adamc@1104: #include <mhash.h>
adamc@1145: #include <fcntl.h>
adamc@1104: 
adamc@1104: #define KEYSIZE 16
adamc@1104: #define PASSSIZE 4
adamc@1104: 
adamc@1104: #define HASH_ALGORITHM MHASH_SHA256
adamc@1104: #define HASH_BLOCKSIZE 32
adamc@1104: #define KEYGEN_ALGORITHM KEYGEN_MCRYPT
adamc@1104: 
adamc@1104: int uw_hash_blocksize = HASH_BLOCKSIZE;
adamc@1104: 
adamc@1104: static int password[PASSSIZE];
adamc@1104: static unsigned char private_key[KEYSIZE];
adamc@1104: 
adamc@1145: char *uw_sig_file = NULL;
adamc@1145: 
adamc@1145: static void random_password() {
adamc@1145:   int i;
adamc@1145: 
adamc@1145:   for (i = 0; i < PASSSIZE; ++i)
adamc@1145:     password[i] = rand();
adamc@1145: }
adamc@1145: 
adamc@1104: void uw_init_crypto() {
adamc@1104:   KEYGEN kg = {{HASH_ALGORITHM, HASH_ALGORITHM}};
adamc@1104: 
adamc@1104:   assert(mhash_get_block_size(HASH_ALGORITHM) == HASH_BLOCKSIZE);
adamc@1104: 
adamc@1145:   if (uw_sig_file) {
adamc@1145:     int fd;
adamc@1145: 
adamc@1155:     if (access(uw_sig_file, F_OK)) {
adamc@1145:       random_password();
adamc@1145:       
adamc@1145:       if ((fd = open(uw_sig_file, O_WRONLY | O_CREAT, 0700)) < 0) {
adamc@1145:         fprintf(stderr, "Can't open signature file %s\n", uw_sig_file);
adamc@1145:         perror("open");
adamc@1145:         exit(1);
adamc@1145:       }
adamc@1145: 
adamc@1145:       if (write(fd, &password, sizeof password) != sizeof password) {
adamc@1145:         fprintf(stderr, "Error writing signature file\n");
adamc@1145:         exit(1);
adamc@1145:       }
adamc@1145: 
adamc@1145:       close(fd);
adamc@1145:     } else {
adamc@1145:       if ((fd = open(uw_sig_file, O_RDONLY)) < 0) {
adamc@1145:         fprintf(stderr, "Can't open signature file %s\n", uw_sig_file);
adamc@1145:         perror("open");
adamc@1145:         exit(1);
adamc@1145:       }
adamc@1145: 
adamc@1145:       if (read(fd, &password, sizeof password) != sizeof password) {
adamc@1145:         fprintf(stderr, "Error reading signature file\n");
adamc@1145:         exit(1);
adamc@1145:       }
adamc@1145: 
adamc@1145:       close(fd);
adamc@1145:     }
adamc@1145:   } else
adamc@1145:     random_password();
adamc@1104: 
adamc@1104:   if (mhash_keygen_ext(KEYGEN_ALGORITHM, kg,
adamc@1104:                        private_key, sizeof(private_key),
adamc@1104:                        (unsigned char*)password, sizeof(password)) < 0) {
adamc@1104:     fprintf(stderr, "Key generation failed\n");
adamc@1104:     exit(1);
adamc@1104:   }
adamc@1104: }
adamc@1104: 
adamc@1104: void uw_sign(const char *in, char *out) {
adamc@1104:   MHASH td;
adamc@1104: 
adamc@1104:   td = mhash_hmac_init(HASH_ALGORITHM, private_key, sizeof(private_key),
adamc@1104:                        mhash_get_hash_pblock(HASH_ALGORITHM));
adamc@1104:   
adamc@1104:   mhash(td, in, strlen(in));
adamc@1104:   if (mhash_hmac_deinit(td, out) < 0)
adamc@1104:     fprintf(stderr, "Signing failed\n");
adamc@1104: }