diff options
Diffstat (limited to 'runtime')
| -rw-r--r-- | runtime/librsgt.c | 38 | ||||
| -rw-r--r-- | runtime/librsgt.h | 28 | ||||
| -rw-r--r-- | runtime/lmsig_gt.c | 67 | ||||
| -rw-r--r-- | runtime/sigprov.h | 1 |
4 files changed, 126 insertions, 8 deletions
diff --git a/runtime/librsgt.c b/runtime/librsgt.c index 4e457005..2f336e2d 100644 --- a/runtime/librsgt.c +++ b/runtime/librsgt.c @@ -350,15 +350,21 @@ seedIV(gtctx ctx) } gtctx -rsgtCtxNew(unsigned char *logfn, enum GTHashAlgorithm hashAlg) +rsgtCtxNew(void) { - char fn[MAXFNAME+1]; gtctx ctx; - ctx = calloc(1, sizeof(struct gtctx_s)); + ctx = calloc(1, sizeof(struct gtctx_s)); ctx->x_prev = NULL; - ctx->hashAlg = hashAlg; + ctx->hashAlg = GT_HASHALG_SHA256; ctx->timestamper = strdup( "http://stamper.guardtime.net/gt-signingservice"); + return ctx; +} + +int +rsgtCtxOpenFile(gtctx ctx, unsigned char *logfn) +{ + char fn[MAXFNAME+1]; snprintf(fn, sizeof(fn), "%s.gtsig", logfn); fn[MAXFNAME] = '\0'; /* be on save side */ ctx->sigfilename = (uchar*) strdup(fn); @@ -366,9 +372,31 @@ rsgtCtxNew(unsigned char *logfn, enum GTHashAlgorithm hashAlg) fn[MAXFNAME] = '\0'; /* be on save side */ ctx->statefilename = (uchar*) strdup(fn); tlvOpen(ctx, LOGSIGHDR, sizeof(LOGSIGHDR)-1); - return ctx; + return 0; } + +/* returns 0 on succes, 1 if algo is unknown */ +int +rsgtSetHashFunction(gtctx ctx, char *algName) +{ + int r = 0; + if(!strcmp(algName, "SHA2-256")) + ctx->hashAlg = GT_HASHALG_SHA256; + else if(!strcmp(algName, "SHA2-384")) + ctx->hashAlg = GT_HASHALG_SHA384; + else if(!strcmp(algName, "SHA2-512")) + ctx->hashAlg = GT_HASHALG_SHA512; + else if(!strcmp(algName, "SHA1")) + ctx->hashAlg = GT_HASHALG_SHA1; + else if(!strcmp(algName, "RIPEMD-160")) + ctx->hashAlg = GT_HASHALG_RIPEMD160; + else if(!strcmp(algName, "SHA2-224")) + ctx->hashAlg = GT_HASHALG_SHA224; + else + r = 1; + return r; +} void rsgtCtxDel(gtctx ctx) { diff --git a/runtime/librsgt.h b/runtime/librsgt.h index ff35d19b..a4ea7cc1 100644 --- a/runtime/librsgt.h +++ b/runtime/librsgt.h @@ -37,6 +37,9 @@ struct gtctx_s { enum GTHashAlgorithm hashAlg; uint8_t *IV; /* initial value for blinding masks (where to do we get it from?) */ GTDataHash *x_prev; /* last leaf hash (maybe of previous block) --> preserve on term */ + uint8_t bKeepRecordHashes; + uint8_t bKeepTreeHashes; + uint64_t blockSizeLimit; char *timestamper; unsigned char *sigfilename; unsigned char *statefilename; @@ -172,10 +175,33 @@ getIVLen(block_sig_t *bs) { return hashOutputLengthOctets(bs->hashID); } +static inline void +rsgtSetTimestamper(gtctx ctx, char *timestamper) +{ + free(ctx->timestamper); + ctx->timestamper = strdup(timestamper); +} +static inline void +rsgtSetBlockSizeLimit(gtctx ctx, uint64_t limit) +{ + ctx->blockSizeLimit = limit; +} +static inline void +rsgtSetKeepRecordHashes(gtctx ctx, int val) +{ + ctx->bKeepRecordHashes = val; +} +static inline void +rsgtSetKeepTreeHashes(gtctx ctx, int val) +{ + ctx->bKeepTreeHashes = val; +} +int rsgtSetHashFunction(gtctx ctx, char *algName); void rsgtInit(char *usragent); void rsgtExit(void); -gtctx rsgtCtxNew(unsigned char *logfn, enum GTHashAlgorithm hashAlg); +gtctx rsgtCtxNew(void); +int rsgtCtxOpenFile(gtctx ctx, unsigned char *logfn); void rsgtCtxDel(gtctx ctx); void sigblkInit(gtctx ctx); void sigblkAddRecord(gtctx ctx, const unsigned char *rec, const size_t len); diff --git a/runtime/lmsig_gt.c b/runtime/lmsig_gt.c index 8be3e045..474c573f 100644 --- a/runtime/lmsig_gt.c +++ b/runtime/lmsig_gt.c @@ -41,11 +41,25 @@ DEFobjStaticHelpers DEFobjCurrIf(errmsg) DEFobjCurrIf(glbl) +/* tables for interfacing with the v6 config system */ +static struct cnfparamdescr cnfpdescr[] = { + { "sig.hashfunction", eCmdHdlrGetWord, 0 }, + { "sig.timestampservice", eCmdHdlrGetWord, 0 }, + { "sig.block.sizelimit", eCmdHdlrSize, 0 }, + { "sig.keeprecordhashes", eCmdHdlrBinary, 0 }, + { "sig.keeptreehashes", eCmdHdlrBinary, 0 } +}; +static struct cnfparamblk pblk = + { CNFPARAMBLK_VERSION, + sizeof(cnfpdescr)/sizeof(struct cnfparamdescr), + cnfpdescr + }; /* Standard-Constructor */ -BEGINobjConstruct(lmsig_gt) /* be sure to specify the object type also in END macro! */ +BEGINobjConstruct(lmsig_gt) dbgprintf("DDDD: lmsig_gt: called construct\n"); + pThis->ctx = rsgtCtxNew(); ENDobjConstruct(lmsig_gt) @@ -55,13 +69,61 @@ CODESTARTobjDestruct(lmsig_gt) dbgprintf("DDDD: lmsig_gt: called destruct\n"); ENDobjDestruct(lmsig_gt) + +/* apply all params from param block to us. This must be called + * after construction, but before the OnFileOpen() entry point. + * Defaults are expected to have been set during construction. + */ +rsRetVal +SetCnfParam(void *pT, struct nvlst *lst) +{ + lmsig_gt_t *pThis = (lmsig_gt_t*) pT; + int i; + uchar *cstr; + struct cnfparamvals *pvals; + pvals = nvlstGetParams(lst, &pblk, NULL); + if(Debug) { + dbgprintf("sig param blk in lmsig_gt:\n"); + cnfparamsPrint(&pblk, pvals); + } + + for(i = 0 ; i < pblk.nParams ; ++i) { + if(!pvals[i].bUsed) + continue; + if(!strcmp(pblk.descr[i].name, "sig.hashfunction")) { + cstr = (uchar*) es_str2cstr(pvals[i].val.d.estr, NULL); + if(rsgtSetHashFunction(pThis->ctx, (char*)cstr) != 0) { + errmsg.LogError(0, RS_RET_ERR, "Hash function " + "'%s' unknown - using default", cstr); + } + free(cstr); + } else if(!strcmp(pblk.descr[i].name, "sig.timestampservice")) { + cstr = (uchar*)es_str2cstr(pvals[i].val.d.estr, NULL); + rsgtSetTimestamper(pThis->ctx, (char*) cstr); + free(cstr); + } else if(!strcmp(pblk.descr[i].name, "sig.block.sizelimit")) { + rsgtSetBlockSizeLimit(pThis->ctx, pvals[i].val.d.n); + } else if(!strcmp(pblk.descr[i].name, "sig.keeprecordhashes")) { + rsgtSetKeepRecordHashes(pThis->ctx, pvals[i].val.d.n); + } else if(!strcmp(pblk.descr[i].name, "sig.keeptreehashes")) { + rsgtSetKeepTreeHashes(pThis->ctx, pvals[i].val.d.n); + } else { + DBGPRINTF("lmsig_gt: program error, non-handled " + "param '%s'\n", pblk.descr[i].name); + } + } + cnfparamvalsDestruct(pvals, &pblk); + return RS_RET_OK; +} + + static rsRetVal OnFileOpen(void *pT, uchar *fn) { lmsig_gt_t *pThis = (lmsig_gt_t*) pT; DEFiRet; dbgprintf("DDDD: onFileOpen: %s\n", fn); - pThis->ctx = rsgtCtxNew(fn, GT_HASHALG_SHA256); + rsgtCtxOpenFile(pThis->ctx, fn); sigblkInit(pThis->ctx); RETiRet; @@ -95,6 +157,7 @@ CODESTARTobjQueryInterface(lmsig_gt) ABORT_FINALIZE(RS_RET_INTERFACE_NOT_SUPPORTED); } pIf->Construct = (rsRetVal(*)(void*)) lmsig_gtConstruct; + pIf->SetCnfParam = SetCnfParam; pIf->Destruct = (rsRetVal(*)(void*)) lmsig_gtDestruct; pIf->OnFileOpen = OnFileOpen; pIf->OnRecordWrite = OnRecordWrite; diff --git a/runtime/sigprov.h b/runtime/sigprov.h index 0154a1f4..5abfb390 100644 --- a/runtime/sigprov.h +++ b/runtime/sigprov.h @@ -27,6 +27,7 @@ /* interface */ BEGINinterface(sigprov) /* name must also be changed in ENDinterface macro! */ rsRetVal (*Construct)(void *ppThis); + rsRetVal (*SetCnfParam)(void *ppThis, struct nvlst *lst); rsRetVal (*Destruct)(void *ppThis); rsRetVal (*OnFileOpen)(void *pThis, uchar *fn); rsRetVal (*OnRecordWrite)(void *pThis, uchar *rec, rs_size_t lenRec); |