diff options
| author | Ted Unangst <tedu@cvs.openbsd.org> | 2014-12-29 14:23:18 +0000 |
|---|---|---|
| committer | Ted Unangst <tedu@cvs.openbsd.org> | 2014-12-29 14:23:18 +0000 |
| commit | 9a73f3132adae61030202c819bced9cdcee31d6c (patch) | |
| tree | 0df53d41bb90d9ef624fe4ecbb7d7233aa971529 /usr.bin/signify/signify.c | |
| parent | 4299c7b84f15c201e8df69f3a7cb1eefe4da6237 (diff) | |
rename fingerprint struct field. no longer exposed to users, but since it's
not technically a fingerprint as others understand the term, pick another.
now it's a keynum!
after an email from Florian Weimer
Diffstat (limited to 'usr.bin/signify/signify.c')
| -rw-r--r-- | usr.bin/signify/signify.c | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/usr.bin/signify/signify.c b/usr.bin/signify/signify.c index f8faad5c2c0..d4dc52d4a78 100644 --- a/usr.bin/signify/signify.c +++ b/usr.bin/signify/signify.c @@ -1,4 +1,4 @@ -/* $OpenBSD: signify.c,v 1.93 2014/12/29 14:16:04 tedu Exp $ */ +/* $OpenBSD: signify.c,v 1.94 2014/12/29 14:23:17 tedu Exp $ */ /* * Copyright (c) 2013 Ted Unangst <tedu@openbsd.org> * @@ -42,7 +42,7 @@ #define PKALG "Ed" #define KDFALG "BK" -#define FPLEN 8 +#define KEYNUMLEN 8 #define COMMENTHDR "untrusted comment: " #define COMMENTHDRLEN 19 @@ -55,19 +55,19 @@ struct enckey { uint32_t kdfrounds; uint8_t salt[16]; uint8_t checksum[8]; - uint8_t fingerprint[FPLEN]; + uint8_t keynum[KEYNUMLEN]; uint8_t seckey[SECRETBYTES]; }; struct pubkey { uint8_t pkalg[2]; - uint8_t fingerprint[FPLEN]; + uint8_t keynum[KEYNUMLEN]; uint8_t pubkey[PUBLICBYTES]; }; struct sig { uint8_t pkalg[2]; - uint8_t fingerprint[FPLEN]; + uint8_t keynum[KEYNUMLEN]; uint8_t sig[SIGBYTES]; }; @@ -299,13 +299,13 @@ generate(const char *pubkeyfile, const char *seckeyfile, int rounds, struct pubkey pubkey; struct enckey enckey; uint8_t xorkey[sizeof(enckey.seckey)]; - uint8_t fingerprint[FPLEN]; + uint8_t keynum[KEYNUMLEN]; char commentbuf[COMMENTMAXLEN]; SHA2_CTX ctx; int i, nr; crypto_sign_ed25519_keypair(pubkey.pubkey, enckey.seckey); - arc4random_buf(fingerprint, sizeof(fingerprint)); + arc4random_buf(keynum, sizeof(keynum)); SHA512Init(&ctx); SHA512Update(&ctx, enckey.seckey, sizeof(enckey.seckey)); @@ -314,7 +314,7 @@ generate(const char *pubkeyfile, const char *seckeyfile, int rounds, memcpy(enckey.pkalg, PKALG, 2); memcpy(enckey.kdfalg, KDFALG, 2); enckey.kdfrounds = htonl(rounds); - memcpy(enckey.fingerprint, fingerprint, FPLEN); + memcpy(enckey.keynum, keynum, KEYNUMLEN); arc4random_buf(enckey.salt, sizeof(enckey.salt)); kdf(enckey.salt, sizeof(enckey.salt), rounds, 1, 1, xorkey, sizeof(xorkey)); memcpy(enckey.checksum, digest, sizeof(enckey.checksum)); @@ -331,7 +331,7 @@ generate(const char *pubkeyfile, const char *seckeyfile, int rounds, explicit_bzero(&enckey, sizeof(enckey)); memcpy(pubkey.pkalg, PKALG, 2); - memcpy(pubkey.fingerprint, fingerprint, FPLEN); + memcpy(pubkey.keynum, keynum, KEYNUMLEN); if ((nr = snprintf(commentbuf, sizeof(commentbuf), "%s public key", comment)) == -1 || nr >= sizeof(commentbuf)) errx(1, "comment too long"); @@ -374,7 +374,7 @@ sign(const char *seckeyfile, const char *msgfile, const char *sigfile, msg = readmsg(msgfile, &msglen); signmsg(enckey.seckey, msg, msglen, sig.sig); - memcpy(sig.fingerprint, enckey.fingerprint, FPLEN); + memcpy(sig.keynum, enckey.keynum, KEYNUMLEN); explicit_bzero(&enckey, sizeof(enckey)); memcpy(sig.pkalg, PKALG, 2); @@ -406,7 +406,7 @@ verifymsg(struct pubkey *pubkey, uint8_t *msg, unsigned long long msglen, uint8_t *sigbuf, *dummybuf; unsigned long long siglen, dummylen; - if (memcmp(pubkey->fingerprint, sig->fingerprint, FPLEN) != 0) + if (memcmp(pubkey->keynum, sig->keynum, KEYNUMLEN) != 0) errx(1, "verification failed: checked against wrong key"); siglen = SIGBYTES + msglen; |