dropped "derived key feature", pk-encryption now uses a random keypair on the sender side, puts the public part of it into the encrypted output and drops the keypair, no more key-id will be sent over the wire, be it hashed or whatelse.

2025-12-17 12:00:56 +01:00 · 2014-01-19 23:57:11 +01:00
parent 79cd096be5
commit e20a0683c6
5 changed files with 51 additions and 134 deletions
--- a/src/encryption.c
+++ b/src/encryption.c
@@ -85,73 +85,40 @@ int pcpdecrypt(char *id, int useid, char *infile, char *outfile, char *passwd) {

  size_t clen;
  unsigned char *combined = pcp_z85_decode((char *)encoded, &clen);
+  clen = clen - crypto_secretbox_KEYBYTES;
+

  if(combined == NULL)
    goto errde1;

-  unsigned char *hash = ucmalloc(crypto_hash_BYTES);
-  unsigned char *check = ucmalloc(crypto_hash_BYTES);
-  memcpy(hash, combined, crypto_hash_BYTES);
+  // extract the sender's public key from the cipher
+  pub = ucmalloc(sizeof(pcp_pubkey_t));
+  memcpy(pub->pub, combined, crypto_secretbox_KEYBYTES);

-  pcphash_iteratepub(pub) {
-    crypto_hash(check, (unsigned char*)pub->id, 16);
-    if(memcmp(check, hash, crypto_hash_BYTES) == 0) {
-      // found one
-      break;
-    }
-  }
-  if(pub == NULL) {
-    // maybe self encryption, try secrets
-    pcp_key_t *s = NULL;
-    pcphash_iterate(s) {
-      crypto_hash(check, (unsigned char*)s->id, 16);
-      if(memcmp(check, hash, crypto_hash_BYTES) == 0) {
-        // matching secret
-        pub = pcpkey_pub_from_secret(s);
-      }
-    }
-    if(pub == NULL) {
-      fatal("Could not find a usable public key in vault %s!\n",
-	  vault->filename);
-      goto errde0;
-    }
-  }

  if(debug) {
    fprintf(stderr, "Using secret key:\n");
    pcpkey_printshortinfo(secret);
-    fprintf(stderr, "Using publickey:\n");
-    pcppubkey_printshortinfo(pub);
+    fprintf(stderr, "Using public key:\n");
+    pcpprint_bin(stderr, pub->pub, 32);
+    fprintf(stderr, "\n");
 }

-  unsigned char *encrypted = ucmalloc(clen - crypto_hash_BYTES);
-  memcpy(encrypted, &combined[crypto_hash_BYTES], clen - crypto_hash_BYTES);
+  unsigned char *encrypted = ucmalloc(clen);
+  memcpy(encrypted, &combined[crypto_secretbox_KEYBYTES], clen);

  size_t dlen;
  unsigned char *decrypted = pcp_box_decrypt(secret, pub,
 					     encrypted,
-					     clen - crypto_hash_BYTES, &dlen);
+					     clen, &dlen);

  if(decrypted == NULL) {
-    // try it with a derived secret from the sender id
-    pcp_key_t *s = pcp_derive_pcpkey(secret, pub->id);
-    decrypted = pcp_box_decrypt(s, pub,
+    // maybe self encryption?
+    pcp_pubkey_t *mypub = pcpkey_pub_from_secret(secret);
+    decrypted = pcp_box_decrypt(secret, mypub,
 				encrypted,
-				clen - crypto_hash_BYTES, &dlen);
-    if(decrypted == NULL) {
-      // now try the senders key mail address
-      s = pcp_derive_pcpkey(secret, pub->mail);
-      decrypted = pcp_box_decrypt(s, pub,
-				  encrypted,
-				  clen - crypto_hash_BYTES, &dlen);
-      if(decrypted == NULL) {
-	// try the name
-	s = pcp_derive_pcpkey(secret, pub->owner);
-	decrypted = pcp_box_decrypt(s, pub,
-				    encrypted,
-				    clen - crypto_hash_BYTES, &dlen);
-      }
-    }
+				clen, &dlen);
+    free(mypub);
  }

  if(decrypted != NULL) {
@@ -163,13 +130,13 @@ int pcpdecrypt(char *id, int useid, char *infile, char *outfile, char *passwd) {
    }
    free(decrypted);

-    fprintf(stderr, "Decrypted %d bytes from 0x%s successfully\n",
-	    (int)dlen, pub->id);
+    fprintf(stderr, "Decrypted %d bytes successfully\n",
+	    (int)dlen);
  }
  
-  free(encrypted);

- errde0:
+  free(encrypted);
+  free(pub);
  free(combined);

 errde1:
@@ -188,15 +155,18 @@ int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, char *recipi
  FILE *out = NULL;
  pcp_pubkey_t *pub = NULL;
  pcp_key_t *secret = NULL;
+  int selfcipher = 0;

  // look if we've got that key
  HASH_FIND_STR(pcppubkey_hash, id, pub);
  if(pub == NULL) {
+    // FIXME: use recipient to lookup by name or email
    // self-encryption: look if its a secret one
    pcp_key_t *s = NULL;
    HASH_FIND_STR(pcpkey_hash, id, s);
    if(s != NULL) {
      pub = pcpkey_pub_from_secret(s);
+      selfcipher = 1;
    }
    else {
      fatal("Could not find a public key with id 0x%s in vault %s!\n",
@@ -205,11 +175,7 @@ int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, char *recipi
    }
  }

-  secret = pcp_find_primary_secret();
-  if(secret == NULL) {
-    fatal("Could not find a secret key in vault %s!\n", id, vault->filename);
-    goto erren2;
-  }
+  secret = pcpkey_new(); // DEPRECATED: pcp_find_primary_secret();

  if(infile == NULL)
    in = stdin;
@@ -229,28 +195,6 @@ int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, char *recipi
    }
  }

-  if(secret->secret[0] == 0) {
-    // encrypted, decrypt it
-    char *passphrase;
-    if(passwd == NULL) {
-      pcp_readpass(&passphrase,
-		   "Enter passphrase to decrypt your secret key", NULL, 1);
-    }
-    else {
-      passphrase = ucmalloc(strlen(passwd)+1);
-      strncpy(passphrase, passwd, strlen(passwd)+1);
-    }
-    secret = pcpkey_decrypt(secret, passphrase);
-    if(secret == NULL)
-      goto erren2;
-  }
-
-  if(recipient != NULL) {
-    pcp_key_t *derived = pcp_derive_pcpkey(secret, recipient);
-    memcpy(secret, derived, sizeof(pcp_key_t));
-    free(derived);
-  }
-
  if(debug) {
    fprintf(stderr, "Using secret key:\n");
    pcp_dumpkey(secret);
@@ -284,15 +228,28 @@ int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, char *recipi
    goto erren1;

  size_t zlen;
-  size_t clen = ciphersize + crypto_hash_BYTES;
+  size_t clen = ciphersize + crypto_secretbox_KEYBYTES;
  unsigned char *combined = ucmalloc(clen);
-  unsigned char *hash = ucmalloc(crypto_hash_BYTES);
-  crypto_hash(hash, (unsigned char*)secret->id, 16);
-  memcpy(combined, hash, crypto_hash_BYTES);
-  memcpy(&combined[crypto_hash_BYTES], cipher, clen - crypto_hash_BYTES);
+
+  if(selfcipher == 1) {
+    unsigned char *fakepub = urmalloc(crypto_secretbox_KEYBYTES);
+    memcpy(combined, fakepub, crypto_secretbox_KEYBYTES);
+    free(fakepub);
+  }
+  else {
+    memcpy(combined, secret->pub, crypto_secretbox_KEYBYTES);
+  }
+
+ if(debug) {
+    fprintf(stderr, "Using public key:\n");
+    pcpprint_bin(stderr, combined, 32);
+    fprintf(stderr, "\n");
+  }
+
+  memcpy(&combined[crypto_secretbox_KEYBYTES], cipher, ciphersize);

  // combined consists of:
-  // keyid|nonce|cipher
+  // our-public-key|nonce|cipher
  char *encoded = pcp_z85_encode(combined, clen, &zlen);

  if(encoded == NULL)
@@ -317,8 +274,6 @@ int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, char *recipi

 erren1:

- erren2:
-
 erren3:

  return 1;
--- a/src/keymgmt.c
+++ b/src/keymgmt.c
@@ -252,41 +252,12 @@ void pcp_exportsecretkey(pcp_key_t *key, char *outfile) {
  }
 }

-pcp_key_t *pcp_getrsk(pcp_key_t *s, char *recipient, char *passwd) {
-  if(recipient != NULL) {
-    if(s->secret[0] == 0) {
-      // encrypted, decrypt it
-      char *passphrase;
-      if(passwd == NULL) {
-	pcp_readpass(&passphrase,
-		     "Enter passphrase to decrypt your secret key", NULL, 1);
-      }
-      else {
-	passphrase = ucmalloc(strlen(passwd)+1);
-	strncpy(passphrase, passwd, strlen(passwd)+1);
-      }
-      s = pcpkey_decrypt(s, passphrase);
-      if(s == NULL)
-	goto errrsk1;
-    }
-    pcp_key_t *tmp;
-    tmp = pcp_derive_pcpkey(s, recipient);
-    return tmp;
-  }
-
-  return s;
-
- errrsk1:
-  return NULL;
-}

 /*
  if id given, look if it is already a public and export this,
  else we look for a secret key with that id. without a given
-  keyid we use the primary key. if we start with a secret key
-  and a recipient have been given, we use a derived secret key
-  and export the public component from that. without recipient
-  just export the public component of the found secret key.
+  keyid we use the primary key. if no keyid has been given but
+  a recipient instead, we try to look up the vault for a match.
 */
 void pcp_exportpublic(char *keyid, char *recipient, char *passwd, char *outfile) {
  pcp_pubkey_t *key = NULL;
@@ -303,8 +274,6 @@ void pcp_exportpublic(char *keyid, char *recipient, char *passwd, char *outfile)
 	free(s);
      }
      else {
-	s = pcp_getrsk(s, recipient, passwd);
-	if(s != NULL)
 	key = pcpkey_pub_from_secret(s); 
      }
    }
@@ -318,10 +287,7 @@ void pcp_exportpublic(char *keyid, char *recipient, char *passwd, char *outfile)
      free(s);
    }
    else {
-      pcp_key_t *t = NULL;
-      t = pcp_getrsk(s, recipient, passwd);
-      if(t != NULL)
-	key = pcpkey_pub_from_secret(t); 
+      key = pcpkey_pub_from_secret(s); 
    }
  }

--- a/src/pcp.c
+++ b/src/pcp.c
@@ -365,7 +365,7 @@ int main (int argc, char **argv)  {
 	break;	

      case PCP_MODE_SIGN:
-	pcpsign(infile, outfile, recipient, xpass);
+	pcpsign(infile, outfile, xpass);
 	break;

      case PCP_MODE_VERIFY:
--- a/src/signature.c
+++ b/src/signature.c
@@ -23,7 +23,7 @@
 #include "signature.h"
 #include "defines.h"

-int pcpsign(char *infile, char *outfile, char *recipient, char *passwd) {
+int pcpsign(char *infile, char *outfile, char *passwd) {
  FILE *in = NULL;
  FILE *out = NULL;
  pcp_key_t *secret = NULL;
@@ -71,10 +71,6 @@ int pcpsign(char *infile, char *outfile, char *recipient, char *passwd) {
      goto errs3;
  }

-  if(recipient != NULL) {
-    secret = pcp_derive_pcpkey(secret, recipient);
-  }
-
  unsigned char *input = NULL;
  size_t inputBufSize = 0;
  unsigned char byte[1];
--- a/src/signature.h
+++ b/src/signature.h
@@ -32,7 +32,7 @@
 #include "uthash.h"
 #include "z85.h"

-int pcpsign(char *infile, char *outfile, char *recipient, char *passwd);
+int pcpsign(char *infile, char *outfile, char *passwd);
 int pcpverify(char *infile, char *sigfile);