Git Product home page Git Product logo

crypt4gh's People

Contributors

blankdots avatar jvkersch avatar silverdaz avatar teemukataja avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar

Forkers

alexandersenf umccr grbot mrrobb langford cscfi manabuishii prajwalpanzade karanjot786 cervigni sureshhewabi jvkersch

crypt4gh's Issues

Locale problems on Ubuntu during installation

Test case:

Distributor ID:	Ubuntu
Description:	Ubuntu 16.04.5 LTS
Release:	16.04
Codename:	xenial

python3 --version
Python 3.6.9
  1. pip3 install git+https://github.com/EGA-archive/crypt4gh.git

Expected result: the tool is installed.

Actual result:

Traceback (most recent call last):
  File "/usr/bin/pip3", line 11, in <module>
    sys.exit(main())
  File "/usr/lib/python3/dist-packages/pip/__init__.py", line 215, in main
    locale.setlocale(locale.LC_ALL, '')
  File "/usr/lib/python3.5/locale.py", line 594, in setlocale
    return _setlocale(category, locale)
locale.Error: unsupported locale setting
Error in sys.excepthook:
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/apport_python_hook.py", line 109, in apport_excepthook
    pr.add_proc_info(extraenv=['PYTHONPATH', 'PYTHONHOME'])
  File "/usr/lib/python3/dist-packages/apport/report.py", line 525, in add_proc_info
    self.add_proc_environ(pid, extraenv)
  File "/usr/lib/python3/dist-packages/apport/report.py", line 592, in add_proc_environ
    env = _read_file('environ', dir_fd=proc_pid_fd).replace('\n', '\\n')
  File "/usr/lib/python3/dist-packages/apport/report.py", line 73, in _read_file
    with open(path, 'rb', opener=lambda path, mode: os.open(path, mode, dir_fd=dir_fd)) as fd:
  File "/usr/lib/python3/dist-packages/apport/report.py", line 73, in <lambda>
    with open(path, 'rb', opener=lambda path, mode: os.open(path, mode, dir_fd=dir_fd)) as fd:
TypeError: argument should be integer, not list

Original exception was:
Traceback (most recent call last):
  File "/usr/bin/pip3", line 11, in <module>
    sys.exit(main())
  File "/usr/lib/python3/dist-packages/pip/__init__.py", line 215, in main
    locale.setlocale(locale.LC_ALL, '')
  File "/usr/lib/python3.5/locale.py", line 594, in setlocale
    return _setlocale(category, locale)
locale.Error: unsupported locale setting

Work-around: export LC_ALL=C

Tests are commented out

Most of the tests in test_crypt4gh.py and test_cli.py are commented out. As we start collaborating on this together, we could be breaking things and not know it. Would be great if we can get these working again! ๐Ÿ‘

Can't install in a clean environment

Problem

When installing the library I get the following error:

  Cloning https://github.com/EGA-archive/crypt4gh.git to /private/var/folders/1d/71z0tzqj39s7m3_yq504_t1r0000gn/T/pip-req-build-prc_7eza
  Running command git clone -q https://github.com/EGA-archive/crypt4gh.git /private/var/folders/1d/71z0tzqj39s7m3_yq504_t1r0000gn/T/pip-req-build-prc_7eza
    ERROR: Command errored out with exit status 1:
     command: /private/tmp/venv/bin/python3.8 -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'/private/var/folders/1d/71z0tzqj39s7m3_yq504_t1r0000gn/T/pip-req-build-prc_7eza/setup.py'"'"'; __file__='"'"'/private/var/folders/1d/71z0tzqj39s7m3_yq504_t1r0000gn/T/pip-req-build-prc_7eza/setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(__file__);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' egg_info --egg-base /private/var/folders/1d/71z0tzqj39s7m3_yq504_t1r0000gn/T/pip-req-build-prc_7eza/pip-egg-info
         cwd: /private/var/folders/1d/71z0tzqj39s7m3_yq504_t1r0000gn/T/pip-req-build-prc_7eza/
    Complete output (7 lines):
    Traceback (most recent call last):
      File "<string>", line 1, in <module>
      File "/private/var/folders/1d/71z0tzqj39s7m3_yq504_t1r0000gn/T/pip-req-build-prc_7eza/setup.py", line 7, in <module>
        from crypt4gh import __version__, __author__, __title__, __doc__ as lega_doc, __license__, PROG
      File "/private/var/folders/1d/71z0tzqj39s7m3_yq504_t1r0000gn/T/pip-req-build-prc_7eza/crypt4gh/__init__.py", line 25, in <module>
        from nacl.exceptions import InvalidkeyError, BadSignatureError, CryptoError
    ModuleNotFoundError: No module named 'nacl'
    ----------------------------------------
ERROR: Command errored out with exit status 1: python setup.py egg_info Check the logs for full command output.

Steps to reproduce

virtualenv /tmp/venv
source /tmp/venv/bin/activate
pip install git+https://github.com/EGA-archive/crypt4gh.git

Probable cause

setup.py imports the ga4gh library to get the __version__ strings and some other metadata. But ga4gh/__init__.py imports both nacl and cryptography, both of which aren't installed yet.

All encryption keys are not checked.

In cases where se several encryption keys are used, no error message is returned if one of the keys is missing.
Example. Command:

crypt4gh encrypt --recipient_pk key1.pub --recipient_pk key2.pub < input > out.c4gh

does not report any errors if key1.pub exists but key2.pub does not exist.

"Header too small"

Hi! I am trying to decrypt some files and I have a secret key for that that I've set as passphrase:

export C4GH_PASSPHRASE= decryption key they sent me via email

I am trying to generate a secret key using ssh-keygen -t ed25519 and then I set this:

export C4GH_SECRET_KEY=โ€™ega_ed25519_key' generated as above

But when I try to decrypt my file using cat $file_to_decrypt | crypt4gh decrypt > "$file_to_decrypt"

I get the error:

Warning: Using a passphrase in an environment variable is insecure
Header too small

Do you know where the error is coming from? Many thanks in advance!

Multiple recipient features

Would it be possible to add two features?

  1. That will allow for multiple recipients to be added in the encryption process. Multiple recipients would then be able to decrypt the message.

  2. In re-encryption to be allowed to add an additional recipient to the header without encrypting the data packet again. The result would be multiple recipients in the header and in turn multiple recipients can decrypt the message.

Support storing header and data in separate files?

First of all, thank you for putting together this implementation. We used it in our usecase, to handle Crypt4GH-encrypted data in a DRS implementation. One limitation of the current implementation, however, is that the header and file data are always stored together, in the same file. The disadvantage is that re-encryption therefore implies creating a new header, and copying over the encrypted data, which may be substantial. Moreover, it may make sense, at times, to store the header and the data in entirely separate environments (e.g. encrypted file data in an S3 bucket, and the header in memory or in a database).

Would it be possible to extend the API to allow for writing the header and data to different files? As far as I can tell this would mean that all API functions would take two output files as arguments, instead of one, but this would not affect the CLI.

If this is an idea that meets with your approval, I can put together a PR.

`docopt` dependency is abandoned

docopt hasn't received any updates since 2014, and only a source distribution is available on pypi. For my use case each dependency of crypt4gh required a built distribution (a wheel file) to work. I built a wheel file for docopt manually and everything is OK for my use case.

The docopt project appears to be abandoned and users are reporting compatibility problems with newer versions of python. I just wanted to mention this as you might run into problems in the future.

Thanks for your work developing this great package ๐Ÿฅณ

OpenSSL X25519 keys don't seem to be supported

Test case:

  1. openssl genpkey -algorithm x25519 -out writer.sec.pem
  2. openssl pkey -in writer.sec.pem -pubout -out writer.pub.pem
  3. openssl genpkey -algorithm x25519 -out reader.sec.pem
  4. openssl pkey -in reader.sec.pem -pubout -out reader.pub.pem
  5. crypt4gh encrypt --sk writer.sec.pem --recipient_pk reader.pub.pem < file > file.c4gh

Expected result: the file is encrypted.

Actual result:

Traceback (most recent call last):
  File "/home/ubuntu/.local/bin/crypt4gh", line 8, in <module>
    sys.exit(main())
  File "/home/ubuntu/.local/lib/python3.6/site-packages/crypt4gh/__main__.py", line 21, in main
    cmd(args)
  File "/home/ubuntu/.local/lib/python3.6/site-packages/crypt4gh/cli.py", line 142, in encrypt
    end_coordinate = range_end)
  File "/home/ubuntu/.local/lib/python3.6/site-packages/crypt4gh/engine.py", line 91, in encrypt
    header_bytes = header.serialize(header_packets)
  File "/home/ubuntu/.local/lib/python3.6/site-packages/crypt4gh/header.py", line 75, in serialize
    packets = list(packets)
  File "/home/ubuntu/.local/lib/python3.6/site-packages/crypt4gh/header.py", line 259, in encrypt
    encrypt_X25519_Chacha20_Poly1305(packet, seckey, recipient_pubkey))
  File "/home/ubuntu/.local/lib/python3.6/site-packages/crypt4gh/header.py", line 150, in encrypt_X25519_Chacha20_Poly1305
    pubkey = bytes(PrivateKey(seckey).public_key)
  File "/home/ubuntu/.local/lib/python3.6/site-packages/nacl/public.py", line 90, in __init__
    "bytes long raw secret key").format(self.SIZE)
nacl.exceptions.TypeError: PrivateKey must be created from a 32 bytes long raw secret key

Can't generate keys when python is built with scrypt

Problem

When trying to generate keys with crypt4gh-keygen I get the following error:

Traceback (most recent call last):
  File "/private/tmp/venv/bin/crypt4gh-keygen", line 8, in <module>
    sys.exit(main())
  File "/private/tmp/venv/lib/python3.8/site-packages/crypt4gh/keys.py", line 263, in main
    run(argv)
  File "/private/tmp/venv/lib/python3.8/site-packages/crypt4gh/keys.py", line 259, in run
    generate(seckey, pubkey, callback=cb, comment=comment)
  File "/private/tmp/venv/lib/python3.8/site-packages/crypt4gh/keys.py", line 149, in generate
    pkey = _encode_encrypted_private_key(sk, passphrase.encode(), comment)
  File "/private/tmp/venv/lib/python3.8/site-packages/crypt4gh/keys.py", line 114, in _encode_encrypted_private_key
    derived_key = _derive_key(kdfname, passphrase, salt, rounds)
  File "/private/tmp/venv/lib/python3.8/site-packages/crypt4gh/keys.py", line 89, in _derive_key
    return scrypt(passphrase, salt, 1<<14, 8, 1, dklen=32)
TypeError: scrypt() takes exactly 1 positional argument (5 given)

Steps to reproduce

  1. Make sure that python is built against OpenSSL 1.1. Can be done by trying to import the scrypt function from hashlib for example.
  2. Run:
    crypt4gh-keygen --pk a --sk b

Suggested solution

Update the call to scrypt to take keyword arguments instead of positional.

Passphrase confirmation

When generating a c4gh-v1 key, we should ask confirmation for the passphrase.
We ask twice and compare the responses.

Batch decrypt?

Is there any way to decrypt multiple files at once? Perhaps I'm missing a simple solution?

Wildcard seems to still only read in one file at at time. I wrote a looping script, but despite setting unlimited timeout, I can't seem to use a script with "expect" either to roll through the files one at a time. We have almost 1000 files to decrypt. Thank you!

I can't install it

pip install git+https://github.com/EGA-archive/crypt4gh.git
Collecting git+https://github.com/EGA-archive/crypt4gh.git
Cloning https://github.com/EGA-archive/crypt4gh.git to /tmp/pip-req-build-zze_dA
Complete output from command python setup.py egg_info:
Traceback (most recent call last):
File "", line 1, in
File "/tmp/pip-req-build-zze_dA/setup.py", line 23
f'{PROG} = crypt4gh.main:main' ,
^
SyntaxError: invalid syntax

----------------------------------------

This is on:
Distributor ID: Ubuntu
Description: Ubuntu 16.04.5 LTS
Release: 16.04
Codename: xenial

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.