RPM Package Manager, CVS Repository
http://rpm5.org/cvs/
____________________________________________________________________________
Server: rpm5.org Name: Jeff Johnson
Root: /v/rpm/cvs Email: jbj@rpm5.org
Module: rpm Date: 28-Dec-2007 19:15:40
Branch: HEAD Handle: 2007122818154000
Added files:
rpm/lib genpgp.sh tpgp.c
Modified files:
rpm/lib .cvsignore Makefile.am
Log:
- jbj: setup a pgp(...) workbench.
Summary:
Revision Changes Path
1.10 +2 -0 rpm/lib/.cvsignore
2.170 +9 -2 rpm/lib/Makefile.am
2.1 +45 -0 rpm/lib/genpgp.sh
2.1 +173 -0 rpm/lib/tpgp.c
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: rpm/lib/.cvsignore
============================================================================
$ cvs diff -u -r1.9 -r1.10 .cvsignore
--- rpm/lib/.cvsignore 2 Dec 2007 15:33:53 -0000 1.9
+++ rpm/lib/.cvsignore 28 Dec 2007 18:15:40 -0000 1.10
@@ -2,8 +2,10 @@
.depend
Makefile
Makefile.in
+genpgp.h
getdate.c
rpmversion.h
+tpgp
.libs
*.la
*.lcd
@@ .
patch -p0 <<'@@ .'
Index: rpm/lib/Makefile.am
============================================================================
$ cvs diff -u -r2.169 -r2.170 Makefile.am
--- rpm/lib/Makefile.am 18 Dec 2007 19:40:53 -0000 2.169
+++ rpm/lib/Makefile.am 28 Dec 2007 18:15:40 -0000 2.170
@@ -18,9 +18,9 @@
@WITH_FILE_CPPFLAGS@ \
@WITH_XAR_CPPFLAGS@
-EXTRA_DIST = getdate.y librpm.vers
+EXTRA_DIST = genpgp.sh getdate.y librpm.vers tpgp.c
-EXTRA_PROGRAMS =
+EXTRA_PROGRAMS = tpgp
pkgincdir = $(pkgincludedir)$(WITH_PATH_VERSIONED_SUFFIX)
pkginc_HEADERS = \
@@ -117,3 +117,10 @@
.PHONY: lint
lint:
$(LINT) $(DEFS) $(INCLUDES) $(librpm_la_SOURCES)
+
+tpgp_SOURCES = genpgp.h tpgp.c
+tpgp_CFLAGS = $(CFLAGS)
+tpgp_LDADD = librpm.la
+
+genpgp.h:
+ -sh ./genpgp.sh > genpgp.h
@@ .
patch -p0 <<'@@ .'
Index: rpm/lib/genpgp.sh
============================================================================
$ cvs diff -u -r0 -r2.1 genpgp.sh
--- /dev/null 2007-12-28 19:11:47 +0100
+++ genpgp.sh 2007-12-28 19:15:40 +0100
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+hdir="`pwd`/.gnupg"
+gpg="gpg --homedir $hdir"
+
+rm -rf $hdir
+
+$gpg --gen-key --batch << GO_SYSIN_DD
+Key-Type: DSA
+Key-Length: 1024
+Key-Usage: sign
+Name-Real: DSApub
+Name-Comment: 1024
+Name-Email: jbj@jbj.org
+%commit
+Key-Type: RSA
+Key-Length: 1024
+Key-Usage: sign
+Name-Real: RSApub
+Name-Comment: 1024
+Name-Email: jbj@jbj.org
+%commit
+GO_SYSIN_DD
+
+str="abc"
+echo "static const char * str = \"$str\";"
+
+echo "static const char * DSApub ="
+$gpg --export -a -u DSApub | sed -e'1,3d; $d' | sed -e's/^/"/; s/$/\\n"/; $d'
+echo ";"
+
+echo "static const char * DSAsig ="
+echo -n "$str" | $gpg -sab -u DSApub | sed -e'1,3d; $d' | sed -e's/^/"/; s/$/\\n"/; $d'
+echo ";"
+
+echo "static const char * RSApub ="
+$gpg --export -a -u RSApub | sed -e'1,3d; $d' | sed -e's/^/"/; s/$/\\n"/; $d'
+echo ";"
+
+echo "static const char * RSAsig ="
+echo -n "$str" | $gpg -sab -u RSApub | sed -e'1,3d; $d' | sed -e's/^/"/; s/$/\\n"/; $d'
+echo ";"
+
+rm -rf $hdir
+
@@ .
patch -p0 <<'@@ .'
Index: rpm/lib/tpgp.c
============================================================================
$ cvs diff -u -r0 -r2.1 tpgp.c
--- /dev/null 2007-12-28 19:11:47 +0100
+++ tpgp.c 2007-12-28 19:15:40 +0100
@@ -0,0 +1,173 @@
+/** \ingroup rpmio signature
+ * \file rpmio/tkey.c
+ * Routines to handle RFC-2440 detached signatures.
+ */
+
+static int _debug = 0;
+extern int _pgp_debug;
+extern int _pgp_print;
+
+#include "system.h"
+#include <rpmio.h>
+
+#define _RPMPGP_INTERNAL
+#define _RPMBC_INTERNAL
+#include <rpmbc.h>
+#define _RPMGC_INTERNAL
+#include <rpmgc.h>
+#define _RPMNSS_INTERNAL
+#include <rpmnss.h>
+#define _RPMSSL_INTERNAL
+#include <rpmssl.h>
+
+#include "genpgp.h"
+
+#include "debug.h"
+
+static int doit(const char *sig, pgpDig dig, int printing)
+{
+ const char *s, *t;
+ unsigned char * dec;
+ size_t declen;
+ char * enc;
+ int rc;
+ int i;
+
+if (_debug)
+fprintf(stderr, "*** before\n%s\n", sig);
+
+ if ((rc = b64decode(sig, (void **)&dec, &declen)) != 0) {
+ fprintf(stderr, "*** b64decode returns %d\n", rc);
+ return rc;
+ }
+ rc = pgpPrtPkts(dec, declen, dig, printing);
+ if (rc < 0) {
+ fprintf(stderr, "*** pgpPrtPkts returns %d\n", rc);
+ return rc;
+ }
+
+ if ((enc = b64encode(dec, declen)) == NULL) {
+ fprintf(stderr, "*** b64encode failed\n");
+ return rc;
+ }
+ dec = _free(dec);
+
+if (_debug)
+fprintf(stderr, "*** after\n%s\n", enc);
+
+rc = 0;
+for (i = 0, s = sig, t = enc; *s & *t; i++, s++, t++) {
+ if (*s == '\n') s++;
+ if (*t == '\n') t++;
+ if (*s == *t) continue;
+fprintf(stderr, "??? %5d %02x != %02x '%c' != '%c'\n", i, (*s & 0xff), (*t & 0xff), *s, *t);
+ rc = 5;
+}
+ enc = _free(enc);
+
+ return rc;
+}
+
+/* FIPS-186 test vectors. */
+static const char * fips_p = "8df2a494492276aa3d25759bb06869cbeac0d83afb8d0cf7cbb8324f0d7882e5d0762fc5b7210eafc2e9adac32ab7aac49693dfbf83724c2ec0736ee31c80291";
+static const char * fips_q = "c773218c737ec8ee993b4f2ded30f48edace915f";
+static const char * fips_g = "626d027839ea0a13413163a55b4cb500299d5522956cefcb3bff10f399ce2c2e71cb9de5fa24babf58e5b79521925c9cc42e9f6f464b088cc572af53e6d78802";
+
+static const char * fips_hm = "a9993e364706816aba3e25717850c26c9cd0d89d";
+
+static const char * fips_y = "19131871d75b1612a819f29d78d1b0d7346f7aa77bb62a859bfd6c5675da9d212d3a36ef1672ef660b8c7c255cc0ec74858fba33f44c06699630a76b030ee333";
+
+static const char * fips_r = "8bac1ab66410435cb7181f95b16ab97c92b341c0";
+static const char * fips_s = "41e2345f1f56df2458f426d155b4ba2db6dcd8c8";
+
+int
+main(int argc, char *argv[])
+{
+ pgpDig dig;
+ rpmbc bc;
+ int printing = -1;
+ int rc;
+
+
+ pgpImplVecs = &rpmbcImplVecs;
+
+ dig = pgpDigNew(0);
+ bc = dig->impl;
+
+ mpbzero(&bc->p); mpbsethex(&bc->p, fips_p);
+ mpbzero(&bc->q); mpbsethex(&bc->q, fips_q);
+ mpnzero(&bc->g); mpnsethex(&bc->g, fips_g);
+ mpnzero(&bc->y); mpnsethex(&bc->y, fips_y);
+ mpnzero(&bc->r); mpnsethex(&bc->r, fips_r);
+ mpnzero(&bc->s); mpnsethex(&bc->s, fips_s);
+ mpnzero(&bc->hm); mpnsethex(&bc->hm, fips_hm);
+
+ rc = pgpImplVerifyDSA(dig);
+
+fprintf(stderr, "=============================== DSA FIPS-186-1: rc %d\n", rc);
+
+ dig = pgpDigFree(dig);
+
+ pgpImplVecs = &rpmsslImplVecs;
+
+ dig = pgpDigNew(0);
+_pgp_debug = 1;
+_pgp_print = 1;
+
+fprintf(stderr, "=============================== DSA Public Key\n");
+ if ((rc = doit(DSApub, dig, printing)) != 0)
+ fprintf(stderr, "==> FAILED: rc %d\n", rc);
+
+fprintf(stderr, "=============================== DSA Signature of \"%s\"\n", str);
+ if ((rc = doit(DSAsig, dig, printing)) != 0)
+ fprintf(stderr, "==> FAILED: rc %d\n", rc);
+
+ { DIGEST_CTX ctx = rpmDigestInit(PGPHASHALGO_SHA1, RPMDIGEST_NONE);
+ pgpDigParams dsig = pgpGetSignature(dig);
+
+ rpmDigestUpdate(ctx, str, strlen(str));
+ rpmDigestUpdate(ctx, dsig->hash, dsig->hashlen);
+
+ (void) pgpImplSetDSA(ctx, dig, dsig);
+ }
+
+ rc = pgpImplVerifyDSA(dig);
+
+fprintf(stderr, "=============================== DSA verify: rc %d\n", rc);
+
+ dig = pgpDigFree(dig);
+
+ pgpImplVecs = &rpmsslImplVecs;
+
+ dig = pgpDigNew(0);
+_pgp_debug = 1;
+_pgp_print = 1;
+
+fprintf(stderr, "=============================== RSA Public Key\n");
+ if ((rc = doit(RSApub, dig, printing)) != 0)
+ fprintf(stderr, "==> FAILED: rc %d\n", rc);
+
+fprintf(stderr, "=============================== RSA Signature of \"%s\"\n", str);
+ if ((rc = doit(RSAsig, dig, printing)) != 0)
+ fprintf(stderr, "==> FAILED: rc %d\n", rc);
+
+ { DIGEST_CTX ctx = rpmDigestInit(PGPHASHALGO_SHA1, RPMDIGEST_NONE);
+ pgpDigParams dsig = pgpGetSignature(dig);
+
+ rpmDigestUpdate(ctx, str, strlen(str));
+ rpmDigestUpdate(ctx, dsig->hash, dsig->hashlen);
+
+ (void) pgpImplSetRSA(ctx, dig, dsig);
+ }
+
+ rc = pgpImplVerifyRSA(dig);
+
+fprintf(stderr, "=============================== RSA verify: rc %d\n", rc);
+
+ dig = pgpDigFree(dig);
+
+ if (pgpImplVecs == &rpmnssImplVecs)
+ NSS_Shutdown();
+
+ return rc;
+}
@@ .
Received on Fri Dec 28 19:15:40 2007