Mirrors/chatmail-core
1
0
Fork 0
mirror of https://github.com/chatmail/core.git synced 2026-05-23 00:36:32 +03:00
Code Issues Packages Projects Releases Wiki Activity

Pass buffers to pgp.rs as slices

Browse Source
This commit is contained in:
Alexander Krotov
2019-09-09 03:28:29 +03:00
committed by holger krekel
parent 814281ed7d
commit 28cae607a4
4 changed files with 33 additions and 88 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/dc_imex.rs
View File

@@ -211,12 +211,8 @@ pub fn dc_render_setup_file(context: &Context, passphrase: &str) -> Result<Strin
let encr = { let encr = {
let private_key_asc_c = CString::yolo(private_key_asc); let private_key_asc_c = CString::yolo(private_key_asc);
let passphrase_c = CString::yolo(passphrase); let passphrase_c = CString::yolo(passphrase);
dc_pgp_symm_encrypt( dc_pgp_symm_encrypt(passphrase_c.as_ptr(), private_key_asc_c.as_bytes())
passphrase_c.as_ptr(), .ok_or(format_err!("Failed to encrypt private key."))?
private_key_asc_c.as_ptr() as *const libc::c_void,
private_key_asc_c.as_bytes().len(),
)
.ok_or(format_err!("Failed to encrypt private key."))?
}; };
let replacement = format!( let replacement = format!(
concat!( concat!(
@@ -449,9 +445,10 @@ pub unsafe fn dc_decrypt_setup_file(
|| binary_bytes == 0) || binary_bytes == 0)
{ {
/* decrypt symmetrically */ /* decrypt symmetrically */
if let Some(plain) = if let Some(plain) = dc_pgp_symm_decrypt(
dc_pgp_symm_decrypt(passphrase, binary as *const libc::c_void, binary_bytes) passphrase,
{ std::slice::from_raw_parts(binary as *const u8, binary_bytes),
) {
let payload_c = CString::new(plain).unwrap(); let payload_c = CString::new(plain).unwrap();
payload = strdup(payload_c.as_ptr()); payload = strdup(payload_c.as_ptr());
} }

9
src/e2ee.rs
View File

@@ -299,8 +299,10 @@ impl E2eeHelper {
ok_to_continue = false; ok_to_continue = false;
} else { } else {
if let Some(ctext_v) = dc_pgp_pk_encrypt( if let Some(ctext_v) = dc_pgp_pk_encrypt(
(*plain).str_0 as *const libc::c_void, std::slice::from_raw_parts(
(*plain).len, (*plain).str_0 as *const u8,
(*plain).len,
),
&keyring, &keyring,
sign_key.as_ref(), sign_key.as_ref(),
) { ) {
@@ -907,8 +909,7 @@ unsafe fn decrypt_part(
/*if we already have fingerprints, do not add more; this ensures, only the fingerprints from the outer-most part are collected */ /*if we already have fingerprints, do not add more; this ensures, only the fingerprints from the outer-most part are collected */
if let Some(plain) = dc_pgp_pk_decrypt( if let Some(plain) = dc_pgp_pk_decrypt(
decoded_data as *const libc::c_void, std::slice::from_raw_parts(decoded_data as *const u8, decoded_data_bytes),
decoded_data_bytes,
&private_keyring, &private_keyring,
&public_keyring_for_validate, &public_keyring_for_validate,
add_signatures, add_signatures,

35
src/pgp.rs
View File

@@ -188,15 +188,11 @@ pub fn dc_pgp_create_keypair(addr: impl AsRef<str>) -> Option<(Key, Key)> {
} }
pub fn dc_pgp_pk_encrypt( pub fn dc_pgp_pk_encrypt(
plain_text: *const libc::c_void, plain: &[u8],
plain_bytes: size_t,
public_keys_for_encryption: &Keyring, public_keys_for_encryption: &Keyring,
private_key_for_signing: Option<&Key>, private_key_for_signing: Option<&Key>,
) -> Option<String> { ) -> Option<String> {
assert!(!plain_text.is_null() && !plain_bytes > 0, "invalid input"); let lit_msg = Message::new_literal_bytes("", plain);
let bytes = unsafe { std::slice::from_raw_parts(plain_text as *const u8, plain_bytes) };
let lit_msg = Message::new_literal_bytes("", bytes);
let pkeys: Vec<&SignedPublicKey> = public_keys_for_encryption let pkeys: Vec<&SignedPublicKey> = public_keys_for_encryption
.keys() .keys()
.into_iter() .into_iter()
@@ -227,16 +223,11 @@ pub fn dc_pgp_pk_encrypt(
} }
pub fn dc_pgp_pk_decrypt( pub fn dc_pgp_pk_decrypt(
ctext: *const libc::c_void, ctext: &[u8],
ctext_bytes: size_t,
private_keys_for_decryption: &Keyring, private_keys_for_decryption: &Keyring,
public_keys_for_validation: &Keyring, public_keys_for_validation: &Keyring,
ret_signature_fingerprints: Option<&mut HashSet<String>>, ret_signature_fingerprints: Option<&mut HashSet<String>>,
) -> Option<Vec<u8>> { ) -> Option<Vec<u8>> {
assert!(!ctext.is_null() && ctext_bytes > 0, "invalid input");
let ctext = unsafe { std::slice::from_raw_parts(ctext as *const u8, ctext_bytes) };
// TODO: proper error handling // TODO: proper error handling
if let Ok((msg, _)) = Message::from_armor_single(Cursor::new(ctext)) { if let Ok((msg, _)) = Message::from_armor_single(Cursor::new(ctext)) {
let skeys: Vec<&SignedSecretKey> = private_keys_for_decryption let skeys: Vec<&SignedSecretKey> = private_keys_for_decryption
@@ -283,19 +274,13 @@ pub fn dc_pgp_pk_decrypt(
} }
/// Symmetric encryption. /// Symmetric encryption.
pub fn dc_pgp_symm_encrypt( pub fn dc_pgp_symm_encrypt(passphrase: *const libc::c_char, plain: &[u8]) -> Option<String> {
passphrase: *const libc::c_char,
plain: *const libc::c_void,
plain_bytes: size_t,
) -> Option<String> {
assert!(!passphrase.is_null(), "invalid passphrase"); assert!(!passphrase.is_null(), "invalid passphrase");
assert!(!plain.is_null() && !plain_bytes > 0, "invalid input");
let pw = unsafe { CStr::from_ptr(passphrase).to_str().unwrap() }; let pw = unsafe { CStr::from_ptr(passphrase).to_str().unwrap() };
let bytes = unsafe { std::slice::from_raw_parts(plain as *const u8, plain_bytes) };
let mut rng = thread_rng(); let mut rng = thread_rng();
let lit_msg = Message::new_literal_bytes("", bytes); let lit_msg = Message::new_literal_bytes("", plain);
let s2k = StringToKey::new_default(&mut rng); let s2k = StringToKey::new_default(&mut rng);
let msg = lit_msg.encrypt_with_password(&mut rng, s2k, Default::default(), || pw.into()); let msg = lit_msg.encrypt_with_password(&mut rng, s2k, Default::default(), || pw.into());
@@ -304,18 +289,12 @@ pub fn dc_pgp_symm_encrypt(
} }
/// Symmetric decryption. /// Symmetric decryption.
pub fn dc_pgp_symm_decrypt( pub fn dc_pgp_symm_decrypt(passphrase: *const libc::c_char, ctext: &[u8]) -> Option<Vec<u8>> {
passphrase: *const libc::c_char,
ctext: *const libc::c_void,
ctext_bytes: size_t,
) -> Option<Vec<u8>> {
assert!(!passphrase.is_null(), "invalid passphrase"); assert!(!passphrase.is_null(), "invalid passphrase");
assert!(!ctext.is_null() && !ctext_bytes > 0, "invalid input");
let pw = unsafe { CStr::from_ptr(passphrase).to_str().unwrap() }; let pw = unsafe { CStr::from_ptr(passphrase).to_str().unwrap() };
let bytes = unsafe { std::slice::from_raw_parts(ctext as *const u8, ctext_bytes) };
let enc_msg = Message::from_bytes(Cursor::new(bytes)); let enc_msg = Message::from_bytes(Cursor::new(ctext));
enc_msg enc_msg
.and_then(|msg| { .and_then(|msg| {

62
tests/stress.rs
View File

@@ -1,7 +1,6 @@
//! Stress some functions for testing; if used as a lib, this file is obsolete. //! Stress some functions for testing; if used as a lib, this file is obsolete.
use std::collections::HashSet; use std::collections::HashSet;
use std::ffi::CString;
use std::ptr; use std::ptr;
use tempfile::{tempdir, TempDir}; use tempfile::{tempdir, TempDir};
@@ -494,39 +493,20 @@ fn test_encryption_decryption() {
assert_ne!(public_key, public_key2); assert_ne!(public_key, public_key2);
let original_text: *const libc::c_char = let original_text = b"This is a test";
b"This is a test\x00" as *const u8 as *const libc::c_char;
let mut keyring = Keyring::default(); let mut keyring = Keyring::default();
keyring.add_owned(public_key.clone()); keyring.add_owned(public_key.clone());
keyring.add_ref(&public_key2); keyring.add_ref(&public_key2);
let ctext = dc_pgp_pk_encrypt( let ctext = dc_pgp_pk_encrypt(original_text, &keyring, Some(&private_key)).unwrap();
original_text as *const libc::c_void,
strlen(original_text),
&keyring,
Some(&private_key),
)
.unwrap();
assert!(!ctext.is_empty()); assert!(!ctext.is_empty());
assert!(ctext.starts_with("-----BEGIN PGP MESSAGE-----")); assert!(ctext.starts_with("-----BEGIN PGP MESSAGE-----"));
let ctext_signed_bytes = ctext.len(); let ctext = dc_pgp_pk_encrypt(original_text, &keyring, None).unwrap();
let ctext_signed = CString::yolo(ctext);
let ctext = dc_pgp_pk_encrypt(
original_text as *const libc::c_void,
strlen(original_text),
&keyring,
None,
)
.unwrap();
assert!(!ctext.is_empty()); assert!(!ctext.is_empty());
assert!(ctext.starts_with("-----BEGIN PGP MESSAGE-----")); assert!(ctext.starts_with("-----BEGIN PGP MESSAGE-----"));
let ctext_unsigned_bytes = ctext.len();
let ctext_unsigned = CString::yolo(ctext);
let mut keyring = Keyring::default(); let mut keyring = Keyring::default();
keyring.add_owned(private_key); keyring.add_owned(private_key);
@@ -539,42 +519,39 @@ fn test_encryption_decryption() {
let mut valid_signatures: HashSet<String> = Default::default(); let mut valid_signatures: HashSet<String> = Default::default();
let plain = dc_pgp_pk_decrypt( let plain = dc_pgp_pk_decrypt(
ctext_signed.as_ptr() as *const _, ctext.as_bytes(),
ctext_signed_bytes,
&keyring, &keyring,
&public_keyring, &public_keyring,
Some(&mut valid_signatures), Some(&mut valid_signatures),
) )
.unwrap(); .unwrap();
assert_eq!(std::str::from_utf8(&plain).unwrap(), as_str(original_text),); assert_eq!(plain, original_text,);
assert_eq!(valid_signatures.len(), 1); assert_eq!(valid_signatures.len(), 1);
valid_signatures.clear(); valid_signatures.clear();
let empty_keyring = Keyring::default(); let empty_keyring = Keyring::default();
let plain = dc_pgp_pk_decrypt( let plain = dc_pgp_pk_decrypt(
ctext_signed.as_ptr() as *const _, ctext.as_bytes(),
ctext_signed_bytes,
&keyring, &keyring,
&empty_keyring, &empty_keyring,
Some(&mut valid_signatures), Some(&mut valid_signatures),
) )
.unwrap(); .unwrap();
assert_eq!(std::str::from_utf8(&plain).unwrap(), as_str(original_text),); assert_eq!(plain, original_text);
assert_eq!(valid_signatures.len(), 0); assert_eq!(valid_signatures.len(), 0);
valid_signatures.clear(); valid_signatures.clear();
let plain = dc_pgp_pk_decrypt( let plain = dc_pgp_pk_decrypt(
ctext_signed.as_ptr() as *const _, ctext.as_bytes(),
ctext_signed_bytes,
&keyring, &keyring,
&public_keyring2, &public_keyring2,
Some(&mut valid_signatures), Some(&mut valid_signatures),
) )
.unwrap(); .unwrap();
assert_eq!(std::str::from_utf8(&plain).unwrap(), as_str(original_text),); assert_eq!(plain, original_text);
assert_eq!(valid_signatures.len(), 0); assert_eq!(valid_signatures.len(), 0);
valid_signatures.clear(); valid_signatures.clear();
@@ -582,28 +559,26 @@ fn test_encryption_decryption() {
public_keyring2.add_ref(&public_key); public_keyring2.add_ref(&public_key);
let plain = dc_pgp_pk_decrypt( let plain = dc_pgp_pk_decrypt(
ctext_signed.as_ptr() as *const _, ctext.as_bytes(),
ctext_signed_bytes,
&keyring, &keyring,
&public_keyring2, &public_keyring2,
Some(&mut valid_signatures), Some(&mut valid_signatures),
) )
.unwrap(); .unwrap();
assert_eq!(std::str::from_utf8(&plain).unwrap(), as_str(original_text),); assert_eq!(plain, original_text);
assert_eq!(valid_signatures.len(), 1); assert_eq!(valid_signatures.len(), 1);
valid_signatures.clear(); valid_signatures.clear();
let plain = dc_pgp_pk_decrypt( let plain = dc_pgp_pk_decrypt(
ctext_unsigned.as_ptr() as *const _, ctext.as_bytes(),
ctext_unsigned_bytes,
&keyring, &keyring,
&public_keyring, &public_keyring,
Some(&mut valid_signatures), Some(&mut valid_signatures),
) )
.unwrap(); .unwrap();
assert_eq!(std::str::from_utf8(&plain).unwrap(), as_str(original_text),); assert_eq!(plain, original_text);
valid_signatures.clear(); valid_signatures.clear();
@@ -612,16 +587,9 @@ fn test_encryption_decryption() {
let mut public_keyring = Keyring::default(); let mut public_keyring = Keyring::default();
public_keyring.add_ref(&public_key); public_keyring.add_ref(&public_key);
let plain = dc_pgp_pk_decrypt( let plain = dc_pgp_pk_decrypt(ctext.as_bytes(), &keyring, &public_keyring, None).unwrap();
ctext_signed.as_ptr() as *const _,
ctext_signed_bytes,
&keyring,
&public_keyring,
None,
)
.unwrap();
assert_eq!(std::str::from_utf8(&plain).unwrap(), as_str(original_text),); assert_eq!(plain, original_text);
} }
} }