From 777fa01c7440659982c6af6888be1129b4874135 Mon Sep 17 00:00:00 2001 From: "git@daemon.de" Date: Mon, 3 Feb 2014 12:19:17 +0100 Subject: [PATCH] fixed scrypt() call and pbp pk export signature --- include/pcp/scrypt.h | 2 +- libpcp/ed.c | 1 - libpcp/key.c | 4 ++-- libpcp/scrypt.c | 4 ++-- src/encryption.c | 6 +++--- src/keymgmt.c | 25 ++++++++++++++++--------- src/keyprint.c | 28 ++++++++++++++++++---------- 7 files changed, 42 insertions(+), 28 deletions(-) diff --git a/include/pcp/scrypt.h b/include/pcp/scrypt.h index 9b6cd04..bfd85f3 100644 --- a/include/pcp/scrypt.h +++ b/include/pcp/scrypt.h @@ -36,7 +36,7 @@ #include "mem.h" #include "defines.h" -unsigned char * pcp_scrypt(char *passwd, size_t passwdlen, unsigned char *nonce); +unsigned char * pcp_scrypt(char *passwd, size_t passwdlen, unsigned char *nonce, size_t noncelen); #endif // _HAVE_PCP_SCRYPT_H diff --git a/libpcp/ed.c b/libpcp/ed.c index b040613..22f881a 100644 --- a/libpcp/ed.c +++ b/libpcp/ed.c @@ -246,7 +246,6 @@ pcp_pubkey_t *pcp_ed_verify_buffered(FILE *in, pcp_pubkey_t *p) { } // else: if unarmored, sighash is already filled - // huh, how did we made it til here? unsigned char *verifiedhash = NULL; if(p == NULL) { diff --git a/libpcp/key.c b/libpcp/key.c index bc95f04..d40fae2 100644 --- a/libpcp/key.c +++ b/libpcp/key.c @@ -25,7 +25,7 @@ /* * AS of 16/01/2014 I'm using scrypt() instead of my crafted key - * derivation function. However, I create a hash from the pcp_script() + * derivation function. However, I create a hash from the pcp_scrypt() * result anyway because I need a cure25519 secret. */ unsigned char *pcp_derivekey(char *passphrase, unsigned char *nonce) { @@ -33,7 +33,7 @@ unsigned char *pcp_derivekey(char *passphrase, unsigned char *nonce) { size_t plen = strnlen(passphrase, 255); // create the scrypt hash - unsigned char *scrypted = pcp_scrypt(passphrase, plen, nonce); + unsigned char *scrypted = pcp_scrypt(passphrase, plen, nonce, crypto_secretbox_NONCEBYTES); // make a hash from the scrypt() result crypto_hash_sha256(key, (unsigned char*)scrypted, 64); diff --git a/libpcp/scrypt.c b/libpcp/scrypt.c index 200d1ee..2be0e43 100644 --- a/libpcp/scrypt.c +++ b/libpcp/scrypt.c @@ -21,7 +21,7 @@ #include "scrypt.h" -unsigned char* pcp_scrypt(char *passwd, size_t passwdlen, unsigned char *nonce) { +unsigned char* pcp_scrypt(char *passwd, size_t passwdlen, unsigned char *nonce, size_t noncelen) { uint8_t *dk = ucmalloc(64); // resulting hash // constants @@ -30,7 +30,7 @@ unsigned char* pcp_scrypt(char *passwd, size_t passwdlen, unsigned char *nonce) uint32_t p = 1; size_t buflen = 64; - if (crypto_scrypt(passwd, passwdlen, (uint8_t *)nonce, crypto_secretbox_NONCEBYTES, N, r, p, dk, buflen) == 0) { + if (crypto_scrypt(passwd, passwdlen, (uint8_t *)nonce, noncelen, N, r, p, dk, buflen) == 0) { return dk; } else { diff --git a/src/encryption.c b/src/encryption.c index 1f8b7f0..593bb5e 100644 --- a/src/encryption.c +++ b/src/encryption.c @@ -69,7 +69,7 @@ int pcpdecrypt(char *id, int useid, char *infile, char *outfile, char *passwd, i strncpy(passphrase, passwd, strlen(passwd)+1); } - symkey = pcp_scrypt(passphrase, crypto_secretbox_KEYBYTES, salt); + symkey = pcp_scrypt(passphrase, crypto_secretbox_KEYBYTES, salt, 90); free(salt); } else { @@ -154,10 +154,10 @@ int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, plist_t *rec passphrase = ucmalloc(strlen(passwd)+1); strncpy(passphrase, passwd, strlen(passwd)+1); } - unsigned char *salt = ucmalloc(90); + unsigned char *salt = ucmalloc(90); // FIXME: use random salt, concat it with result afterwards char stsalt[] = PBP_COMPAT_SALT; memcpy(salt, stsalt, 90); - symkey = pcp_scrypt(passphrase, crypto_secretbox_KEYBYTES, salt); + symkey = pcp_scrypt(passphrase, crypto_secretbox_KEYBYTES, salt, 90); free(salt); } else if(id != NULL) { diff --git a/src/keymgmt.c b/src/keymgmt.c index fd0db48..aa5b27f 100644 --- a/src/keymgmt.c +++ b/src/keymgmt.c @@ -398,24 +398,24 @@ int pcp_importpublic (vault_t *vault, FILE *in, int pbpcompat) { } klen = (nlen / 5) * 4; - - if(decode_85((char *)bin, (char *)buf, klen) != 0) goto errimp1; - /* - FILE *o = fopen("out", "wb+"); - fwrite(bin, 1, klen, o); - */ - - if(klen < sizeof(pbp_pubkey_t) - 1024 - crypto_sign_BYTES) { fatal("PBP key seems to be too small, maybe it's not a PBP key (got %ld, expected %ld)\n", klen, sizeof(pbp_pubkey_t) - 1024); goto errimp1; } - // FIXME: or use first part as sig and verify + // unpad result, if any + for(i=klen; i>0; --i) { + if(bin[i] != '\0' && i < klen) { + klen = i + 1; + break; + } + } + + // use first part as sig and verify memcpy(b, &bin[crypto_sign_BYTES], klen - crypto_sign_BYTES); // parse the name @@ -446,6 +446,13 @@ int pcp_importpublic (vault_t *vault, FILE *in, int pbpcompat) { memcpy(pub->pub, b->pub, crypto_box_PUBLICKEYBYTES); memcpy(pub->edpub, b->edpub, crypto_sign_PUBLICKEYBYTES); + fprintf(stderr, "edpub: "); pcpprint_bin(stderr, pub->edpub, crypto_sign_PUBLICKEYBYTES); fprintf(stderr, "\n"); + fprintf(stderr, " sig: "); pcpprint_bin(stderr, bin, klen); fprintf(stderr, "\n"); + unsigned char *sig = pcp_ed_verify(bin, klen, pub); + if(sig == NULL) + goto errimp1; + + free(sig); free(b); free(buf); free(bin); diff --git a/src/keyprint.c b/src/keyprint.c index c77fcd3..97bfae4 100644 --- a/src/keyprint.c +++ b/src/keyprint.c @@ -220,15 +220,6 @@ void pcppubkey_print(pcp_pubkey_t *key, FILE* out, int pbpcompat) { c = localtime(&t); if(pbpcompat == 1) { - size_t namelen = strlen(key->owner) + 2 + strlen(key->mail); - pbp_pubkey_t *b = ucmalloc(sizeof(pbp_pubkey_t)); - memcpy(b->pub, key->pub, crypto_box_PUBLICKEYBYTES); - memcpy(b->edpub, key->edpub, crypto_sign_PUBLICKEYBYTES); - memcpy(b->sigpub, key->edpub, crypto_sign_PUBLICKEYBYTES); - sprintf(b->name, "%s<%s>", key->owner, key->mail); - - size_t pbplen = sizeof(pbp_pubkey_t) - (1024 - namelen); - pcp_key_t *secret = NULL; secret = pcp_find_primary_secret(); @@ -242,7 +233,23 @@ void pcppubkey_print(pcp_pubkey_t *key, FILE* out, int pbpcompat) { secret = pcpkey_decrypt(secret, passphrase); if(secret != NULL) { - unsigned char *sig = pcp_ed_sign((unsigned char*)b, pbplen, secret); + size_t pbplen = crypto_sign_PUBLICKEYBYTES+crypto_box_PUBLICKEYBYTES+crypto_sign_PUBLICKEYBYTES+strlen(key->owner); + + unsigned char *blob = ucmalloc(pbplen); + + fprintf(stderr, "edpub: "); pcpprint_bin(stderr, key->edpub, crypto_sign_PUBLICKEYBYTES); fprintf(stderr, "\n"); + fprintf(stderr, " pub: "); pcpprint_bin(stderr, key->pub, crypto_box_PUBLICKEYBYTES); fprintf(stderr, "\n"); + fprintf(stderr, "edpub: "); pcpprint_bin(stderr, key->edpub, crypto_sign_PUBLICKEYBYTES); fprintf(stderr, "\n"); + + memcpy(blob, key->edpub, crypto_sign_PUBLICKEYBYTES); + memcpy(&blob[crypto_sign_PUBLICKEYBYTES], key->pub, crypto_box_PUBLICKEYBYTES); + memcpy(&blob[crypto_sign_PUBLICKEYBYTES+crypto_box_PUBLICKEYBYTES], key->edpub, crypto_sign_PUBLICKEYBYTES); + memcpy(&blob[crypto_sign_PUBLICKEYBYTES+crypto_box_PUBLICKEYBYTES+crypto_sign_PUBLICKEYBYTES], + key->owner, strlen(key->owner)); + + unsigned char *sig = pcp_ed_sign(blob, pbplen, secret); + fprintf(stderr, " sig: "); pcpprint_bin(stderr, sig, pbplen+crypto_sign_BYTES); fprintf(stderr, "\n"); + fprintf(stderr, "siglen: %ld, inlen: %ld\n", crypto_sign_BYTES, pbplen); if(sig != NULL) { size_t siglen = pbplen + crypto_sign_BYTES; size_t blen = ((siglen / 4) * 5) + siglen; @@ -252,6 +259,7 @@ void pcppubkey_print(pcp_pubkey_t *key, FILE* out, int pbpcompat) { free(b85sig); free(sig); } + free(blob); } } }