mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
Support v5 signature generation (not fully working yet).
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
parent
ad7a9b0a6a
commit
bf46db1a1e
29
g10/sign.c
29
g10/sign.c
@ -342,9 +342,17 @@ hash_sigversion_to_magic (gcry_md_hd_t md, const PKT_signature *sig,
|
|||||||
if (sig->hashed)
|
if (sig->hashed)
|
||||||
{
|
{
|
||||||
n = sig->hashed->len;
|
n = sig->hashed->len;
|
||||||
|
if (sig->version == 5)
|
||||||
|
{
|
||||||
|
gcry_md_putc (md, (n >> 24));
|
||||||
|
gcry_md_putc (md, (n >> 16));
|
||||||
|
}
|
||||||
gcry_md_putc (md, (n >> 8) );
|
gcry_md_putc (md, (n >> 8) );
|
||||||
gcry_md_putc (md, n );
|
gcry_md_putc (md, n );
|
||||||
gcry_md_write (md, sig->hashed->data, n );
|
gcry_md_write (md, sig->hashed->data, n );
|
||||||
|
if (sig->version == 5)
|
||||||
|
n += 8;
|
||||||
|
else
|
||||||
n += 6;
|
n += 6;
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
@ -946,7 +954,10 @@ write_signature_packets (ctrl_t ctrl,
|
|||||||
return gpg_error_from_syserror ();
|
return gpg_error_from_syserror ();
|
||||||
|
|
||||||
if (pk->version >= 5)
|
if (pk->version >= 5)
|
||||||
|
{
|
||||||
sig->version = 5; /* Required for v5 keys. */
|
sig->version = 5; /* Required for v5 keys. */
|
||||||
|
gcry_randomize (sig->v5_salt, 16, GCRY_STRONG_RANDOM);
|
||||||
|
}
|
||||||
else
|
else
|
||||||
sig->version = 4; /* Required. */
|
sig->version = 4; /* Required. */
|
||||||
|
|
||||||
@ -1769,6 +1780,7 @@ make_keysig_packet (ctrl_t ctrl,
|
|||||||
gcry_md_hd_t md;
|
gcry_md_hd_t md;
|
||||||
u32 pk_keyid[2], pksk_keyid[2];
|
u32 pk_keyid[2], pksk_keyid[2];
|
||||||
unsigned int signhints;
|
unsigned int signhints;
|
||||||
|
byte v5_salt[16];
|
||||||
|
|
||||||
log_assert ((sigclass >= 0x10 && sigclass <= 0x13) || sigclass == 0x1F
|
log_assert ((sigclass >= 0x10 && sigclass <= 0x13) || sigclass == 0x1F
|
||||||
|| sigclass == 0x20 || sigclass == 0x18 || sigclass == 0x19
|
|| sigclass == 0x20 || sigclass == 0x18 || sigclass == 0x19
|
||||||
@ -1806,6 +1818,12 @@ make_keysig_packet (ctrl_t ctrl,
|
|||||||
if (gcry_md_open (&md, digest_algo, 0))
|
if (gcry_md_open (&md, digest_algo, 0))
|
||||||
BUG ();
|
BUG ();
|
||||||
|
|
||||||
|
if (sigversion == 5)
|
||||||
|
{
|
||||||
|
gcry_randomize (v5_salt, 16, GCRY_STRONG_RANDOM);
|
||||||
|
gcry_md_write (md, v5_salt, 16);
|
||||||
|
}
|
||||||
|
|
||||||
/* Hash the public key certificate. */
|
/* Hash the public key certificate. */
|
||||||
hash_public_key (md, pk);
|
hash_public_key (md, pk);
|
||||||
|
|
||||||
@ -1822,6 +1840,8 @@ make_keysig_packet (ctrl_t ctrl,
|
|||||||
/* Make the signature packet. */
|
/* Make the signature packet. */
|
||||||
sig = xmalloc_clear (sizeof *sig);
|
sig = xmalloc_clear (sizeof *sig);
|
||||||
sig->version = sigversion;
|
sig->version = sigversion;
|
||||||
|
if (sig->version >= 5)
|
||||||
|
memcpy (sig->v5_salt, v5_salt, 16);
|
||||||
sig->flags.exportable = 1;
|
sig->flags.exportable = 1;
|
||||||
sig->flags.revocable = 1;
|
sig->flags.revocable = 1;
|
||||||
keyid_from_pk (pksk, sig->keyid);
|
keyid_from_pk (pksk, sig->keyid);
|
||||||
@ -1883,6 +1903,7 @@ update_keysig_packet (ctrl_t ctrl,
|
|||||||
gcry_md_hd_t md;
|
gcry_md_hd_t md;
|
||||||
u32 pk_keyid[2], pksk_keyid[2];
|
u32 pk_keyid[2], pksk_keyid[2];
|
||||||
unsigned int signhints = 0;
|
unsigned int signhints = 0;
|
||||||
|
byte v5_salt[16];
|
||||||
|
|
||||||
if ((!orig_sig || !pk || !pksk)
|
if ((!orig_sig || !pk || !pksk)
|
||||||
|| (orig_sig->sig_class >= 0x10 && orig_sig->sig_class <= 0x13 && !uid)
|
|| (orig_sig->sig_class >= 0x10 && orig_sig->sig_class <= 0x13 && !uid)
|
||||||
@ -1914,6 +1935,12 @@ update_keysig_packet (ctrl_t ctrl,
|
|||||||
if (gcry_md_open (&md, digest_algo, 0))
|
if (gcry_md_open (&md, digest_algo, 0))
|
||||||
BUG ();
|
BUG ();
|
||||||
|
|
||||||
|
if (orig_sig->version == 5)
|
||||||
|
{
|
||||||
|
gcry_randomize (v5_salt, 16, GCRY_STRONG_RANDOM);
|
||||||
|
gcry_md_write (md, v5_salt, 16);
|
||||||
|
}
|
||||||
|
|
||||||
/* Hash the public key certificate and the user id. */
|
/* Hash the public key certificate and the user id. */
|
||||||
hash_public_key (md, pk);
|
hash_public_key (md, pk);
|
||||||
|
|
||||||
@ -1924,6 +1951,8 @@ update_keysig_packet (ctrl_t ctrl,
|
|||||||
|
|
||||||
/* Create a new signature packet. */
|
/* Create a new signature packet. */
|
||||||
sig = copy_signature (NULL, orig_sig);
|
sig = copy_signature (NULL, orig_sig);
|
||||||
|
if (sig->version >= 5)
|
||||||
|
memcpy (sig->v5_salt, v5_salt, 16);
|
||||||
|
|
||||||
sig->digest_algo = digest_algo;
|
sig->digest_algo = digest_algo;
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user