added two additional non packward compatible changes for future version 0.7, and improvements of verifications of certificate signatures

libretroshare/src/pgp/pgphandler.cc

@@ -1382,7 +1382,11 @@ ops_secret_key_t *secret_key = NULL ;
 	// then do the signature.
 
 	ops_boolean_t not_raw = !use_raw_signature ;
-	ops_memory_t *memres = ops_sign_buf(data,len,(ops_sig_type_t)0x00,secret_key,ops_false,ops_false,not_raw,not_raw) ;
+#ifdef V07_NON_BACKWARD_COMPATIBLE_CHANGE_002
+	ops_memory_t *memres = ops_sign_buf(data,len,OPS_SIG_BINARY,OPS_HASH_SHA256,secret_key,ops_false,ops_false,not_raw,not_raw) ;
+#else
+	ops_memory_t *memres = ops_sign_buf(data,len,OPS_SIG_BINARY,OPS_HASH_SHA1,secret_key,ops_false,ops_false,not_raw,not_raw) ;
+#endif
 
 	if(!memres)
 		return false ;
@@ -1695,16 +1699,16 @@ bool PGPHandler::mergeKeySignatures(ops_keydata_t *dst,const ops_keydata_t *src)
 
 bool PGPHandler::parseSignature(unsigned char *sign, unsigned int signlen,RsPgpId& issuer_id) 
 {
-    uint64_t issuer ;
+	PGPSignatureInfo info ;
     
-    if(!PGPKeyManagement::parseSignature(sign,signlen,issuer))
+    if(!PGPKeyManagement::parseSignature(sign,signlen,info))
         return false ;
     
     unsigned char bytes[8] ;
     for(int i=0;i<8;++i)
     {
-        bytes[7-i] = issuer & 0xff ;
-        issuer >>= 8 ;
+        bytes[7-i] = info.issuer & 0xff ;
+        info.issuer >>= 8 ;
     }
     issuer_id = RsPgpId(bytes) ;
     

libretroshare/src/pgp/pgpkeyutil.cc

@@ -160,7 +160,7 @@ uint32_t PGPKeyManagement::compute24bitsCRC(unsigned char *octets, size_t len)
     return crc & 0xFFFFFFL;
 }
 
-bool PGPKeyManagement::parseSignature(const unsigned char *signature, size_t sign_len, uint64_t& issuer)
+bool PGPKeyManagement::parseSignature(const unsigned char *signature, size_t sign_len, PGPSignatureInfo& info)
 {
     unsigned char *data = (unsigned char *)signature ;
 
@@ -189,10 +189,10 @@ bool PGPKeyManagement::parseSignature(const unsigned char *signature, size_t sig
     if(signature_type != 4)
         return false ;
     
-    data += 1 ;	// skip version number 
-    data += 1 ;	// skip signature type
-    data += 1 ;	// skip public key algorithm
-    data += 1 ;	// skip hash algorithm
+	info.signature_version    = data[0] ; data += 1 ;	// skip version number
+    info.signature_type       = data[0] ; data += 1 ;	// skip signature type
+    info.public_key_algorithm = data[0] ; data += 1 ;	// skip public key algorithm
+    info.hash_algorithm       = data[0] ; data += 1 ;	// skip hash algorithm
 
     uint32_t hashed_size = 256u*data[0] + data[1] ;
     data += 2 ;
@@ -214,7 +214,7 @@ bool PGPKeyManagement::parseSignature(const unsigned char *signature, size_t sig
 	    if(subpacket_type == PGPKeyParser::PGP_PACKET_TAG_ISSUER && subpacket_size == 9)
 	    {
 		    issuer_found = true ;
-		    issuer = PGPKeyParser::read_KeyID(data) ;
+		    info.issuer = PGPKeyParser::read_KeyID(data) ;
 	    }
 	    else
 		    data += subpacket_size-1 ;	// we remove the size of subpacket type

libretroshare/src/pgp/pgpkeyutil.h

@@ -41,6 +41,46 @@
 #include <stdint.h>
 #include <string>
 
+static const uint8_t PGP_PACKET_TAG_HASH_ALGORITHM_UNKNOWN       = 0  ;
+static const uint8_t PGP_PACKET_TAG_HASH_ALGORITHM_MD5           = 1  ;
+static const uint8_t PGP_PACKET_TAG_HASH_ALGORITHM_SHA1          = 2  ;
+static const uint8_t PGP_PACKET_TAG_HASH_ALGORITHM_SHA256        = 8  ;
+static const uint8_t PGP_PACKET_TAG_HASH_ALGORITHM_SHA512        = 10 ;
+
+static const uint8_t PGP_PACKET_TAG_PUBLIC_KEY_ALGORITHM_UNKNOWN = 0  ;
+static const uint8_t PGP_PACKET_TAG_PUBLIC_KEY_ALGORITHM_RSA_ES  = 1  ;
+static const uint8_t PGP_PACKET_TAG_PUBLIC_KEY_ALGORITHM_RSA_E   = 2  ;
+static const uint8_t PGP_PACKET_TAG_PUBLIC_KEY_ALGORITHM_RSA_S   = 3  ;
+static const uint8_t PGP_PACKET_TAG_PUBLIC_KEY_ALGORITHM_DSA     = 17 ;
+
+static const uint8_t PGP_PACKET_TAG_SIGNATURE_VERSION_UNKNOWN    = 0 ;
+static const uint8_t PGP_PACKET_TAG_SIGNATURE_VERSION_V3         = 3 ;
+static const uint8_t PGP_PACKET_TAG_SIGNATURE_VERSION_V4         = 4 ;
+
+static const uint8_t PGP_PACKET_TAG_SIGNATURE_TYPE_UNKNOWN          = 0xff ;
+static const uint8_t PGP_PACKET_TAG_SIGNATURE_TYPE_BINARY_DOCUMENT  = 0x00 ;
+static const uint8_t PGP_PACKET_TAG_SIGNATURE_TYPE_CANONICAL_TEXT   = 0x01 ;
+static const uint8_t PGP_PACKET_TAG_SIGNATURE_TYPE_STANDALONE_SIG   = 0x02 ;
+// All other consts for signature types not used, so not defines.
+
+class PGPSignatureInfo
+{
+public:
+	PGPSignatureInfo() :
+	    signature_version   (PGP_PACKET_TAG_SIGNATURE_VERSION_UNKNOWN),
+	    signature_type      (PGP_PACKET_TAG_SIGNATURE_TYPE_UNKNOWN),
+	    issuer              (0),
+	    public_key_algorithm(PGP_PACKET_TAG_PUBLIC_KEY_ALGORITHM_UNKNOWN),
+	    hash_algorithm      (PGP_PACKET_TAG_HASH_ALGORITHM_UNKNOWN)
+	{}
+
+	uint8_t  signature_version ;
+	uint8_t  signature_type ;
+	uint64_t issuer ;
+	uint8_t  public_key_algorithm ;
+	uint8_t  hash_algorithm ;
+};
+
 // This class handles GPG keys. For now we only clean them from signatures, but
 // in the future, we might cache them to avoid unnecessary calls to gpgme.
 //
@@ -66,7 +106,7 @@ class PGPKeyManagement
 		// 
 		static uint32_t compute24bitsCRC(unsigned char *data,size_t len) ;
         
-        	static bool parseSignature(const unsigned char *signature, size_t sign_len, uint64_t &issuer) ;
+		static bool parseSignature(const unsigned char *signature, size_t sign_len, PGPSignatureInfo& info) ;
 };
 
 // This class handles the parsing of PGP packet headers under various (old and new) formats.
@@ -74,6 +114,8 @@ class PGPKeyManagement
 class PGPKeyParser
 {
 	public:
+		// These constants correspond to packet tags from RFC4880
+
 		static const uint8_t PGP_PACKET_TAG_PUBLIC_KEY  =  6 ;
 		static const uint8_t PGP_PACKET_TAG_USER_ID     = 13 ;
 		static const uint8_t PGP_PACKET_TAG_SIGNATURE   =  2 ;