| version 1.125, 2016/10/05 15:58:50 |
version 1.126, 2016/10/06 22:38:25 |
|
|
| sizeof(pubkey), O_EXCL, 0666); |
sizeof(pubkey), O_EXCL, 0666); |
| } |
} |
| |
|
| static void |
static const char * |
| check_keyname_compliance(const char *pubkeyfile, const char *seckeyfile) |
check_keyname_compliance(const char *pubkeyfile, const char *seckeyfile) |
| { |
{ |
| size_t len; |
const char *pos; |
| |
|
| len = strlen(pubkeyfile); |
/* basename may or may not modify input */ |
| if (strlen(seckeyfile) != len) |
pos = strrchr(seckeyfile, '/'); |
| goto bad; |
if (pos != NULL) |
| |
seckeyfile = pos+1; |
| |
|
| |
size_t len; |
| |
len = strlen(seckeyfile); |
| if (len < 5) /* ?.key */ |
if (len < 5) /* ?.key */ |
| goto bad; |
goto bad; |
| if (strcmp(pubkeyfile + len - 4, ".pub") != 0 || |
if (strcmp(seckeyfile + len - 4, ".sec") != 0) |
| strcmp(seckeyfile + len - 4, ".sec") != 0) |
|
| goto bad; |
goto bad; |
| if (strncmp(pubkeyfile, seckeyfile, len - 4) != 0) |
if (pubkeyfile != NULL) { |
| goto bad; |
pos = strrchr(pubkeyfile, '/'); |
| |
if (pos != NULL) |
| |
pubkeyfile = pos+1; |
| |
|
| return; |
if (strlen(pubkeyfile) != len) |
| |
goto bad; |
| |
if (strcmp(pubkeyfile + len - 4, ".pub") != 0) |
| |
goto bad; |
| |
if (strncmp(pubkeyfile, seckeyfile, len - 4) != 0) |
| |
goto bad; |
| |
} |
| |
|
| |
return seckeyfile; |
| bad: |
bad: |
| errx(1, "please use naming scheme of keyname.pub and keyname.sec"); |
errx(1, "please use naming scheme of keyname.pub and keyname.sec"); |
| } |
} |
|
|
| uint8_t xorkey[sizeof(enckey.seckey)]; |
uint8_t xorkey[sizeof(enckey.seckey)]; |
| struct sig sig; |
struct sig sig; |
| char *sighdr; |
char *sighdr; |
| char *extname; |
|
| uint8_t digest[SHA512_DIGEST_LENGTH]; |
uint8_t digest[SHA512_DIGEST_LENGTH]; |
| int i, nr, rounds; |
int i, nr, rounds; |
| SHA2_CTX ctx; |
SHA2_CTX ctx; |
|
|
| |
|
| readb64file(seckeyfile, &enckey, sizeof(enckey), comment); |
readb64file(seckeyfile, &enckey, sizeof(enckey), comment); |
| |
|
| extname = strrchr(seckeyfile, '.'); |
if (strcmp(seckeyfile, "-") == 0) { |
| if (extname && strcmp(extname, ".sec") == 0) { |
nr = snprintf(sigcomment, sizeof(sigcomment), |
| const char *keyname; |
"signature from %s", comment); |
| /* basename may or may not modify input */ |
|
| if (!(keyname = strrchr(seckeyfile, '/'))) |
|
| keyname = seckeyfile; |
|
| else |
|
| keyname++; |
|
| nr = snprintf(sigcomment, sizeof(sigcomment), |
|
| VERIFYWITH "%.*s.pub", (int)strlen(keyname) - 4, keyname); |
|
| if (nr == -1 || nr >= sizeof(sigcomment)) |
|
| errx(1, "comment too long"); |
|
| } else { |
} else { |
| |
const char *keyname = check_keyname_compliance(NULL, |
| |
seckeyfile); |
| nr = snprintf(sigcomment, sizeof(sigcomment), |
nr = snprintf(sigcomment, sizeof(sigcomment), |
| "signature from %s", comment); |
VERIFYWITH "%.*s.pub", (int)strlen(keyname) - 4, keyname); |
| if (nr == -1 || nr >= sizeof(sigcomment)) |
|
| errx(1, "comment too long"); |
|
| } |
} |
| |
if (nr == -1 || nr >= sizeof(sigcomment)) |
| |
errx(1, "comment too long"); |
| |
|
| if (memcmp(enckey.kdfalg, KDFALG, 2) != 0) |
if (memcmp(enckey.kdfalg, KDFALG, 2) != 0) |
| errx(1, "unsupported KDF"); |
errx(1, "unsupported KDF"); |
![[BACK]](/icons/back.gif){kind=icon}
Return to signify.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / signify