Beispiel #1
0
 def test_keysign(self):
     publickey.Identity('alice', basedir=self.pbp_path, create=True)
     publickey.Identity('bob', basedir=self.pbp_path, create=True)
     pbp.keysign_handler(name='bob', self='alice', basedir=self.pbp_path)
     sigs=pbp.keycheck_handler(name='bob', basedir=self.pbp_path)
     self.assertEquals(sigs, ['alice'])
Beispiel #2
0
def main():
    # main command line handler for pbp
    parser = argparse.ArgumentParser(description='pbp')
    group = parser.add_mutually_exclusive_group()
    group.add_argument('--gen-key',     '-g',  dest='action', action='store_const', const='g', help="generates a new key")
    group.add_argument('--encrypt',     '-c',  dest='action', action='store_const', const='c',help="encrypts")
    group.add_argument('--decrypt',     '-d',  dest='action', action='store_const', const='d',help="decrypts")
    group.add_argument('--sign',        '-s',  dest='action', action='store_const', const='s',help="signs")
    group.add_argument('--master-sign', '-m',  dest='action', action='store_const', const='m',help="signs keys with your masterkey")
    group.add_argument('--verify',      '-v',  dest='action', action='store_const', const='v',help="verifies")
    group.add_argument('--hash',        '-H',  dest='action', action='store_const', const='h',help="hashes")
    group.add_argument('--list',        '-l',  dest='action', action='store_const', const='l',help="lists public keys")
    group.add_argument('--list-secret', '-L',  dest='action', action='store_const', const='L',help="Lists secret keys")
    group.add_argument('--export-key',  '-x',  dest='action', action='store_const', const='x',help="export public key")
    group.add_argument('--import-key',  '-X',  dest='action', action='store_const', const='X',help="import public key")
    group.add_argument('--check-sigs',  '-C',  dest='action', action='store_const', const='C',help="lists all known sigs on a public key")
    group.add_argument('--fcrypt',      '-e',  dest='action', action='store_const', const='e',help="encrypts a message using PFS to a peer")
    group.add_argument('--fdecrypt',    '-E',  dest='action', action='store_const', const='E',help="decrypts a message using PFS to a peer")
    group.add_argument(                 '-D1', dest='action', action='store_const', const='d1',help="initiates an ECDH key exchange")
    group.add_argument(                 '-D2', dest='action', action='store_const', const='d2',help="responds to an ECDH key request")
    group.add_argument(                 '-D3', dest='action', action='store_const', const='d3',help="finalizes an ECDH key exchange")
    group.add_argument('--dh-start',    '-Ds', dest='action', action='store_const', const='ds',help="initiates an ECDH key exchange")
    group.add_argument('--dh-end',      '-De', dest='action', action='store_const', const='de',help="finalizes an ECDH key exchange")
    group.add_argument('--rand-stream', '-R',  dest='action', action='store_const', const='R',help="generate arbitrary random stream")

    if PITCHFORK: parser.add_argument('--pitchfork',  '-P',  dest='PITCHFORK', action='store_const', const='P',help="arms PITCHFORK", default=False)
    parser.add_argument('--signature',  '-z', help="sets the pitchfork sig to verify")
    parser.add_argument('--recipient',  '-r', action='append', help="designates a recipient for public key encryption")
    parser.add_argument('--name',       '-n', help="sets the name for a new key")
    parser.add_argument('--basedir',    '-b', '--base-dir', help="set the base directory for all key storage needs", default=defaultbase)
    parser.add_argument('--self',       '-S', help="sets your own key")
    parser.add_argument('--key',        '-k', help="some password or secret")
    parser.add_argument('--dh-param',   '-DP',help="public parameter for ECDH key exchange")
    parser.add_argument('--dh-exp',     '-DE',help="secret exp for final step of a ECDH key exchange")
    parser.add_argument('--size',       '-Rs',help="size of random stream to generate")
    parser.add_argument('--dh-peers',   '-Dp',help="the number of peers participating in a ECDH key exchange")
    parser.add_argument('--infile',     '-i', help="file to operate on")
    parser.add_argument('--armor',      '-a', action='store_true', help="ascii armors the output")
    parser.add_argument('--outfile',    '-o', help="file to output to")
    opts=parser.parse_args()

    opts.basedir=os.path.expandvars( os.path.expanduser(opts.basedir))
    # Generate key
    if opts.action=='g':
        ensure_name_specified(opts)
        publickey.Identity(opts.name, create=True, basedir=opts.basedir)

    # list public keys
    elif opts.action=='l':
        if PITCHFORK:
            pitchfork.init()
            res = pitchfork.listkeys(opts.name)
            if(res):
                keys, stats = res
                pitchfork.print_keys(keys)
                pitchfork.storage_stats(stats, keys)
            else:
                print 'none'
        else:
            for i in publickey.get_public_keys(opts.basedir):
                print ('valid' if i.valid > datetime.datetime.utcnow() > i.created
                       else 'invalid'), i.keyid(), i.name

    # list secret keys
    elif opts.action=='L':
        for i in publickey.get_secret_keys(opts.basedir):
            print ('valid' if i.valid > datetime.datetime.utcnow() > i.created
                   else 'invalid'), i.keyid(), i.name

    # encrypt
    elif opts.action=='c':
        if PITCHFORK:
            ensure_recipient_specified(opts)
            pitchfork.init()
            res=pitchfork.encrypt(opts.recipient[0],
                                   infile=opts.infile,
                                   outfile=opts.outfile)
            if res:
                print >>sys.stderr, b85encode(res)
            return
        if opts.recipient or opts.self:
            ensure_self_specified(opts)
            ensure_recipient_specified(opts)
        encrypt_handler(infile=opts.infile,
                        outfile=opts.outfile,
                        recipient=opts.recipient,
                        self=opts.self,
                        basedir=opts.basedir)

    # decrypt
    elif opts.action=='d':
        if PITCHFORK:
            ensure_recipient_specified(opts)
            pitchfork.init()
            res=pitchfork.decrypt(opts.recipient[0],
                                  infile=opts.infile,
                                  outfile=opts.outfile)
        else:
            sender = decrypt_handler(infile=opts.infile,
                            outfile=opts.outfile,
                            self=opts.self,
                            basedir=opts.basedir)
            if sender:
                print >>sys.stderr, 'good message from', sender

    # sign
    elif opts.action=='s':
        if PITCHFORK:
            ensure_recipient_specified(opts)
            pitchfork.init()
            res=pitchfork.sign(opts.recipient[0],
                               infile=opts.infile,
                               outfile=opts.outfile)
            if res:
                print >>sys.stderr, b85encode(res[0]), b85encode(res[1])
            return
        ensure_self_specified(opts)
        sign_handler(infile=opts.infile,
                     outfile=opts.outfile,
                     self=opts.self,
                     armor=opts.armor,
                     basedir=opts.basedir)

    # verify
    elif opts.action=='v':
        if PITCHFORK:
            ensure_signature_specified(opts)
            ensure_recipient_specified(opts)
            pitchfork.init()
            res=pitchfork.verify(opts.signature,
                                 opts.recipient[0],
                                 infile=opts.infile,
                                 outfile=opts.outfile)
        else:
            res = verify_handler(infile=opts.infile,
                                 outfile=opts.outfile,
                                 basedir=opts.basedir)
        if res:
            print >>sys.stderr, "good message from", res
        else:
            print >>sys.stderr, 'verification failed'

    # key sign
    elif opts.action=='m':
        ensure_name_specified(opts)
        ensure_self_specified(opts)
        sig = keysign_handler(name=opts.name,
                              self=opts.self,
                              basedir=opts.basedir)
        if sig: print "key signed in", sig
        else: print >>sys.stderr, 'signature failed'
Beispiel #3
0
def main():
    # main command line handler for pbp
    parser = argparse.ArgumentParser(description='pbp')
    group = parser.add_mutually_exclusive_group()
    group.add_argument('--gen-key',     '-g',  dest='action', action='store_const', const='g', help="generates a new key")
    group.add_argument('--encrypt',     '-c',  dest='action', action='store_const', const='c',help="encrypts")
    group.add_argument('--decrypt',     '-d',  dest='action', action='store_const', const='d',help="decrypts")
    group.add_argument('--sign',        '-s',  dest='action', action='store_const', const='s',help="signs")
    group.add_argument('--master-sign', '-m',  dest='action', action='store_const', const='m',help="signs keys with your masterkey")
    group.add_argument('--verify',      '-v',  dest='action', action='store_const', const='v',help="verifies")
    group.add_argument('--list',        '-l',  dest='action', action='store_const', const='l',help="lists public keys")
    group.add_argument('--list-secret', '-L',  dest='action', action='store_const', const='L',help="Lists secret keys")
    group.add_argument('--export-key',  '-x',  dest='action', action='store_const', const='x',help="export public key")
    group.add_argument('--import-key',  '-X',  dest='action', action='store_const', const='X',help="import public key")
    group.add_argument('--check-sigs',  '-C',  dest='action', action='store_const', const='C',help="lists all known sigs on a public key")
    group.add_argument('--fcrypt',      '-e',  dest='action', action='store_const', const='e',help="encrypts a message using PFS to a peer")
    group.add_argument('--fdecrypt',    '-E',  dest='action', action='store_const', const='E',help="decrypts a message using PFS to a peer")
    group.add_argument('--dh-start',    '-Ds', dest='action', action='store_const', const='ds',help="initiates an ECDH key exchange")
    group.add_argument('--dh-end',      '-De', dest='action', action='store_const', const='de',help="finalizes an ECDH key exchange")
    group.add_argument('--rand-stream', '-R',  dest='action', action='store_const', const='R',help="generate arbitrary random stream")

    parser.add_argument('--recipient',  '-r', action='append', help="designates a recipient for public key encryption")
    parser.add_argument('--name',       '-n', help="sets the name for a new key")
    parser.add_argument('--basedir',    '-b', '--base-dir', help="set the base directory for all key storage needs", default=defaultbase)
    parser.add_argument('--self',       '-S', help="sets your own key")
    parser.add_argument('--size',       '-Rs',help="size of random stream to generate")
    parser.add_argument('--dh-peers',   '-Dp',help="the number of peers participating in a ECDH key exchange")
    parser.add_argument('--infile',     '-i', help="file to operate on")
    parser.add_argument('--armor',      '-a', action='store_true', help="ascii armors the output")
    parser.add_argument('--outfile',    '-o', help="file to output to")
    opts=parser.parse_args()

    opts.basedir=os.path.expandvars( os.path.expanduser(opts.basedir))
    # Generate key
    if opts.action=='g':
        ensure_name_specified(opts)
        publickey.Identity(opts.name, create=True, basedir=opts.basedir)

    # list public keys
    elif opts.action=='l':
        for i in publickey.get_public_keys(opts.basedir):
            print ('valid' if i.valid > datetime.datetime.utcnow() > i.created
                   else 'invalid'), i.keyid(), i.name

    # list secret keys
    elif opts.action=='L':
        for i in publickey.get_secret_keys(opts.basedir):
            print ('valid' if i.valid > datetime.datetime.utcnow() > i.created
                   else 'invalid'), i.keyid(), i.name

    # encrypt
    elif opts.action=='c':
        if opts.recipient or opts.self:
            ensure_self_specified(opts)
            ensure_recipient_specified(opts)
        encrypt_handler(infile=opts.infile,
                        outfile=opts.outfile,
                        recipient=opts.recipient,
                        self=opts.self,
                        basedir=opts.basedir)

    # decrypt
    elif opts.action=='d':
        decrypt_handler(infile=opts.infile,
                        outfile=opts.outfile,
                        self=opts.self,
                        basedir=opts.basedir)

    # sign
    elif opts.action=='s':
        ensure_self_specified(opts)
        sign_handler(infile=opts.infile,
                     outfile=opts.outfile,
                     self=opts.self,
                     armor=opts.armor,
                     basedir=opts.basedir)

    # verify
    elif opts.action=='v':
        res = verify_handler(infile=opts.infile,
                             outfile=opts.outfile,
                             basedir=opts.basedir)
        if res:
            print >>sys.stderr, "good message from", res
        else:
            print >>sys.stderr, 'verification failed'

    # key sign
    elif opts.action=='m':
        ensure_name_specified(opts)
        ensure_self_specified(opts)
        sig = keysign_handler(name=opts.name,
                              self=opts.self,
                              basedir=opts.basedir)
        if sig: print "key signed in", sig
        else: print >>sys.stderr, 'signature failed'
Beispiel #4
0
Datei: main.py Projekt: stef/pbp
            ensure_signature_specified(opts)
            ensure_recipient_specified(opts)
            pitchfork.init()
            res = pitchfork.verify(opts.signature, opts.recipient[0], infile=opts.infile, outfile=opts.outfile)
        else:
            res = verify_handler(infile=opts.infile, outfile=opts.outfile, basedir=opts.basedir)
        if res:
            print >> sys.stderr, "[pbp] good message from", res
        else:
            print >> sys.stderr, "[pbp] VERIFICATION FAILED"

    # key sign
    elif opts.action == "m":
        ensure_name_specified(opts)
        ensure_self_specified(opts)
        sig = keysign_handler(name=opts.name, self=opts.self, basedir=opts.basedir)
        if sig:
            print "[pbp] key signed in", sig
        else:
            print >> sys.stderr, "[pbp] SIGNATURE FAILED"

    # lists signatures owners on public keys
    elif opts.action == "C":
        ensure_name_specified(opts)
        sigs = keycheck_handler(name=opts.name, basedir=opts.basedir)
        if sigs:
            print >> sys.stderr, "[pbp] good signatures on", opts.name, "from", ", ".join(sigs)
        else:
            print >> sys.stderr, "[pbp] NO GOOD SIGS FOUND"

    # export public key