Changeset 700
- Timestamp:
- 08/30/09 13:17:39
- Files:
-
- openpgpsdk/trunk/src/lib/signature.c (modified) (61 diffs)
- openpgpsdk/trunk/tests/test_rsa_encrypt.c (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
openpgpsdk/trunk/src/lib/signature.c
r671 r700 99 99 */ 100 100 ops_boolean_t encode_hash_buf(const unsigned char *M, size_t mLen, 101 const ops_hash_algorithm_t hash_alg, 102 unsigned char* EM 103 ) 101 const ops_hash_algorithm_t hash_alg, 102 unsigned char* EM) 104 103 { 105 104 // implementation of EMSA-PKCS1-v1_5, as defined in OpenPGP RFC … … 120 119 // 1. Apply hash function to M 121 120 122 ops_hash_any(&hash, hash_alg);121 ops_hash_any(&hash, hash_alg); 123 122 hash.init(&hash); 124 hash.add(&hash, M,mLen);123 hash.add(&hash, M, mLen); 125 124 126 125 // \todo combine with rsa_sign … … 158 157 EM[i++]=0x00; 159 158 160 memcpy(&EM[i], prefix,prefix_sz);159 memcpy(&EM[i], prefix, prefix_sz); 161 160 i+=prefix_sz; 162 161 163 162 // finally, write out hashed result 164 163 165 n=hash.finish(&hash, &EM[i]);164 n=hash.finish(&hash, &EM[i]); 166 165 167 166 encoded_msg_sz=i+hash_sz-1; … … 171 170 if (debug) 172 171 { 173 fprintf(stderr, "Encoded Message: \n");172 fprintf(stderr, "Encoded Message: \n"); 174 173 for (i=0; i<encoded_msg_sz; i++) 175 fprintf(stderr, "%2x ", EM[i]);176 fprintf(stderr, "\n");174 fprintf(stderr, "%2x ", EM[i]); 175 fprintf(stderr, "\n"); 177 176 } 178 177 … … 182 181 // XXX: both this and verify would be clearer if the signature were 183 182 // treated as an MPI. 184 static void rsa_sign(ops_hash_t *hash,const ops_rsa_public_key_t *rsa, 185 const ops_rsa_secret_key_t *srsa, 186 ops_create_info_t *opt) 183 static void rsa_sign(ops_hash_t *hash, const ops_rsa_public_key_t *rsa, 184 const ops_rsa_secret_key_t *srsa, ops_create_info_t *opt) 187 185 { 188 186 unsigned char hashbuf[8192]; … … 197 195 hashsize=20+sizeof prefix_sha1; 198 196 199 keysize= (BN_num_bits(rsa->n)+7)/8;197 keysize=BN_num_bytes(rsa->n); 200 198 assert(keysize <= sizeof hashbuf); 201 199 assert(10+hashsize <= keysize); … … 204 202 hashbuf[1]=1; 205 203 if (debug) 206 { printf("rsa_sign: PS is %d\n", keysize-hashsize-1-2); }204 printf("rsa_sign: PS is %d\n", keysize-hashsize-1-2); 207 205 for(n=2 ; n < keysize-hashsize-1 ; ++n) 208 206 hashbuf[n]=0xff; 209 207 hashbuf[n++]=0; 210 208 211 memcpy(&hashbuf[n], prefix_sha1,sizeof prefix_sha1);209 memcpy(&hashbuf[n], prefix_sha1, sizeof prefix_sha1); 212 210 n+=sizeof prefix_sha1; 213 211 214 t=hash->finish(hash, &hashbuf[n]);212 t=hash->finish(hash, &hashbuf[n]); 215 213 assert(t == 20); 216 214 217 ops_write(&hashbuf[n], 2,opt);215 ops_write(&hashbuf[n], 2, opt); 218 216 219 217 n+=t; 220 218 assert(n == keysize); 221 219 222 t=ops_rsa_private_encrypt(sigbuf, hashbuf,keysize,srsa,rsa);223 bn=BN_bin2bn(sigbuf, t,NULL);224 ops_write_mpi(bn, opt);220 t=ops_rsa_private_encrypt(sigbuf, hashbuf, keysize, srsa, rsa); 221 bn=BN_bin2bn(sigbuf, t, NULL); 222 ops_write_mpi(bn, opt); 225 223 BN_free(bn); 226 224 } 227 225 228 static void dsa_sign(ops_hash_t *hash, 229 const ops_dsa_public_key_t *dsa, 230 const ops_dsa_secret_key_t *sdsa, 231 ops_create_info_t *cinfo) 226 static void dsa_sign(ops_hash_t *hash, const ops_dsa_public_key_t *dsa, 227 const ops_dsa_secret_key_t *sdsa, ops_create_info_t *cinfo) 232 228 { 233 229 unsigned char hashbuf[8192]; … … 242 238 243 239 // finalise hash 244 t=hash->finish(hash, &hashbuf[0]);245 assert(t ==20);246 247 ops_write(&hashbuf[0], 2,cinfo);240 t=hash->finish(hash, &hashbuf[0]); 241 assert(t == 20); 242 243 ops_write(&hashbuf[0], 2, cinfo); 248 244 249 245 // write signature to buf 250 246 DSA_SIG* dsasig; 251 dsasig=ops_dsa_sign(hashbuf, hashsize,sdsa,dsa);247 dsasig=ops_dsa_sign(hashbuf, hashsize, sdsa, dsa); 252 248 253 249 // convert and write the sig out to memory 254 ops_write_mpi(dsasig->r, cinfo);255 ops_write_mpi(dsasig->s, cinfo);250 ops_write_mpi(dsasig->r, cinfo); 251 ops_write_mpi(dsasig->s, cinfo); 256 252 DSA_SIG_free(dsasig); 257 253 } 258 254 259 255 static ops_boolean_t rsa_verify(ops_hash_algorithm_t type, 260 const unsigned char *hash, size_t hash_length,256 const unsigned char *hash, size_t hash_length, 261 257 const ops_rsa_signature_t *sig, 262 258 const ops_rsa_public_key_t *rsa) … … 273 269 assert(keysize <= sizeof hashbuf_from_sig); 274 270 assert((unsigned)BN_num_bits(sig->sig) <= 8*sizeof sigbuf); 275 BN_bn2bin(sig->sig,sigbuf); 276 277 n=ops_rsa_public_decrypt(hashbuf_from_sig,sigbuf,(BN_num_bits(sig->sig)+7)/8,rsa); 271 BN_bn2bin(sig->sig, sigbuf); 272 273 n=ops_rsa_public_decrypt(hashbuf_from_sig, sigbuf, BN_num_bytes(sig->sig), 274 rsa); 278 275 int debug_len_decrypted=n; 279 276 … … 311 308 printf("hashbuf_from_sig\n"); 312 309 for (zz=0; zz<debug_len_decrypted; zz++) 313 { printf("%02x ", hashbuf_from_sig[n+zz]); }310 printf("%02x ", hashbuf_from_sig[n+zz]); 314 311 printf("\n"); 315 312 printf("prefix\n"); 316 313 for (zz=0; zz<plen; zz++) 317 { printf("%02x ", prefix[zz]); }314 printf("%02x ", prefix[zz]); 318 315 printf("\n"); 319 316 … … 322 319 unsigned uu; 323 320 for (uu=0; uu<hash_length; uu++) 324 { printf("%02x ", hashbuf_from_sig[n+plen+uu]); }321 printf("%02x ", hashbuf_from_sig[n+plen+uu]); 325 322 printf("\n"); 326 323 printf("hash passed in (should match hash from sig)\n"); 327 324 for (uu=0; uu<hash_length; uu++) 328 { printf("%02x ", hash[uu]); }325 printf("%02x ", hash[uu]); 329 326 printf("\n"); 330 327 } 331 if(memcmp(&hashbuf_from_sig[n], prefix,plen)332 || memcmp(&hashbuf_from_sig[n+plen], hash,hash_length))328 if(memcmp(&hashbuf_from_sig[n], prefix, plen) 329 || memcmp(&hashbuf_from_sig[n+plen], hash, hash_length)) 333 330 return ops_false; 334 331 … … 336 333 } 337 334 338 static void hash_add_key(ops_hash_t *hash, const ops_public_key_t *key)335 static void hash_add_key(ops_hash_t *hash, const ops_public_key_t *key) 339 336 { 340 337 ops_memory_t *mem=ops_memory_new(); 341 338 size_t l; 342 339 343 ops_build_public_key(mem, key,ops_false);340 ops_build_public_key(mem, key, ops_false); 344 341 345 342 l=ops_memory_get_length(mem); 346 ops_hash_add_int(hash, 0x99,1);347 ops_hash_add_int(hash, l,2);348 hash->add(hash, ops_memory_get_data(mem),l);343 ops_hash_add_int(hash, 0x99, 1); 344 ops_hash_add_int(hash, l, 2); 345 hash->add(hash, ops_memory_get_data(mem), l); 349 346 350 347 ops_memory_free(mem); 351 348 } 352 349 353 static void initialise_hash(ops_hash_t *hash, const ops_signature_t *sig)354 { 355 ops_hash_any(hash, sig->info.hash_algorithm);350 static void initialise_hash(ops_hash_t *hash, const ops_signature_t *sig) 351 { 352 ops_hash_any(hash, sig->info.hash_algorithm); 356 353 hash->init(hash); 357 354 } 358 355 359 static void init_key_signature(ops_hash_t *hash, const ops_signature_t *sig,360 const ops_public_key_t *key)361 { 362 initialise_hash(hash, sig);363 hash_add_key(hash, key);364 } 365 366 static void hash_add_trailer(ops_hash_t *hash, const ops_signature_t *sig,356 static void init_key_signature(ops_hash_t *hash, const ops_signature_t *sig, 357 const ops_public_key_t *key) 358 { 359 initialise_hash(hash, sig); 360 hash_add_key(hash, key); 361 } 362 363 static void hash_add_trailer(ops_hash_t *hash, const ops_signature_t *sig, 367 364 const unsigned char *raw_packet) 368 365 { … … 370 367 { 371 368 if(raw_packet) 372 hash->add(hash, raw_packet+sig->v4_hashed_data_start,369 hash->add(hash, raw_packet+sig->v4_hashed_data_start, 373 370 sig->info.v4_hashed_data_length); 374 ops_hash_add_int(hash, sig->info.version,1);375 ops_hash_add_int(hash, 0xff,1);376 ops_hash_add_int(hash, sig->info.v4_hashed_data_length,4);371 ops_hash_add_int(hash, sig->info.version, 1); 372 ops_hash_add_int(hash, 0xff, 1); 373 ops_hash_add_int(hash, sig->info.v4_hashed_data_length, 4); 377 374 } 378 375 else 379 376 { 380 ops_hash_add_int(hash, sig->info.type,1);381 ops_hash_add_int(hash, sig->info.creation_time,4);377 ops_hash_add_int(hash, sig->info.type, 1); 378 ops_hash_add_int(hash, sig->info.creation_time, 4); 382 379 } 383 380 } … … 392 389 \return ops_true if good; else ops_false 393 390 */ 394 ops_boolean_t ops_check_signature(const unsigned char *hash, unsigned length,391 ops_boolean_t ops_check_signature(const unsigned char *hash, unsigned length, 395 392 const ops_signature_t *sig, 396 393 const ops_public_key_t *signer) … … 407 404 { 408 405 case OPS_PKA_DSA: 409 ret=ops_dsa_verify(hash,length,&sig->info.signature.dsa,&signer->key.dsa); 406 ret=ops_dsa_verify(hash, length, &sig->info.signature.dsa, 407 &signer->key.dsa); 410 408 break; 411 409 412 410 case OPS_PKA_RSA: 413 ret=rsa_verify(sig->info.hash_algorithm, hash,length,&sig->info.signature.rsa,414 &sig ner->key.rsa);411 ret=rsa_verify(sig->info.hash_algorithm, hash, length, 412 &sig->info.signature.rsa, &signer->key.rsa); 415 413 break; 416 414 … … 429 427 unsigned char hashout[OPS_MAX_HASH_SIZE]; 430 428 431 n=hash->finish(hash, hashout);432 433 return ops_check_signature(hashout, n,sig,signer);429 n=hash->finish(hash, hashout); 430 431 return ops_check_signature(hashout, n, sig, signer); 434 432 } 435 433 … … 439 437 const unsigned char *raw_packet) 440 438 { 441 hash_add_trailer(hash, sig,raw_packet);442 return hash_and_check_signature(hash, sig,signer);439 hash_add_trailer(hash, sig, raw_packet); 440 return hash_and_check_signature(hash, sig, signer); 443 441 } 444 442 … … 465 463 size_t user_id_len=strlen((char *)id->user_id); 466 464 467 init_key_signature(&hash, sig,key);465 init_key_signature(&hash, sig, key); 468 466 469 467 if(sig->info.version == OPS_V4) 470 468 { 471 ops_hash_add_int(&hash, 0xb4,1);472 ops_hash_add_int(&hash, user_id_len,4);469 ops_hash_add_int(&hash, 0xb4, 1); 470 ops_hash_add_int(&hash, user_id_len, 4); 473 471 } 474 hash.add(&hash, id->user_id,user_id_len);475 476 return finalise_signature(&hash, sig,signer,raw_packet);472 hash.add(&hash, id->user_id, user_id_len); 473 474 return finalise_signature(&hash, sig, signer, raw_packet); 477 475 } 478 476 … … 491 489 ops_boolean_t 492 490 ops_check_user_attribute_certification_signature(const ops_public_key_t *key, 493 494 495 496 491 const ops_user_attribute_t *attribute, 492 const ops_signature_t *sig, 493 const ops_public_key_t *signer, 494 const unsigned char *raw_packet) 497 495 { 498 496 ops_hash_t hash; 499 497 500 init_key_signature(&hash, sig,key);498 init_key_signature(&hash, sig, key); 501 499 502 500 if(sig->info.version == OPS_V4) 503 501 { 504 ops_hash_add_int(&hash, 0xd1,1);505 ops_hash_add_int(&hash, attribute->data.len,4);502 ops_hash_add_int(&hash, 0xd1, 1); 503 ops_hash_add_int(&hash, attribute->data.len, 4); 506 504 } 507 hash.add(&hash, attribute->data.contents,attribute->data.len);508 509 return finalise_signature(&hash, sig,signer,raw_packet);505 hash.add(&hash, attribute->data.contents, attribute->data.len); 506 507 return finalise_signature(&hash, sig, signer, raw_packet); 510 508 } 511 509 … … 531 529 ops_hash_t hash; 532 530 533 init_key_signature(&hash, sig,key);534 hash_add_key(&hash, subkey);535 536 return finalise_signature(&hash, sig,signer,raw_packet);531 init_key_signature(&hash, sig, key); 532 hash_add_key(&hash, subkey); 533 534 return finalise_signature(&hash, sig, signer, raw_packet); 537 535 } 538 536 … … 556 554 ops_hash_t hash; 557 555 558 init_key_signature(&hash, sig,key);559 return finalise_signature(&hash, sig,signer,raw_packet);556 init_key_signature(&hash, sig, key); 557 return finalise_signature(&hash, sig, signer, raw_packet); 560 558 } 561 559 … … 573 571 */ 574 572 ops_boolean_t 575 ops_check_hash_signature(ops_hash_t *hash, 576 const ops_signature_t *sig, 573 ops_check_hash_signature(ops_hash_t *hash, const ops_signature_t *sig, 577 574 const ops_public_key_t *signer) 578 575 { … … 580 577 return ops_false; 581 578 582 return finalise_signature(hash, sig,signer,NULL);579 return finalise_signature(hash, sig, signer, NULL); 583 580 } 584 581 … … 588 585 // thing to get counts before writing. 589 586 sig->mem=ops_memory_new(); 590 ops_memory_init(sig->mem, 100);591 ops_writer_set_memory(sig->info, sig->mem);587 ops_memory_init(sig->mem, 100); 588 ops_writer_set_memory(sig->info, sig->mem); 592 589 593 590 // write nearly up to the first subpacket 594 ops_write_scalar(sig->sig.info.version, 1,sig->info);595 ops_write_scalar(sig->sig.info.type, 1,sig->info);596 ops_write_scalar(sig->sig.info.key_algorithm, 1,sig->info);597 ops_write_scalar(sig->sig.info.hash_algorithm, 1,sig->info);591 ops_write_scalar(sig->sig.info.version, 1, sig->info); 592 ops_write_scalar(sig->sig.info.type, 1, sig->info); 593 ops_write_scalar(sig->sig.info.key_algorithm, 1, sig->info); 594 ops_write_scalar(sig->sig.info.hash_algorithm, 1, sig->info); 598 595 599 596 // dummy hashed subpacket count 600 597 sig->hashed_count_offset=ops_memory_get_length(sig->mem); 601 ops_write_scalar(0, 2,sig->info);598 ops_write_scalar(0, 2, sig->info); 602 599 } 603 600 … … 629 626 sig->hashed_data_length=-1; 630 627 631 init_key_signature(&sig->hash, &sig->sig,key);632 633 ops_hash_add_int(&sig->hash, 0xb4,1);634 ops_hash_add_int(&sig->hash, strlen((char *)id->user_id),4);635 sig->hash.add(&sig->hash, id->user_id,strlen((char *)id->user_id));628 init_key_signature(&sig->hash, &sig->sig, key); 629 630 ops_hash_add_int(&sig->hash, 0xb4, 1); 631 ops_hash_add_int(&sig->hash, strlen((char *)id->user_id), 4); 632 sig->hash.add(&sig->hash, id->user_id, strlen((char *)id->user_id)); 636 633 637 634 start_signature_in_mem(sig); … … 650 647 651 648 static void ops_signature_start_signature(ops_create_signature_t *sig, 652 653 654 649 const ops_secret_key_t *key, 650 const ops_hash_algorithm_t hash, 651 const ops_sig_type_t type) 655 652 { 656 653 sig->info=ops_create_info_new(); … … 667 664 668 665 if (debug) 669 { fprintf(stderr, "initialising hash for sig in mem\n"); }670 initialise_hash(&sig->hash, &sig->sig);666 { fprintf(stderr, "initialising hash for sig in mem\n"); } 667 initialise_hash(&sig->hash, &sig->sig); 671 668 start_signature_in_mem(sig); 672 669 } … … 677 674 */ 678 675 void ops_signature_start_cleartext_signature(ops_create_signature_t *sig, 679 680 681 682 { 683 ops_signature_start_signature(sig, key,hash,type);676 const ops_secret_key_t *key, 677 const ops_hash_algorithm_t hash, 678 const ops_sig_type_t type) 679 { 680 ops_signature_start_signature(sig, key, hash, type); 684 681 } 685 682 … … 689 686 */ 690 687 void ops_signature_start_message_signature(ops_create_signature_t *sig, 691 692 693 694 { 695 ops_signature_start_signature(sig, key,hash,type);688 const ops_secret_key_t *key, 689 const ops_hash_algorithm_t hash, 690 const ops_sig_type_t type) 691 { 692 ops_signature_start_signature(sig, key, hash, type); 696 693 } 697 694 … … 705 702 * \param length The amount of plaintext data. 706 703 */ 707 void ops_signature_add_data(ops_create_signature_t *sig, const void *buf,704 void ops_signature_add_data(ops_create_signature_t *sig, const void *buf, 708 705 size_t length) 709 706 { 710 707 if (debug) 711 { fprintf(stderr, "ops_signature_add_data adds to hash\n"); }712 sig->hash.add(&sig->hash, buf,length);708 { fprintf(stderr, "ops_signature_add_data adds to hash\n"); } 709 sig->hash.add(&sig->hash, buf, length); 713 710 } 714 711 … … 725 722 sig->hashed_data_length=ops_memory_get_length(sig->mem) 726 723 -sig->hashed_count_offset-2; 727 ops_memory_place_int(sig->mem, sig->hashed_count_offset,728 sig->hashed_data_length, 2);724 ops_memory_place_int(sig->mem, sig->hashed_count_offset, 725 sig->hashed_data_length, 2); 729 726 // dummy unhashed subpacket count 730 727 sig->unhashed_count_offset=ops_memory_get_length(sig->mem); 731 return ops_write_scalar(0, 2,sig->info);728 return ops_write_scalar(0, 2, sig->info); 732 729 } 733 730 … … 744 741 */ 745 742 746 ops_boolean_t ops_write_signature(ops_create_signature_t *sig, const ops_public_key_t *key, 747 const ops_secret_key_t *skey, ops_create_info_t *info) 743 ops_boolean_t ops_write_signature(ops_create_signature_t *sig, 744 const ops_public_key_t *key, 745 const ops_secret_key_t *skey, 746 ops_create_info_t *info) 748 747 { 749 748 ops_boolean_t rtn=ops_false; … … 764 763 765 764 default: 766 fprintf(stderr,"Unsupported algorithm %d\n", skey->public_key.algorithm); 765 fprintf(stderr, "Unsupported algorithm %d\n", 766 skey->public_key.algorithm); 767 767 assert(0); 768 768 } … … 770 770 assert(sig->hashed_data_length != (unsigned)-1); 771 771 772 ops_memory_place_int(sig->mem, sig->unhashed_count_offset,773 l-sig->unhashed_count_offset-2, 2);772 ops_memory_place_int(sig->mem, sig->unhashed_count_offset, 773 l-sig->unhashed_count_offset-2, 2); 774 774 775 775 // add the packet from version number to end of hashed subpackets 776 776 777 777 if (debug) 778 { fprintf(stderr, "--- Adding packet to hash from version number to hashed subpkts\n"); } 779 780 sig->hash.add(&sig->hash,ops_memory_get_data(sig->mem), 778 { fprintf(stderr, "--- Adding packet to hash from version number to" 779 " hashed subpkts\n"); } 780 781 sig->hash.add(&sig->hash, ops_memory_get_data(sig->mem), 781 782 sig->unhashed_count_offset); 782 783 783 784 // add final trailer 784 ops_hash_add_int(&sig->hash, sig->sig.info.version,1);785 ops_hash_add_int(&sig->hash, 0xff,1);785 ops_hash_add_int(&sig->hash, sig->sig.info.version, 1); 786 ops_hash_add_int(&sig->hash, 0xff, 1); 786 787 // +6 for version, type, pk alg, hash alg, hashed subpacket length 787 ops_hash_add_int(&sig->hash, sig->hashed_data_length+6,4);788 ops_hash_add_int(&sig->hash, sig->hashed_data_length+6, 4); 788 789 789 790 if (debug) 790 { fprintf(stderr, "--- Finished adding packet to hash from version number to hashed subpkts\n"); } 791 { fprintf(stderr, "--- Finished adding packet to hash from version" 792 " number to hashed subpkts\n"); } 791 793 792 794 // XXX: technically, we could figure out how big the signature is … … 797 799 case OPS_PKA_RSA_ENCRYPT_ONLY: 798 800 case OPS_PKA_RSA_SIGN_ONLY: 799 rsa_sign(&sig->hash, &key->key.rsa,&skey->key.rsa,sig->info);801 rsa_sign(&sig->hash, &key->key.rsa, &skey->key.rsa, sig->info); 800 802 break; 801 803 802 804 case OPS_PKA_DSA: 803 dsa_sign(&sig->hash, &key->key.dsa,&skey->key.dsa,sig->info);805 dsa_sign(&sig->hash, &key->key.dsa, &skey->key.dsa, sig->info); 804 806 break; 805 807 806 808 default: 807 fprintf(stderr,"Unsupported algorithm %d\n", skey->public_key.algorithm); 809 fprintf(stderr, "Unsupported algorithm %d\n", 810 skey->public_key.algorithm); 808 811 assert(0); 809 812 } … … 811 814 812 815 813 rtn=ops_write_ptag(OPS_PTAG_CT_SIGNATURE, info);814 if ( rtn!=ops_false)816 rtn=ops_write_ptag(OPS_PTAG_CT_SIGNATURE, info); 817 if (!rtn) 815 818 { 816 819 l=ops_memory_get_length(sig->mem); 817 rtn = ops_write_length(l, info)818 && ops_write(ops_memory_get_data(sig->mem), l,info);820 rtn = ops_write_length(l, info) 821 && ops_write(ops_memory_get_data(sig->mem), l, info); 819 822 } 820 823 821 824 ops_memory_free(sig->mem); 822 825 823 if (rtn==ops_false) 824 { 825 OPS_ERROR(&info->errors,OPS_E_W,"Cannot write signature"); 826 } 826 if (!rtn) 827 OPS_ERROR(&info->errors, OPS_E_W, "Cannot write signature"); 827 828 return rtn; 828 829 } … … 836 837 * \param when 837 838 */ 838 ops_boolean_t ops_signature_add_creation_time(ops_create_signature_t *sig,time_t when) 839 { 840 return ops_write_ss_header(5,OPS_PTAG_SS_CREATION_TIME,sig->info) 841 && ops_write_scalar(when,4,sig->info); 839 ops_boolean_t ops_signature_add_creation_time(ops_create_signature_t *sig, 840 time_t when) 841 { 842 return ops_write_ss_header(5, OPS_PTAG_SS_CREATION_TIME, sig->info) 843 && ops_write_scalar(when, 4, sig->info); 842 844 } 843 845 … … 851 853 */ 852 854 853 ops_boolean_t ops_signature_add_issuer_key_id(ops_create_signature_t *sig, 854 const unsigned char keyid[OPS_KEY_ID_SIZE]) 855 { 856 return ops_write_ss_header(OPS_KEY_ID_SIZE+1,OPS_PTAG_SS_ISSUER_KEY_ID,sig->info) 857 && ops_write(keyid,OPS_KEY_ID_SIZE,sig->info); 855 ops_boolean_t 856 ops_signature_add_issuer_key_id(ops_create_signature_t *sig, 857 const unsigned char keyid[OPS_KEY_ID_SIZE]) 858 { 859 return ops_write_ss_header(OPS_KEY_ID_SIZE+1, OPS_PTAG_SS_ISSUER_KEY_ID, 860 sig->info) 861 && ops_write(keyid, OPS_KEY_ID_SIZE, sig->info); 858 862 } 859 863 … … 869 873 ops_boolean_t primary) 870 874 { 871 ops_write_ss_header(2, OPS_PTAG_SS_PRIMARY_USER_ID,sig->info);872 ops_write_scalar(primary, 1,sig->info);875 ops_write_ss_header(2, OPS_PTAG_SS_PRIMARY_USER_ID, sig->info); 876 ops_write_scalar(primary, 1, sig->info); 873 877 } 874 878 … … 884 888 { return &sig->hash; } 885 889 886 static int open_output_file(ops_create_info_t **cinfo, const char* input_filename, const char* output_filename, const ops_boolean_t use_armour, const ops_boolean_t overwrite) 890 static int open_output_file(ops_create_info_t **cinfo, 891 const char* input_filename, 892 const char* output_filename, 893 const ops_boolean_t use_armour, 894 const ops_boolean_t overwrite) 887 895 { 888 896 int fd_out; … … 891 899 892 900 if (output_filename) 893 {894 901 fd_out=ops_setup_file_write(cinfo, output_filename, overwrite); 895 }896 902 else 897 903 { … … 900 906 myfilename=ops_mallocz(filenamelen); 901 907 if (use_armour) 902 snprintf(myfilename, filenamelen,"%s.asc",input_filename);908 snprintf(myfilename, filenamelen, "%s.asc", input_filename); 903 909 else 904 snprintf(myfilename, filenamelen,"%s.gpg",input_filename);905 fd_out=ops_setup_file_write(cinfo, myfilename,overwrite);910 snprintf(myfilename, filenamelen, "%s.gpg", input_filename); 911 fd_out=ops_setup_file_write(cinfo, myfilename, overwrite); 906 912 free(myfilename); 907 913 } … … 930 936 \endcode 931 937 */ 932 ops_boolean_t ops_sign_file_as_cleartext(const char* input_filename, const char* output_filename, const ops_secret_key_t *skey, const ops_boolean_t overwrite) 938 ops_boolean_t ops_sign_file_as_cleartext(const char* input_filename, 939 const char* output_filename, 940 const ops_secret_key_t *skey, 941 const ops_boolean_t overwrite) 933 942 { 934 943 // \todo allow choice of hash algorithams … … 947 956 948 957 // open file to sign 949 fd_in=open(input_filename, O_RDONLY | O_BINARY);958 fd_in=open(input_filename, O_RDONLY | O_BINARY); 950 959 if(fd_in < 0) 951 960 { … … 955 964 // set up output file 956 965 957 fd_out=open_output_file(&cinfo, input_filename, output_filename, use_armour, overwrite); 966 fd_out=open_output_file(&cinfo, input_filename, output_filename, use_armour, 967 overwrite); 958 968 959 969 if (fd_out < 0) … … 968 978 { 969 979 close (fd_in); 970 ops_teardown_file_write(cinfo, fd_out);980 ops_teardown_file_write(cinfo, fd_out); 971 981 return ops_false; 972 982 } 973 983 974 984 // \todo could add more error detection here 975 ops_signature_start_cleartext_signature(sig,skey,OPS_HASH_SHA1,OPS_SIG_BINARY); 976 if (ops_writer_push_clearsigned(cinfo,sig)!=ops_true) 977 { return ops_false; } 985 ops_signature_start_cleartext_signature(sig, skey, 986 OPS_HASH_SHA1, OPS_SIG_BINARY); 987 if (!ops_writer_push_clearsigned(cinfo, sig)) 988 return ops_false; 978 989 979 990 // Do the signing … … 983 994 int n=0; 984 995 985 n=read(fd_in, buf,sizeof(buf));996 n=read(fd_in, buf, sizeof(buf)); 986 997 if (!n) 987 998 break; 988 999 assert(n>=0); 989 ops_write(buf, n,cinfo);1000 ops_write(buf, n, cinfo); 990 1001 } 991 1002 close(fd_in); … … 995 1006 // - key id 996 1007 rtn = ops_writer_switch_to_armoured_signature(cinfo) 997 && ops_signature_add_creation_time(sig, time(NULL));998 if ( rtn==ops_false)1008 && ops_signature_add_creation_time(sig, time(NULL)); 1009 if (!rtn) 999 1010 { 1000 ops_teardown_file_write(cinfo, fd_out);1011 ops_teardown_file_write(cinfo, fd_out); 1001 1012 return ops_false; 1002 1013 } 1003 1014 1004 ops_keyid(keyid, &skey->public_key);1005 1006 rtn = ops_signature_add_issuer_key_id(sig, keyid)1015 ops_keyid(keyid, &skey->public_key); 1016 1017 rtn = ops_signature_add_issuer_key_id(sig, keyid) 1007 1018 && ops_signature_hashed_subpackets_end(sig) 1008 && ops_write_signature(sig,&skey->public_key,skey,cinfo); 1009 1010 ops_teardown_file_write(cinfo,fd_out); 1011 1012 if (rtn==ops_false) 1013 { 1014 OPS_ERROR(&cinfo->errors,OPS_E_W,"Cannot sign file as cleartext"); 1015 } 1019 && ops_write_signature(sig, &skey->public_key, skey, cinfo); 1020 1021 ops_teardown_file_write(cinfo, fd_out); 1022 1023 if (!rtn) 1024 OPS_ERROR(&cinfo->errors, OPS_E_W, "Cannot sign file as cleartext"); 1016 1025 return rtn; 1017 1026 } … … 1046 1055 \endcode 1047 1056 */ 1048 ops_boolean_t ops_sign_buf_as_cleartext(const char* cleartext, const size_t len, ops_memory_t** signed_cleartext, const ops_secret_key_t *skey) 1057 ops_boolean_t ops_sign_buf_as_cleartext(const char* cleartext, const size_t len, 1058 ops_memory_t** signed_cleartext, 1059 const ops_secret_key_t *skey) 1049 1060 { 1050 1061 ops_boolean_t rtn=ops_false; … … 1058 1069 ops_create_info_t *cinfo=NULL; 1059 1070 1060 assert(*signed_cleartext ==NULL);1071 assert(*signed_cleartext == NULL); 1061 1072 1062 1073 // set up signature 1063 1074 sig=ops_create_signature_new(); 1064 1075 if (!sig) 1065 {1066 1076 return ops_false; 1067 }1068 1077 1069 1078 // \todo could add more error detection here 1070 ops_signature_start_cleartext_signature(sig,skey,OPS_HASH_SHA1,OPS_SIG_BINARY); 1079 ops_signature_start_cleartext_signature(sig, skey, OPS_HASH_SHA1, 1080 OPS_SIG_BINARY); 1071 1081 1072 1082 // set up output file … … 1077 1087 // - creation time 1078 1088 // - key id 1079 rtn = ops_writer_push_clearsigned(cinfo, sig)1080 && ops_write(cleartext, len,cinfo)1089 rtn = ops_writer_push_clearsigned(cinfo, sig) 1090 && ops_write(cleartext, len, cinfo) 1081 1091 && ops_writer_switch_to_armoured_signature(cinfo) 1082 && ops_signature_add_creation_time(sig,time(NULL)); 1083 1084 if (rtn==ops_false) 1085 { 1092 && ops_signature_add_creation_time(sig, time(NULL)); 1093 1094 if (!rtn) 1086 1095 return ops_false; 1087 } 1088 1089 ops_keyid(keyid,&skey->public_key); 1090 1091 rtn = ops_signature_add_issuer_key_id(sig,keyid) 1096 1097 ops_keyid(keyid, &skey->public_key); 1098 1099 rtn = ops_signature_add_issuer_key_id(sig, keyid) 1092 1100 && ops_signature_hashed_subpackets_end(sig) 1093 && ops_write_signature(sig, &skey->public_key,skey,cinfo)1101 && ops_write_signature(sig, &skey->public_key, skey, cinfo) 1094 1102 && ops_writer_close(cinfo); 1095 1103 … … 1124 1132 \endcode 1125 1133 */ 1126 ops_boolean_t ops_sign_file(const char* input_filename, const char* output_filename, const ops_secret_key_t *skey, const ops_boolean_t use_armour, const ops_boolean_t overwrite) 1134 ops_boolean_t ops_sign_file(const char* input_filename, 1135 const char* output_filename, 1136 const ops_secret_key_t *skey, 1137 const ops_boolean_t use_armour, 1138 const ops_boolean_t overwrite) 1127 1139 { 1128 1140 // \todo allow choice of hash algorithams … … 1144 1156 1145 1157 int errnum; 1146 mem_buf=ops_write_mem_from_file(input_filename, &errnum);1158 mem_buf=ops_write_mem_from_file(input_filename, &errnum); 1147 1159 if (errnum) 1148 1160 return ops_false; … … 1150 1162 // setup output file 1151 1163 1152 fd_out=open_output_file(&cinfo, input_filename, output_filename, use_armour, overwrite); 1164 fd_out=open_output_file(&cinfo, input_filename, output_filename, use_armour, 1165 overwrite); 1153 1166 1154 1167 if (fd_out < 0) … … 1174 1187 // hash file contents 1175 1188 hash=ops_signature_get_hash(sig); 1176 hash->add(hash, ops_memory_get_data(mem_buf), ops_memory_get_length(mem_buf)); 1189 hash->add(hash, ops_memory_get_data(mem_buf), 1190 ops_memory_get_length(mem_buf)); 1177 1191 1178 1192 // output file contents as Literal Data packet 1179 1193 1180 1194 if (debug) 1181 { fprintf(stderr,"** Writing out data now\n"); } 1182 1183 ops_write_literal_data_from_buf(ops_memory_get_data(mem_buf), ops_memory_get_length(mem_buf), OPS_LDT_BINARY, cinfo); 1195 fprintf(stderr,"** Writing out data now\n"); 1196 1197 ops_write_literal_data_from_buf(ops_memory_get_data(mem_buf), 1198 ops_memory_get_length(mem_buf), 1199 OPS_LDT_BINARY, cinfo); 1184 1200 1185 1201 if (debug) 1186 { fprintf(stderr,"** After Writing out data now\n");}1202 fprintf(stderr, "** After Writing out data now\n"); 1187 1203 1188 1204 // add subpackets to signature … … 1190 1206 // - key id 1191 1207 1192 ops_signature_add_creation_time(sig, time(NULL));1193 1194 ops_keyid(keyid, &skey->public_key);1195 ops_signature_add_issuer_key_id(sig, keyid);1208 ops_signature_add_creation_time(sig, time(NULL)); 1209 1210 ops_keyid(keyid, &skey->public_key); 1211 ops_signature_add_issuer_key_id(sig, keyid); 1196 1212 1197 1213 ops_signature_hashed_subpackets_end(sig); 1198 1214 1199 1215 // write out sig 1200 ops_write_signature(sig, &skey->public_key,skey,cinfo);1216 ops_write_signature(sig, &skey->public_key, skey, cinfo); 1201 1217 1202 1218 ops_teardown_file_write(cinfo, fd_out); … … 1243 1259 \endcode 1244 1260 */ 1245 ops_memory_t* ops_sign_buf(const void* input, const size_t input_len, const ops_sig_type_t sig_type, const ops_secret_key_t *skey, const ops_boolean_t use_armour) 1261 ops_memory_t* ops_sign_buf(const void* input, const size_t input_len, 1262 const ops_sig_type_t sig_type, 1263 const ops_secret_key_t *skey, 1264 const ops_boolean_t use_armour) 1246 1265 { 1247 1266 // \todo allow choice of hash algorithams … … 1259 1278 1260 1279 // setup literal data packet type 1261 if (sig_type ==OPS_SIG_BINARY)1280 if (sig_type == OPS_SIG_BINARY) 1262 1281 ld_type=OPS_LDT_BINARY; 1263 1282 else … … 1276 1295 1277 1296 if (debug) 1278 { fprintf(stderr, "** Writing out one pass sig\n"); } 1297 fprintf(stderr, "** Writing out one pass sig\n"); 1279 1298 1280 1299 // write one_pass_sig … … 1288 1307 1289 1308 if (debug) 1290 { fprintf(stderr,"** Writing out data now\n"); }1309 fprintf(stderr,"** Writing out data now\n"); 1291 1310 1292 1311 ops_write_literal_data_from_buf(input, input_len, ld_type, cinfo); 1293 1312 1294 1313 if (debug) 1295 { fprintf(stderr,"** After Writing out data now\n");}1314 fprintf(stderr,"** After Writing out data now\n"); 1296 1315 1297 1316 // add subpackets to signature … … 1299 1318 // - key id 1300 1319 1301 ops_signature_add_creation_time(sig, time(NULL));1302 1303 ops_keyid(keyid, &skey->public_key);1304 ops_signature_add_issuer_key_id(sig, keyid);1320 ops_signature_add_creation_time(sig, time(NULL)); 1321 1322 ops_keyid(keyid, &skey->public_key); 1323 ops_signature_add_issuer_key_id(sig, keyid); 1305 1324 1306 1325 ops_signature_hashed_subpackets_end(sig); 1307 1326 1308 1327 // write out sig 1309 ops_write_signature(sig, &skey->public_key,skey,cinfo);1328 ops_write_signature(sig, &skey->public_key, skey, cinfo); 1310 1329 1311 1330 // tidy up openpgpsdk/trunk/tests/test_rsa_encrypt.c
r695 r700 133 133 int clean_suite_rsa_encrypt(void) 134 134 { 135 136 135 ops_finish(); 137 136
