scip/pcp
1
0
Fork 0
mirror of https://codeberg.org/scip/pcp.git synced 2025-12-17 12:00:56 +01:00
Code Issues Packages Projects Releases Wiki Activity

removed support to store unencrypted secret key

Browse Source
This commit is contained in:
git@daemon.de
2015-08-19 20:53:46 +02:00
parent a9d4ef6ff3
commit da70c4479e
8 changed files with 83 additions and 125 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@@ -14,6 +14,10 @@ NEXT
Added check for weak passphrases using entropy Added check for weak passphrases using entropy
test. Used with -k. test. Used with -k.
Removed support for unencrypted secret key storage
so, pcp aims to be secure by default and fails
safely.
0.3.0 0.3.0
Changed publuc key signature storage, previously Changed publuc key signature storage, previously
I didn't add the actual signature, therefore a I didn't add the actual signature, therefore a

12
libpcp/readpass.c
View File

@@ -24,6 +24,9 @@
* SUCH DAMAGE. * SUCH DAMAGE.
*/ */
/*
* Modifications (c) 2013 - 2015 by T.v.Dein, same license as this file.
*/
#include "readpass.h" #include "readpass.h"
@@ -101,6 +104,8 @@ retry:
goto err2; goto err2;
} }
/* Confirm the password if necessary. */ /* Confirm the password if necessary. */
if (confirmprompt != NULL) { if (confirmprompt != NULL) {
if (usingtty) if (usingtty)
@@ -119,6 +124,13 @@ retry:
/* Terminate the string at the first "\r" or "\n" (if any). */ /* Terminate the string at the first "\r" or "\n" (if any). */
passbuf[strcspn(passbuf, "\r\n")] = '\0'; passbuf[strcspn(passbuf, "\r\n")] = '\0';
/* enforce no empty passwords */
if (strnlen(passbuf, MAXPASSLEN) == 0) {
fprintf(stderr,
"Empty password not allowed, please try again\n");
goto retry;
}
/* If we changed terminal settings, reset them. */ /* If we changed terminal settings, reset them. */
if (usingtty) if (usingtty)
tcsetattr(fileno(readfrom), TCSANOW, &term_old); tcsetattr(fileno(readfrom), TCSANOW, &term_old);

4
man/options.pod
View File

@@ -38,9 +38,7 @@
been specified, don't store the generated been specified, don't store the generated
key to the vault but export it to the key to the vault but export it to the
file instead. You will be asked for file instead. You will be asked for
an owner, mail and a passphrase. If you an owner, mail and a passphrase.
leave the passphrase empty, the key will
be stored unencrypted.
-l --listkeys List all keys currently stored in your -l --listkeys List all keys currently stored in your
vault. Only the key id's and some info vault. Only the key id's and some info
about the keys will be printed, not the about the keys will be printed, not the

68
src/encryption.c
View File

@@ -95,29 +95,27 @@ int pcpdecrypt(char *id, int useid, char *infile, char *outfile, char *passwd, i
goto errde3; goto errde3;
} }
} }
if(secret->secret[0] == 0) {
/* encrypted, decrypt it */
char *passphrase;
if(passwd == NULL) {
pcp_readpass(ptx, &passphrase,
"Enter passphrase to decrypt your secret key", NULL, 1, NULL);
}
else {
passphrase = smalloc(strlen(passwd)+1);
memcpy(passphrase, passwd, strlen(passwd)+1);
}
secret = pcpkey_decrypt(ptx, secret, passphrase); char *passphrase;
sfree(passphrase); if(passwd == NULL) {
if(secret == NULL) pcp_readpass(ptx, &passphrase,
goto errde3; "Enter passphrase to decrypt your secret key", NULL, 1, NULL);
if(head == PCP_ASYM_CIPHER_ANON)
anon = 1;
if(head == PCP_ASYM_CIPHER_SIG)
verify = 1;
} }
else {
passphrase = smalloc(strlen(passwd)+1);
memcpy(passphrase, passwd, strlen(passwd)+1);
}
secret = pcpkey_decrypt(ptx, secret, passphrase);
sfree(passphrase);
if(secret == NULL)
goto errde3;
if(head == PCP_ASYM_CIPHER_ANON)
anon = 1;
if(head == PCP_ASYM_CIPHER_SIG)
verify = 1;
} }
else { else {
fatal(ptx, "Could not determine input file type (got: %02x)\n", head); fatal(ptx, "Could not determine input file type (got: %02x)\n", head);
@@ -264,22 +262,20 @@ int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, plist_t *rec
goto erren2; goto erren2;
} }
if(secret->secret[0] == 0) { char *passphrase;
/* encrypted, decrypt it */ if(passwd == NULL) {
char *passphrase; pcp_readpass(ptx, &passphrase,
if(passwd == NULL) { "Enter passphrase to decrypt your secret key", NULL, 1, NULL);
pcp_readpass(ptx, &passphrase,
"Enter passphrase to decrypt your secret key", NULL, 1, NULL);
}
else {
passphrase = smalloc(strlen(passwd)+1);
memcpy(passphrase, passwd, strlen(passwd)+1);
}
secret = pcpkey_decrypt(ptx, secret, passphrase);
sfree(passphrase);
if(secret == NULL)
goto erren2;
} }
else {
passphrase = smalloc(strlen(passwd)+1);
memcpy(passphrase, passwd, strlen(passwd)+1);
}
secret = pcpkey_decrypt(ptx, secret, passphrase);
sfree(passphrase);
if(secret == NULL)
goto erren2;
} }
} }

43
src/keymgmt.c
View File

@@ -1,7 +1,7 @@
/* /*
This file is part of Pretty Curved Privacy (pcp1). This file is part of Pretty Curved Privacy (pcp1).
Copyright (C) 2013-2015 T.Linden. Copyright (C) 2013-2015 T.v.Dein.
This program is free software: you can redistribute it and/or modify This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@@ -97,14 +97,10 @@ void pcp_keygen(char *passwd) {
key = pcpkey_encrypt(ptx, k, passphrase); key = pcpkey_encrypt(ptx, k, passphrase);
} }
else { else {
char *yes = pcp_getstdin("WARNING: secret key will be stored unencrypted. Are you sure [yes|NO]?"); /* No unencrypted secret key allowed anymore [19.08.2015, tom] */
if(strncmp(yes, "yes", 1024) == 0) memset(k, 0, sizeof(pcp_key_t));
key = k; free(k);
else { goto errkg1;
memset(key, 0, sizeof(pcp_key_t));
free(key);
goto errkg1;
}
} }
if(key != NULL) { if(key != NULL) {
@@ -239,24 +235,21 @@ void pcp_exportsecret(char *keyid, int useid, char *outfile, int armor, char *pa
if(debug) if(debug)
pcp_dumpkey(key); pcp_dumpkey(key);
if(key->secret[0] == 0) { if(passwd == NULL) {
/* decrypt the secret key */ char *passphrase;
if(passwd == NULL) { pcp_readpass(ptx, &passphrase,
char *passphrase; "Enter passphrase to decrypt your secret key", NULL, 1, NULL);
pcp_readpass(ptx, &passphrase, key = pcpkey_decrypt(ptx, key, passphrase);
"Enter passphrase to decrypt your secret key", NULL, 1, NULL); if(key == NULL) {
key = pcpkey_decrypt(ptx, key, passphrase);
if(key == NULL) {
sfree(passphrase);
goto errexpse1;
}
sfree(passphrase); sfree(passphrase);
goto errexpse1;
} }
else { sfree(passphrase);
key = pcpkey_decrypt(ptx, key, passwd); }
if(key == NULL) { else {
goto errexpse1; key = pcpkey_decrypt(ptx, key, passwd);
} if(key == NULL) {
goto errexpse1;
} }
} }

2
src/pcp.c
View File

@@ -270,8 +270,6 @@ int main (int argc, char **argv) {
case 'x': case 'x':
xpass = smalloc(strlen(optarg)+1); xpass = smalloc(strlen(optarg)+1);
strncpy(xpass, optarg, strlen(optarg)+1); strncpy(xpass, optarg, strlen(optarg)+1);
if(strncmp(xpass, "n/a", 3) == 0)
xpass[0] = '\0';
break; break;
case LONG_EXTPASS: case LONG_EXTPASS:
askpass = malloc(strlen(optarg)+1); askpass = malloc(strlen(optarg)+1);

29
src/signature.c
View File

@@ -54,23 +54,20 @@ int pcpsign(char *infile, char *outfile, char *passwd, int z85, int detach) {
} }
} }
if(secret->secret[0] == 0) { char *passphrase;
/* encrypted, decrypt it */ if(passwd == NULL) {
char *passphrase; pcp_readpass(ptx, &passphrase,
if(passwd == NULL) { "Enter passphrase to decrypt your secret key", NULL, 1, NULL);
pcp_readpass(ptx, &passphrase,
"Enter passphrase to decrypt your secret key", NULL, 1, NULL);
}
else {
passphrase = smalloc(strlen(passwd)+1);
memcpy(passphrase, passwd, strlen(passwd)+1);
}
secret = pcpkey_decrypt(ptx, secret, passphrase);
sfree(passphrase);
if(secret == NULL)
goto errs1;
} }
else {
passphrase = smalloc(strlen(passwd)+1);
memcpy(passphrase, passwd, strlen(passwd)+1);
}
secret = pcpkey_decrypt(ptx, secret, passphrase);
sfree(passphrase);
if(secret == NULL)
goto errs1;
Pcpstream *pin = ps_new_file(in); Pcpstream *pin = ps_new_file(in);
Pcpstream *pout = ps_new_file(out); Pcpstream *pout = ps_new_file(out);

46
tests/unittests.cfg
View File

@@ -2,7 +2,7 @@
# #
# This file is part of Pretty Curved Privacy (pcp1). # This file is part of Pretty Curved Privacy (pcp1).
# #
# Copyright (C) 2013 T.Linden. # Copyright (C) 2013-2015 T.v.Dein.
# #
# This program is free software: you can redistribute it and/or modify # This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by # it under the terms of the GNU General Public License as published by
@@ -259,55 +259,15 @@ temporarily disabled
# #
# symetric encryption test # symetric encryption test
# FIXME: we currently use -V ve, but this one has to work without a vault
<test check-sym-encrypt> <test check-sym-encrypt>
cmd = echo HELLOWORLD | $pcp -V ve -e -O testsymencrypted -x a cmd = echo HELLOWORLD | $pcp -e -O testsymencrypted -x a
expect = /symetrically/ expect = /symetrically/
</test> </test>
<test check-sym-decrypt> <test check-sym-decrypt>
cmd = $pcp -V ve -d -I testsymencrypted -x a cmd = $pcp -d -I testsymencrypted -x a
expect = /HELLO/ expect = /HELLO/
</test> </test>
#
# check usage of unencrypted secret key
<test vcl>
prepare = rm -f vb2 vcl
<test check-vcl-crypto-unencrypted-secret>
cmd = (echo dau; echo foo; echo yes) | $pcp -V vcl -k -x "n/a"
expect = /added to/
</test>
<test check-vcl-prepare-import-bpub>
cmd = $pcp -V vcl -I key-bobby-pub -K
expect = /added/
</test>
<test check-vcl-export-unencrypted-pubkey>
cmd = $pcp -V vcl -p -O testkeyvcl
expect = /exported/
</test>
<test check-vcl-import-bsecret>
cmd = $pcp -V vb2 -K -I key-bobby-sec -x b
expect = /${idbobby}/
</test>
<test check-vcl-import-unencrypted-pubkey>
cmd = $pcp -V vb2 -K -I testkeyvcl
expect = /added/
</test>
<test check-vcl-crypto-unencrypted-secret-message>
cmd = echo HALLO | $pcp -V vcl -e -O testencrypted -i ${idbobby}
expect = /Bobby/
</test>
<test check-vcl-crypto-unencrypted-secret-read>
cmd = $pcp -V vb2 -d -I testencrypted -x b
expect = /HALLO/
</test>
</test>
# #
# signature tests # signature tests