sign.c revision 1.8
1 1.8 rillig /* $NetBSD: sign.c,v 1.8 2021/11/27 22:30:26 rillig Exp $ */ 2 1.1 christos 3 1.1 christos /*- 4 1.1 christos * Copyright (c) 2008 The NetBSD Foundation, Inc. 5 1.1 christos * All rights reserved. 6 1.1 christos * 7 1.1 christos * This code is derived from software contributed to The NetBSD Foundation 8 1.1 christos * by Martin Schtte. 9 1.1 christos * 10 1.1 christos * Redistribution and use in source and binary forms, with or without 11 1.1 christos * modification, are permitted provided that the following conditions 12 1.1 christos * are met: 13 1.1 christos * 1. Redistributions of source code must retain the above copyright 14 1.1 christos * notice, this list of conditions and the following disclaimer. 15 1.1 christos * 2. Redistributions in binary form must reproduce the above copyright 16 1.1 christos * notice, this list of conditions and the following disclaimer in the 17 1.1 christos * documentation and/or other materials provided with the distribution. 18 1.1 christos * 3. All advertising materials mentioning features or use of this software 19 1.1 christos * must display the following acknowledgement: 20 1.1 christos * This product includes software developed by the NetBSD 21 1.1 christos * Foundation, Inc. and its contributors. 22 1.1 christos * 4. Neither the name of The NetBSD Foundation nor the names of its 23 1.1 christos * contributors may be used to endorse or promote products derived 24 1.1 christos * from this software without specific prior written permission. 25 1.1 christos * 26 1.1 christos * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 27 1.1 christos * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 28 1.1 christos * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 29 1.1 christos * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 30 1.1 christos * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 31 1.1 christos * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 32 1.1 christos * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 33 1.1 christos * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 34 1.1 christos * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 35 1.1 christos * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 36 1.1 christos * POSSIBILITY OF SUCH DAMAGE. 37 1.1 christos */ 38 1.1 christos /* 39 1.1 christos * sign.c 40 1.1 christos * syslog-sign related code for syslogd 41 1.1 christos * 42 1.1 christos * Martin Schtte 43 1.1 christos */ 44 1.2 minskim /* 45 1.2 minskim * Issues with the current internet draft: 46 1.1 christos * 1. The draft is a bit unclear on the input format for the signature, 47 1.1 christos * so this might have to be changed later. Cf. sign_string_sign() 48 1.1 christos * 2. The draft only defines DSA signatures. I hope it will be extended 49 1.1 christos * to DSS, thus allowing DSA, RSA (ANSI X9.31) and ECDSA (ANSI X9.62) 50 1.1 christos * 3. The draft does not define the data format for public keys in CBs. 51 1.1 christos * This implementation sends public keys in DER encoding. 52 1.1 christos * 4. This current implementation uses high-level OpenSSL API. 53 1.1 christos * I am not sure if these completely implement the FIPS/ANSI standards. 54 1.1 christos * Update after WG discussion in August: 55 1.1 christos * 1. check; next draft will be clearer and specify the format as implemented. 56 1.1 christos * 2. check; definitely only DSA in this version. 57 1.1 christos * 3. remains a problem, so far no statement from authors or WG. 58 1.7 christos * 4. check; used EVP_sha1 method implements FIPS. 59 1.1 christos */ 60 1.2 minskim /* 61 1.1 christos * Limitations of this implementation: 62 1.1 christos * - cannot use OpenPGP keys, only PKIX or DSA due to OpenSSL capabilities 63 1.1 christos * - only works for correctly formatted messages, because incorrect messages 64 1.1 christos * are reformatted (e.g. if it receives a message with two spaces between 65 1.1 christos * fields it might even be parsed, but the output will have only one space). 66 1.1 christos */ 67 1.1 christos 68 1.1 christos #include <sys/cdefs.h> 69 1.8 rillig __RCSID("$NetBSD: sign.c,v 1.8 2021/11/27 22:30:26 rillig Exp $"); 70 1.2 minskim 71 1.1 christos #ifndef DISABLE_SIGN 72 1.1 christos #include "syslogd.h" 73 1.1 christos #ifndef DISABLE_TLS 74 1.1 christos #include "tls.h" 75 1.1 christos #endif /* !DISABLE_TLS */ 76 1.1 christos #include "sign.h" 77 1.1 christos #include "extern.h" 78 1.1 christos 79 1.1 christos /* 80 1.2 minskim * init all SGs for a given algorithm 81 1.1 christos */ 82 1.1 christos bool 83 1.1 christos sign_global_init(struct filed *Files) 84 1.1 christos { 85 1.1 christos DPRINTF((D_CALL|D_SIGN), "sign_global_init()\n"); 86 1.1 christos if (!(GlobalSign.sg == 0 || GlobalSign.sg == 1 87 1.1 christos || GlobalSign.sg == 2 || GlobalSign.sg == 3)) { 88 1.1 christos logerror("sign_init(): invalid SG %d", GlobalSign.sg); 89 1.1 christos return false; 90 1.1 christos } 91 1.1 christos 92 1.1 christos if (!sign_get_keys()) 93 1.1 christos return false; 94 1.1 christos 95 1.1 christos /* signature algorithm */ 96 1.1 christos /* can probably be merged with the hash algorithm/context but 97 1.1 christos * I leave the optimization for later until the RFC is ready */ 98 1.1 christos GlobalSign.sigctx = EVP_MD_CTX_create(); 99 1.1 christos EVP_MD_CTX_init(GlobalSign.sigctx); 100 1.1 christos 101 1.1 christos /* the signature algorithm depends on the type of key */ 102 1.7 christos switch (EVP_PKEY_base_id(GlobalSign.pubkey)) { 103 1.7 christos case EVP_PKEY_DSA: 104 1.7 christos GlobalSign.sig = EVP_sha1(); 105 1.1 christos GlobalSign.sig_len_b64 = SIGN_B64SIGLEN_DSS; 106 1.7 christos break; 107 1.7 christos #ifdef notyet 108 1.7 christos /* this is the place to add non-DSA key types and algorithms */ 109 1.7 christos case EVP_PKEY_RSA: 110 1.1 christos GlobalSign.sig = EVP_sha1(); 111 1.1 christos GlobalSign.sig_len_b64 = 28; 112 1.7 christos break; 113 1.7 christos #endif 114 1.7 christos default: 115 1.1 christos logerror("key type not supported for syslog-sign"); 116 1.1 christos return false; 117 1.1 christos } 118 1.1 christos 119 1.1 christos assert(GlobalSign.keytype == 'C' || GlobalSign.keytype == 'K'); 120 1.1 christos assert(GlobalSign.pubkey_b64 && GlobalSign.privkey && 121 1.1 christos GlobalSign.pubkey); 122 1.2 minskim 123 1.1 christos GlobalSign.gbc = 0; 124 1.1 christos STAILQ_INIT(&GlobalSign.SigGroups); 125 1.1 christos 126 1.1 christos /* hash algorithm */ 127 1.1 christos OpenSSL_add_all_digests(); 128 1.1 christos GlobalSign.mdctx = EVP_MD_CTX_create(); 129 1.1 christos EVP_MD_CTX_init(GlobalSign.mdctx); 130 1.1 christos 131 1.1 christos /* values for SHA-1 */ 132 1.7 christos GlobalSign.md = EVP_sha1(); 133 1.1 christos GlobalSign.md_len_b64 = 28; 134 1.1 christos GlobalSign.ver = "0111"; 135 1.1 christos 136 1.1 christos if (!sign_sg_init(Files)) 137 1.1 christos return false; 138 1.1 christos sign_new_reboot_session(); 139 1.2 minskim 140 1.1 christos DPRINTF(D_SIGN, "length values: SIGN_MAX_SD_LENGTH %d, " 141 1.1 christos "SIGN_MAX_FRAG_LENGTH %d, SIGN_MAX_SB_LENGTH %d, " 142 1.1 christos "SIGN_MAX_HASH_NUM %d\n", SIGN_MAX_SD_LENGTH, 143 1.1 christos SIGN_MAX_FRAG_LENGTH, SIGN_MAX_SB_LENGTH, SIGN_MAX_HASH_NUM); 144 1.1 christos 145 1.1 christos /* set just before return, so it indicates initialization */ 146 1.1 christos GlobalSign.rsid = now; 147 1.1 christos return true; 148 1.1 christos } 149 1.1 christos 150 1.1 christos /* 151 1.1 christos * get keys for syslog-sign 152 1.1 christos * either from the X.509 certificate used for TLS 153 1.1 christos * or by generating a new one 154 1.2 minskim * 155 1.1 christos * sets the global variables 156 1.1 christos * GlobalSign.keytype, GlobalSign.pubkey_b64, 157 1.1 christos * GlobalSign.privkey, and GlobalSign.pubkey 158 1.1 christos */ 159 1.1 christos bool 160 1.5 christos sign_get_keys(void) 161 1.1 christos { 162 1.1 christos EVP_PKEY *pubkey = NULL, *privkey = NULL; 163 1.1 christos unsigned char *der_pubkey = NULL, *ptr_der_pubkey = NULL; 164 1.1 christos char *pubkey_b64 = NULL; 165 1.1 christos int der_len; 166 1.2 minskim 167 1.1 christos /* try PKIX/TLS key first */ 168 1.1 christos #ifndef DISABLE_TLS 169 1.1 christos SSL *ssl; 170 1.1 christos if (tls_opt.global_TLS_CTX 171 1.1 christos && (ssl = SSL_new(tls_opt.global_TLS_CTX))) { 172 1.1 christos X509 *cert; 173 1.1 christos DPRINTF(D_SIGN, "Try to get keys from TLS X.509 cert...\n"); 174 1.2 minskim 175 1.1 christos if (!(cert = SSL_get_certificate(ssl))) { 176 1.1 christos logerror("SSL_get_certificate() failed"); 177 1.1 christos FREE_SSL(ssl); 178 1.1 christos return false; 179 1.1 christos } 180 1.1 christos if (!(privkey = SSL_get_privatekey(ssl))) { 181 1.1 christos logerror("SSL_get_privatekey() failed"); 182 1.1 christos FREE_SSL(ssl); 183 1.1 christos return false; 184 1.1 christos } 185 1.1 christos if (!(pubkey = X509_get_pubkey(cert))) { 186 1.1 christos logerror("X509_get_pubkey() failed"); 187 1.1 christos FREE_SSL(ssl); 188 1.1 christos return false; 189 1.1 christos } 190 1.1 christos /* note: 191 1.1 christos * - privkey is just a pointer into SSL_CTX and 192 1.1 christos * must not be changed nor be free()d 193 1.1 christos * - but pubkey has to be freed with EVP_PKEY_free() 194 1.1 christos */ 195 1.1 christos FREE_SSL(ssl); 196 1.1 christos 197 1.7 christos if (EVP_PKEY_DSA != EVP_PKEY_base_id(pubkey)) { 198 1.1 christos DPRINTF(D_SIGN, "X.509 cert has no DSA key\n"); 199 1.1 christos EVP_PKEY_free(pubkey); 200 1.1 christos privkey = NULL; 201 1.1 christos pubkey = NULL; 202 1.1 christos } else { 203 1.1 christos DPRINTF(D_SIGN, "Got public and private key " 204 1.1 christos "from X.509 --> use type PKIX\n"); 205 1.1 christos GlobalSign.keytype = 'C'; 206 1.1 christos GlobalSign.privkey = privkey; 207 1.1 christos GlobalSign.pubkey = pubkey; 208 1.2 minskim 209 1.1 christos /* base64 certificate encoding */ 210 1.1 christos der_len = i2d_X509(cert, NULL); 211 1.1 christos if (!(ptr_der_pubkey = der_pubkey = malloc(der_len)) 212 1.1 christos || !(pubkey_b64 = malloc(der_len*2))) { 213 1.1 christos free(der_pubkey); 214 1.1 christos logerror("malloc() failed"); 215 1.1 christos return false; 216 1.1 christos } 217 1.1 christos if (i2d_X509(cert, &ptr_der_pubkey) <= 0) { 218 1.1 christos logerror("i2d_X509() failed"); 219 1.1 christos return false; 220 1.1 christos } 221 1.1 christos b64_ntop(der_pubkey, der_len, pubkey_b64, der_len*2); 222 1.1 christos free(der_pubkey); 223 1.1 christos /* try to resize memory object as needed */ 224 1.1 christos GlobalSign.pubkey_b64 = realloc(pubkey_b64, 225 1.1 christos strlen(pubkey_b64)+1); 226 1.1 christos if (!GlobalSign.pubkey_b64) 227 1.1 christos GlobalSign.pubkey_b64 = pubkey_b64; 228 1.1 christos } 229 1.1 christos } 230 1.1 christos #endif /* !DISABLE_TLS */ 231 1.1 christos if (!(privkey && pubkey)) { /* PKIX not available --> generate key */ 232 1.1 christos DSA *dsa; 233 1.1 christos 234 1.1 christos DPRINTF(D_SIGN, "Unable to get keys from X.509 " 235 1.1 christos "--> use DSA with type 'K'\n"); 236 1.1 christos if (!(privkey = EVP_PKEY_new())) { 237 1.1 christos logerror("EVP_PKEY_new() failed"); 238 1.1 christos return false; 239 1.1 christos } 240 1.7 christos if ((dsa = DSA_new()) == NULL) { 241 1.7 christos logerror("DSA_new() failed"); 242 1.7 christos return false; 243 1.7 christos } 244 1.7 christos if (!DSA_generate_parameters_ex(dsa, SIGN_GENCERT_BITS, NULL, 0, 245 1.7 christos NULL, NULL, NULL)) { 246 1.7 christos logerror("DSA_generate_parameters_ex() failed"); 247 1.7 christos return false; 248 1.7 christos } 249 1.1 christos if (!DSA_generate_key(dsa)) { 250 1.1 christos logerror("DSA_generate_key() failed"); 251 1.1 christos return false; 252 1.1 christos } 253 1.1 christos if (!EVP_PKEY_assign_DSA(privkey, dsa)) { 254 1.1 christos logerror("EVP_PKEY_assign_DSA() failed"); 255 1.1 christos return false; 256 1.1 christos } 257 1.1 christos GlobalSign.keytype = 'K'; /* public/private keys used */ 258 1.1 christos GlobalSign.privkey = privkey; 259 1.1 christos GlobalSign.pubkey = privkey; 260 1.1 christos 261 1.1 christos /* pubkey base64 encoding */ 262 1.1 christos der_len = i2d_DSA_PUBKEY(dsa, NULL); 263 1.1 christos if (!(ptr_der_pubkey = der_pubkey = malloc(der_len)) 264 1.1 christos || !(pubkey_b64 = malloc(der_len*2))) { 265 1.1 christos free(der_pubkey); 266 1.1 christos logerror("malloc() failed"); 267 1.1 christos return false; 268 1.1 christos } 269 1.1 christos if (i2d_DSA_PUBKEY(dsa, &ptr_der_pubkey) <= 0) { 270 1.1 christos logerror("i2d_DSA_PUBKEY() failed"); 271 1.4 spz free(der_pubkey); 272 1.4 spz free(pubkey_b64); 273 1.1 christos return false; 274 1.1 christos } 275 1.1 christos b64_ntop(der_pubkey, der_len, pubkey_b64, der_len*2); 276 1.1 christos free(der_pubkey); 277 1.1 christos /* try to resize memory object as needed */ 278 1.1 christos GlobalSign.pubkey_b64 = realloc(pubkey_b64, 279 1.1 christos strlen(pubkey_b64) + 1); 280 1.1 christos if (!GlobalSign.pubkey_b64) 281 1.1 christos GlobalSign.pubkey_b64 = pubkey_b64; 282 1.1 christos } 283 1.1 christos return true; 284 1.1 christos } 285 1.1 christos 286 1.1 christos /* 287 1.2 minskim * init SGs 288 1.1 christos */ 289 1.1 christos bool 290 1.1 christos sign_sg_init(struct filed *Files) 291 1.1 christos { 292 1.1 christos struct signature_group_t *sg, *newsg, *last_sg; 293 1.1 christos struct filed_queue *fq; 294 1.1 christos struct string_queue *sqentry, *last_sqentry; 295 1.1 christos struct filed *f; 296 1.3 lukem unsigned int i; 297 1.1 christos 298 1.1 christos /* note on SG 1 and 2: 299 1.1 christos * it is assumed that redundant signature groups 300 1.1 christos * and especially signature groups without an associated 301 1.1 christos * destination are harmless. 302 1.1 christos * this currently holds true because sign_append_hash() 303 1.1 christos * is called from fprintlog(), so only actually used 304 1.1 christos * signature group get hashes and need memory for them 305 1.1 christos */ 306 1.1 christos /* possible optimization for SGs 1 and 2: 307 1.1 christos * use a struct signature_group_t *newsg[IETF_NUM_PRIVALUES] 308 1.1 christos * for direct group lookup 309 1.1 christos */ 310 1.1 christos 311 1.1 christos #define ALLOC_OR_FALSE(x) do { \ 312 1.1 christos if(!((x) = calloc(1, sizeof(*(x))))) { \ 313 1.1 christos logerror("Unable to allocate memory"); \ 314 1.1 christos return false; \ 315 1.1 christos } \ 316 1.8 rillig } while (0) 317 1.1 christos 318 1.1 christos #define ALLOC_SG(x) do { \ 319 1.1 christos ALLOC_OR_FALSE(x); \ 320 1.1 christos (x)->last_msg_num = 1; /* cf. section 4.2.5 */ \ 321 1.1 christos STAILQ_INIT(&(x)->hashes); \ 322 1.1 christos STAILQ_INIT(&(x)->files); \ 323 1.8 rillig } while (0) 324 1.1 christos 325 1.1 christos /* alloc(fq) and add to SGs file queue */ 326 1.1 christos #define ASSIGN_FQ() do { \ 327 1.1 christos ALLOC_OR_FALSE(fq); \ 328 1.1 christos fq->f = f; \ 329 1.1 christos f->f_sg = newsg; \ 330 1.1 christos DPRINTF(D_SIGN, "SG@%p <--> f@%p\n", newsg, f); \ 331 1.1 christos STAILQ_INSERT_TAIL(&newsg->files, fq, entries); \ 332 1.8 rillig } while (0) 333 1.1 christos 334 1.1 christos switch (GlobalSign.sg) { 335 1.1 christos case 0: 336 1.1 christos /* one SG, linked to all files */ 337 1.1 christos ALLOC_SG(newsg); 338 1.1 christos newsg->spri = 0; 339 1.1 christos for (f = Files; f; f = f->f_next) 340 1.1 christos ASSIGN_FQ(); 341 1.1 christos STAILQ_INSERT_TAIL(&GlobalSign.SigGroups, 342 1.1 christos newsg, entries); 343 1.1 christos break; 344 1.1 christos case 1: 345 1.1 christos /* every PRI gets one SG */ 346 1.1 christos for (i = 0; i < IETF_NUM_PRIVALUES; i++) { 347 1.1 christos int fac, prilev; 348 1.1 christos fac = LOG_FAC(i); 349 1.1 christos prilev = LOG_PRI(i); 350 1.1 christos ALLOC_SG(newsg); 351 1.1 christos newsg->spri = i; 352 1.1 christos 353 1.1 christos /* now find all destinations associated with this SG */ 354 1.1 christos for (f = Files; f; f = f->f_next) 355 1.1 christos /* check priorities */ 356 1.1 christos if (MATCH_PRI(f, fac, prilev)) 357 1.1 christos ASSIGN_FQ(); 358 1.1 christos STAILQ_INSERT_TAIL(&GlobalSign.SigGroups, 359 1.1 christos newsg, entries); 360 1.1 christos } 361 1.1 christos break; 362 1.1 christos case 2: 363 1.1 christos /* PRI ranges get one SG, boundaries given by the 364 1.1 christos * SPRI, indicating the largest PRI in the SG 365 1.2 minskim * 366 1.1 christos * either GlobalSign.sig2_delims has a list of 367 1.1 christos * user configured delimiters, or we use a default 368 1.1 christos * and set up one SG per facility 369 1.1 christos */ 370 1.1 christos if (STAILQ_EMPTY(&GlobalSign.sig2_delims)) { 371 1.1 christos DPRINTF(D_SIGN, "sign_sg_init(): set default " 372 1.1 christos "values for SG 2\n"); 373 1.1 christos for (i = 0; i < (IETF_NUM_PRIVALUES>>3); i++) { 374 1.1 christos ALLOC_OR_FALSE(sqentry); 375 1.1 christos sqentry->data = NULL; 376 1.1 christos sqentry->key = (i<<3); 377 1.1 christos STAILQ_INSERT_TAIL(&GlobalSign.sig2_delims, 378 1.1 christos sqentry, entries); 379 1.1 christos } 380 1.1 christos } 381 1.1 christos assert(!STAILQ_EMPTY(&GlobalSign.sig2_delims)); 382 1.1 christos 383 1.1 christos /* add one more group at the end */ 384 1.1 christos last_sqentry = STAILQ_LAST(&GlobalSign.sig2_delims, 385 1.1 christos string_queue, entries); 386 1.1 christos if (last_sqentry->key < IETF_NUM_PRIVALUES) { 387 1.1 christos ALLOC_OR_FALSE(sqentry); 388 1.1 christos sqentry->data = NULL; 389 1.1 christos sqentry->key = IETF_NUM_PRIVALUES-1; 390 1.1 christos STAILQ_INSERT_TAIL(&GlobalSign.sig2_delims, 391 1.1 christos sqentry, entries); 392 1.1 christos } 393 1.1 christos 394 1.1 christos STAILQ_FOREACH(sqentry, &GlobalSign.sig2_delims, entries) { 395 1.3 lukem unsigned int min_pri = 0; 396 1.1 christos ALLOC_SG(newsg); 397 1.1 christos newsg->spri = sqentry->key; 398 1.1 christos 399 1.1 christos /* check _all_ priorities in SG */ 400 1.1 christos last_sg = STAILQ_LAST(&GlobalSign.SigGroups, 401 1.1 christos signature_group_t, entries); 402 1.1 christos if (last_sg) 403 1.1 christos min_pri = last_sg->spri + 1; 404 1.1 christos 405 1.1 christos DPRINTF(D_SIGN, "sign_sg_init(): add SG@%p: SG=\"2\"," 406 1.1 christos " SPRI=\"%d\" -- for msgs with " 407 1.1 christos "%d <= pri <= %d\n", 408 1.1 christos newsg, newsg->spri, min_pri, newsg->spri); 409 1.1 christos /* now find all destinations associated with this SG */ 410 1.1 christos for (f = Files; f; f = f->f_next) { 411 1.1 christos bool match = false; 412 1.1 christos for (i = min_pri; i <= newsg->spri; i++) { 413 1.1 christos int fac, prilev; 414 1.1 christos fac = LOG_FAC(i); 415 1.1 christos prilev = LOG_PRI(i); 416 1.1 christos if (MATCH_PRI(f, fac, prilev)) { 417 1.1 christos match = true; 418 1.1 christos break; 419 1.1 christos } 420 1.1 christos } 421 1.1 christos if (match) 422 1.1 christos ASSIGN_FQ(); 423 1.1 christos } 424 1.1 christos STAILQ_INSERT_TAIL(&GlobalSign.SigGroups, 425 1.1 christos newsg, entries); 426 1.1 christos } 427 1.1 christos break; 428 1.1 christos case 3: 429 1.1 christos /* every file (with flag) gets one SG */ 430 1.1 christos for (f = Files; f; f = f->f_next) { 431 1.1 christos if (!(f->f_flags & FFLAG_SIGN)) { 432 1.1 christos f->f_sg = NULL; 433 1.1 christos continue; 434 1.1 christos } 435 1.1 christos ALLOC_SG(newsg); 436 1.1 christos newsg->spri = f->f_file; /* not needed but shows SGs */ 437 1.1 christos ASSIGN_FQ(); 438 1.1 christos STAILQ_INSERT_TAIL(&GlobalSign.SigGroups, 439 1.1 christos newsg, entries); 440 1.1 christos } 441 1.1 christos break; 442 1.1 christos } 443 1.1 christos DPRINTF((D_PARSE|D_SIGN), "sign_sg_init() set up these " 444 1.1 christos "Signature Groups:\n"); 445 1.1 christos STAILQ_FOREACH(sg, &GlobalSign.SigGroups, entries) { 446 1.1 christos DPRINTF((D_PARSE|D_SIGN), "SG@%p with SG=\"%d\", SPRI=\"%d\"," 447 1.1 christos " associated files:\n", sg, GlobalSign.sg, sg->spri); 448 1.1 christos STAILQ_FOREACH(fq, &sg->files, entries) { 449 1.1 christos DPRINTF((D_PARSE|D_SIGN), " f@%p with type %d\n", 450 1.1 christos fq->f, fq->f->f_type); 451 1.1 christos } 452 1.1 christos } 453 1.1 christos return true; 454 1.1 christos } 455 1.1 christos 456 1.1 christos /* 457 1.2 minskim * free all SGs for a given algorithm 458 1.1 christos */ 459 1.1 christos void 460 1.5 christos sign_global_free(void) 461 1.1 christos { 462 1.1 christos struct signature_group_t *sg, *tmp_sg; 463 1.1 christos struct filed_queue *fq, *tmp_fq; 464 1.1 christos 465 1.1 christos DPRINTF((D_CALL|D_SIGN), "sign_global_free()\n"); 466 1.1 christos STAILQ_FOREACH_SAFE(sg, &GlobalSign.SigGroups, entries, tmp_sg) { 467 1.1 christos if (!STAILQ_EMPTY(&sg->hashes)) { 468 1.1 christos /* send CB and SB twice to get minimal redundancy 469 1.1 christos * for the last few message hashes */ 470 1.1 christos sign_send_certificate_block(sg); 471 1.1 christos sign_send_certificate_block(sg); 472 1.1 christos sign_send_signature_block(sg, true); 473 1.1 christos sign_send_signature_block(sg, true); 474 1.1 christos sign_free_hashes(sg); 475 1.1 christos } 476 1.1 christos fq = STAILQ_FIRST(&sg->files); 477 1.1 christos while (fq != NULL) { 478 1.1 christos tmp_fq = STAILQ_NEXT(fq, entries); 479 1.1 christos free(fq); 480 1.1 christos fq = tmp_fq; 481 1.1 christos } 482 1.1 christos STAILQ_REMOVE(&GlobalSign.SigGroups, 483 1.1 christos sg, signature_group_t, entries); 484 1.1 christos free(sg); 485 1.1 christos } 486 1.1 christos sign_free_string_queue(&GlobalSign.sig2_delims); 487 1.1 christos 488 1.1 christos if (GlobalSign.privkey) { 489 1.1 christos GlobalSign.privkey = NULL; 490 1.1 christos } 491 1.1 christos if (GlobalSign.pubkey) { 492 1.1 christos EVP_PKEY_free(GlobalSign.pubkey); 493 1.1 christos GlobalSign.pubkey = NULL; 494 1.2 minskim } 495 1.1 christos if(GlobalSign.mdctx) { 496 1.1 christos EVP_MD_CTX_destroy(GlobalSign.mdctx); 497 1.1 christos GlobalSign.mdctx = NULL; 498 1.1 christos } 499 1.1 christos if(GlobalSign.sigctx) { 500 1.1 christos EVP_MD_CTX_destroy(GlobalSign.sigctx); 501 1.1 christos GlobalSign.sigctx = NULL; 502 1.1 christos } 503 1.1 christos FREEPTR(GlobalSign.pubkey_b64); 504 1.1 christos } 505 1.1 christos 506 1.1 christos /* 507 1.1 christos * create and send certificate block 508 1.1 christos */ 509 1.1 christos bool 510 1.1 christos sign_send_certificate_block(struct signature_group_t *sg) 511 1.1 christos { 512 1.1 christos struct filed_queue *fq; 513 1.1 christos struct buf_msg *buffer; 514 1.1 christos char *tstamp; 515 1.1 christos char payload[SIGN_MAX_PAYLOAD_LENGTH]; 516 1.1 christos char sd[SIGN_MAX_SD_LENGTH]; 517 1.1 christos size_t payload_len, sd_len, fragment_len; 518 1.1 christos size_t payload_index = 0; 519 1.1 christos 520 1.1 christos /* do nothing if CBs already sent or if there was no message in SG */ 521 1.1 christos if (!sg->resendcount 522 1.1 christos || ((sg->resendcount == SIGN_RESENDCOUNT_CERTBLOCK) 523 1.1 christos && STAILQ_EMPTY(&sg->hashes))) 524 1.1 christos return false; 525 1.1 christos 526 1.1 christos DPRINTF((D_CALL|D_SIGN), "sign_send_certificate_block(%p)\n", sg); 527 1.6 christos tstamp = make_timestamp(NULL, true, (size_t)-1); 528 1.1 christos 529 1.1 christos payload_len = snprintf(payload, sizeof(payload), "%s %c %s", tstamp, 530 1.1 christos GlobalSign.keytype, GlobalSign.pubkey_b64); 531 1.1 christos if (payload_len >= sizeof(payload)) { 532 1.1 christos DPRINTF(D_SIGN, "Buffer too small for syslog-sign setup\n"); 533 1.1 christos return false; 534 1.1 christos } 535 1.1 christos 536 1.1 christos while (payload_index < payload_len) { 537 1.1 christos if (payload_len - payload_index <= SIGN_MAX_FRAG_LENGTH) 538 1.1 christos fragment_len = payload_len - payload_index; 539 1.1 christos else 540 1.1 christos fragment_len = SIGN_MAX_FRAG_LENGTH; 541 1.1 christos 542 1.1 christos /* format SD */ 543 1.1 christos sd_len = snprintf(sd, sizeof(sd), "[ssign-cert " 544 1.1 christos "VER=\"%s\" RSID=\"%" PRIuFAST64 "\" SG=\"%d\" " 545 1.1 christos "SPRI=\"%d\" TBPL=\"%zu\" INDEX=\"%zu\" " 546 1.1 christos "FLEN=\"%zu\" FRAG=\"%.*s\" " 547 1.1 christos "SIGN=\"\"]", 548 1.1 christos GlobalSign.ver, GlobalSign.rsid, GlobalSign.sg, 549 1.1 christos sg->spri, payload_len, payload_index+1, 550 1.1 christos fragment_len, (int)fragment_len, 551 1.1 christos &payload[payload_index]); 552 1.1 christos assert(sd_len < sizeof(sd)); 553 1.1 christos assert(sd[sd_len] == '\0'); 554 1.1 christos assert(sd[sd_len-1] == ']'); 555 1.1 christos assert(sd[sd_len-2] == '"'); 556 1.2 minskim 557 1.1 christos if (!sign_msg_sign(&buffer, sd, sizeof(sd))) 558 1.1 christos return 0; 559 1.1 christos DPRINTF((D_CALL|D_SIGN), "sign_send_certificate_block(): " 560 1.1 christos "calling fprintlog()\n"); 561 1.1 christos 562 1.1 christos STAILQ_FOREACH(fq, &sg->files, entries) { 563 1.1 christos /* we have to preserve the f_prevcount */ 564 1.1 christos int tmpcnt; 565 1.1 christos tmpcnt = fq->f->f_prevcount; 566 1.1 christos fprintlog(fq->f, buffer, NULL); 567 1.1 christos fq->f->f_prevcount = tmpcnt; 568 1.1 christos } 569 1.1 christos sign_inc_gbc(); 570 1.1 christos DELREF(buffer); 571 1.1 christos payload_index += fragment_len; 572 1.1 christos } 573 1.1 christos sg->resendcount--; 574 1.1 christos return true; 575 1.1 christos } 576 1.1 christos 577 1.1 christos /* 578 1.1 christos * determine the SG for a message 579 1.1 christos * returns NULL if -sign not configured or no SG for this priority 580 1.1 christos */ 581 1.1 christos struct signature_group_t * 582 1.1 christos sign_get_sg(int pri, struct filed *f) 583 1.1 christos { 584 1.1 christos struct signature_group_t *sg, *rc = NULL; 585 1.2 minskim 586 1.1 christos if (GlobalSign.rsid && f) 587 1.1 christos switch (GlobalSign.sg) { 588 1.1 christos case 0: 589 1.1 christos rc = f->f_sg; 590 1.1 christos break; 591 1.1 christos case 1: 592 1.1 christos case 2: 593 1.1 christos STAILQ_FOREACH(sg, &GlobalSign.SigGroups, entries) { 594 1.3 lukem if (sg->spri >= (unsigned int)pri) { 595 1.1 christos rc = sg; 596 1.1 christos break; 597 1.1 christos } 598 1.1 christos } 599 1.1 christos break; 600 1.1 christos case 3: 601 1.1 christos if (f->f_flags & FFLAG_SIGN) 602 1.1 christos rc = f->f_sg; 603 1.1 christos else 604 1.1 christos rc = NULL; 605 1.1 christos break; 606 1.1 christos } 607 1.1 christos 608 1.1 christos DPRINTF((D_CALL|D_SIGN), "sign_get_sg(%d, %p) --> %p\n", pri, f, rc); 609 1.1 christos return rc; 610 1.1 christos } 611 1.1 christos 612 1.1 christos /* 613 1.1 christos * create and send signature block 614 1.2 minskim * 615 1.1 christos * uses a sliding window for redundancy 616 1.1 christos * if force==true then simply send all available hashes, e.g. on shutdown 617 1.2 minskim * 618 1.1 christos * sliding window checks implicitly assume that new hashes are appended 619 1.1 christos * to the SG between two calls. if that is not the case (e.g. with repeated 620 1.1 christos * messages) the queue size will shrink. 621 1.1 christos * this has no negative consequences except generating more and shorter SBs 622 1.1 christos * than expected and confusing the operator because two consecutive SBs will 623 1.1 christos * have same FMNn 624 1.1 christos */ 625 1.1 christos unsigned 626 1.1 christos sign_send_signature_block(struct signature_group_t *sg, bool force) 627 1.1 christos { 628 1.1 christos char sd[SIGN_MAX_SD_LENGTH]; 629 1.1 christos size_t sd_len; 630 1.1 christos size_t sg_num_hashes = 0; /* hashes in SG queue */ 631 1.1 christos size_t hashes_in_sb = 0; /* number of hashes in current SB */ 632 1.1 christos size_t hashes_sent = 0; /* count of hashes sent */ 633 1.1 christos struct string_queue *qentry, *old_qentry; 634 1.1 christos struct buf_msg *buffer; 635 1.1 christos struct filed_queue *fq; 636 1.3 lukem size_t i; 637 1.1 christos 638 1.1 christos if (!sg) return 0; 639 1.1 christos DPRINTF((D_CALL|D_SIGN), "sign_send_signature_block(%p, %d)\n", 640 1.1 christos sg, force); 641 1.1 christos 642 1.1 christos STAILQ_FOREACH(qentry, &sg->hashes, entries) 643 1.1 christos sg_num_hashes++; 644 1.1 christos 645 1.1 christos /* only act if a division is full */ 646 1.1 christos if (!sg_num_hashes 647 1.1 christos || (!force && (sg_num_hashes % SIGN_HASH_DIVISION_NUM))) 648 1.1 christos return 0; 649 1.1 christos 650 1.1 christos /* if no CB sent so far then do now, just before first SB */ 651 1.1 christos if (sg->resendcount == SIGN_RESENDCOUNT_CERTBLOCK) 652 1.1 christos sign_send_certificate_block(sg); 653 1.2 minskim 654 1.1 christos /* shortly after reboot we have shorter SBs */ 655 1.1 christos hashes_in_sb = MIN(sg_num_hashes, SIGN_HASH_NUM); 656 1.2 minskim 657 1.1 christos DPRINTF(D_SIGN, "sign_send_signature_block(): " 658 1.1 christos "sg_num_hashes = %zu, hashes_in_sb = %zu, SIGN_HASH_NUM = %d\n", 659 1.1 christos sg_num_hashes, hashes_in_sb, SIGN_HASH_NUM); 660 1.1 christos if (sg_num_hashes > SIGN_HASH_NUM) { 661 1.1 christos DPRINTF(D_SIGN, "sign_send_signature_block(): sg_num_hashes" 662 1.1 christos " > SIGN_HASH_NUM -- This should not happen!\n"); 663 1.1 christos } 664 1.1 christos 665 1.1 christos /* now the SD */ 666 1.1 christos qentry = STAILQ_FIRST(&sg->hashes); 667 1.1 christos sd_len = snprintf(sd, sizeof(sd), "[ssign " 668 1.1 christos "VER=\"%s\" RSID=\"%" PRIuFAST64 "\" SG=\"%d\" " 669 1.1 christos "SPRI=\"%d\" GBC=\"%" PRIuFAST64 "\" FMN=\"%" PRIuFAST64 "\" " 670 1.1 christos "CNT=\"%zu\" HB=\"", 671 1.1 christos GlobalSign.ver, GlobalSign.rsid, GlobalSign.sg, 672 1.1 christos sg->spri, GlobalSign.gbc, qentry->key, 673 1.1 christos hashes_in_sb); 674 1.1 christos while (hashes_sent < hashes_in_sb) { 675 1.1 christos assert(qentry); 676 1.1 christos sd_len += snprintf(sd+sd_len, sizeof(sd)-sd_len, "%s ", 677 1.1 christos qentry->data); 678 1.1 christos hashes_sent++; 679 1.1 christos qentry = STAILQ_NEXT(qentry, entries); 680 1.1 christos } 681 1.1 christos /* overwrite last space and close SD */ 682 1.1 christos assert(sd_len < sizeof(sd)); 683 1.1 christos assert(sd[sd_len] == '\0'); 684 1.1 christos assert(sd[sd_len-1] == ' '); 685 1.1 christos sd[sd_len-1] = '\0'; 686 1.1 christos sd_len = strlcat(sd, "\" SIGN=\"\"]", sizeof(sd)); 687 1.1 christos 688 1.1 christos if (sign_msg_sign(&buffer, sd, sizeof(sd))) { 689 1.1 christos DPRINTF((D_CALL|D_SIGN), "sign_send_signature_block(): calling" 690 1.1 christos " fprintlog(), sending %zu out of %zu hashes\n", 691 1.1 christos MIN(SIGN_MAX_HASH_NUM, sg_num_hashes), sg_num_hashes); 692 1.2 minskim 693 1.1 christos STAILQ_FOREACH(fq, &sg->files, entries) { 694 1.1 christos int tmpcnt; 695 1.1 christos tmpcnt = fq->f->f_prevcount; 696 1.1 christos fprintlog(fq->f, buffer, NULL); 697 1.1 christos fq->f->f_prevcount = tmpcnt; 698 1.1 christos } 699 1.1 christos sign_inc_gbc(); 700 1.1 christos DELREF(buffer); 701 1.1 christos } 702 1.1 christos /* always drop the oldest division of hashes */ 703 1.1 christos if (sg_num_hashes >= SIGN_HASH_NUM) { 704 1.1 christos qentry = STAILQ_FIRST(&sg->hashes); 705 1.1 christos for (i = 0; i < SIGN_HASH_DIVISION_NUM; i++) { 706 1.1 christos old_qentry = qentry; 707 1.1 christos qentry = STAILQ_NEXT(old_qentry, entries); 708 1.1 christos STAILQ_REMOVE(&sg->hashes, old_qentry, 709 1.1 christos string_queue, entries); 710 1.1 christos FREEPTR(old_qentry->data); 711 1.1 christos FREEPTR(old_qentry); 712 1.1 christos } 713 1.1 christos } 714 1.1 christos return hashes_sent; 715 1.1 christos } 716 1.1 christos 717 1.1 christos void 718 1.1 christos sign_free_hashes(struct signature_group_t *sg) 719 1.1 christos { 720 1.1 christos DPRINTF((D_CALL|D_SIGN), "sign_free_hashes(%p)\n", sg); 721 1.1 christos sign_free_string_queue(&sg->hashes); 722 1.1 christos } 723 1.1 christos 724 1.1 christos void 725 1.1 christos sign_free_string_queue(struct string_queue_head *sqhead) 726 1.1 christos { 727 1.1 christos struct string_queue *qentry, *tmp_qentry; 728 1.2 minskim 729 1.1 christos DPRINTF((D_CALL|D_SIGN), "sign_free_string_queue(%p)\n", sqhead); 730 1.1 christos STAILQ_FOREACH_SAFE(qentry, sqhead, entries, tmp_qentry) { 731 1.1 christos STAILQ_REMOVE(sqhead, qentry, string_queue, entries); 732 1.1 christos FREEPTR(qentry->data); 733 1.1 christos free(qentry); 734 1.1 christos } 735 1.1 christos assert(STAILQ_EMPTY(sqhead)); 736 1.1 christos } 737 1.1 christos 738 1.1 christos /* 739 1.1 christos * hash one syslog message 740 1.1 christos */ 741 1.1 christos bool 742 1.1 christos sign_msg_hash(char *line, char **hash) 743 1.1 christos { 744 1.1 christos unsigned char md_value[EVP_MAX_MD_SIZE]; 745 1.1 christos unsigned char md_b64[EVP_MAX_MD_SIZE*2]; 746 1.1 christos /* TODO: exact expression for b64 length? */ 747 1.1 christos unsigned md_len = 0; 748 1.1 christos 749 1.1 christos DPRINTF((D_CALL|D_SIGN), "sign_msg_hash('%s')\n", line); 750 1.2 minskim 751 1.1 christos SSL_CHECK_ONE(EVP_DigestInit_ex(GlobalSign.mdctx, GlobalSign.md, NULL)); 752 1.1 christos SSL_CHECK_ONE(EVP_DigestUpdate(GlobalSign.mdctx, line, strlen(line))); 753 1.1 christos SSL_CHECK_ONE(EVP_DigestFinal_ex(GlobalSign.mdctx, md_value, &md_len)); 754 1.2 minskim 755 1.1 christos b64_ntop(md_value, md_len, (char *)md_b64, EVP_MAX_MD_SIZE*2); 756 1.1 christos *hash = strdup((char *)md_b64); 757 1.1 christos 758 1.1 christos DPRINTF((D_CALL|D_SIGN), "sign_msg_hash() --> \"%s\"\n", *hash); 759 1.1 christos return true; 760 1.1 christos } 761 1.1 christos 762 1.1 christos /* 763 1.1 christos * append hash to SG queue 764 1.1 christos */ 765 1.1 christos bool 766 1.1 christos sign_append_hash(char *hash, struct signature_group_t *sg) 767 1.1 christos { 768 1.1 christos struct string_queue *qentry; 769 1.1 christos 770 1.1 christos /* if one SG is shared by several destinations 771 1.1 christos * prevent duplicate entries */ 772 1.1 christos if ((qentry = STAILQ_LAST(&sg->hashes, string_queue, entries)) 773 1.1 christos && !strcmp(qentry->data, hash)) { 774 1.1 christos DPRINTF((D_CALL|D_SIGN), "sign_append_hash('%s', %p): " 775 1.1 christos "hash already in queue\n", hash, sg); 776 1.1 christos return false; 777 1.1 christos } 778 1.1 christos 779 1.1 christos MALLOC(qentry, sizeof(*qentry)); 780 1.1 christos qentry->key = sign_assign_msg_num(sg); 781 1.1 christos qentry->data = hash; 782 1.1 christos STAILQ_INSERT_TAIL(&sg->hashes, qentry, entries); 783 1.1 christos DPRINTF((D_CALL|D_SIGN), "sign_append_hash('%s', %p): " 784 1.1 christos "#%" PRIdFAST64 "\n", hash, sg, qentry->key); 785 1.1 christos return true; 786 1.1 christos } 787 1.1 christos 788 1.1 christos /* 789 1.1 christos * sign one syslog-sign message 790 1.2 minskim * 791 1.1 christos * requires a ssign or ssigt-cert SD element 792 1.1 christos * ending with ' SIGN=""]' in sd 793 1.1 christos * linesize is available memory (= sizeof(sd)) 794 1.2 minskim * 795 1.1 christos * function will calculate signature and return a new buffer 796 1.1 christos */ 797 1.1 christos bool 798 1.1 christos sign_msg_sign(struct buf_msg **bufferptr, char *sd, size_t linesize) 799 1.1 christos { 800 1.1 christos char *signature, *line; 801 1.1 christos size_t linelen, tlsprefixlen, endptr, newlinelen; 802 1.1 christos struct buf_msg *buffer; 803 1.1 christos 804 1.1 christos DPRINTF((D_CALL|D_SIGN), "sign_msg_sign()\n"); 805 1.1 christos endptr = strlen(sd); 806 1.1 christos 807 1.1 christos assert(endptr < linesize); 808 1.1 christos assert(sd[endptr] == '\0'); 809 1.1 christos assert(sd[endptr-1] == ']'); 810 1.1 christos assert(sd[endptr-2] == '"'); 811 1.1 christos 812 1.1 christos /* set up buffer */ 813 1.1 christos buffer = buf_msg_new(0); 814 1.6 christos buffer->timestamp = make_timestamp(NULL, !BSDOutputFormat, 0); 815 1.1 christos buffer->prog = appname; 816 1.1 christos buffer->pid = include_pid; 817 1.1 christos buffer->recvhost = buffer->host = LocalFQDN; 818 1.1 christos buffer->pri = 110; 819 1.1 christos buffer->flags = IGN_CONS|SIGN_MSG; 820 1.1 christos buffer->sd = sd; 821 1.1 christos 822 1.1 christos /* SD ready, now format and sign */ 823 1.1 christos if (!format_buffer(buffer, &line, &linelen, NULL, 824 1.1 christos &tlsprefixlen, NULL)) { 825 1.1 christos DPRINTF((D_CALL|D_SIGN), "sign_send_signature_block():" 826 1.1 christos " format_buffer() failed\n"); 827 1.1 christos buffer->sd = NULL; 828 1.1 christos DELREF(buffer); 829 1.1 christos return false; 830 1.1 christos } 831 1.1 christos if (!sign_string_sign(line+tlsprefixlen, &signature)) { 832 1.1 christos DPRINTF((D_CALL|D_SIGN), "sign_send_signature_block():" 833 1.1 christos " sign_string_sign() failed\n"); 834 1.1 christos buffer->sd = NULL; 835 1.1 christos DELREF(buffer); 836 1.1 christos FREEPTR(line); 837 1.1 christos return false; 838 1.1 christos } 839 1.1 christos FREEPTR(line); 840 1.1 christos sd[endptr-2] = '\0'; 841 1.1 christos newlinelen = strlcat(sd, signature, linesize); 842 1.1 christos newlinelen = strlcat(sd, "\"]", linesize); 843 1.2 minskim 844 1.1 christos if (newlinelen >= linesize) { 845 1.1 christos DPRINTF(D_SIGN, "sign_send_signature_block(): " 846 1.1 christos "buffer too small\n"); 847 1.1 christos buffer->sd = NULL; 848 1.1 christos DELREF(buffer); 849 1.1 christos return false; 850 1.1 christos } 851 1.1 christos assert(newlinelen < linesize); 852 1.1 christos assert(sd[newlinelen] == '\0'); 853 1.1 christos assert(sd[newlinelen-1] == ']'); 854 1.1 christos assert(sd[newlinelen-2] == '"'); 855 1.1 christos 856 1.1 christos buffer->sd = strdup(sd); 857 1.1 christos *bufferptr = buffer; 858 1.1 christos return true; 859 1.1 christos } 860 1.1 christos 861 1.1 christos /* 862 1.1 christos * sign one string 863 1.1 christos */ 864 1.1 christos bool 865 1.1 christos sign_string_sign(char *line, char **signature) 866 1.1 christos { 867 1.1 christos char buf[SIGN_MAX_LENGTH+1]; 868 1.1 christos unsigned char sig_value[SIGN_B64SIGLEN_DSS]; 869 1.1 christos unsigned char sig_b64[SIGN_B64SIGLEN_DSS]; 870 1.1 christos unsigned sig_len = 0; 871 1.1 christos char *p, *q; 872 1.2 minskim /* 873 1.1 christos * The signature is calculated over the completely formatted 874 1.1 christos * syslog-message, including all of the PRI, HEADER, and hashes 875 1.1 christos * in the hash block, excluding spaces between fields, and also 876 1.1 christos * excluding the signature field (SD Parameter Name "SIGN", "=", 877 1.1 christos * and corresponding value). 878 1.2 minskim * 879 1.1 christos * -- I am not quite sure which spaces are to be removed. 880 1.1 christos * Only the ones inside the "ssign" element or those between 881 1.1 christos * header fields as well? 882 1.1 christos */ 883 1.1 christos /* removes the string ' SIGN=""' */ 884 1.1 christos for (p = line, q = buf; 885 1.1 christos *p && (q - buf <= SIGN_MAX_LENGTH);) { 886 1.1 christos if (strncmp(p, " SIGN=\"\"", 8) == 0) 887 1.1 christos p += 8; 888 1.1 christos *q++ = *p++; 889 1.1 christos } 890 1.1 christos *q = '\0'; 891 1.1 christos 892 1.1 christos SSL_CHECK_ONE(EVP_SignInit(GlobalSign.sigctx, GlobalSign.sig)); 893 1.1 christos SSL_CHECK_ONE(EVP_SignUpdate(GlobalSign.sigctx, buf, q-buf)); 894 1.1 christos assert(GlobalSign.privkey); 895 1.1 christos SSL_CHECK_ONE(EVP_SignFinal(GlobalSign.sigctx, sig_value, &sig_len, 896 1.1 christos GlobalSign.privkey)); 897 1.2 minskim 898 1.1 christos b64_ntop(sig_value, sig_len, (char *)sig_b64, sizeof(sig_b64)); 899 1.1 christos *signature = strdup((char *)sig_b64); 900 1.1 christos 901 1.1 christos DPRINTF((D_CALL|D_SIGN), "sign_string_sign('%s') --> '%s'\n", 902 1.1 christos buf, *signature); 903 1.1 christos return *signature != NULL; 904 1.1 christos } 905 1.1 christos 906 1.1 christos void 907 1.5 christos sign_new_reboot_session(void) 908 1.1 christos { 909 1.1 christos struct signature_group_t *sg; 910 1.1 christos 911 1.1 christos DPRINTF((D_CALL|D_SIGN), "sign_new_reboot_session()\n"); 912 1.1 christos 913 1.1 christos /* global counters */ 914 1.1 christos GlobalSign.gbc = 0; 915 1.1 christos /* might be useful for later analysis: 916 1.1 christos * rebooted session IDs are sequential, 917 1.1 christos * normal IDs are almost always not */ 918 1.1 christos GlobalSign.rsid++; 919 1.1 christos 920 1.1 christos assert(GlobalSign.sg <= 3); 921 1.1 christos /* reset SGs */ 922 1.1 christos STAILQ_FOREACH(sg, &GlobalSign.SigGroups, entries) { 923 1.1 christos sg->resendcount = SIGN_RESENDCOUNT_CERTBLOCK; 924 1.1 christos sg->last_msg_num = 1; 925 1.1 christos } 926 1.1 christos } 927 1.1 christos 928 1.1 christos /* get msg_num, increment counter, check overflow */ 929 1.1 christos uint_fast64_t 930 1.1 christos sign_assign_msg_num(struct signature_group_t *sg) 931 1.1 christos { 932 1.1 christos uint_fast64_t old; 933 1.1 christos 934 1.1 christos old = sg->last_msg_num++; 935 1.1 christos if (sg->last_msg_num > SIGN_MAX_COUNT) 936 1.1 christos sign_new_reboot_session(); 937 1.1 christos return old; 938 1.1 christos } 939 1.1 christos 940 1.1 christos 941 1.1 christos /* increment gbc, check overflow */ 942 1.1 christos void 943 1.5 christos sign_inc_gbc(void) 944 1.1 christos { 945 1.1 christos if (++GlobalSign.gbc > SIGN_MAX_COUNT) 946 1.1 christos sign_new_reboot_session(); 947 1.1 christos } 948 1.1 christos #endif /* !DISABLE_SIGN */ 949
Indexes created Sun Sep 21 20:09:37 GMT 2025