feat: write atkeys to file

examples/desktop/repl/src/args.c

@@ -6,6 +6,8 @@
 #include <stdbool.h>
 #include <stdlib.h>
 #include <string.h>
+#include <unistd.h>
+#include <stdio.h>
 
 #define TAG "repl_args"
 

examples/desktop/repl/src/main.c

@@ -217,4 +217,4 @@ static int start_repl_loop(atclient *atclient, repl_args *repl_args) {
   atlogger_log(TAG, ATLOGGER_LOGGING_LEVEL_INFO, "Exiting REPL loop...\n");
   ret = 0;
 exit: { return ret; }
-}
+}

packages/atchops/tests/test_rsa_key_generate.c

@@ -1,4 +1,6 @@
-
+#include <stdlib.h>
+#include <string.h>
+#include <stdio.h>
 #include <atchops/rsa.h>
 #include <atchops/rsa_key.h>
 #include <atchops/base64.h>

packages/atclient/include/atclient/atkeys.h

@@ -14,13 +14,15 @@
 #define ATCLIENT_ATKEYS_ENCRYPT_PRIVATE_KEY_INDEX 0
 #define ATCLIENT_ATKEYS_SELF_ENCRYPTION_KEY_INDEX 0
 #define ATCLIENT_ATKEYS_ENROLLMENT_ID_INDEX 0
+#define ATCLIENT_ATKEYS_APKAM_SYMMETRIC_KEY_INDEX 0
 
 #define ATCLIENT_ATKEYS_PKAM_PUBLIC_KEY_INITIALIZED (VALUE_INITIALIZED << 0)
 #define ATCLIENT_ATKEYS_PKAM_PRIVATE_KEY_INITIALIZED (VALUE_INITIALIZED << 1)
 #define ATCLIENT_ATKEYS_ENCRYPT_PUBLIC_KEY_INITIALIZED (VALUE_INITIALIZED << 2)
 #define ATCLIENT_ATKEYS_ENCRYPT_PRIVATE_KEY_INITIALIZED (VALUE_INITIALIZED << 3)
 #define ATCLIENT_ATKEYS_SELF_ENCRYPTION_KEY_INITIALIZED (VALUE_INITIALIZED << 4)
 #define ATCLIENT_ATKEYS_ENROLLMENT_ID_INITIALIZED (VALUE_INITIALIZED << 5)
+#define ATCLIENT_ATKEYS_APKAM_SYMMETRIC_KEY_INITIALIZED (VALUE_INITIALIZED << 6)
 
 /**
  * @brief represents the atkeys file
@@ -48,6 +50,7 @@ typedef struct atclient_atkeys {
 
   char *self_encryption_key_base64; // base64 encoded, AES-256 key, decrypted
 
+  char *apkam_symmetric_key_base64;
   char *enrollment_id;
 
   uint8_t _initialized_fields[1]; // used to track which fields have been initialized
@@ -82,7 +85,11 @@ int atclient_atkeys_set_encrypt_private_key_base64(atclient_atkeys *atkeys, cons
 int atclient_atkeys_set_self_encryption_key_base64(atclient_atkeys *atkeys, const char *selfencryptionkeybase64,
                                                    const size_t selfencryptionkeybase64len);
 
-int atclient_atkeys_set_enrollment_id(atclient_atkeys *atkeys, const char *enrollment_id, const size_t enrollment_id_len);
+int atclient_atkeys_set_apkam_symmetric_key_base64(atclient_atkeys *atkeys, const char *apkamsymmetrickeybase64,
+                                                   const size_t apkamsymmetrickeybase64len);
+
+int atclient_atkeys_set_enrollment_id(atclient_atkeys *atkeys, const char *enrollment_id,
+                                      const size_t enrollment_id_len);
 
 int atclient_atkeys_populate_pkam_public_key(atclient_atkeys *atkeys, const char *pkam_public_key_base64,
                                              const size_t pkampublickeybase64len);
@@ -101,6 +108,7 @@ bool atclient_atkeys_is_pkam_private_key_base64_initialized(atclient_atkeys *atk
 bool atclient_atkeys_is_encrypt_public_key_base64_initialized(atclient_atkeys *atkeys);
 bool atclient_atkeys_is_encrypt_private_key_base64_initialized(atclient_atkeys *atkeys);
 bool atclient_atkeys_is_self_encryption_key_base64_initialized(atclient_atkeys *atkeys);
+bool atclient_atkeys_is_apkam_symmetric_key_base64_initialized(atclient_atkeys *atkeys);
 bool atclient_atkeys_is_enrollment_id_initialized(atclient_atkeys *atkeys);
 
 /**
@@ -122,6 +130,10 @@ bool atclient_atkeys_is_enrollment_id_initialized(atclient_atkeys *atkeys);
  * @param aes_encrypt_private_key_len the length of the aes_encrypt_private_key_str buffer
  * @param self_encryption_key_str the (decrypted) AES-256 selfencryptionkey in base64 format
  * @param self_encryption_key_len the length of the self_encryption_key_str buffer
+ * @param apkam_symmetric_key_str the (decrypted) AES-256 apkamsymmetrickey in base64 format, if this is an apkam key
+ * @param apkam_symmetric_key_str_len the length of the apkam_symmetric_key_str buffer, if this is an apkam key
+ * @param enrollment_id_str the enrollment id, if this is an apkam key
+ * @param enrollment_id_str_length the length of enrollment_id_str, if this is an apkam key
  * @return int 0 on success, non-zero on failure
  */
 int atclient_atkeys_populate_from_strings(atclient_atkeys *atkeys, const char *aes_pkam_public_key_str,
@@ -130,7 +142,9 @@ int atclient_atkeys_populate_from_strings(atclient_atkeys *atkeys, const char *a
                                           const size_t aes_encrypt_public_key_len,
                                           const char *aes_encrypt_private_key_str,
                                           const size_t aes_encrypt_private_key_len, const char *self_encryption_key_str,
-                                          const size_t self_encryption_key_len, const char *enrollment_id_str, const size_t enrollment_id_str_len);
+                                          const size_t self_encryption_key_str_len, const char *apkam_symmetric_key_str,
+                                          const size_t apkam_symmetric_key_str_len, const char *enrollment_id_str,
+                                          const size_t enrollment_id_str_len);
 
 /**
  * @brief populates the struct by decrypting the encrypted RSA keys found in a populated atclient_atkeys_file struct
@@ -162,4 +176,8 @@ int atclient_atkeys_populate_from_path(atclient_atkeys *atkeys, const char *path
  */
 int atclient_atkeys_populate_from_string(atclient_atkeys *atkeys, const char *file_string);
 
+int atclient_atkeys_write_to_atkeys_file(atclient_atkeys *atkeys, atclient_atkeys_file *atkeys_file);
+
+int atclient_atkeys_write_to_path(atclient_atkeys *atkeys, const char *path);
+
 #endif

packages/atclient/include/atclient/atkeys_file.h

@@ -13,15 +13,26 @@
 #define ATCLIENT_ATKEYS_FILE_AES_ENCRYPT_PRIVATE_KEY_STR_INDEX 0
 #define ATCLIENT_ATKEYS_FILE_SELF_ENCRYPTION_KEY_STR_INDEX 0
 #define ATCLIENT_ATKEYS_FILE_ENROLLMENT_ID_STR_INDEX 0
+#define ATCLIENT_ATKEYS_FILE_APKAM_SYMMETRIC_KEY_STR_INDEX 0
 
 #define ATCLIENT_ATKEYS_FILE_AES_PKAM_PUBLIC_KEY_STR_INITIALIZED (VALUE_INITIALIZED << 0)
 #define ATCLIENT_ATKEYS_FILE_AES_PKAM_PRIVATE_KEY_STR_INITIALIZED (VALUE_INITIALIZED << 1)
 #define ATCLIENT_ATKEYS_FILE_AES_ENCRYPT_PUBLIC_KEY_STR_INITIALIZED (VALUE_INITIALIZED << 2)
 #define ATCLIENT_ATKEYS_FILE_AES_ENCRYPT_PRIVATE_KEY_STR_INITIALIZED (VALUE_INITIALIZED << 3)
 #define ATCLIENT_ATKEYS_FILE_SELF_ENCRYPTION_KEY_STR_INITIALIZED (VALUE_INITIALIZED << 4)
 #define ATCLIENT_ATKEYS_FILE_ENROLLMENT_ID_STR_INITIALIZED (VALUE_INITIALIZED << 5)
+#define ATCLIENT_ATKEYS_FILE_APKAM_SYMMETRIC_KEY_STR_INITIALIZED (VALUE_INITIALIZED << 6)
+
+#define ATCLIENT_ATKEYS_FILE_APKAM_PUBLIC_KEY_JSON_KEY "aesPkamPublicKey"
+#define ATCLIENT_ATKEYS_FILE_APKAM_PRIVATE_KEY_JSON_KEY "aesPkamPrivateKey"
+#define ATCLIENT_ATKEYS_FILE_DEFAULT_ENCRYPTION_PUBLIC_KEY_JSON_KEY "aesEncryptPublicKey"
+#define ATCLIENT_ATKEYS_FILE_DEFAULT_ENCRYPTION_PRIVATE_KEY_JSON_KEY "aesEncryptPrivateKey"
+#define ATCLIENT_ATKEYS_FILE_DEFAULT_SELF_ENCRYPTION_KEY_JSON_KEY "selfEncryptionKey"
+#define ATCLIENT_ATKEYS_FILE_APKAM_SYMMETRIC_KEY_JSON_KEY "apkamSymmetricKey"
+#define ATCLIENT_ATKEYS_FILE_APKAM_ENROLLMENT_ID_JSON_KEY "enrollmentId"
 
 typedef struct atclient_atkeys_file {
+  // note: `aes_` prefix means the field is encrypted with aes, not that the type of key is aes
   char *aes_pkam_public_key_str;     // encrypted with self encryption key. AES decryption with self encryption key will
                                      // reveal base64-encoded RSA key
   char *aes_pkam_private_key_str;    // encrypted with self encryption key. AES decryption with self encryption key will
@@ -32,6 +43,7 @@ typedef struct atclient_atkeys_file {
                                      // reveal base64-encoded RSA key
   char *self_encryption_key_str;     // base64-encoded non-encrypted self encryption key. base64 decoding will reveal
                                      // 32-byte AES key
+  char *apkam_symmetric_key_str;
   char *enrollment_id_str;
   uint8_t _initialized_fields[1];
 } atclient_atkeys_file;
@@ -63,6 +75,14 @@ int atclient_atkeys_file_from_path(atclient_atkeys_file *atkeys_file, const char
  */
 int atclient_atkeys_file_from_string(atclient_atkeys_file *atkeys_file, const char *file_string);
 
+/**
+ * @brief Write the struct to a file.
+ * 
+ * @param atkeys_file the struct to be written to the file, assumed to be NON-NULL and initialized with atclient_atkeys_file_init
+ * @param path  Example "$HOME/.atsign/keys/@alice_key.atKeys"
+ */
+int atclient_atkeys_file_write_to_path(atclient_atkeys_file *atkeys_file, const char *path);
+
 /**
  * @brief Free the struct of any memory that was allocated during its lifetime
  *
@@ -75,13 +95,28 @@ bool atclient_atkeys_file_is_aes_pkam_private_key_str_initialized(atclient_atkey
 bool atclient_atkeys_file_is_aes_encrypt_public_key_str_initialized(atclient_atkeys_file *atkeys_file);
 bool atclient_atkeys_file_is_aes_encrypt_private_key_str_initialized(atclient_atkeys_file *atkeys_file);
 bool atclient_atkeys_file_is_self_encryption_key_str_initialized(atclient_atkeys_file *atkeys_file);
+bool atclient_atkeys_file_is_apkam_symmetric_key_str_initialized(atclient_atkeys_file *atkeys_file);
 bool atclient_atkeys_file_is_enrollment_id_str_initialized(atclient_atkeys_file *atkeys_file);
 
-int atclient_atkeys_file_set_aes_pkam_public_key_str(atclient_atkeys_file *atkeys_file, const char *aes_pkam_public_key_str, const size_t aes_pkam_public_key_str_len);
-int atclient_atkeys_file_set_aes_pkam_private_key_str(atclient_atkeys_file *atkeys_file, const char *aes_pkam_private_key_str, const size_t aes_pkam_private_key_str_len);
-int atclient_atkeys_file_set_aes_encrypt_public_key_str(atclient_atkeys_file *atkeys_file, const char *aes_encrypt_public_key_str, const size_t aes_encrypt_public_key_str_len);
-int atclient_atkeys_file_set_aes_encrypt_private_key_str(atclient_atkeys_file *atkeys_file, const char *aes_encrypt_private_key_str, const size_t aes_encrypt_private_key_str_len);
-int atclient_atkeys_file_set_self_encryption_key_str(atclient_atkeys_file *atkeys_file, const char *self_encryption_key_str, const size_t self_encryption_key_str_len);
-int atclient_atkeys_file_set_enrollment_id_str(atclient_atkeys_file *atkeys_file, const char *enrollment_id_str, const size_t enrollment_id_str_len);
+int atclient_atkeys_file_set_aes_pkam_public_key_str(atclient_atkeys_file *atkeys_file,
+                                                     const char *aes_pkam_public_key_str,
+                                                     const size_t aes_pkam_public_key_str_len);
+int atclient_atkeys_file_set_aes_pkam_private_key_str(atclient_atkeys_file *atkeys_file,
+                                                      const char *aes_pkam_private_key_str,
+                                                      const size_t aes_pkam_private_key_str_len);
+int atclient_atkeys_file_set_aes_encrypt_public_key_str(atclient_atkeys_file *atkeys_file,
+                                                        const char *aes_encrypt_public_key_str,
+                                                        const size_t aes_encrypt_public_key_str_len);
+int atclient_atkeys_file_set_aes_encrypt_private_key_str(atclient_atkeys_file *atkeys_file,
+                                                         const char *aes_encrypt_private_key_str,
+                                                         const size_t aes_encrypt_private_key_str_len);
+int atclient_atkeys_file_set_self_encryption_key_str(atclient_atkeys_file *atkeys_file,
+                                                     const char *self_encryption_key_str,
+                                                     const size_t self_encryption_key_str_len);
+int atclient_atkeys_file_set_apkam_symmetric_key_str(atclient_atkeys_file *atkeys_file,
+                                                     const char *apkam_symmetric_key_str,
+                                                     const size_t apkam_symmetric_key_str_len);
+int atclient_atkeys_file_set_enrollment_id_str(atclient_atkeys_file *atkeys_file, const char *enrollment_id_str,
+                                               const size_t enrollment_id_str_len);
 
 #endif