From 37293469619a39584425a3d360114cd50db8e655 Mon Sep 17 00:00:00 2001 From: Cory McWilliams Date: Tue, 16 Aug 2022 02:38:25 +0000 Subject: [PATCH] I decrypted a private message. git-svn-id: https://www.unprompted.com/svn/projects/tildefriends/trunk@3965 ed5197a5-7fde-0310-b194-c3ffbd925b24 --- src/ssb.db.c | 45 ++++++++++++++++++++++++++++++++++++--------- 1 file changed, 36 insertions(+), 9 deletions(-) diff --git a/src/ssb.db.c b/src/ssb.db.c index 49b1c9a7..82847c01 100644 --- a/src/ssb.db.c +++ b/src/ssb.db.c @@ -802,13 +802,13 @@ bool tf_ssb_db_identity_get_private_key(tf_ssb_t* ssb, const char* user, const c static void _test_private(sqlite3* db, const uint8_t* private_key) { sqlite3_stmt* statement = NULL; - if (sqlite3_prepare(db, "SELECT content FROM messages WHERE content LIKE '\"%.box\"'", -1, &statement, NULL) == SQLITE_OK) + if (sqlite3_prepare(db, "SELECT content FROM messages WHERE content LIKE '\"%%.box\"'", -1, &statement, NULL) == SQLITE_OK) { while (sqlite3_step(statement) == SQLITE_ROW) { uint8_t buffer[8192]; - //printf("==> %s\n", sqlite3_column_text(statement, 0)); int r = base64c_decode(sqlite3_column_text(statement, 0) + 1, sqlite3_column_bytes(statement, 0) - strlen("\".box\""), buffer, sizeof(buffer)); + if (r > 1) { uint8_t* nonce = buffer; @@ -816,19 +816,38 @@ static void _test_private(sqlite3* db, const uint8_t* private_key) if (public_key + 32 < buffer + r) { uint8_t shared_secret[crypto_scalarmult_curve25519_SCALARBYTES]; - if (crypto_scalarmult_curve25519(shared_secret, private_key, public_key) == 0) + if (crypto_scalarmult(shared_secret, private_key, public_key) == 0) { - for (uint8_t* p = public_key + 32; p < buffer + r + 49; p += 49) + for (uint8_t* p = buffer + 24 + 32; p <= buffer + r - 49; p += 49) { uint8_t out[49]; - if (crypto_secretbox_open_easy(out, p, 49, nonce, shared_secret) == 0) + int o = crypto_secretbox_open_easy(out, p, 49, nonce, shared_secret); + if (o != -1) { - printf("opened secret box!\n"); + int recipients = (int)out[0]; + uint8_t* body = buffer + 24 + 32 + 49 * recipients; + size_t body_size = buffer + r - body; + + uint8_t result[8192]; + + uint8_t* key = out + 1; + if (crypto_secretbox_open_easy(result, body, body_size, nonce, key) != -1) + { + printf("%.*s\n", (int)body_size, result); + } } } } + else + { + printf("scalarmult failed\n"); + } } } + else + { + printf("base64 failed\n"); + } } sqlite3_finalize(statement); } @@ -841,12 +860,20 @@ void tf_ssb_db_private(sqlite3* db) { while (sqlite3_step(statement) == SQLITE_ROW) { - uint8_t private_key[crypto_sign_SECRETKEYBYTES]; + uint8_t private_key[crypto_sign_SECRETKEYBYTES] = { 0 }; printf("-> %s\n", sqlite3_column_text(statement, 0)); int r = base64c_decode(sqlite3_column_text(statement, 1), sqlite3_column_bytes(statement, 1) - strlen(".ed25519"), private_key, sizeof(private_key)); - if (r > 0) + if (r == sizeof(private_key)) { - _test_private(db, private_key); + uint8_t key[crypto_sign_SECRETKEYBYTES] = { 0 }; + if (crypto_sign_ed25519_sk_to_curve25519(key, private_key) != 0) + { + printf("key convert failed\n"); + } + else + { + _test_private(db, key); + } } } sqlite3_finalize(statement);