mirror of
https://github.com/RetroShare/RetroShare.git
synced 2024-12-25 07:29:33 -05:00
- added key copy methods to OpenPGP-SDK
- added encrypted key storage and retrieval to own keyring after generation - improved test program git-svn-id: http://svn.code.sf.net/p/retroshare/code/branches/v0.5-OpenPGP@5070 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
parent
648555711c
commit
1888b21998
@ -18,7 +18,7 @@ Compilation
|
||||
|
||||
Project
|
||||
02 [1] determine what's missing in OpenPGP-SDK
|
||||
03 [ ] make a separate layer in RS to handle PGP. AuthPGP is too close to libretroshare.
|
||||
03 [1] make a separate layer in RS to handle PGP. AuthPGP is too close to libretroshare.
|
||||
|
||||
Notes
|
||||
=====
|
||||
|
@ -70,24 +70,49 @@ uint64_t PGPIdType::toUInt64() const
|
||||
return res ;
|
||||
}
|
||||
|
||||
PGPHandler::PGPHandler(const std::string& pubring, const std::string& secring)
|
||||
: pgphandlerMtx(std::string("PGPHandler")), _pubring_path(pubring),_secring_path(secring)
|
||||
ops_keyring_t *PGPHandler::allocateOPSKeyring()
|
||||
{
|
||||
ops_keyring_t *kr = (ops_keyring_t*)malloc(sizeof(ops_keyring_t)) ;
|
||||
kr->nkeys = 0 ;
|
||||
kr->nkeys_allocated = 0 ;
|
||||
kr->keys = 0 ;
|
||||
|
||||
return kr ;
|
||||
}
|
||||
|
||||
PGPHandler::PGPHandler(const std::string& pubring, const std::string& secring,PassphraseCallback cb)
|
||||
: pgphandlerMtx(std::string("PGPHandler")), _pubring_path(pubring),_secring_path(secring),_passphrase_callback(cb)
|
||||
{
|
||||
// Allocate public and secret keyrings.
|
||||
//
|
||||
_pubring = (ops_keyring_t*)malloc(sizeof(ops_keyring_t)) ;
|
||||
_secring = (ops_keyring_t*)malloc(sizeof(ops_keyring_t)) ;
|
||||
_pubring = allocateOPSKeyring() ;
|
||||
_secring = allocateOPSKeyring() ;
|
||||
|
||||
// Read public and secret keyrings from supplied files.
|
||||
//
|
||||
if(ops_false == ops_keyring_read_from_file(_pubring, false, pubring.c_str()))
|
||||
throw std::runtime_error("PGPHandler::readKeyRing(): cannot read pubring.") ;
|
||||
|
||||
const ops_keydata_t *keydata ;
|
||||
int i=0 ;
|
||||
while( (keydata = ops_keyring_get_key_by_index(_pubring,i)) != NULL )
|
||||
{
|
||||
_public_keyring_map[ PGPIdType(keydata->key_id).toUInt64() ] = i ;
|
||||
++i ;
|
||||
}
|
||||
|
||||
std::cerr << "Pubring read successfully." << std::endl;
|
||||
|
||||
if(ops_false == ops_keyring_read_from_file(_secring, false, secring.c_str()))
|
||||
throw std::runtime_error("PGPHandler::readKeyRing(): cannot read secring.") ;
|
||||
|
||||
i=0 ;
|
||||
while( (keydata = ops_keyring_get_key_by_index(_secring,i)) != NULL )
|
||||
{
|
||||
_secret_keyring_map[ PGPIdType(keydata->key_id).toUInt64() ] = i ;
|
||||
++i ;
|
||||
}
|
||||
|
||||
std::cerr << "Secring read successfully." << std::endl;
|
||||
}
|
||||
|
||||
@ -95,6 +120,8 @@ PGPHandler::~PGPHandler()
|
||||
{
|
||||
std::cerr << "Freeing PGPHandler. Deleting keyrings." << std::endl;
|
||||
|
||||
// no need to free the the _map_ elements. They will be freed by the following calls:
|
||||
//
|
||||
ops_keyring_free(_pubring) ;
|
||||
ops_keyring_free(_secring) ;
|
||||
|
||||
@ -130,28 +157,28 @@ bool PGPHandler::availableGPGCertificatesWithPrivateKeys(std::list<PGPIdType>& i
|
||||
return true ;
|
||||
}
|
||||
|
||||
static ops_parse_cb_return_t cb_get_passphrase(const ops_parser_content_t *content_,ops_parse_cb_info_t *cbinfo __attribute__((unused)))
|
||||
{
|
||||
const ops_parser_content_union_t *content=&content_->content;
|
||||
// validate_key_cb_arg_t *arg=ops_parse_cb_get_arg(cbinfo);
|
||||
// ops_error_t **errors=ops_parse_cb_get_errors(cbinfo);
|
||||
|
||||
switch(content_->tag)
|
||||
{
|
||||
case OPS_PARSER_CMD_GET_SK_PASSPHRASE:
|
||||
/*
|
||||
Doing this so the test can be automated.
|
||||
*/
|
||||
*(content->secret_key_passphrase.passphrase)=ops_malloc_passphrase("hello");
|
||||
return OPS_KEEP_MEMORY;
|
||||
break;
|
||||
|
||||
default:
|
||||
break;
|
||||
}
|
||||
|
||||
return OPS_RELEASE_MEMORY;
|
||||
}
|
||||
// static ops_parse_cb_return_t cb_get_passphrase(const ops_parser_content_t *content_,ops_parse_cb_info_t *cbinfo __attribute__((unused)))
|
||||
// {
|
||||
// const ops_parser_content_union_t *content=&content_->content;
|
||||
// // validate_key_cb_arg_t *arg=ops_parse_cb_get_arg(cbinfo);
|
||||
// // ops_error_t **errors=ops_parse_cb_get_errors(cbinfo);
|
||||
//
|
||||
// switch(content_->tag)
|
||||
// {
|
||||
// case OPS_PARSER_CMD_GET_SK_PASSPHRASE:
|
||||
// /*
|
||||
// Doing this so the test can be automated.
|
||||
// */
|
||||
// *(content->secret_key_passphrase.passphrase)=ops_malloc_passphrase("hello");
|
||||
// return OPS_KEEP_MEMORY;
|
||||
// break;
|
||||
//
|
||||
// default:
|
||||
// break;
|
||||
// }
|
||||
//
|
||||
// return OPS_RELEASE_MEMORY;
|
||||
// }
|
||||
|
||||
bool PGPHandler::GeneratePGPCertificate(const std::string& name, const std::string& email, const std::string& passwd, PGPIdType& pgpId, std::string& errString)
|
||||
{
|
||||
@ -167,15 +194,40 @@ bool PGPHandler::GeneratePGPCertificate(const std::string& name, const std::stri
|
||||
if(!key)
|
||||
return false ;
|
||||
|
||||
pgpId = PGPIdType(key->key_id) ;
|
||||
// 1 - get a passphrase for encrypting.
|
||||
|
||||
std::string passphrase = _passphrase_callback("Please enter passwd for encrypting your key : ") ;
|
||||
|
||||
// Now output the pubkey to a string.
|
||||
//
|
||||
std::string akey = makeRadixEncodedPGPKey(key) ;
|
||||
// 2 - save the private key encrypted to a temporary memory buffer
|
||||
|
||||
std::cerr << "key: " << std::endl;
|
||||
std::cerr << akey << std::endl;
|
||||
ops_keydata_free(key) ;
|
||||
ops_create_info_t *cinfo = NULL ;
|
||||
ops_memory_t *buf = NULL ;
|
||||
ops_setup_memory_write(&cinfo, &buf, 0);
|
||||
|
||||
ops_write_transferable_secret_key(key,(unsigned char *)passphrase.c_str(),passphrase.length(),ops_false,cinfo);
|
||||
|
||||
// 3 - read the file into a keyring
|
||||
|
||||
ops_keyring_t *tmp_keyring = allocateOPSKeyring() ;
|
||||
if(! ops_keyring_read_from_mem(tmp_keyring, ops_false, buf))
|
||||
{
|
||||
std::cerr << "Cannot re-read key from memory!!" << std::endl;
|
||||
return false ;
|
||||
}
|
||||
ops_teardown_memory_write(cinfo,buf); // cleanup memory
|
||||
|
||||
// 4 - copy the private key to the private keyring
|
||||
|
||||
pgpId = PGPIdType(tmp_keyring->keys[0].key_id) ;
|
||||
addNewKeyToOPSKeyring(_secring,tmp_keyring->keys[0]) ;
|
||||
_secret_keyring_map[ pgpId.toUInt64() ] = _secring->nkeys-1 ;
|
||||
|
||||
std::cerr << "Added new secret key with id " << pgpId.toStdString() << " to secret keyring." << std::endl;
|
||||
|
||||
// We should store it in the keyring.
|
||||
|
||||
ops_keyring_free(tmp_keyring) ;
|
||||
free(tmp_keyring) ;
|
||||
|
||||
return true ;
|
||||
}
|
||||
@ -183,10 +235,9 @@ bool PGPHandler::GeneratePGPCertificate(const std::string& name, const std::stri
|
||||
std::string PGPHandler::makeRadixEncodedPGPKey(const ops_keydata_t *key)
|
||||
{
|
||||
ops_boolean_t armoured=ops_true;
|
||||
ops_boolean_t overwrite=ops_true;
|
||||
ops_create_info_t* cinfo;
|
||||
|
||||
ops_memory_t *buf = NULL ;//(ops_memory_t*)ops_mallocz(1000) ;
|
||||
ops_memory_t *buf = NULL ;
|
||||
ops_setup_memory_write(&cinfo, &buf, 0);
|
||||
|
||||
ops_write_transferable_public_key(key,armoured,cinfo);
|
||||
@ -199,9 +250,28 @@ std::string PGPHandler::makeRadixEncodedPGPKey(const ops_keydata_t *key)
|
||||
return akey ;
|
||||
}
|
||||
|
||||
const ops_keydata_t *PGPHandler::getSecretKey(const PGPIdType& id) const
|
||||
{
|
||||
std::map<uint64_t,uint32_t>::const_iterator res = _secret_keyring_map.find(id.toUInt64()) ;
|
||||
|
||||
if(res == _secret_keyring_map.end())
|
||||
return NULL ;
|
||||
else
|
||||
return ops_keyring_get_key_by_index(_secring,res->second) ;
|
||||
}
|
||||
const ops_keydata_t *PGPHandler::getPublicKey(const PGPIdType& id) const
|
||||
{
|
||||
std::map<uint64_t,uint32_t>::const_iterator res = _public_keyring_map.find(id.toUInt64()) ;
|
||||
|
||||
if(res == _public_keyring_map.end())
|
||||
return NULL ;
|
||||
else
|
||||
return ops_keyring_get_key_by_index(_pubring,res->second) ;
|
||||
}
|
||||
|
||||
std::string PGPHandler::SaveCertificateToString(const PGPIdType& id,bool include_signatures)
|
||||
{
|
||||
const ops_keydata_t *key = ops_keyring_find_key_by_id(_pubring,id.toByteArray());
|
||||
const ops_keydata_t *key = getPublicKey(id) ;
|
||||
|
||||
if(key == NULL)
|
||||
{
|
||||
@ -212,3 +282,86 @@ std::string PGPHandler::SaveCertificateToString(const PGPIdType& id,bool include
|
||||
return makeRadixEncodedPGPKey(key) ;
|
||||
}
|
||||
|
||||
void PGPHandler::addNewKeyToOPSKeyring(ops_keyring_t *kr,const ops_keydata_t& key)
|
||||
{
|
||||
kr->keys = (ops_keydata_t*)realloc(kr->keys,(kr->nkeys+1)*sizeof(ops_keydata_t)) ;
|
||||
memset(&kr->keys[kr->nkeys],0,sizeof(ops_keydata_t)) ;
|
||||
ops_keydata_copy(&kr->keys[kr->nkeys],&key) ;
|
||||
kr->nkeys++ ;
|
||||
}
|
||||
|
||||
bool PGPHandler::LoadCertificateFromString(const std::string& pgp_cert,PGPIdType& id,std::string& error_string)
|
||||
{
|
||||
ops_keyring_t *tmp_keyring = allocateOPSKeyring();
|
||||
ops_memory_t *mem = ops_memory_new() ;
|
||||
ops_memory_add(mem,(unsigned char *)pgp_cert.c_str(),pgp_cert.length()) ;
|
||||
|
||||
if(!ops_keyring_read_from_mem(tmp_keyring,ops_true,mem))
|
||||
{
|
||||
ops_keyring_free(tmp_keyring) ;
|
||||
ops_memory_release(mem) ;
|
||||
|
||||
std::cerr << "Could not read key. Format error?" << std::endl;
|
||||
error_string = std::string("Could not read key. Format error?") ;
|
||||
return false ;
|
||||
}
|
||||
ops_memory_release(mem) ;
|
||||
error_string.clear() ;
|
||||
|
||||
std::cerr << "Key read correctly: " << std::endl;
|
||||
ops_keyring_list(tmp_keyring) ;
|
||||
|
||||
const ops_keydata_t *keydata = NULL ;
|
||||
int i=0 ;
|
||||
|
||||
while( (keydata = ops_keyring_get_key_by_index(tmp_keyring,i++)) != NULL )
|
||||
{
|
||||
id = PGPIdType(keydata->key_id) ;
|
||||
|
||||
addNewKeyToOPSKeyring(_pubring,*keydata) ;
|
||||
_public_keyring_map[id.toUInt64()] = _pubring->nkeys-1 ;
|
||||
}
|
||||
|
||||
std::cerr << "Added the key in the main public keyring." << std::endl;
|
||||
|
||||
ops_keyring_free(tmp_keyring) ;
|
||||
return true ;
|
||||
}
|
||||
|
||||
bool PGPHandler::SignDataBin(const PGPIdType& id,const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen)
|
||||
{
|
||||
// need to find the key and to decrypt it.
|
||||
|
||||
const ops_keydata_t *key = getSecretKey(id) ;
|
||||
|
||||
if(!key)
|
||||
{
|
||||
std::cerr << "Cannot sign: no secret key with id " << id.toStdString() << std::endl;
|
||||
return false ;
|
||||
}
|
||||
|
||||
std::string passphrase = _passphrase_callback("Please enter passwd:") ;
|
||||
|
||||
ops_secret_key_t *secret_key = ops_decrypt_secret_key_from_data(key,passphrase.c_str()) ;
|
||||
|
||||
if(!secret_key)
|
||||
{
|
||||
std::cerr << "Key decryption went wrong. Wrong passwd?" << std::endl;
|
||||
return false ;
|
||||
}
|
||||
|
||||
// then do the signature.
|
||||
|
||||
ops_memory_t *memres = ops_sign_buf(data,len,(ops_sig_type_t)0x10,secret_key,ops_false) ;
|
||||
|
||||
if(!memres)
|
||||
return false ;
|
||||
|
||||
uint32_t tlen = std::min(*signlen,(uint32_t)ops_memory_get_length(memres)) ;
|
||||
|
||||
memcpy(sign,ops_memory_get_data(memres),tlen) ;
|
||||
*signlen = tlen ;
|
||||
|
||||
return true ;
|
||||
}
|
||||
|
||||
|
@ -3,6 +3,7 @@
|
||||
#include <stdint.h>
|
||||
#include <string>
|
||||
#include <list>
|
||||
#include <map>
|
||||
#include <util/rsthreads.h>
|
||||
|
||||
extern "C" {
|
||||
@ -11,6 +12,8 @@ extern "C" {
|
||||
#include <openpgpsdk/keyring_local.h>
|
||||
}
|
||||
|
||||
typedef std::string (*PassphraseCallback)(const std::string& display_msg) ;
|
||||
|
||||
class PGPIdType
|
||||
{
|
||||
public:
|
||||
@ -31,7 +34,7 @@ class PGPIdType
|
||||
class PGPHandler
|
||||
{
|
||||
public:
|
||||
PGPHandler(const std::string& path_to_public_keyring, const std::string& path_to_secret_keyring) ;
|
||||
PGPHandler(const std::string& path_to_public_keyring, const std::string& path_to_secret_keyring,PassphraseCallback cb) ;
|
||||
|
||||
virtual ~PGPHandler() ;
|
||||
|
||||
@ -47,20 +50,31 @@ class PGPHandler
|
||||
|
||||
bool TrustCertificate(const PGPIdType& id, int trustlvl);
|
||||
|
||||
virtual bool SignDataBin(const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen) { return false ; }
|
||||
virtual bool VerifySignBin(const void*, uint32_t, unsigned char*, unsigned int, const std::string &withfingerprint) { return false ; }
|
||||
bool SignDataBin(const PGPIdType& id,const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen) ;
|
||||
bool VerifySignBin(const void*, uint32_t, unsigned char*, unsigned int, const std::string &withfingerprint) { return false ; }
|
||||
|
||||
// Debug stuff.
|
||||
virtual void printKeys() const ;
|
||||
|
||||
private:
|
||||
static std::string makeRadixEncodedPGPKey(const ops_keydata_t *key) ;
|
||||
static ops_keyring_t *allocateOPSKeyring() ;
|
||||
static void addNewKeyToOPSKeyring(ops_keyring_t*, const ops_keydata_t&) ;
|
||||
|
||||
const ops_keydata_t *getPublicKey(const PGPIdType&) const ;
|
||||
const ops_keydata_t *getSecretKey(const PGPIdType&) const ;
|
||||
|
||||
RsMutex pgphandlerMtx ;
|
||||
|
||||
ops_keyring_t *_pubring ;
|
||||
ops_keyring_t *_secring ;
|
||||
|
||||
std::map<uint64_t,uint32_t> _public_keyring_map ; // used for fast access to keys. Gives the index in the keyring.
|
||||
std::map<uint64_t,uint32_t> _secret_keyring_map ;
|
||||
|
||||
const std::string _pubring_path ;
|
||||
const std::string _secring_path ;
|
||||
|
||||
PassphraseCallback _passphrase_callback ;
|
||||
};
|
||||
|
||||
|
@ -3,6 +3,11 @@
|
||||
#include <iostream>
|
||||
#include "pgphandler.h"
|
||||
|
||||
static std::string passphrase_callback(const std::string& what)
|
||||
{
|
||||
return std::string(getpass(what.c_str())) ;
|
||||
}
|
||||
|
||||
int main(int argc,char *argv[])
|
||||
{
|
||||
// test pgp ids.
|
||||
@ -19,7 +24,7 @@ int main(int argc,char *argv[])
|
||||
static const std::string pubring = "pubring.gpg" ;
|
||||
static const std::string secring = "secring.gpg" ;
|
||||
|
||||
PGPHandler pgph(pubring,secring) ;
|
||||
PGPHandler pgph(pubring,secring,&passphrase_callback) ;
|
||||
pgph.printKeys() ;
|
||||
|
||||
std::cerr << std::endl ;
|
||||
@ -50,11 +55,36 @@ int main(int argc,char *argv[])
|
||||
else
|
||||
std::cerr << "Certificate generation success. New id = " << newid.toStdString() << std::endl;
|
||||
|
||||
PGPIdType id2(std::string("EFD19E9DC737CA98")) ;
|
||||
PGPIdType id2(std::string("618E54CF7670FF5E")) ;
|
||||
std::cerr << "Now extracting key " << id2.toStdString() << " from keyring:" << std::endl ;
|
||||
std::string cert = pgph.SaveCertificateToString(id2,false) ;
|
||||
|
||||
std::cerr << "Now, trying to re-read this cert from the string:" << std::endl;
|
||||
|
||||
PGPIdType id3 ;
|
||||
std::string error_string ;
|
||||
pgph.LoadCertificateFromString(cert,id3,error_string) ;
|
||||
|
||||
std::cerr << "Loaded cert id: " << id3.toStdString() << ", Error string=\"" << error_string << "\"" << std::endl;
|
||||
|
||||
std::cerr << cert << std::endl;
|
||||
|
||||
std::cerr << "Testing password callback: " << std::endl;
|
||||
std::string pass = passphrase_callback("Please enter password: ") ;
|
||||
|
||||
std::cerr << "Password = \"" << pass << "\"" << std::endl;
|
||||
|
||||
std::cerr << "Testing signature with keypair " << newid.toStdString() << std::endl;
|
||||
char test_bin[14] = "34f4fhuif3489" ;
|
||||
|
||||
unsigned char sign[100] ;
|
||||
uint32_t signlen = 100 ;
|
||||
|
||||
if(!pgph.SignDataBin(newid,test_bin,13,sign,&signlen))
|
||||
std::cerr << "Signature error." << std::endl;
|
||||
else
|
||||
std::cerr << "Signature success." << std::endl;
|
||||
|
||||
return 0 ;
|
||||
}
|
||||
|
||||
|
@ -48,6 +48,7 @@ const ops_keydata_t *
|
||||
ops_keyring_find_key_by_userid(const ops_keyring_t *keyring,
|
||||
const char* userid);
|
||||
void ops_keydata_free(ops_keydata_t *key);
|
||||
void ops_keydata_copy(ops_keydata_t *dst,const ops_keydata_t *src);
|
||||
void ops_keyring_free(ops_keyring_t *keyring);
|
||||
void ops_dump_keyring(const ops_keyring_t *keyring);
|
||||
const ops_public_key_t *
|
||||
|
@ -912,6 +912,7 @@ void ops_keyid(unsigned char keyid[OPS_KEY_ID_SIZE],
|
||||
const ops_public_key_t *key);
|
||||
void ops_fingerprint(ops_fingerprint_t *fp,const ops_public_key_t *key);
|
||||
void ops_public_key_free(ops_public_key_t *key);
|
||||
void ops_public_key_copy(ops_public_key_t *dst,const ops_public_key_t *src);
|
||||
void ops_user_id_free(ops_user_id_t *id);
|
||||
void ops_user_attribute_free(ops_user_attribute_t *att);
|
||||
void ops_signature_free(ops_signature_t *sig);
|
||||
@ -935,6 +936,7 @@ void ops_ss_embedded_signature_free(ops_ss_embedded_signature_t *ss_embedded_sig
|
||||
void ops_packet_free(ops_packet_t *packet);
|
||||
void ops_parser_content_free(ops_parser_content_t *c);
|
||||
void ops_secret_key_free(ops_secret_key_t *key);
|
||||
void ops_secret_key_copy(ops_secret_key_t *dst,const ops_secret_key_t *src);
|
||||
void ops_pk_session_key_free(ops_pk_session_key_t *sk);
|
||||
|
||||
/* vim:set textwidth=120: */
|
||||
|
@ -55,6 +55,10 @@ typedef unsigned ops_boolean_t;
|
||||
* \see RFC4880 5.2.3.1
|
||||
*/
|
||||
|
||||
#ifndef __cplusplus
|
||||
typedef enum ops_content_tag_t ops_content_tag_t ;
|
||||
#endif
|
||||
|
||||
enum ops_content_tag_t
|
||||
{
|
||||
OPS_PTAG_CT_RESERVED = 0, /*!< Reserved - a packet tag must not have this value */
|
||||
|
@ -26,7 +26,7 @@
|
||||
#include <openpgpsdk/packet-parse.h>
|
||||
#include <openpgpsdk/util.h>
|
||||
#include <openpgpsdk/accumulate.h>
|
||||
#include "keyring_local.h"
|
||||
#include <openpgpsdk/keyring_local.h>
|
||||
#include "parse_local.h"
|
||||
#include <openpgpsdk/signature.h>
|
||||
#include <assert.h>
|
||||
|
@ -127,6 +127,7 @@ static unsigned public_key_length(const ops_public_key_t *key)
|
||||
return mpi_length(key->key.rsa.n)+mpi_length(key->key.rsa.e);
|
||||
|
||||
default:
|
||||
fprintf(stderr,"Bad algorithm type in key: %d\n",key->algorithm) ;
|
||||
assert(!"unknown key algorithm");
|
||||
}
|
||||
/* not reached */
|
||||
|
@ -94,6 +94,98 @@ void ops_keydata_free(ops_keydata_t *keydata)
|
||||
free(keydata);
|
||||
}
|
||||
|
||||
// \todo check where userid pointers are copied
|
||||
/**
|
||||
\ingroup Core_Keys
|
||||
\brief Copy user id, including contents
|
||||
\param dst Destination User ID
|
||||
\param src Source User ID
|
||||
\note If dst already has a user_id, it will be freed.
|
||||
*/
|
||||
void ops_copy_userid(ops_user_id_t* dst, const ops_user_id_t* src)
|
||||
{
|
||||
int len=strlen((char *)src->user_id);
|
||||
if (dst->user_id)
|
||||
free(dst->user_id);
|
||||
dst->user_id=ops_mallocz(len+1);
|
||||
|
||||
memcpy(dst->user_id, src->user_id, len);
|
||||
}
|
||||
// \todo check where pkt pointers are copied
|
||||
/**
|
||||
\ingroup Core_Keys
|
||||
\brief Copy packet, including contents
|
||||
\param dst Destination packet
|
||||
\param src Source packet
|
||||
\note If dst already has a packet, it will be freed.
|
||||
*/
|
||||
void ops_copy_packet(ops_packet_t* dst, const ops_packet_t* src)
|
||||
{
|
||||
if (dst->raw)
|
||||
free(dst->raw);
|
||||
dst->raw=ops_mallocz(src->length);
|
||||
|
||||
dst->length=src->length;
|
||||
memcpy(dst->raw, src->raw, src->length);
|
||||
}
|
||||
|
||||
|
||||
|
||||
/**
|
||||
\ingroup Core_Keys
|
||||
\brief Copies entire key data
|
||||
\param dst Destination key where to copy
|
||||
\param src Source key to copy
|
||||
*/
|
||||
void ops_keydata_copy(ops_keydata_t *dst,const ops_keydata_t *src)
|
||||
{
|
||||
unsigned n;
|
||||
|
||||
memset(dst,0,sizeof(ops_keydata_t)) ;
|
||||
|
||||
dst->uids = (ops_user_id_t*)ops_mallocz(src->nuids * sizeof(ops_user_id_t)) ;
|
||||
dst->nuids = src->nuids ;
|
||||
|
||||
for(n=0 ; n < src->nuids ; ++n)
|
||||
ops_copy_userid(&dst->uids[n],&src->uids[n]) ;
|
||||
|
||||
dst->packets = (ops_packet_t*)ops_mallocz(src->npackets * sizeof(ops_packet_t)) ;
|
||||
dst->npackets = src->npackets ;
|
||||
|
||||
for(n=0 ; n < src->npackets ; ++n)
|
||||
ops_copy_packet(&(dst->packets[n]),&(src->packets[n]));
|
||||
|
||||
dst->nsigs = src->nsigs ;
|
||||
dst->sigs = (sigpacket_t*)ops_mallocz(src->nsigs * sizeof(sigpacket_t)) ;
|
||||
|
||||
for(n=0 ; n < src->nsigs ; ++n)
|
||||
{
|
||||
dst->sigs[n].userid = (ops_user_id_t*)ops_mallocz(sizeof(ops_user_id_t)) ;
|
||||
dst->sigs[n].packet = (ops_packet_t*)ops_mallocz(sizeof(ops_packet_t)) ;
|
||||
|
||||
ops_copy_userid(dst->sigs[n].userid,src->sigs[n].userid) ;
|
||||
ops_copy_packet(dst->sigs[n].packet,src->sigs[n].packet) ;
|
||||
}
|
||||
|
||||
dst->key_id[0] = src->key_id[0] ;
|
||||
dst->key_id[1] = src->key_id[1] ;
|
||||
dst->key_id[2] = src->key_id[2] ;
|
||||
dst->key_id[3] = src->key_id[3] ;
|
||||
dst->key_id[4] = src->key_id[4] ;
|
||||
dst->key_id[5] = src->key_id[5] ;
|
||||
dst->key_id[6] = src->key_id[6] ;
|
||||
dst->key_id[7] = src->key_id[7] ;
|
||||
dst->type = src->type ;
|
||||
dst->key = src->key ;
|
||||
dst->fingerprint = src->fingerprint ;
|
||||
|
||||
if(src->type == OPS_PTAG_CT_PUBLIC_KEY)
|
||||
ops_public_key_copy(&dst->key.pkey,&src->key.pkey);
|
||||
else
|
||||
ops_secret_key_copy(&dst->key.skey,&src->key.skey);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
\ingroup HighLevel_KeyGeneral
|
||||
|
||||
@ -361,42 +453,6 @@ const ops_keydata_t* ops_keyring_get_key_by_index(const ops_keyring_t *keyring,
|
||||
return &keyring->keys[index];
|
||||
}
|
||||
|
||||
// \todo check where userid pointers are copied
|
||||
/**
|
||||
\ingroup Core_Keys
|
||||
\brief Copy user id, including contents
|
||||
\param dst Destination User ID
|
||||
\param src Source User ID
|
||||
\note If dst already has a user_id, it will be freed.
|
||||
*/
|
||||
void ops_copy_userid(ops_user_id_t* dst, const ops_user_id_t* src)
|
||||
{
|
||||
int len=strlen((char *)src->user_id);
|
||||
if (dst->user_id)
|
||||
free(dst->user_id);
|
||||
dst->user_id=ops_mallocz(len+1);
|
||||
|
||||
memcpy(dst->user_id, src->user_id, len);
|
||||
}
|
||||
|
||||
// \todo check where pkt pointers are copied
|
||||
/**
|
||||
\ingroup Core_Keys
|
||||
\brief Copy packet, including contents
|
||||
\param dst Destination packet
|
||||
\param src Source packet
|
||||
\note If dst already has a packet, it will be freed.
|
||||
*/
|
||||
void ops_copy_packet(ops_packet_t* dst, const ops_packet_t* src)
|
||||
{
|
||||
if (dst->raw)
|
||||
free(dst->raw);
|
||||
dst->raw=ops_mallocz(src->length);
|
||||
|
||||
dst->length=src->length;
|
||||
memcpy(dst->raw, src->raw, src->length);
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup Core_Keys
|
||||
\brief Add User ID to keydata
|
||||
|
@ -999,6 +999,41 @@ void ops_public_key_free(ops_public_key_t *p)
|
||||
}
|
||||
}
|
||||
|
||||
void ops_public_key_copy(ops_public_key_t *dst,const ops_public_key_t *src)
|
||||
{
|
||||
*dst = *src ;
|
||||
|
||||
switch(src->algorithm)
|
||||
{
|
||||
case OPS_PKA_RSA:
|
||||
case OPS_PKA_RSA_ENCRYPT_ONLY:
|
||||
case OPS_PKA_RSA_SIGN_ONLY:
|
||||
dst->key.rsa.n = BN_dup(src->key.rsa.n);
|
||||
dst->key.rsa.e = BN_dup(src->key.rsa.e);
|
||||
break;
|
||||
|
||||
case OPS_PKA_DSA:
|
||||
dst->key.dsa.p = BN_dup(src->key.dsa.p);
|
||||
dst->key.dsa.q = BN_dup(src->key.dsa.q);
|
||||
dst->key.dsa.g = BN_dup(src->key.dsa.g);
|
||||
dst->key.dsa.y = BN_dup(src->key.dsa.y);
|
||||
break;
|
||||
|
||||
case OPS_PKA_ELGAMAL:
|
||||
case OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN:
|
||||
dst->key.elgamal.p = BN_dup(src->key.elgamal.p);
|
||||
dst->key.elgamal.g = BN_dup(src->key.elgamal.g);
|
||||
dst->key.elgamal.y = BN_dup(src->key.elgamal.y);
|
||||
break;
|
||||
|
||||
//case 0:
|
||||
// nothing to free
|
||||
// break;
|
||||
|
||||
default:
|
||||
assert(0);
|
||||
}
|
||||
}
|
||||
/**
|
||||
\ingroup Core_ReadPackets
|
||||
*/
|
||||
@ -1573,9 +1608,9 @@ static int parse_one_signature_subpacket(ops_signature_t *sig,
|
||||
|
||||
case OPS_PTAG_SS_REVOCATION_KEY:
|
||||
/* octet 0 = class. Bit 0x80 must be set */
|
||||
if(!limited_read (&C.ss_revocation_key.class,1,&subregion,pinfo))
|
||||
if(!limited_read (&C.ss_revocation_key.cclass,1,&subregion,pinfo))
|
||||
return 0;
|
||||
if(!(C.ss_revocation_key.class&0x80))
|
||||
if(!(C.ss_revocation_key.cclass&0x80))
|
||||
{
|
||||
printf("Warning: OPS_PTAG_SS_REVOCATION_KEY class: "
|
||||
"Bit 0x80 should be set\n");
|
||||
@ -2124,6 +2159,31 @@ void ops_secret_key_free(ops_secret_key_t *key)
|
||||
ops_public_key_free(&key->public_key);
|
||||
}
|
||||
|
||||
void ops_secret_key_copy(ops_secret_key_t *dst,const ops_secret_key_t *src)
|
||||
{
|
||||
*dst = *src ;
|
||||
ops_public_key_copy(&dst->public_key,&src->public_key);
|
||||
|
||||
switch(src->public_key.algorithm)
|
||||
{
|
||||
case OPS_PKA_RSA:
|
||||
case OPS_PKA_RSA_ENCRYPT_ONLY:
|
||||
case OPS_PKA_RSA_SIGN_ONLY:
|
||||
dst->key.rsa.d = BN_dup(src->key.rsa.d) ;
|
||||
dst->key.rsa.p = BN_dup(src->key.rsa.p) ;
|
||||
dst->key.rsa.q = BN_dup(src->key.rsa.q) ;
|
||||
dst->key.rsa.u = BN_dup(src->key.rsa.u) ;
|
||||
break;
|
||||
|
||||
case OPS_PKA_DSA:
|
||||
dst->key.dsa.x = BN_dup(src->key.dsa.x) ;
|
||||
break;
|
||||
|
||||
default:
|
||||
fprintf(stderr,"ops_secret_key_copy: Unknown algorithm: %d (%s)\n",src->public_key.algorithm, ops_show_pka(src->public_key.algorithm));
|
||||
//assert(0);
|
||||
}
|
||||
}
|
||||
static int consume_packet(ops_region_t *region,ops_parse_info_t *pinfo,
|
||||
ops_boolean_t warn)
|
||||
{
|
||||
|
@ -849,8 +849,8 @@ int ops_print_packet(const ops_parser_content_t *content_)
|
||||
start_subpacket(content_->tag);
|
||||
/* not yet tested */
|
||||
printf (" revocation key: class=0x%x",
|
||||
content->ss_revocation_key.class);
|
||||
if (content->ss_revocation_key.class&0x40)
|
||||
content->ss_revocation_key.cclass);
|
||||
if (content->ss_revocation_key.cclass&0x40)
|
||||
printf (" (sensitive)");
|
||||
printf (", algid=0x%x",
|
||||
content->ss_revocation_key.algid);
|
||||
|
@ -1,5 +1,5 @@
|
||||
TEMPLATE = lib
|
||||
CONFIG = staticlib
|
||||
CONFIG = staticlib debug
|
||||
|
||||
DEFINES *= OPENSSL_NO_IDEA
|
||||
|
||||
|
@ -261,7 +261,7 @@ typedef struct
|
||||
unsigned pos;
|
||||
} linebreak_arg_t;
|
||||
|
||||
#define BREAKPOS 76
|
||||
#define BREAKPOS 64
|
||||
|
||||
static ops_boolean_t linebreak_writer(const unsigned char *src,
|
||||
unsigned length,
|
||||
|
Loading…
Reference in New Issue
Block a user