From ee66c09220c652519db521327c503b71124fbf0f Mon Sep 17 00:00:00 2001 From: Adam Chlipala Date: Sun, 26 Dec 2010 11:13:37 -0500 Subject: Switch from libmhash to OpenSSL --- src/c/Makefile.am | 4 +-- src/c/Makefile.in | 21 ++++++++------ src/c/mhash.c | 84 ------------------------------------------------------- src/c/openssl.c | 72 +++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 86 insertions(+), 95 deletions(-) delete mode 100644 src/c/mhash.c create mode 100644 src/c/openssl.c (limited to 'src/c') diff --git a/src/c/Makefile.am b/src/c/Makefile.am index 91b48df5..613c2452 100644 --- a/src/c/Makefile.am +++ b/src/c/Makefile.am @@ -1,9 +1,9 @@ lib_LTLIBRARIES = liburweb.la liburweb_http.la liburweb_cgi.la liburweb_fastcgi.la -liburweb_la_SOURCES = memmem.c mhash.c urweb.c request.c queue.c +liburweb_la_SOURCES = memmem.c openssl.c urweb.c request.c queue.c liburweb_http_la_SOURCES = http.c liburweb_cgi_la_SOURCES = cgi.c liburweb_fastcgi_la_SOURCES = fastcgi.c -AM_CPPFLAGS = -I../../include +AM_CPPFLAGS = -I../../include @OPENSSL_INCLUDES@ AM_CFLAGS = -Wimplicit -Wall -Werror diff --git a/src/c/Makefile.in b/src/c/Makefile.in index afbd033e..a3684165 100644 --- a/src/c/Makefile.in +++ b/src/c/Makefile.in @@ -37,10 +37,10 @@ host_triplet = @host@ subdir = src/c DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \ - $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ - $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ - $(top_srcdir)/configure.ac +am__aclocal_m4_deps = $(top_srcdir)/m4/ax_check_openssl.m4 \ + $(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltoptions.m4 \ + $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ + $(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d @@ -71,7 +71,7 @@ am__base_list = \ am__installdirs = "$(DESTDIR)$(libdir)" LTLIBRARIES = $(lib_LTLIBRARIES) liburweb_la_LIBADD = -am_liburweb_la_OBJECTS = memmem.lo mhash.lo urweb.lo request.lo \ +am_liburweb_la_OBJECTS = memmem.lo openssl.lo urweb.lo request.lo \ queue.lo liburweb_la_OBJECTS = $(am_liburweb_la_OBJECTS) liburweb_cgi_la_LIBADD = @@ -145,7 +145,6 @@ LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ -MHASH_LIB_DIR = @MHASH_LIB_DIR@ MKDIR_P = @MKDIR_P@ MLLEX = @MLLEX@ MLTON = @MLTON@ @@ -154,6 +153,9 @@ NM = @NM@ NMEDIT = @NMEDIT@ OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ +OPENSSL_INCLUDES = @OPENSSL_INCLUDES@ +OPENSSL_LDFLAGS = @OPENSSL_LDFLAGS@ +OPENSSL_LIBS = @OPENSSL_LIBS@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ @@ -164,6 +166,7 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ +PKG_CONFIG = @PKG_CONFIG@ RANLIB = @RANLIB@ SED = @SED@ SET_MAKE = @SET_MAKE@ @@ -224,11 +227,11 @@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ lib_LTLIBRARIES = liburweb.la liburweb_http.la liburweb_cgi.la liburweb_fastcgi.la -liburweb_la_SOURCES = memmem.c mhash.c urweb.c request.c queue.c +liburweb_la_SOURCES = memmem.c openssl.c urweb.c request.c queue.c liburweb_http_la_SOURCES = http.c liburweb_cgi_la_SOURCES = cgi.c liburweb_fastcgi_la_SOURCES = fastcgi.c -AM_CPPFLAGS = -I../../include +AM_CPPFLAGS = -I../../include @OPENSSL_INCLUDES@ AM_CFLAGS = -Wimplicit -Wall -Werror all: all-am @@ -314,7 +317,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fastcgi.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/http.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/memmem.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mhash.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/queue.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/request.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/urweb.Plo@am__quote@ diff --git a/src/c/mhash.c b/src/c/mhash.c deleted file mode 100644 index 069eff2a..00000000 --- a/src/c/mhash.c +++ /dev/null @@ -1,84 +0,0 @@ -#include "config.h" - -#include -#include - -#define KEYSIZE 16 -#define PASSSIZE 4 - -#define HASH_ALGORITHM MHASH_SHA256 -#define HASH_BLOCKSIZE 32 -#define KEYGEN_ALGORITHM KEYGEN_MCRYPT - -int uw_hash_blocksize = HASH_BLOCKSIZE; - -static int password[PASSSIZE]; -static unsigned char private_key[KEYSIZE]; - -char *uw_sig_file = NULL; - -static void random_password() { - int i; - - for (i = 0; i < PASSSIZE; ++i) - password[i] = rand(); -} - -void uw_init_crypto() { - KEYGEN kg = {{HASH_ALGORITHM, HASH_ALGORITHM}}; - - assert(mhash_get_block_size(HASH_ALGORITHM) == HASH_BLOCKSIZE); - - if (uw_sig_file) { - int fd; - - if (access(uw_sig_file, F_OK)) { - random_password(); - - if ((fd = open(uw_sig_file, O_WRONLY | O_CREAT, 0700)) < 0) { - fprintf(stderr, "Can't open signature file %s\n", uw_sig_file); - perror("open"); - exit(1); - } - - if (write(fd, &password, sizeof password) != sizeof password) { - fprintf(stderr, "Error writing signature file\n"); - exit(1); - } - - close(fd); - } else { - if ((fd = open(uw_sig_file, O_RDONLY)) < 0) { - fprintf(stderr, "Can't open signature file %s\n", uw_sig_file); - perror("open"); - exit(1); - } - - if (read(fd, &password, sizeof password) != sizeof password) { - fprintf(stderr, "Error reading signature file\n"); - exit(1); - } - - close(fd); - } - } else - random_password(); - - if (mhash_keygen_ext(KEYGEN_ALGORITHM, kg, - private_key, sizeof(private_key), - (unsigned char*)password, sizeof(password)) < 0) { - fprintf(stderr, "Key generation failed\n"); - exit(1); - } -} - -void uw_sign(const char *in, char *out) { - MHASH td; - - td = mhash_hmac_init(HASH_ALGORITHM, private_key, sizeof(private_key), - mhash_get_hash_pblock(HASH_ALGORITHM)); - - mhash(td, in, strlen(in)); - if (mhash_hmac_deinit(td, out) < 0) - fprintf(stderr, "Signing failed\n"); -} diff --git a/src/c/openssl.c b/src/c/openssl.c new file mode 100644 index 00000000..6a998e29 --- /dev/null +++ b/src/c/openssl.c @@ -0,0 +1,72 @@ +#include "config.h" + +#include +#include +#include +#include +#include +#include +#include + +#include + +#define PASSSIZE 4 + +int uw_hash_blocksize = 32; + +static int password[PASSSIZE]; + +char *uw_sig_file = NULL; + +static void random_password() { + int i; + + for (i = 0; i < PASSSIZE; ++i) + password[i] = rand(); +} + +void uw_init_crypto() { + if (uw_sig_file) { + int fd; + + if (access(uw_sig_file, F_OK)) { + random_password(); + + if ((fd = open(uw_sig_file, O_WRONLY | O_CREAT, 0700)) < 0) { + fprintf(stderr, "Can't open signature file %s\n", uw_sig_file); + perror("open"); + exit(1); + } + + if (write(fd, &password, sizeof password) != sizeof password) { + fprintf(stderr, "Error writing signature file\n"); + exit(1); + } + + close(fd); + } else { + if ((fd = open(uw_sig_file, O_RDONLY)) < 0) { + fprintf(stderr, "Can't open signature file %s\n", uw_sig_file); + perror("open"); + exit(1); + } + + if (read(fd, &password, sizeof password) != sizeof password) { + fprintf(stderr, "Error reading signature file\n"); + exit(1); + } + + close(fd); + } + } else + random_password(); +} + +void uw_sign(const char *in, unsigned char *out) { + SHA256_CTX c; + + SHA256_Init(&c); + SHA256_Update(&c, password, sizeof password); + SHA256_Update(&c, in, strlen(in)); + SHA256_Final(out, &c); +} -- cgit v1.2.3