From 777ba279e76f6d30de4d64948930ae0d0d17833c Mon Sep 17 00:00:00 2001
From: Adam Chlipala <adamc@hcoop.net>
Date: Thu, 16 Apr 2009 19:12:12 -0400
Subject: Cookie signing working for forms

---
 src/c/driver.c | 51 ++++++++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 48 insertions(+), 3 deletions(-)

(limited to 'src/c/driver.c')

diff --git a/src/c/driver.c b/src/c/driver.c
index e6538616..f7456ed9 100644
--- a/src/c/driver.c
+++ b/src/c/driver.c
@@ -10,6 +10,8 @@
 
 #include <pthread.h>
 
+#include <mhash.h>
+
 #include "urweb.h"
 
 int uw_backlog = 10;
@@ -102,6 +104,46 @@ static uw_context new_context() {
   return ctx;
 }
 
+#define KEYSIZE 16
+#define PASSSIZE 4
+
+#define HASH_ALGORITHM MHASH_SHA256
+#define HASH_BLOCKSIZE 32
+#define KEYGEN_ALGORITHM KEYGEN_MCRYPT
+
+int uw_hash_blocksize = HASH_BLOCKSIZE;
+
+static int password[PASSSIZE];
+static unsigned char private_key[KEYSIZE];
+
+static void init_crypto() {
+  KEYGEN kg = {{HASH_ALGORITHM, HASH_ALGORITHM}};
+  int i;
+
+  assert(mhash_get_block_size(HASH_ALGORITHM) == HASH_BLOCKSIZE);
+
+  for (i = 0; i < PASSSIZE; ++i)
+    password[i] = rand();
+
+  if (mhash_keygen_ext(KEYGEN_ALGORITHM, kg,
+                       private_key, sizeof(private_key),
+                       (unsigned char*)password, sizeof(password)) < 0) {
+    printf("Key generation failed\n");
+    exit(1);
+  }
+}
+
+void uw_sign(const char *in, char *out) {
+  MHASH td;
+
+  td = mhash_hmac_init(HASH_ALGORITHM, private_key, sizeof(private_key),
+                       mhash_get_hash_pblock(HASH_ALGORITHM));
+  
+  mhash(td, in, strlen(in));
+  if (mhash_hmac_deinit(td, out) < 0)
+    printf("Signing failed");
+}
+
 static void *worker(void *data) {
   int me = *(int *)data, retries_left = MAX_RETRIES;
   uw_context ctx = new_context();
@@ -344,9 +386,13 @@ static void sigint(int signum) {
 }
 
 static void initialize() {
-  uw_context ctx = new_context();
+  uw_context ctx;
   failure_kind fk;
 
+  init_crypto();
+
+  ctx = new_context();
+
   if (!ctx)
     exit(1);
 
@@ -411,6 +457,7 @@ int main(int argc, char *argv[]) {
     }
   }
 
+  uw_global_init();
   initialize();
 
   names = calloc(nthreads, sizeof(int));
@@ -444,8 +491,6 @@ int main(int argc, char *argv[]) {
 
   sin_size = sizeof their_addr;
 
-  uw_global_init();
-
   printf("Listening on port %d....\n", uw_port);
 
   {
-- 
cgit v1.2.3