Permalink
Browse files

more changes to netpgpverify on agc-netpgp-standalone branch:

+ remove the copy of digest.h from libbn sources, use the one in
libdigest, and fix up lib/verify/Makefile to accommodate

+ get rid of header files we don't need, and pick up header files
from the correct directory

+ remove the hexdump utility routine from the libbn misc support
routines, it's not needed

+ add a comment describing the pubring primary key parser structure
  • Loading branch information...
1 parent ff87ffd commit cebddc90e3465293f6cfdd3e6b07eee6ca10a674 agc committed Nov 2, 2012
@@ -1,93 +0,0 @@
-/*-
- * Copyright (c) 2012 Alistair Crooks <agc@NetBSD.org>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-#ifndef DIGEST_H_
-#define DIGEST_H_ 20100108
-
-#include <sys/types.h>
-
-#ifdef _KERNEL
-# include <sys/md5.h>
-# include <sys/sha1.h>
-# include <sys/sha2.h>
-# include <sys/rmd160.h>
-#else
-# include <md5.h>
-# include <sha1.h>
-# include <sha2.h>
-# include <rmd160.h>
-# include <inttypes.h>
-#endif
-
-#ifndef __BEGIN_DECLS
-# if defined(__cplusplus)
-# define __BEGIN_DECLS extern "C" {
-# define __END_DECLS }
-# else
-# define __BEGIN_DECLS
-# define __END_DECLS
-# endif
-#endif
-
-__BEGIN_DECLS
-
-#define MD5_HASH_ALG 1
-#define SHA1_HASH_ALG 2
-#define RIPEMD_HASH_ALG 3
-#define SHA256_HASH_ALG 8
-#define SHA384_HASH_ALG 9
-#define SHA512_HASH_ALG 10
-#define SHA224_HASH_ALG 11
-
-/* structure to describe digest methods */
-typedef struct digest_t {
- uint32_t alg; /* algorithm */
- size_t size; /* size */
- union {
- MD5_CTX md5ctx; /* MD5 */
- SHA1_CTX sha1ctx; /* SHA1 */
- SHA256_CTX sha256ctx; /* SHA256 */
- } u;
- uint8_t *prefix; /* points to specific prefix */
- uint32_t len; /* prefix length */
- void *ctx; /* pointer to context array */
-} digest_t;
-
-int digest_init(digest_t */*digest*/, const uint32_t /*hashalg*/);
-int digest_update(digest_t */*digest*/, const uint8_t */*data*/, size_t /*size*/);
-unsigned digest_final(uint8_t */*out*/, digest_t */*digest*/);
-int digest_alg_size(unsigned /*alg*/);
-int digest_length(digest_t */*hash*/, unsigned /*hashedlen*/);
-
-void MD5_Init(MD5_CTX */*context*/);
-void MD5_Update(MD5_CTX */*context*/, const unsigned char */*data*/, unsigned int /*len*/);
-void MD5_Final(unsigned char /*digest*/[16], MD5_CTX */*context*/);
-
-void SHA1_Init(SHA1_CTX */*context*/);
-void SHA1_Update(SHA1_CTX */*context*/, const unsigned char */*data*/, unsigned int /*len*/);
-void SHA1_Final(unsigned char /*digest*/[20], SHA1_CTX */*context*/);
-
-__END_DECLS
-
-#endif
@@ -80,45 +80,3 @@ logmessage(const int level, const char *fmt, ...)
}
}
#endif
-
-#ifndef _KERNEL
-#define LINELEN 16
-
-#define PRIsize "z"
-
-/* show hexadecimal/ascii dump */
-void
-hexdump(FILE *fp, const char *header, const uint8_t *src, size_t length)
-{
- size_t i;
- char line[LINELEN + 1];
-
- if (src == NULL) {
- return;
- }
- if (fp == NULL) {
- fp = stdout;
- }
- (void) fprintf(fp, "%s%s", (header) ? header : "", (header) ? "\n" : "");
- (void) fprintf(fp, "[%" PRIsize "u char%s]\n", length, (length == 1) ? "" : "s");
- for (i = 0 ; i < length ; i++) {
- if (i % LINELEN == 0) {
- (void) fprintf(fp, "%.5" PRIsize "u | ", i);
- }
- (void) fprintf(fp, "%.02x ", (uint8_t)src[i]);
- line[i % LINELEN] = (isprint(src[i])) ? src[i] : '.';
- if (i % LINELEN == LINELEN - 1) {
- line[LINELEN] = 0x0;
- (void) fprintf(fp, " | %s\n", line);
- }
- }
- if (i % LINELEN != 0) {
- for ( ; i % LINELEN != 0 ; i++) {
- (void) fprintf(fp, " ");
- line[i % LINELEN] = ' ';
- }
- line[LINELEN] = 0x0;
- (void) fprintf(fp, " | %s\n", line);
- }
-}
-#endif
@@ -46,7 +46,6 @@ void netpgp_deallocate(void */*ptr*/, size_t /*size*/);
#ifndef _KERNEL
void logmessage(const int /*level*/, const char */*fmt*/, ...);
-void hexdump(FILE */*fp*/, const char */*header*/, const uint8_t */*src*/, size_t /*length*/);
#endif
__END_DECLS
@@ -27,13 +27,9 @@
#include <sys/param.h>
#include <sys/mman.h>
-#include <netpgp/bn.h>
-#include <netpgp/digest.h>
-
#include <bzlib.h>
#include <err.h>
#include <inttypes.h>
-#include <regex.h>
#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
@@ -43,7 +39,9 @@
#include <zlib.h>
#include "array.h"
+#include "bn.h"
#include "b64.h"
+#include "digest.h"
#include "pgpsum.h"
#include "rsa.h"
#include "verify.h"
@@ -356,7 +354,7 @@ fmt_binary_mpi(pgpv_bignum_t *mpi, uint8_t *p, size_t size)
bytes = BITS_TO_BYTES(mpi->bits);
if ((size_t)bytes + 2 + 1 > size) {
- fprintf(stderr, "truncated mpi\n");
+ warn("truncated mpi");
return 0;
}
if (mpi->bn == NULL || BN_is_zero(mpi->bn)) {
@@ -1361,7 +1359,6 @@ fmt_pubkey(char *s, size_t size, pgpv_pubkey_t *pubkey, const char *leader)
if (pubkey->expiry) {
cc += fmt_time(&s[cc], size - cc, " [Expiry ", pubkey->birth + pubkey->expiry, "]", 0);
}
- /* XXX - revoked? */
cc += snprintf(&s[cc], size - cc, "\n");
cc += fmt_fingerprint(&s[cc], size - cc, &pubkey->fingerprint, "fingerprint: ");
return cc;
@@ -1549,8 +1546,8 @@ rsa_verify(uint8_t *calculated, unsigned calclen, uint8_t hashalg, pgpv_bignum_t
unsigned prefixlen;
unsigned decryptc;
unsigned i;
- uint8_t decrypted[8192]; /* XXX */
- uint8_t sigbn[8192]; /* XXX */
+ uint8_t decrypted[8192];
+ uint8_t sigbn[8192];
uint8_t prefix[64];
size_t keysize;
@@ -1901,6 +1898,37 @@ get_literal_data(pgpv_cursor_t *cursor, pgpv_litdata_t *litdata, size_t *size)
return litdata->s.data;
}
+/*
+RFC 4880 describes the structure of v4 keys as:
+
+ Primary-Key
+ [Revocation Self Signature]
+ [Direct Key Signature...]
+ User ID [Signature ...]
+ [User ID [Signature ...] ...]
+ [User Attribute [Signature ...] ...]
+ [[Subkey [Binding-Signature-Revocation]
+ Primary-Key-Binding-Signature] ...]
+
+and that's implemented below as a recursive descent parser.
+It has had to be modified, though: see the comment
+
+ some keys out there have user ids where they shouldn't
+
+to look like:
+
+ Primary-Key
+ [Revocation Self Signature]
+ [Direct Key Signature...]
+ [User ID [Signature ...]
+ [User ID [Signature ...] ...]
+ [User Attribute [Signature ...] ...]
+ [Subkey [Binding-Signature-Revocation]
+ Primary-Key-Binding-Signature] ...]
+
+to accommodate keyrings set up by gpg
+*/
+
/* recognise a primary key */
static int
recog_primary_key(pgpv_t *pgp, pgpv_primarykey_t *primary)
@@ -1930,7 +1958,6 @@ recog_primary_key(pgpv_t *pgp, pgpv_primarykey_t *primary)
/* XXX - check it's a good key expiry */
primary->primary.expiry = signature.keyexpiry;
}
-if (signature.revoked) fprintf(stderr, "agc - revoked1\n");
ARRAY_APPEND(primary->direct_sigs, signature);
}
/* some keys out there have user ids where they shouldn't */
@@ -33,8 +33,7 @@
#include <string.h>
#include <unistd.h>
-#include <netpgp/digest.h>
-
+#include "digest.h"
#include "pgpsum.h"
/* add the ascii armor line endings (except for last line) */
@@ -1,10 +1,11 @@
-# $NetBSD: Makefile,v 1.1.2.3 2012/10/30 02:10:42 agc Exp $
+# $NetBSD: Makefile,v 1.1.2.4 2012/11/02 00:35:51 agc Exp $
LIB=netpgpverify
SRCS=libverify.c b64.c pgpsum.c
SRCS+=digest.c tiger.c
SRCS+=bignum.c misc.c
CPPFLAGS+=-I${EXTDIST}/src/libbn
+CPPFLAGS+=-I${EXTDIST}/src/libdigest
CPPFLAGS+=-I${EXTDIST}/src/librsa
MAN=libnetpgpverify.3
WARNS=5

0 comments on commit cebddc9

Please sign in to comment.