|
8849
|
1 /*
|
|
|
2
|
|
|
3 silcgaim_pk.c
|
|
|
4
|
|
|
5 Author: Pekka Riikonen <priikone@silcnet.org>
|
|
|
6
|
|
|
7 Copyright (C) 2004 Pekka Riikonen
|
|
|
8
|
|
|
9 This program is free software; you can redistribute it and/or modify
|
|
|
10 it under the terms of the GNU General Public License as published by
|
|
|
11 the Free Software Foundation; version 2 of the License.
|
|
|
12
|
|
|
13 This program is distributed in the hope that it will be useful,
|
|
|
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
16 GNU General Public License for more details.
|
|
|
17
|
|
|
18 */
|
|
|
19
|
|
|
20 #include "silcincludes.h"
|
|
|
21 #include "silcclient.h"
|
|
|
22 #include "silcgaim.h"
|
|
|
23
|
|
|
24 /************************* Public Key Verification ***************************/
|
|
|
25
|
|
|
26 typedef struct {
|
|
|
27 SilcClient client;
|
|
|
28 SilcClientConnection conn;
|
|
|
29 char *filename;
|
|
|
30 char *entity;
|
|
|
31 char *entity_name;
|
|
|
32 char *fingerprint;
|
|
|
33 char *babbleprint;
|
|
|
34 unsigned char *pk;
|
|
|
35 SilcUInt32 pk_len;
|
|
|
36 SilcSKEPKType pk_type;
|
|
|
37 SilcVerifyPublicKey completion;
|
|
|
38 void *context;
|
|
|
39 gboolean changed;
|
|
|
40 } *PublicKeyVerify;
|
|
|
41
|
|
|
42 static void silcgaim_verify_ask(const char *entity,
|
|
|
43 const char *fingerprint,
|
|
|
44 const char *babbleprint,
|
|
|
45 PublicKeyVerify verify);
|
|
|
46
|
|
|
47 static void silcgaim_verify_cb(PublicKeyVerify verify, gint id)
|
|
|
48 {
|
|
|
49 if (id != 2) {
|
|
|
50 if (verify->completion)
|
|
|
51 verify->completion(FALSE, verify->context);
|
|
|
52 } else {
|
|
|
53 if (verify->completion)
|
|
|
54 verify->completion(TRUE, verify->context);
|
|
|
55
|
|
|
56 /* Save the key for future checking */
|
|
|
57 silc_pkcs_save_public_key_data(verify->filename, verify->pk,
|
|
|
58 verify->pk_len, SILC_PKCS_FILE_PEM);
|
|
|
59 }
|
|
|
60
|
|
|
61 silc_free(verify->filename);
|
|
|
62 silc_free(verify->entity);
|
|
|
63 silc_free(verify->entity_name);
|
|
|
64 silc_free(verify->fingerprint);
|
|
|
65 silc_free(verify->babbleprint);
|
|
|
66 silc_free(verify->pk);
|
|
|
67 silc_free(verify);
|
|
|
68 }
|
|
|
69
|
|
|
70 static void silcgaim_verify_details_cb(PublicKeyVerify verify)
|
|
|
71 {
|
|
|
72 /* What a hack. We have to display the accept dialog _again_
|
|
|
73 because Gaim closes the dialog after you press the button. Gaim
|
|
|
74 should have option for the dialogs whether the buttons close them
|
|
|
75 or not. */
|
|
|
76 silcgaim_verify_ask(verify->entity, verify->fingerprint,
|
|
|
77 verify->babbleprint, verify);
|
|
|
78 }
|
|
|
79
|
|
|
80 static void silcgaim_verify_details(PublicKeyVerify verify, gint id)
|
|
|
81 {
|
|
|
82 SilcPublicKey public_key;
|
|
|
83 GaimConnection *gc = verify->client->application;
|
|
|
84 SilcGaim sg = gc->proto_data;
|
|
|
85
|
|
|
86 silc_pkcs_public_key_decode(verify->pk, verify->pk_len,
|
|
|
87 &public_key);
|
|
|
88 silcgaim_show_public_key(sg, verify->entity_name, public_key,
|
|
|
89 G_CALLBACK(silcgaim_verify_details_cb),
|
|
|
90 verify);
|
|
|
91 silc_pkcs_public_key_free(public_key);
|
|
|
92 }
|
|
|
93
|
|
|
94 static void silcgaim_verify_ask(const char *entity,
|
|
|
95 const char *fingerprint,
|
|
|
96 const char *babbleprint,
|
|
|
97 PublicKeyVerify verify)
|
|
|
98 {
|
|
|
99 char tmp[256], tmp2[256];
|
|
|
100
|
|
|
101 if (verify->changed) {
|
|
|
102 g_snprintf(tmp, sizeof(tmp),
|
|
|
103 _("Received %s's public key. Your local copy does not match this "
|
|
|
104 "key. Would you still like to accept this public key?"),
|
|
|
105 entity);
|
|
|
106 } else {
|
|
|
107 g_snprintf(tmp, sizeof(tmp),
|
|
|
108 _("Received %s's public key. Would you like to accept this "
|
|
|
109 "public key?"), entity);
|
|
|
110 }
|
|
|
111 g_snprintf(tmp2, sizeof(tmp2),
|
|
|
112 _("Fingerprint and babbleprint for the %s key are:\n\n"
|
|
|
113 "%s\n%s\n"), entity, fingerprint, babbleprint);
|
|
|
114
|
|
|
115 gaim_request_action(NULL, _("Verify Public Key"), tmp, tmp2, 2, verify, 3,
|
|
|
116 _("Yes"), G_CALLBACK(silcgaim_verify_cb),
|
|
|
117 _("No"), G_CALLBACK(silcgaim_verify_cb),
|
|
|
118 _("View..."), G_CALLBACK(silcgaim_verify_details));
|
|
|
119 }
|
|
|
120
|
|
|
121 void silcgaim_verify_public_key(SilcClient client, SilcClientConnection conn,
|
|
|
122 const char *name, SilcSocketType conn_type,
|
|
|
123 unsigned char *pk, SilcUInt32 pk_len,
|
|
|
124 SilcSKEPKType pk_type,
|
|
|
125 SilcVerifyPublicKey completion, void *context)
|
|
|
126 {
|
|
|
127 GaimConnection *gc = client->application;
|
|
|
128 int i;
|
|
|
129 char file[256], filename[256], filename2[256], *ipf, *hostf = NULL;
|
|
|
130 char *fingerprint, *babbleprint;
|
|
|
131 struct passwd *pw;
|
|
|
132 struct stat st;
|
|
|
133 char *entity = ((conn_type == SILC_SOCKET_TYPE_SERVER ||
|
|
|
134 conn_type == SILC_SOCKET_TYPE_ROUTER) ?
|
|
|
135 "server" : "client");
|
|
|
136 PublicKeyVerify verify;
|
|
|
137
|
|
|
138 if (pk_type != SILC_SKE_PK_TYPE_SILC) {
|
|
|
139 gaim_notify_error(gc, _("Verify Public Key"),
|
|
|
140 _("Unsupported public key type"), NULL);
|
|
|
141 if (completion)
|
|
|
142 completion(FALSE, context);
|
|
|
143 return;
|
|
|
144 }
|
|
|
145
|
|
|
146 pw = getpwuid(getuid());
|
|
|
147 if (!pw) {
|
|
|
148 if (completion)
|
|
|
149 completion(FALSE, context);
|
|
|
150 return;
|
|
|
151 }
|
|
|
152
|
|
|
153 memset(filename, 0, sizeof(filename));
|
|
|
154 memset(filename2, 0, sizeof(filename2));
|
|
|
155 memset(file, 0, sizeof(file));
|
|
|
156
|
|
|
157 if (conn_type == SILC_SOCKET_TYPE_SERVER ||
|
|
|
158 conn_type == SILC_SOCKET_TYPE_ROUTER) {
|
|
|
159 if (!name) {
|
|
|
160 g_snprintf(file, sizeof(file) - 1, "%skey_%s_%d.pub", entity,
|
|
|
161 conn->sock->ip, conn->sock->port);
|
|
|
162 g_snprintf(filename, sizeof(filename) - 1,
|
|
|
163 "%s" G_DIR_SEPARATOR_S "%skeys" G_DIR_SEPARATOR_S "%s",
|
|
|
164 silcgaim_silcdir(), entity, file);
|
|
|
165
|
|
|
166 g_snprintf(file, sizeof(file) - 1, "%skey_%s_%d.pub", entity,
|
|
|
167 conn->sock->hostname, conn->sock->port);
|
|
|
168 g_snprintf(filename2, sizeof(filename2) - 1,
|
|
|
169 "%s" G_DIR_SEPARATOR_S "%skeys" G_DIR_SEPARATOR_S "%s",
|
|
|
170 silcgaim_silcdir(), entity, file);
|
|
|
171
|
|
|
172 ipf = filename;
|
|
|
173 hostf = filename2;
|
|
|
174 } else {
|
|
|
175 g_snprintf(file, sizeof(file) - 1, "%skey_%s_%d.pub", entity,
|
|
|
176 name, conn->sock->port);
|
|
|
177 g_snprintf(filename, sizeof(filename) - 1,
|
|
|
178 "%s" G_DIR_SEPARATOR_S "%skeys" G_DIR_SEPARATOR_S "%s",
|
|
|
179 silcgaim_silcdir(), entity, file);
|
|
|
180
|
|
|
181 ipf = filename;
|
|
|
182 }
|
|
|
183 } else {
|
|
|
184 /* Replace all whitespaces with `_'. */
|
|
|
185 fingerprint = silc_hash_fingerprint(NULL, pk, pk_len);
|
|
|
186 for (i = 0; i < strlen(fingerprint); i++)
|
|
|
187 if (fingerprint[i] == ' ')
|
|
|
188 fingerprint[i] = '_';
|
|
|
189
|
|
|
190 g_snprintf(file, sizeof(file) - 1, "%skey_%s.pub", entity, fingerprint);
|
|
|
191 g_snprintf(filename, sizeof(filename) - 1,
|
|
|
192 "%s" G_DIR_SEPARATOR_S "%skeys" G_DIR_SEPARATOR_S "%s",
|
|
|
193 silcgaim_silcdir(), entity, file);
|
|
|
194 silc_free(fingerprint);
|
|
|
195
|
|
|
196 ipf = filename;
|
|
|
197 }
|
|
|
198
|
|
|
199 verify = silc_calloc(1, sizeof(*verify));
|
|
|
200 if (!verify)
|
|
|
201 return;
|
|
|
202 verify->client = client;
|
|
|
203 verify->conn = conn;
|
|
|
204 verify->filename = strdup(ipf);
|
|
|
205 verify->entity = strdup(entity);
|
|
|
206 verify->entity_name = (conn_type != SILC_SOCKET_TYPE_CLIENT ?
|
|
|
207 (name ? strdup(name) : strdup(conn->sock->hostname))
|
|
|
208 : NULL);
|
|
|
209 verify->pk = silc_memdup(pk, pk_len);
|
|
|
210 verify->pk_len = pk_len;
|
|
|
211 verify->pk_type = pk_type;
|
|
|
212 verify->completion = completion;
|
|
|
213 verify->context = context;
|
|
|
214 fingerprint = verify->fingerprint = silc_hash_fingerprint(NULL, pk, pk_len);
|
|
|
215 babbleprint = verify->babbleprint = silc_hash_babbleprint(NULL, pk, pk_len);
|
|
|
216
|
|
|
217 /* Check whether this key already exists */
|
|
|
218 if (stat(ipf, &st) < 0 && (!hostf || stat(hostf, &st) < 0)) {
|
|
|
219 /* Key does not exist, ask user to verify the key and save it */
|
|
|
220 silcgaim_verify_ask(name ? name : entity,
|
|
|
221 fingerprint, babbleprint, verify);
|
|
|
222 return;
|
|
|
223 } else {
|
|
|
224 /* The key already exists, verify it. */
|
|
|
225 SilcPublicKey public_key;
|
|
|
226 unsigned char *encpk;
|
|
|
227 SilcUInt32 encpk_len;
|
|
|
228
|
|
|
229 /* Load the key file, try for both IP filename and hostname filename */
|
|
|
230 if (!silc_pkcs_load_public_key(ipf, &public_key,
|
|
|
231 SILC_PKCS_FILE_PEM) &&
|
|
|
232 !silc_pkcs_load_public_key(ipf, &public_key,
|
|
|
233 SILC_PKCS_FILE_BIN) &&
|
|
|
234 (!hostf || (!silc_pkcs_load_public_key(hostf, &public_key,
|
|
|
235 SILC_PKCS_FILE_PEM) &&
|
|
|
236 !silc_pkcs_load_public_key(hostf, &public_key,
|
|
|
237 SILC_PKCS_FILE_BIN)))) {
|
|
|
238 silcgaim_verify_ask(name ? name : entity,
|
|
|
239 fingerprint, babbleprint, verify);
|
|
|
240 return;
|
|
|
241 }
|
|
|
242
|
|
|
243 /* Encode the key data */
|
|
|
244 encpk = silc_pkcs_public_key_encode(public_key, &encpk_len);
|
|
|
245 if (!encpk) {
|
|
|
246 silcgaim_verify_ask(name ? name : entity,
|
|
|
247 fingerprint, babbleprint, verify);
|
|
|
248 return;
|
|
|
249 }
|
|
|
250
|
|
|
251 /* Compare the keys */
|
|
|
252 if (memcmp(encpk, pk, encpk_len)) {
|
|
|
253 /* Ask user to verify the key and save it */
|
|
|
254 verify->changed = TRUE;
|
|
|
255 silcgaim_verify_ask(name ? name : entity,
|
|
|
256 fingerprint, babbleprint, verify);
|
|
|
257 return;
|
|
|
258 }
|
|
|
259
|
|
|
260 /* Local copy matched */
|
|
|
261 if (completion)
|
|
|
262 completion(TRUE, context);
|
|
|
263 silc_free(verify->filename);
|
|
|
264 silc_free(verify->entity);
|
|
|
265 silc_free(verify->entity_name);
|
|
|
266 silc_free(verify->pk);
|
|
|
267 silc_free(verify->fingerprint);
|
|
|
268 silc_free(verify->babbleprint);
|
|
|
269 silc_free(verify);
|
|
|
270 }
|
|
|
271 }
|
