diff options
author | Werner Koch <wk@gnupg.org> | 2002-05-02 14:07:31 +0000 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2002-05-02 14:07:31 +0000 |
commit | 519eb448cacaed994f3af515f1348d8065a96c6b (patch) | |
tree | d16ff7f6d3d037342fc4b9e7aa1363970498e2e3 | |
parent | 08762fdd090c5bff0265b947e71465b9dbda0051 (diff) | |
download | libgcrypt-519eb448cacaed994f3af515f1348d8065a96c6b.tar.gz |
* gcrypt.h (GCRYCTL_DISABLE_INTERNAL_LOCKING): New.
* global.c (gcry_control): Implement it.
(_gcry_no_internal_locking): New.
* mutex.h: Prefixed all fucntions with _gcry_. Bypass all
functions when desired.
* gcrypt.h (GCRYCTL_DISABLE_SECMEM): New.
* global.c (gcry_control,gcry_malloc_secure,gcry_is_secure):
Implement it here.
* secmem.c (_gcry_private_is_secure): Return false if the pool is
not initialized.
* gcrypt.h (GCRYCTL_INITIALIZATION_FINISHED): New.
* gcrypt.h (gcry_cipher_algos): Replaced RINDAEL by AES and change
the macros to expand from rijdael to aes.
* stdmem.c (_gcry_private_malloc): Return NULL for 0 byte allocation.
(_gcry_private_malloc_secure): Ditto.
* g10lib.h: Copied the JNLIB_GCC macros from ../jnlib/mischelp.h
and removed the inclusion of that file.
-rw-r--r-- | src/ChangeLog | 34 | ||||
-rw-r--r-- | src/Makefile.am | 3 | ||||
-rw-r--r-- | src/g10lib.h | 15 | ||||
-rw-r--r-- | src/gcrypt.h | 23 | ||||
-rw-r--r-- | src/global.c | 53 | ||||
-rw-r--r-- | src/mutex.h | 143 | ||||
-rw-r--r-- | src/secmem.c | 4 | ||||
-rw-r--r-- | src/stdmem.c | 8 |
8 files changed, 261 insertions, 22 deletions
diff --git a/src/ChangeLog b/src/ChangeLog index 59d46aa2..38fb9a70 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,37 @@ +2002-05-02 Werner Koch <wk@gnupg.org> + + * gcrypt.h (GCRYCTL_DISABLE_INTERNAL_LOCKING): New. + * global.c (gcry_control): Implement it. + (_gcry_no_internal_locking): New. + * mutex.h: Prefixed all fucntions with _gcry_. Bypass all + functions when desired. + + * gcrypt.h (GCRYCTL_DISABLE_SECMEM): New. + * global.c (gcry_control,gcry_malloc_secure,gcry_is_secure): + Implement it here. + * secmem.c (_gcry_private_is_secure): Return false if the pool is + not initialized. + + * gcrypt.h (GCRYCTL_INITIALIZATION_FINISHED): New. + + * gcrypt.h (gcry_cipher_algos): Replaced RINDAEL by AES and change + the macros to expand from rijdael to aes. + + * stdmem.c (_gcry_private_malloc): Return NULL for 0 byte allocation. + (_gcry_private_malloc_secure): Ditto. + + * g10lib.h: Copied the JNLIB_GCC macros from ../jnlib/mischelp.h + and removed the inclusion of that file. + +2002-04-15 Werner Koch <wk@gnupg.org> + + * global.c (gcry_strdup): New. + +2002-03-18 Werner Koch <wk@gnupg.org> + + * mutex.h: New file with a portable thread mutex implementation + written by Marcus Brinkmann. Taken from GPGME. + 2002-02-18 Werner Koch <wk@gnupg.org> * sexp.c (gcry_sexp_sscan): Don't initialize the dummy diff --git a/src/Makefile.am b/src/Makefile.am index 38cd2185..71b82d1e 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -49,7 +49,8 @@ libgcrypt_la_SOURCES = g10lib.h \ stdmem.h \ secmem.c \ secmem.h \ - mpi.h + mpi.h \ + mutex.h libgcrypt_la_DEPENDENCIES = libgcrypt.sym \ ../cipher/libcipher.la ../mpi/libmpi.la diff --git a/src/g10lib.h b/src/g10lib.h index 71aaf824..70d61e46 100644 --- a/src/g10lib.h +++ b/src/g10lib.h @@ -1,5 +1,5 @@ /* g10lib.h - internal defintions for libgcrypt - * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc. * * This header is to be used inside of libgcrypt in place of gcrypt.h. * This way we can better distinguish between internal and external @@ -35,7 +35,18 @@ #include <gcrypt.h> #include "types.h" -#include "../jnlib/mischelp.h" + +#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 5 ) +# define JNLIB_GCC_M_FUNCTION 1 +# define JNLIB_GCC_A_NR __attribute__ ((noreturn)) +# define JNLIB_GCC_A_PRINTF( f, a ) __attribute__ ((format (printf,f,a))) +# define JNLIB_GCC_A_NR_PRINTF( f, a ) \ + __attribute__ ((noreturn, format (printf,f,a))) +#else +# define JNLIB_GCC_A_NR +# define JNLIB_GCC_A_PRINTF( f, a ) +# define JNLIB_GCC_A_NR_PRINTF( f, a ) +#endif #ifdef G10_I18N_H #error i18n should not be included here diff --git a/src/gcrypt.h b/src/gcrypt.h index 27116a51..299fa6a7 100644 --- a/src/gcrypt.h +++ b/src/gcrypt.h @@ -132,7 +132,10 @@ enum gcry_ctl_cmds { GCRYCTL_START_DUMP = 32, GCRYCTL_STOP_DUMP = 33, GCRYCTL_GET_ALGO_USAGE = 34, - GCRYCTL_IS_ALGO_ENABLED = 35 + GCRYCTL_IS_ALGO_ENABLED = 35, + GCRYCTL_DISABLE_INTERNAL_LOCKING = 36, + GCRYCTL_DISABLE_SECMEM = 37, + GCRYCTL_INITIALIZATION_FINISHED = 38 }; int gcry_control( enum gcry_ctl_cmds, ... ); @@ -309,18 +312,19 @@ enum gcry_cipher_algos { GCRY_CIPHER_BLOWFISH = 4, GCRY_CIPHER_SAFER_SK128 = 5, GCRY_CIPHER_DES_SK = 6, - GCRY_CIPHER_RIJNDAEL = 7, - GCRY_CIPHER_RIJNDAEL192 = 8, - GCRY_CIPHER_RIJNDAEL256 = 9, + GCRY_CIPHER_AES = 7, + GCRY_CIPHER_AES192 = 8, + GCRY_CIPHER_AES256 = 9, GCRY_CIPHER_TWOFISH = 10, /* other cipher numbers are above 300 for OpenPGP reasons. */ GCRY_CIPHER_ARCFOUR = 301 }; -#define GCRY_CIPHER_AES GCRY_CIPHER_RIJNDAEL -#define GCRY_CIPHER_AES128 GCRY_CIPHER_RIJNDAEL -#define GCRY_CIPHER_AES192 GCRY_CIPHER_RIJNDAEL192 -#define GCRY_CIPHER_AES256 GCRY_CIPHER_RIJNDAEL256 +#define GCRY_CIPHER_AES128 GCRY_CIPHER_AES +#define GCRY_CIPHER_RIJNDAEL GCRY_CIPHER_AES +#define GCRY_CIPHER_RIJNDAEL128 GCRY_CIPHER_AES128 +#define GCRY_CIPHER_RIJNDAEL192 GCRY_CIPHER_AES192 +#define GCRY_CIPHER_RIJNDAEL256 GCRY_CIPHER_AES256 enum gcry_cipher_modes { GCRY_CIPHER_MODE_NONE = 0, @@ -337,7 +341,7 @@ enum gcry_cipher_flags { }; -GCRY_CIPHER_HD gcry_cipher_open( int algo, int mode, unsigned flags); +GCRY_CIPHER_HD gcry_cipher_open( int algo, int mode, unsigned int flags); void gcry_cipher_close( GCRY_CIPHER_HD h ); int gcry_cipher_ctl( GCRY_CIPHER_HD h, int cmd, void *buffer, size_t buflen); int gcry_cipher_info( GCRY_CIPHER_HD h, int what, void *buffer, size_t *nbytes); @@ -521,6 +525,7 @@ void *gcry_calloc( size_t n, size_t m ); void *gcry_malloc_secure( size_t n ); void *gcry_calloc_secure( size_t n, size_t m ); void *gcry_realloc( void *a, size_t n ); +char *gcry_strdup( const char *string ); void *gcry_xmalloc( size_t n ); void *gcry_xcalloc( size_t n, size_t m ); void *gcry_xmalloc_secure( size_t n ); diff --git a/src/global.c b/src/global.c index f78b6f78..b4c78b61 100644 --- a/src/global.c +++ b/src/global.c @@ -31,6 +31,7 @@ #include "stdmem.h" /* our own memory allocator */ #include "secmem.h" /* our own secmem allocator */ + /**************** * flag bits: 0 : general cipher debug * 1 : general MPI debug @@ -45,6 +46,8 @@ static void *(*realloc_func)(void *p, size_t n) = NULL; static void (*free_func)(void*) = NULL; static int (*outofcore_handler)( void*, size_t, unsigned int ) = NULL; static void *outofcore_handler_value = NULL; +static int no_internal_locking = 0; +static int no_secure_memory = 0; static const char* parse_version_number( const char *s, int *number ) @@ -151,6 +154,10 @@ gcry_control( enum gcry_ctl_cmds cmd, ... ) _gcry_secmem_init( 0 ); break; + case GCRYCTL_DISABLE_SECMEM: + no_secure_memory = 1; + break; + case GCRYCTL_INIT_SECMEM: _gcry_secmem_init( va_arg( arg_ptr, unsigned int ) ); break; @@ -187,6 +194,19 @@ gcry_control( enum gcry_ctl_cmds cmd, ... ) debug_flags &= ~va_arg( arg_ptr, unsigned int ); break; + case GCRYCTL_DISABLE_INTERNAL_LOCKING: + no_internal_locking = 1; + break; + + case GCRYCTL_INITIALIZATION_FINISHED: + /* This is a hook which should be used by an application after + all intialization has been done and right before any + threads are started. It is not really needed but the only + way to be really sure that all initialization for + thread-safety has been done. */ + /* fixme: we should initialize the various mutexs here */ + break; + default: va_end(arg_ptr); return GCRYERR_INV_OP; @@ -261,8 +281,7 @@ _gcry_set_lasterr( int ec ) /**************** - * NOTE: All 5 functions should be set. - */ + * NOTE: All 5 functions should be set. */ void gcry_set_allocation_handler( void *(*new_alloc_func)(size_t n), void *(*new_alloc_secure_func)(size_t n), @@ -314,17 +333,21 @@ gcry_malloc( size_t n ) void * gcry_malloc_secure( size_t n ) { - if( alloc_secure_func ) - return alloc_secure_func( n ) ; - return _gcry_private_malloc_secure( n ); + if (no_secure_memory) + return gcry_malloc (n); + if (alloc_secure_func) + return alloc_secure_func (n) ; + return _gcry_private_malloc_secure (n); } int gcry_is_secure( const void *a ) { - if( is_secure_func ) - return is_secure_func( a ) ; - return _gcry_private_is_secure( a ); + if (no_secure_memory) + return 0; + if (is_secure_func) + return is_secure_func (a) ; + return _gcry_private_is_secure (a); } void @@ -380,6 +403,15 @@ gcry_calloc_secure( size_t n, size_t m ) } +char * +gcry_strdup( const char *string ) +{ + void *p = gcry_malloc( strlen(string)+1 ); + strcpy( p, string ); + return p; +} + + void * gcry_xmalloc( size_t n ) { @@ -454,4 +486,9 @@ _gcry_get_debug_flag( unsigned int mask ) return debug_flags & mask; } +int +_gcry_no_internal_locking (void) +{ + return no_internal_locking; +} diff --git a/src/mutex.h b/src/mutex.h new file mode 100644 index 00000000..547d3117 --- /dev/null +++ b/src/mutex.h @@ -0,0 +1,143 @@ +/* mutex.h - Portable mutual exclusion, independent from any thread library. + * Copyright (C) 2002 g10 Code GmbH + * Copyright (C) 2002 Free Software Foundation, Inc. + * + * This file is part of Libgcrypt. + * + * Libgcrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * Libgcrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +#ifndef MUTEX_H +#define MUTEX_H + +/* Define MUTEX_FAKE before including the file to get stubs that don't + provide any locking at all. Define MUTEX_PTHREAD if you can link + against the posix thread library. */ + +#if defined(MUTEX_FAKE) + +typedef char mutex_t; +#define mutex_init(x) (0) +#define mutex_destroy(x) +#define mutex_lock(x) (0) +#define mutex_unlock(x) (0) + +#elif defined(MUTEX_PTHREAD) + +#include <pthread.h> + +#define mutex_t pthread_mutex_t +#define mutex_init(x) pthread_mutex_init (&(x), 0) +#define mutex_destroy(x) pthread_mutex_destroy(&(x)) +#define mutex_lock(x) pthread_mutex_lock (&(x)) +#define mutex_unlock(x) pthread_mutex_unlock (&(x)) + +#else + +int _gcry_no_internal_locking (void); + +#include <errno.h> +#include <fcntl.h> +#include <unistd.h> + +/* The type of a mutex. */ +typedef int mutex_t[2]; + +inline static int +set_close_on_exec (int fd) +{ + int flags = fcntl (fd, F_GETFD, 0); + if (flags == -1) + return errno; + flags |= FD_CLOEXEC; + if (fcntl (fd, F_SETFD, flags) == -1) + return errno; + return 0; +} + +/* Initialize the mutex variable MUTEX. */ +inline int +_gcry_mutex_init (mutex_t mutex) +{ + ssize_t amount; + int err = 0; + + if (_gcry_no_internal_locking()) + return 0; + if (pipe (mutex)) + return errno; + + err = set_close_on_exec (mutex[0]); + if (!err) + err = set_close_on_exec (mutex[1]); + if (!err) + while ((amount = write (mutex[1], " ", 1)) < 0 && errno == EINTR) + ; + if (!err && amount != 1) + err = errno; + + if (err) + { + close (mutex[0]); + close (mutex[1]); + } + return err; +} + +/* Destroy the mutex variable MUTEX. */ +inline void +_gcry_mutex_destroy (mutex_t mutex) +{ + if (_gcry_no_internal_locking ()) + return; + close (mutex[0]); + close (mutex[1]); +} + +/* Take the mutex variable MUTEX. */ +inline int +_gcry_mutex_lock (mutex_t mutex) +{ + char data; + int amount; + if (_gcry_no_internal_locking ()) + return 0; + + while ((amount = read (mutex[0], &data, 1)) < 0 && errno == EINTR) + ; + return (amount != 1) ? errno : 0; +} + +/* Release the mutex variable MUTEX. */ +inline int +_gcry_mutex_unlock (mutex_t mutex) +{ + int amount; + if (_gcry_no_internal_locking ()) + return 0; + while ((amount = write (mutex[1], " ", 1)) < 0 && errno == EINTR) + ; + return (amount != 1) ? errno : 0; +} + +#define mutex_init(x) _gcry_mutex_init (x) +#define mutex_destroy(x) _gcry_mutex_destroy(x) +#define mutex_lock(x) _gcry_mutex_lock (x) +#define mutex_unlock(x) _gcry_mutex_unlock (x) + + +#endif /* MUTEX_FAKE */ +#endif /* MUTEX_H */ + diff --git a/src/secmem.c b/src/secmem.c index 4ef44e5f..63ba67e3 100644 --- a/src/secmem.c +++ b/src/secmem.c @@ -382,7 +382,9 @@ _gcry_secmem_free( void *a ) int _gcry_private_is_secure( const void *p ) { - return p >= pool && p < (void*)((char*)pool+poolsize); + if (!pool_okay) + return 0; + return p >= pool && p < (void*)((char*)pool+poolsize); } diff --git a/src/stdmem.c b/src/stdmem.c index 1cfe62ff..1b22994b 100644 --- a/src/stdmem.c +++ b/src/stdmem.c @@ -1,5 +1,5 @@ /* stdmem.c - private memory allocator - * Copyright (C) 1998, 2000 Free Software Foundation, Inc. + * Copyright (C) 1998, 2000, 2002 Free Software Foundation, Inc. * * This file is part of Libgcrypt. * @@ -59,6 +59,9 @@ _gcry_private_enable_m_guard(void) void * _gcry_private_malloc( size_t n) { + if(!n) + return NULL; /* allocating 0 bytes is undefined - better return + an error */ if( use_m_guard ) { char *p; @@ -83,6 +86,9 @@ _gcry_private_malloc( size_t n) void * _gcry_private_malloc_secure( size_t n) { + if(!n) + return NULL; /* allocating 0 bytes is undefined - better return + an error */ if( use_m_guard ) { char *p; |