Verify created signatures.

2025-07-03 22:56:33 +02:00 · 2001-03-24 16:29:31 +00:00 · 2001-03-24 16:29:31 +00:00 · 3b866e74a8
commit 3b866e74a8
parent f3b2ef0b93
11 changed files with 73 additions and 8 deletions
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,12 @@
+2001-03-24  Werner Koch  <wk@gnupg.org>
+
+	* sign.c (do_sign): Verify the signature right after creation.
+
+2001-03-23  Werner Koch  <wk@gnupg.org>
+
+	* status.c, status.h (STATUS_UNEXPECTED): New.
+	* mainproc.c (do_proc_packets): And emit it here.
+
 2001-03-21  Werner Koch  <wk@gnupg.org>

 	* status.c: Add sys/types.h so that it runs on Ultrix.  Reported
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@ -1067,6 +1067,7 @@ do_proc_packets( CTX c, IOBUF a )
 	      case PKT_PUBKEY_ENC:
 	      case PKT_ENCRYPTED:
 	      case PKT_ENCRYPTED_MDC:
+                write_status_text( STATUS_UNEXPECTED, "0" );
 		rc = G10ERR_UNEXPECTED;
 		goto leave;
 	      case PKT_SIGNATURE:   newpkt = add_signature( c, pkt ); break;
@ -1082,6 +1083,7 @@ do_proc_packets( CTX c, IOBUF a )
 	      case PKT_PUBLIC_KEY:
 	      case PKT_SECRET_KEY:
 	      case PKT_USER_ID:
+                write_status_text( STATUS_UNEXPECTED, "0" );
 		rc = G10ERR_UNEXPECTED;
 		goto leave;
 	      case PKT_SIGNATURE:   newpkt = add_signature( c, pkt ); break;
--- a/g10/pipemode.c
+++ b/g10/pipemode.c
@ -108,7 +108,7 @@ pipemode_filter( void *opaque, int control,
            /* FIXME: we have to make sure that we have a large enough
             * buffer for a control packet even after we already read 
             * something. The easest way to do this is probably by ungetting
-             * the control sequenceand and returning the buffer we have
+             * the control sequence and returning the buffer we have
             * already assembled */
            int c = iobuf_get (a);
            if (c == -1) {
--- a/g10/sign.c
+++ b/g10/sign.c
@ -132,6 +132,27 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig,
 			     digest_algo, mpi_get_nbits(sk->skey[0]), 0 );
    rc = pubkey_sign( sk->pubkey_algo, sig->data, frame, sk->skey );
    mpi_free(frame);
+    if (!rc) {
+        /* check that the signature verification worked and nothing is
+         * fooling us e.g. by a bug in the signature create
+         * code or by deliberately introduced faults. */
+        PKT_public_key *pk = m_alloc_clear (sizeof *pk);
+
+        if( get_pubkey( pk, sig->keyid ) )
+            rc = G10ERR_NO_PUBKEY;
+        else {
+            frame = encode_md_value (pk->pubkey_algo, md,
+                                     sig->digest_algo,
+                                     mpi_get_nbits(pk->pkey[0]), 0);
+            rc = pubkey_verify (pk->pubkey_algo, frame, sig->data, pk->pkey,
+                                NULL, NULL );
+            mpi_free (frame);
+        }
+        if (rc)
+            log_error (_("checking created signature failed: %s\n"),
+                         g10_errstr (rc));
+        free_public_key (pk);
+    }
    if( rc )
 	log_error(_("signing failed: %s\n"), g10_errstr(rc) );
    else {
@ -154,10 +175,6 @@ complete_sig( PKT_signature *sig, PKT_secret_key *sk, MD_HANDLE md )

    if( !(rc=check_secret_key( sk, 0 )) )
 	rc = do_sign( sk, sig, md, 0 );
-
-    /* fixme: should we check whether the signature is okay?
-     * maybe by using an option */
-
    return rc;
 }

--- a/g10/status.c
+++ b/g10/status.c
@ -139,6 +139,7 @@ get_status_string ( int no )
      case STATUS_END_STREAM     : s = "END_STREAM"; break;
      case STATUS_KEY_CREATED    : s = "KEY_CREATED"; break;
      case STATUS_USERID_HINT    : s = "USERID_HINT"; break;
+      case STATUS_UNEXPECTED     : s = "UNEXPECTED"; break;
      default: s = "?"; break;
    }
    return s;
--- a/g10/status.h
+++ b/g10/status.h
@ -89,7 +89,7 @@
 #define STATUS_END_STREAM       57
 #define STATUS_KEY_CREATED      58
 #define STATUS_USERID_HINT      59
-
+#define STATUS_UNEXPECTED       60

 /*-- status.c --*/
 void set_status_fd ( int fd );