netpgp : pgp_generate_keypair no more crash, but secring content is jammed after save
authorEdouard Tisserant
Sat, 25 Apr 2015 01:15:24 +0200
changeset 225ed16ea1bece7
parent 210 f599bb1ebb90
child 226 a2079f2f7a8c
netpgp : pgp_generate_keypair no more crash, but secring content is jammed after save
src/pgp_netpgp.c
     1.1 --- a/src/pgp_netpgp.c	Mon Apr 20 23:26:20 2015 +0200
     1.2 +++ b/src/pgp_netpgp.c	Sat Apr 25 01:15:24 2015 +0200
     1.3 @@ -52,7 +52,7 @@
     1.4  
     1.5      // subset of gpg's personal-cipher-preferences
     1.6      // here only one cipher can be selected
     1.7 -    netpgp_setvar(netpgp, "cipher", "AES256");
     1.8 +    netpgp_setvar(netpgp, "cipher", "CAST5");
     1.9  
    1.10      if (!netpgp_init(netpgp)) {
    1.11          status = PEP_INIT_NETPGP_INIT_FAILED;
    1.12 @@ -98,6 +98,17 @@
    1.13      return armoured;
    1.14  }
    1.15  
    1.16 +static void id_to_fpr(const uint8_t *userid, char *fpr)
    1.17 +{
    1.18 +    int i;
    1.19 +    static const char *hexes = "0123456789abcdef";
    1.20 +    for (i = 0; i < 8 ; i++) {
    1.21 +        fpr[i * 2] = hexes[(unsigned)(userid[i] & 0xf0) >> 4];
    1.22 +        fpr[(i * 2) + 1] = hexes[userid[i] & 0xf];
    1.23 +    }
    1.24 +    fpr[8 * 2] = 0x0;
    1.25 +}
    1.26 +
    1.27  // Iterate through netpgp' reported valid signatures 
    1.28  // fill a list of valid figerprints
    1.29  // returns PEP_STATUS_OK if all sig reported valid
    1.30 @@ -141,9 +152,7 @@
    1.31          }
    1.32          k = *_keylist;
    1.33          for (n = 0; n < vresult->validc; ++n) {
    1.34 -            int i;
    1.35              char id[MAX_ID_LENGTH + 1];
    1.36 -            static const char *hexes = "0123456789abcdef";
    1.37              const uint8_t *userid = vresult->valid_sigs[n].signer_id;
    1.38  
    1.39  #ifdef PEP_NETPGP_DEBUG
    1.40 @@ -156,11 +165,7 @@
    1.41              pgp_print_keydata(netpgp->io, netpgp->pubring, key, "valid signature ", &key->key.pubkey, 0);
    1.42  #endif //PEP_NETPGP_DEBUG
    1.43  
    1.44 -            for (i = 0; i < 8 ; i++) {
    1.45 -                id[i * 2] = hexes[(unsigned)(userid[i] & 0xf0) >> 4];
    1.46 -                id[(i * 2) + 1] = hexes[userid[i] & 0xf];
    1.47 -            }
    1.48 -            id[8 * 2] = 0x0;
    1.49 +            id_to_fpr(userid, id);
    1.50  
    1.51              k = stringlist_add(k, id);
    1.52              if(!k){
    1.53 @@ -391,7 +396,6 @@
    1.54  
    1.55      PEP_STATUS result;
    1.56      const stringlist_t *_keylist;
    1.57 -    int i;
    1.58  
    1.59      assert(session);
    1.60      assert(keylist);
    1.61 @@ -509,15 +513,14 @@
    1.62      PEP_SESSION session, pEp_identity *identity
    1.63      )
    1.64  {
    1.65 -    char *parms;
    1.66 -    const char *template =
    1.67 -        "Key-Type: RSA\n"
    1.68 -        "Key-Length: 4096\n"
    1.69 -        "Name-Real: %s\n"
    1.70 -        "Name-Email: %s\n"
    1.71 -        /* "Passphrase: %s\n" */
    1.72 -        "Expire-Date: 1y\n";
    1.73 -    int result;
    1.74 +    netpgp_t *netpgp;
    1.75 +	pgp_key_t	newkey;
    1.76 +	pgp_key_t	pubkey;
    1.77 +
    1.78 +    PEP_STATUS result;
    1.79 +	char newid[1024];
    1.80 +    const char *hashalg;
    1.81 +    const char *cipher;
    1.82  
    1.83      assert(session);
    1.84      assert(identity);
    1.85 @@ -525,30 +528,60 @@
    1.86      assert(identity->fpr == NULL);
    1.87      assert(identity->username);
    1.88  
    1.89 -    parms = calloc(1, PARMS_MAX);
    1.90 -    assert(parms);
    1.91 -    if (parms == NULL)
    1.92 -        return PEP_OUT_OF_MEMORY;
    1.93 +    if(!session || !identity || 
    1.94 +       !identity->address || identity->fpr || !identity->username)
    1.95 +        return PEP_UNKNOWN_ERROR;
    1.96  
    1.97 -    result = snprintf(parms, PARMS_MAX, template, identity->username,
    1.98 -        identity->address);
    1.99 -    assert(result < PARMS_MAX);
   1.100 -    if (result >= PARMS_MAX) {
   1.101 -        free(parms);
   1.102 +    netpgp = &session->ctx;
   1.103 +
   1.104 +    if(snprintf(newid, sizeof(newid),
   1.105 +        "%s <%s>", identity->username, identity->address) >= sizeof(newid)){
   1.106          return PEP_BUFFER_TOO_SMALL;
   1.107      }
   1.108 +    
   1.109 +    hashalg = netpgp_getvar(netpgp, "hash");
   1.110 +    cipher = netpgp_getvar(netpgp, "cipher");
   1.111  
   1.112 -    /* TODO generate key */
   1.113 +    bzero(&newkey, sizeof(newkey));
   1.114 +    bzero(&pubkey, sizeof(pubkey));
   1.115  
   1.116 -    free(parms);
   1.117 +    // Generate the key
   1.118 +    if (!pgp_rsa_generate_keypair(&newkey, 4096, 65537UL, hashalg, cipher,
   1.119 +                                  (const uint8_t *) "", (const size_t) 0) ||
   1.120 +        !pgp_add_selfsigned_userid(&newkey, newid)) {
   1.121 +        return PEP_CANNOT_CREATE_KEY;
   1.122 +	}
   1.123  
   1.124 -        return PEP_UNKNOWN_ERROR;
   1.125 -        return PEP_ILLEGAL_VALUE;
   1.126 -        return PEP_CANNOT_CREATE_KEY;
   1.127 +    // TODO "Expire-Date: 1y\n";
   1.128  
   1.129 -    identity->fpr = strdup("TODO generated key fpr");
   1.130 +    // Duplicate key as public only
   1.131 +    pgp_keydata_dup(&pubkey, &newkey, 1 /* make_public */);
   1.132  
   1.133 -    return PEP_STATUS_OK;
   1.134 +    // Append generated key to netpgp's rings
   1.135 +    pgp_keyring_add(netpgp->secring, &newkey);
   1.136 +    pgp_keyring_add(netpgp->pubring, &pubkey);
   1.137 +    // FIXME doesn't check result since always true 
   1.138 +    // TODO alloc error feedback in netpgp
   1.139 +
   1.140 +    // save rings
   1.141 +    if (netpgp_save_pubring(netpgp) && 
   1.142 +        netpgp_save_secring(netpgp))
   1.143 +    {
   1.144 +        char fpr[MAX_ID_LENGTH + 1];
   1.145 +        id_to_fpr(pubkey.sigid, fpr);
   1.146 +
   1.147 +        if ((identity->fpr = strdup(fpr)) == NULL) {
   1.148 +            result = PEP_OUT_OF_MEMORY;
   1.149 +        }else{
   1.150 +            result = PEP_STATUS_OK;
   1.151 +        }
   1.152 +    }else{
   1.153 +        result = PEP_UNKNOWN_ERROR;
   1.154 +    }
   1.155 +
   1.156 +    // pgp_keydata_free(key);
   1.157 +
   1.158 +    return result;
   1.159  }
   1.160  
   1.161  PEP_STATUS pgp_delete_keypair(PEP_SESSION session, const char *fpr)