discovery_keys.c File Reference

Discovery Server Public Key Trust Management Implementation. More...

Go to the source code of this file.

Functions
asciichat_error_t	discovery_keys_download_https (const char *url, uint8_t pubkey_out[32])
asciichat_error_t	discovery_keys_load_file (const char *file_path, uint8_t pubkey_out[32])
asciichat_error_t	discovery_keys_fetch_github (const char *username, bool is_gpg, uint8_t pubkey_out[32])
asciichat_error_t	discovery_keys_fetch_gitlab (const char *username, uint8_t pubkey_out[32])
asciichat_error_t	discovery_keys_get_cache_path (const char *acds_server, char *path_out, size_t path_size)
asciichat_error_t	discovery_keys_load_cached (const char *acds_server, uint8_t pubkey_out[32])
asciichat_error_t	discovery_keys_save_cached (const char *acds_server, const uint8_t pubkey[32])
asciichat_error_t	discovery_keys_clear_cache (const char *acds_server)
asciichat_error_t	discovery_keys_verify_change (const char *acds_server, const uint8_t old_pubkey[32], const uint8_t new_pubkey[32])
asciichat_error_t	discovery_keys_verify (const char *acds_server, const char *key_spec, uint8_t pubkey_out[32])

Detailed Description

Discovery Server Public Key Trust Management Implementation.

Author

Zachary Fogg me@zf.nosp@m.o.gg

Date

January 2026

Definition in file discovery_keys.c.

Function Documentation

discovery_keys_clear_cache()

asciichat_error_t discovery_keys_clear_cache

(

const char *

acds_server

)

Definition at line 237 of file discovery_keys.c.

                                                                      {
  if (!acds_server) {
    return SET_ERRNO(ERROR_INVALID_PARAM, "NULL parameter in discovery_keys_clear_cache");
  }
 
  char cache_path[PLATFORM_MAX_PATH_LENGTH];
  asciichat_error_t result = discovery_keys_get_cache_path(acds_server, cache_path, sizeof(cache_path));
  if (result != ASCIICHAT_OK) {
    return result;
  }
 
  if (platform_is_regular_file(cache_path)) {
    if (remove(cache_path) != 0) {
      return SET_ERRNO_SYS(ERROR_FILE_OPERATION, "Failed to delete cached key: %s", cache_path);
    }
    log_debug("Cleared cached ACDS key for server: %s", acds_server);
  }
 
  return ASCIICHAT_OK;
}

References discovery_keys_get_cache_path(), platform_is_regular_file(), and PLATFORM_MAX_PATH_LENGTH.

discovery_keys_download_https()

asciichat_error_t discovery_keys_download_https	(	const char *	url,
		uint8_t	pubkey_out[32]
	)

Definition at line 59 of file discovery_keys.c.

                                                                                         {
  if (!url || !pubkey_out) {
    return SET_ERRNO(ERROR_INVALID_PARAM, "NULL parameter in discovery_keys_download_https");
  }
 
  log_debug("Downloading ACDS key from %s", url);
 
  // Use existing parse_public_key infrastructure which handles HTTPS URLs
  public_key_t key;
  asciichat_error_t result = parse_public_key(url, &key);
  if (result != ASCIICHAT_OK) {
    return SET_ERRNO(ERROR_CRYPTO_KEY, "Failed to download and parse ACDS key from %s", url);
  }
 
  memcpy(pubkey_out, key.key, 32);
  log_debug("Successfully downloaded and parsed ACDS key from %s", url);
  return ASCIICHAT_OK;
}

References parse_public_key().

discovery_keys_fetch_github()

asciichat_error_t discovery_keys_fetch_github	(	const char *	username,
		bool	is_gpg,
		uint8_t	pubkey_out[32]
	)

Definition at line 101 of file discovery_keys.c.

                                                                                                         {
  if (!username || !pubkey_out) {
    return SET_ERRNO(ERROR_INVALID_PARAM, "NULL parameter in discovery_keys_fetch_github");
  }
 
  log_debug("Fetching ACDS key from GitHub for user: %s", username);
 
  // Use existing parse_public_key infrastructure
  char key_spec[BUFFER_SIZE_MEDIUM];
  if (is_gpg) {
    safe_snprintf(key_spec, sizeof(key_spec), "github:%s.gpg", username);
  } else {
    safe_snprintf(key_spec, sizeof(key_spec), "github:%s", username);
  }
 
  public_key_t key;
  asciichat_error_t result = parse_public_key(key_spec, &key);
  if (result != ASCIICHAT_OK) {
    return SET_ERRNO(ERROR_CRYPTO_KEY, "Failed to fetch ACDS key from GitHub: %s", username);
  }
 
  memcpy(pubkey_out, key.key, 32);
  return ASCIICHAT_OK;
}

References parse_public_key(), and safe_snprintf().

discovery_keys_fetch_gitlab()

asciichat_error_t discovery_keys_fetch_gitlab	(	const char *	username,
		uint8_t	pubkey_out[32]
	)

Definition at line 126 of file discovery_keys.c.

                                                                                            {
  if (!username || !pubkey_out) {
    return SET_ERRNO(ERROR_INVALID_PARAM, "NULL parameter in discovery_keys_fetch_gitlab");
  }
 
  log_debug("Fetching ACDS key from GitLab for user: %s", username);
 
  // Use existing parse_public_key infrastructure
  char key_spec[BUFFER_SIZE_MEDIUM];
  safe_snprintf(key_spec, sizeof(key_spec), "gitlab:%s.gpg", username);
 
  public_key_t key;
  asciichat_error_t result = parse_public_key(key_spec, &key);
  if (result != ASCIICHAT_OK) {
    return SET_ERRNO(ERROR_CRYPTO_KEY, "Failed to fetch ACDS key from GitLab: %s", username);
  }
 
  memcpy(pubkey_out, key.key, 32);
  return ASCIICHAT_OK;
}

References parse_public_key(), and safe_snprintf().

discovery_keys_get_cache_path()

asciichat_error_t discovery_keys_get_cache_path	(	const char *	acds_server,
		char *	path_out,
		size_t	path_size
	)

Definition at line 151 of file discovery_keys.c.

                                                                                                           {
  if (!acds_server || !path_out || path_size == 0) {
    return SET_ERRNO(ERROR_INVALID_PARAM, "NULL parameter in discovery_keys_get_cache_path");
  }
 
  char *config_dir = get_config_dir();
  if (!config_dir) {
    return SET_ERRNO(ERROR_CONFIG, "Failed to get config directory");
  }
 
  // Path: ~/.config/ascii-chat/acds_keys/<hostname>/key.pub
  safe_snprintf(path_out, path_size, "%s" ACDS_KEYS_CACHE_DIR PATH_SEPARATOR_STR "%s" PATH_SEPARATOR_STR "key.pub",
                config_dir, acds_server);
  SAFE_FREE(config_dir);
 
  return ASCIICHAT_OK;
}

References get_config_dir(), and safe_snprintf().

Referenced by discovery_keys_clear_cache(), discovery_keys_load_cached(), and discovery_keys_save_cached().

discovery_keys_load_cached()

asciichat_error_t discovery_keys_load_cached	(	const char *	acds_server,
		uint8_t	pubkey_out[32]
	)

Definition at line 169 of file discovery_keys.c.

                                                                                              {
  if (!acds_server || !pubkey_out) {
    return SET_ERRNO(ERROR_INVALID_PARAM, "NULL parameter in discovery_keys_load_cached");
  }
 
  char cache_path[PLATFORM_MAX_PATH_LENGTH];
  asciichat_error_t result = discovery_keys_get_cache_path(acds_server, cache_path, sizeof(cache_path));
  if (result != ASCIICHAT_OK) {
    return result;
  }
 
  // Check if cached key exists
  if (!platform_is_regular_file(cache_path)) {
    return SET_ERRNO(ERROR_FILE_NOT_FOUND, "No cached key for ACDS server: %s", acds_server);
  }
 
  // Load cached key using existing infrastructure
  return discovery_keys_load_file(cache_path, pubkey_out);
}

References discovery_keys_get_cache_path(), discovery_keys_load_file(), platform_is_regular_file(), and PLATFORM_MAX_PATH_LENGTH.

Referenced by discovery_keys_verify().

discovery_keys_load_file()

asciichat_error_t discovery_keys_load_file	(	const char *	file_path,
		uint8_t	pubkey_out[32]
	)

Definition at line 78 of file discovery_keys.c.

                                                                                          {
  if (!file_path || !pubkey_out) {
    return SET_ERRNO(ERROR_INVALID_PARAM, "NULL parameter in discovery_keys_load_file");
  }
 
  log_debug("Loading ACDS key from file: %s", file_path);
 
  // Use existing parse_public_key infrastructure which handles file paths
  public_key_t key;
  asciichat_error_t result = parse_public_key(file_path, &key);
  if (result != ASCIICHAT_OK) {
    return SET_ERRNO(ERROR_CRYPTO_KEY, "Failed to load ACDS key from file: %s", file_path);
  }
 
  memcpy(pubkey_out, key.key, 32);
  log_debug("Successfully loaded ACDS key from file: %s", file_path);
  return ASCIICHAT_OK;
}

References file_path, and parse_public_key().

Referenced by discovery_keys_load_cached().

discovery_keys_save_cached()

asciichat_error_t discovery_keys_save_cached	(	const char *	acds_server,
		const uint8_t	pubkey[32]
	)

Definition at line 189 of file discovery_keys.c.

                                                                                                {
  if (!acds_server || !pubkey) {
    return SET_ERRNO(ERROR_INVALID_PARAM, "NULL parameter in discovery_keys_save_cached");
  }
 
  char cache_path[PLATFORM_MAX_PATH_LENGTH];
  asciichat_error_t result = discovery_keys_get_cache_path(acds_server, cache_path, sizeof(cache_path));
  if (result != ASCIICHAT_OK) {
    return result;
  }
 
  // Create cache directory if it doesn't exist
  char dir_path[PLATFORM_MAX_PATH_LENGTH];
  safe_snprintf(dir_path, sizeof(dir_path), "%s", cache_path);
 
  // Find the last path separator (handle both / and \ for cross-platform compatibility)
  char *last_sep = strrchr(dir_path, '\\');
  if (!last_sep) {
    last_sep = strrchr(dir_path, '/');
  }
 
  if (last_sep) {
    *last_sep = '\0';
    if (!platform_is_directory(dir_path)) {
      asciichat_error_t result = platform_mkdir(dir_path, 0700);
      if (result != ASCIICHAT_OK) {
        return SET_ERRNO(ERROR_FILE_OPERATION, "Failed to create ACDS key cache directory: %s", dir_path);
      }
    }
  }
 
  // Save key in OpenSSH public key format
  FILE *f = platform_fopen(cache_path, "w");
  if (!f) {
    return SET_ERRNO_SYS(ERROR_FILE_OPERATION, "Failed to create cache file: %s", cache_path);
  }
 
  // Convert binary Ed25519 key to base64 for OpenSSH format
  char base64_key[128];
  sodium_bin2base64(base64_key, sizeof(base64_key), pubkey, 32, sodium_base64_VARIANT_ORIGINAL);
 
  fprintf(f, "ssh-ed25519 %s acds-cached-key\n", base64_key);
  fclose(f);
 
  log_debug("Cached ACDS key for server: %s", acds_server);
  return ASCIICHAT_OK;
}

References discovery_keys_get_cache_path(), platform_fopen(), PLATFORM_MAX_PATH_LENGTH, and safe_snprintf().

Referenced by discovery_keys_verify().

discovery_keys_verify()

asciichat_error_t discovery_keys_verify	(	const char *	acds_server,
		const char *	key_spec,
		uint8_t	pubkey_out[32]
	)

Definition at line 304 of file discovery_keys.c.

                                                                                                               {
  if (!acds_server || !pubkey_out) {
    return SET_ERRNO(ERROR_INVALID_PARAM, "NULL parameter in discovery_keys_verify");
  }
 
  uint8_t new_pubkey[32];
  asciichat_error_t result;
  bool is_official = is_official_server(acds_server);
 
  // ===========================================================================
  // Step 1: Obtain the public key
  // ===========================================================================
 
  if (!key_spec && is_official) {
    // Automatic trust for official server: try SSH key first, then GPG
    log_info("Attempting automatic HTTPS key trust for official ACDS server");
 
    public_key_t key;
    result = parse_public_key(ACDS_OFFICIAL_KEY_SSH_URL, &key);
    if (result != ASCIICHAT_OK) {
      log_debug("SSH key download failed, trying GPG key");
      result = parse_public_key(ACDS_OFFICIAL_KEY_GPG_URL, &key);
    }
 
    if (result != ASCIICHAT_OK) {
      return SET_ERRNO(ERROR_NETWORK, "Failed to download key from official ACDS server");
    }
 
    memcpy(new_pubkey, key.key, 32);
 
  } else if (!key_spec) {
    // No key_spec and not official server = error
    return SET_ERRNO(ERROR_INVALID_PARAM,
                     "Third-party ACDS servers require explicit --discovery-service-key configuration."
                     "Only %s has automatic trust.",
                     ACDS_OFFICIAL_SERVER);
 
  } else {
    // Use parse_public_key for all other cases (handles HTTPS, files, github:, gitlab:, etc.)
    public_key_t key;
    result = parse_public_key(key_spec, &key);
    if (result != ASCIICHAT_OK) {
      return SET_ERRNO(ERROR_CRYPTO_KEY, "Failed to load/download ACDS key from: %s", key_spec);
    }
 
    memcpy(new_pubkey, key.key, 32);
  }
 
  // ===========================================================================
  // Step 2: Check cache and handle key changes
  // ===========================================================================
 
  uint8_t cached_pubkey[32];
  result = discovery_keys_load_cached(acds_server, cached_pubkey);
 
  if (result == ASCIICHAT_OK) {
    // Cached key exists - compare
    if (memcmp(cached_pubkey, new_pubkey, 32) != 0) {
      // Key changed - require user verification
      result = discovery_keys_verify_change(acds_server, cached_pubkey, new_pubkey);
      if (result != ASCIICHAT_OK) {
        return result; // User rejected or error
      }
 
      // User accepted - update cache
      result = discovery_keys_save_cached(acds_server, new_pubkey);
      if (result != ASCIICHAT_OK) {
        log_warn("Failed to update cached key, continuing anyway");
      }
    } else {
      log_debug("ACDS key matches cached key for: %s", acds_server);
    }
 
  } else {
    // No cached key - save it for next time
    log_info("First connection to ACDS server: %s, caching key", acds_server);
    result = discovery_keys_save_cached(acds_server, new_pubkey);
    if (result != ASCIICHAT_OK) {
      log_warn("Failed to cache key, continuing anyway");
    }
  }
 
  // ===========================================================================
  // Step 3: Return verified key
  // ===========================================================================
 
  memcpy(pubkey_out, new_pubkey, 32);
  log_debug("ACDS key verification successful for: %s", acds_server);
  return ASCIICHAT_OK;
}

References discovery_keys_load_cached(), discovery_keys_save_cached(), discovery_keys_verify_change(), and parse_public_key().

Referenced by client_crypto_init().

discovery_keys_verify_change()

asciichat_error_t discovery_keys_verify_change	(	const char *	acds_server,
		const uint8_t	old_pubkey[32],
		const uint8_t	new_pubkey[32]
	)

Definition at line 262 of file discovery_keys.c.

                                                                             {
  if (!acds_server || !old_pubkey || !new_pubkey) {
    return SET_ERRNO(ERROR_INVALID_PARAM, "NULL parameter in discovery_keys_verify_change");
  }
 
  char old_fingerprint[65], new_fingerprint[65];
  compute_key_fingerprint(old_pubkey, old_fingerprint);
  compute_key_fingerprint(new_pubkey, new_fingerprint);
 
  log_warn("ACDS server key changed for: %s", acds_server);
 
  log_plain_stderr("\n"
                   "⚠️  WARNING: ACDS SERVER KEY HAS CHANGED\n"
                   "═══════════════════════════════════════════════════════════════\n"
                   "Server: %s\n"
                   "\n"
                   "Old key (SHA256): %s\n"
                   "New key (SHA256): %s\n"
                   "\n"
                   "This could indicate:\n"
                   "  1. The server operator rotated their key\n"
                   "  2. A man-in-the-middle attack is in progress\n"
                   "\n"
                   "Verify the new key fingerprint with the server operator before accepting.\n"
                   "═══════════════════════════════════════════════════════════════\n",
                   acds_server, old_fingerprint, new_fingerprint);
 
  // Ask user to confirm
  bool accepted = platform_prompt_yes_no("Accept new ACDS server key", false);
  if (!accepted) {
    return SET_ERRNO(ERROR_CRYPTO_VERIFICATION, "User rejected ACDS key change for: %s", acds_server);
  }
 
  log_info("User accepted ACDS key change for: %s", acds_server);
  return ASCIICHAT_OK;
}

References compute_key_fingerprint(), and platform_prompt_yes_no().

Referenced by discovery_keys_verify().