diff options
| author |  Adam Chlipala <adamc@hcoop.net> | 2009-04-16 19:12:12 -0400 |
|---|---|---|
| committer | Adam Chlipala <adamc@hcoop.net> | 2009-04-16 19:12:12 -0400 |
| commit | 777ba279e76f6d30de4d64948930ae0d0d17833c (patch) | |
| tree | 7e56853b9d7b3d70846add897bdffc1d309cae94 /src/c | |
| parent | 2f923a2b261ac47e5f44d26aa92b548bbad86e09 (diff) | |
Cookie signing working for forms
Diffstat (limited to 'src/c')
| -rw-r--r-- | src/c/driver.c | 51 | ||||
| -rw-r--r-- | src/c/urweb.c | 22 |
2 files changed, 70 insertions, 3 deletions
diff --git a/src/c/driver.c b/src/c/driver.c index e6538616..f7456ed9 100644 --- a/src/c/driver.c +++ b/src/c/driver.c @@ -10,6 +10,8 @@ #include <pthread.h> +#include <mhash.h> + #include "urweb.h" int uw_backlog = 10; @@ -102,6 +104,46 @@ static uw_context new_context() { return ctx; } +#define KEYSIZE 16 +#define PASSSIZE 4 + +#define HASH_ALGORITHM MHASH_SHA256 +#define HASH_BLOCKSIZE 32 +#define KEYGEN_ALGORITHM KEYGEN_MCRYPT + +int uw_hash_blocksize = HASH_BLOCKSIZE; + +static int password[PASSSIZE]; +static unsigned char private_key[KEYSIZE]; + +static void init_crypto() { + KEYGEN kg = {{HASH_ALGORITHM, HASH_ALGORITHM}}; + int i; + + assert(mhash_get_block_size(HASH_ALGORITHM) == HASH_BLOCKSIZE); + + for (i = 0; i < PASSSIZE; ++i) + password[i] = rand(); + + if (mhash_keygen_ext(KEYGEN_ALGORITHM, kg, + private_key, sizeof(private_key), + (unsigned char*)password, sizeof(password)) < 0) { + printf("Key generation failed\n"); + exit(1); + } +} + +void uw_sign(const char *in, char *out) { + MHASH td; + + td = mhash_hmac_init(HASH_ALGORITHM, private_key, sizeof(private_key), + mhash_get_hash_pblock(HASH_ALGORITHM)); + + mhash(td, in, strlen(in)); + if (mhash_hmac_deinit(td, out) < 0) + printf("Signing failed"); +} + static void *worker(void *data) { int me = *(int *)data, retries_left = MAX_RETRIES; uw_context ctx = new_context(); @@ -344,9 +386,13 @@ static void sigint(int signum) { } static void initialize() { - uw_context ctx = new_context(); + uw_context ctx; failure_kind fk; + init_crypto(); + + ctx = new_context(); + if (!ctx) exit(1); @@ -411,6 +457,7 @@ int main(int argc, char *argv[]) { } } + uw_global_init(); initialize(); names = calloc(nthreads, sizeof(int)); @@ -444,8 +491,6 @@ int main(int argc, char *argv[]) { sin_size = sizeof their_addr; - uw_global_init(); - printf("Listening on port %d....\n", uw_port); { diff --git a/src/c/urweb.c b/src/c/urweb.c index d3a93af9..bd42352f 100644 --- a/src/c/urweb.c +++ b/src/c/urweb.c @@ -1981,3 +1981,25 @@ failure_kind uw_initialize(uw_context ctx) { uw_Basis_string uw_Basis_bless(uw_context ctx, uw_Basis_string s) { return s; } + +uw_Basis_string uw_unnull(uw_Basis_string s) { + return s ? s : ""; +} + +extern int uw_hash_blocksize; + +uw_Basis_string uw_Basis_makeSigString(uw_context ctx, uw_Basis_string sig) { + uw_Basis_string r = uw_malloc(ctx, 2 * uw_hash_blocksize + 1); + int i; + + for (i = 0; i < uw_hash_blocksize; ++i) + sprintf(&r[2*i], "%.02X", ((unsigned char *)sig)[i]); + + return r; +} + +extern uw_Basis_string uw_cookie_sig(uw_context); + +uw_Basis_string uw_Basis_sigString(uw_context ctx, uw_unit u) { + return uw_cookie_sig(ctx); +} |