From 4db6ac92e77a977c330ad3263db940d79217d90a Mon Sep 17 00:00:00 2001 From: csoler Date: Wed, 11 Aug 2021 16:01:45 +0200 Subject: [PATCH 01/10] initial split of PHPHandler into two classes --- libretroshare/src/libretroshare.pro | 2 + libretroshare/src/pgp/pgphandler.cc | 1742 --------------------------- libretroshare/src/pgp/pgphandler.h | 183 ++- libretroshare/src/pqi/authgpg.cc | 2 +- libretroshare/src/pqi/authgpg.h | 6 +- 5 files changed, 84 insertions(+), 1851 deletions(-) diff --git a/libretroshare/src/libretroshare.pro b/libretroshare/src/libretroshare.pro index 84d18944e..89d9e5d9a 100644 --- a/libretroshare/src/libretroshare.pro +++ b/libretroshare/src/libretroshare.pro @@ -364,6 +364,7 @@ HEADERS += chat/distantchat.h \ HEADERS += pqi/authssl.h \ pqi/authgpg.h \ pgp/pgphandler.h \ + pgp/openpgpsdkhandler.h \ pgp/pgpkeyutil.h \ pgp/rscertificate.h \ pgp/pgpauxutils.h \ @@ -538,6 +539,7 @@ SOURCES += chat/distantchat.cc \ SOURCES += pqi/authgpg.cc \ pqi/authssl.cc \ pgp/pgphandler.cc \ + pgp/openpgpsdkhandler.cc \ pgp/pgpkeyutil.cc \ pgp/rscertificate.cc \ pgp/pgpauxutils.cc \ diff --git a/libretroshare/src/pgp/pgphandler.cc b/libretroshare/src/pgp/pgphandler.cc index b1e96b00b..3a5eaf837 100644 --- a/libretroshare/src/pgp/pgphandler.cc +++ b/libretroshare/src/pgp/pgphandler.cc @@ -33,15 +33,6 @@ #include "util/rswin.h" #endif -extern "C" { -#include -#include -#include -#include -#include -#include -#include -} #include "pgphandler.h" #include "retroshare/rsiface.h" // For rsicontrol. #include "retroshare/rspeers.h" // For rsicontrol. @@ -59,56 +50,6 @@ static const uint32_t PGP_CERTIFICATE_LIMIT_MAX_PASSWD_SIZE = 1024 ; PassphraseCallback PGPHandler::_passphrase_callback = NULL ; -ops_keyring_t *PGPHandler::allocateOPSKeyring() -{ - ops_keyring_t *kr = (ops_keyring_t*)rs_malloc(sizeof(ops_keyring_t)) ; - - if(kr == NULL) - return NULL ; - - kr->nkeys = 0 ; - kr->nkeys_allocated = 0 ; - kr->keys = 0 ; - - return kr ; -} - -ops_parse_cb_return_t cb_get_passphrase(const ops_parser_content_t *content_,ops_parse_cb_info_t *cbinfo)// __attribute__((unused))) -{ - const ops_parser_content_union_t *content=&content_->content; - bool prev_was_bad = false ; - - switch(content_->tag) - { - case OPS_PARSER_CMD_GET_SK_PASSPHRASE_PREV_WAS_BAD: prev_was_bad = true ; - /* fallthrough */ - case OPS_PARSER_CMD_GET_SK_PASSPHRASE: - { - std::string passwd; - std::string uid_hint ; - - if(cbinfo->cryptinfo.keydata->nuids > 0) - uid_hint = std::string((const char *)cbinfo->cryptinfo.keydata->uids[0].user_id) ; - uid_hint += "(" + RsPgpId(cbinfo->cryptinfo.keydata->key_id).toStdString()+")" ; - - bool cancelled = false ; - passwd = PGPHandler::passphraseCallback()(NULL,"",uid_hint.c_str(),NULL,prev_was_bad,&cancelled) ; - - if(cancelled) - *(unsigned char *)cbinfo->arg = 1; - - *(content->secret_key_passphrase.passphrase)= (char *)ops_mallocz(passwd.length()+1) ; - memcpy(*(content->secret_key_passphrase.passphrase),passwd.c_str(),passwd.length()) ; - return OPS_KEEP_MEMORY; - } - break; - - default: - break; - } - - return OPS_RELEASE_MEMORY; -} void PGPHandler::setPassphraseCallback(PassphraseCallback cb) { _passphrase_callback = cb ; @@ -117,195 +58,10 @@ void PGPHandler::setPassphraseCallback(PassphraseCallback cb) PGPHandler::PGPHandler(const std::string& pubring, const std::string& secring,const std::string& trustdb,const std::string& pgp_lock_filename) : pgphandlerMtx(std::string("PGPHandler")), _pubring_path(pubring),_secring_path(secring),_trustdb_path(trustdb),_pgp_lock_filename(pgp_lock_filename) { - RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. - - _pubring_changed = false ; - _trustdb_changed = false ; - - RsStackFileLock flck(_pgp_lock_filename) ; // lock access to PGP directory. - - if(_passphrase_callback == NULL) - std::cerr << "WARNING: before created a PGPHandler, you need to init the passphrase callback using PGPHandler::setPassphraseCallback()" << std::endl; - - // Allocate public and secret keyrings. - // - _pubring = allocateOPSKeyring() ; - _secring = allocateOPSKeyring() ; - - // Check that the file exists. If not, create a void keyring. - - FILE *ftest ; - ftest = RsDirUtil::rs_fopen(pubring.c_str(),"rb") ; - bool pubring_exist = (ftest != NULL) ; - if(ftest != NULL) - fclose(ftest) ; - ftest = RsDirUtil::rs_fopen(secring.c_str(),"rb") ; - bool secring_exist = (ftest != NULL) ; - if(ftest != NULL) - fclose(ftest) ; - - // Read public and secret keyrings from supplied files. - // - if(pubring_exist) - { - if(ops_false == ops_keyring_read_from_file(_pubring, false, pubring.c_str())) - throw std::runtime_error("PGPHandler::readKeyRing(): cannot read pubring. File corrupted.") ; - } - else - std::cerr << "pubring file \"" << pubring << "\" not found. Creating a void keyring." << std::endl; - - const ops_keydata_t *keydata ; - int i=0 ; - while( (keydata = ops_keyring_get_key_by_index(_pubring,i)) != NULL ) - { - PGPCertificateInfo& cert(_public_keyring_map[ RsPgpId(keydata->key_id) ]) ; - - // Init all certificates. - - initCertificateInfo(cert,keydata,i) ; - - // Validate signatures. - - validateAndUpdateSignatures(cert,keydata) ; - - ++i ; - } - _pubring_last_update_time = time(NULL) ; - std::cerr << "Pubring read successfully." << std::endl; - - if(secring_exist) - { - if(ops_false == ops_keyring_read_from_file(_secring, false, secring.c_str())) - throw std::runtime_error("PGPHandler::readKeyRing(): cannot read secring. File corrupted.") ; - } - else - std::cerr << "secring file \"" << secring << "\" not found. Creating a void keyring." << std::endl; - - i=0 ; - while( (keydata = ops_keyring_get_key_by_index(_secring,i)) != NULL ) - { - initCertificateInfo(_secret_keyring_map[ RsPgpId(keydata->key_id) ],keydata,i) ; - ++i ; - } - _secring_last_update_time = time(NULL) ; - - std::cerr << "Secring read successfully." << std::endl; - - locked_readPrivateTrustDatabase() ; - _trustdb_last_update_time = time(NULL) ; -} - -void PGPHandler::initCertificateInfo(PGPCertificateInfo& cert,const ops_keydata_t *keydata,uint32_t index) -{ - // Parse certificate name - // - - if(keydata->uids != NULL) - { - std::string namestring( (char *)keydata->uids[0].user_id ) ; - - cert._name = "" ; - uint32_t i=0; - while(i < namestring.length() && namestring[i] != '(' && namestring[i] != '<') { cert._name += namestring[i] ; ++i ;} - - // trim right spaces - std::string::size_type found = cert._name.find_last_not_of(' '); - if (found != std::string::npos) - cert._name.erase(found + 1); - else - cert._name.clear(); // all whitespace - - std::string& next = (namestring[i] == '(')?cert._comment:cert._email ; - ++i ; - next = "" ; - while(i < namestring.length() && namestring[i] != ')' && namestring[i] != '>') { next += namestring[i] ; ++i ;} - - while(i < namestring.length() && namestring[i] != '(' && namestring[i] != '<') { next += namestring[i] ; ++i ;} - - if(i< namestring.length()) - { - std::string& next2 = (namestring[i] == '(')?cert._comment:cert._email ; - ++i ; - next2 = "" ; - while(i < namestring.length() && namestring[i] != ')' && namestring[i] != '>') { next2 += namestring[i] ; ++i ;} - } - } - - cert._trustLvl = 1 ; // to be setup accordingly - cert._validLvl = 1 ; // to be setup accordingly - cert._key_index = index ; - cert._flags = 0 ; - cert._time_stamp = 0 ;// "never" by default. Will be updated by trust database, and effective key usage. - - switch(keydata->key.pkey.algorithm) - { - case OPS_PKA_RSA: cert._type = PGPCertificateInfo::PGP_CERTIFICATE_TYPE_RSA ; - break ; - case OPS_PKA_DSA: cert._type = PGPCertificateInfo::PGP_CERTIFICATE_TYPE_DSA ; - cert._flags |= PGPCertificateInfo::PGP_CERTIFICATE_FLAG_UNSUPPORTED_ALGORITHM ; - break ; - default: cert._type = PGPCertificateInfo::PGP_CERTIFICATE_TYPE_UNKNOWN ; - cert._flags |= PGPCertificateInfo::PGP_CERTIFICATE_FLAG_UNSUPPORTED_ALGORITHM ; - break ; - } - - ops_fingerprint_t f ; - ops_fingerprint(&f,&keydata->key.pkey) ; - - cert._fpr = PGPFingerprintType(f.fingerprint) ; -} - -bool PGPHandler::validateAndUpdateSignatures(PGPCertificateInfo& cert,const ops_keydata_t *keydata) -{ - ops_validate_result_t* result=(ops_validate_result_t*)ops_mallocz(sizeof *result); - ops_boolean_t res = ops_validate_key_signatures(result,keydata,_pubring,cb_get_passphrase) ; - - if(res == ops_false) - { - static ops_boolean_t already = 0 ; - if(!already) - { - std::cerr << "(WW) Error in PGPHandler::validateAndUpdateSignatures(). Validation failed for at least some signatures." << std::endl; - already = 1 ; - } - } - - bool ret = false ; - - // Parse signers. - // - - if(result != NULL) - for(size_t i=0;ivalid_count;++i) - { - RsPgpId signer_id(result->valid_sigs[i].signer_id); - - if(cert.signers.find(signer_id) == cert.signers.end()) - { - cert.signers.insert(signer_id) ; - ret = true ; - } - } - - ops_validate_result_free(result) ; - - return ret ; } PGPHandler::~PGPHandler() { - RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. -#ifdef DEBUG_PGPHANDLER - std::cerr << "Freeing PGPHandler. Deleting keyrings." << std::endl; -#endif - - // no need to free the the _map_ elements. They will be freed by the following calls: - // - ops_keyring_free(_pubring) ; - ops_keyring_free(_secring) ; - - free(_pubring) ; - free(_secring) ; } bool PGPHandler::printKeys() const @@ -340,19 +96,9 @@ bool PGPHandler::printKeys() const std::cerr << std::endl ; } } - std::cerr << "Public keyring list from OPS:" << std::endl; - ops_keyring_list(_pubring) ; - return true ; } -bool PGPHandler::haveSecretKey(const RsPgpId& id) const -{ - RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. - - return locked_getSecretKey(id) != NULL ; -} - const PGPCertificateInfo *PGPHandler::getCertificateInfo(const RsPgpId& id) const { RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. @@ -365,1186 +111,6 @@ const PGPCertificateInfo *PGPHandler::getCertificateInfo(const RsPgpId& id) cons return NULL ; } -bool PGPHandler::availableGPGCertificatesWithPrivateKeys(std::list& ids) -{ - RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. - // go through secret keyring, and check that we have the pubkey as well. - // - - const ops_keydata_t *keydata = NULL ; - int i=0 ; - - while( (keydata = ops_keyring_get_key_by_index(_secring,i++)) != NULL ) - if(ops_keyring_find_key_by_id(_pubring,keydata->key_id) != NULL) // check that the key is in the pubring as well - { -#ifdef PGPHANDLER_DSA_SUPPORT - if(keydata->key.pkey.algorithm == OPS_PKA_RSA || keydata->key.pkey.algorithm == OPS_PKA_DSA) -#else - if(keydata->key.pkey.algorithm == OPS_PKA_RSA) -#endif - ids.push_back(RsPgpId(keydata->key_id)) ; -#ifdef DEBUG_PGPHANDLER - else - std::cerr << "Skipping keypair " << RsPgpId(keydata->key_id).toStdString() << ", unsupported algorithm: " << keydata->key.pkey.algorithm << std::endl; -#endif - } - - return true ; -} - -bool PGPHandler::GeneratePGPCertificate(const std::string& name, const std::string& email, const std::string& passphrase, RsPgpId& pgpId, const int keynumbits, std::string& errString) -{ - // Some basic checks - - if(!RsDiscSpace::checkForDiscSpace(RS_PGP_DIRECTORY)) - { - errString = std::string("(EE) low disc space in pgp directory. Can't write safely to keyring.") ; - return false ; - } - if(name.length() > PGP_CERTIFICATE_LIMIT_MAX_NAME_SIZE) - { - errString = std::string("(EE) name in certificate exceeds the maximum allowed name size") ; - return false ; - } - if(email.length() > PGP_CERTIFICATE_LIMIT_MAX_EMAIL_SIZE) - { - errString = std::string("(EE) email in certificate exceeds the maximum allowed email size") ; - return false ; - } - if(passphrase.length() > PGP_CERTIFICATE_LIMIT_MAX_PASSWD_SIZE) - { - errString = std::string("(EE) passphrase in certificate exceeds the maximum allowed passphrase size") ; - return false ; - } - if(keynumbits % 1024 != 0) - { - errString = std::string("(EE) RSA key length is not a multiple of 1024") ; - return false ; - } - - // Now the real thing - RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. - RsStackFileLock flck(_pgp_lock_filename) ; // lock access to PGP directory. - - // 1 - generate keypair - RSA-2048 - // - ops_user_id_t uid ; - char *s = strdup((name + " (Generated by RetroShare) <" + email + ">" ).c_str()) ; - uid.user_id = (unsigned char *)s ; - unsigned long int e = 65537 ; // some prime number - - ops_keydata_t *key = ops_rsa_create_selfsigned_keypair(keynumbits, e, &uid) ; - - free(s) ; - - if(!key) - return false ; - - // 2 - save the private key encrypted to a temporary memory buffer, so as to read an encrypted key to memory - - ops_create_info_t *cinfo = NULL ; - ops_memory_t *buf = NULL ; - ops_setup_memory_write(&cinfo, &buf, 0); - - if(!ops_write_transferable_secret_key(key,(unsigned char *)passphrase.c_str(),passphrase.length(),ops_false,cinfo)) - { - errString = std::string("(EE) Cannot encode secret key to memory!!") ; - return false ; - } - - // 3 - read the memory chunk into an encrypted keyring - - ops_keyring_t *tmp_secring = allocateOPSKeyring() ; - - if(! ops_keyring_read_from_mem(tmp_secring, ops_false, buf)) - { - errString = std::string("(EE) Cannot re-read key from memory!!") ; - return false ; - } - ops_teardown_memory_write(cinfo,buf); // cleanup memory - - // 4 - copy the encrypted private key to the private keyring - - pgpId = RsPgpId(tmp_secring->keys[0].key_id) ; - addNewKeyToOPSKeyring(_secring,tmp_secring->keys[0]) ; - initCertificateInfo(_secret_keyring_map[ pgpId ],&tmp_secring->keys[0],_secring->nkeys-1) ; - -#ifdef DEBUG_PGPHANDLER - std::cerr << "Added new secret key with id " << pgpId.toStdString() << " to secret keyring." << std::endl; -#endif - ops_keyring_free(tmp_secring) ; - free(tmp_secring) ; - - // 5 - add key to secret keyring on disk. - - cinfo = NULL ; - std::string secring_path_tmp = _secring_path + ".tmp" ; - - if(RsDirUtil::fileExists(_secring_path) && !RsDirUtil::copyFile(_secring_path,secring_path_tmp)) - { - errString= std::string("Cannot copy secret keyring !! Disk full? Out of disk quota?") ; - return false ; - } - int fd=ops_setup_file_append(&cinfo, secring_path_tmp.c_str()); - - if(!ops_write_transferable_secret_key(key,(unsigned char *)passphrase.c_str(),passphrase.length(),ops_false,cinfo)) - { - errString= std::string("Cannot encode secret key to disk!! Disk full? Out of disk quota?") ; - return false ; - } - ops_teardown_file_write(cinfo,fd) ; - - if(!RsDirUtil::renameFile(secring_path_tmp,_secring_path)) - { - errString= std::string("Cannot rename tmp secret key file ") + secring_path_tmp + " into " + _secring_path +". Disk error?" ; - return false ; - } - - // 6 - copy the public key to the public keyring on disk - - cinfo = NULL ; - std::string pubring_path_tmp = _pubring_path + ".tmp" ; - - if(RsDirUtil::fileExists(_pubring_path) && !RsDirUtil::copyFile(_pubring_path,pubring_path_tmp)) - { - errString= std::string("Cannot encode secret key to disk!! Disk full? Out of disk quota?") ; - return false ; - } - fd=ops_setup_file_append(&cinfo, pubring_path_tmp.c_str()); - - if(!ops_write_transferable_public_key(key, ops_false, cinfo)) - { - errString=std::string("Cannot encode secret key to memory!!") ; - return false ; - } - ops_teardown_file_write(cinfo,fd) ; - - if(!RsDirUtil::renameFile(pubring_path_tmp,_pubring_path)) - { - errString= std::string("Cannot rename tmp public key file ") + pubring_path_tmp + " into " + _pubring_path +". Disk error?" ; - return false ; - } - // 7 - clean - ops_keydata_free(key) ; - - // 8 - re-read the key from the public keyring, and add it to memory. - - _pubring_last_update_time = 0 ; // force update pubring from disk. - locked_syncPublicKeyring() ; - -#ifdef DEBUG_PGPHANDLER - std::cerr << "Added new public key with id " << pgpId.toStdString() << " to public keyring." << std::endl; -#endif - - // 9 - Update some flags. - - privateTrustCertificate(pgpId,PGPCertificateInfo::PGP_CERTIFICATE_TRUST_ULTIMATE) ; - - return true ; -} - -std::string PGPHandler::makeRadixEncodedPGPKey(const ops_keydata_t *key,bool include_signatures) -{ - ops_create_info_t* cinfo; - ops_memory_t *buf = NULL ; - ops_setup_memory_write(&cinfo, &buf, 0); - ops_boolean_t armoured = ops_true ; - - if(key->type == OPS_PTAG_CT_PUBLIC_KEY) - { - if(ops_write_transferable_public_key_from_packet_data(key,armoured,cinfo) != ops_true) - return "ERROR: This key cannot be processed by RetroShare because\nDSA certificates are not yet handled." ; - } - else if(key->type == OPS_PTAG_CT_ENCRYPTED_SECRET_KEY) - { - if(ops_write_transferable_secret_key_from_packet_data(key,armoured,cinfo) != ops_true) - return "ERROR: This key cannot be processed by RetroShare because\nDSA certificates are not yet handled." ; - } - else - { - ops_create_info_delete(cinfo); - std::cerr << "Unhandled key type " << key->type << std::endl; - return "ERROR: Cannot write key. Unhandled key type. " ; - } - - ops_writer_close(cinfo) ; - - std::string res((char *)ops_memory_get_data(buf),ops_memory_get_length(buf)) ; - ops_teardown_memory_write(cinfo,buf); - - if(!include_signatures) - { - std::string tmp ; - if(PGPKeyManagement::createMinimalKey(res,tmp) ) - res = tmp ; - } - - return res ; -} - -const ops_keydata_t *PGPHandler::locked_getSecretKey(const RsPgpId& id) const -{ - std::map::const_iterator res = _secret_keyring_map.find(id) ; - - if(res == _secret_keyring_map.end()) - return NULL ; - else - return ops_keyring_get_key_by_index(_secring,res->second._key_index) ; -} -const ops_keydata_t *PGPHandler::locked_getPublicKey(const RsPgpId& id,bool stamp_the_key) const -{ - std::map::const_iterator res = _public_keyring_map.find(id) ; - - if(res == _public_keyring_map.end()) - return NULL ; - else - { - if(stamp_the_key) // Should we stamp the key as used? - { - static rstime_t last_update_db_because_of_stamp = 0 ; - rstime_t now = time(NULL) ; - - res->second._time_stamp = now ; - - if(now > last_update_db_because_of_stamp + 3600) // only update database once every hour. No need to do it more often. - { - _trustdb_changed = true ; - last_update_db_because_of_stamp = now ; - } - } - return ops_keyring_get_key_by_index(_pubring,res->second._key_index) ; - } -} - -std::string PGPHandler::SaveCertificateToString(const RsPgpId& id,bool include_signatures) const -{ - RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. - const ops_keydata_t *key = locked_getPublicKey(id,false) ; - - if(key == NULL) - { - std::cerr << "Cannot output key " << id.toStdString() << ": not found in keyring." << std::endl; - return "" ; - } - - return makeRadixEncodedPGPKey(key,include_signatures) ; -} - -bool PGPHandler::exportPublicKey( - const RsPgpId& id, - unsigned char*& mem_block, size_t& mem_size, - bool armoured, bool include_signatures ) const -{ - mem_block = nullptr; mem_size = 0; // clear just in case - - if(armoured) - { - RsErr() << __PRETTY_FUNCTION__ << " should not be used with " - << "armoured=true, because there's a bug in the armoured export" - << " of OPS" << std::endl; - print_stacktrace(); - return false; - } - - RS_STACK_MUTEX(pgphandlerMtx); - const ops_keydata_t* key = locked_getPublicKey(id,false); - - if(!key) - { - RsErr() << __PRETTY_FUNCTION__ << " key id: " << id - << " not found in keyring." << std::endl; - return false; - } - - ops_create_info_t* cinfo; - ops_memory_t *buf = nullptr; - ops_setup_memory_write(&cinfo, &buf, 0); - - if(ops_write_transferable_public_key_from_packet_data( - key, armoured, cinfo ) != ops_true) - { - RsErr() << __PRETTY_FUNCTION__ << " This key id " << id - << " cannot be processed by RetroShare because DSA certificates" - << " support is not implemented yet." << std::endl; - return false; - } - - ops_writer_close(cinfo); - - mem_size = ops_memory_get_length(buf); - mem_block = reinterpret_cast(malloc(mem_size)); - memcpy(mem_block,ops_memory_get_data(buf),mem_size); - - ops_teardown_memory_write(cinfo,buf); - - if(!include_signatures) - { - size_t new_size; - PGPKeyManagement::findLengthOfMinimalKey(mem_block, mem_size, new_size); - mem_size = new_size; - } - - return true; -} - -bool PGPHandler::exportGPGKeyPair(const std::string& filename,const RsPgpId& exported_key_id) const -{ - RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. - - const ops_keydata_t *pubkey = locked_getPublicKey(exported_key_id,false) ; - - if(pubkey == NULL) - { - std::cerr << "Cannot output key " << exported_key_id.toStdString() << ": not found in public keyring." << std::endl; - return false ; - } - const ops_keydata_t *seckey = locked_getSecretKey(exported_key_id) ; - - if(seckey == NULL) - { - std::cerr << "Cannot output key " << exported_key_id.toStdString() << ": not found in secret keyring." << std::endl; - return false ; - } - - FILE *f = RsDirUtil::rs_fopen(filename.c_str(),"w") ; - if(f == NULL) - { - std::cerr << "Cannot output key " << exported_key_id.toStdString() << ": file " << filename << " cannot be written. Please check for permissions, quotas, disk space." << std::endl; - return false ; - } - - fprintf(f,"%s\n", makeRadixEncodedPGPKey(pubkey,true).c_str()) ; - fprintf(f,"%s\n", makeRadixEncodedPGPKey(seckey,true).c_str()) ; - - fclose(f) ; - return true ; -} - -bool PGPHandler::exportGPGKeyPairToString( - std::string& data, const RsPgpId& exportedKeyId, - bool includeSignatures, std::string& errorMsg ) const -{ - RS_STACK_MUTEX(pgphandlerMtx); - - const ops_keydata_t *pubkey = locked_getPublicKey(exportedKeyId,false); - - if(!pubkey) - { - errorMsg = "Cannot output key " + exportedKeyId.toStdString() + - ": not found in public keyring."; - return false; - } - const ops_keydata_t *seckey = locked_getSecretKey(exportedKeyId); - - if(!seckey) - { - errorMsg = "Cannot output key " + exportedKeyId.toStdString() + - ": not found in secret keyring."; - return false; - } - - data = makeRadixEncodedPGPKey(pubkey, includeSignatures); - data += "\n"; - data += makeRadixEncodedPGPKey(seckey, includeSignatures); - data += "\n"; - return true; -} - -bool PGPHandler::getGPGDetailsFromBinaryBlock(const unsigned char *mem_block,size_t mem_size,RsPgpId& key_id, std::string& name, std::list& signers) const -{ - ops_keyring_t *tmp_keyring = allocateOPSKeyring(); - ops_memory_t *mem = ops_memory_new() ; - ops_memory_add(mem,mem_block,mem_size); - - if(!ops_keyring_read_from_mem(tmp_keyring,ops_false,mem)) - { - ops_keyring_free(tmp_keyring) ; - free(tmp_keyring) ; - ops_memory_release(mem) ; - free(mem) ; - - std::cerr << "Could not read key. Format error?" << std::endl; - //error_string = std::string("Could not read key. Format error?") ; - return false ; - } - ops_memory_release(mem) ; - free(mem) ; - //error_string.clear() ; - - if(tmp_keyring->nkeys != 1) - { - std::cerr << "No or incomplete/invalid key in supplied pgp block." << std::endl; - return false ; - } - if(tmp_keyring->keys[0].uids == NULL) - { - std::cerr << "No uid in supplied key." << std::endl; - return false ; - } - - key_id = RsPgpId(tmp_keyring->keys[0].key_id) ; - name = std::string((char *)tmp_keyring->keys[0].uids[0].user_id) ; - - // now parse signatures. - // - ops_validate_result_t* result=(ops_validate_result_t*)ops_mallocz(sizeof *result); - ops_boolean_t res ; - - { - RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. - res = ops_validate_key_signatures(result,&tmp_keyring->keys[0],_pubring,cb_get_passphrase) ; - } - - if(res == ops_false) - std::cerr << "(WW) Error in PGPHandler::validateAndUpdateSignatures(). Validation failed for at least some signatures." << std::endl; - - // also add self-signature if any (there should be!). - // - res = ops_validate_key_signatures(result,&tmp_keyring->keys[0],tmp_keyring,cb_get_passphrase) ; - - if(res == ops_false) - std::cerr << "(WW) Error in PGPHandler::validateAndUpdateSignatures(). Validation failed for at least some signatures." << std::endl; - - // Parse signers. - // - - std::set signers_set ; // Use a set to remove duplicates. - - if(result != NULL) - for(size_t i=0;ivalid_count;++i) - signers_set.insert(RsPgpId(result->valid_sigs[i].signer_id)) ; - - ops_validate_result_free(result) ; - - ops_keyring_free(tmp_keyring) ; - free(tmp_keyring) ; - - // write to the output variable - - signers.clear() ; - - for(std::set::const_iterator it(signers_set.begin());it!=signers_set.end();++it) - signers.push_back(*it) ; - - return true ; -} - -bool PGPHandler::importGPGKeyPair(const std::string& filename,RsPgpId& imported_key_id,std::string& import_error) -{ - import_error = "" ; - - // 1 - Test for file existance - // - FILE *ftest = RsDirUtil::rs_fopen(filename.c_str(),"r") ; - - if(ftest == NULL) - { - import_error = "Cannot open file " + filename + " for read. Please check access permissions." ; - return false ; - } - - fclose(ftest) ; - - // 2 - Read keyring from supplied file. - // - ops_keyring_t *tmp_keyring = allocateOPSKeyring(); - - if(ops_false == ops_keyring_read_from_file(tmp_keyring, ops_true, filename.c_str())) - { - import_error = "PGPHandler::readKeyRing(): cannot read key file. File corrupted?" ; - free(tmp_keyring); - return false ; - } - - return checkAndImportKeyPair(tmp_keyring, imported_key_id, import_error); -} - -bool PGPHandler::importGPGKeyPairFromString(const std::string &data, RsPgpId &imported_key_id, std::string &import_error) -{ - import_error = "" ; - - ops_memory_t* mem = ops_memory_new(); - ops_memory_add(mem, (unsigned char*)data.data(), data.length()); - - ops_keyring_t *tmp_keyring = allocateOPSKeyring(); - - if(ops_false == ops_keyring_read_from_mem(tmp_keyring, ops_true, mem)) - { - import_error = "PGPHandler::importGPGKeyPairFromString(): cannot parse key data" ; - free(tmp_keyring); - return false ; - } - return checkAndImportKeyPair(tmp_keyring, imported_key_id, import_error); -} - -bool PGPHandler::checkAndImportKeyPair(ops_keyring_t *tmp_keyring, RsPgpId &imported_key_id, std::string &import_error) -{ - if(tmp_keyring == 0) - { - import_error = "PGPHandler::checkAndImportKey(): keyring is null" ; - return false; - } - - if(tmp_keyring->nkeys != 2) - { - import_error = "PGPHandler::importKeyPair(): file does not contain a valid keypair." ; - if(tmp_keyring->nkeys > 2) - import_error += "\nMake sure that your key is a RSA key (DSA is not yet supported) and does not contain subkeys (not supported yet)."; - return false ; - } - - // 3 - Test that keyring contains a valid keypair. - // - const ops_keydata_t *pubkey = NULL ; - const ops_keydata_t *seckey = NULL ; - - if(tmp_keyring->keys[0].type == OPS_PTAG_CT_PUBLIC_KEY) - pubkey = &tmp_keyring->keys[0] ; - else if(tmp_keyring->keys[0].type == OPS_PTAG_CT_ENCRYPTED_SECRET_KEY) - seckey = &tmp_keyring->keys[0] ; - else - { - import_error = "Unrecognised key type in key file for key #0. Giving up." ; - std::cerr << "Unrecognised key type " << tmp_keyring->keys[0].type << " in key file for key #0. Giving up." << std::endl; - return false ; - } - if(tmp_keyring->keys[1].type == OPS_PTAG_CT_PUBLIC_KEY) - pubkey = &tmp_keyring->keys[1] ; - else if(tmp_keyring->keys[1].type == OPS_PTAG_CT_ENCRYPTED_SECRET_KEY) - seckey = &tmp_keyring->keys[1] ; - else - { - import_error = "Unrecognised key type in key file for key #1. Giving up." ; - std::cerr << "Unrecognised key type " << tmp_keyring->keys[1].type << " in key file for key #1. Giving up." << std::endl; - return false ; - } - - if(pubkey == nullptr || seckey == nullptr || pubkey == seckey) - { - import_error = "File does not contain a public and a private key. Sorry." ; - return false ; - } - if(memcmp( pubkey->fingerprint.fingerprint, - seckey->fingerprint.fingerprint, - RsPgpFingerprint::SIZE_IN_BYTES ) != 0) - { - import_error = "Public and private keys do nt have the same fingerprint. Sorry!" ; - return false ; - } - if(pubkey->key.pkey.version != 4) - { - import_error = "Public key is not version 4. Rejected!" ; - return false ; - } - - // 4 - now check self-signature for this keypair. For this we build a dummy keyring containing only the key. - // - ops_validate_result_t *result=(ops_validate_result_t*)ops_mallocz(sizeof *result); - - ops_keyring_t dummy_keyring ; - dummy_keyring.nkeys=1 ; - dummy_keyring.nkeys_allocated=1 ; - dummy_keyring.keys=const_cast(pubkey) ; - - ops_validate_key_signatures(result, const_cast(pubkey), &dummy_keyring, cb_get_passphrase) ; - - // Check that signatures contain at least one certification from the user id. - // - bool found = false ; - - for(uint32_t i=0;ivalid_count;++i) - if(!memcmp( - static_cast(result->valid_sigs[i].signer_id), - pubkey->key_id, - RsPgpId::SIZE_IN_BYTES )) - { - found = true ; - break ; - } - - if(!found) - { - import_error = "Cannot validate self signature for the imported key. Sorry." ; - return false ; - } - ops_validate_result_free(result); - - if(!RsDiscSpace::checkForDiscSpace(RS_PGP_DIRECTORY)) - { - import_error = std::string("(EE) low disc space in pgp directory. Can't write safely to keyring.") ; - return false ; - } - // 5 - All test passed. Adding key to keyring. - // - { - RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. - - imported_key_id = RsPgpId(pubkey->key_id) ; - - if(locked_getSecretKey(imported_key_id) == NULL) - { - RsStackFileLock flck(_pgp_lock_filename) ; // lock access to PGP directory. - - ops_create_info_t *cinfo = NULL ; - - // Make a copy of the secret keyring - // - std::string secring_path_tmp = _secring_path + ".tmp" ; - if(RsDirUtil::fileExists(_secring_path) && !RsDirUtil::copyFile(_secring_path,secring_path_tmp)) - { - import_error = "(EE) Cannot write secret key to disk!! Disk full? Out of disk quota. Keyring will be left untouched." ; - return false ; - } - - // Append the new key - - int fd=ops_setup_file_append(&cinfo, secring_path_tmp.c_str()); - - if(!ops_write_transferable_secret_key_from_packet_data(seckey,ops_false,cinfo)) - { - import_error = "(EE) Cannot encode secret key to disk!! Disk full? Out of disk quota?" ; - return false ; - } - ops_teardown_file_write(cinfo,fd) ; - - // Rename the new keyring to overwrite the old one. - // - if(!RsDirUtil::renameFile(secring_path_tmp,_secring_path)) - { - import_error = " (EE) Cannot move temp file " + secring_path_tmp + ". Bad write permissions?" ; - return false ; - } - - addNewKeyToOPSKeyring(_secring,*seckey) ; - initCertificateInfo(_secret_keyring_map[ imported_key_id ],seckey,_secring->nkeys-1) ; - } - else - import_error = "Private key already exists! Not importing it again." ; - - if(locked_addOrMergeKey(_pubring,_public_keyring_map,pubkey)) - _pubring_changed = true ; - } - - // 6 - clean - // - ops_keyring_free(tmp_keyring) ; - free(tmp_keyring); - - // write public key to disk - syncDatabase(); - - return true ; -} - -void PGPHandler::addNewKeyToOPSKeyring(ops_keyring_t *kr,const ops_keydata_t& key) -{ - if(kr->nkeys >= kr->nkeys_allocated) - { - kr->keys = (ops_keydata_t *)realloc(kr->keys,(kr->nkeys+1)*sizeof(ops_keydata_t)) ; - kr->nkeys_allocated = kr->nkeys+1; - } - memset(&kr->keys[kr->nkeys],0,sizeof(ops_keydata_t)) ; - ops_keydata_copy(&kr->keys[kr->nkeys],&key) ; - kr->nkeys++ ; -} - -bool PGPHandler::LoadCertificateFromBinaryData(const unsigned char *data,uint32_t data_len,RsPgpId& id,std::string& error_string) -{ - return LoadCertificate(data,data_len,ops_false,id,error_string); -} - -bool PGPHandler::LoadCertificateFromString(const std::string& pgp_cert,RsPgpId& id,std::string& error_string) -{ - return LoadCertificate((unsigned char*)(pgp_cert.c_str()),pgp_cert.length(),ops_true,id,error_string); -} - -bool PGPHandler::LoadCertificate(const unsigned char *data,uint32_t data_len,bool armoured,RsPgpId& id,std::string& error_string) -{ - RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. -#ifdef DEBUG_PGPHANDLER - std::cerr << "Reading new key from string: " << std::endl; -#endif - - ops_keyring_t *tmp_keyring = allocateOPSKeyring(); - ops_memory_t *mem = ops_memory_new() ; - ops_memory_add(mem,data,data_len) ; - - if(!ops_keyring_read_from_mem(tmp_keyring,armoured,mem)) - { - ops_keyring_free(tmp_keyring) ; - free(tmp_keyring) ; - ops_memory_release(mem) ; - free(mem) ; - - std::cerr << "Could not read key. Format error?" << std::endl; - error_string = std::string("Could not read key. Format error?") ; - return false ; - } - ops_memory_release(mem) ; - free(mem) ; - error_string.clear() ; - - // Check that there is exactly one key in this data packet. - // - if(tmp_keyring->nkeys != 1) - { - std::cerr << "Loaded certificate contains more than one PGP key. This is not allowed." << std::endl; - error_string = "Loaded certificate contains more than one PGP key. This is not allowed." ; - return false ; - } - - const ops_keydata_t *keydata = ops_keyring_get_key_by_index(tmp_keyring,0); - - // Check that the key is a version 4 key - // - if(keydata->key.pkey.version != 4) - { - error_string = "Public key is not version 4. Rejected!" ; - std::cerr << "Received a key with unhandled version number (" << keydata->key.pkey.version << ")" << std::endl; - return false ; - } - - // Check that the key is correctly self-signed. - // - ops_validate_result_t* result=(ops_validate_result_t*)ops_mallocz(sizeof *result); - - ops_validate_key_signatures(result,keydata,tmp_keyring,cb_get_passphrase) ; - - bool found = false ; - - for(uint32_t i=0;ivalid_count;++i) - if(!memcmp( - static_cast(result->valid_sigs[i].signer_id), - keydata->key_id, - RsPgpId::SIZE_IN_BYTES )) - { - found = true ; - break ; - } - - if(!found) - { - error_string = "This key is not self-signed. This is required by Retroshare." ; - std::cerr << "This key is not self-signed. This is required by Retroshare." << std::endl; - ops_validate_result_free(result); - return false ; - } - ops_validate_result_free(result); - -#ifdef DEBUG_PGPHANDLER - std::cerr << " Key read correctly: " << std::endl; - ops_keyring_list(tmp_keyring) ; -#endif - - int i=0 ; - - while( (keydata = ops_keyring_get_key_by_index(tmp_keyring,i++)) != NULL ) - if(locked_addOrMergeKey(_pubring,_public_keyring_map,keydata)) - { - _pubring_changed = true ; -#ifdef DEBUG_PGPHANDLER - std::cerr << " Added the key in the main public keyring." << std::endl; -#endif - } - else - std::cerr << "Key already in public keyring." << std::endl; - - if(tmp_keyring->nkeys > 0) - id = RsPgpId(tmp_keyring->keys[0].key_id) ; - else - return false ; - - ops_keyring_free(tmp_keyring) ; - free(tmp_keyring) ; - - _pubring_changed = true ; - - return true ; -} - -bool PGPHandler::locked_addOrMergeKey(ops_keyring_t *keyring,std::map& kmap,const ops_keydata_t *keydata) -{ - bool ret = false ; - RsPgpId id(keydata->key_id) ; - -#ifdef DEBUG_PGPHANDLER - std::cerr << "AddOrMergeKey():" << std::endl; - std::cerr << " id: " << id.toStdString() << std::endl; -#endif - - // See if the key is already in the keyring - const ops_keydata_t *existing_key = NULL; - std::map::const_iterator res = kmap.find(id) ; - - // Checks that - // - the key is referenced by keyid - // - the map is initialized - // - the fingerprint matches! - // - if(res == kmap.end() || (existing_key = ops_keyring_get_key_by_index(keyring,res->second._key_index)) == NULL) - { -#ifdef DEBUG_PGPHANDLER - std::cerr << " Key is new. Adding it to keyring" << std::endl; -#endif - addNewKeyToOPSKeyring(keyring,*keydata) ; // the key is new. - initCertificateInfo(kmap[id],keydata,keyring->nkeys-1) ; - existing_key = &(keyring->keys[keyring->nkeys-1]) ; - ret = true ; - } - else - { - if(memcmp( existing_key->fingerprint.fingerprint, - keydata->fingerprint.fingerprint, - RsPgpFingerprint::SIZE_IN_BYTES )) - { - std::cerr << "(EE) attempt to merge key with identical id, but different fingerprint!" << std::endl; - return false ; - } - -#ifdef DEBUG_PGPHANDLER - std::cerr << " Key exists. Merging signatures." << std::endl; -#endif - ret = mergeKeySignatures(const_cast(existing_key),keydata) ; - - if(ret) - initCertificateInfo(kmap[id],existing_key,res->second._key_index) ; - } - - if(ret) - { - validateAndUpdateSignatures(kmap[id],existing_key) ; - kmap[id]._time_stamp = time(NULL) ; - } - - return ret ; -} - -bool PGPHandler::encryptTextToFile(const RsPgpId& key_id,const std::string& text,const std::string& outfile) -{ - RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. - - const ops_keydata_t *public_key = locked_getPublicKey(key_id,true) ; - - if(public_key == NULL) - { - std::cerr << "Cannot get public key of id " << key_id.toStdString() << std::endl; - return false ; - } - - if(public_key->type != OPS_PTAG_CT_PUBLIC_KEY) - { - std::cerr << "PGPHandler::encryptTextToFile(): ERROR: supplied id did not return a public key!" << std::endl; - return false ; - } - - std::string outfile_tmp = outfile + ".tmp" ; - - ops_create_info_t *info; - int fd = ops_setup_file_write(&info, outfile_tmp.c_str(), ops_true); - - if (fd < 0) - { - std::cerr << "PGPHandler::encryptTextToFile(): ERROR: Cannot write to " << outfile_tmp << std::endl; - return false ; - } - - if(!ops_encrypt_stream(info, public_key, NULL, ops_false, ops_true)) - { - std::cerr << "PGPHandler::encryptTextToFile(): ERROR: encryption failed." << std::endl; - return false ; - } - - ops_write(text.c_str(), text.length(), info); - ops_teardown_file_write(info, fd); - - if(!RsDirUtil::renameFile(outfile_tmp,outfile)) - { - std::cerr << "PGPHandler::encryptTextToFile(): ERROR: Cannot rename " + outfile_tmp + " to " + outfile + ". Disk error?" << std::endl; - return false ; - } - - return true ; -} - -bool PGPHandler::encryptDataBin(const RsPgpId& key_id,const void *data, const uint32_t len, unsigned char *encrypted_data, unsigned int *encrypted_data_len) -{ - RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. - - const ops_keydata_t *public_key = locked_getPublicKey(key_id,true) ; - - if(public_key == NULL) - { - std::cerr << "Cannot get public key of id " << key_id.toStdString() << std::endl; - return false ; - } - - if(public_key->type != OPS_PTAG_CT_PUBLIC_KEY) - { - std::cerr << "PGPHandler::encryptTextToFile(): ERROR: supplied id did not return a public key!" << std::endl; - return false ; - } - if(public_key->key.pkey.algorithm != OPS_PKA_RSA) - { - std::cerr << "PGPHandler::encryptTextToFile(): ERROR: supplied key id " << key_id.toStdString() << " is not an RSA key (DSA for instance, is not supported)!" << std::endl; - return false ; - } - ops_create_info_t *info; - ops_memory_t *buf = NULL ; - ops_setup_memory_write(&info, &buf, 0); - bool res = true; - - if(!ops_encrypt_stream(info, public_key, NULL, ops_false, ops_false)) - { - std::cerr << "Encryption failed." << std::endl; - res = false ; - } - - ops_write(data,len,info); - ops_writer_close(info); - ops_create_info_delete(info); - - int tlen = ops_memory_get_length(buf) ; - - if( (int)*encrypted_data_len >= tlen) - { - if(res) - { - memcpy(encrypted_data,ops_memory_get_data(buf),tlen) ; - *encrypted_data_len = tlen ; - res = true ; - } - } - else - { - std::cerr << "Not enough room to fit encrypted data. Size given=" << *encrypted_data_len << ", required=" << tlen << std::endl; - res = false ; - } - - ops_memory_release(buf) ; - free(buf) ; - - return res ; -} - -bool PGPHandler::decryptDataBin(const RsPgpId& /*key_id*/,const void *encrypted_data, const uint32_t encrypted_len, unsigned char *data, unsigned int *data_len) -{ - int out_length ; - unsigned char *out ; - ops_boolean_t res = ops_decrypt_memory((const unsigned char *)encrypted_data,encrypted_len,&out,&out_length,_secring,ops_false,cb_get_passphrase) ; - - if(*data_len < (unsigned int)out_length) - { - std::cerr << "Not enough room to store decrypted data! Please give more."<< std::endl; - return false ; - } - - *data_len = (unsigned int)out_length ; - memcpy(data,out,out_length) ; - free(out) ; - - return (bool)res ; -} - -bool PGPHandler::decryptTextFromFile(const RsPgpId&,std::string& text,const std::string& inputfile) -{ - RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. - - unsigned char *out_buf = NULL ; - std::string buf ; - - FILE *f = RsDirUtil::rs_fopen(inputfile.c_str(),"rb") ; - - if (f == NULL) - { - std::cerr << "Cannot open file " << inputfile << " for read." << std::endl; - return false; - } - - int c ; - while( (c = fgetc(f))!= EOF) - buf += (unsigned char)c; - - fclose(f) ; - -#ifdef DEBUG_PGPHANDLER - std::cerr << "PGPHandler::decryptTextFromFile: read a file of length " << std::dec << buf.length() << std::endl; - std::cerr << "buf=\"" << buf << "\"" << std::endl; -#endif - - int out_length ; - ops_boolean_t res = ops_decrypt_memory((const unsigned char *)buf.c_str(),buf.length(),&out_buf,&out_length,_secring,ops_true,cb_get_passphrase) ; - - text = std::string((char *)out_buf,out_length) ; - free (out_buf); - return (bool)res ; -} - -bool PGPHandler::SignDataBin(const RsPgpId& id,const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen,bool use_raw_signature, std::string reason /* = "" */) -{ - RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. - // need to find the key and to decrypt it. - - const ops_keydata_t *key = locked_getSecretKey(id) ; - - if(!key) - { - std::cerr << "Cannot sign: no secret key with id " << id.toStdString() << std::endl; - return false ; - } - - std::string uid_hint ; - if(key->nuids > 0) - uid_hint = std::string((const char *)key->uids[0].user_id) ; - uid_hint += "(" + RsPgpId(key->key_id).toStdString()+")" ; - -#ifdef DEBUG_PGPHANDLER - ops_fingerprint_t f ; - ops_fingerprint(&f,&key->key.pkey) ; - - PGPFingerprintType fp(f.fingerprint) ; -#endif - - bool last_passwd_was_wrong = false ; -ops_secret_key_t *secret_key = NULL ; - - for(int i=0;i<3;++i) - { - bool cancelled =false; - std::string passphrase = _passphrase_callback(NULL,reason.c_str(),uid_hint.c_str(),"Please enter passwd for encrypting your key : ",last_passwd_was_wrong,&cancelled) ;//TODO reason - - secret_key = ops_decrypt_secret_key_from_data(key,passphrase.c_str()) ; - - if(cancelled) - { - std::cerr << "Key entering cancelled" << std::endl; - return false ; - } - if(secret_key) - break ; - - std::cerr << "Key decryption went wrong. Wrong passwd?" << std::endl; - last_passwd_was_wrong = true ; - } - if(!secret_key) - { - std::cerr << "Could not obtain secret key. Signature cancelled." << std::endl; - return false ; - } - - // then do the signature. - - ops_boolean_t not_raw = !use_raw_signature ; -#ifdef V07_NON_BACKWARD_COMPATIBLE_CHANGE_002 - ops_memory_t *memres = ops_sign_buf(data,len,OPS_SIG_BINARY,OPS_HASH_SHA256,secret_key,ops_false,ops_false,not_raw,not_raw) ; -#else - ops_memory_t *memres = ops_sign_buf(data,len,OPS_SIG_BINARY,OPS_HASH_SHA1,secret_key,ops_false,ops_false,not_raw,not_raw) ; -#endif - - if(!memres) - return false ; - - bool res ; - uint32_t slen = (uint32_t)ops_memory_get_length(memres); - - if(*signlen >= slen) - { - *signlen = slen ; - - memcpy(sign,ops_memory_get_data(memres),*signlen) ; - res = true ; - } - else - { - std::cerr << "(EE) memory chunk is not large enough for signature packet. Requred size: " << slen << " bytes." << std::endl; - res = false ; - } - - ops_memory_release(memres) ; - free(memres) ; - ops_secret_key_free(secret_key) ; - free(secret_key) ; - -#ifdef DEBUG_PGPHANDLER - std::cerr << "Signed with fingerprint " << fp.toStdString() << ", length " << std::dec << *signlen << ", literal data length = " << len << std::endl; - std::cerr << "Signature body: " << std::endl; - hexdump( (unsigned char *)data, len) ; - std::cerr << std::endl; - std::cerr << "Data: " << std::endl; - hexdump( (unsigned char *)sign,*signlen) ; - std::cerr << std::endl; -#endif - return res ; -} - -bool PGPHandler::privateSignCertificate(const RsPgpId& ownId,const RsPgpId& id_of_key_to_sign) -{ - RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. - - ops_keydata_t *key_to_sign = const_cast(locked_getPublicKey(id_of_key_to_sign,true)) ; - - if(key_to_sign == NULL) - { - std::cerr << "Cannot sign: no public key with id " << id_of_key_to_sign.toStdString() << std::endl; - return false ; - } - - // 1 - get decrypted secret key - // - const ops_keydata_t *skey = locked_getSecretKey(ownId) ; - - if(!skey) - { - std::cerr << "Cannot sign: no secret key with id " << ownId.toStdString() << std::endl; - return false ; - } - const ops_keydata_t *pkey = locked_getPublicKey(ownId,true) ; - - if(!pkey) - { - std::cerr << "Cannot sign: no public key with id " << ownId.toStdString() << std::endl; - return false ; - } - - bool cancelled = false; - std::string passphrase = _passphrase_callback(NULL,"",RsPgpId(skey->key_id).toStdString().c_str(),"Please enter passwd for encrypting your key : ",false,&cancelled) ; - - ops_secret_key_t *secret_key = ops_decrypt_secret_key_from_data(skey,passphrase.c_str()) ; - - if(cancelled) - { - std::cerr << "Key cancelled by used." << std::endl; - return false ; - } - if(!secret_key) - { - std::cerr << "Key decryption went wrong. Wrong passwd?" << std::endl; - return false ; - } - - // 2 - then do the signature. - - if(!ops_sign_key(key_to_sign,pkey->key_id,secret_key)) - { - std::cerr << "Key signature went wrong. Wrong passwd?" << std::endl; - return false ; - } - - // 3 - free memory - // - ops_secret_key_free(secret_key) ; - free(secret_key) ; - - _pubring_changed = true ; - - // 4 - update signatures. - // - PGPCertificateInfo& cert(_public_keyring_map[ id_of_key_to_sign ]) ; - validateAndUpdateSignatures(cert,key_to_sign) ; - cert._flags |= PGPCertificateInfo::PGP_CERTIFICATE_FLAG_HAS_OWN_SIGNATURE ; - - return true ; -} - void PGPHandler::updateOwnSignatureFlag(const RsPgpId& own_id) { RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. @@ -1599,59 +165,6 @@ void PGPHandler::locked_updateOwnSignatureFlag(PGPCertificateInfo& cert,const Rs RsPgpFingerprint::SIZE_IN_BYTES - RsPgpId::SIZE_IN_BYTES ); } -bool PGPHandler::getKeyFingerprint(const RsPgpId& id, RsPgpFingerprint& fp) const -{ - RS_STACK_MUTEX(pgphandlerMtx); - - const ops_keydata_t *key = locked_getPublicKey(id,false) ; - - if(!key) return false; - - ops_fingerprint_t f ; - ops_fingerprint(&f,&key->key.pkey) ; - - fp = RsPgpFingerprint::fromBufferUnsafe(f.fingerprint); - - return true ; -} - -bool PGPHandler::VerifySignBin(const void *literal_data, uint32_t literal_data_length, unsigned char *sign, unsigned int sign_len, const PGPFingerprintType& key_fingerprint) -{ - RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. - - RsPgpId id = RsPgpId(key_fingerprint.toByteArray() + PGPFingerprintType::SIZE_IN_BYTES - RsPgpId::SIZE_IN_BYTES) ; - const ops_keydata_t *key = locked_getPublicKey(id,true) ; - - if(key == NULL) - { - std::cerr << "No key returned by fingerprint " << key_fingerprint.toStdString() << ", and ID " << id.toStdString() << ", signature verification failed!" << std::endl; - return false ; - } - - // Check that fingerprint is the same. - const ops_public_key_t *pkey = &key->key.pkey ; - ops_fingerprint_t fp ; - ops_fingerprint(&fp,pkey) ; - - if(key_fingerprint != PGPFingerprintType(fp.fingerprint)) - { - std::cerr << "Key fingerprint does not match " << key_fingerprint.toStdString() << ", for ID " << id.toStdString() << ", signature verification failed!" << std::endl; - return false ; - } - -#ifdef DEBUG_PGPHANDLER - std::cerr << "Verifying signature from fingerprint " << key_fingerprint.toStdString() << ", length " << std::dec << sign_len << ", literal data length = " << literal_data_length << std::endl; - std::cerr << "Signature body: " << std::endl; - hexdump( (unsigned char *)sign,sign_len) ; - std::cerr << std::endl; - std::cerr << "Signed data: " << std::endl; - hexdump( (unsigned char *)literal_data, literal_data_length) ; - std::cerr << std::endl; -#endif - - return ops_validate_detached_signature(literal_data,literal_data_length,sign,sign_len,key) ; -} - void PGPHandler::setAcceptConnexion(const RsPgpId& id,bool b) { RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. @@ -1699,65 +212,6 @@ bool PGPHandler::isGPGAccepted(const RsPgpId &id) return (res != _public_keyring_map.end()) && (res->second._flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_ACCEPT_CONNEXION) ; } -// Lexicographic order on signature packets -// -bool operator<(const ops_packet_t& p1,const ops_packet_t& p2) -{ - if(p1.length < p2.length) - return true ; - if(p1.length > p2.length) - return false ; - - for(uint32_t i=0;i p2.raw[i]) - return false ; - } - return false ; -} - -bool PGPHandler::mergeKeySignatures(ops_keydata_t *dst,const ops_keydata_t *src) -{ - // First sort all signatures into lists to see which is new, which is not new - -#ifdef DEBUG_PGPHANDLER - std::cerr << "Merging signatures for key " << RsPgpId(dst->key_id).toStdString() << std::endl; -#endif - std::set dst_packets ; - - for(uint32_t i=0;inpackets;++i) dst_packets.insert(dst->packets[i]) ; - - std::set to_add ; - - for(uint32_t i=0;inpackets;++i) - if(dst_packets.find(src->packets[i]) == dst_packets.end()) - { - uint8_t tag ; - uint32_t length ; - unsigned char *tmp_data = src->packets[i].raw ; // put it in a tmp variable because read_packetHeader() will modify it!! - - PGPKeyParser::read_packetHeader(tmp_data,tag,length) ; - - if(tag == PGPKeyParser::PGP_PACKET_TAG_SIGNATURE) - to_add.insert(src->packets[i]) ; -#ifdef DEBUG_PGPHANDLER - else - std::cerr << " Packet with tag 0x" << std::hex << (int)(src->packets[i].raw[0]) << std::dec << " not merged, because it is not a signature." << std::endl; -#endif - } - - for(std::set::const_iterator it(to_add.begin());it!=to_add.end();++it) - { -#ifdef DEBUG_PGPHANDLER - std::cerr << " Adding packet with tag 0x" << std::hex << (int)(*it).raw[0] << std::dec << std::endl; -#endif - ops_add_packet_to_keydata(dst,&*it) ; - } - return to_add.size() > 0 ; -} - bool PGPHandler::parseSignature(unsigned char *sign, unsigned int signlen,RsPgpId& issuer_id) { PGPSignatureInfo info ; @@ -1895,71 +349,6 @@ bool PGPHandler::locked_writePrivateTrustDatabase() return true ; } -bool PGPHandler::syncDatabase() -{ - RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. - RsStackFileLock flck(_pgp_lock_filename) ; // lock access to PGP directory. - -#ifdef DEBUG_PGPHANDLER - std::cerr << "Sync-ing keyrings." << std::endl; -#endif - locked_syncPublicKeyring() ; - //locked_syncSecretKeyring() ; - - // Now sync the trust database as well. - // - locked_syncTrustDatabase() ; - -#ifdef DEBUG_PGPHANDLER - std::cerr << "Done. " << std::endl; -#endif - return true ; -} - -bool PGPHandler::locked_syncPublicKeyring() -{ - struct stat64 buf ; -#ifdef WINDOWS_SYS - std::wstring wfullname; - librs::util::ConvertUtf8ToUtf16(_pubring_path, wfullname); - if(-1 == _wstati64(wfullname.c_str(), &buf)) -#else - if(-1 == stat64(_pubring_path.c_str(), &buf)) -#endif - std::cerr << "PGPHandler::syncDatabase(): can't stat file " << _pubring_path << ". Can't sync public keyring." << std::endl; - - if(_pubring_last_update_time < buf.st_mtime) - { - std::cerr << "Detected change on disk of public keyring. Merging!" << std::endl ; - - locked_mergeKeyringFromDisk(_pubring,_public_keyring_map,_pubring_path) ; - _pubring_last_update_time = buf.st_mtime ; - } - - // Now check if the pubring was locally modified, which needs saving it again - if(_pubring_changed && RsDiscSpace::checkForDiscSpace(RS_PGP_DIRECTORY)) - { - std::string tmp_keyring_file = _pubring_path + ".tmp" ; - - std::cerr << "Local changes in public keyring. Writing to disk..." << std::endl; - if(!ops_write_keyring_to_file(_pubring,ops_false,tmp_keyring_file.c_str(),ops_true)) - { - std::cerr << "Cannot write public keyring tmp file. Disk full? Disk quota exceeded?" << std::endl; - return false ; - } - if(!RsDirUtil::renameFile(tmp_keyring_file,_pubring_path)) - { - std::cerr << "Cannot rename tmp pubring file " << tmp_keyring_file << " into actual pubring file " << _pubring_path << ". Check writing permissions?!?" << std::endl; - return false ; - } - - std::cerr << "Done." << std::endl; - _pubring_last_update_time = time(NULL) ; // should we get this value from the disk instead?? - _pubring_changed = false ; - } - return true ; -} - bool PGPHandler::locked_syncTrustDatabase() { struct stat64 buf ; @@ -1997,137 +386,6 @@ bool PGPHandler::locked_syncTrustDatabase() } return true ; } -void PGPHandler::locked_mergeKeyringFromDisk( ops_keyring_t *keyring, - std::map& kmap, - const std::string& keyring_file) -{ -#ifdef DEBUG_PGPHANDLER - std::cerr << "Merging keyring " << keyring_file << " from disk to memory." << std::endl; -#endif - // 1 - load keyring into a temporary keyring list. - ops_keyring_t *tmp_keyring = PGPHandler::allocateOPSKeyring() ; - if(ops_false == ops_keyring_read_from_file(tmp_keyring, false, keyring_file.c_str())) - { - std::cerr << "PGPHandler::locked_mergeKeyringFromDisk(): cannot read keyring. File corrupted?" ; - ops_keyring_free(tmp_keyring) ; - return ; - } - // 2 - load new keys and merge existing key signatures - - for(int i=0;inkeys;++i) - locked_addOrMergeKey(keyring,kmap,&tmp_keyring->keys[i]) ;// we dont' account for the return value. This is disk merging, not local changes. - - // 4 - clean - ops_keyring_free(tmp_keyring) ; -} - -bool PGPHandler::removeKeysFromPGPKeyring(const std::set& keys_to_remove,std::string& backup_file,uint32_t& error_code) -{ - // 1 - lock everything. - // - RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. - RsStackFileLock flck(_pgp_lock_filename) ; // lock access to PGP directory. - - error_code = PGP_KEYRING_REMOVAL_ERROR_NO_ERROR ; - - for(std::set::const_iterator it(keys_to_remove.begin());it!=keys_to_remove.end();++it) - if(locked_getSecretKey(*it) != NULL) - { - std::cerr << "(EE) PGPHandler:: can't remove key " << (*it).toStdString() << " since its shared by a secret key! Operation cancelled." << std::endl; - error_code = PGP_KEYRING_REMOVAL_ERROR_CANT_REMOVE_SECRET_KEYS ; - return false ; - } - - // 2 - sync everything. - // - locked_syncPublicKeyring() ; - - // 3 - make a backup of the public keyring - // - char template_name[_pubring_path.length()+8] ; - sprintf(template_name,"%s.XXXXXX",_pubring_path.c_str()) ; - -#if defined __USE_XOPEN_EXTENDED || defined __USE_XOPEN2K8 - int fd_keyring_backup(mkstemp(template_name)); - if (fd_keyring_backup == -1) -#else - if(mktemp(template_name) == NULL) -#endif - { - std::cerr << "PGPHandler::removeKeysFromPGPKeyring(): cannot create keyring backup file. Giving up." << std::endl; - error_code = PGP_KEYRING_REMOVAL_ERROR_CANNOT_CREATE_BACKUP ; - return false ; - } -#if defined __USE_XOPEN_EXTENDED || defined __USE_XOPEN2K8 - close(fd_keyring_backup); // TODO: keep the file open and use the fd -#endif - - if(!ops_write_keyring_to_file(_pubring,ops_false,template_name,ops_true)) - { - std::cerr << "PGPHandler::removeKeysFromPGPKeyring(): cannot write keyring backup file. Giving up." << std::endl; - error_code = PGP_KEYRING_REMOVAL_ERROR_CANNOT_WRITE_BACKUP ; - return false ; - } - backup_file = std::string(template_name,_pubring_path.length()+7) ; - - std::cerr << "Keyring was backed up to file " << backup_file << std::endl; - - // Remove keys from the keyring, and update the keyring map. - // - for(std::set::const_iterator it(keys_to_remove.begin());it!=keys_to_remove.end();++it) - { - if(locked_getSecretKey(*it) != NULL) - { - std::cerr << "(EE) PGPHandler:: can't remove key " << (*it).toStdString() << " since its shared by a secret key!" << std::endl; - continue ; - } - - std::map::iterator res = _public_keyring_map.find(*it) ; - - if(res == _public_keyring_map.end()) - { - std::cerr << "(EE) PGPHandler:: can't remove key " << (*it).toStdString() << " from keyring: key not found." << std::endl; - continue ; - } - - if(res->second._key_index >= (unsigned int)_pubring->nkeys || RsPgpId(_pubring->keys[res->second._key_index].key_id) != *it) - { - std::cerr << "(EE) PGPHandler:: can't remove key " << (*it).toStdString() << ". Inconsistency found." << std::endl; - error_code = PGP_KEYRING_REMOVAL_ERROR_DATA_INCONSISTENCY ; - return false ; - } - - // Move the last key to the freed place. This deletes the key in place. - // - ops_keyring_remove_key(_pubring,res->second._key_index) ; - - // Erase the info from the keyring map. - // - _public_keyring_map.erase(res) ; - - // now update all indices back. This internal look is very costly, but it avoids deleting the wrong keys, since the keyring structure is - // changed by ops_keyring_remove_key and therefore indices don't point to the correct location anymore. - - int i=0 ; - const ops_keydata_t *keydata ; - while( (keydata = ops_keyring_get_key_by_index(_pubring,i)) != NULL ) - { - PGPCertificateInfo& cert(_public_keyring_map[ RsPgpId(keydata->key_id) ]) ; - cert._key_index = i ; - ++i ; - } - } - - // Everything went well, sync back the keyring on disk - - _pubring_changed = true ; - _trustdb_changed = true ; - - locked_syncPublicKeyring() ; - locked_syncTrustDatabase() ; - - return true ; -} diff --git a/libretroshare/src/pgp/pgphandler.h b/libretroshare/src/pgp/pgphandler.h index 5d7eb82f8..07b02325c 100644 --- a/libretroshare/src/pgp/pgphandler.h +++ b/libretroshare/src/pgp/pgphandler.h @@ -29,12 +29,6 @@ #include #include -extern "C" { -#include -#include -#include -} - typedef std::string (*PassphraseCallback)(void *data, const char *uid_title, const char *uid_hint, const char *passphrase_info, int prev_was_bad,bool *cancelled) ; class PGPCertificateInfo @@ -56,9 +50,11 @@ class PGPCertificateInfo mutable rstime_t _time_stamp ; // last time the key was used (received, used for signature verification, etc) PGPFingerprintType _fpr; /* fingerprint */ - // RsPgpId _key_id ; - uint32_t _key_index ; // index to array of keys in the public keyring + // Index to array of keys in the public keyring. Dependign on the specific implementation + // of how the keyring is stored, this may be used differently. + + uint32_t _key_index ; static const uint32_t PGP_CERTIFICATE_FLAG_ACCEPT_CONNEXION = 0x0001 ; static const uint32_t PGP_CERTIFICATE_FLAG_HAS_OWN_SIGNATURE = 0x0002 ; @@ -80,53 +76,87 @@ class PGPCertificateInfo class PGPHandler { public: - PGPHandler( const std::string& path_to_public_keyring, + PGPHandler( const std::string& path_to_public_keyring, const std::string& path_to_secret_keyring, const std::string& path_to_trust_database, const std::string& pgp_lock_file) ; virtual ~PGPHandler() ; - /** + //=======================================================================================// + // Methods that needs to be derived depending on how PGP is implemented // + //=======================================================================================// + + // Removes the given keys from the keyring. Also backup the keyring to a file which name is automatically generated + // and given pack for proper display. + // + virtual bool removeKeysFromPGPKeyring(const std::set& key_ids,std::string& backup_file,uint32_t& error_code) =0; + virtual std::string makeRadixEncodedPGPKey(uint32_t key_index,bool include_signatures) =0; + + virtual bool availableGPGCertificatesWithPrivateKeys(std::list& ids)=0; + virtual bool GeneratePGPCertificate(const std::string& name, const std::string& email, const std::string& passwd, RsPgpId& pgpId, const int keynumbits, std::string& errString) =0; + + virtual std::string SaveCertificateToString(const RsPgpId& id,bool include_signatures) const=0; + + /** The caller is in charge of freeing `mem` once finished */ + virtual bool exportPublicKey( const RsPgpId& id, unsigned char*& mem_block, size_t& mem_size, bool armoured, bool include_signatures ) const =0; + + virtual bool exportGPGKeyPair(const std::string& filename,const RsPgpId& exported_key_id) const=0; + virtual bool exportGPGKeyPairToString( std::string& data, const RsPgpId& exportedKeyId, bool includeSignatures, std::string& errorMsg ) const =0; + + // Gets info about the key. Who are the signers, what's the owner's name, etc. + // + virtual bool getGPGDetailsFromBinaryBlock(const unsigned char *mem,size_t mem_size,RsPgpId& key_id, std::string& name, std::list& signers) const =0; + + virtual bool importGPGKeyPair(const std::string& filename,RsPgpId& imported_id,std::string& import_error) =0; + /** * @param ids list of gpg certificate ids (note, not the actual certificates) */ + + virtual bool importGPGKeyPairFromString(const std::string& data,RsPgpId& imported_id,std::string& import_error) =0; + + virtual bool LoadCertificateFromString(const std::string& pem, RsPgpId& gpg_id, std::string& error_string)=0; + virtual bool LoadCertificateFromBinaryData(const unsigned char *bin_data,uint32_t bin_data_len, RsPgpId& gpg_id, std::string& error_string)=0; + + virtual bool encryptTextToFile(const RsPgpId& key_id,const std::string& text,const std::string& outfile) =0; + virtual bool decryptTextFromFile(const RsPgpId& key_id,std::string& text,const std::string& encrypted_inputfile) =0; + + // The client should supply a memory chunk to store the data. The length will be updated to the real length of the data. + // + virtual bool encryptDataBin(const RsPgpId& key_id,const void *data, const uint32_t len , unsigned char *encrypted_data, unsigned int *encrypted_data_len) =0; + virtual bool decryptDataBin(const RsPgpId& key_id,const void *encrypted_data, const uint32_t encrypted_len , unsigned char *data, unsigned int *data_len) =0; + + virtual bool SignDataBin(const RsPgpId& id, const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen, bool make_raw_signature=false, std::string reason = "") =0; + virtual bool privateSignCertificate(const RsPgpId& own_id,const RsPgpId& id_of_key_to_sign) =0; + virtual bool VerifySignBin(const void *data, uint32_t data_len, unsigned char *sign, unsigned int sign_len, const PGPFingerprintType& withfingerprint) =0; + /** + * @brief Get PGP fingerprint for the given key + * @param id PGP 64bit key id + * @param fp storage for the retrived key fingerpring, the contained value + * is meaningfull only if true is returned + * @return true if the key was found, false if not + */ + virtual bool getKeyFingerprint(const RsPgpId& id, RsPgpFingerprint& fp) const=0; + + virtual bool haveSecretKey(const RsPgpId& id) const =0; + + // Syncs the keyrings and trust database between memory and disk. The algorithm is: + // 1 - lock the keyrings + // 2 - compare file modification dates with last writing date + // - if file is modified, load it, and merge with memory + // 3 - look into memory modification flags + // - if flag says keyring has changed, write to disk + // + virtual bool syncDatabase() =0; + + + //=======================================================================================// + // Common methods to PGPHandler // + //=======================================================================================// + bool getGPGFilteredList(std::list& list,bool (*filter)(const PGPCertificateInfo&) = NULL) const ; - bool haveSecretKey(const RsPgpId& id) const ; - bool importGPGKeyPair(const std::string& filename,RsPgpId& imported_id,std::string& import_error) ; - bool importGPGKeyPairFromString(const std::string& data,RsPgpId& imported_id,std::string& import_error) ; - bool exportGPGKeyPair(const std::string& filename,const RsPgpId& exported_id) const ; - bool exportGPGKeyPairToString( - std::string& data, const RsPgpId& exportedKeyId, - bool includeSignatures, std::string& errorMsg ) const; - - bool availableGPGCertificatesWithPrivateKeys(std::list& ids); - bool GeneratePGPCertificate(const std::string& name, const std::string& email, const std::string& passwd, RsPgpId& pgpId, const int keynumbits, std::string& errString) ; - - bool LoadCertificateFromString(const std::string& pem, RsPgpId& gpg_id, std::string& error_string); - bool LoadCertificateFromBinaryData(const unsigned char *bin_data,uint32_t bin_data_len, RsPgpId& gpg_id, std::string& error_string); - - std::string SaveCertificateToString(const RsPgpId& id,bool include_signatures) const ; - - /** The caller is in charge of freeing `mem` once finished */ - bool exportPublicKey( const RsPgpId& id, - unsigned char*& mem, size_t& mem_size, - bool armoured, bool include_signatures) const; - - bool parseSignature(unsigned char *sign, unsigned int signlen,RsPgpId& issuer_id) ; - bool SignDataBin(const RsPgpId& id, const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen, bool make_raw_signature=false, std::string reason = "") ; - bool VerifySignBin(const void *data, uint32_t data_len, unsigned char *sign, unsigned int sign_len, const PGPFingerprintType& withfingerprint) ; - bool privateSignCertificate(const RsPgpId& own_id,const RsPgpId& id_of_key_to_sign) ; - - // The client should supply a memory chunk to store the data. The length will be updated to the real length of the data. - // - bool encryptDataBin(const RsPgpId& key_id,const void *data, const uint32_t len - , unsigned char *encrypted_data, unsigned int *encrypted_data_len) ; - bool decryptDataBin(const RsPgpId& key_id,const void *encrypted_data, const uint32_t encrypted_len - , unsigned char *data, unsigned int *data_len) ; - - bool encryptTextToFile(const RsPgpId& key_id,const std::string& text,const std::string& outfile) ; - bool decryptTextFromFile(const RsPgpId& key_id,std::string& text,const std::string& encrypted_inputfile) ; + bool parseSignature(unsigned char *sign, unsigned int signlen,RsPgpId& issuer_id) ; void setAcceptConnexion(const RsPgpId&,bool) ; @@ -135,11 +165,6 @@ public: void locked_updateOwnSignatureFlag(PGPCertificateInfo&, const RsPgpId&, PGPCertificateInfo&, const RsPgpId&) ; - // Removes the given keys from the keyring. Also backup the keyring to a file which name is automatically generated - // and given pack for proper display. - // - bool removeKeysFromPGPKeyring(const std::set& key_ids,std::string& backup_file,uint32_t& error_code) ; - //bool isKeySupported(const RsPgpId& id) const ; bool privateTrustCertificate(const RsPgpId& id,int valid_level) ; @@ -174,66 +199,18 @@ public: */ static RsPgpId pgpIdFromFingerprint(const RsPgpFingerprint& f); - /** - * @brief Get PGP fingerprint for the given key - * @param id PGP 64bit key id - * @param fp storage for the retrived key fingerpring, the contained value - * is meaningfull only if true is returned - * @return true if the key was found, false if not - */ - bool getKeyFingerprint(const RsPgpId& id, RsPgpFingerprint& fp) const; - - // Gets info about the key. Who are the signers, what's the owner's name, etc. - // - bool getGPGDetailsFromBinaryBlock(const unsigned char *mem,size_t mem_size,RsPgpId& key_id, std::string& name, std::list& signers) const ; - // Debug stuff. virtual bool printKeys() const ; - // Syncs the keyrings and trust database between memory and disk. The algorithm is: - // 1 - lock the keyrings - // 2 - compare file modification dates with last writing date - // - if file is modified, load it, and merge with memory - // 3 - look into memory modification flags - // - if flag says keyring has changed, write to disk - // - bool syncDatabase() ; - - private: - bool LoadCertificate(const unsigned char *bin_data,uint32_t bin_data_len, bool armoured, RsPgpId& gpg_id, std::string& error_string); - void initCertificateInfo(PGPCertificateInfo& cert,const ops_keydata_t *keydata,uint32_t i) ; - - // Returns true if the signatures have been updated - // - bool validateAndUpdateSignatures(PGPCertificateInfo& cert,const ops_keydata_t *keydata) ; - - /** Check public/private key and import them into the keyring - * @param keyring keyring with the new public/private key pair. Will be freed by the function. - * @param imported_key_id PGP id of the imported key - * @param import_error human readbale error message - * @returns true on success - * */ - bool checkAndImportKeyPair(ops_keyring_t *keyring, RsPgpId& imported_key_id,std::string& import_error); - - const ops_keydata_t *locked_getPublicKey(const RsPgpId&,bool stamp_the_key) const; - const ops_keydata_t *locked_getSecretKey(const RsPgpId&) const ; - + protected: void locked_readPrivateTrustDatabase() ; bool locked_writePrivateTrustDatabase() ; - - bool locked_syncPublicKeyring() ; - bool locked_syncTrustDatabase() ; - - void locked_mergeKeyringFromDisk(ops_keyring_t *keyring, std::map& kmap, const std::string& keyring_file) ; - bool locked_addOrMergeKey(ops_keyring_t *keyring,std::map& kmap,const ops_keydata_t *keydata) ; + bool locked_syncTrustDatabase() ; // Members. // mutable RsMutex pgphandlerMtx ; - ops_keyring_t *_pubring ; - ops_keyring_t *_secring ; - std::map _public_keyring_map ; // used for fast access to keys. Gives the index in the keyring. std::map _secret_keyring_map ; @@ -249,11 +226,5 @@ public: rstime_t _secring_last_update_time ; rstime_t _trustdb_last_update_time ; - // Helper functions. - // - static std::string makeRadixEncodedPGPKey(const ops_keydata_t *key,bool include_signatures) ; - static ops_keyring_t *allocateOPSKeyring() ; - static void addNewKeyToOPSKeyring(ops_keyring_t*, const ops_keydata_t&) ; static PassphraseCallback _passphrase_callback ; - static bool mergeKeySignatures(ops_keydata_t *dst,const ops_keydata_t *src) ; // returns true if signature lists are different }; diff --git a/libretroshare/src/pqi/authgpg.cc b/libretroshare/src/pqi/authgpg.cc index b41084cf0..2d29fbb65 100644 --- a/libretroshare/src/pqi/authgpg.cc +++ b/libretroshare/src/pqi/authgpg.cc @@ -126,7 +126,7 @@ void AuthGPG::exit() AuthGPG::AuthGPG(const std::string& path_to_public_keyring,const std::string& path_to_secret_keyring,const std::string& path_to_trustdb,const std::string& pgp_lock_file) :p3Config(), - PGPHandler(path_to_public_keyring,path_to_secret_keyring,path_to_trustdb,pgp_lock_file), + OpenPGPSDKHandler(path_to_public_keyring,path_to_secret_keyring,path_to_trustdb,pgp_lock_file), gpgMtxService("AuthGPG-service"), gpgMtxEngine("AuthGPG-engine"), gpgMtxData("AuthGPG-data"), diff --git a/libretroshare/src/pqi/authgpg.h b/libretroshare/src/pqi/authgpg.h index 4fe76194c..a6023f436 100644 --- a/libretroshare/src/pqi/authgpg.h +++ b/libretroshare/src/pqi/authgpg.h @@ -34,7 +34,7 @@ #include "util/rsthreads.h" #include "pqi/p3cfgmgr.h" -#include "pgp/pgphandler.h" +#include "pgp/openpgpsdkhandler.h" #define MAX_GPG_SIGNATURE_SIZE 4096 @@ -89,7 +89,9 @@ public: virtual void setGPGOperation(AuthGPGOperation *operation) = 0; }; -class AuthGPG: public p3Config, public RsTickingThread, public PGPHandler +// Note: replace OpenPGPSDKHandler with your own PGP handler class when needed. + +class AuthGPG: public p3Config, public RsTickingThread, public OpenPGPSDKHandler { public: static void init(const std::string& path_to_pubring, From b8f4e6439374b3e96e3993d571c872caf5f6e6ac Mon Sep 17 00:00:00 2001 From: csoler Date: Wed, 11 Aug 2021 16:02:02 +0200 Subject: [PATCH 02/10] initial split of PHPHandler into two classes --- libretroshare/src/pgp/openpgpsdkhandler.cc | 1801 ++++++++++++++++++++ libretroshare/src/pgp/openpgpsdkhandler.h | 116 ++ 2 files changed, 1917 insertions(+) create mode 100644 libretroshare/src/pgp/openpgpsdkhandler.cc create mode 100644 libretroshare/src/pgp/openpgpsdkhandler.h diff --git a/libretroshare/src/pgp/openpgpsdkhandler.cc b/libretroshare/src/pgp/openpgpsdkhandler.cc new file mode 100644 index 000000000..87f3c3343 --- /dev/null +++ b/libretroshare/src/pgp/openpgpsdkhandler.cc @@ -0,0 +1,1801 @@ +/******************************************************************************* + * libretroshare/src/pgp: pgphandler.cc * + * * + * libretroshare: retroshare core library * + * * + * Copyright 2018 Cyril Soler * + * * + * This program is free software: you can redistribute it and/or modify * + * it under the terms of the GNU Lesser General Public License as * + * published by the Free Software Foundation, either version 3 of the * + * License, or (at your option) any later version. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU Lesser General Public License for more details. * + * * + * You should have received a copy of the GNU Lesser General Public License * + * along with this program. If not, see . * + * * + *******************************************************************************/ +#include +#include +#include +#include +#include +#include +#include + +#ifdef WINDOWS_SYS +#include +#include "util/rsstring.h" +#include "util/rswin.h" +#endif + +extern "C" { +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +} +#include "openpgpsdkhandler.h" + +#include "util/rsdir.h" +#include "util/rsdiscspace.h" +#include "util/rsmemory.h" +#include "pgp/pgpkeyutil.h" +#include "retroshare/rspeers.h" + +static const uint32_t PGP_CERTIFICATE_LIMIT_MAX_NAME_SIZE = 64 ; +static const uint32_t PGP_CERTIFICATE_LIMIT_MAX_EMAIL_SIZE = 64 ; +static const uint32_t PGP_CERTIFICATE_LIMIT_MAX_PASSWD_SIZE = 1024 ; + +//#define DEBUG_PGPHANDLER 1 +//#define PGPHANDLER_DSA_SUPPORT + +PassphraseCallback PGPHandler::_passphrase_callback = NULL ; + +ops_keyring_t *OpenPGPSDKHandler::allocateOPSKeyring() +{ + ops_keyring_t *kr = (ops_keyring_t*)rs_malloc(sizeof(ops_keyring_t)) ; + + if(kr == NULL) + return NULL ; + + kr->nkeys = 0 ; + kr->nkeys_allocated = 0 ; + kr->keys = 0 ; + + return kr ; +} + +ops_parse_cb_return_t cb_get_passphrase(const ops_parser_content_t *content_,ops_parse_cb_info_t *cbinfo)// __attribute__((unused))) +{ + const ops_parser_content_union_t *content=&content_->content; + bool prev_was_bad = false ; + + switch(content_->tag) + { + case OPS_PARSER_CMD_GET_SK_PASSPHRASE_PREV_WAS_BAD: prev_was_bad = true ; + /* fallthrough */ + case OPS_PARSER_CMD_GET_SK_PASSPHRASE: + { + std::string passwd; + std::string uid_hint ; + + if(cbinfo->cryptinfo.keydata->nuids > 0) + uid_hint = std::string((const char *)cbinfo->cryptinfo.keydata->uids[0].user_id) ; + uid_hint += "(" + RsPgpId(cbinfo->cryptinfo.keydata->key_id).toStdString()+")" ; + + bool cancelled = false ; + passwd = PGPHandler::passphraseCallback()(NULL,"",uid_hint.c_str(),NULL,prev_was_bad,&cancelled) ; + + if(cancelled) + *(unsigned char *)cbinfo->arg = 1; + + *(content->secret_key_passphrase.passphrase)= (char *)ops_mallocz(passwd.length()+1) ; + memcpy(*(content->secret_key_passphrase.passphrase),passwd.c_str(),passwd.length()) ; + return OPS_KEEP_MEMORY; + } + break; + + default: + break; + } + + return OPS_RELEASE_MEMORY; +} + +OpenPGPSDKHandler::OpenPGPSDKHandler(const std::string& pubring, const std::string& secring,const std::string& trustdb,const std::string& pgp_lock_filename) + : PGPHandler(pubring,secring,trustdb,pgp_lock_filename) +{ + RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. + + // Allocate public and secret keyrings. + // + _pubring = allocateOPSKeyring() ; + _secring = allocateOPSKeyring() ; + + // Check that the file exists. If not, create a void keyring. + + FILE *ftest ; + ftest = RsDirUtil::rs_fopen(pubring.c_str(),"rb") ; + bool pubring_exist = (ftest != NULL) ; + if(ftest != NULL) + fclose(ftest) ; + ftest = RsDirUtil::rs_fopen(secring.c_str(),"rb") ; + bool secring_exist = (ftest != NULL) ; + if(ftest != NULL) + fclose(ftest) ; + + // Read public and secret keyrings from supplied files. + // + if(pubring_exist) + { + if(ops_false == ops_keyring_read_from_file(_pubring, false, pubring.c_str())) + throw std::runtime_error("OpenPGPSDKHandler::readKeyRing(): cannot read pubring. File corrupted.") ; + } + else + std::cerr << "pubring file \"" << pubring << "\" not found. Creating a void keyring." << std::endl; + + const ops_keydata_t *keydata ; + int i=0 ; + while( (keydata = ops_keyring_get_key_by_index(_pubring,i)) != NULL ) + { + PGPCertificateInfo& cert(_public_keyring_map[ RsPgpId(keydata->key_id) ]) ; + + // Init all certificates. + + initCertificateInfo(cert,keydata,i) ; + + // Validate signatures. + + validateAndUpdateSignatures(cert,keydata) ; + + ++i ; + } + _pubring_last_update_time = time(NULL) ; + std::cerr << "Pubring read successfully." << std::endl; + + if(secring_exist) + { + if(ops_false == ops_keyring_read_from_file(_secring, false, secring.c_str())) + throw std::runtime_error("OpenPGPSDKHandler::readKeyRing(): cannot read secring. File corrupted.") ; + } + else + std::cerr << "secring file \"" << secring << "\" not found. Creating a void keyring." << std::endl; + + i=0 ; + while( (keydata = ops_keyring_get_key_by_index(_secring,i)) != NULL ) + { + initCertificateInfo(_secret_keyring_map[ RsPgpId(keydata->key_id) ],keydata,i) ; + ++i ; + } + _secring_last_update_time = time(NULL) ; + + std::cerr << "Secring read successfully." << std::endl; + + locked_readPrivateTrustDatabase() ; + _trustdb_last_update_time = time(NULL) ; +} + +void OpenPGPSDKHandler::initCertificateInfo(PGPCertificateInfo& cert,const ops_keydata_t *keydata,uint32_t index) +{ + // Parse certificate name + // + + if(keydata->uids != NULL) + { + std::string namestring( (char *)keydata->uids[0].user_id ) ; + + cert._name = "" ; + uint32_t i=0; + while(i < namestring.length() && namestring[i] != '(' && namestring[i] != '<') { cert._name += namestring[i] ; ++i ;} + + // trim right spaces + std::string::size_type found = cert._name.find_last_not_of(' '); + if (found != std::string::npos) + cert._name.erase(found + 1); + else + cert._name.clear(); // all whitespace + + std::string& next = (namestring[i] == '(')?cert._comment:cert._email ; + ++i ; + next = "" ; + while(i < namestring.length() && namestring[i] != ')' && namestring[i] != '>') { next += namestring[i] ; ++i ;} + + while(i < namestring.length() && namestring[i] != '(' && namestring[i] != '<') { next += namestring[i] ; ++i ;} + + if(i< namestring.length()) + { + std::string& next2 = (namestring[i] == '(')?cert._comment:cert._email ; + ++i ; + next2 = "" ; + while(i < namestring.length() && namestring[i] != ')' && namestring[i] != '>') { next2 += namestring[i] ; ++i ;} + } + } + + cert._trustLvl = 1 ; // to be setup accordingly + cert._validLvl = 1 ; // to be setup accordingly + cert._key_index = index ; + cert._flags = 0 ; + cert._time_stamp = 0 ;// "never" by default. Will be updated by trust database, and effective key usage. + + switch(keydata->key.pkey.algorithm) + { + case OPS_PKA_RSA: cert._type = PGPCertificateInfo::PGP_CERTIFICATE_TYPE_RSA ; + break ; + case OPS_PKA_DSA: cert._type = PGPCertificateInfo::PGP_CERTIFICATE_TYPE_DSA ; + cert._flags |= PGPCertificateInfo::PGP_CERTIFICATE_FLAG_UNSUPPORTED_ALGORITHM ; + break ; + default: cert._type = PGPCertificateInfo::PGP_CERTIFICATE_TYPE_UNKNOWN ; + cert._flags |= PGPCertificateInfo::PGP_CERTIFICATE_FLAG_UNSUPPORTED_ALGORITHM ; + break ; + } + + ops_fingerprint_t f ; + ops_fingerprint(&f,&keydata->key.pkey) ; + + cert._fpr = PGPFingerprintType(f.fingerprint) ; +} + +bool OpenPGPSDKHandler::validateAndUpdateSignatures(PGPCertificateInfo& cert,const ops_keydata_t *keydata) +{ + ops_validate_result_t* result=(ops_validate_result_t*)ops_mallocz(sizeof *result); + ops_boolean_t res = ops_validate_key_signatures(result,keydata,_pubring,cb_get_passphrase) ; + + if(res == ops_false) + { + static ops_boolean_t already = 0 ; + if(!already) + { + std::cerr << "(WW) Error in OpenPGPSDKHandler::validateAndUpdateSignatures(). Validation failed for at least some signatures." << std::endl; + already = 1 ; + } + } + + bool ret = false ; + + // Parse signers. + // + + if(result != NULL) + for(size_t i=0;ivalid_count;++i) + { + RsPgpId signer_id(result->valid_sigs[i].signer_id); + + if(cert.signers.find(signer_id) == cert.signers.end()) + { + cert.signers.insert(signer_id) ; + ret = true ; + } + } + + ops_validate_result_free(result) ; + + return ret ; +} + +OpenPGPSDKHandler::~OpenPGPSDKHandler() +{ + RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. +#ifdef DEBUG_PGPHANDLER + std::cerr << "Freeing OpenPGPSDKHandler. Deleting keyrings." << std::endl; +#endif + + // no need to free the the _map_ elements. They will be freed by the following calls: + // + ops_keyring_free(_pubring) ; + ops_keyring_free(_secring) ; + + free(_pubring) ; + free(_secring) ; +} + +void OpenPGPSDKHandler::printOPSKeys() const +{ + std::cerr << "Public keyring list from OPS:" << std::endl; + ops_keyring_list(_pubring) ; +} + +bool OpenPGPSDKHandler::haveSecretKey(const RsPgpId& id) const +{ + RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. + + return locked_getSecretKey(id) != NULL ; +} + +bool OpenPGPSDKHandler::availableGPGCertificatesWithPrivateKeys(std::list& ids) +{ + RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. + // go through secret keyring, and check that we have the pubkey as well. + // + + const ops_keydata_t *keydata = NULL ; + int i=0 ; + + while( (keydata = ops_keyring_get_key_by_index(_secring,i++)) != NULL ) + if(ops_keyring_find_key_by_id(_pubring,keydata->key_id) != NULL) // check that the key is in the pubring as well + { +#ifdef PGPHANDLER_DSA_SUPPORT + if(keydata->key.pkey.algorithm == OPS_PKA_RSA || keydata->key.pkey.algorithm == OPS_PKA_DSA) +#else + if(keydata->key.pkey.algorithm == OPS_PKA_RSA) +#endif + ids.push_back(RsPgpId(keydata->key_id)) ; +#ifdef DEBUG_PGPHANDLER + else + std::cerr << "Skipping keypair " << RsPgpId(keydata->key_id).toStdString() << ", unsupported algorithm: " << keydata->key.pkey.algorithm << std::endl; +#endif + } + + return true ; +} + +bool OpenPGPSDKHandler::GeneratePGPCertificate(const std::string& name, const std::string& email, const std::string& passphrase, RsPgpId& pgpId, const int keynumbits, std::string& errString) +{ + // Some basic checks + + if(!RsDiscSpace::checkForDiscSpace(RS_PGP_DIRECTORY)) + { + errString = std::string("(EE) low disc space in pgp directory. Can't write safely to keyring.") ; + return false ; + } + if(name.length() > PGP_CERTIFICATE_LIMIT_MAX_NAME_SIZE) + { + errString = std::string("(EE) name in certificate exceeds the maximum allowed name size") ; + return false ; + } + if(email.length() > PGP_CERTIFICATE_LIMIT_MAX_EMAIL_SIZE) + { + errString = std::string("(EE) email in certificate exceeds the maximum allowed email size") ; + return false ; + } + if(passphrase.length() > PGP_CERTIFICATE_LIMIT_MAX_PASSWD_SIZE) + { + errString = std::string("(EE) passphrase in certificate exceeds the maximum allowed passphrase size") ; + return false ; + } + if(keynumbits % 1024 != 0) + { + errString = std::string("(EE) RSA key length is not a multiple of 1024") ; + return false ; + } + + // Now the real thing + RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. + RsStackFileLock flck(_pgp_lock_filename) ; // lock access to PGP directory. + + // 1 - generate keypair - RSA-2048 + // + ops_user_id_t uid ; + char *s = strdup((name + " (Generated by RetroShare) <" + email + ">" ).c_str()) ; + uid.user_id = (unsigned char *)s ; + unsigned long int e = 65537 ; // some prime number + + ops_keydata_t *key = ops_rsa_create_selfsigned_keypair(keynumbits, e, &uid) ; + + free(s) ; + + if(!key) + return false ; + + // 2 - save the private key encrypted to a temporary memory buffer, so as to read an encrypted key to memory + + ops_create_info_t *cinfo = NULL ; + ops_memory_t *buf = NULL ; + ops_setup_memory_write(&cinfo, &buf, 0); + + if(!ops_write_transferable_secret_key(key,(unsigned char *)passphrase.c_str(),passphrase.length(),ops_false,cinfo)) + { + errString = std::string("(EE) Cannot encode secret key to memory!!") ; + return false ; + } + + // 3 - read the memory chunk into an encrypted keyring + + ops_keyring_t *tmp_secring = allocateOPSKeyring() ; + + if(! ops_keyring_read_from_mem(tmp_secring, ops_false, buf)) + { + errString = std::string("(EE) Cannot re-read key from memory!!") ; + return false ; + } + ops_teardown_memory_write(cinfo,buf); // cleanup memory + + // 4 - copy the encrypted private key to the private keyring + + pgpId = RsPgpId(tmp_secring->keys[0].key_id) ; + addNewKeyToOPSKeyring(_secring,tmp_secring->keys[0]) ; + initCertificateInfo(_secret_keyring_map[ pgpId ],&tmp_secring->keys[0],_secring->nkeys-1) ; + +#ifdef DEBUG_PGPHANDLER + std::cerr << "Added new secret key with id " << pgpId.toStdString() << " to secret keyring." << std::endl; +#endif + ops_keyring_free(tmp_secring) ; + free(tmp_secring) ; + + // 5 - add key to secret keyring on disk. + + cinfo = NULL ; + std::string secring_path_tmp = _secring_path + ".tmp" ; + + if(RsDirUtil::fileExists(_secring_path) && !RsDirUtil::copyFile(_secring_path,secring_path_tmp)) + { + errString= std::string("Cannot copy secret keyring !! Disk full? Out of disk quota?") ; + return false ; + } + int fd=ops_setup_file_append(&cinfo, secring_path_tmp.c_str()); + + if(!ops_write_transferable_secret_key(key,(unsigned char *)passphrase.c_str(),passphrase.length(),ops_false,cinfo)) + { + errString= std::string("Cannot encode secret key to disk!! Disk full? Out of disk quota?") ; + return false ; + } + ops_teardown_file_write(cinfo,fd) ; + + if(!RsDirUtil::renameFile(secring_path_tmp,_secring_path)) + { + errString= std::string("Cannot rename tmp secret key file ") + secring_path_tmp + " into " + _secring_path +". Disk error?" ; + return false ; + } + + // 6 - copy the public key to the public keyring on disk + + cinfo = NULL ; + std::string pubring_path_tmp = _pubring_path + ".tmp" ; + + if(RsDirUtil::fileExists(_pubring_path) && !RsDirUtil::copyFile(_pubring_path,pubring_path_tmp)) + { + errString= std::string("Cannot encode secret key to disk!! Disk full? Out of disk quota?") ; + return false ; + } + fd=ops_setup_file_append(&cinfo, pubring_path_tmp.c_str()); + + if(!ops_write_transferable_public_key(key, ops_false, cinfo)) + { + errString=std::string("Cannot encode secret key to memory!!") ; + return false ; + } + ops_teardown_file_write(cinfo,fd) ; + + if(!RsDirUtil::renameFile(pubring_path_tmp,_pubring_path)) + { + errString= std::string("Cannot rename tmp public key file ") + pubring_path_tmp + " into " + _pubring_path +". Disk error?" ; + return false ; + } + // 7 - clean + ops_keydata_free(key) ; + + // 8 - re-read the key from the public keyring, and add it to memory. + + _pubring_last_update_time = 0 ; // force update pubring from disk. + locked_syncPublicKeyring() ; + +#ifdef DEBUG_PGPHANDLER + std::cerr << "Added new public key with id " << pgpId.toStdString() << " to public keyring." << std::endl; +#endif + + // 9 - Update some flags. + + privateTrustCertificate(pgpId,PGPCertificateInfo::PGP_CERTIFICATE_TRUST_ULTIMATE) ; + + return true ; +} + +std::string OpenPGPSDKHandler::makeRadixEncodedPGPKey(const ops_keydata_t *key,bool include_signatures) +{ + ops_create_info_t* cinfo; + ops_memory_t *buf = NULL ; + ops_setup_memory_write(&cinfo, &buf, 0); + ops_boolean_t armoured = ops_true ; + + if(key->type == OPS_PTAG_CT_PUBLIC_KEY) + { + if(ops_write_transferable_public_key_from_packet_data(key,armoured,cinfo) != ops_true) + return "ERROR: This key cannot be processed by RetroShare because\nDSA certificates are not yet handled." ; + } + else if(key->type == OPS_PTAG_CT_ENCRYPTED_SECRET_KEY) + { + if(ops_write_transferable_secret_key_from_packet_data(key,armoured,cinfo) != ops_true) + return "ERROR: This key cannot be processed by RetroShare because\nDSA certificates are not yet handled." ; + } + else + { + ops_create_info_delete(cinfo); + std::cerr << "Unhandled key type " << key->type << std::endl; + return "ERROR: Cannot write key. Unhandled key type. " ; + } + + ops_writer_close(cinfo) ; + + std::string res((char *)ops_memory_get_data(buf),ops_memory_get_length(buf)) ; + ops_teardown_memory_write(cinfo,buf); + + if(!include_signatures) + { + std::string tmp ; + if(PGPKeyManagement::createMinimalKey(res,tmp) ) + res = tmp ; + } + + return res ; +} + +const ops_keydata_t *OpenPGPSDKHandler::locked_getSecretKey(const RsPgpId& id) const +{ + std::map::const_iterator res = _secret_keyring_map.find(id) ; + + if(res == _secret_keyring_map.end()) + return NULL ; + else + return ops_keyring_get_key_by_index(_secring,res->second._key_index) ; +} +const ops_keydata_t *OpenPGPSDKHandler::locked_getPublicKey(const RsPgpId& id,bool stamp_the_key) const +{ + std::map::const_iterator res = _public_keyring_map.find(id) ; + + if(res == _public_keyring_map.end()) + return NULL ; + else + { + if(stamp_the_key) // Should we stamp the key as used? + { + static rstime_t last_update_db_because_of_stamp = 0 ; + rstime_t now = time(NULL) ; + + res->second._time_stamp = now ; + + if(now > last_update_db_because_of_stamp + 3600) // only update database once every hour. No need to do it more often. + { + _trustdb_changed = true ; + last_update_db_because_of_stamp = now ; + } + } + return ops_keyring_get_key_by_index(_pubring,res->second._key_index) ; + } +} + +std::string OpenPGPSDKHandler::SaveCertificateToString(const RsPgpId& id,bool include_signatures) const +{ + RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. + const ops_keydata_t *key = locked_getPublicKey(id,false) ; + + if(key == NULL) + { + std::cerr << "Cannot output key " << id.toStdString() << ": not found in keyring." << std::endl; + return "" ; + } + + return makeRadixEncodedPGPKey(key,include_signatures) ; +} + +bool OpenPGPSDKHandler::exportPublicKey( const RsPgpId& id, unsigned char*& mem_block, size_t& mem_size, bool armoured, bool include_signatures ) const +{ + mem_block = nullptr; mem_size = 0; // clear just in case + + if(armoured) + { + RsErr() << __PRETTY_FUNCTION__ << " should not be used with " + << "armoured=true, because there's a bug in the armoured export" + << " of OPS" << std::endl; + print_stacktrace(); + return false; + } + + RS_STACK_MUTEX(pgphandlerMtx); + const ops_keydata_t* key = locked_getPublicKey(id,false); + + if(!key) + { + RsErr() << __PRETTY_FUNCTION__ << " key id: " << id + << " not found in keyring." << std::endl; + return false; + } + + ops_create_info_t* cinfo; + ops_memory_t *buf = nullptr; + ops_setup_memory_write(&cinfo, &buf, 0); + + if(ops_write_transferable_public_key_from_packet_data( + key, armoured, cinfo ) != ops_true) + { + RsErr() << __PRETTY_FUNCTION__ << " This key id " << id + << " cannot be processed by RetroShare because DSA certificates" + << " support is not implemented yet." << std::endl; + return false; + } + + ops_writer_close(cinfo); + + mem_size = ops_memory_get_length(buf); + mem_block = reinterpret_cast(malloc(mem_size)); + memcpy(mem_block,ops_memory_get_data(buf),mem_size); + + ops_teardown_memory_write(cinfo,buf); + + if(!include_signatures) + { + size_t new_size; + PGPKeyManagement::findLengthOfMinimalKey(mem_block, mem_size, new_size); + mem_size = new_size; + } + + return true; +} + +bool OpenPGPSDKHandler::exportGPGKeyPair(const std::string& filename,const RsPgpId& exported_key_id) const +{ + RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. + + const ops_keydata_t *pubkey = locked_getPublicKey(exported_key_id,false) ; + + if(pubkey == NULL) + { + std::cerr << "Cannot output key " << exported_key_id.toStdString() << ": not found in public keyring." << std::endl; + return false ; + } + const ops_keydata_t *seckey = locked_getSecretKey(exported_key_id) ; + + if(seckey == NULL) + { + std::cerr << "Cannot output key " << exported_key_id.toStdString() << ": not found in secret keyring." << std::endl; + return false ; + } + + FILE *f = RsDirUtil::rs_fopen(filename.c_str(),"w") ; + if(f == NULL) + { + std::cerr << "Cannot output key " << exported_key_id.toStdString() << ": file " << filename << " cannot be written. Please check for permissions, quotas, disk space." << std::endl; + return false ; + } + + fprintf(f,"%s\n", makeRadixEncodedPGPKey(pubkey,true).c_str()) ; + fprintf(f,"%s\n", makeRadixEncodedPGPKey(seckey,true).c_str()) ; + + fclose(f) ; + return true ; +} + +bool OpenPGPSDKHandler::exportGPGKeyPairToString( std::string& data, const RsPgpId& exportedKeyId, bool includeSignatures, std::string& errorMsg ) const +{ + RS_STACK_MUTEX(pgphandlerMtx); + + const ops_keydata_t *pubkey = locked_getPublicKey(exportedKeyId,false); + + if(!pubkey) + { + errorMsg = "Cannot output key " + exportedKeyId.toStdString() + + ": not found in public keyring."; + return false; + } + const ops_keydata_t *seckey = locked_getSecretKey(exportedKeyId); + + if(!seckey) + { + errorMsg = "Cannot output key " + exportedKeyId.toStdString() + + ": not found in secret keyring."; + return false; + } + + data = makeRadixEncodedPGPKey(pubkey, includeSignatures); + data += "\n"; + data += makeRadixEncodedPGPKey(seckey, includeSignatures); + data += "\n"; + return true; +} + +bool OpenPGPSDKHandler::getGPGDetailsFromBinaryBlock(const unsigned char *mem_block,size_t mem_size,RsPgpId& key_id, std::string& name, std::list& signers) const +{ + ops_keyring_t *tmp_keyring = allocateOPSKeyring(); + ops_memory_t *mem = ops_memory_new() ; + ops_memory_add(mem,mem_block,mem_size); + + if(!ops_keyring_read_from_mem(tmp_keyring,ops_false,mem)) + { + ops_keyring_free(tmp_keyring) ; + free(tmp_keyring) ; + ops_memory_release(mem) ; + free(mem) ; + + std::cerr << "Could not read key. Format error?" << std::endl; + //error_string = std::string("Could not read key. Format error?") ; + return false ; + } + ops_memory_release(mem) ; + free(mem) ; + //error_string.clear() ; + + if(tmp_keyring->nkeys != 1) + { + std::cerr << "No or incomplete/invalid key in supplied pgp block." << std::endl; + return false ; + } + if(tmp_keyring->keys[0].uids == NULL) + { + std::cerr << "No uid in supplied key." << std::endl; + return false ; + } + + key_id = RsPgpId(tmp_keyring->keys[0].key_id) ; + name = std::string((char *)tmp_keyring->keys[0].uids[0].user_id) ; + + // now parse signatures. + // + ops_validate_result_t* result=(ops_validate_result_t*)ops_mallocz(sizeof *result); + ops_boolean_t res ; + + { + RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. + res = ops_validate_key_signatures(result,&tmp_keyring->keys[0],_pubring,cb_get_passphrase) ; + } + + if(res == ops_false) + std::cerr << "(WW) Error in OpenPGPSDKHandler::validateAndUpdateSignatures(). Validation failed for at least some signatures." << std::endl; + + // also add self-signature if any (there should be!). + // + res = ops_validate_key_signatures(result,&tmp_keyring->keys[0],tmp_keyring,cb_get_passphrase) ; + + if(res == ops_false) + std::cerr << "(WW) Error in OpenPGPSDKHandler::validateAndUpdateSignatures(). Validation failed for at least some signatures." << std::endl; + + // Parse signers. + // + + std::set signers_set ; // Use a set to remove duplicates. + + if(result != NULL) + for(size_t i=0;ivalid_count;++i) + signers_set.insert(RsPgpId(result->valid_sigs[i].signer_id)) ; + + ops_validate_result_free(result) ; + + ops_keyring_free(tmp_keyring) ; + free(tmp_keyring) ; + + // write to the output variable + + signers.clear() ; + + for(std::set::const_iterator it(signers_set.begin());it!=signers_set.end();++it) + signers.push_back(*it) ; + + return true ; +} + +bool OpenPGPSDKHandler::importGPGKeyPair(const std::string& filename,RsPgpId& imported_key_id,std::string& import_error) +{ + import_error = "" ; + + // 1 - Test for file existance + // + FILE *ftest = RsDirUtil::rs_fopen(filename.c_str(),"r") ; + + if(ftest == NULL) + { + import_error = "Cannot open file " + filename + " for read. Please check access permissions." ; + return false ; + } + + fclose(ftest) ; + + // 2 - Read keyring from supplied file. + // + ops_keyring_t *tmp_keyring = allocateOPSKeyring(); + + if(ops_false == ops_keyring_read_from_file(tmp_keyring, ops_true, filename.c_str())) + { + import_error = "OpenPGPSDKHandler::readKeyRing(): cannot read key file. File corrupted?" ; + free(tmp_keyring); + return false ; + } + + return checkAndImportKeyPair(tmp_keyring, imported_key_id, import_error); +} + +bool OpenPGPSDKHandler::importGPGKeyPairFromString(const std::string &data, RsPgpId &imported_key_id, std::string &import_error) +{ + import_error = "" ; + + ops_memory_t* mem = ops_memory_new(); + ops_memory_add(mem, (unsigned char*)data.data(), data.length()); + + ops_keyring_t *tmp_keyring = allocateOPSKeyring(); + + if(ops_false == ops_keyring_read_from_mem(tmp_keyring, ops_true, mem)) + { + import_error = "OpenPGPSDKHandler::importGPGKeyPairFromString(): cannot parse key data" ; + free(tmp_keyring); + return false ; + } + return checkAndImportKeyPair(tmp_keyring, imported_key_id, import_error); +} + +bool OpenPGPSDKHandler::checkAndImportKeyPair(ops_keyring_t *tmp_keyring, RsPgpId &imported_key_id, std::string &import_error) +{ + if(tmp_keyring == 0) + { + import_error = "OpenPGPSDKHandler::checkAndImportKey(): keyring is null" ; + return false; + } + + if(tmp_keyring->nkeys != 2) + { + import_error = "OpenPGPSDKHandler::importKeyPair(): file does not contain a valid keypair." ; + if(tmp_keyring->nkeys > 2) + import_error += "\nMake sure that your key is a RSA key (DSA is not yet supported) and does not contain subkeys (not supported yet)."; + return false ; + } + + // 3 - Test that keyring contains a valid keypair. + // + const ops_keydata_t *pubkey = NULL ; + const ops_keydata_t *seckey = NULL ; + + if(tmp_keyring->keys[0].type == OPS_PTAG_CT_PUBLIC_KEY) + pubkey = &tmp_keyring->keys[0] ; + else if(tmp_keyring->keys[0].type == OPS_PTAG_CT_ENCRYPTED_SECRET_KEY) + seckey = &tmp_keyring->keys[0] ; + else + { + import_error = "Unrecognised key type in key file for key #0. Giving up." ; + std::cerr << "Unrecognised key type " << tmp_keyring->keys[0].type << " in key file for key #0. Giving up." << std::endl; + return false ; + } + if(tmp_keyring->keys[1].type == OPS_PTAG_CT_PUBLIC_KEY) + pubkey = &tmp_keyring->keys[1] ; + else if(tmp_keyring->keys[1].type == OPS_PTAG_CT_ENCRYPTED_SECRET_KEY) + seckey = &tmp_keyring->keys[1] ; + else + { + import_error = "Unrecognised key type in key file for key #1. Giving up." ; + std::cerr << "Unrecognised key type " << tmp_keyring->keys[1].type << " in key file for key #1. Giving up." << std::endl; + return false ; + } + + if(pubkey == nullptr || seckey == nullptr || pubkey == seckey) + { + import_error = "File does not contain a public and a private key. Sorry." ; + return false ; + } + if(memcmp( pubkey->fingerprint.fingerprint, + seckey->fingerprint.fingerprint, + RsPgpFingerprint::SIZE_IN_BYTES ) != 0) + { + import_error = "Public and private keys do nt have the same fingerprint. Sorry!" ; + return false ; + } + if(pubkey->key.pkey.version != 4) + { + import_error = "Public key is not version 4. Rejected!" ; + return false ; + } + + // 4 - now check self-signature for this keypair. For this we build a dummy keyring containing only the key. + // + ops_validate_result_t *result=(ops_validate_result_t*)ops_mallocz(sizeof *result); + + ops_keyring_t dummy_keyring ; + dummy_keyring.nkeys=1 ; + dummy_keyring.nkeys_allocated=1 ; + dummy_keyring.keys=const_cast(pubkey) ; + + ops_validate_key_signatures(result, const_cast(pubkey), &dummy_keyring, cb_get_passphrase) ; + + // Check that signatures contain at least one certification from the user id. + // + bool found = false ; + + for(uint32_t i=0;ivalid_count;++i) + if(!memcmp( + static_cast(result->valid_sigs[i].signer_id), + pubkey->key_id, + RsPgpId::SIZE_IN_BYTES )) + { + found = true ; + break ; + } + + if(!found) + { + import_error = "Cannot validate self signature for the imported key. Sorry." ; + return false ; + } + ops_validate_result_free(result); + + if(!RsDiscSpace::checkForDiscSpace(RS_PGP_DIRECTORY)) + { + import_error = std::string("(EE) low disc space in pgp directory. Can't write safely to keyring.") ; + return false ; + } + // 5 - All test passed. Adding key to keyring. + // + { + RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. + + imported_key_id = RsPgpId(pubkey->key_id) ; + + if(locked_getSecretKey(imported_key_id) == NULL) + { + RsStackFileLock flck(_pgp_lock_filename) ; // lock access to PGP directory. + + ops_create_info_t *cinfo = NULL ; + + // Make a copy of the secret keyring + // + std::string secring_path_tmp = _secring_path + ".tmp" ; + if(RsDirUtil::fileExists(_secring_path) && !RsDirUtil::copyFile(_secring_path,secring_path_tmp)) + { + import_error = "(EE) Cannot write secret key to disk!! Disk full? Out of disk quota. Keyring will be left untouched." ; + return false ; + } + + // Append the new key + + int fd=ops_setup_file_append(&cinfo, secring_path_tmp.c_str()); + + if(!ops_write_transferable_secret_key_from_packet_data(seckey,ops_false,cinfo)) + { + import_error = "(EE) Cannot encode secret key to disk!! Disk full? Out of disk quota?" ; + return false ; + } + ops_teardown_file_write(cinfo,fd) ; + + // Rename the new keyring to overwrite the old one. + // + if(!RsDirUtil::renameFile(secring_path_tmp,_secring_path)) + { + import_error = " (EE) Cannot move temp file " + secring_path_tmp + ". Bad write permissions?" ; + return false ; + } + + addNewKeyToOPSKeyring(_secring,*seckey) ; + initCertificateInfo(_secret_keyring_map[ imported_key_id ],seckey,_secring->nkeys-1) ; + } + else + import_error = "Private key already exists! Not importing it again." ; + + if(locked_addOrMergeKey(_pubring,_public_keyring_map,pubkey)) + _pubring_changed = true ; + } + + // 6 - clean + // + ops_keyring_free(tmp_keyring) ; + free(tmp_keyring); + + // write public key to disk + syncDatabase(); + + return true ; +} + +void OpenPGPSDKHandler::addNewKeyToOPSKeyring(ops_keyring_t *kr,const ops_keydata_t& key) +{ + if(kr->nkeys >= kr->nkeys_allocated) + { + kr->keys = (ops_keydata_t *)realloc(kr->keys,(kr->nkeys+1)*sizeof(ops_keydata_t)) ; + kr->nkeys_allocated = kr->nkeys+1; + } + memset(&kr->keys[kr->nkeys],0,sizeof(ops_keydata_t)) ; + ops_keydata_copy(&kr->keys[kr->nkeys],&key) ; + kr->nkeys++ ; +} + +bool OpenPGPSDKHandler::LoadCertificateFromBinaryData(const unsigned char *data,uint32_t data_len,RsPgpId& id,std::string& error_string) +{ + return LoadCertificate(data,data_len,ops_false,id,error_string); +} + +bool OpenPGPSDKHandler::LoadCertificateFromString(const std::string& pgp_cert,RsPgpId& id,std::string& error_string) +{ + return LoadCertificate((unsigned char*)(pgp_cert.c_str()),pgp_cert.length(),ops_true,id,error_string); +} + +bool OpenPGPSDKHandler::LoadCertificate(const unsigned char *data,uint32_t data_len,bool armoured,RsPgpId& id,std::string& error_string) +{ + RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. +#ifdef DEBUG_PGPHANDLER + std::cerr << "Reading new key from string: " << std::endl; +#endif + + ops_keyring_t *tmp_keyring = allocateOPSKeyring(); + ops_memory_t *mem = ops_memory_new() ; + ops_memory_add(mem,data,data_len) ; + + if(!ops_keyring_read_from_mem(tmp_keyring,armoured,mem)) + { + ops_keyring_free(tmp_keyring) ; + free(tmp_keyring) ; + ops_memory_release(mem) ; + free(mem) ; + + std::cerr << "Could not read key. Format error?" << std::endl; + error_string = std::string("Could not read key. Format error?") ; + return false ; + } + ops_memory_release(mem) ; + free(mem) ; + error_string.clear() ; + + // Check that there is exactly one key in this data packet. + // + if(tmp_keyring->nkeys != 1) + { + std::cerr << "Loaded certificate contains more than one PGP key. This is not allowed." << std::endl; + error_string = "Loaded certificate contains more than one PGP key. This is not allowed." ; + return false ; + } + + const ops_keydata_t *keydata = ops_keyring_get_key_by_index(tmp_keyring,0); + + // Check that the key is a version 4 key + // + if(keydata->key.pkey.version != 4) + { + error_string = "Public key is not version 4. Rejected!" ; + std::cerr << "Received a key with unhandled version number (" << keydata->key.pkey.version << ")" << std::endl; + return false ; + } + + // Check that the key is correctly self-signed. + // + ops_validate_result_t* result=(ops_validate_result_t*)ops_mallocz(sizeof *result); + + ops_validate_key_signatures(result,keydata,tmp_keyring,cb_get_passphrase) ; + + bool found = false ; + + for(uint32_t i=0;ivalid_count;++i) + if(!memcmp( + static_cast(result->valid_sigs[i].signer_id), + keydata->key_id, + RsPgpId::SIZE_IN_BYTES )) + { + found = true ; + break ; + } + + if(!found) + { + error_string = "This key is not self-signed. This is required by Retroshare." ; + std::cerr << "This key is not self-signed. This is required by Retroshare." << std::endl; + ops_validate_result_free(result); + return false ; + } + ops_validate_result_free(result); + +#ifdef DEBUG_PGPHANDLER + std::cerr << " Key read correctly: " << std::endl; + ops_keyring_list(tmp_keyring) ; +#endif + + int i=0 ; + + while( (keydata = ops_keyring_get_key_by_index(tmp_keyring,i++)) != NULL ) + if(locked_addOrMergeKey(_pubring,_public_keyring_map,keydata)) + { + _pubring_changed = true ; +#ifdef DEBUG_PGPHANDLER + std::cerr << " Added the key in the main public keyring." << std::endl; +#endif + } + else + std::cerr << "Key already in public keyring." << std::endl; + + if(tmp_keyring->nkeys > 0) + id = RsPgpId(tmp_keyring->keys[0].key_id) ; + else + return false ; + + ops_keyring_free(tmp_keyring) ; + free(tmp_keyring) ; + + _pubring_changed = true ; + + return true ; +} + +bool OpenPGPSDKHandler::locked_addOrMergeKey(ops_keyring_t *keyring,std::map& kmap,const ops_keydata_t *keydata) +{ + bool ret = false ; + RsPgpId id(keydata->key_id) ; + +#ifdef DEBUG_PGPHANDLER + std::cerr << "AddOrMergeKey():" << std::endl; + std::cerr << " id: " << id.toStdString() << std::endl; +#endif + + // See if the key is already in the keyring + const ops_keydata_t *existing_key = NULL; + std::map::const_iterator res = kmap.find(id) ; + + // Checks that + // - the key is referenced by keyid + // - the map is initialized + // - the fingerprint matches! + // + if(res == kmap.end() || (existing_key = ops_keyring_get_key_by_index(keyring,res->second._key_index)) == NULL) + { +#ifdef DEBUG_PGPHANDLER + std::cerr << " Key is new. Adding it to keyring" << std::endl; +#endif + addNewKeyToOPSKeyring(keyring,*keydata) ; // the key is new. + initCertificateInfo(kmap[id],keydata,keyring->nkeys-1) ; + existing_key = &(keyring->keys[keyring->nkeys-1]) ; + ret = true ; + } + else + { + if(memcmp( existing_key->fingerprint.fingerprint, + keydata->fingerprint.fingerprint, + RsPgpFingerprint::SIZE_IN_BYTES )) + { + std::cerr << "(EE) attempt to merge key with identical id, but different fingerprint!" << std::endl; + return false ; + } + +#ifdef DEBUG_PGPHANDLER + std::cerr << " Key exists. Merging signatures." << std::endl; +#endif + ret = mergeKeySignatures(const_cast(existing_key),keydata) ; + + if(ret) + initCertificateInfo(kmap[id],existing_key,res->second._key_index) ; + } + + if(ret) + { + validateAndUpdateSignatures(kmap[id],existing_key) ; + kmap[id]._time_stamp = time(NULL) ; + } + + return ret ; +} + +bool OpenPGPSDKHandler::encryptTextToFile(const RsPgpId& key_id,const std::string& text,const std::string& outfile) +{ + RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. + + const ops_keydata_t *public_key = locked_getPublicKey(key_id,true) ; + + if(public_key == NULL) + { + std::cerr << "Cannot get public key of id " << key_id.toStdString() << std::endl; + return false ; + } + + if(public_key->type != OPS_PTAG_CT_PUBLIC_KEY) + { + std::cerr << "OpenPGPSDKHandler::encryptTextToFile(): ERROR: supplied id did not return a public key!" << std::endl; + return false ; + } + + std::string outfile_tmp = outfile + ".tmp" ; + + ops_create_info_t *info; + int fd = ops_setup_file_write(&info, outfile_tmp.c_str(), ops_true); + + if (fd < 0) + { + std::cerr << "OpenPGPSDKHandler::encryptTextToFile(): ERROR: Cannot write to " << outfile_tmp << std::endl; + return false ; + } + + if(!ops_encrypt_stream(info, public_key, NULL, ops_false, ops_true)) + { + std::cerr << "OpenPGPSDKHandler::encryptTextToFile(): ERROR: encryption failed." << std::endl; + return false ; + } + + ops_write(text.c_str(), text.length(), info); + ops_teardown_file_write(info, fd); + + if(!RsDirUtil::renameFile(outfile_tmp,outfile)) + { + std::cerr << "OpenPGPSDKHandler::encryptTextToFile(): ERROR: Cannot rename " + outfile_tmp + " to " + outfile + ". Disk error?" << std::endl; + return false ; + } + + return true ; +} + +bool OpenPGPSDKHandler::encryptDataBin(const RsPgpId& key_id,const void *data, const uint32_t len, unsigned char *encrypted_data, unsigned int *encrypted_data_len) +{ + RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. + + const ops_keydata_t *public_key = locked_getPublicKey(key_id,true) ; + + if(public_key == NULL) + { + std::cerr << "Cannot get public key of id " << key_id.toStdString() << std::endl; + return false ; + } + + if(public_key->type != OPS_PTAG_CT_PUBLIC_KEY) + { + std::cerr << "OpenPGPSDKHandler::encryptTextToFile(): ERROR: supplied id did not return a public key!" << std::endl; + return false ; + } + if(public_key->key.pkey.algorithm != OPS_PKA_RSA) + { + std::cerr << "OpenPGPSDKHandler::encryptTextToFile(): ERROR: supplied key id " << key_id.toStdString() << " is not an RSA key (DSA for instance, is not supported)!" << std::endl; + return false ; + } + ops_create_info_t *info; + ops_memory_t *buf = NULL ; + ops_setup_memory_write(&info, &buf, 0); + bool res = true; + + if(!ops_encrypt_stream(info, public_key, NULL, ops_false, ops_false)) + { + std::cerr << "Encryption failed." << std::endl; + res = false ; + } + + ops_write(data,len,info); + ops_writer_close(info); + ops_create_info_delete(info); + + int tlen = ops_memory_get_length(buf) ; + + if( (int)*encrypted_data_len >= tlen) + { + if(res) + { + memcpy(encrypted_data,ops_memory_get_data(buf),tlen) ; + *encrypted_data_len = tlen ; + res = true ; + } + } + else + { + std::cerr << "Not enough room to fit encrypted data. Size given=" << *encrypted_data_len << ", required=" << tlen << std::endl; + res = false ; + } + + ops_memory_release(buf) ; + free(buf) ; + + return res ; +} + +bool OpenPGPSDKHandler::decryptDataBin(const RsPgpId& /*key_id*/,const void *encrypted_data, const uint32_t encrypted_len, unsigned char *data, unsigned int *data_len) +{ + int out_length ; + unsigned char *out ; + ops_boolean_t res = ops_decrypt_memory((const unsigned char *)encrypted_data,encrypted_len,&out,&out_length,_secring,ops_false,cb_get_passphrase) ; + + if(*data_len < (unsigned int)out_length) + { + std::cerr << "Not enough room to store decrypted data! Please give more."<< std::endl; + return false ; + } + + *data_len = (unsigned int)out_length ; + memcpy(data,out,out_length) ; + free(out) ; + + return (bool)res ; +} + +bool OpenPGPSDKHandler::decryptTextFromFile(const RsPgpId&,std::string& text,const std::string& inputfile) +{ + RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. + + unsigned char *out_buf = NULL ; + std::string buf ; + + FILE *f = RsDirUtil::rs_fopen(inputfile.c_str(),"rb") ; + + if (f == NULL) + { + std::cerr << "Cannot open file " << inputfile << " for read." << std::endl; + return false; + } + + int c ; + while( (c = fgetc(f))!= EOF) + buf += (unsigned char)c; + + fclose(f) ; + +#ifdef DEBUG_PGPHANDLER + std::cerr << "OpenPGPSDKHandler::decryptTextFromFile: read a file of length " << std::dec << buf.length() << std::endl; + std::cerr << "buf=\"" << buf << "\"" << std::endl; +#endif + + int out_length ; + ops_boolean_t res = ops_decrypt_memory((const unsigned char *)buf.c_str(),buf.length(),&out_buf,&out_length,_secring,ops_true,cb_get_passphrase) ; + + text = std::string((char *)out_buf,out_length) ; + free (out_buf); + return (bool)res ; +} + +bool OpenPGPSDKHandler::SignDataBin(const RsPgpId& id,const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen,bool use_raw_signature, std::string reason /* = "" */) +{ + RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. + // need to find the key and to decrypt it. + + const ops_keydata_t *key = locked_getSecretKey(id) ; + + if(!key) + { + std::cerr << "Cannot sign: no secret key with id " << id.toStdString() << std::endl; + return false ; + } + + std::string uid_hint ; + if(key->nuids > 0) + uid_hint = std::string((const char *)key->uids[0].user_id) ; + uid_hint += "(" + RsPgpId(key->key_id).toStdString()+")" ; + +#ifdef DEBUG_PGPHANDLER + ops_fingerprint_t f ; + ops_fingerprint(&f,&key->key.pkey) ; + + PGPFingerprintType fp(f.fingerprint) ; +#endif + + bool last_passwd_was_wrong = false ; +ops_secret_key_t *secret_key = NULL ; + + for(int i=0;i<3;++i) + { + bool cancelled =false; + std::string passphrase = _passphrase_callback(NULL,reason.c_str(),uid_hint.c_str(),"Please enter passwd for encrypting your key : ",last_passwd_was_wrong,&cancelled) ;//TODO reason + + secret_key = ops_decrypt_secret_key_from_data(key,passphrase.c_str()) ; + + if(cancelled) + { + std::cerr << "Key entering cancelled" << std::endl; + return false ; + } + if(secret_key) + break ; + + std::cerr << "Key decryption went wrong. Wrong passwd?" << std::endl; + last_passwd_was_wrong = true ; + } + if(!secret_key) + { + std::cerr << "Could not obtain secret key. Signature cancelled." << std::endl; + return false ; + } + + // then do the signature. + + ops_boolean_t not_raw = !use_raw_signature ; +#ifdef V07_NON_BACKWARD_COMPATIBLE_CHANGE_002 + ops_memory_t *memres = ops_sign_buf(data,len,OPS_SIG_BINARY,OPS_HASH_SHA256,secret_key,ops_false,ops_false,not_raw,not_raw) ; +#else + ops_memory_t *memres = ops_sign_buf(data,len,OPS_SIG_BINARY,OPS_HASH_SHA1,secret_key,ops_false,ops_false,not_raw,not_raw) ; +#endif + + if(!memres) + return false ; + + bool res ; + uint32_t slen = (uint32_t)ops_memory_get_length(memres); + + if(*signlen >= slen) + { + *signlen = slen ; + + memcpy(sign,ops_memory_get_data(memres),*signlen) ; + res = true ; + } + else + { + std::cerr << "(EE) memory chunk is not large enough for signature packet. Requred size: " << slen << " bytes." << std::endl; + res = false ; + } + + ops_memory_release(memres) ; + free(memres) ; + ops_secret_key_free(secret_key) ; + free(secret_key) ; + +#ifdef DEBUG_PGPHANDLER + std::cerr << "Signed with fingerprint " << fp.toStdString() << ", length " << std::dec << *signlen << ", literal data length = " << len << std::endl; + std::cerr << "Signature body: " << std::endl; + hexdump( (unsigned char *)data, len) ; + std::cerr << std::endl; + std::cerr << "Data: " << std::endl; + hexdump( (unsigned char *)sign,*signlen) ; + std::cerr << std::endl; +#endif + return res ; +} + +bool OpenPGPSDKHandler::privateSignCertificate(const RsPgpId& ownId,const RsPgpId& id_of_key_to_sign) +{ + RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. + + ops_keydata_t *key_to_sign = const_cast(locked_getPublicKey(id_of_key_to_sign,true)) ; + + if(key_to_sign == NULL) + { + std::cerr << "Cannot sign: no public key with id " << id_of_key_to_sign.toStdString() << std::endl; + return false ; + } + + // 1 - get decrypted secret key + // + const ops_keydata_t *skey = locked_getSecretKey(ownId) ; + + if(!skey) + { + std::cerr << "Cannot sign: no secret key with id " << ownId.toStdString() << std::endl; + return false ; + } + const ops_keydata_t *pkey = locked_getPublicKey(ownId,true) ; + + if(!pkey) + { + std::cerr << "Cannot sign: no public key with id " << ownId.toStdString() << std::endl; + return false ; + } + + bool cancelled = false; + std::string passphrase = _passphrase_callback(NULL,"",RsPgpId(skey->key_id).toStdString().c_str(),"Please enter passwd for encrypting your key : ",false,&cancelled) ; + + ops_secret_key_t *secret_key = ops_decrypt_secret_key_from_data(skey,passphrase.c_str()) ; + + if(cancelled) + { + std::cerr << "Key cancelled by used." << std::endl; + return false ; + } + if(!secret_key) + { + std::cerr << "Key decryption went wrong. Wrong passwd?" << std::endl; + return false ; + } + + // 2 - then do the signature. + + if(!ops_sign_key(key_to_sign,pkey->key_id,secret_key)) + { + std::cerr << "Key signature went wrong. Wrong passwd?" << std::endl; + return false ; + } + + // 3 - free memory + // + ops_secret_key_free(secret_key) ; + free(secret_key) ; + + _pubring_changed = true ; + + // 4 - update signatures. + // + PGPCertificateInfo& cert(_public_keyring_map[ id_of_key_to_sign ]) ; + validateAndUpdateSignatures(cert,key_to_sign) ; + cert._flags |= PGPCertificateInfo::PGP_CERTIFICATE_FLAG_HAS_OWN_SIGNATURE ; + + return true ; +} + +bool OpenPGPSDKHandler::getKeyFingerprint(const RsPgpId& id, RsPgpFingerprint& fp) const +{ + RS_STACK_MUTEX(pgphandlerMtx); + + const ops_keydata_t *key = locked_getPublicKey(id,false) ; + + if(!key) return false; + + ops_fingerprint_t f ; + ops_fingerprint(&f,&key->key.pkey) ; + + fp = RsPgpFingerprint::fromBufferUnsafe(f.fingerprint); + + return true ; +} + +bool OpenPGPSDKHandler::VerifySignBin(const void *literal_data, uint32_t literal_data_length, unsigned char *sign, unsigned int sign_len, const PGPFingerprintType& key_fingerprint) +{ + RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. + + RsPgpId id = RsPgpId(key_fingerprint.toByteArray() + PGPFingerprintType::SIZE_IN_BYTES - RsPgpId::SIZE_IN_BYTES) ; + const ops_keydata_t *key = locked_getPublicKey(id,true) ; + + if(key == NULL) + { + std::cerr << "No key returned by fingerprint " << key_fingerprint.toStdString() << ", and ID " << id.toStdString() << ", signature verification failed!" << std::endl; + return false ; + } + + // Check that fingerprint is the same. + const ops_public_key_t *pkey = &key->key.pkey ; + ops_fingerprint_t fp ; + ops_fingerprint(&fp,pkey) ; + + if(key_fingerprint != PGPFingerprintType(fp.fingerprint)) + { + std::cerr << "Key fingerprint does not match " << key_fingerprint.toStdString() << ", for ID " << id.toStdString() << ", signature verification failed!" << std::endl; + return false ; + } + +#ifdef DEBUG_PGPHANDLER + std::cerr << "Verifying signature from fingerprint " << key_fingerprint.toStdString() << ", length " << std::dec << sign_len << ", literal data length = " << literal_data_length << std::endl; + std::cerr << "Signature body: " << std::endl; + hexdump( (unsigned char *)sign,sign_len) ; + std::cerr << std::endl; + std::cerr << "Signed data: " << std::endl; + hexdump( (unsigned char *)literal_data, literal_data_length) ; + std::cerr << std::endl; +#endif + + return ops_validate_detached_signature(literal_data,literal_data_length,sign,sign_len,key) ; +} + +// Lexicographic order on signature packets +// +bool operator<(const ops_packet_t& p1,const ops_packet_t& p2) +{ + if(p1.length < p2.length) + return true ; + if(p1.length > p2.length) + return false ; + + for(uint32_t i=0;i p2.raw[i]) + return false ; + } + return false ; +} + +bool OpenPGPSDKHandler::mergeKeySignatures(ops_keydata_t *dst,const ops_keydata_t *src) +{ + // First sort all signatures into lists to see which is new, which is not new + +#ifdef DEBUG_PGPHANDLER + std::cerr << "Merging signatures for key " << RsPgpId(dst->key_id).toStdString() << std::endl; +#endif + std::set dst_packets ; + + for(uint32_t i=0;inpackets;++i) dst_packets.insert(dst->packets[i]) ; + + std::set to_add ; + + for(uint32_t i=0;inpackets;++i) + if(dst_packets.find(src->packets[i]) == dst_packets.end()) + { + uint8_t tag ; + uint32_t length ; + unsigned char *tmp_data = src->packets[i].raw ; // put it in a tmp variable because read_packetHeader() will modify it!! + + PGPKeyParser::read_packetHeader(tmp_data,tag,length) ; + + if(tag == PGPKeyParser::PGP_PACKET_TAG_SIGNATURE) + to_add.insert(src->packets[i]) ; +#ifdef DEBUG_PGPHANDLER + else + std::cerr << " Packet with tag 0x" << std::hex << (int)(src->packets[i].raw[0]) << std::dec << " not merged, because it is not a signature." << std::endl; +#endif + } + + for(std::set::const_iterator it(to_add.begin());it!=to_add.end();++it) + { +#ifdef DEBUG_PGPHANDLER + std::cerr << " Adding packet with tag 0x" << std::hex << (int)(*it).raw[0] << std::dec << std::endl; +#endif + ops_add_packet_to_keydata(dst,&*it) ; + } + return to_add.size() > 0 ; +} + +bool OpenPGPSDKHandler::syncDatabase() +{ + RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. + RsStackFileLock flck(_pgp_lock_filename) ; // lock access to PGP directory. + +#ifdef DEBUG_PGPHANDLER + std::cerr << "Sync-ing keyrings." << std::endl; +#endif + locked_syncPublicKeyring() ; + //locked_syncSecretKeyring() ; + + // Now sync the trust database as well. + // + locked_syncTrustDatabase() ; + +#ifdef DEBUG_PGPHANDLER + std::cerr << "Done. " << std::endl; +#endif + return true ; +} + +bool OpenPGPSDKHandler::locked_syncPublicKeyring() +{ + struct stat64 buf ; +#ifdef WINDOWS_SYS + std::wstring wfullname; + librs::util::ConvertUtf8ToUtf16(_pubring_path, wfullname); + if(-1 == _wstati64(wfullname.c_str(), &buf)) +#else + if(-1 == stat64(_pubring_path.c_str(), &buf)) +#endif + std::cerr << "OpenPGPSDKHandler::syncDatabase(): can't stat file " << _pubring_path << ". Can't sync public keyring." << std::endl; + + if(_pubring_last_update_time < buf.st_mtime) + { + std::cerr << "Detected change on disk of public keyring. Merging!" << std::endl ; + + locked_mergeKeyringFromDisk(_pubring,_public_keyring_map,_pubring_path) ; + _pubring_last_update_time = buf.st_mtime ; + } + + // Now check if the pubring was locally modified, which needs saving it again + if(_pubring_changed && RsDiscSpace::checkForDiscSpace(RS_PGP_DIRECTORY)) + { + std::string tmp_keyring_file = _pubring_path + ".tmp" ; + + std::cerr << "Local changes in public keyring. Writing to disk..." << std::endl; + if(!ops_write_keyring_to_file(_pubring,ops_false,tmp_keyring_file.c_str(),ops_true)) + { + std::cerr << "Cannot write public keyring tmp file. Disk full? Disk quota exceeded?" << std::endl; + return false ; + } + if(!RsDirUtil::renameFile(tmp_keyring_file,_pubring_path)) + { + std::cerr << "Cannot rename tmp pubring file " << tmp_keyring_file << " into actual pubring file " << _pubring_path << ". Check writing permissions?!?" << std::endl; + return false ; + } + + std::cerr << "Done." << std::endl; + _pubring_last_update_time = time(NULL) ; // should we get this value from the disk instead?? + _pubring_changed = false ; + } + return true ; +} + +void OpenPGPSDKHandler::locked_mergeKeyringFromDisk(ops_keyring_t *keyring, + std::map& kmap, + const std::string& keyring_file) +{ +#ifdef DEBUG_PGPHANDLER + std::cerr << "Merging keyring " << keyring_file << " from disk to memory." << std::endl; +#endif + + // 1 - load keyring into a temporary keyring list. + ops_keyring_t *tmp_keyring = OpenPGPSDKHandler::allocateOPSKeyring() ; + + if(ops_false == ops_keyring_read_from_file(tmp_keyring, false, keyring_file.c_str())) + { + std::cerr << "OpenPGPSDKHandler::locked_mergeKeyringFromDisk(): cannot read keyring. File corrupted?" ; + ops_keyring_free(tmp_keyring) ; + return ; + } + + // 2 - load new keys and merge existing key signatures + + for(int i=0;inkeys;++i) + locked_addOrMergeKey(keyring,kmap,&tmp_keyring->keys[i]) ;// we dont' account for the return value. This is disk merging, not local changes. + + // 4 - clean + ops_keyring_free(tmp_keyring) ; +} + +bool OpenPGPSDKHandler::removeKeysFromPGPKeyring(const std::set& keys_to_remove,std::string& backup_file,uint32_t& error_code) +{ + // 1 - lock everything. + // + RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. + RsStackFileLock flck(_pgp_lock_filename) ; // lock access to PGP directory. + + error_code = PGP_KEYRING_REMOVAL_ERROR_NO_ERROR ; + + for(std::set::const_iterator it(keys_to_remove.begin());it!=keys_to_remove.end();++it) + if(locked_getSecretKey(*it) != NULL) + { + std::cerr << "(EE) OpenPGPSDKHandler:: can't remove key " << (*it).toStdString() << " since its shared by a secret key! Operation cancelled." << std::endl; + error_code = PGP_KEYRING_REMOVAL_ERROR_CANT_REMOVE_SECRET_KEYS ; + return false ; + } + + // 2 - sync everything. + // + locked_syncPublicKeyring() ; + + // 3 - make a backup of the public keyring + // + char template_name[_pubring_path.length()+8] ; + sprintf(template_name,"%s.XXXXXX",_pubring_path.c_str()) ; + +#if defined __USE_XOPEN_EXTENDED || defined __USE_XOPEN2K8 + int fd_keyring_backup(mkstemp(template_name)); + if (fd_keyring_backup == -1) +#else + if(mktemp(template_name) == NULL) +#endif + { + std::cerr << "OpenPGPSDKHandler::removeKeysFromPGPKeyring(): cannot create keyring backup file. Giving up." << std::endl; + error_code = PGP_KEYRING_REMOVAL_ERROR_CANNOT_CREATE_BACKUP ; + return false ; + } +#if defined __USE_XOPEN_EXTENDED || defined __USE_XOPEN2K8 + close(fd_keyring_backup); // TODO: keep the file open and use the fd +#endif + + if(!ops_write_keyring_to_file(_pubring,ops_false,template_name,ops_true)) + { + std::cerr << "OpenPGPSDKHandler::removeKeysFromPGPKeyring(): cannot write keyring backup file. Giving up." << std::endl; + error_code = PGP_KEYRING_REMOVAL_ERROR_CANNOT_WRITE_BACKUP ; + return false ; + } + backup_file = std::string(template_name,_pubring_path.length()+7) ; + + std::cerr << "Keyring was backed up to file " << backup_file << std::endl; + + // Remove keys from the keyring, and update the keyring map. + // + for(std::set::const_iterator it(keys_to_remove.begin());it!=keys_to_remove.end();++it) + { + if(locked_getSecretKey(*it) != NULL) + { + std::cerr << "(EE) OpenPGPSDKHandler:: can't remove key " << (*it).toStdString() << " since its shared by a secret key!" << std::endl; + continue ; + } + + std::map::iterator res = _public_keyring_map.find(*it) ; + + if(res == _public_keyring_map.end()) + { + std::cerr << "(EE) OpenPGPSDKHandler:: can't remove key " << (*it).toStdString() << " from keyring: key not found." << std::endl; + continue ; + } + + if(res->second._key_index >= (unsigned int)_pubring->nkeys || RsPgpId(_pubring->keys[res->second._key_index].key_id) != *it) + { + std::cerr << "(EE) OpenPGPSDKHandler:: can't remove key " << (*it).toStdString() << ". Inconsistency found." << std::endl; + error_code = PGP_KEYRING_REMOVAL_ERROR_DATA_INCONSISTENCY ; + return false ; + } + + // Move the last key to the freed place. This deletes the key in place. + // + ops_keyring_remove_key(_pubring,res->second._key_index) ; + + // Erase the info from the keyring map. + // + _public_keyring_map.erase(res) ; + + // now update all indices back. This internal look is very costly, but it avoids deleting the wrong keys, since the keyring structure is + // changed by ops_keyring_remove_key and therefore indices don't point to the correct location anymore. + + int i=0 ; + const ops_keydata_t *keydata ; + while( (keydata = ops_keyring_get_key_by_index(_pubring,i)) != NULL ) + { + PGPCertificateInfo& cert(_public_keyring_map[ RsPgpId(keydata->key_id) ]) ; + cert._key_index = i ; + ++i ; + } + } + + // Everything went well, sync back the keyring on disk + + _pubring_changed = true ; + _trustdb_changed = true ; + + locked_syncPublicKeyring() ; + locked_syncTrustDatabase() ; + + return true ; +} diff --git a/libretroshare/src/pgp/openpgpsdkhandler.h b/libretroshare/src/pgp/openpgpsdkhandler.h new file mode 100644 index 000000000..e6c06ba84 --- /dev/null +++ b/libretroshare/src/pgp/openpgpsdkhandler.h @@ -0,0 +1,116 @@ +/******************************************************************************* + * libretroshare/src/pgp: pgphandler.h * + * * + * libretroshare: retroshare core library * + * * + * Copyright 2018 Cyril Soler * + * * + * This program is free software: you can redistribute it and/or modify * + * it under the terms of the GNU Lesser General Public License as * + * published by the Free Software Foundation, either version 3 of the * + * License, or (at your option) any later version. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU Lesser General Public License for more details. * + * * + * You should have received a copy of the GNU Lesser General Public License * + * along with this program. If not, see . * + * * + *******************************************************************************/ +#pragma once + +#include +#include +#include +#include +#include + +#include "util/rsthreads.h" +#include "pgp/pgphandler.h" +#include "retroshare/rstypes.h" + +extern "C" { + // we should make sure later on to get rid of these structures in the .h + #include "openpgpsdk/keyring.h" +} + +/// This class offer an abstract pgp handler to be used in RetroShare. +class OpenPGPSDKHandler: public PGPHandler +{ +public: + OpenPGPSDKHandler( const std::string& path_to_public_keyring, + const std::string& path_to_secret_keyring, + const std::string& path_to_trust_database, + const std::string& pgp_lock_file) ; + + virtual ~OpenPGPSDKHandler() ; + + //================================================================================================// + // Implemented API from PGPHandler // + //================================================================================================// + + virtual std::string makeRadixEncodedPGPKey(uint32_t key_index,bool include_signatures) override; + virtual bool removeKeysFromPGPKeyring(const std::set& key_ids,std::string& backup_file,uint32_t& error_code) override; + virtual bool availableGPGCertificatesWithPrivateKeys(std::list& ids) override; + virtual bool GeneratePGPCertificate(const std::string& name, const std::string& email, const std::string& passphrase, RsPgpId& pgpId, const int keynumbits, std::string& errString) override; + + virtual std::string SaveCertificateToString(const RsPgpId& id,bool include_signatures) const override; + virtual bool exportPublicKey( const RsPgpId& id, unsigned char*& mem_block, size_t& mem_size, bool armoured, bool include_signatures ) const override; + + virtual bool exportGPGKeyPair(const std::string& filename,const RsPgpId& exported_key_id) const override; + virtual bool exportGPGKeyPairToString( std::string& data, const RsPgpId& exportedKeyId, bool includeSignatures, std::string& errorMsg ) const override; + virtual bool getGPGDetailsFromBinaryBlock(const unsigned char *mem_block,size_t mem_size,RsPgpId& key_id, std::string& name, std::list& signers) const override; + virtual bool importGPGKeyPair(const std::string& filename,RsPgpId& imported_key_id,std::string& import_error) override; + virtual bool importGPGKeyPairFromString(const std::string &data, RsPgpId &imported_key_id, std::string &import_error) override; + virtual bool LoadCertificateFromBinaryData(const unsigned char *data,uint32_t data_len,RsPgpId& id,std::string& error_string) override; + virtual bool LoadCertificateFromString(const std::string& pgp_cert,RsPgpId& id,std::string& error_string) override; + virtual bool encryptTextToFile(const RsPgpId& key_id,const std::string& text,const std::string& outfile) override; + virtual bool encryptDataBin(const RsPgpId& key_id,const void *data, const uint32_t len, unsigned char *encrypted_data, unsigned int *encrypted_data_len) override; + virtual bool decryptDataBin(const RsPgpId& /*key_id*/,const void *encrypted_data, const uint32_t encrypted_len, unsigned char *data, unsigned int *data_len) override; + virtual bool decryptTextFromFile(const RsPgpId&,std::string& text,const std::string& inputfile) override; + virtual bool SignDataBin(const RsPgpId& id,const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen,bool use_raw_signature, std::string reason /* = "" */) override; + virtual bool privateSignCertificate(const RsPgpId& ownId,const RsPgpId& id_of_key_to_sign) override; + virtual bool VerifySignBin(const void *literal_data, uint32_t literal_data_length, unsigned char *sign, unsigned int sign_len, const PGPFingerprintType& key_fingerprint) override; + virtual bool getKeyFingerprint(const RsPgpId& id, RsPgpFingerprint& fp) const override; + virtual bool haveSecretKey(const RsPgpId& id) const override; + virtual bool syncDatabase() override; + private: + bool locked_syncPublicKeyring() ; + + void initCertificateInfo(PGPCertificateInfo& cert,const ops_keydata_t *keydata,uint32_t i) ; + bool LoadCertificate(const unsigned char *data,uint32_t data_len,bool armoured,RsPgpId& id,std::string& error_string) ; + + // Returns true if the signatures have been updated + // + bool validateAndUpdateSignatures(PGPCertificateInfo& cert,const ops_keydata_t *keydata) ; + + /** Check public/private key and import them into the keyring + * @param keyring keyring with the new public/private key pair. Will be freed by the function. + * @param imported_key_id PGP id of the imported key + * @param import_error human readbale error message + * @returns true on success + * */ + bool checkAndImportKeyPair(ops_keyring_t *keyring, RsPgpId& imported_key_id,std::string& import_error); + + const ops_keydata_t *locked_getPublicKey(const RsPgpId&,bool stamp_the_key) const; + const ops_keydata_t *locked_getSecretKey(const RsPgpId&) const ; + + void locked_mergeKeyringFromDisk(ops_keyring_t *keyring, std::map& kmap, const std::string& keyring_file) ; + bool locked_addOrMergeKey(ops_keyring_t *keyring,std::map& kmap,const ops_keydata_t *keydata) ; + + // Members. + // + ops_keyring_t *_pubring ; + ops_keyring_t *_secring ; + + void printOPSKeys() const; + + // Helper functions. + // + static std::string makeRadixEncodedPGPKey(const ops_keydata_t *key,bool include_signatures) ; + static ops_keyring_t *allocateOPSKeyring() ; + static void addNewKeyToOPSKeyring(ops_keyring_t*, const ops_keydata_t&) ; + static bool mergeKeySignatures(ops_keydata_t *dst,const ops_keydata_t *src) ; // returns true if signature lists are different +}; From b084b20280665fcfe1d16beed2c2704f4c194019 Mon Sep 17 00:00:00 2001 From: csoler Date: Sat, 14 Aug 2021 14:56:28 +0200 Subject: [PATCH 03/10] removed getAuthGPG and replaced AuthGPG with a class with static members --- .../src/gossipdiscovery/p3gossipdiscovery.cc | 20 +- libretroshare/src/pgp/pgpauxutils.cc | 10 +- libretroshare/src/pqi/authgpg.cc | 186 +++++++++++------- libretroshare/src/pqi/authgpg.h | 115 ++++++----- libretroshare/src/pqi/authssl.cc | 15 +- libretroshare/src/pqi/p3peermgr.cc | 20 +- libretroshare/src/pqi/pqissl.cc | 3 +- libretroshare/src/pqi/pqissllistener.cc | 3 +- libretroshare/src/rsserver/p3peers.cc | 61 +++--- libretroshare/src/rsserver/p3serverconfig.cc | 2 +- libretroshare/src/rsserver/rsaccounts.cc | 29 +-- libretroshare/src/rsserver/rsinit.cc | 11 +- libretroshare/src/rsserver/rsloginhandler.cc | 5 +- libretroshare/src/services/p3idservice.cc | 4 +- 14 files changed, 266 insertions(+), 218 deletions(-) diff --git a/libretroshare/src/gossipdiscovery/p3gossipdiscovery.cc b/libretroshare/src/gossipdiscovery/p3gossipdiscovery.cc index 732967f44..179a845d7 100644 --- a/libretroshare/src/gossipdiscovery/p3gossipdiscovery.cc +++ b/libretroshare/src/gossipdiscovery/p3gossipdiscovery.cc @@ -107,7 +107,7 @@ p3discovery2::p3discovery2( addSerialType(new RsDiscSerialiser()); // Add self into PGP FriendList. - mFriendList[AuthGPG::getAuthGPG()->getGPGOwnId()] = DiscPgpInfo(); + mFriendList[AuthGPG::getGPGOwnId()] = DiscPgpInfo(); } @@ -219,7 +219,7 @@ void p3discovery2::removeFriend(const RsPeerId &sslId) std::cerr << std::endl; #endif /* pgp peer without any ssl entries -> check if they are still a real friend */ - if (!(AuthGPG::getAuthGPG()->isGPGAccepted(pgpId))) + if (!(AuthGPG::isGPGAccepted(pgpId))) { #ifdef P3DISC_DEBUG std::cerr << "p3discovery2::addFriend() pgpId is no longer a friend, removing"; @@ -604,8 +604,8 @@ void p3discovery2::updatePgpFriendList() std::list::iterator lit; std::map::iterator it; - RsPgpId ownPgpId = AuthGPG::getAuthGPG()->getGPGOwnId(); - AuthGPG::getAuthGPG()->getGPGAcceptedList(pgpList); + RsPgpId ownPgpId = AuthGPG::getGPGOwnId(); + AuthGPG::getGPGAcceptedList(pgpList); pgpList.push_back(ownPgpId); // convert to set for ordering. @@ -723,7 +723,7 @@ void p3discovery2::processPGPList(const RsPeerId &fromId, const RsDiscPgpListIte std::set::const_iterator fit; for(fit = item->pgpIdSet.ids.begin(); fit != item->pgpIdSet.ids.end(); ++fit) { - if (!AuthGPG::getAuthGPG()->isGPGId(*fit)) + if (!AuthGPG::isPGPId(*fit)) { #ifdef P3DISC_DEBUG std::cerr << "p3discovery2::processPGPList() requesting certificate for PgpId: " << *fit; @@ -1058,11 +1058,11 @@ void p3discovery2::recvPGPCertificateRequest( const RsPeerId& fromId, const RsDi return; } - RsPgpId ownPgpId = AuthGPG::getAuthGPG()->getGPGOwnId(); + RsPgpId ownPgpId = AuthGPG::getGPGOwnId(); for(const RsPgpId& pgpId : item->pgpIdSet.ids) if (pgpId == ownPgpId) sendPGPCertificate(pgpId, fromId); - else if(ps.vs_disc != RS_VS_DISC_OFF && AuthGPG::getAuthGPG()->isGPGAccepted(pgpId)) + else if(ps.vs_disc != RS_VS_DISC_OFF && AuthGPG::isGPGAccepted(pgpId)) sendPGPCertificate(pgpId, fromId); else std::cerr << "(WW) not sending certificate " << pgpId << " asked by friend " << fromId << " because this either this cert is not a friend, or discovery is off" << std::endl; @@ -1078,7 +1078,7 @@ void p3discovery2::sendPGPCertificate(const RsPgpId &aboutId, const RsPeerId &to unsigned char *bin_data; size_t bin_len; - if(!AuthGPG::getAuthGPG()->exportPublicKey(aboutId,bin_data,bin_len,false,true)) + if(!AuthGPG::exportPublicKey(aboutId,bin_data,bin_len,false,true)) { std::cerr << "(EE) cannot export public key " << aboutId << " requested by peer " << toId << std::endl; return ; @@ -1098,7 +1098,7 @@ void p3discovery2::recvPGPCertificate(const RsPeerId& fromId, RsDiscPgpKeyItem* std::string cert_name; std::list cert_signers; - if(!AuthGPG::getAuthGPG()->getGPGDetailsFromBinaryBlock( (unsigned char*)item->bin_data,item->bin_len, cert_pgp_id, cert_name, cert_signers )) + if(!AuthGPG::getGPGDetailsFromBinaryBlock( (unsigned char*)item->bin_data,item->bin_len, cert_pgp_id, cert_name, cert_signers )) { std::cerr << "(EE) cannot parse own PGP key sent by " << fromId << std::endl; return; @@ -1147,7 +1147,7 @@ void p3discovery2::recvPGPCertificate(const RsPeerId& fromId, RsDiscPgpKeyItem* // otherwise the connection should already be accepted. This only happens when the short invite peer sends its own PGP key. if(det.skip_pgp_signature_validation) - AuthGPG::getAuthGPG()->AllowConnection(det.gpg_id,true); + AuthGPG::AllowConnection(det.gpg_id,true); } /************* from pqiServiceMonitor *******************/ diff --git a/libretroshare/src/pgp/pgpauxutils.cc b/libretroshare/src/pgp/pgpauxutils.cc index d7229e848..a9c3b36f6 100644 --- a/libretroshare/src/pgp/pgpauxutils.cc +++ b/libretroshare/src/pgp/pgpauxutils.cc @@ -34,7 +34,7 @@ PgpAuxUtilsImpl::PgpAuxUtilsImpl() const RsPgpId& PgpAuxUtilsImpl::getPGPOwnId() { - return AuthGPG::getAuthGPG()->getGPGOwnId(); + return AuthGPG::getGPGOwnId(); } RsPgpId PgpAuxUtilsImpl::getPGPId(const RsPeerId& sslid) @@ -44,7 +44,7 @@ RsPgpId PgpAuxUtilsImpl::getPGPId(const RsPeerId& sslid) bool PgpAuxUtilsImpl::getKeyFingerprint(const RsPgpId& id,PGPFingerprintType& fp) const { - return AuthGPG::getAuthGPG()->getKeyFingerprint(id, fp); + return AuthGPG::getKeyFingerprint(id, fp); } bool PgpAuxUtilsImpl::VerifySignBin(const void *data, @@ -54,17 +54,17 @@ bool PgpAuxUtilsImpl::VerifySignBin(const void *data, const PGPFingerprintType& withfingerprint) { - return AuthGPG::getAuthGPG()->VerifySignBin(data, len, sign, signlen, withfingerprint); + return AuthGPG::VerifySignBin(data, len, sign, signlen, withfingerprint); } bool PgpAuxUtilsImpl::getGPGAllList(std::list &ids) { - return AuthGPG::getAuthGPG()->getGPGAllList(ids); + return AuthGPG::getGPGAllList(ids); } bool PgpAuxUtilsImpl::parseSignature(unsigned char *sign, unsigned int signlen, RsPgpId& issuer) const { - return AuthGPG::getAuthGPG()->parseSignature(sign,signlen,issuer); + return AuthGPG::parseSignature(sign,signlen,issuer); } diff --git a/libretroshare/src/pqi/authgpg.cc b/libretroshare/src/pqi/authgpg.cc index 2d29fbb65..b870b5d1e 100644 --- a/libretroshare/src/pqi/authgpg.cc +++ b/libretroshare/src/pqi/authgpg.cc @@ -54,9 +54,21 @@ void cleanupZombies(int numkill); // function to cleanup zombies under OSX. /* Function to sign X509_REQ via GPGme. */ +int AuthGPG::availableGPGCertificatesWithPrivateKeys(std::list& pgpIds) +{ + return instance()->mPgpHandler->availableGPGCertificatesWithPrivateKeys(pgpIds); +} +bool AuthGPG::getGPGDetailsFromBinaryBlock(const unsigned char *mem,size_t mem_size,RsPgpId& key_id, std::string& name, std::list& signers) +{ + return instance()->mPgpHandler->getGPGDetailsFromBinaryBlock(mem,mem_size,key_id,name,signers); +} +void AuthGPG::registerToConfigMgr(const std::string& fname,p3ConfigMgr *CfgMgr) +{ + CfgMgr->addConfiguration(fname, instance()); +} bool AuthGPG::decryptTextFromFile(std::string& text,const std::string& inputfile) { - return PGPHandler::decryptTextFromFile(mOwnGpgId,text,inputfile) ; + return instance()->mPgpHandler->decryptTextFromFile(instance()->mOwnGpgId,text,inputfile) ; } bool AuthGPG::removeKeysFromPGPKeyring(const std::set& pgp_ids,std::string& backup_file,uint32_t& error_code) @@ -66,22 +78,22 @@ bool AuthGPG::removeKeysFromPGPKeyring(const std::set& pgp_ids,std::str // for(std::list::const_iterator it(pgp_ids.begin());it!=pgp_ids.end();++it) // pids.push_back(RsPgpId(*it)) ; - return PGPHandler::removeKeysFromPGPKeyring(pgp_ids,backup_file,error_code) ; + return instance()->mPgpHandler->removeKeysFromPGPKeyring(pgp_ids,backup_file,error_code) ; } // bool AuthGPG::decryptTextFromString(std::string& encrypted_text,std::string& output) // { -// return PGPHandler::decryptTextFromString(mOwnGpgId,encrypted_text,output) ; +// return instance()->mPgpHandler->decryptTextFromString(mOwnGpgId,encrypted_text,output) ; // } bool AuthGPG::encryptTextToFile(const std::string& text,const std::string& outfile) { - return PGPHandler::encryptTextToFile(mOwnGpgId,text,outfile) ; + return instance()->mPgpHandler->encryptTextToFile(instance()->mOwnGpgId,text,outfile) ; } // bool AuthGPG::encryptTextToString(const std::string& pgp_id,const std::string& text,std::string& outstr) // { -// return PGPHandler::encryptTextToString(RsPgpId(pgp_id),text,outstr) ; +// return instance()->mPgpHandler->encryptTextToString(RsPgpId(pgp_id),text,outstr) ; // } std::string pgp_pwd_callback(void * /*hook*/, const char *uid_title, const char *uid_hint, const char * /*passphrase_info*/, int prev_was_bad,bool *cancelled) @@ -107,8 +119,8 @@ void AuthGPG::init( std::cerr << "AuthGPG::init() called twice!" << std::endl ; } -// if(cb) PGPHandler::setPassphraseCallback(cb);else - PGPHandler::setPassphraseCallback(pgp_pwd_callback); +// if(cb) instance()->mPgpHandler->setPassphraseCallback(cb);else + instance()->mPgpHandler->setPassphraseCallback(pgp_pwd_callback); _instance = new AuthGPG( path_to_public_keyring, path_to_secret_keyring, path_to_trustdb, pgp_lock_file ); @@ -126,7 +138,6 @@ void AuthGPG::exit() AuthGPG::AuthGPG(const std::string& path_to_public_keyring,const std::string& path_to_secret_keyring,const std::string& path_to_trustdb,const std::string& pgp_lock_file) :p3Config(), - OpenPGPSDKHandler(path_to_public_keyring,path_to_secret_keyring,path_to_trustdb,pgp_lock_file), gpgMtxService("AuthGPG-service"), gpgMtxEngine("AuthGPG-engine"), gpgMtxData("AuthGPG-data"), @@ -135,7 +146,9 @@ AuthGPG::AuthGPG(const std::string& path_to_public_keyring,const std::string& pa _force_sync_database(false), mCount(0) { - start("AuthGPG"); + mPgpHandler = new OpenPGPSDKHandler(path_to_public_keyring,path_to_secret_keyring,path_to_trustdb,pgp_lock_file); + + start("AuthGPG"); } /* This function is called when retroshare is first started @@ -149,7 +162,7 @@ AuthGPG::AuthGPG(const std::string& path_to_public_keyring,const std::string& pa //{ // std::list pids ; // -// PGPHandler::availableGPGCertificatesWithPrivateKeys(pids) ; +// mPgpHandler->availableGPGCertificatesWithPrivateKeys(pids) ; // // for(std::list::const_iterator it(pids.begin());it!=pids.end();++it) // ids.push_back( (*it).toStdString() ) ; @@ -171,11 +184,11 @@ int AuthGPG::GPGInit(const RsPgpId &ownId) std::cerr << "AuthGPG::GPGInit() called with own gpg id : " << ownId.toStdString() << std::endl; #endif - mOwnGpgId = RsPgpId(ownId); + instance()->mOwnGpgId = ownId; //force the validity of the private key. When set to unknown, it caused signature and text encryptions bugs - privateTrustCertificate(ownId, 5); - updateOwnSignatureFlag(mOwnGpgId) ; + instance()->privateTrustCertificate(ownId, 5); + instance()->mPgpHandler->updateOwnSignatureFlag(ownId) ; #ifdef DEBUG_AUTHGPG std::cerr << "AuthGPG::GPGInit finished." << std::endl; @@ -204,7 +217,7 @@ void AuthGPG::threadTick() /// - checks whether the keyring has changed on disk. /// - merges/updates according to status. /// - PGPHandler::syncDatabase() ; + mPgpHandler->syncDatabase() ; mCount = 0; _force_sync_database = false ; }//if (++count >= 100 || _force_sync_database) @@ -251,7 +264,7 @@ void AuthGPG::processServices() /* don't bother loading - if we already have the certificate */ - if (isGPGId(loadOrSave->m_certGpgId)) + if (mPgpHandler->isGPGId(loadOrSave->m_certGpgId)) { #ifdef GPG_DEBUG std::cerr << "AuthGPGimpl::processServices() Skipping load - already have it" << std::endl; @@ -307,64 +320,64 @@ void AuthGPG::processServices() bool AuthGPG::DoOwnSignature(const void *data, unsigned int datalen, void *buf_sigout, unsigned int *outl, std::string reason /* = "" */) { - return PGPHandler::SignDataBin(mOwnGpgId,data,datalen,(unsigned char *)buf_sigout,outl,false,reason) ; + return instance()->mPgpHandler->SignDataBin(mOwnGpgId,data,datalen,(unsigned char *)buf_sigout,outl,false,reason) ; } /* import to GnuPG and other Certificates */ bool AuthGPG::VerifySignature(const void *data, int datalen, const void *sig, unsigned int siglen, const PGPFingerprintType& withfingerprint) { - return PGPHandler::VerifySignBin((unsigned char*)data,datalen,(unsigned char*)sig,siglen,withfingerprint) ; + return instance()->mPgpHandler->VerifySignBin((unsigned char*)data,datalen,(unsigned char*)sig,siglen,withfingerprint) ; } bool AuthGPG::parseSignature(const void *sig, unsigned int siglen, RsPgpId& issuer_id) { - return PGPHandler::parseSignature((unsigned char*)sig,siglen,issuer_id) ; + return instance()->mPgpHandler->parseSignature((unsigned char*)sig,siglen,issuer_id) ; } bool AuthGPG::exportProfile(const std::string& fname,const RsPgpId& exported_id) { - return PGPHandler::exportGPGKeyPair(fname,exported_id) ; + return instance()->mPgpHandler->exportGPGKeyPair(fname,exported_id) ; } bool AuthGPG::exportIdentityToString( std::string& data, const RsPgpId& pgpId, bool includeSignatures, std::string& errorMsg ) { - return PGPHandler::exportGPGKeyPairToString( + return instance()->mPgpHandler->exportGPGKeyPairToString( data, pgpId, includeSignatures, errorMsg); } bool AuthGPG::importProfile(const std::string& fname,RsPgpId& imported_id,std::string& import_error) { - return PGPHandler::importGPGKeyPair(fname,imported_id,import_error) ; + return instance()->mPgpHandler->importGPGKeyPair(fname,imported_id,import_error) ; } bool AuthGPG::importProfileFromString(const std::string &data, RsPgpId &gpg_id, std::string &import_error) { - return PGPHandler::importGPGKeyPairFromString(data, gpg_id, import_error); + return instance()->mPgpHandler->importGPGKeyPairFromString(data, gpg_id, import_error); } bool AuthGPG::active() { - RsStackMutex stack(gpgMtxData); /******* LOCKED ******/ + RsStackMutex stack(instance()->gpgMtxData); /******* LOCKED ******/ - return gpgKeySelected; + return instance()->gpgKeySelected; } bool AuthGPG::GeneratePGPCertificate(const std::string& name, const std::string& email, const std::string& passwd, RsPgpId& pgpId, const int keynumbits, std::string& errString) { - RsStackMutex stack(gpgMtxEngine); /******* LOCKED ******/ + RsStackMutex stack(instance()->gpgMtxEngine); /******* LOCKED ******/ - return PGPHandler::GeneratePGPCertificate(name, email, passwd, pgpId, keynumbits, errString) ; + return instance()->mPgpHandler->GeneratePGPCertificate(name, email, passwd, pgpId, keynumbits, errString) ; } /**** These Two are common */ std::string AuthGPG::getGPGName(const RsPgpId& id,bool *success) { - RsStackMutex stack(gpgMtxData); /******* LOCKED ******/ + RsStackMutex stack(instance()->gpgMtxData); /******* LOCKED ******/ - const PGPCertificateInfo *info = getCertificateInfo(id) ; + const PGPCertificateInfo *info = instance()->mPgpHandler->getCertificateInfo(id) ; if(info != NULL) { @@ -378,11 +391,29 @@ std::string AuthGPG::getGPGName(const RsPgpId& id,bool *success) } } +AuthGPG *AuthGPG::instance() +{ + if(!_instance) + { + RsFatal() << "AuthGPG::instance() called before AuthGPG::init()! This should not happen." << std::endl; + return nullptr; + } + + return _instance; +} +bool AuthGPG::isPGPId(const RsPgpId& id) +{ + return instance()->mPgpHandler->isGPGId(id); +} +bool AuthGPG::isPGPAccepted(const RsPgpId& id) +{ + return instance()->mPgpHandler->isGPGAccepted(id); +} /**** These Two are common */ std::string AuthGPG::getGPGEmail(const RsPgpId& id,bool *success) { - RsStackMutex stack(gpgMtxData); /******* LOCKED ******/ - const PGPCertificateInfo *info = getCertificateInfo(id) ; + RsStackMutex stack(instance()->gpgMtxData); /******* LOCKED ******/ + const PGPCertificateInfo *info = instance()->mPgpHandler->getCertificateInfo(id) ; if(info != NULL) { @@ -400,20 +431,20 @@ std::string AuthGPG::getGPGEmail(const RsPgpId& id,bool *success) const RsPgpId& AuthGPG::getGPGOwnId() { - RsStackMutex stack(gpgMtxData); /******* LOCKED ******/ - return mOwnGpgId ; + RsStackMutex stack(instance()->gpgMtxData); /******* LOCKED ******/ + return instance()->mOwnGpgId ; } std::string AuthGPG::getGPGOwnName() { - return getGPGName(mOwnGpgId) ; + return getGPGName(instance()->mOwnGpgId) ; } bool AuthGPG::getGPGAllList(std::list &ids) { - RsStackMutex stack(gpgMtxData); /******* LOCKED ******/ + RsStackMutex stack(instance()->gpgMtxData); /******* LOCKED ******/ - PGPHandler::getGPGFilteredList(ids) ; + instance()->mPgpHandler->getGPGFilteredList(ids) ; return true; } @@ -421,7 +452,7 @@ const PGPCertificateInfo *AuthGPG::getCertInfoFromStdString(const std::string& p { try { - return PGPHandler::getCertificateInfo(RsPgpId(pgp_id)) ; + return instance()->mPgpHandler->getCertificateInfo(RsPgpId(pgp_id)) ; } catch(std::exception& e) { @@ -429,13 +460,13 @@ const PGPCertificateInfo *AuthGPG::getCertInfoFromStdString(const std::string& p return NULL ; } } -bool AuthGPG::haveSecretKey(const RsPgpId& id) const +bool AuthGPG::haveSecretKey(const RsPgpId& id) { - return PGPHandler::haveSecretKey(id) ; + return instance()->mPgpHandler->haveSecretKey(id) ; } -bool AuthGPG::isKeySupported(const RsPgpId& id) const +bool AuthGPG::isKeySupported(const RsPgpId& id) { - const PGPCertificateInfo *pc = getCertificateInfo(id) ; + const PGPCertificateInfo *pc = instance()->mPgpHandler->getCertificateInfo(id) ; if(pc == NULL) return false ; @@ -445,9 +476,9 @@ bool AuthGPG::isKeySupported(const RsPgpId& id) const bool AuthGPG::getGPGDetails(const RsPgpId& pgp_id, RsPeerDetails &d) { - RsStackMutex stack(gpgMtxData); /******* LOCKED ******/ + RsStackMutex stack(instance()->gpgMtxData); /******* LOCKED ******/ - const PGPCertificateInfo *pc = PGPHandler::getCertificateInfo(pgp_id) ; + const PGPCertificateInfo *pc = instance()->mPgpHandler->getCertificateInfo(pgp_id) ; if(pc == NULL) return false ; @@ -476,9 +507,7 @@ bool AuthGPG::getGPGDetails(const RsPgpId& pgp_id, RsPeerDetails &d) bool AuthGPG::getGPGFilteredList(std::list& list,bool (*filter)(const PGPCertificateInfo&)) { - RsStackMutex stack(gpgMtxData); /******* LOCKED ******/ - - return PGPHandler::getGPGFilteredList(list,filter) ; + return instance()->mPgpHandler->getGPGFilteredList(list,filter) ; } static bool filter_Validity(const PGPCertificateInfo& /*info*/) { return true ; } //{ return info._validLvl >= PGPCertificateInfo::GPGME_VALIDITY_MARGINAL ; } @@ -504,9 +533,9 @@ bool AuthGPG::getGPGSignedList(std::list &ids) // { // RsStackMutex stack(gpgMtxData); /******* LOCKED ******/ // #ifdef LIMIT_CERTIFICATE_SIZE -// certificate = PGPHandler::SaveCertificateToString(RsPgpId(id),false) ; +// certificate = instance()->mPgpHandler->SaveCertificateToString(RsPgpId(id),false) ; // #else -// certificate = PGPHandler::SaveCertificateToString(RsPgpId(id),true) ; +// certificate = instance()->mPgpHandler->SaveCertificateToString(RsPgpId(id),true) ; // #endif // // // #ifdef LIMIT_CERTIFICATE_SIZE @@ -530,18 +559,18 @@ bool AuthGPG::getGPGSignedList(std::list &ids) /* SKTAN : do not know how to use std::string id */ std::string AuthGPG::SaveCertificateToString(const RsPgpId &id,bool include_signatures) { - RsStackMutex stack(gpgMtxEngine); /******* LOCKED ******/ + RsStackMutex stack(instance()->gpgMtxEngine); /******* LOCKED ******/ - return PGPHandler::SaveCertificateToString(id,include_signatures) ; + return instance()->mPgpHandler->SaveCertificateToString(id,include_signatures) ; } /* import to GnuPG and other Certificates */ bool AuthGPG::LoadPGPKeyFromBinaryData(const unsigned char *data,uint32_t data_len, RsPgpId& gpg_id,std::string& error_string) { - RsStackMutex stack(gpgMtxEngine); /******* LOCKED ******/ + RsStackMutex stack(instance()->gpgMtxEngine); /******* LOCKED ******/ - if(PGPHandler::LoadCertificateFromBinaryData(data,data_len,gpg_id,error_string)) + if(instance()->mPgpHandler->LoadCertificateFromBinaryData(data,data_len,gpg_id,error_string)) { - updateOwnSignatureFlag(gpg_id,mOwnGpgId) ; + instance()->mPgpHandler->updateOwnSignatureFlag(gpg_id,instance()->mOwnGpgId) ; return true ; } @@ -551,11 +580,11 @@ bool AuthGPG::LoadPGPKeyFromBinaryData(const unsigned char *data,uint32_t data_l /* import to GnuPG and other Certificates */ bool AuthGPG::LoadCertificateFromString(const std::string &str, RsPgpId& gpg_id,std::string& error_string) { - RsStackMutex stack(gpgMtxEngine); /******* LOCKED ******/ + RsStackMutex stack(instance()->gpgMtxEngine); /******* LOCKED ******/ - if(PGPHandler::LoadCertificateFromString(str,gpg_id,error_string)) + if(instance()->mPgpHandler->LoadCertificateFromString(str,gpg_id,error_string)) { - updateOwnSignatureFlag(gpg_id,mOwnGpgId) ; + instance()->mPgpHandler->updateOwnSignatureFlag(gpg_id,instance()->mOwnGpgId) ; return true ; } @@ -584,11 +613,11 @@ bool AuthGPG::AllowConnection(const RsPgpId& gpg_id, bool accept) /* Was a "Reload Certificates" here -> be shouldn't be needed -> and very expensive, try without. */ { - RsStackMutex stack(gpgMtxData); - PGPHandler::setAcceptConnexion(gpg_id,accept) ; + RsStackMutex stack(instance()->gpgMtxData); + instance()->mPgpHandler->setAcceptConnexion(gpg_id,accept) ; } - IndicateConfigChanged(); + instance()->IndicateConfigChanged(); RsServer::notify()->notifyListChange(NOTIFY_LIST_FRIENDS, accept ? NOTIFY_TYPE_ADD : NOTIFY_TYPE_DEL); @@ -602,7 +631,7 @@ bool AuthGPG::SignCertificateLevel0(const RsPgpId &id) std::cerr << "AuthGPG::SignCertificat(" << id << ")" << std::endl; #endif - return privateSignCertificate(id) ; + return instance()->privateSignCertificate(id) ; } bool AuthGPG::RevokeCertificate(const RsPgpId &id) @@ -622,26 +651,39 @@ bool AuthGPG::TrustCertificate(const RsPgpId& id, int trustlvl) #ifdef GPG_DEBUG std::cerr << "AuthGPG::TrustCertificate(" << id << ", " << trustlvl << ")" << std::endl; #endif - return privateTrustCertificate(id, trustlvl) ; + return instance()->privateTrustCertificate(id, trustlvl) ; } bool AuthGPG::encryptDataBin(const RsPgpId& pgp_id,const void *data, unsigned int datalen, unsigned char *sign, unsigned int *signlen) { - return PGPHandler::encryptDataBin(RsPgpId(pgp_id),data,datalen,sign,signlen) ; + return instance()->mPgpHandler->encryptDataBin(RsPgpId(pgp_id),data,datalen,sign,signlen) ; } bool AuthGPG::decryptDataBin(const void *data, unsigned int datalen, unsigned char *sign, unsigned int *signlen) { - return PGPHandler::decryptDataBin(mOwnGpgId,data,datalen,sign,signlen) ; + return instance()->mPgpHandler->decryptDataBin(instance()->mOwnGpgId,data,datalen,sign,signlen) ; } bool AuthGPG::SignDataBin(const void *data, unsigned int datalen, unsigned char *sign, unsigned int *signlen, std::string reason /*= ""*/) { - return DoOwnSignature(data, datalen, sign, signlen, reason); + return instance()->DoOwnSignature(data, datalen, sign, signlen, reason); } +bool AuthGPG::exportPublicKey( const RsPgpId& id, unsigned char*& mem_block, size_t& mem_size, bool armoured, bool include_signatures ) +{ + return instance()->mPgpHandler->exportPublicKey(id,mem_block,mem_size,armoured,include_signatures); +} + +bool AuthGPG::isPgpPubKeyAvailable(const RsPgpId& pgp_id) +{ + return instance()->mPgpHandler->isPgpPubKeyAvailable(pgp_id); +} +bool AuthGPG::getKeyFingerprint(const RsPgpId& id,PGPFingerprintType& fp) +{ + return instance()->mPgpHandler->getKeyFingerprint(id,fp); +} bool AuthGPG::VerifySignBin(const void *data, uint32_t datalen, unsigned char *sign, unsigned int signlen, const PGPFingerprintType& withfingerprint) { - return VerifySignature(data, datalen, sign, signlen, withfingerprint); + return instance()->VerifySignature(data, datalen, sign, signlen, withfingerprint); } /* Sign/Trust stuff */ @@ -650,7 +692,7 @@ int AuthGPG::privateSignCertificate(const RsPgpId &id) { RsStackMutex stack(gpgMtxData); /******* LOCKED ******/ - int ret = PGPHandler::privateSignCertificate(mOwnGpgId,id) ; + int ret = mPgpHandler->privateSignCertificate(mOwnGpgId,id) ; _force_sync_database = true ; return ret ; } @@ -675,7 +717,7 @@ int AuthGPG::privateTrustCertificate(const RsPgpId& id, int trustlvl) if(!isGPGAccepted(id)) return 0; - int res = PGPHandler::privateTrustCertificate(id,trustlvl) ; + int res = instance()->mPgpHandler->privateTrustCertificate(id,trustlvl) ; _force_sync_database = true ; return res ; } @@ -690,6 +732,10 @@ RsSerialiser *AuthGPG::setupSerialiser() rss->addSerialType(new RsGeneralConfigSerialiser()); return rss ; } +bool AuthGPG::isGPGAccepted(const RsPgpId& id) +{ + return instance()->mPgpHandler->isGPGAccepted(id); +} bool AuthGPG::saveList(bool& cleanup, std::list& lst) { @@ -745,7 +791,7 @@ bool AuthGPG::loadList(std::list& load) std::list::iterator kit; for(kit = vitem->tlvkvs.pairs.begin(); kit != vitem->tlvkvs.pairs.end(); ++kit) if (kit->key != mOwnGpgId.toStdString()) - PGPHandler::setAcceptConnexion(RsPgpId(kit->key), (kit->value == "TRUE")); + instance()->mPgpHandler->setAcceptConnexion(RsPgpId(kit->key), (kit->value == "TRUE")); } delete (*it); } @@ -755,14 +801,14 @@ bool AuthGPG::loadList(std::list& load) bool AuthGPG::addService(AuthGPGService *service) { - RsStackMutex stack(gpgMtxService); /********* LOCKED *********/ + RsStackMutex stack(instance()->gpgMtxService); /********* LOCKED *********/ - if (std::find(services.begin(), services.end(), service) != services.end()) { + if (std::find(instance()->services.begin(), instance()->services.end(), service) != instance()->services.end()) { /* it exists already! */ return false; } - services.push_back(service); + instance()->services.push_back(service); return true; } diff --git a/libretroshare/src/pqi/authgpg.h b/libretroshare/src/pqi/authgpg.h index a6023f436..177f71663 100644 --- a/libretroshare/src/pqi/authgpg.h +++ b/libretroshare/src/pqi/authgpg.h @@ -89,18 +89,19 @@ public: virtual void setGPGOperation(AuthGPGOperation *operation) = 0; }; -// Note: replace OpenPGPSDKHandler with your own PGP handler class when needed. - -class AuthGPG: public p3Config, public RsTickingThread, public OpenPGPSDKHandler +class AuthGPG: public p3Config, public RsTickingThread { public: - static void init(const std::string& path_to_pubring, - const std::string& path_to_secring, - const std::string& path_to_trustdb, - const std::string& pgp_lock_file); + static void init(const std::string& path_to_pubring, + const std::string& path_to_secring, + const std::string& path_to_trustdb, + const std::string& pgp_lock_file); - static void exit(); - static AuthGPG *getAuthGPG() { return _instance ; } + static void registerToConfigMgr(const std::string& fname,p3ConfigMgr *CfgMgr); + static void exit(); + + static bool isPGPId(const RsPgpId& id) ; + static bool isPGPAccepted(const RsPgpId& id) ; /** * @param ids list of gpg certificate ids (note, not the actual certificates) @@ -120,7 +121,7 @@ public: * (see storage at the end of the class) * ****/ - virtual bool active(); + static bool active(); // /* Initialize */ // virtual bool InitAuth (); @@ -128,10 +129,13 @@ public: /* Init by generating new Own PGP Cert, or selecting existing PGP Cert */ - virtual int GPGInit(const RsPgpId &ownId); - virtual bool GeneratePGPCertificate(const std::string& name, const std::string& email, const std::string& passwd, RsPgpId &pgpId, const int keynumbits, std::string &errString); + static int GPGInit(const RsPgpId &ownId); + static bool GeneratePGPCertificate(const std::string& name, const std::string& email, const std::string& passwd, RsPgpId &pgpId, const int keynumbits, std::string &errString); - /*********************************************************************************/ + static bool getGPGDetailsFromBinaryBlock(const unsigned char *mem,size_t mem_size,RsPgpId& key_id, std::string& name, std::list& signers) ; + static int availableGPGCertificatesWithPrivateKeys(std::list& pgpIds); + + /*********************************************************************************/ /************************* STAGE 3 ***********************************************/ /*********************************************************************************/ /***** @@ -142,29 +146,35 @@ public: * provide access to details in cache list. * ****/ - virtual std::string getGPGName(const RsPgpId &pgp_id,bool *success = NULL); - virtual std::string getGPGEmail(const RsPgpId &pgp_id,bool *success = NULL); + static std::string getGPGName(const RsPgpId &pgp_id,bool *success = NULL); + static std::string getGPGEmail(const RsPgpId &pgp_id,bool *success = NULL); - /* PGP web of trust management */ - virtual const RsPgpId& getGPGOwnId(); - virtual std::string getGPGOwnName(); + static bool exportPublicKey( const RsPgpId& id, unsigned char*& mem_block, size_t& mem_size, bool armoured, bool include_signatures ); - //virtual std::string getGPGOwnEmail(); - virtual bool isKeySupported(const RsPgpId &id) const ; - virtual bool haveSecretKey(const RsPgpId &id) const ; - virtual bool getGPGDetails(const RsPgpId& id, RsPeerDetails &d); - virtual bool getGPGAllList(std::list &ids); - virtual bool getGPGValidList(std::list &ids); - virtual bool getGPGAcceptedList(std::list &ids); - virtual bool getGPGSignedList(std::list &ids); - virtual bool importProfile(const std::string& filename,RsPgpId& gpg_id,std::string& import_error) ; - virtual bool importProfileFromString(const std::string& data,RsPgpId& gpg_id,std::string& import_error) ; - virtual bool exportProfile(const std::string& filename,const RsPgpId& gpg_id) ; - virtual bool exportIdentityToString( + /* PGP web of trust management */ + static const RsPgpId& getGPGOwnId(); + static std::string getGPGOwnName(); + + static bool isGPGAccepted(const RsPgpId& id); + + //virtual std::string getGPGOwnEmail(); + static bool getKeyFingerprint(const RsPgpId& id,PGPFingerprintType& fp) ; + static bool isKeySupported(const RsPgpId &id) ; + static bool isPgpPubKeyAvailable(const RsPgpId& pgp_id); + static bool haveSecretKey(const RsPgpId &id) ; + static bool getGPGDetails(const RsPgpId& id, RsPeerDetails &d); + static bool getGPGAllList(std::list &ids); + static bool getGPGValidList(std::list &ids); + static bool getGPGAcceptedList(std::list &ids); + static bool getGPGSignedList(std::list &ids); + static bool importProfile(const std::string& filename,RsPgpId& gpg_id,std::string& import_error) ; + static bool importProfileFromString(const std::string& data,RsPgpId& gpg_id,std::string& import_error) ; + static bool exportProfile(const std::string& filename,const RsPgpId& gpg_id) ; + static bool exportIdentityToString( std::string& data, const RsPgpId& pgpId, bool includeSignatures, std::string& errorMsg ); - virtual bool removeKeysFromPGPKeyring(const std::set &pgp_ids,std::string& backup_file,uint32_t& error_code) ; + static bool removeKeysFromPGPKeyring(const std::set &pgp_ids,std::string& backup_file,uint32_t& error_code) ; /*********************************************************************************/ /************************* STAGE 4 ***********************************************/ @@ -173,9 +183,9 @@ public: * STAGE 4: Loading and Saving Certificates. (Strings and Files) * ****/ - virtual bool LoadCertificateFromString(const std::string &pem, RsPgpId& gpg_id,std::string& error_string); - virtual bool LoadPGPKeyFromBinaryData(const unsigned char *data,uint32_t data_len, RsPgpId& gpg_id,std::string& error_string); - virtual std::string SaveCertificateToString(const RsPgpId &id,bool include_signatures) ; + static bool LoadCertificateFromString(const std::string &pem, RsPgpId& gpg_id,std::string& error_string); + static bool LoadPGPKeyFromBinaryData(const unsigned char *data,uint32_t data_len, RsPgpId& gpg_id,std::string& error_string); + static std::string SaveCertificateToString(const RsPgpId &id,bool include_signatures) ; // Cached certificates. //bool getCachedGPGCertificate(const RsPgpId &id, std::string &certificate); @@ -190,12 +200,12 @@ public: * done in gpgroot already. * ****/ - virtual bool AllowConnection(const RsPgpId &gpg_id, bool accept); + static bool AllowConnection(const RsPgpId &gpg_id, bool accept); - virtual bool SignCertificateLevel0(const RsPgpId &id); - virtual bool RevokeCertificate(const RsPgpId &id); /* Particularly hard - leave for later */ + static bool SignCertificateLevel0(const RsPgpId &id); + static bool RevokeCertificate(const RsPgpId &id); /* Particularly hard - leave for later */ - virtual bool TrustCertificate(const RsPgpId& id, int trustlvl); //trustlvl is 2 for none, 3 for marginal and 4 for full trust + static bool TrustCertificate(const RsPgpId& id, int trustlvl); //trustlvl is 2 for none, 3 for marginal and 4 for full trust /*********************************************************************************/ /************************* STAGE 7 ***********************************************/ @@ -206,25 +216,25 @@ public: * There should also be Encryption Functions... (do later). * ****/ - virtual bool SignDataBin(const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen, std::string reason = ""); - virtual bool VerifySignBin(const void*, uint32_t, unsigned char*, unsigned int, const PGPFingerprintType& withfingerprint); - virtual bool parseSignature(const void *sig, unsigned int siglen, RsPgpId& issuer_id); + static bool SignDataBin(const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen, std::string reason = ""); + static bool VerifySignBin(const void*, uint32_t, unsigned char*, unsigned int, const PGPFingerprintType& withfingerprint); + static bool parseSignature(const void *sig, unsigned int siglen, RsPgpId& issuer_id); - virtual bool encryptDataBin(const RsPgpId& pgp_id,const void *data, const uint32_t len, unsigned char *encr, unsigned int *encrlen); - virtual bool decryptDataBin(const void *data, const uint32_t len, unsigned char *decr, unsigned int *decrlen); + static bool encryptDataBin(const RsPgpId& pgp_id,const void *data, const uint32_t len, unsigned char *encr, unsigned int *encrlen); + static bool decryptDataBin(const void *data, const uint32_t len, unsigned char *decr, unsigned int *decrlen); - virtual bool decryptTextFromFile( std::string& text,const std::string& filename); - virtual bool encryptTextToFile (const std::string& text,const std::string& filename); + static bool decryptTextFromFile( std::string& text,const std::string& filename); + static bool encryptTextToFile (const std::string& text,const std::string& filename); // virtual bool decryptTextFromString( std::string& encrypted_text,std::string& clear_string); // virtual bool encryptTextToString (const std::string& pgp_id,const std::string& clear_text,std::string& encrypted_string); - bool getGPGFilteredList(std::list& list,bool (*filter)(const PGPCertificateInfo&) = NULL) ; + static bool getGPGFilteredList(std::list& list,bool (*filter)(const PGPCertificateInfo&) = NULL) ; //END of PGP public functions /* GPG service */ - virtual bool addService(AuthGPGService *service) ; + static bool addService(AuthGPGService *service) ; // This is for debug purpose only. Don't use it !! static void setAuthGPG_debug(AuthGPG *auth_gpg) { _instance = auth_gpg ; } @@ -236,9 +246,9 @@ public: /*****************************************************************/ /*********************** p3config ******************************/ /* Key Functions to be overloaded for Full Configuration */ - virtual RsSerialiser *setupSerialiser(); - virtual bool saveList(bool &cleanup, std::list&); - virtual bool loadList(std::list& load); + virtual RsSerialiser *setupSerialiser() override; + virtual bool saveList(bool &cleanup, std::list&) override; + virtual bool loadList(std::list& load) override; /*****************************************************************/ private: @@ -276,8 +286,7 @@ private: void threadTick() override; /// @see RsTickingThread private: - - static AuthGPG *instance_gpg; // pointeur vers le singleton + static AuthGPG *instance(); RsMutex gpgMtxService; RsMutex gpgMtxEngine; @@ -292,6 +301,8 @@ private: rstime_t mStoreKeyTime; + PGPHandler *mPgpHandler; + RsPgpId mOwnGpgId; bool gpgKeySelected; bool _force_sync_database ; diff --git a/libretroshare/src/pqi/authssl.cc b/libretroshare/src/pqi/authssl.cc index eb89a1ed5..6d14d0043 100644 --- a/libretroshare/src/pqi/authssl.cc +++ b/libretroshare/src/pqi/authssl.cc @@ -759,8 +759,7 @@ X509 *AuthSSLimpl::SignX509ReqWithGPG(X509_REQ *req, long /*days*/) //long version = 0x00; unsigned long chtype = MBSTRING_UTF8; X509_NAME *issuer_name = X509_NAME_new(); - X509_NAME_add_entry_by_txt(issuer_name, "CN", chtype, - (unsigned char *) AuthGPG::getAuthGPG()->getGPGOwnId().toStdString().c_str(), -1, -1, 0); + X509_NAME_add_entry_by_txt(issuer_name, "CN", chtype, (unsigned char *) AuthGPG::getGPGOwnId().toStdString().c_str(), -1, -1, 0); /**** X509_NAME_add_entry_by_NID(issuer_name, 48, 0, (unsigned char *) "email@email.com", -1, -1, 0); @@ -770,7 +769,7 @@ X509 *AuthSSLimpl::SignX509ReqWithGPG(X509_REQ *req, long /*days*/) (unsigned char *) "loc", -1, -1, 0); ****/ - std::cerr << "AuthSSLimpl::SignX509Req() Issuer name: " << AuthGPG::getAuthGPG()->getGPGOwnId().toStdString() << std::endl; + std::cerr << "AuthSSLimpl::SignX509Req() Issuer name: " << AuthGPG::getGPGOwnId().toStdString() << std::endl; #ifdef V07_NON_BACKWARD_COMPATIBLE_CHANGE_002 static const uint64_t CERTIFICATE_SERIAL_NUMBER = RS_CERTIFICATE_VERSION_NUMBER_07_0001 ; @@ -945,7 +944,7 @@ X509 *AuthSSLimpl::SignX509ReqWithGPG(X509_REQ *req, long /*days*/) std::cerr << "Buffers Allocated" << std::endl; /* NOW Sign via GPG Functions */ - if (!AuthGPG::getAuthGPG()->SignDataBin(buf_in, inl, buf_sigout, (unsigned int *) &sigoutl,"AuthSSLimpl::SignX509ReqWithGPG()")) + if (!AuthGPG::SignDataBin(buf_in, inl, buf_sigout, (unsigned int *) &sigoutl,"AuthSSLimpl::SignX509ReqWithGPG()")) { sigoutl = 0; goto err; @@ -1040,7 +1039,7 @@ bool AuthSSLimpl::AuthX509WithGPG(X509 *x509,bool verbose, uint32_t& diagnostic) { RsPgpId issuer = RsX509Cert::getCertIssuer(*x509); RsPeerDetails pd; - if (!AuthGPG::getAuthGPG()->getGPGDetails(issuer, pd)) + if (!AuthGPG::getGPGDetails(issuer, pd)) { RsInfo() << __PRETTY_FUNCTION__ << " X509 NOT authenticated : " << "AuthGPG::getAuthGPG()->getGPGDetails(" << issuer @@ -1185,9 +1184,7 @@ bool AuthSSLimpl::AuthX509WithGPG(X509 *x509,bool verbose, uint32_t& diagnostic) // passed, verify the signature itself - if (!AuthGPG::getAuthGPG()->VerifySignBin( - signed_data, signed_data_length, signature->data, - static_cast(signature->length), pd.fpr )) + if (!AuthGPG::VerifySignBin( signed_data, signed_data_length, signature->data, static_cast(signature->length), pd.fpr )) { diagnostic = RS_SSL_HANDSHAKE_DIAGNOSTIC_WRONG_SIGNATURE; goto err; @@ -1383,7 +1380,7 @@ int AuthSSLimpl::VerifyX509Callback(int /*preverify_ok*/, X509_STORE_CTX* ctx) std::cerr << "******* VerifyX509Callback cert: " << std::hex << ctx->cert <getGPGOwnId() && !AuthGPG::getAuthGPG()->isGPGAccepted(pgpId) ) + if ( !isSslOnlyFriend && pgpId != AuthGPG::getGPGOwnId() && !AuthGPG::isGPGAccepted(pgpId) ) { std::string errMsg = "Connection attempt signed by PGP key id: " + pgpId.toStdString() + " not accepted because it is not" diff --git a/libretroshare/src/pqi/p3peermgr.cc b/libretroshare/src/pqi/p3peermgr.cc index 83c4d9366..15eaa08f8 100644 --- a/libretroshare/src/pqi/p3peermgr.cc +++ b/libretroshare/src/pqi/p3peermgr.cc @@ -812,11 +812,11 @@ int p3PeerMgrIMPL::getFriendCount(bool ssl, bool online) // count all gpg id's std::list gpgIds; - AuthGPG::getAuthGPG()->getGPGAcceptedList(gpgIds); + AuthGPG::getGPGAcceptedList(gpgIds); // add own gpg id, if we have more than one location std::list ownSslIds; - getAssociatedPeers(AuthGPG::getAuthGPG()->getGPGOwnId(), ownSslIds); + getAssociatedPeers(AuthGPG::getGPGOwnId(), ownSslIds); return gpgIds.size() + ((ownSslIds.size() > 0) ? 1 : 0); } @@ -962,7 +962,7 @@ bool p3PeerMgrIMPL::addFriend(const RsPeerId& input_id, const RsPgpId& input_gpg // check that the PGP key is known - if(!AuthGPG::getAuthGPG()->isGPGId(gpg_id)) + if(!AuthGPG::isPGPId(gpg_id)) { RsErr() << "Trying to add SSL id (" << id << ") to be validated with unknown PGP key (" << gpg_id << ". This is a bug!" << std::endl; return false; @@ -970,7 +970,7 @@ bool p3PeerMgrIMPL::addFriend(const RsPeerId& input_id, const RsPgpId& input_gpg //Authentication is now tested at connection time, we don't store the ssl cert anymore // - if (!AuthGPG::getAuthGPG()->isGPGAccepted(gpg_id) && gpg_id != AuthGPG::getAuthGPG()->getGPGOwnId()) + if (!AuthGPG::isGPGAccepted(gpg_id) && gpg_id != AuthGPG::getGPGOwnId()) { #ifdef PEER_DEBUG std::cerr << "p3PeerMgrIMPL::addFriend() gpg is not accepted" << std::endl; @@ -1024,7 +1024,7 @@ bool p3PeerMgrIMPL::addFriend(const RsPeerId& input_id, const RsPgpId& input_gpg pstate.id = id; pstate.gpg_id = gpg_id; - pstate.name = AuthGPG::getAuthGPG()->getGPGName(gpg_id); + pstate.name = AuthGPG::getGPGName(gpg_id); pstate.vs_disc = vs_disc; pstate.vs_dht = vs_dht; @@ -1126,8 +1126,8 @@ bool p3PeerMgrIMPL::addSslOnlyFriend( const RsPeerId& sslId, const RsPgpId& pgp_ * superficially set to true the PGP signature verification would have been * skipped and the attacker connection would be accepted. * If the PGP key is available add it as full friend. */ - if(AuthGPG::getAuthGPG()->isPgpPubKeyAvailable(pgp_id)) - AuthGPG::getAuthGPG()->AllowConnection(pgp_id, true); + if(AuthGPG::isPgpPubKeyAvailable(pgp_id)) + AuthGPG::AllowConnection(pgp_id, true); else pstate.skip_pgp_signature_validation = true; @@ -2470,7 +2470,7 @@ bool p3PeerMgrIMPL::loadList(std::list& load) setOwnNetworkMode(pitem->netMode); setOwnVisState(pitem->vs_disc, pitem->vs_dht); - mOwnState.gpg_id = AuthGPG::getAuthGPG()->getGPGOwnId(); + mOwnState.gpg_id = AuthGPG::getGPGOwnId(); mOwnState.location = AuthSSL::getAuthSSL()->getOwnLocation(); } else @@ -2642,7 +2642,7 @@ bool p3PeerMgrIMPL::loadList(std::list& load) #endif for(uint32_t i=0;ipgp_ids.size();++i) - if(AuthGPG::getAuthGPG()->isGPGAccepted(sitem->pgp_ids[i]) || sitem->pgp_ids[i] == AuthGPG::getAuthGPG()->getGPGOwnId()) + if(AuthGPG::isGPGAccepted(sitem->pgp_ids[i]) || sitem->pgp_ids[i] == AuthGPG::getGPGOwnId()) { mFriendsPermissionFlags[sitem->pgp_ids[i]] = sitem->service_flags[i] ; #ifdef PEER_DEBUG @@ -2684,7 +2684,7 @@ bool p3PeerMgrIMPL::loadList(std::list& load) for(auto group_pair:groupList) { for(auto profileIdIt(group_pair.second.peerIds.begin());profileIdIt!=group_pair.second.peerIds.end();) - if(AuthGPG::getAuthGPG()->isGPGAccepted(*profileIdIt) || *profileIdIt == AuthGPG::getAuthGPG()->getGPGOwnId()) + if(AuthGPG::isGPGAccepted(*profileIdIt) || *profileIdIt == AuthGPG::getGPGOwnId()) ++profileIdIt; else { diff --git a/libretroshare/src/pqi/pqissl.cc b/libretroshare/src/pqi/pqissl.cc index 76d447cc8..b6f655692 100644 --- a/libretroshare/src/pqi/pqissl.cc +++ b/libretroshare/src/pqi/pqissl.cc @@ -1213,8 +1213,7 @@ int pqissl::Authorise_SSL_Connection() } RsPgpId pgpId = RsX509Cert::getCertIssuer(*peercert); - if( !isSslOnlyFriend && pgpId != AuthGPG::getAuthGPG()->getGPGOwnId() && - !AuthGPG::getAuthGPG()->isGPGAccepted(pgpId) ) + if( !isSslOnlyFriend && pgpId != AuthGPG::getGPGOwnId() && !AuthGPG::isGPGAccepted(pgpId) ) { RsFatal() << __PRETTY_FUNCTION__ << " pgpId: " << pgpId << " is not friend. It is very unlikely to happen at this " diff --git a/libretroshare/src/pqi/pqissllistener.cc b/libretroshare/src/pqi/pqissllistener.cc index fa25bfe0b..a9e392a56 100644 --- a/libretroshare/src/pqi/pqissllistener.cc +++ b/libretroshare/src/pqi/pqissllistener.cc @@ -797,8 +797,7 @@ int pqissllistener::completeConnection(int fd, IncomingSSLInfo& info) exit(failure); } - if( !isSslOnlyFriend && pgpId != AuthGPG::getAuthGPG()->getGPGOwnId() && - !AuthGPG::getAuthGPG()->isGPGAccepted(pgpId) ) + if( !isSslOnlyFriend && pgpId != AuthGPG::getGPGOwnId() && !AuthGPG::isGPGAccepted(pgpId) ) { RsFatal() << __PRETTY_FUNCTION__ << " pgpId: " << pgpId << " is not friend. It is very unlikely to happen at this " diff --git a/libretroshare/src/rsserver/p3peers.cc b/libretroshare/src/rsserver/p3peers.cc index c44877fc5..25caac374 100644 --- a/libretroshare/src/rsserver/p3peers.cc +++ b/libretroshare/src/rsserver/p3peers.cc @@ -254,7 +254,7 @@ bool p3Peers::setPeerMaximumRates(const RsPgpId& pid,uint32_t maxUploadRate,uint bool p3Peers::haveSecretKey(const RsPgpId& id) { - return AuthGPG::getAuthGPG()->haveSecretKey(id); + return AuthGPG::haveSecretKey(id); } /* There are too many dependancies of this function @@ -273,7 +273,7 @@ bool p3Peers::getPeerDetails(const RsPeerId& id, RsPeerDetails &d) if (id == sOwnId) { mPeerMgr->getOwnNetStatus(ps); - ps.gpg_id = AuthGPG::getAuthGPG()->getGPGOwnId(); + ps.gpg_id = AuthGPG::getGPGOwnId(); } else if (!mPeerMgr->getFriendNetStatus(id, ps)) { @@ -559,17 +559,17 @@ bool p3Peers::isProxyAddress(const uint32_t type, const sockaddr_storage& addr) bool p3Peers::isKeySupported(const RsPgpId& id) { - return AuthGPG::getAuthGPG()->isKeySupported(id); + return AuthGPG::isKeySupported(id); } std::string p3Peers::getGPGName(const RsPgpId &gpg_id) { /* get from mAuthMgr as it should have more peers? */ - return AuthGPG::getAuthGPG()->getGPGName(gpg_id); + return AuthGPG::getGPGName(gpg_id); } bool p3Peers::isPgpFriend(const RsPgpId& pgpId) -{ return AuthGPG::getAuthGPG()->isGPGAccepted(pgpId); } +{ return AuthGPG::isGPGAccepted(pgpId); } bool p3Peers::isSslOnlyFriend(const RsPeerId& sslId) { @@ -597,7 +597,7 @@ std::string p3Peers::getPeerName(const RsPeerId& ssl) #endif std::string name; if (ssl == AuthSSL::getAuthSSL()->OwnId()) - return AuthGPG::getAuthGPG()->getGPGOwnName(); + return AuthGPG::getGPGOwnName(); if (mPeerMgr->getPeerName(ssl, name)) { @@ -617,7 +617,7 @@ bool p3Peers::getGPGAllList(std::list &ids) #endif /* get from mAuthMgr */ - AuthGPG::getAuthGPG()->getGPGAllList(ids); + AuthGPG::getGPGAllList(ids); return true; } @@ -628,7 +628,7 @@ bool p3Peers::getGPGValidList(std::list &ids) #endif /* get from mAuthMgr */ - AuthGPG::getAuthGPG()->getGPGValidList(ids); + AuthGPG::getGPGValidList(ids); return true; } @@ -639,14 +639,14 @@ bool p3Peers::getGPGSignedList(std::list &ids) #endif /* get from mAuthMgr */ - AuthGPG::getAuthGPG()->getGPGSignedList(ids); + AuthGPG::getGPGSignedList(ids); return true; } bool p3Peers::getPgpFriendList(std::vector& pgpIds) { std::list ids; - if(AuthGPG::getAuthGPG()->getGPGAcceptedList(ids)) + if(AuthGPG::getGPGAcceptedList(ids)) { pgpIds.clear(); std::copy(ids.begin(), ids.end(), std::back_inserter(pgpIds)); @@ -660,7 +660,7 @@ bool p3Peers::getGPGAcceptedList(std::list &ids) #ifdef P3PEERS_DEBUG std::cerr << "p3Peers::getGPGAcceptedList()" << std::endl; #endif - AuthGPG::getAuthGPG()->getGPGAcceptedList(ids); + AuthGPG::getGPGAcceptedList(ids); return true; } @@ -676,7 +676,7 @@ bool p3Peers::getAssociatedSSLIds(const RsPgpId &gpg_id, std::list &id bool p3Peers::gpgSignData(const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen, std::string reason /* = "" */) { - return AuthGPG::getAuthGPG()->SignDataBin(data,len,sign,signlen, reason); + return AuthGPG::SignDataBin(data,len,sign,signlen, reason); } RsPgpId p3Peers::pgpIdFromFingerprint(const RsPgpFingerprint& fpr) @@ -691,7 +691,7 @@ bool p3Peers::getGPGDetails(const RsPgpId &pgp_id, RsPeerDetails &d) #endif /* get from mAuthMgr */ - bool res = AuthGPG::getAuthGPG()->getGPGDetails(pgp_id, d); + bool res = AuthGPG::getGPGDetails(pgp_id, d); d.isOnlyGPGdetail = true ; d.service_perm_flags = mPeerMgr->servicePermissionFlags(pgp_id) ; @@ -706,7 +706,7 @@ const RsPgpId& p3Peers::getGPGOwnId() #endif /* get from mAuthMgr */ - return AuthGPG::getAuthGPG()->getGPGOwnId(); + return AuthGPG::getGPGOwnId(); } RsPgpId p3Peers::getGPGId(const RsPeerId& sslid) @@ -718,7 +718,7 @@ RsPgpId p3Peers::getGPGId(const RsPeerId& sslid) /* get from mAuthMgr */ if (sslid == AuthSSL::getAuthSSL()->OwnId()) { - return AuthGPG::getAuthGPG()->getGPGOwnId(); + return AuthGPG::getGPGOwnId(); } peerState pcs; if (mPeerMgr->getFriendNetStatus(sslid, pcs)) @@ -739,12 +739,12 @@ bool p3Peers::addFriend(const RsPeerId &ssl_id, const RsPgpId &gpg_id,ServicePe #ifdef P3PEERS_DEBUG std::cerr << "p3Peers::addFriend() with : id : " << id << "; gpg_id : " << gpg_id << std::endl; #endif - if(AuthGPG::getAuthGPG()->isGPGId(gpg_id)) + if(AuthGPG::isPGPId(gpg_id)) { #ifdef P3PEERS_DEBUG std::cerr << "p3Peers::addFriend() Authorising GPG Id: " << gpg_id << std::endl; #endif - if (AuthGPG::getAuthGPG()->AllowConnection(gpg_id, true)) + if (AuthGPG::AllowConnection(gpg_id, true)) { #ifdef P3PEERS_DEBUG std::cerr << "p3Peers::addFriend() Authorization OK." << std::endl; @@ -797,7 +797,7 @@ bool p3Peers::addSslOnlyFriend( const RsPeerId& sslId, const RsPgpId& pgp_id,con bool p3Peers::removeKeysFromPGPKeyring(const std::set& pgp_ids,std::string& backup_file,uint32_t& error_code) { - return AuthGPG::getAuthGPG()->removeKeysFromPGPKeyring(pgp_ids,backup_file,error_code) ; + return AuthGPG::removeKeysFromPGPKeyring(pgp_ids,backup_file,error_code) ; } bool p3Peers::removeFriendLocation(const RsPeerId &sslId) @@ -817,7 +817,7 @@ bool p3Peers::removeFriend(const RsPgpId& gpgId) #ifdef P3PEERS_DEBUG std::cerr << "p3Peers::removeFriend() " << gpgId << std::endl; #endif - if (gpgId == AuthGPG::getAuthGPG()->getGPGOwnId()) { + if (gpgId == AuthGPG::getGPGOwnId()) { std::cerr << "p3Peers::removeFriend() ERROR we're not going to remove our own GPG id." << std::endl; return false; } @@ -825,7 +825,7 @@ bool p3Peers::removeFriend(const RsPgpId& gpgId) #ifdef P3PEERS_DEBUG std::cerr << "p3Peers::removeFriend() Removing GPG Id: " << gpgId << std::endl; #endif - if (AuthGPG::getAuthGPG()->AllowConnection(gpgId, false)) + if (AuthGPG::AllowConnection(gpgId, false)) { #ifdef P3PEERS_DEBUG std::cerr << "p3Peers::removeFriend() OK." << std::endl; @@ -1107,9 +1107,7 @@ std::string p3Peers::getPGPKey(const RsPgpId& pgp_id,bool include_signatures) rs_owner_ptr mem_block = nullptr; size_t mem_block_size = 0; - if( !AuthGPG::getAuthGPG()->exportPublicKey( - RsPgpId(pgp_id), mem_block, mem_block_size, - false, include_signatures ) ) + if( !AuthGPG::exportPublicKey( RsPgpId(pgp_id), mem_block, mem_block_size, false, include_signatures ) ) { RsErr() << __PRETTY_FUNCTION__ << " Failure retriving certificate for id " << pgp_id @@ -1140,8 +1138,7 @@ bool p3Peers::GetPGPBase64StringAndCheckSum( rs_owner_ptr mem_block = nullptr; size_t mem_block_size = 0; - if(!AuthGPG::getAuthGPG()->exportPublicKey( - gpg_id,mem_block,mem_block_size,false,false )) + if(!AuthGPG::exportPublicKey( gpg_id,mem_block,mem_block_size,false,false )) return false; RsBase64::encode(mem_block, mem_block_size, gpg_base64_string, true, false); @@ -1601,7 +1598,7 @@ std::string p3Peers::GetRetroshareInvite( const RsPeerId& sslId, RetroshareInvit unsigned char *mem_block = nullptr; size_t mem_block_size = 0; - if(!AuthGPG::getAuthGPG()->exportPublicKey( RsPgpId(detail.gpg_id), mem_block, mem_block_size, false, !!(invite_flags & RetroshareInviteFlags::PGP_SIGNATURES) )) + if(!AuthGPG::exportPublicKey( RsPgpId(detail.gpg_id), mem_block, mem_block_size, false, !!(invite_flags & RetroshareInviteFlags::PGP_SIGNATURES) )) { std::cerr << "Cannot output certificate for id \"" << detail.gpg_id << "\". Sorry." << std::endl; @@ -1637,7 +1634,7 @@ bool p3Peers::loadCertificateFromString( } RsPgpId gpgid; - bool res = AuthGPG::getAuthGPG()->LoadCertificateFromString( crt->armouredPGPKey(), gpgid, error_string ); + bool res = AuthGPG::LoadCertificateFromString( crt->armouredPGPKey(), gpgid, error_string ); gpg_id = gpgid; ssl_id = crt->sslid(); @@ -1654,7 +1651,7 @@ bool p3Peers::loadCertificateFromString( } bool p3Peers::loadPgpKeyFromBinaryData( const unsigned char *bin_key_data,uint32_t bin_key_len, RsPgpId& gpg_id, std::string& error_string ) { - bool res = AuthGPG::getAuthGPG()->LoadPGPKeyFromBinaryData( bin_key_data,bin_key_len, gpg_id, error_string ); + bool res = AuthGPG::LoadPGPKeyFromBinaryData( bin_key_data,bin_key_len, gpg_id, error_string ); if(res) mPeerMgr->notifyPgpKeyReceived(gpg_id); @@ -1673,9 +1670,7 @@ bool p3Peers::loadDetailsFromStringCert( const std::string &certstr, RsCertificate& cert = *certPtr; - if(!AuthGPG::getAuthGPG()->getGPGDetailsFromBinaryBlock( - cert.pgp_key(), cert.pgp_key_size(), - pd.gpg_id, pd.name, pd.gpgSigners )) + if(!AuthGPG::getGPGDetailsFromBinaryBlock( cert.pgp_key(), cert.pgp_key_size(), pd.gpg_id, pd.name, pd.gpgSigners )) return false; Dbg4() << __PRETTY_FUNCTION__ << " Parsing cert for sslid, location, ext " @@ -1753,7 +1748,7 @@ bool p3Peers::signGPGCertificate(const RsPgpId &id, const std::string &gpg_pass rsNotify->cachePgpPassphrase(gpg_passphrase); rsNotify->setDisableAskPassword(true); - bool res = AuthGPG::getAuthGPG()->SignCertificateLevel0(id); + bool res = AuthGPG::SignCertificateLevel0(id); rsNotify->clearPgpPassphrase(); rsNotify->setDisableAskPassword(false); @@ -1767,7 +1762,7 @@ bool p3Peers::trustGPGCertificate(const RsPgpId &id, uint32_t trustlvl) std::cerr << "p3Peers::TrustCertificate() " << id; std::cerr << std::endl; #endif - return AuthGPG::getAuthGPG()->TrustCertificate(id, trustlvl); + return AuthGPG::TrustCertificate(id, trustlvl); } /* Group Stuff */ diff --git a/libretroshare/src/rsserver/p3serverconfig.cc b/libretroshare/src/rsserver/p3serverconfig.cc index 6d3343dc7..7abb1e6da 100644 --- a/libretroshare/src/rsserver/p3serverconfig.cc +++ b/libretroshare/src/rsserver/p3serverconfig.cc @@ -140,7 +140,7 @@ bool p3ServerConfig::setConfigurationOption(uint32_t key, const std::string &opt int p3ServerConfig::getConfigNetStatus(RsConfigNetStatus &status) { status.ownId = AuthSSL::getAuthSSL()->OwnId(); - status.ownName = AuthGPG::getAuthGPG()->getGPGOwnName(); + status.ownName = AuthGPG::getGPGOwnName(); // Details from PeerMgr. peerState pstate; diff --git a/libretroshare/src/rsserver/rsaccounts.cc b/libretroshare/src/rsserver/rsaccounts.cc index 8be56073c..2bf306449 100644 --- a/libretroshare/src/rsserver/rsaccounts.cc +++ b/libretroshare/src/rsserver/rsaccounts.cc @@ -701,10 +701,10 @@ static bool checkAccount(const std::string &accountdir, AccountDetails &account, if(! RsAccounts::GetPGPLoginDetails(account.mPgpId, account.mPgpName, account.mPgpEmail)) return false ; - if(!AuthGPG::getAuthGPG()->haveSecretKey(account.mPgpId)) + if(!AuthGPG::haveSecretKey(account.mPgpId)) return false ; - if(!AuthGPG::getAuthGPG()->isKeySupported(account.mPgpId)) + if(!AuthGPG::isKeySupported(account.mPgpId)) { std::string keystring = account.mPgpId.toStdString() + " " + account.mPgpName + "<" + account.mPgpEmail ; unsupported_keys[keystring].push_back("Location: " + account.mLocation + "  (" + account.mSslId.toStdString() + ")") ; @@ -851,9 +851,10 @@ static bool checkAccount(const std::string &accountdir, AccountDetails &account, /* Generating GPGme Account */ -int RsAccountsDetail::GetPGPLogins(std::list &pgpIds) { - AuthGPG::getAuthGPG()->availableGPGCertificatesWithPrivateKeys(pgpIds); - return 1; +int RsAccountsDetail::GetPGPLogins(std::list& pgpIds) +{ + AuthGPG::availableGPGCertificatesWithPrivateKeys(pgpIds); + return 1; } int RsAccountsDetail::GetPGPLoginDetails(const RsPgpId& id, std::string &name, std::string &email) @@ -863,10 +864,10 @@ int RsAccountsDetail::GetPGPLoginDetails(const RsPgpId& id, std::string &na #endif bool ok = true ; - name = AuthGPG::getAuthGPG()->getGPGName(id,&ok); + name = AuthGPG::getGPGName(id,&ok); if(!ok) return 0 ; - email = AuthGPG::getAuthGPG()->getGPGEmail(id,&ok); + email = AuthGPG::getGPGEmail(id,&ok); if(!ok) return 0 ; @@ -886,7 +887,7 @@ bool RsAccountsDetail::SelectPGPAccount(const RsPgpId& pgpId) { bool retVal = false; - if (0 < AuthGPG::getAuthGPG() -> GPGInit(pgpId)) + if (0 < AuthGPG::GPGInit(pgpId)) { retVal = true; #ifdef DEBUG_ACCOUNTS @@ -906,7 +907,7 @@ bool RsAccountsDetail::SelectPGPAccount(const RsPgpId& pgpId) bool RsAccountsDetail::GeneratePGPCertificate(const std::string& name, const std::string& email, const std::string& passwd, RsPgpId &pgpId, const int keynumbits, std::string &errString) { - return AuthGPG::getAuthGPG()->GeneratePGPCertificate(name, email, passwd, pgpId, keynumbits, errString); + return AuthGPG::GeneratePGPCertificate(name, email, passwd, pgpId, keynumbits, errString); } // PGP Support Functions. @@ -918,24 +919,24 @@ void RsAccountsDetail::getUnsupportedKeys(std::mapexportProfile(fname,id); + return AuthGPG::exportProfile(fname,id); } bool RsAccountsDetail::importIdentity(const std::string& fname,RsPgpId& id,std::string& import_error) { - return AuthGPG::getAuthGPG()->importProfile(fname,id,import_error); + return AuthGPG::importProfile(fname,id,import_error); } bool RsAccountsDetail::importIdentityFromString(const std::string &data, RsPgpId &imported_pgp_id, std::string &import_error) { - return AuthGPG::getAuthGPG()->importProfileFromString(data, imported_pgp_id, import_error); + return AuthGPG::importProfileFromString(data, imported_pgp_id, import_error); } bool RsAccountsDetail::exportIdentityToString( std::string& data, const RsPgpId& pgpId, bool includeSignatures, std::string& errorMsg ) { - return AuthGPG::getAuthGPG()->exportIdentityToString( + return AuthGPG::exportIdentityToString( data, pgpId, includeSignatures, errorMsg ); } @@ -1020,7 +1021,7 @@ bool RsAccountsDetail::GenerateSSLCertificate(const RsPgpId& pgp_id, const s int nbits = 4096; - //std::string pgp_name = AuthGPG::getAuthGPG()->getGPGName(pgp_id); + //std::string pgp_name = AuthGPG::getGPGName(pgp_id); // Create the filename ..... // Temporary Directory for creating files.... diff --git a/libretroshare/src/rsserver/rsinit.cc b/libretroshare/src/rsserver/rsinit.cc index 8449a9e3e..6b12152fc 100644 --- a/libretroshare/src/rsserver/rsinit.cc +++ b/libretroshare/src/rsserver/rsinit.cc @@ -510,7 +510,7 @@ RsInit::LoadCertificateStatus RsInit::LockAndLoadCertificates( if(!RsAccounts::GetAccountDetails(accountId, pgpId, pgpName, pgpEmail, location)) throw RsInit::ERR_UNKNOWN; // invalid PreferredAccount; - if(0 == AuthGPG::getAuthGPG() -> GPGInit(pgpId)) + if(0 == AuthGPG::GPGInit(pgpId)) throw RsInit::ERR_UNKNOWN; // PGP Error. LoadCertificateStatus retVal = @@ -910,8 +910,8 @@ int RsServer::StartupRetroShare() /* History Manager */ mHistoryMgr = new p3HistoryMgr(); mPeerMgr = new p3PeerMgrIMPL( AuthSSL::getAuthSSL()->OwnId(), - AuthGPG::getAuthGPG()->getGPGOwnId(), - AuthGPG::getAuthGPG()->getGPGOwnName(), + AuthGPG::getGPGOwnId(), + AuthGPG::getGPGOwnName(), AuthSSL::getAuthSSL()->getOwnLocation()); mNetMgr = new p3NetMgrIMPL(); mLinkMgr = new p3LinkMgrIMPL(mPeerMgr, mNetMgr); @@ -1604,7 +1604,8 @@ int RsServer::StartupRetroShare() //mConfigMgr->addConfiguration("ftserver.cfg", ftserver); // - mConfigMgr->addConfiguration("gpg_prefs.cfg" , AuthGPG::getAuthGPG()); + AuthGPG::registerToConfigMgr(std::string("gpg_prefs.cfg"),mConfigMgr); + mConfigMgr->addConfiguration("gxsnettunnel.cfg", mGxsNetTunnel); mConfigMgr->addConfiguration("peers.cfg" , mPeerMgr); mConfigMgr->addConfiguration("general.cfg" , mGeneralConfig); @@ -1792,7 +1793,7 @@ int RsServer::StartupRetroShare() /* Add AuthGPG services */ /**************************************************************************/ - //AuthGPG::getAuthGPG()->addService(mDisc); + //AuthGPG::addService(mDisc); /**************************************************************************/ /* Force Any Last Configuration Options */ diff --git a/libretroshare/src/rsserver/rsloginhandler.cc b/libretroshare/src/rsserver/rsloginhandler.cc index dbe023235..67b863931 100644 --- a/libretroshare/src/rsserver/rsloginhandler.cc +++ b/libretroshare/src/rsserver/rsloginhandler.cc @@ -60,8 +60,7 @@ bool RsLoginHandler::checkAndStoreSSLPasswdIntoGPGFile( return true ; } - bool ok = AuthGPG::getAuthGPG()->encryptTextToFile( - ssl_passwd, getSSLPasswdFileName(ssl_id)); + bool ok = AuthGPG::encryptTextToFile( ssl_passwd, getSSLPasswdFileName(ssl_id)); if (!ok) std::cerr << "Encrypting went wrong !" << std::endl; @@ -90,7 +89,7 @@ bool RsLoginHandler::getSSLPasswdFromGPGFile(const RsPeerId& ssl_id,std::string& #endif std::string plain; - if ( AuthGPG::getAuthGPG()->decryptTextFromFile( plain, getSSLPasswdFileName(ssl_id)) ) + if ( AuthGPG::decryptTextFromFile( plain, getSSLPasswdFileName(ssl_id)) ) { sslPassword = plain; #ifdef DEBUG_RSLOGINHANDLER diff --git a/libretroshare/src/services/p3idservice.cc b/libretroshare/src/services/p3idservice.cc index d35d3afe0..bc6a83333 100644 --- a/libretroshare/src/services/p3idservice.cc +++ b/libretroshare/src/services/p3idservice.cc @@ -1066,7 +1066,7 @@ bool p3IdService::createIdentity(uint32_t& token, RsIdentityParameters ¶ms) if(params.isPgpLinked) { - ssdata.pgp.pgpId = AuthGPG::getAuthGPG()->getGPGOwnId(); + ssdata.pgp.pgpId = AuthGPG::getGPGOwnId(); ssdata.pgp.lastCheckTs = time(nullptr); } @@ -3618,7 +3618,7 @@ RsGenExchange::ServiceCreate_Return p3IdService::service_CreateGroup( unsigned int sign_size = MAX_SIGN_SIZE; memset(signarray,0,MAX_SIGN_SIZE) ; // just in case. - int result = AuthGPG::getAuthGPG()->SignDataBin( + int result = AuthGPG::SignDataBin( static_cast(hash.toByteArray()), hash.SIZE_IN_BYTES, signarray, &sign_size, __PRETTY_FUNCTION__ ) From 020ef61297f50c2f93a419713e3972e8ae5d2a9e Mon Sep 17 00:00:00 2001 From: csoler Date: Sun, 15 Aug 2021 09:41:30 +0200 Subject: [PATCH 04/10] fixed compilation --- libretroshare/src/pgp/openpgpsdkhandler.cc | 2 -- libretroshare/src/pgp/openpgpsdkhandler.h | 2 +- libretroshare/src/pgp/pgphandler.h | 2 +- 3 files changed, 2 insertions(+), 4 deletions(-) diff --git a/libretroshare/src/pgp/openpgpsdkhandler.cc b/libretroshare/src/pgp/openpgpsdkhandler.cc index 87f3c3343..316b428af 100644 --- a/libretroshare/src/pgp/openpgpsdkhandler.cc +++ b/libretroshare/src/pgp/openpgpsdkhandler.cc @@ -61,8 +61,6 @@ static const uint32_t PGP_CERTIFICATE_LIMIT_MAX_PASSWD_SIZE = 1024 ; //#define DEBUG_PGPHANDLER 1 //#define PGPHANDLER_DSA_SUPPORT -PassphraseCallback PGPHandler::_passphrase_callback = NULL ; - ops_keyring_t *OpenPGPSDKHandler::allocateOPSKeyring() { ops_keyring_t *kr = (ops_keyring_t*)rs_malloc(sizeof(ops_keyring_t)) ; diff --git a/libretroshare/src/pgp/openpgpsdkhandler.h b/libretroshare/src/pgp/openpgpsdkhandler.h index e6c06ba84..8aff1459b 100644 --- a/libretroshare/src/pgp/openpgpsdkhandler.h +++ b/libretroshare/src/pgp/openpgpsdkhandler.h @@ -51,7 +51,7 @@ public: // Implemented API from PGPHandler // //================================================================================================// - virtual std::string makeRadixEncodedPGPKey(uint32_t key_index,bool include_signatures) override; + //virtual std::string makeRadixEncodedPGPKey(uint32_t key_index,bool include_signatures) override; virtual bool removeKeysFromPGPKeyring(const std::set& key_ids,std::string& backup_file,uint32_t& error_code) override; virtual bool availableGPGCertificatesWithPrivateKeys(std::list& ids) override; virtual bool GeneratePGPCertificate(const std::string& name, const std::string& email, const std::string& passphrase, RsPgpId& pgpId, const int keynumbits, std::string& errString) override; diff --git a/libretroshare/src/pgp/pgphandler.h b/libretroshare/src/pgp/pgphandler.h index 07b02325c..19323b142 100644 --- a/libretroshare/src/pgp/pgphandler.h +++ b/libretroshare/src/pgp/pgphandler.h @@ -91,7 +91,7 @@ public: // and given pack for proper display. // virtual bool removeKeysFromPGPKeyring(const std::set& key_ids,std::string& backup_file,uint32_t& error_code) =0; - virtual std::string makeRadixEncodedPGPKey(uint32_t key_index,bool include_signatures) =0; + //virtual std::string makeRadixEncodedPGPKey(uint32_t key_index,bool include_signatures) =0; virtual bool availableGPGCertificatesWithPrivateKeys(std::list& ids)=0; virtual bool GeneratePGPCertificate(const std::string& name, const std::string& email, const std::string& passwd, RsPgpId& pgpId, const int keynumbits, std::string& errString) =0; From b328c3a49317ee3ff383224464e87f21115e1529 Mon Sep 17 00:00:00 2001 From: csoler Date: Fri, 29 Oct 2021 18:51:40 +0200 Subject: [PATCH 05/10] renamed AuthGPG into AuthPGP --- .../src/gossipdiscovery/p3gossipdiscovery.cc | 20 +-- libretroshare/src/pgp/pgpauxutils.cc | 10 +- libretroshare/src/pqi/authgpg.cc | 124 +++++++++--------- libretroshare/src/pqi/authgpg.h | 12 +- libretroshare/src/pqi/authssl.cc | 12 +- libretroshare/src/pqi/p3peermgr.cc | 20 +-- libretroshare/src/pqi/pqissl.cc | 2 +- libretroshare/src/pqi/pqissllistener.cc | 2 +- libretroshare/src/rsserver/p3face-config.cc | 2 +- libretroshare/src/rsserver/p3peers.cc | 56 ++++---- libretroshare/src/rsserver/p3serverconfig.cc | 2 +- libretroshare/src/rsserver/rsaccounts.cc | 24 ++-- libretroshare/src/rsserver/rsinit.cc | 8 +- libretroshare/src/rsserver/rsloginhandler.cc | 4 +- libretroshare/src/services/p3idservice.cc | 4 +- 15 files changed, 151 insertions(+), 151 deletions(-) diff --git a/libretroshare/src/gossipdiscovery/p3gossipdiscovery.cc b/libretroshare/src/gossipdiscovery/p3gossipdiscovery.cc index 179a845d7..ad95f7ee3 100644 --- a/libretroshare/src/gossipdiscovery/p3gossipdiscovery.cc +++ b/libretroshare/src/gossipdiscovery/p3gossipdiscovery.cc @@ -107,7 +107,7 @@ p3discovery2::p3discovery2( addSerialType(new RsDiscSerialiser()); // Add self into PGP FriendList. - mFriendList[AuthGPG::getGPGOwnId()] = DiscPgpInfo(); + mFriendList[AuthPGP::getGPGOwnId()] = DiscPgpInfo(); } @@ -219,7 +219,7 @@ void p3discovery2::removeFriend(const RsPeerId &sslId) std::cerr << std::endl; #endif /* pgp peer without any ssl entries -> check if they are still a real friend */ - if (!(AuthGPG::isGPGAccepted(pgpId))) + if (!(AuthPGP::isGPGAccepted(pgpId))) { #ifdef P3DISC_DEBUG std::cerr << "p3discovery2::addFriend() pgpId is no longer a friend, removing"; @@ -604,8 +604,8 @@ void p3discovery2::updatePgpFriendList() std::list::iterator lit; std::map::iterator it; - RsPgpId ownPgpId = AuthGPG::getGPGOwnId(); - AuthGPG::getGPGAcceptedList(pgpList); + RsPgpId ownPgpId = AuthPGP::getGPGOwnId(); + AuthPGP::getGPGAcceptedList(pgpList); pgpList.push_back(ownPgpId); // convert to set for ordering. @@ -723,7 +723,7 @@ void p3discovery2::processPGPList(const RsPeerId &fromId, const RsDiscPgpListIte std::set::const_iterator fit; for(fit = item->pgpIdSet.ids.begin(); fit != item->pgpIdSet.ids.end(); ++fit) { - if (!AuthGPG::isPGPId(*fit)) + if (!AuthPGP::isPGPId(*fit)) { #ifdef P3DISC_DEBUG std::cerr << "p3discovery2::processPGPList() requesting certificate for PgpId: " << *fit; @@ -1058,11 +1058,11 @@ void p3discovery2::recvPGPCertificateRequest( const RsPeerId& fromId, const RsDi return; } - RsPgpId ownPgpId = AuthGPG::getGPGOwnId(); + RsPgpId ownPgpId = AuthPGP::getGPGOwnId(); for(const RsPgpId& pgpId : item->pgpIdSet.ids) if (pgpId == ownPgpId) sendPGPCertificate(pgpId, fromId); - else if(ps.vs_disc != RS_VS_DISC_OFF && AuthGPG::isGPGAccepted(pgpId)) + else if(ps.vs_disc != RS_VS_DISC_OFF && AuthPGP::isGPGAccepted(pgpId)) sendPGPCertificate(pgpId, fromId); else std::cerr << "(WW) not sending certificate " << pgpId << " asked by friend " << fromId << " because this either this cert is not a friend, or discovery is off" << std::endl; @@ -1078,7 +1078,7 @@ void p3discovery2::sendPGPCertificate(const RsPgpId &aboutId, const RsPeerId &to unsigned char *bin_data; size_t bin_len; - if(!AuthGPG::exportPublicKey(aboutId,bin_data,bin_len,false,true)) + if(!AuthPGP::exportPublicKey(aboutId,bin_data,bin_len,false,true)) { std::cerr << "(EE) cannot export public key " << aboutId << " requested by peer " << toId << std::endl; return ; @@ -1098,7 +1098,7 @@ void p3discovery2::recvPGPCertificate(const RsPeerId& fromId, RsDiscPgpKeyItem* std::string cert_name; std::list cert_signers; - if(!AuthGPG::getGPGDetailsFromBinaryBlock( (unsigned char*)item->bin_data,item->bin_len, cert_pgp_id, cert_name, cert_signers )) + if(!AuthPGP::getGPGDetailsFromBinaryBlock( (unsigned char*)item->bin_data,item->bin_len, cert_pgp_id, cert_name, cert_signers )) { std::cerr << "(EE) cannot parse own PGP key sent by " << fromId << std::endl; return; @@ -1147,7 +1147,7 @@ void p3discovery2::recvPGPCertificate(const RsPeerId& fromId, RsDiscPgpKeyItem* // otherwise the connection should already be accepted. This only happens when the short invite peer sends its own PGP key. if(det.skip_pgp_signature_validation) - AuthGPG::AllowConnection(det.gpg_id,true); + AuthPGP::AllowConnection(det.gpg_id,true); } /************* from pqiServiceMonitor *******************/ diff --git a/libretroshare/src/pgp/pgpauxutils.cc b/libretroshare/src/pgp/pgpauxutils.cc index a9c3b36f6..99d3e8880 100644 --- a/libretroshare/src/pgp/pgpauxutils.cc +++ b/libretroshare/src/pgp/pgpauxutils.cc @@ -34,7 +34,7 @@ PgpAuxUtilsImpl::PgpAuxUtilsImpl() const RsPgpId& PgpAuxUtilsImpl::getPGPOwnId() { - return AuthGPG::getGPGOwnId(); + return AuthPGP::getGPGOwnId(); } RsPgpId PgpAuxUtilsImpl::getPGPId(const RsPeerId& sslid) @@ -44,7 +44,7 @@ RsPgpId PgpAuxUtilsImpl::getPGPId(const RsPeerId& sslid) bool PgpAuxUtilsImpl::getKeyFingerprint(const RsPgpId& id,PGPFingerprintType& fp) const { - return AuthGPG::getKeyFingerprint(id, fp); + return AuthPGP::getKeyFingerprint(id, fp); } bool PgpAuxUtilsImpl::VerifySignBin(const void *data, @@ -54,17 +54,17 @@ bool PgpAuxUtilsImpl::VerifySignBin(const void *data, const PGPFingerprintType& withfingerprint) { - return AuthGPG::VerifySignBin(data, len, sign, signlen, withfingerprint); + return AuthPGP::VerifySignBin(data, len, sign, signlen, withfingerprint); } bool PgpAuxUtilsImpl::getGPGAllList(std::list &ids) { - return AuthGPG::getGPGAllList(ids); + return AuthPGP::getGPGAllList(ids); } bool PgpAuxUtilsImpl::parseSignature(unsigned char *sign, unsigned int signlen, RsPgpId& issuer) const { - return AuthGPG::parseSignature(sign,signlen,issuer); + return AuthPGP::parseSignature(sign,signlen,issuer); } diff --git a/libretroshare/src/pqi/authgpg.cc b/libretroshare/src/pqi/authgpg.cc index b870b5d1e..5e93823a4 100644 --- a/libretroshare/src/pqi/authgpg.cc +++ b/libretroshare/src/pqi/authgpg.cc @@ -46,7 +46,7 @@ //const rstime_t STORE_KEY_TIMEOUT = 1 * 60 * 60; //store key is call around every hour -AuthGPG *AuthGPG::_instance = NULL ; +AuthPGP *AuthPGP::_instance = NULL ; void cleanupZombies(int numkill); // function to cleanup zombies under OSX. @@ -54,24 +54,24 @@ void cleanupZombies(int numkill); // function to cleanup zombies under OSX. /* Function to sign X509_REQ via GPGme. */ -int AuthGPG::availableGPGCertificatesWithPrivateKeys(std::list& pgpIds) +int AuthPGP::availableGPGCertificatesWithPrivateKeys(std::list& pgpIds) { return instance()->mPgpHandler->availableGPGCertificatesWithPrivateKeys(pgpIds); } -bool AuthGPG::getGPGDetailsFromBinaryBlock(const unsigned char *mem,size_t mem_size,RsPgpId& key_id, std::string& name, std::list& signers) +bool AuthPGP::getGPGDetailsFromBinaryBlock(const unsigned char *mem,size_t mem_size,RsPgpId& key_id, std::string& name, std::list& signers) { return instance()->mPgpHandler->getGPGDetailsFromBinaryBlock(mem,mem_size,key_id,name,signers); } -void AuthGPG::registerToConfigMgr(const std::string& fname,p3ConfigMgr *CfgMgr) +void AuthPGP::registerToConfigMgr(const std::string& fname,p3ConfigMgr *CfgMgr) { CfgMgr->addConfiguration(fname, instance()); } -bool AuthGPG::decryptTextFromFile(std::string& text,const std::string& inputfile) +bool AuthPGP::decryptTextFromFile(std::string& text,const std::string& inputfile) { return instance()->mPgpHandler->decryptTextFromFile(instance()->mOwnGpgId,text,inputfile) ; } -bool AuthGPG::removeKeysFromPGPKeyring(const std::set& pgp_ids,std::string& backup_file,uint32_t& error_code) +bool AuthPGP::removeKeysFromPGPKeyring(const std::set& pgp_ids,std::string& backup_file,uint32_t& error_code) { // std::list pids ; // @@ -86,7 +86,7 @@ bool AuthGPG::removeKeysFromPGPKeyring(const std::set& pgp_ids,std::str // return instance()->mPgpHandler->decryptTextFromString(mOwnGpgId,encrypted_text,output) ; // } -bool AuthGPG::encryptTextToFile(const std::string& text,const std::string& outfile) +bool AuthPGP::encryptTextToFile(const std::string& text,const std::string& outfile) { return instance()->mPgpHandler->encryptTextToFile(instance()->mOwnGpgId,text,outfile) ; } @@ -107,7 +107,7 @@ std::string pgp_pwd_callback(void * /*hook*/, const char *uid_title, const char return password ; } -void AuthGPG::init( +void AuthPGP::init( const std::string& path_to_public_keyring, const std::string& path_to_secret_keyring, const std::string& path_to_trustdb, @@ -121,12 +121,12 @@ void AuthGPG::init( // if(cb) instance()->mPgpHandler->setPassphraseCallback(cb);else instance()->mPgpHandler->setPassphraseCallback(pgp_pwd_callback); - _instance = new AuthGPG( path_to_public_keyring, + _instance = new AuthPGP( path_to_public_keyring, path_to_secret_keyring, path_to_trustdb, pgp_lock_file ); } -void AuthGPG::exit() +void AuthPGP::exit() { if(_instance) { @@ -136,7 +136,7 @@ void AuthGPG::exit() } } -AuthGPG::AuthGPG(const std::string& path_to_public_keyring,const std::string& path_to_secret_keyring,const std::string& path_to_trustdb,const std::string& pgp_lock_file) +AuthPGP::AuthPGP(const std::string& path_to_public_keyring,const std::string& path_to_secret_keyring,const std::string& path_to_trustdb,const std::string& pgp_lock_file) :p3Config(), gpgMtxService("AuthGPG-service"), gpgMtxEngine("AuthGPG-engine"), @@ -178,7 +178,7 @@ AuthGPG::AuthGPG(const std::string& path_to_public_keyring,const std::string& pa * This function must be called successfully (return == 1) * before anything else can be done. (except above fn). */ -int AuthGPG::GPGInit(const RsPgpId &ownId) +int AuthPGP::GPGInit(const RsPgpId &ownId) { #ifdef DEBUG_AUTHGPG std::cerr << "AuthGPG::GPGInit() called with own gpg id : " << ownId.toStdString() << std::endl; @@ -197,11 +197,11 @@ int AuthGPG::GPGInit(const RsPgpId &ownId) return 1; } - AuthGPG::~AuthGPG() + AuthPGP::~AuthPGP() { } -void AuthGPG::threadTick() +void AuthPGP::threadTick() { rstime::rs_usleep(100 * 1000); //100 msec @@ -223,7 +223,7 @@ void AuthGPG::threadTick() }//if (++count >= 100 || _force_sync_database) } -void AuthGPG::processServices() +void AuthPGP::processServices() { AuthGPGOperation *operation = NULL; AuthGPGService *service = NULL; @@ -318,29 +318,29 @@ void AuthGPG::processServices() delete operation; } -bool AuthGPG::DoOwnSignature(const void *data, unsigned int datalen, void *buf_sigout, unsigned int *outl, std::string reason /* = "" */) +bool AuthPGP::DoOwnSignature(const void *data, unsigned int datalen, void *buf_sigout, unsigned int *outl, std::string reason /* = "" */) { return instance()->mPgpHandler->SignDataBin(mOwnGpgId,data,datalen,(unsigned char *)buf_sigout,outl,false,reason) ; } /* import to GnuPG and other Certificates */ -bool AuthGPG::VerifySignature(const void *data, int datalen, const void *sig, unsigned int siglen, const PGPFingerprintType& withfingerprint) +bool AuthPGP::VerifySignature(const void *data, int datalen, const void *sig, unsigned int siglen, const PGPFingerprintType& withfingerprint) { return instance()->mPgpHandler->VerifySignBin((unsigned char*)data,datalen,(unsigned char*)sig,siglen,withfingerprint) ; } -bool AuthGPG::parseSignature(const void *sig, unsigned int siglen, RsPgpId& issuer_id) +bool AuthPGP::parseSignature(const void *sig, unsigned int siglen, RsPgpId& issuer_id) { return instance()->mPgpHandler->parseSignature((unsigned char*)sig,siglen,issuer_id) ; } -bool AuthGPG::exportProfile(const std::string& fname,const RsPgpId& exported_id) +bool AuthPGP::exportProfile(const std::string& fname,const RsPgpId& exported_id) { return instance()->mPgpHandler->exportGPGKeyPair(fname,exported_id) ; } -bool AuthGPG::exportIdentityToString( +bool AuthPGP::exportIdentityToString( std::string& data, const RsPgpId& pgpId, bool includeSignatures, std::string& errorMsg ) { @@ -348,24 +348,24 @@ bool AuthGPG::exportIdentityToString( data, pgpId, includeSignatures, errorMsg); } -bool AuthGPG::importProfile(const std::string& fname,RsPgpId& imported_id,std::string& import_error) +bool AuthPGP::importProfile(const std::string& fname,RsPgpId& imported_id,std::string& import_error) { return instance()->mPgpHandler->importGPGKeyPair(fname,imported_id,import_error) ; } -bool AuthGPG::importProfileFromString(const std::string &data, RsPgpId &gpg_id, std::string &import_error) +bool AuthPGP::importProfileFromString(const std::string &data, RsPgpId &gpg_id, std::string &import_error) { return instance()->mPgpHandler->importGPGKeyPairFromString(data, gpg_id, import_error); } -bool AuthGPG::active() +bool AuthPGP::active() { RsStackMutex stack(instance()->gpgMtxData); /******* LOCKED ******/ return instance()->gpgKeySelected; } -bool AuthGPG::GeneratePGPCertificate(const std::string& name, const std::string& email, const std::string& passwd, RsPgpId& pgpId, const int keynumbits, std::string& errString) +bool AuthPGP::GeneratePGPCertificate(const std::string& name, const std::string& email, const std::string& passwd, RsPgpId& pgpId, const int keynumbits, std::string& errString) { RsStackMutex stack(instance()->gpgMtxEngine); /******* LOCKED ******/ @@ -373,7 +373,7 @@ bool AuthGPG::GeneratePGPCertificate(const std::string& name, const std::stri } /**** These Two are common */ -std::string AuthGPG::getGPGName(const RsPgpId& id,bool *success) +std::string AuthPGP::getGPGName(const RsPgpId& id,bool *success) { RsStackMutex stack(instance()->gpgMtxData); /******* LOCKED ******/ @@ -391,7 +391,7 @@ std::string AuthGPG::getGPGName(const RsPgpId& id,bool *success) } } -AuthGPG *AuthGPG::instance() +AuthPGP *AuthPGP::instance() { if(!_instance) { @@ -401,16 +401,16 @@ AuthGPG *AuthGPG::instance() return _instance; } -bool AuthGPG::isPGPId(const RsPgpId& id) +bool AuthPGP::isPGPId(const RsPgpId& id) { return instance()->mPgpHandler->isGPGId(id); } -bool AuthGPG::isPGPAccepted(const RsPgpId& id) +bool AuthPGP::isPGPAccepted(const RsPgpId& id) { return instance()->mPgpHandler->isGPGAccepted(id); } /**** These Two are common */ -std::string AuthGPG::getGPGEmail(const RsPgpId& id,bool *success) +std::string AuthPGP::getGPGEmail(const RsPgpId& id,bool *success) { RsStackMutex stack(instance()->gpgMtxData); /******* LOCKED ******/ const PGPCertificateInfo *info = instance()->mPgpHandler->getCertificateInfo(id) ; @@ -429,18 +429,18 @@ std::string AuthGPG::getGPGEmail(const RsPgpId& id,bool *success) /**** GPG versions ***/ -const RsPgpId& AuthGPG::getGPGOwnId() +const RsPgpId& AuthPGP::getGPGOwnId() { RsStackMutex stack(instance()->gpgMtxData); /******* LOCKED ******/ return instance()->mOwnGpgId ; } -std::string AuthGPG::getGPGOwnName() +std::string AuthPGP::getGPGOwnName() { return getGPGName(instance()->mOwnGpgId) ; } -bool AuthGPG::getGPGAllList(std::list &ids) +bool AuthPGP::getGPGAllList(std::list &ids) { RsStackMutex stack(instance()->gpgMtxData); /******* LOCKED ******/ @@ -448,7 +448,7 @@ bool AuthGPG::getGPGAllList(std::list &ids) return true; } -const PGPCertificateInfo *AuthGPG::getCertInfoFromStdString(const std::string& pgp_id) const +const PGPCertificateInfo *AuthPGP::getCertInfoFromStdString(const std::string& pgp_id) const { try { @@ -460,11 +460,11 @@ const PGPCertificateInfo *AuthGPG::getCertInfoFromStdString(const std::string& p return NULL ; } } -bool AuthGPG::haveSecretKey(const RsPgpId& id) +bool AuthPGP::haveSecretKey(const RsPgpId& id) { return instance()->mPgpHandler->haveSecretKey(id) ; } -bool AuthGPG::isKeySupported(const RsPgpId& id) +bool AuthPGP::isKeySupported(const RsPgpId& id) { const PGPCertificateInfo *pc = instance()->mPgpHandler->getCertificateInfo(id) ; @@ -474,7 +474,7 @@ bool AuthGPG::isKeySupported(const RsPgpId& id) return !(pc->_flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_UNSUPPORTED_ALGORITHM) ; } -bool AuthGPG::getGPGDetails(const RsPgpId& pgp_id, RsPeerDetails &d) +bool AuthPGP::getGPGDetails(const RsPgpId& pgp_id, RsPeerDetails &d) { RsStackMutex stack(instance()->gpgMtxData); /******* LOCKED ******/ @@ -505,7 +505,7 @@ bool AuthGPG::getGPGDetails(const RsPgpId& pgp_id, RsPeerDetails &d) return true; } -bool AuthGPG::getGPGFilteredList(std::list& list,bool (*filter)(const PGPCertificateInfo&)) +bool AuthPGP::getGPGFilteredList(std::list& list,bool (*filter)(const PGPCertificateInfo&)) { return instance()->mPgpHandler->getGPGFilteredList(list,filter) ; } @@ -514,17 +514,17 @@ static bool filter_Validity(const PGPCertificateInfo& /*info*/) { return true ; static bool filter_Accepted(const PGPCertificateInfo& info) { return info._flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_ACCEPT_CONNEXION ; } static bool filter_OwnSigned(const PGPCertificateInfo& info) { return info._flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_HAS_OWN_SIGNATURE ; } -bool AuthGPG::getGPGValidList(std::list &ids) +bool AuthPGP::getGPGValidList(std::list &ids) { return getGPGFilteredList(ids,&filter_Validity); } -bool AuthGPG::getGPGAcceptedList(std::list &ids) +bool AuthPGP::getGPGAcceptedList(std::list &ids) { return getGPGFilteredList(ids,&filter_Accepted); } -bool AuthGPG::getGPGSignedList(std::list &ids) +bool AuthPGP::getGPGSignedList(std::list &ids) { return getGPGFilteredList(ids,&filter_OwnSigned); } @@ -557,14 +557,14 @@ bool AuthGPG::getGPGSignedList(std::list &ids) /* SKTAN : do not know how to use std::string id */ - std::string AuthGPG::SaveCertificateToString(const RsPgpId &id,bool include_signatures) + std::string AuthPGP::SaveCertificateToString(const RsPgpId &id,bool include_signatures) { RsStackMutex stack(instance()->gpgMtxEngine); /******* LOCKED ******/ return instance()->mPgpHandler->SaveCertificateToString(id,include_signatures) ; } /* import to GnuPG and other Certificates */ -bool AuthGPG::LoadPGPKeyFromBinaryData(const unsigned char *data,uint32_t data_len, RsPgpId& gpg_id,std::string& error_string) +bool AuthPGP::LoadPGPKeyFromBinaryData(const unsigned char *data,uint32_t data_len, RsPgpId& gpg_id,std::string& error_string) { RsStackMutex stack(instance()->gpgMtxEngine); /******* LOCKED ******/ @@ -578,7 +578,7 @@ bool AuthGPG::LoadPGPKeyFromBinaryData(const unsigned char *data,uint32_t data_l } /* import to GnuPG and other Certificates */ -bool AuthGPG::LoadCertificateFromString(const std::string &str, RsPgpId& gpg_id,std::string& error_string) +bool AuthPGP::LoadCertificateFromString(const std::string &str, RsPgpId& gpg_id,std::string& error_string) { RsStackMutex stack(instance()->gpgMtxEngine); /******* LOCKED ******/ @@ -605,7 +605,7 @@ bool AuthGPG::LoadCertificateFromString(const std::string &str, RsPgpId& gpg_id, /*************************************/ /* These take PGP Ids */ -bool AuthGPG::AllowConnection(const RsPgpId& gpg_id, bool accept) +bool AuthPGP::AllowConnection(const RsPgpId& gpg_id, bool accept) { #ifdef GPG_DEBUG std::cerr << "AuthGPG::AllowConnection(" << gpg_id << ")" << std::endl; @@ -625,7 +625,7 @@ bool AuthGPG::AllowConnection(const RsPgpId& gpg_id, bool accept) } /* These take PGP Ids */ -bool AuthGPG::SignCertificateLevel0(const RsPgpId &id) +bool AuthPGP::SignCertificateLevel0(const RsPgpId &id) { #ifdef GPG_DEBUG std::cerr << "AuthGPG::SignCertificat(" << id << ")" << std::endl; @@ -634,7 +634,7 @@ bool AuthGPG::SignCertificateLevel0(const RsPgpId &id) return instance()->privateSignCertificate(id) ; } -bool AuthGPG::RevokeCertificate(const RsPgpId &id) +bool AuthPGP::RevokeCertificate(const RsPgpId &id) { /* remove unused parameter warnings */ (void) id; @@ -646,7 +646,7 @@ bool AuthGPG::RevokeCertificate(const RsPgpId &id) return false; } -bool AuthGPG::TrustCertificate(const RsPgpId& id, int trustlvl) +bool AuthPGP::TrustCertificate(const RsPgpId& id, int trustlvl) { #ifdef GPG_DEBUG std::cerr << "AuthGPG::TrustCertificate(" << id << ", " << trustlvl << ")" << std::endl; @@ -654,41 +654,41 @@ bool AuthGPG::TrustCertificate(const RsPgpId& id, int trustlvl) return instance()->privateTrustCertificate(id, trustlvl) ; } -bool AuthGPG::encryptDataBin(const RsPgpId& pgp_id,const void *data, unsigned int datalen, unsigned char *sign, unsigned int *signlen) +bool AuthPGP::encryptDataBin(const RsPgpId& pgp_id,const void *data, unsigned int datalen, unsigned char *sign, unsigned int *signlen) { return instance()->mPgpHandler->encryptDataBin(RsPgpId(pgp_id),data,datalen,sign,signlen) ; } -bool AuthGPG::decryptDataBin(const void *data, unsigned int datalen, unsigned char *sign, unsigned int *signlen) +bool AuthPGP::decryptDataBin(const void *data, unsigned int datalen, unsigned char *sign, unsigned int *signlen) { return instance()->mPgpHandler->decryptDataBin(instance()->mOwnGpgId,data,datalen,sign,signlen) ; } -bool AuthGPG::SignDataBin(const void *data, unsigned int datalen, unsigned char *sign, unsigned int *signlen, std::string reason /*= ""*/) +bool AuthPGP::SignDataBin(const void *data, unsigned int datalen, unsigned char *sign, unsigned int *signlen, std::string reason /*= ""*/) { return instance()->DoOwnSignature(data, datalen, sign, signlen, reason); } -bool AuthGPG::exportPublicKey( const RsPgpId& id, unsigned char*& mem_block, size_t& mem_size, bool armoured, bool include_signatures ) +bool AuthPGP::exportPublicKey( const RsPgpId& id, unsigned char*& mem_block, size_t& mem_size, bool armoured, bool include_signatures ) { return instance()->mPgpHandler->exportPublicKey(id,mem_block,mem_size,armoured,include_signatures); } -bool AuthGPG::isPgpPubKeyAvailable(const RsPgpId& pgp_id) +bool AuthPGP::isPgpPubKeyAvailable(const RsPgpId& pgp_id) { return instance()->mPgpHandler->isPgpPubKeyAvailable(pgp_id); } -bool AuthGPG::getKeyFingerprint(const RsPgpId& id,PGPFingerprintType& fp) +bool AuthPGP::getKeyFingerprint(const RsPgpId& id,PGPFingerprintType& fp) { return instance()->mPgpHandler->getKeyFingerprint(id,fp); } -bool AuthGPG::VerifySignBin(const void *data, uint32_t datalen, unsigned char *sign, unsigned int signlen, const PGPFingerprintType& withfingerprint) +bool AuthPGP::VerifySignBin(const void *data, uint32_t datalen, unsigned char *sign, unsigned int signlen, const PGPFingerprintType& withfingerprint) { return instance()->VerifySignature(data, datalen, sign, signlen, withfingerprint); } /* Sign/Trust stuff */ -int AuthGPG::privateSignCertificate(const RsPgpId &id) +int AuthPGP::privateSignCertificate(const RsPgpId &id) { RsStackMutex stack(gpgMtxData); /******* LOCKED ******/ @@ -698,7 +698,7 @@ int AuthGPG::privateSignCertificate(const RsPgpId &id) } /* revoke the signature on Certificate */ -int AuthGPG::privateRevokeCertificate(const RsPgpId &/*id*/) +int AuthPGP::privateRevokeCertificate(const RsPgpId &/*id*/) { //RsStackMutex stack(gpgMtx); /******* LOCKED ******/ std::cerr << __PRETTY_FUNCTION__ << ": not implemented!" << std::endl; @@ -706,7 +706,7 @@ int AuthGPG::privateRevokeCertificate(const RsPgpId &/*id*/) return 0; } -int AuthGPG::privateTrustCertificate(const RsPgpId& id, int trustlvl) +int AuthPGP::privateTrustCertificate(const RsPgpId& id, int trustlvl) { RsStackMutex stack(gpgMtxData); /******* LOCKED ******/ @@ -726,18 +726,18 @@ int AuthGPG::privateTrustCertificate(const RsPgpId& id, int trustlvl) // -------------------------------- Config functions ------------------------------ // // -----------------------------------------------------------------------------------// // -RsSerialiser *AuthGPG::setupSerialiser() +RsSerialiser *AuthPGP::setupSerialiser() { RsSerialiser *rss = new RsSerialiser ; rss->addSerialType(new RsGeneralConfigSerialiser()); return rss ; } -bool AuthGPG::isGPGAccepted(const RsPgpId& id) +bool AuthPGP::isGPGAccepted(const RsPgpId& id) { return instance()->mPgpHandler->isGPGAccepted(id); } -bool AuthGPG::saveList(bool& cleanup, std::list& lst) +bool AuthPGP::saveList(bool& cleanup, std::list& lst) { #ifdef GPG_DEBUG std::cerr << "AuthGPG::saveList() called" << std::endl ; @@ -768,7 +768,7 @@ bool AuthGPG::saveList(bool& cleanup, std::list& lst) return true; } -bool AuthGPG::loadList(std::list& load) +bool AuthPGP::loadList(std::list& load) { #ifdef GPG_DEBUG std::cerr << "AuthGPG::loadList() Item Count: " << load.size() << std::endl; @@ -799,7 +799,7 @@ bool AuthGPG::loadList(std::list& load) return true; } -bool AuthGPG::addService(AuthGPGService *service) +bool AuthPGP::addService(AuthGPGService *service) { RsStackMutex stack(instance()->gpgMtxService); /********* LOCKED *********/ diff --git a/libretroshare/src/pqi/authgpg.h b/libretroshare/src/pqi/authgpg.h index 177f71663..d124efdd4 100644 --- a/libretroshare/src/pqi/authgpg.h +++ b/libretroshare/src/pqi/authgpg.h @@ -89,7 +89,7 @@ public: virtual void setGPGOperation(AuthGPGOperation *operation) = 0; }; -class AuthGPG: public p3Config, public RsTickingThread +class AuthPGP: public p3Config, public RsTickingThread { public: static void init(const std::string& path_to_pubring, @@ -237,11 +237,11 @@ public: static bool addService(AuthGPGService *service) ; // This is for debug purpose only. Don't use it !! - static void setAuthGPG_debug(AuthGPG *auth_gpg) { _instance = auth_gpg ; } + static void setAuthGPG_debug(AuthPGP *auth_gpg) { _instance = auth_gpg ; } protected: - AuthGPG(const std::string& path_to_pubring, const std::string& path_to_secring,const std::string& path_to_trustdb,const std::string& pgp_lock_file); - virtual ~AuthGPG(); + AuthPGP(const std::string& path_to_pubring, const std::string& path_to_secring,const std::string& path_to_trustdb,const std::string& pgp_lock_file); + virtual ~AuthPGP(); /*****************************************************************/ /*********************** p3config ******************************/ @@ -286,7 +286,7 @@ private: void threadTick() override; /// @see RsTickingThread private: - static AuthGPG *instance(); + static AuthPGP *instance(); RsMutex gpgMtxService; RsMutex gpgMtxEngine; @@ -310,7 +310,7 @@ private: std::list services ; - static AuthGPG *_instance ; + static AuthPGP *_instance ; }; #endif diff --git a/libretroshare/src/pqi/authssl.cc b/libretroshare/src/pqi/authssl.cc index 6d14d0043..47eea9e58 100644 --- a/libretroshare/src/pqi/authssl.cc +++ b/libretroshare/src/pqi/authssl.cc @@ -759,7 +759,7 @@ X509 *AuthSSLimpl::SignX509ReqWithGPG(X509_REQ *req, long /*days*/) //long version = 0x00; unsigned long chtype = MBSTRING_UTF8; X509_NAME *issuer_name = X509_NAME_new(); - X509_NAME_add_entry_by_txt(issuer_name, "CN", chtype, (unsigned char *) AuthGPG::getGPGOwnId().toStdString().c_str(), -1, -1, 0); + X509_NAME_add_entry_by_txt(issuer_name, "CN", chtype, (unsigned char *) AuthPGP::getGPGOwnId().toStdString().c_str(), -1, -1, 0); /**** X509_NAME_add_entry_by_NID(issuer_name, 48, 0, (unsigned char *) "email@email.com", -1, -1, 0); @@ -769,7 +769,7 @@ X509 *AuthSSLimpl::SignX509ReqWithGPG(X509_REQ *req, long /*days*/) (unsigned char *) "loc", -1, -1, 0); ****/ - std::cerr << "AuthSSLimpl::SignX509Req() Issuer name: " << AuthGPG::getGPGOwnId().toStdString() << std::endl; + std::cerr << "AuthSSLimpl::SignX509Req() Issuer name: " << AuthPGP::getGPGOwnId().toStdString() << std::endl; #ifdef V07_NON_BACKWARD_COMPATIBLE_CHANGE_002 static const uint64_t CERTIFICATE_SERIAL_NUMBER = RS_CERTIFICATE_VERSION_NUMBER_07_0001 ; @@ -944,7 +944,7 @@ X509 *AuthSSLimpl::SignX509ReqWithGPG(X509_REQ *req, long /*days*/) std::cerr << "Buffers Allocated" << std::endl; /* NOW Sign via GPG Functions */ - if (!AuthGPG::SignDataBin(buf_in, inl, buf_sigout, (unsigned int *) &sigoutl,"AuthSSLimpl::SignX509ReqWithGPG()")) + if (!AuthPGP::SignDataBin(buf_in, inl, buf_sigout, (unsigned int *) &sigoutl,"AuthSSLimpl::SignX509ReqWithGPG()")) { sigoutl = 0; goto err; @@ -1039,7 +1039,7 @@ bool AuthSSLimpl::AuthX509WithGPG(X509 *x509,bool verbose, uint32_t& diagnostic) { RsPgpId issuer = RsX509Cert::getCertIssuer(*x509); RsPeerDetails pd; - if (!AuthGPG::getGPGDetails(issuer, pd)) + if (!AuthPGP::getGPGDetails(issuer, pd)) { RsInfo() << __PRETTY_FUNCTION__ << " X509 NOT authenticated : " << "AuthGPG::getAuthGPG()->getGPGDetails(" << issuer @@ -1184,7 +1184,7 @@ bool AuthSSLimpl::AuthX509WithGPG(X509 *x509,bool verbose, uint32_t& diagnostic) // passed, verify the signature itself - if (!AuthGPG::VerifySignBin( signed_data, signed_data_length, signature->data, static_cast(signature->length), pd.fpr )) + if (!AuthPGP::VerifySignBin( signed_data, signed_data_length, signature->data, static_cast(signature->length), pd.fpr )) { diagnostic = RS_SSL_HANDSHAKE_DIAGNOSTIC_WRONG_SIGNATURE; goto err; @@ -1380,7 +1380,7 @@ int AuthSSLimpl::VerifyX509Callback(int /*preverify_ok*/, X509_STORE_CTX* ctx) std::cerr << "******* VerifyX509Callback cert: " << std::hex << ctx->cert < gpgIds; - AuthGPG::getGPGAcceptedList(gpgIds); + AuthPGP::getGPGAcceptedList(gpgIds); // add own gpg id, if we have more than one location std::list ownSslIds; - getAssociatedPeers(AuthGPG::getGPGOwnId(), ownSslIds); + getAssociatedPeers(AuthPGP::getGPGOwnId(), ownSslIds); return gpgIds.size() + ((ownSslIds.size() > 0) ? 1 : 0); } @@ -962,7 +962,7 @@ bool p3PeerMgrIMPL::addFriend(const RsPeerId& input_id, const RsPgpId& input_gpg // check that the PGP key is known - if(!AuthGPG::isPGPId(gpg_id)) + if(!AuthPGP::isPGPId(gpg_id)) { RsErr() << "Trying to add SSL id (" << id << ") to be validated with unknown PGP key (" << gpg_id << ". This is a bug!" << std::endl; return false; @@ -970,7 +970,7 @@ bool p3PeerMgrIMPL::addFriend(const RsPeerId& input_id, const RsPgpId& input_gpg //Authentication is now tested at connection time, we don't store the ssl cert anymore // - if (!AuthGPG::isGPGAccepted(gpg_id) && gpg_id != AuthGPG::getGPGOwnId()) + if (!AuthPGP::isGPGAccepted(gpg_id) && gpg_id != AuthPGP::getGPGOwnId()) { #ifdef PEER_DEBUG std::cerr << "p3PeerMgrIMPL::addFriend() gpg is not accepted" << std::endl; @@ -1024,7 +1024,7 @@ bool p3PeerMgrIMPL::addFriend(const RsPeerId& input_id, const RsPgpId& input_gpg pstate.id = id; pstate.gpg_id = gpg_id; - pstate.name = AuthGPG::getGPGName(gpg_id); + pstate.name = AuthPGP::getGPGName(gpg_id); pstate.vs_disc = vs_disc; pstate.vs_dht = vs_dht; @@ -1126,8 +1126,8 @@ bool p3PeerMgrIMPL::addSslOnlyFriend( const RsPeerId& sslId, const RsPgpId& pgp_ * superficially set to true the PGP signature verification would have been * skipped and the attacker connection would be accepted. * If the PGP key is available add it as full friend. */ - if(AuthGPG::isPgpPubKeyAvailable(pgp_id)) - AuthGPG::AllowConnection(pgp_id, true); + if(AuthPGP::isPgpPubKeyAvailable(pgp_id)) + AuthPGP::AllowConnection(pgp_id, true); else pstate.skip_pgp_signature_validation = true; @@ -2470,7 +2470,7 @@ bool p3PeerMgrIMPL::loadList(std::list& load) setOwnNetworkMode(pitem->netMode); setOwnVisState(pitem->vs_disc, pitem->vs_dht); - mOwnState.gpg_id = AuthGPG::getGPGOwnId(); + mOwnState.gpg_id = AuthPGP::getGPGOwnId(); mOwnState.location = AuthSSL::getAuthSSL()->getOwnLocation(); } else @@ -2642,7 +2642,7 @@ bool p3PeerMgrIMPL::loadList(std::list& load) #endif for(uint32_t i=0;ipgp_ids.size();++i) - if(AuthGPG::isGPGAccepted(sitem->pgp_ids[i]) || sitem->pgp_ids[i] == AuthGPG::getGPGOwnId()) + if(AuthPGP::isGPGAccepted(sitem->pgp_ids[i]) || sitem->pgp_ids[i] == AuthPGP::getGPGOwnId()) { mFriendsPermissionFlags[sitem->pgp_ids[i]] = sitem->service_flags[i] ; #ifdef PEER_DEBUG @@ -2684,7 +2684,7 @@ bool p3PeerMgrIMPL::loadList(std::list& load) for(auto group_pair:groupList) { for(auto profileIdIt(group_pair.second.peerIds.begin());profileIdIt!=group_pair.second.peerIds.end();) - if(AuthGPG::isGPGAccepted(*profileIdIt) || *profileIdIt == AuthGPG::getGPGOwnId()) + if(AuthPGP::isGPGAccepted(*profileIdIt) || *profileIdIt == AuthPGP::getGPGOwnId()) ++profileIdIt; else { diff --git a/libretroshare/src/pqi/pqissl.cc b/libretroshare/src/pqi/pqissl.cc index b6f655692..bf91b72d9 100644 --- a/libretroshare/src/pqi/pqissl.cc +++ b/libretroshare/src/pqi/pqissl.cc @@ -1213,7 +1213,7 @@ int pqissl::Authorise_SSL_Connection() } RsPgpId pgpId = RsX509Cert::getCertIssuer(*peercert); - if( !isSslOnlyFriend && pgpId != AuthGPG::getGPGOwnId() && !AuthGPG::isGPGAccepted(pgpId) ) + if( !isSslOnlyFriend && pgpId != AuthPGP::getGPGOwnId() && !AuthPGP::isGPGAccepted(pgpId) ) { RsFatal() << __PRETTY_FUNCTION__ << " pgpId: " << pgpId << " is not friend. It is very unlikely to happen at this " diff --git a/libretroshare/src/pqi/pqissllistener.cc b/libretroshare/src/pqi/pqissllistener.cc index a9e392a56..c579280bc 100644 --- a/libretroshare/src/pqi/pqissllistener.cc +++ b/libretroshare/src/pqi/pqissllistener.cc @@ -797,7 +797,7 @@ int pqissllistener::completeConnection(int fd, IncomingSSLInfo& info) exit(failure); } - if( !isSslOnlyFriend && pgpId != AuthGPG::getGPGOwnId() && !AuthGPG::isGPGAccepted(pgpId) ) + if( !isSslOnlyFriend && pgpId != AuthPGP::getGPGOwnId() && !AuthPGP::isGPGAccepted(pgpId) ) { RsFatal() << __PRETTY_FUNCTION__ << " pgpId: " << pgpId << " is not friend. It is very unlikely to happen at this " diff --git a/libretroshare/src/rsserver/p3face-config.cc b/libretroshare/src/rsserver/p3face-config.cc index 3251f33eb..62c60815b 100644 --- a/libretroshare/src/rsserver/p3face-config.cc +++ b/libretroshare/src/rsserver/p3face-config.cc @@ -118,7 +118,7 @@ void RsServer::rsGlobalShutDown() // if(mWire) mWire->join(); // #endif - AuthGPG::exit(); + AuthPGP::exit(); mShutdownCallback(0); } diff --git a/libretroshare/src/rsserver/p3peers.cc b/libretroshare/src/rsserver/p3peers.cc index 25caac374..58dae7e44 100644 --- a/libretroshare/src/rsserver/p3peers.cc +++ b/libretroshare/src/rsserver/p3peers.cc @@ -254,7 +254,7 @@ bool p3Peers::setPeerMaximumRates(const RsPgpId& pid,uint32_t maxUploadRate,uint bool p3Peers::haveSecretKey(const RsPgpId& id) { - return AuthGPG::haveSecretKey(id); + return AuthPGP::haveSecretKey(id); } /* There are too many dependancies of this function @@ -273,7 +273,7 @@ bool p3Peers::getPeerDetails(const RsPeerId& id, RsPeerDetails &d) if (id == sOwnId) { mPeerMgr->getOwnNetStatus(ps); - ps.gpg_id = AuthGPG::getGPGOwnId(); + ps.gpg_id = AuthPGP::getGPGOwnId(); } else if (!mPeerMgr->getFriendNetStatus(id, ps)) { @@ -559,17 +559,17 @@ bool p3Peers::isProxyAddress(const uint32_t type, const sockaddr_storage& addr) bool p3Peers::isKeySupported(const RsPgpId& id) { - return AuthGPG::isKeySupported(id); + return AuthPGP::isKeySupported(id); } std::string p3Peers::getGPGName(const RsPgpId &gpg_id) { /* get from mAuthMgr as it should have more peers? */ - return AuthGPG::getGPGName(gpg_id); + return AuthPGP::getGPGName(gpg_id); } bool p3Peers::isPgpFriend(const RsPgpId& pgpId) -{ return AuthGPG::isGPGAccepted(pgpId); } +{ return AuthPGP::isGPGAccepted(pgpId); } bool p3Peers::isSslOnlyFriend(const RsPeerId& sslId) { @@ -597,7 +597,7 @@ std::string p3Peers::getPeerName(const RsPeerId& ssl) #endif std::string name; if (ssl == AuthSSL::getAuthSSL()->OwnId()) - return AuthGPG::getGPGOwnName(); + return AuthPGP::getGPGOwnName(); if (mPeerMgr->getPeerName(ssl, name)) { @@ -617,7 +617,7 @@ bool p3Peers::getGPGAllList(std::list &ids) #endif /* get from mAuthMgr */ - AuthGPG::getGPGAllList(ids); + AuthPGP::getGPGAllList(ids); return true; } @@ -628,7 +628,7 @@ bool p3Peers::getGPGValidList(std::list &ids) #endif /* get from mAuthMgr */ - AuthGPG::getGPGValidList(ids); + AuthPGP::getGPGValidList(ids); return true; } @@ -639,14 +639,14 @@ bool p3Peers::getGPGSignedList(std::list &ids) #endif /* get from mAuthMgr */ - AuthGPG::getGPGSignedList(ids); + AuthPGP::getGPGSignedList(ids); return true; } bool p3Peers::getPgpFriendList(std::vector& pgpIds) { std::list ids; - if(AuthGPG::getGPGAcceptedList(ids)) + if(AuthPGP::getGPGAcceptedList(ids)) { pgpIds.clear(); std::copy(ids.begin(), ids.end(), std::back_inserter(pgpIds)); @@ -660,7 +660,7 @@ bool p3Peers::getGPGAcceptedList(std::list &ids) #ifdef P3PEERS_DEBUG std::cerr << "p3Peers::getGPGAcceptedList()" << std::endl; #endif - AuthGPG::getGPGAcceptedList(ids); + AuthPGP::getGPGAcceptedList(ids); return true; } @@ -676,7 +676,7 @@ bool p3Peers::getAssociatedSSLIds(const RsPgpId &gpg_id, std::list &id bool p3Peers::gpgSignData(const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen, std::string reason /* = "" */) { - return AuthGPG::SignDataBin(data,len,sign,signlen, reason); + return AuthPGP::SignDataBin(data,len,sign,signlen, reason); } RsPgpId p3Peers::pgpIdFromFingerprint(const RsPgpFingerprint& fpr) @@ -691,7 +691,7 @@ bool p3Peers::getGPGDetails(const RsPgpId &pgp_id, RsPeerDetails &d) #endif /* get from mAuthMgr */ - bool res = AuthGPG::getGPGDetails(pgp_id, d); + bool res = AuthPGP::getGPGDetails(pgp_id, d); d.isOnlyGPGdetail = true ; d.service_perm_flags = mPeerMgr->servicePermissionFlags(pgp_id) ; @@ -706,7 +706,7 @@ const RsPgpId& p3Peers::getGPGOwnId() #endif /* get from mAuthMgr */ - return AuthGPG::getGPGOwnId(); + return AuthPGP::getGPGOwnId(); } RsPgpId p3Peers::getGPGId(const RsPeerId& sslid) @@ -718,7 +718,7 @@ RsPgpId p3Peers::getGPGId(const RsPeerId& sslid) /* get from mAuthMgr */ if (sslid == AuthSSL::getAuthSSL()->OwnId()) { - return AuthGPG::getGPGOwnId(); + return AuthPGP::getGPGOwnId(); } peerState pcs; if (mPeerMgr->getFriendNetStatus(sslid, pcs)) @@ -739,12 +739,12 @@ bool p3Peers::addFriend(const RsPeerId &ssl_id, const RsPgpId &gpg_id,ServicePe #ifdef P3PEERS_DEBUG std::cerr << "p3Peers::addFriend() with : id : " << id << "; gpg_id : " << gpg_id << std::endl; #endif - if(AuthGPG::isPGPId(gpg_id)) + if(AuthPGP::isPGPId(gpg_id)) { #ifdef P3PEERS_DEBUG std::cerr << "p3Peers::addFriend() Authorising GPG Id: " << gpg_id << std::endl; #endif - if (AuthGPG::AllowConnection(gpg_id, true)) + if (AuthPGP::AllowConnection(gpg_id, true)) { #ifdef P3PEERS_DEBUG std::cerr << "p3Peers::addFriend() Authorization OK." << std::endl; @@ -797,7 +797,7 @@ bool p3Peers::addSslOnlyFriend( const RsPeerId& sslId, const RsPgpId& pgp_id,con bool p3Peers::removeKeysFromPGPKeyring(const std::set& pgp_ids,std::string& backup_file,uint32_t& error_code) { - return AuthGPG::removeKeysFromPGPKeyring(pgp_ids,backup_file,error_code) ; + return AuthPGP::removeKeysFromPGPKeyring(pgp_ids,backup_file,error_code) ; } bool p3Peers::removeFriendLocation(const RsPeerId &sslId) @@ -817,7 +817,7 @@ bool p3Peers::removeFriend(const RsPgpId& gpgId) #ifdef P3PEERS_DEBUG std::cerr << "p3Peers::removeFriend() " << gpgId << std::endl; #endif - if (gpgId == AuthGPG::getGPGOwnId()) { + if (gpgId == AuthPGP::getGPGOwnId()) { std::cerr << "p3Peers::removeFriend() ERROR we're not going to remove our own GPG id." << std::endl; return false; } @@ -825,7 +825,7 @@ bool p3Peers::removeFriend(const RsPgpId& gpgId) #ifdef P3PEERS_DEBUG std::cerr << "p3Peers::removeFriend() Removing GPG Id: " << gpgId << std::endl; #endif - if (AuthGPG::AllowConnection(gpgId, false)) + if (AuthPGP::AllowConnection(gpgId, false)) { #ifdef P3PEERS_DEBUG std::cerr << "p3Peers::removeFriend() OK." << std::endl; @@ -1107,7 +1107,7 @@ std::string p3Peers::getPGPKey(const RsPgpId& pgp_id,bool include_signatures) rs_owner_ptr mem_block = nullptr; size_t mem_block_size = 0; - if( !AuthGPG::exportPublicKey( RsPgpId(pgp_id), mem_block, mem_block_size, false, include_signatures ) ) + if( !AuthPGP::exportPublicKey( RsPgpId(pgp_id), mem_block, mem_block_size, false, include_signatures ) ) { RsErr() << __PRETTY_FUNCTION__ << " Failure retriving certificate for id " << pgp_id @@ -1138,7 +1138,7 @@ bool p3Peers::GetPGPBase64StringAndCheckSum( rs_owner_ptr mem_block = nullptr; size_t mem_block_size = 0; - if(!AuthGPG::exportPublicKey( gpg_id,mem_block,mem_block_size,false,false )) + if(!AuthPGP::exportPublicKey( gpg_id,mem_block,mem_block_size,false,false )) return false; RsBase64::encode(mem_block, mem_block_size, gpg_base64_string, true, false); @@ -1598,7 +1598,7 @@ std::string p3Peers::GetRetroshareInvite( const RsPeerId& sslId, RetroshareInvit unsigned char *mem_block = nullptr; size_t mem_block_size = 0; - if(!AuthGPG::exportPublicKey( RsPgpId(detail.gpg_id), mem_block, mem_block_size, false, !!(invite_flags & RetroshareInviteFlags::PGP_SIGNATURES) )) + if(!AuthPGP::exportPublicKey( RsPgpId(detail.gpg_id), mem_block, mem_block_size, false, !!(invite_flags & RetroshareInviteFlags::PGP_SIGNATURES) )) { std::cerr << "Cannot output certificate for id \"" << detail.gpg_id << "\". Sorry." << std::endl; @@ -1634,7 +1634,7 @@ bool p3Peers::loadCertificateFromString( } RsPgpId gpgid; - bool res = AuthGPG::LoadCertificateFromString( crt->armouredPGPKey(), gpgid, error_string ); + bool res = AuthPGP::LoadCertificateFromString( crt->armouredPGPKey(), gpgid, error_string ); gpg_id = gpgid; ssl_id = crt->sslid(); @@ -1651,7 +1651,7 @@ bool p3Peers::loadCertificateFromString( } bool p3Peers::loadPgpKeyFromBinaryData( const unsigned char *bin_key_data,uint32_t bin_key_len, RsPgpId& gpg_id, std::string& error_string ) { - bool res = AuthGPG::LoadPGPKeyFromBinaryData( bin_key_data,bin_key_len, gpg_id, error_string ); + bool res = AuthPGP::LoadPGPKeyFromBinaryData( bin_key_data,bin_key_len, gpg_id, error_string ); if(res) mPeerMgr->notifyPgpKeyReceived(gpg_id); @@ -1670,7 +1670,7 @@ bool p3Peers::loadDetailsFromStringCert( const std::string &certstr, RsCertificate& cert = *certPtr; - if(!AuthGPG::getGPGDetailsFromBinaryBlock( cert.pgp_key(), cert.pgp_key_size(), pd.gpg_id, pd.name, pd.gpgSigners )) + if(!AuthPGP::getGPGDetailsFromBinaryBlock( cert.pgp_key(), cert.pgp_key_size(), pd.gpg_id, pd.name, pd.gpgSigners )) return false; Dbg4() << __PRETTY_FUNCTION__ << " Parsing cert for sslid, location, ext " @@ -1748,7 +1748,7 @@ bool p3Peers::signGPGCertificate(const RsPgpId &id, const std::string &gpg_pass rsNotify->cachePgpPassphrase(gpg_passphrase); rsNotify->setDisableAskPassword(true); - bool res = AuthGPG::SignCertificateLevel0(id); + bool res = AuthPGP::SignCertificateLevel0(id); rsNotify->clearPgpPassphrase(); rsNotify->setDisableAskPassword(false); @@ -1762,7 +1762,7 @@ bool p3Peers::trustGPGCertificate(const RsPgpId &id, uint32_t trustlvl) std::cerr << "p3Peers::TrustCertificate() " << id; std::cerr << std::endl; #endif - return AuthGPG::TrustCertificate(id, trustlvl); + return AuthPGP::TrustCertificate(id, trustlvl); } /* Group Stuff */ diff --git a/libretroshare/src/rsserver/p3serverconfig.cc b/libretroshare/src/rsserver/p3serverconfig.cc index 7abb1e6da..2aa859fe1 100644 --- a/libretroshare/src/rsserver/p3serverconfig.cc +++ b/libretroshare/src/rsserver/p3serverconfig.cc @@ -140,7 +140,7 @@ bool p3ServerConfig::setConfigurationOption(uint32_t key, const std::string &opt int p3ServerConfig::getConfigNetStatus(RsConfigNetStatus &status) { status.ownId = AuthSSL::getAuthSSL()->OwnId(); - status.ownName = AuthGPG::getGPGOwnName(); + status.ownName = AuthPGP::getGPGOwnName(); // Details from PeerMgr. peerState pstate; diff --git a/libretroshare/src/rsserver/rsaccounts.cc b/libretroshare/src/rsserver/rsaccounts.cc index 2bf306449..83867b943 100644 --- a/libretroshare/src/rsserver/rsaccounts.cc +++ b/libretroshare/src/rsserver/rsaccounts.cc @@ -701,10 +701,10 @@ static bool checkAccount(const std::string &accountdir, AccountDetails &account, if(! RsAccounts::GetPGPLoginDetails(account.mPgpId, account.mPgpName, account.mPgpEmail)) return false ; - if(!AuthGPG::haveSecretKey(account.mPgpId)) + if(!AuthPGP::haveSecretKey(account.mPgpId)) return false ; - if(!AuthGPG::isKeySupported(account.mPgpId)) + if(!AuthPGP::isKeySupported(account.mPgpId)) { std::string keystring = account.mPgpId.toStdString() + " " + account.mPgpName + "<" + account.mPgpEmail ; unsupported_keys[keystring].push_back("Location: " + account.mLocation + "  (" + account.mSslId.toStdString() + ")") ; @@ -853,7 +853,7 @@ static bool checkAccount(const std::string &accountdir, AccountDetails &account, /* Generating GPGme Account */ int RsAccountsDetail::GetPGPLogins(std::list& pgpIds) { - AuthGPG::availableGPGCertificatesWithPrivateKeys(pgpIds); + AuthPGP::availableGPGCertificatesWithPrivateKeys(pgpIds); return 1; } @@ -864,10 +864,10 @@ int RsAccountsDetail::GetPGPLoginDetails(const RsPgpId& id, std::string &na #endif bool ok = true ; - name = AuthGPG::getGPGName(id,&ok); + name = AuthPGP::getGPGName(id,&ok); if(!ok) return 0 ; - email = AuthGPG::getGPGEmail(id,&ok); + email = AuthPGP::getGPGEmail(id,&ok); if(!ok) return 0 ; @@ -887,7 +887,7 @@ bool RsAccountsDetail::SelectPGPAccount(const RsPgpId& pgpId) { bool retVal = false; - if (0 < AuthGPG::GPGInit(pgpId)) + if (0 < AuthPGP::GPGInit(pgpId)) { retVal = true; #ifdef DEBUG_ACCOUNTS @@ -907,7 +907,7 @@ bool RsAccountsDetail::SelectPGPAccount(const RsPgpId& pgpId) bool RsAccountsDetail::GeneratePGPCertificate(const std::string& name, const std::string& email, const std::string& passwd, RsPgpId &pgpId, const int keynumbits, std::string &errString) { - return AuthGPG::GeneratePGPCertificate(name, email, passwd, pgpId, keynumbits, errString); + return AuthPGP::GeneratePGPCertificate(name, email, passwd, pgpId, keynumbits, errString); } // PGP Support Functions. @@ -919,24 +919,24 @@ void RsAccountsDetail::getUnsupportedKeys(std::mapOwnId(), - AuthGPG::getGPGOwnId(), - AuthGPG::getGPGOwnName(), + AuthPGP::getGPGOwnId(), + AuthPGP::getGPGOwnName(), AuthSSL::getAuthSSL()->getOwnLocation()); mNetMgr = new p3NetMgrIMPL(); mLinkMgr = new p3LinkMgrIMPL(mPeerMgr, mNetMgr); @@ -1604,7 +1604,7 @@ int RsServer::StartupRetroShare() //mConfigMgr->addConfiguration("ftserver.cfg", ftserver); // - AuthGPG::registerToConfigMgr(std::string("gpg_prefs.cfg"),mConfigMgr); + AuthPGP::registerToConfigMgr(std::string("gpg_prefs.cfg"),mConfigMgr); mConfigMgr->addConfiguration("gxsnettunnel.cfg", mGxsNetTunnel); mConfigMgr->addConfiguration("peers.cfg" , mPeerMgr); diff --git a/libretroshare/src/rsserver/rsloginhandler.cc b/libretroshare/src/rsserver/rsloginhandler.cc index 67b863931..a0834b0af 100644 --- a/libretroshare/src/rsserver/rsloginhandler.cc +++ b/libretroshare/src/rsserver/rsloginhandler.cc @@ -60,7 +60,7 @@ bool RsLoginHandler::checkAndStoreSSLPasswdIntoGPGFile( return true ; } - bool ok = AuthGPG::encryptTextToFile( ssl_passwd, getSSLPasswdFileName(ssl_id)); + bool ok = AuthPGP::encryptTextToFile( ssl_passwd, getSSLPasswdFileName(ssl_id)); if (!ok) std::cerr << "Encrypting went wrong !" << std::endl; @@ -89,7 +89,7 @@ bool RsLoginHandler::getSSLPasswdFromGPGFile(const RsPeerId& ssl_id,std::string& #endif std::string plain; - if ( AuthGPG::decryptTextFromFile( plain, getSSLPasswdFileName(ssl_id)) ) + if ( AuthPGP::decryptTextFromFile( plain, getSSLPasswdFileName(ssl_id)) ) { sslPassword = plain; #ifdef DEBUG_RSLOGINHANDLER diff --git a/libretroshare/src/services/p3idservice.cc b/libretroshare/src/services/p3idservice.cc index 981c246c4..49bfc36dc 100644 --- a/libretroshare/src/services/p3idservice.cc +++ b/libretroshare/src/services/p3idservice.cc @@ -1067,7 +1067,7 @@ bool p3IdService::createIdentity(uint32_t& token, RsIdentityParameters ¶ms) if(params.isPgpLinked) { - ssdata.pgp.pgpId = AuthGPG::getGPGOwnId(); + ssdata.pgp.pgpId = AuthPGP::getGPGOwnId(); ssdata.pgp.lastCheckTs = time(nullptr); } @@ -3619,7 +3619,7 @@ RsGenExchange::ServiceCreate_Return p3IdService::service_CreateGroup( unsigned int sign_size = MAX_SIGN_SIZE; memset(signarray,0,MAX_SIGN_SIZE) ; // just in case. - int result = AuthGPG::SignDataBin( + int result = AuthPGP::SignDataBin( static_cast(hash.toByteArray()), hash.SIZE_IN_BYTES, signarray, &sign_size, __PRETTY_FUNCTION__ ) From 5e37bd42e4e9a7717f6a0b92bc86c76aaa1fd647 Mon Sep 17 00:00:00 2001 From: csoler Date: Fri, 29 Oct 2021 18:57:58 +0200 Subject: [PATCH 06/10] renamed isGPGAccepted into isPGPAccepted --- libretroshare/src/gossipdiscovery/p3gossipdiscovery.cc | 4 ++-- libretroshare/src/pqi/authgpg.cc | 8 ++------ libretroshare/src/pqi/authgpg.h | 2 -- libretroshare/src/pqi/authssl.cc | 2 +- libretroshare/src/pqi/p3peermgr.cc | 6 +++--- libretroshare/src/pqi/pqissl.cc | 2 +- libretroshare/src/pqi/pqissllistener.cc | 2 +- libretroshare/src/rsserver/p3peers.cc | 2 +- 8 files changed, 11 insertions(+), 17 deletions(-) diff --git a/libretroshare/src/gossipdiscovery/p3gossipdiscovery.cc b/libretroshare/src/gossipdiscovery/p3gossipdiscovery.cc index ad95f7ee3..3f4290dd4 100644 --- a/libretroshare/src/gossipdiscovery/p3gossipdiscovery.cc +++ b/libretroshare/src/gossipdiscovery/p3gossipdiscovery.cc @@ -219,7 +219,7 @@ void p3discovery2::removeFriend(const RsPeerId &sslId) std::cerr << std::endl; #endif /* pgp peer without any ssl entries -> check if they are still a real friend */ - if (!(AuthPGP::isGPGAccepted(pgpId))) + if (!(AuthPGP::isPGPAccepted(pgpId))) { #ifdef P3DISC_DEBUG std::cerr << "p3discovery2::addFriend() pgpId is no longer a friend, removing"; @@ -1062,7 +1062,7 @@ void p3discovery2::recvPGPCertificateRequest( const RsPeerId& fromId, const RsDi for(const RsPgpId& pgpId : item->pgpIdSet.ids) if (pgpId == ownPgpId) sendPGPCertificate(pgpId, fromId); - else if(ps.vs_disc != RS_VS_DISC_OFF && AuthPGP::isGPGAccepted(pgpId)) + else if(ps.vs_disc != RS_VS_DISC_OFF && AuthPGP::isPGPAccepted(pgpId)) sendPGPCertificate(pgpId, fromId); else std::cerr << "(WW) not sending certificate " << pgpId << " asked by friend " << fromId << " because this either this cert is not a friend, or discovery is off" << std::endl; diff --git a/libretroshare/src/pqi/authgpg.cc b/libretroshare/src/pqi/authgpg.cc index 5e93823a4..1d0481112 100644 --- a/libretroshare/src/pqi/authgpg.cc +++ b/libretroshare/src/pqi/authgpg.cc @@ -405,10 +405,6 @@ bool AuthPGP::isPGPId(const RsPgpId& id) { return instance()->mPgpHandler->isGPGId(id); } -bool AuthPGP::isPGPAccepted(const RsPgpId& id) -{ - return instance()->mPgpHandler->isGPGAccepted(id); -} /**** These Two are common */ std::string AuthPGP::getGPGEmail(const RsPgpId& id,bool *success) { @@ -714,7 +710,7 @@ int AuthPGP::privateTrustCertificate(const RsPgpId& id, int trustlvl) // The trust level is only a user-defined property that has nothing to // do with the fact that we allow connections or not. - if(!isGPGAccepted(id)) + if(!isPGPAccepted(id)) return 0; int res = instance()->mPgpHandler->privateTrustCertificate(id,trustlvl) ; @@ -732,7 +728,7 @@ RsSerialiser *AuthPGP::setupSerialiser() rss->addSerialType(new RsGeneralConfigSerialiser()); return rss ; } -bool AuthPGP::isGPGAccepted(const RsPgpId& id) +bool AuthPGP::isPGPAccepted(const RsPgpId& id) { return instance()->mPgpHandler->isGPGAccepted(id); } diff --git a/libretroshare/src/pqi/authgpg.h b/libretroshare/src/pqi/authgpg.h index d124efdd4..6081600b5 100644 --- a/libretroshare/src/pqi/authgpg.h +++ b/libretroshare/src/pqi/authgpg.h @@ -155,8 +155,6 @@ public: static const RsPgpId& getGPGOwnId(); static std::string getGPGOwnName(); - static bool isGPGAccepted(const RsPgpId& id); - //virtual std::string getGPGOwnEmail(); static bool getKeyFingerprint(const RsPgpId& id,PGPFingerprintType& fp) ; static bool isKeySupported(const RsPgpId &id) ; diff --git a/libretroshare/src/pqi/authssl.cc b/libretroshare/src/pqi/authssl.cc index 47eea9e58..75dcf2fe3 100644 --- a/libretroshare/src/pqi/authssl.cc +++ b/libretroshare/src/pqi/authssl.cc @@ -1380,7 +1380,7 @@ int AuthSSLimpl::VerifyX509Callback(int /*preverify_ok*/, X509_STORE_CTX* ctx) std::cerr << "******* VerifyX509Callback cert: " << std::hex << ctx->cert <& load) #endif for(uint32_t i=0;ipgp_ids.size();++i) - if(AuthPGP::isGPGAccepted(sitem->pgp_ids[i]) || sitem->pgp_ids[i] == AuthPGP::getGPGOwnId()) + if(AuthPGP::isPGPAccepted(sitem->pgp_ids[i]) || sitem->pgp_ids[i] == AuthPGP::getGPGOwnId()) { mFriendsPermissionFlags[sitem->pgp_ids[i]] = sitem->service_flags[i] ; #ifdef PEER_DEBUG @@ -2684,7 +2684,7 @@ bool p3PeerMgrIMPL::loadList(std::list& load) for(auto group_pair:groupList) { for(auto profileIdIt(group_pair.second.peerIds.begin());profileIdIt!=group_pair.second.peerIds.end();) - if(AuthPGP::isGPGAccepted(*profileIdIt) || *profileIdIt == AuthPGP::getGPGOwnId()) + if(AuthPGP::isPGPAccepted(*profileIdIt) || *profileIdIt == AuthPGP::getGPGOwnId()) ++profileIdIt; else { diff --git a/libretroshare/src/pqi/pqissl.cc b/libretroshare/src/pqi/pqissl.cc index bf91b72d9..f56f73180 100644 --- a/libretroshare/src/pqi/pqissl.cc +++ b/libretroshare/src/pqi/pqissl.cc @@ -1213,7 +1213,7 @@ int pqissl::Authorise_SSL_Connection() } RsPgpId pgpId = RsX509Cert::getCertIssuer(*peercert); - if( !isSslOnlyFriend && pgpId != AuthPGP::getGPGOwnId() && !AuthPGP::isGPGAccepted(pgpId) ) + if( !isSslOnlyFriend && pgpId != AuthPGP::getGPGOwnId() && !AuthPGP::isPGPAccepted(pgpId) ) { RsFatal() << __PRETTY_FUNCTION__ << " pgpId: " << pgpId << " is not friend. It is very unlikely to happen at this " diff --git a/libretroshare/src/pqi/pqissllistener.cc b/libretroshare/src/pqi/pqissllistener.cc index c579280bc..8986a9a19 100644 --- a/libretroshare/src/pqi/pqissllistener.cc +++ b/libretroshare/src/pqi/pqissllistener.cc @@ -797,7 +797,7 @@ int pqissllistener::completeConnection(int fd, IncomingSSLInfo& info) exit(failure); } - if( !isSslOnlyFriend && pgpId != AuthPGP::getGPGOwnId() && !AuthPGP::isGPGAccepted(pgpId) ) + if( !isSslOnlyFriend && pgpId != AuthPGP::getGPGOwnId() && !AuthPGP::isPGPAccepted(pgpId) ) { RsFatal() << __PRETTY_FUNCTION__ << " pgpId: " << pgpId << " is not friend. It is very unlikely to happen at this " diff --git a/libretroshare/src/rsserver/p3peers.cc b/libretroshare/src/rsserver/p3peers.cc index 58dae7e44..48c0b79c2 100644 --- a/libretroshare/src/rsserver/p3peers.cc +++ b/libretroshare/src/rsserver/p3peers.cc @@ -569,7 +569,7 @@ std::string p3Peers::getGPGName(const RsPgpId &gpg_id) } bool p3Peers::isPgpFriend(const RsPgpId& pgpId) -{ return AuthPGP::isGPGAccepted(pgpId); } +{ return AuthPGP::isPGPAccepted(pgpId); } bool p3Peers::isSslOnlyFriend(const RsPeerId& sslId) { From fdac22f49cc72d443b96214e8c19f8cb17a24eaf Mon Sep 17 00:00:00 2001 From: csoler Date: Fri, 29 Oct 2021 19:02:09 +0200 Subject: [PATCH 07/10] renamed remaining *GPG* names into *PGP* --- .../src/gossipdiscovery/p3gossipdiscovery.cc | 8 +++---- libretroshare/src/pgp/pgpauxutils.cc | 4 ++-- libretroshare/src/pqi/authgpg.cc | 16 +++++++------- libretroshare/src/pqi/authgpg.h | 14 ++++++------ libretroshare/src/pqi/authssl.cc | 8 +++---- libretroshare/src/pqi/p3peermgr.cc | 12 +++++----- libretroshare/src/pqi/pqissl.cc | 2 +- libretroshare/src/pqi/pqissllistener.cc | 2 +- libretroshare/src/rsserver/p3peers.cc | 22 +++++++++---------- libretroshare/src/rsserver/p3serverconfig.cc | 2 +- libretroshare/src/rsserver/rsinit.cc | 4 ++-- libretroshare/src/services/p3idservice.cc | 2 +- 12 files changed, 48 insertions(+), 48 deletions(-) diff --git a/libretroshare/src/gossipdiscovery/p3gossipdiscovery.cc b/libretroshare/src/gossipdiscovery/p3gossipdiscovery.cc index 3f4290dd4..b14efb550 100644 --- a/libretroshare/src/gossipdiscovery/p3gossipdiscovery.cc +++ b/libretroshare/src/gossipdiscovery/p3gossipdiscovery.cc @@ -107,7 +107,7 @@ p3discovery2::p3discovery2( addSerialType(new RsDiscSerialiser()); // Add self into PGP FriendList. - mFriendList[AuthPGP::getGPGOwnId()] = DiscPgpInfo(); + mFriendList[AuthPGP::getPGPOwnId()] = DiscPgpInfo(); } @@ -604,8 +604,8 @@ void p3discovery2::updatePgpFriendList() std::list::iterator lit; std::map::iterator it; - RsPgpId ownPgpId = AuthPGP::getGPGOwnId(); - AuthPGP::getGPGAcceptedList(pgpList); + RsPgpId ownPgpId = AuthPGP::getPGPOwnId(); + AuthPGP::getPGPAcceptedList(pgpList); pgpList.push_back(ownPgpId); // convert to set for ordering. @@ -1058,7 +1058,7 @@ void p3discovery2::recvPGPCertificateRequest( const RsPeerId& fromId, const RsDi return; } - RsPgpId ownPgpId = AuthPGP::getGPGOwnId(); + RsPgpId ownPgpId = AuthPGP::getPGPOwnId(); for(const RsPgpId& pgpId : item->pgpIdSet.ids) if (pgpId == ownPgpId) sendPGPCertificate(pgpId, fromId); diff --git a/libretroshare/src/pgp/pgpauxutils.cc b/libretroshare/src/pgp/pgpauxutils.cc index 99d3e8880..a95424973 100644 --- a/libretroshare/src/pgp/pgpauxutils.cc +++ b/libretroshare/src/pgp/pgpauxutils.cc @@ -34,7 +34,7 @@ PgpAuxUtilsImpl::PgpAuxUtilsImpl() const RsPgpId& PgpAuxUtilsImpl::getPGPOwnId() { - return AuthPGP::getGPGOwnId(); + return AuthPGP::getPGPOwnId(); } RsPgpId PgpAuxUtilsImpl::getPGPId(const RsPeerId& sslid) @@ -59,7 +59,7 @@ bool PgpAuxUtilsImpl::VerifySignBin(const void *data, bool PgpAuxUtilsImpl::getGPGAllList(std::list &ids) { - return AuthPGP::getGPGAllList(ids); + return AuthPGP::getPGPAllList(ids); } bool PgpAuxUtilsImpl::parseSignature(unsigned char *sign, unsigned int signlen, RsPgpId& issuer) const diff --git a/libretroshare/src/pqi/authgpg.cc b/libretroshare/src/pqi/authgpg.cc index 1d0481112..371cebe0d 100644 --- a/libretroshare/src/pqi/authgpg.cc +++ b/libretroshare/src/pqi/authgpg.cc @@ -425,18 +425,18 @@ std::string AuthPGP::getGPGEmail(const RsPgpId& id,bool *success) /**** GPG versions ***/ -const RsPgpId& AuthPGP::getGPGOwnId() +const RsPgpId& AuthPGP::getPGPOwnId() { RsStackMutex stack(instance()->gpgMtxData); /******* LOCKED ******/ return instance()->mOwnGpgId ; } -std::string AuthPGP::getGPGOwnName() +std::string AuthPGP::getPGPOwnName() { return getGPGName(instance()->mOwnGpgId) ; } -bool AuthPGP::getGPGAllList(std::list &ids) +bool AuthPGP::getPGPAllList(std::list &ids) { RsStackMutex stack(instance()->gpgMtxData); /******* LOCKED ******/ @@ -470,7 +470,7 @@ bool AuthPGP::isKeySupported(const RsPgpId& id) return !(pc->_flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_UNSUPPORTED_ALGORITHM) ; } -bool AuthPGP::getGPGDetails(const RsPgpId& pgp_id, RsPeerDetails &d) +bool AuthPGP::getPGPDetails(const RsPgpId& pgp_id, RsPeerDetails &d) { RsStackMutex stack(instance()->gpgMtxData); /******* LOCKED ******/ @@ -510,17 +510,17 @@ static bool filter_Validity(const PGPCertificateInfo& /*info*/) { return true ; static bool filter_Accepted(const PGPCertificateInfo& info) { return info._flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_ACCEPT_CONNEXION ; } static bool filter_OwnSigned(const PGPCertificateInfo& info) { return info._flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_HAS_OWN_SIGNATURE ; } -bool AuthPGP::getGPGValidList(std::list &ids) +bool AuthPGP::getPGPValidList(std::list &ids) { return getGPGFilteredList(ids,&filter_Validity); } -bool AuthPGP::getGPGAcceptedList(std::list &ids) +bool AuthPGP::getPGPAcceptedList(std::list &ids) { return getGPGFilteredList(ids,&filter_Accepted); } -bool AuthPGP::getGPGSignedList(std::list &ids) +bool AuthPGP::getPGPSignedList(std::list &ids) { return getGPGFilteredList(ids,&filter_OwnSigned); } @@ -739,7 +739,7 @@ bool AuthPGP::saveList(bool& cleanup, std::list& lst) std::cerr << "AuthGPG::saveList() called" << std::endl ; #endif std::list ids ; - getGPGAcceptedList(ids) ; // needs to be done before the lock + getPGPAcceptedList(ids) ; // needs to be done before the lock RsStackMutex stack(gpgMtxData); /******* LOCKED ******/ diff --git a/libretroshare/src/pqi/authgpg.h b/libretroshare/src/pqi/authgpg.h index 6081600b5..a94d0161f 100644 --- a/libretroshare/src/pqi/authgpg.h +++ b/libretroshare/src/pqi/authgpg.h @@ -152,19 +152,19 @@ public: static bool exportPublicKey( const RsPgpId& id, unsigned char*& mem_block, size_t& mem_size, bool armoured, bool include_signatures ); /* PGP web of trust management */ - static const RsPgpId& getGPGOwnId(); - static std::string getGPGOwnName(); + static const RsPgpId& getPGPOwnId(); + static std::string getPGPOwnName(); //virtual std::string getGPGOwnEmail(); static bool getKeyFingerprint(const RsPgpId& id,PGPFingerprintType& fp) ; static bool isKeySupported(const RsPgpId &id) ; static bool isPgpPubKeyAvailable(const RsPgpId& pgp_id); static bool haveSecretKey(const RsPgpId &id) ; - static bool getGPGDetails(const RsPgpId& id, RsPeerDetails &d); - static bool getGPGAllList(std::list &ids); - static bool getGPGValidList(std::list &ids); - static bool getGPGAcceptedList(std::list &ids); - static bool getGPGSignedList(std::list &ids); + static bool getPGPDetails(const RsPgpId& id, RsPeerDetails &d); + static bool getPGPAllList(std::list &ids); + static bool getPGPValidList(std::list &ids); + static bool getPGPAcceptedList(std::list &ids); + static bool getPGPSignedList(std::list &ids); static bool importProfile(const std::string& filename,RsPgpId& gpg_id,std::string& import_error) ; static bool importProfileFromString(const std::string& data,RsPgpId& gpg_id,std::string& import_error) ; static bool exportProfile(const std::string& filename,const RsPgpId& gpg_id) ; diff --git a/libretroshare/src/pqi/authssl.cc b/libretroshare/src/pqi/authssl.cc index 75dcf2fe3..cfded5951 100644 --- a/libretroshare/src/pqi/authssl.cc +++ b/libretroshare/src/pqi/authssl.cc @@ -759,7 +759,7 @@ X509 *AuthSSLimpl::SignX509ReqWithGPG(X509_REQ *req, long /*days*/) //long version = 0x00; unsigned long chtype = MBSTRING_UTF8; X509_NAME *issuer_name = X509_NAME_new(); - X509_NAME_add_entry_by_txt(issuer_name, "CN", chtype, (unsigned char *) AuthPGP::getGPGOwnId().toStdString().c_str(), -1, -1, 0); + X509_NAME_add_entry_by_txt(issuer_name, "CN", chtype, (unsigned char *) AuthPGP::getPGPOwnId().toStdString().c_str(), -1, -1, 0); /**** X509_NAME_add_entry_by_NID(issuer_name, 48, 0, (unsigned char *) "email@email.com", -1, -1, 0); @@ -769,7 +769,7 @@ X509 *AuthSSLimpl::SignX509ReqWithGPG(X509_REQ *req, long /*days*/) (unsigned char *) "loc", -1, -1, 0); ****/ - std::cerr << "AuthSSLimpl::SignX509Req() Issuer name: " << AuthPGP::getGPGOwnId().toStdString() << std::endl; + std::cerr << "AuthSSLimpl::SignX509Req() Issuer name: " << AuthPGP::getPGPOwnId().toStdString() << std::endl; #ifdef V07_NON_BACKWARD_COMPATIBLE_CHANGE_002 static const uint64_t CERTIFICATE_SERIAL_NUMBER = RS_CERTIFICATE_VERSION_NUMBER_07_0001 ; @@ -1039,7 +1039,7 @@ bool AuthSSLimpl::AuthX509WithGPG(X509 *x509,bool verbose, uint32_t& diagnostic) { RsPgpId issuer = RsX509Cert::getCertIssuer(*x509); RsPeerDetails pd; - if (!AuthPGP::getGPGDetails(issuer, pd)) + if (!AuthPGP::getPGPDetails(issuer, pd)) { RsInfo() << __PRETTY_FUNCTION__ << " X509 NOT authenticated : " << "AuthGPG::getAuthGPG()->getGPGDetails(" << issuer @@ -1380,7 +1380,7 @@ int AuthSSLimpl::VerifyX509Callback(int /*preverify_ok*/, X509_STORE_CTX* ctx) std::cerr << "******* VerifyX509Callback cert: " << std::hex << ctx->cert < gpgIds; - AuthPGP::getGPGAcceptedList(gpgIds); + AuthPGP::getPGPAcceptedList(gpgIds); // add own gpg id, if we have more than one location std::list ownSslIds; - getAssociatedPeers(AuthPGP::getGPGOwnId(), ownSslIds); + getAssociatedPeers(AuthPGP::getPGPOwnId(), ownSslIds); return gpgIds.size() + ((ownSslIds.size() > 0) ? 1 : 0); } @@ -970,7 +970,7 @@ bool p3PeerMgrIMPL::addFriend(const RsPeerId& input_id, const RsPgpId& input_gpg //Authentication is now tested at connection time, we don't store the ssl cert anymore // - if (!AuthPGP::isPGPAccepted(gpg_id) && gpg_id != AuthPGP::getGPGOwnId()) + if (!AuthPGP::isPGPAccepted(gpg_id) && gpg_id != AuthPGP::getPGPOwnId()) { #ifdef PEER_DEBUG std::cerr << "p3PeerMgrIMPL::addFriend() gpg is not accepted" << std::endl; @@ -2470,7 +2470,7 @@ bool p3PeerMgrIMPL::loadList(std::list& load) setOwnNetworkMode(pitem->netMode); setOwnVisState(pitem->vs_disc, pitem->vs_dht); - mOwnState.gpg_id = AuthPGP::getGPGOwnId(); + mOwnState.gpg_id = AuthPGP::getPGPOwnId(); mOwnState.location = AuthSSL::getAuthSSL()->getOwnLocation(); } else @@ -2642,7 +2642,7 @@ bool p3PeerMgrIMPL::loadList(std::list& load) #endif for(uint32_t i=0;ipgp_ids.size();++i) - if(AuthPGP::isPGPAccepted(sitem->pgp_ids[i]) || sitem->pgp_ids[i] == AuthPGP::getGPGOwnId()) + if(AuthPGP::isPGPAccepted(sitem->pgp_ids[i]) || sitem->pgp_ids[i] == AuthPGP::getPGPOwnId()) { mFriendsPermissionFlags[sitem->pgp_ids[i]] = sitem->service_flags[i] ; #ifdef PEER_DEBUG @@ -2684,7 +2684,7 @@ bool p3PeerMgrIMPL::loadList(std::list& load) for(auto group_pair:groupList) { for(auto profileIdIt(group_pair.second.peerIds.begin());profileIdIt!=group_pair.second.peerIds.end();) - if(AuthPGP::isPGPAccepted(*profileIdIt) || *profileIdIt == AuthPGP::getGPGOwnId()) + if(AuthPGP::isPGPAccepted(*profileIdIt) || *profileIdIt == AuthPGP::getPGPOwnId()) ++profileIdIt; else { diff --git a/libretroshare/src/pqi/pqissl.cc b/libretroshare/src/pqi/pqissl.cc index f56f73180..75ed02faa 100644 --- a/libretroshare/src/pqi/pqissl.cc +++ b/libretroshare/src/pqi/pqissl.cc @@ -1213,7 +1213,7 @@ int pqissl::Authorise_SSL_Connection() } RsPgpId pgpId = RsX509Cert::getCertIssuer(*peercert); - if( !isSslOnlyFriend && pgpId != AuthPGP::getGPGOwnId() && !AuthPGP::isPGPAccepted(pgpId) ) + if( !isSslOnlyFriend && pgpId != AuthPGP::getPGPOwnId() && !AuthPGP::isPGPAccepted(pgpId) ) { RsFatal() << __PRETTY_FUNCTION__ << " pgpId: " << pgpId << " is not friend. It is very unlikely to happen at this " diff --git a/libretroshare/src/pqi/pqissllistener.cc b/libretroshare/src/pqi/pqissllistener.cc index 8986a9a19..9cf2d4aef 100644 --- a/libretroshare/src/pqi/pqissllistener.cc +++ b/libretroshare/src/pqi/pqissllistener.cc @@ -797,7 +797,7 @@ int pqissllistener::completeConnection(int fd, IncomingSSLInfo& info) exit(failure); } - if( !isSslOnlyFriend && pgpId != AuthPGP::getGPGOwnId() && !AuthPGP::isPGPAccepted(pgpId) ) + if( !isSslOnlyFriend && pgpId != AuthPGP::getPGPOwnId() && !AuthPGP::isPGPAccepted(pgpId) ) { RsFatal() << __PRETTY_FUNCTION__ << " pgpId: " << pgpId << " is not friend. It is very unlikely to happen at this " diff --git a/libretroshare/src/rsserver/p3peers.cc b/libretroshare/src/rsserver/p3peers.cc index 48c0b79c2..931b75aa6 100644 --- a/libretroshare/src/rsserver/p3peers.cc +++ b/libretroshare/src/rsserver/p3peers.cc @@ -273,7 +273,7 @@ bool p3Peers::getPeerDetails(const RsPeerId& id, RsPeerDetails &d) if (id == sOwnId) { mPeerMgr->getOwnNetStatus(ps); - ps.gpg_id = AuthPGP::getGPGOwnId(); + ps.gpg_id = AuthPGP::getPGPOwnId(); } else if (!mPeerMgr->getFriendNetStatus(id, ps)) { @@ -597,7 +597,7 @@ std::string p3Peers::getPeerName(const RsPeerId& ssl) #endif std::string name; if (ssl == AuthSSL::getAuthSSL()->OwnId()) - return AuthPGP::getGPGOwnName(); + return AuthPGP::getPGPOwnName(); if (mPeerMgr->getPeerName(ssl, name)) { @@ -617,7 +617,7 @@ bool p3Peers::getGPGAllList(std::list &ids) #endif /* get from mAuthMgr */ - AuthPGP::getGPGAllList(ids); + AuthPGP::getPGPAllList(ids); return true; } @@ -628,7 +628,7 @@ bool p3Peers::getGPGValidList(std::list &ids) #endif /* get from mAuthMgr */ - AuthPGP::getGPGValidList(ids); + AuthPGP::getPGPValidList(ids); return true; } @@ -639,14 +639,14 @@ bool p3Peers::getGPGSignedList(std::list &ids) #endif /* get from mAuthMgr */ - AuthPGP::getGPGSignedList(ids); + AuthPGP::getPGPSignedList(ids); return true; } bool p3Peers::getPgpFriendList(std::vector& pgpIds) { std::list ids; - if(AuthPGP::getGPGAcceptedList(ids)) + if(AuthPGP::getPGPAcceptedList(ids)) { pgpIds.clear(); std::copy(ids.begin(), ids.end(), std::back_inserter(pgpIds)); @@ -660,7 +660,7 @@ bool p3Peers::getGPGAcceptedList(std::list &ids) #ifdef P3PEERS_DEBUG std::cerr << "p3Peers::getGPGAcceptedList()" << std::endl; #endif - AuthPGP::getGPGAcceptedList(ids); + AuthPGP::getPGPAcceptedList(ids); return true; } @@ -691,7 +691,7 @@ bool p3Peers::getGPGDetails(const RsPgpId &pgp_id, RsPeerDetails &d) #endif /* get from mAuthMgr */ - bool res = AuthPGP::getGPGDetails(pgp_id, d); + bool res = AuthPGP::getPGPDetails(pgp_id, d); d.isOnlyGPGdetail = true ; d.service_perm_flags = mPeerMgr->servicePermissionFlags(pgp_id) ; @@ -706,7 +706,7 @@ const RsPgpId& p3Peers::getGPGOwnId() #endif /* get from mAuthMgr */ - return AuthPGP::getGPGOwnId(); + return AuthPGP::getPGPOwnId(); } RsPgpId p3Peers::getGPGId(const RsPeerId& sslid) @@ -718,7 +718,7 @@ RsPgpId p3Peers::getGPGId(const RsPeerId& sslid) /* get from mAuthMgr */ if (sslid == AuthSSL::getAuthSSL()->OwnId()) { - return AuthPGP::getGPGOwnId(); + return AuthPGP::getPGPOwnId(); } peerState pcs; if (mPeerMgr->getFriendNetStatus(sslid, pcs)) @@ -817,7 +817,7 @@ bool p3Peers::removeFriend(const RsPgpId& gpgId) #ifdef P3PEERS_DEBUG std::cerr << "p3Peers::removeFriend() " << gpgId << std::endl; #endif - if (gpgId == AuthPGP::getGPGOwnId()) { + if (gpgId == AuthPGP::getPGPOwnId()) { std::cerr << "p3Peers::removeFriend() ERROR we're not going to remove our own GPG id." << std::endl; return false; } diff --git a/libretroshare/src/rsserver/p3serverconfig.cc b/libretroshare/src/rsserver/p3serverconfig.cc index 2aa859fe1..ae48ebb16 100644 --- a/libretroshare/src/rsserver/p3serverconfig.cc +++ b/libretroshare/src/rsserver/p3serverconfig.cc @@ -140,7 +140,7 @@ bool p3ServerConfig::setConfigurationOption(uint32_t key, const std::string &opt int p3ServerConfig::getConfigNetStatus(RsConfigNetStatus &status) { status.ownId = AuthSSL::getAuthSSL()->OwnId(); - status.ownName = AuthPGP::getGPGOwnName(); + status.ownName = AuthPGP::getPGPOwnName(); // Details from PeerMgr. peerState pstate; diff --git a/libretroshare/src/rsserver/rsinit.cc b/libretroshare/src/rsserver/rsinit.cc index eb2b07790..d4d87ba60 100644 --- a/libretroshare/src/rsserver/rsinit.cc +++ b/libretroshare/src/rsserver/rsinit.cc @@ -910,8 +910,8 @@ int RsServer::StartupRetroShare() /* History Manager */ mHistoryMgr = new p3HistoryMgr(); mPeerMgr = new p3PeerMgrIMPL( AuthSSL::getAuthSSL()->OwnId(), - AuthPGP::getGPGOwnId(), - AuthPGP::getGPGOwnName(), + AuthPGP::getPGPOwnId(), + AuthPGP::getPGPOwnName(), AuthSSL::getAuthSSL()->getOwnLocation()); mNetMgr = new p3NetMgrIMPL(); mLinkMgr = new p3LinkMgrIMPL(mPeerMgr, mNetMgr); diff --git a/libretroshare/src/services/p3idservice.cc b/libretroshare/src/services/p3idservice.cc index 49bfc36dc..bffdaccde 100644 --- a/libretroshare/src/services/p3idservice.cc +++ b/libretroshare/src/services/p3idservice.cc @@ -1067,7 +1067,7 @@ bool p3IdService::createIdentity(uint32_t& token, RsIdentityParameters ¶ms) if(params.isPgpLinked) { - ssdata.pgp.pgpId = AuthPGP::getGPGOwnId(); + ssdata.pgp.pgpId = AuthPGP::getPGPOwnId(); ssdata.pgp.lastCheckTs = time(nullptr); } From 7672ffa0ecd9d2ab9ad573ae3ab19ec66976eca0 Mon Sep 17 00:00:00 2001 From: csoler Date: Fri, 29 Oct 2021 19:05:54 +0200 Subject: [PATCH 08/10] fixed casing of PGP into Pgp --- .../src/gossipdiscovery/p3gossipdiscovery.cc | 8 +++---- libretroshare/src/pgp/pgpauxutils.cc | 4 ++-- libretroshare/src/pqi/authgpg.cc | 22 ++++++++--------- libretroshare/src/pqi/authgpg.h | 18 +++++++------- libretroshare/src/pqi/authssl.cc | 8 +++---- libretroshare/src/pqi/p3peermgr.cc | 14 +++++------ libretroshare/src/pqi/pqissl.cc | 2 +- libretroshare/src/pqi/pqissllistener.cc | 2 +- libretroshare/src/rsserver/p3peers.cc | 24 +++++++++---------- libretroshare/src/rsserver/p3serverconfig.cc | 2 +- libretroshare/src/rsserver/rsaccounts.cc | 4 ++-- libretroshare/src/rsserver/rsinit.cc | 4 ++-- libretroshare/src/services/p3idservice.cc | 2 +- 13 files changed, 57 insertions(+), 57 deletions(-) diff --git a/libretroshare/src/gossipdiscovery/p3gossipdiscovery.cc b/libretroshare/src/gossipdiscovery/p3gossipdiscovery.cc index b14efb550..30e71763a 100644 --- a/libretroshare/src/gossipdiscovery/p3gossipdiscovery.cc +++ b/libretroshare/src/gossipdiscovery/p3gossipdiscovery.cc @@ -107,7 +107,7 @@ p3discovery2::p3discovery2( addSerialType(new RsDiscSerialiser()); // Add self into PGP FriendList. - mFriendList[AuthPGP::getPGPOwnId()] = DiscPgpInfo(); + mFriendList[AuthPGP::getPgpOwnId()] = DiscPgpInfo(); } @@ -604,8 +604,8 @@ void p3discovery2::updatePgpFriendList() std::list::iterator lit; std::map::iterator it; - RsPgpId ownPgpId = AuthPGP::getPGPOwnId(); - AuthPGP::getPGPAcceptedList(pgpList); + RsPgpId ownPgpId = AuthPGP::getPgpOwnId(); + AuthPGP::getPgpAcceptedList(pgpList); pgpList.push_back(ownPgpId); // convert to set for ordering. @@ -1058,7 +1058,7 @@ void p3discovery2::recvPGPCertificateRequest( const RsPeerId& fromId, const RsDi return; } - RsPgpId ownPgpId = AuthPGP::getPGPOwnId(); + RsPgpId ownPgpId = AuthPGP::getPgpOwnId(); for(const RsPgpId& pgpId : item->pgpIdSet.ids) if (pgpId == ownPgpId) sendPGPCertificate(pgpId, fromId); diff --git a/libretroshare/src/pgp/pgpauxutils.cc b/libretroshare/src/pgp/pgpauxutils.cc index a95424973..377e5261d 100644 --- a/libretroshare/src/pgp/pgpauxutils.cc +++ b/libretroshare/src/pgp/pgpauxutils.cc @@ -34,7 +34,7 @@ PgpAuxUtilsImpl::PgpAuxUtilsImpl() const RsPgpId& PgpAuxUtilsImpl::getPGPOwnId() { - return AuthPGP::getPGPOwnId(); + return AuthPGP::getPgpOwnId(); } RsPgpId PgpAuxUtilsImpl::getPGPId(const RsPeerId& sslid) @@ -59,7 +59,7 @@ bool PgpAuxUtilsImpl::VerifySignBin(const void *data, bool PgpAuxUtilsImpl::getGPGAllList(std::list &ids) { - return AuthPGP::getPGPAllList(ids); + return AuthPGP::getPgpAllList(ids); } bool PgpAuxUtilsImpl::parseSignature(unsigned char *sign, unsigned int signlen, RsPgpId& issuer) const diff --git a/libretroshare/src/pqi/authgpg.cc b/libretroshare/src/pqi/authgpg.cc index 371cebe0d..9cbcade21 100644 --- a/libretroshare/src/pqi/authgpg.cc +++ b/libretroshare/src/pqi/authgpg.cc @@ -373,7 +373,7 @@ bool AuthPGP::GeneratePGPCertificate(const std::string& name, const std::stri } /**** These Two are common */ -std::string AuthPGP::getGPGName(const RsPgpId& id,bool *success) +std::string AuthPGP::getPgpName(const RsPgpId& id,bool *success) { RsStackMutex stack(instance()->gpgMtxData); /******* LOCKED ******/ @@ -406,7 +406,7 @@ bool AuthPGP::isPGPId(const RsPgpId& id) return instance()->mPgpHandler->isGPGId(id); } /**** These Two are common */ -std::string AuthPGP::getGPGEmail(const RsPgpId& id,bool *success) +std::string AuthPGP::getPgpEmail(const RsPgpId& id,bool *success) { RsStackMutex stack(instance()->gpgMtxData); /******* LOCKED ******/ const PGPCertificateInfo *info = instance()->mPgpHandler->getCertificateInfo(id) ; @@ -425,18 +425,18 @@ std::string AuthPGP::getGPGEmail(const RsPgpId& id,bool *success) /**** GPG versions ***/ -const RsPgpId& AuthPGP::getPGPOwnId() +const RsPgpId& AuthPGP::getPgpOwnId() { RsStackMutex stack(instance()->gpgMtxData); /******* LOCKED ******/ return instance()->mOwnGpgId ; } -std::string AuthPGP::getPGPOwnName() +std::string AuthPGP::getPgpOwnName() { - return getGPGName(instance()->mOwnGpgId) ; + return getPgpName(instance()->mOwnGpgId) ; } -bool AuthPGP::getPGPAllList(std::list &ids) +bool AuthPGP::getPgpAllList(std::list &ids) { RsStackMutex stack(instance()->gpgMtxData); /******* LOCKED ******/ @@ -470,7 +470,7 @@ bool AuthPGP::isKeySupported(const RsPgpId& id) return !(pc->_flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_UNSUPPORTED_ALGORITHM) ; } -bool AuthPGP::getPGPDetails(const RsPgpId& pgp_id, RsPeerDetails &d) +bool AuthPGP::getPgpDetails(const RsPgpId& pgp_id, RsPeerDetails &d) { RsStackMutex stack(instance()->gpgMtxData); /******* LOCKED ******/ @@ -510,17 +510,17 @@ static bool filter_Validity(const PGPCertificateInfo& /*info*/) { return true ; static bool filter_Accepted(const PGPCertificateInfo& info) { return info._flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_ACCEPT_CONNEXION ; } static bool filter_OwnSigned(const PGPCertificateInfo& info) { return info._flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_HAS_OWN_SIGNATURE ; } -bool AuthPGP::getPGPValidList(std::list &ids) +bool AuthPGP::getPgpValidList(std::list &ids) { return getGPGFilteredList(ids,&filter_Validity); } -bool AuthPGP::getPGPAcceptedList(std::list &ids) +bool AuthPGP::getPgpAcceptedList(std::list &ids) { return getGPGFilteredList(ids,&filter_Accepted); } -bool AuthPGP::getPGPSignedList(std::list &ids) +bool AuthPGP::getPgpSignedList(std::list &ids) { return getGPGFilteredList(ids,&filter_OwnSigned); } @@ -739,7 +739,7 @@ bool AuthPGP::saveList(bool& cleanup, std::list& lst) std::cerr << "AuthGPG::saveList() called" << std::endl ; #endif std::list ids ; - getPGPAcceptedList(ids) ; // needs to be done before the lock + getPgpAcceptedList(ids) ; // needs to be done before the lock RsStackMutex stack(gpgMtxData); /******* LOCKED ******/ diff --git a/libretroshare/src/pqi/authgpg.h b/libretroshare/src/pqi/authgpg.h index a94d0161f..5a8839b67 100644 --- a/libretroshare/src/pqi/authgpg.h +++ b/libretroshare/src/pqi/authgpg.h @@ -146,25 +146,25 @@ public: * provide access to details in cache list. * ****/ - static std::string getGPGName(const RsPgpId &pgp_id,bool *success = NULL); - static std::string getGPGEmail(const RsPgpId &pgp_id,bool *success = NULL); + static std::string getPgpName(const RsPgpId &pgp_id,bool *success = NULL); + static std::string getPgpEmail(const RsPgpId &pgp_id,bool *success = NULL); static bool exportPublicKey( const RsPgpId& id, unsigned char*& mem_block, size_t& mem_size, bool armoured, bool include_signatures ); /* PGP web of trust management */ - static const RsPgpId& getPGPOwnId(); - static std::string getPGPOwnName(); + static const RsPgpId& getPgpOwnId(); + static std::string getPgpOwnName(); //virtual std::string getGPGOwnEmail(); static bool getKeyFingerprint(const RsPgpId& id,PGPFingerprintType& fp) ; static bool isKeySupported(const RsPgpId &id) ; static bool isPgpPubKeyAvailable(const RsPgpId& pgp_id); static bool haveSecretKey(const RsPgpId &id) ; - static bool getPGPDetails(const RsPgpId& id, RsPeerDetails &d); - static bool getPGPAllList(std::list &ids); - static bool getPGPValidList(std::list &ids); - static bool getPGPAcceptedList(std::list &ids); - static bool getPGPSignedList(std::list &ids); + static bool getPgpDetails(const RsPgpId& id, RsPeerDetails &d); + static bool getPgpAllList(std::list &ids); + static bool getPgpValidList(std::list &ids); + static bool getPgpAcceptedList(std::list &ids); + static bool getPgpSignedList(std::list &ids); static bool importProfile(const std::string& filename,RsPgpId& gpg_id,std::string& import_error) ; static bool importProfileFromString(const std::string& data,RsPgpId& gpg_id,std::string& import_error) ; static bool exportProfile(const std::string& filename,const RsPgpId& gpg_id) ; diff --git a/libretroshare/src/pqi/authssl.cc b/libretroshare/src/pqi/authssl.cc index cfded5951..9d70121a3 100644 --- a/libretroshare/src/pqi/authssl.cc +++ b/libretroshare/src/pqi/authssl.cc @@ -759,7 +759,7 @@ X509 *AuthSSLimpl::SignX509ReqWithGPG(X509_REQ *req, long /*days*/) //long version = 0x00; unsigned long chtype = MBSTRING_UTF8; X509_NAME *issuer_name = X509_NAME_new(); - X509_NAME_add_entry_by_txt(issuer_name, "CN", chtype, (unsigned char *) AuthPGP::getPGPOwnId().toStdString().c_str(), -1, -1, 0); + X509_NAME_add_entry_by_txt(issuer_name, "CN", chtype, (unsigned char *) AuthPGP::getPgpOwnId().toStdString().c_str(), -1, -1, 0); /**** X509_NAME_add_entry_by_NID(issuer_name, 48, 0, (unsigned char *) "email@email.com", -1, -1, 0); @@ -769,7 +769,7 @@ X509 *AuthSSLimpl::SignX509ReqWithGPG(X509_REQ *req, long /*days*/) (unsigned char *) "loc", -1, -1, 0); ****/ - std::cerr << "AuthSSLimpl::SignX509Req() Issuer name: " << AuthPGP::getPGPOwnId().toStdString() << std::endl; + std::cerr << "AuthSSLimpl::SignX509Req() Issuer name: " << AuthPGP::getPgpOwnId().toStdString() << std::endl; #ifdef V07_NON_BACKWARD_COMPATIBLE_CHANGE_002 static const uint64_t CERTIFICATE_SERIAL_NUMBER = RS_CERTIFICATE_VERSION_NUMBER_07_0001 ; @@ -1039,7 +1039,7 @@ bool AuthSSLimpl::AuthX509WithGPG(X509 *x509,bool verbose, uint32_t& diagnostic) { RsPgpId issuer = RsX509Cert::getCertIssuer(*x509); RsPeerDetails pd; - if (!AuthPGP::getPGPDetails(issuer, pd)) + if (!AuthPGP::getPgpDetails(issuer, pd)) { RsInfo() << __PRETTY_FUNCTION__ << " X509 NOT authenticated : " << "AuthGPG::getAuthGPG()->getGPGDetails(" << issuer @@ -1380,7 +1380,7 @@ int AuthSSLimpl::VerifyX509Callback(int /*preverify_ok*/, X509_STORE_CTX* ctx) std::cerr << "******* VerifyX509Callback cert: " << std::hex << ctx->cert < gpgIds; - AuthPGP::getPGPAcceptedList(gpgIds); + AuthPGP::getPgpAcceptedList(gpgIds); // add own gpg id, if we have more than one location std::list ownSslIds; - getAssociatedPeers(AuthPGP::getPGPOwnId(), ownSslIds); + getAssociatedPeers(AuthPGP::getPgpOwnId(), ownSslIds); return gpgIds.size() + ((ownSslIds.size() > 0) ? 1 : 0); } @@ -970,7 +970,7 @@ bool p3PeerMgrIMPL::addFriend(const RsPeerId& input_id, const RsPgpId& input_gpg //Authentication is now tested at connection time, we don't store the ssl cert anymore // - if (!AuthPGP::isPGPAccepted(gpg_id) && gpg_id != AuthPGP::getPGPOwnId()) + if (!AuthPGP::isPGPAccepted(gpg_id) && gpg_id != AuthPGP::getPgpOwnId()) { #ifdef PEER_DEBUG std::cerr << "p3PeerMgrIMPL::addFriend() gpg is not accepted" << std::endl; @@ -1024,7 +1024,7 @@ bool p3PeerMgrIMPL::addFriend(const RsPeerId& input_id, const RsPgpId& input_gpg pstate.id = id; pstate.gpg_id = gpg_id; - pstate.name = AuthPGP::getGPGName(gpg_id); + pstate.name = AuthPGP::getPgpName(gpg_id); pstate.vs_disc = vs_disc; pstate.vs_dht = vs_dht; @@ -2470,7 +2470,7 @@ bool p3PeerMgrIMPL::loadList(std::list& load) setOwnNetworkMode(pitem->netMode); setOwnVisState(pitem->vs_disc, pitem->vs_dht); - mOwnState.gpg_id = AuthPGP::getPGPOwnId(); + mOwnState.gpg_id = AuthPGP::getPgpOwnId(); mOwnState.location = AuthSSL::getAuthSSL()->getOwnLocation(); } else @@ -2642,7 +2642,7 @@ bool p3PeerMgrIMPL::loadList(std::list& load) #endif for(uint32_t i=0;ipgp_ids.size();++i) - if(AuthPGP::isPGPAccepted(sitem->pgp_ids[i]) || sitem->pgp_ids[i] == AuthPGP::getPGPOwnId()) + if(AuthPGP::isPGPAccepted(sitem->pgp_ids[i]) || sitem->pgp_ids[i] == AuthPGP::getPgpOwnId()) { mFriendsPermissionFlags[sitem->pgp_ids[i]] = sitem->service_flags[i] ; #ifdef PEER_DEBUG @@ -2684,7 +2684,7 @@ bool p3PeerMgrIMPL::loadList(std::list& load) for(auto group_pair:groupList) { for(auto profileIdIt(group_pair.second.peerIds.begin());profileIdIt!=group_pair.second.peerIds.end();) - if(AuthPGP::isPGPAccepted(*profileIdIt) || *profileIdIt == AuthPGP::getPGPOwnId()) + if(AuthPGP::isPGPAccepted(*profileIdIt) || *profileIdIt == AuthPGP::getPgpOwnId()) ++profileIdIt; else { diff --git a/libretroshare/src/pqi/pqissl.cc b/libretroshare/src/pqi/pqissl.cc index 75ed02faa..60be4ae7b 100644 --- a/libretroshare/src/pqi/pqissl.cc +++ b/libretroshare/src/pqi/pqissl.cc @@ -1213,7 +1213,7 @@ int pqissl::Authorise_SSL_Connection() } RsPgpId pgpId = RsX509Cert::getCertIssuer(*peercert); - if( !isSslOnlyFriend && pgpId != AuthPGP::getPGPOwnId() && !AuthPGP::isPGPAccepted(pgpId) ) + if( !isSslOnlyFriend && pgpId != AuthPGP::getPgpOwnId() && !AuthPGP::isPGPAccepted(pgpId) ) { RsFatal() << __PRETTY_FUNCTION__ << " pgpId: " << pgpId << " is not friend. It is very unlikely to happen at this " diff --git a/libretroshare/src/pqi/pqissllistener.cc b/libretroshare/src/pqi/pqissllistener.cc index 9cf2d4aef..ad2129928 100644 --- a/libretroshare/src/pqi/pqissllistener.cc +++ b/libretroshare/src/pqi/pqissllistener.cc @@ -797,7 +797,7 @@ int pqissllistener::completeConnection(int fd, IncomingSSLInfo& info) exit(failure); } - if( !isSslOnlyFriend && pgpId != AuthPGP::getPGPOwnId() && !AuthPGP::isPGPAccepted(pgpId) ) + if( !isSslOnlyFriend && pgpId != AuthPGP::getPgpOwnId() && !AuthPGP::isPGPAccepted(pgpId) ) { RsFatal() << __PRETTY_FUNCTION__ << " pgpId: " << pgpId << " is not friend. It is very unlikely to happen at this " diff --git a/libretroshare/src/rsserver/p3peers.cc b/libretroshare/src/rsserver/p3peers.cc index 931b75aa6..50d4dc3dc 100644 --- a/libretroshare/src/rsserver/p3peers.cc +++ b/libretroshare/src/rsserver/p3peers.cc @@ -273,7 +273,7 @@ bool p3Peers::getPeerDetails(const RsPeerId& id, RsPeerDetails &d) if (id == sOwnId) { mPeerMgr->getOwnNetStatus(ps); - ps.gpg_id = AuthPGP::getPGPOwnId(); + ps.gpg_id = AuthPGP::getPgpOwnId(); } else if (!mPeerMgr->getFriendNetStatus(id, ps)) { @@ -565,7 +565,7 @@ bool p3Peers::isKeySupported(const RsPgpId& id) std::string p3Peers::getGPGName(const RsPgpId &gpg_id) { /* get from mAuthMgr as it should have more peers? */ - return AuthPGP::getGPGName(gpg_id); + return AuthPGP::getPgpName(gpg_id); } bool p3Peers::isPgpFriend(const RsPgpId& pgpId) @@ -597,7 +597,7 @@ std::string p3Peers::getPeerName(const RsPeerId& ssl) #endif std::string name; if (ssl == AuthSSL::getAuthSSL()->OwnId()) - return AuthPGP::getPGPOwnName(); + return AuthPGP::getPgpOwnName(); if (mPeerMgr->getPeerName(ssl, name)) { @@ -617,7 +617,7 @@ bool p3Peers::getGPGAllList(std::list &ids) #endif /* get from mAuthMgr */ - AuthPGP::getPGPAllList(ids); + AuthPGP::getPgpAllList(ids); return true; } @@ -628,7 +628,7 @@ bool p3Peers::getGPGValidList(std::list &ids) #endif /* get from mAuthMgr */ - AuthPGP::getPGPValidList(ids); + AuthPGP::getPgpValidList(ids); return true; } @@ -639,14 +639,14 @@ bool p3Peers::getGPGSignedList(std::list &ids) #endif /* get from mAuthMgr */ - AuthPGP::getPGPSignedList(ids); + AuthPGP::getPgpSignedList(ids); return true; } bool p3Peers::getPgpFriendList(std::vector& pgpIds) { std::list ids; - if(AuthPGP::getPGPAcceptedList(ids)) + if(AuthPGP::getPgpAcceptedList(ids)) { pgpIds.clear(); std::copy(ids.begin(), ids.end(), std::back_inserter(pgpIds)); @@ -660,7 +660,7 @@ bool p3Peers::getGPGAcceptedList(std::list &ids) #ifdef P3PEERS_DEBUG std::cerr << "p3Peers::getGPGAcceptedList()" << std::endl; #endif - AuthPGP::getPGPAcceptedList(ids); + AuthPGP::getPgpAcceptedList(ids); return true; } @@ -691,7 +691,7 @@ bool p3Peers::getGPGDetails(const RsPgpId &pgp_id, RsPeerDetails &d) #endif /* get from mAuthMgr */ - bool res = AuthPGP::getPGPDetails(pgp_id, d); + bool res = AuthPGP::getPgpDetails(pgp_id, d); d.isOnlyGPGdetail = true ; d.service_perm_flags = mPeerMgr->servicePermissionFlags(pgp_id) ; @@ -706,7 +706,7 @@ const RsPgpId& p3Peers::getGPGOwnId() #endif /* get from mAuthMgr */ - return AuthPGP::getPGPOwnId(); + return AuthPGP::getPgpOwnId(); } RsPgpId p3Peers::getGPGId(const RsPeerId& sslid) @@ -718,7 +718,7 @@ RsPgpId p3Peers::getGPGId(const RsPeerId& sslid) /* get from mAuthMgr */ if (sslid == AuthSSL::getAuthSSL()->OwnId()) { - return AuthPGP::getPGPOwnId(); + return AuthPGP::getPgpOwnId(); } peerState pcs; if (mPeerMgr->getFriendNetStatus(sslid, pcs)) @@ -817,7 +817,7 @@ bool p3Peers::removeFriend(const RsPgpId& gpgId) #ifdef P3PEERS_DEBUG std::cerr << "p3Peers::removeFriend() " << gpgId << std::endl; #endif - if (gpgId == AuthPGP::getPGPOwnId()) { + if (gpgId == AuthPGP::getPgpOwnId()) { std::cerr << "p3Peers::removeFriend() ERROR we're not going to remove our own GPG id." << std::endl; return false; } diff --git a/libretroshare/src/rsserver/p3serverconfig.cc b/libretroshare/src/rsserver/p3serverconfig.cc index ae48ebb16..c50eb2c89 100644 --- a/libretroshare/src/rsserver/p3serverconfig.cc +++ b/libretroshare/src/rsserver/p3serverconfig.cc @@ -140,7 +140,7 @@ bool p3ServerConfig::setConfigurationOption(uint32_t key, const std::string &opt int p3ServerConfig::getConfigNetStatus(RsConfigNetStatus &status) { status.ownId = AuthSSL::getAuthSSL()->OwnId(); - status.ownName = AuthPGP::getPGPOwnName(); + status.ownName = AuthPGP::getPgpOwnName(); // Details from PeerMgr. peerState pstate; diff --git a/libretroshare/src/rsserver/rsaccounts.cc b/libretroshare/src/rsserver/rsaccounts.cc index 83867b943..737254f73 100644 --- a/libretroshare/src/rsserver/rsaccounts.cc +++ b/libretroshare/src/rsserver/rsaccounts.cc @@ -864,10 +864,10 @@ int RsAccountsDetail::GetPGPLoginDetails(const RsPgpId& id, std::string &na #endif bool ok = true ; - name = AuthPGP::getGPGName(id,&ok); + name = AuthPGP::getPgpName(id,&ok); if(!ok) return 0 ; - email = AuthPGP::getGPGEmail(id,&ok); + email = AuthPGP::getPgpEmail(id,&ok); if(!ok) return 0 ; diff --git a/libretroshare/src/rsserver/rsinit.cc b/libretroshare/src/rsserver/rsinit.cc index d4d87ba60..2dc034f56 100644 --- a/libretroshare/src/rsserver/rsinit.cc +++ b/libretroshare/src/rsserver/rsinit.cc @@ -910,8 +910,8 @@ int RsServer::StartupRetroShare() /* History Manager */ mHistoryMgr = new p3HistoryMgr(); mPeerMgr = new p3PeerMgrIMPL( AuthSSL::getAuthSSL()->OwnId(), - AuthPGP::getPGPOwnId(), - AuthPGP::getPGPOwnName(), + AuthPGP::getPgpOwnId(), + AuthPGP::getPgpOwnName(), AuthSSL::getAuthSSL()->getOwnLocation()); mNetMgr = new p3NetMgrIMPL(); mLinkMgr = new p3LinkMgrIMPL(mPeerMgr, mNetMgr); diff --git a/libretroshare/src/services/p3idservice.cc b/libretroshare/src/services/p3idservice.cc index bffdaccde..b89c963b6 100644 --- a/libretroshare/src/services/p3idservice.cc +++ b/libretroshare/src/services/p3idservice.cc @@ -1067,7 +1067,7 @@ bool p3IdService::createIdentity(uint32_t& token, RsIdentityParameters ¶ms) if(params.isPgpLinked) { - ssdata.pgp.pgpId = AuthPGP::getPGPOwnId(); + ssdata.pgp.pgpId = AuthPGP::getPgpOwnId(); ssdata.pgp.lastCheckTs = time(nullptr); } From 7821b29893cf58a7246b9c6c90d9d5647878db3a Mon Sep 17 00:00:00 2001 From: csoler Date: Fri, 29 Oct 2021 20:29:18 +0200 Subject: [PATCH 09/10] fixed additional GPG->Pgp names --- libretroshare/src/gossipdiscovery/p3gossipdiscovery.cc | 2 +- libretroshare/src/gxs/rsgxsnetservice.cc | 2 +- libretroshare/src/gxs/rsgxsnetutils.cc | 4 ++-- libretroshare/src/pgp/pgpauxutils.cc | 4 ++-- libretroshare/src/pgp/pgpauxutils.h | 8 ++++---- libretroshare/src/pqi/authgpg.cc | 8 ++++---- libretroshare/src/pqi/authgpg.h | 8 ++++---- libretroshare/src/rsserver/p3peers.cc | 2 +- libretroshare/src/rsserver/rsaccounts.cc | 6 +++--- libretroshare/src/rsserver/rsinit.cc | 2 +- libretroshare/src/services/p3idservice.cc | 4 ++-- .../libretroshare/gxs/nxs_test/nxsdummyservices.cc | 4 ++-- .../libretroshare/gxs/nxs_test/nxsdummyservices.h | 4 ++-- .../libretroshare/services/gxs/FakePgpAuxUtils.cc | 8 ++++---- .../libretroshare/services/gxs/FakePgpAuxUtils.h | 4 ++-- 15 files changed, 35 insertions(+), 35 deletions(-) diff --git a/libretroshare/src/gossipdiscovery/p3gossipdiscovery.cc b/libretroshare/src/gossipdiscovery/p3gossipdiscovery.cc index 30e71763a..948fa3ccc 100644 --- a/libretroshare/src/gossipdiscovery/p3gossipdiscovery.cc +++ b/libretroshare/src/gossipdiscovery/p3gossipdiscovery.cc @@ -1098,7 +1098,7 @@ void p3discovery2::recvPGPCertificate(const RsPeerId& fromId, RsDiscPgpKeyItem* std::string cert_name; std::list cert_signers; - if(!AuthPGP::getGPGDetailsFromBinaryBlock( (unsigned char*)item->bin_data,item->bin_len, cert_pgp_id, cert_name, cert_signers )) + if(!AuthPGP::getPgpDetailsFromBinaryBlock( (unsigned char*)item->bin_data,item->bin_len, cert_pgp_id, cert_name, cert_signers )) { std::cerr << "(EE) cannot parse own PGP key sent by " << fromId << std::endl; return; diff --git a/libretroshare/src/gxs/rsgxsnetservice.cc b/libretroshare/src/gxs/rsgxsnetservice.cc index e1b70a670..6e61c72c4 100644 --- a/libretroshare/src/gxs/rsgxsnetservice.cc +++ b/libretroshare/src/gxs/rsgxsnetservice.cc @@ -4688,7 +4688,7 @@ bool RsGxsNetService::checkPermissionsForFriendGroup(const RsPeerId& sslId,const if(!grpMeta.mInternalCircle.isNull()) { RsGroupInfo ginfo ; - RsPgpId pgpId = mPgpUtils->getPGPId(sslId) ; + RsPgpId pgpId = mPgpUtils->getPgpId(sslId) ; #ifdef NXS_NET_DEBUG_4 GXSNETDEBUG_PG(sslId,grpMeta.mGroupId) << " Group internal circle: " << grpMeta.mInternalCircle << ", We're owner. Sending to everyone in the group." << std::endl; diff --git a/libretroshare/src/gxs/rsgxsnetutils.cc b/libretroshare/src/gxs/rsgxsnetutils.cc index b74abcb0f..6d759da7e 100644 --- a/libretroshare/src/gxs/rsgxsnetutils.cc +++ b/libretroshare/src/gxs/rsgxsnetutils.cc @@ -223,7 +223,7 @@ bool GrpCircleVetting::canSend( { if(mCircles->isLoaded(circleId)) { - const RsPgpId& pgpId = mPgpUtils->getPGPId(peerId); + const RsPgpId& pgpId = mPgpUtils->getPgpId(peerId); return mCircles->canSend(circleId, pgpId,should_encrypt); } @@ -302,7 +302,7 @@ bool MsgCircleIdsRequestVetting::cleared() if(filtered_out_msgs>0) std::cerr << "(WW) " << filtered_out_msgs << " messages not sent because they are signed by author(s) not member of that circle " << mCircleId << std::endl; - RsPgpId pgpId = mPgpUtils->getPGPId(mPeerId); + RsPgpId pgpId = mPgpUtils->getPgpId(mPeerId); bool can_send_res = mCircles->canSend(mCircleId, pgpId,mShouldEncrypt); if(mShouldEncrypt) // that means the circle is external diff --git a/libretroshare/src/pgp/pgpauxutils.cc b/libretroshare/src/pgp/pgpauxutils.cc index 377e5261d..c87985fab 100644 --- a/libretroshare/src/pgp/pgpauxutils.cc +++ b/libretroshare/src/pgp/pgpauxutils.cc @@ -37,7 +37,7 @@ const RsPgpId& PgpAuxUtilsImpl::getPGPOwnId() return AuthPGP::getPgpOwnId(); } -RsPgpId PgpAuxUtilsImpl::getPGPId(const RsPeerId& sslid) +RsPgpId PgpAuxUtilsImpl::getPgpId(const RsPeerId& sslid) { return rsPeers->getGPGId(sslid); } @@ -57,7 +57,7 @@ bool PgpAuxUtilsImpl::VerifySignBin(const void *data, return AuthPGP::VerifySignBin(data, len, sign, signlen, withfingerprint); } -bool PgpAuxUtilsImpl::getGPGAllList(std::list &ids) +bool PgpAuxUtilsImpl::getPgpAllList(std::list &ids) { return AuthPGP::getPgpAllList(ids); } diff --git a/libretroshare/src/pgp/pgpauxutils.h b/libretroshare/src/pgp/pgpauxutils.h index 4b188e3ae..aa897c0e1 100644 --- a/libretroshare/src/pgp/pgpauxutils.h +++ b/libretroshare/src/pgp/pgpauxutils.h @@ -35,8 +35,8 @@ class PgpAuxUtils virtual ~PgpAuxUtils(){} virtual const RsPgpId &getPGPOwnId() = 0; - virtual RsPgpId getPGPId(const RsPeerId& sslid) = 0; - virtual bool getGPGAllList(std::list &ids) = 0; + virtual RsPgpId getPgpId(const RsPeerId& sslid) = 0; + virtual bool getPgpAllList(std::list &ids) = 0; virtual bool getKeyFingerprint(const RsPgpId& id,PGPFingerprintType& fp) const = 0; virtual bool parseSignature(unsigned char *sign, unsigned int signlen, RsPgpId& issuer) const =0; @@ -49,12 +49,12 @@ public: PgpAuxUtilsImpl(); virtual const RsPgpId &getPGPOwnId(); - virtual RsPgpId getPGPId(const RsPeerId& sslid); + virtual RsPgpId getPgpId(const RsPeerId& sslid); virtual bool parseSignature(unsigned char *sign, unsigned int signlen, RsPgpId& issuer) const ; virtual bool getKeyFingerprint(const RsPgpId& id,PGPFingerprintType& fp) const; virtual bool VerifySignBin(const void *data, uint32_t len, unsigned char *sign, unsigned int signlen, const PGPFingerprintType& withfingerprint); - virtual bool getGPGAllList(std::list &ids); + virtual bool getPgpAllList(std::list &ids); }; diff --git a/libretroshare/src/pqi/authgpg.cc b/libretroshare/src/pqi/authgpg.cc index 9cbcade21..f7a6fb6c3 100644 --- a/libretroshare/src/pqi/authgpg.cc +++ b/libretroshare/src/pqi/authgpg.cc @@ -54,11 +54,11 @@ void cleanupZombies(int numkill); // function to cleanup zombies under OSX. /* Function to sign X509_REQ via GPGme. */ -int AuthPGP::availableGPGCertificatesWithPrivateKeys(std::list& pgpIds) +int AuthPGP::availablePgpCertificatesWithPrivateKeys(std::list& pgpIds) { return instance()->mPgpHandler->availableGPGCertificatesWithPrivateKeys(pgpIds); } -bool AuthPGP::getGPGDetailsFromBinaryBlock(const unsigned char *mem,size_t mem_size,RsPgpId& key_id, std::string& name, std::list& signers) +bool AuthPGP::getPgpDetailsFromBinaryBlock(const unsigned char *mem,size_t mem_size,RsPgpId& key_id, std::string& name, std::list& signers) { return instance()->mPgpHandler->getGPGDetailsFromBinaryBlock(mem,mem_size,key_id,name,signers); } @@ -178,7 +178,7 @@ AuthPGP::AuthPGP(const std::string& path_to_public_keyring,const std::string& pa * This function must be called successfully (return == 1) * before anything else can be done. (except above fn). */ -int AuthPGP::GPGInit(const RsPgpId &ownId) +int AuthPGP::PgpInit(const RsPgpId &ownId) { #ifdef DEBUG_AUTHGPG std::cerr << "AuthGPG::GPGInit() called with own gpg id : " << ownId.toStdString() << std::endl; @@ -365,7 +365,7 @@ bool AuthPGP::active() return instance()->gpgKeySelected; } -bool AuthPGP::GeneratePGPCertificate(const std::string& name, const std::string& email, const std::string& passwd, RsPgpId& pgpId, const int keynumbits, std::string& errString) +bool AuthPGP::GeneratePgpCertificate(const std::string& name, const std::string& email, const std::string& passwd, RsPgpId& pgpId, const int keynumbits, std::string& errString) { RsStackMutex stack(instance()->gpgMtxEngine); /******* LOCKED ******/ diff --git a/libretroshare/src/pqi/authgpg.h b/libretroshare/src/pqi/authgpg.h index 5a8839b67..1db1ad482 100644 --- a/libretroshare/src/pqi/authgpg.h +++ b/libretroshare/src/pqi/authgpg.h @@ -129,11 +129,11 @@ public: /* Init by generating new Own PGP Cert, or selecting existing PGP Cert */ - static int GPGInit(const RsPgpId &ownId); - static bool GeneratePGPCertificate(const std::string& name, const std::string& email, const std::string& passwd, RsPgpId &pgpId, const int keynumbits, std::string &errString); + static int PgpInit(const RsPgpId &ownId); + static bool GeneratePgpCertificate(const std::string& name, const std::string& email, const std::string& passwd, RsPgpId &pgpId, const int keynumbits, std::string &errString); - static bool getGPGDetailsFromBinaryBlock(const unsigned char *mem,size_t mem_size,RsPgpId& key_id, std::string& name, std::list& signers) ; - static int availableGPGCertificatesWithPrivateKeys(std::list& pgpIds); + static bool getPgpDetailsFromBinaryBlock(const unsigned char *mem,size_t mem_size,RsPgpId& key_id, std::string& name, std::list& signers) ; + static int availablePgpCertificatesWithPrivateKeys(std::list& pgpIds); /*********************************************************************************/ /************************* STAGE 3 ***********************************************/ diff --git a/libretroshare/src/rsserver/p3peers.cc b/libretroshare/src/rsserver/p3peers.cc index 50d4dc3dc..ff50ec091 100644 --- a/libretroshare/src/rsserver/p3peers.cc +++ b/libretroshare/src/rsserver/p3peers.cc @@ -1670,7 +1670,7 @@ bool p3Peers::loadDetailsFromStringCert( const std::string &certstr, RsCertificate& cert = *certPtr; - if(!AuthPGP::getGPGDetailsFromBinaryBlock( cert.pgp_key(), cert.pgp_key_size(), pd.gpg_id, pd.name, pd.gpgSigners )) + if(!AuthPGP::getPgpDetailsFromBinaryBlock( cert.pgp_key(), cert.pgp_key_size(), pd.gpg_id, pd.name, pd.gpgSigners )) return false; Dbg4() << __PRETTY_FUNCTION__ << " Parsing cert for sslid, location, ext " diff --git a/libretroshare/src/rsserver/rsaccounts.cc b/libretroshare/src/rsserver/rsaccounts.cc index 737254f73..32ecd1e2a 100644 --- a/libretroshare/src/rsserver/rsaccounts.cc +++ b/libretroshare/src/rsserver/rsaccounts.cc @@ -853,7 +853,7 @@ static bool checkAccount(const std::string &accountdir, AccountDetails &account, /* Generating GPGme Account */ int RsAccountsDetail::GetPGPLogins(std::list& pgpIds) { - AuthPGP::availableGPGCertificatesWithPrivateKeys(pgpIds); + AuthPGP::availablePgpCertificatesWithPrivateKeys(pgpIds); return 1; } @@ -887,7 +887,7 @@ bool RsAccountsDetail::SelectPGPAccount(const RsPgpId& pgpId) { bool retVal = false; - if (0 < AuthPGP::GPGInit(pgpId)) + if (0 < AuthPGP::PgpInit(pgpId)) { retVal = true; #ifdef DEBUG_ACCOUNTS @@ -907,7 +907,7 @@ bool RsAccountsDetail::SelectPGPAccount(const RsPgpId& pgpId) bool RsAccountsDetail::GeneratePGPCertificate(const std::string& name, const std::string& email, const std::string& passwd, RsPgpId &pgpId, const int keynumbits, std::string &errString) { - return AuthPGP::GeneratePGPCertificate(name, email, passwd, pgpId, keynumbits, errString); + return AuthPGP::GeneratePgpCertificate(name, email, passwd, pgpId, keynumbits, errString); } // PGP Support Functions. diff --git a/libretroshare/src/rsserver/rsinit.cc b/libretroshare/src/rsserver/rsinit.cc index 2dc034f56..84d2b659b 100644 --- a/libretroshare/src/rsserver/rsinit.cc +++ b/libretroshare/src/rsserver/rsinit.cc @@ -510,7 +510,7 @@ RsInit::LoadCertificateStatus RsInit::LockAndLoadCertificates( if(!RsAccounts::GetAccountDetails(accountId, pgpId, pgpName, pgpEmail, location)) throw RsInit::ERR_UNKNOWN; // invalid PreferredAccount; - if(0 == AuthPGP::GPGInit(pgpId)) + if(0 == AuthPGP::PgpInit(pgpId)) throw RsInit::ERR_UNKNOWN; // PGP Error. LoadCertificateStatus retVal = diff --git a/libretroshare/src/services/p3idservice.cc b/libretroshare/src/services/p3idservice.cc index b89c963b6..bf034bcb2 100644 --- a/libretroshare/src/services/p3idservice.cc +++ b/libretroshare/src/services/p3idservice.cc @@ -4096,7 +4096,7 @@ void p3IdService::getPgpIdList() #endif // DEBUG_IDS std::list list; - mPgpUtils->getGPGAllList(list); + mPgpUtils->getPgpAllList(list); RsStackMutex stack(mIdMtx); /********** STACK LOCKED MTX ******/ @@ -4593,7 +4593,7 @@ void p3IdService::generateDummy_FriendPGP() // Now Generate for friends. std::list gpgids; std::list::const_iterator it; - mPgpUtils->getGPGAllList(gpgids); + mPgpUtils->getPgpAllList(gpgids); RsGxsIdGroup id; diff --git a/tests/unittests/libretroshare/gxs/nxs_test/nxsdummyservices.cc b/tests/unittests/libretroshare/gxs/nxs_test/nxsdummyservices.cc index 925e90be2..442a25cc1 100644 --- a/tests/unittests/libretroshare/gxs/nxs_test/nxsdummyservices.cc +++ b/tests/unittests/libretroshare/gxs/nxs_test/nxsdummyservices.cc @@ -134,11 +134,11 @@ const RsPgpId& rs_nxs_test::RsDummyPgpUtils::getPGPOwnId() { return mOwnId; } -RsPgpId rs_nxs_test::RsDummyPgpUtils::getPGPId(const RsPeerId& /*sslid*/) { +RsPgpId rs_nxs_test::RsDummyPgpUtils::getPgpId(const RsPeerId& /*sslid*/) { return RsPgpId().random(); } -bool rs_nxs_test::RsDummyPgpUtils::getGPGAllList(std::list& /*ids*/) { +bool rs_nxs_test::RsDummyPgpUtils::getPgpAllList(std::list& /*ids*/) { return true; } diff --git a/tests/unittests/libretroshare/gxs/nxs_test/nxsdummyservices.h b/tests/unittests/libretroshare/gxs/nxs_test/nxsdummyservices.h index aee8f989e..6e993a658 100644 --- a/tests/unittests/libretroshare/gxs/nxs_test/nxsdummyservices.h +++ b/tests/unittests/libretroshare/gxs/nxs_test/nxsdummyservices.h @@ -164,8 +164,8 @@ namespace rs_nxs_test virtual ~RsDummyPgpUtils(){} const RsPgpId &getPGPOwnId() ; - RsPgpId getPGPId(const RsPeerId& sslid) ; - bool getGPGAllList(std::list &ids) ; + RsPgpId getPgpId(const RsPeerId& sslid) ; + bool getPgpAllList(std::list &ids) ; bool getKeyFingerprint(const RsPgpId& id,PGPFingerprintType& fp) const; bool parseSignature(unsigned char *sign, unsigned int signlen, RsPgpId& issuer) const; diff --git a/tests/unittests/libretroshare/services/gxs/FakePgpAuxUtils.cc b/tests/unittests/libretroshare/services/gxs/FakePgpAuxUtils.cc index 2d274897a..49e440e5e 100644 --- a/tests/unittests/libretroshare/services/gxs/FakePgpAuxUtils.cc +++ b/tests/unittests/libretroshare/services/gxs/FakePgpAuxUtils.cc @@ -24,7 +24,7 @@ FakePgpAuxUtils::FakePgpAuxUtils(const RsPeerId& ownId) { - mOwnId = getPGPId(ownId); + mOwnId = getPgpId(ownId); addPeerIdToPgpList(ownId); } @@ -39,7 +39,7 @@ void FakePgpAuxUtils::addPeerListToPgpList(const std::list &ids) void FakePgpAuxUtils::addPeerIdToPgpList(const RsPeerId &id) { - RsPgpId pgpId = getPGPId(id); + RsPgpId pgpId = getPgpId(id); if (mPgpList.end() == std::find(mPgpList.begin(), mPgpList.end(), pgpId)) { mPgpList.push_back(pgpId); @@ -51,7 +51,7 @@ const RsPgpId & FakePgpAuxUtils::getPGPOwnId() return mOwnId; } -RsPgpId FakePgpAuxUtils::getPGPId(const RsPeerId& sslid) +RsPgpId FakePgpAuxUtils::getPgpId(const RsPeerId& sslid) { /* convert an sslId */ std::string idstring = sslid.toStdString(); @@ -95,7 +95,7 @@ bool FakePgpAuxUtils::VerifySignBin(const void* /*data*/, uint32_t /*len*/, unsi return true; } -bool FakePgpAuxUtils::getGPGAllList(std::list &ids) +bool FakePgpAuxUtils::getPgpAllList(std::list &ids) { ids = mPgpList; return true; diff --git a/tests/unittests/libretroshare/services/gxs/FakePgpAuxUtils.h b/tests/unittests/libretroshare/services/gxs/FakePgpAuxUtils.h index 63b20b85d..f866164a6 100644 --- a/tests/unittests/libretroshare/services/gxs/FakePgpAuxUtils.h +++ b/tests/unittests/libretroshare/services/gxs/FakePgpAuxUtils.h @@ -28,7 +28,7 @@ public: FakePgpAuxUtils(const RsPeerId& ownId); virtual const RsPgpId &getPGPOwnId(); - virtual RsPgpId getPGPId(const RsPeerId& sslid); + virtual RsPgpId getPgpId(const RsPeerId& sslid); virtual bool getKeyFingerprint(const RsPgpId& id,PGPFingerprintType& fp) const; virtual bool parseSignature(unsigned char *sign, unsigned int signlen, RsPgpId& issuer) const; @@ -36,7 +36,7 @@ public: virtual void addPeerListToPgpList(const std::list &ids); virtual void addPeerIdToPgpList(const RsPeerId &id); - virtual bool getGPGAllList(std::list &ids); + virtual bool getPgpAllList(std::list &ids); private: RsPgpId mOwnId; std::list mPgpList; From 7455013fc274ef45677809e0cfedcf1188f8be64 Mon Sep 17 00:00:00 2001 From: csoler Date: Mon, 13 Dec 2021 20:58:53 +0100 Subject: [PATCH 10/10] fixed std::cerr => RsErr() --- libretroshare/src/pgp/openpgpsdkhandler.cc | 190 ++++++++++----------- libretroshare/src/pgp/pgphandler.cc | 64 +++---- 2 files changed, 127 insertions(+), 127 deletions(-) diff --git a/libretroshare/src/pgp/openpgpsdkhandler.cc b/libretroshare/src/pgp/openpgpsdkhandler.cc index 316b428af..5a4a02d49 100644 --- a/libretroshare/src/pgp/openpgpsdkhandler.cc +++ b/libretroshare/src/pgp/openpgpsdkhandler.cc @@ -142,7 +142,7 @@ OpenPGPSDKHandler::OpenPGPSDKHandler(const std::string& pubring, const std::stri throw std::runtime_error("OpenPGPSDKHandler::readKeyRing(): cannot read pubring. File corrupted.") ; } else - std::cerr << "pubring file \"" << pubring << "\" not found. Creating a void keyring." << std::endl; + RsErr() << "pubring file \"" << pubring << "\" not found. Creating a void keyring." ; const ops_keydata_t *keydata ; int i=0 ; @@ -161,7 +161,7 @@ OpenPGPSDKHandler::OpenPGPSDKHandler(const std::string& pubring, const std::stri ++i ; } _pubring_last_update_time = time(NULL) ; - std::cerr << "Pubring read successfully." << std::endl; + RsErr() << "Pubring read successfully." ; if(secring_exist) { @@ -169,7 +169,7 @@ OpenPGPSDKHandler::OpenPGPSDKHandler(const std::string& pubring, const std::stri throw std::runtime_error("OpenPGPSDKHandler::readKeyRing(): cannot read secring. File corrupted.") ; } else - std::cerr << "secring file \"" << secring << "\" not found. Creating a void keyring." << std::endl; + RsErr() << "secring file \"" << secring << "\" not found. Creating a void keyring." ; i=0 ; while( (keydata = ops_keyring_get_key_by_index(_secring,i)) != NULL ) @@ -179,7 +179,7 @@ OpenPGPSDKHandler::OpenPGPSDKHandler(const std::string& pubring, const std::stri } _secring_last_update_time = time(NULL) ; - std::cerr << "Secring read successfully." << std::endl; + RsErr() << "Secring read successfully." ; locked_readPrivateTrustDatabase() ; _trustdb_last_update_time = time(NULL) ; @@ -255,7 +255,7 @@ bool OpenPGPSDKHandler::validateAndUpdateSignatures(PGPCertificateInfo& cert,con static ops_boolean_t already = 0 ; if(!already) { - std::cerr << "(WW) Error in OpenPGPSDKHandler::validateAndUpdateSignatures(). Validation failed for at least some signatures." << std::endl; + RsErr() << "(WW) Error in OpenPGPSDKHandler::validateAndUpdateSignatures(). Validation failed for at least some signatures." ; already = 1 ; } } @@ -286,7 +286,7 @@ OpenPGPSDKHandler::~OpenPGPSDKHandler() { RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. #ifdef DEBUG_PGPHANDLER - std::cerr << "Freeing OpenPGPSDKHandler. Deleting keyrings." << std::endl; + RsErr() << "Freeing OpenPGPSDKHandler. Deleting keyrings." ; #endif // no need to free the the _map_ elements. They will be freed by the following calls: @@ -300,7 +300,7 @@ OpenPGPSDKHandler::~OpenPGPSDKHandler() void OpenPGPSDKHandler::printOPSKeys() const { - std::cerr << "Public keyring list from OPS:" << std::endl; + RsErr() << "Public keyring list from OPS:" ; ops_keyring_list(_pubring) ; } @@ -331,7 +331,7 @@ bool OpenPGPSDKHandler::availableGPGCertificatesWithPrivateKeys(std::listkey_id)) ; #ifdef DEBUG_PGPHANDLER else - std::cerr << "Skipping keypair " << RsPgpId(keydata->key_id).toStdString() << ", unsupported algorithm: " << keydata->key.pkey.algorithm << std::endl; + RsErr() << "Skipping keypair " << RsPgpId(keydata->key_id).toStdString() << ", unsupported algorithm: " << keydata->key.pkey.algorithm ; #endif } @@ -416,7 +416,7 @@ bool OpenPGPSDKHandler::GeneratePGPCertificate(const std::string& name, const st initCertificateInfo(_secret_keyring_map[ pgpId ],&tmp_secring->keys[0],_secring->nkeys-1) ; #ifdef DEBUG_PGPHANDLER - std::cerr << "Added new secret key with id " << pgpId.toStdString() << " to secret keyring." << std::endl; + RsErr() << "Added new secret key with id " << pgpId.toStdString() << " to secret keyring." ; #endif ops_keyring_free(tmp_secring) ; free(tmp_secring) ; @@ -479,7 +479,7 @@ bool OpenPGPSDKHandler::GeneratePGPCertificate(const std::string& name, const st locked_syncPublicKeyring() ; #ifdef DEBUG_PGPHANDLER - std::cerr << "Added new public key with id " << pgpId.toStdString() << " to public keyring." << std::endl; + RsErr() << "Added new public key with id " << pgpId.toStdString() << " to public keyring." ; #endif // 9 - Update some flags. @@ -509,7 +509,7 @@ std::string OpenPGPSDKHandler::makeRadixEncodedPGPKey(const ops_keydata_t *key,b else { ops_create_info_delete(cinfo); - std::cerr << "Unhandled key type " << key->type << std::endl; + RsErr() << "Unhandled key type " << key->type ; return "ERROR: Cannot write key. Unhandled key type. " ; } @@ -569,7 +569,7 @@ std::string OpenPGPSDKHandler::SaveCertificateToString(const RsPgpId& id,bool in if(key == NULL) { - std::cerr << "Cannot output key " << id.toStdString() << ": not found in keyring." << std::endl; + RsErr() << "Cannot output key " << id.toStdString() << ": not found in keyring." ; return "" ; } @@ -584,7 +584,7 @@ bool OpenPGPSDKHandler::exportPublicKey( const RsPgpId& id, unsigned char*& mem_ { RsErr() << __PRETTY_FUNCTION__ << " should not be used with " << "armoured=true, because there's a bug in the armoured export" - << " of OPS" << std::endl; + << " of OPS" ; print_stacktrace(); return false; } @@ -595,7 +595,7 @@ bool OpenPGPSDKHandler::exportPublicKey( const RsPgpId& id, unsigned char*& mem_ if(!key) { RsErr() << __PRETTY_FUNCTION__ << " key id: " << id - << " not found in keyring." << std::endl; + << " not found in keyring." ; return false; } @@ -608,7 +608,7 @@ bool OpenPGPSDKHandler::exportPublicKey( const RsPgpId& id, unsigned char*& mem_ { RsErr() << __PRETTY_FUNCTION__ << " This key id " << id << " cannot be processed by RetroShare because DSA certificates" - << " support is not implemented yet." << std::endl; + << " support is not implemented yet." ; return false; } @@ -638,21 +638,21 @@ bool OpenPGPSDKHandler::exportGPGKeyPair(const std::string& filename,const RsPgp if(pubkey == NULL) { - std::cerr << "Cannot output key " << exported_key_id.toStdString() << ": not found in public keyring." << std::endl; + RsErr() << "Cannot output key " << exported_key_id.toStdString() << ": not found in public keyring." ; return false ; } const ops_keydata_t *seckey = locked_getSecretKey(exported_key_id) ; if(seckey == NULL) { - std::cerr << "Cannot output key " << exported_key_id.toStdString() << ": not found in secret keyring." << std::endl; + RsErr() << "Cannot output key " << exported_key_id.toStdString() << ": not found in secret keyring." ; return false ; } FILE *f = RsDirUtil::rs_fopen(filename.c_str(),"w") ; if(f == NULL) { - std::cerr << "Cannot output key " << exported_key_id.toStdString() << ": file " << filename << " cannot be written. Please check for permissions, quotas, disk space." << std::endl; + RsErr() << "Cannot output key " << exported_key_id.toStdString() << ": file " << filename << " cannot be written. Please check for permissions, quotas, disk space." ; return false ; } @@ -704,7 +704,7 @@ bool OpenPGPSDKHandler::getGPGDetailsFromBinaryBlock(const unsigned char *mem_bl ops_memory_release(mem) ; free(mem) ; - std::cerr << "Could not read key. Format error?" << std::endl; + RsErr() << "Could not read key. Format error?" ; //error_string = std::string("Could not read key. Format error?") ; return false ; } @@ -714,12 +714,12 @@ bool OpenPGPSDKHandler::getGPGDetailsFromBinaryBlock(const unsigned char *mem_bl if(tmp_keyring->nkeys != 1) { - std::cerr << "No or incomplete/invalid key in supplied pgp block." << std::endl; + RsErr() << "No or incomplete/invalid key in supplied pgp block." ; return false ; } if(tmp_keyring->keys[0].uids == NULL) { - std::cerr << "No uid in supplied key." << std::endl; + RsErr() << "No uid in supplied key." ; return false ; } @@ -737,14 +737,14 @@ bool OpenPGPSDKHandler::getGPGDetailsFromBinaryBlock(const unsigned char *mem_bl } if(res == ops_false) - std::cerr << "(WW) Error in OpenPGPSDKHandler::validateAndUpdateSignatures(). Validation failed for at least some signatures." << std::endl; + RsErr() << "(WW) Error in OpenPGPSDKHandler::validateAndUpdateSignatures(). Validation failed for at least some signatures." ; // also add self-signature if any (there should be!). // res = ops_validate_key_signatures(result,&tmp_keyring->keys[0],tmp_keyring,cb_get_passphrase) ; if(res == ops_false) - std::cerr << "(WW) Error in OpenPGPSDKHandler::validateAndUpdateSignatures(). Validation failed for at least some signatures." << std::endl; + RsErr() << "(WW) Error in OpenPGPSDKHandler::validateAndUpdateSignatures(). Validation failed for at least some signatures." ; // Parse signers. // @@ -846,7 +846,7 @@ bool OpenPGPSDKHandler::checkAndImportKeyPair(ops_keyring_t *tmp_keyring, RsPgpI else { import_error = "Unrecognised key type in key file for key #0. Giving up." ; - std::cerr << "Unrecognised key type " << tmp_keyring->keys[0].type << " in key file for key #0. Giving up." << std::endl; + RsErr() << "Unrecognised key type " << tmp_keyring->keys[0].type << " in key file for key #0. Giving up." ; return false ; } if(tmp_keyring->keys[1].type == OPS_PTAG_CT_PUBLIC_KEY) @@ -856,7 +856,7 @@ bool OpenPGPSDKHandler::checkAndImportKeyPair(ops_keyring_t *tmp_keyring, RsPgpI else { import_error = "Unrecognised key type in key file for key #1. Giving up." ; - std::cerr << "Unrecognised key type " << tmp_keyring->keys[1].type << " in key file for key #1. Giving up." << std::endl; + RsErr() << "Unrecognised key type " << tmp_keyring->keys[1].type << " in key file for key #1. Giving up." ; return false ; } @@ -1003,7 +1003,7 @@ bool OpenPGPSDKHandler::LoadCertificate(const unsigned char *data,uint32_t data_ { RsStackMutex mtx(pgphandlerMtx) ; // lock access to PGP memory structures. #ifdef DEBUG_PGPHANDLER - std::cerr << "Reading new key from string: " << std::endl; + RsErr() << "Reading new key from string: " ; #endif ops_keyring_t *tmp_keyring = allocateOPSKeyring(); @@ -1017,7 +1017,7 @@ bool OpenPGPSDKHandler::LoadCertificate(const unsigned char *data,uint32_t data_ ops_memory_release(mem) ; free(mem) ; - std::cerr << "Could not read key. Format error?" << std::endl; + RsErr() << "Could not read key. Format error?" ; error_string = std::string("Could not read key. Format error?") ; return false ; } @@ -1029,7 +1029,7 @@ bool OpenPGPSDKHandler::LoadCertificate(const unsigned char *data,uint32_t data_ // if(tmp_keyring->nkeys != 1) { - std::cerr << "Loaded certificate contains more than one PGP key. This is not allowed." << std::endl; + RsErr() << "Loaded certificate contains more than one PGP key. This is not allowed." ; error_string = "Loaded certificate contains more than one PGP key. This is not allowed." ; return false ; } @@ -1041,7 +1041,7 @@ bool OpenPGPSDKHandler::LoadCertificate(const unsigned char *data,uint32_t data_ if(keydata->key.pkey.version != 4) { error_string = "Public key is not version 4. Rejected!" ; - std::cerr << "Received a key with unhandled version number (" << keydata->key.pkey.version << ")" << std::endl; + RsErr() << "Received a key with unhandled version number (" << keydata->key.pkey.version << ")" ; return false ; } @@ -1066,14 +1066,14 @@ bool OpenPGPSDKHandler::LoadCertificate(const unsigned char *data,uint32_t data_ if(!found) { error_string = "This key is not self-signed. This is required by Retroshare." ; - std::cerr << "This key is not self-signed. This is required by Retroshare." << std::endl; + RsErr() << "This key is not self-signed. This is required by Retroshare." ; ops_validate_result_free(result); return false ; } ops_validate_result_free(result); #ifdef DEBUG_PGPHANDLER - std::cerr << " Key read correctly: " << std::endl; + RsErr() << " Key read correctly: " ; ops_keyring_list(tmp_keyring) ; #endif @@ -1084,11 +1084,11 @@ bool OpenPGPSDKHandler::LoadCertificate(const unsigned char *data,uint32_t data_ { _pubring_changed = true ; #ifdef DEBUG_PGPHANDLER - std::cerr << " Added the key in the main public keyring." << std::endl; + RsErr() << " Added the key in the main public keyring." ; #endif } else - std::cerr << "Key already in public keyring." << std::endl; + RsErr() << "Key already in public keyring." ; if(tmp_keyring->nkeys > 0) id = RsPgpId(tmp_keyring->keys[0].key_id) ; @@ -1109,8 +1109,8 @@ bool OpenPGPSDKHandler::locked_addOrMergeKey(ops_keyring_t *keyring,std::mapkey_id) ; #ifdef DEBUG_PGPHANDLER - std::cerr << "AddOrMergeKey():" << std::endl; - std::cerr << " id: " << id.toStdString() << std::endl; + RsErr() << "AddOrMergeKey():" ; + RsErr() << " id: " << id.toStdString() ; #endif // See if the key is already in the keyring @@ -1125,7 +1125,7 @@ bool OpenPGPSDKHandler::locked_addOrMergeKey(ops_keyring_t *keyring,std::mapsecond._key_index)) == NULL) { #ifdef DEBUG_PGPHANDLER - std::cerr << " Key is new. Adding it to keyring" << std::endl; + RsErr() << " Key is new. Adding it to keyring" ; #endif addNewKeyToOPSKeyring(keyring,*keydata) ; // the key is new. initCertificateInfo(kmap[id],keydata,keyring->nkeys-1) ; @@ -1138,12 +1138,12 @@ bool OpenPGPSDKHandler::locked_addOrMergeKey(ops_keyring_t *keyring,std::mapfingerprint.fingerprint, RsPgpFingerprint::SIZE_IN_BYTES )) { - std::cerr << "(EE) attempt to merge key with identical id, but different fingerprint!" << std::endl; + RsErr() << "(EE) attempt to merge key with identical id, but different fingerprint!" ; return false ; } #ifdef DEBUG_PGPHANDLER - std::cerr << " Key exists. Merging signatures." << std::endl; + RsErr() << " Key exists. Merging signatures." ; #endif ret = mergeKeySignatures(const_cast(existing_key),keydata) ; @@ -1168,13 +1168,13 @@ bool OpenPGPSDKHandler::encryptTextToFile(const RsPgpId& key_id,const std::strin if(public_key == NULL) { - std::cerr << "Cannot get public key of id " << key_id.toStdString() << std::endl; + RsErr() << "Cannot get public key of id " << key_id.toStdString() ; return false ; } if(public_key->type != OPS_PTAG_CT_PUBLIC_KEY) { - std::cerr << "OpenPGPSDKHandler::encryptTextToFile(): ERROR: supplied id did not return a public key!" << std::endl; + RsErr() << "OpenPGPSDKHandler::encryptTextToFile(): ERROR: supplied id did not return a public key!" ; return false ; } @@ -1185,13 +1185,13 @@ bool OpenPGPSDKHandler::encryptTextToFile(const RsPgpId& key_id,const std::strin if (fd < 0) { - std::cerr << "OpenPGPSDKHandler::encryptTextToFile(): ERROR: Cannot write to " << outfile_tmp << std::endl; + RsErr() << "OpenPGPSDKHandler::encryptTextToFile(): ERROR: Cannot write to " << outfile_tmp ; return false ; } if(!ops_encrypt_stream(info, public_key, NULL, ops_false, ops_true)) { - std::cerr << "OpenPGPSDKHandler::encryptTextToFile(): ERROR: encryption failed." << std::endl; + RsErr() << "OpenPGPSDKHandler::encryptTextToFile(): ERROR: encryption failed." ; return false ; } @@ -1200,7 +1200,7 @@ bool OpenPGPSDKHandler::encryptTextToFile(const RsPgpId& key_id,const std::strin if(!RsDirUtil::renameFile(outfile_tmp,outfile)) { - std::cerr << "OpenPGPSDKHandler::encryptTextToFile(): ERROR: Cannot rename " + outfile_tmp + " to " + outfile + ". Disk error?" << std::endl; + RsErr() << "OpenPGPSDKHandler::encryptTextToFile(): ERROR: Cannot rename " + outfile_tmp + " to " + outfile + ". Disk error?" ; return false ; } @@ -1215,18 +1215,18 @@ bool OpenPGPSDKHandler::encryptDataBin(const RsPgpId& key_id,const void *data, c if(public_key == NULL) { - std::cerr << "Cannot get public key of id " << key_id.toStdString() << std::endl; + RsErr() << "Cannot get public key of id " << key_id.toStdString() ; return false ; } if(public_key->type != OPS_PTAG_CT_PUBLIC_KEY) { - std::cerr << "OpenPGPSDKHandler::encryptTextToFile(): ERROR: supplied id did not return a public key!" << std::endl; + RsErr() << "OpenPGPSDKHandler::encryptTextToFile(): ERROR: supplied id did not return a public key!" ; return false ; } if(public_key->key.pkey.algorithm != OPS_PKA_RSA) { - std::cerr << "OpenPGPSDKHandler::encryptTextToFile(): ERROR: supplied key id " << key_id.toStdString() << " is not an RSA key (DSA for instance, is not supported)!" << std::endl; + RsErr() << "OpenPGPSDKHandler::encryptTextToFile(): ERROR: supplied key id " << key_id.toStdString() << " is not an RSA key (DSA for instance, is not supported)!" ; return false ; } ops_create_info_t *info; @@ -1236,7 +1236,7 @@ bool OpenPGPSDKHandler::encryptDataBin(const RsPgpId& key_id,const void *data, c if(!ops_encrypt_stream(info, public_key, NULL, ops_false, ops_false)) { - std::cerr << "Encryption failed." << std::endl; + RsErr() << "Encryption failed." ; res = false ; } @@ -1257,7 +1257,7 @@ bool OpenPGPSDKHandler::encryptDataBin(const RsPgpId& key_id,const void *data, c } else { - std::cerr << "Not enough room to fit encrypted data. Size given=" << *encrypted_data_len << ", required=" << tlen << std::endl; + RsErr() << "Not enough room to fit encrypted data. Size given=" << *encrypted_data_len << ", required=" << tlen ; res = false ; } @@ -1275,7 +1275,7 @@ bool OpenPGPSDKHandler::decryptDataBin(const RsPgpId& /*key_id*/,const void *enc if(*data_len < (unsigned int)out_length) { - std::cerr << "Not enough room to store decrypted data! Please give more."<< std::endl; + RsErr() << "Not enough room to store decrypted data! Please give more."; return false ; } @@ -1297,7 +1297,7 @@ bool OpenPGPSDKHandler::decryptTextFromFile(const RsPgpId&,std::string& text,con if (f == NULL) { - std::cerr << "Cannot open file " << inputfile << " for read." << std::endl; + RsErr() << "Cannot open file " << inputfile << " for read." ; return false; } @@ -1308,8 +1308,8 @@ bool OpenPGPSDKHandler::decryptTextFromFile(const RsPgpId&,std::string& text,con fclose(f) ; #ifdef DEBUG_PGPHANDLER - std::cerr << "OpenPGPSDKHandler::decryptTextFromFile: read a file of length " << std::dec << buf.length() << std::endl; - std::cerr << "buf=\"" << buf << "\"" << std::endl; + RsErr() << "OpenPGPSDKHandler::decryptTextFromFile: read a file of length " << std::dec << buf.length() ; + RsErr() << "buf=\"" << buf << "\"" ; #endif int out_length ; @@ -1329,7 +1329,7 @@ bool OpenPGPSDKHandler::SignDataBin(const RsPgpId& id,const void *data, const ui if(!key) { - std::cerr << "Cannot sign: no secret key with id " << id.toStdString() << std::endl; + RsErr() << "Cannot sign: no secret key with id " << id.toStdString() ; return false ; } @@ -1357,18 +1357,18 @@ ops_secret_key_t *secret_key = NULL ; if(cancelled) { - std::cerr << "Key entering cancelled" << std::endl; + RsErr() << "Key entering cancelled" ; return false ; } if(secret_key) break ; - std::cerr << "Key decryption went wrong. Wrong passwd?" << std::endl; + RsErr() << "Key decryption went wrong. Wrong passwd?" ; last_passwd_was_wrong = true ; } if(!secret_key) { - std::cerr << "Could not obtain secret key. Signature cancelled." << std::endl; + RsErr() << "Could not obtain secret key. Signature cancelled." ; return false ; } @@ -1396,7 +1396,7 @@ ops_secret_key_t *secret_key = NULL ; } else { - std::cerr << "(EE) memory chunk is not large enough for signature packet. Requred size: " << slen << " bytes." << std::endl; + RsErr() << "(EE) memory chunk is not large enough for signature packet. Requred size: " << slen << " bytes." ; res = false ; } @@ -1406,13 +1406,13 @@ ops_secret_key_t *secret_key = NULL ; free(secret_key) ; #ifdef DEBUG_PGPHANDLER - std::cerr << "Signed with fingerprint " << fp.toStdString() << ", length " << std::dec << *signlen << ", literal data length = " << len << std::endl; - std::cerr << "Signature body: " << std::endl; + RsErr() << "Signed with fingerprint " << fp.toStdString() << ", length " << std::dec << *signlen << ", literal data length = " << len ; + RsErr() << "Signature body: " ; hexdump( (unsigned char *)data, len) ; - std::cerr << std::endl; - std::cerr << "Data: " << std::endl; + RsErr() ; + RsErr() << "Data: " ; hexdump( (unsigned char *)sign,*signlen) ; - std::cerr << std::endl; + RsErr() ; #endif return res ; } @@ -1425,7 +1425,7 @@ bool OpenPGPSDKHandler::privateSignCertificate(const RsPgpId& ownId,const RsPgpI if(key_to_sign == NULL) { - std::cerr << "Cannot sign: no public key with id " << id_of_key_to_sign.toStdString() << std::endl; + RsErr() << "Cannot sign: no public key with id " << id_of_key_to_sign.toStdString() ; return false ; } @@ -1435,14 +1435,14 @@ bool OpenPGPSDKHandler::privateSignCertificate(const RsPgpId& ownId,const RsPgpI if(!skey) { - std::cerr << "Cannot sign: no secret key with id " << ownId.toStdString() << std::endl; + RsErr() << "Cannot sign: no secret key with id " << ownId.toStdString() ; return false ; } const ops_keydata_t *pkey = locked_getPublicKey(ownId,true) ; if(!pkey) { - std::cerr << "Cannot sign: no public key with id " << ownId.toStdString() << std::endl; + RsErr() << "Cannot sign: no public key with id " << ownId.toStdString() ; return false ; } @@ -1453,12 +1453,12 @@ bool OpenPGPSDKHandler::privateSignCertificate(const RsPgpId& ownId,const RsPgpI if(cancelled) { - std::cerr << "Key cancelled by used." << std::endl; + RsErr() << "Key cancelled by used." ; return false ; } if(!secret_key) { - std::cerr << "Key decryption went wrong. Wrong passwd?" << std::endl; + RsErr() << "Key decryption went wrong. Wrong passwd?" ; return false ; } @@ -1466,7 +1466,7 @@ bool OpenPGPSDKHandler::privateSignCertificate(const RsPgpId& ownId,const RsPgpI if(!ops_sign_key(key_to_sign,pkey->key_id,secret_key)) { - std::cerr << "Key signature went wrong. Wrong passwd?" << std::endl; + RsErr() << "Key signature went wrong. Wrong passwd?" ; return false ; } @@ -1511,7 +1511,7 @@ bool OpenPGPSDKHandler::VerifySignBin(const void *literal_data, uint32_t literal if(key == NULL) { - std::cerr << "No key returned by fingerprint " << key_fingerprint.toStdString() << ", and ID " << id.toStdString() << ", signature verification failed!" << std::endl; + RsErr() << "No key returned by fingerprint " << key_fingerprint.toStdString() << ", and ID " << id.toStdString() << ", signature verification failed!" ; return false ; } @@ -1522,18 +1522,18 @@ bool OpenPGPSDKHandler::VerifySignBin(const void *literal_data, uint32_t literal if(key_fingerprint != PGPFingerprintType(fp.fingerprint)) { - std::cerr << "Key fingerprint does not match " << key_fingerprint.toStdString() << ", for ID " << id.toStdString() << ", signature verification failed!" << std::endl; + RsErr() << "Key fingerprint does not match " << key_fingerprint.toStdString() << ", for ID " << id.toStdString() << ", signature verification failed!" ; return false ; } #ifdef DEBUG_PGPHANDLER - std::cerr << "Verifying signature from fingerprint " << key_fingerprint.toStdString() << ", length " << std::dec << sign_len << ", literal data length = " << literal_data_length << std::endl; - std::cerr << "Signature body: " << std::endl; + RsErr() << "Verifying signature from fingerprint " << key_fingerprint.toStdString() << ", length " << std::dec << sign_len << ", literal data length = " << literal_data_length ; + RsErr() << "Signature body: " ; hexdump( (unsigned char *)sign,sign_len) ; - std::cerr << std::endl; - std::cerr << "Signed data: " << std::endl; + RsErr() ; + RsErr() << "Signed data: " ; hexdump( (unsigned char *)literal_data, literal_data_length) ; - std::cerr << std::endl; + RsErr() ; #endif return ops_validate_detached_signature(literal_data,literal_data_length,sign,sign_len,key) ; @@ -1563,7 +1563,7 @@ bool OpenPGPSDKHandler::mergeKeySignatures(ops_keydata_t *dst,const ops_keydata_ // First sort all signatures into lists to see which is new, which is not new #ifdef DEBUG_PGPHANDLER - std::cerr << "Merging signatures for key " << RsPgpId(dst->key_id).toStdString() << std::endl; + RsErr() << "Merging signatures for key " << RsPgpId(dst->key_id).toStdString() ; #endif std::set dst_packets ; @@ -1584,14 +1584,14 @@ bool OpenPGPSDKHandler::mergeKeySignatures(ops_keydata_t *dst,const ops_keydata_ to_add.insert(src->packets[i]) ; #ifdef DEBUG_PGPHANDLER else - std::cerr << " Packet with tag 0x" << std::hex << (int)(src->packets[i].raw[0]) << std::dec << " not merged, because it is not a signature." << std::endl; + RsErr() << " Packet with tag 0x" << std::hex << (int)(src->packets[i].raw[0]) << std::dec << " not merged, because it is not a signature." ; #endif } for(std::set::const_iterator it(to_add.begin());it!=to_add.end();++it) { #ifdef DEBUG_PGPHANDLER - std::cerr << " Adding packet with tag 0x" << std::hex << (int)(*it).raw[0] << std::dec << std::endl; + RsErr() << " Adding packet with tag 0x" << std::hex << (int)(*it).raw[0] << std::dec ; #endif ops_add_packet_to_keydata(dst,&*it) ; } @@ -1604,7 +1604,7 @@ bool OpenPGPSDKHandler::syncDatabase() RsStackFileLock flck(_pgp_lock_filename) ; // lock access to PGP directory. #ifdef DEBUG_PGPHANDLER - std::cerr << "Sync-ing keyrings." << std::endl; + RsErr() << "Sync-ing keyrings." ; #endif locked_syncPublicKeyring() ; //locked_syncSecretKeyring() ; @@ -1614,7 +1614,7 @@ bool OpenPGPSDKHandler::syncDatabase() locked_syncTrustDatabase() ; #ifdef DEBUG_PGPHANDLER - std::cerr << "Done. " << std::endl; + RsErr() << "Done. " ; #endif return true ; } @@ -1629,11 +1629,11 @@ bool OpenPGPSDKHandler::locked_syncPublicKeyring() #else if(-1 == stat64(_pubring_path.c_str(), &buf)) #endif - std::cerr << "OpenPGPSDKHandler::syncDatabase(): can't stat file " << _pubring_path << ". Can't sync public keyring." << std::endl; + RsErr() << "OpenPGPSDKHandler::syncDatabase(): can't stat file " << _pubring_path << ". Can't sync public keyring." ; if(_pubring_last_update_time < buf.st_mtime) { - std::cerr << "Detected change on disk of public keyring. Merging!" << std::endl ; + RsErr() << "Detected change on disk of public keyring. Merging!" << std::endl ; locked_mergeKeyringFromDisk(_pubring,_public_keyring_map,_pubring_path) ; _pubring_last_update_time = buf.st_mtime ; @@ -1644,19 +1644,19 @@ bool OpenPGPSDKHandler::locked_syncPublicKeyring() { std::string tmp_keyring_file = _pubring_path + ".tmp" ; - std::cerr << "Local changes in public keyring. Writing to disk..." << std::endl; + RsErr() << "Local changes in public keyring. Writing to disk..." ; if(!ops_write_keyring_to_file(_pubring,ops_false,tmp_keyring_file.c_str(),ops_true)) { - std::cerr << "Cannot write public keyring tmp file. Disk full? Disk quota exceeded?" << std::endl; + RsErr() << "Cannot write public keyring tmp file. Disk full? Disk quota exceeded?" ; return false ; } if(!RsDirUtil::renameFile(tmp_keyring_file,_pubring_path)) { - std::cerr << "Cannot rename tmp pubring file " << tmp_keyring_file << " into actual pubring file " << _pubring_path << ". Check writing permissions?!?" << std::endl; + RsErr() << "Cannot rename tmp pubring file " << tmp_keyring_file << " into actual pubring file " << _pubring_path << ". Check writing permissions?!?" ; return false ; } - std::cerr << "Done." << std::endl; + RsErr() << "Done." ; _pubring_last_update_time = time(NULL) ; // should we get this value from the disk instead?? _pubring_changed = false ; } @@ -1668,7 +1668,7 @@ void OpenPGPSDKHandler::locked_mergeKeyringFromDisk(ops_keyring_t *keyring, const std::string& keyring_file) { #ifdef DEBUG_PGPHANDLER - std::cerr << "Merging keyring " << keyring_file << " from disk to memory." << std::endl; + RsErr() << "Merging keyring " << keyring_file << " from disk to memory." ; #endif // 1 - load keyring into a temporary keyring list. @@ -1676,7 +1676,7 @@ void OpenPGPSDKHandler::locked_mergeKeyringFromDisk(ops_keyring_t *keyring, if(ops_false == ops_keyring_read_from_file(tmp_keyring, false, keyring_file.c_str())) { - std::cerr << "OpenPGPSDKHandler::locked_mergeKeyringFromDisk(): cannot read keyring. File corrupted?" ; + RsErr() << "OpenPGPSDKHandler::locked_mergeKeyringFromDisk(): cannot read keyring. File corrupted?" ; ops_keyring_free(tmp_keyring) ; return ; } @@ -1702,7 +1702,7 @@ bool OpenPGPSDKHandler::removeKeysFromPGPKeyring(const std::set& keys_t for(std::set::const_iterator it(keys_to_remove.begin());it!=keys_to_remove.end();++it) if(locked_getSecretKey(*it) != NULL) { - std::cerr << "(EE) OpenPGPSDKHandler:: can't remove key " << (*it).toStdString() << " since its shared by a secret key! Operation cancelled." << std::endl; + RsErr() << "(EE) OpenPGPSDKHandler:: can't remove key " << (*it).toStdString() << " since its shared by a secret key! Operation cancelled." ; error_code = PGP_KEYRING_REMOVAL_ERROR_CANT_REMOVE_SECRET_KEYS ; return false ; } @@ -1723,7 +1723,7 @@ bool OpenPGPSDKHandler::removeKeysFromPGPKeyring(const std::set& keys_t if(mktemp(template_name) == NULL) #endif { - std::cerr << "OpenPGPSDKHandler::removeKeysFromPGPKeyring(): cannot create keyring backup file. Giving up." << std::endl; + RsErr() << "OpenPGPSDKHandler::removeKeysFromPGPKeyring(): cannot create keyring backup file. Giving up." ; error_code = PGP_KEYRING_REMOVAL_ERROR_CANNOT_CREATE_BACKUP ; return false ; } @@ -1733,13 +1733,13 @@ bool OpenPGPSDKHandler::removeKeysFromPGPKeyring(const std::set& keys_t if(!ops_write_keyring_to_file(_pubring,ops_false,template_name,ops_true)) { - std::cerr << "OpenPGPSDKHandler::removeKeysFromPGPKeyring(): cannot write keyring backup file. Giving up." << std::endl; + RsErr() << "OpenPGPSDKHandler::removeKeysFromPGPKeyring(): cannot write keyring backup file. Giving up." ; error_code = PGP_KEYRING_REMOVAL_ERROR_CANNOT_WRITE_BACKUP ; return false ; } backup_file = std::string(template_name,_pubring_path.length()+7) ; - std::cerr << "Keyring was backed up to file " << backup_file << std::endl; + RsErr() << "Keyring was backed up to file " << backup_file ; // Remove keys from the keyring, and update the keyring map. // @@ -1747,7 +1747,7 @@ bool OpenPGPSDKHandler::removeKeysFromPGPKeyring(const std::set& keys_t { if(locked_getSecretKey(*it) != NULL) { - std::cerr << "(EE) OpenPGPSDKHandler:: can't remove key " << (*it).toStdString() << " since its shared by a secret key!" << std::endl; + RsErr() << "(EE) OpenPGPSDKHandler:: can't remove key " << (*it).toStdString() << " since its shared by a secret key!" ; continue ; } @@ -1755,13 +1755,13 @@ bool OpenPGPSDKHandler::removeKeysFromPGPKeyring(const std::set& keys_t if(res == _public_keyring_map.end()) { - std::cerr << "(EE) OpenPGPSDKHandler:: can't remove key " << (*it).toStdString() << " from keyring: key not found." << std::endl; + RsErr() << "(EE) OpenPGPSDKHandler:: can't remove key " << (*it).toStdString() << " from keyring: key not found." ; continue ; } if(res->second._key_index >= (unsigned int)_pubring->nkeys || RsPgpId(_pubring->keys[res->second._key_index].key_id) != *it) { - std::cerr << "(EE) OpenPGPSDKHandler:: can't remove key " << (*it).toStdString() << ". Inconsistency found." << std::endl; + RsErr() << "(EE) OpenPGPSDKHandler:: can't remove key " << (*it).toStdString() << ". Inconsistency found." ; error_code = PGP_KEYRING_REMOVAL_ERROR_DATA_INCONSISTENCY ; return false ; } diff --git a/libretroshare/src/pgp/pgphandler.cc b/libretroshare/src/pgp/pgphandler.cc index 3a5eaf837..850338868 100644 --- a/libretroshare/src/pgp/pgphandler.cc +++ b/libretroshare/src/pgp/pgphandler.cc @@ -67,33 +67,33 @@ PGPHandler::~PGPHandler() bool PGPHandler::printKeys() const { #ifdef DEBUG_PGPHANDLER - std::cerr << "Printing details of all " << std::dec << _public_keyring_map.size() << " keys: " << std::endl; + RsErr() << "Printing details of all " << std::dec << _public_keyring_map.size() << " keys: " ; #endif for(std::map::const_iterator it(_public_keyring_map.begin()); it != _public_keyring_map.end(); ++it) { - std::cerr << "PGP Key: " << it->first.toStdString() << std::endl; + RsErr() << "PGP Key: " << it->first.toStdString() ; - std::cerr << "\tName : " << it->second._name << std::endl; - std::cerr << "\tEmail : " << it->second._email << std::endl; - std::cerr << "\tOwnSign : " << (it->second._flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_HAS_OWN_SIGNATURE) << std::endl; - std::cerr << "\tAccept Connect: " << (it->second._flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_ACCEPT_CONNEXION) << std::endl; - std::cerr << "\ttrustLvl : " << it->second._trustLvl << std::endl; - std::cerr << "\tvalidLvl : " << it->second._validLvl << std::endl; - std::cerr << "\tUse time stamp: " << it->second._time_stamp << std::endl; - std::cerr << "\tfingerprint : " << it->second._fpr.toStdString() << std::endl; - std::cerr << "\tSigners : " << it->second.signers.size() << std::endl; + RsErr() << "\tName : " << it->second._name ; + RsErr() << "\tEmail : " << it->second._email ; + RsErr() << "\tOwnSign : " << (it->second._flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_HAS_OWN_SIGNATURE) ; + RsErr() << "\tAccept Connect: " << (it->second._flags & PGPCertificateInfo::PGP_CERTIFICATE_FLAG_ACCEPT_CONNEXION) ; + RsErr() << "\ttrustLvl : " << it->second._trustLvl ; + RsErr() << "\tvalidLvl : " << it->second._validLvl ; + RsErr() << "\tUse time stamp: " << it->second._time_stamp ; + RsErr() << "\tfingerprint : " << it->second._fpr.toStdString() ; + RsErr() << "\tSigners : " << it->second.signers.size() ; std::set::const_iterator sit; for(sit = it->second.signers.begin(); sit != it->second.signers.end(); ++sit) { - std::cerr << "\t\tSigner ID:" << (*sit).toStdString() << ", Name: " ; + RsErr() << "\t\tSigner ID:" << (*sit).toStdString() << ", Name: " ; const PGPCertificateInfo *info = PGPHandler::getCertificateInfo(*sit) ; if(info != NULL) - std::cerr << info->_name ; + RsErr() << info->_name ; - std::cerr << std::endl ; + RsErr() << std::endl ; } } return true ; @@ -117,7 +117,7 @@ void PGPHandler::updateOwnSignatureFlag(const RsPgpId& own_id) if(_public_keyring_map.find(own_id)==_public_keyring_map.end()) { - std::cerr << __func__ << ": key with id=" << own_id.toStdString() << " not in keyring." << std::endl; + RsErr() << __func__ << ": key with id=" << own_id.toStdString() << " not in keyring." ; // return now, because the following operation would add an entry to _public_keyring_map return; } @@ -135,7 +135,7 @@ void PGPHandler::updateOwnSignatureFlag(const RsPgpId& cert_id,const RsPgpId& ow if(it == _public_keyring_map.end()) { - std::cerr << "updateOwnSignatureFlag: Cannot get certificate for string " << cert_id.toStdString() << ". This is probably a bug." << std::endl; + RsErr() << "updateOwnSignatureFlag: Cannot get certificate for string " << cert_id.toStdString() << ". This is probably a bug." ; return ; } @@ -234,7 +234,7 @@ bool PGPHandler::privateTrustCertificate(const RsPgpId& id,int trustlvl) { if(trustlvl < 0 || trustlvl >= 6 || trustlvl == 1) { - std::cerr << "Invalid trust level " << trustlvl << " passed to privateTrustCertificate." << std::endl; + RsErr() << "Invalid trust level " << trustlvl << " passed to privateTrustCertificate." ; return false ; } @@ -242,7 +242,7 @@ bool PGPHandler::privateTrustCertificate(const RsPgpId& id,int trustlvl) if(it == _public_keyring_map.end()) { - std::cerr << "(EE) Key id " << id.toStdString() << " not in the keyring. Can't setup trust level." << std::endl; + RsErr() << "(EE) Key id " << id.toStdString() << " not in the keyring. Can't setup trust level." ; return false ; } @@ -266,12 +266,12 @@ void PGPHandler::locked_readPrivateTrustDatabase() { FILE *fdb = RsDirUtil::rs_fopen(_trustdb_path.c_str(),"rb") ; #ifdef DEBUG_PGPHANDLER - std::cerr << "PGPHandler: Reading private trust database." << std::endl; + RsErr() << "PGPHandler: Reading private trust database." ; #endif if(fdb == NULL) { - std::cerr << " private trust database not found. No trust info loaded." << std::endl ; + RsErr() << " private trust database not found. No trust info loaded." << std::endl ; return ; } std::map::iterator it ; @@ -284,12 +284,12 @@ void PGPHandler::locked_readPrivateTrustDatabase() if(it == _public_keyring_map.end()) { - std::cerr << " (WW) Trust packet found for unknown key id " << RsPgpId(trustpacket.user_id).toStdString() << std::endl; + RsErr() << " (WW) Trust packet found for unknown key id " << RsPgpId(trustpacket.user_id).toStdString() ; continue ; } if(trustpacket.trust_level > 6) { - std::cerr << " (WW) Trust packet found with unexpected trust level " << trustpacket.trust_level << std::endl; + RsErr() << " (WW) Trust packet found with unexpected trust level " << trustpacket.trust_level ; continue ; } @@ -302,19 +302,19 @@ void PGPHandler::locked_readPrivateTrustDatabase() fclose(fdb) ; - std::cerr << "PGPHandler: Successfully read " << std::hex << n_packets << std::dec << " trust packets." << std::endl; + RsErr() << "PGPHandler: Successfully read " << std::hex << n_packets << std::dec << " trust packets." ; } bool PGPHandler::locked_writePrivateTrustDatabase() { FILE *fdb = RsDirUtil::rs_fopen((_trustdb_path+".tmp").c_str(),"wb") ; #ifdef DEBUG_PGPHANDLER - std::cerr << "PGPHandler: Reading private trust database." << std::endl; + RsErr() << "PGPHandler: Reading private trust database." ; #endif if(fdb == NULL) { - std::cerr << " (EE) Can't open private trust database file " << _trustdb_path << " for write. Giving up!" << std::endl ; + RsErr() << " (EE) Can't open private trust database file " << _trustdb_path << " for write. Giving up!" << std::endl ; return false; } PrivateTrustPacket trustpacket ; @@ -332,7 +332,7 @@ bool PGPHandler::locked_writePrivateTrustDatabase() if(fwrite((void*)&trustpacket,sizeof(PrivateTrustPacket),1,fdb) != 1) { - std::cerr << " (EE) Cannot write to trust database " << _trustdb_path << ". Disc full, or quota exceeded ? Leaving database untouched." << std::endl; + RsErr() << " (EE) Cannot write to trust database " << _trustdb_path << ". Disc full, or quota exceeded ? Leaving database untouched." ; fclose(fdb) ; return false; } @@ -342,7 +342,7 @@ bool PGPHandler::locked_writePrivateTrustDatabase() if(!RsDirUtil::renameFile(_trustdb_path+".tmp",_trustdb_path)) { - std::cerr << " (EE) Cannot move temp file " << _trustdb_path+".tmp" << ". Bad write permissions?" << std::endl; + RsErr() << " (EE) Cannot move temp file " << _trustdb_path+".tmp" << ". Bad write permissions?" ; return false ; } else @@ -360,13 +360,13 @@ bool PGPHandler::locked_syncTrustDatabase() if(-1 == stat64(_trustdb_path.c_str(), &buf)) #endif { - std::cerr << "PGPHandler::syncDatabase(): can't stat file " << _trustdb_path << ". Will force write it." << std::endl; + RsErr() << "PGPHandler::syncDatabase(): can't stat file " << _trustdb_path << ". Will force write it." ; _trustdb_changed = true ; // we force write of trust database if it does not exist. } if(_trustdb_last_update_time < buf.st_mtime) { - std::cerr << "Detected change on disk of trust database. " << std::endl ; + RsErr() << "Detected change on disk of trust database. " << std::endl ; locked_readPrivateTrustDatabase(); _trustdb_last_update_time = time(NULL) ; @@ -374,12 +374,12 @@ bool PGPHandler::locked_syncTrustDatabase() if(_trustdb_changed) { - std::cerr << "Local changes in trust database. Writing to disk..." << std::endl; + RsErr() << "Local changes in trust database. Writing to disk..." ; if(!locked_writePrivateTrustDatabase()) - std::cerr << "Cannot write trust database. Disk full? Disk quota exceeded?" << std::endl; + RsErr() << "Cannot write trust database. Disk full? Disk quota exceeded?" ; else { - std::cerr << "Done." << std::endl; + RsErr() << "Done." ; _trustdb_last_update_time = time(NULL) ; _trustdb_changed = false ; }