From 55c9cff8cdc88e61d205f64e05badbe76cccf751 Mon Sep 17 00:00:00 2001 From: gardners Date: Thu, 18 Oct 2012 15:46:16 +1030 Subject: [PATCH] added code to replace old-format SAS with new crypto_sign implementation type on next use (so that people upgrading automatically get a new valid SAS instead of continuing to try to use an invalid one -- this is only a reasonable course of action since we have made no formal releases of the code). #17 --- keyring.c | 22 +++++++++++++++++----- rhizome_crypto.c | 4 ++-- 2 files changed, 19 insertions(+), 7 deletions(-) diff --git a/keyring.c b/keyring.c index fd0c1f89..23ee1884 100644 --- a/keyring.c +++ b/keyring.c @@ -17,6 +17,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ #include "serval.h" +#include "rhizome.h" #include "nacl.h" #include "overlay_address.h" @@ -1105,7 +1106,7 @@ int keyring_sanitise_position(const keyring_file *k,int *cn,int *in,int *kp) } unsigned char *keyring_find_sas_private(keyring_file *k,unsigned char *sid, - unsigned char **sas_public) + unsigned char **sas_public_out) { IN(); int cn=0,in=0,kp=0; @@ -1117,12 +1118,23 @@ unsigned char *keyring_find_sas_private(keyring_file *k,unsigned char *sid, for(kp=0;kpcontexts[cn]->identities[in]->keypair_count;kp++) if (k->contexts[cn]->identities[in]->keypairs[kp]->type==KEYTYPE_CRYPTOSIGN) { - if (sas_public) - *sas_public= - k->contexts[cn]->identities[in]->keypairs[kp]->public_key; + unsigned char *sas_private= + k->contexts[cn]->identities[in]->keypairs[kp]->private_key; + unsigned char *sas_public= + k->contexts[cn]->identities[in]->keypairs[kp]->public_key; + if (rhizome_verify_bundle_privatekey(NULL,sas_private,sas_public)) + { + /* SAS key is invalid (perhaps because it was a pre 0.90 format one), + so replace it */ + DEBUGF("SAS key is invalid -- regenerating."); + crypto_sign_edwards25519sha512batch_keypair(sas_public, + sas_private); + keyring_commit(k); + } if (debug & DEBUG_KEYRING) DEBUGF("Found SAS entry for %s*", alloca_tohex(sid, 7)); - RETURN(k->contexts[cn]->identities[in]->keypairs[kp]->private_key); + if (sas_public_out) *sas_public_out=sas_public; + RETURN(sas_private); } RETURNNULL(WHYNULL("Identity lacks SAS")); diff --git a/rhizome_crypto.c b/rhizome_crypto.c index 3da507db..3d5783ac 100644 --- a/rhizome_crypto.c +++ b/rhizome_crypto.c @@ -315,12 +315,12 @@ int rhizome_verify_bundle_privatekey(rhizome_manifest *m, ge_p3_tobytes(pk,&A); for (i = 0;i < 32;++i) if (pkin[i] != pk[i]) { - if (sk==m->cryptoSignSecret&&pkin==m->cryptoSignPublic) + if (m&&sk==m->cryptoSignSecret&&pkin==m->cryptoSignPublic) m->haveSecret=0; RETURN(-1); } DEBUGF("We have the private key for this bundle."); - if (sk==m->cryptoSignSecret&&pkin==m->cryptoSignPublic) { + if (m&&sk==m->cryptoSignSecret&&pkin==m->cryptoSignPublic) { DEBUGF("Set haveSecret=1 in manifest"); m->haveSecret=1; }