Commit 5005f131 authored by kollo's avatar kollo

added VRFY() function

parent fdad0b20
......@@ -3,3 +3,4 @@ Release notes for Version 1.25 (Sept 2016 -- )
- HASH()/SHA1 and MD5 now work also without libgcrypt
- new Commands: HIDEK, SHOWK (Android)
- fixed bug in MERGE and FILESELECT
- new function VRFY()
......@@ -117,19 +117,19 @@ EXAMPLE:
##############################################################################
Function: VRFY()
Syntax: flag%=VRFY(message$,signature$,key$[,type])
DESCRIPTION:
Returns TRUE (-1) if the digital signature in signature$ matches
the message in message$ and the (public) key in key$.
Otherwise FALSE (0) is returned.
signature$ must be a valid signature produced by SIGN$().
Returns TRUE (-1) if the digital signature in signature$ matches
the message in message$ and the (public) key in key$.
Otherwise FALSE (0) is returned.
signature$ must be a valid signature produced by SIGN$().
COMMENT:
This function is only available in X11-Basic if encryption is
compiled in (libgcrypt was present at compile time).
This function is only available in X11-Basic if encryption is
compiled in (libgcrypt was present at compile time).
SEE ALSO: SIGN$()
##############################################################################
Command: VSYNC
......
......@@ -8,7 +8,7 @@
#define BC_STACKLEN 256
#define BC_VERSION 0x1251 /* Version 1.25 release 1*/
#define BC_VERSION 0x1252 /* Version 1.25 release 2*/
typedef struct {
unsigned char BRAs; /* DC_BRAs */
......
......@@ -30,6 +30,7 @@
#include "parameter.h"
#include "gkommandos.h"
#include "functions.h"
#include "sfunctions.h"
#include "afunctions.h"
#include "array.h"
#include "wort_sep.h"
......@@ -197,6 +198,7 @@
#define f_swap NULL
#define f_symadr NULL
#define f_tally NULL
#define f_vrfy NULL
#define f_tan NULL
#define f_tanh NULL
#define f_tinesize NULL
......@@ -1166,6 +1168,11 @@ static int f_tally(PARAMETER *plist,int e) {
}
}
}
static int f_vrfy(PARAMETER *plist,int e) {
int typ=4;
if(e>3) typ=plist[3].integer-1;
return(do_verify((STRING *)&(plist[0].integer),(STRING *)&(plist[1].integer),(STRING *)&(plist[2].integer),typ));
}
/*On android the meaning of the bits of flags is different than on standard
linuxes.... (bits 1 and 2 exchanged)*/
......@@ -1600,6 +1607,7 @@ const FUNCTION pfuncs[]= { /* alphabetisch !!! */
{ F_CONST|F_SQUICK|F_IRET, "VAL?" ,(pfunc) f_valf ,1,1 ,{PL_STRING}},
{ F_CONST|F_PLISTE|F_IRET, "VARIAT" , (pfunc)f_variat ,2,2 ,{PL_INT,PL_INT}},
{ F_PLISTE|F_IRET, "VARPTR" , (pfunc)f_varptr ,1,1 ,{PL_ALLVAR}},
{ F_CONST|F_PLISTE|F_IRET, "VRFY" ,(pfunc) f_vrfy ,3,4 ,{PL_STRING,PL_STRING,PL_STRING,PL_INT}},
{ F_CONST|F_IQUICK|F_IRET, "WORD" , (pfunc)f_word ,1,1 ,{PL_INT}},
{ F_PLISTE|F_IRET, "WORT_SEP" , (pfunc)f_wort_sep ,3,5 ,{PL_STRING,PL_STRING,PL_INT,PL_SVAR,PL_SVAR}},
......
......@@ -1214,24 +1214,23 @@ static STRING f_signs(PARAMETER *plist,int e) {
int typ=4; /* Default is BLOWFISH */
if(e>2) typ=plist[2].integer;
/* ALso erst einen SHA1 Hash berechnen....*/
sha1_context ctx;
sha1_starts(&ctx);
sha1_update(&ctx, plist->pointer, plist->integer);
tmp.len=SHA1_DIGEST_LENGTH;
tmp.pointer=malloc(tmp.len+1);
tmp.pointer[SHA1_DIGEST_LENGTH]=0;
sha1_finish(&ctx, (unsigned char *)tmp.pointer);
sha1_context ctx;
sha1_starts(&ctx);
sha1_update(&ctx, plist->pointer, plist->integer);
tmp.len=SHA1_DIGEST_LENGTH;
tmp.pointer=malloc(tmp.len+1);
tmp.pointer[SHA1_DIGEST_LENGTH]=0;
sha1_finish(&ctx, (unsigned char *)tmp.pointer);
/* Jetzt verschluesseln (geht noch nicht)*/
ergebnis=do_encrypt(&tmp,(STRING *)&(plist[1].integer),typ);
free_string(&tmp);
ergebnis=do_encrypt(&tmp,(STRING *)&(plist[1].integer),typ);
free_string(&tmp);
return(ergebnis);
}
static STRING f_decrypts(PARAMETER *plist,int e) {
static STRING do_decrypt(STRING *message, STRING *key, int typ) {
STRING ergebnis;
#ifdef HAVE_GCRYPT
int typ=4; /* Default is BLOWFISH */
if(e>2) typ=plist[2].integer;
if(!gcrypt_init) {
if(!gcry_check_version(GCRYPT_VERSION)) {
puts("ERROR: libgcrypt version mismatch\n");
......@@ -1246,16 +1245,16 @@ static STRING f_decrypts(PARAMETER *plist,int e) {
size_t keyLength = gcry_cipher_get_algo_keylen(typ);
gcry_cipher_hd_t hd;
if(plist[1].integer<keyLength) printf("WARNING: Key too short (%d). It must be at least %d bytes.\n",plist[1].integer,keyLength);
if(plist[0].integer%blkLength) printf("WARNING: The message length (%d) must be a multiple of %d bytes.\n",plist[0].integer,blkLength);
int len=(plist[0].integer-1)/blkLength+1;
if(key->len<keyLength) printf("WARNING: Key too short (%d). It must be at least %d bytes.\n",plist[1].integer,keyLength);
if(message->len%blkLength) printf("WARNING: The message length (%d) must be a multiple of %d bytes.\n",plist[0].integer,blkLength);
int len=(message->len-1)/blkLength+1;
ergebnis.len=len*blkLength;
ergebnis.pointer=malloc(ergebnis.len+1);
gcry_cipher_open(&hd, typ, GCRY_CIPHER_MODE_CBC, 0);
gcry_cipher_setkey(hd,plist[1].pointer, keyLength);
gcry_cipher_setkey(hd,key->pointer, keyLength);
// gcry_cipher_setiv(hd, iniVector, blkLength);
int ret=gcry_cipher_decrypt(hd, ergebnis.pointer,ergebnis.len, plist[0].pointer, len*blkLength);
int ret=gcry_cipher_decrypt(hd, ergebnis.pointer,ergebnis.len, message->pointer, len*blkLength);
if(ret) printf("cipherdecrypt failed: %s/%s\n",gcry_strsource(ret),gcry_strerror(ret));
gcry_cipher_close(hd);
......@@ -1263,14 +1262,42 @@ static STRING f_decrypts(PARAMETER *plist,int e) {
printf("The %s function is not implemented \n"
" in this version of X11-Basic because the GCRYPT library \n"
" was not present at compile time.\n","DECRYPT$()");
ergebnis.len=plist[0].integer;
ergebnis.len=message->len;
ergebnis.pointer=malloc(ergebnis.len+1);
memcpy(ergebnis.pointer,plist->pointer,plist->integer);
memcpy(ergebnis.pointer,message->pointer,message->len);
#endif
(ergebnis.pointer)[ergebnis.len]=0;
return(ergebnis);
}
static STRING f_decrypts(PARAMETER *plist,int e) {
STRING ergebnis;
int typ=4; /* Default is BLOWFISH */
if(e>2) typ=plist[2].integer;
ergebnis=do_decrypt((STRING *)&(plist[0].integer),(STRING *)&(plist[1].integer),typ);
return(ergebnis);
}
int do_verify(STRING *message,STRING *signature,STRING *key, int typ) {
/* Erst hash der message berechnen.*/
STRING sha1,tmp;
int flag=1;
sha1_context ctx;
sha1_starts(&ctx);
sha1_update(&ctx, (unsigned char *)message->pointer, message->len);
sha1.len=SHA1_DIGEST_LENGTH;
sha1.pointer=malloc(sha1.len+1);
sha1_finish(&ctx, (unsigned char *)sha1.pointer);
/* Dann signatur entschluesseln*/
tmp=do_decrypt(signature,key,typ);
/* Dann hashes vergleichen*/
if(tmp.len==SHA1_DIGEST_LENGTH)
flag=memcmp(sha1.pointer,tmp.pointer,SHA1_DIGEST_LENGTH);
free_string(&sha1);
free_string(&tmp);
return((flag==0)?-1:0);
}
static STRING f_compresss(STRING n) {
STRING ergebnis,a,b;
a=f_rles(n);
......
......@@ -9,3 +9,4 @@
/*Standard Funktionstyp */
int do_verify(STRING *,STRING *,STRING *, int);
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment