On 03/30/2011 12:07 PM, Lucian Horga wrote:
diff --git a/libaccounts-glib/ag-account.c b/libaccounts-glib/ag-account.c
index a2354ba..21273a1 100644
--- a/libaccounts-glib/ag-account.c
+++ b/libaccounts-glib/ag-account.c
@@ -41,6 +41,10 @@
#include "ag-service.h"
#include "ag-util.h"
+#ifdef HAVE_AEGISCRYPTO
+ #include <aegis_crypto.h>
+#endif
+
#include <string.h>
#define SERVICE_GLOBAL "global"
@@ -303,6 +307,7 @@ ag_account_watch_int (AgAccount *account, gchar *key, gchar
*prefix,
return watch;
}
+#ifdef HAVE_AEGISCRYPTO
static gboolean
got_account_signature (sqlite3_stmt *stmt, AgSignature *sgn)
{
@@ -311,6 +316,7 @@ got_account_signature (sqlite3_stmt *stmt, AgSignature *sgn)
return TRUE;
}
+#endif
static gboolean
got_account_setting (sqlite3_stmt *stmt, GHashTable *settings)
@@ -2085,6 +2091,7 @@ ag_account_store_blocking (AgAccount *account, GError
**error)
return TRUE;
}
+#ifdef HAVE_AEGISCRYPTO
static gboolean
store_data (gpointer key, gpointer value, gpointer data)
{
@@ -2169,6 +2176,8 @@ signature_data (AgAccount *account, const gchar *key)
return g_string_free (data, FALSE);
}
+#endif
+
/**
* ag_account_sign:
* @key: the name of the key or prefix of the keys to be signed.
@@ -2179,10 +2188,13 @@ signature_data (AgAccount *account, const gchar *key)
void
ag_account_sign (AgAccount *account, const gchar *key, const gchar *token)
{
+#ifdef HAVE_AEGISCRYPTO
AgSignature *sgn;
AgAccountPrivate *priv;
AgServiceChanges *sc;
gchar *data;
+ struct aegis_signature_t signed_data;
+ gchar *signed_raw_data;
g_return_if_fail (key != NULL);
g_return_if_fail (token != NULL);
@@ -2192,17 +2204,34 @@ ag_account_sign (AgAccount *account, const gchar *key,
const gchar *token)
g_return_if_fail (data != NULL);
- /* TODO: sign data with token - depends on libmaemosec */
+ aegis_crypto_result result_sign =
+ aegis_crypto_sign (data,
+ strlen (data) + 1,
+ token,
+ &signed_data);
signed_data -> signature
Do you have some reason to add 1 to the string length?
- priv = account->priv;
- sc = account_service_changes_get (priv, priv->service, TRUE);
+ aegis_crypto_finish ();
Don't call aegis_crypto_finish() here, you are using more agis-crypto function
just below.
+ g_free (data);
+ g_return_if_fail (result_sign != aegis_crypto_ok);
+
+ aegis_crypto_signature_to_string (&signed_data,
+ aegis_as_base64,
+ token,
+ &signed_raw_data);
signed_raw_data -> signature_string
sgn = g_slice_new (AgSignature);
- sgn->signature = data; //signed_data;
+ sgn->signature = g_strdup (signed_raw_data); //signed_data;
remove the comment, it's obsolete now.
+ g_free (signed_raw_data);
sgn->token = g_strdup (token);
+ priv = account->priv;
+ sc = account_service_changes_get (priv, priv->service, TRUE);
+
g_hash_table_insert (sc->signatures,
g_strdup (key), sgn);
+#else
+ g_warning ("ag_account_sign: aegis-crypto not found! Unable to sign the
key.");
+#endif
}
/**
@@ -2219,13 +2248,20 @@ ag_account_sign (AgAccount *account, const gchar *key,
const gchar *token)
gboolean
ag_account_verify (AgAccount *account, const gchar *key, const gchar **token)
{
+#ifdef HAVE_AEGISCRYPTO
AgAccountPrivate *priv;
AgServiceSettings *ss;
guint service_id;
gchar *data;
gchar *sql;
AgSignature sgn;
-
+ GString *sql_str;
+ aegis_system_mode_t made_in_mode;
+ aegis_crypto_result result_verify;
+ aegis_crypto_result result_convert;
+ struct aegis_signature_t signature;
+ char *token_name;
+
g_return_val_if_fail (AG_IS_ACCOUNT (account), FALSE);
priv = account->priv;
@@ -2235,7 +2271,7 @@ ag_account_verify (AgAccount *account, const gchar *key,
const gchar **token)
service_id = (priv->service != NULL) ? priv->service->id : 0;
- GString *sql_str;
+
sql_str = g_string_sized_new (512);
_ag_string_append_printf (sql_str,
"SELECT signature, token FROM Signatures "
@@ -2246,16 +2282,44 @@ ag_account_verify (AgAccount *account, const gchar
*key, const gchar **token)
(AgQueryCallback)got_account_signature,
&sgn, sql);
- g_free(sql);
- data = signature_data(account, key);
+ g_free (sql);
+ data = signature_data (account, key);
+
+ aegis_crypto_init();
- /* TODO: verify data with sgn->signature - depends on libmaemosec */
+ result_convert = aegis_crypto_string_to_signature (sgn.signature,
+ &signature,
+ &token_name);
+
+ if (result_convert != aegis_crypto_ok) {
+ *token = NULL;
+ aegis_crypto_finish();
+ g_free (data);
+ return FALSE;
+ }
+ result_verify = aegis_crypto_verify (&signature,
+ token_name,
+ data,
+ strlen (data) + 1,
+ &made_in_mode);
indent the parameters one char more to the right. Same remark about the "+ 1".
+
+ if (result_verify != aegis_crypto_ok) {
+ *token = NULL;
+ aegis_crypto_finish ();
+ g_free (data);
+ return FALSE;
+ }
+
+ *token = g_strdup (token_name);
+ aegis_crypto_finish ();
g_free (data);
- /* temporary solution */
- *token = "token";
return TRUE;
+#else
+ g_warning ("ag_account_verify: aegis-crypto not found! Unable to verify the
key.");
+ return FALSE;
+#endif
}
token_name is being leaked.
Please double check the whitespaces; in several lines there are trailing
whitespaces.
Ciao,
Alberto
--
http://blog.mardy.it <-- geek in un lingua international!
_______________________________________________
MeeGo-dev mailing list
MeeGo-dev@meego.com
http://lists.meego.com/listinfo/meego-dev
http://wiki.meego.com/Mailing_list_guidelines
