summaryrefslogtreecommitdiff
path: root/src/journal
diff options
context:
space:
mode:
authorZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>2016-01-28 18:24:27 -0500
committerZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>2016-02-11 13:12:40 -0500
commit91e023d896dd5ca49dd440276f2241570acffd96 (patch)
treed1703b47d0765d60276c87d4e6826ba76cf3e7de /src/journal
parent75f32f047cc380bdb648faf3ee277f7dc3cdd007 (diff)
Move initialize_libgcrypt to separate file
It's annoying to have the exact same function in three places. It's stored in src/shared, but it's not added to the library to avoid the dependency on libgcrypt.
Diffstat (limited to 'src/journal')
-rw-r--r--src/journal/fsprg.c25
-rw-r--r--src/journal/journal-authenticate.c15
2 files changed, 8 insertions, 32 deletions
diff --git a/src/journal/fsprg.c b/src/journal/fsprg.c
index a9f564c249..12ae7449f9 100644
--- a/src/journal/fsprg.c
+++ b/src/journal/fsprg.c
@@ -32,6 +32,7 @@
#include <string.h>
#include "fsprg.h"
+#include "gcrypt-util.h"
#define ISVALID_SECPAR(secpar) (((secpar) % 16 == 0) && ((secpar) >= 16) && ((secpar) <= 16384))
#define VALIDATE_SECPAR(secpar) assert(ISVALID_SECPAR(secpar));
@@ -208,20 +209,6 @@ static void CRT_compose(gcry_mpi_t *x, const gcry_mpi_t xp, const gcry_mpi_t xq,
gcry_mpi_release(u);
}
-static void initialize_libgcrypt(void) {
- const char *p;
- if (gcry_control(GCRYCTL_INITIALIZATION_FINISHED_P))
- return;
-
- p = gcry_check_version("1.4.5");
- assert(p);
-
- /* Turn off "secmem". Clients which whish to make use of this
- * feature should initialize the library manually */
- gcry_control(GCRYCTL_DISABLE_SECMEM);
- gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
-}
-
/******************************************************************************/
size_t FSPRG_mskinbytes(unsigned _secpar) {
@@ -261,7 +248,7 @@ void FSPRG_GenMK(void *msk, void *mpk, const void *seed, size_t seedlen, unsigne
VALIDATE_SECPAR(_secpar);
secpar = _secpar;
- initialize_libgcrypt();
+ initialize_libgcrypt(false);
if (!seed) {
gcry_randomize(iseed, FSPRG_RECOMMENDED_SEEDLEN, GCRY_STRONG_RANDOM);
@@ -297,7 +284,7 @@ void FSPRG_GenState0(void *state, const void *mpk, const void *seed, size_t seed
gcry_mpi_t n, x;
uint16_t secpar;
- initialize_libgcrypt();
+ initialize_libgcrypt(false);
secpar = read_secpar(mpk + 0);
n = mpi_import(mpk + 2, secpar / 8);
@@ -316,7 +303,7 @@ void FSPRG_Evolve(void *state) {
uint16_t secpar;
uint64_t epoch;
- initialize_libgcrypt();
+ initialize_libgcrypt(false);
secpar = read_secpar(state + 0);
n = mpi_import(state + 2 + 0 * secpar / 8, secpar / 8);
@@ -343,7 +330,7 @@ void FSPRG_Seek(void *state, uint64_t epoch, const void *msk, const void *seed,
gcry_mpi_t p, q, n, x, xp, xq, kp, kq, xm;
uint16_t secpar;
- initialize_libgcrypt();
+ initialize_libgcrypt(false);
secpar = read_secpar(msk + 0);
p = mpi_import(msk + 2 + 0 * (secpar / 2) / 8, (secpar / 2) / 8);
@@ -382,7 +369,7 @@ void FSPRG_Seek(void *state, uint64_t epoch, const void *msk, const void *seed,
void FSPRG_GetKey(const void *state, void *key, size_t keylen, uint32_t idx) {
uint16_t secpar;
- initialize_libgcrypt();
+ initialize_libgcrypt(false);
secpar = read_secpar(state + 0);
det_randomize(key, keylen, state + 2, 2 * secpar / 8 + 8, idx);
diff --git a/src/journal/journal-authenticate.c b/src/journal/journal-authenticate.c
index aeec83da1e..45d7f4b340 100644
--- a/src/journal/journal-authenticate.c
+++ b/src/journal/journal-authenticate.c
@@ -24,6 +24,7 @@
#include "fd-util.h"
#include "fsprg.h"
+#include "gcrypt-util.h"
#include "hexdecoct.h"
#include "journal-authenticate.h"
#include "journal-def.h"
@@ -426,25 +427,13 @@ finish:
return r;
}
-static void initialize_libgcrypt(void) {
- const char *p;
-
- if (gcry_control(GCRYCTL_INITIALIZATION_FINISHED_P))
- return;
-
- p = gcry_check_version("1.4.5");
- assert(p);
-
- gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
-}
-
int journal_file_hmac_setup(JournalFile *f) {
gcry_error_t e;
if (!f->seal)
return 0;
- initialize_libgcrypt();
+ initialize_libgcrypt(true);
e = gcry_md_open(&f->hmac, GCRY_MD_SHA256, GCRY_MD_FLAG_HMAC);
if (e != 0)