5 #include <endianness.h>
11 #if HAVE_BEECRYPT_API_H
17 #include <rpm/rpmpgp.h>
18 #include "rpmio/digest.h"
19 #include "rpmio/rpmio_internal.h"
23 * MD5/SHA1 digest private data.
26 rpmDigestFlags flags; /*!< Bit(s) to control digest operation. */
27 int algo; /*!< Used hash algorithm */
28 uint32_t datalen; /*!< No. bytes in block of plaintext data. */
29 uint32_t paramlen; /*!< No. bytes of digest parameters. */
30 uint32_t digestlen; /*!< No. bytes of digest. */
31 void * param; /*!< Digest parameters. */
32 int (*Reset) (void * param); /*!< Digest initialize. */
33 int (*Update) (void * param, const byte * data, size_t size); /*!< Digest transform. */
34 int (*Digest) (void * param, byte * digest); /*!< Digest finish. */
38 /**************************** init ************************************/
40 int rpmInitCrypto(void) {
44 int rpmFreeCrypto(void) {
48 /**************************** digest ************************************/
50 DIGEST_CTX rpmDigestDup(DIGEST_CTX octx)
52 DIGEST_CTX nctx = NULL;
54 nctx = memcpy(xcalloc(1, sizeof(*nctx)), octx, sizeof(*nctx));
55 nctx->param = memcpy(xcalloc(1, nctx->paramlen), octx->param, nctx->paramlen);
60 size_t rpmDigestLength(int hashalgo)
65 case PGPHASHALGO_SHA1:
67 #if HAVE_BEECRYPT_API_H
68 case PGPHASHALGO_SHA256:
70 case PGPHASHALGO_SHA384:
72 case PGPHASHALGO_SHA512:
80 DIGEST_CTX rpmDigestInit(int hashalgo, rpmDigestFlags flags)
82 DIGEST_CTX ctx = xcalloc(1, sizeof(*ctx));
91 ctx->paramlen = sizeof(md5Param);
92 ctx->param = xcalloc(1, ctx->paramlen);
93 ctx->Reset = (void *) md5Reset;
94 ctx->Update = (void *) md5Update;
95 ctx->Digest = (void *) md5Digest;
97 case PGPHASHALGO_SHA1:
100 ctx->paramlen = sizeof(sha1Param);
101 ctx->param = xcalloc(1, ctx->paramlen);
102 ctx->Reset = (void *) sha1Reset;
103 ctx->Update = (void *) sha1Update;
104 ctx->Digest = (void *) sha1Digest;
106 #if HAVE_BEECRYPT_API_H
107 case PGPHASHALGO_SHA256:
110 ctx->paramlen = sizeof(sha256Param);
111 ctx->param = xcalloc(1, ctx->paramlen);
112 ctx->Reset = (void *) sha256Reset;
113 ctx->Update = (void *) sha256Update;
114 ctx->Digest = (void *) sha256Digest;
116 case PGPHASHALGO_SHA384:
119 ctx->paramlen = sizeof(sha384Param);
120 ctx->param = xcalloc(1, ctx->paramlen);
121 ctx->Reset = (void *) sha384Reset;
122 ctx->Update = (void *) sha384Update;
123 ctx->Digest = (void *) sha384Digest;
125 case PGPHASHALGO_SHA512:
128 ctx->paramlen = sizeof(sha512Param);
129 ctx->param = xcalloc(1, ctx->paramlen);
130 ctx->Reset = (void *) sha512Reset;
131 ctx->Update = (void *) sha512Update;
132 ctx->Digest = (void *) sha512Digest;
135 case PGPHASHALGO_RIPEMD160:
136 case PGPHASHALGO_MD2:
137 case PGPHASHALGO_TIGER192:
138 case PGPHASHALGO_HAVAL_5_160:
144 (*ctx->Reset)(ctx->param);
148 int rpmDigestUpdate(DIGEST_CTX ctx, const void * data, size_t len)
153 return (*ctx->Update) (ctx->param, data, len);
156 int rpmDigestFinal(DIGEST_CTX ctx, void ** datap, size_t *lenp, int asAscii)
164 digest = xmalloc(ctx->digestlen);
167 (void) (*ctx->Digest) (ctx->param, digest);
169 /* Return final digest. */
171 if (lenp) *lenp = ctx->digestlen;
177 if (lenp) *lenp = (2*ctx->digestlen) + 1;
179 const byte * s = (const byte *) digest;
180 static const char hex[] = "0123456789abcdef";
182 *datap = t = xmalloc((2*ctx->digestlen) + 1);
183 for (i = 0 ; i < ctx->digestlen; i++) {
184 *t++ = hex[ (unsigned)((*s >> 4) & 0x0f) ];
185 *t++ = hex[ (unsigned)((*s++ ) & 0x0f) ];
191 memset(digest, 0, ctx->digestlen); /* In case it's sensitive */
194 memset(ctx->param, 0, ctx->paramlen); /* In case it's sensitive */
196 memset(ctx, 0, sizeof(*ctx)); /* In case it's sensitive */
201 /**************************** helpers ************************************/
203 static inline char * pgpHexCvt(char *t, const byte *s, int nbytes)
205 static char hex[] = "0123456789abcdef";
206 while (nbytes-- > 0) {
209 *t++ = hex[ (i >> 4) & 0xf ];
210 *t++ = hex[ (i ) & 0xf ];
216 static const char * pgpMpiHex(const byte *p, const byte *pend)
218 static char prbuf[2048];
220 int nbytes = pgpMpiLen(p) - 2;
221 if (nbytes > 1024 || nbytes > pend - (p + 2))
223 t = pgpHexCvt(t, p+2, nbytes);
227 static int pgpHexSet(int lbits, mpnumber * mpn, const byte * p, const byte * pend)
229 unsigned int mbits = pgpMpiBits(p);
235 nbits = (lbits > mbits ? lbits : mbits);
236 nbytes = ((nbits + 7) >> 3);
237 t = xmalloc(2*nbytes+1);
238 ix = 2 * ((nbits - mbits) >> 3);
240 if (ix > 0) memset(t, (int)'0', ix);
241 strcpy(t+ix, pgpMpiHex(p, pend));
242 (void) mpnsethex(mpn, t);
247 static void pgpFreeSigRSADSA(pgpDigAlg sa)
254 static void pgpFreeKeyRSADSA(pgpDigAlg sa)
262 /****************************** RSA **************************************/
264 struct pgpDigSigRSA_s {
268 struct pgpDigKeyRSA_s {
272 static int pgpSetSigMpiRSA(pgpDigAlg pgpsig, int num,
273 const uint8_t *p, const uint8_t *pend)
275 struct pgpDigSigRSA_s *sig = pgpsig->data;
280 sig = pgpsig->data = xcalloc(1, sizeof(*sig));
281 (void) mpnsethex(&sig->c, pgpMpiHex(p, pend));
288 static int pgpSetKeyMpiRSA(pgpDigAlg pgpkey, int num,
289 const uint8_t *p, const uint8_t *pend)
291 struct pgpDigKeyRSA_s *key = pgpkey->data;
295 key = pgpkey->data = xcalloc(1, sizeof(*key));
298 (void) mpbsethex(&key->rsa_pk.n, pgpMpiHex(p, pend));
302 (void) mpnsethex(&key->rsa_pk.e, pgpMpiHex(p, pend));
309 static int pgpVerifySigRSA(pgpDigAlg pgpkey, pgpDigAlg pgpsig, uint8_t *hash, size_t hashlen, int hash_algo)
311 struct pgpDigKeyRSA_s *key = pgpkey->data;
312 struct pgpDigSigRSA_s *sig = pgpsig->data;
313 const char * prefix = NULL;
321 case PGPHASHALGO_MD5:
322 prefix = "3020300c06082a864886f70d020505000410";
324 case PGPHASHALGO_SHA1:
325 prefix = "3021300906052b0e03021a05000414";
327 case PGPHASHALGO_MD2:
328 prefix = "3020300c06082a864886f70d020205000410";
330 case PGPHASHALGO_SHA256:
331 prefix = "3031300d060960864801650304020105000420";
333 case PGPHASHALGO_SHA384:
334 prefix = "3041300d060960864801650304020205000430";
336 case PGPHASHALGO_SHA512:
337 prefix = "3051300d060960864801650304020305000440";
343 /* Generate RSA modulus parameter. */
344 { unsigned int nbits = MP_WORDS_TO_BITS(sig->c.size);
345 unsigned int nb = (nbits + 7) >> 3;
351 memset(buf, 0xff, nb);
354 bp = buf + nb - strlen(prefix)/2 - hashlen - 1;
358 for (; *prefix; prefix += 2)
359 *bp++ = (rnibble(prefix[0]) << 4) | rnibble(prefix[1]);
360 memcpy(bp, hash, hashlen);
362 (void) mpnsetbin(&rsahm, buf, nb);
365 #if HAVE_BEECRYPT_API_H
366 rc = rsavrfy(&key->rsa_pk.n, &key->rsa_pk.e, &sig->c, &rsahm) == 1 ? 0 : 1;
368 rc = rsavrfy(&key->rsa_pk, &rsahm, &sig->c) == 1 ? 0 : 1;
375 /****************************** DSA **************************************/
377 struct pgpDigSigDSA_s {
382 struct pgpDigKeyDSA_s {
389 static int pgpSetSigMpiDSA(pgpDigAlg pgpsig, int num,
390 const uint8_t *p, const uint8_t *pend)
392 struct pgpDigSigDSA_s *sig = pgpsig->data;
397 sig = pgpsig->data = xcalloc(1, sizeof(*sig));
398 rc = pgpHexSet(160, &sig->r, p, pend);
401 rc = pgpHexSet(160, &sig->s, p, pend);
407 static int pgpSetKeyMpiDSA(pgpDigAlg pgpkey, int num,
408 const uint8_t *p, const uint8_t *pend)
410 struct pgpDigKeyDSA_s *key = pgpkey->data;
414 key = pgpkey->data = xcalloc(1, sizeof(*key));
418 mpbsethex(&key->p, pgpMpiHex(p, pend));
422 mpbsethex(&key->q, pgpMpiHex(p, pend));
426 mpnsethex(&key->g, pgpMpiHex(p, pend));
430 mpnsethex(&key->y, pgpMpiHex(p, pend));
437 static int pgpVerifySigDSA(pgpDigAlg pgpkey, pgpDigAlg pgpsig, uint8_t *hash, size_t hashlen, int hash_algo)
439 struct pgpDigKeyDSA_s *key = pgpkey->data;
440 struct pgpDigSigDSA_s *sig = pgpsig->data;
446 mpnsetbin(&hm, hash, hashlen);
447 rc = dsavrfy(&key->p, &key->q, &key->g, &hm, &key->y, &sig->r, &sig->s) == 1 ? 0 : 1;
453 static int pgpSetMpiNULL(pgpDigAlg pgpkey, int num,
454 const uint8_t *p, const uint8_t *pend)
459 static int pgpVerifyNULL(pgpDigAlg pgpkey, pgpDigAlg pgpsig,
460 uint8_t *hash, size_t hashlen, int hash_algo)
465 pgpDigAlg pgpPubkeyNew(int algo)
467 pgpDigAlg ka = xcalloc(1, sizeof(*ka));;
470 case PGPPUBKEYALGO_RSA:
471 ka->setmpi = pgpSetKeyMpiRSA;
472 ka->free = pgpFreeKeyRSADSA;
475 case PGPPUBKEYALGO_DSA:
476 ka->setmpi = pgpSetKeyMpiDSA;
477 ka->free = pgpFreeKeyRSADSA;
481 ka->setmpi = pgpSetMpiNULL;
486 ka->verify = pgpVerifyNULL; /* keys can't be verified */
491 pgpDigAlg pgpSignatureNew(int algo)
493 pgpDigAlg sa = xcalloc(1, sizeof(*sa));
496 case PGPPUBKEYALGO_RSA:
497 sa->setmpi = pgpSetSigMpiRSA;
498 sa->free = pgpFreeSigRSADSA;
499 sa->verify = pgpVerifySigRSA;
502 case PGPPUBKEYALGO_DSA:
503 sa->setmpi = pgpSetSigMpiDSA;
504 sa->free = pgpFreeSigRSADSA;
505 sa->verify = pgpVerifySigDSA;
509 sa->setmpi = pgpSetMpiNULL;
510 sa->verify = pgpVerifyNULL;