[svn] GnuPG - r4656 - in trunk: . common doc doc/examples sm
svn author wk
cvs at cvs.gnupg.org
Thu Dec 13 16:45:43 CET 2007
Author: wk
Date: 2007-12-13 16:45:40 +0100 (Thu, 13 Dec 2007)
New Revision: 4656
Added:
trunk/common/t-sexputil.c
Modified:
trunk/NEWS
trunk/common/ChangeLog
trunk/common/Makefile.am
trunk/common/sexp-parse.h
trunk/common/sexputil.c
trunk/common/util.h
trunk/doc/ChangeLog
trunk/doc/debugging.texi
trunk/doc/examples/trustlist.txt
trunk/doc/gpg.texi
trunk/doc/gpgsm.texi
trunk/doc/qualified.txt
trunk/doc/specify-user-id.texi
trunk/sm/ChangeLog
trunk/sm/gpgsm.c
trunk/sm/gpgsm.h
trunk/sm/sign.c
trunk/sm/verify.c
Log:
Allow verification of some broken S-TRUST generated signatures.
Modified: trunk/NEWS
===================================================================
--- trunk/NEWS 2007-12-12 18:55:52 UTC (rev 4655)
+++ trunk/NEWS 2007-12-13 15:45:40 UTC (rev 4656)
@@ -23,7 +23,10 @@
* Creating DSA2 keys is now possible.
+ * New option --extra-digest-algo for gpgsm to allow verification of
+ broken signatures.
+
Noteworthy changes in version 2.0.7 (2007-09-10)
------------------------------------------------
Modified: trunk/common/ChangeLog
===================================================================
--- trunk/common/ChangeLog 2007-12-12 18:55:52 UTC (rev 4655)
+++ trunk/common/ChangeLog 2007-12-13 15:45:40 UTC (rev 4656)
@@ -1,3 +1,9 @@
+2007-12-13 Werner Koch <wk at g10code.com>
+
+ * sexputil.c (hash_algo_from_sigval): New.
+ * t-sexputil.c: New.
+ * Makefile.am (module_tests): Add it.
+
2007-12-11 Werner Koch <wk at g10code.com>
* asshelp.c (send_pinentry_environment): Allow using of old
@@ -1126,7 +1132,8 @@
(atoi_1,atoi_2,atoi_4,xtoi_1,xtoi_2): New.
- Copyright 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc.
+ Copyright 2001, 2002, 2003, 2004, 2005, 2006,
+ 2007 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
Modified: trunk/common/Makefile.am
===================================================================
--- trunk/common/Makefile.am 2007-12-12 18:55:52 UTC (rev 4655)
+++ trunk/common/Makefile.am 2007-12-13 15:45:40 UTC (rev 4656)
@@ -107,7 +107,7 @@
#
# Module tests
#
-module_tests = t-convert t-gettime t-sysutils
+module_tests = t-convert t-gettime t-sysutils t-sexputil
module_maint_tests = t-helpfile
t_common_ldadd = libcommon.a ../jnlib/libjnlib.a ../gl/libgnu.a \
@@ -117,5 +117,5 @@
t_gettime_LDADD = $(t_common_ldadd)
t_sysutils_LDADD = $(t_common_ldadd)
t_helpfile_LDADD = $(t_common_ldadd)
+t_sexputil_LDADD = $(t_common_ldadd)
-
Modified: trunk/common/sexp-parse.h
===================================================================
--- trunk/common/sexp-parse.h 2007-12-12 18:55:52 UTC (rev 4655)
+++ trunk/common/sexp-parse.h 2007-12-13 15:45:40 UTC (rev 4656)
@@ -44,7 +44,7 @@
lists and may be passed as a positive number to skip over the
remainder of an S-Expression if the current position is somewhere
in an S-Expression. The function may return an error code if it
- encounters an impossible conditions */
+ encounters an impossible condition. */
static inline gpg_error_t
sskip (unsigned char const **buf, int *depth)
{
Modified: trunk/common/sexputil.c
===================================================================
--- trunk/common/sexputil.c 2007-12-12 18:55:52 UTC (rev 4655)
+++ trunk/common/sexputil.c 2007-12-13 15:45:40 UTC (rev 4656)
@@ -1,5 +1,5 @@
/* sexputil.c - Utility functions for S-expressions.
- * Copyright (C) 2005 Free Software Foundation, Inc.
+ * Copyright (C) 2005, 2007 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -40,8 +40,8 @@
KEY is expected to be an canonical encoded S-expression with a
public or private key. KEYLEN is the length of that buffer.
- GRIP must be at least 20 bytes long On success 0 is return, on
- error an aerror code. */
+ GRIP must be at least 20 bytes long. On success 0 is returned, on
+ error an error code. */
gpg_error_t
keygrip_from_canon_sexp (const unsigned char *key, size_t keylen,
unsigned char *grip)
@@ -143,3 +143,49 @@
return buf;
}
+
+
+/* Return the hash algorithm from a KSBA sig-val. SIGVAL is a
+ canonical encoded S-expression. Return 0 if the hash algorithm is
+ not encoded in SIG-VAL or it is not supported by libgcrypt. */
+int
+hash_algo_from_sigval (const unsigned char *sigval)
+{
+ const unsigned char *s = sigval;
+ size_t n;
+ int depth;
+ char buffer[50];
+
+ if (!s || *s != '(')
+ return 0; /* Invalid S-expression. */
+ s++;
+ n = snext (&s);
+ if (!n)
+ return 0; /* Invalid S-expression. */
+ if (!smatch (&s, n, "sig-val"))
+ return 0; /* Not a sig-val. */
+ if (*s != '(')
+ return 0; /* Invalid S-expression. */
+ s++;
+ /* Skip over the algo+parameter list. */
+ depth = 1;
+ if (sskip (&s, &depth) || depth)
+ return 0; /* Invalid S-expression. */
+ if (*s != '(')
+ return 0; /* No futher list. */
+ /* Check whether this is (hash ALGO). */
+ s++;
+ n = snext (&s);
+ if (!n)
+ return 0; /* Invalid S-expression. */
+ if (!smatch (&s, n, "hash"))
+ return 0; /* Not a "hash" keyword. */
+ n = snext (&s);
+ if (!n || n+1 >= sizeof (buffer))
+ return 0; /* Algorithm string is missing or too long. */
+ memcpy (buffer, s, n);
+ buffer[n] = 0;
+
+ return gcry_md_map_name (buffer);
+}
+
Added: trunk/common/t-sexputil.c
===================================================================
--- trunk/common/t-sexputil.c 2007-12-12 18:55:52 UTC (rev 4655)
+++ trunk/common/t-sexputil.c 2007-12-13 15:45:40 UTC (rev 4656)
@@ -0,0 +1,82 @@
+/* t-sexputil.c - Module test for sexputil.c
+ * Copyright (C) 2007 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+#include "util.h"
+
+#define pass() do { ; } while(0)
+#define fail(a) do { fprintf (stderr, "%s:%d: test %d failed\n",\
+ __FILE__,__LINE__, (a)); \
+ exit (1); \
+ } while(0)
+
+
+static void
+test_hash_algo_from_sigval (void)
+{
+ int algo;
+ /* A real world example. */
+ unsigned char example1_rsa_sha1[] =
+ ("\x28\x37\x3A\x73\x69\x67\x2D\x76\x61\x6C\x28\x33\x3A\x72\x73\x61"
+ "\x28\x31\x3A\x73\x31\x32\x38\x3A\x17\xD2\xE9\x5F\xB4\x24\xD4\x1E"
+ "\x8C\xEE\x94\xDA\x41\x42\x1F\x26\x5E\xF4\x6D\xEC\x5B\xBD\x5B\x89"
+ "\x7A\x69\x11\x43\xE9\xD2\x23\x21\x25\x64\xA6\xB0\x56\xEF\xB4\xE9"
+ "\x06\xB2\x44\xF6\x80\x1E\xFF\x41\x23\xEB\xC9\xFA\xFD\x09\xBF\x9C"
+ "\x8E\xCF\x7F\xC3\x7F\x3A\x40\x48\x89\xDC\xBA\xB7\xDB\x9E\xF1\xBA"
+ "\x7C\x08\xEA\x74\x1D\x49\xE7\x65\xEF\x67\x79\xBC\x23\xD9\x49\xCD"
+ "\x05\x99\xD3\xD8\xB7\x7B\xC7\x0E\xF2\xB3\x01\x48\x0F\xC8\xEB\x05"
+ "\x7B\xFB\x61\xCC\x41\x04\x74\x6D\x33\x84\xB1\xE6\x6A\xD8\x0F\xBC"
+ "\x27\xAC\x43\x45\xFA\x04\xD1\x22\x29\x29\x28\x34\x3A\x68\x61\x73"
+ "\x68\x34\x3A\x73\x68\x61\x31\x29\x29");
+ /* The same but without the hash algo. */
+ unsigned char example1_rsa[] =
+ ("\x28\x37\x3A\x73\x69\x67\x2D\x76\x61\x6C\x28\x33\x3A\x72\x73\x61"
+ "\x28\x31\x3A\x73\x31\x32\x38\x3A\x17\xD2\xE9\x5F\xB4\x24\xD4\x1E"
+ "\x8C\xEE\x94\xDA\x41\x42\x1F\x26\x5E\xF4\x6D\xEC\x5B\xBD\x5B\x89"
+ "\x7A\x69\x11\x43\xE9\xD2\x23\x21\x25\x64\xA6\xB0\x56\xEF\xB4\xE9"
+ "\x06\xB2\x44\xF6\x80\x1E\xFF\x41\x23\xEB\xC9\xFA\xFD\x09\xBF\x9C"
+ "\x8E\xCF\x7F\xC3\x7F\x3A\x40\x48\x89\xDC\xBA\xB7\xDB\x9E\xF1\xBA"
+ "\x7C\x08\xEA\x74\x1D\x49\xE7\x65\xEF\x67\x79\xBC\x23\xD9\x49\xCD"
+ "\x05\x99\xD3\xD8\xB7\x7B\xC7\x0E\xF2\xB3\x01\x48\x0F\xC8\xEB\x05"
+ "\x7B\xFB\x61\xCC\x41\x04\x74\x6D\x33\x84\xB1\xE6\x6A\xD8\x0F\xBC"
+ "\x27\xAC\x43\x45\xFA\x04\xD1\x22\x29\x29\x29");
+
+ algo = hash_algo_from_sigval (example1_rsa_sha1);
+ if (algo != GCRY_MD_SHA1)
+ fail (0);
+ algo = hash_algo_from_sigval (example1_rsa);
+ if (algo)
+ fail (0);
+}
+
+
+
+
+int
+main (int argc, char **argv)
+{
+
+ test_hash_algo_from_sigval ();
+
+ return 0;
+}
+
Modified: trunk/common/util.h
===================================================================
--- trunk/common/util.h 2007-12-12 18:55:52 UTC (rev 4655)
+++ trunk/common/util.h 2007-12-13 15:45:40 UTC (rev 4656)
@@ -164,6 +164,7 @@
int cmp_simple_canon_sexp (const unsigned char *a, const unsigned char *b);
unsigned char *make_simple_sexp_from_hexstr (const char *line,
size_t *nscanned);
+int hash_algo_from_sigval (const unsigned char *sigval);
/*-- convert.c --*/
int hex2bin (const char *string, void *buffer, size_t length);
Modified: trunk/doc/ChangeLog
===================================================================
--- trunk/doc/ChangeLog 2007-12-12 18:55:52 UTC (rev 4655)
+++ trunk/doc/ChangeLog 2007-12-13 15:45:40 UTC (rev 4656)
@@ -1,3 +1,14 @@
+2007-12-13 Werner Koch <wk at g10code.com>
+
+ * qualified.txt: Add 2 root certs from S-Trust for 2008-2012.
+ * examples/trustlist.txt: Ditto.
+
+ * gpgsm.texi (Esoteric Options): Document --extra-digest-algo.
+
+2007-12-12 Werner Koch <wk at g10code.com>
+
+ * gpg.texi: Typo fixes. From Christer Andersson.
+
2007-12-04 Werner Koch <wk at g10code.com>
* help.txt: New online help file.
Modified: trunk/doc/debugging.texi
===================================================================
--- trunk/doc/debugging.texi 2007-12-12 18:55:52 UTC (rev 4655)
+++ trunk/doc/debugging.texi 2007-12-13 15:45:40 UTC (rev 4656)
@@ -182,7 +182,12 @@
fingerprint and this flag may only be added manually to
@file{trustlist.txt}.
+ at item Error message: ``digest algorithm N has not been enabled''
+The signature is broken. You may try the option
+ at option{--extra-digest-algo SHA256} to workaround the problem. The
+number N is the internal algorighm indentifier; for example 8 refers to
+SHA-256.
@end itemize
Modified: trunk/doc/examples/trustlist.txt
===================================================================
--- trunk/doc/examples/trustlist.txt 2007-12-12 18:55:52 UTC (rev 4655)
+++ trunk/doc/examples/trustlist.txt 2007-12-13 15:45:40 UTC (rev 4656)
@@ -38,6 +38,17 @@
# Issuer: /CN=11R-CA 1:PN/O=Bundesnetzagentur/C=DE
A0:8B:DF:3B:AA:EE:3F:9D:64:6C:47:81:23:21:D4:A6:18:81:67:1D S
+# S/N: 00B3963E0E6C2D65125853E970665402E5
+# Issuer: /CN=S-TRUST Qualified Root CA 2008-001:PN
+# /O=Deutscher Sparkassen Verlag GmbH/L=Stuttgart/C=DE
+C9:2F:E6:50:DB:32:59:E0:CE:65:55:F3:8C:76:E0:B8:A8:FE:A3:CA S
+
+# S/N: 00C4216083F35C54F67B09A80C3C55FE7D
+# Issuer: /CN=S-TRUST Qualified Root CA 2008-002:PN
+# /O=Deutscher Sparkassen Verlag GmbH/L=Stuttgart/C=DE
+D5:C7:50:F2:FE:4E:EE:D7:C7:B1:E4:13:7B:FB:54:84:3A:7D:97:9B S
+
+
#Serial number: 00
# Issuer: /CN=CA Cert Signing Authority/OU=http:\x2f\x2fwww.
# cacert.org/O=Root CA/EMail=support at cacert.org
Modified: trunk/doc/gpg.texi
===================================================================
--- trunk/doc/gpg.texi 2007-12-12 18:55:52 UTC (rev 4655)
+++ trunk/doc/gpg.texi 2007-12-13 15:45:40 UTC (rev 4656)
@@ -113,7 +113,7 @@
@node GPG Commands
@section Commands
-Commands are not distinguished from options execpt for the fact that
+Commands are not distinguished from options except for the fact that
only one command is allowed.
@command{@gpgname} may be run with no commands, in which case it will
@@ -876,7 +876,7 @@
@node GPG Configuration Options
@subsection How to change the configuration
-These options are used to change the configuraton and are usually found
+These options are used to change the configuration and are usually found
in the option file.
@table @gnupgtabopt
@@ -2456,13 +2456,13 @@
@item --gpgconf-list
@opindex gpgconf-list
-This command is simliar to @option{--list-config} but in general only
+This command is similar to @option{--list-config} but in general only
internally used by the @command{gpgconf} tool.
@item --gpgconf-test
@opindex gpgconf-test
This is more or less dummy action. However it parses the configuration
-file and returns with failure if the configuraion file would prevent
+file and returns with failure if the configuration file would prevent
@command{gpg} from startup. Thus it may be used to run a syntax check
on the configuration file.
@@ -2560,7 +2560,7 @@
helper script is provided to create these files (@pxref{addgnupghome}).
@end ifclear
-For internal purposes @command{@gpgname} creates and maintaines a few other
+For internal purposes @command{@gpgname} creates and maintains a few other
files; They all live in in the current home directory (@pxref{option
--homedir}). Only the @command{@gpgname} may modify these files.
@@ -2686,7 +2686,7 @@
@include specify-user-id.texi
@end ifset
- at mansect return vaue
+ at mansect return value
@chapheading RETURN VALUE
The program returns 0 if everything was fine, 1 if at least
Modified: trunk/doc/gpgsm.texi
===================================================================
--- trunk/doc/gpgsm.texi 2007-12-12 18:55:52 UTC (rev 4655)
+++ trunk/doc/gpgsm.texi 2007-12-13 15:45:40 UTC (rev 4656)
@@ -569,6 +569,19 @@
@table @gnupgtabopt
+ at item --extra-digest-algo @var{name}
+ at opindex extra-digest-algo
+Sometimes signatures are broken in that they announce a different digest
+algorithm than actually used. @command{gpgsm} uses a one-pass data
+processing model and thus needs to rely on the announcde digest
+algorithms to properly hash the data. As a workaround this option may
+be used to tell gpg to also hash the data using the algorithm
+ at var{name}; this slows processing down a little bit but allows to verify
+such broken signatures. If @command{gpgsm} prints an error like
+``digest algo 8 has not been enabled'' you may want to try this option,
+with @samp{SHA256} for @var{name}.
+
+
@item --faked-system-time @var{epoch}
@opindex faked-system-time
This option is only useful for testing; it sets the system time back or
Modified: trunk/doc/qualified.txt
===================================================================
--- trunk/doc/qualified.txt 2007-12-12 18:55:52 UTC (rev 4655)
+++ trunk/doc/qualified.txt 2007-12-13 15:45:40 UTC (rev 4656)
@@ -180,8 +180,37 @@
7A:3C:1B:60:2E:BD:A4:A1:E0:EB:AD:7A:BA:4F:D1:43:69:A9:39:FC de
+# ID: 0xA8FEA3CA
+# S/N: 00B3963E0E6C2D65125853E970665402E5
+# Issuer: /CN=S-TRUST Qualified Root CA 2008-001:PN
+# /O=Deutscher Sparkassen Verlag GmbH/L=Stuttgart/C=DE
+# Subject: /CN=S-TRUST Qualified Root CA 2008-001:PN
+# /O=Deutscher Sparkassen Verlag GmbH/L=Stuttgart/C=DE
+# validity: 2008-01-01 00:00:00 through 2012-12-30 23:59:59
+# key type: 2048 bit RSA
+# key usage: certSign crlSign
+# chain length: 1
+#[checked: 2007-12-13 via received ZIP file with qualified signature from
+# /CN=Dr. Matthias Stehle/O=Deutscher Sparkassenverlag
+# /C=DE/SerialNumber=DSV0000000008/SN=Stehle/GN=Matthias Georg]
+C9:2F:E6:50:DB:32:59:E0:CE:65:55:F3:8C:76:E0:B8:A8:FE:A3:CA
+# ID: 0x3A7D979B
+# S/N: 00C4216083F35C54F67B09A80C3C55FE7D
+# Issuer: /CN=S-TRUST Qualified Root CA 2008-002:PN
+# /O=Deutscher Sparkassen Verlag GmbH/L=Stuttgart/C=DE
+# Subject: /CN=S-TRUST Qualified Root CA 2008-002:PN
+# /O=Deutscher Sparkassen Verlag GmbH/L=Stuttgart/C=DE
+# validity: 2008-01-01 00:00:00 through 2012-12-30 23:59:59
+# key type: 2048 bit RSA
+# key usage: certSign crlSign
+# chain length: 1
+#[checked: 2007-12-13 via received ZIP file with qualified signature from
+# /CN=Dr. Matthias Stehle/O=Deutscher Sparkassenverlag
+# /C=DE/SerialNumber=DSV0000000008/SN=Stehle/GN=Matthias Georg"]
+D5:C7:50:F2:FE:4E:EE:D7:C7:B1:E4:13:7B:FB:54:84:3A:7D:97:9B
+
#*******************************************
#
# End of file
Property changes on: trunk/doc/qualified.txt
___________________________________________________________________
Name: gpg:signature
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iEYEABECAAYFAkXAmGwACgkQYHhOlAEKV+2YLgCfTGyaVgluKyvM2Jo+LvrbkGvB
cQcAoKx5f9v0SnEmHMEdS1FOHI3RhP6J
=kM3y
-----END PGP SIGNATURE-----
+ -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iEYEABECAAYFAkdhTBsACgkQYHhOlAEKV+1d2ACfbGr12wCOslArHsT5n2kFcL22
/6AAnRStpBf2oNl4T5RIQ9IN/poU3ju3
=csQH
-----END PGP SIGNATURE-----
Modified: trunk/doc/specify-user-id.texi
===================================================================
--- trunk/doc/specify-user-id.texi 2007-12-12 18:55:52 UTC (rev 4655)
+++ trunk/doc/specify-user-id.texi 2007-12-13 15:45:40 UTC (rev 4656)
@@ -121,7 +121,7 @@
@item By exact match on serial number and issuer's DN.
-This is indicated by a hash mark, followed by the hexadecmal
+This is indicated by a hash mark, followed by the hexadecimal
representation of the serial number, then followed by a slash and the
RFC-2253 encoded DN of the issuer. See note above.
Modified: trunk/sm/ChangeLog
===================================================================
--- trunk/sm/ChangeLog 2007-12-12 18:55:52 UTC (rev 4655)
+++ trunk/sm/ChangeLog 2007-12-13 15:45:40 UTC (rev 4656)
@@ -1,3 +1,10 @@
+2007-12-13 Werner Koch <wk at g10code.com>
+
+ * gpgsm.c (main): Add option --extra-digest-algo.
+ * gpgsm.h (struct): Add EXTRA_DIGEST_ALGO.
+ * verify.c (gpgsm_verify): Use it. Use the hash algorithm from
+ the signature value.
+
2007-12-11 Werner Koch <wk at g10code.com>
* certchain.c (do_validate_chain): Log AUDIT_ROOT_TRUSTED.
Modified: trunk/sm/gpgsm.c
===================================================================
--- trunk/sm/gpgsm.c 2007-12-12 18:55:52 UTC (rev 4655)
+++ trunk/sm/gpgsm.c 2007-12-13 15:45:40 UTC (rev 4656)
@@ -174,6 +174,7 @@
oOpenPGP,
oCipherAlgo,
oDigestAlgo,
+ oExtraDigestAlgo,
oCompressAlgo,
oCommandFD,
oNoVerbose,
@@ -388,6 +389,7 @@
{ oCipherAlgo, "cipher-algo", 2 , N_("|NAME|use cipher algorithm NAME")},
{ oDigestAlgo, "digest-algo", 2 ,
N_("|NAME|use message digest algorithm NAME")},
+ { oExtraDigestAlgo, "extra-digest-algo", 2 , "@" },
#if 0
{ oCompressAlgo, "compress-algo", 1 , N_("|N|use compress algorithm N")},
#endif
@@ -842,6 +844,7 @@
int use_random_seed = 1;
int with_fpr = 0;
char *def_digest_string = NULL;
+ char *extra_digest_algo = NULL;
enum cmd_and_opt_values cmd = 0;
struct server_control_s ctrl;
certlist_t recplist = NULL;
@@ -1298,6 +1301,10 @@
}
break;
+ case oExtraDigestAlgo:
+ extra_digest_algo = pargs.r.ret_str;
+ break;
+
case oIgnoreTimeConflict: opt.ignore_time_conflict = 1; break;
case oNoRandomSeedFile: use_random_seed = 0; break;
@@ -1441,6 +1448,12 @@
if (our_md_test_algo(opt.def_digest_algo) )
log_error (_("selected digest algorithm is invalid\n"));
}
+ if (extra_digest_algo)
+ {
+ opt.extra_digest_algo = gcry_md_map_name (extra_digest_algo);
+ if (our_md_test_algo (opt.extra_digest_algo) )
+ log_error (_("selected digest algorithm is invalid\n"));
+ }
}
if (log_get_errorcount(0))
Modified: trunk/sm/gpgsm.h
===================================================================
--- trunk/sm/gpgsm.h 2007-12-12 18:55:52 UTC (rev 4655)
+++ trunk/sm/gpgsm.h 2007-12-13 15:45:40 UTC (rev 4656)
@@ -92,6 +92,9 @@
char *local_user; /* NULL or argument to -u */
+ int extra_digest_algo; /* A digest algorithm also used for
+ verification of signatures. */
+
int always_trust; /* Trust the given keys even if there is no
valid certification chain */
int skip_verify; /* do not check signatures on data */
Modified: trunk/sm/sign.c
===================================================================
--- trunk/sm/sign.c 2007-12-12 18:55:52 UTC (rev 4655)
+++ trunk/sm/sign.c 2007-12-13 15:45:40 UTC (rev 4656)
@@ -491,7 +491,7 @@
unsigned char *digest;
size_t digest_len;
/* Fixme do this for all signers and get the algo to use from
- the signer's certificate - does not make mich sense, but we
+ the signer's certificate - does not make much sense, but we
should do this consistent as we have already done it above. */
algo = GCRY_MD_SHA1;
hash_data (data_fd, data_md);
@@ -530,7 +530,7 @@
}
/* We need to write at least a minimal list of our capabilities to
- try to convince some MUAs to use 3DEs and not the crippled
+ try to convince some MUAs to use 3DES and not the crippled
RC2. Our list is:
aes128-CBC
Modified: trunk/sm/verify.c
===================================================================
--- trunk/sm/verify.c 2007-12-12 18:55:52 UTC (rev 4655)
+++ trunk/sm/verify.c 2007-12-13 15:45:40 UTC (rev 4656)
@@ -203,10 +203,20 @@
}
else
{
+ if (DBG_X509)
+ log_debug ("enabling hash algorithm %d (%s)\n",
+ algo, algoid? algoid:"");
gcry_md_enable (data_md, algo);
audit_log_i (ctrl->audit, AUDIT_DATA_HASH_ALGO, algo);
}
}
+ if (opt.extra_digest_algo)
+ {
+ if (DBG_X509)
+ log_debug ("enabling extra hash algorithm %d\n",
+ opt.extra_digest_algo);
+ gcry_md_enable (data_md, opt.extra_digest_algo);
+ }
if (is_detached)
{
if (data_fd == -1)
@@ -271,6 +281,7 @@
char *msgdigest = NULL;
size_t msgdigestlen;
char *ctattr;
+ int sigval_hash_algo;
int info_pkalgo;
unsigned int verifyflags;
@@ -331,7 +342,8 @@
&algo, &is_enabled)
|| !is_enabled)
{
- log_error ("digest algo %d has not been enabled\n", algo);
+ log_error ("digest algo %d (%s) has not been enabled\n",
+ algo, algoid?algoid:"");
audit_log_s (ctrl->audit, AUDIT_SIG_STATUS, "unsupported");
goto next_signer;
}
@@ -389,8 +401,16 @@
audit_log_s (ctrl->audit, AUDIT_SIG_STATUS, "bad");
goto next_signer;
}
+ sigval_hash_algo = hash_algo_from_sigval (sigval);
if (DBG_X509)
- log_debug ("signer %d - signature available", signer);
+ {
+ log_debug ("signer %d - signature available (sigval hash=%d)",
+ signer, sigval_hash_algo);
+/* log_printhex ("sigval ", sigval, */
+/* gcry_sexp_canon_len (sigval, 0, NULL, NULL)); */
+ }
+ if (!sigval_hash_algo)
+ sigval_hash_algo = algo; /* Fallback used e.g. with old libksba. */
/* Find the certificate of the signer */
keydb_search_reset (kh);
@@ -438,8 +458,8 @@
gcry_md_hd_t md;
unsigned char *s;
- /* check that the message digest in the signed attributes
- matches the one we calculated on the data */
+ /* Check that the message digest in the signed attributes
+ matches the one we calculated on the data. */
s = gcry_md_read (data_md, algo);
if ( !s || !msgdigestlen
|| gcry_md_get_algo_dlen (algo) != msgdigestlen
@@ -456,7 +476,7 @@
goto next_signer;
}
- rc = gcry_md_open (&md, algo, 0);
+ rc = gcry_md_open (&md, sigval_hash_algo, 0);
if (rc)
{
log_error ("md_open failed: %s\n", gpg_strerror (rc));
@@ -476,14 +496,14 @@
audit_log_s (ctrl->audit, AUDIT_SIG_STATUS, "error");
goto next_signer;
}
- rc = gpgsm_check_cms_signature (cert, sigval, md, algo,
- &info_pkalgo);
+ rc = gpgsm_check_cms_signature (cert, sigval, md,
+ sigval_hash_algo, &info_pkalgo);
gcry_md_close (md);
}
else
{
- rc = gpgsm_check_cms_signature (cert, sigval, data_md, algo,
- &info_pkalgo);
+ rc = gpgsm_check_cms_signature (cert, sigval, data_md,
+ algo, &info_pkalgo);
}
if (rc)
More information about the Gnupg-commits
mailing list