ExternalVendorCode/serval-dna
1
0
Fork 0
mirror of https://github.com/servalproject/serval-dna.git synced 2025-02-21 01:42:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Added new keytypes for keyring for Rhizome Secret and for storing

Browse Source 
DIDs (which are probably not normally secret, but keeping with
with an identity is a good thing, anyway).
This commit is contained in:
gardners 2012-04-12 17:01:25 +09:30
parent 635dd3867e
commit 4ceefb26de
2 changed files with 22 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
keyring.c
View File

@ -626,11 +626,6 @@ int keyring_identity_mac(keyring_context *c,keyring_identity *id,
unsigned char work[65536];
#define APPEND(b,l) if (ofs+(l)>=65536) { bzero(work,ofs); return WHY("Input too long"); } bcopy((b),&work[ofs],(l)); ofs+=(l)
dump("mac salt",pkrsalt,32);
dump("mac priv",id->keypairs[0]->private_key,id->keypairs[0]->private_key_len);
dump("mac publ",id->keypairs[0]->public_key,id->keypairs[0]->public_key_len);
dump("mac pin",id->PKRPin,strlen(id->PKRPin));
ofs=0;
APPEND(&pkrsalt[0],32);
APPEND(id->keypairs[0]->private_key,id->keypairs[0]->private_key_len);
@ -846,6 +841,24 @@ int keyring_create_identity(keyring_file *k,keyring_context *c,char *pin)
crypto_sign_edwards25519sha512batch_keypair(id->keypairs[1]->public_key,
id->keypairs[1]->private_key);
/* Rhizome Secret (for protecting Bundle Private Keys) */
id->keypairs[2]=calloc(sizeof(keypair),1);
if (!id->keypairs[2]) {
WHY("calloc() failed preparing second key pair storage");
goto kci_safeexit;
}
id->keypair_count=3;
id->keypairs[2]->type=KEYTYPE_RHIZOME;
id->keypairs[2]->private_key_len=32;
id->keypairs[2]->private_key=malloc(id->keypairs[2]->private_key_len);
if (!id->keypairs[2]->private_key) {
WHY("malloc() failed preparing second private key storage");
goto kci_safeexit;
}
id->keypairs[2]->public_key_len=0;
id->keypairs[2]->public_key=NULL;
urandombytes(id->keypairs[2]->private_key,id->keypairs[2]->private_key_len);
/* Mark slot in use */
int position=id->slot&(KEYRING_BAM_BITS-1);
int byte=position>>3;

4
serval.h
View File

@ -1151,6 +1151,10 @@ int keyring_identity_mac(keyring_context *c,keyring_identity *id,
unsigned char *pkrsalt,unsigned char *mac);
#define KEYTYPE_CRYPTOBOX 0x01
#define KEYTYPE_CRYPTOSIGN 0x02
#define KEYTYPE_RHIZOME 0x03
/* DIDs aren't really keys, but the keyring is a real handy place to keep them,
and keep them private if people so desire */
#define KEYTYPE_DID 0x04
/* Public calls to keyring management */
keyring_file *keyring_open(char *file);