kee

Offline IOU signer with QR as transport
git clone https://holbrook.no/src/kee
Info | Log | Files | Refs | README | LICENSE
commit e20165682c89111d65db5554332faf0058dd209f
parent c2fd013035998e0bba49b82e33996a99c9cbb5a7
Author: lash <dev@holbrook.no>
Date:   Fri,  5 Apr 2024 14:29:24 +0100

Start new testdata generator, hide key data length in ciphertext

Diffstat:

Mrequirements.txt | 1+


Msrc/gpg.c | 6++++--


Atestdata_ng.py | 58++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


3 files changed, 63 insertions(+), 2 deletions(-)

diff --git a/requirements.txt b/requirements.txt
@@ -1,3 +1,4 @@
 varint~=1.0.2
 lmdb~=1.4.0
 faker~=24.0.0
+pycryptodome==3.20.0
diff --git a/src/gpg.c b/src/gpg.c
@@ -187,7 +187,8 @@ static int key_from_path(gcry_sexp_t *key, const char *p, const char *passphrase
 	}
 	free(fullpath);
 
-	c = fread(&l, sizeof(int), 1, f);
+	/// \todo length must be in the ciphertext
+	//c = fread(&l, sizeof(int), 1, f);
 	c = fread(nonce, CHACHA20_NONCE_LENGTH_BYTES, 1, f);
 	i = 0;
 	c = 1;
@@ -206,7 +207,8 @@ static int key_from_path(gcry_sexp_t *key, const char *p, const char *passphrase
 	if (r) {
 		return ERR_NOKEY;
 	}
-	r = key_from_data(key, (char*)outdata, l);
+	//r = key_from_data(key, (char*)outdata, l);
+	r = key_from_data(key, (char*)(outdata+sizeof(int)), (size_t)(*((int*)outdata)));
 	free(outdata);
 	return r;
 }
diff --git a/testdata_ng.py b/testdata_ng.py
@@ -0,0 +1,58 @@
+import os
+import sys
+import io
+import logging
+import hashlib
+from Crypto.Cipher import ChaCha20_Poly1305
+from Crypto.PublicKey import ECC
+import Crypto.IO.PKCS8
+import Crypto.Util.asn1
+
+
+def padbytes(b, padsize=4096):
+    l = padsize - (len(b) % padsize)
+    b += os.urandom(l)
+    return b
+
+h = hashlib.new('sha256')
+h.update(b'1234')
+z = h.digest()
+
+k = ECC.generate(curve='Ed25519')
+pk_pkcs8 = k.export_key(format='DER')
+pk_der = Crypto.IO.PKCS8.unwrap(pk_pkcs8)
+pk = Crypto.Util.asn1.DerOctetString().decode(pk_der[1], strict=True).payload
+pubk = k.public_key().export_key(format='raw')
+
+w = io.BytesIO()
+w.write(b"(8:key-data(10:public-key(3:ecc(5:curve7:Ed25519)(1:q32:")
+w.write(pubk)
+w.write(b")))(11:private-key(3:ecc(5:curve7:Ed25519)(1:q32:")
+w.write(pubk)
+w.write(b")(1:d32:")
+w.write(pk)
+w.write(b"))))")
+b = w.getvalue()
+l = len(b)
+bl = l.to_bytes(4, byteorder='little')
+
+nonce = os.urandom(12)
+cph = ChaCha20_Poly1305.new(key=z, nonce=nonce)
+r = cph.encrypt(bl + b)
+r = padbytes(r)
+sys.stdout.buffer.write(nonce + r)
+
+#tmpl = (8:key-data(10:public-key(3:ecc(5:curve7:Ed25519)(1:q32:\xae3\xe12\xec\x9e:\xa3-\xa3\x0b\x122}\xbc\xdb\xd8\xdc\x03\xea\x989D[S\xbaocs\xfb\x00\xce)))(11:private-key(3:ecc(5:curve7:Ed25519)(1:q32:\xae3\xe12\xec\x9e:\xa3-\xa3\x0b\x122}\xbc\xdb\xd8\xdc\x03\xea\x989D[S\xbaocs\xfb\x00\xce)(1:d32:k\x90\x88\xb5\x8cyn\xef]b\xd8\x80\x19\xd1\xf8\xda\xe2\xc0\x1b\xe9V\t\x07h7\x05\xb7\xd8\x85bu0))))
+
+
+# b'(8:key-data(10:public-key(3:ecc(5:curve7:Ed25519)(1:q32:\xae3\xe12\xec\x9e:\xa3-\xa3\x0b\x122}\xbc\xdb\xd8\xdc\x03\xea\x989D[S\xbaocs\xfb\x00\xce)))(11:private-key(3:ecc(5:curve7:Ed25519)(1:q32:\xae3\xe12\xec\x9e:\xa3-\xa3\x0b\x122}\xbc\xdb\xd8\xdc\x03\xea\x989D[S\xbaocs\xfb\x00\xce)(1:d32:k\x90\x88\xb5\x8cyn\xef]b\xd8\x80\x19\xd1\xf8\xda\xe2\xc0\x1b\xe9V\t\x07h7\x05\xb7\xd8\x85bu0))))'
+
+#f = open('key.bin', 'rb')
+#l = int.from_bytes(f.read(4), byteorder='little')
+#nonce = f.read(12)
+#ctxt = f.read()
+#f.close()
+#
+#cph = ChaCha20_Poly1305.new(key=z, nonce=nonce)
+#txt = cph.decrypt(ctxt)
+#print(txt[:l])