X-Git-Url: http://the.earth.li/gitweb/?a=blobdiff_plain;f=sigcheck.c;h=cbc28b87ccfbeacaade0f5a2c88d2a76c1e5a788;hb=cbe819fe064045d7d040e74c66e55f83e716b0ce;hp=852b53b3784a578d5d41c933b1b5b8cc2656f331;hpb=666b0d041ecf22f2b4936d3b04a98e5807f55877;p=onak.git

diff --git a/sigcheck.c b/sigcheck.c
index 852b53b..cbc28b8 100644
--- a/sigcheck.c
+++ b/sigcheck.c
@@ -20,6 +20,7 @@
 #include <stdint.h>
 
 #include "config.h"
+#include "keyid.h"
 #include "keystructs.h"
 #include "log.h"
 #include "openpgp.h"
@@ -27,6 +28,7 @@
 
 #ifdef HAVE_NETTLE
 #include <nettle/md5.h>
+#include <nettle/ripemd160.h>
 #include <nettle/sha.h>
 #else
 #include "md5.h"
@@ -42,6 +44,9 @@ int check_packet_sighash(struct openpgp_publickey *key,
 	size_t siglen, unhashedlen;
 	struct sha1_ctx sha1_context;
 	struct md5_ctx md5_context;
+#ifdef NETTLE_WITH_RIPEMD160
+	struct ripemd160_ctx ripemd160_context;
+#endif
 #ifdef NETTLE_WITH_SHA224
 	struct sha224_ctx sha224_context;
 #endif
@@ -61,6 +66,7 @@ int check_packet_sighash(struct openpgp_publickey *key,
 	uint8_t *hashdata[8];
 	size_t hashlen[8];
 	int chunks, i;
+	uint64_t keyid;
 
 	keyheader[0] = 0x99;
 	keyheader[1] = key->publickey->length >> 8;
@@ -145,8 +151,10 @@ int check_packet_sighash(struct openpgp_publickey *key,
 		sighash = &sig->data[siglen + unhashedlen + 2];
 		break;
 	default:
-		logthing(LOGTHING_ERROR, "Unknown signature version %d",
-				sig->data[0]);
+		get_keyid(key, &keyid);
+		logthing(LOGTHING_ERROR,
+			"Unknown signature version %d on 0x%016" PRIX64,
+			sig->data[0], keyid);
 		return -1;
 	}
 
@@ -165,6 +173,20 @@ int check_packet_sighash(struct openpgp_publickey *key,
 		}
 		sha1_digest(&sha1_context, 20, hash);
 		break;
+	case OPENPGP_HASH_RIPEMD160:
+#ifdef NETTLE_WITH_RIPEMD160
+		ripemd160_init(&ripemd160_context);
+		for (i = 0; i < chunks; i++) {
+			ripemd160_update(&ripemd160_context, hashlen[i],
+				hashdata[i]);
+		}
+		ripemd160_digest(&ripemd160_context, RIPEMD160_DIGEST_SIZE,
+			hash);
+		break;
+#else
+		logthing(LOGTHING_INFO, "RIPEMD160 support not available.");
+		return -1;
+#endif
 	case OPENPGP_HASH_SHA224:
 #ifdef NETTLE_WITH_SHA224
 		sha224_init(&sha224_context);
@@ -218,13 +240,16 @@ int check_packet_sighash(struct openpgp_publickey *key,
 		return -1;
 #endif
 	default:
-		logthing(LOGTHING_ERROR, "Unsupported signature hash type %d",
-				hashtype);
+		get_keyid(key, &keyid);
+		logthing(LOGTHING_ERROR,
+			"Unsupported signature hash type %d on 0x%016" PRIX64,
+			hashtype,
+			keyid);
 		return -1;
 	}
 
 	logthing(LOGTHING_DEBUG, "Hash type: %d, %d chunks, "
-		"calculated: %02X%02X / actual: %02X%02X\n",
+		"calculated: %02X%02X / actual: %02X%02X",
 		hashtype, chunks,
 		hash[0], hash[1], sighash[0], sighash[1]);