/**
\ingroup Core_Keys
\brief Copies entire key data
\param dst Destination key where to copy
\param src Source key to copy
*/
void ops_keydata_copy(ops_keydata_t *dst,const ops_keydata_t *src)
{
unsigned n;
memset(dst,0,sizeof(ops_keydata_t)) ;
dst->uids = (ops_user_id_t*)ops_mallocz(src->nuids * sizeof(ops_user_id_t)) ;
dst->nuids = src->nuids ;
dst->nuids_allocated = src->nuids ;
for(n=0 ; n < src->nuids ; ++n)
ops_copy_userid(&dst->uids[n],&src->uids[n]) ;
dst->packets = (ops_packet_t*)ops_mallocz(src->npackets * sizeof(ops_packet_t)) ;
dst->npackets = src->npackets ;
dst->npackets_allocated = src->npackets ;
for(n=0 ; n < src->npackets ; ++n)
ops_copy_packet(&(dst->packets[n]),&(src->packets[n]));
dst->nsigs = src->nsigs ;
dst->sigs = (sigpacket_t*)ops_mallocz(src->nsigs * sizeof(sigpacket_t)) ;
dst->nsigs_allocated = src->nsigs ;
for(n=0 ; n < src->nsigs ; ++n)
{
dst->sigs[n].userid = (ops_user_id_t*)ops_mallocz(sizeof(ops_user_id_t)) ;
dst->sigs[n].packet = (ops_packet_t*)ops_mallocz(sizeof(ops_packet_t)) ;
ops_copy_userid(dst->sigs[n].userid,src->sigs[n].userid) ;
ops_copy_packet(dst->sigs[n].packet,src->sigs[n].packet) ;
}
dst->key_id[0] = src->key_id[0] ;
dst->key_id[1] = src->key_id[1] ;
dst->key_id[2] = src->key_id[2] ;
dst->key_id[3] = src->key_id[3] ;
dst->key_id[4] = src->key_id[4] ;
dst->key_id[5] = src->key_id[5] ;
dst->key_id[6] = src->key_id[6] ;
dst->key_id[7] = src->key_id[7] ;
dst->type = src->type ;
dst->key = src->key ;
dst->fingerprint = src->fingerprint ;
if(src->type == OPS_PTAG_CT_PUBLIC_KEY)
ops_public_key_copy(&dst->key.pkey,&src->key.pkey);
else
ops_secret_key_copy(&dst->key.skey,&src->key.skey);
}
char* create_testtext(const char *text, const unsigned int repeats)
{
unsigned int i=0;
const unsigned int maxbuf=1024;
char int_buf[maxbuf+1];
char buf[maxbuf+1];
sprintf(int_buf, "%d", repeats);
unsigned int sz_count = strlen(int_buf);
unsigned int sz_one=0;
unsigned int sz_big=0;
char* bigbuf=NULL;
buf[maxbuf]='\0';
snprintf(buf, sizeof buf, ": %s : Test Text\n", text);
sz_one=strlen(buf) + sz_count;
sz_big=sz_one*repeats+1;
bigbuf=ops_mallocz(sz_big);
for (i=0 ; i < repeats ; i++)
{
char* ptr=bigbuf+i*sz_one;
sprintf(int_buf, "%*d", sz_count, i);
memcpy(ptr, int_buf, sz_count);
memcpy(ptr + sz_count, buf, sz_one);
}
return bigbuf;
}
void check_sig_with_ops_core(ops_parse_info_t *pinfo,
ops_boolean_t use_armour,
validate_data_cb_arg_t *validate_arg)
{
ops_validate_result_t* result=ops_mallocz(sizeof (ops_validate_result_t));
int rtn=0;
memset(validate_arg, '\0', sizeof *validate_arg);
validate_arg->result=result;
validate_arg->keyring=&pub_keyring;
validate_arg->rarg=ops_reader_get_arg_from_pinfo(pinfo);
ops_parse_options(pinfo, OPS_PTAG_SS_ALL, OPS_PARSE_PARSED);
pinfo->rinfo.accumulate=ops_true;
// Set up armour/passphrase options
if (use_armour)
ops_reader_push_dearmour(pinfo);
// Do the verification
rtn=ops_parse_and_print_errors(pinfo);
CU_ASSERT(rtn == 1);
// Tidy up
if (use_armour)
ops_reader_pop_dearmour(pinfo);
ops_parse_info_delete(pinfo);
ops_validate_result_free(result);
}
/**
\ingroup Core_Keys
\brief Copy packet, including contents
\param dst Destination packet
\param src Source packet
\note If dst already has a packet, it will be freed.
*/
void ops_copy_packet(ops_packet_t* dst, const ops_packet_t* src)
{
if (dst->raw)
free(dst->raw);
dst->raw=ops_mallocz(src->length);
dst->length=src->length;
memcpy(dst->raw, src->raw, src->length);
}
/**
\ingroup Core_Keys
\brief Copy user id, including contents
\param dst Destination User ID
\param src Source User ID
\note If dst already has a user_id, it will be freed.
*/
void ops_copy_userid(ops_user_id_t* dst, const ops_user_id_t* src)
{
int len=strlen((char *)src->user_id);
if (dst->user_id)
free(dst->user_id);
dst->user_id=ops_mallocz(len+1);
memcpy(dst->user_id, src->user_id, len);
}
/**
* \ingroup Core_Readers_SE
* \brief Pushes decryption reader onto stack
* \sa ops_reader_pop_decrypt()
*/
void ops_reader_push_decrypt(ops_parse_info_t *pinfo,ops_crypt_t *decrypt,
ops_region_t *region)
{
encrypted_arg_t *arg=ops_mallocz(sizeof *arg);
arg->decrypt=decrypt;
arg->region=region;
ops_decrypt_init(arg->decrypt);
ops_reader_push(pinfo,encrypted_data_reader,encrypted_data_destroyer,arg);
}
/**
\ingroup Core_WritePackets
\brief Write Symmetrically Encrypted packet
\param data Data to encrypt
\param len Length of data
\param info Write settings
\return ops_true if OK; else ops_false
\note Hard-coded to use AES256
*/
ops_boolean_t ops_write_symmetrically_encrypted_data(const unsigned char *data,
const int len,
ops_create_info_t *info)
{
int done=0;
ops_crypt_t crypt_info;
int encrypted_sz=0;// size of encrypted data
unsigned char *encrypted=NULL; // buffer to write encrypted data to
// \todo assume AES256 for now
ops_crypt_any(&crypt_info, OPS_SA_AES_256);
ops_encrypt_init(&crypt_info);
encrypted_sz=len+crypt_info.blocksize+2;
encrypted=ops_mallocz(encrypted_sz);
done=ops_encrypt_se(&crypt_info, encrypted, data, len);
assert(done==len);
// printf("len=%d, done: %d\n", len, done);
return ops_write_ptag(OPS_PTAG_CT_SE_DATA, info)
&& ops_write_length(1+encrypted_sz,info)
&& ops_write(data, len, info);
}
ops_keydata_t *ops_keydata_new(void)
{ return ops_mallocz(sizeof(ops_keydata_t)); }
void ops_reader_push_sum16(ops_parse_info_t *pinfo)
{
sum16_arg_t *arg=ops_mallocz(sizeof *arg);
ops_reader_push(pinfo,sum16_reader,sum16_destroyer,arg);
}
ops_boolean_t ops_decrypt_file(const char* input_filename,
const char* output_filename,
ops_keyring_t* keyring,
const ops_boolean_t use_armour,
const ops_boolean_t allow_overwrite,
ops_parse_cb_t* cb_get_passphrase)
{
int fd_in=0;
int fd_out=0;
char* myfilename=NULL;
//
ops_parse_info_t *pinfo=NULL;
// setup for reading from given input file
fd_in=ops_setup_file_read(&pinfo, input_filename,
NULL,
callback_write_parsed,
ops_false);
if (fd_in < 0)
{
perror(input_filename);
return ops_false;
}
// setup output filename
if (output_filename)
{
fd_out=ops_setup_file_write(&pinfo->cbinfo.cinfo, output_filename,
allow_overwrite);
if (fd_out < 0)
{
perror(output_filename);
ops_teardown_file_read(pinfo, fd_in);
return ops_false;
}
}
else
{
int suffixlen=4;
char *defaultsuffix=".decrypted";
const char *suffix=input_filename+strlen(input_filename)-suffixlen;
if (!strcmp(suffix, ".gpg") || !strcmp(suffix, ".asc"))
{
myfilename=ops_mallocz(strlen(input_filename)-suffixlen+1);
strncpy(myfilename, input_filename,
strlen(input_filename)-suffixlen);
}
else
{
unsigned filenamelen=strlen(input_filename)+strlen(defaultsuffix)+1;
myfilename=ops_mallocz(filenamelen);
snprintf(myfilename, filenamelen, "%s%s", input_filename,
defaultsuffix);
}
fd_out=ops_setup_file_write(&pinfo->cbinfo.cinfo, myfilename,
allow_overwrite);
if (fd_out < 0)
{
perror(myfilename);
free(myfilename);
ops_teardown_file_read(pinfo, fd_in);
return ops_false;
}
free (myfilename);
}
// \todo check for suffix matching armour param
// setup for writing decrypted contents to given output file
// setup keyring and passphrase callback
pinfo->cbinfo.cryptinfo.keyring=keyring;
pinfo->cbinfo.cryptinfo.cb_get_passphrase=cb_get_passphrase;
// Set up armour/passphrase options
if (use_armour)
ops_reader_push_dearmour(pinfo);
// Do it
ops_boolean_t res = ops_parse_and_print_errors(pinfo);
// Unsetup
if (use_armour)
ops_reader_pop_dearmour(pinfo);
ops_teardown_file_write(pinfo->cbinfo.cinfo, fd_out);
ops_teardown_file_read(pinfo, fd_in);
// \todo cleardown crypt
return res;
}
ops_boolean_t ops_decrypt_memory(const unsigned char *encrypted_memory,int em_length,
unsigned char **decrypted_memory,int *out_length,
ops_keyring_t* keyring,
const ops_boolean_t use_armour,
ops_parse_cb_t* cb_get_passphrase)
{
int fd_in=0;
int fd_out=0;
char* myfilename=NULL;
//
ops_parse_info_t *pinfo=NULL;
// setup for reading from given input file
ops_memory_t *input_mem = ops_memory_new() ;
ops_memory_add(input_mem,encrypted_memory,em_length) ;
ops_setup_memory_read(&pinfo, input_mem, NULL, callback_write_parsed, ops_false);
if (pinfo == NULL)
{
perror("cannot create memory read");
return ops_false;
}
// setup memory chunk
ops_memory_t *output_mem;
ops_setup_memory_write(&pinfo->cbinfo.cinfo, &output_mem,0) ;
if (output_mem == NULL)
{
perror("Cannot create output memory");
ops_teardown_memory_read(pinfo, input_mem);
return ops_false;
}
// \todo check for suffix matching armour param
// setup keyring and passphrase callback
pinfo->cbinfo.cryptinfo.keyring=keyring;
pinfo->cbinfo.cryptinfo.cb_get_passphrase=cb_get_passphrase;
// Set up armour/passphrase options
if (use_armour)
ops_reader_push_dearmour(pinfo);
// Do it
ops_boolean_t res = ops_parse_and_print_errors(pinfo);
// Unsetup
if (use_armour)
ops_reader_pop_dearmour(pinfo);
// copy output memory to supplied buffer.
//
*out_length = ops_memory_get_length(output_mem) ;
*decrypted_memory = ops_mallocz(*out_length) ;
memcpy(*decrypted_memory,ops_memory_get_data(output_mem),*out_length) ;
ops_decrypt_memory_ABORT:
ops_teardown_memory_write(pinfo->cbinfo.cinfo, output_mem);
ops_teardown_memory_read(pinfo, input_mem);
return res ;
}
/**
* \ingroup Core_Create
*
* \brief Create a new ops_create_info_t structure.
*
* \return the new structure.
* \note It is the responsiblity of the caller to call ops_create_info_delete().
* \sa ops_create_info_delete()
*/
ops_create_info_t *ops_create_info_new(void)
{ return ops_mallocz(sizeof(ops_create_info_t)); }
/**
\ingroup Core_Create
\brief Creates an ops_pk_session_key_t struct from keydata
\param key Keydata to use
\return ops_pk_session_key_t struct
\note It is the caller's responsiblity to free the returned pointer. Before freeing,
the key must be cleared by calling ops_pk_session_key_free()
\note Currently hard-coded to use CAST5
\note Currently hard-coded to use RSA
*/
ops_pk_session_key_t *ops_create_pk_session_key(const ops_keydata_t *key)
{
/*
* Creates a random session key and encrypts it for the given key
*
* Session Key is for use with a SK algo,
* can be any, we're hardcoding CAST5 for now
*
* Encryption used is PK,
* can be any, we're hardcoding RSA for now
*/
const ops_public_key_t* pub_key=ops_get_public_key_from_data(key);
#define SZ_UNENCODED_M_BUF CAST_KEY_LENGTH+1+2
unsigned char unencoded_m_buf[SZ_UNENCODED_M_BUF];
const size_t sz_encoded_m_buf=BN_num_bytes(pub_key->key.rsa.n);
unsigned char* encoded_m_buf = ops_mallocz(sz_encoded_m_buf);
ops_pk_session_key_t *session_key=ops_mallocz(sizeof *session_key);
assert(key->type == OPS_PTAG_CT_PUBLIC_KEY);
session_key->version=OPS_PKSK_V3;
memcpy(session_key->key_id, key->key_id, sizeof session_key->key_id);
if (debug)
{
unsigned int i=0;
fprintf(stderr,"Encrypting for RSA key id : ");
for (i=0; i<sizeof session_key->key_id; i++)
fprintf(stderr,"%2x ", key->key_id[i]);
fprintf(stderr,"\n");
}
assert(key->key.pkey.algorithm == OPS_PKA_RSA);
session_key->algorithm=key->key.pkey.algorithm;
// \todo allow user to specify other algorithm
session_key->symmetric_algorithm=OPS_SA_CAST5;
ops_random(session_key->key, CAST_KEY_LENGTH);
if (debug)
{
unsigned int i=0;
fprintf(stderr,"CAST5 session key created (len=%d):\n ",
CAST_KEY_LENGTH);
for (i=0; i<CAST_KEY_LENGTH; i++)
fprintf(stderr,"%2x ", session_key->key[i]);
fprintf(stderr,"\n");
}
if (create_unencoded_m_buf(session_key, &unencoded_m_buf[0])==ops_false)
{
free(encoded_m_buf);
return NULL;
}
if (debug)
{
unsigned int i=0;
printf("unencoded m buf:\n");
for (i=0; i<SZ_UNENCODED_M_BUF; i++)
printf("%2x ", unencoded_m_buf[i]);
printf("\n");
}
encode_m_buf(&unencoded_m_buf[0], SZ_UNENCODED_M_BUF, pub_key,
&encoded_m_buf[0]);
// and encrypt it
if(!ops_rsa_encrypt_mpi(encoded_m_buf, sz_encoded_m_buf, pub_key,
&session_key->parameters))
{
free (encoded_m_buf);
return NULL;
}
free(encoded_m_buf);
return session_key;
}
