mirror of
https://gitlab.kit.edu/kit/scc/sys/mail/exim-encrypt-dlfunc.git
synced 2025-12-06 10:03:56 +01:00
…
diff --git a/src/Makefile b/src/Makefile
index 6e01d42..1e3d0a3 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -7,9 +7,6 @@ LDFLAGS_LIB=-I/usr/include/exim4 -fpic -shared -export-dynamic
.DEFAULT_GOAL := libs
-#libexim-kitencrypt-dlfunc.so: libexim-kitencrypt-dlfunc.c
-# $(CC) $(CFLAGS) $(LDFLAGS) $(LDFLAGS_LIB) -o $@ $<
-
libexim-encrypt-dlfunc.so: libexim-encrypt-dlfunc.c
$(CC) $(CFLAGS) $(LDFLAGS) $(LDFLAGS_LIB) -o $@ $<
diff --git a/src/genkey.c b/src/genkey.c
index c169f30..972e613 100644
--- a/src/genkey.c
+++ b/src/genkey.c
@@ -32,6 +32,24 @@ void
dump_key_as_exim_config(FILE * f, const char *name, unsigned char *key,
unsigned int keylen)
{
+ // write a comment with C variable declaration
+ fprintf(f, "# const unsigned char %s[%d] = { ", name, keylen);
+ for (int i = 0; i < keylen; i++) {
+ fprintf(f, "0x%02x", key[i]);
+ if (i < keylen - 1) {
+ fprintf(f, ", ");
+ }
+ }
+ fprintf(f, " }; const unsigned int %s_length = %d;\n", name, keylen);
+ // encode with base64
+ unsigned int b64len = sodium_base64_ENCODED_LEN(keylen, sodium_base64_VARIANT_ORIGINAL);
+ unsigned char *b64string = malloc(b64len);
+ sodium_bin2base64((char *const) b64string, b64len,
+ key, keylen,
+ sodium_base64_VARIANT_ORIGINAL);
+ fprintf(f, "%s = \"%s\"\n", name, b64string);
+
+ free(b64string);
// write a comment with C variable declaration
fprintf(f, "# const unsigned char %s[%d] = { ", name, keylen);
for (int i = 0; i < keylen; i++) {
@@ -98,7 +116,7 @@ void create_cryptobox_keys(const char *filebase, const char *varname)
unsigned char recipient_pk[crypto_box_PUBLICKEYBYTES];
unsigned char recipient_sk[crypto_box_SECRETKEYBYTES];
- crypto_box_keypair(recipient_pk, recipient_sk);
+ crypto_box_keypair(recipient_pk, recipient_sk);
char pk_filename[4096];
char pk_varname[4096];
@@ -118,28 +136,27 @@ void create_cryptobox_keys(const char *filebase, const char *varname)
}
void create_secretbox_key(const char *filebase, const char *varname) {
- unsigned char key[crypto_secretbox_KEYBYTES];
+ unsigned char key[crypto_secretbox_KEYBYTES];
crypto_secretbox_keygen(key);
- char key_filename[4096];
- char key_varname[4096];
+ char key_filename[4096];
+ char key_varname[4096];
- sprintf(key_filename, "%s_secretbox", filebase);
- sprintf(key_varname, "%s_key", varname);
+ sprintf(key_filename, "%s_secretbox", filebase);
+ sprintf(key_varname, "%s_key", varname);
- write_key_files(key_filename, key_varname, key, crypto_secretbox_KEYBYTES);
+ write_key_files(key_filename, key_varname, key, crypto_secretbox_KEYBYTES);
}
-int main(int argc, char *argv[])
-{
- if (sodium_init() < 0) {
- fputs("Unable to initialize libsodium", stderr);
- exit(128);
- }
+int main(int argc, char *argv[]) {
+ if (sodium_init() < 0) {
+ fputs("Unable to initialize libsodium", stderr);
+ exit(128);
+ }
- fputs("=== Creating cryptobox key pair ===\n", stderr);
- create_cryptobox_keys("cryptobox_recipient", "cryptobox_recipient");
+ fputs("=== Creating cryptobox key pair ===\n", stderr);
+ create_cryptobox_keys("cryptobox_recipient", "cryptobox_recipient");
- exit(EXIT_SUCCESS);
+ exit(EXIT_SUCCESS);
}
diff --git a/src/libexim-encrypt-dlfunc.c b/src/libexim-encrypt-dlfunc.c
index 99a31ea..042e72f 100644
--- a/src/libexim-encrypt-dlfunc.c
+++ b/src/libexim-encrypt-dlfunc.c
@@ -233,7 +233,7 @@ int sodium_crypto_box_seal_open(uschar **yield, int argc, uschar *argv[]) {
// get and convert private key
unsigned char *skb64 = argv[0];
- size_t skb64_len = strlen((const char *)skb64);
+ size_t skb64_len = strlen((const char *) skb64);
// reserve space for conversion
unsigned int sk_buffer_len = crypto_box_SECRETKEYBYTES;// skb64_len / 4 * 3;
unsigned char *sk = (unsigned char *) store_get(sk_buffer_len);
@@ -242,7 +242,7 @@ int sodium_crypto_box_seal_open(uschar **yield, int argc, uschar *argv[]) {
int b64err = sodium_base642bin(sk, sk_buffer_len,
(const char *) skb64, skb64_len,
NULL, NULL, NULL, sodium_base64_VARIANT_ORIGINAL);
- if(b64err == -1) {
+ if (b64err == -1) {
*yield = string_copy((unsigned char *) "Error decoding private key");
return ERROR;
}
@@ -256,8 +256,8 @@ int sodium_crypto_box_seal_open(uschar **yield, int argc, uschar *argv[]) {
sodium_memzero(pk, pk_buffer_len);
// convert encoded key to raw form
b64err = sodium_base642bin(pk, pk_buffer_len,
- (const char *) pkb64, pkb64_len,
- NULL, NULL, NULL, sodium_base64_VARIANT_ORIGINAL);
+ (const char *) pkb64, pkb64_len,
+ NULL, NULL, NULL, sodium_base64_VARIANT_ORIGINAL);
if (b64err == -1) {
*yield = string_copy((unsigned char *) "Error decoding public key");
return ERROR;
@@ -273,9 +273,9 @@ int sodium_crypto_box_seal_open(uschar **yield, int argc, uschar *argv[]) {
size_t ciphertextlen;
sodium_memzero(ciphertext, ciphertextbuflen);
b64err = sodium_base642bin(ciphertext, ciphertextbuflen,
- (const char *) ciphertextb64, ciphertextb64_len,
- NULL, &ciphertextlen, NULL,
- sodium_base64_VARIANT_ORIGINAL);
+ (const char *) ciphertextb64, ciphertextb64_len,
+ NULL, &ciphertextlen, NULL,
+ sodium_base64_VARIANT_ORIGINAL);
if (b64err == -1) {
*yield = string_copy((unsigned char *) "Error decoding base64 encoded ciphertext");
return ERROR;
This commit is contained in:
Heiko Reese
@ -7,9 +7,6 @@ LDFLAGS_LIB=-I/usr/include/exim4 -fpic -shared -export-dynamic
|
|||||||
|
|
||||||
.DEFAULT_GOAL := libs
|
.DEFAULT_GOAL := libs
|
||||||
|
|
||||||
#libexim-kitencrypt-dlfunc.so: libexim-kitencrypt-dlfunc.c
|
|
||||||
# $(CC) $(CFLAGS) $(LDFLAGS) $(LDFLAGS_LIB) -o $@ $<
|
|
||||||
|
|
||||||
libexim-encrypt-dlfunc.so: libexim-encrypt-dlfunc.c
|
libexim-encrypt-dlfunc.so: libexim-encrypt-dlfunc.c
|
||||||
$(CC) $(CFLAGS) $(LDFLAGS) $(LDFLAGS_LIB) -o $@ $<
|
$(CC) $(CFLAGS) $(LDFLAGS) $(LDFLAGS_LIB) -o $@ $<
|
||||||
|
|
||||||
|
|||||||
21
src/genkey.c
21
src/genkey.c
@ -50,6 +50,24 @@ dump_key_as_exim_config(FILE * f, const char *name, unsigned char *key,
|
|||||||
fprintf(f, "%s = \"%s\"\n", name, b64string);
|
fprintf(f, "%s = \"%s\"\n", name, b64string);
|
||||||
|
|
||||||
free(b64string);
|
free(b64string);
|
||||||
|
// write a comment with C variable declaration
|
||||||
|
fprintf(f, "# const unsigned char %s[%d] = { ", name, keylen);
|
||||||
|
for (int i = 0; i < keylen; i++) {
|
||||||
|
fprintf(f, "0x%02x", key[i]);
|
||||||
|
if (i < keylen - 1) {
|
||||||
|
fprintf(f, ", ");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
fprintf(f, " }; const unsigned int %s_length = %d;\n", name, keylen);
|
||||||
|
// encode with base64
|
||||||
|
unsigned int b64len = sodium_base64_ENCODED_LEN(keylen, sodium_base64_VARIANT_ORIGINAL);
|
||||||
|
unsigned char *b64string = malloc(b64len);
|
||||||
|
sodium_bin2base64((char *const) b64string, b64len,
|
||||||
|
key, keylen,
|
||||||
|
sodium_base64_VARIANT_ORIGINAL);
|
||||||
|
fprintf(f, "%s = \"%s\"\n", name, b64string);
|
||||||
|
|
||||||
|
free(b64string);
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
@ -131,8 +149,7 @@ void create_secretbox_key(const char *filebase, const char *varname) {
|
|||||||
write_key_files(key_filename, key_varname, key, crypto_secretbox_KEYBYTES);
|
write_key_files(key_filename, key_varname, key, crypto_secretbox_KEYBYTES);
|
||||||
}
|
}
|
||||||
|
|
||||||
int main(int argc, char *argv[])
|
int main(int argc, char *argv[]) {
|
||||||
{
|
|
||||||
if (sodium_init() < 0) {
|
if (sodium_init() < 0) {
|
||||||
fputs("Unable to initialize libsodium", stderr);
|
fputs("Unable to initialize libsodium", stderr);
|
||||||
exit(128);
|
exit(128);
|
||||||
|
|||||||
Reference in New Issue
Block a user