Skip to content

Commit

Permalink
fix key hashing for v5 / v6 signatures
Browse files Browse the repository at this point in the history
  • Loading branch information
TJ-91 committed Sep 27, 2024
1 parent 7724682 commit 17845b3
Show file tree
Hide file tree
Showing 3 changed files with 16 additions and 10 deletions.
2 changes: 1 addition & 1 deletion src/lib/fingerprint.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ try {
{
auto halg = key.version == PGP_V4 ? PGP_HASH_SHA1 : PGP_HASH_SHA256;
auto hash = rnp::Hash::create(halg);
signature_hash_key(key, *hash);
signature_hash_key(key, *hash, key.version);
fp.length = hash->finish(fp.fingerprint);
return RNP_SUCCESS;
}
Expand Down
20 changes: 12 additions & 8 deletions src/librepgp/stream-sig.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -42,33 +42,36 @@
#include "stream-armor.h"
#include "pgp-key.h"
#include "crypto/signatures.h"
#include <cassert>

#include <time.h>

void
signature_hash_key(const pgp_key_pkt_t &key, rnp::Hash &hash)
signature_hash_key(const pgp_key_pkt_t &key, rnp::Hash &hash, pgp_version_t pgpver)
{
if (!key.hashed_data) {
/* call self recursively if hashed data is not filled, to overcome const restriction */
pgp_key_pkt_t keycp(key, true);
keycp.fill_hashed_data();
signature_hash_key(keycp, hash);
signature_hash_key(keycp, hash, pgpver);
return;
}

switch (key.version) {
switch (pgpver) {
case PGP_V2:
FALLTHROUGH_STATEMENT;
case PGP_V3:
FALLTHROUGH_STATEMENT;
case PGP_V4: {
assert(key.hashed_len < ((size_t) 1 << 16));
uint8_t hdr[3] = {0x99, 0x00, 0x00};
write_uint16(hdr + 1, key.hashed_len);
hash.add(hdr, 3);
hash.add(key.hashed_data, key.hashed_len);
break;
}
case PGP_V5: {
assert(key.hashed_len < ((size_t) 1 << 32));
uint8_t hdr[5] = {0x9A, 0x00, 0x00, 0x00, 0x00};
write_uint32(hdr + 1, key.hashed_len);
hash.add(&hdr, 5);
Expand All @@ -77,6 +80,7 @@ signature_hash_key(const pgp_key_pkt_t &key, rnp::Hash &hash)
}
#if defined(ENABLE_CRYPTO_REFRESH)
case PGP_V6: {
assert(key.hashed_len < ((size_t) 1 << 32));
uint8_t hdr[5] = {0x9b, 0x00, 0x00, 0x00, 0x00};
write_uint32(hdr + 1, key.hashed_len);
hash.add(hdr, sizeof(hdr));
Expand All @@ -85,7 +89,7 @@ signature_hash_key(const pgp_key_pkt_t &key, rnp::Hash &hash)
}
#endif
default:
RNP_LOG("unknown key version: %d", (int) key.version);
RNP_LOG("unknown key/sig version: %d", (int) pgpver);

Check warning on line 92 in src/librepgp/stream-sig.cpp

View check run for this annotation

Codecov / codecov/patch

src/librepgp/stream-sig.cpp#L92

Added line #L92 was not covered by tests
throw rnp::rnp_exception(RNP_ERROR_OUT_OF_MEMORY);
}
}
Expand Down Expand Up @@ -121,7 +125,7 @@ signature_hash_certification(const pgp_signature_t & sig,
const pgp_userid_pkt_t &userid)
{
auto hash = signature_init(key, sig);
signature_hash_key(key, *hash);
signature_hash_key(key, *hash, sig.version);
signature_hash_userid(userid, *hash, sig.version);
return hash;
}
Expand All @@ -132,16 +136,16 @@ signature_hash_binding(const pgp_signature_t &sig,
const pgp_key_pkt_t & subkey)
{
auto hash = signature_init(key, sig);
signature_hash_key(key, *hash);
signature_hash_key(subkey, *hash);
signature_hash_key(key, *hash, sig.version);
signature_hash_key(subkey, *hash, sig.version);
return hash;
}

std::unique_ptr<rnp::Hash>
signature_hash_direct(const pgp_signature_t &sig, const pgp_key_pkt_t &key)
{
auto hash = signature_init(key, sig);
signature_hash_key(key, *hash);
signature_hash_key(key, *hash, sig.version);
return hash;
}

Expand Down
4 changes: 3 additions & 1 deletion src/librepgp/stream-sig.h
Original file line number Diff line number Diff line change
Expand Up @@ -452,8 +452,10 @@ typedef struct pgp_signature_info_t {
* Throws exception on error.
* @param key key packet, must be populated
* @param hash initialized hash context
* @param pgpver for fingerprint calculation, the key version is required,
* otherwise the signature version is required
*/
void signature_hash_key(const pgp_key_pkt_t &key, rnp::Hash &hash);
void signature_hash_key(const pgp_key_pkt_t &key, rnp::Hash &hash, pgp_version_t pgpver);

void signature_hash_userid(const pgp_userid_pkt_t &uid, rnp::Hash &hash, pgp_version_t sigver);

Expand Down

0 comments on commit 17845b3

Please sign in to comment.