From b640fe6743e6d95818c367d52646f0e1a4b76648 Mon Sep 17 00:00:00 2001 From: TLINDEN Date: Sun, 2 Mar 2014 18:05:45 +0100 Subject: [PATCH] fixed keysig saving (forgot the id), enhancements on cmdline --- ChangeLog | 10 ++++++++++ TODO | 6 +++--- include/pcp.h | 1 + include/pcp/defines.h | 3 +++ include/pcp/keysig.h | 2 +- include/pcp/z85.h | 2 ++ libpcp/fatal.c | 1 + libpcp/keyhash.c | 2 +- libpcp/keysig.c | 4 +++- libpcp/mgmt.c | 4 ++-- libpcp/z85.c | 1 - man/details.pod | 22 ++++++++++++---------- man/pcp1.pod | 22 ++++++++++++---------- tests/Makefile.am | 9 +++++---- tests/streamtest.c | 34 ++-------------------------------- tests/unittests.cfg | 30 ++++++++++++++++++++++++++---- 16 files changed, 84 insertions(+), 69 deletions(-) diff --git a/ChangeLog b/ChangeLog index 24d5f8d..7810ae5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -81,6 +81,16 @@ changes. It's like a drug boosting the brain. Love U, man! + Enhanded --edit-key a little, it's now possible to + make a secret the primary one. + + Added new option -v (the previous -v has moved to + --version only) for verbose. Currently only supported + by --list-keys. In this mode more details will be + printed. Also added a couple of alias options for + existing ones (e.g. -a for armor which is an alias + for -z). + 0.2.0 ED25519 and Curve25519 keys are now generated separately (previously they were generated from one random seed, the curve had been derived from diff --git a/TODO b/TODO index 64845d4..d166f19 100644 --- a/TODO +++ b/TODO @@ -16,14 +16,14 @@ enable formats for secret key exports as well Add newlines to headers in define.h, so strlen() later catches the whole length. -Z85 Stream encode: add newline after last. - Check is_utf8 license. also found in https://gd.meizo.com/_files/lpc/ext/utf8.c Vault checksum with global vault -Symmetric crypt mode tries to open vault +Symmetric decrypt mode tries to open vault + +pcp_find_primary_secret() makes a copy ??? Python binding, e.g.: py % cdll.LoadLibrary("libsodium.so.8") diff --git a/include/pcp.h b/include/pcp.h index 8b16eae..fb0d6c6 100644 --- a/include/pcp.h +++ b/include/pcp.h @@ -8,6 +8,7 @@ extern "C" { #include "pcp/config.h" #include "pcp/base85.h" #include "pcp/buffer.h" +#include "pcp/config.h" #include "pcp/crypto.h" #include "pcp/defines.h" #include "pcp/digital_crc32.h" diff --git a/include/pcp/defines.h b/include/pcp/defines.h index deea5e4..406e4f9 100644 --- a/include/pcp/defines.h +++ b/include/pcp/defines.h @@ -196,6 +196,9 @@ void fatals_reset(); */ void fatals_done(); +extern int PCPVERBOSE; + + #endif /* _DEFINES_H */ /**@}*/ diff --git a/include/pcp/keysig.h b/include/pcp/keysig.h index 525c6b9..973dc3d 100644 --- a/include/pcp/keysig.h +++ b/include/pcp/keysig.h @@ -38,7 +38,7 @@ struct _pcp_keysig_t { uint8_t type; uint32_t size; - char belongs[17]; + char id[17]; byte checksum[32]; byte *blob; UT_hash_handle hh; diff --git a/include/pcp/z85.h b/include/pcp/z85.h index 3dba20f..a9d627f 100644 --- a/include/pcp/z85.h +++ b/include/pcp/z85.h @@ -89,6 +89,8 @@ byte *pcp_z85_decode(char *z85block, size_t *dstlen); /** Encode data to Z85 encoding. Beside Z85 encoding it also adds a newline everiy 72 characters. + It allocates the memory for the returned char pointer. The caller + is responsible the free() it. \param[in] raw Pointer to raw data. \param[in] srclen Size of the data. diff --git a/libpcp/fatal.c b/libpcp/fatal.c index 4f6b5e5..8c84275 100644 --- a/libpcp/fatal.c +++ b/libpcp/fatal.c @@ -32,6 +32,7 @@ char *PCP_ERR; byte PCP_ERRSET; int PCP_EXIT; +int PCPVERBOSE; void fatal(const char * fmt, ...) { va_list ap; diff --git a/libpcp/keyhash.c b/libpcp/keyhash.c index e1fa74f..d3b8071 100644 --- a/libpcp/keyhash.c +++ b/libpcp/keyhash.c @@ -105,7 +105,7 @@ void pcphash_add(void *key, int type) { } else if(type == PCP_KEYSIG_NATIVE || type == PCP_KEYSIG_PBP) { pcp_keysig_t *keysig = (pcp_keysig_t *)key; - HASH_ADD_STR( pcpkeysig_hash, belongs, keysig); + HASH_ADD_STR( pcpkeysig_hash, id, keysig); } else { pcp_key_t *k = (pcp_key_t *)key; diff --git a/libpcp/keysig.c b/libpcp/keysig.c index 6f4afea..ab4104d 100644 --- a/libpcp/keysig.c +++ b/libpcp/keysig.c @@ -48,7 +48,7 @@ Buffer *pcp_keysig2blob(pcp_keysig_t *s) { Buffer *b = buffer_new(256, "keysig2blob"); buffer_add8(b, s->type); buffer_add32be(b, s->size); - buffer_add(b, s->belongs, 17); + buffer_add(b, s->id, 17); buffer_add(b, s->checksum, 32); buffer_add(b, s->blob, s->size); return b; @@ -60,6 +60,8 @@ pcp_keysig_t *pcp_keysig_new(Buffer *blob) { uint8_t type = buffer_get8(blob); uint32_t size = buffer_get32na(blob); + buffer_get_chunk(blob, sk->id, 17); + byte *checksum = ucmalloc(32); buffer_get_chunk(blob, checksum, 32); diff --git a/libpcp/mgmt.c b/libpcp/mgmt.c index d9c7257..15a5cd4 100644 --- a/libpcp/mgmt.c +++ b/libpcp/mgmt.c @@ -120,7 +120,7 @@ int _check_hash_keysig(Buffer *blob, pcp_pubkey_t *p, pcp_keysig_t *sk) { /* everything minus version, ctime and cipher, 1st 3 fields */ sk->size = blobstop - 6; - memcpy(sk->belongs, p->id, 17); + memcpy(sk->id, p->id, 17); /* put the whole signature blob into our keysig */ blob->offset = 6; /* woah, hack :) */ @@ -359,7 +359,7 @@ pcp_ks_bundle_t *pcp_import_pub_pbp(Buffer *blob) { pcp_keysig_t *sk = ucmalloc(sizeof(pcp_keysig_t)); sk->type = PCP_KEYSIG_PBP; sk->size = buffer_size(blob); - memcpy(sk->belongs, pub->id, 17); + memcpy(sk->id, pub->id, 17); sk->blob = ucmalloc(sk->size); memcpy(sk->blob, buffer_get(blob), sk->size); crypto_hash_sha256(sk->checksum, sk->blob, sk->size); diff --git a/libpcp/z85.c b/libpcp/z85.c index df9a67e..2c72849 100644 --- a/libpcp/z85.c +++ b/libpcp/z85.c @@ -123,7 +123,6 @@ size_t _buffer_is_binary(byte *buf, size_t len) { memset(wide, 0, 4); continue; } - break; /* if we reach this, then it's binary and not utf8, stop checking */ } } diff --git a/man/details.pod b/man/details.pod index 58f19cc..683c786 100644 --- a/man/details.pod +++ b/man/details.pod @@ -554,20 +554,22 @@ secret signing key and S the symmetric key. =head2 Z85 ENCODING -B uses Z85 to encode exported keys and armored signatures. -Comments in encoded files are surrounded by the tilde character. -We're using the tilde because it's not part of the Z85 base -charset. Sample: +B uses Z85 to encode binary data (if requested with -z) such +as encrypted data, exported keys or armored signatures. - ~~~ Header ~~~ - ~ Version: 1 ~ +Encoded data are always enclosed by a header and a footer and may have any number +of comments. Example: + + ----- PCP ENCRYPTED FILE ----- + Version: PCP 0.2.1 246ge]+yn={}]Xi3*N3Xx34Y^0rz:r.5j v#6Sh/m3XKwy?VlA+h8ks]9:kVj{D[fd7]NA]T-(ne+xo!W5X5-gIUWqM - ~~~ Footer ~~~ + ----- END PCP ENCRYPTED FILE ----- -Multiple tildes can be used as long as their number is uneven. - -This is a proprietary PCP extension. +However, the parser tries to be as tolerant as possible. It also accepts +Z85 encoded data without headers or without newlines, empty lines or lines +containing a space are ignored as are comments. Empty comments are not +allowed. =head3 Z85 BACKGROUND diff --git a/man/pcp1.pod b/man/pcp1.pod index 30e68c2..9461110 100644 --- a/man/pcp1.pod +++ b/man/pcp1.pod @@ -802,20 +802,22 @@ secret signing key and S the symmetric key. =head2 Z85 ENCODING -B uses Z85 to encode exported keys and armored signatures. -Comments in encoded files are surrounded by the tilde character. -We're using the tilde because it's not part of the Z85 base -charset. Sample: +B uses Z85 to encode binary data (if requested with -z) such +as encrypted data, exported keys or armored signatures. - ~~~ Header ~~~ - ~ Version: 1 ~ +Encoded data are always enclosed by a header and a footer and may have any number +of comments. Example: + + ----- PCP ENCRYPTED FILE ----- + Version: PCP 0.2.1 246ge]+yn={}]Xi3*N3Xx34Y^0rz:r.5j v#6Sh/m3XKwy?VlA+h8ks]9:kVj{D[fd7]NA]T-(ne+xo!W5X5-gIUWqM - ~~~ Footer ~~~ + ----- END PCP ENCRYPTED FILE ----- -Multiple tildes can be used as long as their number is uneven. - -This is a proprietary PCP extension. +However, the parser tries to be as tolerant as possible. It also accepts +Z85 encoded data without headers or without newlines, empty lines or lines +containing a space are ignored as are comments. Empty comments are not +allowed. =head3 Z85 BACKGROUND diff --git a/tests/Makefile.am b/tests/Makefile.am index e6afd77..57bceee 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -20,7 +20,8 @@ # AM_CFLAGS = -I../include/pcp -I../src -I../libpcp/scrypt/crypto -Wall -g -check_PROGRAMS = col invalidkeys pwhashes gencheader statictest cpptest buffertest sample streamtest pipetest +check_PROGRAMS = col invalidkeys gencheader statictest cpptest \ + buffertest sample streamtest pipetest decodertest gencheader_LDADD = ../libpcp/.libs/libpcp1.a gencheader_SOURCES = gencheader.c @@ -40,6 +41,9 @@ streamtest_SOURCES = streamtest.c pipetest_LDADD = ../libpcp/.libs/libpcp1.a pipetest_SOURCES = pipetest.c +decodertest_LDADD = ../libpcp/.libs/libpcp1.a +decodertest_SOURCES = decodertest.c + col_LDADD = ../libpcp/.libs/libpcp1.a col_SOURCES = collisions.c ../src/compat_getopt.c @@ -47,9 +51,6 @@ invalidkeys_LDADD = ../libpcp/.libs/libpcp1.a \ ../src/keyprint.o ../src/keymgmt.o ../src/readpass.o invalidkeys_SOURCES = invalidkeys.c -pwhashes_LDADD = ../libpcp/.libs/libpcp1.a -pwhashes_SOURCES = pwhashes.c - AM_CXXFLAGS = -I../include -I../bindings/cpp -I../libpcp/scrypt/crypto -Wall -g cpptest_LDADD = ../bindings/cpp/.libs/libpcp1++.a ../libpcp/.libs/libpcp1.a cpptest_SOURCES = cpptest.cpp diff --git a/tests/streamtest.c b/tests/streamtest.c index 2e47f0a..e37f68a 100644 --- a/tests/streamtest.c +++ b/tests/streamtest.c @@ -4,36 +4,9 @@ #include -int linetest() { - FILE *in; - - if((in = fopen("x", "rb")) == NULL) { - fprintf(stderr, "oops, could not open file!\n"); - return 1; - } - - Pcpstream *pin = ps_new_file(in); - ps_setdetermine(pin, 8); - size_t got; - byte data[9] = {0}; - while(!ps_end(pin)) { - if((got = ps_read(pin, data, 8)) > 0) { - fprintf(stderr, "######## <"); - fwrite(data, 1, got, stderr); - fprintf(stderr, "> ##### %ld\n", got); - } - else break; - } - - ps_close(pin); - return 0; -} int main() { /* create a file with "encrypted" data */ - - return linetest(); - FILE *out, *in; unsigned char clear[8] = "ABCDEFGH"; unsigned char key[8] = "IxD8Lq1K"; @@ -49,14 +22,13 @@ int main() { /* out output stream, z85 encoded, use z85 blocksize 8 */ Pcpstream *pout = ps_new_file(out); - ps_print(pout, "~~~~~ BEGIN ~~~~~\r\n"); + ps_print(pout, "----- BEGIN -----\r\n"); ps_armor(pout, blocksize); /* "encrypt" a couple of times into the output stream */ for(i=0; iarmor = 0; - ps_print(pout, "\r\n~~~~~ END ~~~~~\r\n"); + ps_print(pout, "\r\n----- END -----\r\n"); ps_close(pout); fclose(out); @@ -86,7 +58,6 @@ int main() { for(i=0; i + + + cmd = ./decodertest 1 + expect = /ok/ + + + + cmd = ./decodertest 2 + expect = /ok/ + + + + cmd = ./decodertest 3 + expect = /ok/ + + + + cmd = ./decodertest 4 + expect = /ok/ + + + + cmd = ./decodertest 5 + expect = /ok/ + + cmd = $pcp -h @@ -491,10 +517,6 @@ temporarily disabled expect = /contain any keys so far./ - - cmd = ./pwhashes - expect = /ok/ -