diff options
| author | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2016-02-05 23:20:10 +0000 |
|---|---|---|
| committer | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2016-02-05 23:20:10 +0000 |
| commit | c13d594abf0c2c1f75b7b55573a047b757e2c2ec (patch) | |
| tree | 786cb607a6601eda9b30812927cfac9f6be48521 /src/libcryptobox | |
| parent | c712ffe5b94f3087e53c637352584d120ebc8452 (diff) | |
| download | rspamd-c13d594abf0c2c1f75b7b55573a047b757e2c2ec.tar.gz rspamd-c13d594abf0c2c1f75b7b55573a047b757e2c2ec.zip | |
Rework HTTP encryption
Diffstat (limited to 'src/libcryptobox')
| -rw-r--r-- | src/libcryptobox/keypair.c | 110 | ||||
| -rw-r--r-- | src/libcryptobox/keypair.h | 43 |
2 files changed, 152 insertions, 1 deletions
diff --git a/src/libcryptobox/keypair.c b/src/libcryptobox/keypair.c index ae4d2b71d..61a5f687d 100644 --- a/src/libcryptobox/keypair.c +++ b/src/libcryptobox/keypair.c @@ -18,6 +18,7 @@ #include "libcryptobox/keypair.h" #include "libcryptobox/keypair_private.h" #include "libutil/str_util.h" +#include "libutil/printf.h" /** * Returns specific private key for different keypair types @@ -244,7 +245,7 @@ rspamd_keypair_new (enum rspamd_cryptobox_keypair_type type, struct rspamd_cryptobox_keypair* -rspamd_keypair_ref (struct rspamd_cryptobox_keypair *kp) +rspamd__keypair_ref (struct rspamd_cryptobox_keypair *kp) { REF_RETAIN (kp); return kp; @@ -405,3 +406,110 @@ rspamd_pubkey_get_nm (struct rspamd_cryptobox_pubkey *p) return NULL; } + +const guchar * +rspamd_pubkey_calculate_nm (struct rspamd_cryptobox_pubkey *p, + struct rspamd_cryptobox_keypair *kp) +{ + g_assert (kp->alg == p->alg); + g_assert (kp->type == p->type); + g_assert (p->type == RSPAMD_KEYPAIR_KEX); + + if (kp->alg == RSPAMD_CRYPTOBOX_MODE_25519) { + struct rspamd_cryptobox_pubkey_25519 *rk_25519 = + RSPAMD_CRYPTOBOX_PUBKEY_25519(p); + struct rspamd_cryptobox_keypair_25519 *sk_25519 = + RSPAMD_CRYPTOBOX_KEYPAIR_25519(kp); + + rspamd_cryptobox_nm (p->nm->nm, rk_25519->pk, sk_25519->sk, p->alg); + } + else { + struct rspamd_cryptobox_pubkey_nist *rk_nist = + RSPAMD_CRYPTOBOX_PUBKEY_NIST(p); + struct rspamd_cryptobox_keypair_nist *sk_nist = + RSPAMD_CRYPTOBOX_KEYPAIR_NIST(kp); + + rspamd_cryptobox_nm (p->nm->nm, rk_nist->pk, sk_nist->sk, p->alg); + } + + return p->nm->nm; +} + +const guchar * +rspamd_keypair_get_id (struct rspamd_cryptobox_keypair *kp) +{ + g_assert (kp != NULL); + + return kp->id; +} + +const guchar * +rspamd_pubkey_get_id (struct rspamd_cryptobox_pubkey *pk) +{ + g_assert (pk != NULL); + + return pk->id; +} + + +static void +rspamd_keypair_print_component (guchar *data, gsize datalen, + GString *res, guint how, const gchar *description) +{ + gint olen, b32_len; + + if (how & RSPAMD_KEYPAIR_HUMAN) { + g_string_append_printf (res, "%s: ", description); + } + + if (how & RSPAMD_KEYPAIR_BASE32) { + b32_len = (datalen * 8 / 5) + 2; + g_string_set_size (res, res->len + b32_len); + olen = rspamd_encode_base32_buf (data, datalen, res->str + res->len, + res->len + b32_len - 1); + + if (olen > 0) { + res->len += olen; + res->str[res->len] = '\0'; + } + } + else if (how & RSPAMD_KEYPAIR_HEX) { + rspamd_printf_gstring (res, "%*xs", (gint)datalen, data); + } + else { + g_string_append_len (res, data, datalen); + } + + if (how & RSPAMD_KEYPAIR_HUMAN) { + g_string_append_c (res, '\n'); + } +} + +GString * +rspamd_keypair_print (struct rspamd_cryptobox_keypair *kp, guint how) +{ + GString *res; + guint len; + gpointer p; + + g_assert (kp != NULL); + + res = g_string_sized_new (64); + + if ((how & RSPAMD_KEYPAIR_PUBKEY)) { + p = rspamd_cryptobox_keypair_pk (kp, &len); + rspamd_keypair_print_component (p, len, res, how, "Public key"); + } + if ((how & RSPAMD_KEYPAIR_PRIVKEY)) { + p = rspamd_cryptobox_keypair_sk (kp, &len); + rspamd_keypair_print_component (p, len, res, how, "Private key"); + } + if ((how & RSPAMD_KEYPAIR_ID_SHORT)) { + rspamd_keypair_print_component (kp->id, 5, res, how, "Short key ID"); + } + if ((how & RSPAMD_KEYPAIR_ID)) { + rspamd_keypair_print_component (kp->id, sizeof (kp->id), res, how, "Key ID"); + } + + return res; +} diff --git a/src/libcryptobox/keypair.h b/src/libcryptobox/keypair.h index 80d50b2f3..bd82b64ae 100644 --- a/src/libcryptobox/keypair.h +++ b/src/libcryptobox/keypair.h @@ -127,5 +127,48 @@ enum rspamd_cryptobox_mode rspamd_pubkey_alg (struct rspamd_cryptobox_pubkey *p) */ const guchar * rspamd_pubkey_get_nm (struct rspamd_cryptobox_pubkey *p); +/** + * Calculate and store nm value for the specified local key (performs ECDH) + * @param p + * @return + */ +const guchar * rspamd_pubkey_calculate_nm (struct rspamd_cryptobox_pubkey *p, + struct rspamd_cryptobox_keypair *kp); + +/** + * Get raw public key id for a specified keypair (rspamd_cryptobox_HASHBYTES) + * @param kp + * @return + */ +const guchar * rspamd_keypair_get_id (struct rspamd_cryptobox_keypair *kp); +/** + * Get raw public key id for a specified key (rspamd_cryptobox_HASHBYTES) + * @param kp + * @return + */ +const guchar * rspamd_pubkey_get_id (struct rspamd_cryptobox_pubkey *pk); + + +/** Print pubkey */ +#define RSPAMD_KEYPAIR_PUBKEY 0x1 +/** Print secret key */ +#define RSPAMD_KEYPAIR_PRIVKEY 0x2 +/** Print key id */ +#define RSPAMD_KEYPAIR_ID 0x4 +/** Print short key id */ +#define RSPAMD_KEYPAIR_ID_SHORT 0x8 +/** Encode output with base 32 */ +#define RSPAMD_KEYPAIR_BASE32 0x10 +/** Human readable output */ +#define RSPAMD_KEYPAIR_HUMAN 0x20 +#define RSPAMD_KEYPAIR_HEX 0x40 +/** + * Print keypair encoding it if needed + * @param key key to print + * @param how flags that specifies printing behaviour + * @return newly allocated string with keypair + */ +GString *rspamd_keypair_print (struct rspamd_cryptobox_keypair *kp, + guint how); #endif /* SRC_LIBCRYPTOBOX_KEYPAIR_H_ */ |