git-svn-id: file:///var/lib/svn/clamav-devel/trunk/clamav-devel@77 77e5149b-7576-45b1-b177-96237e5ba77b
Tomasz Kojm authored on 2003/10/08 21:51:074 | 8 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,27 @@ |
0 |
+/* |
|
1 |
+ * Copyright (C) 2003 Tomasz Kojm <zolw@konarski.edu.pl> |
|
2 |
+ * |
|
3 |
+ * This program is free software; you can redistribute it and/or modify |
|
4 |
+ * it under the terms of the GNU General Public License as published by |
|
5 |
+ * the Free Software Foundation; either version 2 of the License, or |
|
6 |
+ * (at your option) any later version. |
|
7 |
+ * |
|
8 |
+ * This program is distributed in the hope that it will be useful, |
|
9 |
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 |
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 |
+ * GNU General Public License for more details. |
|
12 |
+ * |
|
13 |
+ * You should have received a copy of the GNU General Public License |
|
14 |
+ * along with this program; if not, write to the Free Software |
|
15 |
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. |
|
16 |
+ */ |
|
17 |
+ |
|
18 |
+#ifndef __CVD_H |
|
19 |
+#define __CVD_H |
|
20 |
+ |
|
21 |
+#include <stdio.h> |
|
22 |
+#include "clamav.h" |
|
23 |
+ |
|
24 |
+int cli_cvdload(FILE *fd, struct cl_node **root, int *virnum); |
|
25 |
+ |
|
26 |
+#endif |
0 | 27 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,127 @@ |
0 |
+/* |
|
1 |
+ * Copyright (C) 2003 Tomasz Kojm <zolw@konarski.edu.pl> |
|
2 |
+ * |
|
3 |
+ * Number encoding rutines are based on yyyRSA by Erik Thiele |
|
4 |
+ * |
|
5 |
+ * This program is free software; you can redistribute it and/or modify |
|
6 |
+ * it under the terms of the GNU General Public License as published by |
|
7 |
+ * the Free Software Foundation; either version 2 of the License, or |
|
8 |
+ * (at your option) any later version. |
|
9 |
+ * |
|
10 |
+ * This program is distributed in the hope that it will be useful, |
|
11 |
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
12 |
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
13 |
+ * GNU General Public License for more details. |
|
14 |
+ * |
|
15 |
+ * You should have received a copy of the GNU General Public License |
|
16 |
+ * along with this program; if not, write to the Free Software |
|
17 |
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. |
|
18 |
+ */ |
|
19 |
+ |
|
20 |
+#ifdef HAVE_GMP |
|
21 |
+ |
|
22 |
+#include <stdio.h> |
|
23 |
+#include <string.h> |
|
24 |
+#include <stdlib.h> |
|
25 |
+#include <ctype.h> |
|
26 |
+#include <gmp.h> |
|
27 |
+ |
|
28 |
+#include "clamav.h" |
|
29 |
+#include "others.h" |
|
30 |
+ |
|
31 |
+const char *cli_nstr = "118640995551645342603070001658453189751527774412027743746599405743243142607464144767361060640655844749760788890022283424922762488917565551002467771109669598189410434699034532232228621591089508178591428456220796841621637175567590476666928698770143328137383952820383197532047771780196576957695822641224262693037"; /* 1024 bits */ |
|
32 |
+ |
|
33 |
+const char *cli_estr = "100001027"; |
|
34 |
+ |
|
35 |
+ |
|
36 |
+char cli_ndecode(char value) |
|
37 |
+{ |
|
38 |
+ int i; |
|
39 |
+ char ncodec[] = { |
|
40 |
+ 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', |
|
41 |
+ 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', |
|
42 |
+ 'y', 'z', |
|
43 |
+ 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', |
|
44 |
+ 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', |
|
45 |
+ 'Y', 'Z', |
|
46 |
+ '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', |
|
47 |
+ '+', '/' |
|
48 |
+ }; |
|
49 |
+ |
|
50 |
+ |
|
51 |
+ for(i = 0; i < 64; i++) |
|
52 |
+ if(ncodec[i] == value) |
|
53 |
+ return i; |
|
54 |
+ |
|
55 |
+ cli_errmsg("cli_ndecode: value out of range\n"); |
|
56 |
+ return -1; |
|
57 |
+} |
|
58 |
+ |
|
59 |
+char *cli_decodesig(const char *sig, int plainlen, mpz_t e, mpz_t n) |
|
60 |
+{ |
|
61 |
+ int i, siglen = strlen(sig), dec; |
|
62 |
+ char *decoded; |
|
63 |
+ mpz_t r, p, c; |
|
64 |
+ |
|
65 |
+ |
|
66 |
+ mpz_init(r); |
|
67 |
+ mpz_init(c); |
|
68 |
+ |
|
69 |
+ for(i = 0; i < siglen; i++) { |
|
70 |
+ if((dec = cli_ndecode(sig[i])) < 0) |
|
71 |
+ return NULL; |
|
72 |
+ |
|
73 |
+ mpz_set_ui(r, dec); |
|
74 |
+ mpz_mul_2exp(r, r, 6 * i); |
|
75 |
+ mpz_add(c, c, r); |
|
76 |
+ } |
|
77 |
+ |
|
78 |
+ mpz_init(p); |
|
79 |
+ decoded = (char *) calloc(plainlen + 1, sizeof(char)); |
|
80 |
+ |
|
81 |
+ mpz_powm(p, c, e, n); /* plain = cipher^e mod n */ |
|
82 |
+ mpz_clear(c); |
|
83 |
+ |
|
84 |
+ for(i = plainlen - 1; i >= 0; i--) { /* reverse */ |
|
85 |
+ mpz_tdiv_qr_ui(p, r, p, 256); |
|
86 |
+ decoded[i] = mpz_get_ui(r); |
|
87 |
+ } |
|
88 |
+ |
|
89 |
+ mpz_clear(p); |
|
90 |
+ mpz_clear(r); |
|
91 |
+ |
|
92 |
+ return decoded; |
|
93 |
+} |
|
94 |
+ |
|
95 |
+int cli_versig(const char *md5, const char *dsig) |
|
96 |
+{ |
|
97 |
+ mpz_t n, e; |
|
98 |
+ char *pt, *pt2; |
|
99 |
+ |
|
100 |
+ if(strlen(md5) != 32 || !isalnum(md5[0])) { |
|
101 |
+ /* someone is trying to fool us with empty/malformed MD5 ? */ |
|
102 |
+ cli_errmsg("SECURITY WARNING: MD5 basic test failure.\n"); |
|
103 |
+ return CL_EMD5; |
|
104 |
+ } |
|
105 |
+ |
|
106 |
+ mpz_init_set_str(n, cli_nstr, 10); |
|
107 |
+ mpz_init_set_str(e, cli_estr, 10); |
|
108 |
+ pt = cli_decodesig(dsig, 16, e, n); |
|
109 |
+ pt2 = cl_str2hex(pt, 16); |
|
110 |
+ free(pt); |
|
111 |
+ |
|
112 |
+ cli_dbgmsg("Decoded signature: %s\n", pt2); |
|
113 |
+ |
|
114 |
+ if(strncmp(md5, pt2, 32)) { |
|
115 |
+ cli_dbgmsg("Signature doesn't match.\n"); |
|
116 |
+ free(pt2); |
|
117 |
+ return CL_EDSIG; |
|
118 |
+ } |
|
119 |
+ |
|
120 |
+ free(pt2); |
|
121 |
+ |
|
122 |
+ cli_dbgmsg("Digital signature is correct.\n"); |
|
123 |
+ return 0; |
|
124 |
+} |
|
125 |
+ |
|
126 |
+#endif |
0 | 127 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,24 @@ |
0 |
+/* |
|
1 |
+ * Copyright (C) 2003 Tomasz Kojm <zolw@konarski.edu.pl> |
|
2 |
+ * |
|
3 |
+ * This program is free software; you can redistribute it and/or modify |
|
4 |
+ * it under the terms of the GNU General Public License as published by |
|
5 |
+ * the Free Software Foundation; either version 2 of the License, or |
|
6 |
+ * (at your option) any later version. |
|
7 |
+ * |
|
8 |
+ * This program is distributed in the hope that it will be useful, |
|
9 |
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 |
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 |
+ * GNU General Public License for more details. |
|
12 |
+ * |
|
13 |
+ * You should have received a copy of the GNU General Public License |
|
14 |
+ * along with this program; if not, write to the Free Software |
|
15 |
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. |
|
16 |
+ */ |
|
17 |
+ |
|
18 |
+#ifndef __DSIG_H |
|
19 |
+#define __DSIG_H |
|
20 |
+ |
|
21 |
+int cli_versig(const char *md5, const char *dsig); |
|
22 |
+ |
|
23 |
+#endif |
... | ... |
@@ -119,8 +119,14 @@ char *cl_strerror(int clerror) |
119 | 119 |
return "Malformed database."; |
120 | 120 |
case CL_EPATSHORT: |
121 | 121 |
return "Too short pattern detected."; |
122 |
+ case CL_ECVD: |
|
123 |
+ return "Broken or not a CVD file."; |
|
122 | 124 |
case CL_ECVDEXTR: |
123 |
- return "CVD extraction failure."; |
|
125 |
+ return "CVD extraction failure."; |
|
126 |
+ case CL_EMD5: |
|
127 |
+ return "MD5 verification error."; |
|
128 |
+ case CL_EDSIG: |
|
129 |
+ return "Digital signature verification error."; |
|
124 | 130 |
case CL_ENULLARG: |
125 | 131 |
return "Null argument passed while initialized is required."; |
126 | 132 |
default: |
... | ... |
@@ -156,6 +162,22 @@ char *cl_md5file(const char *filename) |
156 | 156 |
return(md5str); |
157 | 157 |
} |
158 | 158 |
|
159 |
+char *cli_md5stream(FILE *fd) |
|
160 |
+{ |
|
161 |
+ unsigned char buffer[16]; |
|
162 |
+ char *md5str; |
|
163 |
+ int i, cnt=0; |
|
164 |
+ |
|
165 |
+ md5_stream(fd, &buffer); |
|
166 |
+ |
|
167 |
+ md5str = (char*) calloc(32 + 1, sizeof(char)); |
|
168 |
+ |
|
169 |
+ for(i=0; i<16; i++) |
|
170 |
+ cnt += sprintf(md5str + cnt, "%02x", buffer[i]); |
|
171 |
+ |
|
172 |
+ return(md5str); |
|
173 |
+} |
|
174 |
+ |
|
159 | 175 |
char *cl_md5buff(const char *buffer, unsigned int len) |
160 | 176 |
{ |
161 | 177 |
unsigned char md5buf[16]; |
... | ... |
@@ -19,6 +19,7 @@ |
19 | 19 |
#ifndef __OTHERS_H |
20 | 20 |
#define __OTHERS_H |
21 | 21 |
|
22 |
+#include <stdio.h> |
|
22 | 23 |
#include <stdlib.h> |
23 | 24 |
|
24 | 25 |
void cli_warnmsg(const char *str, ...); |
... | ... |
@@ -28,5 +29,6 @@ void *cli_malloc(size_t nmemb); |
28 | 28 |
void *cli_calloc(size_t nmemb, size_t size); |
29 | 29 |
void *cli_realloc(void *ptr, size_t size); |
30 | 30 |
int cli_rmdirs(const char *dirname); |
31 |
+char *cli_md5stream(FILE *fd); |
|
31 | 32 |
|
32 | 33 |
#endif |