130
130
* and the timestamp, but the drawback of this is, that it is
131
131
* not possible to sign more than one identical document within
132
132
* one second. Some remote batch processing applications might
133
* like this feature here */
133
* like this feature here.
135
* Note that before 2.0.10, we used RIPE-MD160 for the hash
136
* and accidently didn't include the timestamp and algorithm
137
* information in the hash. Given that this feature is not
138
* commonly used and that a replay attacks detection should
139
* not solely be based on this feature (because it does not
140
* work with RSA), we take the freedom and switch to SHA-1
141
* with 2.0.10 to take advantage of hardware supported SHA-1
142
* implementations. We also include the missing information
143
* in the hash. Note also the SIG_ID as computed by gpg 1.x
144
* and gpg 2.x didn't matched either because 2.x used to print
145
* MPIs not in PGP format. */
136
146
u32 a = sig->timestamp;
137
int i, nsig = pubkey_get_nsig( sig->pubkey_algo );
140
if (gcry_md_open (&md, GCRY_MD_RMD160, 0))
143
/* FIXME: Why the hell are we updating DIGEST here??? */
144
gcry_md_putc( digest, sig->pubkey_algo );
145
gcry_md_putc( digest, sig->digest_algo );
146
gcry_md_putc( digest, (a >> 24) & 0xff );
147
gcry_md_putc( digest, (a >> 16) & 0xff );
148
gcry_md_putc( digest, (a >> 8) & 0xff );
149
gcry_md_putc( digest, a & 0xff );
150
for(i=0; i < nsig; i++ ) {
154
if (gcry_mpi_aprint (GCRYMPI_FMT_USG, &tmp, &n, sig->data[i]))
156
gcry_md_write (md, tmp, n);
160
p = make_radix64_string ( gcry_md_read( md, 0 ), 20 );
161
buffer = xmalloc( strlen(p) + 60 );
162
sprintf( buffer, "%s %s %lu",
163
p, strtimestamp( sig->timestamp ), (ulong)sig->timestamp );
164
write_status_text( STATUS_SIG_ID, buffer );
147
int nsig = pubkey_get_nsig( sig->pubkey_algo );
148
unsigned char *p, *buffer;
154
for (i=0; i < nsig; i++ )
156
if (gcry_mpi_print (GCRYMPI_FMT_USG, NULL, 0, &n, sig->data[i]))
161
/* Make buffer large enough to be later used as output buffer. */
164
nbytes += 10; /* Safety margin. */
166
/* Fill and hash buffer. */
167
buffer = p = xmalloc (nbytes);
168
*p++ = sig->pubkey_algo;
169
*p++ = sig->digest_algo;
170
*p++ = (a >> 24) & 0xff;
171
*p++ = (a >> 16) & 0xff;
172
*p++ = (a >> 8) & 0xff;
175
for (i=0; i < nsig; i++ )
177
if (gcry_mpi_print (GCRYMPI_FMT_PGP, p, nbytes, &n, sig->data[i]))
182
gcry_md_hash_buffer (GCRY_MD_SHA1, hashbuf, buffer, p-buffer);
184
p = make_radix64_string (hashbuf, 20);
185
sprintf (buffer, "%s %s %lu",
186
p, strtimestamp (sig->timestamp), (ulong)sig->timestamp);
188
write_status_text (STATUS_SIG_ID, buffer);