sys/src/libsec/port/thumb.c

   1 #include <u.h>
   2 #include <libc.h>
   3 #include <bio.h>
   4 #include <auth.h>
   5 #include <mp.h>
   6 #include <libsec.h>
   7
   8 enum{ ThumbTab = 1<<10 };
   9
  10 static Thumbprint*
  11 tablehead(uchar *sum, Thumbprint *table)
  12 {
  13         return &table[((sum[0]<<8) + sum[1]) & (ThumbTab-1)];
  14 }
  15
  16 void
  17 freeThumbprints(Thumbprint *table)
  18 {
  19         Thumbprint *hd, *p, *q;
  20
  21         if(table == nil)
  22                 return;
  23         for(hd = table; hd < table+ThumbTab; hd++){
  24                 for(p = hd->next; p && p != hd; p = q){
  25                         q = p->next;
  26                         free(p);
  27                 }
  28         }
  29         free(table);
  30 }
  31
  32 int
  33 okThumbprint(uchar *sum, Thumbprint *table)
  34 {
  35         Thumbprint *hd, *p;
  36
  37         if(table == nil)
  38                 return 0;
  39         hd = tablehead(sum, table);
  40         for(p = hd->next; p; p = p->next){
  41                 if(constcmp(sum, p->sha1, SHA1dlen) == 0)
  42                         return 1;
  43                 if(p == hd)
  44                         break;
  45         }
  46         return 0;
  47 }
  48
  49 static int
  50 loadThumbprints(char *file, Thumbprint *table, Thumbprint *crltab)
  51 {
  52         Thumbprint *hd, *entry;
  53         char *line, *field[50];
  54         uchar sum[SHA1dlen];
  55         Biobuf *bin;
  56
  57         if(access(file, AEXIST) < 0)
  58                 return 0;       /* not an error */
  59         if((bin = Bopen(file, OREAD)) == nil)
  60                 return -1;
  61         for(; (line = Brdstr(bin, '\n', 1)) != nil; free(line)){
  62                 if(tokenize(line, field, nelem(field)) < 2)
  63                         continue;
  64                 if(strcmp(field[0], "#include") == 0){
  65                         if(loadThumbprints(field[1], table, crltab) < 0)
  66                                 goto err;
  67                         continue;
  68                 }
  69                 if(strcmp(field[0], "x509") != 0 || strncmp(field[1], "sha1=", 5) != 0)
  70                         continue;
  71                 field[1] += 5;
  72                 if(dec16(sum, SHA1dlen, field[1], strlen(field[1])) != SHA1dlen){
  73                         werrstr("malformed x509 entry in %s: %s", file, field[1]);
  74                         goto err;
  75                 }
  76                 if(crltab && okThumbprint(sum, crltab))
  77                         continue;
  78                 hd = tablehead(sum, table);
  79                 if(hd->next == nil)
  80                         entry = hd;
  81                 else {
  82                         if((entry = malloc(sizeof(*entry))) == nil)
  83                                 goto err;
  84                         entry->next = hd->next;
  85                 }
  86                 hd->next = entry;
  87                 memcpy(entry->sha1, sum, SHA1dlen);
  88         }
  89         Bterm(bin);
  90         return 0;
  91 err:
  92         free(line);
  93         Bterm(bin);
  94         return -1;
  95 }
  96
  97 Thumbprint *
  98 initThumbprints(char *ok, char *crl)
  99 {
 100         Thumbprint *table, *crltab;
 101
 102         table = crltab = nil;
 103         if(crl){
 104                 if((crltab = malloc(ThumbTab * sizeof(*crltab))) == nil)
 105                         goto err;
 106                 memset(crltab, 0, ThumbTab * sizeof(*crltab));
 107                 if(loadThumbprints(crl, crltab, nil) < 0)
 108                         goto err;
 109         }
 110         if((table = malloc(ThumbTab * sizeof(*table))) == nil)
 111                 goto err;
 112         memset(table, 0, ThumbTab * sizeof(*table));
 113         if(loadThumbprints(ok, table, crltab) < 0){
 114                 freeThumbprints(table);
 115                 table = nil;
 116         }
 117 err:
 118         freeThumbprints(crltab);
 119         return table;
 120 }