ExternalVendorCode/serval-dna
1
0
Fork 0
mirror of https://github.com/servalproject/serval-dna.git synced 2024-12-19 05:07:56 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

added code to replace old-format SAS with new crypto_sign implementation

Browse Source 
type on next use (so that people upgrading automatically get a new valid
SAS instead of continuing to try to use an invalid one -- this is only
a reasonable course of action since we have made no formal releases of
the code). #17
This commit is contained in:
gardners 2012-10-18 15:46:16 +10:30 committed by Jeremy Lakeman
parent 499c4018bf
commit 55c9cff8cd
2 changed files with 19 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
keyring.c
View File

@ -17,6 +17,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
#include "serval.h"
#include "rhizome.h"
#include "nacl.h"
#include "overlay_address.h"
@ -1105,7 +1106,7 @@ int keyring_sanitise_position(const keyring_file *k,int *cn,int *in,int *kp)
}
unsigned char *keyring_find_sas_private(keyring_file *k,unsigned char *sid,
unsigned char **sas_public)
unsigned char **sas_public_out)
{
IN();
int cn=0,in=0,kp=0;
@ -1117,12 +1118,23 @@ unsigned char *keyring_find_sas_private(keyring_file *k,unsigned char *sid,
for(kp=0;kp<k->contexts[cn]->identities[in]->keypair_count;kp++)
if (k->contexts[cn]->identities[in]->keypairs[kp]->type==KEYTYPE_CRYPTOSIGN)
{
if (sas_public)
*sas_public=
k->contexts[cn]->identities[in]->keypairs[kp]->public_key;
unsigned char *sas_private=
k->contexts[cn]->identities[in]->keypairs[kp]->private_key;
unsigned char *sas_public=
k->contexts[cn]->identities[in]->keypairs[kp]->public_key;
if (rhizome_verify_bundle_privatekey(NULL,sas_private,sas_public))
{
/* SAS key is invalid (perhaps because it was a pre 0.90 format one),
so replace it */
DEBUGF("SAS key is invalid -- regenerating.");
crypto_sign_edwards25519sha512batch_keypair(sas_public,
sas_private);
keyring_commit(k);
}
if (debug & DEBUG_KEYRING)
DEBUGF("Found SAS entry for %s*", alloca_tohex(sid, 7));
RETURN(k->contexts[cn]->identities[in]->keypairs[kp]->private_key);
if (sas_public_out) *sas_public_out=sas_public;
RETURN(sas_private);
}
RETURNNULL(WHYNULL("Identity lacks SAS"));

4
rhizome_crypto.c
View File

@ -315,12 +315,12 @@ int rhizome_verify_bundle_privatekey(rhizome_manifest *m,
ge_p3_tobytes(pk,&A);
for (i = 0;i < 32;++i) if (pkin[i] != pk[i]) {
if (sk==m->cryptoSignSecret&&pkin==m->cryptoSignPublic)
if (m&&sk==m->cryptoSignSecret&&pkin==m->cryptoSignPublic)
m->haveSecret=0;
RETURN(-1);
}
DEBUGF("We have the private key for this bundle.");
if (sk==m->cryptoSignSecret&&pkin==m->cryptoSignPublic) {
if (m&&sk==m->cryptoSignSecret&&pkin==m->cryptoSignPublic) {
DEBUGF("Set haveSecret=1 in manifest");
m->haveSecret=1;
}