diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2019-04-09 13:08:20 +0200 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2019-04-09 13:08:20 +0200 |
commit | 7c92d7381408b375d158dd3aedfa61d340ed3750 (patch) | |
tree | 1fe1a0ff202930700e9817ebb1d67b281217ece1 /openpgp-ffi | |
parent | b372fdb81fbff4bfca997b4d271aedc6026c158c (diff) |
openpgp: Guard signature verifications with a time.
- In the streaming verifier and decryptor, check that
signatures (and binding signatures) are valid at the given time.
- Fixes #247.
Diffstat (limited to 'openpgp-ffi')
-rw-r--r-- | openpgp-ffi/examples/decrypt-with.c | 2 | ||||
-rw-r--r-- | openpgp-ffi/include/sequoia/openpgp.h | 6 | ||||
-rw-r--r-- | openpgp-ffi/src/parse/stream.rs | 31 |
3 files changed, 25 insertions, 14 deletions
diff --git a/openpgp-ffi/examples/decrypt-with.c b/openpgp-ffi/examples/decrypt-with.c index d68e0902..969b7e28 100644 --- a/openpgp-ffi/examples/decrypt-with.c +++ b/openpgp-ffi/examples/decrypt-with.c @@ -128,7 +128,7 @@ main (int argc, char **argv) }; plaintext = pgp_decryptor_new (&err, source, get_public_keys_cb, decrypt_cb, - check_signatures_cb, &cookie); + check_signatures_cb, &cookie, 0); if (! plaintext) error (1, 0, "pgp_decryptor_new: %s", pgp_error_to_string (err)); diff --git a/openpgp-ffi/include/sequoia/openpgp.h b/openpgp-ffi/include/sequoia/openpgp.h index 73bcc7a6..aa7e117c 100644 --- a/openpgp-ffi/include/sequoia/openpgp.h +++ b/openpgp-ffi/include/sequoia/openpgp.h @@ -1436,7 +1436,7 @@ pgp_reader_t pgp_decryptor_new (pgp_error_t *errp, pgp_reader_t input, pgp_decryptor_get_public_keys_cb_t get_public_keys, pgp_decryptor_decrypt_cb_t decrypt, pgp_decryptor_check_signatures_cb_t check_signatures, - void *cookie); + void *cookie, time_t time); /*/ /// Verifies an OpenPGP message. @@ -1447,7 +1447,7 @@ pgp_reader_t pgp_decryptor_new (pgp_error_t *errp, pgp_reader_t input, pgp_reader_t pgp_verifier_new (pgp_error_t *errp, pgp_reader_t input, pgp_decryptor_get_public_keys_cb_t get_public_keys, pgp_decryptor_check_signatures_cb_t check_signatures, - void *cookie); + void *cookie, time_t time); /*/ /// Verifies a detached OpenPGP signature. @@ -1456,6 +1456,6 @@ pgp_reader_t pgp_detached_verifier_new (pgp_error_t *errp, pgp_reader_t signature_input, pgp_reader_t input, pgp_decryptor_get_public_keys_cb_t get_public_keys, pgp_decryptor_check_signatures_cb_t check_signatures, - void *cookie); + void *cookie, time_t time); #endif diff --git a/openpgp-ffi/src/parse/stream.rs b/openpgp-ffi/src/parse/stream.rs index 420ed5fd..c237866c 100644 --- a/openpgp-ffi/src/parse/stream.rs +++ b/openpgp-ffi/src/parse/stream.rs @@ -11,7 +11,7 @@ //! [`sequoia-openpgp::parse::stream`]: ../../../sequoia_openpgp/parse/stream/index.html use std::ptr; -use libc::{c_int, size_t, c_void, uint8_t}; +use libc::{c_int, size_t, c_void, uint8_t, time_t}; extern crate sequoia_openpgp as openpgp; extern crate time; @@ -374,7 +374,7 @@ impl VerificationHelper for VHelper { /// }; /// plaintext = pgp_verifier_new (NULL, source, /// get_public_keys_cb, check_signatures_cb, -/// &cookie); +/// &cookie, 1554542219); /// assert (source); /// /// nread = pgp_reader_read (NULL, plaintext, buf, sizeof buf); @@ -392,16 +392,25 @@ fn pgp_verifier_new<'a>(errp: Option<&mut *mut ::error::Error>, input: *mut io::Reader, get_public_keys: GetPublicKeysCallback, check_signatures: CheckSignaturesCallback, - cookie: *mut HelperCookie) + cookie: *mut HelperCookie, + time: time_t) -> Maybe<io::Reader> { let helper = VHelper::new(get_public_keys, check_signatures, cookie); - Verifier::from_reader(input.ref_mut_raw(), helper) + Verifier::from_reader(input.ref_mut_raw(), helper, maybe_time(time)) .map(|r| io::ReaderKind::Generic(Box::new(r))) .move_into_raw(errp) } +fn maybe_time(t: time_t) -> Option<time::Tm> { + if t == 0 { + None + } else { + Some(time::at(time::Timespec::new(t as i64, 0))) + } +} + /// Verifies a detached OpenPGP signature. /// /// # Example @@ -480,7 +489,7 @@ fn pgp_verifier_new<'a>(errp: Option<&mut *mut ::error::Error>, /// }; /// plaintext = pgp_detached_verifier_new (NULL, signature, source, /// get_public_keys_cb, check_signatures_cb, -/// &cookie); +/// &cookie, 1554542219); /// assert (source); /// /// nread = pgp_reader_read (NULL, plaintext, buf, sizeof buf); @@ -500,13 +509,14 @@ fn pgp_detached_verifier_new<'a>(errp: Option<&mut *mut ::error::Error>, input: *mut io::Reader, get_public_keys: GetPublicKeysCallback, check_signatures: CheckSignaturesCallback, - cookie: *mut HelperCookie) + cookie: *mut HelperCookie, + time: time_t) -> Maybe<io::Reader> { let helper = VHelper::new(get_public_keys, check_signatures, cookie); DetachedVerifier::from_reader(signature_input.ref_mut_raw(), - input.ref_mut_raw(), helper) + input.ref_mut_raw(), helper, maybe_time(time)) .map(|r| io::ReaderKind::Generic(Box::new(r))) .move_into_raw(errp) } @@ -730,7 +740,7 @@ impl DecryptionHelper for DHelper { /// }; /// plaintext = pgp_decryptor_new (NULL, source, /// get_public_keys_cb, decrypt_cb, -/// check_signatures_cb, &cookie); +/// check_signatures_cb, &cookie, 1554542219); /// assert (plaintext); /// /// nread = pgp_reader_read (NULL, plaintext, buf, sizeof buf); @@ -750,13 +760,14 @@ fn pgp_decryptor_new<'a>(errp: Option<&mut *mut ::error::Error>, get_public_keys: GetPublicKeysCallback, decrypt: DecryptCallback, check_signatures: CheckSignaturesCallback, - cookie: *mut HelperCookie) + cookie: *mut HelperCookie, + time: time_t) -> Maybe<io::Reader> { let helper = DHelper::new( get_public_keys, decrypt, check_signatures, cookie); - Decryptor::from_reader(input.ref_mut_raw(), helper) + Decryptor::from_reader(input.ref_mut_raw(), helper, maybe_time(time)) .map(|r| io::ReaderKind::Generic(Box::new(r))) .move_into_raw(errp) } |