diff options
author | David Walter Seikel | 2012-04-22 09:19:23 +1000 |
---|---|---|
committer | David Walter Seikel | 2012-04-22 09:19:23 +1000 |
commit | c963d75dfdeec11f82e79e727062fbf89afa2c04 (patch) | |
tree | 895633dbf641110be46f117c29890c49b3ffc0bd /libraries/eet/src/lib/eet_cipher.c | |
parent | Adding the new extantz viewer and grid manager. (diff) | |
download | SledjHamr-c963d75dfdeec11f82e79e727062fbf89afa2c04.zip SledjHamr-c963d75dfdeec11f82e79e727062fbf89afa2c04.tar.gz SledjHamr-c963d75dfdeec11f82e79e727062fbf89afa2c04.tar.bz2 SledjHamr-c963d75dfdeec11f82e79e727062fbf89afa2c04.tar.xz |
Update EFL to latest beta.
Diffstat (limited to '')
-rw-r--r-- | libraries/eet/src/lib/eet_cipher.c | 71 |
1 files changed, 58 insertions, 13 deletions
diff --git a/libraries/eet/src/lib/eet_cipher.c b/libraries/eet/src/lib/eet_cipher.c index 37a0899..2425e22 100644 --- a/libraries/eet/src/lib/eet_cipher.c +++ b/libraries/eet/src/lib/eet_cipher.c | |||
@@ -56,6 +56,9 @@ void *alloca(size_t); | |||
56 | 56 | ||
57 | #ifdef HAVE_CIPHER | 57 | #ifdef HAVE_CIPHER |
58 | # ifdef HAVE_GNUTLS | 58 | # ifdef HAVE_GNUTLS |
59 | # if defined EET_USE_NEW_PUBKEY_VERIFY_HASH || defined EET_USE_NEW_PRIVKEY_SIGN_DATA | ||
60 | # include <gnutls/abstract.h> | ||
61 | # endif | ||
59 | # include <gnutls/x509.h> | 62 | # include <gnutls/x509.h> |
60 | # include <gcrypt.h> | 63 | # include <gcrypt.h> |
61 | # else /* ifdef HAVE_GNUTLS */ | 64 | # else /* ifdef HAVE_GNUTLS */ |
@@ -497,6 +500,10 @@ eet_identity_sign(FILE *fp, | |||
497 | gnutls_datum_t datum = { NULL, 0 }; | 500 | gnutls_datum_t datum = { NULL, 0 }; |
498 | size_t sign_len = 0; | 501 | size_t sign_len = 0; |
499 | size_t cert_len = 0; | 502 | size_t cert_len = 0; |
503 | #ifdef EET_USE_NEW_PRIVKEY_SIGN_DATA | ||
504 | gnutls_datum_t signum = { NULL, 0 }; | ||
505 | gnutls_privkey_t privkey; | ||
506 | #endif | ||
500 | # else /* ifdef HAVE_GNUTLS */ | 507 | # else /* ifdef HAVE_GNUTLS */ |
501 | EVP_MD_CTX md_ctx; | 508 | EVP_MD_CTX md_ctx; |
502 | unsigned int sign_len = 0; | 509 | unsigned int sign_len = 0; |
@@ -528,6 +535,28 @@ eet_identity_sign(FILE *fp, | |||
528 | datum.size = st_buf.st_size; | 535 | datum.size = st_buf.st_size; |
529 | 536 | ||
530 | /* Get the signature length */ | 537 | /* Get the signature length */ |
538 | #ifdef EET_USE_NEW_PRIVKEY_SIGN_DATA | ||
539 | if (gnutls_privkey_init(&privkey) < 0) | ||
540 | { | ||
541 | err = EET_ERROR_SIGNATURE_FAILED; | ||
542 | goto on_error; | ||
543 | } | ||
544 | |||
545 | if (gnutls_privkey_import_x509(privkey, key->private_key, 0) < 0) | ||
546 | { | ||
547 | err = EET_ERROR_SIGNATURE_FAILED; | ||
548 | goto on_error; | ||
549 | } | ||
550 | |||
551 | if (gnutls_privkey_sign_data(privkey, GNUTLS_DIG_SHA1, 0, &datum, &signum) < 0) | ||
552 | { | ||
553 | err = EET_ERROR_SIGNATURE_FAILED; | ||
554 | goto on_error; | ||
555 | } | ||
556 | |||
557 | sign = signum.data; | ||
558 | sign_len = signum.size; | ||
559 | #else | ||
531 | if (gnutls_x509_privkey_sign_data(key->private_key, GNUTLS_DIG_SHA1, 0, | 560 | if (gnutls_x509_privkey_sign_data(key->private_key, GNUTLS_DIG_SHA1, 0, |
532 | &datum, sign, &sign_len) && | 561 | &datum, sign, &sign_len) && |
533 | !sign_len) | 562 | !sign_len) |
@@ -550,6 +579,7 @@ eet_identity_sign(FILE *fp, | |||
550 | 579 | ||
551 | goto on_error; | 580 | goto on_error; |
552 | } | 581 | } |
582 | #endif | ||
553 | 583 | ||
554 | /* Get the certificate length */ | 584 | /* Get the certificate length */ |
555 | if (gnutls_x509_crt_export(key->certificate, GNUTLS_X509_FMT_DER, cert, | 585 | if (gnutls_x509_crt_export(key->certificate, GNUTLS_X509_FMT_DER, cert, |
@@ -696,6 +726,10 @@ eet_identity_check(const void *data_base, | |||
696 | gnutls_datum_t datum; | 726 | gnutls_datum_t datum; |
697 | gnutls_datum_t signature; | 727 | gnutls_datum_t signature; |
698 | # if EET_USE_NEW_GNUTLS_API | 728 | # if EET_USE_NEW_GNUTLS_API |
729 | # if EET_USE_NEW_PUBKEY_VERIFY_HASH | ||
730 | gnutls_pubkey_t pubkey; | ||
731 | gnutls_digest_algorithm_t hash_algo; | ||
732 | # endif | ||
699 | unsigned char *hash; | 733 | unsigned char *hash; |
700 | gcry_md_hd_t md; | 734 | gcry_md_hd_t md; |
701 | int err; | 735 | int err; |
@@ -724,28 +758,32 @@ eet_identity_check(const void *data_base, | |||
724 | 758 | ||
725 | hash = gcry_md_read(md, GCRY_MD_SHA1); | 759 | hash = gcry_md_read(md, GCRY_MD_SHA1); |
726 | if (!hash) | 760 | if (!hash) |
727 | { | 761 | goto on_error; |
728 | gcry_md_close(md); | ||
729 | return NULL; | ||
730 | } | ||
731 | 762 | ||
732 | datum.size = gcry_md_get_algo_dlen(GCRY_MD_SHA1); | 763 | datum.size = gcry_md_get_algo_dlen(GCRY_MD_SHA1); |
733 | datum.data = hash; | 764 | datum.data = hash; |
734 | 765 | ||
766 | # ifdef EET_USE_NEW_PUBKEY_VERIFY_HASH | ||
767 | if (gnutls_pubkey_init(&pubkey) < 0) | ||
768 | goto on_error; | ||
769 | |||
770 | if (gnutls_pubkey_import_x509(pubkey, cert, 0) < 0) | ||
771 | goto on_error; | ||
772 | |||
773 | if (gnutls_pubkey_get_verify_algorithm(pubkey, &signature, &hash_algo) < 0) | ||
774 | goto on_error; | ||
775 | |||
776 | if (gnutls_pubkey_verify_hash(pubkey, 0, &datum, &signature) < 0) | ||
777 | goto on_error; | ||
778 | # else | ||
735 | if (!gnutls_x509_crt_verify_hash(cert, 0, &datum, &signature)) | 779 | if (!gnutls_x509_crt_verify_hash(cert, 0, &datum, &signature)) |
736 | { | 780 | goto on_error; |
737 | gcry_md_close(md); | 781 | # endif |
738 | return NULL; | ||
739 | } | ||
740 | 782 | ||
741 | if (sha1) | 783 | if (sha1) |
742 | { | 784 | { |
743 | *sha1 = malloc(datum.size); | 785 | *sha1 = malloc(datum.size); |
744 | if (!*sha1) | 786 | if (!*sha1) goto on_error; |
745 | { | ||
746 | gcry_md_close(md); | ||
747 | return NULL; | ||
748 | } | ||
749 | 787 | ||
750 | memcpy(*sha1, hash, datum.size); | 788 | memcpy(*sha1, hash, datum.size); |
751 | *sha1_length = datum.size; | 789 | *sha1_length = datum.size; |
@@ -818,6 +856,13 @@ eet_identity_check(const void *data_base, | |||
818 | *raw_signature_length = sign_len; | 856 | *raw_signature_length = sign_len; |
819 | 857 | ||
820 | return cert_der; | 858 | return cert_der; |
859 | # ifdef HAVE_GNUTLS | ||
860 | # if EET_USE_NEW_GNUTLS_API | ||
861 | on_error: | ||
862 | gcry_md_close(md); | ||
863 | return NULL; | ||
864 | # endif | ||
865 | # endif | ||
821 | #else /* ifdef HAVE_SIGNATURE */ | 866 | #else /* ifdef HAVE_SIGNATURE */ |
822 | data_base = NULL; | 867 | data_base = NULL; |
823 | data_length = 0; | 868 | data_length = 0; |