projects
/
u
/
mdw
/
catacomb
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Check freshness on signatures.
[u/mdw/catacomb]
/
catsign.c
diff --git
a/catsign.c
b/catsign.c
index
5b5d7d0
..
3cea053
100644
(file)
--- a/
catsign.c
+++ b/
catsign.c
@@
-50,6
+50,7
@@
#include "noise.h"
#include "mprand.h"
#include "key.h"
#include "noise.h"
#include "mprand.h"
#include "key.h"
+#include "getdate.h"
#include "cc.h"
#include "ectab.h"
#include "cc.h"
#include "ectab.h"
@@
-359,7
+360,7
@@
static void sigtobuffer(sigmsg *s, buf *b, int hashp)
buf_putu32(b, s->keyid);
buf_putu32(b, HI64(t));
buf_putu32(b, LO64(t));
buf_putu32(b, s->keyid);
buf_putu32(b, HI64(t));
buf_putu32(b, LO64(t));
- buf_putstr16(b, &s->kh);
+ buf_put
d
str16(b, &s->kh);
assert(BOK(b));
}
assert(BOK(b));
}
@@
-428,7
+429,7
@@
static void sig_readheader(enc *e, sigmsg *s,
if (buf_getu32(&b, &x) || buf_getu32(&b, &y))
choke("missing datestamp", p);
SET64(t, x, y); s->t = GET64(time_t, t);
if (buf_getu32(&b, &x) || buf_getu32(&b, &y))
choke("missing datestamp", p);
SET64(t, x, y); s->t = GET64(time_t, t);
- if (buf_getstr16(&b, &s->kh))
+ if (buf_get
d
str16(&b, &s->kh))
choke("missing key hash", p);
if (BLEFT(&b))
choke("junk at end", p);
choke("missing key hash", p);
if (BLEFT(&b))
choke("junk at end", p);
@@
-599,6
+600,7
@@
static int verify(int argc, char *argv[])
int i;
char bb[MSGBUFSZ];
size_t n;
int i;
char bb[MSGBUFSZ];
size_t n;
+ time_t t_fresh = 0;
dstr d = DSTR_INIT, dd = DSTR_INIT;
const encops *eo;
msgcanon mc_in = MC_INIT;
dstr d = DSTR_INIT, dd = DSTR_INIT;
const encops *eo;
msgcanon mc_in = MC_INIT;
@@
-614,11
+616,12
@@
static int verify(int argc, char *argv[])
{ "output", OPTF_ARGREQ, 0, 'o' },
{ "quiet", 0, 0, 'q' },
{ "utc", 0, 0, 'u' },
{ "output", OPTF_ARGREQ, 0, 'o' },
{ "quiet", 0, 0, 'q' },
{ "utc", 0, 0, 'u' },
+ { "fresh-time", 0, 0, 't' },
{ "gmt", 0, 0, 'u' },
{ "verbose", 0, 0, 'v' },
{ 0, 0, 0, 0 }
};
{ "gmt", 0, 0, 'u' },
{ "verbose", 0, 0, 'v' },
{ 0, 0, 0, 0 }
};
- i = mdwopt(argc, argv, "k:f:o:abquv", opt, 0, 0, 0);
+ i = mdwopt(argc, argv, "k:f:o:abq
t:
uv", opt, 0, 0, 0);
if (i < 0) break;
switch (i) {
case 'a': ef = "pem"; break;
if (i < 0) break;
switch (i) {
case 'a': ef = "pem"; break;
@@
-627,6
+630,11
@@
static int verify(int argc, char *argv[])
case 'f': ef = optarg; break;
case 'o': of = optarg; break;
case 'u': v.f |= F_UTC; break;
case 'f': ef = optarg; break;
case 'o': of = optarg; break;
case 'u': v.f |= F_UTC; break;
+ case 't':
+ if (strcmp(optarg, "always") == 0) t_fresh = 0;
+ else if ((t_fresh = get_date(optarg, 0)) < 0)
+ die(EXIT_FAILURE, "bad freshness time");
+ break;
case 'q': if (v.verb > 0) v.verb--; break;
case 'v': if (v.verb < 10) v.verb++; break;
default: v.f |= F_BOGUS; break;
case 'q': if (v.verb > 0) v.verb--; break;
case 'v': if (v.verb < 10) v.verb++; break;
default: v.f |= F_BOGUS; break;
@@
-739,6
+747,14
@@
static int verify(int argc, char *argv[])
if (v.verb) printf("FAIL signature verification failed\n");
exit(EXIT_FAILURE);
}
if (v.verb) printf("FAIL signature verification failed\n");
exit(EXIT_FAILURE);
}
+ if (t_fresh && s.t < t_fresh) {
+ if (v.verb) printf("FAIL signature is stale\n");
+ exit(EXIT_FAILURE);
+ }
+ if (s.t > time(0)) {
+ if (v.verb) printf("FAIL signature timestamp in the future\n");
+ exit(EXIT_FAILURE);
+ }
if (v.verb) {
tm = (v.f & F_UTC) ? gmtime(&s.t) : localtime(&s.t);
strftime(bb, sizeof(bb), "%Y-%m-%d %H:%M:%S %Z", tm);
if (v.verb) {
tm = (v.f & F_UTC) ? gmtime(&s.t) : localtime(&s.t);
strftime(bb, sizeof(bb), "%Y-%m-%d %H:%M:%S %Z", tm);
@@
-1078,6
+1094,7
@@
Options:\n\
-k, --key=TAG Require that the message be signed by key TAG.\n\
-o, --output=FILE Write message to FILE.\n\
-q, --quiet Produce fewer messages.\n\
-k, --key=TAG Require that the message be signed by key TAG.\n\
-o, --output=FILE Write message to FILE.\n\
-q, --quiet Produce fewer messages.\n\
+-t, --freshtime=TIME Only accept signatures made after this time.\n\
-u, --utc Show dates in UTC rather than local time.\n\
-v, --verbose Produce more verbose messages.\n\
" },
-u, --utc Show dates in UTC rather than local time.\n\
-v, --verbose Produce more verbose messages.\n\
" },