Skip to content

Commit

Permalink
Remove raw pointer fields from the pgp_signature_t.
Browse files Browse the repository at this point in the history
  • Loading branch information
ni4 committed Oct 8, 2024
1 parent 7dae408 commit 8a416cd
Show file tree
Hide file tree
Showing 9 changed files with 70 additions and 233 deletions.
12 changes: 6 additions & 6 deletions src/lib/crypto/signatures.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ signature_hash_finish(const pgp_signature_t & sig,
rnp::Hash & hash,
const pgp_literal_hdr_t *hdr)
{
hash.add(sig.hashed_data, sig.hashed_len);
hash.add(sig.hashed_data);
switch (sig.version) {
case PGP_V4:
#if defined(ENABLE_CRYPTO_REFRESH)
Expand All @@ -56,12 +56,12 @@ signature_hash_finish(const pgp_signature_t & sig,
{
uint8_t trailer[6] = {0x00, 0xff, 0x00, 0x00, 0x00, 0x00};
trailer[0] = sig.version;
write_uint32(&trailer[2], sig.hashed_len);
write_uint32(&trailer[2], sig.hashed_data.size());
hash.add(trailer, 6);
break;
}
case PGP_V5: {
uint64_t hash_len = sig.hashed_len;
uint64_t hash_len = sig.hashed_data.size();
if (sig.is_document()) {
uint8_t doc_trailer[6] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
/* This data is not added to the hash_len as per spec */
Expand Down Expand Up @@ -96,7 +96,7 @@ signature_init(const pgp_key_pkt_t &key, const pgp_signature_t &sig)

#if defined(ENABLE_CRYPTO_REFRESH)
if (key.version == PGP_V6) {
hash->add(sig.salt, sig.salt_size);
hash->add(sig.salt);
}
#endif

Expand Down Expand Up @@ -132,7 +132,7 @@ signature_calculate(pgp_signature_t & sig,
}

/* Copy left 16 bits to signature */
memcpy(sig.lbits, hval.data(), 2);
std::copy(hval.begin(), hval.begin() + 2, sig.lbits.begin());

pgp_signature_material_t material = {};
/* Some algos require used hash algorithm for signing */
Expand Down Expand Up @@ -181,7 +181,7 @@ signature_validate(const pgp_signature_t & sig,
auto hval = signature_hash_finish(sig, hash, hdr);

/* compare lbits */
if (memcmp(hval.data(), sig.lbits, 2)) {
if (memcmp(hval.data(), sig.lbits.data(), 2)) {
RNP_LOG("wrong lbits");
return RNP_ERROR_SIGNATURE_INVALID;
}
Expand Down
4 changes: 2 additions & 2 deletions src/lib/pgp-key.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -2437,8 +2437,8 @@ pgp_key_t::sign_init(rnp::RNG & rng,
}
#if defined(ENABLE_CRYPTO_REFRESH)
if (version == PGP_V6) {
sig.salt_size = rnp::Hash::size(sig.halg) / 2;
rng.get(sig.salt, sig.salt_size);
sig.salt.resize(rnp::Hash::size(sig.halg) / 2);
rng.get(sig.salt.data(), sig.salt.size());
}
#endif
}
Expand Down
6 changes: 3 additions & 3 deletions src/lib/types.h
Original file line number Diff line number Diff line change
Expand Up @@ -227,9 +227,9 @@ typedef struct pgp_key_protection_t {
uint8_t iv[PGP_MAX_BLOCK_SIZE];
} pgp_key_protection_t;

typedef struct pgp_key_pkt_t pgp_key_pkt_t;
typedef struct pgp_userid_pkt_t pgp_userid_pkt_t;
typedef struct pgp_signature_t pgp_signature_t;
typedef struct pgp_key_pkt_t pgp_key_pkt_t;
typedef struct pgp_userid_pkt_t pgp_userid_pkt_t;
typedef struct pgp_signature_t pgp_signature_t;
typedef struct pgp_one_pass_sig_t pgp_one_pass_sig_t;

typedef enum {
Expand Down
4 changes: 2 additions & 2 deletions src/librepgp/stream-dump.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -815,7 +815,7 @@ stream_dump_signature_pkt(rnp_dump_ctx_t *ctx, pgp_signature_t *sig, pgp_dest_t
indent_dest_decrease(dst);
}

dst_print_hex(dst, "lbits", sig->lbits, sizeof(sig->lbits), false);
dst_print_hex(dst, "lbits", sig->lbits.data(), sig->lbits.size(), false);
dst_printf(dst, "signature material:\n");
indent_dest_increase(dst);

Expand Down Expand Up @@ -2019,7 +2019,7 @@ stream_dump_signature_pkt_json(rnp_dump_ctx_t * ctx,
}
}

if (!json_add_hex(pkt, "lbits", sig->lbits, sizeof(sig->lbits))) {
if (!json_add_hex(pkt, "lbits", sig->lbits.data(), sig->lbits.size())) {
return RNP_ERROR_OUT_OF_MEMORY; // LCOV_EXCL_LINE
}

Expand Down
16 changes: 16 additions & 0 deletions src/librepgp/stream-packet.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -465,6 +465,11 @@ pgp_packet_body_t::pgp_packet_body_t(const uint8_t *data, size_t len)
secure_ = false;
}

pgp_packet_body_t::pgp_packet_body_t(const std::vector<uint8_t> &data)
: pgp_packet_body_t(data.data(), data.size())
{
}

pgp_packet_body_t::~pgp_packet_body_t()
{
if (secure_) {
Expand Down Expand Up @@ -551,6 +556,17 @@ pgp_packet_body_t::get(uint8_t *val, size_t len) noexcept
return true;
}

bool
pgp_packet_body_t::get(std::vector<uint8_t> &val, size_t len)
{
if (pos_ + len > data_.size()) {
return false;
}
val.assign(data_.data() + pos_, data_.data() + pos_ + len);
pos_ += len;
return true;
}

bool
pgp_packet_body_t::get(pgp_key_id_t &val) noexcept
{
Expand Down
7 changes: 7 additions & 0 deletions src/librepgp/stream-packet.h
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,7 @@ typedef struct pgp_packet_body_t {
* @param len number of available bytes in mem
*/
pgp_packet_body_t(const uint8_t *data, size_t len);
pgp_packet_body_t(const std::vector<uint8_t> &data);

pgp_packet_body_t(const pgp_packet_body_t &src) = delete;
pgp_packet_body_t(pgp_packet_body_t &&src) = delete;
Expand Down Expand Up @@ -107,6 +108,12 @@ typedef struct pgp_packet_body_t {
* @return true on success or false otherwise (if end of the packet is reached)
**/
bool get(uint8_t *val, size_t len) noexcept;
/**
* @brief Get some bytes of data to vector, resizing it accordingly.
*
* @param len number of bytes to read.
*/
bool get(std::vector<uint8_t> &val, size_t len);
/** @brief get next keyid from the packet body, populated with read() call.
* @param val result will be stored here on success
* @return true on success or false otherwise (if end of the packet is reached)
Expand Down
Loading

0 comments on commit 8a416cd

Please sign in to comment.