Browse Source

EBCDIC handling

Simplifying and streamlining the EBCDIC handling stuff
master
David Lanzendörfer 2 months ago
parent
commit
05b192a99d
18 changed files with 126 additions and 152 deletions
  1. +28
    -0
      include/netpgp.h
  2. +4
    -5
      include/netpgp/crypto.h
  3. +5
    -1
      include/netpgp/gskssl_glue.h
  4. +6
    -2
      include/netpgp/netpgpdefs.h
  5. +60
    -61
      include/netpgp/packet.h
  6. +4
    -5
      include/netpgp/writer.h
  7. +3
    -4
      src/crypto.c
  8. +2
    -2
      src/getopt.c
  9. +1
    -1
      src/getopt1.c
  10. +3
    -15
      src/gskssl_crypto.c
  11. +1
    -1
      src/gskssl_glue.c
  12. +1
    -2
      src/misc.c
  13. +0
    -19
      src/netpgp.c
  14. +2
    -2
      src/packet-parse.c
  15. +0
    -25
      src/reader.c
  16. +2
    -3
      src/signature.c
  17. +3
    -3
      src/ssl_crypto.c
  18. +1
    -1
      src/symmetric_gskssl.c

+ 28
- 0
include/netpgp.h View File

@ -39,10 +39,31 @@
# endif
#endif
/*
** Check to see if this machine uses EBCDIC. (Yes, believe it or
** not, there are still machines out there that use EBCDIC.)
*/
#if 'A' == '\301'
# define NETPGP_EBCDIC 1
#else
# define NETPGP_ASCII 1
#endif
#ifndef MIN
#define MIN(a,b) (((a)<(b))?(a):(b))
#endif
#ifndef MAX
#define MAX(a,b) (((a)>(b))?(a):(b))
#endif
#include <netpgp/config.h>
#include <netpgp/keyring.h>
#if defined(NETPGP_EBCDIC)
#include <unistd.h>
#endif
__BEGIN_DECLS
/* structure used to hold (key,value) pair information */
@ -106,6 +127,13 @@ int netpgp_validate_sigs(netpgp_t *);
// helpers
unsigned uint_to_string(const int8_t *src, char **str, unsigned len);
unsigned string_to_uint(const char *str, uint8_t **fpr, size_t *length);
inline char A(char c) // EBCDIC or ASCII character to ASCII character
{
#if defined(NETPGP_EBCDIC)
__e2a_l(&c,1);
#endif
return c;
}
__END_DECLS


+ 4
- 5
include/netpgp/crypto.h View File

@ -64,7 +64,7 @@
#include <openssl/dsa.h>
#endif
#ifdef HAVE_GSKSSL
#if defined(HAVE_GSKSSL) && !defined(HAVE_OPENSSL)
#include <gskcms.h>
#include <csfbext.h>
#include <csnpdefs.h>
@ -72,7 +72,7 @@
#define PGP_MIN_HASH_SIZE 16
#if defined(HAVE_GSKSSL)
#if defined(HAVE_GSKSSL) && !defined(HAVE_OPENSSL)
unsigned gsk_num_bits ( const gsk_buffer *bn );
#endif
@ -166,9 +166,8 @@ int pgp_rsa_private_encrypt(uint8_t *, const uint8_t *, size_t,
int pgp_rsa_private_decrypt(uint8_t *, const uint8_t *, size_t,
const pgp_rsa_seckey_t *, const pgp_rsa_pubkey_t *);
int pgp_rsa_private_check(const pgp_seckey_t *seckey);
int pgp_dsa_private_check(const pgp_dsa_seckey_t *seckey);
int pgp_elgamal_private_check(const pgp_elgamal_seckey_t *seckey);
int pgp_dsa_private_check(const pgp_seckey_t *seckey);
int pgp_elgamal_private_check(const pgp_seckey_t *seckey);
int pgp_elgamal_public_encrypt(uint8_t *, uint8_t *, const uint8_t *, size_t,


+ 5
- 1
include/netpgp/gskssl_glue.h View File

@ -12,7 +12,7 @@
#define CAST_KEY_LENGTH 16
#define SHA_DIGEST_LENGTH 20
#define SHA224_DIGEST_LENGTH 28
#define MAXPATHLEN _POSIX_PATH_MAX
#define SHA384_DIGEST_LENGTH 48
#define MD5_DIGEST_LENGTH 16
#define AES_BLOCK_SIZE 16
@ -25,6 +25,10 @@
#define KEYBITS_CAMELLIA128 128
#define KEYBITS_CAMELLIA256 256
#ifndef MAXPATHLEN
#define MAXPATHLEN _POSIX_PATH_MAX
#endif
CK_FUNCTION_LIST *funcs;
CK_RV getSession(CK_SESSION_HANDLE *session);


+ 6
- 2
include/netpgp/netpgpdefs.h View File

@ -70,13 +70,17 @@ void *pgp_new(size_t);
} \
} while(/* CONSTCOND */0)
#ifdef HAVE_GSKSSL
#if defined(HAVE_GSKSSL) && !defined(HAVE_OPENSSL)
#define CAST_KEY_LENGTH 16
#define SHA_DIGEST_LENGTH 20
#define SHA224_DIGEST_LENGTH 28
#define MAXPATHLEN _POSIX_PATH_MAX
#define SHA384_DIGEST_LENGTH 48
#define MD5_DIGEST_LENGTH 16
#endif
#ifndef MAXPATHLEN
#define MAXPATHLEN _POSIX_PATH_MAX
#endif
#endif /* !NETPGPDEFS_H_ */

+ 60
- 61
include/netpgp/packet.h View File

@ -69,7 +69,7 @@
#include "types.h"
#include "errors.h"
#ifdef HAVE_GSKSSL
#if defined(HAVE_GSKSSL) && !defined(HAVE_OPENSSL)
#include <gsktypes.h>
#endif
@ -392,18 +392,18 @@ typedef enum {
* \see RFC4880 5.5.2
*/
typedef struct {
#if defined(HAVE_GSKSSL)
gsk_buffer *p; /* DSA prime p */
gsk_buffer *q; /* DSA group order q */
gsk_buffer *g; /* DSA group generator g */
gsk_buffer *y; /* DSA public key value y (= g^x mod p
* with x being the secret) */
#elif defined(HAVE_OPENSSL)
#if defined(HAVE_OPENSSL)
BIGNUM *p; /* DSA prime p */
BIGNUM *q; /* DSA group order q */
BIGNUM *g; /* DSA group generator g */
BIGNUM *y; /* DSA public key value y (= g^x mod p
* with x being the secret) */
#elif defined(HAVE_GSKSSL)
gsk_buffer *p; /* DSA prime p */
gsk_buffer *q; /* DSA group order q */
gsk_buffer *g; /* DSA group generator g */
gsk_buffer *y; /* DSA public key value y (= g^x mod p
* with x being the secret) */
#endif
} pgp_dsa_pubkey_t;
@ -412,12 +412,12 @@ typedef struct {
* \see RFC4880 5.5.2
*/
typedef struct {
#if defined(HAVE_GSKSSL)
gsk_buffer *n; /* RSA public modulus n */
gsk_buffer *e; /* RSA public encryption exponent e */
#elif defined(HAVE_OPENSSL)
#if defined(HAVE_OPENSSL)
BIGNUM *n; /* RSA public modulus n */
BIGNUM *e; /* RSA public encryption exponent e */
#elif defined(HAVE_GSKSSL)
gsk_buffer *n; /* RSA public modulus n */
gsk_buffer *e; /* RSA public encryption exponent e */
#endif
} pgp_rsa_pubkey_t;
@ -426,17 +426,16 @@ typedef struct {
* \see RFC4880 5.5.2
*/
typedef struct {
#if defined(HAVE_GSKSSL)
gsk_buffer *n; /* RSA public modulus n */
gsk_buffer *p; /* ElGamal prime p */
gsk_buffer *g; /* ElGamal group generator g */
gsk_buffer *y; /* ElGamal public key value y (= g^x mod p
* with x being the secret) */
#elif defined(HAVE_OPENSSL)
#if defined(HAVE_OPENSSL)
BIGNUM *p; /* ElGamal prime p */
BIGNUM *g; /* ElGamal group generator g */
BIGNUM *y; /* ElGamal public key value y (= g^x mod p
* with x being the secret) */
#elif defined(HAVE_GSKSSL)
gsk_buffer *p; /* ElGamal prime p */
gsk_buffer *g; /* ElGamal group generator g */
gsk_buffer *y; /* ElGamal public key value y (= g^x mod p
* with x being the secret) */
#endif
} pgp_elgamal_pubkey_t;
@ -445,10 +444,10 @@ typedef struct {
* \see RFC8037 (page 9)
*/
typedef struct {
#if defined(HAVE_GSKSSL)
gsk_buffer *x;
#elif defined(HAVE_OPENSSL)
#if defined(HAVE_OPENSSL)
BIGNUM *x;
#elif defined(HAVE_GSKSSL)
gsk_buffer *x;
#endif
} pgp_ecdh_pubkey_t;
@ -478,41 +477,41 @@ typedef struct {
pgp_dsa_pubkey_t dsa; /* A DSA public key */
pgp_rsa_pubkey_t rsa; /* An RSA public key */
pgp_elgamal_pubkey_t elgamal; /* An ElGamal public key */
pgp_ecdh_pubkey_t ecdh; /* An ElGamal public key */
pgp_ecdh_pubkey_t ecdh; /* An ECDH public key */
} key; /* Public Key Parameters */
} pgp_pubkey_t;
/** Structure to hold data for one RSA secret key
*/
typedef struct {
#if defined(HAVE_GSKSSL)
gsk_buffer *d;
gsk_buffer *p;
gsk_buffer *q;
gsk_buffer *u;
#elif defined(HAVE_OPENSSL)
#if defined(HAVE_OPENSSL)
BIGNUM *d;
BIGNUM *p;
BIGNUM *q;
BIGNUM *u;
#elif defined(HAVE_GSKSSL)
gsk_buffer *d;
gsk_buffer *p;
gsk_buffer *q;
gsk_buffer *u;
#endif
} pgp_rsa_seckey_t;
/** pgp_dsa_seckey_t */
typedef struct {
#if defined(HAVE_GSKSSL)
gsk_buffer *x;
#elif defined(HAVE_OPENSSL)
#if defined(HAVE_OPENSSL)
BIGNUM *x;
#elif defined(HAVE_GSKSSL)
gsk_buffer *x;
#endif
} pgp_dsa_seckey_t;
/** pgp_elgamal_seckey_t */
typedef struct {
#if defined(HAVE_GSKSSL)
gsk_buffer *x;
#elif defined(HAVE_OPENSSL)
#if defined(HAVE_OPENSSL)
BIGNUM *x;
#elif defined(HAVE_GSKSSL)
gsk_buffer *x;
#endif
} pgp_elgamal_seckey_t;
@ -520,12 +519,12 @@ typedef struct {
* According to RFC8037 (page 9)
* */
typedef struct {
#if defined(HAVE_GSKSSL)
gsk_buffer *d;
gsk_buffer *x;
#elif defined(HAVE_OPENSSL)
#if defined(HAVE_OPENSSL)
BIGNUM *d;
BIGNUM *x;
#elif defined(HAVE_GSKSSL)
gsk_buffer *d;
gsk_buffer *x;
#endif
} pgp_ecdh_seckey_t;
@ -721,41 +720,41 @@ typedef enum {
/** Struct to hold params of an RSA signature */
typedef struct pgp_rsa_sig_t {
#if defined(HAVE_GSKSSL)
gsk_buffer *sig; /* the signature value (m^d % n) */
#elif defined(HAVE_OPENSSL)
#if defined(HAVE_OPENSSL)
BIGNUM *sig; /* the signature value (m^d % n) */
#elif defined(HAVE_GSKSSL)
gsk_buffer *sig; /* the signature value (m^d % n) */
#endif
} pgp_rsa_sig_t;
/** Struct to hold params of a DSA signature */
typedef struct pgp_dsa_sig_t {
#if defined(HAVE_GSKSSL)
gsk_buffer *r; /* DSA value r */
gsk_buffer *s; /* DSA value s */
#elif defined(HAVE_OPENSSL)
#if defined(HAVE_OPENSSL)
BIGNUM *r; /* DSA value r */
BIGNUM *s; /* DSA value s */
#elif defined(HAVE_GSKSSL)
gsk_buffer *r; /* DSA value r */
gsk_buffer *s; /* DSA value s */
#endif
} pgp_dsa_sig_t;
/** pgp_elgamal_signature_t */
typedef struct pgp_elgamal_sig_t {
#if defined(HAVE_GSKSSL)
gsk_buffer *r;
gsk_buffer *s;
#elif defined(HAVE_OPENSSL)
#if defined(HAVE_OPENSSL)
BIGNUM *r;
BIGNUM *s;
#elif defined(HAVE_GSKSSL)
gsk_buffer *r;
gsk_buffer *s;
#endif
} pgp_elgamal_sig_t;
/** pgp_ecdh_signature_t */
typedef struct pgp_ecdh_sig_t {
#if defined(HAVE_GSKSSL)
gsk_buffer *s;
#elif defined(HAVE_OPENSSL)
#if defined(HAVE_OPENSSL)
BIGNUM *s;
#elif defined(HAVE_GSKSSL)
gsk_buffer *s;
#endif
} pgp_ecdh_sig_t;
@ -934,23 +933,23 @@ enum {
/** pgp_pk_sesskey_params_rsa_t */
typedef struct {
#if defined(HAVE_GSKSSL)
gsk_buffer *encrypted_m;
gsk_buffer *m;
#elif defined(HAVE_OPENSSL)
#if defined(HAVE_OPENSSL)
BIGNUM *encrypted_m;
BIGNUM *m;
#elif defined(HAVE_GSKSSL)
gsk_buffer *encrypted_m;
gsk_buffer *m;
#endif
} pgp_pk_sesskey_params_rsa_t;
/** pgp_pk_sesskey_params_elgamal_t */
typedef struct {
#if defined(HAVE_GSKSSL)
gsk_buffer *g_to_k;
gsk_buffer *encrypted_m;
#elif defined(HAVE_OPENSSL)
#if defined(HAVE_OPENSSL)
BIGNUM *g_to_k;
BIGNUM *encrypted_m;
#elif defined(HAVE_GSKSSL)
gsk_buffer *g_to_k;
gsk_buffer *encrypted_m;
#endif
} pgp_pk_sesskey_params_elgamal_t;


+ 4
- 5
include/netpgp/writer.h View File

@ -59,7 +59,7 @@
#include "errors.h"
#include "keyring.h"
#ifdef HAVE_GSKSSL
#if defined(HAVE_GSKSSL) && !defined(HAVE_OPENSSL)
#include <gsktypes.h>
#endif
@ -114,11 +114,10 @@ unsigned pgp_write_length(pgp_output_t *, unsigned);
unsigned pgp_write_ptag(pgp_output_t *, pgp_content_enum);
unsigned pgp_write_scalar(pgp_output_t *, unsigned, unsigned);
#ifdef HAVE_GSKSSL
unsigned pgp_write_mpi(pgp_output_t *output, gsk_buffer *bn);
#endif
#if HAVE_OPENSSL
#if defined(HAVE_OPENSSL)
unsigned pgp_write_mpi(pgp_output_t *, const BIGNUM *);
#elif defined(HAVE_GSKSSL)
unsigned pgp_write_mpi(pgp_output_t *output, gsk_buffer *bn);
#endif
void pgp_writer_info_delete(pgp_writer_t *);


+ 3
- 4
src/crypto.c View File

@ -76,7 +76,7 @@ __RCSID("$NetBSD$");
#include <netpgp/netpgpsdk.h>
#include <netpgp/validate.h>
#if defined(HAVE_GSKSSL)
#if defined(HAVE_GSKSSL) && !defined(HAVE_OPENSSL)
unsigned gsk_num_bits ( const gsk_buffer *bn )
{
unsigned r = (bn->length-1)*8;
@ -101,11 +101,10 @@ unsigned gsk_num_bits ( const gsk_buffer *bn )
int
pgp_decrypt_decode_mpi(uint8_t *buf,
unsigned buflen,
#ifdef HAVE_OPENSSL
#if defined(HAVE_OPENSSL)
const BIGNUM *g_to_k,
const BIGNUM *encmpi,
#endif
#ifdef HAVE_GSKSSL
#elif defined(HAVE_GSKSSL)
const gsk_buffer *g_to_k,
const gsk_buffer *encmpi,
#endif


+ 2
- 2
src/getopt.c View File

@ -75,7 +75,7 @@ this program. If not, see <http://www.gnu.org/licenses/>. */
/* This is for other GNU distributions with internationalized messages.
When compiling libc, the _ macro is predefined. */
#include "gettext.h"
#include "netpgp/gettext.h"
#define _(msgid) gettext (msgid)
@ -93,7 +93,7 @@ this program. If not, see <http://www.gnu.org/licenses/>. */
GNU application programs can use a third alternative mode in which
they can distinguish the relative order of options and other arguments. */
#include "getopt.h"
#include "netpgp/getopt.h"
/* For communication from `getopt' to the caller.
When `getopt' finds an option that takes an argument,


+ 1
- 1
src/getopt1.c View File

@ -18,7 +18,7 @@ this program. If not, see <http://www.gnu.org/licenses/>. */
#include <netpgp/config.h>
#include "getopt.h"
#include "netpgp/getopt.h"
#if !defined __STDC__ || !__STDC__
/* This is a separate conditional since some stdc systems


+ 3
- 15
src/gskssl_crypto.c View File

@ -1,6 +1,6 @@
#include <netpgp/config.h>
#ifdef HAVE_GSKSSL
#if defined(HAVE_GSKSSL) && !defined(HAVE_OPENSSL)
#ifdef HAVE_SYS_CDEFS_H
#include <sys/cdefs.h>
@ -736,13 +736,13 @@ pgp_rsa_private_check(const pgp_seckey_t *seckey)
return 1;
}
int pgp_dsa_private_check(const pgp_dsa_seckey_t *secdsa)
int pgp_dsa_private_check(const pgp_seckey_t *secdsa)
{
// TODO: Implement this
return 1;
}
int pgp_elgamal_private_check(const pgp_elgamal_seckey_t *seckey)
int pgp_elgamal_private_check(const pgp_seckey_t *seckey)
{
// TODO: Implement this
return 1;
@ -901,18 +901,6 @@ pgp_crypto_finish(void)
// CRYPTO_cleanup_all_ex_data();
}
/**
\ingroup Core_Hashes
\brief Get Hash name
\param hash Hash struct
\return Hash name
*/
const char *
pgp_text_from_hash(pgp_hash_t *hash)
{
return hash->name;
}
/**
\ingroup HighLevel_KeyGenerate
\brief Generates an RSA keypair


+ 1
- 1
src/gskssl_glue.c View File

@ -1,6 +1,6 @@
#include <netpgp/config.h>
#ifdef HAVE_GSKSSL
#if defined(HAVE_GSKSSL) && !defined(HAVE_OPENSSL)
#include <netpgp/gskssl_glue.h>


+ 1
- 2
src/misc.c View File

@ -416,8 +416,7 @@ pgp_fingerprint(pgp_fingerprint_t *fp, const pgp_pubkey_t *key, pgp_hash_alg_t h
if (key->alg != PGP_PKA_RSA &&
key->alg != PGP_PKA_RSA_ENCRYPT_ONLY &&
key->alg != PGP_PKA_RSA_SIGN_ONLY) {
(void) fprintf(stderr,
"pgp_fingerprint: bad algorithm\n");
(void) fprintf(stderr, "pgp_fingerprint: bad algorithm\n");
return 0;
}
pgp_hash_md5(&hash);


+ 0
- 19
src/netpgp.c View File

@ -26,17 +26,6 @@
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
/*
** Check to see if this machine uses EBCDIC. (Yes, believe it or
** not, there are still machines out there that use EBCDIC.)
*/
#if 'A' == '\301'
# define NETPGP_EBCDIC 1
#else
# define NETPGP_ASCII 1
#endif
#include <netpgp/config.h>
#ifdef HAVE_SYS_CDEFS_H
@ -98,13 +87,6 @@ __RCSID("$NetBSD$");
#include <netpgp/crypto.h>
#include <netpgp/defs.h>
#ifndef MIN
#define MIN(a,b) (((a)<(b))?(a):(b))
#endif
#ifndef MAX
#define MAX(a,b) (((a)>(b))?(a):(b))
#endif
/* read any gpg config file */
static int
conffile(netpgp_t *netpgp, char *homedir, char *userid, size_t length)
@ -735,4 +717,3 @@ string_to_uint(const char *str, uint8_t **fpr, size_t *length)
free(barr);
return 1;
}

+ 2
- 2
src/packet-parse.c View File

@ -3037,14 +3037,14 @@ parse_seckey(pgp_content_enum tag, pgp_region_t *region, pgp_stream_t *stream)
case PGP_PKA_DSA:
if (!limread_mpi(&pkt.u.seckey.key.dsa.x, region, stream) ||
!pgp_dsa_private_check(&pkt.u.seckey.key.dsa)) {
!pgp_dsa_private_check(&pkt.u.seckey)) {
ret = 0;
}
break;
case PGP_PKA_ELGAMAL:
if (!limread_mpi(&pkt.u.seckey.key.elgamal.x, region, stream) ||
!pgp_elgamal_private_check(&pkt.u.seckey.key.elgamal)) {
!pgp_elgamal_private_check(&pkt.u.seckey)) {
ret = 0;
}
break;


+ 0
- 25
src/reader.c View File

@ -48,16 +48,6 @@
*/
#include <netpgp/config.h>
/*
** Check to see if this machine uses EBCDIC. (Yes, believe it or
** not, there are still machines out there that use EBCDIC.)
*/
#if 'A' == '\301'
# define NETPGP_EBCDIC 1
#else
# define NETPGP_ASCII 1
#endif
#ifdef HAVE_SYS_CDEFS_H
#include <sys/cdefs.h>
#endif
@ -148,21 +138,6 @@ __RCSID("$NetBSD$");
#include <netpgp/netpgpdigest.h>
#include <netpgp/validate.h>
#ifndef MIN
#define MIN(a,b) (((a)<(b))?(a):(b))
#endif
#ifndef MAX
#define MAX(a,b) (((a)>(b))?(a):(b))
#endif
char A(char c)
{
#if defined(NETPGP_EBCDIC)
__e2a_l(&c,1);
#endif
return c;
}
/* get a pass phrase from the user */
int
pgp_getpassphrase(void *in, char *phrase, size_t size)


+ 2
- 3
src/signature.c View File

@ -152,7 +152,6 @@ rsa_sign(pgp_hash_t *hash,
const pgp_rsa_seckey_t *secrsa,
pgp_output_t *out)
{
printf("rsa_sign\n");
unsigned prefixsize;
unsigned expected;
unsigned hashsize;
@ -345,6 +344,8 @@ rsa_verify(pgp_hash_alg_t type,
if (n != keysize) {
/* obviously, this includes error returns */
(void) fprintf(stderr, "hashbuf size (%d) != hashsize (%d) \n",n,keysize);
hexdump(stderr, "hasbuf", hash, hash_length);
hexdump(stderr, "sigbuf", sigbuf, n);
return 0;
}
@ -802,8 +803,6 @@ pgp_write_sig(pgp_output_t *output,
const pgp_pubkey_t *key,
const pgp_seckey_t *seckey)
{
printf("pgp_write_sig\n");
unsigned ret = 0;
size_t len = pgp_mem_len(sig->mem);


+ 3
- 3
src/ssl_crypto.c View File

@ -40,9 +40,9 @@ pgp_rsa_new_selfsign_key(const int numbits,
{
pgp_key_t *keydata;
keydata = pgp_keydata_new();
if (!pgp_rsa_generate_keypair(keydata, numbits, e, hashalg, cipher,
(const uint8_t *) "", (const size_t) 0) ||
!pgp_add_selfsigned_userid(keydata, NULL, userid, 0 /*never expire*/)) {
if (!pgp_rsa_generate_keypair(keydata, numbits, e, hashalg, cipher, (const uint8_t *) "", (const size_t) 0) ||
!pgp_add_selfsigned_userid(keydata, NULL, userid, 0 /*never expire*/)
) {
pgp_keydata_free(keydata);
return NULL;
}


+ 1
- 1
src/symmetric_gskssl.c View File

@ -48,7 +48,7 @@
*/
#include <netpgp/config.h>
#ifdef HAVE_GSKSSL
#if defined(HAVE_GSKSSL) && !defined(HAVE_OPENSSL)
#ifdef HAVE_SYS_CDEFS_H
#include <sys/cdefs.h>


Loading…
Cancel
Save