commit 3a55ef78d1ec7a69a869ff23d86dceb3099b43b0
parent 06b4fc1f2b888a66eb39633b7b20143883ac8779
Author: lash <dev@holbrook.no>
Date: Fri, 26 Apr 2024 10:43:59 +0100
Implement request signing in ledger sign method
Diffstat:
M | src/ledger.c | | | 6 | ++++-- |
M | src/tests/ledger.c | | | 326 | +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-------- |
M | src/tests/sign.c | | | 173 | ------------------------------------------------------------------------------- |
3 files changed, 299 insertions(+), 206 deletions(-)
diff --git a/src/ledger.c b/src/ledger.c
@@ -670,6 +670,7 @@ int kee_ledger_sign(struct kee_ledger_t *ledger, struct kee_ledger_item_t *item,
c = DIGEST_LENGTH;
p = out + c;
l -= c;
+ *out_len += c;
// r = kee_ledger_serialize(ledger, p, &c);
// if (r) {
@@ -684,12 +685,13 @@ int kee_ledger_sign(struct kee_ledger_t *ledger, struct kee_ledger_item_t *item,
if (r) {
return ERR_FAIL;
}
+ *out_len += c;
- r = gpg_store_sign_with(gpg, p, c, passphrase, gpg->fingerprint);
+ r = gpg_store_sign_with(gpg, out, *out_len, passphrase, gpg->fingerprint);
if (r) {
return ERR_FAIL;
}
- memcpy(item->alice_signature, gpg->last_signature, 32);
+ memcpy(item->alice_signature, gpg->last_signature, SIGNATURE_LENGTH);
return ERR_OK;
}
diff --git a/src/tests/ledger.c b/src/tests/ledger.c
@@ -9,28 +9,29 @@ const char *test_item_data_a = "3082011d0440000000000000000000000000000000000000
const char *test_item_data_b = "3082011d0440c2b795d9d3183bcc9d6ae1ae2960c302d7364a04996013dd9f31be628c46d2ee87b0cba51db67cd851a64dba04cc3e191dd48e7d7f3e063b0c850fd7b9b82218020817c94f8dec3e67aa02020ce20202049504401f78629f3015afa72f443005fc6711f7a7e2e20072eac86c98874c1dbe42095de3408d5711fb8fca56428461139992e8ff0452dc2092d2ba6ddb9658607f90ac0440d5d6cd6d905d0eb104ff3ab825cfc1be27f69a5377a3c84c33b3c5a0e6902e2af74d9024db58e1b90375be316e687a928edb881f8b6b3795682c20e533f9ed040101ff04409e8ffbbd5684b75aed7bf42a044914ea5813b1fccd9645462664317fa92dd9766c9ede39ea381e9648ef88bad220d0808660be63c94bf9954cf00daddad1150e01";
+const char *content_test = "Subject: foo\n\nsome content\n";
+const char *content_test_item = "Subject: bar\n\nsome other content\n";
-int main() {
- char *p;
+/// \todo split up function
+int test_sign() {
int r;
- size_t c;
+ gcry_sexp_t alice;
+ gcry_sexp_t bob;
+ char alice_fingerprint[20];
+ char *p;
+ char *out;
+ size_t out_len;
+ char *out_item;
+ size_t out_item_len;
struct gpg_store gpg;
struct kee_ledger_t ledger;
- struct kee_ledger_item_t *ledger_item_a;
- struct kee_ledger_item_t *ledger_item_b;
- Cadiz cadiz;
- char data[1024];
- char path[1024];
- char out[1024];
+ struct kee_ledger_item_t item;
+ struct kee_ledger_item_t *item_parsed;
+ struct kee_content_t content;
+ struct kee_content_t content_item;
+ char item_sum[64];
const char *version;
- gcry_sexp_t alice;
- gcry_sexp_t bob;
- char fingerprint_bob[FINGERPRINT_LENGTH];
-
- cadiz.locator = "./testdata_resource";
-
- kee_ledger_init(&ledger);
- kee_ledger_reset_cache(&ledger);
+ char path[1024];
version = gcry_check_version(NULL);
if (version == 0x0) {
@@ -39,12 +40,23 @@ int main() {
gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
- /// \todo factor out key creation tost utils
strcpy(path, "/tmp/keetest_key_XXXXXX");
p = mkdtemp(path);
if (p == NULL) {
return 1;
}
+
+ kee_ledger_init(&ledger);
+
+ gpg_store_init(&gpg, p);
+ gpg.k = &alice;
+ r = gpg_key_create(&gpg, "1234"); // alice
+ if (r) {
+ return 1;
+ }
+ memcpy(ledger.pubkey_alice, gpg.public_key, PUBKEY_LENGTH);
+ memcpy(alice_fingerprint, gpg.fingerprint, FINGERPRINT_LENGTH);
+
gpg_store_init(&gpg, p);
gpg.k = &bob;
r = gpg_key_create(&gpg, "1234"); // bob
@@ -52,8 +64,156 @@ int main() {
return 1;
}
memcpy(ledger.pubkey_bob, gpg.public_key, PUBKEY_LENGTH);
- memcpy(fingerprint_bob, gpg.fingerprint, FINGERPRINT_LENGTH);
+ strcpy(ledger.uoa, "USD");
+ ledger.uoa_decimals = 2;
+
+ r = calculate_digest_algo(content_test, strlen(content_test), content.key, GCRY_MD_SHA512);
+ if (r) {
+ return 1;
+ }
+ r = kee_content_init(&content, content.key, 0);
+ if (r) {
+ return 1;
+ }
+ r = calculate_digest_algo(content_test, strlen(content_test), content.key, GCRY_MD_SHA512);
+ if (r) {
+ return 1;
+ }
+
+ out_len = 1024*1024;
+ out = malloc(out_len);
+ r = kee_ledger_serialize(&ledger, out, &out_len);
+ if (r) {
+ return 1;
+ }
+
+ r = calculate_digest_algo(out, out_len, ledger.digest, GCRY_MD_SHA512);
+ if (r) {
+ return 1;
+ }
+
+ kee_ledger_item_init(&item);
+ item.alice_credit_delta = 666;
+ item.bob_credit_delta = -42;
+ item.alice_collateral_delta = 1024;
+ item.bob_collateral_delta = 2048;
+ r = clock_gettime(CLOCK_REALTIME, &item.time);
+ if (r) {
+ return 1;
+ }
+ item.initiator = BOB;
+ item.response = 1;
+
+ r = calculate_digest_algo(content_test_item, strlen(content_test_item), content_item.key, GCRY_MD_SHA512);
+ if (r) {
+ return 1;
+ }
+ r = kee_content_init(&content_item, content_item.key, 0);
+ if (r) {
+ return 1;
+ }
+ r = calculate_digest_algo(content_test_item, strlen(content_test_item), content_item.key, GCRY_MD_SHA512);
+ if (r) {
+ return 1;
+ }
+
+ out_item_len = 4096;
+ out_item = malloc(out_item_len);
+ r = kee_ledger_item_serialize(&item, out_item, &out_item_len, KEE_LEDGER_ITEM_SERIALIZE_REQUEST);
+ if (r) {
+ return 1;
+ }
+ r = calculate_digest_algo(out_item, out_item_len, item_sum, GCRY_MD_SHA512);
+ if (r) {
+ return 1;
+ }
+ r = gpg_store_sign(&gpg, out_item, out_item_len, "1234");
+ if (r) {
+ return 1;
+ }
+ memcpy(item.bob_signature, gpg.last_signature, SIGNATURE_LENGTH);
+ r = gpg_store_verify(gpg.last_signature, item_sum, ledger.pubkey_bob);
+ if (r) {
+ return 1;
+ }
+
+ gpg.k = &alice;
+ r = gpg_key_load(&gpg, "1234", KEE_GPG_FIND_FINGERPRINT, alice_fingerprint);
+ if (r) {
+ return 1;
+ }
+
+ out_item_len = 1024;
+ r = kee_ledger_sign(&ledger, &item, &gpg, out_item, &out_item_len, "1234");
+ if (r) {
+ return 1;
+ }
+ memcpy(item.alice_signature, gpg.last_signature, SIGNATURE_LENGTH);
+ r = calculate_digest_algo(out_item, out_item_len, item_sum, GCRY_MD_SHA512);
+ if (r) {
+ return 1;
+ }
+ r = gpg_store_verify(gpg.last_signature, item_sum, ledger.pubkey_alice);
+ if (r) {
+ return 1;
+ }
+
+ out_item_len = 4096;
+ r = kee_ledger_item_serialize(&item, out_item, &out_item_len, KEE_LEDGER_ITEM_SERIALIZE_FINAL);
+ if (r) {
+ return 1;
+ }
+ *(out_item+out_item_len) = 1;
+
+ item_parsed = kee_ledger_parse_item(&ledger, out_item, out_item_len + 1);
+ if (item_parsed == NULL) {
+ return 1;
+ }
+
+ free(out_item);
+ free(out);
+ kee_content_free(&content_item);
+ kee_content_free(&content);
+ kee_ledger_free(&ledger);
+
+ return 0;
+}
+
+int test_alice() {
+ char *p;
+ int r;
+ size_t c;
+ unsigned char *version;
+ struct kee_ledger_t ledger;
+ struct kee_ledger_item_t item;
+ struct gpg_store gpg;
+ gcry_sexp_t alice;
+ char path[1024];
+ struct kee_content_t content;
+ struct kee_content_t content_item;
+ char item_sum[64];
+ size_t out_len;
+ size_t out_item_len;
+ char *out;
+ char *out_item;
+
+ version = gcry_check_version(NULL);
+ if (version == 0x0) {
+ return 1;
+ }
+ gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
+ gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
+
+ strcpy(path, "/tmp/keetest_key_XXXXXX");
+ p = mkdtemp(path);
+ if (p == NULL) {
+ return 1;
+ }
+
+ kee_ledger_init(&ledger);
+
+ gpg_store_init(&gpg, p);
gpg.k = &alice;
r = gpg_key_create(&gpg, "1234"); // alice
if (r) {
@@ -61,6 +221,112 @@ int main() {
}
memcpy(ledger.pubkey_alice, gpg.public_key, PUBKEY_LENGTH);
+ r = calculate_digest_algo(content_test, strlen(content_test), content.key, GCRY_MD_SHA512);
+ if (r) {
+ return 1;
+ }
+ r = kee_content_init(&content, content.key, 0);
+ if (r) {
+ return 1;
+ }
+ r = calculate_digest_algo(content_test, strlen(content_test), content.key, GCRY_MD_SHA512);
+ if (r) {
+ return 1;
+ }
+
+ out_len = 1024*1024;
+ out = malloc(out_len);
+ r = kee_ledger_serialize(&ledger, out, &out_len);
+ if (r) {
+ return 1;
+ }
+
+ r = calculate_digest_algo(out, out_len, ledger.digest, GCRY_MD_SHA512);
+ if (r) {
+ return 1;
+ }
+
+ kee_ledger_item_init(&item);
+ item.alice_credit_delta = 666;
+ item.bob_credit_delta = -42;
+ item.alice_collateral_delta = 1024;
+ item.bob_collateral_delta = 2048;
+ r = clock_gettime(CLOCK_REALTIME, &item.time);
+ if (r) {
+ return 1;
+ }
+ item.initiator = ALICE;
+ item.response = 0;
+
+ r = calculate_digest_algo(content_test_item, strlen(content_test_item), content_item.key, GCRY_MD_SHA512);
+ if (r) {
+ return 1;
+ }
+ r = kee_content_init(&content_item, content_item.key, 0);
+ if (r) {
+ return 1;
+ }
+ r = calculate_digest_algo(content_test_item, strlen(content_test_item), content_item.key, GCRY_MD_SHA512);
+ if (r) {
+ return 1;
+ }
+
+ out_item_len = 1024;
+ out_item = malloc(out_item_len);
+ r = kee_ledger_item_serialize(&item, out_item, &out_item_len, KEE_LEDGER_ITEM_SERIALIZE_REQUEST);
+ if (r) {
+ return 1;
+ }
+ r = calculate_digest_algo(out_item, out_item_len, item_sum, GCRY_MD_SHA512);
+ if (r) {
+ return 1;
+ }
+
+ out_item_len = 1024;
+ r = kee_ledger_sign(&ledger, &item, &gpg, out_item, &out_item_len, "1234");
+ if (r) {
+ return 1;
+ }
+ memcpy(item.alice_signature, gpg.last_signature, SIGNATURE_LENGTH);
+ r = calculate_digest_algo(out_item, out_item_len, item_sum, GCRY_MD_SHA512);
+ if (r) {
+ return 1;
+ }
+ r = gpg_store_verify(gpg.last_signature, item_sum, ledger.pubkey_alice);
+ if (r) {
+ return 1;
+ }
+
+ free(out_item);
+ free(out);
+ kee_content_free(&content_item);
+ kee_content_free(&content);
+ kee_ledger_free(&ledger);
+}
+
+int test_parse() {
+ char *p;
+ int r;
+ size_t c;
+ struct kee_ledger_t ledger;
+ struct kee_ledger_item_t *ledger_item_a;
+ struct kee_ledger_item_t *ledger_item_b;
+ Cadiz cadiz;
+ char data[1024];
+ char path[1024];
+ char out[1024];
+ const char *version;
+ gcry_sexp_t alice;
+ gcry_sexp_t bob;
+ char fingerprint_bob[FINGERPRINT_LENGTH];
+ size_t out_len;
+ struct kee_ledger_item_t *item_parsed;
+
+ cadiz.locator = "./testdata_resource";
+
+ kee_ledger_init(&ledger);
+ kee_ledger_reset_cache(&ledger);
+
c = hex2bin(test_ledger_data, (unsigned char*)data);
r = kee_ledger_parse(&ledger, data, c);
if (r) {
@@ -94,27 +360,25 @@ int main() {
return 1;
}
- c = 1024;
- r = kee_ledger_sign(&ledger, ledger.last_item, &gpg, out, &c, "1234");
+ return 0;
+}
+
+int main() {
+ int r;
+
+ r = test_parse();
if (r) {
return 1;
}
-
- // counter-sign
- gpg.k = &bob;
- r = gpg_key_load(&gpg, "1234", KEE_GPG_FIND_FINGERPRINT, fingerprint_bob);
+ r = test_sign();
if (r) {
return 1;
}
- memcpy(ledger.last_item->bob_signature, ledger.last_item->alice_signature, SIGNATURE_LENGTH);
- memset(ledger.last_item->alice_signature, 0, SIGNATURE_LENGTH);
- c = 1024;
- r = kee_ledger_sign(&ledger, ledger.last_item, &gpg, out, &c, "1234");
+ r = test_alice();
if (r) {
return 1;
}
-
- kee_ledger_free(&ledger);
+
return 0;
}
diff --git a/src/tests/sign.c b/src/tests/sign.c
@@ -6,175 +6,6 @@
#include "gpg.h"
#include "digest.h"
-const char *content_test = "Subject: foo\n\nsome content\n";
-const char *content_test_item = "Subject: bar\n\nsome other content\n";
-
-/// \todo split up function
-int test_sign() {
- int r;
- gcry_sexp_t alice;
- gcry_sexp_t bob;
- char alice_fingerprint[20];
- char *p;
- char *out;
- size_t out_len;
- char *out_item;
- size_t out_item_len;
- struct gpg_store gpg;
- struct kee_ledger_t ledger;
- struct kee_ledger_item_t item;
- struct kee_content_t content;
- struct kee_content_t content_item;
- char item_sum[64];
- const char *version;
- char path[1024];
-
- version = gcry_check_version(NULL);
- if (version == 0x0) {
- return 1;
- }
- gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
- gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
-
- strcpy(path, "/tmp/keetest_key_XXXXXX");
- p = mkdtemp(path);
- if (p == NULL) {
- return 1;
- }
-
- kee_ledger_init(&ledger);
-
- gpg_store_init(&gpg, p);
- gpg.k = &alice;
- r = gpg_key_create(&gpg, "1234"); // alice
- if (r) {
- return 1;
- }
- memcpy(ledger.pubkey_alice, gpg.public_key, PUBKEY_LENGTH);
- memcpy(alice_fingerprint, gpg.fingerprint, FINGERPRINT_LENGTH);
-
- gpg_store_init(&gpg, p);
- gpg.k = &bob;
- r = gpg_key_create(&gpg, "1234"); // bob
- if (r) {
- return 1;
- }
- memcpy(ledger.pubkey_bob, gpg.public_key, PUBKEY_LENGTH);
-
- strcpy(ledger.uoa, "USD");
- ledger.uoa_decimals = 2;
-
- r = calculate_digest_algo(content_test, strlen(content_test), content.key, GCRY_MD_SHA512);
- if (r) {
- return 1;
- }
- r = kee_content_init(&content, content.key, 0);
- if (r) {
- return 1;
- }
- r = calculate_digest_algo(content_test, strlen(content_test), content.key, GCRY_MD_SHA512);
- if (r) {
- return 1;
- }
-
- out_len = 1024*1024;
- out = malloc(out_len);
- r = kee_ledger_serialize(&ledger, out, &out_len);
- if (r) {
- return 1;
- }
-
- r = calculate_digest_algo(out, out_len, ledger.digest, GCRY_MD_SHA512);
- if (r) {
- return 1;
- }
-
- kee_ledger_item_init(&item);
- item.alice_credit_delta = 666;
- item.bob_credit_delta = -42;
- item.alice_collateral_delta = 1024;
- item.bob_collateral_delta = 2048;
- r = clock_gettime(CLOCK_REALTIME, &item.time);
- if (r) {
- return 1;
- }
- item.initiator = BOB;
- item.response = 1;
-
- r = calculate_digest_algo(content_test_item, strlen(content_test_item), content_item.key, GCRY_MD_SHA512);
- if (r) {
- return 1;
- }
- r = kee_content_init(&content_item, content_item.key, 0);
- if (r) {
- return 1;
- }
- r = calculate_digest_algo(content_test_item, strlen(content_test_item), content_item.key, GCRY_MD_SHA512);
- if (r) {
- return 1;
- }
-
- out_item_len = 4096;
- out_item = malloc(out_item_len);
- r = kee_ledger_item_serialize(&item, out_item, &out_item_len, KEE_LEDGER_ITEM_SERIALIZE_REQUEST);
- if (r) {
- return 1;
- }
- r = calculate_digest_algo(out_item, out_item_len, item_sum, GCRY_MD_SHA512);
- if (r) {
- return 1;
- }
- r = gpg_store_sign(&gpg, out_item, out_item_len, "1234");
- if (r) {
- return 1;
- }
- r = gpg_store_verify(gpg.last_signature, item_sum, ledger.pubkey_bob);
- if (r) {
- return 1;
- }
-// memcpy(item.bob_signature, gpg.last_signature, SIGNATURE_LENGTH);
-//
-// out_item_len = 4096;
-// r = kee_ledger_item_serialize(&item, out_item, &out_item_len, KEE_LEDGER_ITEM_SERIALIZE_RESPONSE);
-// if (r) {
-// return 1;
-// }
-// r = calculate_digest_algo(out_item, out_item_len, item_sum, GCRY_MD_SHA512);
-// if (r) {
-// return 1;
-// }
-// gpg.k = &alice;
-// r = gpg_store_sign_with(&gpg, out_item, out_item_len, "1234", alice_fingerprint);
-// if (r) {
-// return 1;
-// }
-// r = gpg_store_verify(gpg.last_signature, item_sum, ledger.pubkey_alice);
-// if (r) {
-// return 1;
-// }
-// memcpy(item.alice_signature, gpg.last_signature, SIGNATURE_LENGTH);
-//
-// out_item_len = 4096;
-// r = kee_ledger_item_serialize(&item, out_item, &out_item_len, KEE_LEDGER_ITEM_SERIALIZE_FINAL);
-// if (r) {
-// return 1;
-// }
-// *(out_item+out_item_len) = 1;
-//
-// item_parsed = kee_ledger_parse_item(&ledger, out_item, out_item_len + 1);
-// if (item_parsed == NULL) {
-// return 1;
-// }
-
- free(out_item);
- free(out);
- kee_content_free(&content_item);
- kee_content_free(&content);
- kee_ledger_free(&ledger);
-
- return 0;
-}
-
int test_create() {
char *p;
int r;
@@ -211,9 +42,5 @@ int main() {
if (r) {
return 1;
}
- r = test_sign();
- if (r) {
- return 1;
- }
return 0;
}