Browse Source

Store SHA256 hash with share configuration

Recognize a sha256= parameter in share URIs. If such a parameter
is found, store the hash value in the share structure for later
verification.
develop
Damien Goutte-Gattat 5 years ago
parent
commit
02c1654f69
  1. 58
      src/secretcfg.c
  2. 2
      src/share.c
  3. 1
      src/share.h

58
src/secretcfg.c

@ -125,6 +125,57 @@ parse_path(const char **uri)
return path;
}
/**
* Parses a hexadecimal-encoded SHA-256 hash value.
*
* @param hex The encoded hash to parse.
* @param len The length of the \a hex buffer.
*
* @return A newly allocated buffer containing the
* hash value, or NULL if an error occured.
*/
static unsigned char *
parse_sha256(const char *hex, size_t len)
{
unsigned char *sha256 = NULL;
unsigned n;
if ( len != 64 ) {
errno = EBADMSG;
return NULL;
}
if ( ! (sha256 = malloc(32)) )
return NULL;
for ( n = 0; n < len; n++ ) {
unsigned char h, val;
h = hex[n];
if ( h >= '0' && h <= '9' )
val = h - '0';
else if ( h >= 'A' && h <= 'F' )
val = h - 'A' + 10;
else if ( h >= 'a' && h <= 'f' )
val = h - 'a' + 10;
else
n = 99;
if ( n % 2 == 0 )
sha256[n / 2] = val << 4;
else
sha256[n / 2] += val;
}
if ( n == 100 ) {
free(sha256);
sha256 = NULL;
}
return sha256;
}
/**
* Parses a name=value parameter in the provided string.
* Advances the pointer to the next character after the
@ -157,6 +208,12 @@ parse_parameter(const char **uri, gfsec_share_t *share)
share->flags |= GFSEC_SHARE_FLAGS_FULL;
*uri = amp;
}
else if ( strncmp(*uri, "sha256", eq - *uri) == 0 ) {
amp = strchrnul(++eq, '&');
if ( ! (share->sha256 = parse_sha256(eq, amp - eq)) )
rc = -1;
*uri = amp;
}
else { /* Skip unknown parameter. */
while ( **uri != '\0' && **uri != '&' )
(*uri) += 1;
@ -223,6 +280,7 @@ parse_uri(const char *uri, gfsec_secret_config_t *cfg)
share->flags = GFSEC_SHARE_FLAGS_NONE;
share->length = 0;
share->data = NULL;
share->sha256 = NULL;
if ( strncmp(p, "file://", 7) == 0 && (p += 7) )
share->scheme = SCHEME_FILE;

2
src/share.c

@ -44,6 +44,8 @@ gfsec_destroy_share(gfsec_share_t *share, int linked)
memset(share->data, 0, share->length);
free(share->data);
}
if ( share->sha256 )
free(share->sha256);
if ( linked ) {
gfsec_share_t *tmp = share->next;

1
src/share.h

@ -40,6 +40,7 @@ typedef struct gfsec_share {
unsigned flags;
size_t length;
unsigned char *data;
unsigned char *sha256;
} gfsec_share_t;
#ifdef __cpluscplus

Loading…
Cancel
Save