diff options
| author | Werner Koch <[email protected]> | 2019-09-27 11:51:52 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2019-09-27 11:51:52 +0000 |
| commit | 0af1c6447dc0f981ab7306e3bef520f37aded167 (patch) | |
| tree | d5bd0cd69bc8a42fc011cdebd1dd05c6fd0e081a /kbx/keybox-dump.c | |
| parent | kbx,gpg: Allow lookup using a UBID. (diff) | |
| download | gnupg-0af1c6447dc0f981ab7306e3bef520f37aded167.tar.gz gnupg-0af1c6447dc0f981ab7306e3bef520f37aded167.zip | |
kbx: Store the UBIB in the blob.
* kbx/keybox-blob.c (create_blob_header): New blob flag UBIB.
(create_blob_finish): Write the UBIB.
* kbx/keybox-dump.c (print_ubib): New.
(_keybox_dump_blob): Print UBIB flag.
* kbx/keybox-search.c (has_ubid): Compare the stored UBIB if
available.
--
This make scanning the keybox for a given UBIB much faster once it has
been stored.
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to 'kbx/keybox-dump.c')
| -rw-r--r-- | kbx/keybox-dump.c | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/kbx/keybox-dump.c b/kbx/keybox-dump.c index 48c3f63c5..37646832e 100644 --- a/kbx/keybox-dump.c +++ b/kbx/keybox-dump.c @@ -63,6 +63,41 @@ print_string (FILE *fp, const byte *p, size_t n, int delim) } +static void +print_ubib (const byte *buffer, size_t length, FILE *fp) +{ + const byte *p; + int i; + size_t image_off, image_len; + unsigned char digest[20]; + + fprintf (fp, "UBIB: "); + if (length < 40) + { + fputs ("[blob too short for a stored UBIB]\n", fp); + return; + } + + p = buffer + length - 40; + for (i=0; i < 20; p++, i++) + fprintf (fp, "%02X", *p); + + image_off = get32 (buffer+8); + image_len = get32 (buffer+12); + if ((uint64_t)image_off+(uint64_t)image_len > (uint64_t)length) + { + fputs (" [image claims to be longer than the blob]\n", fp); + return; + } + + gcry_md_hash_buffer (GCRY_MD_SHA1, digest, buffer+image_off,image_len); + if (memcmp (digest, buffer + length - 40, 20)) + fputs (" [does not match the image]\n", fp); + else + fputc ('\n', fp); +} + + static int print_checksum (const byte *buffer, size_t length, size_t unhashed, FILE *fp) { @@ -171,6 +206,7 @@ _keybox_dump_blob (KEYBOXBLOB blob, FILE *fp) ulong unhashed; const byte *p; int is_fpr32; /* blob ersion 2 */ + int have_ubib = 0; buffer = _keybox_get_blob_image (blob, &length); @@ -237,6 +273,14 @@ _keybox_dump_blob (KEYBOXBLOB blob, FILE *fp) fputs ("ephemeral", fp); any++; } + if ((n & 4)) + { + if (any) + putc (',', fp); + fputs ("ubid", fp); + any++; + have_ubib = 1; + } putc (')', fp); } putc ('\n', fp); @@ -422,6 +466,8 @@ _keybox_dump_blob (KEYBOXBLOB blob, FILE *fp) n = get32 ( buffer + length - unhashed); fprintf (fp, "Storage-Flags: %08lx\n", n ); } + if (have_ubib) + print_ubib (buffer, length, fp); print_checksum (buffer, length, unhashed, fp); return 0; } |