/* This variable stores the md5 hash of the current file, if it is
available. It is used in make_random_ideakey. */
+ #ifdef SHA1
+ #include "sha1.h"
+ static boolean local_sha1_flag = FALSE;
+ static unsigned char md5buf[20];
+ #else
static unsigned char md5buf[16];
+ #endif
/* This flag is set if the buffer above has been filled. */
static char already_have_md5 = 0;
***************
*** 734,739 ****
--- 740,752 ----
complete message digest packet in a single RSA block. */
blocksize = countbytes(n)-1; /* size of a plaintext block */
+ #ifdef SHA1
+ if ((blocksize < 32) && local_sha1_flag) {
+ fprintf(pgpout,
+ "\n\007Error: RSA key length must be at least 264 bits.\n");
+ return -1;
+ } else
+ #endif
if (blocksize < 31) {
fprintf(pgpout,
"\n\007Error: RSA key length must be at least 256 bits.\n");
***************
*** 751,758 ****
--- 764,781 ----
convert_byteorder(timestamp,4); /* convert to external form */
/* Finish off message digest calculation with this information */
+ #ifdef SHA1
+ if (local_sha1_flag) {
+ SHA1_addbuffer ((struct SHA1Context *)MD, &class, 1, 0);
+ SHA1_addbuffer ((struct SHA1Context *)MD, timestamp, 4, md5buf)
;
+ } else {
+ MD_addbuffer (MD, &class, 1, 0);
+ MD_addbuffer (MD, timestamp, 4, md5buf);
+ }
+ #else
MD_addbuffer (MD, &class, 1, 0);
MD_addbuffer (MD, timestamp, 4, md5buf);
+ #endif
/* We wrote the digest to a static variable because we want to keep it around
for random number generation later. Also make a note of that fact. */
already_have_md5 = 1;
***************
*** 764,771 ****
--- 787,803 ----
}
/* do RSA signature calculation: */
+ #ifdef SHA1
+ if (local_sha1_flag)
+ i = rsa_private_encrypt((unitptr)outbuf, md5buf, 20,
+ e, d, p, q, u, n);
+ else
+ i = rsa_private_encrypt((unitptr)outbuf, md5buf, 16,
+ e, d, p, q, u, n);
+ #else
i = rsa_private_encrypt((unitptr)outbuf, md5buf, sizeof(md5buf),
e, d, p, q, u, n);
+ #endif
if (i < 0) {
if (i == -4) {
fprintf(pgpout,
***************
*** 823,828 ****
--- 855,865 ----
certificate[certificate_length++] = keyID[i];
/* now compare computed MD with claimed MD */
/* Assume MSB external byte ordering */
+ #ifdef SHA1
+ if (!equal_buffers(digest, outbuf+outbufoffset, local_sha1_flag ? 20 :
16)) {
+ #else
if (!equal_buffers(digest, outbuf+outbufoffset, 16)) {
+ #endif
/* IF the signature is bad, AND this machine does not use
MSDOS-stype canonical text as its native text format, AND
this is a detached signature certificate, AND this file
***************
*** 1766,1772 ****
--- 1872,1889 ----
!= NULL )
{
/* Now check the signature */
+ #ifdef SHA1
+ if (local_sha1_flag)
+ SHA1file0_len(&SH, tempFile, -1L );
+ else
+ #endif
MDfile0_len(&MD, tempFile, -1L );
+ #ifdef SHA1
+ if (local_sha1_flag)
+ SHA1_addbuffer(&SH, mdextras, mdlensave,
+ digest);
+ else
+ #endif
MD_addbuffer(&MD, mdextras, mdlensave,
digest);
***************
*** 1777,1788 ****
--- 1894,1913 ----
/* Check if the signature is OK this time
round */
/* Assume MSB external byte ordering */
+ #ifdef SHA1
+ if(equal_buffers(digest, outbuf+outbufoffset,
+ local_sha1_flag ? 20 : 16))
+ #else
if(equal_buffers(digest, outbuf+outbufoffset,
16))
+ #endif
goto goodsig;
}
}
+ #ifdef SHA1
+ local_sha1_flag = FALSE;
+ #endif
if (checksig_pass == 1) { /* Bad signature - try one more pass
with other charset */
checksig_pass++;
return -1;
***************
*** 1819,1824 ****
--- 1944,1955 ----
fprintf(pgpout,
LANG("Signature made %s using %d-bit key, key ID %s\n"),
ctdate((word32 *)timestamp), countbits(n), key2IDstring(n));
+ #ifdef SHA1
+ if (local_sha1_flag)
+ fprintf(pgpout,
+ LANG("Signature made using the SHA1 message digest algorithm.\n"));
+ local_sha1_flag = FALSE;
+ #endif
#ifdef MACTC5
AddResult((char *)userid);
#endif
diff -c pgp_263i/pgp.c pgp_sha1/pgp.c
*** pgp_263i/pgp.c Wed Jun 19 22:14:24 1996
--- pgp_sha1/pgp.c Wed Jun 19 22:22:17 1996
***************
*** 161,166 ****
--- 161,170 ----
void Exit(int x);
#endif
+ #ifdef SHA1
+ #include "sha1.h"
+ #endif
+
#ifdef M_XENIX
char *strstr();
long time();
***************
*** 894,899 ****
--- 898,906 ----
case 'w':
wipeflag = TRUE;
break;
+ case 'x':
+ mdalg_flag = SHA1_ALGORITHM_BYTE;
+ break;
case 'z':
break;
/* '+' special option: does not require - */
diff -c pgp_263i/rsaglue1.c pgp_sha1/rsaglue1.c
*** pgp_263i/rsaglue1.c Wed Jun 19 22:14:35 1996
--- pgp_sha1/rsaglue1.c Thu Jun 20 07:27:44 1996
***************
*** 53,58 ****
--- 53,99 ----
static byte asn_array[] = { /* PKCS 01 block type 01 data */
0x30,0x20,0x30,0x0c,0x06,0x08,0x2a,0x86,0x48,0x86,0xf7,0x0d,
0x02,0x05,0x05,0x00,0x04,0x10 };
+ #ifdef SHA1
+ static byte sha1_asn_array[] = {
+ 0x30,0x21,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1a,
+ 0x05,0x00,0x04,0x14 };
+ /*
+ Taken from Internet Draft draft-ietf-cat-spkmgss-06,
+ "The Simple Public-Key GSS-API Mechanism (SPKM)", by
+ C. Adams, Bell-Northern Research, Jan. 19, 1996. See
+ also "Working Implementation Agreements for Open Systems
+ Interconnection Protocols: Part 12 - OS Security, Output
+ from the December 1994 Open Systems Environment
+ Implementors' Workshop (OIW)"
+
+ SHA1 OBJECT IDENTIFIER ::= {
+ iso(1) identified-organization(3) oiw(14) secsig(3)
+ algorithm(2) 26
+ }
+
+ ASN.1 encoding:
+ 0x30, / * Universal, Constructed, Sequence * /
+ 0x21, / * Length 33 (bytes following) * /
+ 0x30, / * Universal, Constructed, Sequence * /
+ 0x09, / * Length 9 * /
+ 0x06, / * Universal, Primitive, object-identifier * /
+ 0x05, / * Length 5 * /
+ 43, / * 43 = ISO(1)*40 + 3 * /
+ 14,
+ 3,
+ 2,
+ 26,
+ 0x05, / * Universal, Primitive, NULL * /
+ 0x00, / * Length 0 * /
+ 0x04, / * Universal, Primitive, Octet string * /
+ 0x14 / * Length 20 * /
+ / * 20 SHA.1 digest bytes go here * /
+
+ Cf. "A Layman's Guide to a Subset of ASN.1, BER, and DER --
+ An RSA Laboratories Technical Note" by Burton S. Kaliski Jr.
+ Revised November 1, 1993
+ */
+ #endif /* SHA1 */
/* This many bytes from the end, there's a zero byte */
#define ASN_ZERO_END 3
