kee

Offline IOU signer with QR as transport
git clone https://holbrook.no/src/kee
Info | Log | Files | Refs | README | LICENSE
commit 1385f473d54dbf7a28aaaf111f1f4096d93107ed
parent 7da90d48834bdd732838edfa6eed0c3ef929e9bf
Author: lash <dev@holbrook.no>
Date:   Sat,  4 May 2024 06:25:10 +0100

Remove unencrypted data length in key file creation

Diffstat:

Msrc/gpg.c | 14+++++++++++---


Msrc/ledger.c | 1+


Msrc/ledger.h | 1+


Msrc/tests/Makefile | 2+-


Msrc/tests/sign.c | 2--


Msrc/tests/testutil.c | 23++++++++++-------------


6 files changed, 24 insertions(+), 19 deletions(-)

diff --git a/src/gpg.c b/src/gpg.c
@@ -301,6 +301,7 @@ static int key_create_file(struct gpg_store *gpg, gcry_sexp_t *key, const char *
 	FILE *f;
 	char nonce[CHACHA20_NONCE_LENGTH_BYTES];
 	char path[1024];
+	char ciphertext[BUFLEN];
 
 	r = key_create(gpg, key);
 	if (r) {
@@ -311,6 +312,9 @@ static int key_create_file(struct gpg_store *gpg, gcry_sexp_t *key, const char *
 	m = (size_t)kl + 1;
 	p = (char*)v + sizeof(int);
 	c = 0;
+	kl = gcry_sexp_sprint(*key, GCRYSEXP_FMT_CANON, p, BUFLEN-m);
+	m -= (size_t)(kl + 1);
+	c += kl;
 //	while (m > 0) {
 //		kl = gcry_sexp_sprint(*key, GCRYSEXP_FMT_CANON, p, BUFLEN-m);
 //		m -= (size_t)(kl + 1);
@@ -322,15 +326,19 @@ static int key_create_file(struct gpg_store *gpg, gcry_sexp_t *key, const char *
 	m = c;
 	c = get_padsize(m, ENCRYPT_BLOCKSIZE);
 	/// \todo malloc
-	char ciphertext[c];
-
+//
+//	l = c;
+//	c = fwrite(&kl, sizeof(int), 1, f);
+//	if (c != 1) {
+//		fclose(f);
+//		return ERR_KEYFAIL;
+//	}
 	gcry_create_nonce(nonce, CHACHA20_NONCE_LENGTH_BYTES);
 	r = encryptb(ciphertext, c, v, m+sizeof(int), passphrase, nonce);
 	if (r) {
 		return ERR_KEYFAIL;
 	}
 
-
 	p = key_filename(gpg, path);
 	if (p == NULL) {
 		return ERR_KEYFAIL;
diff --git a/src/ledger.c b/src/ledger.c
@@ -1148,6 +1148,7 @@ int kee_ledger_item_put(struct kee_ledger_t *ledger, struct db_ctx *db, int idx)
 }
 
 
+/// \todo zero initiator need detect
 enum kee_ledger_state_e kee_ledger_item_state(struct kee_ledger_item_t *item) {
 	char *sig_request;
 	char *sig_response;
diff --git a/src/ledger.h b/src/ledger.h
@@ -10,6 +10,7 @@
 #include "digest.h"
 
 enum kee_initiator_e {
+	UNKNOWN,
 	ALICE,
 	BOB,
 };
diff --git a/src/tests/Makefile b/src/tests/Makefile
@@ -23,9 +23,9 @@ obj_debug: util
 test_run:
 	./test_cadir
 	./test_content
+	./test_sign
 	./test_ledger
 	./test_dn
-	./test_sign
 	./test_transport
 
 test: all test_run
diff --git a/src/tests/sign.c b/src/tests/sign.c
@@ -11,7 +11,6 @@ int test_create() {
 	int r;
 	struct gpg_store gpg;
 	char path[1024];
-	gcry_sexp_t key;
 
 	strcpy(path, "/tmp/keetest_key_XXXXXX");
 	p = mkdtemp(path);
@@ -27,7 +26,6 @@ int test_create() {
 
 	memset(&gpg, 0, sizeof(struct gpg_store));
 	gpg_store_init(&gpg, p);
-	gpg.k = &key;
 	r = gpg_key_load(&gpg, "1234", KEE_GPG_FIND_MAIN, NULL);
 	if (r) {
 		return 1;
diff --git a/src/tests/testutil.c b/src/tests/testutil.c
@@ -29,13 +29,10 @@ int kee_test_db(struct kee_test_t *t) {
 	return 0;
 }
 
+/// \todo eliminate gpg->k swaps
 int kee_test_sign_request(struct kee_test_t *t) {
 	int r;
-	char b[1024];
-	size_t c;
 
-	c = 1024;
-	//r = kee_ledger_sign(&t->ledger, t->ledger.last_item, &t->gpg, b, &c, "1234");
 	r = kee_ledger_sign(&t->ledger, t->ledger.last_item, &t->gpg, "1234");
 	if (r) {
 		return 1;
@@ -46,12 +43,9 @@ int kee_test_sign_request(struct kee_test_t *t) {
 
 int kee_test_sign_response(struct kee_test_t *t) {
 	int r;
-	char b[1024];
-	size_t c;
 	struct kee_ledger_item_t item_swap;
 
-	c = 1024;
-	t->gpg.k = &t->bob;
+	t->gpg.k = t->bob;
 	r = gpg_key_load(&t->gpg, "1234", KEE_GPG_FIND_FINGERPRINT, t->bob_fingerprint);
 	if (r) {
 		return 1;
@@ -65,7 +59,6 @@ int kee_test_sign_response(struct kee_test_t *t) {
 	memcpy(t->ledger.last_item->bob_signature, t->ledger.last_item->alice_signature, SIGNATURE_LENGTH);
 	memset(t->ledger.last_item->alice_signature, 0, SIGNATURE_LENGTH);
 
-	//r = kee_ledger_sign(&t->ledger, t->ledger.last_item, &t->gpg, b, &c, "1234");
 	r = kee_ledger_sign(&t->ledger, t->ledger.last_item, &t->gpg, "1234");
 	if (r) {
 		return 1;
@@ -73,7 +66,7 @@ int kee_test_sign_response(struct kee_test_t *t) {
 	memcpy(item_swap.bob_signature, t->gpg.last_signature, SIGNATURE_LENGTH);
 	memcpy(t->ledger.last_item, &item_swap, sizeof(struct kee_ledger_item_t));
 
-	t->gpg.k = &t->alice;
+	t->gpg.k = t->alice;
 	r = gpg_key_load(&t->gpg, "1234", KEE_GPG_FIND_FINGERPRINT, t->alice_fingerprint);
 	if (r) {
 		return 1;
@@ -114,7 +107,7 @@ int kee_test_generate(struct kee_test_t *t) {
 	kee_ledger_init(&t->ledger);
 
 	gpg_store_init(&t->gpg, p);
-	t->gpg.k = &t->alice;
+	t->gpg.k = t->alice;
 	r = gpg_key_create(&t->gpg, "1234"); // alice
 	if (r) {
 		return 1;
@@ -123,7 +116,7 @@ int kee_test_generate(struct kee_test_t *t) {
 	memcpy(t->alice_fingerprint, t->gpg.fingerprint, FINGERPRINT_LENGTH);
 
 	gpg_store_init(&t->gpg, p);
-	t->gpg.k = &t->bob;
+	t->gpg.k = t->bob;
 	r = gpg_key_create(&t->gpg, "1234"); // bob
 	if (r) {
 		return 1;
@@ -179,7 +172,11 @@ int kee_test_generate(struct kee_test_t *t) {
 	}
 	memcpy(&item->content, content_item, sizeof(struct kee_content_t));
 
-	t->gpg.k = &t->alice;
+	t->gpg.k = t->alice;
+	//r = gpg_store_digest(&t->gpg, passphrase_hash, "1234"); //struct gpg_store *gpg, char *out, const char *in)
+	//if (r) {
+	//	return 1;
+	//}
 	r = gpg_key_load(&t->gpg, "1234", KEE_GPG_FIND_FINGERPRINT, t->alice_fingerprint);
 	if (r) {
 		return 1;