[svn] GnuPG - r4632 - branches/STABLE-BRANCH-1-4/g10
svn author dshaw
cvs at cvs.gnupg.org
Thu Nov 29 00:08:37 CET 2007
Author: dshaw
Date: 2007-11-29 00:08:35 +0100 (Thu, 29 Nov 2007)
New Revision: 4632
Modified:
branches/STABLE-BRANCH-1-4/g10/ChangeLog
branches/STABLE-BRANCH-1-4/g10/main.h
branches/STABLE-BRANCH-1-4/g10/seskey.c
branches/STABLE-BRANCH-1-4/g10/sig-check.c
Log:
* sig-check.c (do_check): Code to try both the incorrect and correct
SHA-224 DER prefixes when verifying a signature. See the change
itself for more discussion.
* main.h, seskey.c (do_encode_md): Rename to pkcs1_encode_md and make
non-static.
Modified: branches/STABLE-BRANCH-1-4/g10/ChangeLog
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/ChangeLog 2007-11-28 23:00:11 UTC (rev 4631)
+++ branches/STABLE-BRANCH-1-4/g10/ChangeLog 2007-11-28 23:08:35 UTC (rev 4632)
@@ -1,5 +1,12 @@
2007-11-28 David Shaw <dshaw at jabberwocky.com>
+ * sig-check.c (do_check): Code to try both the incorrect and
+ correct SHA-224 DER prefixes when verifying a signature. See the
+ change itself for more discussion.
+
+ * main.h, seskey.c (do_encode_md): Rename to pkcs1_encode_md and
+ make non-static.
+
* gpg.c (print_algo_names): New.
(list_config): Use it here for the "ciphername" and "digestname"
config items so we can get a script-parseable list of the names.
@@ -13210,8 +13217,8 @@
* pubkey-enc.c (get_session_key): rewritten
- Copyright 1998, 1999, 2000, 2001, 2002, 2003,
- 2004, 2005, 2006 Free Software Foundation, Inc.
+ Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006,
+ 2007 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
Modified: branches/STABLE-BRANCH-1-4/g10/main.h
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/main.h 2007-11-28 23:00:11 UTC (rev 4631)
+++ branches/STABLE-BRANCH-1-4/g10/main.h 2007-11-28 23:08:35 UTC (rev 4632)
@@ -1,6 +1,6 @@
/* main.h
- * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
- * 2006 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006,
+ * 2007 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -200,6 +200,8 @@
/*-- seskey.c --*/
void make_session_key( DEK *dek );
MPI encode_session_key( DEK *dek, unsigned nbits );
+MPI pkcs1_encode_md( MD_HANDLE md, int algo, size_t len, unsigned nbits,
+ const byte *asn, size_t asnlen );
MPI encode_md_value( PKT_public_key *pk, PKT_secret_key *sk,
MD_HANDLE md, int hash_algo );
Modified: branches/STABLE-BRANCH-1-4/g10/seskey.c
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/seskey.c 2007-11-28 23:00:11 UTC (rev 4631)
+++ branches/STABLE-BRANCH-1-4/g10/seskey.c 2007-11-28 23:08:35 UTC (rev 4632)
@@ -1,6 +1,6 @@
/* seskey.c - make sesssion keys etc.
- * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004,
- * 2006 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2006,
+ * 2007 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -29,7 +29,6 @@
#include "main.h"
#include "i18n.h"
-
/****************
* Make a session key and put it into DEK
*/
@@ -142,10 +141,9 @@
return a;
}
-
-static MPI
-do_encode_md( MD_HANDLE md, int algo, size_t len, unsigned nbits,
- const byte *asn, size_t asnlen )
+MPI
+pkcs1_encode_md( MD_HANDLE md, int algo, size_t len, unsigned nbits,
+ const byte *asn, size_t asnlen )
{
int nframe = (nbits+7) / 8;
byte *frame;
@@ -260,9 +258,9 @@
size_t asnlen,mdlen;
asn = md_asn_oid( hash_algo, &asnlen, &mdlen );
- frame = do_encode_md( md, hash_algo, mdlen,
- mpi_get_nbits(pk?pk->pkey[0]:sk->skey[0]),
- asn, asnlen );
+ frame = pkcs1_encode_md( md, hash_algo, mdlen,
+ mpi_get_nbits(pk?pk->pkey[0]:sk->skey[0]),
+ asn, asnlen );
}
return frame;
Modified: branches/STABLE-BRANCH-1-4/g10/sig-check.c
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/sig-check.c 2007-11-28 23:00:11 UTC (rev 4631)
+++ branches/STABLE-BRANCH-1-4/g10/sig-check.c 2007-11-28 23:08:35 UTC (rev 4632)
@@ -1,6 +1,6 @@
/* sig-check.c - Check a signature
- * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003,
- * 2004 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006,
+ * 2007 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -280,6 +280,32 @@
rc = pubkey_verify( pk->pubkey_algo, result, sig->data, pk->pkey );
mpi_free( result );
+ if(rc==G10ERR_BAD_SIGN && is_RSA(pk->pubkey_algo)
+ && sig->digest_algo==DIGEST_ALGO_SHA224)
+ {
+ /* This code is to work around a SHA-224 problem. RFC-4880
+ and the drafts leading up to it were published with the
+ wrong DER prefix for SHA-224. Unfortunately, GPG pre-1.4.8
+ used this wrong prefix. What this code does is take all
+ bad RSA signatures that use SHA-224, and re-checks them
+ using the old, incorrect, DER prefix. Someday we should
+ remove this code, and when we do remove it, pkcs1_encode_md
+ can be made into a static function again. Note that GPG2
+ does not have this issue as it uses libgcrypt, which is
+ being fixed while it is still a development version. */
+
+ /* The incorrect SHA-224 DER prefix used in pre-1.4.8 */
+ static byte asn[]={0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86,
+ 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04, 0x05,
+ 0x00, 0x04, 0x20};
+
+ result=pkcs1_encode_md(digest,DIGEST_ALGO_SHA224,28,
+ mpi_get_nbits(pk->pkey[0]),asn,DIM(asn));
+
+ rc=pubkey_verify(pk->pubkey_algo,result,sig->data,pk->pkey);
+ mpi_free(result);
+ }
+
if( !rc && sig->flags.unknown_critical )
{
log_info(_("assuming bad signature from key %s"
More information about the Gnupg-commits
mailing list