cloc loc,
     
 done_checks:
     if (!valid) {
-	LDFATAL("file \"%s\" does not contain a "
-		 "valid RSA key!\n",filename);
+	LDFATAL("file does not contain a "
+		 "valid RSA key!\n");
     }
 
 assume_valid:
+out:
     mpz_clear(&tmp);
     mpz_clear(&tmp2);
     mpz_clear(&tmp3);
 
+    FREE(b);
     FREE(c);
     mpz_clear(&e);
     mpz_clear(&d);
     mpz_clear(&iqmp);
 
     return st;
+
+error_out:
+    if (st) rsapriv_dispose(st);
+    st=0;
+    goto out;
+}
+
+FORMAT(printf,4,0)
+static void verror_tryload(struct rsapriv_load_ctx *l,
+			   FILE *maybe_f, bool_t unsup,
+			   const char *message, va_list args)
+{
+    int class=unsup ? M_DEBUG : M_ERR;
+    slilog_part(l->u.tryload.log,class,"rsa1priv load: ");
+    vslilog(l->u.tryload.log,class,message,args);
+}
+
+static bool_t postreadcheck_tryload(struct rsapriv_load_ctx *l, FILE *f)
+{
+    assert(!ferror(f));
+    if (feof(f)) { load_error(l,0,0,"eof mid-integer"); return False; }
+    return True;
+}
+
+bool_t rsa1_loadpriv(const struct sigscheme_info *algo,
+		     struct buffer_if *privkeydata,
+		     struct sigprivkey_if **sigpriv_r,
+		     struct log_if *log)
+{
+    FILE *f=0;
+    struct rsapriv *st=0;
+
+    f=fmemopen(privkeydata->start,privkeydata->size,"r");
+    if (!f) {
+	slilog(log,M_ERR,"failed to fmemopen private key file\n");
+	goto error_out;
+    }
+
+    struct cloc loc;
+    loc.file="dynamically loaded";
+    loc.line=0;
+
+    struct rsapriv_load_ctx l[1];
+    l->verror=verror_tryload;
+    l->postreadcheck=postreadcheck_tryload;
+    l->u.tryload.log=log;
+
+    st=rsa_loadpriv_core(l,f,loc,True);
+    if (!st) goto error_out;
+    goto out;
+
+ error_out:
+    if (st) { free(st); st=0; }
+ out:
+    if (f) fclose(f);
+    if (!st) return False;
+    *sigpriv_r=&st->ops;
+    return True;
+}
+
+static void verror_cfgfatal(struct rsapriv_load_ctx *l,
+			    FILE *maybe_f, bool_t unsup,
+			    const char *message, va_list args)
+{
+    vcfgfatal_maybefile(maybe_f,l->u.apply.loc,"rsa-private",message,args);
+}
+
+static bool_t postreadcheck_apply(struct rsapriv_load_ctx *l, FILE *f)
+{
+    cfgfile_postreadcheck(l->u.apply.loc,f);
+    return True;
 }
 
 static list_t *rsapriv_apply(closure_t *self, struct cloc loc, dict_t *context,
@@ -595,6 +694,11 @@ static list_t *rsapriv_apply(closure_t *self, struct cloc loc, dict_t *context,
     item_t *i;
     cstring_t filename;
     FILE *f;
+    struct rsapriv_load_ctx l[1];
+
+    l->verror=verror_cfgfatal;
+    l->postreadcheck=postreadcheck_apply;
+    l->u.apply.loc=loc;
 
     /* Argument is filename pointing to SSH1 private key file */
     i=list_elem(args,0);
@@ -628,7 +732,7 @@ static list_t *rsapriv_apply(closure_t *self, struct cloc loc, dict_t *context,
 	do_validity_check=False;
     }
 
-    st=rsa_loadpriv_core(f,loc,do_validity_check,filename);
+    st=rsa_loadpriv_core(l,f,loc,do_validity_check);
     fclose(f);
     return new_closure(&st->cl);
 }