diff options
| author | Stef Walter <stefw@gnome.org> | 2012-06-30 13:31:54 +0200 |
|---|---|---|
| committer | Stef Walter <stefw@gnome.org> | 2012-06-30 13:31:54 +0200 |
| commit | d1cf6d5d15e25d915a3ec37092f21e65d7b2e15c (patch) | |
| tree | 0a9e77151cdeaf079ad06447321d415b662b4d17 | |
| parent | b7e899d45a49085e2cedbff1cf76e6d8450b0bea (diff) | |
| download | gcr-gnome-3-4.tar.gz | |
gcr: Add debug output to GcrSecretExchangegnome-3-4
| -rw-r--r-- | gcr/gcr-debug.c | 1 | ||||
| -rw-r--r-- | gcr/gcr-debug.h | 1 | ||||
| -rw-r--r-- | gcr/gcr-secret-exchange.c | 46 |
3 files changed, 44 insertions, 4 deletions
diff --git a/gcr/gcr-debug.c b/gcr/gcr-debug.c index c80ceac..63bfb1d 100644 --- a/gcr/gcr-debug.c +++ b/gcr/gcr-debug.c @@ -44,6 +44,7 @@ static GDebugKey keys[] = { { "import", GCR_DEBUG_IMPORT }, { "key", GCR_DEBUG_KEY }, { "prompt", GCR_DEBUG_PROMPT }, + { "secret-exchange", GCR_DEBUG_SECRET_EXCHANGE }, { 0, } }; diff --git a/gcr/gcr-debug.h b/gcr/gcr-debug.h index 54c13d5..49dd939 100644 --- a/gcr/gcr-debug.h +++ b/gcr/gcr-debug.h @@ -36,6 +36,7 @@ typedef enum { GCR_DEBUG_IMPORT = 1 << 6, GCR_DEBUG_KEY = 1 << 7, GCR_DEBUG_PROMPT = 1 << 8, + GCR_DEBUG_SECRET_EXCHANGE = 1 << 9, } GcrDebugFlags; gboolean _gcr_debug_flag_is_set (GcrDebugFlags flag); diff --git a/gcr/gcr-secret-exchange.c b/gcr/gcr-secret-exchange.c index f6eb32e..c418575 100644 --- a/gcr/gcr-secret-exchange.c +++ b/gcr/gcr-secret-exchange.c @@ -21,6 +21,8 @@ #include "config.h" +#define DEBUG_FLAG GCR_DEBUG_SECRET_EXCHANGE +#include "gcr-debug.h" #include "gcr-secret-exchange.h" #include "egg/egg-dh.h" @@ -155,12 +157,18 @@ gcr_secret_exchange_set_property (GObject *obj, switch (prop_id) { case PROP_PROTOCOL: protocol = g_value_get_string (value); - if (protocol != NULL) { - if (g_str_equal (protocol, GCR_SECRET_EXCHANGE_PROTOCOL_1)) + if (protocol == NULL) { + _gcr_debug ("automatically selecting secret exchange protocol"); + + } else { + if (g_str_equal (protocol, GCR_SECRET_EXCHANGE_PROTOCOL_1)) { + _gcr_debug ("explicitly using secret exchange protocol: %s", + GCR_SECRET_EXCHANGE_PROTOCOL_1); self->pv->explicit_protocol = TRUE; - else + } else { g_warning ("the GcrSecretExchange protocol %s is unsupported defaulting to %s", protocol, GCR_SECRET_EXCHANGE_PROTOCOL_1); + } } break; default: @@ -294,6 +302,12 @@ gcr_secret_exchange_begin (GcrSecretExchange *self) g_strchug (result); + if (_gcr_debugging) { + gchar *string = g_strescape (result, ""); + _gcr_debug ("beginning the secret exchange: %s", string); + g_free (string); + } + if (!g_str_has_prefix (result, SECRET_EXCHANGE_PROTOCOL_1_PREFIX)) g_warning ("the prepared data does not have the correct protocol prefix"); @@ -314,6 +328,8 @@ derive_key (GcrSecretExchange *self, klass = GCR_SECRET_EXCHANGE_GET_CLASS (self); g_return_val_if_fail (klass->derive_transport_key, FALSE); + _gcr_debug ("deriving shared transport key"); + peer = key_file_get_base64 (input, GCR_SECRET_EXCHANGE_PROTOCOL_1, "public", &n_peer); if (peer == NULL) { g_message ("secret-exchange: invalid or missing 'public' argument"); @@ -402,6 +418,12 @@ gcr_secret_exchange_receive (GcrSecretExchange *self, g_return_val_if_fail (klass->generate_exchange_key, FALSE); g_return_val_if_fail (klass->derive_transport_key, FALSE); + if (_gcr_debugging) { + gchar *string = g_strescape (exchange, ""); + _gcr_debug ("receiving secret exchange: %s", string); + g_free (string); + } + /* Parse the input */ input = g_key_file_new (); if (!g_key_file_load_from_data (input, exchange, strlen (exchange), @@ -542,6 +564,12 @@ gcr_secret_exchange_send (GcrSecretExchange *self, g_strchug (result); + if (_gcr_debugging) { + gchar *string = g_strescape (result, ""); + _gcr_debug ("sending the secret exchange: %s", string); + g_free (string); + } + if (!g_str_has_prefix (result, SECRET_EXCHANGE_PROTOCOL_1_PREFIX)) g_warning ("the prepared data does not have the correct protocol prefix: %s", result); @@ -626,6 +654,8 @@ gcr_secret_exchange_default_generate_exchange_key (GcrSecretExchange *exchange, { GcrSecretExchangeDefault *data = exchange->pv->default_exchange; + _gcr_debug ("generating public key"); + if (data == NULL) { data = g_new0 (GcrSecretExchangeDefault, 1); if (!egg_dh_default_params (EXCHANGE_1_IKE_NAME, &data->prime, &data->base)) @@ -660,12 +690,16 @@ gcr_secret_exchange_default_derive_transport_key (GcrSecretExchange *exchange, gsize n_ikm; gcry_mpi_t mpi; + _gcr_debug ("deriving transport key"); + g_return_val_if_fail (data != NULL, FALSE); g_return_val_if_fail (data->priv != NULL, FALSE); mpi = mpi_from_data (peer, n_peer); - if (mpi == NULL) + if (mpi == NULL) { + _gcr_debug ("invalid peer mpi"); return FALSE; + } /* Build up a key we can use */ ikm = egg_dh_gen_secret (mpi, data->priv, data->prime, &n_ikm); @@ -705,6 +739,8 @@ gcr_secret_exchange_default_encrypt_transport_data (GcrSecretExchange *exchange, g_return_val_if_fail (data != NULL, FALSE); g_return_val_if_fail (data->key != NULL, FALSE); + _gcr_debug ("encrypting data"); + gcry = gcry_cipher_open (&cih, EXCHANGE_1_CIPHER_ALGO, EXCHANGE_1_CIPHER_MODE, 0); if (gcry != 0) { g_warning ("couldn't create aes cipher context: %s", gcry_strerror (gcry)); @@ -768,6 +804,8 @@ gcr_secret_exchange_default_decrypt_transport_data (GcrSecretExchange *exchange, g_return_val_if_fail (data != NULL, FALSE); g_return_val_if_fail (data->key != NULL, FALSE); + _gcr_debug ("decrypting data"); + if (iv == NULL || n_iv != EXCHANGE_1_IV_LENGTH) { g_message ("secret-exchange: invalid or missing iv"); return FALSE; |