8 #define _RPMIOB_INTERNAL
13 #define _RPMPGP_INTERNAL
34 #if defined(USE_CRYPTO_BEECRYPT) && defined(WITH_BEECRYPT)
36 #elif defined(USE_CRYPTO_GCRYPT) && defined(WITH_GCRYPT)
38 #elif defined(USE_CRYPTO_NSS) && defined(WITH_NSS)
40 #elif defined(USE_CRYPTO_OPENSSL) && defined(WITH_SSL)
43 #elif defined(WITH_BEECRYPT)
45 #elif defined(WITH_GCRYPT)
47 #elif defined(WITH_NSS)
49 #elif defined(WITH_SSL)
52 #error INTERNAL ERROR: no suitable Cryptography library available
83 { -1,
"Unknown signature type" },
96 { -1,
"Unknown public key algorithm" },
112 { -1,
"Unknown symmetric key algorithm" },
120 { -1,
"Unknown compression algorithm" },
134 { -1,
"Unknown hash algorithm" },
140 { 0x80,
"No-modify" },
141 { -1,
"Unknown key server preference" },
182 { -1,
"Unknown signature subkey type" },
203 {
PGPTAG_MDC,
"Manipulaion detection code packet" },
208 { -1,
"Unknown packet tag" },
219 { -1,
"Unknown armor block" }
228 { -1,
"Unknown armor key" }
236 fprintf(stderr,
"\n");
245 fprintf(stderr,
"%s", pre);
246 fprintf(stderr,
" %d", i);
255 fprintf(stderr,
"%s", pre);
256 fprintf(stderr,
" %s", s);
265 fprintf(stderr,
"%s", pre);
266 fprintf(stderr,
" %s",
pgpHexStr(p, plen));
275 fprintf(stderr,
"%s", pre);
276 fprintf(stderr,
"%s(%u)",
pgpValStr(vs, val), (
unsigned)val);
293 fprintf(stderr,
" *CRITICAL*");
296 for (i = 1; i < plen; i++)
300 for (i = 1; i < plen; i++)
304 for (i = 1; i < plen; i++)
308 for (i = 1; i < plen; i++)
309 pgpPrtVal(
" ", pgpKeyServerPrefsTbl, p[i]);
313 if (
_digp && !(
_digp->saved & PGPDIG_SAVED_TIME) &&
316 _digp->saved |= PGPDIG_SAVED_TIME;
317 memcpy(
_digp->time, p+1,
sizeof(
_digp->time));
323 if ((plen - 1) == 4) {
324 time_t t =
pgpGrab(p+1, plen-1);
326 fprintf(stderr,
" %-24.24s(0x%08x)", ctime(&t), (
unsigned)t);
333 if (
_digp && !(
_digp->saved & PGPDIG_SAVED_ID) &&
336 _digp->saved |= PGPDIG_SAVED_ID;
337 memcpy(
_digp->signid, p+1,
sizeof(
_digp->signid));
403 for (i = 0; p < pend; i++, p +=
pgpMpiLen(p)) {
443 fprintf(stderr,
"%7d", i);
476 fprintf(stderr,
" %-24.24s(0x%08x)", ctime(&t), (
unsigned)t);
512 if ((p + plen) > (pp->
h + pp->
hlen))
516 fprintf(stderr,
" hash[%u] -- %s\n", plen,
pgpHexStr(p, plen));
518 _digp->hashlen =
sizeof(*v) + plen;
527 if ((p + plen) > (pp->
h + pp->
hlen))
531 fprintf(stderr,
" unhash[%u] -- %s\n", plen,
pgpHexStr(p, plen));
544 memcpy(
_digp->signhash16, p,
sizeof(
_digp->signhash16));
548 if (p > (pp->
h + pp->
hlen))
571 static const char * pgpSecretRSA[] = {
591 static const char * pgpSecretDSA[] = {
607 static const char * pgpSecretELGAMAL[] = {
663 fprintf(stderr,
"%7d", i);
698 pgpPrtVal(
" iterated/salted ", pgpHashTbl, p[2]);
699 i = (16 + ((unsigned)p[11] & 0xf)) << (((
unsigned)p[11] >> 4U) + 6);
719 if (pgpSecretRSA[i] == NULL)
break;
722 if (pgpSecretDSA[i] == NULL)
break;
725 if (pgpSecretELGAMAL[i] == NULL)
break;
729 fprintf(stderr,
"%7d", i);
737 p += (pp->
hlen - (p - pp->
h) - 2);
762 fprintf(stderr,
" %-24.24s(0x%08x)", ctime(&t), (
unsigned)t);
765 fprintf(stderr,
" valid %u days", plen);
784 fprintf(stderr,
" %-24.24s(0x%08x)", ctime(&t), (
unsigned)t);
812 fprintf(stderr,
" \"%.*s\"", (
int)pp->
hlen, (
const char *)pp->
h);
830 fprintf(stderr,
" ");
840 fprintf(stderr,
"%.*s", (
int)strlen((
const char *)h), (
const char *)h);
854 unsigned int val = (
unsigned int)*pkt;
857 memset(pp, 0,
sizeof(*pp));
863 pp->
tag = (val & 0x3f);
866 pp->
tag = (val >> 2) & 0xf;
867 plen = (1 << (val & 0x3));
872 if (pleft > 0 && pp->
pktlen > (
unsigned)pleft)
876 pp->
h = pkt + 1 + plen;
903 memmove(keyid, (se-8), 8);
916 for (i = 0; i < 2; i++)
920 for (i = 0; i < 4; i++)
929 memmove(keyid, (d + (dlen-8)), 8);
942 if (b64decode(b64pkt, (
void **)&pkt, &pktlen))
966 _digp->saved |= PGPDIG_SAVED_ID;
968 memset(
_digp->signid, 0,
sizeof(
_digp->signid));
1009 return (rc ? -1 : (
int)pp->
pktlen);
1019 dig->signature.userid =
_free(dig->signature.userid);
1020 dig->pubkey.userid =
_free(dig->pubkey.userid);
1021 memset(&dig->dops, 0,
sizeof(dig->dops));
1022 memset(&dig->sops, 0,
sizeof(dig->sops));
1023 dig->ppkts =
_free(dig->ppkts);
1025 dig->signature.hash =
_free(dig->signature.hash);
1026 dig->pubkey.hash =
_free(dig->pubkey.hash);
1028 for (i = 0; i < 4; i++) {
1029 dig->signature.params[i] =
_free(dig->signature.params[i]);
1030 dig->pubkey.params[i] =
_free(dig->pubkey.params[i]);
1034 memset(&dig->signature, 0,
sizeof(dig->signature));
1035 memset(&dig->pubkey, 0,
sizeof(dig->pubkey));
1037 dig->md5 =
_free(dig->md5);
1038 dig->sha1 =
_free(dig->sha1);
1056 dig->sig =
_free(dig->sig);
1060 yarnRelease(dig->_item.use);
1065 yarnPossess(dig->_item.use);
1068 if (dig->hdrsha1ctx != NULL)
1070 dig->hdrsha1ctx = NULL;
1072 if (dig->sha1ctx != NULL)
1074 dig->sha1ctx = NULL;
1077 if (dig->hdrmd5ctx != NULL)
1079 dig->hdrmd5ctx = NULL;
1082 if (dig->md5ctx != NULL)
1099 if (_digPool == NULL) {
1117 return (dig ? &dig->signature : NULL);
1122 return (dig ? &dig->pubkey : NULL);
1127 return (dig ? dig->sigtag : 0);
1132 return (dig ? dig->sigtype : 0);
1137 return (dig ? dig->sig : NULL);
1142 return (dig ? dig->siglen : 0);
1149 dig->sigtag = sigtag;
1150 dig->sigtype = (sig ? sigtype : 0);
1154 dig->siglen = siglen;
1174 int (*findPubkey) (
void *ts,
void *dig),
void * _ts)
1178 dig->findPubkey = findPubkey;
1190 if (dig && dig->findPubkey && dig->_ts)
1191 rc = (*dig->findPubkey) (dig->_ts, dig);
1206 for (p = pkts, pleft = pktlen; p < (pkts + pktlen); p += len, pleft -= len) {
1215 ppkts =
xcalloc(npkts,
sizeof(*ppkts));
1218 for (p = pkts, pleft = pktlen; p < (pkts + pktlen); p += len, pleft -= len) {
1229 ppkts =
_free(ppkts);
1243 unsigned int val = (
unsigned int)*pkts;
1252 if (dig != NULL && (val & 0x80)) {
1253 pgpTag tag = (val & 0x40) ? (val & 0x3f) : ((val >> 2) & 0xf);
1259 if (
pgpGrabPkts(pkts, pktlen, &ppkts, &npkts) || ppkts == NULL) {
1265 for (i = 0, pleft = pktlen; i < npkts; i++, pleft -= len) {
1271 dig->ppkts =
_free(dig->ppkts);
1275 ppkts =
_free(ppkts);
1285 const char * enc = NULL;
1286 const char * crcenc = NULL;
1292 const char * armortype = NULL;
1300 if (rc || iob == NULL)
1320 iob->blen =
pgpPktLen(iob->b, iob->blen, pp);
1325 #define TOKEQ(_s, _tok) (!strncmp((_s), (_tok), sizeof(_tok)-1))
1328 for (t = (
char *)iob->b; t && *t; t = te) {
1329 if ((te = strchr(t,
'\n')) == NULL)
1337 if (!
TOKEQ(t,
"-----BEGIN PGP "))
1339 t +=
sizeof(
"-----BEGIN PGP ")-1;
1352 t = strchr(t,
'\n');
1357 t -= (
sizeof(
"-----")-1);
1358 if (!
TOKEQ(t,
"-----"))
1368 if (!(*t ==
'\n' || *t ==
'\r')) {
1385 if (!
TOKEQ(t,
"-----END PGP ")) {
1390 t +=
sizeof(
"-----END PGP ")-1;
1391 if (t >= te)
continue;
1393 if (armortype == NULL)
1395 rc = strncmp(t, armortype, strlen(armortype));
1399 t += strlen(armortype);
1400 if (t >= te)
continue;
1402 if (!
TOKEQ(t,
"-----")) {
1406 t += (
sizeof(
"-----")-1);
1407 if (t >= te)
continue;
1409 if (!(*t ==
'\n' || *t ==
'\r'))
continue;
1413 if (b64decode(crcenc, (
void **)&crcdec, &crclen) != 0) {
1417 crcpkt =
pgpGrab(crcdec, crclen);
1418 crcdec =
_free(crcdec);
1421 if (b64decode(enc, (
void **)&dec, &declen) != 0) {
1425 crc =
pgpCRC(dec, declen);
1426 if (crcpkt != crc) {
1430 iob->b =
_free(iob->b);
1441 if (pkt) *pkt = iob->b;
1442 if (pktlen) *pktlen = iob->blen;
1445 if (pkt) *pkt = NULL;
1446 if (pktlen) *pktlen = 0;
1460 nt = ((ns + 2) / 3) * 4;
1463 if (b64encode_chars_per_line > 0 && b64encode_eolstr != NULL) {
1464 lc = (nt + b64encode_chars_per_line - 1) / b64encode_chars_per_line;
1465 if (((nt + b64encode_chars_per_line - 1) % b64encode_chars_per_line) != 0)
1467 nt += lc * strlen(b64encode_eolstr);
1475 t =
stpcpy(t,
"-----BEGIN PGP ");
1480 t =
stpcpy(t,
" (BeeCrypt)\n\n");
1482 if ((enc = b64encode(s, ns)) != NULL) {
1485 if ((enc = b64crc(s, ns)) != NULL) {
1492 t =
stpcpy(t,
"-----END PGP ");
1494 t =
stpcpy(t,
"-----\n");
1508 name_len = strlen(name);
1509 for (i = 0; i <
sizeof(
pgpHashTbl)/
sizeof(pgpHashTbl[0]); i++)
1511 return pgpHashTbl[i].
val;