Commit 5cdfe9ea authored by filatov's avatar filatov

Remove canonical encoding by default

parent b5df7118
......@@ -165,6 +165,7 @@ static int _xmlOutput = 0;
static int _numeric = 0;
static int _usePKey = 0;
static const char * _issuerPath = NULL;
static int _canonicalEncoding = 0;
char * _es_bufs[8][64];
......@@ -210,6 +211,7 @@ static copt_t options[] = {
{ "x", "xml", COPT_BOOL, &_xmlOutput, "Print xml profile" },
{ "n", "num", COPT_BOOL, &_numeric, "Keep numeric values" },
{ "k", "pkey", COPT_BOOL, &_usePKey, "Issuer is a public key" },
{ "E", "canonical", COPT_BOOL, &_canonicalEncoding, "Use canonical encoding (compatible with TS103097 v1.2.1 and earlier)" },
{ NULL, NULL, COPT_END, NULL, NULL }
};
......@@ -525,9 +527,14 @@ static void calculate_certificate_digest(const char* data, int length, char
SHA256_CTX ctx;
SHA256_Init(&ctx);
SHA256_Update(&ctx, data, length - 65);
SHA256_Update(&ctx, &tmp, 1);
SHA256_Update(&ctx, data + length - 64, 64);
if (_canonicalEncoding){
SHA256_Update(&ctx, data, length - 65);
SHA256_Update(&ctx, &tmp, 1);
SHA256_Update(&ctx, data + length - 64, 64);
}
else{
SHA256_Update(&ctx, data, length);
}
SHA256_Final(hash, &ctx);
memcpy(digest, hash + 24, 8);
}
......
......@@ -10,6 +10,7 @@
#include "cxml.h"
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
static const char _hex_digits[] = "0123456789ABCDEF";
......@@ -67,7 +68,7 @@ int cxml_text_encode(void * const handler, char * * const p_dst,
}else{
/* check for supported symbol range */
unsigned char ch = *s;
if(ch < ' ' && ch != '\t' && ch != '\n' && ch != '\r'){
if (!isprint(ch)){
if(d + 5 > de){
if(-1 == _prepare(handler, &db, &d, &de)){
return -1;
......
......@@ -268,6 +268,7 @@ static long _refLon = 0;
static const long double _latTMDPerMetter = 180.0 / M_PI / 0.6378;
static long double _lonTMDPerMetter = 180.0 / M_PI / 0.6378;
static const char * _cfgFile = NULL;
static int _canonicalEncoding = 0;
static void _setup_default_time()
{
......@@ -384,7 +385,8 @@ static copt_t options [] = {
{ "t", "reftime", COPT_STR | COPT_CALLBACK, (void*)&_time_option, "Reference UTC time point (YYY-DD-MM) [current date]" },
{ "l", "reflocation", COPT_STR | COPT_CALLBACK, (void*)&_refPoint_option, "Reference location in form <lat>:<lon> [0.0:0.0]" },
{ "m", "macro", COPT_STR | COPT_CALLBACK, (void*)&_addMacro_option, "Add macro in form of name:value to process AID, SSP, etc." },
{ NULL, NULL, COPT_END, NULL, NULL }
{ "E", "canonical", COPT_BOOL, (void*)&_canonicalEncoding, "Use canonical encoding (compatible with TS103097 v1.2.1 and earlier)" },
{ NULL, NULL, COPT_END, NULL, NULL }
};
int main(int argc, char ** argv)
......@@ -713,7 +715,9 @@ static int certificate_signer_tag (cxml_handler_t* const _h, cxml_tag_t * const
char hash[sha256_hash_size];
// change eccpoint type of the signature to x_coordinate_only(0)
// to follow canonical encoding
h->ptr[size - 65] = 0;
if (_canonicalEncoding){
h->ptr[size - 65] = 0;
}
sha256_calculate(hash, h->ptr, size);
#ifdef DEBUG_DATA
fprintf(stderr, "HASH (%s): ", h->signer);
......
......@@ -20,6 +20,7 @@
#include "../cshared/cstr.h"
#include "../cshared/cserialize.h"
#include "../cshared/copts.h"
static size_t load_certificate(const char * path, char ** p);
static EC_KEY * load_public_key(const char* path, const EC_GROUP * group);
......@@ -128,6 +129,16 @@ static const char * _signer_types[] = {
"other",
};
static void usage(){
printf("Usage: msgcheck [Options] messages\n"
"Options:\n"
" -c <certificate> Use this certificate instead of the one from message\n"
" -k <public key> Use the public key from given file\n"
" -r Reset. Use keys from messages\n"
" -E Use canonical encoding (compatible with TS103097 v1.2.1 and early\n");
}
static int _canonicalEncoding = 0;
int main(int argc, char ** argv)
{
int i;
......@@ -136,7 +147,7 @@ int main(int argc, char ** argv)
char cert_digest[8] = { 0 };
if (argc < 2 || 0 == strcmp("-h", argv[1])){
printf("Usage: msgcheck [-c certificate] [-p pub key] messages\n");
usage();
return -1;
}
......@@ -153,12 +164,13 @@ int main(int argc, char ** argv)
if (0 == strcmp("-c", argv[i])){
i++;
if (i == argc){
fprintf(stderr, "Usage: msgcheck [-c certificate] [-p pub key] messages\n");
fprintf(stderr, "ERROR: Certificate file is not set\n");
usage();
return -1;
}
len = load_certificate(argv[i], &data);
if (len == -1){
fprintf(stderr, "%s: can not load certificate\n", argv[i]);
fprintf(stderr, "ERROR: %s: Can not load certificate from file\n", argv[i]);
return -1;
}
......@@ -169,16 +181,16 @@ int main(int argc, char ** argv)
free(data); data = NULL;
continue;
}
if (0 == strcmp("-p", argv[i])){
if (0 == strcmp("-k", argv[i])){
i++;
if (i == argc){
fprintf(stderr, "Usage: msgcheck [-c certificate] [-p pub key] [-x|-b] messages\n");
return -1;
fprintf(stderr, "ERROR: Public key file is not set\n");
usage();
}
if (defkey) EC_KEY_free(defkey);
defkey = load_public_key(argv[i], group);
if (defkey == NULL){
fprintf(stderr, "%s: can not load public key\n", argv[i]);
fprintf(stderr, "ERROR: %s: can not load public key\n", argv[i]);
return -1;
}
continue;
......@@ -190,6 +202,10 @@ int main(int argc, char ** argv)
}
continue;
}
if (0 == strcmp("-E", argv[i])){
_canonicalEncoding = 1;
continue;
}
e = cstraload(&data, argv[i]);
if (data == NULL){
fprintf(stderr, "%s: can not load message\n", argv[i]);
......@@ -214,8 +230,8 @@ int main(int argc, char ** argv)
SHA256_Update(&ctx, data, e-data-66);
SHA256_Final(hash, &ctx);
}
printf("%s: HASH : %d bytes\n", argv[i], (int)(e-data-66));
printf("%s: HASH : %s\n", argv[i], cbin2hex(hash, 32));
printf("%s: HASH : %d bytes\n", argv[i], (int)(e-data-66));
printf("%s: HASH : %s\n", argv[i], cbin2hex(hash, 32));
if (defkey == NULL){
// get key from message signer
if (data[4] != si_certificate){
......@@ -416,16 +432,21 @@ static void calculate_certificate_digest(const char* data, int length, char
{
// set signature point type to X
unsigned char hash[32];
unsigned char tmp = 0;
SHA256_CTX ctx;
SHA256_Init(&ctx);
SHA256_Update(&ctx, data, length - 65);
SHA256_Update(&ctx, &tmp, 1);
SHA256_Update(&ctx, data + length - 64, 64);
if (_canonicalEncoding) {
unsigned char tmp = 0;
SHA256_Update(&ctx, data, length - 65);
SHA256_Update(&ctx, &tmp, 1);
SHA256_Update(&ctx, data + length - 64, 64);
}else{
SHA256_Update(&ctx, data, length);
}
SHA256_Final(hash, &ctx);
memcpy(digest, hash + 24, 8);
}
/*
static void print_x(FILE * f, const char * ptr, int len)
{
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment