commit c7299f44d096c2ca61e48417d80ba34109074876
parent a3ad301f6ee3a58605bee993fa4f8a141579534a
Author: lash <dev@holbrook.no>
Date: Wed, 24 Apr 2024 20:57:21 +0100
Prefix ledger head digest to item signature message
Diffstat:
8 files changed, 36 insertions(+), 10 deletions(-)
diff --git a/src/gtk/kee-entry.c b/src/gtk/kee-entry.c
@@ -59,6 +59,7 @@ struct _KeeEntry {
struct Cadiz *resolver;
struct db_ctx *db;
struct kee_entry_form_t *form;
+ struct gpg_store *signer;
};
@@ -78,6 +79,8 @@ static void kee_entry_handle_add(GtkButton *butt, KeeEntry *o) {
o->state |= ENTRYSTATE_LOAD;
g_log(G_LOG_DOMAIN, G_LOG_LEVEL_DEBUG, "adding ledger entry");
+
+
}
static void kee_entry_handle_item_setup(GtkListItemFactory* o, GtkListItem *item) {
@@ -237,6 +240,10 @@ void kee_entry_set_resolver(KeeEntry *o, struct Cadiz *resolver) {
o->resolver = resolver;
}
+void kee_entry_set_signer(KeeEntry *o, struct gpg_store *gpg) {
+ o->signer = gpg;
+}
+
static void kee_entry_init_list_widget(KeeEntry *o) {
GtkSingleSelection *sel;
GtkListItemFactory *factory;
diff --git a/src/gtk/kee-entry.h b/src/gtk/kee-entry.h
@@ -6,6 +6,7 @@
#include "db.h"
#include "cadiz.h"
+#include "gpg.h"
G_BEGIN_DECLS
@@ -34,6 +35,7 @@ int kee_entry_load(KeeEntry *o, struct db_ctx *db, const char *id);
int kee_entry_deserialize(KeeEntry *o, const char *data, size_t data_len);
KeeEntry* kee_entry_new(struct db_ctx *db);
void kee_entry_set_resolver(KeeEntry *o, struct Cadiz *resolver);
+void kee_entry_set_signer(KeeEntry *o, struct gpg_store *gpg);
int kee_entry_modeswitch(KeeEntry *o, enum kee_entry_viewmode_e);
G_END_DECLS
diff --git a/src/gtk/kee-key.c b/src/gtk/kee-key.c
@@ -22,6 +22,7 @@ G_DEFINE_TYPE(KeeKey, kee_key, GTK_TYPE_BOX);
static GParamSpec *kee_props[KEE_N_KEY_PROPS] = {NULL,};
static guint kee_sigs[KEE_N_KEY_SIGS] = {0,};
+
static void kee_key_set_property(GObject *oo, guint property_id, const GValue *value, GParamSpec *pspec) {
KeeKey *o = KEE_KEY(oo);
const gchar *s;
@@ -62,6 +63,17 @@ static void kee_key_class_init(KeeKeyClass *kls) {
0,
NULL);
+// kee_sigs[KEE_S_KEY_UNLOCKED] = g_signal_new("sign",
+// G_TYPE_FROM_CLASS(o),
+// G_SIGNAL_RUN_LAST | G_SIGNAL_NO_RECURSE | G_SIGNAL_NO_HOOKS,
+// 0,
+// NULL,
+// NULL,
+// NULL,
+// G_TYPE_NONE,
+// 1,
+// NULL);
+
o->set_property = kee_key_set_property;
o->get_property = kee_key_get_property;
diff --git a/src/gtk/kee-key.h b/src/gtk/kee-key.h
@@ -17,12 +17,13 @@ enum KEE_KEY_PROPS {
enum KEE_KEY_SIGS {
KEE_S_KEY_UNLOCKED,
+// KEE_S_KEY_WANT_SIGN,
KEE_N_KEY_SIGS,
};
G_END_DECLS
-KeeKey* kee_key_new();
+KeeKey* kee_key_new(const char *key_path);
const char *kee_key_get_fingerprint(KeeKey *o, char *fingerprint);
#endif // _GTK_KEE_KEY_H
diff --git a/src/gtk/kee-menu.c b/src/gtk/kee-menu.c
@@ -99,7 +99,6 @@ KeeMenu* kee_menu_new(GtkApplication *gapp) {
gtk_actionable_set_action_name(GTK_ACTIONABLE(butt), "win.new_entry");
g_signal_connect(act, "activate", G_CALLBACK(kee_menu_act_new_entry), o);
-
gtk_window_set_titlebar(GTK_WINDOW(o), GTK_WIDGET(o->head));
gtk_window_set_title (GTK_WINDOW (o), "kee");
diff --git a/src/gtk/ui.c b/src/gtk/ui.c
@@ -30,7 +30,7 @@ static void ui_handle_unlock(KeeKey *o, KeeMenu *menu) {
kee_menu_prev(menu);
}
-//
+
//static GtkWidget* ui_build_view(KeeMenu *menu) {
// GtkListItemFactory *factory;
// GtkSelectionModel *sel;
diff --git a/src/ledger.c b/src/ledger.c
@@ -14,9 +14,10 @@
extern const asn1_static_node schema_entry_asn1_tab[];
+
char zero_content[64];
-static char *get_message(asn1_node item, char *out_digest, char *out_data, size_t *out_len) {
+static char *get_message(struct kee_ledger_t *ledger, asn1_node item, char *out_digest, char *out_data, size_t *out_len) {
int r;
size_t c;
asn1_node root;
@@ -92,12 +93,16 @@ static char *get_message(asn1_node item, char *out_digest, char *out_data, size_
return NULL;
}
- r = asn1_der_coding(root, "Kee.KeeEntry", out_data, (int*)out_len, err);
+ memcpy(out_data, ledger->digest, 64);
+
+ r = asn1_der_coding(root, "Kee.KeeEntry", out_data+64, (int*)out_len, err);
if (r != ASN1_SUCCESS) {
printf("%d (%s) %s\n", r, err, asn1_strerror(r));
return NULL;
}
+ *out_len += 64;
+
r = calculate_digest_algo(out_data, *out_len, out_digest, GCRY_MD_SHA512);
if (r) {
return NULL;
@@ -107,7 +112,7 @@ static char *get_message(asn1_node item, char *out_digest, char *out_data, size_
}
-static int verify_item(asn1_node item, const char *pubkey_first_data, const char *pubkey_last_data) {
+static int verify_item(struct kee_ledger_t *ledger, asn1_node item, const char *pubkey_first_data, const char *pubkey_last_data) {
int r;
gcry_sexp_t sig;
gcry_sexp_t msg;
@@ -123,7 +128,7 @@ static int verify_item(asn1_node item, const char *pubkey_first_data, const char
size_t pubkey_sexp_len;
c = 1024;
- p = get_message(item, p, p+64, &c);
+ p = get_message(ledger, item, p, p+64, &c);
if (p == NULL) {
return 1;
}
@@ -262,7 +267,7 @@ struct kee_ledger_item_t *kee_ledger_parse_item(struct kee_ledger_t *ledger, con
return NULL;
}
- r = verify_item(item, pubkey_first, pubkey_last);
+ r = verify_item(ledger, item, pubkey_first, pubkey_last);
if (r) {
return NULL;
}
diff --git a/testdata_asn1.py b/testdata_asn1.py
@@ -355,12 +355,12 @@ class LedgerEntry(Ledger):
logg.debug('encoding new entry for request signature: {}'.format(o))
b = der_encode(o)
- self.request_signature = self.signer.sign(self.signer_sequence[0], b)
+ self.request_signature = self.signer.sign(self.signer_sequence[0], self.head + b)
o['signatureRequest'] = self.request_signature
o['response'] = True
b = der_encode(o)
- self.response_signature = self.signer.sign(self.signer_sequence[1], b)
+ self.response_signature = self.signer.sign(self.signer_sequence[1], self.head + b)
o['signatureResponse'] = self.response_signature
b = der_encode(o)
