=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/signify/signify.c,v retrieving revision 1.106 retrieving revision 1.107 diff -c -r1.106 -r1.107 *** src/usr.bin/signify/signify.c 2016/06/08 04:16:06 1.106 --- src/usr.bin/signify/signify.c 2016/09/01 17:30:04 1.107 *************** *** 1,4 **** ! /* $OpenBSD: signify.c,v 1.106 2016/06/08 04:16:06 tedu Exp $ */ /* * Copyright (c) 2013 Ted Unangst * --- 1,4 ---- ! /* $OpenBSD: signify.c,v 1.107 2016/09/01 17:30:04 espie Exp $ */ /* * Copyright (c) 2013 Ted Unangst * *************** *** 420,428 **** free(dummybuf); } static void readpubkey(const char *pubkeyfile, struct pubkey *pubkey, ! const char *sigcomment) { const char *safepath = "/etc/signify/"; --- 420,446 ---- free(dummybuf); } + #ifndef VERIFYONLY static void + check_keytype(const char *pubkeyfile, const char *keytype) + { + size_t len = strlen(pubkeyfile); + char *cmp; + int slen = asprintf(&cmp, "-%s.pub", keytype); + if (slen < 0) + errx(1, "asprintf error"); + if (len < slen) + errx(1, "too short"); + + if (strcmp(pubkeyfile + len - slen, cmp) != 0) + errx(1, "wrong keytype"); + free(cmp); + } + #endif + + static void readpubkey(const char *pubkeyfile, struct pubkey *pubkey, ! const char *sigcomment, const char *keytype) { const char *safepath = "/etc/signify/"; *************** *** 433,438 **** --- 451,460 ---- if (strncmp(pubkeyfile, safepath, strlen(safepath)) != 0 || strstr(pubkeyfile, "/../") != NULL) errx(1, "untrusted path %s", pubkeyfile); + #ifndef VERIFYONLY + if (keytype) + check_keytype(pubkeyfile, keytype); + #endif } else usage("must specify pubkey"); } *************** *** 441,447 **** static void verifysimple(const char *pubkeyfile, const char *msgfile, const char *sigfile, ! int quiet) { char sigcomment[COMMENTMAXLEN]; struct sig sig; --- 463,469 ---- static void verifysimple(const char *pubkeyfile, const char *msgfile, const char *sigfile, ! int quiet, const char *keytype) { char sigcomment[COMMENTMAXLEN]; struct sig sig; *************** *** 452,458 **** msg = readmsg(msgfile, &msglen); readb64file(sigfile, &sig, sizeof(sig), sigcomment); ! readpubkey(pubkeyfile, &pubkey, sigcomment); verifymsg(&pubkey, msg, msglen, &sig, quiet); --- 474,480 ---- msg = readmsg(msgfile, &msglen); readb64file(sigfile, &sig, sizeof(sig), sigcomment); ! readpubkey(pubkeyfile, &pubkey, sigcomment, keytype); verifymsg(&pubkey, msg, msglen, &sig, quiet); *************** *** 461,467 **** static uint8_t * verifyembedded(const char *pubkeyfile, const char *sigfile, ! int quiet, unsigned long long *msglenp) { char sigcomment[COMMENTMAXLEN]; struct sig sig; --- 483,489 ---- static uint8_t * verifyembedded(const char *pubkeyfile, const char *sigfile, ! int quiet, unsigned long long *msglenp, const char *keytype) { char sigcomment[COMMENTMAXLEN]; struct sig sig; *************** *** 472,478 **** msg = readmsg(sigfile, &msglen); siglen = parseb64file(sigfile, msg, &sig, sizeof(sig), sigcomment); ! readpubkey(pubkeyfile, &pubkey, sigcomment); msglen -= siglen; memmove(msg, msg + siglen, msglen); --- 494,500 ---- msg = readmsg(sigfile, &msglen); siglen = parseb64file(sigfile, msg, &sig, sizeof(sig), sigcomment); ! readpubkey(pubkeyfile, &pubkey, sigcomment, keytype); msglen -= siglen; memmove(msg, msg + siglen, msglen); *************** *** 486,505 **** static void verify(const char *pubkeyfile, const char *msgfile, const char *sigfile, ! int embedded, int quiet) { unsigned long long msglen; uint8_t *msg; int fd; if (embedded) { ! msg = verifyembedded(pubkeyfile, sigfile, quiet, &msglen); fd = xopen(msgfile, O_CREAT|O_TRUNC|O_NOFOLLOW|O_WRONLY, 0666); writeall(fd, msg, msglen, msgfile); free(msg); close(fd); } else { ! verifysimple(pubkeyfile, msgfile, sigfile, quiet); } } --- 508,528 ---- static void verify(const char *pubkeyfile, const char *msgfile, const char *sigfile, ! int embedded, int quiet, const char *keytype) { unsigned long long msglen; uint8_t *msg; int fd; if (embedded) { ! msg = verifyembedded(pubkeyfile, sigfile, quiet, &msglen, ! keytype); fd = xopen(msgfile, O_CREAT|O_TRUNC|O_NOFOLLOW|O_WRONLY, 0666); writeall(fd, msg, msglen, msgfile); free(msg); close(fd); } else { ! verifysimple(pubkeyfile, msgfile, sigfile, quiet, keytype); } } *************** *** 635,641 **** unsigned long long msglen; uint8_t *msg; ! msg = verifyembedded(pubkeyfile, sigfile, quiet, &msglen); verifychecksums((char *)msg, argc, argv, quiet); free(msg); --- 658,664 ---- unsigned long long msglen; uint8_t *msg; ! msg = verifyembedded(pubkeyfile, sigfile, quiet, &msglen, NULL); verifychecksums((char *)msg, argc, argv, quiet); free(msg); *************** *** 649,654 **** --- 672,678 ---- *sigfile = NULL; char sigfilebuf[PATH_MAX]; const char *comment = "signify"; + char *keytype = NULL; int ch, rounds; int embedded = 0; int quiet = 0; *************** *** 665,671 **** rounds = 42; ! while ((ch = getopt(argc, argv, "CGSVc:em:np:qs:x:")) != -1) { switch (ch) { #ifndef VERIFYONLY case 'C': --- 689,695 ---- rounds = 42; ! while ((ch = getopt(argc, argv, "CGSVc:em:np:qs:t:x:")) != -1) { switch (ch) { #ifndef VERIFYONLY case 'C': *************** *** 710,715 **** --- 734,742 ---- case 's': seckeyfile = optarg; break; + case 't': + keytype = optarg; + break; case 'x': sigfile = optarg; break; *************** *** 786,792 **** case VERIFY: if (!msgfile) usage("must specify message"); ! verify(pubkeyfile, msgfile, sigfile, embedded, quiet); break; default: usage(NULL); --- 813,819 ---- case VERIFY: if (!msgfile) usage("must specify message"); ! verify(pubkeyfile, msgfile, sigfile, embedded, quiet, keytype); break; default: usage(NULL);