From 9a07328ac2b5514623351fb475f757582757ab97 Mon Sep 17 00:00:00 2001 From: csoler Date: Sun, 1 Jul 2012 21:40:44 +0000 Subject: [PATCH] fixed output/syncing of secret keyring git-svn-id: http://svn.code.sf.net/p/retroshare/code/branches/v0.5-OpenPGP@5265 b45a01b8-16f6-495d-af2f-9b41ad6348cc --- libretroshare/src/pgp/pgphandler.cc | 59 ++++++++++++++++++------ libretroshare/src/pgp/pgphandler.h | 6 +-- openpgpsdk/src/openpgpsdk/readerwriter.c | 2 +- 3 files changed, 49 insertions(+), 18 deletions(-) diff --git a/libretroshare/src/pgp/pgphandler.cc b/libretroshare/src/pgp/pgphandler.cc index c4e28319a..bde89414b 100644 --- a/libretroshare/src/pgp/pgphandler.cc +++ b/libretroshare/src/pgp/pgphandler.cc @@ -80,8 +80,8 @@ PGPHandler::PGPHandler(const std::string& pubring, const std::string& secring,co : pgphandlerMtx(std::string("PGPHandler")), _pubring_path(pubring),_secring_path(secring),_trustdb_path(trustdb),_pgp_lock_filename(pgp_lock_filename) { _pubring_changed = false ; - _secring_changed = false ; _trustdb_changed = false ; + //_secring_changed = false ; RsStackFileLock flck(_pgp_lock_filename) ; // lock access to PGP directory. @@ -312,7 +312,7 @@ bool PGPHandler::GeneratePGPCertificate(const std::string& name, const std::stri ops_user_id_t uid ; char *s = strdup((name + " " + email + " (Generated by RetroShare)").c_str()) ; uid.user_id = (unsigned char *)s ; - unsigned long int e = 17 ; // some prime number + unsigned long int e = 65537 ; // some prime number ops_keydata_t *key = ops_rsa_create_selfsigned_keypair(KEY_NUMBITS,e,&uid) ; @@ -321,17 +321,22 @@ bool PGPHandler::GeneratePGPCertificate(const std::string& name, const std::stri if(!key) return false ; - // 2 - save the private key encrypted to a temporary memory buffer + // 2 - save the private key encrypted to a temporary memory buffer, so as to read an encrypted key to memory ops_create_info_t *cinfo = NULL ; ops_memory_t *buf = NULL ; ops_setup_memory_write(&cinfo, &buf, 0); - ops_write_transferable_secret_key(key,(unsigned char *)passphrase.c_str(),passphrase.length(),ops_false,cinfo); + if(!ops_write_transferable_secret_key(key,(unsigned char *)passphrase.c_str(),passphrase.length(),ops_false,cinfo)) + { + std::cerr << "(EE) Cannot encode secret key to memory!!" << std::endl; + return false ; + } - // 3 - read the file into a keyring + // 3 - read the memory chunk into an encrypted keyring ops_keyring_t *tmp_secring = allocateOPSKeyring() ; + if(! ops_keyring_read_from_mem(tmp_secring, ops_false, buf)) { std::cerr << "(EE) Cannot re-read key from memory!!" << std::endl; @@ -339,7 +344,7 @@ bool PGPHandler::GeneratePGPCertificate(const std::string& name, const std::stri } ops_teardown_memory_write(cinfo,buf); // cleanup memory - // 4 - copy the private key to the private keyring + // 4 - copy the encrypted private key to the private keyring pgpId = PGPIdType(tmp_secring->keys[0].key_id) ; addNewKeyToOPSKeyring(_secring,tmp_secring->keys[0]) ; @@ -351,22 +356,42 @@ bool PGPHandler::GeneratePGPCertificate(const std::string& name, const std::stri ops_keyring_free(tmp_secring) ; free(tmp_secring) ; - // 5 - copy the private key to the public keyring + // 3 - add key to secret keyring on disk. - ops_setup_memory_write(&cinfo, &buf, 0); - ops_write_transferable_public_key(key, ops_false, cinfo); + cinfo = NULL ; + int fd=ops_setup_file_append(&cinfo, _secring_path.c_str()); + + if(!ops_write_transferable_secret_key(key,(unsigned char *)passphrase.c_str(),passphrase.length(),ops_false,cinfo)) + { + std::cerr << "(EE) Cannot encode secret key to disk!! Disk full? Out of disk quota?" << std::endl; + return false ; + } + ops_teardown_file_write(cinfo,fd) ; + + // 5 - copy the public key to the public keyring + + ops_memory_t *buf2 = NULL ; + ops_setup_memory_write(&cinfo, &buf2, 0); + + if(!ops_write_transferable_public_key(key, ops_false, cinfo)) + { + std::cerr << "(EE) Cannot encode secret key to memory!!" << std::endl; + return false ; + } ops_keyring_t *tmp_pubring = allocateOPSKeyring() ; - if(! ops_keyring_read_from_mem(tmp_pubring, ops_false, buf)) + if(! ops_keyring_read_from_mem(tmp_pubring, ops_false, buf2)) { std::cerr << "(EE) Cannot re-read key from memory!!" << std::endl; return false ; } - ops_teardown_memory_write(cinfo,buf); // cleanup memory + ops_teardown_memory_write(cinfo,buf2); // cleanup memory addNewKeyToOPSKeyring(_pubring,tmp_pubring->keys[0]) ; initCertificateInfo(_public_keyring_map[ pgpId.toStdString() ],&tmp_pubring->keys[0],_pubring->nkeys-1) ; + ops_keyring_free(tmp_pubring) ; + free(tmp_pubring) ; #ifdef DEBUG_PGPHANDLER std::cerr << "Added new public key with id " << pgpId.toStdString() << " to public keyring." << std::endl; #endif @@ -377,7 +402,7 @@ bool PGPHandler::GeneratePGPCertificate(const std::string& name, const std::stri // 7 - Update flags. _pubring_changed = true ; - _secring_changed = true ; + //_secring_changed = true ; return true ; } @@ -904,7 +929,7 @@ bool PGPHandler::syncDatabase() std::cerr << "Sync-ing keyrings." << std::endl; #endif locked_syncPublicKeyring() ; - locked_syncSecretKeyring() ; + //locked_syncSecretKeyring() ; // Now sync the trust database as well. // @@ -952,6 +977,7 @@ bool PGPHandler::locked_syncPublicKeyring() return true ; } +#ifdef TO_BE_REMOVED bool PGPHandler::locked_syncSecretKeyring() { struct stat64 buf ; @@ -977,6 +1003,11 @@ bool PGPHandler::locked_syncSecretKeyring() if(_secring_changed) { std::cerr << "Local changes in secret keyring. Writing to disk..." << std::endl; + + fd=ops_setup_file_append(&cinfo, secring_name); + ops_write_transferable_secret_key(keydata, passphrase, pplen, ARMOUR_NO, cinfo); + ops_teardown_file_write(cinfo,fd) + if(!ops_write_keyring_to_file(_secring,ops_false,_secring_path.c_str())) { std::cerr << "Cannot write secret keyring. Disk full? Disk quota exceeded?" << std::endl; @@ -991,6 +1022,8 @@ bool PGPHandler::locked_syncSecretKeyring() } return true ; } +#endif + bool PGPHandler::locked_syncTrustDatabase() { struct stat64 buf ; diff --git a/libretroshare/src/pgp/pgphandler.h b/libretroshare/src/pgp/pgphandler.h index acefb73fc..6aa592207 100644 --- a/libretroshare/src/pgp/pgphandler.h +++ b/libretroshare/src/pgp/pgphandler.h @@ -93,8 +93,6 @@ class PGPHandler bool privateTrustCertificate(const PGPIdType& id,int valid_level) ; // Write keyring - bool publicKeyringChanged() const { return _pubring_changed ; } - bool secretKeyringChanged() const { return _secring_changed ; } bool writeSecretKeyring() ; bool writePublicKeyring() ; @@ -131,8 +129,8 @@ class PGPHandler bool locked_writePrivateTrustDatabase() ; bool locked_syncPublicKeyring() ; - bool locked_syncSecretKeyring() ; bool locked_syncTrustDatabase() ; + //bool locked_syncSecretKeyring() ; void mergeKeyringFromDisk(ops_keyring_t *keyring, std::map& kmap, const std::string& keyring_file) ; bool addOrMergeKey(ops_keyring_t *keyring,std::map& kmap,const ops_keydata_t *keydata) ; @@ -153,8 +151,8 @@ class PGPHandler const std::string _pgp_lock_filename ; bool _pubring_changed ; - bool _secring_changed ; bool _trustdb_changed ; + //bool _secring_changed ; time_t _pubring_last_update_time ; time_t _secring_last_update_time ; diff --git a/openpgpsdk/src/openpgpsdk/readerwriter.c b/openpgpsdk/src/openpgpsdk/readerwriter.c index 1ecca7150..f29341cc7 100644 --- a/openpgpsdk/src/openpgpsdk/readerwriter.c +++ b/openpgpsdk/src/openpgpsdk/readerwriter.c @@ -221,7 +221,7 @@ int ops_setup_file_append(ops_create_info_t **cinfo, const char* filename) * initialise needed structures for writing to file */ - fd=open(filename,O_WRONLY | O_APPEND | O_BINARY, 0600); + fd=open(filename,O_WRONLY | O_APPEND | O_BINARY | O_CREAT, 0600); if(fd < 0) {