4 ### Key management and distribution
6 ### (c) 2006 Straylight/Edgeware
9 ###----- Licensing notice ---------------------------------------------------
11 ### This file is part of Trivial IP Encryption (TrIPE).
13 ### TrIPE is free software; you can redistribute it and/or modify
14 ### it under the terms of the GNU General Public License as published by
15 ### the Free Software Foundation; either version 2 of the License, or
16 ### (at your option) any later version.
18 ### TrIPE is distributed in the hope that it will be useful,
19 ### but WITHOUT ANY WARRANTY; without even the implied warranty of
20 ### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 ### GNU General Public License for more details.
23 ### You should have received a copy of the GNU General Public License
24 ### along with TrIPE; if not, write to the Free Software Foundation,
25 ### Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
27 ###--------------------------------------------------------------------------
28 ### External dependencies.
38 from cStringIO import StringIO
42 ###--------------------------------------------------------------------------
43 ### Useful regular expressions
45 ## Match a comment or blank line.
46 rx_comment = RX.compile(r'^\s*(#|$)')
48 ## Match a KEY = VALUE assignment.
49 rx_keyval = RX.compile(r'^\s*([-\w]+)(?:\s+(?!=)|\s*=\s*)(|\S|\S.*\S)\s*$')
51 ## Match a ${KEY} substitution.
52 rx_dollarsubst = RX.compile(r'\$\{([-\w]+)\}')
54 ## Match a @TAG@ substitution.
55 rx_atsubst = RX.compile(r'@([-\w]+)@')
57 ## Match a single non-alphanumeric character.
58 rx_nonalpha = RX.compile(r'\W')
60 ## Match the literal string "<SEQ>".
61 rx_seq = RX.compile(r'\<SEQ\>')
63 ## Match a shell metacharacter.
64 rx_shmeta = RX.compile('[\\s`!"#$&*()\\[\\];\'|<>?\\\\]')
66 ## Match a character which needs escaping in a shell double-quoted string.
67 rx_shquote = RX.compile(r'["`$\\]')
69 ###--------------------------------------------------------------------------
70 ### Utility functions.
73 class SubprocessError (Exception): pass
74 class VerifyError (Exception): pass
76 ## Program name and identification.
77 quis = OS.path.basename(SYS.argv[0])
82 """Report MSG to standard error."""
83 SYS.stderr.write('%s: %s\n' % (quis, msg))
86 """Report MSG to standard error, and exit with code RC."""
90 def subst(s, rx, map):
92 Substitute values into a string.
94 Repeatedly match RX (a compiled regular expression) against the string S.
95 For each match, extract group 1, and use it as a key to index the MAP;
96 replace the match by the result. Finally, return the fully-substituted
101 for m in rx.finditer(s):
102 out.write(s[i:m.start()] + map[m.group(1)])
105 return out.getvalue()
107 def shell_quotify(arg):
109 Quotify ARG to keep the shell happy.
111 This isn't actually used for invoking commands, just for presentation
112 purposes; but correctness is still nice.
114 if not rx_shmeta.search(arg):
116 elif arg.find("'") == -1:
119 return '"%s"' % rx_shquote.sub(lambda m: '\\' + m.group(0), arg)
122 """Delete the directory tree given by PATH."""
126 if err.errno == ENOENT:
129 if not S_ISDIR(st.st_mode):
135 for i in OS.listdir('.'):
142 """Delete the named FILE if it exists; otherwise do nothing."""
146 if err.errno == ENOENT: return
151 Run a subprocess whose arguments are given by the string ARGS.
153 The ARGS are split at word boundaries, and then subjected to configuration
154 variable substitution (see conf_subst). Individual argument elements
155 beginning with `!' are split again into multiple arguments at word
158 args = map(conf_subst, args.split())
161 if len(a) > 0 and a[0] != '!':
164 nargs += a[1:].split()
166 print '+ %s' % ' '.join([shell_quotify(arg) for arg in args])
168 rc = OS.spawnvp(OS.P_WAIT, args[0], args)
170 raise SubprocessError, rc
172 def hexhyphens(bytes):
174 Convert a byte string BYTES into hex, with hyphens at each 4-byte boundary.
177 for i in xrange(0, len(bytes)):
178 if i > 0 and i % 4 == 0: out.write('-')
179 out.write('%02x' % ord(bytes[i]))
180 return out.getvalue()
182 def fingerprint(kf, ktag):
184 Compute the fingerprint of a key, using the user's selected hash.
186 KF is the name of a keyfile; KTAG is the tag of the key.
188 h = C.gchashes[conf['fingerprint-hash']]()
189 k = C.KeyFile(kf)[ktag].fingerprint(h, '-secret')
192 ###--------------------------------------------------------------------------
193 ### The configuration file.
196 class ConfigFileError (Exception): pass
198 ## The configuration dictionary.
203 Apply configuration substitutions to S.
205 That is, for each ${KEY} in S, replace it with the current value of the
206 configuration variable KEY.
208 return subst(s, rx_dollarsubst, conf)
212 Read the file F and insert assignments into the configuration dictionary.
217 if rx_comment.match(line): continue
218 if line[-1] == '\n': line = line[:-1]
219 match = rx_keyval.match(line)
221 raise ConfigFileError, "%s:%d: bad line `%s'" % (f, lno, line)
222 k, v = match.groups()
223 conf[k] = conf_subst(v)
227 Apply defaults to the configuration dictionary.
229 Fill in all the interesting configuration variables based on the existing
230 contents, as described in the manual.
232 for k, v in [('repos-base', 'tripe-keys.tar.gz'),
233 ('sig-base', 'tripe-keys.sig-<SEQ>'),
234 ('repos-url', '${base-url}${repos-base}'),
235 ('sig-url', '${base-url}${sig-base}'),
236 ('sig-file', '${base-dir}${sig-base}'),
237 ('repos-file', '${base-dir}${repos-base}'),
238 ('conf-file', '${base-dir}tripe-keys.conf'),
239 ('upload-hook', ': run upload hook'),
241 ('kx-genalg', lambda: {'dh': 'dh',
244 'x448': 'x448'}[conf['kx']]),
245 ('kx-param-genalg', lambda: {'dh': 'dh-param',
248 'x448': 'empty'}[conf['kx']]),
249 ('kx-param', lambda: {'dh': '-LS -b3072 -B256',
252 'x448': ''}[conf['kx']]),
253 ('kx-attrs', lambda: {'dh': 'serialization=constlen',
254 'ec': 'serialization=constlen',
256 'x448': ''}[conf['kx']]),
257 ('kx-expire', 'now + 1 year'),
258 ('kx-warn-days', '28'),
260 ('cipher', lambda: conf['bulk'] == 'naclbox'
261 and 'salsa20' or 'rijndael-cbc'),
263 ('master-keygen-flags', '-l'),
264 ('master-attrs', ''),
265 ('mgf', '${hash}-mgf'),
266 ('mac', lambda: conf['bulk'] == 'naclbox'
270 C.gchashes[conf['hash']].hashsz * 4)),
271 ('sig', lambda: {'dh': 'dsa',
274 'x448': 'ed448'}[conf['kx']]),
275 ('sig-fresh', 'always'),
276 ('sig-genalg', lambda: {'kcdsa': 'dh',
282 'ed25519': 'ed25519',
283 'ed448': 'ed448'}[conf['sig']]),
284 ('sig-param', lambda: {'dh': '-LS -b3072 -B256',
285 'dsa': '-b3072 -B256',
289 'ed448': ''}[conf['sig-genalg']]),
290 ('sig-hash', '${hash}'),
291 ('sig-expire', 'forever'),
292 ('fingerprint-hash', '${hash}')]:
294 if k in conf: continue
296 conf[k] = conf_subst(v)
299 except KeyError, exc:
300 if len(exc.args) == 0: raise
301 conf[k] = '<missing-var %s>' % exc.args[0]
303 ###--------------------------------------------------------------------------
304 ### Key-management utilities.
308 Iterate over the master keys.
310 if not OS.path.exists('master'):
312 for k in C.KeyFile('master').itervalues():
313 if (k.type != 'tripe-keys-master' or
315 not k.tag.startswith('master-')):
319 def master_sequence(k):
321 Return the sequence number of the given master key as an integer.
323 No checking is done that K is really a master key.
325 return int(k.tag[7:])
327 def max_master_sequence():
329 Find the master key with the highest sequence number and return this
333 for k in master_keys():
334 q = master_sequence(k)
340 Return the value of the configuration variable X, with <SEQ> replaced by
343 return rx_seq.sub(str(q), conf[x])
345 ###--------------------------------------------------------------------------
346 ### Commands: help [COMMAND...]
348 def version(fp = SYS.stdout):
349 fp.write('%s, %s version %s\n' % (quis, PACKAGE, VERSION))
352 fp.write('Usage: %s SUBCOMMAND [ARGS...]\n' % quis)
360 Key management utility for TrIPE.
364 -h, --help Show this help message.
365 -v, --version Show the version number.
366 -u, --usage Show pointlessly short usage string.
368 Subcommands available:
370 args = commands.keys()
373 try: func, min, max, help = commands[c]
374 except KeyError: die("unknown command `%s'" % c)
375 print '%s%s%s' % (c, help and ' ', help)
377 ###--------------------------------------------------------------------------
378 ### Commands: newmaster
380 def cmd_newmaster(args):
381 seq = max_master_sequence() + 1
382 run('''key -kmaster add
383 -a${sig-genalg} !${sig-param}
384 -e${sig-expire} !${master-keygen-flags} -tmaster-%d tripe-keys-master
385 sig=${sig} hash=${sig-hash} !${master-attrs}''' % seq)
386 run('key -kmaster extract -f-secret repos/master.pub')
388 ###--------------------------------------------------------------------------
393 run('''key -krepos/param add
394 -a${kx-param-genalg} !${kx-param}
395 -eforever -tparam tripe-param
396 kx-group=${kx} mgf=${mgf} mac=${mac}
397 bulk=${bulk} cipher=${cipher} hash=${hash} ${kx-attrs}''')
400 ###--------------------------------------------------------------------------
403 def cmd_upload(args):
405 ## Sanitize the repository directory
406 umask = OS.umask(0); OS.umask(umask)
408 for f in OS.listdir('repos'):
409 ff = OS.path.join('repos', f)
410 if (f.startswith('master') or f.startswith('peer-')) \
411 and f.endswith('.old'):
418 OS.symlink('../repos', 'tmp/repos')
422 ## Build the configuration file
423 seq = max_master_sequence()
424 v = {'MASTER-SEQUENCE': str(seq),
425 'HK-MASTER': hexhyphens(fingerprint('repos/master.pub',
427 fin = file('tripe-keys.master')
428 fout = file('tmp/tripe-keys.conf', 'w')
430 fout.write(subst(line, rx_atsubst, v))
431 fin.close(); fout.close()
432 SH.copyfile('tmp/tripe-keys.conf', conf_subst('${conf-file}.new'))
433 commit = [conf['repos-file'], conf['conf-file']]
435 ## Make and sign the repository archive
437 run('tar chozf ${repos-file}.new .')
439 for k in master_keys():
440 seq = master_sequence(k)
441 sigfile = seqsubst('sig-file', seq)
442 run('''catsign -kmaster sign -abdC -kmaster-%d
443 -o%s.new ${repos-file}.new''' % (seq, sigfile))
444 commit.append(sigfile)
446 ## Commit the changes
448 new = '%s.new' % base
451 ## Remove files in the base-dir which don't correspond to ones we just
454 basedir = conf['base-dir']
457 if base.startswith(basedir): allow[base[bdl:]] = 1
458 for found in OS.listdir(basedir):
459 if found not in allow: OS.remove(OS.path.join(basedir, found))
463 run('sh -c ${upload-hook}')
465 ###--------------------------------------------------------------------------
466 ### Commands: rebuild
468 def cmd_rebuild(args):
470 for i in OS.listdir('repos'):
471 if i.startswith('peer-') and i.endswith('.pub'):
472 run('key -kkeyring.pub merge %s' % OS.path.join('repos', i))
474 ###--------------------------------------------------------------------------
477 def cmd_update(args):
482 ## Fetch a new distribution
485 seq = int(conf['master-sequence'])
486 run('curl -sL -o tripe-keys.tar.gz ${repos-url}')
487 run('curl -sL -o tripe-keys.sig %s' % seqsubst('sig-url', seq))
488 run('tar xfz tripe-keys.tar.gz')
490 ## Verify the signature
491 want = C.bytes(rx_nonalpha.sub('', conf['hk-master']))
492 got = fingerprint('repos/master.pub', 'master-%d' % seq)
493 if want != got: raise VerifyError
494 run('''catsign -krepos/master.pub verify -avC -kmaster-%d
495 -t${sig-fresh} tripe-keys.sig tripe-keys.tar.gz''' % seq)
497 ## OK: update our copy
499 if OS.path.exists('repos'): OS.rename('repos', 'repos.old')
500 OS.rename('tmp/repos', 'repos')
501 if not FC.cmp('tmp/tripe-keys.conf', 'tripe-keys.conf', False):
502 moan('configuration file changed: recommend running another update')
503 OS.rename('tmp/tripe-keys.conf', 'tripe-keys.conf')
511 ###--------------------------------------------------------------------------
512 ### Commands: generate TAG
514 def cmd_generate(args):
516 keyring_pub = 'peer-%s.pub' % tag
517 zap('keyring'); zap(keyring_pub)
518 run('key -kkeyring merge repos/param')
519 run('key -kkeyring add -a${kx-genalg} -pparam -e${kx-expire} -t%s tripe' %
521 run('key -kkeyring extract -f-secret %s %s' % (keyring_pub, tag))
523 ###--------------------------------------------------------------------------
529 for i in OS.listdir('.'):
531 if r.endswith('.old'): r = r[:-4]
532 if (r == 'master' or r == 'param' or
533 r == 'keyring' or r == 'keyring.pub' or r.startswith('peer-')):
536 ###--------------------------------------------------------------------------
541 thresh = int(conf['kx-warn-days']) * 86400
542 if k.exptime == C.KEXP_FOREVER: return None
543 elif k.exptime == C.KEXP_EXPIRE: left = -1
544 else: left = k.exptime - now
546 return "key `%s' HAS EXPIRED" % k.tag
548 if left >= 86400: n, u, uu = left // 86400, 'day', 'days'
549 else: n, u, uu = left // 3600, 'hour', 'hours'
550 return "key `%s' EXPIRES in %d %s" % (k.tag, n, n == 1 and u or uu)
555 if OS.path.exists('keyring.pub'):
556 for k in C.KeyFile('keyring.pub').itervalues():
557 whinge = check_key(k)
558 if whinge is not None: print whinge
559 if OS.path.exists('master'):
561 for k in C.KeyFile('master').itervalues():
562 whinge = check_key(k)
563 if whinge is None: break
564 whinges.append(whinge)
566 for whinge in whinges: print whinge
568 ###--------------------------------------------------------------------------
572 macname = conf['mac']
573 index = macname.rindex('/')
574 if index == -1: tagsz = C.gcmacs[macname].tagsz
575 else: tagsz = int(macname[index + 1:])/8
579 mtu, = (lambda mtu = '1500': (mtu,))(*args)
582 mtu -= 20 # Minimum IP header
583 mtu -= 8 # UDP header
584 mtu -= 1 # TrIPE packet type octet
589 blksz = C.gcciphers[conf['cipher']].blksz
590 mtu -= mac_tagsz() # MAC tag
591 mtu -= 4 # Sequence number
592 mtu -= blksz # Initialization vector
595 mtu -= mac_tagsz() # MAC tag
596 mtu -= 4 # Sequence number
598 elif bulk == 'naclbox':
600 mtu -= 4 # Sequence number
603 die("Unknown bulk transform `%s'" % bulk)
607 ###--------------------------------------------------------------------------
610 commands = {'help': (cmd_help, 0, 1, ''),
611 'newmaster': (cmd_newmaster, 0, 0, ''),
612 'setup': (cmd_setup, 0, 0, ''),
613 'upload': (cmd_upload, 0, 0, ''),
614 'update': (cmd_update, 0, 0, ''),
615 'clean': (cmd_clean, 0, 0, ''),
616 'mtu': (cmd_mtu, 0, 1, '[PATH-MTU]'),
617 'check': (cmd_check, 0, 0, ''),
618 'generate': (cmd_generate, 1, 1, 'TAG'),
619 'rebuild': (cmd_rebuild, 0, 0, '')}
623 Load the appropriate configuration file and set up the configuration
626 for f in ['tripe-keys.master', 'tripe-keys.conf']:
627 if OS.path.exists(f):
634 Main program: parse options and dispatch to appropriate command handler.
637 opts, args = O.getopt(argv[1:], 'hvu',
638 ['help', 'version', 'usage'])
639 except O.GetoptError, exc:
644 if o in ('-h', '--help'):
647 elif o in ('-v', '--version'):
650 elif o in ('-u', '--usage'):
657 try: func, min, max, help = commands[c]
658 except KeyError: die("unknown command `%s'" % c)
660 if len(args) < min or (max is not None and len(args) > max):
661 SYS.stderr.write('Usage: %s %s%s%s\n' % (quis, c, help and ' ', help))
665 ###----- That's all, folks --------------------------------------------------
667 if __name__ == '__main__':