reactor
/
ptth
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

update: add perms warning

main
_ 2021-01-19 18:22:22 -06:00
parent ce917e7348
commit 278d591954
2 changed files with 12 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
bare_minimum_crypto/cpp/bmc_main.cpp
View File

@ -1,4 +1,5 @@
#include <chrono>
#include <filesystem>
#include <fstream>
#include <iostream>
#include <optional>
@ -20,6 +21,7 @@
using namespace std;
using nlohmann::json;
using namespace BareMinimumCrypto;
namespace fs = std::filesystem;
int file (const string & file_path) {
cout << "Reading `" << file_path << "`" << endl;
@ -50,24 +52,30 @@ int file (const string & file_path) {
if (schema == "3T6XF5DZ") {
cout << "File is a passphrase-protected secret key" << endl;
// Read msgpack fields
const Instant time_created (j ["time_created"]);
const auto pubkey = j ["pubkey"].get_binary ();
const string key_machine_id = j ["machine_id"];
const auto our_machine_id = get_machine_id ();
// Read data from other places
const auto now = Instant::now ();
// Print normal stuff
cout << "Generated at Unix time " << time_created.x
<< " (" << now.x - time_created.x << " seconds ago)"
<< endl;
cout << "Generated on machine ID " << key_machine_id << endl;
cout << "Claims to have Base64 pubkey " << base64_encode (pubkey) << endl;
// Print warnings
if (now.x < time_created.x) {
cout << "The key was generated in the past. Someone's clock is wrong." << endl;
cout << "* The key was generated in the past. Someone's clock is wrong." << endl;
}
if (our_machine_id != key_machine_id) {
cout << "The key was generated on another machine. You should report this." << endl;
if (get_machine_id () != key_machine_id) {
cout << "* The key was generated on another machine. You should report this." << endl;
}
if (fs::status (file_path).permissions () != fs::perms::owner_read) {
cout << "* The key doesn't have the right permissions. Try `chmod 400` on it." << endl;
}
}
else {

2
bare_minimum_crypto/cpp/signing_key.h
View File

@ -37,8 +37,6 @@ namespace BareMinimumCrypto {
static optional <SigningKey> load_from_file (const string & file_path, const string & passphrase);
static optional <SigningKeyFile> check_file (const string & file_path);
vector <uint8_t> pubkey () const;
vector <uint8_t> pub_to_msgpack () const;