diff --git a/README.md b/README.md index 50c50b2..adac8d4 100644 --- a/README.md +++ b/README.md @@ -281,15 +281,11 @@ Discussion / Help As we want to avoid OpenSSL, it has become necessary to replace the PEM file format. This means that if you use a custom pubkey (which you really REALLY shouldn't be doing), you have to adapt, sorry. -We no longer ship `tg-server.pub` (old format), but instead `tg-server.tglpub` (new format). If you have a `.pub` and want to continue using telegram-purple, please use this (hopefully highly portable) tool: [pem2bignum](https://github.com/BenWiederhake/pem2bignum) - -You can also write your own conversion tool if you prefer. The format is really simple: - -1. `e`, the public exponent, encoded as big endian 32 bit fixed length (e.g. `0x00 01 00 01` for 65537) -2. `n_len`, the length of `n` in bytes, encoded as big endian 32 bit fixed length (e.g. `0x00 00 01 00` for a 2048-bit = 256-byte key) -3. `n_raw`, the raw modulus, encoded as big endian, using the previously indicated length (e.g. `0xC1 50 02 3E [248 bytes omitted] 21 79 25 1F` in the case of telegram's public RSA key.) - -If you are interested in developing a non-OpenSSL-licensed converter, look into [insane-triangle-banana](https://github.com/BenWiederhake/insane-triangle-banana). +We no longer read the public key of the Telegram servers from a file. +If you really need a different public key, and know what you're doing +(e.g., connecting to some kind of test environment internal to Telegram, +which also is a very bad idea), you need to find the call to `tgl_set_rsa_key_direct` in `telegram-purple.c`, +and provide the key directly by yourself. FAQ diff --git a/telegram-base.c b/telegram-base.c index 816fe85..0e5ee46 100644 --- a/telegram-base.c +++ b/telegram-base.c @@ -35,68 +35,6 @@ #define STATE_FILE_MAGIC 0x28949a93 #define SECRET_CHAT_FILE_MAGIC 0x37a1988a -static gboolean read_ui32 (int fd, unsigned int *ret) { - typedef char check_int_size[(sizeof (int) >= 4) ? 1 : -1]; - (void) sizeof (check_int_size); - - unsigned char buf[4]; - if (4 != read (fd, buf, 4)) { - return 0; - } - // Ugly but works. - *ret = 0; - *ret |= buf[0]; - *ret <<= 8; - *ret |= buf[1]; - *ret <<= 8; - *ret |= buf[2]; - *ret <<= 8; - *ret |= buf[3]; - return 1; -} - -int read_pubkey_file (const char *name, struct rsa_pubkey *dst) { - // Just to make sure nobody reads garbage. - dst->e = 0; - dst->n_len = 0; - dst->n_raw = NULL; - - int pubkey_fd = open (name, O_RDONLY | O_BINARY); - if (pubkey_fd < 0) { - return 0; - } - - unsigned int e; - unsigned int n_len; - if (!read_ui32 (pubkey_fd, &e) || !read_ui32 (pubkey_fd, &n_len) // Ensure successful reads - || n_len < 128 || n_len > 1024 || e < 5) { // Ensure (at least remotely) sane parameters. - close (pubkey_fd); - return 0; - } - - unsigned char *n_raw = malloc (n_len); - if (!n_raw) { - close (pubkey_fd); - return 0; - } - - gint readret; - readret = read (pubkey_fd, n_raw, n_len); - if (readret <= 0 || (n_len != (guint) readret)) { - free (n_raw); - close (pubkey_fd); - return 0; - } - close (pubkey_fd); - - dst->e = e; - dst->n_len = n_len; - dst->n_raw = n_raw; - - info ("read pubkey file: n_len=%u e=%u", n_len, e); - return 1; -} - void read_state_file (struct tgl_state *TLS) { char *name = 0; name = g_strdup_printf("%s/%s", TLS->base_path, "state"); @@ -440,20 +378,6 @@ gchar *get_config_dir (char const *username) { return dir; } -gchar *get_user_pk_path () { - /* - This can't be conditional on whether or not we're using telepathy, because - then we would need to make sure that `make local_install` also knows about - that location. So we *always* use ${HOME}/.purple/telegram-purple, - even when the other files aren't in this folder. - Note that this is only visible when using Telepathy/Empathy with - local_install, which should be kinda rare anyway (use telepathy-morse!). - */ - return g_strconcat (g_get_home_dir(), G_DIR_SEPARATOR_S, ".purple", - G_DIR_SEPARATOR_S, "telegram-purple", - G_DIR_SEPARATOR_S, user_pk_filename, NULL); -} - gchar *get_download_dir (struct tgl_state *TLS) { assert (TLS->base_path); static gchar *dir; diff --git a/telegram-base.h b/telegram-base.h index 9e4a458..b6d4a4f 100644 --- a/telegram-base.h +++ b/telegram-base.h @@ -22,14 +22,6 @@ #include "telegram-purple.h" -struct rsa_pubkey { - unsigned int e; - unsigned int n_len; - unsigned char *n_raw; -}; - -gboolean read_pubkey_file (const char *name, struct rsa_pubkey *dst); - void read_state_file (struct tgl_state *TLS); void read_auth_file (struct tgl_state *TLS); void write_auth_file (struct tgl_state *TLS); @@ -40,7 +32,6 @@ void write_secret_chat_file (struct tgl_state *TLS); void write_secret_chat_gw (struct tgl_state *TLS, void *extra, int success, struct tgl_secret_chat *E); gchar *get_config_dir (char const *username); -gchar *get_user_pk_path (); gchar *get_download_dir (struct tgl_state *TLS); int tgp_visualize_key (struct tgl_state *TLS, unsigned char* sha1_key); diff --git a/telegram-purple.c b/telegram-purple.c index c403b2d..4c84d06 100644 --- a/telegram-purple.c +++ b/telegram-purple.c @@ -18,6 +18,8 @@ Copyright Matthias Jentsch, Vitaly Valtman, Ben Wiederhake, Christopher Althaus 2014-2015 */ +#include + #include "telegram-purple.h" #include "commit.h" @@ -37,12 +39,6 @@ static void update_secret_chat_handler (struct tgl_state *TLS, struct tgl_secret static void update_on_failed_login (struct tgl_state *TLS); const char *config_dir = "telegram-purple"; -const char *user_pk_filename = "server.tglpub"; -#ifdef WIN32 -const char *pk_path = "server.tglpub"; -#else -const char *pk_path = "/etc/telegram-purple/server.tglpub"; -#endif struct tgl_update_callback tgp_callback = { .new_msg = update_message_handler, @@ -541,46 +537,9 @@ static void tgprpl_login (PurpleAccount * acct) { tgl_set_download_directory (TLS, get_download_dir(TLS)); debug ("base configuration path: '%s'", TLS->base_path); - struct rsa_pubkey pubkey; -#ifdef WIN32 - gchar *global_pk_path = g_strdup_printf("%s/%s", DATADIR, pk_path); -#else - gchar *global_pk_path = g_strdup(pk_path); -#endif - debug ("trying global pubkey at %s", global_pk_path); - gboolean global_pk_loaded = read_pubkey_file (global_pk_path, &pubkey); - g_free(global_pk_path); - - tgl_set_verbosity (TLS, 4); - if (global_pk_loaded) { - info ("using global pubkey"); - tgl_set_rsa_key_direct (TLS, pubkey.e, pubkey.n_len, pubkey.n_raw); - } else { - char *user_pk_path = get_user_pk_path (); - debug ("trying local pubkey at %s", user_pk_path); - gboolean user_pk_loaded = read_pubkey_file (user_pk_path, &pubkey); - - if (user_pk_loaded) { - info ("using local pubkey"); - tgl_set_rsa_key_direct (TLS, pubkey.e, pubkey.n_len, pubkey.n_raw); - } else { - failure ("both didn't work. abort."); - char *cause = g_strdup_printf (_("Unable to sign on as %s: file (public key) not found."), - purple_account_get_username (acct)); - purple_connection_error_reason (gc, PURPLE_CONNECTION_ERROR_INVALID_SETTINGS, cause); - char *long_hint = g_strdup_printf ( - _("Make sure telegram-purple is installed properly,\n" - "including the .tglpub file.\n" - "If you're running SELinux (e.g. when using Tails),\n" - "try 'make local_install', or simply copy\n" - "%1$s to %2$s."), pk_path, user_pk_path); - purple_notify_message (_telegram_protocol, PURPLE_NOTIFY_MSG_ERROR, cause, - long_hint, NULL, NULL, NULL); - g_free (cause); - g_free (long_hint); - return; - } - } + tgl_set_rsa_key_direct (TLS, tglmp_get_default_e(), + tglmp_get_default_key_len(), + tglmp_get_default_key()); tgl_set_ev_base (TLS, conn); tgl_set_net_methods (TLS, &tgp_conn_methods);