/* -*-c-*-
*
- * $Id: keymgmt.c,v 1.6 2004/04/18 18:08:11 mdw Exp $
+ * $Id$
*
* Key loading and storing
*
if ((p = key_getattr(kf, k, "cipher")) == 0)
p = "blowfish-cbc";
if ((a->c = gcipher_byname(p)) == 0)
- FAIL("unknown cipher");
+ FAIL("unknown-cipher");
if ((p = key_getattr(kf, k, "hash")) == 0)
p = "rmd160";
if ((a->h = ghash_byname(p)) == 0)
- FAIL("unknown hash function");
+ FAIL("unknown-hash");
- if ((p = key_getattr(kf, k, "mgf")) != 0) {
+ if ((p = key_getattr(kf, k, "mgf")) == 0) {
dstr_reset(&d);
- dstr_putf(&d, "%s-mgf");
+ dstr_putf(&d, "%s-mgf", a->h->name);
p = d.buf;
}
if ((a->mgf = gcipher_byname(p)) == 0)
- FAIL("unknown MGF cipher");
+ FAIL("unknown-mgf-cipher");
if ((p = key_getattr(kf, k, "mac")) != 0) {
dstr_reset(&d);
if ((q = strchr(d.buf, '/')) != 0)
*q++ = 0;
if ((a->m = gmac_byname(d.buf)) == 0)
- FAIL("unknown message authentication code");
+ FAIL("unknown-mac");
if (!q)
a->tagsz = a->m->hashsz;
else {
unsigned long n = strtoul(q, &q, 0);
- if (*q) FAIL("bad tag length string");
- if (n%8 || n > ~(size_t)0) FAIL("bad tag length");
+ if (*q) FAIL("bad-tag-length-string");
+ if (n%8 || n > ~(size_t)0) FAIL("bad-tag-length");
a->tagsz = n/8;
}
} else {
dstr_reset(&d);
dstr_putf(&d, "%s-hmac", a->h->name);
if ((a->m = gmac_byname(d.buf)) == 0)
- FAIL("failed to derive HMAC from hash function");
+ FAIL("no-hmac-for-hash");
a->tagsz = a->h->hashsz/2;
}
*/
static void keymoan(const char *file, int line, const char *msg, void *p)
- { a_warn("%s:%i: error: %s", file, line, msg); }
+{
+ a_warn("KEYMGMT",
+ "key-file-error",
+ "%s:%i", file, line,
+ "%s", msg,
+ A_END);
+}
/* --- @loadpriv@ --- *
*
{
key_file kf;
key *k;
- key_data *kd;
+ key_data **kd;
dstr t = DSTR_INIT;
group *g = 0;
mp *x = 0;
/* --- Load the key --- */
- if ((e = (*ko)->loadpriv(kd, &g, &x, &t)) != 0) {
+ if ((e = (*ko)->loadpriv(*kd, &g, &x, &t)) != 0) {
dstr_putf(d, "error reading private key `%s': %s", t.buf, e);
goto done_1;
}
return (0);
}
-/* --- @km_interval@ --- *
+/* --- @km_reload@ --- *
*
* Arguments: ---
*
* Returns: Zero if OK, nonzero to force reloading of keys.
*
- * Use: Called on the interval timer to perform various useful jobs.
+ * Use: Checks the keyrings to see if they need reloading.
*/
-int km_interval(void)
+int km_reload(void)
{
dstr d = DSTR_INIT;
key_file *kf;
T( trace(T_KEYMGMT, "keymgmt: private keyring updated: reloading..."); )
DRESET(&d);
if (loadpriv(&d))
- a_warn("%s -- ignoring changes", d.buf);
+ a_warn("KEYMGMT", "bad-private-key", "%s", d.buf, A_END);
else
reload = 1;
}
kf = kf_pub;
DRESET(&d);
if (loadpub(&d))
- a_warn("%s -- ignoring changes", d.buf);
+ a_warn("KEYMGMT", "bad-public-keyring", "%s", d.buf, A_END);
else {
reload = 1;
key_close(kf);
int km_getpubkey(const char *tag, ge *kpub, time_t *t_exp)
{
key *k;
- key_data *kd;
+ key_data **kd;
dstr t = DSTR_INIT;
const kgops **ko;
const char *e;
/* --- Find the key --- */
if (key_qtag(kf_pub, tag, &t, &k, &kd)) {
- a_warn("public key `%s' not found in keyring `%s'", tag, kr_pub);
+ a_warn("KEYMGMT", "public-key", "%s", tag, "not-found", A_END);
goto done;
}
if (strcmp((*ko)->ty, k->type) == 0)
goto tymatch;
}
- a_warn("public key `%s' has unknown type `%s'", t.buf, k->type);
+ a_warn("KEYMGMT",
+ "public-key", "%s", t.buf,
+ "unknown-type", "%s", k->type,
+ A_END);
goto done;
tymatch:;
/* --- Load the key --- */
- if ((e = (*ko)->loadpub(kd, &g, &p, &t)) != 0) {
- a_warn("error reading public key `%s': %s", t.buf, e);
+ if ((e = (*ko)->loadpub(*kd, &g, &p, &t)) != 0) {
+ a_warn("KEYMGMT", "public-key", "%s", t.buf, "bad", "%s", e, A_END);
goto done;
}
*/
if (!group_samep(gg, g)) {
- a_warn("public key `%s' has incorrect group", t.buf);
+ a_warn("KEYMGMT", "public-key", "%s", t.buf, "incorrect-group", A_END);
goto done;
}
/* --- Check the public group element --- */
if (group_check(gg, p)) {
- a_warn("public key `%s' has bad public group element", t.buf);
+ a_warn("KEYMGMT",
+ "public-key", "%s", t.buf,
+ "bad-public-group-element",
+ A_END);
goto done;
}
/* --- Check the algorithms --- */
if ((e = algs_get(&a, kf_pub, k)) != 0) {
- a_warn("public key `%s' has bad algorithm selection: %s", t.buf, e);
+ a_warn("KEYMGMT",
+ "public-key", "%s", t.buf,
+ "bad-algorithm-selection", e,
+ A_END);
goto done;
}
- if (!algs_samep(&a, &algs)) {
- a_warn("public key `%s' specifies different algorithms", t.buf);
+ if (!algs_samep(&a, &algs)) {
+ a_warn("KEYMGMT",
+ "public-key", "%s", t.buf,
+ "algorithm-mismatch",
+ A_END);
goto done;
}