secrets create and secrets cat does not Provide Bitwise Reproductibility for non-ASCII Files

[CMCDragonkai]

Describe the bug

I've been dogfooding PK in delegating the .gnupg directory. You can see our progress here: https://github.com/MatrixAI/nixpkgs-matrix-private/pull/16#issuecomment-2675473317.

Starting from my SOURCE computer:

polykey secrets create ~/.gnupg/trustdb.kbx mydotfiles:/.gnupg/pubkey.kbx
polykey secrets create ~/.gnupg/trustdb.gpg mydotfiles:/.gnupg/trustdb.gpg
polykey secrets create ~/.gnupg/private-keys-v1.d/AX90C004D24B131518B39639620FD9E071FAB59C.key mydotfiles:/.gnupg/private-keys-v1.d/AX90C004D24B131518B39639620FD9E071FAB59C.key
polykey secrets create ~/.gnupg/private-keys-v1.d/LX1EC956EAD8EBA30B6323B4B797CAB46FBBBEDA.key mydotfiles:/.gnupg/private-keys-v1.d/LX1EC956EAD8EBA30B6323B4B797CAB46FBBBEDA.key
polykey secrets create ~/.gnupg/private-keys-v1.d/AAAK899808D1AD2A5DEE3D56775915412D40446A.key mydotfiles:/.gnupg/private-keys-v1.d/AAAK899808D1AD2A5DEE3D56775915412D40446A.key
polykey secrets create ~/.gnupg/private-keys-v1.d/ABCDA2806DBE54E85F445380D88FDD50C3AB18B8.key mydotfiles:/.gnupg/private-keys-v1.d/ABCDA2806DBE54E85F445380D88FDD50C3AB18B8.key

Here's the md5sum of the .gnupg:

$  md5sum .gnupg/* .gnupg/private-keys-v1.d/*
d68ce1bb01a3e0368b043e2398d66f7f  .gnupg/gpg-agent.conf
ac72564fc65de5d729b9053f50b9ea85  .gnupg/gpg.conf
md5sum: .gnupg/private-keys-v1.d: Is a directory
7b3d38f8ad7ba716ed3af9a57b038b91  .gnupg/pubring.kbx
5e09198ad64751bc0869e393e9f863bd  .gnupg/pubring.kbx~
md5sum: .gnupg/S.gpg-agent: Permission denied
md5sum: .gnupg/S.gpg-agent.browser: Permission denied
md5sum: .gnupg/S.gpg-agent.extra: Permission denied
md5sum: .gnupg/S.gpg-agent.ssh: Permission denied
434546c095accf0ac64563a52a0c5e3a  .gnupg/sshcontrol
3cf2b603baa4133e2b94a17081c57c48  .gnupg/trustdb.gpg
ef0cd7d41cbac8e621b2c0473d89f93d  .gnupg/private-keys-v1.d/AX90C004D24B131518B39639620FD9E071FAB59C.key
35d5a8960e33048d862a3d8ac074eae8  .gnupg/private-keys-v1.d/LX1EC956EAD8EBA30B6323B4B797CAB46FBBBEDA.key
1347862a9e4bd61ec109f182a98d046e  .gnupg/private-keys-v1.d/AAAK899808D1AD2A5DEE3D56775915412D40446A.key
c3af2a119d03e2e9955a66d1d089f7b8  .gnupg/private-keys-v1.d/ABCDA2806DBE54E85F445380D88FDD50C3AB18B8.key

Egressing to the TARGET computer:

polykey secrets cat mydotfiles:/.gnupg/pubring.kbx > ~/.gnupg/pubring.kbx
polykey secrets cat mydotfiles:/.gnupg/trustdb.gpg > ~/.gnupg/trustdb.gpg
polykey secrets cat mydotfiles:/.gnupg/private-keys-v1.d/AX90C004D24B131518B39639620FD9E071FAB59C.key > ~/.gnupg/private-keys-v1.d/AX90C004D24B131518B39639620FD9E071FAB59C.key
polykey secrets cat mydotfiles:/.gnupg/private-keys-v1.d/LX1EC956EAD8EBA30B6323B4B797CAB46FBBBEDA.key > ~/.gnupg/private-keys-v1.d/LX1EC956EAD8EBA30B6323B4B797CAB46FBBBEDA.key
polykey secrets cat mydotfiles:/.gnupg/private-keys-v1.d/AAAK899808D1AD2A5DEE3D56775915412D40446A.key > ~/.gnupg/private-keys-v1.d/AAAK899808D1AD2A5DEE3D56775915412D40446A.key
polykey secrets cat mydotfiles:/.gnupg/private-keys-v1.d/ABCDA2806DBE54E85F445380D88FDD50C3AB18B8.key > ~/.gnupg/private-keys-v1.d/ABCDA2806DBE54E85F445380D88FDD50C3AB18B8.key

Here is the target md5sum.

$  md5sum .gnupg/* .gnupg/private-keys-v1.d/*
d68ce1bb01a3e0368b043e2398d66f7f  .gnupg/gpg-agent.conf
ac72564fc65de5d729b9053f50b9ea85  .gnupg/gpg.conf
md5sum: .gnupg/private-keys-v1.d: Is a directory
e475bdc8a2494415728e32f876d83f3c  .gnupg/pubring.kbx
e63f9406a4eb03990ffe390bd12a44c2  .gnupg/trustdb.gpg
eac2b4edb1e2ac0a26f255058f4ce24a  .gnupg/private-keys-v1.d/AX90C004D24B131518B39639620FD9E071FAB59C.key
35d5a8960e33048d862a3d8ac074eae8  .gnupg/private-keys-v1.d/LX1EC956EAD8EBA30B6323B4B797CAB46FBBBEDA.key
1347862a9e4bd61ec109f182a98d046e  .gnupg/private-keys-v1.d/AAAK899808D1AD2A5DEE3D56775915412D40446A.key
c3af2a119d03e2e9955a66d1d089f7b8  .gnupg/private-keys-v1.d/ABCDA2806DBE54E85F445380D88FDD50C3AB18B8.key

You can see that 3 files do not have matching hashes:

• BINARY FILE .gnupg/trustdb.gpg
• BINARY FILE .gnupg/pubring.kbx
• ISO-8859 TEXT .gnupg/private-keys-v1.d/AX90C004D24B131518B39639620FD9E071FAB59C.key

The correct files are all ASCII text according to file.

This tells me there isn't sufficient randomised testing with binary data for the commands. We need to use fastcheck for this.

To Reproduce

1. Use secrets create to ingress a binary file.
2. Use secrets cat to egress a binary file
3. Observe md5sum hash difference.

Expected behavior

They should be bitwise reproducible.

Platform

• Device: Linux
• OS: NixOS
• Version: Linux matrix-framework-13-ryzen-7040 6.12.8 #1-NixOS SMP PREEMPT_DYNAMIC Thu Jan 2 09:34:26 UTC 2025 x86_64 GNU/Linux

Additional context

• https://github.com/MatrixAI/nixpkgs-matrix-private/pull/16#issuecomment-2675473317

Notify maintainers

@aryanjassal @tegefaulkes

[linear]

ENG-536

[CMCDragonkai]

This tells me there isn't sufficient randomised testing with binary data for the commands. We need to use fastcheck for this.

[CMCDragonkai]

Assigning to you @aryanjassal cause this is really needs to be fixed as part of the work with #249 #248

[CMCDragonkai]

Considering that we want to remove the create command entirely.

[aryanjassal]

Yeah. I will make a list of final secrets commands that we will have so we have a good idea of the final goal.

Reviewing the code, I can see that ingress and egress commands don't actually have a sufficient amount of fast-check applied to them, so I'll go through them and update them all to use fast check when I next work on Polykey.