]>
Commit | Line | Data |
---|---|---|
b6cbc73e AM |
1 | diff -ur /home/users/arekm/rpm/packages/exim/exim-4.71/src/dkim.c src/dkim.c |
2 | --- /home/users/arekm/rpm/packages/exim/exim-4.71/src/dkim.c 2009-11-16 20:50:36.000000000 +0100 | |
3 | +++ src/dkim.c 2009-12-17 12:17:01.778692630 +0100 | |
4 | @@ -1,4 +1,4 @@ | |
5 | -/* $Cambridge: exim/exim-src/src/dkim.c,v 1.10 2009/11/16 19:50:36 nm4 Exp $ */ | |
6 | +/* $Cambridge: exim/exim-src/src/dkim.c,v 1.11 2009/12/15 08:23:15 tom Exp $ */ | |
7 | ||
8 | /************************************************* | |
9 | * Exim - an Internet mail transport agent * | |
10 | @@ -391,6 +391,7 @@ | |
11 | uschar *rc = NULL; | |
12 | pdkim_signature *signature; | |
13 | int pdkim_canon; | |
14 | + int pdkim_rc; | |
15 | int sread; | |
16 | char buf[4096]; | |
17 | int save_errno = 0; | |
18 | @@ -511,8 +512,11 @@ | |
19 | goto CLEANUP; | |
20 | } | |
21 | ||
22 | - if (pdkim_feed_finish(ctx,&signature) != PDKIM_OK) | |
23 | + pdkim_rc = pdkim_feed_finish(ctx,&signature); | |
24 | + if (pdkim_rc != PDKIM_OK) { | |
25 | + log_write(0, LOG_MAIN|LOG_PANIC, "DKIM: signing failed (RC %d)", pdkim_rc); | |
26 | goto CLEANUP; | |
27 | + } | |
28 | ||
29 | rc = store_get(strlen(signature->signature_header)+3); | |
30 | Ustrcpy(rc,US signature->signature_header); | |
31 | diff -ur /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/base64.c src/pdkim/base64.c | |
32 | --- /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/base64.c 2009-06-10 09:34:05.000000000 +0200 | |
33 | +++ src/pdkim/base64.c 2009-12-17 12:17:01.822130396 +0100 | |
34 | @@ -1,9 +1,10 @@ | |
35 | /* | |
36 | * RFC 1521 base64 encoding/decoding | |
37 | * | |
38 | - * Based on XySSL: Copyright (C) 2006-2008 Christophe Devine | |
39 | + * Copyright (C) 2006-2009, Paul Bakker <polarssl_maintainer at polarssl.org> | |
40 | + * All rights reserved. | |
41 | * | |
42 | - * Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org> | |
43 | + * Joined copyright on original XySSL code with: Christophe Devine | |
44 | * | |
45 | * This program is free software; you can redistribute it and/or modify | |
46 | * it under the terms of the GNU General Public License as published by | |
47 | @@ -20,7 +21,7 @@ | |
48 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | |
49 | */ | |
50 | ||
51 | -/* $Cambridge: exim/exim-src/src/pdkim/base64.c,v 1.2 2009/06/10 07:34:05 tom Exp $ */ | |
52 | +/* $Cambridge: exim/exim-src/src/pdkim/base64.c,v 1.3 2009/12/07 13:05:07 tom Exp $ */ | |
53 | ||
54 | #include "base64.h" | |
55 | ||
56 | diff -ur /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/base64.h src/pdkim/base64.h | |
57 | --- /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/base64.h 2009-06-10 09:34:05.000000000 +0200 | |
58 | +++ src/pdkim/base64.h 2009-12-17 12:17:01.822130396 +0100 | |
59 | @@ -1,9 +1,10 @@ | |
60 | /** | |
61 | * \file base64.h | |
62 | * | |
63 | - * Based on XySSL: Copyright (C) 2006-2008 Christophe Devine | |
64 | + * Copyright (C) 2006-2009, Paul Bakker <polarssl_maintainer at polarssl.org> | |
65 | + * All rights reserved. | |
66 | * | |
67 | - * Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org> | |
68 | + * Joined copyright on original XySSL code with: Christophe Devine | |
69 | * | |
70 | * This program is free software; you can redistribute it and/or modify | |
71 | * it under the terms of the GNU General Public License as published by | |
72 | @@ -20,13 +21,13 @@ | |
73 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | |
74 | */ | |
75 | ||
76 | -/* $Cambridge: exim/exim-src/src/pdkim/base64.h,v 1.2 2009/06/10 07:34:05 tom Exp $ */ | |
77 | +/* $Cambridge: exim/exim-src/src/pdkim/base64.h,v 1.3 2009/12/07 13:05:07 tom Exp $ */ | |
78 | ||
79 | #ifndef POLARSSL_BASE64_H | |
80 | #define POLARSSL_BASE64_H | |
81 | ||
82 | -#define POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL -0x0010 | |
83 | -#define POLARSSL_ERR_BASE64_INVALID_CHARACTER -0x0012 | |
84 | +#define POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL 0x0010 | |
85 | +#define POLARSSL_ERR_BASE64_INVALID_CHARACTER 0x0012 | |
86 | ||
87 | #ifdef __cplusplus | |
88 | extern "C" { | |
89 | diff -ur /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/bignum.c src/pdkim/bignum.c | |
90 | --- /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/bignum.c 2009-06-10 09:34:05.000000000 +0200 | |
91 | +++ src/pdkim/bignum.c 2009-12-17 12:17:01.824459747 +0100 | |
92 | @@ -1,9 +1,10 @@ | |
93 | /* | |
94 | * Multi-precision integer library | |
95 | * | |
96 | - * Based on XySSL: Copyright (C) 2006-2008 Christophe Devine | |
97 | + * Copyright (C) 2006-2009, Paul Bakker <polarssl_maintainer at polarssl.org> | |
98 | + * All rights reserved. | |
99 | * | |
100 | - * Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org> | |
101 | + * Joined copyright on original XySSL code with: Christophe Devine | |
102 | * | |
103 | * This program is free software; you can redistribute it and/or modify | |
104 | * it under the terms of the GNU General Public License as published by | |
105 | @@ -27,7 +28,8 @@ | |
106 | * http://math.libtomcrypt.com/files/tommath.pdf | |
107 | */ | |
108 | ||
109 | -/* $Cambridge: exim/exim-src/src/pdkim/bignum.c,v 1.2 2009/06/10 07:34:05 tom Exp $ */ | |
110 | +/* $Cambridge: exim/exim-src/src/pdkim/bignum.c,v 1.3 2009/12/07 13:05:07 tom Exp $ */ | |
111 | + | |
112 | ||
113 | #include "bignum.h" | |
114 | #include "bn_mul.h" | |
115 | @@ -284,7 +286,15 @@ | |
116 | ||
117 | MPI_CHK( mpi_get_digit( &d, radix, s[i] ) ); | |
118 | MPI_CHK( mpi_mul_int( &T, X, radix ) ); | |
119 | - MPI_CHK( mpi_add_int( X, &T, d ) ); | |
120 | + | |
121 | + if( X->s == 1 ) | |
122 | + { | |
123 | + MPI_CHK( mpi_add_int( X, &T, d ) ); | |
124 | + } | |
125 | + else | |
126 | + { | |
127 | + MPI_CHK( mpi_sub_int( X, &T, d ) ); | |
128 | + } | |
129 | } | |
130 | } | |
131 | ||
132 | @@ -372,6 +382,10 @@ | |
133 | else | |
134 | { | |
135 | MPI_CHK( mpi_copy( &T, X ) ); | |
136 | + | |
137 | + if( T.s == -1 ) | |
138 | + T.s = 1; | |
139 | + | |
140 | MPI_CHK( mpi_write_hlp( &T, radix, &p ) ); | |
141 | } | |
142 | ||
143 | @@ -674,6 +688,11 @@ | |
144 | if( X != A ) | |
145 | MPI_CHK( mpi_copy( X, A ) ); | |
146 | ||
147 | + /* | |
148 | + * X should always be positive as a result of unsigned additions. | |
149 | + */ | |
150 | + X->s = 1; | |
151 | + | |
152 | for( j = B->n - 1; j >= 0; j-- ) | |
153 | if( B->p[j] != 0 ) | |
154 | break; | |
155 | @@ -747,6 +766,11 @@ | |
156 | if( X != A ) | |
157 | MPI_CHK( mpi_copy( X, A ) ); | |
158 | ||
159 | + /* | |
160 | + * X should always be positive as a result of unsigned substractions. | |
161 | + */ | |
162 | + X->s = 1; | |
163 | + | |
164 | ret = 0; | |
165 | ||
166 | for( n = B->n - 1; n >= 0; n-- ) | |
167 | @@ -1160,6 +1184,9 @@ | |
168 | { | |
169 | int ret; | |
170 | ||
171 | + if( mpi_cmp_int( B, 0 ) < 0 ) | |
172 | + return POLARSSL_ERR_MPI_NEGATIVE_VALUE; | |
173 | + | |
174 | MPI_CHK( mpi_div_mpi( NULL, R, A, B ) ); | |
175 | ||
176 | while( mpi_cmp_int( R, 0 ) < 0 ) | |
177 | @@ -1185,7 +1212,7 @@ | |
178 | return( POLARSSL_ERR_MPI_DIVISION_BY_ZERO ); | |
179 | ||
180 | if( b < 0 ) | |
181 | - b = -b; | |
182 | + return POLARSSL_ERR_MPI_NEGATIVE_VALUE; | |
183 | ||
184 | /* | |
185 | * handle trivial cases | |
186 | @@ -1218,6 +1245,13 @@ | |
187 | y -= z * b; | |
188 | } | |
189 | ||
190 | + /* | |
191 | + * If A is negative, then the current y represents a negative value. | |
192 | + * Flipping it to the positive side. | |
193 | + */ | |
194 | + if( A->s < 0 && y != 0 ) | |
195 | + y = b - y; | |
196 | + | |
197 | *r = y; | |
198 | ||
199 | return( 0 ); | |
200 | @@ -1474,21 +1508,29 @@ | |
201 | */ | |
202 | int mpi_gcd( mpi *G, mpi *A, mpi *B ) | |
203 | { | |
204 | - int ret; | |
205 | + int ret, lz, lzt; | |
206 | mpi TG, TA, TB; | |
207 | ||
208 | mpi_init( &TG, &TA, &TB, NULL ); | |
209 | ||
210 | - MPI_CHK( mpi_lset( &TG, 1 ) ); | |
211 | MPI_CHK( mpi_copy( &TA, A ) ); | |
212 | MPI_CHK( mpi_copy( &TB, B ) ); | |
213 | ||
214 | + lz = mpi_lsb( &TA ); | |
215 | + lzt = mpi_lsb( &TB ); | |
216 | + | |
217 | + if ( lzt < lz ) | |
218 | + lz = lzt; | |
219 | + | |
220 | + MPI_CHK( mpi_shift_r( &TA, lz ) ); | |
221 | + MPI_CHK( mpi_shift_r( &TB, lz ) ); | |
222 | + | |
223 | TA.s = TB.s = 1; | |
224 | ||
225 | while( mpi_cmp_int( &TA, 0 ) != 0 ) | |
226 | { | |
227 | - while( ( TA.p[0] & 1 ) == 0 ) MPI_CHK( mpi_shift_r( &TA, 1 ) ); | |
228 | - while( ( TB.p[0] & 1 ) == 0 ) MPI_CHK( mpi_shift_r( &TB, 1 ) ); | |
229 | + MPI_CHK( mpi_shift_r( &TA, mpi_lsb( &TA ) ) ); | |
230 | + MPI_CHK( mpi_shift_r( &TB, mpi_lsb( &TB ) ) ); | |
231 | ||
232 | if( mpi_cmp_mpi( &TA, &TB ) >= 0 ) | |
233 | { | |
234 | @@ -1502,7 +1544,8 @@ | |
235 | } | |
236 | } | |
237 | ||
238 | - MPI_CHK( mpi_mul_mpi( G, &TG, &TB ) ); | |
239 | + MPI_CHK( mpi_shift_l( &TB, lz ) ); | |
240 | + MPI_CHK( mpi_copy( G, &TB ) ); | |
241 | ||
242 | cleanup: | |
243 | ||
244 | @@ -1511,6 +1554,8 @@ | |
245 | return( ret ); | |
246 | } | |
247 | ||
248 | +#if defined(POLARSSL_GENPRIME) | |
249 | + | |
250 | /* | |
251 | * Modular inverse: X = A^-1 mod N (HAC 14.61 / 14.64) | |
252 | */ | |
253 | @@ -1638,7 +1683,11 @@ | |
254 | mpi W, R, T, A, RR; | |
255 | unsigned char *p; | |
256 | ||
257 | - if( mpi_cmp_int( X, 0 ) == 0 ) | |
258 | + if( mpi_cmp_int( X, 0 ) == 0 || | |
259 | + mpi_cmp_int( X, 1 ) == 0 ) | |
260 | + return( POLARSSL_ERR_MPI_NOT_ACCEPTABLE ); | |
261 | + | |
262 | + if( mpi_cmp_int( X, 2 ) == 0 ) | |
263 | return( 0 ); | |
264 | ||
265 | mpi_init( &W, &R, &T, &A, &RR, NULL ); | |
266 | @@ -1811,3 +1860,5 @@ | |
267 | ||
268 | return( ret ); | |
269 | } | |
270 | + | |
271 | +#endif | |
272 | diff -ur /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/bignum.h src/pdkim/bignum.h | |
273 | --- /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/bignum.h 2009-06-10 09:34:05.000000000 +0200 | |
274 | +++ src/pdkim/bignum.h 2009-12-17 12:17:01.824459747 +0100 | |
275 | @@ -1,9 +1,10 @@ | |
276 | /** | |
277 | * \file bignum.h | |
278 | * | |
279 | - * Based on XySSL: Copyright (C) 2006-2008 Christophe Devine | |
280 | + * Copyright (C) 2006-2009, Paul Bakker <polarssl_maintainer at polarssl.org> | |
281 | + * All rights reserved. | |
282 | * | |
283 | - * Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org> | |
284 | + * Joined copyright on original XySSL code with: Christophe Devine | |
285 | * | |
286 | * This program is free software; you can redistribute it and/or modify | |
287 | * it under the terms of the GNU General Public License as published by | |
288 | @@ -20,20 +21,20 @@ | |
289 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | |
290 | */ | |
291 | ||
292 | -/* $Cambridge: exim/exim-src/src/pdkim/bignum.h,v 1.2 2009/06/10 07:34:05 tom Exp $ */ | |
293 | +/* $Cambridge: exim/exim-src/src/pdkim/bignum.h,v 1.3 2009/12/07 13:05:07 tom Exp $ */ | |
294 | ||
295 | #ifndef POLARSSL_BIGNUM_H | |
296 | #define POLARSSL_BIGNUM_H | |
297 | ||
298 | #include <stdio.h> | |
299 | ||
300 | -#define POLARSSL_ERR_MPI_FILE_IO_ERROR -0x0002 | |
301 | -#define POLARSSL_ERR_MPI_BAD_INPUT_DATA -0x0004 | |
302 | -#define POLARSSL_ERR_MPI_INVALID_CHARACTER -0x0006 | |
303 | -#define POLARSSL_ERR_MPI_BUFFER_TOO_SMALL -0x0008 | |
304 | -#define POLARSSL_ERR_MPI_NEGATIVE_VALUE -0x000A | |
305 | -#define POLARSSL_ERR_MPI_DIVISION_BY_ZERO -0x000C | |
306 | -#define POLARSSL_ERR_MPI_NOT_ACCEPTABLE -0x000E | |
307 | +#define POLARSSL_ERR_MPI_FILE_IO_ERROR 0x0002 | |
308 | +#define POLARSSL_ERR_MPI_BAD_INPUT_DATA 0x0004 | |
309 | +#define POLARSSL_ERR_MPI_INVALID_CHARACTER 0x0006 | |
310 | +#define POLARSSL_ERR_MPI_BUFFER_TOO_SMALL 0x0008 | |
311 | +#define POLARSSL_ERR_MPI_NEGATIVE_VALUE 0x000A | |
312 | +#define POLARSSL_ERR_MPI_DIVISION_BY_ZERO 0x000C | |
313 | +#define POLARSSL_ERR_MPI_NOT_ACCEPTABLE 0x000E | |
314 | ||
315 | #define MPI_CHK(f) if( ( ret = f ) != 0 ) goto cleanup | |
316 | ||
317 | @@ -57,7 +58,9 @@ | |
318 | defined(__ia64__) || defined(__alpha__) | |
319 | typedef unsigned int t_dbl __attribute__((mode(TI))); | |
320 | #else | |
321 | - typedef unsigned long long t_dbl; | |
322 | + #if defined(POLARSSL_HAVE_LONGLONG) | |
323 | + typedef unsigned long long t_dbl; | |
324 | + #endif | |
325 | #endif | |
326 | #endif | |
327 | #endif | |
328 | @@ -91,6 +94,9 @@ | |
329 | /** | |
330 | * \brief Enlarge to the specified number of limbs | |
331 | * | |
332 | + * \param X MPI to grow | |
333 | + * \param nblimbs The target number of limbs | |
334 | + * | |
335 | * \return 0 if successful, | |
336 | * 1 if memory allocation failed | |
337 | */ | |
338 | @@ -99,6 +105,9 @@ | |
339 | /** | |
340 | * \brief Copy the contents of Y into X | |
341 | * | |
342 | + * \param X Destination MPI | |
343 | + * \param Y Source MPI | |
344 | + * | |
345 | * \return 0 if successful, | |
346 | * 1 if memory allocation failed | |
347 | */ | |
348 | @@ -106,12 +115,18 @@ | |
349 | ||
350 | /** | |
351 | * \brief Swap the contents of X and Y | |
352 | + * | |
353 | + * \param X First MPI value | |
354 | + * \param Y Second MPI value | |
355 | */ | |
356 | void mpi_swap( mpi *X, mpi *Y ); | |
357 | ||
358 | /** | |
359 | * \brief Set value from integer | |
360 | * | |
361 | + * \param X MPI to set | |
362 | + * \param z Value to use | |
363 | + * | |
364 | * \return 0 if successful, | |
365 | * 1 if memory allocation failed | |
366 | */ | |
367 | @@ -119,25 +134,31 @@ | |
368 | ||
369 | /** | |
370 | * \brief Return the number of least significant bits | |
371 | + * | |
372 | + * \param X MPI to use | |
373 | */ | |
374 | int mpi_lsb( mpi *X ); | |
375 | ||
376 | /** | |
377 | * \brief Return the number of most significant bits | |
378 | + * | |
379 | + * \param X MPI to use | |
380 | */ | |
381 | int mpi_msb( mpi *X ); | |
382 | ||
383 | /** | |
384 | * \brief Return the total size in bytes | |
385 | + * | |
386 | + * \param X MPI to use | |
387 | */ | |
388 | int mpi_size( mpi *X ); | |
389 | ||
390 | /** | |
391 | * \brief Import from an ASCII string | |
392 | * | |
393 | - * \param X destination mpi | |
394 | - * \param radix input numeric base | |
395 | - * \param s null-terminated string buffer | |
396 | + * \param X Destination MPI | |
397 | + * \param radix Input numeric base | |
398 | + * \param s Null-terminated string buffer | |
399 | * | |
400 | * \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code | |
401 | */ | |
402 | @@ -146,10 +167,10 @@ | |
403 | /** | |
404 | * \brief Export into an ASCII string | |
405 | * | |
406 | - * \param X source mpi | |
407 | - * \param radix output numeric base | |
408 | - * \param s string buffer | |
409 | - * \param slen string buffer size | |
410 | + * \param X Source MPI | |
411 | + * \param radix Output numeric base | |
412 | + * \param s String buffer | |
413 | + * \param slen String buffer size | |
414 | * | |
415 | * \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code | |
416 | * | |
417 | @@ -161,21 +182,21 @@ | |
418 | /** | |
419 | * \brief Read X from an opened file | |
420 | * | |
421 | - * \param X destination mpi | |
422 | - * \param radix input numeric base | |
423 | - * \param fin input file handle | |
424 | + * \param X Destination MPI | |
425 | + * \param radix Input numeric base | |
426 | + * \param fin Input file handle | |
427 | * | |
428 | * \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code | |
429 | */ | |
430 | int mpi_read_file( mpi *X, int radix, FILE *fin ); | |
431 | ||
432 | /** | |
433 | - * \brief Write X into an opened file, or stdout | |
434 | + * \brief Write X into an opened file, or stdout if fout is NULL | |
435 | * | |
436 | - * \param p prefix, can be NULL | |
437 | - * \param X source mpi | |
438 | - * \param radix output numeric base | |
439 | - * \param fout output file handle | |
440 | + * \param p Prefix, can be NULL | |
441 | + * \param X Source MPI | |
442 | + * \param radix Output numeric base | |
443 | + * \param fout Output file handle (can be NULL) | |
444 | * | |
445 | * \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code | |
446 | * | |
447 | @@ -186,9 +207,9 @@ | |
448 | /** | |
449 | * \brief Import X from unsigned binary data, big endian | |
450 | * | |
451 | - * \param X destination mpi | |
452 | - * \param buf input buffer | |
453 | - * \param buflen input buffer size | |
454 | + * \param X Destination MPI | |
455 | + * \param buf Input buffer | |
456 | + * \param buflen Input buffer size | |
457 | * | |
458 | * \return 0 if successful, | |
459 | * 1 if memory allocation failed | |
460 | @@ -198,21 +219,21 @@ | |
461 | /** | |
462 | * \brief Export X into unsigned binary data, big endian | |
463 | * | |
464 | - * \param X source mpi | |
465 | - * \param buf output buffer | |
466 | - * \param buflen output buffer size | |
467 | + * \param X Source MPI | |
468 | + * \param buf Output buffer | |
469 | + * \param buflen Output buffer size | |
470 | * | |
471 | * \return 0 if successful, | |
472 | * POLARSSL_ERR_MPI_BUFFER_TOO_SMALL if buf isn't large enough | |
473 | - * | |
474 | - * \note Call this function with *buflen = 0 to obtain the | |
475 | - * minimum required buffer size in *buflen. | |
476 | */ | |
477 | int mpi_write_binary( mpi *X, unsigned char *buf, int buflen ); | |
478 | ||
479 | /** | |
480 | * \brief Left-shift: X <<= count | |
481 | * | |
482 | + * \param X MPI to shift | |
483 | + * \param count Amount to shift | |
484 | + * | |
485 | * \return 0 if successful, | |
486 | * 1 if memory allocation failed | |
487 | */ | |
488 | @@ -221,6 +242,9 @@ | |
489 | /** | |
490 | * \brief Right-shift: X >>= count | |
491 | * | |
492 | + * \param X MPI to shift | |
493 | + * \param count Amount to shift | |
494 | + * | |
495 | * \return 0 if successful, | |
496 | * 1 if memory allocation failed | |
497 | */ | |
498 | @@ -229,6 +253,9 @@ | |
499 | /** | |
500 | * \brief Compare unsigned values | |
501 | * | |
502 | + * \param X Left-hand MPI | |
503 | + * \param Y Right-hand MPI | |
504 | + * | |
505 | * \return 1 if |X| is greater than |Y|, | |
506 | * -1 if |X| is lesser than |Y| or | |
507 | * 0 if |X| is equal to |Y| | |
508 | @@ -238,6 +265,9 @@ | |
509 | /** | |
510 | * \brief Compare signed values | |
511 | * | |
512 | + * \param X Left-hand MPI | |
513 | + * \param Y Right-hand MPI | |
514 | + * | |
515 | * \return 1 if X is greater than Y, | |
516 | * -1 if X is lesser than Y or | |
517 | * 0 if X is equal to Y | |
518 | @@ -247,6 +277,9 @@ | |
519 | /** | |
520 | * \brief Compare signed values | |
521 | * | |
522 | + * \param X Left-hand MPI | |
523 | + * \param z The integer value to compare to | |
524 | + * | |
525 | * \return 1 if X is greater than z, | |
526 | * -1 if X is lesser than z or | |
527 | * 0 if X is equal to z | |
528 | @@ -256,6 +289,10 @@ | |
529 | /** | |
530 | * \brief Unsigned addition: X = |A| + |B| | |
531 | * | |
532 | + * \param X Destination MPI | |
533 | + * \param A Left-hand MPI | |
534 | + * \param B Right-hand MPI | |
535 | + * | |
536 | * \return 0 if successful, | |
537 | * 1 if memory allocation failed | |
538 | */ | |
539 | @@ -264,6 +301,10 @@ | |
540 | /** | |
541 | * \brief Unsigned substraction: X = |A| - |B| | |
542 | * | |
543 | + * \param X Destination MPI | |
544 | + * \param A Left-hand MPI | |
545 | + * \param B Right-hand MPI | |
546 | + * | |
547 | * \return 0 if successful, | |
548 | * POLARSSL_ERR_MPI_NEGATIVE_VALUE if B is greater than A | |
549 | */ | |
550 | @@ -272,6 +313,10 @@ | |
551 | /** | |
552 | * \brief Signed addition: X = A + B | |
553 | * | |
554 | + * \param X Destination MPI | |
555 | + * \param A Left-hand MPI | |
556 | + * \param B Right-hand MPI | |
557 | + * | |
558 | * \return 0 if successful, | |
559 | * 1 if memory allocation failed | |
560 | */ | |
561 | @@ -280,6 +325,10 @@ | |
562 | /** | |
563 | * \brief Signed substraction: X = A - B | |
564 | * | |
565 | + * \param X Destination MPI | |
566 | + * \param A Left-hand MPI | |
567 | + * \param B Right-hand MPI | |
568 | + * | |
569 | * \return 0 if successful, | |
570 | * 1 if memory allocation failed | |
571 | */ | |
572 | @@ -288,6 +337,10 @@ | |
573 | /** | |
574 | * \brief Signed addition: X = A + b | |
575 | * | |
576 | + * \param X Destination MPI | |
577 | + * \param A Left-hand MPI | |
578 | + * \param b The integer value to add | |
579 | + * | |
580 | * \return 0 if successful, | |
581 | * 1 if memory allocation failed | |
582 | */ | |
583 | @@ -296,6 +349,10 @@ | |
584 | /** | |
585 | * \brief Signed substraction: X = A - b | |
586 | * | |
587 | + * \param X Destination MPI | |
588 | + * \param A Left-hand MPI | |
589 | + * \param b The integer value to subtract | |
590 | + * | |
591 | * \return 0 if successful, | |
592 | * 1 if memory allocation failed | |
593 | */ | |
594 | @@ -304,6 +361,10 @@ | |
595 | /** | |
596 | * \brief Baseline multiplication: X = A * B | |
597 | * | |
598 | + * \param X Destination MPI | |
599 | + * \param A Left-hand MPI | |
600 | + * \param B Right-hand MPI | |
601 | + * | |
602 | * \return 0 if successful, | |
603 | * 1 if memory allocation failed | |
604 | */ | |
605 | @@ -311,6 +372,12 @@ | |
606 | ||
607 | /** | |
608 | * \brief Baseline multiplication: X = A * b | |
609 | + * Note: b is an unsigned integer type, thus | |
610 | + * Negative values of b are ignored. | |
611 | + * | |
612 | + * \param X Destination MPI | |
613 | + * \param A Left-hand MPI | |
614 | + * \param b The integer value to multiply with | |
615 | * | |
616 | * \return 0 if successful, | |
617 | * 1 if memory allocation failed | |
618 | @@ -320,6 +387,11 @@ | |
619 | /** | |
620 | * \brief Division by mpi: A = Q * B + R | |
621 | * | |
622 | + * \param Q Destination MPI for the quotient | |
623 | + * \param R Destination MPI for the rest value | |
624 | + * \param A Left-hand MPI | |
625 | + * \param B Right-hand MPI | |
626 | + * | |
627 | * \return 0 if successful, | |
628 | * 1 if memory allocation failed, | |
629 | * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0 | |
630 | @@ -331,6 +403,11 @@ | |
631 | /** | |
632 | * \brief Division by int: A = Q * b + R | |
633 | * | |
634 | + * \param Q Destination MPI for the quotient | |
635 | + * \param R Destination MPI for the rest value | |
636 | + * \param A Left-hand MPI | |
637 | + * \param b Integer to divide by | |
638 | + * | |
639 | * \return 0 if successful, | |
640 | * 1 if memory allocation failed, | |
641 | * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0 | |
642 | @@ -342,24 +419,40 @@ | |
643 | /** | |
644 | * \brief Modulo: R = A mod B | |
645 | * | |
646 | + * \param R Destination MPI for the rest value | |
647 | + * \param A Left-hand MPI | |
648 | + * \param B Right-hand MPI | |
649 | + * | |
650 | * \return 0 if successful, | |
651 | * 1 if memory allocation failed, | |
652 | - * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0 | |
653 | + * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0, | |
654 | + * POLARSSL_ERR_MPI_NEGATIVE_VALUE if B < 0 | |
655 | */ | |
656 | int mpi_mod_mpi( mpi *R, mpi *A, mpi *B ); | |
657 | ||
658 | /** | |
659 | * \brief Modulo: r = A mod b | |
660 | * | |
661 | + * \param a Destination t_int | |
662 | + * \param A Left-hand MPI | |
663 | + * \param b Integer to divide by | |
664 | + * | |
665 | * \return 0 if successful, | |
666 | * 1 if memory allocation failed, | |
667 | - * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0 | |
668 | + * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0, | |
669 | + * POLARSSL_ERR_MPI_NEGATIVE_VALUE if b < 0 | |
670 | */ | |
671 | int mpi_mod_int( t_int *r, mpi *A, int b ); | |
672 | ||
673 | /** | |
674 | * \brief Sliding-window exponentiation: X = A^E mod N | |
675 | * | |
676 | + * \param X Destination MPI | |
677 | + * \param A Left-hand MPI | |
678 | + * \param E Exponent MPI | |
679 | + * \param N Modular MPI | |
680 | + * \param _RR Speed-up MPI used for recalculations | |
681 | + * | |
682 | * \return 0 if successful, | |
683 | * 1 if memory allocation failed, | |
684 | * POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or even | |
685 | @@ -373,6 +466,10 @@ | |
686 | /** | |
687 | * \brief Greatest common divisor: G = gcd(A, B) | |
688 | * | |
689 | + * \param G Destination MPI | |
690 | + * \param A Left-hand MPI | |
691 | + * \param B Right-hand MPI | |
692 | + * | |
693 | * \return 0 if successful, | |
694 | * 1 if memory allocation failed | |
695 | */ | |
696 | @@ -381,13 +478,46 @@ | |
697 | /** | |
698 | * \brief Modular inverse: X = A^-1 mod N | |
699 | * | |
700 | + * \param X Destination MPI | |
701 | + * \param A Left-hand MPI | |
702 | + * \param N Right-hand MPI | |
703 | + * | |
704 | * \return 0 if successful, | |
705 | * 1 if memory allocation failed, | |
706 | * POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or nil | |
707 | - * POLARSSL_ERR_MPI_NOT_ACCEPTABLE if A has no inverse mod N | |
708 | + POLARSSL_ERR_MPI_NOT_ACCEPTABLE if A has no inverse mod N | |
709 | */ | |
710 | int mpi_inv_mod( mpi *X, mpi *A, mpi *N ); | |
711 | ||
712 | +/** | |
713 | + * \brief Miller-Rabin primality test | |
714 | + * | |
715 | + * \param X MPI to check | |
716 | + * \param f_rng RNG function | |
717 | + * \param p_rng RNG parameter | |
718 | + * | |
719 | + * \return 0 if successful (probably prime), | |
720 | + * 1 if memory allocation failed, | |
721 | + * POLARSSL_ERR_MPI_NOT_ACCEPTABLE if X is not prime | |
722 | + */ | |
723 | +int mpi_is_prime( mpi *X, int (*f_rng)(void *), void *p_rng ); | |
724 | + | |
725 | +/** | |
726 | + * \brief Prime number generation | |
727 | + * | |
728 | + * \param X Destination MPI | |
729 | + * \param nbits Required size of X in bits | |
730 | + * \param dh_flag If 1, then (X-1)/2 will be prime too | |
731 | + * \param f_rng RNG function | |
732 | + * \param p_rng RNG parameter | |
733 | + * | |
734 | + * \return 0 if successful (probably prime), | |
735 | + * 1 if memory allocation failed, | |
736 | + * POLARSSL_ERR_MPI_BAD_INPUT_DATA if nbits is < 3 | |
737 | + */ | |
738 | +int mpi_gen_prime( mpi *X, int nbits, int dh_flag, | |
739 | + int (*f_rng)(void *), void *p_rng ); | |
740 | + | |
741 | #ifdef __cplusplus | |
742 | } | |
743 | #endif | |
744 | diff -ur /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/bn_mul.h src/pdkim/bn_mul.h | |
745 | --- /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/bn_mul.h 2009-06-10 09:34:05.000000000 +0200 | |
746 | +++ src/pdkim/bn_mul.h 2009-12-17 12:17:01.824459747 +0100 | |
747 | @@ -1,9 +1,10 @@ | |
748 | /** | |
749 | * \file bn_mul.h | |
750 | * | |
751 | - * Based on XySSL: Copyright (C) 2006-2008 Christophe Devine | |
752 | + * Copyright (C) 2006-2009, Paul Bakker <polarssl_maintainer at polarssl.org> | |
753 | + * All rights reserved. | |
754 | * | |
755 | - * Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org> | |
756 | + * Joined copyright on original XySSL code with: Christophe Devine | |
757 | * | |
758 | * This program is free software; you can redistribute it and/or modify | |
759 | * it under the terms of the GNU General Public License as published by | |
760 | @@ -34,7 +35,7 @@ | |
761 | * . C, longlong . C, generic | |
762 | */ | |
763 | ||
764 | -/* $Cambridge: exim/exim-src/src/pdkim/bn_mul.h,v 1.2 2009/06/10 07:34:05 tom Exp $ */ | |
765 | +/* $Cambridge: exim/exim-src/src/pdkim/bn_mul.h,v 1.3 2009/12/07 13:05:07 tom Exp $ */ | |
766 | ||
767 | #ifndef POLARSSL_BN_MUL_H | |
768 | #define POLARSSL_BN_MUL_H | |
769 | @@ -44,105 +45,120 @@ | |
770 | #if defined(__GNUC__) | |
771 | #if defined(__i386__) | |
772 | ||
773 | -#define MULADDC_INIT \ | |
774 | - asm( "movl %%ebx, %0 " : "=m" (t)); \ | |
775 | - asm( "movl %0, %%esi " :: "m" (s)); \ | |
776 | - asm( "movl %0, %%edi " :: "m" (d)); \ | |
777 | - asm( "movl %0, %%ecx " :: "m" (c)); \ | |
778 | - asm( "movl %0, %%ebx " :: "m" (b)); | |
779 | - | |
780 | -#define MULADDC_CORE \ | |
781 | - asm( "lodsl " ); \ | |
782 | - asm( "mull %ebx " ); \ | |
783 | - asm( "addl %ecx, %eax " ); \ | |
784 | - asm( "adcl $0, %edx " ); \ | |
785 | - asm( "addl (%edi), %eax " ); \ | |
786 | - asm( "adcl $0, %edx " ); \ | |
787 | - asm( "movl %edx, %ecx " ); \ | |
788 | - asm( "stosl " ); | |
789 | +#define MULADDC_INIT \ | |
790 | + asm( " \ | |
791 | + movl %%ebx, %0; \ | |
792 | + movl %5, %%esi; \ | |
793 | + movl %6, %%edi; \ | |
794 | + movl %7, %%ecx; \ | |
795 | + movl %8, %%ebx; \ | |
796 | + " | |
797 | + | |
798 | +#define MULADDC_CORE \ | |
799 | + " \ | |
800 | + lodsl; \ | |
801 | + mull %%ebx; \ | |
802 | + addl %%ecx, %%eax; \ | |
803 | + adcl $0, %%edx; \ | |
804 | + addl (%%edi), %%eax; \ | |
805 | + adcl $0, %%edx; \ | |
806 | + movl %%edx, %%ecx; \ | |
807 | + stosl; \ | |
808 | + " | |
809 | ||
810 | #if defined(POLARSSL_HAVE_SSE2) | |
811 | ||
812 | -#define MULADDC_HUIT \ | |
813 | - asm( "movd %ecx, %mm1 " ); \ | |
814 | - asm( "movd %ebx, %mm0 " ); \ | |
815 | - asm( "movd (%edi), %mm3 " ); \ | |
816 | - asm( "paddq %mm3, %mm1 " ); \ | |
817 | - asm( "movd (%esi), %mm2 " ); \ | |
818 | - asm( "pmuludq %mm0, %mm2 " ); \ | |
819 | - asm( "movd 4(%esi), %mm4 " ); \ | |
820 | - asm( "pmuludq %mm0, %mm4 " ); \ | |
821 | - asm( "movd 8(%esi), %mm6 " ); \ | |
822 | - asm( "pmuludq %mm0, %mm6 " ); \ | |
823 | - asm( "movd 12(%esi), %mm7 " ); \ | |
824 | - asm( "pmuludq %mm0, %mm7 " ); \ | |
825 | - asm( "paddq %mm2, %mm1 " ); \ | |
826 | - asm( "movd 4(%edi), %mm3 " ); \ | |
827 | - asm( "paddq %mm4, %mm3 " ); \ | |
828 | - asm( "movd 8(%edi), %mm5 " ); \ | |
829 | - asm( "paddq %mm6, %mm5 " ); \ | |
830 | - asm( "movd 12(%edi), %mm4 " ); \ | |
831 | - asm( "paddq %mm4, %mm7 " ); \ | |
832 | - asm( "movd %mm1, (%edi) " ); \ | |
833 | - asm( "movd 16(%esi), %mm2 " ); \ | |
834 | - asm( "pmuludq %mm0, %mm2 " ); \ | |
835 | - asm( "psrlq $32, %mm1 " ); \ | |
836 | - asm( "movd 20(%esi), %mm4 " ); \ | |
837 | - asm( "pmuludq %mm0, %mm4 " ); \ | |
838 | - asm( "paddq %mm3, %mm1 " ); \ | |
839 | - asm( "movd 24(%esi), %mm6 " ); \ | |
840 | - asm( "pmuludq %mm0, %mm6 " ); \ | |
841 | - asm( "movd %mm1, 4(%edi) " ); \ | |
842 | - asm( "psrlq $32, %mm1 " ); \ | |
843 | - asm( "movd 28(%esi), %mm3 " ); \ | |
844 | - asm( "pmuludq %mm0, %mm3 " ); \ | |
845 | - asm( "paddq %mm5, %mm1 " ); \ | |
846 | - asm( "movd 16(%edi), %mm5 " ); \ | |
847 | - asm( "paddq %mm5, %mm2 " ); \ | |
848 | - asm( "movd %mm1, 8(%edi) " ); \ | |
849 | - asm( "psrlq $32, %mm1 " ); \ | |
850 | - asm( "paddq %mm7, %mm1 " ); \ | |
851 | - asm( "movd 20(%edi), %mm5 " ); \ | |
852 | - asm( "paddq %mm5, %mm4 " ); \ | |
853 | - asm( "movd %mm1, 12(%edi) " ); \ | |
854 | - asm( "psrlq $32, %mm1 " ); \ | |
855 | - asm( "paddq %mm2, %mm1 " ); \ | |
856 | - asm( "movd 24(%edi), %mm5 " ); \ | |
857 | - asm( "paddq %mm5, %mm6 " ); \ | |
858 | - asm( "movd %mm1, 16(%edi) " ); \ | |
859 | - asm( "psrlq $32, %mm1 " ); \ | |
860 | - asm( "paddq %mm4, %mm1 " ); \ | |
861 | - asm( "movd 28(%edi), %mm5 " ); \ | |
862 | - asm( "paddq %mm5, %mm3 " ); \ | |
863 | - asm( "movd %mm1, 20(%edi) " ); \ | |
864 | - asm( "psrlq $32, %mm1 " ); \ | |
865 | - asm( "paddq %mm6, %mm1 " ); \ | |
866 | - asm( "movd %mm1, 24(%edi) " ); \ | |
867 | - asm( "psrlq $32, %mm1 " ); \ | |
868 | - asm( "paddq %mm3, %mm1 " ); \ | |
869 | - asm( "movd %mm1, 28(%edi) " ); \ | |
870 | - asm( "addl $32, %edi " ); \ | |
871 | - asm( "addl $32, %esi " ); \ | |
872 | - asm( "psrlq $32, %mm1 " ); \ | |
873 | - asm( "movd %mm1, %ecx " ); | |
874 | - | |
875 | -#define MULADDC_STOP \ | |
876 | - asm( "emms " ); \ | |
877 | - asm( "movl %0, %%ebx " :: "m" (t)); \ | |
878 | - asm( "movl %%ecx, %0 " : "=m" (c)); \ | |
879 | - asm( "movl %%edi, %0 " : "=m" (d)); \ | |
880 | - asm( "movl %%esi, %0 " : "=m" (s) :: \ | |
881 | - "eax", "ecx", "edx", "esi", "edi" ); | |
882 | +#define MULADDC_HUIT \ | |
883 | + " \ | |
884 | + movd %%ecx, %%mm1; \ | |
885 | + movd %%ebx, %%mm0; \ | |
886 | + movd (%%edi), %%mm3; \ | |
887 | + paddq %%mm3, %%mm1; \ | |
888 | + movd (%%esi), %%mm2; \ | |
889 | + pmuludq %%mm0, %%mm2; \ | |
890 | + movd 4(%%esi), %%mm4; \ | |
891 | + pmuludq %%mm0, %%mm4; \ | |
892 | + movd 8(%%esi), %%mm6; \ | |
893 | + pmuludq %%mm0, %%mm6; \ | |
894 | + movd 12(%%esi), %%mm7; \ | |
895 | + pmuludq %%mm0, %%mm7; \ | |
896 | + paddq %%mm2, %%mm1; \ | |
897 | + movd 4(%%edi), %%mm3; \ | |
898 | + paddq %%mm4, %%mm3; \ | |
899 | + movd 8(%%edi), %%mm5; \ | |
900 | + paddq %%mm6, %%mm5; \ | |
901 | + movd 12(%%edi), %%mm4; \ | |
902 | + paddq %%mm4, %%mm7; \ | |
903 | + movd %%mm1, (%%edi); \ | |
904 | + movd 16(%%esi), %%mm2; \ | |
905 | + pmuludq %%mm0, %%mm2; \ | |
906 | + psrlq $32, %%mm1; \ | |
907 | + movd 20(%%esi), %%mm4; \ | |
908 | + pmuludq %%mm0, %%mm4; \ | |
909 | + paddq %%mm3, %%mm1; \ | |
910 | + movd 24(%%esi), %%mm6; \ | |
911 | + pmuludq %%mm0, %%mm6; \ | |
912 | + movd %%mm1, 4(%%edi); \ | |
913 | + psrlq $32, %%mm1; \ | |
914 | + movd 28(%%esi), %%mm3; \ | |
915 | + pmuludq %%mm0, %%mm3; \ | |
916 | + paddq %%mm5, %%mm1; \ | |
917 | + movd 16(%%edi), %%mm5; \ | |
918 | + paddq %%mm5, %%mm2; \ | |
919 | + movd %%mm1, 8(%%edi); \ | |
920 | + psrlq $32, %%mm1; \ | |
921 | + paddq %%mm7, %%mm1; \ | |
922 | + movd 20(%%edi), %%mm5; \ | |
923 | + paddq %%mm5, %%mm4; \ | |
924 | + movd %%mm1, 12(%%edi); \ | |
925 | + psrlq $32, %%mm1; \ | |
926 | + paddq %%mm2, %%mm1; \ | |
927 | + movd 24(%%edi), %%mm5; \ | |
928 | + paddq %%mm5, %%mm6; \ | |
929 | + movd %%mm1, 16(%%edi); \ | |
930 | + psrlq $32, %%mm1; \ | |
931 | + paddq %%mm4, %%mm1; \ | |
932 | + movd 28(%%edi), %%mm5; \ | |
933 | + paddq %%mm5, %%mm3; \ | |
934 | + movd %%mm1, 20(%%edi); \ | |
935 | + psrlq $32, %%mm1; \ | |
936 | + paddq %%mm6, %%mm1; \ | |
937 | + movd %%mm1, 24(%%edi); \ | |
938 | + psrlq $32, %%mm1; \ | |
939 | + paddq %%mm3, %%mm1; \ | |
940 | + movd %%mm1, 28(%%edi); \ | |
941 | + addl $32, %%edi; \ | |
942 | + addl $32, %%esi; \ | |
943 | + psrlq $32, %%mm1; \ | |
944 | + movd %%mm1, %%ecx; \ | |
945 | + " | |
946 | + | |
947 | +#define MULADDC_STOP \ | |
948 | + " \ | |
949 | + emms; \ | |
950 | + movl %4, %%ebx; \ | |
951 | + movl %%ecx, %1; \ | |
952 | + movl %%edi, %2; \ | |
953 | + movl %%esi, %3; \ | |
954 | + " \ | |
955 | + : "=m" (t), "=m" (c), "=m" (d), "=m" (s) \ | |
956 | + : "m" (t), "m" (s), "m" (d), "m" (c), "m" (b) \ | |
957 | + : "eax", "ecx", "edx", "esi", "edi" \ | |
958 | + ); | |
959 | ||
960 | #else | |
961 | ||
962 | -#define MULADDC_STOP \ | |
963 | - asm( "movl %0, %%ebx " :: "m" (t)); \ | |
964 | - asm( "movl %%ecx, %0 " : "=m" (c)); \ | |
965 | - asm( "movl %%edi, %0 " : "=m" (d)); \ | |
966 | - asm( "movl %%esi, %0 " : "=m" (s) :: \ | |
967 | - "eax", "ecx", "edx", "esi", "edi" ); | |
968 | - | |
969 | +#define MULADDC_STOP \ | |
970 | + " \ | |
971 | + movl %4, %%ebx; \ | |
972 | + movl %%ecx, %1; \ | |
973 | + movl %%edi, %2; \ | |
974 | + movl %%esi, %3; \ | |
975 | + " \ | |
976 | + : "=m" (t), "=m" (c), "=m" (d), "=m" (s) \ | |
977 | + : "m" (t), "m" (s), "m" (d), "m" (c), "m" (b) \ | |
978 | + : "eax", "ecx", "edx", "esi", "edi" \ | |
979 | + ); | |
980 | #endif /* SSE2 */ | |
981 | #endif /* i386 */ | |
982 | ||
983 | diff -ur /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/pdkim.c src/pdkim/pdkim.c | |
984 | --- /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/pdkim.c 2009-11-23 13:34:51.000000000 +0100 | |
985 | +++ src/pdkim/pdkim.c 2009-12-17 12:17:01.824459747 +0100 | |
986 | @@ -20,7 +20,7 @@ | |
987 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | |
988 | */ | |
989 | ||
990 | -/* $Cambridge: exim/exim-src/src/pdkim/pdkim.c,v 1.11 2009/11/23 12:34:51 nm4 Exp $ */ | |
991 | +/* $Cambridge: exim/exim-src/src/pdkim/pdkim.c,v 1.12 2009/12/07 13:05:07 tom Exp $ */ | |
992 | ||
993 | #include <stdlib.h> | |
994 | #include <stdio.h> | |
995 | @@ -822,7 +822,7 @@ | |
996 | pub->srvtype = strdup(cur_val->str); | |
997 | break; | |
998 | case 't': | |
999 | - if (strchr(cur_val->str,'t') != NULL) pub->testing = 1; | |
1000 | + if (strchr(cur_val->str,'y') != NULL) pub->testing = 1; | |
1001 | if (strchr(cur_val->str,'s') != NULL) pub->no_subdomaining = 1; | |
1002 | break; | |
1003 | default: | |
1004 | @@ -1304,7 +1304,7 @@ | |
1005 | #ifdef PDKIM_DEBUG | |
1006 | if (ctx->debug_stream) | |
1007 | fprintf(ctx->debug_stream, | |
1008 | - "PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n"); | |
1009 | + "\nPDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<\n"); | |
1010 | #endif | |
1011 | } | |
1012 | ||
1013 | @@ -1494,7 +1494,7 @@ | |
1014 | ||
1015 | if (rsa_pkcs1_sign( &rsa, RSA_PRIVATE, | |
1016 | ((sig->algo == PDKIM_ALGO_RSA_SHA1)? | |
1017 | - RSA_SHA1:RSA_SHA256), | |
1018 | + SIG_RSA_SHA1:SIG_RSA_SHA256), | |
1019 | 0, | |
1020 | (unsigned char *)headerhash, | |
1021 | (unsigned char *)sig->sigdata ) != 0) { | |
1022 | @@ -1588,7 +1588,7 @@ | |
1023 | if (rsa_pkcs1_verify(&rsa, | |
1024 | RSA_PUBLIC, | |
1025 | ((sig->algo == PDKIM_ALGO_RSA_SHA1)? | |
1026 | - RSA_SHA1:RSA_SHA256), | |
1027 | + SIG_RSA_SHA1:SIG_RSA_SHA256), | |
1028 | 0, | |
1029 | (unsigned char *)headerhash, | |
1030 | (unsigned char *)sig->sigdata) != 0) { | |
1031 | diff -ur /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/rsa.c src/pdkim/rsa.c | |
1032 | --- /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/rsa.c 2009-06-10 09:34:05.000000000 +0200 | |
1033 | +++ src/pdkim/rsa.c 2009-12-17 12:17:01.824459747 +0100 | |
1034 | @@ -1,9 +1,10 @@ | |
1035 | /* | |
1036 | * The RSA public-key cryptosystem | |
1037 | * | |
1038 | - * Based on XySSL: Copyright (C) 2006-2008 Christophe Devine | |
1039 | + * Copyright (C) 2006-2009, Paul Bakker <polarssl_maintainer at polarssl.org> | |
1040 | + * All rights reserved. | |
1041 | * | |
1042 | - * Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org> | |
1043 | + * Joined copyright on original XySSL code with: Christophe Devine | |
1044 | * | |
1045 | * This program is free software; you can redistribute it and/or modify | |
1046 | * it under the terms of the GNU General Public License as published by | |
1047 | @@ -26,7 +27,7 @@ | |
1048 | * http://www.cacr.math.uwaterloo.ca/hac/about/chap8.pdf | |
1049 | */ | |
1050 | ||
1051 | -/* $Cambridge: exim/exim-src/src/pdkim/rsa.c,v 1.2 2009/06/10 07:34:05 tom Exp $ */ | |
1052 | +/* $Cambridge: exim/exim-src/src/pdkim/rsa.c,v 1.3 2009/12/07 13:05:07 tom Exp $ */ | |
1053 | ||
1054 | #include "rsa.h" | |
1055 | #include "base64.h" | |
1056 | @@ -36,6 +37,7 @@ | |
1057 | #include <stdio.h> | |
1058 | ||
1059 | ||
1060 | +/* *************** begin copy from x509parse.c ********************/ | |
1061 | /* | |
1062 | * ASN.1 DER decoding routines | |
1063 | */ | |
1064 | @@ -133,6 +135,8 @@ | |
1065 | ||
1066 | return( ret ); | |
1067 | } | |
1068 | +/* *************** end copy from x509parse.c ********************/ | |
1069 | + | |
1070 | ||
1071 | ||
1072 | /* | |
1073 | @@ -159,6 +163,9 @@ | |
1074 | */ | |
1075 | int rsa_check_pubkey( rsa_context *ctx ) | |
1076 | { | |
1077 | + if( !ctx->N.p || !ctx->E.p ) | |
1078 | + return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ); | |
1079 | + | |
1080 | if( ( ctx->N.p[0] & 1 ) == 0 || | |
1081 | ( ctx->E.p[0] & 1 ) == 0 ) | |
1082 | return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ); | |
1083 | @@ -185,6 +192,9 @@ | |
1084 | if( ( ret = rsa_check_pubkey( ctx ) ) != 0 ) | |
1085 | return( ret ); | |
1086 | ||
1087 | + if( !ctx->P.p || !ctx->Q.p || !ctx->D.p ) | |
1088 | + return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ); | |
1089 | + | |
1090 | mpi_init( &PQ, &DE, &P1, &Q1, &H, &I, &G, NULL ); | |
1091 | ||
1092 | MPI_CHK( mpi_mul_mpi( &PQ, &ctx->P, &ctx->Q ) ); | |
1093 | @@ -355,11 +365,11 @@ | |
1094 | int mode, int *olen, | |
1095 | unsigned char *input, | |
1096 | unsigned char *output, | |
1097 | - int output_max_len) | |
1098 | + int output_max_len) | |
1099 | { | |
1100 | int ret, ilen; | |
1101 | unsigned char *p; | |
1102 | - unsigned char buf[512]; | |
1103 | + unsigned char buf[1024]; | |
1104 | ||
1105 | ilen = ctx->len; | |
1106 | ||
1107 | @@ -397,7 +407,7 @@ | |
1108 | } | |
1109 | ||
1110 | if (ilen - (int)(p - buf) > output_max_len) | |
1111 | - return( POLARSSL_ERR_RSA_OUTPUT_TO_LARGE ); | |
1112 | + return( POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE ); | |
1113 | ||
1114 | *olen = ilen - (int)(p - buf); | |
1115 | memcpy( output, p, *olen ); | |
1116 | @@ -426,24 +436,37 @@ | |
1117 | ||
1118 | switch( hash_id ) | |
1119 | { | |
1120 | - case RSA_RAW: | |
1121 | + case SIG_RSA_RAW: | |
1122 | nb_pad = olen - 3 - hashlen; | |
1123 | break; | |
1124 | ||
1125 | - case RSA_MD2: | |
1126 | - case RSA_MD4: | |
1127 | - case RSA_MD5: | |
1128 | - nb_pad = olen - 3 - 16 - 18; | |
1129 | + case SIG_RSA_MD2: | |
1130 | + case SIG_RSA_MD4: | |
1131 | + case SIG_RSA_MD5: | |
1132 | + nb_pad = olen - 3 - 34; | |
1133 | + break; | |
1134 | + | |
1135 | + case SIG_RSA_SHA1: | |
1136 | + nb_pad = olen - 3 - 35; | |
1137 | + break; | |
1138 | + | |
1139 | + case SIG_RSA_SHA224: | |
1140 | + nb_pad = olen - 3 - 47; | |
1141 | break; | |
1142 | ||
1143 | - case RSA_SHA1: | |
1144 | - nb_pad = olen - 3 - 20 - 15; | |
1145 | + case SIG_RSA_SHA256: | |
1146 | + nb_pad = olen - 3 - 51; | |
1147 | break; | |
1148 | ||
1149 | - case RSA_SHA256: | |
1150 | - nb_pad = olen - 3 - 32 - 19; | |
1151 | + case SIG_RSA_SHA384: | |
1152 | + nb_pad = olen - 3 - 67; | |
1153 | break; | |
1154 | ||
1155 | + case SIG_RSA_SHA512: | |
1156 | + nb_pad = olen - 3 - 83; | |
1157 | + break; | |
1158 | + | |
1159 | + | |
1160 | default: | |
1161 | return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); | |
1162 | } | |
1163 | @@ -465,34 +488,49 @@ | |
1164 | ||
1165 | switch( hash_id ) | |
1166 | { | |
1167 | - case RSA_RAW: | |
1168 | + case SIG_RSA_RAW: | |
1169 | memcpy( p, hash, hashlen ); | |
1170 | break; | |
1171 | ||
1172 | - case RSA_MD2: | |
1173 | + case SIG_RSA_MD2: | |
1174 | memcpy( p, ASN1_HASH_MDX, 18 ); | |
1175 | memcpy( p + 18, hash, 16 ); | |
1176 | p[13] = 2; break; | |
1177 | ||
1178 | - case RSA_MD4: | |
1179 | + case SIG_RSA_MD4: | |
1180 | memcpy( p, ASN1_HASH_MDX, 18 ); | |
1181 | memcpy( p + 18, hash, 16 ); | |
1182 | p[13] = 4; break; | |
1183 | ||
1184 | - case RSA_MD5: | |
1185 | + case SIG_RSA_MD5: | |
1186 | memcpy( p, ASN1_HASH_MDX, 18 ); | |
1187 | memcpy( p + 18, hash, 16 ); | |
1188 | p[13] = 5; break; | |
1189 | ||
1190 | - case RSA_SHA1: | |
1191 | + case SIG_RSA_SHA1: | |
1192 | memcpy( p, ASN1_HASH_SHA1, 15 ); | |
1193 | memcpy( p + 15, hash, 20 ); | |
1194 | break; | |
1195 | ||
1196 | - case RSA_SHA256: | |
1197 | - memcpy( p, ASN1_HASH_SHA256, 19 ); | |
1198 | + case SIG_RSA_SHA224: | |
1199 | + memcpy( p, ASN1_HASH_SHA2X, 19 ); | |
1200 | + memcpy( p + 19, hash, 28 ); | |
1201 | + p[1] += 28; p[14] = 4; p[18] += 28; break; | |
1202 | + | |
1203 | + case SIG_RSA_SHA256: | |
1204 | + memcpy( p, ASN1_HASH_SHA2X, 19 ); | |
1205 | memcpy( p + 19, hash, 32 ); | |
1206 | - break; | |
1207 | + p[1] += 32; p[14] = 1; p[18] += 32; break; | |
1208 | + | |
1209 | + case SIG_RSA_SHA384: | |
1210 | + memcpy( p, ASN1_HASH_SHA2X, 19 ); | |
1211 | + memcpy( p + 19, hash, 48 ); | |
1212 | + p[1] += 48; p[14] = 2; p[18] += 48; break; | |
1213 | + | |
1214 | + case SIG_RSA_SHA512: | |
1215 | + memcpy( p, ASN1_HASH_SHA2X, 19 ); | |
1216 | + memcpy( p + 19, hash, 64 ); | |
1217 | + p[1] += 64; p[14] = 3; p[18] += 64; break; | |
1218 | ||
1219 | default: | |
1220 | return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); | |
1221 | @@ -515,7 +553,7 @@ | |
1222 | { | |
1223 | int ret, len, siglen; | |
1224 | unsigned char *p, c; | |
1225 | - unsigned char buf[512]; | |
1226 | + unsigned char buf[1024]; | |
1227 | ||
1228 | siglen = ctx->len; | |
1229 | ||
1230 | @@ -562,9 +600,9 @@ | |
1231 | if( memcmp( p, ASN1_HASH_MDX, 18 ) != 0 ) | |
1232 | return( POLARSSL_ERR_RSA_VERIFY_FAILED ); | |
1233 | ||
1234 | - if( ( c == 2 && hash_id == RSA_MD2 ) || | |
1235 | - ( c == 4 && hash_id == RSA_MD4 ) || | |
1236 | - ( c == 5 && hash_id == RSA_MD5 ) ) | |
1237 | + if( ( c == 2 && hash_id == SIG_RSA_MD2 ) || | |
1238 | + ( c == 4 && hash_id == SIG_RSA_MD4 ) || | |
1239 | + ( c == 5 && hash_id == SIG_RSA_MD5 ) ) | |
1240 | { | |
1241 | if( memcmp( p + 18, hash, 16 ) == 0 ) | |
1242 | return( 0 ); | |
1243 | @@ -573,7 +611,7 @@ | |
1244 | } | |
1245 | } | |
1246 | ||
1247 | - if( len == 35 && hash_id == RSA_SHA1 ) | |
1248 | + if( len == 35 && hash_id == SIG_RSA_SHA1 ) | |
1249 | { | |
1250 | if( memcmp( p, ASN1_HASH_SHA1, 15 ) == 0 && | |
1251 | memcmp( p + 15, hash, 20 ) == 0 ) | |
1252 | @@ -581,17 +619,24 @@ | |
1253 | else | |
1254 | return( POLARSSL_ERR_RSA_VERIFY_FAILED ); | |
1255 | } | |
1256 | - | |
1257 | - if( len == 51 && hash_id == RSA_SHA256 ) | |
1258 | - { | |
1259 | - if( memcmp( p, ASN1_HASH_SHA256, 19 ) == 0 && | |
1260 | - memcmp( p + 19, hash, 32 ) == 0 ) | |
1261 | + if( ( len == 19 + 28 && p[14] == 4 && hash_id == SIG_RSA_SHA224 ) || | |
1262 | + ( len == 19 + 32 && p[14] == 1 && hash_id == SIG_RSA_SHA256 ) || | |
1263 | + ( len == 19 + 48 && p[14] == 2 && hash_id == SIG_RSA_SHA384 ) || | |
1264 | + ( len == 19 + 64 && p[14] == 3 && hash_id == SIG_RSA_SHA512 ) ) | |
1265 | + { | |
1266 | + c = p[1] - 17; | |
1267 | + p[1] = 17; | |
1268 | + p[14] = 0; | |
1269 | + | |
1270 | + if( p[18] == c && | |
1271 | + memcmp( p, ASN1_HASH_SHA2X, 18 ) == 0 && | |
1272 | + memcmp( p + 19, hash, c ) == 0 ) | |
1273 | return( 0 ); | |
1274 | else | |
1275 | return( POLARSSL_ERR_RSA_VERIFY_FAILED ); | |
1276 | } | |
1277 | ||
1278 | - if( len == hashlen && hash_id == RSA_RAW ) | |
1279 | + if( len == hashlen && hash_id == SIG_RSA_RAW ) | |
1280 | { | |
1281 | if( memcmp( p, hash, hashlen ) == 0 ) | |
1282 | return( 0 ); | |
1283 | @@ -613,7 +658,6 @@ | |
1284 | &ctx->E, &ctx->N, NULL ); | |
1285 | } | |
1286 | ||
1287 | - | |
1288 | /* | |
1289 | * Parse a public RSA key | |
1290 | ||
1291 | diff -ur /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/rsa.h src/pdkim/rsa.h | |
1292 | --- /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/rsa.h 2009-06-10 09:34:05.000000000 +0200 | |
1293 | +++ src/pdkim/rsa.h 2009-12-17 12:17:01.824459747 +0100 | |
1294 | @@ -1,9 +1,10 @@ | |
1295 | /** | |
1296 | * \file rsa.h | |
1297 | * | |
1298 | - * Based on XySSL: Copyright (C) 2006-2008 Christophe Devine | |
1299 | + * Copyright (C) 2006-2009, Paul Bakker <polarssl_maintainer at polarssl.org> | |
1300 | + * All rights reserved. | |
1301 | * | |
1302 | - * Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org> | |
1303 | + * Joined copyright on original XySSL code with: Christophe Devine | |
1304 | * | |
1305 | * This program is free software; you can redistribute it and/or modify | |
1306 | * it under the terms of the GNU General Public License as published by | |
1307 | @@ -20,13 +21,16 @@ | |
1308 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | |
1309 | */ | |
1310 | ||
1311 | -/* $Cambridge: exim/exim-src/src/pdkim/rsa.h,v 1.2 2009/06/10 07:34:05 tom Exp $ */ | |
1312 | +/* $Cambridge: exim/exim-src/src/pdkim/rsa.h,v 1.3 2009/12/07 13:05:07 tom Exp $ */ | |
1313 | ||
1314 | #ifndef POLARSSL_RSA_H | |
1315 | #define POLARSSL_RSA_H | |
1316 | ||
1317 | #include "bignum.h" | |
1318 | ||
1319 | +/* | |
1320 | + * RSA Error codes | |
1321 | + */ | |
1322 | #define POLARSSL_ERR_RSA_BAD_INPUT_DATA -0x0400 | |
1323 | #define POLARSSL_ERR_RSA_INVALID_PADDING -0x0410 | |
1324 | #define POLARSSL_ERR_RSA_KEY_GEN_FAILED -0x0420 | |
1325 | @@ -34,14 +38,24 @@ | |
1326 | #define POLARSSL_ERR_RSA_PUBLIC_FAILED -0x0440 | |
1327 | #define POLARSSL_ERR_RSA_PRIVATE_FAILED -0x0450 | |
1328 | #define POLARSSL_ERR_RSA_VERIFY_FAILED -0x0460 | |
1329 | -#define POLARSSL_ERR_RSA_OUTPUT_TO_LARGE -0x0470 | |
1330 | +#define POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE -0x0470 | |
1331 | ||
1332 | -#define POLARSSL_ERR_ASN1_OUT_OF_DATA -0x0014 | |
1333 | -#define POLARSSL_ERR_ASN1_UNEXPECTED_TAG -0x0016 | |
1334 | -#define POLARSSL_ERR_ASN1_INVALID_LENGTH -0x0018 | |
1335 | -#define POLARSSL_ERR_ASN1_LENGTH_MISMATCH -0x001A | |
1336 | -#define POLARSSL_ERR_ASN1_INVALID_DATA -0x001C | |
1337 | +/* *************** begin copy from x509.h ************************/ | |
1338 | +/* | |
1339 | + * ASN1 Error codes | |
1340 | + * | |
1341 | + * These error codes will be OR'ed to X509 error codes for | |
1342 | + * higher error granularity. | |
1343 | + */ | |
1344 | +#define POLARSSL_ERR_ASN1_OUT_OF_DATA 0x0014 | |
1345 | +#define POLARSSL_ERR_ASN1_UNEXPECTED_TAG 0x0016 | |
1346 | +#define POLARSSL_ERR_ASN1_INVALID_LENGTH 0x0018 | |
1347 | +#define POLARSSL_ERR_ASN1_LENGTH_MISMATCH 0x001A | |
1348 | +#define POLARSSL_ERR_ASN1_INVALID_DATA 0x001C | |
1349 | ||
1350 | +/* | |
1351 | + * X509 Error codes | |
1352 | + */ | |
1353 | #define POLARSSL_ERR_X509_FEATURE_UNAVAILABLE -0x0020 | |
1354 | #define POLARSSL_ERR_X509_CERT_INVALID_PEM -0x0040 | |
1355 | #define POLARSSL_ERR_X509_CERT_INVALID_FORMAT -0x0060 | |
1356 | @@ -90,15 +104,20 @@ | |
1357 | #define ASN1_CONSTRUCTED 0x20 | |
1358 | #define ASN1_CONTEXT_SPECIFIC 0x80 | |
1359 | ||
1360 | +/* *************** end copy from x509.h ************************/ | |
1361 | + | |
1362 | /* | |
1363 | * PKCS#1 constants | |
1364 | */ | |
1365 | -#define RSA_RAW 0 | |
1366 | -#define RSA_MD2 2 | |
1367 | -#define RSA_MD4 3 | |
1368 | -#define RSA_MD5 4 | |
1369 | -#define RSA_SHA1 5 | |
1370 | -#define RSA_SHA256 6 | |
1371 | +#define SIG_RSA_RAW 0 | |
1372 | +#define SIG_RSA_MD2 2 | |
1373 | +#define SIG_RSA_MD4 3 | |
1374 | +#define SIG_RSA_MD5 4 | |
1375 | +#define SIG_RSA_SHA1 5 | |
1376 | +#define SIG_RSA_SHA224 14 | |
1377 | +#define SIG_RSA_SHA256 11 | |
1378 | +#define SIG_RSA_SHA384 12 | |
1379 | +#define SIG_RSA_SHA512 13 | |
1380 | ||
1381 | #define RSA_PUBLIC 0 | |
1382 | #define RSA_PRIVATE 1 | |
1383 | @@ -109,6 +128,29 @@ | |
1384 | #define RSA_SIGN 1 | |
1385 | #define RSA_CRYPT 2 | |
1386 | ||
1387 | +#define ASN1_STR_CONSTRUCTED_SEQUENCE "\x30" | |
1388 | +#define ASN1_STR_NULL "\x05" | |
1389 | +#define ASN1_STR_OID "\x06" | |
1390 | +#define ASN1_STR_OCTET_STRING "\x04" | |
1391 | + | |
1392 | +#define OID_DIGEST_ALG_MDX "\x2A\x86\x48\x86\xF7\x0D\x02\x00" | |
1393 | +#define OID_HASH_ALG_SHA1 "\x2b\x0e\x03\x02\x1a" | |
1394 | +#define OID_HASH_ALG_SHA2X "\x60\x86\x48\x01\x65\x03\x04\x02\x00" | |
1395 | + | |
1396 | +#define OID_ISO_MEMBER_BODIES "\x2a" | |
1397 | +#define OID_ISO_IDENTIFIED_ORG "\x2b" | |
1398 | + | |
1399 | +/* | |
1400 | + * ISO Member bodies OID parts | |
1401 | + */ | |
1402 | +#define OID_COUNTRY_US "\x86\x48" | |
1403 | +#define OID_RSA_DATA_SECURITY "\x86\xf7\x0d" | |
1404 | + | |
1405 | +/* | |
1406 | + * ISO Identified organization OID parts | |
1407 | + */ | |
1408 | +#define OID_OIW_SECSIG_SHA1 "\x0e\x03\x02\x1a" | |
1409 | + | |
1410 | /* | |
1411 | * DigestInfo ::= SEQUENCE { | |
1412 | * digestAlgorithm DigestAlgorithmIdentifier, | |
1413 | @@ -118,18 +160,31 @@ | |
1414 | * | |
1415 | * Digest ::= OCTET STRING | |
1416 | */ | |
1417 | -#define ASN1_HASH_MDX \ | |
1418 | - "\x30\x20\x30\x0C\x06\x08\x2A\x86\x48" \ | |
1419 | - "\x86\xF7\x0D\x02\x00\x05\x00\x04\x10" | |
1420 | - | |
1421 | -#define ASN1_HASH_SHA1 \ | |
1422 | - "\x30\x21\x30\x09\x06\x05\x2B\x0E\x03" \ | |
1423 | - "\x02\x1A\x05\x00\x04\x14" | |
1424 | - | |
1425 | -#define ASN1_HASH_SHA256 \ | |
1426 | - "\x30\x31\x30\x0d\x06\x09\x60\x86\x48" \ | |
1427 | - "\x01\x65\x03\x04\x02\x01\x05\x00\x04" \ | |
1428 | - "\x20" | |
1429 | +#define ASN1_HASH_MDX \ | |
1430 | +( \ | |
1431 | + ASN1_STR_CONSTRUCTED_SEQUENCE "\x20" \ | |
1432 | + ASN1_STR_CONSTRUCTED_SEQUENCE "\x0C" \ | |
1433 | + ASN1_STR_OID "\x08" \ | |
1434 | + OID_DIGEST_ALG_MDX \ | |
1435 | + ASN1_STR_NULL "\x00" \ | |
1436 | + ASN1_STR_OCTET_STRING "\x10" \ | |
1437 | +) | |
1438 | + | |
1439 | +#define ASN1_HASH_SHA1 \ | |
1440 | + ASN1_STR_CONSTRUCTED_SEQUENCE "\x21" \ | |
1441 | + ASN1_STR_CONSTRUCTED_SEQUENCE "\x09" \ | |
1442 | + ASN1_STR_OID "\x05" \ | |
1443 | + OID_HASH_ALG_SHA1 \ | |
1444 | + ASN1_STR_NULL "\x00" \ | |
1445 | + ASN1_STR_OCTET_STRING "\x14" | |
1446 | + | |
1447 | +#define ASN1_HASH_SHA2X \ | |
1448 | + ASN1_STR_CONSTRUCTED_SEQUENCE "\x11" \ | |
1449 | + ASN1_STR_CONSTRUCTED_SEQUENCE "\x0d" \ | |
1450 | + ASN1_STR_OID "\x09" \ | |
1451 | + OID_HASH_ALG_SHA2X \ | |
1452 | + ASN1_STR_NULL "\x00" \ | |
1453 | + ASN1_STR_OCTET_STRING "\x00" | |
1454 | ||
1455 | /** | |
1456 | * \brief RSA context structure | |
1457 | @@ -227,7 +282,8 @@ | |
1458 | * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code | |
1459 | * | |
1460 | * \note This function does NOT take care of message | |
1461 | - * padding. Also, be sure to set input[0] = 0. | |
1462 | + * padding. Also, be sure to set input[0] = 0 or assure that | |
1463 | + * input is smaller than N. | |
1464 | * | |
1465 | * \note The input and output buffers must be large | |
1466 | * enough (eg. 128 bytes if RSA-1024 is used). | |
1467 | @@ -257,7 +313,7 @@ | |
1468 | * | |
1469 | * \param ctx RSA context | |
1470 | * \param mode RSA_PUBLIC or RSA_PRIVATE | |
1471 | - * \param ilen contains the the plaintext length | |
1472 | + * \param ilen contains the plaintext length | |
1473 | * \param input buffer holding the data to be encrypted | |
1474 | * \param output buffer that will hold the ciphertext | |
1475 | * | |
1476 | @@ -279,7 +335,7 @@ | |
1477 | * \param input buffer holding the encrypted data | |
1478 | * \param output buffer that will hold the plaintext | |
1479 | * \param olen will contain the plaintext length | |
1480 | - * \param output_max_len maximum length of the output buffer | |
1481 | + * \param output_max_len maximum length of the output buffer | |
1482 | * | |
1483 | * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code | |
1484 | * | |
1485 | @@ -291,15 +347,15 @@ | |
1486 | int mode, int *olen, | |
1487 | unsigned char *input, | |
1488 | unsigned char *output, | |
1489 | - int output_max_len); | |
1490 | + int output_max_len ); | |
1491 | ||
1492 | /** | |
1493 | * \brief Do a private RSA to sign a message digest | |
1494 | * | |
1495 | * \param ctx RSA context | |
1496 | * \param mode RSA_PUBLIC or RSA_PRIVATE | |
1497 | - * \param hash_id RSA_RAW, RSA_MD{2,4,5} or RSA_SHA{1,256} | |
1498 | - * \param hashlen message digest length (for RSA_RAW only) | |
1499 | + * \param hash_id SIG_RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256,384,512} | |
1500 | + * \param hashlen message digest length (for SIG_RSA_RAW only) | |
1501 | * \param hash buffer holding the message digest | |
1502 | * \param sig buffer that will hold the ciphertext | |
1503 | * | |
1504 | @@ -321,8 +377,8 @@ | |
1505 | * | |
1506 | * \param ctx points to an RSA public key | |
1507 | * \param mode RSA_PUBLIC or RSA_PRIVATE | |
1508 | - * \param hash_id RSA_RAW, RSA_MD{2,4,5} or RSA_SHA{1,256} | |
1509 | - * \param hashlen message digest length (for RSA_RAW only) | |
1510 | + * \param hash_id SIG_RSA_RAW, RSA_MD{2,4,5} or RSA_SHA{1,256} | |
1511 | + * \param hashlen message digest length (for SIG_RSA_RAW only) | |
1512 | * \param hash buffer holding the message digest | |
1513 | * \param sig buffer holding the ciphertext | |
1514 | * | |
1515 | @@ -341,6 +397,8 @@ | |
1516 | ||
1517 | /** | |
1518 | * \brief Free the components of an RSA key | |
1519 | + * | |
1520 | + * \param ctx RSA Context to free | |
1521 | */ | |
1522 | void rsa_free( rsa_context *ctx ); | |
1523 | ||
1524 | diff -ur /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/sha1.c src/pdkim/sha1.c | |
1525 | --- /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/sha1.c 2009-06-10 09:34:05.000000000 +0200 | |
1526 | +++ src/pdkim/sha1.c 2009-12-17 12:17:01.824459747 +0100 | |
1527 | @@ -1,9 +1,10 @@ | |
1528 | /* | |
1529 | * FIPS-180-1 compliant SHA-1 implementation | |
1530 | * | |
1531 | - * Based on XySSL: Copyright (C) 2006-2008 Christophe Devine | |
1532 | + * Copyright (C) 2006-2009, Paul Bakker <polarssl_maintainer at polarssl.org> | |
1533 | + * All rights reserved. | |
1534 | * | |
1535 | - * Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org> | |
1536 | + * Joined copyright on original XySSL code with: Christophe Devine | |
1537 | * | |
1538 | * This program is free software; you can redistribute it and/or modify | |
1539 | * it under the terms of the GNU General Public License as published by | |
1540 | @@ -25,7 +26,7 @@ | |
1541 | * http://www.itl.nist.gov/fipspubs/fip180-1.htm | |
1542 | */ | |
1543 | ||
1544 | -/* $Cambridge: exim/exim-src/src/pdkim/sha1.c,v 1.2 2009/06/10 07:34:05 tom Exp $ */ | |
1545 | +/* $Cambridge: exim/exim-src/src/pdkim/sha1.c,v 1.3 2009/12/07 13:05:07 tom Exp $ */ | |
1546 | ||
1547 | #include "sha1.h" | |
1548 | ||
1549 | @@ -310,7 +311,7 @@ | |
1550 | /* | |
1551 | * output = SHA-1( input buffer ) | |
1552 | */ | |
1553 | -void sha1_oneshot( unsigned char *input, int ilen, unsigned char output[20] ) | |
1554 | +void sha1( unsigned char *input, int ilen, unsigned char output[20] ) | |
1555 | { | |
1556 | sha1_context ctx; | |
1557 | ||
1558 | @@ -363,7 +364,7 @@ | |
1559 | ||
1560 | if( keylen > 64 ) | |
1561 | { | |
1562 | - sha1_oneshot( key, keylen, sum ); | |
1563 | + sha1( key, keylen, sum ); | |
1564 | keylen = 20; | |
1565 | key = sum; | |
1566 | } | |
1567 | diff -ur /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/sha1.h src/pdkim/sha1.h | |
1568 | --- /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/sha1.h 2009-06-10 09:34:05.000000000 +0200 | |
1569 | +++ src/pdkim/sha1.h 2009-12-17 12:17:01.824459747 +0100 | |
1570 | @@ -1,9 +1,10 @@ | |
1571 | /** | |
1572 | * \file sha1.h | |
1573 | * | |
1574 | - * Based on XySSL: Copyright (C) 2006-2008 Christophe Devine | |
1575 | + * Copyright (C) 2006-2009, Paul Bakker <polarssl_maintainer at polarssl.org> | |
1576 | + * All rights reserved. | |
1577 | * | |
1578 | - * Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org> | |
1579 | + * Joined copyright on original XySSL code with: Christophe Devine | |
1580 | * | |
1581 | * This program is free software; you can redistribute it and/or modify | |
1582 | * it under the terms of the GNU General Public License as published by | |
1583 | @@ -20,7 +21,7 @@ | |
1584 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | |
1585 | */ | |
1586 | ||
1587 | -/* $Cambridge: exim/exim-src/src/pdkim/sha1.h,v 1.2 2009/06/10 07:34:05 tom Exp $ */ | |
1588 | +/* $Cambridge: exim/exim-src/src/pdkim/sha1.h,v 1.3 2009/12/07 13:05:07 tom Exp $ */ | |
1589 | ||
1590 | #ifndef POLARSSL_SHA1_H | |
1591 | #define POLARSSL_SHA1_H | |
1592 | @@ -28,6 +29,7 @@ | |
1593 | /** | |
1594 | * \brief SHA-1 context structure | |
1595 | */ | |
1596 | + | |
1597 | #ifndef HAVE_SHA1_CONTEXT | |
1598 | #define HAVE_SHA1_CONTEXT | |
1599 | typedef struct sha1_context sha1_context; | |
1600 | @@ -43,6 +45,7 @@ | |
1601 | unsigned char opad[64]; /*!< HMAC: outer padding */ | |
1602 | }; | |
1603 | ||
1604 | + | |
1605 | #ifdef __cplusplus | |
1606 | extern "C" { | |
1607 | #endif | |
1608 | @@ -78,7 +81,7 @@ | |
1609 | * \param ilen length of the input data | |
1610 | * \param output SHA-1 checksum result | |
1611 | */ | |
1612 | -void sha1_oneshot( unsigned char *input, int ilen, unsigned char output[20] ); | |
1613 | +void sha1( unsigned char *input, int ilen, unsigned char output[20] ); | |
1614 | ||
1615 | /** | |
1616 | * \brief Output = SHA-1( file contents ) | |
1617 | diff -ur /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/sha2.c src/pdkim/sha2.c | |
1618 | --- /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/sha2.c 2009-06-10 09:34:05.000000000 +0200 | |
1619 | +++ src/pdkim/sha2.c 2009-12-17 12:17:01.824459747 +0100 | |
1620 | @@ -1,9 +1,10 @@ | |
1621 | /* | |
1622 | * FIPS-180-2 compliant SHA-256 implementation | |
1623 | * | |
1624 | - * Based on XySSL: Copyright (C) 2006-2008 Christophe Devine | |
1625 | + * Copyright (C) 2006-2009, Paul Bakker <polarssl_maintainer at polarssl.org> | |
1626 | + * All rights reserved. | |
1627 | * | |
1628 | - * Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org> | |
1629 | + * Joined copyright on original XySSL code with: Christophe Devine | |
1630 | * | |
1631 | * This program is free software; you can redistribute it and/or modify | |
1632 | * it under the terms of the GNU General Public License as published by | |
1633 | @@ -25,7 +26,7 @@ | |
1634 | * http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf | |
1635 | */ | |
1636 | ||
1637 | -/* $Cambridge: exim/exim-src/src/pdkim/sha2.c,v 1.2 2009/06/10 07:34:05 tom Exp $ */ | |
1638 | +/* $Cambridge: exim/exim-src/src/pdkim/sha2.c,v 1.3 2009/12/07 13:05:07 tom Exp $ */ | |
1639 | ||
1640 | #include "sha2.h" | |
1641 | ||
1642 | diff -ur /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/sha2.h src/pdkim/sha2.h | |
1643 | --- /home/users/arekm/rpm/packages/exim/exim-4.71/src/pdkim/sha2.h 2009-06-10 09:34:05.000000000 +0200 | |
1644 | +++ src/pdkim/sha2.h 2009-12-17 12:17:01.824459747 +0100 | |
1645 | @@ -1,9 +1,10 @@ | |
1646 | /** | |
1647 | * \file sha2.h | |
1648 | * | |
1649 | - * Based on XySSL: Copyright (C) 2006-2008 Christophe Devine | |
1650 | + * Copyright (C) 2006-2009, Paul Bakker <polarssl_maintainer at polarssl.org> | |
1651 | + * All rights reserved. | |
1652 | * | |
1653 | - * Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org> | |
1654 | + * Joined copyright on original XySSL code with: Christophe Devine | |
1655 | * | |
1656 | * This program is free software; you can redistribute it and/or modify | |
1657 | * it under the terms of the GNU General Public License as published by | |
1658 | @@ -20,7 +21,7 @@ | |
1659 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | |
1660 | */ | |
1661 | ||
1662 | -/* $Cambridge: exim/exim-src/src/pdkim/sha2.h,v 1.2 2009/06/10 07:34:05 tom Exp $ */ | |
1663 | +/* $Cambridge: exim/exim-src/src/pdkim/sha2.h,v 1.3 2009/12/07 13:05:07 tom Exp $ */ | |
1664 | ||
1665 | #ifndef POLARSSL_SHA2_H | |
1666 | #define POLARSSL_SHA2_H | |
1667 | diff -ur /home/users/arekm/rpm/packages/exim/exim-4.71/src/transport.c src/transport.c | |
1668 | --- /home/users/arekm/rpm/packages/exim/exim-4.71/src/transport.c 2009-11-16 20:50:37.000000000 +0100 | |
1669 | +++ src/transport.c 2009-12-17 12:17:01.902130465 +0100 | |
1670 | @@ -1,4 +1,4 @@ | |
1671 | -/* $Cambridge: exim/exim-src/src/transport.c,v 1.25 2009/11/16 19:50:37 nm4 Exp $ */ | |
1672 | +/* $Cambridge: exim/exim-src/src/transport.c,v 1.26 2009/12/15 08:23:15 tom Exp $ */ | |
1673 | ||
1674 | /************************************************* | |
1675 | * Exim - an Internet mail transport agent * | |
1676 | @@ -1034,7 +1034,9 @@ | |
1677 | if (dkim_strict_result != NULL) { | |
1678 | if ( (strcmpic(dkim_strict,US"1") == 0) || | |
1679 | (strcmpic(dkim_strict,US"true") == 0) ) { | |
1680 | - save_errno = errno; | |
1681 | + /* Set errno to something halfway meaningful */ | |
1682 | + save_errno = EACCES; | |
1683 | + log_write(0, LOG_MAIN, "DKIM: message could not be signed, and dkim_strict is set. Deferring message delivery."); | |
1684 | rc = FALSE; | |
1685 | goto CLEANUP; | |
1686 | } |