Rename key_pair to keypair_t, avoid using excess memory on client.c, removing using sizeof(uint8_t)
This commit is contained in:
parent
e50093283f
commit
d22dfa1561
GPG key ID:
957D67B8DB7A119B
3 changed files with 29 additions and 36 deletions
|
|
@ -12,7 +12,7 @@ int sockfd;
|
||||||
/*
|
/*
|
||||||
* Authenticate with server by signing a challenge
|
* Authenticate with server by signing a challenge
|
||||||
*/
|
*/
|
||||||
int authenticate_server(key_pair *kp)
|
int authenticate_server(keypair_t *kp)
|
||||||
{
|
{
|
||||||
packet_t server_auth_pkt;
|
packet_t server_auth_pkt;
|
||||||
int status;
|
int status;
|
||||||
|
|
@ -21,27 +21,22 @@ int authenticate_server(key_pair *kp)
|
||||||
}
|
}
|
||||||
uint8_t *challenge = server_auth_pkt.data;
|
uint8_t *challenge = server_auth_pkt.data;
|
||||||
|
|
||||||
uint8_t *sig = memalloc(SIGN_SIZE * sizeof(uint8_t));
|
uint8_t *sig = memalloc(SIGN_SIZE);
|
||||||
crypto_sign_detached(sig, NULL, challenge, CHALLENGE_SIZE, kp->sk.bin);
|
crypto_sign_detached(sig, NULL, challenge, CHALLENGE_SIZE, kp->sk.raw);
|
||||||
|
|
||||||
uint8_t *pk_content = memalloc(PK_SIZE);
|
|
||||||
memcpy(pk_content, kp->pk.bin, PK_BIN_SIZE);
|
|
||||||
memcpy(pk_content + PK_BIN_SIZE, kp->pk.username, MAX_NAME);
|
|
||||||
memcpy(pk_content + PK_BIN_SIZE + MAX_NAME, &kp->pk.creation, TIME_SIZE);
|
|
||||||
memcpy(pk_content + PK_BIN_SIZE + METADATA_SIZE, kp->pk.signature, SIGN_SIZE);
|
|
||||||
|
|
||||||
packet_t *auth_pkt = create_packet(1, ZSM_TYP_AUTH, SIGN_SIZE, pk_content, sig);
|
uint8_t *pk_full = memalloc(PK_SIZE);
|
||||||
if (send_packet(auth_pkt, sockfd) != ZSM_STA_SUCCESS) {
|
memcpy(pk_full, kp->pk.full, PK_SIZE);
|
||||||
|
|
||||||
|
packet_t *auth_pkt = create_packet(1, ZSM_TYP_AUTH, SIGN_SIZE, pk_full, sig);
|
||||||
|
if ((status = send_packet(auth_pkt, sockfd)) != ZSM_STA_SUCCESS) {
|
||||||
/* fd already closed */
|
/* fd already closed */
|
||||||
error(0, "Could not authenticate with server");
|
error(0, "Could not authenticate with server, status: %d", status);
|
||||||
free(sig);
|
|
||||||
free_packet(auth_pkt);
|
free_packet(auth_pkt);
|
||||||
return ZSM_STA_ERROR_AUTHENTICATE;
|
return ZSM_STA_ERROR_AUTHENTICATE;
|
||||||
}
|
}
|
||||||
|
|
||||||
free_packet(auth_pkt);
|
free_packet(auth_pkt);
|
||||||
packet_t response;
|
status = recv_packet(auth_pkt, sockfd, ZSM_TYP_INFO);
|
||||||
status = recv_packet(&response, sockfd, ZSM_TYP_INFO);
|
|
||||||
return (response.status == ZSM_STA_AUTHORISED ? ZSM_STA_SUCCESS : ZSM_STA_ERROR_AUTHENTICATE);
|
return (response.status == ZSM_STA_AUTHORISED ? ZSM_STA_SUCCESS : ZSM_STA_ERROR_AUTHENTICATE);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -59,7 +54,7 @@ void *ui_worker(void *arg)
|
||||||
*/
|
*/
|
||||||
void *receive_worker(void *arg)
|
void *receive_worker(void *arg)
|
||||||
{
|
{
|
||||||
key_pair *kp = (key_pair *) arg;
|
keypair_t *kp = (keypair_t *) arg;
|
||||||
|
|
||||||
while (1) {
|
while (1) {
|
||||||
packet_t pkt;
|
packet_t pkt;
|
||||||
|
|
@ -81,12 +76,12 @@ void *receive_worker(void *arg)
|
||||||
memcpy(nonce, pkt.data + MAX_NAME * 2, NONCE_SIZE);
|
memcpy(nonce, pkt.data + MAX_NAME * 2, NONCE_SIZE);
|
||||||
memcpy(encrypted, pkt.data + MAX_NAME * 2 + NONCE_SIZE, cipher_len);
|
memcpy(encrypted, pkt.data + MAX_NAME * 2 + NONCE_SIZE, cipher_len);
|
||||||
|
|
||||||
key_pair *kp_from = get_key_pair(from);
|
keypair_t *kp_from = get_keypair(from);
|
||||||
key_pair *kp_to = get_key_pair(to);
|
keypair_t *kp_to = get_keypair(to);
|
||||||
|
|
||||||
uint8_t shared_key[SHARED_SIZE];
|
uint8_t shared_key[SHARED_KEY_SIZE];
|
||||||
if (crypto_kx_client_session_keys(shared_key, NULL, kp_from->pk.bin,
|
if (crypto_kx_client_session_keys(shared_key, NULL, kp_from->pk.raw,
|
||||||
kp_from->sk.bin, kp_to->pk.bin) != 0) {
|
kp_from->sk.raw, kp_to->pk.raw) != 0) {
|
||||||
/* Suspicious server public key, bail out */
|
/* Suspicious server public key, bail out */
|
||||||
error(0, "Error performing key exchange");
|
error(0, "Error performing key exchange");
|
||||||
}
|
}
|
||||||
|
|
@ -150,10 +145,10 @@ int main()
|
||||||
write_log(LOG_INFO, "Connected to server at %s\n", DOMAIN);
|
write_log(LOG_INFO, "Connected to server at %s\n", DOMAIN);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
key_pair *kpp = create_key_pair("palanix");
|
keypair_t *kpp = create_keypair("palanix");
|
||||||
key_pair *kpn = create_key_pair("night");
|
keypair_t *kpn = create_keypair("night");
|
||||||
*/
|
*/
|
||||||
key_pair *kp = get_key_pair(USERNAME);
|
keypair_t *kp = get_keypair(USERNAME);
|
||||||
|
|
||||||
if (authenticate_server(kp) != ZSM_STA_SUCCESS) {
|
if (authenticate_server(kp) != ZSM_STA_SUCCESS) {
|
||||||
/* Fatal */
|
/* Fatal */
|
||||||
|
|
|
||||||
|
|
@ -494,14 +494,14 @@ void send_message()
|
||||||
{
|
{
|
||||||
uint8_t *recipient = users->items[current_selection].name;
|
uint8_t *recipient = users->items[current_selection].name;
|
||||||
|
|
||||||
key_pair *kp_from = get_key_pair(USERNAME);
|
keypair_t *kp_from = get_keypair(USERNAME);
|
||||||
key_pair *kp_to = get_key_pair(recipient);
|
keypair_t *kp_to = get_keypair(recipient);
|
||||||
|
|
||||||
int status = ZSM_STA_SUCCESS;
|
int status = ZSM_STA_SUCCESS;
|
||||||
|
|
||||||
uint8_t shared_key[SHARED_SIZE];
|
uint8_t shared_key[SHARED_KEY_SIZE];
|
||||||
if (crypto_kx_client_session_keys(shared_key, NULL, kp_from->pk.bin,
|
if (crypto_kx_client_session_keys(shared_key, NULL, kp_from->pk.raw,
|
||||||
kp_from->sk.bin, kp_to->pk.bin) != 0) {
|
kp_from->sk.raw, kp_to->pk.raw) != 0) {
|
||||||
/* Recipient public key is suspicious */
|
/* Recipient public key is suspicious */
|
||||||
error(0, "Error performing key exchange");
|
error(0, "Error performing key exchange");
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -28,7 +28,7 @@ void *thread_worker(void *arg);
|
||||||
int authenticate_client(int clientfd, uint8_t *username)
|
int authenticate_client(int clientfd, uint8_t *username)
|
||||||
{
|
{
|
||||||
/* Create a challenge */
|
/* Create a challenge */
|
||||||
uint8_t *challenge = memalloc(CHALLENGE_SIZE * sizeof(uint8_t));
|
uint8_t *challenge = memalloc(CHALLENGE_SIZE);
|
||||||
randombytes_buf(challenge, CHALLENGE_SIZE);
|
randombytes_buf(challenge, CHALLENGE_SIZE);
|
||||||
|
|
||||||
/* Sending fake signature as structure requires it */
|
/* Sending fake signature as structure requires it */
|
||||||
|
|
@ -37,10 +37,7 @@ int authenticate_client(int clientfd, uint8_t *username)
|
||||||
packet_t *auth_pkt = create_packet(1, ZSM_TYP_AUTH, CHALLENGE_SIZE,
|
packet_t *auth_pkt = create_packet(1, ZSM_TYP_AUTH, CHALLENGE_SIZE,
|
||||||
challenge, fake_sig);
|
challenge, fake_sig);
|
||||||
if (send_packet(auth_pkt, clientfd) != ZSM_STA_SUCCESS) {
|
if (send_packet(auth_pkt, clientfd) != ZSM_STA_SUCCESS) {
|
||||||
/* fd already closed */
|
|
||||||
error(0, "Could not authenticate client");
|
error(0, "Could not authenticate client");
|
||||||
free(challenge);
|
|
||||||
free_packet(auth_pkt);
|
|
||||||
goto failure;
|
goto failure;
|
||||||
}
|
}
|
||||||
free(fake_sig);
|
free(fake_sig);
|
||||||
|
|
@ -53,11 +50,12 @@ int authenticate_client(int clientfd, uint8_t *username)
|
||||||
goto failure;
|
goto failure;
|
||||||
}
|
}
|
||||||
|
|
||||||
uint8_t pk_bin[PK_BIN_SIZE], pk_username[MAX_NAME];
|
uint8_t pk_bin[PK_RAW_SIZE], pk_username[MAX_NAME];
|
||||||
memcpy(pk_bin, client_auth_pkt.data, PK_BIN_SIZE);
|
memcpy(pk_bin, client_auth_pkt.data, PK_RAW_SIZE);
|
||||||
memcpy(pk_username, client_auth_pkt.data + PK_BIN_SIZE, MAX_NAME);
|
memcpy(pk_username, client_auth_pkt.data + PK_RAW_SIZE, MAX_NAME);
|
||||||
|
|
||||||
if (crypto_sign_verify_detached(client_auth_pkt.signature, challenge, CHALLENGE_SIZE, pk_bin) != 0) {
|
if (crypto_sign_verify_detached(client_auth_pkt.signature, challenge, CHALLENGE_SIZE, pk_bin) != 0) {
|
||||||
|
free_packet(auth_pkt);
|
||||||
error(0, "Incorrect signature, could not authenticate client");
|
error(0, "Incorrect signature, could not authenticate client");
|
||||||
free(client_auth_pkt.data);
|
free(client_auth_pkt.data);
|
||||||
goto failure;
|
goto failure;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue