merge sync
authorKrista 'DarthMama' Bennett <krista@pep.foundation>
Tue, 07 May 2019 17:57:37 +0200
branchsync
changeset 36464c1f9f5e77b3
parent 3645 429891a9cf90
parent 3644 6fcb8a1e040a
child 3647 1295702dbeaf
merge
     1.1 --- a/asn.1/Makefile	Tue May 07 17:57:04 2019 +0200
     1.2 +++ b/asn.1/Makefile	Tue May 07 17:57:37 2019 +0200
     1.3 @@ -9,7 +9,7 @@
     1.4  .PHONY: all clean install uninstall
     1.5  
     1.6  all: Sync.c
     1.7 -	make libasn1.a
     1.8 +	$(MAKE) libasn1.a
     1.9  
    1.10  libasn1.a: $(ALL_OBJECTS)
    1.11  	$(AR) -rc $@ $(ALL_OBJECTS)
    1.12 @@ -20,6 +20,7 @@
    1.13  Sync.c: sync.asn1 keysync.asn1 pEp.asn1
    1.14  	$(ASN1C) -gen-PER -fincludes-quoted -fcompound-names -pdu=auto pEp.asn1 keysync.asn1 $<
    1.15  	rm -f converter-sample.c
    1.16 +	touch Sync.c
    1.17  
    1.18  clean:
    1.19  	rm -f *.a *.o *.c *.h *.sample sync.asn1 keysync.asn1
     2.1 --- a/src/pgp_sequoia.c	Tue May 07 17:57:04 2019 +0200
     2.2 +++ b/src/pgp_sequoia.c	Tue May 07 17:57:37 2019 +0200
     2.3 @@ -47,6 +47,15 @@
     2.4  } while(0)
     2.5  
     2.6  // Verbosely displays errors.
     2.7 +#  define DUMP_STATUS(__de_sq_status, __de_pep_status, ...) do { \
     2.8 +    TC(__VA_ARGS__);                                            \
     2.9 +    _T(": ");                                                   \
    2.10 +    if (__de_sq_status) {                                       \
    2.11 +        _T("Sequoia: %s => ", pgp_status_to_string(__de_sq_status));   \
    2.12 +    }                                                           \
    2.13 +    _T("%s\n", pEp_status_to_string(__de_pep_status));          \
    2.14 +} while(0)
    2.15 +
    2.16  #  define DUMP_ERR(__de_err, __de_status, ...) do {             \
    2.17      TC(__VA_ARGS__);                                            \
    2.18      _T(": ");                                                   \
    2.19 @@ -651,9 +660,9 @@
    2.20          ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "out of memory");
    2.21  
    2.22      pgp_status_t pgp_status;
    2.23 -    pgp_tsk_t tsk = pgp_tpk_into_tsk(tpk);
    2.24 +    pgp_tsk_t tsk = pgp_tpk_as_tsk(tpk);
    2.25      pgp_status = pgp_tsk_serialize(&err, tsk, writer);
    2.26 -    tpk = pgp_tsk_into_tpk(tsk);
    2.27 +    pgp_tsk_free(tsk);
    2.28      //pgp_writer_free(writer);
    2.29      if (pgp_status != 0)
    2.30          ERROR_OUT(err, PEP_UNKNOWN_ERROR, "Serializing TPK");
    2.31 @@ -825,10 +834,12 @@
    2.32  }
    2.33  
    2.34  static pgp_status_t
    2.35 -get_secret_keys_cb(void *cookie_opaque,
    2.36 -                   pgp_pkesk_t *pkesks, size_t pkesk_count,
    2.37 -                   pgp_skesk_t *skesks, size_t skesk_count,
    2.38 -                   pgp_secret_t *secret)
    2.39 +decrypt_cb(void *cookie_opaque,
    2.40 +           pgp_pkesk_t *pkesks, size_t pkesk_count,
    2.41 +           pgp_skesk_t *skesks, size_t skesk_count,
    2.42 +           pgp_decryptor_do_decrypt_cb_t *decrypt,
    2.43 +           void *decrypt_cookie,
    2.44 +           pgp_fingerprint_t *identity_out)
    2.45  {
    2.46      pgp_error_t err = NULL;
    2.47      struct decrypt_cookie *cookie = cookie_opaque;
    2.48 @@ -850,6 +861,7 @@
    2.49          pgp_keyid_t keyid = pgp_pkesk_recipient(pkesk); /* Reference. */
    2.50          char *keyid_str = pgp_keyid_to_hex(keyid);
    2.51          pgp_tpk_key_iter_t key_iter = NULL;
    2.52 +        pgp_session_key_t sk = NULL;
    2.53  
    2.54          T("Considering PKESK for %s", keyid_str);
    2.55  
    2.56 @@ -907,12 +919,21 @@
    2.57              goto eol;
    2.58          }
    2.59  
    2.60 +        sk = pgp_session_key_from_bytes (session_key, session_key_len);
    2.61 +        pgp_status_t status;
    2.62 +        if ((status = decrypt (decrypt_cookie, algo, sk))) {
    2.63 +            DUMP_STATUS(status, PEP_UNKNOWN_ERROR, "decrypt_cb");
    2.64 +            goto eol;
    2.65 +        }
    2.66 +
    2.67          T("Decrypted PKESK for %s", keyid_str);
    2.68  
    2.69 -        *secret = pgp_secret_cached(algo, session_key, session_key_len);
    2.70 +        *identity_out = pgp_tpk_fingerprint(tpk);
    2.71          cookie->decrypted = 1;
    2.72  
    2.73      eol:
    2.74 +        if (sk)
    2.75 +            pgp_session_key_free (sk);
    2.76          free(keyid_str);
    2.77          if (key_iter)
    2.78              pgp_tpk_key_iter_free(key_iter);
    2.79 @@ -926,6 +947,7 @@
    2.80          pgp_keyid_t keyid = pgp_pkesk_recipient(pkesk); /* Reference. */
    2.81          char *keyid_str = pgp_keyid_to_hex(keyid);
    2.82          pgp_tpk_key_iter_t key_iter = NULL;
    2.83 +        pgp_session_key_t sk = NULL;
    2.84  
    2.85          if (strcmp(keyid_str, "0000000000000000") != 0)
    2.86              goto eol2;
    2.87 @@ -971,8 +993,17 @@
    2.88                  free(fp_string);
    2.89                  pgp_fingerprint_free(fp);
    2.90  
    2.91 -                *secret = pgp_secret_cached(algo, session_key, session_key_len);
    2.92 +                pgp_session_key_t sk = pgp_session_key_from_bytes (session_key,
    2.93 +                                                                   session_key_len);
    2.94 +                pgp_status_t status;
    2.95 +                if ((status = decrypt (decrypt_cookie, algo, sk))) {
    2.96 +                    DUMP_STATUS(status, PEP_UNKNOWN_ERROR, "decrypt_cb");
    2.97 +                    goto eol2;
    2.98 +                }
    2.99 +
   2.100 +                *identity_out = pgp_tpk_fingerprint(tsk);
   2.101                  cookie->decrypted = 1;
   2.102 +
   2.103                  break;
   2.104              }
   2.105  
   2.106 @@ -980,6 +1011,8 @@
   2.107              key_iter = NULL;
   2.108          }
   2.109      eol2:
   2.110 +        if (sk)
   2.111 +            pgp_session_key_free (sk);
   2.112          free(keyid_str);
   2.113          if (key_iter)
   2.114              pgp_tpk_key_iter_free(key_iter);
   2.115 @@ -1114,8 +1147,8 @@
   2.116  
   2.117      pgp_error_t err = NULL;
   2.118      decryptor = pgp_decryptor_new(&err, reader,
   2.119 -                                  get_public_keys_cb, get_secret_keys_cb,
   2.120 -                                  check_signatures_cb, &cookie);
   2.121 +                                  get_public_keys_cb, decrypt_cb,
   2.122 +                                  check_signatures_cb, &cookie, 0);
   2.123      if (! decryptor)
   2.124          ERROR_OUT(err, PEP_DECRYPT_NO_KEY, "pgp_decryptor_new");
   2.125  
   2.126 @@ -1212,12 +1245,12 @@
   2.127          verifier = pgp_detached_verifier_new(&err, dsig_reader, reader,
   2.128                                               get_public_keys_cb,
   2.129                                               check_signatures_cb,
   2.130 -                                             &cookie);
   2.131 +                                             &cookie, 0);
   2.132      else
   2.133          verifier = pgp_verifier_new(&err, reader,
   2.134                                      get_public_keys_cb,
   2.135                                      check_signatures_cb,
   2.136 -                                    &cookie);
   2.137 +                                    &cookie, 0);
   2.138      if (! verifier)
   2.139          ERROR_OUT(err, PEP_UNKNOWN_ERROR, "Creating verifier");
   2.140      if (pgp_reader_discard(&err, verifier) < 0)
   2.141 @@ -1525,16 +1558,15 @@
   2.142      T("(%s)", userid);
   2.143  
   2.144      // Generate a key.
   2.145 -    pgp_tsk_t tsk;
   2.146 +    pgp_tpk_builder_t tpkb = pgp_tpk_builder_general_purpose
   2.147 +        (PGP_TPK_CIPHER_SUITE_RSA3K, userid);
   2.148      pgp_signature_t rev;
   2.149 -    if (pgp_tsk_new(&err, userid, &tsk, &rev) != 0)
   2.150 +    if (pgp_tpk_builder_generate(&err, tpkb, &tpk, &rev))
   2.151          ERROR_OUT(err, PEP_CANNOT_CREATE_KEY, "Generating a key pair");
   2.152  
   2.153      // XXX: We should return this.
   2.154      pgp_signature_free(rev);
   2.155  
   2.156 -    tpk = pgp_tsk_into_tpk(tsk);
   2.157 -
   2.158      // Get the fingerprint.
   2.159      pgp_fpr = pgp_tpk_fingerprint(tpk);
   2.160      fpr = pgp_fingerprint_to_hex(pgp_fpr);
   2.161 @@ -1683,10 +1715,10 @@
   2.162      }
   2.163  
   2.164      if (secret) {
   2.165 -        pgp_tsk_t tsk = pgp_tpk_into_tsk(tpk);
   2.166 +        pgp_tsk_t tsk = pgp_tpk_as_tsk(tpk);
   2.167          if (pgp_tsk_serialize(&err, tsk, armor_writer))
   2.168              ERROR_OUT(err, PEP_UNKNOWN_ERROR, "serializing TSK");
   2.169 -        tpk = pgp_tsk_into_tpk(tsk);
   2.170 +        pgp_tsk_free(tsk);
   2.171      } else {
   2.172          if (pgp_tpk_serialize(&err, tpk, armor_writer))
   2.173              ERROR_OUT(err, PEP_UNKNOWN_ERROR, "serializing TPK");
     3.1 --- a/src/status_to_string.h	Tue May 07 17:57:04 2019 +0200
     3.2 +++ b/src/status_to_string.h	Tue May 07 17:57:37 2019 +0200
     3.3 @@ -4,7 +4,7 @@
     3.4  extern "C" {
     3.5  #endif
     3.6  
     3.7 -inline const char *pEp_status_to_string(PEP_STATUS status) {
     3.8 +static inline const char *pEp_status_to_string(PEP_STATUS status) {
     3.9      switch (status) {
    3.10      case PEP_STATUS_OK: return "PEP_STATUS_OK";
    3.11