Remove trailing newline on sigcheck debug output

[onak.git] / sigcheck.c

diff --git a/sigcheck.c b/sigcheck.c
index fc046266248df3d8dd98d6f127758a1c6d163189..cbc28b87ccfbeacaade0f5a2c88d2a76c1e5a788 100644 (file)
--- a/sigcheck.c
+++ b/sigcheck.c
@@ -20,6 +20,7 @@
 #include <stdint.h>
 
 #include "config.h"
+#include "keyid.h"
 #include "keystructs.h"
 #include "log.h"
 #include "openpgp.h"
@@ -27,6 +28,7 @@
 
 #ifdef HAVE_NETTLE
 #include <nettle/md5.h>
+#include <nettle/ripemd160.h>
 #include <nettle/sha.h>
 #else
 #include "md5.h"
@@ -42,6 +44,9 @@ int check_packet_sighash(struct openpgp_publickey *key,
        size_t siglen, unhashedlen;
        struct sha1_ctx sha1_context;
        struct md5_ctx md5_context;
+#ifdef NETTLE_WITH_RIPEMD160
+       struct ripemd160_ctx ripemd160_context;
+#endif
 #ifdef NETTLE_WITH_SHA224
        struct sha224_ctx sha224_context;
 #endif
@@ -57,10 +62,11 @@ int check_packet_sighash(struct openpgp_publickey *key,
        uint8_t keyheader[3];
        uint8_t packetheader[5];
        uint8_t v4trailer[6];
-       uint8_t hash[20];
+       uint8_t hash[64];
        uint8_t *hashdata[8];
        size_t hashlen[8];
        int chunks, i;
+       uint64_t keyid;
 
        keyheader[0] = 0x99;
        keyheader[1] = key->publickey->length >> 8;
@@ -145,8 +151,10 @@ int check_packet_sighash(struct openpgp_publickey *key,
                sighash = &sig->data[siglen + unhashedlen + 2];
                break;
        default:
-               logthing(LOGTHING_ERROR, "Unknown signature version %d",
-                               sig->data[0]);
+               get_keyid(key, &keyid);
+               logthing(LOGTHING_ERROR,
+                       "Unknown signature version %d on 0x%016" PRIX64,
+                       sig->data[0], keyid);
                return -1;
        }
 
@@ -165,6 +173,20 @@ int check_packet_sighash(struct openpgp_publickey *key,
                }
                sha1_digest(&sha1_context, 20, hash);
                break;
+       case OPENPGP_HASH_RIPEMD160:
+#ifdef NETTLE_WITH_RIPEMD160
+               ripemd160_init(&ripemd160_context);
+               for (i = 0; i < chunks; i++) {
+                       ripemd160_update(&ripemd160_context, hashlen[i],
+                               hashdata[i]);
+               }
+               ripemd160_digest(&ripemd160_context, RIPEMD160_DIGEST_SIZE,
+                       hash);
+               break;
+#else
+               logthing(LOGTHING_INFO, "RIPEMD160 support not available.");
+               return -1;
+#endif
        case OPENPGP_HASH_SHA224:
 #ifdef NETTLE_WITH_SHA224
                sha224_init(&sha224_context);
@@ -173,10 +195,11 @@ int check_packet_sighash(struct openpgp_publickey *key,
                                hashdata[i]);
                }
                sha224_digest(&sha224_context, SHA224_DIGEST_SIZE, hash);
+               break;
 #else
                logthing(LOGTHING_INFO, "SHA224 support not available.");
+               return -1;
 #endif
-               break;
        case OPENPGP_HASH_SHA256:
 #ifdef NETTLE_WITH_SHA256
                sha256_init(&sha256_context);
@@ -185,10 +208,11 @@ int check_packet_sighash(struct openpgp_publickey *key,
                                hashdata[i]);
                }
                sha256_digest(&sha256_context, SHA256_DIGEST_SIZE, hash);
+               break;
 #else
                logthing(LOGTHING_INFO, "SHA256 support not available.");
+               return -1;
 #endif
-               break;
        case OPENPGP_HASH_SHA384:
 #ifdef NETTLE_WITH_SHA384
                sha384_init(&sha384_context);
@@ -197,10 +221,11 @@ int check_packet_sighash(struct openpgp_publickey *key,
                                hashdata[i]);
                }
                sha384_digest(&sha384_context, SHA384_DIGEST_SIZE, hash);
+               break;
 #else
                logthing(LOGTHING_INFO, "SHA384 support not available.");
+               return -1;
 #endif
-               break;
        case OPENPGP_HASH_SHA512:
 #ifdef NETTLE_WITH_SHA512
                sha512_init(&sha512_context);
@@ -209,18 +234,22 @@ int check_packet_sighash(struct openpgp_publickey *key,
                                hashdata[i]);
                }
                sha512_digest(&sha512_context, SHA512_DIGEST_SIZE, hash);
+               break;
 #else
                logthing(LOGTHING_INFO, "SHA512 support not available.");
+               return -1;
 #endif
-               break;
        default:
-               logthing(LOGTHING_ERROR, "Unsupported signature hash type %d",
-                               hashtype);
+               get_keyid(key, &keyid);
+               logthing(LOGTHING_ERROR,
+                       "Unsupported signature hash type %d on 0x%016" PRIX64,
+                       hashtype,
+                       keyid);
                return -1;
        }
 
        logthing(LOGTHING_DEBUG, "Hash type: %d, %d chunks, "
-               "calculated: %02X%02X / actual: %02X%02X\n",
+               "calculated: %02X%02X / actual: %02X%02X",
                hashtype, chunks,
                hash[0], hash[1], sighash[0], sighash[1]);