X-Git-Url: https://git.distorted.org.uk/~mdw/tripe/blobdiff_plain/fd42a1e558d856a1933385d7ed60e5fbe490f413..fb78e73aa6726c6f1c76bdd0a20b42f0eebb22de:/keys/tripe-keys.in?ds=inline
diff --git a/keys/tripe-keys.in b/keys/tripe-keys.in
index 1e56282b..4ec89e90 100644
--- a/keys/tripe-keys.in
+++ b/keys/tripe-keys.in
@@ -10,19 +10,18 @@
###
### This file is part of Trivial IP Encryption (TrIPE).
###
-### TrIPE is free software; you can redistribute it and/or modify
-### it under the terms of the GNU General Public License as published by
-### the Free Software Foundation; either version 2 of the License, or
-### (at your option) any later version.
+### TrIPE is free software: you can redistribute it and/or modify it under
+### the terms of the GNU General Public License as published by the Free
+### Software Foundation; either version 3 of the License, or (at your
+### option) any later version.
###
-### TrIPE is distributed in the hope that it will be useful,
-### but WITHOUT ANY WARRANTY; without even the implied warranty of
-### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-### GNU General Public License for more details.
+### TrIPE is distributed in the hope that it will be useful, but WITHOUT
+### ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+### FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+### for more details.
###
### You should have received a copy of the GNU General Public License
-### along with TrIPE; if not, write to the Free Software Foundation,
-### Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+### along with TrIPE. If not, see .
###--------------------------------------------------------------------------
### External dependencies.
@@ -30,9 +29,10 @@
import catacomb as C
import os as OS
import sys as SYS
-import sre as RX
+import re as RX
import getopt as O
import shutil as SH
+import time as T
import filecmp as FC
from cStringIO import StringIO
from errno import *
@@ -59,6 +59,12 @@ rx_nonalpha = RX.compile(r'\W')
## Match the literal string "".
rx_seq = RX.compile(r'\')
+## Match a shell metacharacter.
+rx_shmeta = RX.compile('[\\s`!"#$&*()\\[\\];\'|<>?\\\\]')
+
+## Match a character which needs escaping in a shell double-quoted string.
+rx_shquote = RX.compile(r'["`$\\]')
+
###--------------------------------------------------------------------------
### Utility functions.
@@ -97,6 +103,20 @@ def subst(s, rx, map):
out.write(s[i:])
return out.getvalue()
+def shell_quotify(arg):
+ """
+ Quotify ARG to keep the shell happy.
+
+ This isn't actually used for invoking commands, just for presentation
+ purposes; but correctness is still nice.
+ """
+ if not rx_shmeta.search(arg):
+ return arg
+ elif arg.find("'") == -1:
+ return "'%s'" % arg
+ else:
+ return '"%s"' % rx_shquote.sub(lambda m: '\\' + m.group(0), arg)
+
def rmtree(path):
"""Delete the directory tree given by PATH."""
try:
@@ -142,10 +162,11 @@ def run(args):
else:
nargs += a[1:].split()
args = nargs
- print '+ %s' % ' '.join(args)
+ print '+ %s' % ' '.join([shell_quotify(arg) for arg in args])
+ SYS.stdout.flush()
rc = OS.spawnvp(OS.P_WAIT, args[0], args)
if rc != 0:
- raise SubprocessError, rc
+ raise SubprocessError(rc)
def hexhyphens(bytes):
"""
@@ -196,7 +217,7 @@ def conf_read(f):
if line[-1] == '\n': line = line[:-1]
match = rx_keyval.match(line)
if not match:
- raise ConfigFileError, "%s:%d: bad line `%s'" % (f, lno, line)
+ raise ConfigFileError("%s:%d: bad line `%s'" % (f, lno, line))
k, v = match.groups()
conf[k] = conf_subst(v)
@@ -216,28 +237,55 @@ def conf_defaults():
('conf-file', '${base-dir}tripe-keys.conf'),
('upload-hook', ': run upload hook'),
('kx', 'dh'),
- ('kx-param', lambda: {'dh': '-LS -b2048 -B256',
- 'ec': '-Cnist-p256'}[conf['kx']]),
+ ('kx-genalg', lambda: {'dh': 'dh',
+ 'ec': 'ec',
+ 'x25519': 'x25519',
+ 'x448': 'x448'}[conf['kx']]),
+ ('kx-param-genalg', lambda: {'dh': 'dh-param',
+ 'ec': 'ec-param',
+ 'x25519': 'empty',
+ 'x448': 'empty'}[conf['kx']]),
+ ('kx-param', lambda: {'dh': '-LS -b3072 -B256',
+ 'ec': '-Cnist-p256',
+ 'x25519': '',
+ 'x448': ''}[conf['kx']]),
+ ('kx-attrs', lambda: {'dh': 'serialization=constlen',
+ 'ec': 'serialization=constlen',
+ 'x25519': '',
+ 'x448': ''}[conf['kx']]),
('kx-expire', 'now + 1 year'),
- ('cipher', 'blowfish-cbc'),
+ ('kx-warn-days', '28'),
+ ('bulk', 'iiv'),
+ ('cipher', lambda: conf['bulk'] == 'naclbox'
+ and 'salsa20' or 'rijndael-cbc'),
('hash', 'sha256'),
('master-keygen-flags', '-l'),
+ ('master-attrs', ''),
('mgf', '${hash}-mgf'),
- ('mac', lambda: '%s-hmac/%d' %
- (conf['hash'],
- C.gchashes[conf['hash']].hashsz * 4)),
- ('sig', lambda: {'dh': 'dsa', 'ec': 'ecdsa'}[conf['kx']]),
+ ('mac', lambda: conf['bulk'] == 'naclbox'
+ and 'poly1305/128'
+ or '%s-hmac/%d' %
+ (conf['hash'],
+ C.gchashes[conf['hash']].hashsz * 4)),
+ ('sig', lambda: {'dh': 'dsa',
+ 'ec': 'ecdsa',
+ 'x25519': 'ed25519',
+ 'x448': 'ed448'}[conf['kx']]),
('sig-fresh', 'always'),
('sig-genalg', lambda: {'kcdsa': 'dh',
'dsa': 'dsa',
'rsapkcs1': 'rsa',
'rsapss': 'rsa',
'ecdsa': 'ec',
- 'eckcdsa': 'ec'}[conf['sig']]),
- ('sig-param', lambda: {'dh': '-LS -b2048 -B256',
- 'dsa': '-b2048 -B256',
+ 'eckcdsa': 'ec',
+ 'ed25519': 'ed25519',
+ 'ed448': 'ed448'}[conf['sig']]),
+ ('sig-param', lambda: {'dh': '-LS -b3072 -B256',
+ 'dsa': '-b3072 -B256',
'ec': '-Cnist-p256',
- 'rsa': '-b2048'}[conf['sig-genalg']]),
+ 'rsa': '-b3072',
+ 'ed25519': '',
+ 'ed448': ''}[conf['sig-genalg']]),
('sig-hash', '${hash}'),
('sig-expire', 'forever'),
('fingerprint-hash', '${hash}')]:
@@ -321,8 +369,9 @@ Subcommands available:
args = commands.keys()
args.sort()
for c in args:
- func, min, max, help = commands[c]
- print '%s %s' % (c, help)
+ try: func, min, max, help = commands[c]
+ except KeyError: die("unknown command `%s'" % c)
+ print '%s%s%s' % (c, help and ' ', help)
###--------------------------------------------------------------------------
### Commands: newmaster
@@ -332,7 +381,7 @@ def cmd_newmaster(args):
run('''key -kmaster add
-a${sig-genalg} !${sig-param}
-e${sig-expire} !${master-keygen-flags} -tmaster-%d tripe-keys-master
- sig=${sig} hash=${sig-hash}''' % seq)
+ sig=${sig} hash=${sig-hash} !${master-attrs}''' % seq)
run('key -kmaster extract -f-secret repos/master.pub')
###--------------------------------------------------------------------------
@@ -341,9 +390,10 @@ def cmd_newmaster(args):
def cmd_setup(args):
OS.mkdir('repos')
run('''key -krepos/param add
- -a${kx}-param !${kx-param}
- -eforever -tparam tripe-${kx}-param
- cipher=${cipher} hash=${hash} mac=${mac} mgf=${mgf}''')
+ -a${kx-param-genalg} !${kx-param}
+ -eforever -tparam tripe-param
+ kx-group=${kx} mgf=${mgf} mac=${mac}
+ bulk=${bulk} cipher=${cipher} hash=${hash} ${kx-attrs}''')
cmd_newmaster(args)
###--------------------------------------------------------------------------
@@ -396,6 +446,16 @@ def cmd_upload(args):
for base in commit:
new = '%s.new' % base
OS.rename(new, base)
+
+ ## Remove files in the base-dir which don't correspond to ones we just
+ ## committed
+ allow = {}
+ basedir = conf['base-dir']
+ bdl = len(basedir)
+ for base in commit:
+ if base.startswith(basedir): allow[base[bdl:]] = 1
+ for found in OS.listdir(basedir):
+ if found not in allow: OS.remove(OS.path.join(basedir, found))
finally:
OS.chdir(cwd)
rmtree('tmp')
@@ -422,14 +482,14 @@ def cmd_update(args):
OS.mkdir('tmp')
OS.chdir('tmp')
seq = int(conf['master-sequence'])
- run('curl -s -o tripe-keys.tar.gz ${repos-url}')
- run('curl -s -o tripe-keys.sig %s' % seqsubst('sig-url', seq))
+ run('curl -sL -o tripe-keys.tar.gz ${repos-url}')
+ run('curl -sL -o tripe-keys.sig %s' % seqsubst('sig-url', seq))
run('tar xfz tripe-keys.tar.gz')
## Verify the signature
want = C.bytes(rx_nonalpha.sub('', conf['hk-master']))
got = fingerprint('repos/master.pub', 'master-%d' % seq)
- if want != got: raise VerifyError
+ if want != got: raise VerifyError()
run('''catsign -krepos/master.pub verify -avC -kmaster-%d
-t${sig-fresh} tripe-keys.sig tripe-keys.tar.gz''' % seq)
@@ -437,7 +497,7 @@ def cmd_update(args):
OS.chdir(cwd)
if OS.path.exists('repos'): OS.rename('repos', 'repos.old')
OS.rename('tmp/repos', 'repos')
- if not FC.cmp('tmp/tripe-keys.conf', 'tripe-keys.conf'):
+ if not FC.cmp('tmp/tripe-keys.conf', 'tripe-keys.conf', False):
moan('configuration file changed: recommend running another update')
OS.rename('tmp/tripe-keys.conf', 'tripe-keys.conf')
rmtree('repos.old')
@@ -455,7 +515,7 @@ def cmd_generate(args):
keyring_pub = 'peer-%s.pub' % tag
zap('keyring'); zap(keyring_pub)
run('key -kkeyring merge repos/param')
- run('key -kkeyring add -a${kx} -pparam -e${kx-expire} -t%s tripe-${kx}' %
+ run('key -kkeyring add -a${kx-genalg} -pparam -e${kx-expire} -t%s tripe' %
tag)
run('key -kkeyring extract -f-secret %s %s' % (keyring_pub, tag))
@@ -473,10 +533,78 @@ def cmd_clean(args):
zap(i)
###--------------------------------------------------------------------------
-### Main driver.
+### Commands: check
+
+def check_key(k):
+ now = T.time()
+ thresh = int(conf['kx-warn-days']) * 86400
+ if k.exptime == C.KEXP_FOREVER: return None
+ elif k.exptime == C.KEXP_EXPIRE: left = -1
+ else: left = k.exptime - now
+ if left < 0:
+ return "key `%s' HAS EXPIRED" % k.tag
+ elif left < thresh:
+ if left >= 86400: n, u, uu = left // 86400, 'day', 'days'
+ else: n, u, uu = left // 3600, 'hour', 'hours'
+ return "key `%s' EXPIRES in %d %s" % (k.tag, n, n == 1 and u or uu)
+ else:
+ return None
+
+def cmd_check(args):
+ if OS.path.exists('keyring.pub'):
+ for k in C.KeyFile('keyring.pub').itervalues():
+ whinge = check_key(k)
+ if whinge is not None: print whinge
+ if OS.path.exists('master'):
+ whinges = []
+ for k in C.KeyFile('master').itervalues():
+ whinge = check_key(k)
+ if whinge is None: break
+ whinges.append(whinge)
+ else:
+ for whinge in whinges: print whinge
-## Exceptions.
-class UsageError (Exception): pass
+###--------------------------------------------------------------------------
+### Commands: mtu
+
+def mac_tagsz():
+ macname = conf['mac']
+ index = macname.rindex('/')
+ if index == -1: tagsz = C.gcmacs[macname].tagsz
+ else: tagsz = int(macname[index + 1:])/8
+ return tagsz
+
+def cmd_mtu(args):
+ mtu, = (lambda mtu = '1500': (mtu,))(*args)
+ mtu = int(mtu)
+
+ mtu -= 20 # Minimum IP header
+ mtu -= 8 # UDP header
+ mtu -= 1 # TrIPE packet type octet
+
+ bulk = conf['bulk']
+
+ if bulk == 'v0':
+ blksz = C.gcciphers[conf['cipher']].blksz
+ mtu -= mac_tagsz() # MAC tag
+ mtu -= 4 # Sequence number
+ mtu -= blksz # Initialization vector
+
+ elif bulk == 'iiv':
+ mtu -= mac_tagsz() # MAC tag
+ mtu -= 4 # Sequence number
+
+ elif bulk == 'naclbox':
+ mtu -= 16 # MAC tag
+ mtu -= 4 # Sequence number
+
+ else:
+ die("Unknown bulk transform `%s'" % bulk)
+
+ print mtu
+
+###--------------------------------------------------------------------------
+### Main driver.
commands = {'help': (cmd_help, 0, 1, ''),
'newmaster': (cmd_newmaster, 0, 0, ''),
@@ -484,6 +612,8 @@ commands = {'help': (cmd_help, 0, 1, ''),
'upload': (cmd_upload, 0, 0, ''),
'update': (cmd_update, 0, 0, ''),
'clean': (cmd_clean, 0, 0, ''),
+ 'mtu': (cmd_mtu, 0, 1, '[PATH-MTU]'),
+ 'check': (cmd_check, 0, 0, ''),
'generate': (cmd_generate, 1, 1, 'TAG'),
'rebuild': (cmd_rebuild, 0, 0, '')}
@@ -523,10 +653,12 @@ def main(argv):
cmd_help([])
else:
c = argv[1]
- func, min, max, help = commands[c]
+ try: func, min, max, help = commands[c]
+ except KeyError: die("unknown command `%s'" % c)
args = argv[2:]
- if len(args) < min or (max > 0 and len(args) > max):
- raise UsageError, (c, help)
+ if len(args) < min or (max is not None and len(args) > max):
+ SYS.stderr.write('Usage: %s %s%s%s\n' % (quis, c, help and ' ', help))
+ SYS.exit(1)
func(args)
###----- That's all, folks --------------------------------------------------