int olsrd_mdp_init(co_obj_t *self, co_obj_t **output, co_obj_t *params) { keyring_file *mdp_keyring = NULL; unsigned char *mdp_key = NULL; int mdp_key_len = 0; unsigned char packedSid[SID_SIZE] = {0}; CHECK(IS_LIST(params) && co_list_length(params) == 2,"Invalid params"); size_t sid_len = co_str_len(co_list_element(params,1)); char *sid_str = _LIST_ELEMENT(params,1); CHECK(sid_len == 2*SID_SIZE + 1 && str_is_subscriber_id(sid_str) == 1,"Invalid SID"); stowSid(packedSid,0,sid_str); CHECK(serval_init_keyring(packedSid, SID_SIZE, _LIST_ELEMENT(params,0), co_str_len(co_list_element(params,0)), &mdp_keyring, &mdp_key, &mdp_key_len), "Failed to initialize Serval keyring"); CMD_OUTPUT("key",co_bin8_create((char*)mdp_key,mdp_key_len,0)); return 1; error: return 0; }
int olsrd_mdp_init(co_obj_t *self, co_obj_t **output, co_obj_t *params) { svl_crypto_ctx *ctx = NULL; CHECK(IS_LIST(params) && co_list_length(params) == 2, "Invalid params"); size_t sid_len = co_str_len(co_list_element(params, 1)); char *sid_str = _LIST_ELEMENT(params, 1); CHECK(sid_len == (2 * SID_SIZE) + 1 && str_is_subscriber_id(sid_str) == 1, "Invalid SID"); ctx = svl_crypto_ctx_new(); stowSid(ctx->sid, 0, sid_str); ctx->keyring_path = _LIST_ELEMENT(params, 0); ctx->keyring_len = co_str_len(co_list_element(params, 0)) - 1; CHECK_ERR(ctx->keyring_len < PATH_MAX,"Keyring path too long"); CHECK(serval_init_keyring(ctx), "Failed to initialize Serval keyring"); CMD_OUTPUT("key", co_bin8_create((char*)ctx->sas_private, crypto_sign_SECRETKEYBYTES, 0)); return 1; error: if (ctx) svl_crypto_ctx_free(ctx); return 0; }
int cmd_serval_sign(const char *sid_str, const size_t sid_len, const unsigned char *msg, const size_t msg_len, char *sig_str_buf, const size_t sig_str_size, const char *keyring_path, const size_t keyring_len) { int ret = 0; unsigned char signed_msg[msg_len + SIGNATURE_BYTES]; keyring_file *_keyring = NULL; unsigned char *key = NULL; unsigned char packedSid[SID_SIZE] = {0}; CHECK(sig_str_size >= 2*SIGNATURE_BYTES + 1,"Signature buffer too small"); if (sid_str) { CHECK_ERR(sid_len == 2*SID_SIZE && str_is_subscriber_id(sid_str) == 1,"Invalid SID"); stowSid(packedSid,0,sid_str); } if (keyring_path) { CHECK_ERR(serval_init_keyring(sid_str ? packedSid : NULL, sid_str ? SID_SIZE : 0, keyring_path, keyring_len, &_keyring, &key, NULL), "Failed to initialize Serval keyring"); } else { CHECK_ERR(serval_extract_sas(&key,NULL,keyring,packedSid),"Failed to fetch SAS key"); } CHECK_ERR(serval_create_signature(key, msg, msg_len, signed_msg, SIGNATURE_BYTES + msg_len),"Failed to create signature"); strncpy(sig_str_buf,alloca_tohex(signed_msg + msg_len,SIGNATURE_BYTES),2*SIGNATURE_BYTES); sig_str_buf[2*SIGNATURE_BYTES] = '\0'; ret = 1; error: if (_keyring) keyring_free(_keyring); return ret; }
int serval_verify_client(const char *sid_str, const size_t sid_len, const unsigned char *msg, const size_t msg_len, const char *sig, const size_t sig_len, const char *keyring_path, const size_t keyring_len) { int verdict = 0; char sas_str[2*SAS_SIZE+1] = {0}; unsigned char packedSid[SID_SIZE] = {0}; CHECK(sid_len == 2*SID_SIZE,"Invalid SID length"); CHECK(sig_len == 2*SIGNATURE_BYTES,"Invalid signature length"); CHECK(str_is_subscriber_id(sid_str) != 0,"Invalid SID"); stowSid(packedSid,0,sid_str); CHECK(serval_init_keyring(packedSid, SID_SIZE, keyring_path, keyring_len, &keyring, NULL, NULL), "Failed to initialize Serval keyring"); struct subscriber *sub = find_subscriber(packedSid, SID_SIZE, 1); // get Serval identity described by given SID CHECK(sub,"Failed to fetch Serval subscriber"); CHECK(keyring_send_sas_request_client(sub),"SAS request failed"); CHECK(sub->sas_valid,"Could not validate the signing key!"); CHECK(sub->sas_public[0],"Could not validate the signing key!"); CHECK(tohex(sas_str,sub->sas_public,SAS_SIZE),"Failed to convert signing key"); verdict = cmd_serval_verify(sas_str,2*SAS_SIZE, msg,msg_len,sig,sig_len); error: return verdict; }
/* Used by serval-client */ int serval_verify_client(svl_crypto_ctx *ctx) { CHECK(ctx && ctx->sid[0] && ctx->msg && ctx->signature[0] && ctx->keyring_path, "Invalid ctx"); CHECK(serval_init_keyring(ctx), "Failed to initialize Serval keyring"); struct subscriber *sub = find_subscriber(ctx->sid, SID_SIZE, 1); // get Serval identity described by given SID CHECK(sub, "Failed to fetch Serval subscriber"); CHECK(keyring_send_sas_request_client(sub), "SAS request failed"); CHECK(sub->sas_valid, "Could not validate the signing key!"); CHECK(sub->sas_public[0], "Could not validate the signing key!"); memcpy(ctx->sas_public,sub->sas_public,crypto_sign_PUBLICKEYBYTES); return cmd_serval_verify(ctx); error: return 0; }
int cmd_serval_sign(svl_crypto_ctx *ctx) { CHECK_ERR(ctx,"Invalid ctx"); /* If a non-default keyring path is given, and/or no SID is set, * we need to initialize the keyring */ if (ctx->keyring_path || !ctx->sid[0]) { CHECK_ERR(serval_init_keyring(ctx), "Failed to initialize Serval keyring"); } else { // or just use the default keyring ctx->keyring_file = keyring; // serval global CHECK_ERR(serval_extract_sas(ctx), "Failed to fetch SAS keys"); } CHECK_ERR(serval_create_signature(ctx),"Failed to create signature"); return 1; error: return 0; }