X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fsrc%2Fpdkim%2Fsigning.c;h=18b357eaafe70cf003b62eb11b989f4dbbcbcfcd;hb=ffbc20ed9c9ed09a68ff0a608f623c3c83d521a8;hp=b182c9a209c0d730869cbb69ebc10fcc65864c9d;hpb=617d39327e65b7fccc41a12b4a5e2940d6327c9f;p=user%2Fhenk%2Fcode%2Fexim.git diff --git a/src/src/pdkim/signing.c b/src/src/pdkim/signing.c index b182c9a20..18b357eaa 100644 --- a/src/src/pdkim/signing.c +++ b/src/src/pdkim/signing.c @@ -88,16 +88,19 @@ Return: NULL for success, or an error string */ const uschar * exim_dkim_signing_init(const uschar * privkey_pem, es_ctx * sign_ctx) { -gnutls_datum_t k = { .data = privkey_pem, .size = Ustrlen(privkey_pem) }; +gnutls_datum_t k = { .data = (void *)privkey_pem, .size = Ustrlen(privkey_pem) }; gnutls_x509_privkey_t x509_key; +const uschar * where; int rc; -if ( (rc = gnutls_x509_privkey_init(&x509_key)) - || (rc = gnutls_x509_privkey_import(x509_key, &k, GNUTLS_X509_FMT_PEM)) +if ( (where = US"internal init", rc = gnutls_x509_privkey_init(&x509_key)) || (rc = gnutls_privkey_init(&sign_ctx->key)) - || (rc = gnutls_privkey_import_x509(sign_ctx->key, x509_key, 0)) + || (where = US"privkey PEM-block import", + rc = gnutls_x509_privkey_import(x509_key, &k, GNUTLS_X509_FMT_PEM)) + || (where = US"internal privkey transfer", + rc = gnutls_privkey_import_x509(sign_ctx->key, x509_key, 0)) ) - return CUS gnutls_strerror(rc); + return string_sprintf("%s: %s", where, gnutls_strerror(rc)); switch (rc = gnutls_privkey_get_pk_algorithm(sign_ctx->key, NULL)) { @@ -712,11 +715,12 @@ exim_dkim_signing_init(const uschar * privkey_pem, es_ctx * sign_ctx) BIO * bp = BIO_new_mem_buf(privkey_pem, -1); if (!(sign_ctx->key = PEM_read_bio_PrivateKey(bp, NULL, NULL, NULL))) - return US ERR_error_string(ERR_get_error(), NULL); + return string_sprintf("privkey PEM-block import: %s", + ERR_error_string(ERR_get_error(), NULL)); sign_ctx->keytype = #ifdef SIGN_HAVE_ED25519 - EVP_PKEY_type(EVP_PKEY_id(sign_ctx->key)) == EVP_PKEY_EC + EVP_PKEY_type(EVP_PKEY_id(sign_ctx->key)) == EVP_PKEY_ED25519 ? KEYTYPE_ED25519 : KEYTYPE_RSA; #else KEYTYPE_RSA; @@ -727,7 +731,7 @@ return NULL; /* allocate mem for signature (when signing) */ -/* hash & sign data. Could be incremental +/* hash & sign data. Incremental not supported. Return: NULL for success with the signaature in the sig blob, or an error string */ @@ -740,31 +744,36 @@ size_t siglen; switch (hash) { + case HASH_NULL: md = NULL; break; /* Ed25519 signing */ case HASH_SHA1: md = EVP_sha1(); break; case HASH_SHA2_256: md = EVP_sha256(); break; case HASH_SHA2_512: md = EVP_sha512(); break; default: return US"nonhandled hash type"; } -/* Create the Message Digest Context */ -/*XXX renamed to EVP_MD_CTX_new() in 1.1.0 */ -if( (ctx = EVP_MD_CTX_create()) - -/* Initialise the DigestSign operation */ - && EVP_DigestSignInit(ctx, NULL, md, NULL, sign_ctx->key) > 0 +#ifdef SIGN_HAVE_ED25519 +if ( (ctx = EVP_MD_CTX_new()) + && EVP_DigestSignInit(ctx, NULL, md, NULL, sign_ctx->key) > 0 + && EVP_DigestSign(ctx, NULL, &siglen, NULL, 0) > 0 + && (sig->data = store_get(siglen)) - /* Call update with the message */ + /* Obtain the signature (slen could change here!) */ + && EVP_DigestSign(ctx, sig->data, &siglen, data->data, data->len) > 0 + ) + { + EVP_MD_CTX_destroy(ctx); + sig->len = siglen; + return NULL; + } +#else +/*XXX renamed to EVP_MD_CTX_new() in 1.1.0 */ +if ( (ctx = EVP_MD_CTX_create()) + && EVP_DigestSignInit(ctx, NULL, md, NULL, sign_ctx->key) > 0 && EVP_DigestSignUpdate(ctx, data->data, data->len) > 0 - - /* Finalise the DigestSign operation */ - /* First call EVP_DigestSignFinal with a NULL sig parameter to obtain the length of the - * signature. Length is returned in slen */ && EVP_DigestSignFinal(ctx, NULL, &siglen) > 0 - - /* Allocate memory for the signature based on size in slen */ && (sig->data = store_get(siglen)) - - /* Obtain the signature (slen could change here!) */ + + /* Obtain the signature (slen could change here!) */ && EVP_DigestSignFinal(ctx, sig->data, &siglen) > 0 ) { @@ -772,6 +781,7 @@ if( (ctx = EVP_MD_CTX_create()) sig->len = siglen; return NULL; } +#endif if (ctx) EVP_MD_CTX_destroy(ctx); return US ERR_error_string(ERR_get_error(), NULL); @@ -788,31 +798,18 @@ exim_dkim_verify_init(blob * pubkey, keyformat fmt, ev_ctx * verify_ctx) const uschar * s = pubkey->data; uschar * ret = NULL; -if (fmt != KEYFMT_DER) return US"pubkey format not handled"; switch(fmt) { case KEYFMT_DER: - /*XXX ok, this fails for EC: - error:0609E09C:digital envelope routines:pkey_set_type:unsupported algorithm - */ - /*XXX hmm, we never free this */ if (!(verify_ctx->key = d2i_PUBKEY(NULL, &s, pubkey->len))) ret = US ERR_error_string(ERR_get_error(), NULL); break; #ifdef SIGN_HAVE_ED25519 case KEYFMT_ED25519_BARE: - { - BIGNUM * x; - EC_KEY * eck; - if ( !(x = BN_bin2bn(s, pubkey->len, NULL)) - || !(eck = EC_KEY_new_by_curve_name(NID_ED25519)) - || !EC_KEY_set_public_key_affine_coordinates(eck, x, NULL) - || !(verify_ctx->key = EVP_PKEY_new()) - || !EVP_PKEY_assign_EC_KEY(verify_ctx->key, eck) - ) + if (!(verify_ctx->key = EVP_PKEY_new_raw_public_key(EVP_PKEY_ED25519, NULL, + s, pubkey->len))) ret = US ERR_error_string(ERR_get_error(), NULL); - } break; #endif default: @@ -826,8 +823,7 @@ return ret; -/* verify signature (of hash) -(pre-EC coding; of data if "notyet" code, The latter could be incremental) +/* verify signature (of hash, except Ed25519 where of-data) (given pubkey & alleged sig) Return: NULL for success, or an error string */ @@ -836,45 +832,30 @@ exim_dkim_verify(ev_ctx * verify_ctx, hashmethod hash, blob * data, blob * sig) { const EVP_MD * md; -/*XXX OpenSSL does not seem to have Ed25519 support yet. Reportedly BoringSSL does, -but that's a nonstable API and not recommended (by its owner, Google) for external use. */ - switch (hash) { + case HASH_NULL: md = NULL; break; case HASH_SHA1: md = EVP_sha1(); break; case HASH_SHA2_256: md = EVP_sha256(); break; case HASH_SHA2_512: md = EVP_sha512(); break; default: return US"nonhandled hash type"; } -#ifdef notyet_SIGN_HAVE_ED25519 +#ifdef SIGN_HAVE_ED25519 +if (!md) { EVP_MD_CTX * ctx; - /*XXX renamed to EVP_MD_CTX_new() in 1.1.0 */ - if ( - (ctx = EVP_MD_CTX_create()) - - /* Initialize `key` with a public key */ + if ( (ctx = EVP_MD_CTX_new()) && EVP_DigestVerifyInit(ctx, NULL, md, NULL, verify_ctx->key) > 0 - - /* add data to be hashed (call multiple times if needed) */ - - && EVP_DigestVerifyUpdate(ctx, data->data, data->len) > 0 - - /* finish off the hash and check the offered signature */ - - && EVP_DigestVerifyFinal(ctx, sig->data, sig->len) > 0 + && EVP_DigestVerify(ctx, sig->data, sig->len, data->data, data->len) > 0 ) - { - EVP_MD_CTX_destroy(ctx); /* renamed to _free in 1.1.0 */ - return NULL; - } + { EVP_MD_CTX_free(ctx); return NULL; } if (ctx) EVP_MD_CTX_free(ctx); - return US ERR_error_string(ERR_get_error(), NULL); } -#else +else +#endif { EVP_PKEY_CTX * ctx; @@ -888,9 +869,8 @@ switch (hash) { EVP_PKEY_CTX_free(ctx); return NULL; } if (ctx) EVP_PKEY_CTX_free(ctx); - return US ERR_error_string(ERR_get_error(), NULL); } -#endif +return US ERR_error_string(ERR_get_error(), NULL); }