mirror of
https://github.com/servalproject/serval-dna.git
synced 2024-12-24 07:16:43 +00:00
Fix -Wsign-compare warnings in keyring: unsigned cn,in,kp
This commit is contained in:
parent
5d741361ea
commit
476a538ef7
@ -2068,7 +2068,7 @@ int app_keyring_list(const struct cli_parsed *parsed, struct cli_context *contex
|
|||||||
keyring_file *k = keyring_open_instance_cli(parsed);
|
keyring_file *k = keyring_open_instance_cli(parsed);
|
||||||
if (!k)
|
if (!k)
|
||||||
return -1;
|
return -1;
|
||||||
int cn, in;
|
unsigned cn, in;
|
||||||
for (cn = 0; cn < k->context_count; ++cn)
|
for (cn = 0; cn < k->context_count; ++cn)
|
||||||
for (in = 0; in < k->contexts[cn]->identity_count; ++in) {
|
for (in = 0; in < k->contexts[cn]->identity_count; ++in) {
|
||||||
const sid_t *sidp = NULL;
|
const sid_t *sidp = NULL;
|
||||||
@ -2136,6 +2136,7 @@ int app_keyring_add(const struct cli_parsed *parsed, struct cli_context *context
|
|||||||
if (!k)
|
if (!k)
|
||||||
return -1;
|
return -1;
|
||||||
keyring_enter_pin(k, pin);
|
keyring_enter_pin(k, pin);
|
||||||
|
assert(k->context_count > 0);
|
||||||
const keyring_identity *id = keyring_create_identity(k, k->contexts[k->context_count - 1], pin);
|
const keyring_identity *id = keyring_create_identity(k, k->contexts[k->context_count - 1], pin);
|
||||||
if (id == NULL) {
|
if (id == NULL) {
|
||||||
keyring_free(k);
|
keyring_free(k);
|
||||||
@ -2181,7 +2182,7 @@ int app_keyring_set_did(const struct cli_parsed *parsed, struct cli_context *con
|
|||||||
if (!(keyring = keyring_open_instance_cli(parsed)))
|
if (!(keyring = keyring_open_instance_cli(parsed)))
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
int cn=0,in=0,kp=0;
|
unsigned cn=0, in=0, kp=0;
|
||||||
int r=0;
|
int r=0;
|
||||||
if (!keyring_find_sid(keyring, &cn, &in, &kp, &sid))
|
if (!keyring_find_sid(keyring, &cn, &in, &kp, &sid))
|
||||||
r=WHY("No matching SID");
|
r=WHY("No matching SID");
|
||||||
@ -2216,7 +2217,7 @@ static int app_keyring_set_tag(const struct cli_parsed *parsed, struct cli_conte
|
|||||||
if (str_to_sid_t(&sid, sidhex) == -1)
|
if (str_to_sid_t(&sid, sidhex) == -1)
|
||||||
return WHY("str_to_sid_t() failed");
|
return WHY("str_to_sid_t() failed");
|
||||||
|
|
||||||
int cn=0,in=0,kp=0;
|
unsigned cn=0, in=0, kp=0;
|
||||||
int r=0;
|
int r=0;
|
||||||
if (!keyring_find_sid(keyring, &cn, &in, &kp, &sid))
|
if (!keyring_find_sid(keyring, &cn, &in, &kp, &sid))
|
||||||
r=WHY("No matching SID");
|
r=WHY("No matching SID");
|
||||||
|
@ -75,19 +75,16 @@ static void directory_send(struct subscriber *directory_service, const sid_t *si
|
|||||||
|
|
||||||
// send a registration packet for each unlocked identity
|
// send a registration packet for each unlocked identity
|
||||||
static void directory_send_keyring(struct subscriber *directory_service){
|
static void directory_send_keyring(struct subscriber *directory_service){
|
||||||
int cn=0, in=0, kp=0, k2;
|
unsigned cn=0, in=0, kp=0;
|
||||||
|
|
||||||
for (; !keyring_sanitise_position(keyring, &cn, &in, &kp); ++kp){
|
for (; !keyring_sanitise_position(keyring, &cn, &in, &kp); ++kp){
|
||||||
keyring_identity *i = keyring->contexts[cn]->identities[in];
|
keyring_identity *i = keyring->contexts[cn]->identities[in];
|
||||||
|
|
||||||
if (i->keypairs[kp]->type == KEYTYPE_CRYPTOBOX){
|
if (i->keypairs[kp]->type == KEYTYPE_CRYPTOBOX){
|
||||||
const sid_t *sidp = (const sid_t *) i->keypairs[0]->public_key;
|
const sid_t *sidp = (const sid_t *) i->keypairs[0]->public_key;
|
||||||
|
unsigned k2;
|
||||||
for(k2=0; k2 < i->keypair_count; k2++){
|
for(k2=0; k2 < i->keypair_count; k2++){
|
||||||
if (i->keypairs[k2]->type==KEYTYPE_DID){
|
if (i->keypairs[k2]->type==KEYTYPE_DID){
|
||||||
const char *unpackedDid = (const char *) i->keypairs[k2]->private_key;
|
const char *unpackedDid = (const char *) i->keypairs[k2]->private_key;
|
||||||
const char *name = (const char *) i->keypairs[k2]->public_key;
|
const char *name = (const char *) i->keypairs[k2]->public_key;
|
||||||
|
|
||||||
directory_send(directory_service, sidp, unpackedDid, name);
|
directory_send(directory_service, sidp, unpackedDid, name);
|
||||||
// send the first DID only
|
// send the first DID only
|
||||||
break;
|
break;
|
||||||
|
92
keyring.c
92
keyring.c
@ -238,10 +238,12 @@ static void wipestr(char *str)
|
|||||||
*str++ = ' ';
|
*str++ = ' ';
|
||||||
}
|
}
|
||||||
|
|
||||||
void keyring_release_identity(keyring_file *k, int cn, int id){
|
void keyring_release_identity(keyring_file *k, unsigned cn, unsigned id)
|
||||||
|
{
|
||||||
if (config.debug.keyring)
|
if (config.debug.keyring)
|
||||||
DEBUGF("Releasing k=%p, cn=%d, id=%d", k, cn, id);
|
DEBUGF("Releasing k=%p, cn=%u, id=%u", k, cn, id);
|
||||||
keyring_context *c=k->contexts[cn];
|
keyring_context *c=k->contexts[cn];
|
||||||
|
assert(c->identity_count > 0);
|
||||||
c->identity_count--;
|
c->identity_count--;
|
||||||
keyring_free_identity(c->identities[id]);
|
keyring_free_identity(c->identities[id]);
|
||||||
if (id!=c->identity_count)
|
if (id!=c->identity_count)
|
||||||
@ -249,6 +251,7 @@ void keyring_release_identity(keyring_file *k, int cn, int id){
|
|||||||
c->identities[c->identity_count]=NULL;
|
c->identities[c->identity_count]=NULL;
|
||||||
if (c->identity_count==0){
|
if (c->identity_count==0){
|
||||||
keyring_free_context(c);
|
keyring_free_context(c);
|
||||||
|
assert(k->context_count > 0);
|
||||||
k->context_count --;
|
k->context_count --;
|
||||||
if (cn!=k->context_count)
|
if (cn!=k->context_count)
|
||||||
k->contexts[cn] = k->contexts[k->context_count];
|
k->contexts[cn] = k->contexts[k->context_count];
|
||||||
@ -258,7 +261,7 @@ void keyring_release_identity(keyring_file *k, int cn, int id){
|
|||||||
|
|
||||||
void keyring_release_subscriber(keyring_file *k, const sid_t *sid)
|
void keyring_release_subscriber(keyring_file *k, const sid_t *sid)
|
||||||
{
|
{
|
||||||
int cn=0,in=0,kp=0;
|
unsigned cn=0, in=0, kp=0;
|
||||||
if (keyring_find_sid(k, &cn, &in, &kp, sid)
|
if (keyring_find_sid(k, &cn, &in, &kp, sid)
|
||||||
&& keyring->contexts[cn]->identities[in]->subscriber != my_subscriber)
|
&& keyring->contexts[cn]->identities[in]->subscriber != my_subscriber)
|
||||||
keyring_release_identity(keyring, cn, in);
|
keyring_release_identity(keyring, cn, in);
|
||||||
@ -328,7 +331,7 @@ int keyring_enter_keyringpin(keyring_file *k, const char *pin)
|
|||||||
return WHY("Too many loaded contexts already");
|
return WHY("Too many loaded contexts already");
|
||||||
if (k->context_count < 1)
|
if (k->context_count < 1)
|
||||||
return WHY("Cannot enter PIN without keyring salt being available");
|
return WHY("Cannot enter PIN without keyring salt being available");
|
||||||
int cn;
|
unsigned cn;
|
||||||
for (cn = 0; cn < k->context_count; ++cn)
|
for (cn = 0; cn < k->context_count; ++cn)
|
||||||
if (strcmp(k->contexts[cn]->KeyRingPin, pin) == 0)
|
if (strcmp(k->contexts[cn]->KeyRingPin, pin) == 0)
|
||||||
return cn;
|
return cn;
|
||||||
@ -444,7 +447,7 @@ struct keytype {
|
|||||||
size_t packed_size;
|
size_t packed_size;
|
||||||
void (*creator)(keypair *);
|
void (*creator)(keypair *);
|
||||||
int (*packer)(const keypair *, struct rotbuf *);
|
int (*packer)(const keypair *, struct rotbuf *);
|
||||||
int (*unpacker)(keypair *, struct rotbuf *, int);
|
int (*unpacker)(keypair *, struct rotbuf *, size_t);
|
||||||
void (*dumper)(const keypair *, XPRINTF, int);
|
void (*dumper)(const keypair *, XPRINTF, int);
|
||||||
int (*loader)(keypair *, const char *);
|
int (*loader)(keypair *, const char *);
|
||||||
};
|
};
|
||||||
@ -630,7 +633,7 @@ static int load_unknown(keypair *kp, const char *text)
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int unpack_private_public(keypair *kp, struct rotbuf *rb, int key_length)
|
static int unpack_private_public(keypair *kp, struct rotbuf *rb, size_t key_length)
|
||||||
{
|
{
|
||||||
assert(key_length == kp->private_key_len + kp->public_key_len);
|
assert(key_length == kp->private_key_len + kp->public_key_len);
|
||||||
rotbuf_getbuf(rb, kp->private_key, kp->private_key_len);
|
rotbuf_getbuf(rb, kp->private_key, kp->private_key_len);
|
||||||
@ -638,7 +641,7 @@ static int unpack_private_public(keypair *kp, struct rotbuf *rb, int key_length)
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int unpack_private_only(keypair *kp, struct rotbuf *rb, int key_length)
|
static int unpack_private_only(keypair *kp, struct rotbuf *rb, size_t key_length)
|
||||||
{
|
{
|
||||||
if (!kp->private_key){
|
if (!kp->private_key){
|
||||||
kp->private_key_len = key_length;
|
kp->private_key_len = key_length;
|
||||||
@ -649,7 +652,7 @@ static int unpack_private_only(keypair *kp, struct rotbuf *rb, int key_length)
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int unpack_public_only(keypair *kp, struct rotbuf *rb, int key_length)
|
static int unpack_public_only(keypair *kp, struct rotbuf *rb, size_t key_length)
|
||||||
{
|
{
|
||||||
if (!kp->public_key){
|
if (!kp->public_key){
|
||||||
kp->public_key_len = key_length;
|
kp->public_key_len = key_length;
|
||||||
@ -660,7 +663,7 @@ static int unpack_public_only(keypair *kp, struct rotbuf *rb, int key_length)
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int unpack_cryptobox(keypair *kp, struct rotbuf *rb, int key_length)
|
static int unpack_cryptobox(keypair *kp, struct rotbuf *rb, size_t key_length)
|
||||||
{
|
{
|
||||||
assert(key_length == kp->private_key_len);
|
assert(key_length == kp->private_key_len);
|
||||||
rotbuf_getbuf(rb, kp->private_key, kp->private_key_len);
|
rotbuf_getbuf(rb, kp->private_key, kp->private_key_len);
|
||||||
@ -677,7 +680,7 @@ static int pack_did_name(const keypair *kp, struct rotbuf *rb)
|
|||||||
return pack_private_public(kp, rb);
|
return pack_private_public(kp, rb);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int unpack_did_name(keypair *kp, struct rotbuf *rb, int key_length)
|
static int unpack_did_name(keypair *kp, struct rotbuf *rb, size_t key_length)
|
||||||
{
|
{
|
||||||
if (unpack_private_public(kp, rb, key_length) == -1)
|
if (unpack_private_public(kp, rb, key_length) == -1)
|
||||||
return -1;
|
return -1;
|
||||||
@ -960,9 +963,9 @@ static int cmp_keypair(const keypair *a, const keypair *b)
|
|||||||
if (c == 0 && a->public_key_len) {
|
if (c == 0 && a->public_key_len) {
|
||||||
assert(a->public_key != NULL);
|
assert(a->public_key != NULL);
|
||||||
assert(b->public_key != NULL);
|
assert(b->public_key != NULL);
|
||||||
int len=a->public_key_len;
|
size_t len = a->public_key_len;
|
||||||
if (len>b->public_key_len)
|
if (len > b->public_key_len)
|
||||||
len=b->public_key_len;
|
len = b->public_key_len;
|
||||||
c = memcmp(a->public_key, b->public_key, len);
|
c = memcmp(a->public_key, b->public_key, len);
|
||||||
if (c==0 && a->public_key_len!=b->public_key_len)
|
if (c==0 && a->public_key_len!=b->public_key_len)
|
||||||
c = a->public_key_len - b->public_key_len;
|
c = a->public_key_len - b->public_key_len;
|
||||||
@ -970,9 +973,9 @@ static int cmp_keypair(const keypair *a, const keypair *b)
|
|||||||
if (c == 0 && a->private_key_len) {
|
if (c == 0 && a->private_key_len) {
|
||||||
assert(a->private_key != NULL);
|
assert(a->private_key != NULL);
|
||||||
assert(b->private_key != NULL);
|
assert(b->private_key != NULL);
|
||||||
int len=a->private_key_len;
|
size_t len = a->private_key_len;
|
||||||
if (len>b->private_key_len)
|
if (len > b->private_key_len)
|
||||||
len=b->private_key_len;
|
len = b->private_key_len;
|
||||||
c = memcmp(a->private_key, b->private_key, len);
|
c = memcmp(a->private_key, b->private_key, len);
|
||||||
if (c==0 && a->private_key_len!=b->private_key_len)
|
if (c==0 && a->private_key_len!=b->private_key_len)
|
||||||
c = a->private_key_len - b->private_key_len;
|
c = a->private_key_len - b->private_key_len;
|
||||||
@ -1239,7 +1242,7 @@ int keyring_enter_pin(keyring_file *k, const char *pin)
|
|||||||
if (b->bitmap[byte]&(1<<bit)) {
|
if (b->bitmap[byte]&(1<<bit)) {
|
||||||
/* Slot is occupied, so check it.
|
/* Slot is occupied, so check it.
|
||||||
We have to check it for each keyring context (ie keyring pin) */
|
We have to check it for each keyring context (ie keyring pin) */
|
||||||
int cn;
|
unsigned cn;
|
||||||
for (cn = 0; cn < k->context_count; ++cn)
|
for (cn = 0; cn < k->context_count; ++cn)
|
||||||
if (keyring_decrypt_pkr(k, cn, pin, slot) == 0)
|
if (keyring_decrypt_pkr(k, cn, pin, slot) == 0)
|
||||||
++identitiesFound;
|
++identitiesFound;
|
||||||
@ -1463,27 +1466,27 @@ int keyring_set_did(keyring_identity *id, const char *did, const char *name)
|
|||||||
if (config.debug.keyring)
|
if (config.debug.keyring)
|
||||||
DEBUG("Created DID record for identity");
|
DEBUG("Created DID record for identity");
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Store DID unpacked for ease of searching */
|
/* Store DID unpacked for ease of searching */
|
||||||
int len=strlen(did);
|
size_t len=strlen(did);
|
||||||
if (len>31)
|
if (len>31)
|
||||||
len=31;
|
len=31;
|
||||||
bcopy(did,&id->keypairs[i]->private_key[0],len);
|
bcopy(did,&id->keypairs[i]->private_key[0],len);
|
||||||
bzero(&id->keypairs[i]->private_key[len],32-len);
|
bzero(&id->keypairs[i]->private_key[len],32-len);
|
||||||
len=strlen(name);
|
len=strlen(name);
|
||||||
if (len>63)
|
if (len>63)
|
||||||
len=63;
|
len=63;
|
||||||
bcopy(name,&id->keypairs[i]->public_key[0],len);
|
bcopy(name,&id->keypairs[i]->public_key[0],len);
|
||||||
bzero(&id->keypairs[i]->public_key[len],64-len);
|
bzero(&id->keypairs[i]->public_key[len],64-len);
|
||||||
|
|
||||||
if (config.debug.keyring){
|
if (config.debug.keyring){
|
||||||
dump("storing did",&id->keypairs[i]->private_key[0],32);
|
dump("storing did",&id->keypairs[i]->private_key[0],32);
|
||||||
dump("storing name",&id->keypairs[i]->public_key[0],64);
|
dump("storing name",&id->keypairs[i]->public_key[0],64);
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int keyring_find_did(const keyring_file *k, int *cn, int *in, int *kp, const char *did)
|
int keyring_find_did(const keyring_file *k, unsigned *cn, unsigned *in, unsigned *kp, const char *did)
|
||||||
{
|
{
|
||||||
for(;keyring_next_keytype(k,cn,in,kp,KEYTYPE_DID);++(*kp)) {
|
for(;keyring_next_keytype(k,cn,in,kp,KEYTYPE_DID);++(*kp)) {
|
||||||
/* Compare DIDs */
|
/* Compare DIDs */
|
||||||
@ -1572,7 +1575,7 @@ int keyring_set_public_tag(keyring_identity *id, const char *name, const unsigne
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int keyring_find_public_tag(const keyring_file *k, int *cn, int *in, int *kp, const char *name, const unsigned char **value, size_t *length)
|
int keyring_find_public_tag(const keyring_file *k, unsigned *cn, unsigned *in, unsigned *kp, const char *name, const unsigned char **value, size_t *length)
|
||||||
{
|
{
|
||||||
for(;keyring_next_keytype(k,cn,in,kp,KEYTYPE_PUBLIC_TAG);++(*kp)) {
|
for(;keyring_next_keytype(k,cn,in,kp,KEYTYPE_PUBLIC_TAG);++(*kp)) {
|
||||||
keypair *keypair=k->contexts[*cn]->identities[*in]->keypairs[*kp];
|
keypair *keypair=k->contexts[*cn]->identities[*in]->keypairs[*kp];
|
||||||
@ -1587,7 +1590,7 @@ int keyring_find_public_tag(const keyring_file *k, int *cn, int *in, int *kp, co
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int keyring_find_public_tag_value(const keyring_file *k, int *cn, int *in, int *kp, const char *name, const unsigned char *value, size_t length)
|
int keyring_find_public_tag_value(const keyring_file *k, unsigned *cn, unsigned *in, unsigned *kp, const char *name, const unsigned char *value, size_t length)
|
||||||
{
|
{
|
||||||
const unsigned char *stored_value;
|
const unsigned char *stored_value;
|
||||||
size_t stored_length;
|
size_t stored_length;
|
||||||
@ -1598,7 +1601,7 @@ int keyring_find_public_tag_value(const keyring_file *k, int *cn, int *in, int *
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int keyring_identity_find_keytype(const keyring_file *k, int cn, int in, int keytype)
|
int keyring_identity_find_keytype(const keyring_file *k, unsigned cn, unsigned in, unsigned keytype)
|
||||||
{
|
{
|
||||||
unsigned kp;
|
unsigned kp;
|
||||||
for (kp = 0; kp < k->contexts[cn]->identities[in]->keypair_count; ++kp)
|
for (kp = 0; kp < k->contexts[cn]->identities[in]->keypair_count; ++kp)
|
||||||
@ -1607,7 +1610,7 @@ int keyring_identity_find_keytype(const keyring_file *k, int cn, int in, int key
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
int keyring_next_keytype(const keyring_file *k, int *cn, int *in, int *kp, int keytype)
|
int keyring_next_keytype(const keyring_file *k, unsigned *cn, unsigned *in, unsigned *kp, unsigned keytype)
|
||||||
{
|
{
|
||||||
for (; keyring_sanitise_position(k, cn, in, kp) == 0; ++*kp)
|
for (; keyring_sanitise_position(k, cn, in, kp) == 0; ++*kp)
|
||||||
if (k->contexts[*cn]->identities[*in]->keypairs[*kp]->type == keytype)
|
if (k->contexts[*cn]->identities[*in]->keypairs[*kp]->type == keytype)
|
||||||
@ -1615,15 +1618,13 @@ int keyring_next_keytype(const keyring_file *k, int *cn, int *in, int *kp, int k
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int keyring_next_identity(const keyring_file *k, int *cn, int *in, int *kp)
|
int keyring_next_identity(const keyring_file *k, unsigned *cn, unsigned *in, unsigned *kp)
|
||||||
{
|
{
|
||||||
return keyring_next_keytype(k, cn, in, kp, KEYTYPE_CRYPTOBOX);
|
return keyring_next_keytype(k, cn, in, kp, KEYTYPE_CRYPTOBOX);
|
||||||
}
|
}
|
||||||
|
|
||||||
int keyring_sanitise_position(const keyring_file *k,int *cn,int *in,int *kp)
|
int keyring_sanitise_position(const keyring_file *k, unsigned *cn, unsigned *in, unsigned *kp)
|
||||||
{
|
{
|
||||||
if (!k)
|
|
||||||
return 1;
|
|
||||||
/* Sanity check passed in position */
|
/* Sanity check passed in position */
|
||||||
while(1){
|
while(1){
|
||||||
if ((*cn)>=k->context_count)
|
if ((*cn)>=k->context_count)
|
||||||
@ -1648,15 +1649,13 @@ int keyring_sanitise_position(const keyring_file *k,int *cn,int *in,int *kp)
|
|||||||
unsigned char *keyring_find_sas_private(keyring_file *k, const sid_t *sidp, unsigned char **sas_public_out)
|
unsigned char *keyring_find_sas_private(keyring_file *k, const sid_t *sidp, unsigned char **sas_public_out)
|
||||||
{
|
{
|
||||||
IN();
|
IN();
|
||||||
int cn=0,in=0,kp=0;
|
unsigned cn=0, in=0, kp=0;
|
||||||
|
|
||||||
if (!keyring_find_sid(k,&cn,&in,&kp,sidp))
|
if (!keyring_find_sid(k,&cn,&in,&kp,sidp))
|
||||||
RETURNNULL(WHYNULL("Could not find SID in keyring, so can't find SAS"));
|
RETURNNULL(WHYNULL("Could not find SID in keyring, so can't find SAS"));
|
||||||
|
int kpi = keyring_identity_find_keytype(k, cn, in, KEYTYPE_CRYPTOSIGN);
|
||||||
kp = keyring_identity_find_keytype(k, cn, in, KEYTYPE_CRYPTOSIGN);
|
if (kpi == -1)
|
||||||
if (kp==-1)
|
|
||||||
RETURNNULL(WHYNULL("Identity lacks SAS"));
|
RETURNNULL(WHYNULL("Identity lacks SAS"));
|
||||||
|
kp = (unsigned) kpi;
|
||||||
unsigned char *sas_private=
|
unsigned char *sas_private=
|
||||||
k->contexts[cn]->identities[in]->keypairs[kp]->private_key;
|
k->contexts[cn]->identities[in]->keypairs[kp]->private_key;
|
||||||
unsigned char *sas_public=
|
unsigned char *sas_public=
|
||||||
@ -1670,7 +1669,8 @@ unsigned char *keyring_find_sas_private(keyring_file *k, const sid_t *sidp, unsi
|
|||||||
}
|
}
|
||||||
if (config.debug.keyring)
|
if (config.debug.keyring)
|
||||||
DEBUGF("Found SAS entry for %s*", alloca_tohex(sidp->binary, 7));
|
DEBUGF("Found SAS entry for %s*", alloca_tohex(sidp->binary, 7));
|
||||||
if (sas_public_out) *sas_public_out=sas_public;
|
if (sas_public_out)
|
||||||
|
*sas_public_out = sas_public;
|
||||||
RETURN(sas_private);
|
RETURN(sas_private);
|
||||||
OUT();
|
OUT();
|
||||||
}
|
}
|
||||||
@ -1791,10 +1791,10 @@ int keyring_send_unlock(struct subscriber *subscriber)
|
|||||||
mdp.out.src.port=MDP_PORT_KEYMAPREQUEST;
|
mdp.out.src.port=MDP_PORT_KEYMAPREQUEST;
|
||||||
mdp.out.src.sid = my_subscriber->sid;
|
mdp.out.src.sid = my_subscriber->sid;
|
||||||
mdp.out.payload[0]=UNLOCK_REQUEST;
|
mdp.out.payload[0]=UNLOCK_REQUEST;
|
||||||
int len=1;
|
size_t len = 1;
|
||||||
if (crypto_sign_message(subscriber, mdp.out.payload, sizeof(mdp.out.payload), &len))
|
if (crypto_sign_message(subscriber, mdp.out.payload, sizeof(mdp.out.payload), &len))
|
||||||
return -1;
|
return -1;
|
||||||
mdp.out.payload_length=len;
|
mdp.out.payload_length = len;
|
||||||
return overlay_mdp_dispatch(&mdp, NULL);
|
return overlay_mdp_dispatch(&mdp, NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1840,7 +1840,7 @@ static int keyring_respond_challenge(struct subscriber *subscriber, overlay_mdp_
|
|||||||
mdp.out.src.sid = my_subscriber->sid;
|
mdp.out.src.sid = my_subscriber->sid;
|
||||||
mdp.out.payload[0]=UNLOCK_RESPONSE;
|
mdp.out.payload[0]=UNLOCK_RESPONSE;
|
||||||
bcopy(&req->out.payload[1], &mdp.out.payload[1], req->out.payload_length -1);
|
bcopy(&req->out.payload[1], &mdp.out.payload[1], req->out.payload_length -1);
|
||||||
int len=req->out.payload_length;
|
size_t len = req->out.payload_length;
|
||||||
if (crypto_sign_message(subscriber, mdp.out.payload, sizeof(mdp.out.payload), &len))
|
if (crypto_sign_message(subscriber, mdp.out.payload, sizeof(mdp.out.payload), &len))
|
||||||
return -1;
|
return -1;
|
||||||
mdp.out.payload_length=len;
|
mdp.out.payload_length=len;
|
||||||
@ -1939,7 +1939,7 @@ int keyring_send_sas_request(struct subscriber *subscriber){
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int keyring_find_sid(const keyring_file *k, int *cn, int *in, int *kp, const sid_t *sidp)
|
int keyring_find_sid(const keyring_file *k, unsigned *cn, unsigned *in, unsigned *kp, const sid_t *sidp)
|
||||||
{
|
{
|
||||||
for(; keyring_next_keytype(k,cn,in,kp,KEYTYPE_CRYPTOBOX); ++(*kp)) {
|
for(; keyring_next_keytype(k,cn,in,kp,KEYTYPE_CRYPTOBOX); ++(*kp)) {
|
||||||
if (memcmp(sidp->binary, k->contexts[*cn]->identities[*in]->keypairs[*kp]->public_key, SID_SIZE) == 0)
|
if (memcmp(sidp->binary, k->contexts[*cn]->identities[*in]->keypairs[*kp]->public_key, SID_SIZE) == 0)
|
||||||
@ -2098,9 +2098,9 @@ unsigned char *keyring_get_nm_bytes(const sid_t *known_sidp, const sid_t *unknow
|
|||||||
|
|
||||||
/* Not in the cache, so prepare to cache it (or return failure if known is not
|
/* Not in the cache, so prepare to cache it (or return failure if known is not
|
||||||
in fact a known key */
|
in fact a known key */
|
||||||
int cn=0,in=0,kp=0;
|
unsigned cn=0, in=0, kp=0;
|
||||||
if (!keyring_find_sid(keyring,&cn,&in,&kp,known_sidp))
|
if (!keyring_find_sid(keyring,&cn,&in,&kp,known_sidp))
|
||||||
{ RETURNNULL(WHYNULL("known key is not in fact known.")); }
|
RETURNNULL(WHYNULL("known key is not in fact known."));
|
||||||
|
|
||||||
/* work out where to store it */
|
/* work out where to store it */
|
||||||
if (nm_slots_used<NM_CACHE_SLOTS) {
|
if (nm_slots_used<NM_CACHE_SLOTS) {
|
||||||
@ -2145,7 +2145,7 @@ static void keyring_dump_keypair(const keypair *kp, XPRINTF xpf, int include_sec
|
|||||||
|
|
||||||
int keyring_dump(keyring_file *k, XPRINTF xpf, int include_secret)
|
int keyring_dump(keyring_file *k, XPRINTF xpf, int include_secret)
|
||||||
{
|
{
|
||||||
int cn, in, kp;
|
unsigned cn, in, kp;
|
||||||
unsigned nids = 0;
|
unsigned nids = 0;
|
||||||
for (cn = in = kp = 0; keyring_sanitise_position(k, &cn, &in, &kp) == 0; ++in)
|
for (cn = in = kp = 0; keyring_sanitise_position(k, &cn, &in, &kp) == 0; ++in)
|
||||||
++nids;
|
++nids;
|
||||||
|
24
keyring.h
24
keyring.h
@ -22,7 +22,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
|||||||
#define __SERVAL_DNA__KEYRING_H
|
#define __SERVAL_DNA__KEYRING_H
|
||||||
|
|
||||||
typedef struct keypair {
|
typedef struct keypair {
|
||||||
int type;
|
unsigned type;
|
||||||
unsigned char *private_key;
|
unsigned char *private_key;
|
||||||
size_t private_key_len;
|
size_t private_key_len;
|
||||||
unsigned char *public_key;
|
unsigned char *public_key;
|
||||||
@ -70,7 +70,7 @@ typedef struct keyring_bam {
|
|||||||
|
|
||||||
#define KEYRING_MAX_CONTEXTS 256
|
#define KEYRING_MAX_CONTEXTS 256
|
||||||
typedef struct keyring_file {
|
typedef struct keyring_file {
|
||||||
int context_count;
|
unsigned context_count;
|
||||||
keyring_bam *bam;
|
keyring_bam *bam;
|
||||||
keyring_context *contexts[KEYRING_MAX_CONTEXTS];
|
keyring_context *contexts[KEYRING_MAX_CONTEXTS];
|
||||||
FILE *file;
|
FILE *file;
|
||||||
@ -78,7 +78,7 @@ typedef struct keyring_file {
|
|||||||
} keyring_file;
|
} keyring_file;
|
||||||
|
|
||||||
void keyring_free(keyring_file *k);
|
void keyring_free(keyring_file *k);
|
||||||
void keyring_release_identity(keyring_file *k, int cn, int id);
|
void keyring_release_identity(keyring_file *k, unsigned cn, unsigned id);
|
||||||
#define KEYTYPE_CRYPTOBOX 0x01 // must be lowest
|
#define KEYTYPE_CRYPTOBOX 0x01 // must be lowest
|
||||||
#define KEYTYPE_CRYPTOSIGN 0x02
|
#define KEYTYPE_CRYPTOSIGN 0x02
|
||||||
#define KEYTYPE_RHIZOME 0x03
|
#define KEYTYPE_RHIZOME 0x03
|
||||||
@ -98,17 +98,17 @@ keyring_file *keyring_open_instance();
|
|||||||
keyring_file *keyring_open_instance_cli(const struct cli_parsed *parsed);
|
keyring_file *keyring_open_instance_cli(const struct cli_parsed *parsed);
|
||||||
int keyring_enter_pin(keyring_file *k, const char *pin);
|
int keyring_enter_pin(keyring_file *k, const char *pin);
|
||||||
int keyring_set_did(keyring_identity *id, const char *did, const char *name);
|
int keyring_set_did(keyring_identity *id, const char *did, const char *name);
|
||||||
int keyring_sanitise_position(const keyring_file *k,int *cn,int *in,int *kp);
|
int keyring_sanitise_position(const keyring_file *k, unsigned *cn, unsigned *in, unsigned *kp);
|
||||||
int keyring_next_keytype(const keyring_file *k, int *cn, int *in, int *kp, int keytype);
|
int keyring_next_keytype(const keyring_file *k, unsigned *cn, unsigned *in, unsigned *kp, unsigned keytype);
|
||||||
int keyring_next_identity(const keyring_file *k,int *cn,int *in,int *kp);
|
int keyring_next_identity(const keyring_file *k, unsigned *cn, unsigned *in, unsigned *kp);
|
||||||
int keyring_identity_find_keytype(const keyring_file *k, int cn, int in, int keytype);
|
int keyring_identity_find_keytype(const keyring_file *k, unsigned cn, unsigned in, unsigned keytype);
|
||||||
int keyring_find_did(const keyring_file *k,int *cn,int *in,int *kp, const char *did);
|
int keyring_find_did(const keyring_file *k, unsigned *cn, unsigned *in, unsigned *kp, const char *did);
|
||||||
int keyring_find_sid(const keyring_file *k,int *cn,int *in,int *kp, const sid_t *sidp);
|
int keyring_find_sid(const keyring_file *k, unsigned *cn, unsigned *in, unsigned *kp, const sid_t *sidp);
|
||||||
unsigned char *keyring_find_sas_private(keyring_file *k, const sid_t *sidp, unsigned char **sas_public);
|
unsigned char *keyring_find_sas_private(keyring_file *k, const sid_t *sidp, unsigned char **sas_public);
|
||||||
int keyring_send_sas_request(struct subscriber *subscriber);
|
int keyring_send_sas_request(struct subscriber *subscriber);
|
||||||
|
|
||||||
int keyring_commit(keyring_file *k);
|
int keyring_commit(keyring_file *k);
|
||||||
keyring_identity *keyring_create_identity(keyring_file *k,keyring_context *c, const char *pin);
|
keyring_identity *keyring_create_identity(keyring_file *k, keyring_context *c, const char *pin);
|
||||||
int keyring_seed(keyring_file *k);
|
int keyring_seed(keyring_file *k);
|
||||||
void keyring_identity_extract(const keyring_identity *id, const sid_t **sidp, const char **didp, const char **namep);
|
void keyring_identity_extract(const keyring_identity *id, const sid_t **sidp, const char **didp, const char **namep);
|
||||||
int keyring_load(keyring_file *k, const char *keyring_pin, unsigned entry_pinc, const char **entry_pinv, FILE *input);
|
int keyring_load(keyring_file *k, const char *keyring_pin, unsigned entry_pinc, const char **entry_pinv, FILE *input);
|
||||||
@ -121,8 +121,8 @@ int keyring_send_unlock(struct subscriber *subscriber);
|
|||||||
void keyring_release_subscriber(keyring_file *k, const sid_t *sid);
|
void keyring_release_subscriber(keyring_file *k, const sid_t *sid);
|
||||||
|
|
||||||
int keyring_set_public_tag(keyring_identity *id, const char *name, const unsigned char *value, size_t length);
|
int keyring_set_public_tag(keyring_identity *id, const char *name, const unsigned char *value, size_t length);
|
||||||
int keyring_find_public_tag(const keyring_file *k, int *cn, int *in, int *kp, const char *name, const unsigned char **value, size_t *length);
|
int keyring_find_public_tag(const keyring_file *k, unsigned *cn, unsigned *in, unsigned *kp, const char *name, const unsigned char **value, size_t *length);
|
||||||
int keyring_find_public_tag_value(const keyring_file *k, int *cn, int *in, int *kp, const char *name, const unsigned char *value, size_t length);
|
int keyring_find_public_tag_value(const keyring_file *k, unsigned *cn, unsigned *in, unsigned *kp, const char *name, const unsigned char *value, size_t length);
|
||||||
int keyring_unpack_tag(const unsigned char *packed, size_t packed_len, const char **name, const unsigned char **value, size_t *length);
|
int keyring_unpack_tag(const unsigned char *packed, size_t packed_len, const char **name, const unsigned char **value, size_t *length);
|
||||||
int keyring_pack_tag(unsigned char *packed, size_t *packed_len, const char *name, const unsigned char *value, size_t length);
|
int keyring_pack_tag(unsigned char *packed, size_t *packed_len, const char *name, const unsigned char *value, size_t length);
|
||||||
|
|
||||||
|
2
meshms.c
2
meshms.c
@ -90,7 +90,7 @@ static void free_conversations(struct conversations *conv){
|
|||||||
static int get_my_conversation_bundle(const sid_t *my_sidp, rhizome_manifest *m)
|
static int get_my_conversation_bundle(const sid_t *my_sidp, rhizome_manifest *m)
|
||||||
{
|
{
|
||||||
/* Find our private key */
|
/* Find our private key */
|
||||||
int cn=0,in=0,kp=0;
|
unsigned cn=0, in=0, kp=0;
|
||||||
if (!keyring_find_sid(keyring,&cn,&in,&kp,my_sidp))
|
if (!keyring_find_sid(keyring,&cn,&in,&kp,my_sidp))
|
||||||
return WHYF("SID was not found in keyring: %s", alloca_tohex_sid_t(*my_sidp));
|
return WHYF("SID was not found in keyring: %s", alloca_tohex_sid_t(*my_sidp));
|
||||||
|
|
||||||
|
@ -1135,15 +1135,14 @@ static int mdp_process_identity_request(struct socket_address *client, struct md
|
|||||||
size_t ofs=0;
|
size_t ofs=0;
|
||||||
while(ofs < payload_len){
|
while(ofs < payload_len){
|
||||||
if (!payload[ofs++]){
|
if (!payload[ofs++]){
|
||||||
int cn, in;
|
unsigned cn;
|
||||||
for (cn = keyring->context_count -1; cn>=0; --cn) {
|
for (cn = keyring->context_count; cn > 0;) {
|
||||||
keyring_context *cx = keyring->contexts[cn];
|
keyring_context *cx = keyring->contexts[--cn];
|
||||||
for (in = cx->identity_count -1; in>=0; --in) {
|
unsigned in;
|
||||||
keyring_identity *id = cx->identities[in];
|
for (in = cx->identity_count; in > 0;) {
|
||||||
if (id->subscriber != my_subscriber
|
keyring_identity *id = cx->identities[--in];
|
||||||
&& strcmp(id->PKRPin, pin) == 0){
|
if (id->subscriber != my_subscriber && strcmp(id->PKRPin, pin) == 0)
|
||||||
keyring_release_identity(keyring, cn, in);
|
keyring_release_identity(keyring, cn, in);
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
pin=(char *)&payload[ofs++];
|
pin=(char *)&payload[ofs++];
|
||||||
@ -1192,7 +1191,7 @@ static int mdp_process_identity_request(struct socket_address *client, struct md
|
|||||||
static int mdp_search_identities(struct socket_address *client, struct mdp_header *header,
|
static int mdp_search_identities(struct socket_address *client, struct mdp_header *header,
|
||||||
const uint8_t *payload, size_t payload_len)
|
const uint8_t *payload, size_t payload_len)
|
||||||
{
|
{
|
||||||
int cn=0, in=0, kp=0;
|
unsigned cn=0, in=0, kp=0;
|
||||||
const char *tag=NULL;
|
const char *tag=NULL;
|
||||||
const unsigned char *value=NULL;
|
const unsigned char *value=NULL;
|
||||||
size_t value_len=0;
|
size_t value_len=0;
|
||||||
|
@ -168,7 +168,7 @@ int overlay_mdp_service_rhizomeresponse(overlay_mdp_frame *mdp)
|
|||||||
int overlay_mdp_service_dnalookup(overlay_mdp_frame *mdp)
|
int overlay_mdp_service_dnalookup(overlay_mdp_frame *mdp)
|
||||||
{
|
{
|
||||||
IN();
|
IN();
|
||||||
int cn=0,in=0,kp=0;
|
unsigned cn=0, in=0, kp=0;
|
||||||
char did[64+1];
|
char did[64+1];
|
||||||
int pll=mdp->out.payload_length;
|
int pll=mdp->out.payload_length;
|
||||||
if (pll>64) pll=64;
|
if (pll>64) pll=64;
|
||||||
|
@ -1180,7 +1180,7 @@ int rhizome_fill_manifest(rhizome_manifest *m, const char *filepath, const sid_t
|
|||||||
int rhizome_lookup_author(rhizome_manifest *m)
|
int rhizome_lookup_author(rhizome_manifest *m)
|
||||||
{
|
{
|
||||||
IN();
|
IN();
|
||||||
int cn, in, kp;
|
unsigned cn, in, kp;
|
||||||
switch (m->authorship) {
|
switch (m->authorship) {
|
||||||
case AUTHOR_NOT_CHECKED:
|
case AUTHOR_NOT_CHECKED:
|
||||||
if (config.debug.rhizome)
|
if (config.debug.rhizome)
|
||||||
|
@ -188,17 +188,18 @@ int rhizome_secret2bk(
|
|||||||
enum rhizome_secret_disposition find_rhizome_secret(const sid_t *authorSidp, size_t *rs_len, const unsigned char **rs)
|
enum rhizome_secret_disposition find_rhizome_secret(const sid_t *authorSidp, size_t *rs_len, const unsigned char **rs)
|
||||||
{
|
{
|
||||||
IN();
|
IN();
|
||||||
int cn=0, in=0, kp=0;
|
unsigned cn=0, in=0, kp=0;
|
||||||
if (!keyring_find_sid(keyring,&cn,&in,&kp, authorSidp)) {
|
if (!keyring_find_sid(keyring,&cn,&in,&kp, authorSidp)) {
|
||||||
if (config.debug.rhizome)
|
if (config.debug.rhizome)
|
||||||
DEBUGF("identity sid=%s is not in keyring", alloca_tohex_sid_t(*authorSidp));
|
DEBUGF("identity sid=%s is not in keyring", alloca_tohex_sid_t(*authorSidp));
|
||||||
RETURN(IDENTITY_NOT_FOUND);
|
RETURN(IDENTITY_NOT_FOUND);
|
||||||
}
|
}
|
||||||
kp = keyring_identity_find_keytype(keyring, cn, in, KEYTYPE_RHIZOME);
|
int kpi = keyring_identity_find_keytype(keyring, cn, in, KEYTYPE_RHIZOME);
|
||||||
if (kp == -1) {
|
if (kpi == -1) {
|
||||||
WARNF("Identity sid=%s has no Rhizome Secret", alloca_tohex_sid_t(*authorSidp));
|
WARNF("Identity sid=%s has no Rhizome Secret", alloca_tohex_sid_t(*authorSidp));
|
||||||
RETURN(IDENTITY_HAS_NO_RHIZOME_SECRET);
|
RETURN(IDENTITY_HAS_NO_RHIZOME_SECRET);
|
||||||
}
|
}
|
||||||
|
kp = (unsigned)kpi;
|
||||||
int rslen = keyring->contexts[cn]->identities[in]->keypairs[kp]->private_key_len;
|
int rslen = keyring->contexts[cn]->identities[in]->keypairs[kp]->private_key_len;
|
||||||
assert(rslen >= 16);
|
assert(rslen >= 16);
|
||||||
assert(rslen <= 1024);
|
assert(rslen <= 1024);
|
||||||
@ -349,7 +350,7 @@ void rhizome_find_bundle_author_and_secret(rhizome_manifest *m)
|
|||||||
assert(is_sid_t_any(m->author));
|
assert(is_sid_t_any(m->author));
|
||||||
if (!m->has_bundle_key)
|
if (!m->has_bundle_key)
|
||||||
RETURNVOID;
|
RETURNVOID;
|
||||||
int cn = 0, in = 0, kp = 0;
|
unsigned cn = 0, in = 0, kp = 0;
|
||||||
for (; keyring_next_identity(keyring, &cn, &in, &kp); ++kp) {
|
for (; keyring_next_identity(keyring, &cn, &in, &kp); ++kp) {
|
||||||
const sid_t *authorSidp = (const sid_t *) keyring->contexts[cn]->identities[in]->keypairs[kp]->public_key;
|
const sid_t *authorSidp = (const sid_t *) keyring->contexts[cn]->identities[in]->keypairs[kp]->public_key;
|
||||||
//if (config.debug.rhizome) DEBUGF("try author identity sid=%s", alloca_tohex_sid_t(*authorSidp));
|
//if (config.debug.rhizome) DEBUGF("try author identity sid=%s", alloca_tohex_sid_t(*authorSidp));
|
||||||
@ -600,7 +601,7 @@ int rhizome_derive_payload_key(rhizome_manifest *m)
|
|||||||
return 0;
|
return 0;
|
||||||
if (m->has_sender && m->has_recipient){
|
if (m->has_sender && m->has_recipient){
|
||||||
unsigned char *nm_bytes=NULL;
|
unsigned char *nm_bytes=NULL;
|
||||||
int cn=0,in=0,kp=0;
|
unsigned cn=0, in=0, kp=0;
|
||||||
if (!keyring_find_sid(keyring, &cn, &in, &kp, &m->sender)){
|
if (!keyring_find_sid(keyring, &cn, &in, &kp, &m->sender)){
|
||||||
cn=in=kp=0;
|
cn=in=kp=0;
|
||||||
if (!keyring_find_sid(keyring, &cn, &in, &kp, &m->recipient)){
|
if (!keyring_find_sid(keyring, &cn, &in, &kp, &m->recipient)){
|
||||||
|
Loading…
Reference in New Issue
Block a user