projects / u / mdw / catacomb / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Uprating of the passphrase pixie.
[u/mdw/catacomb] / cc-sig.c
1 /* -*-c-*-
2 *
3 * $Id$
4 *
5 * Catcrypt signatures
6 *
7 * (c) 2004 Straylight/Edgeware
8 */
9
10 /*----- Licensing notice --------------------------------------------------*
11 *
12 * This file is part of Catacomb.
13 *
14 * Catacomb is free software; you can redistribute it and/or modify
15 * it under the terms of the GNU Library General Public License as
16 * published by the Free Software Foundation; either version 2 of the
17 * License, or (at your option) any later version.
18 *
19 * Catacomb is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU Library General Public License for more details.
23 *
24 * You should have received a copy of the GNU Library General Public
25 * License along with Catacomb; if not, write to the Free
26 * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
27 * MA 02111-1307, USA.
28 */
29
30 /*----- Header files ------------------------------------------------------*/
31
32 #include <stdlib.h>
33
34 #include <mLib/report.h>
35
36 #include "rand.h"
37 #include "sha.h"
38 #include "has160.h"
39
40 #include "ec.h"
41 #include "ec-keys.h"
42 #include "dh.h"
43 #include "gdsa.h"
44 #include "gkcdsa.h"
45 #include "rsa.h"
46
47 #include "cc.h"
48
49 /*----- Main code ---------------------------------------------------------*/
50
51 /* --- RSA PKCS1 --- */
52
53 typedef struct rsap1_sigctx {
54 sig s;
55 rsa_privctx rp;
56 pkcs1 p1;
57 } rsap1_sigctx;
58
59 static sig *rsap1_siginit(key *k, void *kd, const gchash *hc)
60 {
61 rsap1_sigctx *rs = CREATE(rsap1_sigctx);
62 rsa_privcreate(&rs->rp, kd, &rand_global);
63 rs->p1.r = &rand_global;
64 rs->p1.ep = hc->name;
65 rs->p1.epsz = strlen(hc->name) + 1;
66 rs->s.h = 0;
67 return (&rs->s);
68 }
69
70 static int rsap1_sigdoit(sig *s, dstr *d)
71 {
72 rsap1_sigctx *rs = (rsap1_sigctx *)s;
73 size_t n;
74 mp *m = rsa_sign(&rs->rp, MP_NEW,
75 GH_DONE(s->h, 0), GH_CLASS(s->h)->hashsz,
76 pkcs1_sigencode, &rs->p1);
77 if (!m) return (-1);
78 n = mp_octets(rs->rp.rp->n); dstr_ensure(d, n); mp_storeb(m, d->buf, n);
79 d->len += n; mp_drop(m);
80 return (0);
81 }
82
83 static const char *rsa_lengthcheck(mp *n)
84 {
85 if (mp_bits(n) < 1024) return ("key too short");
86 return (0);
87 }
88
89 static const char *rsap1_sigcheck(sig *s)
90 {
91 rsap1_sigctx *rs = (rsap1_sigctx *)s;
92 const char *e;
93 if ((e = rsa_lengthcheck(rs->rp.rp->n)) != 0) return (e);
94 return (0);
95 }
96
97 static void rsap1_sigdestroy(sig *s)
98 {
99 rsap1_sigctx *rs = (rsap1_sigctx *)s;
100 rsa_privdestroy(&rs->rp);
101 DESTROY(rs);
102 }
103
104 static const sigops rsap1_sig = {
105 rsa_privfetch, sizeof(rsa_priv),
106 rsap1_siginit, rsap1_sigdoit, rsap1_sigcheck, rsap1_sigdestroy
107 };
108
109 typedef struct rsap1_vrfctx {
110 sig s;
111 rsa_pubctx rp;
112 pkcs1 p1;
113 } rsap1_vrfctx;
114
115 static sig *rsap1_vrfinit(key *k, void *kd, const gchash *hc)
116 {
117 rsap1_vrfctx *rv = CREATE(rsap1_vrfctx);
118 rsa_pubcreate(&rv->rp, kd);
119 rv->p1.r = &rand_global;
120 rv->p1.ep = hc->name;
121 rv->p1.epsz = strlen(hc->name) + 1;
122 rv->s.h = 0;
123 return (&rv->s);
124 }
125
126 static int rsap1_vrfdoit(sig *s, dstr *d)
127 {
128 rsap1_vrfctx *rv = (rsap1_vrfctx *)s;
129 mp *m = mp_loadb(MP_NEW, d->buf, d->len);
130 int rc = rsa_verify(&rv->rp, m,
131 GH_DONE(s->h, 0), GH_CLASS(s->h)->hashsz,
132 0, pkcs1_sigdecode, &rv->p1);
133 mp_drop(m);
134 return (rc);
135 }
136
137 static const char *rsap1_vrfcheck(sig *s)
138 {
139 rsap1_vrfctx *rv = (rsap1_vrfctx *)s;
140 const char *e;
141 if ((e = rsa_lengthcheck(rv->rp.rp->n)) != 0) return (e);
142 return (0);
143 }
144
145 static void rsap1_vrfdestroy(sig *s)
146 {
147 rsap1_vrfctx *rv = (rsap1_vrfctx *)s;
148 rsa_pubdestroy(&rv->rp);
149 DESTROY(rv);
150 }
151
152 static const sigops rsap1_vrf = {
153 rsa_pubfetch, sizeof(rsa_pub),
154 rsap1_vrfinit, rsap1_vrfdoit, rsap1_vrfcheck, rsap1_vrfdestroy
155 };
156
157 /* --- RSA PSS --- */
158
159 static const gccipher *getmgf(key *k, const gchash *hc)
160 {
161 dstr d = DSTR_INIT;
162 const gccipher *gc;
163 const char *mm;
164
165 if ((mm = key_getattr(0, k, "mgf")) == 0) {
166 dstr_putf(&d, "%s-mgf", hc->name);
167 mm = d.buf;
168 }
169 if ((gc = gcipher_byname(mm)) == 0)
170 die(EXIT_FAILURE, "unknown encryption scheme `%s'", mm);
171 dstr_destroy(&d);
172 return (gc);
173 }
174
175 typedef struct rsapss_sigctx {
176 sig s;
177 rsa_privctx rp;
178 pss p;
179 } rsapss_sigctx;
180
181 static sig *rsapss_siginit(key *k, void *kd, const gchash *hc)
182 {
183 rsapss_sigctx *rs = CREATE(rsapss_sigctx);
184 rsa_privcreate(&rs->rp, kd, &rand_global);
185 rs->p.r = &rand_global;
186 rs->p.cc = getmgf(k, hc);
187 rs->p.ch = hc;
188 rs->p.ssz = hc->hashsz;
189 rsa_privdestroy(&rs->rp);
190 return (&rs->s);
191 }
192
193 static int rsapss_sigdoit(sig *s, dstr *d)
194 {
195 rsapss_sigctx *rs = (rsapss_sigctx *)s;
196 size_t n;
197 mp *m = rsa_sign(&rs->rp, MP_NEW,
198 GH_DONE(s->h, 0), GH_CLASS(s->h)->hashsz,
199 pss_encode, &rs->p);
200 if (!m) return (-1);
201 n = mp_octets(rs->rp.rp->n); dstr_ensure(d, n); mp_storeb(m, d->buf, n);
202 d->len += n; mp_drop(m);
203 return (0);
204 }
205
206 static const char *rsapss_sigcheck(sig *s)
207 {
208 rsapss_sigctx *rs = (rsapss_sigctx *)s;
209 const char *e;
210 if ((e = rsa_lengthcheck(rs->rp.rp->n)) != 0) return (e);
211 return (0);
212 }
213
214 static void rsapss_sigdestroy(sig *s)
215 {
216 rsapss_sigctx *rs = (rsapss_sigctx *)s;
217 rsa_privdestroy(&rs->rp);
218 DESTROY(rs);
219 }
220
221 static const sigops rsapss_sig = {
222 rsa_privfetch, sizeof(rsa_priv),
223 rsapss_siginit, rsapss_sigdoit, rsapss_sigcheck, rsapss_sigdestroy
224 };
225
226 typedef struct rsapss_vrfctx {
227 sig s;
228 rsa_pubctx rp;
229 pss p;
230 } rsapss_vrfctx;
231
232 static sig *rsapss_vrfinit(key *k, void *kd, const gchash *hc)
233 {
234 rsapss_vrfctx *rv = CREATE(rsapss_vrfctx);
235 rsa_pubcreate(&rv->rp, kd);
236 rv->p.r = &rand_global;
237 rv->p.cc = getmgf(k, hc);
238 rv->p.ch = hc;
239 rv->p.ssz = hc->hashsz;
240 return (&rv->s);
241 }
242
243 static int rsapss_vrfdoit(sig *s, dstr *d)
244 {
245 rsapss_vrfctx *rv = (rsapss_vrfctx *)s;
246 mp *m = mp_loadb(MP_NEW, d->buf, d->len);
247 int rc = rsa_verify(&rv->rp, m,
248 GH_DONE(s->h, 0), GH_CLASS(s->h)->hashsz,
249 0, pss_decode, &rv->p);
250 mp_drop(m);
251 return (rc);
252 }
253
254 static const char *rsapss_vrfcheck(sig *s)
255 {
256 rsapss_vrfctx *rv = (rsapss_vrfctx *)s;
257 const char *e;
258 if ((e = rsa_lengthcheck(rv->rp.rp->n)) != 0) return (e);
259 return (0);
260 }
261
262 static void rsapss_vrfdestroy(sig *s)
263 {
264 rsapss_vrfctx *rv = (rsapss_vrfctx *)s;
265 rsa_pubdestroy(&rv->rp);
266 DESTROY(rv);
267 }
268
269 static const sigops rsapss_vrf = {
270 rsa_pubfetch, sizeof(rsa_pub),
271 rsapss_vrfinit, rsapss_vrfdoit, rsapss_vrfcheck, rsapss_vrfdestroy
272 };
273
274 /* --- DSA and ECDSA --- */
275
276 typedef struct dsa_sigctx {
277 sig s;
278 gdsa g;
279 } dsa_sigctx;
280
281 static void dsa_initcommon(dsa_sigctx *ds, const gchash *hc,
282 const char *ktag)
283 {
284 ds->g.r = &rand_global;
285 ds->g.h = hc;
286 ds->g.u = MP_NEW;
287 ds->s.h = 0;
288 }
289
290 static dsa_sigctx *dsa_doinit(key *k, const gprime_param *gp,
291 mp *y, const gchash *hc,
292 group *(*makegroup)(const gprime_param *),
293 const char *what)
294 {
295 dsa_sigctx *ds = CREATE(dsa_sigctx);
296 dstr t = DSTR_INIT;
297
298 key_fulltag(k, &t);
299 if ((ds->g.g = makegroup(gp)) == 0)
300 die(EXIT_FAILURE, "bad %s group in key `%s'", what, t.buf);
301 ds->g.p = G_CREATE(ds->g.g);
302 if (G_FROMINT(ds->g.g, ds->g.p, y))
303 die(EXIT_FAILURE, "bad public key in key `%s'", t.buf);
304 dsa_initcommon(ds, hc, t.buf);
305 dstr_destroy(&t);
306 return (ds);
307 }
308
309 static dsa_sigctx *ecdsa_doinit(key *k, const char *cstr,
310 ec *y, const gchash *hc)
311 {
312 dsa_sigctx *ds = CREATE(dsa_sigctx);
313 ec_info ei;
314 const char *e;
315 dstr t = DSTR_INIT;
316
317 key_fulltag(k, &t);
318 if ((e = ec_getinfo(&ei, cstr)) != 0)
319 die(EXIT_FAILURE, "bad curve in key `%s': %s", t.buf, e);
320 ds->g.g = group_ec(&ei);
321 ds->g.p = G_CREATE(ds->g.g);
322 if (G_FROMEC(ds->g.g, ds->g.p, y))
323 die(EXIT_FAILURE, "bad public key in key `%s'", t.buf);
324 dsa_initcommon(ds, hc, t.buf);
325 dstr_destroy(&t);
326 return (ds);
327 }
328
329 static sig *dsa_siginit(key *k, void *kd, const gchash *hc)
330 {
331 dh_priv *dp = kd;
332 dsa_sigctx *ds = dsa_doinit(k, &dp->dp, dp->y, hc, group_prime, "prime");
333 ds->g.u = MP_COPY(dp->x);
334 return (&ds->s);
335 }
336
337 static sig *bindsa_siginit(key *k, void *kd, const gchash *hc)
338 {
339 dh_priv *dp = kd;
340 dsa_sigctx *ds = dsa_doinit(k, &dp->dp, dp->y, hc, group_binary, "binary");
341 ds->g.u = MP_COPY(dp->x);
342 return (&ds->s);
343 }
344
345 static sig *ecdsa_siginit(key *k, void *kd, const gchash *hc)
346 {
347 ec_priv *ep = kd;
348 dsa_sigctx *ds = ecdsa_doinit(k, ep->cstr, &ep->p, hc);
349 ds->g.u = MP_COPY(ep->x);
350 return (&ds->s);
351 }
352
353 static int dsa_sigdoit(sig *s, dstr *d)
354 {
355 dsa_sigctx *ds = (dsa_sigctx *)s;
356 gdsa_sig ss = GDSA_SIG_INIT;
357 size_t n = mp_octets(ds->g.g->r);
358
359 gdsa_sign(&ds->g, &ss, GH_DONE(ds->s.h, 0), 0);
360 dstr_ensure(d, 2 * n);
361 mp_storeb(ss.r, d->buf, n);
362 mp_storeb(ss.s, d->buf + n, n);
363 d->len += 2 * n;
364 mp_drop(ss.r); mp_drop(ss.s);
365 return (0);
366 }
367
368 static const char *dsa_sigcheck(sig *s)
369 {
370 dsa_sigctx *ds = (dsa_sigctx *)s;
371 const char *e;
372 if ((e = G_CHECK(ds->g.g, &rand_global)) != 0)
373 return (0);
374 if (group_check(ds->g.g, ds->g.p))
375 return ("public key not in subgroup");
376 return (0);
377 }
378
379 static void dsa_sigdestroy(sig *s)
380 {
381 dsa_sigctx *ds = (dsa_sigctx *)s;
382 G_DESTROY(ds->g.g, ds->g.p);
383 mp_drop(ds->g.u);
384 G_DESTROYGROUP(ds->g.g);
385 }
386
387 static const sigops dsa_sig = {
388 dh_privfetch, sizeof(dh_priv),
389 dsa_siginit, dsa_sigdoit, dsa_sigcheck, dsa_sigdestroy
390 };
391
392 static const sigops bindsa_sig = {
393 dh_privfetch, sizeof(dh_priv),
394 bindsa_siginit, dsa_sigdoit, dsa_sigcheck, dsa_sigdestroy
395 };
396
397 static const sigops ecdsa_sig = {
398 ec_privfetch, sizeof(ec_priv),
399 ecdsa_siginit, dsa_sigdoit, dsa_sigcheck, dsa_sigdestroy
400 };
401
402 static sig *dsa_vrfinit(key *k, void *kd, const gchash *hc)
403 {
404 dh_pub *dp = kd;
405 dsa_sigctx *ds = dsa_doinit(k, &dp->dp, dp->y, hc, group_prime, "prime");
406 return (&ds->s);
407 }
408
409 static sig *bindsa_vrfinit(key *k, void *kd, const gchash *hc)
410 {
411 dh_pub *dp = kd;
412 dsa_sigctx *ds = dsa_doinit(k, &dp->dp, dp->y, hc, group_binary, "binary");
413 return (&ds->s);
414 }
415
416 static sig *ecdsa_vrfinit(key *k, void *kd, const gchash *hc)
417 {
418 ec_pub *ep = kd;
419 dsa_sigctx *ds = ecdsa_doinit(k, ep->cstr, &ep->p, hc);
420 return (&ds->s);
421 }
422
423 static int dsa_vrfdoit(sig *s, dstr *d)
424 {
425 dsa_sigctx *ds = (dsa_sigctx *)s;
426 gdsa_sig ss;
427 size_t n = d->len/2;
428 int rc;
429
430 ss.r = mp_loadb(MP_NEW, d->buf, n);
431 ss.s = mp_loadb(MP_NEW, d->buf + n, d->len - n);
432 rc = gdsa_verify(&ds->g, &ss, GH_DONE(ds->s.h, 0));
433 mp_drop(ss.r); mp_drop(ss.s);
434 return (rc);
435 }
436
437 static const sigops dsa_vrf = {
438 dh_pubfetch, sizeof(dh_pub),
439 dsa_vrfinit, dsa_vrfdoit, dsa_sigcheck, dsa_sigdestroy
440 };
441
442 static const sigops bindsa_vrf = {
443 dh_pubfetch, sizeof(dh_pub),
444 bindsa_vrfinit, dsa_vrfdoit, dsa_sigcheck, dsa_sigdestroy
445 };
446
447 static const sigops ecdsa_vrf = {
448 ec_pubfetch, sizeof(ec_pub),
449 ecdsa_vrfinit, dsa_vrfdoit, dsa_sigcheck, dsa_sigdestroy
450 };
451
452 /* --- KCDSA and ECKCDSA --- */
453
454 static void kcdsa_privkey(dsa_sigctx *ds, mp *x)
455 { ds->g.u = mp_modinv(MP_NEW, x, ds->g.g->r); }
456
457 static void kcdsa_sethash(dsa_sigctx *ds, const gchash *hc)
458 { ds->s.h = gkcdsa_beginhash(&ds->g); }
459
460 static sig *kcdsa_siginit(key *k, void *kd, const gchash *hc)
461 {
462 dh_priv *dp = kd;
463 dsa_sigctx *ds = dsa_doinit(k, &dp->dp, dp->y, hc, group_prime, "prime");
464 kcdsa_privkey(ds, dp->x);
465 kcdsa_sethash(ds, hc);
466 return (&ds->s);
467 }
468
469 static sig *binkcdsa_siginit(key *k, void *kd, const gchash *hc)
470 {
471 dh_priv *dp = kd;
472 dsa_sigctx *ds = dsa_doinit(k, &dp->dp, dp->y, hc, group_binary, "binary");
473 kcdsa_privkey(ds, dp->x);
474 kcdsa_sethash(ds, hc);
475 return (&ds->s);
476 }
477
478 static sig *eckcdsa_siginit(key *k, void *kd, const gchash *hc)
479 {
480 ec_priv *ep = kd;
481 dsa_sigctx *ds = ecdsa_doinit(k, ep->cstr, &ep->p, hc);
482 kcdsa_privkey(ds, ep->x);
483 kcdsa_sethash(ds, hc);
484 return (&ds->s);
485 }
486
487 static int kcdsa_sigdoit(sig *s, dstr *d)
488 {
489 dsa_sigctx *ds = (dsa_sigctx *)s;
490 gkcdsa_sig ss = GKCDSA_SIG_INIT;
491 size_t hsz = ds->g.h->hashsz, n = mp_octets(ds->g.g->r);
492
493 gkcdsa_sign(&ds->g, &ss, GH_DONE(ds->s.h, 0), 0);
494 dstr_ensure(d, hsz + n);
495 memcpy(d->buf, ss.r, hsz);
496 mp_storeb(ss.s, d->buf + hsz, n);
497 d->len += hsz + n;
498 xfree(ss.r); mp_drop(ss.s);
499 return (0);
500 }
501
502 static const sigops kcdsa_sig = {
503 dh_privfetch, sizeof(dh_priv),
504 kcdsa_siginit, kcdsa_sigdoit, dsa_sigcheck, dsa_sigdestroy
505 };
506
507 static const sigops binkcdsa_sig = {
508 dh_privfetch, sizeof(dh_priv),
509 binkcdsa_siginit, kcdsa_sigdoit, dsa_sigcheck, dsa_sigdestroy
510 };
511
512 static const sigops eckcdsa_sig = {
513 ec_privfetch, sizeof(ec_priv),
514 eckcdsa_siginit, kcdsa_sigdoit, dsa_sigcheck, dsa_sigdestroy
515 };
516
517 static sig *kcdsa_vrfinit(key *k, void *kd, const gchash *hc)
518 {
519 dh_pub *dp = kd;
520 dsa_sigctx *ds = dsa_doinit(k, &dp->dp, dp->y, hc, group_prime, "prime");
521 kcdsa_sethash(ds, hc);
522 return (&ds->s);
523 }
524
525 static sig *binkcdsa_vrfinit(key *k, void *kd, const gchash *hc)
526 {
527 dh_pub *dp = kd;
528 dsa_sigctx *ds = dsa_doinit(k, &dp->dp, dp->y, hc, group_binary, "binary");
529 kcdsa_sethash(ds, hc);
530 return (&ds->s);
531 }
532
533 static sig *eckcdsa_vrfinit(key *k, void *kd, const gchash *hc)
534 {
535 ec_pub *ep = kd;
536 dsa_sigctx *ds = ecdsa_doinit(k, ep->cstr, &ep->p, hc);
537 kcdsa_sethash(ds, hc);
538 return (&ds->s);
539 }
540
541 static int kcdsa_vrfdoit(sig *s, dstr *d)
542 {
543 dsa_sigctx *ds = (dsa_sigctx *)s;
544 gkcdsa_sig ss;
545 size_t hsz = ds->g.h->hashsz, n = d->len - hsz;
546 int rc;
547
548 if (d->len < hsz)
549 return (-1);
550 ss.r = (octet *)d->buf;
551 ss.s = mp_loadb(MP_NEW, d->buf + hsz, n);
552 rc = gkcdsa_verify(&ds->g, &ss, GH_DONE(ds->s.h, 0));
553 mp_drop(ss.s);
554 return (rc);
555 }
556
557 static const sigops kcdsa_vrf = {
558 dh_pubfetch, sizeof(dh_pub),
559 kcdsa_vrfinit, kcdsa_vrfdoit, dsa_sigcheck, dsa_sigdestroy
560 };
561
562 static const sigops binkcdsa_vrf = {
563 dh_pubfetch, sizeof(dh_pub),
564 binkcdsa_vrfinit, kcdsa_vrfdoit, dsa_sigcheck, dsa_sigdestroy
565 };
566
567 static const sigops eckcdsa_vrf = {
568 ec_pubfetch, sizeof(ec_pub),
569 eckcdsa_vrfinit, kcdsa_vrfdoit, dsa_sigcheck, dsa_sigdestroy
570 };
571
572 /* --- The switch table --- */
573
574 const struct sigtab sigtab[] = {
575 { "rsapkcs1", &rsap1_sig, &rsap1_vrf, &sha },
576 { "rsapss", &rsapss_sig, &rsapss_vrf, &sha },
577 { "dsa", &dsa_sig, &dsa_vrf, &sha },
578 { "bindsa", &bindsa_sig, &bindsa_vrf, &sha },
579 { "ecdsa", &ecdsa_sig, &ecdsa_vrf, &sha },
580 { "kcdsa", &kcdsa_sig, &kcdsa_vrf, &has160 },
581 { "binkcdsa", &binkcdsa_sig, &binkcdsa_vrf, &has160 },
582 { "eckcdsa", &eckcdsa_sig, &eckcdsa_vrf, &has160 },
583 { 0, 0, 0 }
584 };
585
586 /* --- @getsig@ --- *
587 *
588 * Arguments: @key *k@ = the key to load
589 * @const char *app@ = application name
590 * @int wantpriv@ = nonzero if we want to sign
591 *
592 * Returns: A signature-making thing.
593 *
594 * Use: Loads a key and starts hashing.
595 */
596
597 sig *getsig(key *k, const char *app, int wantpriv)
598 {
599 const char *salg, *halg = 0;
600 dstr d = DSTR_INIT;
601 dstr t = DSTR_INIT;
602 char *p = 0;
603 const char *q;
604 sig *s;
605 size_t n;
606 const struct sigtab *st;
607 const sigops *so;
608 const gchash *ch;
609 void *kd;
610 int e;
611 key_packdef *kp;
612
613 /* --- Setup stuff --- */
614
615 key_fulltag(k, &t);
616
617 /* --- Get the signature algorithm --- *
618 *
619 * Take the attribute if it's there; otherwise use the key type.
620 */
621
622 n = strlen(app);
623 if ((q = key_getattr(0, k, "sig")) != 0) {
624 dstr_puts(&d, q);
625 p = d.buf;
626 } else if (strncmp(k->type, app, n) == 0 && k->type[n] == '-') {
627 dstr_puts(&d, k->type);
628 p = d.buf + n + 1;
629 } else
630 die(EXIT_FAILURE, "no signature algorithm for key `%s'", t.buf);
631
632 /* --- Grab the hash algorithm --- *
633 *
634 * Grab it from the signature algorithm if it's there. But override that
635 * from the attribute.
636 */
637
638 salg = p;
639 if ((p = strchr(p, '/')) != 0) {
640 *p++ = 0;
641 halg = p;
642 }
643 if ((q = key_getattr(0, k, "hash")) != 0)
644 halg = q;
645
646 /* --- Look up the algorithms in the table --- */
647
648 for (st = sigtab; st->name; st++) {
649 if (strcmp(st->name, salg) == 0)
650 goto s_found;
651 }
652 die(EXIT_FAILURE, "signature algorithm `%s' not found in key `%s'",
653 salg, t.buf);
654 s_found:;
655 if (!halg)
656 ch = st->ch;
657 else {
658 if ((ch = ghash_byname(halg)) == 0) {
659 die(EXIT_FAILURE, "hash algorithm `%s' not found in key `%s'",
660 halg, t.buf);
661 }
662 }
663 so = wantpriv ? st->signops : st->verifyops;
664
665 /* --- Load the key --- */
666
667 kd = xmalloc(so->kdsz);
668 kp = key_fetchinit(so->kf, 0, kd);
669 if ((e = key_fetch(kp, k)) != 0)
670 die(EXIT_FAILURE, "error fetching key `%s': %s", t.buf, key_strerror(e));
671 s = so->init(k, kd, ch);
672 if (!s->h)
673 s->h = GH_INIT(ch);
674 s->kp = kp;
675 s->ops = so;
676 s->kd = kd;
677
678 /* --- Free stuff up --- */
679
680 dstr_destroy(&d);
681 dstr_destroy(&t);
682 return (s);
683 }
684
685 /* --- @freesig@ --- *
686 *
687 * Arguments: @sig *s@ = signature-making thing
688 *
689 * Returns: ---
690 *
691 * Use: Frees up a signature-making thing
692 */
693
694 void freesig(sig *s)
695 {
696 GH_DESTROY(s->h);
697 key_fetchdone(s->kp);
698 xfree(s->kd);
699 s->ops->destroy(s);
700 }
701
702 /*----- That's all, folks -------------------------------------------------*/
Catacomb cryptographic library (downstream of http://git.distorted.org.uk/~mdw/catacomb/)