chiark
/
gitweb
/
~mdw
/
tripe
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Allow admin clients to filter out async messages. Send notifications
[tripe]
/
keymgmt.c
diff --git
a/keymgmt.c
b/keymgmt.c
index 79945f419fd9e1fc193cdc5bc7a5dea0b8651efd..e1388e04c26b501319253518bd0fcaf5478bd7af 100644
(file)
--- a/
keymgmt.c
+++ b/
keymgmt.c
@@
-1,6
+1,6
@@
/* -*-c-*-
*
/* -*-c-*-
*
- * $Id
: keymgmt.c,v 1.7 2004/04/19 08:49:40 mdw Exp
$
+ * $Id$
*
* Key loading and storing
*
*
* Key loading and storing
*
@@
-185,12
+185,12
@@
static const char *algs_get(algswitch *a, key_file *kf, key *k)
if ((p = key_getattr(kf, k, "cipher")) == 0)
p = "blowfish-cbc";
if ((a->c = gcipher_byname(p)) == 0)
if ((p = key_getattr(kf, k, "cipher")) == 0)
p = "blowfish-cbc";
if ((a->c = gcipher_byname(p)) == 0)
- FAIL("unknown
cipher");
+ FAIL("unknown
-
cipher");
if ((p = key_getattr(kf, k, "hash")) == 0)
p = "rmd160";
if ((a->h = ghash_byname(p)) == 0)
if ((p = key_getattr(kf, k, "hash")) == 0)
p = "rmd160";
if ((a->h = ghash_byname(p)) == 0)
- FAIL("unknown
hash function
");
+ FAIL("unknown
-hash
");
if ((p = key_getattr(kf, k, "mgf")) == 0) {
dstr_reset(&d);
if ((p = key_getattr(kf, k, "mgf")) == 0) {
dstr_reset(&d);
@@
-198,7
+198,7
@@
static const char *algs_get(algswitch *a, key_file *kf, key *k)
p = d.buf;
}
if ((a->mgf = gcipher_byname(p)) == 0)
p = d.buf;
}
if ((a->mgf = gcipher_byname(p)) == 0)
- FAIL("unknown
MGF
cipher");
+ FAIL("unknown
-mgf-
cipher");
if ((p = key_getattr(kf, k, "mac")) != 0) {
dstr_reset(&d);
if ((p = key_getattr(kf, k, "mac")) != 0) {
dstr_reset(&d);
@@
-206,20
+206,20
@@
static const char *algs_get(algswitch *a, key_file *kf, key *k)
if ((q = strchr(d.buf, '/')) != 0)
*q++ = 0;
if ((a->m = gmac_byname(d.buf)) == 0)
if ((q = strchr(d.buf, '/')) != 0)
*q++ = 0;
if ((a->m = gmac_byname(d.buf)) == 0)
- FAIL("unknown
message authentication code
");
+ FAIL("unknown
-mac
");
if (!q)
a->tagsz = a->m->hashsz;
else {
unsigned long n = strtoul(q, &q, 0);
if (!q)
a->tagsz = a->m->hashsz;
else {
unsigned long n = strtoul(q, &q, 0);
- if (*q) FAIL("bad
tag length
string");
- if (n%8 || n > ~(size_t)0) FAIL("bad
tag
length");
+ if (*q) FAIL("bad
-tag-length-
string");
+ if (n%8 || n > ~(size_t)0) FAIL("bad
-tag-
length");
a->tagsz = n/8;
}
} else {
dstr_reset(&d);
dstr_putf(&d, "%s-hmac", a->h->name);
if ((a->m = gmac_byname(d.buf)) == 0)
a->tagsz = n/8;
}
} else {
dstr_reset(&d);
dstr_putf(&d, "%s-hmac", a->h->name);
if ((a->m = gmac_byname(d.buf)) == 0)
- FAIL("
failed to derive HMAC from hash function
");
+ FAIL("
no-hmac-for-hash
");
a->tagsz = a->h->hashsz/2;
}
a->tagsz = a->h->hashsz/2;
}
@@
-301,7
+301,7
@@
static int algs_samep(const algswitch *a, const algswitch *aa)
*/
static void keymoan(const char *file, int line, const char *msg, void *p)
*/
static void keymoan(const char *file, int line, const char *msg, void *p)
- { a_warn("
%s:%i: error:
%s", file, line, msg); }
+ { a_warn("
KEYMGMT key-file-error %s:%i --
%s", file, line, msg); }
/* --- @loadpriv@ --- *
*
/* --- @loadpriv@ --- *
*
@@
-471,7
+471,7
@@
int km_interval(void)
T( trace(T_KEYMGMT, "keymgmt: private keyring updated: reloading..."); )
DRESET(&d);
if (loadpriv(&d))
T( trace(T_KEYMGMT, "keymgmt: private keyring updated: reloading..."); )
DRESET(&d);
if (loadpriv(&d))
- a_warn("
%s -- ignoring change
s", d.buf);
+ a_warn("
KEYMGMT bad-private-key -- %
s", d.buf);
else
reload = 1;
}
else
reload = 1;
}
@@
-483,7
+483,7
@@
int km_interval(void)
kf = kf_pub;
DRESET(&d);
if (loadpub(&d))
kf = kf_pub;
DRESET(&d);
if (loadpub(&d))
- a_warn("
%s -- ignoring change
s", d.buf);
+ a_warn("
KEYMGMT bad-public-keyring -- %
s", d.buf);
else {
reload = 1;
key_close(kf);
else {
reload = 1;
key_close(kf);
@@
-558,7
+558,7
@@
int km_getpubkey(const char *tag, ge *kpub, time_t *t_exp)
/* --- Find the key --- */
if (key_qtag(kf_pub, tag, &t, &k, &kd)) {
/* --- Find the key --- */
if (key_qtag(kf_pub, tag, &t, &k, &kd)) {
- a_warn("
public key `%s' not found in keyring `%s'", tag, kr_pub
);
+ a_warn("
KEYMGMT public-key %s not-found", tag
);
goto done;
}
goto done;
}
@@
-568,14
+568,14
@@
int km_getpubkey(const char *tag, ge *kpub, time_t *t_exp)
if (strcmp((*ko)->ty, k->type) == 0)
goto tymatch;
}
if (strcmp((*ko)->ty, k->type) == 0)
goto tymatch;
}
- a_warn("
public key `%s' has unknown type `%s'
", t.buf, k->type);
+ a_warn("
KEYMGMT public-key %s unknown-type %s
", t.buf, k->type);
goto done;
tymatch:;
/* --- Load the key --- */
if ((e = (*ko)->loadpub(kd, &g, &p, &t)) != 0) {
goto done;
tymatch:;
/* --- Load the key --- */
if ((e = (*ko)->loadpub(kd, &g, &p, &t)) != 0) {
- a_warn("
error reading public key `%s':
%s", t.buf, e);
+ a_warn("
KEYMGMT public-key %s bad --
%s", t.buf, e);
goto done;
}
goto done;
}
@@
-586,25
+586,25
@@
tymatch:;
*/
if (!group_samep(gg, g)) {
*/
if (!group_samep(gg, g)) {
- a_warn("
public key `%s' has incorrect
group", t.buf);
+ a_warn("
KEYMGMT public-key %s incorrect-
group", t.buf);
goto done;
}
/* --- Check the public group element --- */
if (group_check(gg, p)) {
goto done;
}
/* --- Check the public group element --- */
if (group_check(gg, p)) {
- a_warn("
public key `%s' has bad public group
element", t.buf);
+ a_warn("
KEYMGMT public-key %s bad-public-group-
element", t.buf);
goto done;
}
/* --- Check the algorithms --- */
if ((e = algs_get(&a, kf_pub, k)) != 0) {
goto done;
}
/* --- Check the algorithms --- */
if ((e = algs_get(&a, kf_pub, k)) != 0) {
- a_warn("
public key `%s' has bad algorithm selection:
%s", t.buf, e);
+ a_warn("
KEYMGMT public-key %s bad-algorithm-selection
%s", t.buf, e);
goto done;
}
goto done;
}
- if (!algs_samep(&a, &algs)) {
- a_warn("
public key `%s' specifies different algorithms
", t.buf);
+ if (!algs_samep(&a, &algs)) {
+ a_warn("
KEYMGMT public-key %s algorithm-mismatch
", t.buf);
goto done;
}
goto done;
}