Changeset 602

Timestamp:

08/27/08 15:33:54

Author:

rachel

Message:

Split ops_signature_t struct into 2 parts: the actual signature information
derived from the packet; and the data needed whilst parsing it.
The actual signature information can then be passed back in the
ops_validate_result_t for a user to do further processing if they wish.

Files:

• openpgpsdk/trunk/include/openpgpsdk/packet.h (modified) (1 diff)
• openpgpsdk/trunk/include/openpgpsdk/validate.h (modified) (1 diff)
• openpgpsdk/trunk/src/lib/packet-parse.c (modified) (15 diffs)
• openpgpsdk/trunk/src/lib/packet-print.c (modified) (8 diffs)
• openpgpsdk/trunk/src/lib/signature.c (modified) (10 diffs)
• openpgpsdk/trunk/src/lib/validate.c (modified) (15 diffs)
• openpgpsdk/trunk/tests/test_common.c (modified) (1 diff)
• openpgpsdk/trunk/tests/test_rsa_keys.c (modified) (1 diff)

openpgpsdk/trunk/include/openpgpsdk/packet.h

@@ -579 +579 @@
-    ops_public_key_algorithm_t  key_algorithm;  /*!< public key algorithm number */
-    ops_hash_algorithm_t        hash_algorithm; /*!< hashing algorithm number */
-    unsigned char               hash2[2];       /*!< high 2 bytes of hashed value - for quick test */
-    ops_signature_union_t       signature;      /*!< signature parameters */
-    size_t                      v4_hashed_data_start; /* only valid if accumulate is set */
-    size_t                      v4_hashed_data_length;
-
-
+
-    ops_boolean_t               creation_time_set:1;
-    ops_boolean_t               signer_id_set:1;
+    } ops_signature_info_t;
+
+typedef struct
+    {
+    ops_signature_info_t        info;
+    /* The following fields are only used while parsing the signature */
+    unsigned char               hash2[2];       /*!< high 2 bytes of hashed value - for quick test */
+    size_t                      v4_hashed_data_start; /* only valid if accumulate is set */
+    ops_hash_t                  *hash;          /*!< if set, the hash filled in for the data so far */
-    } ops_signature_t;
-

openpgpsdk/trunk/include/openpgpsdk/validate.h

@@ -24 +24 @@
-    {
-    unsigned int valid_count;
-keydata_t * valid_key
+signature_info_t * valid_sig
-    unsigned int invalid_count;
-keydata_t * invalid_key
+signature_info_t * invalid_sig
-    unsigned int unknown_signer_count;
-unsigned char * unknown_key
+ops_signature_info_t * unknown_sig
-    } ops_validate_result_t;
-

openpgpsdk/trunk/src/lib/packet-parse.c

@@ -1185 +1185 @@
-void ops_signature_free(ops_signature_t *sig)
-    {
-
+info.
-        {
-    case OPS_PKA_RSA:
-    case OPS_PKA_RSA_SIGN_ONLY:
-
+info.
-        break;
-
-    case OPS_PKA_DSA:
-
-
+info.
+info.
-        break;
-
-    case OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN:
-
-
+info.
+info.
-        break;
-
@@ -1213 +1213 @@
-    case OPS_PKA_PRIVATE09:
-    case OPS_PKA_PRIVATE10:
-
+info.
-        break;
-
@@ -1240 +1240 @@
-    ops_parser_content_t content;
-
-
+info.
-
-    /* hash info length */
@@ -1250 +1250 @@
-    if(!limited_read(c,1,region,pinfo))
-        return 0;
-
+info.
-    /* XXX: check signature type */
-
-
-
-
-
-
-
-
+info.
+
+info.
+
+info.
+
+info.
-
-    if(!limited_read(c,1,region,pinfo))
-        return 0;
-
+info.
-    /* XXX: check algorithm */
-
-    if(!limited_read(c,1,region,pinfo))
-        return 0;
-
+info.
-    /* XXX: check algorithm */
-    
@@ -1274 +1274 @@
-        return 0;
-
-
+info.
-        {
-    case OPS_PKA_RSA:
-    case OPS_PKA_RSA_SIGN_ONLY:
-
+info.
-            return 0;
-        break;
-
-    case OPS_PKA_DSA:
-
-
+info.
+info.
-            return 0;
-        break;
-
-    case OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN:
-
-
+info.
+info.
-            return 0;
-        break;
@@ -1297 +1297 @@
-        OPS_ERROR_1(&pinfo->errors,OPS_E_ALG_UNSUPPORTED_SIGNATURE_ALG,
-                    "Unsupported signature key algorithm (%s)",
-
+info.
-        return 0;
-        }
@@ -1307 +1307 @@
-        }
-
-
-
+info.
+info.
-
-    CBP(pinfo,OPS_PTAG_CT_SIGNATURE,&content);
@@ -1379 +1379 @@
-        if(content.tag == OPS_PTAG_SS_CREATION_TIME)
-            {
-
-
+info.
+info.
-            }
-        break;
@@ -1400 +1400 @@
-                             &subregion,pinfo))
-            return 0;
-
-
+info.
+info.
-        break;
-
@@ -1671 +1671 @@
-    /* Set version,type,algorithms */
-
-
+info.
-
-    if(!limited_read(c,1,region,pinfo))
-        return 0;
-
+info.
-    /* XXX: check signature type */
-
-    if(!limited_read(c,1,region,pinfo))
-        return 0;
-
+info.
-    /* XXX: check algorithm */
-
-    if(!limited_read(c,1,region,pinfo))
-        return 0;
-
+info.
-    /* XXX: check algorithm */
-
@@ -1693 +1693 @@
-        return 0;
-
-
+info.
-        -C.signature.v4_hashed_data_start;
-
-    // copy hashed subpackets
-
-
-v4_hashed_data=ops_mallocz(C.signature
+info.
+info.
+info.v4_hashed_data=ops_mallocz(C.signature.info
-
-    if (!pinfo->rinfo.accumulate)
@@ -1708 +1708 @@
-        }
-
-
+info.
-           pinfo->rinfo.accumulated+C.signature.v4_hashed_data_start,
-
+info.
-
-    if(!parse_signature_subpackets(&C.signature,region,pinfo))
@@ -1718 +1718 @@
-        return 0;
-
-
+info.
-        {
-    case OPS_PKA_RSA:
-
+info.
-            return 0;
-        break;
-
-    case OPS_PKA_DSA:
-
+info.
-            ERRP(pinfo,"Error reading DSA r field in signature");
-
+info.
-            ERRP(pinfo,"Error reading DSA s field in signature");
-        break;
-
-    case OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN:
-
-
+info.
+info.
-            return 0;
-        break;
@@ -1749 +1749 @@
-    case OPS_PKA_PRIVATE09:
-    case OPS_PKA_PRIVATE10:
-
+info.
-            return 0;
-        break;
@@ -1756 +1756 @@
-        OPS_ERROR_1(&pinfo->errors,OPS_E_ALG_UNSUPPORTED_SIGNATURE_ALG,
-                    "Bad v4 signature key algorithm (%s)",
-
+info.
-        return 0;
-        }

openpgpsdk/trunk/src/lib/packet-print.c

@@ -702 +702 @@
-        print_indent(indent);
-        print_unsigned_int("Signature Version",
-
-
+info.
+info.
-            print_time("Signature Creation Time",
-
+info.
-
-        print_string_and_value("Signature Type",
-
-
-
-
+info.
+info.
+
+info.
-            print_hexdump_data("Signer ID",
-
-
+info.
+info.
-
-        print_string_and_value("Public Key Algorithm",
-
-
+info.
+info.
-        print_string_and_value("Hash Algorithm",
-
-
+info.
+info.
-
-        print_indent();
-        print_hexdump_data("hash2",&content->signature.hash2[0],2);
-
-
+info.
-            {
-        case OPS_PKA_RSA:
-        case OPS_PKA_RSA_SIGN_ONLY:
-
+info.
-            break;
-
-        case OPS_PKA_DSA:
-
-
+info.
+info.
-            break;
-
-        case OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN:
-
-
+info.
+info.
-            break;
-
@@ -1043 +1043 @@
-        print_indent(indent);
-        print_unsigned_int("Signature Version",
-
-
-
+info.
+info.
+info.
-
-        print_string_and_value("Signature Type",
-
-
-
-
+info.
+info.
+
+info.
-            print_hexdump_data("Signer ID",
-
-
+info.
+info.
-
-        print_string_and_value("Public Key Algorithm",
-
-
+info.
+info.
-        print_string_and_value("Hash Algorithm",
-
-
+info.
+info.
-
-        break;
@@ -1069 +1069 @@
-        print_hexdump_data("hash2",&content->signature.hash2[0],2);
-
-
+info.
-            {
-        case OPS_PKA_RSA:
-
+info.
-            break;
-
-        case OPS_PKA_DSA:
-
-
+info.
+info.
-            break;
-
-        case OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN:
-
-
+info.
+info.
-            break;
-
@@ -1097 +1097 @@
-        case OPS_PKA_PRIVATE10:
-            print_data("Private/Experimental",
-
+info.
-            break;
-
@@ -1286 +1286 @@
-        print_indent(indent);
-        print_unsigned_int("Signature Version",
-
-
+info.
+info.
-            print_time("Signature Creation Time",
-
+info.
-
-        print_string_and_value("Signature Type",
-
-
-
-
+info.
+info.
+
+info.
-            print_hexdump_data("Signer ID",
-
-
+info.
+info.
-
-        print_string_and_value("Public Key Algorithm",
-
-
+info.
+info.
-        print_string_and_value("Hash Algorithm",
-
-
+info.
+info.
-
-        print_indent();
-        print_hexdump_data("hash2",&content->signature.hash2[0],2);
-
-
+info.
-            {
-        case OPS_PKA_RSA:
-        case OPS_PKA_RSA_SIGN_ONLY:
-
+info.
-            break;
-
-        case OPS_PKA_DSA:
-
-
+info.
+info.
-            break;
-
-        case OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN:
-
-
+info.
+info.
-            break;
-
@@ -1627 +1627 @@
-        print_indent(indent);
-        print_unsigned_int("Signature Version",
-
-
-
+info.
+info.
+info.
-
-        print_string_and_value("Signature Type",
-
-
-
-
+info.
+info.
+
+info.
-            print_hexdump_data("Signer ID",
-
-
+info.
+info.
-
-        print_string_and_value("Public Key Algorithm",
-
-
+info.
+info.
-        print_string_and_value("Hash Algorithm",
-
-
+info.
+info.
-
-        break;
@@ -1653 +1653 @@
-        print_hexdump_data("hash2",&content->signature.hash2[0],2);
-
-
+info.
-            {
-        case OPS_PKA_RSA:
-
+info.
-            break;
-
-        case OPS_PKA_DSA:
-
-
+info.
+info.
-            break;
-
-        case OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN:
-
-
+info.
+info.
-            break;
-
@@ -1681 +1681 @@
-        case OPS_PKA_PRIVATE10:
-            print_data("Private/Experimental",
-
+info.
-            break;
-

openpgpsdk/trunk/src/lib/signature.c

@@ -294 +294 @@
-static void initialise_hash(ops_hash_t *hash,const ops_signature_t *sig)
-    {
-
+info.
-    hash->init(hash);
-    }
@@ -308 +308 @@
-                             const unsigned char *raw_packet)
-    {
-
+info.
-        {
-        if(raw_packet)
-            hash->add(hash,raw_packet+sig->v4_hashed_data_start,
-
-
+info.
+info.
-        ops_hash_add_int(hash,0xff,1);
-
+info.
-        }
-    else
-        {
-
-
+info.
+info.
-        }
-    }
@@ -336 +336 @@
-    */
-
-
+info.
-        {
-    case OPS_PKA_DSA:
-
+info.
-        break;
-
-    case OPS_PKA_RSA:
-hash_algorithm,hash,length,&sig->
+info.hash_algorithm,hash,length,&sig->info.
-                       &signer->key.rsa);
-        break;
@@ -398 +398 @@
-    init_key_signature(&hash,sig,key);
-
-
+info.
-        {
-        ops_hash_add_int(&hash,0xb4,1);
@@ -430 +430 @@
-    init_key_signature(&hash,sig,key);
-
-
+info.
-        {
-        ops_hash_add_int(&hash,0xd1,1);
@@ -504 +504 @@
-                         const ops_public_key_t *signer)
-    {
-
+info.
-        return ops_false;
-
@@ -519 +519 @@
-
-    // write nearly up to the first subpacket
-
-
-
-
+info.
+info.
+info.
+info.
-
-    // dummy hashed subpacket count
@@ -550 +550 @@
-    // use the buffered writer to construct packets (done), and also should
-    // share code for hash calculation)
-
-
-
-
+info.
+info.
+info.
+info.
-
-    sig->hashed_data_length=-1;
@@ -587 +587 @@
-    // use the buffered writer to construct packets (done), and also should
-    // share code for hash calculation)
-
-
-
-
+info.
+info.
+info.
+info.
-
-    sig->hashed_data_length=-1;
@@ -687 +687 @@
-
-    // add final trailer
-
+info.
-    ops_hash_add_int(&sig->hash,0xff,1);
-    // +6 for version, type, pk alg, hash alg, hashed subpacket length

openpgpsdk/trunk/src/lib/validate.c

@@ -52 +52 @@
-
-    //common_init_signature(&hash,sig);
-
+info.
-    hash.init(&hash);
-    hash.add(&hash,data,len);
-v4_hashed_data,sig->
+info.v4_hashed_data,sig->info.
-
-    trailer[0]=0x04; // version
-    trailer[1]=0xFF;
-
+info.
-    trailer[2]=hashedlen >> 24;
-    trailer[3]=hashedlen >> 16;
@@ -102 +102 @@
- */
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-    {
-    size_t newsize;
@@ -111 +124 @@
-
-    // increase size of array
-ner
-key
-key
+
+sig
+sig
-    else
-keys=realloc(result->valid_key
+sigs=realloc(result->valid_sig
-
-    // copy key ptr to array
-ner
-memcpy(result->valid_keys+start,signer,sizeof *signer
-
-
-key_to_invalid_list(ops_validate_result_t * result, const ops_keydata_t *signer
+
+copy_signature_info(result->valid_sigs+start,sig
+
+
+sig_to_invalid_list(ops_validate_result_t * result, const ops_signature_info_t *sig
-    {
-    size_t newsize;
@@ -131 +144 @@
-
-    // increase size of array
-ner
-key
-key
+
+sig
+sig
-    else
-keys=realloc(result->invalid_key
+sigs=realloc(result->invalid_sig
-
-    // copy key ptr to array
-ner
-memcpy(result->invalid_keys+start,signer,(sizeof *signer)
-
-
-key_to_unknown_list(ops_validate_result_t * result, const unsigned char signer_id[OPS_KEY_ID_SIZE]
+
+copy_signature_info(result->invalid_sigs+start, sig
+
+
+sig_to_unknown_list(ops_validate_result_t * result, const ops_signature_info_t *sig
-    {
-    size_t newsize;
@@ -151 +164 @@
-
-    // increase size of array
-ner_id
-key
-key
+
+sig
+sig
-    else
-keys=realloc(result->unknown_key
+sigs=realloc(result->unknown_sig
-
-    // copy key id to array
-    start=OPS_KEY_ID_SIZE * (result->unknown_signer_count-1);
-memcpy(result->unknown_keys+start, signer_id, OPS_KEY_ID_SIZE
+copy_signature_info(result->unknown_sigs+start, sig
-    }
-
@@ -216 +229 @@
-
-        signer=ops_keyring_find_key_by_id(arg->keyring,
-
+info.
-        if(!signer)
-            {
-key_to_unknown_list(arg->result, content->signature.signer_id
+sig_to_unknown_list(arg->result, &content->signature.info
-            break;
-            }
-
-
+info.
-            {
-        case OPS_CERT_GENERIC:
@@ -266 +279 @@
-    case OPS_SIG_3RD_PARTY:
-        OPS_ERROR_1(errors, OPS_E_UNIMPLEMENTED,
-
+info.
-                    break;
-
-        default:
-            OPS_ERROR_1(errors, OPS_E_UNIMPLEMENTED,
-
+info.
-            }
-
@@ -278 +291 @@
-        //          printf(" validated\n");
-            //++arg->result->valid_count;
-key_to_valid_list(arg->result, signer
+sig_to_valid_list(arg->result, &content->signature.info
-            }
-        else
@@ -285 +298 @@
-        //          printf(" BAD SIGNATURE\n");
-        //          ++arg->result->invalid_count;
-key_to_invalid_list(arg->result, signer
+sig_to_invalid_list(arg->result, &content->signature.info
-            }
-        break;
@@ -362 +375 @@
-            printf("\n*** hashed data:\n");
-            unsigned int zzz=0;
-
-
+info.
+info.
-            printf("\n");
-
-
-
+info.
+info.
+info.
-            }
-
-        signer=ops_keyring_find_key_by_id(arg->keyring,
-
+info.
-        if(!signer)
-            {
-            OPS_ERROR(errors,OPS_E_V_UNKNOWN_SIGNER,"Unknown Signer");
-key_to_unknown_list(arg->result, content->signature.signer_id
+sig_to_unknown_list(arg->result, &content->signature.info
-            break;
-            }
@@ -382 +395 @@
-        ops_memory_init(mem,128);
-        
-
+info.
-            {
-        case OPS_SIG_BINARY:
@@ -414 +427 @@
-        default:
-            OPS_ERROR_1(errors, OPS_E_UNIMPLEMENTED,
-
+info.
-            break;
-            
@@ -422 +435 @@
-        if(valid)
-            {
-key_to_valid_list(arg->result, signer
+sig_to_valid_list(arg->result, &content->signature.info
-        //          ++arg->result->valid_count;
-            }
@@ -430 +443 @@
-        //          printf(" BAD SIGNATURE\n");
-        //          ++arg->result->invalid_count;
-key_to_invalid_list(arg->result, signer
+sig_to_invalid_list(arg->result, &content->signature.info
-            }
-        break;
@@ -522 +535 @@
-        return;
-
-key
-(result->valid_key
-key
-(result->invalid_key
-key
-(result->unknown_key
+sig
+_signature_info(result->valid_sig
+sig
+_signature_info(result->invalid_sig
+sig
+_signature_info(result->unknown_sig
-
-    free(result);

openpgpsdk/trunk/tests/test_common.c

@@ -475 +475 @@
-
-        // example: print out the signature creation time
-
+info.
-            {
-            printf("\nsignature creation time : %s", 
-
+info.
-            }
-        break;

openpgpsdk/trunk/tests/test_rsa_keys.c

@@ -144 +144 @@
-    ops_validate_all_signatures(result, &pub_keyring, NULL);
-    CU_ASSERT(result->valid_count==1);
-
-strncmp((char *)ops_get_user_id(&result->valid_keys[0],0),userid,strlen(userid)
+
+memcmp(result->valid_sigs[0].signer_id,keyid,OPS_KEY_ID_SIZE
-    CU_ASSERT(result->invalid_count==0);
-    CU_ASSERT(result->unknown_signer_count==0);