Vsevolod Stakhov
8 years ago
2 changed files with 103 additions and 0 deletions
+ 74
- 0
src/libcryptobox/keypair.c
View File
| @@ -20,6 +20,12 @@ | |||
| #include "libutil/str_util.h" | |||
| #include "libutil/printf.h" | |||
| static GQuark | |||
| rspamd_keypair_quark (void) | |||
| { | |||
| return g_quark_from_static_string ("rspamd-cryptobox-keypair"); | |||
| } | |||
| /** | |||
| * Returns specific private key for different keypair types | |||
| */ | |||
| @@ -806,3 +812,71 @@ rspamd_keypair_to_ucl (struct rspamd_cryptobox_keypair *kp, | |||
| return ucl_out; | |||
| } | |||
| gboolean | |||
| rspamd_keypair_sign (struct rspamd_cryptobox_keypair *kp, | |||
| const void *data, gsize len, guchar **sig, gsize *outlen, | |||
| GError **err) | |||
| { | |||
| gsize siglen; | |||
| guint sklen; | |||
| g_assert (kp != NULL); | |||
| g_assert (data != NULL); | |||
| g_assert (sig != NULL); | |||
| if (kp->type != RSPAMD_KEYPAIR_SIGN) { | |||
| g_set_error (err, rspamd_keypair_quark (), EINVAL, | |||
| "invalid keypair: expected signature pair"); | |||
| return FALSE; | |||
| } | |||
| siglen = rspamd_cryptobox_signature_bytes (kp->alg); | |||
| *sig = g_malloc (siglen); | |||
| rspamd_cryptobox_sign (*sig, &siglen, data, len, | |||
| rspamd_cryptobox_keypair_sk (kp, &sklen), kp->alg); | |||
| if (outlen != NULL) { | |||
| *outlen = siglen; | |||
| } | |||
| return TRUE; | |||
| } | |||
| gboolean | |||
| rspamd_keypair_verify (struct rspamd_cryptobox_pubkey *pk, | |||
| const void *data, gsize len, guchar *sig, gsize siglen, | |||
| GError **err) | |||
| { | |||
| guint pklen; | |||
| g_assert (pk != NULL); | |||
| g_assert (data != NULL); | |||
| g_assert (sig != NULL); | |||
| if (pk->type != RSPAMD_KEYPAIR_SIGN) { | |||
| g_set_error (err, rspamd_keypair_quark (), EINVAL, | |||
| "invalid keypair: expected signature pair"); | |||
| return FALSE; | |||
| } | |||
| if (siglen != rspamd_cryptobox_signature_bytes (pk->alg)) { | |||
| g_set_error (err, rspamd_keypair_quark (), E2BIG, | |||
| "invalid signature length: %d; expected %d", | |||
| (int)siglen, (int) rspamd_cryptobox_signature_bytes (pk->alg)); | |||
| return FALSE; | |||
| } | |||
| if (!rspamd_cryptobox_verify (sig, data, len, | |||
| rspamd_cryptobox_pubkey_pk (pk, &pklen), pk->alg)) { | |||
| g_set_error (err, rspamd_keypair_quark (), EPERM, | |||
| "signature verification failed"); | |||
| return FALSE; | |||
| } | |||
| return TRUE; | |||
| } | |||
+ 29
- 0
src/libcryptobox/keypair.h
View File
| @@ -233,4 +233,33 @@ struct rspamd_cryptobox_keypair * rspamd_keypair_from_ucl (const ucl_object_t *o | |||
| ucl_object_t * rspamd_keypair_to_ucl (struct rspamd_cryptobox_keypair *kp, | |||
| gboolean is_hex); | |||
| /** | |||
| * Signs memory using the specified keypair | |||
| * @param kp keypair | |||
| * @param data data to sign | |||
| * @param data to sign | |||
| * @param sig output signature (allocated by function, must be freed by a callee) | |||
| * @param outlen length of output data | |||
| * @param err filled if function returns `FALSE` | |||
| * @return TRUE if signature operation succeeded | |||
| */ | |||
| gboolean rspamd_keypair_sign (struct rspamd_cryptobox_keypair *kp, | |||
| const void *data, gsize len, guchar **sig, gsize *outlen, | |||
| GError **err); | |||
| /*** | |||
| * Verifies data using public key | |||
| * @param pk public key | |||
| * @param data data to sign | |||
| * @param len data to sign | |||
| * @param sig signature to verify | |||
| * @param siglen length of signature | |||
| * @param err filled if function returns `FALSE` | |||
| * @return TRUE if signature is valid | |||
| */ | |||
| gboolean rspamd_keypair_verify (struct rspamd_cryptobox_pubkey *pk, | |||
| const void *data, gsize len, guchar *sig, gsize siglen, | |||
| GError **err); | |||
| #endif /* SRC_LIBCRYPTOBOX_KEYPAIR_H_ */ | |||
Loading…