Hi Mardy, Here is the mail on the mailing list. Br,
Lucian Horga.
The patch:
--------------------------------------------------------------------------------------
diff --git a/configure.ac b/configure.ac
index af6ea8b..eddb00d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -13,11 +13,19 @@ PKG_CHECK_MODULES(
gobject-2.0
libxml-2.0
sqlite3);
+
AC_SUBST(LIBACCOUNTS_CFLAGS)
AC_SUBST(LIBACCOUNTS_LIBS)
PKG_CHECK_MODULES([CHECK], [check >= 0.9.4])
+dnl Check for aegis-crypto library.
+PKG_CHECK_MODULES([AEGISCRYPTO], aegis-crypto >= 0.2.9,
[HAVE_AEGISCRYPTO=yes], [HAVE_AEGISCRYPTO=no])
+AM_CONDITIONAL([HAVE_AEGISCRYPTO], [test x"$HAVE_AEGISCRYPTO" = xyes])
+if test x"$HAVE_AEGISCRYPTO" = xyes; then
+ AC_DEFINE([HAVE_AEGISCRYPTO], [1], [Define if aegis-crypto is available])
+fi
+
AC_ISC_POSIX
AC_PROG_CC
AM_PROG_CC_STDC
diff --git a/libaccounts-glib/ag-account.c b/libaccounts-glib/ag-account.c
index a2354ba..51dc194 100644
--- a/libaccounts-glib/ag-account.c
+++ b/libaccounts-glib/ag-account.c
@@ -41,6 +41,10 @@
#include "ag-service.h"
#include "ag-util.h"
+#ifdef HAVE_AEGISCRYPTO
+ #include <aegis_crypto.h>
+#endif
+
#include <string.h>
#define SERVICE_GLOBAL "global"
@@ -303,6 +307,7 @@ ag_account_watch_int (AgAccount *account, gchar *key, gchar
*prefix,
return watch;
}
+#ifdef HAVE_AEGISCRYPTO
static gboolean
got_account_signature (sqlite3_stmt *stmt, AgSignature *sgn)
{
@@ -311,6 +316,7 @@ got_account_signature (sqlite3_stmt *stmt, AgSignature *sgn)
return TRUE;
}
+#endif
static gboolean
got_account_setting (sqlite3_stmt *stmt, GHashTable *settings)
@@ -2085,6 +2091,7 @@ ag_account_store_blocking (AgAccount *account, GError
**error)
return TRUE;
}
+#ifdef HAVE_AEGISCRYPTO
static gboolean
store_data (gpointer key, gpointer value, gpointer data)
{
@@ -2169,6 +2176,8 @@ signature_data (AgAccount *account, const gchar *key)
return g_string_free (data, FALSE);
}
+#endif
+
/**
* ag_account_sign:
* @key: the name of the key or prefix of the keys to be signed.
@@ -2179,10 +2188,13 @@ signature_data (AgAccount *account, const gchar *key)
void
ag_account_sign (AgAccount *account, const gchar *key, const gchar *token)
{
+#ifdef HAVE_AEGISCRYPTO
AgSignature *sgn;
AgAccountPrivate *priv;
AgServiceChanges *sc;
gchar *data;
+ struct aegis_signature_t signature;
+ gchar *signature_string;
g_return_if_fail (key != NULL);
g_return_if_fail (token != NULL);
@@ -2192,17 +2204,33 @@ ag_account_sign (AgAccount *account, const gchar *key,
const gchar *token)
g_return_if_fail (data != NULL);
- /* TODO: sign data with token - depends on libmaemosec */
+ aegis_crypto_result result_sign =
+ aegis_crypto_sign (data,
+ strlen (data),
+ token,
+ &signature);
+ g_free (data);
+ g_return_if_fail (result_sign != aegis_crypto_ok);
- priv = account->priv;
- sc = account_service_changes_get (priv, priv->service, TRUE);
+ aegis_crypto_signature_to_string (&signature,
+ aegis_as_base64,
+ token,
+ &signature_string);
+ aegis_crypto_finish ();
sgn = g_slice_new (AgSignature);
- sgn->signature = data; //signed_data;
+ sgn->signature = g_strdup (signature_string);
+ aegis_crypto_free (signature_string);
sgn->token = g_strdup (token);
+ priv = account->priv;
+ sc = account_service_changes_get (priv, priv->service, TRUE);
+
g_hash_table_insert (sc->signatures,
g_strdup (key), sgn);
+#else
+ g_warning ("ag_account_sign: aegis-crypto not found! Unable to sign the
key.");
+#endif
}
/**
@@ -2219,12 +2247,19 @@ ag_account_sign (AgAccount *account, const gchar *key,
const gchar *token)
gboolean
ag_account_verify (AgAccount *account, const gchar *key, const gchar **token)
{
+#ifdef HAVE_AEGISCRYPTO
AgAccountPrivate *priv;
AgServiceSettings *ss;
guint service_id;
gchar *data;
gchar *sql;
AgSignature sgn;
+ GString *sql_str;
+ aegis_system_mode_t made_in_mode;
+ aegis_crypto_result result_verify;
+ aegis_crypto_result result_convert;
+ struct aegis_signature_t signature;
+ char *token_name;
g_return_val_if_fail (AG_IS_ACCOUNT (account), FALSE);
@@ -2235,7 +2270,7 @@ ag_account_verify (AgAccount *account, const gchar *key,
const gchar **token)
service_id = (priv->service != NULL) ? priv->service->id : 0;
- GString *sql_str;
+
sql_str = g_string_sized_new (512);
_ag_string_append_printf (sql_str,
"SELECT signature, token FROM Signatures "
@@ -2246,16 +2281,49 @@ ag_account_verify (AgAccount *account, const gchar
*key, const gchar **token)
(AgQueryCallback)got_account_signature,
&sgn, sql);
- g_free(sql);
- data = signature_data(account, key);
+ g_free (sql);
+ data = signature_data (account, key);
+
+ aegis_crypto_init();
- /* TODO: verify data with sgn->signature - depends on libmaemosec */
+ token_name = NULL;
+ result_convert = aegis_crypto_string_to_signature (sgn.signature,
+ &signature,
+ &token_name);
+
+ if (result_convert != aegis_crypto_ok) {
+ *token = NULL;
+ aegis_crypto_finish ();
+ g_free (data);
+ return FALSE;
+ }
+ result_verify = aegis_crypto_verify (&signature,
+ token_name,
+ data,
+ strlen (data),
+ &made_in_mode);
+
+ if (result_verify != aegis_crypto_ok) {
+ *token = NULL;
+ aegis_crypto_finish ();
+ g_free (data);
+ aegis_crypto_free (token_name);
+ return FALSE;
+ }
+
+ *token = g_strdup (token_name);
+ if (token_name)
+ aegis_crypto_free (token_name);
+
+ aegis_crypto_finish ();
g_free (data);
- /* temporary solution */
- *token = "token";
return TRUE;
+#else
+ g_warning ("ag_account_verify: aegis-crypto not found! Unable to verify
the key.");
+ return FALSE;
+#endif
}
/**
review.patch
Description: review.patch
_______________________________________________ MeeGo-dev mailing list MeeGo-dev@meego.com http://lists.meego.com/listinfo/meego-dev http://wiki.meego.com/Mailing_list_guidelines
