mirror of
https://codeberg.org/scip/pcp.git
synced 2025-12-17 03:50:57 +01:00
63 lines
2.5 KiB
Plaintext
63 lines
2.5 KiB
Plaintext
key++: normalize id and lc()
|
|
|
|
allow signing using an alternate secret key, like in pcpdecrypt()
|
|
|
|
malloc() new pointers in functions only if not NULL, e.g. pcp_gennonce()
|
|
|
|
generalize file i/0, open+close only in src/, print msg if using stdin or stdout
|
|
- sign + crypt done. key exports und imports to follow
|
|
|
|
check pub key count in pcp.c before calling verify signature, croak if count==0
|
|
|
|
Update pod key format spec.
|
|
|
|
-l show keysig, if any
|
|
|
|
vault checksum: add keysigs as well
|
|
|
|
enable formats for secret key exports as well
|
|
|
|
Add newlines to headers in define.h, so strlen() later catches the whole length.
|
|
|
|
Z85 headers:
|
|
- currently I use "----- BEGIN ... -----" and "----- END ... -----" as
|
|
header and footer for various z85 encoded outputs. The problem is, that
|
|
the "-" character is part of Z85 chars. An input of 0xc6,0x5a,0x0b,0x13 would
|
|
result z85 encoded as: "-----". So, I cannot be sure, when I find a header
|
|
delimiter, if it's really a delimiter or legitimate z85 encoded content.
|
|
Therefore, another delimiter must be used. "~~~~~ BEGIN .... ~~~~~" seems
|
|
to fit best and "~" is unused in Z85.
|
|
Then the parser can be enhanced as well. Eg: on startup if a ~ occurs,
|
|
ignore input until the first non-~ appears. Then decode input until a
|
|
~ or eof appears, ignore everything after. Comments would still be a
|
|
problem though. Currently I ignore lines containing whitespaces. But
|
|
if a file is read blockwise and the blocksize is very small, then a
|
|
comment line may span multiple blocks and isn't recognizable as a
|
|
"line" anymore. Maybe, comments shall start and end with a ~ as well, eg:
|
|
~ BEGIN KEY ~
|
|
~ Hash: 987298347 ~
|
|
[z85]
|
|
~ END KEY ~
|
|
Here I use the same aproach for the headers, since there would also be
|
|
the problem how to recognize them properly if a header crosses boundaries
|
|
or something. By using this scheme, if a ~ is found everything following
|
|
is marked as to be ignored which could be saved as a state when using
|
|
blockmode.
|
|
|
|
|
|
Python binding, e.g.:
|
|
py % cdll.LoadLibrary("libsodium.so.8")
|
|
<CDLL 'libsodium.so.8', handle 800776c00 at 80192a3d0>
|
|
py % nacl = CDLL("libsodium.so.8")
|
|
py % hash = create_string_buffer('\000' * 64)
|
|
py % hash
|
|
<ctypes.c_char_Array_65 object at 0x80182c560>
|
|
py % hash.raw
|
|
'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x...
|
|
py % key = create_string_buffer('a' * 32)
|
|
py % nacl.crypto_hash_sha256(pointer(hash), pointer(key), 32)
|
|
0
|
|
py % hash.raw
|
|
';\xa3\xf5\xf4;\x92`&\x83\xc1\x9a\xeeb\xa2\x03B\xb0\x84\...
|
|
py %
|