diff --git a/libtool b/libtool index 4e7d4e4..ff019b7 100755 --- a/libtool +++ b/libtool @@ -2,12 +2,12 @@ # libtool - Provide generalized library-building support services. # Generated automatically by config.status (pcp) `cat VERSION` -# Libtool was configured on host io: +# Libtool was configured on host r4: # NOTE: Changes made to this file will be lost: look at ltmain.sh. # # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, -# 2006, 2007, 2008, 2009, 2010 Free Software Foundation, -# Inc. +# 2006, 2007, 2008, 2009, 2010, 2011 Free Software +# Foundation, Inc. # Written by Gordon Matzigkeit, 1996 # # This file is part of GNU Libtool. @@ -40,8 +40,8 @@ available_tags="" # ### BEGIN LIBTOOL CONFIG # Which release of libtool.m4 was used? -macro_version=2.4 -macro_revision=1.3293 +macro_version=2.4.2 +macro_revision=1.3337 # Whether or not to build shared libraries. build_libtool_libs=yes @@ -61,15 +61,18 @@ SHELL="/bin/sh" # An echo program that protects backslashes. ECHO="printf %s\\n" +# The PATH separator for the build system. +PATH_SEPARATOR=":" + # The host system. host_alias= -host=amd64-unknown-freebsd9.0 -host_os=freebsd9.0 +host=amd64-unknown-freebsd9.1 +host_os=freebsd9.1 # The build system. build_alias= -build=amd64-unknown-freebsd9.0 -build_os=freebsd9.0 +build=amd64-unknown-freebsd9.1 +build_os=freebsd9.1 # A sed program that does not truncate output. SED="/usr/bin/sed" @@ -151,7 +154,7 @@ STRIP="strip" # Commands used to install an old-style archive. RANLIB="ranlib" -old_postinstall_cmds="chmod 644 \$oldlib~\$RANLIB \$oldlib" +old_postinstall_cmds="chmod 644 \$oldlib~\$RANLIB \$tool_oldlib" old_postuninstall_cmds="" # Whether to use a lock for old archive extraction. @@ -161,7 +164,7 @@ lock_old_archive_extraction=no LTCC="gcc" # LTCC compiler flags. -LTCFLAGS="-I/usr/local/include -I/usr/local/include" +LTCFLAGS="-g -O2 -I/usr/local/include" # Take the output of nm and produce a listing of raw symbols and C names. global_symbol_pipe="sed -n -e 's/^.*[ ]\\([ABCDGIRSTW][ABCDGIRSTW]*\\)[ ][ ]*\\([_A-Za-z][_A-Za-z0-9]*\\)\$/\\1 \\2 \\2/p' | sed '/ __gnu_lto/d'" @@ -296,7 +299,7 @@ reload_flag=" -r" reload_cmds="\$LD\$reload_flag -o \$output\$reload_objs" # Commands used to build an old-style archive. -old_archive_cmds="\$AR \$AR_FLAGS \$oldlib\$oldobjs~\$RANLIB \$oldlib" +old_archive_cmds="\$AR \$AR_FLAGS \$oldlib\$oldobjs~\$RANLIB \$tool_oldlib" # A language specific compiler. CC="gcc" @@ -362,10 +365,6 @@ no_undefined_flag="" # This must work even if $libdir does not exist hardcode_libdir_flag_spec="\${wl}-rpath \${wl}\$libdir" -# If ld is used when linking, flag to hardcode $libdir into a binary -# during linking. This must work even if $libdir does not exist. -hardcode_libdir_flag_spec_ld="" - # Whether we need a single "-rpath" flag with a separated argument. hardcode_libdir_separator="" @@ -426,11 +425,11 @@ hardcode_action=immediate # ### END LIBTOOL CONFIG -# libtool (GNU libtool) 2.4 +# libtool (GNU libtool) 2.4.2 # Written by Gordon Matzigkeit , 1996 # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, 2006, -# 2007, 2008, 2009, 2010 Free Software Foundation, Inc. +# 2007, 2008, 2009, 2010, 2011 Free Software Foundation, Inc. # This is free software; see the source for copying conditions. There is NO # warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. @@ -468,6 +467,7 @@ hardcode_action=immediate # --quiet, --silent don't print informational messages # --no-quiet, --no-silent # print informational messages (default) +# --no-warn don't display warning messages # --tag=TAG use configuration variables from tag TAG # -v, --verbose print more informational messages than default # --no-verbose don't print the extra informational messages @@ -496,7 +496,7 @@ hardcode_action=immediate # compiler: $LTCC # compiler flags: $LTCFLAGS # linker: $LD (gnu? $with_gnu_ld) -# $progname: (GNU libtool) 2.4 +# $progname: (GNU libtool) 2.4.2 # automake: $automake_version # autoconf: $autoconf_version # @@ -506,9 +506,9 @@ hardcode_action=immediate PROGRAM=libtool PACKAGE=libtool -VERSION=2.4 +VERSION=2.4.2 TIMESTAMP="" -package_revision=1.3293 +package_revision=1.3337 # Be Bourne compatible if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then @@ -563,15 +563,10 @@ progpath="$0" : ${CP="cp -f"} test "${ECHO+set}" = set || ECHO=${as_echo-'printf %s\n'} -: ${EGREP="grep -E"} -: ${FGREP="grep -F"} -: ${GREP="grep"} -: ${LN_S="ln -s"} : ${MAKE="make"} : ${MKDIR="mkdir"} : ${MV="mv -f"} : ${RM="rm -f"} -: ${SED="sed"} : ${SHELL="${CONFIG_SHELL-/bin/sh}"} : ${Xsed="$SED -e 1s/^X//"} @@ -810,7 +805,7 @@ case $progpath in ;; *) save_IFS="$IFS" - IFS=: + IFS=${PATH_SEPARATOR-:} for progdir in $PATH; do IFS="$save_IFS" test -x "$progdir/$progname" && break @@ -1194,8 +1189,8 @@ func_help () s*\$LTCFLAGS*'"$LTCFLAGS"'* s*\$LD*'"$LD"'* s/\$with_gnu_ld/'"$with_gnu_ld"'/ - s/\$automake_version/'"`(automake --version) 2>/dev/null |$SED 1q`"'/ - s/\$autoconf_version/'"`(autoconf --version) 2>/dev/null |$SED 1q`"'/ + s/\$automake_version/'"`(${AUTOMAKE-automake} --version) 2>/dev/null |$SED 1q`"'/ + s/\$autoconf_version/'"`(${AUTOCONF-autoconf} --version) 2>/dev/null |$SED 1q`"'/ p d } @@ -1472,6 +1467,7 @@ opt_finish=false opt_help=false opt_help_all=false opt_silent=: +opt_warning=: opt_verbose=: opt_silent=false opt_verbose=false @@ -1538,6 +1534,10 @@ esac ;; --no-silent|--no-quiet) opt_silent=false +preserve_args="$preserve_args $opt" + ;; + --no-warning|--no-warn) + opt_warning=false preserve_args="$preserve_args $opt" ;; --no-verbose) @@ -2509,7 +2509,7 @@ func_mode_compile () *.[cCFSifmso] | \ *.ada | *.adb | *.ads | *.asm | \ *.c++ | *.cc | *.ii | *.class | *.cpp | *.cxx | \ - *.[fF][09]? | *.for | *.java | *.obj | *.sx | *.cu | *.cup) + *.[fF][09]? | *.for | *.java | *.go | *.obj | *.sx | *.cu | *.cup) func_xform "$libobj" libobj=$func_xform_result ;; @@ -3651,11 +3651,13 @@ func_mode_install () # Set up the ranlib parameters. oldlib="$destdir/$name" + func_to_tool_file "$oldlib" func_convert_file_msys_to_w32 + tool_oldlib=$func_to_tool_file_result func_show_eval "$install_prog \$file \$oldlib" 'exit $?' if test -n "$stripme" && test -n "$old_striplib"; then - func_show_eval "$old_striplib $oldlib" 'exit $?' + func_show_eval "$old_striplib $tool_oldlib" 'exit $?' fi # Do each command in the postinstall commands. @@ -3920,7 +3922,7 @@ static const void *lt_preloaded_setup() { # linked before any other PIC object. But we must not use # pic_flag when linking with -static. The problem exists in # FreeBSD 2.2.6 and is fixed in FreeBSD 3.1. - *-*-freebsd2*|*-*-freebsd3.0*|*-*-freebsdelf3.0*) + *-*-freebsd2.*|*-*-freebsd3.0*|*-*-freebsdelf3.0*) pic_flag_for_symtable=" $pic_flag -DFREEBSD_WORKAROUND" ;; *-*-hpux*) pic_flag_for_symtable=" $pic_flag" ;; @@ -4435,14 +4437,17 @@ func_exec_program_core () # launches target application with the remaining arguments. func_exec_program () { - for lt_wr_arg - do - case \$lt_wr_arg in - --lt-*) ;; - *) set x \"\$@\" \"\$lt_wr_arg\"; shift;; - esac - shift - done + case \" \$* \" in + *\\ --lt-*) + for lt_wr_arg + do + case \$lt_wr_arg in + --lt-*) ;; + *) set x \"\$@\" \"\$lt_wr_arg\"; shift;; + esac + shift + done ;; + esac func_exec_program_core \${1+\"\$@\"} } @@ -5510,9 +5515,15 @@ void lt_dump_script (FILE* f) { EOF func_emit_wrapper yes | - $SED -e 's/\([\\"]\)/\\\1/g' \ - -e 's/^/ fputs ("/' -e 's/$/\\n", f);/' - + $SED -n -e ' +s/^\(.\{79\}\)\(..*\)/\1\ +\2/ +h +s/\([\\"]\)/\\\1/g +s/$/\\n/ +s/\([^\n]*\).*/ fputs ("\1", f);/p +g +D' cat <<"EOF" } EOF @@ -6097,7 +6108,8 @@ func_mode_link () continue ;; - -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe|-threads) + -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe \ + |-threads|-fopenmp|-openmp|-mp|-xopenmp|-omp|-qsmp=*) compiler_flags="$compiler_flags $arg" compile_command="$compile_command $arg" finalize_command="$finalize_command $arg" @@ -6601,7 +6613,8 @@ func_mode_link () lib= found=no case $deplib in - -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe|-threads) + -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe \ + |-threads|-fopenmp|-openmp|-mp|-xopenmp|-omp|-qsmp=*) if test "$linkmode,$pass" = "prog,link"; then compile_deplibs="$deplib $compile_deplibs" finalize_deplibs="$deplib $finalize_deplibs" @@ -7302,7 +7315,7 @@ func_mode_link () test "$hardcode_direct_absolute" = no; then add="$dir/$linklib" elif test "$hardcode_minus_L" = yes; then - add_dir="-L$dir" + add_dir="-L$absdir" # Try looking first in the location we're being installed to. if test -n "$inst_prefix_dir"; then case $libdir in @@ -7787,6 +7800,7 @@ func_mode_link () # which has an extra 1 added just for fun # case $version_type in + # correct linux to gnu/linux during the next big refactor darwin|linux|osf|windows|none) func_arith $number_major + $number_minor current=$func_arith_result @@ -7903,7 +7917,7 @@ func_mode_link () versuffix="$major.$revision" ;; - linux) + linux) # correct to gnu/linux during the next big refactor func_arith $current - $age major=.$func_arith_result versuffix="$major.$age.$revision" @@ -8491,6 +8505,11 @@ EOF # Test again, we may have decided not to build it any more if test "$build_libtool_libs" = yes; then + # Remove ${wl} instances when linking with ld. + # FIXME: should test the right _cmds variable. + case $archive_cmds in + *\$LD\ *) wl= ;; + esac if test "$hardcode_into_libs" = yes; then # Hardcode the library paths hardcode_libdirs= @@ -8521,7 +8540,7 @@ EOF elif test -n "$runpath_var"; then case "$perm_rpath " in *" $libdir "*) ;; - *) func_apped perm_rpath " $libdir" ;; + *) perm_rpath="$perm_rpath $libdir" ;; esac fi done @@ -8529,11 +8548,7 @@ EOF if test -n "$hardcode_libdir_separator" && test -n "$hardcode_libdirs"; then libdir="$hardcode_libdirs" - if test -n "$hardcode_libdir_flag_spec_ld"; then - eval dep_rpath=\"$hardcode_libdir_flag_spec_ld\" - else - eval dep_rpath=\"$hardcode_libdir_flag_spec\" - fi + eval "dep_rpath=\"$hardcode_libdir_flag_spec\"" fi if test -n "$runpath_var" && test -n "$perm_rpath"; then # We should set the runpath_var. @@ -9623,6 +9638,8 @@ EOF esac done fi + func_to_tool_file "$oldlib" func_convert_file_msys_to_w32 + tool_oldlib=$func_to_tool_file_result eval cmds=\"$old_archive_cmds\" func_len " $cmds" @@ -9732,7 +9749,8 @@ EOF *.la) func_basename "$deplib" name="$func_basename_result" - eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $deplib` + func_resolve_sysroot "$deplib" + eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $func_resolve_sysroot_result` test -z "$libdir" && \ func_fatal_error "\`$deplib' is not a valid libtool archive" newdependency_libs="$newdependency_libs ${lt_sysroot:+=}$libdir/$name" diff --git a/man/details.pod b/man/details.pod index 43e807f..4e7789e 100644 --- a/man/details.pod +++ b/man/details.pod @@ -42,6 +42,118 @@ the recipient. A public key generated this way will only be usable by the recipient (and yourself) and each recipient will have a different public key from you (and vice versa). +=head1 ENCRYPTION + +There are 3 modi for encryption available in pcp1: + +=over + +=item B + +In this mode, which is the default, a public key as specified +with B<-i> and the primary secret key will be used for encryption. +The public key in question maybe a derived public key, which +is transparent for the sender however. + +If you don't use derived keys, you will have to transfer +the public key part of your primary keypair to the recipient, +which is considered insecure if the transfer channel itself +uses untrusted transports or if the transferred public key +ends up on a public system (a shared server, a workstation +at your employer or the like). You should avoid this encryption +mode in such cases and use derived keys instead. + +Example command: + + pcp1 -e -i 0x2BD734B15CE2722D -I message.txt -O cipher.z85 + +Here we didn't specify a recipient. Therefore the public +key given with -i will be used directly. + +=item B + +Derived keys will be generated dynamically at runtime +(see B above). Therefore an exported +derived public key is unique for the sender AND recipient. + +This mode can be considered the most secure. If such a key +gets lost (or into the wrong hands), only this specific +communication channel will be compromised. + +Example command: + + pcp1 -e -r bobby@local -I message.txt -O cipher.z85 + +We specified a recipient. pcp1 searches the vault for a +matching public key and generates a derived keypair for +encryption. You need to have a public key installed from +the recipient anyway, it won't work without one. You may +also specify a key id (-i) as well to make sure, the right +key will be used for derivation. + +=item B + +Pretty Curved Privacy doesn't provide symetric file encryption. +However there are cases when you need to encrypt a file just +for yourself. In such a case the file will be encrypted using +the public key part of your primary secret key and the secret +key itself (thanks to the wonders of ECC this works like a charm). + +The file can be decrypted using the primary key pair. + +While this works, the security of it totally depends on the +strength of your password, especially if the primary secret +used for this kind of encryption is stored in a vault on the +same system. + +Example command: + + pcp1 -e -I message.txt -O cipher.z85 + +As you can see we didn't specify -i or -r and therefore pcp1 +tries to use the primary keypair for encryption. + +=back + + +=head1 VULNERABILITIES + +Currently there are a couple of problems which are not +addressed. These are usually protocol problems, which are +not caused by pcp1. + +=over + +=item B + +Pretty Curved Privacy is a store-and-forward system, it works +on files and can't use any cool key exchange protocols therefore. +For example there would be B which guarantees a +secure key exchange. But CurveCP cannot be used offline. + +Users have to find other means to exchange keys. That's a pity +since with Curve25519 you can't just publish your public key +to some key server because in order to encrypt a message, both +the recipient AND the sender need to have the public key of +each other. It would be possible to publich public keys, +and attach the senders public key to the encrypted message, but +I'm not sure if such an aproach would be secure enough. + +=item B + +At the time of this writing the ECC algorithm Curve25519 +is only rarely used, in most cases by experimental software +(such as Pretty Curved Privacy). As far as I know there haven't +been done the kind of exessive crypto analysis as with other +ECC algorithms. + +While I, as the author of pcp1 totally trust D.J.Bernstein, this +may not be the case for you. + +In short, I'd suggest not to use it on critical systems yet. + +=back + =head1 INTERNALS FIXME. diff --git a/man/pcp1.1 b/man/pcp1.1 index 3224894..6155fdc 100644 --- a/man/pcp1.1 +++ b/man/pcp1.1 @@ -183,10 +183,13 @@ Pretty Curved Privacy \- File encryption using eliptic curve cryptography. \& \& Encryption Options: \& \-e \-\-encrypt Encrypt a message. Read from stdin or -\& specified via \-I. A keyid (\-i) of the -\& public key of the receipient must be -\& specified. Output to stdout or written -\& to the file specified via \-O. +\& specified via \-I. If a keyid (\-i) has been +\& given, use that public key for encryption. +\& If a recipient (\-r) has been given, use +\& a derived public key. If none of \-i or +\& \-r has been given, use the primary +\& secret key and the public part of it +\& for encrytion (self\-encryption mode). \& \-d \-\-decrypt Decrypt a message. Read from stdin or \& specified via \-I. Output to stdout or \& written to the file specified via \-O. @@ -325,6 +328,108 @@ The public part of this dynamic key will be exported and sent to the recipient. A public key generated this way will only be usable by the recipient (and yourself) and each recipient will have a different public key from you (and vice versa). +.SH "ENCRYPTION" +.IX Header "ENCRYPTION" +There are 3 modi for encryption available in pcp1: +.IP "\fBStandard public key encryption\fR" 4 +.IX Item "Standard public key encryption" +In this mode, which is the default, a public key as specified +with \fB\-i\fR and the primary secret key will be used for encryption. +The public key in question maybe a derived public key, which +is transparent for the sender however. +.Sp +If you don't use derived keys, you will have to transfer +the public key part of your primary keypair to the recipient, +which is considered insecure if the transfer channel itself +uses untrusted transports or if the transferred public key +ends up on a public system (a shared server, a workstation +at your employer or the like). You should avoid this encryption +mode in such cases and use derived keys instead. +.Sp +Example command: +.Sp +.Vb 1 +\& pcp1 \-e \-i 0x2BD734B15CE2722D \-I message.txt \-O cipher.z85 +.Ve +.Sp +Here we didn't specify a recipient. Therefore the public +key given with \-i will be used directly. +.IP "\fBDerived public key encryption\fR" 4 +.IX Item "Derived public key encryption" +Derived keys will be generated dynamically at runtime +(see \fBDerived Public Keys\fR above). Therefore an exported +derived public key is unique for the sender \s-1AND\s0 recipient. +.Sp +This mode can be considered the most secure. If such a key +gets lost (or into the wrong hands), only this specific +communication channel will be compromised. +.Sp +Example command: +.Sp +.Vb 1 +\& pcp1 \-e \-r bobby@local \-I message.txt \-O cipher.z85 +.Ve +.Sp +We specified a recipient. pcp1 searches the vault for a +matching public key and generates a derived keypair for +encryption. You need to have a public key installed from +the recipient anyway, it won't work without one. You may +also specify a key id (\-i) as well to make sure, the right +key will be used for derivation. +.IP "\fBSelf encryption mode\fR" 4 +.IX Item "Self encryption mode" +Pretty Curved Privacy doesn't provide symetric file encryption. +However there are cases when you need to encrypt a file just +for yourself. In such a case the file will be encrypted using +the public key part of your primary secret key and the secret +key itself (thanks to the wonders of \s-1ECC\s0 this works like a charm). +.Sp +The file can be decrypted using the primary key pair. +.Sp +While this works, the security of it totally depends on the +strength of your password, especially if the primary secret +used for this kind of encryption is stored in a vault on the +same system. +.Sp +Example command: +.Sp +.Vb 1 +\& pcp1 \-e \-I message.txt \-O cipher.z85 +.Ve +.Sp +As you can see we didn't specify \-i or \-r and therefore pcp1 +tries to use the primary keypair for encryption. +.SH "VULNERABILITIES" +.IX Header "VULNERABILITIES" +Currently there are a couple of problems which are not +addressed. These are usually protocol problems, which are +not caused by pcp1. +.IP "\fBNo secure native key exchange for store-and-forward systems\fR" 4 +.IX Item "No secure native key exchange for store-and-forward systems" +Pretty Curved Privacy is a store-and-forward system, it works +on files and can't use any cool key exchange protocols therefore. +For example there would be \fBCurveCP\fR which guarantees a +secure key exchange. But CurveCP cannot be used offline. +.Sp +Users have to find other means to exchange keys. That's a pity +since with Curve25519 you can't just publish your public key +to some key server because in order to encrypt a message, both +the recipient \s-1AND\s0 the sender need to have the public key of +each other. It would be possible to publich public keys, +and attach the senders public key to the encrypted message, but +I'm not sure if such an aproach would be secure enough. +.IP "\fBCurve25519 not widely adopted\fR" 4 +.IX Item "Curve25519 not widely adopted" +At the time of this writing the \s-1ECC\s0 algorithm Curve25519 +is only rarely used, in most cases by experimental software +(such as Pretty Curved Privacy). As far as I know there haven't +been done the kind of exessive crypto analysis as with other +\&\s-1ECC\s0 algorithms. +.Sp +While I, as the author of pcp1 totally trust D.J.Bernstein, this +may not be the case for you. +.Sp +In short, I'd suggest not to use it on critical systems yet. .SH "INTERNALS" .IX Header "INTERNALS" \&\s-1FIXME\s0. diff --git a/man/pcp1.pod b/man/pcp1.pod index df330a1..0127e3a 100644 --- a/man/pcp1.pod +++ b/man/pcp1.pod @@ -55,10 +55,13 @@ Pretty Curved Privacy - File encryption using eliptic curve cryptography. Encryption Options: -e --encrypt Encrypt a message. Read from stdin or - specified via -I. A keyid (-i) of the - public key of the receipient must be - specified. Output to stdout or written - to the file specified via -O. + specified via -I. If a keyid (-i) has been + given, use that public key for encryption. + If a recipient (-r) has been given, use + a derived public key. If none of -i or + -r has been given, use the primary + secret key and the public part of it + for encrytion (self-encryption mode). -d --decrypt Decrypt a message. Read from stdin or specified via -I. Output to stdout or written to the file specified via -O. @@ -192,6 +195,118 @@ the recipient. A public key generated this way will only be usable by the recipient (and yourself) and each recipient will have a different public key from you (and vice versa). +=head1 ENCRYPTION + +There are 3 modi for encryption available in pcp1: + +=over + +=item B + +In this mode, which is the default, a public key as specified +with B<-i> and the primary secret key will be used for encryption. +The public key in question maybe a derived public key, which +is transparent for the sender however. + +If you don't use derived keys, you will have to transfer +the public key part of your primary keypair to the recipient, +which is considered insecure if the transfer channel itself +uses untrusted transports or if the transferred public key +ends up on a public system (a shared server, a workstation +at your employer or the like). You should avoid this encryption +mode in such cases and use derived keys instead. + +Example command: + + pcp1 -e -i 0x2BD734B15CE2722D -I message.txt -O cipher.z85 + +Here we didn't specify a recipient. Therefore the public +key given with -i will be used directly. + +=item B + +Derived keys will be generated dynamically at runtime +(see B above). Therefore an exported +derived public key is unique for the sender AND recipient. + +This mode can be considered the most secure. If such a key +gets lost (or into the wrong hands), only this specific +communication channel will be compromised. + +Example command: + + pcp1 -e -r bobby@local -I message.txt -O cipher.z85 + +We specified a recipient. pcp1 searches the vault for a +matching public key and generates a derived keypair for +encryption. You need to have a public key installed from +the recipient anyway, it won't work without one. You may +also specify a key id (-i) as well to make sure, the right +key will be used for derivation. + +=item B + +Pretty Curved Privacy doesn't provide symetric file encryption. +However there are cases when you need to encrypt a file just +for yourself. In such a case the file will be encrypted using +the public key part of your primary secret key and the secret +key itself (thanks to the wonders of ECC this works like a charm). + +The file can be decrypted using the primary key pair. + +While this works, the security of it totally depends on the +strength of your password, especially if the primary secret +used for this kind of encryption is stored in a vault on the +same system. + +Example command: + + pcp1 -e -I message.txt -O cipher.z85 + +As you can see we didn't specify -i or -r and therefore pcp1 +tries to use the primary keypair for encryption. + +=back + + +=head1 VULNERABILITIES + +Currently there are a couple of problems which are not +addressed. These are usually protocol problems, which are +not caused by pcp1. + +=over + +=item B + +Pretty Curved Privacy is a store-and-forward system, it works +on files and can't use any cool key exchange protocols therefore. +For example there would be B which guarantees a +secure key exchange. But CurveCP cannot be used offline. + +Users have to find other means to exchange keys. That's a pity +since with Curve25519 you can't just publish your public key +to some key server because in order to encrypt a message, both +the recipient AND the sender need to have the public key of +each other. It would be possible to publich public keys, +and attach the senders public key to the encrypted message, but +I'm not sure if such an aproach would be secure enough. + +=item B + +At the time of this writing the ECC algorithm Curve25519 +is only rarely used, in most cases by experimental software +(such as Pretty Curved Privacy). As far as I know there haven't +been done the kind of exessive crypto analysis as with other +ECC algorithms. + +While I, as the author of pcp1 totally trust D.J.Bernstein, this +may not be the case for you. + +In short, I'd suggest not to use it on critical systems yet. + +=back + =head1 INTERNALS FIXME. diff --git a/src/encryption.c b/src/encryption.c index f6c3332..d40be0e 100644 --- a/src/encryption.c +++ b/src/encryption.c @@ -103,9 +103,20 @@ int pcpdecrypt(char *id, int useid, char *infile, char *outfile, char *passwd) { } } if(public == NULL) { - fatal("Could not find a usable public key in vault %s!\n", + // maybe self encryption, try secrets + pcp_key_t *s = NULL; + for(s=pcpkey_hash; s != NULL; s=(pcp_key_t*)(s->hh.next)) { + crypto_hash(check, (unsigned char*)s->id, 16); + if(memcmp(check, hash, crypto_hash_BYTES) == 0) { + // matching secret + public = pcpkey_pub_from_secret(s); + } + } + if(public == NULL) { + fatal("Could not find a usable public key in vault %s!\n", vault->filename); - goto errde0; + goto errde0; + } } if(debug) { @@ -183,9 +194,17 @@ int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, char *recipi // look if we've got that key HASH_FIND_STR(pcppubkey_hash, id, public); if(public == NULL) { - fatal("Could not find a public key with id 0x%s in vault %s!\n", + // self-encryption: look if its a secret one + pcp_key_t *s = NULL; + HASH_FIND_STR(pcpkey_hash, id, s); + if(s != NULL) { + public = pcpkey_pub_from_secret(s); + } + else { + fatal("Could not find a public key with id 0x%s in vault %s!\n", id, vault->filename); - goto erren3; + goto erren3; + } } secret = pcp_find_primary_secret(); diff --git a/src/pcp.c b/src/pcp.c index 29ecd26..15fd6f8 100644 --- a/src/pcp.c +++ b/src/pcp.c @@ -315,6 +315,11 @@ int main (int argc, char **argv) { if(useid == 0 && userec == 1) { id = pcp_find_id_byrec(recipient); } + if(useid == 0 && userec == 0) { + pcp_key_t *k = pcp_find_primary_secret(); + id = ucmalloc(17); + memcpy(id, k->id, 17); + } if(id != NULL) { pcpencrypt(id, infile, outfile, xpass, recipient); free(id); diff --git a/src/usage.h b/src/usage.h index 8846910..8c610b1 100644 --- a/src/usage.h +++ b/src/usage.h @@ -50,10 +50,13 @@ "\n" \ "Encryption Options:\n" \ "-e --encrypt Encrypt a message. Read from stdin or\n" \ -" specified via -I. A keyid (-i) of the\n" \ -" public key of the receipient must be\n" \ -" specified. Output to stdout or written\n" \ -" to the file specified via -O.\n" \ +" specified via -I. If a keyid (-i) has been\n" \ +" given, use that public key for encryption.\n" \ +" If a recipient (-r) has been given, use\n" \ +" a derived public key. If none of -i or\n" \ +" -r has been given, use the primary\n" \ +" secret key and the public part of it\n" \ +" for encrytion (self-encryption mode).\n" \ "-d --decrypt Decrypt a message. Read from stdin or\n" \ " specified via -I. Output to stdout or\n" \ " written to the file specified via -O.\n" \ diff --git a/src/usage.txt b/src/usage.txt index 86078b0..cda1d3d 100644 --- a/src/usage.txt +++ b/src/usage.txt @@ -48,10 +48,13 @@ Keymanagement Options: Encryption Options: -e --encrypt Encrypt a message. Read from stdin or - specified via -I. A keyid (-i) of the - public key of the receipient must be - specified. Output to stdout or written - to the file specified via -O. + specified via -I. If a keyid (-i) has been + given, use that public key for encryption. + If a recipient (-r) has been given, use + a derived public key. If none of -i or + -r has been given, use the primary + secret key and the public part of it + for encrytion (self-encryption mode). -d --decrypt Decrypt a message. Read from stdin or specified via -I. Output to stdout or written to the file specified via -O.