3 #define _RPMHKP_INTERNAL
6 #define _RPMPGP_INTERNAL
54 #define SUM _rpmhkp_stats
57 #define SPEW(_list) if (_rpmhkp_spew) fprintf _list
59 #define DESPEW(_list) fprintf _list
61 #define DESPEW(_list) SPEW(_list)
63 #define HKPDEBUG(_list) if (_rpmhkp_debug) fprintf _list
85 hkp->pkt =
_free(hkp->pkt);
87 hkp->pkts =
_free(hkp->pkts);
102 if (_rpmhkpPool == NULL) {
103 _rpmhkpPool =
rpmioNewPool(
"hkp",
sizeof(*hkp), -1, _rpmhkp_debug,
108 memset(((
char *)hkp)+
sizeof(hkp->_item), 0,
sizeof(*hkp)-
sizeof(hkp->_item));
118 _rpmhkp_awol.n = 100000;
119 _rpmhkp_awol.e = 1.0e-4;
121 &_rpmhkp_awol.m, &_rpmhkp_awol.k);
122 _rpmhkp_awol.bf =
rpmbfNew(_rpmhkp_awol.m, _rpmhkp_awol.k, 0);
123 _rpmhkp_crl.n = 100000;
124 _rpmhkp_crl.e = 1.0e-4;
126 &_rpmhkp_crl.m, &_rpmhkp_crl.k);
127 _rpmhkp_crl.bf =
rpmbfNew(_rpmhkp_crl.m, _rpmhkp_crl.k, 0);
145 memcpy(hkp->keyid, keyid,
sizeof(hkp->keyid));
147 memset(hkp->keyid, 0,
sizeof(hkp->keyid));
148 memset(hkp->subid, 0,
sizeof(hkp->subid));
149 memset(hkp->signid, 0,
sizeof(hkp->signid));
155 if (_rpmhkp_awol.bf && hkp->awol == NULL)
157 if (_rpmhkp_crl.bf && hkp->crl == NULL)
199 if (stag == subtag) {
200 SPEW((stderr,
"\tSUBTAG %02X %p[%2u]\t%s\n", stag, p+1, plen-1,
pgpHexStr(p+1, plen-1)));
215 switch (pp->u.h[0]) {
217 *plen =
pgpGrab(pp->u.s->hashlen,
sizeof(pp->u.s->hashlen));
218 p = pp->u.h +
sizeof(*pp->u.s);
229 switch (pp->u.h[0]) {
231 p = pp->u.h +
sizeof(*pp->u.s);
232 p +=
pgpGrab(pp->u.s->hashlen,
sizeof(pp->u.s->hashlen));
248 switch (pp->u.h[0]) {
249 case 3: p = pp->u.r->signid;
break;
253 assert(p == NULL || tlen == 8);
268 switch (pp->u.h[0]) {
269 case 3: sigtime =
pgpGrab(pp->u.r->time,
sizeof(pp->u.r->time));
break;
273 if (p) sigtime =
pgpGrab(p, 4);
283 switch (pp->u.h[0]) {
284 case 3: sigtype = pp->u.r->sigtype;
break;
285 case 4: sigtype = pp->u.s->sigtype;
break;
296 "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
301 for (s = keyname; *s; s++)
302 nb += (strchr(ok, *s) == NULL ? 4 : 1);
304 te = t = (
char *)
xmalloc(nb + 1);
305 for (s = keyname; *s; s++) {
306 if (strchr(ok, *s) == NULL) {
309 *te++ = ok[(*s >> 4) & 0x0f];
310 *te++ = ok[(*s ) & 0x0f];
322 const char * fn =
rpmExpand(
"%{_hkp_keyserver_query}", kn, NULL);
327 HKPDEBUG((stderr,
"--> %s(%s)\n", __FUNCTION__, keyname));
330 if (fn && *fn && *fn ==
'%')
340 || hkp->pkt == NULL || hkp->pktlen == 0)
344 rc =
pgpGrabPkts(hkp->pkt, hkp->pktlen, &hkp->pkts, &hkp->npkts);
358 HKPDEBUG((stderr,
"<-- %s(%s) hkp %p\n", __FUNCTION__, keyname, hkp));
369 int ix = (keyx >= 0 && keyx < hkp->npkts) ? keyx : 0;
370 size_t pleft = hkp->pktlen - (hkp->pkts[ix] - hkp->pkt);
376 HKPDEBUG((stderr,
"--> %s(%p,%p,%d,%u) ix %d V%u\n", __FUNCTION__, hkp, dig, keyx, pubkey_algo, ix, pp->u.h[0]));
380 && (pubkey_algo == 0 || pubkey_algo == pp->u.j->pubkey_algo))
382 pubp->version = pp->u.j->version;
383 memcpy(pubp->time, pp->u.j->time,
sizeof(pubp->time));
384 pubp->pubkey_algo = pp->u.j->pubkey_algo;
385 p = ((
rpmuint8_t *)pp->u.j) +
sizeof(*pp->u.j);
389 && (pubkey_algo == 0 || pubkey_algo == pp->u.k->pubkey_algo))
391 pubp->version = pp->u.k->version;
392 memcpy(pubp->time, pp->u.k->time,
sizeof(pubp->time));
393 pubp->pubkey_algo = pp->u.k->pubkey_algo;
394 p = ((
rpmuint8_t *)pp->u.k) +
sizeof(*pp->u.k);
399 HKPDEBUG((stderr,
"<-- %s(%p,%p,%d,%u) rc %d\n", __FUNCTION__, hkp, dig, keyx, pubkey_algo, rc));
411 HKPDEBUG((stderr,
"--> %s(%p,%p,%p,%u)\n", __FUNCTION__, hkp, dig, signid, pubkey_algo));
414 if (hkp->pubx >= 0 && hkp->pubx < hkp->npkts
415 && !memcmp(hkp->keyid, signid,
sizeof(hkp->keyid))) {
422 if (hkp->subx >= 0 && hkp->subx < hkp->npkts
423 && !memcmp(hkp->subid, signid,
sizeof(hkp->subid))) {
430 if (hkp->awol &&
rpmbfChk(hkp->awol, signid, 8)) {
440 keyname =
_free(keyname);
443 xx =
rpmbfAdd(hkp->awol, signid, 8);
444 DESPEW((stderr,
"\tAWOL\n"));
456 HKPDEBUG((stderr,
"<-- %s(%p,%p,%p,%u) keyx %d\n", __FUNCTION__, hkp, dig, signid, pubkey_algo, keyx));
467 sigp->version = pp->u.h[0];
469 if (pp->u.h[0] == 3) {
470 sigp->version = pp->u.r->version;
471 sigp->pubkey_algo = pp->u.r->pubkey_algo;
472 sigp->hash_algo = pp->u.r->hash_algo;
473 sigp->sigtype = pp->u.r->sigtype;
474 memcpy(sigp->time, pp->u.r->time,
sizeof(sigp->time));
475 memset(sigp->expire, 0,
sizeof(sigp->expire));
476 sigp->hashlen = (size_t)pp->u.r->hashlen;
477 assert(sigp->hashlen == 5);
478 sigp->hash = ((
const rpmuint8_t *)&pp->u.r->hashlen) + 1;
479 memcpy(sigp->signid, pp->u.r->signid,
sizeof(sigp->signid));
480 memcpy(sigp->signhash16, pp->u.r->signhash16,
sizeof(sigp->signhash16));
483 p = ((
rpmuint8_t *)pp->u.r) +
sizeof(*pp->u.r);
487 if (pp->u.h[0] == 4) {
494 sigp->pubkey_algo = pp->u.s->pubkey_algo;
495 sigp->hash_algo = pp->u.s->hash_algo;
496 sigp->sigtype = pp->u.s->sigtype;
498 phash = ((
const rpmuint8_t *)pp->u.s) +
sizeof(*pp->u.s);
499 nhash =
pgpGrab(pp->u.s->hashlen,
sizeof(pp->u.s->hashlen));
501 sigp->hashlen =
sizeof(*pp->u.s) + nhash;
503 nunhash =
pgpGrab(phash+nhash, 2);
504 punhash = phash + nhash + 2;
505 memcpy(sigp->signhash16, punhash+nunhash,
sizeof(sigp->signhash16));
510 if (p) fprintf(stderr,
"*** SIG_TARGET %s\n",
pgpHexStr(p, tlen));
513 if (p) fprintf(stderr,
"*** EMBEDDED_SIG %s\n",
pgpHexStr(p, tlen));
516 if (p) fprintf(stderr,
"*** REVOKE_KEY %02X %02X %s\n", p[0], p[1],
pgpHexStr(p+2, tlen-2));
519 if (p) fprintf(stderr,
"*** REVOKE_REASON %02X %s\n", *p, p+1);
524 if (p) memcpy(sigp->time, p,
sizeof(sigp->time));
525 else memset(sigp->time, 0,
sizeof(sigp->time));
529 if (p) memcpy(sigp->expire, p,
sizeof(sigp->expire));
530 else memset(sigp->expire, 0,
sizeof(sigp->expire));
535 if (p) memcpy(sigp->keyexpire, p,
sizeof(sigp->keyexpire));
536 else memset(sigp->keyexpire, 0,
sizeof(sigp->keyexpire));
542 if (hkp && (p == NULL || tlen != 8)) p = hkp->keyid;
544 if (p) memcpy(sigp->signid, p,
sizeof(sigp->signid));
545 else memset(sigp->signid, 0,
sizeof(sigp->signid));
548 p = punhash + nunhash + 2;
557 HKPDEBUG((stderr,
"<-- %s(%p,%p,%p) rc %d V%u\n", __FUNCTION__, hkp, dig, pp, rc, sigp->version));
574 assert(ix >= 0 && ix < hkp->npkts);
575 switch (*hkp->pkts[ix]) {
576 default: fprintf(stderr,
"*** %s: %02X\n", __FUNCTION__, *hkp->pkts[ix]);
577 case 0x99:
case 0x98:
case 0xb9:
case 0xb8:
break;
579 (void)
pgpPktLen(hkp->pkts[ix], hkp->pktlen, pp);
582 hkp->goop[1] = (pp->hlen >> 8) & 0xff;
583 hkp->goop[2] = (pp->hlen ) & 0xff;
587 HKPDEBUG((stderr,
"<-- %s(%p,%d,%u) ctx %p\n", __FUNCTION__, hkp, ix, dalgo, ctx));
597 assert(ix > 0 && ix < hkp->npkts);
598 switch (*hkp->pkts[ix]) {
599 default: fprintf(stderr,
"*** %s: %02X\n", __FUNCTION__, *hkp->pkts[ix]);
602 (void)
pgpPktLen(hkp->pkts[ix], hkp->pktlen, pp);
604 hkp->goop[0] = *hkp->pkts[ix];
605 hkp->goop[1] = (pp->hlen >> 24) & 0xff;
606 hkp->goop[2] = (pp->hlen >> 16) & 0xff;
607 hkp->goop[3] = (pp->hlen >> 8) & 0xff;
608 hkp->goop[4] = (pp->hlen ) & 0xff;
612 HKPDEBUG((stderr,
"<-- %s(%p,%d,%u) ctx %p\n", __FUNCTION__, hkp, ix, dalgo, ctx));
622 assert(ix > 0 && ix < hkp->npkts);
623 switch (*hkp->pkts[ix]) {
624 default: fprintf(stderr,
"*** %s: %02X\n", __FUNCTION__, *hkp->pkts[ix]);
625 case 0xb9:
case 0xb8:
break;
627 (void)
pgpPktLen(hkp->pkts[ix], hkp->pktlen, pp);
630 hkp->goop[1] = (pp->hlen >> 8) & 0xff;
631 hkp->goop[2] = (pp->hlen ) & 0xff;
635 HKPDEBUG((stderr,
"<-- %s(%p,%d,%u) ctx %p\n", __FUNCTION__, hkp, ix, dalgo, ctx));
645 HKPDEBUG((stderr,
"--> %s(%p,%d,%u,%u)\n", __FUNCTION__, hkp, keyx, sigtype, dalgo));
657 if (hkp->pubx >= 0 && hkp->uidx >= 0)
661 if (hkp->pubx >= 0 && hkp->subx >= 0)
680 if (hkp->pubx >= 0 && hkp->subx >= 0)
689 HKPDEBUG((stderr,
"<-- %s(%p,%d,%u,%u) ctx %p\n", __FUNCTION__, hkp, keyx, sigtype, dalgo, ctx));
699 size_t digestlen = 0;
702 HKPDEBUG((stderr,
"--> %s(%p,%p,%p)\n", __FUNCTION__, hkp, dig, ctx));
704 rc = memcmp(sigp->signhash16, digest,
sizeof(sigp->signhash16));
707 SPEW((stderr,
"\t%s\t%s\n", dname,
pgpHexStr(digest, digestlen)));
708 SPEW((stderr,
"%s\t%s\n", (!rc ?
"\tGOOD" :
"------> BAD"),
pgpHexStr(sigp->signhash16,
sizeof(sigp->signhash16))));
715 digest =
_free(digest);
717 dname =
_free(dname);
719 HKPDEBUG((stderr,
"<-- %s(%p,%p,%p) rc %d\n", __FUNCTION__, hkp, dig, ctx, rc));
728 HKPDEBUG((stderr,
"--> %s(%p,%p,%p)\n", __FUNCTION__, hkp, dig, ctx));
730 switch (sigp->pubkey_algo) {
738 DESPEW((stderr,
"------> BAD\tV%u %s-%s\n",
744 DESPEW((stderr,
"\tGOOD\tV%u %s-%s\n",
759 DESPEW((stderr,
"------> BAD\tV%u %s-%s\n",
765 DESPEW((stderr,
"\tGOOD\tV%u %s-%s\n",
780 DESPEW((stderr,
"------> BAD\tV%u %s-%s\n",
786 DESPEW((stderr,
"\tGOOD\tV%u %s-%s\n",
797 HKPDEBUG((stderr,
"<-- %s(%p,%p,%p) rc %d\n", __FUNCTION__, hkp, dig, ctx, rc));
811 HKPDEBUG((stderr,
"--> %s(%p,%p)\n", __FUNCTION__, hkp, pp));
819 { time_t expire =
pgpGrab(sigp->expire,
sizeof(sigp->expire));
820 time_t ctime =
pgpGrab(sigp->time,
sizeof(sigp->time));
821 if (expire && (expire + ctime) <
time(NULL)) {
831 if (
pgpGrab(sigp->signid+4, 4) == 0xCA57AD7C
832 || (hkp->crl &&
rpmbfChk(hkp->crl, sigp->signid, 8))) {
837 rpmlog(_rpmhkp_lvl,
" SIG: %08X %08X V%u %s-%s %s\n",
846 keyx =
rpmhkpFindKey(hkp, dig, sigp->signid, sigp->pubkey_algo);
851 { time_t keyexpire =
pgpGrab(sigp->keyexpire,
sizeof(sigp->keyexpire));
852 time_t keyctime =
pgpGrab(pubp->time,
sizeof(pubp->time));
853 if (keyexpire && (keyexpire + keyctime) <
time(NULL)) {
867 if (sigp->version == 4) {
868 hkp->goop[0] = sigp->version;
870 hkp->goop[2] = (sigp->hashlen >> 24) & 0xff;
871 hkp->goop[3] = (sigp->hashlen >> 16) & 0xff;
872 hkp->goop[4] = (sigp->hashlen >> 8) & 0xff;
873 hkp->goop[5] = (sigp->hashlen ) & 0xff;
877 switch (sigp->pubkey_algo) {
883 if (sigp->version == 4) {
897 HKPDEBUG((stderr,
"<-- %s(%p,%p) rc %d\n", __FUNCTION__, hkp, pp, rc));
924 HKPDEBUG((stderr,
"--> %s(%p,%s)\n", __FUNCTION__, hkp, keyname));
927 if (hkp == NULL && keyname && *keyname) {
940 HKPDEBUG((stderr,
"\tpkts %p[%u] pleft %u\n", hkp->pkts, (
unsigned)hkp->npkts, (
unsigned)pleft));
941 for (i = 0; i < hkp->npkts; i++) {
945 SPEW((stderr,
"%6d %p[%3u] %02X %s\n", i, hkp->pkts[i], (
unsigned)pp->pktlen, *hkp->pkts[i],
_pgpTag2Name(pp->tag)));
946 SPEW((stderr,
"\t%s\n",
pgpHexStr(hkp->pkts[i], pp->pktlen)));
955 sprintf(te,
" PUB: %08X %08X",
958 if (pp->u.h[0] == 3) {
959 sprintf(te,
" V%u %s", pp->u.j->version,
962 if (pp->u.j->valid[0] || pp->u.j->valid[1]) {
964 pgpGrab(pp->u.j->valid,
sizeof(pp->u.j->valid));
966 pgpGrab(pp->u.j->time, 4) + (24 * 60 * 60 * days);
967 if (expired <
time(NULL)) {
968 sprintf(te,
" EXPIRED");
974 if (pp->u.h[0] == 4) {
975 sprintf(te,
" V%u %s", pp->u.k->version,
979 rpmlog(_rpmhkp_lvl,
"%s\n", t);
989 sprintf(te,
" SUB: %08X %08X",
992 if (pp->u.h[0] == 3) {
993 sprintf(te,
" V%u %s", pp->u.j->version,
996 if (pp->u.j->valid[0] || pp->u.j->valid[1]) {
998 pgpGrab(pp->u.j->valid,
sizeof(pp->u.j->valid));
1000 pgpGrab(pp->u.j->time, 4) + (24 * 60 * 60 * days);
1001 if (expired <
time(NULL)) {
1002 sprintf(te,
" EXPIRED");
1008 if (pp->u.h[0] == 4) {
1009 sprintf(te,
" V%u %s", pp->u.k->version,
1013 rpmlog(_rpmhkp_lvl,
"%s\n", t);
1030 if (signid && memcmp(hkp->keyid, signid,
sizeof(hkp->keyid)))
1038 if (thistime < hkp->tvalid)
1040 hkp->tvalid = thistime;
1041 hkp->uvalidx = hkp->uidx;
1065 xx =
rpmbfAdd(hkp->crl, hkp->keyid,
sizeof(hkp->keyid));
1075 xx =
rpmbfAdd(hkp->crl, hkp->subid,
sizeof(hkp->subid));
1089 if ((hkp->uvalidx >= 0 && hkp->uvalidx < hkp->npkts) && hkp->tvalid > 0) {
1093 xx =
pgpPktLen(hkp->pkts[hkp->uvalidx], hkp->pktlen, pp);
1095 nuser = (pp->hlen >
sizeof(
user)-1 ?
sizeof(user)-1 : pp->hlen);
1096 memset(user, 0,
sizeof(user));
1098 memcpy(user, u->
userid, nuser);
1100 rpmlog(_rpmhkp_lvl,
" UID: %s\n", user);
1106 HKPDEBUG((stderr,
"<-- %s(%p,%s) rc %d\n", __FUNCTION__, hkp, keyname, rc));
1113 if (fp == NULL) fp = stderr;
1114 fprintf(fp,
"============\n");
1115 fprintf(fp,
" LOOKUPS:%10u\n", (
unsigned)
SUM.lookups);
1116 fprintf(fp,
" PUBKEYS:%10u\n", (
unsigned)
SUM.certs);
1117 fprintf(fp,
" SIGNATURES:%10u\n", (
unsigned)
SUM.sigs);
1118 fprintf(fp,
" PUB bound:%10u\trevoked:%10u\texpired:%10u\n",
1119 (
unsigned)
SUM.pubbound,
1120 (
unsigned)
SUM.pubrevoked,
1121 (
unsigned)
SUM.keyexpired);
1122 fprintf(fp,
" SUB bound:%10u\trevoked:%10u\n",
1123 (
unsigned)
SUM.subbound,
1124 (
unsigned)
SUM.subrevoked);
1125 fprintf(fp,
" expired:%10u\n", (
unsigned)
SUM.expired);
1126 fprintf(fp,
" filtered:%10u\n", (
unsigned)
SUM.filtered);
1127 fprintf(fp,
" RSA:%10u:%-10u\n",
1128 (
unsigned)
SUM.RSA.good, (
unsigned) (
SUM.RSA.good+
SUM.RSA.bad));
1129 fprintf(fp,
" DSA:%10u:%-10u\n",
1130 (
unsigned)
SUM.DSA.good, (
unsigned) (
SUM.DSA.good+
SUM.DSA.bad));
1131 fprintf(fp,
"ECDSA:%10u:%-10u\n",
1132 (
unsigned)
SUM.ECDSA.good, (
unsigned) (
SUM.ECDSA.good+
SUM.ECDSA.bad));
1133 fprintf(fp,
" HASH:%10u:%-10u\n",
1134 (
unsigned)
SUM.HASH.good, (
unsigned) (
SUM.HASH.good+
SUM.HASH.bad));
1135 fprintf(fp,
" AWOL:%10u:%-10u\n",
1136 (
unsigned)
SUM.AWOL.good, (
unsigned) (
SUM.AWOL.good+
SUM.AWOL.bad));
1137 fprintf(fp,
" SKIP:%10u:%-10u\n",
1138 (
unsigned)
SUM.SKIP.good, (
unsigned) (
SUM.SKIP.good+
SUM.SKIP.bad));
1143 if (fp == NULL) fp = stderr;
1144 fprintf(fp,
"%s: %p\n", msg, sigp);
1145 fprintf(fp,
"\t userid: %s\n", sigp->userid);
1146 fprintf(fp,
"\t hash: %p[%u]\n", sigp->hash, (
unsigned) sigp->hashlen);
1147 fprintf(fp,
"\t tag: %02X\n", sigp->tag);
1148 fprintf(fp,
"\t version: %02X\n", sigp->version);
1149 fprintf(fp,
"\t time: %08X\n",
1150 pgpGrab(sigp->time,
sizeof(sigp->time)));
1151 fprintf(fp,
"\tpubkey_algo: %02X %s\n",
1153 fprintf(fp,
"\t hash_algo: %02X %s\n",
1155 fprintf(fp,
"\t sigtype: %02X %s\n",
1157 fprintf(fp,
"\t signhash16: %04X\n",
1158 pgpGrab(sigp->signhash16,
sizeof(sigp->signhash16)));
1159 fprintf(fp,
"\t signid: %08X %08X\n",
1161 fprintf(fp,
"\t saved: %02X\n", sigp->saved);
1166 if (fp == NULL) fp = stderr;
1167 fprintf(fp,
"%s: dig %p\n", msg, dig);
1169 fprintf(fp,
"\t build_sign: %s\n", dig->build_sign);
1170 fprintf(fp,
"\tpubkey_algo: %s\n", dig->pubkey_algoN);
1171 fprintf(fp,
"\t hash_algo: %s\n", dig->hash_algoN);
1173 fprintf(fp,
"\t sigtag: 0x%08x\n", dig->sigtag);
1174 fprintf(fp,
"\t sigtype: 0x%08x\n", dig->sigtype);
1175 fprintf(fp,
"\t sig: %p[%u]\n", dig->sig, (
unsigned) dig->siglen);
1176 fprintf(fp,
"\t vsflags: 0x%08x\n", dig->vsflags);
1177 fprintf(fp,
"\t findPubkey: %p\n", dig->findPubkey);
1178 fprintf(fp,
"\t _ts: %p\n", dig->_ts);
1179 fprintf(fp,
"\t ppkts: %p[%u]\n", dig->ppkts, dig->npkts);
1180 fprintf(fp,
"\t nbytes: 0x%08x\n", (
unsigned) dig->nbytes);
1182 fprintf(fp,
"\t hsha: %p\n", dig->hsha);
1183 fprintf(fp,
"\t hdsa: %p\n", dig->hdsa);
1184 fprintf(fp,
"\t sha1: %p[%u]\n", dig->sha1, (
unsigned) dig->sha1len);
1186 fprintf(fp,
"\t hecdsa: %p\n", dig->hecdsa);
1188 fprintf(fp,
"\t md5ctx: %p\n", dig->md5ctx);
1189 fprintf(fp,
"\t hrsa: %p\n", dig->hrsa);
1190 fprintf(fp,
"\t md5: %p[%u]\n", dig->md5, (
unsigned) dig->md5len);
1191 fprintf(fp,
"\t impl: %p\n", dig->impl);
void _rpmhkpDumpDig(const char *msg, pgpDig dig, FILE *fp)
pgpDigParams pgpGetPubkey(pgpDig dig)
Return OpenPGP pubkey parameters.
const rpmuint8_t * pgpPrtPubkeyParams(pgpDig dig, const pgpPkt pp, pgpPubkeyAlgo pubkey_algo, const rpmuint8_t *p)
static const rpmuint8_t * ppSigHash(pgpPkt pp, size_t *plen)
int rpmhkpFindKey(rpmhkp hkp, pgpDig dig, const rpmuint8_t *signid, rpmuint8_t pubkey_algo)
rpmRC rpmhkpValidate(rpmhkp hkp, const char *keyname)
Retrieve/Validate binding and certification signatures on a pubkey.
pgpDig pgpDigFree(pgpDig dig)
Destroy a container for parsed OpenPGP packates.
const char const char size_t len
struct _BAstats_s _BAstats
int pgpPktLen(const rpmuint8_t *pkt, size_t pleft, pgpPkt pp)
OpenPGP constants and structures from RFC-2440.
rpmbf rpmbfNew(size_t m, size_t k, unsigned flags)
Create a Bloom filter.
static const char * _pgpTag2Name(uint32_t tag)
char * xstrdup(const char *str)
struct pgpDigParams_s * pgpDigParams
static unsigned int pgpLen(const rpmuint8_t *s, unsigned int *lenp)
Return length of an OpenPGP packet.
DIGEST_CTX rpmDigestInit(pgpHashAlgo hashalgo, rpmDigestFlags flags)
Initialize digest context.
static unsigned int pgpGrab(const rpmuint8_t *s, size_t nbytes)
Return (native-endian) integer from big-endian representation.
enum pgpHashAlgo_e pgpHashAlgo
9.4.
rpmhkp rpmhkpNew(const rpmuint8_t *keyid, uint32_t flags)
Create a new hkp handle.
rpmhkp rpmhkpLookup(const char *keyname)
Retrieve a pubkey from a SKS server.
enum pgpSigType_e pgpSigType
5.2.1.
static void rpmlog(int code, const char *fmt,...)
static int rpmhkpVerify(rpmhkp hkp, pgpPkt pp)
rpmhkp rpmhkpFree(rpmhkp hkp)
Destroy a hkp handle.
static int pgpImplSetDSA(DIGEST_CTX ctx, pgpDig dig, pgpDigParams sigp)
struct _filter_s _rpmhkp_crl
static rpmuint8_t ppSigType(pgpPkt pp)
static int rpmhkpVerifyHash(rpmhkp hkp, pgpDig dig, DIGEST_CTX ctx)
void rpmbfParams(size_t n, double e, size_t *mp, size_t *kp)
Return optimal {m, k} for given n and e.
Yet Another syslog(3) API clone.
pgpArmor pgpReadPkts(const char *fn, rpmuint8_t **pkt, size_t *pktlen)
Parse armored OpenPGP packets from a file.
static DIGEST_CTX rpmhkpHashUid(rpmhkp hkp, int ix, pgpHashAlgo dalgo)
static const rpmuint8_t * ppSigUnhash(pgpPkt pp, size_t *plen)
int rpmDigestUpdate(DIGEST_CTX ctx, const void *data, size_t len)
Update context with next plain text buffer.
static rpmuint32_t ppSigTime(pgpPkt pp)
rpmbf rpmbfFree(rpmbf bf)
Destroy a Bloom filter.
static const char * _pgpPubkeyAlgo2Name(uint32_t algo)
rpmioItem rpmioGetPool(rpmioPool pool, size_t size)
Get unused item from pool, or alloc a new item.
int pgpPrtSigParams(pgpDig dig, const pgpPkt pp, pgpPubkeyAlgo pubkey_algo, pgpSigType sigtype, const rpmuint8_t *p)
static rpmhkp rpmhkpGetPool(rpmioPool pool)
unsigned char rpmuint8_t
Private int typedefs to avoid C99 portability issues.
static DIGEST_CTX rpmhkpHash(rpmhkp hkp, int keyx, pgpSigType sigtype, pgpHashAlgo dalgo)
int rpmhkpUpdate(DIGEST_CTX ctx, const void *data, size_t len)
const char const bson * data
pgpDigParams pgpGetSignature(pgpDig dig)
Return OpenPGP signature parameters.
void _rpmhkpDumpDigParams(const char *msg, pgpDigParams sigp, FILE *fp)
const char const char * user
static int pgpImplSetECDSA(DIGEST_CTX ctx, pgpDig dig, pgpDigParams sigp)
static const rpmuint8_t * ppSignid(pgpPkt pp)
char * rpmExpand(const char *arg,...)
Return (malloc'ed) concatenated macro expansion(s).
static DIGEST_CTX rpmhkpHashSubkey(rpmhkp hkp, int ix, pgpHashAlgo dalgo)
struct _filter_s _rpmhkp_awol
const char const bson int mongo_write_concern int flags
static int rpmhkpVerifySignature(rpmhkp hkp, pgpDig dig, DIGEST_CTX ctx)
static int pgpImplSetRSA(DIGEST_CTX ctx, pgpDig dig, pgpDigParams sigp)
static const char * _pgpHashAlgo2Name(uint32_t algo)
static const char * rpmhkpEscape(const char *keyname)
int pgpGrabPkts(const rpmuint8_t *pkts, size_t pktlen, rpmuint8_t ***pppkts, int *pnpkts)
Return array of packet pointers.
enum pgpPubkeyAlgo_e pgpPubkeyAlgo
9.1.
enum rpmRC_e rpmRC
RPM return codes.
pgpDig pgpDigNew(pgpVSFlags vsflags, pgpPubkeyAlgo pubkey_algo)
Create a container for parsed OpenPGP packates.
rpmhkp rpmhkpLink(rpmhkp hkp)
Reference a hkp handle instance.
void _rpmhkpPrintStats(FILE *fp)
Display hkp usage statistics.
rpmioPool rpmioNewPool(const char *name, size_t size, int limit, int flags, char *(*dbg)(void *item), void(*init)(void *item), void(*fini)(void *item))
Create a memory pool.
int pgpPubkeyFingerprint(const rpmuint8_t *pkt, size_t pktlen, rpmuint8_t *keyid)
Print/parse an OpenPGP subtype packet.
static void * _free(const void *p)
Wrapper to free(3), hides const compilation noise, permit NULL, return NULL.
const char * rpmDigestName(DIGEST_CTX ctx)
Return digest name.
static int pgpImplVerify(pgpDig dig)
int rpmbfAdd(rpmbf bf, const void *_s, size_t ns)
Add item to a Bloom filter.
rpmbf rpmbfLink(rpmbf bf)
Reference a Bloom filter instance.
static const char * _pgpSigType2Name(uint32_t sigtype)
int rpmhkpLoadKey(rpmhkp hkp, pgpDig dig, int keyx, rpmuint8_t pubkey_algo)
int rpmDigestFinal(DIGEST_CTX ctx, void *datap, size_t *lenp, int asAscii)
Return digest and destroy context.
static void rpmhkpFini(void *_hkp)
static const rpmuint8_t * pgpGrabSubTagVal(const rpmuint8_t *h, size_t hlen, rpmuint8_t subtag, size_t *tlenp)
static char * pgpHexStr(const rpmuint8_t *p, size_t plen)
Return hex formatted representation of bytes.
static rpmhkp rpmhkpI(void)
The version 4 format is similar to the version 3 format except for the absence of a validity period...
int rpmhkpLoadSignature(rpmhkp hkp, pgpDig dig, pgpPkt pp)
static DIGEST_CTX rpmhkpHashKey(rpmhkp hkp, int ix, pgpHashAlgo dalgo)
int rpmbfChk(rpmbf bf, const void *_s, size_t ns)
Check for item in a Bloom filter.