From 5bc9299f0d1b0baf220b75da86520606e87c4b3a Mon Sep 17 00:00:00 2001
From: Daniel Borkmann <dborkman@redhat.com>
Date: Sat, 15 Jun 2013 18:42:03 +0200
Subject: curve: simplify curve25519_proto_init and others

Simplify the function curve25519_proto_init() and also have minor
cleanups in other related ones.

Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
---
 curve.c | 52 +++++++++++++++++++---------------------------------
 1 file changed, 19 insertions(+), 33 deletions(-)

(limited to 'curve.c')

diff --git a/curve.c b/curve.c
index 0876877..c77a0ad 100644
--- a/curve.c
+++ b/curve.c
@@ -12,6 +12,7 @@
 #include <syslog.h>
 #include <limits.h>
 #include <string.h>
+#include <pwd.h>
 #include <sys/types.h>
 #include <sys/time.h>
 #include <sys/stat.h>
@@ -60,59 +61,44 @@ void curve25519_free(void *curvep)
 {
 	struct curve25519_struct *curve = curvep;
 
-	memset(curve->enc, 0, curve->enc_size);
-	memset(curve->dec, 0, curve->dec_size);
-
-        xfree(curve->enc);
-        xfree(curve->dec);
+	xzfree(curve->enc, curve->enc_size);
+	xzfree(curve->dec, curve->dec_size);
 
         spinlock_destroy(&curve->enc_lock);
         spinlock_destroy(&curve->dec_lock);
 }
 
-int curve25519_proto_init(struct curve25519_proto *proto, unsigned char *pubkey_remote,
-			  size_t len, char *home, int server)
+void curve25519_proto_init(struct curve25519_proto *proto,
+			   unsigned char *pubkey_remote, size_t len)
 {
-	int fd;
-	ssize_t ret;
-	char path[PATH_MAX];
-	unsigned char secretkey_own[crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES];
-	unsigned char publickey_own[crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES];
+	int result;
+	char file[128];
+	struct passwd *pw = getpwuid(getuid());
+	unsigned char secretkey_own[crypto_box_sec_key_size];
+	unsigned char publickey_own[crypto_box_pub_key_size];
 
 	fmemset(secretkey_own, 0, sizeof(secretkey_own));
 	fmemset(publickey_own, 0, sizeof(publickey_own));
 
-	if (!pubkey_remote || len != sizeof(publickey_own))
-		return -EINVAL;
-
-	slprintf(path, sizeof(path), "%s/%s", home, FILE_PRIVKEY);
-	fd = open_or_die(path, O_RDONLY);
+	if (unlikely(!pubkey_remote || len != sizeof(publickey_own)))
+		panic("Invalid argument on curve25519_proto_init!\n");
 
-	ret = read(fd, secretkey_own, sizeof(secretkey_own));
-	if (ret != sizeof(secretkey_own)) {
-		xmemset(secretkey_own, 0, sizeof(secretkey_own));
-		panic("Cannot read private key!\n");
-	}
-
-	close(fd);
+	slprintf(file, sizeof(file), "%s/%s", pw->pw_dir, FILE_PRIVKEY);
+	read_blob_or_die(file, secretkey_own, sizeof(secretkey_own));
 
 	crypto_scalarmult_curve25519_base(publickey_own, secretkey_own);
+	result = crypto_verify_32(publickey_own, pubkey_remote);
 
-	if (!crypto_verify_32(publickey_own, pubkey_remote)) {
-		xmemset(secretkey_own, 0, sizeof(secretkey_own));
-		xmemset(publickey_own, 0, sizeof(publickey_own));
-		panic("PANIC: remote end has same public key as you have!!!\n");
-	}
+	if (result == 0)
+		panic("Remote end has same public key as you have!\n");
 
 	crypto_box_beforenm(proto->key, pubkey_remote, secretkey_own);
 
-	xmemset(proto->enonce, 0, sizeof(proto->enonce));
-	xmemset(proto->dnonce, 0, sizeof(proto->dnonce));
+	fmemset(proto->enonce, 0, sizeof(proto->enonce));
+	fmemset(proto->dnonce, 0, sizeof(proto->dnonce));
 
 	xmemset(secretkey_own, 0, sizeof(secretkey_own));
 	xmemset(publickey_own, 0, sizeof(publickey_own));
-
-	return 0;
 }
 
 ssize_t curve25519_encode(struct curve25519_struct *curve, struct curve25519_proto *proto,
-- 
cgit v1.2.3-54-g00ecf