forked from cory/tildefriends
I decrypted a private message.
git-svn-id: https://www.unprompted.com/svn/projects/tildefriends/trunk@3965 ed5197a5-7fde-0310-b194-c3ffbd925b24
This commit is contained in:
45
src/ssb.db.c
45
src/ssb.db.c
@@ -802,13 +802,13 @@ bool tf_ssb_db_identity_get_private_key(tf_ssb_t* ssb, const char* user, const c
|
||||
static void _test_private(sqlite3* db, const uint8_t* private_key)
|
||||
{
|
||||
sqlite3_stmt* statement = NULL;
|
||||
if (sqlite3_prepare(db, "SELECT content FROM messages WHERE content LIKE '\"%.box\"'", -1, &statement, NULL) == SQLITE_OK)
|
||||
if (sqlite3_prepare(db, "SELECT content FROM messages WHERE content LIKE '\"%%.box\"'", -1, &statement, NULL) == SQLITE_OK)
|
||||
{
|
||||
while (sqlite3_step(statement) == SQLITE_ROW)
|
||||
{
|
||||
uint8_t buffer[8192];
|
||||
//printf("==> %s\n", sqlite3_column_text(statement, 0));
|
||||
int r = base64c_decode(sqlite3_column_text(statement, 0) + 1, sqlite3_column_bytes(statement, 0) - strlen("\".box\""), buffer, sizeof(buffer));
|
||||
|
||||
if (r > 1)
|
||||
{
|
||||
uint8_t* nonce = buffer;
|
||||
@@ -816,19 +816,38 @@ static void _test_private(sqlite3* db, const uint8_t* private_key)
|
||||
if (public_key + 32 < buffer + r)
|
||||
{
|
||||
uint8_t shared_secret[crypto_scalarmult_curve25519_SCALARBYTES];
|
||||
if (crypto_scalarmult_curve25519(shared_secret, private_key, public_key) == 0)
|
||||
if (crypto_scalarmult(shared_secret, private_key, public_key) == 0)
|
||||
{
|
||||
for (uint8_t* p = public_key + 32; p < buffer + r + 49; p += 49)
|
||||
for (uint8_t* p = buffer + 24 + 32; p <= buffer + r - 49; p += 49)
|
||||
{
|
||||
uint8_t out[49];
|
||||
if (crypto_secretbox_open_easy(out, p, 49, nonce, shared_secret) == 0)
|
||||
int o = crypto_secretbox_open_easy(out, p, 49, nonce, shared_secret);
|
||||
if (o != -1)
|
||||
{
|
||||
printf("opened secret box!\n");
|
||||
int recipients = (int)out[0];
|
||||
uint8_t* body = buffer + 24 + 32 + 49 * recipients;
|
||||
size_t body_size = buffer + r - body;
|
||||
|
||||
uint8_t result[8192];
|
||||
|
||||
uint8_t* key = out + 1;
|
||||
if (crypto_secretbox_open_easy(result, body, body_size, nonce, key) != -1)
|
||||
{
|
||||
printf("%.*s\n", (int)body_size, result);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
printf("scalarmult failed\n");
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
printf("base64 failed\n");
|
||||
}
|
||||
}
|
||||
sqlite3_finalize(statement);
|
||||
}
|
||||
@@ -841,12 +860,20 @@ void tf_ssb_db_private(sqlite3* db)
|
||||
{
|
||||
while (sqlite3_step(statement) == SQLITE_ROW)
|
||||
{
|
||||
uint8_t private_key[crypto_sign_SECRETKEYBYTES];
|
||||
uint8_t private_key[crypto_sign_SECRETKEYBYTES] = { 0 };
|
||||
printf("-> %s\n", sqlite3_column_text(statement, 0));
|
||||
int r = base64c_decode(sqlite3_column_text(statement, 1), sqlite3_column_bytes(statement, 1) - strlen(".ed25519"), private_key, sizeof(private_key));
|
||||
if (r > 0)
|
||||
if (r == sizeof(private_key))
|
||||
{
|
||||
_test_private(db, private_key);
|
||||
uint8_t key[crypto_sign_SECRETKEYBYTES] = { 0 };
|
||||
if (crypto_sign_ed25519_sk_to_curve25519(key, private_key) != 0)
|
||||
{
|
||||
printf("key convert failed\n");
|
||||
}
|
||||
else
|
||||
{
|
||||
_test_private(db, key);
|
||||
}
|
||||
}
|
||||
}
|
||||
sqlite3_finalize(statement);
|
||||
|
||||
Reference in New Issue
Block a user