[OpenPGP:SDK svn] r608 - in openpgpsdk/trunk: src/lib tests
Subversion
ben at links.org
Fri Aug 29 12:40:56 BST 2008
Author: rachel
Date: 2008-08-29 12:40:55 +0100 (Fri, 29 Aug 2008)
New Revision: 608
Modified:
openpgpsdk/trunk/src/lib/packet-parse.c
openpgpsdk/trunk/src/lib/validate.c
openpgpsdk/trunk/tests/test_rsa_verify.c
Log:
Finish V3 signature verification.
Add tests to detect successfull and failed V3 sig verification.
Modified: openpgpsdk/trunk/src/lib/packet-parse.c
===================================================================
--- openpgpsdk/trunk/src/lib/packet-parse.c 2008-08-28 16:07:03 UTC (rev 607)
+++ openpgpsdk/trunk/src/lib/packet-parse.c 2008-08-29 11:40:55 UTC (rev 608)
@@ -1239,6 +1239,9 @@
unsigned char c[1];
ops_parser_content_t content;
+ // clear signature
+ memset(&C.signature,'\0',sizeof C.signature);
+
C.signature.info.version=OPS_V3;
/* hash info length */
Modified: openpgpsdk/trunk/src/lib/validate.c
===================================================================
--- openpgpsdk/trunk/src/lib/validate.c 2008-08-28 16:07:03 UTC (rev 607)
+++ openpgpsdk/trunk/src/lib/validate.c 2008-08-29 11:40:55 UTC (rev 608)
@@ -54,17 +54,36 @@
ops_hash_any(&hash,sig->info.hash_algorithm);
hash.init(&hash);
hash.add(&hash,data,len);
- hash.add(&hash,sig->info.v4_hashed_data,sig->info.v4_hashed_data_length);
+ switch (sig->info.version)
+ {
+ case OPS_V3:
+ trailer[0]=sig->info.type;
+ trailer[1]=sig->info.creation_time >> 24;
+ trailer[2]=sig->info.creation_time >> 16;
+ trailer[3]=sig->info.creation_time >> 8;
+ trailer[4]=sig->info.creation_time;
+ hash.add(&hash,&trailer[0],5);
+ break;
- trailer[0]=0x04; // version
- trailer[1]=0xFF;
- hashedlen=sig->info.v4_hashed_data_length;
- trailer[2]=hashedlen >> 24;
- trailer[3]=hashedlen >> 16;
- trailer[4]=hashedlen >> 8;
- trailer[5]=hashedlen;
- hash.add(&hash,&trailer[0],6);
+ case OPS_V4:
+ hash.add(&hash,sig->info.v4_hashed_data,sig->info.v4_hashed_data_length);
+ trailer[0]=0x04; // version
+ trailer[1]=0xFF;
+ hashedlen=sig->info.v4_hashed_data_length;
+ trailer[2]=hashedlen >> 24;
+ trailer[3]=hashedlen >> 16;
+ trailer[4]=hashedlen >> 8;
+ trailer[5]=hashedlen;
+ hash.add(&hash,&trailer[0],6);
+
+ break;
+
+ default:
+ fprintf(stderr,"Invalid signature version %d\n", sig->info.version);
+ return ops_false;
+ }
+
n=hash.finish(&hash,hashout);
// return ops_false;
@@ -220,7 +239,8 @@
arg->last_seen=ATTRIBUTE;
return OPS_KEEP_MEMORY;
- case OPS_PTAG_CT_SIGNATURE_FOOTER:
+ case OPS_PTAG_CT_SIGNATURE: // V3 sigs
+ case OPS_PTAG_CT_SIGNATURE_FOOTER: // V4 sigs
/*
printf(" type=%02x signer_id=",content->signature.type);
hexdump(content->signature.signer_id,
@@ -304,8 +324,7 @@
// ignore these
case OPS_PARSER_PTAG:
case OPS_PTAG_CT_SIGNATURE_HEADER:
- case OPS_PTAG_CT_SIGNATURE:
- case OPS_PARSER_PACKET_END:
+ case OPS_PARSER_PACKET_END:
break;
case OPS_PARSER_CMD_GET_SK_PASSPHRASE:
@@ -365,9 +384,6 @@
break;
case OPS_PTAG_CT_SIGNATURE: // V3 sigs
- // this gives us a signature struct with all info about hash alg, etc from the packet
- break;
-
case OPS_PTAG_CT_SIGNATURE_FOOTER: // V4 sigs
if (debug)
@@ -435,13 +451,10 @@
if(valid)
{
add_sig_to_valid_list(arg->result, &content->signature.info);
- // ++arg->result->valid_count;
}
else
{
OPS_ERROR(errors,OPS_E_V_BAD_SIGNATURE,"Bad Signature");
- // printf(" BAD SIGNATURE\n");
- // ++arg->result->invalid_count;
add_sig_to_invalid_list(arg->result, &content->signature.info);
}
break;
@@ -453,7 +466,6 @@
case OPS_PTAG_CT_ARMOUR_TRAILER:
case OPS_PTAG_CT_ONE_PASS_SIGNATURE:
case OPS_PARSER_PACKET_END:
- // case OPS_PTAG_CT_SIGNATURE:
break;
default:
Modified: openpgpsdk/trunk/tests/test_rsa_verify.c
===================================================================
--- openpgpsdk/trunk/tests/test_rsa_verify.c 2008-08-28 16:07:03 UTC (rev 607)
+++ openpgpsdk/trunk/tests/test_rsa_verify.c 2008-08-29 11:40:55 UTC (rev 608)
@@ -53,6 +53,7 @@
static char *filename_rsa_armour_compress_base="gpg_rsa_sign_armour_compress";
static char *filename_rsa_v3sig="gpg_rsa_sign_v3sig.txt";
+static char *filename_rsa_v3sig_fail_bad_sig="gpg_rsa_sign_v3sig_fail_bad_sig.txt";
static char *filename_rsa_hash_md5="gpg_rsa_hash_md5.txt";
@@ -110,6 +111,7 @@
create_small_testfile(filename_rsa_armour_passphrase);
create_small_testfile(filename_rsa_v3sig);
+ create_small_testfile(filename_rsa_v3sig_fail_bad_sig);
create_small_testfile(filename_rsa_hash_md5);
create_small_testfile(filename_rsa_noarmour_nopassphrase);
@@ -157,6 +159,13 @@
if (system(cmd))
{ return 1; }
+ // V3 signature to fail
+ snprintf(cmd,sizeof cmd,"cat %s/%s | %s --compress-level 0 --sign --force-v3-sigs --local-user %s > %s/%s.gpg",
+ dir, filename_rsa_v3sig_fail_bad_sig,
+ gpgcmd, alpha_name, dir, filename_rsa_v3sig_fail_bad_sig);
+ if (system(cmd))
+ { return 1; }
+
// MD5 hash
snprintf(cmd,sizeof cmd,"cat %s/%s | %s --compress-level 0 --sign --digest-algo \"MD5\" --local-user %s > %s/%s.gpg",
dir, filename_rsa_hash_md5,
@@ -473,6 +482,14 @@
test_rsa_verify_fail(armour,filename_rsa_noarmour_fail_bad_sig,callback_bad_sig,OPS_E_V_BAD_SIGNATURE);
}
+static void test_rsa_verify_v3sig_fail_bad_sig(void)
+ {
+ int armour=0;
+ assert(pub_keyring.nkeys);
+
+ test_rsa_verify_fail(armour,filename_rsa_v3sig_fail_bad_sig, callback_bad_sig, OPS_E_V_BAD_SIGNATURE);
+ }
+
static void test_rsa_verify_clearsign_fail_bad_sig(void)
{
int armour=1;
@@ -526,6 +543,9 @@
if (NULL == CU_add_test(suite, "V3 signature verification", test_rsa_verify_v3sig))
return NULL;
+ if (NULL == CU_add_test(suite, "V3 signature: should fail on bad sig", test_rsa_verify_v3sig_fail_bad_sig))
+ return NULL;
+
if (NULL == CU_add_test(suite, "MD5 Hash", test_rsa_verify_hash_md5))
return NULL;
More information about the OpenPGPsdk-svn
mailing list