char *oauth_api_token(shd_t *api_cli, shmap_t *sess)
{
static char ret_buf[MAX_SHARE_HASH_LENGTH];
char *token;
char *login;
int err;
token = shmap_get_str(sess, ashkey_str("access_token"));
if (!token) {
shkey_t *cli_k = shkey_gen(oauth_sess_token(sess));
shkey_t *serv_k = oauth_sess_id(api_cli);
shkey_t *key;
key = shkey_xor(cli_k, serv_k);
shkey_free(&cli_k);
shkey_free(&serv_k);
token = shkey_print(key);
shmap_set_astr(sess, "access_token", token);
shkey_free(&key);
}
memset(ret_buf, 0, sizeof(ret_buf));
strncpy(ret_buf, token, sizeof(ret_buf)-1);
return (ret_buf);
}
/** reference a revision by name */
int shfs_rev_ref(shfs_ino_t *file, char *group, char *name, shfs_ino_t *rev)
{
shfs_ino_t *branch;
shfs_ino_t *ref;
shkey_t *ref_key;
char buf[SHFS_PATH_MAX];
int err;
if (!rev) {
return (SHERR_INVAL);
}
if (shfs_type(rev) != SHINODE_REVISION)
return (SHERR_INVAL);
ref_key = shkey_hexgen(shfs_filename(rev));
if (!ref_key)
return (SHERR_IO);
if (shkey_cmp(ref_key, ashkey_blank())) {
/* not a revision (filename has no hex key) */
shkey_free(&ref_key);
return (SHERR_INVAL);
}
memset(buf, 0, sizeof(buf));
snprintf(buf, sizeof(buf)-1, "%s/%s", group, name);
err = shfs_obj_set(file, buf, ref_key);
shkey_free(&ref_key);
if (err)
return (err);
return (0);
}
int shpam_shadow_setpass(shfs_ino_t *file, shseed_t *seed, shkey_t *sess_key)
{
shadow_t *ent;
shadow_t save;
shkey_t *seed_key;
int err;
seed_key = shkey_bin((char *)&seed->seed_uid, sizeof(seed->seed_uid));
ent = shpam_shadow(file, seed_key);
shkey_free(&seed_key);
if (!ent)
return (SHERR_NOENT);
memcpy(&save, ent, sizeof(shadow_t));
if (shtime64() >= save.sh_expire)
return (SHERR_KEYEXPIRED);
if (!shkey_cmp(&save.sh_sess, sess_key))
return (SHERR_KEYREJECTED);
seed_key = shkey_bin((char *)&seed->seed_uid, sizeof(seed->seed_uid));
err = shpam_shadow_session_expire(file, seed_key, sess_key);
shkey_free(&seed_key);
if (err)
return (err);
err = shpam_shadow_pass_append(file, seed);
if (err)
return (err);
return (0);
}
/**
* @see shsig_shr_verify()
*/
static int _shcert_sign_verify_shr(shcert_t *cert, shcert_t *parent)
{
shkey_t *key;
unsigned char *enc_data;
size_t enc_len;
int err;
if (!parent)
return (SHERR_INVAL);
err = shencode((char *)&parent->cert_sub.ent_sig.sig_key, sizeof(shkey_t),
&enc_data, &enc_len, &parent->cert_iss.ent_sig.sig_key);
if (err)
return (err);
key = shkey_bin(enc_data, enc_len);
free(enc_data);
if (!shkey_cmp(key, &cert->cert_sub.ent_sig.sig_key)) {
/* encrypted key is not validated. */
shkey_free(&key);
return (SHERR_KEYREJECTED);
}
shkey_free(&key);
return (0);
}
shfs_ino_t *shfs_rev_ref_resolve(shfs_ino_t *file, char *group, char *name)
{
shfs_ino_t *branch;
shfs_ino_t *repo;
shfs_ino_t *ref;
shkey_t *key;
char buf[SHFS_PATH_MAX];
int obj_type;
int err;
if (!file)
return (NULL);
memset(buf, 0, sizeof(buf));
snprintf(buf, sizeof(buf)-1, "%s/%s", group, name);
err = shfs_obj_get(file, buf, &key);
if (err)
return (NULL);
repo = shfs_inode(file, NULL, SHINODE_REPOSITORY);
branch = shfs_rev_get(repo, key);
shkey_free(&key);
return (branch);
}
int sexe_event_remove(lua_State *L, int e_type, char *e_name)
{
sexe_event_t t_event;
sexe_event_t *e;
shkey_t *key;
int err;
memset(&t_event, 0, sizeof(t_event));
t_event.event_type = e_type;
strncpy(t_event.mod_name, e_name, sizeof(t_event.mod_name) - 1);
key = shkey_bin(&t_event, sizeof(sexe_event_t));
/* remove event's global callback */
lua_pushnil(L);
lua_setglobal(L, shkey_hex(key));
e = (sexe_event_t *)shmap_get_ptr(event_map, key);
if (e) {
shmap_unset(event_map, key);
free(e);
}
shkey_free(&key);
return (0);
}
int install_sexe_userdata(sexe_t *S, char *tag)
{
SHFL *fl;
shjson_t *udata;
shfs_t *fs;
shbuf_t *buff;
shkey_t *k;
char path[PATH_MAX+1];
int is_new;
k = shkey_str(tag);
sprintf(path, "/sys/data/sexe/%s", shkey_hex(k));
memcpy(&S->pname, k, sizeof(S->pname));
shkey_free(&k);
buff = shbuf_init();
fs = shfs_init(NULL);
fl = shfs_file_find(fs, path);
is_new = shfs_read(fl, buff);
udata = shjson_init(shbuf_size(buff) ? (char *)shbuf_data(buff) : NULL);
shbuf_free(&buff);
if (is_new)
shjson_num_add(udata, "birth", shtimef(shtime()));
sexe_table_set(S, udata);
lua_setglobal(S, "userdata");
shjson_free(&udata);
shfs_free(&fs);
return (0);
}
int shpam_shadow_create(shfs_ino_t *file, shkey_t *seed_key, char *id_label, shadow_t **shadow_p)
{
static shadow_t shadow;
shadow_t *sh_list;
shbuf_t *buff;
shkey_t *id_key;
int sh_list_max;
int idx;
int err;
if (!file->tree)
return (SHERR_INVAL);
if (shpam_shadow(file, seed_key))
return (SHERR_NOTUNIQ);
memset(&shadow, 0, sizeof(shadow));
memcpy(&shadow.sh_seed, seed_key, sizeof(shkey_t));
if (id_label)
strncpy(shadow.sh_label, id_label, sizeof(shadow.sh_label));
id_key = shpam_ident_gen(&file->tree->peer, seed_key, id_label);
memcpy(&shadow.sh_id, id_key, sizeof(shkey_t));
shkey_free(&id_key);
err = shfs_cred_store(file, seed_key,
(unsigned char *)&shadow, sizeof(shadow));
if (err)
return (err);
if (shadow_p)
*shadow_p = &shadow;
return (0);
}
int shpam_shadow_remove(shfs_ino_t *file, uint64_t uid, shkey_t *sess_key)
{
shadow_t *ent;
shadow_t save;
shkey_t *key;
int err;
if (!sess_key)
return (SHERR_NOKEY);
err = shpam_shadow_load(file, uid, &save);
if (err) {
return (err);
}
if (shtime_after(shtime(), save.sh_expire))
return (SHERR_KEYEXPIRED);
if (!shkey_cmp(&save.sh_sess, sess_key))
return (SHERR_KEYREJECTED);
key = shkey_bin((char *)&uid, sizeof(uid));
err = shfs_cred_remove(file, key);
shkey_free(&key);
if (err) {
return (err);
}
return (0);
}
int shpam_shadow_store(shfs_ino_t *file, shadow_t *shadow)
{
shadow_t save;
shkey_t *key;
int err;
if (!shadow)
return (SHERR_INVAL);
#if 0
/* ensure record already exists. */
err = shpam_shadow_load(file, shadow->sh_uid, NULL);
if (err)
return (err);
#endif
memcpy(&save, shadow, sizeof(shadow_t));
key = shkey_bin((char *)&save.sh_uid, sizeof(save.sh_uid));
err = shfs_cred_store(file, key, (unsigned char *)&save, sizeof(shadow_t));
shkey_free(&key);
if (err)
return (err);
return (0);
}
int txop_contract_confirm(shpeer_t *peer, tx_contract_t *contract)
{
shtime_t now;
shkey_t *key;
int sig_ok;
if (0 != strcmp(contract->con_cur, COIN_USDE) &&
0 != strcmp(contract->con_cur, COIN_GMC) &&
0 != strcmp(contract->con_cur, COIN_SYS))
return (SHERR_INVAL);
now = shtime();
if (shtime_before(shtime(), contract->con_birth) ||
shtime_before(shtime(), contract->con_stamp) ||
shtime_after(contract->con_birth, contract->con_stamp))
return (SHERR_TIME);
key = shkey_hexgen(contract->con_key + 8);
if (!key)
return (SHERR_NOKEY);
sig_ok = shkey_cmp(key, &contract->con_sig);
shkey_free(&key);
if (!sig_ok)
return (SHERR_KEYREJECTED);
return (0);
}
static void generate_bond_signature(tx_bond_t *bond)
{
shkey_t *sig_key;
uint64_t crc;
crc = (uint64_t)shcrc(bond->bond_sink, strlen(bond->bond_sink));
sig_key = shkey_cert(&bond->bond_key, crc, bond->bond_expire);
memcpy(&bond->bond_sig, sig_key, sizeof(shkey_t));
shkey_free(&sig_key);
}
void shmap_free(shmap_t **meta_p)
{
shmap_entry_t *e_next;
shmap_entry_t *ent;
shmap_value_t *hdr;
shmap_t *meta;
int i;
if (!meta_p)
return;
meta = *meta_p;
*meta_p = NULL;
if (!meta)
return;
for (i = 0; i <= meta->max; i++) {
for (ent = meta->array[i]; ent; ent = e_next) {
e_next = ent->next;
if ((ent->flag & SHMAP_ALLOC) && ent->val)
free((void *)ent->val);
shkey_free(&ent->key);
free(ent);
}
}
/* recycle bucket */
for (ent = meta->free; ent; ent = e_next) {
e_next = ent->next;
shkey_free(&ent->key);
free(ent);
}
free(meta->array);
free(meta);
}
int shpam_shadow_create(shfs_ino_t *file, uint64_t uid, shadow_t *ret_shadow)
{
shadow_t shadow;
shadow_t *sh_list;
shbuf_t *buff;
shkey_t *id_key;
shkey_t *key;
int sh_list_max;
int idx;
int err;
if (!file->tree)
return (SHERR_INVAL);
/* In order to prevent this from allowing already created shadow entries from existing prior the SHERR_NOTUNIQ error code is returned when "err == 0". Currently, this is not considered an error in order to allow pre-established IDs from the sharenet (shared) to be created. */
err = shpam_shadow_load(file, uid, NULL);
if (err != 0 && err != SHERR_NOENT)
return (err);
memset(&shadow, 0, sizeof(shadow_t));
// memcpy(&shadow.sh_sess, ashkey_blank(), sizeof(shkey_t));
shadow.sh_uid = uid;
id_key = shpam_ident_gen(uid, &file->tree->peer);
memcpy(&shadow.sh_id, id_key, sizeof(shadow.sh_id));
shkey_free(&id_key);
key = shkey_bin((char *)&uid, sizeof(uid));
err = shfs_cred_store(file, key, (unsigned char *)&shadow, sizeof(shadow_t));
shkey_free(&key);
if (err)
return (err);
if (ret_shadow)
memcpy(ret_shadow, &shadow, sizeof(shadow_t));
return (0);
}
void generate_asset_signature(tx_asset_t *asset, shpeer_t *peer)
{
shkey_t *sig_key;
uint64_t crc;
if (asset->ass.ass_expire == SHTIME_UNDEFINED)
asset->ass.ass_expire = shtime_adj(shtime(), SHARE_DEFAULT_EXPIRE_TIME);
crc = shcrc((unsigned char *)asset->ass_data, asset->ass_size);
sig_key = shkey_cert(shpeer_kpriv(peer), crc, asset->ass.ass_expire);
memcpy(&asset->ass.ass_sig, sig_key, sizeof(shkey_t));
shkey_free(&sig_key);
}
int shkey_verify(shkey_t *sig, uint64_t crc, shkey_t *key, shtime_t stamp)
{
shkey_t *sha_key;
char *ptr;
int valid;
sha_key = shkey_cert(key, crc, stamp);
valid = shkey_cmp(sha_key, sig);
shkey_free(&sha_key);
if (!valid)
return (SHERR_INVAL);
return (0);
}
int shpam_shadow_session(shfs_ino_t *file, shseed_t *seed, shkey_t **sess_p, shtime_t *expire_p)
{
shadow_t *ent;
shadow_t save;
shkey_t *sess_key;
shkey_t *ret_key;
shkey_t *seed_key;
shtime_t stamp;
shtime_t now;
uint64_t crc;
int err;
if (!file->tree)
return (SHERR_INVAL);
err = shpam_shadow_load(file, seed->seed_uid, &save);
if (err) {
return (err);
}
now = shtime();
if (shtime_after(now, save.sh_expire)) {
/* generate new session key with default expiration */
stamp = shtime_adj(now, MAX_SHARE_SESSION_TIME);
sess_key = _shpam_shadow_session_gen(seed, &save.sh_id, stamp);
if (!sess_key)
return (SHERR_KEYREVOKED);
save.sh_expire = stamp;
memcpy(&save.sh_sess, sess_key, sizeof(save.sh_sess));
err = shpam_shadow_store(file, &save);
shkey_free(&sess_key);
if (err) {
return (err);
}
}
if (expire_p)
*expire_p = save.sh_expire;
if (sess_p) {
ret_key = (shkey_t *)calloc(1, sizeof(shkey_t));
memcpy(ret_key, &save.sh_sess, sizeof(shkey_t));
*sess_p = ret_key;
}
return (0);
}
int txop_contract_init(shpeer_t *cli_peer, tx_contract_t *contract)
{
shkey_t *key;
contract->con_birth = shtime();
key = shkey_hexgen(contract->con_key + 8);
if (!key)
return (SHERR_NOKEY);
memcpy(&contract->con_sig, key, sizeof(contract->con_sig));
shkey_free(&key);
contract->con_stamp = shtime();
return (0);
}
int shcert_init(shcert_t *cert, char *entity, uint64_t fee, int alg, int flags)
{
shpeer_t *peer;
shkey_t *key;
shcert_init_default(cert);
/* the relevant name or entity subject */
memset(cert->cert_sub.ent_name, '\0', sizeof(cert->cert_sub.ent_name));
if (entity)
strncpy(cert->cert_sub.ent_name, entity, sizeof(cert->cert_sub.ent_name) - 1);
/* certificate version */
cert->cert_ver = 3;
/* coin cost to license certificate. */
cert->cert_fee = fee;
/* certificate attributes */
cert->cert_flag = flags;
/* default key algorythm */
if (alg == SHKEY_ALG_ECDSA) {
/* specify key length */
shcert_sub_len(cert) = 21; /* 168-bit key */
/* define algorythm */
cert->cert_sub.ent_sig.sig_key.alg = SHKEY_ALG_ECDSA;
} else /* (alg == SHKEY_ALG_SHR) */ {
/* specify key length */
shcert_sub_len(cert) = 24; /* 192-bit key */
/* generate public key */
memset(shcert_sub_sig(cert), '\000', sizeof(shkey_t));
key = shkey_bin(cert, sizeof(shcert_t));
key->alg = SHKEY_ALG_ECDSA;
memcpy(shcert_sub_sig(cert), key, sizeof(shkey_t));
shkey_free(&key);
/* define algorythm */
cert->cert_sub.ent_sig.sig_key.alg = SHKEY_ALG_SHR;
}
return (0);
}
int tx_init(shpeer_t *cli_peer, tx_t *tx, int tx_op)
{
shkey_t *key;
txop_t *op;
int tx_len;
int err;
if (!tx)
return (SHERR_INVAL);
op = get_tx_op(tx_op);
if (!op)
return (SHERR_INVAL);
if (op->op_size == 0)
return (0);
tx->tx_op = tx_op;
if (op->op_init) {
err = op->op_init(cli_peer, tx);
if (err)
return (err);
}
if (tx->tx_flag & TXF_WARD) {
err = txward_init(tx);
if (err)
return (err);
}
err = local_transid_generate(tx_op, tx);
if (err)
return (err); /* scrypt error */
/* generate transaction key */
memcpy(&tx->tx_key, ashkey_blank(), sizeof(tx->tx_key));
key = shkey_bin((char *)tx, op->op_keylen ? op->op_keylen : op->op_size);
memcpy(&tx->tx_key, key, sizeof(tx->tx_key));
shkey_free(&key);
return (0);
}
/** Associated a particular context with releasing a ward. */
void txward_context_sign(tx_ward_t *ward, tx_context_t *ctx)
{
shkey_t *sig_key;
if (!ward || !ctx)
return;
if (!shkey_cmp(&ward->ward_ref, &ctx->ctx_ref))
return (SHERR_INVAL);
if (ward->ward_tx.tx_stamp == SHTIME_UNDEFINED)
ward->ward_tx.tx_stamp = shtime();
sig_key = shkey_cert(&ctx->ctx_sig,
shkey_crc(&ctx->ctx_ref), ward->ward_tx.tx_stamp);
memcpy(&ward->ward_sig, sig_key, sizeof(ward->ward_sig));
shkey_free(&sig_key);
}
int shpam_shadow_load(shfs_ino_t *file, uint64_t uid, shadow_t *ret_shadow)
{
shadow_t shadow;
shkey_t *key;
int err;
memset(&shadow, 0, sizeof(shadow_t));
key = shkey_bin((char *)&uid, sizeof(uid));
err = shfs_cred_load(file, key, (unsigned char *)&shadow, sizeof(shadow));
shkey_free(&key);
if (err)
return (err);
if (ret_shadow)
memcpy(ret_shadow, &shadow, sizeof(shadow_t));
return (0);
}
shkey_t *shfs_index_key(shfs_idx_t *idx, uint64_t crc, shfs_dirent_t *ent_p)
{
shkey_t *key;
int h_num = (crc % 256);
if (!idx->hash[h_num]) {
key = shkey_bin(&crc, sizeof(uint64_t));
idx->hash_ino[h_num] = shfs_inode(idx->file, shkey_hex(key), SHINODE_INDEX);
shkey_free(&key);
return (NULL);
}
for (i = 0; i < idx->hash_max[h_num]; i++) {
if ((idx->key[h_num] + i) == crc) {
return (idx->hash[h_num] + i);
}
}
return (NULL);
}
/**
* Generate a public key.
*/
shkey_t *shecdsa_key_priv(char *hex_seed)
{
#ifdef HAVE_LIBGMP
ecdsa_parameters curve;
mpz_t d;
shkey_t *ret_key;
shkey_t *ukey;
#if 0
/* setup parameters */
curve = ecdsa_parameters_init();
ecdsa_parameters_load_curve(curve, secp160r1);
/* public key */
ecdsa_point Q = ecdsa_point_init();
ecdsa_point Q_check = ecdsa_point_init();
#endif
if (hex_seed) {
ukey = shkey_hexgen(hex_seed);
} else {
ukey = shkey_uniq(); /* generate random */
}
if (!ukey) {
fprintf(stderr, "DEBUG: shecdsa_key_priv: !ukey\n");
return (NULL);
}
/* truncate to "21 bytes" */
ukey->code[5] = (ukey->code[5] & 0xff);
ukey->code[6] = 0;
ukey->code[7] = 0;
ukey->alg = SHKEY_ALG_ECDSA;
ret_key = shecdsa_key((char *)shkey_hex(ukey));
shkey_free(&ukey);
return (ret_key);
#else
return (NULL);
#endif
}
static int _lfunc_sexe_shkey(lua_State *L)
{
shkey_t *key;
char *seed;
int seed_num;
seed = luaL_checkstring(L, 1);
if (!seed)
seed_num = luaL_checknumber(L, 1);
if (seed)
key = shkey_str(seed);
else
key = shkey_num(seed_num);
lua_pushstring(L, shkey_print(key));
shkey_free(&key);
return (1); /* (1) string key */
}
int shpam_shadow_delete(shfs_ino_t *file, char *acc_name, shkey_t *sess_key)
{
shadow_t *ent;
shadow_t save;
shkey_t *seed_key;
int ret_err;
int err;
if (!sess_key)
return (SHERR_INVAL);
seed_key = shpam_seed(acc_name);
ent = shpam_shadow(file, seed_key);
shkey_free(&seed_key);
if (!ent)
return (SHERR_NOKEY);
memcpy(&save, ent, sizeof(shadow_t));
if (shtime64() >= save.sh_expire)
return (SHERR_KEYEXPIRED);
if (!shkey_cmp(&save.sh_sess, sess_key))
return (SHERR_KEYREJECTED);
if (save.sh_flag & SHPAM_LOCK)
return (SHERR_ACCESS);
ret_err = 0;
err = shfs_cred_remove(file, &save.sh_seed);
if (err)
ret_err = err;
err = shpam_shadow_pass_remove(file, shpam_uid(acc_name));
if (err)
ret_err = err;
return (ret_err);
}
char *sexe_event_init(int e_type, const char *e_name)
{
static char key_str[256];
sexe_event_t *e;
shkey_t *key;
if (!event_map) {
event_map = shmap_init();
}
e = (sexe_event_t *)calloc(1, sizeof(sexe_event_t));
if (!e)
return (SHERR_NOMEM);
e->event_type = e_type;
strncpy(e->mod_name, e_name, sizeof(e->mod_name) - 1);
key = shkey_bin(e, sizeof(sexe_event_t));
memcpy(&e->reg_key, key, sizeof(shkey_t));
shmap_set_ptr(event_map, key, e);
strncpy(key_str, shkey_hex(key), sizeof(key_str) - 1);
shkey_free(&key);
return (key_str);
}
shkey_t *get_bond_key(shkey_t *sender, shkey_t *receiver, shkey_t *ref)
{
static shkey_t ret_key;
shkey_t keys[3];
shkey_t *key;
if (!sender)
sender = shpeer_kpriv(sharedaemon_peer());
else if (!receiver)
receiver = shpeer_kpriv(sharedaemon_peer());
if (!ref)
ref = ashkey_blank();
memcpy(&keys[0], sender, sizeof(shkey_t));
memcpy(&keys[1], receiver, sizeof(shkey_t));
memcpy(&keys[2], ref, sizeof(shkey_t));
key = shkey_bin(keys, sizeof(shkey_t) * 3);
memcpy(&ret_key, key, sizeof(ret_key));
shkey_free(&key);
return (&ret_key);
}
int confirm_tx_key(txop_t *op, tx_t *tx)
{
shkey_t *c_key = &tx->tx_key;
shkey_t *key;
shbuf_t *buff;
tx_t *k_tx;
size_t len;
int confirm;
if (!op || !tx)
return (SHERR_INVAL);
if (op->op_size == 0)
return (0);
/* allocate working copy */
len = MAX(sizeof(tx_t), op->op_keylen ? op->op_keylen : op->op_size);
buff = shbuf_init();
shbuf_cat(buff, (char *)tx, len);
/* blank out tx key */
k_tx = (tx_t *)shbuf_data(buff);
memset(&k_tx->tx_key, '\000', sizeof(k_tx->tx_key));
/* verify generated tx key matches. */
key = shkey_bin(shbuf_data(buff), shbuf_size(buff));
confirm = shkey_cmp(c_key, key);
shkey_free(&key);
shbuf_free(&buff);
if (!confirm) {
return (SHERR_INVAL);
}
return (0);
}
static int _lfunc_sexe_shdecode(lua_State *L)
{
const char *enc_str = luaL_checkstring(L, 1);
const char *key_str = luaL_checkstring(L, 2);
shkey_t *key;
size_t data_len;
char *data;
int err;
if (!enc_str)
enc_str = "";
key = shkey_gen(key_str);
err = shdecode(enc_str, strlen(enc_str), &data, &data_len, key);
shkey_free(&key);
if (err) {
lua_pushnil(L);
return (1); /* (1) nil */
}
lua_pushstring(L, data);
free(data);
return (1); /* (1) encoded string */
}
