keyring: keys also contain algorithm identifier
This commit is contained in:
parent
b3a5fee318
commit
04b4b1670f
|
|
@ -134,14 +134,15 @@ bool keyring::parse_keypairs (sencode*keypairs, keypair_storage&pairs)
|
|||
|
||||
sencode_list*entry = dynamic_cast<sencode_list*> (*i);
|
||||
if (!entry) goto failure;
|
||||
if (entry->items.size() != 3) goto failure;
|
||||
if (entry->items.size() != 4) goto failure;
|
||||
|
||||
sencode_bytes
|
||||
*ident = dynamic_cast<sencode_bytes*> (entry->items[0]),
|
||||
*privkey = dynamic_cast<sencode_bytes*> (entry->items[1]),
|
||||
*pubkey = dynamic_cast<sencode_bytes*> (entry->items[2]);
|
||||
*alg = dynamic_cast<sencode_bytes*> (entry->items[1]),
|
||||
*privkey = dynamic_cast<sencode_bytes*> (entry->items[2]),
|
||||
*pubkey = dynamic_cast<sencode_bytes*> (entry->items[3]);
|
||||
|
||||
if (! (ident && privkey && pubkey) ) goto failure;
|
||||
if (! (ident && alg && privkey && pubkey) ) goto failure;
|
||||
|
||||
std::string keyid = get_keyid (pubkey->b);
|
||||
sencode *priv, *pub;
|
||||
|
|
@ -155,7 +156,8 @@ bool keyring::parse_keypairs (sencode*keypairs, keypair_storage&pairs)
|
|||
goto failure;
|
||||
}
|
||||
|
||||
pairs[keyid] = keypair_entry (keyid, ident->b, pub, priv);
|
||||
pairs[keyid] = keypair_entry (keyid, ident->b, alg->b,
|
||||
pub, priv);
|
||||
}
|
||||
|
||||
return true;
|
||||
|
|
@ -173,10 +175,11 @@ sencode* keyring::serialize_keypairs (const keypair_storage&pairs)
|
|||
i = pairs.begin(), e = pairs.end();
|
||||
i != e; ++i) {
|
||||
sencode_list*a = new sencode_list;
|
||||
a->items.resize (3);
|
||||
a->items.resize (4);
|
||||
a->items[0] = new sencode_bytes (i->second.pub.name);
|
||||
a->items[1] = new sencode_bytes (i->second.privkey->encode() );
|
||||
a->items[2] = new sencode_bytes (i->second.pub.key->encode() );
|
||||
a->items[1] = new sencode_bytes (i->second.pub.alg);
|
||||
a->items[2] = new sencode_bytes (i->second.privkey->encode() );
|
||||
a->items[3] = new sencode_bytes (i->second.pub.key->encode() );
|
||||
L->items.push_back (a);
|
||||
}
|
||||
|
||||
|
|
@ -205,20 +208,21 @@ bool keyring::parse_pubkeys (sencode* pubkeys, pubkey_storage&pubs)
|
|||
sencode_list*entry = dynamic_cast<sencode_list*> (*i);
|
||||
if (!entry) goto failure;
|
||||
|
||||
if (entry->items.size() != 2) goto failure;
|
||||
if (entry->items.size() != 3) goto failure;
|
||||
|
||||
sencode_bytes
|
||||
*ident = dynamic_cast<sencode_bytes*> (entry->items[0]),
|
||||
*pubkey = dynamic_cast<sencode_bytes*> (entry->items[1]);
|
||||
*alg = dynamic_cast<sencode_bytes*> (entry->items[1]),
|
||||
*pubkey = dynamic_cast<sencode_bytes*> (entry->items[2]);
|
||||
|
||||
if (! (ident && pubkey) ) goto failure;
|
||||
if (! (ident && alg && pubkey) ) goto failure;
|
||||
|
||||
std::string keyid = get_keyid (pubkey->b);
|
||||
sencode*key;
|
||||
key = sencode_decode (pubkey->b);
|
||||
if (!key) goto failure;
|
||||
|
||||
pubs[keyid] = pubkey_entry (keyid, ident->b, key);
|
||||
pubs[keyid] = pubkey_entry (keyid, ident->b, alg->b, key);
|
||||
}
|
||||
|
||||
return true;
|
||||
|
|
@ -237,9 +241,10 @@ sencode* keyring::serialize_pubkeys (const pubkey_storage&pubs)
|
|||
i = pubs.begin(), e = pubs.end();
|
||||
i != e; ++i) {
|
||||
sencode_list*a = new sencode_list();
|
||||
a->items.resize (2);
|
||||
a->items.resize (3);
|
||||
a->items[0] = new sencode_bytes (i->second.name);
|
||||
a->items[1] = new sencode_bytes (i->second.key->encode() );
|
||||
a->items[1] = new sencode_bytes (i->second.alg);
|
||||
a->items[2] = new sencode_bytes (i->second.key->encode() );
|
||||
L->items.push_back (a);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ class keyring
|
|||
public:
|
||||
struct pubkey_entry {
|
||||
sencode *key;
|
||||
std::string name, keyid;
|
||||
std::string name, alg, keyid;
|
||||
|
||||
pubkey_entry() {
|
||||
key = NULL;
|
||||
|
|
@ -38,9 +38,11 @@ public:
|
|||
|
||||
pubkey_entry (const std::string& KID,
|
||||
const std::string& N,
|
||||
const std::string& A,
|
||||
sencode*K) {
|
||||
key = K;
|
||||
name = N;
|
||||
alg = A;
|
||||
keyid = KID;
|
||||
}
|
||||
};
|
||||
|
|
@ -55,9 +57,10 @@ public:
|
|||
|
||||
keypair_entry (const std::string&KID,
|
||||
const std::string& N,
|
||||
const std::string& A,
|
||||
sencode*PubK,
|
||||
sencode*PrivK)
|
||||
: pub (KID, N, PubK) {
|
||||
: pub (KID, N, A, PubK) {
|
||||
privkey = PrivK;
|
||||
}
|
||||
};
|
||||
|
|
@ -105,11 +108,13 @@ public:
|
|||
}
|
||||
|
||||
bool store_pubkey (const std::string&keyid,
|
||||
const std::string&name, sencode*key) {
|
||||
const std::string&name,
|
||||
const std::string&alg,
|
||||
sencode*key) {
|
||||
|
||||
if (pairs.count (keyid) ) return false;
|
||||
if (pubs.count (keyid) ) return false;
|
||||
pubs[keyid] = pubkey_entry (keyid, name, key);
|
||||
pubs[keyid] = pubkey_entry (keyid, name, alg, key);
|
||||
}
|
||||
|
||||
void remove_pubkey (const std::string&keyid) {
|
||||
|
|
@ -126,11 +131,13 @@ public:
|
|||
|
||||
bool store_keypair (const std::string&keyid,
|
||||
const std::string&name,
|
||||
const std::string&alg,
|
||||
sencode*pubkey, sencode*privkey) {
|
||||
|
||||
if (pairs.count (keyid) ) return false;
|
||||
if (pubs.count (keyid) ) return false;
|
||||
pairs[keyid] = keypair_entry (keyid, name, pubkey, privkey);
|
||||
pairs[keyid] = keypair_entry (keyid, name, alg,
|
||||
pubkey, privkey);
|
||||
}
|
||||
|
||||
void remove_keypair (const std::string&keyid) {
|
||||
|
|
|
|||
|
|
@ -38,6 +38,8 @@ int encrypted_msg::encrypt (const bvector&msg,
|
|||
keyring::pubkey_entry*pk = kr.get_pubkey (key_id);
|
||||
if (!pk) return 2; //PK not found
|
||||
|
||||
if (pk->alg != alg_id) return 3; //algorithm mismatch
|
||||
|
||||
return alg->encrypt (msg, ciphertext, pk->key, rng);
|
||||
}
|
||||
|
||||
|
|
@ -55,6 +57,8 @@ int encrypted_msg::decrypt (bvector& msg, algorithm_suite&algs, keyring& kr)
|
|||
keyring::keypair_entry*k = kr.get_keypair (key_id);
|
||||
if (!k) return 2;
|
||||
|
||||
if (k->pub.alg != alg_id) return 3;
|
||||
|
||||
return alg->decrypt (ciphertext, msg, k->privkey);
|
||||
}
|
||||
|
||||
|
|
@ -79,6 +83,8 @@ int signed_msg::sign (const bvector&msg,
|
|||
keyring::keypair_entry *k = kr.get_keypair (key_id);
|
||||
if (!k) return 2;
|
||||
|
||||
if (k->pub.alg != alg_id) return 3;
|
||||
|
||||
bool privkey_dirty = false;
|
||||
int r;
|
||||
|
||||
|
|
@ -88,7 +94,7 @@ int signed_msg::sign (const bvector&msg,
|
|||
|
||||
if (privkey_dirty) {
|
||||
//we can't output a signature without storing privkey changes!
|
||||
if (!kr.save() ) return 3;
|
||||
if (!kr.save() ) return 4;
|
||||
}
|
||||
|
||||
return 0;
|
||||
|
|
@ -108,6 +114,8 @@ int signed_msg::verify (algorithm_suite&algs, keyring&kr)
|
|||
keyring::pubkey_entry*pk = kr.get_pubkey (key_id);
|
||||
if (!pk) return 2;
|
||||
|
||||
if (pk->alg != alg_id) return 3;
|
||||
|
||||
return alg->verify (signature, message, pk->key);
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue