/**
* @brief Retrieves the encryption key from the keys binary.
* @param bin_keys Pointer to the keys buffer.
* @param len Length of the keys buffer.
* @return Pointer to elliptic curve key, NULL if an error occurred.
* @free_using{free_ec_key}
*/
static EC_KEY *keys_serial_get_enc_key(const unsigned char *bin_keys, size_t len) {
/* unsigned char sign_fid, enc_fid; sign_fid is unused causing errors on
compilation */
unsigned char enc_fid;
size_t at = 0, privkeylen;
EC_KEY *enc_key = NULL;
if(!bin_keys) {
RET_ERROR_PTR(ERR_BAD_PARAM, NULL);
} else if(keys_check_length(bin_keys, len) < 0) {
RET_ERROR_PTR(ERR_BAD_PARAM, NULL);
}
switch(keys_type_get(bin_keys, len)) {
case KEYS_TYPE_ORG:
/* sign_fid = KEYS_ORG_PRIVATE_POK; */
enc_fid = KEYS_ORG_PRIVATE_ENC;
break;
case KEYS_TYPE_USER:
/* sign_fid = KEYS_USER_PRIVATE_SIGN; */
enc_fid = KEYS_USER_PRIVATE_ENC;
break;
default:
RET_ERROR_PTR(ERR_UNSPEC, "invalid keys type");
break;
}
at = KEYS_HEADER_SIZE;
while(bin_keys[at++] != enc_fid) {
at += bin_keys[at] + 1;
if(len <= at) {
RET_ERROR_PTR(ERR_UNSPEC, "no private encryption key in keys file");
}
}
privkeylen = _int_no_get_2b(bin_keys+at);
at += 2;
if(at + privkeylen > len) {
RET_ERROR_PTR(ERR_UNSPEC, "invalid encryption key size");
}
if(!(enc_key = _deserialize_ec_privkey(bin_keys + at, privkeylen, 0))) {
RET_ERROR_PTR(ERR_UNSPEC, "could not deserialize private EC encryption key");
}
return enc_key;
}
/**
* @brief Retrieves the signing key from the keys binary.
* @param bin_keys Pointer to the keys buffer.
* @param len Length of the keys buffer.
* @return Pointer to ed25519 signing key, NULL if an error occurred.
* @free_using{free_ed25519_key}
*/
static ED25519_KEY *keys_serial_get_sign_key(const unsigned char *bin_keys, size_t len) {
unsigned char sign_fid;
unsigned int at = 0;
ED25519_KEY *sign_key;
if(!bin_keys) {
RET_ERROR_PTR(ERR_BAD_PARAM, NULL);
} else if(keys_check_length(bin_keys, len) < 0) {
RET_ERROR_PTR(ERR_BAD_PARAM, NULL);
} else if(len < KEYS_HEADER_SIZE + 2 + ED25519_KEY_SIZE) {
RET_ERROR_PTR(ERR_BAD_PARAM, "keys buffer too small for signing key");
}
switch(keys_type_get(bin_keys, len)) {
case KEYS_TYPE_ORG:
sign_fid = KEYS_ORG_PRIVATE_POK;
break;
case KEYS_TYPE_USER:
sign_fid = KEYS_USER_PRIVATE_SIGN;
break;
default:
RET_ERROR_PTR(ERR_UNSPEC, "invalid keys type");
break;
}
at = KEYS_HEADER_SIZE;
if(bin_keys[at++] != sign_fid) {
RET_ERROR_PTR(ERR_UNSPEC, "no signing key was found");
}
if(bin_keys[at++] != ED25519_KEY_SIZE) {
RET_ERROR_PTR(ERR_UNSPEC, "invalid size of signing key");
}
if(!(sign_key = _deserialize_ed25519_privkey(bin_keys + at))) {
RET_ERROR_PTR(ERR_UNSPEC, "could not deserialize ed25119 signing key");
}
return sign_key;
}
/**
* @brief Retrieves the keys type (user or organizational) from the keys binary.
* @param bin_keys Pointer to the keys buffer.
* @param len Length of the keys buffer.
* @return Keys type on success, KEYS_TYPE_ERROR on error.
*/
static keys_type_t keys_type_get(const unsigned char *bin_keys, size_t len) {
dime_number_t number;
if(!bin_keys) {
RET_ERROR_CUST(KEYS_TYPE_ERROR, ERR_BAD_PARAM, NULL);
} else if(keys_check_length(bin_keys, len) < 0) {
RET_ERROR_CUST(KEYS_TYPE_ERROR, ERR_BAD_PARAM, NULL);
}
number = (dime_number_t)_int_no_get_2b((void *)bin_keys);
if (number == DIME_ORG_KEYS) {
return KEYS_TYPE_ORG;
} else if (number == DIME_USER_KEYS) {
return KEYS_TYPE_USER;
}
RET_ERROR_CUST(KEYS_TYPE_ERROR, ERR_UNSPEC, "DIME number is not keys file type");
}
