10a6a1f1dSLionel Sambuc /* $NetBSD: sign.c,v 1.6 2015/02/10 20:38:15 christos Exp $ */
23e07920fSDavid van Moolenbroek
33e07920fSDavid van Moolenbroek /*-
43e07920fSDavid van Moolenbroek * Copyright (c) 2008 The NetBSD Foundation, Inc.
53e07920fSDavid van Moolenbroek * All rights reserved.
63e07920fSDavid van Moolenbroek *
73e07920fSDavid van Moolenbroek * This code is derived from software contributed to The NetBSD Foundation
83e07920fSDavid van Moolenbroek * by Martin Sch�tte.
93e07920fSDavid van Moolenbroek *
103e07920fSDavid van Moolenbroek * Redistribution and use in source and binary forms, with or without
113e07920fSDavid van Moolenbroek * modification, are permitted provided that the following conditions
123e07920fSDavid van Moolenbroek * are met:
133e07920fSDavid van Moolenbroek * 1. Redistributions of source code must retain the above copyright
143e07920fSDavid van Moolenbroek * notice, this list of conditions and the following disclaimer.
153e07920fSDavid van Moolenbroek * 2. Redistributions in binary form must reproduce the above copyright
163e07920fSDavid van Moolenbroek * notice, this list of conditions and the following disclaimer in the
173e07920fSDavid van Moolenbroek * documentation and/or other materials provided with the distribution.
183e07920fSDavid van Moolenbroek * 3. All advertising materials mentioning features or use of this software
193e07920fSDavid van Moolenbroek * must display the following acknowledgement:
203e07920fSDavid van Moolenbroek * This product includes software developed by the NetBSD
213e07920fSDavid van Moolenbroek * Foundation, Inc. and its contributors.
223e07920fSDavid van Moolenbroek * 4. Neither the name of The NetBSD Foundation nor the names of its
233e07920fSDavid van Moolenbroek * contributors may be used to endorse or promote products derived
243e07920fSDavid van Moolenbroek * from this software without specific prior written permission.
253e07920fSDavid van Moolenbroek *
263e07920fSDavid van Moolenbroek * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
273e07920fSDavid van Moolenbroek * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
283e07920fSDavid van Moolenbroek * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
293e07920fSDavid van Moolenbroek * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
303e07920fSDavid van Moolenbroek * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
313e07920fSDavid van Moolenbroek * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
323e07920fSDavid van Moolenbroek * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
333e07920fSDavid van Moolenbroek * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
343e07920fSDavid van Moolenbroek * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
353e07920fSDavid van Moolenbroek * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
363e07920fSDavid van Moolenbroek * POSSIBILITY OF SUCH DAMAGE.
373e07920fSDavid van Moolenbroek */
383e07920fSDavid van Moolenbroek /*
393e07920fSDavid van Moolenbroek * sign.c
403e07920fSDavid van Moolenbroek * syslog-sign related code for syslogd
413e07920fSDavid van Moolenbroek *
423e07920fSDavid van Moolenbroek * Martin Sch�tte
433e07920fSDavid van Moolenbroek */
443e07920fSDavid van Moolenbroek /*
453e07920fSDavid van Moolenbroek * Issues with the current internet draft:
463e07920fSDavid van Moolenbroek * 1. The draft is a bit unclear on the input format for the signature,
473e07920fSDavid van Moolenbroek * so this might have to be changed later. Cf. sign_string_sign()
483e07920fSDavid van Moolenbroek * 2. The draft only defines DSA signatures. I hope it will be extended
493e07920fSDavid van Moolenbroek * to DSS, thus allowing DSA, RSA (ANSI X9.31) and ECDSA (ANSI X9.62)
503e07920fSDavid van Moolenbroek * 3. The draft does not define the data format for public keys in CBs.
513e07920fSDavid van Moolenbroek * This implementation sends public keys in DER encoding.
523e07920fSDavid van Moolenbroek * 4. This current implementation uses high-level OpenSSL API.
533e07920fSDavid van Moolenbroek * I am not sure if these completely implement the FIPS/ANSI standards.
543e07920fSDavid van Moolenbroek * Update after WG discussion in August:
553e07920fSDavid van Moolenbroek * 1. check; next draft will be clearer and specify the format as implemented.
563e07920fSDavid van Moolenbroek * 2. check; definitely only DSA in this version.
573e07920fSDavid van Moolenbroek * 3. remains a problem, so far no statement from authors or WG.
583e07920fSDavid van Moolenbroek * 4. check; used EVP_dss1 method implements FIPS.
593e07920fSDavid van Moolenbroek */
603e07920fSDavid van Moolenbroek /*
613e07920fSDavid van Moolenbroek * Limitations of this implementation:
623e07920fSDavid van Moolenbroek * - cannot use OpenPGP keys, only PKIX or DSA due to OpenSSL capabilities
633e07920fSDavid van Moolenbroek * - only works for correctly formatted messages, because incorrect messages
643e07920fSDavid van Moolenbroek * are reformatted (e.g. if it receives a message with two spaces between
653e07920fSDavid van Moolenbroek * fields it might even be parsed, but the output will have only one space).
663e07920fSDavid van Moolenbroek */
673e07920fSDavid van Moolenbroek
683e07920fSDavid van Moolenbroek #include <sys/cdefs.h>
690a6a1f1dSLionel Sambuc __RCSID("$NetBSD: sign.c,v 1.6 2015/02/10 20:38:15 christos Exp $");
703e07920fSDavid van Moolenbroek
713e07920fSDavid van Moolenbroek #ifndef DISABLE_SIGN
723e07920fSDavid van Moolenbroek #include "syslogd.h"
733e07920fSDavid van Moolenbroek #ifndef DISABLE_TLS
743e07920fSDavid van Moolenbroek #include "tls.h"
753e07920fSDavid van Moolenbroek #endif /* !DISABLE_TLS */
763e07920fSDavid van Moolenbroek #include "sign.h"
773e07920fSDavid van Moolenbroek #include "extern.h"
783e07920fSDavid van Moolenbroek
793e07920fSDavid van Moolenbroek /*
803e07920fSDavid van Moolenbroek * init all SGs for a given algorithm
813e07920fSDavid van Moolenbroek */
823e07920fSDavid van Moolenbroek bool
sign_global_init(struct filed * Files)833e07920fSDavid van Moolenbroek sign_global_init(struct filed *Files)
843e07920fSDavid van Moolenbroek {
853e07920fSDavid van Moolenbroek DPRINTF((D_CALL|D_SIGN), "sign_global_init()\n");
863e07920fSDavid van Moolenbroek if (!(GlobalSign.sg == 0 || GlobalSign.sg == 1
873e07920fSDavid van Moolenbroek || GlobalSign.sg == 2 || GlobalSign.sg == 3)) {
883e07920fSDavid van Moolenbroek logerror("sign_init(): invalid SG %d", GlobalSign.sg);
893e07920fSDavid van Moolenbroek return false;
903e07920fSDavid van Moolenbroek }
913e07920fSDavid van Moolenbroek
923e07920fSDavid van Moolenbroek if (!sign_get_keys())
933e07920fSDavid van Moolenbroek return false;
943e07920fSDavid van Moolenbroek
953e07920fSDavid van Moolenbroek /* signature algorithm */
963e07920fSDavid van Moolenbroek /* can probably be merged with the hash algorithm/context but
973e07920fSDavid van Moolenbroek * I leave the optimization for later until the RFC is ready */
983e07920fSDavid van Moolenbroek GlobalSign.sigctx = EVP_MD_CTX_create();
993e07920fSDavid van Moolenbroek EVP_MD_CTX_init(GlobalSign.sigctx);
1003e07920fSDavid van Moolenbroek
1013e07920fSDavid van Moolenbroek /* the signature algorithm depends on the type of key */
1023e07920fSDavid van Moolenbroek if (EVP_PKEY_DSA == EVP_PKEY_type(GlobalSign.pubkey->type)) {
1033e07920fSDavid van Moolenbroek GlobalSign.sig = EVP_dss1();
1043e07920fSDavid van Moolenbroek GlobalSign.sig_len_b64 = SIGN_B64SIGLEN_DSS;
1053e07920fSDavid van Moolenbroek /* this is the place to add non-DSA key types and algorithms
1063e07920fSDavid van Moolenbroek } else if (EVP_PKEY_RSA == EVP_PKEY_type(GlobalSign.pubkey->type)) {
1073e07920fSDavid van Moolenbroek GlobalSign.sig = EVP_sha1();
1083e07920fSDavid van Moolenbroek GlobalSign.sig_len_b64 = 28;
1093e07920fSDavid van Moolenbroek */
1103e07920fSDavid van Moolenbroek } else {
1113e07920fSDavid van Moolenbroek logerror("key type not supported for syslog-sign");
1123e07920fSDavid van Moolenbroek return false;
1133e07920fSDavid van Moolenbroek }
1143e07920fSDavid van Moolenbroek
1153e07920fSDavid van Moolenbroek assert(GlobalSign.keytype == 'C' || GlobalSign.keytype == 'K');
1163e07920fSDavid van Moolenbroek assert(GlobalSign.pubkey_b64 && GlobalSign.privkey &&
1173e07920fSDavid van Moolenbroek GlobalSign.pubkey);
1183e07920fSDavid van Moolenbroek assert(GlobalSign.privkey->pkey.dsa->priv_key);
1193e07920fSDavid van Moolenbroek
1203e07920fSDavid van Moolenbroek GlobalSign.gbc = 0;
1213e07920fSDavid van Moolenbroek STAILQ_INIT(&GlobalSign.SigGroups);
1223e07920fSDavid van Moolenbroek
1233e07920fSDavid van Moolenbroek /* hash algorithm */
1243e07920fSDavid van Moolenbroek OpenSSL_add_all_digests();
1253e07920fSDavid van Moolenbroek GlobalSign.mdctx = EVP_MD_CTX_create();
1263e07920fSDavid van Moolenbroek EVP_MD_CTX_init(GlobalSign.mdctx);
1273e07920fSDavid van Moolenbroek
1283e07920fSDavid van Moolenbroek /* values for SHA-1 */
1293e07920fSDavid van Moolenbroek GlobalSign.md = EVP_dss1();
1303e07920fSDavid van Moolenbroek GlobalSign.md_len_b64 = 28;
1313e07920fSDavid van Moolenbroek GlobalSign.ver = "0111";
1323e07920fSDavid van Moolenbroek
1333e07920fSDavid van Moolenbroek if (!sign_sg_init(Files))
1343e07920fSDavid van Moolenbroek return false;
1353e07920fSDavid van Moolenbroek sign_new_reboot_session();
1363e07920fSDavid van Moolenbroek
1373e07920fSDavid van Moolenbroek DPRINTF(D_SIGN, "length values: SIGN_MAX_SD_LENGTH %d, "
1383e07920fSDavid van Moolenbroek "SIGN_MAX_FRAG_LENGTH %d, SIGN_MAX_SB_LENGTH %d, "
1393e07920fSDavid van Moolenbroek "SIGN_MAX_HASH_NUM %d\n", SIGN_MAX_SD_LENGTH,
1403e07920fSDavid van Moolenbroek SIGN_MAX_FRAG_LENGTH, SIGN_MAX_SB_LENGTH, SIGN_MAX_HASH_NUM);
1413e07920fSDavid van Moolenbroek
1423e07920fSDavid van Moolenbroek /* set just before return, so it indicates initialization */
1433e07920fSDavid van Moolenbroek GlobalSign.rsid = now;
1443e07920fSDavid van Moolenbroek return true;
1453e07920fSDavid van Moolenbroek }
1463e07920fSDavid van Moolenbroek
1473e07920fSDavid van Moolenbroek /*
1483e07920fSDavid van Moolenbroek * get keys for syslog-sign
1493e07920fSDavid van Moolenbroek * either from the X.509 certificate used for TLS
1503e07920fSDavid van Moolenbroek * or by generating a new one
1513e07920fSDavid van Moolenbroek *
1523e07920fSDavid van Moolenbroek * sets the global variables
1533e07920fSDavid van Moolenbroek * GlobalSign.keytype, GlobalSign.pubkey_b64,
1543e07920fSDavid van Moolenbroek * GlobalSign.privkey, and GlobalSign.pubkey
1553e07920fSDavid van Moolenbroek */
1563e07920fSDavid van Moolenbroek bool
sign_get_keys(void)1573e07920fSDavid van Moolenbroek sign_get_keys(void)
1583e07920fSDavid van Moolenbroek {
1593e07920fSDavid van Moolenbroek EVP_PKEY *pubkey = NULL, *privkey = NULL;
1603e07920fSDavid van Moolenbroek unsigned char *der_pubkey = NULL, *ptr_der_pubkey = NULL;
1613e07920fSDavid van Moolenbroek char *pubkey_b64 = NULL;
1623e07920fSDavid van Moolenbroek int der_len;
1633e07920fSDavid van Moolenbroek
1643e07920fSDavid van Moolenbroek /* try PKIX/TLS key first */
1653e07920fSDavid van Moolenbroek #ifndef DISABLE_TLS
1663e07920fSDavid van Moolenbroek SSL *ssl;
1673e07920fSDavid van Moolenbroek if (tls_opt.global_TLS_CTX
1683e07920fSDavid van Moolenbroek && (ssl = SSL_new(tls_opt.global_TLS_CTX))) {
1693e07920fSDavid van Moolenbroek X509 *cert;
1703e07920fSDavid van Moolenbroek DPRINTF(D_SIGN, "Try to get keys from TLS X.509 cert...\n");
1713e07920fSDavid van Moolenbroek
1723e07920fSDavid van Moolenbroek if (!(cert = SSL_get_certificate(ssl))) {
1733e07920fSDavid van Moolenbroek logerror("SSL_get_certificate() failed");
1743e07920fSDavid van Moolenbroek FREE_SSL(ssl);
1753e07920fSDavid van Moolenbroek return false;
1763e07920fSDavid van Moolenbroek }
1773e07920fSDavid van Moolenbroek if (!(privkey = SSL_get_privatekey(ssl))) {
1783e07920fSDavid van Moolenbroek logerror("SSL_get_privatekey() failed");
1793e07920fSDavid van Moolenbroek FREE_SSL(ssl);
1803e07920fSDavid van Moolenbroek return false;
1813e07920fSDavid van Moolenbroek }
1823e07920fSDavid van Moolenbroek if (!(pubkey = X509_get_pubkey(cert))) {
1833e07920fSDavid van Moolenbroek logerror("X509_get_pubkey() failed");
1843e07920fSDavid van Moolenbroek FREE_SSL(ssl);
1853e07920fSDavid van Moolenbroek return false;
1863e07920fSDavid van Moolenbroek }
1873e07920fSDavid van Moolenbroek /* note:
1883e07920fSDavid van Moolenbroek * - privkey is just a pointer into SSL_CTX and
1893e07920fSDavid van Moolenbroek * must not be changed nor be free()d
1903e07920fSDavid van Moolenbroek * - but pubkey has to be freed with EVP_PKEY_free()
1913e07920fSDavid van Moolenbroek */
1923e07920fSDavid van Moolenbroek FREE_SSL(ssl);
1933e07920fSDavid van Moolenbroek
1943e07920fSDavid van Moolenbroek if (EVP_PKEY_DSA != EVP_PKEY_type(pubkey->type)) {
1953e07920fSDavid van Moolenbroek DPRINTF(D_SIGN, "X.509 cert has no DSA key\n");
1963e07920fSDavid van Moolenbroek EVP_PKEY_free(pubkey);
1973e07920fSDavid van Moolenbroek privkey = NULL;
1983e07920fSDavid van Moolenbroek pubkey = NULL;
1993e07920fSDavid van Moolenbroek } else {
2003e07920fSDavid van Moolenbroek DPRINTF(D_SIGN, "Got public and private key "
2013e07920fSDavid van Moolenbroek "from X.509 --> use type PKIX\n");
2023e07920fSDavid van Moolenbroek GlobalSign.keytype = 'C';
2033e07920fSDavid van Moolenbroek GlobalSign.privkey = privkey;
2043e07920fSDavid van Moolenbroek GlobalSign.pubkey = pubkey;
2053e07920fSDavid van Moolenbroek
2063e07920fSDavid van Moolenbroek /* base64 certificate encoding */
2073e07920fSDavid van Moolenbroek der_len = i2d_X509(cert, NULL);
2083e07920fSDavid van Moolenbroek if (!(ptr_der_pubkey = der_pubkey = malloc(der_len))
2093e07920fSDavid van Moolenbroek || !(pubkey_b64 = malloc(der_len*2))) {
2103e07920fSDavid van Moolenbroek free(der_pubkey);
2113e07920fSDavid van Moolenbroek logerror("malloc() failed");
2123e07920fSDavid van Moolenbroek return false;
2133e07920fSDavid van Moolenbroek }
2143e07920fSDavid van Moolenbroek if (i2d_X509(cert, &ptr_der_pubkey) <= 0) {
2153e07920fSDavid van Moolenbroek logerror("i2d_X509() failed");
2163e07920fSDavid van Moolenbroek return false;
2173e07920fSDavid van Moolenbroek }
2183e07920fSDavid van Moolenbroek b64_ntop(der_pubkey, der_len, pubkey_b64, der_len*2);
2193e07920fSDavid van Moolenbroek free(der_pubkey);
2203e07920fSDavid van Moolenbroek /* try to resize memory object as needed */
2213e07920fSDavid van Moolenbroek GlobalSign.pubkey_b64 = realloc(pubkey_b64,
2223e07920fSDavid van Moolenbroek strlen(pubkey_b64)+1);
2233e07920fSDavid van Moolenbroek if (!GlobalSign.pubkey_b64)
2243e07920fSDavid van Moolenbroek GlobalSign.pubkey_b64 = pubkey_b64;
2253e07920fSDavid van Moolenbroek }
2263e07920fSDavid van Moolenbroek }
2273e07920fSDavid van Moolenbroek #endif /* !DISABLE_TLS */
2283e07920fSDavid van Moolenbroek if (!(privkey && pubkey)) { /* PKIX not available --> generate key */
2293e07920fSDavid van Moolenbroek DSA *dsa;
2303e07920fSDavid van Moolenbroek
2313e07920fSDavid van Moolenbroek DPRINTF(D_SIGN, "Unable to get keys from X.509 "
2323e07920fSDavid van Moolenbroek "--> use DSA with type 'K'\n");
2333e07920fSDavid van Moolenbroek if (!(privkey = EVP_PKEY_new())) {
2343e07920fSDavid van Moolenbroek logerror("EVP_PKEY_new() failed");
2353e07920fSDavid van Moolenbroek return false;
2363e07920fSDavid van Moolenbroek }
2373e07920fSDavid van Moolenbroek dsa = DSA_generate_parameters(SIGN_GENCERT_BITS, NULL, 0,
2383e07920fSDavid van Moolenbroek NULL, NULL, NULL, NULL);
2393e07920fSDavid van Moolenbroek if (!DSA_generate_key(dsa)) {
2403e07920fSDavid van Moolenbroek logerror("DSA_generate_key() failed");
2413e07920fSDavid van Moolenbroek return false;
2423e07920fSDavid van Moolenbroek }
2433e07920fSDavid van Moolenbroek if (!EVP_PKEY_assign_DSA(privkey, dsa)) {
2443e07920fSDavid van Moolenbroek logerror("EVP_PKEY_assign_DSA() failed");
2453e07920fSDavid van Moolenbroek return false;
2463e07920fSDavid van Moolenbroek }
2473e07920fSDavid van Moolenbroek GlobalSign.keytype = 'K'; /* public/private keys used */
2483e07920fSDavid van Moolenbroek GlobalSign.privkey = privkey;
2493e07920fSDavid van Moolenbroek GlobalSign.pubkey = privkey;
2503e07920fSDavid van Moolenbroek
2513e07920fSDavid van Moolenbroek /* pubkey base64 encoding */
2523e07920fSDavid van Moolenbroek der_len = i2d_DSA_PUBKEY(dsa, NULL);
2533e07920fSDavid van Moolenbroek if (!(ptr_der_pubkey = der_pubkey = malloc(der_len))
2543e07920fSDavid van Moolenbroek || !(pubkey_b64 = malloc(der_len*2))) {
2553e07920fSDavid van Moolenbroek free(der_pubkey);
2563e07920fSDavid van Moolenbroek logerror("malloc() failed");
2573e07920fSDavid van Moolenbroek return false;
2583e07920fSDavid van Moolenbroek }
2593e07920fSDavid van Moolenbroek if (i2d_DSA_PUBKEY(dsa, &ptr_der_pubkey) <= 0) {
2603e07920fSDavid van Moolenbroek logerror("i2d_DSA_PUBKEY() failed");
2613e07920fSDavid van Moolenbroek free(der_pubkey);
2623e07920fSDavid van Moolenbroek free(pubkey_b64);
2633e07920fSDavid van Moolenbroek return false;
2643e07920fSDavid van Moolenbroek }
2653e07920fSDavid van Moolenbroek b64_ntop(der_pubkey, der_len, pubkey_b64, der_len*2);
2663e07920fSDavid van Moolenbroek free(der_pubkey);
2673e07920fSDavid van Moolenbroek /* try to resize memory object as needed */
2683e07920fSDavid van Moolenbroek GlobalSign.pubkey_b64 = realloc(pubkey_b64,
2693e07920fSDavid van Moolenbroek strlen(pubkey_b64) + 1);
2703e07920fSDavid van Moolenbroek if (!GlobalSign.pubkey_b64)
2713e07920fSDavid van Moolenbroek GlobalSign.pubkey_b64 = pubkey_b64;
2723e07920fSDavid van Moolenbroek }
2733e07920fSDavid van Moolenbroek return true;
2743e07920fSDavid van Moolenbroek }
2753e07920fSDavid van Moolenbroek
2763e07920fSDavid van Moolenbroek /*
2773e07920fSDavid van Moolenbroek * init SGs
2783e07920fSDavid van Moolenbroek */
2793e07920fSDavid van Moolenbroek bool
sign_sg_init(struct filed * Files)2803e07920fSDavid van Moolenbroek sign_sg_init(struct filed *Files)
2813e07920fSDavid van Moolenbroek {
2823e07920fSDavid van Moolenbroek struct signature_group_t *sg, *newsg, *last_sg;
2833e07920fSDavid van Moolenbroek struct filed_queue *fq;
2843e07920fSDavid van Moolenbroek struct string_queue *sqentry, *last_sqentry;
2853e07920fSDavid van Moolenbroek struct filed *f;
2863e07920fSDavid van Moolenbroek unsigned int i;
2873e07920fSDavid van Moolenbroek
2883e07920fSDavid van Moolenbroek /* note on SG 1 and 2:
2893e07920fSDavid van Moolenbroek * it is assumed that redundant signature groups
2903e07920fSDavid van Moolenbroek * and especially signature groups without an associated
2913e07920fSDavid van Moolenbroek * destination are harmless.
2923e07920fSDavid van Moolenbroek * this currently holds true because sign_append_hash()
2933e07920fSDavid van Moolenbroek * is called from fprintlog(), so only actually used
2943e07920fSDavid van Moolenbroek * signature group get hashes and need memory for them
2953e07920fSDavid van Moolenbroek */
2963e07920fSDavid van Moolenbroek /* possible optimization for SGs 1 and 2:
2973e07920fSDavid van Moolenbroek * use a struct signature_group_t *newsg[IETF_NUM_PRIVALUES]
2983e07920fSDavid van Moolenbroek * for direct group lookup
2993e07920fSDavid van Moolenbroek */
3003e07920fSDavid van Moolenbroek
3013e07920fSDavid van Moolenbroek #define ALLOC_OR_FALSE(x) do { \
3023e07920fSDavid van Moolenbroek if(!((x) = calloc(1, sizeof(*(x))))) { \
3033e07920fSDavid van Moolenbroek logerror("Unable to allocate memory"); \
3043e07920fSDavid van Moolenbroek return false; \
3053e07920fSDavid van Moolenbroek } \
3063e07920fSDavid van Moolenbroek } while (/*CONSTCOND*/0)
3073e07920fSDavid van Moolenbroek
3083e07920fSDavid van Moolenbroek #define ALLOC_SG(x) do { \
3093e07920fSDavid van Moolenbroek ALLOC_OR_FALSE(x); \
3103e07920fSDavid van Moolenbroek (x)->last_msg_num = 1; /* cf. section 4.2.5 */ \
3113e07920fSDavid van Moolenbroek STAILQ_INIT(&(x)->hashes); \
3123e07920fSDavid van Moolenbroek STAILQ_INIT(&(x)->files); \
3133e07920fSDavid van Moolenbroek } while (/*CONSTCOND*/0)
3143e07920fSDavid van Moolenbroek
3153e07920fSDavid van Moolenbroek /* alloc(fq) and add to SGs file queue */
3163e07920fSDavid van Moolenbroek #define ASSIGN_FQ() do { \
3173e07920fSDavid van Moolenbroek ALLOC_OR_FALSE(fq); \
3183e07920fSDavid van Moolenbroek fq->f = f; \
3193e07920fSDavid van Moolenbroek f->f_sg = newsg; \
3203e07920fSDavid van Moolenbroek DPRINTF(D_SIGN, "SG@%p <--> f@%p\n", newsg, f); \
3213e07920fSDavid van Moolenbroek STAILQ_INSERT_TAIL(&newsg->files, fq, entries); \
3223e07920fSDavid van Moolenbroek } while (/*CONSTCOND*/0)
3233e07920fSDavid van Moolenbroek
3243e07920fSDavid van Moolenbroek switch (GlobalSign.sg) {
3253e07920fSDavid van Moolenbroek case 0:
3263e07920fSDavid van Moolenbroek /* one SG, linked to all files */
3273e07920fSDavid van Moolenbroek ALLOC_SG(newsg);
3283e07920fSDavid van Moolenbroek newsg->spri = 0;
3293e07920fSDavid van Moolenbroek for (f = Files; f; f = f->f_next)
3303e07920fSDavid van Moolenbroek ASSIGN_FQ();
3313e07920fSDavid van Moolenbroek STAILQ_INSERT_TAIL(&GlobalSign.SigGroups,
3323e07920fSDavid van Moolenbroek newsg, entries);
3333e07920fSDavid van Moolenbroek break;
3343e07920fSDavid van Moolenbroek case 1:
3353e07920fSDavid van Moolenbroek /* every PRI gets one SG */
3363e07920fSDavid van Moolenbroek for (i = 0; i < IETF_NUM_PRIVALUES; i++) {
3373e07920fSDavid van Moolenbroek int fac, prilev;
3383e07920fSDavid van Moolenbroek fac = LOG_FAC(i);
3393e07920fSDavid van Moolenbroek prilev = LOG_PRI(i);
3403e07920fSDavid van Moolenbroek ALLOC_SG(newsg);
3413e07920fSDavid van Moolenbroek newsg->spri = i;
3423e07920fSDavid van Moolenbroek
3433e07920fSDavid van Moolenbroek /* now find all destinations associated with this SG */
3443e07920fSDavid van Moolenbroek for (f = Files; f; f = f->f_next)
3453e07920fSDavid van Moolenbroek /* check priorities */
3463e07920fSDavid van Moolenbroek if (MATCH_PRI(f, fac, prilev))
3473e07920fSDavid van Moolenbroek ASSIGN_FQ();
3483e07920fSDavid van Moolenbroek STAILQ_INSERT_TAIL(&GlobalSign.SigGroups,
3493e07920fSDavid van Moolenbroek newsg, entries);
3503e07920fSDavid van Moolenbroek }
3513e07920fSDavid van Moolenbroek break;
3523e07920fSDavid van Moolenbroek case 2:
3533e07920fSDavid van Moolenbroek /* PRI ranges get one SG, boundaries given by the
3543e07920fSDavid van Moolenbroek * SPRI, indicating the largest PRI in the SG
3553e07920fSDavid van Moolenbroek *
3563e07920fSDavid van Moolenbroek * either GlobalSign.sig2_delims has a list of
3573e07920fSDavid van Moolenbroek * user configured delimiters, or we use a default
3583e07920fSDavid van Moolenbroek * and set up one SG per facility
3593e07920fSDavid van Moolenbroek */
3603e07920fSDavid van Moolenbroek if (STAILQ_EMPTY(&GlobalSign.sig2_delims)) {
3613e07920fSDavid van Moolenbroek DPRINTF(D_SIGN, "sign_sg_init(): set default "
3623e07920fSDavid van Moolenbroek "values for SG 2\n");
3633e07920fSDavid van Moolenbroek for (i = 0; i < (IETF_NUM_PRIVALUES>>3); i++) {
3643e07920fSDavid van Moolenbroek ALLOC_OR_FALSE(sqentry);
3653e07920fSDavid van Moolenbroek sqentry->data = NULL;
3663e07920fSDavid van Moolenbroek sqentry->key = (i<<3);
3673e07920fSDavid van Moolenbroek STAILQ_INSERT_TAIL(&GlobalSign.sig2_delims,
3683e07920fSDavid van Moolenbroek sqentry, entries);
3693e07920fSDavid van Moolenbroek }
3703e07920fSDavid van Moolenbroek }
3713e07920fSDavid van Moolenbroek assert(!STAILQ_EMPTY(&GlobalSign.sig2_delims));
3723e07920fSDavid van Moolenbroek
3733e07920fSDavid van Moolenbroek /* add one more group at the end */
3743e07920fSDavid van Moolenbroek last_sqentry = STAILQ_LAST(&GlobalSign.sig2_delims,
3753e07920fSDavid van Moolenbroek string_queue, entries);
3763e07920fSDavid van Moolenbroek if (last_sqentry->key < IETF_NUM_PRIVALUES) {
3773e07920fSDavid van Moolenbroek ALLOC_OR_FALSE(sqentry);
3783e07920fSDavid van Moolenbroek sqentry->data = NULL;
3793e07920fSDavid van Moolenbroek sqentry->key = IETF_NUM_PRIVALUES-1;
3803e07920fSDavid van Moolenbroek STAILQ_INSERT_TAIL(&GlobalSign.sig2_delims,
3813e07920fSDavid van Moolenbroek sqentry, entries);
3823e07920fSDavid van Moolenbroek }
3833e07920fSDavid van Moolenbroek
3843e07920fSDavid van Moolenbroek STAILQ_FOREACH(sqentry, &GlobalSign.sig2_delims, entries) {
3853e07920fSDavid van Moolenbroek unsigned int min_pri = 0;
3863e07920fSDavid van Moolenbroek ALLOC_SG(newsg);
3873e07920fSDavid van Moolenbroek newsg->spri = sqentry->key;
3883e07920fSDavid van Moolenbroek
3893e07920fSDavid van Moolenbroek /* check _all_ priorities in SG */
3903e07920fSDavid van Moolenbroek last_sg = STAILQ_LAST(&GlobalSign.SigGroups,
3913e07920fSDavid van Moolenbroek signature_group_t, entries);
3923e07920fSDavid van Moolenbroek if (last_sg)
3933e07920fSDavid van Moolenbroek min_pri = last_sg->spri + 1;
3943e07920fSDavid van Moolenbroek
3953e07920fSDavid van Moolenbroek DPRINTF(D_SIGN, "sign_sg_init(): add SG@%p: SG=\"2\","
3963e07920fSDavid van Moolenbroek " SPRI=\"%d\" -- for msgs with "
3973e07920fSDavid van Moolenbroek "%d <= pri <= %d\n",
3983e07920fSDavid van Moolenbroek newsg, newsg->spri, min_pri, newsg->spri);
3993e07920fSDavid van Moolenbroek /* now find all destinations associated with this SG */
4003e07920fSDavid van Moolenbroek for (f = Files; f; f = f->f_next) {
4013e07920fSDavid van Moolenbroek bool match = false;
4023e07920fSDavid van Moolenbroek for (i = min_pri; i <= newsg->spri; i++) {
4033e07920fSDavid van Moolenbroek int fac, prilev;
4043e07920fSDavid van Moolenbroek fac = LOG_FAC(i);
4053e07920fSDavid van Moolenbroek prilev = LOG_PRI(i);
4063e07920fSDavid van Moolenbroek if (MATCH_PRI(f, fac, prilev)) {
4073e07920fSDavid van Moolenbroek match = true;
4083e07920fSDavid van Moolenbroek break;
4093e07920fSDavid van Moolenbroek }
4103e07920fSDavid van Moolenbroek }
4113e07920fSDavid van Moolenbroek if (match)
4123e07920fSDavid van Moolenbroek ASSIGN_FQ();
4133e07920fSDavid van Moolenbroek }
4143e07920fSDavid van Moolenbroek STAILQ_INSERT_TAIL(&GlobalSign.SigGroups,
4153e07920fSDavid van Moolenbroek newsg, entries);
4163e07920fSDavid van Moolenbroek }
4173e07920fSDavid van Moolenbroek break;
4183e07920fSDavid van Moolenbroek case 3:
4193e07920fSDavid van Moolenbroek /* every file (with flag) gets one SG */
4203e07920fSDavid van Moolenbroek for (f = Files; f; f = f->f_next) {
4213e07920fSDavid van Moolenbroek if (!(f->f_flags & FFLAG_SIGN)) {
4223e07920fSDavid van Moolenbroek f->f_sg = NULL;
4233e07920fSDavid van Moolenbroek continue;
4243e07920fSDavid van Moolenbroek }
4253e07920fSDavid van Moolenbroek ALLOC_SG(newsg);
4263e07920fSDavid van Moolenbroek newsg->spri = f->f_file; /* not needed but shows SGs */
4273e07920fSDavid van Moolenbroek ASSIGN_FQ();
4283e07920fSDavid van Moolenbroek STAILQ_INSERT_TAIL(&GlobalSign.SigGroups,
4293e07920fSDavid van Moolenbroek newsg, entries);
4303e07920fSDavid van Moolenbroek }
4313e07920fSDavid van Moolenbroek break;
4323e07920fSDavid van Moolenbroek }
4333e07920fSDavid van Moolenbroek DPRINTF((D_PARSE|D_SIGN), "sign_sg_init() set up these "
4343e07920fSDavid van Moolenbroek "Signature Groups:\n");
4353e07920fSDavid van Moolenbroek STAILQ_FOREACH(sg, &GlobalSign.SigGroups, entries) {
4363e07920fSDavid van Moolenbroek DPRINTF((D_PARSE|D_SIGN), "SG@%p with SG=\"%d\", SPRI=\"%d\","
4373e07920fSDavid van Moolenbroek " associated files:\n", sg, GlobalSign.sg, sg->spri);
4383e07920fSDavid van Moolenbroek STAILQ_FOREACH(fq, &sg->files, entries) {
4393e07920fSDavid van Moolenbroek DPRINTF((D_PARSE|D_SIGN), " f@%p with type %d\n",
4403e07920fSDavid van Moolenbroek fq->f, fq->f->f_type);
4413e07920fSDavid van Moolenbroek }
4423e07920fSDavid van Moolenbroek }
4433e07920fSDavid van Moolenbroek return true;
4443e07920fSDavid van Moolenbroek }
4453e07920fSDavid van Moolenbroek
4463e07920fSDavid van Moolenbroek /*
4473e07920fSDavid van Moolenbroek * free all SGs for a given algorithm
4483e07920fSDavid van Moolenbroek */
4493e07920fSDavid van Moolenbroek void
sign_global_free(void)4503e07920fSDavid van Moolenbroek sign_global_free(void)
4513e07920fSDavid van Moolenbroek {
4523e07920fSDavid van Moolenbroek struct signature_group_t *sg, *tmp_sg;
4533e07920fSDavid van Moolenbroek struct filed_queue *fq, *tmp_fq;
4543e07920fSDavid van Moolenbroek
4553e07920fSDavid van Moolenbroek DPRINTF((D_CALL|D_SIGN), "sign_global_free()\n");
4563e07920fSDavid van Moolenbroek STAILQ_FOREACH_SAFE(sg, &GlobalSign.SigGroups, entries, tmp_sg) {
4573e07920fSDavid van Moolenbroek if (!STAILQ_EMPTY(&sg->hashes)) {
4583e07920fSDavid van Moolenbroek /* send CB and SB twice to get minimal redundancy
4593e07920fSDavid van Moolenbroek * for the last few message hashes */
4603e07920fSDavid van Moolenbroek sign_send_certificate_block(sg);
4613e07920fSDavid van Moolenbroek sign_send_certificate_block(sg);
4623e07920fSDavid van Moolenbroek sign_send_signature_block(sg, true);
4633e07920fSDavid van Moolenbroek sign_send_signature_block(sg, true);
4643e07920fSDavid van Moolenbroek sign_free_hashes(sg);
4653e07920fSDavid van Moolenbroek }
4663e07920fSDavid van Moolenbroek fq = STAILQ_FIRST(&sg->files);
4673e07920fSDavid van Moolenbroek while (fq != NULL) {
4683e07920fSDavid van Moolenbroek tmp_fq = STAILQ_NEXT(fq, entries);
4693e07920fSDavid van Moolenbroek free(fq);
4703e07920fSDavid van Moolenbroek fq = tmp_fq;
4713e07920fSDavid van Moolenbroek }
4723e07920fSDavid van Moolenbroek STAILQ_REMOVE(&GlobalSign.SigGroups,
4733e07920fSDavid van Moolenbroek sg, signature_group_t, entries);
4743e07920fSDavid van Moolenbroek free(sg);
4753e07920fSDavid van Moolenbroek }
4763e07920fSDavid van Moolenbroek sign_free_string_queue(&GlobalSign.sig2_delims);
4773e07920fSDavid van Moolenbroek
4783e07920fSDavid van Moolenbroek if (GlobalSign.privkey) {
4793e07920fSDavid van Moolenbroek GlobalSign.privkey = NULL;
4803e07920fSDavid van Moolenbroek }
4813e07920fSDavid van Moolenbroek if (GlobalSign.pubkey) {
4823e07920fSDavid van Moolenbroek EVP_PKEY_free(GlobalSign.pubkey);
4833e07920fSDavid van Moolenbroek GlobalSign.pubkey = NULL;
4843e07920fSDavid van Moolenbroek }
4853e07920fSDavid van Moolenbroek if(GlobalSign.mdctx) {
4863e07920fSDavid van Moolenbroek EVP_MD_CTX_destroy(GlobalSign.mdctx);
4873e07920fSDavid van Moolenbroek GlobalSign.mdctx = NULL;
4883e07920fSDavid van Moolenbroek }
4893e07920fSDavid van Moolenbroek if(GlobalSign.sigctx) {
4903e07920fSDavid van Moolenbroek EVP_MD_CTX_destroy(GlobalSign.sigctx);
4913e07920fSDavid van Moolenbroek GlobalSign.sigctx = NULL;
4923e07920fSDavid van Moolenbroek }
4933e07920fSDavid van Moolenbroek FREEPTR(GlobalSign.pubkey_b64);
4943e07920fSDavid van Moolenbroek }
4953e07920fSDavid van Moolenbroek
4963e07920fSDavid van Moolenbroek /*
4973e07920fSDavid van Moolenbroek * create and send certificate block
4983e07920fSDavid van Moolenbroek */
4993e07920fSDavid van Moolenbroek bool
sign_send_certificate_block(struct signature_group_t * sg)5003e07920fSDavid van Moolenbroek sign_send_certificate_block(struct signature_group_t *sg)
5013e07920fSDavid van Moolenbroek {
5023e07920fSDavid van Moolenbroek struct filed_queue *fq;
5033e07920fSDavid van Moolenbroek struct buf_msg *buffer;
5043e07920fSDavid van Moolenbroek char *tstamp;
5053e07920fSDavid van Moolenbroek char payload[SIGN_MAX_PAYLOAD_LENGTH];
5063e07920fSDavid van Moolenbroek char sd[SIGN_MAX_SD_LENGTH];
507*e1cdaee1SLionel Sambuc #if !defined(NDEBUG) && defined(__minix)
5083e07920fSDavid van Moolenbroek size_t payload_len, sd_len, fragment_len;
509*e1cdaee1SLionel Sambuc #else
510*e1cdaee1SLionel Sambuc size_t payload_len, fragment_len;
511*e1cdaee1SLionel Sambuc #endif /* !defined(NDEBUG) && defined(__minix) */
5123e07920fSDavid van Moolenbroek size_t payload_index = 0;
5133e07920fSDavid van Moolenbroek
5143e07920fSDavid van Moolenbroek /* do nothing if CBs already sent or if there was no message in SG */
5153e07920fSDavid van Moolenbroek if (!sg->resendcount
5163e07920fSDavid van Moolenbroek || ((sg->resendcount == SIGN_RESENDCOUNT_CERTBLOCK)
5173e07920fSDavid van Moolenbroek && STAILQ_EMPTY(&sg->hashes)))
5183e07920fSDavid van Moolenbroek return false;
5193e07920fSDavid van Moolenbroek
5203e07920fSDavid van Moolenbroek DPRINTF((D_CALL|D_SIGN), "sign_send_certificate_block(%p)\n", sg);
5210a6a1f1dSLionel Sambuc tstamp = make_timestamp(NULL, true, (size_t)-1);
5223e07920fSDavid van Moolenbroek
5233e07920fSDavid van Moolenbroek payload_len = snprintf(payload, sizeof(payload), "%s %c %s", tstamp,
5243e07920fSDavid van Moolenbroek GlobalSign.keytype, GlobalSign.pubkey_b64);
5253e07920fSDavid van Moolenbroek if (payload_len >= sizeof(payload)) {
5263e07920fSDavid van Moolenbroek DPRINTF(D_SIGN, "Buffer too small for syslog-sign setup\n");
5273e07920fSDavid van Moolenbroek return false;
5283e07920fSDavid van Moolenbroek }
5293e07920fSDavid van Moolenbroek
5303e07920fSDavid van Moolenbroek while (payload_index < payload_len) {
5313e07920fSDavid van Moolenbroek if (payload_len - payload_index <= SIGN_MAX_FRAG_LENGTH)
5323e07920fSDavid van Moolenbroek fragment_len = payload_len - payload_index;
5333e07920fSDavid van Moolenbroek else
5343e07920fSDavid van Moolenbroek fragment_len = SIGN_MAX_FRAG_LENGTH;
5353e07920fSDavid van Moolenbroek
536*e1cdaee1SLionel Sambuc #if !defined(NDEBUG) && defined(__minix)
5373e07920fSDavid van Moolenbroek /* format SD */
538*e1cdaee1SLionel Sambuc sd_len =
539*e1cdaee1SLionel Sambuc #endif /* !defined(NDEBUG) && defined(__minix) */
540*e1cdaee1SLionel Sambuc snprintf(sd, sizeof(sd), "[ssign-cert "
5413e07920fSDavid van Moolenbroek "VER=\"%s\" RSID=\"%" PRIuFAST64 "\" SG=\"%d\" "
5423e07920fSDavid van Moolenbroek "SPRI=\"%d\" TBPL=\"%zu\" INDEX=\"%zu\" "
5433e07920fSDavid van Moolenbroek "FLEN=\"%zu\" FRAG=\"%.*s\" "
5443e07920fSDavid van Moolenbroek "SIGN=\"\"]",
5453e07920fSDavid van Moolenbroek GlobalSign.ver, GlobalSign.rsid, GlobalSign.sg,
5463e07920fSDavid van Moolenbroek sg->spri, payload_len, payload_index+1,
5473e07920fSDavid van Moolenbroek fragment_len, (int)fragment_len,
5483e07920fSDavid van Moolenbroek &payload[payload_index]);
5493e07920fSDavid van Moolenbroek assert(sd_len < sizeof(sd));
5503e07920fSDavid van Moolenbroek assert(sd[sd_len] == '\0');
5513e07920fSDavid van Moolenbroek assert(sd[sd_len-1] == ']');
5523e07920fSDavid van Moolenbroek assert(sd[sd_len-2] == '"');
5533e07920fSDavid van Moolenbroek
5543e07920fSDavid van Moolenbroek if (!sign_msg_sign(&buffer, sd, sizeof(sd)))
5553e07920fSDavid van Moolenbroek return 0;
5563e07920fSDavid van Moolenbroek DPRINTF((D_CALL|D_SIGN), "sign_send_certificate_block(): "
5573e07920fSDavid van Moolenbroek "calling fprintlog()\n");
5583e07920fSDavid van Moolenbroek
5593e07920fSDavid van Moolenbroek STAILQ_FOREACH(fq, &sg->files, entries) {
5603e07920fSDavid van Moolenbroek /* we have to preserve the f_prevcount */
5613e07920fSDavid van Moolenbroek int tmpcnt;
5623e07920fSDavid van Moolenbroek tmpcnt = fq->f->f_prevcount;
5633e07920fSDavid van Moolenbroek fprintlog(fq->f, buffer, NULL);
5643e07920fSDavid van Moolenbroek fq->f->f_prevcount = tmpcnt;
5653e07920fSDavid van Moolenbroek }
5663e07920fSDavid van Moolenbroek sign_inc_gbc();
5673e07920fSDavid van Moolenbroek DELREF(buffer);
5683e07920fSDavid van Moolenbroek payload_index += fragment_len;
5693e07920fSDavid van Moolenbroek }
5703e07920fSDavid van Moolenbroek sg->resendcount--;
5713e07920fSDavid van Moolenbroek return true;
5723e07920fSDavid van Moolenbroek }
5733e07920fSDavid van Moolenbroek
5743e07920fSDavid van Moolenbroek /*
5753e07920fSDavid van Moolenbroek * determine the SG for a message
5763e07920fSDavid van Moolenbroek * returns NULL if -sign not configured or no SG for this priority
5773e07920fSDavid van Moolenbroek */
5783e07920fSDavid van Moolenbroek struct signature_group_t *
sign_get_sg(int pri,struct filed * f)5793e07920fSDavid van Moolenbroek sign_get_sg(int pri, struct filed *f)
5803e07920fSDavid van Moolenbroek {
5813e07920fSDavid van Moolenbroek struct signature_group_t *sg, *rc = NULL;
5823e07920fSDavid van Moolenbroek
5833e07920fSDavid van Moolenbroek if (GlobalSign.rsid && f)
5843e07920fSDavid van Moolenbroek switch (GlobalSign.sg) {
5853e07920fSDavid van Moolenbroek case 0:
5863e07920fSDavid van Moolenbroek rc = f->f_sg;
5873e07920fSDavid van Moolenbroek break;
5883e07920fSDavid van Moolenbroek case 1:
5893e07920fSDavid van Moolenbroek case 2:
5903e07920fSDavid van Moolenbroek STAILQ_FOREACH(sg, &GlobalSign.SigGroups, entries) {
5913e07920fSDavid van Moolenbroek if (sg->spri >= (unsigned int)pri) {
5923e07920fSDavid van Moolenbroek rc = sg;
5933e07920fSDavid van Moolenbroek break;
5943e07920fSDavid van Moolenbroek }
5953e07920fSDavid van Moolenbroek }
5963e07920fSDavid van Moolenbroek break;
5973e07920fSDavid van Moolenbroek case 3:
5983e07920fSDavid van Moolenbroek if (f->f_flags & FFLAG_SIGN)
5993e07920fSDavid van Moolenbroek rc = f->f_sg;
6003e07920fSDavid van Moolenbroek else
6013e07920fSDavid van Moolenbroek rc = NULL;
6023e07920fSDavid van Moolenbroek break;
6033e07920fSDavid van Moolenbroek }
6043e07920fSDavid van Moolenbroek
6053e07920fSDavid van Moolenbroek DPRINTF((D_CALL|D_SIGN), "sign_get_sg(%d, %p) --> %p\n", pri, f, rc);
6063e07920fSDavid van Moolenbroek return rc;
6073e07920fSDavid van Moolenbroek }
6083e07920fSDavid van Moolenbroek
6093e07920fSDavid van Moolenbroek /*
6103e07920fSDavid van Moolenbroek * create and send signature block
6113e07920fSDavid van Moolenbroek *
6123e07920fSDavid van Moolenbroek * uses a sliding window for redundancy
6133e07920fSDavid van Moolenbroek * if force==true then simply send all available hashes, e.g. on shutdown
6143e07920fSDavid van Moolenbroek *
6153e07920fSDavid van Moolenbroek * sliding window checks implicitly assume that new hashes are appended
6163e07920fSDavid van Moolenbroek * to the SG between two calls. if that is not the case (e.g. with repeated
6173e07920fSDavid van Moolenbroek * messages) the queue size will shrink.
6183e07920fSDavid van Moolenbroek * this has no negative consequences except generating more and shorter SBs
6193e07920fSDavid van Moolenbroek * than expected and confusing the operator because two consecutive SBs will
6203e07920fSDavid van Moolenbroek * have same FMNn
6213e07920fSDavid van Moolenbroek */
6223e07920fSDavid van Moolenbroek unsigned
sign_send_signature_block(struct signature_group_t * sg,bool force)6233e07920fSDavid van Moolenbroek sign_send_signature_block(struct signature_group_t *sg, bool force)
6243e07920fSDavid van Moolenbroek {
6253e07920fSDavid van Moolenbroek char sd[SIGN_MAX_SD_LENGTH];
6263e07920fSDavid van Moolenbroek size_t sd_len;
6273e07920fSDavid van Moolenbroek size_t sg_num_hashes = 0; /* hashes in SG queue */
6283e07920fSDavid van Moolenbroek size_t hashes_in_sb = 0; /* number of hashes in current SB */
6293e07920fSDavid van Moolenbroek size_t hashes_sent = 0; /* count of hashes sent */
6303e07920fSDavid van Moolenbroek struct string_queue *qentry, *old_qentry;
6313e07920fSDavid van Moolenbroek struct buf_msg *buffer;
6323e07920fSDavid van Moolenbroek struct filed_queue *fq;
6333e07920fSDavid van Moolenbroek size_t i;
6343e07920fSDavid van Moolenbroek
6353e07920fSDavid van Moolenbroek if (!sg) return 0;
6363e07920fSDavid van Moolenbroek DPRINTF((D_CALL|D_SIGN), "sign_send_signature_block(%p, %d)\n",
6373e07920fSDavid van Moolenbroek sg, force);
6383e07920fSDavid van Moolenbroek
6393e07920fSDavid van Moolenbroek STAILQ_FOREACH(qentry, &sg->hashes, entries)
6403e07920fSDavid van Moolenbroek sg_num_hashes++;
6413e07920fSDavid van Moolenbroek
6423e07920fSDavid van Moolenbroek /* only act if a division is full */
6433e07920fSDavid van Moolenbroek if (!sg_num_hashes
6443e07920fSDavid van Moolenbroek || (!force && (sg_num_hashes % SIGN_HASH_DIVISION_NUM)))
6453e07920fSDavid van Moolenbroek return 0;
6463e07920fSDavid van Moolenbroek
6473e07920fSDavid van Moolenbroek /* if no CB sent so far then do now, just before first SB */
6483e07920fSDavid van Moolenbroek if (sg->resendcount == SIGN_RESENDCOUNT_CERTBLOCK)
6493e07920fSDavid van Moolenbroek sign_send_certificate_block(sg);
6503e07920fSDavid van Moolenbroek
6513e07920fSDavid van Moolenbroek /* shortly after reboot we have shorter SBs */
6523e07920fSDavid van Moolenbroek hashes_in_sb = MIN(sg_num_hashes, SIGN_HASH_NUM);
6533e07920fSDavid van Moolenbroek
6543e07920fSDavid van Moolenbroek DPRINTF(D_SIGN, "sign_send_signature_block(): "
6553e07920fSDavid van Moolenbroek "sg_num_hashes = %zu, hashes_in_sb = %zu, SIGN_HASH_NUM = %d\n",
6563e07920fSDavid van Moolenbroek sg_num_hashes, hashes_in_sb, SIGN_HASH_NUM);
6573e07920fSDavid van Moolenbroek if (sg_num_hashes > SIGN_HASH_NUM) {
6583e07920fSDavid van Moolenbroek DPRINTF(D_SIGN, "sign_send_signature_block(): sg_num_hashes"
6593e07920fSDavid van Moolenbroek " > SIGN_HASH_NUM -- This should not happen!\n");
6603e07920fSDavid van Moolenbroek }
6613e07920fSDavid van Moolenbroek
6623e07920fSDavid van Moolenbroek /* now the SD */
6633e07920fSDavid van Moolenbroek qentry = STAILQ_FIRST(&sg->hashes);
6643e07920fSDavid van Moolenbroek sd_len = snprintf(sd, sizeof(sd), "[ssign "
6653e07920fSDavid van Moolenbroek "VER=\"%s\" RSID=\"%" PRIuFAST64 "\" SG=\"%d\" "
6663e07920fSDavid van Moolenbroek "SPRI=\"%d\" GBC=\"%" PRIuFAST64 "\" FMN=\"%" PRIuFAST64 "\" "
6673e07920fSDavid van Moolenbroek "CNT=\"%zu\" HB=\"",
6683e07920fSDavid van Moolenbroek GlobalSign.ver, GlobalSign.rsid, GlobalSign.sg,
6693e07920fSDavid van Moolenbroek sg->spri, GlobalSign.gbc, qentry->key,
6703e07920fSDavid van Moolenbroek hashes_in_sb);
6713e07920fSDavid van Moolenbroek while (hashes_sent < hashes_in_sb) {
6723e07920fSDavid van Moolenbroek assert(qentry);
6733e07920fSDavid van Moolenbroek sd_len += snprintf(sd+sd_len, sizeof(sd)-sd_len, "%s ",
6743e07920fSDavid van Moolenbroek qentry->data);
6753e07920fSDavid van Moolenbroek hashes_sent++;
6763e07920fSDavid van Moolenbroek qentry = STAILQ_NEXT(qentry, entries);
6773e07920fSDavid van Moolenbroek }
6783e07920fSDavid van Moolenbroek /* overwrite last space and close SD */
6793e07920fSDavid van Moolenbroek assert(sd_len < sizeof(sd));
6803e07920fSDavid van Moolenbroek assert(sd[sd_len] == '\0');
6813e07920fSDavid van Moolenbroek assert(sd[sd_len-1] == ' ');
6823e07920fSDavid van Moolenbroek sd[sd_len-1] = '\0';
6833e07920fSDavid van Moolenbroek sd_len = strlcat(sd, "\" SIGN=\"\"]", sizeof(sd));
6843e07920fSDavid van Moolenbroek
6853e07920fSDavid van Moolenbroek if (sign_msg_sign(&buffer, sd, sizeof(sd))) {
6863e07920fSDavid van Moolenbroek DPRINTF((D_CALL|D_SIGN), "sign_send_signature_block(): calling"
6873e07920fSDavid van Moolenbroek " fprintlog(), sending %zu out of %zu hashes\n",
6883e07920fSDavid van Moolenbroek MIN(SIGN_MAX_HASH_NUM, sg_num_hashes), sg_num_hashes);
6893e07920fSDavid van Moolenbroek
6903e07920fSDavid van Moolenbroek STAILQ_FOREACH(fq, &sg->files, entries) {
6913e07920fSDavid van Moolenbroek int tmpcnt;
6923e07920fSDavid van Moolenbroek tmpcnt = fq->f->f_prevcount;
6933e07920fSDavid van Moolenbroek fprintlog(fq->f, buffer, NULL);
6943e07920fSDavid van Moolenbroek fq->f->f_prevcount = tmpcnt;
6953e07920fSDavid van Moolenbroek }
6963e07920fSDavid van Moolenbroek sign_inc_gbc();
6973e07920fSDavid van Moolenbroek DELREF(buffer);
6983e07920fSDavid van Moolenbroek }
6993e07920fSDavid van Moolenbroek /* always drop the oldest division of hashes */
7003e07920fSDavid van Moolenbroek if (sg_num_hashes >= SIGN_HASH_NUM) {
7013e07920fSDavid van Moolenbroek qentry = STAILQ_FIRST(&sg->hashes);
7023e07920fSDavid van Moolenbroek for (i = 0; i < SIGN_HASH_DIVISION_NUM; i++) {
7033e07920fSDavid van Moolenbroek old_qentry = qentry;
7043e07920fSDavid van Moolenbroek qentry = STAILQ_NEXT(old_qentry, entries);
7053e07920fSDavid van Moolenbroek STAILQ_REMOVE(&sg->hashes, old_qentry,
7063e07920fSDavid van Moolenbroek string_queue, entries);
7073e07920fSDavid van Moolenbroek FREEPTR(old_qentry->data);
7083e07920fSDavid van Moolenbroek FREEPTR(old_qentry);
7093e07920fSDavid van Moolenbroek }
7103e07920fSDavid van Moolenbroek }
7113e07920fSDavid van Moolenbroek return hashes_sent;
7123e07920fSDavid van Moolenbroek }
7133e07920fSDavid van Moolenbroek
7143e07920fSDavid van Moolenbroek void
sign_free_hashes(struct signature_group_t * sg)7153e07920fSDavid van Moolenbroek sign_free_hashes(struct signature_group_t *sg)
7163e07920fSDavid van Moolenbroek {
7173e07920fSDavid van Moolenbroek DPRINTF((D_CALL|D_SIGN), "sign_free_hashes(%p)\n", sg);
7183e07920fSDavid van Moolenbroek sign_free_string_queue(&sg->hashes);
7193e07920fSDavid van Moolenbroek }
7203e07920fSDavid van Moolenbroek
7213e07920fSDavid van Moolenbroek void
sign_free_string_queue(struct string_queue_head * sqhead)7223e07920fSDavid van Moolenbroek sign_free_string_queue(struct string_queue_head *sqhead)
7233e07920fSDavid van Moolenbroek {
7243e07920fSDavid van Moolenbroek struct string_queue *qentry, *tmp_qentry;
7253e07920fSDavid van Moolenbroek
7263e07920fSDavid van Moolenbroek DPRINTF((D_CALL|D_SIGN), "sign_free_string_queue(%p)\n", sqhead);
7273e07920fSDavid van Moolenbroek STAILQ_FOREACH_SAFE(qentry, sqhead, entries, tmp_qentry) {
7283e07920fSDavid van Moolenbroek STAILQ_REMOVE(sqhead, qentry, string_queue, entries);
7293e07920fSDavid van Moolenbroek FREEPTR(qentry->data);
7303e07920fSDavid van Moolenbroek free(qentry);
7313e07920fSDavid van Moolenbroek }
7323e07920fSDavid van Moolenbroek assert(STAILQ_EMPTY(sqhead));
7333e07920fSDavid van Moolenbroek }
7343e07920fSDavid van Moolenbroek
7353e07920fSDavid van Moolenbroek /*
7363e07920fSDavid van Moolenbroek * hash one syslog message
7373e07920fSDavid van Moolenbroek */
7383e07920fSDavid van Moolenbroek bool
sign_msg_hash(char * line,char ** hash)7393e07920fSDavid van Moolenbroek sign_msg_hash(char *line, char **hash)
7403e07920fSDavid van Moolenbroek {
7413e07920fSDavid van Moolenbroek unsigned char md_value[EVP_MAX_MD_SIZE];
7423e07920fSDavid van Moolenbroek unsigned char md_b64[EVP_MAX_MD_SIZE*2];
7433e07920fSDavid van Moolenbroek /* TODO: exact expression for b64 length? */
7443e07920fSDavid van Moolenbroek unsigned md_len = 0;
7453e07920fSDavid van Moolenbroek
7463e07920fSDavid van Moolenbroek DPRINTF((D_CALL|D_SIGN), "sign_msg_hash('%s')\n", line);
7473e07920fSDavid van Moolenbroek
7483e07920fSDavid van Moolenbroek SSL_CHECK_ONE(EVP_DigestInit_ex(GlobalSign.mdctx, GlobalSign.md, NULL));
7493e07920fSDavid van Moolenbroek SSL_CHECK_ONE(EVP_DigestUpdate(GlobalSign.mdctx, line, strlen(line)));
7503e07920fSDavid van Moolenbroek SSL_CHECK_ONE(EVP_DigestFinal_ex(GlobalSign.mdctx, md_value, &md_len));
7513e07920fSDavid van Moolenbroek
7523e07920fSDavid van Moolenbroek b64_ntop(md_value, md_len, (char *)md_b64, EVP_MAX_MD_SIZE*2);
7533e07920fSDavid van Moolenbroek *hash = strdup((char *)md_b64);
7543e07920fSDavid van Moolenbroek
7553e07920fSDavid van Moolenbroek DPRINTF((D_CALL|D_SIGN), "sign_msg_hash() --> \"%s\"\n", *hash);
7563e07920fSDavid van Moolenbroek return true;
7573e07920fSDavid van Moolenbroek }
7583e07920fSDavid van Moolenbroek
7593e07920fSDavid van Moolenbroek /*
7603e07920fSDavid van Moolenbroek * append hash to SG queue
7613e07920fSDavid van Moolenbroek */
7623e07920fSDavid van Moolenbroek bool
sign_append_hash(char * hash,struct signature_group_t * sg)7633e07920fSDavid van Moolenbroek sign_append_hash(char *hash, struct signature_group_t *sg)
7643e07920fSDavid van Moolenbroek {
7653e07920fSDavid van Moolenbroek struct string_queue *qentry;
7663e07920fSDavid van Moolenbroek
7673e07920fSDavid van Moolenbroek /* if one SG is shared by several destinations
7683e07920fSDavid van Moolenbroek * prevent duplicate entries */
7693e07920fSDavid van Moolenbroek if ((qentry = STAILQ_LAST(&sg->hashes, string_queue, entries))
7703e07920fSDavid van Moolenbroek && !strcmp(qentry->data, hash)) {
7713e07920fSDavid van Moolenbroek DPRINTF((D_CALL|D_SIGN), "sign_append_hash('%s', %p): "
7723e07920fSDavid van Moolenbroek "hash already in queue\n", hash, sg);
7733e07920fSDavid van Moolenbroek return false;
7743e07920fSDavid van Moolenbroek }
7753e07920fSDavid van Moolenbroek
7763e07920fSDavid van Moolenbroek MALLOC(qentry, sizeof(*qentry));
7773e07920fSDavid van Moolenbroek qentry->key = sign_assign_msg_num(sg);
7783e07920fSDavid van Moolenbroek qentry->data = hash;
7793e07920fSDavid van Moolenbroek STAILQ_INSERT_TAIL(&sg->hashes, qentry, entries);
7803e07920fSDavid van Moolenbroek DPRINTF((D_CALL|D_SIGN), "sign_append_hash('%s', %p): "
7813e07920fSDavid van Moolenbroek "#%" PRIdFAST64 "\n", hash, sg, qentry->key);
7823e07920fSDavid van Moolenbroek return true;
7833e07920fSDavid van Moolenbroek }
7843e07920fSDavid van Moolenbroek
7853e07920fSDavid van Moolenbroek /*
7863e07920fSDavid van Moolenbroek * sign one syslog-sign message
7873e07920fSDavid van Moolenbroek *
7883e07920fSDavid van Moolenbroek * requires a ssign or ssigt-cert SD element
7893e07920fSDavid van Moolenbroek * ending with ' SIGN=""]' in sd
7903e07920fSDavid van Moolenbroek * linesize is available memory (= sizeof(sd))
7913e07920fSDavid van Moolenbroek *
7923e07920fSDavid van Moolenbroek * function will calculate signature and return a new buffer
7933e07920fSDavid van Moolenbroek */
7943e07920fSDavid van Moolenbroek bool
sign_msg_sign(struct buf_msg ** bufferptr,char * sd,size_t linesize)7953e07920fSDavid van Moolenbroek sign_msg_sign(struct buf_msg **bufferptr, char *sd, size_t linesize)
7963e07920fSDavid van Moolenbroek {
7973e07920fSDavid van Moolenbroek char *signature, *line;
7983e07920fSDavid van Moolenbroek size_t linelen, tlsprefixlen, endptr, newlinelen;
7993e07920fSDavid van Moolenbroek struct buf_msg *buffer;
8003e07920fSDavid van Moolenbroek
8013e07920fSDavid van Moolenbroek DPRINTF((D_CALL|D_SIGN), "sign_msg_sign()\n");
8023e07920fSDavid van Moolenbroek endptr = strlen(sd);
8033e07920fSDavid van Moolenbroek
8043e07920fSDavid van Moolenbroek assert(endptr < linesize);
8053e07920fSDavid van Moolenbroek assert(sd[endptr] == '\0');
8063e07920fSDavid van Moolenbroek assert(sd[endptr-1] == ']');
8073e07920fSDavid van Moolenbroek assert(sd[endptr-2] == '"');
8083e07920fSDavid van Moolenbroek
8093e07920fSDavid van Moolenbroek /* set up buffer */
8103e07920fSDavid van Moolenbroek buffer = buf_msg_new(0);
8110a6a1f1dSLionel Sambuc buffer->timestamp = make_timestamp(NULL, !BSDOutputFormat, 0);
8123e07920fSDavid van Moolenbroek buffer->prog = appname;
8133e07920fSDavid van Moolenbroek buffer->pid = include_pid;
8143e07920fSDavid van Moolenbroek buffer->recvhost = buffer->host = LocalFQDN;
8153e07920fSDavid van Moolenbroek buffer->pri = 110;
8163e07920fSDavid van Moolenbroek buffer->flags = IGN_CONS|SIGN_MSG;
8173e07920fSDavid van Moolenbroek buffer->sd = sd;
8183e07920fSDavid van Moolenbroek
8193e07920fSDavid van Moolenbroek /* SD ready, now format and sign */
8203e07920fSDavid van Moolenbroek if (!format_buffer(buffer, &line, &linelen, NULL,
8213e07920fSDavid van Moolenbroek &tlsprefixlen, NULL)) {
8223e07920fSDavid van Moolenbroek DPRINTF((D_CALL|D_SIGN), "sign_send_signature_block():"
8233e07920fSDavid van Moolenbroek " format_buffer() failed\n");
8243e07920fSDavid van Moolenbroek buffer->sd = NULL;
8253e07920fSDavid van Moolenbroek DELREF(buffer);
8263e07920fSDavid van Moolenbroek return false;
8273e07920fSDavid van Moolenbroek }
8283e07920fSDavid van Moolenbroek if (!sign_string_sign(line+tlsprefixlen, &signature)) {
8293e07920fSDavid van Moolenbroek DPRINTF((D_CALL|D_SIGN), "sign_send_signature_block():"
8303e07920fSDavid van Moolenbroek " sign_string_sign() failed\n");
8313e07920fSDavid van Moolenbroek buffer->sd = NULL;
8323e07920fSDavid van Moolenbroek DELREF(buffer);
8333e07920fSDavid van Moolenbroek FREEPTR(line);
8343e07920fSDavid van Moolenbroek return false;
8353e07920fSDavid van Moolenbroek }
8363e07920fSDavid van Moolenbroek FREEPTR(line);
8373e07920fSDavid van Moolenbroek sd[endptr-2] = '\0';
8383e07920fSDavid van Moolenbroek newlinelen = strlcat(sd, signature, linesize);
8393e07920fSDavid van Moolenbroek newlinelen = strlcat(sd, "\"]", linesize);
8403e07920fSDavid van Moolenbroek
8413e07920fSDavid van Moolenbroek if (newlinelen >= linesize) {
8423e07920fSDavid van Moolenbroek DPRINTF(D_SIGN, "sign_send_signature_block(): "
8433e07920fSDavid van Moolenbroek "buffer too small\n");
8443e07920fSDavid van Moolenbroek buffer->sd = NULL;
8453e07920fSDavid van Moolenbroek DELREF(buffer);
8463e07920fSDavid van Moolenbroek return false;
8473e07920fSDavid van Moolenbroek }
8483e07920fSDavid van Moolenbroek assert(newlinelen < linesize);
8493e07920fSDavid van Moolenbroek assert(sd[newlinelen] == '\0');
8503e07920fSDavid van Moolenbroek assert(sd[newlinelen-1] == ']');
8513e07920fSDavid van Moolenbroek assert(sd[newlinelen-2] == '"');
8523e07920fSDavid van Moolenbroek
8533e07920fSDavid van Moolenbroek buffer->sd = strdup(sd);
8543e07920fSDavid van Moolenbroek *bufferptr = buffer;
8553e07920fSDavid van Moolenbroek return true;
8563e07920fSDavid van Moolenbroek }
8573e07920fSDavid van Moolenbroek
8583e07920fSDavid van Moolenbroek /*
8593e07920fSDavid van Moolenbroek * sign one string
8603e07920fSDavid van Moolenbroek */
8613e07920fSDavid van Moolenbroek bool
sign_string_sign(char * line,char ** signature)8623e07920fSDavid van Moolenbroek sign_string_sign(char *line, char **signature)
8633e07920fSDavid van Moolenbroek {
8643e07920fSDavid van Moolenbroek char buf[SIGN_MAX_LENGTH+1];
8653e07920fSDavid van Moolenbroek unsigned char sig_value[SIGN_B64SIGLEN_DSS];
8663e07920fSDavid van Moolenbroek unsigned char sig_b64[SIGN_B64SIGLEN_DSS];
8673e07920fSDavid van Moolenbroek unsigned sig_len = 0;
8683e07920fSDavid van Moolenbroek char *p, *q;
8693e07920fSDavid van Moolenbroek /*
8703e07920fSDavid van Moolenbroek * The signature is calculated over the completely formatted
8713e07920fSDavid van Moolenbroek * syslog-message, including all of the PRI, HEADER, and hashes
8723e07920fSDavid van Moolenbroek * in the hash block, excluding spaces between fields, and also
8733e07920fSDavid van Moolenbroek * excluding the signature field (SD Parameter Name "SIGN", "=",
8743e07920fSDavid van Moolenbroek * and corresponding value).
8753e07920fSDavid van Moolenbroek *
8763e07920fSDavid van Moolenbroek * -- I am not quite sure which spaces are to be removed.
8773e07920fSDavid van Moolenbroek * Only the ones inside the "ssign" element or those between
8783e07920fSDavid van Moolenbroek * header fields as well?
8793e07920fSDavid van Moolenbroek */
8803e07920fSDavid van Moolenbroek /* removes the string ' SIGN=""' */
8813e07920fSDavid van Moolenbroek for (p = line, q = buf;
8823e07920fSDavid van Moolenbroek *p && (q - buf <= SIGN_MAX_LENGTH);) {
8833e07920fSDavid van Moolenbroek if (strncmp(p, " SIGN=\"\"", 8) == 0)
8843e07920fSDavid van Moolenbroek p += 8;
8853e07920fSDavid van Moolenbroek *q++ = *p++;
8863e07920fSDavid van Moolenbroek }
8873e07920fSDavid van Moolenbroek *q = '\0';
8883e07920fSDavid van Moolenbroek
8893e07920fSDavid van Moolenbroek SSL_CHECK_ONE(EVP_SignInit(GlobalSign.sigctx, GlobalSign.sig));
8903e07920fSDavid van Moolenbroek SSL_CHECK_ONE(EVP_SignUpdate(GlobalSign.sigctx, buf, q-buf));
8913e07920fSDavid van Moolenbroek assert(GlobalSign.privkey);
8923e07920fSDavid van Moolenbroek SSL_CHECK_ONE(EVP_SignFinal(GlobalSign.sigctx, sig_value, &sig_len,
8933e07920fSDavid van Moolenbroek GlobalSign.privkey));
8943e07920fSDavid van Moolenbroek
8953e07920fSDavid van Moolenbroek b64_ntop(sig_value, sig_len, (char *)sig_b64, sizeof(sig_b64));
8963e07920fSDavid van Moolenbroek *signature = strdup((char *)sig_b64);
8973e07920fSDavid van Moolenbroek
8983e07920fSDavid van Moolenbroek DPRINTF((D_CALL|D_SIGN), "sign_string_sign('%s') --> '%s'\n",
8993e07920fSDavid van Moolenbroek buf, *signature);
9003e07920fSDavid van Moolenbroek return *signature != NULL;
9013e07920fSDavid van Moolenbroek }
9023e07920fSDavid van Moolenbroek
9033e07920fSDavid van Moolenbroek void
sign_new_reboot_session(void)9043e07920fSDavid van Moolenbroek sign_new_reboot_session(void)
9053e07920fSDavid van Moolenbroek {
9063e07920fSDavid van Moolenbroek struct signature_group_t *sg;
9073e07920fSDavid van Moolenbroek
9083e07920fSDavid van Moolenbroek DPRINTF((D_CALL|D_SIGN), "sign_new_reboot_session()\n");
9093e07920fSDavid van Moolenbroek
9103e07920fSDavid van Moolenbroek /* global counters */
9113e07920fSDavid van Moolenbroek GlobalSign.gbc = 0;
9123e07920fSDavid van Moolenbroek /* might be useful for later analysis:
9133e07920fSDavid van Moolenbroek * rebooted session IDs are sequential,
9143e07920fSDavid van Moolenbroek * normal IDs are almost always not */
9153e07920fSDavid van Moolenbroek GlobalSign.rsid++;
9163e07920fSDavid van Moolenbroek
9173e07920fSDavid van Moolenbroek assert(GlobalSign.sg <= 3);
9183e07920fSDavid van Moolenbroek /* reset SGs */
9193e07920fSDavid van Moolenbroek STAILQ_FOREACH(sg, &GlobalSign.SigGroups, entries) {
9203e07920fSDavid van Moolenbroek sg->resendcount = SIGN_RESENDCOUNT_CERTBLOCK;
9213e07920fSDavid van Moolenbroek sg->last_msg_num = 1;
9223e07920fSDavid van Moolenbroek }
9233e07920fSDavid van Moolenbroek }
9243e07920fSDavid van Moolenbroek
9253e07920fSDavid van Moolenbroek /* get msg_num, increment counter, check overflow */
9263e07920fSDavid van Moolenbroek uint_fast64_t
sign_assign_msg_num(struct signature_group_t * sg)9273e07920fSDavid van Moolenbroek sign_assign_msg_num(struct signature_group_t *sg)
9283e07920fSDavid van Moolenbroek {
9293e07920fSDavid van Moolenbroek uint_fast64_t old;
9303e07920fSDavid van Moolenbroek
9313e07920fSDavid van Moolenbroek old = sg->last_msg_num++;
9323e07920fSDavid van Moolenbroek if (sg->last_msg_num > SIGN_MAX_COUNT)
9333e07920fSDavid van Moolenbroek sign_new_reboot_session();
9343e07920fSDavid van Moolenbroek return old;
9353e07920fSDavid van Moolenbroek }
9363e07920fSDavid van Moolenbroek
9373e07920fSDavid van Moolenbroek
9383e07920fSDavid van Moolenbroek /* increment gbc, check overflow */
9393e07920fSDavid van Moolenbroek void
sign_inc_gbc(void)9403e07920fSDavid van Moolenbroek sign_inc_gbc(void)
9413e07920fSDavid van Moolenbroek {
9423e07920fSDavid van Moolenbroek if (++GlobalSign.gbc > SIGN_MAX_COUNT)
9433e07920fSDavid van Moolenbroek sign_new_reboot_session();
9443e07920fSDavid van Moolenbroek }
9453e07920fSDavid van Moolenbroek #endif /* !DISABLE_SIGN */
946