8 #define _RPMIOB_INTERNAL 13 #define _RPMPGP_INTERNAL 40 #if defined(USE_CRYPTO_BEECRYPT) && defined(WITH_BEECRYPT) 42 #elif defined(USE_CRYPTO_GCRYPT) && defined(WITH_GCRYPT) 44 #elif defined(USE_CRYPTO_NSS) && defined(WITH_NSS) 46 #elif defined(USE_CRYPTO_OPENSSL) && defined(WITH_SSL) 48 #elif defined(USE_CRYPTO_CDSA) && defined(WITH_CDSA) 50 #elif defined(USE_CRYPTO_TOMCRYPT) && defined(WITH_TOMCRYPT) 53 #elif defined(WITH_BEECRYPT) 55 #elif defined(WITH_NSS) 57 #elif defined(WITH_GCRYPT) 59 #elif defined(WITH_SSL) 61 #elif defined(WITH_CDSA) 63 #elif defined(WITH_TOMCRYPT) 66 #error INTERNAL ERROR: no suitable Cryptography library available 100 { -1,
"SIG_UNKNOWN" },
114 { -1,
"KEY_UNKNOWN" },
133 { -1,
"SYM_UNKNOWN" },
141 { -1,
"Unknown compression algorithm" },
155 { -1,
"MD_UNKNOWN" },
161 { 0x80,
"No-modify" },
162 { -1,
"Unknown key server preference" },
203 { -1,
"Unknown signature subkey type" },
224 {
PGPTAG_MDC,
"Manipulaion detection code packet" },
229 { -1,
"TAG_UNKNOWN" },
240 { -1,
"Unknown armor block" }
249 { -1,
"Unknown armor key" }
256 if (!_pgp_print)
return;
257 fprintf(stderr,
"\n");
264 if (!_pgp_print)
return;
266 fprintf(stderr,
"%s", pre);
267 fprintf(stderr,
" %d", i);
274 if (!_pgp_print)
return;
276 fprintf(stderr,
"%s", pre);
277 fprintf(stderr,
" %s", s);
284 if (!_pgp_print)
return;
286 fprintf(stderr,
"%s", pre);
287 fprintf(stderr,
" %s",
pgpHexStr(p, plen));
294 if (!_pgp_print)
return;
296 fprintf(stderr,
"%s", pre);
297 fprintf(stderr,
"%s(%u)",
pgpValStr(vs, val), (
unsigned)val);
314 fprintf(stderr,
" *CRITICAL*");
317 for (i = 1; i < plen; i++)
321 for (i = 1; i < plen; i++)
325 for (i = 1; i < plen; i++)
329 for (i = 1; i < plen; i++)
330 pgpPrtVal(
" ", pgpKeyServerPrefsTbl, p[i]);
334 if (_digp && !(_digp->saved & PGPDIG_SAVED_TIME) &&
337 _digp->saved |= PGPDIG_SAVED_TIME;
338 memcpy(_digp->time, p+1,
sizeof(_digp->time));
341 if ((plen - 1) == 4) {
342 time_t t =
pgpGrab(p+1, plen-1);
344 fprintf(stderr,
" %-24.24s(0x%08x)", ctime(&t), (
unsigned)t);
350 if ((plen - 1) == 4) {
351 time_t t =
pgpGrab(p+1, plen-1);
352 if (_digp->saved & PGPDIG_SAVED_TIME)
353 t +=
pgpGrab(_digp->time,
sizeof(_digp->time));
355 fprintf(stderr,
" %-24.24s(0x%08x)", ctime(&t), (
unsigned)t);
362 if (_digp && !(_digp->saved & PGPDIG_SAVED_ID) &&
365 _digp->saved |= PGPDIG_SAVED_ID;
366 memcpy(_digp->signid, p+1,
sizeof(_digp->signid));
437 for (i = 0; p < pend; i++, p +=
pgpMpiLen(p)) {
497 fprintf(stderr,
"%7d", i);
530 fprintf(stderr,
" %-24.24s(0x%08x)", ctime(&t), (
unsigned)t);
537 if (_digp && _digp->pubkey_algo == (
rpmuint8_t)0) {
539 _digp->hashlen = (size_t) v->
hashlen;
542 memcpy(_digp->time, v->
time,
sizeof(_digp->time));
543 memcpy(_digp->signid, v->
signid,
sizeof(_digp->signid));
546 memcpy(_digp->signhash16, v->
signhash16,
sizeof(_digp->signhash16));
566 if ((p + plen) > (pp->u.h + pp->hlen))
569 if (_pgp_debug && _pgp_print)
570 fprintf(stderr,
" hash[%u] -- %s\n", plen,
pgpHexStr(p, plen));
571 if (_digp && _digp->pubkey_algo == (
rpmuint8_t)0) {
572 _digp->hashlen =
sizeof(*v) + plen;
573 _digp->hash = pp->u.h;
581 if ((p + plen) > (pp->u.h + pp->hlen))
584 if (_pgp_debug && _pgp_print)
585 fprintf(stderr,
" unhash[%u] -- %s\n", plen,
pgpHexStr(p, plen));
593 if (_digp && _digp->pubkey_algo == (
rpmuint8_t)0) {
598 memcpy(_digp->signhash16, p,
sizeof(_digp->signhash16));
602 if (p > (pp->u.h + pp->hlen))
625 static const char * pgpSecretRSA[] = {
645 static const char * pgpSecretDSA[] = {
659 static const char * pgpSecretECDSA[] = {
675 static const char * pgpSecretELGAMAL[] = {
688 for (i = 0; p < pend; i++, p +=
pgpMpiLen(p)) {
731 (void)
pgpImplMpiItem(pgpPublicECDSA[i], dig, 61, p+1+p[0], NULL);
738 pgpPrtHex(
" Curve = [ OID]:", p+1, p[0]);
748 fprintf(stderr,
"%7d", i);
783 pgpPrtVal(
" iterated/salted ", pgpHashTbl, p[2]);
784 i = (16 + ((unsigned)p[11] & 0xf)) << (((
unsigned)p[11] >> 4U) + 6);
802 for (i = 0; p < &pp->u.h[pp->hlen]; i++, p +=
pgpMpiLen(p)) {
804 if (pgpSecretRSA[i] == NULL)
break;
807 if (pgpSecretDSA[i] == NULL)
break;
810 if (pgpSecretECDSA[i] == NULL)
break;
813 if (pgpSecretELGAMAL[i] == NULL)
break;
817 fprintf(stderr,
"%7d", i);
823 pgpPrtHex(
" secret", p, (pp->hlen - (p - pp->u.h) - 2));
825 p += (pp->hlen - (p - pp->u.h) - 2);
850 fprintf(stderr,
" %-24.24s(0x%08x)", ctime(&t), (
unsigned)t);
853 fprintf(stderr,
" valid %u days", plen);
856 if (_digp && _digp->tag == (
rpmuint8_t)pp->tag) {
858 memcpy(_digp->time, v->
time,
sizeof(_digp->time));
872 fprintf(stderr,
" %-24.24s(0x%08x)", ctime(&t), (
unsigned)t);
875 if (_digp && _digp->tag == (
rpmuint8_t)pp->tag) {
877 memcpy(_digp->time, v->
time,
sizeof(_digp->time));
900 fprintf(stderr,
" \"%.*s\"", (
int)pp->hlen, (
const char *)pp->u.h);
903 char * t = (
char *) memcpy(
xmalloc(pp->hlen+1), pp->u.h, pp->hlen);
905 _digp->userid =
_free(_digp->userid);
918 fprintf(stderr,
" ");
928 fprintf(stderr,
"%.*s", (
int)strlen((
const char *)h), (
const char *)h);
942 unsigned int val = (
unsigned int)*pkt;
945 memset(pp, 0,
sizeof(*pp));
951 pp->tag = (
pgpTag) (val & 0x3f);
952 plen =
pgpLen(pkt+1, &pp->hlen);
954 pp->tag = (
pgpTag) ((val >> 2) & 0xf);
955 plen = (1 << (val & 0x3));
956 pp->hlen =
pgpGrab(pkt+1, plen);
959 pp->pktlen = 1 + plen + pp->hlen;
960 if (pleft > 0 && pp->pktlen > (
unsigned)pleft)
964 pp->u.h = pkt + 1 + plen;
981 switch (pp->u.h[0]) {
990 memmove(keyid, (se-8), 8);
1003 for (i = 0; i < 2; i++)
1007 for (i = 0; i < 4; i++)
1012 for (i = 0; i < 1; i++)
1021 memmove(keyid, (d + (dlen-8)), 8);
1034 if (b64decode(b64pkt, (
void **)&pkt, &pktlen))
1058 _digp->saved |= PGPDIG_SAVED_ID;
1060 memset(_digp->signid, 0,
sizeof(_digp->signid));
1101 return (rc ? -1 : (
int)pp->pktlen);
1110 dig->signature.userid =
_free(dig->signature.userid);
1111 dig->pubkey.userid =
_free(dig->pubkey.userid);
1112 dig->pubkey_algoN = NULL;
1113 dig->hash_algoN = NULL;
1114 memset(&dig->dops, 0,
sizeof(dig->dops));
1115 memset(&dig->sops, 0,
sizeof(dig->sops));
1116 dig->ppkts =
_free(dig->ppkts);
1118 dig->signature.hash = NULL;
1119 dig->signature.hashlen = 0;
1120 dig->pubkey.hash = NULL;
1121 dig->pubkey.hashlen = 0;
1123 memset(&dig->signature, 0,
sizeof(dig->signature));
1124 memset(&dig->pubkey, 0,
sizeof(dig->pubkey));
1126 dig->md5 =
_free(dig->md5);
1128 dig->sha1 =
_free(dig->sha1);
1145 dig->sig =
_free(dig->sig);
1147 dig->pub =
_free(dig->pub);
1152 yarnRelease(dig->_item.use);
1157 yarnPossess(dig->_item.use);
1160 if (dig->hdrctx != NULL)
1164 if (dig->hdrsha1ctx != NULL)
1166 dig->hdrsha1ctx = NULL;
1168 if (dig->sha1ctx != NULL)
1170 dig->sha1ctx = NULL;
1173 if (dig->hdrmd5ctx != NULL)
1175 dig->hdrmd5ctx = NULL;
1178 if (dig->md5ctx != NULL)
1195 if (_digPool == NULL) {
1196 _digPool =
rpmioNewPool(
"dig",
sizeof(*dig), -1, _pgp_debug,
1202 memset(((
char *)dig)+
sizeof(dig->_item), 0,
sizeof(*dig)-
sizeof(dig->_item));
1215 pubp->pubkey_algo = pubkey_algo;
1217 if (pubp->pubkey_algo) {
1229 return (dig ? &dig->signature : NULL);
1234 return (dig ? &dig->pubkey : NULL);
1239 return (dig ? dig->sigtag : 0);
1244 return (dig ? dig->sigtype : 0);
1249 return (dig ? dig->sig : NULL);
1254 return (dig ? dig->siglen : 0);
1261 dig->sigtag = sigtag;
1262 dig->sigtype = (sig ? sigtype : 0);
1266 dig->siglen = siglen;
1286 int (*findPubkey) (
void *ts,
void *dig),
void * _ts)
1290 dig->findPubkey = findPubkey;
1302 if (dig && dig->findPubkey && dig->_ts)
1303 rc = (*dig->findPubkey) (dig->_ts, dig);
1318 for (p = pkts, pleft = pktlen; p < (pkts + pktlen); p += len, pleft -= len) {
1330 for (p = pkts, pleft = pktlen; p < (pkts + pktlen); p += len, pleft -= len) {
1337 ppkts[npkts] = NULL;
1342 ppkts =
_free(ppkts);
1356 unsigned int val = (
unsigned int)*pkts;
1363 _pgp_print = printing;
1365 if (dig != NULL && (val & 0x80)) {
1366 pgpTag tag = (
pgpTag)((val & 0x40) ? (val & 0x3f) : ((val >> 2) & 0xf));
1372 if (
pgpGrabPkts(pkts, pktlen, &ppkts, &npkts) || ppkts == NULL) {
1378 for (i = 0, pleft = pktlen; i < npkts; i++, pleft -= len) {
1384 dig->ppkts =
_free(dig->ppkts);
1388 ppkts =
_free(ppkts);
1399 const char * enc = NULL;
1400 const char * crcenc = NULL;
1406 const char * armortype = NULL;
1433 iob->blen =
pgpPktLen(iob->b, iob->blen, pp);
1438 #define TOKEQ(_s, _tok) (!strncmp((_s), (_tok), sizeof(_tok)-1)) 1441 for (t = (
char *)iob->b; t && *t; t = te) {
1442 if ((te = strchr(t,
'\n')) == NULL)
1450 if (!
TOKEQ(t,
"-----BEGIN PGP "))
1452 t +=
sizeof(
"-----BEGIN PGP ")-1;
1465 t = strchr(t,
'\n');
1470 t -= (
sizeof(
"-----")-1);
1471 if (!
TOKEQ(t,
"-----"))
1481 if (!(*t ==
'\n' || *t ==
'\r')) {
1498 if (!
TOKEQ(t,
"-----END PGP ")) {
1503 t +=
sizeof(
"-----END PGP ")-1;
1504 if (t >= te)
continue;
1506 if (armortype == NULL)
1508 rc = strncmp(t, armortype, strlen(armortype));
1512 t += strlen(armortype);
1513 if (t >= te)
continue;
1515 if (!
TOKEQ(t,
"-----")) {
1519 t += (
sizeof(
"-----")-1);
1520 if (t >= te)
continue;
1522 if (!(*t ==
'\n' || *t ==
'\r'))
continue;
1526 if (b64decode(crcenc, (
void **)&crcdec, &crclen) != 0) {
1530 crcpkt =
pgpGrab(crcdec, crclen);
1531 crcdec =
_free(crcdec);
1534 if (b64decode(enc, (
void **)&dec, &declen) != 0) {
1538 crc =
pgpCRC(dec, declen);
1539 if (crcpkt != crc) {
1543 iob->b =
_free(iob->b);
1554 if (pkt) *pkt = iob->b;
1555 if (pktlen) *pktlen = iob->blen;
1558 if (pkt) *pkt = NULL;
1559 if (pktlen) *pktlen = 0;
1582 nt = ((ns + 2) / 3) * 4;
1585 if (b64encode_chars_per_line > 0 && b64encode_eolstr != NULL) {
1586 lc = (nt + b64encode_chars_per_line - 1) / b64encode_chars_per_line;
1587 if (((nt + b64encode_chars_per_line - 1) % b64encode_chars_per_line) != 0)
1589 nt += lc * strlen(b64encode_eolstr);
1595 val = t = (
char *)
xmalloc(nt + 1);
1597 t =
stpcpy(t,
"-----BEGIN PGP ");
1602 t =
stpcpy(t,
" (BeeCrypt)\n\n");
1604 if ((enc = b64encode(s, ns)) != NULL) {
1607 if ((enc = b64crc(s, ns)) != NULL) {
1614 t =
stpcpy(t,
"-----END PGP ");
1616 t =
stpcpy(t,
"-----\n");
1630 name_len = strlen(name);
1631 for (i = 0; i <
sizeof(
pgpHashTbl)/
sizeof(pgpHashTbl[0]); i++)
static const char * pgpSigDSA[]
static int pgpValTok(pgpValTbl vs, const char *s, const char *se)
Return value of an OpenPGP string.
static void pgpPrtInt(const char *pre, int i)
pgpDigParams pgpGetPubkey(pgpDig dig)
Return OpenPGP pubkey parameters.
const rpmuint8_t * pgpPrtPubkeyParams(pgpDig dig, const pgpPkt pp, pgpPubkeyAlgo pubkey_algo, const rpmuint8_t *p)
pgpImplVecs_t * pgpImplVecs
struct pgpImplVecs_s rpmbcImplVecs
int pgpSetFindPubkey(pgpDig dig, int(*findPubkey)(void *ts, void *dig), void *_ts)
Set find pubkey vector.
static const char * pgpValStr(pgpValTbl vs, rpmuint8_t val)
Return string representation of am OpenPGP value.
static const rpmuint8_t * pgpPrtSeckeyParams(const pgpPkt pp, rpmuint8_t pubkey_algo, const rpmuint8_t *p)
pgpDig pgpDigFree(pgpDig dig)
Destroy a container for parsed OpenPGP packates.
static unsigned int pgpCRC(const rpmuint8_t *octets, size_t len)
Return CRC of a buffer.
rpmuint32_t pgpGetSiglen(pgpDig dig)
Get signature tag data length, i.e.
int pgpPktLen(const rpmuint8_t *pkt, size_t pleft, pgpPkt pp)
const void * pgpGetSig(pgpDig dig)
Get signature tag data, i.e.
struct pgpValTbl_s pgpCompressionTbl[]
Compression (string, value) pairs.
struct pgpDigParams_s * pgpDigParams
static unsigned int pgpLen(const rpmuint8_t *s, unsigned int *lenp)
Return length of an OpenPGP packet.
DIGEST_CTX rpmDigestInit(pgpHashAlgo hashalgo, rpmDigestFlags flags)
Initialize digest.
int pgpExtractPubkeyFingerprint(const char *b64pkt, rpmuint8_t *keyid)
Extract OpenPGP public key fingerprint from base64 encoded packet.
struct pgpValTbl_s pgpHashTbl[]
Hash (string, value) pairs.
struct pgpValTbl_s pgpArmorKeyTbl[]
Armor key (string, value) pairs.
int xstrncasecmp(const char *s1, const char *s2, size_t n)
Locale insensitive strncasecmp(3).
static unsigned int pgpGrab(const rpmuint8_t *s, size_t nbytes)
Return (native-endian) integer from big-endian representation.
enum pgpHashAlgo_e pgpHashAlgo
9.4.
static const char * pgpPublicELGAMAL[]
static rpmVSFlags vsflags
char * pgpArmorWrap(rpmuint8_t atype, const unsigned char *s, size_t ns)
Wrap a OpenPGP packets in ascii armor for transport.
int pgpSetSig(pgpDig dig, rpmuint32_t sigtag, rpmuint32_t sigtype, const void *sig, rpmuint32_t siglen)
Set signature tag info, i.e.
rpmiob rpmiobFree(rpmiob iob)
Destroy a I/O buffer instance.
enum pgpSigType_e pgpSigType
5.2.1.
pgpDig pgpDigLink(pgpDig dig)
Reference a signature parameters instance.
static int pgpImplGenerate(pgpDig dig)
pgpImplVecs_t rpmnssImplVecs
struct pgpValTbl_s pgpTagTbl[]
pgpArmor pgpArmorUnwrap(rpmiob iob, rpmuint8_t **pkt, size_t *pktlen)
Parse armored OpenPGP packets from an iob.
int rpmiobSlurp(const char *fn, rpmiob *iobp)
static void pgpDigFini(void *__dig)
static const char * pgpPublicRSA[]
static int pgpIsPkt(const rpmuint8_t *p, pgpTag *tagp)
Is buffer at beginning of an OpenPGP packet?
rpmuint32_t pgpGetSigtype(pgpDig dig)
Get signature tag type.
pgpArmor pgpReadPkts(const char *fn, rpmuint8_t **pkt, size_t *pktlen)
Parse armored OpenPGP packets from a file.
static void * pgpImplFree(void *impl)
static void * pgpImplInit(void)
pgpVSFlags pgpDigVSFlags
Disabler bits(s) for signature/digest checking.
static int crc(FD_t fd, uint32_t *cval, uint32_t *clen)
void * xcalloc(size_t nmemb, size_t size)
int pgpPrtPkt(const rpmuint8_t *pkt, size_t pleft)
Return lenth of a OpenPGP packet.
struct pgpPktSigV4_s * pgpPktSigV4
5.2.3.
int rpmDigestUpdate(DIGEST_CTX ctx, const void *data, size_t len)
Update context with next plain text buffer.
int pgpFindPubkey(pgpDig dig)
Call find pubkey vector.
rpmioItem rpmioGetPool(rpmioPool pool, size_t size)
Get unused item from pool, or alloc a new item.
struct pgpValTbl_s pgpSymkeyTbl[]
Symmetric key (string, value) pairs.
int pgpPrtSigParams(pgpDig dig, const pgpPkt pp, pgpPubkeyAlgo pubkey_algo, pgpSigType sigtype, const rpmuint8_t *p)
unsigned char rpmuint8_t
Private int typedefs to avoid C99 portability issues.
static const char * pgpMpiStr(const rpmuint8_t *p)
Return hex formatted representation of a multiprecision integer.
enum pgpVSFlags_e pgpVSFlags
Bit(s) to control digest and signature verification.
pgpDigParams pgpGetSignature(pgpDig dig)
Return OpenPGP signature parameters.
struct pgpValTbl_s pgpArmorTbl[]
Armor (string, value) pairs.
rpmuint32_t pgpGetSigtag(pgpDig dig)
Get signature tag.
pgpImplVecs_t rpmsslImplVecs
Implementation specific parameter storage.
struct pgpValTbl_s pgpSubTypeTbl[]
Subtype (string, value) pairs.
static void pgpPrtHex(const char *pre, const rpmuint8_t *p, size_t plen)
pgpHashAlgo pgpHashAlgoStringToNumber(const char *name, size_t name_len)
Convert a hash algorithm "foo" to the internal PGPHASHALGO_FOO number.
void pgpDigClean(pgpDig dig)
Release (malloc'd) data from container.
struct pgpPktKeyV4_s * pgpPktKeyV4
The version 4 format is similar to the version 3 format except for the absence of a validity period...
static void pgpPrtStr(const char *pre, const char *s)
static const char * pgpPublicECDSA[]
struct pgpValTbl_s pgpSigTypeTbl[]
int pgpGrabPkts(const rpmuint8_t *pkts, size_t pktlen, rpmuint8_t ***pppkts, int *pnpkts)
Return array of packet pointers.
struct pgpValTbl_s pgpPubkeyTbl[]
enum pgpPubkeyAlgo_e pgpPubkeyAlgo
9.1.
pgpDig pgpDigNew(pgpVSFlags vsflags, pgpPubkeyAlgo pubkey_algo)
Create a container for parsed OpenPGP packates.
static unsigned int pgpMpiLen(const rpmuint8_t *p)
Return no.
int pgpPrtSubType(const rpmuint8_t *h, size_t hlen, pgpSigType sigtype)
int pgpPrtComment(const pgpPkt pp)
static void pgpImplClean(void *impl)
rpmioPool rpmioNewPool(const char *name, size_t size, int limit, int flags, char *(*dbg)(void *item), void(*init)(void *item), void(*fini)(void *item))
Create a memory pool.
static pgpDig digGetPool(rpmioPool pool)
int pgpPubkeyFingerprint(const rpmuint8_t *pkt, size_t pktlen, rpmuint8_t *keyid)
Print/parse an OpenPGP subtype packet.
char * stpcpy(char *dest, const char *src)
struct pgpPktSigV3_s * pgpPktSigV3
5.2.2.
static void * _free(const void *p)
Wrapper to free(3), hides const compilation noise, permit NULL, return NULL.
int pgpPrtUserID(const pgpPkt pp)
static const char * pgpPublicDSA[]
pgpImplVecs_t rpmgcImplVecs
Implementation specific parameter storage.
struct pgpValTbl_s pgpKeyServerPrefsTbl[]
int pgpPrtPkts(const rpmuint8_t *pkts, size_t pktlen, pgpDig dig, int printing)
Print/parse a OpenPGP packet(s).
int rpmDigestFinal(DIGEST_CTX ctx, void *datap, size_t *lenp, int asAscii)
Return digest and destroy context.
static int pgpImplMpiItem(const char *pre, pgpDig dig, int itemno, const rpmuint8_t *p, const rpmuint8_t *pend)
int rpmbcExportPubkey(pgpDig dig)
static char * pgpHexStr(const rpmuint8_t *p, size_t plen)
Return hex formatted representation of bytes.
static const char * pgpSigRSA[]
void * pgpStatsAccumulator(pgpDig dig, int opx)
Return pgpDig container accumulator structure.
struct pgpPktKeyV3_s * pgpPktKeyV3
5.5.1.
static const char * pgpSigECDSA[]
The version 4 format is similar to the version 3 format except for the absence of a validity period...
int pgpPrtSig(const pgpPkt pp)
static void pgpPrtNL(void)
int pgpPrtKey(const pgpPkt pp)
void pgpPrtVal(const char *pre, pgpValTbl vs, rpmuint8_t val)
Print an OpenPGP value.
static pgpDigParams _digp