Skip to content

[secrets] store fix #50

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Jan 21, 2024
Merged

[secrets] store fix #50

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions components/ssh/include/ssh/common.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ namespace SSH
{
None = 0,
MalformedKey,
UnexpectedKey,
Unsupported,
InvalidState,
Internal,
Expand Down
1 change: 1 addition & 0 deletions components/ssh/include/ssh/keys.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ namespace SSH
Error Generate(KeyType keyType, uint32_t bits);

Error Wrap(ssh_key keyPtr);
Error Own(ssh_key keyPtr);
Error Load(const std::string& blob, const std::string& passphrase = std::string());
std::expected<std::string, Error> Marshal(const std::string& passphrase = std::string()) const;

Expand Down
16 changes: 16 additions & 0 deletions components/ssh/src/keys.cc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,12 @@ Error PrivateKey::Load(const std::string& blob, const std::string& passphrase)
return Error::MalformedKey;
}

rc = ssh_key_is_private(keyPtr);
if (rc != 1) {
ESP_LOGE(TAG, "tries to load not a priv key into priv key");
return Error::UnexpectedKey;
};

ssh_keytypes_e targetType = ssh_key_type(keyPtr);
this->keyType = sshKeyType(targetType);
if (this->keyType == KeyType::None) {
Expand All @@ -112,13 +118,23 @@ Error PrivateKey::Wrap(ssh_key keyPtr)
return Error::InvalidState;
}

return Own(keyPtr);
}

Error PrivateKey::Own(ssh_key keyPtr)
{
ssh_keytypes_e targetType = ssh_key_type(keyPtr);
this->keyType = sshKeyType(targetType);
if (this->keyType == KeyType::None) {
ESP_LOGE(TAG, "unsupported key type: %s", ssh_key_type_to_char(targetType));
return Error::Unsupported;
}

if (this->keyPtr != nullptr) {
ssh_key_free(this->keyPtr);
this->keyPtr = nullptr;
}

this->keyPtr = keyPtr;
return Error::None;
}
Expand Down
8 changes: 4 additions & 4 deletions main/secrets.cc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -104,7 +104,7 @@ Error Secrets::Store()
ESP_LOGE(TAG, "unable to store new secret key '%s': %d", SECRET_KEY_KEY, (int)err);
return Error::InvalidSecretKey;
}
ESP_LOGI(TAG, "host key stored in: %s", SECRET_KEY_KEY);
ESP_LOGI(TAG, "secret key stored in: %s", SECRET_KEY_KEY);
} else {
ESP_LOGW(TAG, "ignore empty secret key storing");
}
Expand Down Expand Up @@ -144,12 +144,12 @@ Error Secrets::FromJson(const JsonObjectConst& obj) noexcept

Blob::Bytes newSecretKey = Blob::Base64Decode(obj["secret_key"].as<std::string_view>());
if (newSecretKey.empty()) {
ESP_LOGE(TAG, "unable to secret key");
ESP_LOGE(TAG, "unable to parse secret key");
return Error::ShitHappens;
}

this->hostKey = std::move(newHostKey);
this->secretKey = std::move(newSecretKey);
this->hostKey.Own(newHostKey.Copy());
this->secretKey = newSecretKey;
return Error::None;
}

Expand Down