6 #define _RPMBC_INTERNAL
7 #define _RPMPGP_INTERNAL
25 #define SPEW(_t, _rc, _dig) \
26 { if ((_t) || _rpmbc_debug || _pgp_debug < 0) \
27 fprintf(stderr, "<-- %s(%p) %s\t%s/%s\n", __FUNCTION__, (_dig), \
28 ((_rc) ? "OK" : "BAD"), (_dig)->pubkey_algoN, (_dig)->hash_algoN); \
40 if (c >=
'0' && c <=
'9')
41 return (
unsigned char) (c -
'0');
42 if (c >=
'A' && c <=
'F')
43 return (
unsigned char)((int)(c -
'A') + 10);
44 if (c >=
'a' && c <=
'f')
45 return (
unsigned char)((int)(c -
'a') + 10);
46 return (
unsigned char)
'\0';
49 #define _spewMPB(_N, _MPB) \
50 { mpbarrett * mpb = &(_MPB); \
51 fprintf(stderr, " " _N " = [%4u]: ", (unsigned)mpbits(mpb->size, mpb->modl)); mpfprintln(stderr, mpb->size, mpb->modl); \
54 #define _spewMPN(_N, _MPN) \
55 { mpnumber * mpn = &(_MPN); \
56 fprintf(stderr, " " _N " = [%4u]: ", (unsigned)mpbits(mpn->size, mpn->data)); mpfprintln(stderr, mpn->size, mpn->data); \
60 static void rpmbcDumpRSA(
const char * msg,
rpmbc bc)
62 if (msg) fprintf(stderr,
"========== %s\n", msg);
79 static void rpmbcDumpDSA(
const char * msg,
rpmbc bc)
81 if (msg) fprintf(stderr,
"========== %s\n", msg);
84 _spewMPB(
" p", bc->dsa_keypair.param.p);
85 _spewMPB(
" q", bc->dsa_keypair.param.q);
86 _spewMPN(
" g", bc->dsa_keypair.param.g);
120 bc->digest =
_free(bc->digest);
122 xx =
rpmDigestFinal(ctx, (
void **)&bc->digest, &bc->digestlen, 0);
131 nbits = (unsigned) MP_WORDS_TO_BITS(bc->md.size);
132 else if (bc->rsa_keypair.n.size)
133 nbits = (unsigned) MP_WORDS_TO_BITS(bc->rsa_keypair.n.size);
134 nb = (nbits + 7) >> 3;
135 if (nb < 64/8 || nb > 65536/8)
139 t = te = (uint8_t *)
xmalloc(nb);
140 memset(te, 0xff, nb);
143 te += nb - strlen(
prefix)/2 - bc->digestlen - 1;
146 for (s =
prefix; *s; s += 2)
148 memcpy(te, bc->digest, bc->digestlen);
150 mpnfree(&bc->c); (void) mpnsetbin(&bc->c, t, nb);
154 rc = memcmp(bc->digest, sigp->signhash16,
sizeof(sigp->signhash16));
157 if (rc && sigp->signhash16[0] == 0 && sigp->signhash16[1] == 0)
178 bc->digest =
_free(bc->digest);
180 rc =
rpmDigestFinal(ctx, (
void **)&bc->digest, &bc->digestlen, 0);
183 rc = mpnsetbin(&bc->hm, (byte *) bc->digest,
184 (bc->digestlen > 160/8 ? 160/8 : bc->digestlen));
187 rc = memcmp(bc->digest, sigp->signhash16,
sizeof(sigp->signhash16));
190 if (rc && sigp->signhash16[0] == 0 && sigp->signhash16[1] == 0)
210 bc->digest =
_free(bc->digest);
214 rc = mpnsetbin(&bc->hm, (byte *) bc->digest, bc->digestlen);
217 rc = memcmp(bc->digest, sigp->signhash16,
sizeof(sigp->signhash16));
220 if (rc && sigp->signhash16[0] == 0 && sigp->signhash16[1] == 0)
229 int rpmbcGenerateELG(
pgpDig dig)
232 static const char P_2048[] =
"fd12e8b7e096a28a00fb548035953cf0eba64ceb5dff0f5672d376d59c196da729f6b5586f18e6f3f1a86c73c5b15662f59439613b309e52aa257488619e5f76a7c4c3f7a426bdeac66bf88343482941413cef06256b39c62744dcb97e7b78e36ec6b885b143f6f3ad0a1cd8a5713e338916613892a264d4a47e72b583fbdaf5bce2bbb0097f7e65cbc86d684882e5bb8196d522dcacd6ad00dfbcd8d21613bdb59c485a65a58325d792272c09ad1173e12c98d865adb4c4d676ada79830c58c37c42dff8536e28f148a23f296513816d3dfed0397a3d4d6e1fa24f07e1b01643a68b4274646a3b876e810206eddacea2b9ef7636a1da5880ef654288b857ea3";
233 static const char P_1024[] =
"e64a3deeddb723e2e4db54c2b09567d196367a86b3b302be07e43ffd7f2e016f866de5135e375bdd2fba6ea9b4299010fafa36dc6b02ba3853cceea07ee94bfe30e0cc82a69c73163be26e0c4012dfa0b2839c97d6cd71eee59a303d6177c6a6740ca63bd04c1ba084d6c369dc2fbfaeebe951d58a4824de52b580442d8cae77";
240 xx = dlkp_pInit(&bc->elg_keypair);
244 xx = dldp_pInit(&bc->elg_keypair.param);
251 mpbsethex(&bc->elg_keypair.param.p, P_2048);
255 mpbsethex(&bc->elg_keypair.param.p, P_1024);
259 xx = dldp_pgonMakeSafe(&bc->elg_keypair.param, &bc->rngc, bc->nbits);
263 if (bc->elg_keypair.param.q.size == 0) {
268 mpnset(&q, bc->elg_keypair.param.p.size, bc->elg_keypair.param.p.modl);
269 mpdivtwo(q.size, q.data);
270 mpbset(&bc->elg_keypair.param.q, q.size, q.data);
272 mpnsetw(&bc->elg_keypair.param.r, 2);
275 xx = dldp_pgonGenerator(&bc->elg_keypair.param, &bc->rngc);
281 xx = dldp_pPair(&bc->elg_keypair.param, &bc->rngc,
282 &bc->elg_keypair.x, &bc->elg_keypair.y);
290 dldp_pFree(&bc->elg_params);
293 dlkp_pFree(&bc->elg_keypair);
295 rc = (failures == 0);
315 rc =
rpmDigestFinal(ctx, (
void **)&bc->digest, &bc->digestlen, 0);
318 rc = memcmp(bc->digest, sigp->signhash16,
sizeof(sigp->signhash16));
321 if (rc && sigp->signhash16[0] == 0 && sigp->signhash16[1] == 0)
331 rpmgc gc = dig->impl;
333 rc = (gcry_err_code(gc->err) != expected);
335 fail(
"%s failed: %s\n", msg, gpg_strerror(gc->err));
347 rc = rpmgcAvailable(dig->impl, algo,
357 rc = rpmgcAvailable(dig->impl, algo,
367 rc = rpmgcAvailable(dig->impl, algo, gcry_pk_test_algo(algo));
378 switch (pubp->pubkey_algo) {
382 rc = rsavrfy(&bc->rsa_keypair.n, &bc->rsa_keypair.e, &bc->md, &bc->c);
385 rc = dsavrfy(&bc->dsa_keypair.param.p, &bc->dsa_keypair.param.q,
386 &bc->dsa_keypair.param.g, &bc->hm, &bc->dsa_keypair.y,
391 rc = elgv1vrfy(&bc->elg_keypair.param.p, &bc->elg_keypair.param.n,
392 &bc->elg_keypair.param.g, &bc->hm, &bc->elg_keypair.y,
398 fprintf(stderr,
"warning: %s(ECDSA): skipped (unimplemented)\n", __FUNCTION__);
413 switch (pubp->pubkey_algo) {
419 rc = rsapri(&bc->rsa_keypair.n, &bc->rsa_keypair.d, &bc->c, &bc->md);
422 rc = rsapricrt(&bc->rsa_keypair.n, &bc->rsa_keypair.p, &bc->rsa_keypair.q,
423 &bc->rsa_keypair.dp, &bc->rsa_keypair.dq, &bc->rsa_keypair.qi,
430 rc = dsasign(&bc->dsa_keypair.param.p, &bc->dsa_keypair.param.q,
431 &bc->dsa_keypair.param.g, &bc->rngc, &bc->hm,
432 &bc->dsa_keypair.x, &bc->r, &bc->s);
436 rc = elgv1sign(&bc->elg_keypair.param.p, &bc->elg_keypair.param.n,
437 &bc->elg_keypair.param.g, &bc->rngc, &bc->hm,
438 &bc->elg_keypair.x, &bc->r, &bc->s);
449 memset(te, (
int)
'1', 2*((bc->nbits+7)/8));
450 te += 2*((bc->nbits+7)/8);
452 mpnsethex(&bc->r, hex);
455 memset(te, (
int)
'2', 2*((bc->nbits+7)/8));
456 te += 2*((bc->nbits+7)/8);
458 mpnsethex(&bc->s, hex);
459 fprintf(stderr,
"warning: %s(ECDSA): skipped (unimplemented)\n", __FUNCTION__);
475 assert(pubp->pubkey_algo);
476 assert(sigp->hash_algo);
478 assert(dig->pubkey_algoN);
479 assert(dig->hash_algoN);
481 if (randomGeneratorContextInit(&bc->rngc, randomGeneratorDefault()))
484 switch (pubp->pubkey_algo) {
488 if (bc->nbits == 0) bc->nbits = 2048;
489 rsakpFree(&bc->rsa_keypair);
490 if (!rsakpMake(&bc->rsa_keypair, &bc->rngc, bc->nbits))
494 if (bc->nbits == 0) bc->nbits = 1024;
495 dlkp_pFree(&bc->dsa_keypair);
496 if (!dsaparamMake(&bc->dsa_keypair.param, &bc->rngc, bc->nbits)
497 && !dldp_pPair(&bc->dsa_keypair.param, &bc->rngc, &bc->dsa_keypair.x,
503 rc = rpmbcGenerateELG(dig);
509 switch (sigp->hash_algo) {
526 memset(te, (
int)
'5', 2*((bc->nbits+7)/8));
527 te += 2*((bc->nbits+7)/8);
528 memset(te, (
int)
'A', 2*((bc->nbits+7)/8));
529 te += 2*((bc->nbits+7)/8);
531 mpnsethex(&bc->Q, hex);
532 fprintf(stderr,
"warning: %s(ECDSA): skipped (unimplemented)\n", __FUNCTION__);
548 unsigned int nb = (pend >= p ? (pend - p) : 0);
549 unsigned int mbits = (((8 * (nb - 2)) + 0x1f) & ~0x1f);
556 rc = mpnsetbin(&bc->md, p+2, nb-2);
561 rc = mpnsetbin(&bc->r, p+2, nb-2);
566 rc = mpnsetbin(&bc->s, p+2, nb-2);
571 rc = mpbsetbin(&bc->rsa_keypair.n, p+2, nb-2);
573 _spewMPB(
" n", bc->dsa_keypair.param.n);
576 rc = mpnsetbin(&bc->rsa_keypair.e, p+2, nb-2);
581 rc = mpbsetbin(&bc->dsa_keypair.param.p, p+2, nb-2);
583 _spewMPB(
" p", bc->dsa_keypair.param.p);
586 rc = mpbsetbin(&bc->dsa_keypair.param.q, p+2, nb-2);
588 _spewMPB(
" q", bc->dsa_keypair.param.q);
591 rc = mpnsetbin(&bc->dsa_keypair.param.g, p+2, nb-2);
593 _spewMPN(
" g", bc->dsa_keypair.param.g);
596 rc = mpnsetbin(&bc->dsa_keypair.y, p+2, nb-2);
601 rc = mpnsetbin(&bc->r, p+2, nb-2);
606 rc = mpnsetbin(&bc->s, p+2, nb-2);
612 if (!strcasecmp(s,
"2a8648ce3d030101"))
614 else if (!strcasecmp(s,
"2b81040021"))
616 else if (!strcasecmp(s,
"2a8648ce3d030107"))
618 else if (!strcasecmp(s,
"2b81040022"))
620 else if (!strcasecmp(s,
"2b81040023"))
626 assert(bc->nbits > 0);
631 rc = mpnsetbin(&bc->Q, p+2, nb-2);
646 bc->in_fips_mode = 0;
652 bc->digest =
_free(bc->digest);
655 randomGeneratorContextFree(&bc->rngc);
657 rsakpFree(&bc->rsa_keypair);
659 dlkp_pFree(&bc->dsa_keypair);
661 dlkp_pFree(&bc->elg_keypair);
663 dldp_pFree(&bc->elg_params);
715 time_t now =
time(NULL);
731 *be++ = pubp->pubkey_algo;
733 switch (pubp->pubkey_algo) {
738 bn = mpbits(bc->rsa_keypair.n.size, bc->rsa_keypair.n.modl);
739 *be++ = (bn >> 8); *be++ = (bn );
741 xx = i2osp(be, bn/8, bc->rsa_keypair.n.modl, bc->rsa_keypair.n.size);
744 bn = mpbits(bc->rsa_keypair.e.size, bc->rsa_keypair.e.data);
745 *be++ = (bn >> 8); *be++ = (bn );
747 xx = i2osp(be, bn/8, bc->rsa_keypair.e.data, bc->rsa_keypair.e.size);
751 bn = mpbits(bc->dsa_keypair.param.p.size, bc->dsa_keypair.param.p.modl);
752 *be++ = (bn >> 8); *be++ = (bn );
754 xx = i2osp(be, bn/8, bc->dsa_keypair.param.p.modl, bc->dsa_keypair.param.p.size);
757 bn = mpbits(bc->dsa_keypair.param.q.size, bc->dsa_keypair.param.q.modl);
758 *be++ = (bn >> 8); *be++ = (bn );
760 xx = i2osp(be, bn/8, bc->dsa_keypair.param.q.modl, bc->dsa_keypair.param.q.size);
763 bn = mpbits(bc->dsa_keypair.param.g.size, bc->dsa_keypair.param.g.data);
764 *be++ = (bn >> 8); *be++ = (bn );
766 xx = i2osp(be, bn/8, bc->dsa_keypair.param.g.data, bc->dsa_keypair.param.g.size);
769 bn = mpbits(bc->dsa_keypair.y.size, bc->dsa_keypair.y.data);
770 *be++ = (bn >> 8); *be++ = (bn );
772 xx = i2osp(be, bn/8, bc->dsa_keypair.y.data, bc->dsa_keypair.y.size);
781 case 192: s =
"2a8648ce3d030101";
break;
782 case 224: s =
"2b81040021";
break;
784 case 256: s =
"2a8648ce3d030107";
break;
785 case 384: s =
"2b81040022";
break;
787 case 521: s =
"2b81040023";
break;
791 for (i = 0; i <
ns; i += 2)
795 bn = mpbits(bc->Q.size, bc->Q.data);
796 *be++ = (bn >> 8); *be++ = (bn );
798 xx = i2osp(be, bn/8, bc->Q.data, bc->Q.size);
810 dig->pub = memcpy(
xmalloc(pktlen), pkt, pktlen);
811 dig->publen = pktlen;
824 time_t now =
time(NULL);
834 *be++ = 0x80 | (sigp->tag << 2) | 0x01;
838 *be++ = sigp->version = 0x04;
840 *be++ = sigp->pubkey_algo = pubp->pubkey_algo;
841 *be++ = sigp->hash_algo;
849 *be++ = sigp->time[0] = (bt >> 24);
850 *be++ = sigp->time[1] = (bt >> 16);
851 *be++ = sigp->time[2] = (bt >> 8);
852 *be++ = sigp->time[3] = (bt );
856 bt = 30 * 24 * 60 * 60;
857 *be++ = sigp->expire[0] = (bt >> 24);
858 *be++ = sigp->expire[1] = (bt >> 16);
859 *be++ = sigp->expire[2] = (bt >> 8);
860 *be++ = sigp->expire[3] = (bt );
874 sigp->hashlen = (be - h);
875 h[-2] = (sigp->hashlen >> 8);
876 h[-1] = (sigp->hashlen );
879 if (sigp->hash != NULL)
884 trailer[0] = sigp->version;
886 trailer[2] = (sigp->hashlen >> 24);
887 trailer[3] = (sigp->hashlen >> 16);
888 trailer[4] = (sigp->hashlen >> 8);
889 trailer[5] = (sigp->hashlen );
893 sigp->signhash16[0] = 0x00;
894 sigp->signhash16[1] = 0x00;
895 switch (pubp->pubkey_algo) {
909 h = (uint8_t *) bc->digest;
910 sigp->signhash16[0] = h[0];
911 sigp->signhash16[1] = h[1];
922 *be++ = pubp->signid[0];
923 *be++ = pubp->signid[1];
924 *be++ = pubp->signid[2];
925 *be++ = pubp->signid[3];
926 *be++ = pubp->signid[4];
927 *be++ = pubp->signid[5];
928 *be++ = pubp->signid[6];
929 *be++ = pubp->signid[7];
935 *be++ = sigp->signhash16[0];
936 *be++ = sigp->signhash16[1];
938 switch (pubp->pubkey_algo) {
943 bn = mpbits(bc->md.size, bc->md.data);
947 xx = i2osp(be, bn/8, bc->md.data, bc->md.size);
951 bn = mpbits(bc->r.size, bc->r.data);
955 xx = i2osp(be, bn/8, bc->r.data, bc->r.size);
958 bn = mpbits(bc->s.size, bc->s.data);
962 xx = i2osp(be, bn/8, bc->s.data, bc->s.size);
966 bn = mpbits(bc->r.size, bc->r.data);
970 xx = i2osp(be, bn/8, bc->r.data, bc->r.size);
973 bn = mpbits(bc->s.size, bc->s.data);
977 xx = i2osp(be, bn/8, bc->s.data, bc->s.size);
987 dig->sig = memcpy(
xmalloc(pktlen), pkt, pktlen);
988 dig->siglen = pktlen;
pgpDigParams pgpGetPubkey(pgpDig dig)
Return OpenPGP pubkey parameters.
struct pgpImplVecs_s rpmbcImplVecs
static void * rpmbcFree(void *impl)
char * xstrdup(const char *str)
struct pgpDigParams_s * pgpDigParams
static int rpmbcSetECDSA(DIGEST_CTX ctx, pgpDig dig, pgpDigParams sigp)
static int pgpImplSign(pgpDig dig)
const char * pgpPubkeyAlgo2Name(uint32_t algo)
static int rpmbcSign(pgpDig dig)
static int pgpImplSetDSA(DIGEST_CTX ctx, pgpDig dig, pgpDigParams sigp)
static int rpmbcSetRSA(DIGEST_CTX ctx, pgpDig dig, pgpDigParams sigp)
static int rpmbcErrChk(pgpDig dig, const char *msg, int rc, unsigned expected)
void * xcalloc(size_t nmemb, size_t size)
int rpmDigestUpdate(DIGEST_CTX ctx, const void *data, size_t len)
Update context with next plain text buffer.
unsigned char rpmuint8_t
Private int typedefs to avoid C99 portability issues.
static int rpmbcAvailableCipher(pgpDig dig, int algo)
static int rpmbcAvailableDigest(pgpDig dig, int algo)
static unsigned int pgpMpiBits(const rpmuint8_t *p)
Return no.
pgpHashAlgo rpmDigestAlgo(DIGEST_CTX ctx)
Return digest algorithm identifier.
pgpDigParams pgpGetSignature(pgpDig dig)
Return OpenPGP signature parameters.
static void rpmbcClean(void *impl)
static int pgpImplSetECDSA(DIGEST_CTX ctx, pgpDig dig, pgpDigParams sigp)
static int rpmbcGenerate(pgpDig dig)
#define _spewMPN(_N, _MPN)
int rpmbcExportSignature(pgpDig dig, DIGEST_CTX ctx)
static int pgpImplSetRSA(DIGEST_CTX ctx, pgpDig dig, pgpDigParams sigp)
static int rpmbcSetDSA(DIGEST_CTX ctx, pgpDig dig, pgpDigParams sigp)
static int rpmbcSetELG(DIGEST_CTX ctx, pgpDig dig, pgpDigParams sigp)
static unsigned int pgpMpiLen(const rpmuint8_t *p)
Return no.
static const char * prefix[]
Tables for prefixing and suffixing patterns, according to the -w, -x, and -F options.
int pgpPubkeyFingerprint(const rpmuint8_t *pkt, size_t pktlen, rpmuint8_t *keyid)
Print/parse an OpenPGP subtype packet.
static void * rpmbcInit(void)
static void * _free(const void *p)
Wrapper to free(3), hides const compilation noise, permit NULL, return NULL.
#define _spewMPB(_N, _MPB)
#define SPEW(_t, _rc, _dig)
static int rpmbcVerify(pgpDig dig)
const char * rpmDigestASN1(DIGEST_CTX ctx)
Return digest ASN1 oid string.
static int rpmbcMpiItem(const char *pre, pgpDig dig, int itemno, const rpmuint8_t *p, const rpmuint8_t *pend)
const char * pgpHashAlgo2Name(uint32_t algo)
int rpmDigestFinal(DIGEST_CTX ctx, void *datap, size_t *lenp, int asAscii)
Return digest and destroy context.
static int rpmbcAvailablePubkey(pgpDig dig, int algo)
int rpmbcExportPubkey(pgpDig dig)
static char * pgpHexStr(const rpmuint8_t *p, size_t plen)
Return hex formatted representation of bytes.
static unsigned char nibble(char c)
Convert hex to binary nibble.