X-Git-Url: https://git.distorted.org.uk/~mdw/become/blobdiff_plain/af4f4d6a77aceba8e2d6f58d15e894df320e7c24..9dc8f71525461775496b3f363a5aa7c462ca4858:/src/daemon.c

diff --git a/src/daemon.c b/src/daemon.c
index a91a8a5..7263f81 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -1,6 +1,6 @@
 /* -*-c-*-
  *
- * $Id: daemon.c,v 1.17 2004/04/08 01:36:20 mdw Exp $
+ * $Id$
  *
  * Running a `become' daemon
  *
@@ -63,13 +63,14 @@
 /* --- Catacomb headers --- */
 
 #include <catacomb/buf.h>
-#include <catacomb/dsa.h>
+#include <catacomb/gdsa.h>
 #include <catacomb/key.h>
+#include <catacomb/dh.h>
+#include <catacomb/ec-keys.h>
 #include <catacomb/mp.h>
 #include <catacomb/noise.h>
 #include <catacomb/paranoia.h>
 #include <catacomb/rand.h>
-#include <catacomb/sha.h>
 
 /* --- Local headers --- */
 
@@ -96,7 +97,7 @@ static sel_state daemon__sel;		/* Select context */
 static sel_file daemon__listen;		/* Listening socket selector */
 static const char *daemon__config;	/* Configuration file for daemon */
 static const char *daemon__keyfile;	/* Keyring file for daemon */
-static dsa_priv daemon__key;		/* The key data */
+static gdsa daemon__key;		/* The key data */
 
 /*----- Main code ---------------------------------------------------------*/
 
@@ -144,34 +145,95 @@ static void daemon__moan(const char *f, int line, const char *msg, void *p)
 
 void daemon_readKey(const char *kf)
 {
-  key_packstruct kps[DSA_PRIVFETCHSZ];
   key_packdef *kp;
   key_file f;
   key *k;
   int err;
+  const char *sn;
+  const char *hn;
+  const char *errmsg;
+  gdsa g;
 
   if (daemon__keyfile)
     return;
   T( trace(TRACE_DAEMON, "daemon: reading key from `%s'", kf); )
   if (key_open(&f, kf, KOPEN_READ, daemon__moan, 0))
-    return;
-  kp = key_fetchinit(dsa_privfetch, kps, &daemon__key);
-  if ((k = key_bytype(&f, "become-dsa")) == 0)
-    err = KERR_NOTFOUND;
-  else
-    err = key_fetch(kp, k);
-  if (err)
-    syslog(LOG_ERR, "couldn't load key: %s", key_strerror(err));
-  else {
-    mp_copy(daemon__key.dp.p);
-    mp_copy(daemon__key.dp.q);
-    mp_copy(daemon__key.dp.g);
-    mp_copy(daemon__key.x);
-    mp_copy(daemon__key.y);
-    daemon__keyfile = kf;
+    goto fail_0;
+  if ((k = key_bytype(&f, "become")) == 0) {
+    syslog(LOG_ERR, "no key of type `become' found");
+    goto fail_1;
+  }
+  if ((hn = key_getattr(&f, k, "hash")) == 0)
+    hn = "sha";
+  sn = key_getattr(&f, k, "sig");
+  g.r = &rand_global;
+  if ((g.h = ghash_byname(hn)) == 0) {
+    syslog(LOG_ERR, "key uses unknown hash algorithm `%s'", hn);
+    goto fail_1;
+  }
+  if (!sn || strcmp(sn, "dsa") == 0) {
+    dh_priv dp;
+    kp = key_fetchinit(dh_privfetch, 0, &dp);
+    if ((err = key_fetch(kp, k)) != 0) {
+      syslog(LOG_ERR, "error loading key: %s", key_strerror(err));
+      goto fail_2;
+    }
+    if ((g.g = group_prime(&dp.dp)) == 0) {
+      syslog(LOG_ERR, "bad prime group in key");
+      goto fail_3;
+    }
+    g.p = G_CREATE(g.g);
+    if (G_FROMINT(g.g, g.p, dp.y)) {
+      syslog(LOG_ERR, "bad public key");
+      goto fail_4;
+    }
+    g.u = mp_copy(dp.x);
+  } else if (strcmp(sn, "ecdsa") == 0) {
+    ec_priv ep;
+    ec_info ei;
+    kp = key_fetchinit(ec_privfetch, 0, &ep);
+    if ((err = key_fetch(kp, k)) != 0) {
+      syslog(LOG_ERR, "error loading key: %s", key_strerror(err));
+      goto fail_2;
+    }
+    if ((errmsg = ec_getinfo(&ei, ep.cstr)) != 0) {
+      syslog(LOG_ERR, "bad curve in key: %s", errmsg);
+      goto fail_3;
+    }
+    g.g = group_ec(&ei);
+    g.p = G_CREATE(g.g);
+    if (G_FROMEC(g.g, g.p, &ep.p)) {
+      syslog(LOG_ERR, "bad public point");
+      goto fail_4;
+    }
+    g.u = mp_copy(ep.x);
+  } else {
+    syslog(LOG_ERR, "key uses unknown signature scheme `%s'", sn);
+    goto fail_1;
   }
   key_fetchdone(kp);
+  daemon__keyfile = kf;
   key_close(&f);
+  if (daemon__key.g) {
+    mp_drop(daemon__key.u);
+    G_DESTROY(daemon__key.g, daemon__key.p);
+    G_DESTROYGROUP(daemon__key.g);
+  }
+  daemon__key = g;
+  T( trace(TRACE_DAEMON, "daemon: key read ok"); )
+  return;
+
+fail_4:
+  G_DESTROY(g.g, g.p);
+fail_3:
+  G_DESTROYGROUP(g.g);
+fail_2:
+  key_fetchdone(kp);
+fail_1:
+  key_close(&f);
+fail_0:
+  T( trace(TRACE_DAEMON, "daemon: failed to read key"); )
+  return;
 }
 
 /* --- @daemon__readConfig@ --- *
@@ -215,15 +277,14 @@ void daemon__read(int fd, unsigned mode, void *p)
   unsigned char buff[65536];		/* Buffer for incoming packets */
   struct sockaddr_in sin;		/* Address of packet sender */
   char sender[64];			/* Sender's hostname (resolved) */
-  octet h[SHA_HASHSZ];			/* Hash of the transmission buffer */
-  sha_ctx hc;				/* Hashing context */
+  ghash *h;				/* Hash context */
   request rq;				/* Request buffer for verification */
   ssize_t sz;				/* Length of incoming message */
   socklen_t slen;			/* Length of incoming address */
   uint32 u;				/* Scratch integer */
   uint16 ul;				/* And another */
   struct hostent *he;			/* Resolve structure */
-  mp *m, *k, *r, *s;			/* Integers for signing */
+  gdsa_sig s = GDSA_SIG_INIT;		/* Signature block */
   int ans;				/* Answer from the check */
   buf b;				/* Buffer for parsing request */
 
@@ -263,7 +324,7 @@ void daemon__read(int fd, unsigned mode, void *p)
 
   rq.host = sin.sin_addr;
   buf_init(&b, buff, sz);
-  if (buf_ensure(&b, SHA_HASHSZ)) goto fail;  BSTEP(&b, SHA_HASHSZ);
+  if (buf_ensure(&b, 64)) goto fail; BSTEP(&b, 64);
   if (buf_getu32(&b, &u)) goto fail;  rq.from = u;
   if (buf_getu32(&b, &u)) goto fail;  rq.to = u;
   if (buf_getu16(&b, &ul) || buf_ensure(&b, ul) || ul >= sizeof(rq.cmd))
@@ -275,9 +336,8 @@ void daemon__read(int fd, unsigned mode, void *p)
 
   /* --- Hash the request block --- */
 
-  sha_init(&hc);
-  sha_hash(&hc, buff, sz);
-  sha_done(&hc, h);
+  h = GH_INIT(daemon__key.h);
+  GH_HASH(h, buff, sz);
 
   /* --- Build a reply block --- */
 
@@ -285,27 +345,20 @@ void daemon__read(int fd, unsigned mode, void *p)
   syslog(LOG_INFO, "request from %s for %i to become %i to run %s %s",
 	 sender, rq.from, rq.to, rq.cmd, ans ? "granted" : "denied");
   buf_init(&b, buff, sizeof(buff));
-  if (buf_put(&b, h, sizeof(h)) || buf_putbyte(&b, ans))
-    goto fail;
+  buf_put(&b, GH_DONE(h, 0), GH_CLASS(h)->hashsz);
+  buf_putbyte(&b, ans);
+  if (BBAD(&b)) goto fail;
 
   /* --- Sign the reply block --- */
 
-  sha_init(&hc);
-  sha_hash(&hc, BBASE(&b), BLEN(&b));
-  sha_done(&hc, h);
-  m = mp_loadb(MP_NEW, h, sizeof(h));
-  rand_get(RAND_GLOBAL, h, sizeof(h));
-  k = mp_loadb(MP_NEWSEC, h, sizeof(h));
-  r = s = MP_NEW;
-  dsa_mksig(&daemon__key.dp, daemon__key.x, m, k, &r, &s);
-  buf_putmp(&b, r);
-  buf_putmp(&b, s);
-  mp_drop(m);
-  mp_drop(k);
-  mp_drop(r);
-  mp_drop(s);
-  if (BBAD(&b))
-    goto fail;
+  h = gdsa_beginhash(&daemon__key);
+  GH_HASH(h, BBASE(&b), BLEN(&b));
+  gdsa_endhash(&daemon__key, h);
+  gdsa_sign(&daemon__key, &s, GH_DONE(h, 0), 0);
+  GH_DESTROY(h);
+  buf_putmp(&b, s.r); buf_putmp(&b, s.s);
+  mp_drop(s.r); mp_drop(s.s);
+  if (BBAD(&b)) goto fail;
 
   /* --- Send the reply off --- */
 
@@ -373,7 +426,6 @@ static void daemon__rescan(int n, void *p)
   rule_end();
   netg_end();
   userdb_end();
-  dsa_privfree(&daemon__key);
   userdb_init();
   userdb_local();
   userdb_yp();