RPM Package Manager, CVS Repository
http://rpm5.org/cvs/
____________________________________________________________________________
Server: rpm5.org Name: Jeff Johnson
Root: /v/rpm/cvs Email: jbj@rpm5.org
Module: rpm Date: 28-Dec-2007 23:02:51
Branch: HEAD Handle: 2007122822025100
Modified files:
rpm/lib tpgp.c
Log:
- jbj: functional DSA/RSA verify (albeit w hotwired plaintext).
Summary:
Revision Changes Path
2.5 +69 -12 rpm/lib/tpgp.c
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: rpm/lib/tpgp.c
============================================================================
$ cvs diff -u -r2.4 -r2.5 tpgp.c
--- rpm/lib/tpgp.c 28 Dec 2007 20:55:14 -0000 2.4
+++ rpm/lib/tpgp.c 28 Dec 2007 22:02:51 -0000 2.5
@@ -29,6 +29,9 @@
int rpmCheckPgpSignatureOnFile(const char * fn, const char * sigfn,
const char * pubfn, const char * pubfingerprint)
{
+ static const char * plaintext = "This is the plaintext\n";
+ pgpDig dig;
+ pgpDigParams sigp;
const char * _fn = NULL;
const char * _sigfn = NULL;
const unsigned char * sigpkt = NULL;
@@ -36,12 +39,16 @@
const char * _pubfn = NULL;
const unsigned char * pubpkt = NULL;
size_t pubpktlen = 0;
+ DIGEST_CTX ctx = NULL;
+ int printing = 0;
int rc = 0;
int xx;
if (_debug)
fprintf(stderr, "==> check(%s, %s, %s, %s)\n", fn, sigfn, pubfn, pubfingerprint);
+ dig = pgpDigNew(0);
+
_fn = rpmExpand(fn, NULL);
_sigfn = rpmExpand(sigfn, NULL);
@@ -50,6 +57,7 @@
fprintf(stderr, "==> pgpReadPkts(%s) SIG %p[%u] ret %d\n", _sigfn, sigpkt, sigpktlen, xx);
goto exit;
}
+ xx = pgpPrtPkts((uint8_t *)sigpkt, sigpktlen, dig, printing);
_pubfn = rpmExpand(pubfn, NULL);
xx = pgpReadPkts(_pubfn, &pubpkt, &pubpktlen);
@@ -57,8 +65,58 @@
fprintf(stderr, "==> pgpReadPkts(%s) PUB %p[%u] ret %d\n", _pubfn, pubpkt, pubpktlen, xx);
goto exit;
}
+ xx = pgpPrtPkts((uint8_t *)pubpkt, pubpktlen, dig, printing);
+
+ sigp = pgpGetSignature(dig);
+
+ if (sigp->version != 3 && sigp->version != 4) {
+fprintf(stderr, "==> unverifiable V%d\n", sigp->version);
+ goto exit;
+ }
+
+ ctx = rpmDigestInit(sigp->hash_algo, RPMDIGEST_NONE);
+
+ xx = rpmDigestUpdate(ctx, plaintext, strlen(plaintext));
+
+ if (sigp->hash != NULL)
+ xx = rpmDigestUpdate(ctx, sigp->hash, sigp->hashlen);
+ if (sigp->version == 4) {
+ uint32_t nb = sigp->hashlen;
+ uint8_t trailer[6];
+ nb = htonl(nb);
+ trailer[0] = sigp->version;
+ trailer[1] = 0xff;
+ memcpy(trailer+2, &nb, sizeof(nb));
+ xx = rpmDigestUpdate(ctx, trailer, sizeof(trailer));
+ }
+
+ switch(sigp->pubkey_algo) {
+ default:
+ xx = 1;
+ break;
+ case PGPPUBKEYALGO_DSA:
+ xx = pgpImplSetDSA(ctx, dig, sigp);
+ break;
+ case PGPPUBKEYALGO_RSA:
+ xx = pgpImplSetRSA(ctx, dig, sigp);
+ break;
+ }
+ if (xx) {
+fprintf(stderr, "==> can't load pubkey_algo(%u)\n", sigp->pubkey_algo);
+ goto exit;
+ }
- rc = 1;
+ switch(sigp->pubkey_algo) {
+ default:
+ rc = 0;
+ break;
+ case PGPPUBKEYALGO_DSA:
+ rc = pgpImplVerifyDSA(dig);
+ break;
+ case PGPPUBKEYALGO_RSA:
+ rc = pgpImplVerifyRSA(dig);
+ break;
+ }
exit:
pubpkt = _free(pubpkt);
@@ -66,29 +124,28 @@
sigpkt = _free(sigpkt);
_sigfn = _free(_sigfn);
_fn = _free(_fn);
+
+ dig = pgpDigFree(dig);
+
+if (_debug)
+fprintf(stderr, "============================ verify: rc %d\n", rc);
+
return rc;
}
static
int doit(const char * sigtype)
{
- pgpDig dig;
int rc = 0;
- dig = pgpDigNew(0);
-
- if (!strcmp("DSA", sigtype))
+ if (!strcmp("DSA", sigtype)) {
rc = rpmCheckPgpSignatureOnFile("plaintext", DSAsig, DSApub, NULL);
- if (!strcmp("RSA", sigtype))
+ }
+ if (!strcmp("RSA", sigtype)) {
rc = rpmCheckPgpSignatureOnFile("plaintext", RSAsig, RSApub, NULL);
+ }
-if (_debug)
-fprintf(stderr, "============================ %s verify: rc %d\n", sigtype, rc);
-
- dig = pgpDigFree(dig);
-
return rc;
-
}
int
@@ .
Received on Fri Dec 28 23:02:51 2007