Changeset 397

Timestamp:

03/03/06 14:45:32

Author:

ben

Message:

Handle one pass signatures.

Files:

• openpgpsdk/trunk/examples/packet-dump.c (modified) (3 diffs)
• openpgpsdk/trunk/examples/verify2.c (modified) (2 diffs)
• openpgpsdk/trunk/include/openpgpsdk/crypto.h (modified) (2 diffs)
• openpgpsdk/trunk/include/openpgpsdk/packet-parse.h (modified) (2 diffs)
• openpgpsdk/trunk/include/openpgpsdk/packet.h (modified) (2 diffs)
• openpgpsdk/trunk/src/openssl_crypto.c (modified) (2 diffs)
• openpgpsdk/trunk/src/packet-parse.c (modified) (4 diffs)
• openpgpsdk/trunk/src/parse_local.h (modified) (2 diffs)

openpgpsdk/trunk/examples/packet-dump.c

@@ -512 +512 @@
-        print_unsigned_int("Signature Version",
-               content->signature.version);
-
-
+
+
+
-
-        print_string_and_value("Signature Type",
@@ -519 +520 @@
-                               content->signature.type);
-
-
-
-
+
+
+
+
-
-        print_string_and_value("Public Key Algorithm",
@@ -552 +554 @@
-        default:
-            assert(0);
-
+
+
+
+
+
-        break;
-

openpgpsdk/trunk/examples/verify2.c

@@ -69 +69 @@
-            }
-
+        if(content->signature.hash)
+            signed_hash=content->signature.hash;
+
+        if(!signed_hash)
+            {
+            fprintf(stderr,"No signature to check!!!\n");
+            exit(3);
+            }
+
-        if(ops_check_hash_signature(signed_hash,&content->signature,
-                                    ops_get_public_key_from_data(signer)))
@@ -116 +125 @@
-        fprintf(stderr,"Unexpected packet tag=%d (0x%x)\n",content_->tag,
-                content_->tag);
-exit(1)
+break
-        }
-

openpgpsdk/trunk/include/openpgpsdk/crypto.h

@@ -9 +9 @@
-#include "packet-parse.h"
-
-#define OPS_MAX_HASH_SIZE       64
-#define OPS_MIN_HASH_SIZE       16
-
@@ -21 +20 @@
-    {
-    ops_hash_algorithm_t algorithm;
+    size_t size;
-    const char *name;
-    ops_hash_init_t *init;

openpgpsdk/trunk/include/openpgpsdk/packet-parse.h

@@ -127 +127 @@
-    };
-
-arse_
+
-                       ops_parse_type_t type);
-
@@ -139 +139 @@
-                                       ops_reader_info_t *rinfo,
-                                       ops_parse_cb_info_t *cbinfo);
+void ops_parse_hash_init(ops_parse_info_t *pinfo,ops_hash_algorithm_t type,
+                         const unsigned char *keyid);
+void ops_parse_hash_data(ops_parse_info_t *pinfo,const void *data,
+                         size_t length);
+void ops_parse_hash_finish(ops_parse_info_t *pinfo);
+ops_hash_t *ops_parse_hash_find(ops_parse_info_t *pinfo,
+                                const unsigned char keyid[OPS_KEY_ID_SIZE]);
-
-ops_reader_t ops_stacked_read;

openpgpsdk/trunk/include/openpgpsdk/packet.h

@@ -429 +429 @@
-#define OPS_CHECKHASH_SIZE      20
-
+// Max hash size
+#define OPS_MAX_HASH_SIZE       64
+
-/** ops_secret_key_t
- */
@@ -553 +556 @@
-    size_t                      v4_hashed_data_start; /* only valid if accumulate is set */
-    size_t                      v4_hashed_data_length;
+    ops_hash_t                  *hash;          /*!< if set, the hash filled in for the data so far */
-    ops_boolean_t               creation_time_set:1;
-    ops_boolean_t               signer_id_set:1;

openpgpsdk/trunk/src/openssl_crypto.c

@@ -34 +34 @@
-    }
-
-
+
+
-
-void ops_hash_md5(ops_hash_t *hash)
@@ -62 +63 @@
-    }
-
-"SHA1",sha1_init,sha1_add,sha1_finish
-
+SHA_DIGEST_LENGTH,"SHA1",sha1_init
+sha1_add,sha1_finish,
-
-void ops_hash_sha1(ops_hash_t *hash)

openpgpsdk/trunk/src/packet-parse.c

@@ -1215 +1215 @@
-        ERR1P(pinfo,"Unconsumed data (%d)",region->length-region->length_read);
-
+    if(C.signature.signer_id_set)
+        C.signature.hash=ops_parse_hash_find(pinfo,C.signature.signer_id);
+
-    CBP(pinfo,OPS_PTAG_CT_SIGNATURE,&content);
-
@@ -1726 +1729 @@
-    CBP(pinfo,OPS_PTAG_CT_ONE_PASS_SIGNATURE,&content);
-
+    // XXX: we should, perhaps, let the app choose whether to hash or not
+    ops_parse_hash_init(pinfo,C.one_pass_signature.hash_algorithm,
+                        C.one_pass_signature.keyid);
+
-    return 1;
-    }
@@ -1805 +1812 @@
-
-        C.literal_data_body.length=l;
+
+        ops_parse_hash_data(pinfo,C.literal_data_body.data,l);
-
-        CBP(pinfo,OPS_PTAG_CT_LITERAL_DATA_BODY,&content);
@@ -2715 +2724 @@
-    }
-
+void ops_parse_hash_init(ops_parse_info_t *pinfo,ops_hash_algorithm_t type,
+                         const unsigned char *keyid)
+    {
+    ops_parse_hash_info_t *hash;
+
+    pinfo->hashes=realloc(pinfo->hashes,
+                          (pinfo->nhashes+1)*sizeof *pinfo->hashes);
+    hash=&pinfo->hashes[pinfo->nhashes++];
+
+    ops_hash_any(&hash->hash,type);
+    hash->hash.init(&hash->hash);
+    memcpy(hash->keyid,keyid,sizeof hash->keyid);
+    }
+
+void ops_parse_hash_data(ops_parse_info_t *pinfo,const void *data,
+                         size_t length)
+    {
+    size_t n;
+
+    for(n=0 ; n < pinfo->nhashes ; ++n)
+        pinfo->hashes[n].hash.add(&pinfo->hashes[n].hash,data,length);
+    }
+
+ops_hash_t *ops_parse_hash_find(ops_parse_info_t *pinfo,
+                                const unsigned char keyid[OPS_KEY_ID_SIZE])
+    {
+    size_t n;
+
+    for(n=0 ; n < pinfo->nhashes ; ++n)
+        if(!memcmp(pinfo->hashes[n].keyid,keyid,OPS_KEY_ID_SIZE))
+            return &pinfo->hashes[n].hash;
+    return NULL;
+    }
+
-/* vim:set textwidth=120: */
-/* vim:set ts=8: */

openpgpsdk/trunk/src/parse_local.h

@@ -24 +24 @@
-    ops_parse_cb_info_t *next;
-    };
+
+typedef struct
+    {
+    ops_hash_t hash; /*!< hashes we should hash data with */
+    unsigned char keyid[OPS_KEY_ID_SIZE];
+    } ops_parse_hash_info_t;
-
-#define NTAGS   0x100
@@ -59 +65 @@
-    ops_error_t *errors;
-    ops_decrypt_t decrypt;
+    size_t nhashes;
+    ops_parse_hash_info_t *hashes;
-    ops_boolean_t reading_v3_secret:1;
-    ops_boolean_t reading_mpi_length:1;