rpm  5.4.14
rpmpgp.c
Go to the documentation of this file.
1 
6 #include "system.h"
7 
8 #define _RPMIOB_INTERNAL
9 #include <rpmiotypes.h>
10 
11 #include <rpmio.h>
12 
13 #define _RPMPGP_INTERNAL
14 #include <rpmbc.h> /* XXX still needs base64 goop */
15 #if defined(WITH_NSS)
16 #include <rpmnss.h>
17 #endif
18 #include "debug.h"
19 
20 /*@access pgpDig @*/
21 /*@access pgpDigParams @*/
22 /*@access pgpPkt @*/
23 /*@access rpmiob @*/
24 
25 #ifdef __cplusplus
26 GENpair(rpmuint8_t **)
27 #endif /* __cplusplus */
28 /*@unchecked@*/
30 
31 /*@unchecked@*/
33 
34 /*@unchecked@*/
36 
37 /*@unchecked@*/
39  /* explicit selection (order DOES NOT matter here) */
40 #if defined(USE_CRYPTO_BEECRYPT) && defined(WITH_BEECRYPT)
42 #elif defined(USE_CRYPTO_GCRYPT) && defined(WITH_GCRYPT)
44 #elif defined(USE_CRYPTO_NSS) && defined(WITH_NSS)
46 #elif defined(USE_CRYPTO_OPENSSL) && defined(WITH_SSL)
48 #elif defined(USE_CRYPTO_CDSA) && defined(WITH_CDSA)
49  &rpmcdsaImplVecs;
50 #elif defined(USE_CRYPTO_TOMCRYPT) && defined(WITH_TOMCRYPT)
51  &rpmltcImplVecs;
52  /* implict selection (order DOES matter) */
53 #elif defined(WITH_BEECRYPT)
55 #elif defined(WITH_NSS)
57 #elif defined(WITH_GCRYPT)
59 #elif defined(WITH_SSL)
61 #elif defined(WITH_CDSA)
62  &rpmcdsaImplVecs;
63 #elif defined(WITH_TOMCRYPT)
64  &rpmltcImplVecs;
65 #else
66 #error INTERNAL ERROR: no suitable Cryptography library available
67 #endif
68 
69 /*@unchecked@*/ /*@refcounted@*/ /*@relnull@*/
70 static pgpDig _dig = NULL;
71 
72 /*@unchecked@*/ /*@null@*/
74 
75 #ifdef DYING
76 struct pgpPkt_s {
77  pgpTag tag;
78  unsigned int pktlen;
79  const rpmuint8_t * h;
80  unsigned int hlen;
81 };
82 #endif
83 
85  { PGPSIGTYPE_BINARY, "BINARY" },
86  { PGPSIGTYPE_TEXT, "TEXT" },
87  { PGPSIGTYPE_STANDALONE, "STANDALONE" },
88  { PGPSIGTYPE_GENERIC_CERT, "GENERIC" },
89  { PGPSIGTYPE_PERSONA_CERT, "PERSONA" },
90  { PGPSIGTYPE_CASUAL_CERT, "CASUAL" },
91  { PGPSIGTYPE_POSITIVE_CERT, "POSITIVE" },
92  { PGPSIGTYPE_SUBKEY_BINDING,"SUBKEY_BIND" },
93  { PGPSIGTYPE_KEY_BINDING, "KEY_BIND" },
94  { PGPSIGTYPE_SIGNED_KEY, "KEY" },
95  { PGPSIGTYPE_KEY_REVOKE, "KEY_REVOKE" },
96  { PGPSIGTYPE_SUBKEY_REVOKE, "SUBKEY_REVOKE" },
97  { PGPSIGTYPE_CERT_REVOKE, "CERT_REVOKE" },
98  { PGPSIGTYPE_TIMESTAMP, "TIMESTAMP" },
99  { PGPSIGTYPE_CONFIRM, "CONFIRM" },
100  { -1, "SIG_UNKNOWN" },
101 };
102 
104  { PGPPUBKEYALGO_RSA, "RSA" },
105  { PGPPUBKEYALGO_RSA_ENCRYPT,"RSA(Encrypt-Only)" },
106  { PGPPUBKEYALGO_RSA_SIGN, "RSA(Sign-Only)" },
107  { PGPPUBKEYALGO_ELGAMAL_ENCRYPT,"ELG(Encrypt-Only)" },
108  { PGPPUBKEYALGO_DSA, "DSA" },
109  { PGPPUBKEYALGO_ECDH, "ECDH" },
110  { PGPPUBKEYALGO_ECDSA, "ECDSA" },
111  { PGPPUBKEYALGO_ELGAMAL, "ELG" },
112  { PGPPUBKEYALGO_DH, "DH" },
113  { -1, "KEY_UNKNOWN" },
114 };
115 
117  { PGPSYMKEYALGO_PLAINTEXT, "Plaintext" },
118  { PGPSYMKEYALGO_IDEA, "IDEA" },
119  { PGPSYMKEYALGO_TRIPLE_DES, "3DES" },
120  { PGPSYMKEYALGO_CAST5, "CAST5" },
121  { PGPSYMKEYALGO_BLOWFISH, "BLOWFISH" },
122  { PGPSYMKEYALGO_SAFER, "SAFER" },
123  { PGPSYMKEYALGO_DES_SK, "DES/SK" },
124  { PGPSYMKEYALGO_AES_128, "AES(128-bit key)" },
125  { PGPSYMKEYALGO_AES_192, "AES(192-bit key)" },
126  { PGPSYMKEYALGO_AES_256, "AES(256-bit key)" },
127  { PGPSYMKEYALGO_TWOFISH, "TWOFISH(256-bit key)" },
128  { PGPSYMKEYALGO_CAMELLIA_128, "CAMELLIA(128-bit key)" },
129  { PGPSYMKEYALGO_CAMELLIA_192, "CAMELLIA(192-bit key)" },
130  { PGPSYMKEYALGO_CAMELLIA_256, "CAMELLIA(256-bit key)" },
131  { PGPSYMKEYALGO_NOENCRYPT, "no encryption" },
132  { -1, "SYM_UNKNOWN" },
133 };
134 
136  { PGPCOMPRESSALGO_NONE, "Uncompressed" },
137  { PGPCOMPRESSALGO_ZIP, "ZIP" },
138  { PGPCOMPRESSALGO_ZLIB, "ZLIB" },
139  { PGPCOMPRESSALGO_BZIP2, "BZIP2" },
140  { -1, "Unknown compression algorithm" },
141 };
142 
144  { PGPHASHALGO_MD5, "MD5" },
145  { PGPHASHALGO_SHA1, "SHA1" },
146  { PGPHASHALGO_RIPEMD160, "RIPEMD160" },
147  { PGPHASHALGO_MD2, "MD2" },
148  { PGPHASHALGO_TIGER192, "TIGER192" },
149  { PGPHASHALGO_HAVAL_5_160, "HAVAL-5-160" },
150  { PGPHASHALGO_SHA224, "SHA224" },
151  { PGPHASHALGO_SHA256, "SHA256" },
152  { PGPHASHALGO_SHA384, "SHA384" },
153  { PGPHASHALGO_SHA512, "SHA512" },
154  { -1, "MD_UNKNOWN" },
155 };
156 
157 /*@-exportlocal -exportheadervar@*/
158 /*@observer@*/ /*@unchecked@*/
160  { 0x80, "No-modify" },
161  { -1, "Unknown key server preference" },
162 };
163 /*@=exportlocal =exportheadervar@*/
164 
166  { PGPSUBTYPE_SIG_CREATE_TIME,"created" },
167  { PGPSUBTYPE_SIG_EXPIRE_TIME,"expires" },
168  { PGPSUBTYPE_EXPORTABLE_CERT,"exportable" },
169  { PGPSUBTYPE_TRUST_SIG, "trust signature" },
170  { PGPSUBTYPE_REGEX, "regular expression" },
171  { PGPSUBTYPE_REVOCABLE, "revocable" },
172  { PGPSUBTYPE_KEY_EXPIRE_TIME,"key expiration time" },
173  { PGPSUBTYPE_ARR, "additional recipient request" },
174  { PGPSUBTYPE_PREFER_SYMKEY, "preferred symmetric algorithms" },
175  { PGPSUBTYPE_REVOKE_KEY, "revocation key" },
176  { PGPSUBTYPE_ISSUER_KEYID, "issuer" },
177  { PGPSUBTYPE_NOTATION, "notation data" },
178  { PGPSUBTYPE_PREFER_HASH, "preferred hash algorithms" },
179  { PGPSUBTYPE_PREFER_COMPRESS,"preferred compression algorithms" },
180  { PGPSUBTYPE_KEYSERVER_PREFERS,"key server preferences" },
181  { PGPSUBTYPE_PREFER_KEYSERVER,"preferred key server" },
182  { PGPSUBTYPE_PRIMARY_USERID,"primary user id" },
183  { PGPSUBTYPE_POLICY_URL, "policy URL" },
184  { PGPSUBTYPE_KEY_FLAGS, "key flags" },
185  { PGPSUBTYPE_SIGNER_USERID, "signer's user id" },
186  { PGPSUBTYPE_REVOKE_REASON, "reason for revocation" },
187  { PGPSUBTYPE_FEATURES, "features" },
188  { PGPSUBTYPE_SIG_TARGET, "signature target" },
189  { PGPSUBTYPE_EMBEDDED_SIG, "embedded signature" },
190 
191  { PGPSUBTYPE_INTERNAL_100, "internal subpkt type 100" },
192  { PGPSUBTYPE_INTERNAL_101, "internal subpkt type 101" },
193  { PGPSUBTYPE_INTERNAL_102, "internal subpkt type 102" },
194  { PGPSUBTYPE_INTERNAL_103, "internal subpkt type 103" },
195  { PGPSUBTYPE_INTERNAL_104, "internal subpkt type 104" },
196  { PGPSUBTYPE_INTERNAL_105, "internal subpkt type 105" },
197  { PGPSUBTYPE_INTERNAL_106, "internal subpkt type 106" },
198  { PGPSUBTYPE_INTERNAL_107, "internal subpkt type 107" },
199  { PGPSUBTYPE_INTERNAL_108, "internal subpkt type 108" },
200  { PGPSUBTYPE_INTERNAL_109, "internal subpkt type 109" },
201  { PGPSUBTYPE_INTERNAL_110, "internal subpkt type 110" },
202  { -1, "Unknown signature subkey type" },
203 };
204 
205 struct pgpValTbl_s pgpTagTbl[] = {
206  { PGPTAG_PUBLIC_SESSION_KEY,"Public-Key Encrypted Session Key" },
207  { PGPTAG_SIGNATURE, "Signature" },
208  { PGPTAG_SYMMETRIC_SESSION_KEY,"Symmetric-Key Encrypted Session Key" },
209  { PGPTAG_ONEPASS_SIGNATURE, "One-Pass Signature" },
210  { PGPTAG_SECRET_KEY, "Secret Key" },
211  { PGPTAG_PUBLIC_KEY, "Public Key" },
212  { PGPTAG_SECRET_SUBKEY, "Secret Subkey" },
213  { PGPTAG_COMPRESSED_DATA, "Compressed Data" },
214  { PGPTAG_SYMMETRIC_DATA, "Symmetrically Encrypted Data" },
215  { PGPTAG_MARKER, "Marker" },
216  { PGPTAG_LITERAL_DATA, "Literal Data" },
217  { PGPTAG_TRUST, "Trust" },
218  { PGPTAG_USER_ID, "User ID" },
219  { PGPTAG_PUBLIC_SUBKEY, "Public Subkey" },
220  { PGPTAG_COMMENT_OLD, "Comment (from OpenPGP draft)" },
221  { PGPTAG_PHOTOID, "PGP's photo ID" },
222  { PGPTAG_ENCRYPTED_MDC, "Integrity protected encrypted data" },
223  { PGPTAG_MDC, "Manipulaion detection code packet" },
224  { PGPTAG_PRIVATE_60, "Private #60" },
225  { PGPTAG_COMMENT, "Comment" },
226  { PGPTAG_PRIVATE_62, "Private #62" },
227  { PGPTAG_CONTROL, "Control (GPG)" },
228  { -1, "TAG_UNKNOWN" },
229 };
230 
232  { PGPARMOR_MESSAGE, "MESSAGE" },
233  { PGPARMOR_PUBKEY, "PUBLIC KEY BLOCK" },
234  { PGPARMOR_SIGNATURE, "SIGNATURE" },
235  { PGPARMOR_SIGNED_MESSAGE, "SIGNED MESSAGE" },
236  { PGPARMOR_FILE, "ARMORED FILE" },
237  { PGPARMOR_PRIVKEY, "PRIVATE KEY BLOCK" },
238  { PGPARMOR_SECKEY, "SECRET KEY BLOCK" },
239  { -1, "Unknown armor block" }
240 };
241 
243  { PGPARMORKEY_VERSION, "Version: " },
244  { PGPARMORKEY_COMMENT, "Comment: " },
245  { PGPARMORKEY_MESSAGEID, "MessageID: " },
246  { PGPARMORKEY_HASH, "Hash: " },
247  { PGPARMORKEY_CHARSET, "Charset: " },
248  { -1, "Unknown armor key" }
249 };
250 
251 static void pgpPrtNL(void)
252  /*@globals fileSystem @*/
253  /*@modifies fileSystem @*/
254 {
255  if (!_pgp_print) return;
256  fprintf(stderr, "\n");
257 }
258 
259 static void pgpPrtInt(const char *pre, int i)
260  /*@globals fileSystem @*/
261  /*@modifies fileSystem @*/
262 {
263  if (!_pgp_print) return;
264  if (pre && *pre)
265  fprintf(stderr, "%s", pre);
266  fprintf(stderr, " %d", i);
267 }
268 
269 static void pgpPrtStr(const char *pre, const char *s)
270  /*@globals fileSystem @*/
271  /*@modifies fileSystem @*/
272 {
273  if (!_pgp_print) return;
274  if (pre && *pre)
275  fprintf(stderr, "%s", pre);
276  fprintf(stderr, " %s", s);
277 }
278 
279 static void pgpPrtHex(const char *pre, const rpmuint8_t * p, size_t plen)
280  /*@globals fileSystem @*/
281  /*@modifies fileSystem @*/
282 {
283  if (!_pgp_print) return;
284  if (pre && *pre)
285  fprintf(stderr, "%s", pre);
286  fprintf(stderr, " %s", pgpHexStr(p, plen));
287 }
288 
289 void pgpPrtVal(const char * pre, pgpValTbl vs, rpmuint8_t val)
290  /*@globals fileSystem @*/
291  /*@modifies fileSystem @*/
292 {
293  if (!_pgp_print) return;
294  if (pre && *pre)
295  fprintf(stderr, "%s", pre);
296  fprintf(stderr, "%s(%u)", pgpValStr(vs, val), (unsigned)val);
297 }
298 
299 int pgpPrtSubType(const rpmuint8_t * h, size_t hlen, pgpSigType sigtype)
300 {
301  const rpmuint8_t * p = h;
302  unsigned plen;
303  unsigned i;
304 
305  while (hlen > 0) {
306  i = pgpLen(p, &plen);
307  p += i;
308  hlen -= i;
309 
310  pgpPrtVal(" ", pgpSubTypeTbl, (p[0]&(~PGPSUBTYPE_CRITICAL)));
311  if ((p[0] & PGPSUBTYPE_CRITICAL) != (rpmuint8_t)0)
312  if (_pgp_print)
313  fprintf(stderr, " *CRITICAL*");
314  switch (*p) {
315  case PGPSUBTYPE_PREFER_SYMKEY: /* preferred symmetric algorithms */
316  for (i = 1; i < plen; i++)
317  pgpPrtVal(" ", pgpSymkeyTbl, p[i]);
318  /*@switchbreak@*/ break;
319  case PGPSUBTYPE_PREFER_HASH: /* preferred hash algorithms */
320  for (i = 1; i < plen; i++)
321  pgpPrtVal(" ", pgpHashTbl, p[i]);
322  /*@switchbreak@*/ break;
323  case PGPSUBTYPE_PREFER_COMPRESS:/* preferred compression algorithms */
324  for (i = 1; i < plen; i++)
325  pgpPrtVal(" ", pgpCompressionTbl, p[i]);
326  /*@switchbreak@*/ break;
327  case PGPSUBTYPE_KEYSERVER_PREFERS:/* key server preferences */
328  for (i = 1; i < plen; i++)
329  pgpPrtVal(" ", pgpKeyServerPrefsTbl, p[i]);
330  /*@switchbreak@*/ break;
332 /*@-mods -mayaliasunique @*/
333  if (_digp && !(_digp->saved & PGPDIG_SAVED_TIME) &&
334  (sigtype == PGPSIGTYPE_POSITIVE_CERT || sigtype == PGPSIGTYPE_BINARY || sigtype == PGPSIGTYPE_TEXT || sigtype == PGPSIGTYPE_STANDALONE))
335  {
336  _digp->saved |= PGPDIG_SAVED_TIME;
337  memcpy(_digp->time, p+1, sizeof(_digp->time));
338  }
339 /*@=mods =mayaliasunique @*/
340  if ((plen - 1) == 4) {
341  time_t t = pgpGrab(p+1, plen-1);
342  if (_pgp_print)
343  fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t);
344  } else
345  pgpPrtHex("", p+1, plen-1);
346  /*@switchbreak@*/ break;
348  case PGPSUBTYPE_KEY_EXPIRE_TIME: /* XXX only on self-signature */
349  if ((plen - 1) == 4) {
350  time_t t = pgpGrab(p+1, plen-1);
351  if (_digp->saved & PGPDIG_SAVED_TIME)
352  t += pgpGrab(_digp->time, sizeof(_digp->time));
353  if (_pgp_print)
354  fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t);
355  } else
356  pgpPrtHex("", p+1, plen-1);
357  /*@switchbreak@*/ break;
358 
359  case PGPSUBTYPE_ISSUER_KEYID: /* issuer key ID */
360 /*@-mods -mayaliasunique @*/
361  if (_digp && !(_digp->saved & PGPDIG_SAVED_ID) &&
362  (sigtype == PGPSIGTYPE_POSITIVE_CERT || sigtype == PGPSIGTYPE_BINARY || sigtype == PGPSIGTYPE_TEXT || sigtype == PGPSIGTYPE_STANDALONE))
363  {
364  _digp->saved |= PGPDIG_SAVED_ID;
365  memcpy(_digp->signid, p+1, sizeof(_digp->signid));
366  }
367 /*@=mods =mayaliasunique @*/
368  /*@fallthrough@*/
371  case PGPSUBTYPE_REGEX:
373  case PGPSUBTYPE_ARR:
375  case PGPSUBTYPE_NOTATION:
382  case PGPSUBTYPE_FEATURES:
396  default:
397  pgpPrtHex("", p+1, plen-1);
398  /*@switchbreak@*/ break;
399  }
400  pgpPrtNL();
401  p += plen;
402  hlen -= plen;
403  }
404  return 0;
405 }
406 
407 /*@-varuse =readonlytrans -nullassign @*/
408 /*@observer@*/ /*@unchecked@*/
409 static const char * pgpSigRSA[] = {
410  " m**d =",
411  NULL,
412 };
413 
414 /*@observer@*/ /*@unchecked@*/
415 static const char * pgpSigDSA[] = {
416  " r =",
417  " s =",
418  NULL,
419 };
420 
421 /*@observer@*/ /*@unchecked@*/
422 static const char * pgpSigECDSA[] = {
423  " r =",
424  " s =",
425  NULL,
426 };
427 /*@=varuse =readonlytrans =nullassign @*/
428 
429 int pgpPrtSigParams(pgpDig dig, const pgpPkt pp, pgpPubkeyAlgo pubkey_algo,
430  pgpSigType sigtype, const rpmuint8_t * p)
431 {
432  const rpmuint8_t * pend = pp->u.h + pp->hlen;
433  int xx;
434  int i;
435 
436  for (i = 0; p < pend; i++, p += pgpMpiLen(p)) {
437  if (pubkey_algo == PGPPUBKEYALGO_RSA) {
438  if (i >= 1) break;
439  if (dig &&
440  (dig != _dig || sigtype == PGPSIGTYPE_BINARY || sigtype == PGPSIGTYPE_TEXT))
441  {
442  xx = 0;
443  switch (i) {
444  case 0: /* m**d */
445  xx = pgpImplMpiItem(pgpSigRSA[i], dig, 10+i, p, pend);
446  /*@switchbreak@*/ break;
447  default:
448  xx = 1;
449  /*@switchbreak@*/ break;
450  }
451  if (xx) return xx;
452  }
453  pgpPrtStr("", pgpSigRSA[i]);
454  } else if (pubkey_algo == PGPPUBKEYALGO_DSA) {
455  if (i >= 2) break;
456  if (dig &&
457  (dig != _dig || sigtype == PGPSIGTYPE_BINARY || sigtype == PGPSIGTYPE_TEXT))
458  {
459  xx = 0;
460  switch (i) {
461  case 0: /* r */
462  xx = pgpImplMpiItem(pgpSigDSA[i], dig, 20+i, p, pend);
463  /*@switchbreak@*/ break;
464  case 1: /* s */
465  xx = pgpImplMpiItem(pgpSigDSA[i], dig, 20+i, p, pend);
466  /*@switchbreak@*/ break;
467  default:
468  xx = 1;
469  /*@switchbreak@*/ break;
470  }
471  if (xx) return xx;
472  }
473  pgpPrtStr("", pgpSigDSA[i]);
474  } else if (pubkey_algo == PGPPUBKEYALGO_ECDSA) {
475  if (i >= 2) break;
476  if (dig &&
477  (dig != _dig || sigtype == PGPSIGTYPE_BINARY || sigtype == PGPSIGTYPE_TEXT))
478  {
479  xx = 0;
480  switch (i) {
481  case 0: /* r */
482  xx = pgpImplMpiItem(pgpSigECDSA[i], dig, 50+i, p, pend);
483  /*@switchbreak@*/ break;
484  case 1: /* s */
485  xx = pgpImplMpiItem(pgpSigECDSA[i], dig, 50+i, p, pend);
486  /*@switchbreak@*/ break;
487  default:
488  xx = 1;
489  /*@switchbreak@*/ break;
490  }
491  if (xx) return xx;
492  }
493  pgpPrtStr("", pgpSigECDSA[i]);
494  } else {
495  if (_pgp_print)
496  fprintf(stderr, "%7d", i);
497  }
498  pgpPrtStr("", pgpMpiStr(p));
499  pgpPrtNL();
500  }
501 
502  return 0;
503 }
504 
505 int pgpPrtSig(const pgpPkt pp)
506  /*@globals _digp @*/
507  /*@modifies *_digp @*/
508 {
509  rpmuint8_t version = pp->u.h[0];
510  rpmuint8_t * p;
511  unsigned plen;
512  int rc;
513 
514  switch (version) {
515  case 3:
516  { pgpPktSigV3 v = (pgpPktSigV3)pp->u.h;
517  time_t t;
518 
519  if (v->hashlen != (rpmuint8_t)5)
520  return 1;
521 
522  pgpPrtVal("V3 ", pgpTagTbl, (rpmuint8_t)pp->tag);
523  pgpPrtVal(" ", pgpPubkeyTbl, v->pubkey_algo);
524  pgpPrtVal(" ", pgpHashTbl, v->hash_algo);
525  pgpPrtVal(" ", pgpSigTypeTbl, v->sigtype);
526  pgpPrtNL();
527  t = pgpGrab(v->time, sizeof(v->time));
528  if (_pgp_print)
529  fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t);
530  pgpPrtNL();
531  pgpPrtHex(" signer keyid", v->signid, sizeof(v->signid));
532  plen = pgpGrab(v->signhash16, sizeof(v->signhash16));
533  pgpPrtHex(" signhash16", v->signhash16, sizeof(v->signhash16));
534  pgpPrtNL();
535 
536  if (_digp && _digp->pubkey_algo == (rpmuint8_t)0) {
537  _digp->version = v->version;
538  _digp->hashlen = (size_t) v->hashlen;
539  _digp->sigtype = v->sigtype;
540  _digp->hash = &v->sigtype;
541  memcpy(_digp->time, v->time, sizeof(_digp->time));
542  memcpy(_digp->signid, v->signid, sizeof(_digp->signid));
543  _digp->pubkey_algo = v->pubkey_algo;
544  _digp->hash_algo = v->hash_algo;
545  memcpy(_digp->signhash16, v->signhash16, sizeof(_digp->signhash16));
546  }
547 
548  p = ((rpmuint8_t *)v) + sizeof(*v);
549  rc = pgpPrtSigParams(_dig, pp, (pgpPubkeyAlgo)v->pubkey_algo,
550  (pgpSigType)v->sigtype, p);
551  } break;
552  case 4:
553  { pgpPktSigV4 v = (pgpPktSigV4)pp->u.h;
554 
555  pgpPrtVal("V4 ", pgpTagTbl, (rpmuint8_t)pp->tag);
556  pgpPrtVal(" ", pgpPubkeyTbl, v->pubkey_algo);
557  pgpPrtVal(" ", pgpHashTbl, v->hash_algo);
558  pgpPrtVal(" ", pgpSigTypeTbl, v->sigtype);
559  pgpPrtNL();
560 
561  p = &v->hashlen[0];
562  plen = pgpGrab(v->hashlen, sizeof(v->hashlen));
563  p += sizeof(v->hashlen);
564 
565  if ((p + plen) > (pp->u.h + pp->hlen))
566  return 1;
567 
568 if (_pgp_debug && _pgp_print)
569 fprintf(stderr, " hash[%u] -- %s\n", plen, pgpHexStr(p, plen));
570  if (_digp && _digp->pubkey_algo == (rpmuint8_t)0) {
571  _digp->hashlen = sizeof(*v) + plen;
572  _digp->hash = pp->u.h;
573  }
574  (void) pgpPrtSubType(p, plen, (pgpSigType)v->sigtype);
575  p += plen;
576 
577  plen = pgpGrab(p, 2);
578  p += 2;
579 
580  if ((p + plen) > (pp->u.h + pp->hlen))
581  return 1;
582 
583 if (_pgp_debug && _pgp_print)
584 fprintf(stderr, " unhash[%u] -- %s\n", plen, pgpHexStr(p, plen));
585  (void) pgpPrtSubType(p, plen, (pgpSigType)v->sigtype);
586  p += plen;
587 
588  plen = pgpGrab(p,2);
589  pgpPrtHex(" signhash16", p, 2);
590  pgpPrtNL();
591 
592  if (_digp && _digp->pubkey_algo == (rpmuint8_t)0) {
593  _digp->version = v->version;
594  _digp->sigtype = v->sigtype;
595  _digp->pubkey_algo = v->pubkey_algo;
596  _digp->hash_algo = v->hash_algo;
597  memcpy(_digp->signhash16, p, sizeof(_digp->signhash16));
598  }
599 
600  p += 2;
601  if (p > (pp->u.h + pp->hlen))
602  return 1;
603 
604  rc = pgpPrtSigParams(_dig, pp, (pgpPubkeyAlgo)v->pubkey_algo,
605  (pgpSigType)v->sigtype, p);
606  } break;
607  default:
608  rc = 1;
609  break;
610  }
611  return rc;
612 }
613 
614 /*@-varuse =readonlytrans -nullassign @*/
615 /*@observer@*/ /*@unchecked@*/
616 static const char * pgpPublicRSA[] = {
617  " n =",
618  " e =",
619  NULL,
620 };
621 
622 #ifdef NOTYET
623 /*@observer@*/ /*@unchecked@*/
624 static const char * pgpSecretRSA[] = {
625  " d =",
626  " p =",
627  " q =",
628  " u =",
629  NULL,
630 };
631 #endif
632 
633 /*@observer@*/ /*@unchecked@*/
634 static const char * pgpPublicDSA[] = {
635  " p =",
636  " q =",
637  " g =",
638  " y =",
639  NULL,
640 };
641 
642 #ifdef NOTYET
643 /*@observer@*/ /*@unchecked@*/
644 static const char * pgpSecretDSA[] = {
645  " x =",
646  NULL,
647 };
648 #endif
649 
650 /*@observer@*/ /*@unchecked@*/
651 static const char * pgpPublicECDSA[] = {
652  " Q =",
653  NULL,
654 };
655 
656 #ifdef NOTYET
657 /*@observer@*/ /*@unchecked@*/
658 static const char * pgpSecretECDSA[] = {
659  " d =",
660  NULL,
661 };
662 #endif
663 
664 /*@observer@*/ /*@unchecked@*/
665 static const char * pgpPublicELGAMAL[] = {
666  " p =",
667  " g =",
668  " y =",
669  NULL,
670 };
671 
672 #ifdef NOTYET
673 /*@observer@*/ /*@unchecked@*/
674 static const char * pgpSecretELGAMAL[] = {
675  " x =",
676  NULL,
677 };
678 #endif
679 /*@=varuse =readonlytrans =nullassign @*/
680 
682  pgpPubkeyAlgo pubkey_algo, /*@returned@*/ const rpmuint8_t * p)
683 {
684  const rpmuint8_t * pend = pp->u.h + pp->hlen;
685  int i;
686 
687  for (i = 0; p < pend; i++, p += pgpMpiLen(p)) {
688  if (pubkey_algo == PGPPUBKEYALGO_RSA) {
689  if (i >= 2) break;
690  if (dig) {
691  switch (i) {
692  case 0: /* n */
693  (void) pgpImplMpiItem(pgpPublicRSA[i], dig, 30+i, p, NULL);
694  /*@switchbreak@*/ break;
695  case 1: /* e */
696  (void) pgpImplMpiItem(pgpPublicRSA[i], dig, 30+i, p, NULL);
697  /*@switchbreak@*/ break;
698  default:
699  /*@switchbreak@*/ break;
700  }
701  }
702  pgpPrtStr("", pgpPublicRSA[i]);
703  } else if (pubkey_algo == PGPPUBKEYALGO_DSA) {
704  if (i >= 4) break;
705  if (dig) {
706  switch (i) {
707  case 0: /* p */
708  (void) pgpImplMpiItem(pgpPublicDSA[i], dig, 40+i, p, NULL);
709  /*@switchbreak@*/ break;
710  case 1: /* q */
711  (void) pgpImplMpiItem(pgpPublicDSA[i], dig, 40+i, p, NULL);
712  /*@switchbreak@*/ break;
713  case 2: /* g */
714  (void) pgpImplMpiItem(pgpPublicDSA[i], dig, 40+i, p, NULL);
715  /*@switchbreak@*/ break;
716  case 3: /* y */
717  (void) pgpImplMpiItem(pgpPublicDSA[i], dig, 40+i, p, NULL);
718  /*@switchbreak@*/ break;
719  default:
720  /*@switchbreak@*/ break;
721  }
722  }
723  pgpPrtStr("", pgpPublicDSA[i]);
724  } else if (pubkey_algo == PGPPUBKEYALGO_ECDSA) {
725  if (i >= 1) break;
726  if (dig) {
727  switch (i) {
728  case 0: /* curve_oid & Q */
729  (void) pgpImplMpiItem(pgpPublicECDSA[i], dig, 60, p+1, p+1+p[0]);
730  (void) pgpImplMpiItem(pgpPublicECDSA[i], dig, 61, p+1+p[0], NULL);
731  /*@switchbreak@*/ break;
732  default:
733  /*@switchbreak@*/ break;
734  }
735  }
736  if (i == 0) {
737  pgpPrtHex(" Curve = [ OID]:", p+1, p[0]);
738  p += 1 + p[0];
739  pgpPrtNL();
740  }
741  pgpPrtStr("", pgpPublicECDSA[i]);
742  } else if (pubkey_algo == PGPPUBKEYALGO_ELGAMAL_ENCRYPT) {
743  if (i >= 3) break;
744  pgpPrtStr("", pgpPublicELGAMAL[i]);
745  } else {
746  if (_pgp_print)
747  fprintf(stderr, "%7d", i);
748  }
749  pgpPrtStr("", pgpMpiStr(p));
750  pgpPrtNL();
751  }
752 
753  return p;
754 }
755 
756 static const rpmuint8_t * pgpPrtSeckeyParams(const pgpPkt pp,
757  /*@unused@*/ rpmuint8_t pubkey_algo,
758  /*@returned@*/ const rpmuint8_t *p)
759  /*@globals fileSystem @*/
760  /*@modifies fileSystem @*/
761 {
762  int i;
763 
764  switch (*p) {
765  case 0:
766  pgpPrtVal(" ", pgpSymkeyTbl, *p);
767  break;
768  case 255:
769  p++;
770  pgpPrtVal(" ", pgpSymkeyTbl, *p);
771  switch (p[1]) {
772  case 0x00:
773  pgpPrtVal(" simple ", pgpHashTbl, p[2]);
774  p += 2;
775  /*@innerbreak@*/ break;
776  case 0x01:
777  pgpPrtVal(" salted ", pgpHashTbl, p[2]);
778  pgpPrtHex("", p+3, 8);
779  p += 10;
780  /*@innerbreak@*/ break;
781  case 0x03:
782  pgpPrtVal(" iterated/salted ", pgpHashTbl, p[2]);
783  i = (16 + ((unsigned)p[11] & 0xf)) << (((unsigned)p[11] >> 4U) + 6);
784  pgpPrtHex("", p+3, 8);
785  pgpPrtInt(" iter", i);
786  p += 11;
787  /*@innerbreak@*/ break;
788  }
789  break;
790  default:
791  pgpPrtVal(" ", pgpSymkeyTbl, *p);
792  pgpPrtHex(" IV", p+1, 8);
793  p += 8;
794  break;
795  }
796  pgpPrtNL();
797 
798  p++;
799 
800 #ifdef NOTYET /* XXX encrypted MPI's need to be handled. */
801  for (i = 0; p < &pp->u.h[pp->hlen]; i++, p += pgpMpiLen(p)) {
802  if (pubkey_algo == PGPPUBKEYALGO_RSA) {
803  if (pgpSecretRSA[i] == NULL) break;
804  pgpPrtStr("", pgpSecretRSA[i]);
805  } else if (pubkey_algo == PGPPUBKEYALGO_DSA) {
806  if (pgpSecretDSA[i] == NULL) break;
807  pgpPrtStr("", pgpSecretDSA[i]);
808  } else if (pubkey_algo == PGPPUBKEYALGO_ECDSA) {
809  if (pgpSecretECDSA[i] == NULL) break;
810  pgpPrtStr("", pgpSecretECDSA[i]);
811  } else if (pubkey_algo == PGPPUBKEYALGO_ELGAMAL_ENCRYPT) {
812  if (pgpSecretELGAMAL[i] == NULL) break;
813  pgpPrtStr("", pgpSecretELGAMAL[i]);
814  } else {
815  if (_pgp_print)
816  fprintf(stderr, "%7d", i);
817  }
818  pgpPrtStr("", pgpMpiStr(p));
819  pgpPrtNL();
820  }
821 #else
822  pgpPrtHex(" secret", p, (pp->hlen - (p - pp->u.h) - 2));
823  pgpPrtNL();
824  p += (pp->hlen - (p - pp->u.h) - 2);
825 #endif
826  pgpPrtHex(" checksum", p, 2);
827  pgpPrtNL();
828 
829  return p;
830 }
831 
832 int pgpPrtKey(const pgpPkt pp)
833  /*@globals _digp @*/
834  /*@modifies *_digp @*/
835 {
836  rpmuint8_t version = pp->u.h[0];
837  const rpmuint8_t * p;
838  unsigned plen;
839  time_t t;
840  int rc;
841 
842  switch (version) {
843  case 3:
844  { pgpPktKeyV3 v = (pgpPktKeyV3)pp->u.h;
845  pgpPrtVal("V3 ", pgpTagTbl, (rpmuint8_t)pp->tag);
846  pgpPrtVal(" ", pgpPubkeyTbl, v->pubkey_algo);
847  t = pgpGrab(v->time, sizeof(v->time));
848  if (_pgp_print)
849  fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t);
850  plen = pgpGrab(v->valid, sizeof(v->valid));
851  if (plen != 0)
852  fprintf(stderr, " valid %u days", plen);
853  pgpPrtNL();
854 
855  if (_digp && _digp->tag == (rpmuint8_t)pp->tag) {
856  _digp->version = v->version;
857  memcpy(_digp->time, v->time, sizeof(_digp->time));
858  _digp->pubkey_algo = v->pubkey_algo;
859  }
860 
861  p = ((rpmuint8_t *)v) + sizeof(*v);
862  p = pgpPrtPubkeyParams(_dig, pp, (pgpPubkeyAlgo)v->pubkey_algo, p);
863  rc = 0;
864  } break;
865  case 4:
866  { pgpPktKeyV4 v = (pgpPktKeyV4)pp->u.h;
867  pgpPrtVal("V4 ", pgpTagTbl, (rpmuint8_t)pp->tag);
868  pgpPrtVal(" ", pgpPubkeyTbl, v->pubkey_algo);
869  t = pgpGrab(v->time, sizeof(v->time));
870  if (_pgp_print)
871  fprintf(stderr, " %-24.24s(0x%08x)", ctime(&t), (unsigned)t);
872  pgpPrtNL();
873 
874  if (_digp && _digp->tag == (rpmuint8_t)pp->tag) {
875  _digp->version = v->version;
876  memcpy(_digp->time, v->time, sizeof(_digp->time));
877  _digp->pubkey_algo = v->pubkey_algo;
878  }
879 
880  p = ((rpmuint8_t *)v) + sizeof(*v);
881  p = pgpPrtPubkeyParams(_dig, pp, (pgpPubkeyAlgo)v->pubkey_algo, p);
882  if (!(pp->tag == PGPTAG_PUBLIC_KEY || pp->tag == PGPTAG_PUBLIC_SUBKEY))
883  p = pgpPrtSeckeyParams(pp, v->pubkey_algo, p);
884  rc = 0;
885  } break;
886  default:
887  rc = 1;
888  break;
889  }
890  return rc;
891 }
892 
893 int pgpPrtUserID(const pgpPkt pp)
894  /*@globals _digp @*/
895  /*@modifies *_digp @*/
896 {
897  pgpPrtVal("", pgpTagTbl, (rpmuint8_t)pp->tag);
898  if (_pgp_print)
899  fprintf(stderr, " \"%.*s\"", (int)pp->hlen, (const char *)pp->u.h);
900  pgpPrtNL();
901  if (_digp) {
902  char * t = (char *) memcpy(xmalloc(pp->hlen+1), pp->u.h, pp->hlen);
903  t[pp->hlen] = '\0';
904  _digp->userid = _free(_digp->userid);
905  _digp->userid = t;
906  }
907  return 0;
908 }
909 
910 int pgpPrtComment(const pgpPkt pp)
911 {
912  const rpmuint8_t * h = pp->u.h;
913  int i = pp->hlen;
914 
915  pgpPrtVal("", pgpTagTbl, (rpmuint8_t)pp->tag);
916  if (_pgp_print)
917  fprintf(stderr, " ");
918  while (i > 0) {
919  int j;
920  if (*h >= (rpmuint8_t)' ' && *h <= (rpmuint8_t)'z') {
921  j = 0;
922  while (j < i && h[j] != (rpmuint8_t)'\0')
923  j++;
924  while (j < i && h[j] == (rpmuint8_t)'\0')
925  j++;
926  if (_pgp_print && j)
927  fprintf(stderr, "%.*s", (int)strlen((const char *)h), (const char *)h);
928  } else {
929  pgpPrtHex("", h, i);
930  j = i;
931  }
932  i -= j;
933  h += j;
934  }
935  pgpPrtNL();
936  return 0;
937 }
938 
939 int pgpPktLen(const rpmuint8_t *pkt, size_t pleft, pgpPkt pp)
940 {
941  unsigned int val = (unsigned int)*pkt;
942  unsigned int plen;
943 
944  memset(pp, 0, sizeof(*pp));
945  /* XXX can't deal with these. */
946  if (!(val & 0x80))
947  return -1;
948 
949  if (val & 0x40) {
950  pp->tag = (pgpTag) (val & 0x3f);
951  plen = pgpLen(pkt+1, &pp->hlen);
952  } else {
953  pp->tag = (pgpTag) ((val >> 2) & 0xf);
954  plen = (1 << (val & 0x3));
955  pp->hlen = pgpGrab(pkt+1, plen);
956  }
957 
958  pp->pktlen = 1 + plen + pp->hlen;
959  if (pleft > 0 && pp->pktlen > (unsigned)pleft)
960  return -1;
961 
962 /*@-assignexpose -temptrans @*/
963  pp->u.h = pkt + 1 + plen;
964 /*@=assignexpose =temptrans @*/
965 
966  return pp->pktlen;
967 }
968 
969 int pgpPubkeyFingerprint(const rpmuint8_t * pkt, size_t pktlen, rpmuint8_t * keyid)
970 {
971  pgpPkt pp = (pgpPkt) alloca(sizeof(*pp));
972  int rc = pgpPktLen(pkt, pktlen, pp);
973  const rpmuint8_t * se;
974  int i;
975 
976  if (!(pp->tag == PGPTAG_PUBLIC_KEY || pp->tag == PGPTAG_PUBLIC_SUBKEY))
977  return -1;
978 
979  /* Choose the correct keyid. */
980  switch (pp->u.h[0]) {
981  default: return -1;
982  case 3:
983  { pgpPktKeyV3 v = (pgpPktKeyV3) (pp->u.h);
984  se = (rpmuint8_t *)(v + 1);
985  switch (v->pubkey_algo) {
986  default: return -1;
987  case PGPPUBKEYALGO_RSA:
988  se += pgpMpiLen(se);
989  memmove(keyid, (se-8), 8);
990  /*@innerbreak@*/ break;
991  }
992  } break;
993  case 4:
994  { pgpPktKeyV4 v = (pgpPktKeyV4) (pp->u.h);
995  rpmuint8_t * d = NULL;
996  size_t dlen = 0;
997 
998  se = (rpmuint8_t *)(v + 1);
999  switch (v->pubkey_algo) {
1000  default: return -1;
1001  case PGPPUBKEYALGO_RSA:
1002  for (i = 0; i < 2; i++)
1003  se += pgpMpiLen(se);
1004  /*@innerbreak@*/ break;
1005  case PGPPUBKEYALGO_DSA:
1006  for (i = 0; i < 4; i++)
1007  se += pgpMpiLen(se);
1008  /*@innerbreak@*/ break;
1009  case PGPPUBKEYALGO_ECDSA:
1010  se += 1 + se[0];
1011  for (i = 0; i < 1; i++)
1012  se += pgpMpiLen(se);
1013  /*@innerbreak@*/ break;
1014  }
1016  (void) rpmDigestUpdate(ctx, pkt, (se-pkt));
1017  (void) rpmDigestFinal(ctx, &d, &dlen, 0);
1018  }
1019 
1020  memmove(keyid, (d + (dlen-8)), 8);
1021  d = _free(d);
1022  } break;
1023  }
1024  rc = 0;
1025  return rc;
1026 }
1027 
1028 int pgpExtractPubkeyFingerprint(const char * b64pkt, rpmuint8_t * keyid)
1029 {
1030  const rpmuint8_t * pkt;
1031  size_t pktlen;
1032 
1033  if (b64decode(b64pkt, (void **)&pkt, &pktlen))
1034  return -1; /* on error */
1035  (void) pgpPubkeyFingerprint(pkt, (unsigned int)pktlen, keyid);
1036  pkt = _free(pkt);
1037  return 8; /* no. of bytes of pubkey signid */
1038 }
1039 
1040 int pgpPrtPkt(const rpmuint8_t * pkt, size_t pleft)
1041 {
1042  pgpPkt pp = (pgpPkt) alloca(sizeof(*pp));
1043  int rc = pgpPktLen(pkt, pleft, pp);
1044 
1045  if (rc < 0)
1046  return rc;
1047 
1048  switch (pp->tag) {
1049  case PGPTAG_SIGNATURE:
1050  rc = pgpPrtSig(pp);
1051  break;
1052  case PGPTAG_PUBLIC_KEY:
1053  /* Get the public key fingerprint. */
1054  if (_digp) {
1055 /*@-mods@*/
1056  if (!pgpPubkeyFingerprint(pkt, pp->pktlen, _digp->signid))
1057  _digp->saved |= PGPDIG_SAVED_ID;
1058  else
1059  memset(_digp->signid, 0, sizeof(_digp->signid));
1060 /*@=mods@*/
1061  }
1062  /*@fallthrough@*/
1063  case PGPTAG_PUBLIC_SUBKEY:
1064  rc = pgpPrtKey(pp);
1065  break;
1066  case PGPTAG_SECRET_KEY:
1067  case PGPTAG_SECRET_SUBKEY:
1068  rc = pgpPrtKey(pp);
1069  break;
1070  case PGPTAG_USER_ID:
1071  rc = pgpPrtUserID(pp);
1072  break;
1073  case PGPTAG_COMMENT:
1074  case PGPTAG_COMMENT_OLD:
1075  rc = pgpPrtComment(pp);
1076  break;
1077 
1078  case PGPTAG_RESERVED:
1082  case PGPTAG_SYMMETRIC_DATA:
1083  case PGPTAG_MARKER:
1084  case PGPTAG_LITERAL_DATA:
1085  case PGPTAG_TRUST:
1086  case PGPTAG_PHOTOID:
1087  case PGPTAG_ENCRYPTED_MDC:
1088  case PGPTAG_MDC:
1089  case PGPTAG_PRIVATE_60:
1090  case PGPTAG_PRIVATE_62:
1091  case PGPTAG_CONTROL:
1092  default:
1093  pgpPrtVal("", pgpTagTbl, (rpmuint8_t)pp->tag);
1094  pgpPrtHex("", pp->u.h, pp->hlen);
1095  pgpPrtNL();
1096  rc = 0;
1097  break;
1098  }
1099 
1100  return (rc ? -1 : (int)pp->pktlen);
1101 }
1102 
1103 /*@unchecked@*/
1105 
1107 {
1108  if (dig != NULL) {
1109  dig->signature.userid = _free(dig->signature.userid);
1110  dig->pubkey.userid = _free(dig->pubkey.userid);
1111  dig->pubkey_algoN = NULL;
1112  dig->hash_algoN = NULL;
1113  memset(&dig->dops, 0, sizeof(dig->dops));
1114  memset(&dig->sops, 0, sizeof(dig->sops));
1115  dig->ppkts = _free(dig->ppkts);
1116  dig->npkts = 0;
1117  dig->signature.hash = NULL;
1118  dig->signature.hashlen = 0;
1119  dig->pubkey.hash = NULL;
1120  dig->pubkey.hashlen = 0;
1121 
1122  memset(&dig->signature, 0, sizeof(dig->signature));
1123  memset(&dig->pubkey, 0, sizeof(dig->pubkey));
1124 
1125  dig->md5 = _free(dig->md5);
1126  dig->md5len = 0;
1127  dig->sha1 = _free(dig->sha1);
1128  dig->sha1len = 0;
1129 
1130  pgpImplClean(dig->impl);
1131 
1132  }
1133 /*@-nullstate@*/
1134  return;
1135 /*@=nullstate@*/
1136 }
1137 
1138 static void pgpDigFini(void * __dig)
1139  /*@globals fileSystem, internalState @*/
1140  /*@modifies __dig, fileSystem, internalState @*/
1141 {
1142  pgpDig dig = (pgpDig) __dig;
1143 
1144  dig->sig = _free(dig->sig);
1145  dig->siglen = 0;
1146  dig->pub = _free(dig->pub);
1147  dig->publen = 0;
1148 
1149  /* XXX there's a recursion here ... release and reacquire the lock */
1150 #ifndef BUGGY
1151  yarnRelease(dig->_item.use);
1152 #endif
1153  /* Dump the signature/pubkey data. */
1154  pgpDigClean(dig);
1155 #ifndef BUGGY
1156  yarnPossess(dig->_item.use);
1157 #endif
1158 
1159  if (dig->hdrctx != NULL)
1160  (void) rpmDigestFinal(dig->hdrctx, NULL, NULL, 0);
1161  dig->hdrctx = NULL;
1162 
1163  if (dig->hdrsha1ctx != NULL)
1164  (void) rpmDigestFinal(dig->hdrsha1ctx, NULL, NULL, 0);
1165  dig->hdrsha1ctx = NULL;
1166 
1167  if (dig->sha1ctx != NULL)
1168  (void) rpmDigestFinal(dig->sha1ctx, NULL, NULL, 0);
1169  dig->sha1ctx = NULL;
1170 
1171 #ifdef NOTYET
1172  if (dig->hdrmd5ctx != NULL)
1173  (void) rpmDigestFinal(dig->hdrmd5ctx, NULL, NULL, 0);
1174  dig->hdrmd5ctx = NULL;
1175 #endif
1176 
1177  if (dig->md5ctx != NULL)
1178  (void) rpmDigestFinal(dig->md5ctx, NULL, NULL, 0);
1179  dig->md5ctx = NULL;
1180 
1181  dig->impl = pgpImplFree(dig->impl);
1182 
1183 }
1184 
1185 /*@unchecked@*/ /*@only@*/ /*@null@*/
1187 
1188 static pgpDig digGetPool(/*@null@*/ rpmioPool pool)
1189  /*@globals _digPool, fileSystem @*/
1190  /*@modifies pool, _digPool, fileSystem @*/
1191 {
1192  pgpDig dig;
1193 
1194  if (_digPool == NULL) {
1195  _digPool = rpmioNewPool("dig", sizeof(*dig), -1, _pgp_debug,
1196  NULL, NULL, pgpDigFini);
1197  pool = _digPool;
1198  }
1199 
1200  dig = (pgpDig) rpmioGetPool(pool, sizeof(*dig));
1201  memset(((char *)dig)+sizeof(dig->_item), 0, sizeof(*dig)-sizeof(dig->_item));
1202  return dig;
1203 }
1204 
1206 {
1207  pgpDig dig = pgpDigLink( digGetPool(_digPool) );
1208  pgpDigParams pubp = pgpGetPubkey(dig);
1209 
1210  /* XXX FIXME: always set default flags, ignore the arg. */
1211  dig->vsflags = (vsflags != RPMVSF_DEFAULT ? vsflags : pgpDigVSFlags);
1212  dig->impl = pgpImplInit();
1213  /* XXX FIXME: always set default pubkey_algo, ignore the arg. */
1214  pubp->pubkey_algo = pubkey_algo;
1215 
1216  if (pubp->pubkey_algo) {
1217  int xx = pgpImplGenerate(dig);
1218 assert(xx == 1);
1219  /* XXX FIXME: limited to DSA from BeeCrypt for now. */
1220  if (pgpImplVecs == &rpmbcImplVecs)
1221  xx = rpmbcExportPubkey(dig);
1222  }
1223  return dig;
1224 }
1225 
1227 {
1228  return (dig ? &dig->signature : NULL);
1229 }
1230 
1232 {
1233  return (dig ? &dig->pubkey : NULL);
1234 }
1235 
1237 {
1238  return (dig ? dig->sigtag : 0);
1239 }
1240 
1242 {
1243  return (dig ? dig->sigtype : 0);
1244 }
1245 
1246 const void * pgpGetSig(pgpDig dig)
1247 {
1248  return (dig ? dig->sig : NULL);
1249 }
1250 
1252 {
1253  return (dig ? dig->siglen : 0);
1254 }
1255 
1257  rpmuint32_t sigtag, rpmuint32_t sigtype, const void * sig, rpmuint32_t siglen)
1258 {
1259  if (dig != NULL) {
1260  dig->sigtag = sigtag;
1261  dig->sigtype = (sig ? sigtype : 0);
1262 /*@-assignexpose -kepttrans@*/
1263  dig->sig = sig;
1264 /*@=assignexpose =kepttrans@*/
1265  dig->siglen = siglen;
1266  }
1267  return 0;
1268 }
1269 
1271 {
1272  void * sw = NULL;
1273  switch (opx) {
1274  case 10: /* RPMTS_OP_DIGEST */
1275  sw = &dig->dops;
1276  break;
1277  case 11: /* RPMTS_OP_SIGNATURE */
1278  sw = &dig->sops;
1279  break;
1280  }
1281  return sw;
1282 }
1283 
1285  int (*findPubkey) (void *ts, /*@null@*/ void *dig), void * _ts)
1286 {
1287  if (dig) {
1288 /*@-assignexpose@*/
1289  dig->findPubkey = findPubkey;
1290 /*@=assignexpose@*/
1291 /*@-dependenttrans@*/
1292  dig->_ts = _ts;
1293 /*@=dependenttrans@*/
1294  }
1295  return 0;
1296 }
1297 
1299 {
1300  int rc = 1; /* XXX RPMRC_NOTFOUND */
1301  if (dig && dig->findPubkey && dig->_ts)
1302  rc = (*dig->findPubkey) (dig->_ts, dig);
1303  return rc;
1304 }
1305 
1306 int pgpGrabPkts(const rpmuint8_t * pkts, size_t pktlen,
1307  /*@out@*/ rpmuint8_t *** pppkts, /*@out@*/ int * pnpkts)
1308  /*@modifies *pppkts, *pnpkts @*/
1309 {
1310  pgpPkt pp = (pgpPkt) alloca(sizeof(*pp));
1311  const rpmuint8_t * p;
1312  size_t pleft;
1313  size_t len;
1314  int npkts = 0;
1315  rpmuint8_t ** ppkts;
1316 
1317  for (p = pkts, pleft = pktlen; p < (pkts + pktlen); p += len, pleft -= len) {
1318  if (pgpPktLen(p, pleft, pp) < 0)
1319  return -1;
1320  len = pp->pktlen;
1321  npkts++;
1322  }
1323  if (npkts <= 0)
1324  return -2;
1325 
1326  ppkts = (rpmuint8_t **) xcalloc(npkts+1, sizeof(*ppkts));
1327 
1328  npkts = 0;
1329  for (p = pkts, pleft = pktlen; p < (pkts + pktlen); p += len, pleft -= len) {
1330 
1331  if (pgpPktLen(p, pleft, pp) < 0) {
1332  if (ppkts) ppkts = _free(ppkts);
1333  return -1;
1334  }
1335  len = pp->pktlen;
1336  ppkts[npkts++] = (rpmuint8_t *) p;
1337  }
1338  ppkts[npkts] = NULL;
1339 
1340  if (pppkts != NULL)
1341  *pppkts = ppkts;
1342  else
1343  ppkts = _free(ppkts);
1344 
1345  if (pnpkts != NULL)
1346  *pnpkts = npkts;
1347 
1348  return 0;
1349 }
1350 
1351 /*@-globstate -incondefs -nullderef @*/ /* _dig annotations are not correct. */
1352 int pgpPrtPkts(const rpmuint8_t * pkts, size_t pktlen, pgpDig dig, int printing)
1353  /*@globals _dig, _digp, _pgp_print @*/
1354  /*@modifies _dig, _digp, *_digp, _pgp_print @*/
1355 {
1356  pgpPkt pp = (pgpPkt) alloca(sizeof(*pp));
1357  unsigned int val = (unsigned int)*pkts;
1358  size_t pleft;
1359  int len;
1360  rpmuint8_t ** ppkts = NULL;
1361  int npkts;
1362  int i;
1363 
1364  _pgp_print = printing;
1365  _dig = pgpDigLink(dig);
1366  if (dig != NULL && (val & 0x80)) {
1367  pgpTag tag = (pgpTag)((val & 0x40) ? (val & 0x3f) : ((val >> 2) & 0xf));
1368  _digp = (tag == PGPTAG_SIGNATURE) ? &_dig->signature : &_dig->pubkey;
1369  _digp->tag = (rpmuint8_t)tag;
1370  } else
1371  _digp = NULL;
1372 
1373  if (pgpGrabPkts(pkts, pktlen, &ppkts, &npkts) || ppkts == NULL) {
1374  _dig = pgpDigFree(_dig);
1375  return -1;
1376  }
1377 
1378  if (ppkts != NULL)
1379  for (i = 0, pleft = pktlen; i < npkts; i++, pleft -= len) {
1380  len = pgpPktLen(ppkts[i], pleft, pp);
1381  len = pgpPrtPkt(ppkts[i], pp->pktlen);
1382  }
1383 
1384  if (dig != NULL) {
1385  dig->ppkts = _free(dig->ppkts); /* XXX memory leak plugged. */
1386  dig->ppkts = ppkts;
1387  dig->npkts = npkts;
1388  } else
1389  ppkts = _free(ppkts);
1390 
1391  (void) pgpDigFree(_dig);
1392  _dig = NULL;
1393 
1394  return 0;
1395 }
1396 /*@=globstate =incondefs =nullderef @*/
1397 
1399 {
1400  const char * enc = NULL;
1401  const char * crcenc = NULL;
1402  rpmuint8_t * dec;
1403  rpmuint8_t * crcdec;
1404  size_t declen;
1405  size_t crclen;
1406  rpmuint32_t crcpkt, crc;
1407  const char * armortype = NULL;
1408  char * t, * te;
1409  int pstate = 0;
1410  pgpArmor ec = PGPARMOR_ERR_NO_BEGIN_PGP; /* XXX assume failure */
1411  pgpTag tag = (pgpTag)0;
1412  int rc;
1413 
1414  if (iob == NULL)
1415  goto exit;
1416 
1417  /* Read unarmored packets. */
1418  if (pgpIsPkt(iob->b, &tag)) {
1419  switch (tag) {
1420  default: ec = PGPARMOR_NONE; break;
1421  case PGPTAG_PUBLIC_KEY: ec = PGPARMOR_PUBKEY; break;
1422  case PGPTAG_SIGNATURE: ec = PGPARMOR_SIGNATURE; break;
1423 #ifdef NOTYET
1424  case PGPTAG_SECRET_KEY: ec = PGPARMOR_SECKEY; break;
1425  case PGPTAG_FOO: ec = PGPARMOR_MESSAGE; break;
1426  case PGPTAG_FOO: ec = PGPARMOR_SIGNED_MESSAGE; break;
1427  case PGPTAG_FOO: ec = PGPARMOR_FILE; break;
1428  case PGPTAG_FOO: ec = PGPARMOR_PRIVKEY; break;
1429 #endif
1430  }
1431  /* Truncate blen to actual no. of octets in packet. */
1432  if (ec != PGPARMOR_NONE) {
1433  pgpPkt pp = (pgpPkt) alloca(sizeof(*pp));
1434  iob->blen = pgpPktLen(iob->b, iob->blen, pp);
1435  }
1436  goto exit;
1437  }
1438 
1439 #define TOKEQ(_s, _tok) (!strncmp((_s), (_tok), sizeof(_tok)-1))
1440 
1441  /* Read armored packets, converting to binary. */
1442  for (t = (char *)iob->b; t && *t; t = te) {
1443  if ((te = strchr(t, '\n')) == NULL)
1444  te = t + strlen(t);
1445  else
1446  te++;
1447 
1448  switch (pstate) {
1449  case 0:
1450  armortype = NULL;
1451  if (!TOKEQ(t, "-----BEGIN PGP "))
1452  continue;
1453  t += sizeof("-----BEGIN PGP ")-1;
1454 
1455  rc = pgpValTok(pgpArmorTbl, t, te);
1456  if (rc < 0) {
1458  goto exit;
1459  }
1460  /* XXX Ignore clear signed message start. */
1461  if (rc == PGPARMOR_SIGNED_MESSAGE)
1462  continue;
1463  ec = (pgpArmor)rc; /* Save the packet type as exit code. */
1464  armortype = t;
1465 
1466  t = strchr(t, '\n');
1467  if (t == NULL)
1468  continue;
1469  if (t[-1] == '\r')
1470  --t;
1471  t -= (sizeof("-----")-1);
1472  if (!TOKEQ(t, "-----"))
1473  continue;
1474  *t = '\0';
1475  pstate++;
1476  /*@switchbreak@*/ break;
1477  case 1:
1478  enc = NULL;
1479  rc = pgpValTok(pgpArmorKeyTbl, t, te);
1480  if (rc >= 0)
1481  continue;
1482  if (!(*t == '\n' || *t == '\r')) {
1483  pstate = 0;
1484  continue;
1485  }
1486  enc = te; /* Start of encoded packets */
1487  pstate++;
1488  /*@switchbreak@*/ break;
1489  case 2:
1490  crcenc = NULL;
1491  if (*t != '=')
1492  continue;
1493  *t++ = '\0'; /* Terminate encoded packets */
1494  crcenc = t; /* Start of encoded crc */
1495  pstate++;
1496  /*@switchbreak@*/ break;
1497  case 3:
1498  pstate = 0;
1499  if (!TOKEQ(t, "-----END PGP ")) {
1501  goto exit;
1502  }
1503  *t = '\0'; /* Terminate encoded crc */
1504  t += sizeof("-----END PGP ")-1;
1505  if (t >= te) continue;
1506 
1507  if (armortype == NULL) /* XXX can't happen */
1508  continue;
1509  rc = strncmp(t, armortype, strlen(armortype));
1510  if (rc)
1511  continue;
1512 
1513  t += strlen(armortype);
1514  if (t >= te) continue;
1515 
1516  if (!TOKEQ(t, "-----")) {
1518  goto exit;
1519  }
1520  t += (sizeof("-----")-1);
1521  if (t >= te) continue;
1522  /* XXX permitting \r here is not RFC-2440 compliant <shrug> */
1523  if (!(*t == '\n' || *t == '\r')) continue;
1524 
1525  crcdec = NULL;
1526  crclen = 0;
1527  if (b64decode(crcenc, (void **)&crcdec, &crclen) != 0) {
1529  goto exit;
1530  }
1531  crcpkt = pgpGrab(crcdec, crclen);
1532  crcdec = _free(crcdec);
1533  dec = NULL;
1534  declen = 0;
1535  if (b64decode(enc, (void **)&dec, &declen) != 0) {
1537  goto exit;
1538  }
1539  crc = pgpCRC(dec, declen);
1540  if (crcpkt != crc) {
1542  dec = _free(dec); /* XXX coverity #1035921 */
1543  declen = 0;
1544  goto exit;
1545  }
1546  iob->b = _free(iob->b);
1547  iob->b = dec;
1548  iob->blen = declen;
1549  dec = NULL;
1550  declen = 0;
1551  goto exit;
1552  /*@notreached@*/ /*@switchbreak@*/ break;
1553  }
1554  }
1555  ec = PGPARMOR_NONE;
1556 
1557 exit:
1558  if (ec > PGPARMOR_NONE) {
1559  if (pkt) *pkt = iob->b;
1560  if (pktlen) *pktlen = iob->blen;
1561  iob->b = NULL; /* XXX iob->b has been stolen */
1562  } else {
1563  if (pkt) *pkt = NULL;
1564  if (pktlen) *pktlen = 0;
1565  }
1566  return ec;
1567 }
1568 
1569 pgpArmor pgpReadPkts(const char * fn, rpmuint8_t ** pkt, size_t * pktlen)
1570 {
1571  rpmiob iob = NULL;
1572  pgpArmor ec = !rpmiobSlurp(fn, &iob)
1573  ? pgpArmorUnwrap(iob, pkt, pktlen)
1575  iob = rpmiobFree(iob);
1576  return ec;
1577 }
1578 
1579 char * pgpArmorWrap(rpmuint8_t atype, const unsigned char * s, size_t ns)
1580 {
1581  const char * enc;
1582  char * t;
1583  size_t nt;
1584  char * val;
1585  int lc;
1586 
1587  nt = ((ns + 2) / 3) * 4;
1588  /*@-globs@*/
1589  /* Add additional bytes necessary for eol string(s). */
1590  if (b64encode_chars_per_line > 0 && b64encode_eolstr != NULL) {
1591  lc = (nt + b64encode_chars_per_line - 1) / b64encode_chars_per_line;
1592  if (((nt + b64encode_chars_per_line - 1) % b64encode_chars_per_line) != 0)
1593  ++lc;
1594  nt += lc * strlen(b64encode_eolstr);
1595  }
1596  /*@=globs@*/
1597 
1598  nt += 512; /* XXX slop for armor and crc */
1599 
1600  val = t = (char *) xmalloc(nt + 1);
1601  *t = '\0';
1602  t = stpcpy(t, "-----BEGIN PGP ");
1603  t = stpcpy(t, pgpValStr(pgpArmorTbl, atype));
1604  /*@-globs@*/
1605  t = stpcpy( stpcpy(t, "-----\nVersion: RPM "), VERSION);
1606  /*@=globs@*/
1607  t = stpcpy(t, " (BeeCrypt)\n\n");
1608 
1609  if ((enc = b64encode(s, ns)) != NULL) {
1610  t = stpcpy(t, enc);
1611  enc = _free(enc);
1612  if ((enc = b64crc(s, ns)) != NULL) {
1613  *t++ = '=';
1614  t = stpcpy(t, enc);
1615  enc = _free(enc);
1616  }
1617  }
1618 
1619  t = stpcpy(t, "-----END PGP ");
1620  t = stpcpy(t, pgpValStr(pgpArmorTbl, atype));
1621  t = stpcpy(t, "-----\n");
1622 
1623 /*@-globstate@*/ /* XXX b64encode_eolstr needs annotation. */
1624  return val;
1625 /*@=globstate@*/
1626 }
1627 
1628 pgpHashAlgo pgpHashAlgoStringToNumber(const char *name, size_t name_len)
1629 {
1630  size_t i;
1631 
1632  if (name == NULL)
1633  return (pgpHashAlgo) -1;
1634  if (name_len == 0)
1635  name_len = strlen(name);
1636  for (i = 0; i < sizeof(pgpHashTbl)/sizeof(pgpHashTbl[0]); i++)
1637  if (xstrncasecmp(name, pgpHashTbl[i].str, name_len) == 0)
1638  return (pgpHashAlgo) pgpHashTbl[i].val;
1639  return PGPHASHALGO_ERROR;
1640 }
1641 
static const char * pgpSigDSA[]
Definition: rpmpgp.c:415
rpmuint8_t pubkey_algo
Definition: rpmpgp.h:762
rpmuint32_t siglen
Definition: signature.c:618
static void pgpPrtInt(const char *pre, int i)
Definition: rpmpgp.c:259
int xx
Definition: spec.c:744
rpmuint8_t sigtype
Definition: rpmpgp.h:418
5.5.1.
Definition: rpmpgp.h:721
const rpmuint8_t * pgpPrtPubkeyParams(pgpDig dig, const pgpPkt pp, pgpPubkeyAlgo pubkey_algo, const rpmuint8_t *p)
Definition: rpmpgp.c:681
pgpImplVecs_t * pgpImplVecs
Definition: rpmpgp.c:38
struct pgpImplVecs_s rpmbcImplVecs
Definition: rpmbc.c:850
void pgpPrtVal(const char *pre, pgpValTbl vs, rpmuint8_t val)
Print an OpenPGP value.
Definition: rpmpgp.c:289
enum pgpPubkeyAlgo_e pgpPubkeyAlgo
9.1.
int pgpGrabPkts(const rpmuint8_t *pkts, size_t pktlen, rpmuint8_t ***pppkts, int *pnpkts)
Return array of packet pointers.
Definition: rpmpgp.c:1306
rpmuint8_t hash_algo
Definition: rpmpgp.h:420
DIGEST_CTX ctx
Definition: signature.c:785
struct pgpPktSigV4_s * pgpPktSigV4
5.2.3.
static const rpmuint8_t * pgpPrtSeckeyParams(const pgpPkt pp, rpmuint8_t pubkey_algo, const rpmuint8_t *p)
Definition: rpmpgp.c:756
pgpImplVecs_t rpmnssImplVecs
return se
Definition: macro.c:897
int pgpPktLen(const rpmuint8_t *pkt, size_t pleft, pgpPkt pp)
Definition: rpmpgp.c:939
int pgpExtractPubkeyFingerprint(const char *b64pkt, rpmuint8_t *keyid)
Extract OpenPGP public key fingerprint from base64 encoded packet.
Definition: rpmpgp.c:1028
struct pgpPktKeyV3_s * pgpPktKeyV3
5.5.1.
int pgpPrtPkt(const rpmuint8_t *pkt, size_t pleft)
Return lenth of a OpenPGP packet.
Definition: rpmpgp.c:1040
int pgpPubkeyFingerprint(const rpmuint8_t *pkt, size_t pktlen, rpmuint8_t *keyid)
Print/parse an OpenPGP subtype packet.
Definition: rpmpgp.c:969
int rc
Definition: poptALL.c:670
static const char * pgpPublicELGAMAL[]
Definition: rpmpgp.c:665
#define VERSION
Definition: config.h:1289
int pgpFindPubkey(pgpDig dig)
Call find pubkey vector.
Definition: rpmpgp.c:1298
struct pgpPktKeyV4_s * pgpPktKeyV4
The version 4 format is similar to the version 3 format except for the absence of a validity period...
5.2.3.
Definition: rpmpgp.h:416
rpmiob rpmiobFree(rpmiob iob)
Destroy a I/O buffer instance.
rpmuint8_t pubkey_algo
Definition: rpmpgp.h:419
static int pgpImplGenerate(pgpDig dig)
Definition: rpmpgp.h:1861
void pgpDigClean(pgpDig dig)
Release (malloc&#39;d) data from container.
Definition: rpmpgp.c:1106
Header h
Definition: spec.c:739
repo _ts
Definition: rpmrepo.c:164
struct pgpDig_s * pgpDig
Definition: rpmiotypes.h:86
unsigned char rpmuint8_t
Private int typedefs to avoid C99 portability issues.
Definition: rpmiotypes.h:26
int xstrncasecmp(const char *s1, const char *s2, size_t n)
Locale insensitive strncasecmp(3).
Definition: strcasecmp.c:30
int rpmiobSlurp(const char *fn, rpmiob *iobp)
Definition: rpmiob.c:129
struct rpmiob_s * rpmiob
Definition: rpmiotypes.h:60
5.2.2.
Definition: rpmpgp.h:384
static void pgpDigFini(void *__dig)
Definition: rpmpgp.c:1138
pgpArmor pgpReadPkts(const char *fn, rpmuint8_t **pkt, size_t *pktlen)
Parse armored OpenPGP packets from a file.
Definition: rpmpgp.c:1569
static const char * pgpPublicRSA[]
Definition: rpmpgp.c:616
char * alloca()
rpmuint8_t hashlen
Definition: rpmpgp.h:386
pgpDig pgpDigNew(pgpVSFlags vsflags, pgpPubkeyAlgo pubkey_algo)
Create a container for parsed OpenPGP packates.
Definition: rpmpgp.c:1205
static unsigned int pgpCRC(const rpmuint8_t *octets, size_t len)
Return CRC of a buffer.
Definition: rpmpgp.h:1657
goto exit
Definition: db3.c:1903
memset(_r, 0, sizeof(*_r))
size_t ns
Definition: db3.c:1892
struct pgpValTbl_s pgpTagTbl[]
Definition: rpmpgp.c:205
static void * pgpImplFree(void *impl)
Definition: rpmpgp.h:1894
static void * pgpImplInit(void)
Definition: rpmpgp.h:1903
static PyObject *static PyObject *static PyObject *static PyObject *static PyObject *static PyObject *static PyObject *static PyObject *static PyObject *static PyObject *static PyObject *static PyObject *size_t dlen
Definition: rpmfi-py.c:246
unsigned int rpmuint32_t
Definition: rpmiotypes.h:28
pgpVSFlags pgpDigVSFlags
Disabler bits(s) for signature/digest checking.
Definition: rpmpgp.c:1104
void * xcalloc(size_t nmemb, size_t size)
Definition: rpmmalloc.c:300
assert(key->size==sizeof(hdrNum))
struct pgpValTbl_s pgpHashTbl[]
Hash (string, value) pairs.
Definition: rpmpgp.c:143
char * p
Definition: macro.c:413
HE_t ec
Definition: hdrfmt.c:6710
static char * pgpHexStr(const rpmuint8_t *p, size_t plen)
Return hex formatted representation of bytes.
Definition: rpmpgp.h:1164
rpmioItem rpmioGetPool(rpmioPool pool, size_t size)
Get unused item from pool, or alloc a new item.
Definition: rpmmalloc.c:220
fprintf(stderr,"--> %s(%p,%p,%p) sig %p sigp %p\n", __FUNCTION__, dig, t, rsactx, sig, sigp)
rpmioPool _digPool
Definition: rpmpgp.c:1186
int pgpPrtSigParams(pgpDig dig, const pgpPkt pp, pgpPubkeyAlgo pubkey_algo, pgpSigType sigtype, const rpmuint8_t *p)
Definition: rpmpgp.c:429
rpmuint8_t version
Definition: rpmpgp.h:760
enum pgpHashAlgo_e pgpHashAlgo
9.4.
void * pgpStatsAccumulator(pgpDig dig, int opx)
Return pgpDig container accumulator structure.
Definition: rpmpgp.c:1270
he tag
Definition: db3.c:1927
int rpmDigestUpdate(DIGEST_CTX ctx, const void *data, size_t len)
Update context with next plain text buffer.
Definition: digest.c:907
int _pgp_error_count
Definition: rpmpgp.c:35
rpmuint8_t valid[2]
Definition: rpmpgp.h:724
pgpDigParams pgpGetSignature(pgpDig dig)
Return OpenPGP signature parameters.
Definition: rpmpgp.c:1226
enum pgpVSFlags_e pgpVSFlags
Bit(s) to control digest and signature verification.
Digest private data.
Definition: digest.c:127
unsigned int pktlen
Definition: rpmts-py.c:1092
int pgpPrtPkts(const rpmuint8_t *pkts, size_t pktlen, pgpDig dig, int printing)
Print/parse a OpenPGP packet(s).
Definition: rpmpgp.c:1352
pgpDig pgpDigFree(pgpDig dig)
Destroy a container for parsed OpenPGP packates.
pgpImplVecs_t rpmsslImplVecs
Implementation specific parameter storage.
return k val
Definition: rpmmtree.c:401
struct pgpValTbl_s pgpArmorTbl[]
Armor (string, value) pairs.
Definition: rpmpgp.c:231
struct pgpPkt_s * pgpPkt
Definition: rpmiotypes.h:82
rpmuint8_t sigtype
Definition: rpmpgp.h:387
DIGEST_CTX rpmDigestInit(pgpHashAlgo hashalgo, rpmDigestFlags flags)
Initialize digest.
Definition: digest.c:244
pgpDig pgpDigLink(pgpDig dig)
Reference a signature parameters instance.
rpmuint8_t version
Definition: rpmpgp.h:385
static void pgpPrtHex(const char *pre, const rpmuint8_t *p, size_t plen)
Definition: rpmpgp.c:279
rpmuint8_t time[4]
Definition: rpmpgp.h:723
static const char * pgpMpiStr(const rpmuint8_t *p)
Return hex formatted representation of a multiprecision integer.
Definition: rpmpgp.h:1180
static unsigned
Definition: rpmmtree.c:386
rpmuint32_t pgpGetSigtype(pgpDig dig)
Get signature tag type.
Definition: rpmpgp.c:1241
char * pgpArmorWrap(rpmuint8_t atype, const unsigned char *s, size_t ns)
Wrap a OpenPGP packets in ascii armor for transport.
Definition: rpmpgp.c:1579
int j
Definition: spec.c:743
static void pgpPrtStr(const char *pre, const char *s)
Definition: rpmpgp.c:269
static const char * pgpPublicECDSA[]
Definition: rpmpgp.c:651
static unsigned int pgpLen(const rpmuint8_t *s, unsigned int *lenp)
Return length of an OpenPGP packet.
Definition: rpmpgp.h:1093
rpmuint32_t pgpGetSigtag(pgpDig dig)
Get signature tag.
Definition: rpmpgp.c:1236
struct pgpPktSigV3_s * pgpPktSigV3
5.2.2.
rpmuint8_t time[4]
Definition: rpmpgp.h:761
enum pgpTag_e pgpTag
4.3.
int pgpPrtSubType(const rpmuint8_t *h, size_t hlen, pgpSigType sigtype)
Definition: rpmpgp.c:299
int pgpPrtComment(const pgpPkt pp)
Definition: rpmpgp.c:910
const char * s
Definition: poptALL.c:734
char * t
Definition: rpmds.c:2716
struct pgpValTbl_s pgpArmorKeyTbl[]
Armor key (string, value) pairs.
Definition: rpmpgp.c:242
static void pgpImplClean(void *impl)
Definition: rpmpgp.h:1882
static int pgpIsPkt(const rpmuint8_t *p, pgpTag *tagp)
Is buffer at beginning of an OpenPGP packet?
Definition: rpmpgp.h:1596
static unsigned int pgpMpiLen(const rpmuint8_t *p)
Return no.
Definition: rpmpgp.h:1127
rpmioPool rpmioNewPool(const char *name, size_t size, int limit, int flags, char *(*dbg)(void *item), void(*init)(void *item), void(*fini)(void *item))
Create a memory pool.
Definition: rpmmalloc.c:109
static pgpDig digGetPool(rpmioPool pool)
Definition: rpmpgp.c:1188
const char * str
Definition: rpmpgp.h:117
int pgpSetFindPubkey(pgpDig dig, int(*findPubkey)(void *ts, void *dig), void *_ts)
Set find pubkey vector.
Definition: rpmpgp.c:1284
struct pgpValTbl_s pgpSubTypeTbl[]
Subtype (string, value) pairs.
Definition: rpmpgp.c:165
char * stpcpy(char *dest, const char *src)
if(__progname==NULL)
Definition: poptALL.c:683
te
Definition: macro.c:552
const void * pgpGetSig(pgpDig dig)
Get signature tag data, i.e.
Definition: rpmpgp.c:1246
int pgpPrtUserID(const pgpPkt pp)
Definition: rpmpgp.c:893
static const char * pgpPublicDSA[]
Definition: rpmpgp.c:634
rpmuint8_t signhash16[2]
Definition: rpmpgp.h:392
pgpImplVecs_t rpmgcImplVecs
Implementation specific parameter storage.
struct pgpDigParams_s * pgpDigParams
Definition: rpmiotypes.h:90
rpmuint8_t time[4]
Definition: rpmpgp.h:388
struct pgpValTbl_s pgpSymkeyTbl[]
Symmetric key (string, value) pairs.
Definition: rpmpgp.c:116
return NULL
Definition: poptALL.c:613
int val
Definition: rpmpgp.h:115
rpmuint8_t version
Definition: rpmpgp.h:417
struct pgpValTbl_s pgpKeyServerPrefsTbl[]
Definition: rpmpgp.c:159
static const char * pgpValStr(pgpValTbl vs, rpmuint8_t val)
Return string representation of am OpenPGP value.
Definition: rpmpgp.h:1199
pgpHashAlgo pgpHashAlgoStringToNumber(const char *name, size_t name_len)
Convert a hash algorithm &quot;foo&quot; to the internal PGPHASHALGO_FOO number.
Definition: rpmpgp.c:1628
static void
Print copy of spec file, filling in Group/Description/Summary from specspo.
Definition: spec.c:737
static const char * name
int pgpSetSig(pgpDig dig, rpmuint32_t sigtag, rpmuint32_t sigtype, const void *sig, rpmuint32_t siglen)
Set signature tag info, i.e.
Definition: rpmpgp.c:1256
rpmuint32_t pgpGetSiglen(pgpDig dig)
Get signature tag data length, i.e.
Definition: rpmpgp.c:1251
enum pgpSigType_e pgpSigType
5.2.1.
static PyObject *unsigned char * pkt
Definition: rpmts-py.c:1089
rpmuint8_t version
Definition: rpmpgp.h:722
int
Save source and expand field into target.
Definition: rpmds.c:2709
static unsigned int pgpGrab(const rpmuint8_t *s, size_t nbytes)
Return (native-endian) integer from big-endian representation.
Definition: rpmpgp.h:1076
#define xmalloc
Definition: system.h:32
rpmuint8_t pubkey_algo
Definition: rpmpgp.h:390
void rpmDigestFinal(rpmDigestDup(md5ctx),&md5sum,&md5len, 0)
rpmuint8_t hash_algo
Definition: rpmpgp.h:391
static int pgpImplMpiItem(const char *pre, pgpDig dig, int itemno, const rpmuint8_t *p, const rpmuint8_t *pend)
Definition: rpmpgp.h:1872
int rpmbcExportPubkey(pgpDig dig)
Definition: rpmbc.c:864
int _pgp_print
Definition: rpmpgp.c:32
#define TOKEQ(_s, _tok)
rpmVSFlags vsflags
Definition: rpmrepo.c:161
rpmuint8_t hashlen[2]
Definition: rpmpgp.h:421
static const char * pgpSigRSA[]
Definition: rpmpgp.c:409
static void * _free(const void *p)
Wrapper to free(3), hides const compilation noise, permit NULL, return NULL.
Definition: rpmiotypes.h:647
rpmuint8_t pubkey_algo
Definition: rpmpgp.h:725
int i
Definition: spec.c:743
static int pgpValTok(pgpValTbl vs, const char *s, const char *se)
Return value of an OpenPGP string.
Definition: rpmpgp.h:1217
pgpDig dig
Definition: rpmts-py.c:979
pgpArmor pgpArmorUnwrap(rpmiob iob, rpmuint8_t **pkt, size_t *pktlen)
Parse armored OpenPGP packets from an iob.
Definition: rpmpgp.c:1398
static const char * pgpSigECDSA[]
Definition: rpmpgp.c:422
The version 4 format is similar to the version 3 format except for the absence of a validity period...
Definition: rpmpgp.h:759
int pgpPrtSig(const pgpPkt pp)
Definition: rpmpgp.c:505
static void pgpPrtNL(void)
Definition: rpmpgp.c:251
int _pgp_debug
Definition: rpmpgp.c:29
pgpDigParams pgpGetPubkey(pgpDig dig)
Return OpenPGP pubkey parameters.
Definition: rpmpgp.c:1231
struct pgpValTbl_s pgpCompressionTbl[]
Compression (string, value) pairs.
Definition: rpmpgp.c:135
size_t fn
Definition: macro.c:1698
struct pgpValTbl_s pgpPubkeyTbl[]
Definition: rpmpgp.c:103
enum pgpArmor_e pgpArmor
rpmuint8_t signid[8]
Definition: rpmpgp.h:389
int pgpPrtKey(const pgpPkt pp)
Definition: rpmpgp.c:832
int len
Definition: rpmdb-py.c:119
struct pgpValTbl_s pgpSigTypeTbl[]
Definition: rpmpgp.c:84
static pgpDigParams _digp
Definition: rpmpgp.c:73