diff --git a/include/Makefile.am b/include/Makefile.am index aff9543..09cd60a 100644 --- a/include/Makefile.am +++ b/include/Makefile.am @@ -17,6 +17,7 @@ PCPEXPORT = pcp.h \ pcp/version.h \ pcp/z85.h \ pcp/zmq_z85.h \ - pcp/ed.h + pcp/ed.h \ + pcp/base85.h nobase_include_HEADERS = $(PCPEXPORT) diff --git a/include/Makefile.in b/include/Makefile.in index e8fa52c..5624b52 100644 --- a/include/Makefile.in +++ b/include/Makefile.in @@ -241,7 +241,8 @@ PCPEXPORT = pcp.h \ pcp/version.h \ pcp/z85.h \ pcp/zmq_z85.h \ - pcp/ed.h + pcp/ed.h \ + pcp/base85.h nobase_include_HEADERS = $(PCPEXPORT) all: all-am diff --git a/include/pcp/key.h b/include/pcp/key.h index b02ce97..8088e6b 100644 --- a/include/pcp/key.h +++ b/include/pcp/key.h @@ -106,7 +106,6 @@ struct _pcp_pubkey_t { // the PBP public key format struct _pbp_pubkey_t { - byte sig[crypto_sign_BYTES]; byte sigpub[crypto_box_PUBLICKEYBYTES]; byte edpub[crypto_sign_PUBLICKEYBYTES]; byte pub[crypto_box_PUBLICKEYBYTES]; diff --git a/libpcp/Makefile.am b/libpcp/Makefile.am index d4bf0a0..9f68750 100644 --- a/libpcp/Makefile.am +++ b/libpcp/Makefile.am @@ -29,6 +29,7 @@ libpcp1_la_SOURCES = mac.c mem.c pad.c version.c \ z85.c zmq_z85.c key.c randomart.c \ vault.c fatal.c jenhash.c digital_crc32.c \ crypto.c ed.c keyhash.c scrypt.c \ - scrypt/crypto/sha256.c scrypt/crypto/crypto_scrypt-nosse.c + scrypt/crypto/sha256.c scrypt/crypto/crypto_scrypt-nosse.c \ + base85.c include_HEADERS = ../include/pcp.h diff --git a/libpcp/Makefile.in b/libpcp/Makefile.in index b8ca5b7..31260d8 100644 --- a/libpcp/Makefile.in +++ b/libpcp/Makefile.in @@ -102,7 +102,7 @@ libpcp1_la_LIBADD = am_libpcp1_la_OBJECTS = mac.lo mem.lo pad.lo version.lo z85.lo \ zmq_z85.lo key.lo randomart.lo vault.lo fatal.lo jenhash.lo \ digital_crc32.lo crypto.lo ed.lo keyhash.lo scrypt.lo \ - sha256.lo crypto_scrypt-nosse.lo + sha256.lo crypto_scrypt-nosse.lo base85.lo libpcp1_la_OBJECTS = $(am_libpcp1_la_OBJECTS) DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)/include/pcp depcomp = $(SHELL) $(top_srcdir)/config/depcomp @@ -276,7 +276,8 @@ libpcp1_la_SOURCES = mac.c mem.c pad.c version.c \ z85.c zmq_z85.c key.c randomart.c \ vault.c fatal.c jenhash.c digital_crc32.c \ crypto.c ed.c keyhash.c scrypt.c \ - scrypt/crypto/sha256.c scrypt/crypto/crypto_scrypt-nosse.c + scrypt/crypto/sha256.c scrypt/crypto/crypto_scrypt-nosse.c \ + base85.c include_HEADERS = ../include/pcp.h all: all-am @@ -358,6 +359,7 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/base85.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/crypto.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/crypto_scrypt-nosse.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/digital_crc32.Plo@am__quote@ diff --git a/man/pcp1.1 b/man/pcp1.1 index 6cd7a14..4902020 100644 --- a/man/pcp1.1 +++ b/man/pcp1.1 @@ -124,7 +124,7 @@ .\" ======================================================================== .\" .IX Title "PCP1 1" -.TH PCP1 1 "2014-01-28" "PCP 0.2.0" "USER CONTRIBUTED DOCUMENTATION" +.TH PCP1 1 "2014-01-30" "PCP 0.2.0" "USER CONTRIBUTED DOCUMENTATION" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff --git a/src/keymgmt.c b/src/keymgmt.c index 3a44739..aaa81a1 100644 --- a/src/keymgmt.c +++ b/src/keymgmt.c @@ -381,13 +381,26 @@ int pcp_importpublic (vault_t *vault, FILE *in, int pbpcompat) { int pnum; pbp_pubkey_t *b = ucmalloc(sizeof(pbp_pubkey_t)); pub = ucmalloc(sizeof(pcp_pubkey_t)); - - // fetch the key from the file - if(fread(b, 1, sizeof(pbp_pubkey_t), in) < sizeof(pbp_pubkey_t) - 1024) { - fatal("PBP key seems to be too small, maybe it's not a PBP key\n"); + unsigned char *buf = ucmalloc(2048); + unsigned char *bin = ucmalloc(2048); + size_t buflen; + size_t klen; + + buflen = fread(buf, 1, 2048, in); // base85 encoded + klen = (buflen / 5) * 4; + + if(decode_85(bin, (char *)buf, klen) != 0) + goto errimp1; + + if(klen < sizeof(pbp_pubkey_t) - 1024 - crypto_sign_BYTES) { + fatal("PBP key seems to be too small, maybe it's not a PBP key (got %ld, expected %ld)\n", + klen, sizeof(pbp_pubkey_t) - 1024); goto errimp1; } + // FIXME: or use first part as sig and verify + memcpy(b, &bin[crypto_sign_BYTES], klen - crypto_sign_BYTES); + // parse the date date = ucmalloc(19); memcpy(date, b->iso_ctime, 18); @@ -395,7 +408,7 @@ int pcp_importpublic (vault_t *vault, FILE *in, int pbpcompat) { struct tm c; if(strptime(date, "%Y-%m-%dT%H:%M:%S", &c) == NULL) { fatal("Failed to parse creation time in PBP public key file (<%s>)\n", date); - goto errimp1; + goto errimp2; } // parse the name @@ -422,12 +435,18 @@ int pcp_importpublic (vault_t *vault, FILE *in, int pbpcompat) { free(b); free(date); + free(buf); + free(bin); goto kimp; + errimp2: + free(bin); + errimp1: free(date); free(pub); free(b); + free(buf); return 1; } else { diff --git a/src/keyprint.c b/src/keyprint.c index a8c3c7d..5c7a2b3 100644 --- a/src/keyprint.c +++ b/src/keyprint.c @@ -226,39 +226,29 @@ void pcppubkey_print(pcp_pubkey_t *key, FILE* out, int pbpcompat) { // >>> dates='{:<32}{:<32}'.format(c.isoformat(), c.isoformat()) // >>> dates // '2014-01-28T13:30:32.674394 2014-01-28T13:30:32.674394 ' - size_t namelen = strlen(key->owner) + 3 + strlen(key->mail); - size_t rawsize = (crypto_box_PUBLICKEYBYTES * 2) + crypto_sign_PUBLICKEYBYTES +\ - 64 + namelen; - size_t pos = 0; - unsigned char *raw = ucmalloc(rawsize); - char *dates = ucmalloc(65); - char *name = ucmalloc(strlen(key->owner) + 3 + strlen(key->mail)); - - memcpy(raw, key->pub, crypto_box_PUBLICKEYBYTES); - pos += crypto_box_PUBLICKEYBYTES; - - memcpy(&raw[pos], key->edpub, crypto_sign_PUBLICKEYBYTES); - pos += crypto_sign_PUBLICKEYBYTES; - - memcpy(&raw[pos], key->pub, crypto_box_PUBLICKEYBYTES); - pos += crypto_box_PUBLICKEYBYTES; + size_t namelen = strlen(key->owner) + 2 + strlen(key->mail); + pbp_pubkey_t *b = ucmalloc(sizeof(pbp_pubkey_t)); + memcpy(b->pub, key->pub, crypto_box_PUBLICKEYBYTES); + memcpy(b->edpub, key->edpub, crypto_sign_PUBLICKEYBYTES); + memcpy(b->sigpub, key->pub, crypto_box_PUBLICKEYBYTES); + sprintf(b->name, "%s<%s>", key->owner, key->mail); struct tm *v; time_t vt = t + 31536000; v = localtime(&vt); - sprintf(dates, "%04d-%02d-%02dT%02d:%02d:%02d %04d-%02d-%02dT%02d:%02d:%02d ", + char *date = ucmalloc(65); + + sprintf(date, "%04d-%02d-%02dT%02d:%02d:%02d %04d-%02d-%02dT%02d:%02d:%02d ", c->tm_year+1900-1, c->tm_mon+1, c->tm_mday, // wtf? why -1? c->tm_hour, c->tm_min, c->tm_sec, v->tm_year+1900-1, v->tm_mon+1, v->tm_mday, v->tm_hour, v->tm_min, v->tm_sec); - sprintf(name, "%s<%s>", key->owner, key->mail); + memcpy(b->iso_ctime, date, 32); + memcpy(b->iso_expire, &date[32], 32); - memcpy(&raw[pos], dates, 64); - pos += 64; - - memcpy(&raw[pos], name, namelen); + size_t pbplen = sizeof(pbp_pubkey_t) - (1024 - namelen); pcp_key_t *secret = NULL; secret = pcp_find_primary_secret(); @@ -273,10 +263,16 @@ void pcppubkey_print(pcp_pubkey_t *key, FILE* out, int pbpcompat) { secret = pcpkey_decrypt(secret, passphrase); if(secret != NULL) { - size_t siglen = rawsize + crypto_sign_BYTES; - unsigned char *sig = pcp_ed_sign(raw, rawsize, secret); - if(sig != NULL) - fwrite(sig, 1, siglen, out); + unsigned char *sig = pcp_ed_sign((unsigned char*)b, pbplen, secret); + if(sig != NULL) { + size_t siglen = pbplen + crypto_sign_BYTES; + size_t blen = ((siglen / 4) * 5) + siglen + 1; + char *b85sig = ucmalloc(blen); + encode_85(b85sig, sig, siglen); + fprintf(out, "%s", b85sig); + free(b85sig); + free(sig); + } } } } diff --git a/src/keyprint.h b/src/keyprint.h index 9e76a7e..22f1de2 100644 --- a/src/keyprint.h +++ b/src/keyprint.h @@ -29,6 +29,7 @@ #include "pcp.h" #include "keymgmt.h" #include "keyhash.h" +#include "base85.h" void pcp_dumpkey(pcp_key_t *k); void pcp_dumppubkey(pcp_pubkey_t *k);