exa/codecrypt
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

actions: better keyring opening behavior

Browse source 
This delays opening (and locking) the keyring until all input has been
processed, and all possible errors that would make a chance that the
keyring doesn't have to be opened have been checked for.

Whole purpose was to enable codecrypt to be chained with pipes in UNIX-y way,
like this primitive certificate creation:

(echo "At `date` I certify this is The Key:" ; ccr -pa -F "the key") | ccr -s
This commit is contained in:
Mirek Kratochvil 2013-09-12 12:41:54 +02:00
parent d1421926f9
commit 09136ef046
2 changed files with 61 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

73
src/actions.cpp
View file

@ -38,6 +38,17 @@
#define MSG_CLEARTEXT "MESSAGE-IN-CLEARTEXT" #define MSG_CLEARTEXT "MESSAGE-IN-CLEARTEXT"
#define MSG_DETACHED "MESSAGE-DETACHED" #define MSG_DETACHED "MESSAGE-DETACHED"
inline bool open_keyring (keyring&KR)
{
if (!KR.open() ) {
err ("could not open keyring!");
return false;
}
return true;
}
#define PREPARE_KEYRING if(!open_keyring(KR)) return 1
int action_gen_key (const std::string& algspec, const std::string&name, int action_gen_key (const std::string& algspec, const std::string&name,
keyring&KR, algorithm_suite&AS) keyring&KR, algorithm_suite&AS)
{ {
@ -96,6 +107,8 @@ int action_gen_key (const std::string& algspec, const std::string&name,
return 1; return 1;
} }
PREPARE_KEYRING;
//TODO this can fail, handle it. //TODO this can fail, handle it.
KR.store_keypair (keyring::get_keyid (pub), name, algname, pub, priv); KR.store_keypair (keyring::get_keyid (pub), name, algname, pub, priv);
//pub&priv data will get destroyed along with keyring //pub&priv data will get destroyed along with keyring
@ -115,9 +128,15 @@ int action_gen_key (const std::string& algspec, const std::string&name,
int action_encrypt (const std::string&recipient, bool armor, int action_encrypt (const std::string&recipient, bool armor,
keyring&KR, algorithm_suite&AS) keyring&KR, algorithm_suite&AS)
{ {
//first, find a recipient //first, read plaintext
std::string data;
read_all_input (data);
//find a recipient
keyring::pubkey_entry *recip = NULL; keyring::pubkey_entry *recip = NULL;
PREPARE_KEYRING;
//search both publickeys and keypairs that are valid for encryption //search both publickeys and keypairs that are valid for encryption
for (keyring::pubkey_storage::iterator for (keyring::pubkey_storage::iterator
i = KR.pubs.begin(), e = KR.pubs.end(); i != e; ++i) { i = KR.pubs.begin(), e = KR.pubs.end(); i != e; ++i) {
@ -152,10 +171,7 @@ int action_encrypt (const std::string&recipient, bool armor,
return 1; return 1;
} }
//read plaintext //encryption part
std::string data;
read_all_input (data);
encrypted_msg msg; encrypted_msg msg;
arcfour_rng r; arcfour_rng r;
r.seed (256); r.seed (256);
@ -223,6 +239,8 @@ int action_decrypt (bool armor,
sencode_destroy (M); sencode_destroy (M);
PREPARE_KEYRING;
//check if we have the privkey //check if we have the privkey
keyring::keypair_entry*kpe; keyring::keypair_entry*kpe;
kpe = KR.get_keypair (msg.key_id); kpe = KR.get_keypair (msg.key_id);
@ -312,6 +330,12 @@ int action_sign (const std::string&user, bool armor, const std::string&detach,
} }
} }
//eat data for signature
std::string data;
read_all_input (data);
PREPARE_KEYRING;
//some common checks on user key //some common checks on user key
keyring::keypair_entry *u = NULL; keyring::keypair_entry *u = NULL;
@ -340,10 +364,7 @@ int action_sign (const std::string&user, bool armor, const std::string&detach,
return 1; return 1;
} }
//eat data //signature production part
std::string data;
read_all_input (data);
signed_msg msg; signed_msg msg;
arcfour_rng r; arcfour_rng r;
r.seed (256); r.seed (256);
@ -583,6 +604,8 @@ int action_verify (bool armor, const std::string&detach,
return 1; return 1;
} }
PREPARE_KEYRING;
//check pubkey availability //check pubkey availability
keyring::pubkey_entry*pke; keyring::pubkey_entry*pke;
pke = KR.get_pubkey (msg.key_id); pke = KR.get_pubkey (msg.key_id);
@ -653,6 +676,12 @@ int action_sign_encrypt (const std::string&user, const std::string&recipient,
* (it would leak the information that inner message is signed). * (it would leak the information that inner message is signed).
*/ */
//eat al input first
std::string data;
read_all_input (data);
PREPARE_KEYRING;
//find some good local user //find some good local user
keyring::keypair_entry *u = NULL; keyring::keypair_entry *u = NULL;
@ -712,9 +741,6 @@ int action_sign_encrypt (const std::string&user, const std::string&recipient,
} }
//make a signature //make a signature
std::string data;
read_all_input (data);
signed_msg smsg; signed_msg smsg;
arcfour_rng r; arcfour_rng r;
r.seed (256); r.seed (256);
@ -794,6 +820,8 @@ int action_decrypt_verify (bool armor, bool yes,
sencode_destroy (M); sencode_destroy (M);
PREPARE_KEYRING;
//check if we will be able to decrypt //check if we will be able to decrypt
keyring::keypair_entry*kpe; keyring::keypair_entry*kpe;
kpe = KR.get_keypair (emsg.key_id); kpe = KR.get_keypair (emsg.key_id);
@ -936,6 +964,8 @@ static void output_key (bool fp,
int action_list (bool nice_fingerprint, const std::string&filter, int action_list (bool nice_fingerprint, const std::string&filter,
keyring&KR) keyring&KR)
{ {
PREPARE_KEYRING;
for (keyring::keypair_storage::iterator for (keyring::keypair_storage::iterator
i = KR.pairs.begin(), e = KR.pairs.end(); i = KR.pairs.begin(), e = KR.pairs.end();
i != e; ++i) { i != e; ++i) {
@ -1019,6 +1049,8 @@ int action_import (bool armor, bool no_action, bool yes, bool fp,
return 0; return 0;
} }
PREPARE_KEYRING;
//informatively count how much stuff is this going to destroy. //informatively count how much stuff is this going to destroy.
int rewrites = 0, privs = 0; int rewrites = 0, privs = 0;
for (keyring::pubkey_storage::iterator for (keyring::pubkey_storage::iterator
@ -1068,6 +1100,8 @@ int action_export (bool armor,
const std::string & filter, const std::string & name, const std::string & filter, const std::string & name,
keyring & KR) keyring & KR)
{ {
PREPARE_KEYRING;
keyring::pubkey_storage s; keyring::pubkey_storage s;
for (keyring::keypair_storage::iterator for (keyring::keypair_storage::iterator
@ -1117,6 +1151,8 @@ int action_export (bool armor,
int action_delete (bool yes, const std::string & filter, keyring & KR) int action_delete (bool yes, const std::string & filter, keyring & KR)
{ {
PREPARE_KEYRING;
int kc = 0; int kc = 0;
for (keyring::pubkey_storage::iterator for (keyring::pubkey_storage::iterator
i = KR.pubs.begin(), e = KR.pubs.end(); i = KR.pubs.begin(), e = KR.pubs.end();
@ -1165,6 +1201,9 @@ int action_rename (bool yes,
err ("error: missing new name specification"); err ("error: missing new name specification");
return 1; return 1;
} }
PREPARE_KEYRING;
int kc = 0; int kc = 0;
for (keyring::pubkey_storage::iterator for (keyring::pubkey_storage::iterator
i = KR.pubs.begin(), e = KR.pubs.end(); i = KR.pubs.begin(), e = KR.pubs.end();
@ -1205,6 +1244,8 @@ int action_rename (bool yes,
int action_list_sec (bool nice_fingerprint, const std::string & filter, int action_list_sec (bool nice_fingerprint, const std::string & filter,
keyring & KR) keyring & KR)
{ {
PREPARE_KEYRING;
for (keyring::keypair_storage::iterator for (keyring::keypair_storage::iterator
i = KR.pairs.begin(), e = KR.pairs.end(); i = KR.pairs.begin(), e = KR.pairs.end();
i != e; ++i) { i != e; ++i) {
@ -1277,6 +1318,8 @@ int action_import_sec (bool armor, bool no_action, bool yes, bool fp,
return 0; return 0;
} }
PREPARE_KEYRING;
int rewrites = 0; int rewrites = 0;
for (keyring::keypair_storage::iterator for (keyring::keypair_storage::iterator
i = s.begin(), e = s.end(); i != e; ++i) { i = s.begin(), e = s.end(); i != e; ++i) {
@ -1321,6 +1364,8 @@ int action_export_sec (bool armor, bool yes,
const std::string & filter, const std::string & name, const std::string & filter, const std::string & name,
keyring & KR) keyring & KR)
{ {
PREPARE_KEYRING;
keyring::keypair_storage s; keyring::keypair_storage s;
for (keyring::keypair_storage::iterator for (keyring::keypair_storage::iterator
i = KR.pairs.begin(), e = KR.pairs.end(); i = KR.pairs.begin(), e = KR.pairs.end();
@ -1366,6 +1411,8 @@ int action_export_sec (bool armor, bool yes,
int action_delete_sec (bool yes, const std::string & filter, keyring & KR) int action_delete_sec (bool yes, const std::string & filter, keyring & KR)
{ {
PREPARE_KEYRING;
int kc = 0; int kc = 0;
for (keyring::keypair_storage::iterator for (keyring::keypair_storage::iterator
i = KR.pairs.begin(), e = KR.pairs.end(); i = KR.pairs.begin(), e = KR.pairs.end();
@ -1415,6 +1462,8 @@ int action_rename_sec (bool yes,
return 1; return 1;
} }
PREPARE_KEYRING;
int kc = 0; int kc = 0;
for (keyring::keypair_storage::iterator for (keyring::keypair_storage::iterator
i = KR.pairs.begin(), e = KR.pairs.end(); i = KR.pairs.begin(), e = KR.pairs.end();

6
src/main.cpp
View file

@ -386,12 +386,6 @@ int main (int argc, char**argv)
keyring KR; keyring KR;
algorithm_suite AS; algorithm_suite AS;
//keyring initialization
if (!KR.open() ) {
progerr ("could not open keyring!");
return 1;
}
//register all available algorithms //register all available algorithms
fill_algorithm_suite (AS); fill_algorithm_suite (AS);