00001
00007 #include "system.h"
00008 #include "rpmio_internal.h"
00009 #include "debug.h"
00010
00011
00012
00013
00014
00015 static int _debug = 0;
00016
00017
00018 static int _print = 0;
00019
00020 static int _crypto_initialized = 0;
00021
00022
00023 static pgpDig _dig = NULL;
00024
00025
00026 static pgpDigParams _digp = NULL;
00027
00028 struct pgpValTbl_s pgpSigTypeTbl[] = {
00029 { PGPSIGTYPE_BINARY, "Binary document signature" },
00030 { PGPSIGTYPE_TEXT, "Text document signature" },
00031 { PGPSIGTYPE_STANDALONE, "Standalone signature" },
00032 { PGPSIGTYPE_GENERIC_CERT, "Generic certification of a User ID and Public Key" },
00033 { PGPSIGTYPE_PERSONA_CERT, "Persona certification of a User ID and Public Key" },
00034 { PGPSIGTYPE_CASUAL_CERT, "Casual certification of a User ID and Public Key" },
00035 { PGPSIGTYPE_POSITIVE_CERT, "Positive certification of a User ID and Public Key" },
00036 { PGPSIGTYPE_SUBKEY_BINDING,"Subkey Binding Signature" },
00037 { PGPSIGTYPE_SIGNED_KEY, "Signature directly on a key" },
00038 { PGPSIGTYPE_KEY_REVOKE, "Key revocation signature" },
00039 { PGPSIGTYPE_SUBKEY_REVOKE, "Subkey revocation signature" },
00040 { PGPSIGTYPE_CERT_REVOKE, "Certification revocation signature" },
00041 { PGPSIGTYPE_TIMESTAMP, "Timestamp signature" },
00042 { -1, "Unknown signature type" },
00043 };
00044
00045 struct pgpValTbl_s pgpPubkeyTbl[] = {
00046 { PGPPUBKEYALGO_RSA, "RSA" },
00047 { PGPPUBKEYALGO_RSA_ENCRYPT,"RSA(Encrypt-Only)" },
00048 { PGPPUBKEYALGO_RSA_SIGN, "RSA(Sign-Only)" },
00049 { PGPPUBKEYALGO_ELGAMAL_ENCRYPT,"Elgamal(Encrypt-Only)" },
00050 { PGPPUBKEYALGO_DSA, "DSA" },
00051 { PGPPUBKEYALGO_EC, "Elliptic Curve" },
00052 { PGPPUBKEYALGO_ECDSA, "ECDSA" },
00053 { PGPPUBKEYALGO_ELGAMAL, "Elgamal" },
00054 { PGPPUBKEYALGO_DH, "Diffie-Hellman (X9.42)" },
00055 { -1, "Unknown public key algorithm" },
00056 };
00057
00058 struct pgpValTbl_s pgpSymkeyTbl[] = {
00059 { PGPSYMKEYALGO_PLAINTEXT, "Plaintext" },
00060 { PGPSYMKEYALGO_IDEA, "IDEA" },
00061 { PGPSYMKEYALGO_TRIPLE_DES, "3DES" },
00062 { PGPSYMKEYALGO_CAST5, "CAST5" },
00063 { PGPSYMKEYALGO_BLOWFISH, "BLOWFISH" },
00064 { PGPSYMKEYALGO_SAFER, "SAFER" },
00065 { PGPSYMKEYALGO_DES_SK, "DES/SK" },
00066 { PGPSYMKEYALGO_AES_128, "AES(128-bit key)" },
00067 { PGPSYMKEYALGO_AES_192, "AES(192-bit key)" },
00068 { PGPSYMKEYALGO_AES_256, "AES(256-bit key)" },
00069 { PGPSYMKEYALGO_TWOFISH, "TWOFISH(256-bit key)" },
00070 { PGPSYMKEYALGO_NOENCRYPT, "no encryption" },
00071 { -1, "Unknown symmetric key algorithm" },
00072 };
00073
00074 struct pgpValTbl_s pgpCompressionTbl[] = {
00075 { PGPCOMPRESSALGO_NONE, "Uncompressed" },
00076 { PGPCOMPRESSALGO_ZIP, "ZIP" },
00077 { PGPCOMPRESSALGO_ZLIB, "ZLIB" },
00078 { PGPCOMPRESSALGO_BZIP2, "BZIP2" },
00079 { -1, "Unknown compression algorithm" },
00080 };
00081
00082 struct pgpValTbl_s pgpHashTbl[] = {
00083 { PGPHASHALGO_MD5, "MD5" },
00084 { PGPHASHALGO_SHA1, "SHA1" },
00085 { PGPHASHALGO_RIPEMD160, "RIPEMD160" },
00086 { PGPHASHALGO_MD2, "MD2" },
00087 { PGPHASHALGO_TIGER192, "TIGER192" },
00088 { PGPHASHALGO_HAVAL_5_160, "HAVAL-5-160" },
00089 { PGPHASHALGO_SHA256, "SHA256" },
00090 { PGPHASHALGO_SHA384, "SHA384" },
00091 { PGPHASHALGO_SHA512, "SHA512" },
00092 { -1, "Unknown hash algorithm" },
00093 };
00094
00095
00096
00097 struct pgpValTbl_s pgpKeyServerPrefsTbl[] = {
00098 { 0x80, "No-modify" },
00099 { -1, "Unknown key server preference" },
00100 };
00101
00102
00103 struct pgpValTbl_s pgpSubTypeTbl[] = {
00104 { PGPSUBTYPE_SIG_CREATE_TIME,"signature creation time" },
00105 { PGPSUBTYPE_SIG_EXPIRE_TIME,"signature expiration time" },
00106 { PGPSUBTYPE_EXPORTABLE_CERT,"exportable certification" },
00107 { PGPSUBTYPE_TRUST_SIG, "trust signature" },
00108 { PGPSUBTYPE_REGEX, "regular expression" },
00109 { PGPSUBTYPE_REVOCABLE, "revocable" },
00110 { PGPSUBTYPE_KEY_EXPIRE_TIME,"key expiration time" },
00111 { PGPSUBTYPE_ARR, "additional recipient request" },
00112 { PGPSUBTYPE_PREFER_SYMKEY, "preferred symmetric algorithms" },
00113 { PGPSUBTYPE_REVOKE_KEY, "revocation key" },
00114 { PGPSUBTYPE_ISSUER_KEYID, "issuer key ID" },
00115 { PGPSUBTYPE_NOTATION, "notation data" },
00116 { PGPSUBTYPE_PREFER_HASH, "preferred hash algorithms" },
00117 { PGPSUBTYPE_PREFER_COMPRESS,"preferred compression algorithms" },
00118 { PGPSUBTYPE_KEYSERVER_PREFERS,"key server preferences" },
00119 { PGPSUBTYPE_PREFER_KEYSERVER,"preferred key server" },
00120 { PGPSUBTYPE_PRIMARY_USERID,"primary user id" },
00121 { PGPSUBTYPE_POLICY_URL, "policy URL" },
00122 { PGPSUBTYPE_KEY_FLAGS, "key flags" },
00123 { PGPSUBTYPE_SIGNER_USERID, "signer's user id" },
00124 { PGPSUBTYPE_REVOKE_REASON, "reason for revocation" },
00125 { PGPSUBTYPE_FEATURES, "features" },
00126 { PGPSUBTYPE_EMBEDDED_SIG, "embedded signature" },
00127
00128 { PGPSUBTYPE_INTERNAL_100, "internal subpkt type 100" },
00129 { PGPSUBTYPE_INTERNAL_101, "internal subpkt type 101" },
00130 { PGPSUBTYPE_INTERNAL_102, "internal subpkt type 102" },
00131 { PGPSUBTYPE_INTERNAL_103, "internal subpkt type 103" },
00132 { PGPSUBTYPE_INTERNAL_104, "internal subpkt type 104" },
00133 { PGPSUBTYPE_INTERNAL_105, "internal subpkt type 105" },
00134 { PGPSUBTYPE_INTERNAL_106, "internal subpkt type 106" },
00135 { PGPSUBTYPE_INTERNAL_107, "internal subpkt type 107" },
00136 { PGPSUBTYPE_INTERNAL_108, "internal subpkt type 108" },
00137 { PGPSUBTYPE_INTERNAL_109, "internal subpkt type 109" },
00138 { PGPSUBTYPE_INTERNAL_110, "internal subpkt type 110" },
00139 { -1, "Unknown signature subkey type" },
00140 };
00141
00142 struct pgpValTbl_s pgpTagTbl[] = {
00143 { PGPTAG_PUBLIC_SESSION_KEY,"Public-Key Encrypted Session Key" },
00144 { PGPTAG_SIGNATURE, "Signature" },
00145 { PGPTAG_SYMMETRIC_SESSION_KEY,"Symmetric-Key Encrypted Session Key" },
00146 { PGPTAG_ONEPASS_SIGNATURE, "One-Pass Signature" },
00147 { PGPTAG_SECRET_KEY, "Secret Key" },
00148 { PGPTAG_PUBLIC_KEY, "Public Key" },
00149 { PGPTAG_SECRET_SUBKEY, "Secret Subkey" },
00150 { PGPTAG_COMPRESSED_DATA, "Compressed Data" },
00151 { PGPTAG_SYMMETRIC_DATA, "Symmetrically Encrypted Data" },
00152 { PGPTAG_MARKER, "Marker" },
00153 { PGPTAG_LITERAL_DATA, "Literal Data" },
00154 { PGPTAG_TRUST, "Trust" },
00155 { PGPTAG_USER_ID, "User ID" },
00156 { PGPTAG_PUBLIC_SUBKEY, "Public Subkey" },
00157 { PGPTAG_COMMENT_OLD, "Comment (from OpenPGP draft)" },
00158 { PGPTAG_PHOTOID, "PGP's photo ID" },
00159 { PGPTAG_ENCRYPTED_MDC, "Integrity protected encrypted data" },
00160 { PGPTAG_MDC, "Manipulaion detection code packet" },
00161 { PGPTAG_PRIVATE_60, "Private #60" },
00162 { PGPTAG_COMMENT, "Comment" },
00163 { PGPTAG_PRIVATE_62, "Private #62" },
00164 { PGPTAG_CONTROL, "Control (GPG)" },
00165 { -1, "Unknown packet tag" },
00166 };
00167
00168 struct pgpValTbl_s pgpArmorTbl[] = {
00169 { PGPARMOR_MESSAGE, "MESSAGE" },
00170 { PGPARMOR_PUBKEY, "PUBLIC KEY BLOCK" },
00171 { PGPARMOR_SIGNATURE, "SIGNATURE" },
00172 { PGPARMOR_SIGNED_MESSAGE, "SIGNED MESSAGE" },
00173 { PGPARMOR_FILE, "ARMORED FILE" },
00174 { PGPARMOR_PRIVKEY, "PRIVATE KEY BLOCK" },
00175 { PGPARMOR_SECKEY, "SECRET KEY BLOCK" },
00176 { -1, "Unknown armor block" }
00177 };
00178
00179 struct pgpValTbl_s pgpArmorKeyTbl[] = {
00180 { PGPARMORKEY_VERSION, "Version: " },
00181 { PGPARMORKEY_COMMENT, "Comment: " },
00182 { PGPARMORKEY_MESSAGEID, "MessageID: " },
00183 { PGPARMORKEY_HASH, "Hash: " },
00184 { PGPARMORKEY_CHARSET, "Charset: " },
00185 { -1, "Unknown armor key" }
00186 };
00187
00193 static inline void *
00194 _free( const void * p)
00195
00196 {
00197 if (p != NULL) free((void *)p);
00198 return NULL;
00199 }
00200
00201 static void pgpPrtNL(void)
00202
00203
00204 {
00205 if (!_print) return;
00206 fprintf(stderr, "\n");
00207 }
00208
00209 static void pgpPrtInt(const char *pre, int i)
00210
00211
00212 {
00213 if (!_print) return;
00214 if (pre && *pre)
00215 fprintf(stderr, "%s", pre);
00216 fprintf(stderr, " %d", i);
00217 }
00218
00219 static void pgpPrtStr(const char *pre, const char *s)
00220
00221
00222 {
00223 if (!_print) return;
00224 if (pre && *pre)
00225 fprintf(stderr, "%s", pre);
00226 fprintf(stderr, " %s", s);
00227 }
00228
00229 static void pgpPrtHex(const char *pre, const byte *p, unsigned int plen)
00230
00231
00232 {
00233 if (!_print) return;
00234 if (pre && *pre)
00235 fprintf(stderr, "%s", pre);
00236 fprintf(stderr, " %s", pgpHexStr(p, plen));
00237 }
00238
00239 void pgpPrtVal(const char * pre, pgpValTbl vs, byte val)
00240
00241
00242 {
00243 if (!_print) return;
00244 if (pre && *pre)
00245 fprintf(stderr, "%s", pre);
00246 fprintf(stderr, "%s(%u)", pgpValStr(vs, val), (unsigned)val);
00247 }
00248
00251 static
00252 const char * pgpMpiHex(const byte *p)
00253
00254 {
00255 static char prbuf[2048];
00256 char *t = prbuf;
00257 t = pgpHexCvt(t, p+2, pgpMpiLen(p)-2);
00258 return prbuf;
00259 }
00260
00261
00265 static int pgpMpiSet(const char * pre, int lbits,
00266 void *dest, const byte * p, const byte * pend)
00267
00268
00269 {
00270 unsigned int mbits = pgpMpiBits(p);
00271 unsigned int nbits;
00272 unsigned int nbytes;
00273 char *t = dest;
00274 unsigned int ix;
00275
00276 if ((p + ((mbits+7) >> 3)) > pend)
00277 return 1;
00278
00279 if (mbits > lbits)
00280 return 1;
00281
00282 nbits = (lbits > mbits ? lbits : mbits);
00283 nbytes = ((nbits + 7) >> 3);
00284 ix = (nbits - mbits) >> 3;
00285
00286 if (_debug)
00287 fprintf(stderr, "*** mbits %u nbits %u nbytes %u ix %u\n", mbits, nbits, nbytes, ix);
00288 if (ix > 0) memset(t, '\0', ix);
00289 memcpy(t+ix, p+2, nbytes-ix);
00290 if (_debug)
00291 fprintf(stderr, "*** %s %s\n", pre, pgpHexStr(dest, nbytes));
00292
00293 return 0;
00294 }
00295
00299 static SECItem *pgpMpiItem(PRArenaPool *arena, SECItem *item, const byte *p)
00300
00301
00302 {
00303 unsigned int nbytes = pgpMpiLen(p)-2;
00304
00305 if (item == NULL) {
00306 if ((item=SECITEM_AllocItem(arena, item, nbytes)) == NULL)
00307 return item;
00308 } else {
00309 if (arena != NULL)
00310 item->data = PORT_ArenaGrow(arena, item->data, item->len, nbytes);
00311 else
00312 item->data = PORT_Realloc(item->data, nbytes);
00313
00314 if (item->data == NULL) {
00315 if (arena == NULL)
00316 SECITEM_FreeItem(item, PR_TRUE);
00317 return NULL;
00318 }
00319 }
00320
00321 memcpy(item->data, p+2, nbytes);
00322 item->len = nbytes;
00323 return item;
00324 }
00325
00326
00327 static SECKEYPublicKey *pgpNewPublicKey(KeyType type)
00328 {
00329 PRArenaPool *arena;
00330 SECKEYPublicKey *key;
00331
00332 arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
00333 if (arena == NULL)
00334 return NULL;
00335
00336 key = PORT_ArenaZAlloc(arena, sizeof(SECKEYPublicKey));
00337
00338 if (key == NULL) {
00339 PORT_FreeArena(arena, PR_FALSE);
00340 return NULL;
00341 }
00342
00343 key->keyType = type;
00344 key->pkcs11ID = CK_INVALID_HANDLE;
00345 key->pkcs11Slot = NULL;
00346 key->arena = arena;
00347 return key;
00348 }
00349
00350 static SECKEYPublicKey *pgpNewRSAKey(void)
00351 {
00352 return pgpNewPublicKey(rsaKey);
00353 }
00354
00355 static SECKEYPublicKey *pgpNewDSAKey(void)
00356 {
00357 return pgpNewPublicKey(dsaKey);
00358 }
00359
00360 int pgpPrtSubType(const byte *h, unsigned int hlen, pgpSigType sigtype)
00361 {
00362 const byte *p = h;
00363 unsigned plen;
00364 int i;
00365
00366 while (hlen > 0) {
00367 i = pgpLen(p, &plen);
00368 p += i;
00369 hlen -= i;
00370
00371 pgpPrtVal(" ", pgpSubTypeTbl, (p[0]&(~PGPSUBTYPE_CRITICAL)));
00372 if (p[0] & PGPSUBTYPE_CRITICAL)
00373 if (_print)
00374 fprintf(stderr, " *CRITICAL*");
00375 switch (*p) {
00376 case PGPSUBTYPE_PREFER_SYMKEY:
00377 for (i = 1; i < plen; i++)
00378 pgpPrtVal(" ", pgpSymkeyTbl, p[i]);
00379 break;
00380 case PGPSUBTYPE_PREFER_HASH:
00381 for (i = 1; i < plen; i++)
00382 pgpPrtVal(" ", pgpHashTbl, p[i]);
00383 break;
00384 case PGPSUBTYPE_PREFER_COMPRESS:
00385 for (i = 1; i < plen; i++)
00386 pgpPrtVal(" ", pgpCompressionTbl, p[i]);
00387 break;
00388 case PGPSUBTYPE_KEYSERVER_PREFERS:
00389 for (i = 1; i < plen; i++)
00390 pgpPrtVal(" ", pgpKeyServerPrefsTbl, p[i]);
00391 break;
00392 case PGPSUBTYPE_SIG_CREATE_TIME:
00393
00394 if (_digp && !(_digp->saved & PGPDIG_SAVED_TIME) &&
00395 (sigtype == PGPSIGTYPE_POSITIVE_CERT || sigtype == PGPSIGTYPE_BINARY || sigtype == PGPSIGTYPE_TEXT || sigtype == PGPSIGTYPE_STANDALONE))
00396 {
00397 _digp->saved |= PGPDIG_SAVED_TIME;
00398 memcpy(_digp->time, p+1, sizeof(_digp->time));
00399 }
00400
00401
00402 case PGPSUBTYPE_SIG_EXPIRE_TIME:
00403 case PGPSUBTYPE_KEY_EXPIRE_TIME:
00404 if ((plen - 1) == 4) {
00405 time_t t = pgpGrab(p+1, plen-1);
00406 if (_print)
00407 fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t);
00408 } else
00409 pgpPrtHex("", p+1, plen-1);
00410 break;
00411
00412 case PGPSUBTYPE_ISSUER_KEYID:
00413
00414 if (_digp && !(_digp->saved & PGPDIG_SAVED_ID) &&
00415 (sigtype == PGPSIGTYPE_POSITIVE_CERT || sigtype == PGPSIGTYPE_BINARY || sigtype == PGPSIGTYPE_TEXT || sigtype == PGPSIGTYPE_STANDALONE))
00416 {
00417 _digp->saved |= PGPDIG_SAVED_ID;
00418 memcpy(_digp->signid, p+1, sizeof(_digp->signid));
00419 }
00420
00421
00422 case PGPSUBTYPE_EXPORTABLE_CERT:
00423 case PGPSUBTYPE_TRUST_SIG:
00424 case PGPSUBTYPE_REGEX:
00425 case PGPSUBTYPE_REVOCABLE:
00426 case PGPSUBTYPE_ARR:
00427 case PGPSUBTYPE_REVOKE_KEY:
00428 case PGPSUBTYPE_NOTATION:
00429 case PGPSUBTYPE_PREFER_KEYSERVER:
00430 case PGPSUBTYPE_PRIMARY_USERID:
00431 case PGPSUBTYPE_POLICY_URL:
00432 case PGPSUBTYPE_KEY_FLAGS:
00433 case PGPSUBTYPE_SIGNER_USERID:
00434 case PGPSUBTYPE_REVOKE_REASON:
00435 case PGPSUBTYPE_FEATURES:
00436 case PGPSUBTYPE_EMBEDDED_SIG:
00437 case PGPSUBTYPE_INTERNAL_100:
00438 case PGPSUBTYPE_INTERNAL_101:
00439 case PGPSUBTYPE_INTERNAL_102:
00440 case PGPSUBTYPE_INTERNAL_103:
00441 case PGPSUBTYPE_INTERNAL_104:
00442 case PGPSUBTYPE_INTERNAL_105:
00443 case PGPSUBTYPE_INTERNAL_106:
00444 case PGPSUBTYPE_INTERNAL_107:
00445 case PGPSUBTYPE_INTERNAL_108:
00446 case PGPSUBTYPE_INTERNAL_109:
00447 case PGPSUBTYPE_INTERNAL_110:
00448 default:
00449 pgpPrtHex("", p+1, plen-1);
00450 break;
00451 }
00452 pgpPrtNL();
00453 p += plen;
00454 hlen -= plen;
00455 }
00456 return 0;
00457 }
00458
00459
00460
00461 static const char * pgpSigRSA[] = {
00462 " m**d =",
00463 NULL,
00464 };
00465
00466
00467 static const char * pgpSigDSA[] = {
00468 " r =",
00469 " s =",
00470 NULL,
00471 };
00472
00473
00474 #ifndef DSA_SUBPRIME_LEN
00475 #define DSA_SUBPRIME_LEN 20
00476 #endif
00477
00478 static int pgpPrtSigParams( pgpTag tag, byte pubkey_algo, byte sigtype,
00479 const byte *p, const byte *h, unsigned int hlen)
00480
00481
00482 {
00483 const byte * pend = h + hlen;
00484 int i;
00485 SECItem dsaraw;
00486 unsigned char dsabuf[2*DSA_SUBPRIME_LEN];
00487
00488 dsaraw.type = 0;
00489 dsaraw.data = dsabuf;
00490 dsaraw.len = sizeof(dsabuf);
00491
00492 for (i = 0; p < pend; i++, p += pgpMpiLen(p)) {
00493 if (pubkey_algo == PGPPUBKEYALGO_RSA) {
00494 if (i >= 1) break;
00495 if (_dig &&
00496 (sigtype == PGPSIGTYPE_BINARY || sigtype == PGPSIGTYPE_TEXT))
00497 {
00498 switch (i) {
00499 case 0:
00500 _dig->rsasig = pgpMpiItem(NULL, _dig->rsasig, p);
00501 if (_dig->rsasig == NULL)
00502 return 1;
00503 break;
00504 default:
00505 break;
00506 }
00507 }
00508 pgpPrtStr("", pgpSigRSA[i]);
00509 } else if (pubkey_algo == PGPPUBKEYALGO_DSA) {
00510 if (i >= 2) break;
00511 if (_dig &&
00512 (sigtype == PGPSIGTYPE_BINARY || sigtype == PGPSIGTYPE_TEXT))
00513 {
00514 int xx;
00515 xx = 0;
00516 switch (i) {
00517 case 0:
00518 memset(dsaraw.data, '\0', 2*DSA_SUBPRIME_LEN);
00519
00520 xx = pgpMpiSet(pgpSigDSA[i], DSA_SUBPRIME_LEN*8, dsaraw.data, p, pend);
00521 break;
00522 case 1:
00523 xx = pgpMpiSet(pgpSigDSA[i], DSA_SUBPRIME_LEN*8, dsaraw.data + DSA_SUBPRIME_LEN, p, pend);
00524 if (_dig->dsasig != NULL)
00525 SECITEM_FreeItem(_dig->dsasig, PR_FALSE);
00526 else if ((_dig->dsasig=SECITEM_AllocItem(NULL, NULL, 0)) == NULL) {
00527 xx = 1;
00528 break;
00529 }
00530 if (DSAU_EncodeDerSig(_dig->dsasig, &dsaraw) != SECSuccess)
00531 xx = 1;
00532 break;
00533 default:
00534 xx = 1;
00535 break;
00536 }
00537 if (xx) return xx;
00538 }
00539 pgpPrtStr("", pgpSigDSA[i]);
00540 } else {
00541 if (_print)
00542 fprintf(stderr, "%7d", i);
00543 }
00544 pgpPrtStr("", pgpMpiStr(p));
00545 pgpPrtNL();
00546 }
00547
00548 return 0;
00549 }
00550
00551 int pgpPrtSig(pgpTag tag, const byte *h, unsigned int hlen)
00552
00553
00554 {
00555 byte version = h[0];
00556 byte * p;
00557 unsigned plen;
00558 int rc;
00559
00560 switch (version) {
00561 case 3:
00562 { pgpPktSigV3 v = (pgpPktSigV3)h;
00563 time_t t;
00564
00565 if (v->hashlen != 5)
00566 return 1;
00567
00568 pgpPrtVal("V3 ", pgpTagTbl, tag);
00569 pgpPrtVal(" ", pgpPubkeyTbl, v->pubkey_algo);
00570 pgpPrtVal(" ", pgpHashTbl, v->hash_algo);
00571 pgpPrtVal(" ", pgpSigTypeTbl, v->sigtype);
00572 pgpPrtNL();
00573 t = pgpGrab(v->time, sizeof(v->time));
00574 if (_print)
00575 fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t);
00576 pgpPrtNL();
00577 pgpPrtHex(" signer keyid", v->signid, sizeof(v->signid));
00578 plen = pgpGrab(v->signhash16, sizeof(v->signhash16));
00579 pgpPrtHex(" signhash16", v->signhash16, sizeof(v->signhash16));
00580 pgpPrtNL();
00581
00582 if (_digp && _digp->pubkey_algo == 0) {
00583 _digp->version = v->version;
00584 _digp->hashlen = v->hashlen;
00585 _digp->sigtype = v->sigtype;
00586 _digp->hash = memcpy(xmalloc(v->hashlen), &v->sigtype, v->hashlen);
00587 memcpy(_digp->time, v->time, sizeof(_digp->time));
00588 memcpy(_digp->signid, v->signid, sizeof(_digp->signid));
00589 _digp->pubkey_algo = v->pubkey_algo;
00590 _digp->hash_algo = v->hash_algo;
00591 memcpy(_digp->signhash16, v->signhash16, sizeof(_digp->signhash16));
00592 }
00593
00594 p = ((byte *)v) + sizeof(*v);
00595 rc = pgpPrtSigParams(tag, v->pubkey_algo, v->sigtype, p, h, hlen);
00596 } break;
00597 case 4:
00598 { pgpPktSigV4 v = (pgpPktSigV4)h;
00599
00600 pgpPrtVal("V4 ", pgpTagTbl, tag);
00601 pgpPrtVal(" ", pgpPubkeyTbl, v->pubkey_algo);
00602 pgpPrtVal(" ", pgpHashTbl, v->hash_algo);
00603 pgpPrtVal(" ", pgpSigTypeTbl, v->sigtype);
00604 pgpPrtNL();
00605
00606 p = &v->hashlen[0];
00607 plen = pgpGrab(v->hashlen, sizeof(v->hashlen));
00608 p += sizeof(v->hashlen);
00609
00610 if ((p + plen) > (h + hlen))
00611 return 1;
00612
00613 if (_debug && _print)
00614 fprintf(stderr, " hash[%u] -- %s\n", plen, pgpHexStr(p, plen));
00615 if (_digp && _digp->pubkey_algo == 0) {
00616 _digp->hashlen = sizeof(*v) + plen;
00617 _digp->hash = memcpy(xmalloc(_digp->hashlen), v, _digp->hashlen);
00618 }
00619 (void) pgpPrtSubType(p, plen, v->sigtype);
00620 p += plen;
00621
00622 plen = pgpGrab(p,2);
00623 p += 2;
00624
00625 if ((p + plen) > (h + hlen))
00626 return 1;
00627
00628 if (_debug && _print)
00629 fprintf(stderr, " unhash[%u] -- %s\n", plen, pgpHexStr(p, plen));
00630 (void) pgpPrtSubType(p, plen, v->sigtype);
00631 p += plen;
00632
00633 plen = pgpGrab(p,2);
00634 pgpPrtHex(" signhash16", p, 2);
00635 pgpPrtNL();
00636
00637 if (_digp && _digp->pubkey_algo == 0) {
00638 _digp->version = v->version;
00639 _digp->sigtype = v->sigtype;
00640 _digp->pubkey_algo = v->pubkey_algo;
00641 _digp->hash_algo = v->hash_algo;
00642 memcpy(_digp->signhash16, p, sizeof(_digp->signhash16));
00643 }
00644
00645 p += 2;
00646 if (p > (h + hlen))
00647 return 1;
00648
00649 rc = pgpPrtSigParams(tag, v->pubkey_algo, v->sigtype, p, h, hlen);
00650 } break;
00651 default:
00652 rc = 1;
00653 break;
00654 }
00655 return rc;
00656 }
00657
00658
00659
00660 static const char * pgpPublicRSA[] = {
00661 " n =",
00662 " e =",
00663 NULL,
00664 };
00665
00666
00667 static const char * pgpSecretRSA[] = {
00668 " d =",
00669 " p =",
00670 " q =",
00671 " u =",
00672 NULL,
00673 };
00674
00675
00676 static const char * pgpPublicDSA[] = {
00677 " p =",
00678 " q =",
00679 " g =",
00680 " y =",
00681 NULL,
00682 };
00683
00684
00685 static const char * pgpSecretDSA[] = {
00686 " x =",
00687 NULL,
00688 };
00689
00690
00691 static const char * pgpPublicELGAMAL[] = {
00692 " p =",
00693 " g =",
00694 " y =",
00695 NULL,
00696 };
00697
00698
00699 static const char * pgpSecretELGAMAL[] = {
00700 " x =",
00701 NULL,
00702 };
00703
00704
00705 static const byte * pgpPrtPubkeyParams(byte pubkey_algo,
00706 const byte *p, const byte *h, unsigned int hlen)
00707
00708
00709 {
00710 int i;
00711
00712 for (i = 0; p < &h[hlen]; i++, p += pgpMpiLen(p)) {
00713 if (pubkey_algo == PGPPUBKEYALGO_RSA) {
00714 if (i >= 2) break;
00715 if (_dig) {
00716 if (_dig->rsa == NULL) {
00717 _dig->rsa = pgpNewRSAKey();
00718 if (_dig->rsa == NULL)
00719 break;
00720 }
00721 switch (i) {
00722 case 0:
00723 pgpMpiItem(_dig->rsa->arena, &_dig->rsa->u.rsa.modulus, p);
00724 break;
00725 case 1:
00726 pgpMpiItem(_dig->rsa->arena, &_dig->rsa->u.rsa.publicExponent, p);
00727 break;
00728 default:
00729 break;
00730 }
00731 }
00732 pgpPrtStr("", pgpPublicRSA[i]);
00733 } else if (pubkey_algo == PGPPUBKEYALGO_DSA) {
00734 if (i >= 4) break;
00735 if (_dig) {
00736 if (_dig->dsa == NULL) {
00737 _dig->dsa = pgpNewDSAKey();
00738 if (_dig->dsa == NULL)
00739 break;
00740 }
00741 switch (i) {
00742 case 0:
00743 pgpMpiItem(_dig->dsa->arena, &_dig->dsa->u.dsa.params.prime, p);
00744 break;
00745 case 1:
00746 pgpMpiItem(_dig->dsa->arena, &_dig->dsa->u.dsa.params.subPrime, p);
00747 break;
00748 case 2:
00749 pgpMpiItem(_dig->dsa->arena, &_dig->dsa->u.dsa.params.base, p);
00750 break;
00751 case 3:
00752 pgpMpiItem(_dig->dsa->arena, &_dig->dsa->u.dsa.publicValue, p);
00753 break;
00754 default:
00755 break;
00756 }
00757 }
00758 pgpPrtStr("", pgpPublicDSA[i]);
00759 } else if (pubkey_algo == PGPPUBKEYALGO_ELGAMAL_ENCRYPT) {
00760 if (i >= 3) break;
00761 pgpPrtStr("", pgpPublicELGAMAL[i]);
00762 } else {
00763 if (_print)
00764 fprintf(stderr, "%7d", i);
00765 }
00766 pgpPrtStr("", pgpMpiStr(p));
00767 pgpPrtNL();
00768 }
00769
00770 return p;
00771 }
00772
00773 static const byte * pgpPrtSeckeyParams( byte pubkey_algo,
00774 const byte *p, const byte *h, unsigned int hlen)
00775
00776
00777 {
00778 int i;
00779
00780 switch (*p) {
00781 case 0:
00782 pgpPrtVal(" ", pgpSymkeyTbl, *p);
00783 break;
00784 case 255:
00785 p++;
00786 pgpPrtVal(" ", pgpSymkeyTbl, *p);
00787 switch (p[1]) {
00788 case 0x00:
00789 pgpPrtVal(" simple ", pgpHashTbl, p[2]);
00790 p += 2;
00791 break;
00792 case 0x01:
00793 pgpPrtVal(" salted ", pgpHashTbl, p[2]);
00794 pgpPrtHex("", p+3, 8);
00795 p += 10;
00796 break;
00797 case 0x03:
00798 pgpPrtVal(" iterated/salted ", pgpHashTbl, p[2]);
00799
00800 i = (16 + (p[11] & 0xf)) << ((p[11] >> 4) + 6);
00801
00802 pgpPrtHex("", p+3, 8);
00803 pgpPrtInt(" iter", i);
00804 p += 11;
00805 break;
00806 }
00807 break;
00808 default:
00809 pgpPrtVal(" ", pgpSymkeyTbl, *p);
00810 pgpPrtHex(" IV", p+1, 8);
00811 p += 8;
00812 break;
00813 }
00814 pgpPrtNL();
00815
00816 p++;
00817
00818 #ifdef NOTYET
00819 for (i = 0; p < &h[hlen]; i++, p += pgpMpiLen(p)) {
00820 if (pubkey_algo == PGPPUBKEYALGO_RSA) {
00821 if (pgpSecretRSA[i] == NULL) break;
00822 pgpPrtStr("", pgpSecretRSA[i]);
00823 } else if (pubkey_algo == PGPPUBKEYALGO_DSA) {
00824 if (pgpSecretDSA[i] == NULL) break;
00825 pgpPrtStr("", pgpSecretDSA[i]);
00826 } else if (pubkey_algo == PGPPUBKEYALGO_ELGAMAL_ENCRYPT) {
00827 if (pgpSecretELGAMAL[i] == NULL) break;
00828 pgpPrtStr("", pgpSecretELGAMAL[i]);
00829 } else {
00830 if (_print)
00831 fprintf(stderr, "%7d", i);
00832 }
00833 pgpPrtStr("", pgpMpiStr(p));
00834 pgpPrtNL();
00835 }
00836 #else
00837 pgpPrtHex(" secret", p, (hlen - (p - h) - 2));
00838 pgpPrtNL();
00839 p += (hlen - (p - h) - 2);
00840 #endif
00841 pgpPrtHex(" checksum", p, 2);
00842 pgpPrtNL();
00843
00844 return p;
00845 }
00846
00847 int pgpPrtKey(pgpTag tag, const byte *h, unsigned int hlen)
00848
00849
00850 {
00851 byte version = *h;
00852 const byte * p;
00853 unsigned plen;
00854 time_t t;
00855 int rc;
00856
00857 switch (version) {
00858 case 3:
00859 { pgpPktKeyV3 v = (pgpPktKeyV3)h;
00860 pgpPrtVal("V3 ", pgpTagTbl, tag);
00861 pgpPrtVal(" ", pgpPubkeyTbl, v->pubkey_algo);
00862 t = pgpGrab(v->time, sizeof(v->time));
00863 if (_print)
00864 fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t);
00865 plen = pgpGrab(v->valid, sizeof(v->valid));
00866 if (plen != 0)
00867 fprintf(stderr, " valid %u days", plen);
00868 pgpPrtNL();
00869
00870 if (_digp && _digp->tag == tag) {
00871 _digp->version = v->version;
00872 memcpy(_digp->time, v->time, sizeof(_digp->time));
00873 _digp->pubkey_algo = v->pubkey_algo;
00874 }
00875
00876 p = ((byte *)v) + sizeof(*v);
00877 p = pgpPrtPubkeyParams(v->pubkey_algo, p, h, hlen);
00878 rc = 0;
00879 } break;
00880 case 4:
00881 { pgpPktKeyV4 v = (pgpPktKeyV4)h;
00882 pgpPrtVal("V4 ", pgpTagTbl, tag);
00883 pgpPrtVal(" ", pgpPubkeyTbl, v->pubkey_algo);
00884 t = pgpGrab(v->time, sizeof(v->time));
00885 if (_print)
00886 fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t);
00887 pgpPrtNL();
00888
00889 if (_digp && _digp->tag == tag) {
00890 _digp->version = v->version;
00891 memcpy(_digp->time, v->time, sizeof(_digp->time));
00892 _digp->pubkey_algo = v->pubkey_algo;
00893 }
00894
00895 p = ((byte *)v) + sizeof(*v);
00896 p = pgpPrtPubkeyParams(v->pubkey_algo, p, h, hlen);
00897 if (!(tag == PGPTAG_PUBLIC_KEY || tag == PGPTAG_PUBLIC_SUBKEY))
00898 p = pgpPrtSeckeyParams(v->pubkey_algo, p, h, hlen);
00899 rc = 0;
00900 } break;
00901 default:
00902 rc = 1;
00903 break;
00904 }
00905 return rc;
00906 }
00907
00908
00909 int pgpPrtUserID(pgpTag tag, const byte *h, unsigned int hlen)
00910
00911
00912 {
00913 pgpPrtVal("", pgpTagTbl, tag);
00914 if (_print)
00915 fprintf(stderr, " \"%.*s\"", (int)hlen, (const char *)h);
00916 pgpPrtNL();
00917 if (_digp) {
00918 char * t;
00919 _digp->userid = t = memcpy(xmalloc(hlen+1), h, hlen);
00920 t[hlen] = '\0';
00921 }
00922 return 0;
00923 }
00924
00925
00926 int pgpPrtComment(pgpTag tag, const byte *h, unsigned int hlen)
00927 {
00928 int i = hlen;
00929
00930 pgpPrtVal("", pgpTagTbl, tag);
00931 if (_print)
00932 fprintf(stderr, " ");
00933 while (i > 0) {
00934 int j;
00935 if (*h >= ' ' && *h <= 'z') {
00936 if (_print)
00937 fprintf(stderr, "%s", (const char *)h);
00938 j = strlen(h);
00939 while (h[j] == '\0')
00940 j++;
00941 } else {
00942 pgpPrtHex("", h, i);
00943 j = i;
00944 }
00945 i -= j;
00946 h += j;
00947 }
00948 pgpPrtNL();
00949 return 0;
00950 }
00951
00952 int pgpPubkeyFingerprint(const byte * pkt, unsigned int pktlen,
00953 byte * keyid)
00954 {
00955 unsigned int val = *pkt;
00956 unsigned int plen, hlen;
00957 pgpTag tag;
00958 const uint8_t *se, *h;
00959 DIGEST_CTX ctx;
00960 int rc = -1;
00961
00962 if (!(val & 0x80))
00963 return rc;
00964
00965 if (val & 0x40) {
00966 tag = (val & 0x3f);
00967 plen = pgpLen(pkt+1, &hlen);
00968 } else {
00969 tag = (val >> 2) & 0xf;
00970 plen = (1 << (val & 0x3));
00971 hlen = pgpGrab(pkt+1, plen);
00972 }
00973 if (pktlen > 0 && 1 + plen + hlen > pktlen)
00974 return rc;
00975
00976 h = pkt + 1 + plen;
00977
00978 switch (h[0]) {
00979 case 3:
00980 { pgpPktKeyV3 v = (pgpPktKeyV3) (h);
00981 se = (uint8_t *)(v + 1);
00982 switch (v->pubkey_algo) {
00983 case PGPPUBKEYALGO_RSA:
00984 se += pgpMpiLen(se);
00985 memmove(keyid, (se-8), 8);
00986 rc = 0;
00987 break;
00988 default:
00989 break;
00990 }
00991 } break;
00992 case 4:
00993 { pgpPktKeyV4 v = (pgpPktKeyV4) (h);
00994 uint8_t * d = NULL;
00995 size_t dlen;
00996 int i;
00997
00998 se = (uint8_t *)(v + 1);
00999 switch (v->pubkey_algo) {
01000 case PGPPUBKEYALGO_RSA:
01001 for (i = 0; i < 2; i++)
01002 se += pgpMpiLen(se);
01003 break;
01004 case PGPPUBKEYALGO_DSA:
01005 for (i = 0; i < 4; i++)
01006 se += pgpMpiLen(se);
01007 break;
01008 }
01009
01010 ctx = rpmDigestInit(PGPHASHALGO_SHA1, RPMDIGEST_NONE);
01011 (void) rpmDigestUpdate(ctx, pkt, (se-pkt));
01012 (void) rpmDigestFinal(ctx, (void **)&d, &dlen, 0);
01013
01014 memmove(keyid, (d + (dlen-8)), 8);
01015 if (d) free(d);
01016 rc = 0;
01017
01018 } break;
01019 }
01020 return rc;
01021 }
01022
01023 int pgpPrtPkt(const byte *pkt, unsigned int pleft)
01024 {
01025 unsigned int val = *pkt;
01026 unsigned int pktlen;
01027 pgpTag tag;
01028 unsigned int plen;
01029 const byte *h;
01030 unsigned int hlen = 0;
01031 int rc = 0;
01032
01033
01034 if (!(val & 0x80))
01035 return -1;
01036
01037 if (val & 0x40) {
01038 tag = (val & 0x3f);
01039 plen = pgpLen(pkt+1, &hlen);
01040 } else {
01041 tag = (val >> 2) & 0xf;
01042 plen = (1 << (val & 0x3));
01043 hlen = pgpGrab(pkt+1, plen);
01044 }
01045
01046 pktlen = 1 + plen + hlen;
01047 if (pktlen > pleft)
01048 return -1;
01049
01050 h = pkt + 1 + plen;
01051 switch (tag) {
01052 case PGPTAG_SIGNATURE:
01053 rc = pgpPrtSig(tag, h, hlen);
01054 break;
01055 case PGPTAG_PUBLIC_KEY:
01056
01057 if (_digp) {
01058
01059 if (!pgpPubkeyFingerprint(pkt, pktlen, _digp->signid))
01060 _digp->saved |= PGPDIG_SAVED_ID;
01061 else
01062 memset(_digp->signid, 0, sizeof(_digp->signid));
01063
01064 }
01065
01066 case PGPTAG_PUBLIC_SUBKEY:
01067 rc = pgpPrtKey(tag, h, hlen);
01068 break;
01069 case PGPTAG_SECRET_KEY:
01070 case PGPTAG_SECRET_SUBKEY:
01071 rc = pgpPrtKey(tag, h, hlen);
01072 break;
01073 case PGPTAG_USER_ID:
01074 rc = pgpPrtUserID(tag, h, hlen);
01075 break;
01076 case PGPTAG_COMMENT:
01077 case PGPTAG_COMMENT_OLD:
01078 rc = pgpPrtComment(tag, h, hlen);
01079 break;
01080
01081 case PGPTAG_RESERVED:
01082 case PGPTAG_PUBLIC_SESSION_KEY:
01083 case PGPTAG_SYMMETRIC_SESSION_KEY:
01084 case PGPTAG_COMPRESSED_DATA:
01085 case PGPTAG_SYMMETRIC_DATA:
01086 case PGPTAG_MARKER:
01087 case PGPTAG_LITERAL_DATA:
01088 case PGPTAG_TRUST:
01089 case PGPTAG_PHOTOID:
01090 case PGPTAG_ENCRYPTED_MDC:
01091 case PGPTAG_MDC:
01092 case PGPTAG_PRIVATE_60:
01093 case PGPTAG_PRIVATE_62:
01094 case PGPTAG_CONTROL:
01095 default:
01096 pgpPrtVal("", pgpTagTbl, tag);
01097 pgpPrtHex("", h, hlen);
01098 pgpPrtNL();
01099 break;
01100 }
01101
01102 return (rc ? -1 : pktlen);
01103 }
01104
01105 pgpDig pgpNewDig(void)
01106 {
01107 pgpDig dig = xcalloc(1, sizeof(*dig));
01108
01109 return dig;
01110 }
01111
01112
01113 void pgpCleanDig(pgpDig dig)
01114 {
01115 if (dig != NULL) {
01116 int i;
01117 dig->signature.userid = _free(dig->signature.userid);
01118 dig->pubkey.userid = _free(dig->pubkey.userid);
01119 dig->signature.hash = _free(dig->signature.hash);
01120 dig->pubkey.hash = _free(dig->pubkey.hash);
01121
01122 for (i = 0; i < 4; i++) {
01123 dig->signature.params[i] = _free(dig->signature.params[i]);
01124 dig->pubkey.params[i] = _free(dig->pubkey.params[i]);
01125 }
01126
01127
01128 memset(&dig->signature, 0, sizeof(dig->signature));
01129 memset(&dig->pubkey, 0, sizeof(dig->pubkey));
01130
01131 dig->md5 = _free(dig->md5);
01132 dig->sha1 = _free(dig->sha1);
01133
01134 if (dig->dsa != NULL) {
01135 SECKEY_DestroyPublicKey(dig->dsa);
01136 dig->dsa = NULL;
01137 }
01138
01139 if (dig->dsasig != NULL) {
01140 SECITEM_ZfreeItem(dig->dsasig, PR_TRUE);
01141 dig->dsasig = NULL;
01142 }
01143
01144 if (dig->rsa != NULL) {
01145 SECKEY_DestroyPublicKey(dig->rsa);
01146 dig->rsa = NULL;
01147 }
01148
01149 if (dig->rsasig != NULL) {
01150 SECITEM_ZfreeItem(dig->rsasig, PR_TRUE);
01151 dig->rsasig = NULL;
01152 }
01153
01154 }
01155
01156 return;
01157
01158 }
01159
01160
01161 pgpDig pgpFreeDig( pgpDig dig)
01162
01163 {
01164 if (dig != NULL) {
01165
01166
01167 pgpCleanDig(dig);
01168
01169
01170 if (dig->hdrsha1ctx != NULL)
01171 (void) rpmDigestFinal(dig->hdrsha1ctx, NULL, NULL, 0);
01172
01173 dig->hdrsha1ctx = NULL;
01174
01175
01176 if (dig->sha1ctx != NULL)
01177 (void) rpmDigestFinal(dig->sha1ctx, NULL, NULL, 0);
01178
01179 dig->sha1ctx = NULL;
01180
01181 #ifdef NOTYET
01182
01183 if (dig->hdrmd5ctx != NULL)
01184 (void) rpmDigestFinal(dig->hdrmd5ctx, NULL, NULL, 0);
01185
01186 dig->hdrmd5ctx = NULL;
01187 #endif
01188
01189
01190 if (dig->md5ctx != NULL)
01191 (void) rpmDigestFinal(dig->md5ctx, NULL, NULL, 0);
01192
01193 dig->md5ctx = NULL;
01194
01195 dig = _free(dig);
01196 }
01197 return dig;
01198 }
01199
01200 int pgpPrtPkts(const byte * pkts, unsigned int pktlen, pgpDig dig, int printing)
01201
01202
01203 {
01204 unsigned int val = *pkts;
01205 const byte *p;
01206 unsigned int pleft;
01207 int len;
01208
01209 _print = printing;
01210 _dig = dig;
01211 if (dig != NULL && (val & 0x80)) {
01212 pgpTag tag = (val & 0x40) ? (val & 0x3f) : ((val >> 2) & 0xf);
01213 _digp = (tag == PGPTAG_SIGNATURE) ? &_dig->signature : &_dig->pubkey;
01214 _digp->tag = tag;
01215 } else
01216 _digp = NULL;
01217
01218 for (p = pkts, pleft = pktlen; p < (pkts + pktlen); p += len, pleft -= len) {
01219 len = pgpPrtPkt(p, pleft);
01220 if (len <= 0)
01221 return len;
01222 if (len > pleft)
01223 break;
01224 }
01225 return 0;
01226 }
01227
01228
01229 pgpArmor pgpReadPkts(const char * fn, const byte ** pkt, size_t * pktlen)
01230 {
01231 const byte * b = NULL;
01232 ssize_t blen;
01233 const char * enc = NULL;
01234 const char * crcenc = NULL;
01235 byte * dec;
01236 byte * crcdec;
01237 size_t declen;
01238 size_t crclen;
01239 uint32_t crcpkt, crc;
01240 const char * armortype = NULL;
01241 char * t, * te;
01242 int pstate = 0;
01243 pgpArmor ec = PGPARMOR_ERR_NO_BEGIN_PGP;
01244 int rc;
01245
01246 rc = rpmioSlurp(fn, &b, &blen);
01247 if (rc || b == NULL || blen <= 0) {
01248 goto exit;
01249 }
01250
01251 if (pgpIsPkt(b)) {
01252 #ifdef NOTYET
01253 ec = 0;
01254 #endif
01255 goto exit;
01256 }
01257
01258 #define TOKEQ(_s, _tok) (!strncmp((_s), (_tok), sizeof(_tok)-1))
01259
01260 for (t = (char *)b; t && *t; t = te) {
01261 if ((te = strchr(t, '\n')) == NULL)
01262 te = t + strlen(t);
01263 else
01264 te++;
01265
01266 switch (pstate) {
01267 case 0:
01268 armortype = NULL;
01269 if (!TOKEQ(t, "-----BEGIN PGP "))
01270 continue;
01271 t += sizeof("-----BEGIN PGP ")-1;
01272
01273 rc = pgpValTok(pgpArmorTbl, t, te);
01274 if (rc < 0) {
01275 ec = PGPARMOR_ERR_UNKNOWN_ARMOR_TYPE;
01276 goto exit;
01277 }
01278 if (rc != PGPARMOR_PUBKEY)
01279 continue;
01280 armortype = t;
01281
01282 t = te - (sizeof("-----\n")-1);
01283 if (!TOKEQ(t, "-----\n"))
01284 continue;
01285 *t = '\0';
01286 pstate++;
01287 break;
01288 case 1:
01289 enc = NULL;
01290 rc = pgpValTok(pgpArmorKeyTbl, t, te);
01291 if (rc >= 0)
01292 continue;
01293 if (*t != '\n') {
01294 pstate = 0;
01295 continue;
01296 }
01297 enc = te;
01298 pstate++;
01299 break;
01300 case 2:
01301 crcenc = NULL;
01302 if (*t != '=')
01303 continue;
01304 *t++ = '\0';
01305 crcenc = t;
01306 pstate++;
01307 break;
01308 case 3:
01309 pstate = 0;
01310 if (!TOKEQ(t, "-----END PGP ")) {
01311 ec = PGPARMOR_ERR_NO_END_PGP;
01312 goto exit;
01313 }
01314 *t = '\0';
01315 t += sizeof("-----END PGP ")-1;
01316 if (t >= te) continue;
01317
01318 if (armortype == NULL)
01319 continue;
01320 rc = strncmp(t, armortype, strlen(armortype));
01321 if (rc)
01322 continue;
01323
01324 t += strlen(armortype);
01325 if (t >= te) continue;
01326
01327 if (!TOKEQ(t, "-----")) {
01328 ec = PGPARMOR_ERR_NO_END_PGP;
01329 goto exit;
01330 }
01331 t += (sizeof("-----")-1);
01332 if (t >= te) continue;
01333
01334 if (!(*t == '\n' || *t == '\r')) continue;
01335
01336 crcdec = NULL;
01337 crclen = 0;
01338 if (b64decode(crcenc, (void **)&crcdec, &crclen) != 0) {
01339 ec = PGPARMOR_ERR_CRC_DECODE;
01340 goto exit;
01341 }
01342 crcpkt = pgpGrab(crcdec, crclen);
01343 crcdec = _free(crcdec);
01344 dec = NULL;
01345 declen = 0;
01346 if (b64decode(enc, (void **)&dec, &declen) != 0) {
01347 ec = PGPARMOR_ERR_BODY_DECODE;
01348 goto exit;
01349 }
01350 crc = pgpCRC(dec, declen);
01351 if (crcpkt != crc) {
01352 ec = PGPARMOR_ERR_CRC_CHECK;
01353 goto exit;
01354 }
01355 b = _free(b);
01356 b = dec;
01357 blen = declen;
01358 ec = PGPARMOR_PUBKEY;
01359 goto exit;
01360 break;
01361 }
01362 }
01363 ec = PGPARMOR_NONE;
01364
01365 exit:
01366 if (ec > PGPARMOR_NONE && pkt)
01367 *pkt = b;
01368 else if (b != NULL)
01369 b = _free(b);
01370 if (pktlen)
01371 *pktlen = blen;
01372 return ec;
01373 }
01374
01375
01376 char * pgpArmorWrap(int atype, const unsigned char * s, size_t ns)
01377 {
01378 const char * enc;
01379 char * t;
01380 size_t nt = 0;
01381 char * val;
01382
01383 enc = b64encode(s, ns, -1);
01384 if (enc != NULL) {
01385 nt = strlen(enc);
01386 }
01387
01388 nt += 512;
01389
01390
01391 val = t = xmalloc(nt + 1);
01392 *t = '\0';
01393 t = stpcpy(t, "-----BEGIN PGP ");
01394 t = stpcpy(t, pgpValStr(pgpArmorTbl, atype));
01395
01396 t = stpcpy( stpcpy(t, "-----\nVersion: rpm-"), VERSION);
01397
01398 t = stpcpy(t, " (NSS-3)\n\n");
01399
01400 if (enc != NULL) {
01401 t = stpcpy(t, enc);
01402 enc = _free(enc);
01403 if ((enc = b64crc(s, ns)) != NULL) {
01404 *t++ = '=';
01405 t = stpcpy(t, enc);
01406 enc = _free(enc);
01407 }
01408 }
01409
01410 t = stpcpy(t, "-----END PGP ");
01411 t = stpcpy(t, pgpValStr(pgpArmorTbl, atype));
01412 t = stpcpy(t, "-----\n");
01413
01414
01415 return val;
01416 }
01417
01418
01419 int rpmInitCrypto(void) {
01420 int rc = 0;
01421
01422 if (!_crypto_initialized && NSS_NoDB_Init(NULL) != SECSuccess) {
01423 rc = -1;
01424 } else {
01425 _crypto_initialized = 1;
01426 }
01427
01428 return rc;
01429 }
01430
01431