Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2025-08-18 19:08:35 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

removed asserts in signature.c. Replaced by proper error handling

Browse source 
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@6922 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
csoler 2013-12-04 20:58:57 +00:00
parent 028c9f8c07
commit 70a407504f
1 changed files with 104 additions and 63 deletions
Download patch file Download diff file Expand all files Collapse all files

167
openpgpsdk/src/openpgpsdk/signature.c
View file

@ -31,7 +31,6 @@
#include <openpgpsdk/partial.h> #include <openpgpsdk/partial.h>
#include <openpgpsdk/writer_armoured.h> #include <openpgpsdk/writer_armoured.h>
#include <assert.h>
#include <string.h> #include <string.h>
#include <fcntl.h> #include <fcntl.h>
#include <unistd.h> #include <unistd.h>
@ -206,77 +205,105 @@ ops_boolean_t encode_hash_buf(const unsigned char *M, size_t mLen,
// XXX: both this and verify would be clearer if the signature were // XXX: both this and verify would be clearer if the signature were
// treated as an MPI. // treated as an MPI.
static void rsa_sign(ops_hash_t *hash, const ops_rsa_public_key_t *rsa, static ops_boolean_t rsa_sign(ops_hash_t *hash, const ops_rsa_public_key_t *rsa,
const ops_rsa_secret_key_t *srsa, ops_create_info_t *opt) const ops_rsa_secret_key_t *srsa, ops_create_info_t *opt)
{ {
unsigned char hashbuf[8192]; unsigned char hashbuf[8192];
unsigned char sigbuf[8192]; unsigned char sigbuf[8192];
unsigned keysize; unsigned keysize;
unsigned hashsize; unsigned hashsize;
unsigned n; unsigned n;
unsigned t; unsigned t;
BIGNUM *bn; BIGNUM *bn;
// XXX: we assume hash is sha-1 for now // XXX: we assume hash is sha-1 for now
hashsize=20+sizeof prefix_sha1; hashsize=20+sizeof prefix_sha1;
keysize=BN_num_bytes(rsa->n); keysize=BN_num_bytes(rsa->n);
assert(keysize <= sizeof hashbuf);
assert(10+hashsize <= keysize);
hashbuf[0]=0; if(keysize > sizeof hashbuf)
hashbuf[1]=1; {
if (debug) fprintf(stderr,"Keysize too large. limit is %lu, size was %u",sizeof(hashbuf), keysize) ;
printf("rsa_sign: PS is %d\n", keysize-hashsize-1-2); return ops_false ;
for(n=2 ; n < keysize-hashsize-1 ; ++n) }
hashbuf[n]=0xff; if(10+hashsize > keysize)
hashbuf[n++]=0; {
fprintf(stderr,"10+hashsize > keysize. Can't sign!") ;
return ops_false ;
}
memcpy(&hashbuf[n], prefix_sha1, sizeof prefix_sha1); hashbuf[0]=0;
n+=sizeof prefix_sha1; hashbuf[1]=1;
if (debug)
printf("rsa_sign: PS is %d\n", keysize-hashsize-1-2);
for(n=2 ; n < keysize-hashsize-1 ; ++n)
hashbuf[n]=0xff;
hashbuf[n++]=0;
t=hash->finish(hash, &hashbuf[n]); memcpy(&hashbuf[n], prefix_sha1, sizeof prefix_sha1);
assert(t == 20); n+=sizeof prefix_sha1;
ops_write(&hashbuf[n], 2, opt); t=hash->finish(hash, &hashbuf[n]);
n+=t; if(t != 20)
assert(n == keysize); {
fprintf(stderr,"Wrong hash size. Should be 20! can't sign.") ;
return ops_false ;
}
t=ops_rsa_private_encrypt(sigbuf, hashbuf, keysize, srsa, rsa); ops_write(&hashbuf[n], 2, opt);
bn=BN_bin2bn(sigbuf, t, NULL);
ops_write_mpi(bn, opt);
BN_free(bn);
}
static void dsa_sign(ops_hash_t *hash, const ops_dsa_public_key_t *dsa, n+=t;
if(n != keysize)
{
fprintf(stderr,"Size error in hashed data. can't sign.") ;
return ops_false ;
}
t=ops_rsa_private_encrypt(sigbuf, hashbuf, keysize, srsa, rsa);
bn=BN_bin2bn(sigbuf, t, NULL);
ops_write_mpi(bn, opt);
BN_free(bn);
return ops_true ;
}
static ops_boolean_t dsa_sign(ops_hash_t *hash, const ops_dsa_public_key_t *dsa,
const ops_dsa_secret_key_t *sdsa, ops_create_info_t *cinfo) const ops_dsa_secret_key_t *sdsa, ops_create_info_t *cinfo)
{ {
unsigned char hashbuf[8192]; unsigned char hashbuf[8192];
unsigned hashsize; unsigned hashsize;
unsigned t; unsigned t;
// hashsize must be "equal in size to the number of bits of q, // hashsize must be "equal in size to the number of bits of q,
// the group generated by the DSA key's generator value // the group generated by the DSA key's generator value
// 160/8 = 20 // 160/8 = 20
hashsize=20; hashsize=20;
// finalise hash // finalise hash
t=hash->finish(hash, &hashbuf[0]); t=hash->finish(hash, &hashbuf[0]);
assert(t == 20);
ops_write(&hashbuf[0], 2, cinfo); if(t != 20)
{
fprintf(stderr,"Wrong hash size. Should be 20! can't sign.") ;
return ops_false ;
}
// write signature to buf ops_write(&hashbuf[0], 2, cinfo);
DSA_SIG* dsasig;
dsasig=ops_dsa_sign(hashbuf, hashsize, sdsa, dsa);
// convert and write the sig out to memory // write signature to buf
ops_write_mpi(dsasig->r, cinfo); DSA_SIG* dsasig;
ops_write_mpi(dsasig->s, cinfo); dsasig=ops_dsa_sign(hashbuf, hashsize, sdsa, dsa);
DSA_SIG_free(dsasig);
} // convert and write the sig out to memory
ops_write_mpi(dsasig->r, cinfo);
ops_write_mpi(dsasig->s, cinfo);
DSA_SIG_free(dsasig);
return ops_true ;
}
static ops_boolean_t rsa_verify(ops_hash_algorithm_t type, static ops_boolean_t rsa_verify(ops_hash_algorithm_t type,
const unsigned char *hash, size_t hash_length, const unsigned char *hash, size_t hash_length,
@ -292,12 +319,20 @@ static ops_boolean_t rsa_verify(ops_hash_algorithm_t type,
keysize=BN_num_bytes(rsa->n); keysize=BN_num_bytes(rsa->n);
/* RSA key can't be bigger than 65535 bits, so... */ /* RSA key can't be bigger than 65535 bits, so... */
assert(keysize <= sizeof hashbuf_from_sig);
assert((unsigned)BN_num_bits(sig->sig) <= 8*sizeof sigbuf); if(keysize > sizeof hashbuf_from_sig)
{
fprintf(stderr,"Can't verify signature: keysize too big.") ;
return ops_false ;
}
if((unsigned)BN_num_bits(sig->sig) > 8*sizeof sigbuf)
{
fprintf(stderr,"Can't verify signature: signature too big.") ;
return ops_false ;
}
BN_bn2bin(sig->sig, sigbuf); BN_bn2bin(sig->sig, sigbuf);
n=ops_rsa_public_decrypt(hashbuf_from_sig, sigbuf, BN_num_bytes(sig->sig), n=ops_rsa_public_decrypt(hashbuf_from_sig, sigbuf, BN_num_bytes(sig->sig), rsa);
rsa);
int debug_len_decrypted=n; int debug_len_decrypted=n;
if(n != keysize) // obviously, this includes error returns if(n != keysize) // obviously, this includes error returns
@ -809,7 +844,6 @@ ops_boolean_t ops_write_signature(ops_create_signature_t *sig,
default: default:
fprintf(stderr, "Unsupported algorithm %d when signing. Sorry.\n", skey->public_key.algorithm); fprintf(stderr, "Unsupported algorithm %d when signing. Sorry.\n", skey->public_key.algorithm);
return ops_false ; return ops_false ;
//assert(0);
} }
if(sig->hashed_data_length == (unsigned)-1) if(sig->hashed_data_length == (unsigned)-1)
@ -847,11 +881,19 @@ ops_boolean_t ops_write_signature(ops_create_signature_t *sig,
case OPS_PKA_RSA: case OPS_PKA_RSA:
case OPS_PKA_RSA_ENCRYPT_ONLY: case OPS_PKA_RSA_ENCRYPT_ONLY:
case OPS_PKA_RSA_SIGN_ONLY: case OPS_PKA_RSA_SIGN_ONLY:
rsa_sign(&sig->hash, &key->key.rsa, &skey->key.rsa, sig->info); if(!rsa_sign(&sig->hash, &key->key.rsa, &skey->key.rsa, sig->info))
{
fprintf(stderr, "error in rsa_sign. Can't produce signature\n") ;
return ops_false;
}
break; break;
case OPS_PKA_DSA: case OPS_PKA_DSA:
dsa_sign(&sig->hash, &key->key.dsa, &skey->key.dsa, sig->info); if(!dsa_sign(&sig->hash, &key->key.dsa, &skey->key.dsa, sig->info))
{
fprintf(stderr, "error in dsa_sign. Can't produce signature\n") ;
return ops_false;
}
break; break;
default: default:
@ -1051,7 +1093,6 @@ ops_boolean_t ops_sign_file_as_cleartext(const char* input_filename,
close(fd_in) ; close(fd_in) ;
ops_teardown_file_write(cinfo, fd_out); ops_teardown_file_write(cinfo, fd_out);
return ops_false ; return ops_false ;
//assert(n>=0);
} }
ops_write(buf, n, cinfo); ops_write(buf, n, cinfo);
} }