libqaeda

Unnamed repository; edit this file 'description' to name the repository.
Info | Log | Files | Refs | README | LICENSE
commit e9926a4d1a7dcaf8d3891c80ff4933dd7b3d1404
parent 90652402f4a2db73d2f853a28aa7e366cafb49eb
Author: lash <dev@holbrook.no>
Date:   Sat,  5 Apr 2025 00:01:20 +0100

Now have valid request signature

Diffstat:

Msrc/crypto/gcrypt.c | 2+-


Msrc/lq/cert.c | 10+++++++---


Msrc/lq/msg.c | 26+++++++++++++++++++-------


3 files changed, 27 insertions(+), 11 deletions(-)

diff --git a/src/crypto/gcrypt.c b/src/crypto/gcrypt.c
@@ -628,7 +628,7 @@ LQPrivKey* lq_privatekey_new(const char *passphrase, size_t passphrase_len) {
 	if (r) {
 		return NULL;
 	}
-	return o;	
+	return o;
 }
 
 /// Parse data from buffer as S-expression text representing a key.
diff --git a/src/lq/cert.c b/src/lq/cert.c
@@ -157,16 +157,20 @@ int lq_certificate_sign(LQCert *cert, LQPrivKey *pk) {
 }
 
 int lq_certificate_verify(LQCert *cert) {
-	LQCert cert_valid;
+	int r;
 	char out[LQ_BLOCKSIZE];
+	LQCert cert_valid;
 
-	int r;
+	if (cert->request_sig == NULL) {
+		return debug_logerr(LLOG_DEBUG, ERR_NONSENSE, "no request signature");
+	}
 
 	lq_cpy(&cert_valid, cert, sizeof(LQCert));
+	cert_valid.request_sig = NULL;
 	cert_valid.response = NULL;
 	cert_valid.response_sig = NULL;
 
-	r = state_digest(cert, out, 0);
+	r = state_digest(&cert_valid, out, 0);
 	if (r != ERR_OK) {
 		return r;
 	}
diff --git a/src/lq/msg.c b/src/lq/msg.c
@@ -41,8 +41,9 @@ static int msg_to_sign(LQMsg *msg, char *out, const char *extra, size_t extra_le
 	int r;
 	char data[LQ_BLOCKSIZE];
 
-	l = msg->len + extra_len;
+	l = msg->len;
 	if (extra_len > 0) {
+		l += extra_len;
 		lq_cpy(data, extra, extra_len);
 	}
 	lq_cpy(data + extra_len, msg->data, msg->len);
@@ -53,6 +54,7 @@ static int msg_to_sign(LQMsg *msg, char *out, const char *extra, size_t extra_le
 LQSig* lq_msg_sign_extra(LQMsg *msg, LQPrivKey *pk, const char *salt, const char *extra, size_t extra_len) {
 	int r;
 	char digest[LQ_DIGEST_LEN];
+	LQSig *sig;
 
 	if (extra == NULL) {
 		extra_len = 0;
@@ -60,33 +62,43 @@ LQSig* lq_msg_sign_extra(LQMsg *msg, LQPrivKey *pk, const char *salt, const char
 	if (msg->pubkey == NULL) {
 		msg->pubkey = lq_publickey_from_privatekey(pk);
 		if (msg->pubkey == NULL) {
-			debug_logerr(LLOG_INFO, ERR_NOKEY, "public key");
+			debug_logerr(LLOG_DEBUG, ERR_NOKEY, "public key");
 			return NULL;
 		}
 	}
 	r = msg_to_sign(msg, digest, extra, extra_len);
 	if (r) {
-		debug_logerr(LLOG_INFO, r, "sign message");
+		debug_logerr(LLOG_DEBUG, r, "prepare message for sign");
 		return NULL;
 	}
-	return lq_privatekey_sign(pk, digest, LQ_DIGEST_LEN, salt);
+	sig = lq_privatekey_sign(pk, digest, LQ_DIGEST_LEN, salt);
+	if (sig == NULL) {
+		debug_logerr(LLOG_DEBUG, r, "sign message");
+		return NULL;
+	}
+	return sig;
 }
 
 int lq_msg_verify_extra(LQMsg *msg, LQSig *sig, const char *salt, const char *extra, size_t extra_len) {
 	int r;
 	char digest[LQ_DIGEST_LEN];
+	LQMsg msg_valid;
 
 	if (msg->pubkey == NULL) {
-		return debug_logerr(LLOG_INFO, ERR_NONSENSE, "missing pubkey");
+		return debug_logerr(LLOG_DEBUG, ERR_NONSENSE, "missing pubkey");
 	}
 	if (extra == NULL) {
 		extra_len = 0;
 	}
 	r = msg_to_sign(msg, digest, extra, extra_len);
 	if (r) {
-		return debug_logerr(LLOG_INFO, r, "verify message");
+		return debug_logerr(LLOG_DEBUG, r, "prepare message for verify");
 	}
-	return lq_signature_verify(sig, digest, LQ_DIGEST_LEN);
+	r = lq_signature_verify(sig, digest, LQ_DIGEST_LEN);
+	if (r) {
+		return debug_logerr(LLOG_DEBUG, r, "verify message");
+	}
+	return ERR_OK;
 }
 
 void lq_msg_free(LQMsg *msg) {