| @@ -1918,52 +1918,52 @@ lowlevel_rsa_public_check(const uint8_t | | | @@ -1918,52 +1918,52 @@ lowlevel_rsa_public_check(const uint8_t |
1918 | printf("rsa r data too large for modulus\n"); | | 1918 | printf("rsa r data too large for modulus\n"); |
1919 | goto err; | | 1919 | goto err; |
1920 | } | | 1920 | } |
1921 | if (PGPV_BN_mod_exp(decbn, encbn, rsa->e, rsa->n, NULL) < 0) { | | 1921 | if (PGPV_BN_mod_exp(decbn, encbn, rsa->e, rsa->n, NULL) < 0) { |
1922 | printf("PGPV_BN_mod_exp < 0\n"); | | 1922 | printf("PGPV_BN_mod_exp < 0\n"); |
1923 | goto err; | | 1923 | goto err; |
1924 | } | | 1924 | } |
1925 | decbytes = PGPV_BN_num_bytes(decbn); | | 1925 | decbytes = PGPV_BN_num_bytes(decbn); |
1926 | (void) PGPV_BN_bn2bin(decbn, decbuf); | | 1926 | (void) PGPV_BN_bn2bin(decbn, decbuf); |
1927 | if ((r = rsa_padding_check_none(dec, nbytes, decbuf, decbytes, 0)) < 0) { | | 1927 | if ((r = rsa_padding_check_none(dec, nbytes, decbuf, decbytes, 0)) < 0) { |
1928 | printf("rsa r padding check failed\n"); | | 1928 | printf("rsa r padding check failed\n"); |
1929 | } | | 1929 | } |
1930 | err: | | 1930 | err: |
1931 | PGPV_BN_free(encbn); | | 1931 | PGPV_BN_clear_free(encbn); |
1932 | PGPV_BN_free(decbn); | | 1932 | PGPV_BN_clear_free(decbn); |
1933 | if (decbuf != NULL) { | | 1933 | if (decbuf != NULL) { |
1934 | (void) memset(decbuf, 0x0, nbytes); | | 1934 | (void) memset(decbuf, 0x0, nbytes); |
1935 | free(decbuf); | | 1935 | free(decbuf); |
1936 | } | | 1936 | } |
1937 | return r; | | 1937 | return r; |
1938 | } | | 1938 | } |
1939 | | | 1939 | |
1940 | /* verify */ | | 1940 | /* verify */ |
1941 | static int | | 1941 | static int |
1942 | rsa_public_decrypt(int enclen, const unsigned char *enc, unsigned char *dec, RSA *rsa, int padding) | | 1942 | rsa_public_decrypt(int enclen, const unsigned char *enc, unsigned char *dec, RSA *rsa, int padding) |
1943 | { | | 1943 | { |
1944 | rsa_pubkey_t pub; | | 1944 | rsa_pubkey_t pub; |
1945 | int ret; | | 1945 | int ret; |
1946 | | | 1946 | |
1947 | if (enc == NULL || dec == NULL || rsa == NULL) { | | 1947 | if (enc == NULL || dec == NULL || rsa == NULL) { |
1948 | return 0; | | 1948 | return 0; |
1949 | } | | 1949 | } |
1950 | USE_ARG(padding); | | 1950 | USE_ARG(padding); |
1951 | (void) memset(&pub, 0x0, sizeof(pub)); | | 1951 | (void) memset(&pub, 0x0, sizeof(pub)); |
1952 | pub.n = PGPV_BN_dup(rsa->n); | | 1952 | pub.n = PGPV_BN_dup(rsa->n); |
1953 | pub.e = PGPV_BN_dup(rsa->e); | | 1953 | pub.e = PGPV_BN_dup(rsa->e); |
1954 | ret = lowlevel_rsa_public_check(enc, enclen, dec, &pub); | | 1954 | ret = lowlevel_rsa_public_check(enc, enclen, dec, &pub); |
1955 | PGPV_BN_free(pub.n); | | 1955 | PGPV_BN_clear_free(pub.n); |
1956 | PGPV_BN_free(pub.e); | | 1956 | PGPV_BN_clear_free(pub.e); |
1957 | return ret; | | 1957 | return ret; |
1958 | } | | 1958 | } |
1959 | | | 1959 | |
1960 | #define SUBKEY_LEN(x) (80 + 80) | | 1960 | #define SUBKEY_LEN(x) (80 + 80) |
1961 | #define SIG_LEN 80 | | 1961 | #define SIG_LEN 80 |
1962 | #define UID_LEN 80 | | 1962 | #define UID_LEN 80 |
1963 | | | 1963 | |
1964 | /* return worst case number of bytes needed to format a primary key */ | | 1964 | /* return worst case number of bytes needed to format a primary key */ |
1965 | static size_t | | 1965 | static size_t |
1966 | estimate_primarykey_size(pgpv_primarykey_t *primary) | | 1966 | estimate_primarykey_size(pgpv_primarykey_t *primary) |
1967 | { | | 1967 | { |
1968 | size_t cc; | | 1968 | size_t cc; |
1969 | | | 1969 | |
| @@ -2036,32 +2036,32 @@ bignum_is_bad(PGPV_BIGNUM *bn) | | | @@ -2036,32 +2036,32 @@ bignum_is_bad(PGPV_BIGNUM *bn) |
2036 | } | | 2036 | } |
2037 | | | 2037 | |
2038 | #define BAD_BIGNUM(s, k) \ | | 2038 | #define BAD_BIGNUM(s, k) \ |
2039 | (bignum_is_bad((s)->bn) || PGPV_BN_cmp((s)->bn, (k)->bn) >= 0) | | 2039 | (bignum_is_bad((s)->bn) || PGPV_BN_cmp((s)->bn, (k)->bn) >= 0) |
2040 | | | 2040 | |
2041 | #ifndef DSA_MAX_MODULUS_BITS | | 2041 | #ifndef DSA_MAX_MODULUS_BITS |
2042 | #define DSA_MAX_MODULUS_BITS 10000 | | 2042 | #define DSA_MAX_MODULUS_BITS 10000 |
2043 | #endif | | 2043 | #endif |
2044 | | | 2044 | |
2045 | /* verify DSA signature */ | | 2045 | /* verify DSA signature */ |
2046 | static int | | 2046 | static int |
2047 | verify_dsa_sig(uint8_t *calculated, unsigned calclen, pgpv_bignum_t *sig, pgpv_pubkey_t *pubkey) | | 2047 | verify_dsa_sig(uint8_t *calculated, unsigned calclen, pgpv_bignum_t *sig, pgpv_pubkey_t *pubkey) |
2048 | { | | 2048 | { |
| | | 2049 | PGPV_BIGNUM *M; |
| | | 2050 | PGPV_BIGNUM *W; |
| | | 2051 | PGPV_BIGNUM *t1; |
2049 | unsigned qbits; | | 2052 | unsigned qbits; |
2050 | uint8_t calcnum[128]; | | 2053 | uint8_t calcnum[128]; |
2051 | uint8_t signum[128]; | | 2054 | uint8_t signum[128]; |
2052 | PGPV_BIGNUM *M; | | | |
2053 | PGPV_BIGNUM *W; | | | |
2054 | PGPV_BIGNUM *t1; | | | |
2055 | int ret; | | 2055 | int ret; |
2056 | | | 2056 | |
2057 | if (pubkey->bn[DSA_P].bn == NULL || | | 2057 | if (pubkey->bn[DSA_P].bn == NULL || |
2058 | pubkey->bn[DSA_Q].bn == NULL || | | 2058 | pubkey->bn[DSA_Q].bn == NULL || |
2059 | pubkey->bn[DSA_G].bn == NULL) { | | 2059 | pubkey->bn[DSA_G].bn == NULL) { |
2060 | return 0; | | 2060 | return 0; |
2061 | } | | 2061 | } |
2062 | M = W = t1 = NULL; | | 2062 | M = W = t1 = NULL; |
2063 | qbits = pubkey->bn[DSA_Q].bits; | | 2063 | qbits = pubkey->bn[DSA_Q].bits; |
2064 | switch(qbits) { | | 2064 | switch(qbits) { |
2065 | case 160: | | 2065 | case 160: |
2066 | case 224: | | 2066 | case 224: |
2067 | case 256: | | 2067 | case 256: |
| @@ -2093,33 +2093,33 @@ verify_dsa_sig(uint8_t *calculated, unsi | | | @@ -2093,33 +2093,33 @@ verify_dsa_sig(uint8_t *calculated, unsi |
2093 | !PGPV_BN_mod_mul(W, sig[DSA_R].bn, W, pubkey->bn[DSA_Q].bn, NULL) || | | 2093 | !PGPV_BN_mod_mul(W, sig[DSA_R].bn, W, pubkey->bn[DSA_Q].bn, NULL) || |
2094 | !PGPV_BN_mod_exp(t1, pubkey->bn[DSA_G].bn, M, pubkey->bn[DSA_P].bn, NULL) || | | 2094 | !PGPV_BN_mod_exp(t1, pubkey->bn[DSA_G].bn, M, pubkey->bn[DSA_P].bn, NULL) || |
2095 | !PGPV_BN_mod_exp(W, pubkey->bn[DSA_Y].bn, W, pubkey->bn[DSA_P].bn, NULL) || | | 2095 | !PGPV_BN_mod_exp(W, pubkey->bn[DSA_Y].bn, W, pubkey->bn[DSA_P].bn, NULL) || |
2096 | !PGPV_BN_mod_mul(t1, t1, W, pubkey->bn[DSA_P].bn, NULL) || | | 2096 | !PGPV_BN_mod_mul(t1, t1, W, pubkey->bn[DSA_P].bn, NULL) || |
2097 | !PGPV_BN_div(NULL, t1, t1, pubkey->bn[DSA_Q].bn, NULL)) { | | 2097 | !PGPV_BN_div(NULL, t1, t1, pubkey->bn[DSA_Q].bn, NULL)) { |
2098 | goto done; | | 2098 | goto done; |
2099 | } | | 2099 | } |
2100 | /* only compare the first q bits */ | | 2100 | /* only compare the first q bits */ |
2101 | PGPV_BN_bn2bin(t1, calcnum); | | 2101 | PGPV_BN_bn2bin(t1, calcnum); |
2102 | PGPV_BN_bn2bin(sig[DSA_R].bn, signum); | | 2102 | PGPV_BN_bn2bin(sig[DSA_R].bn, signum); |
2103 | ret = memcmp(calcnum, signum, BITS_TO_BYTES(qbits)) == 0; | | 2103 | ret = memcmp(calcnum, signum, BITS_TO_BYTES(qbits)) == 0; |
2104 | done: | | 2104 | done: |
2105 | if (M) { | | 2105 | if (M) { |
2106 | PGPV_BN_free(M); | | 2106 | PGPV_BN_clear_free(M); |
2107 | } | | 2107 | } |
2108 | if (W) { | | 2108 | if (W) { |
2109 | PGPV_BN_free(W); | | 2109 | PGPV_BN_clear_free(W); |
2110 | } | | 2110 | } |
2111 | if (t1) { | | 2111 | if (t1) { |
2112 | PGPV_BN_free(t1); | | 2112 | PGPV_BN_clear_free(t1); |
2113 | } | | 2113 | } |
2114 | return ret; | | 2114 | return ret; |
2115 | } | | 2115 | } |
2116 | | | 2116 | |
2117 | #define TIME_SNPRINTF(_cc, _buf, _size, _fmt, _val) do { \ | | 2117 | #define TIME_SNPRINTF(_cc, _buf, _size, _fmt, _val) do { \ |
2118 | time_t _t; \ | | 2118 | time_t _t; \ |
2119 | char *_s; \ | | 2119 | char *_s; \ |
2120 | \ | | 2120 | \ |
2121 | _t = _val; \ | | 2121 | _t = _val; \ |
2122 | _s = ctime(&_t); \ | | 2122 | _s = ctime(&_t); \ |
2123 | _cc += snprintf(_buf, _size, _fmt, _s); \ | | 2123 | _cc += snprintf(_buf, _size, _fmt, _s); \ |
2124 | } while(/*CONSTCOND*/0) | | 2124 | } while(/*CONSTCOND*/0) |
2125 | | | 2125 | |
| @@ -2981,88 +2981,97 @@ nonnull_getenv(const char *key) | | | @@ -2981,88 +2981,97 @@ nonnull_getenv(const char *key) |
2981 | { | | 2981 | { |
2982 | char *value; | | 2982 | char *value; |
2983 | | | 2983 | |
2984 | return ((value = getenv(key)) == NULL) ? "" : value; | | 2984 | return ((value = getenv(key)) == NULL) ? "" : value; |
2985 | } | | 2985 | } |
2986 | | | 2986 | |
2987 | /* free an array of bignums */ | | 2987 | /* free an array of bignums */ |
2988 | static void | | 2988 | static void |
2989 | free_bn_array(pgpv_bignum_t *v, unsigned n) | | 2989 | free_bn_array(pgpv_bignum_t *v, unsigned n) |
2990 | { | | 2990 | { |
2991 | unsigned i; | | 2991 | unsigned i; |
2992 | | | 2992 | |
2993 | for (i = 0 ; i < n ; i++) { | | 2993 | for (i = 0 ; i < n ; i++) { |
2994 | PGPV_BN_free(v[i].bn); | | 2994 | PGPV_BN_clear_free(v[i].bn); |
| | | 2995 | v[i].bn = NULL; |
2995 | } | | 2996 | } |
2996 | } | | 2997 | } |
2997 | | | 2998 | |
2998 | /************************************************************************/ | | 2999 | /************************************************************************/ |
2999 | /* start of exported functions */ | | 3000 | /* start of exported functions */ |
3000 | /************************************************************************/ | | 3001 | /************************************************************************/ |
3001 | | | 3002 | |
3002 | /* close all stuff */ | | 3003 | /* close all stuff */ |
3003 | int | | 3004 | int |
3004 | pgpv_close(pgpv_t *pgp) | | 3005 | pgpv_close(pgpv_t *pgp) |
3005 | { | | 3006 | { |
3006 | pgpv_primarykey_t *primary; | | 3007 | pgpv_primarykey_t *primary; |
3007 | pgpv_pkt_t *pkt; | | 3008 | pgpv_pkt_t *pkt; |
| | | 3009 | uint64_t n; |
3008 | unsigned i; | | 3010 | unsigned i; |
| | | 3011 | unsigned j; |
3009 | | | 3012 | |
3010 | if (pgp == NULL) { | | 3013 | if (pgp == NULL) { |
3011 | return 0; | | 3014 | return 0; |
3012 | } | | 3015 | } |
3013 | for (i = 0 ; i < ARRAY_COUNT(pgp->areas) ; i++) { | | 3016 | for (i = 0 ; i < ARRAY_COUNT(pgp->areas) ; i++) { |
3014 | if (ARRAY_ELEMENT(pgp->areas, i).size > 0) { | | 3017 | if (ARRAY_ELEMENT(pgp->areas, i).size > 0) { |
3015 | closemem(&ARRAY_ELEMENT(pgp->areas, i)); | | 3018 | closemem(&ARRAY_ELEMENT(pgp->areas, i)); |
3016 | } | | 3019 | } |
3017 | } | | 3020 | } |
3018 | ARRAY_FREE(pgp->areas); | | 3021 | ARRAY_FREE(pgp->areas); |
3019 | for (i = 0 ; i < ARRAY_COUNT(pgp->pkts) ; i++) { | | 3022 | for (i = 0 ; i < ARRAY_COUNT(pgp->pkts) ; i++) { |
3020 | pkt = &ARRAY_ELEMENT(pgp->pkts, i); | | 3023 | pkt = &ARRAY_ELEMENT(pgp->pkts, i); |
3021 | switch(pkt->tag) { | | 3024 | switch(pkt->tag) { |
3022 | case SIGNATURE_PKT: | | 3025 | case SIGNATURE_PKT: |
3023 | free_bn_array(pkt->u.sigpkt.sig.bn, PGPV_MAX_SIG_BN); | | | |
3024 | ARRAY_FREE(pkt->u.sigpkt.subpackets); | | 3026 | ARRAY_FREE(pkt->u.sigpkt.subpackets); |
3025 | break; | | 3027 | break; |
3026 | case LITDATA_PKT: | | 3028 | case LITDATA_PKT: |
3027 | if (pkt->u.litdata.filename.allocated) { | | 3029 | if (pkt->u.litdata.filename.allocated) { |
3028 | free(pkt->u.litdata.filename.data); | | 3030 | free(pkt->u.litdata.filename.data); |
3029 | } | | 3031 | } |
3030 | break; | | 3032 | break; |
3031 | case PUBKEY_PKT: | | 3033 | case PUBKEY_PKT: |
3032 | free_bn_array(pkt->u.pubkey.bn, PGPV_MAX_PUBKEY_BN); | | 3034 | free_bn_array(pkt->u.pubkey.bn, PGPV_MAX_PUBKEY_BN); |
3033 | break; | | 3035 | break; |
3034 | case USERID_PKT: | | 3036 | case USERID_PKT: |
3035 | if (pkt->u.userid.allocated) { | | 3037 | if (pkt->u.userid.allocated) { |
3036 | free(pkt->u.userid.data); | | 3038 | free(pkt->u.userid.data); |
3037 | } | | 3039 | } |
3038 | break; | | 3040 | break; |
3039 | case USER_ATTRIBUTE_PKT: | | 3041 | case USER_ATTRIBUTE_PKT: |
3040 | ARRAY_FREE(pkt->u.userattr.subattrs); | | 3042 | ARRAY_FREE(pkt->u.userattr.subattrs); |
3041 | break; | | 3043 | break; |
3042 | } | | 3044 | } |
3043 | } | | 3045 | } |
3044 | ARRAY_FREE(pgp->pkts); | | 3046 | ARRAY_FREE(pgp->pkts); |
3045 | for (i = 0 ; i < ARRAY_COUNT(pgp->primaries) ; i++) { | | 3047 | for (i = 0 ; i < ARRAY_COUNT(pgp->primaries) ; i++) { |
3046 | primary = &ARRAY_ELEMENT(pgp->primaries, i); | | 3048 | primary = &ARRAY_ELEMENT(pgp->primaries, i); |
3047 | free_bn_array(primary->primary.bn, PGPV_MAX_PUBKEY_BN); | | 3049 | free_bn_array(primary->primary.bn, PGPV_MAX_PUBKEY_BN); |
3048 | ARRAY_FREE(primary->signatures); | | 3050 | ARRAY_FREE(primary->signatures); |
| | | 3051 | for (j = 0 ; j < ARRAY_COUNT(primary->signed_userids) ; j++) { |
| | | 3052 | n = ARRAY_ELEMENT(primary->signed_userids, j); |
| | | 3053 | ARRAY_FREE(ARRAY_ELEMENT(pgp->signed_userids, n).signatures); |
| | | 3054 | } |
3049 | ARRAY_FREE(primary->signed_userids); | | 3055 | ARRAY_FREE(primary->signed_userids); |
3050 | ARRAY_FREE(primary->signed_userattrs); | | 3056 | ARRAY_FREE(primary->signed_userattrs); |
3051 | ARRAY_FREE(primary->signed_subkeys); | | 3057 | ARRAY_FREE(primary->signed_subkeys); |
3052 | } | | 3058 | } |
3053 | for (i = 0 ; i < ARRAY_COUNT(pgp->signatures) ; i++) { | | 3059 | for (i = 0 ; i < ARRAY_COUNT(pgp->signatures) ; i++) { |
3054 | free_bn_array(ARRAY_ELEMENT(pgp->signatures, i).bn, PGPV_MAX_SIG_BN); | | 3060 | free_bn_array(ARRAY_ELEMENT(pgp->signatures, i).bn, PGPV_MAX_SIG_BN); |
3055 | } | | 3061 | } |
| | | 3062 | for (i = 0 ; i < ARRAY_COUNT(pgp->signed_subkeys) ; i++) { |
| | | 3063 | free_bn_array(ARRAY_ELEMENT(pgp->signed_subkeys, i).subkey.bn, PGPV_MAX_SIG_BN); |
| | | 3064 | } |
3056 | ARRAY_FREE(pgp->primaries); | | 3065 | ARRAY_FREE(pgp->primaries); |
3057 | ARRAY_FREE(pgp->datastarts); | | 3066 | ARRAY_FREE(pgp->datastarts); |
3058 | ARRAY_FREE(pgp->signatures); | | 3067 | ARRAY_FREE(pgp->signatures); |
3059 | ARRAY_FREE(pgp->signed_userids); | | 3068 | ARRAY_FREE(pgp->signed_userids); |
3060 | ARRAY_FREE(pgp->signed_userattrs); | | 3069 | ARRAY_FREE(pgp->signed_userattrs); |
3061 | ARRAY_FREE(pgp->signed_subkeys); | | 3070 | ARRAY_FREE(pgp->signed_subkeys); |
3062 | ARRAY_FREE(pgp->subpkts); | | 3071 | ARRAY_FREE(pgp->subpkts); |
3063 | return 1; | | 3072 | return 1; |
3064 | } | | 3073 | } |
3065 | | | 3074 | |
3066 | /* free resources attached to cursor */ | | 3075 | /* free resources attached to cursor */ |
3067 | int | | 3076 | int |
3068 | pgpv_cursor_close(pgpv_cursor_t *cursor) | | 3077 | pgpv_cursor_close(pgpv_cursor_t *cursor) |