]> git.sommitrealweird.co.uk Git - onak.git/blobdiff - sigcheck.c
Add support for checking RIPEMD160 signatures
[onak.git] / sigcheck.c
index e5e8ccde9640e6bce5ce248e0d3d16bf200d9557..a0f4feb2d6bada946f8eaf2f73088e64d997f8e6 100644 (file)
@@ -27,6 +27,7 @@
 
 #ifdef HAVE_NETTLE
 #include <nettle/md5.h>
 
 #ifdef HAVE_NETTLE
 #include <nettle/md5.h>
+#include <nettle/ripemd160.h>
 #include <nettle/sha.h>
 #else
 #include "md5.h"
 #include <nettle/sha.h>
 #else
 #include "md5.h"
@@ -42,6 +43,9 @@ int check_packet_sighash(struct openpgp_publickey *key,
        size_t siglen, unhashedlen;
        struct sha1_ctx sha1_context;
        struct md5_ctx md5_context;
        size_t siglen, unhashedlen;
        struct sha1_ctx sha1_context;
        struct md5_ctx md5_context;
+#ifdef NETTLE_WITH_RIPEMD160
+       struct ripemd160_ctx ripemd160_context;
+#endif
 #ifdef NETTLE_WITH_SHA224
        struct sha224_ctx sha224_context;
 #endif
 #ifdef NETTLE_WITH_SHA224
        struct sha224_ctx sha224_context;
 #endif
@@ -57,7 +61,7 @@ int check_packet_sighash(struct openpgp_publickey *key,
        uint8_t keyheader[3];
        uint8_t packetheader[5];
        uint8_t v4trailer[6];
        uint8_t keyheader[3];
        uint8_t packetheader[5];
        uint8_t v4trailer[6];
-       uint8_t hash[20];
+       uint8_t hash[64];
        uint8_t *hashdata[8];
        size_t hashlen[8];
        int chunks, i;
        uint8_t *hashdata[8];
        size_t hashlen[8];
        int chunks, i;
@@ -165,6 +169,19 @@ int check_packet_sighash(struct openpgp_publickey *key,
                }
                sha1_digest(&sha1_context, 20, hash);
                break;
                }
                sha1_digest(&sha1_context, 20, hash);
                break;
+       case OPENPGP_HASH_RIPEMD160:
+#ifdef NETTLE_WITH_RIPEMD160
+               ripemd160_init(&ripemd160_context);
+               for (i = 0; i < chunks; i++) {
+                       ripemd160_update(&ripemd160_context, hashlen[i],
+                               hashdata[i]);
+               }
+               ripemd160_digest(&ripemd160_context, RIPEMD160_DIGEST_SIZE,
+                       hash);
+#else
+               logthing(LOGTHING_INFO, "RIPEMD160 support not available.");
+               return -1;
+#endif
        case OPENPGP_HASH_SHA224:
 #ifdef NETTLE_WITH_SHA224
                sha224_init(&sha224_context);
        case OPENPGP_HASH_SHA224:
 #ifdef NETTLE_WITH_SHA224
                sha224_init(&sha224_context);