mirror of
https://github.com/profanity-im/profanity.git
synced 2024-12-04 14:46:46 -05:00
Refactor OMEMO download into AESGCMDownload tool
This commit is contained in:
parent
fb002a59b6
commit
73f313b921
@ -45,6 +45,8 @@ core_sources = \
|
||||
src/tools/http_upload.h \
|
||||
src/tools/http_download.c \
|
||||
src/tools/http_download.h \
|
||||
src/tools/aesgcm_download.c \
|
||||
src/tools/aesgcm_download.h \
|
||||
src/tools/bookmark_ignore.c \
|
||||
src/tools/bookmark_ignore.h \
|
||||
src/tools/autocomplete.c src/tools/autocomplete.h \
|
||||
|
@ -69,6 +69,7 @@
|
||||
#include "event/client_events.h"
|
||||
#include "tools/http_upload.h"
|
||||
#include "tools/http_download.h"
|
||||
#include "tools/aesgcm_download.h"
|
||||
#include "tools/autocomplete.h"
|
||||
#include "tools/parser.h"
|
||||
#include "tools/bookmark_ignore.h"
|
||||
@ -9154,6 +9155,40 @@ cmd_url_open(ProfWin* window, const char* const command, gchar** args)
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
void
|
||||
_url_open_fallback_method(ProfWin* window, const char* url)
|
||||
{
|
||||
/*
|
||||
gboolean is_omemo_aesgcm = false;
|
||||
gchar* scheme = g_uri_parse_scheme(url);
|
||||
if (g_strcmp0(scheme, "aesgcm")) {
|
||||
is_omemo_aesgcm = true;
|
||||
}
|
||||
free(scheme);
|
||||
|
||||
if (is_omemo_aesgcm) {
|
||||
int tmpfd;
|
||||
char* tmpname = NULL;
|
||||
if ((tmpfd = g_file_open_tmp("profanity.XXXXXX", &tmpname, NULL)) == -1) {
|
||||
*err = "Unable to create temporary file for decryption stream.";
|
||||
return NULL;
|
||||
}
|
||||
FILE* tmpfh = fdopen(tmpfd, "wb");
|
||||
|
||||
unsigned char* nonce;
|
||||
unsigned char* key;
|
||||
char* https_url = omemo_parse_aesgcm_url(url, nonce, key);
|
||||
|
||||
_url_save_fallback_method(window, https_url, tmpname);
|
||||
|
||||
int crypt_res = omemo_decrypt_file(tmpfh,
|
||||
|
||||
remove(tmpname);
|
||||
free(tmpname);
|
||||
}
|
||||
*/
|
||||
}
|
||||
|
||||
void
|
||||
_url_save_fallback_method(ProfWin* window, const char* url, const char* filename)
|
||||
{
|
||||
@ -9163,13 +9198,27 @@ _url_save_fallback_method(ProfWin* window, const char* url, const char* filename
|
||||
return;
|
||||
}
|
||||
|
||||
HTTPDownload* download = malloc(sizeof(HTTPDownload));
|
||||
download->window = window;
|
||||
download->url = strdup(url);
|
||||
download->filehandle = fh;
|
||||
gchar* scheme = g_uri_parse_scheme(url);
|
||||
|
||||
pthread_create(&(download->worker), NULL, &http_file_get, download);
|
||||
http_download_add_download(download);
|
||||
if (g_strcmp0(scheme, "aesgcm") == 0) {
|
||||
AESGCMDownload* download = malloc(sizeof(AESGCMDownload));
|
||||
download->window = window;
|
||||
download->url = strdup(url);
|
||||
download->filehandle = fh;
|
||||
|
||||
pthread_create(&(download->worker), NULL, &aesgcm_file_get, download);
|
||||
aesgcm_download_add_download(download);
|
||||
} else {
|
||||
HTTPDownload* download = malloc(sizeof(HTTPDownload));
|
||||
download->window = window;
|
||||
download->url = strdup(url);
|
||||
download->filehandle = fh;
|
||||
|
||||
pthread_create(&(download->worker), NULL, &http_file_get, download);
|
||||
http_download_add_download(download);
|
||||
}
|
||||
|
||||
free(scheme);
|
||||
}
|
||||
|
||||
void
|
||||
|
@ -400,12 +400,12 @@ aes256gcm_crypt_file(FILE* in, FILE* out, off_t file_size,
|
||||
goto out;
|
||||
}
|
||||
|
||||
res = gcry_cipher_setkey(hd, key, AES256_GCM_KEY_LENGTH);
|
||||
res = gcry_cipher_setkey(hd, key, OMEMO_AESGCM_KEY_LENGTH);
|
||||
if (res != GPG_ERR_NO_ERROR) {
|
||||
goto out;
|
||||
}
|
||||
|
||||
res = gcry_cipher_setiv(hd, nonce, AES256_GCM_NONCE_LENGTH);
|
||||
res = gcry_cipher_setiv(hd, nonce, OMEMO_AESGCM_NONCE_LENGTH);
|
||||
if (res != GPG_ERR_NO_ERROR) {
|
||||
goto out;
|
||||
}
|
||||
@ -468,8 +468,8 @@ out:
|
||||
char*
|
||||
aes256gcm_create_secure_fragment(unsigned char* key, unsigned char* nonce)
|
||||
{
|
||||
int key_size = AES256_GCM_KEY_LENGTH;
|
||||
int nonce_size = AES256_GCM_NONCE_LENGTH;
|
||||
int key_size = OMEMO_AESGCM_KEY_LENGTH;
|
||||
int nonce_size = OMEMO_AESGCM_NONCE_LENGTH;
|
||||
|
||||
char* fragment = gcry_malloc_secure((nonce_size + key_size) * 2 + 1);
|
||||
|
||||
|
@ -40,9 +40,6 @@
|
||||
#define AES128_GCM_IV_LENGTH 12
|
||||
#define AES128_GCM_TAG_LENGTH 16
|
||||
|
||||
#define AES256_GCM_KEY_LENGTH 32
|
||||
#define AES256_GCM_NONCE_LENGTH 12
|
||||
|
||||
int omemo_crypto_init(void);
|
||||
/**
|
||||
* Callback for a secure random number generator.
|
||||
|
@ -62,6 +62,9 @@
|
||||
#include "xmpp/roster_list.h"
|
||||
#include "xmpp/xmpp.h"
|
||||
|
||||
#define AESGCM_URL_NONCE_LEN (2 * OMEMO_AESGCM_NONCE_LENGTH)
|
||||
#define AESGCM_URL_KEY_LEN (2 * OMEMO_AESGCM_KEY_LENGTH)
|
||||
|
||||
static gboolean loaded;
|
||||
|
||||
static void _generate_pre_keys(int count);
|
||||
@ -1664,12 +1667,12 @@ char*
|
||||
omemo_encrypt_file(FILE* in, FILE* out, off_t file_size, int* gcry_res)
|
||||
{
|
||||
unsigned char* key = gcry_random_bytes_secure(
|
||||
AES256_GCM_KEY_LENGTH,
|
||||
OMEMO_AESGCM_KEY_LENGTH,
|
||||
GCRY_VERY_STRONG_RANDOM);
|
||||
|
||||
// Create nonce/IV with random bytes.
|
||||
unsigned char nonce[AES256_GCM_NONCE_LENGTH];
|
||||
gcry_create_nonce(nonce, AES256_GCM_NONCE_LENGTH);
|
||||
unsigned char nonce[OMEMO_AESGCM_NONCE_LENGTH];
|
||||
gcry_create_nonce(nonce, OMEMO_AESGCM_NONCE_LENGTH);
|
||||
|
||||
char* fragment = aes256gcm_create_secure_fragment(key, nonce);
|
||||
*gcry_res = aes256gcm_crypt_file(in, out, file_size, key, nonce, true);
|
||||
@ -1684,7 +1687,96 @@ omemo_encrypt_file(FILE* in, FILE* out, off_t file_size, int* gcry_res)
|
||||
return fragment;
|
||||
}
|
||||
|
||||
//int omemo_decrypt_file(FILE *in, FILE *out, off_t file_size,
|
||||
// unsigned char key[], unsigned char nonce[]) {
|
||||
// return aes256gcm_crypt_file(in, out, file_size, key, nonce, false);
|
||||
//}
|
||||
void
|
||||
_bytes_from_hex(const char* hex, size_t hex_size,
|
||||
unsigned char* bytes, size_t bytes_size)
|
||||
{
|
||||
const unsigned char ht[] = {
|
||||
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, // 01234567
|
||||
0x08, 0x09, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // 89:;<=>?
|
||||
0x00, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x00, // @ABCDEFG
|
||||
};
|
||||
const size_t ht_size = sizeof(ht);
|
||||
|
||||
unsigned char b0;
|
||||
unsigned char b1;
|
||||
|
||||
memset(bytes, 0, bytes_size);
|
||||
|
||||
for (int i = 0; (i < hex_size) && (i / 2 < bytes_size); i += 2) {
|
||||
b0 = ((unsigned char)hex[i + 0] & 0x1f) ^ 0x10;
|
||||
b1 = ((unsigned char)hex[i + 1] & 0x1f) ^ 0x10;
|
||||
|
||||
if (b0 <= ht_size && b1 <= ht_size) {
|
||||
bytes[i / 2] = (unsigned char)(ht[b0] << 4) | ht[b1];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
int
|
||||
omemo_decrypt_file(FILE* in, FILE* out, off_t file_size, const char* fragment)
|
||||
{
|
||||
char nonce_hex[AESGCM_URL_NONCE_LEN];
|
||||
char key_hex[AESGCM_URL_KEY_LEN];
|
||||
|
||||
const int nonce_pos = 0;
|
||||
const int key_pos = AESGCM_URL_NONCE_LEN;
|
||||
|
||||
memcpy(nonce_hex, &(fragment[nonce_pos]), AESGCM_URL_NONCE_LEN);
|
||||
memcpy(key_hex, &(fragment[key_pos]), AESGCM_URL_KEY_LEN);
|
||||
|
||||
unsigned char nonce[OMEMO_AESGCM_NONCE_LENGTH];
|
||||
unsigned char* key = gcry_malloc_secure(OMEMO_AESGCM_KEY_LENGTH);
|
||||
|
||||
_bytes_from_hex(nonce_hex, AESGCM_URL_NONCE_LEN,
|
||||
nonce, OMEMO_AESGCM_NONCE_LENGTH);
|
||||
_bytes_from_hex(key_hex, AESGCM_URL_KEY_LEN,
|
||||
key, OMEMO_AESGCM_KEY_LENGTH);
|
||||
|
||||
int crypt_res = aes256gcm_crypt_file(in, out, file_size, key, nonce, false);
|
||||
|
||||
gcry_free(key);
|
||||
|
||||
return crypt_res;
|
||||
}
|
||||
|
||||
int
|
||||
omemo_parse_aesgcm_url(const char* aesgcm_url,
|
||||
char** https_url,
|
||||
char** fragment)
|
||||
{
|
||||
CURLUcode ret;
|
||||
CURLU* url = curl_url();
|
||||
|
||||
// Required to allow for the "aesgcm://" scheme that OMEMO Media Sharing
|
||||
// uses.
|
||||
unsigned int curl_flags = CURLU_NON_SUPPORT_SCHEME;
|
||||
|
||||
ret = curl_url_set(url, CURLUPART_URL, aesgcm_url, curl_flags);
|
||||
if (ret) {
|
||||
goto out;
|
||||
}
|
||||
|
||||
ret = curl_url_get(url, CURLUPART_FRAGMENT, fragment, curl_flags);
|
||||
if (ret) {
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (strlen(*fragment) != AESGCM_URL_NONCE_LEN + AESGCM_URL_KEY_LEN) {
|
||||
goto out;
|
||||
}
|
||||
|
||||
ret = curl_url_set(url, CURLUPART_SCHEME, "https", curl_flags);
|
||||
if (ret) {
|
||||
goto out;
|
||||
}
|
||||
|
||||
ret = curl_url_get(url, CURLUPART_URL, https_url, curl_flags);
|
||||
if (ret) {
|
||||
goto out;
|
||||
}
|
||||
|
||||
out:
|
||||
curl_url_cleanup(url);
|
||||
return ret;
|
||||
}
|
||||
|
@ -40,7 +40,9 @@
|
||||
#define OMEMO_ERR_UNSUPPORTED_CRYPTO -10000
|
||||
#define OMEMO_ERR_GCRYPT -20000
|
||||
|
||||
#define OMEMO_AESGCM_URL_SCHEME "aesgcm"
|
||||
#define OMEMO_AESGCM_NONCE_LENGTH 12
|
||||
#define OMEMO_AESGCM_KEY_LENGTH 32
|
||||
#define OMEMO_AESGCM_URL_SCHEME "aesgcm"
|
||||
|
||||
typedef enum {
|
||||
PROF_OMEMOPOLICY_MANUAL,
|
||||
@ -99,4 +101,6 @@ char* omemo_on_message_send(ProfWin* win, const char* const message, gboolean re
|
||||
char* omemo_on_message_recv(const char* const from, uint32_t sid, const unsigned char* const iv, size_t iv_len, GList* keys, const unsigned char* const payload, size_t payload_len, gboolean muc, gboolean* trusted);
|
||||
|
||||
char* omemo_encrypt_file(FILE* in, FILE* out, off_t file_size, int* gcry_res);
|
||||
int omemo_decrypt_file(FILE* in, FILE* out, off_t file_size, const char* fragment);
|
||||
void omemo_free(void* a);
|
||||
int omemo_parse_aesgcm_url(const char* aesgcm_url, char** https_url, char** fragment);
|
||||
|
134
src/tools/aesgcm_download.c
Normal file
134
src/tools/aesgcm_download.c
Normal file
@ -0,0 +1,134 @@
|
||||
/*
|
||||
* aesgcm_download.c
|
||||
* vim: expandtab:ts=4:sts=4:sw=4
|
||||
*
|
||||
* Copyright (C) 2012 - 2019 James Booth <boothj5@gmail.com>
|
||||
* Copyright (C) 2020 William Wennerström <william@wstrm.dev>
|
||||
*
|
||||
* This file is part of Profanity.
|
||||
*
|
||||
* Profanity is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* Profanity is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with Profanity. If not, see <https://www.gnu.org/licenses/>.
|
||||
*
|
||||
* In addition, as a special exception, the copyright holders give permission to
|
||||
* link the code of portions of this program with the OpenSSL library under
|
||||
* certain conditions as described in each individual source file, and
|
||||
* distribute linked combinations including the two.
|
||||
*
|
||||
* You must obey the GNU General Public License in all respects for all of the
|
||||
* code used other than OpenSSL. If you modify file(s) with this exception, you
|
||||
* may extend this exception to your version of the file(s), but you are not
|
||||
* obligated to do so. If you do not wish to do so, delete this exception
|
||||
* statement from your version. If you delete this exception statement from all
|
||||
* source files in the program, then also delete it here.
|
||||
*
|
||||
*/
|
||||
|
||||
#define _GNU_SOURCE 1
|
||||
|
||||
#include "config.h"
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <sys/stat.h>
|
||||
#include <sys/types.h>
|
||||
#include <curl/curl.h>
|
||||
#include <gio/gio.h>
|
||||
#include <pthread.h>
|
||||
#include <assert.h>
|
||||
|
||||
#include "profanity.h"
|
||||
#include "event/client_events.h"
|
||||
#include "tools/aesgcm_download.h"
|
||||
#include "omemo/omemo.h"
|
||||
#include "config/preferences.h"
|
||||
#include "ui/ui.h"
|
||||
#include "ui/window.h"
|
||||
#include "common.h"
|
||||
|
||||
#define FALLBACK_MSG ""
|
||||
|
||||
void*
|
||||
aesgcm_file_get(void* userdata)
|
||||
{
|
||||
AESGCMDownload* aesgcm_dl = (AESGCMDownload*)userdata;
|
||||
|
||||
char* https_url = NULL;
|
||||
char* fragment = NULL;
|
||||
|
||||
if (omemo_parse_aesgcm_url(aesgcm_dl->url, &https_url, &fragment) != 0) {
|
||||
http_print_transfer_update(aesgcm_dl->window, aesgcm_dl->url,
|
||||
"Download failed: Cannot parse URL.");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
int tmpfd;
|
||||
char* tmpname = NULL;
|
||||
if ((tmpfd = g_file_open_tmp("profanity.XXXXXX", &tmpname, NULL)) == -1) {
|
||||
http_print_transfer_update(aesgcm_dl->window, aesgcm_dl->url,
|
||||
"Downloading '%s' failed: Unable to create "
|
||||
"temporary ciphertext file for writing.",
|
||||
https_url);
|
||||
return NULL;
|
||||
}
|
||||
FILE* tmpfh = fdopen(tmpfd, "wb");
|
||||
|
||||
// Remove the file once it is closed.
|
||||
remove(tmpname);
|
||||
free(tmpname);
|
||||
|
||||
HTTPDownload* http_dl = malloc(sizeof(HTTPDownload));
|
||||
http_dl->window = aesgcm_dl->window;
|
||||
http_dl->worker = aesgcm_dl->worker;
|
||||
http_dl->url = https_url;
|
||||
http_dl->filehandle = tmpfh;
|
||||
http_dl->close = 0;
|
||||
|
||||
aesgcm_dl->http_dl = http_dl;
|
||||
|
||||
// TODO: Verify result.
|
||||
http_file_get(http_dl);
|
||||
|
||||
// Force flush as the decrypt function will read from the same stream.
|
||||
fflush(tmpfh);
|
||||
rewind(tmpfh);
|
||||
|
||||
int crypt_res = omemo_decrypt_file(tmpfh, aesgcm_dl->filehandle,
|
||||
http_dl->bytes_received, fragment);
|
||||
|
||||
fclose(tmpfh);
|
||||
|
||||
if (crypt_res != 0) {
|
||||
http_print_transfer_update(aesgcm_dl->window, aesgcm_dl->url,
|
||||
"Downloading '%s' failed: Failed to decrypt"
|
||||
"file.",
|
||||
https_url);
|
||||
}
|
||||
|
||||
fclose(aesgcm_dl->filehandle);
|
||||
|
||||
return NULL;
|
||||
}
|
||||
|
||||
void
|
||||
aesgcm_download_cancel_processes(ProfWin* window)
|
||||
{
|
||||
http_download_cancel_processes(window);
|
||||
}
|
||||
|
||||
void
|
||||
aesgcm_download_add_download(AESGCMDownload* aesgcm_dl)
|
||||
{
|
||||
http_download_add_download(aesgcm_dl->http_dl);
|
||||
}
|
66
src/tools/aesgcm_download.h
Normal file
66
src/tools/aesgcm_download.h
Normal file
@ -0,0 +1,66 @@
|
||||
/*
|
||||
* aesgcm_download.h
|
||||
* vim: expandtab:ts=4:sts=4:sw=4
|
||||
*
|
||||
* Copyright (C) 2012 - 2019 James Booth <boothj5@gmail.com>
|
||||
* Copyright (C) 2020 William Wennerström <william@wstrm.dev>
|
||||
*
|
||||
* This file is part of Profanity.
|
||||
*
|
||||
* Profanity is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* Profanity is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with Profanity. If not, see <https://www.gnu.org/licenses/>.
|
||||
*
|
||||
* In addition, as a special exception, the copyright holders give permission to
|
||||
* link the code of portions of this program with the OpenSSL library under
|
||||
* certain conditions as described in each individual source file, and
|
||||
* distribute linked combinations including the two.
|
||||
*
|
||||
* You must obey the GNU General Public License in all respects for all of the
|
||||
* code used other than OpenSSL. If you modify file(s) with this exception, you
|
||||
* may extend this exception to your version of the file(s), but you are not
|
||||
* obligated to do so. If you do not wish to do so, delete this exception
|
||||
* statement from your version. If you delete this exception statement from all
|
||||
* source files in the program, then also delete it here.
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef TOOLS_AESGCM_DOWNLOAD_H
|
||||
#define TOOLS_AESGCM_DOWNLOAD_H
|
||||
|
||||
#ifdef PLATFORM_CYGWIN
|
||||
#define SOCKET int
|
||||
#endif
|
||||
|
||||
#include <sys/select.h>
|
||||
#include <curl/curl.h>
|
||||
#include "tools/http_download.h"
|
||||
|
||||
#include "ui/win_types.h"
|
||||
|
||||
typedef struct aesgcm_download_t
|
||||
{
|
||||
char* url;
|
||||
FILE* filehandle;
|
||||
ProfWin* window;
|
||||
pthread_t worker;
|
||||
HTTPDownload* http_dl;
|
||||
} AESGCMDownload;
|
||||
|
||||
void* aesgcm_file_get(void* userdata);
|
||||
|
||||
void aesgcm_download_cancel_processes(ProfWin* window);
|
||||
void aesgcm_download_add_download(AESGCMDownload* download);
|
||||
|
||||
char* http_basename_from_url(const char* url);
|
||||
|
||||
#endif
|
0
src/tools/aesgcm_upload.c
Normal file
0
src/tools/aesgcm_upload.c
Normal file
0
src/tools/aesgcm_upload.h
Normal file
0
src/tools/aesgcm_upload.h
Normal file
@ -157,13 +157,12 @@ http_file_get(void* userdata)
|
||||
curl_easy_cleanup(curl);
|
||||
curl_global_cleanup();
|
||||
|
||||
if (download->filehandle) {
|
||||
if (download->filehandle && download->close) {
|
||||
fclose(download->filehandle);
|
||||
}
|
||||
|
||||
pthread_mutex_lock(&lock);
|
||||
g_free(cert_path);
|
||||
|
||||
if (err) {
|
||||
char* msg;
|
||||
if (download->cancel) {
|
||||
@ -237,3 +236,20 @@ http_basename_from_url(const char* url)
|
||||
|
||||
return filename;
|
||||
}
|
||||
|
||||
void
|
||||
http_print_transfer_update(ProfWin* window, char* url,
|
||||
const char* fmt, ...)
|
||||
{
|
||||
va_list args;
|
||||
|
||||
va_start(args, fmt);
|
||||
char* msg;
|
||||
if (vasprintf(&msg, fmt, args) == -1) {
|
||||
msg = strdup(FALLBACK_MSG);
|
||||
}
|
||||
va_end(args);
|
||||
|
||||
win_print_http_transfer(window, msg, url);
|
||||
free(msg);
|
||||
}
|
||||
|
@ -54,6 +54,7 @@ typedef struct http_download_t
|
||||
ProfWin* window;
|
||||
pthread_t worker;
|
||||
int cancel;
|
||||
int close;
|
||||
} HTTPDownload;
|
||||
|
||||
void* http_file_get(void* userdata);
|
||||
@ -62,5 +63,7 @@ void http_download_cancel_processes(ProfWin* window);
|
||||
void http_download_add_download(HTTPDownload* download);
|
||||
|
||||
char* http_basename_from_url(const char* url);
|
||||
void http_print_transfer_update(ProfWin* window, char* url,
|
||||
const char* fmt, ...);
|
||||
|
||||
#endif
|
||||
|
Loading…
Reference in New Issue
Block a user