# # # patch "README.encapsulation" # from [36c609dc4f585cf0d10239391058d23ea0e46d80] # to [3a8cbeb019e89f294ee5482970d33d42c319f97a] # # patch "cert.cc" # from [44058fa1abee01113e0b345b05d3ccf8d3ff8d8b] # to [a71052b8dd018498af561c20de7395d487ec97b0] # # patch "cmd_netsync.cc" # from [b6f9c849aff12fe7342afa7006152210124a4ad1] # to [4f08638b197e1ffecf48f3241f261b83db89d1a0] # # patch "key_store.cc" # from [0aeeb39500d4d38fde8deebadeb33e375f6468f1] # to [851e64c0885d3b585e9559affc38c851a9c87c70] # # patch "key_store.hh" # from [9a06452a95d8bdaabfc38962b8cd2e405793f120] # to [437c5ef9cc3161801c87b2f28a393bc95231121a] # # patch "keys.cc" # from [7d861a3e6498341ac81424ed36da88ed13dc9c23] # to [920830d1215f457ce9a9e498a943ba3a9c53812f] # # patch "keys.hh" # from [862ef6e6d3f733dac35cc0a041432d9bca518dc2] # to [c03fb1b4ceba27374e6b1649ca2f8342dd499a44] # # patch "netsync.cc" # from [38cc22dc4aa621786db59a627ee3d187d7c4e626] # to [f10df3d7b9ad02b7ef9e55fe8d0aca9219302ff4] # # patch "packet.cc" # from [991e6a99aeb8e43d48d09d64b22e080bb617f08f] # to [482cd5315e50cb118fddd5eb8dd770251dbfc155] # # patch "rcs_import.cc" # from [9e1be182841139486ddd18f69aaa0b99b1c86cee] # to [bda5c49ca2c4cfea9e2d04d7ff8f6ac6da320e84] # # patch "revision.cc" # from [0e3aadb55aff09d27f37f879d011ca3063705619] # to [7ad90a9e362470d057f995bb361a0d80fab75870] # # patch "schema_migration.cc" # from [16307957747ed7458f56319fefb71049a5c637c9] # to [7e7ac7cbd6046e98fa446cafbee961c5c9df0b70] # ============================================================ --- README.encapsulation 36c609dc4f585cf0d10239391058d23ea0e46d80 +++ README.encapsulation 3a8cbeb019e89f294ee5482970d33d42c319f97a @@ -15,9 +15,6 @@ revision.cc: anc_graph::write_certs(): needs: make_simple_cert() - anc_graph::add_node_for_old_manifest - needs: erase_bogus_cert() - anc_graph::construct_revisions_from_ancestry() app.opts.attrs_to_drop @@ -25,36 +22,20 @@ revision.cc: build_roster_style_revs_from_manifest_style_revs() app.db.... needs: anc_graph() - needs: get_user_key() - needs: require_password() build_changesets_from_manifest_ancestry() app.db... needs: anc_graph() - needs: get_user_key() - needs: require_password() cert.cc: - calculate_cert(): - app.db... - needs: load_key_pair() (i.e. keys, lua.hook_persist_phrase_ok) - needs: make_signature() - - get_user_key(): - app.keys... - app.opts.signing_key - app.lua.hook_get_branch_key - app.opts.branchname - guess_branch(): app.opts.branch_given + app.opts.branchname app.get_project().get_revision_branches() make_simple_cert(): - needs: get_user_key() (i.e. keys + some opts and hooks) needs: calculate_cert() cert_revision_author_default(): @@ -98,7 +79,6 @@ netsync.cc: session::set_session_key(): app.opts.use_transport_auth app.opts.signing_key - needs: load_key_pair() needs: decrypt_rsa() session::queue_anonymous_cmd(): @@ -112,7 +92,6 @@ netsync.cc: app.opts.use_transport_auth app.opts.signing_key app.get_project().get_branch_list() - needs: make_signature() app.lua.hook_note_netsync_start session::process_anonymous_cmd(): @@ -162,31 +141,12 @@ netsync.cc: app.opts.bind_stdio -packet.cc: - feed_packet_consumer: - needs: migrate_private_key() - - keys.cc: - make_signature(): - app.keys... - app.opts.ssh_sign - app.agent + Only a unit test left, which uses app_state. This should be cleaned + up as soon as we remove the hackish hooks in the key_store. - encrypt_rsa(): - (now takes a key_store context, but doesn't use it..) - - require_password(): - app.keys... - needs: priv_key_exists() - needs: make_signature() - - project.cc: - struct not_in_branch: - needs: erase_bogus_certs() - project_t: app.db... needs: cert_revision_{in_branch,tag,changelog,date_time,author}() @@ -215,3 +175,4 @@ cmd_diff_log.cc: needs: node_restriction() needs: complete() + ============================================================ --- cert.cc 44058fa1abee01113e0b345b05d3ccf8d3ff8d8b +++ cert.cc a71052b8dd018498af561c20de7395d487ec97b0 @@ -403,7 +403,7 @@ calculate_cert(app_state & app, cert & t load_key_pair(app.keys, t.key, kp); app.db.put_key(t.key, kp.pub); - make_signature(app, t.key, kp.priv, signed_text, t.sig); + make_signature(app.keys, t.key, kp.priv, signed_text, t.sig); } cert_status ============================================================ --- cmd_netsync.cc b6f9c849aff12fe7342afa7006152210124a4ad1 +++ cmd_netsync.cc 4f08638b197e1ffecf48f3241f261b83db89d1a0 @@ -399,7 +399,7 @@ CMD_NO_WORKSPACE(serve, N_("network"), " N(app.lua.hook_persist_phrase_ok(), F("need permission to store persistent passphrase (see hook persist_phrase_ok())")); - require_password(key, app); + require_password(key, app.keys); } else { ============================================================ --- key_store.cc 0aeeb39500d4d38fde8deebadeb33e375f6468f1 +++ key_store.cc 851e64c0885d3b585e9559affc38c851a9c87c70 @@ -303,6 +303,18 @@ key_store::get_opt_signing_key() return app.opts.signing_key; } +const string & +key_store::get_opt_ssh_sign() +{ + return app.opts.ssh_sign; +} + +ssh_agent & +key_store::get_agent() +{ + return app.agent; +} + // Local Variables: // mode: C++ // fill-column: 76 ============================================================ --- key_store.hh 9a06452a95d8bdaabfc38962b8cd2e405793f120 +++ key_store.hh 437c5ef9cc3161801c87b2f28a393bc95231121a @@ -1,8 +1,9 @@ #ifndef __KEY_STORE_H__ #define __KEY_STORE_H__ #include #include +#include #include @@ -10,6 +11,7 @@ class app_state; #include "paths.hh" class app_state; +class ssh_agent; namespace Botan { @@ -80,6 +82,8 @@ public: bool hook_get_current_branch_key(rsa_keypair_id & k); bool has_opt_signing_key(); rsa_keypair_id get_opt_signing_key(); + std::string const & get_opt_ssh_sign(); + ssh_agent & get_agent(); }; // Local Variables: ============================================================ --- keys.cc 7d861a3e6498341ac81424ed36da88ed13dc9c23 +++ keys.cc 920830d1215f457ce9a9e498a943ba3a9c53812f @@ -271,7 +271,7 @@ void // converts an oldstyle arc4 encrypted key into a newstyle pkcs#8 encoded // key. the public key is also included void -migrate_private_key(app_state & app, +migrate_private_key(key_store & keys, rsa_keypair_id const & id, base64< arc4 > const & old_priv, keypair & new_kp) @@ -290,7 +290,7 @@ migrate_private_key(app_state & app, { decrypted_key.set(reinterpret_cast(decoded_key().data()), decoded_key().size()); - get_passphrase(app.keys, id, phrase, false, force); + get_passphrase(keys, id, phrase, false, force); SecureVector sym_key; sym_key.set(reinterpret_cast(phrase().data()), phrase().size()); do_arc4(sym_key, decrypted_key); @@ -357,41 +357,44 @@ void } void -make_signature(app_state & app, // to hook for phrase +make_signature(key_store & keys, // to hook for phrase rsa_keypair_id const & id, // to prompting user for phrase base64< rsa_priv_key > const & priv, string const & tosign, base64 & signature) { - E(!app.opts.ssh_sign.empty(), + const string & opt_ssh_sign = keys.get_opt_ssh_sign(); + + E(!opt_ssh_sign.empty(), F("--ssh-sign requires a value ['yes', 'no', 'only', or 'check']")); - E(app.opts.ssh_sign == "yes" - || app.opts.ssh_sign == "no" - || app.opts.ssh_sign == "check" - || app.opts.ssh_sign == "only", + E(opt_ssh_sign == "yes" + || opt_ssh_sign == "no" + || opt_ssh_sign == "check" + || opt_ssh_sign == "only", F("--ssh-sign must be set to 'yes', 'no', 'only', or 'check'")); keypair key; - app.keys.get_key_pair(id, key); + keys.get_key_pair(id, key); string sig_string; + ssh_agent & agent = keys.get_agent(); //sign with ssh-agent (if connected) - N(app.agent.connected() || app.opts.ssh_sign != "only", + N(agent.connected() || opt_ssh_sign != "only", F("You have chosen to sign only with ssh-agent but ssh-agent" " does not seem to be running.")); - if (app.opts.ssh_sign == "yes" - || app.opts.ssh_sign == "check" - || app.opts.ssh_sign == "only") + if (opt_ssh_sign == "yes" + || opt_ssh_sign == "check" + || opt_ssh_sign == "only") { /* - vector ssh_keys = app.agent.get_keys(); + vector ssh_keys = agent.get_keys(); if (ssh_keys.size() <= 0) L(FL("make_signature: no rsa keys received from ssh-agent")); else { */ - if (app.agent.connected()) { + if (agent.connected()) { //grab the monotone public key as an RSA_PublicKey - app.keys.get_key_pair(id, key); + keys.get_key_pair(id, key); rsa_pub_key pub; decode_base64(key.pub, pub); SecureVector pub_block; @@ -413,7 +416,7 @@ make_signature(app_state & app, L(FL("make_signature: ssh key matches monotone key, signing with" " ssh-agent")); */ - app.agent.sign_data(*pub_key, tosign, sig_string); + agent.sign_data(*pub_key, tosign, sig_string); /* break; } @@ -427,12 +430,12 @@ make_signature(app_state & app, string ssh_sig = sig_string; - N(ssh_sig.length() > 0 || app.opts.ssh_sign != "only", + N(ssh_sig.length() > 0 || opt_ssh_sign != "only", F("You don't seem to have your monotone key imported ")); if (ssh_sig.length() <= 0 - || app.opts.ssh_sign == "check" - || app.opts.ssh_sign == "no") + || opt_ssh_sign == "check" + || opt_ssh_sign == "no") { SecureVector sig; @@ -441,22 +444,22 @@ make_signature(app_state & app, // you're making a half-dozen certs during a commit or merge or // something. - bool persist_phrase = (!app.keys.signers.empty()) - || app.lua.hook_persist_phrase_ok(); + bool persist_phrase = (!keys.signers.empty()) + || keys.hook_persist_phrase_ok(); shared_ptr signer; shared_ptr priv_key; - if (persist_phrase && app.keys.signers.find(id) != app.keys.signers.end()) - signer = app.keys.signers[id].first; + if (persist_phrase && keys.signers.find(id) != keys.signers.end()) + signer = keys.signers[id].first; else { - priv_key = get_private_key(app.keys, id, priv); - if (app.agent.connected() - && app.opts.ssh_sign != "only" - && app.opts.ssh_sign != "no") { + priv_key = get_private_key(keys, id, priv); + if (agent.connected() + && opt_ssh_sign != "only" + && opt_ssh_sign != "no") { L(FL("keys.cc: make_signature: adding private key (%s) to ssh-agent") % id()); - app.agent.add_identity(*priv_key, id()); + agent.add_identity(*priv_key, id()); } signer = shared_ptr(get_pk_signer(*priv_key, "EMSA3(SHA-1)")); @@ -465,14 +468,14 @@ make_signature(app_state & app, * away after we leave this scope. Hence we store a pair of * so they both exist. */ if (persist_phrase) - app.keys.signers.insert(make_pair(id,make_pair(signer,priv_key))); + keys.signers.insert(make_pair(id,make_pair(signer,priv_key))); } sig = signer->sign_message(reinterpret_cast(tosign.data()), tosign.size()); sig_string = string(reinterpret_cast(sig.begin()), sig.size()); } - if (app.opts.ssh_sign == "check" && ssh_sig.length() > 0) + if (opt_ssh_sign == "check" && ssh_sig.length() > 0) { E(ssh_sig == sig_string, F("make_signature: ssh signature (%i) != monotone signature (%i)\n" @@ -489,7 +492,7 @@ make_signature(app_state & app, L(FL("make_signature: produced %d-byte signature") % sig_string.size()); encode_base64(rsa_sha1_signature(sig_string), signature); - E(check_signature(app.keys, id, key.pub, tosign, signature), + E(check_signature(keys, id, key.pub, tosign, signature), F("make_signature: signature is not valid")); } @@ -662,19 +665,19 @@ require_password(rsa_keypair_id const & void require_password(rsa_keypair_id const & key, - app_state & app) + key_store & keys) { - N(priv_key_exists(app.keys, key), + N(priv_key_exists(keys, key), F("no key pair '%s' found in key store '%s'") - % key % app.keys.get_key_dir()); + % key % keys.get_key_dir()); keypair kp; - load_key_pair(app.keys, key, kp); - if (app.lua.hook_persist_phrase_ok()) + load_key_pair(keys, key, kp); + if (keys.hook_persist_phrase_ok()) { string plaintext("hi maude"); base64 sig; - make_signature(app, key, kp.priv, plaintext, sig); - N(check_signature(app.keys, key, kp.pub, plaintext, sig), + make_signature(keys, key, kp.priv, plaintext, sig); + N(check_signature(keys, key, kp.pub, plaintext, sig), F("passphrase for '%s' is incorrect") % key); } } @@ -724,7 +727,7 @@ UNIT_TEST(key, signature_round_trip) BOOST_CHECKPOINT("signing plaintext"); string plaintext("test string to sign"); base64 sig; - make_signature(app, key, kp.priv, plaintext, sig); + make_signature(app.keys, key, kp.priv, plaintext, sig); BOOST_CHECKPOINT("checking signature"); BOOST_CHECK(check_signature(app.keys, key, kp.pub, plaintext, sig)); ============================================================ --- keys.hh 862ef6e6d3f733dac35cc0a041432d9bca518dc2 +++ keys.hh c03fb1b4ceba27374e6b1649ca2f8342dd499a44 @@ -18,7 +18,6 @@ using boost::shared_ptr; using Botan::RSA_PrivateKey; using boost::shared_ptr; -class app_state; class key_store; // keys.{hh,cc} does all the "delicate" crypto (meaning: that which needs @@ -37,12 +36,12 @@ void change_key_passphrase(key_store & k rsa_keypair_id const & id, // to prompting user for phrase base64< rsa_priv_key > & encoded_key); -void migrate_private_key(app_state & app, +void migrate_private_key(key_store & keys, rsa_keypair_id const & id, base64< arc4 > const & old_priv, keypair & kp); -void make_signature(app_state & app, // to hook for phrase +void make_signature(key_store & keys, // to hook for phrase rsa_keypair_id const & id, // to prompting user for phrase base64< rsa_priv_key > const & priv, std::string const & tosign, @@ -55,7 +54,7 @@ void require_password(rsa_keypair_id con base64 const & signature); void require_password(rsa_keypair_id const & id, - app_state & app); + key_store & keys); void encrypt_rsa(key_store & keys, rsa_keypair_id const & id, ============================================================ --- netsync.cc 38cc22dc4aa621786db59a627ee3d187d7c4e626 +++ netsync.cc f10df3d7b9ad02b7ef9e55fe8d0aca9219302ff4 @@ -1331,7 +1331,7 @@ session::process_hello_cmd(rsa_keypair_i // make a signature base64 sig; rsa_sha1_signature sig_raw; - make_signature(app, app.opts.signing_key, our_kp.priv, nonce(), sig); + make_signature(app.keys, app.opts.signing_key, our_kp.priv, nonce(), sig); decode_base64(sig, sig_raw); // make a new nonce of our own and send off the 'auth' ============================================================ --- packet.cc 991e6a99aeb8e43d48d09d64b22e080bb617f08f +++ packet.cc 482cd5315e50cb118fddd5eb8dd770251dbfc155 @@ -220,7 +220,7 @@ feed_packet_consumer require(regex_match(body, regex(base))); string contents(trim_ws(body)); keypair kp; - migrate_private_key(app, + migrate_private_key(app.keys, rsa_keypair_id(args), base64 >(contents), kp); ============================================================ --- rcs_import.cc 9e1be182841139486ddd18f69aaa0b99b1c86cee +++ rcs_import.cc bda5c49ca2c4cfea9e2d04d7ff8f6ac6da320e84 @@ -1209,7 +1209,7 @@ import_cvs_repo(system_path const & cvsr // early short-circuit to avoid failure after lots of work rsa_keypair_id key; get_user_key(key, app.keys); - require_password(key, app); + require_password(key, app.keys); } cvs_history cvs; ============================================================ --- revision.cc 0e3aadb55aff09d27f37f879d011ca3063705619 +++ revision.cc 7ad90a9e362470d057f995bb361a0d80fab75870 @@ -1647,7 +1647,7 @@ build_roster_style_revs_from_manifest_st // early short-circuit to avoid failure after lots of work rsa_keypair_id key; get_user_key(key, app.keys); - require_password(key, app); + require_password(key, app.keys); } // cross-check that we're getting everything @@ -1701,7 +1701,7 @@ build_changesets_from_manifest_ancestry( // early short-circuit to avoid failure after lots of work rsa_keypair_id key; get_user_key(key, app.keys); - require_password(key, app); + require_password(key, app.keys); } vector< manifest > tmp; ============================================================ --- schema_migration.cc 16307957747ed7458f56319fefb71049a5c637c9 +++ schema_migration.cc 7e7ac7cbd6046e98fa446cafbee961c5c9df0b70 @@ -503,7 +503,7 @@ migrate_to_external_privkeys(sqlite3 * d base64< arc4 > old_priv(stmt.column_string(1)); keypair kp; - migrate_private_key(app, ident, old_priv, kp); + migrate_private_key(app.keys, ident, old_priv, kp); MM(kp.pub); if (stmt.column_nonnull(2))