mirror of
https://github.com/RetroShare/RetroShare.git
synced 2024-12-26 16:09:35 -05:00
fixed output/syncing of secret keyring
git-svn-id: http://svn.code.sf.net/p/retroshare/code/branches/v0.5-OpenPGP@5265 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
csoler
parent
eac2c010c3
commit
9a07328ac2
@ -80,8 +80,8 @@ PGPHandler::PGPHandler(const std::string& pubring, const std::string& secring,co
|
||||
: pgphandlerMtx(std::string("PGPHandler")), _pubring_path(pubring),_secring_path(secring),_trustdb_path(trustdb),_pgp_lock_filename(pgp_lock_filename)
|
||||
{
|
||||
_pubring_changed = false ;
|
||||
_secring_changed = false ;
|
||||
_trustdb_changed = false ;
|
||||
//_secring_changed = false ;
|
||||
|
||||
RsStackFileLock flck(_pgp_lock_filename) ; // lock access to PGP directory.
|
||||
|
||||
@ -312,7 +312,7 @@ bool PGPHandler::GeneratePGPCertificate(const std::string& name, const std::stri
|
||||
ops_user_id_t uid ;
|
||||
char *s = strdup((name + " " + email + " (Generated by RetroShare)").c_str()) ;
|
||||
uid.user_id = (unsigned char *)s ;
|
||||
unsigned long int e = 17 ; // some prime number
|
||||
unsigned long int e = 65537 ; // some prime number
|
||||
|
||||
ops_keydata_t *key = ops_rsa_create_selfsigned_keypair(KEY_NUMBITS,e,&uid) ;
|
||||
|
||||
@ -321,17 +321,22 @@ bool PGPHandler::GeneratePGPCertificate(const std::string& name, const std::stri
|
||||
if(!key)
|
||||
return false ;
|
||||
|
||||
// 2 - save the private key encrypted to a temporary memory buffer
|
||||
// 2 - save the private key encrypted to a temporary memory buffer, so as to read an encrypted key to memory
|
||||
|
||||
ops_create_info_t *cinfo = NULL ;
|
||||
ops_memory_t *buf = NULL ;
|
||||
ops_setup_memory_write(&cinfo, &buf, 0);
|
||||
|
||||
ops_write_transferable_secret_key(key,(unsigned char *)passphrase.c_str(),passphrase.length(),ops_false,cinfo);
|
||||
if(!ops_write_transferable_secret_key(key,(unsigned char *)passphrase.c_str(),passphrase.length(),ops_false,cinfo))
|
||||
{
|
||||
std::cerr << "(EE) Cannot encode secret key to memory!!" << std::endl;
|
||||
return false ;
|
||||
}
|
||||
|
||||
// 3 - read the file into a keyring
|
||||
// 3 - read the memory chunk into an encrypted keyring
|
||||
|
||||
ops_keyring_t *tmp_secring = allocateOPSKeyring() ;
|
||||
|
||||
if(! ops_keyring_read_from_mem(tmp_secring, ops_false, buf))
|
||||
{
|
||||
std::cerr << "(EE) Cannot re-read key from memory!!" << std::endl;
|
||||
@ -339,7 +344,7 @@ bool PGPHandler::GeneratePGPCertificate(const std::string& name, const std::stri
|
||||
}
|
||||
ops_teardown_memory_write(cinfo,buf); // cleanup memory
|
||||
|
||||
// 4 - copy the private key to the private keyring
|
||||
// 4 - copy the encrypted private key to the private keyring
|
||||
|
||||
pgpId = PGPIdType(tmp_secring->keys[0].key_id) ;
|
||||
addNewKeyToOPSKeyring(_secring,tmp_secring->keys[0]) ;
|
||||
@ -351,22 +356,42 @@ bool PGPHandler::GeneratePGPCertificate(const std::string& name, const std::stri
|
||||
ops_keyring_free(tmp_secring) ;
|
||||
free(tmp_secring) ;
|
||||
|
||||
// 5 - copy the private key to the public keyring
|
||||
// 3 - add key to secret keyring on disk.
|
||||
|
||||
ops_setup_memory_write(&cinfo, &buf, 0);
|
||||
ops_write_transferable_public_key(key, ops_false, cinfo);
|
||||
cinfo = NULL ;
|
||||
int fd=ops_setup_file_append(&cinfo, _secring_path.c_str());
|
||||
|
||||
if(!ops_write_transferable_secret_key(key,(unsigned char *)passphrase.c_str(),passphrase.length(),ops_false,cinfo))
|
||||
{
|
||||
std::cerr << "(EE) Cannot encode secret key to disk!! Disk full? Out of disk quota?" << std::endl;
|
||||
return false ;
|
||||
}
|
||||
ops_teardown_file_write(cinfo,fd) ;
|
||||
|
||||
// 5 - copy the public key to the public keyring
|
||||
|
||||
ops_memory_t *buf2 = NULL ;
|
||||
ops_setup_memory_write(&cinfo, &buf2, 0);
|
||||
|
||||
if(!ops_write_transferable_public_key(key, ops_false, cinfo))
|
||||
{
|
||||
std::cerr << "(EE) Cannot encode secret key to memory!!" << std::endl;
|
||||
return false ;
|
||||
}
|
||||
|
||||
ops_keyring_t *tmp_pubring = allocateOPSKeyring() ;
|
||||
if(! ops_keyring_read_from_mem(tmp_pubring, ops_false, buf))
|
||||
if(! ops_keyring_read_from_mem(tmp_pubring, ops_false, buf2))
|
||||
{
|
||||
std::cerr << "(EE) Cannot re-read key from memory!!" << std::endl;
|
||||
return false ;
|
||||
}
|
||||
ops_teardown_memory_write(cinfo,buf); // cleanup memory
|
||||
ops_teardown_memory_write(cinfo,buf2); // cleanup memory
|
||||
|
||||
addNewKeyToOPSKeyring(_pubring,tmp_pubring->keys[0]) ;
|
||||
initCertificateInfo(_public_keyring_map[ pgpId.toStdString() ],&tmp_pubring->keys[0],_pubring->nkeys-1) ;
|
||||
|
||||
ops_keyring_free(tmp_pubring) ;
|
||||
free(tmp_pubring) ;
|
||||
#ifdef DEBUG_PGPHANDLER
|
||||
std::cerr << "Added new public key with id " << pgpId.toStdString() << " to public keyring." << std::endl;
|
||||
#endif
|
||||
@ -377,7 +402,7 @@ bool PGPHandler::GeneratePGPCertificate(const std::string& name, const std::stri
|
||||
// 7 - Update flags.
|
||||
|
||||
_pubring_changed = true ;
|
||||
_secring_changed = true ;
|
||||
//_secring_changed = true ;
|
||||
|
||||
return true ;
|
||||
}
|
||||
@ -904,7 +929,7 @@ bool PGPHandler::syncDatabase()
|
||||
std::cerr << "Sync-ing keyrings." << std::endl;
|
||||
#endif
|
||||
locked_syncPublicKeyring() ;
|
||||
locked_syncSecretKeyring() ;
|
||||
//locked_syncSecretKeyring() ;
|
||||
|
||||
// Now sync the trust database as well.
|
||||
//
|
||||
@ -952,6 +977,7 @@ bool PGPHandler::locked_syncPublicKeyring()
|
||||
return true ;
|
||||
}
|
||||
|
||||
#ifdef TO_BE_REMOVED
|
||||
bool PGPHandler::locked_syncSecretKeyring()
|
||||
{
|
||||
struct stat64 buf ;
|
||||
@ -977,6 +1003,11 @@ bool PGPHandler::locked_syncSecretKeyring()
|
||||
if(_secring_changed)
|
||||
{
|
||||
std::cerr << "Local changes in secret keyring. Writing to disk..." << std::endl;
|
||||
|
||||
fd=ops_setup_file_append(&cinfo, secring_name);
|
||||
ops_write_transferable_secret_key(keydata, passphrase, pplen, ARMOUR_NO, cinfo);
|
||||
ops_teardown_file_write(cinfo,fd)
|
||||
|
||||
if(!ops_write_keyring_to_file(_secring,ops_false,_secring_path.c_str()))
|
||||
{
|
||||
std::cerr << "Cannot write secret keyring. Disk full? Disk quota exceeded?" << std::endl;
|
||||
@ -991,6 +1022,8 @@ bool PGPHandler::locked_syncSecretKeyring()
|
||||
}
|
||||
return true ;
|
||||
}
|
||||
#endif
|
||||
|
||||
bool PGPHandler::locked_syncTrustDatabase()
|
||||
{
|
||||
struct stat64 buf ;
|
||||
|
||||
@ -93,8 +93,6 @@ class PGPHandler
|
||||
bool privateTrustCertificate(const PGPIdType& id,int valid_level) ;
|
||||
|
||||
// Write keyring
|
||||
bool publicKeyringChanged() const { return _pubring_changed ; }
|
||||
bool secretKeyringChanged() const { return _secring_changed ; }
|
||||
|
||||
bool writeSecretKeyring() ;
|
||||
bool writePublicKeyring() ;
|
||||
@ -131,8 +129,8 @@ class PGPHandler
|
||||
bool locked_writePrivateTrustDatabase() ;
|
||||
|
||||
bool locked_syncPublicKeyring() ;
|
||||
bool locked_syncSecretKeyring() ;
|
||||
bool locked_syncTrustDatabase() ;
|
||||
//bool locked_syncSecretKeyring() ;
|
||||
|
||||
void mergeKeyringFromDisk(ops_keyring_t *keyring, std::map<std::string,PGPCertificateInfo>& kmap, const std::string& keyring_file) ;
|
||||
bool addOrMergeKey(ops_keyring_t *keyring,std::map<std::string,PGPCertificateInfo>& kmap,const ops_keydata_t *keydata) ;
|
||||
@ -153,8 +151,8 @@ class PGPHandler
|
||||
const std::string _pgp_lock_filename ;
|
||||
|
||||
bool _pubring_changed ;
|
||||
bool _secring_changed ;
|
||||
bool _trustdb_changed ;
|
||||
//bool _secring_changed ;
|
||||
|
||||
time_t _pubring_last_update_time ;
|
||||
time_t _secring_last_update_time ;
|
||||
|
||||
@ -221,7 +221,7 @@ int ops_setup_file_append(ops_create_info_t **cinfo, const char* filename)
|
||||
* initialise needed structures for writing to file
|
||||
*/
|
||||
|
||||
fd=open(filename,O_WRONLY | O_APPEND | O_BINARY, 0600);
|
||||
fd=open(filename,O_WRONLY | O_APPEND | O_BINARY | O_CREAT, 0600);
|
||||
|
||||
if(fd < 0)
|
||||
{
|
||||
|
||||
Loading…
Reference in New Issue
Block a user