Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/external/bsd/netpgp/dist/src/lib Changes to 3.99.7/20...
details: https://anonhg.NetBSD.org/src/rev/f6cecd37ffa7
branches: trunk
changeset: 756228:f6cecd37ffa7
user: agc <agc%NetBSD.org@localhost>
date: Fri Jul 09 05:35:34 2010 +0000
description:
Changes to 3.99.7/20100701
+ recognise ascii-armoured encrypted messages properly, in memory and
in files
+ print error message and exit for now when trying to encrypt with a DSA key
+ fix bug reported by dyoung when trying to print out the encryption key
fingerprint
diffstat:
crypto/external/bsd/netpgp/dist/src/lib/create.c | 70 +++++++--
crypto/external/bsd/netpgp/dist/src/lib/crypto.c | 107 +++++++-------
crypto/external/bsd/netpgp/dist/src/lib/keyring.c | 30 +++-
crypto/external/bsd/netpgp/dist/src/lib/misc.c | 33 +--
crypto/external/bsd/netpgp/dist/src/lib/netpgp.c | 93 +++++-------
crypto/external/bsd/netpgp/dist/src/lib/openssl_crypto.c | 12 +-
crypto/external/bsd/netpgp/dist/src/lib/packet-parse.c | 19 ++-
crypto/external/bsd/netpgp/dist/src/lib/packet-print.c | 4 +-
crypto/external/bsd/netpgp/dist/src/lib/packet.h | 6 +
crypto/external/bsd/netpgp/dist/src/lib/reader.c | 19 +-
crypto/external/bsd/netpgp/dist/src/lib/readerwriter.h | 8 +-
crypto/external/bsd/netpgp/dist/src/lib/ssh2pgp.c | 11 +-
crypto/external/bsd/netpgp/dist/src/lib/version.h | 2 +-
crypto/external/bsd/netpgp/dist/src/lib/writer.c | 16 +-
14 files changed, 247 insertions(+), 183 deletions(-)
diffs (truncated from 977 to 300 lines):
diff -r 22880888573b -r f6cecd37ffa7 crypto/external/bsd/netpgp/dist/src/lib/create.c
--- a/crypto/external/bsd/netpgp/dist/src/lib/create.c Thu Jul 08 23:27:50 2010 +0000
+++ b/crypto/external/bsd/netpgp/dist/src/lib/create.c Fri Jul 09 05:35:34 2010 +0000
@@ -57,7 +57,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: create.c,v 1.30 2010/06/30 15:18:10 agc Exp $");
+__RCSID("$NetBSD: create.c,v 1.31 2010/07/09 05:35:34 agc Exp $");
#endif
#include <sys/types.h>
@@ -453,10 +453,10 @@
return 0;
}
break;
-
- /* case OPS_PKA_ELGAMAL: */
- /* return __ops_write_mpi(output, key->key.elgamal.x); */
-
+ case OPS_PKA_DSA:
+ return __ops_write_mpi(output, key->key.dsa.x);
+ case OPS_PKA_ELGAMAL:
+ return __ops_write_mpi(output, key->key.elgamal.x);
default:
return 0;
}
@@ -892,8 +892,14 @@
unsigned i;
/* implementation of EME-PKCS1-v1_5-ENCODE, as defined in OpenPGP RFC */
-
- if (pubkey->alg != OPS_PKA_RSA) {
+ switch (pubkey->alg) {
+ case OPS_PKA_RSA:
+ break;
+ case OPS_PKA_DSA:
+ case OPS_PKA_ELGAMAL:
+ (void) fprintf(stderr, "encode_m_buf: DSA/Elgamal encryption not implemented yet\n");
+ break;
+ default:
(void) fprintf(stderr, "encode_m_buf: pubkey algorithm\n");
return 0;
}
@@ -986,7 +992,12 @@
if (__ops_get_debug_level(__FILE__)) {
hexdump(stderr, "Encrypting for RSA keyid", key->key_id, sizeof(sesskey->key_id));
}
- if (key->key.pubkey.alg != OPS_PKA_RSA) {
+ switch (key->key.pubkey.alg) {
+ case OPS_PKA_RSA:
+ case OPS_PKA_DSA:
+ case OPS_PKA_ELGAMAL:
+ break;
+ default:
(void) fprintf(stderr,
"__ops_create_pk_sesskey: bad pubkey algorithm\n");
free(encoded_m_buf);
@@ -1013,11 +1024,24 @@
encode_m_buf(unencoded_m_buf, SZ_UNENCODED_M_BUF, pubkey, encoded_m_buf);
/* and encrypt it */
- if (!__ops_rsa_encrypt_mpi(encoded_m_buf, sz_encoded_m_buf, pubkey,
- &sesskey->params)) {
+ switch (key->key.pubkey.alg) {
+ case OPS_PKA_RSA:
+ if (!__ops_rsa_encrypt_mpi(encoded_m_buf, sz_encoded_m_buf, pubkey,
+ &sesskey->params)) {
+ free(encoded_m_buf);
+ free(sesskey);
+ return NULL;
+ }
+ break;
+ case OPS_PKA_DSA:
+ case OPS_PKA_ELGAMAL:
+ (void) fprintf(stderr, "DSA/Elgamal encryption not supported yet\n");
free(encoded_m_buf);
free(sesskey);
return NULL;
+ default:
+ /* will not get here - for lint only */
+ break;
}
free(encoded_m_buf);
return sesskey;
@@ -1039,20 +1063,26 @@
"__ops_write_pk_sesskey: NULL pksk\n");
return 0;
}
- if (pksk->alg != OPS_PKA_RSA) {
+ switch (pksk->alg) {
+ case OPS_PKA_RSA:
+ return __ops_write_ptag(output, OPS_PTAG_CT_PK_SESSION_KEY) &&
+ __ops_write_length(output, (unsigned)(1 + 8 + 1 +
+ BN_num_bytes(pksk->params.rsa.encrypted_m) + 2)) &&
+ __ops_write_scalar(output, (unsigned)pksk->version, 1) &&
+ __ops_write(output, pksk->key_id, 8) &&
+ __ops_write_scalar(output, (unsigned)pksk->alg, 1) &&
+ __ops_write_mpi(output, pksk->params.rsa.encrypted_m)
+ /* ?? && __ops_write_scalar(output, 0, 2); */
+ ;
+ case OPS_PKA_DSA:
+ case OPS_PKA_ELGAMAL:
+ (void) fprintf(stderr, "__ops_write_pk_sesskey: DSA/Elgamal encryption not implemented yet\n");
+ return 0;
+ default:
(void) fprintf(stderr,
"__ops_write_pk_sesskey: bad algorithm\n");
return 0;
}
- return __ops_write_ptag(output, OPS_PTAG_CT_PK_SESSION_KEY) &&
- __ops_write_length(output, (unsigned)(1 + 8 + 1 +
- BN_num_bytes(pksk->params.rsa.encrypted_m) + 2)) &&
- __ops_write_scalar(output, (unsigned)pksk->version, 1) &&
- __ops_write(output, pksk->key_id, 8) &&
- __ops_write_scalar(output, (unsigned)pksk->alg, 1) &&
- __ops_write_mpi(output, pksk->params.rsa.encrypted_m)
- /* ?? && __ops_write_scalar(output, 0, 2); */
- ;
}
/**
diff -r 22880888573b -r f6cecd37ffa7 crypto/external/bsd/netpgp/dist/src/lib/crypto.c
--- a/crypto/external/bsd/netpgp/dist/src/lib/crypto.c Thu Jul 08 23:27:50 2010 +0000
+++ b/crypto/external/bsd/netpgp/dist/src/lib/crypto.c Fri Jul 09 05:35:34 2010 +0000
@@ -54,7 +54,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: crypto.c,v 1.24 2010/06/25 03:37:27 agc Exp $");
+__RCSID("$NetBSD: crypto.c,v 1.25 2010/07/09 05:35:34 agc Exp $");
#endif
#include <sys/types.h>
@@ -89,11 +89,11 @@
const BIGNUM *encmpi,
const __ops_seckey_t *seckey)
{
- uint8_t encmpibuf[NETPGP_BUFSIZ];
- uint8_t mpibuf[NETPGP_BUFSIZ];
unsigned mpisize;
+ uint8_t encmpibuf[NETPGP_BUFSIZ];
+ uint8_t mpibuf[NETPGP_BUFSIZ];
+ int i;
int n;
- int i;
mpisize = (unsigned)BN_num_bytes(encmpi);
/* MPI can't be more than 65,536 */
@@ -103,54 +103,52 @@
}
BN_bn2bin(encmpi, encmpibuf);
- if (seckey->pubkey.alg != OPS_PKA_RSA) {
+ switch (seckey->pubkey.alg) {
+ case OPS_PKA_RSA:
+ if (__ops_get_debug_level(__FILE__)) {
+ hexdump(stderr, "encrypted", encmpibuf, 16);
+ }
+ n = __ops_rsa_private_decrypt(mpibuf, encmpibuf,
+ (unsigned)(BN_num_bits(encmpi) + 7) / 8,
+ &seckey->key.rsa, &seckey->pubkey.key.rsa);
+ if (n == -1) {
+ (void) fprintf(stderr, "ops_rsa_private_decrypt failure\n");
+ return -1;
+ }
+ if (__ops_get_debug_level(__FILE__)) {
+ hexdump(stderr, "decrypted", mpibuf, 16);
+ }
+ if (n <= 0) {
+ return -1;
+ }
+ /* Decode EME-PKCS1_V1_5 (RFC 2437). */
+ if (mpibuf[0] != 0 || mpibuf[1] != 2) {
+ return -1;
+ }
+ /* Skip the random bytes. */
+ for (i = 2; i < n && mpibuf[i]; ++i) {
+ }
+ if (i == n || i < 10) {
+ return -1;
+ }
+ /* Skip the zero */
+ i += 1;
+ /* this is the unencoded m buf */
+ if ((unsigned) (n - i) <= buflen) {
+ (void) memcpy(buf, mpibuf + i, (unsigned)(n - i)); /* XXX - Flexelint */
+ }
+ if (__ops_get_debug_level(__FILE__)) {
+ hexdump(stderr, "decoded m", buf, (size_t)(n - i));
+ }
+ return n - i;
+ case OPS_PKA_DSA:
+ case OPS_PKA_ELGAMAL:
+ (void) fprintf(stderr, "XXX - no support for DSA/Elgamal yet\n");
+ return 0;
+ default:
(void) fprintf(stderr, "pubkey algorithm wrong\n");
return -1;
}
-
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "encrypted", encmpibuf, 16);
- }
- n = __ops_rsa_private_decrypt(mpibuf, encmpibuf,
- (unsigned)(BN_num_bits(encmpi) + 7) / 8,
- &seckey->key.rsa, &seckey->pubkey.key.rsa);
- if (n == -1) {
- (void) fprintf(stderr, "ops_rsa_private_decrypt failure\n");
- return -1;
- }
-
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "decrypted", mpibuf, 16);
- }
- if (n <= 0) {
- return -1;
- }
-
- /* Decode EME-PKCS1_V1_5 (RFC 2437). */
- if (mpibuf[0] != 0 || mpibuf[1] != 2) {
- return -1;
- }
-
- /* Skip the random bytes. */
- for (i = 2; i < n && mpibuf[i]; ++i) {
- }
-
- if (i == n || i < 10) {
- return -1;
- }
-
- /* Skip the zero */
- i += 1;
-
- /* this is the unencoded m buf */
- if ((unsigned) (n - i) <= buflen) {
- (void) memcpy(buf, mpibuf + i, (unsigned)(n - i)); /* XXX - Flexelint */
- }
-
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "decoded m", buf, (size_t)(n - i));
- }
- return n - i;
}
/**
@@ -215,16 +213,16 @@
break;
case OPS_PTAG_CT_PK_SESSION_KEY:
- return pk_sesskey_cb(pkt, cbinfo);
+ return __ops_pk_sesskey_cb(pkt, cbinfo);
case OPS_GET_SECKEY:
- return get_seckey_cb(pkt, cbinfo);
+ return __ops_get_seckey_cb(pkt, cbinfo);
case OPS_GET_PASSPHRASE:
return cbinfo->cryptinfo.getpassphrase(pkt, cbinfo);
case OPS_PTAG_CT_LITDATA_BODY:
- return litdata_cb(pkt, cbinfo);
+ return __ops_litdata_cb(pkt, cbinfo);
case OPS_PTAG_CT_ARMOUR_HEADER:
case OPS_PTAG_CT_ARMOUR_TRAILER:
@@ -291,7 +289,10 @@
}
/* Push the encrypted writer */
- __ops_push_enc_se_ip(output, pubkey);
+ if (!__ops_push_enc_se_ip(output, pubkey)) {
+ __ops_memory_free(inmem);
+ return 0;
+ }
/* This does the writing */
__ops_write(output, __ops_mem_data(inmem), __ops_mem_len(inmem));
diff -r 22880888573b -r f6cecd37ffa7 crypto/external/bsd/netpgp/dist/src/lib/keyring.c
--- a/crypto/external/bsd/netpgp/dist/src/lib/keyring.c Thu Jul 08 23:27:50 2010 +0000
+++ b/crypto/external/bsd/netpgp/dist/src/lib/keyring.c Fri Jul 09 05:35:34 2010 +0000
@@ -57,7 +57,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: keyring.c,v 1.38 2010/06/25 03:37:27 agc Exp $");
+__RCSID("$NetBSD: keyring.c,v 1.39 2010/07/09 05:35:34 agc Exp $");
#endif
#ifdef HAVE_FCNTL_H
@@ -377,12 +377,13 @@
__ops_is_key_supported(const __ops_key_t *key)
{
if (key->type == OPS_PTAG_CT_PUBLIC_KEY) {
- if (key->key.pubkey.alg == OPS_PKA_RSA) {
+ switch(key->key.pubkey.alg) {
+ case OPS_PKA_RSA:
+ case OPS_PKA_DSA:
+ case OPS_PKA_ELGAMAL:
Home |
Main Index |
Thread Index |
Old Index