added c++ signature support

bindings/cpp/Makefile.am

@@ -22,5 +22,5 @@ AM_CXXFLAGS = -I../../include -Wall -g
 
 lib_LTLIBRARIES      = libpcp1++.la
 
-libpcp1___la_SOURCES = pcp++.h key.cpp vault.cpp crypto.cpp
+libpcp1___la_SOURCES = pcp++.h key.cpp vault.cpp crypto.cpp sign.cpp
 include_HEADERS      = pcp++.h

bindings/cpp/Makefile.in

@@ -96,7 +96,7 @@ am__uninstall_files_from_dir = { \
 am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(includedir)"
 LTLIBRARIES = $(lib_LTLIBRARIES)
 libpcp1___la_LIBADD =
-am_libpcp1___la_OBJECTS = key.lo vault.lo crypto.lo
+am_libpcp1___la_OBJECTS = key.lo vault.lo crypto.lo sign.lo
 libpcp1___la_OBJECTS = $(am_libpcp1___la_OBJECTS)
 DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)/include/pcp
 depcomp = $(SHELL) $(top_srcdir)/config/depcomp
@@ -272,7 +272,7 @@ top_srcdir = @top_srcdir@
 #
 AM_CXXFLAGS = -I../../include -Wall -g
 lib_LTLIBRARIES = libpcp1++.la
-libpcp1___la_SOURCES = pcp++.h key.cpp vault.cpp crypto.cpp
+libpcp1___la_SOURCES = pcp++.h key.cpp vault.cpp crypto.cpp sign.cpp
 include_HEADERS = pcp++.h
 all: all-am
 
@@ -353,6 +353,7 @@ distclean-compile:
 
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/crypto.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/key.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sign.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/vault.Plo@am__quote@
 
 .cpp.o:

bindings/cpp/crypto.cpp

@@ -52,6 +52,9 @@ string Crypto::encrypt(vector<unsigned char> message) {
 }
 
 string Crypto::encrypt(unsigned char *message, size_t mlen) {
+  if(S.is_encrypted())
+    throw exception("Error: cannot encrypt with an encrypted secret key, decrypt it before using.");
+
   size_t clen, zlen, rlen;
   unsigned char *cipher;
 
@@ -79,6 +82,9 @@ string Crypto::encrypt(unsigned char *message, size_t mlen) {
 }
 
 ResultSet Crypto::decrypt(string cipher) {
+ if(S.is_encrypted())
+    throw exception("Error: cannot decrypt with an encrypted secret key, decrypt it before using.");
+
   size_t clen;
   unsigned char *combined = pcp_z85_decode((char *)cipher.c_str(), &clen);
 

bindings/cpp/pcp++.h

@@ -34,6 +34,7 @@
 #include "key++.h"
 #include "vault++.h"
 #include "crypto++.h"
+#include "sign++.h"
 #include "helpers++.h"
 
 #endif // _HAVE_PCPPP_H

bindings/cpp/sign++.h

@@ -0,0 +1,69 @@
+/*
+    This file is part of Pretty Curved Privacy (pcp1).
+
+    Copyright (C) 2013 T.Linden.
+
+    This program is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+    You can contact me by mail: <tlinden AT cpan DOT org>.
+*/
+
+
+#ifndef _HAVE_PCPPP_SIGN_H
+#define _HAVE_PCPPP_SIGN_H
+
+#include <pcp.h>
+#include <string>
+#include <iostream>
+
+#include "vault++.h"
+#include "key++.h"
+#include "sign++.h"
+#include "helpers++.h"
+
+namespace pcp {
+
+  class Signature {
+  private:
+    bool havevault;
+
+  public:
+    PubKey P;
+    Key S;
+    Vault vault;
+    pcp_sig_t *sig;
+
+    // constructors
+    Signature(Key &skey); // sign only
+    Signature(PubKey &pkey); // verify only
+    Signature(Key &skey, PubKey &pkey); // both/bulk
+    Signature(Vault &v);
+
+    // destructor
+    ~Signature();
+
+    // PK signature methods
+    // sender pubkey is P
+    std::string sign(std::vector<unsigned char> message);
+    std::string sign(std::string message);
+    std::string sign(unsigned char *message, size_t mlen);
+
+    // verify using P or use vault if defined
+    bool verify(std::string signature, std::string message);
+    bool verify(std::string signature, std::vector<unsigned char> message);
+    bool verify(std::string signature, unsigned char *message, size_t mlen);
+  };
+};
+
+#endif // _HAVE_PCPPP_SIGN_H

bindings/cpp/sign.cpp

@@ -0,0 +1,158 @@
+/*
+    This file is part of Pretty Curved Privacy (pcp1).
+
+    Copyright (C) 2013 T.Linden.
+
+    This program is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+    You can contact me by mail: <tlinden AT cpan DOT org>.
+*/
+
+#include "sign++.h"
+
+using namespace std;
+using namespace pcp;
+
+Signature::Signature(Key &skey) {
+  S = skey;
+  havevault = false;
+  sig = NULL;
+}
+
+Signature::Signature(PubKey &pkey) {
+  P = pkey;
+  havevault = false;
+  sig = NULL;
+}
+
+Signature::Signature(Key &skey, PubKey &pkey) {
+  P = pkey;
+  S = skey;
+  havevault = false;
+  sig = NULL;
+}
+
+Signature::Signature(Vault &v) {
+  vault = v;
+  havevault = true;
+  sig = NULL;
+  S = vault.get_primary();
+}
+
+Signature::~Signature() {
+  if(sig != NULL)
+    free(sig);
+}
+
+std::string Signature::sign(std::vector<unsigned char> message) {
+  unsigned char *m = (unsigned char *)ucmalloc(message.size());
+  for(size_t i=0; i<message.size(); ++i)
+    m[i] = message[i];
+  string _s = Signature::sign(m, message.size());
+  free(m);
+  return _s;
+}
+
+std::string Signature::sign(std::string message) {
+  unsigned char *m = (unsigned char *)ucmalloc(message.size() + 1);
+  memcpy(m, message.c_str(), message.size());
+  string _s = Signature::sign(m, message.size() + 1);
+  free(m);
+  return _s;
+}
+
+std::string Signature::sign(unsigned char *message, size_t mlen) {
+  if(! S)
+    throw exception("Error: cannot sign without a secret key, use another constructor.");
+
+  if(S.is_encrypted())
+    throw exception("Error: cannot sign with an encrypted secret key, decrypt it before using.");
+
+  size_t zlen;
+  sig = pcp_ed_sign(message, mlen, S.K);
+
+  if(sig == NULL)
+    throw exception();
+
+  sig2be(sig);
+  char *encoded = pcp_z85_encode((unsigned char *)sig, sizeof(pcp_sig_t), &zlen);
+  sig2native(sig);
+
+  if(encoded == NULL)
+    throw exception();
+ 
+  // FIXME: who free()s encoced?
+  return string((char *)encoded);
+}
+
+bool Signature::verify(string signature, vector<unsigned char> message) {
+  unsigned char *m = (unsigned char *)ucmalloc(message.size());
+  for(size_t i=0; i<message.size(); ++i)
+    m[i] = message[i];
+  bool _b = Signature::verify(signature, m, message.size());
+  free(m);
+  return _b;
+}
+
+bool Signature::verify(string signature, string message) {
+  unsigned char *m = (unsigned char *)ucmalloc(message.size() + 1);
+  memcpy(m, message.c_str(), message.size());
+  bool _b = Signature::verify(signature, m, message.size() + 1);
+  free(m);
+  return _b;
+}
+
+bool Signature::verify(string signature, unsigned char *message, size_t mlen) {
+  size_t clen;
+  unsigned char *decoded = pcp_z85_decode((char *)signature.c_str(), &clen);
+
+  if(decoded == NULL)
+    throw exception();
+
+  if(clen != sizeof(pcp_sig_t)) {
+    free(decoded);
+    throw exception("Error: decoded signature didn't result to a proper sized sig!");
+  }
+
+  sig = (pcp_sig_t *)decoded;
+  sig2native(sig);
+
+  string sigid = string((char *)sig->id);
+
+  if(!P) {
+    if(havevault) {
+      if(vault.pubkey_exists(sigid)) {
+	P = vault.get_public(sigid);
+      }
+      else {
+	throw exception("Unable to verify, signed using an unknown key.");
+      }
+    }
+    else {
+      throw exception("No public key and no vault specified, unable to verify.");
+    }
+  }
+  else {
+    if(P.get_id() != sigid) {
+      throw exception("Specified public key doesn't match the signers key.");
+    }
+  }
+
+  if(pcp_ed_verify(message, mlen, sig, P.K) == 0) {
+    return true;
+  }
+  else {
+    throw exception();
+  }
+}

bindings/cpp/vault++.h

@@ -69,6 +69,10 @@ namespace pcp {
     void pubkey_add(PubKey &key);
 
     void key_delete(std::string &id);
+
+    Key get_primary();
+    Key get_secret(std::string &id);
+    PubKey get_public(std::string &id);
   };
 
 

bindings/cpp/vault.cpp

@@ -86,6 +86,22 @@ void Vault::pubkey_add(PubKey &key) {
   key.is_stored(true);
 }
 
+bool Vault::key_exists(string &id) {
+  pcp_key_t *s = pcphash_keyexists((char *)id.c_str());
+  if(s == NULL)
+    return false;
+  else
+    return true;
+}
+
+bool Vault::pubkey_exists(string &id) {
+  pcp_pubkey_t *p = pcphash_pubkeyexists((char *)id.c_str());
+  if(p == NULL)
+    return false;
+  else
+    return true;
+}
+
 void Vault::key_delete(std::string &id) {
   pcp_pubkey_t *p = pcphash_pubkeyexists((char *)id.c_str());
   
@@ -108,3 +124,42 @@ void Vault::key_delete(std::string &id) {
     }
   }
 }
+
+Key Vault::get_primary() {
+  pcp_key_t *k = NULL;
+  pcphash_iterate(k) {
+    if(k->type == PCP_KEY_TYPE_MAINSECRET) {
+      return Key(k);
+    }
+  }
+
+  if(Vault::key_count() == 1) {
+    pcphash_iterate(k) {
+      return Key(k);
+    }
+  }
+
+  // too bad
+  throw exception("No primary key found in vault.");
+}
+
+Key Vault::get_secret(std::string &id) {
+  pcp_key_t *k = NULL;
+  pcphash_iterate(k) {
+    if(memcmp(k->id, id.c_str(), 16) == 0) {
+      return Key(k);
+    }
+  }
+  throw exception("Secret key doesn't exist in vault.");
+}
+
+
+PubKey Vault::get_public(std::string &id) {
+  pcp_pubkey_t *k = NULL;
+  pcphash_iteratepub(k) {
+    if(memcmp(k->id, id.c_str(), 16) == 0) {
+      return PubKey(k);
+    }
+  }
+  throw exception("Public key doesn't exist in vault.");
+}