config file decryption - how?

Technical RetroShare discussions Forum

config file decryption - how?

Postby frodo » Sat Apr 05, 2014 2:23 pm

Hi all,

I tried to have a look at the config-files of RetroShare, but could not open them. Although I was able to

1) unlock my passphrase

$ gpg2 --homedir $RS/pgp --no-default-keyring --secret-keyring $RS/pgp/retroshare_secret_keyring.gpg --keyring $RS/pgp/retroshare_public_keyring.gpg $RS/keys/ssl_passphrase.pgp

2) decrypt and store the private key into 'user_pk'

$ openssl rsa -in $RS/keys/user_pk.pem -passin file:$RS/keys/ssl_passphrase -out $RS/keys/user_pk
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
[ snip ]
-----END RSA PRIVATE KEY-----

3) but I wasn't able to decrypt .e.g the 'peers.cfg'-file.

$ openssl rsautl -in ./peers.cfg -inkey $RS/keys/user_pk.pem -decrypt -passin file:$RS/keys/ssl_passphrase
RSA operation error
3069256912:error:0406506C:rsa routines:RSA_EAY_PRIVATE_DECRYPT:data greater than mod len:rsa_eay.c:523:

I wonder, what am I doing wrong? Maybe a kind soul could shed some light on this - thank you
frodo
 
Posts: 3
Joined: Sat Apr 05, 2014 2:19 pm

Re: config file decryption - how?

Postby electron » Wed Apr 09, 2014 10:27 am

I don't know how to decrypt the config files.

Even the decrypted config files are not human readable. So you best use Retroshare to read them.
electron
 
Posts: 96
Joined: Sun Aug 12, 2012 9:39 am

Re: config file decryption - how?

Postby csoler » Wed Apr 09, 2014 11:35 am

It seems that somehow openssl is expecting peers.cfg to be in ascii format (radix encoded).

anyway, what would you want to decrypt these files?
csoler
 
Posts: 319
Joined: Tue Oct 28, 2008 10:33 am

Re: config file decryption - how?

Postby frodo » Thu Apr 10, 2014 6:44 am

I use RetroShare's Darknet mode from behind a NAT. Whenever I start a new connection to one of my peers I must tell RetroShare the current external IP of that peer. I suppose RetroShare stores this IP-address in one of its config files. So if I am able to decrypt and encrypt the files I could update the IP address automatically with a small script.

Thank you for replying
frodo
frodo
 
Posts: 3
Joined: Sat Apr 05, 2014 2:19 pm

Re: config file decryption - how?

Postby Distro » Thu Apr 10, 2014 12:58 pm

Can’t your friend simply use a dyndns?
Distro
 
Posts: 303
Joined: Sun Sep 04, 2011 7:33 pm

Re: config file decryption - how?

Postby frodo » Thu Apr 10, 2014 7:40 pm

That should work, but we haven't tried that. Our point is to establish the connection ourselfs without any external support and keep the DarkNet as dark as possible. Our little sandbox - you know. :-)
frodo
 
Posts: 3
Joined: Sat Apr 05, 2014 2:19 pm

Re: config file decryption - how?

Postby csoler » Mon Apr 14, 2014 10:16 pm

The darkent mode (no discovery and no DHT) has no IP discovery system. So you cannot really use it without
having a fixed IP. If you want to, you need to manually update their IPs in the friends details from the GUI.

.cfg files are encrypted, but inside, they are serialized RS data in a format that is known internally to retroshare core, but not
easily readable by the end user. It should be possible to do what you're asking for, using some reverse engineering of the code
in the serialiser/ directory. But it won't be portable.

If you have trusted friends, it's probably a good idea to enable discovery between them, which would solve your problem.

Also, the DHT is not "storing" anything. It is just used by RS to contact friends as a side effect of how DHTs work in practice.
That means in particular that if you're using the DHT, someone who knows your location ID can tweak a RS node so as to retrieve your IP,
but that is not super easy to do, especially because your location ID is only known to you and your friends.
csoler
 
Posts: 319
Joined: Tue Oct 28, 2008 10:33 am


Return to Technical RetroShare discussion

Who is online

Users browsing this forum: No registered users and 1 guest