Rename key_pair to keypair_t, avoid using excess memory on client.c, removing using sizeof(uint8_t)

This commit is contained in:
Night Kaly 2024-09-20 17:16:17 +01:00
parent e50093283f
commit d22dfa1561
Signed by: night0721
GPG key ID: 957D67B8DB7A119B
3 changed files with 29 additions and 36 deletions

View file

@ -12,7 +12,7 @@ int sockfd;
/* /*
* Authenticate with server by signing a challenge * Authenticate with server by signing a challenge
*/ */
int authenticate_server(key_pair *kp) int authenticate_server(keypair_t *kp)
{ {
packet_t server_auth_pkt; packet_t server_auth_pkt;
int status; int status;
@ -21,27 +21,22 @@ int authenticate_server(key_pair *kp)
} }
uint8_t *challenge = server_auth_pkt.data; uint8_t *challenge = server_auth_pkt.data;
uint8_t *sig = memalloc(SIGN_SIZE * sizeof(uint8_t)); uint8_t *sig = memalloc(SIGN_SIZE);
crypto_sign_detached(sig, NULL, challenge, CHALLENGE_SIZE, kp->sk.bin); crypto_sign_detached(sig, NULL, challenge, CHALLENGE_SIZE, kp->sk.raw);
uint8_t *pk_content = memalloc(PK_SIZE); uint8_t *pk_full = memalloc(PK_SIZE);
memcpy(pk_content, kp->pk.bin, PK_BIN_SIZE); memcpy(pk_full, kp->pk.full, PK_SIZE);
memcpy(pk_content + PK_BIN_SIZE, kp->pk.username, MAX_NAME);
memcpy(pk_content + PK_BIN_SIZE + MAX_NAME, &kp->pk.creation, TIME_SIZE);
memcpy(pk_content + PK_BIN_SIZE + METADATA_SIZE, kp->pk.signature, SIGN_SIZE);
packet_t *auth_pkt = create_packet(1, ZSM_TYP_AUTH, SIGN_SIZE, pk_content, sig); packet_t *auth_pkt = create_packet(1, ZSM_TYP_AUTH, SIGN_SIZE, pk_full, sig);
if (send_packet(auth_pkt, sockfd) != ZSM_STA_SUCCESS) { if ((status = send_packet(auth_pkt, sockfd)) != ZSM_STA_SUCCESS) {
/* fd already closed */ /* fd already closed */
error(0, "Could not authenticate with server"); error(0, "Could not authenticate with server, status: %d", status);
free(sig);
free_packet(auth_pkt); free_packet(auth_pkt);
return ZSM_STA_ERROR_AUTHENTICATE; return ZSM_STA_ERROR_AUTHENTICATE;
} }
free_packet(auth_pkt); free_packet(auth_pkt);
packet_t response; status = recv_packet(auth_pkt, sockfd, ZSM_TYP_INFO);
status = recv_packet(&response, sockfd, ZSM_TYP_INFO);
return (response.status == ZSM_STA_AUTHORISED ? ZSM_STA_SUCCESS : ZSM_STA_ERROR_AUTHENTICATE); return (response.status == ZSM_STA_AUTHORISED ? ZSM_STA_SUCCESS : ZSM_STA_ERROR_AUTHENTICATE);
} }
@ -59,7 +54,7 @@ void *ui_worker(void *arg)
*/ */
void *receive_worker(void *arg) void *receive_worker(void *arg)
{ {
key_pair *kp = (key_pair *) arg; keypair_t *kp = (keypair_t *) arg;
while (1) { while (1) {
packet_t pkt; packet_t pkt;
@ -81,12 +76,12 @@ void *receive_worker(void *arg)
memcpy(nonce, pkt.data + MAX_NAME * 2, NONCE_SIZE); memcpy(nonce, pkt.data + MAX_NAME * 2, NONCE_SIZE);
memcpy(encrypted, pkt.data + MAX_NAME * 2 + NONCE_SIZE, cipher_len); memcpy(encrypted, pkt.data + MAX_NAME * 2 + NONCE_SIZE, cipher_len);
key_pair *kp_from = get_key_pair(from); keypair_t *kp_from = get_keypair(from);
key_pair *kp_to = get_key_pair(to); keypair_t *kp_to = get_keypair(to);
uint8_t shared_key[SHARED_SIZE]; uint8_t shared_key[SHARED_KEY_SIZE];
if (crypto_kx_client_session_keys(shared_key, NULL, kp_from->pk.bin, if (crypto_kx_client_session_keys(shared_key, NULL, kp_from->pk.raw,
kp_from->sk.bin, kp_to->pk.bin) != 0) { kp_from->sk.raw, kp_to->pk.raw) != 0) {
/* Suspicious server public key, bail out */ /* Suspicious server public key, bail out */
error(0, "Error performing key exchange"); error(0, "Error performing key exchange");
} }
@ -150,10 +145,10 @@ int main()
write_log(LOG_INFO, "Connected to server at %s\n", DOMAIN); write_log(LOG_INFO, "Connected to server at %s\n", DOMAIN);
/* /*
key_pair *kpp = create_key_pair("palanix"); keypair_t *kpp = create_keypair("palanix");
key_pair *kpn = create_key_pair("night"); keypair_t *kpn = create_keypair("night");
*/ */
key_pair *kp = get_key_pair(USERNAME); keypair_t *kp = get_keypair(USERNAME);
if (authenticate_server(kp) != ZSM_STA_SUCCESS) { if (authenticate_server(kp) != ZSM_STA_SUCCESS) {
/* Fatal */ /* Fatal */

View file

@ -494,14 +494,14 @@ void send_message()
{ {
uint8_t *recipient = users->items[current_selection].name; uint8_t *recipient = users->items[current_selection].name;
key_pair *kp_from = get_key_pair(USERNAME); keypair_t *kp_from = get_keypair(USERNAME);
key_pair *kp_to = get_key_pair(recipient); keypair_t *kp_to = get_keypair(recipient);
int status = ZSM_STA_SUCCESS; int status = ZSM_STA_SUCCESS;
uint8_t shared_key[SHARED_SIZE]; uint8_t shared_key[SHARED_KEY_SIZE];
if (crypto_kx_client_session_keys(shared_key, NULL, kp_from->pk.bin, if (crypto_kx_client_session_keys(shared_key, NULL, kp_from->pk.raw,
kp_from->sk.bin, kp_to->pk.bin) != 0) { kp_from->sk.raw, kp_to->pk.raw) != 0) {
/* Recipient public key is suspicious */ /* Recipient public key is suspicious */
error(0, "Error performing key exchange"); error(0, "Error performing key exchange");
} }

View file

@ -28,7 +28,7 @@ void *thread_worker(void *arg);
int authenticate_client(int clientfd, uint8_t *username) int authenticate_client(int clientfd, uint8_t *username)
{ {
/* Create a challenge */ /* Create a challenge */
uint8_t *challenge = memalloc(CHALLENGE_SIZE * sizeof(uint8_t)); uint8_t *challenge = memalloc(CHALLENGE_SIZE);
randombytes_buf(challenge, CHALLENGE_SIZE); randombytes_buf(challenge, CHALLENGE_SIZE);
/* Sending fake signature as structure requires it */ /* Sending fake signature as structure requires it */
@ -37,10 +37,7 @@ int authenticate_client(int clientfd, uint8_t *username)
packet_t *auth_pkt = create_packet(1, ZSM_TYP_AUTH, CHALLENGE_SIZE, packet_t *auth_pkt = create_packet(1, ZSM_TYP_AUTH, CHALLENGE_SIZE,
challenge, fake_sig); challenge, fake_sig);
if (send_packet(auth_pkt, clientfd) != ZSM_STA_SUCCESS) { if (send_packet(auth_pkt, clientfd) != ZSM_STA_SUCCESS) {
/* fd already closed */
error(0, "Could not authenticate client"); error(0, "Could not authenticate client");
free(challenge);
free_packet(auth_pkt);
goto failure; goto failure;
} }
free(fake_sig); free(fake_sig);
@ -53,11 +50,12 @@ int authenticate_client(int clientfd, uint8_t *username)
goto failure; goto failure;
} }
uint8_t pk_bin[PK_BIN_SIZE], pk_username[MAX_NAME]; uint8_t pk_bin[PK_RAW_SIZE], pk_username[MAX_NAME];
memcpy(pk_bin, client_auth_pkt.data, PK_BIN_SIZE); memcpy(pk_bin, client_auth_pkt.data, PK_RAW_SIZE);
memcpy(pk_username, client_auth_pkt.data + PK_BIN_SIZE, MAX_NAME); memcpy(pk_username, client_auth_pkt.data + PK_RAW_SIZE, MAX_NAME);
if (crypto_sign_verify_detached(client_auth_pkt.signature, challenge, CHALLENGE_SIZE, pk_bin) != 0) { if (crypto_sign_verify_detached(client_auth_pkt.signature, challenge, CHALLENGE_SIZE, pk_bin) != 0) {
free_packet(auth_pkt);
error(0, "Incorrect signature, could not authenticate client"); error(0, "Incorrect signature, could not authenticate client");
free(client_auth_pkt.data); free(client_auth_pkt.data);
goto failure; goto failure;