added -M; removed CBC support, fixed asym-self-mode

configure.ac

@@ -218,12 +218,6 @@ if test "x${_havenacl}" != "xno" -a "x$cross_compile" = "xno"; then
     )
 fi
 
-AC_ARG_ENABLE([cbc],
-            [AS_HELP_STRING([--enable-cbc],
-                            [Enable CBC@1k encryption mode (default: EBC @32k)])],
-            [AC_DEFINE(PCP_CBC, 1, Define if you want to enable CBC mode)],
-             [])
-
 
 # Check for some target-specific stuff
 case "$host" in
@@ -410,7 +404,6 @@ AC_MSG_RESULT([
 	target platform:        ${host}
         big endian cpu:         ${bigendian}
 	cross compile:          ${cross_compile}
-	have nacl:              ${_havenacl}
 
 	build python binding:   ${python}
 	build c++ binding:      ${enable_cpp_binding}

include/pcp.h

@@ -8,9 +8,9 @@ extern "C" {
 #include "pcp/config.h"
 #include "pcp/base85.h"
 #include "pcp/buffer.h"
-#include "pcp/config.h"
 #include "pcp/context.h"
 #include "pcp/crypto.h"
+#include "pcp/crypto_scrypt.h"
 #include "pcp/defines.h"
 #include "pcp/digital_crc32.h"
 #include "pcp/ed.h"

include/pcp/config.h.in

@@ -185,9 +185,6 @@
 /* Define to the version of this package. */
 #undef PACKAGE_VERSION
 
-/* Define if you want to enable CBC mode */
-#undef PCP_CBC
-
 /* Define to 1 if you have the ANSI C header files. */
 #undef STDC_HEADERS
 

include/pcp/defines.h

@@ -114,21 +114,11 @@ typedef enum _PCP_KEY_TYPES {
 #define PCP_SIG_VERSION 2
 
 /*  crypto file format stuff */
-/*  enabled via config.h (configure --enable-cbc) */
-#ifndef PCP_CBC
 #define PCP_ASYM_CIPHER         5
 #define PCP_ASYM_CIPHER_ANON    6
 #define PCP_SYM_CIPHER          23
 #define PCP_ASYM_CIPHER_SIG     24
 #define PCP_BLOCK_SIZE          32 * 1024
-#else
-/*  CBC mode, use smaller blocks */
-  #define PCP_ASYM_CIPHER         7
-  #define PCP_ASYM_CIPHER_ANON    9
-  #define PCP_ASYM_CIPHER_SIG     8
-  #define PCP_SYM_CIPHER          25
-  #define PCP_BLOCK_SIZE          1 * 1024
-#endif
 
 #define PCP_CRYPTO_ADD          (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES)
 #define PCP_BLOCK_SIZE_IN       (PCP_BLOCK_SIZE) + PCP_CRYPTO_ADD + crypto_secretbox_NONCEBYTES

include/pcp/plist.h

@@ -60,6 +60,13 @@ static inline void p_add(plist_t **lst, char *value) {
   }
 }
 
+static inline void p_add_me(plist_t **lst) {
+  char *me = (char *)malloc(13);
+  strcpy(me, "__self__");
+  p_add(lst, me);
+  free(me);
+}
+
 static inline void p_clean(plist_t *lst) {
   plist_t *iter = lst->first;
   plist_t *tmp;

libpcp/crypto.c

@@ -242,6 +242,24 @@ size_t pcp_decrypt_stream(PCPCTX *ptx, Pcpstream *in, Pcpstream* out, pcp_key_t
 	}
 	free(recipient);
       }
+
+      /* do the same with our secret keys, just in case the sender used -M */
+      if(recmatch == 0) {
+	pcp_key_t *k;
+	pcphash_iterate(ptx, k) {
+	  cur = pcpkey_pub_from_secret(k);
+	  byte *recipient;
+	  recipient = pcp_box_decrypt(ptx, s, cur, rec_buf, PCP_ASYM_RECIPIENT_SIZE, &rec_size);
+	  if(recipient != NULL && rec_size == crypto_secretbox_KEYBYTES) {
+	    /*  found a match */
+	    recmatch = 1;
+	    symkey = smalloc(crypto_secretbox_KEYBYTES);
+	    memcpy(symkey, recipient, crypto_secretbox_KEYBYTES);
+	    free(recipient);
+	    break;
+	  }
+	}
+      }
     }
     if(verify) {
       size_t R = nrec * (PCP_ASYM_RECIPIENT_SIZE);
@@ -255,11 +273,14 @@ size_t pcp_decrypt_stream(PCPCTX *ptx, Pcpstream *in, Pcpstream* out, pcp_key_t
     goto errdef1;
   }
 
+  fatals_reset(ptx);
+
   /*  step 5, actually decrypt the file, finally */
   if(verify) {
     pcp_rec_t *rec = pcp_rec_new(reccipher, nrec * PCP_ASYM_RECIPIENT_SIZE, NULL, cur);
     size_t s = pcp_decrypt_stream_sym(ptx, in, out, symkey, rec);
     pcp_rec_free(rec);
+    ucfree(reccipher, lenrec * PCP_ASYM_RECIPIENT_SIZE);
     sfree(symkey);
     return s;
   }
@@ -425,17 +446,6 @@ size_t pcp_encrypt_stream_sym(PCPCTX *ptx, Pcpstream *in, Pcpstream *out, byte *
     }
   }
 
-#ifdef PCP_CBC
-  /*  write the IV, pad it with rubbish, since pcp_decrypt_file_sym */
-  /*  reads in with  PCP_BLOCK_SIZE_IN buffersize and uses the last */
-  /*  PCP_BLOCK_SIZE as IV. */
-  byte *iv = urmalloc(PCP_BLOCK_SIZE);
-  byte *ivpad = urmalloc(PCP_BLOCK_SIZE_IN - PCP_BLOCK_SIZE);
-
-  ps_write(out, ivpad, PCP_BLOCK_SIZE_IN - PCP_BLOCK_SIZE);
-  ps_write(out, iv, PCP_BLOCK_SIZE);
-#endif
-
   /*  32k-Block-mode. */
   in_buf = ucmalloc(PCP_BLOCK_SIZE);
   while(!ps_end(in)) {
@@ -446,11 +456,6 @@ size_t pcp_encrypt_stream_sym(PCPCTX *ptx, Pcpstream *in, Pcpstream *out, byte *
     /* generate nonce and put current buffer counter into it */
     buf_nonce = _gen_ctr_nonce(ctr++);
 
-#ifdef PCP_CBC
-    /*  apply IV to current clear */
-    _xorbuf(iv, in_buf, cur_bufsize);
-#endif
-
     es = pcp_sodium_mac(&buf_cipher, in_buf, cur_bufsize, buf_nonce, symkey);
 
     ps_write(out, buf_nonce, crypto_secretbox_NONCEBYTES);
@@ -464,10 +469,6 @@ size_t pcp_encrypt_stream_sym(PCPCTX *ptx, Pcpstream *in, Pcpstream *out, byte *
       crypto_generichash_update(st, buf_cipher, es);
       //crypto_generichash_update(st, in_buf, cur_bufsize);
 
-#ifdef PCP_CBC
-    /*  make current cipher to next IV, ignore nonce and pad */
-    memcpy(iv, &buf_cipher[PCP_CRYPTO_ADD], PCP_BLOCK_SIZE);
-#endif
   }
 
   if(ps_err(out) != 0) {
@@ -537,10 +538,6 @@ size_t pcp_decrypt_stream_sym(PCPCTX *ptx, Pcpstream *in, Pcpstream* out, byte *
     signature_cr = ucmalloc(siglen_cr);
   }
 
-#ifdef PCP_CBC
-  byte *iv = NULL; /*  will be filled during 1st loop */
-#endif
-
 
   in_buf = ucmalloc(PCP_BLOCK_SIZE_IN);
   while(!ps_end(in)) {
@@ -556,15 +553,6 @@ size_t pcp_decrypt_stream_sym(PCPCTX *ptx, Pcpstream *in, Pcpstream* out, byte *
       }
     }
 
-#ifdef PCP_CBC
-    if(iv == NULL) {
-      /*  first block is the IV, don't write it out and skip to the next block */
-      iv = ucmalloc(PCP_BLOCK_SIZE);
-      memcpy(iv, &in_buf[PCP_CRYPTO_ADD + crypto_secretbox_NONCEBYTES], PCP_BLOCK_SIZE);
-      continue;
-    }
-#endif
-
     ciphersize = cur_bufsize - crypto_secretbox_NONCEBYTES;
     memcpy(buf_nonce, in_buf, crypto_secretbox_NONCEBYTES);
     memcpy(buf_cipher, &in_buf[crypto_secretbox_NONCEBYTES], ciphersize);
@@ -581,11 +569,6 @@ size_t pcp_decrypt_stream_sym(PCPCTX *ptx, Pcpstream *in, Pcpstream* out, byte *
     pastctr = ctr;
     es = pcp_sodium_verify_mac(&buf_clear, buf_cipher, ciphersize, buf_nonce, symkey);
 
-#ifdef PCP_CBC
-    /*  take last IV and apply it to current clear */
-    _xorbuf(iv, buf_clear, cur_bufsize - (PCP_CRYPTO_ADD + crypto_secretbox_NONCEBYTES));
-#endif 
-
     out_size += ciphersize - PCP_CRYPTO_ADD;
 
     if(es == 0) {
@@ -610,10 +593,6 @@ size_t pcp_decrypt_stream_sym(PCPCTX *ptx, Pcpstream *in, Pcpstream* out, byte *
       out_size = 0;
       break;
     }
-#ifdef PCP_CBC
-    /*  use last cipher as next IV */
-    memcpy(iv, &in_buf[PCP_CRYPTO_ADD + crypto_secretbox_NONCEBYTES], PCP_BLOCK_SIZE);
-#endif
   }
 
   ucfree(in_buf, PCP_BLOCK_SIZE_IN);

libpcp/key.c

@@ -207,12 +207,11 @@ pcp_key_t *pcpkey_decrypt(PCPCTX *ptx, pcp_key_t *key, char *passphrase) {
     memcpy(key->mastersecret, decrypted, 64);
     memcpy(key->edsecret, decrypted + 64, 64);    
     memcpy(key->secret, decrypted +128, 32);
-    ucfree(decrypted, 176);
+    ucfree(decrypted, 160);
   }
   else {
     fatal(ptx, "failed to decrypt the secret key (got %d, expected 32)!\n", es);
-    ucfree(decrypted, 176);
-    ucfree(key, sizeof(pcp_key_t));
+    ucfree(decrypted, 160);
     return NULL;
   }
 

src/encryption.c

@@ -166,11 +166,11 @@ int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, plist_t *rec
   pcp_pubkey_t *pub = NULL;
   pcp_key_t *secret = NULL;
   byte *symkey = NULL;
-  int self = 0;
+  int symmode = 0;
 
   if(id == NULL && recipient == NULL) {
-    /*  self mode */
-    self = 1;
+    /*  sym mode */
+    symmode = 1;
     char *passphrase;
     if(passwd == NULL) {
       pcp_readpass(&passphrase,
@@ -195,8 +195,9 @@ int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, plist_t *rec
       pcp_key_t *s = pcphash_keyexists(ptx, id);
       if(s != NULL) {
 	tmp = pcpkey_pub_from_secret(s);
-	HASH_ADD_STR( pubhash, id, tmp);
-	self = 1;
+	pub = ucmalloc(sizeof(pcp_pubkey_t));
+	memcpy(pub, tmp, sizeof(pcp_pubkey_t));
+	HASH_ADD_STR( pubhash, id, pub);
       }
       else {
 	fatal(ptx, "Could not find a public key with id 0x%s in vault %s!\n",
@@ -220,7 +221,8 @@ int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, plist_t *rec
       rec = recipient->first;
       while (rec != NULL) {
 	_lc(rec->value);
-	if(strnstr(tmp->mail, rec->value, 255) != NULL || strnstr(tmp->owner, rec->value, 255) != NULL) {
+	if(strnstr(tmp->mail, rec->value, 255) != NULL 
+	   || strnstr(tmp->owner, rec->value, 255) != NULL) {
 	  pub = ucmalloc(sizeof(pcp_pubkey_t));
 	  memcpy(pub, tmp, sizeof(pcp_pubkey_t));
 	  HASH_ADD_STR( pubhash, id, pub);
@@ -229,6 +231,19 @@ int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, plist_t *rec
 	rec = rec->next;
       }
     }
+
+    /* look if we need to add ourselfes */
+    rec = recipient->first;
+    while (rec != NULL) {
+      if(strnstr("__self__", rec->value, 13) != NULL) {
+	pcp_key_t *s = pcp_find_primary_secret();
+	pcp_pubkey_t *p = pcpkey_pub_from_secret(s);
+	HASH_ADD_STR( pubhash, id, p);
+	break;
+      }
+      rec = rec->next;
+    }
+    
     if(HASH_COUNT(pubhash) == 0) {
       fatal(ptx, "no matching key found for specified recipient(s)!\n");
       goto erren3;
@@ -236,7 +251,7 @@ int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, plist_t *rec
   }
 
 
-  if(self != 1) {
+  if(symmode != 1) {
   /*  we're using a random secret keypair on our side */
     if(anon) {
       secret = pcpkey_new();
@@ -295,7 +310,7 @@ int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, plist_t *rec
     ps_armor(pout, PCP_BLOCK_SIZE/2);
   }
 
-  if(self == 1) {
+  if(symmode == 1) {
     clen = pcp_encrypt_stream_sym(ptx, pin, pout, symkey, 0, NULL);
     sfree(symkey);
   }
@@ -339,5 +354,8 @@ int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, plist_t *rec
 
  erren3:
 
+  if(tmp != NULL)
+    ucfree(tmp, sizeof(pcp_pubkey_t));
+
   return 1;
 }

src/pcp.c

@@ -99,9 +99,10 @@ int main (int argc, char **argv)  {
 
     /*  crypto */
     { "encrypt",         no_argument,       NULL,           'e' },
-    { "encrypt-me",      no_argument,       NULL,           'm' },
+    { "encrypt-sym",     no_argument,       NULL,           'm' },
     { "decrypt",         no_argument,       NULL,           'd' },
     { "anonymous",       no_argument,       NULL,           'A' },
+    { "add-myself",      no_argument,       NULL,           'M' },
 
     /*  encoding */
     { "z85-encode",      no_argument,       NULL,           'z' },
@@ -122,7 +123,7 @@ int main (int argc, char **argv)  {
     { NULL,              0,                 NULL,            0 }
   };
 
-  while ((opt = getopt_long(argc, argv, "klLV:vdehsO:i:I:pSPRtEx:DzaZr:gcymf:b1F:0KA",
+  while ((opt = getopt_long(argc, argv, "klLV:vdehsO:i:I:pSPRtEx:DzaZr:gcymf:b1F:0KAM",
 			    longopts, NULL)) != -1) {
   
     switch (opt)  {
@@ -265,6 +266,10 @@ int main (int argc, char **argv)  {
 	p_add(&recipient, optarg);
 	userec = 1;
 	break;
+      case 'M':
+	p_add_me(&recipient);
+	userec = 1;
+	break;
 
       case 'D':
 	debug = 1;

tests/unittests.cfg

@@ -234,6 +234,16 @@ temporarily disabled
     cmd = cat testdecrypted
     expect = /${md5msg}/
   </test>
+
+  <test check-crypto-alicia-encrypt-self>
+    cmd = $pcp -V va -e -M -I testmessage -O testencryptedself -x a
+    expect = /Alicia/
+  </test>
+
+  <test check-crypto-alicia-deencrypt-self>
+    cmd = $pcp -V va -d -I testencryptedself -O testdecrypted -x a
+    expect = /successfully/
+  </test>
 </test>
 
 #