Test vectors for GPG V3 DSA signature of "abc".

CVS patchset: 5096
CVS date: 2001/10/05 05:10:12

diff --git a/rpmio/Makefile.am b/rpmio/Makefile.am
index dd48d4f..fc24c9f 100644 (file)
--- a/rpmio/Makefile.am
+++ b/rpmio/Makefile.am
@@ -55,6 +55,7 @@ trpmio_SOURCES = trpmio.c
 trpmio_LDADD += librpmio.la $(top_builddir)/popt/libpopt.la
 
 tkey_SOURCES = tkey.c
+tkey_LDFLAGS = -all-static
 tkey_LDADD += librpmio.la $(top_builddir)/popt/libpopt.la
 
 dumpasn1_SOURCES = dumpasn1.c

diff --git a/rpmio/rpmio.h b/rpmio/rpmio.h
index 920c85d..56aa872 100644 (file)
--- a/rpmio/rpmio.h
+++ b/rpmio/rpmio.h
@@ -14,6 +14,10 @@
 #include <stdlib.h>
 #include <unistd.h>
 
+/**
+ */
+typedef /*@abstract@*/ struct pgpSig_s * rpmDigest;
+
 /** \ingroup rpmio
  * Hide libio API lossage.
  * The libio interface changed after glibc-2.1.3 to pass the seek offset

diff --git a/rpmio/rpmio_internal.h b/rpmio/rpmio_internal.h
index 9773e7b..766caa7 100644 (file)
--- a/rpmio/rpmio_internal.h
+++ b/rpmio/rpmio_internal.h
@@ -58,6 +58,8 @@ typedef enum rpmDigestFlags_e {
 } rpmDigestFlags;
 #define        RPMDIGEST_MASK  0xffff
 
+/**
+ */
 typedef /*@abstract@*/ struct DIGEST_CTX_s * DIGEST_CTX;
 
 /** \ingroup rpmio

diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c
index 7689229..eeec3a7 100644 (file)
--- a/rpmio/rpmpgp.c
+++ b/rpmio/rpmpgp.c
@@ -8,6 +8,8 @@
 #include "debug.h"
 
 static int _debug = 0;
+static int _print = 0;
+static struct pgpSig_s * _dig = NULL;
 
 /*@-readonlytrans@*/
 /* This is the unarmored RPM-GPG-KEY public key. */
@@ -211,8 +213,44 @@ struct pgpValTbl_s pgpPktTbl[] = {
 };
 /*@=readonlytrans@*/
 
+static void pgpPrtNL(void)
+       /*@modifies fileSystem @*/
+{
+    if (!_print) return;
+    fprintf(stderr, "\n");
+}
+
+static void pgpPrtInt(const char *pre, int i)
+       /*@modifies fileSystem @*/
+{
+    if (!_print) return;
+    if (pre && *pre)
+       fprintf(stderr, "%s", pre);
+    fprintf(stderr, " %d", i);
+}
+
+static void pgpPrtStr(const char *pre, const char *s)
+       /*@modifies fileSystem @*/
+{
+    if (!_print) return;
+    if (pre && *pre)
+       fprintf(stderr, "%s", pre);
+    fprintf(stderr, " %s", s);
+}
+
+static void pgpPrtHex(const char *pre, const byte *p, unsigned int plen)
+       /*@modifies fileSystem @*/
+{
+    if (!_print) return;
+    if (pre && *pre)
+       fprintf(stderr, "%s", pre);
+    fprintf(stderr, " %s", pgpHexStr(p, plen));
+}
+
 void pgpPrtVal(const char * pre, pgpValTbl vs, byte val)
+       /*@modifies fileSystem @*/
 {
+    if (!_print) return;
     if (pre && *pre)
        fprintf(stderr, "%s", pre);
     fprintf(stderr, "%s(%u)", pgpValStr(vs, val), (unsigned)val);
@@ -237,7 +275,6 @@ int pgpPrtPktSigV3(pgpPkt pkt, const byte *h, unsigned int hlen)
     time_t t;
     int i;
 
-    pgpPrtVal("", pgpPktTbl, pkt);
     if (v->version != 3) {
        fprintf(stderr, " version(%u) != 3\n", (unsigned)v->version);
        return 1;
@@ -246,35 +283,56 @@ int pgpPrtPktSigV3(pgpPkt pkt, const byte *h, unsigned int hlen)
        fprintf(stderr, " hashlen(%u) != 5\n", (unsigned)v->hashlen);
        return 1;
     }
+
+    if (_dig) memcpy(&_dig->sig.v3, v, sizeof(_dig->sig.v3));
+
+    pgpPrtVal("V3 ", pgpPktTbl, pkt);
+
     pgpPrtVal(" ", pgpPubkeyTbl, v->pubkey_algo);
     pgpPrtVal(" ", pgpHashTbl, v->hash_algo);
 
     pgpPrtVal(" ", pgpSigTypeTbl, v->sigtype);
-fprintf(stderr, "\n");
+    pgpPrtNL();
 
     t = pgpGrab(v->time, sizeof(v->time));
-fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t);
-fprintf(stderr, "\n");
-fprintf(stderr, " signer keyid %02x%02x%02x%02x%02x%02x%02x%02x",
-       (unsigned)v->signer[0], (unsigned)v->signer[1],
-       (unsigned)v->signer[2], (unsigned)v->signer[3],
-       (unsigned)v->signer[4], (unsigned)v->signer[5],
-       (unsigned)v->signer[6], (unsigned)v->signer[7]);
+    if (_print)
+       fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t);
+    pgpPrtNL();
+    pgpPrtHex(" signer keyid", v->signer, sizeof(v->signer));
     plen = pgpGrab(v->signhash16, sizeof(v->signhash16));
-fprintf(stderr, " signhash16 %04x", plen);
-fprintf(stderr, "\n");
+    pgpPrtHex(" signhash16", v->signhash16, sizeof(v->signhash16));
+    pgpPrtNL();
 
-    p = &v->data[0];
+    p = ((byte *)v) + sizeof(*v);
     for (i = 0; p < &h[hlen]; i++, p += pgpMpiLen(p)) {
        if (v->pubkey_algo == PGPPUBKEYALGO_RSA) {
            if (pgpSigRSA[i] == NULL) break;
-           fprintf(stderr, "%7.7s", pgpSigRSA[i]);
+           pgpPrtStr("", pgpSigRSA[i]);
        } else if (v->pubkey_algo == PGPPUBKEYALGO_DSA) {
            if (pgpSigDSA[i] == NULL) break;
-           fprintf(stderr, "%7.7s", pgpSigDSA[i]);
-       } else
-           fprintf(stderr, "%7d", i);
-       fprintf(stderr, " %s\n", pgpMpiStr(p));
+           if (_dig) {
+               switch (i) {
+               case 0:         /* r */
+                   mp32nsethex(&_dig->r, pgpMpiHex(p));
+if (_debug && _print)
+printf("\t     r = "),  mp32println(_dig->r.size, _dig->r.data);
+                   break;
+               case 1:         /* s */
+                   mp32nsethex(&_dig->s, pgpMpiHex(p));
+if (_debug && _print)
+printf("\t     s = "),  mp32println(_dig->s.size, _dig->s.data);
+                   break;
+               default:
+                   break;
+               }
+           }
+           pgpPrtStr("", pgpSigDSA[i]);
+       } else {
+           if (_print)
+               fprintf(stderr, "%7d", i);
+       }
+       pgpPrtStr("", pgpMpiStr(p));
+       pgpPrtNL();
     }
 
     return 0;
@@ -287,56 +345,42 @@ int pgpPrtSubType(const byte *h, unsigned int hlen)
     int i;
 
     while (hlen > 0) {
-#ifdef DYING
-       if (*p < 192) {
-           plen = *p++;
-           hlen -= 1;
-       } else if (*p < 255) {
-           plen = ((p[0] - 192) << 8) + p[1] + 192;
-           p += 2;
-           hlen -= 2;
-       } else {
-           p++;
-           plen = pgpGrab(p, 4);
-           p += 4;
-           hlen -= 5;
-       }
-#else
        i = pgpLen(p, &plen);
        p += i;
        hlen -= i;
-#endif
+
        pgpPrtVal("    ", pgpSubTypeTbl, p[0]);
        switch (*p) {
        case PGPSUBTYPE_PREFER_SYMKEY:  /* preferred symmetric algorithms */
            for (i = 1; i < plen; i++)
                pgpPrtVal(" ", pgpSymkeyTbl, p[i]);
-           fprintf(stderr, "\n");
+           pgpPrtNL();
            break;
        case PGPSUBTYPE_PREFER_HASH:    /* preferred hash algorithms */
            for (i = 1; i < plen; i++)
                pgpPrtVal(" ", pgpHashTbl, p[i]);
-           fprintf(stderr, "\n");
+           pgpPrtNL();
            break;
        case PGPSUBTYPE_PREFER_COMPRESS:/* preferred compression algorithms */
            for (i = 1; i < plen; i++)
                pgpPrtVal(" ", pgpCompressionTbl, p[i]);
-           fprintf(stderr, "\n");
+           pgpPrtNL();
            break;
        case PGPSUBTYPE_KEYSERVER_PREFERS:/* key server preferences */
            for (i = 1; i < plen; i++)
                pgpPrtVal(" ", pgpKeyServerPrefsTbl, p[i]);
-           fprintf(stderr, "\n");
+           pgpPrtNL();
            break;
        case PGPSUBTYPE_SIG_CREATE_TIME:
        case PGPSUBTYPE_SIG_EXPIRE_TIME:
        case PGPSUBTYPE_KEY_EXPIRE_TIME:
            if ((plen - 1) == 4) {
                time_t t = pgpGrab(p+1, plen-1);
-               fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t);
+               if (_print)
+                  fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t);
            } else
-               fprintf(stderr, " %s", pgpHexStr(p+1, plen-1));
-           fprintf(stderr, "\n");
+               pgpPrtHex("", p+1, plen-1);
+           pgpPrtNL();
            break;
 
        case PGPSUBTYPE_ISSUER_KEYID:   /* issuer key ID */
@@ -365,8 +409,8 @@ int pgpPrtSubType(const byte *h, unsigned int hlen)
        case PGPSUBTYPE_INTERNAL_109:
        case PGPSUBTYPE_INTERNAL_110:
        default:
-           fprintf(stderr, " %s", pgpHexStr(p+1, plen-1));
-           fprintf(stderr, "\n");
+           pgpPrtHex("", p+1, plen-1);
+           pgpPrtNL();
            break;
        }
        p += plen;
@@ -382,48 +426,76 @@ int pgpPrtPktSigV4(pgpPkt pkt, const byte *h, unsigned int hlen)
     unsigned plen;
     int i;
 
-    pgpPrtVal("", pgpPktTbl, pkt);
     if (v->version != 4) {
        fprintf(stderr, " version(%u) != 4\n", (unsigned)v->version);
        return 1;
     }
+
+    if (_dig) memcpy(&_dig->sig.v4, v, sizeof(_dig->sig.v4));
+
+    pgpPrtVal("V4 ", pgpPktTbl, pkt);
     pgpPrtVal(" ", pgpPubkeyTbl, v->pubkey_algo);
     pgpPrtVal(" ", pgpHashTbl, v->hash_algo);
 
     pgpPrtVal(" ", pgpSigTypeTbl, v->sigtype);
-fprintf(stderr, "\n");
+    pgpPrtNL();
 
     p = &v->hashlen[0];
     plen = pgpGrab(v->hashlen, sizeof(v->hashlen));
     p += sizeof(v->hashlen);
 
-if (_debug)
+if (_debug && _print)
 fprintf(stderr, "   hash[%u] -- %s\n", plen, pgpHexStr(p, plen));
+    if (_dig) {
+       _dig->hash_datalen = plen;
+       _dig->hash_data = xmalloc(_dig->hash_datalen);
+       memcpy(_dig->hash_data, p, plen);
+    }
     (void) pgpPrtSubType(p, plen);
     p += plen;
 
     plen = pgpGrab(p,2);
     p += 2;
 
-if (_debug)
+if (_debug && _print)
 fprintf(stderr, " unhash[%u] -- %s\n", plen, pgpHexStr(p, plen));
     (void) pgpPrtSubType(p, plen);
     p += plen;
 
     plen = pgpGrab(p,2);
+    pgpPrtHex(" signhash16", p, 2);
+    pgpPrtNL();
     p += 2;
-fprintf(stderr, " signhash16 %04x\n", plen);
 
     for (i = 0; p < &h[hlen]; i++, p += pgpMpiLen(p)) {
        if (v->pubkey_algo == PGPPUBKEYALGO_RSA) {
            if (pgpSigRSA[i] == NULL) break;
-           fprintf(stderr, "%7.7s", pgpSigRSA[i]);
+           pgpPrtStr("", pgpSigRSA[i]);
        } else if (v->pubkey_algo == PGPPUBKEYALGO_DSA) {
            if (pgpSigDSA[i] == NULL) break;
-           fprintf(stderr, "%7.7s", pgpSigDSA[i]);
-       } else
-           fprintf(stderr, "%7d", i);
-       fprintf(stderr, " %s\n", pgpMpiStr(p));
+           if (_dig) {
+               switch (i) {
+               case 0:         /* r */
+                   mp32nsethex(&_dig->r, pgpMpiHex(p));
+if (_debug && _print)
+printf("\t     r = "),  mp32println(_dig->r.size, _dig->r.data);
+                   break;
+               case 1:         /* s */
+                   mp32nsethex(&_dig->s, pgpMpiHex(p));
+if (_debug && _print)
+printf("\t     s = "),  mp32println(_dig->s.size, _dig->s.data);
+                   break;
+               default:
+                   break;
+               }
+           }
+           pgpPrtStr("", pgpSigDSA[i]);
+       } else {
+           if (_print)
+               fprintf(stderr, "%7d", i);
+       }
+       pgpPrtStr("", pgpMpiStr(p));
+       pgpPrtNL();
     }
 
     return 0;
@@ -497,28 +569,58 @@ int pgpPrtKeyV3(pgpPkt pkt, const byte *h, unsigned int hlen)
     }
     pgpPrtVal(" ", pgpPubkeyTbl, v->pubkey_algo);
     t = pgpGrab(v->time, sizeof(v->time));
-fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t);
+    if (_print)
+       fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t);
 
     plen = pgpGrab(v->valid, sizeof(v->valid));
     if (plen != 0)
        fprintf(stderr, " valid %u days", plen);
 
-fprintf(stderr, "\n");
+    pgpPrtNL();
 
-    p = &v->data[0];
+    p = ((byte *)v) + sizeof(*v);
     for (i = 0; p < &h[hlen]; i++, p += pgpMpiLen(p)) {
        if (v->pubkey_algo == PGPPUBKEYALGO_RSA) {
            if (pgpPublicRSA[i] == NULL) break;
-           fprintf(stderr, "%7.7s", pgpPublicRSA[i]);
+           pgpPrtStr("", pgpPublicRSA[i]);
        } else if (v->pubkey_algo == PGPPUBKEYALGO_DSA) {
            if (pgpPublicDSA[i] == NULL) break;
-           fprintf(stderr, "%7.7s", pgpPublicDSA[i]);
+           if (_dig) {
+               switch (i) {
+               case 0:         /* p */
+                   mp32bsethex(&_dig->p, pgpMpiHex(p));
+if (_debug && _print)
+printf("\t     p = "),  mp32println(_dig->p.size, _dig->p.modl);
+                   break;
+               case 1:         /* q */
+                   mp32bsethex(&_dig->q, pgpMpiHex(p));
+if (_debug && _print)
+printf("\t     q = "),  mp32println(_dig->q.size, _dig->q.modl);
+                   break;
+               case 2:         /* g */
+                   mp32nsethex(&_dig->g, pgpMpiHex(p));
+if (_debug && _print)
+printf("\t     g = "),  mp32println(_dig->g.size, _dig->g.data);
+                   break;
+               case 3:         /* y */
+                   mp32nsethex(&_dig->y, pgpMpiHex(p));
+if (_debug && _print)
+printf("\t     y = "),  mp32println(_dig->y.size, _dig->y.data);
+                   break;
+               default:
+                   break;
+               }
+           }
+           pgpPrtStr("", pgpPublicDSA[i]);
        } else if (v->pubkey_algo == PGPPUBKEYALGO_ELGAMAL_ENCRYPT) {
            if (pgpPublicELGAMAL[i] == NULL) break;
-           fprintf(stderr, "%7.7s", pgpPublicELGAMAL[i]);
-       } else
-           fprintf(stderr, "%7d", i);
-       fprintf(stderr, " %s\n", pgpMpiStr(p));
+           pgpPrtStr("", pgpPublicELGAMAL[i]);
+       } else {
+           if (_print)
+               fprintf(stderr, "%7d", i);
+       }
+       pgpPrtStr("", pgpMpiStr(p));
+       pgpPrtNL();
     }
 
     return 0;
@@ -538,23 +640,54 @@ int pgpPrtKeyV4(pgpPkt pkt, const byte *h, unsigned int hlen)
     }
     pgpPrtVal(" ", pgpPubkeyTbl, v->pubkey_algo);
     t = pgpGrab(v->time, sizeof(v->time));
-fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t);
-fprintf(stderr, "\n");
+    if (_print)
+       fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t);
+    pgpPrtNL();
 
-    p = &v->data[0];
+    p = ((byte *)v) + sizeof(*v);
     for (i = 0; p < &h[hlen]; i++, p += pgpMpiLen(p)) {
        if (v->pubkey_algo == PGPPUBKEYALGO_RSA) {
            if (pgpPublicRSA[i] == NULL) break;
-           fprintf(stderr, "%7.7s", pgpPublicRSA[i]);
+           pgpPrtStr("", pgpPublicRSA[i]);
        } else if (v->pubkey_algo == PGPPUBKEYALGO_DSA) {
            if (pgpPublicDSA[i] == NULL) break;
-           fprintf(stderr, "%7.7s", pgpPublicDSA[i]);
+           if (_dig) {
+               switch (i) {
+               case 0:         /* p */
+                   mp32bsethex(&_dig->p, pgpMpiHex(p));
+if (_debug && _print)
+printf("\t     p = "),  mp32println(_dig->p.size, _dig->p.modl);
+                   break;
+               case 1:         /* q */
+                   mp32bsethex(&_dig->q, pgpMpiHex(p));
+if (_debug && _print)
+printf("\t     q = "),  mp32println(_dig->q.size, _dig->q.modl);
+                   break;
+               case 2:         /* g */
+                   mp32nsethex(&_dig->g, pgpMpiHex(p));
+if (_debug && _print)
+printf("\t     g = "),  mp32println(_dig->g.size, _dig->g.data);
+                   break;
+               case 3:         /* y */
+                   mp32nsethex(&_dig->y, pgpMpiHex(p));
+if (_debug && _print)
+printf("\t     y = "),  mp32println(_dig->y.size, _dig->y.data);
+                   break;
+               default:
+                   break;
+               }
+           }
+           pgpPrtStr("", pgpPublicDSA[i]);
        } else if (v->pubkey_algo == PGPPUBKEYALGO_ELGAMAL_ENCRYPT) {
            if (pgpPublicELGAMAL[i] == NULL) break;
-           fprintf(stderr, "%7.7s", pgpPublicELGAMAL[i]);
-       } else
-           fprintf(stderr, "%7d", i);
-       fprintf(stderr, " %s\n", pgpMpiStr(p));
+           if (_print)
+               fprintf(stderr, "%7.7s", pgpPublicELGAMAL[i]);
+       } else {
+           if (_print)
+               fprintf(stderr, "%7d", i);
+       }
+       pgpPrtStr("", pgpMpiStr(p));
+       pgpPrtNL();
     }
 
     if (pkt == PGPPKT_PUBLIC_KEY || pkt == PGPPKT_PUBLIC_SUBKEY)
@@ -574,24 +707,25 @@ fprintf(stderr, "\n");
            break;
        case 0x01:
            pgpPrtVal(" salted ", pgpHashTbl, p[2]);
-fprintf(stderr, " %s", pgpHexStr(p+3, 8));
+           pgpPrtHex("", p+3, 8);
            p += 10;
            break;
        case 0x03:
            pgpPrtVal(" iterated/salted ", pgpHashTbl, p[2]);
            i = (16 + (p[11] & 0xf)) << ((p[11] >> 4) + 6);
-fprintf(stderr, " %s iter %d", pgpHexStr(p+3, 8), i);
+           pgpPrtHex("", p+3, 8);
+           pgpPrtInt(" iter", i);
            p += 11;
            break;
        }
        break;
     default:
        pgpPrtVal(" ", pgpSymkeyTbl, *p);
-fprintf(stderr, " IV %s", pgpHexStr(p+1, 8));
+       pgpPrtHex(" IV", p+1, 8);
        p += 8;
        break;
     }
-fprintf(stderr, "\n");
+    pgpPrtNL();
 
     p++;
 
@@ -599,24 +733,27 @@ fprintf(stderr, "\n");
     for (i = 0; p < &h[hlen]; i++, p += pgpMpiLen(p)) {
        if (v->pubkey_algo == PGPPUBKEYALGO_RSA) {
            if (pgpSecretRSA[i] == NULL) break;
-           fprintf(stderr, "%7.7s", pgpSecretRSA[i]);
+           pgpPrtStr("", pgpSecretRSA[i]);
        } else if (v->pubkey_algo == PGPPUBKEYALGO_DSA) {
            if (pgpSecretDSA[i] == NULL) break;
-           fprintf(stderr, "%7.7s", pgpSecretDSA[i]);
+           pgpPrtStr("", pgpSecretDSA[i]);
        } else if (v->pubkey_algo == PGPPUBKEYALGO_ELGAMAL_ENCRYPT) {
            if (pgpSecretELGAMAL[i] == NULL) break;
-           fprintf(stderr, "%7.7s", pgpSecretELGAMAL[i]);
-       } else
-           fprintf(stderr, "%7d", i);
-       fprintf(stderr, " %s\n", pgpMpiStr(p));
+           pgpPrtStr("", pgpSecretELGAMAL[i]);
+       } else {
+           if (_print)
+               fprintf(stderr, "%7d", i);
+       }
+       pgpPrtStr("", pgpMpiStr(p));
+       pgpPrtNL();
     }
 #else
-fprintf(stderr, " secret %s", pgpHexStr(p, (hlen - (p - h) - 2)));
-fprintf(stderr, "\n");
+    pgpPrtHex(" secret", p, (hlen - (p - h) - 2));
+    pgpPrtNL();
     p += (hlen - (p - h) - 2);
 #endif
-fprintf(stderr, " checksum %s", pgpHexStr(p, 2));
-fprintf(stderr, "\n");
+    pgpPrtHex(" checksum", p, 2);
+    pgpPrtNL();
 
     return 0;
 }
@@ -638,7 +775,9 @@ int pgpPrtKey(pgpPkt pkt, const byte *h, unsigned int hlen)
 int pgpPrtUserID(pgpPkt pkt, const byte *h, unsigned int hlen)
 {
     pgpPrtVal("", pgpPktTbl, pkt);
-fprintf(stderr, " \"%*s\"\n", (int)hlen, (const char *)h);
+    if (_print)
+       fprintf(stderr, " \"%.*s\"", hlen, (const char *)h);
+    pgpPrtNL();
     return 0;
 }
 
@@ -647,22 +786,24 @@ int pgpPrtComment(pgpPkt pkt, const byte *h, unsigned int hlen)
     int i = hlen;
 
     pgpPrtVal("", pgpPktTbl, pkt);
-    fprintf(stderr, " ");
+    if (_print)
+       fprintf(stderr, " ");
     while (i > 0) {
        int j;
        if (*h >= ' ' && *h <= 'z') {
-           fprintf(stderr, "%s", (const char *)h);
+           if (_print)
+               fprintf(stderr, "%s", (const char *)h);
            j = strlen(h);
            while (h[j] == '\0')
                j++;
        } else {
-           fprintf(stderr, " %s", pgpHexStr(h, i));
+           pgpPrtHex("", h, i);
            j = i;
        }
        i -= j;
        h += j;
     }
-    fprintf(stderr, "\n");
+    pgpPrtNL();
     return 0;
 }
 
@@ -699,7 +840,7 @@ int pgpPrtPkt(const byte *p)
        (void) pgpPrtKey(pkt, h, hlen);
        break;
     case PGPPKT_USER_ID:
-#ifdef DYING
+#ifndef        DYING
        (void) pgpPrtUserID(pkt, h, hlen);
        break;
 #endif
@@ -724,24 +865,24 @@ int pgpPrtPkt(const byte *p)
     case PGPPKT_CONTROL:
     default:
        pgpPrtVal("", pgpPktTbl, pkt);
-       fprintf(stderr, " plen %02x hlen %x", plen, hlen);
-#if 0
-       fprintf(stderr, " %s", pgpHexStr(h, hlen));
-#else
-       fprintf(stderr, " %s", (const char *)h);
-#endif
-       fprintf(stderr, "\n");
+       if (_print)
+           fprintf(stderr, " plen %02x hlen %x", plen, hlen);
+       pgpPrtHex("", h, hlen);
+       pgpPrtNL();
        break;
     }
 
     return plen+hlen+1;
 }
 
-int pgpPrtPkts(const byte *pkts, unsigned int plen)
+int pgpPrtPkts(const byte *pkts, unsigned int plen, struct pgpSig_s * dig, int printing)
 {
     const byte *p;
     int len;
 
+_print = printing;
+_dig = dig;
+
     for (p = pkts; p < (pkts + plen); p += len) {
        len = pgpPrtPkt(p);
         if (len <= 0)

diff --git a/rpmio/rpmpgp.h b/rpmio/rpmpgp.h
index 13fe082..51d6900 100644 (file)
--- a/rpmio/rpmpgp.h
+++ b/rpmio/rpmpgp.h
@@ -10,8 +10,10 @@
  *     Copyright (C) The Internet Society (1998).  All Rights Reserved.
  */
 
-#include "beecrypt.h"
 #include "base64.h"
+#include "rsapk.h"
+#include "rsa.h"
+#include "dsa.h"
 
 /*@-typeuse -fielduse@*/
 /**
@@ -97,7 +99,6 @@ typedef struct pgpPubkeySession_s {
     byte version;      /*!< version number (generate 3, accept 2). */
     byte keyid[8];     /*!< key ID of the public key for session key. */
     byte algo;         /*!< public key algorithm used. */
-    byte data[1];
 } * pgpPubkeySession;
 
 
@@ -305,7 +306,6 @@ typedef struct pgpPktSigV3_s {
     byte pubkey_algo;  /*!< public key algorithm. */
     byte hash_algo;    /*!< hash algorithm. */
     byte signhash16[2];        /*!< left 16 bits of signed hash value. */
-    byte data[1];      /*!< One or more multi-precision integers. */
 } * pgpPktSigV3;
 
 /**
@@ -335,7 +335,6 @@ typedef struct pgpPktSigV4_s {
     byte pubkey_algo;  /*!< public key algorithm. */
     byte hash_algo;    /*!< hash algorithm. */
     byte hashlen[2];   /*!< length of following hashed material. */
-    byte data[1];      /*!< Hashed subpacket data. (zero or more subpackets) */
 } * pgpPktSigV4;
 
 /**
@@ -611,7 +610,6 @@ typedef struct pgpPktKeyV3_s {
     byte time[4];      /*!< time that the key was created. */
     byte valid[2];     /*!< time in days that this key is valid. */
     byte pubkey_algo;  /*!< public key algorithm. */
-    byte data[1];      /*!< One or more multi-precision integers. */
 } * pgpPktKeyV3;
 
 /**
@@ -649,7 +647,6 @@ typedef struct pgpPktKeyV4_s {
     byte version;      /*!< version number (4). */
     byte time[4];      /*!< time that the key was created. */
     byte pubkey_algo;  /*!< public key algorithm. */
-    byte data[1];      /*!< One or more multi-precision integers. */
 } * pgpPktKeyV4;
 
 /**
@@ -850,6 +847,36 @@ extern const char * redhatPubKeyDSA;
  */
 /*@unused@*/
 extern const char * redhatPubKeyRSA;
+
+/**
+ */
+struct pgpSig_s {
+    union {
+       struct pgpPktSigV3_s v3;
+       struct pgpPktSigV4_s v4;
+    } sig;
+
+    int hash_datalen;
+/*@only@*/ /*@null@*/ byte *hash_data;
+
+    int size;                  /*!< No. bytes in digest. */
+/*@only@*/ /*@null@*/ void * data; /*!< Digest data. */
+
+    /* DSA parameters. */
+    mp32barrett p;
+    mp32barrett q;
+    mp32number g;
+    mp32number y;
+    mp32number hm;
+    mp32number r;
+    mp32number s;
+
+    /* RSA parameters. */
+    rsapk rsa_pk;
+    mp32number m;
+    mp32number c;
+} * pgpSig;
+
 /*@=typeuse =fielduse@*/
 
 /*@-fcnuse@*/
@@ -943,7 +970,7 @@ const char * pgpMpiStr(const byte *p)
 {
     static char prbuf[2048];
     char *t = prbuf;
-    sprintf(t, "[%u]: ", pgpGrab(p, 2));
+    sprintf(t, "[%4u]: ", pgpGrab(p, 2));
     t += strlen(t);
     t = pgpHexCvt(t, p+2, pgpMpiLen(p)-2);
     return prbuf;
@@ -952,6 +979,18 @@ const char * pgpMpiStr(const byte *p)
 /**
  */
 /*@unused@*/ static inline /*@observer@*/
+const char * pgpMpiHex(const byte *p)
+       /*@*/
+{
+    static char prbuf[2048];
+    char *t = prbuf;
+    t = pgpHexCvt(t, p+2, pgpMpiLen(p)-2);
+    return prbuf;
+}
+
+/**
+ */
+/*@unused@*/ static inline /*@observer@*/
 const char * pgpValStr(pgpValTbl vs, byte val)
        /*@*/
 {
@@ -1016,12 +1055,12 @@ int pgpPrtComment(pgpPkt pkt, const byte *h, unsigned int hlen)
 
 /**
  */
-int pgpPrtPkts(const byte *pkts, unsigned int plen)
-       /*@modifies fileSystem @*/;
+int pgpPrtPkt(const byte *p);
 
 /**
  */
-int pgpPrtPkt(const byte *p);
+int pgpPrtPkts(const byte *pkts, unsigned int plen, struct pgpSig_s *rpmdig, int printing)
+       /*@modifies fileSystem @*/;
 
 #ifdef __cplusplus
 }

diff --git a/rpmio/tkey.c b/rpmio/tkey.c
index 7c39bdc..e03094b 100644 (file)
--- a/rpmio/tkey.c
+++ b/rpmio/tkey.c
@@ -6,18 +6,11 @@
 static int _debug = 0;
 
 #include "system.h"
-#include "rpmio.h"
-
+#include "rpmio_internal.h"
 #include "rpmpgp.h"
-#include "rsapk.h"
-#include "rsa.h"
-#include "dsa.h"
-
 #include "debug.h"
 
-#include <stdio.h>
-
-static int doit(const char *sig)
+static int doit(const char *sig, rpmDigest dig, int printing)
 {
     const char *s, *t;
     unsigned char * dec;
@@ -31,18 +24,17 @@ fprintf(stderr, "*** sig is\n%s\n", sig);
 
     if ((rc = b64decode(sig, (void **)&dec, &declen)) != 0) {
        fprintf(stderr, "*** b64decode returns %d\n", rc);
-       exit(rc);
+       return rc;
     }
-
-    rc = pgpPrtPkts(dec, declen);
+    rc = pgpPrtPkts(dec, declen, dig, printing);
     if (rc < 0) {
        fprintf(stderr, "*** pgpPrtPkts returns %d\n", rc);
-       exit(rc);
+       return rc;
     }
 
     if ((enc = b64encode(dec, declen)) == NULL) {
        fprintf(stderr, "*** b64encode failed\n");
-       exit(4);
+       return rc;
     }
 
 if (_debug)
@@ -60,130 +52,131 @@ fprintf(stderr, "??? %5d %02x != %02x '%c' != '%c'\n", i, (*s & 0xff), (*t & 0xf
     return rc;
 }
 
-/* DSA verification from Red Hat 7.0 time-1.7-12.i386.rpm */
-static const char * dsa_pkgfn = "7.0/i386/time-1.7-12.i386.rpm";
-static const char * dsa_hm = "2de2a0ca8c289ea5add64f8cf64e0b5893d0607b";
-static const char * dsa_r = "2247352810d76f6273b4e8d906f5ddfa7fcd4c45";
-static const char * dsa_s = "02275c68fcf18edb272a019309c8c81e2e4998bf";
-
-static const char * dsa_p = "c12abdc197a3cef014341fcb09a03ea9f54ed8ca5ee98ed66a8a8be23f05cff83096778bbc1d0cdcc40679ee6f2cb00d4b2b5171f777282610f3335df4fa9e411bd9984964a12da6d1dcdd4a5dd5d0618728c1338c1b17706111abd52a70f10c9d2e18d57d4d554a5e31b7a6eea4f6d625bca3920e59dcfec1954394266af1df";
-
-static const char * dsa_q = "a1b35510319a59825c721e73e41d687ffe351bc9";
-
-static const char * dsa_g = "a8a2eaaec6bbfbe15d79cb4ba9b5e683673d5c9bca7822c3fdb774a8d26551bbaca00d10ada6c60d5507ebdcfee51ce24e3d5312497c2660d60bb5b0f155dc649af98ffb8ec88b92d42f0a22cf967710b75755f843661d1e417480cf583cca0556e05a74839ea43a2ab67b4fa02567be153298c6c7191653abd5db1b165c22cf";
-
-static const char * dsa_y = "4ffefb48980f0264dde3c4682d2b9186b43349fdc32186ebf9b677f0160e1bfd51a8d89afc9a12d4aa821b13acde1809996d4a5d7240dca3c0f97e2166a937f9fbefa9084a492c9924cde97fdf6376c38ab33eb7113028815111123e308b778639acfa14f04e2438773fe01b8737dd37b620ac08f9680ab5ac419ed47717d0e4";
-
-/* RSA verification from Red Hat 5.2 time-1.7-6.i386.rpm */
-static const char * rsa_pkgfn = "5.2/i386/time-1.7-6.i386.rpm";
-static const char * rsa_m = "f0bd35cbeb3870b5c7c283a7e1e76c42";
-static const char * rsa_n = "a1b8fd5f6851288373dc0881ee819a0e9eac31822f3985ca2a00868f240c8252adc9a217da9374fabe7e3ef6ea9816d6249bd18eecc999fd636960426e4790f3837cd8bc796c93152c5bafcca0a2c2d10a54cfc6a1d586d2271ab7d934ba12a6fd4b7563a67b4c8ea4e4099e085d38ccca5e981fe60f38bda520e8f1cba29bf9";
-static const char * rsa_e = "11";
-
-static const char * rsa_c = "5075c56cbbde79bd5c990e4f2ebce5d65745f7be84fd077698305be350d1d40fa175545aeec101d529b18912ad68e4c380e8e5ca477bc9652b5710c178ed359725f41a7e5825f32c194c7e56f9e32529abba36bd2569b515de59ac004e15b20bbc34293322ba76c0d55b796d99017b6b2acc15fab79f2eab94869ee5c0ca47f4";
-
-static const char * gpg_private = "\
-lQHPBDtnFRoRBADyRAlldI9km29INDTX82Sz5jXrsCcS93rzV66BcKQTcP+CPL1p\n\
-kBDaQwf0asQiWr4uaPPUtWj0urSVz7obzyGdILyf/2XVFJWUU9xGtFFEFKMHwdSZ\n\
-yGRpyTsd+jsUVPIR9X/fjJDvufuvcKtFHLU+F28nWv7C47rURAXEAoYCewCg5qDr\n\
-4fEr1kT3ACg4T1e98QlTRfsD/RDZCp5wSGa5hp4YtoDPza5cTrYopGJSXAXuQVi7\n\
-dGqTrAE3hdbWUmbG5hNerJRwOA0DK74Tn38/xoY091q3nH2UlEd3zLhoueOt6apa\n\
-VY98UmOaG+Ef5QGd2edHn26kSQq1N8P73FQ3+34ICoRwq+hNNi9cENWiuudi6PKs\n\
-eJlmA/sHR8dzcXSuwda8u2r2PvsqAu66pdA1gMdCdwSs3dtJTro3apXvASJDFqkN\n\
-y9Vbo6GZ8wmpWYYHM3Xd00rLPTZFzc+F0rBiGscyIZOTDyx8ofK30DHrRfMKytSm\n\
-K7TSCWmzKFDTSQxAUQd74qi6dJCVQ0dTuHWmXc1cKPvMEm6IWf8DAwIaLXrq0DYP\n\
-j2AdZ4iCkENxNzK2k3OzIsJvaYGuJAhmujAtkS03LLs89/0mIzpEU0FfZmFjdG9y\n\
-OgAAr0yL/JSDBRJlphGoWiOVfPhNpGFzHm/9JiM6RFNBX2ZhY3RvcjoAAK93Twk1\n\
-SRG6vnHwq6211cGbSUnr28JF/SYjOkRTQV9mYWN0b3I6AACvVJWEWQPciRahMYqY\n\
-Bq0a7YgA3QB3w7QpSmVmZiBKb2huc29uIChBUlMgTjNOUFEpIDxqYmpAcmVkaGF0\n\
-LmNvbT6IVwQTEQIAFwUCO2cVGgULBwoDBAMVAwIDFgIBAheAAAoJEKNiNe+PnmDb\n\
-sM4AmwTaY99wLwi9VE8tML5AS2gn89lIAJ4+BgiRQydv3L404qLZHVoq0KOkbp0B\n\
-RgQ7ZxUeEAQAx1F12EdF0NMS1D78hPYKaKxhCkCs9KDgDRfvX4kUBm0Omy/LjvSD\n\
-K6ol2k4CUgdHDI1DZwUB+g+zbpWP/osKah5pusNjf6rKUfeYSClOs1TqomMa4ur6\n\
-FAnFqjm6rMiptTEb40FWQKDZG+iiLj/m3DrRzETvlAhEkBSuWdLCHcMAAwUEALt6\n\
-Mo9BRDOgsZgC4gr+BFj1qj3UkpujduIrojdedVENzc9cvbxZ0uv762mt/TWkoVsd\n\
-QPNe+Qh9UjBBchZQYBPjNSJumDyxZa9vk4yaBG+ekZW+qsz8IjuFhA4uCY3u2FoA\n\
-Y9Sa7Gs4EKO1OnGuuCtpe5IPfqFolz55rlK/dbJj/wMDAhoteurQNg+PYKaUPggu\n\
-Pw3pzYAm1keoYnJNGesJ6CxS6C77eJ2betFwgIeLtevzwmnFejCo/SYjOkVMR19m\n\
-YWN0b3I6AACrBQvdBi1eWnh99itbVASMBUFew+yXAf0mIzpFTEdfZmFjdG9yOgAA\n\
-qwavqmFHo+0ebuTE/7oFpE5qqh1hZEn9JiM6RUxHX2ZhY3RvcjoAAKsE0zE2Kw1N\n\
-zwiX22mx1hjFTJ5AHhPd/SYjOkVMR19mYWN0b3I6AACrB+yUJFgU+djqGspx0xjx\n\
-/gz7sIH/e/0mIzpFTEdfZmFjdG9yOgAAqwcV+xN8WTB/A0d2FbLBgH9taqf3TteI\n\
-RgQYEQIABgUCO2cVHgAKCRCjYjXvj55g2+kGAKCh1/9z5GrteLdQcoduM7EBhmXD\n\
-HwCeKBfXD33WreQdRYpOxNX9cRgOAQE=\n\
+/* FIPS-186 test vectors. */
+static const char * fips_p = "8df2a494492276aa3d25759bb06869cbeac0d83afb8d0cf7cbb8324f0d7882e5d0762fc5b7210eafc2e9adac32ab7aac49693dfbf83724c2ec0736ee31c80291";
+static const char * fips_q = "c773218c737ec8ee993b4f2ded30f48edace915f";
+static const char * fips_g = "626d027839ea0a13413163a55b4cb500299d5522956cefcb3bff10f399ce2c2e71cb9de5fa24babf58e5b79521925c9cc42e9f6f464b088cc572af53e6d78802";
+
+static const char * fips_hm = "a9993e364706816aba3e25717850c26c9cd0d89d";
+
+static const char * fips_y = "19131871d75b1612a819f29d78d1b0d7346f7aa77bb62a859bfd6c5675da9d212d3a36ef1672ef660b8c7c255cc0ec74858fba33f44c06699630a76b030ee333";
+
+static const char * fips_r = "8bac1ab66410435cb7181f95b16ab97c92b341c0";
+static const char * fips_s = "41e2345f1f56df2458f426d155b4ba2db6dcd8c8";
+
+/* Secret key */
+static const char * jbjSecretDSA = "
+lQFvBDu6XHwRAwCTIHRgKeIlOFUIEZeJVYSrXn0eUrM5S8OF471tTc+IV7AwiXBR
+zCFCan4lO1ipmoAipyN2A6ZX0HWOcWdYlWz2adxA7l8JNiZTzkemA562xwex2wLy
+AQWVTtRN6jv0LccAoN4UWZkIvkT6tV918sEvDEggGARxAv9190RhrDq/GMqd+AHm
+qWrRkrBRHDUBBL2fYEuU3gFekYrW5CDIN6s3Mcq/yUsvwHl7bwmoqbf2qabbyfnv
+Y66ETOPKLcw67ggcptHXHcwlvpfJmHKpjK+ByzgauPXXbRAC+gKDjzXL0kAQxjmT
+2D+16O4vI8Emlx2JVcGLlq/aWhspvQWIzN6PytA3iKZ6uzesrM7yXmqzgodZUsJh
+1wwl/0K5OIJn/oD41UayU8RXNER8SzDYvDYsJymFRwE1s58lL/8DAwJUAllw1pdZ
+WmBIoAvRiv7kE6hWfeCvZzdBVgrHYrp8ceUa3OdulGfYw/0sIzpEU0FfZmFjdG9y
+OgAA30gJ4JMFKVfthnDCHHL+O8lNxykKBmrgVPLClue0KUplZmYgSm9obnNvbiAo
+QVJTIE4zTlBRKSA8amJqQHJlZGhhdC5jb20+iFcEExECABcFAju6XHwFCwcKAwQD
+FQMCAxYCAQIXgAAKCRCB0qVW2I6DmQU6AJ490bVWZuM4yCOh8MWj6qApCr1/gwCf
+f3+QgXFXAeTyPtMmReyWxThABtE=
+";
+
+/* Public key */
+static const char * jbjPublicDSA = "
+mQFCBDu6XHwRAwCTIHRgKeIlOFUIEZeJVYSrXn0eUrM5S8OF471tTc+IV7AwiXBR
+zCFCan4lO1ipmoAipyN2A6ZX0HWOcWdYlWz2adxA7l8JNiZTzkemA562xwex2wLy
+AQWVTtRN6jv0LccAoN4UWZkIvkT6tV918sEvDEggGARxAv9190RhrDq/GMqd+AHm
+qWrRkrBRHDUBBL2fYEuU3gFekYrW5CDIN6s3Mcq/yUsvwHl7bwmoqbf2qabbyfnv
+Y66ETOPKLcw67ggcptHXHcwlvpfJmHKpjK+ByzgauPXXbRAC+gKDjzXL0kAQxjmT
+2D+16O4vI8Emlx2JVcGLlq/aWhspvQWIzN6PytA3iKZ6uzesrM7yXmqzgodZUsJh
+1wwl/0K5OIJn/oD41UayU8RXNER8SzDYvDYsJymFRwE1s58lL7QpSmVmZiBKb2hu
+c29uIChBUlMgTjNOUFEpIDxqYmpAcmVkaGF0LmNvbT6IVwQTEQIAFwUCO7pcfAUL
+BwoDBAMVAwIDFgIBAheAAAoJEIHSpVbYjoOZBToAn3TXaAI+bhg51EeyaiFip/6W
+OVwBAJ44rTtNsgZBQxXISjB64CWxl4VaWQ==
 ";
 
+/* Signature */
+static const char * abcSignatureDSA = "
+iD8DBQA7vII+gdKlVtiOg5kRAvg4AJ0fV3gDBADobAnK2HOkV88bfmFMEgCeNysO
+nP3dWWJnp0Pnbor7pIob4Dk=
+";
 
 int
 main (int argc, char *argv[])
 {
-    mp32barrett p;
-    mp32barrett q;
-    mp32number g;
-    mp32number y;
-    mp32number hm;
-    mp32number r;
-    mp32number s;
-
-    rsapk rsa_pk;
-    mp32number m;
-    mp32number c;
-
+    rpmDigest dig = alloca(sizeof(*dig));
+    int printing = 1;
     int rc;
 
-fprintf(stderr, "=============================== Red Hat DSA Public Key\n");
-    if ((rc = doit(redhatPubKeyDSA)) != 0)
-       return rc;
+    memset(dig, 0, sizeof(*dig));
 
-    mp32bzero(&p);     mp32bsethex(&p, dsa_p);
-    mp32bzero(&q);     mp32bsethex(&q, dsa_q);
-    mp32nzero(&g);     mp32nsethex(&g, dsa_g);
-    mp32nzero(&y);     mp32nsethex(&y, dsa_y);
+    mp32bzero(&dig->p);        mp32bsethex(&dig->p, fips_p);
+    mp32bzero(&dig->q);        mp32bsethex(&dig->q, fips_q);
+    mp32nzero(&dig->g);        mp32nsethex(&dig->g, fips_g);
+    mp32nzero(&dig->y);        mp32nsethex(&dig->y, fips_y);
+    mp32nzero(&dig->r);        mp32nsethex(&dig->r, fips_r);
+    mp32nzero(&dig->s);        mp32nsethex(&dig->s, fips_s);
+    mp32nzero(&dig->hm);mp32nsethex(&dig->hm, fips_hm);
 
-    mp32nzero(&hm);    mp32nsethex(&hm, dsa_hm);
-    mp32nzero(&r);     mp32nsethex(&r, dsa_r);
-    mp32nzero(&s);     mp32nsethex(&s, dsa_s);
+    rc = dsavrfy(&dig->p, &dig->q, &dig->g, &dig->hm,
+               &dig->y, &dig->r, &dig->s);
 
-    rc = dsavrfy(&p, &q, &g, &hm, &y, &r, &s);
+fprintf(stderr, "=============================== DSA FIPS-186-1: rc %d\n", rc);
 
-fprintf(stderr, "=============================== DSA verify %s: rc %d\n",
-       dsa_pkgfn, rc);
+    mp32bfree(&dig->p);
+    mp32bfree(&dig->q);
+    mp32nfree(&dig->g);
+    mp32nfree(&dig->y);
 
-    mp32bfree(&p);
-    mp32bfree(&q);
-    mp32nfree(&g);
-    mp32nfree(&y);
+    mp32nfree(&dig->hm);
+    mp32nfree(&dig->r);
+    mp32nfree(&dig->s);
 
-    mp32nfree(&hm);
-    mp32nfree(&r);
-    mp32nfree(&s);
+fprintf(stderr, "=============================== GPG Secret Key\n");
+    if ((rc = doit(jbjSecretDSA, dig, printing)) != 0)
+       fprintf(stderr, "==> FAILED: rc %d\n", rc);
 
-fprintf(stderr, "=============================== Red Hat RSA Public Key\n");
-    if ((rc = doit(redhatPubKeyRSA)) != 0)
-       return rc;
+fprintf(stderr, "=============================== GPG Public Key\n");
+    if ((rc = doit(jbjPublicDSA, dig, printing)) != 0)
+       fprintf(stderr, "==> FAILED: rc %d\n", rc);
 
-    rsapkInit(&rsa_pk);
+fprintf(stderr, "=============================== GPG Signature of \"abc\"\n");
+    if ((rc = doit(abcSignatureDSA, dig, printing)) != 0)
+       fprintf(stderr, "==> FAILED: rc %d\n", rc);
 
-    mp32bzero(&rsa_pk.n);      mp32bsethex(&rsa_pk.n, rsa_n);
-    mp32nzero(&rsa_pk.e);      mp32nsethex(&rsa_pk.e, rsa_e);
+    {  DIGEST_CTX ctx = rpmDigestInit(RPMDIGEST_SHA1);
+       const char * digest = NULL;
+       size_t digestlen = 0;
+       const char * txt = "abc";
+       
+       ctx = rpmDigestInit(RPMDIGEST_SHA1);
 
-    mp32nzero(&m);     mp32nsethex(&m, rsa_m);
-    mp32nzero(&c);     mp32nsethex(&s, rsa_c);
+       rpmDigestUpdate(ctx, txt, strlen(txt));
+       rpmDigestUpdate(ctx, &dig->sig.v3.sigtype, dig->sig.v3.hashlen);
+       rpmDigestFinal(ctx, (void **)&digest, &digestlen, 1);
 
-#if 0
-    rc = rsavrfy(&rsa_pk, &m, &c);
-#else
-    rc = 1;
-#endif
+       mp32nzero(&dig->hm);mp32nsethex(&dig->hm, digest);
 
-fprintf(stderr, "=============================== RSA verify %s: rc %d\n",
-       rsa_pkgfn, rc);
+fprintf(stderr, "\n    hm = [ 160]: %s\n\n", digest);
 
-    rsapkFree(&rsa_pk);
+       if (digest) {
+           free((void *)digest);
+           digest = NULL;
+       }
+    }
 
-fprintf(stderr, "=============================== A DSA Private Key\n");
-    if ((rc = doit(gpg_private)) != 0)
-       return rc;
+    rc = dsavrfy(&dig->p, &dig->q, &dig->g, &dig->hm,
+               &dig->y, &dig->r, &dig->s);
+
+fprintf(stderr, "=============================== DSA verify: rc %d\n", rc);
+
+    mp32bfree(&dig->p);
+    mp32bfree(&dig->q);
+    mp32nfree(&dig->g);
+    mp32nfree(&dig->y);
+
+    mp32nfree(&dig->hm);
+    mp32nfree(&dig->r);
+    mp32nfree(&dig->s);
 
     return rc;
 }