diff options
| author | Christian Grothoff <christian@grothoff.org> | 2015-03-15 18:37:08 +0100 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2015-03-15 18:37:08 +0100 |
| commit | 464077c547806d050d0bf75b28514dd9a4c7798b (patch) | |
| tree | 37cc84e8ad28730ea8136d35c2e59261e4455a38 | |
| parent | 4d98a1200a4dc03a89968212913dfd47bc1749a8 (diff) | |
| download | exchange-464077c547806d050d0bf75b28514dd9a4c7798b.tar.gz exchange-464077c547806d050d0bf75b28514dd9a4c7798b.tar.bz2 exchange-464077c547806d050d0bf75b28514dd9a4c7798b.zip | |
properly handle variable-size RSA keys in key_io.c
| -rw-r--r-- | src/mint/key_io.c | 67 |
1 files changed, 36 insertions, 31 deletions
diff --git a/src/mint/key_io.c b/src/mint/key_io.c index 98c4f5fff..d267ce2a2 100644 --- a/src/mint/key_io.c +++ b/src/mint/key_io.c @@ -20,9 +20,6 @@ * @author Benedikt Mueller * @author Sree Harsha Totakura * @author Christian Grothoff - * - * TODO: - * - revisit IO with respect to variable-size RSA keys! */ #include "platform.h" #include "key_io.h" @@ -120,7 +117,8 @@ TALER_MINT_signkeys_iterate (const char *mint_base_dir, * * @param filename the file to import the key from * @param[OUT] dki set to the imported denomination key - * @return #GNUNET_OK upon success; #GNUNET_SYSERR upon failure + * @return #GNUNET_OK upon success; + * #GNUNET_SYSERR upon failure */ int TALER_MINT_read_denom_key (const char *filename, @@ -130,45 +128,54 @@ TALER_MINT_read_denom_key (const char *filename, size_t offset; void *data; struct GNUNET_CRYPTO_rsa_PrivateKey *priv; - int ret; - ret = GNUNET_SYSERR; - data = NULL; - offset = sizeof (struct TALER_MINT_DenomKeyIssuePriv) - - offsetof (struct TALER_MINT_DenomKeyIssuePriv, - issue.signature); - /* FIXME: this is very wrong, does not support variable-size - encoding of RSA keys (private or public!) */ if (GNUNET_OK != GNUNET_DISK_file_size (filename, &size, GNUNET_YES, GNUNET_YES)) - goto cleanup; + { + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "Skipping inaccessable denomination key file `%s'\n", + filename); + return GNUNET_SYSERR; + } + offset = sizeof (struct TALER_MINT_DenomKeyIssue); if (size <= offset) { GNUNET_break (0); - goto cleanup; + return GNUNET_SYSERR; } data = GNUNET_malloc (size); - if (size != GNUNET_DISK_fn_read (filename, - data, - size)) - goto cleanup; - if (NULL == (priv = GNUNET_CRYPTO_rsa_private_key_decode (data + offset, - size - offset))) - goto cleanup; + if (size != + GNUNET_DISK_fn_read (filename, + data, + size)) + { + GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, + "read", + filename); + GNUNET_free (data); + return GNUNET_SYSERR; + } + if (NULL == + (priv = GNUNET_CRYPTO_rsa_private_key_decode (data + offset, + size - offset))) + { + GNUNET_free (data); + return GNUNET_SYSERR; + } dki->denom_priv = priv; - memcpy (&dki->issue.signature, data, offset); - ret = GNUNET_OK; - - cleanup: - GNUNET_free_non_null (data); - return ret; + dki->denom_pub = GNUNET_CRYPTO_rsa_private_key_get_public (priv); + memcpy (&dki->issue, + data, + offset); + GNUNET_free (data); + return GNUNET_OK; } /** - * Exports a denomination key to the given file + * Exports a denomination key to the given file. * * @param filename the file where to write the denomination key * @param dki the denomination key @@ -194,9 +201,7 @@ TALER_MINT_write_denom_key (const char *filename, GNUNET_DISK_OPEN_WRITE | GNUNET_DISK_OPEN_CREATE | GNUNET_DISK_OPEN_TRUNCATE, GNUNET_DISK_PERM_USER_READ | GNUNET_DISK_PERM_USER_WRITE))) goto cleanup; - wsize = sizeof (struct TALER_MINT_DenomKeyIssuePriv) - - offsetof (struct TALER_MINT_DenomKeyIssuePriv, - issue.signature); + wsize = sizeof (struct TALER_MINT_DenomKeyIssue); if (GNUNET_SYSERR == (wrote = GNUNET_DISK_file_write (fh, &dki->issue.signature, wsize))) |