keybase / kbpgp Goto Github PK
View Code? Open in Web Editor NEWOpenPGP (RFC4880) Implementation in IcedCoffeeScript
Home Page: https://keybase.io/kbpgp
License: BSD 3-Clause "New" or "Revised" License
OpenPGP (RFC4880) Implementation in IcedCoffeeScript
Home Page: https://keybase.io/kbpgp
License: BSD 3-Clause "New" or "Revised" License
If I get a PGP message that is encrypted and signed, but I don't have the key of the sender (to verify), unbox will throw an error ("key not found"), even if it decrypted ok and has literals.
Maybe unbox should pass back that the message was signed with key(s) but couldn't find them to verify.
Following new spec (v5) which has binary and UTF-8 types, and also application-specific types.
One for encryption and one for signing.
Seems to be stuck in the pre-Chrome days.
We need: Async utils (like ASP), openpgp-specific utils, and keybase-packet-utils.
(don't use the real passphrase..)
we have one for private, none for public...
Would be good to specify multiple userids on key generation, so you can add a users real email and their keybase info:
userid: ["Test User <[email protected]>", "keybase.io/testuser <[email protected]>"]
Looks like GO is eventually going to have one...
This thesis is helpful: http://rsapss.hboeck.de/rsapss-1.0.2.pdf
We should expose it properly from triplesec
...to make sure they have not expired.
It seemed to be needed in public keys, but not in private keys. We might want to revisit this distinction later.
See comment in openpgp/packet/keymaterial.iced
in the function is_signed_subkey_of
.
Right now it's hard-coded into kbpacket/keymaterial.iced
.
Hi,
I wanted to try out some of the command-line features of Keybase, and noticed that you could run keybase dir verify
on this project after cloning it. Unfortunately, I'm getting the following output after running that command:
warn: gpg: Signature made Thu Sep 18 10:26:36 2014 EDT
warn: gpg: using RSA key 980A3F0D01FE04DF
warn: gpg: requesting key 980A3F0D01FE04DF from hkp server 127.0.0.1
warn: gpg: key 6052B2AD31A6631C: rejected by import filter
warn: gpg: Total number processed: 1
warn: [GNUPG:] IMPORT_RES 1 0 0 0 0 0 0 0 0 0 0 0 0 0
warn: [GNUPG:] ERRSIG 980A3F0D01FE04DF 1 10 00 1411050396 9
warn: [GNUPG:] NO_PUBKEY 980A3F0D01FE04DF
warn: gpg: Can't check signature: public key not found
error: `gpg` exited with code 2
My installation of gpg
is from Homebrew - here's the output of brew info gpg
:
gnupg: stable 1.4.18 (bottled)
http://www.gnupg.org/
/usr/local/Cellar/gnupg/1.4.18 (54 files, 5.3M) *
Poured from bottle
From: https://github.com/Homebrew/homebrew/blob/master/Library/Formula/gnupg.rb
https://keybase.io/kbpgp is showing the older 1.0.0 release
I am using kbpgp-1.1.0.js in browser and am having trouble importing a private key.
I am not seeing the private key read into the armor private property on the key proto. The public key works fine. It appears the returned object does not have the private key property or unlock_pgp method.
TypeError: undefined is not a function
at http://localhost:8100/js/services.js:985:24
at http://localhost:8100/lib/kbpgp/rel/kbpgp-1.1.0.js:4950:18
at Deferrals.exports.Deferrals.Deferrals._call (http://localhost:8100/lib/kbpgp/rel/kbpgp-1.1.0.js:26024:16)
at http://localhost:8100/lib/kbpgp/rel/kbpgp-1.1.0.js:26036:26
at exports.trampoline.trampoline (http://localhost:8100/lib/kbpgp/rel/kbpgp-1.1.0.js:26002:14)
at Deferrals.exports.Deferrals.Deferrals._fulfill (http://localhost:8100/lib/kbpgp/rel/kbpgp-1.1.0.js:26034:16)
at http://localhost:8100/lib/kbpgp/rel/kbpgp-1.1.0.js:4946:28
at KeyManager.unlock_pgp (http://localhost:8100/lib/kbpgp/rel/kbpgp-1.1.0.js:4948:15)
at http://localhost:8100/js/services.js:981:20
at http://localhost:8100/lib/kbpgp/rel/kbpgp-1.1.0.js:4915:18
kbpgp.KeyManager.import_from_armored_pgp({
armored: pair.publicKeyArmored
}, function(err, imported) {
if (!err) {
imported.merge_pgp_private({
armored: pair.privateKeyArmored
}, function(err) {
if (!err) {
if (imported.is_pgp_locked()) {
imported.unlock_pgp({
passphrase: pin
}, function(err) {
if (!err) {
var ring = new kbpgp.keyring.KeyRing;
var kms = [imported];
for (var i in kms) {
ring.add_key_manager(kms[i]);
}
kbpgp.unbox({keyfetch: ring, armored: msg }, function(err, literals) {
if (err != null) {
} else {
deferred.resolve(literals[0].toString());
}
});
}
});
}
}
});
}
});
Pick one and stick with it! See keymaterial.iced and keymanager.iced for more details.
Like in msg_roundtrip.iced
. We might want to refactor that reg test to do everything twice over different keys.
there's something going on that's taking a while. maybe computing n=pq
?
Uncaught AssertionError: cannot write a non-number as a number
The problem is that we're trying to write a bool out as a uint8.
Use TweetNacl or Nacl library for crypto
npm install kbpgp
Gets me 1.0.0
var k = require('kbpgp')
console.log(k)
results in
Error: Cannot find module 'iced-coffee-script/lib/coffee-script/iced'
cool stuff you guys are doing.
I'm a contributor to OpenPGP.js and I was wondering how we might share code more effectively. The library has improved quite a bit in terms of code quality and testing in the last 6 months and we just underwent our first complete security audit:
https://github.com/openpgpjs/openpgpjs/wiki/Cure53-security-audit
If I'm not mistaken this library is based on OpenPGP.js?
Thanks
See here for more details:
See the comment in openpgp/packet/keymaterial.iced
We need to be way more careful about scrubbing, but it's hard to even start to figure it out with the openpgpjs code.
Right now we're only handling one, and that's going to break in certain cases.
I was following the examples for using the key manager to generate a key pair, and I am getting this error (trying to export the private key).
/home/ubuntu/.nvm/v0.10.26/lib/node_modules/kbpgp/lib/keymanager.js:1390
passphrase = _arg.passphrase, asp = _arg.asp, regen = _arg.regen;
^
TypeError: Cannot read property 'passphrase' of undefined
at KeyManager.export_pgp_private_to_client (/home/ubuntu/.nvm/v0.10.26/lib/node_modules/kbpgp/lib/keymanager.js:1390:24)
at KeyManager.export_pgp_private (/home/ubuntu/.nvm/v0.10.26/lib/node_modules/kbpgp/lib/keymanager.js:1408:48)
at /home/ubuntu/workspace/pgp.js:40:13
at KeyManager.sign (/home/ubuntu/.nvm/v0.10.26/lib/node_modules/kbpgp/lib/keymanager.js:1539:18)
at Deferrals.exports.Deferrals.Deferrals._call (/home/ubuntu/.nvm/v0.10.26/lib/node_modules/kbpgp/node_modules/iced-runtime/lib/runtime.js:86:16)
at exports.Deferrals.Deferrals._fulfill (/home/ubuntu/.nvm/v0.10.26/lib/node_modules/kbpgp/node_modules/iced-runtime/lib/runtime.js:98:26)
at exports.trampoline.trampoline (/home/ubuntu/.nvm/v0.10.26/lib/node_modules/kbpgp/node_modules/iced-runtime/lib/runtime.js:64:14)
at Deferrals.exports.Deferrals.Deferrals._fulfill (/home/ubuntu/.nvm/v0.10.26/lib/node_modules/kbpgp/node_modules/iced-runtime/lib/runtime.js:96:16)
at ret (/home/ubuntu/.nvm/v0.10.26/lib/node_modules/kbpgp/node_modules/iced-runtime/lib/runtime.js:29:18)
at Engine.sign (/home/ubuntu/.nvm/v0.10.26/lib/node_modules/kbpgp/lib/keymanager.js:263:20)
here is the code:
alice.export_pgp_private({
passphrase: "my_secret_phrase"
}, function(err, pgp_private) {
console.log("Private Key: ", pgp_private);
});
I think instead what we should do is just triplesec an unencrypted version of the PGP private key, this was the clients in Python, etc. won't have to reimplement the whole PGP stack.
Right now we're assuming it's always ON, but what if it's off?
...or something that has a consistent metaphor. The box/unbox is from NaCl.
We will have to understand the packet format and then parse it.
The caller probably shouldn't care about the format of the output. In other words, how would this work for DSA?
We have the wrong ASN codes for the hashes, need to use different ones, according to the RFC. If we're not going to handle v3, we should make a better error.
We have a mix of different options, in primary keys, subkeys, and also regular messages. We should clean this up and only have one way, if possible.
A lot of places we have hard-coded RSA support. We should fix this.
See openpgp.KeyMaterial::get_klass
as an example.
Right now we have something in the KeyBlock processor when reading in keyblocks for signatures that we're skipping. We probably need a better system.
Need to borrow OIDs and packet format from GnuPG, since there's no RFC yet.
Right now it's always OFF, but what if it's ON?
See openpgp/packet/signature.iced
.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.