folkslinux
/
rpm
mirror of https://github.com/rpm-software-management/rpm.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge

This commit is contained in:
Peter Jones 2007-11-02 09:25:33 -04:00
parent 51f5b6caa8 43b1952dc6
commit bb6aaf184e
32 changed files with 664 additions and 946 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
INSTALL
View File

@ -5,6 +5,9 @@ The zlib library for compression support. You might also need/want
the zip executable for java jar dependency analysis. All available from
http://www.gzip.org/zlib/
The NSS library for encryption. This is available from
http://www.mozilla.org/projects/security/pki/nss/
The Berkeley DB >= 4.3.x (4.5.x or newer recommended). RPM includes an
internal copy which is used by default, but if you want to use an external
BDB (--with-external-db) it's available at

19
Makefile.am
View File

@ -24,7 +24,7 @@ AM_CPPFLAGS += -I$(top_srcdir)/build
AM_CPPFLAGS += -I$(top_srcdir)/lib
AM_CPPFLAGS += -I$(top_builddir)/rpmdb -I$(top_srcdir)/rpmdb
AM_CPPFLAGS += -I$(top_srcdir)/rpmio
AM_CPPFLAGS += @WITH_BEECRYPT_INCLUDE@
AM_CPPFLAGS += @WITH_NSS_INCLUDE@
AM_CPPFLAGS += @WITH_POPT_INCLUDE@
AM_CPPFLAGS += -I$(top_srcdir)/misc
AM_CPPFLAGS += @WITH_LIBELF_INCLUDE@
@ -82,36 +82,36 @@ DISTCLEANFILES += find-requires
rpm_SOURCES = rpmqv.c debug.h system.h
rpm_CPPFLAGS = $(AM_CPPFLAGS) -DIAM_RPMDB -DIAM_RPMEIU -DIAM_RPMK -DIAM_RPMQV
rpm_LDADD = build/librpmbuild.la lib/librpm.la rpmdb/librpmdb.la rpmio/librpmio.la
rpm_LDADD += @WITH_LIBELF_LIB@ @WITH_BEECRYPT_LIB@ @WITH_POPT_LIB@ @WITH_ZLIB_LIB@
rpm_LDADD += @WITH_LIBELF_LIB@ @WITH_NSS_LIB@ @WITH_POPT_LIB@ @WITH_ZLIB_LIB@
rpmb_SOURCES = build.c rpmqv.c build.h debug.h system.h
rpmb_CPPFLAGS = $(AM_CPPFLAGS) -DIAM_RPMBT
rpmb_LDADD = build/librpmbuild.la lib/librpm.la rpmdb/librpmdb.la rpmio/librpmio.la
rpmb_LDADD += @WITH_LIBELF_LIB@ @WITH_BEECRYPT_LIB@ @WITH_POPT_LIB@ @WITH_ZLIB_LIB@
rpmb_LDADD += @WITH_LIBELF_LIB@ @WITH_NSS_LIB@ @WITH_POPT_LIB@ @WITH_ZLIB_LIB@
rpmd_SOURCES = rpmqv.c debug.h system.h
rpmd_CPPFLAGS = $(AM_CPPFLAGS) -DIAM_RPMDB
rpmd_LDADD = lib/librpm.la rpmdb/librpmdb.la rpmio/librpmio.la
rpmd_LDADD += @WITH_LIBELF_LIB@ @WITH_BEECRYPT_LIB@ @WITH_POPT_LIB@ @WITH_ZLIB_LIB@
rpmd_LDADD += @WITH_LIBELF_LIB@ @WITH_NSS_LIB@ @WITH_POPT_LIB@ @WITH_ZLIB_LIB@
rpmi_SOURCES = rpmqv.c debug.h system.h
rpmi_CPPFLAGS = $(AM_CPPFLAGS) -DIAM_RPMEIU
rpmi_LDADD = lib/librpm.la rpmdb/librpmdb.la rpmio/librpmio.la
rpmi_LDADD += @WITH_LIBELF_LIB@ @WITH_BEECRYPT_LIB@ @WITH_POPT_LIB@ @WITH_ZLIB_LIB@
rpmi_LDADD += @WITH_LIBELF_LIB@ @WITH_NSS_LIB@ @WITH_POPT_LIB@ @WITH_ZLIB_LIB@
rpmk_SOURCES = rpmqv.c debug.h system.h
rpmk_CPPFLAGS = $(AM_CPPFLAGS) -DIAM_RPMK
rpmk_LDADD = lib/librpm.la rpmdb/librpmdb.la rpmio/librpmio.la
rpmk_LDADD += @WITH_LIBELF_LIB@ @WITH_BEECRYPT_LIB@ @WITH_POPT_LIB@ @WITH_ZLIB_LIB@
rpmk_LDADD += @WITH_LIBELF_LIB@ @WITH_NSS_LIB@ @WITH_POPT_LIB@ @WITH_ZLIB_LIB@
rpmq_SOURCES = rpmqv.c debug.h system.h
rpmq_CPPFLAGS = $(AM_CPPFLAGS) -DIAM_RPMQV
rpmq_LDADD = build/librpmbuild.la lib/librpm.la rpmdb/librpmdb.la rpmio/librpmio.la
rpmq_LDADD += @WITH_LIBELF_LIB@ @WITH_BEECRYPT_LIB@ @WITH_POPT_LIB@ @WITH_ZLIB_LIB@
rpmq_LDADD += @WITH_LIBELF_LIB@ @WITH_NSS_LIB@ @WITH_POPT_LIB@ @WITH_ZLIB_LIB@
rpm2cpio_SOURCES = rpm2cpio.c debug.h system.h
rpm2cpio_LDADD = lib/librpm.la rpmdb/librpmdb.la rpmio/librpmio.la
rpm2cpio_LDADD += @WITH_LIBELF_LIB@ @WITH_BEECRYPT_LIB@ @WITH_POPT_LIB@ @WITH_ZLIB_LIB@
rpm2cpio_LDADD += @WITH_LIBELF_LIB@ @WITH_NSS_LIB@ @WITH_POPT_LIB@ @WITH_ZLIB_LIB@
if LIBELF
@ -120,7 +120,8 @@ rpmconfig_SCRIPTS += scripts/find-debuginfo.sh
rpmlibexec_PROGRAMS += debugedit
debugedit_SOURCES = tools/debugedit.c tools/hashtab.c tools/hashtab.h
debugedit_LDADD = @WITH_LIBELF_LIB@ @WITH_BEECRYPT_LIB@ @WITH_POPT_LIB@
debugedit_LDADD = rpmio/librpmio.la
debugedit_LDADD += @WITH_LIBELF_LIB@ @WITH_POPT_LIB@
endif
endif

2
build/Makefile.am
View File

@ -5,7 +5,7 @@ AM_CPPFLAGS += -I$(top_srcdir)/build
AM_CPPFLAGS += -I$(top_srcdir)/lib
AM_CPPFLAGS += -I$(top_builddir)/rpmdb -I$(top_srcdir)/rpmdb
AM_CPPFLAGS += -I$(top_srcdir)/rpmio
AM_CPPFLAGS += @WITH_BEECRYPT_INCLUDE@
AM_CPPFLAGS += @WITH_NSS_INCLUDE@
AM_CPPFLAGS += @WITH_MAGIC_INCLUDE@
AM_CPPFLAGS += @WITH_POPT_INCLUDE@
AM_CPPFLAGS += @WITH_LIBELF_INCLUDE@

6
build/rpmfc.c
View File

@ -51,6 +51,12 @@ struct rpmfc_s {
};
/**
*/
struct rpmfcTokens_s {
const char * token;
int colors;
};
/**
*/

7
build/rpmfc.h
View File

@ -60,13 +60,6 @@ enum FCOLOR_e {
};
typedef enum FCOLOR_e FCOLOR_t;
/**
*/
struct rpmfcTokens_s {
const char * token;
int colors;
};
/**
*/
typedef struct rpmfcTokens_s * rpmfcToken;

36
configure.ac
View File

@ -351,22 +351,32 @@ AC_CHECK_HEADERS([dwarf.h], [
AM_CONDITIONAL(LIBDWARF,[test "$WITH_LIBDWARF" = yes])
#=================
# Check for beecrypt library.
WITH_BEECRYPT_INCLUDE=
WITH_BEECRYPT_LIB=
AC_CHECK_HEADERS([beecrypt/beecrypt.h], [
AC_CHECK_LIB(beecrypt, mpfprintln, [
AC_CHECK_HEADERS([beecrypt/api.h])
WITH_BEECRYPT_INCLUDE=
WITH_BEECRYPT_LIB="-lbeecrypt"
],[
AC_MSG_ERROR([missing required library beecrypt])
# Check for NSS library.
WITH_NSS_INCLUDE=
WITH_NSS_LIB=
check=`pkg-config --version 2>/dev/null`
if test -n "$check"; then
addlib=$(pkg-config --libs nss | sed 's/-lsmime3//;s/-lssl3//')
addcppflags=$(pkg-config --cflags nss)
else
# Without pkg-config, we'll kludge in some defaults
addlib="-lnss3 -lplds4 -lplc4 -lnspr4 -lpthread -ldl"
addcppflags="-I/usr/include/nss3 -I/usr/include/nspr4"
fi
save_CPPFLAGS="$CPPFLAGS"
CPPFLAGS="$save_CPPFLAGS $addcppflags"
AC_CHECK_HEADER([nss3/nss.h], [
AC_CHECK_LIB(nss3, NSS_NoDB_Init, [
AC_DEFINE(HAVE_LIBNSS, 1, [Define to 1 if you have the 'NSS' library (-lnss3).])
WITH_NSS_INCLUDE="$addcppflags"
WITH_NSS_LIB="$addlib"
])
],[
AC_MSG_ERROR([missing required header beecrypt/beecrypt.h])
AC_MSG_ERROR([missing required header nss3/nss.h])
])
AC_SUBST(WITH_BEECRYPT_INCLUDE)
AC_SUBST(WITH_BEECRYPT_LIB)
CPPFLAGS="$save_CPPFLAGS"
AC_SUBST(WITH_NSS_INCLUDE)
AC_SUBST(WITH_NSS_LIB)
#=================
# Check for magic library.

4
lib/Makefile.am
View File

@ -4,7 +4,7 @@ AM_CPPFLAGS = -I$(top_builddir) -I$(top_srcdir)
AM_CPPFLAGS += -I$(top_srcdir)/lib
AM_CPPFLAGS += -I$(top_builddir)/rpmdb -I$(top_srcdir)/rpmdb
AM_CPPFLAGS += -I$(top_srcdir)/rpmio
AM_CPPFLAGS += @WITH_BEECRYPT_INCLUDE@
AM_CPPFLAGS += @WITH_NSS_INCLUDE@
AM_CPPFLAGS += @WITH_POPT_INCLUDE@
AM_CPPFLAGS += -I$(top_srcdir)/misc
AM_CPPFLAGS += -DLOCALEDIR="\"$(localedir)\""
@ -33,7 +33,7 @@ librpm_la_LDFLAGS = -release 4.4
librpm_la_LIBADD = \
$(top_builddir)/rpmdb/librpmdb.la \
$(top_builddir)/rpmio/librpmio.la \
@WITH_BEECRYPT_LIB@ \
@WITH_NSS_LIB@ \
@WITH_POPT_LIB@ \
@WITH_SELINUX_LIB@ \
@LIBINTL@

23
lib/formats.c
View File

@ -190,20 +190,16 @@ static char * base64Format(int32_t type, const void * data,
int lc;
/* XXX HACK ALERT: element field abused as no. bytes of binary data. */
size_t ns = element;
size_t nt = ((ns + 2) / 3) * 4;
size_t nt = 0;
/* Add additional bytes necessary for eol string(s). */
if (b64encode_chars_per_line > 0 && b64encode_eolstr != NULL) {
lc = (nt + b64encode_chars_per_line - 1) / b64encode_chars_per_line;
if (((nt + b64encode_chars_per_line - 1) % b64encode_chars_per_line) != 0)
++lc;
nt += lc * strlen(b64encode_eolstr);
if ((enc = b64encode(data, ns, -1)) != NULL) {
nt = strlen(enc);
}
val = t = xmalloc(nt + padding + 1);
*t = '\0';
if ((enc = b64encode(data, ns)) != NULL) {
if (enc != NULL) {
t = stpcpy(t, enc);
enc = _free(enc);
}
@ -277,10 +273,13 @@ static char * xmlFormat(int32_t type, const void * data,
xtag = "string";
break;
case RPM_BIN_TYPE:
{ int cpl = b64encode_chars_per_line;
b64encode_chars_per_line = 0;
s = base64Format(type, data, formatPrefix, padding, element);
b64encode_chars_per_line = cpl;
{
/* XXX HACK ALERT: element field abused as no. bytes of binary data. */
size_t ns = element;
if ((s = b64encode(data, ns, 0)) == NULL) {
/* XXX proper error handling would be better. */
s = xcalloc(1, padding + (ns / 3) * 4 + 1);
}
xtag = "base64";
} break;
case RPM_CHAR_TYPE:

1
lib/misc.c
View File

@ -11,7 +11,6 @@ const char * RPMVERSION = VERSION;
#include "rpmmacro.h" /* XXX for rpmGetPath */
#include "rpmlib.h"
#include "rpmerr.h"
#include "legacy.h"
#include "misc.h"
#include "debug.h"

2
lib/package.c
View File

@ -929,11 +929,9 @@ rpmRC rpmReadPackageFile(rpmts ts, FD_t fd, const char * fn, Header * hdrp)
fddig->hashctx = NULL;
break;
case PGPHASHALGO_SHA1:
#if HAVE_BEECRYPT_API_H
case PGPHASHALGO_SHA256:
case PGPHASHALGO_SHA384:
case PGPHASHALGO_SHA512:
#endif
dig->sha1ctx = fddig->hashctx;
fddig->hashctx = NULL;
break;

2
lib/rpmchecksig.c
View File

@ -518,11 +518,9 @@ assert(dig->md5ctx == NULL);
fddig->hashctx = NULL;
break;
case PGPHASHALGO_SHA1:
#if HAVE_BEECRYPT_API_H
case PGPHASHALGO_SHA256:
case PGPHASHALGO_SHA384:
case PGPHASHALGO_SHA512:
#endif
assert(dig->sha1ctx == NULL);
dig->sha1ctx = fddig->hashctx;
fddig->hashctx = NULL;

1
lib/rpmfi.c
View File

@ -22,7 +22,6 @@
#include "legacy.h" /* XXX domd5 */
#include "misc.h" /* XXX stripTrailingChar */
#include "rpmmacro.h" /* XXX rpmCleanPath */
#include "legacy.h"
#include "debug.h"

4
lib/rpmts.c
View File

@ -4,7 +4,7 @@
*/
#include "system.h"
#include "rpmio_internal.h" /* XXX for pgp and beecrypt */
#include "rpmio_internal.h" /* XXX for pgp */
#include "rpmlib.h"
#include "rpmmacro.h" /* XXX rpmtsOpenDB() needs rpmGetPath */
@ -483,7 +483,7 @@ rpmRC rpmtsImportPubkey(const rpmts ts, const unsigned char * pkt, ssize_t pktle
if (rpmtsOpenDB(ts, (O_RDWR|O_CREAT)))
return RPMRC_FAIL;
if ((enc = b64encode(pkt, pktlen)) == NULL)
if ((enc = b64encode(pkt, pktlen, -1)) == NULL)
goto exit;
dig = pgpNewDig();

78
lib/signature.c
View File

@ -1093,9 +1093,10 @@ verifyRSASignature(rpmts ts, char * t,
int32_t sigtag = rpmtsSigtag(ts);
pgpDig dig = rpmtsDig(ts);
pgpDigParams sigp = rpmtsSignature(ts);
const char * prefix = NULL;
SECOidTag sigalg;
rpmRC res = RPMRC_OK;
int xx;
SECItem digest;
*t = '\0';
if (dig != NULL && dig->hdrmd5ctx == md5ctx)
@ -1125,43 +1126,40 @@ verifyRSASignature(rpmts ts, char * t,
switch (sigp->hash_algo) {
case PGPHASHALGO_MD5:
t = stpcpy(t, " RSA/MD5");
prefix = "3020300c06082a864886f70d020505000410";
sigalg = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
break;
case PGPHASHALGO_SHA1:
t = stpcpy(t, " RSA/SHA1");
prefix = "3021300906052b0e03021a05000414";
sigalg = SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
break;
case PGPHASHALGO_RIPEMD160:
res = RPMRC_NOKEY;
prefix = NULL;
break;
case PGPHASHALGO_MD2:
t = stpcpy(t, " RSA/MD2");
prefix = "3020300c06082a864886f70d020205000410";
sigalg = SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION;
break;
case PGPHASHALGO_TIGER192:
res = RPMRC_NOKEY;
prefix = NULL;
break;
case PGPHASHALGO_HAVAL_5_160:
res = RPMRC_NOKEY;
prefix = NULL;
break;
case PGPHASHALGO_SHA256:
t = stpcpy(t, " RSA/SHA256");
prefix = "3031300d060960864801650304020105000420";
sigalg = SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION;
break;
case PGPHASHALGO_SHA384:
t = stpcpy(t, " RSA/SHA384");
prefix = "3041300d060960864801650304020205000430";
sigalg = SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION;
break;
case PGPHASHALGO_SHA512:
t = stpcpy(t, " RSA/SHA512");
prefix = "3051300d060960864801650304020305000440";
sigalg = SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION;
break;
default:
res = RPMRC_NOKEY;
prefix = NULL;
sigalg = SEC_OID_UNKNOWN;
break;
}
@ -1172,8 +1170,6 @@ verifyRSASignature(rpmts ts, char * t,
(void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_DIGEST), 0);
{ DIGEST_CTX ctx = rpmDigestDup(md5ctx);
byte signhash16[2];
const char * s;
if (sigp->hash != NULL)
xx = rpmDigestUpdate(ctx, sigp->hash, sigp->hashlen);
@ -1190,40 +1186,18 @@ verifyRSASignature(rpmts ts, char * t,
}
#endif
xx = rpmDigestFinal(ctx, (void **)&dig->md5, &dig->md5len, 1);
xx = rpmDigestFinal(ctx, (void **)&dig->md5, &dig->md5len, 0);
(void) rpmswExit(rpmtsOp(ts, RPMTS_OP_DIGEST), sigp->hashlen);
rpmtsOp(ts, RPMTS_OP_DIGEST)->count--; /* XXX one too many */
/* Compare leading 16 bits of digest for quick check. */
s = dig->md5;
signhash16[0] = (nibble(s[0]) << 4) | nibble(s[1]);
signhash16[1] = (nibble(s[2]) << 4) | nibble(s[3]);
if (memcmp(signhash16, sigp->signhash16, sizeof(signhash16))) {
if (memcmp(dig->md5, sigp->signhash16, 2)) {
res = RPMRC_FAIL;
goto exit;
}
}
/* Generate RSA modulus parameter. */
{ unsigned int nbits = MP_WORDS_TO_BITS(dig->c.size);
unsigned int nb = (nbits + 7) >> 3;
const char * hexstr;
char * tt;
assert(prefix != NULL);
hexstr = tt = xmalloc(2 * nb + 1);
memset(tt, 'f', (2 * nb));
tt[0] = '0'; tt[1] = '0';
tt[2] = '0'; tt[3] = '1';
tt += (2 * nb) - strlen(prefix) - strlen(dig->md5) - 2;
*tt++ = '0'; *tt++ = '0';
tt = stpcpy(tt, prefix);
tt = stpcpy(tt, dig->md5);
mpnzero(&dig->rsahm); (void) mpnsethex(&dig->rsahm, hexstr);
hexstr = _free(hexstr);
digest.type = siBuffer;
digest.data = dig->md5;
digest.len = dig->md5len;
}
/* Retrieve the matching public key. */
@ -1232,12 +1206,7 @@ assert(prefix != NULL);
goto exit;
(void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_SIGNATURE), 0);
#if HAVE_BEECRYPT_API_H
xx = rsavrfy(&dig->rsa_pk.n, &dig->rsa_pk.e, &dig->c, &dig->rsahm);
#else
xx = rsavrfy(&dig->rsa_pk, &dig->rsahm, &dig->c);
#endif
if (xx)
if (VFY_VerifyDigest(&digest, dig->rsa, dig->rsasig, sigalg, NULL) == SECSuccess)
res = RPMRC_OK;
else
res = RPMRC_FAIL;
@ -1274,6 +1243,7 @@ verifyDSASignature(rpmts ts, char * t,
pgpDigParams sigp = rpmtsSignature(ts);
rpmRC res;
int xx;
SECItem digest;
*t = '\0';
if (dig != NULL && dig->hdrsha1ctx == sha1ctx)
@ -1301,7 +1271,6 @@ verifyDSASignature(rpmts ts, char * t,
(void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_DIGEST), 0);
{ DIGEST_CTX ctx = rpmDigestDup(sha1ctx);
byte signhash16[2];
if (sigp->hash != NULL)
xx = rpmDigestUpdate(ctx, sigp->hash, sigp->hashlen);
@ -1315,19 +1284,18 @@ verifyDSASignature(rpmts ts, char * t,
memcpy(trailer+2, &nb, sizeof(nb));
xx = rpmDigestUpdate(ctx, trailer, sizeof(trailer));
}
xx = rpmDigestFinal(ctx, (void **)&dig->sha1, &dig->sha1len, 1);
xx = rpmDigestFinal(ctx, (void **)&dig->sha1, &dig->sha1len, 0);
(void) rpmswExit(rpmtsOp(ts, RPMTS_OP_DIGEST), sigp->hashlen);
rpmtsOp(ts, RPMTS_OP_DIGEST)->count--; /* XXX one too many */
mpnzero(&dig->hm); (void) mpnsethex(&dig->hm, dig->sha1);
/* Compare leading 16 bits of digest for quick check. */
signhash16[0] = (*dig->hm.data >> 24) & 0xff;
signhash16[1] = (*dig->hm.data >> 16) & 0xff;
if (memcmp(signhash16, sigp->signhash16, sizeof(signhash16))) {
if (memcmp(dig->sha1, sigp->signhash16, 2)) {
res = RPMRC_FAIL;
goto exit;
}
digest.type = siBuffer;
digest.data = dig->sha1;
digest.len = dig->sha1len;
}
/* Retrieve the matching public key. */
@ -1336,8 +1304,8 @@ verifyDSASignature(rpmts ts, char * t,
goto exit;
(void) rpmswEnter(rpmtsOp(ts, RPMTS_OP_SIGNATURE), 0);
if (dsavrfy(&dig->p, &dig->q, &dig->g,
&dig->hm, &dig->y, &dig->r, &dig->s))
if (VFY_VerifyDigest(&digest, dig->dsa, dig->dsasig,
SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST, NULL) == SECSuccess)
res = RPMRC_OK;
else
res = RPMRC_FAIL;

2
macros.in
View File

@ -651,7 +651,7 @@ print (t)\
pgps +batchmode=on +verbose=0 +armor=off \
"+myname=%{_pgp_name}" -b %{__plaintext_filename} -o %{__signature_filename}
# XXX rpm-4.1 verifies signatures using beecrypt.
# XXX rpm >= 4.1 verifies signatures internally
#%__gpg_verify_cmd %{__gpg} \
# gpg --batch --no-verbose --verify --no-secmem-warning \
# %{__signature_filename} %{__plaintext_filename}

4
python/Makefile.am
View File

@ -10,7 +10,7 @@ AM_CPPFLAGS += -I$(top_srcdir)/lib
AM_CPPFLAGS += -I$(top_srcdir)/rpmdb
AM_CPPFLAGS += -I$(top_srcdir)/rpmio
AM_CPPFLAGS += @WITH_LIBELF_INCLUDE@
AM_CPPFLAGS += @WITH_BEECRYPT_INCLUDE@
AM_CPPFLAGS += @WITH_NSS_INCLUDE@
AM_CPPFLAGS += @WITH_POPT_INCLUDE@
AM_CPPFLAGS += -I$(top_srcdir)/misc
AM_CPPFLAGS += -I@WITH_PYTHON_INCLUDE@
@ -24,7 +24,7 @@ _rpmmodule_la_LIBADD = \
$(top_builddir)/lib/librpm.la \
$(top_builddir)/rpmdb/librpmdb.la \
$(top_builddir)/rpmio/librpmio.la \
@WITH_BEECRYPT_LIB@ \
@WITH_NSS_LIB@ \
@WITH_POPT_LIB@ \
@WITH_LIBELF_LIB@ \
@WITH_PYTHON_LIB@

2
rpm.pc.in
View File

@ -12,4 +12,4 @@ URL: http://rpm.org
# Conflicts:
Cflags: -I${includedir}/rpm
Libs: -L${libdir} -lrpmbuild -lrpm -lrpmdb -lrpmio -lrpmmisc
Libs.private: -lpopt -lmagic -lbeecrypt -lrt -lpthread @WITH_SELINUX_LIB@ @WITH_SQLITE3_LIB@ @WITH_DB_LIB@ @WITH_BZ2_LIB@ @WITH_ZLIB_LIB@
Libs.private: -lpopt -lmagic -lrt -lpthread @WITH_SELINUX_LIB@ @WITH_SQLITE3_LIB@ @WITH_DB_LIB@ @WITH_BZ2_LIB@ @WITH_ZLIB_LIB@ @WITH_NSS_LIB@

6
rpmdb/Makefile.am
View File

@ -7,7 +7,7 @@ AM_CPPFLAGS += -I$(top_builddir)/rpmdb -I$(top_srcdir)/rpmdb
AM_CPPFLAGS += -I$(top_srcdir)/build
AM_CPPFLAGS += -I$(top_srcdir)/lib
AM_CPPFLAGS += -I$(top_srcdir)/rpmio
AM_CPPFLAGS += @WITH_BEECRYPT_INCLUDE@
AM_CPPFLAGS += @WITH_NSS_INCLUDE@
AM_CPPFLAGS += @WITH_POPT_INCLUDE@
AM_CPPFLAGS += -I$(top_srcdir)/misc
AM_CPPFLAGS += @WITH_SQLITE3_INCLUDE@
@ -34,7 +34,7 @@ endif
librpmdb_la_LDFLAGS = -release 4.4
librpmdb_la_LIBADD = \
$(top_builddir)/rpmio/librpmio.la \
@WITH_BEECRYPT_LIB@ \
@WITH_NSS_LIB@ \
@WITH_POPT_LIB@ \
@WITH_SQLITE3_LIB@ \
@WITH_LIBELF_LIB@
@ -177,4 +177,4 @@ tdbi_LDADD = librpmdb.la
check_PROGRAMS += tjfn
tjfn_SOURCES = tjfn.c
tjfn_LDADD = librpmdb.la @WITH_BEECRYPT_LIB@
tjfn_LDADD = librpmdb.la @WITH_NSS_LIB@

10
rpmio/Makefile.am
View File

@ -2,7 +2,7 @@
AM_CPPFLAGS = -I$(top_builddir) -I$(top_srcdir)
AM_CPPFLAGS += -I$(top_srcdir)/rpmio
AM_CPPFLAGS += @WITH_BEECRYPT_INCLUDE@
AM_CPPFLAGS += @WITH_NSS_INCLUDE@
AM_CPPFLAGS += @WITH_LUA_INCLUDE@
AM_CPPFLAGS += @WITH_POPT_INCLUDE@
AM_CPPFLAGS += -I$(top_srcdir)/misc
@ -11,14 +11,14 @@ AM_CPPFLAGS += -DRPMCONFIGDIR="\"@RPMCONFIGDIR@\""
usrlibdir = $(libdir)
usrlib_LTLIBRARIES = librpmio.la
librpmio_la_SOURCES = \
argv.c digest.c fts.c macro.c \
argv.c base64.c digest.c fts.c macro.c \
rpmhook.c rpmio.c rpmlog.c rpmlua.c rpmmalloc.c \
rpmpgp.c rpmrpc.c rpmsq.c rpmsw.c strcasecmp.c url.c ugid.c \
rpmio_internal.h rpmlua.h rpmhook.h ugid.h fts.h rpmerr.h
librpmio_la_LDFLAGS = -release 4.4
librpmio_la_LIBADD = \
../misc/libmisc.la \
@WITH_BEECRYPT_LIB@ \
@WITH_NSS_LIB@ \
@WITH_LUA_LIB@ \
@WITH_MAGIC_LIB@ \
@WITH_BZ2_LIB@ \
@ -51,10 +51,6 @@ check_PROGRAMS += tglob
tglob_SOURCES = tglob.c rpmio_internal.h
tglob_LDADD = librpmio.la @WITH_POPT_LIB@
check_PROGRAMS += tinv
tinv_SOURCES = tinv.c
tinv_LDADD = librpmio.la @WITH_POPT_LIB@
check_PROGRAMS += tkey
tkey_SOURCES = tkey.c rpmio_internal.h
tkey_LDADD = librpmio.la @WITH_POPT_LIB@

254
rpmio/base64.c Normal file
View File

@ -0,0 +1,254 @@
/* base64 encoder/decoder based on public domain implementation
* by Chris Venter */
#include <arpa/inet.h>
#include <stdlib.h>
#include "base64.h"
static char base64_encode_value(char value_in)
{
static const char encoding[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
if (value_in > 63) return '=';
return encoding[(int)value_in];
}
static char *base64_encode_block(const char *plaintext_in, int length_in, char *codechar)
{
const char *plainchar = plaintext_in;
const char *const plaintextend = plaintext_in + length_in;
char result;
char fragment;
while (1) {
if (plainchar == plaintextend) {
return codechar;
}
fragment = *plainchar++;
result = (fragment & 0x0fc) >> 2;
*codechar++ = base64_encode_value(result);
result = (fragment & 0x003) << 4;
if (plainchar == plaintextend)
{
*codechar++ = base64_encode_value(result);
*codechar++ = '=';
*codechar++ = '=';
return codechar;
}
fragment = *plainchar++;
result |= (fragment & 0x0f0) >> 4;
*codechar++ = base64_encode_value(result);
result = (fragment & 0x00f) << 2;
if (plainchar == plaintextend)
{
*codechar++ = base64_encode_value(result);
*codechar++ = '=';
return codechar;
}
fragment = *plainchar++;
result |= (fragment & 0x0c0) >> 6;
*codechar++ = base64_encode_value(result);
result = (fragment & 0x03f) >> 0;
*codechar++ = base64_encode_value(result);
}
/* control should not reach here */
return codechar;
}
#define BASE64_DEFAULT_LINE_LENGTH 64
char *b64encode(const void *data, size_t len, int linelen)
{
size_t encodedlen;
const char *dataptr = data;
char *output;
char *outptr;
if (data == NULL)
return NULL;
if (linelen < 0)
linelen = BASE64_DEFAULT_LINE_LENGTH;
linelen /= 4;
encodedlen = ((len + 2) / 3) * 4;
if (linelen > 0) {
encodedlen += encodedlen/(linelen * 4) + 1;
}
++encodedlen; /* for zero termination */
output = malloc(encodedlen);
if (output == NULL)
return NULL;
outptr = output;
while (len > 0) {
if (linelen > 0 && len > linelen * 3) {
outptr = base64_encode_block(dataptr, linelen * 3, outptr);
len -= linelen * 3;
dataptr += linelen * 3;
} else {
outptr = base64_encode_block(dataptr, len, outptr);
len = 0;
}
if (linelen > 0) {
*outptr++ = '\n';
}
}
*outptr = '\0';
return output;
}
static int base64_decode_value(char value_in)
{
static const char decoding[] = {62,-1,-1,-1,63,52,53,54,55,56,57,58,59,60,61,-1,-1,-1,-2,-1,-1,-1,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,-1,-1,-1,-1,-1,-1,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51};
static const char decoding_size = sizeof(decoding);
value_in -= 43;
if (value_in < 0 || value_in > decoding_size)
return -1;
return decoding[(int)value_in];
}
static size_t base64_decode_block(const char *code_in, const size_t length_in, char *plaintext_out)
{
const char *codechar = code_in;
char *plainchar = plaintext_out;
char fragment;
*plainchar = 0;
while (1)
{
do {
if (codechar == code_in+length_in)
{
return plainchar - plaintext_out;
}
fragment = (char)base64_decode_value(*codechar++);
} while (fragment < 0);
*plainchar = (fragment & 0x03f) << 2;
do {
if (codechar == code_in+length_in)
{
return plainchar - plaintext_out;
}
fragment = (char)base64_decode_value(*codechar++);
} while (fragment < 0);
*plainchar++ |= (fragment & 0x030) >> 4;
*plainchar = (fragment & 0x00f) << 4;
do {
if (codechar == code_in+length_in)
{
return plainchar - plaintext_out;
}
fragment = (char)base64_decode_value(*codechar++);
} while (fragment < 0);
*plainchar++ |= (fragment & 0x03c) >> 2;
*plainchar = (fragment & 0x003) << 6;
do {
if (codechar == code_in+length_in)
{
return plainchar - plaintext_out;
}
fragment = (char)base64_decode_value(*codechar++);
} while (fragment < 0);
*plainchar++ |= (fragment & 0x03f);
}
/* control should not reach here */
return plainchar - plaintext_out;
}
int b64decode(const char *in, void **out, size_t *outlen)
{
size_t outcnt = 0;
const char *inptr = in;
*out = NULL;
if (in == NULL) {
return 1;
}
while (*inptr != '\0') {
/* assume all ASCII control chars as whitespace */
if (*inptr > 32) {
if (base64_decode_value(*inptr) != -1) {
++outcnt;
} else {
return 3;
}
}
++inptr;
}
if (outcnt % 4 != 0)
return 2;
outcnt = (outcnt / 4) * 3;
*out = malloc(outcnt + 1); /* base64_decode_block can write one extra character */
if (*out == NULL)
return 4;
*outlen = base64_decode_block(in, inptr - in, *out);
return 0;
}
#define CRC24_INIT 0xb704ce
#define CRC24_POLY 0x1864cfb
char *b64crc(const unsigned char *data, size_t len)
{
uint32_t crc = CRC24_INIT;
int i;
while (len--) {
crc ^= (*data++) << 16;
for (i = 0; i < 8; i++) {
crc <<= 1;
if (crc & 0x1000000)
crc ^= CRC24_POLY;
}
}
crc = htonl(crc & 0xffffff);
data = (unsigned char *)&crc;
++data;
return b64encode(data, 3, 0);
}
#ifdef BASE64_TEST
#include <stdio.h>
#include <string.h>
int main(int argc, char *argv[])
{
static char tst[]="wtrt8122čLýáj\x20s ~ýhž\t4\x02šjjmBvž^%$RTš#á.íěj\x1hčýčŤc+";
char *encoded;
void *decoded;
size_t size;
int err;
printf("Original: %lu\n%s\n", sizeof(tst)-1, tst);
encoded = b64encode(tst, sizeof(tst)-1, 64);
printf("Encoded: %lu\n%s\n", strlen(encoded), encoded);
if ((err = b64decode(encoded, &decoded, &size)) != 0) {
fprintf(stderr, "Error in decode: %d\n", err);
return 1;
}
printf("Decoded:\n%.*s\n", (int)size, (char *)decoded);
if (size != sizeof(tst)-1) {
fprintf(stderr, "Size differs orig: %lu new: %lu\n", sizeof(tst)-1, size);
return 1;
}
if (memcmp(tst, decoded, size) != 0) {
fprintf(stderr, "Decoded data differs.\n");
return 1;
}
fprintf(stderr, "OK\n");
return 0;
}
#endif

29
rpmio/base64.h Normal file
View File

@ -0,0 +1,29 @@
/* base64 encoder/decoder based on public domain implementation
* by Chris Venter */
#include <sys/types.h>
/* returns malloced base64 encoded string
* lines are split with \n characters to be nearest lower multiple of linelen
* if linelen/4 == 0 lines are not split
* if linelen < 0 default line length (64) is used
* the returned string is empty when len == 0
* returns NULL on failures
*/
char *b64encode(const void *data, size_t len, int linelen);
/* decodes from zero terminated base64 encoded string to a newly malloced buffer
* ignores whitespace characters in the input string
* return values:
* 0 - OK
* 1 - input is NULL
* 2 - invalid length
* 3 - invalid characters on input
* 4 - malloc failed
*/
int b64decode(const char *in, void **out, size_t *outlen);
/* counts CRC24 and base64 encodes it in a malloced string
* returns NULL on failures
*/
char *b64crc(const unsigned char *data, size_t len);

151
rpmio/digest.c
View File

@ -18,13 +18,7 @@
*/
struct DIGEST_CTX_s {
rpmDigestFlags flags; /*!< Bit(s) to control digest operation. */
uint32_t datalen; /*!< No. bytes in block of plaintext data. */
uint32_t paramlen; /*!< No. bytes of digest parameters. */
uint32_t digestlen; /*!< No. bytes of digest. */
void * param; /*!< Digest parameters. */
int (*Reset) (void * param); /*!< Digest initialize. */
int (*Update) (void * param, const byte * data, size_t size); /*!< Digest transform. */
int (*Digest) (void * param, byte * digest); /*!< Digest finish. */
HASHContext *hashctx; /*!< Internal NSS hash context. */
};
DIGEST_CTX
@ -32,132 +26,132 @@ rpmDigestDup(DIGEST_CTX octx)
{
DIGEST_CTX nctx;
nctx = memcpy(xcalloc(1, sizeof(*nctx)), octx, sizeof(*nctx));
nctx->param = memcpy(xcalloc(1, nctx->paramlen), octx->param, nctx->paramlen);
nctx->hashctx = HASH_Clone(octx->hashctx);
if (nctx->hashctx == NULL) {
fprintf(stderr, "HASH_Clone failed\n");
exit(EXIT_FAILURE); /* FIX: callers do not bother checking error return */
}
return nctx;
}
DIGEST_CTX
rpmDigestInit(pgpHashAlgo hashalgo, rpmDigestFlags flags)
static HASH_HashType
getHashType(pgpHashAlgo hashalgo)
{
DIGEST_CTX ctx = xcalloc(1, sizeof(*ctx));
int xx;
ctx->flags = flags;
switch (hashalgo) {
case PGPHASHALGO_MD5:
ctx->digestlen = 16;
ctx->datalen = 64;
/* FIX: union, not void pointer */
ctx->paramlen = sizeof(md5Param);
ctx->param = xcalloc(1, ctx->paramlen);
/* FIX: cast? */
ctx->Reset = (void *) md5Reset;
ctx->Update = (void *) md5Update;
ctx->Digest = (void *) md5Digest;
return HASH_AlgMD5;
break;
case PGPHASHALGO_SHA1:
ctx->digestlen = 20;
ctx->datalen = 64;
/* FIX: union, not void pointer */
ctx->paramlen = sizeof(sha1Param);
ctx->param = xcalloc(1, ctx->paramlen);
/* FIX: cast? */
ctx->Reset = (void *) sha1Reset;
ctx->Update = (void *) sha1Update;
ctx->Digest = (void *) sha1Digest;
return HASH_AlgSHA1;
break;
#if HAVE_BEECRYPT_API_H
case PGPHASHALGO_SHA256:
ctx->digestlen = 32;
ctx->datalen = 64;
/* FIX: union, not void pointer */
ctx->paramlen = sizeof(sha256Param);
ctx->param = xcalloc(1, ctx->paramlen);
/* FIX: cast? */
ctx->Reset = (void *) sha256Reset;
ctx->Update = (void *) sha256Update;
ctx->Digest = (void *) sha256Digest;
return HASH_AlgSHA256;
break;
case PGPHASHALGO_SHA384:
ctx->digestlen = 48;
ctx->datalen = 128;
/* FIX: union, not void pointer */
ctx->paramlen = sizeof(sha384Param);
ctx->param = xcalloc(1, ctx->paramlen);
/* FIX: cast? */
ctx->Reset = (void *) sha384Reset;
ctx->Update = (void *) sha384Update;
ctx->Digest = (void *) sha384Digest;
return HASH_AlgSHA384;
break;
case PGPHASHALGO_SHA512:
ctx->digestlen = 64;
ctx->datalen = 128;
/* FIX: union, not void pointer */
ctx->paramlen = sizeof(sha512Param);
ctx->param = xcalloc(1, ctx->paramlen);
/* FIX: cast? */
ctx->Reset = (void *) sha512Reset;
ctx->Update = (void *) sha512Update;
ctx->Digest = (void *) sha512Digest;
return HASH_AlgSHA512;
break;
#endif
case PGPHASHALGO_RIPEMD160:
case PGPHASHALGO_MD2:
case PGPHASHALGO_TIGER192:
case PGPHASHALGO_HAVAL_5_160:
default:
free(ctx);
return NULL;
return HASH_AlgNULL;
break;
}
}
xx = (*ctx->Reset) (ctx->param);
size_t
rpmDigestLength(pgpHashAlgo hashalgo)
{
return HASH_ResultLen(getHashType(hashalgo));
}
DPRINTF((stderr, "*** Init(%x) ctx %p param %p\n", flags, ctx, ctx->param));
DIGEST_CTX
rpmDigestInit(pgpHashAlgo hashalgo, rpmDigestFlags flags)
{
HASH_HashType type;
DIGEST_CTX ctx = xcalloc(1, sizeof(*ctx));
if (NSS_NoDB_Init(NULL) != SECSuccess)
return NULL;
ctx->flags = flags;
type = getHashType(hashalgo);
if (type == HASH_AlgNULL) {
free(ctx);
return NULL;
}
ctx->hashctx = HASH_Create(type);
if (ctx->hashctx == NULL) {
free(ctx);
return NULL;
}
HASH_Begin(ctx->hashctx);
DPRINTF((stderr, "*** Init(%x) ctx %p hashctx %p\n", flags, ctx, ctx->hashctx));
return ctx;
}
int
rpmDigestUpdate(DIGEST_CTX ctx, const void * data, size_t len)
{
unsigned int partlen;
const unsigned char *ptr = data;
if (ctx == NULL)
return -1;
DPRINTF((stderr, "*** Update(%p,%p,%d) param %p \"%s\"\n", ctx, data, len, ctx->param, ((char *)data)));
return (*ctx->Update) (ctx->param, data, len);
DPRINTF((stderr, "*** Update(%p,%p,%d) hashctx %p \"%s\"\n", ctx, data, len, ctx->hashctx, ((char *)data)));
partlen = ~(unsigned int)0xFF;
while (len > 0) {
if (len < partlen) {
partlen = (unsigned int)len;
}
HASH_Update(ctx->hashctx, ptr, partlen);
ptr += partlen;
len -= partlen;
}
return 0;
}
int
rpmDigestFinal(DIGEST_CTX ctx, void ** datap, size_t *lenp, int asAscii)
{
byte * digest;
unsigned char * digest;
char * t;
int i;
unsigned int digestlen;
if (ctx == NULL)
return -1;
digest = xmalloc(ctx->digestlen);
digestlen = HASH_ResultLenContext(ctx->hashctx);
digest = xmalloc(digestlen);
DPRINTF((stderr, "*** Final(%p,%p,%p,%d) param %p digest %p\n", ctx, datap, lenp, asAscii, ctx->param, digest));
DPRINTF((stderr, "*** Final(%p,%p,%p,%d) hashctx %p digest %p\n", ctx, datap, lenp, asAscii, ctx->hashctx, digest));
/* FIX: check rc */
(void) (*ctx->Digest) (ctx->param, digest);
HASH_End(ctx->hashctx, digest, &digestlen, digestlen);
/* Return final digest. */
if (!asAscii) {
if (lenp) *lenp = ctx->digestlen;
if (lenp) *lenp = digestlen;
if (datap) {
*datap = digest;
digest = NULL;
}
} else {
if (lenp) *lenp = (2*ctx->digestlen) + 1;
if (lenp) *lenp = (2*digestlen) + 1;
if (datap) {
const byte * s = (const byte *) digest;
static const char hex[] = "0123456789abcdef";
*datap = t = xmalloc((2*ctx->digestlen) + 1);
for (i = 0 ; i < ctx->digestlen; i++) {
*datap = t = xmalloc((2*digestlen) + 1);
for (i = 0 ; i < digestlen; i++) {
*t++ = hex[ (unsigned)((*s >> 4) & 0x0f) ];
*t++ = hex[ (unsigned)((*s++ ) & 0x0f) ];
}
@ -165,11 +159,10 @@ DPRINTF((stderr, "*** Final(%p,%p,%p,%d) param %p digest %p\n", ctx, datap, lenp
}
}
if (digest) {
memset(digest, 0, ctx->digestlen); /* In case it's sensitive */
memset(digest, 0, digestlen); /* In case it's sensitive */
free(digest);
}
memset(ctx->param, 0, ctx->paramlen); /* In case it's sensitive */
free(ctx->param);
HASH_Destroy(ctx->hashctx);
memset(ctx, 0, sizeof(*ctx)); /* In case it's sensitive */
free(ctx);
return 0;

18
rpmio/macro.c
View File

@ -25,6 +25,24 @@
#include "debug.h"
/*! The structure used to store a macro. */
struct rpmMacroEntry_s {
struct rpmMacroEntry_s *prev;/*!< Macro entry stack. */
const char *name; /*!< Macro name. */
const char *opts; /*!< Macro parameters (a la getopt) */
const char *body; /*!< Macro body. */
int used; /*!< No. of expansions. */
int level; /*!< Scoping level. */
};
/*! The structure used to store the set of macros in a context. */
struct rpmMacroContext_s {
rpmMacroEntry *macroTable; /*!< Macro entry table for context. */
int macrosAllocated;/*!< No. of allocated macros. */
int firstFree; /*!< No. of macros. */
};
static struct rpmMacroContext_s rpmGlobalMacroContext_s;
rpmMacroContext rpmGlobalMacroContext = &rpmGlobalMacroContext_s;

45
rpmio/rpmio_internal.h
View File

@ -10,30 +10,14 @@
#include "rpmio.h"
#include "rpmurl.h"
#if HAVE_BEECRYPT_API_H
#include <beecrypt/api.h>
#else
#include <beecrypt/beecrypt.api.h>
#endif
#include "base64.h"
#include "rpmpgp.h"
#include "rpmsw.h"
/* Drag in the beecrypt includes. */
#include <beecrypt/beecrypt.h>
#include <beecrypt/base64.h>
#include <beecrypt/dsa.h>
#include <beecrypt/endianness.h>
#include <beecrypt/md5.h>
#include <beecrypt/mp.h>
#include <beecrypt/rsa.h>
#include <beecrypt/rsapk.h>
#include <beecrypt/sha1.h>
#if HAVE_BEECRYPT_API_H
#include <beecrypt/sha256.h>
#include <beecrypt/sha384.h>
#include <beecrypt/sha512.h>
#endif
#include <nss.h>
#include <sechash.h>
#include <keyhi.h>
#include <cryptohi.h>
/** \ingroup rpmio
* Values parsed from OpenPGP signature/pubkey packet(s).
@ -78,20 +62,13 @@ struct pgpDig_s {
void * md5; /*!< (rsa) V3 signature hash. */
size_t md5len; /*!< (rsa) V3 signature hash length. */
/* DSA parameters. */
mpbarrett p;
mpbarrett q;
mpnumber g;
mpnumber y;
mpnumber hm;
mpnumber r;
mpnumber s;
/* DSA parameters */
SECKEYPublicKey *dsa;
SECItem *dsasig;
/* RSA parameters. */
rsapk rsa_pk;
mpnumber m;
mpnumber c;
mpnumber rsahm;
/* RSA parameters */
SECKEYPublicKey *rsa;
SECItem *rsasig;
};
/** \ingroup rpmio

17
rpmio/rpmmacro.h
View File

@ -9,22 +9,9 @@
extern "C" {
#endif
/*! The structure used to store a macro. */
typedef struct rpmMacroEntry_s {
struct rpmMacroEntry_s *prev;/*!< Macro entry stack. */
const char *name; /*!< Macro name. */
const char *opts; /*!< Macro parameters (a la getopt) */
const char *body; /*!< Macro body. */
int used; /*!< No. of expansions. */
int level; /*!< Scoping level. */
} * rpmMacroEntry;
typedef struct rpmMacroEntry_s * rpmMacroEntry;
/*! The structure used to store the set of macros in a context. */
typedef struct rpmMacroContext_s {
rpmMacroEntry *macroTable; /*!< Macro entry table for context. */
int macrosAllocated;/*!< No. of allocated macros. */
int firstFree; /*!< No. of macros. */
} * rpmMacroContext;
typedef struct rpmMacroContext_s * rpmMacroContext;
extern rpmMacroContext rpmGlobalMacroContext;

213
rpmio/rpmpgp.c
View File

@ -225,36 +225,97 @@ const char * pgpMpiHex(const byte *p)
/**
* @return 0 on success
*/
static int pgpHexSet(const char * pre, int lbits,
mpnumber * mpn, const byte * p, const byte * pend)
static int pgpMpiSet(const char * pre, int lbits,
void *dest, const byte * p, const byte * pend)
{
unsigned int mbits = pgpMpiBits(p);
unsigned int nbits;
unsigned int nbytes;
char * t;
char *t = dest;
unsigned int ix;
if ((p + ((mbits+7) >> 3)) > pend)
return 1;
if (mbits > lbits)
return 1;
nbits = (lbits > mbits ? lbits : mbits);
nbytes = ((nbits + 7) >> 3);
t = xmalloc(2*nbytes+1);
ix = 2 * ((nbits - mbits) >> 3);
ix = (nbits - mbits) >> 3;
if (_debug)
fprintf(stderr, "*** mbits %u nbits %u nbytes %u t %p[%d] ix %u\n", mbits, nbits, nbytes, t, (2*nbytes+1), ix);
if (ix > 0) memset(t, (int)'0', ix);
strcpy(t+ix, pgpMpiHex(p));
fprintf(stderr, "*** mbits %u nbits %u nbytes %u ix %u\n", mbits, nbits, nbytes, ix);
if (ix > 0) memset(t, '\0', ix);
memcpy(t+ix, p+2, nbytes-ix);
if (_debug)
fprintf(stderr, "*** %s %s\n", pre, t);
(void) mpnsethex(mpn, t);
t = _free(t);
if (_debug && _print)
fprintf(stderr, "\t %s ", pre), mpfprintln(stderr, mpn->size, mpn->data);
fprintf(stderr, "*** %s %s\n", pre, pgpHexStr(dest, nbytes));
return 0;
}
/**
* @return NULL on error
*/
static SECItem *pgpMpiItem(PRArenaPool *arena, SECItem *item, const byte *p)
{
unsigned int nbytes = pgpMpiLen(p)-2;
if (item == NULL) {
if ((item=SECITEM_AllocItem(arena, item, nbytes)) == NULL)
return item;
} else {
if (arena != NULL)
item->data = PORT_ArenaGrow(arena, item->data, item->len, nbytes);
else
item->data = PORT_Realloc(item->data, nbytes);
if (item->data == NULL) {
if (arena == NULL)
SECITEM_FreeItem(item, PR_TRUE);
return NULL;
}
}
memcpy(item->data, p+2, nbytes);
item->len = nbytes;
return item;
}
/*@=boundswrite@*/
static SECKEYPublicKey *pgpNewPublicKey(KeyType type)
{
PRArenaPool *arena;
SECKEYPublicKey *key;
arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
if (arena == NULL)
return NULL;
key = PORT_ArenaZAlloc(arena, sizeof(SECKEYPublicKey));
if (key == NULL) {
PORT_FreeArena(arena, PR_FALSE);
return NULL;
}
key->keyType = type;
key->pkcs11ID = CK_INVALID_HANDLE;
key->pkcs11Slot = NULL;
key->arena = arena;
return key;
}
static SECKEYPublicKey *pgpNewRSAKey(void)
{
return pgpNewPublicKey(rsaKey);
}
static SECKEYPublicKey *pgpNewDSAKey(void)
{
return pgpNewPublicKey(dsaKey);
}
int pgpPrtSubType(const byte *h, unsigned int hlen, pgpSigType sigtype)
{
const byte *p = h;
@ -359,12 +420,22 @@ static const char * pgpSigDSA[] = {
NULL,
};
#ifndef DSA_SUBPRIME_LEN
#define DSA_SUBPRIME_LEN 20
#endif
static int pgpPrtSigParams(pgpTag tag, byte pubkey_algo, byte sigtype,
const byte *p, const byte *h, unsigned int hlen)
{
const byte * pend = h + hlen;
int i;
SECItem dsaraw;
unsigned char dsabuf[2*DSA_SUBPRIME_LEN];
dsaraw.type = 0;
dsaraw.data = dsabuf;
dsaraw.len = sizeof(dsabuf);
for (i = 0; p < pend; i++, p += pgpMpiLen(p)) {
if (pubkey_algo == PGPPUBKEYALGO_RSA) {
if (i >= 1) break;
@ -373,9 +444,9 @@ static int pgpPrtSigParams(pgpTag tag, byte pubkey_algo, byte sigtype,
{
switch (i) {
case 0: /* m**d */
(void) mpnsethex(&_dig->c, pgpMpiHex(p));
if (_debug && _print)
fprintf(stderr, "\t m**d = "), mpfprintln(stderr, _dig->c.size, _dig->c.data);
_dig->rsasig = pgpMpiItem(NULL, _dig->rsasig, p);
if (_dig->rsasig == NULL)
return 1;
break;
default:
break;
@ -390,11 +461,21 @@ fprintf(stderr, "\t m**d = "), mpfprintln(stderr, _dig->c.size, _dig->c.data);
int xx;
xx = 0;
switch (i) {
case 0: /* r */
xx = pgpHexSet(pgpSigDSA[i], 160, &_dig->r, p, pend);
case 0:
memset(dsaraw.data, '\0', 2*DSA_SUBPRIME_LEN);
/* r */
xx = pgpMpiSet(pgpSigDSA[i], DSA_SUBPRIME_LEN*8, dsaraw.data, p, pend);
break;
case 1: /* s */
xx = pgpHexSet(pgpSigDSA[i], 160, &_dig->s, p, pend);
xx = pgpMpiSet(pgpSigDSA[i], DSA_SUBPRIME_LEN*8, dsaraw.data + DSA_SUBPRIME_LEN, p, pend);
if (_dig->dsasig != NULL)
SECITEM_FreeItem(_dig->dsasig, PR_FALSE);
else if ((_dig->dsasig=SECITEM_AllocItem(NULL, NULL, 0)) == NULL) {
xx = 1;
break;
}
if (DSAU_EncodeDerSig(_dig->dsasig, &dsaraw) != SECSuccess)
xx = 1;
break;
default:
xx = 1;
@ -573,16 +654,17 @@ static const byte * pgpPrtPubkeyParams(byte pubkey_algo,
if (pubkey_algo == PGPPUBKEYALGO_RSA) {
if (i >= 2) break;
if (_dig) {
if (_dig->rsa == NULL) {
_dig->rsa = pgpNewRSAKey();
if (_dig->rsa == NULL)
break; /* error abort? */
}
switch (i) {
case 0: /* n */
(void) mpbsethex(&_dig->rsa_pk.n, pgpMpiHex(p));
if (_debug && _print)
fprintf(stderr, "\t n = "), mpfprintln(stderr, _dig->rsa_pk.n.size, _dig->rsa_pk.n.modl);
pgpMpiItem(_dig->rsa->arena, &_dig->rsa->u.rsa.modulus, p);
break;
case 1: /* e */
(void) mpnsethex(&_dig->rsa_pk.e, pgpMpiHex(p));
if (_debug && _print)
fprintf(stderr, "\t e = "), mpfprintln(stderr, _dig->rsa_pk.e.size, _dig->rsa_pk.e.data);
pgpMpiItem(_dig->rsa->arena, &_dig->rsa->u.rsa.publicExponent, p);
break;
default:
break;
@ -592,26 +674,23 @@ fprintf(stderr, "\t e = "), mpfprintln(stderr, _dig->rsa_pk.e.size, _dig->r
} else if (pubkey_algo == PGPPUBKEYALGO_DSA) {
if (i >= 4) break;
if (_dig) {
if (_dig->dsa == NULL) {
_dig->dsa = pgpNewDSAKey();
if (_dig->dsa == NULL)
break; /* error abort? */
}
switch (i) {
case 0: /* p */
(void) mpbsethex(&_dig->p, pgpMpiHex(p));
if (_debug && _print)
fprintf(stderr, "\t p = "), mpfprintln(stderr, _dig->p.size, _dig->p.modl);
pgpMpiItem(_dig->dsa->arena, &_dig->dsa->u.dsa.params.prime, p);
break;
case 1: /* q */
(void) mpbsethex(&_dig->q, pgpMpiHex(p));
if (_debug && _print)
fprintf(stderr, "\t q = "), mpfprintln(stderr, _dig->q.size, _dig->q.modl);
pgpMpiItem(_dig->dsa->arena, &_dig->dsa->u.dsa.params.subPrime, p);
break;
case 2: /* g */
(void) mpnsethex(&_dig->g, pgpMpiHex(p));
if (_debug && _print)
fprintf(stderr, "\t g = "), mpfprintln(stderr, _dig->g.size, _dig->g.data);
pgpMpiItem(_dig->dsa->arena, &_dig->dsa->u.dsa.params.base, p);
break;
case 3: /* y */
(void) mpnsethex(&_dig->y, pgpMpiHex(p));
if (_debug && _print)
fprintf(stderr, "\t y = "), mpfprintln(stderr, _dig->y.size, _dig->y.data);
pgpMpiItem(_dig->dsa->arena, &_dig->dsa->u.dsa.publicValue, p);
break;
default:
break;
@ -942,6 +1021,8 @@ int pgpPrtPkt(const byte *pkt, unsigned int pleft)
pgpDig pgpNewDig(void)
{
pgpDig dig = xcalloc(1, sizeof(*dig));
NSS_NoDB_Init(NULL);
return dig;
}
@ -964,14 +1045,27 @@ void pgpCleanDig(pgpDig dig)
dig->md5 = _free(dig->md5);
dig->sha1 = _free(dig->sha1);
mpnfree(&dig->hm);
mpnfree(&dig->r);
mpnfree(&dig->s);
(void) rsapkFree(&dig->rsa_pk);
mpnfree(&dig->m);
mpnfree(&dig->c);
mpnfree(&dig->rsahm);
if (dig->dsa != NULL) {
SECKEY_DestroyPublicKey(dig->dsa);
dig->dsa = NULL;
}
if (dig->dsasig != NULL) {
SECITEM_ZfreeItem(dig->dsasig, PR_TRUE);
dig->dsasig = NULL;
}
if (dig->rsa != NULL) {
SECKEY_DestroyPublicKey(dig->rsa);
dig->rsa = NULL;
}
if (dig->rsasig != NULL) {
SECITEM_ZfreeItem(dig->rsasig, PR_TRUE);
dig->rsasig = NULL;
}
}
return;
}
@ -991,14 +1085,6 @@ pgpDig pgpFreeDig(pgpDig dig)
(void) rpmDigestFinal(dig->sha1ctx, NULL, NULL, 0);
dig->sha1ctx = NULL;
mpbfree(&dig->p);
mpbfree(&dig->q);
mpnfree(&dig->g);
mpnfree(&dig->y);
mpnfree(&dig->hm);
mpnfree(&dig->r);
mpnfree(&dig->s);
#ifdef NOTYET
if (dig->hdrmd5ctx != NULL)
(void) rpmDigestFinal(dig->hdrmd5ctx, NULL, NULL, 0);
@ -1009,12 +1095,6 @@ pgpDig pgpFreeDig(pgpDig dig)
(void) rpmDigestFinal(dig->md5ctx, NULL, NULL, 0);
dig->md5ctx = NULL;
mpbfree(&dig->rsa_pk.n);
mpnfree(&dig->rsa_pk.e);
mpnfree(&dig->m);
mpnfree(&dig->c);
mpnfree(&dig->hm);
dig = _free(dig);
}
return dig;
@ -1196,17 +1276,12 @@ char * pgpArmorWrap(int atype, const unsigned char * s, size_t ns)
{
const char * enc;
char * t;
size_t nt;
size_t nt = 0;
char * val;
int lc;
nt = ((ns + 2) / 3) * 4;
/* Add additional bytes necessary for eol string(s). */
if (b64encode_chars_per_line > 0 && b64encode_eolstr != NULL) {
lc = (nt + b64encode_chars_per_line - 1) / b64encode_chars_per_line;
if (((nt + b64encode_chars_per_line - 1) % b64encode_chars_per_line) != 0)
++lc;
nt += lc * strlen(b64encode_eolstr);
enc = b64encode(s, ns, -1);
if (enc != NULL) {
nt = strlen(enc);
}
nt += 512; /* XXX slop for armor and crc */
@ -1216,9 +1291,9 @@ char * pgpArmorWrap(int atype, const unsigned char * s, size_t ns)
t = stpcpy(t, "-----BEGIN PGP ");
t = stpcpy(t, pgpValStr(pgpArmorTbl, atype));
t = stpcpy( stpcpy(t, "-----\nVersion: rpm-"), VERSION);
t = stpcpy(t, " (beecrypt-4.1.2)\n\n");
t = stpcpy(t, " (NSS-3)\n\n");
if ((enc = b64encode(s, ns)) != NULL) {
if (enc != NULL) {
t = stpcpy(t, enc);
enc = _free(enc);
if ((enc = b64crc(s, ns)) != NULL) {

9
rpmio/rpmpgp.h
View File

@ -18,9 +18,7 @@
extern "C" {
#endif
#if !defined(_BEECRYPT_API_H)
typedef unsigned char byte;
#endif /* _BEECRYPT_API_H */
/**
*/
@ -1315,6 +1313,13 @@ unsigned int pgpCRC(const byte *octets, size_t len)
*/
DIGEST_CTX rpmDigestDup(DIGEST_CTX octx);
/** \ingroup rpmio
* Obtain digest length in bytes.
* @param hashalgo type of digest
* @return digest length
*/
size_t rpmDigestLength(pgpHashAlgo hashalgo);
/** \ingroup rpmio
* Initialize digest.
* Set bit count to 0 and buffer to mysterious initialization constants.

45
rpmio/tax.c
View File

@ -1,8 +1,7 @@
#include "system.h"
#include <beecrypt/base64.h>
#include <beecrypt/mpbarrett.h>
#include <beecrypt/mp.h>
#include "rpmpgp.h"
#include "base64.h"
#include <popt.h>
#include "debug.h"
@ -33,43 +32,6 @@ AjjDx3lJnQBXUDmxM484YXLXZjWFXCiY8GJt6whjf7/2c3rIoT3Z7PQpEvPmM\
1MXU9cv4NL59Y/q0OAVQ38foOz7eGAhfvjOsCnHU25aik7/7ToIYt1tyVtap/kA==\
";
/**
* Convert to hex.
* @param t target buffer (returned)
* @param s source bytes
* @param nbytes no. of bytes
* @return target buffer
*/
static inline
char * pgpHexCvt(char *t, const byte *s, int nbytes)
{
static char hex[] = "0123456789abcdef";
while (nbytes-- > 0) {
unsigned int i;
i = *s++;
*t++ = hex[ (i >> 4) & 0xf ];
*t++ = hex[ (i ) & 0xf ];
}
*t = '\0';
return t;
}
/**
* Return hex formatted representation of bytes.
* @todo Remove static buffer.
* @param p bytes
* @param plen no. of bytes
* @return hex formatted string
*/
static inline
char * pgpHexStr(const byte *p, unsigned int plen)
{
static char prbuf[2048];
char *t = prbuf;
t = pgpHexCvt(t, p, plen);
return prbuf;
}
static int doit(const char * msg, const char * sig)
{
unsigned char * dec;
@ -81,7 +43,7 @@ static int doit(const char * msg, const char * sig)
return rc;
}
fprintf(stderr, "*** %p[%d] %s\n", dec, declen, msg);
fprintf(stderr, "*** %p[%zd] %s\n", dec, declen, msg);
if (declen == 256) {
fprintf(stderr, "%s\n", pgpHexStr(dec, declen/2));
fprintf(stderr, "%s\n", pgpHexStr(dec+declen/2, declen/2));
@ -101,4 +63,5 @@ main (int argc, char *argv[])
doit("rsaaeskey", rsaaeskey);
doit("aesiv", aesiv);
doit("appleresponse", appleresponse);
return 0;
}

512
rpmio/tinv.c
View File

@ -1,512 +0,0 @@
#include "system.h"
#include <beecrypt/mpbarrett.h>
#include <beecrypt/mp.h>
#include <popt.h>
#include "debug.h"
static int _debug = 0;
static int Zmpbinv_w(const mpbarrett* b, size_t xsize, const mpw* xdata, mpw* result, mpw* wksp)
{
size_t ysize = b->size+1;
size_t ubits, vbits;
int k = 0;
mpw* u = wksp;
mpw* v = u+ysize;
mpw* A = v+ysize;
mpw* B = A+ysize;
mpw* C = B+ysize;
mpw* D = C+ysize;
mpsetx(ysize, u, xsize, xdata);
mpsetx(ysize, v, b->size, b->modl);
mpsetw(ysize, A, 1);
mpzero(ysize, B);
mpzero(ysize, C);
mpsetw(ysize, D, 1);
for (k = 0; mpeven(ysize, u) && mpeven(ysize, v); k++) {
mpdivtwo(ysize, u);
mpdivtwo(ysize, v);
}
if (mpeven(ysize, u))
(void) mpadd(ysize, u, v);
if (_debug < 0)
fprintf(stderr, " u: "), mpfprintln(stderr, ysize, u);
if (_debug < 0)
fprintf(stderr, " v: "), mpfprintln(stderr, ysize, v);
if (_debug < 0)
fprintf(stderr, " A: "), mpfprintln(stderr, ysize, A);
if (_debug < 0)
fprintf(stderr, " B: "), mpfprintln(stderr, ysize, B);
if (_debug < 0)
fprintf(stderr, " C: "), mpfprintln(stderr, ysize, C);
if (_debug < 0)
fprintf(stderr, " D: "), mpfprintln(stderr, ysize, D);
ubits = vbits = MP_WORDS_TO_BITS(ysize);
do {
while (mpeven(ysize, v)) {
mpsdivtwo(ysize, v);
vbits -= 1;
if (mpodd(ysize, C)) {
(void) mpaddx(ysize, C, b->size, b->modl);
(void) mpsubx(ysize, D, xsize, xdata);
}
mpsdivtwo(ysize, C);
mpsdivtwo(ysize, D);
if (_debug < 0)
fprintf(stderr, "-->> v: "), mpfprintln(stderr, ysize, v);
}
if (ubits >= vbits) {
mpw* swapu;
size_t swapi;
if (_debug < 0)
fprintf(stderr, "--> (swap u <-> v)\n");
swapu = u; u = v; v = swapu;
swapi = ubits; ubits = vbits; vbits = swapi;
swapu = A; A = C; C = swapu;
swapu = B; B = D; D = swapu;
}
if (!((u[ysize-1] + v[ysize-1]) & 0x3)) {
if (_debug < 0)
fprintf(stderr, "--> (even parity)\n");
mpadd(ysize, v, u);
mpadd(ysize, C, A);
mpadd(ysize, D, B);
} else {
if (_debug < 0)
fprintf(stderr, "--> (odd parity)\n");
mpsub(ysize, v, u);
mpsub(ysize, C, A);
mpsub(ysize, D, B);
}
if (_debug < 0)
fprintf(stderr, " v: "), mpfprintln(stderr, ysize, v);
if (_debug < 0)
fprintf(stderr, " C: "), mpfprintln(stderr, ysize, C);
if (_debug < 0)
fprintf(stderr, " D: "), mpfprintln(stderr, ysize, D);
vbits++;
} while (mpnz(ysize, v));
#ifdef NOTYET
if (!mpisone(ysize, u))
return 0;
#endif
if (result) {
mpsetx(b->size, result, ysize, A);
if (*A & 0x80000000)
(void) mpneg(b->size, result);
while (--k > 0)
mpadd(b->size, result, result);
}
fprintf(stderr, "=== EXIT: "), mpfprintln(stderr, b->size, result);
fprintf(stderr, " u: "), mpfprintln(stderr, ysize, u);
fprintf(stderr, " v: "), mpfprintln(stderr, ysize, v);
fprintf(stderr, " A: "), mpfprintln(stderr, ysize, A);
fprintf(stderr, " B: "), mpfprintln(stderr, ysize, B);
fprintf(stderr, " C: "), mpfprintln(stderr, ysize, C);
fprintf(stderr, " D: "), mpfprintln(stderr, ysize, D);
return 1;
}
static int Ympbinv_w(const mpbarrett* b, size_t xsize, const mpw* xdata, mpw* result, mpw* wksp)
{
size_t ysize = b->size+1;
int k;
mpw* u1 = wksp;
mpw* u2 = u1+ysize;
mpw* u3 = u2+ysize;
mpw* v1 = u3+ysize;
mpw* v2 = v1+ysize;
mpw* v3 = v2+ysize;
mpw* t1 = v3+ysize;
mpw* t2 = t1+ysize;
mpw* t3 = t2+ysize;
mpw* u = t3+ysize;
mpw* v = u+ysize;
mpsetx(ysize, u, xsize, xdata);
mpsetx(ysize, v, b->size, b->modl);
/* Y1. Find power of 2. */
for (k = 0; mpeven(ysize, u) && mpeven(ysize, v); k++) {
mpdivtwo(ysize, u);
mpdivtwo(ysize, v);
}
if (_debug < 0)
fprintf(stderr, " u: "), mpfprintln(stderr, ysize, u);
if (_debug < 0)
fprintf(stderr, " v: "), mpfprintln(stderr, ysize, v);
/* Y2. Initialize. */
mpsetw(ysize, u1, 1);
if (_debug < 0)
fprintf(stderr, " u1: "), mpfprintln(stderr, ysize, u1);
mpzero(ysize, u2);
if (_debug < 0)
fprintf(stderr, " u2: "), mpfprintln(stderr, ysize, u2);
mpsetx(ysize, u3, ysize, u);
if (_debug < 0)
fprintf(stderr, " u3: "), mpfprintln(stderr, ysize, u3);
mpsetx(ysize, v1, ysize, v);
if (_debug < 0)
fprintf(stderr, " v1: "), mpfprintln(stderr, ysize, v1);
mpsetw(ysize, v2, 1);
(void) mpsub(ysize, v2, u);
if (_debug < 0)
fprintf(stderr, " v2: "), mpfprintln(stderr, ysize, v2);
mpsetx(ysize, v3, ysize, v);
if (_debug < 0)
fprintf(stderr, " v3: "), mpfprintln(stderr, ysize, v3);
if (mpodd(ysize, u)) {
mpzero(ysize, t1);
if (_debug < 0)
fprintf(stderr, " t1: "), mpfprintln(stderr, ysize, t1);
mpzero(ysize, t2);
mpsubw(ysize, t2, 1);
if (_debug < 0)
fprintf(stderr, " t2: "), mpfprintln(stderr, ysize, t2);
mpzero(ysize, t3);
mpsub(ysize, t3, v);
if (_debug < 0)
fprintf(stderr, " t3: "), mpfprintln(stderr, ysize, t3);
goto Y4;
} else {
mpsetw(ysize, t1, 1);
if (_debug < 0)
fprintf(stderr, " t1: "), mpfprintln(stderr, ysize, t1);
mpzero(ysize, t2);
if (_debug < 0)
fprintf(stderr, " t2: "), mpfprintln(stderr, ysize, t2);
mpsetx(ysize, t3, ysize, u);
if (_debug < 0)
fprintf(stderr, " t3: "), mpfprintln(stderr, ysize, t3);
}
do {
do {
if (mpodd(ysize, t1) || mpodd(ysize, t2)) {
mpadd(ysize, t1, v);
mpsub(ysize, t2, u);
}
mpsdivtwo(ysize, t1);
mpsdivtwo(ysize, t2);
mpsdivtwo(ysize, t3);
Y4:
if (_debug < 0)
fprintf(stderr, " Y4 t3: "), mpfprintln(stderr, ysize, t3);
} while (mpeven(ysize, t3));
/* Y5. Reset max(u3,v3). */
if (!(*t3 & 0x80000000)) {
if (_debug < 0)
fprintf(stderr, "--> Y5 (t3 > 0)\n");
mpsetx(ysize, u1, ysize, t1);
if (_debug < 0)
fprintf(stderr, " u1: "), mpfprintln(stderr, ysize, u1);
mpsetx(ysize, u2, ysize, t2);
if (_debug < 0)
fprintf(stderr, " u2: "), mpfprintln(stderr, ysize, u2);
mpsetx(ysize, u3, ysize, t3);
if (_debug < 0)
fprintf(stderr, " u3: "), mpfprintln(stderr, ysize, u3);
} else {
if (_debug < 0)
fprintf(stderr, "--> Y5 (t3 <= 0)\n");
mpsetx(ysize, v1, ysize, v);
mpsub(ysize, v1, t1);
if (_debug < 0)
fprintf(stderr, " v1: "), mpfprintln(stderr, ysize, v1);
mpsetx(ysize, v2, ysize, u);
mpneg(ysize, v2);
mpsub(ysize, v2, t2);
if (_debug < 0)
fprintf(stderr, " v2: "), mpfprintln(stderr, ysize, v2);
mpzero(ysize, v3);
mpsub(ysize, v3, t3);
if (_debug < 0)
fprintf(stderr, " v3: "), mpfprintln(stderr, ysize, v3);
}
/* Y6. Subtract. */
mpsetx(ysize, t1, ysize, u1);
mpsub(ysize, t1, v1);
mpsetx(ysize, t2, ysize, u2);
mpsub(ysize, t2, v2);
mpsetx(ysize, t3, ysize, u3);
mpsub(ysize, t3, v3);
if (*t1 & 0x80000000) {
mpadd(ysize, t1, v);
mpsub(ysize, t2, u);
}
if (_debug < 0)
fprintf(stderr, "-->Y6 t1: "), mpfprintln(stderr, ysize, t1);
if (_debug < 0)
fprintf(stderr, " t2: "), mpfprintln(stderr, ysize, t2);
if (_debug < 0)
fprintf(stderr, " t3: "), mpfprintln(stderr, ysize, t3);
} while (mpnz(ysize, t3));
if (!(mpisone(ysize, u3) && mpisone(ysize, v3)))
return 0;
if (result) {
while (--k > 0)
mpadd(ysize, u1, u1);
mpsetx(b->size, result, ysize, u1);
}
fprintf(stderr, "=== EXIT: "), mpfprintln(stderr, b->size, result);
fprintf(stderr, " u1: "), mpfprintln(stderr, ysize, u1);
fprintf(stderr, " u2: "), mpfprintln(stderr, ysize, u2);
fprintf(stderr, " u3: "), mpfprintln(stderr, ysize, u3);
fprintf(stderr, " v1: "), mpfprintln(stderr, ysize, v1);
fprintf(stderr, " v2: "), mpfprintln(stderr, ysize, v2);
fprintf(stderr, " v3: "), mpfprintln(stderr, ysize, v3);
fprintf(stderr, " t1: "), mpfprintln(stderr, ysize, t1);
fprintf(stderr, " t2: "), mpfprintln(stderr, ysize, t2);
fprintf(stderr, " t3: "), mpfprintln(stderr, ysize, t3);
return 1;
}
/**
* Computes the inverse (modulo b) of x, and returns 1 if x was invertible.
* needs workspace of (6*size+6) words
* @note xdata and result cannot point to the same area
*/
static int Xmpbinv_w(const mpbarrett* b, size_t xsize, const mpw* xdata, mpw* result, mpw* wksp)
{
/*
* Fact: if a element of Zn, then a is invertible if and only if gcd(a,n) = 1
* Hence: if b->modl is even, then x must be odd, otherwise the gcd(x,n) >= 2
*
* The calling routine must guarantee this condition.
*/
size_t ysize = b->size+1;
mpw* u = wksp;
mpw* v = u+ysize;
mpw* A = v+ysize;
mpw* B = A+ysize;
mpw* C = B+ysize;
mpw* D = C+ysize;
mpsetx(ysize, u, b->size, b->modl);
mpsetx(ysize, v, xsize, xdata);
mpsetw(ysize, A, 1);
mpzero(ysize, B);
mpzero(ysize, C);
mpsetw(ysize, D, 1);
if (_debug < 0)
fprintf(stderr, " u: "), mpfprintln(stderr, ysize, u);
if (_debug < 0)
fprintf(stderr, " v: "), mpfprintln(stderr, ysize, v);
if (_debug < 0)
fprintf(stderr, " A: "), mpfprintln(stderr, ysize, A);
if (_debug < 0)
fprintf(stderr, " B: "), mpfprintln(stderr, ysize, B);
if (_debug < 0)
fprintf(stderr, " C: "), mpfprintln(stderr, ysize, C);
if (_debug < 0)
fprintf(stderr, " D: "), mpfprintln(stderr, ysize, D);
do {
while (mpeven(ysize, u))
{
mpdivtwo(ysize, u);
if (mpodd(ysize, A) || mpodd(ysize, B))
{
(void) mpaddx(ysize, A, xsize, xdata);
(void) mpsubx(ysize, B, b->size, b->modl);
}
mpsdivtwo(ysize, A);
mpsdivtwo(ysize, B);
}
while (mpeven(ysize, v))
{
mpdivtwo(ysize, v);
if (mpodd(ysize, C) || mpodd(ysize, D))
{
(void) mpaddx(ysize, C, xsize, xdata);
(void) mpsubx(ysize, D, b->size, b->modl);
}
mpsdivtwo(ysize, C);
mpsdivtwo(ysize, D);
}
if (mpge(ysize, u, v))
{
if (_debug < 0)
fprintf(stderr, "--> 5 (u >= v)\n");
(void) mpsub(ysize, u, v);
(void) mpsub(ysize, A, C);
(void) mpsub(ysize, B, D);
if (_debug < 0)
fprintf(stderr, " u: "), mpfprintln(stderr, ysize, u);
if (_debug < 0)
fprintf(stderr, " A: "), mpfprintln(stderr, ysize, A);
if (_debug < 0)
fprintf(stderr, " B: "), mpfprintln(stderr, ysize, B);
}
else
{
if (_debug < 0)
fprintf(stderr, "--> 5 (u < v)\n");
(void) mpsub(ysize, v, u);
(void) mpsub(ysize, C, A);
(void) mpsub(ysize, D, B);
if (_debug < 0)
fprintf(stderr, " v: "), mpfprintln(stderr, ysize, v);
if (_debug < 0)
fprintf(stderr, " C: "), mpfprintln(stderr, ysize, C);
if (_debug < 0)
fprintf(stderr, " D: "), mpfprintln(stderr, ysize, D);
}
} while (mpnz(ysize, u));
if (!mpisone(ysize, v))
return 0;
if (result)
{
mpsetx(b->size, result, ysize, D);
if (*D & 0x80000000)
(void) mpadd(b->size, result, b->modl);
}
fprintf(stderr, "=== EXIT: "), mpfprintln(stderr, b->size, result);
fprintf(stderr, " u: "), mpfprintln(stderr, ysize, u);
fprintf(stderr, " v: "), mpfprintln(stderr, ysize, v);
fprintf(stderr, " A: "), mpfprintln(stderr, ysize, A);
fprintf(stderr, " B: "), mpfprintln(stderr, ysize, B);
fprintf(stderr, " C: "), mpfprintln(stderr, ysize, C);
fprintf(stderr, " D: "), mpfprintln(stderr, ysize, D);
return 1;
}
static const char * dsa_q = "a1b35510319a59825c721e73e41d687ffe351bc9";
static const char * dsa_s[] = {
"22e917d8a47462c09748e00aebbab5fd93793495", /* samba-2.2.1a-4.i386.rpm */
"0476b30eb86899c6785fad4f7a62e43d59481273", /* gtkhtml-devel-0.9.2-9.i386.rpm */
"8adbca132a0e6a2d2ee5bb2cd837b350c9f8db42", /* lha-1.00-17.i386.rpm */
"026efa7a5a60d29921ec93f503b5c483d131d8c4", /* jed-0.99.14-2.i386.rpm */
"2e4ec3c986b5a1f8f77b0b9f911d4e1b0ed8d869", /* ttfonts-zh_TW-2.11-5.noarch.rpm */
"259e4859e65c2528d3c35eaf2717d8963c834e94", /* libxml2-2.4.2-1.i386.rpm */
"45462b3534c2ff7a13f232a4e6e4460c61b2e232", /* slang-1.4.4-4.i386.rpm */
"0a73e678141aea7b4e5195afb7db3e9ec00f9f85", /* time-1.7-14.i386.rpm */
NULL
};
static const char * dsa_w_good[]= {
"8b2eeda5fd34067c248bc3262e28f5668e64500b", /* samba-2.2.1a-4.i386.rpm */
"98f6a05c5cc17c2e48faad178d2c21c0bcca694b", /* gtkhtml-devel-0.9.2-9.i386.rpm */
"8ec91350f3237ee249ea009143f692d4cc2f8d2e", /* lha-1.00-17.i386.rpm */
"7db9e81c6f60fdd29243f67b70af7d1d14c9c703", /* jed-0.99.14-2.i386.rpm */
"6bdc316aef981e45c47dabab904a31747d349eec", /* ttfonts-zh_TW-2.11-5.noarch.rpm */
"6d1eaa6c78ad945a1de7bc369f7992e9df3735d9", /* libxml2-2.4.2-1.i386.rpm */
"79dc6adee7817e7dc248cfeb4b358e933af6de01", /* slang-1.4.4-4.i386.rpm */
"2659140a40cb05e85c536a299327addb0a762b8a", /* time-1.7-14.i386.rpm */
NULL
};
static const char * dsa_w_bad[] = {
"e97b9895cb99acf9c819a4b24a0b8ce6902f3442", /* samba-2.2.1a-4.i386.rpm */
"f7434b4c2b2722abec888ea3a90eb940be954d82", /* gtkhtml-devel-0.9.2-9.i386.rpm */
"ed15be40c189255fed77e21d5fd92a54cdfa7165", /* lha-1.00-17.i386.rpm */
"dc06930c3dc6a45035d1d8078c92149d1694ab3a", /* jed-0.99.14-2.i386.rpm */
"ca28dc5abdfdc4c3680b8d37ac2cc8f47eff8323", /* ttfonts-zh_TW-2.11-5.noarch.rpm */
"cb6b555c47133ad7c1759dc2bb5c2a69e1021a10", /* libxml2-2.4.2-1.i386.rpm */
"d82915ceb5e724fb65d6b177671826133cc1c238", /* slang-1.4.4-4.i386.rpm */
"2659140a40cb05e85c536a299327addb0a762b8a", /* time-1.7-14.i386.rpm */
NULL
};
static struct poptOption optionsTable[] = {
{ "debug", 'd', POPT_ARG_VAL, &_debug, -1, NULL, NULL },
POPT_AUTOHELP
POPT_TABLEEND
};
int
main(int argc, char *argv[])
{
poptContext optCon = poptGetContext(argv[0], argc, argv, optionsTable, 0);
mpbarrett q;
mpnumber s;
size_t qsize;
mpw* qtemp;
mpw* qwksp;
int rc;
int i;
while ((rc = poptGetNextOpt(optCon)) > 0) {
switch (rc) {
default:
break;
}
}
mpbzero(&q); mpbsethex(&q, dsa_q);
qsize = q.size;
qtemp = malloc((13*qsize+13) * sizeof(*qtemp));
qwksp = qtemp+2*qsize;
for (i = 0; i < 9; i++) {
if (dsa_s[i] == NULL) break;
fprintf(stderr, "================================================== %d\n", i);
fprintf(stderr, " s: %s\n", dsa_s[i]);
mpnzero(&s); mpnsethex(&s, dsa_s[i]);
fprintf(stderr, "-------------------------------------------------- %d\n", i);
rc = Xmpbinv_w(&q, s.size, s.data, qtemp, qwksp);
fprintf(stderr, "beecrypt: "); mpfprintln(stderr, qsize, qtemp);
fprintf(stderr, "-------------------------------------------------- %d\n", i);
rc = Ympbinv_w(&q, s.size, s.data, qtemp, qwksp);
fprintf(stderr, " Knuth: "); mpfprintln(stderr, qsize, qtemp);
fprintf(stderr, "-------------------------------------------------- %d\n", i);
rc = Zmpbinv_w(&q, s.size, s.data, qtemp, qwksp);
fprintf(stderr, " Brent: "); mpfprintln(stderr, qsize, qtemp);
fprintf(stderr, "-------------------------------------------------- %d\n", i);
fprintf(stderr, " q: %s\n", dsa_q);
fprintf(stderr, " s: %s\n", dsa_s[i]);
fprintf(stderr, " GOOD: %s\n", dsa_w_good[i]);
fprintf(stderr, " BAD: %s\n", dsa_w_bad[i]);
}
return 0;
}

62
rpmio/tkey.c
View File

@ -31,7 +31,7 @@ fprintf(stderr, "*** sig is\n%s\n", sig);
return rc;
}
if ((enc = b64encode(dec, declen)) == NULL) {
if ((enc = b64encode(dec, declen, -1)) == NULL) {
fprintf(stderr, "*** b64encode failed\n");
return rc;
}
@ -51,18 +51,6 @@ fprintf(stderr, "??? %5d %02x != %02x '%c' != '%c'\n", i, (*s & 0xff), (*t & 0xf
return rc;
}
/* FIPS-186 test vectors. */
static const char * fips_p = "8df2a494492276aa3d25759bb06869cbeac0d83afb8d0cf7cbb8324f0d7882e5d0762fc5b7210eafc2e9adac32ab7aac49693dfbf83724c2ec0736ee31c80291";
static const char * fips_q = "c773218c737ec8ee993b4f2ded30f48edace915f";
static const char * fips_g = "626d027839ea0a13413163a55b4cb500299d5522956cefcb3bff10f399ce2c2e71cb9de5fa24babf58e5b79521925c9cc42e9f6f464b088cc572af53e6d78802";
static const char * fips_hm = "a9993e364706816aba3e25717850c26c9cd0d89d";
static const char * fips_y = "19131871d75b1612a819f29d78d1b0d7346f7aa77bb62a859bfd6c5675da9d212d3a36ef1672ef660b8c7c255cc0ec74858fba33f44c06699630a76b030ee333";
static const char * fips_r = "8bac1ab66410435cb7181f95b16ab97c92b341c0";
static const char * fips_s = "41e2345f1f56df2458f426d155b4ba2db6dcd8c8";
/* Secret key */
static const char * jbjSecretDSA =
"lQFvBDu6XHwRAwCTIHRgKeIlOFUIEZeJVYSrXn0eUrM5S8OF471tTc+IV7AwiXBR"
@ -108,28 +96,6 @@ main (int argc, char *argv[])
dig = pgpNewDig();
mpbzero(&dig->p); mpbsethex(&dig->p, fips_p);
mpbzero(&dig->q); mpbsethex(&dig->q, fips_q);
mpnzero(&dig->g); mpnsethex(&dig->g, fips_g);
mpnzero(&dig->y); mpnsethex(&dig->y, fips_y);
mpnzero(&dig->r); mpnsethex(&dig->r, fips_r);
mpnzero(&dig->s); mpnsethex(&dig->s, fips_s);
mpnzero(&dig->hm); mpnsethex(&dig->hm, fips_hm);
rc = dsavrfy(&dig->p, &dig->q, &dig->g, &dig->hm,
&dig->y, &dig->r, &dig->s);
fprintf(stderr, "=============================== DSA FIPS-186-1: rc %d\n", rc);
mpbfree(&dig->p);
mpbfree(&dig->q);
mpnfree(&dig->g);
mpnfree(&dig->y);
mpnfree(&dig->hm);
mpnfree(&dig->r);
mpnfree(&dig->s);
fprintf(stderr, "=============================== GPG Secret Key\n");
if ((rc = doit(jbjSecretDSA, dig, printing)) != 0)
fprintf(stderr, "==> FAILED: rc %d\n", rc);
@ -144,39 +110,33 @@ fprintf(stderr, "=============================== GPG Signature of \"abc\"\n");
{ DIGEST_CTX ctx = rpmDigestInit(PGPHASHALGO_SHA1, RPMDIGEST_NONE);
struct pgpDigParams_s * dsig = &dig->signature;
const char * digest = NULL;
void *digest = NULL;
size_t digestlen = 0;
const char * txt = "abc";
SECItem digitem;
rpmDigestUpdate(ctx, txt, strlen(txt));
rpmDigestUpdate(ctx, dsig->hash, dsig->hashlen);
rpmDigestFinal(ctx, (void **)&digest, &digestlen, 1);
rpmDigestFinal(ctx, &digest, &digestlen, 0);
mpnzero(&dig->hm); mpnsethex(&dig->hm, digest);
fprintf(stderr, "\n hm = [ 160]: %s\n\n", pgpHexStr(digest, digestlen));
digitem.type = siBuffer;
digitem.data = digest;
digitem.len = digestlen;
fprintf(stderr, "\n hm = [ 160]: %s\n\n", digest);
rc = VFY_VerifyDigest(&digitem, dig->dsa, dig->dsasig, SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST, NULL);
if (digest) {
free((void *)digest);
free(digest);
digest = NULL;
}
}
rc = dsavrfy(&dig->p, &dig->q, &dig->g, &dig->hm,
&dig->y, &dig->r, &dig->s);
fprintf(stderr, "=============================== DSA verify: rc %d\n", rc);
mpbfree(&dig->p);
mpbfree(&dig->q);
mpnfree(&dig->g);
mpnfree(&dig->y);
mpnfree(&dig->hm);
mpnfree(&dig->r);
mpnfree(&dig->s);
dig = pgpFreeDig(dig);
return rc;
}

2
tools/convertdb1.c
View File

@ -11,7 +11,7 @@ const char *__progname;
#include "rpmdb.h"
#include "rpmio.h"
#include "rpmmacro.h"
#include <rpmdb/legacy.h>
#include "legacy.h"
#define FA_MAGIC 0x02050920

41
tools/debugedit.c
View File

@ -37,8 +37,8 @@
#include <gelf.h>
#include <dwarf.h>
#include <beecrypt/beecrypt.h>
#include <rpmio.h>
#include <rpmpgp.h>
#include "hashtab.h"
#define DW_TAG_partial_unit 0x3c
@ -1301,22 +1301,27 @@ error_out:
return NULL;
}
static const pgpHashAlgo algorithms[] = { PGPHASHALGO_MD5,
PGPHASHALGO_SHA1, PGPHASHALGO_SHA256, PGPHASHALGO_SHA384, PGPHASHALGO_SHA512 };
/* Compute a fresh build ID bit-string from the editted file contents. */
static void
handle_build_id (DSO *dso, Elf_Data *build_id,
size_t build_id_offset, size_t build_id_size)
{
hashFunctionContext ctx;
const hashFunction *hf = NULL;
int i = hashFunctionCount ();
DIGEST_CTX ctx;
pgpHashAlgo algorithm;
int i = sizeof(algorithms)/sizeof(algorithms[0]);
void *digest = NULL;
size_t len;
while (i-- > 0)
{
hf = hashFunctionGet (i);
if (hf != NULL && hf->digestsize == build_id_size)
algorithm = algorithms[i];
if (rpmDigestLength(algorithm) == build_id_size)
break;
}
if (hf == NULL)
if (i < 0)
{
fprintf (stderr, "Cannot handle %Zu-byte build ID\n", build_id_size);
exit (1);
@ -1332,7 +1337,7 @@ handle_build_id (DSO *dso, Elf_Data *build_id,
/* Clear the old bits so they do not affect the new hash. */
memset ((char *) build_id->d_buf + build_id_offset, 0, build_id_size);
hashFunctionContextInit (&ctx, hf);
ctx = rpmDigestInit(algorithm, 0);
/* Slurp the relevant header bits and section contents and feed them
into the hash function. The only bits we ignore are the offset
@ -1346,8 +1351,7 @@ handle_build_id (DSO *dso, Elf_Data *build_id,
inline void process (const void *data, size_t size);
inline void process (const void *data, size_t size)
{
memchunk chunk = { .data = (void *) data, .size = size };
hashFunctionContextUpdateMC (&ctx, &chunk);
rpmDigestUpdate(ctx, data, size);
}
union
@ -1402,22 +1406,17 @@ handle_build_id (DSO *dso, Elf_Data *build_id,
}
}
hashFunctionContextDigest (&ctx, (byte *) build_id->d_buf + build_id_offset);
hashFunctionContextFree (&ctx);
rpmDigestFinal(ctx, &digest, &len, 0);
memcpy((unsigned char *)build_id->d_buf + build_id_offset, digest, build_id_size);
free(digest);
elf_flagdata (build_id, ELF_C_SET, ELF_F_DIRTY);
/* Now format the build ID bits in hex to print out. */
{
const unsigned char * id = (unsigned char *) build_id->d_buf + build_id_offset;
const byte * id = (byte *)build_id->d_buf + build_id_offset;
char hex[build_id_size * 2 + 1];
int n = snprintf (hex, 3, "%02" PRIx8, id[0]);
assert (n == 2);
for (i = 1; i < build_id_size; ++i)
{
n = snprintf (&hex[i * 2], 3, "%02" PRIx8, id[i]);
assert (n == 2);
}
pgpHexCvt(hex, id, build_id_size);
puts (hex);
}
}