@@ -1,3 +1,12 @@

+Sat Oct 14 23:09:12 CEST 2006 (tk)

+----------------------------------

+  * libclamav/dsig.c: new function cli_versigpss(): digital signature

+		      verification based on RSASSA-PSS with 2048 bit RSA

+		      key and SHA256 hash function

+  * libclamav/sha256.[ch]: new files (SHA256 implementation from mhash)

+  * sigtool/sigtool.c: genetate compressed and signed .cdiff files

+  * shared/cdiff.c: handle new .cdiff files

+

 Fri Oct 13 15:42:43 BST 2006 (njh)

 ----------------------------------

   * libclamav/mbox.c:	Fix compilation warning on FreeBSD

@@ -730,7 +730,7 @@ static int getpatch(const char *dbname, int version, const char *hostname, char

 	return 55;

     }

-    if(cdiff_apply(fd) == -1) {

+    if(cdiff_apply(fd, 1) == -1) {

 	logg("!getpatch: Can't apply patch\n");

 	close(fd);

         unlink(tempname);

@@ -150,6 +150,8 @@ libclamav_la_SOURCES = \

 	phish_whitelist.c \

 	phish_whitelist.h \

 	regex_list.c \

-	regex_list.h

+	regex_list.h \

+	sha256.c \

+	sha256.h

 lib_LTLIBRARIES = libclamav.la

@@ -87,7 +87,8 @@ am_libclamav_la_OBJECTS = matcher-ac.lo matcher-bm.lo matcher.lo \

 	binhex.lo is_tar.lo tnef.lo unrar15.lo unrarvm.lo unrar.lo \

 	unrarfilter.lo unrarppm.lo unrar20.lo unrarcmd.lo pdf.lo \

 	spin.lo yc.lo elf.lo sis.lo uuencode.lo pst.lo phishcheck.lo \

-	phish_domaincheck_db.lo phish_whitelist.lo regex_list.lo

+	phish_domaincheck_db.lo phish_whitelist.lo regex_list.lo \

+	sha256.lo

 libclamav_la_OBJECTS = $(am_libclamav_la_OBJECTS)

 DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)

 depcomp = $(SHELL) $(top_srcdir)/depcomp

@@ -350,7 +351,9 @@ libclamav_la_SOURCES = \

 	phish_whitelist.c \

 	phish_whitelist.h \

 	regex_list.c \

-	regex_list.h

+	regex_list.h \

+	sha256.c \

+	sha256.h

 lib_LTLIBRARIES = libclamav.la

 all: all-am

@@ -458,6 +461,7 @@ distclean-compile:

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rebuildpe.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/regex_list.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/scanners.Plo@am__quote@

+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sha256.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sis.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/snprintf.Plo@am__quote@

 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/special.Plo@am__quote@

@@ -1,5 +1,5 @@

 /*

- *  Copyright (C) 2003 - 2004 Tomasz Kojm <tkojm@clamav.net>

+ *  Copyright (C) 2003 - 2006 Tomasz Kojm <tkojm@clamav.net>

  *

  *  Number encoding rutines are based on yyyRSA by Erik Thiele

  *

@@ -35,10 +35,18 @@

 #include "others.h"

 #include "dsig.h"

 #include "str.h"

+#include "sha256.h"

-static const char *cli_nstr = "118640995551645342603070001658453189751527774412027743746599405743243142607464144767361060640655844749760788890022283424922762488917565551002467771109669598189410434699034532232228621591089508178591428456220796841621637175567590476666928698770143328137383952820383197532047771780196576957695822641224262693037"; /* 1024 bits */

+#define CLI_NSTR "118640995551645342603070001658453189751527774412027743746599405743243142607464144767361060640655844749760788890022283424922762488917565551002467771109669598189410434699034532232228621591089508178591428456220796841621637175567590476666928698770143328137383952820383197532047771780196576957695822641224262693037"

-static const char *cli_estr = "100001027";

+#define CLI_ESTR "100001027"

+

+#define CLI_NSTRPSS "14783905874077467090262228516557917570254599638376203532031989214105552847269687489771975792123442185817287694951949800908791527542017115600501303394778618535864845235700041590056318230102449612217458549016089313306591388590790796515819654102320725712300822356348724011232654837503241736177907784198700834440681124727060540035754699658105895050096576226753008596881698828185652424901921668758326578462003247906470982092298106789657211905488986281078346361469524484829559560886227198091995498440676639639830463593211386055065360288422394053998134458623712540683294034953818412458362198117811990006021989844180721010947"

+

+#define CLI_ESTRPSS "100002053"

+

+#define PSS_NBITS 2048

+#define PSS_DIGEST_LENGTH 32

 static char cli_ndecode(char value)

@@ -64,10 +72,10 @@ static char cli_ndecode(char value)

     return -1;

 }

-static char *cli_decodesig(const char *sig, int plainlen, mpz_t e, mpz_t n)

+static unsigned char *cli_decodesig(const char *sig, int plainlen, mpz_t e, mpz_t n)

 {

 	int i, siglen = strlen(sig), dec;

-	char *decoded;

+	unsigned char *decoded;

 	mpz_t r, p, c;

@@ -86,7 +94,7 @@ static char *cli_decodesig(const char *sig, int plainlen, mpz_t e, mpz_t n)

 	mpz_add(c, c, r);

     }

-    decoded = (char *) cli_calloc(plainlen + 1, sizeof(char));

+    decoded = (unsigned char *) cli_calloc(plainlen + 1, sizeof(unsigned char));

     if(!decoded) {

 	cli_errmsg("cli_decodesig: Can't allocate memory\n");

 	mpz_clear(r);

@@ -108,22 +116,121 @@ static char *cli_decodesig(const char *sig, int plainlen, mpz_t e, mpz_t n)

     return decoded;

 }

+static void cli_mgf(unsigned char *in, unsigned int inlen, unsigned char *out, unsigned int outlen)

+{

+	SHA256_CTX ctx;

+	unsigned int i, laps;

+	unsigned char cnt[4], digest[PSS_DIGEST_LENGTH];

+

+

+    laps = (outlen + PSS_DIGEST_LENGTH - 1) / PSS_DIGEST_LENGTH;

+

+    for(i = 0; i < laps; i++) {

+	cnt[0] = (unsigned char) 0;

+	cnt[1] = (unsigned char) 0;

+	cnt[2] = (unsigned char) (i / 256);

+	cnt[3] = (unsigned char) i;

+

+	sha256_init(&ctx);

+	sha256_update(&ctx, in, inlen);

+	sha256_update(&ctx, cnt, sizeof(cnt));

+	sha256_final(&ctx);

+	sha256_digest(&ctx, digest);

+

+	if(i != laps - 1)

+	    memcpy(&out[i * PSS_DIGEST_LENGTH], digest, PSS_DIGEST_LENGTH);

+	else

+	    memcpy(&out[i * PSS_DIGEST_LENGTH], digest, outlen - i * PSS_DIGEST_LENGTH);

+    }

+}

+

+int cli_versigpss(const unsigned char *sha256, const char *dsig)

+{

+	mpz_t n, e;

+	SHA256_CTX ctx;

+	unsigned char *pt, digest1[PSS_DIGEST_LENGTH], digest2[PSS_DIGEST_LENGTH], *salt;

+	unsigned int plen = PSS_NBITS / 8, hlen, slen, i;

+	unsigned char dblock[PSS_NBITS / 8 - PSS_DIGEST_LENGTH - 1];

+	unsigned char mblock[PSS_NBITS / 8 - PSS_DIGEST_LENGTH - 1];

+	unsigned char fblock[8 + 2 * PSS_DIGEST_LENGTH];

+

+

+    hlen = slen = PSS_DIGEST_LENGTH;

+    mpz_init_set_str(n, CLI_NSTRPSS, 10);

+    mpz_init_set_str(e, CLI_ESTRPSS, 10);

+

+    if(!(pt = cli_decodesig(dsig, plen, e, n))) {

+	mpz_clear(n);

+	mpz_clear(e);

+	return CL_EDSIG;

+    }

+

+    mpz_clear(n);

+    mpz_clear(e);

+

+    if(pt[plen - 1] != 0xbc) {

+	cli_dbgmsg("cli_versigpss: Incorrect signature syntax (0xbc)\n");

+	free(pt);

+	return CL_EDSIG;

+    }

+

+    memcpy(mblock, pt, plen - hlen - 1);

+    memcpy(digest2, &pt[plen - hlen - 1], hlen);

+    free(pt);

+

+    cli_mgf(digest2, hlen, dblock, plen - hlen - 1);

+

+    for(i = 0; i < plen - hlen - 1; i++)

+	dblock[i] ^= mblock[i];

+

+    dblock[0] &= (0xff >> 1);

+

+    salt = memchr(dblock, 0x01, sizeof(dblock));

+    if(!salt) {

+	cli_dbgmsg("cli_versigpss: Can't find salt\n");

+	return CL_EDSIG;

+    }

+    salt++;

+

+    if((unsigned int) (dblock + sizeof(dblock) - salt) != slen) {

+	cli_dbgmsg("cli_versigpss: Bad salt size\n");

+	return CL_EDSIG;

+    }

+

+    memset(fblock, 0, 8);

+    memcpy(&fblock[8], sha256, hlen);

+    memcpy(&fblock[8 + hlen], salt, slen);

+

+    sha256_init(&ctx);

+    sha256_update(&ctx, fblock, sizeof(fblock));

+    sha256_final(&ctx);

+    sha256_digest(&ctx, digest1);

+

+    if(memcmp(digest1, digest2, hlen)) {

+	cli_dbgmsg("cli_versigpss: Signature doesn't match.\n");

+	return CL_EDSIG;

+    }

+

+    cli_dbgmsg("cli_versigpss: Digital signature is correct.\n");

+    return CL_SUCCESS;

+}

 int cli_versig(const char *md5, const char *dsig)

 {

 	mpz_t n, e;

 	char *pt, *pt2;

+

     if(strlen(md5) != 32 || !isalnum(md5[0])) {

 	/* someone is trying to fool us with empty/malformed MD5 ? */

 	cli_errmsg("SECURITY WARNING: MD5 basic test failure.\n");

 	return CL_EMD5;

     }

-    mpz_init_set_str(n, cli_nstr, 10);

-    mpz_init_set_str(e, cli_estr, 10);

+    mpz_init_set_str(n, CLI_NSTR, 10);

+    mpz_init_set_str(e, CLI_ESTR, 10);

-    if(!(pt = cli_decodesig(dsig, 16, e, n))) {

+    if(!(pt = (char *) cli_decodesig(dsig, 16, e, n))) {

 	mpz_clear(n);

 	mpz_clear(e);

 	return CL_EDSIG;

@@ -132,10 +239,10 @@ int cli_versig(const char *md5, const char *dsig)

     pt2 = cli_str2hex(pt, 16);

     free(pt);

-    cli_dbgmsg("Decoded signature: %s\n", pt2);

+    cli_dbgmsg("cli_versig: Decoded signature: %s\n", pt2);

     if(strncmp(md5, pt2, 32)) {

-	cli_dbgmsg("Signature doesn't match.\n");

+	cli_dbgmsg("cli_versig: Signature doesn't match.\n");

 	free(pt2);

 	mpz_clear(n);

 	mpz_clear(e);

@@ -146,8 +253,7 @@ int cli_versig(const char *md5, const char *dsig)

     mpz_clear(n);

     mpz_clear(e);

-    cli_dbgmsg("Digital signature is correct.\n");

-    return 0;

+    cli_dbgmsg("cli_versig: Digital signature is correct.\n");

+    return CL_SUCCESS;

 }

-

 #endif

@@ -21,5 +21,6 @@

 #define __DSIG_H

 int cli_versig(const char *md5, const char *dsig);

+int cli_versigpss(const unsigned char *sha256, const char *dsig);

 #endif

new file mode 100644

@@ -0,0 +1,281 @@

+/*

+ * Copyright (C) 2001 Niels Moller

+ *  

+ * This program is free software; you can redistribute it and/or

+ * modify it under the terms of the GNU General Public License as

+ * published by the Free Software Foundation; either version 2 of the

+ * License, or (at your option) any later version.

+ *

+ * The nettle library is distributed in the hope that it will be useful, but

+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY

+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public

+ * License for more details.

+ * 

+ * You should have received a copy of the GNU Lesser General Public License

+ * along with the nettle library; see the file COPYING.LIB.  If not, write to

+ * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,

+ * MA 02111-1307, USA.

+ */

+

+/* Modelled after the sha1.c code by Peter Gutmann. */

+

+#include <stdio.h>

+#include <string.h>

+

+#include "cltypes.h"

+#include "sha256.h"

+

+/* A block, treated as a sequence of 32-bit words. */

+#define SHA256_DATA_LENGTH 16

+

+#define ROTR(n,x) ((x)>>(n) | ((x)<<(32-(n))))

+#define SHR(n,x) ((x)>>(n))

+

+#define Choice(x,y,z)   ( (z) ^ ( (x) & ( (y) ^ (z) ) ) )

+#define Majority(x,y,z) ( ((x) & (y)) ^ ((z) & ((x) ^ (y))) )

+

+#define S0(x) (ROTR(2,(x)) ^ ROTR(13,(x)) ^ ROTR(22,(x)))

+#define S1(x) (ROTR(6,(x)) ^ ROTR(11,(x)) ^ ROTR(25,(x)))

+

+#define s0(x) (ROTR(7,(x)) ^ ROTR(18,(x)) ^ SHR(3,(x)))

+#define s1(x) (ROTR(17,(x)) ^ ROTR(19,(x)) ^ SHR(10,(x)))

+

+static const uint32_t K[64] = {

+	0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL,

+	0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL,

+	0xd807aa98UL, 0x12835b01UL, 0x243185beUL, 0x550c7dc3UL,

+	0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL, 0xc19bf174UL,

+	0xe49b69c1UL, 0xefbe4786UL, 0xfc19dc6UL, 0x240ca1ccUL,

+	0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL,

+	0x983e5152UL, 0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL,

+	0xc6e00bf3UL, 0xd5a79147UL, 0x6ca6351UL, 0x14292967UL,

+	0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL, 0x53380d13UL,

+	0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL,

+	0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL,

+	0xd192e819UL, 0xd6990624UL, 0xf40e3585UL, 0x106aa070UL,

+	0x19a4c116UL, 0x1e376c08UL, 0x2748774cUL, 0x34b0bcb5UL,

+	0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL, 0x682e6ff3UL,

+	0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL,

+	0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL,

+};

+

+#define EXPAND(W,i) \

+( W[(i) & 15 ] += (s1(W[((i)-2) & 15]) + W[((i)-7) & 15] + s0(W[((i)-15) & 15])) )

+

+#define ROUND(a,b,c,d,e,f,g,h,k,data) do {		\

+  uint32_t T1 = h + S1(e) + Choice(e,f,g) + k + data;	\

+  uint32_t T2 = S0(a) + Majority(a,b,c);		\

+  d += T1;						\

+  h = T1 + T2;						\

+} while (0)

+

+#ifndef EXTRACT_UCHAR

+#define EXTRACT_UCHAR(p)  (*(unsigned char *)(p))

+#endif

+

+#define STRING2INT(s) ((((((EXTRACT_UCHAR(s) << 8)    \

+			 | EXTRACT_UCHAR(s+1)) << 8)  \

+			 | EXTRACT_UCHAR(s+2)) << 8)  \

+			 | EXTRACT_UCHAR(s+3))

+

+#ifndef EXTRACT_UCHAR

+#define EXTRACT_UCHAR(p)  (*(mutils_word8 *)(p))

+#endif

+

+#define STRING2INT(s) ((((((EXTRACT_UCHAR(s) << 8)    \

+			 | EXTRACT_UCHAR(s+1)) << 8)  \

+			 | EXTRACT_UCHAR(s+2)) << 8)  \

+			 | EXTRACT_UCHAR(s+3))

+

+/* Initialize the SHA values */

+

+void sha256_init(struct sha256_ctx *ctx)

+{

+	/* Initial values, also generated by the shadata program. */

+	static const uint32_t H0[_SHA256_DIGEST_LENGTH] = {

+		0x6a09e667UL, 0xbb67ae85UL, 0x3c6ef372UL, 0xa54ff53aUL,

+		0x510e527fUL, 0x9b05688cUL, 0x1f83d9abUL, 0x5be0cd19UL,

+	};

+

+	memcpy(ctx->state, H0, sizeof(H0));

+

+	/* Initialize bit count */

+	ctx->count_low = ctx->count_high = 0;

+

+	/* Initialize buffer */

+	ctx->index = 0;

+}

+

+/* Perform the SHA transformation.  Note that this code, like MD5, seems to

+   break some optimizing compilers due to the complexity of the expressions

+   and the size of the basic block.  It may be necessary to split it into

+   sections, e.g. based on the four subrounds

+

+   Note that this function destroys the data area */

+

+static void sha256_transform(uint32_t *state, uint32_t *data)

+{

+	uint32_t A, B, C, D, E, F, G, H;	/* Local vars */

+	unsigned char i;

+	const uint32_t *k;

+	uint32_t *d;

+

+	/* Set up first buffer and local data buffer */

+	A = state[0];

+	B = state[1];

+	C = state[2];

+	D = state[3];

+	E = state[4];

+	F = state[5];

+	G = state[6];

+	H = state[7];

+

+	/* Heavy mangling */

+	/* First 16 subrounds that act on the original data */

+

+	for (i = 0, k = K, d = data; i < 16; i += 8, k += 8, d += 8) {

+		ROUND(A, B, C, D, E, F, G, H, k[0], d[0]);

+		ROUND(H, A, B, C, D, E, F, G, k[1], d[1]);

+		ROUND(G, H, A, B, C, D, E, F, k[2], d[2]);

+		ROUND(F, G, H, A, B, C, D, E, k[3], d[3]);

+		ROUND(E, F, G, H, A, B, C, D, k[4], d[4]);

+		ROUND(D, E, F, G, H, A, B, C, k[5], d[5]);

+		ROUND(C, D, E, F, G, H, A, B, k[6], d[6]);

+		ROUND(B, C, D, E, F, G, H, A, k[7], d[7]);

+	}

+

+	for (; i < 64; i += 16, k += 16) {

+		ROUND(A, B, C, D, E, F, G, H, k[0], EXPAND(data, 0));

+		ROUND(H, A, B, C, D, E, F, G, k[1], EXPAND(data, 1));

+		ROUND(G, H, A, B, C, D, E, F, k[2], EXPAND(data, 2));

+		ROUND(F, G, H, A, B, C, D, E, k[3], EXPAND(data, 3));

+		ROUND(E, F, G, H, A, B, C, D, k[4], EXPAND(data, 4));

+		ROUND(D, E, F, G, H, A, B, C, k[5], EXPAND(data, 5));

+		ROUND(C, D, E, F, G, H, A, B, k[6], EXPAND(data, 6));

+		ROUND(B, C, D, E, F, G, H, A, k[7], EXPAND(data, 7));

+		ROUND(A, B, C, D, E, F, G, H, k[8], EXPAND(data, 8));

+		ROUND(H, A, B, C, D, E, F, G, k[9], EXPAND(data, 9));

+		ROUND(G, H, A, B, C, D, E, F, k[10], EXPAND(data, 10));

+		ROUND(F, G, H, A, B, C, D, E, k[11], EXPAND(data, 11));

+		ROUND(E, F, G, H, A, B, C, D, k[12], EXPAND(data, 12));

+		ROUND(D, E, F, G, H, A, B, C, k[13], EXPAND(data, 13));

+		ROUND(C, D, E, F, G, H, A, B, k[14], EXPAND(data, 14));

+		ROUND(B, C, D, E, F, G, H, A, k[15], EXPAND(data, 15));

+	}

+

+	/* Update state */

+	state[0] += A;

+	state[1] += B;

+	state[2] += C;

+	state[3] += D;

+	state[4] += E;

+	state[5] += F;

+	state[6] += G;

+	state[7] += H;

+}

+

+static void sha256_block(struct sha256_ctx *ctx, const unsigned char *block)

+{

+	uint32_t data[SHA256_DATA_LENGTH];

+	uint16_t i;

+

+	/* Update block count */

+	if (!++ctx->count_low)

+		++ctx->count_high;

+

+	/* Endian independent conversion */

+	for (i = 0; i < SHA256_DATA_LENGTH; i++, block += 4)

+		data[i] = STRING2INT(block);

+

+	sha256_transform(ctx->state, data);

+}

+

+void

+sha256_update(struct sha256_ctx *ctx, const unsigned char *buffer, uint32_t length)

+{

+	uint32_t left;

+

+	if (ctx->index) {	/* Try to fill partial block */

+		left = SHA256_DATA_SIZE - ctx->index;

+		if (length < left) {

+			memcpy(ctx->block + ctx->index, buffer, length);

+			ctx->index += length;

+			return;	/* Finished */

+		} else {

+			memcpy(ctx->block + ctx->index, buffer, left);

+			sha256_block(ctx, ctx->block);

+			buffer += left;

+			length -= left;

+		}

+	}

+	while (length >= SHA256_DATA_SIZE) {

+		sha256_block(ctx, buffer);

+		buffer += SHA256_DATA_SIZE;

+		length -= SHA256_DATA_SIZE;

+	}

+	/* Buffer leftovers */

+	/* NOTE: The corresponding sha1 code checks for the special case length == 0.

+	 * That seems supoptimal, as I suspect it increases the number of branches. */

+

+	memcpy(ctx->block, buffer, length);

+	ctx->index = length;

+}

+

+/* Final wrapup - pad to SHA1_DATA_SIZE-byte boundary with the bit pattern

+   1 0* (64-bit count of bits processed, MSB-first) */

+

+void sha256_final(struct sha256_ctx *ctx)

+{

+	uint32_t data[SHA256_DATA_LENGTH];

+	uint32_t i;

+	uint32_t words;

+

+	i = ctx->index;

+

+	/* Set the first char of padding to 0x80.  This is safe since there is

+	   always at least one byte free */

+

+/*  assert(i < SHA256_DATA_SIZE);

+ */

+	ctx->block[i++] = 0x80;

+

+	/* Fill rest of word */

+	for (; i & 3; i++)

+		ctx->block[i] = 0;

+

+	/* i is now a multiple of the word size 4 */

+	words = i >> 2;

+	for (i = 0; i < words; i++)

+		data[i] = STRING2INT(ctx->block + 4 * i);

+

+	if (words > (SHA256_DATA_LENGTH - 2)) {	/* No room for length in this block. Process it and

+						 * pad with another one */

+		for (i = words; i < SHA256_DATA_LENGTH; i++)

+			data[i] = 0;

+		sha256_transform(ctx->state, data);

+		for (i = 0; i < (SHA256_DATA_LENGTH - 2); i++)

+			data[i] = 0;

+	} else

+		for (i = words; i < SHA256_DATA_LENGTH - 2; i++)

+			data[i] = 0;

+

+	/* There are 512 = 2^9 bits in one block */

+	data[SHA256_DATA_LENGTH - 2] =

+	    (ctx->count_high << 9) | (ctx->count_low >> 23);

+	data[SHA256_DATA_LENGTH - 1] =

+	    (ctx->count_low << 9) | (ctx->index << 3);

+	sha256_transform(ctx->state, data);

+}

+

+void sha256_digest(const struct sha256_ctx *ctx, unsigned char *s)

+{

+	uint32_t i;

+

+	if (s!=NULL)

+		for (i = 0; i < _SHA256_DIGEST_LENGTH; i++) {

+			*s++ = ctx->state[i] >> 24;

+			*s++ = 0xff & (ctx->state[i] >> 16);

+			*s++ = 0xff & (ctx->state[i] >> 8);

+			*s++ = 0xff & ctx->state[i];

+		}

+}

new file mode 100644

@@ -0,0 +1,51 @@

+/*

+ * Copyright (C) 2001 Niels Moller

+ *  

+ * The nettle library is free software; you can redistribute it and/or modify

+ * it under the terms of the GNU Lesser General Public License as published by

+ * the Free Software Foundation; either version 2.1 of the License, or (at your

+ * option) any later version.

+ * 

+ * The nettle library is distributed in the hope that it will be useful, but

+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY

+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public

+ * License for more details.

+ * 

+ * You should have received a copy of the GNU Lesser General Public License

+ * along with the nettle library; see the file COPYING.LIB.  If not, write to

+ * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,

+ * MA 02111-1307, USA.

+ */

+ 

+#ifndef __SHA256_H

+#define __SHA256_H

+

+#include "cltypes.h"

+

+#define SHA256_DIGEST_SIZE 32

+#define SHA256_DATA_SIZE 64

+

+/* Digest is kept internally as 8 32-bit words. */

+#define _SHA256_DIGEST_LENGTH 8

+

+typedef struct sha256_ctx

+{

+  uint32_t state[_SHA256_DIGEST_LENGTH];    /* State variables */

+  uint32_t count_low, count_high;           /* 64-bit block count */

+  unsigned char block[SHA256_DATA_SIZE];          /* SHA256 data buffer */

+  uint32_t index;                       /* index into buffer */

+} SHA256_CTX;

+

+void

+sha256_init(struct sha256_ctx *ctx);

+

+void

+sha256_update(struct sha256_ctx *ctx, const unsigned char *data, uint32_t length);

+

+void

+sha256_final(struct sha256_ctx *ctx);

+

+void

+sha256_digest(const struct sha256_ctx *ctx, unsigned char *digest);

+

+#endif

@@ -32,11 +32,18 @@

 #include "shared/memory.h"

 #include "shared/misc.h"

 #include "shared/output.h"

+#include "shared/cdiff.h"

 #include "libclamav/str.h"

 #include "libclamav/others.h"

 #include "libclamav/cvd.h"

+#include "libclamav/sha256.h"

+#ifdef HAVE_GMP

+#include "libclamav/dsig.h"

+#endif

+

+#include "zlib.h"

 struct cdiff_node {

     unsigned int lineno;

@@ -383,7 +390,7 @@ static int cdiff_cmd_close(const char *cmdstr, struct cdiff_ctx *ctx)

 		    fclose(tmpfh);

 		    unlink(tmp);

 		    free(tmp);

-		    logg("!cdiff_cmd_close: Can't apply DEL at line %d\n", lines);

+		    logg("!cdiff_cmd_close: Can't apply DEL at line %d of %s\n", lines, ctx->open_db);

 		    return -1;

 		}

@@ -397,7 +404,7 @@ static int cdiff_cmd_close(const char *cmdstr, struct cdiff_ctx *ctx)

 		    fclose(tmpfh);

 		    unlink(tmp);

 		    free(tmp);

-		    logg("!cdiff_cmd_close: Can't apply XCHG at line %d\n", lines);

+		    logg("!cdiff_cmd_close: Can't apply XCHG at line %d of %s\n", lines, ctx->open_db);

 		    return -1;

 		}

@@ -709,83 +716,211 @@ static int cdiff_cmd_unlink(const char *cmdstr, struct cdiff_ctx *ctx)

     return 0;

 }

-int cdiff_apply(int fd)

+static int cdiff_execute(const char *cmdstr, struct cdiff_ctx *ctx)

+{

+	char *cmd_name, *tmp;

+	int (*cmd_handler)(const char *, struct cdiff_ctx *) = NULL;

+	unsigned int i;

+

+

+    cmd_name = cdiff_token(cmdstr, 0, 0);

+    if(!cmd_name) {

+	logg("!cdiff_apply: Problem parsing line\n");

+	return -1;

+    }

+

+    for(i = 0; commands[i].name; i++) {

+	if(!strcmp(commands[i].name, cmd_name)) {

+	    cmd_handler = commands[i].handler;

+	    break;

+	}

+    }

+

+    if(!cmd_handler) {

+	logg("!cdiff_apply: Unknown command %s\n", cmd_name);

+	free(cmd_name);

+	return -1;

+    }

+

+    if(!(tmp = cdiff_token(cmdstr, commands[i].argc, 1))) {

+	logg("!cdiff_apply: Not enough arguments for %s\n", cmd_name);

+	free(cmd_name);

+	return -1;

+    }

+    free(tmp);

+

+    if(cmd_handler(cmdstr, ctx)) {

+	logg("!cdiff_apply: Can't execute command %s\n", cmd_name);

+	free(cmd_name);

+	return -1;

+    }

+

+    free(cmd_name);

+    return 0;

+}

+

+int cdiff_apply(int fd, unsigned short mode)

 {

 	struct cdiff_ctx ctx;

 	FILE *fh;

-	char line[1024], *cmd_name, *tmp;

-	int (*cmd_handler)(const char *, struct cdiff_ctx *);

+	gzFile *gzh;

+	char line[1024], buff[FILEBUFF], *dsig = NULL;

 	unsigned int lines = 0, cmds = 0;

-	int i, desc;

+	int end, i;

+	struct stat sb;

+	int desc;

+#ifdef HAVE_GMP

+	SHA256_CTX sha256ctx;

+	unsigned char digest[32];

+	int sum, bread;

+#define DSIGBUFF 350

+#endif

+    memset(&ctx, 0, sizeof(ctx));

     if((desc = dup(fd)) == -1) {

 	logg("!cdiff_apply: Can't duplicate descriptor %d\n", fd);

 	return -1;

     }

-    if(!(fh = fdopen(desc, "r"))) {

-	logg("!cdiff_apply: fdopen() failed for descriptor %d\n", desc);

-	close(desc);

-	return -1;

-    }

+    if(mode == 1) { /* .cdiff */

-    memset(&ctx, 0, sizeof(ctx));

+	if(lseek(desc, -DSIGBUFF, SEEK_END) == -1) {

+	    logg("!cdiff_apply: lseek(desc, %d, SEEK_END) failed\n", -DSIGBUFF);

+	    close(desc);

+	    return -1;

+	}

-    while(fgets(line, sizeof(line), fh)) {

-	lines++;

-	cli_chomp(line);

-	cmd_handler = NULL;

+	memset(line, 0, sizeof(line));

+	if(read(desc, line, DSIGBUFF) != DSIGBUFF) {

+	    logg("!cdiff_apply: Can't read %d bytes\n", DSIGBUFF);

+	    close(desc);

+	    return -1;

+	}

-	if(line[0] == '#' || !strlen(line))

-	    continue;

+	for(i = DSIGBUFF - 1; i >= 0; i--) {

+	    if(line[i] == ':') {

+		dsig = &line[i + 1];

+		break;

+	    }

+	}

-	cmd_name = cdiff_token(line, 0, 0);

-	if(!cmd_name) {

-	    logg("!cdiff_apply: Problem parsing line %d\n", lines);

-	    fclose(fh);

-	    cdiff_ctx_free(&ctx);

+	if(!dsig) {

+	    logg("!cdiff_apply: No digital signature in cdiff file\n");

+	    close(desc);

+	    return -1;

+	}

+

+	if(fstat(desc, &sb) == -1) {

+	    logg("!cdiff_apply: Can't fstat file\n");

+	    close(desc);

+	    return -1;

+	}

+

+	end = sb.st_size - (DSIGBUFF - i);

+	if(end < 0) {

+	    logg("!cdiff_apply: compressed data end offset < 0\n");

+	    close(desc);

 	    return -1;

 	}

-	for(i = 0; commands[i].name; i++) {

-	    if(!strcmp(commands[i].name, cmd_name)) {

-		cmd_handler = commands[i].handler;

+	if(lseek(desc, 0, SEEK_SET) == -1) {

+	    logg("!cdiff_apply: lseek(desc, 0, SEEK_SET) failed\n");

+	    close(desc);

+	    return -1;

+	}

+

+#ifdef HAVE_GMP

+	sha256_init(&sha256ctx);

+	sum = 0;

+	while((bread = read(desc, buff, FILEBUFF)) > 0) {

+	    if(sum + bread >= end) {

+		sha256_update(&sha256ctx, (unsigned char *) buff, end - sum);

 		break;

+	    } else {

+		sha256_update(&sha256ctx, (unsigned char *) buff, bread);

 	    }

+	    sum += bread;

 	}

+	sha256_final(&sha256ctx);

+	sha256_digest(&sha256ctx, digest);

-	if(!cmd_handler) {

-	    logg("!cdiff_apply: Unknown command %s at line %d\n", cmd_name, lines);

-	    free(cmd_name);

-	    fclose(fh);

-	    cdiff_ctx_free(&ctx);

+	if(cli_versigpss(digest, dsig)) {

+	    logg("!cdiff_apply: Incorrect digital signature\n");

+	    close(desc);

 	    return -1;

 	}

+#endif

-	if(!(tmp = cdiff_token(line, commands[i].argc, 1))) {

-	    logg("!cdiff_apply: Not enough arguments for %s at line %d\n", cmd_name, lines);

-	    free(cmd_name);

-	    fclose(fh);

-	    cdiff_ctx_free(&ctx);

+	if(lseek(desc, 0, SEEK_SET) == -1) {

+	    logg("!cdiff_apply: lseek(desc, 0, SEEK_SET) failed\n");

+	    close(desc);

 	    return -1;

 	}

-	free(tmp);

-	if(cmd_handler(line, &ctx)) {

-	    logg("!cdiff_apply: Can't execute command %s at line %d\n", cmd_name, lines);

-	    fclose(fh);

-	    free(cmd_name);

-	    cdiff_ctx_free(&ctx);

+	i = 0;

+	while(read(desc, buff, 1) > 0)

+	    if(buff[0] == ':')

+		if(++i == 3)

+		    break;

+

+	if(i != 3) {

+	    logg("!cdiff_apply: Incorrect file format\n");

+	    close(desc);

 	    return -1;

-	} else {

-	    cmds++;

 	}

-	free(cmd_name);

-    }

+	if(!(gzh = gzdopen(desc, "rb"))) {

+	    logg("!cdiff_apply: Can't gzdopen descriptor %d\n", desc);

+	    close(desc);

+	    return -1;

+	}

+

+	while(gzgets(gzh, line, sizeof(line))) {

+	    lines++;

+	    cli_chomp(line);

-    fclose(fh);

+	    if(line[0] == '#' || !strlen(line))

+		continue;

+

+	    if(cdiff_execute(line, &ctx) == -1) {

+		logg("!cdiff_apply: Error executing command at line %d\n", lines);

+		cdiff_ctx_free(&ctx);

+		gzclose(gzh);

+		return -1;

+	    } else {

+		cmds++;

+	    }

+	}

+	gzclose(gzh);

+

+    } else { /* .script */

+

+	if(!(fh = fdopen(desc, "r"))) {

+	    logg("!cdiff_apply: fdopen() failed for descriptor %d\n", desc);

+	    close(desc);

+	    return -1;

+	}

+