Re: [MeeGo-dev] [Accounts] Fixes: NB#204950 - Account::verify and Account::verifyWithTokens() returns TRUE, all the time irrespective of whether Account::sign() called or not.

[ext-lucian.horga]

Hi,

On 03/30/2011 01:55 PM, ext Alberto Mardegan wrote:
> On 03/30/2011 12:07 PM, Lucian Horga wrote:
>> diff --git a/libaccounts-glib/ag-account.c b/libaccounts-glib/ag-account.c
>> index a2354ba..21273a1 100644
>> --- a/libaccounts-glib/ag-account.c
>> +++ b/libaccounts-glib/ag-account.c
>> @@ -41,6 +41,10 @@
>>  #include "ag-service.h"
>>  #include "ag-util.h"
>>
>> +#ifdef HAVE_AEGISCRYPTO
>> +  #include <aegis_crypto.h>
>> +#endif
>> +
>>  #include <string.h>
>>
>>  #define SERVICE_GLOBAL "global"
>> @@ -303,6 +307,7 @@ ag_account_watch_int (AgAccount *account, gchar *key, 
>> gchar *prefix,
>>      return watch;
>>  }
>>
>> +#ifdef HAVE_AEGISCRYPTO
>>  static gboolean
>>  got_account_signature (sqlite3_stmt *stmt, AgSignature *sgn)
>>  {
>> @@ -311,6 +316,7 @@ got_account_signature (sqlite3_stmt *stmt, AgSignature 
>> *sgn)
>>
>>      return TRUE;
>>  }
>> +#endif
>>
>>  static gboolean
>>  got_account_setting (sqlite3_stmt *stmt, GHashTable *settings)
>> @@ -2085,6 +2091,7 @@ ag_account_store_blocking (AgAccount *account, GError 
>> **error)
>>      return TRUE;
>>  }
>>
>> +#ifdef HAVE_AEGISCRYPTO
>>  static gboolean
>>  store_data (gpointer key, gpointer value, gpointer data)
>>  {
>> @@ -2169,6 +2176,8 @@ signature_data (AgAccount *account, const gchar *key)
>>
>>      return g_string_free (data, FALSE);
>>  }
>> +#endif
>> +
>>  /**
>>   * ag_account_sign:
>>   * @key: the name of the key or prefix of the keys to be signed.
>> @@ -2179,10 +2188,13 @@ signature_data (AgAccount *account, const gchar *key)
>>  void
>>  ag_account_sign (AgAccount *account, const gchar *key, const gchar *token)
>>  {
>> +#ifdef HAVE_AEGISCRYPTO
>>      AgSignature *sgn;
>>      AgAccountPrivate *priv;
>>      AgServiceChanges *sc;
>>      gchar *data;
>> +    struct aegis_signature_t signed_data;
>> +    gchar *signed_raw_data;
>>
>>      g_return_if_fail (key != NULL);
>>      g_return_if_fail (token != NULL);
>> @@ -2192,17 +2204,34 @@ ag_account_sign (AgAccount *account, const gchar 
>> *key, const gchar *token)
>>
>>      g_return_if_fail (data != NULL);
>>
>> -    /* TODO: sign data with token - depends on libmaemosec */
>> +    aegis_crypto_result result_sign =
>> +              aegis_crypto_sign (data,
>> +                                 strlen (data) + 1,
>> +                                 token,
>> +                                 &signed_data);
>
> signed_data -> signature

Do you want the name changed from "signed_data" to "signature" or you want to 
select the "signature" field from "signed_data"?
The function takes struct aegis_signature_t as parameter, and this struct does 
not have any "signature" field:

    typedef struct aegis_signature_t {
        unsigned char d[SIGNATURE_LENGTH]; /**< The actual signature bytes */
    } AEGIS_SIGNATURE_T;

> Do you have some reason to add 1 to the string length?
>

I assumed the string to be null-terminated.

>>
>> -    priv = account->priv;
>> -    sc = account_service_changes_get (priv, priv->service, TRUE);
>> +    aegis_crypto_finish ();
>
> Don't call aegis_crypto_finish() here, you are using more agis-crypto 
> function just below.
>

Fixed.

>> +    g_free (data);
>>
>> +    g_return_if_fail (result_sign != aegis_crypto_ok);
>> +
>> +    aegis_crypto_signature_to_string (&signed_data,
>> +                                      aegis_as_base64,
>> +                                      token,
>> +                                      &signed_raw_data);
>
> signed_raw_data -> signature_string
>

Same question as above.

>>      sgn = g_slice_new (AgSignature);
>> -    sgn->signature = data; //signed_data;
>> +    sgn->signature = g_strdup (signed_raw_data); //signed_data;
>
> remove the comment, it's obsolete now.
>

Ok.

>> +    g_free (signed_raw_data);
>>      sgn->token = g_strdup (token);
>>
>> +    priv = account->priv;
>> +    sc = account_service_changes_get (priv, priv->service, TRUE);
>> +
>>      g_hash_table_insert (sc->signatures,
>>                           g_strdup (key), sgn);
>> +#else
>> +    g_warning ("ag_account_sign: aegis-crypto not found! Unable to sign the 
>> key.");
>> +#endif
>>  }
>>
>>  /**
>> @@ -2219,13 +2248,20 @@ ag_account_sign (AgAccount *account, const gchar 
>> *key, const gchar *token)
>>  gboolean
>>  ag_account_verify (AgAccount *account, const gchar *key, const gchar 
>> **token)
>>  {
>> +#ifdef HAVE_AEGISCRYPTO
>>      AgAccountPrivate *priv;
>>      AgServiceSettings *ss;
>>      guint service_id;
>>      gchar *data;
>>      gchar *sql;
>>      AgSignature sgn;
>> -
>> +    GString *sql_str;
>> +    aegis_system_mode_t made_in_mode;
>> +    aegis_crypto_result result_verify;
>> +    aegis_crypto_result result_convert;
>> +    struct aegis_signature_t signature;
>> +    char *token_name;
>> +
>>      g_return_val_if_fail (AG_IS_ACCOUNT (account), FALSE);
>>
>>      priv = account->priv;
>> @@ -2235,7 +2271,7 @@ ag_account_verify (AgAccount *account, const gchar 
>> *key, const gchar **token)
>>
>>      service_id = (priv->service != NULL) ? priv->service->id : 0;
>>
>> -    GString *sql_str;
>> +
>>      sql_str = g_string_sized_new (512);
>>      _ag_string_append_printf (sql_str,
>>                                "SELECT signature, token FROM Signatures "
>> @@ -2246,16 +2282,44 @@ ag_account_verify (AgAccount *account, const gchar 
>> *key, const gchar **token)
>>                              (AgQueryCallback)got_account_signature,
>>                              &sgn, sql);
>>
>> -    g_free(sql);
>> -    data = signature_data(account, key);
>> +    g_free (sql);
>> +    data = signature_data (account, key);
>> +
>> +    aegis_crypto_init();
>>
>> -    /* TODO: verify data with sgn->signature - depends on libmaemosec */
>> +    result_convert =  aegis_crypto_string_to_signature (sgn.signature,
>> +                                                        &signature,
>> +                                                        &token_name);
>> +
>> +    if (result_convert != aegis_crypto_ok) {
>> +        *token = NULL;
>> +        aegis_crypto_finish();
>> +        g_free (data);
>> +        return FALSE;
>> +    }
>>
>> +    result_verify = aegis_crypto_verify (&signature,
>> +                                        token_name,
>> +                                        data,
>> +                                        strlen (data) + 1,
>> +                                        &made_in_mode);
>
> indent the parameters one char more to the right. Same remark about the "+ 1".
>

Fixed..

>> +
>> +    if (result_verify != aegis_crypto_ok) {
>> +        *token = NULL;
>> +        aegis_crypto_finish ();
>> +        g_free (data);
>> +        return FALSE;
>> +    }
>> +
>> +    *token = g_strdup (token_name);
>> +    aegis_crypto_finish ();
>>      g_free (data);
>>
>> -    /* temporary solution */
>> -    *token = "token";
>>      return TRUE;
>> +#else
>> +    g_warning ("ag_account_verify: aegis-crypto not found! Unable to verify 
>> the key.");
>> +    return FALSE;
>> +#endif
>>  }
>
> token_name is being leaked.
>

Fixed.

> Please double check the whitespaces; in several lines there are trailing 
> whitespaces.
>

Alright, fixed.

> Ciao,
>   Alberto
>

Br,
Lucian.
_______________________________________________
MeeGo-dev mailing list
MeeGo-dev@meego.com
http://lists.meego.com/listinfo/meego-dev
http://wiki.meego.com/Mailing_list_guidelines