diff options
author | Nikos Mavrogiannopoulos <nmav@crystal.(none)> | 2008-06-28 01:25:02 +0300 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@crystal.(none)> | 2008-06-28 01:25:02 +0300 |
commit | 95c55c0eb57484533f4dd72c10481c66a66a53f2 (patch) | |
tree | 3bc580f54abd1775b28415ae8e20aab4fe2baade /lib/opencdk/read-packet.c | |
parent | 0def0a1d7c28de6fd49995755de7b915cf701225 (diff) | |
download | gnutls-95c55c0eb57484533f4dd72c10481c66a66a53f2.tar.gz |
Initial merge attempt with gnutls_with_ext_mpi
Diffstat (limited to 'lib/opencdk/read-packet.c')
-rw-r--r-- | lib/opencdk/read-packet.c | 174 |
1 files changed, 35 insertions, 139 deletions
diff --git a/lib/opencdk/read-packet.c b/lib/opencdk/read-packet.c index e6dc8bffa1..4e47c63c1e 100644 --- a/lib/opencdk/read-packet.c +++ b/lib/opencdk/read-packet.c @@ -33,7 +33,7 @@ #include "main.h" #include "packet.h" #include "types.h" - +#include <gnutls_algorithms.h> /* The version of the MDC packet considering the lastest OpenPGP draft. */ #define MDC_PKT_VER 1 @@ -86,10 +86,10 @@ read_s2k (cdk_stream_t inp, cdk_s2k_t s2k) static cdk_error_t -read_mpi (cdk_stream_t inp, gcry_mpi_t *ret_m, int secure) +read_mpi (cdk_stream_t inp, bigint_t *ret_m, int secure) { - gcry_mpi_t m; - gcry_error_t err; + bigint_t m; + int err; byte buf[MAX_MPI_BYTES+2]; size_t nread, nbits; cdk_error_t rc; @@ -116,11 +116,11 @@ read_mpi (cdk_stream_t inp, gcry_mpi_t *ret_m, int secure) buf[0] = nbits >> 8; buf[1] = nbits >> 0; - err = gcry_mpi_scan (&m, GCRYMPI_FMT_PGP, buf, nread+2, &nread); - if (err) - return map_gcry_error (err); - if (secure) - gcry_mpi_set_flag (m, GCRYMPI_FLAG_SECURE); + nread+=2; + err = _gnutls_mpi_scan_pgp( &m, buf, nread); + if (err < 0) + return map_gnutls_error (err); + *ret_m = m; return rc; } @@ -163,98 +163,6 @@ _cdk_pkt_read_len (FILE *inp, size_t *ret_partial) static cdk_error_t -read_encrypted (cdk_stream_t inp, size_t pktlen, cdk_pkt_encrypted_t enc, - int is_partial, int is_mdc) -{ - if (!inp || !enc) - return CDK_Inv_Value; - - if (DEBUG_PKT) - _cdk_log_debug ("read_encrypted: %d octets\n", pktlen); - - if (is_mdc) - { - int version = cdk_stream_getc (inp); - if (version != MDC_PKT_VER) - return CDK_Inv_Packet; - enc->mdc_method = CDK_MD_SHA1; - pktlen--; - } - /* The packet must at least contain blocksize + 2 octets. */ - if (pktlen < 10) - return CDK_Inv_Packet; - if (is_partial) - _cdk_stream_set_blockmode (inp, pktlen); - enc->len = pktlen; - enc->buf = inp; - return 0; -} - - -static cdk_error_t -read_symkey_enc (cdk_stream_t inp, size_t pktlen, cdk_pkt_symkey_enc_t ske) -{ - cdk_s2k_t s2k; - size_t minlen; - size_t nread, nleft; - - if (!inp || !ske) - return CDK_Inv_Value; - - if (DEBUG_PKT) - _cdk_log_debug ("read_symkey_enc: %d octets\n", pktlen); - - ske->version = cdk_stream_getc (inp); - if (ske->version != 4 || cdk_stream_eof (inp)) - return CDK_Inv_Packet; - - s2k = ske->s2k = cdk_calloc (1, sizeof *ske->s2k); - if (!ske->s2k) - return CDK_Out_Of_Core; - - ske->cipher_algo = cdk_stream_getc (inp); - s2k->mode = cdk_stream_getc (inp); - switch (s2k->mode) - { - case CDK_S2K_SIMPLE : minlen = 0; break; - case CDK_S2K_SALTED : minlen = 8; break; - case CDK_S2K_ITERSALTED: minlen = 9; break; - - default: - /* Invalid S2K mode. */ - return CDK_Inv_Packet; - } - - s2k->hash_algo = cdk_stream_getc (inp); - if (s2k->mode == CDK_S2K_SALTED || s2k->mode == CDK_S2K_ITERSALTED) - { - if (stream_read (inp, s2k->salt, DIM (s2k->salt), &nread)) - return CDK_Inv_Packet; - if (nread != DIM (s2k->salt)) - return CDK_Inv_Packet; - - if (s2k->mode == CDK_S2K_ITERSALTED) - s2k->count = cdk_stream_getc (inp); - } - - ske->seskeylen = pktlen - 4 - minlen; - /* We check if there is an encrypted session key and if it fits into - the buffer. The maximal key length is 256-bit. */ - if (ske->seskeylen > DIM (ske->seskey)) - return CDK_Inv_Packet; - nleft = ske->seskeylen; - for (nread = 0; nread < ske->seskeylen; nread++) - { - ske->seskey[nread] = cdk_stream_getc (inp); - if (cdk_stream_eof (inp) && --nleft > 0) - return CDK_Inv_Packet; - } - - return 0; -} - - -static cdk_error_t read_pubkey_enc (cdk_stream_t inp, size_t pktlen, cdk_pkt_pubkey_enc_t pke) { size_t i, nenc; @@ -274,7 +182,7 @@ read_pubkey_enc (cdk_stream_t inp, size_t pktlen, cdk_pkt_pubkey_enc_t pke) pke->keyid[1] = read_32 (inp); if (!pke->keyid[0] && !pke->keyid[1]) pke->throw_keyid = 1; /* RFC2440 "speculative" keyID */ - pke->pubkey_algo = cdk_stream_getc (inp); + pke->pubkey_algo = _pgp_pub_algo_to_cdk(cdk_stream_getc (inp)); nenc = cdk_pk_get_nenc (pke->pubkey_algo); if (!nenc) return CDK_Inv_Algo; @@ -361,10 +269,11 @@ read_public_key (cdk_stream_t inp, size_t pktlen, cdk_pkt_pubkey_t pk) pk->expiredate = pk->timestamp + ndays * 86400L; } - pk->pubkey_algo = cdk_stream_getc (inp); + pk->pubkey_algo = _pgp_pub_algo_to_cdk(cdk_stream_getc (inp)); npkey = cdk_pk_get_npkey (pk->pubkey_algo); if (!npkey) { + gnutls_assert(); _cdk_log_debug ("invalid public key algorithm %d\n", pk->pubkey_algo); return CDK_Inv_Algo; } @@ -390,7 +299,6 @@ read_public_subkey (cdk_stream_t inp, size_t pktlen, cdk_pkt_pubkey_t pk) return read_public_key (inp, pktlen, pk); } - static cdk_error_t read_secret_key (cdk_stream_t inp, size_t pktlen, cdk_pkt_seckey_t sk) { @@ -414,15 +322,15 @@ read_secret_key (cdk_stream_t inp, size_t pktlen, cdk_pkt_seckey_t sk) if (sk->s2k_usage == 254 || sk->s2k_usage == 255) { sk->protect.sha1chk = (sk->s2k_usage == 254); - sk->protect.algo = cdk_stream_getc (inp); + sk->protect.algo = _pgp_cipher_to_gnutls(cdk_stream_getc (inp)); sk->protect.s2k = cdk_calloc (1, sizeof *sk->protect.s2k); if (!sk->protect.s2k) return CDK_Out_Of_Core; rc = read_s2k (inp, sk->protect.s2k); if (rc) return rc; - sk->protect.ivlen = gcry_cipher_get_algo_blklen (sk->protect.algo); - if (!sk->protect.ivlen) + sk->protect.ivlen = _gnutls_cipher_get_block_size (sk->protect.algo); + if (sk->protect.ivlen <= 0) return CDK_Inv_Packet; rc = stream_read (inp, sk->protect.iv, sk->protect.ivlen, &nread); if (rc) @@ -431,13 +339,15 @@ read_secret_key (cdk_stream_t inp, size_t pktlen, cdk_pkt_seckey_t sk) return CDK_Inv_Packet; } else - sk->protect.algo = sk->s2k_usage; - if (sk->protect.algo == GCRY_CIPHER_NONE) + sk->protect.algo = _pgp_cipher_to_gnutls(sk->s2k_usage); + if (sk->protect.algo == GNUTLS_CIPHER_NULL) { sk->csum = 0; nskey = cdk_pk_get_nskey (sk->pk->pubkey_algo); - if (!nskey) + if (!nskey) { + gnutls_assert(); return CDK_Inv_Algo; + } for (i = 0; i < nskey; i++) { rc = read_mpi (inp, &sk->mpi[i], 1); @@ -447,12 +357,14 @@ read_secret_key (cdk_stream_t inp, size_t pktlen, cdk_pkt_seckey_t sk) sk->csum = read_16 (inp); sk->is_protected = 0; } - else if (sk->pk->version < 4) + else if (sk->pk->version < 4) { /* The length of each multiprecision integer is stored in plaintext. */ nskey = cdk_pk_get_nskey (sk->pk->pubkey_algo); - if (!nskey) + if (!nskey) { + gnutls_assert(); return CDK_Inv_Algo; + } for (i = 0; i < nskey; i++) { rc = read_mpi (inp, &sk->mpi[i], 1); @@ -462,7 +374,7 @@ read_secret_key (cdk_stream_t inp, size_t pktlen, cdk_pkt_seckey_t sk) sk->csum = read_16 (inp); sk->is_protected = 1; } - else + else { /* We need to read the rest of the packet because we do not have any information how long the encrypted mpi's are */ @@ -477,8 +389,10 @@ read_secret_key (cdk_stream_t inp, size_t pktlen, cdk_pkt_seckey_t sk) if (stream_read (inp, sk->encdata, sk->enclen, &nread)) return CDK_Inv_Packet; nskey = cdk_pk_get_nskey (sk->pk->pubkey_algo); - if (!nskey) + if (!nskey) { + gnutls_assert(); return CDK_Inv_Algo; + } /* We mark each MPI entry with NULL to indicate a protected key. */ for (i = 0; i < nskey; i++) sk->mpi[i] = NULL; @@ -668,8 +582,8 @@ read_onepass_sig (cdk_stream_t inp, size_t pktlen, cdk_pkt_onepass_sig_t sig) if (sig->version != 3) return CDK_Inv_Packet_Ver; sig->sig_class = cdk_stream_getc (inp); - sig->digest_algo = cdk_stream_getc (inp); - sig->pubkey_algo = cdk_stream_getc (inp); + sig->digest_algo = _pgp_hash_algo_to_gnutls(cdk_stream_getc (inp)); + sig->pubkey_algo = _pgp_pub_algo_to_cdk(cdk_stream_getc (inp)); sig->keyid[0] = read_32 (inp); sig->keyid[1] = read_32 (inp); sig->last = cdk_stream_getc (inp); @@ -780,8 +694,8 @@ read_signature (cdk_stream_t inp, size_t pktlen, cdk_pkt_signature_t sig) sig->timestamp = read_32 (inp); sig->keyid[0] = read_32 (inp); sig->keyid[1] = read_32 (inp); - sig->pubkey_algo = cdk_stream_getc (inp); - sig->digest_algo = cdk_stream_getc (inp); + sig->pubkey_algo = _pgp_pub_algo_to_cdk(cdk_stream_getc (inp)); + sig->digest_algo = _pgp_hash_algo_to_gnutls(cdk_stream_getc (inp)); sig->digest_start[0] = cdk_stream_getc (inp); sig->digest_start[1] = cdk_stream_getc (inp); nsig = cdk_pk_get_nsig (sig->pubkey_algo); @@ -797,8 +711,8 @@ read_signature (cdk_stream_t inp, size_t pktlen, cdk_pkt_signature_t sig) else { sig->sig_class = cdk_stream_getc (inp); - sig->pubkey_algo = cdk_stream_getc (inp); - sig->digest_algo = cdk_stream_getc (inp); + sig->pubkey_algo = _pgp_pub_algo_to_cdk(cdk_stream_getc (inp)); + sig->digest_algo = _pgp_hash_algo_to_gnutls(cdk_stream_getc (inp)); sig->hashed_size = read_16 (inp); size = sig->hashed_size; sig->hashed = NULL; @@ -870,7 +784,7 @@ read_literal (cdk_stream_t inp, size_t pktlen, rc = stream_read (inp, pt->name, pt->namelen, &nread); if (rc) return rc; - if (nread != pt->namelen) + if ((int)nread != pt->namelen) return CDK_Inv_Packet; pt->name[pt->namelen] = '\0'; } @@ -970,7 +884,6 @@ skip_packet (cdk_stream_t inp, size_t pktlen) cdk_error_t cdk_pkt_read (cdk_stream_t inp, cdk_packet_t pkt) { - int use_mdc = 0; int ctb, is_newctb; int pkttype; size_t pktlen = 0, pktsize = 0, is_partial = 0; @@ -1098,23 +1011,6 @@ cdk_pkt_read (cdk_stream_t inp, cdk_packet_t pkt) rc = read_signature (inp, pktlen, pkt->pkt.signature); break; - case CDK_PKT_ENCRYPTED_MDC: - case CDK_PKT_ENCRYPTED: - pkt->pkt.encrypted = cdk_calloc (1, sizeof *pkt->pkt.encrypted); - if (!pkt->pkt.encrypted) - return CDK_Out_Of_Core; - use_mdc = (pkt->pkttype == CDK_PKT_ENCRYPTED_MDC) ? 1 : 0; - rc = read_encrypted (inp, pktlen, pkt->pkt.encrypted, - is_partial, use_mdc); - break; - - case CDK_PKT_SYMKEY_ENC: - pkt->pkt.symkey_enc = cdk_calloc (1, sizeof *pkt->pkt.symkey_enc); - if (!pkt->pkt.symkey_enc) - return CDK_Out_Of_Core; - rc = read_symkey_enc (inp, pktlen, pkt->pkt.symkey_enc); - break; - case CDK_PKT_PUBKEY_ENC: pkt->pkt.pubkey_enc = cdk_calloc (1, sizeof *pkt->pkt.pubkey_enc); if (!pkt->pkt.pubkey_enc) |