X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;ds=sidebyside;f=rsa.c;h=efcb650fc216c3a2965b2bb45d0b85e3158478f3;hb=564022994befb8f71b89ae015751b22c34ae3ee8;hp=3f6c7f92f8ea57e4c999cb0ff09a9b4a59e2f49b;hpb=7b3937db4102e6b2adc0fc861965d0f9d4da2d8b;p=secnet.git diff --git a/rsa.c b/rsa.c index 3f6c7f9..efcb650 100644 --- a/rsa.c +++ b/rsa.c @@ -53,6 +53,7 @@ struct load_ctx { const char *message, va_list args); bool_t (*postreadcheck)(struct load_ctx *l, FILE *f); const char *what; + dict_t *deprdict; /* used only to look up hash */ struct cloc loc; union { struct { @@ -127,23 +128,19 @@ struct rsapub { static const char *hexchars="0123456789abcdef"; -static void rsa_sethash(struct rsacommon *c, struct hash_if *hash, +static void rsa_sethash(struct load_ctx *l, + struct rsacommon *c, const struct hash_if **in_ops) { - free(c->hashbuf); + struct hash_if *hash=0; + if (l->deprdict) + hash=find_cl_if(l->deprdict,"hash",CL_HASH,False,"site",l->loc); + if (!hash) + hash=sha1_hash_if; c->hashbuf=safe_malloc(hash->hlen, "generate_msg"); *in_ops=hash; } -static void rsa_pub_sethash(void *sst, struct hash_if *hash) -{ - struct rsapub *st=sst; - rsa_sethash(&st->common, hash, &st->ops.hash); -} -static void rsa_priv_sethash(void *sst, struct hash_if *hash) -{ - struct rsapriv *st=sst; - rsa_sethash(&st->common, hash, &st->ops.hash); -} + static void rsacommon_dispose(struct rsacommon *c) { free(c->hashbuf); @@ -344,7 +341,6 @@ static struct rsapub *rsa_loadpub_core(RSAPUB_BNS(RSAPUB_LOADCORE_DEFBN) st->cl.apply=NULL; st->cl.interface=&st->ops; st->ops.st=st; - st->ops.sethash=rsa_pub_sethash; st->common.hashbuf=NULL; st->ops.unpick=rsa_sig_unpick; st->ops.check=rsa_sig_check; @@ -364,6 +360,8 @@ static struct rsapub *rsa_loadpub_core(RSAPUB_BNS(RSAPUB_LOADCORE_DEFBN) RSAPUB_BNS(RSAPUB_LOADCORE_GETBN) + rsa_sethash(l,&st->common,&st->ops.hash); + return st; error_out: @@ -378,6 +376,7 @@ static list_t *rsapub_apply(closure_t *self, struct cloc loc, dict_t *context, l->verror=verror_cfgfatal; l->postreadcheck=0; l->what="rsa-public"; + l->deprdict=context; l->loc=loc; #define RSAPUB_APPLY_GETBN(ix,en,what) \ @@ -413,6 +412,7 @@ bool_t rsa1_loadpub(const struct sigscheme_info *algo, l->verror=verror_tryload; l->postreadcheck=0; l->what="rsa1_loadpub"; + l->deprdict=0; l->loc=loc; l->u.tryload.log=log; @@ -504,7 +504,6 @@ static struct rsapriv *rsa_loadpriv_core(struct load_ctx *l, st->cl.apply=NULL; st->cl.interface=&st->ops; st->ops.st=st; - st->ops.sethash=rsa_priv_sethash; st->common.hashbuf=NULL; st->ops.sign=rsa_sign; st->ops.hash=0; @@ -632,6 +631,8 @@ static struct rsapriv *rsa_loadpriv_core(struct load_ctx *l, fatal_perror("rsa-private (%s:%d): ferror",loc.file,loc.line); } + rsa_sethash(l,&st->common,&st->ops.hash); + /* * Now verify the validity of the key, and set up the auxiliary * values for fast CRT signing. @@ -735,6 +736,7 @@ bool_t rsa1_loadpriv(const struct sigscheme_info *algo, l->what="rsa1priv load"; l->verror=verror_tryload; l->postreadcheck=postreadcheck_tryload; + l->deprdict=0; l->loc=loc; l->u.tryload.log=log; @@ -770,6 +772,7 @@ static list_t *rsapriv_apply(closure_t *self, struct cloc loc, dict_t *context, l->what="rsa-private"; l->verror=verror_cfgfatal; l->postreadcheck=postreadcheck_apply; + l->deprdict=context; l->loc=loc; /* Argument is filename pointing to SSH1 private key file */ @@ -788,8 +791,10 @@ static list_t *rsapriv_apply(closure_t *self, struct cloc loc, dict_t *context, if (!f) { if (just_check_config) { Message(M_WARNING,"rsa-private (%s:%d): cannot open keyfile " - "\"%s\"; assuming it's valid while we check the " - "rest of the configuration\n",loc.file,loc.line,filename); + "\"%s\" (%s); assuming it's valid while we check the " + "rest of the configuration\n", + loc.file,loc.line,filename,strerror(errno)); + return list_new(); } else { fatal_perror("rsa-private (%s:%d): cannot open file \"%s\"", loc.file,loc.line,filename);