mirror of
https://github.com/RetroShare/RetroShare.git
synced 2025-01-25 23:06:10 -05:00
fixed signature verification
git-svn-id: http://svn.code.sf.net/p/retroshare/code/branches/v0.5-OpenPGP@5122 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
csoler
parent
0587216350
commit
afc23f39c8
@ -215,21 +215,24 @@ void PGPHandler::initCertificateInfo(PGPCertificateInfo& cert,const ops_keydata_
|
|||||||
while(i < namestring.length() && namestring[i] != ')' && namestring[i] != '>') { next += namestring[i] ; ++i ;}
|
while(i < namestring.length() && namestring[i] != ')' && namestring[i] != '>') { next += namestring[i] ; ++i ;}
|
||||||
|
|
||||||
while(i < namestring.length() && namestring[i] != '(' && namestring[i] != '<') { next += namestring[i] ; ++i ;}
|
while(i < namestring.length() && namestring[i] != '(' && namestring[i] != '<') { next += namestring[i] ; ++i ;}
|
||||||
|
|
||||||
|
if(i< namestring.length())
|
||||||
|
{
|
||||||
std::string& next2 = (namestring[i] == '(')?cert._comment:cert._email ;
|
std::string& next2 = (namestring[i] == '(')?cert._comment:cert._email ;
|
||||||
++i ;
|
++i ;
|
||||||
next2 = "" ;
|
next2 = "" ;
|
||||||
while(i < namestring.length() && namestring[i] != ')' && namestring[i] != '>') { next2 += namestring[i] ; ++i ;}
|
while(i < namestring.length() && namestring[i] != ')' && namestring[i] != '>') { next2 += namestring[i] ; ++i ;}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
cert._trustLvl = 1 ; // to be setup accordingly
|
cert._trustLvl = 1 ; // to be setup accordingly
|
||||||
cert._key_index = index ;
|
cert._key_index = index ;
|
||||||
|
cert._flags = 0 ;
|
||||||
|
|
||||||
ops_fingerprint_t f ;
|
ops_fingerprint_t f ;
|
||||||
ops_fingerprint(&f,&keydata->key.pkey) ;
|
ops_fingerprint(&f,&keydata->key.pkey) ;
|
||||||
|
|
||||||
cert._fpr = PGPFingerprintType(f.fingerprint) ;
|
cert._fpr = PGPFingerprintType(f.fingerprint) ;
|
||||||
|
|
||||||
std::cerr << __PRETTY_FUNCTION__ << ": unfinished!!" << std::endl;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
PGPHandler::~PGPHandler()
|
PGPHandler::~PGPHandler()
|
||||||
@ -666,7 +669,7 @@ bool PGPHandler::getKeyFingerprint(const PGPIdType& id,PGPFingerprintType& fp) c
|
|||||||
return true ;
|
return true ;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool PGPHandler::VerifySignBin(const void *data, uint32_t data_len, unsigned char *sign, unsigned int sign_len, const PGPFingerprintType& key_fingerprint)
|
bool PGPHandler::VerifySignBin(const void *literal_data, uint32_t literal_data_length, unsigned char *sign, unsigned int sign_len, const PGPFingerprintType& key_fingerprint)
|
||||||
{
|
{
|
||||||
PGPIdType id = PGPIdType::fromFingerprint_hex(key_fingerprint.toStdString()) ;
|
PGPIdType id = PGPIdType::fromFingerprint_hex(key_fingerprint.toStdString()) ;
|
||||||
const ops_keydata_t *key = getPublicKey(id) ;
|
const ops_keydata_t *key = getPublicKey(id) ;
|
||||||
@ -689,14 +692,11 @@ bool PGPHandler::VerifySignBin(const void *data, uint32_t data_len, unsigned cha
|
|||||||
}
|
}
|
||||||
|
|
||||||
std::cerr << "Verifying signature from fingerprint " << key_fingerprint.toStdString() << std::endl;
|
std::cerr << "Verifying signature from fingerprint " << key_fingerprint.toStdString() << std::endl;
|
||||||
std::cerr << "Warning: signature code still unfinished!" << key_fingerprint.toStdString() << std::endl;
|
|
||||||
|
|
||||||
ops_signature_t signature ;
|
std::cerr << "Verifying signature of length " << std::dec << sign_len << ", literal_length = " << literal_data_length << std::endl;
|
||||||
// ops_signature_add_data(&signature,sign,sign_len) ;
|
std::cerr << "Data: " << (char *)sign << std::endl;
|
||||||
|
|
||||||
// ops_boolean_t valid=check_binary_signature(data_len,data,signature,pkey) ;
|
return ops_validate_detached_signature(literal_data,literal_data_length,sign,sign_len,key) ;
|
||||||
|
|
||||||
return false ;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
void PGPHandler::setAcceptConnexion(const PGPIdType& id,bool b)
|
void PGPHandler::setAcceptConnexion(const PGPIdType& id,bool b)
|
||||||
|
|||||||
@ -98,5 +98,7 @@ ops_validate_key_cb(const ops_parser_content_t *content_,ops_parse_cb_info_t *cb
|
|||||||
|
|
||||||
ops_boolean_t ops_validate_file(ops_validate_result_t* result, const char* filename, const int armoured, const ops_keyring_t* keyring);
|
ops_boolean_t ops_validate_file(ops_validate_result_t* result, const char* filename, const int armoured, const ops_keyring_t* keyring);
|
||||||
ops_boolean_t ops_validate_mem(ops_validate_result_t *result, ops_memory_t* mem, const int armoured, const ops_keyring_t* keyring);
|
ops_boolean_t ops_validate_mem(ops_validate_result_t *result, ops_memory_t* mem, const int armoured, const ops_keyring_t* keyring);
|
||||||
|
ops_boolean_t ops_validate_detached_signature(const void *literal_data, unsigned int literal_data_length, const unsigned char *signature_packet, unsigned int signature_packet_length,const ops_keydata_t *signers_key) ;
|
||||||
|
|
||||||
|
|
||||||
// EOF
|
// EOF
|
||||||
|
|||||||
@ -744,4 +744,60 @@ ops_boolean_t ops_validate_mem(ops_validate_result_t *result, ops_memory_t* mem,
|
|||||||
return validate_result_status(result);
|
return validate_result_status(result);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
ops_boolean_t ops_validate_detached_signature(const void *literal_data, unsigned int literal_data_length, const unsigned char *signature_packet, unsigned int signature_packet_length,const ops_keydata_t *signers_key)
|
||||||
|
{
|
||||||
|
ops_validate_result_t *result = (ops_validate_result_t*)ops_mallocz(sizeof(ops_validate_result_t));
|
||||||
|
|
||||||
|
ops_memory_t *mem = ops_memory_new() ;
|
||||||
|
ops_memory_add(mem,signature_packet,signature_packet_length) ;
|
||||||
|
|
||||||
|
ops_parse_info_t *pinfo=NULL;
|
||||||
|
validate_data_cb_arg_t validate_arg;
|
||||||
|
|
||||||
|
ops_setup_memory_read(&pinfo, mem, &validate_arg, validate_data_cb, ops_true);
|
||||||
|
|
||||||
|
// Set verification reader and handling options
|
||||||
|
|
||||||
|
ops_keyring_t tmp_keyring ;
|
||||||
|
tmp_keyring.nkeys = 1 ;
|
||||||
|
tmp_keyring.nkeys_allocated = 1 ;
|
||||||
|
tmp_keyring.keys = signers_key ;
|
||||||
|
|
||||||
|
memset(&validate_arg,'\0',sizeof validate_arg);
|
||||||
|
|
||||||
|
validate_arg.result=result;
|
||||||
|
validate_arg.keyring=&tmp_keyring;
|
||||||
|
|
||||||
|
int length = 8192 ;
|
||||||
|
if(literal_data_length < length)
|
||||||
|
length = literal_data_length ;
|
||||||
|
|
||||||
|
memcpy(validate_arg.data.literal_data_body.data, literal_data, length) ;
|
||||||
|
validate_arg.data.literal_data_body.length = length ;
|
||||||
|
|
||||||
|
// Note: Coverity incorrectly reports an error that carg.rarg
|
||||||
|
// is never used.
|
||||||
|
validate_arg.rarg=ops_reader_get_arg_from_pinfo(pinfo);
|
||||||
|
|
||||||
|
//if (armoured)
|
||||||
|
// ops_reader_push_dearmour(pinfo);
|
||||||
|
|
||||||
|
// Do the verification
|
||||||
|
|
||||||
|
ops_parse(pinfo);
|
||||||
|
|
||||||
|
printf("valid=%d, invalid=%d, unknown=%d\n", result->valid_count, result->invalid_count, result->unknown_signer_count);
|
||||||
|
|
||||||
|
// Tidy up
|
||||||
|
//if (armoured)
|
||||||
|
// ops_reader_pop_dearmour(pinfo);
|
||||||
|
|
||||||
|
ops_teardown_memory_read(pinfo, mem);
|
||||||
|
|
||||||
|
ops_boolean_t res = validate_result_status(result);
|
||||||
|
ops_validate_result_free(result) ;
|
||||||
|
|
||||||
|
return res ;
|
||||||
|
}
|
||||||
|
|
||||||
// eof
|
// eof
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user