8 #define _RPMIOB_INTERNAL
13 #define _RPMPGP_INTERNAL
40 #if defined(USE_CRYPTO_BEECRYPT) && defined(WITH_BEECRYPT)
42 #elif defined(USE_CRYPTO_GCRYPT) && defined(WITH_GCRYPT)
44 #elif defined(USE_CRYPTO_NSS) && defined(WITH_NSS)
46 #elif defined(USE_CRYPTO_OPENSSL) && defined(WITH_SSL)
48 #elif defined(USE_CRYPTO_CDSA) && defined(WITH_CDSA)
50 #elif defined(USE_CRYPTO_TOMCRYPT) && defined(WITH_TOMCRYPT)
53 #elif defined(WITH_BEECRYPT)
55 #elif defined(WITH_NSS)
57 #elif defined(WITH_GCRYPT)
59 #elif defined(WITH_SSL)
61 #elif defined(WITH_CDSA)
63 #elif defined(WITH_TOMCRYPT)
66 #error INTERNAL ERROR: no suitable Cryptography library available
100 { -1,
"SIG_UNKNOWN" },
114 { -1,
"KEY_UNKNOWN" },
133 { -1,
"SYM_UNKNOWN" },
141 { -1,
"Unknown compression algorithm" },
155 { -1,
"MD_UNKNOWN" },
161 { 0x80,
"No-modify" },
162 { -1,
"Unknown key server preference" },
203 { -1,
"Unknown signature subkey type" },
224 {
PGPTAG_MDC,
"Manipulaion detection code packet" },
229 { -1,
"TAG_UNKNOWN" },
240 { -1,
"Unknown armor block" }
249 { -1,
"Unknown armor key" }
256 if (!_pgp_print)
return;
257 fprintf(stderr,
"\n");
264 if (!_pgp_print)
return;
266 fprintf(stderr,
"%s", pre);
267 fprintf(stderr,
" %d", i);
274 if (!_pgp_print)
return;
276 fprintf(stderr,
"%s", pre);
277 fprintf(stderr,
" %s", s);
284 if (!_pgp_print)
return;
286 fprintf(stderr,
"%s", pre);
287 fprintf(stderr,
" %s",
pgpHexStr(p, plen));
294 if (!_pgp_print)
return;
296 fprintf(stderr,
"%s", pre);
297 fprintf(stderr,
"%s(%u)",
pgpValStr(vs, val), (
unsigned)val);
314 fprintf(stderr,
" *CRITICAL*");
317 for (i = 1; i < plen; i++)
321 for (i = 1; i < plen; i++)
325 for (i = 1; i < plen; i++)
329 for (i = 1; i < plen; i++)
330 pgpPrtVal(
" ", pgpKeyServerPrefsTbl, p[i]);
334 if (_digp && !(_digp->saved & PGPDIG_SAVED_TIME) &&
337 _digp->saved |= PGPDIG_SAVED_TIME;
338 memcpy(_digp->time, p+1,
sizeof(_digp->time));
341 if ((plen - 1) == 4) {
342 time_t t =
pgpGrab(p+1, plen-1);
344 fprintf(stderr,
" %-24.24s(0x%08x)", ctime(&t), (
unsigned)t);
350 if ((plen - 1) == 4) {
351 time_t t =
pgpGrab(p+1, plen-1);
352 if (_digp->saved & PGPDIG_SAVED_TIME)
353 t +=
pgpGrab(_digp->time,
sizeof(_digp->time));
355 fprintf(stderr,
" %-24.24s(0x%08x)", ctime(&t), (
unsigned)t);
362 if (_digp && !(_digp->saved & PGPDIG_SAVED_ID) &&
365 _digp->saved |= PGPDIG_SAVED_ID;
366 memcpy(_digp->signid, p+1,
sizeof(_digp->signid));
437 for (i = 0; p < pend; i++, p +=
pgpMpiLen(p)) {
497 fprintf(stderr,
"%7d", i);
530 fprintf(stderr,
" %-24.24s(0x%08x)", ctime(&t), (
unsigned)t);
537 if (_digp && _digp->pubkey_algo == (
rpmuint8_t)0) {
539 _digp->hashlen = (size_t) v->
hashlen;
542 memcpy(_digp->time, v->
time,
sizeof(_digp->time));
543 memcpy(_digp->signid, v->
signid,
sizeof(_digp->signid));
546 memcpy(_digp->signhash16, v->
signhash16,
sizeof(_digp->signhash16));
566 if ((p + plen) > (pp->u.h + pp->hlen))
569 if (_pgp_debug && _pgp_print)
570 fprintf(stderr,
" hash[%u] -- %s\n", plen,
pgpHexStr(p, plen));
571 if (_digp && _digp->pubkey_algo == (
rpmuint8_t)0) {
572 _digp->hashlen =
sizeof(*v) + plen;
573 _digp->hash = pp->u.h;
581 if ((p + plen) > (pp->u.h + pp->hlen))
584 if (_pgp_debug && _pgp_print)
585 fprintf(stderr,
" unhash[%u] -- %s\n", plen,
pgpHexStr(p, plen));
593 if (_digp && _digp->pubkey_algo == (
rpmuint8_t)0) {
598 memcpy(_digp->signhash16, p,
sizeof(_digp->signhash16));
602 if (p > (pp->u.h + pp->hlen))
625 static const char * pgpSecretRSA[] = {
645 static const char * pgpSecretDSA[] = {
659 static const char * pgpSecretECDSA[] = {
675 static const char * pgpSecretELGAMAL[] = {
688 for (i = 0; p < pend; i++, p +=
pgpMpiLen(p)) {
731 (void)
pgpImplMpiItem(pgpPublicECDSA[i], dig, 61, p+1+p[0], NULL);
738 pgpPrtHex(
" Curve = [ OID]:", p+1, p[0]);
748 fprintf(stderr,
"%7d", i);
783 pgpPrtVal(
" iterated/salted ", pgpHashTbl, p[2]);
784 i = (16 + ((unsigned)p[11] & 0xf)) << (((
unsigned)p[11] >> 4U) + 6);
802 for (i = 0; p < &pp->u.h[pp->hlen]; i++, p +=
pgpMpiLen(p)) {
804 if (pgpSecretRSA[i] == NULL)
break;
807 if (pgpSecretDSA[i] == NULL)
break;
810 if (pgpSecretECDSA[i] == NULL)
break;
813 if (pgpSecretELGAMAL[i] == NULL)
break;
817 fprintf(stderr,
"%7d", i);
823 pgpPrtHex(
" secret", p, (pp->hlen - (p - pp->u.h) - 2));
825 p += (pp->hlen - (p - pp->u.h) - 2);
850 fprintf(stderr,
" %-24.24s(0x%08x)", ctime(&t), (
unsigned)t);
853 fprintf(stderr,
" valid %u days", plen);
856 if (_digp && _digp->tag == (
rpmuint8_t)pp->tag) {
858 memcpy(_digp->time, v->
time,
sizeof(_digp->time));
872 fprintf(stderr,
" %-24.24s(0x%08x)", ctime(&t), (
unsigned)t);
875 if (_digp && _digp->tag == (
rpmuint8_t)pp->tag) {
877 memcpy(_digp->time, v->
time,
sizeof(_digp->time));
900 fprintf(stderr,
" \"%.*s\"", (
int)pp->hlen, (
const char *)pp->u.h);
903 char * t = (
char *) memcpy(
xmalloc(pp->hlen+1), pp->u.h, pp->hlen);
905 _digp->userid =
_free(_digp->userid);
918 fprintf(stderr,
" ");
928 fprintf(stderr,
"%.*s", (
int)strlen((
const char *)h), (
const char *)h);
942 unsigned int val = (
unsigned int)*pkt;
945 memset(pp, 0,
sizeof(*pp));
951 pp->tag = (
pgpTag) (val & 0x3f);
952 plen =
pgpLen(pkt+1, &pp->hlen);
954 pp->tag = (
pgpTag) ((val >> 2) & 0xf);
955 plen = (1 << (val & 0x3));
956 pp->hlen =
pgpGrab(pkt+1, plen);
959 pp->pktlen = 1 + plen + pp->hlen;
960 if (pleft > 0 && pp->pktlen > (
unsigned)pleft)
964 pp->u.h = pkt + 1 + plen;
981 switch (pp->u.h[0]) {
990 memmove(keyid, (se-8), 8);
1003 for (i = 0; i < 2; i++)
1007 for (i = 0; i < 4; i++)
1012 for (i = 0; i < 1; i++)
1021 memmove(keyid, (d + (dlen-8)), 8);
1034 if (b64decode(b64pkt, (
void **)&pkt, &pktlen))
1058 _digp->saved |= PGPDIG_SAVED_ID;
1060 memset(_digp->signid, 0,
sizeof(_digp->signid));
1101 return (rc ? -1 : (
int)pp->pktlen);
1110 dig->signature.userid =
_free(dig->signature.userid);
1111 dig->pubkey.userid =
_free(dig->pubkey.userid);
1112 dig->pubkey_algoN = NULL;
1113 dig->hash_algoN = NULL;
1114 memset(&dig->dops, 0,
sizeof(dig->dops));
1115 memset(&dig->sops, 0,
sizeof(dig->sops));
1116 dig->ppkts =
_free(dig->ppkts);
1118 dig->signature.hash = NULL;
1119 dig->signature.hashlen = 0;
1120 dig->pubkey.hash = NULL;
1121 dig->pubkey.hashlen = 0;
1123 memset(&dig->signature, 0,
sizeof(dig->signature));
1124 memset(&dig->pubkey, 0,
sizeof(dig->pubkey));
1126 dig->md5 =
_free(dig->md5);
1128 dig->sha1 =
_free(dig->sha1);
1145 dig->sig =
_free(dig->sig);
1147 dig->pub =
_free(dig->pub);
1152 yarnRelease(dig->_item.use);
1157 yarnPossess(dig->_item.use);
1160 if (dig->hdrctx != NULL)
1164 if (dig->hdrsha1ctx != NULL)
1166 dig->hdrsha1ctx = NULL;
1168 if (dig->sha1ctx != NULL)
1170 dig->sha1ctx = NULL;
1173 if (dig->hdrmd5ctx != NULL)
1175 dig->hdrmd5ctx = NULL;
1178 if (dig->md5ctx != NULL)
1195 if (_digPool == NULL) {
1196 _digPool =
rpmioNewPool(
"dig",
sizeof(*dig), -1, _pgp_debug,
1202 memset(((
char *)dig)+
sizeof(dig->_item), 0,
sizeof(*dig)-
sizeof(dig->_item));
1215 pubp->pubkey_algo = pubkey_algo;
1217 if (pubp->pubkey_algo) {
1229 return (dig ? &dig->signature : NULL);
1234 return (dig ? &dig->pubkey : NULL);
1239 return (dig ? dig->sigtag : 0);
1244 return (dig ? dig->sigtype : 0);
1249 return (dig ? dig->sig : NULL);
1254 return (dig ? dig->siglen : 0);
1261 dig->sigtag = sigtag;
1262 dig->sigtype = (sig ? sigtype : 0);
1266 dig->siglen = siglen;
1286 int (*findPubkey) (
void *ts,
void *dig),
void * _ts)
1290 dig->findPubkey = findPubkey;
1302 if (dig && dig->findPubkey && dig->_ts)
1303 rc = (*dig->findPubkey) (dig->_ts, dig);
1318 for (p = pkts, pleft = pktlen; p < (pkts + pktlen); p += len, pleft -= len) {
1330 for (p = pkts, pleft = pktlen; p < (pkts + pktlen); p += len, pleft -= len) {
1337 ppkts[npkts] = NULL;
1342 ppkts =
_free(ppkts);
1356 unsigned int val = (
unsigned int)*pkts;
1363 _pgp_print = printing;
1365 if (dig != NULL && (val & 0x80)) {
1366 pgpTag tag = (
pgpTag)((val & 0x40) ? (val & 0x3f) : ((val >> 2) & 0xf));
1372 if (
pgpGrabPkts(pkts, pktlen, &ppkts, &npkts) || ppkts == NULL) {
1378 for (i = 0, pleft = pktlen; i < npkts; i++, pleft -= len) {
1384 dig->ppkts =
_free(dig->ppkts);
1388 ppkts =
_free(ppkts);
1399 const char * enc = NULL;
1400 const char * crcenc = NULL;
1406 const char * armortype = NULL;
1433 iob->blen =
pgpPktLen(iob->b, iob->blen, pp);
1438 #define TOKEQ(_s, _tok) (!strncmp((_s), (_tok), sizeof(_tok)-1))
1441 for (t = (
char *)iob->b; t && *t; t = te) {
1442 if ((te = strchr(t,
'\n')) == NULL)
1450 if (!
TOKEQ(t,
"-----BEGIN PGP "))
1452 t +=
sizeof(
"-----BEGIN PGP ")-1;
1465 t = strchr(t,
'\n');
1470 t -= (
sizeof(
"-----")-1);
1471 if (!
TOKEQ(t,
"-----"))
1481 if (!(*t ==
'\n' || *t ==
'\r')) {
1498 if (!
TOKEQ(t,
"-----END PGP ")) {
1503 t +=
sizeof(
"-----END PGP ")-1;
1504 if (t >= te)
continue;
1506 if (armortype == NULL)
1508 rc = strncmp(t, armortype, strlen(armortype));
1512 t += strlen(armortype);
1513 if (t >= te)
continue;
1515 if (!
TOKEQ(t,
"-----")) {
1519 t += (
sizeof(
"-----")-1);
1520 if (t >= te)
continue;
1522 if (!(*t ==
'\n' || *t ==
'\r'))
continue;
1526 if (b64decode(crcenc, (
void **)&crcdec, &crclen) != 0) {
1530 crcpkt =
pgpGrab(crcdec, crclen);
1531 crcdec =
_free(crcdec);
1534 if (b64decode(enc, (
void **)&dec, &declen) != 0) {
1538 crc =
pgpCRC(dec, declen);
1539 if (crcpkt != crc) {
1543 iob->b =
_free(iob->b);
1554 if (pkt) *pkt = iob->b;
1555 if (pktlen) *pktlen = iob->blen;
1558 if (pkt) *pkt = NULL;
1559 if (pktlen) *pktlen = 0;
1582 nt = ((ns + 2) / 3) * 4;
1585 if (b64encode_chars_per_line > 0 && b64encode_eolstr != NULL) {
1586 lc = (nt + b64encode_chars_per_line - 1) / b64encode_chars_per_line;
1587 if (((nt + b64encode_chars_per_line - 1) % b64encode_chars_per_line) != 0)
1589 nt += lc * strlen(b64encode_eolstr);
1595 val = t = (
char *)
xmalloc(nt + 1);
1597 t =
stpcpy(t,
"-----BEGIN PGP ");
1602 t =
stpcpy(t,
" (BeeCrypt)\n\n");
1604 if ((enc = b64encode(s, ns)) != NULL) {
1607 if ((enc = b64crc(s, ns)) != NULL) {
1614 t =
stpcpy(t,
"-----END PGP ");
1616 t =
stpcpy(t,
"-----\n");
1630 name_len = strlen(name);
1631 for (i = 0; i <
sizeof(
pgpHashTbl)/
sizeof(pgpHashTbl[0]); i++)