diff options
Diffstat (limited to 'g10')
| -rw-r--r-- | g10/ChangeLog | 5 | ||||
| -rw-r--r-- | g10/Makefile.in | 2 | ||||
| -rw-r--r-- | g10/build-packet.c | 1 | ||||
| -rw-r--r-- | g10/keylist.c | 1 | ||||
| -rw-r--r-- | g10/packet.h | 3 | ||||
| -rw-r--r-- | g10/parse-packet.c | 8 | ||||
| -rw-r--r-- | g10/pubkey-enc.c | 2 | ||||
| -rw-r--r-- | g10/seckey-cert.c | 199 | ||||
| -rw-r--r-- | g10/sig-check.c | 32 |
9 files changed, 111 insertions, 142 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index a3037a618..9b42cb3d8 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,8 @@ +Mon Jun 8 22:23:37 1998 Werner Koch ([email protected]) + + * seckey-cert.c (do_check): Removed cipher constants + (protect_secret_key): Ditto. + Fri May 29 10:00:28 1998 Werner Koch ([email protected]) * trustdb.c (query_trust_info): New. diff --git a/g10/Makefile.in b/g10/Makefile.in index 91473ab37..bc306754b 100644 --- a/g10/Makefile.in +++ b/g10/Makefile.in @@ -64,8 +64,6 @@ target_triplet = @target@ CATALOGS = @CATALOGS@ CATOBJEXT = @CATOBJEXT@ CC = @CC@ -CIPHER_EXTRA_DIST = @CIPHER_EXTRA_DIST@ -CIPHER_EXTRA_OBJS = @CIPHER_EXTRA_OBJS@ CPP = @CPP@ DATADIRNAME = @DATADIRNAME@ G10_LOCALEDIR = @G10_LOCALEDIR@ diff --git a/g10/build-packet.c b/g10/build-packet.c index a37aba55c..33709e7da 100644 --- a/g10/build-packet.c +++ b/g10/build-packet.c @@ -575,6 +575,7 @@ build_sig_subpkt( PKT_signature *sig, sigsubpkttype_t type, switch( type ) { case SIGSUBPKT_SIG_CREATED: + case SIGSUBPKT_PRIV_ADD_SIG: hashed = 1; break; default: hashed = 0; break; } diff --git a/g10/keylist.c b/g10/keylist.c index 554fb1f9c..b6e219723 100644 --- a/g10/keylist.c +++ b/g10/keylist.c @@ -319,6 +319,7 @@ list_one( const char *name, int secret ) if( opt.with_colons ) printf(":%02x:", sig->sig_class ); putchar('\n'); + /* FIXME: check or list other sigs here (subpkt PRIV_ADD_SIG)*/ } } if( !any ) {/* oops, no user id */ diff --git a/g10/packet.h b/g10/packet.h index 7f38cd5cf..3fc1ea280 100644 --- a/g10/packet.h +++ b/g10/packet.h @@ -234,7 +234,8 @@ typedef enum { SIGSUBPKT_PRIMARY_UID =25, /* primary user id */ SIGSUBPKT_POLICY =26, /* policy URL */ SIGSUBPKT_KEY_FLAGS =27, /* key flags */ - SIGSUBPKT_SIGNERS_UID =28 /* signer's user id */ + SIGSUBPKT_SIGNERS_UID =28, /* signer's user id */ + SIGSUBPKT_PRIV_ADD_SIG =101 /* signatur is also valid for this uid */ } sigsubpkttype_t; diff --git a/g10/parse-packet.c b/g10/parse-packet.c index 14d4c7b1c..e1f023261 100644 --- a/g10/parse-packet.c +++ b/g10/parse-packet.c @@ -615,6 +615,7 @@ parse_sig_subpkt( const byte *buffer, sigsubpkttype_t reqtype, size_t *ret_n ) : type == SIGSUBPKT_POLICY ? "policy URL" : type == SIGSUBPKT_KEY_FLAGS ? "key flags" : type == SIGSUBPKT_SIGNERS_UID ? "signer's user id" + : type == SIGSUBPKT_PRIV_ADD_SIG? "signs additional user id" : "?"); } else if( type == reqtype ) @@ -636,6 +637,13 @@ parse_sig_subpkt( const byte *buffer, sigsubpkttype_t reqtype, size_t *ret_n ) if( n < 8 ) break; return buffer; + case SIGSUBPKT_PRIV_ADD_SIG: + /* because we use private data, we check the GNUPG marker */ + if( n < 24 ) + break; + if( buffer[0] != 'G' || buffer[1] != 'P' || buffer[2] != 'G' ) + return NULL; + return buffer+3; default: BUG(); /* not yet needed */ } log_error("subpacket of type %d too short\n", type); diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c index d9503265d..8f15057ec 100644 --- a/g10/pubkey-enc.c +++ b/g10/pubkey-enc.c @@ -127,7 +127,7 @@ get_session_key( PKT_pubkey_enc *k, DEK *dek ) { rc = G10ERR_WRONG_SECKEY; goto leave; } break; case CIPHER_ALGO_BLOWFISH: - case CIPHER_ALGO_CAST: + case CIPHER_ALGO_CAST5: if( dek->keylen != 16 ) { rc = G10ERR_WRONG_SECKEY; goto leave; } break; diff --git a/g10/seckey-cert.c b/g10/seckey-cert.c index 6f0dc1ae9..3373bd35e 100644 --- a/g10/seckey-cert.c +++ b/g10/seckey-cert.c @@ -49,112 +49,106 @@ do_check( PKT_secret_cert *cert ) PKT_secret_cert *save_cert; char save_iv[8]; - switch( cert->protect.algo ) { - case CIPHER_ALGO_NONE: BUG(); break; - case CIPHER_ALGO_BLOWFISH160: - case CIPHER_ALGO_BLOWFISH: - case CIPHER_ALGO_CAST: - keyid_from_skc( cert, keyid ); - dek = passphrase_to_dek( keyid, cert->protect.algo, - &cert->protect.s2k, 0 ); - cipher_hd = cipher_open( cert->protect.algo, - CIPHER_MODE_AUTO_CFB, 1); - cipher_setkey( cipher_hd, dek->key, dek->keylen ); - cipher_setiv( cipher_hd, NULL ); - m_free(dek); /* pw is in secure memory, so m_free() burns it */ - save_cert = copy_secret_cert( NULL, cert ); - memcpy(save_iv, cert->protect.iv, 8 ); - cipher_decrypt( cipher_hd, cert->protect.iv, cert->protect.iv, 8 ); - switch( cert->pubkey_algo ) { - case PUBKEY_ALGO_ELGAMAL: - case PUBKEY_ALGO_ELGAMAL_E: - buffer = mpi_get_secure_buffer( cert->d.elg.x, &nbytes, NULL ); - cipher_decrypt( cipher_hd, buffer, buffer, nbytes ); - mpi_set_buffer( cert->d.elg.x, buffer, nbytes, 0 ); - csum = checksum_mpi( cert->d.elg.x ); - m_free( buffer ); - break; - case PUBKEY_ALGO_DSA: - buffer = mpi_get_secure_buffer( cert->d.dsa.x, &nbytes, NULL ); - cipher_decrypt( cipher_hd, buffer, buffer, nbytes ); - mpi_set_buffer( cert->d.dsa.x, buffer, nbytes, 0 ); - csum = checksum_mpi( cert->d.dsa.x ); - m_free( buffer ); - break; - #ifdef HAVE_RSA_CIPHER - case PUBKEY_ALGO_RSA: - case PUBKEY_ALGO_RSA_E: - case PUBKEY_ALGO_RSA_S: - csum = 0; - #define X(a) do { \ - buffer = mpi_get_secure_buffer( cert->d.rsa.##a, \ - &nbytes, NULL ); \ - csum += checksum_u16( nbytes*8 ); \ - cipher_decrypt( cipher_hd, buffer, buffer, nbytes ); \ - csum += checksum( buffer, nbytes ); \ - mpi_set_buffer(cert->d.rsa.##a, buffer, nbytes, 0 ); \ - m_free( buffer ); \ - } while(0) - X(d); - X(p); - X(q); - X(u); - #undef X - break; - #endif /* HAVE_RSA_CIPHER */ + if( cert->protect.algo == CIPHER_ALGO_NONE ) + BUG(); + if( check_cipher_algo( cert->protect.algo ) ) + return G10ERR_CIPHER_ALGO; /* unsupported protection algorithm */ + keyid_from_skc( cert, keyid ); + dek = passphrase_to_dek( keyid, cert->protect.algo, + &cert->protect.s2k, 0 ); + cipher_hd = cipher_open( cert->protect.algo, + CIPHER_MODE_AUTO_CFB, 1); + cipher_setkey( cipher_hd, dek->key, dek->keylen ); + cipher_setiv( cipher_hd, NULL ); + m_free(dek); /* pw is in secure memory, so m_free() burns it */ + save_cert = copy_secret_cert( NULL, cert ); + memcpy(save_iv, cert->protect.iv, 8 ); + cipher_decrypt( cipher_hd, cert->protect.iv, cert->protect.iv, 8 ); + switch( cert->pubkey_algo ) { + case PUBKEY_ALGO_ELGAMAL: + case PUBKEY_ALGO_ELGAMAL_E: + buffer = mpi_get_secure_buffer( cert->d.elg.x, &nbytes, NULL ); + cipher_decrypt( cipher_hd, buffer, buffer, nbytes ); + mpi_set_buffer( cert->d.elg.x, buffer, nbytes, 0 ); + csum = checksum_mpi( cert->d.elg.x ); + m_free( buffer ); + break; + case PUBKEY_ALGO_DSA: + buffer = mpi_get_secure_buffer( cert->d.dsa.x, &nbytes, NULL ); + cipher_decrypt( cipher_hd, buffer, buffer, nbytes ); + mpi_set_buffer( cert->d.dsa.x, buffer, nbytes, 0 ); + csum = checksum_mpi( cert->d.dsa.x ); + m_free( buffer ); + break; + #ifdef HAVE_RSA_CIPHER + case PUBKEY_ALGO_RSA: + case PUBKEY_ALGO_RSA_E: + case PUBKEY_ALGO_RSA_S: + csum = 0; + #define X(a) do { \ + buffer = mpi_get_secure_buffer( cert->d.rsa.##a, \ + &nbytes, NULL ); \ + csum += checksum_u16( nbytes*8 ); \ + cipher_decrypt( cipher_hd, buffer, buffer, nbytes ); \ + csum += checksum( buffer, nbytes ); \ + mpi_set_buffer(cert->d.rsa.##a, buffer, nbytes, 0 ); \ + m_free( buffer ); \ + } while(0) + X(d); + X(p); + X(q); + X(u); + #undef X + break; + #endif /* HAVE_RSA_CIPHER */ - default: BUG(); + default: BUG(); + } + cipher_close( cipher_hd ); + /* now let's see whether we have used the right passphrase */ + if( csum != cert->csum ) { + if( cert->pubkey_algo == PUBKEY_ALGO_ELGAMAL_E ) { + /* very bad kludge to work around an early bug */ + csum -= checksum_u16( mpi_get_nbits(cert->d.elg.x) ); + nbytes = mpi_get_nlimbs(cert->d.elg.x) * 4; + csum += checksum_u16( nbytes*8 ); + if( !opt.batch && csum == cert->csum ) + log_info("Probably you have an old key - use " + "\"--change-passphrase\" to convert.\n"); } - cipher_close( cipher_hd ); - /* now let's see whether we have used the right passphrase */ if( csum != cert->csum ) { - if( cert->pubkey_algo == PUBKEY_ALGO_ELGAMAL_E ) { - /* very bad kludge to work around an early bug */ - csum -= checksum_u16( mpi_get_nbits(cert->d.elg.x) ); - nbytes = mpi_get_nlimbs(cert->d.elg.x) * 4; - csum += checksum_u16( nbytes*8 ); - if( !opt.batch && csum == cert->csum ) - log_info("Probably you have an old key - use " - "\"--change-passphrase\" to convert.\n"); - } - if( csum != cert->csum ) { - copy_secret_cert( cert, save_cert ); - free_secret_cert( save_cert ); - memcpy( cert->protect.iv, save_iv, 8 ); - return G10ERR_BAD_PASS; - } - } - - switch( cert->pubkey_algo ) { - case PUBKEY_ALGO_ELGAMAL_E: - case PUBKEY_ALGO_ELGAMAL: - res = elg_check_secret_key( &cert->d.elg ); - break; - case PUBKEY_ALGO_DSA: - res = dsa_check_secret_key( &cert->d.dsa ); - break; - #ifdef HAVE_RSA_CIPHER - case PUBKEY_ALGO_RSA: - case PUBKEY_ALGO_RSA_E: - case PUBKEY_ALGO_RSA_S: - res = rsa_check_secret_key( &cert->d.rsa ); - break; - #endif - default: BUG(); - } - if( !res ) { copy_secret_cert( cert, save_cert ); free_secret_cert( save_cert ); memcpy( cert->protect.iv, save_iv, 8 ); return G10ERR_BAD_PASS; } - free_secret_cert( save_cert ); - cert->is_protected = 0; - break; + } - default: - return G10ERR_CIPHER_ALGO; /* unsupported protection algorithm */ + switch( cert->pubkey_algo ) { + case PUBKEY_ALGO_ELGAMAL_E: + case PUBKEY_ALGO_ELGAMAL: + res = elg_check_secret_key( &cert->d.elg ); + break; + case PUBKEY_ALGO_DSA: + res = dsa_check_secret_key( &cert->d.dsa ); + break; + #ifdef HAVE_RSA_CIPHER + case PUBKEY_ALGO_RSA: + case PUBKEY_ALGO_RSA_E: + case PUBKEY_ALGO_RSA_S: + res = rsa_check_secret_key( &cert->d.rsa ); + break; + #endif + default: BUG(); } + if( !res ) { + copy_secret_cert( cert, save_cert ); + free_secret_cert( save_cert ); + memcpy( cert->protect.iv, save_iv, 8 ); + return G10ERR_BAD_PASS; + } + free_secret_cert( save_cert ); + cert->is_protected = 0; } else { /* not protected */ switch( cert->pubkey_algo ) { @@ -320,11 +314,9 @@ protect_secret_key( PKT_secret_cert *cert, DEK *dek ) if( !cert->is_protected ) { /* okay, apply the protection */ CIPHER_HANDLE cipher_hd=NULL; - switch( cert->protect.algo ) { - case CIPHER_ALGO_NONE: BUG(); break; - case CIPHER_ALGO_BLOWFISH160: - case CIPHER_ALGO_BLOWFISH: - case CIPHER_ALGO_CAST: + if( check_cipher_algo( cert->protect.algo ) ) + rc = G10ERR_CIPHER_ALGO; /* unsupport protection algorithm */ + else { cipher_hd = cipher_open( cert->protect.algo, CIPHER_MODE_AUTO_CFB, 1 ); cipher_setkey( cipher_hd, dek->key, dek->keylen ); @@ -333,11 +325,6 @@ protect_secret_key( PKT_secret_cert *cert, DEK *dek ) if( !do_protect( &cipher_encrypt, cipher_hd, cert ) ) cert->is_protected = 1; cipher_close( cipher_hd ); - break; - - default: - rc = G10ERR_CIPHER_ALGO; /* unsupport protection algorithm */ - break; } } return rc; diff --git a/g10/sig-check.c b/g10/sig-check.c index a30d0efcc..6dc660916 100644 --- a/g10/sig-check.c +++ b/g10/sig-check.c @@ -319,38 +319,6 @@ check_key_signature( KBNODE root, KBNODE node, int *is_selfsig ) rc = G10ERR_SIG_CLASS; } } - else if( sig->sig_class >= 0x14 && sig->sig_class <= 0x17 ) { - /* a gnupg extension: calculate the signature over all - * preceding userids */ - KBNODE unode = find_prev_kbnode( root, node, PKT_USER_ID ); - u32 keyid[2]; - int any = 0; - - keyid_from_pkc( pkc, keyid ); - md = md_open( algo, 0 ); - hash_public_cert( md, pkc ); - - for( unode=root->next; unode && unode != node; unode = unode->next ) { - if( unode->pkt->pkttype == PKT_USER_ID ) { - hash_uid_node( unode, md, sig ); - any++; - } - } - if( any ) { - if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] ) { - if( is_selfsig ) - *is_selfsig = 1; - rc = do_check( pkc, sig, md ); - } - else - rc = signature_check( sig, md ); - } - else { - log_error("no user id for key signature packet\n"); - rc = G10ERR_SIG_CLASS; - } - md_close(md); - } else { KBNODE unode = find_prev_kbnode( root, node, PKT_USER_ID ); |