Rename key_pair to keypair_t, avoid using excess memory on client.c, removing using sizeof(uint8_t)

2024-09-20 17:16:17 +01:00 · 2024-09-20 17:16:17 +01:00 · d22dfa1561
commit d22dfa1561
parent e50093283f
3 changed files with 29 additions and 36 deletions
--- a/src/client/client.c
+++ b/src/client/client.c
@ -12,7 +12,7 @@ int sockfd;
 /*
 * Authenticate with server by signing a challenge
 */
-int authenticate_server(key_pair *kp)
+int authenticate_server(keypair_t *kp)
 {
    packet_t server_auth_pkt;
    int status;
@ -21,27 +21,22 @@ int authenticate_server(key_pair *kp)
    }
    uint8_t *challenge = server_auth_pkt.data;
    
-    uint8_t *sig = memalloc(SIGN_SIZE * sizeof(uint8_t));
-    crypto_sign_detached(sig, NULL, challenge, CHALLENGE_SIZE, kp->sk.bin);
-	
-	uint8_t *pk_content = memalloc(PK_SIZE);
-	memcpy(pk_content, kp->pk.bin, PK_BIN_SIZE);
-	memcpy(pk_content + PK_BIN_SIZE, kp->pk.username, MAX_NAME);
-	memcpy(pk_content + PK_BIN_SIZE + MAX_NAME, &kp->pk.creation, TIME_SIZE);
-	memcpy(pk_content + PK_BIN_SIZE + METADATA_SIZE, kp->pk.signature, SIGN_SIZE);
+    uint8_t *sig = memalloc(SIGN_SIZE);
+    crypto_sign_detached(sig, NULL, challenge, CHALLENGE_SIZE, kp->sk.raw);

-    packet_t *auth_pkt = create_packet(1, ZSM_TYP_AUTH, SIGN_SIZE, pk_content, sig);
-    if (send_packet(auth_pkt, sockfd) != ZSM_STA_SUCCESS) {
+	uint8_t *pk_full = memalloc(PK_SIZE);
+	memcpy(pk_full, kp->pk.full, PK_SIZE);
+
+    packet_t *auth_pkt = create_packet(1, ZSM_TYP_AUTH, SIGN_SIZE, pk_full, sig);
+    if ((status = send_packet(auth_pkt, sockfd)) != ZSM_STA_SUCCESS) {
        /* fd already closed */
-        error(0, "Could not authenticate with server");
-        free(sig);
+        error(0, "Could not authenticate with server, status: %d", status);
        free_packet(auth_pkt);
        return ZSM_STA_ERROR_AUTHENTICATE;
    }

    free_packet(auth_pkt);
-    packet_t response;
-	status = recv_packet(&response, sockfd, ZSM_TYP_INFO);
+	status = recv_packet(auth_pkt, sockfd, ZSM_TYP_INFO);
 	return (response.status == ZSM_STA_AUTHORISED ?  ZSM_STA_SUCCESS : ZSM_STA_ERROR_AUTHENTICATE);
 }

@ -59,7 +54,7 @@ void *ui_worker(void *arg)
 */
 void *receive_worker(void *arg)
 {
-	key_pair *kp = (key_pair *) arg;
+	keypair_t *kp = (keypair_t *) arg;

    while (1) {
 		packet_t pkt;
@ -81,12 +76,12 @@ void *receive_worker(void *arg)
 		memcpy(nonce, pkt.data + MAX_NAME * 2, NONCE_SIZE);
 		memcpy(encrypted, pkt.data + MAX_NAME * 2 + NONCE_SIZE, cipher_len);
 		   
-		key_pair *kp_from = get_key_pair(from);
-		key_pair *kp_to = get_key_pair(to);
+		keypair_t *kp_from = get_keypair(from);
+		keypair_t *kp_to = get_keypair(to);

-		uint8_t shared_key[SHARED_SIZE];
-		if (crypto_kx_client_session_keys(shared_key, NULL, kp_from->pk.bin,
-					kp_from->sk.bin, kp_to->pk.bin) != 0) {
+		uint8_t shared_key[SHARED_KEY_SIZE];
+		if (crypto_kx_client_session_keys(shared_key, NULL, kp_from->pk.raw,
+					kp_from->sk.raw, kp_to->pk.raw) != 0) {
 			/* Suspicious server public key, bail out */
 			error(0, "Error performing key exchange");
 		}
@ -150,10 +145,10 @@ int main()
 	write_log(LOG_INFO, "Connected to server at %s\n", DOMAIN);

 	/*
-	key_pair *kpp = create_key_pair("palanix");
-	key_pair *kpn = create_key_pair("night");
+	keypair_t *kpp = create_keypair("palanix");
+	keypair_t *kpn = create_keypair("night");
 */
-	key_pair *kp = get_key_pair(USERNAME);
+	keypair_t *kp = get_keypair(USERNAME);

    if (authenticate_server(kp) != ZSM_STA_SUCCESS) {
        /* Fatal */
--- a/src/client/ui.c
+++ b/src/client/ui.c
@ -494,14 +494,14 @@ void send_message()
 {
 	uint8_t *recipient = users->items[current_selection].name;

-	key_pair *kp_from = get_key_pair(USERNAME);
-	key_pair *kp_to = get_key_pair(recipient);
+	keypair_t *kp_from = get_keypair(USERNAME);
+	keypair_t *kp_to = get_keypair(recipient);

 	int status = ZSM_STA_SUCCESS;

-	uint8_t shared_key[SHARED_SIZE];
-	if (crypto_kx_client_session_keys(shared_key, NULL, kp_from->pk.bin,
-				kp_from->sk.bin, kp_to->pk.bin) != 0) {
+	uint8_t shared_key[SHARED_KEY_SIZE];
+	if (crypto_kx_client_session_keys(shared_key, NULL, kp_from->pk.raw,
+				kp_from->sk.raw, kp_to->pk.raw) != 0) {
 		/* Recipient public key is suspicious */
 		error(0, "Error performing key exchange");
 	}
--- a/src/server/server.c
+++ b/src/server/server.c
@ -28,7 +28,7 @@ void *thread_worker(void *arg);
 int authenticate_client(int clientfd, uint8_t *username)
 {
 	/* Create a challenge */
-    uint8_t *challenge = memalloc(CHALLENGE_SIZE * sizeof(uint8_t));
+    uint8_t *challenge = memalloc(CHALLENGE_SIZE);
    randombytes_buf(challenge, CHALLENGE_SIZE);

    /* Sending fake signature as structure requires it */
@ -37,10 +37,7 @@ int authenticate_client(int clientfd, uint8_t *username)
    packet_t *auth_pkt = create_packet(1, ZSM_TYP_AUTH, CHALLENGE_SIZE,
 			challenge, fake_sig);
    if (send_packet(auth_pkt, clientfd) != ZSM_STA_SUCCESS) {
-        /* fd already closed */
        error(0, "Could not authenticate client");
-        free(challenge);
-        free_packet(auth_pkt);
        goto failure;
    }
    free(fake_sig);
@ -53,11 +50,12 @@ int authenticate_client(int clientfd, uint8_t *username)
        goto failure;
    }

-	uint8_t pk_bin[PK_BIN_SIZE], pk_username[MAX_NAME];
-	memcpy(pk_bin, client_auth_pkt.data, PK_BIN_SIZE);
-	memcpy(pk_username, client_auth_pkt.data + PK_BIN_SIZE, MAX_NAME);
+	uint8_t pk_bin[PK_RAW_SIZE], pk_username[MAX_NAME];
+	memcpy(pk_bin, client_auth_pkt.data, PK_RAW_SIZE);
+	memcpy(pk_username, client_auth_pkt.data + PK_RAW_SIZE, MAX_NAME);

    if (crypto_sign_verify_detached(client_auth_pkt.signature, challenge, CHALLENGE_SIZE, pk_bin) != 0) {
+		free_packet(auth_pkt);
        error(0, "Incorrect signature, could not authenticate client");
        free(client_auth_pkt.data);
        goto failure;