From e649992bffb7c76ef0290ecba1dac15d45a8169f Mon Sep 17 00:00:00 2001 From: Cedric BAIL Date: Tue, 17 Mar 2015 08:50:09 +0100 Subject: [PATCH] emile: make the initialization part of backend cipher file to. --- src/lib/emile/emile_cipher.c | 5 ++ src/lib/emile/emile_cipher_gnutls.c | 85 +++++++++++++++++++++++++++++++++ src/lib/emile/emile_cipher_openssl.c | 13 +++++ src/lib/emile/emile_main.c | 92 ++---------------------------------- src/lib/emile/emile_private.h | 2 + 5 files changed, 109 insertions(+), 88 deletions(-) diff --git a/src/lib/emile/emile_cipher.c b/src/lib/emile/emile_cipher.c index e1a3ac0..3af0688 100644 --- a/src/lib/emile/emile_cipher.c +++ b/src/lib/emile/emile_cipher.c @@ -8,6 +8,11 @@ #include "emile_private.h" +Eina_Bool _emile_cipher_init(void) +{ + return EINA_FALSE; +} + EAPI Eina_Binbuf * emile_binbuf_cipher(const Eina_Binbuf *data EINA_UNUSED, const char *key EINA_UNUSED, diff --git a/src/lib/emile/emile_cipher_gnutls.c b/src/lib/emile/emile_cipher_gnutls.c index 8cfcc63..92823fa 100644 --- a/src/lib/emile/emile_cipher_gnutls.c +++ b/src/lib/emile/emile_cipher_gnutls.c @@ -21,6 +21,91 @@ #define MAX_KEY_LEN 32 #define MAX_IV_LEN 16 +#ifdef HAVE_GNUTLS +static int +_emile_thread_mutex_init(void **priv) +{ + Eina_Lock *lock; + + lock = malloc(sizeof (Eina_Lock)); + if (!lock) return ENOMEM; + + if (!eina_lock_new(lock)) + { + free(lock); + return ENOMEM; + } + + *priv = lock; + return 0; +} + +static int +_emile_thread_mutex_destroy(void **priv) +{ + eina_lock_free(*priv); + free(*priv); + return 0; +} + +static int +_emile_thread_mutex_lock(void **priv) +{ + if (eina_lock_take(*priv) == EINA_LOCK_FAIL) + return EINVAL; + return 0; +} + +static int +_emile_thread_mutex_unlock(void **priv) +{ + if (eina_lock_release(*priv) == EINA_LOCK_FAIL) + return EINVAL; + return 0; +} + +static struct gcry_thread_cbs _emile_threads = { + (GCRY_THREAD_OPTION_PTHREAD | (GCRY_THREAD_OPTION_VERSION << 8)), + NULL, _emile_thread_mutex_init, _emile_thread_mutex_destroy, + _emile_thread_mutex_lock, _emile_thread_mutex_unlock, + NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL +}; +#endif /* ifdef HAVE_GNUTLS */ + +Eina_Bool +_emile_cipher_init(void) +{ +#ifdef HAVE_GNUTLS + if (gcry_control(GCRYCTL_SET_THREAD_CBS, &_emile_threads)) + WRN( + "YOU ARE USING PTHREADS, BUT I CANNOT INITIALIZE THREADSAFE GCRYPT OPERATIONS!"); + + /* Before the library can be used, it must initialize itself if needed. */ + if (gcry_control(GCRYCTL_ANY_INITIALIZATION_P) == 0) + { + gcry_check_version(NULL); + /* Disable warning messages about problems with the secure memory subsystem. + This command should be run right after gcry_check_version. */ + if (gcry_control(GCRYCTL_DISABLE_SECMEM_WARN)) + return EINA_FALSE; /* This command is used to allocate a pool of secure memory and thus + enabling the use of secure memory. It also drops all extra privileges the + process has (i.e. if it is run as setuid (root)). If the argument nbytes + is 0, secure memory will be disabled. The minimum amount of secure memory + allocated is currently 16384 bytes; you may thus use a value of 1 to + request that default size. */ + + if (gcry_control(GCRYCTL_INIT_SECMEM, 16384, 0)) + WRN( + "BIG FAT WARNING: I AM UNABLE TO REQUEST SECMEM, Cryptographic operation are at risk !"); + } + + if (gnutls_global_init()) + return EINA_FALSE; +#endif /* ifdef HAVE_GNUTLS */ + + return EINA_TRUE; +} + # ifdef HAVE_GNUTLS static inline Eina_Bool emile_hmac_sha1(const void *key, diff --git a/src/lib/emile/emile_cipher_openssl.c b/src/lib/emile/emile_cipher_openssl.c index 630cf12..9229e77 100644 --- a/src/lib/emile/emile_cipher_openssl.c +++ b/src/lib/emile/emile_cipher_openssl.c @@ -22,6 +22,19 @@ #define MAX_KEY_LEN EVP_MAX_KEY_LENGTH #define MAX_IV_LEN EVP_MAX_IV_LENGTH +Eina_Bool +_emile_cipher_init(void) +{ +#ifdef HAVE_OPENSSL + ERR_load_crypto_strings(); + SSL_library_init(); + SSL_load_error_strings(); + OpenSSL_add_all_algorithms(); +#endif /* ifdef HAVE_OPENSSL */ + + return EINA_TRUE; +} + static Eina_Bool emile_pbkdf2_sha1(const char *key, int key_len, diff --git a/src/lib/emile/emile_main.c b/src/lib/emile/emile_main.c index 2e137d2..d5939e8 100644 --- a/src/lib/emile/emile_main.c +++ b/src/lib/emile/emile_main.c @@ -19,102 +19,18 @@ #include "Emile.h" #include "emile_private.h" -static Eina_Bool _emile_cipher_init = EINA_FALSE; +static Eina_Bool _emile_cipher_inited = EINA_FALSE; static unsigned int _emile_init_count = 0; int _emile_log_dom_global = -1; -#ifdef HAVE_GNUTLS -static int -_emile_thread_mutex_init(void **priv) -{ - Eina_Lock *lock; - - lock = malloc(sizeof (Eina_Lock)); - if (!lock) return ENOMEM; - - if (!eina_lock_new(lock)) - { - free(lock); - return ENOMEM; - } - - *priv = lock; - return 0; -} - -static int -_emile_thread_mutex_destroy(void **priv) -{ - eina_lock_free(*priv); - free(*priv); - return 0; -} - -static int -_emile_thread_mutex_lock(void **priv) -{ - if (eina_lock_take(*priv) == EINA_LOCK_FAIL) - return EINVAL; - return 0; -} - -static int -_emile_thread_mutex_unlock(void **priv) -{ - if (eina_lock_release(*priv) == EINA_LOCK_FAIL) - return EINVAL; - return 0; -} - -static struct gcry_thread_cbs _emile_threads = { - (GCRY_THREAD_OPTION_PTHREAD | (GCRY_THREAD_OPTION_VERSION << 8)), - NULL, _emile_thread_mutex_init, _emile_thread_mutex_destroy, - _emile_thread_mutex_lock, _emile_thread_mutex_unlock, - NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL -}; -#endif /* ifdef HAVE_GNUTLS */ - EAPI Eina_Bool emile_cipher_init(void) { - if (_emile_cipher_init) return EINA_TRUE; - -#ifdef HAVE_GNUTLS - if (gcry_control(GCRYCTL_SET_THREAD_CBS, &_emile_threads)) - WRN( - "YOU ARE USING PTHREADS, BUT I CANNOT INITIALIZE THREADSAFE GCRYPT OPERATIONS!"); + if (_emile_cipher_inited) return EINA_TRUE; - /* Before the library can be used, it must initialize itself if needed. */ - if (gcry_control(GCRYCTL_ANY_INITIALIZATION_P) == 0) - { - gcry_check_version(NULL); - /* Disable warning messages about problems with the secure memory subsystem. - This command should be run right after gcry_check_version. */ - if (gcry_control(GCRYCTL_DISABLE_SECMEM_WARN)) - return EINA_FALSE; /* This command is used to allocate a pool of secure memory and thus - enabling the use of secure memory. It also drops all extra privileges the - process has (i.e. if it is run as setuid (root)). If the argument nbytes - is 0, secure memory will be disabled. The minimum amount of secure memory - allocated is currently 16384 bytes; you may thus use a value of 1 to - request that default size. */ - - if (gcry_control(GCRYCTL_INIT_SECMEM, 16384, 0)) - WRN( - "BIG FAT WARNING: I AM UNABLE TO REQUEST SECMEM, Cryptographic operation are at risk !"); - } - - if (gnutls_global_init()) - return EINA_FALSE; - -#endif /* ifdef HAVE_GNUTLS */ -#ifdef HAVE_OPENSSL - ERR_load_crypto_strings(); - SSL_library_init(); - SSL_load_error_strings(); - OpenSSL_add_all_algorithms(); -#endif /* ifdef HAVE_OPENSSL */ + if (!_emile_cipher_init()) return EINA_FALSE; - _emile_cipher_init = EINA_TRUE; + _emile_cipher_inited = EINA_TRUE; return EINA_TRUE; } diff --git a/src/lib/emile/emile_private.h b/src/lib/emile/emile_private.h index 0210379..e6b4763 100644 --- a/src/lib/emile/emile_private.h +++ b/src/lib/emile/emile_private.h @@ -24,4 +24,6 @@ extern int _emile_log_dom_global; #endif /* ifdef CRI */ #define CRI(...) EINA_LOG_DOM_CRIT(_emile_log_dom_global, __VA_ARGS__) +Eina_Bool _emile_cipher_init(void); + #endif /* EMILE_PRIVATE_H_ */ -- 2.7.4