importing public keys doesn't work

[TLINDEN]

I already reported it by mail, to be complete I repeat it here as well: when importing a public key with pbp, an error occurs:

pbp -b . -X -i alice.pbp 
Traceback (most recent call last):
  File "/usr/local/bin/pbp", line 9, in <module>
    load_entry_point('pbp==0.2', 'console_scripts', 'pbp')()
  File "build/bdist.freebsd-9.1-RELEASE-p4-amd64/egg/pbp/main.py", line 187, in main
  File "build/bdist.freebsd-9.1-RELEASE-p4-amd64/egg/pbp/pbp.py", line 314, in import_handler
  File "build/bdist.freebsd-9.1-RELEASE-p4-amd64/egg/pbp/publickey.py", line 63, in save
  File "build/bdist.freebsd-9.1-RELEASE-p4-amd64/egg/pbp/publickey.py", line 41, in __getattr__
  File "build/bdist.freebsd-9.1-RELEASE-p4-amd64/egg/pbp/publickey.py", line 114, in loadkey
ValueError: missing key

The problem is in Identity.__getattr__() where pbp tries to load a secret key with the name of the imported key, because the variable publicOnly is False.

Also it does the parameter check only if the attribute starts with ^s and tries to call loadkey() even for the created and valid parameters.

Then I made the following changes:

diff --git a/pbp/pbp.py b/pbp/pbp.py
index af0fdc8..4c4ece4 100755
--- a/pbp/pbp.py
+++ b/pbp/pbp.py
@@ -4,7 +4,7 @@ import getpass, sys, struct
 from utils import b85encode, b85decode, lockmem, inputfd, outputfd
 from SecureString import clearmem
 import chaining, publickey, ecdh
-
+import datetime
 ASYM_CIPHER = 5
 BLOCK_CIPHER = 23
 BLOCK_SIZE = 32*1024
@@ -299,6 +299,9 @@ def import_handler(infile=None, basedir=None):
     peer.cp = keys[nacl.crypto_sign_PUBLICKEYBYTES:nacl.crypto_sign_PUBLICKEYBYTES*2]
     peer.sp = keys[nacl.crypto_sign_PUBLICKEYBYTES*2:nacl.crypto_sign_PUBLICKEYBYTES*3]
     # TODO check if key exists, then ask for confirmation of pk overwrite
+    peer.publicOnly = True
+    peer.created = datetime.datetime.utcnow()
+    peer.valid = datetime.datetime.utcnow() + datetime.timedelta(days=365)
     peer.save()
     return name

and

diff --git a/pbp/publickey.py b/pbp/publickey.py
index e1102d9..e19a33c 100755
--- a/pbp/publickey.py
+++ b/pbp/publickey.py
@@ -37,7 +37,7 @@ class Identity(object):
     def __getattr__(self,name):
         if name in ['ms', 'mp', 'cs', 'cp',
                     'ss', 'sp', 'created', 'valid']:
-            if name[1:]=='s' and self.publicOnly: return None
+            if name[1:] in ('s', 'c', 'v') and self.publicOnly: return None
             self.loadkey(name)
             return getattr(self, name)

then pbp at least doesn't try to load some - nonexisting - secret key, but instead dies with this message:

pbp -b . -X -i alice.pbp 
Traceback (most recent call last):
  File "/usr/local/bin/pbp", line 9, in <module>
    load_entry_point('pbp==0.2', 'console_scripts', 'pbp')()
  File "build/bdist.freebsd-9.1-RELEASE-p4-amd64/egg/pbp/main.py", line 187, in main
  File "build/bdist.freebsd-9.1-RELEASE-p4-amd64/egg/pbp/pbp.py", line 316, in import_handler
  File "build/bdist.freebsd-9.1-RELEASE-p4-amd64/egg/pbp/publickey.py", line 69, in save
  File "build/bdist.freebsd-9.1-RELEASE-p4-amd64/egg/pbp/publickey.py", line 126, in savepublickeys
  File "build/bdist.linux-x86_64/egg/pysodium/__init__.py", line 140, in crypto_sign
ValueError

So, after successfully decoding the b85 encoded pubkey (by using the patch in issue#10), verifying the signature of the result and extracting all 3 public keys (mp, cp, sp) it tries to save it in it's native format and while doing so, it tries to sign the pk using self.ms, which of course doesn't exist, since we're importing an external public key.

I'm not sure, how to fix this, IMHO it's a design problem. I think the best solution would be to store the signature of the import file in the Identity object and write it out as is. When later reading in a pk from disk, pbp has to verify that signature without the dates though.

best regards, Tom

[stef]

should be fixed with 3f3ba35 - i also added a new test case for catching this error. thx!

[TLINDEN]

Hi,

ok, now I can import public keys which were previously exported by pbp. But I can't import keys exported by pcp. However, in pcp I can import pbp-keys AND pbp-keys created by pcp.

The message is the same:

$ pbp -X -i alice.pbp 
Traceback (most recent call last):
  File "/usr/local/bin/pbp", line 9, in <module>
    load_entry_point('pbp==0.2.1', 'console_scripts', 'pbp')()
  File "build/bdist.freebsd-9.1-RELEASE-p4-amd64/egg/pbp/main.py", line 187, in main
  File "build/bdist.freebsd-9.1-RELEASE-p4-amd64/egg/pbp/pbp.py", line 299, in import_handler
  File "build/bdist.linux-x86_64/egg/pysodium/__init__.py", line 152, in crypto_sign_open
ValueError

Here's the key:

e(^ULDlDlpaNScQ#b_cRuxyq0wH0V!^#@f@4nqrjg^FbGu*BQ;9GE;I8qYIdqp`!FtJd%`*
Ta^5-(2qjc0)3|<5E*+$na^08*}ejlD>`z*w+;CJ~O1@&@pIwwR$U=-a$|{q3o=fzc8-VO53`6
_Uh}QE-{5T_p<y4c0)3|<5E*+$na^08*}ejlD>`z*w+;CJ~O1@&@pIwL2PMbWdHyG

(remove the newlines before trying).

And here are the raw values in there (hex %02x):

edpub: 764332bbe3525367c8f069871b73ef5992be8e08d8d714f13e33a4e1d031687a <= mp
  pub: b57a2b99de415036a1ecac98bf30aed54adbba7af6eaeba12e318538f7b2fc07 <= cp
edpub: 764332bbe3525367c8f069871b73ef5992be8e08d8d714f13e33a4e1d031687a <= sp
  sig: 7ef137182a2ca93370dd5323c5682220b06c95f7b5156860f50755500e430b7b
       858a64f0b0c4dbf61c983c211acf335fa3b1c3a0abd6f032d7c3967ddf5cef01

I'm not really sure, what is the problem with it. Any idea? There's some issue with key.mp I think. Since there's no such thing in pcp (yet), I just use the signing pk for both: mp and sp in the pbp-export.

• Tom

[TLINDEN]

Update: I added the same hex dumper to pbp/pbp.import_handler() just to see, what pbp sees from my input. This is the output:

pbp -b . -X -i alice.pbp 
mp: 764332bbe3525367c8f069871b73ef5992be8e08d8d714f13e33a4e1d031687a
cp: b57a2b99de415036a1ecac98bf30aed54adbba7af6eaeba12e318538f7b2fc07
sp: 764332bbe3525367c8f069871b73ef5992be8e08d8d714f13e33a4e1d031687a
sig: 7ef137182a2ca93370dd5323c5682220b06c95f7b5156860f50755500e430b7b
     858a64f0b0c4dbf61c983c211acf335fa3b1c3a0abd6f032d7c3967ddf5cef01
Traceback (most recent call last):
  File "/usr/local/bin/pbp", line 9, in <module>
    load_entry_point('pbp==0.2.1', 'console_scripts', 'pbp')()
  File "build/bdist.freebsd-9.1-RELEASE-p4-amd64/egg/pbp/main.py", line 187, in main
  File "build/bdist.freebsd-9.1-RELEASE-p4-amd64/egg/pbp/pbp.py", line 309, in import_handler
  File "build/bdist.linux-x86_64/egg/pysodium/__init__.py", line 152, in crypto_sign_open
ValueError

So, as you can see, those are the very same values, pcp1 sees when writing the export.

[TLINDEN]

argh, the export format changed, now it includes the dates and the order of keys changed as well. So I changed my code too, but it just doesn't work. Can't import from pbp and pbp can't import from pcp (same error: crypto_sign_open() fails).

PS: now the import of pbp keys in pcp fails with signature verification error as well. what a nightmare...

[TLINDEN]

ok, now the import works, but only if the patch of issue#10 is re-applied:

$ pcp1 -V va -b -p -O alice.pbp -D
Enter passphrase to decrypt your secret key for signing the export: 
  mp (0032): 764332bbe3525367c8f069871b73ef5992be8e08d8d714f13e33a4e1d031687a
  cp (0032): b57a2b99de415036a1ecac98bf30aed54adbba7af6eaeba12e318538f7b2fc07
  sp (0032): 764332bbe3525367c8f069871b73ef5992be8e08d8d714f13e33a4e1d031687a
name (0005): 416c696365
 sig (0229): d349f53407277ea9aec81dc57accc85e17eb90c966db2588ca894e921205b5ed13316c80
             3ee5067e80a5cd36ccbfe2012547c2f5b66c3d66418400c80317b701764332bbe3525367
             c8f069871b73ef5992be8e08d8d714f13e33a4e1d031687a764332bbe3525367c8f06987
             1b73ef5992be8e08d8d714f13e33a4e1d031687ab57a2b99de415036a1ecac98bf30aed5
             4adbba7af6eaeba12e318538f7b2fc07323031342d30322d30365430393a33333a343620
             202020202020202020202020323031342d30322d30365430393a33333a34362020202020
             2020202020202020416c696365
public key exported in PBP format.

$ pbp -b . -X -i alice.pbp 
mp: 764332bbe3525367c8f069871b73ef5992be8e08d8d714f13e33a4e1d031687a
sp: 764332bbe3525367c8f069871b73ef5992be8e08d8d714f13e33a4e1d031687a
cp: b57a2b99de415036a1ecac98bf30aed54adbba7af6eaeba12e318538f7b2fc07
sig: d349f53407277ea9aec81dc57accc85e17eb90c966db2588ca894e921205b5ed13316c803ee5067e80a5cd36ccbfe2012547c2f5b66c3d66418400c80317b701764332bbe3525367c8f069871b73ef5992be8e08d8d714f13e33a4e1d031687a764332bbe3525367c8f069871b73ef5992be8e08d8d714f13e33a4e1d031687ab57a2b99de415036a1ecac98bf30aed54adbba7af6eaeba12e318538f7b2fc07323031342d30322d30365430393a33333a343620202020202020202020202020323031342d30322d30365430393a33333a343620202020202020202020202020416c696365
dates: 2014-02-06T09:33:46             2014-02-06T09:33:46             
name: Alice
backing up existing key to ./pk/Alice.pk.old
Success: imported public keys for Alice

god...

[TLINDEN]

Ok, now I found what was missing: the call to b85decode() in pbp.export_handler() has to set the 2nd argument to true:

  return b85encode(pkt, True)

And, as already mentioned, the padding patch of issue#10 has to be applied. Then export and import works in both directions:

PBP => PCP:

$ pbp -b . -x --self Tom > tom.pbp 
Passphrase for decrypting master key for Tom: 

$ pcp1 -V vx -P -I tom.pbp -b
key 0x61E05C2AA4803742 added to vx.

 $ pcp1 -V vx -l              
Key ID               Type      Creation Time        Owner
0x61E05C2AA4803742    public   2014-02-06T07:31:00  Tom <>

PCP => PBP:

 $ pcp1 -V va -b -p -O alice.pbp   
Enter passphrase to decrypt your secret key for signing the export: 
public key exported in PBP format.

$ pbp -b . -X -i alice.pbp 
Success: imported public keys for Alice

 $ pbp -b .  -l
invalid 9163 3781 9b14 ea5b 010b 7487 61fd dd46 Alice
valid 9275 5a5d 5375 bb49 d096 e0c5 1261 a575 Bob

Now, how about that? :)

There's one issue left though, pbp marks the imported key as "invalid" for whatever reason.

[stef]

very cool! can you send a pull request to merge this?

[TLINDEN]

ok, sent it.