Changeset 138

Timestamp:

05/20/05 17:45:32

Author:

ben

Message:

Closer to signing, and parse secret key.

Files:

• openpgpsdk/trunk/examples/create-signed-key.c (modified) (2 diffs)
• openpgpsdk/trunk/examples/packet-dump.c (modified) (1 diff)
• openpgpsdk/trunk/include/create.h (modified) (1 diff)
• openpgpsdk/trunk/include/packet.h (modified) (3 diffs)
• openpgpsdk/trunk/src/create.c (modified) (2 diffs)
• openpgpsdk/trunk/src/packet-parse.c (modified) (6 diffs)
• openpgpsdk/trunk/src/signature.c (modified) (1 diff)

openpgpsdk/trunk/examples/create-signed-key.c

@@ -19 +19 @@
-    unsigned char keyid[OPS_KEY_ID_SIZE];
-
-4
+2
-        {
-n> <e> <user id
+public key file> <secret key file
-        exit(1);
-        }
@@ -43 +43 @@
-
-    ops_signature_start(&sig,&key,&id);
-//    
+
-
-    ops_keyid(keyid,&key);
-//    
+
-
-//    
+
-
-    ops_signature_hashed_subpackets_end(&sig);

openpgpsdk/trunk/examples/packet-dump.c

@@ -467 +467 @@
-        break;
-
+    case OPS_PTAG_CT_SECRET_KEY:
+        // XXX: fix me
+        printf("***RACHEL DO YOUR THING HERE***\n");
+        break;
+
-    default:
-        fprintf(stderr,"packet-dump: unknown tag=%d\n",content_->tag);

openpgpsdk/trunk/include/create.h

@@ -46 +46 @@
-ops_boolean_t ops_write_scalar(unsigned n,unsigned length,
-                               ops_create_options_t *opt);
+ops_boolean_t ops_write_ss_header(unsigned length,ops_content_tag_t type,
+                                  ops_create_options_t *opt);
-
-void ops_fast_create_rsa_public_key(ops_public_key_t *key,time_t time,

openpgpsdk/trunk/include/packet.h

@@ -290 +290 @@
-    } ops_secret_key_union_t;
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
-    } ops_secret_key_t;
-
@@ -633 +641 @@
-    ops_ss_features_t           ss_features;
-    ops_ss_revocation_reason_t  ss_revocation_reason;
+    ops_secret_key_t            secret_key;
-    } ops_parser_content_union_t;
-
@@ -672 +681 @@
-void ops_packet_free(ops_packet_t *packet);
-void ops_parser_content_free(ops_parser_content_t *c);
+void ops_secret_key_free(ops_secret_key_t *key);
-
-/* vim:set textwidth=120: */

openpgpsdk/trunk/src/create.c

@@ -56 +56 @@
-ops_boolean_t ops_write_length(unsigned length,ops_create_options_t *opt)
-    {
-5
+2
-
-    if(length < 192)
@@ -69 +69 @@
-        return base_write(c,2,opt);
-        }
-
-
+
+
+
+
+
+
+
+
-    }
-

openpgpsdk/trunk/src/packet-parse.c

@@ -536 +536 @@
-        break;
-
+    case OPS_PTAG_CT_SECRET_KEY:
+        ops_secret_key_free(&c->content.secret_key);
+        break;
+
-    default:
-        fprintf(stderr,"Can't free %d (0x%x)\n",c->tag,c->tag);
@@ -578 +582 @@
-    }
-
+static int parse_public_key_data(ops_public_key_t *key,ops_region_t *region,
+                                 ops_parse_options_t *opt)
+    {
+    ops_parser_content_t content;
+    unsigned char c[1];
+
+    assert (region->length_read == 0);  /* We should not have read anything so far */
+
+    if(!ops_limited_read(c,1,region,opt))
+        return 0;
+    key->version=c[0];
+    if(key->version < 2 || key->version > 4)
+        ERR1("Bad public key version (0x%02x)",key->version);
+
+    if(!limited_read_time(&key->creation_time,region,opt))
+        return 0;
+
+    key->days_valid=0;
+    if((key->version == 2 || key->version == 3)
+       && !limited_read_scalar(&key->days_valid,2,region,opt))
+        return 0;
+
+    if(!ops_limited_read(c,1,region,opt))
+        return 0;
+
+    key->algorithm=c[0];
+
+    switch(key->algorithm)
+        {
+    case OPS_PKA_DSA:
+        if(!limited_read_mpi(&key->key.dsa.p,region,opt)
+           || !limited_read_mpi(&key->key.dsa.q,region,opt)
+           || !limited_read_mpi(&key->key.dsa.g,region,opt)
+           || !limited_read_mpi(&key->key.dsa.y,region,opt))
+            return 0;
+        break;
+
+    case OPS_PKA_RSA:
+    case OPS_PKA_RSA_ENCRYPT_ONLY:
+    case OPS_PKA_RSA_SIGN_ONLY:
+        if(!limited_read_mpi(&key->key.rsa.n,region,opt)
+           || !limited_read_mpi(&key->key.rsa.e,region,opt))
+            return 0;
+        break;
+
+    case OPS_PKA_ELGAMAL:
+        if(!limited_read_mpi(&key->key.elgamal.p,region,opt)
+           || !limited_read_mpi(&key->key.elgamal.g,region,opt)
+           || !limited_read_mpi(&key->key.elgamal.y,region,opt))
+            return 0;
+        break;
+
+    default:
+        ERR1("Unknown public key algorithm (%d)",key->algorithm);
+        }
+
+    return 1;
+    }
+
+
-/** Parse a public key packet.
- *
@@ -595 +659 @@
-    {
-    ops_parser_content_t content;
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
-    if(region->length_read != region->length)
-        ERR1("Unconsumed data (%d)", region->length-region->length_read);
@@ -1397 +1414 @@
-    }
-
+void ops_secret_key_free(ops_secret_key_t *key)
+    {
+    switch(key->public_key.algorithm)
+        {
+    case OPS_PKA_RSA:
+    case OPS_PKA_RSA_ENCRYPT_ONLY:
+    case OPS_PKA_RSA_SIGN_ONLY:
+        free_BN(&key->key.rsa.d);
+        free_BN(&key->key.rsa.p);
+        free_BN(&key->key.rsa.q);
+        free_BN(&key->key.rsa.u);
+        break;
+
+    default:
+        assert(0);
+        }
+
+    ops_public_key_free(&key->public_key);
+    }
+
+static int parse_secret_key(ops_region_t *region,ops_parse_options_t *opt)
+    {
+    ops_parser_content_t content;
+    unsigned char c[1];
+
+    if(!parse_public_key_data(&C.secret_key.public_key,region,opt))
+        return 0;
+    if(!ops_limited_read(c,1,region,opt))
+        return 0;
+    C.secret_key.s2k_usage=c[0];
+    assert(C.secret_key.s2k_usage == 0);
+
+    switch(C.secret_key.public_key.algorithm)
+        {
+    case OPS_PKA_RSA:
+    case OPS_PKA_RSA_ENCRYPT_ONLY:
+    case OPS_PKA_RSA_SIGN_ONLY:
+        if(!limited_read_mpi(&C.secret_key.key.rsa.d,region,opt)
+           || !limited_read_mpi(&C.secret_key.key.rsa.p,region,opt)
+           || !limited_read_mpi(&C.secret_key.key.rsa.q,region,opt)
+           || !limited_read_mpi(&C.secret_key.key.rsa.u,region,opt))
+            return 0;
+        break;
+
+    default:
+        assert(0);
+        }
+
+    if(!limited_read_scalar(&C.secret_key.checksum,2,region,opt))
+        return 0;
+    // XXX: check the checksum
+
+    CB(OPS_PTAG_CT_SECRET_KEY,&content);
+
+    return 1;
+    }
+
-/** Parse one packet.
- *
@@ -1505 +1579 @@
-        break;
-
+    case OPS_PTAG_CT_SECRET_KEY:
+        r=parse_secret_key(&region,opt);
+        break;
+
-    default:
-        format_error(&content,"Format error (unknown content tag %d)",
@@ -1511 +1589 @@
-        r=0;
-        }
+    // XXX: shouldn't we check that the entire packet has been consumed?
-    if(opt->accumulate)
-        {

openpgpsdk/trunk/src/signature.c

@@ -299 +299 @@
-    rsa_sign(&sig->hash,&key->key.rsa,&skey->key.rsa);
-    }
+
+void ops_signature_add_creation_time(ops_create_signature_t *sig,time_t when)
+    {
+    ops_write_ss_header(5,OPS_PTAG_SS_CREATION_TIME,&sig->opt);
+    ops_write_scalar(when,4,&sig->opt);
+    }
+
+void ops_signature_add_issuer_key_id(ops_create_signature_t *sig,
+                                     const unsigned char keyid[OPS_KEY_ID_SIZE])
+    {
+    ops_write_ss_header(OPS_KEY_ID_SIZE+1,OPS_PTAG_SS_ISSUER_KEY_ID,&sig->opt);
+    ops_write(keyid,OPS_KEY_ID_SIZE,&sig->opt);
+    }
+
+void ops_signature_add_primary_user_id(ops_create_signature_t *sig,
+                                       ops_boolean_t primary)
+    {
+    ops_write_ss_header(2,OPS_PTAG_SS_PRIMARY_USER_ID,&sig->opt);
+    ops_write_scalar(primary,1,&sig->opt);
+    }