RPM Package Manager, CVS Repository http://rpm5.org/cvs/ ____________________________________________________________________________
Server: rpm5.org Name: Jeff Johnson Root: /v/rpm/cvs Email: j...@rpm5.org Module: rpm Date: 12-May-2014 21:59:47 Branch: rpm-5_4 Handle: 2014051219594303 Modified files: (Branch: rpm-5_4) rpm CHANGES rpm/rpmio rpmssl.c Log: - ssl: ensure bit counts are correct. Summary: Revision Changes Path 1.3501.2.392+1 -0 rpm/CHANGES 2.42.2.11 +54 -70 rpm/rpmio/rpmssl.c ____________________________________________________________________________ patch -p0 <<'@@ .' Index: rpm/CHANGES ============================================================================ $ cvs diff -u -r1.3501.2.391 -r1.3501.2.392 CHANGES --- rpm/CHANGES 12 May 2014 19:57:18 -0000 1.3501.2.391 +++ rpm/CHANGES 12 May 2014 19:59:43 -0000 1.3501.2.392 @@ -1,4 +1,5 @@ 5.4.14 -> 5.4.15: + - jbj: ssl: ensure bit counts are correct. - jbj: nss: ensure bit counts are correct. - jbj: bc: stub in ECDSA parameters, ensure bit counts are correct. - jbj: ltc: add DSA2 support. @@ . patch -p0 <<'@@ .' Index: rpm/rpmio/rpmssl.c ============================================================================ $ cvs diff -u -r2.42.2.10 -r2.42.2.11 rpmssl.c --- rpm/rpmio/rpmssl.c 8 May 2014 23:01:11 -0000 2.42.2.10 +++ rpm/rpmio/rpmssl.c 12 May 2014 19:59:46 -0000 2.42.2.11 @@ -175,7 +175,7 @@ if (rc && sigp->signhash16[0] == 0 && sigp->signhash16[1] == 0) rc = 0; -SPEW(0, !rc, dig); +SPEW(0, !rc, dig); /* XXX don't spew on mismatch. */ return rc; } @@ -208,7 +208,7 @@ if (rc && sigp->signhash16[0] == 0 && sigp->signhash16[1] == 0) rc = 0; -SPEW(0, !rc, dig); +SPEW(0, !rc, dig); /* XXX don't spew on mismatch. */ return rc; } @@ -228,9 +228,13 @@ xx = rpmDigestFinal(ctx, (void **)&ssl->digest, &ssl->digestlen, 0); /* Compare leading 16 bits of digest for quick check. */ -rc = 0; + rc = memcmp(ssl->digest, sigp->signhash16, sizeof(sigp->signhash16)); + + /* XXX FIXME: avoid spurious "BAD" error msg while signing. */ + if (rc && sigp->signhash16[0] == 0 && sigp->signhash16[1] == 0) + rc = 0; -SPEW(rc, !rc, dig); +SPEW(0, !rc, dig); /* XXX don't spew on mismatch. */ return rc; } @@ -261,7 +265,7 @@ if (rc && sigp->signhash16[0] == 0 && sigp->signhash16[1] == 0) rc = 0; -SPEW(rc, !rc, dig); +SPEW(0, !rc, dig); /* XXX don't spew on mismatch. */ return rc; } @@ -480,6 +484,9 @@ static unsigned long _e = 0x10001; /* XXX RSA */ int rc = 0; /* assume failure */ pgpDigParams pubp = pgpGetPubkey(dig); +pgpDigParams sigp = pgpGetSignature(dig); +assert(pubp->pubkey_algo); +assert(sigp->hash_algo); assert(dig->pubkey_algoN); assert(dig->hash_algoN); @@ -523,17 +530,15 @@ case PGPPUBKEYALGO_ECDSA: #if !defined(OPENSSL_NO_ECDSA) /* XXX Set the no. of bits based on the digest being used. */ - if (ssl->nbits == 0) { - if (!strcasecmp(dig->hash_algoN, "SHA224")) - ssl->nbits = 224; - else if (!strcasecmp(dig->hash_algoN, "SHA256")) - ssl->nbits = 256; - else if (!strcasecmp(dig->hash_algoN, "SHA384")) - ssl->nbits = 384; - else if (!strcasecmp(dig->hash_algoN, "SHA512")) - ssl->nbits = 521; - else - ssl->nbits = 256; /* XXX default */ + if (ssl->nbits == 0) + switch (sigp->hash_algo) { + case PGPHASHALGO_MD5: ssl->nbits = 128; break; + case PGPHASHALGO_TIGER192: ssl->nbits = 192; break; + case PGPHASHALGO_SHA224: ssl->nbits = 224; break; + default: /* XXX default */ + case PGPHASHALGO_SHA256: ssl->nbits = 256; break; + case PGPHASHALGO_SHA384: ssl->nbits = 384; break; + case PGPHASHALGO_SHA512: ssl->nbits = 521; break; } assert(ssl->nbits); @@ -708,37 +713,6 @@ break; case 60: /* ECDSA curve OID */ #if !defined(OPENSSL_NO_ECDSA) -#ifdef DYING - /* XXX use EC_get_builtin_curves() and memcmp instead. */ - { const char * s = xstrdup(pgpHexStr(p, nb)); -#ifdef NOTYET - if (!strcasecmp(s, "2a8648ce3d030101")) { - ssl->nid = NID_X9_62_prime192v1; - ssl->nbits = 192; - } else - if (!strcasecmp(s, "2b81040021")) { - ssl->nid = NID_secp224r1; - ssl->nbits = 224; - } else -#endif - if (!strcasecmp(s, "2a8648ce3d030107")) { - ssl->nid = NID_X9_62_prime256v1; - ssl->nbits = 256; - } else - if (!strcasecmp(s, "2b81040022")) { - ssl->nid = NID_secp384r1; - ssl->nbits = 384; - } else -#ifdef NOTYET - if (!strcasecmp(s, "2b81040023")) { - ssl->nid = NID_secp521r1; - ssl->nbits = 512; - } else -#endif - ssl->nid = NID_X9_62_prime256v1; /* XXX FIXME */ - s = _free(s); - } -#else /* DYING */ ssl->nid = 0; { size_t nc = EC_get_builtin_curves(NULL, 100); EC_builtin_curve * c = alloca(nc * sizeof(*c)); @@ -762,7 +736,9 @@ ssl->nbits = 224; break; default: /* XXX default to NIST P-256 */ - ssl->curveN = xstrdup("prime256v1"); + ssl->curveN = _free(ssl->curveN); + ssl->curveN = xstrdup("nistp256"); + ssl->nid = NID_X9_62_prime256v1; case NID_X9_62_prime256v1: ssl->nbits = 256; break; @@ -774,20 +750,23 @@ break; } } -#endif /* DYING */ #else -fprintf(stderr, " OID[%4u]: %s\n", 8*nb, pgpHexStr(p, nb)); +fprintf(stderr, " OID[%4u]: %s\n", nb, pgpHexStr(p, nb)); + rc = 1; #endif /* !OPENSSL_NO_ECDSA */ break; case 61: /* ECDSA Q */ - mbits = ssl->nbits; - nb = 2 * (mbits+7)/8 + 1 + 2; + mbits = pgpMpiBits(p); + nb = pgpMpiLen(p); #if !defined(OPENSSL_NO_ECDSA) assert(ssl->nid); { EC_KEY * ec = EC_KEY_new_by_curve_name(ssl->nid); - const unsigned char *q = p+2; + const unsigned char *q; +assert(ec); + q = p+2; ec = o2i_ECPublicKey(&ec, &q, nb-2); +assert(ec); if (ssl->pkey) { if (ssl->pkey) @@ -799,7 +778,8 @@ xx = EVP_PKEY_assign_EC_KEY(ssl->pkey, ec); assert(xx); #else -fprintf(stderr, " Q[%4u]: %s\n", 8*(nb-2), pgpHexStr(p+2, nb-2)); +fprintf(stderr, " Q[%4u]: %s\n", mbits, pgpHexStr(p+2, nb-2)); + rc = 1; #endif /* !OPENSSL_NO_ECDSA */ } break; } @@ -816,6 +796,7 @@ /*@-moduncon@*/ if (ssl != NULL) { ssl->nbits = 0; + ssl->qbits = 0; ssl->err = 0; ssl->badok = 0; ssl->digest = _free(ssl->digest); @@ -1041,14 +1022,14 @@ RSA * rsa = EVP_PKEY_get0(ssl->pkey); bn = BN_num_bits(rsa->n); - bn += 7; bn &= ~7; *be++ = (bn >> 8); *be++ = (bn ); + bn += 7; bn &= ~7; xx = BN_bn2bin(rsa->n, be); be += bn/8; bn = BN_num_bits(rsa->e); - bn += 7; bn &= ~7; *be++ = (bn >> 8); *be++ = (bn ); + bn += 7; bn &= ~7; xx = BN_bn2bin(rsa->e, be); be += bn/8; } break; @@ -1057,26 +1038,26 @@ DSA * dsa = EVP_PKEY_get0(ssl->pkey); bn = BN_num_bits(dsa->p); - bn += 7; bn &= ~7; *be++ = (bn >> 8); *be++ = (bn ); + bn += 7; bn &= ~7; xx = BN_bn2bin(dsa->p, be); be += bn/8; bn = BN_num_bits(dsa->q); - bn += 7; bn &= ~7; *be++ = (bn >> 8); *be++ = (bn ); + bn += 7; bn &= ~7; xx = BN_bn2bin(dsa->q, be); be += bn/8; bn = BN_num_bits(dsa->g); - bn += 7; bn &= ~7; *be++ = (bn >> 8); *be++ = (bn ); + bn += 7; bn &= ~7; xx = BN_bn2bin(dsa->g, be); be += bn/8; bn = BN_num_bits(dsa->pub_key); - bn += 7; bn &= ~7; *be++ = (bn >> 8); *be++ = (bn ); + bn += 7; bn &= ~7; xx = BN_bn2bin(dsa->pub_key, be); be += bn/8; } break; @@ -1092,10 +1073,11 @@ be += o->length; /* Q */ + /* XXX uncompressed {x,y} starts with 0x04 (i.e. 5 leading zero bits) */ q = be+2; - bn = 8 * i2o_ECPublicKey(ec, &q); - bn += 7; bn &= ~7; + bn = 8 * i2o_ECPublicKey(ec, &q) - 5; *be++ = (bn >> 8); *be++ = (bn ); + bn += 7; bn &= ~7; be += bn/8; assert(be == q); @@ -1243,29 +1225,31 @@ assert(0); break; case PGPPUBKEYALGO_RSA: - bn = 8 * ssl->siglen; - bn += 7; bn &= ~7; + { BIGNUM * md = BN_bin2bn(ssl->sig, ssl->siglen, BN_new()); + bn = BN_num_bits(md); *be++ = (bn >> 8); *be++ = (bn ); - (void) memcpy(be, ssl->sig, ssl->siglen); + bn += 7; bn &= ~7; + xx = BN_bn2bin(md, be); be += bn/8; - break; + BN_free(md); + } break; case PGPPUBKEYALGO_DSA: assert(ssl->dsasig == NULL); q = ssl->sig; ssl->dsasig = d2i_DSA_SIG(NULL, &q, ssl->siglen); bn = BN_num_bits(ssl->dsasig->r); - bn += 7; bn &= ~7; *be++ = (bn >> 8); *be++ = (bn ); + bn += 7; bn &= ~7; xx = BN_bn2bin(ssl->dsasig->r, be); be += bn/8; bn = BN_num_bits(ssl->dsasig->s); - bn += 7; bn &= ~7; *be++ = (bn >> 8); *be++ = (bn ); + bn += 7; bn &= ~7; xx = BN_bn2bin(ssl->dsasig->s, be); be += bn/8; @@ -1278,16 +1262,16 @@ ssl->ecdsasig = d2i_ECDSA_SIG(NULL, &q, ssl->siglen); bn = BN_num_bits(ssl->ecdsasig->r); - bn += 7; bn &= ~7; *be++ = (bn >> 8); *be++ = (bn ); + bn += 7; bn &= ~7; xx = BN_bn2bin(ssl->ecdsasig->r, be); be += bn/8; bn = BN_num_bits(ssl->ecdsasig->s); - bn += 7; bn &= ~7; *be++ = (bn >> 8); *be++ = (bn ); + bn += 7; bn &= ~7; xx = BN_bn2bin(ssl->ecdsasig->s, be); be += bn/8; @@ . ______________________________________________________________________ RPM Package Manager http://rpm5.org CVS Sources Repository rpm-cvs@rpm5.org