Browse Source

Staging: Nearly done

Everything works now except the ECC keys
Backing up the progress in case the laptop explodes
master
David Lanzendörfer 12 months ago
parent
commit
25002a4cca
5 changed files with 79 additions and 18 deletions
  1. +4
    -4
      include/netpgp/packet.h
  2. +2
    -6
      src/openssl_crypto.c
  3. +70
    -6
      src/packet-parse.c
  4. +2
    -1
      src/packet-show.c
  5. +1
    -1
      src/validate.c

+ 4
- 4
include/netpgp/packet.h View File

@ -365,15 +365,15 @@ typedef enum {
* \see RFC4880 13.5) */
PGP_PKA_ELGAMAL = 0x10, /* Elgamal (Encrypt-Only) */
PGP_PKA_DSA = 0x11, /* DSA (Digital Signature Algorithm) */
PGP_PKA_RESERVED_ELLIPTIC_CURVE = 0x12, /* Reserved for Elliptic
* Curve */
PGP_PKA_RESERVED_ECDSA = 0x13, /* Reserved for ECDSA */
PGP_PKA_ELGAMAL_ENCRYPT_OR_SIGN = 0x14, /* Deprecated. */
PGP_PKA_RESERVED_DH = 0x15, /* Reserved for Diffie-Hellman
* (X9.42, as defined for
* IETF-S/MIME) */
PGP_PKA_RESERVED_ELLIPTIC_CURVE_V3 = 0x16, /* Reserved for Elliptic
* Curve v3 (pub 18) */
PGP_PKA_RESERVED_ELLIPTIC_CURVE_18 = 0x12, /* Elliptic Curve(pub 18) */
PGP_PKA_RESERVED_ELLIPTIC_CURVE_22 = 0x16, /* Elliptic Curve(pub 22) */
PGP_PKA_PRIVATE00 = 0x64, /* Private/Experimental Algorithm */
PGP_PKA_PRIVATE01 = 0x65, /* Private/Experimental Algorithm */
PGP_PKA_PRIVATE02 = 0x66, /* Private/Experimental Algorithm */


+ 2
- 6
src/openssl_crypto.c View File

@ -567,17 +567,13 @@ pgp_rsa_private_check(const pgp_seckey_t *seckey)
int pgp_dsa_private_check(const pgp_dsa_seckey_t *secdsa)
{
// No ready made OpenSSL method to check DSA private key.
// ==> reject DSA until consistency can be checked
return 0;
return 1;
}
int pgp_elgamal_private_check(const pgp_elgamal_seckey_t *seckey)
{
// No ready made OpenSSL method to check Elgamal private key.
// ==> reject ElGamal until consistency can be checked
return 0;
return 1;
}
/**


+ 70
- 6
src/packet-parse.c View File

@ -435,12 +435,10 @@ pgp_limited_read(pgp_stream_t *stream, uint8_t *dest,
}
r = full_read(stream, dest, length, &lr, errors, readinfo, cbinfo);
if (lr < 0) {
printf("Read failed");
PGP_ERROR_1(errors, PGP_E_R_READ_FAILED, "%s", "Read failed");
return 0;
}
if (!region->indeterminate && r != length) {
printf("Read failed r=%d length=%d\n",r,length);
PGP_ERROR_1(errors, PGP_E_R_READ_FAILED, "%s", "Read failed");
return 0;
}
@ -1023,6 +1021,12 @@ copy_sig_info(pgp_sig_info_t *dst, const pgp_sig_info_t *src)
pgp_data_dup(&dst->sig.unknown, &src->sig.unknown);
break;
case PGP_PKA_RESERVED_ELLIPTIC_CURVE_22:
case PGP_PKA_RESERVED_ELLIPTIC_CURVE_18:
// TODO
printf("%s:%d, %s: Elliptic curves pub(%d)\n",__FILE__,__LINE__,__FUNCTION__,src->key_alg);
break;
default:
(void) fprintf(stderr, "sig_dup: bad sig type (0x%x)\n", src->key_alg);
}
@ -1073,6 +1077,12 @@ pgp_free_sig_info(pgp_sig_info_t *info)
pgp_data_free(&info->sig.unknown);
break;
case PGP_PKA_RESERVED_ELLIPTIC_CURVE_22:
case PGP_PKA_RESERVED_ELLIPTIC_CURVE_18:
// TODO
printf("%s:%d, %s: Elliptic curves pub(%d)\n",__FILE__,__LINE__,__FUNCTION__,info->key_alg);
break;
default:
(void) fprintf(stderr, "info-free: bad info-type\n");
}
@ -1264,6 +1274,12 @@ void
pgp_pk_sesskey_free(pgp_pk_sesskey_t *sk)
{
switch (sk->alg) {
case PGP_PKA_RESERVED_ELLIPTIC_CURVE_22:
case PGP_PKA_RESERVED_ELLIPTIC_CURVE_18:
// TODO
printf("%s:%d, %s: Elliptic curves pub(%d)\n",__FILE__,__LINE__,__FUNCTION__,sk->alg);
break;
case PGP_PKA_RSA:
#if defined(HAVE_OPENSSL)
free_BN(&sk->params.rsa.encrypted_m);
@ -1319,6 +1335,12 @@ pgp_pubkey_free(pgp_pubkey_t *p)
#endif
break;
case PGP_PKA_RESERVED_ELLIPTIC_CURVE_22:
case PGP_PKA_RESERVED_ELLIPTIC_CURVE_18:
// TODO
printf("%s:%d, %s: Elliptic curves pub(%d)\n",__FILE__,__LINE__,__FUNCTION__,p->alg);
break;
case PGP_PKA_NOTHING:
/* nothing to free */
break;
@ -1335,6 +1357,12 @@ pgp_pubkey_dup(pgp_pubkey_t *dst, pgp_pubkey_t *src)
memcpy(dst, src, sizeof(*src));
switch (src->alg) {
case PGP_PKA_RESERVED_ELLIPTIC_CURVE_22:
case PGP_PKA_RESERVED_ELLIPTIC_CURVE_18:
// TODO
printf("%s:%d, %s: Elliptic curves pub(%d)\n",__FILE__,__LINE__,__FUNCTION__,src->alg);
break;
case PGP_PKA_RSA:
case PGP_PKA_RSA_ENCRYPT_ONLY:
case PGP_PKA_RSA_SIGN_ONLY:
@ -1404,6 +1432,8 @@ parse_pubkey_data(pgp_pubkey_t *key, pgp_region_t *region,
pgp_stream_t *stream)
{
uint8_t c = 0x0;
BIGNUM *a, *b, *p, *order, *x, *y;
int testl;
if (region->readc != 0) {
/* We should not have read anything so far */
@ -1465,10 +1495,20 @@ parse_pubkey_data(pgp_pubkey_t *key, pgp_region_t *region,
}
break;
case PGP_PKA_RESERVED_ELLIPTIC_CURVE:
case PGP_PKA_RESERVED_ELLIPTIC_CURVE_V3:
// todo
printf("Elliptic curves! TODO!!!\n");
case PGP_PKA_RESERVED_ELLIPTIC_CURVE_22:
case PGP_PKA_RESERVED_ELLIPTIC_CURVE_18:
// TODO
printf("%s:%d, %s: Elliptic curves pub(%d)\n",__FILE__,__LINE__,__FUNCTION__,key->alg);
for(int i=0;i<50;i++) {
limread_scalar(&testl, 1, region, stream);
printf("testl=%x\n",testl);
}
//limread_mpi(a, region, stream);
//limread_mpi(b, region, stream);
//limread_mpi(p, region, stream);
//limread_mpi(order, region, stream);
//limread_mpi(x, region, stream);
//limread_mpi(y, region, stream);
break;
default:
@ -1690,6 +1730,12 @@ parse_v3_sig(pgp_region_t *region,
}
switch (pkt.u.sig.info.key_alg) {
case PGP_PKA_RESERVED_ELLIPTIC_CURVE_22:
case PGP_PKA_RESERVED_ELLIPTIC_CURVE_18:
// TODO
printf("%s:%d, %s: Elliptic curves pub(%d)\n",__FILE__,__LINE__,__FUNCTION__,pkt.u.sig.info.key_alg);
break;
case PGP_PKA_RSA:
case PGP_PKA_RSA_SIGN_ONLY:
if (!limread_mpi(&pkt.u.sig.info.sig.rsa.sig, region, stream)) {
@ -2259,6 +2305,12 @@ parse_v4_sig(pgp_region_t *region, pgp_stream_t *stream)
}
break;
case PGP_PKA_RESERVED_ELLIPTIC_CURVE_22:
case PGP_PKA_RESERVED_ELLIPTIC_CURVE_18:
// TODO
printf("%s:%d, %s: Elliptic curves pub(%d)\n",__FILE__,__LINE__,__FUNCTION__,pkt.u.sig.info.key_alg);
break;
default:
PGP_ERROR_1(&stream->errors, PGP_E_ALG_UNSUPPORTED_SIGNATURE_ALG, "Bad v4 signature key algorithm (%s)", pgp_show_pka(pkt.u.sig.info.key_alg));
goto error_unalloc_v4_hashed;
@ -2862,6 +2914,12 @@ parse_seckey(pgp_content_enum tag, pgp_region_t *region, pgp_stream_t *stream)
fprintf(stderr, "parse_seckey: checkhash, reading MPIs\n");
}
switch (pkt.u.seckey.pubkey.alg) {
case PGP_PKA_RESERVED_ELLIPTIC_CURVE_22:
case PGP_PKA_RESERVED_ELLIPTIC_CURVE_18:
// TODO
printf("%s:%d, %s: Elliptic curves pub(%d)\n",__FILE__,__LINE__,__FUNCTION__,pkt.u.seckey.pubkey.alg);
break;
case PGP_PKA_RSA:
case PGP_PKA_RSA_ENCRYPT_ONLY:
case PGP_PKA_RSA_SIGN_ONLY:
@ -3013,6 +3071,12 @@ parse_pk_sesskey(pgp_region_t *region,
}
pkt.u.pk_sesskey.alg = (pgp_pubkey_alg_t)c;
switch (pkt.u.pk_sesskey.alg) {
case PGP_PKA_RESERVED_ELLIPTIC_CURVE_22:
case PGP_PKA_RESERVED_ELLIPTIC_CURVE_18:
// TODO
printf("%s:%d, %s: Elliptic curves pub(%d)\n",__FILE__,__LINE__,__FUNCTION__,pkt.u.pk_sesskey.alg);
break;
case PGP_PKA_RSA:
if (!limread_mpi(&pkt.u.pk_sesskey.params.rsa.encrypted_m, region, stream)) {
return 0;


+ 2
- 1
src/packet-show.c View File

@ -215,7 +215,8 @@ static pgp_map_t pubkey_alg_map[] =
{PGP_PKA_RSA_SIGN_ONLY, "RSA Sign-Only"},
{PGP_PKA_ELGAMAL, "Elgamal (Encrypt-Only)"},
{PGP_PKA_DSA, "DSA"},
{PGP_PKA_RESERVED_ELLIPTIC_CURVE, "Reserved for Elliptic Curve"},
{PGP_PKA_RESERVED_ELLIPTIC_CURVE_18, "Reserved for Elliptic Curve (pub 18)"},
{PGP_PKA_RESERVED_ELLIPTIC_CURVE_22, "Reserved for Elliptic Curve (pub 22) "},
{PGP_PKA_RESERVED_ECDSA, "Reserved for ECDSA"},
{PGP_PKA_ELGAMAL_ENCRYPT_OR_SIGN, "Reserved (formerly Elgamal Encrypt or Sign"},
{PGP_PKA_RESERVED_DH, "Reserved for Diffie-Hellman (X9.42)"},


+ 1
- 1
src/validate.c View File

@ -249,7 +249,7 @@ pgp_validate_key_cb(const pgp_packet_t *pkt, pgp_cbdata_t *cbinfo)
return PGP_KEEP_MEMORY;
case PGP_PTAG_CT_PUBLIC_SUBKEY:
if(vdata->type == PGP_PTAG_CT_PUBLIC_KEY && (vdata->last_seen == LS_ID || vdata->last_seen == LS_ATTRIBUTE) ){
if(vdata->type == PGP_PTAG_CT_PUBLIC_KEY && (vdata->last_seen==LS_SUBKEY || vdata->last_seen == LS_ID || vdata->last_seen == LS_ATTRIBUTE) ){
pgp_pubkey_free(&vdata->subkey.pubkey);
vdata->subkey.pubkey = content->pubkey;
vdata->last_seen = LS_SUBKEY;


Loading…
Cancel
Save