]> de.git.xonotic.org Git - xonotic/d0_blind_id.git/blobdiff - d0_bignum-openssl.c
fix d0_rijndael check
[xonotic/d0_blind_id.git] / d0_bignum-openssl.c
index da95c0bdd05441c0419c25077e3755d151c7502c..8b52eb28ae3db54492ae5df2001658696b30c5b2 100644 (file)
@@ -45,6 +45,7 @@
 #include <assert.h>
 #include <string.h>
 #include <openssl/bn.h>
+#include <openssl/crypto.h>
 
 // for stupid OpenSSL versions in Mac OS X
 #ifndef BN_is_negative
@@ -57,23 +58,122 @@ struct d0_bignum_s
        BIGNUM z;
 };
 
-// FIXME implement http://www.openssl.org/docs/crypto/threads.html
-
 static d0_bignum_t temp;
 static BN_CTX *ctx;
-static void *tempmutex = NULL; // hold this mutex when using ctx or temp
+static unsigned char numbuf[65536];
+static void *tempmutex = NULL; // hold this mutex when using ctx or temp or numbuf
 
 #include <time.h>
 #include <stdio.h>
 
+static void **locks;
+
+void locking_function(int mode, int l, const char *file, int line)
+{
+       void *m = locks[l];
+       if(mode & CRYPTO_LOCK)
+               d0_lockmutex(m);
+       else
+               d0_unlockmutex(m);
+}
+
+typedef struct CRYPTO_dynlock_value
+{
+       void *m;
+};
+
+struct CRYPTO_dynlock_value *dyn_create_function(const char *file, int line)
+{
+       return (struct CRYPTO_dynlock_value *) d0_createmutex();
+}
+
+void dyn_lock_function(int mode, struct CRYPTO_dynlock_value *l, const char *file, int line)
+{
+       void *m = (void *) l;
+       if(mode & CRYPTO_LOCK)
+               d0_lockmutex(m);
+       else
+               d0_unlockmutex(m);
+}
+
+void dyn_destroy_function(struct CRYPTO_dynlock_value *l, const char *file, int line)
+{
+       void *m = (void *) l;
+       d0_destroymutex(l);
+}
+
 D0_WARN_UNUSED_RESULT D0_BOOL d0_bignum_INITIALIZE(void)
 {
+       FILE *f;
+       D0_BOOL ret = 1;
+       unsigned char buf[256];
+       int i, n;
+
        tempmutex = d0_createmutex();
        d0_lockmutex(tempmutex);
 
+       n = CRYPTO_num_locks();
+       locks = d0_malloc(n * sizeof(*locks));
+       for(i = 0; i < n; ++i)
+               locks[i] = d0_createmutex();
+
+       CRYPTO_set_locking_callback(locking_function);
+       CRYPTO_set_dynlock_create_callback(dyn_create_function);
+       CRYPTO_set_dynlock_lock_callback(dyn_lock_function);
+       CRYPTO_set_dynlock_destroy_callback(dyn_destroy_function);
+
        ctx = BN_CTX_new();
        d0_bignum_init(&temp);
 
+#ifdef WIN32
+       {
+               HCRYPTPROV hCryptProv;
+               if(CryptAcquireContext(&hCryptProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))
+               {
+                       if(!CryptGenRandom(hCryptProv, sizeof(buf), (PBYTE) &buf[0]))
+                       {
+                               fprintf(stderr, "WARNING: could not initialize random number generator (CryptGenRandom failed)\n");
+                               ret = 0;
+                       }
+                       CryptReleaseContext(hCryptProv, 0);
+               }
+               else if(CryptAcquireContext(&hCryptProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_NEWKEYSET))
+               {
+                       if(!CryptGenRandom(hCryptProv, sizeof(buf), (PBYTE) &buf[0]))
+                       {
+                               fprintf(stderr, "WARNING: could not initialize random number generator (CryptGenRandom failed)\n");
+                               ret = 0;
+                       }
+                       CryptReleaseContext(hCryptProv, 0);
+               }
+               else
+               {
+                       fprintf(stderr, "WARNING: could not initialize random number generator (CryptAcquireContext failed)\n");
+                       ret = 0;
+               }
+       }
+#else
+       f = fopen("/dev/urandom", "rb");
+       if(!f)
+               f = fopen("/dev/random", "rb");
+       if(f)
+       {
+               setbuf(f, NULL);
+               if(fread(buf, sizeof(buf), 1, f) != 1)
+               {
+                       fprintf(stderr, "WARNING: could not initialize random number generator (read from random device failed)\n");
+                       ret = 0;
+               }
+               fclose(f);
+       }
+       else
+       {
+               fprintf(stderr, "WARNING: could not initialize random number generator (no random device found)\n");
+               ret = 0;
+       }
+#endif
+       RAND_add(buf, sizeof(buf), sizeof(buf));
+
        d0_unlockmutex(tempmutex);
 
        return 1;
@@ -82,12 +182,19 @@ D0_WARN_UNUSED_RESULT D0_BOOL d0_bignum_INITIALIZE(void)
 
 void d0_bignum_SHUTDOWN(void)
 {
+       int i, n;
+
        d0_lockmutex(tempmutex);
 
        d0_bignum_clear(&temp);
        BN_CTX_free(ctx);
        ctx = NULL;
 
+       n = CRYPTO_num_locks();
+       for(i = 0; i < n; ++i)
+               d0_destroymutex(locks[i]);
+       d0_free(locks);
+
        d0_unlockmutex(tempmutex);
        d0_destroymutex(tempmutex);
        tempmutex = NULL;
@@ -95,28 +202,48 @@ void d0_bignum_SHUTDOWN(void)
 
 D0_BOOL d0_iobuf_write_bignum(d0_iobuf_t *buf, const d0_bignum_t *bignum)
 {
-       static __thread unsigned char numbuf[65536];
+       D0_BOOL ret;
        size_t count = 0;
+
+       d0_lockmutex(tempmutex);
        numbuf[0] = BN_is_zero(&bignum->z) ? 0 : BN_is_negative(&bignum->z) ? 3 : 1;
        if((numbuf[0] & 3) != 0) // nonzero
        {
                count = BN_num_bytes(&bignum->z);
                if(count > sizeof(numbuf) - 1)
+               {
+                       d0_unlockmutex(tempmutex);
                        return 0;
+               }
                BN_bn2bin(&bignum->z, numbuf+1);
        }
-       return d0_iobuf_write_packet(buf, numbuf, count + 1);
+       ret = d0_iobuf_write_packet(buf, numbuf, count + 1);
+       d0_unlockmutex(tempmutex);
+       return ret;
 }
 
 d0_bignum_t *d0_iobuf_read_bignum(d0_iobuf_t *buf, d0_bignum_t *bignum)
 {
-       static __thread unsigned char numbuf[65536];
        size_t count = sizeof(numbuf);
+
+       d0_lockmutex(tempmutex);
        if(!d0_iobuf_read_packet(buf, numbuf, &count))
+       {
+               d0_unlockmutex(tempmutex);
                return NULL;
+       }
        if(count < 1)
+       {
+               d0_unlockmutex(tempmutex);
                return NULL;
-       if(!bignum) bignum = d0_bignum_new(); if(!bignum) return NULL;
+       }
+       if(!bignum)
+               bignum = d0_bignum_new();
+       if(!bignum)
+       {
+               d0_unlockmutex(tempmutex);
+               return NULL;
+       }
        if(numbuf[0] & 3) // nonzero
        {
                BN_bin2bn(numbuf+1, count-1, &bignum->z);
@@ -127,6 +254,7 @@ d0_bignum_t *d0_iobuf_read_bignum(d0_iobuf_t *buf, d0_bignum_t *bignum)
        {
                BN_zero(&bignum->z);
        }
+       d0_unlockmutex(tempmutex);
        return bignum;
 }
 
@@ -384,10 +512,18 @@ d0_bignum_t *d0_bignum_gcd(d0_bignum_t *r, d0_bignum_t *s, d0_bignum_t *t, const
 
 char *d0_bignum_tostring(const d0_bignum_t *x, unsigned int base)
 {
+       char *s = NULL;
+       char *s2;
+       size_t n;
        if(base == 10)
-               return BN_bn2dec(&x->z);
+               s = BN_bn2dec(&x->z);
        else if(base == 16)
-               return BN_bn2hex(&x->z);
+               s = BN_bn2hex(&x->z);
        else
                assert(!"Other bases not implemented");
+       n = strlen(s) + 1;
+       s2 = d0_malloc(n);
+       memcpy(s2, s, n);
+       OPENSSL_free(s);
+       return s2;
 }