uint64_t keyid;
int i;
- for (keyid = 0, i = 12; i < 20; i++) {
- keyid <<= 8;
- keyid += fingerprint->fp[i];
+ switch (fingerprint->length) {
+ case 20:
+ /* v4, keyid is last 64 bits */
+ for (keyid = 0, i = 12; i < 20; i++) {
+ keyid <<= 8;
+ keyid += fingerprint->fp[i];
+ }
+ break;
+ case 32:
+ /* v5, keyid is first 64 bits */
+ for (keyid = 0, i = 0; i < 8; i++) {
+ keyid <<= 8;
+ keyid += fingerprint->fp[i];
+ }
+ break;
+ default:
+ keyid = (uint64_t) -1;
}
return keyid;
onak_status_t get_fingerprint(struct openpgp_packet *packet,
struct openpgp_fingerprint *fingerprint)
{
+ struct sha256_ctx sha2_ctx;
struct sha1_ctx sha_ctx;
struct md5_ctx md5_context;
unsigned char c;
md5_digest(&md5_context, fingerprint->length, fingerprint->fp);
break;
-
case 4:
sha1_init(&sha_ctx);
/*
fingerprint->length = 20;
sha1_digest(&sha_ctx, fingerprint->length, fingerprint->fp);
+ break;
+ case 5:
+ sha256_init(&sha2_ctx);
+ /* RFC4880bis 12.2 */
+ c = 0x9A;
+ sha256_update(&sha2_ctx, sizeof(c), &c);
+ c = packet->length >> 24;
+ sha256_update(&sha2_ctx, sizeof(c), &c);
+ c = packet->length >> 16;
+ sha256_update(&sha2_ctx, sizeof(c), &c);
+ c = packet->length >> 8;
+ sha256_update(&sha2_ctx, sizeof(c), &c);
+ c = packet->length & 0xFF;
+ sha256_update(&sha2_ctx, sizeof(c), &c);
+ sha256_update(&sha2_ctx, packet->length,
+ packet->data);
+ fingerprint->length = 32;
+ sha256_digest(&sha2_ctx, fingerprint->length, fingerprint->fp);
+
break;
default:
return ONAK_E_UNKNOWN_VER;
}
break;
case 4:
+ case 5:
get_fingerprint(packet, &fingerprint);
-
*keyid = fingerprint2keyid(&fingerprint);
-
break;
default:
return ONAK_E_UNKNOWN_VER;
unsigned int keylength(struct openpgp_packet *keydata)
{
unsigned int length;
+ uint8_t keyofs;
switch (keydata->data[0]) {
case 2:
keydata->data[9];
break;
case 4:
+ case 5:
+ /* v5 has an additional 4 bytes of key length data */
+ keyofs = (keydata->data[0] == 4) ? 6 : 10;
switch (keydata->data[5]) {
case OPENPGP_PKALGO_EC:
case OPENPGP_PKALGO_ECDSA:
case OPENPGP_PKALGO_EDDSA:
/* Elliptic curve key size is based on OID */
/* Curve25519 / 1.3.6.1.4.1.3029.1.5.1 */
- if ((keydata->data[6] == 10) &&
- (keydata->data[7] == 0x2B) &&
- (keydata->data[8] == 0x06) &&
- (keydata->data[9] == 0x01) &&
- (keydata->data[10] == 0x04) &&
- (keydata->data[11] == 0x01) &&
- (keydata->data[12] == 0x97) &&
- (keydata->data[13] == 0x55) &&
- (keydata->data[14] == 0x01) &&
- (keydata->data[15] == 0x05) &&
- (keydata->data[16] == 0x01)) {
+ if ((keydata->data[keyofs] == 10) &&
+ (keydata->data[keyofs + 1] == 0x2B) &&
+ (keydata->data[keyofs + 2] == 0x06) &&
+ (keydata->data[keyofs + 3] == 0x01) &&
+ (keydata->data[keyofs + 4] == 0x04) &&
+ (keydata->data[keyofs + 5] == 0x01) &&
+ (keydata->data[keyofs + 6] == 0x97) &&
+ (keydata->data[keyofs + 7] == 0x55) &&
+ (keydata->data[keyofs + 8] == 0x01) &&
+ (keydata->data[keyofs + 9] == 0x05) &&
+ (keydata->data[keyofs + 10] == 0x01)) {
length = 255;
/* Ed25519 / 1.3.6.1.4.1.11591.15.1 */
- } else if ((keydata->data[6] == 9) &&
- (keydata->data[7] == 0x2B) &&
- (keydata->data[8] == 0x06) &&
- (keydata->data[9] == 0x01) &&
- (keydata->data[10] == 0x04) &&
- (keydata->data[11] == 0x01) &&
- (keydata->data[12] == 0xDA) &&
- (keydata->data[13] == 0x47) &&
- (keydata->data[14] == 0x0F) &&
- (keydata->data[15] == 0x01)) {
+ } else if ((keydata->data[keyofs] == 9) &&
+ (keydata->data[keyofs + 1] == 0x2B) &&
+ (keydata->data[keyofs + 2] == 0x06) &&
+ (keydata->data[keyofs + 3] == 0x01) &&
+ (keydata->data[keyofs + 4] == 0x04) &&
+ (keydata->data[keyofs + 5] == 0x01) &&
+ (keydata->data[keyofs + 6] == 0xDA) &&
+ (keydata->data[keyofs + 7] == 0x47) &&
+ (keydata->data[keyofs + 8] == 0x0F) &&
+ (keydata->data[keyofs + 9] == 0x01)) {
length = 255;
/* nistp256 / 1.2.840.10045.3.1.7 */
- } else if ((keydata->data[6] == 8) &&
- (keydata->data[7] == 0x2A) &&
- (keydata->data[8] == 0x86) &&
- (keydata->data[9] == 0x48) &&
- (keydata->data[10] == 0xCE) &&
- (keydata->data[11] == 0x3D) &&
- (keydata->data[12] == 0x03) &&
- (keydata->data[13] == 0x01) &&
- (keydata->data[14] == 0x07)) {
+ } else if ((keydata->data[keyofs] == 8) &&
+ (keydata->data[keyofs + 1] == 0x2A) &&
+ (keydata->data[keyofs + 2] == 0x86) &&
+ (keydata->data[keyofs + 3] == 0x48) &&
+ (keydata->data[keyofs + 4] == 0xCE) &&
+ (keydata->data[keyofs + 5] == 0x3D) &&
+ (keydata->data[keyofs + 6] == 0x03) &&
+ (keydata->data[keyofs + 7] == 0x01) &&
+ (keydata->data[keyofs + 8] == 0x07)) {
length = 256;
/* nistp384 / 1.3.132.0.34 */
- } else if ((keydata->data[6] == 5) &&
- (keydata->data[7] == 0x2B) &&
- (keydata->data[8] == 0x81) &&
- (keydata->data[9] == 0x04) &&
- (keydata->data[10] == 0x00) &&
- (keydata->data[11] == 0x22)) {
+ } else if ((keydata->data[keyofs] == 5) &&
+ (keydata->data[keyofs + 1] == 0x2B) &&
+ (keydata->data[keyofs + 2] == 0x81) &&
+ (keydata->data[keyofs + 3] == 0x04) &&
+ (keydata->data[keyofs + 4] == 0x00) &&
+ (keydata->data[keyofs + 5] == 0x22)) {
length = 384;
/* nistp521 / 1.3.132.0.35 */
- } else if ((keydata->data[6] == 5) &&
- (keydata->data[7] == 0x2B) &&
- (keydata->data[8] == 0x81) &&
- (keydata->data[9] == 0x04) &&
- (keydata->data[10] == 0x00) &&
- (keydata->data[11] == 0x23)) {
+ } else if ((keydata->data[keyofs] == 5) &&
+ (keydata->data[keyofs + 1] == 0x2B) &&
+ (keydata->data[keyofs + 2] == 0x81) &&
+ (keydata->data[keyofs + 3] == 0x04) &&
+ (keydata->data[keyofs + 4] == 0x00) &&
+ (keydata->data[keyofs + 5] == 0x23)) {
length = 521;
/* brainpoolP256r1 / 1.3.36.3.3.2.8.1.1.7 */
- } else if ((keydata->data[6] == 9) &&
- (keydata->data[7] == 0x2B) &&
- (keydata->data[8] == 0x24) &&
- (keydata->data[9] == 0x03) &&
- (keydata->data[10] == 0x03) &&
- (keydata->data[11] == 0x02) &&
- (keydata->data[12] == 0x08) &&
- (keydata->data[13] == 0x01) &&
- (keydata->data[14] == 0x01) &&
- (keydata->data[15] == 0x07)) {
+ } else if ((keydata->data[keyofs] == 9) &&
+ (keydata->data[keyofs + 1] == 0x2B) &&
+ (keydata->data[keyofs + 2] == 0x24) &&
+ (keydata->data[keyofs + 3] == 0x03) &&
+ (keydata->data[keyofs + 4] == 0x03) &&
+ (keydata->data[keyofs + 5] == 0x02) &&
+ (keydata->data[keyofs + 6] == 0x08) &&
+ (keydata->data[keyofs + 7] == 0x01) &&
+ (keydata->data[keyofs + 8] == 0x01) &&
+ (keydata->data[keyofs + 9] == 0x07)) {
length = 256;
/* brainpoolP384r1 / 1.3.36.3.3.2.8.1.1.11 */
- } else if ((keydata->data[6] == 9) &&
- (keydata->data[7] == 0x2B) &&
- (keydata->data[8] == 0x24) &&
- (keydata->data[9] == 0x03) &&
- (keydata->data[10] == 0x03) &&
- (keydata->data[11] == 0x02) &&
- (keydata->data[12] == 0x08) &&
- (keydata->data[13] == 0x01) &&
- (keydata->data[14] == 0x01) &&
- (keydata->data[15] == 0x0B)) {
+ } else if ((keydata->data[keyofs] == 9) &&
+ (keydata->data[keyofs + 1] == 0x2B) &&
+ (keydata->data[keyofs + 2] == 0x24) &&
+ (keydata->data[keyofs + 3] == 0x03) &&
+ (keydata->data[keyofs + 4] == 0x03) &&
+ (keydata->data[keyofs + 5] == 0x02) &&
+ (keydata->data[keyofs + 6] == 0x08) &&
+ (keydata->data[keyofs + 7] == 0x01) &&
+ (keydata->data[keyofs + 8] == 0x01) &&
+ (keydata->data[keyofs + 9] == 0x0B)) {
length = 384;
/* brainpoolP512r1 / 1.3.36.3.3.2.8.1.1.13 */
- } else if ((keydata->data[6] == 9) &&
- (keydata->data[7] == 0x2B) &&
- (keydata->data[8] == 0x24) &&
- (keydata->data[9] == 0x03) &&
- (keydata->data[10] == 0x03) &&
- (keydata->data[11] == 0x02) &&
- (keydata->data[12] == 0x08) &&
- (keydata->data[13] == 0x01) &&
- (keydata->data[14] == 0x01) &&
- (keydata->data[15] == 0x0D)) {
+ } else if ((keydata->data[keyofs] == 9) &&
+ (keydata->data[keyofs + 1] == 0x2B) &&
+ (keydata->data[keyofs + 2] == 0x24) &&
+ (keydata->data[keyofs + 3] == 0x03) &&
+ (keydata->data[keyofs + 4] == 0x03) &&
+ (keydata->data[keyofs + 5] == 0x02) &&
+ (keydata->data[keyofs + 6] == 0x08) &&
+ (keydata->data[keyofs + 7] == 0x01) &&
+ (keydata->data[keyofs + 8] == 0x01) &&
+ (keydata->data[keyofs + 9] == 0x0D)) {
length = 512;
/* secp256k1 / 1.3.132.0.10 */
- } else if ((keydata->data[6] == 5) &&
- (keydata->data[7] == 0x2B) &&
- (keydata->data[8] == 0x81) &&
- (keydata->data[9] == 0x04) &&
- (keydata->data[10] == 0x00) &&
- (keydata->data[11] == 0x0A)) {
+ } else if ((keydata->data[keyofs] == 5) &&
+ (keydata->data[keyofs + 1] == 0x2B) &&
+ (keydata->data[keyofs + 2] == 0x81) &&
+ (keydata->data[keyofs + 3] == 0x04) &&
+ (keydata->data[keyofs + 4] == 0x00) &&
+ (keydata->data[keyofs + 5] == 0x0A)) {
length = 256;
} else {
logthing(LOGTHING_ERROR,
}
break;
default:
- length = (keydata->data[6] << 8) +
- keydata->data[7];
+ length = (keydata->data[keyofs] << 8) +
+ keydata->data[keyofs + 1];
}
break;
default:
type = subkeys->packet->data[7];
break;
case 4:
+ case 5:
type = subkeys->packet->data[5];
break;
default:
logthing(LOGTHING_ERROR,
- "Unknown key type: %d",
+ "Unknown key version: %d",
subkeys->packet->data[0]);
}
length = keylength(subkeys->packet);
type = keys->publickey->data[7];
break;
case 4:
+ case 5:
type = keys->publickey->data[5];
break;
default:
- logthing(LOGTHING_ERROR, "Unknown key type: %d",
+ logthing(LOGTHING_ERROR, "Unknown key version: %d",
keys->publickey->data[0]);
}
length = keylength(keys->publickey);
type = keys->publickey->data[7];
break;
case 4:
+ case 5:
(void) get_fingerprint(keys->publickey, &fingerprint);
for (i = 0; i < fingerprint.length; i++) {
type = keys->publickey->data[5];
break;
default:
- logthing(LOGTHING_ERROR, "Unknown key type: %d",
+ logthing(LOGTHING_ERROR, "Unknown key version: %d",
keys->publickey->data[0]);
}
length = keylength(keys->publickey);
projects / onak.git / commitdiff