rpm  5.4.10
rpmpgp.c
Go to the documentation of this file.
1 
6 #include "system.h"
7 
8 #define _RPMIOB_INTERNAL
9 #include <rpmiotypes.h>
10 
11 #include <rpmio.h>
12 
13 #define _RPMPGP_INTERNAL
14 #include <rpmbc.h> /* XXX still needs base64 goop */
15 #if defined(WITH_NSS)
16 #include <rpmnss.h>
17 #endif
18 #include "debug.h"
19 
20 /*@access pgpDig @*/
21 /*@access pgpDigParams @*/
22 /*@access pgpPkt @*/
23 /*@access rpmiob @*/
24 
25 #ifdef __cplusplus
26 GENpair(rpmuint8_t **)
27 #endif /* __cplusplus */
28 /*@unchecked@*/
30 
31 /*@unchecked@*/
33 
34 /*@unchecked@*/
36 
37 /*@unchecked@*/
39  /* explicit selection (order DOES NOT matter here) */
40 #if defined(USE_CRYPTO_BEECRYPT) && defined(WITH_BEECRYPT)
42 #elif defined(USE_CRYPTO_GCRYPT) && defined(WITH_GCRYPT)
44 #elif defined(USE_CRYPTO_NSS) && defined(WITH_NSS)
46 #elif defined(USE_CRYPTO_OPENSSL) && defined(WITH_SSL)
48 #elif defined(USE_CRYPTO_CDSA) && defined(WITH_CDSA)
49  &rpmcdsaImplVecs;
50 #elif defined(USE_CRYPTO_TOMCRYPT) && defined(WITH_TOMCRYPT)
51  &rpmltcImplVecs;
52  /* implict selection (order DOES matter) */
53 #elif defined(WITH_BEECRYPT)
55 #elif defined(WITH_NSS)
57 #elif defined(WITH_GCRYPT)
59 #elif defined(WITH_SSL)
61 #elif defined(WITH_CDSA)
62  &rpmcdsaImplVecs;
63 #elif defined(WITH_TOMCRYPT)
64  &rpmltcImplVecs;
65 #else
66 #error INTERNAL ERROR: no suitable Cryptography library available
67 #endif
68 
69 /*@unchecked@*/ /*@refcounted@*/ /*@relnull@*/
70 static pgpDig _dig = NULL;
71 
72 /*@unchecked@*/ /*@null@*/
73 static pgpDigParams _digp = NULL;
74 
75 #ifdef DYING
76 struct pgpPkt_s {
77  pgpTag tag;
78  unsigned int pktlen;
79  const rpmuint8_t * h;
80  unsigned int hlen;
81 };
82 #endif
83 
85  { PGPSIGTYPE_BINARY, "BINARY" },
86  { PGPSIGTYPE_TEXT, "TEXT" },
87  { PGPSIGTYPE_STANDALONE, "STANDALONE" },
88  { PGPSIGTYPE_GENERIC_CERT, "GENERIC" },
89  { PGPSIGTYPE_PERSONA_CERT, "PERSONA" },
90  { PGPSIGTYPE_CASUAL_CERT, "CASUAL" },
91  { PGPSIGTYPE_POSITIVE_CERT, "POSITIVE" },
92  { PGPSIGTYPE_SUBKEY_BINDING,"SUBKEY_BIND" },
93  { PGPSIGTYPE_KEY_BINDING, "KEY_BIND" },
94  { PGPSIGTYPE_SIGNED_KEY, "KEY" },
95  { PGPSIGTYPE_KEY_REVOKE, "KEY_REVOKE" },
96  { PGPSIGTYPE_SUBKEY_REVOKE, "SUBKEY_REVOKE" },
97  { PGPSIGTYPE_CERT_REVOKE, "CERT_REVOKE" },
98  { PGPSIGTYPE_TIMESTAMP, "TIMESTAMP" },
99  { PGPSIGTYPE_CONFIRM, "CONFIRM" },
100  { -1, "SIG_UNKNOWN" },
101 };
102 
104  { PGPPUBKEYALGO_RSA, "RSA" },
105  { PGPPUBKEYALGO_RSA_ENCRYPT,"RSA(Encrypt-Only)" },
106  { PGPPUBKEYALGO_RSA_SIGN, "RSA(Sign-Only)" },
107  { PGPPUBKEYALGO_ELGAMAL_ENCRYPT,"ELG(Encrypt-Only)" },
108  { PGPPUBKEYALGO_DSA, "DSA" },
109  { PGPPUBKEYALGO_EC, "ECC" },
110  { PGPPUBKEYALGO_ECDSA, "ECDSA" },
111  { PGPPUBKEYALGO_ELGAMAL, "ELG" },
112  { PGPPUBKEYALGO_DH, "DH" },
113  { PGPPUBKEYALGO_ECDH, "ECDH" },
114  { -1, "KEY_UNKNOWN" },
115 };
116 
118  { PGPSYMKEYALGO_PLAINTEXT, "Plaintext" },
119  { PGPSYMKEYALGO_IDEA, "IDEA" },
120  { PGPSYMKEYALGO_TRIPLE_DES, "3DES" },
121  { PGPSYMKEYALGO_CAST5, "CAST5" },
122  { PGPSYMKEYALGO_BLOWFISH, "BLOWFISH" },
123  { PGPSYMKEYALGO_SAFER, "SAFER" },
124  { PGPSYMKEYALGO_DES_SK, "DES/SK" },
125  { PGPSYMKEYALGO_AES_128, "AES(128-bit key)" },
126  { PGPSYMKEYALGO_AES_192, "AES(192-bit key)" },
127  { PGPSYMKEYALGO_AES_256, "AES(256-bit key)" },
128  { PGPSYMKEYALGO_TWOFISH, "TWOFISH(256-bit key)" },
129  { PGPSYMKEYALGO_CAMELLIA_128, "CAMELLIA(128-bit key)" },
130  { PGPSYMKEYALGO_CAMELLIA_192, "CAMELLIA(192-bit key)" },
131  { PGPSYMKEYALGO_CAMELLIA_256, "CAMELLIA(256-bit key)" },
132  { PGPSYMKEYALGO_NOENCRYPT, "no encryption" },
133  { -1, "SYM_UNKNOWN" },
134 };
135 
137  { PGPCOMPRESSALGO_NONE, "Uncompressed" },
138  { PGPCOMPRESSALGO_ZIP, "ZIP" },
139  { PGPCOMPRESSALGO_ZLIB, "ZLIB" },
140  { PGPCOMPRESSALGO_BZIP2, "BZIP2" },
141  { -1, "Unknown compression algorithm" },
142 };
143 
145  { PGPHASHALGO_MD5, "MD5" },
146  { PGPHASHALGO_SHA1, "SHA1" },
147  { PGPHASHALGO_RIPEMD160, "RIPEMD160" },
148  { PGPHASHALGO_MD2, "MD2" },
149  { PGPHASHALGO_TIGER192, "TIGER192" },
150  { PGPHASHALGO_HAVAL_5_160, "HAVAL-5-160" },
151  { PGPHASHALGO_SHA224, "SHA224" },
152  { PGPHASHALGO_SHA256, "SHA256" },
153  { PGPHASHALGO_SHA384, "SHA384" },
154  { PGPHASHALGO_SHA512, "SHA512" },
155  { -1, "MD_UNKNOWN" },
156 };
157 
158 /*@-exportlocal -exportheadervar@*/
159 /*@observer@*/ /*@unchecked@*/
161  { 0x80, "No-modify" },
162  { -1, "Unknown key server preference" },
163 };
164 /*@=exportlocal =exportheadervar@*/
165 
167  { PGPSUBTYPE_SIG_CREATE_TIME,"created" },
168  { PGPSUBTYPE_SIG_EXPIRE_TIME,"expires" },
169  { PGPSUBTYPE_EXPORTABLE_CERT,"exportable" },
170  { PGPSUBTYPE_TRUST_SIG, "trust signature" },
171  { PGPSUBTYPE_REGEX, "regular expression" },
172  { PGPSUBTYPE_REVOCABLE, "revocable" },
173  { PGPSUBTYPE_KEY_EXPIRE_TIME,"key expiration time" },
174  { PGPSUBTYPE_ARR, "additional recipient request" },
175  { PGPSUBTYPE_PREFER_SYMKEY, "preferred symmetric algorithms" },
176  { PGPSUBTYPE_REVOKE_KEY, "revocation key" },
177  { PGPSUBTYPE_ISSUER_KEYID, "issuer" },
178  { PGPSUBTYPE_NOTATION, "notation data" },
179  { PGPSUBTYPE_PREFER_HASH, "preferred hash algorithms" },
180  { PGPSUBTYPE_PREFER_COMPRESS,"preferred compression algorithms" },
181  { PGPSUBTYPE_KEYSERVER_PREFERS,"key server preferences" },
182  { PGPSUBTYPE_PREFER_KEYSERVER,"preferred key server" },
183  { PGPSUBTYPE_PRIMARY_USERID,"primary user id" },
184  { PGPSUBTYPE_POLICY_URL, "policy URL" },
185  { PGPSUBTYPE_KEY_FLAGS, "key flags" },
186  { PGPSUBTYPE_SIGNER_USERID, "signer's user id" },
187  { PGPSUBTYPE_REVOKE_REASON, "reason for revocation" },
188  { PGPSUBTYPE_FEATURES, "features" },
189  { PGPSUBTYPE_SIG_TARGET, "signature target" },
190  { PGPSUBTYPE_EMBEDDED_SIG, "embedded signature" },
191 
192  { PGPSUBTYPE_INTERNAL_100, "internal subpkt type 100" },
193  { PGPSUBTYPE_INTERNAL_101, "internal subpkt type 101" },
194  { PGPSUBTYPE_INTERNAL_102, "internal subpkt type 102" },
195  { PGPSUBTYPE_INTERNAL_103, "internal subpkt type 103" },
196  { PGPSUBTYPE_INTERNAL_104, "internal subpkt type 104" },
197  { PGPSUBTYPE_INTERNAL_105, "internal subpkt type 105" },
198  { PGPSUBTYPE_INTERNAL_106, "internal subpkt type 106" },
199  { PGPSUBTYPE_INTERNAL_107, "internal subpkt type 107" },
200  { PGPSUBTYPE_INTERNAL_108, "internal subpkt type 108" },
201  { PGPSUBTYPE_INTERNAL_109, "internal subpkt type 109" },
202  { PGPSUBTYPE_INTERNAL_110, "internal subpkt type 110" },
203  { -1, "Unknown signature subkey type" },
204 };
205 
206 struct pgpValTbl_s pgpTagTbl[] = {
207  { PGPTAG_PUBLIC_SESSION_KEY,"Public-Key Encrypted Session Key" },
208  { PGPTAG_SIGNATURE, "Signature" },
209  { PGPTAG_SYMMETRIC_SESSION_KEY,"Symmetric-Key Encrypted Session Key" },
210  { PGPTAG_ONEPASS_SIGNATURE, "One-Pass Signature" },
211  { PGPTAG_SECRET_KEY, "Secret Key" },
212  { PGPTAG_PUBLIC_KEY, "Public Key" },
213  { PGPTAG_SECRET_SUBKEY, "Secret Subkey" },
214  { PGPTAG_COMPRESSED_DATA, "Compressed Data" },
215  { PGPTAG_SYMMETRIC_DATA, "Symmetrically Encrypted Data" },
216  { PGPTAG_MARKER, "Marker" },
217  { PGPTAG_LITERAL_DATA, "Literal Data" },
218  { PGPTAG_TRUST, "Trust" },
219  { PGPTAG_USER_ID, "User ID" },
220  { PGPTAG_PUBLIC_SUBKEY, "Public Subkey" },
221  { PGPTAG_COMMENT_OLD, "Comment (from OpenPGP draft)" },
222  { PGPTAG_PHOTOID, "PGP's photo ID" },
223  { PGPTAG_ENCRYPTED_MDC, "Integrity protected encrypted data" },
224  { PGPTAG_MDC, "Manipulaion detection code packet" },
225  { PGPTAG_PRIVATE_60, "Private #60" },
226  { PGPTAG_COMMENT, "Comment" },
227  { PGPTAG_PRIVATE_62, "Private #62" },
228  { PGPTAG_CONTROL, "Control (GPG)" },
229  { -1, "TAG_UNKNOWN" },
230 };
231 
233  { PGPARMOR_MESSAGE, "MESSAGE" },
234  { PGPARMOR_PUBKEY, "PUBLIC KEY BLOCK" },
235  { PGPARMOR_SIGNATURE, "SIGNATURE" },
236  { PGPARMOR_SIGNED_MESSAGE, "SIGNED MESSAGE" },
237  { PGPARMOR_FILE, "ARMORED FILE" },
238  { PGPARMOR_PRIVKEY, "PRIVATE KEY BLOCK" },
239  { PGPARMOR_SECKEY, "SECRET KEY BLOCK" },
240  { -1, "Unknown armor block" }
241 };
242 
244  { PGPARMORKEY_VERSION, "Version: " },
245  { PGPARMORKEY_COMMENT, "Comment: " },
246  { PGPARMORKEY_MESSAGEID, "MessageID: " },
247  { PGPARMORKEY_HASH, "Hash: " },
248  { PGPARMORKEY_CHARSET, "Charset: " },
249  { -1, "Unknown armor key" }
250 };
251 
252 static void pgpPrtNL(void)
253  /*@globals fileSystem @*/
254  /*@modifies fileSystem @*/
255 {
256  if (!_pgp_print) return;
257  fprintf(stderr, "\n");
258 }
259 
260 static void pgpPrtInt(const char *pre, int i)
261  /*@globals fileSystem @*/
262  /*@modifies fileSystem @*/
263 {
264  if (!_pgp_print) return;
265  if (pre && *pre)
266  fprintf(stderr, "%s", pre);
267  fprintf(stderr, " %d", i);
268 }
269 
270 static void pgpPrtStr(const char *pre, const char *s)
271  /*@globals fileSystem @*/
272  /*@modifies fileSystem @*/
273 {
274  if (!_pgp_print) return;
275  if (pre && *pre)
276  fprintf(stderr, "%s", pre);
277  fprintf(stderr, " %s", s);
278 }
279 
280 static void pgpPrtHex(const char *pre, const rpmuint8_t * p, size_t plen)
281  /*@globals fileSystem @*/
282  /*@modifies fileSystem @*/
283 {
284  if (!_pgp_print) return;
285  if (pre && *pre)
286  fprintf(stderr, "%s", pre);
287  fprintf(stderr, " %s", pgpHexStr(p, plen));
288 }
289 
290 void pgpPrtVal(const char * pre, pgpValTbl vs, rpmuint8_t val)
291  /*@globals fileSystem @*/
292  /*@modifies fileSystem @*/
293 {
294  if (!_pgp_print) return;
295  if (pre && *pre)
296  fprintf(stderr, "%s", pre);
297  fprintf(stderr, "%s(%u)", pgpValStr(vs, val), (unsigned)val);
298 }
299 
300 int pgpPrtSubType(const rpmuint8_t * h, size_t hlen, pgpSigType sigtype)
301 {
302  const rpmuint8_t * p = h;
303  unsigned plen;
304  unsigned i;
305 
306  while (hlen > 0) {
307  i = pgpLen(p, &plen);
308  p += i;
309  hlen -= i;
310 
311  pgpPrtVal(" ", pgpSubTypeTbl, (p[0]&(~PGPSUBTYPE_CRITICAL)));
312  if ((p[0] & PGPSUBTYPE_CRITICAL) != (rpmuint8_t)0)
313  if (_pgp_print)
314  fprintf(stderr, " *CRITICAL*");
315  switch (*p) {
316  case PGPSUBTYPE_PREFER_SYMKEY: /* preferred symmetric algorithms */
317  for (i = 1; i < plen; i++)
318  pgpPrtVal(" ", pgpSymkeyTbl, p[i]);
319  /*@switchbreak@*/ break;
320  case PGPSUBTYPE_PREFER_HASH: /* preferred hash algorithms */
321  for (i = 1; i < plen; i++)
322  pgpPrtVal(" ", pgpHashTbl, p[i]);
323  /*@switchbreak@*/ break;
324  case PGPSUBTYPE_PREFER_COMPRESS:/* preferred compression algorithms */
325  for (i = 1; i < plen; i++)
326  pgpPrtVal(" ", pgpCompressionTbl, p[i]);
327  /*@switchbreak@*/ break;
328  case PGPSUBTYPE_KEYSERVER_PREFERS:/* key server preferences */
329  for (i = 1; i < plen; i++)
330  pgpPrtVal(" ", pgpKeyServerPrefsTbl, p[i]);
331  /*@switchbreak@*/ break;
333 /*@-mods -mayaliasunique @*/
334  if (_digp && !(_digp->saved & PGPDIG_SAVED_TIME) &&
335  (sigtype == PGPSIGTYPE_POSITIVE_CERT || sigtype == PGPSIGTYPE_BINARY || sigtype == PGPSIGTYPE_TEXT || sigtype == PGPSIGTYPE_STANDALONE))
336  {
337  _digp->saved |= PGPDIG_SAVED_TIME;
338  memcpy(_digp->time, p+1, sizeof(_digp->time));
339  }
340 /*@=mods =mayaliasunique @*/
341  if ((plen - 1) == 4) {
342  time_t t = pgpGrab(p+1, plen-1);
343  if (_pgp_print)
344  fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t);
345  } else
346  pgpPrtHex("", p+1, plen-1);
347  /*@switchbreak@*/ break;
349  case PGPSUBTYPE_KEY_EXPIRE_TIME: /* XXX only on self-signature */
350  if ((plen - 1) == 4) {
351  time_t t = pgpGrab(p+1, plen-1);
352  if (_digp->saved & PGPDIG_SAVED_TIME)
353  t += pgpGrab(_digp->time, sizeof(_digp->time));
354  if (_pgp_print)
355  fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t);
356  } else
357  pgpPrtHex("", p+1, plen-1);
358  /*@switchbreak@*/ break;
359 
360  case PGPSUBTYPE_ISSUER_KEYID: /* issuer key ID */
361 /*@-mods -mayaliasunique @*/
362  if (_digp && !(_digp->saved & PGPDIG_SAVED_ID) &&
363  (sigtype == PGPSIGTYPE_POSITIVE_CERT || sigtype == PGPSIGTYPE_BINARY || sigtype == PGPSIGTYPE_TEXT || sigtype == PGPSIGTYPE_STANDALONE))
364  {
365  _digp->saved |= PGPDIG_SAVED_ID;
366  memcpy(_digp->signid, p+1, sizeof(_digp->signid));
367  }
368 /*@=mods =mayaliasunique @*/
369  /*@fallthrough@*/
372  case PGPSUBTYPE_REGEX:
374  case PGPSUBTYPE_ARR:
376  case PGPSUBTYPE_NOTATION:
383  case PGPSUBTYPE_FEATURES:
397  default:
398  pgpPrtHex("", p+1, plen-1);
399  /*@switchbreak@*/ break;
400  }
401  pgpPrtNL();
402  p += plen;
403  hlen -= plen;
404  }
405  return 0;
406 }
407 
408 /*@-varuse =readonlytrans -nullassign @*/
409 /*@observer@*/ /*@unchecked@*/
410 static const char * pgpSigRSA[] = {
411  " m**d =",
412  NULL,
413 };
414 
415 /*@observer@*/ /*@unchecked@*/
416 static const char * pgpSigDSA[] = {
417  " r =",
418  " s =",
419  NULL,
420 };
421 
422 /*@observer@*/ /*@unchecked@*/
423 static const char * pgpSigECDSA[] = {
424  " r =",
425  " s =",
426  NULL,
427 };
428 /*@=varuse =readonlytrans =nullassign @*/
429 
430 int pgpPrtSigParams(pgpDig dig, const pgpPkt pp, pgpPubkeyAlgo pubkey_algo,
431  pgpSigType sigtype, const rpmuint8_t * p)
432 {
433  const rpmuint8_t * pend = pp->u.h + pp->hlen;
434  int xx;
435  int i;
436 
437  for (i = 0; p < pend; i++, p += pgpMpiLen(p)) {
438  if (pubkey_algo == PGPPUBKEYALGO_RSA) {
439  if (i >= 1) break;
440  if (dig &&
441  (dig != _dig || sigtype == PGPSIGTYPE_BINARY || sigtype == PGPSIGTYPE_TEXT))
442  {
443  xx = 0;
444  switch (i) {
445  case 0: /* m**d */
446  xx = pgpImplMpiItem(pgpSigRSA[i], dig, 10+i, p, pend);
447  /*@switchbreak@*/ break;
448  default:
449  xx = 1;
450  /*@switchbreak@*/ break;
451  }
452  if (xx) return xx;
453  }
454  pgpPrtStr("", pgpSigRSA[i]);
455  } else if (pubkey_algo == PGPPUBKEYALGO_DSA) {
456  if (i >= 2) break;
457  if (dig &&
458  (dig != _dig || sigtype == PGPSIGTYPE_BINARY || sigtype == PGPSIGTYPE_TEXT))
459  {
460  xx = 0;
461  switch (i) {
462  case 0: /* r */
463  xx = pgpImplMpiItem(pgpSigDSA[i], dig, 20+i, p, pend);
464  /*@switchbreak@*/ break;
465  case 1: /* s */
466  xx = pgpImplMpiItem(pgpSigDSA[i], dig, 20+i, p, pend);
467  /*@switchbreak@*/ break;
468  default:
469  xx = 1;
470  /*@switchbreak@*/ break;
471  }
472  if (xx) return xx;
473  }
474  pgpPrtStr("", pgpSigDSA[i]);
475  } else if (pubkey_algo == PGPPUBKEYALGO_ECDSA) {
476  if (i >= 2) break;
477  if (dig &&
478  (dig != _dig || sigtype == PGPSIGTYPE_BINARY || sigtype == PGPSIGTYPE_TEXT))
479  {
480  xx = 0;
481  switch (i) {
482  case 0: /* r */
483  xx = pgpImplMpiItem(pgpSigECDSA[i], dig, 50+i, p, pend);
484  /*@switchbreak@*/ break;
485  case 1: /* s */
486  xx = pgpImplMpiItem(pgpSigECDSA[i], dig, 50+i, p, pend);
487  /*@switchbreak@*/ break;
488  default:
489  xx = 1;
490  /*@switchbreak@*/ break;
491  }
492  if (xx) return xx;
493  }
494  pgpPrtStr("", pgpSigECDSA[i]);
495  } else {
496  if (_pgp_print)
497  fprintf(stderr, "%7d", i);
498  }
499  pgpPrtStr("", pgpMpiStr(p));
500  pgpPrtNL();
501  }
502 
503  return 0;
504 }
505 
506 int pgpPrtSig(const pgpPkt pp)
507  /*@globals _digp @*/
508  /*@modifies *_digp @*/
509 {
510  rpmuint8_t version = pp->u.h[0];
511  rpmuint8_t * p;
512  unsigned plen;
513  int rc;
514 
515  switch (version) {
516  case 3:
517  { pgpPktSigV3 v = (pgpPktSigV3)pp->u.h;
518  time_t t;
519 
520  if (v->hashlen != (rpmuint8_t)5)
521  return 1;
522 
523  pgpPrtVal("V3 ", pgpTagTbl, (rpmuint8_t)pp->tag);
524  pgpPrtVal(" ", pgpPubkeyTbl, v->pubkey_algo);
525  pgpPrtVal(" ", pgpHashTbl, v->hash_algo);
526  pgpPrtVal(" ", pgpSigTypeTbl, v->sigtype);
527  pgpPrtNL();
528  t = pgpGrab(v->time, sizeof(v->time));
529  if (_pgp_print)
530  fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t);
531  pgpPrtNL();
532  pgpPrtHex(" signer keyid", v->signid, sizeof(v->signid));
533  plen = pgpGrab(v->signhash16, sizeof(v->signhash16));
534  pgpPrtHex(" signhash16", v->signhash16, sizeof(v->signhash16));
535  pgpPrtNL();
536 
537  if (_digp && _digp->pubkey_algo == (rpmuint8_t)0) {
538  _digp->version = v->version;
539  _digp->hashlen = (size_t) v->hashlen;
540  _digp->sigtype = v->sigtype;
541  _digp->hash = &v->sigtype;
542  memcpy(_digp->time, v->time, sizeof(_digp->time));
543  memcpy(_digp->signid, v->signid, sizeof(_digp->signid));
544  _digp->pubkey_algo = v->pubkey_algo;
545  _digp->hash_algo = v->hash_algo;
546  memcpy(_digp->signhash16, v->signhash16, sizeof(_digp->signhash16));
547  }
548 
549  p = ((rpmuint8_t *)v) + sizeof(*v);
550  rc = pgpPrtSigParams(_dig, pp, (pgpPubkeyAlgo)v->pubkey_algo,
551  (pgpSigType)v->sigtype, p);
552  } break;
553  case 4:
554  { pgpPktSigV4 v = (pgpPktSigV4)pp->u.h;
555 
556  pgpPrtVal("V4 ", pgpTagTbl, (rpmuint8_t)pp->tag);
557  pgpPrtVal(" ", pgpPubkeyTbl, v->pubkey_algo);
558  pgpPrtVal(" ", pgpHashTbl, v->hash_algo);
559  pgpPrtVal(" ", pgpSigTypeTbl, v->sigtype);
560  pgpPrtNL();
561 
562  p = &v->hashlen[0];
563  plen = pgpGrab(v->hashlen, sizeof(v->hashlen));
564  p += sizeof(v->hashlen);
565 
566  if ((p + plen) > (pp->u.h + pp->hlen))
567  return 1;
568 
569 if (_pgp_debug && _pgp_print)
570 fprintf(stderr, " hash[%u] -- %s\n", plen, pgpHexStr(p, plen));
571  if (_digp && _digp->pubkey_algo == (rpmuint8_t)0) {
572  _digp->hashlen = sizeof(*v) + plen;
573  _digp->hash = pp->u.h;
574  }
575  (void) pgpPrtSubType(p, plen, (pgpSigType)v->sigtype);
576  p += plen;
577 
578  plen = pgpGrab(p, 2);
579  p += 2;
580 
581  if ((p + plen) > (pp->u.h + pp->hlen))
582  return 1;
583 
584 if (_pgp_debug && _pgp_print)
585 fprintf(stderr, " unhash[%u] -- %s\n", plen, pgpHexStr(p, plen));
586  (void) pgpPrtSubType(p, plen, (pgpSigType)v->sigtype);
587  p += plen;
588 
589  plen = pgpGrab(p,2);
590  pgpPrtHex(" signhash16", p, 2);
591  pgpPrtNL();
592 
593  if (_digp && _digp->pubkey_algo == (rpmuint8_t)0) {
594  _digp->version = v->version;
595  _digp->sigtype = v->sigtype;
596  _digp->pubkey_algo = v->pubkey_algo;
597  _digp->hash_algo = v->hash_algo;
598  memcpy(_digp->signhash16, p, sizeof(_digp->signhash16));
599  }
600 
601  p += 2;
602  if (p > (pp->u.h + pp->hlen))
603  return 1;
604 
605  rc = pgpPrtSigParams(_dig, pp, (pgpPubkeyAlgo)v->pubkey_algo,
606  (pgpSigType)v->sigtype, p);
607  } break;
608  default:
609  rc = 1;
610  break;
611  }
612  return rc;
613 }
614 
615 /*@-varuse =readonlytrans -nullassign @*/
616 /*@observer@*/ /*@unchecked@*/
617 static const char * pgpPublicRSA[] = {
618  " n =",
619  " e =",
620  NULL,
621 };
622 
623 #ifdef NOTYET
624 /*@observer@*/ /*@unchecked@*/
625 static const char * pgpSecretRSA[] = {
626  " d =",
627  " p =",
628  " q =",
629  " u =",
630  NULL,
631 };
632 #endif
633 
634 /*@observer@*/ /*@unchecked@*/
635 static const char * pgpPublicDSA[] = {
636  " p =",
637  " q =",
638  " g =",
639  " y =",
640  NULL,
641 };
642 
643 #ifdef NOTYET
644 /*@observer@*/ /*@unchecked@*/
645 static const char * pgpSecretDSA[] = {
646  " x =",
647  NULL,
648 };
649 #endif
650 
651 /*@observer@*/ /*@unchecked@*/
652 static const char * pgpPublicECDSA[] = {
653  " Q =",
654  NULL,
655 };
656 
657 #ifdef NOTYET
658 /*@observer@*/ /*@unchecked@*/
659 static const char * pgpSecretECDSA[] = {
660  " d =",
661  NULL,
662 };
663 #endif
664 
665 /*@observer@*/ /*@unchecked@*/
666 static const char * pgpPublicELGAMAL[] = {
667  " p =",
668  " g =",
669  " y =",
670  NULL,
671 };
672 
673 #ifdef NOTYET
674 /*@observer@*/ /*@unchecked@*/
675 static const char * pgpSecretELGAMAL[] = {
676  " x =",
677  NULL,
678 };
679 #endif
680 /*@=varuse =readonlytrans =nullassign @*/
681 
683  pgpPubkeyAlgo pubkey_algo, /*@returned@*/ const rpmuint8_t * p)
684 {
685  const rpmuint8_t * pend = pp->u.h + pp->hlen;
686  int i;
687 
688  for (i = 0; p < pend; i++, p += pgpMpiLen(p)) {
689  if (pubkey_algo == PGPPUBKEYALGO_RSA) {
690  if (i >= 2) break;
691  if (dig) {
692  switch (i) {
693  case 0: /* n */
694  (void) pgpImplMpiItem(pgpPublicRSA[i], dig, 30+i, p, NULL);
695  /*@switchbreak@*/ break;
696  case 1: /* e */
697  (void) pgpImplMpiItem(pgpPublicRSA[i], dig, 30+i, p, NULL);
698  /*@switchbreak@*/ break;
699  default:
700  /*@switchbreak@*/ break;
701  }
702  }
703  pgpPrtStr("", pgpPublicRSA[i]);
704  } else if (pubkey_algo == PGPPUBKEYALGO_DSA) {
705  if (i >= 4) break;
706  if (dig) {
707  switch (i) {
708  case 0: /* p */
709  (void) pgpImplMpiItem(pgpPublicDSA[i], dig, 40+i, p, NULL);
710  /*@switchbreak@*/ break;
711  case 1: /* q */
712  (void) pgpImplMpiItem(pgpPublicDSA[i], dig, 40+i, p, NULL);
713  /*@switchbreak@*/ break;
714  case 2: /* g */
715  (void) pgpImplMpiItem(pgpPublicDSA[i], dig, 40+i, p, NULL);
716  /*@switchbreak@*/ break;
717  case 3: /* y */
718  (void) pgpImplMpiItem(pgpPublicDSA[i], dig, 40+i, p, NULL);
719  /*@switchbreak@*/ break;
720  default:
721  /*@switchbreak@*/ break;
722  }
723  }
724  pgpPrtStr("", pgpPublicDSA[i]);
725  } else if (pubkey_algo == PGPPUBKEYALGO_ECDSA) {
726  if (i >= 1) break;
727  if (dig) {
728  switch (i) {
729  case 0: /* curve & Q */
730  (void) pgpImplMpiItem(pgpPublicECDSA[i], dig, 60, p+1, p+1+p[0]);
731  (void) pgpImplMpiItem(pgpPublicECDSA[i], dig, 61, p+1+p[0], NULL);
732  /*@switchbreak@*/ break;
733  default:
734  /*@switchbreak@*/ break;
735  }
736  }
737  if (i == 0) {
738  pgpPrtHex(" Curve = [ OID]:", p+1, p[0]);
739  p += 1 + p[0];
740  pgpPrtNL();
741  }
742  pgpPrtStr("", pgpPublicECDSA[i]);
743  } else if (pubkey_algo == PGPPUBKEYALGO_ELGAMAL_ENCRYPT) {
744  if (i >= 3) break;
745  pgpPrtStr("", pgpPublicELGAMAL[i]);
746  } else {
747  if (_pgp_print)
748  fprintf(stderr, "%7d", i);
749  }
750  pgpPrtStr("", pgpMpiStr(p));
751  pgpPrtNL();
752  }
753 
754  return p;
755 }
756 
757 static const rpmuint8_t * pgpPrtSeckeyParams(const pgpPkt pp,
758  /*@unused@*/ rpmuint8_t pubkey_algo,
759  /*@returned@*/ const rpmuint8_t *p)
760  /*@globals fileSystem @*/
761  /*@modifies fileSystem @*/
762 {
763  int i;
764 
765  switch (*p) {
766  case 0:
767  pgpPrtVal(" ", pgpSymkeyTbl, *p);
768  break;
769  case 255:
770  p++;
771  pgpPrtVal(" ", pgpSymkeyTbl, *p);
772  switch (p[1]) {
773  case 0x00:
774  pgpPrtVal(" simple ", pgpHashTbl, p[2]);
775  p += 2;
776  /*@innerbreak@*/ break;
777  case 0x01:
778  pgpPrtVal(" salted ", pgpHashTbl, p[2]);
779  pgpPrtHex("", p+3, 8);
780  p += 10;
781  /*@innerbreak@*/ break;
782  case 0x03:
783  pgpPrtVal(" iterated/salted ", pgpHashTbl, p[2]);
784  i = (16 + ((unsigned)p[11] & 0xf)) << (((unsigned)p[11] >> 4U) + 6);
785  pgpPrtHex("", p+3, 8);
786  pgpPrtInt(" iter", i);
787  p += 11;
788  /*@innerbreak@*/ break;
789  }
790  break;
791  default:
792  pgpPrtVal(" ", pgpSymkeyTbl, *p);
793  pgpPrtHex(" IV", p+1, 8);
794  p += 8;
795  break;
796  }
797  pgpPrtNL();
798 
799  p++;
800 
801 #ifdef NOTYET /* XXX encrypted MPI's need to be handled. */
802  for (i = 0; p < &pp->u.h[pp->hlen]; i++, p += pgpMpiLen(p)) {
803  if (pubkey_algo == PGPPUBKEYALGO_RSA) {
804  if (pgpSecretRSA[i] == NULL) break;
805  pgpPrtStr("", pgpSecretRSA[i]);
806  } else if (pubkey_algo == PGPPUBKEYALGO_DSA) {
807  if (pgpSecretDSA[i] == NULL) break;
808  pgpPrtStr("", pgpSecretDSA[i]);
809  } else if (pubkey_algo == PGPPUBKEYALGO_ECDSA) {
810  if (pgpSecretECDSA[i] == NULL) break;
811  pgpPrtStr("", pgpSecretECDSA[i]);
812  } else if (pubkey_algo == PGPPUBKEYALGO_ELGAMAL_ENCRYPT) {
813  if (pgpSecretELGAMAL[i] == NULL) break;
814  pgpPrtStr("", pgpSecretELGAMAL[i]);
815  } else {
816  if (_pgp_print)
817  fprintf(stderr, "%7d", i);
818  }
819  pgpPrtStr("", pgpMpiStr(p));
820  pgpPrtNL();
821  }
822 #else
823  pgpPrtHex(" secret", p, (pp->hlen - (p - pp->u.h) - 2));
824  pgpPrtNL();
825  p += (pp->hlen - (p - pp->u.h) - 2);
826 #endif
827  pgpPrtHex(" checksum", p, 2);
828  pgpPrtNL();
829 
830  return p;
831 }
832 
833 int pgpPrtKey(const pgpPkt pp)
834  /*@globals _digp @*/
835  /*@modifies *_digp @*/
836 {
837  rpmuint8_t version = pp->u.h[0];
838  const rpmuint8_t * p;
839  unsigned plen;
840  time_t t;
841  int rc;
842 
843  switch (version) {
844  case 3:
845  { pgpPktKeyV3 v = (pgpPktKeyV3)pp->u.h;
846  pgpPrtVal("V3 ", pgpTagTbl, (rpmuint8_t)pp->tag);
847  pgpPrtVal(" ", pgpPubkeyTbl, v->pubkey_algo);
848  t = pgpGrab(v->time, sizeof(v->time));
849  if (_pgp_print)
850  fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t);
851  plen = pgpGrab(v->valid, sizeof(v->valid));
852  if (plen != 0)
853  fprintf(stderr, " valid %u days", plen);
854  pgpPrtNL();
855 
856  if (_digp && _digp->tag == (rpmuint8_t)pp->tag) {
857  _digp->version = v->version;
858  memcpy(_digp->time, v->time, sizeof(_digp->time));
859  _digp->pubkey_algo = v->pubkey_algo;
860  }
861 
862  p = ((rpmuint8_t *)v) + sizeof(*v);
863  p = pgpPrtPubkeyParams(_dig, pp, (pgpPubkeyAlgo)v->pubkey_algo, p);
864  rc = 0;
865  } break;
866  case 4:
867  { pgpPktKeyV4 v = (pgpPktKeyV4)pp->u.h;
868  pgpPrtVal("V4 ", pgpTagTbl, (rpmuint8_t)pp->tag);
869  pgpPrtVal(" ", pgpPubkeyTbl, v->pubkey_algo);
870  t = pgpGrab(v->time, sizeof(v->time));
871  if (_pgp_print)
872  fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t);
873  pgpPrtNL();
874 
875  if (_digp && _digp->tag == (rpmuint8_t)pp->tag) {
876  _digp->version = v->version;
877  memcpy(_digp->time, v->time, sizeof(_digp->time));
878  _digp->pubkey_algo = v->pubkey_algo;
879  }
880 
881  p = ((rpmuint8_t *)v) + sizeof(*v);
882  p = pgpPrtPubkeyParams(_dig, pp, (pgpPubkeyAlgo)v->pubkey_algo, p);
883  if (!(pp->tag == PGPTAG_PUBLIC_KEY || pp->tag == PGPTAG_PUBLIC_SUBKEY))
884  p = pgpPrtSeckeyParams(pp, v->pubkey_algo, p);
885  rc = 0;
886  } break;
887  default:
888  rc = 1;
889  break;
890  }
891  return rc;
892 }
893 
894 int pgpPrtUserID(const pgpPkt pp)
895  /*@globals _digp @*/
896  /*@modifies *_digp @*/
897 {
898  pgpPrtVal("", pgpTagTbl, (rpmuint8_t)pp->tag);
899  if (_pgp_print)
900  fprintf(stderr, " \"%.*s\"", (int)pp->hlen, (const char *)pp->u.h);
901  pgpPrtNL();
902  if (_digp) {
903  char * t = (char *) memcpy(xmalloc(pp->hlen+1), pp->u.h, pp->hlen);
904  t[pp->hlen] = '\0';
905  _digp->userid = _free(_digp->userid);
906  _digp->userid = t;
907  }
908  return 0;
909 }
910 
911 int pgpPrtComment(const pgpPkt pp)
912 {
913  const rpmuint8_t * h = pp->u.h;
914  int i = pp->hlen;
915 
916  pgpPrtVal("", pgpTagTbl, (rpmuint8_t)pp->tag);
917  if (_pgp_print)
918  fprintf(stderr, " ");
919  while (i > 0) {
920  int j;
921  if (*h >= (rpmuint8_t)' ' && *h <= (rpmuint8_t)'z') {
922  j = 0;
923  while (j < i && h[j] != (rpmuint8_t)'\0')
924  j++;
925  while (j < i && h[j] == (rpmuint8_t)'\0')
926  j++;
927  if (_pgp_print && j)
928  fprintf(stderr, "%.*s", (int)strlen((const char *)h), (const char *)h);
929  } else {
930  pgpPrtHex("", h, i);
931  j = i;
932  }
933  i -= j;
934  h += j;
935  }
936  pgpPrtNL();
937  return 0;
938 }
939 
940 int pgpPktLen(const rpmuint8_t *pkt, size_t pleft, pgpPkt pp)
941 {
942  unsigned int val = (unsigned int)*pkt;
943  unsigned int plen;
944 
945  memset(pp, 0, sizeof(*pp));
946  /* XXX can't deal with these. */
947  if (!(val & 0x80))
948  return -1;
949 
950  if (val & 0x40) {
951  pp->tag = (pgpTag) (val & 0x3f);
952  plen = pgpLen(pkt+1, &pp->hlen);
953  } else {
954  pp->tag = (pgpTag) ((val >> 2) & 0xf);
955  plen = (1 << (val & 0x3));
956  pp->hlen = pgpGrab(pkt+1, plen);
957  }
958 
959  pp->pktlen = 1 + plen + pp->hlen;
960  if (pleft > 0 && pp->pktlen > (unsigned)pleft)
961  return -1;
962 
963 /*@-assignexpose -temptrans @*/
964  pp->u.h = pkt + 1 + plen;
965 /*@=assignexpose =temptrans @*/
966 
967  return pp->pktlen;
968 }
969 
970 int pgpPubkeyFingerprint(const rpmuint8_t * pkt, size_t pktlen, rpmuint8_t * keyid)
971 {
972  pgpPkt pp = (pgpPkt) alloca(sizeof(*pp));
973  int rc = pgpPktLen(pkt, pktlen, pp);
974  const rpmuint8_t * se;
975  int i;
976 
977  if (!(pp->tag == PGPTAG_PUBLIC_KEY || pp->tag == PGPTAG_PUBLIC_SUBKEY))
978  return -1;
979 
980  /* Choose the correct keyid. */
981  switch (pp->u.h[0]) {
982  default: return -1;
983  case 3:
984  { pgpPktKeyV3 v = (pgpPktKeyV3) (pp->u.h);
985  se = (rpmuint8_t *)(v + 1);
986  switch (v->pubkey_algo) {
987  default: return -1;
988  case PGPPUBKEYALGO_RSA:
989  se += pgpMpiLen(se);
990  memmove(keyid, (se-8), 8);
991  /*@innerbreak@*/ break;
992  }
993  } break;
994  case 4:
995  { pgpPktKeyV4 v = (pgpPktKeyV4) (pp->u.h);
996  rpmuint8_t * d = NULL;
997  size_t dlen = 0;
998 
999  se = (rpmuint8_t *)(v + 1);
1000  switch (v->pubkey_algo) {
1001  default: return -1;
1002  case PGPPUBKEYALGO_RSA:
1003  for (i = 0; i < 2; i++)
1004  se += pgpMpiLen(se);
1005  /*@innerbreak@*/ break;
1006  case PGPPUBKEYALGO_DSA:
1007  for (i = 0; i < 4; i++)
1008  se += pgpMpiLen(se);
1009  /*@innerbreak@*/ break;
1010  case PGPPUBKEYALGO_ECDSA:
1011  se += 1 + se[0];
1012  for (i = 0; i < 1; i++)
1013  se += pgpMpiLen(se);
1014  /*@innerbreak@*/ break;
1015  }
1017  (void) rpmDigestUpdate(ctx, pkt, (se-pkt));
1018  (void) rpmDigestFinal(ctx, &d, &dlen, 0);
1019  }
1020 
1021  memmove(keyid, (d + (dlen-8)), 8);
1022  d = _free(d);
1023  } break;
1024  }
1025  rc = 0;
1026  return rc;
1027 }
1028 
1029 int pgpExtractPubkeyFingerprint(const char * b64pkt, rpmuint8_t * keyid)
1030 {
1031  const rpmuint8_t * pkt;
1032  size_t pktlen;
1033 
1034  if (b64decode(b64pkt, (void **)&pkt, &pktlen))
1035  return -1; /* on error */
1036  (void) pgpPubkeyFingerprint(pkt, (unsigned int)pktlen, keyid);
1037  pkt = _free(pkt);
1038  return 8; /* no. of bytes of pubkey signid */
1039 }
1040 
1041 int pgpPrtPkt(const rpmuint8_t * pkt, size_t pleft)
1042 {
1043  pgpPkt pp = (pgpPkt) alloca(sizeof(*pp));
1044  int rc = pgpPktLen(pkt, pleft, pp);
1045 
1046  if (rc < 0)
1047  return rc;
1048 
1049  switch (pp->tag) {
1050  case PGPTAG_SIGNATURE:
1051  rc = pgpPrtSig(pp);
1052  break;
1053  case PGPTAG_PUBLIC_KEY:
1054  /* Get the public key fingerprint. */
1055  if (_digp) {
1056 /*@-mods@*/
1057  if (!pgpPubkeyFingerprint(pkt, pp->pktlen, _digp->signid))
1058  _digp->saved |= PGPDIG_SAVED_ID;
1059  else
1060  memset(_digp->signid, 0, sizeof(_digp->signid));
1061 /*@=mods@*/
1062  }
1063  /*@fallthrough@*/
1064  case PGPTAG_PUBLIC_SUBKEY:
1065  rc = pgpPrtKey(pp);
1066  break;
1067  case PGPTAG_SECRET_KEY:
1068  case PGPTAG_SECRET_SUBKEY:
1069  rc = pgpPrtKey(pp);
1070  break;
1071  case PGPTAG_USER_ID:
1072  rc = pgpPrtUserID(pp);
1073  break;
1074  case PGPTAG_COMMENT:
1075  case PGPTAG_COMMENT_OLD:
1076  rc = pgpPrtComment(pp);
1077  break;
1078 
1079  case PGPTAG_RESERVED:
1083  case PGPTAG_SYMMETRIC_DATA:
1084  case PGPTAG_MARKER:
1085  case PGPTAG_LITERAL_DATA:
1086  case PGPTAG_TRUST:
1087  case PGPTAG_PHOTOID:
1088  case PGPTAG_ENCRYPTED_MDC:
1089  case PGPTAG_MDC:
1090  case PGPTAG_PRIVATE_60:
1091  case PGPTAG_PRIVATE_62:
1092  case PGPTAG_CONTROL:
1093  default:
1094  pgpPrtVal("", pgpTagTbl, (rpmuint8_t)pp->tag);
1095  pgpPrtHex("", pp->u.h, pp->hlen);
1096  pgpPrtNL();
1097  rc = 0;
1098  break;
1099  }
1100 
1101  return (rc ? -1 : (int)pp->pktlen);
1102 }
1103 
1104 /*@unchecked@*/
1106 
1108 {
1109  if (dig != NULL) {
1110  dig->signature.userid = _free(dig->signature.userid);
1111  dig->pubkey.userid = _free(dig->pubkey.userid);
1112  dig->pubkey_algoN = NULL;
1113  dig->hash_algoN = NULL;
1114  memset(&dig->dops, 0, sizeof(dig->dops));
1115  memset(&dig->sops, 0, sizeof(dig->sops));
1116  dig->ppkts = _free(dig->ppkts);
1117  dig->npkts = 0;
1118  dig->signature.hash = NULL;
1119  dig->signature.hashlen = 0;
1120  dig->pubkey.hash = NULL;
1121  dig->pubkey.hashlen = 0;
1122 
1123  memset(&dig->signature, 0, sizeof(dig->signature));
1124  memset(&dig->pubkey, 0, sizeof(dig->pubkey));
1125 
1126  dig->md5 = _free(dig->md5);
1127  dig->md5len = 0;
1128  dig->sha1 = _free(dig->sha1);
1129  dig->sha1len = 0;
1130 
1131  pgpImplClean(dig->impl);
1132 
1133  }
1134 /*@-nullstate@*/
1135  return;
1136 /*@=nullstate@*/
1137 }
1138 
1139 static void pgpDigFini(void * __dig)
1140  /*@globals fileSystem, internalState @*/
1141  /*@modifies __dig, fileSystem, internalState @*/
1142 {
1143  pgpDig dig = (pgpDig) __dig;
1144 
1145  dig->sig = _free(dig->sig);
1146  dig->siglen = 0;
1147  dig->pub = _free(dig->pub);
1148  dig->publen = 0;
1149 
1150  /* XXX there's a recursion here ... release and reacquire the lock */
1151 #ifndef BUGGY
1152  yarnRelease(dig->_item.use);
1153 #endif
1154  /* Dump the signature/pubkey data. */
1155  pgpDigClean(dig);
1156 #ifndef BUGGY
1157  yarnPossess(dig->_item.use);
1158 #endif
1159 
1160  if (dig->hdrctx != NULL)
1161  (void) rpmDigestFinal(dig->hdrctx, NULL, NULL, 0);
1162  dig->hdrctx = NULL;
1163 
1164  if (dig->hdrsha1ctx != NULL)
1165  (void) rpmDigestFinal(dig->hdrsha1ctx, NULL, NULL, 0);
1166  dig->hdrsha1ctx = NULL;
1167 
1168  if (dig->sha1ctx != NULL)
1169  (void) rpmDigestFinal(dig->sha1ctx, NULL, NULL, 0);
1170  dig->sha1ctx = NULL;
1171 
1172 #ifdef NOTYET
1173  if (dig->hdrmd5ctx != NULL)
1174  (void) rpmDigestFinal(dig->hdrmd5ctx, NULL, NULL, 0);
1175  dig->hdrmd5ctx = NULL;
1176 #endif
1177 
1178  if (dig->md5ctx != NULL)
1179  (void) rpmDigestFinal(dig->md5ctx, NULL, NULL, 0);
1180  dig->md5ctx = NULL;
1181 
1182  dig->impl = pgpImplFree(dig->impl);
1183 
1184 }
1185 
1186 /*@unchecked@*/ /*@only@*/ /*@null@*/
1188 
1189 static pgpDig digGetPool(/*@null@*/ rpmioPool pool)
1190  /*@globals _digPool, fileSystem @*/
1191  /*@modifies pool, _digPool, fileSystem @*/
1192 {
1193  pgpDig dig;
1194 
1195  if (_digPool == NULL) {
1196  _digPool = rpmioNewPool("dig", sizeof(*dig), -1, _pgp_debug,
1197  NULL, NULL, pgpDigFini);
1198  pool = _digPool;
1199  }
1200 
1201  dig = (pgpDig) rpmioGetPool(pool, sizeof(*dig));
1202  memset(((char *)dig)+sizeof(dig->_item), 0, sizeof(*dig)-sizeof(dig->_item));
1203  return dig;
1204 }
1205 
1207 {
1208  pgpDig dig = pgpDigLink( digGetPool(_digPool) );
1209  pgpDigParams pubp = pgpGetPubkey(dig);
1210 
1211  /* XXX FIXME: always set default flags, ignore the arg. */
1212  dig->vsflags = (vsflags != RPMVSF_DEFAULT ? vsflags : pgpDigVSFlags);
1213  dig->impl = pgpImplInit();
1214  /* XXX FIXME: always set default pubkey_algo, ignore the arg. */
1215  pubp->pubkey_algo = pubkey_algo;
1216 
1217  if (pubp->pubkey_algo) {
1218  int xx = pgpImplGenerate(dig);
1219 assert(xx == 1);
1220  /* XXX FIXME: limited to DSA from BeeCrypt for now. */
1221  if (pgpImplVecs == &rpmbcImplVecs)
1222  xx = rpmbcExportPubkey(dig);
1223  }
1224  return dig;
1225 }
1226 
1228 {
1229  return (dig ? &dig->signature : NULL);
1230 }
1231 
1233 {
1234  return (dig ? &dig->pubkey : NULL);
1235 }
1236 
1238 {
1239  return (dig ? dig->sigtag : 0);
1240 }
1241 
1243 {
1244  return (dig ? dig->sigtype : 0);
1245 }
1246 
1247 const void * pgpGetSig(pgpDig dig)
1248 {
1249  return (dig ? dig->sig : NULL);
1250 }
1251 
1253 {
1254  return (dig ? dig->siglen : 0);
1255 }
1256 
1258  rpmuint32_t sigtag, rpmuint32_t sigtype, const void * sig, rpmuint32_t siglen)
1259 {
1260  if (dig != NULL) {
1261  dig->sigtag = sigtag;
1262  dig->sigtype = (sig ? sigtype : 0);
1263 /*@-assignexpose -kepttrans@*/
1264  dig->sig = sig;
1265 /*@=assignexpose =kepttrans@*/
1266  dig->siglen = siglen;
1267  }
1268  return 0;
1269 }
1270 
1271 void * pgpStatsAccumulator(pgpDig dig, int opx)
1272 {
1273  void * sw = NULL;
1274  switch (opx) {
1275  case 10: /* RPMTS_OP_DIGEST */
1276  sw = &dig->dops;
1277  break;
1278  case 11: /* RPMTS_OP_SIGNATURE */
1279  sw = &dig->sops;
1280  break;
1281  }
1282  return sw;
1283 }
1284 
1286  int (*findPubkey) (void *ts, /*@null@*/ void *dig), void * _ts)
1287 {
1288  if (dig) {
1289 /*@-assignexpose@*/
1290  dig->findPubkey = findPubkey;
1291 /*@=assignexpose@*/
1292 /*@-dependenttrans@*/
1293  dig->_ts = _ts;
1294 /*@=dependenttrans@*/
1295  }
1296  return 0;
1297 }
1298 
1300 {
1301  int rc = 1; /* XXX RPMRC_NOTFOUND */
1302  if (dig && dig->findPubkey && dig->_ts)
1303  rc = (*dig->findPubkey) (dig->_ts, dig);
1304  return rc;
1305 }
1306 
1307 int pgpGrabPkts(const rpmuint8_t * pkts, size_t pktlen,
1308  /*@out@*/ rpmuint8_t *** pppkts, /*@out@*/ int * pnpkts)
1309  /*@modifies *pppkts, *pnpkts @*/
1310 {
1311  pgpPkt pp = (pgpPkt) alloca(sizeof(*pp));
1312  const rpmuint8_t * p;
1313  size_t pleft;
1314  size_t len;
1315  int npkts = 0;
1316  rpmuint8_t ** ppkts;
1317 
1318  for (p = pkts, pleft = pktlen; p < (pkts + pktlen); p += len, pleft -= len) {
1319  if (pgpPktLen(p, pleft, pp) < 0)
1320  return -1;
1321  len = pp->pktlen;
1322  npkts++;
1323  }
1324  if (npkts <= 0)
1325  return -2;
1326 
1327  ppkts = (rpmuint8_t **) xcalloc(npkts+1, sizeof(*ppkts));
1328 
1329  npkts = 0;
1330  for (p = pkts, pleft = pktlen; p < (pkts + pktlen); p += len, pleft -= len) {
1331 
1332  if (pgpPktLen(p, pleft, pp) < 0)
1333  return -1;
1334  len = pp->pktlen;
1335  ppkts[npkts++] = (rpmuint8_t *) p;
1336  }
1337  ppkts[npkts] = NULL;
1338 
1339  if (pppkts != NULL)
1340  *pppkts = ppkts;
1341  else
1342  ppkts = _free(ppkts);
1343 
1344  if (pnpkts != NULL)
1345  *pnpkts = npkts;
1346 
1347  return 0;
1348 }
1349 
1350 /*@-globstate -incondefs -nullderef @*/ /* _dig annotations are not correct. */
1351 int pgpPrtPkts(const rpmuint8_t * pkts, size_t pktlen, pgpDig dig, int printing)
1352  /*@globals _dig, _digp, _pgp_print @*/
1353  /*@modifies _dig, _digp, *_digp, _pgp_print @*/
1354 {
1355  pgpPkt pp = (pgpPkt) alloca(sizeof(*pp));
1356  unsigned int val = (unsigned int)*pkts;
1357  size_t pleft;
1358  int len;
1359  rpmuint8_t ** ppkts = NULL;
1360  int npkts;
1361  int i;
1362 
1363  _pgp_print = printing;
1364  _dig = pgpDigLink(dig);
1365  if (dig != NULL && (val & 0x80)) {
1366  pgpTag tag = (pgpTag)((val & 0x40) ? (val & 0x3f) : ((val >> 2) & 0xf));
1367  _digp = (tag == PGPTAG_SIGNATURE) ? &_dig->signature : &_dig->pubkey;
1368  _digp->tag = (rpmuint8_t)tag;
1369  } else
1370  _digp = NULL;
1371 
1372  if (pgpGrabPkts(pkts, pktlen, &ppkts, &npkts) || ppkts == NULL) {
1373  _dig = pgpDigFree(_dig);
1374  return -1;
1375  }
1376 
1377  if (ppkts != NULL)
1378  for (i = 0, pleft = pktlen; i < npkts; i++, pleft -= len) {
1379  len = pgpPktLen(ppkts[i], pleft, pp);
1380  len = pgpPrtPkt(ppkts[i], pp->pktlen);
1381  }
1382 
1383  if (dig != NULL) {
1384  dig->ppkts = _free(dig->ppkts); /* XXX memory leak plugged. */
1385  dig->ppkts = ppkts;
1386  dig->npkts = npkts;
1387  } else
1388  ppkts = _free(ppkts);
1389 
1390  (void) pgpDigFree(_dig);
1391  _dig = NULL;
1392 
1393  return 0;
1394 }
1395 /*@=globstate =incondefs =nullderef @*/
1396 
1397 pgpArmor pgpArmorUnwrap(rpmiob iob, rpmuint8_t ** pkt, size_t * pktlen)
1398 {
1399  const char * enc = NULL;
1400  const char * crcenc = NULL;
1401  rpmuint8_t * dec;
1402  rpmuint8_t * crcdec;
1403  size_t declen;
1404  size_t crclen;
1405  rpmuint32_t crcpkt, crc;
1406  const char * armortype = NULL;
1407  char * t, * te;
1408  int pstate = 0;
1409  pgpArmor ec = PGPARMOR_ERR_NO_BEGIN_PGP; /* XXX assume failure */
1410  pgpTag tag = (pgpTag)0;
1411  int rc;
1412 
1413  if (iob == NULL)
1414  goto exit;
1415 
1416  /* Read unarmored packets. */
1417  if (pgpIsPkt(iob->b, &tag)) {
1418  switch (tag) {
1419  default: ec = PGPARMOR_NONE; break;
1420  case PGPTAG_PUBLIC_KEY: ec = PGPARMOR_PUBKEY; break;
1421  case PGPTAG_SIGNATURE: ec = PGPARMOR_SIGNATURE; break;
1422 #ifdef NOTYET
1423  case PGPTAG_SECRET_KEY: ec = PGPARMOR_SECKEY; break;
1424  case PGPTAG_FOO: ec = PGPARMOR_MESSAGE; break;
1425  case PGPTAG_FOO: ec = PGPARMOR_SIGNED_MESSAGE; break;
1426  case PGPTAG_FOO: ec = PGPARMOR_FILE; break;
1427  case PGPTAG_FOO: ec = PGPARMOR_PRIVKEY; break;
1428 #endif
1429  }
1430  /* Truncate blen to actual no. of octets in packet. */
1431  if (ec != PGPARMOR_NONE) {
1432  pgpPkt pp = (pgpPkt) alloca(sizeof(*pp));
1433  iob->blen = pgpPktLen(iob->b, iob->blen, pp);
1434  }
1435  goto exit;
1436  }
1437 
1438 #define TOKEQ(_s, _tok) (!strncmp((_s), (_tok), sizeof(_tok)-1))
1439 
1440  /* Read armored packets, converting to binary. */
1441  for (t = (char *)iob->b; t && *t; t = te) {
1442  if ((te = strchr(t, '\n')) == NULL)
1443  te = t + strlen(t);
1444  else
1445  te++;
1446 
1447  switch (pstate) {
1448  case 0:
1449  armortype = NULL;
1450  if (!TOKEQ(t, "-----BEGIN PGP "))
1451  continue;
1452  t += sizeof("-----BEGIN PGP ")-1;
1453 
1454  rc = pgpValTok(pgpArmorTbl, t, te);
1455  if (rc < 0) {
1457  goto exit;
1458  }
1459  /* XXX Ignore clear signed message start. */
1460  if (rc == PGPARMOR_SIGNED_MESSAGE)
1461  continue;
1462  ec = (pgpArmor)rc; /* Save the packet type as exit code. */
1463  armortype = t;
1464 
1465  t = strchr(t, '\n');
1466  if (t == NULL)
1467  continue;
1468  if (t[-1] == '\r')
1469  --t;
1470  t -= (sizeof("-----")-1);
1471  if (!TOKEQ(t, "-----"))
1472  continue;
1473  *t = '\0';
1474  pstate++;
1475  /*@switchbreak@*/ break;
1476  case 1:
1477  enc = NULL;
1478  rc = pgpValTok(pgpArmorKeyTbl, t, te);
1479  if (rc >= 0)
1480  continue;
1481  if (!(*t == '\n' || *t == '\r')) {
1482  pstate = 0;
1483  continue;
1484  }
1485  enc = te; /* Start of encoded packets */
1486  pstate++;
1487  /*@switchbreak@*/ break;
1488  case 2:
1489  crcenc = NULL;
1490  if (*t != '=')
1491  continue;
1492  *t++ = '\0'; /* Terminate encoded packets */
1493  crcenc = t; /* Start of encoded crc */
1494  pstate++;
1495  /*@switchbreak@*/ break;
1496  case 3:
1497  pstate = 0;
1498  if (!TOKEQ(t, "-----END PGP ")) {
1500  goto exit;
1501  }
1502  *t = '\0'; /* Terminate encoded crc */
1503  t += sizeof("-----END PGP ")-1;
1504  if (t >= te) continue;
1505 
1506  if (armortype == NULL) /* XXX can't happen */
1507  continue;
1508  rc = strncmp(t, armortype, strlen(armortype));
1509  if (rc)
1510  continue;
1511 
1512  t += strlen(armortype);
1513  if (t >= te) continue;
1514 
1515  if (!TOKEQ(t, "-----")) {
1517  goto exit;
1518  }
1519  t += (sizeof("-----")-1);
1520  if (t >= te) continue;
1521  /* XXX permitting \r here is not RFC-2440 compliant <shrug> */
1522  if (!(*t == '\n' || *t == '\r')) continue;
1523 
1524  crcdec = NULL;
1525  crclen = 0;
1526  if (b64decode(crcenc, (void **)&crcdec, &crclen) != 0) {
1528  goto exit;
1529  }
1530  crcpkt = pgpGrab(crcdec, crclen);
1531  crcdec = _free(crcdec);
1532  dec = NULL;
1533  declen = 0;
1534  if (b64decode(enc, (void **)&dec, &declen) != 0) {
1536  goto exit;
1537  }
1538  crc = pgpCRC(dec, declen);
1539  if (crcpkt != crc) {
1541  goto exit;
1542  }
1543  iob->b = _free(iob->b);
1544  iob->b = dec;
1545  iob->blen = declen;
1546  goto exit;
1547  /*@notreached@*/ /*@switchbreak@*/ break;
1548  }
1549  }
1550  ec = PGPARMOR_NONE;
1551 
1552 exit:
1553  if (ec > PGPARMOR_NONE) {
1554  if (pkt) *pkt = iob->b;
1555  if (pktlen) *pktlen = iob->blen;
1556  iob->b = NULL; /* XXX iob->b has been stolen */
1557  } else {
1558  if (pkt) *pkt = NULL;
1559  if (pktlen) *pktlen = 0;
1560  }
1561  return ec;
1562 }
1563 
1564 pgpArmor pgpReadPkts(const char * fn, rpmuint8_t ** pkt, size_t * pktlen)
1565 {
1566  rpmiob iob = NULL;
1567  pgpArmor ec = !rpmiobSlurp(fn, &iob)
1568  ? pgpArmorUnwrap(iob, pkt, pktlen)
1570  iob = rpmiobFree(iob);
1571  return ec;
1572 }
1573 
1574 char * pgpArmorWrap(rpmuint8_t atype, const unsigned char * s, size_t ns)
1575 {
1576  const char * enc;
1577  char * t;
1578  size_t nt;
1579  char * val;
1580  int lc;
1581 
1582  nt = ((ns + 2) / 3) * 4;
1583  /*@-globs@*/
1584  /* Add additional bytes necessary for eol string(s). */
1585  if (b64encode_chars_per_line > 0 && b64encode_eolstr != NULL) {
1586  lc = (nt + b64encode_chars_per_line - 1) / b64encode_chars_per_line;
1587  if (((nt + b64encode_chars_per_line - 1) % b64encode_chars_per_line) != 0)
1588  ++lc;
1589  nt += lc * strlen(b64encode_eolstr);
1590  }
1591  /*@=globs@*/
1592 
1593  nt += 512; /* XXX slop for armor and crc */
1594 
1595  val = t = (char *) xmalloc(nt + 1);
1596  *t = '\0';
1597  t = stpcpy(t, "-----BEGIN PGP ");
1598  t = stpcpy(t, pgpValStr(pgpArmorTbl, atype));
1599  /*@-globs@*/
1600  t = stpcpy( stpcpy(t, "-----\nVersion: RPM "), VERSION);
1601  /*@=globs@*/
1602  t = stpcpy(t, " (BeeCrypt)\n\n");
1603 
1604  if ((enc = b64encode(s, ns)) != NULL) {
1605  t = stpcpy(t, enc);
1606  enc = _free(enc);
1607  if ((enc = b64crc(s, ns)) != NULL) {
1608  *t++ = '=';
1609  t = stpcpy(t, enc);
1610  enc = _free(enc);
1611  }
1612  }
1613 
1614  t = stpcpy(t, "-----END PGP ");
1615  t = stpcpy(t, pgpValStr(pgpArmorTbl, atype));
1616  t = stpcpy(t, "-----\n");
1617 
1618 /*@-globstate@*/ /* XXX b64encode_eolstr needs annotation. */
1619  return val;
1620 /*@=globstate@*/
1621 }
1622 
1623 pgpHashAlgo pgpHashAlgoStringToNumber(const char *name, size_t name_len)
1624 {
1625  size_t i;
1626 
1627  if (name == NULL)
1628  return (pgpHashAlgo) -1;
1629  if (name_len == 0)
1630  name_len = strlen(name);
1631  for (i = 0; i < sizeof(pgpHashTbl)/sizeof(pgpHashTbl[0]); i++)
1632  if (xstrncasecmp(name, pgpHashTbl[i].str, name_len) == 0)
1633  return (pgpHashAlgo) pgpHashTbl[i].val;
1634  return PGPHASHALGO_ERROR;
1635 }
1636 
static const char * pgpSigDSA[]
Definition: rpmpgp.c:416
rpmuint8_t pubkey_algo
Definition: rpmpgp.h:763
static int pgpValTok(pgpValTbl vs, const char *s, const char *se)
Return value of an OpenPGP string.
Definition: rpmpgp.h:1218
static void pgpPrtInt(const char *pre, int i)
Definition: rpmpgp.c:260
pgpDigParams pgpGetPubkey(pgpDig dig)
Return OpenPGP pubkey parameters.
Definition: rpmpgp.c:1232
rpmuint8_t sigtype
Definition: rpmpgp.h:419
5.5.1.
Definition: rpmpgp.h:722
const rpmuint8_t * pgpPrtPubkeyParams(pgpDig dig, const pgpPkt pp, pgpPubkeyAlgo pubkey_algo, const rpmuint8_t *p)
Definition: rpmpgp.c:682
pgpImplVecs_t * pgpImplVecs
Definition: rpmpgp.c:38
struct pgpImplVecs_s rpmbcImplVecs
Definition: rpmbc.c:850
rpmuint8_t hash_algo
Definition: rpmpgp.h:421
int pgpSetFindPubkey(pgpDig dig, int(*findPubkey)(void *ts, void *dig), void *_ts)
Set find pubkey vector.
Definition: rpmpgp.c:1285
static const char * pgpValStr(pgpValTbl vs, rpmuint8_t val)
Return string representation of am OpenPGP value.
Definition: rpmpgp.h:1200
static const rpmuint8_t * pgpPrtSeckeyParams(const pgpPkt pp, rpmuint8_t pubkey_algo, const rpmuint8_t *p)
Definition: rpmpgp.c:757
pgpDig pgpDigFree(pgpDig dig)
Destroy a container for parsed OpenPGP packates.
static unsigned int pgpCRC(const rpmuint8_t *octets, size_t len)
Return CRC of a buffer.
Definition: rpmpgp.h:1658
rpmuint32_t pgpGetSiglen(pgpDig dig)
Get signature tag data length, i.e.
Definition: rpmpgp.c:1252
int pgpPktLen(const rpmuint8_t *pkt, size_t pleft, pgpPkt pp)
Definition: rpmpgp.c:940
const void * pgpGetSig(pgpDig dig)
Get signature tag data, i.e.
Definition: rpmpgp.c:1247
struct pgpValTbl_s pgpCompressionTbl[]
Compression (string, value) pairs.
Definition: rpmpgp.c:136
struct pgpDigParams_s * pgpDigParams
Definition: rpmiotypes.h:87
static unsigned int pgpLen(const rpmuint8_t *s, unsigned int *lenp)
Return length of an OpenPGP packet.
Definition: rpmpgp.h:1094
DIGEST_CTX rpmDigestInit(pgpHashAlgo hashalgo, rpmDigestFlags flags)
Initialize digest.
Definition: digest.c:244
int pgpExtractPubkeyFingerprint(const char *b64pkt, rpmuint8_t *keyid)
Extract OpenPGP public key fingerprint from base64 encoded packet.
Definition: rpmpgp.c:1029
struct pgpValTbl_s pgpHashTbl[]
Hash (string, value) pairs.
Definition: rpmpgp.c:144
struct pgpValTbl_s pgpArmorKeyTbl[]
Armor key (string, value) pairs.
Definition: rpmpgp.c:243
int xstrncasecmp(const char *s1, const char *s2, size_t n)
Locale insensitive strncasecmp(3).
Definition: strcasecmp.c:30
static unsigned int pgpGrab(const rpmuint8_t *s, size_t nbytes)
Return (native-endian) integer from big-endian representation.
Definition: rpmpgp.h:1077
enum pgpHashAlgo_e pgpHashAlgo
9.4.
static const char * pgpPublicELGAMAL[]
Definition: rpmpgp.c:666
#define VERSION
Definition: config.h:1270
static rpmVSFlags vsflags
Definition: rpmcache.c:547
char * pgpArmorWrap(rpmuint8_t atype, const unsigned char *s, size_t ns)
Wrap a OpenPGP packets in ascii armor for transport.
Definition: rpmpgp.c:1574
int pgpSetSig(pgpDig dig, rpmuint32_t sigtag, rpmuint32_t sigtype, const void *sig, rpmuint32_t siglen)
Set signature tag info, i.e.
Definition: rpmpgp.c:1257
5.2.3.
Definition: rpmpgp.h:417
rpmiob rpmiobFree(rpmiob iob)
Destroy a I/O buffer instance.
enum pgpSigType_e pgpSigType
5.2.1.
pgpDig pgpDigLink(pgpDig dig)
Reference a signature parameters instance.
rpmuint8_t pubkey_algo
Definition: rpmpgp.h:420
static int pgpImplGenerate(pgpDig dig)
Definition: rpmpgp.h:1862
pgpImplVecs_t rpmnssImplVecs
struct pgpValTbl_s pgpTagTbl[]
Definition: rpmpgp.c:206
pgpArmor pgpArmorUnwrap(rpmiob iob, rpmuint8_t **pkt, size_t *pktlen)
Parse armored OpenPGP packets from an iob.
Definition: rpmpgp.c:1397
int rpmiobSlurp(const char *fn, rpmiob *iobp)
Definition: rpmiob.c:130
5.2.2.
Definition: rpmpgp.h:385
static void pgpDigFini(void *__dig)
Definition: rpmpgp.c:1139
static const char * pgpPublicRSA[]
Definition: rpmpgp.c:617
char * alloca()
static int pgpIsPkt(const rpmuint8_t *p, pgpTag *tagp)
Is buffer at beginning of an OpenPGP packet?
Definition: rpmpgp.h:1597
rpmuint8_t hashlen
Definition: rpmpgp.h:387
rpmuint32_t pgpGetSigtype(pgpDig dig)
Get signature tag type.
Definition: rpmpgp.c:1242
pgpArmor pgpReadPkts(const char *fn, rpmuint8_t **pkt, size_t *pktlen)
Parse armored OpenPGP packets from a file.
Definition: rpmpgp.c:1564
static void * pgpImplFree(void *impl)
Definition: rpmpgp.h:1895
static void * pgpImplInit(void)
Definition: rpmpgp.h:1904
unsigned int rpmuint32_t
Definition: rpmiotypes.h:25
pgpVSFlags pgpDigVSFlags
Disabler bits(s) for signature/digest checking.
Definition: rpmpgp.c:1105
static int crc(FD_t fd, uint32_t *cval, uint32_t *clen)
Definition: rpmmtree.c:515
void * xcalloc(size_t nmemb, size_t size)
Definition: rpmmalloc.c:301
int pgpPrtPkt(const rpmuint8_t *pkt, size_t pleft)
Return lenth of a OpenPGP packet.
Definition: rpmpgp.c:1041
int _pgp_print
Definition: rpmpgp.c:32
struct pgpPktSigV4_s * pgpPktSigV4
5.2.3.
int rpmDigestUpdate(DIGEST_CTX ctx, const void *data, size_t len)
Update context with next plain text buffer.
Definition: digest.c:907
int pgpFindPubkey(pgpDig dig)
Call find pubkey vector.
Definition: rpmpgp.c:1299
rpmioItem rpmioGetPool(rpmioPool pool, size_t size)
Get unused item from pool, or alloc a new item.
Definition: rpmmalloc.c:221
struct pgpValTbl_s pgpSymkeyTbl[]
Symmetric key (string, value) pairs.
Definition: rpmpgp.c:117
rpmioPool _digPool
Definition: rpmpgp.c:1187
int pgpPrtSigParams(pgpDig dig, const pgpPkt pp, pgpPubkeyAlgo pubkey_algo, pgpSigType sigtype, const rpmuint8_t *p)
Definition: rpmpgp.c:430
rpmuint8_t version
Definition: rpmpgp.h:761
unsigned char rpmuint8_t
Private int typedefs to avoid C99 portability issues.
Definition: rpmiotypes.h:23
static const char * pgpMpiStr(const rpmuint8_t *p)
Return hex formatted representation of a multiprecision integer.
Definition: rpmpgp.h:1181
enum pgpVSFlags_e pgpVSFlags
Bit(s) to control digest and signature verification.
struct pgpPkt_s * pgpPkt
Definition: rpmiotypes.h:79
pgpDigParams pgpGetSignature(pgpDig dig)
Return OpenPGP signature parameters.
Definition: rpmpgp.c:1227
int _pgp_error_count
Definition: rpmpgp.c:35
rpmuint8_t valid[2]
Definition: rpmpgp.h:725
struct pgpValTbl_s pgpArmorTbl[]
Armor (string, value) pairs.
Definition: rpmpgp.c:232
rpmuint32_t pgpGetSigtag(pgpDig dig)
Get signature tag.
Definition: rpmpgp.c:1237
Digest private data.
Definition: digest.c:127
struct pgpDig_s * pgpDig
Definition: rpmiotypes.h:83
pgpImplVecs_t rpmsslImplVecs
Implementation specific parameter storage.
struct pgpValTbl_s pgpSubTypeTbl[]
Subtype (string, value) pairs.
Definition: rpmpgp.c:166
rpmuint8_t sigtype
Definition: rpmpgp.h:388
rpmuint8_t version
Definition: rpmpgp.h:386
static void pgpPrtHex(const char *pre, const rpmuint8_t *p, size_t plen)
Definition: rpmpgp.c:280
rpmuint8_t time[4]
Definition: rpmpgp.h:724
pgpHashAlgo pgpHashAlgoStringToNumber(const char *name, size_t name_len)
Convert a hash algorithm "foo" to the internal PGPHASHALGO_FOO number.
Definition: rpmpgp.c:1623
void pgpDigClean(pgpDig dig)
Release (malloc&#39;d) data from container.
Definition: rpmpgp.c:1107
struct pgpPktKeyV4_s * pgpPktKeyV4
The version 4 format is similar to the version 3 format except for the absence of a validity period...
int _pgp_debug
Definition: rpmpgp.c:29
static void pgpPrtStr(const char *pre, const char *s)
Definition: rpmpgp.c:270
static const char * pgpPublicECDSA[]
Definition: rpmpgp.c:652
struct pgpValTbl_s pgpSigTypeTbl[]
Definition: rpmpgp.c:84
int pgpGrabPkts(const rpmuint8_t *pkts, size_t pktlen, rpmuint8_t ***pppkts, int *pnpkts)
Return array of packet pointers.
Definition: rpmpgp.c:1307
struct pgpValTbl_s pgpPubkeyTbl[]
Definition: rpmpgp.c:103
enum pgpPubkeyAlgo_e pgpPubkeyAlgo
9.1.
rpmuint8_t time[4]
Definition: rpmpgp.h:762
pgpDig pgpDigNew(pgpVSFlags vsflags, pgpPubkeyAlgo pubkey_algo)
Create a container for parsed OpenPGP packates.
Definition: rpmpgp.c:1206
static unsigned int pgpMpiLen(const rpmuint8_t *p)
Return no.
Definition: rpmpgp.h:1128
int pgpPrtSubType(const rpmuint8_t *h, size_t hlen, pgpSigType sigtype)
Definition: rpmpgp.c:300
int pgpPrtComment(const pgpPkt pp)
Definition: rpmpgp.c:911
static void pgpImplClean(void *impl)
Definition: rpmpgp.h:1883
rpmioPool rpmioNewPool(const char *name, size_t size, int limit, int flags, char *(*dbg)(void *item), void(*init)(void *item), void(*fini)(void *item))
Create a memory pool.
Definition: rpmmalloc.c:110
static pgpDig digGetPool(rpmioPool pool)
Definition: rpmpgp.c:1189
const char * str
Definition: rpmpgp.h:117
int pgpPubkeyFingerprint(const rpmuint8_t *pkt, size_t pktlen, rpmuint8_t *keyid)
Print/parse an OpenPGP subtype packet.
Definition: rpmpgp.c:970
char * stpcpy(char *dest, const char *src)
struct pgpPktSigV3_s * pgpPktSigV3
5.2.2.
static void * _free(const void *p)
Wrapper to free(3), hides const compilation noise, permit NULL, return NULL.
Definition: rpmiotypes.h:647
struct rpmiob_s * rpmiob
Definition: rpmiotypes.h:57
int pgpPrtUserID(const pgpPkt pp)
Definition: rpmpgp.c:894
static const char * pgpPublicDSA[]
Definition: rpmpgp.c:635
rpmuint8_t signhash16[2]
Definition: rpmpgp.h:393
pgpImplVecs_t rpmgcImplVecs
Implementation specific parameter storage.
rpmuint8_t time[4]
Definition: rpmpgp.h:389
enum pgpArmor_e pgpArmor
enum pgpTag_e pgpTag
4.3.
int val
Definition: rpmpgp.h:115
rpmuint8_t version
Definition: rpmpgp.h:418
struct pgpValTbl_s pgpKeyServerPrefsTbl[]
Definition: rpmpgp.c:160
int pgpPrtPkts(const rpmuint8_t *pkts, size_t pktlen, pgpDig dig, int printing)
Print/parse a OpenPGP packet(s).
Definition: rpmpgp.c:1351
int rpmDigestFinal(DIGEST_CTX ctx, void *datap, size_t *lenp, int asAscii)
Return digest and destroy context.
Definition: digest.c:921
static const char * name
rpmuint8_t version
Definition: rpmpgp.h:723
#define xmalloc
Definition: system.h:33
rpmuint8_t pubkey_algo
Definition: rpmpgp.h:391
rpmuint8_t hash_algo
Definition: rpmpgp.h:392
static int pgpImplMpiItem(const char *pre, pgpDig dig, int itemno, const rpmuint8_t *p, const rpmuint8_t *pend)
Definition: rpmpgp.h:1873
int rpmbcExportPubkey(pgpDig dig)
Definition: rpmbc.c:864
static char * pgpHexStr(const rpmuint8_t *p, size_t plen)
Return hex formatted representation of bytes.
Definition: rpmpgp.h:1165
#define TOKEQ(_s, _tok)
rpmuint8_t hashlen[2]
Definition: rpmpgp.h:422
static const char * pgpSigRSA[]
Definition: rpmpgp.c:410
void * pgpStatsAccumulator(pgpDig dig, int opx)
Return pgpDig container accumulator structure.
Definition: rpmpgp.c:1271
rpmuint8_t pubkey_algo
Definition: rpmpgp.h:726
struct pgpPktKeyV3_s * pgpPktKeyV3
5.5.1.
static const char * pgpSigECDSA[]
Definition: rpmpgp.c:423
The version 4 format is similar to the version 3 format except for the absence of a validity period...
Definition: rpmpgp.h:760
int pgpPrtSig(const pgpPkt pp)
Definition: rpmpgp.c:506
static void pgpPrtNL(void)
Definition: rpmpgp.c:252
rpmuint8_t signid[8]
Definition: rpmpgp.h:390
int pgpPrtKey(const pgpPkt pp)
Definition: rpmpgp.c:833
void pgpPrtVal(const char *pre, pgpValTbl vs, rpmuint8_t val)
Print an OpenPGP value.
Definition: rpmpgp.c:290
static pgpDigParams _digp
Definition: rpmpgp.c:73