]> git.sommitrealweird.co.uk Git - onak.git/blobdiff - keyid.c
Add Debian init.d file for keyd
[onak.git] / keyid.c
diff --git a/keyid.c b/keyid.c
index ced0c458997a79818518133067b645b8c851faec..2bec710026f85a92fe4ce6f8547700d6b998f3c1 100644 (file)
--- a/keyid.c
+++ b/keyid.c
@@ -10,8 +10,9 @@
 
 #include "keyid.h"
 #include "keystructs.h"
+#include "log.h"
 #include "md5.h"
-#include "sha.h"
+#include "sha1.h"
 
 
 /**
@@ -37,63 +38,58 @@ unsigned char *get_fingerprint(struct openpgp_packet *packet,
        unsigned char *fingerprint,
        size_t *len)
 {
-       SHA1_CONTEXT sha_ctx;
-       MD5_CONTEXT md5_ctx;
+       SHA1_CTX sha_ctx;
+       struct md5_ctx md5_context;
        unsigned char c;
-       unsigned char *buff = NULL;
        size_t         modlen, explen;
 
-       assert(fingerprint != NULL);
-       assert(len != NULL);
+       log_assert(fingerprint != NULL);
+       log_assert(len != NULL);
 
        *len = 0;
 
        switch (packet->data[0]) {
        case 2:
        case 3:
-               md5_init(&md5_ctx);
+               md5_init_ctx(&md5_context);
 
                /*
                 * MD5 the modulus and exponent.
                 */
                modlen = ((packet->data[8] << 8) +
                         packet->data[9] + 7) >> 3;
-               md5_write(&md5_ctx, &packet->data[10], modlen);
+               md5_process_bytes(&packet->data[10], modlen, &md5_context);
 
                explen = ((packet->data[10+modlen] << 8) +
                         packet->data[11+modlen] + 7) >> 3;
-               md5_write(&md5_ctx, &packet->data[12 + modlen], explen);
-
-               md5_final(&md5_ctx);
-               buff = md5_read(&md5_ctx);
+               md5_process_bytes(&packet->data[12 + modlen], explen,
+                               &md5_context);
 
+               md5_finish_ctx(&md5_context, fingerprint);
                *len = 16;
-               memcpy(fingerprint, buff, *len);
 
                break;
 
        case 4:
-               sha1_init(&sha_ctx);
+               SHA1Init(&sha_ctx);
                /*
                 * TODO: Can this be 0x99? Are all public key packets old
                 * format with 2 bytes of length data?
                 */
                c = 0x99;
-               sha1_write(&sha_ctx, &c, sizeof(c));
+               SHA1Update(&sha_ctx, &c, sizeof(c));
                c = packet->length >> 8;
-               sha1_write(&sha_ctx, &c, sizeof(c));
+               SHA1Update(&sha_ctx, &c, sizeof(c));
                c = packet->length & 0xFF;
-               sha1_write(&sha_ctx, &c, sizeof(c));
-               sha1_write(&sha_ctx, packet->data,
+               SHA1Update(&sha_ctx, &c, sizeof(c));
+               SHA1Update(&sha_ctx, packet->data,
                        packet->length);
-               sha1_final(&sha_ctx);
-               buff = sha1_read(&sha_ctx);
-
+               SHA1Final(fingerprint, &sha_ctx);
                *len = 20;
-               memcpy(fingerprint, buff, *len);
+
                break;
        default:
-               fprintf(stderr, "Unknown key type: %d\n",
+               logthing(LOGTHING_ERROR, "Unknown key type: %d",
                                packet->data[0]);
        }
 
@@ -113,7 +109,7 @@ uint64_t get_packetid(struct openpgp_packet *packet)
        size_t          length = 0;
        unsigned char   buff[20];
 
-       assert(packet != NULL);
+       log_assert(packet != NULL);
 
        switch (packet->data[0]) {
        case 2:
@@ -122,20 +118,26 @@ uint64_t get_packetid(struct openpgp_packet *packet)
                 * For a type 2 or 3 key the keyid is the last 64 bits of the
                 * public modulus n, which is stored as an MPI from offset 8
                 * onwards.
-                *
-                * We need to ensure it's an RSA key.
                 */
-               if (packet->data[7] == 1) {
-                       offset = (packet->data[8] << 8) +
-                               packet->data[9];
-                       offset = ((offset + 7) / 8) + 2;
-
-                       for (keyid = 0, i = 0; i < 8; i++) {
-                               keyid <<= 8;
-                               keyid += packet->data[offset++];
-                       }
-               } else {
-                       fputs("Type 2 or 3 key, but not RSA.\n", stderr);
+               offset = (packet->data[8] << 8) +
+                       packet->data[9];
+               offset = ((offset + 7) / 8) + 2;
+
+               for (keyid = 0, i = 0; i < 8; i++) {
+                       keyid <<= 8;
+                       keyid += packet->data[offset++];
+               }
+               /*
+                * Check for an RSA key; if not then log but accept anyway.
+                * 1 == RSA
+                * 2 == RSA Encrypt-Only
+                * 3 == RSA Sign-Only
+                */
+               if (packet->data[7] < 1 || packet->data[7] > 3) {
+                       logthing(LOGTHING_NOTICE,
+                               "Type 2 or 3 key, but not RSA: %llx (type %d)",
+                               keyid,
+                               packet->data[7]);
                }
                break;
        case 4:
@@ -148,7 +150,7 @@ uint64_t get_packetid(struct openpgp_packet *packet)
 
                break;
        default:
-               fprintf(stderr, "Unknown key type: %d\n",
+               logthing(LOGTHING_ERROR, "Unknown key type: %d",
                                packet->data[0]);
        }