gcrypt.c (25981B)
1 #ifdef LQ_GPG 2 3 #define GPG_MIN_VERSION "1.10.2" 4 #define GPG_KEY_TYP 1 5 6 #include <gcrypt.h> 7 #include <rerr.h> 8 #include <llog.h> 9 #include <hex.h> 10 11 #include "lq/crypto.h" 12 #include "lq/io.h" 13 #include "lq/mem.h" 14 #include "lq/config.h" 15 #include "lq/err.h" 16 #include "lq/store.h" 17 #include "debug.h" 18 19 #define CHACHA20_KEY_LENGTH_BYTES 32 20 #define CHACHA20_NONCE_LENGTH_BYTES 12 21 22 /// Lookup mode for key in store. 23 enum gpg_find_mode_e { 24 GPG_FIND_MAIN, ///< Use default key filename. 25 GPG_FIND_ORCREATE, ///< Create a new key if not found. 26 GPG_FIND_FINGERPRINT, ///< Load only the key matching the fingerprint. 27 }; 28 29 /** 30 * gcrypt implementation of the crypto interface. 31 * 32 * The same structure is used in both LQPrivKey and LQPubKey. 33 * 34 */ 35 struct gpg_store { 36 gcry_sexp_t k; ///< S-expression representing the current object type. 37 char fingerprint[LQ_FP_LEN]; ///< Fingerprint, used for LQPubKey. 38 char public_key[LQ_PUBKEY_LEN]; ///< Literal, uncompressed public key bytes. Used in LQPubKey. 39 char last_signature[LQ_SIGN_LEN]; ///< Stores the latest signature data generated by lq_privatekey_sign. 40 char last_data[LQ_DIGEST_LEN]; ///< Stores the last digest data that was signed using lq_privatekey_sign. 41 }; 42 43 /// store gpg library version. 44 static char *gpg_version = NULL; 45 46 /// directory holding crypto keys. 47 static int gpg_cfg_idx_dir; 48 49 /// default digest id. 50 static int gpg_passphrase_digest = GCRY_MD_SHA256; 51 52 /// digest length of hashed password. 53 static int gpg_passphrase_digest_len; 54 55 /// zero fp value 56 const static char gpg_fingerprint_zero[LQ_FP_LEN]; 57 58 const static char gpg_default_store_key; 59 60 static LQStore *gpg_key_store; 61 62 /** 63 * Verifies that installed gpg version is supported. 64 * Sets up crypto keys dir and sets passphrase digest length. 65 * 66 * \todo replace path massage with cwalk lib 67 */ 68 int lq_crypto_init(const char *base) { 69 int r; 70 int l = 0; 71 char *p; 72 char path[LQ_PATH_MAX]; 73 74 lq_zero(path, LQ_PATH_MAX); 75 if (gpg_version == NULL) { 76 gpg_version = (char*)gcry_check_version(GPG_MIN_VERSION); 77 if (gpg_version == NULL) { 78 return debug_logerr(LLOG_ERROR, ERR_NOCRYPTO, "broken"); 79 } 80 gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0); 81 if (!gcry_control (GCRYCTL_INITIALIZATION_FINISHED_P)) { 82 return debug_logerr(LLOG_ERROR, ERR_NOCRYPTO, "init gcrypt"); 83 } 84 } 85 debug_x(LLOG_DEBUG, "gpg", "using gpg", 1, MORGEL_TYP_STR, 0, "version", gpg_version); 86 87 //gpg_passphrase_digest_len = gcry_md_get_algo_dlen(GCRY_MD_SHA256); 88 gpg_passphrase_digest_len = gcry_md_get_algo_dlen(GCRY_MD_SHA512); 89 gpg_cfg_idx_dir = lq_config_register(LQ_TYP_STR, "CRYPTODIR"); 90 91 p = path; 92 l = strlen(base); 93 lq_cpy(p, base, l); 94 if (path[l] != '/') { 95 path[l] = '/'; 96 path[l+1] = 0; 97 } 98 99 r = lq_config_set(gpg_cfg_idx_dir, path); 100 if (r) { 101 return ERR_FAIL; 102 } 103 gpg_key_store = lq_store_new(path); 104 if (gpg_key_store == NULL) { 105 return ERR_STORE_AVAIL; 106 } 107 108 return ERR_OK; 109 } 110 111 size_t get_padsize(size_t insize, size_t blocksize) { 112 size_t c; 113 size_t l; 114 size_t m; 115 116 c = insize + 1; 117 l = c / blocksize; 118 m = c % blocksize; 119 if (m) { 120 l++; 121 } 122 return l * blocksize; 123 } 124 125 static void padb(char *data, size_t outsize, size_t insize) { 126 gcry_randomize(data + insize, outsize - insize, GCRY_STRONG_RANDOM); 127 } 128 129 static void pad(char *indata_raw, size_t outsize, const char *indata) { //std::string indata) { 130 int l; 131 132 strcpy(indata_raw, indata); 133 l = strlen(indata) + 1; 134 padb(indata_raw, outsize, l); 135 } 136 137 static int create_handle(gcry_cipher_hd_t *h, const char *key, const char *nonce) { 138 const char *p; 139 gcry_error_t e; 140 141 e = gcry_cipher_open(h, GCRY_CIPHER_CHACHA20, GCRY_CIPHER_MODE_POLY1305, GCRY_CIPHER_SECURE); 142 if (e) { 143 p = gcry_strerror(e); 144 return debug_logerr(LLOG_ERROR, ERR_FAIL, (char*)p); 145 } 146 e = gcry_cipher_setkey(*h, key, CHACHA20_KEY_LENGTH_BYTES); 147 if (e) { 148 return ERR_FAIL; 149 } 150 e = gcry_cipher_setiv(*h, nonce, CHACHA20_NONCE_LENGTH_BYTES); 151 if (e) { 152 return ERR_FAIL; 153 } 154 return ERR_OK; 155 } 156 157 158 static void free_handle(gcry_cipher_hd_t *h) { 159 gcry_cipher_close(*h); 160 } 161 162 int encryptb (char *ciphertext, size_t ciphertext_len, const char *indata, size_t indata_len, const char *key, const char *nonce) { 163 const char *p; 164 int r; 165 gcry_cipher_hd_t h; 166 gcry_error_t e; 167 char indata_raw[ciphertext_len]; 168 169 r = create_handle(&h, key, nonce); 170 if (r) { 171 return debug_logerr(LLOG_ERROR, ERR_CIPHER, "encrypt handle (bin)"); 172 } 173 lq_cpy(indata_raw, indata, indata_len); 174 padb(indata_raw, ciphertext_len, indata_len); 175 e = gcry_cipher_encrypt(h, (unsigned char*)ciphertext, ciphertext_len, (const unsigned char*)indata_raw, ciphertext_len); 176 if (e) { 177 free_handle(&h); 178 p = gcry_strerror(e); 179 return debug_logerr(LLOG_ERROR, ERR_CIPHER, (char*)p); 180 } 181 182 free_handle(&h); 183 184 return ERR_OK; 185 } 186 187 int encrypt(char *ciphertext, size_t ciphertext_len, const char *indata, const char *key, const char *nonce) { 188 char *p; 189 int r; 190 gcry_cipher_hd_t h; 191 gcry_error_t e; 192 char indata_raw[ciphertext_len]; 193 194 r = create_handle(&h, key, nonce); 195 if (r) { 196 return debug_logerr(LLOG_ERROR, ERR_CIPHER, "encrypt handle (str)"); 197 } 198 199 pad(indata_raw, ciphertext_len, indata); 200 e = gcry_cipher_encrypt(h, (unsigned char*)ciphertext, ciphertext_len, (const unsigned char*)indata_raw, ciphertext_len); 201 if (e) { 202 free_handle(&h); 203 p = (char*)gcry_strerror(e); 204 return debug_logerr(LLOG_ERROR, ERR_CIPHER, p); 205 } 206 207 free_handle(&h); 208 209 return ERR_OK; 210 } 211 212 int decryptb(char *outdata, const char *ciphertext, size_t ciphertext_len, const char *key, const char *nonce) { 213 char *p; 214 int r; 215 gcry_cipher_hd_t h; 216 gcry_error_t e; 217 218 r = create_handle(&h, key, nonce); 219 if (r) { 220 return debug_logerr(LLOG_ERROR, ERR_CIPHER, "decrypt handle (bin)"); 221 } 222 223 e = gcry_cipher_decrypt(h, outdata, ciphertext_len, ciphertext, ciphertext_len); 224 if (e) { 225 free_handle(&h); 226 p = (char*)gcry_strerror(e); 227 return debug_logerr(LLOG_ERROR, ERR_CIPHER, p); 228 } 229 230 free_handle(&h); 231 232 return ERR_OK; 233 } 234 235 int decrypt(char *outdata, const char *ciphertext, size_t ciphertext_len, const char *key, const char *nonce) { 236 char *p; 237 int r; 238 gcry_cipher_hd_t h; 239 gcry_error_t e; 240 241 r = create_handle(&h, key, nonce); 242 if (r) { 243 return debug_logerr(LLOG_ERROR, ERR_CIPHER, "decrypt handle (str)"); 244 } 245 246 e = gcry_cipher_decrypt(h, outdata, ciphertext_len, ciphertext, ciphertext_len); 247 if (e) { 248 free_handle(&h); 249 p = (char*)gcry_strerror(e); 250 return debug_logerr(LLOG_ERROR, ERR_CIPHER, p); 251 } 252 253 free_handle(&h); 254 255 return ERR_OK; 256 } 257 258 259 // DIGEST SECTION 260 261 /// Calculate a digest according to the specified algo. 262 static int calculate_digest_algo(const char *in, size_t in_len, char *out, enum gcry_md_algos algo) { 263 gcry_error_t e; 264 gcry_md_hd_t h; 265 unsigned char *v; 266 static unsigned int digest_len; 267 268 if (algo == GCRY_MD_NONE) { 269 algo = GCRY_MD_SHA512; 270 } 271 272 e = gcry_md_open(&h, algo, GCRY_MD_FLAG_SECURE); 273 if (e) { 274 return ERR_ENCODING; 275 } 276 e = gcry_md_enable(h, algo); 277 if (e) { 278 return ERR_COMPAT; 279 } 280 digest_len = gcry_md_get_algo_dlen(algo); 281 282 gcry_md_write(h, in, in_len); 283 v = gcry_md_read(h, 0); 284 lq_cpy(out, v, digest_len); 285 gcry_md_close(h); 286 return ERR_OK; 287 } 288 289 /// Calculate digest using the default hashing algorithm (SHA256) 290 /// using the gcrypt library. 291 int lq_digest(const char *in, size_t in_len, char *out) { 292 return calculate_digest_algo(in, in_len, out, GCRY_MD_NONE); 293 } 294 295 296 /// Apply public key to the gpg_store struct. 297 static int key_apply_public(struct gpg_store *gpg) { 298 char *p; 299 size_t c; 300 gcry_sexp_t one; 301 gcry_sexp_t two; 302 303 one = gcry_sexp_find_token(gpg->k, "public-key", 10); 304 if (one == NULL) { 305 return debug_logerr(LLOG_ERROR, ERR_KEYFAIL, "sexp pubkey"); 306 } 307 two = gcry_sexp_find_token(one, "q", 1); 308 if (two == NULL) { 309 gcry_sexp_release(one); 310 return debug_logerr(LLOG_ERROR, ERR_KEYFAIL, "sexp q"); 311 } 312 c = LQ_PUBKEY_LEN; 313 p = (char*)gcry_sexp_nth_data(two, 1, &c); 314 if (p == NULL) { 315 gcry_sexp_release(two); 316 gcry_sexp_release(one); 317 return debug_logerr(LLOG_ERROR, ERR_KEYFAIL, "sexp first data"); 318 } 319 320 lq_cpy(gpg->public_key, p, LQ_PUBKEY_LEN); 321 gcry_sexp_release(two); 322 gcry_sexp_release(one); 323 p = (char*)gcry_pk_get_keygrip(gpg->k, (unsigned char*)gpg->fingerprint); 324 if (p == NULL) { 325 return debug_logerr(LLOG_ERROR, ERR_KEYFAIL, "pubkey fingerprint"); 326 } 327 328 return ERR_OK; 329 } 330 331 /// Create a new gcrypt keypair. 332 static int key_create(struct gpg_store *gpg) { 333 int r; 334 const char *p; 335 const char *sexp_quick = "(genkey(ecc(flags eddsa)(curve Ed25519)))"; 336 gcry_sexp_t in; 337 gcry_error_t e; 338 339 // Set up parameters for key creation. 340 e = gcry_sexp_new(&in, (const void*)sexp_quick, strlen(sexp_quick), 0); 341 if (e) { 342 p = gcry_strerror(e); 343 return debug_logerr(LLOG_ERROR, ERR_KEYFAIL, (char*)p); 344 } 345 346 // Generate a new key with the given parameters. 347 e = gcry_pk_genkey(&gpg->k, in); 348 if (e) { 349 gcry_sexp_release(in); 350 p = gcry_strerror(e); 351 return debug_logerr(LLOG_ERROR, ERR_KEYFAIL, (char*)p); 352 } 353 gcry_sexp_release(in); 354 355 // Apply the public part of the key to the underlying key structure. 356 r = key_apply_public(gpg); 357 if (r) { 358 return debug_logerr(LLOG_ERROR, ERR_KEYFAIL, "private create apply public"); 359 } 360 361 return ERR_OK; 362 } 363 364 // Create a new store instance using the crypto partition path 365 // set in the configuration. 366 // Caller must free it. 367 LQStore *key_store_get() { 368 // int r; 369 // char *p; 370 371 // r = lq_config_get(gpg_cfg_idx_dir, (void**)&p); 372 // if (r) { 373 // return NULL; 374 // } 375 // return lq_store_new(p); 376 return gpg_key_store; 377 } 378 379 /** 380 * \todo consistent endianness for key length in persistent storage (fwrite) 381 * \todo doc must have enough in path for path + fingerprint hex 382 * 383 */ 384 static int key_create_store(struct gpg_store *gpg, const char *passphrase, size_t passphrase_len) { 385 char *p; 386 int r; 387 int kl; 388 char v[LQ_CRYPTO_BUFLEN]; 389 int l; 390 size_t c; 391 size_t m; 392 LQStore *store; 393 LQPubKey *pubk; 394 char nonce[CHACHA20_NONCE_LENGTH_BYTES]; 395 char buf_key[LQ_STORE_KEY_MAX]; 396 char buf_val[LQ_STORE_VAL_MAX]; 397 char ciphertext[LQ_CRYPTO_BUFLEN]; 398 char passphrase_hash[LQ_DIGEST_LEN]; 399 400 // Create the private key and corresponding public key. 401 r = key_create(gpg); 402 if (r) { 403 return debug_logerr(LLOG_ERROR, ERR_KEYFAIL, "key create"); 404 } 405 406 // Export the S-expression to a text buffer for saving, canonical formatting 407 kl = gcry_sexp_sprint(gpg->k, GCRYSEXP_FMT_CANON, NULL, 0); 408 m = (size_t)kl + 1; 409 p = (char*)v + sizeof(int); 410 c = 0; 411 kl = gcry_sexp_sprint(gpg->k, GCRYSEXP_FMT_CANON, p, LQ_CRYPTO_BUFLEN - m); 412 m -= (size_t)(kl + 1); 413 c += kl; 414 lq_cpy(v, &c, sizeof(int)); 415 416 // Pad the contents up to the blocksize boundary 417 m = c; 418 c = get_padsize(m, LQ_CRYPTO_BLOCKSIZE); 419 420 // Hash the encryption key to the expected length. 421 r = calculate_digest_algo(passphrase, passphrase_len, passphrase_hash, gpg_passphrase_digest); 422 if (r) { 423 return debug_logerr(LLOG_ERROR, ERR_DIGEST, "passphrase hash"); 424 } 425 426 // Encrypt the payload with the passphrase and nonce. 427 gcry_create_nonce(nonce, CHACHA20_NONCE_LENGTH_BYTES); 428 r = encryptb(ciphertext, c, v, m+sizeof(int), passphrase_hash, nonce); 429 if (r) { 430 return debug_logerr(LLOG_ERROR, ERR_KEY_LOCK, "encrypt private key"); 431 } 432 433 // Export the key (fingerprint) and value (ciphertext) to put in the store. 434 // (We don't need the inner private key pointer anymore, so we re-use it.) 435 pubk = lq_publickey_new(gpg->public_key); 436 if (pubk == NULL) { 437 return debug_logerr(LLOG_ERROR, ERR_KEYFAIL, "publickey"); 438 } 439 gpg = (struct gpg_store*)pubk->impl; 440 lq_cpy(buf_key, gpg->fingerprint, LQ_FP_LEN); 441 lq_cpy(buf_val, nonce, CHACHA20_NONCE_LENGTH_BYTES); 442 lq_cpy(buf_val + CHACHA20_NONCE_LENGTH_BYTES, ciphertext, c); 443 lq_publickey_free(pubk); 444 445 // Retrieve the store. 446 store = key_store_get(); 447 if (store == NULL) { 448 return debug_logerr(LLOG_ERROR, ERR_KEYFILE, "create store"); 449 } 450 451 // Write the ciphertext to the store. 452 l = c + CHACHA20_NONCE_LENGTH_BYTES; 453 c = LQ_FP_LEN; 454 r = store->put(LQ_CONTENT_KEY, store, buf_key, &c, buf_val, l); 455 if (r) { 456 return debug_logerr(LLOG_ERROR, ERR_KEYFILE, "put key in store"); 457 } 458 459 // Check if a main key already exists in the store. 460 // If not, set this one as main. 461 *buf_key = gpg_default_store_key; 462 c = LQ_STORE_VAL_MAX; 463 r = store->get(LQ_CONTENT_KEY, store, buf_key, 1, buf_val, &c); 464 if (r) { 465 if (r != ERR_NOENT) { 466 debug(LLOG_ERROR, "crypto.gcrypt", "no default"); 467 return debug_logerr(LLOG_ERROR, ERR_KEYFILE, "default key"); 468 } 469 c = 1; 470 r = store->put(LQ_CONTENT_KEY, store, buf_key, &c, buf_val, l); 471 if (r) { 472 debug(LLOG_ERROR, "crypto.gcrypt", "fail put default"); 473 return debug_logerr(LLOG_ERROR, ERR_KEYFILE, "write default key"); 474 } 475 } 476 477 return ERR_OK; 478 } 479 480 /// Create a new keypair, encrypted with given passphrase. 481 static LQPrivKey* privatekey_alloc(const char *passphrase, size_t passphrase_len) { 482 int r; 483 LQPrivKey *o; 484 struct gpg_store *gpg; 485 486 // Allocate private key structures. 487 o = lq_alloc(sizeof(LQPrivKey)); 488 if (o == NULL) { 489 return NULL; 490 } 491 gpg = lq_alloc(sizeof(struct gpg_store)); 492 if (gpg == NULL) { 493 lq_free(o); 494 return NULL; 495 } 496 497 // Create the underlying private key. 498 r = key_create_store(gpg, passphrase, passphrase_len); 499 if (r) { 500 lq_free(gpg); 501 lq_free(o); 502 return NULL; 503 } 504 505 // Populate the internal key structure. 506 o->impl = (void*)gpg; 507 o->key_typ = GPG_KEY_TYP; 508 o->key_state = LQ_KEY_INIT; 509 510 // No cleanup = caller must free it. 511 debug_x(LLOG_INFO, "gpg", "created new private key", 1, MORGEL_TYP_BIN, LQ_FP_LEN, "fingerprint", gpg->fingerprint); 512 513 return o; 514 } 515 516 517 /// Implements the interface to create a new private key. 518 LQPrivKey* lq_privatekey_new(const char *passphrase, size_t passphrase_len) { 519 int r; 520 LQPrivKey *o; 521 if (passphrase == NULL) { 522 return NULL; 523 } 524 525 o = privatekey_alloc(passphrase, passphrase_len); 526 if (o == NULL) { 527 return NULL; 528 } 529 r = lq_privatekey_lock(o, passphrase, passphrase_len); 530 if (r) { 531 return NULL; 532 } 533 return o; 534 } 535 536 /// Parse data from buffer as S-expression text representing a key. 537 static int key_from_data(gcry_sexp_t *key, const char *indata, size_t indata_len) { 538 gcry_error_t e; 539 540 e = gcry_sexp_new(key, indata, indata_len, 0); 541 if (e != GPG_ERR_NO_ERROR) { 542 return debug_logerr(LLOG_ERROR, ERR_COMPAT, "not key data"); 543 } 544 return ERR_OK; 545 } 546 547 /// Load a private key from the store's crypto partition. 548 static int key_from_store(struct gpg_store *gpg, const char *passphrase, size_t passphrase_len) { 549 char *nonce; 550 char *p; 551 int r; 552 LQStore *store; 553 char inkey[LQ_FP_LEN]; 554 size_t inkey_len; 555 char out[LQ_CRYPTO_BUFLEN]; 556 char in[LQ_CRYPTO_BUFLEN]; 557 size_t in_len; 558 size_t out_len; 559 char passphrase_hash[LQ_DIGEST_LEN]; 560 561 // Instantiate the store. 562 store = key_store_get(); 563 564 // If a valid fingerprint is found in the gpg structure, 565 // retrieve the key matching that fingerprint. 566 // Otherwise, retrieve the main key. 567 // Or fail if none of them can be found. 568 inkey_len = LQ_FP_LEN; 569 in_len = LQ_CRYPTO_BUFLEN; 570 if (lq_cmp(gpg->fingerprint, gpg_fingerprint_zero, LQ_FP_LEN)) { 571 lq_cpy(inkey, gpg->fingerprint, LQ_FP_LEN); 572 } else { 573 *inkey = gpg_default_store_key; 574 inkey_len = 1; 575 } 576 r = store->get(LQ_CONTENT_KEY, store, inkey, inkey_len, in, &in_len); 577 if (r) { 578 return ERR_NOENT; 579 } 580 581 // Hash the encryption key to the expected length. 582 r = calculate_digest_algo(passphrase, passphrase_len, passphrase_hash, gpg_passphrase_digest); 583 if (r) { 584 return debug_logerr(LLOG_ERROR, ERR_DIGEST, "passphrase hash"); 585 } 586 587 // Decrypt the private key data from the store 588 // with the provided passphrase and the extracted nonce. 589 nonce = in; 590 p = (char*)in + CHACHA20_NONCE_LENGTH_BYTES; 591 in_len -= CHACHA20_NONCE_LENGTH_BYTES; 592 r = decryptb(out, p, in_len, passphrase_hash, nonce); 593 if (r) { 594 return ERR_KEY_UNLOCK; 595 } 596 597 // Attempt to parse and instantiate the key from the decrypted data. 598 out_len = (size_t)(*((int*)out)); 599 p = (char*)(out+sizeof(int)); 600 r = key_from_data(&gpg->k, p, out_len); 601 if (r) { 602 return ERR_KEYFAIL; 603 } 604 605 return ERR_OK; 606 } 607 608 static int gpg_key_load(struct gpg_store *gpg, const char *passphrase, size_t passphrase_len, enum gpg_find_mode_e mode, const void *criteria) { 609 int r; 610 611 switch(mode) { 612 case GPG_FIND_MAIN: 613 r = key_from_store(gpg, passphrase, passphrase_len); 614 if (r) { 615 return debug_logerr(LLOG_WARNING, ERR_KEYFILE, "default key not found"); 616 } 617 break; 618 case GPG_FIND_ORCREATE: 619 r = key_from_store(gpg, passphrase, passphrase_len); 620 if (r == ERR_OK) { 621 break; 622 } 623 // if no key could be loaded, attempt to create one. 624 if (!lq_cmp(gpg_fingerprint_zero, gpg->fingerprint, LQ_FP_LEN)) { 625 debug(LLOG_DEBUG, "gpg", "default private key not found, attempting create new"); 626 r = key_create_store(gpg, passphrase, passphrase_len); 627 if (r) { 628 return debug_logerr(LLOG_WARNING, ERR_KEYFILE, "create key when no default found"); 629 } 630 } 631 break; 632 case GPG_FIND_FINGERPRINT: 633 r = key_from_store(gpg, passphrase, passphrase_len); 634 if (r) { 635 return debug_logerr(LLOG_WARNING, ERR_KEYFILE, "fingerprint key not found"); 636 } 637 break; 638 default: 639 return debug_logerr(LLOG_WARNING, ERR_FAIL, NULL); 640 } 641 642 r = key_apply_public(gpg); 643 if (r) { 644 return debug_logerr(LLOG_ERROR, ERR_KEYFAIL, "apply public key"); 645 } 646 debug_x(LLOG_INFO, "gpg", "loaded private key", 1, MORGEL_TYP_BIN, LQ_FP_LEN, "fingerprint", gpg->fingerprint); 647 648 return ERR_OK; 649 } 650 651 652 /// Implements the interface to load a private key from storage. 653 LQPrivKey* lq_privatekey_load(const char *passphrase, size_t passphrase_len, const char *fingerprint) { 654 LQPrivKey *pk; 655 enum gpg_find_mode_e m; 656 struct gpg_store *gpg; 657 int r; 658 659 pk = lq_alloc(sizeof(LQPrivKey)); 660 if (pk == NULL) { 661 debug_logerr(LLOG_ERROR, ERR_KEYFAIL, "allocate object"); 662 return NULL; 663 } 664 pk->impl = (struct gpg_store*)lq_alloc(sizeof(struct gpg_store)); 665 if (pk->impl == NULL) { 666 lq_free(pk); 667 debug_logerr(LLOG_ERROR, ERR_KEYFAIL, "allocate internal structure"); 668 return NULL; 669 } 670 lq_zero(pk->impl, sizeof(struct gpg_store)); 671 gpg = (struct gpg_store*)pk->impl; 672 m = GPG_FIND_ORCREATE; 673 if (fingerprint != NULL) { 674 lq_cpy(gpg->fingerprint, fingerprint, LQ_FP_LEN); 675 m = GPG_FIND_FINGERPRINT; 676 } 677 r = gpg_key_load(gpg, passphrase, passphrase_len, m, NULL); 678 if (r) { 679 lq_free(pk->impl); 680 lq_free(pk); 681 debug_logerr(LLOG_ERROR, ERR_KEYFAIL, "key load fail"); 682 return NULL; 683 } 684 pk->key_typ = GPG_KEY_TYP; 685 pk->key_state = LQ_KEY_INIT; 686 687 return pk; 688 } 689 690 size_t lq_publickey_bytes(LQPubKey *pubk, char **out) { 691 struct gpg_store *gpg; 692 693 gpg = (struct gpg_store*)pubk->impl; 694 *out = gpg->public_key; 695 return LQ_PUBKEY_LEN; 696 } 697 698 int lq_privatekey_lock(LQPrivKey *pk, const char *passphrase, size_t passphrase_len) { 699 if (pk == NULL) { 700 return ERR_INIT; 701 } 702 if ((pk->key_state & LQ_KEY_LOCK) > 0) { 703 return ERR_NOOP; 704 } 705 pk->key_state |= LQ_KEY_LOCK; 706 return ERR_OK; 707 } 708 709 int lq_privatekey_unlock(LQPrivKey *pk, const char *passphrase, size_t passphrase_len) { 710 char b; 711 712 if (pk == NULL) { 713 return ERR_INIT; 714 } 715 if ((pk->key_state & LQ_KEY_LOCK) == 0) { 716 return ERR_NOOP; 717 } 718 b = LQ_KEY_LOCK; 719 pk->key_state &= ~b; 720 return ERR_OK; 721 } 722 723 // SIGNATURE SECTION 724 // 725 //int sign_with(struct gpg_store *gpg, char *data, size_t data_len, const char *passphrase, const char *fingerprint) { 726 // int r; 727 // size_t c; 728 // gcry_sexp_t pnt; 729 // gcry_sexp_t msg; 730 // gcry_sexp_t sig; 731 // gcry_error_t e; 732 // char *p; 733 // 734 // 735 // if (fingerprint == NULL) { 736 // r = gpg_key_load(gpg, passphrase, KEE_GPG_FIND_MAIN, NULL); 737 // } else { 738 // r = gpg_key_load(gpg, passphrase, KEE_GPG_FIND_FINGERPRINT, fingerprint); 739 // } 740 // if (r) { 741 // return 1; 742 // } 743 // 744 // c = 0; 745 // e = gcry_sexp_build(&msg, &c, "(data(flags eddsa)(hash-algo sha512)(value %b))", 64, gpg->last_data); 746 // if (e != GPG_ERR_NO_ERROR) { 747 // return 1; 748 // } 749 //} 750 751 static int sign(struct gpg_store *gpg, const char *data, size_t data_len, const char *salt) { 752 int r; 753 size_t c; 754 char *p; 755 gcry_sexp_t pnt; 756 gcry_sexp_t msg; 757 gcry_sexp_t sig; 758 gcry_error_t e; 759 760 lq_zero(&e, sizeof(gcry_error_t)); 761 r = calculate_digest_algo(data, data_len, gpg->last_data, GCRY_MD_SHA512); 762 if (r) { 763 return 1; 764 } 765 766 c = 0; 767 e = gcry_sexp_build(&msg, &c, "(data(flags eddsa)(hash-algo sha512)(value %b))", 64, gpg->last_data); 768 if (e != GPG_ERR_NO_ERROR) { 769 return 1; 770 } 771 772 e = gcry_pk_sign(&sig, msg, gpg->k); 773 if (e != GPG_ERR_NO_ERROR) { 774 gcry_sexp_release(msg); 775 return 1; 776 } 777 778 // retrieve r and write it 779 pnt = NULL; 780 pnt = gcry_sexp_find_token(sig, "r", 1); 781 if (pnt == NULL) { 782 gcry_sexp_release(sig); 783 gcry_sexp_release(msg); 784 return ERR_FAIL; 785 } 786 c = LQ_POINT_LEN; 787 p = (char*)gcry_sexp_nth_data(pnt, 1, &c); 788 if (p == NULL) { 789 gcry_sexp_release(pnt); 790 gcry_sexp_release(sig); 791 gcry_sexp_release(msg); 792 return ERR_SIGVALID; 793 } 794 lq_cpy(gpg->last_signature, p, c); 795 796 // retrieve s and write it 797 gcry_sexp_release(pnt); 798 pnt = NULL; 799 pnt = gcry_sexp_find_token(sig, "s", 1); 800 if (pnt == NULL) { 801 gcry_sexp_release(sig); 802 gcry_sexp_release(msg); 803 return ERR_FAIL; 804 } 805 c = LQ_POINT_LEN; 806 p = (char*)gcry_sexp_nth_data(pnt, 1, &c); 807 if (p == NULL) { 808 gcry_sexp_release(pnt); 809 gcry_sexp_release(sig); 810 gcry_sexp_release(msg); 811 return ERR_SIGVALID; 812 } 813 lq_cpy(gpg->last_signature + LQ_POINT_LEN, p, c); 814 gcry_sexp_release(pnt); 815 gcry_sexp_release(sig); 816 gcry_sexp_release(msg); 817 818 return ERR_OK; 819 } 820 821 LQSig* lq_privatekey_sign(LQPrivKey *pk, const char *data, size_t data_len, const char *salt) { 822 int r; 823 struct gpg_store *gpg; 824 LQSig *sig; 825 char digest[LQ_DIGEST_LEN]; 826 827 if ((pk->key_state & LQ_KEY_LOCK) > 0) { 828 return NULL; 829 } 830 831 lq_digest(data, strlen(data), (char*)digest); 832 gpg = (struct gpg_store*)pk->impl; 833 834 r = sign(gpg, digest, LQ_DIGEST_LEN, salt); 835 if (r != ERR_OK) { 836 return NULL; 837 } 838 839 sig = lq_alloc(sizeof(LQSig)); 840 sig->pubkey = lq_publickey_from_privatekey(pk); 841 if (sig->pubkey == NULL) { 842 lq_signature_free(sig); 843 return NULL; 844 } 845 sig->impl = lq_alloc(LQ_SIGN_LEN); 846 lq_cpy(sig->impl, gpg->last_signature, LQ_SIGN_LEN); 847 return sig; 848 } 849 850 LQSig* lq_signature_from_bytes(const char *sig_data, size_t sig_len, LQPubKey *pubkey) { 851 LQSig *sig; 852 853 sig = lq_alloc(sizeof(LQSig)); 854 lq_zero(sig, sizeof(LQSig)); 855 sig->impl = lq_alloc(sizeof(LQ_SIGN_LEN)); 856 lq_cpy(sig->impl, sig_data, sig_len); 857 return sig; 858 } 859 860 size_t lq_signature_bytes(LQSig *sig, char **out) { 861 *out = sig->impl; 862 return LQ_SIGN_LEN; 863 } 864 865 int lq_signature_verify(LQSig *sig, const char *data, size_t data_len) { 866 int r; 867 size_t c; 868 gcry_mpi_t sig_r; 869 gcry_mpi_t sig_s; 870 gcry_error_t err; 871 gcry_sexp_t sigx; 872 gcry_sexp_t msgx; 873 gcry_sexp_t pubkey; 874 struct gpg_store *gpg; 875 char digest[LQ_DIGEST_LEN]; 876 877 if (sig->pubkey == NULL) { 878 return ERR_NOENT; 879 } 880 881 gpg = (struct gpg_store*)sig->pubkey->impl; 882 c = 0; 883 err = gcry_sexp_build(&pubkey, &c, "(key-data(public-key(ecc(curve Ed25519)(q %b))))", LQ_PUBKEY_LEN, gpg->public_key); 884 if (err != GPG_ERR_NO_ERROR) { 885 return ERR_KEYFAIL; 886 } 887 888 c = 0; 889 err = gcry_mpi_scan(&sig_r, GCRYMPI_FMT_STD, sig->impl, LQ_POINT_LEN, &c); 890 if (err != GPG_ERR_NO_ERROR) { 891 gcry_sexp_release(pubkey); 892 return ERR_KEYFAIL; 893 } 894 if (c != 32) { 895 gcry_mpi_release(sig_r); 896 gcry_sexp_release(pubkey); 897 return ERR_KEYFAIL; 898 } 899 900 c = 0; 901 err = gcry_mpi_scan(&sig_s, GCRYMPI_FMT_STD, sig->impl + LQ_POINT_LEN, LQ_POINT_LEN, &c); 902 if (err != GPG_ERR_NO_ERROR) { 903 gcry_mpi_release(sig_r); 904 gcry_sexp_release(pubkey); 905 return ERR_KEYFAIL; 906 } 907 if (c != 32) { 908 gcry_mpi_release(sig_s); 909 gcry_mpi_release(sig_r); 910 gcry_sexp_release(pubkey); 911 return ERR_KEYFAIL; 912 } 913 914 c = 0; 915 err = gcry_sexp_build(&sigx, &c, "(sig-val(eddsa(r %m)(s %m)))", sig_r, sig_s); 916 if (err != GPG_ERR_NO_ERROR) { 917 gcry_mpi_release(sig_s); 918 gcry_mpi_release(sig_r); 919 gcry_sexp_release(pubkey); 920 return ERR_SIGFAIL; 921 } 922 gcry_mpi_release(sig_s); 923 gcry_mpi_release(sig_r); 924 925 r = calculate_digest_algo(data, data_len, digest, GCRY_MD_SHA512); 926 if (r) { 927 gcry_sexp_release(sigx); 928 gcry_sexp_release(pubkey); 929 return ERR_DIGEST; 930 } 931 932 c = 0; 933 err = gcry_sexp_build(&msgx, &c, "(data(flags eddsa)(hash-algo sha512)(value %b))", LQ_DIGEST_LEN, digest); 934 if (err != GPG_ERR_NO_ERROR) { 935 gcry_sexp_release(sigx); 936 gcry_sexp_release(pubkey); 937 return ERR_DIGEST; 938 } 939 940 err = gcry_pk_verify(sigx, msgx, pubkey); 941 if (err != GPG_ERR_NO_ERROR) { 942 gcry_sexp_release(msgx); 943 gcry_sexp_release(sigx); 944 gcry_sexp_release(pubkey); 945 return ERR_SIGVALID; 946 } 947 948 gcry_sexp_release(msgx); 949 gcry_sexp_release(sigx); 950 gcry_sexp_release(pubkey); 951 952 return ERR_OK; 953 } 954 955 void lq_privatekey_free(LQPrivKey *pk) { 956 struct gpg_store *gpg; 957 958 gpg = (struct gpg_store*)pk->impl; 959 gcry_sexp_release(gpg->k); 960 lq_free(pk->impl); 961 lq_free(pk); 962 } 963 964 void lq_publickey_free(LQPubKey *pubk) { 965 struct gpg_store *gpg; 966 967 gpg = (struct gpg_store*)pubk->impl; 968 gcry_sexp_release(gpg->k); 969 lq_free(pubk->impl); 970 lq_free(pubk); 971 } 972 973 void lq_signature_free(LQSig *sig) { 974 if (sig->pubkey != NULL) { 975 lq_publickey_free(sig->pubkey); 976 } 977 lq_free(sig); 978 } 979 980 LQPubKey* lq_publickey_from_privatekey(LQPrivKey *pk) { 981 struct gpg_store *gpg; 982 LQPubKey *pubk; 983 984 gpg = (struct gpg_store*)pk->impl; 985 pubk = lq_publickey_new(gpg->public_key); 986 987 return pubk; 988 } 989 990 LQPubKey* lq_publickey_new(const char *full) { 991 const char *p; 992 const char *r; 993 gcry_error_t e; 994 size_t c; 995 LQPubKey *pubk; 996 struct gpg_store *gpg; 997 998 pubk = lq_alloc(sizeof(LQPubKey)); 999 gpg = lq_alloc(sizeof(struct gpg_store)); 1000 1001 lq_zero(gpg, sizeof(struct gpg_store)); 1002 c = 0; 1003 e = gcry_sexp_build(&gpg->k, &c, "(key-data(public-key(ecc(curve Ed25519)(q %b))))", LQ_PUBKEY_LEN, full); 1004 if (e != GPG_ERR_NO_ERROR) { 1005 p = gcry_strerror(e); 1006 debug_logerr(LLOG_DEBUG, ERR_KEYFAIL, (char*)p); 1007 return NULL; 1008 } 1009 lq_cpy(gpg->public_key, full, LQ_PUBKEY_LEN); 1010 1011 r = (char*)gcry_pk_get_keygrip(gpg->k, (unsigned char*)gpg->fingerprint); 1012 if (r == NULL) { 1013 debug_logerr(LLOG_ERROR, ERR_KEYFAIL, "fingerprint fail"); 1014 return NULL; 1015 } 1016 1017 pubk->impl = (void*)gpg; 1018 pubk->key_typ = GPG_KEY_TYP; 1019 pubk->pk = NULL; 1020 1021 return pubk; 1022 } 1023 1024 size_t lq_publickey_fingerprint(LQPubKey* pubk, char **out) { 1025 struct gpg_store *gpg; 1026 1027 gpg = (struct gpg_store*)pubk->impl; 1028 *out = gpg->fingerprint; 1029 return LQ_FP_LEN; 1030 } 1031 1032 void lq_crypto_free() { 1033 //lq_store_free((void*)gpg_key_store); 1034 gpg_key_store->free(gpg_key_store); 1035 gpg_key_store = NULL; 1036 gpg_version = NULL; 1037 } 1038 1039 #endif