Module Name: src Committed By: agc Date: Tue Oct 30 02:10:43 UTC 2012
Modified Files: src/crypto/external/bsd/netpgp/bin/netpgpverify [agc-netpgp-standalone]: Makefile expected16 expected17 expected18 expected21 expected22 expected24 expected32 expected34 src/crypto/external/bsd/netpgp/dist/src/libbn [agc-netpgp-standalone]: bignum.c src/crypto/external/bsd/netpgp/dist/src/libverify [agc-netpgp-standalone]: libverify.c verify.h src/crypto/external/bsd/netpgp/lib/verify [agc-netpgp-standalone]: Makefile Removed Files: src/crypto/external/bsd/netpgp/dist/src/libverify [agc-netpgp-standalone]: verify.c Log Message: changes to libnetpgpverify: + isolate the RSA verification code (the DSA verification code was isolated previously), and include it in our sources, rather than including the source for librsa, (and thus bringing in all the code for signing and encryption/decryption) - no crypto is involved in signature verification, just the digest calculation, and the BIGNUM expmod. + check some more arguments + order the user ids as expected in public keys (i.e. if there's a primary user id signature sub-packet, honor it), and fix up the regression test results accordingly. To generate a diff of this commit: cvs rdiff -u -r1.1.2.5 -r1.1.2.6 \ src/crypto/external/bsd/netpgp/bin/netpgpverify/Makefile cvs rdiff -u -r1.1.2.1 -r1.1.2.2 \ src/crypto/external/bsd/netpgp/bin/netpgpverify/expected16 \ src/crypto/external/bsd/netpgp/bin/netpgpverify/expected17 \ src/crypto/external/bsd/netpgp/bin/netpgpverify/expected18 \ src/crypto/external/bsd/netpgp/bin/netpgpverify/expected21 \ src/crypto/external/bsd/netpgp/bin/netpgpverify/expected22 \ src/crypto/external/bsd/netpgp/bin/netpgpverify/expected24 \ src/crypto/external/bsd/netpgp/bin/netpgpverify/expected32 \ src/crypto/external/bsd/netpgp/bin/netpgpverify/expected34 cvs rdiff -u -r1.1.2.3 -r1.1.2.4 \ src/crypto/external/bsd/netpgp/dist/src/libbn/bignum.c cvs rdiff -u -r1.1.2.9 -r1.1.2.10 \ src/crypto/external/bsd/netpgp/dist/src/libverify/libverify.c cvs rdiff -u -r1.1.2.1 -r0 \ src/crypto/external/bsd/netpgp/dist/src/libverify/verify.c cvs rdiff -u -r1.1.2.8 -r1.1.2.9 \ src/crypto/external/bsd/netpgp/dist/src/libverify/verify.h cvs rdiff -u -r1.1.2.2 -r1.1.2.3 \ src/crypto/external/bsd/netpgp/lib/verify/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/crypto/external/bsd/netpgp/bin/netpgpverify/Makefile diff -u src/crypto/external/bsd/netpgp/bin/netpgpverify/Makefile:1.1.2.5 src/crypto/external/bsd/netpgp/bin/netpgpverify/Makefile:1.1.2.6 --- src/crypto/external/bsd/netpgp/bin/netpgpverify/Makefile:1.1.2.5 Wed Oct 24 02:18:56 2012 +++ src/crypto/external/bsd/netpgp/bin/netpgpverify/Makefile Tue Oct 30 02:10:42 2012 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.1.2.5 2012/10/24 02:18:56 agc Exp $ +# $NetBSD: Makefile,v 1.1.2.6 2012/10/30 02:10:42 agc Exp $ .include <bsd.own.mk> @@ -114,3 +114,6 @@ t: ${PROG} env LD_LIBRARY_PATH=${LIBNETPGPVERIFYDIR} ./${PROG} -k dsa-pubring.gpg in2.asc > output45 diff expected45 output45 rm -f output45 + env LD_LIBRARY_PATH=${LIBNETPGPVERIFYDIR} ./${PROG} -k problem-pubring.gpg NetBSD-6.0_hashes.asc > output46 + diff expected46 output46 + rm -f output46 Index: src/crypto/external/bsd/netpgp/bin/netpgpverify/expected16 diff -u src/crypto/external/bsd/netpgp/bin/netpgpverify/expected16:1.1.2.1 src/crypto/external/bsd/netpgp/bin/netpgpverify/expected16:1.1.2.2 --- src/crypto/external/bsd/netpgp/bin/netpgpverify/expected16:1.1.2.1 Wed Oct 24 02:18:56 2012 +++ src/crypto/external/bsd/netpgp/bin/netpgpverify/expected16 Tue Oct 30 02:10:43 2012 @@ -1,9 +1,9 @@ Good signature for b.gpg made Mon Sep 10 00:15:38 2012 signature 2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12 fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823 +uid Alistair Crooks <a...@alistaircrooks.com> uid Alistair Crooks <a...@pkgsrc.org> uid Alistair Crooks <a...@netbsd.org> -uid Alistair Crooks <a...@alistaircrooks.com> uid Alistair Crooks <a...@netflix.com> encryption 2048/RSA (Encrypt or Sign) 79deb61e488eee74 2004-01-12 fingerprint: 57c0 c1e6 bf71 8845 416b 9522 79de b61e 488e ee74 Index: src/crypto/external/bsd/netpgp/bin/netpgpverify/expected17 diff -u src/crypto/external/bsd/netpgp/bin/netpgpverify/expected17:1.1.2.1 src/crypto/external/bsd/netpgp/bin/netpgpverify/expected17:1.1.2.2 --- src/crypto/external/bsd/netpgp/bin/netpgpverify/expected17:1.1.2.1 Wed Oct 24 02:18:56 2012 +++ src/crypto/external/bsd/netpgp/bin/netpgpverify/expected17 Tue Oct 30 02:10:43 2012 @@ -1,9 +1,9 @@ Good signature for a.gpg made Sun Sep 9 17:44:11 2012 signature 2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12 fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823 +uid Alistair Crooks <a...@alistaircrooks.com> uid Alistair Crooks <a...@pkgsrc.org> uid Alistair Crooks <a...@netbsd.org> -uid Alistair Crooks <a...@alistaircrooks.com> uid Alistair Crooks <a...@netflix.com> encryption 2048/RSA (Encrypt or Sign) 79deb61e488eee74 2004-01-12 fingerprint: 57c0 c1e6 bf71 8845 416b 9522 79de b61e 488e ee74 Index: src/crypto/external/bsd/netpgp/bin/netpgpverify/expected18 diff -u src/crypto/external/bsd/netpgp/bin/netpgpverify/expected18:1.1.2.1 src/crypto/external/bsd/netpgp/bin/netpgpverify/expected18:1.1.2.2 --- src/crypto/external/bsd/netpgp/bin/netpgpverify/expected18:1.1.2.1 Wed Oct 24 02:18:56 2012 +++ src/crypto/external/bsd/netpgp/bin/netpgpverify/expected18 Tue Oct 30 02:10:43 2012 @@ -1,9 +1,9 @@ Good signature for gpgsigned-a.gpg made Sun Sep 9 17:43:01 2012 signature 2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12 fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823 +uid Alistair Crooks <a...@alistaircrooks.com> uid Alistair Crooks <a...@pkgsrc.org> uid Alistair Crooks <a...@netbsd.org> -uid Alistair Crooks <a...@alistaircrooks.com> uid Alistair Crooks <a...@netflix.com> encryption 2048/RSA (Encrypt or Sign) 79deb61e488eee74 2004-01-12 fingerprint: 57c0 c1e6 bf71 8845 416b 9522 79de b61e 488e ee74 Index: src/crypto/external/bsd/netpgp/bin/netpgpverify/expected21 diff -u src/crypto/external/bsd/netpgp/bin/netpgpverify/expected21:1.1.2.1 src/crypto/external/bsd/netpgp/bin/netpgpverify/expected21:1.1.2.2 --- src/crypto/external/bsd/netpgp/bin/netpgpverify/expected21:1.1.2.1 Wed Oct 24 02:18:56 2012 +++ src/crypto/external/bsd/netpgp/bin/netpgpverify/expected21 Tue Oct 30 02:10:43 2012 @@ -1,9 +1,9 @@ Good signature for [stdin] made Sun Sep 9 17:44:11 2012 signature 2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12 fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823 +uid Alistair Crooks <a...@alistaircrooks.com> uid Alistair Crooks <a...@pkgsrc.org> uid Alistair Crooks <a...@netbsd.org> -uid Alistair Crooks <a...@alistaircrooks.com> uid Alistair Crooks <a...@netflix.com> encryption 2048/RSA (Encrypt or Sign) 79deb61e488eee74 2004-01-12 fingerprint: 57c0 c1e6 bf71 8845 416b 9522 79de b61e 488e ee74 Index: src/crypto/external/bsd/netpgp/bin/netpgpverify/expected22 diff -u src/crypto/external/bsd/netpgp/bin/netpgpverify/expected22:1.1.2.1 src/crypto/external/bsd/netpgp/bin/netpgpverify/expected22:1.1.2.2 --- src/crypto/external/bsd/netpgp/bin/netpgpverify/expected22:1.1.2.1 Wed Oct 24 02:18:56 2012 +++ src/crypto/external/bsd/netpgp/bin/netpgpverify/expected22 Tue Oct 30 02:10:43 2012 @@ -1,9 +1,9 @@ Good signature for [stdin] made Sun Sep 30 10:50:20 2012 signature 2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12 fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823 +uid Alistair Crooks <a...@alistaircrooks.com> uid Alistair Crooks <a...@pkgsrc.org> uid Alistair Crooks <a...@netbsd.org> -uid Alistair Crooks <a...@alistaircrooks.com> uid Alistair Crooks <a...@netflix.com> encryption 2048/RSA (Encrypt or Sign) 79deb61e488eee74 2004-01-12 fingerprint: 57c0 c1e6 bf71 8845 416b 9522 79de b61e 488e ee74 Index: src/crypto/external/bsd/netpgp/bin/netpgpverify/expected24 diff -u src/crypto/external/bsd/netpgp/bin/netpgpverify/expected24:1.1.2.1 src/crypto/external/bsd/netpgp/bin/netpgpverify/expected24:1.1.2.2 --- src/crypto/external/bsd/netpgp/bin/netpgpverify/expected24:1.1.2.1 Wed Oct 24 02:18:56 2012 +++ src/crypto/external/bsd/netpgp/bin/netpgpverify/expected24 Tue Oct 30 02:10:43 2012 @@ -1,9 +1,9 @@ Good signature for [stdin] made Mon Sep 10 00:15:38 2012 signature 2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12 fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823 +uid Alistair Crooks <a...@alistaircrooks.com> uid Alistair Crooks <a...@pkgsrc.org> uid Alistair Crooks <a...@netbsd.org> -uid Alistair Crooks <a...@alistaircrooks.com> uid Alistair Crooks <a...@netflix.com> encryption 2048/RSA (Encrypt or Sign) 79deb61e488eee74 2004-01-12 fingerprint: 57c0 c1e6 bf71 8845 416b 9522 79de b61e 488e ee74 Index: src/crypto/external/bsd/netpgp/bin/netpgpverify/expected32 diff -u src/crypto/external/bsd/netpgp/bin/netpgpverify/expected32:1.1.2.1 src/crypto/external/bsd/netpgp/bin/netpgpverify/expected32:1.1.2.2 --- src/crypto/external/bsd/netpgp/bin/netpgpverify/expected32:1.1.2.1 Wed Oct 24 02:18:56 2012 +++ src/crypto/external/bsd/netpgp/bin/netpgpverify/expected32 Tue Oct 30 02:10:43 2012 @@ -1,9 +1,9 @@ Good signature for b.gpg made Mon Sep 10 00:15:38 2012 signature 2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12 fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823 +uid Alistair Crooks <a...@alistaircrooks.com> uid Alistair Crooks <a...@pkgsrc.org> uid Alistair Crooks <a...@netbsd.org> -uid Alistair Crooks <a...@alistaircrooks.com> uid Alistair Crooks <a...@netflix.com> encryption 2048/RSA (Encrypt or Sign) 79deb61e488eee74 2004-01-12 fingerprint: 57c0 c1e6 bf71 8845 416b 9522 79de b61e 488e ee74 @@ -11,9 +11,9 @@ fingerprint: 57c0 c1e6 bf71 8845 416b 9 Good signature for b.gpg made Mon Sep 10 00:15:38 2012 signature 2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12 fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823 +uid Alistair Crooks <a...@alistaircrooks.com> uid Alistair Crooks <a...@pkgsrc.org> uid Alistair Crooks <a...@netbsd.org> -uid Alistair Crooks <a...@alistaircrooks.com> uid Alistair Crooks <a...@netflix.com> encryption 2048/RSA (Encrypt or Sign) 79deb61e488eee74 2004-01-12 fingerprint: 57c0 c1e6 bf71 8845 416b 9522 79de b61e 488e ee74 @@ -21,9 +21,9 @@ fingerprint: 57c0 c1e6 bf71 8845 416b 9 Good signature for b.gpg made Mon Sep 10 00:15:38 2012 signature 2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12 fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823 +uid Alistair Crooks <a...@alistaircrooks.com> uid Alistair Crooks <a...@pkgsrc.org> uid Alistair Crooks <a...@netbsd.org> -uid Alistair Crooks <a...@alistaircrooks.com> uid Alistair Crooks <a...@netflix.com> encryption 2048/RSA (Encrypt or Sign) 79deb61e488eee74 2004-01-12 fingerprint: 57c0 c1e6 bf71 8845 416b 9522 79de b61e 488e ee74 Index: src/crypto/external/bsd/netpgp/bin/netpgpverify/expected34 diff -u src/crypto/external/bsd/netpgp/bin/netpgpverify/expected34:1.1.2.1 src/crypto/external/bsd/netpgp/bin/netpgpverify/expected34:1.1.2.2 --- src/crypto/external/bsd/netpgp/bin/netpgpverify/expected34:1.1.2.1 Wed Oct 24 02:18:56 2012 +++ src/crypto/external/bsd/netpgp/bin/netpgpverify/expected34 Tue Oct 30 02:10:43 2012 @@ -1,9 +1,9 @@ Good signature for det.sig made Thu Oct 18 02:12:33 2012 signature 2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12 fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823 +uid Alistair Crooks <a...@alistaircrooks.com> uid Alistair Crooks <a...@pkgsrc.org> uid Alistair Crooks <a...@netbsd.org> -uid Alistair Crooks <a...@alistaircrooks.com> uid Alistair Crooks <a...@netflix.com> encryption 2048/RSA (Encrypt or Sign) 79deb61e488eee74 2004-01-12 fingerprint: 57c0 c1e6 bf71 8845 416b 9522 79de b61e 488e ee74 Index: src/crypto/external/bsd/netpgp/dist/src/libbn/bignum.c diff -u src/crypto/external/bsd/netpgp/dist/src/libbn/bignum.c:1.1.2.3 src/crypto/external/bsd/netpgp/dist/src/libbn/bignum.c:1.1.2.4 --- src/crypto/external/bsd/netpgp/dist/src/libbn/bignum.c:1.1.2.3 Mon Oct 29 15:46:50 2012 +++ src/crypto/external/bsd/netpgp/dist/src/libbn/bignum.c Tue Oct 30 02:10:42 2012 @@ -5356,10 +5356,10 @@ BN_mul(BIGNUM *r, const BIGNUM *a, const int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d, BN_CTX *ctx) { - USE_ARG(ctx); if ((dv == NULL && rem == NULL) || a == NULL || d == NULL) { return 0; } + USE_ARG(ctx); return mp_div(dv, rem, __UNCONST(a), __UNCONST(d)) == MP_OKAY; } @@ -5585,6 +5585,9 @@ BN_is_prime(const BIGNUM *a, int checks, { int primality; + if (a == NULL) { + return 0; + } USE_ARG(ctx); USE_ARG(cb_arg); USE_ARG(callback); Index: src/crypto/external/bsd/netpgp/dist/src/libverify/libverify.c diff -u src/crypto/external/bsd/netpgp/dist/src/libverify/libverify.c:1.1.2.9 src/crypto/external/bsd/netpgp/dist/src/libverify/libverify.c:1.1.2.10 --- src/crypto/external/bsd/netpgp/dist/src/libverify/libverify.c:1.1.2.9 Sat Oct 27 02:27:50 2012 +++ src/crypto/external/bsd/netpgp/dist/src/libverify/libverify.c Tue Oct 30 02:10:42 2012 @@ -48,6 +48,10 @@ #include "rsa.h" #include "verify.h" +#ifndef USE_ARG +#define USE_ARG(x) /*LINTED*/(void)&(x) +#endif + #define BITS_TO_BYTES(b) (((b) + (CHAR_BIT - 1)) / CHAR_BIT) /* packet types */ @@ -510,10 +514,10 @@ str_to_keyid(const char *s, uint8_t *key memcpy(keyid, &u64, PGPV_KEYID_LEN); } -#define PKT_ALWAYS_ON 0x80 -#define PKT_NEWFMT_MASK 0x40 -#define PKT_NEWFMT_TAG_MASK 0x3f -#define PKT_OLDFMT_TAG_MASK 0x3c +#define PKT_ALWAYS_ON 0x80 +#define PKT_NEWFMT_MASK 0x40 +#define PKT_NEWFMT_TAG_MASK 0x3f +#define PKT_OLDFMT_TAG_MASK 0x3c #define SUBPKT_CRITICAL_MASK 0x80 #define SUBPKT_TAG_MASK 0x7f @@ -776,7 +780,7 @@ read_sig_subpackets(pgpv_sigpkt_t *sigpk sigpkt->sig.type_key = *p; break; case SUBPKT_PRIMARY_USER_ID: - sigpkt->sig.userid = p; + sigpkt->sig.primary_userid = *p; break; case SUBPKT_POLICY_URI: sigpkt->sig.policy = (char *)(void *)p; @@ -1213,7 +1217,7 @@ static int recog_userid(pgpv_t *pgp, pgpv_signed_userid_t *userid) { pgpv_signature_t signature; - pgpv_pkt_t *pkt; + pgpv_pkt_t *pkt; memset(userid, 0x0, sizeof(*userid)); if (!pkt_is(pgp, USERID_PKT)) { @@ -1230,6 +1234,9 @@ recog_userid(pgpv_t *pgp, pgpv_signed_us return 0; } ARRAY_APPEND(userid->sigs, signature); + if (signature.primary_userid) { + userid->primary_userid = signature.primary_userid; + } } return 1; } @@ -1262,7 +1269,7 @@ static int recog_subkey(pgpv_t *pgp, pgpv_signed_subkey_t *subkey) { pgpv_signature_t signature; - pgpv_pkt_t *pkt; + pgpv_pkt_t *pkt; pkt = &ARRAY_ELEMENT(pgp->pkts, pgp->pkt); memset(subkey, 0x0, sizeof(*subkey)); @@ -1354,19 +1361,30 @@ fmt_pubkey(char *s, size_t size, pgpv_pu return cc; } +/* format a userid - used to order the userids when formatting */ +static size_t +fmt_userid(char *s, size_t size, pgpv_primarykey_t *primary, uint8_t u) +{ + pgpv_signed_userid_t *userid; + + userid = &ARRAY_ELEMENT(primary->signed_userids, u); + return snprintf(s, size, "uid %.*s\n", + (int)userid->userid.size, userid->userid.data); +} + /* print a primary key, per RFC 4880 */ static size_t fmt_primary(char *s, size_t size, pgpv_primarykey_t *primary) { - pgpv_signed_userid_t *userid; - unsigned i; - size_t cc; + unsigned i; + size_t cc; cc = fmt_pubkey(s, size, &primary->primary, "signature "); + cc += fmt_userid(&s[cc], size - cc, primary, primary->primary_userid); for (i = 0 ; i < ARRAY_COUNT(primary->signed_userids) ; i++) { - userid = &ARRAY_ELEMENT(primary->signed_userids, i); - cc += snprintf(&s[cc], size - cc, "uid %.*s\n", - (int)userid->userid.size, userid->userid.data); + if (i != primary->primary_userid) { + cc += fmt_userid(&s[cc], size - cc, primary, i); + } } for (i = 0 ; i < ARRAY_COUNT(primary->signed_subkeys) ; i++) { cc += fmt_pubkey(&s[cc], size - cc, &ARRAY_ELEMENT(primary->signed_subkeys, i).subkey, "encryption"); @@ -1375,6 +1393,110 @@ fmt_primary(char *s, size_t size, pgpv_p return cc; } + +/* check the padding on the signature */ +static int +rsa_padding_check_none(uint8_t *to, int tlen, const uint8_t *from, int flen, int num) +{ + USE_ARG(num); + if (flen > tlen) { + printf("from length larger than to length\n"); + return -1; + } + (void) memset(to, 0x0, tlen - flen); + (void) memcpy(to + tlen - flen, from, flen); + return tlen; +} + +#define RSA_MAX_MODULUS_BITS 16384 +#define RSA_SMALL_MODULUS_BITS 3072 +#define RSA_MAX_PUBEXP_BITS 64 /* exponent limit enforced for "large" modulus only */ + +/* check against the exponent/moudulo operation */ +static int +lowlevel_rsa_public_check(const uint8_t *encbuf, int enclen, uint8_t *dec, const rsa_pubkey_t *rsa) +{ + uint8_t *decbuf; + BIGNUM *decbn; + BIGNUM *encbn; + int decbytes; + int nbytes; + int r; + + nbytes = 0; + r = -1; + decbuf = NULL; + decbn = encbn = NULL; + if (BN_num_bits(rsa->n) > RSA_MAX_MODULUS_BITS) { + printf("rsa r modulus too large\n"); + goto err; + } + if (BN_cmp(rsa->n, rsa->e) <= 0) { + printf("rsa r bad n value\n"); + goto err; + } + if (BN_num_bits(rsa->n) > RSA_SMALL_MODULUS_BITS && + BN_num_bits(rsa->e) > RSA_MAX_PUBEXP_BITS) { + printf("rsa r bad exponent limit\n"); + goto err; + } + if ((encbn = BN_new()) == NULL || + (decbn = BN_new()) == NULL || + (decbuf = calloc(1, nbytes = BN_num_bytes(rsa->n))) == NULL) { + printf("allocation failure\n"); + goto err; + } + if (enclen > nbytes) { + printf("rsa r > mod len\n"); + goto err; + } + if (BN_bin2bn(encbuf, enclen, encbn) == NULL) { + printf("null encrypted BN\n"); + goto err; + } + if (BN_cmp(encbn, rsa->n) >= 0) { + printf("rsa r data too large for modulus\n"); + goto err; + } + if (BN_mod_exp(decbn, encbn, rsa->e, rsa->n, NULL) < 0) { + printf("BN_mod_exp < 0\n"); + goto err; + } + decbytes = BN_num_bytes(decbn); + (void) BN_bn2bin(decbn, decbuf); + if ((r = rsa_padding_check_none(dec, nbytes, decbuf, decbytes, 0)) < 0) { + printf("rsa r padding check failed\n"); + } +err: + BN_free(encbn); + BN_free(decbn); + if (decbuf != NULL) { + (void) memset(decbuf, 0x0, nbytes); + free(decbuf); + } + return r; +} + +/* verify */ +static int +rsa_public_decrypt(int enclen, const unsigned char *enc, unsigned char *dec, RSA *rsa, int padding) +{ + rsa_pubkey_t pub; + int ret; + + if (enc == NULL || dec == NULL || rsa == NULL) { + return 0; + } + USE_ARG(padding); + (void) memset(&pub, 0x0, sizeof(pub)); + pub.n = BN_dup(rsa->n); + pub.e = BN_dup(rsa->e); + ret = lowlevel_rsa_public_check(enc, enclen, dec, &pub); + BN_free(pub.n); + BN_free(pub.e); + return ret; +} + #define SUBKEY_LEN(x) (80 + 80) #define SIG_LEN 80 #define UID_LEN 80 @@ -1398,12 +1520,14 @@ pgpv_rsa_public_decrypt(uint8_t *out, co RSA *orsa; int n; - orsa = RSA_new(); + if ((orsa = calloc(1, sizeof(*orsa))) == NULL) { + return 0; + } orsa->n = pubkey->bn[RSA_N].bn; orsa->e = pubkey->bn[RSA_E].bn; - n = RSA_public_decrypt((int)length, in, out, orsa, RSA_NO_PADDING); + n = rsa_public_decrypt((int)length, in, out, orsa, RSA_NO_PADDING); orsa->n = orsa->e = NULL; - RSA_free(orsa); + free(orsa); return n; } @@ -1804,12 +1928,18 @@ recog_primary_key(pgpv_t *pgp, pgpv_prim return 0; } ARRAY_APPEND(primary->signed_userids, userid); + if (userid.primary_userid) { + primary->primary_userid = ARRAY_COUNT(primary->signed_userids) - 1; + } while (pkt_is(pgp, USERID_PKT)) { if (!recog_userid(pgp, &userid)) { printf("recog_primary_key: not signed secondary userid\n"); return 0; } ARRAY_APPEND(primary->signed_userids, userid); + if (userid.primary_userid) { + primary->primary_userid = ARRAY_COUNT(primary->signed_userids) - 1; + } } while (pkt_is(pgp, USER_ATTRIBUTE_PKT)) { if (!recog_userattr(pgp, &userattr)) { @@ -2014,6 +2144,9 @@ pgpv_close(pgpv_t *pgp) { unsigned i; + if (pgp == NULL) { + return 0; + } for (i = 0 ; i < ARRAY_COUNT(pgp->areas) ; i++) { if (ARRAY_ELEMENT(pgp->areas, i).size > 0) { closemem(&ARRAY_ELEMENT(pgp->areas, i)); @@ -2028,10 +2161,10 @@ pgpv_get_entry(pgpv_t *pgp, unsigned ent { size_t cc; - *ret = NULL; - if (pgp == NULL || ent >= ARRAY_COUNT(pgp->primaries)) { + if (ret == NULL || pgp == NULL || ent >= ARRAY_COUNT(pgp->primaries)) { return 0; } + *ret = NULL; cc = ARRAY_ELEMENT(pgp->primaries, ent).fmtsize; if ((*ret = calloc(1, cc)) == NULL) { return 0; @@ -2082,6 +2215,9 @@ pgpv_verify(pgpv_cursor_t *cursor, pgpv_ char strkeyid[PGPV_STR_KEYID_LEN]; int j; + if (cursor == NULL || pgp == NULL || p == NULL) { + return 0; + } if (!setup_data(cursor, pgp, p, size)) { snprintf(cursor->why, sizeof(cursor->why), "No input data"); return 0; @@ -2145,6 +2281,9 @@ pgpv_verify(pgpv_cursor_t *cursor, pgpv_ int pgpv_read_pubring(pgpv_t *pgp, const void *keyring, ssize_t size) { + if (pgp == NULL) { + return 0; + } if (keyring) { return (size > 0) ? read_binary_memory(pgp, "pubring", keyring, (size_t)size) : @@ -2162,10 +2301,10 @@ pgpv_get_verified(pgpv_cursor_t *cursor, size_t size; size_t pkt; - *ret = NULL; - if (cursor == NULL || cookie == 0) { + if (ret == NULL || cursor == NULL || cookie == 0) { return 0; } + *ret = NULL; if ((pkt = find_onepass(cursor, cookie - 1)) == 0) { return 0; } Index: src/crypto/external/bsd/netpgp/dist/src/libverify/verify.h diff -u src/crypto/external/bsd/netpgp/dist/src/libverify/verify.h:1.1.2.8 src/crypto/external/bsd/netpgp/dist/src/libverify/verify.h:1.1.2.9 --- src/crypto/external/bsd/netpgp/dist/src/libverify/verify.h:1.1.2.8 Sat Oct 27 02:27:50 2012 +++ src/crypto/external/bsd/netpgp/dist/src/libverify/verify.h Tue Oct 30 02:10:42 2012 @@ -43,8 +43,8 @@ #define PGPV_STR_KEYID_LEN (PGPV_KEYID_LEN + PGPV_KEYID_LEN + 1) typedef struct pgpv_bignum_t { - BIGNUM *bn; - uint16_t bits; + BIGNUM *bn; + uint16_t bits; } pgpv_bignum_t; #define PGPV_MAX_HASH_LEN 20 @@ -60,7 +60,6 @@ typedef struct pgpv_fingerprint_t { typedef struct pgpv_pubkey_t { pgpv_fingerprint_t fingerprint; uint8_t keyid[PGPV_KEYID_LEN]; - uint64_t primary_id; int64_t birth; int64_t expiry; pgpv_bignum_t bn[PGPV_MAX_PUBKEY_BN]; @@ -72,118 +71,118 @@ typedef struct pgpv_pubkey_t { #define PGPV_MAX_SESSKEY_BN 2 typedef struct pgpv_string_t { - size_t size; - uint8_t *data; + size_t size; + uint8_t *data; } pgpv_string_t; typedef struct pgpv_ref_t { - void *vp; - size_t offset; - unsigned mem; + void *vp; + size_t offset; + unsigned mem; } pgpv_ref_t; #define PGPV_MAX_SECKEY_BN 4 typedef struct pgpv_compress_t { - pgpv_string_t s; - uint8_t compalg; + pgpv_string_t s; + uint8_t compalg; } pgpv_compress_t; /* a packet dealing with trust */ typedef struct pgpv_trust_t { - uint8_t level; - uint8_t amount; + uint8_t level; + uint8_t amount; } pgpv_trust_t; /* a signature sub packet */ typedef struct pgpv_sigsubpkt_t { - pgpv_string_t s; - uint8_t tag; - uint8_t critical; + pgpv_string_t s; + uint8_t tag; + uint8_t critical; } pgpv_sigsubpkt_t; #define PGPV_MAX_SIG_BN 2 typedef struct pgpv_signature_t { - uint8_t *signer; /* key id of signer */ - uint8_t *userid; - pgpv_ref_t hashstart; - uint8_t *hash2; - uint8_t *mpi; - int64_t birth; - int64_t keyexpiry; - int64_t expiry; - uint32_t hashlen; - uint8_t version; - uint8_t type; - uint8_t keyalg; - uint8_t hashalg; - uint8_t trustlevel; - uint8_t trustamount; - pgpv_bignum_t bn[PGPV_MAX_SIG_BN]; - char *regexp; - char *pref_key_server; - char *policy; - char *features; - char *why_revoked; - uint8_t *revoke_fingerprint; - uint8_t revoke_alg; - uint8_t revoke_sensitive; - uint8_t trustsig; - uint8_t revocable; - uint8_t pref_symm_alg; - uint8_t pref_hash_alg; - uint8_t pref_compress_alg; - uint8_t key_server_modify; - uint8_t notation; - uint8_t type_key; - uint8_t revoked; /* subtract 1 to get real reason, 0 == not revoked */ + uint8_t *signer; /* key id of signer */ + pgpv_ref_t hashstart; + uint8_t *hash2; + uint8_t *mpi; + int64_t birth; + int64_t keyexpiry; + int64_t expiry; + uint32_t hashlen; + uint8_t version; + uint8_t type; + uint8_t keyalg; + uint8_t hashalg; + uint8_t trustlevel; + uint8_t trustamount; + pgpv_bignum_t bn[PGPV_MAX_SIG_BN]; + char *regexp; + char *pref_key_server; + char *policy; + char *features; + char *why_revoked; + uint8_t *revoke_fingerprint; + uint8_t revoke_alg; + uint8_t revoke_sensitive; + uint8_t trustsig; + uint8_t revocable; + uint8_t pref_symm_alg; + uint8_t pref_hash_alg; + uint8_t pref_compress_alg; + uint8_t key_server_modify; + uint8_t notation; + uint8_t type_key; + uint8_t primary_userid; + uint8_t revoked; /* subtract 1 to get real reason, 0 == not revoked */ } pgpv_signature_t; /* a signature packet */ typedef struct pgpv_sigpkt_t { - pgpv_signature_t sig; - uint16_t subslen; - uint16_t unhashlen; + pgpv_signature_t sig; + uint16_t subslen; + uint16_t unhashlen; PGPV_ARRAY(pgpv_sigsubpkt_t, subpkts); } pgpv_sigpkt_t; /* a one-pass signature packet */ typedef struct pgpv_onepass_t { - uint8_t keyid[PGPV_KEYID_LEN]; - uint8_t version; - uint8_t type; - uint8_t hashalg; - uint8_t keyalg; - uint8_t nested; + uint8_t keyid[PGPV_KEYID_LEN]; + uint8_t version; + uint8_t type; + uint8_t hashalg; + uint8_t keyalg; + uint8_t nested; } pgpv_onepass_t; /* a literal data packet */ typedef struct pgpv_litdata_t { - uint8_t *filename; - pgpv_string_t s; - uint32_t secs; - uint8_t namelen; - char format; - unsigned mem; - size_t offset; - size_t len; + uint8_t *filename; + pgpv_string_t s; + uint32_t secs; + uint8_t namelen; + char format; + unsigned mem; + size_t offset; + size_t len; } pgpv_litdata_t; /* user attributes - images */ typedef struct pgpv_userattr_t { - size_t len; - PGPV_ARRAY(pgpv_string_t, subattrs); + size_t len; + PGPV_ARRAY(pgpv_string_t, subattrs); } pgpv_userattr_t; /* a general PGP packet */ typedef struct pgpv_pkt_t { - uint8_t tag; - uint8_t newfmt; - uint8_t allocated; - uint8_t mement; - size_t offset; - pgpv_string_t s; + uint8_t tag; + uint8_t newfmt; + uint8_t allocated; + uint8_t mement; + size_t offset; + pgpv_string_t s; union { pgpv_sigpkt_t sigpkt; pgpv_onepass_t onepass; @@ -198,53 +197,55 @@ typedef struct pgpv_pkt_t { /* a memory structure */ typedef struct pgpv_mem_t { - size_t size; - size_t cc; - uint8_t *mem; - FILE *fp; - uint8_t dealloc; - const char *allowed; /* the types of packet that are allowed */ + size_t size; + size_t cc; + uint8_t *mem; + FILE *fp; + uint8_t dealloc; + const char *allowed; /* the types of packet that are allowed */ } pgpv_mem_t; /* packet parser */ typedef struct pgpv_signed_userid_t { - pgpv_string_t userid; - PGPV_ARRAY(pgpv_signature_t, sigs); + pgpv_string_t userid; + PGPV_ARRAY(pgpv_signature_t, sigs); + uint8_t primary_userid; } pgpv_signed_userid_t; typedef struct pgpv_signed_userattr_t { - pgpv_userattr_t userattr; - PGPV_ARRAY(pgpv_signature_t, sigs); + pgpv_userattr_t userattr; + PGPV_ARRAY(pgpv_signature_t, sigs); } pgpv_signed_userattr_t; typedef struct pgpv_signed_subkey_t { - pgpv_pubkey_t subkey; - pgpv_signature_t revoc_self_sig; - PGPV_ARRAY(pgpv_signature_t, sigs); + pgpv_pubkey_t subkey; + pgpv_signature_t revoc_self_sig; + PGPV_ARRAY(pgpv_signature_t, sigs); } pgpv_signed_subkey_t; typedef struct pgpv_primarykey_t { - pgpv_pubkey_t primary; - pgpv_signature_t revoc_self_sig; - PGPV_ARRAY(pgpv_signature_t, direct_sigs); - PGPV_ARRAY(pgpv_signed_userid_t, signed_userids); - PGPV_ARRAY(pgpv_signed_userattr_t, signed_userattrs); - PGPV_ARRAY(pgpv_signed_subkey_t, signed_subkeys); - size_t fmtsize; + pgpv_pubkey_t primary; + pgpv_signature_t revoc_self_sig; + PGPV_ARRAY(pgpv_signature_t, direct_sigs); + PGPV_ARRAY(pgpv_signed_userid_t, signed_userids); + PGPV_ARRAY(pgpv_signed_userattr_t, signed_userattrs); + PGPV_ARRAY(pgpv_signed_subkey_t, signed_subkeys); + size_t fmtsize; + uint8_t primary_userid; } pgpv_primarykey_t; /* everything stems from this structure */ typedef struct pgpv_t { - PGPV_ARRAY(pgpv_pkt_t, pkts); /* packet array */ + PGPV_ARRAY(pgpv_pkt_t, pkts); /* packet array */ PGPV_ARRAY(pgpv_primarykey_t, primaries); /* array of primary keys */ - PGPV_ARRAY(pgpv_mem_t, areas); /* areas we read packets from */ - PGPV_ARRAY(size_t, datastarts); /* starts of data packets */ - size_t pkt; /* when parsing, current pkt number */ - const char *op; /* the operation we're doing */ + PGPV_ARRAY(pgpv_mem_t, areas); /* areas we read packets from */ + PGPV_ARRAY(size_t, datastarts); /* starts of data packets */ + size_t pkt; /* when parsing, current pkt number */ + const char *op; /* the operation we're doing */ } pgpv_t; -#define PGPV_REASON_LEN 128 +#define PGPV_REASON_LEN 128 /* when searching, we define a cursor, and fill in an array of subscripts */ typedef struct pgpv_cursor_t { Index: src/crypto/external/bsd/netpgp/lib/verify/Makefile diff -u src/crypto/external/bsd/netpgp/lib/verify/Makefile:1.1.2.2 src/crypto/external/bsd/netpgp/lib/verify/Makefile:1.1.2.3 --- src/crypto/external/bsd/netpgp/lib/verify/Makefile:1.1.2.2 Sat Oct 20 04:59:54 2012 +++ src/crypto/external/bsd/netpgp/lib/verify/Makefile Tue Oct 30 02:10:42 2012 @@ -1,10 +1,9 @@ -# $NetBSD: Makefile,v 1.1.2.2 2012/10/20 04:59:54 agc Exp $ +# $NetBSD: Makefile,v 1.1.2.3 2012/10/30 02:10:42 agc Exp $ LIB=netpgpverify SRCS=libverify.c b64.c pgpsum.c SRCS+=digest.c tiger.c SRCS+=bignum.c misc.c -SRCS+=rsa.c CPPFLAGS+=-I${EXTDIST}/src/libbn CPPFLAGS+=-I${EXTDIST}/src/librsa MAN=libnetpgpverify.3