From c0790f91d038f136dfd73ffb5458e9906c7a6a08 Mon Sep 17 00:00:00 2001
From: Erwin Nindl <nine@wirdorange.org>
Date: Wed, 21 Nov 2007 11:23:34 +0000
Subject:  * fixed initialisation of libgcrypt  * reoved libstrp from deps

---
 Makefile          |  2 +-
 authAlgo.cpp      | 19 ++-----------------
 cypher.cpp        | 36 ++++++++++++++++++------------------
 keyDerivation.cpp | 43 ++++++++++++++++++++++++-------------------
 4 files changed, 45 insertions(+), 55 deletions(-)

diff --git a/Makefile b/Makefile
index c95b630..c669aa1 100644
--- a/Makefile
+++ b/Makefile
@@ -3,7 +3,7 @@ CFLAGS = -g -Wall
 C++ = g++
 CCFLAGS = -g -Wall
 LD = g++
-LDFLAGS = -g -Wall -O2 -ldl -lpthread -lsrtp -lgcrypt
+LDFLAGS = -g -Wall -O2 -ldl -lpthread -lgcrypt
 
 OPENVPNDEPS = openvpn/tun.o \
               openvpn/error.o \
diff --git a/authAlgo.cpp b/authAlgo.cpp
index 206d335..d19cf2d 100644
--- a/authAlgo.cpp
+++ b/authAlgo.cpp
@@ -31,7 +31,7 @@
 #include "authAlgo.h"
 
 extern "C" {
-#include <srtp/crypto_kernel.h>
+#include <gcrypt.h>
 }
 
 
@@ -44,22 +44,7 @@ auth_tag_t NullAuthAlgo::calc(const Buffer& buf)
 // HMAC_SHA1
 auth_tag_t HmacAuthAlgo::calc(const Buffer& buf)
 {
-  extern auth_type_t hmac;
-  err_status_t status = err_status_ok;
-  auth_t *auth = NULL;
-
-  uint8_t key[] = {
-    0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-    0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
-    0x10, 0x11, 0x12, 0x13
-  };
-
-  // auth_type_alloc(auth_type, auth, key_len, out_len)
-  status = auth_type_alloc(&hmac, &auth, 94, 4);
-  status = auth_init(auth, key);
-
-  status = auth_dealloc(auth);
-
+//  gcry_md_hash_buffer(GCRY_MD_SHA1, ht, buf.getBuf(), buf.getLength());
   return 0;
 }
 
diff --git a/cypher.cpp b/cypher.cpp
index f180745..857566c 100644
--- a/cypher.cpp
+++ b/cypher.cpp
@@ -72,34 +72,34 @@ bool AesIcmCypher::gcrypt_initialized_ = false;
 AesIcmCypher::AesIcmCypher() : salt_(Buffer(14))
 {
   gcry_error_t err;
-  if( !gcry_check_version( MIN_GCRYPT_VERSION ) )
-  {
-    std::cerr << "Invalid Version of libgcrypt, should be >= ";
-    std::cerr << MIN_GCRYPT_VERSION << std::endl;
-    return;
-  }
 
-  if( !gcrypt_initialized_ )
+  // No other library has already initialized libgcrypt.
+  if( !gcry_control(GCRYCTL_ANY_INITIALIZATION_P) )
   {
+    if( !gcry_check_version( MIN_GCRYPT_VERSION ) ) {
+      std::cerr << "Invalid Version of libgcrypt, should be >= ";
+      std::cerr << MIN_GCRYPT_VERSION << std::endl;
+      return;
+    }
+
     /* Allocate a pool of secure memory.  This also drops priviliges
        on some systems. */
     err = gcry_control(GCRYCTL_INIT_SECMEM, GCRYPT_SEC_MEM, 0);
-    if( err )
-    {
+    if( err ) {
       std::cerr << "Failed to allocate " << GCRYPT_SEC_MEM << "bytes of secure memory: ";
       std::cerr << gpg_strerror( err ) << std::endl;
       return;
     }
-    gcrypt_initialized_ = true;
-  }
 
-  /* Tell Libgcrypt that initialization has completed. */
-  err = gcry_control(GCRYCTL_INITIALIZATION_FINISHED);
-  if( err )
-  {
-    std::cerr << "Failed to finish the initialization of libgcrypt";
-    std::cerr << gpg_strerror( err ) << std::endl;
-    return;
+    /* Tell Libgcrypt that initialization has completed. */
+    err = gcry_control(GCRYCTL_INITIALIZATION_FINISHED);
+    if( err ) {
+      std::cerr << "Failed to finish the initialization of libgcrypt";
+      std::cerr << gpg_strerror( err ) << std::endl;
+      return;
+    } else {
+      std::cout << "AesIcmCypher::AesIcmCypher: libgcrypt init finished" << std::endl;
+    }
   }
 
   gcry_cipher_open( &cipher_, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CTR, 0 );
diff --git a/keyDerivation.cpp b/keyDerivation.cpp
index f8e3c55..a171244 100644
--- a/keyDerivation.cpp
+++ b/keyDerivation.cpp
@@ -44,27 +44,32 @@ const char* KeyDerivation::MIN_GCRYPT_VERSION = "1.2.3";
 void KeyDerivation::init(Buffer key, Buffer salt)
 {
   gcry_error_t err;
-  if( !gcry_check_version( MIN_GCRYPT_VERSION ) )
-  {
-    std::cerr << "Invalid Version of libgcrypt, should be >= " << MIN_GCRYPT_VERSION << std::endl;
-    return;
-  }
-
-  /* Allocate a pool of 16k secure memory.  This also drops priviliges
-   *      on some systems. */
-  err = gcry_control(GCRYCTL_INIT_SECMEM, 16384, 0);
-  if( err )
-  {
-    std::cerr << "Failed to allocate 16k secure memory: " << gpg_strerror( err ) << std::endl;
-    return;
-  }
 
-  /* Tell Libgcrypt that initialization has completed. */
-  err = gcry_control(GCRYCTL_INITIALIZATION_FINISHED);
-  if( err )
+  // No other library has already initialized libgcrypt.
+  if( !gcry_control(GCRYCTL_ANY_INITIALIZATION_P) )
   {
-    std::cerr << "Failed to finish the initialization of libgcrypt" << gpg_strerror( err ) << std::endl;
-    return;
+    if( !gcry_check_version( MIN_GCRYPT_VERSION ) ) {
+      std::cerr << "Invalid Version of libgcrypt, should be >= " << MIN_GCRYPT_VERSION << std::endl;
+      return;
+    }
+
+    /* Allocate a pool of 16k secure memory.  This also drops priviliges
+     *      on some systems. */
+    err = gcry_control(GCRYCTL_INIT_SECMEM, 16384, 0);
+    if( err )
+    {
+      std::cerr << "Failed to allocate 16k secure memory: " << gpg_strerror( err ) << std::endl;
+      return;
+    }
+
+    /* Tell Libgcrypt that initialization has completed. */
+    err = gcry_control(GCRYCTL_INITIALIZATION_FINISHED);
+    if( err ) {
+      std::cerr << "Failed to finish the initialization of libgcrypt" << gpg_strerror( err ) << std::endl;
+      return;
+    } else {
+      std::cout << "KeyDerivation::init: libgcrypt init finished" << std::endl;
+    }
   }
 
   err = gcry_cipher_open( &cipher_, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CTR, 0 );
-- 
cgit v1.2.3