Skip to content
This repository
Browse code

First round if refactoring to clean up header dependencies.

  • Loading branch information...
commit 6ecf81b16e601b92f67487cee2ef4c303f733b2e 1 parent 9c1b1d5
Damien Stuart authored March 02, 2013
28  client/fwknop.c
@@ -28,14 +28,20 @@
28 28
  *
29 29
  *****************************************************************************
30 30
 */
  31
+#include "fko.h"
31 32
 #include "fwknop.h"
32 33
 #include "config_init.h"
33 34
 #include "spa_comm.h"
34 35
 #include "utils.h"
35 36
 #include "getpasswd.h"
  37
+
  38
+#include "digest.h"
  39
+#include "rijndael.h"
  40
+
36 41
 #include <sys/stat.h>
37 42
 #include <fcntl.h>
38 43
 
  44
+
39 45
 /* prototypes
40 46
 */
41 47
 static void get_keys(fko_ctx_t ctx, fko_cli_options_t *options,
@@ -61,13 +67,14 @@ static void clean_exit(fko_ctx_t ctx, fko_cli_options_t *opts,
61 67
 int
62 68
 main(int argc, char **argv)
63 69
 {
64  
-    fko_ctx_t           ctx = NULL, ctx2 = NULL;
  70
+    fko_ctx_t           ctx = NULL;
  71
+    fko_ctx_t           ctx2 = NULL;
65 72
     int                 res;
66 73
     char               *spa_data, *version;
67 74
     char                access_buf[MAX_LINE_LEN] = {0};
68 75
     char                key[MAX_KEY_LEN+1]       = {0};
69 76
     char                hmac_key[MAX_KEY_LEN+1]  = {0};
70  
-    int                 key_len = 0, hmac_key_len = 0;
  77
+    int                 key_len = 0, hmac_key_len = 0, enc_mode;
71 78
     FILE               *key_gen_file_ptr = NULL;
72 79
 
73 80
     fko_cli_options_t   options;
@@ -402,6 +409,17 @@ main(int argc, char **argv)
402 409
             return(EXIT_FAILURE);
403 410
         }
404 411
 
  412
+        /* Pull the encryption mode.
  413
+        */
  414
+        res = fko_get_spa_encryption_mode(ctx, &enc_mode);
  415
+        if(res != FKO_SUCCESS)
  416
+        {
  417
+            errmsg("fko_get_spa_encryption_mode", res);
  418
+            fko_destroy(ctx);
  419
+            fko_destroy(ctx2);
  420
+            return(EXIT_FAILURE);
  421
+        }
  422
+
405 423
         /* If gpg-home-dir is specified, we have to defer decrypting if we
406 424
          * use the fko_new_with_data() function because we need to set the
407 425
          * gpg home dir after the context is created, but before we attempt
@@ -411,7 +429,7 @@ main(int argc, char **argv)
411 429
          * options, then decode it.
412 430
         */
413 431
         res = fko_new_with_data(&ctx2, spa_data, NULL,
414  
-            0, ctx->encryption_mode, hmac_key, hmac_key_len);
  432
+            0, enc_mode, hmac_key, hmac_key_len);
415 433
         if(res != FKO_SUCCESS)
416 434
         {
417 435
             errmsg("fko_new_with_data", res);
@@ -420,7 +438,7 @@ main(int argc, char **argv)
420 438
             return(EXIT_FAILURE);
421 439
         }
422 440
 
423  
-        res = fko_set_spa_encryption_mode(ctx2, ctx->encryption_mode);
  441
+        res = fko_set_spa_encryption_mode(ctx2, enc_mode);
424 442
         if(res != FKO_SUCCESS)
425 443
         {
426 444
             errmsg("fko_set_spa_encryption_mode", res);
@@ -919,7 +937,7 @@ get_keys(fko_ctx_t ctx, fko_cli_options_t *options,
919 937
     {
920 938
         *hmac_key_len = fko_base64_decode(options->hmac_key_base64,
921 939
             (unsigned char *) options->hmac_key);
922  
-        memcpy(hmac_key, options->hmac_key, SHA256_BLOCK_LEN);
  940
+        memcpy(hmac_key, options->hmac_key, *hmac_key_len);
923 941
         use_hmac = 1;
924 942
     }
925 943
     else if (options->use_hmac)
1  client/fwknop_common.h
@@ -32,6 +32,7 @@
32 32
 #define FWKNOP_COMMON_H
33 33
 
34 34
 #include "common.h"
  35
+#include "fko_limits.h"
35 36
 
36 37
 /* My Name and Version
37 38
 */
3  client/utils.h
@@ -42,7 +42,4 @@ int is_base64(const unsigned char *buf, const unsigned short int len);
42 42
 int set_file_perms(const char *file);
43 43
 int verify_file_perms_ownership(const char *file);
44 44
 
45  
-size_t strlcat(char *dst, const char *src, size_t siz);
46  
-size_t strlcpy(char *dst, const char *src, size_t siz);
47  
-
48 45
 #endif  /* UTILS_H */
1  common/common.h
@@ -100,6 +100,7 @@
100 100
 
101 101
 #include "fko.h"
102 102
 #include "fko_limits.h"
  103
+#include "fko_util.h"
103 104
 
104 105
 /* Get our program version from VERSION (defined in config.h).
105 106
 */
2  configure.ac
@@ -11,7 +11,7 @@ AC_PREREQ(2.62)
11 11
 
12 12
 dnl Define our name, version and email.
13 13
 m4_define(my_package,   [fwknop])
14  
-m4_define(my_version,   [2.0.4])
  14
+m4_define(my_version,   [2.5.0b])
15 15
 m4_define(my_bug_email, [dstuart@dstuart.org])
16 16
 
17 17
 AC_INIT(my_package, my_version, my_bug_email)
1  lib/base64.c
@@ -31,6 +31,7 @@
31 31
  *****************************************************************************
32 32
 */
33 33
 #include "base64.h"
  34
+#include "fko_common.h"
34 35
 
35 36
 static unsigned char map2[] =
36 37
 {
2  lib/base64.h
@@ -31,8 +31,6 @@
31 31
 #ifndef BASE64_H
32 32
 #define BASE64_H 1
33 33
 
34  
-#include "fko_common.h"
35  
-
36 34
 /* Prototypes
37 35
 */
38 36
 int b64_encode(unsigned char *in, char *out, int in_len);
1  lib/cipher_funcs.c
@@ -39,6 +39,7 @@
39 39
   #include <sys/time.h>
40 40
 #endif
41 41
 
  42
+#include "fko_common.h"
42 43
 #include "cipher_funcs.h"
43 44
 #include "digest.h"
44 45
 
2  lib/cipher_funcs.h
@@ -31,7 +31,7 @@
31 31
 #ifndef CIPHER_FUNCS_H
32 32
 #define CIPHER_FUNCS_H 1
33 33
 
34  
-#include "fko_common.h"
  34
+#include "fko.h"
35 35
 #include "rijndael.h"
36 36
 #include "gpgme_funcs.h"
37 37
 
2  lib/digest.c
@@ -28,9 +28,11 @@
28 28
  *
29 29
  *****************************************************************************
30 30
 */
  31
+#include "fko_common.h"
31 32
 #include "digest.h"
32 33
 #include "base64.h"
33 34
 
  35
+
34 36
 /* Convert a raw digest into its hex string representation.
35 37
 */
36 38
 static void
10  lib/digest.h
@@ -31,8 +31,6 @@
31 31
 #ifndef DIGEST_H
32 32
 #define DIGEST_H 1
33 33
 
34  
-#include "fko_common.h"
35  
-
36 34
 #include "md5.h"
37 35
 #include "sha1.h"
38 36
 #include "sha2.h"
@@ -41,14 +39,6 @@
41 39
 */
42 40
 #define MD_HEX_SIZE(x) x * 2
43 41
 
44  
-/* Predefined base64 encoded digest sizes.
45  
-*/
46  
-#define MD5_B64_LEN      22
47  
-#define SHA1_B64_LEN     27
48  
-#define SHA256_B64_LEN   43
49  
-#define SHA384_B64_LEN   64
50  
-#define SHA512_B64_LEN   86
51  
-
52 42
 void md5(unsigned char* out, unsigned char* in, size_t size);
53 43
 void md5_hex(char* out, unsigned char* in, size_t size);
54 44
 void md5_base64(char* out, unsigned char* in, size_t size);
15  lib/fko.h
@@ -33,9 +33,6 @@
33 33
 
34 34
 #include <time.h>
35 35
 
36  
-#include "rijndael.h"   /* For encryption modes */
37  
-#include "digest.h"
38  
-
39 36
 #ifdef __cplusplus
40 37
 extern "C" {
41 38
 #endif
@@ -111,12 +108,12 @@ typedef enum {
111 108
 */
112 109
 typedef enum {
113 110
     FKO_ENC_MODE_UNKNOWN = 0,
114  
-    FKO_ENC_MODE_ECB  = MODE_ECB,
115  
-    FKO_ENC_MODE_CBC  = MODE_CBC,
116  
-    FKO_ENC_MODE_CFB  = MODE_CFB,
117  
-    FKO_ENC_MODE_PCBC = MODE_PCBC,
118  
-    FKO_ENC_MODE_OFB  = MODE_OFB,
119  
-    FKO_ENC_MODE_CTR  = MODE_CTR,
  111
+    FKO_ENC_MODE_ECB, //  = MODE_ECB,
  112
+    FKO_ENC_MODE_CBC, //  = MODE_CBC,
  113
+    FKO_ENC_MODE_CFB, //  = MODE_CFB,
  114
+    FKO_ENC_MODE_PCBC, // = MODE_PCBC,
  115
+    FKO_ENC_MODE_OFB, //  = MODE_OFB,
  116
+    FKO_ENC_MODE_CTR, //  = MODE_CTR,
120 117
     FKO_ENC_MODE_ASYMMETRIC,  /* placeholder when GPG is used */
121 118
     FKO_ENC_MODE_CBC_LEGACY_IV,  /* for the old zero-padding strategy */
122 119
     FKO_LAST_ENC_MODE /* Always leave this as the last one */
6  lib/fko_common.h
@@ -126,12 +126,6 @@
126 126
   #define END_C_DECLS
127 127
 #endif /* __cplusplus */
128 128
 
129  
-/* Pull in gpgme.h if we have it.
130  
-*/
131  
-#if HAVE_LIBGPGME
132  
-  #include <gpgme.h>
133  
-#endif
134  
-
135 129
 #include "fko_util.h"
136 130
 #include "fko_limits.h"
137 131
 #include "fko_state.h"
4  lib/fko_context.h
@@ -34,6 +34,10 @@
34 34
 #include "fko_common.h"
35 35
 
36 36
 #if HAVE_LIBGPGME
  37
+  #include <gpgme.h>
  38
+#endif
  39
+ 
  40
+#if HAVE_LIBGPGME
37 41
 /* Stucture to hold a list of the gpg signature information
38 42
  * we are interested in.
39 43
 */
35  lib/fko_encryption.c
@@ -32,6 +32,7 @@
32 32
 #include "fko.h"
33 33
 #include "cipher_funcs.h"
34 34
 #include "base64.h"
  35
+#include "digest.h"
35 36
 
36 37
 #if HAVE_LIBGPGME
37 38
   #include "gpgme_funcs.h"
@@ -54,8 +55,21 @@ _rijndael_encrypt(fko_ctx_t ctx, const char *enc_key, const int enc_key_len)
54 55
     if (! is_valid_encoded_msg_len(ctx->encoded_msg_len))
55 56
         return(FKO_ERROR_INVALID_DATA);
56 57
 
57  
-    if (! is_valid_digest_len(ctx->digest_len))
58  
-        return(FKO_ERROR_INVALID_DATA);
  58
+    switch(ctx->digest_len)
  59
+    {
  60
+        case MD5_B64_LEN:
  61
+            break;
  62
+        case SHA1_B64_LEN:
  63
+            break;
  64
+        case SHA256_B64_LEN:
  65
+            break;
  66
+        case SHA384_B64_LEN:
  67
+            break;
  68
+        case SHA512_B64_LEN:
  69
+            break;
  70
+        default:
  71
+            return(FKO_ERROR_INVALID_DATA);
  72
+    }
59 73
 
60 74
     pt_len = ctx->encoded_msg_len + ctx->digest_len + RIJNDAEL_BLOCKSIZE + 2;
61 75
 
@@ -217,8 +231,21 @@ gpg_encrypt(fko_ctx_t ctx, const char *enc_key)
217 231
     if (! is_valid_encoded_msg_len(ctx->encoded_msg_len))
218 232
         return(FKO_ERROR_INVALID_DATA);
219 233
 
220  
-    if (! is_valid_digest_len(ctx->digest_len))
221  
-        return(FKO_ERROR_INVALID_DATA);
  234
+    switch(ctx->digest_len)
  235
+    {
  236
+        case MD5_B64_LEN:
  237
+            break;
  238
+        case SHA1_B64_LEN:
  239
+            break;
  240
+        case SHA256_B64_LEN:
  241
+            break;
  242
+        case SHA384_B64_LEN:
  243
+            break;
  244
+        case SHA512_B64_LEN:
  245
+            break;
  246
+        default:
  247
+            return(FKO_ERROR_INVALID_DATA);
  248
+    }
222 249
 
223 250
     /* First make sure we have a recipient key set.
224 251
     */
17  lib/fko_hmac.c
@@ -174,8 +174,21 @@ int fko_calculate_hmac(fko_ctx_t ctx,
174 174
 
175 175
     free(hmac_base64);
176 176
 
177  
-    if(! is_valid_digest_len(ctx->msg_hmac_len))
178  
-        return(FKO_ERROR_INVALID_DATA);
  177
+    switch(ctx->msg_hmac_len)
  178
+    {
  179
+        case MD5_B64_LEN:
  180
+            break;
  181
+        case SHA1_B64_LEN:
  182
+            break;
  183
+        case SHA256_B64_LEN:
  184
+            break;
  185
+        case SHA384_B64_LEN:
  186
+            break;
  187
+        case SHA512_B64_LEN:
  188
+            break;
  189
+        default:
  190
+            return(FKO_ERROR_INVALID_DATA);
  191
+    }
179 192
 
180 193
     return FKO_SUCCESS;
181 194
 }
25  lib/fko_util.c
@@ -30,6 +30,7 @@
30 30
 */
31 31
 #include "fko_common.h"
32 32
 #include "fko.h"
  33
+#include "fko_util.h"
33 34
 #include <errno.h>
34 35
 
35 36
 /* Validate encoded message length
@@ -54,30 +55,6 @@ is_valid_pt_msg_len(const int len)
54 55
     return(1);
55 56
 }
56 57
 
57  
-/* Validate digest length
58  
-*/
59  
-int
60  
-is_valid_digest_len(const int len)
61  
-{
62  
-    switch(len)
63  
-    {
64  
-        case MD5_B64_LEN:
65  
-            break;
66  
-        case SHA1_B64_LEN:
67  
-            break;
68  
-        case SHA256_B64_LEN:
69  
-            break;
70  
-        case SHA384_B64_LEN:
71  
-            break;
72  
-        case SHA512_B64_LEN:
73  
-            break;
74  
-        default:
75  
-            return(0);
76  
-    }
77  
-
78  
-    return(1);
79  
-}
80  
-
81 58
 int
82 59
 strtol_wrapper(const char * const str, const int min,
83 60
     const int max, const int exit_upon_err, int *err)
2  lib/fko_util.h
@@ -31,8 +31,6 @@
31 31
 #ifndef FKO_UTIL_H
32 32
 #define FKO_UTIL_H 1
33 33
 
34  
-#include "fko_common.h"
35  
-
36 34
 /* Function prototypes
37 35
 */
38 36
 int is_valid_encoded_msg_len(const int len);
5  lib/gpgme_funcs.h
@@ -31,7 +31,10 @@
31 31
 #ifndef GPGME_FUNCS_H
32 32
 #define GPGME_FUNCS_H 1
33 33
 
34  
-#include "fko_common.h"
  34
+#if HAVE_LIBGPGME
  35
+  #include <gpgme.h>
  36
+#endif
  37
+
35 38
 #include "fko.h"
36 39
 
37 40
 int gpgme_encrypt(fko_ctx_t ctx, unsigned char *in, size_t len, const char *pw, unsigned char **out, size_t *out_len);
3  lib/md5.h
@@ -35,9 +35,10 @@
35 35
 #ifndef MD5_H
36 36
 #define MD5_H 1
37 37
 
38  
-#include "fko_common.h"
  38
+#include "common.h"
39 39
 
40 40
 #define MD5_DIGEST_LEN 16
  41
+#define MD5_B64_LEN    22
41 42
 
42 43
 typedef struct _MD5Context {
43 44
         uint32_t buf[4];
1  lib/rijndael.c
@@ -28,6 +28,7 @@
28 28
  *
29 29
  *****************************************************************************
30 30
 */
  31
+#include "fko_common.h"
31 32
 #include "rijndael.h"
32 33
 #include <stdlib.h>
33 34
 #include <string.h>
3  lib/rijndael.h
@@ -33,11 +33,10 @@
33 33
  * 128, 192, or 256 bits, designed by Joan Daemen and Vincent Rijmen.  See
34 34
  * http://www.esat.kuleuven.ac.be/~rijmen/rijndael/ for details.
35 35
  */
36  
-
37 36
 #ifndef RIJNDAEL_H
38 37
 #define RIJNDAEL_H 1
39 38
 
40  
-#include "fko_common.h"
  39
+#include "common.h"
41 40
 
42 41
 /* Other block sizes and key lengths are possible, but in the context of
43 42
  * the ssh protocols, 256 bits is the default.
3  lib/sha1.h
@@ -32,7 +32,7 @@
32 32
 #ifndef SHA1_H
33 33
 #define SHA1_H 1
34 34
 
35  
-#include "fko_common.h"
  35
+#include "common.h"
36 36
 
37 37
 #ifdef WIN32
38 38
   #define BYTEORDER 1234
@@ -46,6 +46,7 @@
46 46
 
47 47
 #define SHA1_BLOCKSIZE      64
48 48
 #define SHA1_DIGEST_LEN     20
  49
+#define SHA1_B64_LEN        27
49 50
 
50 51
 typedef struct {
51 52
     uint32_t    digest[8];
5  lib/sha2.h
@@ -43,7 +43,7 @@
43 43
 extern "C" {
44 44
 #endif
45 45
 
46  
-#include "fko_common.h"
  46
+#include "common.h"
47 47
 
48 48
 /*
49 49
  * Import u_intXX_t size_t type definitions from system headers.  You
@@ -70,12 +70,15 @@ extern "C" {
70 70
 #define SHA256_BLOCK_LEN        64
71 71
 #define SHA256_DIGEST_LEN       32
72 72
 #define SHA256_DIGEST_STR_LEN   (SHA256_DIGEST_LEN * 2 + 1)
  73
+#define SHA256_B64_LEN          43
73 74
 #define SHA384_BLOCK_LEN        128
74 75
 #define SHA384_DIGEST_LEN       48
75 76
 #define SHA384_DIGEST_STR_LEN   (SHA384_DIGEST_LEN * 2 + 1)
  77
+#define SHA384_B64_LEN          64
76 78
 #define SHA512_BLOCK_LEN        128
77 79
 #define SHA512_DIGEST_LEN       64
78 80
 #define SHA512_DIGEST_STR_LEN   (SHA512_DIGEST_LEN * 2 + 1)
  81
+#define SHA512_B64_LEN          86
79 82
 
80 83
 
81 84
 /*** SHA-256/384/512 Context Structures *******************************/
1  server/access.c
@@ -40,6 +40,7 @@
40 40
 #include "access.h"
41 41
 #include "utils.h"
42 42
 #include "log_msg.h"
  43
+#include "rijndael.h"
43 44
 
44 45
 /* Add an access string entry
45 46
 */
1  server/incoming_spa.c
@@ -43,6 +43,7 @@
43 43
 #include "fw_util.h"
44 44
 #include "fwknopd_errors.h"
45 45
 #include "replay_cache.h"
  46
+#include "rijndael.h"
46 47
 
47 48
 /* Validate and in some cases preprocess/reformat the SPA data.  Return an
48 49
  * error code value if there is any indication the data is not valid spa data.
3  server/utils.h
@@ -64,7 +64,4 @@ int is_base64(const unsigned char *buf, const unsigned short int len);
64 64
 int is_valid_dir(const char *path);
65 65
 int verify_file_perms_ownership(const char *file);
66 66
 
67  
-size_t strlcat(char *dst, const char *src, size_t siz);
68  
-size_t strlcpy(char *dst, const char *src, size_t siz);
69  
-
70 67
 #endif  /* UTILS_H */

0 notes on commit 6ecf81b

Please sign in to comment.
Something went wrong with that request. Please try again.