scip/pcp
1
0
Fork 0
mirror of https://codeberg.org/scip/pcp.git synced 2025-12-17 12:00:56 +01:00
Code Issues Packages Projects Releases Wiki Activity

removed -S and -P, replaced by -K, keymgmt determines key type automatically

Browse Source
This commit is contained in:
git@daemon.de
2014-03-04 23:05:47 +01:00
parent 3d2cdb8b89
commit 1852a8b7f9
15 changed files with 227 additions and 221 deletions
Download Patch File Download Diff File Expand all files Collapse all files

294
src/keymgmt.c
View File

@@ -428,151 +428,6 @@ void pcp_exportpublic(char *keyid, char *passwd, char *outfile, int format, int
int pcp_importsecret (FILE *in, char *passwd) {
byte *buf = ucmalloc(2048);
size_t buflen = fread(buf, 1, 2048, in);
pcp_key_t *sk = NULL;
if(buflen > 0) {
/* decrypt the input */
if(passwd != NULL) {
sk = pcp_import_secret(buf, buflen, passwd);
}
else {
char *passphrase;
pcp_readpass(&passphrase,
"Enter passphrase to decrypt the secret key file", NULL, 1);
sk = pcp_import_secret(buf, buflen, passphrase);
memset(passphrase, 0, strlen(passphrase));
free(passphrase);
}
if(sk == NULL) {
goto errpcsexpu1;
}
if(debug)
pcp_dumpkey(sk);
pcp_key_t *maybe = pcphash_keyexists(sk->id);
if(maybe != NULL) {
fatal("Secretkey sanity check: there already exists a key with the id 0x%s\n", sk->id);
goto errpcsexpu1;
}
/* store it */
if(passwd != NULL) {
sk = pcpkey_encrypt(sk, passwd);
}
else {
char *passphrase;
pcp_readpass(&passphrase,
"Enter passphrase for key encryption",
"Enter the passphrase again", 1);
if(strnlen(passphrase, 1024) > 0) {
/* encrypt the key */
sk = pcpkey_encrypt(sk, passphrase);
}
else {
/* ask for confirmation if we shall store it in the clear */
char *yes = pcp_getstdin(
"WARNING: secret key will be stored unencrypted. Are you sure [yes|NO]?");
if(strncmp(yes, "yes", 1024) != 0) {
memset(sk, 0, sizeof(pcp_key_t));
free(sk);
memset(passphrase, 0, strlen(passphrase));
goto errpcsexpu1;
}
}
}
if(sk != NULL) {
/* store it to the vault if we got it til here */
if(pcp_sanitycheck_key(sk) == 0) {
if(pcp_storekey(sk) == 0) {
pcpkey_printshortinfo(sk);
memset(sk, 0, sizeof(pcp_key_t));
free(sk);
return 0;
}
}
}
}
else {
fatal("Input file is empty!\n");
goto errpcsexpu1;
}
errpcsexpu1:
ucfree(buf, 2048);
return 1;
}
int pcp_importpublic (vault_t *vault, FILE *in) {
byte *buf = ucmalloc(2048);
size_t buflen = fread(buf, 1, 2048, in);
pcp_keysig_t *sk = NULL;
pcp_pubkey_t *pub = NULL;
if(buflen > 0) {
pcp_ks_bundle_t *bundle = pcp_import_pub(buf, buflen);
if(bundle == NULL)
goto errip1;
pcp_keysig_t *sk = bundle->s;
if(bundle != NULL) {
pcp_pubkey_t *pub = bundle->p;
if(debug)
pcp_dumppubkey(pub);
if(sk == NULL) {
fatals_ifany();
char *yes = pcp_getstdin("WARNING: signature doesn't verify, import anyway [yes|NO]?");
if(strncmp(yes, "yes", 1024) != 0) {
free(yes);
goto errip1;
}
free(yes);
}
if(pcp_sanitycheck_pub(pub) == 0) {
if(pcpvault_addkey(vault, (void *)pub, PCP_KEY_TYPE_PUBLIC) == 0) {
fprintf(stderr, "key 0x%s added to %s.\n", pub->id, vault->filename);
}
else
goto errip2;
if(sk != NULL) {
if(pcpvault_addkey(vault, sk, sk->type) != 0)
goto errip2;
}
}
else
goto errip2;
}
}
else {
fatal("Input file is empty!\n");
goto errip1;
}
errip2:
ucfree(pub, sizeof(pcp_pubkey_t));
errip1:
if(sk != NULL) {
ucfree(sk->blob, sk->size);
ucfree(sk, sizeof(pcp_keysig_t));
}
ucfree(buf, 2048);
return 1;
}
void pcpdelete_key(char *keyid) {
pcp_pubkey_t *p = pcphash_pubkeyexists(keyid);
@@ -699,4 +554,153 @@ char *pcp_find_id_byrec(char *recipient) {
}
int pcp_import (vault_t *vault, FILE *in, char *passwd) {
byte *buf = ucmalloc(2048);
size_t bufsize;
pcp_pubkey_t *pub = NULL;
pcp_key_t *sk = NULL;
pcp_ks_bundle_t *bundle = NULL;
pcp_keysig_t *keysig = NULL;
int success = 1; /* default fail */
Pcpstream *pin = ps_new_file(in);
ps_setdetermine(pin, 1024);
bufsize = ps_read(pin, buf, PCP_BLOCK_SIZE);
if(bufsize == 0) {
fatal("Input file is empty!\n");
goto errimp1;
}
/* first try as rfc pub key */
bundle = pcp_import_binpub(buf, bufsize);
if(bundle != NULL) {
keysig = bundle->s;
pub = bundle->p;
if(debug)
pcp_dumppubkey(pub);
if(keysig == NULL) {
fatals_ifany();
char *yes = pcp_getstdin("WARNING: signature doesn't verify, import anyway [yes|NO]?");
if(strncmp(yes, "yes", 1024) != 0) {
free(yes);
goto errimp2;
}
free(yes);
}
if(pcp_sanitycheck_pub(pub) == 0) {
if(pcpvault_addkey(vault, (void *)pub, PCP_KEY_TYPE_PUBLIC) == 0) {
fprintf(stderr, "key 0x%s added to %s.\n", pub->id, vault->filename);
/* avoid double free */
pub = NULL;
success = 0;
}
else
goto errimp2;
if(keysig != NULL) {
if(pcpvault_addkey(vault, keysig, keysig->type) != 0) {
/* FIXME: remove pubkey if storing the keysig failed */
goto errimp2;
}
keysig = NULL;
}
}
else
goto errimp2;
}
else {
/* it's not public key, so let's try to interpret it as secret key */
if(passwd != NULL) {
sk = pcp_import_secret(buf, bufsize, passwd);
}
else {
char *passphrase;
pcp_readpass(&passphrase,
"Enter passphrase to decrypt the secret key file", NULL, 1);
sk = pcp_import_secret(buf, bufsize, passphrase);
ucfree(passphrase, strlen(passphrase));
}
if(sk == NULL) {
goto errimp2;
}
if(debug)
pcp_dumpkey(sk);
pcp_key_t *maybe = pcphash_keyexists(sk->id);
if(maybe != NULL) {
fatal("Secretkey sanity check: there already exists a key with the id 0x%s\n", sk->id);
goto errimp2;
}
/* store it */
if(passwd != NULL) {
sk = pcpkey_encrypt(sk, passwd);
}
else {
char *passphrase;
pcp_readpass(&passphrase,
"Enter passphrase for key encryption",
"Enter the passphrase again", 1);
if(strnlen(passphrase, 1024) > 0) {
/* encrypt the key */
sk = pcpkey_encrypt(sk, passphrase);
ucfree(passphrase, strlen(passphrase));
}
else {
/* ask for confirmation if we shall store it in the clear */
char *yes = pcp_getstdin(
"WARNING: secret key will be stored unencrypted. Are you sure [yes|NO]?");
if(strncmp(yes, "yes", 1024) != 0) {
free(yes);
goto errimp1;
}
free(yes);
}
}
if(sk != NULL) {
/* store it to the vault if we got it til here */
if(pcp_sanitycheck_key(sk) == 0) {
if(pcp_storekey(sk) == 0) {
pcpkey_printshortinfo(sk);
success = 0;
sk = NULL;
}
}
}
}
errimp2:
if(keysig != NULL) {
ucfree(keysig->blob, keysig->size);
ucfree(keysig, sizeof(pcp_keysig_t));
}
if(bundle != NULL) {
free(bundle);
}
if(pub != NULL) {
ucfree(pub, sizeof(pcp_pubkey_t));
}
if(sk != NULL) {
ucfree(sk, sizeof(pcp_key_t));
}
ucfree(buf, bufsize);
errimp1:
ps_close(pin);
return success;
}

3
src/keymgmt.h
View File

@@ -57,8 +57,7 @@ pcp_key_t *pcp_getrsk(pcp_key_t *s, char *recipient, char *passwd);
char *pcp_normalize_id(char *keyid);
pcp_key_t *pcp_find_primary_secret();
int pcp_importpublic (vault_t *vault, FILE *in);
int pcp_importsecret (FILE *in, char *passwd);
int pcp_import (vault_t *vault, FILE *in, char *passwd);
void pcpdelete_key(char *keyid);
char *pcp_find_id_byrec(char *recipient);

35
src/pcp.c
View File

@@ -90,9 +90,8 @@ int main (int argc, char **argv) {
{ "export-secret", no_argument, NULL, 's' },
{ "export-public", no_argument, NULL, 'p' },
{ "export", no_argument, NULL, 'p' }, /* alias -p */
{ "import-secret", no_argument, NULL, 'S' },
{ "import-public", no_argument, NULL, 'P' },
{ "import", no_argument, NULL, 'P' }, /* alias -P */
{ "import", no_argument, NULL, 'K' }, /* alias -P */
{ "import-key", no_argument, NULL, 'K' }, /* alias -K */
{ "remove-key", no_argument, NULL, 'R' },
{ "edit-key", no_argument, NULL, 'E' },
{ "export-yaml", no_argument, NULL, 'y' },
@@ -122,7 +121,7 @@ int main (int argc, char **argv) {
{ NULL, 0, NULL, 0 }
};
while ((opt = getopt_long(argc, argv, "klLV:vdehsO:i:I:pSPRtEx:DzaZr:gcymf:b1F:0",
while ((opt = getopt_long(argc, argv, "klLV:vdehsO:i:I:pSPRtEx:DzaZr:gcymf:b1F:0K",
longopts, NULL)) != -1) {
switch (opt) {
@@ -153,12 +152,8 @@ int main (int argc, char **argv) {
mode += PCP_MODE_EXPORT_PUBLIC;
usevault = 1;
break;
case 'P':
mode += PCP_MODE_IMPORT_PUBLIC;
usevault = 1;
break;
case 'S':
mode += PCP_MODE_IMPORT_SECRET;
case 'K':
mode += PCP_MODE_IMPORT;
usevault = 1;
break;
case 'R':
@@ -344,8 +339,7 @@ int main (int argc, char **argv) {
}
break;
case PCP_MODE_IMPORT_PUBLIC:
case PCP_MODE_IMPORT_SECRET:
case PCP_MODE_IMPORT:
if(infile == NULL)
infile = extra;
break;
@@ -436,7 +430,7 @@ int main (int argc, char **argv) {
free(recipient);
break;
case PCP_MODE_IMPORT_PUBLIC:
case PCP_MODE_IMPORT:
if(infile == NULL)
in = stdin;
else {
@@ -446,20 +440,7 @@ int main (int argc, char **argv) {
break;
}
}
pcp_importpublic(vault, in);
break;
case PCP_MODE_IMPORT_SECRET:
if(infile == NULL)
in = stdin;
else {
if((in = fopen(infile, "rb")) == NULL) {
fatal("Could not open input file %s\n", infile);
free(infile);
break;
}
}
pcp_importsecret(in, xpass);
pcp_import(vault, in, xpass);
break;
case PCP_MODE_DELETE_KEY:

5
src/pcp.h
View File

@@ -54,8 +54,8 @@
#define PCP_MODE_LISTKEYS 0x00000004
#define PCP_MODE_EXPORT_SECRET 0x00000009
#define PCP_MODE_EXPORT_PUBLIC 0x00000011
#define PCP_MODE_IMPORT_SECRET 0x00000020
#define PCP_MODE_IMPORT_PUBLIC 0x00000038
#define PCP_MODE_IMPORT 0x00000020
#define PCP_MODE_ENCRYPT_ME 0x00000038
#define PCP_MODE_DELETE_KEY 0x00000061
#define PCP_MODE_TEXT 0x000000A6
#define PCP_MODE_EDIT 0x0000011D
@@ -66,7 +66,6 @@
#define PCP_MODE_SIGN 0x00000FF6
#define PCP_MODE_VERIFY 0x00001B25
#define PCP_MODE_YAML 0x00002E27
#define PCP_MODE_ENCRYPT_ME 0x00004E77
/*
0x00001B25

4
src/usage.h
View File

@@ -2,8 +2,8 @@
#define _HAVE_USAGE_H
#define PCP_HELP "\n" \
"Usage: pcp1 [ --help | --version ]\n" \
" [ --keygen | --listkeys | --remove-key | --edit-key ]\n" \
" [ --export-public | --export-secret | --import-public | --import-secret ]\n" \
" [ --keygen | --listkeys | --remove-key | --edit-key ]\n" \
" [ --export-public | --export-secret | --import ]\n" \
" [ --encrypt | --decrypt ]\n" \
" [ --sign | --check-signature ]\n" \
" [ arguments ]\n" \

4
src/usage.txt
View File

@@ -1,7 +1,7 @@
Usage: pcp1 [ --help | --version ]
[ --keygen | --listkeys | --remove-key | --edit-key ]
[ --export-public | --export-secret | --import-public | --import-secret ]
[ --keygen | --listkeys | --remove-key | --edit-key ]
[ --export-public | --export-secret | --import ]
[ --encrypt | --decrypt ]
[ --sign | --check-signature ]
[ arguments ]