From e20a0683c628d1378b7cc7d7b60c94bf02dd832b Mon Sep 17 00:00:00 2001 From: TLINDEN Date: Sun, 19 Jan 2014 23:57:11 +0100 Subject: [PATCH] dropped "derived key feature", pk-encryption now uses a random keypair on the sender side, puts the public part of it into the encrypted output and drops the keypair, no more key-id will be sent over the wire, be it hashed or whatelse. --- src/encryption.c | 133 ++++++++++++++++------------------------------- src/keymgmt.c | 42 ++------------- src/pcp.c | 2 +- src/signature.c | 6 +-- src/signature.h | 2 +- 5 files changed, 51 insertions(+), 134 deletions(-) diff --git a/src/encryption.c b/src/encryption.c index 63e9939..05c1ecf 100644 --- a/src/encryption.c +++ b/src/encryption.c @@ -85,73 +85,40 @@ int pcpdecrypt(char *id, int useid, char *infile, char *outfile, char *passwd) { size_t clen; unsigned char *combined = pcp_z85_decode((char *)encoded, &clen); + clen = clen - crypto_secretbox_KEYBYTES; + if(combined == NULL) goto errde1; - unsigned char *hash = ucmalloc(crypto_hash_BYTES); - unsigned char *check = ucmalloc(crypto_hash_BYTES); - memcpy(hash, combined, crypto_hash_BYTES); + // extract the sender's public key from the cipher + pub = ucmalloc(sizeof(pcp_pubkey_t)); + memcpy(pub->pub, combined, crypto_secretbox_KEYBYTES); - pcphash_iteratepub(pub) { - crypto_hash(check, (unsigned char*)pub->id, 16); - if(memcmp(check, hash, crypto_hash_BYTES) == 0) { - // found one - break; - } - } - if(pub == NULL) { - // maybe self encryption, try secrets - pcp_key_t *s = NULL; - pcphash_iterate(s) { - crypto_hash(check, (unsigned char*)s->id, 16); - if(memcmp(check, hash, crypto_hash_BYTES) == 0) { - // matching secret - pub = pcpkey_pub_from_secret(s); - } - } - if(pub == NULL) { - fatal("Could not find a usable public key in vault %s!\n", - vault->filename); - goto errde0; - } - } if(debug) { fprintf(stderr, "Using secret key:\n"); pcpkey_printshortinfo(secret); - fprintf(stderr, "Using publickey:\n"); - pcppubkey_printshortinfo(pub); - } + fprintf(stderr, "Using public key:\n"); + pcpprint_bin(stderr, pub->pub, 32); + fprintf(stderr, "\n"); + } - unsigned char *encrypted = ucmalloc(clen - crypto_hash_BYTES); - memcpy(encrypted, &combined[crypto_hash_BYTES], clen - crypto_hash_BYTES); + unsigned char *encrypted = ucmalloc(clen); + memcpy(encrypted, &combined[crypto_secretbox_KEYBYTES], clen); size_t dlen; unsigned char *decrypted = pcp_box_decrypt(secret, pub, encrypted, - clen - crypto_hash_BYTES, &dlen); + clen, &dlen); if(decrypted == NULL) { - // try it with a derived secret from the sender id - pcp_key_t *s = pcp_derive_pcpkey(secret, pub->id); - decrypted = pcp_box_decrypt(s, pub, + // maybe self encryption? + pcp_pubkey_t *mypub = pcpkey_pub_from_secret(secret); + decrypted = pcp_box_decrypt(secret, mypub, encrypted, - clen - crypto_hash_BYTES, &dlen); - if(decrypted == NULL) { - // now try the senders key mail address - s = pcp_derive_pcpkey(secret, pub->mail); - decrypted = pcp_box_decrypt(s, pub, - encrypted, - clen - crypto_hash_BYTES, &dlen); - if(decrypted == NULL) { - // try the name - s = pcp_derive_pcpkey(secret, pub->owner); - decrypted = pcp_box_decrypt(s, pub, - encrypted, - clen - crypto_hash_BYTES, &dlen); - } - } + clen, &dlen); + free(mypub); } if(decrypted != NULL) { @@ -163,13 +130,13 @@ int pcpdecrypt(char *id, int useid, char *infile, char *outfile, char *passwd) { } free(decrypted); - fprintf(stderr, "Decrypted %d bytes from 0x%s successfully\n", - (int)dlen, pub->id); + fprintf(stderr, "Decrypted %d bytes successfully\n", + (int)dlen); } + free(encrypted); - - errde0: + free(pub); free(combined); errde1: @@ -188,15 +155,18 @@ int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, char *recipi FILE *out = NULL; pcp_pubkey_t *pub = NULL; pcp_key_t *secret = NULL; + int selfcipher = 0; // look if we've got that key HASH_FIND_STR(pcppubkey_hash, id, pub); if(pub == NULL) { + // FIXME: use recipient to lookup by name or email // self-encryption: look if its a secret one pcp_key_t *s = NULL; HASH_FIND_STR(pcpkey_hash, id, s); if(s != NULL) { pub = pcpkey_pub_from_secret(s); + selfcipher = 1; } else { fatal("Could not find a public key with id 0x%s in vault %s!\n", @@ -205,11 +175,7 @@ int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, char *recipi } } - secret = pcp_find_primary_secret(); - if(secret == NULL) { - fatal("Could not find a secret key in vault %s!\n", id, vault->filename); - goto erren2; - } + secret = pcpkey_new(); // DEPRECATED: pcp_find_primary_secret(); if(infile == NULL) in = stdin; @@ -229,28 +195,6 @@ int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, char *recipi } } - if(secret->secret[0] == 0) { - // encrypted, decrypt it - char *passphrase; - if(passwd == NULL) { - pcp_readpass(&passphrase, - "Enter passphrase to decrypt your secret key", NULL, 1); - } - else { - passphrase = ucmalloc(strlen(passwd)+1); - strncpy(passphrase, passwd, strlen(passwd)+1); - } - secret = pcpkey_decrypt(secret, passphrase); - if(secret == NULL) - goto erren2; - } - - if(recipient != NULL) { - pcp_key_t *derived = pcp_derive_pcpkey(secret, recipient); - memcpy(secret, derived, sizeof(pcp_key_t)); - free(derived); - } - if(debug) { fprintf(stderr, "Using secret key:\n"); pcp_dumpkey(secret); @@ -284,15 +228,28 @@ int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, char *recipi goto erren1; size_t zlen; - size_t clen = ciphersize + crypto_hash_BYTES; + size_t clen = ciphersize + crypto_secretbox_KEYBYTES; unsigned char *combined = ucmalloc(clen); - unsigned char *hash = ucmalloc(crypto_hash_BYTES); - crypto_hash(hash, (unsigned char*)secret->id, 16); - memcpy(combined, hash, crypto_hash_BYTES); - memcpy(&combined[crypto_hash_BYTES], cipher, clen - crypto_hash_BYTES); + + if(selfcipher == 1) { + unsigned char *fakepub = urmalloc(crypto_secretbox_KEYBYTES); + memcpy(combined, fakepub, crypto_secretbox_KEYBYTES); + free(fakepub); + } + else { + memcpy(combined, secret->pub, crypto_secretbox_KEYBYTES); + } + + if(debug) { + fprintf(stderr, "Using public key:\n"); + pcpprint_bin(stderr, combined, 32); + fprintf(stderr, "\n"); + } + + memcpy(&combined[crypto_secretbox_KEYBYTES], cipher, ciphersize); // combined consists of: - // keyid|nonce|cipher + // our-public-key|nonce|cipher char *encoded = pcp_z85_encode(combined, clen, &zlen); if(encoded == NULL) @@ -317,8 +274,6 @@ int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, char *recipi erren1: - erren2: - erren3: return 1; diff --git a/src/keymgmt.c b/src/keymgmt.c index 04e50d7..0538971 100644 --- a/src/keymgmt.c +++ b/src/keymgmt.c @@ -252,41 +252,12 @@ void pcp_exportsecretkey(pcp_key_t *key, char *outfile) { } } -pcp_key_t *pcp_getrsk(pcp_key_t *s, char *recipient, char *passwd) { - if(recipient != NULL) { - if(s->secret[0] == 0) { - // encrypted, decrypt it - char *passphrase; - if(passwd == NULL) { - pcp_readpass(&passphrase, - "Enter passphrase to decrypt your secret key", NULL, 1); - } - else { - passphrase = ucmalloc(strlen(passwd)+1); - strncpy(passphrase, passwd, strlen(passwd)+1); - } - s = pcpkey_decrypt(s, passphrase); - if(s == NULL) - goto errrsk1; - } - pcp_key_t *tmp; - tmp = pcp_derive_pcpkey(s, recipient); - return tmp; - } - - return s; - - errrsk1: - return NULL; -} /* if id given, look if it is already a public and export this, else we look for a secret key with that id. without a given - keyid we use the primary key. if we start with a secret key - and a recipient have been given, we use a derived secret key - and export the public component from that. without recipient - just export the public component of the found secret key. + keyid we use the primary key. if no keyid has been given but + a recipient instead, we try to look up the vault for a match. */ void pcp_exportpublic(char *keyid, char *recipient, char *passwd, char *outfile) { pcp_pubkey_t *key = NULL; @@ -303,9 +274,7 @@ void pcp_exportpublic(char *keyid, char *recipient, char *passwd, char *outfile) free(s); } else { - s = pcp_getrsk(s, recipient, passwd); - if(s != NULL) - key = pcpkey_pub_from_secret(s); + key = pcpkey_pub_from_secret(s); } } } @@ -318,10 +287,7 @@ void pcp_exportpublic(char *keyid, char *recipient, char *passwd, char *outfile) free(s); } else { - pcp_key_t *t = NULL; - t = pcp_getrsk(s, recipient, passwd); - if(t != NULL) - key = pcpkey_pub_from_secret(t); + key = pcpkey_pub_from_secret(s); } } diff --git a/src/pcp.c b/src/pcp.c index 72ed343..88ff60d 100644 --- a/src/pcp.c +++ b/src/pcp.c @@ -365,7 +365,7 @@ int main (int argc, char **argv) { break; case PCP_MODE_SIGN: - pcpsign(infile, outfile, recipient, xpass); + pcpsign(infile, outfile, xpass); break; case PCP_MODE_VERIFY: diff --git a/src/signature.c b/src/signature.c index f0a6d11..5398f07 100644 --- a/src/signature.c +++ b/src/signature.c @@ -23,7 +23,7 @@ #include "signature.h" #include "defines.h" -int pcpsign(char *infile, char *outfile, char *recipient, char *passwd) { +int pcpsign(char *infile, char *outfile, char *passwd) { FILE *in = NULL; FILE *out = NULL; pcp_key_t *secret = NULL; @@ -71,10 +71,6 @@ int pcpsign(char *infile, char *outfile, char *recipient, char *passwd) { goto errs3; } - if(recipient != NULL) { - secret = pcp_derive_pcpkey(secret, recipient); - } - unsigned char *input = NULL; size_t inputBufSize = 0; unsigned char byte[1]; diff --git a/src/signature.h b/src/signature.h index 5c4cefc..cc6bf4a 100644 --- a/src/signature.h +++ b/src/signature.h @@ -32,7 +32,7 @@ #include "uthash.h" #include "z85.h" -int pcpsign(char *infile, char *outfile, char *recipient, char *passwd); +int pcpsign(char *infile, char *outfile, char *passwd); int pcpverify(char *infile, char *sigfile);