===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/signify/zsig.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -c -r1.5 -r1.6
*** src/usr.bin/signify/zsig.c	2016/09/03 11:22:09	1.5
--- src/usr.bin/signify/zsig.c	2016/09/03 12:12:21	1.6
***************
*** 1,4 ****
! /* $OpenBSD: zsig.c,v 1.5 2016/09/03 11:22:09 espie Exp $ */
  /*
   * Copyright (c) 2016 Marc Espie <espie@openbsd.org>
   *
--- 1,4 ----
! /* $OpenBSD: zsig.c,v 1.6 2016/09/03 12:12:21 espie Exp $ */
  /*
   * Copyright (c) 2016 Marc Espie <espie@openbsd.org>
   *
***************
*** 24,29 ****
--- 24,30 ----
  #include <sha2.h>
  #include <string.h>
  #include <sys/stat.h>
+ #include <time.h>
  #include <fcntl.h>
  #include "signify.h"
  
***************
*** 49,55 ****
  #define MYBUFSIZE 65536LU
  
  
! static uint8_t fake[10] = { 0x1f, 0x8b, 8, 0, 0, 0, 0, 0, 0, 3 };
  
  /* XXX no static there, confuses the hell out of gcc which displays
   * non-existent warnings.
--- 50,56 ----
  #define MYBUFSIZE 65536LU
  
  
! static uint8_t fake[10] = { 0x1f, 0x8b, 8, FCOMMENT_FLAG, 0, 0, 0, 0, 0, 3 };
  
  /* XXX no static there, confuses the hell out of gcc which displays
   * non-existent warnings.
***************
*** 137,143 ****
  {
  	uint8_t *buffer;
  	uint8_t *residual;
! 	uint8_t output[SHA256_DIGEST_STRING_LENGTH];
  
  	buffer = xmalloc(bufsize);
  	residual = (uint8_t *)endsha + 1;
--- 138,144 ----
  {
  	uint8_t *buffer;
  	uint8_t *residual;
! 	uint8_t output[SHA512_DIGEST_STRING_LENGTH];
  
  	buffer = xmalloc(bufsize);
  	residual = (uint8_t *)endsha + 1;
***************
*** 168,174 ****
  			if (more == 0)
  				break;
  		}
! 		SHA256Data(buffer, n, output);
  		if (endsha - sha < SHA256_DIGEST_STRING_LENGTH-1)
  			errx(4, "signature truncated");
  		if (memcmp(output, sha, SHA256_DIGEST_STRING_LENGTH-1) != 0)
--- 169,175 ----
  			if (more == 0)
  				break;
  		}
! 		SHA512Data(buffer, n, output);
  		if (endsha - sha < SHA256_DIGEST_STRING_LENGTH-1)
  			errx(4, "signature truncated");
  		if (memcmp(output, sha, SHA256_DIGEST_STRING_LENGTH-1) != 0)
***************
*** 189,195 ****
  {
  	struct gzheader h;
  	size_t bufsize;
! 	char *p;
  	uint8_t *bufend;
  	int fdin, fdout;
  
--- 190,196 ----
  {
  	struct gzheader h;
  	size_t bufsize;
! 	char *p, *meta;
  	uint8_t *bufend;
  	int fdin, fdout;
  
***************
*** 211,226 ****
  
  	bufsize = MYBUFSIZE;
  
! 	/* allow for arbitrary blocksize */
! 	if (sscanf(p, "blocksize=%zu\n", &bufsize)) {
  		while (*(p++) != '\n')
  			continue;
  	}
  	fdout = xopen(msgfile, O_CREAT|O_TRUNC|O_NOFOLLOW|O_WRONLY, 0666);
  	/* we don't actually copy the header, but put in a fake one with about
  	 * zero useful information.
  	 */
  	writeall(fdout, fake, sizeof fake, msgfile);
  	copy_blocks(fdout, fdin, p, h.endcomment, bufsize, bufend);
  	free(h.buffer);
  	close(fdout);
--- 212,237 ----
  
  	bufsize = MYBUFSIZE;
  
! 	meta = p;
! #define BEGINS_WITH(x, y) memcmp((x), (y), sizeof(y)-1) == 0
! 
! 	while (BEGINS_WITH(p, "algorithm=SHA512/256") ||
! 	    BEGINS_WITH(p, "date=") ||
! 	    sscanf(p, "blocksize=%zu\n", &bufsize) > 0) {
  		while (*(p++) != '\n')
  			continue;
  	}
+ 
+ 	if (*p != '\n')
+ 		errx(1, "invalid signature");
+ 	*(p++) = 0;
+ 
  	fdout = xopen(msgfile, O_CREAT|O_TRUNC|O_NOFOLLOW|O_WRONLY, 0666);
  	/* we don't actually copy the header, but put in a fake one with about
  	 * zero useful information.
  	 */
  	writeall(fdout, fake, sizeof fake, msgfile);
+ 	writeall(fdout, meta, p - meta, msgfile);
  	copy_blocks(fdout, fdin, p, h.endcomment, bufsize, bufend);
  	free(h.buffer);
  	close(fdout);
***************
*** 239,244 ****
--- 250,257 ----
  	char *p;
  	uint8_t *buffer;
  	uint8_t *sighdr;
+ 	char date[80];
+ 	time_t clock;
  
  	fdin = xopen(msgfile, O_RDONLY, 0);
  	if (fstat(fdin, &sb) == -1 || !S_ISREG(sb.st_mode))
***************
*** 251,262 ****
  	if (lseek(fdin, h.headerlength, SEEK_SET) == -1)
  		err(1, "seek in %s", msgfile);
  
! 	space = (sb.st_size / MYBUFSIZE+1) * SHA256_DIGEST_STRING_LENGTH +
! 		80; /* long enough for blocksize=.... */
  
  	msg = xmalloc(space);
  	buffer = xmalloc(bufsize);
! 	snprintf(msg, space, "blocksize=%zu\n", bufsize);
  	p = strchr(msg, 0);
  
  	while (1) {
--- 264,281 ----
  	if (lseek(fdin, h.headerlength, SEEK_SET) == -1)
  		err(1, "seek in %s", msgfile);
  
! 	space = (sb.st_size / MYBUFSIZE+2) * SHA256_DIGEST_STRING_LENGTH +
! 		1024; /* long enough for extra header information */
  
  	msg = xmalloc(space);
  	buffer = xmalloc(bufsize);
! 	time(&clock);
! 	strftime(date, sizeof date, "%Y-%m-%dT%H:%M:%SZ", gmtime(&clock));
! 	snprintf(msg, space, 
! 	    "date=%s\n"
! 	    "algorithm=SHA512/256\n"
! 	    "blocksize=%zu\n\n",
! 	    date, bufsize);
  	p = strchr(msg, 0);
  
  	while (1) {
***************
*** 265,271 ****
  			err(1, "read from %s", msgfile);
  		if (n == 0)
  			break;
! 		SHA256Data(buffer, n, p);
  		p += SHA256_DIGEST_STRING_LENGTH;
  		p[-1] = '\n';
  		if (msg + space < p)
--- 284,290 ----
  			err(1, "read from %s", msgfile);
  		if (n == 0)
  			break;
! 		SHA512Data(buffer, n, p);
  		p += SHA256_DIGEST_STRING_LENGTH;
  		p[-1] = '\n';
  		if (msg + space < p)
***************
*** 275,281 ****
  
  	fdout = xopen(sigfile, O_CREAT|O_TRUNC|O_NOFOLLOW|O_WRONLY, 0666);
  	sighdr = createsig(seckeyfile, msgfile, msg, p-msg);
- 	fake[3] = FCOMMENT_FLAG;
  	fake[8] = h.xflg;
  
  	writeall(fdout, fake, sizeof fake, sigfile);
--- 294,299 ----