Module Name: src Committed By: agc Date: Wed May 6 07:01:43 UTC 2009
Modified Files: src/crypto/external/bsd/netpgp/dist/src/lib: create.c crypto.c keyring.c keyring_local.h misc.c openssl_crypto.c packet-print.c signature.c validate.c validate.h writer.c Log Message: More cosmetic changes, no functional differences. To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/netpgp/dist/src/lib/create.c \ src/crypto/external/bsd/netpgp/dist/src/lib/signature.c cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/netpgp/dist/src/lib/crypto.c \ src/crypto/external/bsd/netpgp/dist/src/lib/misc.c \ src/crypto/external/bsd/netpgp/dist/src/lib/writer.c cvs rdiff -u -r1.5 -r1.6 \ src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c \ src/crypto/external/bsd/netpgp/dist/src/lib/openssl_crypto.c \ src/crypto/external/bsd/netpgp/dist/src/lib/packet-print.c cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/netpgp/dist/src/lib/keyring_local.h \ src/crypto/external/bsd/netpgp/dist/src/lib/validate.h cvs rdiff -u -r1.6 -r1.7 \ src/crypto/external/bsd/netpgp/dist/src/lib/validate.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/crypto/external/bsd/netpgp/dist/src/lib/create.c diff -u src/crypto/external/bsd/netpgp/dist/src/lib/create.c:1.7 src/crypto/external/bsd/netpgp/dist/src/lib/create.c:1.8 --- src/crypto/external/bsd/netpgp/dist/src/lib/create.c:1.7 Wed May 6 03:02:03 2009 +++ src/crypto/external/bsd/netpgp/dist/src/lib/create.c Wed May 6 07:01:43 2009 @@ -466,7 +466,7 @@ __ops_writer_push_armoured(info, OPS_PGP_PUBLIC_KEY_BLOCK); } /* public key */ - rtn = __ops_write_struct_pubkey(&keydata->key.skey.pubkey, info); + rtn = __ops_write_struct_pubkey(&keydata->key.seckey.pubkey, info); if (rtn != true) { return rtn; } @@ -536,7 +536,7 @@ __ops_writer_push_armoured(info, OPS_PGP_PRIVATE_KEY_BLOCK); } /* public key */ - rtn = __ops_write_struct_seckey(&keydata->key.skey, passphrase, + rtn = __ops_write_struct_seckey(&keydata->key.seckey, passphrase, pplen, info); if (rtn != true) { return rtn; @@ -880,13 +880,13 @@ \brief implementation of EME-PKCS1-v1_5-ENCODE, as defined in OpenPGP RFC \param M \param mLen -\param pkey +\param pubkey \param EM \return true if OK; else false */ bool encode_m_buf(const unsigned char *M, size_t mLen, - const __ops_pubkey_t * pkey, + const __ops_pubkey_t * pubkey, unsigned char *EM) { unsigned int k; @@ -894,12 +894,12 @@ /* implementation of EME-PKCS1-v1_5-ENCODE, as defined in OpenPGP RFC */ - if (pkey->algorithm != OPS_PKA_RSA) { - (void) fprintf(stderr, "encode_m_buf: pkey algorithm\n"); + if (pubkey->algorithm != OPS_PKA_RSA) { + (void) fprintf(stderr, "encode_m_buf: pubkey algorithm\n"); return false; } - k = BN_num_bytes(pkey->key.rsa.n); + k = BN_num_bytes(pubkey->key.rsa.n); if (mLen > k - 11) { (void) fprintf(stderr, "encode_m_buf: message too long\n"); return false; @@ -983,12 +983,12 @@ } (void) fprintf(stderr, "\n"); } - if (key->key.pkey.algorithm != OPS_PKA_RSA) { + if (key->key.pubkey.algorithm != OPS_PKA_RSA) { (void) fprintf(stderr, - "__ops_create_pk_session_key: bad pkey algorithm\n"); + "__ops_create_pk_session_key: bad pubkey algorithm\n"); return NULL; } - session_key->algorithm = key->key.pkey.algorithm; + session_key->algorithm = key->key.pubkey.algorithm; /* \todo allow user to specify other algorithm */ session_key->symmetric_algorithm = OPS_SA_CAST5; @@ -1316,14 +1316,14 @@ /** \ingroup Core_WritePackets \brief Write a One Pass Signature packet -\param skey Secret Key to use +\param seckey Secret Key to use \param hash_alg Hash Algorithm to use \param sig_type Signature type \param info Write settings \return true if OK; else false */ bool -__ops_write_one_pass_sig(const __ops_seckey_t * skey, +__ops_write_one_pass_sig(const __ops_seckey_t * seckey, const __ops_hash_algorithm_t hash_alg, const __ops_sig_type_t sig_type, __ops_create_info_t * info) @@ -1333,14 +1333,14 @@ if (__ops_get_debug_level(__FILE__)) { fprintf(stderr, "calling __ops_keyid in write_one_pass_sig: this calls sha1_init\n"); } - __ops_keyid(keyid, OPS_KEY_ID_SIZE, OPS_KEY_ID_SIZE, &skey->pubkey); + __ops_keyid(keyid, OPS_KEY_ID_SIZE, OPS_KEY_ID_SIZE, &seckey->pubkey); return __ops_write_ptag(OPS_PTAG_CT_ONE_PASS_SIGNATURE, info) && __ops_write_length(1 + 1 + 1 + 1 + 8 + 1, info) && __ops_write_scalar(3, 1, info) /* version */ && __ops_write_scalar((unsigned)sig_type, 1, info) && __ops_write_scalar((unsigned)hash_alg, 1, info) && - __ops_write_scalar((unsigned)skey->pubkey.algorithm, 1, info) && + __ops_write_scalar((unsigned)seckey->pubkey.algorithm, 1, info) && __ops_write(keyid, 8, info) && __ops_write_scalar(1, 1, info); } Index: src/crypto/external/bsd/netpgp/dist/src/lib/signature.c diff -u src/crypto/external/bsd/netpgp/dist/src/lib/signature.c:1.7 src/crypto/external/bsd/netpgp/dist/src/lib/signature.c:1.8 --- src/crypto/external/bsd/netpgp/dist/src/lib/signature.c:1.7 Wed May 6 03:02:03 2009 +++ src/crypto/external/bsd/netpgp/dist/src/lib/signature.c Wed May 6 07:01:43 2009 @@ -727,10 +727,8 @@ /* XXX: refactor with check (in several ways - check should probably */ /* - * use the buffered writer to construct packets (done), and also - * should - */ - /* share code for hash calculation) */ + * use the buffered writer to construct packets (done), and + * also should share code for hash calculation) */ sig->sig.info.version = OPS_V4; sig->sig.info.key_algorithm = key->pubkey.algorithm; sig->sig.info.hash_algorithm = hash; @@ -818,7 +816,7 @@ * * \param sig * \param key - * \param skey + * \param seckey * \param info * */ @@ -826,18 +824,18 @@ bool __ops_write_sig(__ops_create_sig_t * sig, const __ops_pubkey_t *key, - const __ops_seckey_t *skey, + const __ops_seckey_t *seckey, __ops_create_info_t *info) { size_t l = __ops_memory_get_length(sig->mem); bool rtn = false; /* check key not decrypted */ - switch (skey->pubkey.algorithm) { + switch (seckey->pubkey.algorithm) { case OPS_PKA_RSA: case OPS_PKA_RSA_ENCRYPT_ONLY: case OPS_PKA_RSA_SIGN_ONLY: - if (skey->key.rsa.d == NULL) { + if (seckey->key.rsa.d == NULL) { (void) fprintf(stderr, "__ops_write_sig: null rsa.d\n"); return false; @@ -845,7 +843,7 @@ break; case OPS_PKA_DSA: - if (skey->key.dsa.x == NULL) { + if (seckey->key.dsa.x == NULL) { (void) fprintf(stderr, "__ops_write_sig: null dsa.x\n"); return false; @@ -854,7 +852,7 @@ default: (void) fprintf(stderr, "Unsupported algorithm %d\n", - skey->pubkey.algorithm); + seckey->pubkey.algorithm); return false; } @@ -887,20 +885,20 @@ } /* XXX: technically, we could figure out how big the signature is */ /* and write it directly to the output instead of via memory. */ - switch (skey->pubkey.algorithm) { + switch (seckey->pubkey.algorithm) { case OPS_PKA_RSA: case OPS_PKA_RSA_ENCRYPT_ONLY: case OPS_PKA_RSA_SIGN_ONLY: - rsa_sign(&sig->hash, &key->key.rsa, &skey->key.rsa, sig->info); + rsa_sign(&sig->hash, &key->key.rsa, &seckey->key.rsa, sig->info); break; case OPS_PKA_DSA: - dsa_sign(&sig->hash, &key->key.dsa, &skey->key.dsa, sig->info); + dsa_sign(&sig->hash, &key->key.dsa, &seckey->key.dsa, sig->info); break; default: (void) fprintf(stderr, "Unsupported algorithm %d\n", - skey->pubkey.algorithm); + seckey->pubkey.algorithm); return false; } @@ -1019,7 +1017,7 @@ \brief Sign a file with a Cleartext Signature \param input_filename Name of file to be signed \param output_filename Filename to be created. If NULL, filename will be constructed from the input_filename. - \param skey Secret Key to sign with + \param seckey Secret Key to sign with \param overwrite Allow output file to be overwritten, if set \return true if OK, else false @@ -1027,7 +1025,7 @@ bool __ops_sign_file_as_cleartext(const char *input_filename, const char *output_filename, - const __ops_seckey_t *skey, + const __ops_seckey_t *seckey, const bool overwrite) { /* \todo allow choice of hash algorithams */ @@ -1069,7 +1067,7 @@ return false; } /* \todo could add more error detection here */ - __ops_start_cleartext_sig(sig, skey, OPS_HASH_SHA1, + __ops_start_cleartext_sig(sig, seckey, OPS_HASH_SHA1, OPS_SIG_BINARY); if (__ops_writer_push_clearsigned(cinfo, sig) != true) { return false; @@ -1101,11 +1099,11 @@ __ops_teardown_file_write(cinfo, fd_out); return false; } - __ops_keyid(keyid, OPS_KEY_ID_SIZE, OPS_KEY_ID_SIZE, &skey->pubkey); + __ops_keyid(keyid, OPS_KEY_ID_SIZE, OPS_KEY_ID_SIZE, &seckey->pubkey); rtn = __ops_sig_add_issuer_key_id(sig, keyid) && __ops_sig_hashed_subpackets_end(sig) && - __ops_write_sig(sig, &skey->pubkey, skey, cinfo); + __ops_write_sig(sig, &seckey->pubkey, seckey, cinfo); __ops_teardown_file_write(cinfo, fd_out); @@ -1124,7 +1122,7 @@ * \param cleartext Text to be signed * \param len Length of text * \param signed_cleartext __ops_memory_t struct in which to write the signed cleartext - * \param skey Secret key with which to sign the cleartext + * \param seckey Secret key with which to sign the cleartext * \return true if OK; else false * \note It is the calling function's responsibility to free signed_cleartext @@ -1135,7 +1133,7 @@ __ops_sign_buf_as_cleartext(const char *cleartext, const size_t len, __ops_memory_t **signed_cleartext, - const __ops_seckey_t *skey) + const __ops_seckey_t *seckey) { bool rtn = false; unsigned char keyid[OPS_KEY_ID_SIZE]; @@ -1157,7 +1155,7 @@ return false; } /* \todo could add more error detection here */ - __ops_start_cleartext_sig(sig, skey, OPS_HASH_SHA1, OPS_SIG_BINARY); + __ops_start_cleartext_sig(sig, seckey, OPS_HASH_SHA1, OPS_SIG_BINARY); /* set up output file */ __ops_setup_memory_write(&cinfo, signed_cleartext, len); @@ -1174,11 +1172,11 @@ if (rtn == false) { return false; } - __ops_keyid(keyid, OPS_KEY_ID_SIZE, OPS_KEY_ID_SIZE, &skey->pubkey); + __ops_keyid(keyid, OPS_KEY_ID_SIZE, OPS_KEY_ID_SIZE, &seckey->pubkey); rtn = __ops_sig_add_issuer_key_id(sig, keyid) && __ops_sig_hashed_subpackets_end(sig) && - __ops_write_sig(sig, &skey->pubkey, skey, cinfo) && + __ops_write_sig(sig, &seckey->pubkey, seckey, cinfo) && __ops_writer_close(cinfo); /* Note: the calling function must free signed_cleartext */ @@ -1193,14 +1191,14 @@ \brief Sign a file \param input_filename Input filename \param output_filename Output filename. If NULL, a name is constructed from the input filename. -\param skey Secret Key to use for signing +\param seckey Secret Key to use for signing \param use_armour Write armoured text, if set. \param overwrite May overwrite existing file, if set. \return true if OK; else false; */ bool -__ops_sign_file(const char *input_filename, const char *output_filename, const __ops_seckey_t * skey, const bool use_armour, const bool overwrite) +__ops_sign_file(const char *input_filename, const char *output_filename, const __ops_seckey_t * seckey, const bool use_armour, const bool overwrite) { /* \todo allow choice of hash algorithams */ /* enforce use of SHA1 for now */ @@ -1231,7 +1229,7 @@ /* set up signature */ sig = __ops_create_sig_new(); - __ops_start_msg_sig(sig, skey, hash_alg, sig_type); + __ops_start_msg_sig(sig, seckey, hash_alg, sig_type); /* set armoured/not armoured here */ if (use_armour) { @@ -1242,7 +1240,7 @@ fprintf(stderr, "** Writing out one pass sig\n"); } /* write one_pass_sig */ - __ops_write_one_pass_sig(skey, hash_alg, sig_type, cinfo); + __ops_write_one_pass_sig(seckey, hash_alg, sig_type, cinfo); /* hash file contents */ hash = __ops_sig_get_hash(sig); @@ -1267,13 +1265,13 @@ __ops_sig_add_birthtime(sig, time(NULL)); - __ops_keyid(keyid, OPS_KEY_ID_SIZE, OPS_KEY_ID_SIZE, &skey->pubkey); + __ops_keyid(keyid, OPS_KEY_ID_SIZE, OPS_KEY_ID_SIZE, &seckey->pubkey); __ops_sig_add_issuer_key_id(sig, keyid); __ops_sig_hashed_subpackets_end(sig); /* write out sig */ - __ops_write_sig(sig, &skey->pubkey, skey, cinfo); + __ops_write_sig(sig, &seckey->pubkey, seckey, cinfo); __ops_teardown_file_write(cinfo, fd_out); @@ -1292,7 +1290,7 @@ \param input Input text to be signed \param input_len Length of input text \param sig_type Signature type -\param skey Secret Key +\param seckey Secret Key \param use_armour Write armoured text, if set \return New __ops_memory_t struct containing signed text \note It is the caller's responsibility to call __ops_memory_free(me) @@ -1302,7 +1300,7 @@ __ops_sign_buf(const void *input, const size_t input_len, const __ops_sig_type_t sig_type, - const __ops_seckey_t * skey, + const __ops_seckey_t * seckey, const bool use_armour) { /* \todo allow choice of hash algorithams */ @@ -1322,7 +1320,7 @@ /* set up signature */ sig = __ops_create_sig_new(); - __ops_start_msg_sig(sig, skey, hash_alg, sig_type); + __ops_start_msg_sig(sig, seckey, hash_alg, sig_type); /* setup writer */ __ops_setup_memory_write(&cinfo, &mem, input_len); @@ -1336,7 +1334,7 @@ fprintf(stderr, "** Writing out one pass sig\n"); } /* write one_pass_sig */ - __ops_write_one_pass_sig(skey, hash_alg, sig_type, cinfo); + __ops_write_one_pass_sig(seckey, hash_alg, sig_type, cinfo); /* hash file contents */ hash = __ops_sig_get_hash(sig); @@ -1358,13 +1356,13 @@ __ops_sig_add_birthtime(sig, time(NULL)); - __ops_keyid(keyid, OPS_KEY_ID_SIZE, OPS_KEY_ID_SIZE, &skey->pubkey); + __ops_keyid(keyid, OPS_KEY_ID_SIZE, OPS_KEY_ID_SIZE, &seckey->pubkey); __ops_sig_add_issuer_key_id(sig, keyid); __ops_sig_hashed_subpackets_end(sig); /* write out sig */ - __ops_write_sig(sig, &skey->pubkey, skey, cinfo); + __ops_write_sig(sig, &seckey->pubkey, seckey, cinfo); /* tidy up */ __ops_writer_close(cinfo); Index: src/crypto/external/bsd/netpgp/dist/src/lib/crypto.c diff -u src/crypto/external/bsd/netpgp/dist/src/lib/crypto.c:1.4 src/crypto/external/bsd/netpgp/dist/src/lib/crypto.c:1.5 --- src/crypto/external/bsd/netpgp/dist/src/lib/crypto.c:1.4 Wed May 6 03:02:03 2009 +++ src/crypto/external/bsd/netpgp/dist/src/lib/crypto.c Wed May 6 07:01:43 2009 @@ -43,7 +43,7 @@ \param buf Buffer in which to write decrypted unencoded MPI \param buflen Length of buffer \param encmpi -\param skey +\param seckey \return length of MPI \note only RSA at present */ @@ -51,7 +51,7 @@ __ops_decrypt_and_unencode_mpi(unsigned char *buf, unsigned buflen, const BIGNUM * encmpi, - const __ops_seckey_t *skey) + const __ops_seckey_t *seckey) { unsigned char encmpibuf[NETPGP_BUFSIZ]; unsigned char mpibuf[NETPGP_BUFSIZ]; @@ -67,7 +67,7 @@ } BN_bn2bin(encmpi, encmpibuf); - if (skey->pubkey.algorithm != OPS_PKA_RSA) { + if (seckey->pubkey.algorithm != OPS_PKA_RSA) { (void) fprintf(stderr, "pubkey algorithm wrong\n"); return -1; } @@ -82,7 +82,7 @@ } n = __ops_rsa_private_decrypt(mpibuf, encmpibuf, (unsigned)(BN_num_bits(encmpi) + 7) / 8, - &skey->key.rsa, &skey->pubkey.key.rsa); + &seckey->key.rsa, &seckey->pubkey.key.rsa); if (n == -1) { (void) fprintf(stderr, "ops_rsa_private_decrypt failure\n"); return -1; @@ -144,20 +144,20 @@ bool __ops_rsa_encrypt_mpi(const unsigned char *encoded_m_buf, const size_t sz_encoded_m_buf, - const __ops_pubkey_t * pkey, + const __ops_pubkey_t * pubkey, __ops_pk_session_key_parameters_t * skp) { unsigned char encmpibuf[NETPGP_BUFSIZ]; int n = 0; - if (sz_encoded_m_buf != (size_t) BN_num_bytes(pkey->key.rsa.n)) { + if (sz_encoded_m_buf != (size_t) BN_num_bytes(pubkey->key.rsa.n)) { (void) fprintf(stderr, "sz_encoded_m_buf wrong\n"); return false; } n = __ops_rsa_public_encrypt(encmpibuf, encoded_m_buf, - sz_encoded_m_buf, &pkey->key.rsa); + sz_encoded_m_buf, &pubkey->key.rsa); if (n == -1) { (void) fprintf(stderr, "__ops_rsa_public_encrypt failure\n"); return false; Index: src/crypto/external/bsd/netpgp/dist/src/lib/misc.c diff -u src/crypto/external/bsd/netpgp/dist/src/lib/misc.c:1.4 src/crypto/external/bsd/netpgp/dist/src/lib/misc.c:1.5 --- src/crypto/external/bsd/netpgp/dist/src/lib/misc.c:1.4 Wed May 6 03:02:03 2009 +++ src/crypto/external/bsd/netpgp/dist/src/lib/misc.c Wed May 6 07:01:43 2009 @@ -68,7 +68,7 @@ const __ops_parser_content_union_t *content = &pkt->u; __ops_keyring_t *keyring = accumulate->keyring; __ops_keydata_t *cur = NULL; - const __ops_pubkey_t *pkey; + const __ops_pubkey_t *pubkey; if (keyring->nkeys >= 0) cur = &keyring->keys[keyring->nkeys]; @@ -84,23 +84,23 @@ EXPAND_ARRAY(keyring, keys); if (pkt->tag == OPS_PTAG_CT_PUBLIC_KEY) - pkey = &content->pubkey; + pubkey = &content->pubkey; else - pkey = &content->seckey.pubkey; + pubkey = &content->seckey.pubkey; (void) memset(&keyring->keys[keyring->nkeys], 0x0, sizeof(keyring->keys[keyring->nkeys])); __ops_keyid(keyring->keys[keyring->nkeys].key_id, - OPS_KEY_ID_SIZE, OPS_KEY_ID_SIZE, pkey); - __ops_fingerprint(&keyring->keys[keyring->nkeys].fingerprint, pkey); + OPS_KEY_ID_SIZE, OPS_KEY_ID_SIZE, pubkey); + __ops_fingerprint(&keyring->keys[keyring->nkeys].fingerprint, pubkey); keyring->keys[keyring->nkeys].type = pkt->tag; if (pkt->tag == OPS_PTAG_CT_PUBLIC_KEY) - keyring->keys[keyring->nkeys].key.pkey = *pkey; + keyring->keys[keyring->nkeys].key.pubkey = *pubkey; else - keyring->keys[keyring->nkeys].key.skey = content->seckey; + keyring->keys[keyring->nkeys].key.seckey = content->seckey; return OPS_KEEP_MEMORY; case OPS_PTAG_CT_USER_ID: Index: src/crypto/external/bsd/netpgp/dist/src/lib/writer.c diff -u src/crypto/external/bsd/netpgp/dist/src/lib/writer.c:1.4 src/crypto/external/bsd/netpgp/dist/src/lib/writer.c:1.5 --- src/crypto/external/bsd/netpgp/dist/src/lib/writer.c:1.4 Wed May 6 03:02:03 2009 +++ src/crypto/external/bsd/netpgp/dist/src/lib/writer.c Wed May 6 07:01:43 2009 @@ -303,7 +303,6 @@ bool ret = writer_info_finalise(&info->errors, &info->winfo); writer_info_delete(&info->winfo); - return ret; } @@ -350,7 +349,7 @@ void __ops_writer_generic_destroyer(__ops_writer_info_t * winfo) { - free(__ops_writer_get_arg(winfo)); + (void) free(__ops_writer_get_arg(winfo)); } /** @@ -454,7 +453,7 @@ dash_escaped_t *dash = __ops_writer_get_arg(winfo); __ops_memory_free(dash->trailing); - free(dash); + (void) free(dash); } /** @@ -467,10 +466,10 @@ __ops_writer_push_clearsigned(__ops_create_info_t * info, __ops_create_sig_t * sig) { - static char header[] = "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: "; + static const char header[] = + "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: "; const char *hash = __ops_text_from_hash(__ops_sig_get_hash(sig)); dash_escaped_t *dash = calloc(1, sizeof(*dash)); - bool rtn; rtn = (__ops_write(header, sizeof(header) - 1, info) && @@ -478,14 +477,16 @@ __ops_write("\r\n\r\n", 4, info)); if (rtn == false) { - OPS_ERROR(&info->errors, OPS_E_W, "Error pushing clearsigned header"); + OPS_ERROR(&info->errors, OPS_E_W, + "Error pushing clearsigned header"); free(dash); return rtn; } dash->seen_nl = true; dash->sig = sig; dash->trailing = __ops_memory_new(); - __ops_writer_push(info, dash_escaped_writer, NULL, dash_escaped_destroyer, dash); + __ops_writer_push(info, dash_escaped_writer, NULL, + dash_escaped_destroyer, dash); return rtn; } @@ -499,7 +500,7 @@ unsigned checksum; } base64_t; -static char b64map[] = +static const char b64map[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; static bool @@ -514,7 +515,8 @@ base64->checksum = __ops_crc24(base64->checksum, src[n]); if (base64->pos == 0) { /* XXXXXX00 00000000 00000000 */ - if (!__ops_stacked_write(&b64map[(unsigned)src[n] >> 2], 1, errors, winfo)) { + if (!__ops_stacked_write(&b64map[(unsigned)src[n] >> 2], + 1, errors, winfo)) { return false; } @@ -524,7 +526,8 @@ } else if (base64->pos == 1) { /* 000000xx XXXX0000 00000000 */ base64->t += (unsigned)src[n] >> 4; - if (!__ops_stacked_write(&b64map[base64->t], 1, errors, winfo)) { + if (!__ops_stacked_write(&b64map[base64->t], 1, + errors, winfo)) { return false; } @@ -534,12 +537,14 @@ } else if (base64->pos == 2) { /* 00000000 0000xxxx XX000000 */ base64->t += (unsigned)src[n] >> 6; - if (!__ops_stacked_write(&b64map[base64->t], 1, errors, winfo)) { + if (!__ops_stacked_write(&b64map[base64->t], 1, + errors, winfo)) { return false; } /* 00000000 00000000 00XXXXXX */ - if (!__ops_stacked_write(&b64map[src[n++] & 0x3f], 1, errors, winfo)) { + if (!__ops_stacked_write(&b64map[src[n++] & 0x3f], 1, + errors, winfo)) { return false; } @@ -555,17 +560,20 @@ __ops_writer_info_t * winfo) { base64_t *base64 = __ops_writer_get_arg(winfo); - static char trailer[] = "\r\n-----END PGP SIGNATURE-----\r\n"; + static const char trailer[] = "\r\n-----END PGP SIGNATURE-----\r\n"; unsigned char c[3]; if (base64->pos) { - if (!__ops_stacked_write(&b64map[base64->t], 1, errors, winfo)) { + if (!__ops_stacked_write(&b64map[base64->t], 1, errors, + winfo)) { return false; } - if (base64->pos == 1 && !__ops_stacked_write("==", 2, errors, winfo)) { + if (base64->pos == 1 && !__ops_stacked_write("==", 2, errors, + winfo)) { return false; } - if (base64->pos == 2 && !__ops_stacked_write("=", 1, errors, winfo)) { + if (base64->pos == 2 && !__ops_stacked_write("=", 1, errors, + winfo)) { return false; } } @@ -633,17 +641,20 @@ __ops_writer_use_armored_sig(__ops_create_info_t * info) { static const char header[] = -"\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: " NETPGP_VERSION_STRING "\r\n\r\n"; + "\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: " + NETPGP_VERSION_STRING + "\r\n\r\n"; base64_t *base64; __ops_writer_pop(info); if (__ops_write(header, sizeof(header) - 1, info) == false) { - OPS_ERROR(&info->errors, OPS_E_W, "Error switching to armoured signature"); + OPS_ERROR(&info->errors, OPS_E_W, + "Error switching to armoured signature"); return false; } - __ops_writer_push(info, linebreak_writer, NULL, __ops_writer_generic_destroyer, + __ops_writer_push(info, linebreak_writer, NULL, + __ops_writer_generic_destroyer, calloc(1, sizeof(linebreak_t))); - base64 = calloc(1, sizeof(*base64)); if (!base64) { OPS_MEMORY_ERROR(&info->errors); @@ -661,17 +672,20 @@ { /* TODO: This is same as sig_finaliser apart from trailer. */ base64_t *base64 = __ops_writer_get_arg(winfo); - static char trailer[] = "\r\n-----END PGP MESSAGE-----\r\n"; + static const char trailer[] = "\r\n-----END PGP MESSAGE-----\r\n"; unsigned char c[3]; if (base64->pos) { - if (!__ops_stacked_write(&b64map[base64->t], 1, errors, winfo)) { + if (!__ops_stacked_write(&b64map[base64->t], 1, errors, + winfo)) { return false; } - if (base64->pos == 1 && !__ops_stacked_write("==", 2, errors, winfo)) { + if (base64->pos == 1 && !__ops_stacked_write("==", 2, errors, + winfo)) { return false; } - if (base64->pos == 2 && !__ops_stacked_write("=", 1, errors, winfo)) { + if (base64->pos == 2 && !__ops_stacked_write("=", 1, errors, + winfo)) { return false; } } @@ -701,25 +715,26 @@ void __ops_writer_push_armoured_message(__ops_create_info_t * info) { - static char header[] = "-----BEGIN PGP MESSAGE-----\r\n"; - + static const char header[] = "-----BEGIN PGP MESSAGE-----\r\n"; base64_t *base64; __ops_write(header, sizeof(header) - 1, info); __ops_write("\r\n", 2, info); base64 = calloc(1, sizeof(*base64)); base64->checksum = CRC24_INIT; - __ops_writer_push(info, base64_writer, armoured_message_finaliser, __ops_writer_generic_destroyer, base64); + __ops_writer_push(info, base64_writer, armoured_message_finaliser, + __ops_writer_generic_destroyer, base64); } static bool armoured_finaliser(__ops_armor_type_t type, __ops_error_t ** errors, __ops_writer_info_t * winfo) { - static char tail_pubkey[] = "\r\n-----END PGP PUBLIC KEY BLOCK-----\r\n"; - static char tail_private_key[] = "\r\n-----END PGP PRIVATE KEY BLOCK-----\r\n"; - - char *tail = NULL; + static const char tail_pubkey[] = + "\r\n-----END PGP PUBLIC KEY BLOCK-----\r\n"; + static const char tail_private_key[] = + "\r\n-----END PGP PRIVATE KEY BLOCK-----\r\n"; + const char *tail = NULL; unsigned int sz_tail = 0; base64_t *base64; unsigned char c[3]; @@ -743,13 +758,16 @@ base64 = __ops_writer_get_arg(winfo); if (base64->pos) { - if (!__ops_stacked_write(&b64map[base64->t], 1, errors, winfo)) { + if (!__ops_stacked_write(&b64map[base64->t], 1, errors, + winfo)) { return false; } - if (base64->pos == 1 && !__ops_stacked_write("==", 2, errors, winfo)) { + if (base64->pos == 1 && !__ops_stacked_write("==", 2, errors, + winfo)) { return false; } - if (base64->pos == 2 && !__ops_stacked_write("=", 1, errors, winfo)) { + if (base64->pos == 2 && !__ops_stacked_write("=", 1, errors, + winfo)) { return false; } } @@ -794,10 +812,13 @@ __ops_writer_push_armoured(__ops_create_info_t * info, __ops_armor_type_t type) { static char hdr_pubkey[] = -"-----BEGIN PGP PUBLIC KEY BLOCK-----\r\nVersion: " NETPGP_VERSION_STRING "\r\n\r\n"; + "-----BEGIN PGP PUBLIC KEY BLOCK-----\r\nVersion: " + NETPGP_VERSION_STRING + "\r\n\r\n"; static char hdr_private_key[] = -"-----BEGIN PGP PRIVATE KEY BLOCK-----\r\nVersion: " NETPGP_VERSION_STRING "\r\n\r\n"; - + "-----BEGIN PGP PRIVATE KEY BLOCK-----\r\nVersion: " + NETPGP_VERSION_STRING + "\r\n\r\n"; char *header = NULL; unsigned int sz_hdr = 0; bool(*finaliser) (__ops_error_t ** errors, __ops_writer_info_t * winfo); @@ -870,7 +891,8 @@ unsigned len = remaining < BUFSZ ? remaining : BUFSZ; /* memcpy(buf,src,len); // \todo copy needed here? */ - pgp_encrypt->crypt->cfb_encrypt(pgp_encrypt->crypt, encbuf, src + done, len); + pgp_encrypt->crypt->cfb_encrypt(pgp_encrypt->crypt, encbuf, + src + done, len); if (__ops_get_debug_level(__FILE__)) { int i = 0; @@ -888,7 +910,8 @@ } if (!__ops_stacked_write(encbuf, len, errors, winfo)) { if (__ops_get_debug_level(__FILE__)) { - fprintf(stderr, "encrypted_writer got error from stacked write, returning\n"); + fprintf(stderr, +"encrypted_writer got error from stacked write, returning\n"); } return false; } @@ -929,8 +952,8 @@ pgp_encrypt->free_crypt = 0; /* And push writer on stack */ - __ops_writer_push(cinfo, encrypt_writer, NULL, encrypt_destroyer, pgp_encrypt); - + __ops_writer_push(cinfo, encrypt_writer, NULL, encrypt_destroyer, + pgp_encrypt); } /**************************************************************************/ @@ -969,7 +992,8 @@ /* Setup the se_ip */ encrypted = calloc(1, sizeof(*encrypted)); - __ops_crypt_any(encrypted, encrypted_pk_session_key->symmetric_algorithm); + __ops_crypt_any(encrypted, + encrypted_pk_session_key->symmetric_algorithm); iv = calloc(1, encrypted->blocksize); encrypted->set_iv(encrypted, iv); encrypted->set_key(encrypted, &encrypted_pk_session_key->key[0]); @@ -978,7 +1002,8 @@ se_ip->crypt = encrypted; /* And push writer on stack */ - __ops_writer_push(cinfo, encrypt_se_ip_writer, NULL, encrypt_se_ip_destroyer, se_ip); + __ops_writer_push(cinfo, encrypt_se_ip_writer, NULL, + encrypt_se_ip_destroyer, se_ip); /* tidy up */ free(encrypted_pk_session_key); free(iv); @@ -1122,15 +1147,17 @@ if (!__ops_write(preamble, sz_preamble, cinfo) || !__ops_write(data, len, cinfo) || - !__ops_write(__ops_memory_get_data(mem_mdc), __ops_memory_get_length(mem_mdc), cinfo)) + !__ops_write(__ops_memory_get_data(mem_mdc), + __ops_memory_get_length(mem_mdc), cinfo)) { /* \todo fix cleanup here and in old code functions */ return 0; + } __ops_writer_pop(cinfo); /* cleanup */ __ops_teardown_memory_write(cinfo_mdc, mem_mdc); - free(preamble); + (void) free(preamble); return 1; } @@ -1265,24 +1292,25 @@ /** \ingroup Core_WritersNext \param cinfo -\param skey +\param seckey */ void -__ops_push_skey_checksum_writer(__ops_create_info_t * cinfo, __ops_seckey_t * skey) +__ops_push_skey_checksum_writer(__ops_create_info_t *cinfo, + __ops_seckey_t *seckey) { - /* OPS_USED(info); */ /* XXX: push a SHA-1 checksum writer (and change s2k to 254). */ skey_checksum_t *sum = calloc(1, sizeof(*sum)); /* configure the arg */ - sum->hash_algorithm = skey->hash_algorithm; - sum->hashed = &skey->checkhash[0]; + sum->hash_algorithm = seckey->hash_algorithm; + sum->hashed = &seckey->checkhash[0]; /* init the hash */ __ops_hash_any(&sum->hash, sum->hash_algorithm); sum->hash.init(&sum->hash); - __ops_writer_push(cinfo, skey_checksum_writer, skey_checksum_finaliser, skey_checksum_destroyer, sum); + __ops_writer_push(cinfo, skey_checksum_writer, + skey_checksum_finaliser, skey_checksum_destroyer, sum); } /**************************************************************************/ @@ -1337,7 +1365,8 @@ /* Setup the se_ip */ encrypted = calloc(1, sizeof(*encrypted)); - __ops_crypt_any(encrypted, encrypted_pk_session_key->symmetric_algorithm); + __ops_crypt_any(encrypted, + encrypted_pk_session_key->symmetric_algorithm); iv = calloc(1, encrypted->blocksize); encrypted->set_iv(encrypted, iv); encrypted->set_key(encrypted, &encrypted_pk_session_key->key[0]); @@ -1351,7 +1380,8 @@ se_ip->mem_literal = NULL; se_ip->cinfo_literal = NULL; - __ops_setup_memory_write(&se_ip->cinfo_se_ip, &se_ip->mem_se_ip, bufsz); + __ops_setup_memory_write(&se_ip->cinfo_se_ip, &se_ip->mem_se_ip, + bufsz); /* And push writer on stack */ __ops_writer_push(cinfo, @@ -1371,7 +1401,8 @@ unsigned int mask = MAX_PARTIAL_DATA_LENGTH; if (len == 0) { - (void) fprintf(stderr, "__ops_calc_partial_data_length: 0 len\n"); + (void) fprintf(stderr, + "__ops_calc_partial_data_length: 0 len\n"); return 0; } if (len > MAX_PARTIAL_DATA_LENGTH) { @@ -1512,8 +1543,10 @@ __ops_writer_push_encrypt_crypt(cinfo, se_ip->crypt); __ops_random(preamble, se_ip->crypt->blocksize); - preamble[se_ip->crypt->blocksize] = preamble[se_ip->crypt->blocksize - 2]; - preamble[se_ip->crypt->blocksize + 1] = preamble[se_ip->crypt->blocksize - 1]; + preamble[se_ip->crypt->blocksize] = + preamble[se_ip->crypt->blocksize - 2]; + preamble[se_ip->crypt->blocksize + 1] = + preamble[se_ip->crypt->blocksize - 1]; __ops_hash_any(&se_ip->hash, OPS_HASH_SHA1); se_ip->hash.init(&se_ip->hash); @@ -1572,7 +1605,8 @@ __ops_writer_push_encrypt_crypt(cinfo, se_ip->crypt); __ops_write(data, len, cinfo); - __ops_write(__ops_memory_get_data(mem_mdc), __ops_memory_get_length(mem_mdc), cinfo); + __ops_write(__ops_memory_get_data(mem_mdc), + __ops_memory_get_length(mem_mdc), cinfo); __ops_writer_pop(cinfo); @@ -1603,20 +1637,24 @@ return true; /* will wait for more data or * end of stream */ } - __ops_setup_memory_write(&se_ip->cinfo_literal, &se_ip->mem_literal, datalength + 32); - __ops_stream_write_litdata_first(__ops_memory_get_data(se_ip->mem_data), - datalength, - OPS_LDT_BINARY, - se_ip->cinfo_literal); - - __ops_stream_write_se_ip_first(__ops_memory_get_data(se_ip->mem_literal), - __ops_memory_get_length(se_ip->mem_literal), - se_ip, se_ip->cinfo_se_ip); + __ops_setup_memory_write(&se_ip->cinfo_literal, + &se_ip->mem_literal, datalength + 32); + __ops_stream_write_litdata_first( + __ops_memory_get_data(se_ip->mem_data), + datalength, + OPS_LDT_BINARY, + se_ip->cinfo_literal); + + __ops_stream_write_se_ip_first( + __ops_memory_get_data(se_ip->mem_literal), + __ops_memory_get_length(se_ip->mem_literal), + se_ip, se_ip->cinfo_se_ip); } else { __ops_stream_write_litdata(src, length, se_ip->cinfo_literal); - __ops_stream_write_se_ip(__ops_memory_get_data(se_ip->mem_literal), - __ops_memory_get_length(se_ip->mem_literal), - se_ip, se_ip->cinfo_se_ip); + __ops_stream_write_se_ip( + __ops_memory_get_data(se_ip->mem_literal), + __ops_memory_get_length(se_ip->mem_literal), + se_ip, se_ip->cinfo_se_ip); } /* now write memory to next writer */ @@ -1652,16 +1690,18 @@ se_ip->cinfo_literal); /* create SE IP packet set from this literal data */ - __ops_write_se_ip_pktset(__ops_memory_get_data(se_ip->mem_literal), - __ops_memory_get_length(se_ip->mem_literal), - se_ip->crypt, se_ip->cinfo_se_ip); + __ops_write_se_ip_pktset( + __ops_memory_get_data(se_ip->mem_literal), + __ops_memory_get_length(se_ip->mem_literal), + se_ip->crypt, se_ip->cinfo_se_ip); } else { /* finish writing */ __ops_stream_write_litdata_last(NULL, 0, se_ip->cinfo_literal); - __ops_stream_write_se_ip_last(__ops_memory_get_data(se_ip->mem_literal), - __ops_memory_get_length(se_ip->mem_literal), - se_ip, se_ip->cinfo_se_ip); + __ops_stream_write_se_ip_last( + __ops_memory_get_data(se_ip->mem_literal), + __ops_memory_get_length(se_ip->mem_literal), + se_ip, se_ip->cinfo_se_ip); } /* now write memory to next writer */ @@ -1681,6 +1721,6 @@ se_ip->crypt->decrypt_finish(se_ip->crypt); - free(se_ip->crypt); - free(se_ip); + (void) free(se_ip->crypt); + (void) free(se_ip); } Index: src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c diff -u src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c:1.5 src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c:1.6 --- src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c:1.5 Wed May 6 03:02:03 2009 +++ src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c Wed May 6 07:01:43 2009 @@ -96,9 +96,9 @@ keydata->npackets = 0; if (keydata->type == OPS_PTAG_CT_PUBLIC_KEY) { - __ops_pubkey_free(&keydata->key.pkey); + __ops_pubkey_free(&keydata->key.pubkey); } else { - __ops_seckey_free(&keydata->key.skey); + __ops_seckey_free(&keydata->key.seckey); } (void) free(keydata); @@ -118,8 +118,8 @@ const __ops_pubkey_t * __ops_get_pubkey(const __ops_keydata_t * keydata) { - return (keydata->type == OPS_PTAG_CT_PUBLIC_KEY) ? &keydata->key.pkey : - &keydata->key.skey.pubkey; + return (keydata->type == OPS_PTAG_CT_PUBLIC_KEY) ? &keydata->key.pubkey : + &keydata->key.seckey.pubkey; } /** @@ -147,7 +147,7 @@ const __ops_seckey_t * __ops_get_seckey(const __ops_keydata_t * data) { - return (data->type == OPS_PTAG_CT_SECRET_KEY) ? &data->key.skey : NULL; + return (data->type == OPS_PTAG_CT_SECRET_KEY) ? &data->key.seckey : NULL; } /** @@ -163,13 +163,13 @@ __ops_seckey_t * __ops_get_writable_seckey(__ops_keydata_t * data) { - return (data->type == OPS_PTAG_CT_SECRET_KEY) ? &data->key.skey : NULL; + return (data->type == OPS_PTAG_CT_SECRET_KEY) ? &data->key.seckey : NULL; } typedef struct { const __ops_keydata_t *key; char *pphrase; - __ops_seckey_t *skey; + __ops_seckey_t *seckey; } decrypt_t; static __ops_parse_cb_return_t @@ -215,8 +215,8 @@ return OPS_FINISHED; case OPS_PTAG_CT_SECRET_KEY: - decrypt->skey = calloc(1, sizeof(*decrypt->skey)); - *decrypt->skey = content->seckey; + decrypt->seckey = calloc(1, sizeof(*decrypt->seckey)); + *decrypt->seckey = content->seckey; return OPS_KEEP_MEMORY; case OPS_PARSER_PACKET_END: @@ -258,7 +258,7 @@ __ops_parse(pinfo, 0); - return decrypt.skey; + return decrypt.seckey; } /** @@ -270,7 +270,7 @@ void __ops_set_seckey(__ops_parser_content_union_t * content, const __ops_keydata_t * key) { - *content->get_seckey.seckey = &key->key.skey; + *content->get_seckey.seckey = &key->key.seckey; } /** @@ -321,11 +321,11 @@ __ops_is_key_supported(const __ops_keydata_t *keydata) { if (keydata->type == OPS_PTAG_CT_PUBLIC_KEY) { - if (keydata->key.pkey.algorithm == OPS_PKA_RSA) { + if (keydata->key.pubkey.algorithm == OPS_PKA_RSA) { return true; } } else if (keydata->type == OPS_PTAG_CT_PUBLIC_KEY) { - if (keydata->key.pkey.algorithm == OPS_PKA_DSA) { + if (keydata->key.pubkey.algorithm == OPS_PKA_DSA) { return true; } } @@ -515,14 +515,14 @@ /* create sig for this pkt */ sig = __ops_create_sig_new(); - __ops_sig_start_key_sig(sig, &keydata->key.skey.pubkey, userid, OPS_CERT_POSITIVE); + __ops_sig_start_key_sig(sig, &keydata->key.seckey.pubkey, userid, OPS_CERT_POSITIVE); __ops_sig_add_birthtime(sig, time(NULL)); __ops_sig_add_issuer_key_id(sig, keydata->key_id); __ops_sig_add_primary_user_id(sig, true); __ops_sig_hashed_subpackets_end(sig); __ops_setup_memory_write(&cinfo_sig, &mem_sig, 128); - __ops_write_sig(sig, &keydata->key.skey.pubkey, &keydata->key.skey, cinfo_sig); + __ops_write_sig(sig, &keydata->key.seckey.pubkey, &keydata->key.seckey, cinfo_sig); /* add this packet to keydata */ Index: src/crypto/external/bsd/netpgp/dist/src/lib/openssl_crypto.c diff -u src/crypto/external/bsd/netpgp/dist/src/lib/openssl_crypto.c:1.5 src/crypto/external/bsd/netpgp/dist/src/lib/openssl_crypto.c:1.6 --- src/crypto/external/bsd/netpgp/dist/src/lib/openssl_crypto.c:1.5 Wed May 6 03:02:03 2009 +++ src/crypto/external/bsd/netpgp/dist/src/lib/openssl_crypto.c Wed May 6 07:01:43 2009 @@ -62,16 +62,16 @@ static void -test_seckey(const __ops_seckey_t * skey) +test_seckey(const __ops_seckey_t * seckey) { RSA *test = RSA_new(); - test->n = BN_dup(skey->pubkey.key.rsa.n); - test->e = BN_dup(skey->pubkey.key.rsa.e); + test->n = BN_dup(seckey->pubkey.key.rsa.n); + test->e = BN_dup(seckey->pubkey.key.rsa.e); - test->d = BN_dup(skey->key.rsa.d); - test->p = BN_dup(skey->key.rsa.p); - test->q = BN_dup(skey->key.rsa.q); + test->d = BN_dup(seckey->key.rsa.d); + test->p = BN_dup(seckey->key.rsa.p); + test->q = BN_dup(seckey->key.rsa.q); if (RSA_check_key(test) != 1) { (void) fprintf(stderr, @@ -693,14 +693,14 @@ bool __ops_rsa_generate_keypair(const int numbits, const unsigned long e, __ops_keydata_t * keydata) { - __ops_seckey_t *skey = NULL; + __ops_seckey_t *seckey = NULL; RSA *rsa = NULL; BN_CTX *ctx = BN_CTX_new(); __ops_create_info_t *cinfo; __ops_memory_t *mem; __ops_keydata_init(keydata, OPS_PTAG_CT_SECRET_KEY); - skey = __ops_get_writable_seckey(keydata); + seckey = __ops_get_writable_seckey(keydata); /* generate the key pair */ @@ -708,28 +708,28 @@ /* populate __ops key from ssl key */ - skey->pubkey.version = 4; - skey->pubkey.birthtime = time(NULL); - skey->pubkey.days_valid = 0; - skey->pubkey.algorithm = OPS_PKA_RSA; - - skey->pubkey.key.rsa.n = BN_dup(rsa->n); - skey->pubkey.key.rsa.e = BN_dup(rsa->e); - - skey->s2k_usage = OPS_S2KU_ENCRYPTED_AND_HASHED; - skey->s2k_specifier = OPS_S2KS_SALTED; - /* skey->s2k_specifier=OPS_S2KS_SIMPLE; */ - skey->algorithm = OPS_SA_CAST5; /* \todo make param */ - skey->hash_algorithm = OPS_HASH_SHA1; /* \todo make param */ - skey->octet_count = 0; - skey->checksum = 0; - - skey->key.rsa.d = BN_dup(rsa->d); - skey->key.rsa.p = BN_dup(rsa->p); - skey->key.rsa.q = BN_dup(rsa->q); - skey->key.rsa.u = BN_mod_inverse(NULL, rsa->p, rsa->q, ctx); - if (skey->key.rsa.u == NULL) { - (void) fprintf(stderr, "skey->key.rsa.u is NULL\n"); + seckey->pubkey.version = 4; + seckey->pubkey.birthtime = time(NULL); + seckey->pubkey.days_valid = 0; + seckey->pubkey.algorithm = OPS_PKA_RSA; + + seckey->pubkey.key.rsa.n = BN_dup(rsa->n); + seckey->pubkey.key.rsa.e = BN_dup(rsa->e); + + seckey->s2k_usage = OPS_S2KU_ENCRYPTED_AND_HASHED; + seckey->s2k_specifier = OPS_S2KS_SALTED; + /* seckey->s2k_specifier=OPS_S2KS_SIMPLE; */ + seckey->algorithm = OPS_SA_CAST5; /* \todo make param */ + seckey->hash_algorithm = OPS_HASH_SHA1; /* \todo make param */ + seckey->octet_count = 0; + seckey->checksum = 0; + + seckey->key.rsa.d = BN_dup(rsa->d); + seckey->key.rsa.p = BN_dup(rsa->p); + seckey->key.rsa.q = BN_dup(rsa->q); + seckey->key.rsa.u = BN_mod_inverse(NULL, rsa->p, rsa->q, ctx); + if (seckey->key.rsa.u == NULL) { + (void) fprintf(stderr, "seckey->key.rsa.u is NULL\n"); return 0; } BN_CTX_free(ctx); @@ -737,8 +737,8 @@ RSA_free(rsa); __ops_keyid(keydata->key_id, OPS_KEY_ID_SIZE, OPS_KEY_ID_SIZE, - &keydata->key.skey.pubkey); - __ops_fingerprint(&keydata->fingerprint, &keydata->key.skey.pubkey); + &keydata->key.seckey.pubkey); + __ops_fingerprint(&keydata->fingerprint, &keydata->key.seckey.pubkey); /* Generate checksum */ @@ -747,19 +747,19 @@ __ops_setup_memory_write(&cinfo, &mem, 128); - __ops_push_skey_checksum_writer(cinfo, skey); + __ops_push_skey_checksum_writer(cinfo, seckey); - switch (skey->pubkey.algorithm) { + switch (seckey->pubkey.algorithm) { /* case OPS_PKA_DSA: */ /* return __ops_write_mpi(key->key.dsa.x,info); */ case OPS_PKA_RSA: case OPS_PKA_RSA_ENCRYPT_ONLY: case OPS_PKA_RSA_SIGN_ONLY: - if (!__ops_write_mpi(skey->key.rsa.d, cinfo) - || !__ops_write_mpi(skey->key.rsa.p, cinfo) - || !__ops_write_mpi(skey->key.rsa.q, cinfo) - || !__ops_write_mpi(skey->key.rsa.u, cinfo)) + if (!__ops_write_mpi(seckey->key.rsa.d, cinfo) + || !__ops_write_mpi(seckey->key.rsa.p, cinfo) + || !__ops_write_mpi(seckey->key.rsa.q, cinfo) + || !__ops_write_mpi(seckey->key.rsa.u, cinfo)) return false; break; @@ -767,7 +767,7 @@ /* return __ops_write_mpi(key->key.elgamal.x,info); */ default: - (void) fprintf(stderr, "Bad skey->pubkey.algorithm\n"); + (void) fprintf(stderr, "Bad seckey->pubkey.algorithm\n"); return false; } @@ -775,11 +775,11 @@ __ops_writer_close(cinfo); __ops_teardown_memory_write(cinfo, mem); - /* should now have checksum in skey struct */ + /* should now have checksum in seckey struct */ /* test */ if (__ops_get_debug_level(__FILE__)) - test_seckey(skey); + test_seckey(seckey); return true; } Index: src/crypto/external/bsd/netpgp/dist/src/lib/packet-print.c diff -u src/crypto/external/bsd/netpgp/dist/src/lib/packet-print.c:1.5 src/crypto/external/bsd/netpgp/dist/src/lib/packet-print.c:1.6 --- src/crypto/external/bsd/netpgp/dist/src/lib/packet-print.c:1.5 Wed May 6 03:02:03 2009 +++ src/crypto/external/bsd/netpgp/dist/src/lib/packet-print.c Wed May 6 07:01:43 2009 @@ -65,10 +65,10 @@ { unsigned int i; - printf("pub %s ", __ops_show_pka(key->key.pkey.algorithm)); + printf("pub %s ", __ops_show_pka(key->key.pubkey.algorithm)); hexdump(key->key_id, OPS_KEY_ID_SIZE, ""); printf(" "); - print_time_short(key->key.pkey.birthtime); + print_time_short(key->key.pubkey.birthtime); printf("\nKey fingerprint: "); hexdump(key->fingerprint.fingerprint, 20, " "); printf("\n"); @@ -81,40 +81,40 @@ /** \ingroup Core_Print -\param pkey +\param pubkey */ void -__ops_print_pubkey(const __ops_pubkey_t * pkey) +__ops_print_pubkey(const __ops_pubkey_t * pubkey) { printf("------- PUBLIC KEY ------\n"); - print_unsigned_int("Version", (unsigned)pkey->version); - print_time("Creation Time", pkey->birthtime); - if (pkey->version == OPS_V3) - print_unsigned_int("Days Valid", pkey->days_valid); + print_unsigned_int("Version", (unsigned)pubkey->version); + print_time("Creation Time", pubkey->birthtime); + if (pubkey->version == OPS_V3) + print_unsigned_int("Days Valid", pubkey->days_valid); - print_string_and_value("Algorithm", __ops_show_pka(pkey->algorithm), - pkey->algorithm); + print_string_and_value("Algorithm", __ops_show_pka(pubkey->algorithm), + pubkey->algorithm); - switch (pkey->algorithm) { + switch (pubkey->algorithm) { case OPS_PKA_DSA: - print_bn("p", pkey->key.dsa.p); - print_bn("q", pkey->key.dsa.q); - print_bn("g", pkey->key.dsa.g); - print_bn("y", pkey->key.dsa.y); + print_bn("p", pubkey->key.dsa.p); + print_bn("q", pubkey->key.dsa.q); + print_bn("g", pubkey->key.dsa.g); + print_bn("y", pubkey->key.dsa.y); break; case OPS_PKA_RSA: case OPS_PKA_RSA_ENCRYPT_ONLY: case OPS_PKA_RSA_SIGN_ONLY: - print_bn("n", pkey->key.rsa.n); - print_bn("e", pkey->key.rsa.e); + print_bn("n", pubkey->key.rsa.n); + print_bn("e", pubkey->key.rsa.e); break; case OPS_PKA_ELGAMAL: case OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN: - print_bn("p", pkey->key.elgamal.p); - print_bn("g", pkey->key.elgamal.g); - print_bn("y", pkey->key.elgamal.y); + print_bn("p", pubkey->key.elgamal.p); + print_bn("g", pubkey->key.elgamal.g); + print_bn("y", pubkey->key.elgamal.y); break; default: @@ -137,13 +137,13 @@ __ops_print_seckeydata(const __ops_keydata_t * key) { printf("sec "); - __ops_show_pka(key->key.pkey.algorithm); + __ops_show_pka(key->key.pubkey.algorithm); printf(" "); hexdump(key->key_id, OPS_KEY_ID_SIZE, ""); printf(" "); - print_time_short(key->key.pkey.birthtime); + print_time_short(key->key.pubkey.birthtime); printf(" "); if (key->nuids == 1) { @@ -162,24 +162,24 @@ /* void -__ops_print_seckey_verbose(const __ops_seckey_t* skey) +__ops_print_seckey_verbose(const __ops_seckey_t* seckey) { if(key->type == OPS_PTAG_CT_SECRET_KEY) print_tagname("SECRET_KEY"); else print_tagname("ENCRYPTED_SECRET_KEY"); - __ops_print_seckey(key->type,skey); + __ops_print_seckey(key->type,seckey); } */ /** \ingroup Core_Print \param type -\param skey +\param seckey */ static void __ops_print_seckey_verbose(const __ops_content_tag_t type, - const __ops_seckey_t * skey) + const __ops_seckey_t * seckey) { printf("------- SECRET KEY or ENCRYPTED SECRET KEY ------\n"); if (type == OPS_PTAG_CT_SECRET_KEY) @@ -187,33 +187,33 @@ else print_tagname("ENCRYPTED_SECRET_KEY"); /* __ops_print_pubkey(key); */ - printf("S2K Usage: %d\n", skey->s2k_usage); - if (skey->s2k_usage != OPS_S2KU_NONE) { - printf("S2K Specifier: %d\n", skey->s2k_specifier); - printf("Symmetric algorithm: %d (%s)\n", skey->algorithm, - __ops_show_symmetric_algorithm(skey->algorithm)); - printf("Hash algorithm: %d (%s)\n", skey->hash_algorithm, - __ops_show_hash_algorithm(skey->hash_algorithm)); - if (skey->s2k_specifier != OPS_S2KS_SIMPLE) - print_hexdump("Salt", skey->salt, sizeof(skey->salt)); - if (skey->s2k_specifier == OPS_S2KS_ITERATED_AND_SALTED) - printf("Octet count: %d\n", skey->octet_count); - print_hexdump("IV", skey->iv, __ops_block_size(skey->algorithm)); + printf("S2K Usage: %d\n", seckey->s2k_usage); + if (seckey->s2k_usage != OPS_S2KU_NONE) { + printf("S2K Specifier: %d\n", seckey->s2k_specifier); + printf("Symmetric algorithm: %d (%s)\n", seckey->algorithm, + __ops_show_symmetric_algorithm(seckey->algorithm)); + printf("Hash algorithm: %d (%s)\n", seckey->hash_algorithm, + __ops_show_hash_algorithm(seckey->hash_algorithm)); + if (seckey->s2k_specifier != OPS_S2KS_SIMPLE) + print_hexdump("Salt", seckey->salt, sizeof(seckey->salt)); + if (seckey->s2k_specifier == OPS_S2KS_ITERATED_AND_SALTED) + printf("Octet count: %d\n", seckey->octet_count); + print_hexdump("IV", seckey->iv, __ops_block_size(seckey->algorithm)); } /* no more set if encrypted */ if (type == OPS_PTAG_CT_ENCRYPTED_SECRET_KEY) return; - switch (skey->pubkey.algorithm) { + switch (seckey->pubkey.algorithm) { case OPS_PKA_RSA: - print_bn("d", skey->key.rsa.d); - print_bn("p", skey->key.rsa.p); - print_bn("q", skey->key.rsa.q); - print_bn("u", skey->key.rsa.u); + print_bn("d", seckey->key.rsa.d); + print_bn("p", seckey->key.rsa.p); + print_bn("q", seckey->key.rsa.q); + print_bn("u", seckey->key.rsa.u); break; case OPS_PKA_DSA: - print_bn("x", skey->key.dsa.x); + print_bn("x", seckey->key.dsa.x); break; default: @@ -221,10 +221,10 @@ "__ops_print_seckey_verbose: unusual algorithm\n"); } - if (skey->s2k_usage == OPS_S2KU_ENCRYPTED_AND_HASHED) - print_hexdump("Checkhash", skey->checkhash, OPS_CHECKHASH_SIZE); + if (seckey->s2k_usage == OPS_S2KU_ENCRYPTED_AND_HASHED) + print_hexdump("Checkhash", seckey->checkhash, OPS_CHECKHASH_SIZE); else - printf("Checksum: %04x\n", skey->checksum); + printf("Checksum: %04x\n", seckey->checksum); printf("------- end of SECRET KEY or ENCRYPTED SECRET KEY ------\n"); } Index: src/crypto/external/bsd/netpgp/dist/src/lib/keyring_local.h diff -u src/crypto/external/bsd/netpgp/dist/src/lib/keyring_local.h:1.3 src/crypto/external/bsd/netpgp/dist/src/lib/keyring_local.h:1.4 --- src/crypto/external/bsd/netpgp/dist/src/lib/keyring_local.h:1.3 Wed May 6 03:02:03 2009 +++ src/crypto/external/bsd/netpgp/dist/src/lib/keyring_local.h Wed May 6 07:01:43 2009 @@ -38,8 +38,8 @@ /** __ops_keydata_key_t */ typedef union { - __ops_pubkey_t pkey; - __ops_seckey_t skey; + __ops_pubkey_t pubkey; + __ops_seckey_t seckey; } __ops_keydata_key_t; Index: src/crypto/external/bsd/netpgp/dist/src/lib/validate.h diff -u src/crypto/external/bsd/netpgp/dist/src/lib/validate.h:1.3 src/crypto/external/bsd/netpgp/dist/src/lib/validate.h:1.4 --- src/crypto/external/bsd/netpgp/dist/src/lib/validate.h:1.3 Wed May 6 03:02:03 2009 +++ src/crypto/external/bsd/netpgp/dist/src/lib/validate.h Wed May 6 07:01:43 2009 @@ -29,9 +29,9 @@ /** Struct used with the validate_key_cb callback */ typedef struct { - __ops_pubkey_t pkey; + __ops_pubkey_t pubkey; __ops_pubkey_t subkey; - __ops_seckey_t skey; + __ops_seckey_t seckey; enum { ATTRIBUTE = 1, ID Index: src/crypto/external/bsd/netpgp/dist/src/lib/validate.c diff -u src/crypto/external/bsd/netpgp/dist/src/lib/validate.c:1.6 src/crypto/external/bsd/netpgp/dist/src/lib/validate.c:1.7 --- src/crypto/external/bsd/netpgp/dist/src/lib/validate.c:1.6 Wed May 6 03:02:03 2009 +++ src/crypto/external/bsd/netpgp/dist/src/lib/validate.c Wed May 6 07:01:43 2009 @@ -20,12 +20,18 @@ */ #include "config.h" +#include <sys/types.h> +#include <sys/param.h> +#include <sys/stat.h> + +#include <string.h> +#include <stdio.h> + #include "packet-parse.h" #include "packet-show.h" #include "keyring.h" #include "signature.h" #include "netpgpsdk.h" - #include "readerwriter.h" #include "netpgpdefs.h" #include "memory.h" @@ -33,13 +39,6 @@ #include "parse_local.h" #include "validate.h" -#include <sys/types.h> -#include <sys/param.h> -#include <sys/stat.h> - -#include <string.h> -#include <stdio.h> - /* Does the signed hash match the given hash? */ static bool @@ -137,8 +136,7 @@ } static void -copy_sig_info(__ops_sig_info_t * dst, - const __ops_sig_info_t * src) +copy_sig_info(__ops_sig_info_t * dst, const __ops_sig_info_t * src) { (void) memcpy(dst, src, sizeof(*src)); dst->v4_hashed_data = calloc(1, src->v4_hashed_data_length); @@ -147,8 +145,7 @@ } static void -add_sig_to_list(const __ops_sig_info_t *sig, - __ops_sig_info_t **sigs, +add_sig_to_list(const __ops_sig_info_t *sig, __ops_sig_info_t **sigs, unsigned *count) { if (*count == 0) { @@ -163,8 +160,7 @@ __ops_parse_cb_return_t -__ops_validate_key_cb(const __ops_packet_t * pkt, - __ops_callback_data_t * cbinfo) +__ops_validate_key_cb(const __ops_packet_t *pkt, __ops_callback_data_t *cbinfo) { const __ops_parser_content_union_t *content = &pkt->u; const __ops_keydata_t *signer; @@ -178,12 +174,12 @@ switch (pkt->tag) { case OPS_PTAG_CT_PUBLIC_KEY: - if (key->pkey.version != 0) { + if (key->pubkey.version != 0) { (void) fprintf(stderr, "__ops_validate_key_cb: version bad\n"); return OPS_FINISHED; } - key->pkey = content->pubkey; + key->pubkey = content->pubkey; return OPS_KEEP_MEMORY; case OPS_PTAG_CT_PUBLIC_SUBKEY: @@ -193,8 +189,8 @@ return OPS_KEEP_MEMORY; case OPS_PTAG_CT_SECRET_KEY: - key->skey = content->seckey; - key->pkey = key->skey.pubkey; + key->seckey = content->seckey; + key->pubkey = key->seckey.pubkey; return OPS_KEEP_MEMORY; case OPS_PTAG_CT_USER_ID: @@ -207,7 +203,7 @@ case OPS_PTAG_CT_USER_ATTRIBUTE: if (content->user_attribute.data.len == 0) { (void) fprintf(stderr, -"__ops_validate_key_cb: user attribute length 0"); + "__ops_validate_key_cb: user attribute length 0"); return OPS_FINISHED; } printf("user attribute, length=%d\n", @@ -235,19 +231,17 @@ case OPS_CERT_CASUAL: case OPS_CERT_POSITIVE: case OPS_SIG_REV_CERT: - if (key->last_seen == ID) - valid = __ops_check_useridcert_sig(&key->pkey, - &key->user_id, - &content->sig, - __ops_get_pubkey(signer), - key->rarg->key->packets[key->rarg->packet].raw); - else - valid = __ops_check_userattrcert_sig(&key->pkey, - &key->user_attribute, - &content->sig, + valid = (key->last_seen == ID) ? + __ops_check_useridcert_sig(&key->pubkey, + &key->user_id, + &content->sig, + __ops_get_pubkey(signer), + key->rarg->key->packets[key->rarg->packet].raw): + __ops_check_userattrcert_sig(&key->pubkey, + &key->user_attribute, + &content->sig, __ops_get_pubkey(signer), - key->rarg->key->packets[key->rarg->packet].raw); - + key->rarg->key->packets[key->rarg->packet].raw); break; case OPS_SIG_SUBKEY: @@ -255,16 +249,17 @@ * XXX: we should also check that the signer is the * key we are validating, I think. */ - valid = __ops_check_subkey_sig(&key->pkey, &key->subkey, - &content->sig, - __ops_get_pubkey(signer), - key->rarg->key->packets[key->rarg->packet].raw); + valid = __ops_check_subkey_sig(&key->pubkey, &key->subkey, + &content->sig, + __ops_get_pubkey(signer), + key->rarg->key->packets[key->rarg->packet].raw); break; case OPS_SIG_DIRECT: - valid = __ops_check_direct_sig(&key->pkey, &content->sig, - __ops_get_pubkey(signer), - key->rarg->key->packets[key->rarg->packet].raw); + valid = __ops_check_direct_sig(&key->pubkey, + &content->sig, + __ops_get_pubkey(signer), + key->rarg->key->packets[key->rarg->packet].raw); break; case OPS_SIG_STANDALONE: @@ -349,7 +344,8 @@ return OPS_KEEP_MEMORY; case OPS_PTAG_CT_SIGNED_CLEARTEXT_BODY: - data->data.signed_cleartext_body = content->signed_cleartext_body; + data->data.signed_cleartext_body = + content->signed_cleartext_body; data->use = SIGNED_CLEARTEXT; __ops_memory_add(data->mem, data->data.litdata_body.data, data->data.litdata_body.length); @@ -482,13 +478,13 @@ */ bool __ops_validate_key_sigs(__ops_validation_t * result, - const __ops_keydata_t * key, - const __ops_keyring_t * keyring, - __ops_parse_cb_return_t cb_get_passphrase(const __ops_packet_t *, __ops_callback_data_t *) -) + const __ops_keydata_t * key, + const __ops_keyring_t * keyring, + __ops_parse_cb_return_t cb_get_passphrase(const __ops_packet_t *, + __ops_callback_data_t *)) { - __ops_parse_info_t *pinfo; - validate_key_cb_t carg; + __ops_parse_info_t *pinfo; + validate_key_cb_t carg; (void) memset(&carg, 0x0, sizeof(carg)); carg.result = result; @@ -509,18 +505,16 @@ __ops_parse(pinfo, 0); - __ops_pubkey_free(&carg.pkey); - if (carg.subkey.version) + __ops_pubkey_free(&carg.pubkey); + if (carg.subkey.version) { __ops_pubkey_free(&carg.subkey); + } __ops_user_id_free(&carg.user_id); __ops_user_attribute_free(&carg.user_attribute); __ops_parse_info_delete(pinfo); - if (result->invalidc || result->unknownc || !result->validc) - return false; - else - return true; + return (!result->invalidc && !result->unknownc && result->validc); } /** @@ -532,12 +526,12 @@ \sa __ops_validate_result_free() */ bool -__ops_validate_all_sigs(__ops_validation_t * result, - const __ops_keyring_t * ring, - __ops_parse_cb_return_t cb_get_passphrase(const __ops_packet_t *, __ops_callback_data_t *) -) +__ops_validate_all_sigs(__ops_validation_t *result, + const __ops_keyring_t *ring, + __ops_parse_cb_return_t cb_get_passphrase(const __ops_packet_t *, + __ops_callback_data_t *)) { - int n; + int n; (void) memset(result, 0x0, sizeof(*result)); for (n = 0; n < ring->nkeys; ++n) { @@ -599,7 +593,7 @@ int fd; int cc; -#define SIG_OVERHEAD 284 /* depends on sig size */ +#define SIG_OVERHEAD 284 /* XXX - depends on sig size? */ if (stat(filename, &st) < 0) { (void) fprintf(stderr, "can't validate \"%s\"\n", filename); @@ -672,8 +666,8 @@ __ops_validate_mem(__ops_validation_t *result, __ops_memory_t *mem, const int armoured, const __ops_keyring_t *keyring) { - __ops_parse_info_t *pinfo = NULL; - validate_data_cb_t validation; + __ops_parse_info_t *pinfo = NULL; + validate_data_cb_t validation; __ops_setup_memory_read(&pinfo, mem, &validation, validate_data_cb, true);