mirror of
https://codeberg.org/scip/pcp.git
synced 2025-12-17 03:50:57 +01:00
using libsodiums size constants everywhere (keysizes and the likes)
This commit is contained in:
TLINDEN
@@ -57,6 +57,8 @@ typedef unsigned char byte; /* Single unsigned byte = 8 bits */
|
|||||||
typedef unsigned short dbyte; /* Double byte = 16 bits */
|
typedef unsigned short dbyte; /* Double byte = 16 bits */
|
||||||
typedef unsigned int qbyte; /* Quad byte = 32 bits */
|
typedef unsigned int qbyte; /* Quad byte = 32 bits */
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/* key stuff, deprecated. */
|
/* key stuff, deprecated. */
|
||||||
#define PCP_ENFILE_HEADER "----- BEGIN PCP ENCRYPTED FILE -----\r\n"
|
#define PCP_ENFILE_HEADER "----- BEGIN PCP ENCRYPTED FILE -----\r\n"
|
||||||
#define PCP_ENFILE_FOOTER "\r\n----- END PCP ENCRYPTED FILE -----\r\n"
|
#define PCP_ENFILE_FOOTER "\r\n----- END PCP ENCRYPTED FILE -----\r\n"
|
||||||
@@ -102,8 +104,15 @@ typedef enum _PCP_KEY_TYPES {
|
|||||||
/** @}
|
/** @}
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* save typing, dammit */
|
|
||||||
#define PCP_ENCRYPT_MAC crypto_secretbox_ZEROBYTES + crypto_secretbox_NONCEBYTES
|
/* shortcuts for key lengths and stuff to save typing */
|
||||||
|
#define LEDPUB crypto_sign_PUBLICKEYBYTES
|
||||||
|
#define LEDSEC crypto_sign_SECRETKEYBYTES
|
||||||
|
#define LBOXPUB crypto_box_PUBLICKEYBYTES
|
||||||
|
#define LBOXSEC crypto_box_SECRETKEYBYTES
|
||||||
|
#define LNONCE crypto_secretbox_NONCEBYTES
|
||||||
|
#define LSEC LBOXSEC + LEDSEC + LEDSEC + crypto_secretbox_MACBYTES
|
||||||
|
#define LSHA 32 /* sha256 hash length */
|
||||||
|
|
||||||
/* vault id */
|
/* vault id */
|
||||||
#define PCP_VAULT_ID 14
|
#define PCP_VAULT_ID 14
|
||||||
|
|||||||
@@ -70,21 +70,21 @@
|
|||||||
|
|
||||||
*/
|
*/
|
||||||
struct _pcp_key_t {
|
struct _pcp_key_t {
|
||||||
byte masterpub[32]; /**< ED25519 master public key signing key */
|
byte masterpub[LEDPUB]; /**< ED25519 master public key signing key */
|
||||||
byte mastersecret[64]; /**< ED25519 master secret key signing key */
|
byte mastersecret[LEDSEC]; /**< ED25519 master secret key signing key */
|
||||||
byte pub[32]; /**< Curve25519 encryption public key */
|
byte pub[LBOXPUB]; /**< Curve25519 encryption public key */
|
||||||
byte secret[32]; /**< Curve25519 encryption secret key */
|
byte secret[LBOXSEC]; /**< Curve25519 encryption secret key */
|
||||||
byte edpub[32]; /**< ED25519 public signing key */
|
byte edpub[LEDPUB]; /**< ED25519 public signing key */
|
||||||
byte edsecret[64]; /**< ED25519 secret signing key */
|
byte edsecret[LEDSEC]; /**< ED25519 secret signing key */
|
||||||
byte nonce[24]; /**< random nonce used to encrypt secret keys */
|
byte nonce[LNONCE]; /**< random nonce used to encrypt secret keys */
|
||||||
byte encrypted[176]; /**< concatenated and encrypted secret keys */
|
byte encrypted[LSEC]; /**< concatenated and encrypted secret keys */
|
||||||
char owner[255]; /**< the key owner, string */
|
char owner[255]; /**< the key owner, string */
|
||||||
char mail[255]; /**< mail address of the owner, string */
|
char mail[255]; /**< mail address of the owner, string */
|
||||||
char id[17]; /**< key-id, used internally only, jenhash of public keys */
|
char id[17]; /**< key-id, used internally only, jenhash of public keys */
|
||||||
uint8_t type; /**< key type: MASTER_SECRET or SECRET */
|
uint8_t type; /**< key type: MASTER_SECRET or SECRET */
|
||||||
uint64_t ctime; /**< creation time, epoch */
|
uint64_t ctime; /**< creation time, epoch */
|
||||||
uint32_t version; /**< key version */
|
uint32_t version; /**< key version */
|
||||||
uint32_t serial; /**< serial number of the key, randomly generated */
|
uint32_t serial; /**< serial number of the key, randomly generated */
|
||||||
UT_hash_handle hh;
|
UT_hash_handle hh;
|
||||||
};
|
};
|
||||||
|
|
||||||
@@ -99,18 +99,17 @@ typedef struct _pcp_key_t pcp_key_t;
|
|||||||
without the secret and nonce fields.
|
without the secret and nonce fields.
|
||||||
*/
|
*/
|
||||||
struct _pcp_pubkey_t {
|
struct _pcp_pubkey_t {
|
||||||
byte masterpub[32]; /**< ED25519 master public key signing key */
|
byte masterpub[LEDPUB]; /**< ED25519 master public key signing key */
|
||||||
byte sigpub[32]; /**< ED25519 public signing key */
|
byte pub[LBOXPUB]; /**< Curve25519 encryption public key */
|
||||||
byte pub[32]; /**< Curve25519 encryption public key */
|
byte edpub[LEDPUB]; /**< ED25519 public signing key (FIXME: huh? 2 of them???) */
|
||||||
byte edpub[32]; /**< ED25519 public signing key (FIXME: huh? 2 of them???) */
|
char owner[255]; /**< the key owner, string */
|
||||||
char owner[255]; /**< the key owner, string */
|
char mail[255]; /**< mail address of the owner, string */
|
||||||
char mail[255]; /**< mail address of the owner, string */
|
char id[17]; /**< key-id, used internally only, jenhash of public keys */
|
||||||
char id[17]; /**< key-id, used internally only, jenhash of public keys */
|
uint8_t type; /**< key type: MASTER_SECRET or SECRET */
|
||||||
uint8_t type; /**< key type: MASTER_SECRET or SECRET */
|
uint64_t ctime; /**< creation time, epoch */
|
||||||
uint64_t ctime; /**< creation time, epoch */
|
uint32_t version; /**< key version */
|
||||||
uint32_t version; /**< key version */
|
uint32_t serial; /**< serial number of the key, randomly generated */
|
||||||
uint32_t serial; /**< serial number of the key, randomly generated */
|
uint8_t valid; /**< 1 if import signature verified, 0 if not */
|
||||||
uint8_t valid; /**< 1 if import signature verified, 0 if not */
|
|
||||||
byte signature[crypto_generichash_BYTES_MAX + crypto_sign_BYTES]; /**< raw binary blob of pubkey export signature */
|
byte signature[crypto_generichash_BYTES_MAX + crypto_sign_BYTES]; /**< raw binary blob of pubkey export signature */
|
||||||
UT_hash_handle hh;
|
UT_hash_handle hh;
|
||||||
};
|
};
|
||||||
@@ -122,7 +121,7 @@ typedef struct _pcp_pubkey_t pcp_pubkey_t;
|
|||||||
/* the PBP public key format */
|
/* the PBP public key format */
|
||||||
/* keys.mp+keys.cp+keys.sp+keys.name */
|
/* keys.mp+keys.cp+keys.sp+keys.name */
|
||||||
struct _pbp_pubkey_t {
|
struct _pbp_pubkey_t {
|
||||||
byte sigpub[crypto_sign_PUBLICKEYBYTES];
|
byte masterpub[crypto_sign_PUBLICKEYBYTES];
|
||||||
byte edpub[crypto_sign_PUBLICKEYBYTES];
|
byte edpub[crypto_sign_PUBLICKEYBYTES];
|
||||||
byte pub[crypto_box_PUBLICKEYBYTES];
|
byte pub[crypto_box_PUBLICKEYBYTES];
|
||||||
char iso_ctime[32];
|
char iso_ctime[32];
|
||||||
@@ -158,7 +157,7 @@ struct _pcp_keysig_t {
|
|||||||
uint8_t type;
|
uint8_t type;
|
||||||
uint32_t size;
|
uint32_t size;
|
||||||
char id[17];
|
char id[17];
|
||||||
byte checksum[32];
|
byte checksum[LSHA];
|
||||||
byte *blob;
|
byte *blob;
|
||||||
UT_hash_handle hh;
|
UT_hash_handle hh;
|
||||||
};
|
};
|
||||||
@@ -229,7 +228,7 @@ struct _vault_t {
|
|||||||
time_t modified; /**< mtime */
|
time_t modified; /**< mtime */
|
||||||
mode_t mode; /**< File mode */
|
mode_t mode; /**< File mode */
|
||||||
uint32_t version; /**< Vault version */
|
uint32_t version; /**< Vault version */
|
||||||
byte checksum[32]; /**< SHA256 checksum over the whole vault */
|
byte checksum[LSHA]; /**< SHA256 checksum over the whole vault */
|
||||||
};
|
};
|
||||||
|
|
||||||
/** Name of the struct */
|
/** Name of the struct */
|
||||||
@@ -240,7 +239,7 @@ typedef struct _vault_t vault_t;
|
|||||||
struct _vault_header_t {
|
struct _vault_header_t {
|
||||||
uint8_t fileid; /**< File id, proprietary. Marks the vault as a vault */
|
uint8_t fileid; /**< File id, proprietary. Marks the vault as a vault */
|
||||||
uint32_t version; /**< File version */
|
uint32_t version; /**< File version */
|
||||||
byte checksum[32]; /**< SHA256 checksum over the whole vault */
|
byte checksum[LSHA]; /**< SHA256 checksum over the whole vault */
|
||||||
};
|
};
|
||||||
|
|
||||||
/** Name of the struct */
|
/** Name of the struct */
|
||||||
@@ -252,7 +251,7 @@ struct _vault_item_header_t {
|
|||||||
uint8_t type; /**< Item type (secret key, public, key, keysig, \see _PCP_KEY_TYPES */
|
uint8_t type; /**< Item type (secret key, public, key, keysig, \see _PCP_KEY_TYPES */
|
||||||
uint32_t size; /**< Size of the item */
|
uint32_t size; /**< Size of the item */
|
||||||
uint32_t version; /**< Version of the item */
|
uint32_t version; /**< Version of the item */
|
||||||
byte checksum[32]; /**< SHA256 checksum of the item */
|
byte checksum[LSHA]; /**< SHA256 checksum of the item */
|
||||||
};
|
};
|
||||||
|
|
||||||
/** Name of the struct */
|
/** Name of the struct */
|
||||||
|
|||||||
@@ -44,14 +44,14 @@ byte *pcp_box_encrypt(PCPCTX *ptx, pcp_key_t *secret, pcp_pubkey_t *pub,
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* put nonce and cipher together */
|
/* put nonce and cipher together */
|
||||||
byte *combined = ucmalloc(es + crypto_secretbox_NONCEBYTES);
|
byte *combined = ucmalloc(es + LNONCE);
|
||||||
memcpy(combined, nonce, crypto_secretbox_NONCEBYTES);
|
memcpy(combined, nonce, LNONCE);
|
||||||
memcpy(&combined[crypto_secretbox_NONCEBYTES], cipher, es);
|
memcpy(&combined[LNONCE], cipher, es);
|
||||||
|
|
||||||
free(cipher);
|
free(cipher);
|
||||||
free(nonce);
|
free(nonce);
|
||||||
|
|
||||||
*csize = es + crypto_secretbox_NONCEBYTES;
|
*csize = es + LNONCE;
|
||||||
|
|
||||||
return combined;
|
return combined;
|
||||||
|
|
||||||
@@ -71,15 +71,15 @@ byte *pcp_box_decrypt(PCPCTX *ptx, pcp_key_t *secret, pcp_pubkey_t *pub,
|
|||||||
|
|
||||||
byte *message = NULL;
|
byte *message = NULL;
|
||||||
|
|
||||||
byte *nonce = ucmalloc(crypto_secretbox_NONCEBYTES);
|
byte *nonce = ucmalloc(LNONCE);
|
||||||
byte *cipheronly = ucmalloc(ciphersize - crypto_secretbox_NONCEBYTES);
|
byte *cipheronly = ucmalloc(ciphersize - LNONCE);
|
||||||
|
|
||||||
memcpy(nonce, cipher, crypto_secretbox_NONCEBYTES);
|
memcpy(nonce, cipher, LNONCE);
|
||||||
memcpy(cipheronly, &cipher[crypto_secretbox_NONCEBYTES],
|
memcpy(cipheronly, &cipher[LNONCE],
|
||||||
ciphersize - crypto_secretbox_NONCEBYTES);
|
ciphersize - LNONCE);
|
||||||
|
|
||||||
message = ucmalloc(ciphersize - crypto_secretbox_NONCEBYTES - crypto_box_MACBYTES);
|
message = ucmalloc(ciphersize - LNONCE - crypto_box_MACBYTES);
|
||||||
if(crypto_box_open_easy(message, cipheronly, ciphersize - crypto_secretbox_NONCEBYTES,
|
if(crypto_box_open_easy(message, cipheronly, ciphersize - LNONCE,
|
||||||
nonce, pub->pub, secret->secret) != 0) {
|
nonce, pub->pub, secret->secret) != 0) {
|
||||||
fatal(ptx, "failed to decrypt message!\n");
|
fatal(ptx, "failed to decrypt message!\n");
|
||||||
goto errbed;
|
goto errbed;
|
||||||
@@ -90,7 +90,7 @@ byte *pcp_box_decrypt(PCPCTX *ptx, pcp_key_t *secret, pcp_pubkey_t *pub,
|
|||||||
|
|
||||||
/* resulting size: */
|
/* resulting size: */
|
||||||
/* ciphersize - crypto_secretbox_ZEROBYTES */
|
/* ciphersize - crypto_secretbox_ZEROBYTES */
|
||||||
*dsize = ciphersize - crypto_secretbox_NONCEBYTES - PCP_CRYPTO_ADD;
|
*dsize = ciphersize - LNONCE - PCP_CRYPTO_ADD;
|
||||||
return message;
|
return message;
|
||||||
|
|
||||||
errbed:
|
errbed:
|
||||||
@@ -458,15 +458,15 @@ size_t pcp_encrypt_stream_sym(PCPCTX *ptx, Pcpstream *in, Pcpstream *out, byte *
|
|||||||
buf_nonce = _gen_ctr_nonce(ctr++);
|
buf_nonce = _gen_ctr_nonce(ctr++);
|
||||||
|
|
||||||
es = pcp_sodium_mac(&buf_cipher, in_buf, cur_bufsize, buf_nonce, symkey);
|
es = pcp_sodium_mac(&buf_cipher, in_buf, cur_bufsize, buf_nonce, symkey);
|
||||||
ps_write(out, buf_nonce, crypto_secretbox_NONCEBYTES);
|
ps_write(out, buf_nonce, LNONCE);
|
||||||
ps_write(out, buf_cipher, es);
|
ps_write(out, buf_cipher, es);
|
||||||
|
|
||||||
out_size += crypto_secretbox_NONCEBYTES + es;
|
out_size += LNONCE + es;
|
||||||
|
|
||||||
if(recsign != NULL)
|
if(recsign != NULL)
|
||||||
crypto_generichash_update(st, buf_cipher, es);
|
crypto_generichash_update(st, buf_cipher, es);
|
||||||
|
|
||||||
ucfree(buf_nonce, crypto_secretbox_NONCEBYTES);
|
ucfree(buf_nonce, LNONCE);
|
||||||
free(buf_cipher);
|
free(buf_cipher);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -489,12 +489,12 @@ size_t pcp_encrypt_stream_sym(PCPCTX *ptx, Pcpstream *in, Pcpstream *out, byte *
|
|||||||
buf_nonce = pcp_gennonce();
|
buf_nonce = pcp_gennonce();
|
||||||
es = pcp_sodium_mac(&buf_cipher, signature, siglen, buf_nonce, symkey);
|
es = pcp_sodium_mac(&buf_cipher, signature, siglen, buf_nonce, symkey);
|
||||||
|
|
||||||
ps_write(out, buf_nonce, crypto_secretbox_NONCEBYTES);
|
ps_write(out, buf_nonce, LNONCE);
|
||||||
ps_write(out, buf_cipher, es);
|
ps_write(out, buf_cipher, es);
|
||||||
|
|
||||||
free(st);
|
free(st);
|
||||||
free(hash);
|
free(hash);
|
||||||
ucfree(buf_nonce, crypto_secretbox_NONCEBYTES);
|
ucfree(buf_nonce, LNONCE);
|
||||||
free(buf_cipher);
|
free(buf_cipher);
|
||||||
ucfree(signature, siglen);
|
ucfree(signature, siglen);
|
||||||
}
|
}
|
||||||
@@ -517,12 +517,12 @@ size_t pcp_decrypt_stream_sym(PCPCTX *ptx, Pcpstream *in, Pcpstream* out, byte *
|
|||||||
byte *buf_cipher;
|
byte *buf_cipher;
|
||||||
byte *buf_clear;
|
byte *buf_clear;
|
||||||
size_t out_size, cur_bufsize, es;
|
size_t out_size, cur_bufsize, es;
|
||||||
size_t ciphersize = (PCP_BLOCK_SIZE_IN) - crypto_secretbox_NONCEBYTES;
|
size_t ciphersize = (PCP_BLOCK_SIZE_IN) - LNONCE;
|
||||||
byte *in_buf = NULL;
|
byte *in_buf = NULL;
|
||||||
uint64_t ctr, pastctr;
|
uint64_t ctr, pastctr;
|
||||||
pastctr = 0;
|
pastctr = 0;
|
||||||
|
|
||||||
buf_nonce = ucmalloc(crypto_secretbox_NONCEBYTES);
|
buf_nonce = ucmalloc(LNONCE);
|
||||||
buf_cipher = ucmalloc(ciphersize);
|
buf_cipher = ucmalloc(ciphersize);
|
||||||
buf_clear = ucmalloc(ciphersize);
|
buf_clear = ucmalloc(ciphersize);
|
||||||
out_size = 0;
|
out_size = 0;
|
||||||
@@ -530,7 +530,7 @@ size_t pcp_decrypt_stream_sym(PCPCTX *ptx, Pcpstream *in, Pcpstream* out, byte *
|
|||||||
byte *signature = NULL;
|
byte *signature = NULL;
|
||||||
byte *signature_cr = NULL;
|
byte *signature_cr = NULL;
|
||||||
size_t siglen = crypto_sign_BYTES + crypto_generichash_BYTES_MAX;
|
size_t siglen = crypto_sign_BYTES + crypto_generichash_BYTES_MAX;
|
||||||
size_t siglen_cr = siglen + PCP_CRYPTO_ADD + crypto_secretbox_NONCEBYTES;
|
size_t siglen_cr = siglen + PCP_CRYPTO_ADD + LNONCE;
|
||||||
crypto_generichash_state *st = NULL;
|
crypto_generichash_state *st = NULL;
|
||||||
byte *hash = NULL;
|
byte *hash = NULL;
|
||||||
|
|
||||||
@@ -556,9 +556,9 @@ size_t pcp_decrypt_stream_sym(PCPCTX *ptx, Pcpstream *in, Pcpstream* out, byte *
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
ciphersize = cur_bufsize - crypto_secretbox_NONCEBYTES;
|
ciphersize = cur_bufsize - LNONCE;
|
||||||
memcpy(buf_nonce, in_buf, crypto_secretbox_NONCEBYTES);
|
memcpy(buf_nonce, in_buf, LNONCE);
|
||||||
memcpy(buf_cipher, &in_buf[crypto_secretbox_NONCEBYTES], ciphersize);
|
memcpy(buf_cipher, &in_buf[LNONCE], ciphersize);
|
||||||
|
|
||||||
/* extract counter from nonce and check if it is in line with previous one
|
/* extract counter from nonce and check if it is in line with previous one
|
||||||
TODO: save unordered buffers to disk and continue writing to out if
|
TODO: save unordered buffers to disk and continue writing to out if
|
||||||
@@ -600,10 +600,10 @@ size_t pcp_decrypt_stream_sym(PCPCTX *ptx, Pcpstream *in, Pcpstream* out, byte *
|
|||||||
|
|
||||||
if(recverify != NULL) {
|
if(recverify != NULL) {
|
||||||
/* decrypt the signature */
|
/* decrypt the signature */
|
||||||
memcpy(buf_nonce, signature_cr, crypto_secretbox_NONCEBYTES);
|
memcpy(buf_nonce, signature_cr, LNONCE);
|
||||||
|
|
||||||
es = pcp_sodium_verify_mac(&signature, &signature_cr[crypto_secretbox_NONCEBYTES],
|
es = pcp_sodium_verify_mac(&signature, &signature_cr[LNONCE],
|
||||||
siglen_cr - crypto_secretbox_NONCEBYTES, buf_nonce, symkey);
|
siglen_cr - LNONCE, buf_nonce, symkey);
|
||||||
if(es == 0) {
|
if(es == 0) {
|
||||||
/* add encrypted recipient list to the hash */
|
/* add encrypted recipient list to the hash */
|
||||||
crypto_generichash_update(st, recverify->cipher, recverify->ciphersize);
|
crypto_generichash_update(st, recverify->cipher, recverify->ciphersize);
|
||||||
|
|||||||
141
libpcp/key.c
141
libpcp/key.c
@@ -33,7 +33,7 @@ byte *pcp_derivekey(PCPCTX *ptx, char *passphrase, byte *nonce) {
|
|||||||
size_t plen = strnlen(passphrase, 255);
|
size_t plen = strnlen(passphrase, 255);
|
||||||
|
|
||||||
/* create the scrypt hash */
|
/* create the scrypt hash */
|
||||||
byte *scrypted = pcp_scrypt(ptx, passphrase, plen, nonce, crypto_secretbox_NONCEBYTES);
|
byte *scrypted = pcp_scrypt(ptx, passphrase, plen, nonce, LNONCE);
|
||||||
|
|
||||||
/* make a hash from the scrypt() result */
|
/* make a hash from the scrypt() result */
|
||||||
crypto_hash_sha256(key, (byte*)scrypted, 64);
|
crypto_hash_sha256(key, (byte*)scrypted, 64);
|
||||||
@@ -51,8 +51,8 @@ byte *pcp_derivekey(PCPCTX *ptx, char *passphrase, byte *nonce) {
|
|||||||
|
|
||||||
char *pcp_getkeyid(pcp_key_t *k) {
|
char *pcp_getkeyid(pcp_key_t *k) {
|
||||||
uint32_t s, p;
|
uint32_t s, p;
|
||||||
p = jen_hash(k->pub, 32, JEN_PSALT);
|
p = jen_hash(k->pub, LBOXPUB, JEN_PSALT);
|
||||||
s = jen_hash(k->edpub, 32, JEN_SSALT);
|
s = jen_hash(k->edpub, LEDPUB, JEN_SSALT);
|
||||||
char *id = ucmalloc(17);
|
char *id = ucmalloc(17);
|
||||||
snprintf(id, 17, "%08X%08X", p, s);
|
snprintf(id, 17, "%08X%08X", p, s);
|
||||||
return id;
|
return id;
|
||||||
@@ -61,8 +61,8 @@ char *pcp_getkeyid(pcp_key_t *k) {
|
|||||||
/* same as above but for imported pbp keys */
|
/* same as above but for imported pbp keys */
|
||||||
char *pcp_getpubkeyid(pcp_pubkey_t *k) {
|
char *pcp_getpubkeyid(pcp_pubkey_t *k) {
|
||||||
uint32_t s, p;
|
uint32_t s, p;
|
||||||
p = jen_hash(k->pub, 32, JEN_PSALT);
|
p = jen_hash(k->pub, LBOXPUB, JEN_PSALT);
|
||||||
s = jen_hash(k->edpub, 32, JEN_SSALT);
|
s = jen_hash(k->edpub, LEDPUB, JEN_SSALT);
|
||||||
char *id = ucmalloc(17);
|
char *id = ucmalloc(17);
|
||||||
snprintf(id, 17, "%08X%08X", p, s);
|
snprintf(id, 17, "%08X%08X", p, s);
|
||||||
return id;
|
return id;
|
||||||
@@ -95,24 +95,24 @@ void pcp_keypairs(byte *msk, byte *mpk, byte *csk, byte *cpk, byte *esk, byte *e
|
|||||||
}
|
}
|
||||||
|
|
||||||
pcp_key_t * pcpkey_new () {
|
pcp_key_t * pcpkey_new () {
|
||||||
byte *mp = ucmalloc(32);
|
byte *mp = ucmalloc(LEDPUB);
|
||||||
byte *ms = ucmalloc(64);
|
byte *ms = ucmalloc(LEDSEC);
|
||||||
byte *sp = ucmalloc(32);
|
byte *sp = ucmalloc(LEDPUB);
|
||||||
byte *ss = ucmalloc(64);
|
byte *ss = ucmalloc(LEDSEC);
|
||||||
byte *cp = ucmalloc(32);
|
byte *cp = ucmalloc(LBOXPUB);
|
||||||
byte *cs = ucmalloc(32);
|
byte *cs = ucmalloc(LBOXSEC);
|
||||||
|
|
||||||
/* generate key material */
|
/* generate key material */
|
||||||
pcp_keypairs(ms, mp, cs, cp, ss, sp);
|
pcp_keypairs(ms, mp, cs, cp, ss, sp);
|
||||||
|
|
||||||
/* fill in our struct */
|
/* fill in our struct */
|
||||||
pcp_key_t *key = urmalloc(sizeof(pcp_key_t));
|
pcp_key_t *key = urmalloc(sizeof(pcp_key_t));
|
||||||
memcpy (key->masterpub, mp, 32);
|
memcpy (key->masterpub, mp, LEDPUB);
|
||||||
memcpy (key->mastersecret, ms, 64);
|
memcpy (key->mastersecret, ms, LEDSEC);
|
||||||
memcpy (key->pub, cp, 32);
|
memcpy (key->pub, cp, LBOXPUB);
|
||||||
memcpy (key->secret, cs, 32);
|
memcpy (key->secret, cs, LBOXSEC);
|
||||||
memcpy (key->edpub, sp, 32);
|
memcpy (key->edpub, sp, LEDPUB);
|
||||||
memcpy (key->edsecret, ss, 64);
|
memcpy (key->edsecret, ss, LEDSEC);
|
||||||
|
|
||||||
char *id = pcp_getkeyid(key);
|
char *id = pcp_getkeyid(key);
|
||||||
memcpy (key->id, id, 17);
|
memcpy (key->id, id, 17);
|
||||||
@@ -128,19 +128,19 @@ pcp_key_t * pcpkey_new () {
|
|||||||
key->mail[0] = '\0';
|
key->mail[0] = '\0';
|
||||||
|
|
||||||
/* clean up */
|
/* clean up */
|
||||||
ucfree(ms, 64);
|
ucfree(ms, LEDSEC);
|
||||||
ucfree(ss, 64);
|
ucfree(ss, LEDSEC);
|
||||||
ucfree(mp, 32);
|
ucfree(mp, LEDPUB);
|
||||||
ucfree(sp, 32);
|
ucfree(sp, LEDPUB);
|
||||||
ucfree(cs, 32);
|
ucfree(cs, LBOXSEC);
|
||||||
ucfree(cp, 32);
|
ucfree(cp, LBOXPUB);
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
}
|
}
|
||||||
|
|
||||||
byte * pcp_gennonce() {
|
byte * pcp_gennonce() {
|
||||||
byte *nonce = ucmalloc(crypto_secretbox_NONCEBYTES);
|
byte *nonce = ucmalloc(LNONCE);
|
||||||
arc4random_buf(nonce, crypto_secretbox_NONCEBYTES);
|
arc4random_buf(nonce, LNONCE);
|
||||||
return nonce;
|
return nonce;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -152,8 +152,8 @@ void pcpkey_setowner(pcp_key_t *key, char *owner, char *mail) {
|
|||||||
pcp_key_t *pcpkey_encrypt(PCPCTX *ptx, pcp_key_t *key, char *passphrase) {
|
pcp_key_t *pcpkey_encrypt(PCPCTX *ptx, pcp_key_t *key, char *passphrase) {
|
||||||
if(key->nonce[0] == 0) {
|
if(key->nonce[0] == 0) {
|
||||||
byte *nonce = pcp_gennonce();
|
byte *nonce = pcp_gennonce();
|
||||||
memcpy (key->nonce, nonce, crypto_secretbox_NONCEBYTES);
|
memcpy (key->nonce, nonce, LNONCE);
|
||||||
ucfree(nonce, crypto_secretbox_NONCEBYTES);
|
ucfree(nonce, LNONCE);
|
||||||
}
|
}
|
||||||
|
|
||||||
byte *encryptkey = pcp_derivekey(ptx, passphrase, key->nonce);
|
byte *encryptkey = pcp_derivekey(ptx, passphrase, key->nonce);
|
||||||
@@ -162,22 +162,22 @@ pcp_key_t *pcpkey_encrypt(PCPCTX *ptx, pcp_key_t *key, char *passphrase) {
|
|||||||
size_t es;
|
size_t es;
|
||||||
|
|
||||||
Buffer *both = buffer_new(128, "keypack");
|
Buffer *both = buffer_new(128, "keypack");
|
||||||
buffer_add(both, key->mastersecret, 64);
|
buffer_add(both, key->mastersecret, LEDSEC);
|
||||||
buffer_add(both, key->edsecret, 64);
|
buffer_add(both, key->edsecret, LEDSEC);
|
||||||
buffer_add(both, key->secret, 32);
|
buffer_add(both, key->secret, LBOXSEC);
|
||||||
|
|
||||||
es = pcp_sodium_mac(&encrypted, buffer_get(both), buffer_size(both), key->nonce, encryptkey);
|
es = pcp_sodium_mac(&encrypted, buffer_get(both), buffer_size(both), key->nonce, encryptkey);
|
||||||
|
|
||||||
buffer_free(both);
|
buffer_free(both);
|
||||||
sfree(encryptkey);
|
sfree(encryptkey);
|
||||||
|
|
||||||
if(es == 176) { /* FIXME: calc! */
|
if(es == LSEC) {
|
||||||
/* success */
|
/* success */
|
||||||
memcpy(key->encrypted, encrypted, 176);
|
memcpy(key->encrypted, encrypted, LSEC);
|
||||||
ucfree(encrypted, es);
|
ucfree(encrypted, es);
|
||||||
memset(key->secret, 0, 32);
|
memset(key->secret, 0, LBOXSEC);
|
||||||
memset(key->edsecret, 0, 64);
|
memset(key->edsecret, 0, LEDSEC);
|
||||||
memset(key->mastersecret, 0, 64);
|
memset(key->mastersecret, 0, LEDSEC);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
fatal(ptx, "failed to encrypt the secret key!\n");
|
fatal(ptx, "failed to encrypt the secret key!\n");
|
||||||
@@ -195,20 +195,20 @@ pcp_key_t *pcpkey_decrypt(PCPCTX *ptx, pcp_key_t *key, char *passphrase) {
|
|||||||
byte *decrypted;
|
byte *decrypted;
|
||||||
size_t es;
|
size_t es;
|
||||||
|
|
||||||
es = pcp_sodium_verify_mac(&decrypted, key->encrypted, 176, key->nonce, encryptkey);
|
es = pcp_sodium_verify_mac(&decrypted, key->encrypted, LSEC, key->nonce, encryptkey);
|
||||||
|
|
||||||
sfree(encryptkey);
|
sfree(encryptkey);
|
||||||
|
|
||||||
if(es == 0) {
|
if(es == 0) {
|
||||||
/* success */
|
/* success */
|
||||||
memcpy(key->mastersecret, decrypted, 64);
|
memcpy(key->mastersecret, decrypted, LEDSEC);
|
||||||
memcpy(key->edsecret, decrypted + 64, 64);
|
memcpy(key->edsecret, decrypted + LEDSEC, LEDSEC);
|
||||||
memcpy(key->secret, decrypted +128, 32);
|
memcpy(key->secret, decrypted + LEDSEC + LEDSEC, LBOXSEC);
|
||||||
ucfree(decrypted, 160);
|
ucfree(decrypted, LEDSEC + LEDSEC + LBOXSEC);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
fatal(ptx, "failed to decrypt the secret key (got %d, expected 32)!\n", es);
|
fatal(ptx, "failed to decrypt the secret key (got %d, expected 32)!\n", es);
|
||||||
ucfree(decrypted, 160);
|
ucfree(decrypted, LEDSEC + LEDSEC + LBOXSEC);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -217,9 +217,9 @@ pcp_key_t *pcpkey_decrypt(PCPCTX *ptx, pcp_key_t *key, char *passphrase) {
|
|||||||
|
|
||||||
pcp_pubkey_t *pcpkey_pub_from_secret(pcp_key_t *key) {
|
pcp_pubkey_t *pcpkey_pub_from_secret(pcp_key_t *key) {
|
||||||
pcp_pubkey_t *pub = urmalloc(sizeof (pcp_pubkey_t));
|
pcp_pubkey_t *pub = urmalloc(sizeof (pcp_pubkey_t));
|
||||||
memcpy(pub->masterpub, key->masterpub, 32);
|
memcpy(pub->masterpub, key->masterpub, LEDPUB);
|
||||||
memcpy(pub->pub, key->pub, 32);
|
memcpy(pub->pub, key->pub, LBOXPUB);
|
||||||
memcpy(pub->edpub, key->edpub, 32);
|
memcpy(pub->edpub, key->edpub, LEDSEC);
|
||||||
memcpy(pub->owner, key->owner, 255);
|
memcpy(pub->owner, key->owner, 255);
|
||||||
memcpy(pub->mail, key->mail, 255);
|
memcpy(pub->mail, key->mail, 255);
|
||||||
memcpy(pub->id, key->id, 17);
|
memcpy(pub->id, key->id, 17);
|
||||||
@@ -242,13 +242,13 @@ char *pcpkey_get_art(pcp_key_t *k) {
|
|||||||
|
|
||||||
byte *pcppubkey_getchecksum(pcp_pubkey_t *k) {
|
byte *pcppubkey_getchecksum(pcp_pubkey_t *k) {
|
||||||
byte *hash = ucmalloc(32);
|
byte *hash = ucmalloc(32);
|
||||||
crypto_hash_sha256(hash, k->pub, 32);
|
crypto_hash_sha256(hash, k->pub, LBOXPUB);
|
||||||
return hash;
|
return hash;
|
||||||
}
|
}
|
||||||
|
|
||||||
byte *pcpkey_getchecksum(pcp_key_t *k) {
|
byte *pcpkey_getchecksum(pcp_key_t *k) {
|
||||||
byte *hash = ucmalloc(32);
|
byte *hash = ucmalloc(32);
|
||||||
crypto_hash_sha256(hash, k->pub, 32);
|
crypto_hash_sha256(hash, k->pub, LBOXPUB);
|
||||||
return hash;
|
return hash;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -306,18 +306,18 @@ pcp_pubkey_t *pubkey2native(pcp_pubkey_t *k) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
void pcp_seckeyblob(Buffer *b, pcp_key_t *k) {
|
void pcp_seckeyblob(Buffer *b, pcp_key_t *k) {
|
||||||
buffer_add(b, k->masterpub, 32);
|
buffer_add(b, k->masterpub, LEDPUB);
|
||||||
buffer_add(b, k->mastersecret, 64);
|
buffer_add(b, k->mastersecret, LEDSEC);
|
||||||
|
|
||||||
buffer_add(b, k->pub, 32);
|
buffer_add(b, k->pub, LBOXPUB);
|
||||||
buffer_add(b, k->secret, 32);
|
buffer_add(b, k->secret, LBOXPUB);
|
||||||
|
|
||||||
buffer_add(b, k->edpub, 32);
|
buffer_add(b, k->edpub, LEDPUB);
|
||||||
buffer_add(b, k->edsecret, 64);
|
buffer_add(b, k->edsecret, LEDSEC);
|
||||||
|
|
||||||
buffer_add(b, k->nonce, 24);
|
buffer_add(b, k->nonce, LNONCE);
|
||||||
|
|
||||||
buffer_add(b, k->encrypted, 176);
|
buffer_add(b, k->encrypted, LSEC);
|
||||||
|
|
||||||
buffer_add(b, k->owner, 255);
|
buffer_add(b, k->owner, 255);
|
||||||
buffer_add(b, k->mail, 255);
|
buffer_add(b, k->mail, 255);
|
||||||
@@ -330,10 +330,9 @@ void pcp_seckeyblob(Buffer *b, pcp_key_t *k) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
void pcp_pubkeyblob(Buffer *b, pcp_pubkey_t *k) {
|
void pcp_pubkeyblob(Buffer *b, pcp_pubkey_t *k) {
|
||||||
buffer_add(b, k->masterpub, 32);
|
buffer_add(b, k->masterpub, LEDPUB);
|
||||||
buffer_add(b, k->sigpub, 32);
|
buffer_add(b, k->pub, LBOXPUB);
|
||||||
buffer_add(b, k->pub, 32);
|
buffer_add(b, k->edpub, LEDPUB);
|
||||||
buffer_add(b, k->edpub, 32);
|
|
||||||
|
|
||||||
buffer_add(b, k->owner, 255);
|
buffer_add(b, k->owner, 255);
|
||||||
buffer_add(b, k->mail, 255);
|
buffer_add(b, k->mail, 255);
|
||||||
@@ -462,40 +461,40 @@ int pcp_sanitycheck_key(PCPCTX *ptx, pcp_key_t *key) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
void pcp_dumpkey(pcp_key_t *k) {
|
void pcp_dumpkey(pcp_key_t *k) {
|
||||||
int i;
|
unsigned int i;
|
||||||
|
|
||||||
printf("Dumping pcp_key_t raw values:\n");
|
printf("Dumping pcp_key_t raw values:\n");
|
||||||
|
|
||||||
printf("masterpub: ");
|
printf("masterpub: ");
|
||||||
for ( i = 0;i < 32;++i) printf("%02x",(unsigned int) k->masterpub[i]);
|
for ( i = 0;i < LEDPUB;++i) printf("%02x",(unsigned int) k->masterpub[i]);
|
||||||
printf("\n");
|
printf("\n");
|
||||||
|
|
||||||
printf(" public: ");
|
printf(" public: ");
|
||||||
for ( i = 0;i < 32;++i) printf("%02x",(unsigned int) k->pub[i]);
|
for ( i = 0;i < LBOXPUB;++i) printf("%02x",(unsigned int) k->pub[i]);
|
||||||
printf("\n");
|
printf("\n");
|
||||||
|
|
||||||
printf(" edpub: ");
|
printf(" edpub: ");
|
||||||
for ( i = 0;i < 32;++i) printf("%02x",(unsigned int) k->edpub[i]);
|
for ( i = 0;i < LEDPUB;++i) printf("%02x",(unsigned int) k->edpub[i]);
|
||||||
printf("\n");
|
printf("\n");
|
||||||
|
|
||||||
printf("mastersec: ");
|
printf("mastersec: ");
|
||||||
for ( i = 0;i < 32;++i) printf("%02x",(unsigned int) k->mastersecret[i]);
|
for ( i = 0;i < LEDSEC;++i) printf("%02x",(unsigned int) k->mastersecret[i]);
|
||||||
printf("\n");
|
printf("\n");
|
||||||
|
|
||||||
printf(" secret: ");
|
printf(" secret: ");
|
||||||
for ( i = 0;i < 32;++i) printf("%02x",(unsigned int) k->secret[i]);
|
for ( i = 0;i < LBOXPUB;++i) printf("%02x",(unsigned int) k->secret[i]);
|
||||||
printf("\n");
|
printf("\n");
|
||||||
|
|
||||||
printf(" edsecret: ");
|
printf(" edsecret: ");
|
||||||
for ( i = 0;i < 64;++i) printf("%02x",(unsigned int) k->edsecret[i]);
|
for ( i = 0;i < LEDSEC;++i) printf("%02x",(unsigned int) k->edsecret[i]);
|
||||||
printf("\n");
|
printf("\n");
|
||||||
|
|
||||||
printf(" nonce: ");
|
printf(" nonce: ");
|
||||||
for ( i = 0;i < 24;++i) printf("%02x",(unsigned int) k->nonce[i]);
|
for ( i = 0;i < LNONCE;++i) printf("%02x",(unsigned int) k->nonce[i]);
|
||||||
printf("\n");
|
printf("\n");
|
||||||
|
|
||||||
printf("encrypted: ");
|
printf("encrypted: ");
|
||||||
for ( i = 0;i < 80;++i) printf("%02x",(unsigned int) k->encrypted[i]);
|
for ( i = 0;i < LSEC;++i) printf("%02x",(unsigned int) k->encrypted[i]);
|
||||||
printf("\n");
|
printf("\n");
|
||||||
|
|
||||||
printf(" owner: %s\n", k->owner);
|
printf(" owner: %s\n", k->owner);
|
||||||
@@ -515,19 +514,19 @@ void pcp_dumpkey(pcp_key_t *k) {
|
|||||||
|
|
||||||
|
|
||||||
void pcp_dumppubkey(pcp_pubkey_t *k) {
|
void pcp_dumppubkey(pcp_pubkey_t *k) {
|
||||||
int i;
|
unsigned int i;
|
||||||
printf("Dumping pcp_pubkey_t raw values:\n");
|
printf("Dumping pcp_pubkey_t raw values:\n");
|
||||||
|
|
||||||
printf("masterpub: ");
|
printf("masterpub: ");
|
||||||
for ( i = 0;i < 32;++i) printf("%02x",(unsigned int) k->masterpub[i]);
|
for ( i = 0;i < LEDPUB;++i) printf("%02x",(unsigned int) k->masterpub[i]);
|
||||||
printf("\n");
|
printf("\n");
|
||||||
|
|
||||||
printf(" public: ");
|
printf(" public: ");
|
||||||
for ( i = 0;i < 32;++i) printf("%02x",(unsigned int) k->pub[i]);
|
for ( i = 0;i < LBOXPUB;++i) printf("%02x",(unsigned int) k->pub[i]);
|
||||||
printf("\n");
|
printf("\n");
|
||||||
|
|
||||||
printf(" edpub: ");
|
printf(" edpub: ");
|
||||||
for ( i = 0;i < 32;++i) printf("%02x",(unsigned int) k->edpub[i]);
|
for ( i = 0;i < LEDPUB;++i) printf("%02x",(unsigned int) k->edpub[i]);
|
||||||
printf("\n");
|
printf("\n");
|
||||||
|
|
||||||
printf(" owner: %s\n", k->owner);
|
printf(" owner: %s\n", k->owner);
|
||||||
|
|||||||
@@ -49,7 +49,7 @@ Buffer *pcp_keysig2blob(pcp_keysig_t *s) {
|
|||||||
buffer_add8(b, s->type);
|
buffer_add8(b, s->type);
|
||||||
buffer_add32be(b, s->size);
|
buffer_add32be(b, s->size);
|
||||||
buffer_add(b, s->id, 17);
|
buffer_add(b, s->id, 17);
|
||||||
buffer_add(b, s->checksum, 32);
|
buffer_add(b, s->checksum, LSHA);
|
||||||
buffer_add(b, s->blob, s->size);
|
buffer_add(b, s->blob, s->size);
|
||||||
return b;
|
return b;
|
||||||
}
|
}
|
||||||
@@ -62,17 +62,17 @@ pcp_keysig_t *pcp_keysig_new(Buffer *blob) {
|
|||||||
|
|
||||||
buffer_get_chunk(blob, sk->id, 17);
|
buffer_get_chunk(blob, sk->id, 17);
|
||||||
|
|
||||||
byte *checksum = ucmalloc(32);
|
byte *checksum = ucmalloc(LSHA);
|
||||||
buffer_get_chunk(blob, checksum, 32);
|
buffer_get_chunk(blob, checksum, LSHA);
|
||||||
|
|
||||||
sk->blob = ucmalloc(size);
|
sk->blob = ucmalloc(size);
|
||||||
buffer_get_chunk(blob, sk->blob, size);
|
buffer_get_chunk(blob, sk->blob, size);
|
||||||
|
|
||||||
sk->size = size;
|
sk->size = size;
|
||||||
sk->type = type;
|
sk->type = type;
|
||||||
memcpy(sk->checksum, checksum, 32);
|
memcpy(sk->checksum, checksum, LSHA);
|
||||||
|
|
||||||
ucfree(checksum, 32);
|
ucfree(checksum, LSHA);
|
||||||
|
|
||||||
return sk;
|
return sk;
|
||||||
}
|
}
|
||||||
@@ -86,7 +86,7 @@ void pcp_dumpkeysig(pcp_keysig_t *s) {
|
|||||||
printf(" size: %ld\n", (long int)s->size);
|
printf(" size: %ld\n", (long int)s->size);
|
||||||
|
|
||||||
printf(" checksum: ");
|
printf(" checksum: ");
|
||||||
for ( i = 0;i < 32;++i) printf("%02x",(unsigned int) s->checksum[i]);
|
for ( i = 0;i < LSHA;++i) printf("%02x",(unsigned int) s->checksum[i]);
|
||||||
printf("\n");
|
printf("\n");
|
||||||
|
|
||||||
_dump(" blob:", s->blob, s->size);
|
_dump(" blob:", s->blob, s->size);
|
||||||
|
|||||||
105
libpcp/mgmt.c
105
libpcp/mgmt.c
@@ -25,9 +25,9 @@
|
|||||||
|
|
||||||
int _get_pk(Buffer *blob, pcp_pubkey_t *p) {
|
int _get_pk(Buffer *blob, pcp_pubkey_t *p) {
|
||||||
if(buffer_left(blob) >= 96) {
|
if(buffer_left(blob) >= 96) {
|
||||||
buffer_get_chunk(blob, p->masterpub, 32);
|
buffer_get_chunk(blob, p->masterpub, LEDPUB);
|
||||||
buffer_get_chunk(blob, p->edpub, 32);
|
buffer_get_chunk(blob, p->edpub, LEDPUB);
|
||||||
buffer_get_chunk(blob, p->pub, 32);
|
buffer_get_chunk(blob, p->pub, LBOXPUB);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
@@ -41,15 +41,18 @@ int _check_keysig_h(PCPCTX *ptx, Buffer *blob, rfc_pub_sig_h *h) {
|
|||||||
h->numsubs = be16toh(h->numsubs);
|
h->numsubs = be16toh(h->numsubs);
|
||||||
|
|
||||||
if(h->version != EXP_SIG_VERSION) {
|
if(h->version != EXP_SIG_VERSION) {
|
||||||
fatal(ptx, "Unsupported pubkey signature version %d, expected %d\n", h->version, EXP_SIG_VERSION);
|
fatal(ptx, "Unsupported pubkey signature version %d, expected %d\n",
|
||||||
|
h->version, EXP_SIG_VERSION);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
if(h->type != EXP_SIG_TYPE) {
|
if(h->type != EXP_SIG_TYPE) {
|
||||||
fatal(ptx, "Unsupported pubkey signature type %d, expected %d\n", h->type, EXP_SIG_TYPE);
|
fatal(ptx, "Unsupported pubkey signature type %d, expected %d\n",
|
||||||
|
h->type, EXP_SIG_TYPE);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
if(h->pkcipher != EXP_SIG_CIPHER) {
|
if(h->pkcipher != EXP_SIG_CIPHER) {
|
||||||
fatal(ptx, "Unsupported pubkey signature cipher %d, expected %d\n", h->pkcipher, EXP_SIG_CIPHER);
|
fatal(ptx, "Unsupported pubkey signature cipher %d, expected %d\n",
|
||||||
|
h->pkcipher, EXP_SIG_CIPHER);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
if(h->hashcipher != EXP_HASH_CIPHER) {
|
if(h->hashcipher != EXP_HASH_CIPHER) {
|
||||||
@@ -381,7 +384,7 @@ pcp_ks_bundle_t *pcp_import_pub_pbp(PCPCTX *ptx, Buffer *blob) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
b = ucmalloc(sizeof(pbp_pubkey_t)); /* FIXME: separate type really needed? */
|
b = ucmalloc(sizeof(pbp_pubkey_t)); /* FIXME: separate type really needed? */
|
||||||
buffer_get_chunk(blob, b->sigpub, crypto_sign_PUBLICKEYBYTES);
|
buffer_get_chunk(blob, b->masterpub, crypto_sign_PUBLICKEYBYTES);
|
||||||
buffer_get_chunk(blob, b->edpub, crypto_sign_PUBLICKEYBYTES);
|
buffer_get_chunk(blob, b->edpub, crypto_sign_PUBLICKEYBYTES);
|
||||||
buffer_get_chunk(blob, b->pub, crypto_box_PUBLICKEYBYTES);
|
buffer_get_chunk(blob, b->pub, crypto_box_PUBLICKEYBYTES);
|
||||||
buffer_get_chunk(blob, date, 18);
|
buffer_get_chunk(blob, date, 18);
|
||||||
@@ -427,9 +430,9 @@ pcp_ks_bundle_t *pcp_import_pub_pbp(PCPCTX *ptx, Buffer *blob) {
|
|||||||
_lc(pub->owner);
|
_lc(pub->owner);
|
||||||
ucfree(b, sizeof(pbp_pubkey_t));
|
ucfree(b, sizeof(pbp_pubkey_t));
|
||||||
|
|
||||||
/* edpub used for signing, might differ */
|
/* masterpub used for signing, might differ */
|
||||||
tmp = ucmalloc(sizeof(pcp_pubkey_t));
|
tmp = ucmalloc(sizeof(pcp_pubkey_t));
|
||||||
memcpy(tmp->edpub, b->sigpub, crypto_sign_PUBLICKEYBYTES);
|
memcpy(tmp->masterpub, b->masterpub, crypto_sign_PUBLICKEYBYTES);
|
||||||
|
|
||||||
byte *verify = pcp_ed_verify(ptx, buffer_get(blob), buffer_size(blob), tmp);
|
byte *verify = pcp_ed_verify(ptx, buffer_get(blob), buffer_size(blob), tmp);
|
||||||
free(tmp);
|
free(tmp);
|
||||||
@@ -473,9 +476,9 @@ Buffer *pcp_export_pbp_pub(pcp_key_t *sk) {
|
|||||||
Buffer *sig = buffer_new(320, "pbsig01");
|
Buffer *sig = buffer_new(320, "pbsig01");
|
||||||
|
|
||||||
/* add raw key material */
|
/* add raw key material */
|
||||||
buffer_add(sig, sk->edpub, crypto_sign_PUBLICKEYBYTES);
|
buffer_add(sig, sk->edpub, LEDPUB);
|
||||||
buffer_add(sig, sk->edpub, crypto_sign_PUBLICKEYBYTES);
|
buffer_add(sig, sk->masterpub, LEDPUB);
|
||||||
buffer_add(sig, sk->pub, crypto_box_PUBLICKEYBYTES);
|
buffer_add(sig, sk->pub, LBOXPUB);
|
||||||
|
|
||||||
/* add creatioin and expire time as 32byte iso time string */
|
/* add creatioin and expire time as 32byte iso time string */
|
||||||
time_t t = (time_t)sk->ctime;
|
time_t t = (time_t)sk->ctime;
|
||||||
@@ -527,9 +530,9 @@ Buffer *pcp_export_rfc_pub (PCPCTX *ptx, pcp_key_t *sk) {
|
|||||||
buffer_add8(out, EXP_PK_CIPHER);
|
buffer_add8(out, EXP_PK_CIPHER);
|
||||||
|
|
||||||
/* add the keys */
|
/* add the keys */
|
||||||
buffer_add(raw, sk->masterpub, 32);
|
buffer_add(raw, sk->masterpub, LEDPUB);
|
||||||
buffer_add(raw, sk->edpub, 32);
|
buffer_add(raw, sk->edpub, LEDPUB);
|
||||||
buffer_add(raw, sk->pub, 32);
|
buffer_add(raw, sk->pub, LBOXPUB);
|
||||||
|
|
||||||
/* add the sig header */
|
/* add the sig header */
|
||||||
buffer_add8(raw, EXP_SIG_VERSION);
|
buffer_add8(raw, EXP_SIG_VERSION);
|
||||||
@@ -652,13 +655,13 @@ Buffer *pcp_export_secret(PCPCTX *ptx, pcp_key_t *sk, char *passphrase) {
|
|||||||
Buffer *raw = buffer_new(512, "secretbuf");
|
Buffer *raw = buffer_new(512, "secretbuf");
|
||||||
Buffer *out = buffer_new(512, "secretcipherblob");
|
Buffer *out = buffer_new(512, "secretcipherblob");
|
||||||
|
|
||||||
buffer_add(raw, sk->mastersecret, 64);
|
buffer_add(raw, sk->mastersecret, LEDSEC);
|
||||||
buffer_add(raw, sk->secret, 32);
|
buffer_add(raw, sk->secret, LBOXSEC);
|
||||||
buffer_add(raw, sk->edsecret, 64);
|
buffer_add(raw, sk->edsecret, LEDSEC);
|
||||||
|
|
||||||
buffer_add(raw, sk->masterpub, 32);
|
buffer_add(raw, sk->masterpub, LEDPUB);
|
||||||
buffer_add(raw, sk->pub, 32);
|
buffer_add(raw, sk->pub, LBOXPUB);
|
||||||
buffer_add(raw, sk->edpub, 32);
|
buffer_add(raw, sk->edpub, LEDPUB);
|
||||||
|
|
||||||
if(strlen(sk->owner) > 0) {
|
if(strlen(sk->owner) > 0) {
|
||||||
buffer_add16be(raw, strlen(sk->owner));
|
buffer_add16be(raw, strlen(sk->owner));
|
||||||
@@ -678,9 +681,9 @@ Buffer *pcp_export_secret(PCPCTX *ptx, pcp_key_t *sk, char *passphrase) {
|
|||||||
buffer_add32be(raw, sk->version);
|
buffer_add32be(raw, sk->version);
|
||||||
buffer_add32be(raw, sk->serial);
|
buffer_add32be(raw, sk->serial);
|
||||||
|
|
||||||
nonce = ucmalloc(crypto_secretbox_NONCEBYTES);
|
nonce = ucmalloc(LNONCE);
|
||||||
arc4random_buf(nonce, crypto_secretbox_NONCEBYTES);
|
arc4random_buf(nonce, LNONCE);
|
||||||
symkey = pcp_scrypt(ptx, passphrase, strlen(passphrase), nonce, crypto_secretbox_NONCEBYTES);
|
symkey = pcp_scrypt(ptx, passphrase, strlen(passphrase), nonce, LNONCE);
|
||||||
|
|
||||||
es = pcp_sodium_mac(&cipher, buffer_get(raw), buffer_size(raw), nonce, symkey);
|
es = pcp_sodium_mac(&cipher, buffer_get(raw), buffer_size(raw), nonce, symkey);
|
||||||
|
|
||||||
@@ -693,7 +696,7 @@ Buffer *pcp_export_secret(PCPCTX *ptx, pcp_key_t *sk, char *passphrase) {
|
|||||||
else {
|
else {
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
buffer_add(out, nonce, crypto_secretbox_NONCEBYTES);
|
buffer_add(out, nonce, LNONCE);
|
||||||
buffer_add(out, cipher, es);
|
buffer_add(out, cipher, es);
|
||||||
|
|
||||||
#ifdef HAVE_JSON
|
#ifdef HAVE_JSON
|
||||||
@@ -701,7 +704,7 @@ Buffer *pcp_export_secret(PCPCTX *ptx, pcp_key_t *sk, char *passphrase) {
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
buffer_free(raw);
|
buffer_free(raw);
|
||||||
ucfree(nonce, crypto_secretbox_NONCEBYTES);
|
ucfree(nonce, LNONCE);
|
||||||
sfree(symkey);
|
sfree(symkey);
|
||||||
ucfree(cipher, es);
|
ucfree(cipher, es);
|
||||||
|
|
||||||
@@ -752,11 +755,11 @@ pcp_key_t *pcp_import_secret(PCPCTX *ptx, byte *raw, size_t rawsize, char *passp
|
|||||||
|
|
||||||
pcp_key_t *pcp_import_secret_native(PCPCTX *ptx, Buffer *cipher, char *passphrase) {
|
pcp_key_t *pcp_import_secret_native(PCPCTX *ptx, Buffer *cipher, char *passphrase) {
|
||||||
pcp_key_t *sk = ucmalloc(sizeof(pcp_key_t));
|
pcp_key_t *sk = ucmalloc(sizeof(pcp_key_t));
|
||||||
byte *nonce = ucmalloc(crypto_secretbox_NONCEBYTES);
|
byte *nonce = ucmalloc(LNONCE);
|
||||||
byte *symkey = NULL;
|
byte *symkey = NULL;
|
||||||
byte *clear = NULL;
|
byte *clear = NULL;
|
||||||
size_t cipherlen = 0;
|
size_t cipherlen = 0;
|
||||||
size_t minlen = (64 * 2) + (32 * 4) + 8 + 4 + 4; /* key material and mandatory field sizes */
|
size_t minlen = (LEDSEC * 2) + (LBOXPUB * 2) + (LEDPUB * 2) + 8 + 4 + 4; /* key material and mandatory field sizes */
|
||||||
uint16_t notationlen = 0;
|
uint16_t notationlen = 0;
|
||||||
|
|
||||||
Buffer *blob = buffer_new(512, "secretdecryptbuf");
|
Buffer *blob = buffer_new(512, "secretdecryptbuf");
|
||||||
@@ -771,10 +774,10 @@ pcp_key_t *pcp_import_secret_native(PCPCTX *ptx, Buffer *cipher, char *passphras
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if(buffer_get_chunk(cipher, nonce, crypto_secretbox_NONCEBYTES) == 0)
|
if(buffer_get_chunk(cipher, nonce, LNONCE) == 0)
|
||||||
goto impserr1;
|
goto impserr1;
|
||||||
|
|
||||||
symkey = pcp_scrypt(ptx, passphrase, strlen(passphrase), nonce, crypto_secretbox_NONCEBYTES);
|
symkey = pcp_scrypt(ptx, passphrase, strlen(passphrase), nonce, LNONCE);
|
||||||
|
|
||||||
cipherlen = buffer_left(cipher);
|
cipherlen = buffer_left(cipher);
|
||||||
if(cipherlen < minlen) {
|
if(cipherlen < minlen) {
|
||||||
@@ -796,13 +799,13 @@ pcp_key_t *pcp_import_secret_native(PCPCTX *ptx, Buffer *cipher, char *passphras
|
|||||||
buffer_add(blob, clear, cipherlen - PCP_CRYPTO_ADD);
|
buffer_add(blob, clear, cipherlen - PCP_CRYPTO_ADD);
|
||||||
|
|
||||||
/* extract the raw data into the structure */
|
/* extract the raw data into the structure */
|
||||||
buffer_get_chunk(blob, sk->mastersecret, 64);
|
buffer_get_chunk(blob, sk->mastersecret, LEDSEC);
|
||||||
buffer_get_chunk(blob, sk->secret, 32);
|
buffer_get_chunk(blob, sk->secret, LBOXSEC);
|
||||||
buffer_get_chunk(blob, sk->edsecret, 64);
|
buffer_get_chunk(blob, sk->edsecret, LEDSEC);
|
||||||
|
|
||||||
buffer_get_chunk(blob, sk->masterpub, 32);
|
buffer_get_chunk(blob, sk->masterpub, LEDPUB);
|
||||||
buffer_get_chunk(blob, sk->pub, 32);
|
buffer_get_chunk(blob, sk->pub, LBOXPUB);
|
||||||
buffer_get_chunk(blob, sk->edpub, 32);
|
buffer_get_chunk(blob, sk->edpub, LEDPUB);
|
||||||
|
|
||||||
notationlen = buffer_get16na(blob);
|
notationlen = buffer_get16na(blob);
|
||||||
if(notationlen > 255) {
|
if(notationlen > 255) {
|
||||||
@@ -835,7 +838,7 @@ pcp_key_t *pcp_import_secret_native(PCPCTX *ptx, Buffer *cipher, char *passphras
|
|||||||
|
|
||||||
/* ready */
|
/* ready */
|
||||||
ucfree(clear, cipherlen - PCP_CRYPTO_ADD);
|
ucfree(clear, cipherlen - PCP_CRYPTO_ADD);
|
||||||
ucfree(nonce, crypto_secretbox_NONCEBYTES);
|
ucfree(nonce, LNONCE);
|
||||||
buffer_free(blob);
|
buffer_free(blob);
|
||||||
sfree(symkey);
|
sfree(symkey);
|
||||||
free(id);
|
free(id);
|
||||||
@@ -846,7 +849,7 @@ pcp_key_t *pcp_import_secret_native(PCPCTX *ptx, Buffer *cipher, char *passphras
|
|||||||
ucfree(clear, cipherlen - PCP_CRYPTO_ADD);
|
ucfree(clear, cipherlen - PCP_CRYPTO_ADD);
|
||||||
|
|
||||||
impserr1:
|
impserr1:
|
||||||
ucfree(nonce, crypto_secretbox_NONCEBYTES);
|
ucfree(nonce, LNONCE);
|
||||||
ucfree(sk, sizeof(pcp_key_t));
|
ucfree(sk, sizeof(pcp_key_t));
|
||||||
buffer_free(blob);
|
buffer_free(blob);
|
||||||
if(symkey != NULL)
|
if(symkey != NULL)
|
||||||
@@ -874,9 +877,9 @@ json_t *pcp_pk2json(pcp_pubkey_t *pk) {
|
|||||||
|
|
||||||
pcp_key_t *sk = malloc(sizeof(pcp_key_t));
|
pcp_key_t *sk = malloc(sizeof(pcp_key_t));
|
||||||
|
|
||||||
memcpy(sk->masterpub, pk->masterpub, 32);
|
memcpy(sk->masterpub, pk->masterpub, LEDPUB);
|
||||||
memcpy(sk->pub, pk->pub, 32);
|
memcpy(sk->pub, pk->pub, LBOXPUB);
|
||||||
memcpy(sk->edpub, pk->edpub, 32);
|
memcpy(sk->edpub, pk->edpub, LEDPUB);
|
||||||
memcpy(sk->owner, pk->owner, 255);
|
memcpy(sk->owner, pk->owner, 255);
|
||||||
memcpy(sk->mail, pk->mail, 255);
|
memcpy(sk->mail, pk->mail, 255);
|
||||||
memcpy(sk->id, pk->id, 17);
|
memcpy(sk->id, pk->id, 17);
|
||||||
@@ -897,9 +900,9 @@ json_t *pcp_sk2json(pcp_key_t *sk, byte *sig, size_t siglen) {
|
|||||||
|
|
||||||
char *jformat = "{sssssssisisisissssssssssss}";
|
char *jformat = "{sssssssisisisissssssssssss}";
|
||||||
|
|
||||||
cryptpub = _bin2hex(sk->pub, 32);
|
cryptpub = _bin2hex(sk->pub, LBOXPUB);
|
||||||
sigpub = _bin2hex(sk->edpub, 32);
|
sigpub = _bin2hex(sk->edpub, LEDPUB);
|
||||||
masterpub= _bin2hex(sk->masterpub, 32);
|
masterpub= _bin2hex(sk->masterpub, LEDPUB);
|
||||||
|
|
||||||
if(sig != NULL) {
|
if(sig != NULL) {
|
||||||
ssig = _bin2hex(sig, siglen);
|
ssig = _bin2hex(sig, siglen);
|
||||||
@@ -946,7 +949,7 @@ Buffer *pcp_export_json_secret(PCPCTX *ptx, pcp_key_t *sk, byte *nonce, byte *ci
|
|||||||
jout = pcp_sk2json(sk, NULL, 0);
|
jout = pcp_sk2json(sk, NULL, 0);
|
||||||
|
|
||||||
xcipher = _bin2hex(cipher, clen);
|
xcipher = _bin2hex(cipher, clen);
|
||||||
xnonce = _bin2hex(nonce, crypto_secretbox_NONCEBYTES);
|
xnonce = _bin2hex(nonce, LNONCE);
|
||||||
|
|
||||||
json_object_set(jout, "type", json_string("secret"));
|
json_object_set(jout, "type", json_string("secret"));
|
||||||
json_object_set(jout, "secrets", json_string(xcipher));
|
json_object_set(jout, "secrets", json_string(xcipher));
|
||||||
@@ -1070,8 +1073,8 @@ pcp_ks_bundle_t *pcp_import_pub_json(PCPCTX *ptx, byte *raw, size_t rawsize) {
|
|||||||
jtmp = json_object_get(jin, "cryptpub");
|
jtmp = json_object_get(jin, "cryptpub");
|
||||||
if(jtmp == NULL)
|
if(jtmp == NULL)
|
||||||
goto jerr2;
|
goto jerr2;
|
||||||
if(_hex2bin(json_string_value(jtmp), blob, maxblob) == 32)
|
if(_hex2bin(json_string_value(jtmp), blob, maxblob) == LBOXPUB)
|
||||||
memcpy(p->pub, blob, 32);
|
memcpy(p->pub, blob, LBOXPUB);
|
||||||
else {
|
else {
|
||||||
strcpy(jerror.text, hexerr);
|
strcpy(jerror.text, hexerr);
|
||||||
goto jerr2;
|
goto jerr2;
|
||||||
@@ -1080,8 +1083,8 @@ pcp_ks_bundle_t *pcp_import_pub_json(PCPCTX *ptx, byte *raw, size_t rawsize) {
|
|||||||
jtmp = json_object_get(jin, "sigpub");
|
jtmp = json_object_get(jin, "sigpub");
|
||||||
if(jtmp == NULL)
|
if(jtmp == NULL)
|
||||||
goto jerr2;
|
goto jerr2;
|
||||||
if(_hex2bin(json_string_value(jtmp), blob, maxblob) == 32)
|
if(_hex2bin(json_string_value(jtmp), blob, maxblob) == LEDPUB)
|
||||||
memcpy(p->edpub, blob, 32);
|
memcpy(p->edpub, blob, LEDPUB);
|
||||||
else {
|
else {
|
||||||
strcpy(jerror.text, hexerr);
|
strcpy(jerror.text, hexerr);
|
||||||
goto jerr2;
|
goto jerr2;
|
||||||
@@ -1090,8 +1093,8 @@ pcp_ks_bundle_t *pcp_import_pub_json(PCPCTX *ptx, byte *raw, size_t rawsize) {
|
|||||||
jtmp = json_object_get(jin, "masterpub");
|
jtmp = json_object_get(jin, "masterpub");
|
||||||
if(jtmp == NULL)
|
if(jtmp == NULL)
|
||||||
goto jerr2;
|
goto jerr2;
|
||||||
if(_hex2bin(json_string_value(jtmp), blob, maxblob) == 32)
|
if(_hex2bin(json_string_value(jtmp), blob, maxblob) == LEDPUB)
|
||||||
memcpy(p->masterpub, blob, 32);
|
memcpy(p->masterpub, blob, LEDPUB);
|
||||||
else {
|
else {
|
||||||
strcpy(jerror.text, hexerr);
|
strcpy(jerror.text, hexerr);
|
||||||
goto jerr2;
|
goto jerr2;
|
||||||
|
|||||||
@@ -111,7 +111,7 @@ int pcpvault_create(PCPCTX *ptx, vault_t *vault) {
|
|||||||
header->version = PCP_VAULT_VERSION;
|
header->version = PCP_VAULT_VERSION;
|
||||||
|
|
||||||
vault->version = header->version;
|
vault->version = header->version;
|
||||||
memcpy(vault->checksum, header->checksum, 32);
|
memcpy(vault->checksum, header->checksum, LSHA);
|
||||||
|
|
||||||
vh2be(header);
|
vh2be(header);
|
||||||
|
|
||||||
@@ -268,9 +268,9 @@ void pcpvault_update_checksum(PCPCTX *ptx, vault_t *vault) {
|
|||||||
vault_header_t *header = ucmalloc(sizeof(vault_header_t));
|
vault_header_t *header = ucmalloc(sizeof(vault_header_t));
|
||||||
header->fileid = PCP_VAULT_ID;
|
header->fileid = PCP_VAULT_ID;
|
||||||
header->version = PCP_VAULT_VERSION;
|
header->version = PCP_VAULT_VERSION;
|
||||||
memcpy(header->checksum, checksum, 32);
|
memcpy(header->checksum, checksum, LSHA);
|
||||||
memcpy(vault->checksum, checksum, 32);
|
memcpy(vault->checksum, checksum, LSHA);
|
||||||
ucfree(checksum, 32);
|
ucfree(checksum, LSHA);
|
||||||
|
|
||||||
vh2be(header);
|
vh2be(header);
|
||||||
|
|
||||||
@@ -292,7 +292,7 @@ byte *pcpvault_create_checksum(PCPCTX *ptx) {
|
|||||||
size_t datasize = ((PCP_RAW_KEYSIZE) * numskeys) +
|
size_t datasize = ((PCP_RAW_KEYSIZE) * numskeys) +
|
||||||
((PCP_RAW_PUBKEYSIZE) * numpkeys);
|
((PCP_RAW_PUBKEYSIZE) * numpkeys);
|
||||||
byte *data = ucmalloc(datasize);
|
byte *data = ucmalloc(datasize);
|
||||||
byte *checksum = ucmalloc(32);
|
byte *checksum = ucmalloc(LSHA);
|
||||||
|
|
||||||
pcphash_iterate(ptx, k) {
|
pcphash_iterate(ptx, k) {
|
||||||
key2be(k);
|
key2be(k);
|
||||||
@@ -316,12 +316,6 @@ byte *pcpvault_create_checksum(PCPCTX *ptx) {
|
|||||||
|
|
||||||
buffer_free(blob);
|
buffer_free(blob);
|
||||||
|
|
||||||
/*
|
|
||||||
printf("PUB: %d, SEC: %d\n", PCP_RAW_PUBKEYSIZE, PCP_RAW_KEYSIZE);
|
|
||||||
printf("DATA (%d) (s: %d, p: %d):\n", (int)datasize, numskeys, numpkeys);
|
|
||||||
_dump("data", data, datasize);
|
|
||||||
*/
|
|
||||||
|
|
||||||
crypto_hash_sha256(checksum, data, datasize);
|
crypto_hash_sha256(checksum, data, datasize);
|
||||||
|
|
||||||
memset(data, 0, datasize);
|
memset(data, 0, datasize);
|
||||||
@@ -457,7 +451,7 @@ int pcpvault_fetchall(PCPCTX *ptx, vault_t *vault) {
|
|||||||
int ksize = PCP_RAW_KEYSIGSIZE; /* smallest possbile item */
|
int ksize = PCP_RAW_KEYSIGSIZE; /* smallest possbile item */
|
||||||
|
|
||||||
vault->version = header->version;
|
vault->version = header->version;
|
||||||
memcpy(vault->checksum, header->checksum, 32);
|
memcpy(vault->checksum, header->checksum, LSHA);
|
||||||
|
|
||||||
for(;;) {
|
for(;;) {
|
||||||
readpos = ftell(vault->fd);
|
readpos = ftell(vault->fd);
|
||||||
@@ -526,14 +520,9 @@ int pcpvault_fetchall(PCPCTX *ptx, vault_t *vault) {
|
|||||||
byte *checksum = NULL;
|
byte *checksum = NULL;
|
||||||
checksum = pcpvault_create_checksum(ptx);
|
checksum = pcpvault_create_checksum(ptx);
|
||||||
|
|
||||||
/*
|
|
||||||
_dump(" calc checksum", checksum, 32);
|
|
||||||
_dump("vault checksum", vault->checksum, 32);
|
|
||||||
*/
|
|
||||||
|
|
||||||
if(pcphash_count(ptx) + pcphash_countpub(ptx) > 0) {
|
if(pcphash_count(ptx) + pcphash_countpub(ptx) > 0) {
|
||||||
/* only validate the checksum if there are keys */
|
/* only validate the checksum if there are keys */
|
||||||
if(memcmp(checksum, vault->checksum, 32) != 0) {
|
if(memcmp(checksum, vault->checksum, LSHA) != 0) {
|
||||||
fatal(ptx, "Error: the checksum of the key vault doesn't match its contents!\n");
|
fatal(ptx, "Error: the checksum of the key vault doesn't match its contents!\n");
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -117,7 +117,7 @@ void pcptext_vault(vault_t *vault) {
|
|||||||
pcp_key_t *k;
|
pcp_key_t *k;
|
||||||
pcp_pubkey_t *p;
|
pcp_pubkey_t *p;
|
||||||
|
|
||||||
checksum = _bin2hex(vault->checksum, 32);
|
checksum = _bin2hex(vault->checksum, LSHA);
|
||||||
jout = json_pack("{sssisssisi}",
|
jout = json_pack("{sssisssisi}",
|
||||||
"keyvaultfile", vault->filename,
|
"keyvaultfile", vault->filename,
|
||||||
"version", vault->version,
|
"version", vault->version,
|
||||||
@@ -184,7 +184,7 @@ void pcpkey_printlineinfo(pcp_key_t *key) {
|
|||||||
printf(" ");
|
printf(" ");
|
||||||
byte *hash = pcpkey_getchecksum(key);
|
byte *hash = pcpkey_getchecksum(key);
|
||||||
int i, y;
|
int i, y;
|
||||||
for(i=0; i<32; i+=4) {
|
for(i=0; i<LSHA; i+=4) {
|
||||||
for(y=0; y<4; y++) {
|
for(y=0; y<4; y++) {
|
||||||
printf("%02x", hash[i+y]);
|
printf("%02x", hash[i+y]);
|
||||||
}
|
}
|
||||||
@@ -213,7 +213,7 @@ void pcppubkey_printlineinfo(pcp_pubkey_t *key) {
|
|||||||
printf(" ");
|
printf(" ");
|
||||||
byte *hash = pcppubkey_getchecksum(key);
|
byte *hash = pcppubkey_getchecksum(key);
|
||||||
int i, y;
|
int i, y;
|
||||||
for(i=0; i<32; i+=4) {
|
for(i=0; i<LSHA; i+=4) {
|
||||||
for(y=0; y<4; y++) {
|
for(y=0; y<4; y++) {
|
||||||
printf("%02x", hash[i+y]);
|
printf("%02x", hash[i+y]);
|
||||||
}
|
}
|
||||||
@@ -227,7 +227,7 @@ void pcppubkey_printlineinfo(pcp_pubkey_t *key) {
|
|||||||
if(sig != NULL) {
|
if(sig != NULL) {
|
||||||
printf("signature fingerprint:\n ");
|
printf("signature fingerprint:\n ");
|
||||||
byte *checksum = sig->checksum;
|
byte *checksum = sig->checksum;
|
||||||
for(i=0; i<32; i+=4) {
|
for(i=0; i<LSHA; i+=4) {
|
||||||
for(y=0; y<4; y++) {
|
for(y=0; y<4; y++) {
|
||||||
printf("%02x", checksum[i+y]);
|
printf("%02x", checksum[i+y]);
|
||||||
}
|
}
|
||||||
@@ -274,7 +274,7 @@ void pcppubkey_print(pcp_pubkey_t *key, FILE* out) {
|
|||||||
fprintf(out, " Mail: %s\n", key->mail);
|
fprintf(out, " Mail: %s\n", key->mail);
|
||||||
|
|
||||||
fprintf(out, " Key-ID: 0x%s\n", key->id);
|
fprintf(out, " Key-ID: 0x%s\n", key->id);
|
||||||
fprintf(out, " Public-Key: %s\n", pcp_z85_encode(key->pub, 32, &zlen, 1));
|
fprintf(out, " Public-Key: %s\n", pcp_z85_encode(key->pub, LBOXPUB, &zlen, 1));
|
||||||
|
|
||||||
/* 2004-06-14T23:34:30. */
|
/* 2004-06-14T23:34:30. */
|
||||||
fprintf(out, " Creation Time: %04d-%02d-%02dT%02d:%02d:%02d\n",
|
fprintf(out, " Creation Time: %04d-%02d-%02dT%02d:%02d:%02d\n",
|
||||||
|
|||||||
@@ -7,7 +7,7 @@ int main() {
|
|||||||
Pcpstream *clear_in, *crypt_out, *clear_out;
|
Pcpstream *clear_in, *crypt_out, *clear_out;
|
||||||
PCPCTX *ptx;
|
PCPCTX *ptx;
|
||||||
char message[] = "hello world";
|
char message[] = "hello world";
|
||||||
printf("hh: %ld\n", sizeof(UT_hash_handle));
|
|
||||||
/* we always need a context */
|
/* we always need a context */
|
||||||
ptx = ptx_new();
|
ptx = ptx_new();
|
||||||
|
|
||||||
@@ -72,5 +72,7 @@ int main() {
|
|||||||
free(bob);
|
free(bob);
|
||||||
free(bobpub);
|
free(bobpub);
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user