X-Git-Url: https://the.earth.li/gitweb/?a=blobdiff_plain;f=sigcheck.c;h=b59798b3de3043574232607b120cce9cb8a57821;hb=6d60149434eed130c201d4d670ce7b3be5c2866b;hp=ff806046b3d9866b657bb8afc3fd39cb6e54ee36;hpb=a000448ed7ca6932cf1a7936fa43e56395b16f77;p=onak.git diff --git a/sigcheck.c b/sigcheck.c index ff80604..b59798b 100644 --- a/sigcheck.c +++ b/sigcheck.c @@ -49,13 +49,13 @@ #include #include "rsa.h" -#ifndef nettle_get_secp_256r1 +#ifndef HAVE_NETTLE_GET_SECP_256R1 #define nettle_get_secp_256r1() &nettle_secp_256r1 #endif -#ifndef nettle_get_secp_384r1 +#ifndef HAVE_NETTLE_GET_SECP_384R1 #define nettle_get_secp_384r1() &nettle_secp_384r1 #endif -#ifndef nettle_get_secp_521r1 +#ifndef HAVE_NETTLE_GET_SECP_521R1 #define nettle_get_secp_521r1() &nettle_secp_521r1 #endif @@ -290,6 +290,7 @@ onak_status_t onak_check_hash_sig(struct openpgp_publickey *sigkey, onak_status_t ret; struct onak_key_material pubkey; struct dsa_signature dsasig; + uint8_t sigkeytype; uint8_t edsig[64]; uint64_t keyid; int len, ofs; @@ -306,29 +307,51 @@ onak_status_t onak_check_hash_sig(struct openpgp_publickey *sigkey, goto out; } - /* Is the key the same type as the signature we're checking? */ - if (pubkey.type != sig->data[2]) { - ret = ONAK_E_INVALID_PARAM; - goto out; - } + if (sig->data[0] == 3) { + /* Must be 5 bytes hashed */ + if (sig->data[1] != 5) { + ret = ONAK_E_INVALID_PARAM; + goto out; + } - /* Skip the hashed data */ - ofs = (sig->data[4] << 8) + sig->data[5] + 6; - if (sig->length < ofs + 2) { - ret = ONAK_E_INVALID_PKT; + /* Need at least 19 bytes for the sig header */ + if (sig->length < 19) { + ret = ONAK_E_INVALID_PKT; + goto out; + } + + /* Skip to the signature material */ + ofs += 19; + sigkeytype = sig->data[15]; + } else if (sig->data[0] >= 4) { + /* Skip the hashed data */ + ofs = (sig->data[4] << 8) + sig->data[5] + 6; + if (sig->length < ofs + 2) { + ret = ONAK_E_INVALID_PKT; + goto out; + } + /* Skip the unhashed data */ + ofs += (sig->data[ofs] << 8) + sig->data[ofs + 1] + 2; + if (sig->length < ofs + 2) { + ret = ONAK_E_INVALID_PKT; + goto out; + } + /* Skip the sig hash bytes */ + ofs += 2; + sigkeytype = sig->data[2]; + } else { + ret = ONAK_E_UNSUPPORTED_FEATURE; goto out; } - /* Skip the unhashed data */ - ofs += (sig->data[ofs] << 8) + sig->data[ofs + 1] + 2; - if (sig->length < ofs + 2) { - ret = ONAK_E_INVALID_PKT; + + /* Is the key the same type as the signature we're checking? */ + if (pubkey.type != sigkeytype) { + ret = ONAK_E_INVALID_PARAM; goto out; } - /* Skip the sig hash bytes */ - ofs += 2; /* Parse the actual signature values */ - switch (sig->data[2]) { + switch (sigkeytype) { case OPENPGP_PKALGO_ECDSA: case OPENPGP_PKALGO_DSA: mpz_init(dsasig.r); @@ -409,6 +432,7 @@ onak_status_t onak_check_hash_sig(struct openpgp_publickey *sigkey, ret = ecdsa_verify(&pubkey.ecc, SHA1_DIGEST_SIZE, hash, &dsasig) ? ONAK_E_OK : ONAK_E_BAD_SIGNATURE; + break; case KEYHASH(OPENPGP_PKALGO_ECDSA, OPENPGP_HASH_SHA256): ret = ecdsa_verify(&pubkey.ecc, SHA256_DIGEST_SIZE, hash, &dsasig) ? @@ -477,7 +501,7 @@ onak_status_t onak_check_hash_sig(struct openpgp_publickey *sigkey, } sigerr: - switch (sig->data[2]) { + switch (sigkeytype) { case OPENPGP_PKALGO_ECDSA: case OPENPGP_PKALGO_EDDSA: case OPENPGP_PKALGO_DSA: