tasiaiso/tildefriends
1
0
Fork 0
forked from cory/tildefriends
Code Issues Pull Requests Releases Wiki Activity

I decrypted a private message.

Browse Source 
git-svn-id: https://www.unprompted.com/svn/projects/tildefriends/trunk@3965 ed5197a5-7fde-0310-b194-c3ffbd925b24
This commit is contained in:
Cory McWilliams 2022-08-16 02:38:25 +00:00
parent 357d944a8d
commit 3729346961
1 changed files with 36 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
src/ssb.db.c
View File

@ -802,13 +802,13 @@ bool tf_ssb_db_identity_get_private_key(tf_ssb_t* ssb, const char* user, const c
static void _test_private(sqlite3* db, const uint8_t* private_key) static void _test_private(sqlite3* db, const uint8_t* private_key)
{ {
sqlite3_stmt* statement = NULL; sqlite3_stmt* statement = NULL;
if (sqlite3_prepare(db, "SELECT content FROM messages WHERE content LIKE '\"%.box\"'", -1, &statement, NULL) == SQLITE_OK) if (sqlite3_prepare(db, "SELECT content FROM messages WHERE content LIKE '\"%%.box\"'", -1, &statement, NULL) == SQLITE_OK)
{ {
while (sqlite3_step(statement) == SQLITE_ROW) while (sqlite3_step(statement) == SQLITE_ROW)
{ {
uint8_t buffer[8192]; uint8_t buffer[8192];
//printf("==> %s\n", sqlite3_column_text(statement, 0));
int r = base64c_decode(sqlite3_column_text(statement, 0) + 1, sqlite3_column_bytes(statement, 0) - strlen("\".box\""), buffer, sizeof(buffer)); int r = base64c_decode(sqlite3_column_text(statement, 0) + 1, sqlite3_column_bytes(statement, 0) - strlen("\".box\""), buffer, sizeof(buffer));
if (r > 1) if (r > 1)
{ {
uint8_t* nonce = buffer; uint8_t* nonce = buffer;
@ -816,18 +816,37 @@ static void _test_private(sqlite3* db, const uint8_t* private_key)
if (public_key + 32 < buffer + r) if (public_key + 32 < buffer + r)
{ {
uint8_t shared_secret[crypto_scalarmult_curve25519_SCALARBYTES]; uint8_t shared_secret[crypto_scalarmult_curve25519_SCALARBYTES];
if (crypto_scalarmult_curve25519(shared_secret, private_key, public_key) == 0) if (crypto_scalarmult(shared_secret, private_key, public_key) == 0)
{ {
for (uint8_t* p = public_key + 32; p < buffer + r + 49; p += 49) for (uint8_t* p = buffer + 24 + 32; p <= buffer + r - 49; p += 49)
{ {
uint8_t out[49]; uint8_t out[49];
if (crypto_secretbox_open_easy(out, p, 49, nonce, shared_secret) == 0) int o = crypto_secretbox_open_easy(out, p, 49, nonce, shared_secret);
if (o != -1)
{ {
printf("opened secret box!\n"); int recipients = (int)out[0];
uint8_t* body = buffer + 24 + 32 + 49 * recipients;
size_t body_size = buffer + r - body;
uint8_t result[8192];
uint8_t* key = out + 1;
if (crypto_secretbox_open_easy(result, body, body_size, nonce, key) != -1)
{
printf("%.*s\n", (int)body_size, result);
} }
} }
} }
} }
else
{
printf("scalarmult failed\n");
}
}
}
else
{
printf("base64 failed\n");
} }
} }
sqlite3_finalize(statement); sqlite3_finalize(statement);
@ -841,12 +860,20 @@ void tf_ssb_db_private(sqlite3* db)
{ {
while (sqlite3_step(statement) == SQLITE_ROW) while (sqlite3_step(statement) == SQLITE_ROW)
{ {
uint8_t private_key[crypto_sign_SECRETKEYBYTES]; uint8_t private_key[crypto_sign_SECRETKEYBYTES] = { 0 };
printf("-> %s\n", sqlite3_column_text(statement, 0)); printf("-> %s\n", sqlite3_column_text(statement, 0));
int r = base64c_decode(sqlite3_column_text(statement, 1), sqlite3_column_bytes(statement, 1) - strlen(".ed25519"), private_key, sizeof(private_key)); int r = base64c_decode(sqlite3_column_text(statement, 1), sqlite3_column_bytes(statement, 1) - strlen(".ed25519"), private_key, sizeof(private_key));
if (r > 0) if (r == sizeof(private_key))
{ {
_test_private(db, private_key); uint8_t key[crypto_sign_SECRETKEYBYTES] = { 0 };
if (crypto_sign_ed25519_sk_to_curve25519(key, private_key) != 0)
{
printf("key convert failed\n");
}
else
{
_test_private(db, key);
}
} }
} }
sqlite3_finalize(statement); sqlite3_finalize(statement);