[prev in list] [next in list] [prev in thread] [next in thread]
List: gnupg-commit-watchers
Subject: [gnutls-commits] CVS opencdk/src
From: "CVS User twoaday" <twoaday () gnutls ! org>
Date: 2007-04-24 18:46:03
Message-ID: E1HgQ1b-0005eD-7j () trithemius ! gnupg ! org
[Download RAW message or body]
Update of /cvs/gnutls/opencdk/src
In directory trithemius:/tmp/cvs-serv21562
Modified Files:
context.h kbnode.c keydb.c main.h read-packet.c stream.c
write-packet.c
Log Message:
more cleanups and bug fix to support 16384 bit sigs.
--- /cvs/gnutls/opencdk/src/context.h 2007/04/22 15:05:14 1.48
+++ /cvs/gnutls/opencdk/src/context.h 2007/04/24 18:46:02 1.49
@@ -93,12 +93,6 @@
byte d[1];
};
-struct key_idx_s {
- off_t offset;
- u32 keyid[2];
- byte fpr[KEY_FPR_LEN];
-};
-
struct cdk_dbsearch_s {
union {
--- /cvs/gnutls/opencdk/src/kbnode.c 2007/04/22 20:07:49 1.48
+++ /cvs/gnutls/opencdk/src/kbnode.c 2007/04/24 18:46:02 1.49
@@ -396,7 +396,7 @@
cdk_stream_t inp;
cdk_error_t rc;
- if (!buflen || !ret_node)
+ if (!buflen || !ret_node || !buf)
return CDK_Inv_Value;
*ret_node = NULL;
@@ -439,13 +439,13 @@
for (n = node; n; n = n->next)
{
/* Skip all packets which cannot occur in a key composition. */
- if (n->pkt->pkttype != CDK_PKT_PUBLIC_KEY
- && n->pkt->pkttype != CDK_PKT_PUBLIC_SUBKEY
- && n->pkt->pkttype != CDK_PKT_SECRET_KEY
- && n->pkt->pkttype != CDK_PKT_SECRET_SUBKEY
- && n->pkt->pkttype != CDK_PKT_SIGNATURE
- && n->pkt->pkttype != CDK_PKT_USER_ID
- && n->pkt->pkttype != CDK_PKT_ATTRIBUTE)
+ if (n->pkt->pkttype != CDK_PKT_PUBLIC_KEY &&
+ n->pkt->pkttype != CDK_PKT_PUBLIC_SUBKEY &&
+ n->pkt->pkttype != CDK_PKT_SECRET_KEY &&
+ n->pkt->pkttype != CDK_PKT_SECRET_SUBKEY &&
+ n->pkt->pkttype != CDK_PKT_SIGNATURE &&
+ n->pkt->pkttype != CDK_PKT_USER_ID &&
+ n->pkt->pkttype != CDK_PKT_ATTRIBUTE)
continue;
rc = cdk_pkt_write (s, n->pkt);
if (rc)
@@ -460,7 +460,7 @@
*r_buf = cdk_calloc (1, len);
*r_buflen = cdk_stream_read (s, *r_buf, len);
cdk_stream_close (s);
- return rc;
+ return 0;
}
@@ -483,7 +483,6 @@
size_t len;
cdk_error_t rc;
- /* FIXME: Mark the function as deprecated!. */
if (!node)
return CDK_Inv_Value;
@@ -494,13 +493,13 @@
for (n = node; n; n = n->next)
{
/* Skip all packets which cannot occur in a key composition. */
- if (n->pkt->pkttype != CDK_PKT_PUBLIC_KEY
- && n->pkt->pkttype != CDK_PKT_PUBLIC_SUBKEY
- && n->pkt->pkttype != CDK_PKT_SECRET_KEY
- && n->pkt->pkttype != CDK_PKT_SECRET_SUBKEY
- && n->pkt->pkttype != CDK_PKT_SIGNATURE
- && n->pkt->pkttype != CDK_PKT_USER_ID
- && n->pkt->pkttype != CDK_PKT_ATTRIBUTE)
+ if (n->pkt->pkttype != CDK_PKT_PUBLIC_KEY &&
+ n->pkt->pkttype != CDK_PKT_PUBLIC_SUBKEY &&
+ n->pkt->pkttype != CDK_PKT_SECRET_KEY &&
+ n->pkt->pkttype != CDK_PKT_SECRET_SUBKEY &&
+ n->pkt->pkttype != CDK_PKT_SIGNATURE &&
+ n->pkt->pkttype != CDK_PKT_USER_ID &&
+ n->pkt->pkttype != CDK_PKT_ATTRIBUTE)
continue;
rc = cdk_pkt_write (s, n->pkt);
if (rc)
@@ -514,10 +513,8 @@
len = cdk_stream_get_length (s);
if (!buf)
{
- *r_nbytes = len; /* only return the length of the buffer */
+ *r_nbytes = len; /* Only return the length of the buffer */
cdk_stream_close (s);
- /* FIXME: A patch from the nmav-0-5-x has set the return
- to CDK_Too_Short which is clerly wrong! */
return 0;
}
if (*r_nbytes < len)
--- /cvs/gnutls/opencdk/src/keydb.c 2007/04/22 18:42:24 1.145
+++ /cvs/gnutls/opencdk/src/keydb.c 2007/04/24 18:46:02 1.146
@@ -34,6 +34,13 @@
#define KEYDB_CACHE_ENTRIES 8
typedef struct key_table_s *key_table_t;
+
+struct key_idx_s
+{
+ off_t offset;
+ u32 keyid[2];
+ byte fpr[KEY_FPR_LEN];
+};
typedef struct key_idx_s *key_idx_t;
@@ -47,12 +54,13 @@
static char*
keydb_idx_mkname (const char *file)
{
- char *fname;
+ char *fname, *fmt;
- fname = cdk_calloc (1, strlen (file) + 4 + 1);
+ fmt = "%s.idx";
+ fname = cdk_calloc (1, strlen (file) + strlen (fmt) + 1);
if (!fname)
return NULL;
- sprintf (fname, "%s.idx", file);
+ sprintf (fname, fmt, file);
return fname;
}
@@ -63,7 +71,7 @@
--------
4 octets offset of the packet
8 octets keyid
- KEY_FPR_LEN (=20) octets fingerprint
+ 20 octets fingerprint
--------
We store the keyid and the fingerprint due to the fact we can't get
the keyid from a v3 fingerprint directly.
@@ -73,9 +81,8 @@
{
cdk_packet_t pkt;
cdk_stream_t inp, out = NULL;
- byte buf[8], fpr[KEY_FPR_LEN];
- char *fname;
- off_t pos;
+ byte buf[4+8+KEY_FPR_LEN];
+ char *idx_name;
u32 keyid[2];
cdk_error_t rc;
@@ -86,43 +93,47 @@
if (rc)
return rc;
- fname = keydb_idx_mkname (file);
- if (!fname)
+ idx_name = keydb_idx_mkname (file);
+ if (!idx_name)
{
cdk_stream_close (inp);
return CDK_Out_Of_Core;
}
- rc = cdk_stream_create (fname, &out);
- cdk_free (fname);
+ rc = cdk_stream_create (idx_name, &out);
+ cdk_free (idx_name);
if (rc)
goto leave;
-
+
cdk_pkt_new (&pkt);
while (!cdk_stream_eof (inp))
{
- pos = cdk_stream_tell (inp);
+ off_t pos = cdk_stream_tell (inp);
+
rc = cdk_pkt_read (inp, pkt);
if (rc)
- break;
+ {
+ _cdk_log_debug ("index build failed packet off=%lu\n", pos);
+ /* FIXME: The index is incomplete */
+ break;
+ }
if (pkt->pkttype == CDK_PKT_PUBLIC_KEY ||
pkt->pkttype == CDK_PKT_PUBLIC_SUBKEY)
{
_cdk_u32tobuf (pos, buf);
- cdk_stream_write (out, buf, 4);
cdk_pk_get_keyid (pkt->pkt.public_key, keyid);
- _cdk_u32tobuf (keyid[0], buf + 0);
- _cdk_u32tobuf (keyid[1], buf + 4);
- cdk_stream_write (out, buf, 8);
- cdk_pk_get_fingerprint (pkt->pkt.public_key, fpr);
- cdk_stream_write (out, fpr, KEY_FPR_LEN);
+ _cdk_u32tobuf (keyid[0], buf + 4);
+ _cdk_u32tobuf (keyid[1], buf + 8);
+ cdk_pk_get_fingerprint (pkt->pkt.public_key, buf+12);
+ cdk_stream_write (out, buf, 4+8+KEY_FPR_LEN);
}
cdk_pkt_free (pkt);
}
-
+
+ cdk_pkt_release (pkt);
+
leave:
cdk_stream_close (out);
cdk_stream_close (inp);
- cdk_pkt_release (pkt);
return rc;
}
@@ -176,9 +187,8 @@
{
key_idx_t idx;
byte buf[4];
- int i;
- if( !inp || !r_idx )
+ if (!inp || !r_idx)
return CDK_Inv_Value;
idx = cdk_calloc (1, sizeof *idx);
@@ -187,8 +197,7 @@
while (!cdk_stream_eof (inp))
{
- i = cdk_stream_read (inp, buf, 4);
- if (i == CDK_EOF)
+ if (cdk_stream_read (inp, buf, 4) == CDK_EOF)
break;
idx->offset = _cdk_buftou32 (buf);
cdk_stream_read (inp, buf, 4);
@@ -204,8 +213,7 @@
static int
-keydb_idx_search (cdk_stream_t inp, u32 *keyid,
- const byte *fpr, off_t *r_off)
+keydb_idx_search (cdk_stream_t inp, u32 *keyid, const byte *fpr, off_t *r_off)
{
key_idx_t idx;
@@ -214,6 +222,9 @@
if ((keyid && fpr) || (!keyid && !fpr))
return CDK_Inv_Mode;
+ /* We need an initialize the offset var with a value
+ because it might be possible the returned offset will
+ be 0 and then we cannot differ between the begin and an EOF. */
*r_off = 0xFFFFFFFF;
cdk_stream_seek (inp, 0);
while (keydb_idx_parse (inp, &idx) != CDK_EOF)
@@ -449,7 +460,7 @@
/* This is no real error, it just means we can't create
the index at the given directory. maybe we've no write
access. in this case, we simply disable the index. */
- _cdk_log_debug ("disable key index table\n");
+ _cdk_log_debug ("disable key index table err=%d\n", rc);
rc = 0;
hd->no_cache = 1;
}
@@ -837,43 +848,45 @@
int *r_cache_hit, off_t *r_off)
{
key_table_t c;
- off_t off;
- int cache_hit;
if (!hd || !r_cache_hit || !r_off)
return CDK_Inv_Value;
- /* Reset */
- off = 0;
- cache_hit = 0;
+ /* Reset the values. */
+ *r_cache_hit = 0;
+ *r_off = 0;
c = keydb_cache_find (hd->cache, ks);
if (c != NULL)
{
_cdk_log_debug ("Cache: found entry in cache.\n");
- cache_hit = 1;
- off = c->offset;
+ *r_cache_hit = 1;
+ *r_off = c->offset;
+ return 0;
}
- if (hd->idx && !c)
+ /* No index cache available so we just return here. */
+ if (!hd->idx)
+ return 0;
+
+ if (hd->idx)
{
if (ks->type == CDK_DBSEARCH_KEYID)
{
- if (keydb_idx_search (hd->idx, ks->u.keyid, NULL, &off))
+ if (keydb_idx_search (hd->idx, ks->u.keyid, NULL, r_off))
return CDK_Error_No_Key;
_cdk_log_debug ("Cache: found keyid entry in idx table.\n");
- cache_hit = 1;
+ *r_cache_hit = 1;
}
else if (ks->type == CDK_DBSEARCH_FPR)
{
- if (keydb_idx_search (hd->idx, NULL, ks->u.fpr, &off))
+ if (keydb_idx_search (hd->idx, NULL, ks->u.fpr, r_off))
return CDK_Error_No_Key;
_cdk_log_debug ("Cache: found fpr entry in idx table.\n");
- cache_hit = 1;
+ *r_cache_hit = 1;
}
}
- *r_off = off;
- *r_cache_hit = cache_hit;
+
return 0;
}
@@ -907,12 +920,15 @@
return rc;
if (!hd->no_cache)
- {
- /* FIXME: pubkey offset seems wrong */
+ {
+ /* It is possible the index is not up-to-date and thus we do
+ not find the requesed key. In this case, we reset cache hit
+ and continue our normal search procedure. */
rc = keydb_pos_from_cache (hd, hd->dbs, &cache_hit, &off);
if (rc)
- return rc;
+ cache_hit = 0;
}
+
ks = hd->dbs;
while (!key_found && !rc)
{
--- /cvs/gnutls/opencdk/src/main.h 2007/04/22 19:00:11 1.125
+++ /cvs/gnutls/opencdk/src/main.h 2007/04/24 18:46:02 1.126
@@ -34,7 +34,7 @@
#include "context.h"
/* The maximal amount of bits a multi precsion integer can have. */
-#define MAX_MPI_BITS 8192
+#define MAX_MPI_BITS 16384
#define MAX_MPI_BYTES (MAX_MPI_BITS/8)
@@ -42,11 +42,14 @@
that SHA-512 is used and increase the buffer size of the digest. */
#define MAX_DIGEST_LEN 64
+/* Helper to find out if the signature were made over a user ID
+ or if the signature revokes a previous user ID. */
#define IS_UID_SIG(s) (((s)->sig_class & ~3) == 0x10)
#define IS_UID_REV(s) ((s)->sig_class == 0x30)
#define DEBUG_PKT (_cdk_get_log_level () == (CDK_LOG_DEBUG+1))
+/* Helper to find out if a key has the requested capability. */
#define KEY_CAN_ENCRYPT(a) (_cdk_pk_algo_usage ((a)) & CDK_KEY_USG_ENCR)
#define KEY_CAN_SIGN(a) (_cdk_pk_algo_usage ((a)) & CDK_KEY_USG_SIGN)
#define KEY_CAN_AUTH(a) (_cdk_pk_algo_usage ((a)) & CDK_KEY_USG_AUTH)
@@ -72,9 +75,10 @@
char * _cdk_passphrase_get (cdk_ctx_t hd, const char *prompt);
/*-- misc.c --*/
+int _cdk_check_args( int overwrite, const char * in, const char * out );
u32 _cdk_buftou32 (const byte * buf);
-void _cdk_u32tobuf( u32 u, byte * buf );
-const char * _cdk_memistr( const char * buf, size_t buflen, const char * sub );
+void _cdk_u32tobuf (u32 u, byte * buf);
+const char *_cdk_memistr (const char * buf, size_t buflen, const char * sub);
cdk_error_t map_gcry_error (gcry_error_t err);
/* Helper to provide case insentensive strstr version. */
@@ -103,7 +107,7 @@
int _cdk_sig_check (cdk_pkt_pubkey_t pk, cdk_pkt_signature_t sig,
gcry_md_hd_t digest, int * r_expired);
cdk_error_t _cdk_hash_sig_data (cdk_pkt_signature_t sig, gcry_md_hd_t hd);
-void _cdk_hash_userid( cdk_pkt_userid_t uid, int sig_version, gcry_md_hd_t md);
+void _cdk_hash_userid (cdk_pkt_userid_t uid, int sig_version, gcry_md_hd_t md);
int _cdk_hash_pubkey (cdk_pkt_pubkey_t pk, gcry_md_hd_t md, int use_fpr);
cdk_error_t _cdk_pk_check_sig (cdk_keydb_hd_t hd,
cdk_kbnode_t knode,
@@ -114,17 +118,17 @@
void _cdk_kbnode_clone (cdk_kbnode_t node);
/*-- sesskey.c --*/
-int _cdk_digest_encode_pkcs1( byte ** r_md, size_t * r_mdlen, int pk_algo,
+int _cdk_digest_encode_pkcs1 (byte ** r_md, size_t * r_mdlen, int pk_algo,
const byte * md,
- int digest_algo, unsigned nbits );
-int _cdk_sk_unprotect_auto( cdk_ctx_t hd, cdk_pkt_seckey_t sk );
+ int digest_algo, unsigned nbits);
+int _cdk_sk_unprotect_auto (cdk_ctx_t hd, cdk_pkt_seckey_t sk);
/*-- keydb.c --*/
-int _cdk_keydb_get_pk_byusage( cdk_keydb_hd_t hd, const char * name,
- cdk_pkt_pubkey_t * ret_pk, int usage );
-int _cdk_keydb_get_sk_byusage( cdk_keydb_hd_t hd, const char * name,
- cdk_pkt_seckey_t * ret_sk, int usage );
-int _cdk_keydb_check_userid( cdk_keydb_hd_t hd, u32 * keyid, const char * id );
+int _cdk_keydb_get_pk_byusage (cdk_keydb_hd_t hd, const char * name,
+ cdk_pkt_pubkey_t * ret_pk, int usage);
+int _cdk_keydb_get_sk_byusage (cdk_keydb_hd_t hd, const char * name,
+ cdk_pkt_seckey_t * ret_sk, int usage);
+int _cdk_keydb_check_userid (cdk_keydb_hd_t hd, u32 * keyid, const char * id);
/*-- sign.c --*/
int _cdk_sig_create( cdk_pkt_pubkey_t pk, cdk_pkt_signature_t sig );
@@ -153,8 +157,6 @@
void _cdk_result_verify_free (cdk_verify_result_t res);
cdk_verify_result_t _cdk_result_verify_new (void);
-/*-- encrypt.c --*/
-int _cdk_check_args( int overwrite, const char * in, const char * out );
/*-- read-packet.c --*/
size_t _cdk_pkt_read_len (FILE * inp, size_t *ret_partial);
--- /cvs/gnutls/opencdk/src/read-packet.c 2007/04/22 20:07:49 1.102
+++ /cvs/gnutls/opencdk/src/read-packet.c 2007/04/24 18:46:02 1.103
@@ -114,7 +114,7 @@
static cdk_error_t
-read_mpi (cdk_stream_t inp, gcry_mpi_t * ret_m, int secure)
+read_mpi (cdk_stream_t inp, gcry_mpi_t *ret_m, int secure)
{
gcry_mpi_t m;
byte buf[MAX_MPI_BYTES+2];
@@ -126,17 +126,24 @@
return CDK_Inv_Value;
if (DEBUG_PKT)
- _cdk_log_debug ("** read MPI part\n");
+ _cdk_log_debug ("read_mpi:\n");
*ret_m = NULL;
nbits = read_16 (inp);
nread = (nbits+7)/8;
+
if (nbits > MAX_MPI_BITS || nbits == 0)
- return CDK_MPI_Error; /* Sanity check */
+ {
+ _cdk_log_debug ("too large %d bits\n", nbits);
+ return CDK_MPI_Error; /* Sanity check */
+ }
rc = stream_read (inp, buf+2, nread, &nread);
if (!rc && nread != ((nbits+7)/8))
- return CDK_MPI_Error;
+ {
+ _cdk_log_debug ("too short %d < %d\n", nread, (nbits+7)/8);
+ return CDK_MPI_Error;
+ }
buf[0] = nbits >> 8;
buf[1] = nbits >> 0;
@@ -604,7 +611,7 @@
return CDK_Inv_Packet;
if (DEBUG_PKT)
- _cdk_log_debug ("** read user ID packet\n");
+ _cdk_log_debug ("read_user_id packet: %lu octets\n", pktlen);
user_id->len = pktlen;
rc = stream_read (inp, user_id->name, pktlen, &nread);
--- /cvs/gnutls/opencdk/src/stream.c 2007/04/22 15:27:17 1.81
+++ /cvs/gnutls/opencdk/src/stream.c 2007/04/24 18:46:02 1.82
@@ -40,6 +40,11 @@
static int stream_cache_flush (cdk_stream_t s, FILE *fp);
+/* FIXME: The read/write/putc/getc function cannot directly
+ return an error code. It is stored in an error variable
+ inside the string. Right now there is no code to
+ return the error code or to reset it. */
+
/**
* cdk_stream_open:
* @file: The file to open
@@ -251,7 +256,7 @@
if (nwritten == EOF)
{
cdk_stream_close (s);
- return CDK_File_Error;
+ return s->error;
}
cdk_stream_seek (s, 0);
*r_out = s;
@@ -801,23 +806,29 @@
* need to add the filters in reserved order.
**/
int
-cdk_stream_read (cdk_stream_t s, void * buf, size_t count)
+cdk_stream_read (cdk_stream_t s, void *buf, size_t buflen)
{
int nread;
int rc;
if (!s)
- return EOF;
+ {
+ s->error = CDK_Inv_Value;
+ return EOF;
+ }
if (s->cbs_hd)
{
if (s->cbs.read)
- return s->cbs.read (s->cbs_hd, buf, count);
+ return s->cbs.read (s->cbs_hd, buf, buflen);
return 0;
}
if (s->flags.write && !s->flags.temp)
- return EOF; /* this is a write stream */
+ {
+ s->error = CDK_Inv_Mode;
+ return EOF; /* This is a write stream */
+ }
if (!s->flags.no_filter && !s->cache.on && !s->flags.filtrated)
{
@@ -831,13 +842,16 @@
}
s->flags.filtrated = 1;
}
- if (!buf && !count)
+ if (!buf && !buflen)
return 0;
- nread = fread (buf, 1, count, s->fp);
+ nread = fread (buf, 1, buflen, s->fp);
if (!nread)
nread = EOF;
if (feof (s->fp))
- s->flags.eof = 1;
+ {
+ s->error = 0;
+ s->flags.eof = 1;
+ }
return nread;
}
@@ -849,7 +863,10 @@
int nread;
if (!s)
- return EOF;
+ {
+ s->error = CDK_Inv_Value;
+ return EOF;
+ }
nread = cdk_stream_read (s, buf, 1);
if (nread == EOF)
{
@@ -876,7 +893,10 @@
int nwritten;
if (!s)
- return EOF;
+ {
+ s->error = CDK_Inv_Value;
+ return EOF;
+ }
if (s->cbs_hd)
{
@@ -917,7 +937,10 @@
int nwritten;
if (!s)
- return EOF;
+ {
+ s->error = CDK_Inv_Value;
+ return EOF;
+ }
buf[0] = c;
nwritten = cdk_stream_write (s, buf, 1);
if (nwritten == EOF)
@@ -1149,7 +1172,7 @@
{ /* In case of errors, we leave the loop. */
rc = inp->error;
break;
- }
+ }
}
wipemem (buf, sizeof (buf));
--- /cvs/gnutls/opencdk/src/write-packet.c 2007/04/22 20:07:49 1.90
+++ /cvs/gnutls/opencdk/src/write-packet.c 2007/04/24 18:46:02 1.91
@@ -14,7 +14,7 @@
* GNU General Public License for more details.
*/
#ifdef HAVE_CONFIG_H
-# include <config.h>
+#include <config.h>
#endif
#include <string.h>
#include <stdio.h>
@@ -44,7 +44,7 @@
return CDK_Inv_Value;
nread = cdk_stream_read (s, buf, buflen);
if (nread == EOF)
- return CDK_File_Error;
+ return _cdk_stream_get_errno (s);
*r_nread = nread;
return 0;
}
@@ -55,7 +55,7 @@
{
int nwritten = cdk_stream_putc (s, c);
if (nwritten == EOF)
- return CDK_File_Error;
+ return _cdk_stream_get_errno (s);
return 0;
}
_______________________________________________
Gnutls-commits mailing list
Gnutls-commits@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnutls-commits
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic