diff --git a/libretroshare/src/pgp/pgphandler.cc b/libretroshare/src/pgp/pgphandler.cc index 327f794ec..7471ddc62 100644 --- a/libretroshare/src/pgp/pgphandler.cc +++ b/libretroshare/src/pgp/pgphandler.cc @@ -188,13 +188,22 @@ void PGPHandler::initCertificateInfo(PGPCertificateInfo& cert,const ops_keydata_ cert._key_index = index ; cert._flags = 0 ; + switch(keydata->key.pkey.algorithm) + { + case OPS_PKA_RSA: cert._type = PGPCertificateInfo::PGP_CERTIFICATE_TYPE_RSA ; + break ; + case OPS_PKA_DSA: cert._type = PGPCertificateInfo::PGP_CERTIFICATE_TYPE_DSA ; + cert._flags |= PGPCertificateInfo::PGP_CERTIFICATE_FLAG_UNSUPPORTED_ALGORITHM ; + break ; + default: cert._type = PGPCertificateInfo::PGP_CERTIFICATE_TYPE_UNKNOWN ; + cert._flags |= PGPCertificateInfo::PGP_CERTIFICATE_FLAG_UNSUPPORTED_ALGORITHM ; + break ; + } + ops_fingerprint_t f ; ops_fingerprint(&f,&keydata->key.pkey) ; cert._fpr = PGPFingerprintType(f.fingerprint) ; - - if(keydata->key.pkey.algorithm != OPS_PKA_RSA) - cert._flags |= PGPCertificateInfo::PGP_CERTIFICATE_FLAG_UNSUPPORTED_ALGORITHM ; } bool PGPHandler::validateAndUpdateSignatures(PGPCertificateInfo& cert,const ops_keydata_t *keydata) diff --git a/libretroshare/src/pgp/pgphandler.h b/libretroshare/src/pgp/pgphandler.h index 2b2937053..c59c0b44e 100644 --- a/libretroshare/src/pgp/pgphandler.h +++ b/libretroshare/src/pgp/pgphandler.h @@ -38,6 +38,7 @@ class PGPCertificateInfo uint32_t _trustLvl; uint32_t _validLvl; uint32_t _flags ; + uint32_t _type ; PGPFingerprintType _fpr; /* fingerprint */ PGPIdType _key_id ; @@ -54,6 +55,10 @@ class PGPCertificateInfo static const uint8_t PGP_CERTIFICATE_TRUST_MARGINALLY = 0x03 ; static const uint8_t PGP_CERTIFICATE_TRUST_FULLY = 0x04 ; static const uint8_t PGP_CERTIFICATE_TRUST_ULTIMATE = 0x05 ; + + static const uint8_t PGP_CERTIFICATE_TYPE_UNKNOWN = 0x00 ; + static const uint8_t PGP_CERTIFICATE_TYPE_DSA = 0x01 ; + static const uint8_t PGP_CERTIFICATE_TYPE_RSA = 0x02 ; }; class PGPHandler diff --git a/libretroshare/src/tests/pgp/test_pgp_handler.cc b/libretroshare/src/tests/pgp/test_pgp_handler.cc index 96a4037c8..cecfa0461 100644 --- a/libretroshare/src/tests/pgp/test_pgp_handler.cc +++ b/libretroshare/src/tests/pgp/test_pgp_handler.cc @@ -3,6 +3,7 @@ #include #include #include +#include "argstream.h" static std::string passphrase_callback(void *data,const char *uid_info,const char *what,int prev_was_bad) { @@ -15,7 +16,7 @@ static std::string stringFromBytes(unsigned char *bytes,size_t len) std::string res ; - for(int j = 0; j < len; j++) + for(uint32_t j = 0; j < len; j++) { res += out[ (bytes[j]>>4) ] ; res += out[ bytes[j] & 0xf ] ; @@ -24,131 +25,251 @@ static std::string stringFromBytes(unsigned char *bytes,size_t len) return res ; } +static std::string askForKeyId(PGPHandler& pgph) +{ + // 0 - print keys and key types + + std::list lst ; + pgph.availableGPGCertificatesWithPrivateKeys(lst) ; + + std::cerr << lst.size() << " available key pairs: " << std::endl; + int i=0 ; + + for(std::list::const_iterator it(lst.begin());it!=lst.end();++it,++i) + { + std::cerr << "(" << i << ") ID=" << (*it).toStdString() << ", type = " ; + + const PGPCertificateInfo *cert = pgph.getCertificateInfo(*it) ; + + switch(cert->_type) + { + case PGPCertificateInfo::PGP_CERTIFICATE_TYPE_DSA: std::cerr << "DSA" << std::endl; + break ; + case PGPCertificateInfo::PGP_CERTIFICATE_TYPE_RSA: std::cerr << "RSA" << std::endl; + break ; + default: std::cerr << "Unknown" << std::endl; + } + } + + if(i == 0) + throw std::runtime_error("No key pair available in supplied keyring.") ; + + // 1 - ask for which key to use. + + int num = -1 ; + + while(true) + { + std::cerr << "Please enter selected key number (0 - " << i-1 << ") : " ; + std::cerr.flush() ; + + char buf[10]; + fgets(buf,10,stdin) ; + + if(sscanf(buf,"%d",&num) == 1 && num >= 0 && num < i) + break ; + } + + // 2 - return the id string. + + std::list::const_iterator it(lst.begin()) ; + for(int i=0;i> option('1',"pgptype",test_pgpid_type,"Test pgp ID type") + >> option('2',"keyring-read",test_keyring_read,"Test keyring read") + >> option('3',"file-encryption",test_file_encryption,"Test file encryption. Needs -f, -i, -p and -s") + >> option('4',"keygen",test_gen_key,"Test key generation.") + >> option('5',"signature",test_signature,"Test signature.") + >> option('6',"output",test_output,"Test output.") + >> parameter('f',"file",file_to_encrypt,"File to encrypt. Used with -3",false) + >> parameter('p',"pubring",pubring_file,"Public keyring file.",false) + >> parameter('s',"secring",secring_file,"Secret keyring file.",false) + >> parameter('i',"keyid",key_id_string,"Key id to use. If not supplied, will be asked.",false) + >> help() ; + + as.defaultErrorHandling() ; + + if(test_pgpid_type + test_keyring_read + test_file_encryption + test_gen_key + test_signature + test_output != 1) + { + std::cerr << "Options 1 to 6 are mutually exclusive." << std::endl; + return 1; + } + if(test_pgpid_type) + { + // test pgp ids. + // + PGPIdType id = PGPIdType(std::string("3e5b22140ef56abb")) ; + + //std::cerr << "Id is : " << std::hex << id.toUInt64() << std::endl; + std::cerr << "Id st : " << id.toStdString() << std::endl; + return 0 ; + } // test PGPHandler // // 0 - init - static const std::string pubring = "pubring.gpg" ; - static const std::string secring = "secring.gpg" ; + std::string pubring = pubring_file.empty()?"pubring.gpg":pubring_file ; + std::string secring = secring_file.empty()?"secring.gpg":secring_file ; + static const std::string trustdb = "trustdb.gpg" ; static const std::string lockfile = "lock" ; PGPHandler::setPassphraseCallback(&passphrase_callback) ; PGPHandler pgph(pubring,secring,trustdb,lockfile) ; -// std::cerr << "Writing public keyring to file tmp_keyring.asc" << std::endl; -// pgph.writePublicKeyring("tmp_keyring.asc") ; + if(test_keyring_read) + { + pgph.printKeys() ; - pgph.printKeys() ; + std::cerr << std::endl ; + std::cerr << std::endl ; - std::cerr << std::endl ; - std::cerr << std::endl ; + std::cerr << "Looking for keys with complete secret/public key pair: " << std::endl; - std::cerr << "Looking for keys with complete secret/public key pair: " << std::endl; + std::list lst ; + pgph.availableGPGCertificatesWithPrivateKeys(lst) ; - std::list lst ; - pgph.availableGPGCertificatesWithPrivateKeys(lst) ; + for(std::list::const_iterator it(lst.begin());it!=lst.end();++it) + std::cerr << "Found id : " << (*it).toStdString() << std::endl; + return 0 ; + } - for(std::list::const_iterator it(lst.begin());it!=lst.end();++it) - std::cerr << "Found id : " << (*it).toStdString() << std::endl; + if(test_gen_key) + { + std::string email_str("test@gmail.com") ; + std::string name_str("test") ; + std::string passw_str("test00") ; - std::string email_str("test@gmail.com") ; - std::string name_str("test") ; - std::string passw_str("test00") ; + std::cerr << "Now generating a new PGP certificate: " << std::endl; + std::cerr << " email: " << email_str << std::endl; + std::cerr << " passw: " << passw_str << std::endl; + std::cerr << " name : " << name_str << std::endl; - std::cerr << "Now generating a new PGP certificate: " << std::endl; - std::cerr << " email: " << email_str << std::endl; - std::cerr << " passw: " << passw_str << std::endl; - std::cerr << " name : " << name_str << std::endl; + PGPIdType newid ; + std::string errString ; - PGPIdType newid ; - std::string errString ; + if(!pgph.GeneratePGPCertificate(name_str, email_str, passw_str, newid, errString)) + std::cerr << "Generation of certificate returned error: " << errString << std::endl; + else + std::cerr << "Certificate generation success. New id = " << newid.toStdString() << std::endl; + return 0 ; + } - if(!pgph.GeneratePGPCertificate(name_str, email_str, passw_str, newid, errString)) - std::cerr << "Generation of certificate returned error: " << errString << std::endl; - else - std::cerr << "Certificate generation success. New id = " << newid.toStdString() << std::endl; + if(test_output) + { + PGPIdType id2( (key_id_string.empty())?askForKeyId(pgph):key_id_string) ; - PGPIdType id2 = PGPIdType(std::string("618E54CF7670FF5E")) ; - std::cerr << "Now extracting key " << id2.toStdString() << " from keyring:" << std::endl ; - std::string cert = pgph.SaveCertificateToString(id2,false) ; + std::cerr << "Now extracting key " << id2.toStdString() << " from keyring:" << std::endl ; + std::string cert = pgph.SaveCertificateToString(id2,false) ; - std::cerr << "Now, trying to re-read this cert from the string:" << std::endl; + std::cerr << "Now, trying to re-read this cert from the string:" << std::endl; - PGPIdType id3 ; - std::string error_string ; - pgph.LoadCertificateFromString(cert,id3,error_string) ; + PGPIdType id3 ; + std::string error_string ; + pgph.LoadCertificateFromString(cert,id3,error_string) ; - std::cerr << "Loaded cert id: " << id3.toStdString() << ", Error string=\"" << error_string << "\"" << std::endl; + std::cerr << "Loaded cert id: " << id3.toStdString() << ", Error string=\"" << error_string << "\"" << std::endl; - std::cerr << cert << std::endl; + std::cerr << cert << std::endl; + return 0 ; + } - std::cerr << "Testing password callback: " << std::endl; + if(test_passphrase_callback) + { + std::cerr << "Testing password callback: " << std::endl; + std::string newid = "XXXXXXXXXXXXXXXX" ; + std::string pass = passphrase_callback(NULL,newid.c_str(),"Please enter password: ",false) ; + std::cerr << "Password = \"" << pass << "\"" << std::endl; + return 0 ; + } - std::string pass = passphrase_callback(NULL,newid.toStdString().c_str(),"Please enter password: ",false) ; + if(test_signature) + { + if(key_id_string.empty()) + key_id_string = askForKeyId(pgph) ; - std::cerr << "Password = \"" << pass << "\"" << std::endl; + PGPIdType key_id(key_id_string) ; + std::cerr << "Testing signature with keypair " << key_id_string << std::endl; - std::cerr << "Testing signature with keypair " << newid.toStdString() << std::endl; + static const size_t BUFF_LEN = 25 ; + unsigned char *test_bin = new unsigned char[BUFF_LEN] ; + for(size_t i=0;i