sig: Abolish sethash and defhash everywhere

The only consumer of this wrongheaded interface was rsa1, which has
been updated.  Delete it all.

There is nothing to delete in the documentation, mostly because much
of this wasn't documented when we introduced it.

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>

diff --git a/privcache.c b/privcache.c
index 5377c9049452500d36ce409cdee35fdcfc575f31..d790c30ad07402a1325c8340a3fdd169618bcaa7 100644 (file)
--- a/privcache.c
+++ b/privcache.c
@@ -35,14 +35,12 @@ struct privcache {
     struct pathprefix_template path;
     struct ent *ents;
     struct buffer_if databuf;
-    struct hash_if *defhash;
 };
 
 static bool_t uncached_load_file(
                           const struct sigscheme_info *scheme,
                           const char *path,
                           struct buffer_if *databuf,
-                          struct hash_if *defhash,
                           struct sigprivkey_if **sigpriv_r,
                           closure_t **closure_r,
                           struct log_if *log);
@@ -70,7 +68,6 @@ static struct sigprivkey_if *uncached_get(struct privcache *st,
     bool_t ok=uncached_load_file(scheme,
                              path,
                              &st->databuf,
-                             st->defhash,
                              &sigpriv,
                              &cl,
                              log);
@@ -81,7 +78,6 @@ static bool_t uncached_load_file(
                           const struct sigscheme_info *scheme,
                           const char *path,
                           struct buffer_if *databuf,
-                          struct hash_if *defhash,
                           struct sigprivkey_if **sigpriv_r,
                           closure_t **closure_r,
                           struct log_if *log)
@@ -123,15 +119,6 @@ static bool_t uncached_load_file(
     ok=scheme->loadpriv(scheme, databuf, &sigpriv, closure_r, log, loc);
     if (!ok) goto error_out; /* loadpriv will have logged */
 
-    if (sigpriv->sethash) {
-       if (!defhash) {
-           slilog(log,M_ERR,
- "private key %s requires `hash' config key to load",
-                  path);
-           goto error_out;
-       }
-       sigpriv->sethash(sigpriv->st,defhash);
-    }
     *sigpriv_r=sigpriv;
 
   out:
@@ -194,7 +181,6 @@ static list_t *privcache_apply(closure_t *self, struct cloc loc,
     st->ents=0;
     st->path.buffer=0;
     st->used=st->alloc=0;
-    st->defhash=0;
 
     item=list_elem(args,0);
     if (!item || item->type!=t_dict)
@@ -214,8 +200,6 @@ static list_t *privcache_apply(closure_t *self, struct cloc loc,
     const char *path=dict_read_string(dict,"privkeys",True,"privcache",loc);
     pathprefix_template_init(&st->path,path,KEYIDSZ*2);
 
-    st->defhash=find_cl_if(dict,"hash",CL_HASH,False,"site",loc);
-
     return new_closure(&st->cl);
 }
 
@@ -233,16 +217,13 @@ static list_t *loadprivate_apply(closure_t *self, struct cloc loc,
     buffer_new(&databuf,DEFAULT_MAXPRIV_BYTES);
     BUF_ALLOC(&databuf,"load-private data buf");
 
-    struct hash_if *defhash=
-           find_cl_if(context,"hash",CL_HASH,False,"load-private",loc);
-
     struct cfgfile_log log;
     cfgfile_log_init(&log,loc,"load-private");
 
     struct sigprivkey_if *sigpriv;
     closure_t *cl;
     bool_t ok=
-       uncached_load_file(sch,path,&databuf,defhash,&sigpriv,&cl,&log.log);
+       uncached_load_file(sch,path,&databuf,&sigpriv,&cl,&log.log);
     if (!ok) cfgfatal(loc,"load-private","private key loading failed");
 
     BUF_FREE(&databuf);

diff --git a/pubkeys.c b/pubkeys.c
index efcfa77fc31d717ab9a93d79edc312e1d16be121..6dc741b7f5f9e63480b09151c1d684c6d5a5c0bc 100644 (file)
--- a/pubkeys.c
+++ b/pubkeys.c
@@ -78,12 +78,6 @@ static list_t *makepublic_apply(closure_t *self, struct cloc loc,
     bool_t ok=sch->loadpub(sch,&buf,&pubkey,&cl,&log.log,loc);
     if (!ok) cfgfatal(loc,"make-public","public key loading failed");
 
-    if (pubkey->sethash) {
-       struct hash_if *defhash=
-           find_cl_if(context,"hash",CL_HASH,True,"make-public",loc);
-       pubkey->sethash(pubkey->st,defhash);
-    }
-
     BUF_FREE(&buf);
     buffer_destroy(&buf);
     return new_closure(cl);

diff --git a/pubkeys.fl.pl b/pubkeys.fl.pl
index d163e3747ecadf61e9d8a763670403cbf624ecd2..da1e4d40ce396e255ff685c181710b531c23f8b8 100755 (executable)
--- a/pubkeys.fl.pl
+++ b/pubkeys.fl.pl
@@ -161,7 +161,6 @@ struct pubkeyset_context {
     /* filled in during setup: */
     struct cloc loc; /* line is runtime */
     struct log_if *log;
-    struct hash_if *defhash;
     struct buffer_if *data_buf;
     struct peer_keyset *building;
     /* runtime: */
@@ -232,13 +231,6 @@ static struct pubkeyset_context c[1];
     bool_t ok=c->scheme->loadpub(c->scheme,c->data_buf,
                                 &pubkey,&cl,c->log,c->loc);
     if (!ok) break;
-    if (pubkey->sethash) {
-       if (!c->defhash) {
-           pubkey->dispose(pubkey->st);
-           DOSKIP("public key requires default hash to load");
-       }
-       pubkey->sethash(pubkey->st,c->defhash);
-    }
     struct peer_pubkey *fill=&c->building->keys[c->building->nkeys];
     memcpy(fill->id.b,c->grpid,GRPIDSZ);
     assert(ALGIDSZ==1); /* otherwise need htons or htonl or something */
@@ -291,11 +283,9 @@ static struct pubkeyset_context c[1];
 
 extern struct peer_keyset *
 keyset_load(const char *path, struct buffer_if *data_buf,
-           struct log_if *log, int logcl_enoent,
-           struct hash_if *defhash) {
+           struct log_if *log, int logcl_enoent) {
     assert(!c->building);
     c->log=log;
-    c->defhash=defhash;
     c->loc.file=path;
     pkyyin = fopen(path, "r");
     if (!pkyyin) {

diff --git a/pubkeys.h b/pubkeys.h
index 782240fcdee850e487a3acddd1299067141973bd..a630d775446a197b1e25261cd71f634fdec74634 100644 (file)
--- a/pubkeys.h
+++ b/pubkeys.h
@@ -26,7 +26,7 @@
 
 struct peer_pubkey {
     struct sigkeyid id;
-    struct sigpubkey_if *pubkey; /* does not need ->sethash calling */
+    struct sigpubkey_if *pubkey;
 };
 
 struct peer_keyset {
@@ -38,8 +38,7 @@ struct peer_keyset {
 
 extern struct peer_keyset *
 keyset_load(const char *path, struct buffer_if *data_buf,
-           struct log_if *log, int logcl_enoent,
-           struct hash_if *defhash);
+           struct log_if *log, int logcl_enoent);
 
 extern void keyset_dispose(struct peer_keyset **ks);
 

diff --git a/rsa.c b/rsa.c
index b30fa01a5b10faf5bdf45588280c88b12ad76149..6a89b21156242eba81ac7dfa78b4904106e1b2aa 100644 (file)
--- a/rsa.c
+++ b/rsa.c
@@ -141,9 +141,6 @@ static void rsa_sethash(struct load_ctx *l,
     *in_ops=hash;
 }
 
-static void rsa_pub_sethash(void *sst, struct hash_if *hash) { }
-static void rsa_priv_sethash(void *sst, struct hash_if *hash) { }
-
 static void rsacommon_dispose(struct rsacommon *c)
 {
     free(c->hashbuf);
@@ -344,7 +341,6 @@ static struct rsapub *rsa_loadpub_core(RSAPUB_BNS(RSAPUB_LOADCORE_DEFBN)
     st->cl.apply=NULL;
     st->cl.interface=&st->ops;
     st->ops.st=st;
-    st->ops.sethash=rsa_pub_sethash;
     st->common.hashbuf=NULL;
     st->ops.unpick=rsa_sig_unpick;
     st->ops.check=rsa_sig_check;
@@ -508,7 +504,6 @@ static struct rsapriv *rsa_loadpriv_core(struct load_ctx *l,
     st->cl.apply=NULL;
     st->cl.interface=&st->ops;
     st->ops.st=st;
-    st->ops.sethash=rsa_priv_sethash;
     st->common.hashbuf=NULL;
     st->ops.sign=rsa_sign;
     st->ops.hash=0;

diff --git a/secnet.h b/secnet.h
index 3f5a197591c5cdfac37ba7ad710103586b5e04a9..d447ffbd48b5c466e920ee6a7d7c1135bed3bfb0 100644 (file)
--- a/secnet.h
+++ b/secnet.h
@@ -506,7 +506,6 @@ struct random_if {
 
 /* SIGPUBKEY interface */
 
-typedef void sig_sethash_fn(void *st, struct hash_if *hash);
 typedef void sig_dispose_fn(void *st);
 
 typedef bool_t sig_unpick_fn(void *sst, struct buffer_if *msg,
@@ -515,7 +514,6 @@ typedef bool_t sig_checksig_fn(void *st, uint8_t *data, int32_t datalen,
                               const struct alg_msg_data *sig);
 struct sigpubkey_if {
     void *st;
-    sig_sethash_fn *sethash; /* must be called before use, if non-0 */
     sig_unpick_fn *unpick;
     sig_checksig_fn *check;
     const struct hash_if *hash;
@@ -530,7 +528,6 @@ typedef bool_t sig_makesig_fn(void *st, uint8_t *data, int32_t datalen,
                              struct buffer_if *msg);
 struct sigprivkey_if {
     void *st;
-    sig_sethash_fn *sethash; /* must be called before use, if non-0 */
     sig_makesig_fn *sign;
     const struct hash_if *hash;
     sig_dispose_fn *dispose;
@@ -541,8 +538,7 @@ struct sigprivkey_if {
 typedef struct sigprivkey_if *privcache_lookup_fn(void *st,
                                           const struct sigkeyid *id,
                                           struct log_if*);
-  /* Return is valid only until you return from the current event!
-   * You do not need to call ->sethash. */
+  /* Return is valid only until you return from the current event! */
 
 struct privcache_if {
     void *st;

diff --git a/site.c b/site.c
index 89e415c7ff7925b6b3a7caf3cbb9f2da28e1ab5e..72cee24fc8d094d791a5ed8dab4b17ae71224671 100644 (file)
--- a/site.c
+++ b/site.c
@@ -318,7 +318,6 @@ struct site {
     int ncomms;
     struct resolver_if *resolver;
     struct log_if *log;
-    struct hash_if *defhash;
     struct random_if *random;
     struct privcache_if *privkeys;
     struct sigprivkey_if *privkey_fixed;
@@ -902,7 +901,7 @@ static void peerkeys_maybe_incorporate(struct site *st, const char *file,
                                       int logcl_enoent)
 {
     struct peer_keyset *atsuffix=
-       keyset_load(file,&st->scratch,st->log,logcl_enoent,st->defhash);
+       keyset_load(file,&st->scratch,st->log,logcl_enoent);
     if (!atsuffix) return;
 
     if (st->peerkeys_current &&
@@ -2315,18 +2314,6 @@ static void site_childpersist_clearkeys(void *sst, uint32_t newphase)
        crypto operations, but that's a task for another day. */
 }
 
-static void setup_sethash(struct site *st, dict_t *dict,
-                         struct cloc loc,
-                         sig_sethash_fn *sethash, void *sigkey_st) {
-    if (!st->defhash)
-       cfgfatal(loc,"site","other settings imply `hash' key is needed");
-    sethash(sigkey_st,st->defhash);
-}
-#define SETUP_SETHASH(k) do{                                           \
-    if ((k)->sethash)                                                  \
-        setup_sethash(st,dict,loc, (k)->sethash,(k)->st);      \
-}while(0)
-
 static list_t *site_apply(closure_t *self, struct cloc loc, dict_t *context,
                          list_t *args)
 {
@@ -2431,13 +2418,10 @@ static list_t *site_apply(closure_t *self, struct cloc loc, dict_t *context,
     st->resolver=find_cl_if(dict,"resolver",CL_RESOLVER,True,"site",loc);
     st->random=find_cl_if(dict,"random",CL_RANDOMSRC,True,"site",loc);
 
-    st->defhash=find_cl_if(dict,"hash",CL_HASH,True,"site",loc);
-
     st->privkeys=find_cl_if(dict,"key-cache",CL_PRIVCACHE,False,"site",loc);
     if (!st->privkeys) {
        st->privkey_fixed=
            find_cl_if(dict,"local-key",CL_SIGPRIVKEY,True,"site",loc);
-       SETUP_SETHASH(st->privkey_fixed);
     }
 
     struct sigpubkey_if *fixed_pubkey
@@ -2448,14 +2432,12 @@ static list_t *site_apply(closure_t *self, struct cloc loc, dict_t *context,
        pathprefix_template_init(&st->peerkeys_tmpl,st->peerkeys_path,
                                 PEERKEYS_SUFFIX_MAXLEN + 1 /* nul */);
        st->peerkeys_current=keyset_load(st->peerkeys_path,
-                                        &st->scratch,st->log,M_ERR,
-                                        st->defhash);
+                                        &st->scratch,st->log,M_ERR);
        if (fixed_pubkey) {
            fixed_pubkey->dispose(fixed_pubkey->st);
        }
     } else {
        assert(fixed_pubkey);
-       SETUP_SETHASH(fixed_pubkey);
        NEW(st->peerkeys_current);
        st->peerkeys_current->refcount=1;
        st->peerkeys_current->nkeys=1;