fixed keysig saving (forgot the id), enhancements on cmdline

ChangeLog

@@ -81,6 +81,16 @@
 	changes. It's like a drug boosting the brain. Love
 	U, man!
 
+	Enhanded --edit-key a little, it's now possible to
+	make a secret the primary one.
+
+	Added new option -v (the previous -v has moved to
+	--version only) for verbose. Currently only supported
+	by --list-keys. In this mode more details will be
+	printed. Also added a couple of alias options for
+	existing ones (e.g. -a for armor which is an alias
+	for -z).
+	
 0.2.0	ED25519 and Curve25519 keys are now generated
 	separately (previously they were generated from
 	one random seed, the curve had been derived from

TODO

@@ -16,14 +16,14 @@ enable formats for secret key exports as well
 
 Add newlines to headers in define.h, so strlen() later catches the whole length.
 
-Z85 Stream encode: add newline after last.
-
 Check is_utf8 license.
   also found in https://gd.meizo.com/_files/lpc/ext/utf8.c
 
 Vault checksum with global vault
 
-Symmetric crypt mode tries to open vault
+Symmetric decrypt mode tries to open vault
+
+pcp_find_primary_secret() makes a copy ???
 
 Python binding, e.g.:
 py % cdll.LoadLibrary("libsodium.so.8")

include/pcp.h

@@ -8,6 +8,7 @@ extern "C" {
 #include "pcp/config.h"
 #include "pcp/base85.h"
 #include "pcp/buffer.h"
+#include "pcp/config.h"
 #include "pcp/crypto.h"
 #include "pcp/defines.h"
 #include "pcp/digital_crc32.h"

include/pcp/defines.h

@@ -196,6 +196,9 @@ void fatals_reset();
  */
 void fatals_done();
 
+extern int PCPVERBOSE;
+
+
 #endif /*  _DEFINES_H */
 
 /**@}*/

include/pcp/keysig.h

@@ -38,7 +38,7 @@
 struct _pcp_keysig_t {
   uint8_t type;
   uint32_t size;
-  char belongs[17];
+  char id[17];
   byte checksum[32];
   byte *blob;
   UT_hash_handle hh;

include/pcp/z85.h

@@ -89,6 +89,8 @@ byte *pcp_z85_decode(char *z85block, size_t *dstlen);
 /** Encode data to Z85 encoding.
 
     Beside Z85 encoding it also adds a newline everiy 72 characters.
+    It allocates the memory for the returned char pointer. The caller
+    is responsible the free() it.
 
     \param[in] raw Pointer to raw data.
     \param[in] srclen Size of the data.

libpcp/fatal.c

@@ -32,6 +32,7 @@
 char *PCP_ERR;
 byte PCP_ERRSET;
 int PCP_EXIT;
+int PCPVERBOSE;
 
 void fatal(const char * fmt, ...) {
   va_list ap;

libpcp/keyhash.c

@@ -105,7 +105,7 @@ void pcphash_add(void *key, int type) {
   }
   else if(type == PCP_KEYSIG_NATIVE || type == PCP_KEYSIG_PBP) {
     pcp_keysig_t *keysig = (pcp_keysig_t *)key;
-    HASH_ADD_STR( pcpkeysig_hash, belongs, keysig);
+    HASH_ADD_STR( pcpkeysig_hash, id, keysig);
   }
   else {
     pcp_key_t *k = (pcp_key_t *)key;    

libpcp/keysig.c

@@ -48,7 +48,7 @@ Buffer *pcp_keysig2blob(pcp_keysig_t *s) {
   Buffer *b = buffer_new(256, "keysig2blob");
   buffer_add8(b, s->type);
   buffer_add32be(b, s->size);
-  buffer_add(b, s->belongs, 17);
+  buffer_add(b, s->id, 17);
   buffer_add(b, s->checksum, 32);
   buffer_add(b, s->blob, s->size);
   return b;
@@ -60,6 +60,8 @@ pcp_keysig_t *pcp_keysig_new(Buffer *blob) {
   uint8_t type = buffer_get8(blob);
   uint32_t size = buffer_get32na(blob);
   
+  buffer_get_chunk(blob, sk->id, 17);
+
   byte *checksum = ucmalloc(32);
   buffer_get_chunk(blob, checksum, 32);
   

libpcp/mgmt.c

@@ -120,7 +120,7 @@ int _check_hash_keysig(Buffer *blob, pcp_pubkey_t *p, pcp_keysig_t *sk) {
   
   /* everything minus version, ctime and cipher, 1st 3 fields */
   sk->size = blobstop - 6;
-  memcpy(sk->belongs, p->id, 17);
+  memcpy(sk->id, p->id, 17);
 
   /* put the whole signature blob into our keysig */
   blob->offset = 6; /* woah, hack :) */
@@ -359,7 +359,7 @@ pcp_ks_bundle_t *pcp_import_pub_pbp(Buffer *blob) {
     pcp_keysig_t *sk = ucmalloc(sizeof(pcp_keysig_t));
     sk->type = PCP_KEYSIG_PBP;
     sk->size = buffer_size(blob);
-    memcpy(sk->belongs, pub->id, 17);
+    memcpy(sk->id, pub->id, 17);
     sk->blob = ucmalloc(sk->size);
     memcpy(sk->blob, buffer_get(blob), sk->size);
     crypto_hash_sha256(sk->checksum, sk->blob, sk->size);

libpcp/z85.c

@@ -123,7 +123,6 @@ size_t _buffer_is_binary(byte *buf, size_t len) {
 	memset(wide, 0, 4);
 	continue;
       }
-
       break; /* if we reach this, then it's binary and not utf8, stop checking */
     }
   }

man/details.pod

@@ -554,20 +554,22 @@ secret signing key and S the symmetric key.
 
 =head2 Z85 ENCODING
 
-B<pcp1> uses Z85 to encode exported keys and armored signatures.
-Comments in encoded files are surrounded by the tilde character.
-We're using the tilde because it's not part of the Z85 base
-charset. Sample:
+B<pcp1> uses Z85 to encode binary data (if requested with -z) such
+as encrypted data, exported keys or armored signatures.
 
- ~~~ Header ~~~
- ~ Version: 1 ~
+Encoded data are always enclosed by a header and a footer and may have any number
+of comments. Example:
+
+ ----- PCP ENCRYPTED FILE -----
+ Version: PCP 0.2.1
  246ge]+yn={<I&&Z%(pm[09lc5[dx4TZALi/6cjVe)Kx5S}7>}]Xi3*N3Xx34Y^0rz:r.5j
  v#6Sh/m3XKwy?VlA+h8ks]9:kVj{D[fd7]NA]T-(ne+xo!W5X5-gIUWqM
- ~~~ Footer ~~~
+ ----- END PCP ENCRYPTED FILE -----
 
-Multiple tildes can be used as long as their number is uneven.
-
-This is a proprietary PCP extension.
+However, the parser tries to be as tolerant as possible. It also accepts
+Z85 encoded data without headers or without newlines, empty lines or lines
+containing a space are ignored as are comments. Empty comments are not
+allowed.
 
 =head3 Z85 BACKGROUND
 

man/pcp1.pod

@@ -802,20 +802,22 @@ secret signing key and S the symmetric key.
 
 =head2 Z85 ENCODING
 
-B<pcp1> uses Z85 to encode exported keys and armored signatures.
-Comments in encoded files are surrounded by the tilde character.
-We're using the tilde because it's not part of the Z85 base
-charset. Sample:
+B<pcp1> uses Z85 to encode binary data (if requested with -z) such
+as encrypted data, exported keys or armored signatures.
 
- ~~~ Header ~~~
- ~ Version: 1 ~
+Encoded data are always enclosed by a header and a footer and may have any number
+of comments. Example:
+
+ ----- PCP ENCRYPTED FILE -----
+ Version: PCP 0.2.1
  246ge]+yn={<I&&Z%(pm[09lc5[dx4TZALi/6cjVe)Kx5S}7>}]Xi3*N3Xx34Y^0rz:r.5j
  v#6Sh/m3XKwy?VlA+h8ks]9:kVj{D[fd7]NA]T-(ne+xo!W5X5-gIUWqM
- ~~~ Footer ~~~
+ ----- END PCP ENCRYPTED FILE -----
 
-Multiple tildes can be used as long as their number is uneven.
-
-This is a proprietary PCP extension.
+However, the parser tries to be as tolerant as possible. It also accepts
+Z85 encoded data without headers or without newlines, empty lines or lines
+containing a space are ignored as are comments. Empty comments are not
+allowed.
 
 =head3 Z85 BACKGROUND
 

tests/Makefile.am

@@ -20,7 +20,8 @@
 #
 
 AM_CFLAGS = -I../include/pcp -I../src -I../libpcp/scrypt/crypto -Wall -g
-check_PROGRAMS = col invalidkeys pwhashes gencheader statictest cpptest buffertest sample streamtest pipetest
+check_PROGRAMS = col invalidkeys gencheader statictest cpptest \
+		 buffertest sample streamtest pipetest decodertest
 
 gencheader_LDADD = ../libpcp/.libs/libpcp1.a
 gencheader_SOURCES = gencheader.c
@@ -40,6 +41,9 @@ streamtest_SOURCES = streamtest.c
 pipetest_LDADD = ../libpcp/.libs/libpcp1.a
 pipetest_SOURCES = pipetest.c
 
+decodertest_LDADD = ../libpcp/.libs/libpcp1.a
+decodertest_SOURCES = decodertest.c
+
 col_LDADD = ../libpcp/.libs/libpcp1.a
 col_SOURCES = collisions.c ../src/compat_getopt.c
 
@@ -47,9 +51,6 @@ invalidkeys_LDADD = ../libpcp/.libs/libpcp1.a \
 		    ../src/keyprint.o ../src/keymgmt.o ../src/readpass.o
 invalidkeys_SOURCES = invalidkeys.c
 
-pwhashes_LDADD = ../libpcp/.libs/libpcp1.a
-pwhashes_SOURCES = pwhashes.c
-
 AM_CXXFLAGS = -I../include -I../bindings/cpp -I../libpcp/scrypt/crypto -Wall -g
 cpptest_LDADD = ../bindings/cpp/.libs/libpcp1++.a ../libpcp/.libs/libpcp1.a
 cpptest_SOURCES = cpptest.cpp

tests/streamtest.c

@@ -4,36 +4,9 @@
 
 #include <pcp.h>
 
-int linetest() {
-  FILE *in;
-
-  if((in = fopen("x", "rb")) == NULL) {
-    fprintf(stderr, "oops, could not open file!\n");
-    return 1;
-  }
-
-  Pcpstream *pin = ps_new_file(in);
-  ps_setdetermine(pin, 8);
-  size_t got;
-  byte data[9] = {0};
-  while(!ps_end(pin)) {
-    if((got = ps_read(pin, data, 8)) > 0) {
-      fprintf(stderr, "######## <");
-      fwrite(data, 1, got, stderr);
-      fprintf(stderr, "> ##### %ld\n", got);
-    }
-    else break;
-  }
-
-  ps_close(pin);
-  return 0;
-}
 
 int main() {
   /* create a file with "encrypted" data */
-
-  return linetest();
-
   FILE *out, *in;
   unsigned char clear[8] = "ABCDEFGH";
   unsigned char key[8]   = "IxD8Lq1K";
@@ -49,14 +22,13 @@ int main() {
 
   /* out output stream, z85 encoded, use z85 blocksize 8 */
   Pcpstream *pout = ps_new_file(out);
-  ps_print(pout, "~~~~~ BEGIN ~~~~~\r\n");
+  ps_print(pout, "----- BEGIN -----\r\n");
   ps_armor(pout, blocksize);
 
   /* "encrypt" a couple of times into the output stream */
   for(i=0; i<blocks; i++) {
     memcpy(crypt, clear, 8);
     _xorbuf(key, crypt, 8);
-    //_dump("crypt", crypt, 8);
     ps_write(pout, crypt, 8);
   }
 
@@ -64,7 +36,7 @@ int main() {
   ps_finish(pout);
 
   pout->armor = 0;
-  ps_print(pout, "\r\n~~~~~ END ~~~~~\r\n");
+  ps_print(pout, "\r\n----- END -----\r\n");
   ps_close(pout);
   fclose(out);
 
@@ -86,7 +58,6 @@ int main() {
   for(i=0; i<blocks; i++) {
     ps_read(pin, crypt, 8);
     _xorbuf(key, crypt, 8);
-    //_dump("got", crypt, 8);
     ps_write(pclear, crypt, 8);
     memset(crypt,0,8);
   }
@@ -99,7 +70,6 @@ int main() {
   /* and verify if it's "decrypted" (re-use crypt) */
   for(i=0; i<blocks; i++) {
     buffer_get_chunk(result, crypt, 8);
-    //_dump("result", crypt, 8);
     if(memcmp(crypt, clear, 8) != 0) {
       fprintf(stderr, "Oops, block %d doesn't match\n", i);
       goto error;

tests/unittests.cfg

@@ -68,6 +68,32 @@ include keys.cfg
   </test>
 </test>
 
+<test check-z85>
+  <test check-z85-1-compliant>
+    cmd = ./decodertest 1
+    expect = /ok/
+  </test>
+
+  <test check-z85-2-compliant-no-newlines>
+    cmd = ./decodertest 2
+    expect = /ok/
+  </test>
+
+  <test check-z85-3-compliant-no-begin-header>
+    cmd = ./decodertest 3
+    expect = /ok/
+  </test>
+
+  <test check-z85-4-uncompliant-empty-comment>
+    cmd = ./decodertest 4
+    expect = /ok/
+  </test>
+
+  <test check-z85-5-uncompliant-missing-char>
+    cmd = ./decodertest 5
+    expect = /ok/
+  </test>
+</test>
 
 <test check-show-help>
   cmd    = $pcp -h
@@ -491,10 +517,6 @@ temporarily disabled
   expect = /contain any keys so far./
 </test>
 
-<test check-encryptionkeys-dont-collide>
-  cmd = ./pwhashes
-  expect = /ok/
-</test>