struct pathprefix_template path;
struct ent *ents;
struct buffer_if databuf;
- struct hash_if *defhash;
};
static bool_t uncached_load_file(
const struct sigscheme_info *scheme,
const char *path,
struct buffer_if *databuf,
- struct hash_if *defhash,
struct sigprivkey_if **sigpriv_r,
closure_t **closure_r,
struct log_if *log);
bool_t ok=uncached_load_file(scheme,
path,
&st->databuf,
- st->defhash,
&sigpriv,
&cl,
log);
const struct sigscheme_info *scheme,
const char *path,
struct buffer_if *databuf,
- struct hash_if *defhash,
struct sigprivkey_if **sigpriv_r,
closure_t **closure_r,
struct log_if *log)
ok=scheme->loadpriv(scheme, databuf, &sigpriv, closure_r, log, loc);
if (!ok) goto error_out; /* loadpriv will have logged */
- if (sigpriv->sethash) {
- if (!defhash) {
- slilog(log,M_ERR,
- "private key %s requires `hash' config key to load",
- path);
- goto error_out;
- }
- sigpriv->sethash(sigpriv->st,defhash);
- }
*sigpriv_r=sigpriv;
out:
st->ents=0;
st->path.buffer=0;
st->used=st->alloc=0;
- st->defhash=0;
item=list_elem(args,0);
if (!item || item->type!=t_dict)
const char *path=dict_read_string(dict,"privkeys",True,"privcache",loc);
pathprefix_template_init(&st->path,path,KEYIDSZ*2);
- st->defhash=find_cl_if(dict,"hash",CL_HASH,False,"site",loc);
-
return new_closure(&st->cl);
}
buffer_new(&databuf,DEFAULT_MAXPRIV_BYTES);
BUF_ALLOC(&databuf,"load-private data buf");
- struct hash_if *defhash=
- find_cl_if(context,"hash",CL_HASH,False,"load-private",loc);
-
struct cfgfile_log log;
cfgfile_log_init(&log,loc,"load-private");
struct sigprivkey_if *sigpriv;
closure_t *cl;
bool_t ok=
- uncached_load_file(sch,path,&databuf,defhash,&sigpriv,&cl,&log.log);
+ uncached_load_file(sch,path,&databuf,&sigpriv,&cl,&log.log);
if (!ok) cfgfatal(loc,"load-private","private key loading failed");
BUF_FREE(&databuf);
bool_t ok=sch->loadpub(sch,&buf,&pubkey,&cl,&log.log,loc);
if (!ok) cfgfatal(loc,"make-public","public key loading failed");
- if (pubkey->sethash) {
- struct hash_if *defhash=
- find_cl_if(context,"hash",CL_HASH,True,"make-public",loc);
- pubkey->sethash(pubkey->st,defhash);
- }
-
BUF_FREE(&buf);
buffer_destroy(&buf);
return new_closure(cl);
/* filled in during setup: */
struct cloc loc; /* line is runtime */
struct log_if *log;
- struct hash_if *defhash;
struct buffer_if *data_buf;
struct peer_keyset *building;
/* runtime: */
bool_t ok=c->scheme->loadpub(c->scheme,c->data_buf,
&pubkey,&cl,c->log,c->loc);
if (!ok) break;
- if (pubkey->sethash) {
- if (!c->defhash) {
- pubkey->dispose(pubkey->st);
- DOSKIP("public key requires default hash to load");
- }
- pubkey->sethash(pubkey->st,c->defhash);
- }
struct peer_pubkey *fill=&c->building->keys[c->building->nkeys];
memcpy(fill->id.b,c->grpid,GRPIDSZ);
assert(ALGIDSZ==1); /* otherwise need htons or htonl or something */
extern struct peer_keyset *
keyset_load(const char *path, struct buffer_if *data_buf,
- struct log_if *log, int logcl_enoent,
- struct hash_if *defhash) {
+ struct log_if *log, int logcl_enoent) {
assert(!c->building);
c->log=log;
- c->defhash=defhash;
c->loc.file=path;
pkyyin = fopen(path, "r");
if (!pkyyin) {
struct peer_pubkey {
struct sigkeyid id;
- struct sigpubkey_if *pubkey; /* does not need ->sethash calling */
+ struct sigpubkey_if *pubkey;
};
struct peer_keyset {
extern struct peer_keyset *
keyset_load(const char *path, struct buffer_if *data_buf,
- struct log_if *log, int logcl_enoent,
- struct hash_if *defhash);
+ struct log_if *log, int logcl_enoent);
extern void keyset_dispose(struct peer_keyset **ks);
*in_ops=hash;
}
-static void rsa_pub_sethash(void *sst, struct hash_if *hash) { }
-static void rsa_priv_sethash(void *sst, struct hash_if *hash) { }
-
static void rsacommon_dispose(struct rsacommon *c)
{
free(c->hashbuf);
st->cl.apply=NULL;
st->cl.interface=&st->ops;
st->ops.st=st;
- st->ops.sethash=rsa_pub_sethash;
st->common.hashbuf=NULL;
st->ops.unpick=rsa_sig_unpick;
st->ops.check=rsa_sig_check;
st->cl.apply=NULL;
st->cl.interface=&st->ops;
st->ops.st=st;
- st->ops.sethash=rsa_priv_sethash;
st->common.hashbuf=NULL;
st->ops.sign=rsa_sign;
st->ops.hash=0;
/* SIGPUBKEY interface */
-typedef void sig_sethash_fn(void *st, struct hash_if *hash);
typedef void sig_dispose_fn(void *st);
typedef bool_t sig_unpick_fn(void *sst, struct buffer_if *msg,
const struct alg_msg_data *sig);
struct sigpubkey_if {
void *st;
- sig_sethash_fn *sethash; /* must be called before use, if non-0 */
sig_unpick_fn *unpick;
sig_checksig_fn *check;
const struct hash_if *hash;
struct buffer_if *msg);
struct sigprivkey_if {
void *st;
- sig_sethash_fn *sethash; /* must be called before use, if non-0 */
sig_makesig_fn *sign;
const struct hash_if *hash;
sig_dispose_fn *dispose;
typedef struct sigprivkey_if *privcache_lookup_fn(void *st,
const struct sigkeyid *id,
struct log_if*);
- /* Return is valid only until you return from the current event!
- * You do not need to call ->sethash. */
+ /* Return is valid only until you return from the current event! */
struct privcache_if {
void *st;
int ncomms;
struct resolver_if *resolver;
struct log_if *log;
- struct hash_if *defhash;
struct random_if *random;
struct privcache_if *privkeys;
struct sigprivkey_if *privkey_fixed;
int logcl_enoent)
{
struct peer_keyset *atsuffix=
- keyset_load(file,&st->scratch,st->log,logcl_enoent,st->defhash);
+ keyset_load(file,&st->scratch,st->log,logcl_enoent);
if (!atsuffix) return;
if (st->peerkeys_current &&
crypto operations, but that's a task for another day. */
}
-static void setup_sethash(struct site *st, dict_t *dict,
- struct cloc loc,
- sig_sethash_fn *sethash, void *sigkey_st) {
- if (!st->defhash)
- cfgfatal(loc,"site","other settings imply `hash' key is needed");
- sethash(sigkey_st,st->defhash);
-}
-#define SETUP_SETHASH(k) do{ \
- if ((k)->sethash) \
- setup_sethash(st,dict,loc, (k)->sethash,(k)->st); \
-}while(0)
-
static list_t *site_apply(closure_t *self, struct cloc loc, dict_t *context,
list_t *args)
{
st->resolver=find_cl_if(dict,"resolver",CL_RESOLVER,True,"site",loc);
st->random=find_cl_if(dict,"random",CL_RANDOMSRC,True,"site",loc);
- st->defhash=find_cl_if(dict,"hash",CL_HASH,True,"site",loc);
-
st->privkeys=find_cl_if(dict,"key-cache",CL_PRIVCACHE,False,"site",loc);
if (!st->privkeys) {
st->privkey_fixed=
find_cl_if(dict,"local-key",CL_SIGPRIVKEY,True,"site",loc);
- SETUP_SETHASH(st->privkey_fixed);
}
struct sigpubkey_if *fixed_pubkey
pathprefix_template_init(&st->peerkeys_tmpl,st->peerkeys_path,
PEERKEYS_SUFFIX_MAXLEN + 1 /* nul */);
st->peerkeys_current=keyset_load(st->peerkeys_path,
- &st->scratch,st->log,M_ERR,
- st->defhash);
+ &st->scratch,st->log,M_ERR);
if (fixed_pubkey) {
fixed_pubkey->dispose(fixed_pubkey->st);
}
} else {
assert(fixed_pubkey);
- SETUP_SETHASH(fixed_pubkey);
NEW(st->peerkeys_current);
st->peerkeys_current->refcount=1;
st->peerkeys_current->nkeys=1;