Open gwenhastings opened 10 years ago
gwenhastings
commented
10 years ago made the directory /opt/local/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pysodium/pycache/ then chmod a+rwxt /opt/local/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pysodium/pycache/
problem solved
stef
commented
10 years ago howdy, i just released a new version of pysodium, that moved away from cffi to ctypes, so this issue should never come up again. could you try with a fresh install of pysodium/pbp to confirm this? you can keep your key/config directories of course. see https://github.com/stef/pbp/issues/6
gwenhastings
commented
10 years ago oops after ssudo pip uninstall pysodium/pbp and then a suso pip reinstall MacBook-Pro:~ gwen$ sudo pip uninstall pysodium
Uninstalling pysodium:
/opt/local/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pysodium-0.5.9.1-py2.7.egg-info
/opt/local/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pysodium/init.py
/opt/local/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pysodium/init.pyc
/opt/local/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pysodium/sodium.py
/opt/local/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pysodium/sodium.pyc
Proceed (y/n)? y
Successfully uninstalled pysodium
MacBook-Pro:~ gwen$ pbp
Traceback (most recent call last):
File "/opt/local/Library/Frameworks/Python.framework/Versions/2.7/bin/pbp", line 5, in
Requirement already satisfied (use --upgrade to upgrade): cffi in /opt/local/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages (from pbp) Requirement already satisfied (use --upgrade to upgrade): scrypt in /opt/local/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages (from pbp) Downloading/unpacking pysodium (from pbp) Downloading pysodium-0.6.tar.gz Running setup.py (path:/private/tmp/pip_build_root/pysodium/setup.py) egg_info for package pysodium
Requirement already satisfied (use --upgrade to upgrade): SecureString in /opt/local/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages (from pbp) Requirement already satisfied (use --upgrade to upgrade): pycparser in /opt/local/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages (from cffi->pbp) Installing collected packages: pbp, pysodium Running setup.py install for pbp
Installing pbp script to /opt/local/Library/Frameworks/Python.framework/Versions/2.7/binRunning setup.py install for pysodium
Successfully installed pbp pysodium
Cleaning up...
MacBook-Pro:~ gwen$ pbp
Traceback (most recent call last):
File "/opt/local/Library/Frameworks/Python.framework/Versions/2.7/bin/pbp", line 9, in
gwens-MacBook-Pro:~ gwen$
gwens-MacBook-Pro:~ gwen$ sudo pip install libsodium
sudo: pip: command not found
gwens-MacBook-Pro:~ gwen$ . ~/.profile
gwens-MacBook-Pro:~ gwen$ sudo pip install libsodium
Downloading/unpacking libsodium
^CCleaning up...
Operation cancelled by user
Storing debug log for failure in /Users/gwen/.pip/pip.log
gwens-MacBook-Pro:~ gwen$ sudo [prt install libsodium
sudo: [prt: command not found
gwens-MacBook-Pro:~ gwen$ sudo port install libsodium
---> Cleaning libsodium
---> Scanning binaries for linking errors: 100.0%
---> No broken files found.
gwens-MacBook-Pro:~ gwen$ vi new
gwens-MacBook-Pro:~ gwen$ pbp
Traceback (most recent call last):
File "/opt/local/Library/Frameworks/Python.framework/Versions/2.7/bin/pbp", line 9, in
Any suggestions?
DrWhax
commented
10 years ago It can't seem to open libsodium.so.6. can it find libsodium.so? What if you provide a symlink from libsodium.so to libsodium.so.6?
stef
commented
10 years ago dunno about freebsd, does it need ldconfig?
stef
commented
10 years ago i was told to try /etc/rc.d/ldconfig start
gwenhastings
commented
10 years ago no ldconfig on OSX an the ctypes cant find lib issue seems to be documented here https://www.google.com/search?q=%22OSError%3A+dlopen%28libsodium.so%2C+6%29%3A+image+not+found%22&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a&channel=fflb
and file on my libsodium by hand or by macports shows same arch as the python interpreter.. and this was NOT happening before this last change stef...and the migration to cytpes seems to have activated this bug(not that I even understand except to know that its a change in how the lib is called... for python) file /usr/local/lib/libsodium.4.dylib /usr/local/lib/libsodium.4.dylib: Mach-O 64-bit dynamically linked shared library x86_64 file /opt/local/lib/libsodium.4.dylib /opt/local/lib/libsodium.4.dylib: Mach-O 64-bit dynamically linked shared library x86_64 gwens-MacBook-Pro:crypto gwen$ sudo port uninstall libsodium ---> Deactivating libsodium @0.4.5_0 ---> Cleaning libsodium ---> Uninstalling libsodium @0.4.5_0 ---> Cleaning libsodium
also tried it in both locations with appropriate changes of LD_LIBRARY_CONFIG as well as path to change the interpreter used from macports to osx native
I am stumped for a moment...apparently libs on macosx are called something else from .so: https://stackoverflow.com/questions/11554355/mac-os-x-lion-python-ctype-cdll-error-lib-so-6-image-not-found
can you try out to change line 32 in pysodium/__init__.py to
sodium = ctypes.cdll.LoadLibrary("libsodium.dylib")working... ie that resolved the osx case
gwenhastings
commented
10 years ago uh stef? after you and Thomas get done, will I still be able to have a printable 32 byte public key? and we are aiming for some kind of gpg command line compatibility as much as possible?(to reuse most of the scripts and software already built for calling gpg from scripts etc) ouch I just tried the key-export and armor functions and got out
(=Q(P6b=tbfHtx;n>V(bn~Tgun}3aaajKbEfLt{2cFHyBPIk10b&vqLE1)V4l&-m?w86%$$hNKOwW}G2DN&dbRI4DyV;V}@mIeSFsfXh@l^9Ox?-=-M(F2yZ*-T$^@oA?$6I3UTt{Wc`-+1hD14}GLyC|HO|HGD}LiROzzF$kEt!O|FW>GSyEAecAsnQtrZTXf-QLGB7bTEifIF)&mxF*-9cIx;pcGBi0hH#Q(3ARr(hGB7bUEifIF)&mxF-9cIx;pcGBq$TH8&t2ARr(hbY_jNYh`%
as a result which is a far cry from my present pcp key for curve p25519:
1l0$WoM5C8z=yeZG7?$]f^Uu8.g>4rf#t^6mfW9(rr910
and to tell the truth after decades of enduring the pgp format and monstrosity that pgp keys became (dont even get me started on the abortion known as web of trust(evidence) ) I really prefer the smaller ??-85 presentation format for things like sigs etc...
will this be possible? gwen
stef
commented
10 years ago hmm, not directly. tom now also uses separate keys for encryption and signing, that means double the key size, however in pbp these two are considered "short-term", and there's a long-term signing key. so in pbp there's gonna be 3*32 bytes.
gwenhastings
commented
10 years ago hmm do these need to be represented in an external presentation format to allow someone to encrypt to moi?
gwenfor encryption not, for signing yes. for replacing short term keys, while having a trust anchor in the long term secret key, yes.
gwenhastings
commented
10 years ago and thus the thrust of my inquiry.. I still want a 32 byte external encryption key format for printing on business cards etc.(yes some of us still use same) .. having this would allow one to boot strap into longer key representations and go dark more easily in any conversation whether initiated offline or online. ie 32 random bytes are barely typeable.. 64 is beyond the pale for most folks to type(yes back in the day I hand toggled 4K 12bit programs into pdp8 etc) not no more...
stef
commented
10 years ago for that i would recommend to publish the long-term signing key, which you can then use to issue new encryption keys to your peers when needed.
gwenhastings
commented
10 years ago and a signing key wont encrypt the initial conversation I want my first conversation to be private when bootstrapping from a business card into an encrypted online conversation.. a long term key is not needed here but encryption from the start IS needed...(tradecraft reasons)
gwenhastings
commented
10 years ago so is it possible to have an option to export an encryption key alone or encryption and/or signing key ie I could then write a script to generate an encryption key for particular usages..
gwenhastings
commented
10 years ago or am I missing something and its(the option I am requesting ) already there? btw thanx for the fast response on the osx issue.
stef
commented
10 years ago you need different keys for signing and encrypting.
gwenhastings
commented
10 years ago yes I understand that.. but for a Person possessing a business card with an encryption key to contact me NO signature is necessary when I hand said business card in person to the recipient. I just want the ability to extract each keytype into its own printable representation, ie the above is merely one example, I can think of more in tradecraft where signatures are NOT necessary for secure comms just an encryption key.
and while someone MAY be willing to type 32 bytes in to be able to reach me 64 is OUT of the question and 96 keystrokes beyond the pale.
I will be testing next to export/import encryption and signature keys into datamatrix,QR and PDF -417 encodings for optical pickup, encryption + sig key is valuable for that use case and MITM attacks ARE of concern so sigs become important.
I am NOT a python programmer but I did install libsodium python 2.7 virtualenv py-dev and libffi from ports and keep getting the following
pbp Traceback (most recent call last): File "/opt/local/Library/Frameworks/Python.framework/Versions/2.7/bin/pbp", line 9, in
load_entry_point('pbp==0.2', 'console_scripts', 'pbp')()
File "/opt/local/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pkg_resources.py", line 352, in load_entry_point
return get_distribution(dist).load_entry_point(group, name)
File "/opt/local/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pkg_resources.py", line 2307, in load_entry_point
return ep.load()
File "/opt/local/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pkg_resources.py", line 2021, in load
entry = import(self.module_name, globals(),globals(), ['name'])
File "/opt/local/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pbp/main.py", line 5, in
import publickey
File "/opt/local/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pbp/publickey.py", line 2, in
import pysodium as nacl, scrypt # external dependencies
File "/opt/local/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pysodium/init.py", line 30, in
from pysodium import sodium
File "/opt/local/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pysodium/sodium.py", line 130, in
lib = ffi.verify("#include ", libraries=["sodium"])
File "/opt/local/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/cffi/api.py", line 339, in verify
lib = self.verifier.load_library()
File "/opt/local/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/cffi/verifier.py", line 73, in load_library
self._write_source()
File "/opt/local/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/cffi/verifier.py", line 125, in _write_source
file = open(self.sourcefilename, 'w')
IOError: [Errno 2] No such file or directory: '/opt/local/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pysodium/pycache/_cffi__x6f20fc6x6947e85f.c'
tried uninstalling and installing pbp via pip a couple of times(as well as libffi (via ports)) pyffi on the OSX 10.7 platform would seem to require python 3(I am stuck at python 2.7 for GNURADIO concerns)..
HELP? Suggestions?(and this is why I prefer delivery of security/crypto utils in c as the implementation vehicle tends to be more widely supported. python,ruby,java,what have you tends to be a bit more fragile with regards to the run time environment due to the additional layers of software infrastructure(and greatly increated local attack surface(host based attacks)) while warding off other classes of attacks... depends on where you want to draw your line in the sand.. and given I am very comfortable with c and the object code/linkages/machine code produced and NOT so comfy with python(as evidenced :)
ps will attempt openbsd amd64 5.1 next