chiark / gitweb /
util: replace close_nointr_nofail() by a more useful safe_close()
[elogind.git] / src / journal / journal-authenticate.c
index ae64d3c..5ab1982 100644 (file)
@@ -51,8 +51,6 @@ int journal_file_append_tag(JournalFile *f) {
         if (!f->hmac_running)
                 return 0;
 
-        log_debug("Writing tag for epoch %llu\n", (unsigned long long) FSPRG_GetEpoch(f->fsprg_state));
-
         assert(f->hmac);
 
         r = journal_file_append_object(f, OBJECT_TAG, sizeof(struct TagObject), &o, &p);
@@ -62,9 +60,13 @@ int journal_file_append_tag(JournalFile *f) {
         o->tag.seqnum = htole64(journal_file_tag_seqnum(f));
         o->tag.epoch = htole64(FSPRG_GetEpoch(f->fsprg_state));
 
+        log_debug("Writing tag %"PRIu64" for epoch %"PRIu64"",
+                  le64toh(o->tag.seqnum),
+                  FSPRG_GetEpoch(f->fsprg_state));
+
         /* Add the tag object itself, so that we can protect its
          * header. This will exclude the actual hash value in it */
-        r = journal_file_hmac_put_object(f, OBJECT_TAG, p);
+        r = journal_file_hmac_put_object(f, OBJECT_TAG, o, p);
         if (r < 0)
                 return r;
 
@@ -150,7 +152,7 @@ int journal_file_fsprg_evolve(JournalFile *f, uint64_t realtime) {
 
         epoch = FSPRG_GetEpoch(f->fsprg_state);
         if (epoch < goal)
-                log_debug("Evolving FSPRG key from epoch %llu to %llu.", (unsigned long long) epoch, (unsigned long long) goal);
+                log_debug("Evolving FSPRG key from epoch %"PRIu64" to %"PRIu64".", epoch, goal);
 
         for (;;) {
                 if (epoch > goal)
@@ -193,7 +195,7 @@ int journal_file_fsprg_seek(JournalFile *f, uint64_t goal) {
                         return -ENOMEM;
         }
 
-        log_debug("Seeking FSPRG key to %llu.", (unsigned long long) goal);
+        log_debug("Seeking FSPRG key to %"PRIu64".", goal);
 
         msk = alloca(FSPRG_mskinbytes(FSPRG_RECOMMENDED_SECPAR));
         FSPRG_GenMK(msk, NULL, f->fsprg_seed, f->fsprg_seed_size, FSPRG_RECOMMENDED_SECPAR);
@@ -209,6 +211,9 @@ int journal_file_maybe_append_tag(JournalFile *f, uint64_t realtime) {
         if (!f->seal)
                 return 0;
 
+        if (realtime <= 0)
+                realtime = now(CLOCK_REALTIME);
+
         r = journal_file_fsprg_need_evolve(f, realtime);
         if (r <= 0)
                 return 0;
@@ -221,16 +226,11 @@ int journal_file_maybe_append_tag(JournalFile *f, uint64_t realtime) {
         if (r < 0)
                 return r;
 
-        r = journal_file_hmac_start(f);
-        if (r < 0)
-                return r;
-
         return 0;
 }
 
-int journal_file_hmac_put_object(JournalFile *f, int type, uint64_t p) {
+int journal_file_hmac_put_object(JournalFile *f, int type, Object *o, uint64_t p) {
         int r;
-        Object *o;
 
         assert(f);
 
@@ -241,9 +241,14 @@ int journal_file_hmac_put_object(JournalFile *f, int type, uint64_t p) {
         if (r < 0)
                 return r;
 
-        r = journal_file_move_to_object(f, type, p, &o);
-        if (r < 0)
-                return r;
+        if (!o) {
+                r = journal_file_move_to_object(f, type, p, &o);
+                if (r < 0)
+                        return r;
+        } else {
+                if (type >= 0 && o->object.type != type)
+                        return -EBADMSG;
+        }
 
         gcry_md_write(f->hmac, o, offsetof(ObjectHeader, payload));
 
@@ -255,6 +260,12 @@ int journal_file_hmac_put_object(JournalFile *f, int type, uint64_t p) {
                 gcry_md_write(f->hmac, o->data.payload, le64toh(o->object.size) - offsetof(DataObject, payload));
                 break;
 
+        case OBJECT_FIELD:
+                /* Same here */
+                gcry_md_write(f->hmac, &o->field.hash, sizeof(o->field.hash));
+                gcry_md_write(f->hmac, o->field.payload, le64toh(o->object.size) - offsetof(FieldObject, payload));
+                break;
+
         case OBJECT_ENTRY:
                 /* All */
                 gcry_md_write(f->hmac, &o->entry.seqnum, le64toh(o->object.size) - offsetof(EntryObject, seqnum));
@@ -327,7 +338,9 @@ int journal_file_fss_load(JournalFile *f) {
 
         fd = open(p, O_RDWR|O_CLOEXEC|O_NOCTTY, 0600);
         if (fd < 0) {
-                log_error("Failed to open %s: %m", p);
+                if (errno != ENOENT)
+                        log_error("Failed to open %s: %m", p);
+
                 r = -errno;
                 goto finish;
         }
@@ -364,7 +377,7 @@ int journal_file_fss_load(JournalFile *f) {
                 goto finish;
         }
 
-        if (le64toh(m->fsprg_state_size) != FSPRG_stateinbytes(m->fsprg_secpar)) {
+        if (le64toh(m->fsprg_state_size) != FSPRG_stateinbytes(le16toh(m->fsprg_secpar))) {
                 r = -EBADMSG;
                 goto finish;
         }
@@ -405,19 +418,32 @@ finish:
         if (m)
                 munmap(m, PAGE_ALIGN(sizeof(FSSHeader)));
 
-        if (fd >= 0)
-                close_nointr_nofail(fd);
-
+        safe_close(fd);
         free(p);
+
         return r;
 }
 
+static void initialize_libgcrypt(void) {
+        const char *p;
+
+        if (gcry_control(GCRYCTL_INITIALIZATION_FINISHED_P))
+                return;
+
+        p = gcry_check_version("1.4.5");
+        assert(p);
+
+        gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
+}
+
 int journal_file_hmac_setup(JournalFile *f) {
         gcry_error_t e;
 
         if (!f->seal)
                 return 0;
 
+        initialize_libgcrypt();
+
         e = gcry_md_open(&f->hmac, GCRY_MD_SHA256, GCRY_MD_FLAG_HMAC);
         if (e != 0)
                 return -ENOTSUP;
@@ -443,7 +469,7 @@ int journal_file_append_first_tag(JournalFile *f) {
                 return -EINVAL;
         p -= offsetof(Object, hash_table.items);
 
-        r = journal_file_hmac_put_object(f, OBJECT_FIELD_HASH_TABLE, p);
+        r = journal_file_hmac_put_object(f, OBJECT_FIELD_HASH_TABLE, NULL, p);
         if (r < 0)
                 return r;
 
@@ -452,7 +478,7 @@ int journal_file_append_first_tag(JournalFile *f) {
                 return -EINVAL;
         p -= offsetof(Object, hash_table.items);
 
-        r = journal_file_hmac_put_object(f, OBJECT_DATA_HASH_TABLE, p);
+        r = journal_file_hmac_put_object(f, OBJECT_DATA_HASH_TABLE, NULL, p);
         if (r < 0)
                 return r;
 
@@ -463,8 +489,74 @@ int journal_file_append_first_tag(JournalFile *f) {
         return 0;
 }
 
-bool journal_file_fss_enabled(JournalFile *f) {
+int journal_file_parse_verification_key(JournalFile *f, const char *key) {
+        uint8_t *seed;
+        size_t seed_size, c;
+        const char *k;
+        int r;
+        unsigned long long start, interval;
+
+        seed_size = FSPRG_RECOMMENDED_SEEDLEN;
+        seed = malloc(seed_size);
+        if (!seed)
+                return -ENOMEM;
+
+        k = key;
+        for (c = 0; c < seed_size; c++) {
+                int x, y;
+
+                while (*k == '-')
+                        k++;
+
+                x = unhexchar(*k);
+                if (x < 0) {
+                        free(seed);
+                        return -EINVAL;
+                }
+                k++;
+                y = unhexchar(*k);
+                if (y < 0) {
+                        free(seed);
+                        return -EINVAL;
+                }
+                k++;
+
+                seed[c] = (uint8_t) (x * 16 + y);
+        }
+
+        if (*k != '/') {
+                free(seed);
+                return -EINVAL;
+        }
+        k++;
+
+        r = sscanf(k, "%llx-%llx", &start, &interval);
+        if (r != 2) {
+                free(seed);
+                return -EINVAL;
+        }
+
+        f->fsprg_seed = seed;
+        f->fsprg_seed_size = seed_size;
+
+        f->fss_start_usec = start * interval;
+        f->fss_interval_usec = interval;
+
+        return 0;
+}
+
+bool journal_file_next_evolve_usec(JournalFile *f, usec_t *u) {
+        uint64_t epoch;
+
         assert(f);
+        assert(u);
+
+        if (!f->seal)
+                return false;
+
+        epoch = FSPRG_GetEpoch(f->fsprg_state);
+
+        *u = (usec_t) (f->fss_start_usec + f->fss_interval_usec * epoch + f->fss_interval_usec);
 
-        return !!(le32toh(f->header->compatible_flags) & HEADER_COMPATIBLE_SEALED);
+        return true;
 }