diff --git a/libs/netpgp/include/netpgp-extra.h b/libs/netpgp/include/netpgp-extra.h index e981c89a..b38d4175 100644 --- a/libs/netpgp/include/netpgp-extra.h +++ b/libs/netpgp/include/netpgp-extra.h @@ -8,6 +8,8 @@ #include "netpgp/defs.h" #include "netpgp/crypto.h" #include "netpgp/create.h" +#include "netpgp/signature.h" +#include "netpgp/readerwriter.h" unsigned rsa_generate_keypair(pgp_key_t *keydata, const int numbits, const unsigned long e, const char *hashalg, const char *cipher); #endif // __NETPGP_EXTRA_H__ diff --git a/src/mre2ee_driver_openssl.c b/src/mre2ee_driver_openssl.c index 1dcf0c2c..f80d1d7b 100644 --- a/src/mre2ee_driver_openssl.c +++ b/src/mre2ee_driver_openssl.c @@ -83,10 +83,8 @@ int mre2ee_driver_create_keypair(mrmailbox_t* mailbox, const char* addr, mrkey_t { int success = 0; pgp_key_t seckey, pubkey, subkey; - pgp_subkey_t* subkeyp; /* just a pointer inside another key, must not be freed */ - pgp_subkeysig_t* subkeysigp; /* just a pointer inside another key, must not be freed */ uint8_t subkeyid[PGP_KEY_ID_SIZE]; - char* user_id = NULL; + uint8_t* user_id = NULL; pgp_memory_t *pubmem = pgp_memory_new(), *secmem = pgp_memory_new(); pgp_output_t *pubout = pgp_output_new(), *secout = pgp_output_new(); @@ -120,7 +118,7 @@ int mre2ee_driver_create_keypair(mrmailbox_t* mailbox, const char* addr, mrkey_t - shorter keys - the name is already taken from From: - not Autocrypt:-standard */ - user_id = mr_mprintf("<%s>", addr); + user_id = (uint8_t*)mr_mprintf("<%s>", addr); /* generate two keypairs */ if( !pgp_rsa_generate_keypair(&seckey, 2048/*bits*/, 65537UL/*e*/, NULL, NULL, NULL, 0) @@ -137,21 +135,54 @@ int mre2ee_driver_create_keypair(mrmailbox_t* mailbox, const char* addr, mrkey_t /* add subkey to public key and sign it (cmp. pgp_update_subkey()) */ EXPAND_ARRAY((&pubkey), subkey); - subkeyp = &pubkey.subkeys[pubkey.subkeyc++]; - pgp_pubkey_dup(&subkeyp->key.pubkey, &subkey.key.pubkey); - pgp_keyid(subkeyid, PGP_KEY_ID_SIZE, &pubkey.key.pubkey, PGP_HASH_SHA1); - memcpy(subkeyp->id, subkeyid, PGP_KEY_ID_SIZE); + { + pgp_subkey_t* p = &pubkey.subkeys[pubkey.subkeyc++]; + pgp_pubkey_dup(&p->key.pubkey, &subkey.key.pubkey); + pgp_keyid(subkeyid, PGP_KEY_ID_SIZE, &pubkey.key.pubkey, PGP_HASH_SHA1); + memcpy(p->id, subkeyid, PGP_KEY_ID_SIZE); + } - // TODO: add "0x18: Subkey Binding Signature" packet - //EXPAND_ARRAY((&pubkey), subkeysig); - //subkeysigp = &pubkey.subkeysigs[pubkey.subkeysigc++]; + // add "0x18: Subkey Binding Signature" packet, PGP_SIG_SUBKEY + EXPAND_ARRAY((&pubkey), subkeysig); + { + pgp_subkeysig_t* p = &pubkey.subkeysigs[pubkey.subkeysigc++]; + pgp_create_sig_t* sig; + pgp_output_t* sigoutput = NULL; + pgp_memory_t* mem_sig = NULL; + + sig = pgp_create_sig_new(); + pgp_sig_start_key_sig(sig, &subkey.key.pubkey, user_id, PGP_SIG_SUBKEY); + + pgp_add_creation_time(sig, time(NULL)); + pgp_add_key_expiration_time(sig, 0); + pgp_add_issuer_keyid(sig, seckey.pubkeyid); + pgp_add_primary_userid(sig, 1); + pgp_add_key_flags(sig, PGP_KEYFLAG_SIGN_DATA|PGP_KEYFLAG_ENC_COMM); + pgp_add_key_prefs(sig); + pgp_add_key_features(sig); + + pgp_end_hashed_subpkts(sig); + + pgp_setup_memory_write(&sigoutput, &mem_sig, 128); + pgp_write_sig(sigoutput, sig, &seckey.key.seckey.pubkey, &seckey.key.seckey); + + p->subkey = pubkey.subkeyc-1; /* index of subkey in array */ + p->packet.length = mem_sig->length; + p->packet.raw = mem_sig->buf; mem_sig->buf = NULL; /* move ownership to packet */ + + pgp_create_sig_delete(sig); + pgp_output_delete(sigoutput); + free(mem_sig); /* do not use pgp_memory_free() as this would also free mem_sig->buf which is owned by the packet */ + } /* add subkey to private key */ EXPAND_ARRAY((&seckey), subkey); - subkeyp = &seckey.subkeys[seckey.subkeyc++]; - pgp_seckey_dup(&subkeyp->key.seckey, &subkey.key.seckey); - pgp_keyid(subkeyid, PGP_KEY_ID_SIZE, &seckey.key.pubkey, PGP_HASH_SHA1); - memcpy(subkeyp->id, subkeyid, PGP_KEY_ID_SIZE); + { + pgp_subkey_t* p = &seckey.subkeys[seckey.subkeyc++]; + pgp_seckey_dup(&p->key.seckey, &subkey.key.seckey); + pgp_keyid(subkeyid, PGP_KEY_ID_SIZE, &seckey.key.pubkey, PGP_HASH_SHA1); + memcpy(p->id, subkeyid, PGP_KEY_ID_SIZE); + } /* return keys */ pgp_writer_set_memory(pubout, pubmem);