int olsrd_mdp_init(co_obj_t *self, co_obj_t **output, co_obj_t *params) {
keyring_file *mdp_keyring = NULL;
unsigned char *mdp_key = NULL;
int mdp_key_len = 0;
unsigned char packedSid[SID_SIZE] = {0};
CHECK(IS_LIST(params) && co_list_length(params) == 2,"Invalid params");
size_t sid_len = co_str_len(co_list_element(params,1));
char *sid_str = _LIST_ELEMENT(params,1);
CHECK(sid_len == 2*SID_SIZE + 1 && str_is_subscriber_id(sid_str) == 1,"Invalid SID");
stowSid(packedSid,0,sid_str);
CHECK(serval_init_keyring(packedSid,
SID_SIZE,
_LIST_ELEMENT(params,0),
co_str_len(co_list_element(params,0)),
&mdp_keyring,
&mdp_key,
&mdp_key_len), "Failed to initialize Serval keyring");
CMD_OUTPUT("key",co_bin8_create((char*)mdp_key,mdp_key_len,0));
return 1;
error:
return 0;
}
int
olsrd_mdp_init(co_obj_t *self, co_obj_t **output, co_obj_t *params)
{
svl_crypto_ctx *ctx = NULL;
CHECK(IS_LIST(params) && co_list_length(params) == 2, "Invalid params");
size_t sid_len = co_str_len(co_list_element(params, 1));
char *sid_str = _LIST_ELEMENT(params, 1);
CHECK(sid_len == (2 * SID_SIZE) + 1 && str_is_subscriber_id(sid_str) == 1, "Invalid SID");
ctx = svl_crypto_ctx_new();
stowSid(ctx->sid, 0, sid_str);
ctx->keyring_path = _LIST_ELEMENT(params, 0);
ctx->keyring_len = co_str_len(co_list_element(params, 0)) - 1;
CHECK_ERR(ctx->keyring_len < PATH_MAX,"Keyring path too long");
CHECK(serval_init_keyring(ctx), "Failed to initialize Serval keyring");
CMD_OUTPUT("key", co_bin8_create((char*)ctx->sas_private, crypto_sign_SECRETKEYBYTES, 0));
return 1;
error:
if (ctx)
svl_crypto_ctx_free(ctx);
return 0;
}
int cmd_serval_sign(const char *sid_str,
const size_t sid_len,
const unsigned char *msg,
const size_t msg_len,
char *sig_str_buf,
const size_t sig_str_size,
const char *keyring_path,
const size_t keyring_len) {
int ret = 0;
unsigned char signed_msg[msg_len + SIGNATURE_BYTES];
keyring_file *_keyring = NULL;
unsigned char *key = NULL;
unsigned char packedSid[SID_SIZE] = {0};
CHECK(sig_str_size >= 2*SIGNATURE_BYTES + 1,"Signature buffer too small");
if (sid_str) {
CHECK_ERR(sid_len == 2*SID_SIZE && str_is_subscriber_id(sid_str) == 1,"Invalid SID");
stowSid(packedSid,0,sid_str);
}
if (keyring_path) {
CHECK_ERR(serval_init_keyring(sid_str ? packedSid : NULL,
sid_str ? SID_SIZE : 0,
keyring_path,
keyring_len,
&_keyring,
&key,
NULL), "Failed to initialize Serval keyring");
} else {
CHECK_ERR(serval_extract_sas(&key,NULL,keyring,packedSid),"Failed to fetch SAS key");
}
CHECK_ERR(serval_create_signature(key, msg, msg_len, signed_msg, SIGNATURE_BYTES + msg_len),"Failed to create signature");
strncpy(sig_str_buf,alloca_tohex(signed_msg + msg_len,SIGNATURE_BYTES),2*SIGNATURE_BYTES);
sig_str_buf[2*SIGNATURE_BYTES] = '\0';
ret = 1;
error:
if (_keyring) keyring_free(_keyring);
return ret;
}
int serval_verify_client(const char *sid_str,
const size_t sid_len,
const unsigned char *msg,
const size_t msg_len,
const char *sig,
const size_t sig_len,
const char *keyring_path,
const size_t keyring_len) {
int verdict = 0;
char sas_str[2*SAS_SIZE+1] = {0};
unsigned char packedSid[SID_SIZE] = {0};
CHECK(sid_len == 2*SID_SIZE,"Invalid SID length");
CHECK(sig_len == 2*SIGNATURE_BYTES,"Invalid signature length");
CHECK(str_is_subscriber_id(sid_str) != 0,"Invalid SID");
stowSid(packedSid,0,sid_str);
CHECK(serval_init_keyring(packedSid,
SID_SIZE,
keyring_path,
keyring_len,
&keyring,
NULL,
NULL), "Failed to initialize Serval keyring");
struct subscriber *sub = find_subscriber(packedSid, SID_SIZE, 1); // get Serval identity described by given SID
CHECK(sub,"Failed to fetch Serval subscriber");
CHECK(keyring_send_sas_request_client(sub),"SAS request failed");
CHECK(sub->sas_valid,"Could not validate the signing key!");
CHECK(sub->sas_public[0],"Could not validate the signing key!");
CHECK(tohex(sas_str,sub->sas_public,SAS_SIZE),"Failed to convert signing key");
verdict = cmd_serval_verify(sas_str,2*SAS_SIZE,
msg,msg_len,sig,sig_len);
error:
return verdict;
}
/* Used by serval-client */
int
serval_verify_client(svl_crypto_ctx *ctx)
{
CHECK(ctx && ctx->sid[0] && ctx->msg && ctx->signature[0] && ctx->keyring_path,
"Invalid ctx");
CHECK(serval_init_keyring(ctx), "Failed to initialize Serval keyring");
struct subscriber *sub = find_subscriber(ctx->sid, SID_SIZE, 1); // get Serval identity described by given SID
CHECK(sub, "Failed to fetch Serval subscriber");
CHECK(keyring_send_sas_request_client(sub), "SAS request failed");
CHECK(sub->sas_valid, "Could not validate the signing key!");
CHECK(sub->sas_public[0], "Could not validate the signing key!");
memcpy(ctx->sas_public,sub->sas_public,crypto_sign_PUBLICKEYBYTES);
return cmd_serval_verify(ctx);
error:
return 0;
}
int
cmd_serval_sign(svl_crypto_ctx *ctx)
{
CHECK_ERR(ctx,"Invalid ctx");
/* If a non-default keyring path is given, and/or no SID is set,
* we need to initialize the keyring */
if (ctx->keyring_path || !ctx->sid[0]) {
CHECK_ERR(serval_init_keyring(ctx),
"Failed to initialize Serval keyring");
} else {
// or just use the default keyring
ctx->keyring_file = keyring; // serval global
CHECK_ERR(serval_extract_sas(ctx),
"Failed to fetch SAS keys");
}
CHECK_ERR(serval_create_signature(ctx),"Failed to create signature");
return 1;
error:
return 0;
}
