From: jbj Date: Fri, 5 Oct 2001 05:10:12 +0000 (+0000) Subject: Test vectors for GPG V3 DSA signature of "abc". X-Git-Tag: rpm-4.4-release~1420 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=726fff1bd1dc3f74a1f4b7f900c1075b6f32ca31;p=platform%2Fupstream%2Frpm.git Test vectors for GPG V3 DSA signature of "abc". CVS patchset: 5096 CVS date: 2001/10/05 05:10:12 --- diff --git a/rpmio/Makefile.am b/rpmio/Makefile.am index dd48d4f..fc24c9f 100644 --- a/rpmio/Makefile.am +++ b/rpmio/Makefile.am @@ -55,6 +55,7 @@ trpmio_SOURCES = trpmio.c trpmio_LDADD += librpmio.la $(top_builddir)/popt/libpopt.la tkey_SOURCES = tkey.c +tkey_LDFLAGS = -all-static tkey_LDADD += librpmio.la $(top_builddir)/popt/libpopt.la dumpasn1_SOURCES = dumpasn1.c diff --git a/rpmio/rpmio.h b/rpmio/rpmio.h index 920c85d..56aa872 100644 --- a/rpmio/rpmio.h +++ b/rpmio/rpmio.h @@ -14,6 +14,10 @@ #include #include +/** + */ +typedef /*@abstract@*/ struct pgpSig_s * rpmDigest; + /** \ingroup rpmio * Hide libio API lossage. * The libio interface changed after glibc-2.1.3 to pass the seek offset diff --git a/rpmio/rpmio_internal.h b/rpmio/rpmio_internal.h index 9773e7b..766caa7 100644 --- a/rpmio/rpmio_internal.h +++ b/rpmio/rpmio_internal.h @@ -58,6 +58,8 @@ typedef enum rpmDigestFlags_e { } rpmDigestFlags; #define RPMDIGEST_MASK 0xffff +/** + */ typedef /*@abstract@*/ struct DIGEST_CTX_s * DIGEST_CTX; /** \ingroup rpmio diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c index 7689229..eeec3a7 100644 --- a/rpmio/rpmpgp.c +++ b/rpmio/rpmpgp.c @@ -8,6 +8,8 @@ #include "debug.h" static int _debug = 0; +static int _print = 0; +static struct pgpSig_s * _dig = NULL; /*@-readonlytrans@*/ /* This is the unarmored RPM-GPG-KEY public key. */ @@ -211,8 +213,44 @@ struct pgpValTbl_s pgpPktTbl[] = { }; /*@=readonlytrans@*/ +static void pgpPrtNL(void) + /*@modifies fileSystem @*/ +{ + if (!_print) return; + fprintf(stderr, "\n"); +} + +static void pgpPrtInt(const char *pre, int i) + /*@modifies fileSystem @*/ +{ + if (!_print) return; + if (pre && *pre) + fprintf(stderr, "%s", pre); + fprintf(stderr, " %d", i); +} + +static void pgpPrtStr(const char *pre, const char *s) + /*@modifies fileSystem @*/ +{ + if (!_print) return; + if (pre && *pre) + fprintf(stderr, "%s", pre); + fprintf(stderr, " %s", s); +} + +static void pgpPrtHex(const char *pre, const byte *p, unsigned int plen) + /*@modifies fileSystem @*/ +{ + if (!_print) return; + if (pre && *pre) + fprintf(stderr, "%s", pre); + fprintf(stderr, " %s", pgpHexStr(p, plen)); +} + void pgpPrtVal(const char * pre, pgpValTbl vs, byte val) + /*@modifies fileSystem @*/ { + if (!_print) return; if (pre && *pre) fprintf(stderr, "%s", pre); fprintf(stderr, "%s(%u)", pgpValStr(vs, val), (unsigned)val); @@ -237,7 +275,6 @@ int pgpPrtPktSigV3(pgpPkt pkt, const byte *h, unsigned int hlen) time_t t; int i; - pgpPrtVal("", pgpPktTbl, pkt); if (v->version != 3) { fprintf(stderr, " version(%u) != 3\n", (unsigned)v->version); return 1; @@ -246,35 +283,56 @@ int pgpPrtPktSigV3(pgpPkt pkt, const byte *h, unsigned int hlen) fprintf(stderr, " hashlen(%u) != 5\n", (unsigned)v->hashlen); return 1; } + + if (_dig) memcpy(&_dig->sig.v3, v, sizeof(_dig->sig.v3)); + + pgpPrtVal("V3 ", pgpPktTbl, pkt); + pgpPrtVal(" ", pgpPubkeyTbl, v->pubkey_algo); pgpPrtVal(" ", pgpHashTbl, v->hash_algo); pgpPrtVal(" ", pgpSigTypeTbl, v->sigtype); -fprintf(stderr, "\n"); + pgpPrtNL(); t = pgpGrab(v->time, sizeof(v->time)); -fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t); -fprintf(stderr, "\n"); -fprintf(stderr, " signer keyid %02x%02x%02x%02x%02x%02x%02x%02x", - (unsigned)v->signer[0], (unsigned)v->signer[1], - (unsigned)v->signer[2], (unsigned)v->signer[3], - (unsigned)v->signer[4], (unsigned)v->signer[5], - (unsigned)v->signer[6], (unsigned)v->signer[7]); + if (_print) + fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t); + pgpPrtNL(); + pgpPrtHex(" signer keyid", v->signer, sizeof(v->signer)); plen = pgpGrab(v->signhash16, sizeof(v->signhash16)); -fprintf(stderr, " signhash16 %04x", plen); -fprintf(stderr, "\n"); + pgpPrtHex(" signhash16", v->signhash16, sizeof(v->signhash16)); + pgpPrtNL(); - p = &v->data[0]; + p = ((byte *)v) + sizeof(*v); for (i = 0; p < &h[hlen]; i++, p += pgpMpiLen(p)) { if (v->pubkey_algo == PGPPUBKEYALGO_RSA) { if (pgpSigRSA[i] == NULL) break; - fprintf(stderr, "%7.7s", pgpSigRSA[i]); + pgpPrtStr("", pgpSigRSA[i]); } else if (v->pubkey_algo == PGPPUBKEYALGO_DSA) { if (pgpSigDSA[i] == NULL) break; - fprintf(stderr, "%7.7s", pgpSigDSA[i]); - } else - fprintf(stderr, "%7d", i); - fprintf(stderr, " %s\n", pgpMpiStr(p)); + if (_dig) { + switch (i) { + case 0: /* r */ + mp32nsethex(&_dig->r, pgpMpiHex(p)); +if (_debug && _print) +printf("\t r = "), mp32println(_dig->r.size, _dig->r.data); + break; + case 1: /* s */ + mp32nsethex(&_dig->s, pgpMpiHex(p)); +if (_debug && _print) +printf("\t s = "), mp32println(_dig->s.size, _dig->s.data); + break; + default: + break; + } + } + pgpPrtStr("", pgpSigDSA[i]); + } else { + if (_print) + fprintf(stderr, "%7d", i); + } + pgpPrtStr("", pgpMpiStr(p)); + pgpPrtNL(); } return 0; @@ -287,56 +345,42 @@ int pgpPrtSubType(const byte *h, unsigned int hlen) int i; while (hlen > 0) { -#ifdef DYING - if (*p < 192) { - plen = *p++; - hlen -= 1; - } else if (*p < 255) { - plen = ((p[0] - 192) << 8) + p[1] + 192; - p += 2; - hlen -= 2; - } else { - p++; - plen = pgpGrab(p, 4); - p += 4; - hlen -= 5; - } -#else i = pgpLen(p, &plen); p += i; hlen -= i; -#endif + pgpPrtVal(" ", pgpSubTypeTbl, p[0]); switch (*p) { case PGPSUBTYPE_PREFER_SYMKEY: /* preferred symmetric algorithms */ for (i = 1; i < plen; i++) pgpPrtVal(" ", pgpSymkeyTbl, p[i]); - fprintf(stderr, "\n"); + pgpPrtNL(); break; case PGPSUBTYPE_PREFER_HASH: /* preferred hash algorithms */ for (i = 1; i < plen; i++) pgpPrtVal(" ", pgpHashTbl, p[i]); - fprintf(stderr, "\n"); + pgpPrtNL(); break; case PGPSUBTYPE_PREFER_COMPRESS:/* preferred compression algorithms */ for (i = 1; i < plen; i++) pgpPrtVal(" ", pgpCompressionTbl, p[i]); - fprintf(stderr, "\n"); + pgpPrtNL(); break; case PGPSUBTYPE_KEYSERVER_PREFERS:/* key server preferences */ for (i = 1; i < plen; i++) pgpPrtVal(" ", pgpKeyServerPrefsTbl, p[i]); - fprintf(stderr, "\n"); + pgpPrtNL(); break; case PGPSUBTYPE_SIG_CREATE_TIME: case PGPSUBTYPE_SIG_EXPIRE_TIME: case PGPSUBTYPE_KEY_EXPIRE_TIME: if ((plen - 1) == 4) { time_t t = pgpGrab(p+1, plen-1); - fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t); + if (_print) + fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t); } else - fprintf(stderr, " %s", pgpHexStr(p+1, plen-1)); - fprintf(stderr, "\n"); + pgpPrtHex("", p+1, plen-1); + pgpPrtNL(); break; case PGPSUBTYPE_ISSUER_KEYID: /* issuer key ID */ @@ -365,8 +409,8 @@ int pgpPrtSubType(const byte *h, unsigned int hlen) case PGPSUBTYPE_INTERNAL_109: case PGPSUBTYPE_INTERNAL_110: default: - fprintf(stderr, " %s", pgpHexStr(p+1, plen-1)); - fprintf(stderr, "\n"); + pgpPrtHex("", p+1, plen-1); + pgpPrtNL(); break; } p += plen; @@ -382,48 +426,76 @@ int pgpPrtPktSigV4(pgpPkt pkt, const byte *h, unsigned int hlen) unsigned plen; int i; - pgpPrtVal("", pgpPktTbl, pkt); if (v->version != 4) { fprintf(stderr, " version(%u) != 4\n", (unsigned)v->version); return 1; } + + if (_dig) memcpy(&_dig->sig.v4, v, sizeof(_dig->sig.v4)); + + pgpPrtVal("V4 ", pgpPktTbl, pkt); pgpPrtVal(" ", pgpPubkeyTbl, v->pubkey_algo); pgpPrtVal(" ", pgpHashTbl, v->hash_algo); pgpPrtVal(" ", pgpSigTypeTbl, v->sigtype); -fprintf(stderr, "\n"); + pgpPrtNL(); p = &v->hashlen[0]; plen = pgpGrab(v->hashlen, sizeof(v->hashlen)); p += sizeof(v->hashlen); -if (_debug) +if (_debug && _print) fprintf(stderr, " hash[%u] -- %s\n", plen, pgpHexStr(p, plen)); + if (_dig) { + _dig->hash_datalen = plen; + _dig->hash_data = xmalloc(_dig->hash_datalen); + memcpy(_dig->hash_data, p, plen); + } (void) pgpPrtSubType(p, plen); p += plen; plen = pgpGrab(p,2); p += 2; -if (_debug) +if (_debug && _print) fprintf(stderr, " unhash[%u] -- %s\n", plen, pgpHexStr(p, plen)); (void) pgpPrtSubType(p, plen); p += plen; plen = pgpGrab(p,2); + pgpPrtHex(" signhash16", p, 2); + pgpPrtNL(); p += 2; -fprintf(stderr, " signhash16 %04x\n", plen); for (i = 0; p < &h[hlen]; i++, p += pgpMpiLen(p)) { if (v->pubkey_algo == PGPPUBKEYALGO_RSA) { if (pgpSigRSA[i] == NULL) break; - fprintf(stderr, "%7.7s", pgpSigRSA[i]); + pgpPrtStr("", pgpSigRSA[i]); } else if (v->pubkey_algo == PGPPUBKEYALGO_DSA) { if (pgpSigDSA[i] == NULL) break; - fprintf(stderr, "%7.7s", pgpSigDSA[i]); - } else - fprintf(stderr, "%7d", i); - fprintf(stderr, " %s\n", pgpMpiStr(p)); + if (_dig) { + switch (i) { + case 0: /* r */ + mp32nsethex(&_dig->r, pgpMpiHex(p)); +if (_debug && _print) +printf("\t r = "), mp32println(_dig->r.size, _dig->r.data); + break; + case 1: /* s */ + mp32nsethex(&_dig->s, pgpMpiHex(p)); +if (_debug && _print) +printf("\t s = "), mp32println(_dig->s.size, _dig->s.data); + break; + default: + break; + } + } + pgpPrtStr("", pgpSigDSA[i]); + } else { + if (_print) + fprintf(stderr, "%7d", i); + } + pgpPrtStr("", pgpMpiStr(p)); + pgpPrtNL(); } return 0; @@ -497,28 +569,58 @@ int pgpPrtKeyV3(pgpPkt pkt, const byte *h, unsigned int hlen) } pgpPrtVal(" ", pgpPubkeyTbl, v->pubkey_algo); t = pgpGrab(v->time, sizeof(v->time)); -fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t); + if (_print) + fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t); plen = pgpGrab(v->valid, sizeof(v->valid)); if (plen != 0) fprintf(stderr, " valid %u days", plen); -fprintf(stderr, "\n"); + pgpPrtNL(); - p = &v->data[0]; + p = ((byte *)v) + sizeof(*v); for (i = 0; p < &h[hlen]; i++, p += pgpMpiLen(p)) { if (v->pubkey_algo == PGPPUBKEYALGO_RSA) { if (pgpPublicRSA[i] == NULL) break; - fprintf(stderr, "%7.7s", pgpPublicRSA[i]); + pgpPrtStr("", pgpPublicRSA[i]); } else if (v->pubkey_algo == PGPPUBKEYALGO_DSA) { if (pgpPublicDSA[i] == NULL) break; - fprintf(stderr, "%7.7s", pgpPublicDSA[i]); + if (_dig) { + switch (i) { + case 0: /* p */ + mp32bsethex(&_dig->p, pgpMpiHex(p)); +if (_debug && _print) +printf("\t p = "), mp32println(_dig->p.size, _dig->p.modl); + break; + case 1: /* q */ + mp32bsethex(&_dig->q, pgpMpiHex(p)); +if (_debug && _print) +printf("\t q = "), mp32println(_dig->q.size, _dig->q.modl); + break; + case 2: /* g */ + mp32nsethex(&_dig->g, pgpMpiHex(p)); +if (_debug && _print) +printf("\t g = "), mp32println(_dig->g.size, _dig->g.data); + break; + case 3: /* y */ + mp32nsethex(&_dig->y, pgpMpiHex(p)); +if (_debug && _print) +printf("\t y = "), mp32println(_dig->y.size, _dig->y.data); + break; + default: + break; + } + } + pgpPrtStr("", pgpPublicDSA[i]); } else if (v->pubkey_algo == PGPPUBKEYALGO_ELGAMAL_ENCRYPT) { if (pgpPublicELGAMAL[i] == NULL) break; - fprintf(stderr, "%7.7s", pgpPublicELGAMAL[i]); - } else - fprintf(stderr, "%7d", i); - fprintf(stderr, " %s\n", pgpMpiStr(p)); + pgpPrtStr("", pgpPublicELGAMAL[i]); + } else { + if (_print) + fprintf(stderr, "%7d", i); + } + pgpPrtStr("", pgpMpiStr(p)); + pgpPrtNL(); } return 0; @@ -538,23 +640,54 @@ int pgpPrtKeyV4(pgpPkt pkt, const byte *h, unsigned int hlen) } pgpPrtVal(" ", pgpPubkeyTbl, v->pubkey_algo); t = pgpGrab(v->time, sizeof(v->time)); -fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t); -fprintf(stderr, "\n"); + if (_print) + fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t); + pgpPrtNL(); - p = &v->data[0]; + p = ((byte *)v) + sizeof(*v); for (i = 0; p < &h[hlen]; i++, p += pgpMpiLen(p)) { if (v->pubkey_algo == PGPPUBKEYALGO_RSA) { if (pgpPublicRSA[i] == NULL) break; - fprintf(stderr, "%7.7s", pgpPublicRSA[i]); + pgpPrtStr("", pgpPublicRSA[i]); } else if (v->pubkey_algo == PGPPUBKEYALGO_DSA) { if (pgpPublicDSA[i] == NULL) break; - fprintf(stderr, "%7.7s", pgpPublicDSA[i]); + if (_dig) { + switch (i) { + case 0: /* p */ + mp32bsethex(&_dig->p, pgpMpiHex(p)); +if (_debug && _print) +printf("\t p = "), mp32println(_dig->p.size, _dig->p.modl); + break; + case 1: /* q */ + mp32bsethex(&_dig->q, pgpMpiHex(p)); +if (_debug && _print) +printf("\t q = "), mp32println(_dig->q.size, _dig->q.modl); + break; + case 2: /* g */ + mp32nsethex(&_dig->g, pgpMpiHex(p)); +if (_debug && _print) +printf("\t g = "), mp32println(_dig->g.size, _dig->g.data); + break; + case 3: /* y */ + mp32nsethex(&_dig->y, pgpMpiHex(p)); +if (_debug && _print) +printf("\t y = "), mp32println(_dig->y.size, _dig->y.data); + break; + default: + break; + } + } + pgpPrtStr("", pgpPublicDSA[i]); } else if (v->pubkey_algo == PGPPUBKEYALGO_ELGAMAL_ENCRYPT) { if (pgpPublicELGAMAL[i] == NULL) break; - fprintf(stderr, "%7.7s", pgpPublicELGAMAL[i]); - } else - fprintf(stderr, "%7d", i); - fprintf(stderr, " %s\n", pgpMpiStr(p)); + if (_print) + fprintf(stderr, "%7.7s", pgpPublicELGAMAL[i]); + } else { + if (_print) + fprintf(stderr, "%7d", i); + } + pgpPrtStr("", pgpMpiStr(p)); + pgpPrtNL(); } if (pkt == PGPPKT_PUBLIC_KEY || pkt == PGPPKT_PUBLIC_SUBKEY) @@ -574,24 +707,25 @@ fprintf(stderr, "\n"); break; case 0x01: pgpPrtVal(" salted ", pgpHashTbl, p[2]); -fprintf(stderr, " %s", pgpHexStr(p+3, 8)); + pgpPrtHex("", p+3, 8); p += 10; break; case 0x03: pgpPrtVal(" iterated/salted ", pgpHashTbl, p[2]); i = (16 + (p[11] & 0xf)) << ((p[11] >> 4) + 6); -fprintf(stderr, " %s iter %d", pgpHexStr(p+3, 8), i); + pgpPrtHex("", p+3, 8); + pgpPrtInt(" iter", i); p += 11; break; } break; default: pgpPrtVal(" ", pgpSymkeyTbl, *p); -fprintf(stderr, " IV %s", pgpHexStr(p+1, 8)); + pgpPrtHex(" IV", p+1, 8); p += 8; break; } -fprintf(stderr, "\n"); + pgpPrtNL(); p++; @@ -599,24 +733,27 @@ fprintf(stderr, "\n"); for (i = 0; p < &h[hlen]; i++, p += pgpMpiLen(p)) { if (v->pubkey_algo == PGPPUBKEYALGO_RSA) { if (pgpSecretRSA[i] == NULL) break; - fprintf(stderr, "%7.7s", pgpSecretRSA[i]); + pgpPrtStr("", pgpSecretRSA[i]); } else if (v->pubkey_algo == PGPPUBKEYALGO_DSA) { if (pgpSecretDSA[i] == NULL) break; - fprintf(stderr, "%7.7s", pgpSecretDSA[i]); + pgpPrtStr("", pgpSecretDSA[i]); } else if (v->pubkey_algo == PGPPUBKEYALGO_ELGAMAL_ENCRYPT) { if (pgpSecretELGAMAL[i] == NULL) break; - fprintf(stderr, "%7.7s", pgpSecretELGAMAL[i]); - } else - fprintf(stderr, "%7d", i); - fprintf(stderr, " %s\n", pgpMpiStr(p)); + pgpPrtStr("", pgpSecretELGAMAL[i]); + } else { + if (_print) + fprintf(stderr, "%7d", i); + } + pgpPrtStr("", pgpMpiStr(p)); + pgpPrtNL(); } #else -fprintf(stderr, " secret %s", pgpHexStr(p, (hlen - (p - h) - 2))); -fprintf(stderr, "\n"); + pgpPrtHex(" secret", p, (hlen - (p - h) - 2)); + pgpPrtNL(); p += (hlen - (p - h) - 2); #endif -fprintf(stderr, " checksum %s", pgpHexStr(p, 2)); -fprintf(stderr, "\n"); + pgpPrtHex(" checksum", p, 2); + pgpPrtNL(); return 0; } @@ -638,7 +775,9 @@ int pgpPrtKey(pgpPkt pkt, const byte *h, unsigned int hlen) int pgpPrtUserID(pgpPkt pkt, const byte *h, unsigned int hlen) { pgpPrtVal("", pgpPktTbl, pkt); -fprintf(stderr, " \"%*s\"\n", (int)hlen, (const char *)h); + if (_print) + fprintf(stderr, " \"%.*s\"", hlen, (const char *)h); + pgpPrtNL(); return 0; } @@ -647,22 +786,24 @@ int pgpPrtComment(pgpPkt pkt, const byte *h, unsigned int hlen) int i = hlen; pgpPrtVal("", pgpPktTbl, pkt); - fprintf(stderr, " "); + if (_print) + fprintf(stderr, " "); while (i > 0) { int j; if (*h >= ' ' && *h <= 'z') { - fprintf(stderr, "%s", (const char *)h); + if (_print) + fprintf(stderr, "%s", (const char *)h); j = strlen(h); while (h[j] == '\0') j++; } else { - fprintf(stderr, " %s", pgpHexStr(h, i)); + pgpPrtHex("", h, i); j = i; } i -= j; h += j; } - fprintf(stderr, "\n"); + pgpPrtNL(); return 0; } @@ -699,7 +840,7 @@ int pgpPrtPkt(const byte *p) (void) pgpPrtKey(pkt, h, hlen); break; case PGPPKT_USER_ID: -#ifdef DYING +#ifndef DYING (void) pgpPrtUserID(pkt, h, hlen); break; #endif @@ -724,24 +865,24 @@ int pgpPrtPkt(const byte *p) case PGPPKT_CONTROL: default: pgpPrtVal("", pgpPktTbl, pkt); - fprintf(stderr, " plen %02x hlen %x", plen, hlen); -#if 0 - fprintf(stderr, " %s", pgpHexStr(h, hlen)); -#else - fprintf(stderr, " %s", (const char *)h); -#endif - fprintf(stderr, "\n"); + if (_print) + fprintf(stderr, " plen %02x hlen %x", plen, hlen); + pgpPrtHex("", h, hlen); + pgpPrtNL(); break; } return plen+hlen+1; } -int pgpPrtPkts(const byte *pkts, unsigned int plen) +int pgpPrtPkts(const byte *pkts, unsigned int plen, struct pgpSig_s * dig, int printing) { const byte *p; int len; +_print = printing; +_dig = dig; + for (p = pkts; p < (pkts + plen); p += len) { len = pgpPrtPkt(p); if (len <= 0) diff --git a/rpmio/rpmpgp.h b/rpmio/rpmpgp.h index 13fe082..51d6900 100644 --- a/rpmio/rpmpgp.h +++ b/rpmio/rpmpgp.h @@ -10,8 +10,10 @@ * Copyright (C) The Internet Society (1998). All Rights Reserved. */ -#include "beecrypt.h" #include "base64.h" +#include "rsapk.h" +#include "rsa.h" +#include "dsa.h" /*@-typeuse -fielduse@*/ /** @@ -97,7 +99,6 @@ typedef struct pgpPubkeySession_s { byte version; /*!< version number (generate 3, accept 2). */ byte keyid[8]; /*!< key ID of the public key for session key. */ byte algo; /*!< public key algorithm used. */ - byte data[1]; } * pgpPubkeySession; @@ -305,7 +306,6 @@ typedef struct pgpPktSigV3_s { byte pubkey_algo; /*!< public key algorithm. */ byte hash_algo; /*!< hash algorithm. */ byte signhash16[2]; /*!< left 16 bits of signed hash value. */ - byte data[1]; /*!< One or more multi-precision integers. */ } * pgpPktSigV3; /** @@ -335,7 +335,6 @@ typedef struct pgpPktSigV4_s { byte pubkey_algo; /*!< public key algorithm. */ byte hash_algo; /*!< hash algorithm. */ byte hashlen[2]; /*!< length of following hashed material. */ - byte data[1]; /*!< Hashed subpacket data. (zero or more subpackets) */ } * pgpPktSigV4; /** @@ -611,7 +610,6 @@ typedef struct pgpPktKeyV3_s { byte time[4]; /*!< time that the key was created. */ byte valid[2]; /*!< time in days that this key is valid. */ byte pubkey_algo; /*!< public key algorithm. */ - byte data[1]; /*!< One or more multi-precision integers. */ } * pgpPktKeyV3; /** @@ -649,7 +647,6 @@ typedef struct pgpPktKeyV4_s { byte version; /*!< version number (4). */ byte time[4]; /*!< time that the key was created. */ byte pubkey_algo; /*!< public key algorithm. */ - byte data[1]; /*!< One or more multi-precision integers. */ } * pgpPktKeyV4; /** @@ -850,6 +847,36 @@ extern const char * redhatPubKeyDSA; */ /*@unused@*/ extern const char * redhatPubKeyRSA; + +/** + */ +struct pgpSig_s { + union { + struct pgpPktSigV3_s v3; + struct pgpPktSigV4_s v4; + } sig; + + int hash_datalen; +/*@only@*/ /*@null@*/ byte *hash_data; + + int size; /*!< No. bytes in digest. */ +/*@only@*/ /*@null@*/ void * data; /*!< Digest data. */ + + /* DSA parameters. */ + mp32barrett p; + mp32barrett q; + mp32number g; + mp32number y; + mp32number hm; + mp32number r; + mp32number s; + + /* RSA parameters. */ + rsapk rsa_pk; + mp32number m; + mp32number c; +} * pgpSig; + /*@=typeuse =fielduse@*/ /*@-fcnuse@*/ @@ -943,7 +970,7 @@ const char * pgpMpiStr(const byte *p) { static char prbuf[2048]; char *t = prbuf; - sprintf(t, "[%u]: ", pgpGrab(p, 2)); + sprintf(t, "[%4u]: ", pgpGrab(p, 2)); t += strlen(t); t = pgpHexCvt(t, p+2, pgpMpiLen(p)-2); return prbuf; @@ -952,6 +979,18 @@ const char * pgpMpiStr(const byte *p) /** */ /*@unused@*/ static inline /*@observer@*/ +const char * pgpMpiHex(const byte *p) + /*@*/ +{ + static char prbuf[2048]; + char *t = prbuf; + t = pgpHexCvt(t, p+2, pgpMpiLen(p)-2); + return prbuf; +} + +/** + */ +/*@unused@*/ static inline /*@observer@*/ const char * pgpValStr(pgpValTbl vs, byte val) /*@*/ { @@ -1016,12 +1055,12 @@ int pgpPrtComment(pgpPkt pkt, const byte *h, unsigned int hlen) /** */ -int pgpPrtPkts(const byte *pkts, unsigned int plen) - /*@modifies fileSystem @*/; +int pgpPrtPkt(const byte *p); /** */ -int pgpPrtPkt(const byte *p); +int pgpPrtPkts(const byte *pkts, unsigned int plen, struct pgpSig_s *rpmdig, int printing) + /*@modifies fileSystem @*/; #ifdef __cplusplus } diff --git a/rpmio/tkey.c b/rpmio/tkey.c index 7c39bdc..e03094b 100644 --- a/rpmio/tkey.c +++ b/rpmio/tkey.c @@ -6,18 +6,11 @@ static int _debug = 0; #include "system.h" -#include "rpmio.h" - +#include "rpmio_internal.h" #include "rpmpgp.h" -#include "rsapk.h" -#include "rsa.h" -#include "dsa.h" - #include "debug.h" -#include - -static int doit(const char *sig) +static int doit(const char *sig, rpmDigest dig, int printing) { const char *s, *t; unsigned char * dec; @@ -31,18 +24,17 @@ fprintf(stderr, "*** sig is\n%s\n", sig); if ((rc = b64decode(sig, (void **)&dec, &declen)) != 0) { fprintf(stderr, "*** b64decode returns %d\n", rc); - exit(rc); + return rc; } - - rc = pgpPrtPkts(dec, declen); + rc = pgpPrtPkts(dec, declen, dig, printing); if (rc < 0) { fprintf(stderr, "*** pgpPrtPkts returns %d\n", rc); - exit(rc); + return rc; } if ((enc = b64encode(dec, declen)) == NULL) { fprintf(stderr, "*** b64encode failed\n"); - exit(4); + return rc; } if (_debug) @@ -60,130 +52,131 @@ fprintf(stderr, "??? %5d %02x != %02x '%c' != '%c'\n", i, (*s & 0xff), (*t & 0xf return rc; } -/* DSA verification from Red Hat 7.0 time-1.7-12.i386.rpm */ -static const char * dsa_pkgfn = "7.0/i386/time-1.7-12.i386.rpm"; -static const char * dsa_hm = "2de2a0ca8c289ea5add64f8cf64e0b5893d0607b"; -static const char * dsa_r = "2247352810d76f6273b4e8d906f5ddfa7fcd4c45"; -static const char * dsa_s = "02275c68fcf18edb272a019309c8c81e2e4998bf"; - -static const char * dsa_p = "c12abdc197a3cef014341fcb09a03ea9f54ed8ca5ee98ed66a8a8be23f05cff83096778bbc1d0cdcc40679ee6f2cb00d4b2b5171f777282610f3335df4fa9e411bd9984964a12da6d1dcdd4a5dd5d0618728c1338c1b17706111abd52a70f10c9d2e18d57d4d554a5e31b7a6eea4f6d625bca3920e59dcfec1954394266af1df"; - -static const char * dsa_q = "a1b35510319a59825c721e73e41d687ffe351bc9"; - -static const char * dsa_g = "a8a2eaaec6bbfbe15d79cb4ba9b5e683673d5c9bca7822c3fdb774a8d26551bbaca00d10ada6c60d5507ebdcfee51ce24e3d5312497c2660d60bb5b0f155dc649af98ffb8ec88b92d42f0a22cf967710b75755f843661d1e417480cf583cca0556e05a74839ea43a2ab67b4fa02567be153298c6c7191653abd5db1b165c22cf"; - -static const char * dsa_y = "4ffefb48980f0264dde3c4682d2b9186b43349fdc32186ebf9b677f0160e1bfd51a8d89afc9a12d4aa821b13acde1809996d4a5d7240dca3c0f97e2166a937f9fbefa9084a492c9924cde97fdf6376c38ab33eb7113028815111123e308b778639acfa14f04e2438773fe01b8737dd37b620ac08f9680ab5ac419ed47717d0e4"; - -/* RSA verification from Red Hat 5.2 time-1.7-6.i386.rpm */ -static const char * rsa_pkgfn = "5.2/i386/time-1.7-6.i386.rpm"; -static const char * rsa_m = "f0bd35cbeb3870b5c7c283a7e1e76c42"; -static const char * rsa_n = "a1b8fd5f6851288373dc0881ee819a0e9eac31822f3985ca2a00868f240c8252adc9a217da9374fabe7e3ef6ea9816d6249bd18eecc999fd636960426e4790f3837cd8bc796c93152c5bafcca0a2c2d10a54cfc6a1d586d2271ab7d934ba12a6fd4b7563a67b4c8ea4e4099e085d38ccca5e981fe60f38bda520e8f1cba29bf9"; -static const char * rsa_e = "11"; - -static const char * rsa_c = "5075c56cbbde79bd5c990e4f2ebce5d65745f7be84fd077698305be350d1d40fa175545aeec101d529b18912ad68e4c380e8e5ca477bc9652b5710c178ed359725f41a7e5825f32c194c7e56f9e32529abba36bd2569b515de59ac004e15b20bbc34293322ba76c0d55b796d99017b6b2acc15fab79f2eab94869ee5c0ca47f4"; - -static const char * gpg_private = "\ -lQHPBDtnFRoRBADyRAlldI9km29INDTX82Sz5jXrsCcS93rzV66BcKQTcP+CPL1p\n\ -kBDaQwf0asQiWr4uaPPUtWj0urSVz7obzyGdILyf/2XVFJWUU9xGtFFEFKMHwdSZ\n\ -yGRpyTsd+jsUVPIR9X/fjJDvufuvcKtFHLU+F28nWv7C47rURAXEAoYCewCg5qDr\n\ -4fEr1kT3ACg4T1e98QlTRfsD/RDZCp5wSGa5hp4YtoDPza5cTrYopGJSXAXuQVi7\n\ -dGqTrAE3hdbWUmbG5hNerJRwOA0DK74Tn38/xoY091q3nH2UlEd3zLhoueOt6apa\n\ -VY98UmOaG+Ef5QGd2edHn26kSQq1N8P73FQ3+34ICoRwq+hNNi9cENWiuudi6PKs\n\ -eJlmA/sHR8dzcXSuwda8u2r2PvsqAu66pdA1gMdCdwSs3dtJTro3apXvASJDFqkN\n\ -y9Vbo6GZ8wmpWYYHM3Xd00rLPTZFzc+F0rBiGscyIZOTDyx8ofK30DHrRfMKytSm\n\ -K7TSCWmzKFDTSQxAUQd74qi6dJCVQ0dTuHWmXc1cKPvMEm6IWf8DAwIaLXrq0DYP\n\ -j2AdZ4iCkENxNzK2k3OzIsJvaYGuJAhmujAtkS03LLs89/0mIzpEU0FfZmFjdG9y\n\ -OgAAr0yL/JSDBRJlphGoWiOVfPhNpGFzHm/9JiM6RFNBX2ZhY3RvcjoAAK93Twk1\n\ -SRG6vnHwq6211cGbSUnr28JF/SYjOkRTQV9mYWN0b3I6AACvVJWEWQPciRahMYqY\n\ -Bq0a7YgA3QB3w7QpSmVmZiBKb2huc29uIChBUlMgTjNOUFEpIDxqYmpAcmVkaGF0\n\ -LmNvbT6IVwQTEQIAFwUCO2cVGgULBwoDBAMVAwIDFgIBAheAAAoJEKNiNe+PnmDb\n\ -sM4AmwTaY99wLwi9VE8tML5AS2gn89lIAJ4+BgiRQydv3L404qLZHVoq0KOkbp0B\n\ -RgQ7ZxUeEAQAx1F12EdF0NMS1D78hPYKaKxhCkCs9KDgDRfvX4kUBm0Omy/LjvSD\n\ -K6ol2k4CUgdHDI1DZwUB+g+zbpWP/osKah5pusNjf6rKUfeYSClOs1TqomMa4ur6\n\ -FAnFqjm6rMiptTEb40FWQKDZG+iiLj/m3DrRzETvlAhEkBSuWdLCHcMAAwUEALt6\n\ -Mo9BRDOgsZgC4gr+BFj1qj3UkpujduIrojdedVENzc9cvbxZ0uv762mt/TWkoVsd\n\ -QPNe+Qh9UjBBchZQYBPjNSJumDyxZa9vk4yaBG+ekZW+qsz8IjuFhA4uCY3u2FoA\n\ -Y9Sa7Gs4EKO1OnGuuCtpe5IPfqFolz55rlK/dbJj/wMDAhoteurQNg+PYKaUPggu\n\ -Pw3pzYAm1keoYnJNGesJ6CxS6C77eJ2betFwgIeLtevzwmnFejCo/SYjOkVMR19m\n\ -YWN0b3I6AACrBQvdBi1eWnh99itbVASMBUFew+yXAf0mIzpFTEdfZmFjdG9yOgAA\n\ -qwavqmFHo+0ebuTE/7oFpE5qqh1hZEn9JiM6RUxHX2ZhY3RvcjoAAKsE0zE2Kw1N\n\ -zwiX22mx1hjFTJ5AHhPd/SYjOkVMR19mYWN0b3I6AACrB+yUJFgU+djqGspx0xjx\n\ -/gz7sIH/e/0mIzpFTEdfZmFjdG9yOgAAqwcV+xN8WTB/A0d2FbLBgH9taqf3TteI\n\ -RgQYEQIABgUCO2cVHgAKCRCjYjXvj55g2+kGAKCh1/9z5GrteLdQcoduM7EBhmXD\n\ -HwCeKBfXD33WreQdRYpOxNX9cRgOAQE=\n\ +/* FIPS-186 test vectors. */ +static const char * fips_p = "8df2a494492276aa3d25759bb06869cbeac0d83afb8d0cf7cbb8324f0d7882e5d0762fc5b7210eafc2e9adac32ab7aac49693dfbf83724c2ec0736ee31c80291"; +static const char * fips_q = "c773218c737ec8ee993b4f2ded30f48edace915f"; +static const char * fips_g = "626d027839ea0a13413163a55b4cb500299d5522956cefcb3bff10f399ce2c2e71cb9de5fa24babf58e5b79521925c9cc42e9f6f464b088cc572af53e6d78802"; + +static const char * fips_hm = "a9993e364706816aba3e25717850c26c9cd0d89d"; + +static const char * fips_y = "19131871d75b1612a819f29d78d1b0d7346f7aa77bb62a859bfd6c5675da9d212d3a36ef1672ef660b8c7c255cc0ec74858fba33f44c06699630a76b030ee333"; + +static const char * fips_r = "8bac1ab66410435cb7181f95b16ab97c92b341c0"; +static const char * fips_s = "41e2345f1f56df2458f426d155b4ba2db6dcd8c8"; + +/* Secret key */ +static const char * jbjSecretDSA = " +lQFvBDu6XHwRAwCTIHRgKeIlOFUIEZeJVYSrXn0eUrM5S8OF471tTc+IV7AwiXBR +zCFCan4lO1ipmoAipyN2A6ZX0HWOcWdYlWz2adxA7l8JNiZTzkemA562xwex2wLy +AQWVTtRN6jv0LccAoN4UWZkIvkT6tV918sEvDEggGARxAv9190RhrDq/GMqd+AHm +qWrRkrBRHDUBBL2fYEuU3gFekYrW5CDIN6s3Mcq/yUsvwHl7bwmoqbf2qabbyfnv +Y66ETOPKLcw67ggcptHXHcwlvpfJmHKpjK+ByzgauPXXbRAC+gKDjzXL0kAQxjmT +2D+16O4vI8Emlx2JVcGLlq/aWhspvQWIzN6PytA3iKZ6uzesrM7yXmqzgodZUsJh +1wwl/0K5OIJn/oD41UayU8RXNER8SzDYvDYsJymFRwE1s58lL/8DAwJUAllw1pdZ +WmBIoAvRiv7kE6hWfeCvZzdBVgrHYrp8ceUa3OdulGfYw/0sIzpEU0FfZmFjdG9y +OgAA30gJ4JMFKVfthnDCHHL+O8lNxykKBmrgVPLClue0KUplZmYgSm9obnNvbiAo +QVJTIE4zTlBRKSA8amJqQHJlZGhhdC5jb20+iFcEExECABcFAju6XHwFCwcKAwQD +FQMCAxYCAQIXgAAKCRCB0qVW2I6DmQU6AJ490bVWZuM4yCOh8MWj6qApCr1/gwCf +f3+QgXFXAeTyPtMmReyWxThABtE= +"; + +/* Public key */ +static const char * jbjPublicDSA = " +mQFCBDu6XHwRAwCTIHRgKeIlOFUIEZeJVYSrXn0eUrM5S8OF471tTc+IV7AwiXBR +zCFCan4lO1ipmoAipyN2A6ZX0HWOcWdYlWz2adxA7l8JNiZTzkemA562xwex2wLy +AQWVTtRN6jv0LccAoN4UWZkIvkT6tV918sEvDEggGARxAv9190RhrDq/GMqd+AHm +qWrRkrBRHDUBBL2fYEuU3gFekYrW5CDIN6s3Mcq/yUsvwHl7bwmoqbf2qabbyfnv +Y66ETOPKLcw67ggcptHXHcwlvpfJmHKpjK+ByzgauPXXbRAC+gKDjzXL0kAQxjmT +2D+16O4vI8Emlx2JVcGLlq/aWhspvQWIzN6PytA3iKZ6uzesrM7yXmqzgodZUsJh +1wwl/0K5OIJn/oD41UayU8RXNER8SzDYvDYsJymFRwE1s58lL7QpSmVmZiBKb2hu +c29uIChBUlMgTjNOUFEpIDxqYmpAcmVkaGF0LmNvbT6IVwQTEQIAFwUCO7pcfAUL +BwoDBAMVAwIDFgIBAheAAAoJEIHSpVbYjoOZBToAn3TXaAI+bhg51EeyaiFip/6W +OVwBAJ44rTtNsgZBQxXISjB64CWxl4VaWQ== "; +/* Signature */ +static const char * abcSignatureDSA = " +iD8DBQA7vII+gdKlVtiOg5kRAvg4AJ0fV3gDBADobAnK2HOkV88bfmFMEgCeNysO +nP3dWWJnp0Pnbor7pIob4Dk= +"; int main (int argc, char *argv[]) { - mp32barrett p; - mp32barrett q; - mp32number g; - mp32number y; - mp32number hm; - mp32number r; - mp32number s; - - rsapk rsa_pk; - mp32number m; - mp32number c; - + rpmDigest dig = alloca(sizeof(*dig)); + int printing = 1; int rc; -fprintf(stderr, "=============================== Red Hat DSA Public Key\n"); - if ((rc = doit(redhatPubKeyDSA)) != 0) - return rc; + memset(dig, 0, sizeof(*dig)); - mp32bzero(&p); mp32bsethex(&p, dsa_p); - mp32bzero(&q); mp32bsethex(&q, dsa_q); - mp32nzero(&g); mp32nsethex(&g, dsa_g); - mp32nzero(&y); mp32nsethex(&y, dsa_y); + mp32bzero(&dig->p); mp32bsethex(&dig->p, fips_p); + mp32bzero(&dig->q); mp32bsethex(&dig->q, fips_q); + mp32nzero(&dig->g); mp32nsethex(&dig->g, fips_g); + mp32nzero(&dig->y); mp32nsethex(&dig->y, fips_y); + mp32nzero(&dig->r); mp32nsethex(&dig->r, fips_r); + mp32nzero(&dig->s); mp32nsethex(&dig->s, fips_s); + mp32nzero(&dig->hm);mp32nsethex(&dig->hm, fips_hm); - mp32nzero(&hm); mp32nsethex(&hm, dsa_hm); - mp32nzero(&r); mp32nsethex(&r, dsa_r); - mp32nzero(&s); mp32nsethex(&s, dsa_s); + rc = dsavrfy(&dig->p, &dig->q, &dig->g, &dig->hm, + &dig->y, &dig->r, &dig->s); - rc = dsavrfy(&p, &q, &g, &hm, &y, &r, &s); +fprintf(stderr, "=============================== DSA FIPS-186-1: rc %d\n", rc); -fprintf(stderr, "=============================== DSA verify %s: rc %d\n", - dsa_pkgfn, rc); + mp32bfree(&dig->p); + mp32bfree(&dig->q); + mp32nfree(&dig->g); + mp32nfree(&dig->y); - mp32bfree(&p); - mp32bfree(&q); - mp32nfree(&g); - mp32nfree(&y); + mp32nfree(&dig->hm); + mp32nfree(&dig->r); + mp32nfree(&dig->s); - mp32nfree(&hm); - mp32nfree(&r); - mp32nfree(&s); +fprintf(stderr, "=============================== GPG Secret Key\n"); + if ((rc = doit(jbjSecretDSA, dig, printing)) != 0) + fprintf(stderr, "==> FAILED: rc %d\n", rc); -fprintf(stderr, "=============================== Red Hat RSA Public Key\n"); - if ((rc = doit(redhatPubKeyRSA)) != 0) - return rc; +fprintf(stderr, "=============================== GPG Public Key\n"); + if ((rc = doit(jbjPublicDSA, dig, printing)) != 0) + fprintf(stderr, "==> FAILED: rc %d\n", rc); - rsapkInit(&rsa_pk); +fprintf(stderr, "=============================== GPG Signature of \"abc\"\n"); + if ((rc = doit(abcSignatureDSA, dig, printing)) != 0) + fprintf(stderr, "==> FAILED: rc %d\n", rc); - mp32bzero(&rsa_pk.n); mp32bsethex(&rsa_pk.n, rsa_n); - mp32nzero(&rsa_pk.e); mp32nsethex(&rsa_pk.e, rsa_e); + { DIGEST_CTX ctx = rpmDigestInit(RPMDIGEST_SHA1); + const char * digest = NULL; + size_t digestlen = 0; + const char * txt = "abc"; + + ctx = rpmDigestInit(RPMDIGEST_SHA1); - mp32nzero(&m); mp32nsethex(&m, rsa_m); - mp32nzero(&c); mp32nsethex(&s, rsa_c); + rpmDigestUpdate(ctx, txt, strlen(txt)); + rpmDigestUpdate(ctx, &dig->sig.v3.sigtype, dig->sig.v3.hashlen); + rpmDigestFinal(ctx, (void **)&digest, &digestlen, 1); -#if 0 - rc = rsavrfy(&rsa_pk, &m, &c); -#else - rc = 1; -#endif + mp32nzero(&dig->hm);mp32nsethex(&dig->hm, digest); -fprintf(stderr, "=============================== RSA verify %s: rc %d\n", - rsa_pkgfn, rc); +fprintf(stderr, "\n hm = [ 160]: %s\n\n", digest); - rsapkFree(&rsa_pk); + if (digest) { + free((void *)digest); + digest = NULL; + } + } -fprintf(stderr, "=============================== A DSA Private Key\n"); - if ((rc = doit(gpg_private)) != 0) - return rc; + rc = dsavrfy(&dig->p, &dig->q, &dig->g, &dig->hm, + &dig->y, &dig->r, &dig->s); + +fprintf(stderr, "=============================== DSA verify: rc %d\n", rc); + + mp32bfree(&dig->p); + mp32bfree(&dig->q); + mp32nfree(&dig->g); + mp32nfree(&dig->y); + + mp32nfree(&dig->hm); + mp32nfree(&dig->r); + mp32nfree(&dig->s); return rc; }