mirror of
https://github.com/RetroShare/RetroShare.git
synced 2025-06-07 06:02:41 -04:00
removed a couple of assert that could crash RS
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@5369 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
csoler
parent
dda24f0875
commit
24b38baf6b
1 changed files with 206 additions and 174 deletions
|
|
@ -117,7 +117,7 @@ static unsigned char prefix_ripemd[]={ 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2B,
|
|||
ops_boolean_t encode_hash_buf(const unsigned char *M, size_t mLen,
|
||||
const ops_hash_algorithm_t hash_alg,
|
||||
unsigned char* EM)
|
||||
{
|
||||
{
|
||||
// implementation of EMSA-PKCS1-v1_5, as defined in OpenPGP RFC
|
||||
|
||||
unsigned i;
|
||||
|
|
@ -130,7 +130,11 @@ ops_boolean_t encode_hash_buf(const unsigned char *M, size_t mLen,
|
|||
unsigned encoded_msg_sz=0;
|
||||
unsigned char* prefix=NULL;
|
||||
|
||||
assert(hash_alg == OPS_HASH_SHA1);
|
||||
if(hash_alg != OPS_HASH_SHA1)
|
||||
{
|
||||
fprintf(stderr,"encode_hash_buf: unsupported hash algorithm %x. Sorry.",hash_alg) ;
|
||||
return ops_false ;
|
||||
}
|
||||
|
||||
// 1. Apply hash function to M
|
||||
|
||||
|
|
@ -155,7 +159,7 @@ ops_boolean_t encode_hash_buf(const unsigned char *M, size_t mLen,
|
|||
break;
|
||||
|
||||
default:
|
||||
assert(0);
|
||||
return ops_false ; // according to the test at start, this should never happen, so no error handling is necessary.
|
||||
}
|
||||
|
||||
// \todo 3. Test for len being too short
|
||||
|
|
@ -178,7 +182,11 @@ ops_boolean_t encode_hash_buf(const unsigned char *M, size_t mLen,
|
|||
// finally, write out hashed result
|
||||
|
||||
n=hash.finish(&hash, &EM[i]);
|
||||
assert(n == hash_sz);
|
||||
if(n != hash_sz)
|
||||
{
|
||||
fprintf(stderr,"encode_hash_buf(): Error which hashing data. n=%d != hash_sz=%d",n,hash_sz) ;
|
||||
return ops_false ;
|
||||
}
|
||||
|
||||
encoded_msg_sz=i+hash_sz-1;
|
||||
|
||||
|
|
@ -193,7 +201,7 @@ ops_boolean_t encode_hash_buf(const unsigned char *M, size_t mLen,
|
|||
}
|
||||
|
||||
return ops_true;
|
||||
}
|
||||
}
|
||||
|
||||
// XXX: both this and verify would be clearer if the signature were
|
||||
// treated as an MPI.
|
||||
|
|
@ -782,20 +790,32 @@ ops_boolean_t ops_write_signature(ops_create_signature_t *sig,
|
|||
case OPS_PKA_RSA:
|
||||
case OPS_PKA_RSA_ENCRYPT_ONLY:
|
||||
case OPS_PKA_RSA_SIGN_ONLY:
|
||||
assert(skey->key.rsa.d);
|
||||
if(skey->key.rsa.d == NULL)
|
||||
{
|
||||
fprintf(stderr, "Malformed secret key when signing (rsa.d = 0). Can't sign.\n") ;
|
||||
return ops_false ;
|
||||
}
|
||||
break;
|
||||
|
||||
case OPS_PKA_DSA:
|
||||
assert(skey->key.dsa.x);
|
||||
if(skey->key.dsa.x == NULL)
|
||||
{
|
||||
fprintf(stderr, "Malformed secret key when signing (dsa.x = 0). Can't sign.\n") ;
|
||||
return ops_false ;
|
||||
}
|
||||
break;
|
||||
|
||||
default:
|
||||
fprintf(stderr, "Unsupported algorithm %d\n",
|
||||
skey->public_key.algorithm);
|
||||
assert(0);
|
||||
fprintf(stderr, "Unsupported algorithm %d when signing. Sorry.\n", skey->public_key.algorithm);
|
||||
return ops_false ;
|
||||
//assert(0);
|
||||
}
|
||||
|
||||
assert(sig->hashed_data_length != (unsigned)-1);
|
||||
if(sig->hashed_data_length == (unsigned)-1)
|
||||
{
|
||||
fprintf(stderr, "Hashed data not initialized properly when signing. Sorry.\n") ;
|
||||
return ops_false ;
|
||||
}
|
||||
|
||||
ops_memory_place_int(sig->mem, sig->unhashed_count_offset,
|
||||
l-sig->unhashed_count_offset-2, 2);
|
||||
|
|
@ -834,9 +854,8 @@ ops_boolean_t ops_write_signature(ops_create_signature_t *sig,
|
|||
break;
|
||||
|
||||
default:
|
||||
fprintf(stderr, "Unsupported algorithm %d\n",
|
||||
skey->public_key.algorithm);
|
||||
assert(0);
|
||||
fprintf(stderr, "Unsupported algorithm %d in signature\n", skey->public_key.algorithm);
|
||||
return ops_false ;
|
||||
}
|
||||
|
||||
rtn=ops_write_ptag(OPS_PTAG_CT_SIGNATURE, info);
|
||||
|
|
@ -965,7 +984,7 @@ ops_boolean_t ops_sign_file_as_cleartext(const char* input_filename,
|
|||
const char* output_filename,
|
||||
const ops_secret_key_t *skey,
|
||||
const ops_boolean_t overwrite)
|
||||
{
|
||||
{
|
||||
// \todo allow choice of hash algorithams
|
||||
// enforce use of SHA1 for now
|
||||
|
||||
|
|
@ -1010,8 +1029,8 @@ ops_boolean_t ops_sign_file_as_cleartext(const char* input_filename,
|
|||
}
|
||||
|
||||
// \todo could add more error detection here
|
||||
ops_signature_start_cleartext_signature(sig, skey,
|
||||
OPS_HASH_SHA1, OPS_SIG_BINARY);
|
||||
ops_signature_start_cleartext_signature(sig, skey, OPS_HASH_SHA1, OPS_SIG_BINARY);
|
||||
|
||||
if (!ops_writer_push_clearsigned(cinfo, sig))
|
||||
return ops_false;
|
||||
|
||||
|
|
@ -1024,7 +1043,15 @@ ops_boolean_t ops_sign_file_as_cleartext(const char* input_filename,
|
|||
n=read(fd_in, buf, sizeof(buf));
|
||||
if (!n)
|
||||
break;
|
||||
assert(n>=0);
|
||||
|
||||
if(n < 0)
|
||||
{
|
||||
fprintf(stderr, "Read error in ops_sign_file_as_cleartext\n");
|
||||
close(fd_in) ;
|
||||
ops_teardown_file_write(cinfo, fd_out);
|
||||
return ops_false ;
|
||||
//assert(n>=0);
|
||||
}
|
||||
ops_write(buf, n, cinfo);
|
||||
}
|
||||
close(fd_in);
|
||||
|
|
@ -1034,6 +1061,7 @@ ops_boolean_t ops_sign_file_as_cleartext(const char* input_filename,
|
|||
// - key id
|
||||
rtn = ops_writer_switch_to_armoured_signature(cinfo)
|
||||
&& ops_signature_add_creation_time(sig, time(NULL));
|
||||
|
||||
if (!rtn)
|
||||
{
|
||||
ops_teardown_file_write(cinfo, fd_out);
|
||||
|
|
@ -1050,8 +1078,9 @@ ops_boolean_t ops_sign_file_as_cleartext(const char* input_filename,
|
|||
|
||||
if (!rtn)
|
||||
OPS_ERROR(&cinfo->errors, OPS_E_W, "Cannot sign file as cleartext");
|
||||
|
||||
return rtn;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
|
|
@ -1085,7 +1114,7 @@ ops_boolean_t ops_sign_file_as_cleartext(const char* input_filename,
|
|||
ops_boolean_t ops_sign_buf_as_cleartext(const char* cleartext, const size_t len,
|
||||
ops_memory_t** signed_cleartext,
|
||||
const ops_secret_key_t *skey)
|
||||
{
|
||||
{
|
||||
ops_boolean_t rtn=ops_false;
|
||||
|
||||
// \todo allow choice of hash algorithams
|
||||
|
|
@ -1096,7 +1125,11 @@ ops_boolean_t ops_sign_buf_as_cleartext(const char* cleartext, const size_t len,
|
|||
|
||||
ops_create_info_t *cinfo=NULL;
|
||||
|
||||
assert(*signed_cleartext == NULL);
|
||||
if(*signed_cleartext != NULL)
|
||||
{
|
||||
fprintf(stderr,"ops_sign_buf_as_cleartext: error. Variable signed_cleartext should point to NULL.\n") ;
|
||||
return ops_false ;
|
||||
}
|
||||
|
||||
// set up signature
|
||||
sig=ops_create_signature_new();
|
||||
|
|
@ -1104,8 +1137,7 @@ ops_boolean_t ops_sign_buf_as_cleartext(const char* cleartext, const size_t len,
|
|||
return ops_false;
|
||||
|
||||
// \todo could add more error detection here
|
||||
ops_signature_start_cleartext_signature(sig, skey, OPS_HASH_SHA1,
|
||||
OPS_SIG_BINARY);
|
||||
ops_signature_start_cleartext_signature(sig, skey, OPS_HASH_SHA1, OPS_SIG_BINARY);
|
||||
|
||||
// set up output file
|
||||
ops_setup_memory_write(&cinfo, signed_cleartext, len);
|
||||
|
|
@ -1133,7 +1165,7 @@ ops_boolean_t ops_sign_buf_as_cleartext(const char* cleartext, const size_t len,
|
|||
ops_create_info_delete(cinfo);
|
||||
|
||||
return rtn;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
\ingroup HighLevel_Sign
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue