Bug Summary

File:src/lib/libkeynote/signature.c
Warning:line 946, column 11
Result of 'calloc' is converted to a pointer of type 'unsigned char', which is incompatible with sizeof operand type 'char'

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple amd64-unknown-openbsd7.0 -analyze -disable-free -disable-llvm-verifier -discard-value-names -main-file-name signature.c -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 1 -pic-is-pie -mframe-pointer=all -relaxed-aliasing -fno-rounding-math -mconstructor-aliases -munwind-tables -target-cpu x86-64 -target-feature +retpoline-indirect-calls -target-feature +retpoline-indirect-branches -tune-cpu generic -debugger-tuning=gdb -fcoverage-compilation-dir=/usr/src/lib/libkeynote/obj -resource-dir /usr/local/lib/clang/13.0.0 -I . -I /usr/src/lib/libkeynote -internal-isystem /usr/local/lib/clang/13.0.0/include -internal-externc-isystem /usr/include -O2 -fdebug-compilation-dir=/usr/src/lib/libkeynote/obj -ferror-limit 19 -fwrapv -D_RET_PROTECTOR -ret-protector -fgnuc-version=4.2.1 -vectorize-loops -vectorize-slp -fno-builtin-malloc -fno-builtin-calloc -fno-builtin-realloc -fno-builtin-valloc -fno-builtin-free -fno-builtin-strdup -fno-builtin-strndup -analyzer-output=html -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /home/ben/Projects/vmm/scan-build/2022-01-12-194120-40624-1 -x c /usr/src/lib/libkeynote/signature.c
1/* $OpenBSD: signature.c,v 1.28 2022/01/11 12:14:07 tb Exp $ */
2/*
3 * The author of this code is Angelos D. Keromytis (angelos@dsl.cis.upenn.edu)
4 *
5 * This code was written by Angelos D. Keromytis in Philadelphia, PA, USA,
6 * in April-May 1998
7 *
8 * Copyright (C) 1998, 1999 by Angelos D. Keromytis.
9 *
10 * Permission to use, copy, and modify this software with or without fee
11 * is hereby granted, provided that this entire notice is included in
12 * all copies of any software which is or includes a copy or
13 * modification of this software.
14 *
15 * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
16 * IMPLIED WARRANTY. IN PARTICULAR, THE AUTHORS MAKES NO
17 * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
18 * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
19 * PURPOSE.
20 */
21
22/*
23 * Support for X509 keys and signing added by Ben Laurie <ben@algroup.co.uk>
24 * 3 May 1999
25 */
26
27#include <sys/types.h>
28
29#include <limits.h>
30#include <regex.h>
31#include <stdlib.h>
32#include <stdio.h>
33#include <string.h>
34
35#include <openssl/dsa.h>
36#include <openssl/md5.h>
37#include <openssl/pem.h>
38#include <openssl/rsa.h>
39#include <openssl/sha.h>
40#include <openssl/x509.h>
41
42#include "keynote.h"
43#include "assertion.h"
44#include "signature.h"
45
46static const char hextab[] = {
47 '0', '1', '2', '3', '4', '5', '6', '7',
48 '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'
49};
50
51/*
52 * Actual conversion to hex.
53 */
54static void
55bin2hex(unsigned char *data, unsigned char *buffer, int len)
56{
57 int off = 0;
58
59 while(len > 0)
60 {
61 buffer[off++] = hextab[*data >> 4];
62 buffer[off++] = hextab[*data & 0xF];
63 data++;
64 len--;
65 }
66}
67
68/*
69 * Encode a binary string with hex encoding. Return 0 on success.
70 */
71int
72kn_encode_hex(unsigned char *buf, char **dest, int len)
73{
74 keynote_errno = 0;
75 if (dest == NULL((void*)0))
76 {
77 keynote_errno = ERROR_SYNTAX-2;
78 return -1;
79 }
80
81 *dest = calloc(2 * len + 1, sizeof(char));
82 if (*dest == NULL((void*)0))
83 {
84 keynote_errno = ERROR_MEMORY-1;
85 return -1;
86 }
87
88 bin2hex(buf, *dest, len);
89 return 0;
90}
91
92/*
93 * Decode a hex encoding. Return 0 on success. The second argument
94 * will be half as large as the first.
95 */
96int
97kn_decode_hex(char *hex, char **dest)
98{
99 int i, decodedlen;
100 char ptr[3];
101
102 keynote_errno = 0;
103 if (dest == NULL((void*)0))
104 {
105 keynote_errno = ERROR_SYNTAX-2;
106 return -1;
107 }
108
109 if (strlen(hex) % 2) /* Should be even */
110 {
111 keynote_errno = ERROR_SYNTAX-2;
112 return -1;
113 }
114
115 decodedlen = strlen(hex) / 2;
116 *dest = calloc(decodedlen, sizeof(char));
117 if (*dest == NULL((void*)0))
118 {
119 keynote_errno = ERROR_MEMORY-1;
120 return -1;
121 }
122
123 ptr[2] = '\0';
124 for (i = 0; i < decodedlen; i++)
125 {
126 ptr[0] = hex[2 * i];
127 ptr[1] = hex[(2 * i) + 1];
128 (*dest)[i] = (unsigned char) strtoul(ptr, NULL((void*)0), 16);
129 }
130
131 return 0;
132}
133
134void
135keynote_free_key(void *key, int type)
136{
137 if (key == NULL((void*)0))
138 return;
139
140 /* DSA keys */
141 if (type == KEYNOTE_ALGORITHM_DSA1)
142 {
143 DSA_free(key);
144 return;
145 }
146
147 /* RSA keys */
148 if (type == KEYNOTE_ALGORITHM_RSA6)
149 {
150 RSA_free(key);
151 return;
152 }
153
154 /* X509 keys */
155 if (type == KEYNOTE_ALGORITHM_X5095)
156 {
157 RSA_free(key); /* RSA-specific */
158 return;
159 }
160
161 /* BINARY keys */
162 if (type == KEYNOTE_ALGORITHM_BINARY4)
163 {
164 free(((struct keynote_binary *) key)->bn_key);
165 free(key);
166 return;
167 }
168
169 /* Catch-all case */
170 if (type == KEYNOTE_ALGORITHM_NONE0)
171 free(key);
172}
173
174/*
175 * Map a signature to an algorithm. Return algorithm number (defined in
176 * keynote.h), or KEYNOTE_ALGORITHM_NONE if unknown.
177 * Also return in the second, third and fourth arguments the digest
178 * algorithm, ASCII and internal encodings respectively.
179 */
180static int
181keynote_get_sig_algorithm(char *sig, int *hash, int *enc, int *internal)
182{
183 if (sig == NULL((void*)0))
184 return KEYNOTE_ALGORITHM_NONE0;
185
186 if (!strncasecmp(SIG_DSA_SHA1_HEX"sig-dsa-sha1-hex:", sig, SIG_DSA_SHA1_HEX_LENstrlen("sig-dsa-sha1-hex:")))
187 {
188 *hash = KEYNOTE_HASH_SHA11;
189 *enc = ENCODING_HEX1;
190 *internal = INTERNAL_ENC_ASN12;
191 return KEYNOTE_ALGORITHM_DSA1;
192 }
193
194 if (!strncasecmp(SIG_DSA_SHA1_BASE64"sig-dsa-sha1-base64:", sig, SIG_DSA_SHA1_BASE64_LENstrlen("sig-dsa-sha1-base64:")))
195 {
196 *hash = KEYNOTE_HASH_SHA11;
197 *enc = ENCODING_BASE642;
198 *internal = INTERNAL_ENC_ASN12;
199 return KEYNOTE_ALGORITHM_DSA1;
200 }
201
202 if (!strncasecmp(SIG_RSA_MD5_PKCS1_HEX"sig-rsa-md5-hex:", sig, SIG_RSA_MD5_PKCS1_HEX_LENstrlen("sig-rsa-md5-hex:")))
203 {
204 *hash = KEYNOTE_HASH_MD52;
205 *enc = ENCODING_HEX1;
206 *internal = INTERNAL_ENC_PKCS11;
207 return KEYNOTE_ALGORITHM_RSA6;
208 }
209
210 if (!strncasecmp(SIG_RSA_SHA1_PKCS1_HEX"sig-rsa-sha1-hex:", sig, SIG_RSA_SHA1_PKCS1_HEX_LENstrlen("sig-rsa-sha1-hex:")))
211 {
212 *hash = KEYNOTE_HASH_SHA11;
213 *enc = ENCODING_HEX1;
214 *internal = INTERNAL_ENC_PKCS11;
215 return KEYNOTE_ALGORITHM_RSA6;
216 }
217
218 if (!strncasecmp(SIG_RSA_MD5_PKCS1_BASE64"sig-rsa-md5-base64:", sig,
219 SIG_RSA_MD5_PKCS1_BASE64_LENstrlen("sig-rsa-md5-base64:")))
220 {
221 *hash = KEYNOTE_HASH_MD52;
222 *enc = ENCODING_BASE642;
223 *internal = INTERNAL_ENC_PKCS11;
224 return KEYNOTE_ALGORITHM_RSA6;
225 }
226
227 if (!strncasecmp(SIG_RSA_SHA1_PKCS1_BASE64"sig-rsa-sha1-base64:", sig,
228 SIG_RSA_SHA1_PKCS1_BASE64_LENstrlen("sig-rsa-sha1-base64:")))
229 {
230 *hash = KEYNOTE_HASH_SHA11;
231 *enc = ENCODING_BASE642;
232 *internal = INTERNAL_ENC_PKCS11;
233 return KEYNOTE_ALGORITHM_RSA6;
234 }
235
236 if (!strncasecmp(SIG_X509_SHA1_BASE64"sig-x509-sha1-base64:", sig, SIG_X509_SHA1_BASE64_LENstrlen("sig-x509-sha1-base64:")))
237 {
238 *hash = KEYNOTE_HASH_SHA11;
239 *enc = ENCODING_BASE642;
240 *internal = INTERNAL_ENC_ASN12;
241 return KEYNOTE_ALGORITHM_X5095;
242 }
243
244 if (!strncasecmp(SIG_X509_SHA1_HEX"sig-x509-sha1-hex:", sig, SIG_X509_SHA1_HEX_LENstrlen("sig-x509-sha1-hex:")))
245 {
246 *hash = KEYNOTE_HASH_SHA11;
247 *enc = ENCODING_HEX1;
248 *internal = INTERNAL_ENC_ASN12;
249 return KEYNOTE_ALGORITHM_X5095;
250 }
251
252 *hash = KEYNOTE_HASH_NONE0;
253 *enc = ENCODING_NONE0;
254 *internal = INTERNAL_ENC_NONE0;
255 return KEYNOTE_ALGORITHM_NONE0;
256}
257
258/*
259 * Map a key to an algorithm. Return algorithm number (defined in
260 * keynote.h), or KEYNOTE_ALGORITHM_NONE if unknown.
261 * This latter is also a valid algorithm (for logical tags). Also return
262 * in the second and third arguments the ASCII and internal encodings.
263 */
264int
265keynote_get_key_algorithm(char *key, int *encoding, int *internalencoding)
266{
267 if (!strncasecmp(DSA_HEX"dsa-hex:", key, DSA_HEX_LENstrlen("dsa-hex:")))
268 {
269 *internalencoding = INTERNAL_ENC_ASN12;
270 *encoding = ENCODING_HEX1;
271 return KEYNOTE_ALGORITHM_DSA1;
272 }
273
274 if (!strncasecmp(DSA_BASE64"dsa-base64:", key, DSA_BASE64_LENstrlen("dsa-base64:")))
275 {
276 *internalencoding = INTERNAL_ENC_ASN12;
277 *encoding = ENCODING_BASE642;
278 return KEYNOTE_ALGORITHM_DSA1;
279 }
280
281 if (!strncasecmp(RSA_PKCS1_HEX"rsa-hex:", key, RSA_PKCS1_HEX_LENstrlen("rsa-hex:")))
282 {
283 *internalencoding = INTERNAL_ENC_PKCS11;
284 *encoding = ENCODING_HEX1;
285 return KEYNOTE_ALGORITHM_RSA6;
286 }
287
288 if (!strncasecmp(RSA_PKCS1_BASE64"rsa-base64:", key, RSA_PKCS1_BASE64_LENstrlen("rsa-base64:")))
289 {
290 *internalencoding = INTERNAL_ENC_PKCS11;
291 *encoding = ENCODING_BASE642;
292 return KEYNOTE_ALGORITHM_RSA6;
293 }
294
295 if (!strncasecmp(X509_BASE64"x509-base64:", key, X509_BASE64_LENstrlen("x509-base64:")))
296 {
297 *internalencoding = INTERNAL_ENC_ASN12;
298 *encoding = ENCODING_BASE642;
299 return KEYNOTE_ALGORITHM_X5095;
300 }
301
302 if (!strncasecmp(X509_HEX"x509-hex:", key, X509_HEX_LENstrlen("x509-hex:")))
303 {
304 *internalencoding = INTERNAL_ENC_ASN12;
305 *encoding = ENCODING_HEX1;
306 return KEYNOTE_ALGORITHM_X5095;
307 }
308
309 if (!strncasecmp(BINARY_HEX"binary-hex:", key, BINARY_HEX_LENstrlen("binary-hex:")))
310 {
311 *internalencoding = INTERNAL_ENC_NONE0;
312 *encoding = ENCODING_HEX1;
313 return KEYNOTE_ALGORITHM_BINARY4;
314 }
315
316 if (!strncasecmp(BINARY_BASE64"binary-base64:", key, BINARY_BASE64_LENstrlen("binary-base64:")))
317 {
318 *internalencoding = INTERNAL_ENC_NONE0;
319 *encoding = ENCODING_BASE642;
320 return KEYNOTE_ALGORITHM_BINARY4;
321 }
322
323 *internalencoding = INTERNAL_ENC_NONE0;
324 *encoding = ENCODING_NONE0;
325 return KEYNOTE_ALGORITHM_NONE0;
326}
327
328/*
329 * Same as keynote_get_key_algorithm(), only verify that this is
330 * a private key (just look at the prefix).
331 */
332static int
333keynote_get_private_key_algorithm(char *key, int *encoding,
334 int *internalencoding)
335{
336 if (strncasecmp(KEYNOTE_PRIVATE_KEY_PREFIX"private-", key,
337 KEYNOTE_PRIVATE_KEY_PREFIX_LENstrlen("private-")))
338 {
339 *internalencoding = INTERNAL_ENC_NONE0;
340 *encoding = ENCODING_NONE0;
341 return KEYNOTE_ALGORITHM_NONE0;
342 }
343
344 return keynote_get_key_algorithm(key + KEYNOTE_PRIVATE_KEY_PREFIX_LENstrlen("private-"),
345 encoding, internalencoding);
346}
347
348/*
349 * Decode a string to a key. Return 0 on success.
350 */
351int
352kn_decode_key(struct keynote_deckey *dc, char *key, int keytype)
353{
354 void *kk = NULL((void*)0);
355 X509 *px509Cert;
356 EVP_PKEY *pPublicKey;
357 unsigned char *ptr = NULL((void*)0), *decoded = NULL((void*)0);
358 int encoding, internalencoding;
359 long len = 0;
360
361 keynote_errno = 0;
362 if (keytype == KEYNOTE_PRIVATE_KEY1)
363 dc->dec_algorithm = keynote_get_private_key_algorithm(key, &encoding,
364 &internalencoding);
365 else
366 dc->dec_algorithm = keynote_get_key_algorithm(key, &encoding,
367 &internalencoding);
368 if (dc->dec_algorithm == KEYNOTE_ALGORITHM_NONE0)
369 {
370 if ((dc->dec_key = strdup(key)) == NULL((void*)0)) {
371 keynote_errno = ERROR_MEMORY-1;
372 return -1;
373 }
374
375 return 0;
376 }
377
378 key = strchr(key, ':'); /* Move forward, to the Encoding. We're guaranteed
379 * to have a ':' character, since this is a key */
380 key++;
381
382 /* Remove ASCII encoding */
383 switch (encoding)
384 {
385 case ENCODING_NONE0:
386 break;
387
388 case ENCODING_HEX1:
389 len = strlen(key) / 2;
390 if (kn_decode_hex(key, (char **) &decoded) != 0)
391 return -1;
392 ptr = decoded;
393 break;
394
395 case ENCODING_BASE642:
396 len = strlen(key);
397 if (len % 4) /* Base64 encoding must be a multiple of 4 */
398 {
399 keynote_errno = ERROR_SYNTAX-2;
400 return -1;
401 }
402
403 len = 3 * (len / 4);
404 decoded = calloc(len, sizeof(unsigned char));
405 ptr = decoded;
406 if (decoded == NULL((void*)0)) {
407 keynote_errno = ERROR_MEMORY-1;
408 return -1;
409 }
410
411 if ((len = kn_decode_base64(key, decoded, len)) == -1)
412 return -1;
413 break;
414
415 case ENCODING_NATIVE3:
416 decoded = strdup(key);
417 if (decoded == NULL((void*)0)) {
418 keynote_errno = ERROR_MEMORY-1;
419 return -1;
420 }
421 len = strlen(key);
422 ptr = decoded;
423 break;
424
425 default:
426 keynote_errno = ERROR_SYNTAX-2;
427 return -1;
428 }
429
430 /* DSA-HEX */
431 if ((dc->dec_algorithm == KEYNOTE_ALGORITHM_DSA1) &&
432 (internalencoding == INTERNAL_ENC_ASN12))
433 {
434 dc->dec_key = DSA_new();
435 if (dc->dec_key == NULL((void*)0)) {
436 keynote_errno = ERROR_MEMORY-1;
437 return -1;
438 }
439
440 kk = dc->dec_key;
441 if (keytype == KEYNOTE_PRIVATE_KEY1)
442 {
443 if (d2i_DSAPrivateKey((DSA **) &kk,(const unsigned char **) &decoded, len) == NULL((void*)0)) {
444 free(ptr);
445 DSA_free(kk);
446 keynote_errno = ERROR_SYNTAX-2; /* Could be a memory error */
447 return -1;
448 }
449 }
450 else
451 {
452 if (d2i_DSAPublicKey((DSA **) &kk, (const unsigned char **) &decoded, len) == NULL((void*)0)) {
453 free(ptr);
454 DSA_free(kk);
455 keynote_errno = ERROR_SYNTAX-2; /* Could be a memory error */
456 return -1;
457 }
458 }
459
460 free(ptr);
461
462 return 0;
463 }
464
465 /* RSA-PKCS1-HEX */
466 if ((dc->dec_algorithm == KEYNOTE_ALGORITHM_RSA6) &&
467 (internalencoding == INTERNAL_ENC_PKCS11))
468 {
469 dc->dec_key = RSA_new();
470 if (dc->dec_key == NULL((void*)0)) {
471 keynote_errno = ERROR_MEMORY-1;
472 return -1;
473 }
474
475 kk = dc->dec_key;
476 if (keytype == KEYNOTE_PRIVATE_KEY1)
477 {
478 if (d2i_RSAPrivateKey((RSA **) &kk, (const unsigned char **) &decoded, len) == NULL((void*)0)) {
479 free(ptr);
480 RSA_free(kk);
481 keynote_errno = ERROR_SYNTAX-2; /* Could be a memory error */
482 return -1;
483 }
484 if (RSA_blinding_on((RSA *) kk, NULL((void*)0)) != 1) {
485 free(ptr);
486 RSA_free(kk);
487 keynote_errno = ERROR_MEMORY-1;
488 return -1;
489 }
490 }
491 else
492 {
493 if (d2i_RSAPublicKey((RSA **) &kk, (const unsigned char **) &decoded, len) == NULL((void*)0)) {
494 free(ptr);
495 RSA_free(kk);
496 keynote_errno = ERROR_SYNTAX-2; /* Could be a memory error */
497 return -1;
498 }
499 }
500
501 free(ptr);
502
503 return 0;
504 }
505
506 /* X509 Cert */
507 if ((dc->dec_algorithm == KEYNOTE_ALGORITHM_X5095) &&
508 (internalencoding == INTERNAL_ENC_ASN12) &&
509 (keytype == KEYNOTE_PUBLIC_KEY0))
510 {
511 if ((px509Cert = X509_new()) == NULL((void*)0)) {
512 free(ptr);
513 keynote_errno = ERROR_MEMORY-1;
514 return -1;
515 }
516
517 if(d2i_X509(&px509Cert, (const unsigned char **)&decoded, len) == NULL((void*)0))
518 {
519 free(ptr);
520 X509_free(px509Cert);
521 keynote_errno = ERROR_SYNTAX-2;
522 return -1;
523 }
524
525 if ((pPublicKey = X509_get0_pubkey(px509Cert)) == NULL((void*)0)) {
526 free(ptr);
527 X509_free(px509Cert);
528 keynote_errno = ERROR_SYNTAX-2;
529 return -1;
530 }
531
532 /* RSA-specific */
533 dc->dec_key = EVP_PKEY_get0_RSA(pPublicKey);
534 RSA_up_ref(dc->dec_key);
535
536 free(ptr);
537 X509_free(px509Cert);
538 return 0;
539 }
540
541 /* BINARY keys */
542 if ((dc->dec_algorithm == KEYNOTE_ALGORITHM_BINARY4) &&
543 (internalencoding == INTERNAL_ENC_NONE0))
544 {
545 dc->dec_key = calloc(1, sizeof(struct keynote_binary));
546 if (dc->dec_key == NULL((void*)0))
547 {
548 keynote_errno = ERROR_MEMORY-1;
549 return -1;
550 }
551
552 ((struct keynote_binary *) dc->dec_key)->bn_key = decoded;
553 ((struct keynote_binary *) dc->dec_key)->bn_len = len;
554 return RESULT_TRUE1;
555 }
556
557 /* Add support for more algorithms here */
558
559 free(ptr);
560
561 /* This shouldn't ever be reached really */
562 keynote_errno = ERROR_SYNTAX-2;
563 return -1;
564}
565
566/*
567 * Compare two keys for equality. Return RESULT_TRUE if equal,
568 * RESULT_FALSE otherwise.
569 */
570int
571kn_keycompare(void *key1, void *key2, int algorithm)
572{
573 DSA *p1, *p2;
574 RSA *p3, *p4;
575 struct keynote_binary *bn1, *bn2;
576
577 if (key1 == NULL((void*)0) || key2 == NULL((void*)0))
578 return RESULT_FALSE0;
579
580 switch (algorithm)
581 {
582 case KEYNOTE_ALGORITHM_NONE0:
583 if (!strcmp(key1, key2))
584 return RESULT_TRUE1;
585 else
586 return RESULT_FALSE0;
587
588 case KEYNOTE_ALGORITHM_DSA1:
589 p1 = (DSA *) key1;
590 p2 = (DSA *) key2;
591 if (!BN_cmp(p1->p, p2->p) &&
592 !BN_cmp(p1->q, p2->q) &&
593 !BN_cmp(p1->g, p2->g) &&
594 !BN_cmp(p1->pub_key, p2->pub_key))
595 return RESULT_TRUE1;
596 else
597 return RESULT_FALSE0;
598
599 case KEYNOTE_ALGORITHM_X5095:
600 p3 = (RSA *) key1;
601 p4 = (RSA *) key2;
602 if (!BN_cmp(p3->n, p4->n) &&
603 !BN_cmp(p3->e, p4->e))
604 return RESULT_TRUE1;
605 else
606 return RESULT_FALSE0;
607
608 case KEYNOTE_ALGORITHM_RSA6:
609 p3 = (RSA *) key1;
610 p4 = (RSA *) key2;
611 if (!BN_cmp(p3->n, p4->n) &&
612 !BN_cmp(p3->e, p4->e))
613 return RESULT_TRUE1;
614 else
615 return RESULT_FALSE0;
616
617 case KEYNOTE_ALGORITHM_ELGAMAL2:
618 /* Not supported yet */
619 return RESULT_FALSE0;
620
621 case KEYNOTE_ALGORITHM_PGP3:
622 /* Not supported yet */
623 return RESULT_FALSE0;
624
625 case KEYNOTE_ALGORITHM_BINARY4:
626 bn1 = (struct keynote_binary *) key1;
627 bn2 = (struct keynote_binary *) key2;
628 if ((bn1->bn_len == bn2->bn_len) &&
629 !memcmp(bn1->bn_key, bn2->bn_key, bn1->bn_len))
630 return RESULT_TRUE1;
631 else
632 return RESULT_FALSE0;
633
634 default:
635 return RESULT_FALSE0;
636 }
637}
638
639/*
640 * Verify the signature on an assertion; return SIGRESULT_TRUE is
641 * success, SIGRESULT_FALSE otherwise.
642 */
643int
644keynote_sigverify_assertion(struct assertion *as)
645{
646 int hashtype, enc, intenc, alg = KEYNOTE_ALGORITHM_NONE0, hashlen = 0;
647 unsigned char *sig, *decoded = NULL((void*)0), *ptr;
648 unsigned char res2[20];
649 SHA_CTX shscontext;
650 MD5_CTX md5context;
651 int len = 0;
652 DSA *dsa;
653 RSA *rsa;
654 if (as->as_signature == NULL((void*)0) ||
655 as->as_startofsignature == NULL((void*)0) ||
656 as->as_allbutsignature == NULL((void*)0) ||
657 as->as_allbutsignature - as->as_startofsignature <= 0)
658 return SIGRESULT_FALSE1;
659
660 alg = keynote_get_sig_algorithm(as->as_signature, &hashtype, &enc,
661 &intenc);
662 if (alg == KEYNOTE_ALGORITHM_NONE0)
663 return SIGRESULT_FALSE1;
664
665 /* Check for matching algorithms */
666 if ((alg != as->as_signeralgorithm) &&
667 !((alg == KEYNOTE_ALGORITHM_RSA6) &&
668 (as->as_signeralgorithm == KEYNOTE_ALGORITHM_X5095)) &&
669 !((alg == KEYNOTE_ALGORITHM_X5095) &&
670 (as->as_signeralgorithm == KEYNOTE_ALGORITHM_RSA6)))
671 return SIGRESULT_FALSE1;
672
673 sig = strchr(as->as_signature, ':'); /* Move forward to the Encoding. We
674 * are guaranteed to have a ':'
675 * character, since this is a valid
676 * signature */
677 sig++;
678
679 switch (hashtype)
680 {
681 case KEYNOTE_HASH_SHA11:
682 hashlen = 20;
683 memset(res2, 0, hashlen);
684 SHA1_Init(&shscontext);
685 SHA1_Update(&shscontext, as->as_startofsignature,
686 as->as_allbutsignature - as->as_startofsignature);
687 SHA1_Update(&shscontext, as->as_signature,
688 (char *) sig - as->as_signature);
689 SHA1_Final(res2, &shscontext);
690 break;
691
692 case KEYNOTE_HASH_MD52:
693 hashlen = 16;
694 memset(res2, 0, hashlen);
695 MD5_Init(&md5context);
696 MD5_Update(&md5context, as->as_startofsignature,
697 as->as_allbutsignature - as->as_startofsignature);
698 MD5_Update(&md5context, as->as_signature,
699 (char *) sig - as->as_signature);
700 MD5_Final(res2, &md5context);
701 break;
702
703 case KEYNOTE_HASH_NONE0:
704 break;
705 }
706
707 /* Remove ASCII encoding */
708 switch (enc)
709 {
710 case ENCODING_NONE0:
711 ptr = NULL((void*)0);
712 break;
713
714 case ENCODING_HEX1:
715 len = strlen(sig) / 2;
716 if (kn_decode_hex(sig, (char **) &decoded) != 0)
717 return -1;
718 ptr = decoded;
719 break;
720
721 case ENCODING_BASE642:
722 len = strlen(sig);
723 if (len % 4) /* Base64 encoding must be a multiple of 4 */
724 {
725 keynote_errno = ERROR_SYNTAX-2;
726 return -1;
727 }
728
729 len = 3 * (len / 4);
730 decoded = calloc(len, sizeof(unsigned char));
731 ptr = decoded;
732 if (decoded == NULL((void*)0)) {
733 keynote_errno = ERROR_MEMORY-1;
734 return -1;
735 }
736
737 len = kn_decode_base64(sig, decoded, len);
738 if ((len == -1) || (len == 0) || (len == 1))
739 return -1;
740 break;
741
742 case ENCODING_NATIVE3:
743
744 if ((decoded = strdup(sig)) == NULL((void*)0)) {
745 keynote_errno = ERROR_MEMORY-1;
746 return -1;
747 }
748 len = strlen(sig);
749 ptr = decoded;
750 break;
751
752 default:
753 keynote_errno = ERROR_SYNTAX-2;
754 return -1;
755 }
756
757 /* DSA */
758 if ((alg == KEYNOTE_ALGORITHM_DSA1) && (intenc == INTERNAL_ENC_ASN12))
759 {
760 dsa = (DSA *) as->as_authorizer;
761 if (DSA_verify(0, res2, hashlen, decoded, len, dsa) == 1) {
762 free(ptr);
763 return SIGRESULT_TRUE2;
764 }
765 }
766 else /* RSA */
767 if ((alg == KEYNOTE_ALGORITHM_RSA6) && (intenc == INTERNAL_ENC_PKCS11))
768 {
769 rsa = (RSA *) as->as_authorizer;
770 if (RSA_verify_ASN1_OCTET_STRING(RSA_PKCS1_PADDING1, res2, hashlen,
771 decoded, len, rsa) == 1) {
772 free(ptr);
773 return SIGRESULT_TRUE2;
774 }
775 }
776 else
777 if ((alg == KEYNOTE_ALGORITHM_X5095) && (intenc == INTERNAL_ENC_ASN12))
778 {
779 /* RSA-specific */
780 rsa = (RSA *) as->as_authorizer;
781 if (RSA_verify(NID_shaWithRSAEncryption42, res2, hashlen, decoded,
782 len, rsa) == 1) {
783 free(ptr);
784 return SIGRESULT_TRUE2;
785 }
786 }
787
788 /* Handle more algorithms here */
789
790 free(ptr);
791
792 return SIGRESULT_FALSE1;
793}
794
795/*
796 * Sign an assertion.
797 */
798static char *
799keynote_sign_assertion(struct assertion *as, char *sigalg, void *key,
800 int keyalg, int verifyflag)
801{
802 int slen, i, hashlen = 0, hashtype, alg, encoding, internalenc;
803 unsigned char *sig = NULL((void*)0), *finalbuf = NULL((void*)0);
804 unsigned char res2[LARGEST_HASH_SIZE20], *sbuf = NULL((void*)0);
805 BIO *biokey = NULL((void*)0);
806 DSA *dsa = NULL((void*)0);
807 RSA *rsa = NULL((void*)0);
808 SHA_CTX shscontext;
809 MD5_CTX md5context;
810 int len;
811
812 if (as->as_signature_string_s == NULL((void*)0) ||
813 as->as_startofsignature == NULL((void*)0) ||
814 as->as_allbutsignature == NULL((void*)0) ||
815 as->as_allbutsignature - as->as_startofsignature <= 0 ||
816 as->as_authorizer == NULL((void*)0) ||
817 key == NULL((void*)0) ||
818 as->as_signeralgorithm == KEYNOTE_ALGORITHM_NONE0)
819 {
820 keynote_errno = ERROR_SYNTAX-2;
821 return NULL((void*)0);
822 }
823
824 alg = keynote_get_sig_algorithm(sigalg, &hashtype, &encoding,
825 &internalenc);
826 if (((alg != as->as_signeralgorithm) &&
827 !((alg == KEYNOTE_ALGORITHM_RSA6) &&
828 (as->as_signeralgorithm == KEYNOTE_ALGORITHM_X5095)) &&
829 !((alg == KEYNOTE_ALGORITHM_X5095) &&
830 (as->as_signeralgorithm == KEYNOTE_ALGORITHM_RSA6))) ||
831 ((alg != keyalg) &&
832 !((alg == KEYNOTE_ALGORITHM_RSA6) &&
833 (keyalg == KEYNOTE_ALGORITHM_X5095)) &&
834 !((alg == KEYNOTE_ALGORITHM_X5095) &&
835 (keyalg == KEYNOTE_ALGORITHM_RSA6))))
836 {
837 keynote_errno = ERROR_SYNTAX-2;
838 return NULL((void*)0);
839 }
840
841 sig = strchr(sigalg, ':');
842 if (sig == NULL((void*)0))
843 {
844 keynote_errno = ERROR_SYNTAX-2;
845 return NULL((void*)0);
846 }
847
848 sig++;
849
850 switch (hashtype)
851 {
852 case KEYNOTE_HASH_SHA11:
853 hashlen = 20;
854 memset(res2, 0, hashlen);
855 SHA1_Init(&shscontext);
856 SHA1_Update(&shscontext, as->as_startofsignature,
857 as->as_allbutsignature - as->as_startofsignature);
858 SHA1_Update(&shscontext, sigalg, (char *) sig - sigalg);
859 SHA1_Final(res2, &shscontext);
860 break;
861
862 case KEYNOTE_HASH_MD52:
863 hashlen = 16;
864 memset(res2, 0, hashlen);
865 MD5_Init(&md5context);
866 MD5_Update(&md5context, as->as_startofsignature,
867 as->as_allbutsignature - as->as_startofsignature);
868 MD5_Update(&md5context, sigalg, (char *) sig - sigalg);
869 MD5_Final(res2, &md5context);
870 break;
871
872 case KEYNOTE_HASH_NONE0:
873 break;
874 }
875
876 if ((alg == KEYNOTE_ALGORITHM_DSA1) &&
877 (hashtype == KEYNOTE_HASH_SHA11) &&
878 (internalenc == INTERNAL_ENC_ASN12) &&
879 ((encoding == ENCODING_HEX1) || (encoding == ENCODING_BASE642)))
880 {
881 dsa = (DSA *) key;
882 sbuf = calloc(DSA_size(dsa), sizeof(unsigned char));
883 if (sbuf == NULL((void*)0))
884 {
885 keynote_errno = ERROR_MEMORY-1;
886 return NULL((void*)0);
887 }
888
889 if (DSA_sign(0, res2, hashlen, sbuf, &slen, dsa) <= 0)
890 {
891 free(sbuf);
892 keynote_errno = ERROR_SYNTAX-2;
893 return NULL((void*)0);
894 }
895 }
896 else
897 if ((alg == KEYNOTE_ALGORITHM_RSA6) &&
898 ((hashtype == KEYNOTE_HASH_SHA11) ||
899 (hashtype == KEYNOTE_HASH_MD52)) &&
900 (internalenc == INTERNAL_ENC_PKCS11) &&
901 ((encoding == ENCODING_HEX1) || (encoding == ENCODING_BASE642)))
902 {
903 rsa = (RSA *) key;
904 sbuf = calloc(RSA_size(rsa), sizeof(unsigned char));
905 if (sbuf == NULL((void*)0))
906 {
907 keynote_errno = ERROR_MEMORY-1;
908 return NULL((void*)0);
909 }
910
911 if (RSA_sign_ASN1_OCTET_STRING(RSA_PKCS1_PADDING1, res2, hashlen,
912 sbuf, &slen, rsa) <= 0)
913 {
914 free(sbuf);
915 keynote_errno = ERROR_SYNTAX-2;
916 return NULL((void*)0);
917 }
918 }
919 else
920 if ((alg == KEYNOTE_ALGORITHM_X5095) &&
921 (hashtype == KEYNOTE_HASH_SHA11) &&
922 (internalenc == INTERNAL_ENC_ASN12))
923 {
924 if ((biokey = BIO_new(BIO_s_mem())) == NULL((void*)0))
925 {
926 keynote_errno = ERROR_SYNTAX-2;
927 return NULL((void*)0);
928 }
929
930 if (BIO_write(biokey, key, strlen(key) + 1) <= 0)
931 {
932 BIO_free(biokey);
933 keynote_errno = ERROR_SYNTAX-2;
934 return NULL((void*)0);
935 }
936
937 /* RSA-specific */
938 rsa = (RSA *) PEM_read_bio_RSAPrivateKey(biokey, NULL((void*)0), NULL((void*)0), NULL((void*)0));
939 if (rsa == NULL((void*)0))
940 {
941 BIO_free(biokey);
942 keynote_errno = ERROR_SYNTAX-2;
943 return NULL((void*)0);
944 }
945
946 sbuf = calloc(RSA_size(rsa), sizeof(char));
Result of 'calloc' is converted to a pointer of type 'unsigned char', which is incompatible with sizeof operand type 'char'
947 if (sbuf == NULL((void*)0))
948 {
949 BIO_free(biokey);
950 RSA_free(rsa);
951 keynote_errno = ERROR_MEMORY-1;
952 return NULL((void*)0);
953 }
954
955 if (RSA_sign(NID_shaWithRSAEncryption42, res2, hashlen, sbuf, &slen,
956 rsa) <= 0)
957 {
958 BIO_free(biokey);
959 RSA_free(rsa);
960 free(sbuf);
961 keynote_errno = ERROR_SIGN_FAILURE-4;
962 return NULL((void*)0);
963 }
964
965 BIO_free(biokey);
966 RSA_free(rsa);
967 }
968 else /* Other algorithms here */
969 {
970 keynote_errno = ERROR_SYNTAX-2;
971 return NULL((void*)0);
972 }
973
974 /* ASCII encoding */
975 switch (encoding)
976 {
977 case ENCODING_HEX1:
978 i = kn_encode_hex(sbuf, (char **) &finalbuf, slen);
979 free(sbuf);
980 if (i != 0)
981 return NULL((void*)0);
982 break;
983
984 case ENCODING_BASE642:
985 finalbuf = calloc(2 * slen, sizeof(unsigned char));
986 if (finalbuf == NULL((void*)0))
987 {
988 keynote_errno = ERROR_MEMORY-1;
989 free(sbuf);
990 return NULL((void*)0);
991 }
992
993 slen = kn_encode_base64(sbuf, slen, finalbuf, 2 * slen);
994 free(sbuf);
995 if (slen == -1) {
996 free(finalbuf);
997 return NULL((void*)0);
998 }
999 break;
1000
1001 default:
1002 free(sbuf);
1003 keynote_errno = ERROR_SYNTAX-2;
1004 return NULL((void*)0);
1005 }
1006
1007 /* Replace as->as_signature */
1008 len = strlen(sigalg) + strlen(finalbuf) + 1;
1009 as->as_signature = calloc(len, sizeof(char));
1010 if (as->as_signature == NULL((void*)0))
1011 {
1012 free(finalbuf);
1013 keynote_errno = ERROR_MEMORY-1;
1014 return NULL((void*)0);
1015 }
1016
1017 /* Concatenate algorithm name and signature value */
1018 snprintf(as->as_signature, len, "%s%s", sigalg, finalbuf);
1019 free(finalbuf);
1020 finalbuf = as->as_signature;
1021
1022 /* Verify the newly-created signature if requested */
1023 if (verifyflag)
1024 {
1025 /* Do the signature verification */
1026 if (keynote_sigverify_assertion(as) != SIGRESULT_TRUE2)
1027 {
1028 as->as_signature = NULL((void*)0);
1029 free(finalbuf);
1030 if (keynote_errno == 0)
1031 keynote_errno = ERROR_SYNTAX-2;
1032 return NULL((void*)0);
1033 }
1034
1035 as->as_signature = NULL((void*)0);
1036 }
1037 else
1038 as->as_signature = NULL((void*)0);
1039
1040 /* Everything ok */
1041 return (char *) finalbuf;
1042}
1043
1044/*
1045 * Verify the signature on an assertion.
1046 */
1047int
1048kn_verify_assertion(char *buf, int len)
1049{
1050 struct assertion *as;
1051 int res;
1052
1053 keynote_errno = 0;
1054 as = keynote_parse_assertion(buf, len, ASSERT_FLAG_SIGVER0x0004);
1055 if (as == NULL((void*)0))
1056 return -1;
1057
1058 res = keynote_sigverify_assertion(as);
1059 keynote_free_assertion(as);
1060 return res;
1061}
1062
1063/*
1064 * Produce the signature for an assertion.
1065 */
1066char *
1067kn_sign_assertion(char *buf, int buflen, char *key, char *sigalg, int vflag)
1068{
1069 int i, alg, hashtype, encoding, internalenc;
1070 struct keynote_deckey dc;
1071 struct assertion *as;
1072 char *s, *sig;
1073
1074 keynote_errno = 0;
1075 s = NULL((void*)0);
1076
1077 if (sigalg == NULL((void*)0) || buf == NULL((void*)0) || key == NULL((void*)0))
1078 {
1079 keynote_errno = ERROR_NOTFOUND-3;
1080 return NULL((void*)0);
1081 }
1082
1083 if (sigalg[0] == '\0' || sigalg[strlen(sigalg) - 1] != ':')
1084 {
1085 keynote_errno = ERROR_SYNTAX-2;
1086 return NULL((void*)0);
1087 }
1088
1089 /* We're using a different format for X509 private keys, so... */
1090 alg = keynote_get_sig_algorithm(sigalg, &hashtype, &encoding,
1091 &internalenc);
1092 if (alg != KEYNOTE_ALGORITHM_X5095)
1093 {
1094 /* Parse the private key */
1095 s = keynote_get_private_key(key);
1096 if (s == NULL((void*)0))
1097 return NULL((void*)0);
1098
1099 /* Decode private key */
1100 i = kn_decode_key(&dc, s, KEYNOTE_PRIVATE_KEY1);
1101 if (i == -1)
1102 {
1103 free(s);
1104 return NULL((void*)0);
1105 }
1106 }
1107 else /* X509 private key */
1108 {
1109 dc.dec_key = key;
1110 dc.dec_algorithm = alg;
1111 }
1112
1113 as = keynote_parse_assertion(buf, buflen, ASSERT_FLAG_SIGGEN0x0002);
1114 if (as == NULL((void*)0))
1115 {
1116 if (alg != KEYNOTE_ALGORITHM_X5095)
1117 {
1118 keynote_free_key(dc.dec_key, dc.dec_algorithm);
1119 free(s);
1120 }
1121 return NULL((void*)0);
1122 }
1123
1124 sig = keynote_sign_assertion(as, sigalg, dc.dec_key, dc.dec_algorithm,
1125 vflag);
1126 if (alg != KEYNOTE_ALGORITHM_X5095)
1127 keynote_free_key(dc.dec_key, dc.dec_algorithm);
1128 keynote_free_assertion(as);
1129 if (s != NULL((void*)0))
1130 free(s);
1131 return sig;
1132}
1133
1134/*
1135 * ASCII-encode a key.
1136 */
1137char *
1138kn_encode_key(struct keynote_deckey *dc, int iencoding,
1139 int encoding, int keytype)
1140{
1141 char *foo, *ptr;
1142 DSA *dsa;
1143 RSA *rsa;
1144 int i;
1145 struct keynote_binary *bn;
1146 char *s;
1147
1148 keynote_errno = 0;
1149 if (dc == NULL((void*)0) || dc->dec_key == NULL((void*)0))
1150 {
1151 keynote_errno = ERROR_NOTFOUND-3;
1152 return NULL((void*)0);
1153 }
1154
1155 /* DSA keys */
1156 if ((dc->dec_algorithm == KEYNOTE_ALGORITHM_DSA1) &&
1157 (iencoding == INTERNAL_ENC_ASN12) &&
1158 ((encoding == ENCODING_HEX1) || (encoding == ENCODING_BASE642)))
1159 {
1160 dsa = (DSA *) dc->dec_key;
1161 if (keytype == KEYNOTE_PUBLIC_KEY0)
1162 i = i2d_DSAPublicKey(dsa, NULL((void*)0));
1163 else
1164 i = i2d_DSAPrivateKey(dsa, NULL((void*)0));
1165
1166 if (i <= 0)
1167 {
1168 keynote_errno = ERROR_SYNTAX-2;
1169 return NULL((void*)0);
1170 }
1171
1172 ptr = foo = calloc(i, sizeof(char));
1173 if (foo == NULL((void*)0))
1174 {
1175 keynote_errno = ERROR_MEMORY-1;
1176 return NULL((void*)0);
1177 }
1178
1179 if (keytype == KEYNOTE_PUBLIC_KEY0)
1180 i2d_DSAPublicKey(dsa, (unsigned char **) &foo);
1181 else
1182 i2d_DSAPrivateKey(dsa, (unsigned char **) &foo);
1183
1184 if (encoding == ENCODING_HEX1)
1185 {
1186 if (kn_encode_hex(ptr, &s, i) != 0)
1187 {
1188 free(ptr);
1189 return NULL((void*)0);
1190 }
1191
1192 free(ptr);
1193 return s;
1194 }
1195 else
1196 if (encoding == ENCODING_BASE642)
1197 {
1198 s = calloc(2 * i, sizeof(char));
1199 if (s == NULL((void*)0))
1200 {
1201 free(ptr);
1202 keynote_errno = ERROR_MEMORY-1;
1203 return NULL((void*)0);
1204 }
1205
1206 if (kn_encode_base64(ptr, i, s, 2 * i) == -1)
1207 {
1208 free(s);
1209 free(ptr);
1210 return NULL((void*)0);
1211 }
1212
1213 free(ptr);
1214 return s;
1215 }
1216 }
1217
1218 /* RSA keys */
1219 if ((dc->dec_algorithm == KEYNOTE_ALGORITHM_RSA6) &&
1220 (iencoding == INTERNAL_ENC_PKCS11) &&
1221 ((encoding == ENCODING_HEX1) || (encoding == ENCODING_BASE642)))
1222 {
1223 rsa = (RSA *) dc->dec_key;
1224 if (keytype == KEYNOTE_PUBLIC_KEY0)
1225 i = i2d_RSAPublicKey(rsa, NULL((void*)0));
1226 else
1227 i = i2d_RSAPrivateKey(rsa, NULL((void*)0));
1228
1229 if (i <= 0)
1230 {
1231 keynote_errno = ERROR_SYNTAX-2;
1232 return NULL((void*)0);
1233 }
1234
1235 ptr = foo = calloc(i, sizeof(char));
1236 if (foo == NULL((void*)0))
1237 {
1238 keynote_errno = ERROR_MEMORY-1;
1239 return NULL((void*)0);
1240 }
1241
1242 if (keytype == KEYNOTE_PUBLIC_KEY0)
1243 i2d_RSAPublicKey(rsa, (unsigned char **) &foo);
1244 else
1245 i2d_RSAPrivateKey(rsa, (unsigned char **) &foo);
1246
1247 if (encoding == ENCODING_HEX1)
1248 {
1249 if (kn_encode_hex(ptr, &s, i) != 0)
1250 {
1251 free(ptr);
1252 return NULL((void*)0);
1253 }
1254
1255 free(ptr);
1256 return s;
1257 }
1258 else
1259 if (encoding == ENCODING_BASE642)
1260 {
1261 s = calloc(2 * i, sizeof(char));
1262 if (s == NULL((void*)0))
1263 {
1264 free(ptr);
1265 keynote_errno = ERROR_MEMORY-1;
1266 return NULL((void*)0);
1267 }
1268
1269 if (kn_encode_base64(ptr, i, s, 2 * i) == -1)
1270 {
1271 free(s);
1272 free(ptr);
1273 return NULL((void*)0);
1274 }
1275
1276 free(ptr);
1277 return s;
1278 }
1279 }
1280
1281 /* BINARY keys */
1282 if ((dc->dec_algorithm == KEYNOTE_ALGORITHM_BINARY4) &&
1283 (iencoding == INTERNAL_ENC_NONE0) &&
1284 ((encoding == ENCODING_HEX1) || (encoding == ENCODING_BASE642)))
1285 {
1286 bn = (struct keynote_binary *) dc->dec_key;
1287
1288 if (encoding == ENCODING_HEX1)
1289 {
1290 if (kn_encode_hex(bn->bn_key, &s, bn->bn_len) != 0)
1291 return NULL((void*)0);
1292
1293 return s;
1294 }
1295 else
1296 if (encoding == ENCODING_BASE642)
1297 {
1298 s = calloc(2 * bn->bn_len, sizeof(char));
1299 if (s == NULL((void*)0))
1300 {
1301 keynote_errno = ERROR_MEMORY-1;
1302 return NULL((void*)0);
1303 }
1304
1305 if (kn_encode_base64(bn->bn_key, bn->bn_len, s,
1306 2 * bn->bn_len) == -1)
1307 {
1308 free(s);
1309 return NULL((void*)0);
1310 }
1311
1312 return s;
1313 }
1314 }
1315
1316 keynote_errno = ERROR_NOTFOUND-3;
1317 return NULL((void*)0);
1318}