Browse Source

z/OS support: Issues with parsing

Still tracking issues with reading the key ring after writing.
master
David Lanzendörfer 2 months ago
parent
commit
e4ac016f5d
13 changed files with 1816 additions and 1838 deletions
  1. +1
    -1
      include/netpgp/packet.h
  2. +2
    -0
      src/Makefile.am
  3. +13
    -66
      src/create.c
  4. +3
    -0
      src/crypto.c
  5. +1
    -32
      src/gskssl_crypto.c
  6. +65
    -58
      src/keyring.c
  7. +3
    -0
      src/misc.c
  8. +59
    -31
      src/openssl_crypto.c
  9. +28
    -77
      src/packet-parse.c
  10. +1583
    -1572
      src/reader.c
  11. +51
    -0
      src/ssl_crypto.c
  12. +5
    -1
      src/validate.c
  13. +2
    -0
      src/writer.c

+ 1
- 1
include/netpgp/packet.h View File

@ -1071,7 +1071,7 @@ struct pgp_key_t {
DYNARRAY(pgp_directsig_t, directsig); /* direct signatures */
DYNARRAY(char *, uid); /* array of user ids */
DYNARRAY(unsigned char *, uid); /* array of user ids */
DYNARRAY(pgp_uidsig_t, uidsig); /* array of signature for user ids */
/* TODO user attributes */


+ 2
- 0
src/Makefile.am View File

@ -14,6 +14,7 @@ libnetpgp_la_SOURCES = \
netpgp.c \
openssl_crypto.c \
gskssl_crypto.c \
ssl_crypto.c \
packet-parse.c \
packet-show.c \
reader.c \
@ -38,6 +39,7 @@ netpgp_SOURCES = \
netpgp.c \
openssl_crypto.c \
gskssl_crypto.c \
ssl_crypto.c \
packet-parse.c \
packet-show.c \
reader.c \


+ 13
- 66
src/create.c View File

@ -560,7 +560,7 @@ pgp_write_xfer_key(pgp_output_t *output,
pgp_directsig_t *directsigp;
unsigned uididx = 0;
unsigned uidsigidx = 0;
char **uidp;
unsigned char **uidp;
pgp_uidsig_t *uidsigp;
pgp_subkey_t *subkeyp;
unsigned subkeyidx = 0;
@ -679,30 +679,6 @@ pgp_write_xfer_seckey(pgp_output_t *output,
unsigned armoured)
*/
#ifdef HAVE_OPENSSL
/**
* \ingroup Core_WritePackets
* \brief Writes one RSA public key packet.
* \param t Creation time
* \param n RSA public modulus
* \param e RSA public encryption exponent
* \param output Writer settings
*
* \return 1 if OK, otherwise 0
*/
unsigned
pgp_write_rsa_pubkey(time_t t, const BIGNUM *n,
const BIGNUM *e,
pgp_output_t *output)
{
pgp_pubkey_t key;
pgp_fast_create_rsa_pubkey(&key, t, __UNCONST(n), __UNCONST(e));
return pgp_write_struct_pubkey(output, &key);
}
#endif
/**
* \ingroup Core_Create
* \param out
@ -726,45 +702,6 @@ pgp_build_pubkey(pgp_memory_t *out, const pgp_pubkey_t *key,
pgp_output_delete(output);
}
/**
* \ingroup Core_Create
*
* Create an RSA secret key structure. If a parameter is marked as
* [OPTIONAL], then it can be omitted and will be calculated from
* other params - or, in the case of e, will default to 0x10001.
*
* Parameters are _not_ copied, so will be freed if the structure is
* freed.
*
* \param key The key structure to be initialised.
* \param t
* \param d The RSA parameter d (=e^-1 mod (p-1)(q-1)) [OPTIONAL]
* \param p The RSA parameter p
* \param q The RSA parameter q (q > p)
* \param u The RSA parameter u (=p^-1 mod q) [OPTIONAL]
* \param n The RSA public parameter n (=p*q) [OPTIONAL]
* \param e The RSA public parameter e */
#ifdef HAVE_OPENSSL
void
pgp_fast_create_rsa_seckey(pgp_seckey_t *key, time_t t,
BIGNUM *d, BIGNUM *p, BIGNUM *q, BIGNUM *u,
BIGNUM *n, BIGNUM *e)
{
pgp_fast_create_rsa_pubkey(&key->pubkey, t, n, e);
/* XXX: calculate optionals */
key->key.rsa.d = d;
key->key.rsa.p = p;
key->key.rsa.q = q;
key->key.rsa.u = u;
key->s2k_usage = PGP_S2KU_NONE;
/* XXX: sanity check and add errors... */
}
#endif
/**
* \ingroup Core_WritePackets
* \brief Writes a Secret Key packet.
@ -969,14 +906,18 @@ unsigned
encode_m_buf(const uint8_t *M, size_t mLen, const pgp_pubkey_t * pubkey,
uint8_t *EM)
{
#ifdef HAVE_OPENSSL_BN_H
unsigned k;
unsigned i;
/* implementation of EME-PKCS1-v1_5-ENCODE, as defined in OpenPGP RFC */
switch (pubkey->alg) {
case PGP_PKA_RSA:
#ifdef HAVE_OPENSSL
k = (unsigned)BN_num_bytes(pubkey->key.rsa.n);
#endif
#ifdef HAVE_GSKSSL
k = (unsigned)pubkey->key.rsa.n.length;
#endif
if (mLen > k - 11) {
(void) fprintf(stderr, "encode_m_buf: message too long\n");
return 0;
@ -984,7 +925,12 @@ encode_m_buf(const uint8_t *M, size_t mLen, const pgp_pubkey_t * pubkey,
break;
case PGP_PKA_DSA:
case PGP_PKA_ELGAMAL:
#ifdef HAVE_OPENSSL
k = (unsigned)BN_num_bytes(pubkey->key.elgamal.p);
#endif
#ifdef HAVE_GSKSSL
k = pubkey->key.elgamal.p.length;
#endif
if (mLen > k - 11) {
(void) fprintf(stderr, "encode_m_buf: message too long\n");
return 0;
@ -1012,7 +958,6 @@ encode_m_buf(const uint8_t *M, size_t mLen, const pgp_pubkey_t * pubkey,
if (pgp_get_debug_level(__FILE__)) {
hexdump(stderr, "Encoded Message:", EM, mLen);
}
#endif
return 1;
}
@ -1034,6 +979,7 @@ pgp_create_pk_sesskey(pgp_key_t *key, const char *ciphername, pgp_pk_sesskey_t *
* Encryption used is PK,
* can be any, we're hardcoding RSA for now
*/
printf("%s\n",__FUNCTION__);
#ifdef HAVE_OPENSSL_BN_H
pgp_pubkey_t *pubkey;
pgp_pk_sesskey_t *sesskey;
@ -1176,6 +1122,7 @@ pgp_create_pk_sesskey(pgp_key_t *key, const char *ciphername, pgp_pk_sesskey_t *
unsigned
pgp_write_pk_sesskey(pgp_output_t *output, pgp_pk_sesskey_t *pksk)
{
printf("%s\n",__FUNCTION__);
#ifdef HAVE_OPENSSL_BN_H
/* XXX - Flexelint - Pointer parameter 'pksk' (line 1076) could be declared as pointing to const */
if (pksk == NULL) {


+ 3
- 0
src/crypto.c View File

@ -99,6 +99,7 @@ pgp_decrypt_decode_mpi(uint8_t *buf,
#endif
const pgp_seckey_t *seckey)
{
printf("%s\n",__FUNCTION__);
unsigned mpisize;
uint8_t encmpibuf[NETPGP_BUFSIZ];
uint8_t mpibuf[NETPGP_BUFSIZ];
@ -211,6 +212,7 @@ pgp_rsa_encrypt_mpi(const uint8_t *encoded_m_buf,
const pgp_pubkey_t * pubkey,
pgp_pk_sesskey_params_t * skp)
{
printf("%s\n",__FUNCTION__);
#ifdef HAVE_OPENSSL_BN_H
uint8_t encmpibuf[NETPGP_BUFSIZ];
int n;
@ -249,6 +251,7 @@ pgp_elgamal_encrypt_mpi(const uint8_t *encoded_m_buf,
const pgp_pubkey_t * pubkey,
pgp_pk_sesskey_params_t * skp)
{
printf("%s\n",__FUNCTION__);
#ifdef HAVE_OPENSSL_BN_H
uint8_t encmpibuf[NETPGP_BUFSIZ];
uint8_t g_to_k[NETPGP_BUFSIZ];


+ 1
- 32
src/gskssl_crypto.c View File

@ -435,7 +435,6 @@ pgp_rsa_private_encrypt(uint8_t *out,
const pgp_rsa_pubkey_t *pubkey)
{
printf("%s\n",__FUNCTION__);
int n = NETPGP_BUFSIZ;
CK_SESSION_HANDLE session;
CK_RV rv = CKR_OK;
CK_OBJECT_HANDLE key;
@ -492,7 +491,7 @@ pgp_rsa_private_encrypt(uint8_t *out,
fprintf(stderr, "C_Finalize: rv = 0x%.8X\n", rv);
}
return n;
return len;
}
@ -760,36 +759,6 @@ pgp_rsa_generate_keypair(pgp_key_t *keydata,
return res;
}
/**
\ingroup HighLevel_KeyGenerate
\brief Creates a self-signed RSA keypair
\param numbits Modulus size
\param e Public Exponent
\param userid User ID
\return The new keypair or NULL
\note It is the caller's responsibility to call pgp_keydata_free(keydata)
\sa pgp_rsa_generate_keypair()
\sa pgp_keydata_free()
*/
pgp_key_t *
pgp_rsa_new_selfsign_key(const int numbits,
const unsigned long e,
uint8_t *userid,
const char *hashalg,
const char *cipher)
{
pgp_key_t *keydata;
keydata = pgp_keydata_new();
if (!pgp_rsa_generate_keypair(keydata, numbits, e, hashalg, cipher,
(const uint8_t *) "", (const size_t) 0) ||
!pgp_add_selfsigned_userid(keydata, NULL, userid, 0 /*never expire*/)) {
pgp_keydata_free(keydata);
return NULL;
}
return keydata;
}
pgp_dsa_sig_t *
pgp_dsa_sign(uint8_t *hashbuf,
unsigned hashsize,


+ 65
- 58
src/keyring.c View File

@ -177,7 +177,9 @@ pgp_keydata_free(pgp_key_t *keydata)
free(keydata);
}
static unsigned siginfo_in_time(pgp_sig_info_t *siginfo){
static unsigned siginfo_in_time(pgp_sig_info_t *siginfo)
{
printf("%s...\n",__FUNCTION__);
time_t now;
now = time(NULL);
/* in sig validity time frame */
@ -198,6 +200,7 @@ pgp_key_find_uid_cond(
unsigned checkrevoke,
unsigned checkexpiry)
{
printf("%s...\n",__FUNCTION__);
unsigned uididx = 0;
unsigned uidsigidx = 0;
int32_t res = -1; /* Not found */
@ -273,6 +276,7 @@ pgp_key_find_key_conds(
unsigned checkrevoke,
unsigned checkexpiry)
{
printf("%s...\n",__FUNCTION__);
unsigned subkeyidx = 0;
unsigned subkeysigidx = 0;
unsigned directsigidx = 0;
@ -463,6 +467,7 @@ key_get_seckey_from_subidx(
static unsigned is_signing_role(const pgp_sig_info_t *siginfo, void *arg)
{
printf("%s...\n",__FUNCTION__);
return siginfo->key_flags & PGP_KEYFLAG_SIGN_DATA;
}
@ -486,6 +491,7 @@ pgp_key_get_certkey(pgp_key_t *key)
static unsigned is_encryption_role(const pgp_sig_info_t *siginfo, void *arg)
{
printf("%s...\n",__FUNCTION__);
return siginfo->key_flags & PGP_KEYFLAG_ENC_COMM;
}
@ -509,6 +515,7 @@ pgp_key_get_deckey(pgp_key_t *key, const uint8_t **id)
static unsigned primary_uid_sigcond(const pgp_sig_info_t *siginfo, void *arg)
{
printf("%s...\n",__FUNCTION__);
return siginfo->primary_userid;
}
@ -1496,6 +1503,7 @@ unsigned pgp_update_userid(
uidp = key->uids;
for (uididx = 0 ; uididx < key->uidc; uididx++, uidp++)
{
printf("%s: uid %s\n",__FUNCTION__,*uidp);
if (strcmp(*uidp, userid) == 0)
{
/* Found one. check for duplicate uidsig */
@ -1521,6 +1529,7 @@ unsigned pgp_update_userid(
uidp = &key->uids[key->uidc++];
*uidp = NULL;
pgp_copy_userid(uidp, userid);
printf("%s: uid %s\n",__FUNCTION__,*uidp);
}
/* Add uid sig info, pointing to that uid */
@ -1543,75 +1552,73 @@ unsigned pgp_update_subkey(
pgp_sig_info_t *siginfo)
{
printf("%s...\n",__FUNCTION__);
unsigned subkeyidx = 0;
unsigned subkeysigidx = 0;
pgp_subkey_t *subkeyp;
pgp_subkeysig_t *subkeysigp;
uint8_t subkeyid[PGP_KEY_ID_SIZE];
pgp_keyid(subkeyid, PGP_KEY_ID_SIZE,
(subkeytype == PGP_PTAG_CT_PUBLIC_KEY) ?
&subkey->pubkey:
&subkey->seckey.pubkey, PGP_HASH_SHA1);
/* Try to find identical subkey ID */
subkeyp = key->subkeys;
for (subkeyidx = 0 ; subkeyidx < key->subkeyc; subkeyidx++, subkeyp++)
unsigned subkeyidx = 0;
unsigned subkeysigidx = 0;
pgp_subkey_t *subkeyp;
pgp_subkeysig_t *subkeysigp;
uint8_t subkeyid[PGP_KEY_ID_SIZE];
pgp_keyid(subkeyid, PGP_KEY_ID_SIZE,
(subkeytype == PGP_PTAG_CT_PUBLIC_KEY) ?
&subkey->pubkey:
&subkey->seckey.pubkey, PGP_HASH_SHA1);
/* Try to find identical subkey ID */
subkeyp = key->subkeys;
for (subkeyidx = 0 ; subkeyidx < key->subkeyc; subkeyidx++, subkeyp++)
{
if(memcmp(subkeyid, subkeyp->id, PGP_KEY_ID_SIZE) == 0 )
{
if(memcmp(subkeyid, subkeyp->id, PGP_KEY_ID_SIZE) == 0 )
/* Found same subkey. Detect duplicate sig */
subkeysigp = key->subkeysigs;
for (subkeysigidx = 0 ; subkeysigidx < key->subkeysigc; subkeysigidx++, subkeysigp++)
{
/* Found same subkey. Detect duplicate sig */
subkeysigp = key->subkeysigs;
for (subkeysigidx = 0 ; subkeysigidx < key->subkeysigc;
subkeysigidx++, subkeysigp++)
if(subkeysigp->subkey == subkeyidx &&
subkeysigp->packet.length == sigpkt->length &&
memcmp(subkeysigp->packet.raw, sigpkt->raw,
sigpkt->length) == 0)
{
if(subkeysigp->subkey == subkeyidx &&
subkeysigp->packet.length == sigpkt->length &&
memcmp(subkeysigp->packet.raw, sigpkt->raw,
sigpkt->length) == 0)
{
/* signature already exists */
return 1;
}
/* signature already exists */
return 1;
}
break;
}
break;
}
}
/* Add a new one if none found */
if(subkeyidx==key->subkeyc){
if(subkeytype == PGP_PTAG_CT_PUBLIC_KEY &&
key->type != PGP_PTAG_CT_PUBLIC_KEY){
/* cannot create secret subkey from public */
/* and may not insert public subkey in seckey */
return 1;
}
/* Add a new one if none found */
if(subkeyidx==key->subkeyc){
if(subkeytype == PGP_PTAG_CT_PUBLIC_KEY &&
key->type != PGP_PTAG_CT_PUBLIC_KEY){
/* cannot create secret subkey from public */
/* and may not insert public subkey in seckey */
return 1;
}
EXPAND_ARRAY(key, subkey);
subkeyp = &key->subkeys[key->subkeyc++];
/* copy subkey material */
if(key->type == PGP_PTAG_CT_PUBLIC_KEY) {
pgp_pubkey_dup(&subkeyp->key.pubkey,
(subkeytype == PGP_PTAG_CT_PUBLIC_KEY) ?
&subkey->pubkey:
&subkey->seckey.pubkey);
} else {
pgp_seckey_dup(&subkeyp->key.seckey, &subkey->seckey);
}
EXPAND_ARRAY(key, subkey);
subkeyp = &key->subkeys[key->subkeyc++];
/* copy subkey material */
if(key->type == PGP_PTAG_CT_PUBLIC_KEY) {
pgp_pubkey_dup(&subkeyp->key.pubkey,
(subkeytype == PGP_PTAG_CT_PUBLIC_KEY) ?
&subkey->pubkey:
&subkey->seckey.pubkey);
} else {
pgp_seckey_dup(&subkeyp->key.seckey, &subkey->seckey);
}
/* copy subkeyID */
memcpy(subkeyp->id, subkeyid, PGP_KEY_ID_SIZE);
}
}
/* Add subkey sig info, pointing to that subkey */
EXPAND_ARRAY(key, subkeysig);
subkeysigp = &key->subkeysigs[key->subkeysigc++];
subkeysigp->subkey = subkeyidx;
/* Add subkey sig info, pointing to that subkey */
EXPAND_ARRAY(key, subkeysig);
subkeysigp = &key->subkeysigs[key->subkeysigc++];
subkeysigp->subkey = subkeyidx;
/* store sig info and packet */
copy_sig_info(&subkeysigp->siginfo, siginfo);
pgp_copy_packet(&subkeysigp->packet, sigpkt);
/* store sig info and packet */
copy_sig_info(&subkeysigp->siginfo, siginfo);
pgp_copy_packet(&subkeysigp->packet, sigpkt);
return 0;
return 0;
}
/* append one keyring to another */


+ 3
- 0
src/misc.c View File

@ -1173,6 +1173,7 @@ pgp_set_debug_level(const char *f)
int
pgp_get_debug_level(const char *f)
{
#if 0
const char *name;
int i;
@ -1188,6 +1189,8 @@ pgp_get_debug_level(const char *f)
}
}
return 0;
#endif
return 1;
}
/* return the version for the library */


+ 59
- 31
src/openssl_crypto.c View File

@ -843,37 +843,6 @@ pgp_rsa_generate_keypair(pgp_key_t *keydata,
return 1;
}
/**
\ingroup HighLevel_KeyGenerate
\brief Creates a self-signed RSA keypair
\param numbits Modulus size
\param e Public Exponent
\param userid User ID
\return The new keypair or NULL
\note It is the caller's responsibility to call pgp_keydata_free(keydata)
\sa pgp_rsa_generate_keypair()
\sa pgp_keydata_free()
*/
pgp_key_t *
pgp_rsa_new_selfsign_key(const int numbits,
const unsigned long e,
uint8_t *userid,
const char *hashalg,
const char *cipher)
{
pgp_key_t *keydata;
keydata = pgp_keydata_new();
if (!pgp_rsa_generate_keypair(keydata, numbits, e, hashalg, cipher,
(const uint8_t *) "", (const size_t) 0) ||
!pgp_add_selfsigned_userid(keydata, NULL, userid, 0 /*never expire*/)) {
pgp_keydata_free(keydata);
return NULL;
}
return keydata;
}
pgp_dsa_sig_t *
pgp_dsa_sign(uint8_t *hashbuf,
unsigned hashsize,
@ -1085,4 +1054,63 @@ done:
return ret;
}
/**
* \ingroup Core_WritePackets
* \brief Writes one RSA public key packet.
* \param t Creation time
* \param n RSA public modulus
* \param e RSA public encryption exponent
* \param output Writer settings
*
* \return 1 if OK, otherwise 0
*/
unsigned
pgp_write_rsa_pubkey(time_t t, const BIGNUM *n,
const BIGNUM *e,
pgp_output_t *output)
{
pgp_pubkey_t key;
pgp_fast_create_rsa_pubkey(&key, t, __UNCONST(n), __UNCONST(e));
return pgp_write_struct_pubkey(output, &key);
}
/**
* \ingroup Core_Create
*
* Create an RSA secret key structure. If a parameter is marked as
* [OPTIONAL], then it can be omitted and will be calculated from
* other params - or, in the case of e, will default to 0x10001.
*
* Parameters are _not_ copied, so will be freed if the structure is
* freed.
*
* \param key The key structure to be initialised.
* \param t
* \param d The RSA parameter d (=e^-1 mod (p-1)(q-1)) [OPTIONAL]
* \param p The RSA parameter p
* \param q The RSA parameter q (q > p)
* \param u The RSA parameter u (=p^-1 mod q) [OPTIONAL]
* \param n The RSA public parameter n (=p*q) [OPTIONAL]
* \param e The RSA public parameter e */
void
pgp_fast_create_rsa_seckey(pgp_seckey_t *key, time_t t,
BIGNUM *d, BIGNUM *p, BIGNUM *q, BIGNUM *u,
BIGNUM *n, BIGNUM *e)
{
pgp_fast_create_rsa_pubkey(&key->pubkey, t, n, e);
/* XXX: calculate optionals */
key->key.rsa.d = d;
key->key.rsa.p = p;
key->key.rsa.q = q;
key->key.rsa.u = u;
key->s2k_usage = PGP_S2KU_NONE;
/* XXX: sanity check and add errors... */
}
#endif

+ 28
- 77
src/packet-parse.c View File

@ -208,6 +208,7 @@ read_partial_data(pgp_stream_t *stream,
pgp_reader_t *readinfo,
void *dest, size_t length)
{
printf("%s\n",__FUNCTION__);
unsigned n;
if (pgp_get_debug_level(__FILE__)) {
@ -259,6 +260,7 @@ static int
sub_base_read(pgp_stream_t *stream, void *dest, size_t length, pgp_error_t **errors,
pgp_reader_t *readinfo, pgp_cbdata_t *cbinfo)
{
printf("%s\n",__FUNCTION__);
size_t n;
/* reading more than this would look like an error */
@ -271,9 +273,8 @@ sub_base_read(pgp_stream_t *stream, void *dest, size_t length, pgp_error_t **err
if (!readinfo->coalescing && readinfo->virtualc && readinfo->virtualoff < readinfo->virtualc) {
r = read_partial_data(stream, readinfo, (char*) dest + n, length - n);
}else{
r = readinfo->reader(stream, (char *) dest + n,
length - n, errors,
readinfo, cbinfo);
printf("%s miau\n",__FUNCTION__);
r = readinfo->reader(stream, (char *) dest + n, length - n, errors, readinfo, cbinfo);
}
if (r > (int)(length - n)) {
(void) fprintf(stderr, "sub_base_read: bad read\n");
@ -312,8 +313,7 @@ sub_base_read(pgp_stream_t *stream, void *dest, size_t length, pgp_error_t **err
(void) fprintf(stderr, "sub_base_read: bad realloc\n");
return 0;
}
(void) memcpy(readinfo->accumulated + readinfo->alength, dest,
n);
(void) memcpy(readinfo->accumulated + readinfo->alength, dest, n);
}
/* we track length anyway, because it is used for packet offsets */
readinfo->alength += (unsigned)n;
@ -350,23 +350,20 @@ full_read(pgp_stream_t *stream, uint8_t *dest,
pgp_error_t **errors,
pgp_reader_t *readinfo,
pgp_cbdata_t *cbinfo)
{
{
printf("%s\n",__FUNCTION__);
size_t t;
int r = 0; /* preset in case some loon calls with length
* == 0 */
* == 0 */
for (t = 0; t < length;) {
r = sub_base_read(stream, dest + t, length - t, errors, readinfo,
cbinfo);
r = sub_base_read(stream, dest + t, length - t, errors, readinfo, cbinfo);
if (r <= 0) {
*last_read = r;
return t;
}
t += (size_t)r;
}
*last_read = r;
return t;
}
@ -443,6 +440,7 @@ pgp_limited_read(pgp_stream_t *stream, uint8_t *dest,
pgp_reader_t *readinfo,
pgp_cbdata_t *cbinfo)
{
printf("%s\n",__FUNCTION__);
size_t r;
int lr;
@ -492,8 +490,8 @@ static unsigned
limread(uint8_t *dest, unsigned length,
pgp_region_t *region, pgp_stream_t *info)
{
return pgp_limited_read(info, dest, length, region, &info->errors,
&info->readinfo, &info->cbinfo);
printf("%s\n",__FUNCTION__);
return pgp_limited_read(info, dest, length, region, &info->errors, &info->readinfo, &info->cbinfo);
}
#if 0
@ -643,6 +641,7 @@ static int
limited_read_time(time_t *dest, pgp_region_t *region,
pgp_stream_t *stream)
{
printf("%s\n",__FUNCTION__);
uint8_t c;
time_t mytime = 0;
int i;
@ -696,6 +695,7 @@ limread_mpi(BIGNUM **pbn, pgp_region_t *region, pgp_stream_t *stream)
limread_mpi(gsk_buffer *pbn, pgp_region_t *region, pgp_stream_t *stream)
#endif
{
printf("%s\n",__FUNCTION__);
uint8_t buf[NETPGP_BUFSIZ] = "";
/* an MPI has a 2 byte length part.
* Length is given in bits, so the
@ -866,6 +866,7 @@ static int
limited_read_new_length(unsigned *length, pgp_region_t *region,
pgp_stream_t *stream)
{
printf("%s\n",__FUNCTION__);
uint8_t c = 0x0;
pgp_reader_t *readinfo = &stream->readinfo;
@ -1025,7 +1026,8 @@ copy_sig_info(pgp_sig_info_t *dst, const pgp_sig_info_t *src)
(void) memcpy(dst, src, sizeof(*src));
printf("%s: src->v4_hashlen %d\n",__FUNCTION__,src->v4_hashlen);
if ((dst->v4_hashed = calloc(1, src->v4_hashlen)) == NULL) {
//if ((dst->v4_hashed = calloc(1, src->v4_hashlen)) == NULL) {
if ((dst->v4_hashed = calloc(1, 20)) == NULL) {
(void) fprintf(stderr, "copy_sig_info: bad alloc\n");
} else {
(void) memcpy(dst->v4_hashed, src->v4_hashed, src->v4_hashlen);
@ -1403,6 +1405,7 @@ static int
parse_pubkey_data(pgp_pubkey_t *key, pgp_region_t *region,
pgp_stream_t *stream)
{
printf("%s\n",__FUNCTION__);
uint8_t c = 0x0;
if (region->readc != 0) {
@ -1498,6 +1501,7 @@ static int
parse_pubkey(pgp_content_enum tag, pgp_region_t *region,
pgp_stream_t *stream)
{
printf("%s\n",__FUNCTION__);
pgp_packet_t pkt;
if (!parse_pubkey_data(&pkt.u.pubkey, region, stream)) {
@ -2071,6 +2075,7 @@ parse_sig_subpkts(pgp_sig_t *sig,
pgp_region_t *region,
pgp_stream_t *stream)
{
printf("%s\n",__FUNCTION__);
pgp_region_t subregion;
pgp_packet_t pkt;
@ -2118,6 +2123,7 @@ parse_sig_subpkts(pgp_sig_t *sig,
static int
parse_v4_sig(pgp_region_t *region, pgp_stream_t *stream)
{
printf("%s\n",__FUNCTION__);
pgp_packet_t pkt;
uint8_t c = 0x0;
@ -2302,6 +2308,7 @@ error_unalloc_v4_hashed:
static int
parse_sig(pgp_region_t *region, pgp_stream_t *stream)
{
printf("%s\n",__FUNCTION__);
pgp_packet_t pkt;
uint8_t c = 0x0;
@ -2333,6 +2340,7 @@ parse_sig(pgp_region_t *region, pgp_stream_t *stream)
static int
parse_compressed(pgp_region_t *region, pgp_stream_t *stream)
{
printf("%s\n",__FUNCTION__);
pgp_packet_t pkt;
uint8_t c = 0x0;
@ -2387,6 +2395,7 @@ parse_hash_init(pgp_stream_t *stream, pgp_hash_alg_t type,
static int
parse_one_pass(pgp_region_t * region, pgp_stream_t * stream)
{
printf("%s\n",__FUNCTION__);
pgp_packet_t pkt;
uint8_t c = 0x0;
@ -2465,6 +2474,7 @@ parse_hash_data(pgp_stream_t *stream, const void *data,
static int
parse_litdata(pgp_region_t *region, pgp_stream_t *stream)
{
printf("%s\n",__FUNCTION__);
pgp_memory_t *mem;
pgp_packet_t pkt;
uint8_t c = 0x0;
@ -2618,6 +2628,7 @@ consume_packet(pgp_region_t *region, pgp_stream_t *stream, unsigned warn)
static int
parse_seckey(pgp_content_enum tag, pgp_region_t *region, pgp_stream_t *stream)
{
printf("%s\n",__FUNCTION__);
pgp_packet_t pkt;
pgp_region_t encregion;
pgp_region_t *saved_region = NULL;
@ -3001,6 +3012,7 @@ static int
parse_pk_sesskey(pgp_region_t *region,
pgp_stream_t *stream)
{
printf("%s\n",__FUNCTION__);
const pgp_seckey_t *secret;
pgp_packet_t sesskey;
pgp_packet_t pkt;
@ -3176,68 +3188,6 @@ parse_pk_sesskey(pgp_region_t *region,
return 1;
}
#if 0
static int
decrypt_se_data(pgp_content_enum tag, pgp_region_t *region,
pgp_stream_t *stream)
{
pgp_crypt_t *decrypt;
const int printerrors = 1;
int r = 1;
decrypt = pgp_get_decrypt(stream);
if (decrypt) {
pgp_region_t encregion;
unsigned b = (unsigned)decrypt->blocksize;
uint8_t buf[PGP_MAX_BLOCK_SIZE + 2] = "";
pgp_reader_push_decrypt(stream, decrypt, region);
pgp_init_subregion(&encregion, NULL);
encregion.length = b + 2;
if (!exact_limread(buf, b + 2, &encregion, stream)) {
return 0;
}
if (buf[b - 2] != buf[b] || buf[b - 1] != buf[b + 1]) {
pgp_reader_pop_decrypt(stream);
PGP_ERROR_4(&stream->errors,
PGP_E_PROTO_BAD_SYMMETRIC_DECRYPT,
"Bad symmetric decrypt (%02x%02x vs %02x%02x)",
buf[b - 2], buf[b - 1], buf[b], buf[b + 1]);
return 0;
}
if (tag == PGP_PTAG_CT_SE_DATA_BODY) {
decrypt->decrypt_resync(decrypt);
decrypt->block_encrypt(decrypt, decrypt->civ,
decrypt->civ);
}
r = pgp_parse(stream, !printerrors);
pgp_reader_pop_decrypt(stream);
} else {
pgp_packet_t pkt;
while (region->readc < region->length) {
unsigned len;
len = region->length - region->readc;
if (len > sizeof(pkt.u.se_data_body.data))
len = sizeof(pkt.u.se_data_body.data);
if (!limread(pkt.u.se_data_body.data, len,
region, stream)) {
return 0;
}
pkt.u.se_data_body.length = len;
CALLBACK(tag, &stream->cbinfo, &pkt);
}
}
return r;
}
#endif
static int
decrypt_se_ip_data(pgp_content_enum tag, pgp_region_t *region,
pgp_stream_t *stream)
@ -3377,6 +3327,7 @@ parse_mdc(pgp_region_t *region, pgp_stream_t *stream)
static int
parse_packet(pgp_stream_t *stream, uint32_t *pktlen)
{
printf("%s\n",__FUNCTION__);
pgp_packet_t pkt;
pgp_region_t region;
uint8_t ptag;


+ 1583
- 1572
src/reader.c
File diff suppressed because it is too large
View File


+ 51
- 0
src/ssl_crypto.c View File

@ -0,0 +1,51 @@
#include "config.h"
#ifdef HAVE_SYS_CDEFS_H
#include <sys/cdefs.h>
#endif
#include <stdlib.h>
#include <string.h>
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
#include "crypto.h"
#include "keyring.h"
#include "readerwriter.h"
#include "netpgpdefs.h"
#include "netpgpdigest.h"
#include "packet.h"
/**
\ingroup HighLevel_KeyGenerate
\brief Creates a self-signed RSA keypair
\param numbits Modulus size
\param e Public Exponent
\param userid User ID
\return The new keypair or NULL
\note It is the caller's responsibility to call pgp_keydata_free(keydata)
\sa pgp_rsa_generate_keypair()
\sa pgp_keydata_free()
*/
pgp_key_t *
pgp_rsa_new_selfsign_key(const int numbits,
const unsigned long e,
uint8_t *userid,
const char *hashalg,
const char *cipher)
{
pgp_key_t *keydata;
keydata = pgp_keydata_new();
if (!pgp_rsa_generate_keypair(keydata, numbits, e, hashalg, cipher,
(const uint8_t *) "", (const size_t) 0) ||
!pgp_add_selfsigned_userid(keydata, NULL, userid, 0 /*never expire*/)) {
pgp_keydata_free(keydata);
return NULL;
}
return keydata;
}

+ 5
- 1
src/validate.c View File

@ -141,6 +141,7 @@ static int
add_sig_to_list(const pgp_sig_info_t *sig, pgp_sig_info_t **sigs,
unsigned *count)
{
printf("%s\n",__FUNCTION__);
pgp_sig_info_t *newsigs;
if (*count == 0) {
@ -252,7 +253,7 @@ static void validate_key_cb_free (validate_key_cb_t *vdata){
pgp_cb_ret_t
pgp_validate_key_cb(const pgp_packet_t *pkt, pgp_cbdata_t *cbinfo)
{
printf("%s...\n",__FUNCTION__);
printf("%s\n",__FUNCTION__);
const pgp_contents_t *content = &pkt->u;
validate_key_cb_t *vdata;
pgp_error_t **errors;
@ -533,6 +534,7 @@ pgp_validate_key_cb(const pgp_packet_t *pkt, pgp_cbdata_t *cbinfo)
pgp_cb_ret_t
validate_data_cb(const pgp_packet_t *pkt, pgp_cbdata_t *cbinfo)
{
printf("%s\n",__FUNCTION__);
const pgp_contents_t *content = &pkt->u;
pgp_key_t *signer;
validate_data_cb_t *data;
@ -848,6 +850,7 @@ pgp_filter_keys_fileread(
const unsigned armour,
const char *filename)
{
printf("%s\n",__FUNCTION__);
pgp_stream_t *stream;
validate_key_cb_t vdata;
key_filter_cb_t filter;
@ -908,6 +911,7 @@ pgp_filter_keys_from_mem(
const unsigned armour,
pgp_memory_t *mem)
{
printf("%s\n",__FUNCTION__);
pgp_stream_t *stream;
validate_key_cb_t vdata;
key_filter_cb_t filter;


+ 2
- 0
src/writer.c View File

@ -1266,6 +1266,8 @@ fd_writer(const uint8_t *src, unsigned len,
writerfd = pgp_writer_get_arg(writer);
n = (int)write(writerfd->fd, src, len);
hexdump(stderr, "fd_writer", src, len);
if (n == -1) {
PGP_SYSTEM_ERROR_1(errors, PGP_E_W_WRITE_FAILED, "write",
"file descriptor %d", writerfd->fd);


Loading…
Cancel
Save