diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 03:32:49 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 03:32:49 +0000 |
commit | 8053187731ae8e3eb368d8360989cf5fd6eed9f7 (patch) | |
tree | 32bada84ff5d7460cdf3934fcbdbe770d6afe4cd /src/tests/data/test_key_validity/case5/generate.cpp | |
parent | Initial commit. (diff) | |
download | rnp-8053187731ae8e3eb368d8360989cf5fd6eed9f7.tar.xz rnp-8053187731ae8e3eb368d8360989cf5fd6eed9f7.zip |
Adding upstream version 0.17.0.upstream/0.17.0
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/tests/data/test_key_validity/case5/generate.cpp')
-rw-r--r-- | src/tests/data/test_key_validity/case5/generate.cpp | 160 |
1 files changed, 160 insertions, 0 deletions
diff --git a/src/tests/data/test_key_validity/case5/generate.cpp b/src/tests/data/test_key_validity/case5/generate.cpp new file mode 100644 index 0000000..23735f4 --- /dev/null +++ b/src/tests/data/test_key_validity/case5/generate.cpp @@ -0,0 +1,160 @@ +/* + * Copyright (c) 2020 [Ribose Inc](https://www.ribose.com). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include <iostream> +#include <cstdint> +#include "librepgp/stream-key.h" +#include "librepgp/stream-packet.h" +#include "fingerprint.h" +#include "pgp-key.h" +#include "crypto/signatures.h" + +static bool +load_transferable_key(pgp_transferable_key_t *key, const char *fname) +{ + pgp_source_t src = {}; + bool res = !init_file_src(&src, fname) && !process_pgp_key(src, key, false); + src_close(&src); + return res; +} + +bool calculate_primary_binding(const pgp_key_pkt_t &key, + const pgp_key_pkt_t &subkey, + pgp_hash_alg_t halg, + pgp_signature_t & sig, + rnp::Hash & hash, + rnp::RNG & rng); + +int +main(int argc, char **argv) +{ + if (argc < 3) { + std::cout << "Generate test file with subkey, signed by the other key.\n Usage: " + "./generate ../alice-sub-sec.asc ../basil-sec.asc\n"; + return 1; + } + + pgp_transferable_key_t tpkey = {}; + pgp_transferable_key_t tskey = {}; + + if (!load_transferable_key(&tpkey, argv[1])) { + std::cout << "Failed to load first key.\n"; + return 1; + } + + if (!load_transferable_key(&tskey, argv[2])) { + std::cout << "Failed to load second key.\n"; + return 1; + } + + pgp_transferable_subkey_t *subkey = + (pgp_transferable_subkey_t *) list_front(tpkey.subkeys); + pgp_signature_t *binding = (pgp_signature_t *) list_front(subkey->signatures); + + if (decrypt_secret_key(&tskey.key, "password")) { + RNP_LOG("Failed to decrypt secret key"); + return 1; + } + if (decrypt_secret_key(&subkey->subkey, "password")) { + RNP_LOG("Failed to decrypt secret subkey"); + return 1; + } + + /* now let's rebuild binding using the other key */ + uint8_t keyid[PGP_KEY_ID_SIZE]; + pgp_fingerprint_t keyfp; + + free(binding->hashed_data); + binding->hashed_data = NULL; + binding->hashed_len = 0; + + pgp_keyid(keyid, sizeof(keyid), tskey.key); + pgp_fingerprint(&keyfp, tskey.key); + + binding->halg = pgp_hash_adjust_alg_to_key(binding->halg, &tskey.key); + binding->palg = tskey.key.alg; + binding->set_keyfp(keyfp); + + /* This requires transition to rnp::Hash once will be used */ + rnp::Hash hash; + rnp::Hash hashcp; + + binding->fill_hashed_data(); + if (!signature_hash_binding(binding, &tpkey.key, &subkey->subkey, &hash) || + !pgp_hash_copy(&hashcp, &hash)) { + RNP_LOG("failed to hash signature"); + return 1; + } + + rnp::RNG rng(rnp::RNG::Type::System); + if (signature_calculate(binding, &tskey.key.material, &hash, &rng)) { + RNP_LOG("failed to calculate signature"); + return 1; + } + + pgp_key_flags_t realkf = (pgp_key_flags_t) binding.key_flags(); + if (!realkf) { + realkf = pgp_pk_alg_capabilities(subkey->subkey.alg); + } + if (realkf & PGP_KF_SIGN) { + pgp_signature_t embsig = {}; + bool embres; + + if (!calculate_primary_binding( + &tpkey.key, &subkey->subkey, binding->halg, &embsig, &hashcp, &rng)) { + RNP_LOG("failed to calculate primary key binding signature"); + return 1; + } + embres = signature_set_embedded_sig(binding, &embsig); + free_signature(&embsig); + if (!embres) { + RNP_LOG("failed to add primary key binding signature"); + return 1; + } + } + + try { + binding->set_keyid(keyid); + } catch (const std::exception &e) { + RNP_LOG("failed to set issuer key id: %s", e.what()); + return 1; + } + + if (!transferable_key_to_public(&tpkey)) { + RNP_LOG("Failed to extract public key part."); + return 1; + } + + pgp_dest_t dst = {}; + init_stdout_dest(&dst); + write_transferable_key(tpkey, dst, true); + dst_close(&dst, false); + + transferable_key_destroy(&tpkey); + transferable_key_destroy(&tskey); + + return 0; +}
\ No newline at end of file |