scip/pcp
1
0
Fork 0
mirror of https://codeberg.org/scip/pcp.git synced 2025-12-17 03:50:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

abandoned yaml, perl and c key exporters, added json exporter using libjansson, enable with --with-json

Browse Source
This commit is contained in:
TLINDEN
2015-07-06 23:02:04 +02:00
parent 325493189d
commit 57517a1000
21 changed files with 267 additions and 309 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
ChangeLog
View File

@@ -1,4 +1,15 @@
NEXT
Added JSON key export support using libjansson.
Abandoned YAML, perl and C key export support,
better doing one external format but doing it
good. Also, I had no importers for those formats
but I'll add a JSON importer.
Removed -y for YAML vault export as well. Maybe
I'll add a parameter to -p or -s so one can
select which key[s] to export.
removed hand-written padding stuff and using
libsodiums _easy() functions for crypto now
instead of the raw nacl ones. instead we use

12
INSTALL
View File

@@ -1,7 +1,7 @@
Installation Instructions
*************************
Copyright (C) 1994-1996, 1999-2002, 2004-2011 Free Software Foundation,
Copyright (C) 1994-1996, 1999-2002, 2004-2013 Free Software Foundation,
Inc.
Copying and distribution of this file, with or without modification,
@@ -12,8 +12,8 @@ without warranty of any kind.
Basic Installation
==================
Briefly, the shell commands `./configure; make; make install' should
configure, build, and install this package. The following
Briefly, the shell command `./configure && make && make install'
should configure, build, and install this package. The following
more-detailed instructions are generic; see the `README' file for
instructions specific to this package. Some packages provide this
`INSTALL' file but do not implement all of the features documented
@@ -309,9 +309,10 @@ causes the specified `gcc' to be used as the C compiler (unless it is
overridden in the site shell script).
Unfortunately, this technique does not work for `CONFIG_SHELL' due to
an Autoconf bug. Until the bug is fixed you can use this workaround:
an Autoconf limitation. Until the limitation is lifted, you can use
this workaround:
CONFIG_SHELL=/bin/bash /bin/bash ./configure CONFIG_SHELL=/bin/bash
CONFIG_SHELL=/bin/bash ./configure CONFIG_SHELL=/bin/bash
`configure' Invocation
======================
@@ -367,4 +368,3 @@ operates.
`configure' also accepts some other, not widely useful, options. Run
`configure --help' for more details.

8
TODO
View File

@@ -1,3 +1,11 @@
JSON:
- export secret as json
- import pub und secret as json
- export vault as json
detach keysig generation from pub key export, so that an existing
keysig can be verified later.
key++: normalize id and lc()
allow signing using an alternate secret key, like in pcpdecrypt()

16
configure.ac
View File

@@ -143,6 +143,7 @@ AC_RUN_IFELSE([AC_LANG_PROGRAM([[ #include <stdio.h> ]], [[ exit(0); ]])],
_havenacl=no
_ldlib=""
_have_json=no
AC_ARG_WITH([libsodium],
[AS_HELP_STRING([--with-libsodium],
@@ -223,6 +224,20 @@ if test "x${_havenacl}" != "xno" -a "x$cross_compile" = "xno"; then
fi
AC_ARG_WITH([json],
[AS_HELP_STRING([--with-json],
[enable JSON support])],
[search_json="yes"],
[])
if test "x$search_json" = "xyes"; then
# use pkg only
_have_json="yes"
LDFLAGS="$LDFLAGS -ljansson"
CFLAGS="$CFLAGS -DHAVE_JSON=1"
fi
# Check for some target-specific stuff
case "$host" in
*aix*)
@@ -411,6 +426,7 @@ AC_MSG_RESULT([
build python binding: ${python}
build c++ binding: ${enable_cpp_binding}
json support ${_have_json}
Type 'make' to build, 'make install' to install.
To execute unit tests, type 'make test'.
])

3
include/pcp/config.h.in
View File

@@ -160,9 +160,6 @@
*/
#undef LT_OBJDIR
/* Define to 1 if your C compiler doesn't accept -c and -o together. */
#undef NO_MINUS_C_MINUS_O
/* Name of package */
#undef PACKAGE

4
include/pcp/defines.h
View File

@@ -163,10 +163,6 @@ typedef enum _PCP_KEY_TYPES {
/* pubkey export formats */
#define EXP_FORMAT_NATIVE 1
#define EXP_FORMAT_PBP 2
#define EXP_FORMAT_YAML 3
#define EXP_FORMAT_C 4
#define EXP_FORMAT_PY 5
#define EXP_FORMAT_PERL 6

73
include/pcp/mgmt.h
View File

@@ -47,6 +47,10 @@
#include <stdio.h>
#include <time.h>
#ifdef HAVE_JSON
#include <jansson.h>
#endif
#include "defines.h"
#include "platform.h"
#include "structs.h"
@@ -58,7 +62,7 @@
#include "scrypt.h"
#include "context.h"
/* key management api, export, import, yaml and stuff */
/* key management api, export, import, and stuff */
/**
@@ -163,7 +167,8 @@
blob in the format described above.
*/
Buffer *pcp_export_rfc_pub (pcp_key_t *sk);
Buffer *pcp_export_rfc_pub (PCPCTX *ptx, pcp_key_t *sk);
/** Export a public key in PBP format.
@@ -178,39 +183,6 @@ Buffer *pcp_export_rfc_pub (pcp_key_t *sk);
*/
Buffer *pcp_export_pbp_pub(pcp_key_t *sk);
/** Export a public key in yaml format.
Export a public key in yaml format.
\param sk a secret key structure of type pcp_key_t. The secret keys
in there have to be already decrypted.
\return the function returns a Buffer object containing the binary
blob containing a YAML string.
*/
Buffer *pcp_export_yaml_pub(pcp_key_t *sk);
/** Export a public key in perl code format.
Export a public key in perl code format.
\param sk a secret key structure of type pcp_key_t. The secret keys
in there have to be already decrypted.
\return the function returns a Buffer object containing the binary
blob containing a perl code string (a hash definition).
*/
Buffer *pcp_export_perl_pub(pcp_key_t *sk);
/** Export a public key in C code format.
Export a public key in C code format.
\param sk a secret key structure of type pcp_key_t. The secret keys
in there have to be already decrypted.
\return the function returns a Buffer object containing the binary
blob containing a C code string.
*/
Buffer *pcp_export_c_pub(pcp_key_t *sk);
/** Export secret key.
Export a secret key.
@@ -255,6 +227,37 @@ Buffer *pcp_export_c_pub(pcp_key_t *sk);
*/
Buffer *pcp_export_secret(PCPCTX *ptx, pcp_key_t *sk, char *passphrase);
#ifdef HAVE_JSON
/** Export public key in JSON format
\param[in] sk a secret key structure of type pcp_key_t. The secret keys
in there have to be already decrypted.
\param[in] sig the keysig blob.
\return the function returns a Buffer object containing the binary
blob containing a JSON string.
*/
Buffer *pcp_export_json_pub(PCPCTX *ptx, pcp_key_t *sk, byte *sig);
/** Export secret key in JSON format
\param[in] sk a secret key structure of type pcp_key_t. The secret keys
in there have to be already decrypted.
\param[in] nonce the nonce used to encrypt secret keys
\param[in] cipher the encrypted secret keys
\param[in] clen len of cipher
\return the function returns a Buffer object containing the binary
blob containing a JSON string.
*/
Buffer *pcp_export_json_secret(PCPCTX *ptx, pcp_key_t *sk, byte *nonce, byte *cipher, size_t clen);
json_t *pcp_pub2jsont(pcp_key_t *sk, byte *sig);
#endif
pcp_ks_bundle_t *pcp_import_binpub(PCPCTX *ptx, byte *raw, size_t rawsize);
pcp_ks_bundle_t *pcp_import_pub(PCPCTX *ptx, byte *raw, size_t rawsize); /* FIXME: deprecate */
pcp_ks_bundle_t *pcp_import_pub_rfc(PCPCTX *ptx, Buffer *blob);

4
include/pcp/structs.h
View File

@@ -195,7 +195,9 @@ struct _pcp_ctx_t {
byte pcp_errset; /**< indicates if an error occurred. */
int pcp_exit; /**< exit code for pcp commandline utility */
int verbose; /**< enable verbose output */
#ifdef HAVE_JSON
int json; /**< enable json i/o */
#endif
pcp_key_t *pcpkey_hash; /**< hash containing for keys */
pcp_pubkey_t *pcppubkey_hash; /**< hash for keys. */
pcp_keysig_t *pcpkeysig_hash; /**< hash for key sigs */

10
include/pcp/util.h
View File

@@ -99,6 +99,16 @@ void _xorbuf(byte *iv, byte *buf, size_t xlen);
*/
void _dump(char *n, byte *d, size_t s);
/** return hex string of binary data
\param[in] bin byte array
\param[in] len size of byte array
\return Returns malloc'd hex string. Caller must free.
*/
char *_bin2hex(byte *bin, size_t len);
#endif /* _HAVE_PCP_UTIL_H */
/**@}*/

3
libpcp/context.c
View File

@@ -36,6 +36,9 @@ PCPCTX *ptx_new() {
p->pcp_errset = 0;
p->pcp_exit = 0;
p->verbose = 0;
#ifdef HAVE_JSON
p->json = 0;
#endif
p->pcpkey_hash = NULL;
p->pcppubkey_hash = NULL;
p->pcpkeysig_hash = NULL;

265
libpcp/mgmt.c
View File

@@ -443,120 +443,109 @@ pcp_ks_bundle_t *pcp_import_pub_pbp(PCPCTX *ptx, Buffer *blob) {
return NULL;
}
Buffer *pcp_export_yaml_pub(pcp_key_t *sk) {
Buffer *b = buffer_new_str("yamlbuf");
struct tm *c;
time_t t = time(0);
c = localtime(&t);
#ifdef HAVE_JSON
buffer_add_str(b, "#\n# YAML export of public key\n");
buffer_add_str(b, "# Generated on: %04d-%02d-%02dT%02d:%02d:%02d\n",
c->tm_year+1900, c->tm_mon+1, c->tm_mday,
c->tm_hour, c->tm_min, c->tm_sec);
buffer_add_str(b, "---\n");
json_t *pcp_pub2jsont(pcp_key_t *sk, byte *sig) {
json_t *jout;
char *cryptpub, *sigpub, *masterpub, *ssig;
buffer_add_str(b, "id: %s\n", sk->id);
buffer_add_str(b, "owner: %s\n", sk->owner);
buffer_add_str(b, "mail: %s\n", sk->mail);
buffer_add_str(b, "ctime: %ld\n", (long int)sk->ctime);
buffer_add_str(b, "version: %08x\n", sk->version);
buffer_add_str(b, "serial: %08x\n", sk->serial);
buffer_add_str(b, "type: public\n");
buffer_add_str(b, "cryptpub: "); buffer_add_hex(b, sk->pub, 32); buffer_add_str(b, "\n");
buffer_add_str(b, "sigpub: "); buffer_add_hex(b, sk->edpub, 32); buffer_add_str(b, "\n");
buffer_add_str(b, "masterpub: "); buffer_add_hex(b, sk->masterpub, 32); buffer_add_str(b, "\n");
char *jformat = "{sssssssisisisissssssssssss}";
cryptpub = _bin2hex(sk->pub, 32);
sigpub = _bin2hex(sk->edpub, 32);
masterpub= _bin2hex(sk->masterpub, 32);
if(sig != NULL) {
ssig = _bin2hex(sig, crypto_sign_BYTES + crypto_generichash_BYTES_MAX);
}
else {
ssig = malloc(1);
ssig[0] = '\0';
jformat = "{sssssssisisisissssssssss}";
}
jout = json_pack(jformat,
"id", sk->id,
"owner", sk->owner,
"mail", sk->mail,
"ctime", (int)sk->ctime,
"expire", (int)sk->ctime+31536000,
"version", (int)sk->version,
"serial", (int)sk->serial,
"type", "public",
"cipher", EXP_PK_CIPHER_NAME,
"cryptpub", cryptpub,
"sigpub", sigpub,
"masterpub", masterpub,
"signature", ssig
);
free(cryptpub);
free(sigpub);
free(masterpub);
if(sig != NULL)
free(ssig);
return jout;
}
Buffer *pcp_export_json_secret(PCPCTX *ptx, pcp_key_t *sk, byte *nonce, byte *cipher, size_t clen) {
Buffer *b = buffer_new_str("jsonbuf");
char *jdump, *xcipher, *xnonce;
json_t *jout;
json_error_t jerror;
assert(ptx->json);
jout = pcp_pub2jsont(sk, NULL);
xcipher = _bin2hex(cipher, clen);
xnonce = _bin2hex(nonce, crypto_secretbox_NONCEBYTES);
json_object_set(jout, "type", json_string("secret"));
json_object_set(jout, "secrets", json_string(xcipher));
json_object_set(jout, "nonce", json_string(xnonce));
jdump = json_dumps(jout, JSON_INDENT(4) | JSON_PRESERVE_ORDER);
if(jdump != NULL) {
buffer_add_str(b, jdump);
free(jdump);
}
else {
fatal(ptx, "JSON encoding error: %s", jerror);
}
json_decref(jout);
return b;
}
Buffer *pcp_export_perl_pub(pcp_key_t *sk) {
Buffer *b = buffer_new_str("perlbuf");
struct tm *c;
time_t t = time(0);
c = localtime(&t);
size_t i;
Buffer *pcp_export_json_pub(PCPCTX *ptx, pcp_key_t *sk, byte *sig) {
Buffer *b = buffer_new_str("jsonbuf");
char *jdump;
json_t *jout;
json_error_t jerror;
buffer_add_str(b, "#\n# Perl export of public key\n");
buffer_add_str(b, "# Generated on: %04d-%02d-%02dT%02d:%02d:%02d\n",
c->tm_year+1900, c->tm_mon+1, c->tm_mday,
c->tm_hour, c->tm_min, c->tm_sec);
buffer_add_str(b, "# \nmy %%key = (\n");
assert(ptx->json);
buffer_add_str(b, " id => \"%s\",\n", sk->id);
buffer_add_str(b, " owner => \"%s\",\n", sk->owner);
buffer_add_str(b, " mail => '%s',\n", sk->mail);
buffer_add_str(b, " ctime => %ld,\n", (long int)sk->ctime);
buffer_add_str(b, " version => x%08x,\n", sk->version);
buffer_add_str(b, " serial => x%08x,\n", sk->serial);
buffer_add_str(b, " type => \"public\",\n");
jout = pcp_pub2jsont(sk, sig);
jdump = json_dumps(jout, JSON_INDENT(4) | JSON_PRESERVE_ORDER);
buffer_add_str(b, " cryptpub => [");
for (i=0; i<31; ++i) {
buffer_add_str(b, "x%02x,", sk->pub[i]);
if(i % 8 == 7 && i > 0)
buffer_add_str(b, "\n ");
if(jdump != NULL) {
buffer_add_str(b, jdump);
free(jdump);
}
buffer_add_str(b, "x%02x],\n", sk->pub[31]);
buffer_add_str(b, " sigpub => [");
for (i=0; i<31; ++i) {
buffer_add_str(b, "x%02x,", sk->edpub[i]);
if(i % 8 == 7 && i > 0)
buffer_add_str(b, "\n ");
else {
fatal(ptx, "JSON encoding error: %s", jerror);
}
buffer_add_str(b, "x%02x],\n", sk->edpub[31]);
buffer_add_str(b, " masterpub => [");
for (i=0; i<31; ++i) {
buffer_add_str(b, "x%02x,", sk->masterpub[i]);
if(i % 8 == 7 && i > 0)
buffer_add_str(b, "\n ");
}
buffer_add_str(b, "x%02x]\n", sk->masterpub[31]);
buffer_add_str(b, ");\n");
json_decref(jout);
return b;
}
void pcp_export_c_pub_var(Buffer *b, char *var, byte *d, size_t len) {
buffer_add_str(b, "byte %s[%ld] = {\n ", var, len);
size_t i;
for(i=0; i<len-1; ++i) {
buffer_add_str(b, "0x%02x, ", (unsigned int)d[i]);
if (i % 8 == 7) buffer_add_str(b, "\n ");
}
buffer_add_str(b, "0x%02x\n};\n", (unsigned int)d[i]);
}
Buffer *pcp_export_c_pub(pcp_key_t *sk) {
Buffer *b = buffer_new_str("c-buf");
struct tm *c;
time_t t = time(0);
c = localtime(&t);
buffer_add_str(b, "/*\n * C export of public key\n");
buffer_add_str(b, " * Generated on: %04d-%02d-%02dT%02d:%02d:%02d\n",
c->tm_year+1900, c->tm_mon+1, c->tm_mday,
c->tm_hour, c->tm_min, c->tm_sec);
buffer_add_str(b, " */\n");
buffer_add_str(b, "char id[] = \"%s\";\n", sk->id);
buffer_add_str(b, "char owner[] = \"%s\";\n", sk->owner);
buffer_add_str(b, "char mail[] = \"%s\";\n", sk->mail);
buffer_add_str(b, "uint64_t ctime = %ld;\n", sk->ctime);
buffer_add_str(b, "uint32_t version = 0x%08x;\n", sk->version);
buffer_add_str(b, "uint32_t serial = 0x%08x;\n", sk->serial);
buffer_add_str(b, "char[] type = \"public\";\n");
pcp_export_c_pub_var(b, "cryptpub", sk->pub, 32);
pcp_export_c_pub_var(b, "sigpub", sk->pub, 32);
pcp_export_c_pub_var(b, "masterpub", sk->pub, 32);
return b;
}
#endif
Buffer *pcp_export_pbp_pub(pcp_key_t *sk) {
struct tm *v, *c;
@@ -611,10 +600,11 @@ Buffer *pcp_export_pbp_pub(pcp_key_t *sk) {
}
Buffer *pcp_export_rfc_pub (pcp_key_t *sk) {
Buffer *pcp_export_rfc_pub (PCPCTX *ptx, pcp_key_t *sk) {
Buffer *out = buffer_new(320, "exportbuf");
Buffer *raw = buffer_new(256, "keysigbuf");
/* add the header */
buffer_add8(out, PCP_KEY_VERSION);
buffer_add64be(out, sk->ctime);
@@ -710,6 +700,15 @@ Buffer *pcp_export_rfc_pub (pcp_key_t *sk) {
/* append the signed hash */
buffer_add(out, sig, crypto_sign_BYTES + crypto_generichash_BYTES_MAX);
#ifdef HAVE_JSON
if(ptx->json) {
Buffer *jout = pcp_export_json_pub(ptx, sk, sig);
buffer_free(out);
out = jout;
}
#endif
/* and that's it. wasn't that easy? :) */
buffer_free(raw);
memset(hash, 0, crypto_generichash_BYTES_MAX);
@@ -727,33 +726,42 @@ Buffer *pcp_export_secret(PCPCTX *ptx, pcp_key_t *sk, char *passphrase) {
size_t es;
Buffer *raw = buffer_new(512, "secretbuf");
Buffer *out = buffer_new(512, "secretciperblob");
Buffer *out = buffer_new(512, "secretcipherblob");
buffer_add(raw, sk->mastersecret, 64);
buffer_add(raw, sk->secret, 32);
buffer_add(raw, sk->edsecret, 64);
buffer_add(raw, sk->masterpub, 32);
buffer_add(raw, sk->pub, 32);
buffer_add(raw, sk->edpub, 32);
#ifdef HAVE_JSON
if(! ptx->json) {
/* only encrypt everything if exporting in native format */
#endif
if(strlen(sk->owner) > 0) {
buffer_add16be(raw, strlen(sk->owner));
buffer_add(raw, sk->owner, strlen(sk->owner));
buffer_add(raw, sk->masterpub, 32);
buffer_add(raw, sk->pub, 32);
buffer_add(raw, sk->edpub, 32);
if(strlen(sk->owner) > 0) {
buffer_add16be(raw, strlen(sk->owner));
buffer_add(raw, sk->owner, strlen(sk->owner));
}
else
buffer_add16be(raw, 0);
if(strlen(sk->mail) > 0) {
buffer_add16be(raw, strlen(sk->mail));
buffer_add(raw, sk->mail, strlen(sk->mail));
}
else
buffer_add16be(raw, 0);
buffer_add64be(raw, sk->ctime);
buffer_add32be(raw, sk->version);
buffer_add32be(raw, sk->serial);
#ifdef HAVE_JSON
}
else
buffer_add16be(raw, 0);
if(strlen(sk->mail) > 0) {
buffer_add16be(raw, strlen(sk->mail));
buffer_add(raw, sk->mail, strlen(sk->mail));
}
else
buffer_add16be(raw, 0);
buffer_add64be(raw, sk->ctime);
buffer_add32be(raw, sk->version);
buffer_add32be(raw, sk->serial);
#endif
nonce = ucmalloc(crypto_secretbox_NONCEBYTES);
arc4random_buf(nonce, crypto_secretbox_NONCEBYTES);
@@ -761,8 +769,21 @@ Buffer *pcp_export_secret(PCPCTX *ptx, pcp_key_t *sk, char *passphrase) {
es = pcp_sodium_mac(&cipher, buffer_get(raw), buffer_size(raw), nonce, symkey);
buffer_add(out, nonce, crypto_secretbox_NONCEBYTES);
buffer_add(out, cipher, es);
#ifdef HAVE_JSON
if(ptx->json) {
Buffer *jout = pcp_export_json_secret(ptx, sk, nonce, cipher, es);
buffer_free(out);
out = jout;
}
else {
#endif
buffer_add(out, nonce, crypto_secretbox_NONCEBYTES);
buffer_add(out, cipher, es);
#ifdef HAVE_JSON
}
#endif
buffer_free(raw);
ucfree(nonce, crypto_secretbox_NONCEBYTES);

9
libpcp/util.c
View File

@@ -74,3 +74,12 @@ void _dump(char *n, byte *d, size_t s) {
}
fprintf(stderr, "\n");
}
char *_bin2hex(byte *bin, size_t len) {
char *out = malloc((len*2) + 1);
size_t i;
for(i=0; i<len; ++i)
sprintf(&out[i*2], "%02x", bin[i]);
out[len*2] = '\0';
return out;
}

7
man/options.pod
View File

@@ -62,12 +62,9 @@
-K --import Import a key. pcp determines automatically
--import-key the key type and encodingg. Use -I to import
from a file.
-y --export-yaml Export all keys stored in your vault
as YAML formatted text. Use -O to put
the export into a file.
-F --format Export the key in a particular format.
Currently supported: pcp, pbp, yaml,
perl and C.
Currently supported: pcp and pbp.
-j --json enable JSON ex- and import of keys.
Encryption Options:
-e --encrypt Asym-Encrypt a message. Read from stdin or

20
src/keymgmt.c
View File

@@ -357,7 +357,7 @@ void pcp_exportpublic(char *keyid, char *passwd, char *outfile, int format, int
/* now, we're ready for the actual export */
if(format == EXP_FORMAT_NATIVE) {
if(is_foreign == 0) {
exported_pk = pcp_export_rfc_pub(sk);
exported_pk = pcp_export_rfc_pub(ptx, sk);
if(exported_pk != NULL) {
if(armor == 1) {
size_t zlen;
@@ -395,24 +395,6 @@ void pcp_exportpublic(char *keyid, char *passwd, char *outfile, int format, int
goto errpcpexpu1;
}
}
else if(format == EXP_FORMAT_YAML) {
exported_pk = pcp_export_yaml_pub(sk);
if(exported_pk != NULL) {
fprintf(out, "%s", buffer_get_str(exported_pk));
}
}
else if(format == EXP_FORMAT_PERL) {
exported_pk = pcp_export_perl_pub(sk);
if(exported_pk != NULL) {
fprintf(out, "%s", buffer_get_str(exported_pk));
}
}
else if(format == EXP_FORMAT_C) {
exported_pk = pcp_export_c_pub(sk);
if(exported_pk != NULL) {
fprintf(out, "%s", buffer_get_str(exported_pk));
}
}
errpcpexpu1:
;

68
src/keyprint.c
View File

@@ -298,74 +298,6 @@ void pcppubkey_printshortinfo(pcp_pubkey_t *key) {
free(r);
}
void pcpexport_yaml(char *outfile) {
FILE *out;
if(outfile == NULL) {
out = stdout;
}
else {
if((out = fopen(outfile, "wb+")) == NULL) {
fatal(ptx, "Could not create output file %s\n", outfile);
out = NULL;
}
}
if(out != NULL) {
pcp_key_t *s;
pcp_pubkey_t *p;
struct tm *c;
time_t t = time(0);
c = localtime(&t);
fprintf(out, "#\n# YAML export of vault %s.\n", vault->filename);
fprintf(out, "# Generated on: %04d-%02d-%02dT%02d:%02d:%02d\n",
c->tm_year+1900, c->tm_mon+1, c->tm_mday,
c->tm_hour, c->tm_min, c->tm_sec);
fprintf(out, "---\n");
fprintf(out, "secret-keys:\n");
pcphash_iterate(ptx, s) {
fprintf(out, " -\n");
fprintf(out, " id: %s\n", s->id);
fprintf(out, " owner: %s\n", s->owner);
fprintf(out, " mail: %s\n", s->mail);
fprintf(out, " ctime: %ld\n", (long int)s->ctime);
fprintf(out, " version: %08x\n", s->version);
fprintf(out, " serial: %08x\n", s->serial);
fprintf(out, " type: %s\n",
(s->type == PCP_KEY_TYPE_MAINSECRET) ? "primary" : " secret");
fprintf(out, " public: "); pcpprint_bin(out, s->pub, 32); fprintf(out, "\n");
if(s->secret[0] == 0) {
fprintf(out, " encrypted: yes\n");
fprintf(out, " nonce: "); pcpprint_bin(out, s->nonce, 24); fprintf(out, "\n");
fprintf(out, " secret: "); pcpprint_bin(out, s->encrypted, 80); fprintf(out, "\n");
}
else {
fprintf(out, " encrypted: no\n");
fprintf(out, " secret: "); pcpprint_bin(out, s->secret, 32); fprintf(out, "\n");
fprintf(out, " edsecret: "); pcpprint_bin(out, s->edsecret, 64); fprintf(out, "\n");
}
fprintf(out, " edpub: "); pcpprint_bin(out, s->edpub, 32); fprintf(out, "\n");
}
fprintf(out, "public-keys:\n");
pcphash_iteratepub(ptx, p) {
fprintf(out, " -\n");
fprintf(out, " id: %s\n", p->id);
fprintf(out, " owner: %s\n", p->owner);
fprintf(out, " mail: %s\n", p->mail);
fprintf(out, " ctime: %ld\n", (long int)p->ctime);
fprintf(out, " version: %08x\n", p->version);
fprintf(out, " serial: %08x\n", p->serial);
fprintf(out, " type: public\n");
fprintf(out, " public: "); pcpprint_bin(out, p->pub, 32); fprintf(out, "\n");
fprintf(out, " edpub: "); pcpprint_bin(out, p->edpub, 32); fprintf(out, "\n");
}
}
}
void pcpprint_bin(FILE *out, byte *data, size_t len) {
size_t i;
for ( i = 0;i < len;++i)

1
src/keyprint.h
View File

@@ -44,7 +44,6 @@ void pcptext_key(char *keyid);
void pcptext_vault(vault_t *vault);
int pcptext_infile(char *infile);
void pcpexport_yaml(char *outfile);
void pcpprint_bin(FILE *out, byte *data, size_t len);
#endif /* _HAVE_PCP_KEYPRINT_H */

34
src/pcp.c
View File

@@ -106,7 +106,6 @@ int main (int argc, char **argv) {
{ "import-key", no_argument, NULL, 'K' }, /* alias -K */
{ "remove-key", no_argument, NULL, 'R' },
{ "edit-key", no_argument, NULL, 'E' },
{ "export-yaml", no_argument, NULL, 'y' },
{ "export-format", required_argument, NULL, 'F' },
/* crypto */
@@ -121,6 +120,7 @@ int main (int argc, char **argv) {
{ "armor", no_argument, NULL, 'a' }, /* alias -z */
{ "textmode", no_argument, NULL, 'a' }, /* alias -z */
{ "z85-decode", no_argument, NULL, 'Z' },
{ "json-io", no_argument, NULL, 'j' },
/* globals */
{ "help", no_argument, NULL, 'h' },
@@ -135,7 +135,7 @@ int main (int argc, char **argv) {
{ NULL, 0, NULL, 0 }
};
while ((opt = getopt_long(argc, argv, "klLV:vdehsO:i:I:pSPRtEx:DzaZr:gcymf:b1F:0KAMX:",
while ((opt = getopt_long(argc, argv, "klLV:vdehsO:i:I:pSPRtEx:DzaZr:gcmf:b1F:0KAMX:j",
longopts, NULL)) != -1) {
switch (opt) {
@@ -210,26 +210,18 @@ int main (int argc, char **argv) {
else if(strncmp(optarg, "pcp", 3) == 0) {
exportformat = EXP_FORMAT_NATIVE;
}
else if(strncmp(optarg, "yaml", 3) == 0) {
exportformat = EXP_FORMAT_YAML;
}
else if(strncmp(optarg, "c", 3) == 0) {
exportformat = EXP_FORMAT_C;
}
else if(strncmp(optarg, "py", 3) == 0) {
exportformat = EXP_FORMAT_PY;
}
else if(strncmp(optarg, "perl", 3) == 0) {
exportformat = EXP_FORMAT_PERL;
}
else if(strncmp(optarg, "c", 3) == 0) {
exportformat = EXP_FORMAT_C;
}
else {
warn("Unknown export format specified, using native\n");
exportformat = EXP_FORMAT_NATIVE;
}
break;
case 'j':
#ifdef HAVE_JSON
ptx->json = 1;
#else
fprintf(stderr, "WARN: -j set, but no JSON support compiled in. Recompile with --with-json\n");
#endif
break;
case 'g':
mode += PCP_MODE_SIGN;
usevault = 1;
@@ -243,10 +235,6 @@ int main (int argc, char **argv) {
strncpy(sigfile, optarg, strlen(optarg)+1);
detach = 1;
break;
case 'y':
mode += PCP_MODE_YAML;
usevault = 1;
break;
case 'V':
strncpy(vaultfile, optarg, 1024);
@@ -566,10 +554,6 @@ int main (int argc, char **argv) {
}
break;
case PCP_MODE_YAML:
pcpexport_yaml(outfile);
break;
default:
/* */
goto ELSEMODE;

6
src/usage.h
View File

@@ -28,9 +28,10 @@
"-s --export-secret Export a secret key.\n" \
"-p --export-public Export a public key.\n" \
"-K --import Import a secret or public key.\n" \
"-y --export-yaml Export all keys as YAML formatted text.\n" \
"-F --export-format <fmt> Specify exportformat, either 'pbp' or 'pcp'.\n" \
" 'pcp' is the default if unspecified.\n" \
"-j --json Enable JSON ex- and import of keys.\n" \
"\n" \
"Encryption Options:\n" \
"-e --encrypt Asym-Encrypt a message. If none of -i or -r\n" \
" has been given, encrypt the message symetrically.\n" \
@@ -50,6 +51,5 @@
"Arguments:\n" \
"Extra arguments after options are treated as filenames or\n" \
"recipients, depending on operation mode.\n" \
"\n" \
"\n"
""
#endif

2
src/usage.sh
View File

@@ -6,5 +6,5 @@ echo -n "#define PCP_HELP " >> usage.h
cat usage.txt | sed -e 's/^/"/' -e 's/$/\\n" \\/' >> usage.h
echo "\"\\n\"" >> usage.h
printf "\"\"\\n" >> usage.h
echo "#endif" >> usage.h

4
src/usage.txt
View File

@@ -26,9 +26,10 @@ Keymanagement Options:
-s --export-secret Export a secret key.
-p --export-public Export a public key.
-K --import Import a secret or public key.
-y --export-yaml Export all keys as YAML formatted text.
-F --export-format <fmt> Specify exportformat, either 'pbp' or 'pcp'.
'pcp' is the default if unspecified.
-j --json Enable JSON ex- and import of keys.
Encryption Options:
-e --encrypt Asym-Encrypt a message. If none of -i or -r
has been given, encrypt the message symetrically.
@@ -48,4 +49,3 @@ Encoding Options:
Arguments:
Extra arguments after options are treated as filenames or
recipients, depending on operation mode.

12
tests/unittests.cfg
View File

@@ -267,11 +267,6 @@ temporarily disabled
expect = /added to/
</test>
<test check-vcl-crypto-unencrypted-secret-yaml>
cmd = $pcp -V vcl -y
expect = /encrypted: no/
</test>
<test check-vcl-prepare-import-bpub>
cmd = $pcp -V vcl -I key-bobby-pub -K
expect = /added/
@@ -359,13 +354,6 @@ temporarily disabled
expect = /Verified/s
</test>
#
# yaml export test
<test check-export-yaml>
cmd = $pcp -V va -y | perl -Ilib -MYAML -MData::Dumper -e "print Dumper(Load(join('',<>)))"
expect = /VAR1/
</test>
#
# raw C test with prepared keys, message and cipher
<test check-raw-decrypt>