neicnordic / crypt4gh Goto Github PK

The reencrypt feature https://github.com/neicnordic/crypt4gh/tree/master#re-encrypt-files will completely replace the header and keys. Which means that if user wants to just add one extra key to an existing header, they have to have all the old public keys at hand as well.

Investigate if it would be feasible to have a feature for adding a new key to an existing header, without overwriting the header completely.

https://github.com/neicnordic/crypt4gh/blob/master/streaming/out.go#L79-L98

As a developer
I want to be able to supply the c4gh passphrase as an env variable
so that I can use the tool in scripts for automation.

It seems ssh.ParseRawPrivateKey from golang.org/x/crypto/ssh handles the OpenSSL ed25519 and x25519 key types nowadays, so the code currently at https://github.com/neicnordic/crypt4gh/blob/master/keys/keys.go#L99-L115 seems dead for the versions used.

Describe the bug
A clear and concise description of what the bug is.

To Reproduce
Steps to reproduce the behavior:

crypt4gh encrypt -f test -p user2.pub.pem -s user1.sec.pem 
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x18 pc=0x613089]

goroutine 1 [running]:
github.com/neicnordic/crypt4gh/keys.ReadPrivateKey({0x6e67e0?, 0xc0000a8068?}, {0x0, 0x0, 0x0})
        /home/runner/work/crypt4gh/crypt4gh/keys/keys.go:97 +0x189
main.readPrivateKey({0x7ffff5c32f48, 0xd})
        /home/runner/work/crypt4gh/crypt4gh/main.go:117 +0x76
main.encryptOp({0x0, 0x0})
        /home/runner/work/crypt4gh/crypt4gh/main.go:321 +0x2ca
main.main()
        /home/runner/work/crypt4gh/crypt4gh/main.go:87 +0x495

Expected behavior
File should be encrypted and signed with users private key (user1.sec.pem )

Screenshots
If applicable, add screenshots to help explain your problem.

Desktop (please complete the following information):

• OS: [e.g. iOS]
• Browser [e.g. chrome, safari]
• Version [e.g. 22]

Smartphone (please complete the following information):

• Device: [e.g. iPhone6]
• OS: [e.g. iOS8.1]
• Browser [e.g. stock browser, safari]
• Version [e.g. 22]

Additional context
Add any other context about the problem here.

The crypt4gh file format allows for having multiple symmetric keys encoded in the headers and blocks being encoded with any of these (keys are tried to use for decoding, checking the mac for whatever it was successful or not).

We probably handle this correctly, but we don't seem to have automated tests. I also haven't checked if reencryption manages it properly, and again, tests seem to be missing.

For the use case of sending parts of an encrypted stream in sensitive data archive (e.g. sda-download, neicnordic/sensitive-data-archive#696) it would be useful if headers.ReEncryptHeader accepted the possibility to receive something to replace the current data edit list.

I don't have any strong opinions on what the interface should look like (e.g. varargs, nil for no-replacement or something else).

Theoretically, there should be no need to remove the use of data edit list totally - the single element list [0] should mean the same, but it might be nice to be able to set the header to have no data edit list.

The python implementation supports generating a private key for encryption on the fly (when signing is not part of the use case), which simplifies things for users.

Could that be implemented in this codebase as well?