mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
Verify created signatures.
This commit is contained in:
parent
f3b2ef0b93
commit
3b866e74a8
5
TODO
5
TODO
@ -1,4 +1,7 @@
|
||||
|
||||
* Check that no secret temporary results are stored in the result parameter
|
||||
of the mpi functions. We have already done this for mpi-mul.c
|
||||
|
||||
* Dlopen does not yet work under W32.
|
||||
|
||||
* check whether we can remove all the expire stuff in trustdb because this
|
||||
@ -42,6 +45,8 @@
|
||||
|
||||
* Add an is_valid flag to each user ID.
|
||||
|
||||
* Make --pipemode work.
|
||||
|
||||
Scheduled for 1.1
|
||||
-----------------
|
||||
* David C Niemi pointed out that the code for --no-default-keyring does not
|
||||
|
@ -1,3 +1,7 @@
|
||||
2001-03-23 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* DETAILS: New status UNEXPECTED.
|
||||
|
||||
2001-03-13 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* gpg.sgml: Described --fixed-list-mode.
|
||||
|
@ -119,6 +119,11 @@ more arguments in future versions.
|
||||
3 - Invalid packet found, this may indicate a non OpenPGP message.
|
||||
You may see more than one of these status lines.
|
||||
|
||||
UNEXPECTED <what>
|
||||
Unexpected data has been encountered
|
||||
0 - not further specified 1
|
||||
|
||||
|
||||
TRUST_UNDEFINED
|
||||
TRUST_NEVER
|
||||
TRUST_MARGINAL
|
||||
|
@ -1,3 +1,12 @@
|
||||
2001-03-24 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* sign.c (do_sign): Verify the signature right after creation.
|
||||
|
||||
2001-03-23 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* status.c, status.h (STATUS_UNEXPECTED): New.
|
||||
* mainproc.c (do_proc_packets): And emit it here.
|
||||
|
||||
2001-03-21 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* status.c: Add sys/types.h so that it runs on Ultrix. Reported
|
||||
|
@ -1067,6 +1067,7 @@ do_proc_packets( CTX c, IOBUF a )
|
||||
case PKT_PUBKEY_ENC:
|
||||
case PKT_ENCRYPTED:
|
||||
case PKT_ENCRYPTED_MDC:
|
||||
write_status_text( STATUS_UNEXPECTED, "0" );
|
||||
rc = G10ERR_UNEXPECTED;
|
||||
goto leave;
|
||||
case PKT_SIGNATURE: newpkt = add_signature( c, pkt ); break;
|
||||
@ -1082,6 +1083,7 @@ do_proc_packets( CTX c, IOBUF a )
|
||||
case PKT_PUBLIC_KEY:
|
||||
case PKT_SECRET_KEY:
|
||||
case PKT_USER_ID:
|
||||
write_status_text( STATUS_UNEXPECTED, "0" );
|
||||
rc = G10ERR_UNEXPECTED;
|
||||
goto leave;
|
||||
case PKT_SIGNATURE: newpkt = add_signature( c, pkt ); break;
|
||||
|
@ -108,7 +108,7 @@ pipemode_filter( void *opaque, int control,
|
||||
/* FIXME: we have to make sure that we have a large enough
|
||||
* buffer for a control packet even after we already read
|
||||
* something. The easest way to do this is probably by ungetting
|
||||
* the control sequenceand and returning the buffer we have
|
||||
* the control sequence and returning the buffer we have
|
||||
* already assembled */
|
||||
int c = iobuf_get (a);
|
||||
if (c == -1) {
|
||||
|
25
g10/sign.c
25
g10/sign.c
@ -132,6 +132,27 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig,
|
||||
digest_algo, mpi_get_nbits(sk->skey[0]), 0 );
|
||||
rc = pubkey_sign( sk->pubkey_algo, sig->data, frame, sk->skey );
|
||||
mpi_free(frame);
|
||||
if (!rc) {
|
||||
/* check that the signature verification worked and nothing is
|
||||
* fooling us e.g. by a bug in the signature create
|
||||
* code or by deliberately introduced faults. */
|
||||
PKT_public_key *pk = m_alloc_clear (sizeof *pk);
|
||||
|
||||
if( get_pubkey( pk, sig->keyid ) )
|
||||
rc = G10ERR_NO_PUBKEY;
|
||||
else {
|
||||
frame = encode_md_value (pk->pubkey_algo, md,
|
||||
sig->digest_algo,
|
||||
mpi_get_nbits(pk->pkey[0]), 0);
|
||||
rc = pubkey_verify (pk->pubkey_algo, frame, sig->data, pk->pkey,
|
||||
NULL, NULL );
|
||||
mpi_free (frame);
|
||||
}
|
||||
if (rc)
|
||||
log_error (_("checking created signature failed: %s\n"),
|
||||
g10_errstr (rc));
|
||||
free_public_key (pk);
|
||||
}
|
||||
if( rc )
|
||||
log_error(_("signing failed: %s\n"), g10_errstr(rc) );
|
||||
else {
|
||||
@ -154,10 +175,6 @@ complete_sig( PKT_signature *sig, PKT_secret_key *sk, MD_HANDLE md )
|
||||
|
||||
if( !(rc=check_secret_key( sk, 0 )) )
|
||||
rc = do_sign( sk, sig, md, 0 );
|
||||
|
||||
/* fixme: should we check whether the signature is okay?
|
||||
* maybe by using an option */
|
||||
|
||||
return rc;
|
||||
}
|
||||
|
||||
|
@ -139,6 +139,7 @@ get_status_string ( int no )
|
||||
case STATUS_END_STREAM : s = "END_STREAM"; break;
|
||||
case STATUS_KEY_CREATED : s = "KEY_CREATED"; break;
|
||||
case STATUS_USERID_HINT : s = "USERID_HINT"; break;
|
||||
case STATUS_UNEXPECTED : s = "UNEXPECTED"; break;
|
||||
default: s = "?"; break;
|
||||
}
|
||||
return s;
|
||||
|
@ -89,7 +89,7 @@
|
||||
#define STATUS_END_STREAM 57
|
||||
#define STATUS_KEY_CREATED 58
|
||||
#define STATUS_USERID_HINT 59
|
||||
|
||||
#define STATUS_UNEXPECTED 60
|
||||
|
||||
/*-- status.c --*/
|
||||
void set_status_fd ( int fd );
|
||||
|
@ -1,3 +1,8 @@
|
||||
2001-03-24 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* mpi-mul.c (mpi_mul): Make sure that secret temporary results are
|
||||
not stored in w. Suggested by Florian Weimer.
|
||||
|
||||
2001-03-18 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* config.links (mpi_sflags): Use i386 code for i386. According to
|
||||
|
@ -120,6 +120,7 @@ mpi_mul( MPI w, MPI u, MPI v)
|
||||
int assign_wp=0;
|
||||
mpi_ptr_t tmp_limb=NULL;
|
||||
|
||||
|
||||
if( u->nlimbs < v->nlimbs ) { /* Swap U and V. */
|
||||
usize = v->nlimbs;
|
||||
usign = v->sign;
|
||||
@ -145,7 +146,15 @@ mpi_mul( MPI w, MPI u, MPI v)
|
||||
|
||||
/* Ensure W has space enough to store the result. */
|
||||
wsize = usize + vsize;
|
||||
if( w->alloced < wsize ) {
|
||||
if ( !mpi_is_secure (w) && (mpi_is_secure (u) || mpi_is_secure (v)) ) {
|
||||
/* w is not allocated in secure space but u or v is. To make sure
|
||||
* that no temporray results are stored in w, we temporary use
|
||||
* a newly allocated limb space for w */
|
||||
wp = mpi_alloc_limb_space( wsize, 1 );
|
||||
assign_wp = 2; /* mark it as 2 so that we can later copy it back to
|
||||
* mormal memory */
|
||||
}
|
||||
else if( w->alloced < wsize ) {
|
||||
if( wp == up || wp == vp ) {
|
||||
wp = mpi_alloc_limb_space( wsize, mpi_is_secure(w) );
|
||||
assign_wp = 1;
|
||||
@ -180,8 +189,16 @@ mpi_mul( MPI w, MPI u, MPI v)
|
||||
wsize -= cy? 0:1;
|
||||
}
|
||||
|
||||
if( assign_wp )
|
||||
if( assign_wp ) {
|
||||
if (assign_wp == 2) {
|
||||
/* copy the temp wp from secure memory back to normal memory */
|
||||
mpi_ptr_t tmp_wp = mpi_alloc_limb_space (wsize, 0);
|
||||
MPN_COPY (tmp_wp, wp, wsize);
|
||||
mpi_free_limb_space (wp);
|
||||
wp = tmp_wp;
|
||||
}
|
||||
mpi_assign_limb_space( w, wp, wsize );
|
||||
}
|
||||
w->nlimbs = wsize;
|
||||
w->sign = sign_product;
|
||||
if( tmp_limb )
|
||||
|
Loading…
x
Reference in New Issue
Block a user