Commit 57830088 authored by Niels Möller's avatar Niels Möller

Implemented basic handling of keys.

Rev: src/spki/ChangeLog:1.2
Rev: src/spki/certificate.c:1.1
Rev: src/spki/certificate.h:1.2
parent a332fc17
2002-11-13 Niels Mller <nisse@cuckoo.hack.org>
* certificate.c: Implemented basic handling of keys.
/* SPKI functions */
#include "certificate.h"
#include "nettle/md5.h"
#include "nettle/sha.h"
#include <stdlib.h>
#include <string.h>
static void *
spki_realloc(struct spki_acl_db *db, void *p, unsigned size)
{
return realloc(p, size);
}
#define MALLOC(db, size) ((db)->realloc((db), NULL, (size)))
#define FREE(db, p) ((db)->realloc((db), (p), 0))
#define NEW(db, type, var) type *var = MALLOC((db), sizeof(type))
void
spki_acl_init(struct spki_acl_db *db)
{
db->realloc = spki_realloc;
db->first_subject = NULL;
db->first_acl = NULL;
}
static uint8_t *
spki_dup(struct spki_acl_db *db,
unsigned length, const uint8_t *data)
{
uint8_t *n = MALLOC(db, length);
if (n)
memcpy(n, data, length);
return n;
}
struct spki_subject *
spki_subject_add_key(struct spki_acl_db *db,
unsigned key_length, const uint8_t *key)
{
NEW (db, struct spki_subject, subject);
if (!subject)
return NULL;
if (!(subject->key = spki_dup(db, key_length, key)))
{
FREE(db, subject);
return NULL;
}
subject->key_length = key_length;
if (!(subject->md5 = MALLOC(db, MD5_DIGEST_SIZE)))
{
FREE(db, subject->key);
FREE(db, subject);
return NULL;
}
if (!(subject->sha1 = MALLOC(db, SHA1_DIGEST_SIZE)))
{
FREE(db, subject->md5);
FREE(db, subject->key);
FREE(db, subject);
return NULL;
}
{
struct sha1_ctx ctx;
sha1_init(&ctx);
sha1_update(&ctx, key_length, key);
sha1_digest(&ctx, SHA1_DIGEST_SIZE, subject->sha1);
}
{
struct md5_ctx ctx;
md5_init(&ctx);
md5_update(&ctx, key_length, key);
md5_digest(&ctx, MD5_DIGEST_SIZE, subject->md5);
}
subject->next = db->first_subject;
db->first_subject = subject;
return subject;
}
struct spki_subject *
spki_subject_by_key(struct spki_acl_db *db,
unsigned key_length, const uint8_t *key)
{
/* FIXME: Doesn't check hashes. */
struct spki_subject *s;
for (s = db->first_subject; s; s = s->next)
if (s->key_length == key_length
&& !memcmp(s->key, key, key_length))
return s;
return NULL;
}
......@@ -4,8 +4,12 @@
#include <time.h>
/* FIXME: Terminology: Should this be a "subject" or a "principal"? */
struct spki_subject
{
/* Subjects linked into a list. */
struct spki_subject *next;
/* An s-expression */
unsigned key_length;
/* NULL if only hash is known */
......@@ -64,13 +68,37 @@ struct spki_acl
struct spki_acl_db
{
/* For custom memory allocation. */
void (*realloc)(struct spki_acl_db *, unsigned size, void *);
struct spki_acl *first;
void *(*realloc)(struct spki_acl_db *, void *, unsigned);
struct spki_subject *first_subject;
struct spki_acl *first_acl;
};
void
spki_acl_init(struct spki_acl_db *db);
/* Internal functions for looking up a subject. */
struct spki_subject *
spki_subject_add_key(struct spki_acl_db *db,
unsigned key_length, const uint8_t *key);
struct spki_subject *
spki_subject_by_key(struct spki_acl_db *db,
unsigned key_length, const uint8_t *key);
struct spki_subject *
spki_subject_by_md5(struct spki_acl_db *db,
unsigned key_length, const uint8_t *key);
struct spki_subject *
spki_subject_by_sha1(struct spki_acl_db *db,
unsigned key_length, const uint8_t *key);
/* Handling the acl database */
struct spki_acl *
spki_acl_parse(struct spki_acl_db, struct sexp_iterator *i);
spki_acl_parse(struct spki_acl_db *db, struct sexp_iterator *i);
struct spki_acl *
spki_acl_by_principal_first(struct spki_acl_db *,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment