serval-dna/crypto.c

/*
Serval DNA internal cryptographic operations
Copyright 2013 Serval Project Inc.

This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
*/

#include "serval.h"
#include "overlay_address.h"
#include "crypto.h"
#include "keyring.h"


// verify the signature at the end of a message, on return message_len will be reduced by the length of the signature.
int crypto_verify_message(struct subscriber *subscriber, unsigned char *message, size_t *message_len)
{
  if (!subscriber->sas_valid){
    keyring_send_sas_request(subscriber);
    return WHY("SAS key not currently on record, cannot verify");
  }
  
  if (*message_len < SIGNATURE_BYTES)
    return WHY("Message is too short to include a signature");
  
  *message_len -= SIGNATURE_BYTES;
  
  unsigned char hash[crypto_hash_sha512_BYTES];
  crypto_hash_sha512(hash,message,*message_len);
  
  if (crypto_sign_verify_detached(&message[*message_len], hash, crypto_hash_sha512_BYTES, subscriber->sas_public))
    return WHY("Signature verification failed");

  return 0;
}
Add missing copyright/license comment blocks Update a few existing copyright notices to reflect recent work 2013-11-21 02:12:59 +00:00			`/*`
			`Serval DNA internal cryptographic operations`
Uniform copyright notices Added some missing copyright/license block comments 2013-12-04 06:26:55 +00:00			`Copyright 2013 Serval Project Inc.`
Add missing copyright/license comment blocks Update a few existing copyright notices to reflect recent work 2013-11-21 02:12:59 +00:00
			`This program is free software; you can redistribute it and/or`
			`modify it under the terms of the GNU General Public License`
			`as published by the Free Software Foundation; either version 2`
			`of the License, or (at your option) any later version.`

			`This program is distributed in the hope that it will be useful,`
			`but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`GNU General Public License for more details.`

			`You should have received a copy of the GNU General Public License`
			`along with this program; if not, write to the Free Software`
			`Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.`
			`*/`

Extract crypto signing primitives from mdp processing 2012-10-19 04:24:41 +00:00			`#include "serval.h"`
			`#include "overlay_address.h"`
			`#include "crypto.h"`
Create keyring.h and move definitions there 2013-10-16 03:00:00 +00:00			`#include "keyring.h"`
Extract crypto signing primitives from mdp processing 2012-10-19 04:24:41 +00:00

			`// verify the signature at the end of a message, on return message_len will be reduced by the length of the signature.`
Swap from included nacl to host libsodium 2016-04-12 06:13:56 +00:00			`int crypto_verify_message(struct subscriber subscriber, unsigned char message, size_t *message_len)`
Extract crypto signing primitives from mdp processing 2012-10-19 04:24:41 +00:00			`{`
			`if (!subscriber->sas_valid){`
			`keyring_send_sas_request(subscriber);`
			`return WHY("SAS key not currently on record, cannot verify");`
			`}`

Send 3-way request to stop routing an identity 2013-10-14 03:58:48 +00:00			`if (*message_len < SIGNATURE_BYTES)`
			`return WHY("Message is too short to include a signature");`

Extract crypto signing primitives from mdp processing 2012-10-19 04:24:41 +00:00			`*message_len -= SIGNATURE_BYTES;`

			`unsigned char hash[crypto_hash_sha512_BYTES];`
			`crypto_hash_sha512(hash,message,*message_len);`

Swap from included nacl to host libsodium 2016-04-12 06:13:56 +00:00			`if (crypto_sign_verify_detached(&message[*message_len], hash, crypto_hash_sha512_BYTES, subscriber->sas_public))`
			`return WHY("Signature verification failed");`
Extract crypto signing primitives from mdp processing 2012-10-19 04:24:41 +00:00
created tool for automatically finding IN()s without matching OUT()s or where return() is used instead of RETURN(). Added OUT() to end of all functions using IN() that lacked it to make it easier to statically analyse this invariant. Fixed several return instead of RETURNs detected through use of this tool. #49 2013-02-16 17:47:24 +00:00			`return 0;`
Extract crypto signing primitives from mdp processing 2012-10-19 04:24:41 +00:00			`}`

Swap from included nacl to host libsodium 2016-04-12 06:13:56 +00:00