adamc@1268: #include "config.h" adamc@1268: bbaren@2166: #include adam@1368: #include adam@1368: #include adam@1368: #include adam@1368: #include adamc@1145: #include adam@1368: #include adam@1368: #include bbaren@2166: #include adamc@1104: bbaren@2166: #include adam@1368: #include adam@2105: #include adam@1368: adamc@1104: #define PASSSIZE 4 adamc@1104: bbaren@2166: // OpenSSL locks array. See threads(3SSL). bbaren@2166: static pthread_mutex_t *openssl_locks; bbaren@2166: adam@1368: int uw_hash_blocksize = 32; adamc@1104: adamc@1104: static int password[PASSSIZE]; adamc@1104: adamc@1145: char *uw_sig_file = NULL; adamc@1145: adamc@1145: static void random_password() { adam@2105: if (!RAND_bytes((unsigned char *)password, sizeof password)) { adam@2105: fprintf(stderr, "Error generating random password\n"); adam@2105: perror("RAND_bytes"); adam@2105: exit(1); adam@2105: } adamc@1145: } adamc@1145: bbaren@2166: // OpenSSL callbacks bbaren@2166: static void thread_id(CRYPTO_THREADID *const result) { ziv@2250: CRYPTO_THREADID_set_numeric(result, (unsigned long)pthread_self()); bbaren@2166: } bbaren@2166: static void lock_or_unlock(const int mode, const int type, const char *file, bbaren@2166: const int line) { bbaren@2166: pthread_mutex_t *const lock = &openssl_locks[type]; bbaren@2166: if (mode & CRYPTO_LOCK) { bbaren@2166: if (pthread_mutex_lock(lock)) { bbaren@2166: fprintf(stderr, "Can't take lock at %s:%d\n", file, line); bbaren@2166: exit(1); bbaren@2166: } bbaren@2166: } else { bbaren@2166: if (pthread_mutex_unlock(lock)) { bbaren@2166: fprintf(stderr, "Can't release lock at %s:%d\n", file, line); bbaren@2166: exit(1); bbaren@2166: } bbaren@2166: } bbaren@2166: } bbaren@2166: adamc@1104: void uw_init_crypto() { bbaren@2166: int i; bbaren@2166: // Set up OpenSSL. bbaren@2166: assert(openssl_locks == NULL); bbaren@2166: openssl_locks = malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t)); bbaren@2166: if (!openssl_locks) { bbaren@2166: perror("malloc"); bbaren@2166: exit(1); bbaren@2166: } bbaren@2166: for (i = 0; i < CRYPTO_num_locks(); ++i) { bbaren@2166: pthread_mutex_init(&(openssl_locks[i]), NULL); bbaren@2166: } bbaren@2166: CRYPTO_THREADID_set_callback(thread_id); bbaren@2166: CRYPTO_set_locking_callback(lock_or_unlock); bbaren@2166: // Prepare signatures. adamc@1145: if (uw_sig_file) { adamc@1145: int fd; adamc@1145: adamc@1155: if (access(uw_sig_file, F_OK)) { adamc@1145: random_password(); ziv@2250: adamc@1145: if ((fd = open(uw_sig_file, O_WRONLY | O_CREAT, 0700)) < 0) { adamc@1145: fprintf(stderr, "Can't open signature file %s\n", uw_sig_file); adamc@1145: perror("open"); adamc@1145: exit(1); adamc@1145: } adamc@1145: adamc@1145: if (write(fd, &password, sizeof password) != sizeof password) { adamc@1145: fprintf(stderr, "Error writing signature file\n"); adamc@1145: exit(1); adamc@1145: } adamc@1145: adamc@1145: close(fd); adamc@1145: } else { adamc@1145: if ((fd = open(uw_sig_file, O_RDONLY)) < 0) { adamc@1145: fprintf(stderr, "Can't open signature file %s\n", uw_sig_file); adamc@1145: perror("open"); adamc@1145: exit(1); adamc@1145: } adamc@1145: adamc@1145: if (read(fd, &password, sizeof password) != sizeof password) { adamc@1145: fprintf(stderr, "Error reading signature file\n"); adamc@1145: exit(1); adamc@1145: } adamc@1145: adamc@1145: close(fd); adamc@1145: } adamc@1145: } else adamc@1145: random_password(); adamc@1104: } adamc@1104: adam@1368: void uw_sign(const char *in, unsigned char *out) { adam@1368: SHA256_CTX c; adamc@1104: adam@1368: SHA256_Init(&c); adam@1368: SHA256_Update(&c, password, sizeof password); adam@1368: SHA256_Update(&c, in, strlen(in)); adam@1368: SHA256_Final(out, &c); adamc@1104: }