int
serval_init_keyring(svl_crypto_ctx *ctx)
{
keyring_identity *new_ident;
CHECK_ERR(ctx,"Invalid ctx");
CHECK_ERR(serval_open_keyring(ctx), "Failed to open keyring");
if (!ctx->sid[0]) { //create new sid
// cycle through the keyring contexts until we find one with room for another identity
for(int c = 0; c < (ctx->keyring_file)->context_count; c++) {
// create new Serval identity
new_ident = keyring_create_identity(ctx->keyring_file,
(ctx->keyring_file)->contexts[c],
KEYRING_PIN);
if (new_ident)
break;
}
CHECK_ERR(new_ident, "Failed to create new SID");
// need to commit keyring or else new identity won't be saved (needs permissions)
CHECK_ERR(keyring_commit(ctx->keyring_file) == 0, "Failed to save new SID into keyring");
memcpy(ctx->sid,new_ident->subscriber->sid,SID_SIZE);
}
CHECK(serval_extract_sas(ctx), "Failed to fetch SAS keys");
return 1;
error:
return 0;
}
int cmd_serval_sign(const char *sid_str,
const size_t sid_len,
const unsigned char *msg,
const size_t msg_len,
char *sig_str_buf,
const size_t sig_str_size,
const char *keyring_path,
const size_t keyring_len) {
int ret = 0;
unsigned char signed_msg[msg_len + SIGNATURE_BYTES];
keyring_file *_keyring = NULL;
unsigned char *key = NULL;
unsigned char packedSid[SID_SIZE] = {0};
CHECK(sig_str_size >= 2*SIGNATURE_BYTES + 1,"Signature buffer too small");
if (sid_str) {
CHECK_ERR(sid_len == 2*SID_SIZE && str_is_subscriber_id(sid_str) == 1,"Invalid SID");
stowSid(packedSid,0,sid_str);
}
if (keyring_path) {
CHECK_ERR(serval_init_keyring(sid_str ? packedSid : NULL,
sid_str ? SID_SIZE : 0,
keyring_path,
keyring_len,
&_keyring,
&key,
NULL), "Failed to initialize Serval keyring");
} else {
CHECK_ERR(serval_extract_sas(&key,NULL,keyring,packedSid),"Failed to fetch SAS key");
}
CHECK_ERR(serval_create_signature(key, msg, msg_len, signed_msg, SIGNATURE_BYTES + msg_len),"Failed to create signature");
strncpy(sig_str_buf,alloca_tohex(signed_msg + msg_len,SIGNATURE_BYTES),2*SIGNATURE_BYTES);
sig_str_buf[2*SIGNATURE_BYTES] = '\0';
ret = 1;
error:
if (_keyring) keyring_free(_keyring);
return ret;
}
int
cmd_serval_sign(svl_crypto_ctx *ctx)
{
CHECK_ERR(ctx,"Invalid ctx");
/* If a non-default keyring path is given, and/or no SID is set,
* we need to initialize the keyring */
if (ctx->keyring_path || !ctx->sid[0]) {
CHECK_ERR(serval_init_keyring(ctx),
"Failed to initialize Serval keyring");
} else {
// or just use the default keyring
ctx->keyring_file = keyring; // serval global
CHECK_ERR(serval_extract_sas(ctx),
"Failed to fetch SAS keys");
}
CHECK_ERR(serval_create_signature(ctx),"Failed to create signature");
return 1;
error:
return 0;
}
int serval_init_keyring(unsigned char *sid,
const size_t sid_len,
const char *keyring_path,
const size_t keyring_len,
keyring_file **_keyring,
unsigned char **key,
int *key_len) {
keyring_identity *new_ident;
unsigned char *_sid = sid;
if (sid) CHECK(sid_len == SID_SIZE,"Invalid SID");
CHECK_ERR(serval_open_keyring(keyring_path,keyring_len,_keyring),"Failed to open keyring");
if (!sid) {
//create new sid
int c;
for(c = 0; c < (*_keyring)->context_count; c++) { // cycle through the keyring contexts until we find one with room for another identity
new_ident = keyring_create_identity(*_keyring,(*_keyring)->contexts[c], KEYRING_PIN); // create new Serval identity
if (new_ident)
break;
}
CHECK_ERR(new_ident,"failed to create new SID");
CHECK_ERR(keyring_commit(*_keyring) == 0,"Failed to save new SID into keyring"); // need to commit keyring or else new identity won't be saved (needs permissions)
_sid = new_ident->subscriber->sid;
}
if (key)
CHECK(serval_extract_sas(key,key_len, *_keyring, _sid),"Failed to fetch SAS key");
return 1;
error:
return 0;
}
