Adding more informative output, including byte range and summary (@sf…

…lags). Adding in final signature check for append warning. Upping the version.
hackerfactor · Nov 11, 2024 · 199b7b4 · 199b7b4
1 parent d49cb32
commit 199b7b4
Show file tree

Hide file tree

Showing 15 changed files with 255 additions and 136 deletions.
diff --git a/TEST.sh b/TEST.sh
@@ -3,12 +3,15 @@
 rm -rf test
 mkdir test
 
+echo "##### Local Key Generation Test"
 for ka in rsa ec ; do
   # generate keys
   bin/sealtool -g --ka "$ka" -D "test/sign-$ka.dns" -k "test/sign-$ka.key" --genpass ''
 done # ka
 
 if [ 1 == 1 ] ; then
+echo ""
+echo "##### Format Test"
 for ka in rsa ec ; do
   # iterate over signing formats
   for sf in 'hex' 'HEX' 'base64' 'date3:hex' 'date3:HEX' 'date3:base64' ; do
@@ -46,8 +49,28 @@ for ka in rsa ec ; do
 done # ka
 fi
 
+### PNG options
+if [ 1 == 1 ] ; then
+echo ""
+echo "##### PNG Chunk Test"
+for opt in seAl sEAl sEAL seAL teXt ; do
+  i=regression/test-unsigned.png
+  ka=rsa
+    sf="date3:base64"
+    sfname=${sf/:/_}
+    j=${i/regression/test}
+      out=${j/-unsigned/-signed-local-pngchunk-$opt-$ka-$sfname}
+      echo ""
+      bin/sealtool -v -s -k "test/sign-$ka.key" --options "$opt" --ka "$ka" --dnsfile "test/sign-$ka.dns" --sf "$sf" -C "Sample Copyright" -c "Sample Comment" -o "$out" "$i"
+      echo ""
+      bin/sealtool -v --ka "$ka" --dnsfile "test/sign-$ka.dns" "$out"
+done
+fi
+
 ### Append
 if [ 1 == 1 ] ; then
+echo ""
+echo "##### Append Test"
 for ka in ec ; do
   for sf in 'date3:hex' ; do
     sfname=${sf/:/_}
@@ -79,15 +102,17 @@ fi
 ### Try manual fields
 if [ 1 == 1 ] ; then
 echo ""
+echo "##### Manual Test"
+echo ""
 echo "#### Non-standard JPEG comment"
-./SignManual.sh -Comment test/test-signed-comment.jpg
+./SignManual.sh -Comment test/test-signed-local-manual-comment.jpg
 
 echo ""
 echo "#### EXIF"
-./SignManual.sh -EXIF:seal test/test-signed-exif.jpg
+./SignManual.sh -EXIF:seal test/test-signed-local-manual-exif.jpg
 
 echo ""
 echo "#### XMP"
-./SignManual.sh -XMP:seal test/test-signed-comment.jpg
+./SignManual.sh -XMP:seal test/test-signed-local-manual-xmp.jpg
 fi
 
diff --git a/src/format-isobmff.cpp b/src/format-isobmff.cpp
@@ -300,7 +300,7 @@ sealfield *	Seal_BMFFsign	(sealfield *Args, mmapfile *MmapIn)
    Unless it is appending.
    *****/
   Args = SealDel(Args,"b");
-  if (SealGetCindex(Args,"@sflags",0)=='F') // if exists, then append
+  if (strchr(SealGetText(Args,"@sflags"),'F')) // if exists, then append
 	{
 	// if appending, overlap signatures to prevent insertion attacks.
 	Args = SealSetText(Args,"b","P");

diff --git a/src/format-jpeg.cpp b/src/format-jpeg.cpp
@@ -155,7 +155,7 @@ sealfield *     _JPEGblock   (sealfield *Args, uint16_t Tag)
    Unless it is appending.
    *****/
   Args = SealDel(Args,"b");
-  if (SealGetCindex(Args,"@sflags",0)=='F') // if exists, then append
+  if (strchr(SealGetText(Args,"@sflags"),'F')) // if exists, then append
 	{
 	// if appending, overlap signatures to prevent insertion attacks.
 	Args = SealSetText(Args,"b","P");

diff --git a/src/format-matroska.cpp b/src/format-matroska.cpp
@@ -199,7 +199,7 @@ sealfield *	Seal_Matroskasign	(sealfield *Args, mmapfile *MmapIn)
   Args = SealDel(Args,"@MatInsert"); // no longer needed
 
   Args = SealDel(Args,"b");
-  if (SealGetCindex(Args,"@sflags",0)=='F') // if exists, then append
+  if (strchr(SealGetText(Args,"@sflags"),'F')) // if exists, then append
 	{
 	// if appending, overlap signatures to prevent insertion attacks.
 	Args = SealSetText(Args,"b","P");

diff --git a/src/format-pdf.cpp b/src/format-pdf.cpp
@@ -334,7 +334,7 @@ sealfield *	Seal_PDFsign	(sealfield *Rec, mmapfile *MmapIn, size_t EOF_offset)
 	}
 
   // Check if file is finalized (abort if it is)
-  if (SealGetCindex(Rec,"@sflags",1)=='f')
+  if (strchr(SealGetText(Rec,"@sflags"),'F')) // if exists, then append
 	{
 	fprintf(stderr," ERROR: PDF is finalized; cannot sign. Aborting.\n");
 	exit(0x80);

diff --git a/src/format-png.cpp b/src/format-png.cpp
@@ -153,7 +153,7 @@ sealfield *	_PNGchunk	(sealfield *Args)
    Unless it is appending.
    *****/
   Args = SealDel(Args,"b");
-  if (SealGetCindex(Args,"@sflags",0)=='F') // if exists, then append
+  if (strchr(SealGetText(Args,"@sflags"),'F')) // if exists, then append
 	{
 	// if appending, overlap signatures to prevent insertion attacks.
 	Args = SealSetText(Args,"b","P");

diff --git a/src/format-ppm.cpp b/src/format-ppm.cpp
@@ -156,7 +156,7 @@ sealfield *	Seal_PPMsign	(sealfield *Args, mmapfile *MmapIn)
    Unless it is appending.
    *****/
   Args = SealDel(Args,"b");
-  if (SealGetCindex(Args,"@sflags",0)=='F') // if exists, then append
+  if (strchr(SealGetText(Args,"@sflags"),'F')) // if exists, then append
 	{
 	// if appending, overlap signatures to prevent insertion attacks.
 	Args = SealSetText(Args,"b","P");

diff --git a/src/format-riff.cpp b/src/format-riff.cpp
@@ -199,7 +199,7 @@ sealfield *	Seal_RIFFsign	(sealfield *Args, mmapfile *MmapIn)
    Unless it is appending.
    *****/
   Args = SealDel(Args,"b");
-  if (SealGetCindex(Args,"@sflags",0)=='F') // if exists, then append
+  if (strchr(SealGetText(Args,"@sflags"),'F')) // if exists, then append
 	{
 	// if appending, overlap signatures to prevent insertion attacks.
 	Args = SealSetText(Args,"b","P");

diff --git a/src/seal-parse.cpp b/src/seal-parse.cpp
@@ -526,7 +526,6 @@ sealfield *	SealParse	(size_t TextLen, const byte *Text, size_t Offset, sealfiel
 	  if (Args)
 	    {
 	    Rec = SealCopy2(Rec,"@p",Args,"@s"); // previous '@s' is now '@p'
-	    Rec = SealCopy2(Rec,"@sflags",Args,"@sflags"); // tell verifier the sflags
 	    Rec = SealCopy2(Rec,"@dnscachelast",Args,"@dnscachelast"); // use any cached DNS
 	    Rec = SealCopy2(Rec,"@public",Args,"@public"); // use any cached DNS
 	    Rec = SealCopy2(Rec,"@publicbin",Args,"@publicbin"); // use any cached DNS

diff --git a/src/seal.cpp b/src/seal.cpp
@@ -467,7 +467,7 @@ sealfield *	SealAddTextLen	(sealfield *vfhead, const char *Field, size_t ValueLe
     }
 
   // If not found, then set it!
-  if (!vf) { return(SealSetText(vfhead,Field,Value)); }
+  if (!vf) { return(SealSetTextLen(vfhead,Field,ValueLen,Value)); }
 
   // Found it! Reallocate space and append.
   if (ValueLen > 0)

diff --git a/src/seal.hpp b/src/seal.hpp
@@ -18,7 +18,7 @@
 #include <stdint.h>
 
 // Revise the version if there is any significant change
-#define SEAL_VERSION "0.0.6-beta"
+#define SEAL_VERSION "0.0.7-beta"
 
 #ifndef _GNU_SOURCE
     #define _GNU_SOURCE

diff --git a/src/sealtool.cpp b/src/sealtool.cpp
@@ -316,7 +316,9 @@ int main (int argc, char *argv[])
   // p and s are used with b to generate the hash.
   Args = SealSetIindex(Args,"@s",2,0); // sig offset in file [0]=start, [1]=end, [2]=number of signatures; default:zeros
   Args = SealSetIindex(Args,"@p",1,0); // previous sig offset in file [0]=start, [1]=end; default:[0,0]
-  Args = SealSetCindex(Args,"@sflags",2,0); // Flags: [0] has 'F', [1] has 'f'; set by SealDigest()
+  Args = SealSetText(Args,"@sflags"," "); // total range flags, set by SealDigest()
+  Args = SealSetText(Args,"@sflags0"," "); // starting range flags, set by SealDigest()
+  Args = SealSetText(Args,"@sflags1"," "); // ending range flags, set by SealDigest()
 
   // Read command-line
   int long_option_index;
@@ -568,7 +570,7 @@ int main (int argc, char *argv[])
 	{
 	ReturnCode |= 0x02; // at least one file has no signature
 	}
-    else // Check final
+    else if (Mode=='v') // Check final
 	{
 	SealVerifyFinal(Args);
 	}

diff --git a/src/sign-digest.cpp b/src/sign-digest.cpp
@@ -50,6 +50,7 @@ sealfield *	RangeErrorCheck	(sealfield *Rec, uint64_t sum[2], mmapfile *Mmap)
  This uses 'da', 'b', 's', and 'p' arguments.
  Computes the digest and stores binary data in @digest1.
  Stores the byte range in '@digestrange'.
+ Sets '@sflags0' and '@sflags1' to store summaries of range
  Any error messages are stored in @error.
  **************************************/
 sealfield *	SealDigest	(sealfield *Rec, mmapfile *Mmap)
@@ -68,6 +69,8 @@ sealfield *	SealDigest	(sealfield *Rec, mmapfile *Mmap)
   Rec = SealDel(Rec,"@digestrange");
   Rec = SealDel(Rec,"@digest1");
   Rec = SealDel(Rec,"@digest2");
+  Rec = SealDel(Rec,"@sflags0");
+  Rec = SealDel(Rec,"@sflags1");
 
   // Load parameters
   s = SealGetIarray(Rec,"@s"); // should always be set
@@ -143,45 +146,97 @@ sealfield *	SealDigest	(sealfield *Rec, mmapfile *Mmap)
       else { sum[1] += acc*Addsym; state=5; }
       Addsym=-1; acc=0;
       }
+
     else if (b[i]=='S') // start of current signature
       {
-      if (state < 3) { sum[0] += s[0]*Addsym; state=1; }
-      else { sum[1] += s[0]*Addsym; state=4; }
+      if (state < 3)
+	{
+	sum[0] += s[0]*Addsym; state=1;
+	Rec = SealAddC(Rec,"@sflags0",'S');
+	}
+      else
+	{
+	sum[1] += s[0]*Addsym; state=4;
+	Rec = SealAddC(Rec,"@sflags1",'S');
+	}
       acc=0;
       }
+
     else if (b[i]=='s') // end of current signature
       {
-      if (state < 3) { sum[0] += s[1]*Addsym; state=1; }
-      else { sum[1] += s[1]*Addsym; state=4; }
+      if (state < 3)
+	{
+	sum[0] += s[1]*Addsym; state=1;
+	Rec = SealAddC(Rec,"@sflags0",'s');
+	}
+      else
+	{
+	sum[1] += s[1]*Addsym; state=4;
+	Rec = SealAddC(Rec,"@sflags1",'s');
+	}
       acc=0;
       }
+
     else if (b[i]=='P') // start of previous signature
       {
-      if (state < 3) { sum[0] += p[0]*Addsym; state=1; }
-      else { sum[1] += p[0]*Addsym; state=4; }
-      Rec = SealSetCindex(Rec,"@sflags",2,'P'); // sig covers previous signature
+      if (state < 3)
+	{
+	sum[0] += p[0]*Addsym; state=1;
+	Rec = SealAddC(Rec,"@sflags0",'P');
+	}
+      else
+	{
+	sum[1] += p[0]*Addsym; state=4;
+	Rec = SealAddC(Rec,"@sflags1",'P');
+	}
       acc=0;
       }
+
     else if (b[i]=='p') // end of previous signature
       {
-      if (state < 3) { sum[0] += p[1]*Addsym; state=1; }
-      else { sum[1] += p[1]*Addsym; state=4; }
+      if (state < 3)
+	{
+	sum[0] += p[1]*Addsym; state=1;
+	Rec = SealAddC(Rec,"@sflags0",'p');
+	}
+      else
+	{
+	sum[1] += p[1]*Addsym; state=4;
+	Rec = SealAddC(Rec,"@sflags1",'p');
+	}
       acc=0;
       }
+
     else if (b[i]=='F') // start of file
       {
-      if (state < 3) { sum[0] += 0*Addsym; state=1; }
-      else { sum[1] += 0*Addsym; state=4; }
-      Rec = SealSetCindex(Rec,"@sflags",0,'F'); // sig covers start
+      if (state < 3)
+	{
+	sum[0] += 0*Addsym; state=1;
+	Rec = SealAddC(Rec,"@sflags0",'F');
+	}
+      else // end is relative to start?
+	{
+	sum[1] += 0*Addsym; state=4;
+	Rec = SealAddC(Rec,"@sflags1",'F');
+	}
       acc=0;
       }
+
     else if (b[i]=='f') // end of file
       {
-      if (state < 3) { sum[0] += Mmap->memsize*Addsym; state=1; }
-      else { sum[1] += Mmap->memsize*Addsym; state=4; }
-      Rec = SealSetCindex(Rec,"@sflags",1,'f'); // sig covers end
+      if (state < 3)
+	{
+	sum[0] += Mmap->memsize*Addsym; state=1;
+	Rec = SealAddC(Rec,"@sflags0",'f');
+	}
+      else
+	{
+	sum[1] += Mmap->memsize*Addsym; state=4;
+	Rec = SealAddC(Rec,"@sflags1",'f');
+	}
       acc=0;
       }
+
     else if (isdigit(b[i])) // numeric offset
       {
       // add digit to accumulator
@@ -296,11 +351,6 @@ sealfield *	SealDigest	(sealfield *Rec, mmapfile *Mmap)
 
 Abort:
   EVP_MD_CTX_free(ctx64);
-#if 0
-  DEBUGSHOW("s",SealSearch(Rec,"@s"));
-  DEBUGSHOW("p",SealSearch(Rec,"@p"));
-  DEBUGSHOW(b,SealSearch(Rec,"@digestrange"));
-#endif
   return(Rec);
 } /* SealDigest() */
 

diff --git a/src/sign-sign.cpp b/src/sign-sign.cpp
@@ -38,7 +38,7 @@ mmapfile *	SealInsert	(sealfield *Rec, mmapfile *MmapIn, size_t InsertOffset)
   if (!block) { return(NULL); } // missing block! (called wrong)
 
   // Check if file is finalized (abort if it is)
-  if (SealGetCindex(Rec,"@sflags",1)=='f')
+  if (strchr(SealGetText(Rec,"@sflags"),'f'))
 	{
 	fprintf(stderr," ERROR: File is finalized; cannot sign. Skipping.\n");
 	return(NULL);
@@ -105,7 +105,7 @@ bool	SealSign	(sealfield *Rec, mmapfile *MmapOut)
   if (!fname || !fname[0]) { return(NULL); } // not signing
 
   // Check if file is finalized (abort if it is)
-  if (SealGetCindex(Rec,"@sflags",1)=='f')
+  if (strchr(SealGetText(Rec,"@sflags"),'f'))
 	{
 	fprintf(stderr," ERROR: File is finalized; cannot sign. Aborting.\n");
 	exit(0x80);