8 #define _RPMGC_INTERNAL
9 #if defined(WITH_GCRYPT)
10 #define _RPMPGP_INTERNAL
16 #if defined(WITH_GCRYPT)
30 void rpmgcDump(
const char * msg, gcry_sexp_t sexp)
33 size_t nb = gcry_sexp_sprint(sexp, GCRYSEXP_FMT_ADVANCED, NULL, 0);
37 nb = gcry_sexp_sprint(sexp, GCRYSEXP_FMT_ADVANCED, buf, nb);
42 fprintf(stderr,
"========== %s:\n%s", msg, buf);
48 gcry_error_t rpmgcErr(
rpmgc gc,
const char * msg, gcry_error_t err)
53 fprintf (stderr,
"rpmgc: %s: %s/%s\n",
54 msg, gcry_strsource (err), gcry_strerror (err));
65 const char * hash_algo_name = NULL;
69 switch (sigp->hash_algo) {
71 hash_algo_name =
"md5";
74 hash_algo_name =
"sha1";
77 hash_algo_name =
"ripemd160";
80 hash_algo_name =
"md2";
83 hash_algo_name =
"tiger";
87 hash_algo_name =
"haval";
91 hash_algo_name =
"sha256";
94 hash_algo_name =
"sha384";
97 hash_algo_name =
"sha512";
101 hash_algo_name =
"sha224";
107 if (hash_algo_name == NULL)
114 { gcry_mpi_t c = NULL;
116 xx = gcry_mpi_scan(&c, GCRYMPI_FMT_USG, dig->md5, dig->md5len, NULL);
117 yy = rpmgcErr(gc,
"RSA c",
118 gcry_sexp_build(&gc->hash, NULL,
119 "(data (flags pkcs1) (hash %s %m))", hash_algo_name, c) );
121 if (
_pgp_debug < 0) rpmgcDump(
"gc->hash", gc->hash);
128 rc = memcmp(s, t,
sizeof(sigp->signhash16));
131 fprintf(stderr,
"*** hash fails: digest(%02x%02x) != signhash(%02x%02x)\n",
132 s[0], s[1], t[0], t[1]);
140 int rpmgcVerifyRSA(
pgpDig dig)
143 rpmgc gc = dig->impl;
147 err = rpmgcErr(gc,
"RSA gc->sig",
148 gcry_sexp_build(&gc->sig, NULL,
149 "(sig-val (RSA (s %m)))", gc->c) );
152 rpmgcDump(
"gc->sig", gc->sig);
154 err = rpmgcErr(gc,
"RSA gc->pkey",
155 gcry_sexp_build(&gc->pkey, NULL,
156 "(public-key (RSA (n %m) (e %m)))", gc->n, gc->e) );
159 rpmgcDump(
"gc->pkey", gc->pkey);
163 err = rpmgcErr(gc,
"RSA verify",
164 gcry_pk_verify (gc->sig, gc->hash, gc->pkey) );
167 gcry_sexp_release(gc->pkey); gc->pkey = NULL;
168 gcry_sexp_release(gc->hash); gc->hash = NULL;
169 gcry_sexp_release(gc->sig); gc->sig = NULL;
171 return (err ? 0 : 1);
178 rpmgc gc = dig->impl;
186 err = rpmgcErr(gc,
"DSA gc->hash",
187 gcry_sexp_build(&gc->hash, NULL,
188 "(data (flags raw) (value %b))", dig->sha1len, dig->sha1) );
190 rpmgcDump(
"gc->hash", gc->hash);
193 return memcmp(dig->sha1, sigp->signhash16,
sizeof(sigp->signhash16));
197 int rpmgcVerifyDSA(
pgpDig dig)
200 rpmgc gc = dig->impl;
205 err = rpmgcErr(gc,
"DSA gc->sig",
206 gcry_sexp_build(&gc->sig, NULL,
207 "(sig-val (DSA (r %m) (s %m)))", gc->r, gc->s) );
209 rpmgcDump(
"gc->sig", gc->sig);
210 err = rpmgcErr(gc,
"DSA gc->pkey",
211 gcry_sexp_build(&gc->pkey, NULL,
212 "(public-key (DSA (p %m) (q %m) (g %m) (y %m)))",
213 gc->p, gc->q, gc->g, gc->y) );
215 rpmgcDump(
"gc->pkey", gc->pkey);
218 err = rpmgcErr(gc,
"DSA verify",
219 gcry_pk_verify (gc->sig, gc->hash, gc->pkey) );
221 gcry_sexp_release(gc->pkey); gc->pkey = NULL;
222 gcry_sexp_release(gc->hash); gc->hash = NULL;
223 gcry_sexp_release(gc->sig); gc->sig = NULL;
227 return (err ? 0 : 1);
247 int rpmgcVerifyECDSA(
pgpDig dig)
257 int rpmgcMpiItem(
const char * pre,
pgpDig dig,
int itemno,
263 rpmgc gc = dig->impl;
265 const char * mpiname =
"";
266 gcry_mpi_t * mpip = NULL;
276 mpiname =
"RSA m**d"; mpip = &gc->c;
279 mpiname =
"DSA r"; mpip = &gc->r;
282 mpiname =
"DSA s"; mpip = &gc->s;
285 mpiname =
"RSA n"; mpip = &gc->n;
288 mpiname =
"RSA e"; mpip = &gc->e;
291 mpiname =
"DSA p"; mpip = &gc->p;
294 mpiname =
"DSA q"; mpip = &gc->q;
297 mpiname =
"DSA g"; mpip = &gc->g;
300 mpiname =
"DSA y"; mpip = &gc->y;
305 err = rpmgcErr(gc, mpiname,
306 gcry_mpi_scan(mpip, GCRYMPI_FMT_PGP, p, nb, &nscan) );
310 {
size_t nbits = gcry_mpi_get_nbits(*mpip);
311 unsigned char * hex = NULL;
313 err = rpmgcErr(gc,
"MPI print",
314 gcry_mpi_aprint(GCRYMPI_FMT_HEX, &hex, &nhex, *mpip) );
315 fprintf(stderr,
"*** %s\t%5d:%s\n", mpiname, (
int)nbits, hex);
325 void rpmgcClean(
void * impl)
332 gcry_sexp_release(gc->sig);
336 gcry_sexp_release(gc->hash);
340 gcry_sexp_release(gc->pkey);
344 gcry_mpi_release(gc->r);
348 gcry_mpi_release(gc->s);
352 gcry_mpi_release(gc->n);
356 gcry_mpi_release(gc->e);
360 gcry_mpi_release(gc->c);
364 gcry_mpi_release(gc->p);
368 gcry_mpi_release(gc->q);
372 gcry_mpi_release(gc->g);
376 gcry_mpi_release(gc->y);
385 static int rpmgc_initialized;
388 void * rpmgcFree(
void * impl)
396 if (--rpmgc_initialized == 0 &&
_pgp_debug < 0) {
398 err = rpmgcErr(gc,
"CLEAR_DEBUG_FLAGS",
399 gcry_control(GCRYCTL_CLEAR_DEBUG_FLAGS, 3));
400 err = rpmgcErr(gc,
"SET_VERBOSITY",
401 gcry_control(GCRYCTL_SET_VERBOSITY, 0) );
410 void * rpmgcInit(
void)
416 if (rpmgc_initialized++ == 0 &&
_pgp_debug < 0) {
418 err = rpmgcErr(gc,
"SET_VERBOSITY",
419 gcry_control(GCRYCTL_SET_VERBOSITY, 3) );
420 err = rpmgcErr(gc,
"SET_DEBUG_FLAGS",
421 gcry_control(GCRYCTL_SET_DEBUG_FLAGS, 3) );
428 rpmgcSetRSA, rpmgcVerifyRSA,
429 rpmgcSetDSA, rpmgcVerifyDSA,
430 rpmgcSetECDSA, rpmgcVerifyECDSA,
431 rpmgcMpiItem, rpmgcClean,