#endif
#include "sha1x.h"
-int check_packet_sighash(struct openpgp_publickey *key,
+onak_status_t calculate_packet_sighash(struct openpgp_publickey *key,
struct openpgp_packet *packet,
- struct openpgp_packet *sig)
+ struct openpgp_packet *sig,
+ uint8_t *hashtype,
+ uint8_t *hash,
+ uint8_t **sighash)
{
- uint8_t hashtype;
- uint8_t *sighash;
size_t siglen, unhashedlen;
struct sha1_ctx sha1_context;
struct sha1x_ctx sha1x_context;
struct sha384_ctx sha384_context;
struct sha512_ctx sha512_context;
#endif
- uint8_t keyheader[3];
+ uint8_t keyheader[5];
uint8_t packetheader[5];
- uint8_t v4trailer[6];
- uint8_t hash[64];
+ uint8_t trailer[10];
uint8_t *hashdata[8];
size_t hashlen[8];
int chunks, i;
uint64_t keyid;
onak_status_t res;
- keyheader[0] = 0x99;
- keyheader[1] = key->publickey->length >> 8;
- keyheader[2] = key->publickey->length & 0xFF;
- hashdata[0] = keyheader;
- hashlen[0] = 3;
- hashdata[1] = key->publickey->data;
- hashlen[1] = key->publickey->length;
- chunks = 2;
-
switch (sig->data[0]) {
case 2:
case 3:
- hashtype = sig->data[16];
+ keyheader[0] = 0x99;
+ keyheader[1] = key->publickey->length >> 8;
+ keyheader[2] = key->publickey->length & 0xFF;
+ hashdata[0] = keyheader;
+ hashlen[0] = 3;
+ hashdata[1] = key->publickey->data;
+ hashlen[1] = key->publickey->length;
+ chunks = 2;
+
+ *hashtype = sig->data[16];
if (packet != NULL) {
if (packet->tag == OPENPGP_PACKET_PUBLICSUBKEY) {
hashdata[chunks] = &sig->data[2];
hashlen[chunks] = 5;
chunks++;
- sighash = &sig->data[17];
+ *sighash = &sig->data[17];
break;
case 4:
- hashtype = sig->data[3];
+ keyheader[0] = 0x99;
+ keyheader[1] = key->publickey->length >> 8;
+ keyheader[2] = key->publickey->length & 0xFF;
+ hashdata[0] = keyheader;
+ hashlen[0] = 3;
+ hashdata[1] = key->publickey->data;
+ hashlen[1] = key->publickey->length;
+ chunks = 2;
+
+ *hashtype = sig->data[3];
/* Check to see if this is an X509 based signature */
if (sig->data[2] == 0 || sig->data[2] == 100) {
sig->length - 4, &len,
&keyid, NULL);
if (res != ONAK_E_OK) {
- /* If it parses badly, reject it */
- return 0;
+ return res;
}
if (keyid == 0 &&
/* No unhashed data */
sig->data[8 + len] == 0 &&
sig->data[9 + len] == 1 &&
sig->data[10 + len] == 1) {
- get_keyid(key, &keyid);
- logthing(LOGTHING_DEBUG,
- "Skipping X509 signature on 0x%016"
- PRIX64,
- keyid);
- return -1;
+ return ONAK_E_UNSUPPORTED_FEATURE;
}
}
sig->data[5] + 6;;
if (siglen > sig->length) {
/* Signature data exceed packet length, bogus */
- return 0;
+ return ONAK_E_INVALID_PKT;
}
chunks++;
- v4trailer[0] = 4;
- v4trailer[1] = 0xFF;
- v4trailer[2] = siglen >> 24;
- v4trailer[3] = (siglen >> 16) & 0xFF;
- v4trailer[4] = (siglen >> 8) & 0xFF;
- v4trailer[5] = siglen & 0xFF;
- hashdata[chunks] = v4trailer;
+ trailer[0] = 4;
+ trailer[1] = 0xFF;
+ trailer[2] = siglen >> 24;
+ trailer[3] = (siglen >> 16) & 0xFF;
+ trailer[4] = (siglen >> 8) & 0xFF;
+ trailer[5] = siglen & 0xFF;
+ hashdata[chunks] = trailer;
hashlen[chunks] = 6;
chunks++;
unhashedlen = (sig->data[siglen] << 8) +
sig->data[siglen + 1];
- sighash = &sig->data[siglen + unhashedlen + 2];
+ *sighash = &sig->data[siglen + unhashedlen + 2];
+ break;
+ case 5:
+ keyheader[0] = 0x9A;
+ keyheader[1] = 0;
+ keyheader[2] = 0;
+ keyheader[3] = key->publickey->length >> 8;
+ keyheader[4] = key->publickey->length & 0xFF;
+ hashdata[0] = keyheader;
+ hashlen[0] = 5;
+ hashdata[1] = key->publickey->data;
+ hashlen[1] = key->publickey->length;
+ chunks = 2;
+
+ *hashtype = sig->data[3];
+
+ if (packet != NULL) {
+ if (packet->tag == OPENPGP_PACKET_PUBLICSUBKEY) {
+ packetheader[0] = 0x9A;
+ packetheader[1] = 0;
+ packetheader[2] = 0;
+ packetheader[3] = packet->length >> 8;
+ packetheader[4] = packet->length & 0xFF;
+ hashdata[chunks] = packetheader;
+ hashlen[chunks] = 5;
+ chunks++;
+ } else if (packet->tag == OPENPGP_PACKET_UID ||
+ packet->tag == OPENPGP_PACKET_UAT) {
+ packetheader[0] = (packet->tag ==
+ OPENPGP_PACKET_UID) ? 0xB4 : 0xD1;
+ packetheader[1] = packet->length >> 24;
+ packetheader[2] = (packet->length >> 16) & 0xFF;
+ packetheader[3] = (packet->length >> 8) & 0xFF;
+ packetheader[4] = packet->length & 0xFF;
+ hashdata[chunks] = packetheader;
+ hashlen[chunks] = 5;
+ chunks++;
+ }
+ hashdata[chunks] = packet->data;
+ hashlen[chunks] = packet->length;
+ chunks++;
+ }
+
+ hashdata[chunks] = sig->data;
+ hashlen[chunks] = siglen = (sig->data[4] << 8) +
+ sig->data[5] + 6;;
+ if (siglen > sig->length) {
+ /* Signature data exceed packet length, bogus */
+ return ONAK_E_INVALID_PKT;
+ }
+ chunks++;
+
+ trailer[0] = 5;
+ trailer[1] = 0xFF;
+ trailer[2] = 0;
+ trailer[3] = 0;
+ trailer[4] = 0;
+ trailer[5] = 0;
+ trailer[6] = siglen >> 24;
+ trailer[7] = (siglen >> 16) & 0xFF;
+ trailer[8] = (siglen >> 8) & 0xFF;
+ trailer[9] = siglen & 0xFF;
+ hashdata[chunks] = trailer;
+ hashlen[chunks] = 10;
+ chunks++;
+
+ unhashedlen = (sig->data[siglen] << 8) +
+ sig->data[siglen + 1];
+ *sighash = &sig->data[siglen + unhashedlen + 2];
break;
default:
- get_keyid(key, &keyid);
- logthing(LOGTHING_ERROR,
- "Unknown signature version %d on 0x%016" PRIX64,
- sig->data[0], keyid);
- return -1;
+ return ONAK_E_UNSUPPORTED_FEATURE;
}
- switch (hashtype) {
+ switch (*hashtype) {
case OPENPGP_HASH_MD5:
md5_init(&md5_context);
for (i = 0; i < chunks; i++) {
break;
#endif
default:
- get_keyid(key, &keyid);
- logthing(LOGTHING_ERROR,
- "Unsupported signature hash type %d on 0x%016" PRIX64,
- hashtype,
- keyid);
- return -1;
+ return ONAK_E_UNSUPPORTED_FEATURE;
}
- logthing(LOGTHING_DEBUG, "Hash type: %d, %d chunks, "
- "calculated: %02X%02X / actual: %02X%02X",
- hashtype, chunks,
- hash[0], hash[1], sighash[0], sighash[1]);
-
- return (hash[0] == sighash[0] && hash[1] == sighash[1]);
+ return ONAK_E_OK;
}