diff options
Diffstat (limited to 'src/libcryptobox/keypair.c')
-rw-r--r-- | src/libcryptobox/keypair.c | 691 |
1 files changed, 340 insertions, 351 deletions
diff --git a/src/libcryptobox/keypair.c b/src/libcryptobox/keypair.c index 2ef996527..ec7490a56 100644 --- a/src/libcryptobox/keypair.c +++ b/src/libcryptobox/keypair.c @@ -24,19 +24,19 @@ const guchar encrypted_magic[7] = {'r', 'u', 'c', 'l', 'e', 'v', '1'}; static GQuark -rspamd_keypair_quark (void) +rspamd_keypair_quark(void) { - return g_quark_from_static_string ("rspamd-cryptobox-keypair"); + return g_quark_from_static_string("rspamd-cryptobox-keypair"); } /** * Returns specific private key for different keypair types */ static void * -rspamd_cryptobox_keypair_sk (struct rspamd_cryptobox_keypair *kp, - guint *len) +rspamd_cryptobox_keypair_sk(struct rspamd_cryptobox_keypair *kp, + guint *len) { - g_assert (kp != NULL); + g_assert(kp != NULL); if (kp->alg == RSPAMD_CRYPTOBOX_MODE_25519) { if (kp->type == RSPAMD_KEYPAIR_KEX) { @@ -64,10 +64,10 @@ rspamd_cryptobox_keypair_sk (struct rspamd_cryptobox_keypair *kp, } static void * -rspamd_cryptobox_keypair_pk (struct rspamd_cryptobox_keypair *kp, - guint *len) +rspamd_cryptobox_keypair_pk(struct rspamd_cryptobox_keypair *kp, + guint *len) { - g_assert (kp != NULL); + g_assert(kp != NULL); if (kp->alg == RSPAMD_CRYPTOBOX_MODE_25519) { if (kp->type == RSPAMD_KEYPAIR_KEX) { @@ -95,10 +95,10 @@ rspamd_cryptobox_keypair_pk (struct rspamd_cryptobox_keypair *kp, } static void * -rspamd_cryptobox_pubkey_pk (const struct rspamd_cryptobox_pubkey *kp, - guint *len) +rspamd_cryptobox_pubkey_pk(const struct rspamd_cryptobox_pubkey *kp, + guint *len) { - g_assert (kp != NULL); + g_assert(kp != NULL); if (kp->alg == RSPAMD_CRYPTOBOX_MODE_25519) { if (kp->type == RSPAMD_KEYPAIR_KEX) { @@ -126,208 +126,203 @@ rspamd_cryptobox_pubkey_pk (const struct rspamd_cryptobox_pubkey *kp, } static struct rspamd_cryptobox_keypair * -rspamd_cryptobox_keypair_alloc (enum rspamd_cryptobox_keypair_type type, - enum rspamd_cryptobox_mode alg) +rspamd_cryptobox_keypair_alloc(enum rspamd_cryptobox_keypair_type type, + enum rspamd_cryptobox_mode alg) { struct rspamd_cryptobox_keypair *kp; guint size = 0; if (alg == RSPAMD_CRYPTOBOX_MODE_25519) { if (type == RSPAMD_KEYPAIR_KEX) { - size = sizeof (struct rspamd_cryptobox_keypair_25519); + size = sizeof(struct rspamd_cryptobox_keypair_25519); } else { - size = sizeof (struct rspamd_cryptobox_keypair_sig_25519); + size = sizeof(struct rspamd_cryptobox_keypair_sig_25519); } } else { if (type == RSPAMD_KEYPAIR_KEX) { - size = sizeof (struct rspamd_cryptobox_keypair_nist); + size = sizeof(struct rspamd_cryptobox_keypair_nist); } else { - size = sizeof (struct rspamd_cryptobox_keypair_sig_nist); + size = sizeof(struct rspamd_cryptobox_keypair_sig_nist); } } - g_assert (size >= sizeof (*kp)); + g_assert(size >= sizeof(*kp)); - if (posix_memalign ((void **)&kp, 32, size) != 0) { - abort (); + if (posix_memalign((void **) &kp, 32, size) != 0) { + abort(); } - memset (kp, 0, size); + memset(kp, 0, size); return kp; } static struct rspamd_cryptobox_pubkey * -rspamd_cryptobox_pubkey_alloc (enum rspamd_cryptobox_keypair_type type, - enum rspamd_cryptobox_mode alg) +rspamd_cryptobox_pubkey_alloc(enum rspamd_cryptobox_keypair_type type, + enum rspamd_cryptobox_mode alg) { struct rspamd_cryptobox_pubkey *pk; guint size = 0; if (alg == RSPAMD_CRYPTOBOX_MODE_25519) { if (type == RSPAMD_KEYPAIR_KEX) { - size = sizeof (struct rspamd_cryptobox_pubkey_25519); + size = sizeof(struct rspamd_cryptobox_pubkey_25519); } else { - size = sizeof (struct rspamd_cryptobox_pubkey_sig_25519); + size = sizeof(struct rspamd_cryptobox_pubkey_sig_25519); } } else { if (type == RSPAMD_KEYPAIR_KEX) { - size = sizeof (struct rspamd_cryptobox_pubkey_nist); + size = sizeof(struct rspamd_cryptobox_pubkey_nist); } else { - size = sizeof (struct rspamd_cryptobox_pubkey_sig_nist); + size = sizeof(struct rspamd_cryptobox_pubkey_sig_nist); } } - g_assert (size >= sizeof (*pk)); + g_assert(size >= sizeof(*pk)); - if (posix_memalign ((void **)&pk, 32, size) != 0) { - abort (); + if (posix_memalign((void **) &pk, 32, size) != 0) { + abort(); } - memset (pk, 0, size); + memset(pk, 0, size); return pk; } -void -rspamd_cryptobox_nm_dtor (struct rspamd_cryptobox_nm *nm) +void rspamd_cryptobox_nm_dtor(struct rspamd_cryptobox_nm *nm) { - rspamd_explicit_memzero (nm->nm, sizeof (nm->nm)); - free (nm); + rspamd_explicit_memzero(nm->nm, sizeof(nm->nm)); + free(nm); } -void -rspamd_cryptobox_keypair_dtor (struct rspamd_cryptobox_keypair *kp) +void rspamd_cryptobox_keypair_dtor(struct rspamd_cryptobox_keypair *kp) { void *sk; guint len = 0; - sk = rspamd_cryptobox_keypair_sk (kp, &len); - g_assert (sk != NULL && len > 0); - rspamd_explicit_memzero (sk, len); + sk = rspamd_cryptobox_keypair_sk(kp, &len); + g_assert(sk != NULL && len > 0); + rspamd_explicit_memzero(sk, len); if (kp->extensions) { - ucl_object_unref (kp->extensions); + ucl_object_unref(kp->extensions); } /* Not g_free as kp is aligned using posix_memalign */ - free (kp); + free(kp); } -void -rspamd_cryptobox_pubkey_dtor (struct rspamd_cryptobox_pubkey *p) +void rspamd_cryptobox_pubkey_dtor(struct rspamd_cryptobox_pubkey *p) { if (p->nm) { - REF_RELEASE (p->nm); + REF_RELEASE(p->nm); } /* Not g_free as p is aligned using posix_memalign */ - free (p); + free(p); } -struct rspamd_cryptobox_keypair* -rspamd_keypair_new (enum rspamd_cryptobox_keypair_type type, - enum rspamd_cryptobox_mode alg) +struct rspamd_cryptobox_keypair * +rspamd_keypair_new(enum rspamd_cryptobox_keypair_type type, + enum rspamd_cryptobox_mode alg) { struct rspamd_cryptobox_keypair *kp; void *pk, *sk; guint size; - kp = rspamd_cryptobox_keypair_alloc (type, alg); + kp = rspamd_cryptobox_keypair_alloc(type, alg); kp->alg = alg; kp->type = type; - sk = rspamd_cryptobox_keypair_sk (kp, &size); - pk = rspamd_cryptobox_keypair_pk (kp, &size); + sk = rspamd_cryptobox_keypair_sk(kp, &size); + pk = rspamd_cryptobox_keypair_pk(kp, &size); if (type == RSPAMD_KEYPAIR_KEX) { - rspamd_cryptobox_keypair (pk, sk, alg); + rspamd_cryptobox_keypair(pk, sk, alg); } else { - rspamd_cryptobox_keypair_sig (pk, sk, alg); + rspamd_cryptobox_keypair_sig(pk, sk, alg); } - rspamd_cryptobox_hash (kp->id, pk, size, NULL, 0); + rspamd_cryptobox_hash(kp->id, pk, size, NULL, 0); - REF_INIT_RETAIN (kp, rspamd_cryptobox_keypair_dtor); + REF_INIT_RETAIN(kp, rspamd_cryptobox_keypair_dtor); return kp; } -struct rspamd_cryptobox_keypair* -rspamd_keypair_ref (struct rspamd_cryptobox_keypair *kp) +struct rspamd_cryptobox_keypair * +rspamd_keypair_ref(struct rspamd_cryptobox_keypair *kp) { - REF_RETAIN (kp); + REF_RETAIN(kp); return kp; } -void -rspamd_keypair_unref (struct rspamd_cryptobox_keypair *kp) +void rspamd_keypair_unref(struct rspamd_cryptobox_keypair *kp) { - REF_RELEASE (kp); + REF_RELEASE(kp); } -struct rspamd_cryptobox_pubkey* -rspamd_pubkey_ref (struct rspamd_cryptobox_pubkey *kp) +struct rspamd_cryptobox_pubkey * +rspamd_pubkey_ref(struct rspamd_cryptobox_pubkey *kp) { - REF_RETAIN (kp); + REF_RETAIN(kp); return kp; } -void -rspamd_pubkey_unref (struct rspamd_cryptobox_pubkey *kp) +void rspamd_pubkey_unref(struct rspamd_cryptobox_pubkey *kp) { - REF_RELEASE (kp); + REF_RELEASE(kp); } enum rspamd_cryptobox_keypair_type -rspamd_keypair_type (struct rspamd_cryptobox_keypair *kp) +rspamd_keypair_type(struct rspamd_cryptobox_keypair *kp) { - g_assert (kp != NULL); + g_assert(kp != NULL); return kp->type; } enum rspamd_cryptobox_keypair_type -rspamd_pubkey_type (struct rspamd_cryptobox_pubkey *p) +rspamd_pubkey_type(struct rspamd_cryptobox_pubkey *p) { - g_assert (p != NULL); + g_assert(p != NULL); return p->type; } enum rspamd_cryptobox_mode -rspamd_keypair_alg (struct rspamd_cryptobox_keypair *kp) +rspamd_keypair_alg(struct rspamd_cryptobox_keypair *kp) { - g_assert (kp != NULL); + g_assert(kp != NULL); return kp->alg; } enum rspamd_cryptobox_mode -rspamd_pubkey_alg (struct rspamd_cryptobox_pubkey *p) +rspamd_pubkey_alg(struct rspamd_cryptobox_pubkey *p) { - g_assert (p != NULL); + g_assert(p != NULL); return p->alg; } -struct rspamd_cryptobox_pubkey* -rspamd_pubkey_from_base32 (const gchar *b32, - gsize len, - enum rspamd_cryptobox_keypair_type type, - enum rspamd_cryptobox_mode alg) +struct rspamd_cryptobox_pubkey * +rspamd_pubkey_from_base32(const gchar *b32, + gsize len, + enum rspamd_cryptobox_keypair_type type, + enum rspamd_cryptobox_mode alg) { guchar *decoded; gsize dlen, expected_len; @@ -335,44 +330,43 @@ rspamd_pubkey_from_base32 (const gchar *b32, struct rspamd_cryptobox_pubkey *pk; guchar *pk_data; - g_assert (b32 != NULL); + g_assert(b32 != NULL); if (len == 0) { - len = strlen (b32); + len = strlen(b32); } - decoded = rspamd_decode_base32 (b32, len, &dlen, RSPAMD_BASE32_DEFAULT); + decoded = rspamd_decode_base32(b32, len, &dlen, RSPAMD_BASE32_DEFAULT); if (decoded == NULL) { return NULL; } - expected_len = (type == RSPAMD_KEYPAIR_KEX) ? - rspamd_cryptobox_pk_bytes (alg) : rspamd_cryptobox_pk_sig_bytes (alg); + expected_len = (type == RSPAMD_KEYPAIR_KEX) ? rspamd_cryptobox_pk_bytes(alg) : rspamd_cryptobox_pk_sig_bytes(alg); if (dlen != expected_len) { - g_free (decoded); + g_free(decoded); return NULL; } - pk = rspamd_cryptobox_pubkey_alloc (type, alg); - REF_INIT_RETAIN (pk, rspamd_cryptobox_pubkey_dtor); + pk = rspamd_cryptobox_pubkey_alloc(type, alg); + REF_INIT_RETAIN(pk, rspamd_cryptobox_pubkey_dtor); pk->alg = alg; pk->type = type; - pk_data = rspamd_cryptobox_pubkey_pk (pk, &pklen); + pk_data = rspamd_cryptobox_pubkey_pk(pk, &pklen); - memcpy (pk_data, decoded, pklen); - g_free (decoded); - rspamd_cryptobox_hash (pk->id, pk_data, pklen, NULL, 0); + memcpy(pk_data, decoded, pklen); + g_free(decoded); + rspamd_cryptobox_hash(pk->id, pk_data, pklen, NULL, 0); return pk; } -struct rspamd_cryptobox_pubkey* -rspamd_pubkey_from_hex (const gchar *hex, - gsize len, - enum rspamd_cryptobox_keypair_type type, - enum rspamd_cryptobox_mode alg) +struct rspamd_cryptobox_pubkey * +rspamd_pubkey_from_hex(const gchar *hex, + gsize len, + enum rspamd_cryptobox_keypair_type type, + enum rspamd_cryptobox_mode alg) { guchar *decoded; gsize dlen, expected_len; @@ -380,87 +374,85 @@ rspamd_pubkey_from_hex (const gchar *hex, struct rspamd_cryptobox_pubkey *pk; guchar *pk_data; - g_assert (hex != NULL); + g_assert(hex != NULL); if (len == 0) { - len = strlen (hex); + len = strlen(hex); } dlen = len / 2; - decoded = rspamd_decode_hex (hex, len); + decoded = rspamd_decode_hex(hex, len); if (decoded == NULL) { return NULL; } - expected_len = (type == RSPAMD_KEYPAIR_KEX) ? - rspamd_cryptobox_pk_bytes (alg) : rspamd_cryptobox_pk_sig_bytes (alg); + expected_len = (type == RSPAMD_KEYPAIR_KEX) ? rspamd_cryptobox_pk_bytes(alg) : rspamd_cryptobox_pk_sig_bytes(alg); if (dlen != expected_len) { - g_free (decoded); + g_free(decoded); return NULL; } - pk = rspamd_cryptobox_pubkey_alloc (type, alg); - REF_INIT_RETAIN (pk, rspamd_cryptobox_pubkey_dtor); + pk = rspamd_cryptobox_pubkey_alloc(type, alg); + REF_INIT_RETAIN(pk, rspamd_cryptobox_pubkey_dtor); pk->alg = alg; pk->type = type; - pk_data = rspamd_cryptobox_pubkey_pk (pk, &pklen); + pk_data = rspamd_cryptobox_pubkey_pk(pk, &pklen); - memcpy (pk_data, decoded, pklen); - g_free (decoded); - rspamd_cryptobox_hash (pk->id, pk_data, pklen, NULL, 0); + memcpy(pk_data, decoded, pklen); + g_free(decoded); + rspamd_cryptobox_hash(pk->id, pk_data, pklen, NULL, 0); return pk; } -struct rspamd_cryptobox_pubkey* -rspamd_pubkey_from_bin (const guchar *raw, - gsize len, - enum rspamd_cryptobox_keypair_type type, - enum rspamd_cryptobox_mode alg) +struct rspamd_cryptobox_pubkey * +rspamd_pubkey_from_bin(const guchar *raw, + gsize len, + enum rspamd_cryptobox_keypair_type type, + enum rspamd_cryptobox_mode alg) { gsize expected_len; guint pklen; struct rspamd_cryptobox_pubkey *pk; guchar *pk_data; - g_assert (raw != NULL && len > 0); + g_assert(raw != NULL && len > 0); - expected_len = (type == RSPAMD_KEYPAIR_KEX) ? - rspamd_cryptobox_pk_bytes (alg) : rspamd_cryptobox_pk_sig_bytes (alg); + expected_len = (type == RSPAMD_KEYPAIR_KEX) ? rspamd_cryptobox_pk_bytes(alg) : rspamd_cryptobox_pk_sig_bytes(alg); if (len != expected_len) { return NULL; } - pk = rspamd_cryptobox_pubkey_alloc (type, alg); - REF_INIT_RETAIN (pk, rspamd_cryptobox_pubkey_dtor); + pk = rspamd_cryptobox_pubkey_alloc(type, alg); + REF_INIT_RETAIN(pk, rspamd_cryptobox_pubkey_dtor); pk->alg = alg; pk->type = type; - pk_data = rspamd_cryptobox_pubkey_pk (pk, &pklen); + pk_data = rspamd_cryptobox_pubkey_pk(pk, &pklen); - memcpy (pk_data, raw, pklen); - rspamd_cryptobox_hash (pk->id, pk_data, pklen, NULL, 0); + memcpy(pk_data, raw, pklen); + rspamd_cryptobox_hash(pk->id, pk_data, pklen, NULL, 0); return pk; } const guchar * -rspamd_pubkey_get_nm (struct rspamd_cryptobox_pubkey *p, - struct rspamd_cryptobox_keypair *kp) +rspamd_pubkey_get_nm(struct rspamd_cryptobox_pubkey *p, + struct rspamd_cryptobox_keypair *kp) { - g_assert (p != NULL); + g_assert(p != NULL); if (p->nm) { - if (memcmp (kp->id, (const guchar *)&p->nm->sk_id, sizeof (guint64)) == 0) { + if (memcmp(kp->id, (const guchar *) &p->nm->sk_id, sizeof(guint64)) == 0) { return p->nm->nm; } /* Wrong ID, need to recalculate */ - REF_RELEASE (p->nm); + REF_RELEASE(p->nm); p->nm = NULL; } @@ -468,74 +460,74 @@ rspamd_pubkey_get_nm (struct rspamd_cryptobox_pubkey *p, } const guchar * -rspamd_pubkey_calculate_nm (struct rspamd_cryptobox_pubkey *p, - struct rspamd_cryptobox_keypair *kp) +rspamd_pubkey_calculate_nm(struct rspamd_cryptobox_pubkey *p, + struct rspamd_cryptobox_keypair *kp) { - g_assert (kp->alg == p->alg); - g_assert (kp->type == p->type); - g_assert (p->type == RSPAMD_KEYPAIR_KEX); + g_assert(kp->alg == p->alg); + g_assert(kp->type == p->type); + g_assert(p->type == RSPAMD_KEYPAIR_KEX); if (p->nm == NULL) { - if (posix_memalign ((void **)&p->nm, 32, sizeof (*p->nm)) != 0) { - abort (); + if (posix_memalign((void **) &p->nm, 32, sizeof(*p->nm)) != 0) { + abort(); } - memcpy (&p->nm->sk_id, kp->id, sizeof (guint64)); - REF_INIT_RETAIN (p->nm, rspamd_cryptobox_nm_dtor); + memcpy(&p->nm->sk_id, kp->id, sizeof(guint64)); + REF_INIT_RETAIN(p->nm, rspamd_cryptobox_nm_dtor); } if (kp->alg == RSPAMD_CRYPTOBOX_MODE_25519) { struct rspamd_cryptobox_pubkey_25519 *rk_25519 = - RSPAMD_CRYPTOBOX_PUBKEY_25519(p); + RSPAMD_CRYPTOBOX_PUBKEY_25519(p); struct rspamd_cryptobox_keypair_25519 *sk_25519 = - RSPAMD_CRYPTOBOX_KEYPAIR_25519(kp); + RSPAMD_CRYPTOBOX_KEYPAIR_25519(kp); - rspamd_cryptobox_nm (p->nm->nm, rk_25519->pk, sk_25519->sk, p->alg); + rspamd_cryptobox_nm(p->nm->nm, rk_25519->pk, sk_25519->sk, p->alg); } else { struct rspamd_cryptobox_pubkey_nist *rk_nist = - RSPAMD_CRYPTOBOX_PUBKEY_NIST(p); + RSPAMD_CRYPTOBOX_PUBKEY_NIST(p); struct rspamd_cryptobox_keypair_nist *sk_nist = - RSPAMD_CRYPTOBOX_KEYPAIR_NIST(kp); + RSPAMD_CRYPTOBOX_KEYPAIR_NIST(kp); - rspamd_cryptobox_nm (p->nm->nm, rk_nist->pk, sk_nist->sk, p->alg); + rspamd_cryptobox_nm(p->nm->nm, rk_nist->pk, sk_nist->sk, p->alg); } return p->nm->nm; } const guchar * -rspamd_keypair_get_id (struct rspamd_cryptobox_keypair *kp) +rspamd_keypair_get_id(struct rspamd_cryptobox_keypair *kp) { - g_assert (kp != NULL); + g_assert(kp != NULL); return kp->id; } const ucl_object_t * -rspamd_keypair_get_extensions (struct rspamd_cryptobox_keypair *kp) +rspamd_keypair_get_extensions(struct rspamd_cryptobox_keypair *kp) { - g_assert (kp != NULL); + g_assert(kp != NULL); return kp->extensions; } const guchar * -rspamd_pubkey_get_id (struct rspamd_cryptobox_pubkey *pk) +rspamd_pubkey_get_id(struct rspamd_cryptobox_pubkey *pk) { - g_assert (pk != NULL); + g_assert(pk != NULL); return pk->id; } const guchar * -rspamd_pubkey_get_pk (struct rspamd_cryptobox_pubkey *pk, - guint *len) +rspamd_pubkey_get_pk(struct rspamd_cryptobox_pubkey *pk, + guint *len) { guchar *ret = NULL; guint rlen; - ret = rspamd_cryptobox_pubkey_pk (pk, &rlen); + ret = rspamd_cryptobox_pubkey_pk(pk, &rlen); if (len) { *len = rlen; @@ -545,21 +537,21 @@ rspamd_pubkey_get_pk (struct rspamd_cryptobox_pubkey *pk, } static void -rspamd_keypair_print_component (guchar *data, gsize datalen, - GString *res, guint how, const gchar *description) +rspamd_keypair_print_component(guchar *data, gsize datalen, + GString *res, guint how, const gchar *description) { gint olen, b32_len; if (how & RSPAMD_KEYPAIR_HUMAN) { - rspamd_printf_gstring (res, "%s: ", description); + rspamd_printf_gstring(res, "%s: ", description); } if (how & RSPAMD_KEYPAIR_BASE32) { b32_len = (datalen * 8 / 5) + 2; - g_string_set_size (res, res->len + b32_len); + g_string_set_size(res, res->len + b32_len); res->len -= b32_len; - olen = rspamd_encode_base32_buf (data, datalen, res->str + res->len, - res->len + b32_len - 1, RSPAMD_BASE32_DEFAULT); + olen = rspamd_encode_base32_buf(data, datalen, res->str + res->len, + res->len + b32_len - 1, RSPAMD_BASE32_DEFAULT); if (olen > 0) { res->len += olen; @@ -567,93 +559,93 @@ rspamd_keypair_print_component (guchar *data, gsize datalen, } } else if (how & RSPAMD_KEYPAIR_HEX) { - rspamd_printf_gstring (res, "%*xs", (gint)datalen, data); + rspamd_printf_gstring(res, "%*xs", (gint) datalen, data); } else { - g_string_append_len (res, data, datalen); + g_string_append_len(res, data, datalen); } if (how & RSPAMD_KEYPAIR_HUMAN) { - g_string_append_c (res, '\n'); + g_string_append_c(res, '\n'); } } GString * -rspamd_keypair_print (struct rspamd_cryptobox_keypair *kp, guint how) +rspamd_keypair_print(struct rspamd_cryptobox_keypair *kp, guint how) { GString *res; guint len; gpointer p; - g_assert (kp != NULL); + g_assert(kp != NULL); - res = g_string_sized_new (63); + res = g_string_sized_new(63); if ((how & RSPAMD_KEYPAIR_PUBKEY)) { - p = rspamd_cryptobox_keypair_pk (kp, &len); - rspamd_keypair_print_component (p, len, res, how, "Public key"); + p = rspamd_cryptobox_keypair_pk(kp, &len); + rspamd_keypair_print_component(p, len, res, how, "Public key"); } if ((how & RSPAMD_KEYPAIR_PRIVKEY)) { - p = rspamd_cryptobox_keypair_sk (kp, &len); - rspamd_keypair_print_component (p, len, res, how, "Private key"); + p = rspamd_cryptobox_keypair_sk(kp, &len); + rspamd_keypair_print_component(p, len, res, how, "Private key"); } if ((how & RSPAMD_KEYPAIR_ID_SHORT)) { - rspamd_keypair_print_component (kp->id, RSPAMD_KEYPAIR_SHORT_ID_LEN, - res, how, "Short key ID"); + rspamd_keypair_print_component(kp->id, RSPAMD_KEYPAIR_SHORT_ID_LEN, + res, how, "Short key ID"); } if ((how & RSPAMD_KEYPAIR_ID)) { - rspamd_keypair_print_component (kp->id, sizeof (kp->id), res, how, "Key ID"); + rspamd_keypair_print_component(kp->id, sizeof(kp->id), res, how, "Key ID"); } return res; } GString * -rspamd_pubkey_print (struct rspamd_cryptobox_pubkey *pk, guint how) +rspamd_pubkey_print(struct rspamd_cryptobox_pubkey *pk, guint how) { GString *res; guint len; gpointer p; - g_assert (pk != NULL); + g_assert(pk != NULL); - res = g_string_sized_new (63); + res = g_string_sized_new(63); if ((how & RSPAMD_KEYPAIR_PUBKEY)) { - p = rspamd_cryptobox_pubkey_pk (pk, &len); - rspamd_keypair_print_component (p, len, res, how, "Public key"); + p = rspamd_cryptobox_pubkey_pk(pk, &len); + rspamd_keypair_print_component(p, len, res, how, "Public key"); } if ((how & RSPAMD_KEYPAIR_ID_SHORT)) { - rspamd_keypair_print_component (pk->id, RSPAMD_KEYPAIR_SHORT_ID_LEN, - res, how, "Short key ID"); + rspamd_keypair_print_component(pk->id, RSPAMD_KEYPAIR_SHORT_ID_LEN, + res, how, "Short key ID"); } if ((how & RSPAMD_KEYPAIR_ID)) { - rspamd_keypair_print_component (pk->id, sizeof (pk->id), res, how, - "Key ID"); + rspamd_keypair_print_component(pk->id, sizeof(pk->id), res, how, + "Key ID"); } return res; } const guchar * -rspamd_keypair_component (struct rspamd_cryptobox_keypair *kp, - guint ncomp, guint *len) +rspamd_keypair_component(struct rspamd_cryptobox_keypair *kp, + guint ncomp, guint *len) { guint rlen = 0; const guchar *ret = NULL; - g_assert (kp != NULL); + g_assert(kp != NULL); switch (ncomp) { case RSPAMD_KEYPAIR_COMPONENT_ID: - rlen = sizeof (kp->id); + rlen = sizeof(kp->id); ret = kp->id; break; case RSPAMD_KEYPAIR_COMPONENT_PK: - ret = rspamd_cryptobox_keypair_pk (kp, &rlen); + ret = rspamd_cryptobox_keypair_pk(kp, &rlen); break; case RSPAMD_KEYPAIR_COMPONENT_SK: - ret = rspamd_cryptobox_keypair_sk (kp, &rlen); + ret = rspamd_cryptobox_keypair_sk(kp, &rlen); break; } @@ -665,7 +657,7 @@ rspamd_keypair_component (struct rspamd_cryptobox_keypair *kp, } struct rspamd_cryptobox_keypair * -rspamd_keypair_from_ucl (const ucl_object_t *obj) +rspamd_keypair_from_ucl(const ucl_object_t *obj) { const ucl_object_t *privkey, *pubkey, *elt; const gchar *str; @@ -678,123 +670,123 @@ rspamd_keypair_from_ucl (const ucl_object_t *obj) gint dec_len; gpointer target; - if (ucl_object_type (obj) != UCL_OBJECT) { + if (ucl_object_type(obj) != UCL_OBJECT) { return NULL; } - elt = ucl_object_lookup (obj, "keypair"); + elt = ucl_object_lookup(obj, "keypair"); if (elt != NULL) { obj = elt; } - pubkey = ucl_object_lookup_any (obj, "pubkey", "public", "public_key", - NULL); - if (pubkey == NULL || ucl_object_type (pubkey) != UCL_STRING) { + pubkey = ucl_object_lookup_any(obj, "pubkey", "public", "public_key", + NULL); + if (pubkey == NULL || ucl_object_type(pubkey) != UCL_STRING) { return NULL; } - privkey = ucl_object_lookup_any (obj, "privkey", "private", "private_key", - "secret", "secret_key", NULL); - if (privkey == NULL || ucl_object_type (privkey) != UCL_STRING) { + privkey = ucl_object_lookup_any(obj, "privkey", "private", "private_key", + "secret", "secret_key", NULL); + if (privkey == NULL || ucl_object_type(privkey) != UCL_STRING) { return NULL; } /* Optional fields */ - elt = ucl_object_lookup (obj, "type"); - if (elt && ucl_object_type (elt) == UCL_STRING) { - str = ucl_object_tostring (elt); + elt = ucl_object_lookup(obj, "type"); + if (elt && ucl_object_type(elt) == UCL_STRING) { + str = ucl_object_tostring(elt); - if (g_ascii_strcasecmp (str, "kex") == 0) { + if (g_ascii_strcasecmp(str, "kex") == 0) { type = RSPAMD_KEYPAIR_KEX; } - else if (g_ascii_strcasecmp (str, "sign") == 0) { + else if (g_ascii_strcasecmp(str, "sign") == 0) { type = RSPAMD_KEYPAIR_SIGN; } /* TODO: handle errors */ } - elt = ucl_object_lookup (obj, "algorithm"); - if (elt && ucl_object_type (elt) == UCL_STRING) { - str = ucl_object_tostring (elt); + elt = ucl_object_lookup(obj, "algorithm"); + if (elt && ucl_object_type(elt) == UCL_STRING) { + str = ucl_object_tostring(elt); - if (g_ascii_strcasecmp (str, "curve25519") == 0) { + if (g_ascii_strcasecmp(str, "curve25519") == 0) { mode = RSPAMD_CRYPTOBOX_MODE_25519; } - else if (g_ascii_strcasecmp (str, "nistp256") == 0) { + else if (g_ascii_strcasecmp(str, "nistp256") == 0) { mode = RSPAMD_CRYPTOBOX_MODE_NIST; } /* TODO: handle errors */ } - elt = ucl_object_lookup (obj, "encoding"); - if (elt && ucl_object_type (elt) == UCL_STRING) { - str = ucl_object_tostring (elt); + elt = ucl_object_lookup(obj, "encoding"); + if (elt && ucl_object_type(elt) == UCL_STRING) { + str = ucl_object_tostring(elt); - if (g_ascii_strcasecmp (str, "hex") == 0) { + if (g_ascii_strcasecmp(str, "hex") == 0) { is_hex = TRUE; } /* TODO: handle errors */ } - kp = rspamd_cryptobox_keypair_alloc (type, mode); + kp = rspamd_cryptobox_keypair_alloc(type, mode); kp->type = type; kp->alg = mode; - REF_INIT_RETAIN (kp, rspamd_cryptobox_keypair_dtor); - g_assert (kp != NULL); + REF_INIT_RETAIN(kp, rspamd_cryptobox_keypair_dtor); + g_assert(kp != NULL); - target = rspamd_cryptobox_keypair_sk (kp, &len); - str = ucl_object_tolstring (privkey, &ucl_len); + target = rspamd_cryptobox_keypair_sk(kp, &len); + str = ucl_object_tolstring(privkey, &ucl_len); if (is_hex) { - dec_len = rspamd_decode_hex_buf (str, ucl_len, target, len); + dec_len = rspamd_decode_hex_buf(str, ucl_len, target, len); } else { - dec_len = rspamd_decode_base32_buf (str, ucl_len, target, len, RSPAMD_BASE32_DEFAULT); + dec_len = rspamd_decode_base32_buf(str, ucl_len, target, len, RSPAMD_BASE32_DEFAULT); } - if (dec_len != (gint)len) { - rspamd_keypair_unref (kp); + if (dec_len != (gint) len) { + rspamd_keypair_unref(kp); return NULL; } - target = rspamd_cryptobox_keypair_pk (kp, &len); - str = ucl_object_tolstring (pubkey, &ucl_len); + target = rspamd_cryptobox_keypair_pk(kp, &len); + str = ucl_object_tolstring(pubkey, &ucl_len); if (is_hex) { - dec_len = rspamd_decode_hex_buf (str, ucl_len, target, len); + dec_len = rspamd_decode_hex_buf(str, ucl_len, target, len); } else { - dec_len = rspamd_decode_base32_buf (str, ucl_len, target, len, RSPAMD_BASE32_DEFAULT); + dec_len = rspamd_decode_base32_buf(str, ucl_len, target, len, RSPAMD_BASE32_DEFAULT); } - if (dec_len != (gint)len) { - rspamd_keypair_unref (kp); + if (dec_len != (gint) len) { + rspamd_keypair_unref(kp); return NULL; } - rspamd_cryptobox_hash (kp->id, target, len, NULL, 0); + rspamd_cryptobox_hash(kp->id, target, len, NULL, 0); - elt = ucl_object_lookup (obj, "extensions"); - if (elt && ucl_object_type (elt) == UCL_OBJECT) { + elt = ucl_object_lookup(obj, "extensions"); + if (elt && ucl_object_type(elt) == UCL_OBJECT) { /* Use copy to avoid issues with the refcounts */ - kp->extensions = ucl_object_copy (elt); + kp->extensions = ucl_object_copy(elt); } return kp; } ucl_object_t * -rspamd_keypair_to_ucl (struct rspamd_cryptobox_keypair *kp, - enum rspamd_keypair_dump_flags flags) +rspamd_keypair_to_ucl(struct rspamd_cryptobox_keypair *kp, + enum rspamd_keypair_dump_flags flags) { ucl_object_t *ucl_out, *elt; gint how = 0; GString *keypair_out; const gchar *encoding; - g_assert (kp != NULL); + g_assert(kp != NULL); if (flags & RSPAMD_KEYPAIR_DUMP_HEX) { how |= RSPAMD_KEYPAIR_HEX; @@ -806,106 +798,104 @@ rspamd_keypair_to_ucl (struct rspamd_cryptobox_keypair *kp, } if (flags & RSPAMD_KEYPAIR_DUMP_FLATTENED) { - ucl_out = ucl_object_typed_new (UCL_OBJECT); + ucl_out = ucl_object_typed_new(UCL_OBJECT); elt = ucl_out; } else { - ucl_out = ucl_object_typed_new (UCL_OBJECT); - elt = ucl_object_typed_new (UCL_OBJECT); - ucl_object_insert_key (ucl_out, elt, "keypair", 0, false); + ucl_out = ucl_object_typed_new(UCL_OBJECT); + elt = ucl_object_typed_new(UCL_OBJECT); + ucl_object_insert_key(ucl_out, elt, "keypair", 0, false); } /* pubkey part */ - keypair_out = rspamd_keypair_print (kp, - RSPAMD_KEYPAIR_PUBKEY|how); - ucl_object_insert_key (elt, - ucl_object_fromlstring (keypair_out->str, keypair_out->len), - "pubkey", 0, false); - g_string_free (keypair_out, TRUE); + keypair_out = rspamd_keypair_print(kp, + RSPAMD_KEYPAIR_PUBKEY | how); + ucl_object_insert_key(elt, + ucl_object_fromlstring(keypair_out->str, keypair_out->len), + "pubkey", 0, false); + g_string_free(keypair_out, TRUE); if (!(flags & RSPAMD_KEYPAIR_DUMP_NO_SECRET)) { /* privkey part */ keypair_out = rspamd_keypair_print(kp, - RSPAMD_KEYPAIR_PRIVKEY | how); + RSPAMD_KEYPAIR_PRIVKEY | how); ucl_object_insert_key(elt, - ucl_object_fromlstring(keypair_out->str, keypair_out->len), - "privkey", 0, false); + ucl_object_fromlstring(keypair_out->str, keypair_out->len), + "privkey", 0, false); g_string_free(keypair_out, TRUE); } - keypair_out = rspamd_keypair_print (kp, - RSPAMD_KEYPAIR_ID|how); - ucl_object_insert_key (elt, - ucl_object_fromlstring (keypair_out->str, keypair_out->len), - "id", 0, false); - g_string_free (keypair_out, TRUE); + keypair_out = rspamd_keypair_print(kp, + RSPAMD_KEYPAIR_ID | how); + ucl_object_insert_key(elt, + ucl_object_fromlstring(keypair_out->str, keypair_out->len), + "id", 0, false); + g_string_free(keypair_out, TRUE); - ucl_object_insert_key (elt, - ucl_object_fromstring (encoding), - "encoding", 0, false); + ucl_object_insert_key(elt, + ucl_object_fromstring(encoding), + "encoding", 0, false); - ucl_object_insert_key (elt, - ucl_object_fromstring ( - kp->alg == RSPAMD_CRYPTOBOX_MODE_NIST ? - "nistp256" : "curve25519"), - "algorithm", 0, false); + ucl_object_insert_key(elt, + ucl_object_fromstring( + kp->alg == RSPAMD_CRYPTOBOX_MODE_NIST ? "nistp256" : "curve25519"), + "algorithm", 0, false); - ucl_object_insert_key (elt, - ucl_object_fromstring ( - kp->type == RSPAMD_KEYPAIR_KEX ? - "kex" : "sign"), - "type", 0, false); + ucl_object_insert_key(elt, + ucl_object_fromstring( + kp->type == RSPAMD_KEYPAIR_KEX ? "kex" : "sign"), + "type", 0, false); if (kp->extensions) { - ucl_object_insert_key (elt, ucl_object_copy (kp->extensions), - "extensions", 0, false); + ucl_object_insert_key(elt, ucl_object_copy(kp->extensions), + "extensions", 0, false); } return ucl_out; } gboolean -rspamd_keypair_decrypt (struct rspamd_cryptobox_keypair *kp, - const guchar *in, gsize inlen, - guchar **out, gsize *outlen, - GError **err) +rspamd_keypair_decrypt(struct rspamd_cryptobox_keypair *kp, + const guchar *in, gsize inlen, + guchar **out, gsize *outlen, + GError **err) { const guchar *nonce, *mac, *data, *pubkey; - g_assert (kp != NULL); - g_assert (in != NULL); + g_assert(kp != NULL); + g_assert(in != NULL); if (kp->type != RSPAMD_KEYPAIR_KEX) { - g_set_error (err, rspamd_keypair_quark (), EINVAL, - "invalid keypair type"); + g_set_error(err, rspamd_keypair_quark(), EINVAL, + "invalid keypair type"); return FALSE; } - if (inlen < sizeof (encrypted_magic) + rspamd_cryptobox_pk_bytes (kp->alg) + - rspamd_cryptobox_mac_bytes (kp->alg) + - rspamd_cryptobox_nonce_bytes (kp->alg)) { - g_set_error (err, rspamd_keypair_quark (), E2BIG, "invalid size: too small"); + if (inlen < sizeof(encrypted_magic) + rspamd_cryptobox_pk_bytes(kp->alg) + + rspamd_cryptobox_mac_bytes(kp->alg) + + rspamd_cryptobox_nonce_bytes(kp->alg)) { + g_set_error(err, rspamd_keypair_quark(), E2BIG, "invalid size: too small"); return FALSE; } - if (memcmp (in, encrypted_magic, sizeof (encrypted_magic)) != 0) { - g_set_error (err, rspamd_keypair_quark (), EINVAL, - "invalid magic"); + if (memcmp(in, encrypted_magic, sizeof(encrypted_magic)) != 0) { + g_set_error(err, rspamd_keypair_quark(), EINVAL, + "invalid magic"); return FALSE; } /* Set pointers */ - pubkey = in + sizeof (encrypted_magic); - mac = pubkey + rspamd_cryptobox_pk_bytes (kp->alg); - nonce = mac + rspamd_cryptobox_mac_bytes (kp->alg); - data = nonce + rspamd_cryptobox_nonce_bytes (kp->alg); + pubkey = in + sizeof(encrypted_magic); + mac = pubkey + rspamd_cryptobox_pk_bytes(kp->alg); + nonce = mac + rspamd_cryptobox_mac_bytes(kp->alg); + data = nonce + rspamd_cryptobox_nonce_bytes(kp->alg); if (data - in >= inlen) { - g_set_error (err, rspamd_keypair_quark (), E2BIG, "invalid size: too small"); + g_set_error(err, rspamd_keypair_quark(), E2BIG, "invalid size: too small"); return FALSE; } @@ -913,14 +903,14 @@ rspamd_keypair_decrypt (struct rspamd_cryptobox_keypair *kp, inlen -= data - in; /* Allocate memory for output */ - *out = g_malloc (inlen); - memcpy (*out, data, inlen); + *out = g_malloc(inlen); + memcpy(*out, data, inlen); - if (!rspamd_cryptobox_decrypt_inplace (*out, inlen, nonce, pubkey, - rspamd_keypair_component (kp, RSPAMD_KEYPAIR_COMPONENT_SK, NULL), - mac, kp->alg)) { - g_set_error (err, rspamd_keypair_quark (), EPERM, "verification failed"); - g_free (*out); + if (!rspamd_cryptobox_decrypt_inplace(*out, inlen, nonce, pubkey, + rspamd_keypair_component(kp, RSPAMD_KEYPAIR_COMPONENT_SK, NULL), + mac, kp->alg)) { + g_set_error(err, rspamd_keypair_quark(), EPERM, "verification failed"); + g_free(*out); return FALSE; } @@ -933,47 +923,46 @@ rspamd_keypair_decrypt (struct rspamd_cryptobox_keypair *kp, } gboolean -rspamd_keypair_encrypt (struct rspamd_cryptobox_keypair *kp, - const guchar *in, gsize inlen, - guchar **out, gsize *outlen, - GError **err) +rspamd_keypair_encrypt(struct rspamd_cryptobox_keypair *kp, + const guchar *in, gsize inlen, + guchar **out, gsize *outlen, + GError **err) { guchar *nonce, *mac, *data, *pubkey; struct rspamd_cryptobox_keypair *local; gsize olen; - g_assert (kp != NULL); - g_assert (in != NULL); + g_assert(kp != NULL); + g_assert(in != NULL); if (kp->type != RSPAMD_KEYPAIR_KEX) { - g_set_error (err, rspamd_keypair_quark (), EINVAL, - "invalid keypair type"); + g_set_error(err, rspamd_keypair_quark(), EINVAL, + "invalid keypair type"); return FALSE; } - local = rspamd_keypair_new (kp->type, kp->alg); - - olen = inlen + sizeof (encrypted_magic) + - rspamd_cryptobox_pk_bytes (kp->alg) + - rspamd_cryptobox_mac_bytes (kp->alg) + - rspamd_cryptobox_nonce_bytes (kp->alg); - *out = g_malloc (olen); - memcpy (*out, encrypted_magic, sizeof (encrypted_magic)); - pubkey = *out + sizeof (encrypted_magic); - mac = pubkey + rspamd_cryptobox_pk_bytes (kp->alg); - nonce = mac + rspamd_cryptobox_mac_bytes (kp->alg); - data = nonce + rspamd_cryptobox_nonce_bytes (kp->alg); - - ottery_rand_bytes (nonce, rspamd_cryptobox_nonce_bytes (kp->alg)); - memcpy (data, in, inlen); - memcpy (pubkey, rspamd_keypair_component (kp, - RSPAMD_KEYPAIR_COMPONENT_PK, NULL), - rspamd_cryptobox_pk_bytes (kp->alg)); - rspamd_cryptobox_encrypt_inplace (data, inlen, nonce, pubkey, - rspamd_keypair_component (local, RSPAMD_KEYPAIR_COMPONENT_SK, NULL), - mac, kp->alg); - rspamd_keypair_unref (local); + local = rspamd_keypair_new(kp->type, kp->alg); + + olen = inlen + sizeof(encrypted_magic) + + rspamd_cryptobox_pk_bytes(kp->alg) + + rspamd_cryptobox_mac_bytes(kp->alg) + + rspamd_cryptobox_nonce_bytes(kp->alg); + *out = g_malloc(olen); + memcpy(*out, encrypted_magic, sizeof(encrypted_magic)); + pubkey = *out + sizeof(encrypted_magic); + mac = pubkey + rspamd_cryptobox_pk_bytes(kp->alg); + nonce = mac + rspamd_cryptobox_mac_bytes(kp->alg); + data = nonce + rspamd_cryptobox_nonce_bytes(kp->alg); + + ottery_rand_bytes(nonce, rspamd_cryptobox_nonce_bytes(kp->alg)); + memcpy(data, in, inlen); + memcpy(pubkey, rspamd_keypair_component(kp, RSPAMD_KEYPAIR_COMPONENT_PK, NULL), + rspamd_cryptobox_pk_bytes(kp->alg)); + rspamd_cryptobox_encrypt_inplace(data, inlen, nonce, pubkey, + rspamd_keypair_component(local, RSPAMD_KEYPAIR_COMPONENT_SK, NULL), + mac, kp->alg); + rspamd_keypair_unref(local); if (outlen) { *outlen = olen; @@ -983,46 +972,46 @@ rspamd_keypair_encrypt (struct rspamd_cryptobox_keypair *kp, } gboolean -rspamd_pubkey_encrypt (struct rspamd_cryptobox_pubkey *pk, - const guchar *in, gsize inlen, - guchar **out, gsize *outlen, - GError **err) +rspamd_pubkey_encrypt(struct rspamd_cryptobox_pubkey *pk, + const guchar *in, gsize inlen, + guchar **out, gsize *outlen, + GError **err) { guchar *nonce, *mac, *data, *pubkey; struct rspamd_cryptobox_keypair *local; gsize olen; - g_assert (pk != NULL); - g_assert (in != NULL); + g_assert(pk != NULL); + g_assert(in != NULL); if (pk->type != RSPAMD_KEYPAIR_KEX) { - g_set_error (err, rspamd_keypair_quark (), EINVAL, - "invalid pubkey type"); + g_set_error(err, rspamd_keypair_quark(), EINVAL, + "invalid pubkey type"); return FALSE; } - local = rspamd_keypair_new (pk->type, pk->alg); - - olen = inlen + sizeof (encrypted_magic) + - rspamd_cryptobox_pk_bytes (pk->alg) + - rspamd_cryptobox_mac_bytes (pk->alg) + - rspamd_cryptobox_nonce_bytes (pk->alg); - *out = g_malloc (olen); - memcpy (*out, encrypted_magic, sizeof (encrypted_magic)); - pubkey = *out + sizeof (encrypted_magic); - mac = pubkey + rspamd_cryptobox_pk_bytes (pk->alg); - nonce = mac + rspamd_cryptobox_mac_bytes (pk->alg); - data = nonce + rspamd_cryptobox_nonce_bytes (pk->alg); - - ottery_rand_bytes (nonce, rspamd_cryptobox_nonce_bytes (pk->alg)); - memcpy (data, in, inlen); - memcpy (pubkey, rspamd_pubkey_get_pk (pk, NULL), - rspamd_cryptobox_pk_bytes (pk->alg)); - rspamd_cryptobox_encrypt_inplace (data, inlen, nonce, pubkey, - rspamd_keypair_component (local, RSPAMD_KEYPAIR_COMPONENT_SK, NULL), - mac, pk->alg); - rspamd_keypair_unref (local); + local = rspamd_keypair_new(pk->type, pk->alg); + + olen = inlen + sizeof(encrypted_magic) + + rspamd_cryptobox_pk_bytes(pk->alg) + + rspamd_cryptobox_mac_bytes(pk->alg) + + rspamd_cryptobox_nonce_bytes(pk->alg); + *out = g_malloc(olen); + memcpy(*out, encrypted_magic, sizeof(encrypted_magic)); + pubkey = *out + sizeof(encrypted_magic); + mac = pubkey + rspamd_cryptobox_pk_bytes(pk->alg); + nonce = mac + rspamd_cryptobox_mac_bytes(pk->alg); + data = nonce + rspamd_cryptobox_nonce_bytes(pk->alg); + + ottery_rand_bytes(nonce, rspamd_cryptobox_nonce_bytes(pk->alg)); + memcpy(data, in, inlen); + memcpy(pubkey, rspamd_pubkey_get_pk(pk, NULL), + rspamd_cryptobox_pk_bytes(pk->alg)); + rspamd_cryptobox_encrypt_inplace(data, inlen, nonce, pubkey, + rspamd_keypair_component(local, RSPAMD_KEYPAIR_COMPONENT_SK, NULL), + mac, pk->alg); + rspamd_keypair_unref(local); if (outlen) { *outlen = olen; |