Retire openpgpsdk - replaced by netpgp
This commit is contained in:
parent
7663ec7383
commit
1991192fb5
|
@ -1,7 +0,0 @@
|
|||
# $NetBSD: Makefile,v 1.4 2009/01/22 00:13:19 lukem Exp $
|
||||
|
||||
SUBDIR= lib .WAIT
|
||||
|
||||
SUBDIR+= bin
|
||||
|
||||
.include <bsd.subdir.mk>
|
|
@ -1,26 +0,0 @@
|
|||
# $NetBSD: Makefile,v 1.6 2009/02/23 08:25:07 he Exp $
|
||||
|
||||
.include <bsd.own.mk>
|
||||
|
||||
PROG= openpgp
|
||||
BINDIR= /usr/bin
|
||||
|
||||
CPPFLAGS+= -I${.CURDIR}/../dist/include
|
||||
|
||||
LIBOPSOBJDIR!= cd ${.CURDIR}/../lib && ${PRINTOBJDIR}
|
||||
LDADD+= -L${LIBOPSOBJDIR} -lopenpgpsdk
|
||||
DPADD+= ${LIBOPSOBJDIR}/libopenpgpsdk.a
|
||||
|
||||
LDADD+= -lcrypto -lz -lbz2
|
||||
DPADD+= ${LIBCRYPTO} ${LIBZ} ${LIBBZ2}
|
||||
|
||||
MAN= openpgp.1
|
||||
|
||||
# although the code is/was WARNS=4 clean, when linking, there is a warning
|
||||
# about libidea being a patented algorithm, and WARNS>0 treats warnings as
|
||||
# errors. For now, just set WARNS off.
|
||||
WARNS= 0
|
||||
|
||||
.PATH: ${.CURDIR}/../dist/src/app
|
||||
|
||||
.include <bsd.prog.mk>
|
|
@ -1,285 +0,0 @@
|
|||
.\" $NetBSD: openpgp.1,v 1.5 2009/02/02 20:24:36 agc Exp $
|
||||
.\"
|
||||
.\" Copyright (c) 2009 The NetBSD Foundation, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This manual page is derived from software contributed to
|
||||
.\" The NetBSD Foundation by Alistair Crooks (agc@NetBSD.org).
|
||||
.\"
|
||||
.\" Redistribution and use in source and binary forms, with or without
|
||||
.\" modification, are permitted provided that the following conditions
|
||||
.\" are met:
|
||||
.\" 1. Redistributions of source code must retain the above copyright
|
||||
.\" notice, this list of conditions and the following disclaimer.
|
||||
.\" 2. Redistributions in binary form must reproduce the above copyright
|
||||
.\" notice, this list of conditions and the following disclaimer in the
|
||||
.\" documentation and/or other materials provided with the distribution.
|
||||
.\"
|
||||
.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
|
||||
.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
|
||||
.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
|
||||
.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
||||
.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
||||
.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
||||
.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
||||
.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
.\" POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.Dd February 1, 2009
|
||||
.Dt OPENPGP 1
|
||||
.Os
|
||||
.Sh NAME
|
||||
.Nm openpgp
|
||||
.Nd signing, verification, encryption, and decryption utility
|
||||
.Sh SYNOPSIS
|
||||
.Nm openpgp
|
||||
.Op Fl -armour
|
||||
.Op Fl -clearsign
|
||||
.Op Fl -decrypt
|
||||
.Op Fl -encrypt
|
||||
.Op Fl -export-key
|
||||
.Op Fl -find-key
|
||||
.Op Fl -generate-key
|
||||
.Op Fl -homedir Ns = Ns Ar home-directory
|
||||
.Op Fl -import-key
|
||||
.Op Fl -keyring Ns = Ns Ar keyring
|
||||
.Op Fl -list-keys
|
||||
.Op Fl -list-packets
|
||||
.Op Fl -numbits Ns = Ns Ar numbits
|
||||
.Op Fl -passphrase Ns = Ns Ar passphrase
|
||||
.Op Fl -sign
|
||||
.Op Fl -userid Ns = Ns Ar userid
|
||||
.Op Fl -verify
|
||||
.Op Fl -version
|
||||
.Ar file ...
|
||||
.Sh DESCRIPTION
|
||||
The
|
||||
.Nm
|
||||
command can digitally sign files and verify that the signatures
|
||||
attached to files were signed by a given user identifier.
|
||||
.Nm
|
||||
can also encrypt files using the public or private keys of
|
||||
users and, in the same manner, decrypt files which were encrypted.
|
||||
.Pp
|
||||
The
|
||||
.Nm
|
||||
utility can also be used to generate a new key-pair for a user.
|
||||
This key is in two parts, the public key (which can be
|
||||
used by other people) and a private key.
|
||||
.Pp
|
||||
In addition to these primary uses, the third way of using
|
||||
.Nm
|
||||
is to maintain keyrings.
|
||||
Keyrings are collections of public keys belonging to other users.
|
||||
By using other means of identification, it is possible to establish
|
||||
the bona fides of other users.
|
||||
Once trust has been established, the public key of the other
|
||||
user will be signed.
|
||||
The other user's public key can be added to our keyring.
|
||||
The other user will add our public key to their keyring.
|
||||
.Pp
|
||||
Keys can be listed, exported (i.e. made available to others),
|
||||
and imported (i.e. users who have signed our public key).
|
||||
.Pp
|
||||
One of the following commands must be present:
|
||||
.Bl -tag -width Ar
|
||||
.It Fl -clearsign
|
||||
The signature of the file named on the command line is calculated
|
||||
in the same manner as the
|
||||
.Fl -sign
|
||||
command, but the text is added to the file such that
|
||||
the text itself is not in binary format, but can be read by mere mortals.
|
||||
.It Fl -decrypt
|
||||
Decrypt the file using the user's private key.
|
||||
The pass phrase will be optained by prompting the user
|
||||
to type it in, using
|
||||
.Xr getpass 3 .
|
||||
.It Fl -encrypt
|
||||
Use the user's public key to encrypt the files named on the command line.
|
||||
.It Fl -export-key
|
||||
Display the current public key in a format suitable for export.
|
||||
This can be used to place the keyring on one of the
|
||||
public key servers, for example.
|
||||
.It Fl -find-key
|
||||
Find the appropriate public key from the current keyring.
|
||||
If no keyring is provided, the user's public keyring is used.
|
||||
.It Fl -generate-key
|
||||
This command is used to generate a new public and private key pair.
|
||||
The user id is taken from the command line, and the user will be
|
||||
prompted to provide a suitable pass phrase.
|
||||
.It Fl -import-key
|
||||
Import a public key as retrieved from one of the public key servers.
|
||||
This is in the form of a file which has previously been
|
||||
retrieved from elsewhere.
|
||||
.It Fl -list-keys
|
||||
List all the public keys in the current keyring.
|
||||
If no keyring is provided, the user's public keyring is used.
|
||||
.It Fl -list-packets
|
||||
Primarily used as a debugging aid, this command can be used to help
|
||||
dump the contents of the files read, and the computations made.
|
||||
.It Fl -sign
|
||||
The private key is used to digitally sign the files named on the
|
||||
command line.
|
||||
Extra text is added to the file.
|
||||
In rough terms, this text is a digest of the file's contents,
|
||||
encrypted with the user's private key.
|
||||
Since together, the private and public keys identify the user
|
||||
uniquely, the added text can be used to identify the exact version
|
||||
of the file, and any changes made to the file will mean that the
|
||||
signature no longer matches.
|
||||
The file and its attached signature are created with a
|
||||
.Dq Pa .gpg
|
||||
extension to the original file name.
|
||||
The user will be prompted for their pass phrase using
|
||||
.Xr getpass 3 .
|
||||
.It Fl -verify
|
||||
For each of the files named on the command line, the signature of the file
|
||||
is verified, checking the contents against the user's public signature.
|
||||
.It Fl -version
|
||||
Print the version information from the
|
||||
.Xr libopenpgpsdk 3
|
||||
library.
|
||||
.El
|
||||
.Pp
|
||||
In addition to one of the preceding commands, a number of qualifiers
|
||||
or options may be given.
|
||||
.Bl -tag -width Ar
|
||||
.It Fl -armour , -armor
|
||||
This option, however it is spelled, wraps the signature as an
|
||||
ASCII-encoded piece of text, for ease of use.
|
||||
.It Fl -homedir Ar home-directory
|
||||
Keyrings are normally located, for historical reasons, within
|
||||
the user's home directory in a subdirectory called
|
||||
.Dq Pa .gnupg
|
||||
and this option specifies an alternative location in which to
|
||||
find that sub-directory.
|
||||
.It Fl -keyring Ar keyring
|
||||
This option specifies an alternative keyring to be used.
|
||||
All keyring operations will be relative to this alternative keyring.
|
||||
.It Fl -numbits Ar numbits
|
||||
specifies the number of bits to be used when generating a key.
|
||||
The default number of bits is 2048.
|
||||
This is considered the absolute
|
||||
minimum which should be chosen at the time of writing (2009).
|
||||
Due to advances in computing power every year, this number should
|
||||
be reviewed, and increased when it becomes easier to factor 2048
|
||||
bit numbers.
|
||||
.It Fl -passphrase Ar passphrase
|
||||
Provide the pass phrase on the command line.
|
||||
This is not recommended, see
|
||||
.Sx PASS PHRASES
|
||||
below.
|
||||
The
|
||||
.Fl -passphrase
|
||||
option is deprecated, and will be removed in future versions of
|
||||
.Nm .
|
||||
.It Fl -userid Ar userid
|
||||
This option specifies the user identity to be used for all operations.
|
||||
This identity can either be in the form of the full name, or as an
|
||||
email address.
|
||||
Care should be exercised with these ways of specifying the user identity,
|
||||
since the
|
||||
.Nm
|
||||
utility has no way of verifying that an email address is valid, or
|
||||
that a key belongs to a certain individual.
|
||||
The trust for a signed key is given by the other signers of that key.
|
||||
The 16 hexadecimal digit user identity should be used when specifying
|
||||
user identities - email addresses and names are provided as aliases.
|
||||
.El
|
||||
.Sh PASS PHRASES
|
||||
The pass phrase cannot be changed once it has been chosen, and will
|
||||
be used for the life of the key, so a wise choice is advised.
|
||||
The pass phrase should not be an easily guessable word or phrase,
|
||||
or related to information that can be gained through
|
||||
.Dq social engineering
|
||||
using search engines, or other public information retrieval methods.
|
||||
.Pp
|
||||
The
|
||||
.Nm
|
||||
utility includes an option to provide the pass phrase as a command
|
||||
line option.
|
||||
The use of this option is strongly discouraged, since it could
|
||||
lead to involuntary information disclosure.
|
||||
.Xr getpass 3
|
||||
will be used to obtain the pass phrase from the user if it is
|
||||
needed,
|
||||
such as during signing or encryption, or key generation,
|
||||
so that any secret information cannot be viewed by other users
|
||||
using the
|
||||
.Xr ps 1
|
||||
or
|
||||
.Xr top 1
|
||||
commands, or by looking over the shoulder at the screen.
|
||||
.Pp
|
||||
Since the public and private key pair can be used to verify
|
||||
a person's identity, and since identity theft can have
|
||||
far-reaching consequences, users are strongly encouraged to
|
||||
enter their pass phrases only when prompted by the application.
|
||||
.Pp
|
||||
The
|
||||
.Fl -passphrase
|
||||
option is deprecated, and will be removed in future versions
|
||||
of the tool.
|
||||
.Sh SIGNING AND VERIFICATION
|
||||
Signing and verification of a file is best viewed using the following example:
|
||||
.Bd -literal
|
||||
% openpgp --sign --userid=agc@netbsd.org a
|
||||
pub RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12
|
||||
Key fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823
|
||||
uid Alistair Crooks \*[Lt]agc@netbsd.org\*[Gt]
|
||||
uid Alistair Crooks \*[Lt]agc@pkgsrc.org\*[Gt]
|
||||
uid Alistair Crooks \*[Lt]agc@alistaircrooks.com\*[Gt]
|
||||
uid Alistair Crooks \*[Lt]alistair@hockley-crooks.com\*[Gt]
|
||||
openpgp passphrase:
|
||||
% openpgp --verify a.gpg
|
||||
Good signature for a.gpg made Thu Jan 29 03:06:00 2009
|
||||
using RSA (Encrypt or Sign) key 1B68DCFCC0596823
|
||||
pub RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12
|
||||
Key fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823
|
||||
uid Alistair Crooks \*[Lt]alistair@hockley-crooks.com\*[Gt]
|
||||
uid Alistair Crooks \*[Lt]agc@pkgsrc.org\*[Gt]
|
||||
uid Alistair Crooks \*[Lt]agc@netbsd.org\*[Gt]
|
||||
uid Alistair Crooks \*[Lt]agc@alistaircrooks.com\*[Gt]
|
||||
%
|
||||
.Ed
|
||||
.Pp
|
||||
In the example above, a signature is made on a single file called
|
||||
.Dq a
|
||||
using a user identity corresponding to
|
||||
.Dq agc@netbsd.org
|
||||
The key located for the user identity is displayed, and
|
||||
the user is prompted to type in their passphrase.
|
||||
The resulting file, called
|
||||
.Dq a.gpg
|
||||
is placed in the same directory.
|
||||
The second part of the example shows a verification of the signed file
|
||||
taking place.
|
||||
The time and user identity of the signatory is displayed, followed
|
||||
by a fuller description of the public key of the signatory.
|
||||
In both cases, the exit value from the utility was a successful one.
|
||||
.Sh RETURN VALUES
|
||||
The
|
||||
.Nm
|
||||
utility will return 0 for success,
|
||||
1 if the file's signature does not match what was expected,
|
||||
or 2 if any other error occurs.
|
||||
.Sh SEE ALSO
|
||||
.Xr getpass 3 ,
|
||||
.Xr libbz2 3 ,
|
||||
.Xr libopenpgpsdk 3 ,
|
||||
.Xr libz 3 ,
|
||||
.Xr ssl 3
|
||||
.Sh STANDARDS
|
||||
The
|
||||
.Nm
|
||||
utility is designed to conform to IETF RFC 4880.
|
||||
.Sh HISTORY
|
||||
The
|
||||
.Nm
|
||||
command first appeared in
|
||||
.Nx 6.0 .
|
||||
.Sh AUTHORS
|
||||
.An Ben Laurie
|
||||
.An Rachel Willmer
|
|
@ -1,36 +0,0 @@
|
|||
Copyright (c) 2005 Nominet UK (www.nic.uk)
|
||||
All rights reserved.
|
||||
Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
be recorded as the authors of this copyright work.
|
||||
|
||||
This is a BSD-style Open Source licence.
|
||||
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
modification, are permitted provided that the following conditions
|
||||
are met:
|
||||
|
||||
1. Redistributions of source code must retain the above copyright
|
||||
notice, this list of conditions and the following disclaimer.
|
||||
|
||||
2. Redistributions in binary form must reproduce the above copyright
|
||||
notice, this list of conditions and the following disclaimer in the
|
||||
documentation and/or other materials provided with the distribution.
|
||||
|
||||
3. The name of Nominet UK or the contributors may not be used to
|
||||
endorse or promote products derived from this software without specific
|
||||
prior written permission;
|
||||
|
||||
and provided that the user accepts the terms of the following disclaimer:
|
||||
|
||||
THIS SOFTWARE IS PROVIDED BY NOMINET UK AND CONTRIBUTORS ``AS IS'' AND
|
||||
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
ARE DISCLAIMED. IN NO EVENT SHALL NOMINET UK OR CONTRIBUTORS BE LIABLE
|
||||
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
SUCH DAMAGE.
|
|
@ -1,58 +0,0 @@
|
|||
# order of build of subdirs is important
|
||||
#
|
||||
SUBDIRS=src tests
|
||||
|
||||
all: Makefiles include/openpgpsdk/configure.h headers default
|
||||
|
||||
headers:
|
||||
cd include/openpgpsdk && $(MAKE) headers
|
||||
|
||||
#(cd $$d; echo "+++ make in $$d"; $(MAKE) -wS; echo "--- $$d"); \
|
||||
|
||||
default:
|
||||
set -e; for d in $(SUBDIRS); do \
|
||||
cd $$d; $(MAKE) || exit 1; cd ..;\
|
||||
done
|
||||
|
||||
include/openpgpsdk/configure.h: include/openpgpsdk/configure.h.template configure
|
||||
echo re-run configure && exit 1
|
||||
|
||||
force_depend:
|
||||
@set -e; for d in $(SUBDIRS); do \
|
||||
(cd $$d; echo "+++ make force_depend in $$d"; $(MAKE) force_depend ; echo "--- $$d"); \
|
||||
done
|
||||
|
||||
clean:
|
||||
@set -e; for d in $(SUBDIRS); do \
|
||||
(cd $$d; echo "+++ make clean in $$d"; $(MAKE) clean; echo "--- $$d"); \
|
||||
done
|
||||
find . -name '*.core' | xargs rm -f
|
||||
rm -rf oink-links
|
||||
rm -f lib/*
|
||||
|
||||
Makefiles:
|
||||
@set -e; for d in $(SUBDIRS); do \
|
||||
(cd $$d; echo "+++ make Makefile in $$d"; $(MAKE) Makefile; echo "--- $$d"); \
|
||||
done
|
||||
|
||||
tags:
|
||||
rm -f TAGS
|
||||
find . -name '*.[ch]' | xargs etags
|
||||
|
||||
test::
|
||||
make
|
||||
cd tests && $(MAKE) && ./tests
|
||||
|
||||
doc::
|
||||
cd doc && $(MAKE)
|
||||
|
||||
coverity::
|
||||
cov-build --dir coverity make
|
||||
cd coverity && cov-analyze -e emit/ --outputdir output/ --enable VOLATILE --security --enable CHROOT --enable OPEN_ARGS --enable SECURE_CODING --enable SECURE_TEMP --enable TAINTED_POINTER --enable TOCTTOU && cov-commit-errors -e ./emit -o ./output -d /home/rachel/openpgpsdk/coverity/database/ --name ben
|
||||
|
||||
oink:
|
||||
rm -rf oink-links
|
||||
mkdir oink-links
|
||||
cd oink-links \
|
||||
&& find ../src ../examples -name '*.[ihc]' -exec ln -s {} \; \
|
||||
&& ln -s ../util/Makefile.oink Makefile
|
|
@ -1,44 +0,0 @@
|
|||
Microsoft Developer Studio Workspace File, Format Version 6.00
|
||||
# WARNING: DO NOT EDIT OR DELETE THIS WORKSPACE FILE!
|
||||
|
||||
###############################################################################
|
||||
|
||||
Project: "libops"=.\SRC\libops.dsp - Package Owner=<4>
|
||||
|
||||
Package=<5>
|
||||
{{{
|
||||
}}}
|
||||
|
||||
Package=<4>
|
||||
{{{
|
||||
}}}
|
||||
|
||||
###############################################################################
|
||||
|
||||
Project: "tests"=.\tests\tests.dsp - Package Owner=<4>
|
||||
|
||||
Package=<5>
|
||||
{{{
|
||||
}}}
|
||||
|
||||
Package=<4>
|
||||
{{{
|
||||
Begin Project Dependency
|
||||
Project_Dep_Name libops
|
||||
End Project Dependency
|
||||
}}}
|
||||
|
||||
###############################################################################
|
||||
|
||||
Global:
|
||||
|
||||
Package=<5>
|
||||
{{{
|
||||
}}}
|
||||
|
||||
Package=<3>
|
||||
{{{
|
||||
}}}
|
||||
|
||||
###############################################################################
|
||||
|
|
@ -1,454 +0,0 @@
|
|||
#!/usr/bin/perl -w
|
||||
|
||||
use strict;
|
||||
|
||||
use Carp;
|
||||
use File::Temp 0.14;
|
||||
use File::Spec;
|
||||
use POSIX qw(:errno_h);
|
||||
use IO::File;
|
||||
|
||||
$|=1;
|
||||
|
||||
our $Log;
|
||||
our $LogFile='/dev/null';
|
||||
|
||||
my $use_oink;
|
||||
my $without_idea = !1;
|
||||
|
||||
sub trace {
|
||||
return if !$Log;
|
||||
|
||||
$Log->seek(0,2);
|
||||
print $Log join '',@_;
|
||||
}
|
||||
|
||||
our %Subst=(
|
||||
CRYPTO_LIBS => '-lcrypto',
|
||||
ZLIB => '-lz',
|
||||
BZ2LIB => '-lbz2',
|
||||
CUNITLIB => '-lcunit',
|
||||
INCLUDES => '',
|
||||
CFLAGS => '',
|
||||
);
|
||||
|
||||
my %Args=(
|
||||
'--help' => \&usage,
|
||||
'--use-dmalloc' => sub {
|
||||
$Subst{DM_FLAGS}='-I/usr/local/include -DDMALLOC';
|
||||
$Subst{DM_LIB}='/usr/local/lib/libdmalloc.a';
|
||||
},
|
||||
'--with-openssl=' => sub {
|
||||
my $loc=shift;
|
||||
$Subst{INCLUDES}.=" -I $loc/include";
|
||||
$Subst{CRYPTO_LIBS}="$loc/lib/libcrypto.a";
|
||||
# assume developer version if library isn't in .../lib
|
||||
$Subst{CRYPTO_LIBS}="$loc/libcrypto.a"
|
||||
if !-f $Subst{CRYPTO_LIBS};
|
||||
},
|
||||
'--with-zlib=' => sub {
|
||||
my $loc=shift;
|
||||
$Subst{INCLUDES}.=" -I $loc";
|
||||
$Subst{ZLIB}="$loc/libz.a";
|
||||
},
|
||||
'--with-bz2lib=' => sub {
|
||||
my $loc=shift;
|
||||
$Subst{INCLUDES}.=" -I $loc";
|
||||
$Subst{BZ2LIB}="$loc/libbz2.a";
|
||||
},
|
||||
'--with-cunit=' => sub {
|
||||
my $loc=shift;
|
||||
$Subst{INCLUDES}.=" -I $loc/include";
|
||||
$Subst{CUNITLIB}="$loc/lib/libcunit.a";
|
||||
},
|
||||
'--with-otherlibs=' => sub {
|
||||
my $loc=shift;
|
||||
$Subst{OTHERLIBS}="$loc";
|
||||
},
|
||||
'--log=' => sub {
|
||||
$LogFile=shift;
|
||||
$Log=new IO::File(">$LogFile");
|
||||
$Log->autoflush(1);
|
||||
},
|
||||
'--without-idea' => sub {
|
||||
$Subst{CFLAGS}.=' -DOPENSSL_NO_IDEA';
|
||||
$without_idea = 1;
|
||||
},
|
||||
'--64' => sub {
|
||||
$Subst{CFLAGS}.=' -m64';
|
||||
$Subst{LDFLAGS}.=' -m64';
|
||||
},
|
||||
'--maintainer' => sub {
|
||||
$Subst{CFLAGS}.=' -fno-builtin';
|
||||
},
|
||||
'--cc=' => sub {
|
||||
my $cc=shift;
|
||||
$Subst{CC}=$cc;
|
||||
},
|
||||
'--oink=' => sub {
|
||||
$Subst{OINK}=shift;
|
||||
},
|
||||
);
|
||||
|
||||
my %Functions=(
|
||||
'socket' => { headers => ['sys/types.h','sys/socket.h'],
|
||||
call => 'socket(0,0,0)',
|
||||
libs => [[],['socket','nsl']] },
|
||||
);
|
||||
|
||||
my @Headers=qw(alloca.h);
|
||||
my @Types=qw(time_t);
|
||||
my @RHeaders=qw(openssl/bn.h zlib.h bzlib.h CUnit/Basic.h);
|
||||
|
||||
our %Knowledge=(
|
||||
cc => sub { return $Subst{CC} || chooseBinary('gcc','cc')
|
||||
|| croak 'Can\'t find C compiler'; },
|
||||
path => sub { return [split /:/,$ENV{PATH}]; },
|
||||
time_t => sub { return typeInfo('time_t','time.h'); },
|
||||
base_cflags => \&baseCFlags,
|
||||
is_gcc => \&isGCC,
|
||||
gcc_major => \&gccMajor,
|
||||
gcc_version => \&gccVersion,
|
||||
);
|
||||
|
||||
while(my $arg=shift) {
|
||||
my $arg2;
|
||||
if($arg =~ /^(.+=)(.+)$/) {
|
||||
$arg=$1;
|
||||
$arg2=$2;
|
||||
}
|
||||
my $code=$Args{$arg};
|
||||
croak "Don't understand: $arg" if !defined $code;
|
||||
&$code($arg2);
|
||||
}
|
||||
|
||||
if (! $without_idea) {
|
||||
push(@RHeaders, "openssl/idea.h");
|
||||
}
|
||||
|
||||
#my $os=`uname -s`;
|
||||
|
||||
$Subst{'CC'}=getKnowledge('cc');
|
||||
|
||||
$Subst{'CFLAGS'}.=' '.getKnowledge('base_cflags');
|
||||
|
||||
checkHeaders(\@RHeaders);
|
||||
|
||||
findHeaders(\@Headers);
|
||||
investigateTypes(\@Types);
|
||||
my $libs=findLibraries(\%Functions);
|
||||
$Subst{'LIBS'}=join(' ',map { "-l$_" } @$libs);
|
||||
checkVersions();
|
||||
#exit;
|
||||
|
||||
if($Subst{OINK}) {
|
||||
use Cwd;
|
||||
my $path=getcwd();
|
||||
$Subst{CC}="$path/util/oink_cc.pl --cc=$Subst{CC}";
|
||||
}
|
||||
|
||||
fixSubst();
|
||||
|
||||
my @gpgcmd = ("gpg","--version");
|
||||
print "Checking for existence of gpg\n";
|
||||
system (@gpgcmd) == 0
|
||||
or die "Cannot find gpg";
|
||||
|
||||
create('src/lib/.depend');
|
||||
create('src/app/.depend');
|
||||
create('tests/.depend');
|
||||
|
||||
fileSubst('src/Makefile','#','');
|
||||
fileSubst('src/lib/Makefile','#','');
|
||||
fileSubst('src/app/Makefile','#','');
|
||||
fileSubst('tests/Makefile','#','');
|
||||
fileSubst('util/Makefile.oink','#','');
|
||||
fileSubst('include/openpgpsdk/configure.h','/*','*/');
|
||||
|
||||
print "make packet-show-cast.h\n";
|
||||
system('cd include/openpgpsdk; make packet-show-cast.h') == 0 || exit;
|
||||
print "make clean\n";
|
||||
system('make clean') == 0 || exit;
|
||||
print "make force_depend\n";
|
||||
if(system('make force_depend') != 0) {
|
||||
print STDERR "Configuration failed\n";
|
||||
exit 1;
|
||||
}
|
||||
|
||||
sub subst {
|
||||
my $line=shift;
|
||||
|
||||
while(my($k,$v)=each %Subst) {
|
||||
$line =~ s/\%$k\%/$v/g;
|
||||
}
|
||||
$line =~ s/\%.+?\%//g;
|
||||
return $line;
|
||||
}
|
||||
|
||||
sub chooseBinary {
|
||||
my $path=getKnowledge('path');
|
||||
while(my $bin=shift) {
|
||||
foreach my $p (@$path) {
|
||||
return $bin if -x "$p/$bin";
|
||||
}
|
||||
}
|
||||
return 'false';
|
||||
}
|
||||
|
||||
our $indent;
|
||||
|
||||
sub indent {
|
||||
for my $n (2..$indent) {
|
||||
print " ";
|
||||
}
|
||||
}
|
||||
|
||||
sub showThing {
|
||||
my $rthing=shift;
|
||||
|
||||
if(ref $rthing eq 'SCALAR') {
|
||||
return $$rthing;
|
||||
} elsif(ref $rthing eq 'REF') {
|
||||
return showThing($$rthing);
|
||||
} elsif(ref $rthing eq 'ARRAY') {
|
||||
return join(' ',@$rthing);
|
||||
} elsif(ref $rthing eq 'HASH') {
|
||||
my $str;
|
||||
foreach my $k (keys %$rthing) {
|
||||
$str .= ' ' if $str;
|
||||
$str .= "$k -> $rthing->{$k}";
|
||||
}
|
||||
return $str;
|
||||
}
|
||||
|
||||
print "ref=", ref($rthing), "\n";
|
||||
return '?Can\'t display?';
|
||||
}
|
||||
|
||||
sub getKnowledge {
|
||||
my $thing=shift;
|
||||
|
||||
croak "Asked for nonexistent knowledge $thing"
|
||||
if !exists $Knowledge{$thing};
|
||||
|
||||
++$indent;
|
||||
if(ref $Knowledge{$thing} eq 'CODE') {
|
||||
indent();
|
||||
print "Finding $thing\n";
|
||||
$Knowledge{$thing}=&{$Knowledge{$thing}}();
|
||||
indent();
|
||||
print "Found $thing: ", showThing(\$Knowledge{$thing}), "\n";
|
||||
}
|
||||
--$indent;
|
||||
return $Knowledge{$thing};
|
||||
}
|
||||
|
||||
sub usage {
|
||||
foreach my $k (keys %Args) {
|
||||
print "$k\n";
|
||||
}
|
||||
exit;
|
||||
}
|
||||
|
||||
sub findHeaders {
|
||||
my $list=shift;
|
||||
|
||||
foreach my $h (@$list) {
|
||||
my $n='HAVE_'.uc $h;
|
||||
$n =~ s/[\.\/]/_/;
|
||||
print "Looking for header $h ($n)\n";
|
||||
if(-e "/usr/include/$h") {
|
||||
$Subst{$n}="#define $n 0";
|
||||
} else {
|
||||
$Subst{$n}="#undef $n";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
sub fileSubst {
|
||||
my $file=shift;
|
||||
my $cs=shift;
|
||||
my $ce=shift;
|
||||
|
||||
open(T,"$file.template") || croak "Can't open $file.template: $!";
|
||||
unlink $file;
|
||||
open(M,">$file") || croak "Can't create $file: $!";
|
||||
|
||||
print M "$cs generated by configure from $file.template. Don't edit. $ce\n\n";
|
||||
|
||||
while(my $line=<T>) {
|
||||
print M subst($line);
|
||||
}
|
||||
|
||||
close M;
|
||||
close T;
|
||||
|
||||
chmod 0444,"$file";
|
||||
}
|
||||
|
||||
sub fixSubst {
|
||||
foreach my $k (keys %Subst) {
|
||||
$Subst{$k} =~ s/~/$ENV{HOME}/g;
|
||||
}
|
||||
}
|
||||
|
||||
sub create {
|
||||
my $file=shift;
|
||||
|
||||
print "Creating $file\n";
|
||||
open(D,">$file") || croak "Can't create $file: $!";
|
||||
close D;
|
||||
}
|
||||
|
||||
sub build {
|
||||
my $code=shift;
|
||||
my $link=shift;
|
||||
|
||||
my $cc=getKnowledge('cc');
|
||||
my $fh=new File::Temp(SUFFIX => '.c');
|
||||
|
||||
my($v,$d,$f)=File::Spec->splitpath($fh->filename());
|
||||
|
||||
my $cur=File::Spec->rel2abs(File::Spec->curdir());
|
||||
chdir($d) || croak "chdir($d): $!";
|
||||
|
||||
print $fh $code;
|
||||
$fh->close();
|
||||
|
||||
my $cflag='';
|
||||
$cflag='-c' if !defined $link;
|
||||
my $cmd="$cc $Subst{CFLAGS} $Subst{INCLUDES} $cflag ".$f;
|
||||
$cmd.=" $link" if defined $link;
|
||||
trace("$cmd\n--code--\n$code--------\n");
|
||||
my $ret=system("$cmd >> $LogFile 2>&1");
|
||||
|
||||
my $obj=$fh->filename();
|
||||
$obj =~ s/\.c$/.o/;
|
||||
unlink($obj) || $! == ENOENT || croak "unlink($obj): $!";
|
||||
unlink('a.out') || $! == ENOENT || croak "unlink(a.out): $!";
|
||||
|
||||
chdir($cur) || croak "chdir($cur): $!";
|
||||
|
||||
return $ret == 0;
|
||||
}
|
||||
|
||||
sub typeInfo {
|
||||
my $type=shift;
|
||||
my $header=shift;
|
||||
|
||||
my %info;
|
||||
|
||||
print "Getting info about $type.\n";
|
||||
|
||||
foreach my $fmt (qw(%d %ld)) {
|
||||
my $code="#include <$header>\n";
|
||||
$code .= "#include <stdio.h>\n";
|
||||
$code .= "void f(void) { static $type t; printf(\"$fmt\",t); }\n";
|
||||
if(build($code)) {
|
||||
$info{fmt}=$fmt;
|
||||
print " $type printf format is $fmt\n";
|
||||
}
|
||||
}
|
||||
croak "Can't determine print format for $type" if !defined $info{fmt};
|
||||
|
||||
return \%info;
|
||||
}
|
||||
|
||||
sub investigateTypes {
|
||||
my $types=shift;
|
||||
|
||||
foreach my $type (@$types) {
|
||||
my $info=getKnowledge($type);
|
||||
$Subst{uc($type)."_FMT"}="\"$info->{fmt}\"";
|
||||
}
|
||||
}
|
||||
|
||||
sub checkHeaders {
|
||||
my $headers=shift;
|
||||
|
||||
foreach my $h (@$headers) {
|
||||
print "Check required header $h\n";
|
||||
build("#include <$h>\n") || croak "Can't find required header $h";
|
||||
}
|
||||
}
|
||||
|
||||
sub findLibraries {
|
||||
my $funcs=shift;
|
||||
|
||||
my @libs;
|
||||
func:
|
||||
foreach my $func (keys %$funcs) {
|
||||
print "Checking libraries for $func()\n";
|
||||
my $code=join("\n",map { "#include <$_>" }
|
||||
@{$funcs->{$func}->{headers}});
|
||||
$code.="\nint main() { $funcs->{$func}->{call}; return 0; }\n";
|
||||
foreach my $lgroup (@{$funcs->{$func}->{libs}}) {
|
||||
print " trying ",@$lgroup ? join(', ',@$lgroup) : 'no libraries';
|
||||
if(build($code,join(' ',map { "-l$_" } @$lgroup))) {
|
||||
push @libs,@$lgroup;
|
||||
print " ... OK\n";
|
||||
next func;
|
||||
}
|
||||
print " ... no\n";
|
||||
}
|
||||
}
|
||||
return \@libs;
|
||||
}
|
||||
|
||||
sub baseCFlags {
|
||||
my $flags='';
|
||||
if(getKnowledge('is_gcc')) {
|
||||
$flags='-Wall -Werror -W -g';
|
||||
# my $v=getKnowledge('gcc_major');
|
||||
# $flags.=' -Wdeclaration-after-statement' if $v >= 3;
|
||||
}
|
||||
return $flags;
|
||||
}
|
||||
|
||||
sub isGCC {
|
||||
my $cc=getKnowledge('cc');
|
||||
|
||||
my $ret=build("int main()\n{\n#ifndef __GNUC__\n syntax error\n#endif\n return 0; }\n");
|
||||
trace("isGCC=$ret\n");
|
||||
return $ret;
|
||||
}
|
||||
|
||||
sub gccVersion {
|
||||
return undef if !getKnowledge('is_gcc');
|
||||
|
||||
my $cc=getKnowledge('cc');
|
||||
my $vstr=`$cc --version`;
|
||||
|
||||
my($v)=$vstr =~ /(\d+\.\d+\.\d+)/;
|
||||
|
||||
trace("gcc version=$v\n");
|
||||
|
||||
return $v;
|
||||
}
|
||||
|
||||
sub gccMajor {
|
||||
my $v=getKnowledge('gcc_version');
|
||||
return undef if !defined $v;
|
||||
|
||||
($v)=$v =~ /^(\d+)/;
|
||||
|
||||
trace("gcc major=$v\n");
|
||||
|
||||
return $v;
|
||||
}
|
||||
|
||||
sub checkVersions {
|
||||
print "Checking for OpenSSL version\n";
|
||||
my $code = << "EOC";
|
||||
#include "openssl/sha.h"
|
||||
|
||||
static SHA256_CTX ctx;
|
||||
SHA256_CTX *f() { return &ctx; }
|
||||
EOC
|
||||
if(!build($code)) {
|
||||
croak "OpenSSL lacks SHA-256 support";
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -1,24 +0,0 @@
|
|||
OpenPGP:SDK has been run through coverity using the following options and
|
||||
commands.
|
||||
|
||||
$ svn co svn://openpgp.nominet.org.uk/openpgpsdk/trunk openpgpsdk
|
||||
|
||||
DO INITIAL CONFIGURATION
|
||||
|
||||
$ ./configure
|
||||
|
||||
BUILD COVERITY SOURCE:
|
||||
|
||||
$ cd src
|
||||
src$ cov-build --dir ../coverity/ make
|
||||
|
||||
ANALYZE:
|
||||
|
||||
src$ cd ../coverity
|
||||
coverity$ cov-analyze -e emit/ --outputdir output/ --enable VOLATILE --security --enable CHROOT --enable OPEN_ARGS --enable SECURE_CODING --enable SECURE_TEMP --enable TAINTED_POINTER --enable TOCTTOU
|
||||
|
||||
COMMIT ERRORS TO COVERITY DATABASE:
|
||||
|
||||
coverity$ cov-commit-errors -e ./emit -o ./output -d ./database/ --name <username>
|
||||
|
||||
|
|
@ -1,15 +0,0 @@
|
|||
# Just do user doc for the moment.
|
||||
all: doxy-user
|
||||
|
||||
doxy-user: doxygen-user.cfg
|
||||
[ -d doxy-user ] || mkdir doxy-user
|
||||
doxygen doxygen-user.cfg
|
||||
|
||||
doxy-dev: doxygen-dev.cfg
|
||||
[ -d doxy-dev ] || mkdir doxy-dev
|
||||
doxygen doxygen-dev.cfg
|
||||
|
||||
clean:
|
||||
rm -rf doxy-user doxy-dev
|
||||
|
||||
.PHONY: doxy-user doxy-dev
|
|
@ -1,122 +0,0 @@
|
|||
An open source library and command-line tools, licensed under the BSD
|
||||
licence, written in C, using the OpenSSL library and providing
|
||||
approximately the functionality specified below.
|
||||
|
||||
The libraries and tools will compile and run on the following
|
||||
operating systems:
|
||||
|
||||
FreeBSD
|
||||
Linux (Debian and Red Hat)
|
||||
Solaris
|
||||
|
||||
but will be written such that porting to other operating systems
|
||||
supported by OpenSSL will be possible.
|
||||
|
||||
As is usual with software, there will be no guarantee of 100% correct
|
||||
functionality, but the software will be written to professional
|
||||
standards. This specification does not constitute a commitment to
|
||||
fixing bugs or adding enhancements once the initial version is
|
||||
complete.
|
||||
|
||||
The library will comply with the IETF specification currently known as
|
||||
RFC2440bis.
|
||||
|
||||
API
|
||||
---
|
||||
|
||||
* Load keyring
|
||||
|
||||
* Save keyring
|
||||
|
||||
* Generate key
|
||||
|
||||
* Add key to keyring
|
||||
|
||||
* Find key in loaded keyring (by key ID, by UID)
|
||||
|
||||
* Generate subkey
|
||||
|
||||
* Revoke subkey
|
||||
|
||||
* Delete subkey
|
||||
|
||||
* Update subkey
|
||||
|
||||
* Delete key from keyring
|
||||
|
||||
* Add/remove UID
|
||||
|
||||
* Certify UID
|
||||
|
||||
* Revoke certification
|
||||
|
||||
* Sign message
|
||||
|
||||
* Verify, using any key in the keyring
|
||||
|
||||
* Verify, using specified key
|
||||
|
||||
* Encrypt, using a key
|
||||
|
||||
* Decrypt, using a key
|
||||
|
||||
* Import any object to GPG/PGP (key, keyring)
|
||||
|
||||
* Export any object
|
||||
|
||||
* (?)Query keyservers for keys
|
||||
|
||||
* (?)Export keys to keyservers
|
||||
|
||||
Keyserver stuff will be done if time/budget permits, otherwise will be
|
||||
a to-do item, since we can always use GPG externally to do it.
|
||||
|
||||
Also, "save/load/find/add/import/export keyring" will be pluggable, so
|
||||
we can use databases instead of flat files and in-memory keyrings.
|
||||
|
||||
We will support verification of signatures using v3 keys, and
|
||||
decryption of messages encrypted to v3 keys, but not signing or
|
||||
encryption.
|
||||
|
||||
Command-line
|
||||
------------
|
||||
|
||||
* List keys
|
||||
|
||||
* Find key
|
||||
|
||||
* Export key/keyring
|
||||
|
||||
* Import key/keyring
|
||||
|
||||
* Generate key
|
||||
|
||||
* Delete key
|
||||
|
||||
* Generate subkey
|
||||
|
||||
* Revoke subkey
|
||||
|
||||
* Delete subkey
|
||||
|
||||
* Update subkey
|
||||
|
||||
* Add UID
|
||||
|
||||
* Remove UID
|
||||
|
||||
* Certify UID
|
||||
|
||||
* Revoke certification
|
||||
|
||||
* Encrypt
|
||||
|
||||
* Decrypt
|
||||
|
||||
* Sign
|
||||
|
||||
* Verify
|
||||
|
||||
Note that at least the first phase is not aiming at super-smooth
|
||||
command-line utilities - these will be good enough for testing, rather
|
||||
than for general use.
|
File diff suppressed because it is too large
Load Diff
|
@ -1,37 +0,0 @@
|
|||
Nominet's requirements
|
||||
----------------------
|
||||
|
||||
We currently use the PGP APIs to do the following:
|
||||
- Load a key ring into memory.
|
||||
- Find a key in a key ring and store a reference to it.
|
||||
- Use a secure key to sign a message in clear text ascii armour
|
||||
(equiv. of pgp -sta)
|
||||
- Check the signature on a clear text signed message, giving back
|
||||
the contents, the key that signed it and the time at which it was
|
||||
signed. If the check fails, we need to know the reason why e.g. Was
|
||||
the signature corrupt, did it match the text, was the message in
|
||||
the correct format, has the key be revoked etc.
|
||||
- Add an ascii armoured key to a key ring held in memory.
|
||||
- Store a key ring held in memory back to disk.
|
||||
|
||||
We may also want to use standard encryption and decryption in the future.
|
||||
|
||||
Our requirements
|
||||
----------------
|
||||
|
||||
- encrypting, signing, decrypting, verifying documents.
|
||||
- creating keys
|
||||
- issuing key certifications and revocations
|
||||
- key signing
|
||||
- user id: add, remove, revoke
|
||||
- keyring handling (on disk storage)
|
||||
- keyserver querying fu
|
||||
- trust handling (a la gpg)
|
||||
- export of <everything>
|
||||
- import of <everything>
|
||||
|
||||
Specific non-requirements
|
||||
-------------------------
|
||||
|
||||
X We will not use GPG slave processes to do keyserver queries - nor
|
||||
any other slave process, this will be done entirely in-process.
|
|
@ -1,8 +0,0 @@
|
|||
The source code previously found in this directory has been moved to
|
||||
the sub-directory "original".
|
||||
|
||||
For examples of usage, we recommend that you refer to the command line
|
||||
application in openpgpsdk/src/app and the test suite in openpgpsdk/tests.
|
||||
|
||||
Rachel Willmer
|
||||
August 2008
|
|
@ -1,121 +0,0 @@
|
|||
DM_FLAGS=%DM_FLAGS%
|
||||
DM_LIB=%DM_LIB%
|
||||
CC=%CC%
|
||||
|
||||
CFLAGS=-Wall -Werror -g $(DM_FLAGS) -I../include %INCLUDES% %CFLAGS%
|
||||
LDFLAGS=-g %CFLAGS%
|
||||
LIBDEPS=common.o ../lib/libops.a
|
||||
LIBS=$(LIBDEPS) %CRYPTO_LIBS% %ZLIB% $(DM_LIB) %LIBS%
|
||||
EXES=packet-dump verify create-key verify2 sign-detached \
|
||||
sign-inline decrypt build-keyring encrypt
|
||||
# create-signed-key
|
||||
|
||||
all: Makefile .depend $(EXES)
|
||||
|
||||
test: test-dump test-verify test-verify-armoured test-create-key \
|
||||
test-v3-secring Makefile test-encrypt
|
||||
|
||||
../lib/libops.a::
|
||||
cd ../src && make
|
||||
|
||||
packet-dump: packet-dump.o $(LIBDEPS)
|
||||
$(CC) $(LDFLAGS) -o packet-dump packet-dump.o $(LIBS)
|
||||
|
||||
build-keyring: build-keyring.o $(LIBDEPS)
|
||||
$(CC) $(LDFLAGS) -o build-keyring build-keyring.o $(LIBS)
|
||||
|
||||
verify: verify.o $(LIBDEPS)
|
||||
$(CC) $(LDFLAGS) -o verify verify.o $(LIBS)
|
||||
|
||||
verify2: verify2.o $(LIBDEPS)
|
||||
$(CC) $(LDFLAGS) -o verify2 verify2.o $(LIBS)
|
||||
|
||||
create-key: create-key.o $(LIBDEPS)
|
||||
$(CC) $(LDFLAGS) -o create-key create-key.o $(LIBS)
|
||||
|
||||
create-signed-key: create-signed-key.o $(LIBDEPS)
|
||||
$(CC) $(LDFLAGS) -o create-signed-key create-signed-key.o $(LIBS)
|
||||
|
||||
sign-detached: sign-detached.o $(LIBDEPS)
|
||||
$(CC) $(LDFLAGS) -o sign-detached sign-detached.o $(LIBS)
|
||||
|
||||
sign-inline: sign-inline.o $(LIBDEPS)
|
||||
$(CC) $(LDFLAGS) -o sign-inline sign-inline.o $(LIBS)
|
||||
|
||||
decrypt: decrypt.o $(LIBDEPS)
|
||||
$(CC) $(LDFLAGS) -o decrypt decrypt.o $(LIBS)
|
||||
|
||||
encrypt: encrypt.o $(LIBDEPS)
|
||||
$(CC) $(LDFLAGS) -o encrypt encrypt.o $(LIBS)
|
||||
|
||||
tags:
|
||||
rm -f TAGS
|
||||
find . -name '*.[ch]' | xargs etags -a
|
||||
|
||||
clean:
|
||||
rm -f $(EXES) *.o *.i
|
||||
rm -f TAGS
|
||||
|
||||
.depend: *.[ch] ../include/openpgpsdk/*.h
|
||||
$(CC) $(CFLAGS) -E -M *.c > .depend
|
||||
|
||||
force_depend:
|
||||
$(CC) $(CFLAGS) -E -M *.c > .depend
|
||||
|
||||
Makefile: Makefile.template ../configure
|
||||
echo Makefile is older than templates, rerun configure.
|
||||
exit 1
|
||||
|
||||
# tests
|
||||
|
||||
SCRATCH=../scratch
|
||||
|
||||
$(SCRATCH):
|
||||
mkdir $(SCRATCH)
|
||||
|
||||
test-dump: packet-dump
|
||||
./packet-dump ../test/dsa-public-key-2118CF83.raw
|
||||
./packet-dump ../test/rsa-public-key-2719AF35.raw
|
||||
./packet-dump ../test/signtest.gpg
|
||||
./packet-dump ../test/subpacket-10.raw
|
||||
./packet-dump ../test/user-attribute-key.raw
|
||||
./packet-dump ../test/subpacket-28.raw
|
||||
|
||||
test-verify: verify
|
||||
./verify ../test/dsa-public-key-2118CF83.raw
|
||||
./verify ../test/rsa-public-key-2719AF35.raw
|
||||
./verify ../test/signtest.gpg
|
||||
./verify ../test/subpacket-10.raw
|
||||
./verify ../test/user-attribute-key.raw
|
||||
./verify ../test/subpacket-28.raw
|
||||
|
||||
test-verify-armoured: verify2
|
||||
./verify2 -a ../test/rsa-public-key-2719AF35.raw ../test/clearsign.txt
|
||||
|
||||
test-create-key: $(SCRATCH)/key.sec $(SCRATCH)/key.pub
|
||||
|
||||
$(SCRATCH)/key.sec $(SCRATCH)/key.pub: $(SCRATCH) create-signed-key
|
||||
./create-signed-key "A Test Key" $(SCRATCH)/key.sec $(SCRATCH)/key.pub
|
||||
|
||||
test-sign-detached: $(SCRATCH)/key.sec sign-detached
|
||||
echo "Sign this!" > $(SCRATCH)/to-be-signed-detached
|
||||
./sign-detached $(SCRATCH)/key.sec "Why a user ID?" SHA1 $(SCRATCH)/to-be-signed-detached $(SCRATCH)/to-be-signed-detached.sig
|
||||
|
||||
test-sign-inline: $(SCRATCH)/key.sec sign-inline
|
||||
echo "Sign this!" > $(SCRATCH)/to-be-signed-inline
|
||||
echo "- test dash-escaping" >> $(SCRATCH)/to-be-signed-inline
|
||||
echo "and test trailing whitespace " >> $(SCRATCH)/to-be-signed-inline
|
||||
./sign-inline $(SCRATCH)/key.sec "Why a user ID?" SHA1 $(SCRATCH)/to-be-signed-inline $(SCRATCH)/to-be-signed-inline.sig
|
||||
|
||||
test-v3-secring: packet-dump
|
||||
echo "passphrase is 'fred'"
|
||||
./packet-dump -p ../test/v3-secring.pgp
|
||||
|
||||
$(SCRATCH)/t1.sec $(SCRATCH)/t1.pub:
|
||||
./create-gpg-key.sh
|
||||
|
||||
test-encrypt: encrypt $(SCRATCH)/t1.pub
|
||||
echo 'Test encryption' | ./encrypt $(SCRATCH)/t1.pub "OPS Test (This is a test) <ops@links.org>" > $(SCRATCH)/encrypted
|
||||
gpg --no-default-keyring --secret-keyring $(SCRATCH)/t1.sec $(SCRATCH)/encrypted
|
||||
|
||||
include .depend
|
File diff suppressed because it is too large
Load Diff
|
@ -1,42 +0,0 @@
|
|||
#include "common.h"
|
||||
#include <openpgpsdk/util.h>
|
||||
#include <memory.h>
|
||||
#include <fcntl.h>
|
||||
#include <assert.h>
|
||||
|
||||
#include <openpgpsdk/final.h>
|
||||
|
||||
static ops_parse_cb_return_t
|
||||
callback(const ops_parser_content_t *content,ops_parse_cb_info_t *cbinfo)
|
||||
{
|
||||
ops_secret_key_t **skey=ops_parse_cb_get_arg(cbinfo);
|
||||
|
||||
if(content->tag == OPS_PTAG_CT_SECRET_KEY)
|
||||
{
|
||||
*skey=malloc(sizeof **skey);
|
||||
memcpy(*skey,&content->content.secret_key,sizeof **skey);
|
||||
return OPS_KEEP_MEMORY;
|
||||
}
|
||||
|
||||
return OPS_RELEASE_MEMORY;
|
||||
}
|
||||
|
||||
ops_secret_key_t *get_secret_key(const char *keyfile)
|
||||
{
|
||||
ops_parse_info_t *pinfo;
|
||||
ops_secret_key_t *skey;
|
||||
int fd;
|
||||
|
||||
pinfo=ops_parse_info_new();
|
||||
|
||||
skey=NULL;
|
||||
ops_parse_cb_set(pinfo,callback,&skey);
|
||||
|
||||
fd=open(keyfile,O_RDONLY);
|
||||
assert(fd >= 0);
|
||||
ops_reader_set_fd(pinfo,fd);
|
||||
|
||||
ops_parse(pinfo);
|
||||
|
||||
return skey;
|
||||
}
|
|
@ -1,3 +0,0 @@
|
|||
#include <openpgpsdk/packet-parse.h>
|
||||
|
||||
ops_secret_key_t *get_secret_key(const char *keyfile);
|
|
@ -1,17 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
# Make a GPG keyring for testing purposes...
|
||||
|
||||
rm -f ../test/t2.pub ../test/t2.sec
|
||||
|
||||
gpg --gen-key --batch <<EOF
|
||||
#%dry-run
|
||||
%pubring ../test/t2.pub
|
||||
%secring ../test/t2.sec
|
||||
Key-Type: rsa
|
||||
Name-Real: OPS Test
|
||||
Name-Comment: This is a test
|
||||
Name-Email: ops@links.org
|
||||
Passphrase: xxx
|
||||
%commit
|
||||
EOF
|
|
@ -1,18 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
# Make a GPG keyring for testing purposes...
|
||||
|
||||
mkdir -p ../scratch
|
||||
|
||||
rm -f ../scratch/t1.pub ../scratch/t1.sec
|
||||
|
||||
gpg --gen-key --batch <<EOF
|
||||
#%dry-run
|
||||
%pubring ../scratch/t1.pub
|
||||
%secring ../scratch/t1.sec
|
||||
Key-Type: rsa
|
||||
Name-Real: OPS Test
|
||||
Name-Comment: This is a test
|
||||
Name-Email: ops@links.org
|
||||
%commit
|
||||
EOF
|
|
@ -1,38 +0,0 @@
|
|||
#include <openpgpsdk/create.h>
|
||||
#include <openpgpsdk/util.h>
|
||||
#include <stdio.h>
|
||||
|
||||
#include <openpgpsdk/final.h>
|
||||
|
||||
int main(int argc,char **argv)
|
||||
{
|
||||
ops_create_info_t *info;
|
||||
const unsigned char *id;
|
||||
const char *nstr;
|
||||
const char *estr;
|
||||
BIGNUM *n=NULL;
|
||||
BIGNUM *e=NULL;
|
||||
|
||||
if(argc != 4)
|
||||
{
|
||||
fprintf(stderr,"%s <n> <e> <user id>\n",argv[0]);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
nstr=argv[1];
|
||||
estr=argv[2];
|
||||
id=(unsigned char *)argv[3];
|
||||
|
||||
BN_hex2bn(&n,nstr);
|
||||
BN_hex2bn(&e,estr);
|
||||
|
||||
info=ops_create_info_new();
|
||||
ops_writer_set_fd(info,1);
|
||||
|
||||
ops_write_rsa_public_key(time(NULL),n,e,info);
|
||||
ops_write_user_id(id,info);
|
||||
|
||||
ops_create_info_delete(info);
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -1,114 +0,0 @@
|
|||
#include "common.h"
|
||||
#include <openpgpsdk/create.h>
|
||||
#include <openpgpsdk/util.h>
|
||||
#include <openpgpsdk/signature.h>
|
||||
#include <openpgpsdk/packet-parse.h>
|
||||
#include <openssl/rsa.h>
|
||||
#include <stdio.h>
|
||||
#include <fcntl.h>
|
||||
#include <string.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include <openpgpsdk/final.h>
|
||||
|
||||
// XXX: rename to create-self-signed-key
|
||||
|
||||
/*
|
||||
* Slightly strange beast that might get replaced later - it needs
|
||||
* some other OpenPGP package to generate a key for it to use - this
|
||||
* is because we don't have a way to generate our own (yet).
|
||||
*/
|
||||
|
||||
int main(int argc,char **argv)
|
||||
{
|
||||
ops_create_info_t *info;
|
||||
ops_create_signature_t *sig;
|
||||
ops_user_id_t id;
|
||||
unsigned char keyid[OPS_KEY_ID_SIZE];
|
||||
unsigned char *user_id; /* not const coz we use _fast_ */
|
||||
ops_secret_key_t skey;
|
||||
RSA *rsa;
|
||||
const char *secfile;
|
||||
const char *pubfile;
|
||||
BIGNUM *f4;
|
||||
int fd;
|
||||
|
||||
if(argc != 4)
|
||||
{
|
||||
fprintf(stderr,"%s <user_id> <secret key file> <public key file>\n",
|
||||
argv[0]);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
user_id=(unsigned char *)argv[1];
|
||||
secfile=argv[2];
|
||||
pubfile=argv[3];
|
||||
|
||||
ops_init();
|
||||
|
||||
f4=BN_new();
|
||||
BN_set_word(f4,RSA_F4);
|
||||
|
||||
rsa=RSA_new();
|
||||
RSA_generate_key_ex(rsa,1024,f4,NULL);
|
||||
|
||||
info=ops_create_info_new();
|
||||
|
||||
// OpenSSL has p and q reversed relative to OpenPGP
|
||||
ops_fast_create_rsa_secret_key(&skey,time(NULL),rsa->d,rsa->q,rsa->p,
|
||||
rsa->iqmp,rsa->n,rsa->e);
|
||||
|
||||
fd=open(secfile,O_CREAT|O_TRUNC|O_WRONLY,0666);
|
||||
if(fd < 0)
|
||||
{
|
||||
perror(secfile);
|
||||
exit(2);
|
||||
}
|
||||
ops_writer_set_fd(info,fd);
|
||||
|
||||
ops_write_struct_secret_key(&skey,info);
|
||||
|
||||
ops_writer_close(info);
|
||||
|
||||
close(fd);
|
||||
|
||||
fd=open(pubfile,O_CREAT|O_TRUNC|O_WRONLY,0666);
|
||||
if(fd < 0)
|
||||
{
|
||||
perror(pubfile);
|
||||
exit(2);
|
||||
}
|
||||
ops_writer_set_fd(info,fd);
|
||||
|
||||
ops_write_struct_public_key(&skey.public_key,info);
|
||||
|
||||
ops_fast_create_user_id(&id,user_id);
|
||||
ops_write_struct_user_id(&id,info);
|
||||
|
||||
sig=ops_create_signature_new();
|
||||
|
||||
ops_signature_start_key_signature(sig,&skey.public_key,&id,
|
||||
OPS_CERT_POSITIVE);
|
||||
ops_signature_add_creation_time(sig,time(NULL));
|
||||
|
||||
ops_keyid(keyid,&skey.public_key);
|
||||
ops_signature_add_issuer_key_id(sig,keyid);
|
||||
|
||||
ops_signature_add_primary_user_id(sig,ops_true);
|
||||
|
||||
ops_signature_hashed_subpackets_end(sig);
|
||||
|
||||
ops_write_signature(sig,&skey.public_key,&skey,info);
|
||||
|
||||
ops_create_signature_delete(sig);
|
||||
ops_create_info_delete(info);
|
||||
|
||||
close(fd);
|
||||
|
||||
RSA_free(rsa);
|
||||
BN_free(f4);
|
||||
|
||||
ops_finish();
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -1,192 +0,0 @@
|
|||
#include <openpgpsdk/packet-parse.h>
|
||||
#include <openpgpsdk/util.h>
|
||||
#include <openpgpsdk/keyring.h>
|
||||
#include <openpgpsdk/accumulate.h>
|
||||
#include <openpgpsdk/armour.h>
|
||||
#include <openpgpsdk/std_print.h>
|
||||
|
||||
#include <unistd.h>
|
||||
#include <string.h>
|
||||
#include <fcntl.h>
|
||||
#include <assert.h>
|
||||
|
||||
#include <openpgpsdk/final.h>
|
||||
|
||||
static char *pname;
|
||||
static ops_keyring_t keyring;
|
||||
|
||||
static ops_parse_cb_return_t
|
||||
callback(const ops_parser_content_t *content_,ops_parse_cb_info_t *cbinfo)
|
||||
{
|
||||
ops_parser_content_union_t* content=(ops_parser_content_union_t *)&content_->content;
|
||||
static ops_boolean_t skipping;
|
||||
static const ops_keydata_t *decrypter;
|
||||
|
||||
OPS_USED(cbinfo);
|
||||
|
||||
ops_print_packet(content_);
|
||||
|
||||
if(content_->tag != OPS_PTAG_CT_UNARMOURED_TEXT && skipping)
|
||||
{
|
||||
puts("...end of skip");
|
||||
skipping=ops_false;
|
||||
}
|
||||
|
||||
switch(content_->tag)
|
||||
{
|
||||
case OPS_PTAG_CT_UNARMOURED_TEXT:
|
||||
printf("OPS_PTAG_CT_UNARMOURED_TEXT\n");
|
||||
if(!skipping)
|
||||
{
|
||||
puts("Skipping...");
|
||||
skipping=ops_true;
|
||||
}
|
||||
fwrite(content->unarmoured_text.data,1,
|
||||
content->unarmoured_text.length,stdout);
|
||||
break;
|
||||
|
||||
case OPS_PTAG_CT_ARMOUR_HEADER:
|
||||
printf ("OPS_PTAG_CT_ARMOUR_HEADER\n");
|
||||
break;
|
||||
|
||||
case OPS_PARSER_PTAG:
|
||||
printf ("OPS_PARSER_PTAG\n");
|
||||
break;
|
||||
|
||||
case OPS_PTAG_CT_PK_SESSION_KEY:
|
||||
printf ("OPS_PTAG_CT_PK_SESSION_KEY\n");
|
||||
if(decrypter)
|
||||
break;
|
||||
|
||||
printf("looking for key\n");
|
||||
decrypter=ops_keyring_find_key_by_id(&keyring,
|
||||
content->pk_session_key.key_id);
|
||||
if(!decrypter)
|
||||
break;
|
||||
printf("found key\n");
|
||||
break;
|
||||
|
||||
case OPS_PTAG_CT_SE_IP_DATA_HEADER:
|
||||
printf("TBD: OPS_PTAG_CT_SE_IP_DATA_HEADER\n");
|
||||
break;
|
||||
|
||||
case OPS_PTAG_CT_SE_IP_DATA_BODY:
|
||||
printf("TBD: OPS_PTAG_CT_SE_IP_DATA_BODY\n");
|
||||
/* decrypt it here */
|
||||
break;
|
||||
|
||||
case OPS_PARSER_CMD_GET_SECRET_KEY:
|
||||
printf("TBD: OPS_PARSER_CMD_GET_SECRET_KEY\n");
|
||||
const ops_keydata_t* key=ops_keyring_find_key_by_id(&keyring,content->get_secret_key.pk_session_key->key_id);
|
||||
if (!key || !ops_key_is_secret(key))
|
||||
return 0;
|
||||
|
||||
ops_set_secret_key(content,key);
|
||||
|
||||
break;
|
||||
|
||||
case OPS_PTAG_CT_ENCRYPTED_PK_SESSION_KEY:
|
||||
printf("TBD: OPS_PTAG_CT_ENCRYPTED_PK_SESSION_KEY\n");
|
||||
break;
|
||||
|
||||
case OPS_PTAG_CT_COMPRESSED:
|
||||
case OPS_PTAG_CT_LITERAL_DATA_HEADER:
|
||||
case OPS_PTAG_CT_LITERAL_DATA_BODY:
|
||||
// Ignore these packets
|
||||
// They're handled in ops_parse_one_packet()
|
||||
// and nothing else needs to be done
|
||||
break;
|
||||
|
||||
default:
|
||||
fprintf(stderr,"Unexpected packet tag=%d (0x%x)\n",content_->tag,
|
||||
content_->tag);
|
||||
assert(0);
|
||||
}
|
||||
|
||||
return OPS_RELEASE_MEMORY;
|
||||
}
|
||||
|
||||
static void usage()
|
||||
{
|
||||
fprintf(stderr,"%s [-a] -k <keyring> -e <file to decrypt>\n",pname);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
int main(int argc,char **argv)
|
||||
{
|
||||
ops_parse_info_t *pinfo;
|
||||
int fd;
|
||||
const char *keyfile=(const char *)NULL;
|
||||
const char *encfile=(const char *)NULL;
|
||||
ops_boolean_t armour=ops_false;
|
||||
int ch;
|
||||
|
||||
pname=argv[0];
|
||||
|
||||
while((ch=getopt(argc,argv,"ak:e:")) != -1)
|
||||
switch(ch)
|
||||
{
|
||||
case 'a':
|
||||
armour=ops_true;
|
||||
break;
|
||||
|
||||
case 'k':
|
||||
keyfile=optarg;
|
||||
break;
|
||||
|
||||
case 'e':
|
||||
encfile=optarg;
|
||||
break;
|
||||
|
||||
default:
|
||||
usage();
|
||||
}
|
||||
|
||||
argc-=optind;
|
||||
argv+=optind;
|
||||
|
||||
if (argc!=0)
|
||||
{
|
||||
usage();
|
||||
exit(1);
|
||||
}
|
||||
|
||||
if (!keyfile || !encfile)
|
||||
{
|
||||
usage();
|
||||
exit(1);
|
||||
}
|
||||
|
||||
ops_init();
|
||||
|
||||
ops_keyring_read(&keyring,keyfile);
|
||||
|
||||
pinfo=ops_parse_info_new();
|
||||
|
||||
fd=open(encfile,O_RDONLY);
|
||||
if(fd < 0)
|
||||
{
|
||||
perror(encfile);
|
||||
exit(2);
|
||||
}
|
||||
|
||||
// Now do file
|
||||
ops_reader_set_fd(pinfo,fd);
|
||||
|
||||
ops_parse_cb_set(pinfo,callback,NULL);
|
||||
|
||||
if(armour)
|
||||
ops_reader_push_dearmour(pinfo,ops_false,ops_false,ops_false);
|
||||
|
||||
ops_parse(pinfo);
|
||||
|
||||
if(armour)
|
||||
ops_reader_pop_dearmour(pinfo);
|
||||
|
||||
ops_keyring_free(&keyring);
|
||||
ops_finish();
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
mkdir -p ../scratch
|
||||
|
||||
cat > ../scratch/to-be-encrypted <<EOF
|
||||
Just a small test
|
||||
|
||||
Over a few lines, why not?
|
||||
|
||||
EOF
|
||||
|
||||
rm -f ../scratch/to-be-encrypted.gpg
|
||||
|
||||
gpg --trust-model always --no-default-keyring --secret-keyring ../scratch/t1.sec --keyring ../scratch/t1.pub --recipient ops@links.org --batch --encrypt ../scratch/to-be-encrypted
|
|
@ -1,56 +0,0 @@
|
|||
#include <openpgpsdk/create.h>
|
||||
#include <openpgpsdk/crypto.h>
|
||||
#include <openpgpsdk/keyring.h>
|
||||
#include <unistd.h>
|
||||
#include <stdlib.h>
|
||||
#include <assert.h>
|
||||
|
||||
int main(int argc,char **argv)
|
||||
{
|
||||
const char *keyfile;
|
||||
const char *user_id;
|
||||
ops_keyring_t keyring;
|
||||
const ops_keydata_t *key;
|
||||
ops_create_info_t *info;
|
||||
|
||||
if(argc != 3)
|
||||
{
|
||||
fprintf(stderr, "%s <keyfile> <user_id>\n", argv[0]);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
keyfile = argv[1];
|
||||
user_id = argv[2];
|
||||
|
||||
ops_init();
|
||||
ops_keyring_read(&keyring, keyfile);
|
||||
|
||||
key = ops_keyring_find_key_by_userid(&keyring, user_id);
|
||||
if (!key)
|
||||
{
|
||||
printf("No key found for user %s in keyring %s\n", user_id, keyfile);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
info = ops_create_info_new();
|
||||
ops_writer_set_fd(info, 1); // stdout for now
|
||||
ops_writer_push_encrypt_keydata(info, key);
|
||||
|
||||
for( ; ; )
|
||||
{
|
||||
unsigned char buf[8192];
|
||||
int n;
|
||||
|
||||
n=read(0,buf,sizeof buf);
|
||||
if(!n)
|
||||
break;
|
||||
if(n < 0)
|
||||
{
|
||||
perror("stdin");
|
||||
exit(4);
|
||||
}
|
||||
ops_write(buf,n,info);
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
File diff suppressed because it is too large
Load Diff
|
@ -1,102 +0,0 @@
|
|||
/* Sign a plaintext message with a key, producing a detached signature */
|
||||
|
||||
#include "common.h"
|
||||
#include <openpgpsdk/crypto.h>
|
||||
#include <openpgpsdk/signature.h>
|
||||
#include <stdlib.h>
|
||||
#include <assert.h>
|
||||
#include <fcntl.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include <openpgpsdk/final.h>
|
||||
|
||||
int main(int argc,char **argv)
|
||||
{
|
||||
const char *keyfile;
|
||||
const char *plainfile;
|
||||
const char *user_id;
|
||||
const char *hashstr;
|
||||
const char *sigfile;
|
||||
ops_secret_key_t *skey;
|
||||
ops_create_signature_t *sig;
|
||||
ops_hash_algorithm_t alg;
|
||||
int fd;
|
||||
ops_create_info_t *info;
|
||||
unsigned char keyid[OPS_KEY_ID_SIZE];
|
||||
|
||||
if(argc != 6)
|
||||
{
|
||||
fprintf(stderr,"%s <secret key file> <user_id> <hash> <plaintext file>"
|
||||
" <signature file>\n",argv[0]);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
keyfile=argv[1];
|
||||
user_id=argv[2];
|
||||
hashstr=argv[3];
|
||||
plainfile=argv[4];
|
||||
sigfile=argv[5];
|
||||
|
||||
ops_init();
|
||||
|
||||
skey=get_secret_key(keyfile);
|
||||
assert(skey);
|
||||
|
||||
alg=ops_hash_algorithm_from_text(hashstr);
|
||||
if(alg == OPS_HASH_UNKNOWN)
|
||||
{
|
||||
fprintf(stderr,"Unkonwn hash algorithm: %s\n",hashstr);
|
||||
exit(2);
|
||||
}
|
||||
|
||||
sig=ops_create_signature_new();
|
||||
ops_signature_start_cleartext_signature(sig,skey,alg,OPS_SIG_BINARY);
|
||||
|
||||
fd=open(plainfile,O_RDONLY);
|
||||
if(fd < 0)
|
||||
{
|
||||
perror(plainfile);
|
||||
exit(3);
|
||||
}
|
||||
|
||||
for( ; ; )
|
||||
{
|
||||
unsigned char buf[8192];
|
||||
int n;
|
||||
|
||||
n=read(fd,buf,sizeof buf);
|
||||
if(!n)
|
||||
break;
|
||||
if(n < 0)
|
||||
{
|
||||
perror(plainfile);
|
||||
exit(4);
|
||||
}
|
||||
ops_signature_add_data(sig,buf,n);
|
||||
}
|
||||
|
||||
close(fd);
|
||||
|
||||
ops_signature_add_creation_time(sig,time(NULL));
|
||||
|
||||
ops_keyid(keyid,&skey->public_key);
|
||||
ops_signature_add_issuer_key_id(sig,keyid);
|
||||
|
||||
ops_signature_hashed_subpackets_end(sig);
|
||||
|
||||
fd=open(sigfile,O_CREAT|O_TRUNC|O_WRONLY,0666);
|
||||
if(fd < 0)
|
||||
{
|
||||
perror(sigfile);
|
||||
exit(5);
|
||||
}
|
||||
|
||||
info=ops_create_info_new();
|
||||
ops_writer_set_fd(info,fd);
|
||||
|
||||
ops_write_signature(sig,&skey->public_key,skey,info);
|
||||
|
||||
ops_secret_key_free(skey);
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -1,109 +0,0 @@
|
|||
/* Sign an ASCII plaintext message with a key, producing a
|
||||
dash-escaped message with inline signature. */
|
||||
|
||||
#include "common.h"
|
||||
#include <openpgpsdk/crypto.h>
|
||||
#include <openpgpsdk/signature.h>
|
||||
#include <openpgpsdk/armour.h>
|
||||
#include <stdlib.h>
|
||||
#include <assert.h>
|
||||
#include <fcntl.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include <openpgpsdk/final.h>
|
||||
|
||||
int main(int argc,char **argv)
|
||||
{
|
||||
const char *keyfile;
|
||||
const char *plainfile;
|
||||
const char *user_id;
|
||||
const char *hashstr;
|
||||
const char *sigfile;
|
||||
ops_secret_key_t *skey;
|
||||
ops_create_signature_t *sig;
|
||||
ops_hash_algorithm_t alg;
|
||||
int fd;
|
||||
ops_create_info_t *info;
|
||||
unsigned char keyid[OPS_KEY_ID_SIZE];
|
||||
|
||||
if(argc != 6)
|
||||
{
|
||||
fprintf(stderr,"%s <secret key file> <user_id> <hash> <plaintext file>"
|
||||
" <signature file>\n",argv[0]);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
keyfile=argv[1];
|
||||
user_id=argv[2];
|
||||
hashstr=argv[3];
|
||||
plainfile=argv[4];
|
||||
sigfile=argv[5];
|
||||
|
||||
ops_init();
|
||||
|
||||
skey=get_secret_key(keyfile);
|
||||
assert(skey);
|
||||
|
||||
alg=ops_hash_algorithm_from_text(hashstr);
|
||||
if(alg == OPS_HASH_UNKNOWN)
|
||||
{
|
||||
fprintf(stderr,"Unkonwn hash algorithm: %s\n",hashstr);
|
||||
exit(2);
|
||||
}
|
||||
|
||||
sig=ops_create_signature_new();
|
||||
ops_signature_start_cleartext_signature(sig,skey,alg,OPS_SIG_BINARY);
|
||||
|
||||
fd=open(sigfile,O_CREAT|O_TRUNC|O_WRONLY,0666);
|
||||
if(fd < 0)
|
||||
{
|
||||
perror(sigfile);
|
||||
exit(5);
|
||||
}
|
||||
|
||||
info=ops_create_info_new();
|
||||
ops_writer_set_fd(info,fd);
|
||||
ops_writer_push_clearsigned(info,sig);
|
||||
|
||||
fd=open(plainfile,O_RDONLY);
|
||||
if(fd < 0)
|
||||
{
|
||||
perror(plainfile);
|
||||
exit(3);
|
||||
}
|
||||
|
||||
for( ; ; )
|
||||
{
|
||||
unsigned char buf[8192];
|
||||
int n;
|
||||
|
||||
n=read(fd,buf,sizeof buf);
|
||||
if(!n)
|
||||
break;
|
||||
if(n < 0)
|
||||
{
|
||||
perror(plainfile);
|
||||
exit(4);
|
||||
}
|
||||
ops_write(buf,n,info);
|
||||
}
|
||||
|
||||
close(fd);
|
||||
|
||||
ops_writer_switch_to_armoured_signature(info);
|
||||
|
||||
ops_signature_add_creation_time(sig,time(NULL));
|
||||
|
||||
ops_keyid(keyid,&skey->public_key);
|
||||
ops_signature_add_issuer_key_id(sig,keyid);
|
||||
|
||||
ops_signature_hashed_subpackets_end(sig);
|
||||
|
||||
ops_write_signature(sig,&skey->public_key,skey,info);
|
||||
|
||||
ops_writer_close(info);
|
||||
|
||||
ops_secret_key_free(skey);
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -1,69 +0,0 @@
|
|||
#include <openpgpsdk/packet.h>
|
||||
#include <openpgpsdk/packet-parse.h>
|
||||
#include <openpgpsdk/util.h>
|
||||
#include <openpgpsdk/accumulate.h>
|
||||
#include <openpgpsdk/keyring.h>
|
||||
#include <openpgpsdk/validate.h>
|
||||
#include <unistd.h>
|
||||
#include <string.h>
|
||||
#include <fcntl.h>
|
||||
|
||||
#include <openpgpsdk/final.h>
|
||||
|
||||
int main(int argc,char **argv)
|
||||
{
|
||||
ops_parse_info_t *pinfo;
|
||||
ops_keyring_t keyring;
|
||||
const char *target;
|
||||
int fd;
|
||||
ops_validate_result_t result;
|
||||
|
||||
if(argc != 2)
|
||||
{
|
||||
fprintf(stderr,"%s <file to verify>\n",argv[0]);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
target=argv[1];
|
||||
|
||||
ops_init();
|
||||
|
||||
memset(&keyring,'\0',sizeof keyring);
|
||||
|
||||
pinfo=ops_parse_info_new();
|
||||
|
||||
if(!strcmp(target,"-"))
|
||||
fd=0;
|
||||
else
|
||||
{
|
||||
fd=open(target,O_RDONLY);
|
||||
if(fd < 0)
|
||||
{
|
||||
perror(target);
|
||||
exit(2);
|
||||
}
|
||||
}
|
||||
|
||||
ops_reader_set_fd(pinfo,fd);
|
||||
|
||||
ops_parse_and_accumulate(&keyring,pinfo);
|
||||
|
||||
ops_dump_keyring(&keyring);
|
||||
|
||||
ops_validate_all_signatures(&result,&keyring);
|
||||
|
||||
ops_keyring_free(&keyring);
|
||||
|
||||
ops_parse_info_delete(pinfo);
|
||||
|
||||
ops_finish();
|
||||
|
||||
printf("valid signatures = %d\n",result.valid_count);
|
||||
printf("invalid signatures = %d\n",result.invalid_count);
|
||||
printf("unknown signer = %d\n",result.unknown_signer_count);
|
||||
|
||||
if(result.invalid_count)
|
||||
return 1;
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -1,214 +0,0 @@
|
|||
#include <openpgpsdk/packet.h>
|
||||
#include <openpgpsdk/packet-parse.h>
|
||||
#include <openpgpsdk/util.h>
|
||||
#include <openpgpsdk/accumulate.h>
|
||||
#include <openpgpsdk/keyring.h>
|
||||
#include <openpgpsdk/armour.h>
|
||||
#include <openpgpsdk/crypto.h>
|
||||
#include <openpgpsdk/signature.h>
|
||||
#include <unistd.h>
|
||||
#include <string.h>
|
||||
#include <fcntl.h>
|
||||
#include <assert.h>
|
||||
|
||||
#include <openpgpsdk/final.h>
|
||||
|
||||
const char *pname;
|
||||
|
||||
static void usage()
|
||||
{
|
||||
fprintf(stderr,"%s [-a] <keyring> <file to verify>\n",pname);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
static ops_keyring_t keyring;
|
||||
static unsigned length;
|
||||
static unsigned char *signed_data;
|
||||
static ops_hash_t *signed_hash;
|
||||
|
||||
// FIXME: should this be a part of the library?
|
||||
static ops_parse_cb_return_t
|
||||
callback(const ops_parser_content_t *content_,ops_parse_cb_info_t *cbinfo)
|
||||
{
|
||||
const ops_parser_content_union_t *content=&content_->content;
|
||||
const ops_keydata_t *signer;
|
||||
|
||||
OPS_USED(cbinfo);
|
||||
|
||||
switch(content_->tag)
|
||||
{
|
||||
case OPS_PTAG_CT_SIGNED_CLEARTEXT_HEADER:
|
||||
if(signed_data)
|
||||
{
|
||||
free(signed_data);
|
||||
signed_data=NULL;
|
||||
length=0;
|
||||
}
|
||||
assert(length == 0);
|
||||
break;
|
||||
|
||||
case OPS_PTAG_CT_SIGNED_CLEARTEXT_BODY:
|
||||
signed_data=realloc(signed_data,
|
||||
length+content->signed_cleartext_body.length);
|
||||
memcpy(signed_data+length,content->signed_cleartext_body.data,
|
||||
content->signed_cleartext_body.length);
|
||||
length+=content->signed_cleartext_body.length;
|
||||
break;
|
||||
|
||||
case OPS_PTAG_CT_SIGNED_CLEARTEXT_TRAILER:
|
||||
signed_hash=content->signed_cleartext_trailer.hash;
|
||||
return OPS_KEEP_MEMORY;
|
||||
|
||||
case OPS_PTAG_CT_SIGNATURE:
|
||||
signer=ops_keyring_find_key_by_id(&keyring,
|
||||
content->signature.signer_id);
|
||||
if(!signer)
|
||||
{
|
||||
fprintf(stderr,"SIGNER UNKNOWN!!!\n");
|
||||
exit(2);
|
||||
}
|
||||
|
||||
if(content->signature.hash)
|
||||
signed_hash=content->signature.hash;
|
||||
|
||||
if(!signed_hash)
|
||||
{
|
||||
fprintf(stderr,"No signature to check!!!\n");
|
||||
exit(3);
|
||||
}
|
||||
|
||||
if(ops_check_hash_signature(signed_hash,&content->signature,
|
||||
ops_get_public_key_from_data(signer)))
|
||||
{
|
||||
puts("Good signature...\n");
|
||||
fflush(stdout);
|
||||
write(1,signed_data,length);
|
||||
free(signed_data);
|
||||
signed_data=NULL;
|
||||
free(signed_hash);
|
||||
signed_hash=NULL;
|
||||
length=0;
|
||||
}
|
||||
else
|
||||
{
|
||||
fprintf(stderr,"BAD SIGNATURE!!!\n");
|
||||
exit(1);
|
||||
}
|
||||
break;
|
||||
|
||||
case OPS_PARSER_ERROR:
|
||||
printf("parse error: %s\n",content->error.error);
|
||||
exit(1);
|
||||
break;
|
||||
|
||||
case OPS_PTAG_CT_ARMOUR_HEADER:
|
||||
if(!strcmp(content->armour_header.type,"BEGIN PGP SIGNATURE"))
|
||||
break;
|
||||
fprintf(stderr,"unexpected armour header: %s\n",
|
||||
content->armour_header.type);
|
||||
exit(3);
|
||||
break;
|
||||
|
||||
case OPS_PTAG_CT_ARMOUR_TRAILER:
|
||||
if(!strcmp(content->armour_trailer.type,"END PGP SIGNATURE"))
|
||||
break;
|
||||
fprintf(stderr,"unexpected armour trailer: %s\n",
|
||||
content->armour_header.type);
|
||||
exit(4);
|
||||
break;
|
||||
|
||||
case OPS_PARSER_PTAG:
|
||||
// just ignore these
|
||||
break;
|
||||
|
||||
default:
|
||||
fprintf(stderr,"Unexpected packet tag=%d (0x%x)\n",content_->tag,
|
||||
content_->tag);
|
||||
break;
|
||||
}
|
||||
|
||||
return OPS_RELEASE_MEMORY;
|
||||
}
|
||||
|
||||
int main(int argc,char **argv)
|
||||
{
|
||||
ops_parse_info_t *pinfo;
|
||||
int fd;
|
||||
const char *keyfile;
|
||||
const char *verify;
|
||||
int ch;
|
||||
ops_boolean_t armour=ops_false;
|
||||
ops_boolean_t verbose=ops_false;
|
||||
|
||||
pname=argv[0];
|
||||
|
||||
while((ch=getopt(argc,argv,"av")) != -1)
|
||||
switch(ch)
|
||||
{
|
||||
case 'a':
|
||||
armour=ops_true;
|
||||
break;
|
||||
|
||||
case 'v':
|
||||
verbose=ops_true;
|
||||
break;
|
||||
|
||||
default:
|
||||
usage();
|
||||
}
|
||||
|
||||
keyfile=argv[optind++];
|
||||
verify=argv[optind++];
|
||||
|
||||
ops_init();
|
||||
|
||||
memset(&keyring,'\0',sizeof keyring);
|
||||
|
||||
pinfo=ops_parse_info_new();
|
||||
|
||||
fd=open(keyfile,O_RDONLY);
|
||||
if(fd < 0)
|
||||
{
|
||||
perror(keyfile);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
ops_reader_set_fd(pinfo,fd);
|
||||
|
||||
ops_parse_and_accumulate(&keyring,pinfo);
|
||||
|
||||
close(fd);
|
||||
|
||||
if(verbose)
|
||||
ops_dump_keyring(&keyring);
|
||||
|
||||
ops_parse_info_delete(pinfo);
|
||||
pinfo=ops_parse_info_new();
|
||||
|
||||
fd=open(verify,O_RDONLY);
|
||||
if(fd < 0)
|
||||
{
|
||||
perror(verify);
|
||||
exit(2);
|
||||
}
|
||||
|
||||
ops_reader_set_fd(pinfo,fd);
|
||||
|
||||
ops_parse_cb_set(pinfo,callback,NULL);
|
||||
|
||||
if(armour)
|
||||
ops_reader_push_dearmour(pinfo,ops_false,ops_false,ops_false);
|
||||
|
||||
ops_parse(pinfo);
|
||||
|
||||
if(armour)
|
||||
ops_reader_pop_dearmour(pinfo);
|
||||
|
||||
if(signed_data)
|
||||
free(signed_data);
|
||||
|
||||
ops_keyring_free(&keyring);
|
||||
ops_finish();
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -1,9 +0,0 @@
|
|||
all: top
|
||||
|
||||
top:
|
||||
cd ../..; $(MAKE)
|
||||
|
||||
headers: packet-show-cast.h
|
||||
|
||||
packet-show-cast.h: packet-show.cast ../../util/caster.pl
|
||||
../../util/caster.pl packet-show.cast packet-show-cast.h
|
|
@ -1,32 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/** \file
|
||||
*/
|
||||
|
||||
#ifndef OPS_ACCUMULATE_H
|
||||
#define OPS_ACCUMULATE_H
|
||||
#endif
|
||||
|
||||
#include "keyring.h"
|
||||
#include "packet-parse.h"
|
||||
|
||||
int ops_parse_and_accumulate(ops_keyring_t *, ops_parse_info_t *);
|
|
@ -1,52 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef __OPS_ARMOUR_H__
|
||||
#define __OPS_ARMOUR_H__
|
||||
|
||||
#include "packet-parse.h"
|
||||
#include "signature.h"
|
||||
|
||||
unsigned ops_crc24(unsigned, unsigned char);
|
||||
|
||||
void ops_reader_push_dearmour(ops_parse_info_t *);
|
||||
|
||||
void ops_reader_pop_dearmour(ops_parse_info_t *);
|
||||
bool
|
||||
ops_writer_push_clearsigned(ops_create_info_t *,
|
||||
ops_create_signature_t *);
|
||||
void ops_writer_push_armoured_message(ops_create_info_t *);
|
||||
bool ops_writer_switch_to_armoured_signature(ops_create_info_t *);
|
||||
|
||||
typedef enum {
|
||||
OPS_PGP_MESSAGE = 1,
|
||||
OPS_PGP_PUBLIC_KEY_BLOCK,
|
||||
OPS_PGP_PRIVATE_KEY_BLOCK,
|
||||
OPS_PGP_MULTIPART_MESSAGE_PART_X_OF_Y,
|
||||
OPS_PGP_MULTIPART_MESSAGE_PART_X,
|
||||
OPS_PGP_SIGNATURE
|
||||
} ops_armor_type_t;
|
||||
|
||||
void ops_writer_push_armoured(ops_create_info_t *, ops_armor_type_t);
|
||||
|
||||
#define CRC24_INIT 0xb704ceL
|
||||
|
||||
#endif /* __OPS_ARMOUR_H__ */
|
|
@ -1,49 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef __OPS_CALLBACK_H__
|
||||
#define __OPS_CALLBACK_H__
|
||||
|
||||
#define CB(cbinfo,t,pc) do { \
|
||||
(pc)->tag=(t); \
|
||||
if(ops_parse_cb((pc),(cbinfo)) == OPS_RELEASE_MEMORY) \
|
||||
ops_parser_content_free(pc); \
|
||||
} while(/* CONSTCOND */0)
|
||||
|
||||
#define CBP(info,t,pc) CB(&(info)->cbinfo,t,pc)
|
||||
|
||||
#define ERR(cbinfo,err,code) do { \
|
||||
content.content.error.error=err; \
|
||||
content.tag=OPS_PARSER_ERROR; \
|
||||
ops_parse_cb(&content,(cbinfo)); \
|
||||
OPS_ERROR(errors,code,err); \
|
||||
return -1; \
|
||||
} while(/*CONSTCOND*/0)
|
||||
|
||||
#define ERRP(info,err) do { \
|
||||
content.content.error.error=err; \
|
||||
CBP(info,OPS_PARSER_ERROR,&content); \
|
||||
return false; \
|
||||
/*NOTREACHED*/ \
|
||||
} while(/*CONSTCOND*/0)
|
||||
|
||||
|
||||
#endif /* __OPS_CALLBACK_H__ */
|
|
@ -1,32 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/** \file
|
||||
*/
|
||||
|
||||
#include "packet-parse.h"
|
||||
|
||||
int
|
||||
ops_decompress(ops_region_t *, ops_parse_info_t *, ops_compression_type_t);
|
||||
|
||||
bool
|
||||
ops_write_compressed(const unsigned char *, const unsigned int,
|
||||
ops_create_info_t *);
|
|
@ -1,17 +0,0 @@
|
|||
/*
|
||||
* generated by configure from include/openpgpsdk/configure.h.template. Don't
|
||||
* edit.
|
||||
*/
|
||||
|
||||
#undef HAVE_ALLOCA_H
|
||||
|
||||
#define PRItime "ll"
|
||||
|
||||
#ifdef WIN32
|
||||
#define PRIsize "I"
|
||||
#else
|
||||
#define PRIsize "z"
|
||||
#endif
|
||||
|
||||
/* for silencing unused parameter warnings */
|
||||
#define OPS_USED(x) /*LINTED*/(void)&(x)
|
|
@ -1,5 +0,0 @@
|
|||
%HAVE_ALLOCA_H%
|
||||
#define TIME_T_FMT %TIME_T_FMT%
|
||||
|
||||
/* for silencing unused parameter warnings */
|
||||
#define OPS_USED(x) (x)=(x)
|
|
@ -1,88 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/** \file
|
||||
*/
|
||||
|
||||
#ifndef OPS_CREATE_H
|
||||
#define OPS_CREATE_H
|
||||
|
||||
#include <openpgpsdk/types.h>
|
||||
#include <openpgpsdk/packet.h>
|
||||
#include <openpgpsdk/crypto.h>
|
||||
#include <openpgpsdk/memory.h>
|
||||
#include <openpgpsdk/errors.h>
|
||||
#include <openpgpsdk/keyring.h>
|
||||
#include <openpgpsdk/writer.h>
|
||||
|
||||
/**
|
||||
* \ingroup Create
|
||||
* This struct contains the required information about how to write this stream
|
||||
*/
|
||||
struct ops_create_info {
|
||||
ops_writer_info_t winfo;
|
||||
ops_error_t *errors; /* !< an error stack */
|
||||
};
|
||||
|
||||
ops_create_info_t *ops_create_info_new(void);
|
||||
void ops_create_info_delete(ops_create_info_t *);
|
||||
|
||||
ops_memory_t *ops_write_mem_from_file(const char *, int *);
|
||||
int ops_write_file_from_buf(const char *, const char *, const size_t, const bool);
|
||||
|
||||
bool ops_calc_session_key_checksum(ops_pk_session_key_t *, unsigned char *);
|
||||
void ops_build_public_key(ops_memory_t *, const ops_public_key_t *, bool);
|
||||
bool ops_write_struct_user_id(ops_user_id_t *, ops_create_info_t *);
|
||||
bool ops_write_struct_public_key(const ops_public_key_t *, ops_create_info_t *);
|
||||
|
||||
bool
|
||||
ops_write_ss_header(unsigned, ops_content_tag_t, ops_create_info_t *);
|
||||
bool
|
||||
ops_write_struct_secret_key(const ops_secret_key_t *,
|
||||
const unsigned char *,
|
||||
const size_t,
|
||||
ops_create_info_t *);
|
||||
bool
|
||||
ops_write_one_pass_sig(const ops_secret_key_t *,
|
||||
const ops_hash_algorithm_t,
|
||||
const ops_sig_type_t,
|
||||
ops_create_info_t *);
|
||||
bool
|
||||
ops_write_literal_data_from_buf(const unsigned char *,
|
||||
const int,
|
||||
const ops_literal_data_type_t,
|
||||
ops_create_info_t *);
|
||||
ops_pk_session_key_t *ops_create_pk_session_key(const ops_keydata_t *);
|
||||
bool
|
||||
ops_write_pk_session_key(ops_create_info_t *, ops_pk_session_key_t *);
|
||||
bool ops_write_transferable_public_key(const ops_keydata_t *, bool, ops_create_info_t *);
|
||||
bool ops_write_transferable_secret_key(const ops_keydata_t *, const unsigned char *, const size_t, bool, ops_create_info_t *);
|
||||
|
||||
void ops_fast_create_user_id(ops_user_id_t *, unsigned char *);
|
||||
bool ops_write_user_id(const unsigned char *, ops_create_info_t *);
|
||||
void ops_fast_create_rsa_public_key(ops_public_key_t *, time_t, BIGNUM *, BIGNUM *);
|
||||
bool ops_write_rsa_public_key(time_t, const BIGNUM *, const BIGNUM *, ops_create_info_t *);
|
||||
void ops_fast_create_rsa_secret_key(ops_secret_key_t *, time_t, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *);
|
||||
bool encode_m_buf(const unsigned char *, size_t, const ops_public_key_t *, unsigned char *);
|
||||
bool ops_write_literal_data_from_file(const char *, const ops_literal_data_type_t, ops_create_info_t *);
|
||||
bool ops_write_symmetrically_encrypted_data(const unsigned char *, const int, ops_create_info_t *);
|
||||
|
||||
#endif /* OPS_CREATE_H */
|
|
@ -1,182 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/** \file
|
||||
*/
|
||||
|
||||
#ifndef OPS_CRYPTO_H
|
||||
#define OPS_CRYPTO_H
|
||||
|
||||
#include "keyring.h"
|
||||
#include "util.h"
|
||||
#include "packet.h"
|
||||
#include "packet-parse.h"
|
||||
#include <openssl/dsa.h>
|
||||
|
||||
#define OPS_MIN_HASH_SIZE 16
|
||||
|
||||
typedef void ops_hash_init_t(ops_hash_t *);
|
||||
typedef void
|
||||
ops_hash_add_t(ops_hash_t *, const unsigned char *, unsigned);
|
||||
typedef unsigned ops_hash_finish_t(ops_hash_t *, unsigned char *);
|
||||
|
||||
/** _ops_hash_t */
|
||||
struct _ops_hash_t {
|
||||
ops_hash_algorithm_t algorithm;
|
||||
size_t size;
|
||||
const char *name;
|
||||
ops_hash_init_t *init;
|
||||
ops_hash_add_t *add;
|
||||
ops_hash_finish_t *finish;
|
||||
void *data;
|
||||
};
|
||||
|
||||
typedef void
|
||||
ops_crypt_set_iv_t(ops_crypt_t *, const unsigned char *);
|
||||
typedef void
|
||||
ops_crypt_set_key_t(ops_crypt_t *, const unsigned char *);
|
||||
typedef void ops_crypt_init_t(ops_crypt_t *);
|
||||
typedef void ops_crypt_resync_t(ops_crypt_t *);
|
||||
typedef void
|
||||
ops_crypt_block_encrypt_t(ops_crypt_t *, void *, const void *);
|
||||
typedef void
|
||||
ops_crypt_block_decrypt_t(ops_crypt_t *, void *, const void *);
|
||||
typedef void
|
||||
ops_crypt_cfb_encrypt_t(ops_crypt_t *, void *, const void *, size_t);
|
||||
typedef void
|
||||
ops_crypt_cfb_decrypt_t(ops_crypt_t *, void *, const void *, size_t);
|
||||
typedef void ops_crypt_finish_t(ops_crypt_t *);
|
||||
|
||||
/** _ops_crypt_t */
|
||||
struct _ops_crypt_t {
|
||||
ops_symmetric_algorithm_t algorithm;
|
||||
size_t blocksize;
|
||||
size_t keysize;
|
||||
ops_crypt_set_iv_t *set_iv; /* Call this before decrypt init! */
|
||||
ops_crypt_set_key_t *set_key; /* Call this before init! */
|
||||
ops_crypt_init_t *base_init;
|
||||
ops_crypt_resync_t *decrypt_resync;
|
||||
/* encrypt/decrypt one block */
|
||||
ops_crypt_block_encrypt_t *block_encrypt;
|
||||
ops_crypt_block_decrypt_t *block_decrypt;
|
||||
|
||||
/* Standard CFB encrypt/decrypt (as used by Sym Enc Int Prot packets) */
|
||||
ops_crypt_cfb_encrypt_t *cfb_encrypt;
|
||||
ops_crypt_cfb_decrypt_t *cfb_decrypt;
|
||||
|
||||
ops_crypt_finish_t *decrypt_finish;
|
||||
unsigned char iv[OPS_MAX_BLOCK_SIZE];
|
||||
unsigned char civ[OPS_MAX_BLOCK_SIZE];
|
||||
unsigned char siv[OPS_MAX_BLOCK_SIZE]; /* Needed for weird v3
|
||||
* resync */
|
||||
unsigned char key[OPS_MAX_KEY_SIZE];
|
||||
int num; /* Offset - see openssl _encrypt doco */
|
||||
void *encrypt_key;
|
||||
void *decrypt_key;
|
||||
};
|
||||
|
||||
void ops_crypto_init(void);
|
||||
void ops_crypto_finish(void);
|
||||
void ops_hash_md5(ops_hash_t *);
|
||||
void ops_hash_sha1(ops_hash_t *);
|
||||
void ops_hash_sha256(ops_hash_t *);
|
||||
void ops_hash_sha512(ops_hash_t *);
|
||||
void ops_hash_sha384(ops_hash_t *);
|
||||
void ops_hash_sha224(ops_hash_t *);
|
||||
void ops_hash_any(ops_hash_t *, ops_hash_algorithm_t);
|
||||
ops_hash_algorithm_t ops_hash_algorithm_from_text(const char *);
|
||||
const char *ops_text_from_hash(ops_hash_t *);
|
||||
unsigned ops_hash_size(ops_hash_algorithm_t);
|
||||
unsigned
|
||||
ops_hash(unsigned char *, ops_hash_algorithm_t, const void *, size_t);
|
||||
|
||||
void ops_hash_add_int(ops_hash_t *, unsigned, unsigned);
|
||||
|
||||
bool
|
||||
ops_dsa_verify(const unsigned char *, size_t,
|
||||
const ops_dsa_signature_t *,
|
||||
const ops_dsa_public_key_t *);
|
||||
int
|
||||
ops_rsa_public_decrypt(unsigned char *, const unsigned char *,
|
||||
size_t, const ops_rsa_public_key_t *);
|
||||
int
|
||||
ops_rsa_public_encrypt(unsigned char *, const unsigned char *,
|
||||
size_t, const ops_rsa_public_key_t *);
|
||||
int
|
||||
ops_rsa_private_encrypt(unsigned char *, const unsigned char *,
|
||||
size_t, const ops_rsa_secret_key_t *,
|
||||
const ops_rsa_public_key_t *);
|
||||
int
|
||||
ops_rsa_private_decrypt(unsigned char *, const unsigned char *,
|
||||
size_t, const ops_rsa_secret_key_t *,
|
||||
const ops_rsa_public_key_t *);
|
||||
|
||||
unsigned ops_block_size(ops_symmetric_algorithm_t);
|
||||
unsigned ops_key_size(ops_symmetric_algorithm_t);
|
||||
|
||||
int
|
||||
ops_decrypt_data(ops_content_tag_t, ops_region_t *, ops_parse_info_t *);
|
||||
|
||||
int ops_crypt_any(ops_crypt_t *, ops_symmetric_algorithm_t);
|
||||
void ops_decrypt_init(ops_crypt_t *);
|
||||
void ops_encrypt_init(ops_crypt_t *);
|
||||
size_t
|
||||
ops_decrypt_se(ops_crypt_t *, void *, const void *, size_t);
|
||||
size_t
|
||||
ops_encrypt_se(ops_crypt_t *, void *, const void *, size_t);
|
||||
size_t
|
||||
ops_decrypt_se_ip(ops_crypt_t *, void *, const void *, size_t);
|
||||
size_t
|
||||
ops_encrypt_se_ip(ops_crypt_t *, void *, const void *, size_t );
|
||||
bool ops_is_sa_supported(ops_symmetric_algorithm_t);
|
||||
|
||||
void
|
||||
ops_reader_push_decrypt(ops_parse_info_t *, ops_crypt_t *, ops_region_t *);
|
||||
void ops_reader_pop_decrypt(ops_parse_info_t *);
|
||||
|
||||
/* Hash everything that's read */
|
||||
void ops_reader_push_hash(ops_parse_info_t *, ops_hash_t *);
|
||||
void ops_reader_pop_hash(ops_parse_info_t *);
|
||||
|
||||
int
|
||||
ops_decrypt_and_unencode_mpi(unsigned char *, unsigned, const BIGNUM *,
|
||||
const ops_secret_key_t *);
|
||||
bool
|
||||
ops_rsa_encrypt_mpi(const unsigned char *, const size_t,
|
||||
const ops_public_key_t *,
|
||||
ops_pk_session_key_parameters_t *);
|
||||
|
||||
|
||||
/* Encrypt everything that's written */
|
||||
struct ops_key_data;
|
||||
void
|
||||
ops_writer_push_encrypt(ops_create_info_t *, const struct ops_key_data *);
|
||||
|
||||
bool ops_encrypt_file(const char *, const char *, const ops_keydata_t *, const bool, const bool );
|
||||
bool ops_decrypt_file(const char *, const char *, ops_keyring_t *, const bool , const bool, ops_parse_cb_t *);
|
||||
|
||||
/* Keys */
|
||||
bool ops_rsa_generate_keypair(const int , const unsigned long, ops_keydata_t *);
|
||||
ops_keydata_t *ops_rsa_create_selfsigned_keypair(const int, const unsigned long, ops_user_id_t *);
|
||||
|
||||
int ops_dsa_size(const ops_dsa_public_key_t * );
|
||||
DSA_SIG *ops_dsa_sign(unsigned char *, unsigned, const ops_dsa_secret_key_t *, const ops_dsa_public_key_t *);
|
||||
#endif
|
|
@ -1,37 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/** \file
|
||||
*/
|
||||
|
||||
#ifndef OPS_DEFS_H
|
||||
#define OPS_DEFS_H
|
||||
|
||||
#define OPS_ARMOURED true
|
||||
#define OPS_UNARMOURED false
|
||||
|
||||
#define OPS_OVERWRITE_YES true
|
||||
#define OPS_OVERWRITE_NO false
|
||||
|
||||
#define OPS_ACCUMULATE_YES true
|
||||
#define OPS_ACCUMULATE_NO false
|
||||
|
||||
#endif /* OPS_DEFS_H */
|
|
@ -1,139 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/** \file
|
||||
*/
|
||||
|
||||
#ifndef OPS_ERRORS
|
||||
#define OPS_ERRORS
|
||||
|
||||
#include <errno.h>
|
||||
|
||||
/** error codes */
|
||||
/* Remember to add names to map in errors.c */
|
||||
typedef enum {
|
||||
OPS_E_OK = 0x0000, /* no error */
|
||||
OPS_E_FAIL = 0x0001, /* general error */
|
||||
OPS_E_SYSTEM_ERROR = 0x0002, /* system error, look at errno for
|
||||
* details */
|
||||
OPS_E_UNIMPLEMENTED = 0x0003, /* feature not yet implemented */
|
||||
|
||||
/* reader errors */
|
||||
OPS_E_R = 0x1000, /* general reader error */
|
||||
OPS_E_R_READ_FAILED = OPS_E_R + 1,
|
||||
OPS_E_R_EARLY_EOF = OPS_E_R + 2,
|
||||
OPS_E_R_BAD_FORMAT = OPS_E_R + 3, /* For example, malformed
|
||||
* armour */
|
||||
OPS_E_R_UNSUPPORTED = OPS_E_R + 4,
|
||||
OPS_E_R_UNCONSUMED_DATA = OPS_E_R + 5,
|
||||
|
||||
/* writer errors */
|
||||
OPS_E_W = 0x2000, /* general writer error */
|
||||
OPS_E_W_WRITE_FAILED = OPS_E_W + 1,
|
||||
OPS_E_W_WRITE_TOO_SHORT = OPS_E_W + 2,
|
||||
|
||||
/* parser errors */
|
||||
OPS_E_P = 0x3000, /* general parser error */
|
||||
OPS_E_P_NOT_ENOUGH_DATA = OPS_E_P + 1,
|
||||
OPS_E_P_UNKNOWN_TAG = OPS_E_P + 2,
|
||||
OPS_E_P_PACKET_CONSUMED = OPS_E_P + 3,
|
||||
OPS_E_P_MPI_FORMAT_ERROR = OPS_E_P + 4,
|
||||
OPS_E_P_PACKET_NOT_CONSUMED = OPS_E_P + 5,
|
||||
OPS_E_P_DECOMPRESSION_ERROR = OPS_E_P + 6,
|
||||
OPS_E_P_NO_USERID = OPS_E_P + 7,
|
||||
|
||||
/* creator errors */
|
||||
OPS_E_C = 0x4000, /* general creator error */
|
||||
|
||||
/* validation errors */
|
||||
OPS_E_V = 0x5000, /* general validation error */
|
||||
OPS_E_V_BAD_SIGNATURE = OPS_E_V + 1,
|
||||
OPS_E_V_NO_SIGNATURE = OPS_E_V + 2,
|
||||
OPS_E_V_UNKNOWN_SIGNER = OPS_E_V + 3,
|
||||
OPS_E_V_BAD_HASH = OPS_E_V + 4,
|
||||
|
||||
/* Algorithm support errors */
|
||||
OPS_E_ALG = 0x6000, /* general algorithm error */
|
||||
OPS_E_ALG_UNSUPPORTED_SYMMETRIC_ALG = OPS_E_ALG + 1,
|
||||
OPS_E_ALG_UNSUPPORTED_PUBLIC_KEY_ALG = OPS_E_ALG + 2,
|
||||
OPS_E_ALG_UNSUPPORTED_SIGNATURE_ALG = OPS_E_ALG + 3,
|
||||
OPS_E_ALG_UNSUPPORTED_HASH_ALG = OPS_E_ALG + 4,
|
||||
OPS_E_ALG_UNSUPPORTED_COMPRESS_ALG = OPS_E_ALG + 5,
|
||||
|
||||
/* Protocol errors */
|
||||
OPS_E_PROTO = 0x7000, /* general protocol error */
|
||||
OPS_E_PROTO_BAD_SYMMETRIC_DECRYPT = OPS_E_PROTO + 2,
|
||||
OPS_E_PROTO_UNKNOWN_SS = OPS_E_PROTO + 3,
|
||||
OPS_E_PROTO_CRITICAL_SS_IGNORED = OPS_E_PROTO + 4,
|
||||
OPS_E_PROTO_BAD_PUBLIC_KEY_VRSN = OPS_E_PROTO + 5,
|
||||
OPS_E_PROTO_BAD_SIGNATURE_VRSN = OPS_E_PROTO + 6,
|
||||
OPS_E_PROTO_BAD_ONE_PASS_SIG_VRSN = OPS_E_PROTO + 7,
|
||||
OPS_E_PROTO_BAD_PKSK_VRSN = OPS_E_PROTO + 8,
|
||||
OPS_E_PROTO_DECRYPTED_MSG_WRONG_LEN = OPS_E_PROTO + 9,
|
||||
OPS_E_PROTO_BAD_SK_CHECKSUM = OPS_E_PROTO + 10
|
||||
} ops_errcode_t;
|
||||
|
||||
/** one entry in a linked list of errors */
|
||||
typedef struct ops_error {
|
||||
ops_errcode_t errcode;
|
||||
int sys_errno; /* !< irrelevent unless errcode ==
|
||||
* OPS_E_SYSTEM_ERROR */
|
||||
char *comment;
|
||||
const char *file;
|
||||
int line;
|
||||
struct ops_error *next;
|
||||
} ops_error_t;
|
||||
|
||||
const char *ops_errcode(const ops_errcode_t);
|
||||
|
||||
void
|
||||
ops_push_error(ops_error_t **, ops_errcode_t, int,
|
||||
const char *, int, const char *, ...);
|
||||
void ops_print_error(ops_error_t *);
|
||||
void ops_print_errors(ops_error_t *);
|
||||
void ops_free_errors(ops_error_t *);
|
||||
int ops_has_error(ops_error_t *, ops_errcode_t);
|
||||
|
||||
#define OPS_SYSTEM_ERROR_1(err,code,syscall,fmt,arg) do { \
|
||||
ops_push_error(err,OPS_E_SYSTEM_ERROR,errno,__FILE__,__LINE__,syscall);\
|
||||
ops_push_error(err,code,0,__FILE__,__LINE__,fmt,arg); \
|
||||
} while(/*CONSTCOND*/0)
|
||||
#define OPS_MEMORY_ERROR(err) { \
|
||||
fprintf(stderr, "Memory error\n"); \
|
||||
} /* \todo placeholder for better error
|
||||
* handling */
|
||||
#define OPS_ERROR(err,code,fmt) do { \
|
||||
ops_push_error(err,code,0,__FILE__,__LINE__,fmt); \
|
||||
} while(/*CONSTCOND*/0)
|
||||
#define OPS_ERROR_1(err,code,fmt,arg) do { \
|
||||
ops_push_error(err,code,0,__FILE__,__LINE__,fmt,arg); \
|
||||
} while(/*CONSTCOND*/0)
|
||||
#define OPS_ERROR_2(err,code,fmt,arg,arg2) do { \
|
||||
ops_push_error(err,code,0,__FILE__,__LINE__,fmt,arg,arg2); \
|
||||
} while(/*CONSTCOND*/0)
|
||||
#define OPS_ERROR_3(err,code,fmt,arg,arg2,arg3) do { \
|
||||
ops_push_error(err,code,0,__FILE__,__LINE__,fmt,arg,arg2,arg3); \
|
||||
} while(/*CONSTCOND*/0)
|
||||
#define OPS_ERROR_4(err,code,fmt,arg,arg2,arg3,arg4) do { \
|
||||
ops_push_error(err,code,0,__FILE__,__LINE__,fmt,arg,arg2,arg3,arg4); \
|
||||
} while(/*CONSTCOND*/0)
|
||||
|
||||
#endif /* OPS_ERRORS */
|
|
@ -1,26 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/* A header that is always included last, for things that need to come last */
|
||||
|
||||
#ifdef DMALLOC
|
||||
#include <dmalloc.h>
|
||||
#endif
|
|
@ -1,30 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef __OPS_HASH_H__
|
||||
#define __OPS_HASH_H__
|
||||
|
||||
#include "openpgpsdk/packet.h"
|
||||
|
||||
void ops_calc_mdc_hash(const unsigned char *, const size_t, const unsigned char *, const unsigned int, unsigned char *);
|
||||
bool ops_is_hash_alg_supported(const ops_hash_algorithm_t *);
|
||||
|
||||
#endif /* __OPS_HASH_H__ */
|
|
@ -1,89 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/** \file
|
||||
*/
|
||||
|
||||
#ifndef OPS_KEYRING_H
|
||||
#define OPS_KEYRING_H
|
||||
|
||||
#include "packet.h"
|
||||
#include "memory.h"
|
||||
|
||||
typedef struct ops_keydata ops_keydata_t;
|
||||
|
||||
/** \struct ops_keyring_t
|
||||
* A keyring
|
||||
*/
|
||||
|
||||
typedef struct {
|
||||
int nkeys;
|
||||
//while we are constructing a key, this is the offset
|
||||
int nkeys_allocated;
|
||||
ops_keydata_t *keys;
|
||||
} ops_keyring_t;
|
||||
|
||||
const ops_keydata_t *
|
||||
ops_keyring_find_key_by_id(const ops_keyring_t * ,
|
||||
const unsigned char keyid[OPS_KEY_ID_SIZE]);
|
||||
const ops_keydata_t *ops_keyring_find_key_by_userid(const ops_keyring_t *,
|
||||
const char *);
|
||||
void ops_keydata_free(ops_keydata_t *);
|
||||
void ops_keyring_free(ops_keyring_t *);
|
||||
void ops_dump_keyring(const ops_keyring_t *);
|
||||
const ops_public_key_t *
|
||||
ops_get_public_key_from_data(const ops_keydata_t *);
|
||||
bool ops_is_key_secret(const ops_keydata_t *);
|
||||
const ops_secret_key_t *ops_get_secret_key_from_data(const ops_keydata_t *);
|
||||
ops_secret_key_t *ops_get_writable_secret_key_from_data(ops_keydata_t *);
|
||||
ops_secret_key_t *ops_decrypt_secret_key_from_data(const ops_keydata_t *,
|
||||
const char *);
|
||||
|
||||
bool ops_keyring_read_from_file(ops_keyring_t *, const bool, const char *);
|
||||
bool ops_keyring_read_from_mem(ops_keyring_t *, const bool, ops_memory_t *);
|
||||
|
||||
char *ops_malloc_passphrase(char *);
|
||||
char *ops_get_passphrase(void);
|
||||
|
||||
void ops_keyring_list(const ops_keyring_t *);
|
||||
|
||||
void ops_set_secret_key(ops_parser_content_union_t *, const ops_keydata_t *);
|
||||
|
||||
const unsigned char *ops_get_key_id(const ops_keydata_t *);
|
||||
unsigned ops_get_user_id_count(const ops_keydata_t *);
|
||||
const unsigned char *ops_get_user_id(const ops_keydata_t *, unsigned);
|
||||
bool ops_is_key_supported(const ops_keydata_t *);
|
||||
const ops_keydata_t *ops_keyring_get_key_by_index(const ops_keyring_t *, int);
|
||||
|
||||
ops_user_id_t *ops_add_userid_to_keydata(ops_keydata_t *, const ops_user_id_t *);
|
||||
ops_packet_t *ops_add_packet_to_keydata(ops_keydata_t *, const ops_packet_t *);
|
||||
void ops_add_signed_userid_to_keydata(ops_keydata_t *, const ops_user_id_t *, const ops_packet_t *);
|
||||
|
||||
bool ops_add_selfsigned_userid_to_keydata(ops_keydata_t *, ops_user_id_t *);
|
||||
|
||||
ops_keydata_t *ops_keydata_new(void);
|
||||
void ops_keydata_init(ops_keydata_t *, const ops_content_tag_t);
|
||||
|
||||
void ops_copy_userid(ops_user_id_t *, const ops_user_id_t *);
|
||||
void ops_copy_packet(ops_packet_t *, const ops_packet_t *);
|
||||
unsigned ops_get_keydata_content_type(const ops_keydata_t *);
|
||||
|
||||
#endif
|
|
@ -1,39 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/** \file
|
||||
*/
|
||||
|
||||
#ifndef OPS_LISTS_H
|
||||
#define OPS_LISTS_H
|
||||
|
||||
/** ops_ulong_list_t */
|
||||
typedef struct {
|
||||
unsigned int size; /* num of array slots allocated */
|
||||
unsigned int used; /* num of array slots currently used */
|
||||
unsigned long *ulongs;
|
||||
} ops_ulong_list_t;
|
||||
|
||||
void ops_ulong_list_init(ops_ulong_list_t *);
|
||||
void ops_ulong_list_free(ops_ulong_list_t *);
|
||||
unsigned int ops_ulong_list_add(ops_ulong_list_t *, unsigned long *);
|
||||
|
||||
#endif /* OPS_LISTS_H */
|
|
@ -1,56 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/** \file
|
||||
*/
|
||||
|
||||
#include <sys/types.h>
|
||||
#include <openssl/bn.h>
|
||||
#include "packet.h"
|
||||
|
||||
#ifndef OPS_MEMORY_H
|
||||
#define OPS_MEMORY_H
|
||||
|
||||
/** ops_memory_t
|
||||
*/
|
||||
typedef struct ops_memory_t {
|
||||
unsigned char *buf;
|
||||
size_t length;
|
||||
size_t allocated;
|
||||
} ops_memory_t;
|
||||
|
||||
|
||||
ops_memory_t *ops_memory_new(void);
|
||||
void ops_memory_free(ops_memory_t *);
|
||||
void ops_memory_init(ops_memory_t *, size_t);
|
||||
void ops_memory_pad(ops_memory_t *, size_t);
|
||||
void ops_memory_add(ops_memory_t *, const unsigned char *, size_t);
|
||||
void ops_memory_place_int(ops_memory_t *, unsigned, unsigned, size_t);
|
||||
void ops_memory_make_packet(ops_memory_t *, ops_content_tag_t);
|
||||
void ops_memory_clear(ops_memory_t *);
|
||||
void ops_memory_release(ops_memory_t *);
|
||||
|
||||
void ops_writer_set_memory(ops_create_info_t *, ops_memory_t *);
|
||||
|
||||
size_t ops_memory_get_length(const ops_memory_t *);
|
||||
void *ops_memory_get_data(ops_memory_t *);
|
||||
|
||||
#endif
|
|
@ -1,48 +0,0 @@
|
|||
/*-
|
||||
* Copyright (c) 2009 The NetBSD Foundation, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This code is derived from software contributed to The NetBSD Foundation
|
||||
* by Alistair Crooks (agc@NetBSD.org)
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
|
||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
|
||||
* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
|
||||
* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
||||
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
||||
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
||||
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
||||
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
* POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
#ifndef OPENPGPSDK_OPENPGPSDK_H_
|
||||
#define OPENPGPSDK_OPENPGPSDK_H_
|
||||
|
||||
/*
|
||||
* This is a simple, catch-all header file. Programs which want to
|
||||
* use the openpgpsdk library can simply include this one header file,
|
||||
* and all the subsidiary ones will be handled.
|
||||
*/
|
||||
|
||||
#include <openpgpsdk/keyring.h>
|
||||
#include <openpgpsdk/crypto.h>
|
||||
#include <openpgpsdk/signature.h>
|
||||
#include <openpgpsdk/validate.h>
|
||||
#include <openpgpsdk/readerwriter.h>
|
||||
#include <openpgpsdk/std_print.h>
|
||||
#include <openpgpsdk/packet-show.h>
|
||||
#include <openpgpsdk/util.h>
|
||||
#include <openpgpsdk/version.h>
|
||||
|
||||
#endif
|
|
@ -1,168 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/** \file
|
||||
* Parser for OpenPGP packets - headers.
|
||||
*/
|
||||
|
||||
#ifndef OPS_PACKET_PARSE_H
|
||||
#define OPS_PACKET_PARSE_H
|
||||
|
||||
#include "types.h"
|
||||
#include "packet.h"
|
||||
#include "lists.h"
|
||||
|
||||
/** ops_region_t */
|
||||
typedef struct ops_region {
|
||||
struct ops_region *parent;
|
||||
unsigned length;
|
||||
unsigned length_read;
|
||||
unsigned last_read; /* !< length of last read, only valid
|
||||
* in deepest child */
|
||||
unsigned indeterminate:1;
|
||||
} ops_region_t;
|
||||
|
||||
void ops_init_subregion(ops_region_t *, ops_region_t *);
|
||||
|
||||
#if 0
|
||||
/** Return values for reader functions e.g. ops_packet_reader_t() */
|
||||
typedef enum {
|
||||
OPS_R_OK = 0, /* !< success */
|
||||
OPS_R_EOF = 1, /* !< reached end of file, no data has been
|
||||
* returned */
|
||||
OPS_R_EARLY_EOF = 2, /* !< could not read the requested number of
|
||||
* bytes and either OPS_RETURN_LENGTH was not
|
||||
* set and at least 1 byte was read, or there
|
||||
* was an abnormal end to the file (or
|
||||
* armoured block) */
|
||||
OPS_R_PARTIAL_READ = 3, /* !< if OPS_RETURN_LENGTH is set and the
|
||||
* buffer was not filled */
|
||||
OPS_R_ERROR = 4 /* !< if there was an error reading */
|
||||
} ops_reader_ret_t;
|
||||
#endif
|
||||
|
||||
/** ops_parse_callback_return_t */
|
||||
typedef enum {
|
||||
OPS_RELEASE_MEMORY,
|
||||
OPS_KEEP_MEMORY,
|
||||
OPS_FINISHED
|
||||
} ops_parse_cb_return_t;
|
||||
|
||||
typedef struct ops_parse_cb_info ops_parse_cb_info_t;
|
||||
|
||||
typedef ops_parse_cb_return_t
|
||||
ops_parse_cb_t(const ops_parser_content_t *,
|
||||
ops_parse_cb_info_t *);
|
||||
|
||||
typedef struct ops_parse_info ops_parse_info_t;
|
||||
typedef struct ops_reader_info ops_reader_info_t;
|
||||
typedef struct ops_crypt_info ops_crypt_info_t;
|
||||
|
||||
/*
|
||||
A reader MUST read at least one byte if it can, and should read up
|
||||
to the number asked for. Whether it reads more for efficiency is
|
||||
its own decision, but if it is a stacked reader it should never
|
||||
read more than the length of the region it operates in (which it
|
||||
would have to be given when it is stacked).
|
||||
|
||||
If a read is short because of EOF, then it should return the short
|
||||
read (obviously this will be zero on the second attempt, if not the
|
||||
first). Because a reader is not obliged to do a full read, only a
|
||||
zero return can be taken as an indication of EOF.
|
||||
|
||||
If there is an error, then the callback should be notified, the
|
||||
error stacked, and -1 should be returned.
|
||||
|
||||
Note that although length is a size_t, a reader will never be asked
|
||||
to read more than INT_MAX in one go.
|
||||
|
||||
*/
|
||||
|
||||
typedef int
|
||||
ops_reader_t(void *, size_t, ops_error_t **,
|
||||
ops_reader_info_t *, ops_parse_cb_info_t *);
|
||||
|
||||
typedef void ops_reader_destroyer_t(ops_reader_info_t *);
|
||||
|
||||
ops_parse_info_t *ops_parse_info_new(void);
|
||||
void ops_parse_info_delete(ops_parse_info_t *);
|
||||
ops_error_t *ops_parse_info_get_errors(ops_parse_info_t *);
|
||||
ops_crypt_t *ops_parse_get_decrypt(ops_parse_info_t *);
|
||||
|
||||
void ops_parse_cb_set(ops_parse_info_t *, ops_parse_cb_t *, void *);
|
||||
void ops_parse_cb_push(ops_parse_info_t *, ops_parse_cb_t *, void *);
|
||||
void *ops_parse_cb_get_arg(ops_parse_cb_info_t *);
|
||||
void *ops_parse_cb_get_errors(ops_parse_cb_info_t *);
|
||||
void ops_reader_set(ops_parse_info_t *, ops_reader_t *, ops_reader_destroyer_t *, void *);
|
||||
void ops_reader_push(ops_parse_info_t *, ops_reader_t *, ops_reader_destroyer_t *, void *);
|
||||
void ops_reader_pop(ops_parse_info_t *);
|
||||
void *ops_reader_get_arg_from_pinfo(ops_parse_info_t *);
|
||||
|
||||
void *ops_reader_get_arg(ops_reader_info_t *);
|
||||
|
||||
ops_parse_cb_return_t
|
||||
ops_parse_cb(const ops_parser_content_t *, ops_parse_cb_info_t *);
|
||||
ops_parse_cb_return_t
|
||||
ops_parse_stacked_cb(const ops_parser_content_t *, ops_parse_cb_info_t *);
|
||||
ops_reader_info_t *ops_parse_get_rinfo(ops_parse_info_t *);
|
||||
|
||||
int ops_parse(ops_parse_info_t *);
|
||||
int ops_parse_and_print_errors(ops_parse_info_t *);
|
||||
int ops_parse_and_save_errs(ops_parse_info_t *, ops_ulong_list_t *);
|
||||
int ops_parse_errs(ops_parse_info_t *, ops_ulong_list_t *);
|
||||
|
||||
void ops_parse_and_validate(ops_parse_info_t *);
|
||||
|
||||
/** Used to specify whether subpackets should be returned raw, parsed or ignored.
|
||||
*/
|
||||
typedef enum {
|
||||
OPS_PARSE_RAW, /* !< Callback Raw */
|
||||
OPS_PARSE_PARSED, /* !< Callback Parsed */
|
||||
OPS_PARSE_IGNORE /* !< Don't callback */
|
||||
} ops_parse_type_t;
|
||||
|
||||
void
|
||||
ops_parse_options(ops_parse_info_t *, ops_content_tag_t, ops_parse_type_t);
|
||||
|
||||
bool
|
||||
ops_limited_read(unsigned char *, size_t,
|
||||
ops_region_t *, ops_error_t **,
|
||||
ops_reader_info_t *,
|
||||
ops_parse_cb_info_t *);
|
||||
bool
|
||||
ops_stacked_limited_read(unsigned char *, unsigned,
|
||||
ops_region_t *,
|
||||
ops_error_t **,
|
||||
ops_reader_info_t *,
|
||||
ops_parse_cb_info_t *);
|
||||
void
|
||||
ops_parse_hash_init(ops_parse_info_t *, ops_hash_algorithm_t,
|
||||
const unsigned char *);
|
||||
void
|
||||
ops_parse_hash_data(ops_parse_info_t *, const void *, size_t);
|
||||
void ops_parse_hash_finish(ops_parse_info_t *);
|
||||
ops_hash_t *
|
||||
ops_parse_hash_find(ops_parse_info_t *,
|
||||
const unsigned char keyid[OPS_KEY_ID_SIZE]);
|
||||
|
||||
ops_reader_t ops_stacked_read;
|
||||
|
||||
#endif
|
|
@ -1,66 +0,0 @@
|
|||
/* Generated from packet-show.cast by ../../util/caster.pl, do not edit. */
|
||||
|
||||
#include "types.h"
|
||||
|
||||
/*
|
||||
* (line 4) char *show_packet_tag(ops_packet_tag_t packet_tag,
|
||||
* packet_tag_map_t *packet_tag_map) -> char *ops_str_from_map(int
|
||||
* packet_tag, ops_map_t *packet_tag_map)
|
||||
*/
|
||||
const char *ops_str_from_map(int packet_tag, ops_map_t * packet_tag_map);
|
||||
#define show_packet_tag(packet_tag,packet_tag_map) ops_str_from_map(CHECKED_INSTANCE_OF(ops_packet_tag_t , packet_tag),CHECKED_INSTANCE_OF( packet_tag_map_t *, packet_tag_map))
|
||||
typedef char *show_packet_tag_t(ops_packet_tag_t, packet_tag_map_t *);
|
||||
|
||||
/*
|
||||
* (line 5) char *show_sig_type(ops_sig_type_t sig_type, sig_type_map_t
|
||||
* *sig_type_map) -> char *ops_str_from_map(int sig_type, ops_map_t
|
||||
* *sig_type_map)
|
||||
*/
|
||||
const char *ops_str_from_map(int sig_type, ops_map_t * sig_type_map);
|
||||
#define show_sig_type(sig_type,sig_type_map) ops_str_from_map(CHECKED_INSTANCE_OF(ops_sig_type_t , sig_type),CHECKED_INSTANCE_OF( sig_type_map_t *, sig_type_map))
|
||||
typedef char *show_sig_type_t(ops_sig_type_t, sig_type_map_t *);
|
||||
|
||||
/*
|
||||
* (line 6) char *show_pka(ops_public_key_algorithm_t pka,
|
||||
* public_key_algorithm_map_t *pka_map) -> char *ops_str_from_map(int pka,
|
||||
* ops_map_t *pka_map)
|
||||
*/
|
||||
const char *ops_str_from_map(int pka, ops_map_t * pka_map);
|
||||
#define show_pka(pka,pka_map) ops_str_from_map(CHECKED_INSTANCE_OF(ops_public_key_algorithm_t , pka),CHECKED_INSTANCE_OF( public_key_algorithm_map_t *, pka_map))
|
||||
typedef char *show_pka_t(ops_public_key_algorithm_t, public_key_algorithm_map_t *);
|
||||
|
||||
/*
|
||||
* (line 7) char *show_ss_type(ops_ss_type_t ss_type, ss_type_map_t
|
||||
* *ss_type_map) -> char *ops_str_from_map(int ss_type, ops_map_t
|
||||
* *ss_type_map)
|
||||
*/
|
||||
const char *ops_str_from_map(int ss_type, ops_map_t * ss_type_map);
|
||||
#define show_ss_type(ss_type,ss_type_map) ops_str_from_map(CHECKED_INSTANCE_OF(ops_ss_type_t , ss_type),CHECKED_INSTANCE_OF( ss_type_map_t *, ss_type_map))
|
||||
typedef char *show_ss_type_t(ops_ss_type_t, ss_type_map_t *);
|
||||
|
||||
/*
|
||||
* (line 8) char *show_ss_rr_code(ops_ss_rr_code_t ss_rr_code,
|
||||
* ss_rr_code_map_t *ss_rr_code_map) -> char *ops_str_from_map(int
|
||||
* ss_rr_code, ops_map_t *ss_rr_code_map)
|
||||
*/
|
||||
const char *ops_str_from_map(int ss_rr_code, ops_map_t * ss_rr_code_map);
|
||||
#define show_ss_rr_code(ss_rr_code,ss_rr_code_map) ops_str_from_map(CHECKED_INSTANCE_OF(ops_ss_rr_code_t , ss_rr_code),CHECKED_INSTANCE_OF( ss_rr_code_map_t *, ss_rr_code_map))
|
||||
typedef char *show_ss_rr_code_t(ops_ss_rr_code_t, ss_rr_code_map_t *);
|
||||
|
||||
/*
|
||||
* (line 9) char *show_hash_algorithm(unsigned char hash,+ops_map_t
|
||||
* *hash_algorithm_map) -> char *ops_str_from_map(int hash,ops_map_t
|
||||
* *hash_algorithm_map)
|
||||
*/
|
||||
const char *ops_str_from_map(int hash, ops_map_t * hash_algorithm_map);
|
||||
#define show_hash_algorithm(hash) ops_str_from_map(CHECKED_INSTANCE_OF(unsigned char , hash),CHECKED_INSTANCE_OF(ops_map_t *, hash_algorithm_map))
|
||||
typedef char *show_hash_algorithm_t(unsigned char);
|
||||
|
||||
/*
|
||||
* (line 10) char *show_symmetric_algorithm(unsigned char hash,+ops_map_t
|
||||
* *symmetric_algorithm_map) -> char *ops_str_from_map(int hash,ops_map_t
|
||||
* *symmetric_algorithm_map)
|
||||
*/
|
||||
const char *ops_str_from_map(int hash, ops_map_t * symmetric_algorithm_map);
|
||||
#define show_symmetric_algorithm(hash) ops_str_from_map(CHECKED_INSTANCE_OF(unsigned char , hash),CHECKED_INSTANCE_OF(ops_map_t *, symmetric_algorithm_map))
|
||||
typedef char *show_symmetric_algorithm_t(unsigned char);
|
|
@ -1,86 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/** \file
|
||||
*/
|
||||
|
||||
#ifndef OPS_PACKET_TO_TEXT_H
|
||||
#define OPS_PACKET_TO_TEXT_H
|
||||
|
||||
#ifndef OPS_PACKET_H
|
||||
#include "packet.h"
|
||||
#endif
|
||||
|
||||
/** ops_list_t
|
||||
*/
|
||||
typedef struct {
|
||||
unsigned int size; /* num of array slots allocated */
|
||||
unsigned int used; /* num of array slots currently used */
|
||||
char **strings;
|
||||
} ops_list_t;
|
||||
|
||||
/** ops_text_t
|
||||
*/
|
||||
typedef struct {
|
||||
ops_list_t known;
|
||||
ops_list_t unknown;
|
||||
} ops_text_t;
|
||||
|
||||
/** ops_bit_map_t
|
||||
*/
|
||||
typedef struct {
|
||||
unsigned char mask;
|
||||
const char *string;
|
||||
} ops_bit_map_t;
|
||||
|
||||
void ops_text_init(ops_text_t *);
|
||||
void ops_text_free(ops_text_t *);
|
||||
|
||||
const char *ops_show_packet_tag(ops_packet_tag_t);
|
||||
const char *ops_show_ss_type(ops_ss_type_t);
|
||||
|
||||
const char *ops_show_sig_type(ops_sig_type_t);
|
||||
const char *ops_show_pka(ops_public_key_algorithm_t);
|
||||
|
||||
ops_text_t *ops_showall_ss_preferred_compression(ops_ss_preferred_compression_t);
|
||||
const char *ops_show_ss_preferred_compression(unsigned char);
|
||||
|
||||
ops_text_t *ops_showall_ss_preferred_hash(ops_ss_preferred_hash_t);
|
||||
const char *ops_show_hash_algorithm(unsigned char);
|
||||
const char *ops_show_symmetric_algorithm(unsigned char);
|
||||
|
||||
ops_text_t *ops_showall_ss_preferred_ska(ops_ss_preferred_ska_t);
|
||||
const char *ops_show_ss_preferred_ska(unsigned char);
|
||||
|
||||
const char *ops_show_ss_rr_code(ops_ss_rr_code_t);
|
||||
|
||||
ops_text_t *ops_showall_ss_features(ops_ss_features_t);
|
||||
|
||||
ops_text_t *ops_showall_ss_key_flags(ops_ss_key_flags_t);
|
||||
const char *ops_show_ss_key_flag(unsigned char, ops_bit_map_t *);
|
||||
|
||||
ops_text_t *ops_showall_ss_key_server_prefs(ops_ss_key_server_prefs_t);
|
||||
const char *
|
||||
ops_show_ss_key_server_prefs(unsigned char, ops_bit_map_t *);
|
||||
|
||||
ops_text_t *ops_showall_ss_notation_data_flags(ops_ss_notation_data_t);
|
||||
|
||||
#endif /* OPS_PACKET_TO_TEXT_H */
|
File diff suppressed because it is too large
Load Diff
|
@ -1,28 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifdef WIN32
|
||||
#include <malloc.h>
|
||||
#else
|
||||
#include <unistd.h>
|
||||
#endif
|
||||
|
||||
void ops_random(void *, size_t);
|
|
@ -1,96 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef __OPS_READERWRITER_H__
|
||||
#define __OPS_READERWRITER_H__
|
||||
|
||||
#include <openpgpsdk/memory.h>
|
||||
#include <openpgpsdk/create.h>
|
||||
|
||||
|
||||
void ops_reader_set_fd(ops_parse_info_t *, int);
|
||||
void
|
||||
ops_reader_set_memory(ops_parse_info_t *, const void *, size_t);
|
||||
|
||||
/* Do a sum mod 65536 of all bytes read (as needed for secret keys) */
|
||||
void ops_reader_push_sum16(ops_parse_info_t *);
|
||||
unsigned short ops_reader_pop_sum16(ops_parse_info_t *);
|
||||
|
||||
void
|
||||
ops_reader_push_se_ip_data(ops_parse_info_t *, ops_crypt_t *, ops_region_t *);
|
||||
void ops_reader_pop_se_ip_data(ops_parse_info_t *);
|
||||
|
||||
/* */
|
||||
bool
|
||||
ops_write_mdc(const unsigned char *, ops_create_info_t *);
|
||||
bool
|
||||
ops_write_se_ip_pktset(const unsigned char *,
|
||||
const unsigned int,
|
||||
ops_crypt_t *,
|
||||
ops_create_info_t *);
|
||||
void ops_writer_push_encrypt_crypt(ops_create_info_t *, ops_crypt_t *);
|
||||
void ops_writer_push_encrypt_se_ip(ops_create_info_t *, const ops_keydata_t *);
|
||||
/* Secret Key checksum */
|
||||
|
||||
void ops_push_skey_checksum_writer(ops_create_info_t *, ops_secret_key_t *);
|
||||
bool ops_pop_skey_checksum_writer(ops_create_info_t *);
|
||||
|
||||
|
||||
/* memory writing */
|
||||
void ops_setup_memory_write(ops_create_info_t **, ops_memory_t **, size_t);
|
||||
void ops_teardown_memory_write(ops_create_info_t *, ops_memory_t *);
|
||||
|
||||
/* memory reading */
|
||||
void
|
||||
ops_setup_memory_read(ops_parse_info_t **, ops_memory_t *,
|
||||
void *,
|
||||
ops_parse_cb_return_t callback(const ops_parser_content_t *, ops_parse_cb_info_t *), bool);
|
||||
void ops_teardown_memory_read(ops_parse_info_t *, ops_memory_t *);
|
||||
|
||||
/* file writing */
|
||||
int ops_setup_file_write(ops_create_info_t **, const char *, bool);
|
||||
void ops_teardown_file_write(ops_create_info_t *, int);
|
||||
|
||||
/* file appending */
|
||||
int ops_setup_file_append(ops_create_info_t **, const char *);
|
||||
void ops_teardown_file_append(ops_create_info_t *, int);
|
||||
|
||||
/* file reading */
|
||||
int ops_setup_file_read(ops_parse_info_t **, const char *, void *,
|
||||
ops_parse_cb_return_t callback(const ops_parser_content_t *, ops_parse_cb_info_t *), bool);
|
||||
void ops_teardown_file_read(ops_parse_info_t *, int);
|
||||
|
||||
bool ops_reader_set_accumulate(ops_parse_info_t *, bool);
|
||||
|
||||
/* useful callbacks */
|
||||
ops_parse_cb_return_t
|
||||
literal_data_cb(const ops_parser_content_t *, ops_parse_cb_info_t *);
|
||||
ops_parse_cb_return_t
|
||||
pk_session_key_cb(const ops_parser_content_t *, ops_parse_cb_info_t *);
|
||||
ops_parse_cb_return_t
|
||||
get_secret_key_cb(const ops_parser_content_t *, ops_parse_cb_info_t *);
|
||||
ops_parse_cb_return_t
|
||||
get_passphrase_cb(const ops_parser_content_t * content_, ops_parse_cb_info_t * cbinfo);
|
||||
|
||||
/* from reader_fd.c */
|
||||
void ops_reader_set_fd(ops_parse_info_t *, int);
|
||||
|
||||
#endif /* OPS_READERWRITER_H__ */
|
|
@ -1,99 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/** \file
|
||||
*/
|
||||
|
||||
#ifndef OPS_SIGNATURE_H
|
||||
#define OPS_SIGNATURE_H
|
||||
|
||||
#include "packet.h"
|
||||
#include "util.h"
|
||||
#include "create.h"
|
||||
|
||||
typedef struct ops_create_signature ops_create_signature_t;
|
||||
|
||||
ops_create_signature_t *ops_create_signature_new(void);
|
||||
void ops_create_signature_delete(ops_create_signature_t *);
|
||||
|
||||
bool
|
||||
ops_check_user_id_certification_signature(const ops_public_key_t *,
|
||||
const ops_user_id_t *,
|
||||
const ops_signature_t *,
|
||||
const ops_public_key_t *,
|
||||
const unsigned char *);
|
||||
bool
|
||||
ops_check_user_attribute_certification_signature(const ops_public_key_t *,
|
||||
const ops_user_attribute_t *,
|
||||
const ops_signature_t *,
|
||||
const ops_public_key_t *,
|
||||
const unsigned char *);
|
||||
bool
|
||||
ops_check_subkey_signature(const ops_public_key_t *,
|
||||
const ops_public_key_t *,
|
||||
const ops_signature_t *,
|
||||
const ops_public_key_t *,
|
||||
const unsigned char *);
|
||||
bool
|
||||
ops_check_direct_signature(const ops_public_key_t *,
|
||||
const ops_signature_t *,
|
||||
const ops_public_key_t *,
|
||||
const unsigned char *);
|
||||
bool
|
||||
ops_check_hash_signature(ops_hash_t *,
|
||||
const ops_signature_t *,
|
||||
const ops_public_key_t *);
|
||||
void
|
||||
ops_signature_start_key_signature(ops_create_signature_t *,
|
||||
const ops_public_key_t *,
|
||||
const ops_user_id_t *,
|
||||
ops_sig_type_t);
|
||||
void
|
||||
ops_signature_start_cleartext_signature(ops_create_signature_t *,
|
||||
const ops_secret_key_t *,
|
||||
const ops_hash_algorithm_t,
|
||||
const ops_sig_type_t);
|
||||
void
|
||||
ops_signature_start_message_signature(ops_create_signature_t *,
|
||||
const ops_secret_key_t *,
|
||||
const ops_hash_algorithm_t,
|
||||
const ops_sig_type_t);
|
||||
|
||||
void
|
||||
ops_signature_add_data(ops_create_signature_t *, const void *, size_t);
|
||||
ops_hash_t *ops_signature_get_hash(ops_create_signature_t *);
|
||||
bool ops_signature_hashed_subpackets_end(ops_create_signature_t *);
|
||||
bool
|
||||
ops_write_signature(ops_create_signature_t *, const ops_public_key_t *,
|
||||
const ops_secret_key_t *, ops_create_info_t *);
|
||||
bool ops_signature_add_creation_time(ops_create_signature_t *, time_t);
|
||||
bool
|
||||
ops_signature_add_issuer_key_id(ops_create_signature_t *,
|
||||
const unsigned char keyid[OPS_KEY_ID_SIZE]);
|
||||
void ops_signature_add_primary_user_id(ops_create_signature_t *, bool);
|
||||
|
||||
/* Standard Interface */
|
||||
bool ops_sign_file_as_cleartext(const char *, const char *, const ops_secret_key_t *, const bool);
|
||||
bool ops_sign_buf_as_cleartext(const char *, const size_t, ops_memory_t **, const ops_secret_key_t *);
|
||||
bool ops_sign_file(const char *, const char *, const ops_secret_key_t *, const bool, const bool);
|
||||
ops_memory_t *ops_sign_buf(const void *, const size_t, const ops_sig_type_t, const ops_secret_key_t *, const bool);
|
||||
|
||||
#endif
|
|
@ -1,47 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/** \file
|
||||
*/
|
||||
|
||||
#ifndef OPS_STD_PRINT_H
|
||||
#define OPS_STD_PRINT_H
|
||||
|
||||
#include "openpgpsdk/packet.h"
|
||||
#include "openpgpsdk/packet-parse.h"
|
||||
#include "openpgpsdk/keyring.h"
|
||||
|
||||
void
|
||||
print_bn(const char *, const BIGNUM *);
|
||||
void
|
||||
ops_print_pk_session_key(ops_content_tag_t,
|
||||
const ops_pk_session_key_t *);
|
||||
void ops_print_public_keydata(const ops_keydata_t *);
|
||||
|
||||
void ops_print_public_keydata_verbose(const ops_keydata_t *);
|
||||
void ops_print_public_key(const ops_public_key_t *);
|
||||
|
||||
void ops_print_secret_keydata(const ops_keydata_t *);
|
||||
void ops_print_secret_keydata_verbose(const ops_keydata_t *);
|
||||
int ops_print_packet(const ops_parser_content_t *);
|
||||
void ops_list_packets(char *, bool, ops_keyring_t *, ops_parse_cb_t *);
|
||||
|
||||
#endif
|
|
@ -1,31 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef __OPS_STREAMWRITER_H__
|
||||
#define __OPS_STREAMWRITER_H__
|
||||
|
||||
#include <openpgpsdk/readerwriter.h>
|
||||
|
||||
void
|
||||
ops_writer_push_stream_encrypt_se_ip(ops_create_info_t *,
|
||||
const ops_keydata_t *);
|
||||
|
||||
#endif /* __OPS_STREAMWRITER_H__ */
|
|
@ -1,76 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/** \file
|
||||
*/
|
||||
|
||||
#ifndef OPS_TYPES_H
|
||||
#define OPS_TYPES_H
|
||||
|
||||
#include <stdbool.h>
|
||||
|
||||
/** Special type for intermediate function casting, avoids warnings on
|
||||
some platforms
|
||||
*/
|
||||
typedef void (*ops_void_fptr) (void);
|
||||
#define ops_fcast(f) ((ops_void_fptr)f)
|
||||
|
||||
/** ops_map_t
|
||||
*/
|
||||
typedef struct {
|
||||
int type;
|
||||
const char *string;
|
||||
} ops_map_t;
|
||||
|
||||
/** ops_errcode_name_map_t */
|
||||
typedef ops_map_t ops_errcode_name_map_t;
|
||||
|
||||
typedef struct _ops_crypt_t ops_crypt_t;
|
||||
|
||||
/** ops_hash_t */
|
||||
typedef struct _ops_hash_t ops_hash_t;
|
||||
|
||||
/** Revocation Reason type */
|
||||
typedef unsigned char ops_ss_rr_code_t;
|
||||
|
||||
/** ops_parser_content_t */
|
||||
typedef struct ops_parser_content_t ops_parser_content_t;
|
||||
|
||||
/** Reader Flags */
|
||||
/*
|
||||
typedef enum
|
||||
{
|
||||
OPS_RETURN_LENGTH=1,
|
||||
} ops_reader_flags_t;
|
||||
*/
|
||||
|
||||
/** Writer flags */
|
||||
typedef enum {
|
||||
OPS_WF_DUMMY
|
||||
} ops_writer_flags_t;
|
||||
|
||||
/**
|
||||
* \ingroup Create
|
||||
* Contains the required information about how to write
|
||||
*/
|
||||
typedef struct ops_create_info ops_create_info_t;
|
||||
|
||||
#endif
|
|
@ -1,64 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/** \file
|
||||
*/
|
||||
|
||||
#ifndef OPS_UTIL_H
|
||||
#define OPS_UTIL_H
|
||||
|
||||
#include "openpgpsdk/types.h"
|
||||
#include "openpgpsdk/create.h"
|
||||
#include "openpgpsdk/packet-parse.h"
|
||||
|
||||
#include <stdlib.h>
|
||||
|
||||
void hexdump(const unsigned char *, size_t, const char *);
|
||||
|
||||
/*
|
||||
* These macros code ensures that you are casting what you intend to cast.
|
||||
* It works because in "a ? b : c", b and c must have the same type.
|
||||
* This is a copy of the macro defined in openssl/asn1.h.
|
||||
*/
|
||||
#ifndef CHECKED_PTR_OF
|
||||
#define CHECKED_PTR_OF(type, p) ((void*) (1 ? p : (type *)0))
|
||||
#endif
|
||||
#define CHECKED_INSTANCE_OF(type, p) (1 ? p : (type)0)
|
||||
|
||||
/* number of elements in an array */
|
||||
#define OPS_ARRAY_SIZE(a) (sizeof(a)/sizeof(*(a)))
|
||||
|
||||
const char *ops_str_from_map(int, ops_map_t *);
|
||||
|
||||
int ops_set_debug_level(const char *);
|
||||
int ops_get_debug_level(const char *);
|
||||
|
||||
#ifndef PACKAGE_VERSION
|
||||
#define PACKAGE_VERSION "20090201"
|
||||
#endif
|
||||
|
||||
const char *ops_get_version(void);
|
||||
|
||||
#ifndef __UNCONST
|
||||
#define __UNCONST(a) ((void *)(unsigned long)(const void *)(a))
|
||||
#endif
|
||||
|
||||
#endif
|
|
@ -1,102 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
|
||||
typedef struct {
|
||||
unsigned int valid_count;
|
||||
ops_signature_info_t *valid_sigs;
|
||||
unsigned int invalid_count;
|
||||
ops_signature_info_t *invalid_sigs;
|
||||
unsigned int unknown_signer_count;
|
||||
ops_signature_info_t *unknown_sigs;
|
||||
} ops_validate_result_t;
|
||||
|
||||
void ops_validate_result_free(ops_validate_result_t *);
|
||||
|
||||
bool
|
||||
ops_validate_key_signatures(ops_validate_result_t *,
|
||||
const ops_keydata_t *,
|
||||
const ops_keyring_t *,
|
||||
ops_parse_cb_return_t cb(const ops_parser_content_t *, ops_parse_cb_info_t *));
|
||||
bool ops_validate_all_signatures(ops_validate_result_t *,
|
||||
const ops_keyring_t *,
|
||||
ops_parse_cb_return_t cb(const ops_parser_content_t *, ops_parse_cb_info_t *));
|
||||
|
||||
void ops_keydata_reader_set(ops_parse_info_t *, const ops_keydata_t *);
|
||||
|
||||
typedef struct {
|
||||
const ops_keydata_t *key;
|
||||
unsigned packet;
|
||||
unsigned offset;
|
||||
} validate_reader_arg_t;
|
||||
|
||||
/** Struct used with the validate_key_cb callback */
|
||||
typedef struct {
|
||||
ops_public_key_t pkey;
|
||||
ops_public_key_t subkey;
|
||||
ops_secret_key_t skey;
|
||||
enum {
|
||||
ATTRIBUTE = 1,
|
||||
ID
|
||||
} last_seen;
|
||||
ops_user_id_t user_id;
|
||||
ops_user_attribute_t user_attribute;
|
||||
unsigned char hash[OPS_MAX_HASH_SIZE];
|
||||
const ops_keyring_t *keyring;
|
||||
validate_reader_arg_t *rarg;
|
||||
ops_validate_result_t *result;
|
||||
ops_parse_cb_return_t(*cb_get_passphrase) (const ops_parser_content_t *, ops_parse_cb_info_t *);
|
||||
} validate_key_cb_arg_t;
|
||||
|
||||
/** Struct use with the validate_data_cb callback */
|
||||
typedef struct {
|
||||
enum {
|
||||
LITERAL_DATA,
|
||||
SIGNED_CLEARTEXT
|
||||
} use; /* <! this is set to indicate what
|
||||
* kind of data we have */
|
||||
union {
|
||||
ops_literal_data_body_t literal_data_body;
|
||||
/* <! Used to hold Literal Data */
|
||||
ops_signed_cleartext_body_t signed_cleartext_body;
|
||||
/* <! Used to hold * Signed Cleartext */
|
||||
} data; /* <! the data itself */
|
||||
unsigned char hash[OPS_MAX_HASH_SIZE]; /* <! the hash */
|
||||
ops_memory_t *mem;
|
||||
const ops_keyring_t *keyring; /* <! keyring to use */
|
||||
validate_reader_arg_t *rarg; /* <! reader-specific arg */
|
||||
ops_validate_result_t *result; /* <! where to put the result */
|
||||
} validate_data_cb_arg_t; /* <! used with
|
||||
* validate_data_cb callback */
|
||||
|
||||
bool ops_check_signature(const unsigned char *, unsigned,
|
||||
const ops_signature_t *,
|
||||
const ops_public_key_t *);
|
||||
ops_parse_cb_return_t
|
||||
ops_validate_key_cb(const ops_parser_content_t *, ops_parse_cb_info_t *);
|
||||
|
||||
bool ops_validate_file(ops_validate_result_t *, const char *, const int, const ops_keyring_t *);
|
||||
bool ops_validate_mem(ops_validate_result_t *, ops_memory_t *, const int, const ops_keyring_t *);
|
||||
|
||||
ops_parse_cb_return_t
|
||||
validate_data_cb(const ops_parser_content_t *, ops_parse_cb_info_t *);
|
||||
|
||||
bool validate_result_status(ops_validate_result_t *);
|
|
@ -1,39 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#define OPS_VERSION_MAJOR 0
|
||||
/* Set to the version next to be released */
|
||||
#define OPS_VERSION_MINOR 9
|
||||
/* 0 for development version, 1 for release */
|
||||
#define OPS_VERSION_RELEASE 1
|
||||
|
||||
#define OPS_VERSION ((OPS_VERSION_MAJOR << 16)+(OPS_VERSION_MINOR << 1)+OPS_VERSION_RELEASE)
|
||||
|
||||
#if OPS_VERSION_RELEASE
|
||||
#define OPS_DEV_STRING ""
|
||||
#else
|
||||
#define OPS_DEV_STRING " (dev)"
|
||||
#endif
|
||||
|
||||
|
||||
#define OPS_VERSION_CAT(a,b) "OpenPGP:SDK v" #a "." #b OPS_DEV_STRING
|
||||
#define OPS_VERSION_CAT2(a,b) OPS_VERSION_CAT(a,b)
|
||||
#define OPS_VERSION_STRING OPS_VERSION_CAT2(OPS_VERSION_MAJOR,OPS_VERSION_MINOR)
|
|
@ -1,101 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/** \file
|
||||
*/
|
||||
|
||||
#ifndef OPS_WRITER_H
|
||||
#define OPS_WRITER_H
|
||||
|
||||
#include "types.h"
|
||||
#include "packet.h"
|
||||
#include "crypto.h"
|
||||
#include "memory.h"
|
||||
#include "errors.h"
|
||||
#include "keyring.h"
|
||||
|
||||
/**
|
||||
* \ingroup Create
|
||||
* This struct contains the required information about one writer
|
||||
*/
|
||||
/**
|
||||
* \ingroup Writer
|
||||
* the writer function prototype
|
||||
*/
|
||||
|
||||
typedef struct ops_writer_info ops_writer_info_t;
|
||||
typedef bool
|
||||
ops_writer_t(const unsigned char *,
|
||||
unsigned,
|
||||
ops_error_t **,
|
||||
ops_writer_info_t *);
|
||||
typedef bool ops_writer_finaliser_t(ops_error_t **, ops_writer_info_t *);
|
||||
typedef void ops_writer_destroyer_t(ops_writer_info_t *);
|
||||
|
||||
/** Writer settings */
|
||||
struct ops_writer_info {
|
||||
ops_writer_t *writer; /* !< the writer itself */
|
||||
ops_writer_finaliser_t *finaliser; /* !< the writer's finaliser */
|
||||
ops_writer_destroyer_t *destroyer; /* !< the writer's destroyer */
|
||||
void *arg; /* writer-specific argument */
|
||||
ops_writer_info_t *next;/* !< next writer in the stack */
|
||||
};
|
||||
|
||||
|
||||
void *ops_writer_get_arg(ops_writer_info_t *);
|
||||
bool
|
||||
ops_stacked_write(const void *, unsigned, ops_error_t **, ops_writer_info_t *);
|
||||
|
||||
void
|
||||
ops_writer_set(ops_create_info_t *,
|
||||
ops_writer_t *,
|
||||
ops_writer_finaliser_t *,
|
||||
ops_writer_destroyer_t *,
|
||||
void *);
|
||||
void
|
||||
ops_writer_push(ops_create_info_t *,
|
||||
ops_writer_t *,
|
||||
ops_writer_finaliser_t *,
|
||||
ops_writer_destroyer_t *,
|
||||
void *);
|
||||
void ops_writer_pop(ops_create_info_t *);
|
||||
void ops_writer_generic_destroyer(ops_writer_info_t *);
|
||||
bool
|
||||
ops_writer_passthrough(const unsigned char *,
|
||||
unsigned,
|
||||
ops_error_t **,
|
||||
ops_writer_info_t *);
|
||||
|
||||
void ops_writer_set_fd(ops_create_info_t *, int);
|
||||
bool ops_writer_close(ops_create_info_t *);
|
||||
|
||||
bool
|
||||
ops_write(const void *, unsigned, ops_create_info_t *);
|
||||
bool ops_write_length(unsigned, ops_create_info_t *);
|
||||
bool ops_write_ptag(ops_content_tag_t, ops_create_info_t *);
|
||||
bool ops_write_scalar(unsigned, unsigned, ops_create_info_t *);
|
||||
bool ops_write_mpi(const BIGNUM *, ops_create_info_t *);
|
||||
bool ops_write_encrypted_mpi(const BIGNUM *, ops_crypt_t *, ops_create_info_t *);
|
||||
|
||||
void writer_info_delete(ops_writer_info_t *);
|
||||
bool writer_info_finalise(ops_error_t **, ops_writer_info_t *);
|
||||
|
||||
#endif
|
|
@ -1,29 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include <openpgpsdk/armour.h>
|
||||
|
||||
bool
|
||||
ops_writer_push_clearsigned(ops_create_info_t *, ops_create_signature_t *);
|
||||
void ops_writer_push_armoured_message(ops_create_info_t *);
|
||||
bool ops_writer_switch_to_armoured_signature(ops_create_info_t *);
|
||||
|
||||
void ops_writer_push_armoured(ops_create_info_t *, ops_armor_type_t);
|
File diff suppressed because it is too large
Load Diff
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
File diff suppressed because it is too large
Load Diff
|
@ -1,78 +0,0 @@
|
|||
3.2 (MPI) doesn't specify what the unused bits should be set
|
||||
to. This may be deliberate but I think it should either say they MUST
|
||||
be zero (which I prefer) or that their content is unspecified.
|
||||
|
||||
4.2 refers to Content Tags, but 4.3 calls them Packet Tags.
|
||||
|
||||
5.5.2 doesn't mention V2 keys.
|
||||
|
||||
In section 9.1, Schneier is given as the reference for DSA - why not refer to FIPS 186-2, which is freely available? Or, indeed, HAC 11.5.1, available here: http://www.cacr.math.uwaterloo.ca/hac/about/chap11.pdf.
|
||||
|
||||
Similarly 9.2, TripleDES (which, presumably is EDE 3DES - it'd be good
|
||||
to be specific) is on some FIPS document which I forget or in HAC
|
||||
chapter 7 (7.32 in 7.2.3 and 7.4.2).
|
||||
|
||||
----
|
||||
|
||||
In 5.2.1:
|
||||
|
||||
"0x10: Generic certification of a User ID and Public Key packet."
|
||||
|
||||
Does this mean that the signature is over the User ID packet and the Public Key packet, concatenated, in that order? Or what?
|
||||
|
||||
Also, what on earth does:
|
||||
|
||||
Note that all PGP "key signatures" are this type of
|
||||
certification.
|
||||
|
||||
mean?
|
||||
|
||||
In 5.2.2:
|
||||
|
||||
"The data being signed is hashed, and then the signature type and
|
||||
creation time from the signature packet are hashed (5 additional
|
||||
octets)."
|
||||
|
||||
is unclear, suggest:
|
||||
|
||||
"The concatenation of the data to be signed, the signature type and
|
||||
creation time from the signature packet (5 additional octets) is hashed."
|
||||
|
||||
In 5.9:
|
||||
|
||||
" - File name as a string (one-octet length, followed by file name),
|
||||
if the encrypted data should be saved as a file."
|
||||
|
||||
but no mention of what if it shouldn't be saved as a file. 0 length,
|
||||
perhaps?
|
||||
|
||||
Then:
|
||||
|
||||
" - A four-octet number that indicates the modification date of the
|
||||
file, or the creation time of the packet, or a zero that
|
||||
indicates the present time."
|
||||
|
||||
I would _guess_ that it means modification date of the file if there's
|
||||
a filename, the creation time if there isn't. I have no idea what zero
|
||||
is supposed to mean. Nothing, would be the obvious interpretation -
|
||||
"the present time" is nonsensical.
|
||||
|
||||
Once more, when I know what its supposed to mean, I'll suggest
|
||||
wording.
|
||||
|
||||
------
|
||||
|
||||
5.2.3.5 Issuer
|
||||
|
||||
should be:
|
||||
|
||||
5.2.3.5 Issuer key ID
|
||||
|
||||
A tiny point, I know, but it made it hard to find.
|
||||
|
||||
Key algorithms ... these are used in various contexts, and there's a
|
||||
list in 9.1 - some of these are clearly unsuitable in some contexts -
|
||||
for example, one would not expect to see RSA Ecnrpyt-Only (3) in a
|
||||
signature. But I can't find any language saying anything about
|
||||
this. Are there any rules?
|
||||
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
|
@ -1,33 +0,0 @@
|
|||
LIBSUBDIRS=lib
|
||||
SUBDIRS=$(LIBSUBDIRS) app
|
||||
|
||||
default: Makefile
|
||||
set -e; for d in $(SUBDIRS); do \
|
||||
(cd $$d; echo "+++ make in $$d"; $(MAKE) || exit 1; echo "--- $$d") || exit 1; \
|
||||
done
|
||||
|
||||
lib: Makefile
|
||||
@set -e; for d in $(LIBSUBDIRS); do \
|
||||
(cd $$d; echo "+++ make in $$d"; $(MAKE); echo "--- $$d"); \
|
||||
done
|
||||
|
||||
force_depend:
|
||||
@set -e; for d in $(SUBDIRS); do \
|
||||
(cd $$d; echo "+++ make force_depend in $$d"; $(MAKE) force_depend ; echo "--- $$d"); \
|
||||
done
|
||||
|
||||
clean:
|
||||
@set -e; for d in $(SUBDIRS); do \
|
||||
(cd $$d; echo "+++ make clean in $$d"; $(MAKE) clean; echo "--- $$d"); \
|
||||
done
|
||||
find . -name '*.core' | xargs rm -f
|
||||
rm -rf oink-links
|
||||
|
||||
Makefiles:
|
||||
@set -e; for d in $(SUBDIRS); do \
|
||||
(cd $$d; echo "+++ make Makefile in $$d"; $(MAKE) Makefile; echo "--- $$d"); \
|
||||
done
|
||||
|
||||
Makefile: Makefile.template ../configure
|
||||
echo Makefile is older than templates, rerun configure.
|
||||
exit 1
|
|
@ -1,42 +0,0 @@
|
|||
DM_FLAGS=%DM_FLAGS%
|
||||
DM_LIB=%DM_LIB%
|
||||
CC=%CC%
|
||||
|
||||
CFLAGS=-Wall -Werror -g $(DM_FLAGS) -I../../include %INCLUDES% %CFLAGS% -fPIC
|
||||
|
||||
LDFLAGS=-g %LDFLAGS%
|
||||
LIBDEPS=../../lib/libops.a
|
||||
LIBS=$(LIBDEPS) %CRYPTO_LIBS% %ZLIB% %BZ2LIB% %OTHERLIBS% $(DM_LIB)
|
||||
EXES=openpgp
|
||||
|
||||
all: Makefile headers .depend $(LIBDEPS) $(EXES)
|
||||
|
||||
headers:
|
||||
(cd ../../include/openpgpsdk; $(MAKE) headers)
|
||||
|
||||
$(LIBDEPS):
|
||||
(cd ..; $(MAKE) lib)
|
||||
|
||||
openpgp: openpgp.o $(LIBDEPS)
|
||||
$(CC) $(LDFLAGS) -o openpgp openpgp.o $(LIBS)
|
||||
cp openpgp ../../bin
|
||||
|
||||
tags:
|
||||
rm -f TAGS
|
||||
find . -name '*.[ch]' | xargs etags -a
|
||||
|
||||
clean:
|
||||
rm -f openpgp *.o *.i
|
||||
rm -f TAGS
|
||||
|
||||
.depend: *.[ch] ../../include/openpgpsdk/*.h
|
||||
$(CC) $(CFLAGS) -E -M *.c > .depend
|
||||
|
||||
force_depend:
|
||||
$(CC) $(CFLAGS) -E -M *.c > .depend
|
||||
|
||||
Makefile: Makefile.template ../../configure
|
||||
echo Makefile is older than templates, rerun configure.
|
||||
exit 1
|
||||
|
||||
include .depend
|
|
@ -1,613 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/**
|
||||
\file Command line program to perform openpgp operations
|
||||
*/
|
||||
|
||||
#include <getopt.h>
|
||||
#include <libgen.h>
|
||||
#include <regex.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include <openpgpsdk/openpgpsdk.h>
|
||||
|
||||
#define DEFAULT_NUMBITS 2048
|
||||
|
||||
#define MAXBUF 1024
|
||||
|
||||
static const char *usage = "%s --list-keys | --list-packets | --encrypt | --decrypt | --sign | --clearsign | --verify [--keyring=<keyring>] [--userid=<userid>] [--armour] [--homedir=<homedir>] files...\n";
|
||||
static const char *usage_find_key = "%s --find-key --userid=<userid> [--keyring=<keyring>] \n";
|
||||
static const char *usage_export_key = "%s --export-key --userid=<userid> [--keyring=<keyring>] \n";
|
||||
static const char *usage_encrypt = "%s --encrypt --userid=<userid> [--armour] [--homedir=<homedir>] files...\n";
|
||||
static const char *usage_sign = "%s --sign --userid=<userid> [--armour] [--homedir=<homedir>] files...\n";
|
||||
static const char *usage_clearsign = "%s --clearsign --userid=<userid> [--homedir=<homedir>] files...\n";
|
||||
|
||||
static char *pname;
|
||||
|
||||
enum optdefs {
|
||||
/* commands */
|
||||
LIST_KEYS = 1,
|
||||
FIND_KEY,
|
||||
EXPORT_KEY,
|
||||
IMPORT_KEY,
|
||||
GENERATE_KEY,
|
||||
ENCRYPT,
|
||||
DECRYPT,
|
||||
SIGN,
|
||||
CLEARSIGN,
|
||||
VERIFY,
|
||||
LIST_PACKETS,
|
||||
VERSION_CMD,
|
||||
|
||||
/* options */
|
||||
KEYRING,
|
||||
USERID,
|
||||
PASSPHRASE,
|
||||
ARMOUR,
|
||||
HOMEDIR,
|
||||
NUMBITS,
|
||||
|
||||
/* debug */
|
||||
OPS_DEBUG
|
||||
|
||||
};
|
||||
|
||||
enum {
|
||||
USERID_RAW_LEN = OPS_KEY_ID_SIZE,
|
||||
USERID_FORMATTED = USERID_RAW_LEN * 2
|
||||
};
|
||||
|
||||
#define EXIT_ERROR 2
|
||||
|
||||
static struct option long_options[] = {
|
||||
/* commands */
|
||||
{"list-keys", no_argument, NULL, LIST_KEYS},
|
||||
{"find-key", no_argument, NULL, FIND_KEY},
|
||||
{"export-key", no_argument, NULL, EXPORT_KEY},
|
||||
{"import-key", no_argument, NULL, IMPORT_KEY},
|
||||
{"generate-key", no_argument, NULL, GENERATE_KEY},
|
||||
|
||||
{"encrypt", no_argument, NULL, ENCRYPT},
|
||||
{"decrypt", no_argument, NULL, DECRYPT},
|
||||
{"sign", no_argument, NULL, SIGN},
|
||||
{"clearsign", no_argument, NULL, CLEARSIGN},
|
||||
{"verify", no_argument, NULL, VERIFY},
|
||||
|
||||
{"list-packets", no_argument, NULL, LIST_PACKETS},
|
||||
|
||||
{"version", no_argument, NULL, VERSION_CMD},
|
||||
|
||||
/* options */
|
||||
{"keyring", required_argument, NULL, KEYRING},
|
||||
{"userid", required_argument, NULL, USERID},
|
||||
{"passphrase", required_argument, NULL, PASSPHRASE},
|
||||
{"homedir", required_argument, NULL, HOMEDIR},
|
||||
{"armor", no_argument, NULL, ARMOUR},
|
||||
{"armour", no_argument, NULL, ARMOUR},
|
||||
{"numbits", required_argument, NULL, NUMBITS},
|
||||
|
||||
/* debug */
|
||||
{"debug", required_argument, NULL, OPS_DEBUG},
|
||||
|
||||
{ NULL, 0, NULL, 0},
|
||||
};
|
||||
|
||||
/* gather up program variables into one struct */
|
||||
typedef struct prog_t {
|
||||
char keyring[MAXBUF + 1]; /* name of keyring */
|
||||
char userid[MAXBUF + 1]; /* user identifier */
|
||||
char passphrase[MAXBUF + 1]; /* passphrase */
|
||||
char myring_name[MAXBUF + 1]; /* myring filename */
|
||||
ops_keyring_t *myring; /* personal keyring */
|
||||
char pubring_name[MAXBUF + 1]; /* pubring filename */
|
||||
ops_keyring_t *pubring; /* public keyring */
|
||||
char secring_name[MAXBUF + 1]; /* secret ring file */
|
||||
ops_keyring_t *secring; /* secret keyring */
|
||||
bool overwrite; /* overwrite files? */
|
||||
int numbits; /* # of bits */
|
||||
int armour; /* ASCII armor */
|
||||
int cmd; /* openpgp command */
|
||||
int ex; /* exit code */
|
||||
} prog_t;
|
||||
|
||||
|
||||
|
||||
|
||||
/* print a usage message */
|
||||
static void
|
||||
print_usage(const char *usagemsg, char *progname)
|
||||
{
|
||||
(void) fprintf(stderr, "\nUsage: ");
|
||||
(void) fprintf(stderr, usagemsg, basename(progname));
|
||||
}
|
||||
|
||||
#ifndef MIN
|
||||
#define MIN(a,b) (((a) < (b)) ? (a) : (b))
|
||||
#endif
|
||||
|
||||
/* read any gpg config file */
|
||||
static int
|
||||
conf_file(prog_t *p, char *homedir)
|
||||
{
|
||||
regmatch_t matchv[10];
|
||||
regex_t r;
|
||||
char buf[BUFSIZ];
|
||||
FILE *fp;
|
||||
|
||||
(void) snprintf(buf, sizeof(buf), "%s/gpg.conf", homedir);
|
||||
if ((fp = fopen(buf, "r")) == NULL) {
|
||||
return 0;
|
||||
}
|
||||
(void) regcomp(&r, "^[ \t]*default-key[ \t]+([0-9a-zA-F]+)",
|
||||
REG_EXTENDED);
|
||||
while (fgets(buf, sizeof(buf), fp) != NULL) {
|
||||
if (regexec(&r, buf, 10, matchv, 0) == 0) {
|
||||
(void) memcpy(p->userid, &buf[(int)matchv[1].rm_so],
|
||||
MIN(matchv[1].rm_eo - matchv[1].rm_so,
|
||||
sizeof(p->userid)));
|
||||
printf("setting default key to \"%.*s\"\n",
|
||||
(int)(matchv[1].rm_eo - matchv[1].rm_so),
|
||||
&buf[(int)matchv[1].rm_so]);
|
||||
}
|
||||
}
|
||||
(void) fclose(fp);
|
||||
return 1;
|
||||
}
|
||||
|
||||
/* wrapper to get a pass phrase from the user */
|
||||
static void
|
||||
get_pass_phrase(char *phrase, size_t size)
|
||||
{
|
||||
char *p;
|
||||
|
||||
if ((p = getpass("openpgp passphrase: ")) == NULL) {
|
||||
exit(EXIT_ERROR);
|
||||
}
|
||||
(void) snprintf(phrase, size, "%s", p);
|
||||
}
|
||||
|
||||
/* small function to pretty print an 8-character raw userid */
|
||||
static char *
|
||||
userid_to_id(const unsigned char *userid, char *id)
|
||||
{
|
||||
static const char *hexes = "0123456789ABCDEF";
|
||||
int i;
|
||||
|
||||
for (i = 0; i < USERID_RAW_LEN ; i++) {
|
||||
id[i * 2] = hexes[(userid[i] & 0xf0) >> 4];
|
||||
id[(i * 2) + 1] = hexes[userid[i] & 0xf];
|
||||
}
|
||||
id[USERID_FORMATTED] = 0x0;
|
||||
return id;
|
||||
}
|
||||
|
||||
/* print out the successful signature information */
|
||||
static void
|
||||
psuccess(char *f, ops_validate_result_t * results, ops_keyring_t *pubring)
|
||||
{
|
||||
const ops_keydata_t *pubkey;
|
||||
char id[USERID_FORMATTED + 1];
|
||||
int i;
|
||||
|
||||
for (i = 0; i < results->valid_count; i++) {
|
||||
printf("Good signature for %s made %susing %s key %s\n",
|
||||
f,
|
||||
ctime(&results->valid_sigs[i].creation_time),
|
||||
ops_show_pka(results->valid_sigs[i].key_algorithm),
|
||||
userid_to_id(results->valid_sigs[i].signer_id, id));
|
||||
pubkey = ops_keyring_find_key_by_id(pubring,
|
||||
(const unsigned char *)
|
||||
results->valid_sigs[i].signer_id);
|
||||
ops_print_public_keydata(pubkey);
|
||||
}
|
||||
}
|
||||
|
||||
/* do a command once for a specified file 'f' */
|
||||
static void
|
||||
openpgp(prog_t *p, char *f)
|
||||
{
|
||||
const ops_keydata_t *keydata;
|
||||
ops_validate_result_t *validate_result;
|
||||
ops_create_info_t *cinfo;
|
||||
ops_keydata_t *mykeydata;
|
||||
ops_memory_t *mem;
|
||||
ops_secret_key_t *skey;
|
||||
ops_user_id_t uid;
|
||||
const char *suffix;
|
||||
char outname[MAXBUF + 1];
|
||||
int fd;
|
||||
|
||||
(void) memset(&uid, 0x0, sizeof(uid));
|
||||
switch (p->cmd) {
|
||||
case LIST_KEYS:
|
||||
ops_keyring_list((p->keyring[0]) ? p->myring : p->pubring);
|
||||
break;
|
||||
|
||||
case FIND_KEY:
|
||||
if (p->userid[0] == 0x0) {
|
||||
print_usage(usage_find_key, pname);
|
||||
exit(EXIT_ERROR);
|
||||
}
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
(void) fprintf(stderr, "userid: %s\n", p->userid);
|
||||
}
|
||||
keydata = ops_keyring_find_key_by_userid((p->keyring[0]) ?
|
||||
p->myring : p->pubring, p->userid);
|
||||
p->ex = (keydata) ? EXIT_FAILURE : EXIT_SUCCESS;
|
||||
/* ops_keyring_free(&keyring); */
|
||||
break;
|
||||
|
||||
case EXPORT_KEY:
|
||||
if (p->keyring[0] == 0x0 || p->userid[0] == 0x0) {
|
||||
print_usage(usage_export_key, pname);
|
||||
exit(EXIT_ERROR);
|
||||
}
|
||||
keydata = ops_keyring_find_key_by_userid((p->keyring[0]) ?
|
||||
p->myring : p->pubring, p->userid);
|
||||
if (!keydata) {
|
||||
fprintf(stderr, "Cannot find key in keyring\n");
|
||||
exit(EXIT_ERROR);
|
||||
}
|
||||
ops_setup_memory_write(&cinfo, &mem, 128);
|
||||
if (ops_get_keydata_content_type(keydata) == OPS_PTAG_CT_PUBLIC_KEY) {
|
||||
ops_write_transferable_public_key(keydata,
|
||||
true, cinfo);
|
||||
} else {
|
||||
ops_write_transferable_secret_key(keydata,
|
||||
(unsigned char *) p->passphrase,
|
||||
strlen(p->passphrase), true, cinfo);
|
||||
}
|
||||
printf("%s", (char *) ops_memory_get_data(mem));
|
||||
ops_teardown_memory_write(cinfo, mem);
|
||||
break;
|
||||
|
||||
case IMPORT_KEY:
|
||||
(void) fprintf(stderr, "before:\n");
|
||||
ops_keyring_list(p->pubring);
|
||||
|
||||
/* read new key */
|
||||
if (!ops_keyring_read_from_file(p->pubring, p->armour, f)) {
|
||||
fprintf(stderr, "Cannot import key from file %s\n", f);
|
||||
exit(EXIT_ERROR);
|
||||
}
|
||||
(void) fprintf(stderr, "after:\n");
|
||||
ops_keyring_list(p->pubring);
|
||||
break;
|
||||
|
||||
case GENERATE_KEY:
|
||||
uid.user_id = (unsigned char *) p->userid;
|
||||
mykeydata = ops_rsa_create_selfsigned_keypair(p->numbits,
|
||||
65537, &uid);
|
||||
if (!mykeydata) {
|
||||
fprintf(stderr, "Cannot generate key\n");
|
||||
exit(EXIT_ERROR);
|
||||
}
|
||||
/* write public key */
|
||||
/* append to keyrings */
|
||||
fd = ops_setup_file_append(&cinfo, p->pubring_name);
|
||||
ops_write_transferable_public_key(mykeydata, false, cinfo);
|
||||
ops_teardown_file_write(cinfo, fd);
|
||||
|
||||
ops_keyring_free(p->pubring);
|
||||
if (!ops_keyring_read_from_file(p->pubring, false, p->pubring_name)) {
|
||||
(void) fprintf(stderr, "Cannot re-read keyring %s\n", p->pubring_name);
|
||||
exit(EXIT_ERROR);
|
||||
}
|
||||
fd = ops_setup_file_append(&cinfo, p->secring_name);
|
||||
ops_write_transferable_secret_key(mykeydata, NULL, 0, false, cinfo);
|
||||
ops_teardown_file_write(cinfo, fd);
|
||||
ops_keyring_free(p->secring);
|
||||
if (!ops_keyring_read_from_file(p->secring, false, p->secring_name)) {
|
||||
fprintf(stderr, "Cannot re-read keyring %s\n", p->secring_name);
|
||||
exit(EXIT_ERROR);
|
||||
}
|
||||
ops_keydata_free(mykeydata);
|
||||
break;
|
||||
|
||||
case ENCRYPT:
|
||||
if (p->userid[0] == 0x0) {
|
||||
print_usage(usage_encrypt, pname);
|
||||
exit(EXIT_ERROR);
|
||||
}
|
||||
suffix = p->armour ? ".asc" : ".gpg";
|
||||
keydata = ops_keyring_find_key_by_userid(p->pubring, p->userid);
|
||||
if (!keydata) {
|
||||
fprintf(stderr, "Userid '%s' not found in keyring\n",
|
||||
p->userid);
|
||||
exit(EXIT_ERROR);
|
||||
}
|
||||
(void) snprintf(outname, sizeof(outname), "%s%s", f, suffix);
|
||||
p->overwrite = true;
|
||||
ops_encrypt_file(f, outname, keydata, p->armour, p->overwrite);
|
||||
break;
|
||||
|
||||
case DECRYPT:
|
||||
p->overwrite = true;
|
||||
ops_decrypt_file(f, NULL, p->secring, p->armour,
|
||||
p->overwrite, get_passphrase_cb);
|
||||
break;
|
||||
|
||||
case SIGN:
|
||||
if (p->userid[0] == 0x0) {
|
||||
print_usage(usage_sign, pname);
|
||||
exit(EXIT_ERROR);
|
||||
}
|
||||
/* get key with which to sign */
|
||||
keydata = ops_keyring_find_key_by_userid(p->secring, p->userid);
|
||||
if (!keydata) {
|
||||
fprintf(stderr, "Userid '%s' not found in keyring\n",
|
||||
p->userid);
|
||||
exit(EXIT_ERROR);
|
||||
}
|
||||
do {
|
||||
/* print out the user id */
|
||||
ops_print_public_keydata(keydata);
|
||||
/* get the passphrase */
|
||||
if (p->passphrase[0] == 0x0) {
|
||||
get_pass_phrase(p->passphrase,
|
||||
sizeof(p->passphrase));
|
||||
}
|
||||
/* now decrypt key */
|
||||
skey = ops_decrypt_secret_key_from_data(keydata,
|
||||
p->passphrase);
|
||||
if (skey == NULL) {
|
||||
(void) fprintf(stderr, "Bad passphrase\n");
|
||||
p->passphrase[0] = 0x0;
|
||||
}
|
||||
} while (skey == NULL);
|
||||
|
||||
/* sign file */
|
||||
p->overwrite = true;
|
||||
ops_sign_file(f, NULL, skey, p->armour, p->overwrite);
|
||||
break;
|
||||
|
||||
case CLEARSIGN:
|
||||
if (p->userid[0] == 0x0) {
|
||||
print_usage(usage_clearsign, pname);
|
||||
exit(EXIT_ERROR);
|
||||
}
|
||||
/* get key with which to sign */
|
||||
keydata = ops_keyring_find_key_by_userid(p->secring, p->userid);
|
||||
if (!keydata) {
|
||||
fprintf(stderr, "Userid '%s' not found in keyring\n",
|
||||
p->userid);
|
||||
exit(EXIT_ERROR);
|
||||
}
|
||||
do {
|
||||
/* print out the user id */
|
||||
ops_print_public_keydata(keydata);
|
||||
/* get the passphrase */
|
||||
if (p->passphrase[0] == 0x0) {
|
||||
get_pass_phrase(p->passphrase,
|
||||
sizeof(p->passphrase));
|
||||
}
|
||||
/* now decrypt key */
|
||||
skey = ops_decrypt_secret_key_from_data(keydata,
|
||||
p->passphrase);
|
||||
if (skey == NULL) {
|
||||
(void) fprintf(stderr, "Bad passphrase\n");
|
||||
p->passphrase[0] = 0x0;
|
||||
}
|
||||
} while (skey == NULL);
|
||||
|
||||
/* sign file */
|
||||
p->overwrite = true;
|
||||
ops_sign_file_as_cleartext(f, NULL, skey, p->overwrite);
|
||||
break;
|
||||
|
||||
case VERIFY:
|
||||
validate_result = calloc(1, sizeof(ops_validate_result_t));
|
||||
if (ops_validate_file(validate_result, f, p->armour,
|
||||
p->pubring) == true) {
|
||||
psuccess(f, validate_result, p->pubring);
|
||||
} else {
|
||||
(void) fprintf(stderr, "\"%s\": verification failure: %d invalid signatures, %d unknown signatures\n", f, validate_result->invalid_count, validate_result->unknown_signer_count);
|
||||
p->ex = EXIT_FAILURE;
|
||||
}
|
||||
ops_validate_result_free(validate_result);
|
||||
break;
|
||||
|
||||
case LIST_PACKETS:
|
||||
ops_list_packets(f, p->armour, p->pubring, get_passphrase_cb);
|
||||
break;
|
||||
|
||||
default:
|
||||
print_usage(usage, pname);
|
||||
exit(EXIT_ERROR);
|
||||
}
|
||||
}
|
||||
|
||||
int
|
||||
main(int argc, char **argv)
|
||||
{
|
||||
prog_t p;
|
||||
char homedir[MAXBUF + 1];
|
||||
int zeroargs;
|
||||
int optindex = 0;
|
||||
int ch = 0;
|
||||
int i;
|
||||
|
||||
pname = argv[0];
|
||||
(void) memset(&p, 0x0, sizeof(p));
|
||||
(void) memset(homedir, 0x0, sizeof(homedir));
|
||||
zeroargs = 0;
|
||||
p.numbits = DEFAULT_NUMBITS;
|
||||
p.overwrite = true;
|
||||
if (argc < 2) {
|
||||
print_usage(usage, pname);
|
||||
exit(EXIT_ERROR);
|
||||
}
|
||||
|
||||
/* set default homedir */
|
||||
(void) snprintf(homedir, sizeof(homedir), "%s/.gnupg", getenv("HOME"));
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
printf("homedir: %s\n", homedir);
|
||||
}
|
||||
|
||||
/* read any settings in the conf file */
|
||||
(void) conf_file(&p, homedir);
|
||||
|
||||
while ((ch = getopt_long(argc, argv, "", long_options, &optindex)) != -1) {
|
||||
|
||||
/* read options and commands */
|
||||
|
||||
switch (long_options[optindex].val) {
|
||||
/* commands */
|
||||
case LIST_KEYS:
|
||||
zeroargs = 1;
|
||||
p.cmd = long_options[optindex].val;
|
||||
break;
|
||||
case FIND_KEY:
|
||||
case EXPORT_KEY:
|
||||
case IMPORT_KEY:
|
||||
case GENERATE_KEY:
|
||||
case ENCRYPT:
|
||||
case DECRYPT:
|
||||
case SIGN:
|
||||
case CLEARSIGN:
|
||||
case VERIFY:
|
||||
case LIST_PACKETS:
|
||||
p.cmd = long_options[optindex].val;
|
||||
break;
|
||||
|
||||
case VERSION_CMD:
|
||||
printf("%s version: %s using %s\n",
|
||||
*argv, ops_get_version(),
|
||||
OPS_VERSION_STRING);
|
||||
exit(EXIT_SUCCESS);
|
||||
|
||||
/* options */
|
||||
case KEYRING:
|
||||
if (optarg == NULL) {
|
||||
(void) fprintf(stderr, "No keyring argument provided\n");
|
||||
exit(EXIT_ERROR);
|
||||
}
|
||||
snprintf(p.keyring, sizeof(p.keyring), "%s", optarg);
|
||||
break;
|
||||
|
||||
case USERID:
|
||||
if (optarg == NULL) {
|
||||
(void) fprintf(stderr, "No userid argument provided\n");
|
||||
exit(EXIT_ERROR);
|
||||
}
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
(void) fprintf(stderr, "user_id is '%s'\n", optarg);
|
||||
}
|
||||
snprintf(p.userid, sizeof(p.userid), "%s", optarg);
|
||||
break;
|
||||
|
||||
case PASSPHRASE:
|
||||
if (optarg == NULL) {
|
||||
(void) fprintf(stderr, "No passphrase argument provided\n");
|
||||
exit(EXIT_ERROR);
|
||||
}
|
||||
snprintf(p.passphrase, sizeof(p.passphrase), "%s", optarg);
|
||||
break;
|
||||
|
||||
case ARMOUR:
|
||||
p.armour = 1;
|
||||
break;
|
||||
|
||||
case HOMEDIR:
|
||||
if (optarg == NULL) {
|
||||
(void) fprintf(stderr, "No home directory argument provided\n");
|
||||
exit(EXIT_ERROR);
|
||||
}
|
||||
(void) snprintf(homedir, sizeof(homedir), "%s", optarg);
|
||||
conf_file(&p, homedir);
|
||||
break;
|
||||
|
||||
|
||||
case NUMBITS:
|
||||
if (optarg == NULL) {
|
||||
(void) fprintf(stderr, "No number of bits argument provided\n");
|
||||
exit(EXIT_ERROR);
|
||||
}
|
||||
p.numbits = atoi(optarg);
|
||||
break;
|
||||
|
||||
case OPS_DEBUG:
|
||||
ops_set_debug_level(optarg);
|
||||
break;
|
||||
|
||||
default:
|
||||
printf("shouldn't be here: option=%d\n", long_options[optindex].val);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* Read keyrings.
|
||||
* read public and secret from homedir.
|
||||
* (assumed names are pubring.gpg and secring.gpg).
|
||||
* Also read named keyring, if given.
|
||||
*
|
||||
* We will then have variables pubring, secring and myring.
|
||||
*/
|
||||
|
||||
(void) snprintf(p.pubring_name, sizeof(p.pubring_name), "%s/pubring.gpg", homedir);
|
||||
p.pubring = calloc(1, sizeof(*p.pubring));
|
||||
if (!ops_keyring_read_from_file(p.pubring, false, p.pubring_name)) {
|
||||
fprintf(stderr, "Cannot read keyring %s\n", p.pubring_name);
|
||||
exit(EXIT_ERROR);
|
||||
}
|
||||
snprintf(p.secring_name, sizeof(p.secring_name), "%s/secring.gpg", homedir);
|
||||
p.secring = calloc(1, sizeof(*p.secring));
|
||||
if (!ops_keyring_read_from_file(p.secring, false, p.secring_name)) {
|
||||
fprintf(stderr, "Cannot read keyring %s\n", p.secring_name);
|
||||
exit(EXIT_ERROR);
|
||||
}
|
||||
if (p.keyring[0] != 0x0) {
|
||||
snprintf(p.myring_name, sizeof(p.myring_name), "%s/%s", homedir, p.keyring);
|
||||
p.myring = calloc(1, sizeof(*p.myring));
|
||||
if (!ops_keyring_read_from_file(p.myring, false, p.myring_name)) {
|
||||
fprintf(stderr, "Cannot read keyring %s\n", p.myring_name);
|
||||
exit(EXIT_ERROR);
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* now do the required action for each of the files on the command
|
||||
* line
|
||||
*/
|
||||
if (zeroargs) {
|
||||
openpgp(&p, NULL);
|
||||
} else {
|
||||
for (p.ex = EXIT_SUCCESS, i = optind; i < argc; i++) {
|
||||
openpgp(&p, argv[i]);
|
||||
}
|
||||
}
|
||||
|
||||
if (p.pubring) {
|
||||
ops_keyring_free(p.pubring);
|
||||
}
|
||||
if (p.secring) {
|
||||
ops_keyring_free(p.secring);
|
||||
}
|
||||
if (p.myring) {
|
||||
ops_keyring_free(p.myring);
|
||||
}
|
||||
exit(p.ex);
|
||||
}
|
|
@ -1,340 +0,0 @@
|
|||
/*! \mainpage Documentation
|
||||
*
|
||||
* The OpenPGP::SDK library has 2 APIs (High Level and Core), which can be used interchangeably by a user of the library.
|
||||
|
||||
There are also some functions documented here as Internal API, which will be of use to OpenPGP::SDK developers.
|
||||
|
||||
\section section_highlevel_api The High-Level API
|
||||
|
||||
The High-Level API provides easy access to common crypto tasks.
|
||||
|
||||
Examples are:
|
||||
|
||||
- "find the key in the keyring corresponding to this id"
|
||||
- "sign this text with that key".
|
||||
|
||||
It is built on functions offered by the Core API.
|
||||
|
||||
Developers should initially consider using the High-Level API, unless they need the additional control available in the Core API.
|
||||
|
||||
- \ref HighLevelAPI : follow this link for more details
|
||||
|
||||
\section section_core_api The Core API
|
||||
|
||||
The Core API offers detailed control over all aspects of the SDK.
|
||||
|
||||
- \ref CoreAPI : follow this link for more details
|
||||
|
||||
\section section_internal_api The Internal API
|
||||
|
||||
The Internal API contains functions for use by SDK developers.
|
||||
|
||||
- \ref InternalAPI: follow this link for more details
|
||||
|
||||
*/
|
||||
|
||||
/** @defgroup HighLevelAPI High Level API
|
||||
\brief Easy access to OpenPGP::SDK functions
|
||||
|
||||
This API provides basic high-level functionality, which should be
|
||||
suitable for most users.
|
||||
|
||||
If you want more fine-grained control, consider using the Core API.
|
||||
|
||||
A good place to look for example code which uses the High Level API is the command line application, found in openpgpsdk/src/app/openpgp.c.
|
||||
|
||||
Example code:
|
||||
\code
|
||||
void main()
|
||||
{
|
||||
ops_uid_id_t uid;
|
||||
char* pubring_name="pubring.gpg";
|
||||
char* secring_name="secring.gpg";
|
||||
char* passphrase="mysecret";
|
||||
int pplen=strlen(passphrase);
|
||||
ops_keyring_t* pubring=NULL;
|
||||
ops_keyring_t* secring=NULL;
|
||||
ops_keydata_t * keydata=NULL;
|
||||
ops_create_info_t* cinfo=NULL;
|
||||
ops_secret_key_t* skey=NULL;
|
||||
ops_validate_result* validate_result=NULL;
|
||||
int fd=0;
|
||||
|
||||
ops_init();
|
||||
|
||||
// Create a new self-signed RSA key pair
|
||||
uid.user_id=(unsigned char *) "Test User (RSA 2048-bit key) <testuser@test.com>";
|
||||
keydata=ops_rsa_create_selfsigned_keypair(2048,65537,&uid);
|
||||
if (!keydata)
|
||||
exit (-1);
|
||||
|
||||
// Append to keyrings
|
||||
fd=ops_setup_file_append(&cinfo, pubring_name);
|
||||
ops_write_transferable_public_key(keydata, ARMOUR_NO, cinfo);
|
||||
ops_teardown_file_write(cinfo,fd)
|
||||
|
||||
fd=ops_setup_file_append(&cinfo, secring_name);
|
||||
ops_write_transferable_secret_key(keydata, passphrase, pplen, ARMOUR_NO, cinfo);
|
||||
ops_teardown_file_write(cinfo,fd)
|
||||
|
||||
// Load public and secret keyrings
|
||||
if (!ops_keyring_read_from_file(pubring, ARMOUR_NO, pubring_name))
|
||||
exit(-1);
|
||||
if (!ops_keyring_read_from_file(secring, ARMOUR_NO, secring_name))
|
||||
exit(-1);
|
||||
|
||||
// Sign a file with the new secret key
|
||||
skey=ops_decrypt_secret_key_from_data(keydata,passphrase);
|
||||
if (!ops_sign_file("mytestfile", NULL, skey, ARMOUR_YES, OVERWRITE_YES))
|
||||
exit(-1);
|
||||
|
||||
// Verify signed file with new public key
|
||||
validate_result=ops_mallocz(sizeof *validate_result);
|
||||
if (ops_validate_file(validate_result, "mytestfile.asc", ARMOUR_YES, pubring)==ops_true)
|
||||
printf("OK\n")
|
||||
else
|
||||
printf("Not verified OK: %d invalid signatures, %d unknown signatures\n", validate_result->invalid_count, validate_result->unknown_signer_count);
|
||||
ops_validate_result_free(validate_result);
|
||||
|
||||
// Encrypt a file with the new public key
|
||||
if (ops_encrypt_file("mytestfile2", NULL, keydata, ARMOUR_YES, OVERWRITE_YES)!=ops_true)
|
||||
exit(-1);
|
||||
|
||||
// Decrypt encrypted file with the new secret key
|
||||
if (ops_decrypt_file("mytestfile2.asc",NULL, secring, ARMOUR_YES, OVERWRITE_YES, callback_cmd_get_passphrase_from_cmdline)!=ops_true)
|
||||
exit(-1)
|
||||
|
||||
ops_finish();
|
||||
}
|
||||
\endcode
|
||||
*/
|
||||
|
||||
/** @defgroup CoreAPI Core API
|
||||
This API provides detailed control over all aspects of the SDK.
|
||||
|
||||
You may find that the easier-to-use High Level API meets your needs.
|
||||
|
||||
Please note that the Core API documentation is still a Work-In-Progress.
|
||||
|
||||
If you are using the Core API for the first time, you may find that the best place to start if by finding an existing function which does most of what you need and modifying it. A good place to look for such a function is in the test suite (openpgpsdk/tests).
|
||||
*
|
||||
* \par To Read OpenPGP packets
|
||||
* - \ref Core_ReadPackets
|
||||
* - \ref Core_Readers
|
||||
*
|
||||
* \par Usage 1 : To Parse an input stream (discarding parsed data)
|
||||
* - Configure an ops_parse_options_t structure
|
||||
* - Set "Reader" function and args (to get the data)
|
||||
* - Set "Callback" function and args (to do something useful with the parsed data)
|
||||
* - Call ops_parse_options() to specify whether individual subpacket types are to parsed, left raw or ignored
|
||||
* - Finally, call ops_parse()
|
||||
*
|
||||
* \par Usage 2 : To Parse an input stream (storing parsed data in keyring)
|
||||
* - Get keyring
|
||||
* - Configure an ops_parse_options_t structure
|
||||
* - Set "Reader" function and args (to get the data)
|
||||
* - No need to set "Callback" function and args
|
||||
* - No need to call ops_parse_options() to specify whether individual subpacket types are to parsed, left raw or ignored
|
||||
* - Call ops_parse_and_accumulate() to populate keyring
|
||||
* - Don't forget to call ops_keyring_free() when you've finished with the keyring to release the memory.
|
||||
*/
|
||||
|
||||
/** @defgroup InternalAPI Internal API
|
||||
This API provides code used by SDK developers.
|
||||
*/
|
||||
|
||||
/** \defgroup HighLevel_Sign Sign File or Buffer
|
||||
\ingroup HighLevelAPI
|
||||
*/
|
||||
|
||||
/** \defgroup HighLevel_Verify Verify File, Buffer, Key or Keyring
|
||||
\ingroup HighLevelAPI
|
||||
*/
|
||||
|
||||
/** \defgroup HighLevel_Crypto Encrypt or Decrypt File
|
||||
\ingroup HighLevelAPI
|
||||
*/
|
||||
|
||||
/**
|
||||
\defgroup HighLevel_Keyring Keys and Keyrings
|
||||
\ingroup HighLevelAPI
|
||||
*/
|
||||
|
||||
/** \defgroup HighLevel_Supported Supported Algorithms
|
||||
\ingroup HighLevelAPI
|
||||
*/
|
||||
|
||||
/** \defgroup HighLevel_Memory Memory
|
||||
\ingroup HighLevelAPI
|
||||
*/
|
||||
|
||||
/**
|
||||
\defgroup HighLevel_General General
|
||||
\ingroup HighLevelAPI
|
||||
*/
|
||||
|
||||
/**
|
||||
\defgroup HighLevel_KeyringRead Read Keyring
|
||||
\ingroup HighLevel_Keyring
|
||||
*/
|
||||
|
||||
/**
|
||||
\defgroup HighLevel_KeyringList List Keyring
|
||||
\ingroup HighLevel_Keyring
|
||||
*/
|
||||
|
||||
/**
|
||||
\defgroup HighLevel_KeyringFind Find Key
|
||||
\ingroup HighLevel_Keyring
|
||||
*/
|
||||
|
||||
/**
|
||||
\defgroup HighLevel_KeyGenerate Generate Key
|
||||
\ingroup HighLevel_Keyring
|
||||
*/
|
||||
|
||||
/**
|
||||
\defgroup HighLevel_KeyWrite Write Key
|
||||
\ingroup HighLevel_Keyring
|
||||
*/
|
||||
|
||||
/**
|
||||
\defgroup HighLevel_KeyGeneral Other Key Functions
|
||||
\ingroup HighLevel_Keyring
|
||||
*/
|
||||
|
||||
/** \defgroup Core_ReadPackets Read OpenPGP packets
|
||||
\ingroup CoreAPI
|
||||
*/
|
||||
|
||||
/**
|
||||
\defgroup Core_Readers Readers
|
||||
\ingroup CoreAPI
|
||||
*/
|
||||
|
||||
/** \defgroup Core_WritePackets Write OpenPGP packets
|
||||
\ingroup CoreAPI
|
||||
*/
|
||||
|
||||
|
||||
/**
|
||||
\defgroup HighLevel_Callbacks Callbacks
|
||||
\ingroup HighLevelAPI
|
||||
*/
|
||||
|
||||
/**
|
||||
\defgroup Core_Writers Writers
|
||||
\ingroup CoreAPI
|
||||
*/
|
||||
|
||||
/**
|
||||
\defgroup Core_WritersFirst First (stacks start with one of these)
|
||||
\ingroup Core_Writers
|
||||
*/
|
||||
|
||||
/**
|
||||
\defgroup Core_WritersNext Next (stacks may use these)
|
||||
\ingroup Core_Writers
|
||||
*/
|
||||
|
||||
/**
|
||||
\defgroup Core_Errors Error Handling
|
||||
\ingroup CoreAPI
|
||||
*/
|
||||
|
||||
/**
|
||||
\defgroup Core_Readers_First First (stacks start with one of these)
|
||||
\ingroup Core_Readers
|
||||
*/
|
||||
|
||||
/**
|
||||
\defgroup Core_Readers_Additional Additional (stacks may use these)
|
||||
\ingroup Core_Readers
|
||||
*/
|
||||
|
||||
/**
|
||||
\defgroup Core_Readers_Armour Armoured Data
|
||||
\ingroup Core_Readers_Additional
|
||||
*/
|
||||
|
||||
/**
|
||||
\defgroup Core_Readers_SE Symmetrically-Encrypted Data
|
||||
\ingroup Core_Readers_Additional
|
||||
*/
|
||||
|
||||
/**
|
||||
\defgroup Core_Readers_SEIP Symmetrically-Encrypted-Integrity-Protected Data
|
||||
\ingroup Core_Readers_Additional
|
||||
*/
|
||||
|
||||
/** \defgroup Core_Keys Keys and Keyrings
|
||||
\ingroup CoreAPI
|
||||
*/
|
||||
|
||||
/** \defgroup Core_Hashes Hashes
|
||||
\ingroup CoreAPI
|
||||
*/
|
||||
|
||||
/** \defgroup Core_Crypto Encryption/Decryption
|
||||
\ingroup CoreAPI
|
||||
*/
|
||||
|
||||
/** \defgroup Core_Signature Signatures/Verification
|
||||
\ingroup CoreAPI
|
||||
*/
|
||||
|
||||
/** \defgroup Core_Compress Compression/Decompression
|
||||
\ingroup CoreAPI
|
||||
*/
|
||||
|
||||
/** \defgroup Core_MPI Functions to do with MPIs
|
||||
\ingroup CoreAPI
|
||||
*/
|
||||
|
||||
/**
|
||||
\defgroup Core_Print Print
|
||||
\ingroup CoreAPI
|
||||
*/
|
||||
|
||||
/** \defgroup Core_Lists Linked Lists
|
||||
\ingroup CoreAPI
|
||||
*/
|
||||
|
||||
/** \defgroup Core_Memory Memory
|
||||
\ingroup CoreAPI
|
||||
*/
|
||||
|
||||
/**
|
||||
\defgroup Core_Callbacks Callbacks
|
||||
\ingroup CoreAPI
|
||||
These callback functions are used when parsing or creating.
|
||||
*/
|
||||
|
||||
/**
|
||||
\defgroup Internal_Readers Readers
|
||||
\ingroup InternalAPI
|
||||
*/
|
||||
|
||||
/**
|
||||
\defgroup Internal_Readers_Generic Generic
|
||||
\ingroup Internal_Readers
|
||||
*/
|
||||
|
||||
/**
|
||||
\defgroup Internal_Readers_Hash Hashed Data
|
||||
\ingroup Internal_Readers
|
||||
*/
|
||||
|
||||
/**
|
||||
\defgroup Internal_Readers_Sum16 Sum16
|
||||
\ingroup Internal_Readers
|
||||
*/
|
||||
|
||||
/**
|
||||
* \defgroup Core_Create Create
|
||||
* \ingroup CoreAPI
|
||||
* These functions allow an OpenPGP object to be created.
|
||||
*/
|
||||
|
||||
|
||||
|
|
@ -1,50 +0,0 @@
|
|||
DM_FLAGS=%DM_FLAGS%
|
||||
DM_LIB=%DM_LIB%
|
||||
CC=%CC%
|
||||
|
||||
CFLAGS=$(DM_FLAGS) -I../../include %INCLUDES% %CFLAGS% -fPIC
|
||||
LDFLAGS=-g
|
||||
|
||||
all: Makefile headers .depend lib
|
||||
|
||||
LIBOBJS = packet-parse.o packet-print.o packet-show.o \
|
||||
util.o openssl_crypto.o accumulate.o \
|
||||
memory.o fingerprint.o hash.o keyring.o \
|
||||
signature.o compress.o create.o \
|
||||
validate.o lists.o errors.o \
|
||||
symmetric.o crypto.o random.o readerwriter.o \
|
||||
reader.o reader_fd.o reader_mem.o \
|
||||
reader_armoured.o reader_hashed.o \
|
||||
reader_encrypted_se.o reader_encrypted_seip.o \
|
||||
writer_fd.o writer_memory.o \
|
||||
writer.o writer_skey_checksum.o writer_armour.o \
|
||||
writer_encrypt_se_ip.o writer_encrypt.o \
|
||||
writer_stream_encrypt_se_ip.o
|
||||
|
||||
headers:
|
||||
cd ../../include/openpgpsdk && $(MAKE) headers
|
||||
|
||||
lib: ../../lib/libops.a
|
||||
|
||||
../../lib/libops.a: $(LIBOBJS)
|
||||
ar rc ../../lib/libops.a $(LIBOBJS)
|
||||
|
||||
tags:
|
||||
rm -f TAGS
|
||||
find . -name '*.[ch]' | xargs etags -a
|
||||
|
||||
clean:
|
||||
rm -f packet-dump verify *.o *.i
|
||||
rm -f TAGS
|
||||
|
||||
.depend: *.[ch] ../../include/openpgpsdk/*.h
|
||||
$(CC) $(CFLAGS) -E -M *.c > .depend
|
||||
|
||||
force_depend: headers
|
||||
$(CC) $(CFLAGS) -E -M *.c > .depend
|
||||
|
||||
Makefile: Makefile.template ../../configure
|
||||
echo Makefile is older than templates, rerun configure.
|
||||
exit 1
|
||||
|
||||
include .depend
|
|
@ -1,198 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/** \file
|
||||
*/
|
||||
|
||||
#include <openpgpsdk/packet.h>
|
||||
#include <openpgpsdk/packet-parse.h>
|
||||
#include <openpgpsdk/util.h>
|
||||
#include <openpgpsdk/accumulate.h>
|
||||
#include "keyring_local.h"
|
||||
#include "parse_local.h"
|
||||
#include <openpgpsdk/signature.h>
|
||||
#include <assert.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
#include <openpgpsdk/final.h>
|
||||
|
||||
typedef struct {
|
||||
ops_keyring_t *keyring;
|
||||
} accumulate_arg_t;
|
||||
|
||||
/**
|
||||
* \ingroup Core_Callbacks
|
||||
*/
|
||||
static ops_parse_cb_return_t
|
||||
accumulate_cb(const ops_parser_content_t * content_, ops_parse_cb_info_t * cbinfo)
|
||||
{
|
||||
accumulate_arg_t *arg = ops_parse_cb_get_arg(cbinfo);
|
||||
const ops_parser_content_union_t *content = &content_->content;
|
||||
ops_keyring_t *keyring = arg->keyring;
|
||||
ops_keydata_t *cur = NULL;
|
||||
const ops_public_key_t *pkey;
|
||||
|
||||
if (keyring->nkeys >= 0)
|
||||
cur = &keyring->keys[keyring->nkeys];
|
||||
|
||||
switch (content_->tag) {
|
||||
case OPS_PTAG_CT_PUBLIC_KEY:
|
||||
case OPS_PTAG_CT_SECRET_KEY:
|
||||
case OPS_PTAG_CT_ENCRYPTED_SECRET_KEY:
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
(void) fprintf(stderr, "New key - tag %d\n", content_->tag);
|
||||
}
|
||||
++keyring->nkeys;
|
||||
EXPAND_ARRAY(keyring, keys);
|
||||
|
||||
if (content_->tag == OPS_PTAG_CT_PUBLIC_KEY)
|
||||
pkey = &content->public_key;
|
||||
else
|
||||
pkey = &content->secret_key.public_key;
|
||||
|
||||
memset(&keyring->keys[keyring->nkeys], '\0',
|
||||
sizeof(keyring->keys[keyring->nkeys]));
|
||||
|
||||
ops_keyid(keyring->keys[keyring->nkeys].key_id,
|
||||
OPS_KEY_ID_SIZE, OPS_KEY_ID_SIZE, pkey);
|
||||
ops_fingerprint(&keyring->keys[keyring->nkeys].fingerprint, pkey);
|
||||
|
||||
keyring->keys[keyring->nkeys].type = content_->tag;
|
||||
|
||||
if (content_->tag == OPS_PTAG_CT_PUBLIC_KEY)
|
||||
keyring->keys[keyring->nkeys].key.pkey = *pkey;
|
||||
else
|
||||
keyring->keys[keyring->nkeys].key.skey = content->secret_key;
|
||||
return OPS_KEEP_MEMORY;
|
||||
|
||||
case OPS_PTAG_CT_USER_ID:
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
(void) fprintf(stderr, "User ID: %s\n", content->user_id.user_id);
|
||||
}
|
||||
if (!cur) {
|
||||
OPS_ERROR(cbinfo->errors, OPS_E_P_NO_USERID, "No user id found");
|
||||
return OPS_KEEP_MEMORY;
|
||||
}
|
||||
/* assert(cur); */
|
||||
ops_add_userid_to_keydata(cur, &content->user_id);
|
||||
return OPS_KEEP_MEMORY;
|
||||
|
||||
case OPS_PARSER_PACKET_END:
|
||||
if (!cur)
|
||||
return OPS_RELEASE_MEMORY;
|
||||
ops_add_packet_to_keydata(cur, &content->packet);
|
||||
return OPS_KEEP_MEMORY;
|
||||
|
||||
case OPS_PARSER_ERROR:
|
||||
fprintf(stderr, "Error: %s\n", content->error.error);
|
||||
assert( /* CONSTCOND */ 0);
|
||||
break;
|
||||
|
||||
case OPS_PARSER_ERRCODE:
|
||||
switch (content->errcode.errcode) {
|
||||
default:
|
||||
fprintf(stderr, "parse error: %s\n",
|
||||
ops_errcode(content->errcode.errcode));
|
||||
/* assert(0); */
|
||||
}
|
||||
break;
|
||||
|
||||
default:
|
||||
break;
|
||||
}
|
||||
|
||||
/* XXX: we now exclude so many things, we should either drop this or */
|
||||
/* do something to pass on copies of the stuff we keep */
|
||||
return ops_parse_stacked_cb(content_, cbinfo);
|
||||
}
|
||||
|
||||
/**
|
||||
* \ingroup Core_Parse
|
||||
*
|
||||
* Parse packets from an input stream until EOF or error.
|
||||
*
|
||||
* Key data found in the parsed data is added to #keyring.
|
||||
*
|
||||
* \param keyring Pointer to an existing keyring
|
||||
* \param parse_info Options to use when parsing
|
||||
*/
|
||||
|
||||
int
|
||||
ops_parse_and_accumulate(ops_keyring_t * keyring,
|
||||
ops_parse_info_t * parse_info)
|
||||
{
|
||||
int rtn;
|
||||
|
||||
accumulate_arg_t arg;
|
||||
|
||||
assert(!parse_info->rinfo.accumulate);
|
||||
|
||||
memset(&arg, '\0', sizeof(arg));
|
||||
|
||||
arg.keyring = keyring;
|
||||
/* Kinda weird, but to do with counting, and we put it back after */
|
||||
--keyring->nkeys;
|
||||
|
||||
ops_parse_cb_push(parse_info, accumulate_cb, &arg);
|
||||
|
||||
parse_info->rinfo.accumulate = true;
|
||||
|
||||
rtn = ops_parse(parse_info);
|
||||
++keyring->nkeys;
|
||||
|
||||
return rtn;
|
||||
}
|
||||
|
||||
static void
|
||||
dump_one_keydata(const ops_keydata_t * key)
|
||||
{
|
||||
unsigned n;
|
||||
|
||||
printf("Key ID: ");
|
||||
hexdump(key->key_id, OPS_KEY_ID_SIZE, "");
|
||||
|
||||
printf("\nFingerpint: ");
|
||||
hexdump(key->fingerprint.fingerprint, key->fingerprint.length, "");
|
||||
|
||||
printf("\n\nUIDs\n====\n\n");
|
||||
for (n = 0; n < key->nuids; ++n)
|
||||
printf("%s\n", key->uids[n].user_id);
|
||||
|
||||
printf("\nPackets\n=======\n");
|
||||
for (n = 0; n < key->npackets; ++n) {
|
||||
printf("\n%03d: ", n);
|
||||
hexdump(key->packets[n].raw, key->packets[n].length, "");
|
||||
}
|
||||
printf("\n\n");
|
||||
}
|
||||
|
||||
/* XXX: not a maintained part of the API - use ops_keyring_list() */
|
||||
/** ops_dump_keyring
|
||||
*/
|
||||
void
|
||||
ops_dump_keyring(const ops_keyring_t * keyring)
|
||||
{
|
||||
int n;
|
||||
|
||||
for (n = 0; n < keyring->nkeys; ++n)
|
||||
dump_one_keydata(&keyring->keys[n]);
|
||||
}
|
|
@ -1,378 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/** \file
|
||||
*/
|
||||
|
||||
#include <zlib.h>
|
||||
#include <bzlib.h>
|
||||
#include <assert.h>
|
||||
#include <string.h>
|
||||
|
||||
#include <openpgpsdk/compress.h>
|
||||
#include <openpgpsdk/packet-parse.h>
|
||||
#include <openpgpsdk/crypto.h>
|
||||
#include <openpgpsdk/errors.h>
|
||||
#include "parse_local.h"
|
||||
#include <openpgpsdk/final.h>
|
||||
|
||||
#define DECOMPRESS_BUFFER 1024
|
||||
|
||||
typedef struct {
|
||||
ops_compression_type_t type;
|
||||
ops_region_t *region;
|
||||
unsigned char in[DECOMPRESS_BUFFER];
|
||||
unsigned char out[DECOMPRESS_BUFFER];
|
||||
z_stream zstream;/* ZIP and ZLIB */
|
||||
bz_stream bzstream; /* BZIP2 */
|
||||
size_t offset;
|
||||
int inflate_ret;
|
||||
} decompress_arg_t;
|
||||
|
||||
typedef struct {
|
||||
z_stream stream;
|
||||
unsigned char *src;
|
||||
unsigned char *dst;
|
||||
} compress_arg_t;
|
||||
|
||||
/*
|
||||
* \todo remove code duplication between this and
|
||||
* bzip2_compressed_data_reader
|
||||
*/
|
||||
static int
|
||||
zlib_compressed_data_reader(void *dest, size_t length,
|
||||
ops_error_t ** errors,
|
||||
ops_reader_info_t * rinfo,
|
||||
ops_parse_cb_info_t * cbinfo)
|
||||
{
|
||||
decompress_arg_t *arg = ops_reader_get_arg(rinfo);
|
||||
|
||||
/* ops_parser_content_t content; */
|
||||
int saved = length;
|
||||
|
||||
assert(arg->type == OPS_C_ZIP || arg->type == OPS_C_ZLIB);
|
||||
|
||||
if ( /* arg->region->indeterminate && */ arg->inflate_ret == Z_STREAM_END
|
||||
&& arg->zstream.next_out == &arg->out[arg->offset])
|
||||
return 0;
|
||||
|
||||
if (arg->region->length_read == arg->region->length) {
|
||||
if (arg->inflate_ret != Z_STREAM_END)
|
||||
OPS_ERROR(cbinfo->errors, OPS_E_P_DECOMPRESSION_ERROR, "Compressed data didn't end when region ended.");
|
||||
/*
|
||||
else
|
||||
return 0;
|
||||
www.zlib.org
|
||||
*/
|
||||
}
|
||||
while (length > 0) {
|
||||
size_t len;
|
||||
|
||||
if (&arg->out[arg->offset] == arg->zstream.next_out) {
|
||||
int ret;
|
||||
|
||||
arg->zstream.next_out = arg->out;
|
||||
arg->zstream.avail_out = sizeof(arg->out);
|
||||
arg->offset = 0;
|
||||
if (arg->zstream.avail_in == 0) {
|
||||
unsigned n = arg->region->length;
|
||||
|
||||
if (!arg->region->indeterminate) {
|
||||
n -= arg->region->length_read;
|
||||
if (n > sizeof(arg->in))
|
||||
n = sizeof(arg->in);
|
||||
} else
|
||||
n = sizeof(arg->in);
|
||||
|
||||
if (!ops_stacked_limited_read(arg->in, n, arg->region,
|
||||
errors, rinfo, cbinfo))
|
||||
return -1;
|
||||
|
||||
arg->zstream.next_in = arg->in;
|
||||
arg->zstream.avail_in = arg->region->indeterminate
|
||||
? arg->region->last_read : n;
|
||||
}
|
||||
ret = inflate(&arg->zstream, Z_SYNC_FLUSH);
|
||||
if (ret == Z_STREAM_END) {
|
||||
if (!arg->region->indeterminate
|
||||
&& arg->region->length_read != arg->region->length)
|
||||
OPS_ERROR(cbinfo->errors, OPS_E_P_DECOMPRESSION_ERROR, "Compressed stream ended before packet end.");
|
||||
} else if (ret != Z_OK) {
|
||||
fprintf(stderr, "ret=%d\n", ret);
|
||||
OPS_ERROR(cbinfo->errors, OPS_E_P_DECOMPRESSION_ERROR, arg->zstream.msg);
|
||||
}
|
||||
arg->inflate_ret = ret;
|
||||
}
|
||||
assert(arg->zstream.next_out > &arg->out[arg->offset]);
|
||||
len = arg->zstream.next_out - &arg->out[arg->offset];
|
||||
if (len > length)
|
||||
len = length;
|
||||
memcpy(dest, &arg->out[arg->offset], len);
|
||||
arg->offset += len;
|
||||
length -= len;
|
||||
}
|
||||
|
||||
return saved;
|
||||
}
|
||||
|
||||
static int
|
||||
bzip2_compressed_data_reader(void *dest, size_t length,
|
||||
ops_error_t ** errors,
|
||||
ops_reader_info_t * rinfo,
|
||||
ops_parse_cb_info_t * cbinfo)
|
||||
{
|
||||
decompress_arg_t *arg = ops_reader_get_arg(rinfo);
|
||||
|
||||
/* ops_parser_content_t content; */
|
||||
size_t saved = length;
|
||||
|
||||
assert(arg->type == OPS_C_BZIP2);
|
||||
|
||||
if (arg->inflate_ret == BZ_STREAM_END &&
|
||||
arg->bzstream.next_out == (char *)&arg->out[arg->offset])
|
||||
return 0;
|
||||
|
||||
if (arg->region->length_read == arg->region->length) {
|
||||
if (arg->inflate_ret != BZ_STREAM_END)
|
||||
OPS_ERROR(cbinfo->errors, OPS_E_P_DECOMPRESSION_ERROR,
|
||||
"Compressed data didn't end when region ended.");
|
||||
}
|
||||
while (length > 0) {
|
||||
size_t len;
|
||||
|
||||
if ((char *)&arg->out[arg->offset] == arg->bzstream.next_out) {
|
||||
int ret;
|
||||
|
||||
arg->bzstream.next_out = (char *) arg->out;
|
||||
arg->bzstream.avail_out = sizeof(arg->out);
|
||||
arg->offset = 0;
|
||||
if (arg->bzstream.avail_in == 0) {
|
||||
unsigned n = arg->region->length;
|
||||
|
||||
if (!arg->region->indeterminate) {
|
||||
n -= arg->region->length_read;
|
||||
if (n > sizeof(arg->in))
|
||||
n = sizeof(arg->in);
|
||||
} else
|
||||
n = sizeof(arg->in);
|
||||
|
||||
if (!ops_stacked_limited_read(
|
||||
(unsigned char *) arg->in,
|
||||
n, arg->region,
|
||||
errors, rinfo, cbinfo))
|
||||
return -1;
|
||||
|
||||
arg->bzstream.next_in = (char *)arg->in;
|
||||
arg->bzstream.avail_in = arg->region->indeterminate
|
||||
? arg->region->last_read : n;
|
||||
}
|
||||
ret = BZ2_bzDecompress(&arg->bzstream);
|
||||
if (ret == BZ_STREAM_END) {
|
||||
if (!arg->region->indeterminate &&
|
||||
arg->region->length_read != arg->region->length)
|
||||
OPS_ERROR(cbinfo->errors,
|
||||
OPS_E_P_DECOMPRESSION_ERROR,
|
||||
"Compressed stream ended before packet end.");
|
||||
} else if (ret != BZ_OK) {
|
||||
OPS_ERROR_1(cbinfo->errors,
|
||||
OPS_E_P_DECOMPRESSION_ERROR,
|
||||
"Invalid return %d from BZ2_bzDecompress", ret);
|
||||
}
|
||||
arg->inflate_ret = ret;
|
||||
}
|
||||
assert(arg->bzstream.next_out > (char *)&arg->out[arg->offset]);
|
||||
len = (size_t)(arg->bzstream.next_out -
|
||||
(char *)&arg->out[arg->offset]);
|
||||
if (len > length)
|
||||
len = length;
|
||||
memcpy(dest, &arg->out[arg->offset], len);
|
||||
arg->offset += len;
|
||||
length -= len;
|
||||
}
|
||||
|
||||
return saved;
|
||||
}
|
||||
|
||||
/**
|
||||
* \ingroup Core_Compress
|
||||
*
|
||||
* \param *region Pointer to a region
|
||||
* \param *parse_info How to parse
|
||||
* \param type Which compression type to expect
|
||||
*/
|
||||
|
||||
int
|
||||
ops_decompress(ops_region_t * region, ops_parse_info_t * parse_info,
|
||||
ops_compression_type_t type)
|
||||
{
|
||||
decompress_arg_t arg;
|
||||
int ret;
|
||||
|
||||
switch (type) {
|
||||
case OPS_C_ZIP:
|
||||
case OPS_C_ZLIB:
|
||||
memset(&arg, '\0', sizeof(arg));
|
||||
|
||||
arg.region = region;
|
||||
arg.offset = 0;
|
||||
arg.type = type;
|
||||
|
||||
arg.zstream.next_in = Z_NULL;
|
||||
arg.zstream.avail_in = 0;
|
||||
arg.zstream.next_out = arg.out;
|
||||
arg.zstream.zalloc = Z_NULL;
|
||||
arg.zstream.zfree = Z_NULL;
|
||||
arg.zstream.opaque = Z_NULL;
|
||||
break;
|
||||
|
||||
case OPS_C_BZIP2:
|
||||
memset(&arg, '\0', sizeof(arg));
|
||||
|
||||
arg.region = region;
|
||||
arg.offset = 0;
|
||||
arg.type = type;
|
||||
|
||||
arg.bzstream.next_in = NULL;
|
||||
arg.bzstream.avail_in = 0;
|
||||
arg.bzstream.next_out = (char *)arg.out;
|
||||
arg.bzstream.bzalloc = NULL;
|
||||
arg.bzstream.bzfree = NULL;
|
||||
arg.bzstream.opaque = NULL;
|
||||
break;
|
||||
|
||||
default:
|
||||
OPS_ERROR_1(&parse_info->errors, OPS_E_ALG_UNSUPPORTED_COMPRESS_ALG, "Compression algorithm %d is not yet supported", type);
|
||||
return 0;
|
||||
}
|
||||
|
||||
switch (type) {
|
||||
case OPS_C_ZIP:
|
||||
ret = inflateInit2(&arg.zstream, -15);
|
||||
break;
|
||||
|
||||
case OPS_C_ZLIB:
|
||||
ret = inflateInit(&arg.zstream);
|
||||
break;
|
||||
|
||||
case OPS_C_BZIP2:
|
||||
/*
|
||||
OPS_ERROR_1(&parse_info->errors, OPS_E_ALG_UNSUPPORTED_COMPRESS_ALG, "Compression algorithm %s is not yet supported", "BZIP2");
|
||||
return 0;
|
||||
*/
|
||||
ret = BZ2_bzDecompressInit(&arg.bzstream, 1, 0);
|
||||
break;
|
||||
|
||||
default:
|
||||
OPS_ERROR_1(&parse_info->errors, OPS_E_ALG_UNSUPPORTED_COMPRESS_ALG, "Compression algorithm %d is not yet supported", type);
|
||||
return 0;
|
||||
}
|
||||
|
||||
switch (type) {
|
||||
case OPS_C_ZIP:
|
||||
case OPS_C_ZLIB:
|
||||
if (ret != Z_OK) {
|
||||
OPS_ERROR_1(&parse_info->errors, OPS_E_P_DECOMPRESSION_ERROR, "Cannot initialise ZIP or ZLIB stream for decompression: error=%d", ret);
|
||||
return 0;
|
||||
}
|
||||
ops_reader_push(parse_info, zlib_compressed_data_reader, NULL, &arg);
|
||||
break;
|
||||
|
||||
case OPS_C_BZIP2:
|
||||
if (ret != BZ_OK) {
|
||||
OPS_ERROR_1(&parse_info->errors, OPS_E_P_DECOMPRESSION_ERROR, "Cannot initialise BZIP2 stream for decompression: error=%d", ret);
|
||||
return 0;
|
||||
}
|
||||
ops_reader_push(parse_info, bzip2_compressed_data_reader, NULL, &arg);
|
||||
break;
|
||||
|
||||
default:
|
||||
OPS_ERROR_1(&parse_info->errors, OPS_E_ALG_UNSUPPORTED_COMPRESS_ALG, "Compression algorithm %d is not yet supported", type);
|
||||
return 0;
|
||||
}
|
||||
|
||||
ret = ops_parse(parse_info);
|
||||
|
||||
ops_reader_pop(parse_info);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup Core_WritePackets
|
||||
\brief Writes Compressed packet
|
||||
\param data Data to write out
|
||||
\param len Length of data
|
||||
\param cinfo Write settings
|
||||
\return true if OK; else false
|
||||
*/
|
||||
|
||||
bool
|
||||
ops_write_compressed(const unsigned char *data,
|
||||
const unsigned int len,
|
||||
ops_create_info_t * cinfo)
|
||||
{
|
||||
int r = 0;
|
||||
int sz_in = 0;
|
||||
int sz_out = 0;
|
||||
compress_arg_t *compression = calloc(1, sizeof(compress_arg_t));
|
||||
|
||||
/* compress the data */
|
||||
const int level = Z_DEFAULT_COMPRESSION; /* \todo allow varying
|
||||
* levels */
|
||||
compression->stream.zalloc = Z_NULL;
|
||||
compression->stream.zfree = Z_NULL;
|
||||
compression->stream.opaque = NULL;
|
||||
|
||||
/* all other fields set to zero by use of calloc */
|
||||
|
||||
if (deflateInit(&compression->stream, level) != Z_OK) {
|
||||
/* can't initialise */
|
||||
assert(0);
|
||||
}
|
||||
/* do necessary transformation */
|
||||
/* copy input to maintain const'ness of src */
|
||||
assert(compression->src == NULL);
|
||||
assert(compression->dst == NULL);
|
||||
|
||||
sz_in = len * sizeof(unsigned char);
|
||||
sz_out = (sz_in * 1.01) + 12; /* from zlib webpage */
|
||||
compression->src = calloc(1, sz_in);
|
||||
compression->dst = calloc(1, sz_out);
|
||||
memcpy(compression->src, data, len);
|
||||
|
||||
/* setup stream */
|
||||
compression->stream.next_in = compression->src;
|
||||
compression->stream.avail_in = sz_in;
|
||||
compression->stream.total_in = 0;
|
||||
|
||||
compression->stream.next_out = compression->dst;
|
||||
compression->stream.avail_out = sz_out;
|
||||
compression->stream.total_out = 0;
|
||||
|
||||
r = deflate(&compression->stream, Z_FINISH);
|
||||
assert(r == Z_STREAM_END); /* need to loop if not */
|
||||
|
||||
/* write it out */
|
||||
return (ops_write_ptag(OPS_PTAG_CT_COMPRESSED, cinfo)
|
||||
&& ops_write_length(1 + compression->stream.total_out, cinfo)
|
||||
&& ops_write_scalar(OPS_C_ZLIB, 1, cinfo)
|
||||
&& ops_write(compression->dst, compression->stream.total_out, cinfo));
|
||||
}
|
File diff suppressed because it is too large
Load Diff
|
@ -1,384 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include <openpgpsdk/crypto.h>
|
||||
#include <openpgpsdk/random.h>
|
||||
#include <openpgpsdk/readerwriter.h>
|
||||
#include <openpgpsdk/writer_armoured.h>
|
||||
#include <openpgpsdk/std_print.h>
|
||||
#include "parse_local.h"
|
||||
|
||||
#include <assert.h>
|
||||
#include <string.h>
|
||||
#include <fcntl.h>
|
||||
|
||||
#include <openpgpsdk/final.h>
|
||||
|
||||
/**
|
||||
\ingroup Core_MPI
|
||||
\brief Decrypt and unencode MPI
|
||||
\param buf Buffer in which to write decrypted unencoded MPI
|
||||
\param buflen Length of buffer
|
||||
\param encmpi
|
||||
\param skey
|
||||
\return length of MPI
|
||||
\note only RSA at present
|
||||
*/
|
||||
int
|
||||
ops_decrypt_and_unencode_mpi(unsigned char *buf, unsigned buflen, const BIGNUM * encmpi,
|
||||
const ops_secret_key_t * skey)
|
||||
{
|
||||
unsigned char encmpibuf[8192];
|
||||
unsigned char mpibuf[8192];
|
||||
unsigned mpisize;
|
||||
int n;
|
||||
int i;
|
||||
|
||||
mpisize = BN_num_bytes(encmpi);
|
||||
/* MPI can't be more than 65,536 */
|
||||
assert(mpisize <= sizeof(encmpibuf));
|
||||
BN_bn2bin(encmpi, encmpibuf);
|
||||
|
||||
assert(skey->public_key.algorithm == OPS_PKA_RSA);
|
||||
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
fprintf(stderr, "\nDECRYPTING\n");
|
||||
fprintf(stderr, "encrypted data : ");
|
||||
for (i = 0; i < 16; i++)
|
||||
fprintf(stderr, "%2x ", encmpibuf[i]);
|
||||
fprintf(stderr, "\n");
|
||||
}
|
||||
n = ops_rsa_private_decrypt(mpibuf, encmpibuf, (BN_num_bits(encmpi) + 7) / 8,
|
||||
&skey->key.rsa, &skey->public_key.key.rsa);
|
||||
assert(n != -1);
|
||||
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
fprintf(stderr, "decrypted encoded m buf : ");
|
||||
for (i = 0; i < 16; i++)
|
||||
fprintf(stderr, "%2x ", mpibuf[i]);
|
||||
fprintf(stderr, "\n");
|
||||
}
|
||||
if (n <= 0)
|
||||
return -1;
|
||||
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
printf(" decrypted=%d ", n);
|
||||
hexdump(mpibuf, n, "");
|
||||
printf("\n");
|
||||
}
|
||||
/* Decode EME-PKCS1_V1_5 (RFC 2437). */
|
||||
|
||||
if (mpibuf[0] != 0 || mpibuf[1] != 2)
|
||||
return false;
|
||||
|
||||
/* Skip the random bytes. */
|
||||
for (i = 2; i < n && mpibuf[i]; ++i) {
|
||||
}
|
||||
|
||||
if (i == n || i < 10)
|
||||
return false;
|
||||
|
||||
/* Skip the zero */
|
||||
++i;
|
||||
|
||||
/* this is the unencoded m buf */
|
||||
if ((unsigned) (n - i) <= buflen)
|
||||
memcpy(buf, mpibuf + i, n - i);
|
||||
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
int j;
|
||||
|
||||
printf("decoded m buf:\n");
|
||||
for (j = 0; j < n - i; j++)
|
||||
printf("%2x ", buf[j]);
|
||||
printf("\n");
|
||||
}
|
||||
return n - i;
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup Core_MPI
|
||||
\brief RSA-encrypt an MPI
|
||||
*/
|
||||
bool
|
||||
ops_rsa_encrypt_mpi(const unsigned char *encoded_m_buf,
|
||||
const size_t sz_encoded_m_buf,
|
||||
const ops_public_key_t * pkey,
|
||||
ops_pk_session_key_parameters_t * skp)
|
||||
{
|
||||
|
||||
unsigned char encmpibuf[8192];
|
||||
int n = 0;
|
||||
|
||||
assert(sz_encoded_m_buf == (size_t) BN_num_bytes(pkey->key.rsa.n));
|
||||
|
||||
n = ops_rsa_public_encrypt(encmpibuf, encoded_m_buf, sz_encoded_m_buf, &pkey->key.rsa);
|
||||
assert(n != -1);
|
||||
|
||||
if (n <= 0)
|
||||
return false;
|
||||
|
||||
skp->rsa.encrypted_m = BN_bin2bn(encmpibuf, n, NULL);
|
||||
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
int i;
|
||||
fprintf(stderr, "encrypted mpi buf : ");
|
||||
for (i = 0; i < 16; i++)
|
||||
fprintf(stderr, "%2x ", encmpibuf[i]);
|
||||
fprintf(stderr, "\n");
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
#define MAXBUF 1024
|
||||
|
||||
static ops_parse_cb_return_t
|
||||
write_parsed_cb(const ops_parser_content_t *, ops_parse_cb_info_t *);
|
||||
|
||||
/**
|
||||
\ingroup HighLevel_Crypto
|
||||
Encrypt a file
|
||||
\param input_filename Name of file to be encrypted
|
||||
\param output_filename Name of file to write to. If NULL, name is constructed from input_filename
|
||||
\param pub_key Public Key to encrypt file for
|
||||
\param use_armour Write armoured text, if set
|
||||
\param allow_overwrite Allow output file to be overwrwritten if it exists
|
||||
\return true if OK; else false
|
||||
*/
|
||||
bool
|
||||
ops_encrypt_file(const char *input_filename, const char *output_filename, const ops_keydata_t * pub_key, const bool use_armour, const bool allow_overwrite)
|
||||
{
|
||||
int fd_in = 0;
|
||||
int fd_out = 0;
|
||||
|
||||
ops_create_info_t *cinfo;
|
||||
|
||||
unsigned char *buf;
|
||||
size_t bufsz;
|
||||
int done;
|
||||
|
||||
#ifdef WIN32
|
||||
fd_in = open(input_filename, O_RDONLY | O_BINARY);
|
||||
#else
|
||||
fd_in = open(input_filename, O_RDONLY);
|
||||
#endif
|
||||
if (fd_in < 0) {
|
||||
perror(input_filename);
|
||||
return false;
|
||||
}
|
||||
fd_out = ops_setup_file_write(&cinfo, output_filename, allow_overwrite);
|
||||
if (fd_out < 0)
|
||||
return false;
|
||||
|
||||
/* set armoured/not armoured here */
|
||||
if (use_armour)
|
||||
ops_writer_push_armoured_message(cinfo);
|
||||
|
||||
/* Push the encrypted writer */
|
||||
ops_writer_push_encrypt_se_ip(cinfo, pub_key);
|
||||
|
||||
/* Do the writing */
|
||||
|
||||
buf = NULL;
|
||||
bufsz = 16;
|
||||
done = 0;
|
||||
for (;;) {
|
||||
int n = 0;
|
||||
|
||||
buf = realloc(buf, done + bufsz);
|
||||
|
||||
n = read(fd_in, buf + done, bufsz);
|
||||
if (!n)
|
||||
break;
|
||||
assert(n >= 0);
|
||||
done += n;
|
||||
}
|
||||
|
||||
/* This does the writing */
|
||||
ops_write(buf, done, cinfo);
|
||||
|
||||
/* tidy up */
|
||||
close(fd_in);
|
||||
free(buf);
|
||||
ops_teardown_file_write(cinfo, fd_out);
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup HighLevel_Crypto
|
||||
\brief Decrypt a file.
|
||||
\param input_filename Name of file to be decrypted
|
||||
\param output_filename Name of file to write to. If NULL, the filename is constructed from the input filename, following GPG conventions.
|
||||
\param keyring Keyring to use
|
||||
\param use_armour Expect armoured text, if set
|
||||
\param allow_overwrite Allow output file to overwritten, if set.
|
||||
\param cb_get_passphrase Callback to use to get passphrase
|
||||
*/
|
||||
|
||||
bool
|
||||
ops_decrypt_file(const char *input_filename, const char *output_filename, ops_keyring_t * keyring, const bool use_armour, const bool allow_overwrite, ops_parse_cb_t * cb_get_passphrase)
|
||||
{
|
||||
int fd_in = 0;
|
||||
int fd_out = 0;
|
||||
char *myfilename = NULL;
|
||||
|
||||
/* */
|
||||
ops_parse_info_t *pinfo = NULL;
|
||||
|
||||
/* setup for reading from given input file */
|
||||
fd_in = ops_setup_file_read(&pinfo, input_filename,
|
||||
NULL,
|
||||
write_parsed_cb,
|
||||
false);
|
||||
if (fd_in < 0) {
|
||||
perror(input_filename);
|
||||
return false;
|
||||
}
|
||||
/* setup output filename */
|
||||
|
||||
if (output_filename) {
|
||||
fd_out = ops_setup_file_write(&pinfo->cbinfo.cinfo, output_filename, allow_overwrite);
|
||||
|
||||
if (fd_out < 0) {
|
||||
perror(output_filename);
|
||||
ops_teardown_file_read(pinfo, fd_in);
|
||||
return false;
|
||||
}
|
||||
} else {
|
||||
int suffixlen = 4;
|
||||
const char *defaultsuffix = ".decrypted";
|
||||
const char *suffix = input_filename + strlen(input_filename) - suffixlen;
|
||||
if (strcmp(suffix, ".gpg") == 0 ||
|
||||
strcmp(suffix, ".asc") == 0) {
|
||||
myfilename = calloc(1, strlen(input_filename) - suffixlen + 1);
|
||||
strncpy(myfilename, input_filename, strlen(input_filename) - suffixlen);
|
||||
} else {
|
||||
unsigned filenamelen = strlen(input_filename) + strlen(defaultsuffix) + 1;
|
||||
myfilename = calloc(1, filenamelen);
|
||||
snprintf(myfilename, filenamelen, "%s%s", input_filename, defaultsuffix);
|
||||
}
|
||||
|
||||
fd_out = ops_setup_file_write(&pinfo->cbinfo.cinfo, myfilename, allow_overwrite);
|
||||
|
||||
if (fd_out < 0) {
|
||||
perror(myfilename);
|
||||
free(myfilename);
|
||||
ops_teardown_file_read(pinfo, fd_in);
|
||||
return false;
|
||||
}
|
||||
free(myfilename);
|
||||
}
|
||||
|
||||
/* \todo check for suffix matching armour param */
|
||||
|
||||
/* setup for writing decrypted contents to given output file */
|
||||
|
||||
/* setup keyring and passphrase callback */
|
||||
pinfo->cbinfo.cryptinfo.keyring = keyring;
|
||||
pinfo->cbinfo.cryptinfo.cb_get_passphrase = cb_get_passphrase;
|
||||
|
||||
/* Set up armour/passphrase options */
|
||||
|
||||
if (use_armour)
|
||||
ops_reader_push_dearmour(pinfo);
|
||||
|
||||
/* Do it */
|
||||
|
||||
ops_parse_and_print_errors(pinfo);
|
||||
|
||||
/* Unsetup */
|
||||
|
||||
if (use_armour)
|
||||
ops_reader_pop_dearmour(pinfo);
|
||||
|
||||
ops_teardown_file_write(pinfo->cbinfo.cinfo, fd_out);
|
||||
ops_teardown_file_read(pinfo, fd_in);
|
||||
/* \todo cleardown crypt */
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
static ops_parse_cb_return_t
|
||||
write_parsed_cb(const ops_parser_content_t * content_, ops_parse_cb_info_t * cbinfo)
|
||||
{
|
||||
const ops_parser_content_union_t *content = &content_->content;
|
||||
static bool skipping;
|
||||
/* bool write=true; */
|
||||
|
||||
OPS_USED(cbinfo);
|
||||
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
ops_print_packet(content_);
|
||||
}
|
||||
if (content_->tag != OPS_PTAG_CT_UNARMOURED_TEXT && skipping) {
|
||||
puts("...end of skip");
|
||||
skipping = false;
|
||||
}
|
||||
switch (content_->tag) {
|
||||
case OPS_PTAG_CT_UNARMOURED_TEXT:
|
||||
printf("OPS_PTAG_CT_UNARMOURED_TEXT\n");
|
||||
if (!skipping) {
|
||||
puts("Skipping...");
|
||||
skipping = true;
|
||||
}
|
||||
fwrite(content->unarmoured_text.data, 1,
|
||||
content->unarmoured_text.length, stdout);
|
||||
break;
|
||||
|
||||
case OPS_PTAG_CT_PK_SESSION_KEY:
|
||||
return pk_session_key_cb(content_, cbinfo);
|
||||
|
||||
case OPS_PARSER_CMD_GET_SECRET_KEY:
|
||||
return get_secret_key_cb(content_, cbinfo);
|
||||
|
||||
case OPS_PARSER_CMD_GET_SK_PASSPHRASE:
|
||||
return cbinfo->cryptinfo.cb_get_passphrase(content_, cbinfo);
|
||||
|
||||
case OPS_PTAG_CT_LITERAL_DATA_BODY:
|
||||
return literal_data_cb(content_, cbinfo);
|
||||
|
||||
case OPS_PTAG_CT_ARMOUR_HEADER:
|
||||
case OPS_PTAG_CT_ARMOUR_TRAILER:
|
||||
case OPS_PTAG_CT_ENCRYPTED_PK_SESSION_KEY:
|
||||
case OPS_PTAG_CT_COMPRESSED:
|
||||
case OPS_PTAG_CT_LITERAL_DATA_HEADER:
|
||||
case OPS_PTAG_CT_SE_IP_DATA_BODY:
|
||||
case OPS_PTAG_CT_SE_IP_DATA_HEADER:
|
||||
case OPS_PTAG_CT_SE_DATA_BODY:
|
||||
case OPS_PTAG_CT_SE_DATA_HEADER:
|
||||
|
||||
/* Ignore these packets */
|
||||
/* They're handled in ops_parse_one_packet() */
|
||||
/* and nothing else needs to be done */
|
||||
break;
|
||||
|
||||
default:
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
fprintf(stderr, "Unexpected packet tag=%d (0x%x)\n",
|
||||
content_->tag,
|
||||
content_->tag);
|
||||
}
|
||||
break;
|
||||
}
|
||||
|
||||
return OPS_RELEASE_MEMORY;
|
||||
}
|
|
@ -1,214 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/** \file
|
||||
* \brief Error Handling
|
||||
*/
|
||||
|
||||
#include <openpgpsdk/errors.h>
|
||||
#include <openpgpsdk/util.h>
|
||||
|
||||
#include <assert.h>
|
||||
#include <stdarg.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
|
||||
#ifdef WIN32
|
||||
#define vsnprintf _vsnprintf
|
||||
#endif
|
||||
|
||||
#include <openpgpsdk/packet-show.h>
|
||||
#include <openpgpsdk/final.h>
|
||||
|
||||
#define ERRNAME(code) { code, #code }
|
||||
|
||||
static ops_errcode_name_map_t errcode_name_map[] =
|
||||
{
|
||||
ERRNAME(OPS_E_OK),
|
||||
ERRNAME(OPS_E_FAIL),
|
||||
ERRNAME(OPS_E_SYSTEM_ERROR),
|
||||
ERRNAME(OPS_E_UNIMPLEMENTED),
|
||||
|
||||
ERRNAME(OPS_E_R),
|
||||
ERRNAME(OPS_E_R_READ_FAILED),
|
||||
ERRNAME(OPS_E_R_EARLY_EOF),
|
||||
ERRNAME(OPS_E_R_BAD_FORMAT),
|
||||
ERRNAME(OPS_E_R_UNCONSUMED_DATA),
|
||||
|
||||
ERRNAME(OPS_E_W),
|
||||
ERRNAME(OPS_E_W_WRITE_FAILED),
|
||||
ERRNAME(OPS_E_W_WRITE_TOO_SHORT),
|
||||
|
||||
ERRNAME(OPS_E_P),
|
||||
ERRNAME(OPS_E_P_NOT_ENOUGH_DATA),
|
||||
ERRNAME(OPS_E_P_UNKNOWN_TAG),
|
||||
ERRNAME(OPS_E_P_PACKET_CONSUMED),
|
||||
ERRNAME(OPS_E_P_MPI_FORMAT_ERROR),
|
||||
|
||||
ERRNAME(OPS_E_C),
|
||||
|
||||
ERRNAME(OPS_E_V),
|
||||
ERRNAME(OPS_E_V_BAD_SIGNATURE),
|
||||
ERRNAME(OPS_E_V_NO_SIGNATURE),
|
||||
ERRNAME(OPS_E_V_UNKNOWN_SIGNER),
|
||||
|
||||
ERRNAME(OPS_E_ALG),
|
||||
ERRNAME(OPS_E_ALG_UNSUPPORTED_SYMMETRIC_ALG),
|
||||
ERRNAME(OPS_E_ALG_UNSUPPORTED_PUBLIC_KEY_ALG),
|
||||
ERRNAME(OPS_E_ALG_UNSUPPORTED_SIGNATURE_ALG),
|
||||
ERRNAME(OPS_E_ALG_UNSUPPORTED_HASH_ALG),
|
||||
|
||||
ERRNAME(OPS_E_PROTO),
|
||||
ERRNAME(OPS_E_PROTO_BAD_SYMMETRIC_DECRYPT),
|
||||
ERRNAME(OPS_E_PROTO_UNKNOWN_SS),
|
||||
ERRNAME(OPS_E_PROTO_CRITICAL_SS_IGNORED),
|
||||
ERRNAME(OPS_E_PROTO_BAD_PUBLIC_KEY_VRSN),
|
||||
ERRNAME(OPS_E_PROTO_BAD_SIGNATURE_VRSN),
|
||||
ERRNAME(OPS_E_PROTO_BAD_ONE_PASS_SIG_VRSN),
|
||||
ERRNAME(OPS_E_PROTO_BAD_PKSK_VRSN),
|
||||
ERRNAME(OPS_E_PROTO_DECRYPTED_MSG_WRONG_LEN),
|
||||
ERRNAME(OPS_E_PROTO_BAD_SK_CHECKSUM),
|
||||
|
||||
{0x00, NULL}, /* this is the end-of-array marker */
|
||||
};
|
||||
|
||||
/**
|
||||
* \ingroup Core_Errors
|
||||
* \brief returns error code name
|
||||
* \param errcode
|
||||
* \return error code name or "Unknown"
|
||||
*/
|
||||
const char *
|
||||
ops_errcode(const ops_errcode_t errcode)
|
||||
{
|
||||
return (ops_str_from_map((int) errcode, (ops_map_t *) errcode_name_map));
|
||||
}
|
||||
|
||||
/**
|
||||
* \ingroup Core_Errors
|
||||
* \brief Pushes the given error on the given errorstack
|
||||
* \param errstack Error stack to use
|
||||
* \param errcode Code of error to push
|
||||
* \param sys_errno System errno (used if errcode=OPS_E_SYSTEM_ERROR)
|
||||
* \param file Source filename where error occurred
|
||||
* \param line Line in source file where error occurred
|
||||
* \param fmt Comment
|
||||
*
|
||||
*/
|
||||
|
||||
void
|
||||
ops_push_error(ops_error_t ** errstack, ops_errcode_t errcode, int sys_errno,
|
||||
const char *file, int line, const char *fmt,...)
|
||||
{
|
||||
/* first get the varargs and generate the comment */
|
||||
char *comment;
|
||||
int maxbuf = 128;
|
||||
va_list args;
|
||||
ops_error_t *err;
|
||||
|
||||
comment = malloc(maxbuf + 1);
|
||||
assert(comment);
|
||||
|
||||
va_start(args, fmt);
|
||||
vsnprintf(comment, maxbuf + 1, fmt, args);
|
||||
va_end(args);
|
||||
|
||||
/* alloc a new error and add it to the top of the stack */
|
||||
|
||||
err = malloc(sizeof(ops_error_t));
|
||||
assert(err);
|
||||
|
||||
err->next = *errstack;
|
||||
*errstack = err;
|
||||
|
||||
/* fill in the details */
|
||||
err->errcode = errcode;
|
||||
err->sys_errno = sys_errno;
|
||||
err->file = file;
|
||||
err->line = line;
|
||||
|
||||
err->comment = comment;
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup Core_Errors
|
||||
\brief print this error
|
||||
\param err Error to print
|
||||
*/
|
||||
void
|
||||
ops_print_error(ops_error_t * err)
|
||||
{
|
||||
printf("%s:%d: ", err->file, err->line);
|
||||
if (err->errcode == OPS_E_SYSTEM_ERROR)
|
||||
printf("system error %d returned from %s()\n", err->sys_errno,
|
||||
err->comment);
|
||||
else
|
||||
printf("%s, %s\n", ops_errcode(err->errcode), err->comment);
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup Core_Errors
|
||||
\brief Print all errors on stack
|
||||
\param errstack Error stack to print
|
||||
*/
|
||||
void
|
||||
ops_print_errors(ops_error_t * errstack)
|
||||
{
|
||||
ops_error_t *err;
|
||||
|
||||
for (err = errstack; err != NULL; err = err->next)
|
||||
ops_print_error(err);
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup Core_Errors
|
||||
\brief Return true if given error is present anywhere on stack
|
||||
\param errstack Error stack to check
|
||||
\param errcode Error code to look for
|
||||
\return 1 if found; else 0
|
||||
*/
|
||||
int
|
||||
ops_has_error(ops_error_t * errstack, ops_errcode_t errcode)
|
||||
{
|
||||
ops_error_t *err;
|
||||
for (err = errstack; err != NULL; err = err->next) {
|
||||
if (err->errcode == errcode)
|
||||
return 1;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup Core_Errors
|
||||
\brief Frees all errors on stack
|
||||
\param errstack Error stack to free
|
||||
*/
|
||||
void
|
||||
ops_free_errors(ops_error_t * errstack)
|
||||
{
|
||||
ops_error_t *next;
|
||||
while (errstack != NULL) {
|
||||
next = errstack->next;
|
||||
free(errstack->comment);
|
||||
free(errstack);
|
||||
errstack = next;
|
||||
}
|
||||
}
|
|
@ -1,131 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/** \file
|
||||
*/
|
||||
|
||||
#include <openpgpsdk/packet.h>
|
||||
#include <openpgpsdk/crypto.h>
|
||||
#include <openpgpsdk/create.h>
|
||||
#include <assert.h>
|
||||
#include <string.h>
|
||||
|
||||
#include <openpgpsdk/configure.h>
|
||||
|
||||
#include <openpgpsdk/final.h>
|
||||
#include <openpgpsdk/util.h>
|
||||
|
||||
/**
|
||||
* \ingroup Core_Keys
|
||||
* \brief Calculate a public key fingerprint.
|
||||
* \param fp Where to put the calculated fingerprint
|
||||
* \param key The key for which the fingerprint is calculated
|
||||
*/
|
||||
|
||||
void
|
||||
ops_fingerprint(ops_fingerprint_t * fp, const ops_public_key_t * key)
|
||||
{
|
||||
if (key->version == 2 || key->version == 3) {
|
||||
unsigned char *bn;
|
||||
int n;
|
||||
ops_hash_t md5;
|
||||
|
||||
assert(key->algorithm == OPS_PKA_RSA
|
||||
|| key->algorithm == OPS_PKA_RSA_ENCRYPT_ONLY
|
||||
|| key->algorithm == OPS_PKA_RSA_SIGN_ONLY);
|
||||
|
||||
ops_hash_md5(&md5);
|
||||
md5.init(&md5);
|
||||
|
||||
n = BN_num_bytes(key->key.rsa.n);
|
||||
bn = calloc(1, n);
|
||||
BN_bn2bin(key->key.rsa.n, bn);
|
||||
md5.add(&md5, bn, n);
|
||||
(void) free(bn);
|
||||
|
||||
n = BN_num_bytes(key->key.rsa.e);
|
||||
bn = calloc(1, n);
|
||||
BN_bn2bin(key->key.rsa.e, bn);
|
||||
md5.add(&md5, bn, n);
|
||||
(void) free(bn);
|
||||
|
||||
md5.finish(&md5, fp->fingerprint);
|
||||
fp->length = 16;
|
||||
} else {
|
||||
ops_memory_t *mem = ops_memory_new();
|
||||
ops_hash_t sha1;
|
||||
size_t l;
|
||||
|
||||
ops_build_public_key(mem, key, false);
|
||||
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
fprintf(stderr, "--- creating key fingerprint\n");
|
||||
}
|
||||
ops_hash_sha1(&sha1);
|
||||
sha1.init(&sha1);
|
||||
|
||||
l = ops_memory_get_length(mem);
|
||||
|
||||
ops_hash_add_int(&sha1, 0x99, 1);
|
||||
ops_hash_add_int(&sha1, l, 2);
|
||||
sha1.add(&sha1, ops_memory_get_data(mem), l);
|
||||
sha1.finish(&sha1, fp->fingerprint);
|
||||
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
fprintf(stderr, "--- finished creating key fingerprint\n");
|
||||
}
|
||||
fp->length = 20;
|
||||
|
||||
ops_memory_free(mem);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* \ingroup Core_Keys
|
||||
* \brief Calculate the Key ID from the public key.
|
||||
* \param keyid Space for the calculated ID to be stored
|
||||
* \param key The key for which the ID is calculated
|
||||
*/
|
||||
|
||||
void
|
||||
ops_keyid(unsigned char *keyid, const size_t idlen, const int last,
|
||||
const ops_public_key_t *key)
|
||||
{
|
||||
if (key->version == 2 || key->version == 3) {
|
||||
unsigned char bn[8192];
|
||||
unsigned n = BN_num_bytes(key->key.rsa.n);
|
||||
|
||||
assert(n <= sizeof(bn));
|
||||
assert(key->algorithm == OPS_PKA_RSA
|
||||
|| key->algorithm == OPS_PKA_RSA_ENCRYPT_ONLY
|
||||
|| key->algorithm == OPS_PKA_RSA_SIGN_ONLY);
|
||||
BN_bn2bin(key->key.rsa.n, bn);
|
||||
(void) memcpy(keyid, (last == 0) ? bn : bn + n - idlen, idlen);
|
||||
} else {
|
||||
ops_fingerprint_t finger;
|
||||
|
||||
ops_fingerprint(&finger, key);
|
||||
(void) memcpy(keyid,
|
||||
(last == 0) ? finger.fingerprint :
|
||||
finger.fingerprint + finger.length - idlen,
|
||||
idlen);
|
||||
}
|
||||
}
|
|
@ -1,247 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/** \file
|
||||
*/
|
||||
|
||||
#include <openpgpsdk/crypto.h>
|
||||
#include <assert.h>
|
||||
#include <string.h>
|
||||
|
||||
#include <openpgpsdk/hash.h>
|
||||
#include <openpgpsdk/final.h>
|
||||
#include <openpgpsdk/util.h>
|
||||
|
||||
/**
|
||||
\ingroup Core_Hashes
|
||||
\brief Add to the hash
|
||||
\param hash Hash to add to
|
||||
\param n Int to add
|
||||
\param length Length of int in bytes
|
||||
*/
|
||||
void
|
||||
ops_hash_add_int(ops_hash_t * hash, unsigned n, unsigned length)
|
||||
{
|
||||
while (length--) {
|
||||
unsigned char c[1];
|
||||
|
||||
c[0] = n >> (length * 8);
|
||||
hash->add(hash, c, 1);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup Core_Hashes
|
||||
\brief Setup hash for given hash algorithm
|
||||
\param hash Hash to set up
|
||||
\param alg Hash algorithm to use
|
||||
*/
|
||||
void
|
||||
ops_hash_any(ops_hash_t * hash, ops_hash_algorithm_t alg)
|
||||
{
|
||||
switch (alg) {
|
||||
case OPS_HASH_MD5:
|
||||
ops_hash_md5(hash);
|
||||
break;
|
||||
|
||||
case OPS_HASH_SHA1:
|
||||
ops_hash_sha1(hash);
|
||||
break;
|
||||
|
||||
case OPS_HASH_SHA256:
|
||||
ops_hash_sha256(hash);
|
||||
break;
|
||||
|
||||
case OPS_HASH_SHA384:
|
||||
ops_hash_sha384(hash);
|
||||
break;
|
||||
|
||||
case OPS_HASH_SHA512:
|
||||
ops_hash_sha512(hash);
|
||||
break;
|
||||
|
||||
case OPS_HASH_SHA224:
|
||||
ops_hash_sha224(hash);
|
||||
break;
|
||||
|
||||
default:
|
||||
assert( /* CONSTCOND */ 0);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup Core_Hashes
|
||||
\brief Returns size of hash for given hash algorithm
|
||||
\param alg Hash algorithm to use
|
||||
\return Size of hash algorithm in bytes
|
||||
*/
|
||||
unsigned
|
||||
ops_hash_size(ops_hash_algorithm_t alg)
|
||||
{
|
||||
switch (alg) {
|
||||
case OPS_HASH_MD5:
|
||||
return 16;
|
||||
|
||||
case OPS_HASH_SHA1:
|
||||
return 20;
|
||||
|
||||
case OPS_HASH_SHA256:
|
||||
return 32;
|
||||
|
||||
case OPS_HASH_SHA224:
|
||||
return 28;
|
||||
|
||||
case OPS_HASH_SHA512:
|
||||
return 64;
|
||||
|
||||
case OPS_HASH_SHA384:
|
||||
return 48;
|
||||
|
||||
default:
|
||||
assert( /* CONSTCOND */ 0);
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup Core_Hashes
|
||||
\brief Returns hash enum corresponding to given string
|
||||
\param hash Text name of hash algorithm i.e. "SHA1"
|
||||
\returns Corresponding enum i.e. OPS_HASH_SHA1
|
||||
*/
|
||||
ops_hash_algorithm_t
|
||||
ops_hash_algorithm_from_text(const char *hash)
|
||||
{
|
||||
if (!strcmp(hash, "SHA1"))
|
||||
return OPS_HASH_SHA1;
|
||||
else if (!strcmp(hash, "MD5"))
|
||||
return OPS_HASH_MD5;
|
||||
else if (!strcmp(hash, "SHA256"))
|
||||
return OPS_HASH_SHA256;
|
||||
/*
|
||||
else if (!strcmp(hash,"SHA224"))
|
||||
return OPS_HASH_SHA224;
|
||||
*/
|
||||
else if (!strcmp(hash, "SHA512"))
|
||||
return OPS_HASH_SHA512;
|
||||
else if (!strcmp(hash, "SHA384"))
|
||||
return OPS_HASH_SHA384;
|
||||
|
||||
return OPS_HASH_UNKNOWN;
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup Core_Hashes
|
||||
\brief Hash given data
|
||||
\param out Where to write the hash
|
||||
\param alg Hash algorithm to use
|
||||
\param in Data to hash
|
||||
\param length Length of data
|
||||
\return Size of hash created
|
||||
*/
|
||||
unsigned
|
||||
ops_hash(unsigned char *out, ops_hash_algorithm_t alg, const void *in,
|
||||
size_t length)
|
||||
{
|
||||
ops_hash_t hash;
|
||||
|
||||
ops_hash_any(&hash, alg);
|
||||
hash.init(&hash);
|
||||
hash.add(&hash, in, length);
|
||||
return hash.finish(&hash, out);
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup Core_Hashes
|
||||
\brief Calculate hash for MDC packet
|
||||
\param preamble Preamble to hash
|
||||
\param sz_preamble Size of preamble
|
||||
\param plaintext Plaintext to hash
|
||||
\param sz_plaintext Size of plaintext
|
||||
\param hashed Resulting hash
|
||||
*/
|
||||
void
|
||||
ops_calc_mdc_hash(const unsigned char *preamble, const size_t sz_preamble, const unsigned char *plaintext, const unsigned int sz_plaintext, unsigned char *hashed)
|
||||
{
|
||||
ops_hash_t hash;
|
||||
unsigned char c[1];
|
||||
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
unsigned int i = 0;
|
||||
fprintf(stderr, "ops_calc_mdc_hash():\n");
|
||||
|
||||
fprintf(stderr, "\npreamble: ");
|
||||
for (i = 0; i < sz_preamble; i++)
|
||||
fprintf(stderr, " 0x%02x", preamble[i]);
|
||||
fprintf(stderr, "\n");
|
||||
|
||||
fprintf(stderr, "\nplaintext (len=%d): ", sz_plaintext);
|
||||
for (i = 0; i < sz_plaintext; i++)
|
||||
fprintf(stderr, " 0x%02x", plaintext[i]);
|
||||
fprintf(stderr, "\n");
|
||||
}
|
||||
/* init */
|
||||
ops_hash_any(&hash, OPS_HASH_SHA1);
|
||||
hash.init(&hash);
|
||||
|
||||
/* preamble */
|
||||
hash.add(&hash, preamble, sz_preamble);
|
||||
/* plaintext */
|
||||
hash.add(&hash, plaintext, sz_plaintext);
|
||||
/* MDC packet tag */
|
||||
c[0] = 0xD3;
|
||||
hash.add(&hash, &c[0], 1);
|
||||
/* MDC packet len */
|
||||
c[0] = 0x14;
|
||||
hash.add(&hash, &c[0], 1);
|
||||
|
||||
/* finish */
|
||||
hash.finish(&hash, hashed);
|
||||
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
unsigned int i = 0;
|
||||
fprintf(stderr, "\nhashed (len=%d): ", OPS_SHA1_HASH_SIZE);
|
||||
for (i = 0; i < OPS_SHA1_HASH_SIZE; i++)
|
||||
fprintf(stderr, " 0x%02x", hashed[i]);
|
||||
fprintf(stderr, "\n");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup HighLevel_Supported
|
||||
\brief Is this Hash Algorithm supported?
|
||||
\param hash_alg Hash Algorithm to check
|
||||
\return true if supported; else false
|
||||
*/
|
||||
bool
|
||||
ops_is_hash_alg_supported(const ops_hash_algorithm_t * hash_alg)
|
||||
{
|
||||
switch (*hash_alg) {
|
||||
case OPS_HASH_MD5:
|
||||
case OPS_HASH_SHA1:
|
||||
case OPS_HASH_SHA256:
|
||||
return true;
|
||||
|
||||
default:
|
||||
return false;
|
||||
}
|
||||
}
|
File diff suppressed because it is too large
Load Diff
|
@ -1,64 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/** \file
|
||||
*/
|
||||
|
||||
#include <openpgpsdk/packet.h>
|
||||
|
||||
#define DECLARE_ARRAY(type,arr) \
|
||||
unsigned n##arr; unsigned n##arr##_allocated; type *arr
|
||||
|
||||
#define EXPAND_ARRAY(str, arr) do { \
|
||||
if (str->n##arr == str->n##arr##_allocated) { \
|
||||
str->n##arr##_allocated=str->n##arr##_allocated*2+10; \
|
||||
str->arr=realloc(str->arr, \
|
||||
str->n##arr##_allocated*sizeof(*str->arr)); \
|
||||
} \
|
||||
} while(/*CONSTCOND*/0)
|
||||
|
||||
/** ops_keydata_key_t
|
||||
*/
|
||||
typedef union {
|
||||
ops_public_key_t pkey;
|
||||
ops_secret_key_t skey;
|
||||
} ops_keydata_key_t;
|
||||
|
||||
|
||||
/** sigpacket_t */
|
||||
typedef struct {
|
||||
ops_user_id_t *userid;
|
||||
ops_packet_t *packet;
|
||||
} sigpacket_t;
|
||||
|
||||
/* XXX: gonna have to expand this to hold onto subkeys, too... */
|
||||
/** \struct ops_keydata
|
||||
* \todo expand to hold onto subkeys
|
||||
*/
|
||||
struct ops_keydata {
|
||||
DECLARE_ARRAY(ops_user_id_t, uids);
|
||||
DECLARE_ARRAY(ops_packet_t, packets);
|
||||
DECLARE_ARRAY(sigpacket_t, sigs);
|
||||
unsigned char key_id[8];
|
||||
ops_fingerprint_t fingerprint;
|
||||
ops_content_tag_t type;
|
||||
ops_keydata_key_t key;
|
||||
};
|
|
@ -1,107 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/**
|
||||
* \file
|
||||
*
|
||||
* Set of functions to manage a dynamic list
|
||||
*/
|
||||
|
||||
#include <openpgpsdk/lists.h>
|
||||
|
||||
#include <stdlib.h>
|
||||
|
||||
#include <openpgpsdk/final.h>
|
||||
|
||||
/**
|
||||
* \ingroup Core_Lists
|
||||
* \brief Initialises ulong list
|
||||
* \param *list Pointer to existing list structure
|
||||
*/
|
||||
void
|
||||
ops_ulong_list_init(ops_ulong_list_t * list)
|
||||
{
|
||||
list->size = 0;
|
||||
list->used = 0;
|
||||
list->ulongs = NULL;
|
||||
}
|
||||
|
||||
/**
|
||||
* \ingroup Core_Lists
|
||||
* \brief Frees allocated memory in ulong list. Does not free *list itself.
|
||||
* \param *list
|
||||
*/
|
||||
void
|
||||
ops_ulong_list_free(ops_ulong_list_t * list)
|
||||
{
|
||||
if (list->ulongs)
|
||||
free(list->ulongs);
|
||||
ops_ulong_list_init(list);
|
||||
}
|
||||
|
||||
/**
|
||||
* \ingroup Core_Lists
|
||||
* \brief Resizes ulong list.
|
||||
*
|
||||
* We only resize in one direction - upwards.
|
||||
* Algorithm used : double the current size then add 1
|
||||
*
|
||||
* \param *list Pointer to list
|
||||
* \return 1 if success, else 0
|
||||
*/
|
||||
|
||||
static unsigned int
|
||||
ops_ulong_list_resize(ops_ulong_list_t * list)
|
||||
{
|
||||
|
||||
int newsize = 0;
|
||||
|
||||
newsize = list->size * 2 + 1;
|
||||
list->ulongs = realloc(list->ulongs, newsize * sizeof(*list->ulongs));
|
||||
if (list->ulongs) {
|
||||
list->size = newsize;
|
||||
return 1;
|
||||
} else {
|
||||
/* xxx - realloc failed. error message? - rachel */
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* \ingroup Core_Lists
|
||||
* Adds entry to ulong list
|
||||
*
|
||||
* \param *list
|
||||
* \param *ulong
|
||||
*
|
||||
* \return 1 if success, else 0
|
||||
*/
|
||||
unsigned int
|
||||
ops_ulong_list_add(ops_ulong_list_t * list, unsigned long *ulongp)
|
||||
{
|
||||
if (list->size == list->used)
|
||||
if (!ops_ulong_list_resize(list))
|
||||
return 0;
|
||||
|
||||
list->ulongs[list->used] = *ulongp;
|
||||
list->used++;
|
||||
return 1;
|
||||
}
|
|
@ -1,208 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/** \file
|
||||
*/
|
||||
|
||||
#include <openpgpsdk/create.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <assert.h>
|
||||
|
||||
#include <openpgpsdk/final.h>
|
||||
|
||||
/**
|
||||
\ingroup HighLevel_Memory
|
||||
\brief Memory to initialise
|
||||
\param mem memory to initialise
|
||||
\param initial_size Size to initialise to
|
||||
*/
|
||||
void
|
||||
ops_memory_init(ops_memory_t * mem, size_t initial_size)
|
||||
{
|
||||
mem->length = 0;
|
||||
if (mem->buf) {
|
||||
if (mem->allocated < initial_size) {
|
||||
mem->buf = realloc(mem->buf, initial_size);
|
||||
mem->allocated = initial_size;
|
||||
}
|
||||
return;
|
||||
}
|
||||
mem->buf = malloc(initial_size);
|
||||
mem->allocated = initial_size;
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup HighLevel_Memory
|
||||
\brief Pad memory to required length
|
||||
\param mem Memory to use
|
||||
\param length New size
|
||||
*/
|
||||
void
|
||||
ops_memory_pad(ops_memory_t * mem, size_t length)
|
||||
{
|
||||
assert(mem->allocated >= mem->length);
|
||||
if (mem->allocated < mem->length + length) {
|
||||
mem->allocated = mem->allocated * 2 + length;
|
||||
mem->buf = realloc(mem->buf, mem->allocated);
|
||||
}
|
||||
assert(mem->allocated >= mem->length + length);
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup HighLevel_Memory
|
||||
\brief Add data to memory
|
||||
\param mem Memory to which to add
|
||||
\param src Data to add
|
||||
\param length Length of data to add
|
||||
*/
|
||||
void
|
||||
ops_memory_add(ops_memory_t * mem, const unsigned char *src, size_t length)
|
||||
{
|
||||
ops_memory_pad(mem, length);
|
||||
memcpy(mem->buf + mem->length, src, length);
|
||||
mem->length += length;
|
||||
}
|
||||
|
||||
/* XXX: this could be refactored via the writer, but an awful lot of */
|
||||
/* hoops to jump through for 2 lines of code! */
|
||||
void
|
||||
ops_memory_place_int(ops_memory_t * mem, unsigned offset, unsigned n,
|
||||
size_t length)
|
||||
{
|
||||
assert(mem->allocated >= offset + length);
|
||||
|
||||
while (length--)
|
||||
mem->buf[offset++] = n >> (length * 8);
|
||||
}
|
||||
|
||||
/**
|
||||
* \ingroup HighLevel_Memory
|
||||
* \brief Retains allocated memory and set length of stored data to zero.
|
||||
* \param mem Memory to clear
|
||||
* \sa ops_memory_release()
|
||||
* \sa ops_memory_free()
|
||||
*/
|
||||
void
|
||||
ops_memory_clear(ops_memory_t * mem)
|
||||
{
|
||||
mem->length = 0;
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup HighLevel_Memory
|
||||
\brief Free memory and associated data
|
||||
\param mem Memory to free
|
||||
\note This does not free mem itself
|
||||
\sa ops_memory_clear()
|
||||
\sa ops_memory_free()
|
||||
*/
|
||||
void
|
||||
ops_memory_release(ops_memory_t * mem)
|
||||
{
|
||||
free(mem->buf);
|
||||
mem->buf = NULL;
|
||||
mem->length = 0;
|
||||
}
|
||||
|
||||
void
|
||||
ops_memory_make_packet(ops_memory_t * out, ops_content_tag_t tag)
|
||||
{
|
||||
size_t extra;
|
||||
|
||||
if (out->length < 192)
|
||||
extra = 1;
|
||||
else if (out->length < 8384)
|
||||
extra = 2;
|
||||
else
|
||||
extra = 5;
|
||||
|
||||
ops_memory_pad(out, extra + 1);
|
||||
memmove(out->buf + extra + 1, out->buf, out->length);
|
||||
|
||||
out->buf[0] = OPS_PTAG_ALWAYS_SET | OPS_PTAG_NEW_FORMAT | tag;
|
||||
|
||||
if (out->length < 192)
|
||||
out->buf[1] = out->length;
|
||||
else if (out->length < 8384) {
|
||||
out->buf[1] = ((out->length - 192) >> 8) + 192;
|
||||
out->buf[2] = out->length - 192;
|
||||
} else {
|
||||
out->buf[1] = 0xff;
|
||||
out->buf[2] = out->length >> 24;
|
||||
out->buf[3] = out->length >> 16;
|
||||
out->buf[4] = out->length >> 8;
|
||||
out->buf[5] = out->length;
|
||||
}
|
||||
|
||||
out->length += extra + 1;
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup HighLevel_Memory
|
||||
\brief Create a new zeroed ops_memory_t
|
||||
\return Pointer to new ops_memory_t
|
||||
\note Free using ops_memory_free() after use.
|
||||
\sa ops_memory_free()
|
||||
*/
|
||||
|
||||
ops_memory_t *
|
||||
ops_memory_new()
|
||||
{
|
||||
return calloc(1, sizeof(ops_memory_t));
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup HighLevel_Memory
|
||||
\brief Free memory ptr and associated memory
|
||||
\param mem Memory to be freed
|
||||
\sa ops_memory_release()
|
||||
\sa ops_memory_clear()
|
||||
*/
|
||||
|
||||
void
|
||||
ops_memory_free(ops_memory_t * mem)
|
||||
{
|
||||
ops_memory_release(mem);
|
||||
free(mem);
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup HighLevel_Memory
|
||||
\brief Get length of data stored in ops_memory_t struct
|
||||
\return Number of bytes in data
|
||||
*/
|
||||
size_t
|
||||
ops_memory_get_length(const ops_memory_t * mem)
|
||||
{
|
||||
return mem->length;
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup HighLevel_Memory
|
||||
\brief Get data stored in ops_memory_t struct
|
||||
\return Pointer to data
|
||||
*/
|
||||
void *
|
||||
ops_memory_get_data(ops_memory_t * mem)
|
||||
{
|
||||
return mem->buf;
|
||||
}
|
|
@ -1,808 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/** \file
|
||||
*/
|
||||
|
||||
#include <openssl/md5.h>
|
||||
#include <openssl/sha.h>
|
||||
#include <openssl/dsa.h>
|
||||
#include <openssl/rsa.h>
|
||||
#include <openssl/err.h>
|
||||
#include <assert.h>
|
||||
#include <stdlib.h>
|
||||
|
||||
#if defined(__APPLE__)
|
||||
#define COMMON_DIGEST_FOR_OPENSSL 1
|
||||
#include <CommonCrypto/CommonDigest.h>
|
||||
#endif
|
||||
|
||||
#include <openpgpsdk/configure.h>
|
||||
#include <openpgpsdk/crypto.h>
|
||||
#include <openpgpsdk/keyring.h>
|
||||
#include <openpgpsdk/readerwriter.h>
|
||||
#include "keyring_local.h"
|
||||
#include <openpgpsdk/std_print.h>
|
||||
|
||||
#include <openpgpsdk/final.h>
|
||||
#include <openpgpsdk/util.h>
|
||||
|
||||
static void
|
||||
test_secret_key(const ops_secret_key_t * skey)
|
||||
{
|
||||
RSA *test = RSA_new();
|
||||
|
||||
test->n = BN_dup(skey->public_key.key.rsa.n);
|
||||
test->e = BN_dup(skey->public_key.key.rsa.e);
|
||||
|
||||
test->d = BN_dup(skey->key.rsa.d);
|
||||
test->p = BN_dup(skey->key.rsa.p);
|
||||
test->q = BN_dup(skey->key.rsa.q);
|
||||
|
||||
assert(RSA_check_key(test) == 1);
|
||||
RSA_free(test);
|
||||
}
|
||||
|
||||
static void
|
||||
md5_init(ops_hash_t * hash)
|
||||
{
|
||||
assert(!hash->data);
|
||||
hash->data = malloc(sizeof(MD5_CTX));
|
||||
MD5_Init(hash->data);
|
||||
}
|
||||
|
||||
static void
|
||||
md5_add(ops_hash_t * hash, const unsigned char *data, unsigned length)
|
||||
{
|
||||
MD5_Update(hash->data, data, length);
|
||||
}
|
||||
|
||||
static unsigned
|
||||
md5_finish(ops_hash_t * hash, unsigned char *out)
|
||||
{
|
||||
MD5_Final(out, hash->data);
|
||||
free(hash->data);
|
||||
hash->data = NULL;
|
||||
return 16;
|
||||
}
|
||||
|
||||
static ops_hash_t md5 = {OPS_HASH_MD5, MD5_DIGEST_LENGTH, "MD5", md5_init, md5_add,
|
||||
md5_finish, NULL};
|
||||
|
||||
/**
|
||||
\ingroup Core_Crypto
|
||||
\brief Initialise to MD5
|
||||
\param hash Hash to initialise
|
||||
*/
|
||||
void
|
||||
ops_hash_md5(ops_hash_t * hash)
|
||||
{
|
||||
*hash = md5;
|
||||
}
|
||||
|
||||
static void
|
||||
sha1_init(ops_hash_t * hash)
|
||||
{
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
fprintf(stderr, "***\n***\nsha1_init\n***\n");
|
||||
}
|
||||
assert(!hash->data);
|
||||
hash->data = malloc(sizeof(SHA_CTX));
|
||||
SHA1_Init(hash->data);
|
||||
}
|
||||
|
||||
static void
|
||||
sha1_add(ops_hash_t * hash, const unsigned char *data,
|
||||
unsigned length)
|
||||
{
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
unsigned int i = 0;
|
||||
fprintf(stderr, "adding %d to hash:\n ", length);
|
||||
for (i = 0; i < length; i++) {
|
||||
fprintf(stderr, "0x%02x ", data[i]);
|
||||
if (!((i + 1) % 16))
|
||||
fprintf(stderr, "\n");
|
||||
else if (!((i + 1) % 8))
|
||||
fprintf(stderr, " ");
|
||||
}
|
||||
fprintf(stderr, "\n");
|
||||
}
|
||||
SHA1_Update(hash->data, data, length);
|
||||
}
|
||||
|
||||
static unsigned
|
||||
sha1_finish(ops_hash_t * hash, unsigned char *out)
|
||||
{
|
||||
SHA1_Final(out, hash->data);
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
unsigned i = 0;
|
||||
fprintf(stderr, "***\n***\nsha1_finish\n***\n");
|
||||
for (i = 0; i < SHA_DIGEST_LENGTH; i++)
|
||||
fprintf(stderr, "0x%02x ", out[i]);
|
||||
fprintf(stderr, "\n");
|
||||
}
|
||||
free(hash->data);
|
||||
hash->data = NULL;
|
||||
return SHA_DIGEST_LENGTH;
|
||||
}
|
||||
|
||||
static ops_hash_t sha1 = {OPS_HASH_SHA1, SHA_DIGEST_LENGTH, "SHA1", sha1_init,
|
||||
sha1_add, sha1_finish, NULL};
|
||||
|
||||
/**
|
||||
\ingroup Core_Crypto
|
||||
\brief Initialise to SHA1
|
||||
\param hash Hash to initialise
|
||||
*/
|
||||
void
|
||||
ops_hash_sha1(ops_hash_t * hash)
|
||||
{
|
||||
*hash = sha1;
|
||||
}
|
||||
|
||||
static void
|
||||
sha256_init(ops_hash_t * hash)
|
||||
{
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
fprintf(stderr, "***\n***\nsha256_init\n***\n");
|
||||
}
|
||||
assert(!hash->data);
|
||||
hash->data = malloc(sizeof(SHA256_CTX));
|
||||
SHA256_Init(hash->data);
|
||||
}
|
||||
|
||||
static void
|
||||
sha256_add(ops_hash_t * hash, const unsigned char *data,
|
||||
unsigned length)
|
||||
{
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
unsigned int i = 0;
|
||||
fprintf(stderr, "adding %d to hash:\n ", length);
|
||||
for (i = 0; i < length; i++) {
|
||||
fprintf(stderr, "0x%02x ", data[i]);
|
||||
if (!((i + 1) % 16))
|
||||
fprintf(stderr, "\n");
|
||||
else if (!((i + 1) % 8))
|
||||
fprintf(stderr, " ");
|
||||
}
|
||||
fprintf(stderr, "\n");
|
||||
}
|
||||
SHA256_Update(hash->data, data, length);
|
||||
}
|
||||
|
||||
static unsigned
|
||||
sha256_finish(ops_hash_t * hash, unsigned char *out)
|
||||
{
|
||||
SHA256_Final(out, hash->data);
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
unsigned i = 0;
|
||||
fprintf(stderr, "***\n***\nsha1_finish\n***\n");
|
||||
for (i = 0; i < SHA256_DIGEST_LENGTH; i++)
|
||||
fprintf(stderr, "0x%02x ", out[i]);
|
||||
fprintf(stderr, "\n");
|
||||
}
|
||||
free(hash->data);
|
||||
hash->data = NULL;
|
||||
return SHA256_DIGEST_LENGTH;
|
||||
}
|
||||
|
||||
static ops_hash_t sha256 = {OPS_HASH_SHA256, SHA256_DIGEST_LENGTH, "SHA256", sha256_init,
|
||||
sha256_add, sha256_finish, NULL};
|
||||
|
||||
void
|
||||
ops_hash_sha256(ops_hash_t * hash)
|
||||
{
|
||||
*hash = sha256;
|
||||
}
|
||||
|
||||
/*
|
||||
* SHA384
|
||||
*/
|
||||
|
||||
static void
|
||||
sha384_init(ops_hash_t * hash)
|
||||
{
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
fprintf(stderr, "***\n***\nsha384_init\n***\n");
|
||||
}
|
||||
assert(!hash->data);
|
||||
hash->data = malloc(sizeof(SHA512_CTX));
|
||||
SHA384_Init(hash->data);
|
||||
}
|
||||
|
||||
static void
|
||||
sha384_add(ops_hash_t * hash, const unsigned char *data,
|
||||
unsigned length)
|
||||
{
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
unsigned int i = 0;
|
||||
fprintf(stderr, "adding %d to hash:\n ", length);
|
||||
for (i = 0; i < length; i++) {
|
||||
fprintf(stderr, "0x%02x ", data[i]);
|
||||
if (!((i + 1) % 16))
|
||||
fprintf(stderr, "\n");
|
||||
else if (!((i + 1) % 8))
|
||||
fprintf(stderr, " ");
|
||||
}
|
||||
fprintf(stderr, "\n");
|
||||
}
|
||||
SHA384_Update(hash->data, data, length);
|
||||
}
|
||||
|
||||
static unsigned
|
||||
sha384_finish(ops_hash_t * hash, unsigned char *out)
|
||||
{
|
||||
SHA384_Final(out, hash->data);
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
unsigned i = 0;
|
||||
fprintf(stderr, "***\n***\nsha1_finish\n***\n");
|
||||
for (i = 0; i < SHA384_DIGEST_LENGTH; i++)
|
||||
fprintf(stderr, "0x%02x ", out[i]);
|
||||
fprintf(stderr, "\n");
|
||||
}
|
||||
free(hash->data);
|
||||
hash->data = NULL;
|
||||
return SHA384_DIGEST_LENGTH;
|
||||
}
|
||||
|
||||
static ops_hash_t sha384 = {OPS_HASH_SHA384, SHA384_DIGEST_LENGTH, "SHA384", sha384_init,
|
||||
sha384_add, sha384_finish, NULL};
|
||||
|
||||
void
|
||||
ops_hash_sha384(ops_hash_t * hash)
|
||||
{
|
||||
*hash = sha384;
|
||||
}
|
||||
|
||||
/*
|
||||
* SHA512
|
||||
*/
|
||||
|
||||
static void
|
||||
sha512_init(ops_hash_t * hash)
|
||||
{
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
fprintf(stderr, "***\n***\nsha512_init\n***\n");
|
||||
}
|
||||
assert(!hash->data);
|
||||
hash->data = malloc(sizeof(SHA512_CTX));
|
||||
SHA512_Init(hash->data);
|
||||
}
|
||||
|
||||
static void
|
||||
sha512_add(ops_hash_t * hash, const unsigned char *data,
|
||||
unsigned length)
|
||||
{
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
unsigned int i = 0;
|
||||
fprintf(stderr, "adding %d to hash:\n ", length);
|
||||
for (i = 0; i < length; i++) {
|
||||
fprintf(stderr, "0x%02x ", data[i]);
|
||||
if (!((i + 1) % 16))
|
||||
fprintf(stderr, "\n");
|
||||
else if (!((i + 1) % 8))
|
||||
fprintf(stderr, " ");
|
||||
}
|
||||
fprintf(stderr, "\n");
|
||||
}
|
||||
SHA512_Update(hash->data, data, length);
|
||||
}
|
||||
|
||||
static unsigned
|
||||
sha512_finish(ops_hash_t * hash, unsigned char *out)
|
||||
{
|
||||
SHA512_Final(out, hash->data);
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
unsigned i = 0;
|
||||
fprintf(stderr, "***\n***\nsha1_finish\n***\n");
|
||||
for (i = 0; i < SHA512_DIGEST_LENGTH; i++)
|
||||
fprintf(stderr, "0x%02x ", out[i]);
|
||||
fprintf(stderr, "\n");
|
||||
}
|
||||
free(hash->data);
|
||||
hash->data = NULL;
|
||||
return SHA512_DIGEST_LENGTH;
|
||||
}
|
||||
|
||||
static ops_hash_t sha512 = {OPS_HASH_SHA512, SHA512_DIGEST_LENGTH, "SHA512", sha512_init,
|
||||
sha512_add, sha512_finish, NULL};
|
||||
|
||||
void
|
||||
ops_hash_sha512(ops_hash_t * hash)
|
||||
{
|
||||
*hash = sha512;
|
||||
}
|
||||
|
||||
/*
|
||||
* SHA224
|
||||
*/
|
||||
|
||||
static void
|
||||
sha224_init(ops_hash_t * hash)
|
||||
{
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
fprintf(stderr, "***\n***\nsha1_init\n***\n");
|
||||
}
|
||||
assert(!hash->data);
|
||||
hash->data = malloc(sizeof(SHA256_CTX));
|
||||
SHA224_Init(hash->data);
|
||||
}
|
||||
|
||||
static void
|
||||
sha224_add(ops_hash_t * hash, const unsigned char *data,
|
||||
unsigned length)
|
||||
{
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
unsigned int i = 0;
|
||||
fprintf(stderr, "adding %d to hash:\n ", length);
|
||||
for (i = 0; i < length; i++) {
|
||||
fprintf(stderr, "0x%02x ", data[i]);
|
||||
if (!((i + 1) % 16))
|
||||
fprintf(stderr, "\n");
|
||||
else if (!((i + 1) % 8))
|
||||
fprintf(stderr, " ");
|
||||
}
|
||||
fprintf(stderr, "\n");
|
||||
}
|
||||
SHA224_Update(hash->data, data, length);
|
||||
}
|
||||
|
||||
static unsigned
|
||||
sha224_finish(ops_hash_t * hash, unsigned char *out)
|
||||
{
|
||||
SHA224_Final(out, hash->data);
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
unsigned i = 0;
|
||||
fprintf(stderr, "***\n***\nsha1_finish\n***\n");
|
||||
for (i = 0; i < SHA224_DIGEST_LENGTH; i++)
|
||||
fprintf(stderr, "0x%02x ", out[i]);
|
||||
fprintf(stderr, "\n");
|
||||
}
|
||||
free(hash->data);
|
||||
hash->data = NULL;
|
||||
return SHA224_DIGEST_LENGTH;
|
||||
}
|
||||
|
||||
static ops_hash_t sha224 = {OPS_HASH_SHA224, SHA224_DIGEST_LENGTH, "SHA224", sha224_init,
|
||||
sha224_add, sha224_finish, NULL};
|
||||
|
||||
void
|
||||
ops_hash_sha224(ops_hash_t * hash)
|
||||
{
|
||||
*hash = sha224;
|
||||
}
|
||||
|
||||
bool
|
||||
ops_dsa_verify(const unsigned char *hash, size_t hash_length,
|
||||
const ops_dsa_signature_t * sig,
|
||||
const ops_dsa_public_key_t * dsa)
|
||||
{
|
||||
DSA_SIG *osig;
|
||||
DSA *odsa;
|
||||
int ret;
|
||||
unsigned int qlen;
|
||||
|
||||
osig = DSA_SIG_new();
|
||||
osig->r = sig->r;
|
||||
osig->s = sig->s;
|
||||
|
||||
odsa = DSA_new();
|
||||
odsa->p = dsa->p;
|
||||
odsa->q = dsa->q;
|
||||
odsa->g = dsa->g;
|
||||
odsa->pub_key = dsa->y;
|
||||
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
unsigned i;
|
||||
fprintf(stderr, "hash passed in:\n");
|
||||
for (i = 0; i < hash_length; i++) {
|
||||
fprintf(stderr, "%02x ", hash[i]);
|
||||
}
|
||||
fprintf(stderr, "\n");
|
||||
}
|
||||
/* printf("hash_length=%ld\n", hash_length); */
|
||||
/* printf("Q=%d\n", BN_num_bytes(odsa->q)); */
|
||||
qlen = BN_num_bytes(odsa->q);
|
||||
if (qlen < hash_length)
|
||||
hash_length = qlen;
|
||||
/* ret=DSA_do_verify(hash,hash_length,osig,odsa); */
|
||||
ret = DSA_do_verify(hash, hash_length, osig, odsa);
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
fprintf(stderr, "ret=%d\n", ret);
|
||||
}
|
||||
assert(ret >= 0);
|
||||
|
||||
odsa->p = odsa->q = odsa->g = odsa->pub_key = NULL;
|
||||
DSA_free(odsa);
|
||||
|
||||
osig->r = osig->s = NULL;
|
||||
DSA_SIG_free(osig);
|
||||
|
||||
return ret != 0;
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup Core_Crypto
|
||||
\brief Recovers message digest from the signature
|
||||
\param out Where to write decrypted data to
|
||||
\param in Encrypted data
|
||||
\param length Length of encrypted data
|
||||
\param rsa RSA public key
|
||||
\return size of recovered message digest
|
||||
*/
|
||||
int
|
||||
ops_rsa_public_decrypt(unsigned char *out, const unsigned char *in,
|
||||
size_t length, const ops_rsa_public_key_t * rsa)
|
||||
{
|
||||
RSA *orsa;
|
||||
int n;
|
||||
|
||||
orsa = RSA_new();
|
||||
orsa->n = rsa->n;
|
||||
orsa->e = rsa->e;
|
||||
|
||||
n = RSA_public_decrypt(length, in, out, orsa, RSA_NO_PADDING);
|
||||
|
||||
orsa->n = orsa->e = NULL;
|
||||
RSA_free(orsa);
|
||||
|
||||
return n;
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup Core_Crypto
|
||||
\brief Signs data with RSA
|
||||
\param out Where to write signature
|
||||
\param in Data to sign
|
||||
\param length Length of data
|
||||
\param srsa RSA secret key
|
||||
\param rsa RSA public key
|
||||
\return number of bytes decrypted
|
||||
*/
|
||||
int
|
||||
ops_rsa_private_encrypt(unsigned char *out, const unsigned char *in,
|
||||
size_t length, const ops_rsa_secret_key_t * srsa,
|
||||
const ops_rsa_public_key_t * rsa)
|
||||
{
|
||||
RSA *orsa;
|
||||
int n;
|
||||
|
||||
orsa = RSA_new();
|
||||
orsa->n = rsa->n; /* XXX: do we need n? */
|
||||
orsa->d = srsa->d;
|
||||
orsa->p = srsa->q;
|
||||
orsa->q = srsa->p;
|
||||
|
||||
/* debug */
|
||||
orsa->e = rsa->e;
|
||||
/* If this isn't set, it's very likely that the programmer hasn't */
|
||||
/* decrypted the secret key. RSA_check_key segfaults in that case. */
|
||||
/* Use ops_decrypt_secret_key_from_data() to do that. */
|
||||
assert(orsa->d);
|
||||
assert(RSA_check_key(orsa) == 1);
|
||||
orsa->e = NULL;
|
||||
/* end debug */
|
||||
|
||||
n = RSA_private_encrypt(length, in, out, orsa, RSA_NO_PADDING);
|
||||
|
||||
orsa->n = orsa->d = orsa->p = orsa->q = NULL;
|
||||
RSA_free(orsa);
|
||||
|
||||
return n;
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup Core_Crypto
|
||||
\brief Decrypts RSA-encrypted data
|
||||
\param out Where to write the plaintext
|
||||
\param in Encrypted data
|
||||
\param length Length of encrypted data
|
||||
\param srsa RSA secret key
|
||||
\param rsa RSA public key
|
||||
\return size of recovered plaintext
|
||||
*/
|
||||
int
|
||||
ops_rsa_private_decrypt(unsigned char *out, const unsigned char *in,
|
||||
size_t length, const ops_rsa_secret_key_t *srsa,
|
||||
const ops_rsa_public_key_t *rsa)
|
||||
{
|
||||
RSA *orsa;
|
||||
int n;
|
||||
char errbuf[1024];
|
||||
|
||||
orsa = RSA_new();
|
||||
orsa->n = rsa->n; /* XXX: do we need n? */
|
||||
orsa->d = srsa->d;
|
||||
orsa->p = srsa->q;
|
||||
orsa->q = srsa->p;
|
||||
|
||||
/* debug */
|
||||
orsa->e = rsa->e;
|
||||
assert(RSA_check_key(orsa) == 1);
|
||||
/* end debug */
|
||||
|
||||
n = RSA_private_decrypt(length, in, out, orsa, RSA_NO_PADDING);
|
||||
|
||||
if (ops_get_debug_level(__FILE__)) {
|
||||
printf("ops_rsa_private_decrypt: n=%d\n",n);
|
||||
}
|
||||
|
||||
errbuf[0] = '\0';
|
||||
if (n == -1) {
|
||||
unsigned long err = ERR_get_error();
|
||||
ERR_error_string(err, &errbuf[0]);
|
||||
fprintf(stderr, "openssl error : %s\n", errbuf);
|
||||
}
|
||||
orsa->n = orsa->d = orsa->p = orsa->q = NULL;
|
||||
RSA_free(orsa);
|
||||
|
||||
return n;
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup Core_Crypto
|
||||
\brief RSA-encrypts data
|
||||
\param out Where to write the encrypted data
|
||||
\param in Plaintext
|
||||
\param length Size of plaintext
|
||||
\param rsa RSA Public Key
|
||||
*/
|
||||
int
|
||||
ops_rsa_public_encrypt(unsigned char *out, const unsigned char *in,
|
||||
size_t length, const ops_rsa_public_key_t * rsa)
|
||||
{
|
||||
RSA *orsa;
|
||||
int n;
|
||||
|
||||
/* printf("ops_rsa_public_encrypt: length=%ld\n", length); */
|
||||
|
||||
orsa = RSA_new();
|
||||
orsa->n = rsa->n;
|
||||
orsa->e = rsa->e;
|
||||
|
||||
/* printf("len: %ld\n", length); */
|
||||
/* ops_print_bn("n: ", orsa->n); */
|
||||
/* ops_print_bn("e: ", orsa->e); */
|
||||
n = RSA_public_encrypt(length, in, out, orsa, RSA_NO_PADDING);
|
||||
|
||||
if (n == -1) {
|
||||
BIO *fd_out;
|
||||
fd_out = BIO_new_fd(fileno(stderr), BIO_NOCLOSE);
|
||||
ERR_print_errors(fd_out);
|
||||
}
|
||||
orsa->n = orsa->e = NULL;
|
||||
RSA_free(orsa);
|
||||
|
||||
return n;
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup Core_Crypto
|
||||
\brief initialises openssl
|
||||
\note Would usually call ops_init() instead
|
||||
\sa ops_init()
|
||||
*/
|
||||
void
|
||||
ops_crypto_init()
|
||||
{
|
||||
#ifdef DMALLOC
|
||||
CRYPTO_malloc_debug_init();
|
||||
CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
|
||||
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
|
||||
#endif
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup Core_Crypto
|
||||
\brief Finalise openssl
|
||||
\note Would usually call ops_finish() instead
|
||||
\sa ops_finish()
|
||||
*/
|
||||
void
|
||||
ops_crypto_finish()
|
||||
{
|
||||
CRYPTO_cleanup_all_ex_data();
|
||||
ERR_remove_state(0);
|
||||
#ifdef DMALLOC
|
||||
CRYPTO_mem_leaks_fp(stderr);
|
||||
#endif
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup Core_Hashes
|
||||
\brief Get Hash name
|
||||
\param hash Hash struct
|
||||
\return Hash name
|
||||
*/
|
||||
const char *
|
||||
ops_text_from_hash(ops_hash_t * hash)
|
||||
{
|
||||
return hash->name;
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup HighLevel_KeyGenerate
|
||||
\brief Generates an RSA keypair
|
||||
\param numbits Modulus size
|
||||
\param e Public Exponent
|
||||
\param keydata Pointer to keydata struct to hold new key
|
||||
\return true if key generated successfully; otherwise false
|
||||
\note It is the caller's responsibility to call ops_keydata_free(keydata)
|
||||
*/
|
||||
bool
|
||||
ops_rsa_generate_keypair(const int numbits, const unsigned long e, ops_keydata_t * keydata)
|
||||
{
|
||||
ops_secret_key_t *skey = NULL;
|
||||
RSA *rsa = NULL;
|
||||
BN_CTX *ctx = BN_CTX_new();
|
||||
ops_create_info_t *cinfo;
|
||||
ops_memory_t *mem;
|
||||
|
||||
ops_keydata_init(keydata, OPS_PTAG_CT_SECRET_KEY);
|
||||
skey = ops_get_writable_secret_key_from_data(keydata);
|
||||
|
||||
/* generate the key pair */
|
||||
|
||||
rsa = RSA_generate_key(numbits, e, NULL, NULL);
|
||||
|
||||
/* populate ops key from ssl key */
|
||||
|
||||
skey->public_key.version = 4;
|
||||
skey->public_key.creation_time = time(NULL);
|
||||
skey->public_key.days_valid = 0;
|
||||
skey->public_key.algorithm = OPS_PKA_RSA;
|
||||
|
||||
skey->public_key.key.rsa.n = BN_dup(rsa->n);
|
||||
skey->public_key.key.rsa.e = BN_dup(rsa->e);
|
||||
|
||||
skey->s2k_usage = OPS_S2KU_ENCRYPTED_AND_HASHED;
|
||||
skey->s2k_specifier = OPS_S2KS_SALTED;
|
||||
/* skey->s2k_specifier=OPS_S2KS_SIMPLE; */
|
||||
skey->algorithm = OPS_SA_CAST5; /* \todo make param */
|
||||
skey->hash_algorithm = OPS_HASH_SHA1; /* \todo make param */
|
||||
skey->octet_count = 0;
|
||||
skey->checksum = 0;
|
||||
|
||||
skey->key.rsa.d = BN_dup(rsa->d);
|
||||
skey->key.rsa.p = BN_dup(rsa->p);
|
||||
skey->key.rsa.q = BN_dup(rsa->q);
|
||||
skey->key.rsa.u = BN_mod_inverse(NULL, rsa->p, rsa->q, ctx);
|
||||
assert(skey->key.rsa.u);
|
||||
BN_CTX_free(ctx);
|
||||
|
||||
RSA_free(rsa);
|
||||
|
||||
ops_keyid(keydata->key_id, OPS_KEY_ID_SIZE, OPS_KEY_ID_SIZE,
|
||||
&keydata->key.skey.public_key);
|
||||
ops_fingerprint(&keydata->fingerprint, &keydata->key.skey.public_key);
|
||||
|
||||
/* Generate checksum */
|
||||
|
||||
cinfo = NULL;
|
||||
mem = NULL;
|
||||
|
||||
ops_setup_memory_write(&cinfo, &mem, 128);
|
||||
|
||||
ops_push_skey_checksum_writer(cinfo, skey);
|
||||
|
||||
switch (skey->public_key.algorithm) {
|
||||
/* case OPS_PKA_DSA: */
|
||||
/* return ops_write_mpi(key->key.dsa.x,info); */
|
||||
|
||||
case OPS_PKA_RSA:
|
||||
case OPS_PKA_RSA_ENCRYPT_ONLY:
|
||||
case OPS_PKA_RSA_SIGN_ONLY:
|
||||
if (!ops_write_mpi(skey->key.rsa.d, cinfo)
|
||||
|| !ops_write_mpi(skey->key.rsa.p, cinfo)
|
||||
|| !ops_write_mpi(skey->key.rsa.q, cinfo)
|
||||
|| !ops_write_mpi(skey->key.rsa.u, cinfo))
|
||||
return false;
|
||||
break;
|
||||
|
||||
/* case OPS_PKA_ELGAMAL: */
|
||||
/* return ops_write_mpi(key->key.elgamal.x,info); */
|
||||
|
||||
default:
|
||||
assert( /* CONSTCOND */ 0);
|
||||
break;
|
||||
}
|
||||
|
||||
/* close rather than pop, since its the only one on the stack */
|
||||
ops_writer_close(cinfo);
|
||||
ops_teardown_memory_write(cinfo, mem);
|
||||
|
||||
/* should now have checksum in skey struct */
|
||||
|
||||
/* test */
|
||||
if (ops_get_debug_level(__FILE__))
|
||||
test_secret_key(skey);
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup HighLevel_KeyGenerate
|
||||
\brief Creates a self-signed RSA keypair
|
||||
\param numbits Modulus size
|
||||
\param e Public Exponent
|
||||
\param userid User ID
|
||||
\return The new keypair or NULL
|
||||
|
||||
\note It is the caller's responsibility to call ops_keydata_free(keydata)
|
||||
\sa ops_rsa_generate_keypair()
|
||||
\sa ops_keydata_free()
|
||||
*/
|
||||
ops_keydata_t *
|
||||
ops_rsa_create_selfsigned_keypair(const int numbits, const unsigned long e, ops_user_id_t * userid)
|
||||
{
|
||||
ops_keydata_t *keydata = NULL;
|
||||
|
||||
keydata = ops_keydata_new();
|
||||
|
||||
if (ops_rsa_generate_keypair(numbits, e, keydata) != true
|
||||
|| ops_add_selfsigned_userid_to_keydata(keydata, userid) != true) {
|
||||
ops_keydata_free(keydata);
|
||||
return NULL;
|
||||
}
|
||||
return keydata;
|
||||
}
|
||||
|
||||
/*
|
||||
int ops_dsa_size(const ops_dsa_public_key_t *dsa)
|
||||
{
|
||||
int size;
|
||||
DSA *odsa;
|
||||
odsa=DSA_new();
|
||||
odsa->p=dsa->p;
|
||||
odsa->q=dsa->q;
|
||||
odsa->g=dsa->g;
|
||||
odsa->pub_key=dsa->y;
|
||||
|
||||
DSAparams_print_fp(stderr, odsa);
|
||||
size=DSA_size(odsa);
|
||||
|
||||
odsa->p=odsa->q=odsa->g=odsa->pub_key=odsa->priv_key=NULL;
|
||||
DSA_free(odsa);
|
||||
|
||||
return size;
|
||||
}
|
||||
*/
|
||||
|
||||
DSA_SIG *
|
||||
ops_dsa_sign(unsigned char *hashbuf, unsigned hashsize, const ops_dsa_secret_key_t * sdsa, const ops_dsa_public_key_t * dsa)
|
||||
{
|
||||
DSA *odsa;
|
||||
DSA_SIG *dsasig;
|
||||
|
||||
odsa = DSA_new();
|
||||
odsa->p = dsa->p;
|
||||
odsa->q = dsa->q;
|
||||
odsa->g = dsa->g;
|
||||
odsa->pub_key = dsa->y;
|
||||
odsa->priv_key = sdsa->x;
|
||||
|
||||
dsasig = DSA_do_sign(hashbuf, hashsize, odsa);
|
||||
|
||||
odsa->p = odsa->q = odsa->g = odsa->pub_key = odsa->priv_key = NULL;
|
||||
DSA_free(odsa);
|
||||
|
||||
return dsasig;
|
||||
}
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
|
@ -1,894 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
|
||||
* All rights reserved.
|
||||
* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
|
||||
* their moral rights under the UK Copyright Design and Patents Act 1988 to
|
||||
* be recorded as the authors of this copyright work.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License.
|
||||
*
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
*
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/** \file
|
||||
*
|
||||
* Creates printable text strings from packet contents
|
||||
*
|
||||
*/
|
||||
|
||||
#include <openpgpsdk/configure.h>
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
#include <openpgpsdk/packet-show.h>
|
||||
#include <openpgpsdk/util.h>
|
||||
|
||||
#include <openpgpsdk/final.h>
|
||||
|
||||
/*
|
||||
* Arrays of value->text maps
|
||||
*/
|
||||
|
||||
static ops_map_t packet_tag_map[] =
|
||||
{
|
||||
{OPS_PTAG_CT_RESERVED, "Reserved"},
|
||||
{OPS_PTAG_CT_PK_SESSION_KEY, "Public-Key Encrypted Session Key"},
|
||||
{OPS_PTAG_CT_SIGNATURE, "Signature"},
|
||||
{OPS_PTAG_CT_SK_SESSION_KEY, "Symmetric-Key Encrypted Session Key"},
|
||||
{OPS_PTAG_CT_ONE_PASS_SIGNATURE, "One-Pass Signature"},
|
||||
{OPS_PTAG_CT_SECRET_KEY, "Secret Key"},
|
||||
{OPS_PTAG_CT_PUBLIC_KEY, "Public Key"},
|
||||
{OPS_PTAG_CT_SECRET_SUBKEY, "Secret Subkey"},
|
||||
{OPS_PTAG_CT_COMPRESSED, "Compressed Data"},
|
||||
{OPS_PTAG_CT_SE_DATA, "Symmetrically Encrypted Data"},
|
||||
{OPS_PTAG_CT_MARKER, "Marker"},
|
||||
{OPS_PTAG_CT_LITERAL_DATA, "Literal Data"},
|
||||
{OPS_PTAG_CT_TRUST, "Trust"},
|
||||
{OPS_PTAG_CT_USER_ID, "User ID"},
|
||||
{OPS_PTAG_CT_PUBLIC_SUBKEY, "Public Subkey"},
|
||||
{OPS_PTAG_CT_RESERVED2, "reserved"},
|
||||
{OPS_PTAG_CT_RESERVED3, "reserved"},
|
||||
{OPS_PTAG_CT_USER_ATTRIBUTE, "User Attribute"},
|
||||
{OPS_PTAG_CT_SE_IP_DATA, "Sym. Encrypted and Integrity Protected Data"},
|
||||
{OPS_PTAG_CT_MDC, "Modification Detection Code"},
|
||||
{OPS_PARSER_PTAG, "OPS_PARSER_PTAG"},
|
||||
{OPS_PTAG_RAW_SS, "OPS_PTAG_RAW_SS"},
|
||||
{OPS_PTAG_SS_ALL, "OPS_PTAG_SS_ALL"},
|
||||
{OPS_PARSER_PACKET_END, "OPS_PARSER_PACKET_END"},
|
||||
{OPS_PTAG_SIGNATURE_SUBPACKET_BASE, "OPS_PTAG_SIGNATURE_SUBPACKET_BASE"},
|
||||
|
||||
{OPS_PTAG_SS_CREATION_TIME, "SS: Signature Creation Time"},
|
||||
{OPS_PTAG_SS_EXPIRATION_TIME, "SS: Signature Expiration Time"},
|
||||
{OPS_PTAG_SS_EXPORTABLE_CERTIFICATION, "SS: Exportable Certification"},
|
||||
{OPS_PTAG_SS_TRUST, "SS: Trust Signature"},
|
||||
{OPS_PTAG_SS_REGEXP, "SS: Regular Expression"},
|
||||
{OPS_PTAG_SS_REVOCABLE, "SS: Revocable"},
|
||||
{OPS_PTAG_SS_KEY_EXPIRATION_TIME, "SS: Key Expiration Time"},
|
||||
{OPS_PTAG_SS_RESERVED, "SS: Reserved"},
|
||||
{OPS_PTAG_SS_PREFERRED_SKA, "SS: Preferred Secret Key Algorithm"},
|
||||
{OPS_PTAG_SS_REVOCATION_KEY, "SS: Revocation Key"},
|
||||
{OPS_PTAG_SS_ISSUER_KEY_ID, "SS: Issuer Key Id"},
|
||||
{OPS_PTAG_SS_NOTATION_DATA, "SS: Notation Data"},
|
||||
{OPS_PTAG_SS_PREFERRED_HASH, "SS: Preferred Hash Algorithm"},
|
||||
{OPS_PTAG_SS_PREFERRED_COMPRESSION, "SS: Preferred Compression Algorithm"},
|
||||
{OPS_PTAG_SS_KEY_SERVER_PREFS, "SS: Key Server Preferences"},
|
||||
{OPS_PTAG_SS_PREFERRED_COMPRESSION, "SS: Preferred Key Server"},
|
||||
{OPS_PTAG_SS_PRIMARY_USER_ID, "SS: Primary User ID"},
|
||||
{OPS_PTAG_SS_POLICY_URI, "SS: Policy URI"},
|
||||
{OPS_PTAG_SS_KEY_FLAGS, "SS: Key Flags"},
|
||||
{OPS_PTAG_SS_SIGNERS_USER_ID, "SS: Signer's User ID"},
|
||||
{OPS_PTAG_SS_REVOCATION_REASON, "SS: Reason for Revocation"},
|
||||
{OPS_PTAG_SS_FEATURES, "SS: Features"},
|
||||
{OPS_PTAG_SS_SIGNATURE_TARGET, "SS: Signature Target"},
|
||||
{OPS_PTAG_SS_EMBEDDED_SIGNATURE, "SS: Embedded Signature"},
|
||||
|
||||
{OPS_PTAG_CT_LITERAL_DATA_HEADER, "CT: Literal Data Header"},
|
||||
{OPS_PTAG_CT_LITERAL_DATA_BODY, "CT: Literal Data Body"},
|
||||
{OPS_PTAG_CT_SIGNATURE_HEADER, "CT: Signature Header"},
|
||||
{OPS_PTAG_CT_SIGNATURE_FOOTER, "CT: Signature Footer"},
|
||||
{OPS_PTAG_CT_ARMOUR_HEADER, "CT: Armour Header"},
|
||||
{OPS_PTAG_CT_ARMOUR_TRAILER, "CT: Armour Trailer"},
|
||||
{OPS_PTAG_CT_SIGNED_CLEARTEXT_HEADER, "CT: Signed Cleartext Header"},
|
||||
{OPS_PTAG_CT_SIGNED_CLEARTEXT_BODY, "CT: Signed Cleartext Body"},
|
||||
{OPS_PTAG_CT_SIGNED_CLEARTEXT_TRAILER, "CT: Signed Cleartext Trailer"},
|
||||
{OPS_PTAG_CT_UNARMOURED_TEXT, "CT: Unarmoured Text"},
|
||||
{OPS_PTAG_CT_ENCRYPTED_SECRET_KEY, "CT: Encrypted Secret Key"},
|
||||
{OPS_PTAG_CT_SE_DATA_HEADER, "CT: Sym Encrypted Data Header"},
|
||||
{OPS_PTAG_CT_SE_DATA_BODY, "CT: Sym Encrypted Data Body"},
|
||||
{OPS_PTAG_CT_SE_IP_DATA_HEADER, "CT: Sym Encrypted IP Data Header"},
|
||||
{OPS_PTAG_CT_SE_IP_DATA_BODY, "CT: Sym Encrypted IP Data Body"},
|
||||
{OPS_PTAG_CT_ENCRYPTED_PK_SESSION_KEY, "CT: Encrypted PK Session Key"},
|
||||
{OPS_PARSER_CMD_GET_SK_PASSPHRASE, "CMD: Get Secret Key Passphrase"},
|
||||
{OPS_PARSER_CMD_GET_SECRET_KEY, "CMD: Get Secret Key"},
|
||||
{OPS_PARSER_ERROR, "OPS_PARSER_ERROR"},
|
||||
{OPS_PARSER_ERRCODE, "OPS_PARSER_ERRCODE"},
|
||||
|
||||
{0x00, NULL}, /* this is the end-of-array marker */
|
||||
};
|
||||
typedef ops_map_t packet_tag_map_t;
|
||||
|
||||
static ops_map_t ss_type_map[] =
|
||||
{
|
||||
{OPS_PTAG_SS_CREATION_TIME, "Signature Creation Time"},
|
||||
{OPS_PTAG_SS_EXPIRATION_TIME, "Signature Expiration Time"},
|
||||
{OPS_PTAG_SS_TRUST, "Trust Signature"},
|
||||
{OPS_PTAG_SS_REGEXP, "Regular Expression"},
|
||||
{OPS_PTAG_SS_REVOCABLE, "Revocable"},
|
||||
{OPS_PTAG_SS_KEY_EXPIRATION_TIME, "Key Expiration Time"},
|
||||
{OPS_PTAG_SS_PREFERRED_SKA, "Preferred Symmetric Algorithms"},
|
||||
{OPS_PTAG_SS_REVOCATION_KEY, "Revocation Key"},
|
||||
{OPS_PTAG_SS_ISSUER_KEY_ID, "Issuer key ID"},
|
||||
{OPS_PTAG_SS_NOTATION_DATA, "Notation Data"},
|
||||
{OPS_PTAG_SS_PREFERRED_HASH, "Preferred Hash Algorithms"},
|
||||
{OPS_PTAG_SS_PREFERRED_COMPRESSION, "Preferred Compression Algorithms"},
|
||||
{OPS_PTAG_SS_KEY_SERVER_PREFS, "Key Server Preferences"},
|
||||
{OPS_PTAG_SS_PREFERRED_KEY_SERVER, "Preferred Key Server"},
|
||||
{OPS_PTAG_SS_PRIMARY_USER_ID, "Primary User ID"},
|
||||
{OPS_PTAG_SS_POLICY_URI, "Policy URI"},
|
||||
{OPS_PTAG_SS_KEY_FLAGS, "Key Flags"},
|
||||
{OPS_PTAG_SS_REVOCATION_REASON, "Reason for Revocation"},
|
||||
{OPS_PTAG_SS_FEATURES, "Features"},
|
||||
{0x00, NULL}, /* this is the end-of-array marker */
|
||||
};
|
||||
typedef ops_map_t ss_type_map_t;
|
||||
|
||||
|
||||
static ops_map_t ss_rr_code_map[] =
|
||||
{
|
||||
{0x00, "No reason specified"},
|
||||
{0x01, "Key is superseded"},
|
||||
{0x02, "Key material has been compromised"},
|
||||
{0x03, "Key is retired and no longer used"},
|
||||
{0x20, "User ID information is no longer valid"},
|
||||
{0x00, NULL}, /* this is the end-of-array marker */
|
||||
};
|
||||
typedef ops_map_t ss_rr_code_map_t;
|
||||
|
||||
static ops_map_t sig_type_map[] =
|
||||
{
|
||||
{OPS_SIG_BINARY, "Signature of a binary document"},
|
||||
{OPS_SIG_TEXT, "Signature of a canonical text document"},
|
||||
{OPS_SIG_STANDALONE, "Standalone signature"},
|
||||
{OPS_CERT_GENERIC, "Generic certification of a User ID and Public Key packet"},
|
||||
{OPS_CERT_PERSONA, "Personal certification of a User ID and Public Key packet"},
|
||||
{OPS_CERT_CASUAL, "Casual certification of a User ID and Public Key packet"},
|
||||
{OPS_CERT_POSITIVE, "Positive certification of a User ID and Public Key packet"},
|
||||
{OPS_SIG_SUBKEY, "Subkey Binding Signature"},
|
||||
{OPS_SIG_PRIMARY, "Primary Key Binding Signature"},
|
||||
{OPS_SIG_DIRECT, "Signature directly on a key"},
|
||||
{OPS_SIG_REV_KEY, "Key revocation signature"},
|
||||
{OPS_SIG_REV_SUBKEY, "Subkey revocation signature"},
|
||||
{OPS_SIG_REV_CERT, "Certification revocation signature"},
|
||||
{OPS_SIG_TIMESTAMP, "Timestamp signature"},
|
||||
{OPS_SIG_3RD_PARTY, "Third-Party Confirmation signature"},
|
||||
{0x00, NULL}, /* this is the end-of-array marker */
|
||||
};
|
||||
typedef ops_map_t sig_type_map_t;
|
||||
|
||||
static ops_map_t public_key_algorithm_map[] =
|
||||
{
|
||||
{OPS_PKA_RSA, "RSA (Encrypt or Sign)"},
|
||||
{OPS_PKA_RSA_ENCRYPT_ONLY, "RSA Encrypt-Only"},
|
||||
{OPS_PKA_RSA_SIGN_ONLY, "RSA Sign-Only"},
|
||||
{OPS_PKA_ELGAMAL, "Elgamal (Encrypt-Only)"},
|
||||
{OPS_PKA_DSA, "DSA"},
|
||||
{OPS_PKA_RESERVED_ELLIPTIC_CURVE, "Reserved for Elliptic Curve"},
|
||||
{OPS_PKA_RESERVED_ECDSA, "Reserved for ECDSA"},
|
||||
{OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN, "Reserved (formerly Elgamal Encrypt or Sign"},
|
||||
{OPS_PKA_RESERVED_DH, "Reserved for Diffie-Hellman (X9.42)"},
|
||||
{OPS_PKA_PRIVATE00, "Private/Experimental"},
|
||||
{OPS_PKA_PRIVATE01, "Private/Experimental"},
|
||||
{OPS_PKA_PRIVATE02, "Private/Experimental"},
|
||||
{OPS_PKA_PRIVATE03, "Private/Experimental"},
|
||||
{OPS_PKA_PRIVATE04, "Private/Experimental"},
|
||||
{OPS_PKA_PRIVATE05, "Private/Experimental"},
|
||||
{OPS_PKA_PRIVATE06, "Private/Experimental"},
|
||||
{OPS_PKA_PRIVATE07, "Private/Experimental"},
|
||||
{OPS_PKA_PRIVATE08, "Private/Experimental"},
|
||||
{OPS_PKA_PRIVATE09, "Private/Experimental"},
|
||||
{OPS_PKA_PRIVATE10, "Private/Experimental"},
|
||||
{0x00, NULL}, /* this is the end-of-array marker */
|
||||
};
|
||||
typedef ops_map_t public_key_algorithm_map_t;
|
||||
|
||||
static ops_map_t symmetric_algorithm_map[] =
|
||||
{
|
||||
{OPS_SA_PLAINTEXT, "Plaintext or unencrypted data"},
|
||||
{OPS_SA_IDEA, "IDEA"},
|
||||
{OPS_SA_TRIPLEDES, "TripleDES"},
|
||||
{OPS_SA_CAST5, "CAST5"},
|
||||
{OPS_SA_BLOWFISH, "Blowfish"},
|
||||
{OPS_SA_AES_128, "AES (128-bit key)"},
|
||||
{OPS_SA_AES_192, "AES (192-bit key)"},
|
||||
{OPS_SA_AES_256, "AES (256-bit key)"},
|
||||
{OPS_SA_TWOFISH, "Twofish(256-bit key)"},
|
||||
{0x00, NULL}, /* this is the end-of-array marker */
|
||||
};
|
||||
|
||||
static ops_map_t hash_algorithm_map[] =
|
||||
{
|
||||
{OPS_HASH_MD5, "MD5"},
|
||||
{OPS_HASH_SHA1, "SHA1"},
|
||||
{OPS_HASH_RIPEMD, "RIPEMD160"},
|
||||
{OPS_HASH_SHA256, "SHA256"},
|
||||
{OPS_HASH_SHA384, "SHA384"},
|
||||
{OPS_HASH_SHA512, "SHA512"},
|
||||
{OPS_HASH_SHA224, "SHA224"},
|
||||
{0x00, NULL}, /* this is the end-of-array marker */
|
||||
};
|
||||
|
||||
static ops_map_t compression_algorithm_map[] =
|
||||
{
|
||||
{OPS_C_NONE, "Uncompressed"},
|
||||
{OPS_C_ZIP, "ZIP(RFC1951)"},
|
||||
{OPS_C_ZLIB, "ZLIB(RFC1950)"},
|
||||
{OPS_C_BZIP2, "Bzip2(BZ2)"},
|
||||
{0x00, NULL}, /* this is the end-of-array marker */
|
||||
};
|
||||
|
||||
static ops_bit_map_t ss_notation_data_map_byte0[] =
|
||||
{
|
||||
{0x80, "Human-readable"},
|
||||
{0x00, NULL},
|
||||
};
|
||||
|
||||
static ops_bit_map_t *ss_notation_data_map[] =
|
||||
{
|
||||
ss_notation_data_map_byte0,
|
||||
};
|
||||
|
||||
static ops_bit_map_t ss_feature_map_byte0[] =
|
||||
{
|
||||
{0x01, "Modification Detection"},
|
||||
{0x00, NULL},
|
||||
};
|
||||
|
||||
static ops_bit_map_t *ss_feature_map[] =
|
||||
{
|
||||
ss_feature_map_byte0,
|
||||
};
|
||||
|
||||
static ops_bit_map_t ss_key_flags_map[] =
|
||||
{
|
||||
{0x01, "May be used to certify other keys"},
|
||||
{0x02, "May be used to sign data"},
|
||||
{0x04, "May be used to encrypt communications"},
|
||||
{0x08, "May be used to encrypt storage"},
|
||||
{0x10, "Private component may have been split by a secret-sharing mechanism"},
|
||||
{0x80, "Private component may be in possession of more than one person"},
|
||||
{0x00, NULL},
|
||||
};
|
||||
|
||||
static ops_bit_map_t ss_key_server_prefs_map[] =
|
||||
{
|
||||
{0x80, "Key holder requests that this key only be modified or updated by the key holder or an administrator of the key server"},
|
||||
{0x00, NULL},
|
||||
};
|
||||
|
||||
#include <openpgpsdk/packet-show-cast.h>
|
||||
|
||||
/*
|
||||
* Private functions
|
||||
*/
|
||||
|
||||
static void
|
||||
list_init(ops_list_t * list)
|
||||
{
|
||||
list->size = 0;
|
||||
list->used = 0;
|
||||
list->strings = NULL;
|
||||
}
|
||||
|
||||
static void
|
||||
list_free_strings(ops_list_t * list)
|
||||
{
|
||||
unsigned i;
|
||||
|
||||
for (i = 0; i < list->used; i++) {
|
||||
free(list->strings[i]);
|
||||
list->strings[i] = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
static void
|
||||
list_free(ops_list_t * list)
|
||||
{
|
||||
if (list->strings)
|
||||
free(list->strings);
|
||||
list_init(list);
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
list_resize(ops_list_t * list)
|
||||
{
|
||||
/*
|
||||
* We only resize in one direction - upwards. Algorithm used : double
|
||||
* the current size then add 1
|
||||
*/
|
||||
|
||||
int newsize = 0;
|
||||
|
||||
newsize = list->size * 2 + 1;
|
||||
list->strings = realloc(list->strings, newsize * sizeof(char *));
|
||||
if (list->strings) {
|
||||
list->size = newsize;
|
||||
return 1;
|
||||
} else {
|
||||
/* xxx - realloc failed. error message? - rachel */
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
add_str(ops_list_t * list, const char *str)
|
||||
{
|
||||
if (list->size == list->used)
|
||||
if (!list_resize(list))
|
||||
return 0;
|
||||
|
||||
list->strings[list->used] = __UNCONST(str);
|
||||
list->used++;
|
||||
return 1;
|
||||
}
|
||||
|
||||
static const char *
|
||||
str_from_bitfield_or_null(unsigned char octet, ops_bit_map_t * map)
|
||||
{
|
||||
ops_bit_map_t *row;
|
||||
|
||||
for (row = map; row->string != NULL; row++)
|
||||
if (row->mask == octet)
|
||||
return row->string;
|
||||
|
||||
return NULL;
|
||||
}
|
||||
|
||||
static const char *
|
||||
str_from_bitfield(unsigned char octet, ops_bit_map_t * map)
|
||||
{
|
||||
const char *str;
|
||||
str = str_from_bitfield_or_null(octet, map);
|
||||
if (str)
|
||||
return str;
|
||||
else
|
||||
return "Unknown";
|
||||
}
|
||||
|
||||
/* ! generic function to initialise ops_text_t structure */
|
||||
void
|
||||
ops_text_init(ops_text_t * text)
|
||||
{
|
||||
list_init(&text->known);
|
||||
list_init(&text->unknown);
|
||||
}
|
||||
|
||||
/**
|
||||
* \ingroup Core_Print
|
||||
*
|
||||
* ops_text_free() frees the memory used by an ops_text_t structure
|
||||
*
|
||||
* \param text Pointer to a previously allocated structure. This structure and its contents will be freed.
|
||||
*/
|
||||
void
|
||||
ops_text_free(ops_text_t * text)
|
||||
{
|
||||
/* Strings in "known" array will be constants, so don't free them */
|
||||
list_free(&text->known);
|
||||
|
||||
/*
|
||||
* Strings in "unknown" array will be dynamically allocated, so do
|
||||
* free them
|
||||
*/
|
||||
list_free_strings(&text->unknown);
|
||||
list_free(&text->unknown);
|
||||
|
||||
/* finally, free the text structure itself */
|
||||
free(text);
|
||||
}
|
||||
|
||||
/* XXX: should this (and many others) be bool? */
|
||||
/* ! generic function which adds text derived from single octet map to text */
|
||||
static unsigned int
|
||||
add_str_from_octet_map(ops_text_t * text, char *str,
|
||||
unsigned char octet)
|
||||
{
|
||||
if (str && !add_str(&text->known, str)) {
|
||||
/*
|
||||
* value recognised, but there was a problem adding it to the
|
||||
* list
|
||||
*/
|
||||
/* XXX - should print out error msg here, Ben? - rachel */
|
||||
return 0;
|
||||
} else if (!str) {
|
||||
/*
|
||||
* value not recognised and there was a problem adding it to
|
||||
* the unknown list
|
||||
*/
|
||||
unsigned len = 2 + 2 + 1; /* 2 for "0x", 2 for
|
||||
* single octet in hex
|
||||
* format, 1 for NULL */
|
||||
str = malloc(len);
|
||||
snprintf(str, len, "0x%x", octet);
|
||||
if (!add_str(&text->unknown, str))
|
||||
return 0;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
/* ! generic function which adds text derived from single bit map to text */
|
||||
static unsigned int
|
||||
add_str_from_bit_map(ops_text_t * text, const char *str, unsigned char bit)
|
||||
{
|
||||
const char *fmt_unknown = "Unknown bit(0x%x)";
|
||||
|
||||
if (str && !add_str(&text->known, str)) {
|
||||
/*
|
||||
* value recognised, but there was a problem adding it to the
|
||||
* list
|
||||
*/
|
||||
/* XXX - should print out error msg here, Ben? - rachel */
|
||||
return 0;
|
||||
} else if (!str) {
|
||||
/*
|
||||
* value not recognised and there was a problem adding it to
|
||||
* the unknown list
|
||||
*/
|
||||
/*
|
||||
* 2 chars of the string are the format definition, this will
|
||||
* be replaced in the output by 2 chars of hex, so the length
|
||||
* will be correct
|
||||
*/
|
||||
unsigned len = strlen(fmt_unknown) + 1;
|
||||
str = malloc(len);
|
||||
|
||||
snprintf(__UNCONST(str), len, fmt_unknown, bit);
|
||||
if (!add_str(&text->unknown, str))
|
||||
return 0;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
/**
|
||||
* Produce a structure containing human-readable textstrings
|
||||
* representing the recognised and unrecognised contents
|
||||
* of this byte array. text_fn() will be called on each octet in turn.
|
||||
* Each octet will generate one string representing the whole byte.
|
||||
*
|
||||
*/
|
||||
|
||||
static ops_text_t *
|
||||
text_from_bytemapped_octets(ops_data_t * data,
|
||||
const char *(*text_fn) (unsigned char octet))
|
||||
{
|
||||
|
||||
ops_text_t *text = NULL;
|
||||
const char *str;
|
||||
unsigned i;
|
||||
|
||||
/*
|
||||
* ! allocate and initialise ops_text_t structure to store derived
|
||||
* strings
|
||||
*/
|
||||
text = malloc(sizeof(ops_text_t));
|
||||
if (!text)
|
||||
return NULL;
|
||||
|
||||
ops_text_init(text);
|
||||
|
||||
/* ! for each octet in field ... */
|
||||
for (i = 0; i < data->len; i++) {
|
||||
/* ! derive string from octet */
|
||||
str = (*text_fn) (data->contents[i]);
|
||||
|
||||
/* ! and add to text */
|
||||
if (!add_str_from_octet_map(text, strdup(str), data->contents[i])) {
|
||||
ops_text_free(text);
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
/*
|
||||
* ! All values have been added to either the known or the unknown
|
||||
* list
|
||||
*/
|
||||
/* ! Return text */
|
||||
return text;
|
||||
}
|
||||
|
||||
/**
|
||||
* Produce a structure containing human-readable textstrings
|
||||
* representing the recognised and unrecognised contents
|
||||
* of this byte array, derived from each bit of each octet.
|
||||
*
|
||||
*/
|
||||
static ops_text_t *
|
||||
showall_octets_bits(ops_data_t * data, ops_bit_map_t ** map,
|
||||
size_t nmap)
|
||||
{
|
||||
ops_text_t *text = NULL;
|
||||
const char *str;
|
||||
unsigned i;
|
||||
int j = 0;
|
||||
unsigned char mask, bit;
|
||||
|
||||
/*
|
||||
* ! allocate and initialise ops_text_t structure to store derived
|
||||
* strings
|
||||
*/
|
||||
text = malloc(sizeof(ops_text_t));
|
||||
if (!text)
|
||||
return NULL;
|
||||
|
||||
ops_text_init(text);
|
||||
|
||||
/* ! for each octet in field ... */
|
||||
for (i = 0; i < data->len; i++) {
|
||||
/* ! for each bit in octet ... */
|
||||
for (j = 0, mask = 0x80; j < 8; j++, mask = mask >> 1) {
|
||||
bit = data->contents[i] & mask;
|
||||
if (bit) {
|
||||
if (i >= nmap)
|
||||
str = "Unknown";
|
||||
else
|
||||
str = str_from_bitfield(bit, map[i]);
|
||||
if (!add_str_from_bit_map(text, str, bit)) {
|
||||
ops_text_free(text);
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
return text;
|
||||
}
|
||||
|
||||
/*
|
||||
* Public Functions
|
||||
*/
|
||||
|
||||
/**
|
||||
* \ingroup Core_Print
|
||||
* returns description of the Packet Tag
|
||||
* \param packet_tag
|
||||
* \return string or "Unknown"
|
||||
*/
|
||||
const char *
|
||||
ops_show_packet_tag(ops_packet_tag_t packet_tag)
|
||||
{
|
||||
const char *rtn = NULL;
|
||||
rtn = show_packet_tag(packet_tag, packet_tag_map);
|
||||
|
||||
if (!rtn)
|
||||
rtn = "Unknown Tag";
|
||||
|
||||
return rtn;
|
||||
}
|
||||
|
||||
/**
|
||||
* \ingroup Core_Print
|
||||
*
|
||||
* returns description of the Signature Sub-Packet type
|
||||
* \param ss_type Signature Sub-Packet type
|
||||
* \return string or "Unknown"
|
||||
*/
|
||||
const char *
|
||||
ops_show_ss_type(ops_ss_type_t ss_type)
|
||||
{
|
||||
return show_ss_type(ss_type, ss_type_map);
|
||||
}
|
||||
|
||||
/**
|
||||
* \ingroup Core_Print
|
||||
*
|
||||
* returns description of the Revocation Reason code
|
||||
* \param ss_rr_code Revocation Reason code
|
||||
* \return string or "Unknown"
|
||||
*/
|
||||
const char *
|
||||
ops_show_ss_rr_code(ops_ss_rr_code_t ss_rr_code)
|
||||
{
|
||||
return show_ss_rr_code(ss_rr_code, ss_rr_code_map);
|
||||
}
|
||||
|
||||
/**
|
||||
* \ingroup Core_Print
|
||||
*
|
||||
* returns description of the given Signature type
|
||||
* \param sig_type Signature type
|
||||
* \return string or "Unknown"
|
||||
*/
|
||||
const char *
|
||||
ops_show_sig_type(ops_sig_type_t sig_type)
|
||||
{
|
||||
return show_sig_type(sig_type, sig_type_map);
|
||||
}
|
||||
|
||||
/**
|
||||
* \ingroup Core_Print
|
||||
*
|
||||
* returns description of the given Public Key Algorithm
|
||||
* \param pka Public Key Algorithm type
|
||||
* \return string or "Unknown"
|
||||
*/
|
||||
const char *
|
||||
ops_show_pka(ops_public_key_algorithm_t pka)
|
||||
{
|
||||
return show_pka(pka, public_key_algorithm_map);
|
||||
}
|
||||
|
||||
/**
|
||||
* \ingroup Core_Print
|
||||
* returns description of the Preferred Compression
|
||||
* \param octet Preferred Compression
|
||||
* \return string or "Unknown"
|
||||
*/
|
||||
const char *
|
||||
ops_show_ss_preferred_compression(unsigned char octet)
|
||||
{
|
||||
return ops_str_from_map(octet, compression_algorithm_map);
|
||||
}
|
||||
|
||||
/**
|
||||
* \ingroup Core_Print
|
||||
*
|
||||
* returns set of descriptions of the given Preferred Compression Algorithms
|
||||
* \param ss_preferred_compression Array of Preferred Compression Algorithms
|
||||
* \return NULL if cannot allocate memory or other error
|
||||
* \return pointer to structure, if no error
|
||||
*/
|
||||
ops_text_t *
|
||||
ops_showall_ss_preferred_compression(ops_ss_preferred_compression_t ss_preferred_compression)
|
||||
{
|
||||
return text_from_bytemapped_octets(&ss_preferred_compression.data,
|
||||
&ops_show_ss_preferred_compression);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* \ingroup Core_Print
|
||||
*
|
||||
* returns description of the Hash Algorithm type
|
||||
* \param hash Hash Algorithm type
|
||||
* \return string or "Unknown"
|
||||
*/
|
||||
const char *
|
||||
ops_show_hash_algorithm(unsigned char hash)
|
||||
{
|
||||
return show_hash_algorithm(hash);
|
||||
}
|
||||
|
||||
/**
|
||||
* \ingroup Core_Print
|
||||
*
|
||||
* returns set of descriptions of the given Preferred Hash Algorithms
|
||||
* \param ss_preferred_hash Array of Preferred Hash Algorithms
|
||||
* \return NULL if cannot allocate memory or other error
|
||||
* \return pointer to structure, if no error
|
||||
*/
|
||||
ops_text_t *
|
||||
ops_showall_ss_preferred_hash(ops_ss_preferred_hash_t ss_preferred_hash)
|
||||
{
|
||||
return text_from_bytemapped_octets(&ss_preferred_hash.data,
|
||||
&ops_show_hash_algorithm);
|
||||
}
|
||||
|
||||
const char *
|
||||
ops_show_symmetric_algorithm(unsigned char hash)
|
||||
{
|
||||
return show_symmetric_algorithm(hash);
|
||||
}
|
||||
|
||||
/**
|
||||
* \ingroup Core_Print
|
||||
* returns description of the given Preferred Symmetric Key Algorithm
|
||||
* \param octet
|
||||
* \return string or "Unknown"
|
||||
*/
|
||||
const char *
|
||||
ops_show_ss_preferred_ska(unsigned char octet)
|
||||
{
|
||||
return ops_str_from_map(octet, symmetric_algorithm_map);
|
||||
}
|
||||
|
||||
/**
|
||||
* \ingroup Core_Print
|
||||
*
|
||||
* returns set of descriptions of the given Preferred Symmetric Key Algorithms
|
||||
* \param ss_preferred_ska Array of Preferred Symmetric Key Algorithms
|
||||
* \return NULL if cannot allocate memory or other error
|
||||
* \return pointer to structure, if no error
|
||||
*/
|
||||
ops_text_t *
|
||||
ops_showall_ss_preferred_ska(ops_ss_preferred_ska_t ss_preferred_ska)
|
||||
{
|
||||
return text_from_bytemapped_octets(&ss_preferred_ska.data,
|
||||
&ops_show_ss_preferred_ska);
|
||||
}
|
||||
|
||||
/**
|
||||
* \ingroup Core_Print
|
||||
* returns description of one SS Feature
|
||||
* \param octet
|
||||
* \return string or "Unknown"
|
||||
*/
|
||||
static const char *
|
||||
ops_show_ss_feature(unsigned char octet, unsigned offset)
|
||||
{
|
||||
if (offset >= OPS_ARRAY_SIZE(ss_feature_map))
|
||||
return "Unknown";
|
||||
return str_from_bitfield(octet, ss_feature_map[offset]);
|
||||
}
|
||||
|
||||
/**
|
||||
* \ingroup Core_Print
|
||||
*
|
||||
* returns set of descriptions of the given SS Features
|
||||
* \param ss_features Signature Sub-Packet Features
|
||||
* \return NULL if cannot allocate memory or other error
|
||||
* \return pointer to structure, if no error
|
||||
*/
|
||||
/* XXX: shouldn't this use show_all_octets_bits? */
|
||||
ops_text_t *
|
||||
ops_showall_ss_features(ops_ss_features_t ss_features)
|
||||
{
|
||||
ops_text_t *text = NULL;
|
||||
const char *str;
|
||||
unsigned i;
|
||||
int j = 0;
|
||||
unsigned char mask, bit;
|
||||
|
||||
text = malloc(sizeof(ops_text_t));
|
||||
if (!text)
|
||||
return NULL;
|
||||
|
||||
ops_text_init(text);
|
||||
|
||||
for (i = 0; i < ss_features.data.len; i++) {
|
||||
for (j = 0, mask = 0x80; j < 8; j++, mask = mask >> 1) {
|
||||
bit = ss_features.data.contents[i] & mask;
|
||||
if (bit) {
|
||||
str = ops_show_ss_feature(bit, i);
|
||||
if (!add_str_from_bit_map(text, str, bit)) {
|
||||
ops_text_free(text);
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
return text;
|
||||
}
|
||||
|
||||
/**
|
||||
* \ingroup Core_Print
|
||||
* returns description of SS Key Flag
|
||||
* \param octet
|
||||
* \param map
|
||||
* \return
|
||||
*/
|
||||
const char *
|
||||
ops_show_ss_key_flag(unsigned char octet, ops_bit_map_t * map)
|
||||
{
|
||||
return str_from_bitfield(octet, map);
|
||||
}
|
||||
|
||||
/**
|
||||
* \ingroup Core_Print
|
||||
*
|
||||
* returns set of descriptions of the given Preferred Key Flags
|
||||
* \param ss_key_flags Array of Key Flags
|
||||
* \return NULL if cannot allocate memory or other error
|
||||
* \return pointer to structure, if no error
|
||||
*/
|
||||
ops_text_t *
|
||||
ops_showall_ss_key_flags(ops_ss_key_flags_t ss_key_flags)
|
||||
{
|
||||
ops_text_t *text = NULL;
|
||||
const char *str;
|
||||
int i = 0;
|
||||
unsigned char mask, bit;
|
||||
|
||||
text = malloc(sizeof(ops_text_t));
|
||||
if (!text)
|
||||
return NULL;
|
||||
|
||||
ops_text_init(text);
|
||||
|
||||
/* xxx - TBD: extend to handle multiple octets of bits - rachel */
|
||||
|
||||
for (i = 0, mask = 0x80; i < 8; i++, mask = mask >> 1) {
|
||||
bit = ss_key_flags.data.contents[0] & mask;
|
||||
if (bit) {
|
||||
str = ops_show_ss_key_flag(bit, &ss_key_flags_map[0]);
|
||||
if (!add_str_from_bit_map(text, strdup(str), bit)) {
|
||||
ops_text_free(text);
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
}
|
||||
/*
|
||||
* xxx - must add error text if more than one octet. Only one
|
||||
* currently specified -- rachel
|
||||
*/
|
||||
return text;
|
||||
}
|
||||
|
||||
/**
|
||||
* \ingroup Core_Print
|
||||
*
|
||||
* returns description of one given Key Server Preference
|
||||
*
|
||||
* \param prefs Byte containing bitfield of preferences
|
||||
* \param map
|
||||
* \return string or "Unknown"
|
||||
*/
|
||||
const char *
|
||||
ops_show_ss_key_server_prefs(unsigned char prefs,
|
||||
ops_bit_map_t * map)
|
||||
{
|
||||
return str_from_bitfield(prefs, map);
|
||||
}
|
||||
|
||||
/**
|
||||
* \ingroup Core_Print
|
||||
* returns set of descriptions of given Key Server Preferences
|
||||
* \param ss_key_server_prefs
|
||||
* \return NULL if cannot allocate memory or other error
|
||||
* \return pointer to structure, if no error
|
||||
*
|
||||
*/
|
||||
ops_text_t *
|
||||
ops_showall_ss_key_server_prefs(ops_ss_key_server_prefs_t ss_key_server_prefs)
|
||||
{
|
||||
ops_text_t *text = NULL;
|
||||
const char *str;
|
||||
int i = 0;
|
||||
unsigned char mask, bit;
|
||||
|
||||
text = malloc(sizeof(ops_text_t));
|
||||
if (!text)
|
||||
return NULL;
|
||||
|
||||
ops_text_init(text);
|
||||
|
||||
/* xxx - TBD: extend to handle multiple octets of bits - rachel */
|
||||
|
||||
for (i = 0, mask = 0x80; i < 8; i++, mask = mask >> 1) {
|
||||
bit = ss_key_server_prefs.data.contents[0] & mask;
|
||||
if (bit) {
|
||||
str = ops_show_ss_key_server_prefs(bit,
|
||||
&ss_key_server_prefs_map[0]);
|
||||
if (!add_str_from_bit_map(text, strdup(str), bit)) {
|
||||
ops_text_free(text);
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
}
|
||||
/*
|
||||
* xxx - must add error text if more than one octet. Only one
|
||||
* currently specified -- rachel
|
||||
*/
|
||||
return text;
|
||||
}
|
||||
|
||||
/**
|
||||
* \ingroup Core_Print
|
||||
*
|
||||
* returns set of descriptions of the given SS Notation Data Flags
|
||||
* \param ss_notation_data Signature Sub-Packet Notation Data
|
||||
* \return NULL if cannot allocate memory or other error
|
||||
* \return pointer to structure, if no error
|
||||
*/
|
||||
ops_text_t *
|
||||
ops_showall_ss_notation_data_flags(ops_ss_notation_data_t ss_notation_data)
|
||||
{
|
||||
return showall_octets_bits(&ss_notation_data.flags, ss_notation_data_map,
|
||||
OPS_ARRAY_SIZE(ss_notation_data_map));
|
||||
}
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue