From 04b4b1670f25420a6e5a5ec3bde78510f80401dd Mon Sep 17 00:00:00 2001 From: Mirek Kratochvil Date: Sun, 21 Apr 2013 00:04:16 +0200 Subject: [PATCH] keyring: keys also contain algorithm identifier --- src/keyring.cpp | 33 +++++++++++++++++++-------------- src/keyring.h | 17 ++++++++++++----- src/message.cpp | 10 +++++++++- 3 files changed, 40 insertions(+), 20 deletions(-) diff --git a/src/keyring.cpp b/src/keyring.cpp index a66ecfa..5e320c5 100644 --- a/src/keyring.cpp +++ b/src/keyring.cpp @@ -134,14 +134,15 @@ bool keyring::parse_keypairs (sencode*keypairs, keypair_storage&pairs) sencode_list*entry = dynamic_cast (*i); if (!entry) goto failure; - if (entry->items.size() != 3) goto failure; + if (entry->items.size() != 4) goto failure; sencode_bytes *ident = dynamic_cast (entry->items[0]), - *privkey = dynamic_cast (entry->items[1]), - *pubkey = dynamic_cast (entry->items[2]); + *alg = dynamic_cast (entry->items[1]), + *privkey = dynamic_cast (entry->items[2]), + *pubkey = dynamic_cast (entry->items[3]); - if (! (ident && privkey && pubkey) ) goto failure; + if (! (ident && alg && privkey && pubkey) ) goto failure; std::string keyid = get_keyid (pubkey->b); sencode *priv, *pub; @@ -155,7 +156,8 @@ bool keyring::parse_keypairs (sencode*keypairs, keypair_storage&pairs) goto failure; } - pairs[keyid] = keypair_entry (keyid, ident->b, pub, priv); + pairs[keyid] = keypair_entry (keyid, ident->b, alg->b, + pub, priv); } return true; @@ -173,10 +175,11 @@ sencode* keyring::serialize_keypairs (const keypair_storage&pairs) i = pairs.begin(), e = pairs.end(); i != e; ++i) { sencode_list*a = new sencode_list; - a->items.resize (3); + a->items.resize (4); a->items[0] = new sencode_bytes (i->second.pub.name); - a->items[1] = new sencode_bytes (i->second.privkey->encode() ); - a->items[2] = new sencode_bytes (i->second.pub.key->encode() ); + a->items[1] = new sencode_bytes (i->second.pub.alg); + a->items[2] = new sencode_bytes (i->second.privkey->encode() ); + a->items[3] = new sencode_bytes (i->second.pub.key->encode() ); L->items.push_back (a); } @@ -205,20 +208,21 @@ bool keyring::parse_pubkeys (sencode* pubkeys, pubkey_storage&pubs) sencode_list*entry = dynamic_cast (*i); if (!entry) goto failure; - if (entry->items.size() != 2) goto failure; + if (entry->items.size() != 3) goto failure; sencode_bytes *ident = dynamic_cast (entry->items[0]), - *pubkey = dynamic_cast (entry->items[1]); + *alg = dynamic_cast (entry->items[1]), + *pubkey = dynamic_cast (entry->items[2]); - if (! (ident && pubkey) ) goto failure; + if (! (ident && alg && pubkey) ) goto failure; std::string keyid = get_keyid (pubkey->b); sencode*key; key = sencode_decode (pubkey->b); if (!key) goto failure; - pubs[keyid] = pubkey_entry (keyid, ident->b, key); + pubs[keyid] = pubkey_entry (keyid, ident->b, alg->b, key); } return true; @@ -237,9 +241,10 @@ sencode* keyring::serialize_pubkeys (const pubkey_storage&pubs) i = pubs.begin(), e = pubs.end(); i != e; ++i) { sencode_list*a = new sencode_list(); - a->items.resize (2); + a->items.resize (3); a->items[0] = new sencode_bytes (i->second.name); - a->items[1] = new sencode_bytes (i->second.key->encode() ); + a->items[1] = new sencode_bytes (i->second.alg); + a->items[2] = new sencode_bytes (i->second.key->encode() ); L->items.push_back (a); } diff --git a/src/keyring.h b/src/keyring.h index 1b56513..dc6968e 100644 --- a/src/keyring.h +++ b/src/keyring.h @@ -30,7 +30,7 @@ class keyring public: struct pubkey_entry { sencode *key; - std::string name, keyid; + std::string name, alg, keyid; pubkey_entry() { key = NULL; @@ -38,9 +38,11 @@ public: pubkey_entry (const std::string& KID, const std::string& N, + const std::string& A, sencode*K) { key = K; name = N; + alg = A; keyid = KID; } }; @@ -55,9 +57,10 @@ public: keypair_entry (const std::string&KID, const std::string& N, + const std::string& A, sencode*PubK, sencode*PrivK) - : pub (KID, N, PubK) { + : pub (KID, N, A, PubK) { privkey = PrivK; } }; @@ -105,11 +108,13 @@ public: } bool store_pubkey (const std::string&keyid, - const std::string&name, sencode*key) { + const std::string&name, + const std::string&alg, + sencode*key) { if (pairs.count (keyid) ) return false; if (pubs.count (keyid) ) return false; - pubs[keyid] = pubkey_entry (keyid, name, key); + pubs[keyid] = pubkey_entry (keyid, name, alg, key); } void remove_pubkey (const std::string&keyid) { @@ -126,11 +131,13 @@ public: bool store_keypair (const std::string&keyid, const std::string&name, + const std::string&alg, sencode*pubkey, sencode*privkey) { if (pairs.count (keyid) ) return false; if (pubs.count (keyid) ) return false; - pairs[keyid] = keypair_entry (keyid, name, pubkey, privkey); + pairs[keyid] = keypair_entry (keyid, name, alg, + pubkey, privkey); } void remove_keypair (const std::string&keyid) { diff --git a/src/message.cpp b/src/message.cpp index 29a1f7f..6740891 100644 --- a/src/message.cpp +++ b/src/message.cpp @@ -38,6 +38,8 @@ int encrypted_msg::encrypt (const bvector&msg, keyring::pubkey_entry*pk = kr.get_pubkey (key_id); if (!pk) return 2; //PK not found + if (pk->alg != alg_id) return 3; //algorithm mismatch + return alg->encrypt (msg, ciphertext, pk->key, rng); } @@ -55,6 +57,8 @@ int encrypted_msg::decrypt (bvector& msg, algorithm_suite&algs, keyring& kr) keyring::keypair_entry*k = kr.get_keypair (key_id); if (!k) return 2; + if (k->pub.alg != alg_id) return 3; + return alg->decrypt (ciphertext, msg, k->privkey); } @@ -79,6 +83,8 @@ int signed_msg::sign (const bvector&msg, keyring::keypair_entry *k = kr.get_keypair (key_id); if (!k) return 2; + if (k->pub.alg != alg_id) return 3; + bool privkey_dirty = false; int r; @@ -88,7 +94,7 @@ int signed_msg::sign (const bvector&msg, if (privkey_dirty) { //we can't output a signature without storing privkey changes! - if (!kr.save() ) return 3; + if (!kr.save() ) return 4; } return 0; @@ -108,6 +114,8 @@ int signed_msg::verify (algorithm_suite&algs, keyring&kr) keyring::pubkey_entry*pk = kr.get_pubkey (key_id); if (!pk) return 2; + if (pk->alg != alg_id) return 3; + return alg->verify (signature, message, pk->key); }