| @@ -72,38 +72,39 @@ typedef struct pgpv_fingerprint_t { | | | @@ -72,38 +72,39 @@ typedef struct pgpv_fingerprint_t { |
72 | uint8_t v[PGPV_MAX_HASH_LEN]; /* the digest */ | | 72 | uint8_t v[PGPV_MAX_HASH_LEN]; /* the digest */ |
73 | uint32_t len; /* its length */ | | 73 | uint32_t len; /* its length */ |
74 | } pgpv_fingerprint_t; | | 74 | } pgpv_fingerprint_t; |
75 | | | 75 | |
76 | /* specify size for array of bignums */ | | 76 | /* specify size for array of bignums */ |
77 | #define PGPV_MAX_PUBKEY_BN 4 | | 77 | #define PGPV_MAX_PUBKEY_BN 4 |
78 | | | 78 | |
79 | /* public key */ | | 79 | /* public key */ |
80 | typedef struct pgpv_pubkey_t { | | 80 | typedef struct pgpv_pubkey_t { |
81 | pgpv_fingerprint_t fingerprint; /* key fingerprint i.e. digest */ | | 81 | pgpv_fingerprint_t fingerprint; /* key fingerprint i.e. digest */ |
82 | uint8_t keyid[PGPV_KEYID_LEN]; /* last 8 bytes of v4 keys */ | | 82 | uint8_t keyid[PGPV_KEYID_LEN]; /* last 8 bytes of v4 keys */ |
83 | int64_t birth; /* creation time */ | | 83 | int64_t birth; /* creation time */ |
84 | int64_t expiry; /* expiry time */ | | 84 | int64_t expiry; /* expiry time */ |
85 | pgpv_bignum_t bn[PGPV_MAX_PUBKEY_BN]; /* bignums */ | | 85 | pgpv_bignum_t bn[PGPV_MAX_PUBKEY_BN]; /* bignums */ |
86 | uint8_t keyalg; /* key algorithm */ | | 86 | uint8_t keyalg; /* key algorithm */ |
87 | uint8_t hashalg; /* hash algorithm */ | | 87 | uint8_t hashalg; /* hash algorithm */ |
88 | uint8_t version; /* key version */ | | 88 | uint8_t version; /* key version */ |
89 | } pgpv_pubkey_t; | | 89 | } pgpv_pubkey_t; |
90 | | | 90 | |
91 | #define PGPV_MAX_SESSKEY_BN 2 | | 91 | #define PGPV_MAX_SESSKEY_BN 2 |
92 | | | 92 | |
93 | /* a (size, byte array) string */ | | 93 | /* a (size, byte array) string */ |
94 | typedef struct pgpv_string_t { | | 94 | typedef struct pgpv_string_t { |
95 | size_t size; | | 95 | size_t size; |
96 | uint8_t *data; | | 96 | uint8_t *data; |
| | | 97 | uint8_t allocated; |
97 | } pgpv_string_t; | | 98 | } pgpv_string_t; |
98 | | | 99 | |
99 | typedef struct pgpv_ref_t { | | 100 | typedef struct pgpv_ref_t { |
100 | void *vp; | | 101 | void *vp; |
101 | size_t offset; | | 102 | size_t offset; |
102 | unsigned mem; | | 103 | unsigned mem; |
103 | } pgpv_ref_t; | | 104 | } pgpv_ref_t; |
104 | | | 105 | |
105 | #define PGPV_MAX_SECKEY_BN 4 | | 106 | #define PGPV_MAX_SECKEY_BN 4 |
106 | | | 107 | |
107 | typedef struct pgpv_compress_t { | | 108 | typedef struct pgpv_compress_t { |
108 | pgpv_string_t s; | | 109 | pgpv_string_t s; |
109 | uint8_t compalg; | | 110 | uint8_t compalg; |
| @@ -115,27 +116,27 @@ typedef struct pgpv_trust_t { | | | @@ -115,27 +116,27 @@ typedef struct pgpv_trust_t { |
115 | uint8_t amount; | | 116 | uint8_t amount; |
116 | } pgpv_trust_t; | | 117 | } pgpv_trust_t; |
117 | | | 118 | |
118 | /* a signature sub packet */ | | 119 | /* a signature sub packet */ |
119 | typedef struct pgpv_sigsubpkt_t { | | 120 | typedef struct pgpv_sigsubpkt_t { |
120 | pgpv_string_t s; | | 121 | pgpv_string_t s; |
121 | uint8_t tag; | | 122 | uint8_t tag; |
122 | uint8_t critical; | | 123 | uint8_t critical; |
123 | } pgpv_sigsubpkt_t; | | 124 | } pgpv_sigsubpkt_t; |
124 | | | 125 | |
125 | #define PGPV_MAX_SIG_BN 2 | | 126 | #define PGPV_MAX_SIG_BN 2 |
126 | | | 127 | |
127 | typedef struct pgpv_signature_t { | | 128 | typedef struct pgpv_signature_t { |
128 | uint8_t *signer; /* key id of signer */ | | 129 | uint8_t signer[PGPV_KEYID_LEN]; /* key id of signer */ |
129 | pgpv_ref_t hashstart; | | 130 | pgpv_ref_t hashstart; |
130 | uint8_t *hash2; | | 131 | uint8_t *hash2; |
131 | uint8_t *mpi; | | 132 | uint8_t *mpi; |
132 | int64_t birth; | | 133 | int64_t birth; |
133 | int64_t keyexpiry; | | 134 | int64_t keyexpiry; |
134 | int64_t expiry; | | 135 | int64_t expiry; |
135 | uint32_t hashlen; | | 136 | uint32_t hashlen; |
136 | uint8_t version; | | 137 | uint8_t version; |
137 | uint8_t type; | | 138 | uint8_t type; |
138 | uint8_t keyalg; | | 139 | uint8_t keyalg; |
139 | uint8_t hashalg; | | 140 | uint8_t hashalg; |
140 | uint8_t trustlevel; | | 141 | uint8_t trustlevel; |
141 | uint8_t trustamount; | | 142 | uint8_t trustamount; |
| @@ -155,42 +156,42 @@ typedef struct pgpv_signature_t { | | | @@ -155,42 +156,42 @@ typedef struct pgpv_signature_t { |
155 | uint8_t pref_compress_alg; | | 156 | uint8_t pref_compress_alg; |
156 | uint8_t key_server_modify; | | 157 | uint8_t key_server_modify; |
157 | uint8_t notation; | | 158 | uint8_t notation; |
158 | uint8_t type_key; | | 159 | uint8_t type_key; |
159 | uint8_t primary_userid; | | 160 | uint8_t primary_userid; |
160 | uint8_t revoked; /* subtract 1 to get real reason, 0 == not revoked */ | | 161 | uint8_t revoked; /* subtract 1 to get real reason, 0 == not revoked */ |
161 | } pgpv_signature_t; | | 162 | } pgpv_signature_t; |
162 | | | 163 | |
163 | /* a signature packet */ | | 164 | /* a signature packet */ |
164 | typedef struct pgpv_sigpkt_t { | | 165 | typedef struct pgpv_sigpkt_t { |
165 | pgpv_signature_t sig; | | 166 | pgpv_signature_t sig; |
166 | uint16_t subslen; | | 167 | uint16_t subslen; |
167 | uint16_t unhashlen; | | 168 | uint16_t unhashlen; |
168 | PGPV_ARRAY(pgpv_sigsubpkt_t, subpkts); | | 169 | PGPV_ARRAY(uint64_t, subpackets); |
169 | } pgpv_sigpkt_t; | | 170 | } pgpv_sigpkt_t; |
170 | | | 171 | |
171 | /* a one-pass signature packet */ | | 172 | /* a one-pass signature packet */ |
172 | typedef struct pgpv_onepass_t { | | 173 | typedef struct pgpv_onepass_t { |
173 | uint8_t keyid[PGPV_KEYID_LEN]; | | 174 | uint8_t keyid[PGPV_KEYID_LEN]; |
174 | uint8_t version; | | 175 | uint8_t version; |
175 | uint8_t type; | | 176 | uint8_t type; |
176 | uint8_t hashalg; | | 177 | uint8_t hashalg; |
177 | uint8_t keyalg; | | 178 | uint8_t keyalg; |
178 | uint8_t nested; | | 179 | uint8_t nested; |
179 | } pgpv_onepass_t; | | 180 | } pgpv_onepass_t; |
180 | | | 181 | |
181 | /* a literal data packet */ | | 182 | /* a literal data packet */ |
182 | typedef struct pgpv_litdata_t { | | 183 | typedef struct pgpv_litdata_t { |
183 | uint8_t *filename; | | 184 | pgpv_string_t filename; |
184 | pgpv_string_t s; | | 185 | pgpv_string_t s; |
185 | uint32_t secs; | | 186 | uint32_t secs; |
186 | uint8_t namelen; | | 187 | uint8_t namelen; |
187 | char format; | | 188 | char format; |
188 | unsigned mem; | | 189 | unsigned mem; |
189 | size_t offset; | | 190 | size_t offset; |
190 | size_t len; | | 191 | size_t len; |
191 | } pgpv_litdata_t; | | 192 | } pgpv_litdata_t; |
192 | | | 193 | |
193 | /* user attributes - images */ | | 194 | /* user attributes - images */ |
194 | typedef struct pgpv_userattr_t { | | 195 | typedef struct pgpv_userattr_t { |
195 | size_t len; | | 196 | size_t len; |
196 | PGPV_ARRAY(pgpv_string_t, subattrs); | | 197 | PGPV_ARRAY(pgpv_string_t, subattrs); |
| @@ -220,79 +221,85 @@ typedef struct pgpv_pkt_t { | | | @@ -220,79 +221,85 @@ typedef struct pgpv_pkt_t { |
220 | typedef struct pgpv_mem_t { | | 221 | typedef struct pgpv_mem_t { |
221 | size_t size; | | 222 | size_t size; |
222 | size_t cc; | | 223 | size_t cc; |
223 | uint8_t *mem; | | 224 | uint8_t *mem; |
224 | FILE *fp; | | 225 | FILE *fp; |
225 | uint8_t dealloc; | | 226 | uint8_t dealloc; |
226 | const char *allowed; /* the types of packet that are allowed */ | | 227 | const char *allowed; /* the types of packet that are allowed */ |
227 | } pgpv_mem_t; | | 228 | } pgpv_mem_t; |
228 | | | 229 | |
229 | /* packet parser */ | | 230 | /* packet parser */ |
230 | | | 231 | |
231 | typedef struct pgpv_signed_userid_t { | | 232 | typedef struct pgpv_signed_userid_t { |
232 | pgpv_string_t userid; | | 233 | pgpv_string_t userid; |
233 | PGPV_ARRAY(pgpv_signature_t, sigs); | | 234 | PGPV_ARRAY(uint64_t, signatures); |
234 | uint8_t primary_userid; | | 235 | uint8_t primary_userid; |
235 | uint8_t revoked; | | 236 | uint8_t revoked; |
236 | } pgpv_signed_userid_t; | | 237 | } pgpv_signed_userid_t; |
237 | | | 238 | |
238 | typedef struct pgpv_signed_userattr_t { | | 239 | typedef struct pgpv_signed_userattr_t { |
239 | pgpv_userattr_t userattr; | | 240 | pgpv_userattr_t userattr; |
240 | PGPV_ARRAY(pgpv_signature_t, sigs); | | 241 | PGPV_ARRAY(uint64_t, signatures); |
241 | uint8_t revoked; | | 242 | uint8_t revoked; |
242 | } pgpv_signed_userattr_t; | | 243 | } pgpv_signed_userattr_t; |
243 | | | 244 | |
244 | typedef struct pgpv_signed_subkey_t { | | 245 | typedef struct pgpv_signed_subkey_t { |
245 | pgpv_pubkey_t subkey; | | 246 | pgpv_pubkey_t subkey; |
246 | pgpv_signature_t revoc_self_sig; | | 247 | pgpv_signature_t revoc_self_sig; |
247 | PGPV_ARRAY(pgpv_signature_t, sigs); | | 248 | PGPV_ARRAY(uint64_t, signatures); |
248 | } pgpv_signed_subkey_t; | | 249 | } pgpv_signed_subkey_t; |
249 | | | 250 | |
250 | typedef struct pgpv_primarykey_t { | | 251 | typedef struct pgpv_primarykey_t { |
251 | pgpv_pubkey_t primary; | | 252 | pgpv_pubkey_t primary; |
252 | pgpv_signature_t revoc_self_sig; | | 253 | pgpv_signature_t revoc_self_sig; |
253 | PGPV_ARRAY(pgpv_signature_t, direct_sigs); | | 254 | PGPV_ARRAY(uint64_t, signatures); |
254 | PGPV_ARRAY(pgpv_signed_userid_t, signed_userids); | | 255 | PGPV_ARRAY(uint64_t, signed_userids); |
255 | PGPV_ARRAY(pgpv_signed_userattr_t, signed_userattrs); | | 256 | PGPV_ARRAY(uint64_t, signed_userattrs); |
256 | PGPV_ARRAY(pgpv_signed_subkey_t, signed_subkeys); | | 257 | PGPV_ARRAY(uint64_t, signed_subkeys); |
257 | size_t fmtsize; | | 258 | size_t fmtsize; |
258 | uint8_t primary_userid; | | 259 | uint8_t primary_userid; |
259 | } pgpv_primarykey_t; | | 260 | } pgpv_primarykey_t; |
260 | | | 261 | |
261 | /* everything stems from this structure */ | | 262 | /* everything stems from this structure */ |
262 | typedef struct pgpv_t { | | 263 | typedef struct pgpv_t { |
263 | PGPV_ARRAY(pgpv_pkt_t, pkts); /* packet array */ | | 264 | PGPV_ARRAY(pgpv_pkt_t, pkts); /* packet array */ |
264 | PGPV_ARRAY(pgpv_primarykey_t, primaries); /* array of primary keys */ | | 265 | PGPV_ARRAY(pgpv_primarykey_t, primaries); /* array of primary keys */ |
265 | PGPV_ARRAY(pgpv_mem_t, areas); /* areas we read packets from */ | | 266 | PGPV_ARRAY(pgpv_mem_t, areas); /* areas we read packets from */ |
266 | PGPV_ARRAY(size_t, datastarts); /* starts of data packets */ | | 267 | PGPV_ARRAY(size_t, datastarts); /* starts of data packets */ |
| | | 268 | PGPV_ARRAY(pgpv_signature_t, signatures); /* all signatures */ |
| | | 269 | PGPV_ARRAY(pgpv_signed_userid_t, signed_userids); /* all signed userids */ |
| | | 270 | PGPV_ARRAY(pgpv_signed_userattr_t, signed_userattrs); /* all signed user attrs */ |
| | | 271 | PGPV_ARRAY(pgpv_signed_subkey_t, signed_subkeys); /* all signed subkeys */ |
| | | 272 | PGPV_ARRAY(pgpv_sigsubpkt_t, subpkts); /* all sub packets */ |
267 | size_t pkt; /* when parsing, current pkt number */ | | 273 | size_t pkt; /* when parsing, current pkt number */ |
268 | const char *op; /* the operation we're doing */ | | 274 | const char *op; /* the operation we're doing */ |
269 | unsigned ssh; /* using ssh keys */ | | 275 | unsigned ssh; /* using ssh keys */ |
270 | } pgpv_t; | | 276 | } pgpv_t; |
271 | | | 277 | |
272 | #define PGPV_REASON_LEN 128 | | 278 | #define PGPV_REASON_LEN 128 |
273 | | | 279 | |
274 | /* when searching, we define a cursor, and fill in an array of subscripts */ | | 280 | /* when searching, we define a cursor, and fill in an array of subscripts */ |
275 | typedef struct pgpv_cursor_t { | | 281 | typedef struct pgpv_cursor_t { |
276 | pgpv_t *pgp; /* pointer to pgp tree */ | | 282 | pgpv_t *pgp; /* pointer to pgp tree */ |
277 | char *field; /* field we're searching on */ | | 283 | char *field; /* field we're searching on */ |
278 | char *op; /* operation we're doing */ | | 284 | char *op; /* operation we're doing */ |
279 | char *value; /* value we're searching for */ | | 285 | char *value; /* value we're searching for */ |
280 | void *ptr; /* for regexps etc */ | | 286 | void *ptr; /* for regexps etc */ |
281 | PGPV_ARRAY(uint32_t, found); /* array of matched pimary key subscripts */ | | 287 | PGPV_ARRAY(uint32_t, found); /* array of matched pimary key subscripts */ |
282 | PGPV_ARRAY(size_t, datacookies); /* cookies to retrieve matched data */ | | 288 | PGPV_ARRAY(size_t, datacookies); /* cookies to retrieve matched data */ |
283 | int64_t sigtime; /* time of signature */ | | 289 | int64_t sigtime; /* time of signature */ |
284 | char why[PGPV_REASON_LEN]; /* reason for bad signature */ | | 290 | char why[PGPV_REASON_LEN]; /* reason for bad signature */ |
285 | } pgpv_cursor_t; | | 291 | } pgpv_cursor_t; |
| | | 292 | |
286 | #ifndef USE_ARG | | 293 | #ifndef USE_ARG |
287 | #define USE_ARG(x) /*LINTED*/(void)&(x) | | 294 | #define USE_ARG(x) /*LINTED*/(void)&(x) |
288 | #endif | | 295 | #endif |
289 | | | 296 | |
290 | #ifndef __dead | | 297 | #ifndef __dead |
291 | #define __dead __attribute__((__noreturn__)) | | 298 | #define __dead __attribute__((__noreturn__)) |
292 | #endif | | 299 | #endif |
293 | | | 300 | |
294 | #ifndef __printflike | | 301 | #ifndef __printflike |
295 | #define __printflike(n, m) __attribute__((format(printf,n,m))) | | 302 | #define __printflike(n, m) __attribute__((format(printf,n,m))) |
296 | #endif | | 303 | #endif |
297 | | | 304 | |
298 | #ifndef MIN | | 305 | #ifndef MIN |
| @@ -1054,42 +1061,43 @@ read_signature_mpis(pgpv_sigpkt_t *sigpk | | | @@ -1054,42 +1061,43 @@ read_signature_mpis(pgpv_sigpkt_t *sigpk |
1054 | printf("sigpkt->version %d, dsa/elgamal sig weird\n", sigpkt->sig.version); | | 1061 | printf("sigpkt->version %d, dsa/elgamal sig weird\n", sigpkt->sig.version); |
1055 | return 0; | | 1062 | return 0; |
1056 | } | | 1063 | } |
1057 | break; | | 1064 | break; |
1058 | default: | | 1065 | default: |
1059 | printf("weird type of sig! %d\n", sigpkt->sig.keyalg); | | 1066 | printf("weird type of sig! %d\n", sigpkt->sig.keyalg); |
1060 | return 0; | | 1067 | return 0; |
1061 | } | | 1068 | } |
1062 | return 1; | | 1069 | return 1; |
1063 | } | | 1070 | } |
1064 | | | 1071 | |
1065 | /* add the signature sub packet to the signature packet */ | | 1072 | /* add the signature sub packet to the signature packet */ |
1066 | static int | | 1073 | static int |
1067 | add_subpacket(pgpv_sigpkt_t *sigpkt, uint8_t tag, uint8_t *p, uint16_t len) | | 1074 | add_subpacket(pgpv_t *pgp, pgpv_sigpkt_t *sigpkt, uint8_t tag, uint8_t *p, uint16_t len) |
1068 | { | | 1075 | { |
1069 | pgpv_sigsubpkt_t subpkt; | | 1076 | pgpv_sigsubpkt_t subpkt; |
1070 | | | 1077 | |
1071 | memset(&subpkt, 0x0, sizeof(subpkt)); | | 1078 | memset(&subpkt, 0x0, sizeof(subpkt)); |
1072 | subpkt.s.size = len; | | 1079 | subpkt.s.size = len; |
1073 | subpkt.critical = 0; | | 1080 | subpkt.critical = 0; |
1074 | subpkt.tag = tag; | | 1081 | subpkt.tag = tag; |
1075 | subpkt.s.data = p; | | 1082 | subpkt.s.data = p; |
1076 | ARRAY_APPEND(sigpkt->subpkts, subpkt); | | 1083 | ARRAY_APPEND(sigpkt->subpackets, ARRAY_COUNT(pgp->subpkts)); |
| | | 1084 | ARRAY_APPEND(pgp->subpkts, subpkt); |
1077 | return 1; | | 1085 | return 1; |
1078 | } | | 1086 | } |
1079 | | | 1087 | |
1080 | /* read the subpackets in the signature */ | | 1088 | /* read the subpackets in the signature */ |
1081 | static int | | 1089 | static int |
1082 | read_sig_subpackets(pgpv_sigpkt_t *sigpkt, uint8_t *p, size_t pktlen) | | 1090 | read_sig_subpackets(pgpv_t *pgp, pgpv_sigpkt_t *sigpkt, uint8_t *p, size_t pktlen) |
1083 | { | | 1091 | { |
1084 | pgpv_sigsubpkt_t subpkt; | | 1092 | pgpv_sigsubpkt_t subpkt; |
1085 | const int is_subpkt = 0; | | 1093 | const int is_subpkt = 0; |
1086 | unsigned lenlen; | | 1094 | unsigned lenlen; |
1087 | unsigned i; | | 1095 | unsigned i; |
1088 | uint8_t *start; | | 1096 | uint8_t *start; |
1089 | | | 1097 | |
1090 | start = p; | | 1098 | start = p; |
1091 | for (i = 0 ; (unsigned)(p - start) < sigpkt->subslen ; i++) { | | 1099 | for (i = 0 ; (unsigned)(p - start) < sigpkt->subslen ; i++) { |
1092 | memset(&subpkt, 0x0, sizeof(subpkt)); | | 1100 | memset(&subpkt, 0x0, sizeof(subpkt)); |
1093 | subpkt.s.size = get_pkt_len(1, p, 0, is_subpkt); | | 1101 | subpkt.s.size = get_pkt_len(1, p, 0, is_subpkt); |
1094 | lenlen = get_pkt_len_len(1, p, is_subpkt); | | 1102 | lenlen = get_pkt_len_len(1, p, is_subpkt); |
1095 | if (lenlen > pktlen) { | | 1103 | if (lenlen > pktlen) { |
| @@ -1101,30 +1109,30 @@ read_sig_subpackets(pgpv_sigpkt_t *sigpk | | | @@ -1101,30 +1109,30 @@ read_sig_subpackets(pgpv_sigpkt_t *sigpk |
1101 | subpkt.tag = (*p & SUBPKT_TAG_MASK); | | 1109 | subpkt.tag = (*p & SUBPKT_TAG_MASK); |
1102 | p += 1; | | 1110 | p += 1; |
1103 | switch(subpkt.tag) { | | 1111 | switch(subpkt.tag) { |
1104 | case SUBPKT_SIG_BIRTH: | | 1112 | case SUBPKT_SIG_BIRTH: |
1105 | sigpkt->sig.birth = (int64_t)get_32(p); | | 1113 | sigpkt->sig.birth = (int64_t)get_32(p); |
1106 | break; | | 1114 | break; |
1107 | case SUBPKT_SIG_EXPIRY: | | 1115 | case SUBPKT_SIG_EXPIRY: |
1108 | sigpkt->sig.expiry = (int64_t)get_32(p); | | 1116 | sigpkt->sig.expiry = (int64_t)get_32(p); |
1109 | break; | | 1117 | break; |
1110 | case SUBPKT_KEY_EXPIRY: | | 1118 | case SUBPKT_KEY_EXPIRY: |
1111 | sigpkt->sig.keyexpiry = (int64_t)get_32(p); | | 1119 | sigpkt->sig.keyexpiry = (int64_t)get_32(p); |
1112 | break; | | 1120 | break; |
1113 | case SUBPKT_ISSUER: | | 1121 | case SUBPKT_ISSUER: |
1114 | sigpkt->sig.signer = p; | | 1122 | memcpy(sigpkt->sig.signer, p, sizeof(sigpkt->sig.signer)); |
1115 | break; | | 1123 | break; |
1116 | case SUBPKT_SIGNER_ID: | | 1124 | case SUBPKT_SIGNER_ID: |
1117 | sigpkt->sig.signer = p; | | 1125 | memcpy(sigpkt->sig.signer, p, sizeof(sigpkt->sig.signer)); |
1118 | break; | | 1126 | break; |
1119 | case SUBPKT_TRUST_SIG: | | 1127 | case SUBPKT_TRUST_SIG: |
1120 | sigpkt->sig.trustsig = *p; | | 1128 | sigpkt->sig.trustsig = *p; |
1121 | break; | | 1129 | break; |
1122 | case SUBPKT_REGEXP: | | 1130 | case SUBPKT_REGEXP: |
1123 | sigpkt->sig.regexp = (char *)(void *)p; | | 1131 | sigpkt->sig.regexp = (char *)(void *)p; |
1124 | break; | | 1132 | break; |
1125 | case SUBPKT_REVOCABLE: | | 1133 | case SUBPKT_REVOCABLE: |
1126 | sigpkt->sig.revocable = *p; | | 1134 | sigpkt->sig.revocable = *p; |
1127 | break; | | 1135 | break; |
1128 | case SUBPKT_PREF_SYMMETRIC_ALG: | | 1136 | case SUBPKT_PREF_SYMMETRIC_ALG: |
1129 | sigpkt->sig.pref_symm_alg = *p; | | 1137 | sigpkt->sig.pref_symm_alg = *p; |
1130 | break; | | 1138 | break; |
| @@ -1160,76 +1168,79 @@ read_sig_subpackets(pgpv_sigpkt_t *sigpk | | | @@ -1160,76 +1168,79 @@ read_sig_subpackets(pgpv_sigpkt_t *sigpk |
1160 | case SUBPKT_FEATURES: | | 1168 | case SUBPKT_FEATURES: |
1161 | sigpkt->sig.features = (char *)(void *)p; | | 1169 | sigpkt->sig.features = (char *)(void *)p; |
1162 | break; | | 1170 | break; |
1163 | case SUBPKT_REVOCATION_REASON: | | 1171 | case SUBPKT_REVOCATION_REASON: |
1164 | sigpkt->sig.revoked = *p++ + 1; | | 1172 | sigpkt->sig.revoked = *p++ + 1; |
1165 | sigpkt->sig.why_revoked = (char *)(void *)p; | | 1173 | sigpkt->sig.why_revoked = (char *)(void *)p; |
1166 | break; | | 1174 | break; |
1167 | default: | | 1175 | default: |
1168 | printf("Ignoring unusual/reserved signature subpacket %d\n", subpkt.tag); | | 1176 | printf("Ignoring unusual/reserved signature subpacket %d\n", subpkt.tag); |
1169 | break; | | 1177 | break; |
1170 | } | | 1178 | } |
1171 | subpkt.s.data = p; | | 1179 | subpkt.s.data = p; |
1172 | p += subpkt.s.size - 1; | | 1180 | p += subpkt.s.size - 1; |
1173 | ARRAY_APPEND(sigpkt->subpkts, subpkt); | | 1181 | ARRAY_APPEND(sigpkt->subpackets, ARRAY_COUNT(pgp->subpkts)); |
| | | 1182 | ARRAY_APPEND(pgp->subpkts, subpkt); |
1174 | } | | 1183 | } |
1175 | return 1; | | 1184 | return 1; |
1176 | } | | 1185 | } |
1177 | | | 1186 | |
1178 | /* parse signature packet */ | | 1187 | /* parse signature packet */ |
1179 | static int | | 1188 | static int |
1180 | read_sigpkt(pgpv_t *pgp, uint8_t mement, pgpv_sigpkt_t *sigpkt, uint8_t *p, size_t pktlen) | | 1189 | read_sigpkt(pgpv_t *pgp, uint8_t mement, pgpv_sigpkt_t *sigpkt, uint8_t *p, size_t pktlen) |
1181 | { | | 1190 | { |
1182 | unsigned lenlen; | | 1191 | unsigned lenlen; |
1183 | uint8_t *base; | | 1192 | uint8_t *base; |
1184 | | | 1193 | |
1185 | make_ref(pgp, mement, &sigpkt->sig.hashstart); | | 1194 | make_ref(pgp, mement, &sigpkt->sig.hashstart); |
1186 | base = p; | | 1195 | base = p; |
1187 | switch(sigpkt->sig.version = *p++) { | | 1196 | switch(sigpkt->sig.version = *p++) { |
1188 | case 2: | | 1197 | case 2: |
1189 | case 3: | | 1198 | case 3: |
1190 | if ((lenlen = *p++) != 5) { | | 1199 | if ((lenlen = *p++) != 5) { |
1191 | printf("read_sigpkt: hashed length not 5\n"); | | 1200 | printf("read_sigpkt: hashed length not 5\n"); |
1192 | return 0; | | 1201 | return 0; |
1193 | } | | 1202 | } |
1194 | sigpkt->sig.hashlen = lenlen; | | 1203 | sigpkt->sig.hashlen = lenlen; |
1195 | /* put birthtime into a subpacket */ | | 1204 | /* put birthtime into a subpacket */ |
1196 | sigpkt->sig.type = *p++; | | 1205 | sigpkt->sig.type = *p++; |
1197 | add_subpacket(sigpkt, SUBPKT_SIG_BIRTH, p, sizeof(uint32_t)); | | 1206 | add_subpacket(pgp, sigpkt, SUBPKT_SIG_BIRTH, p, sizeof(uint32_t)); |
1198 | sigpkt->sig.birth = (int64_t)get_32(p); | | 1207 | sigpkt->sig.birth = (int64_t)get_32(p); |
1199 | p += sizeof(uint32_t); | | 1208 | p += sizeof(uint32_t); |
1200 | sigpkt->sig.signer = p; | | 1209 | memcpy(sigpkt->sig.signer, p, sizeof(sigpkt->sig.signer)); |
1201 | add_subpacket(sigpkt, SUBPKT_SIGNER_ID, p, PGPV_KEYID_LEN); | | 1210 | add_subpacket(pgp, sigpkt, SUBPKT_SIGNER_ID, p, PGPV_KEYID_LEN); |
1202 | p += PGPV_KEYID_LEN; | | 1211 | p += PGPV_KEYID_LEN; |
1203 | sigpkt->sig.keyalg = *p++; | | 1212 | sigpkt->sig.keyalg = *p++; |
1204 | sigpkt->sig.hashalg = *p++; | | 1213 | sigpkt->sig.hashalg = *p++; |
1205 | sigpkt->sig.hash2 = p; | | 1214 | sigpkt->sig.hash2 = p; |
1206 | if (!read_signature_mpis(sigpkt, sigpkt->sig.mpi = p + 2, pktlen)) { | | 1215 | if (!read_signature_mpis(sigpkt, sigpkt->sig.mpi = p + 2, pktlen)) { |
1207 | printf("read_sigpkt: can't read sigs v3\n"); | | 1216 | printf("read_sigpkt: can't read sigs v3\n"); |
1208 | return 0; | | 1217 | return 0; |
1209 | } | | 1218 | } |
1210 | break; | | 1219 | break; |
1211 | case 4: | | 1220 | case 4: |
1212 | sigpkt->sig.type = *p++; | | 1221 | sigpkt->sig.type = *p++; |
1213 | sigpkt->sig.keyalg = *p++; | | 1222 | sigpkt->sig.keyalg = *p++; |
1214 | sigpkt->sig.hashalg = *p++; | | 1223 | sigpkt->sig.hashalg = *p++; |
1215 | sigpkt->subslen = get_16(p); | | 1224 | sigpkt->subslen = get_16(p); |
1216 | p += sizeof(sigpkt->subslen); | | 1225 | p += sizeof(sigpkt->subslen); |
1217 | if (!read_sig_subpackets(sigpkt, p, pktlen)) { | | 1226 | if (!read_sig_subpackets(pgp, sigpkt, p, pktlen)) { |
1218 | printf("read_sigpkt: can't read sig subpackets, v4\n"); | | 1227 | printf("read_sigpkt: can't read sig subpackets, v4\n"); |
1219 | return 0; | | 1228 | return 0; |
1220 | } | | 1229 | } |
1221 | if (!sigpkt->sig.signer) { | | 1230 | if (sigpkt->sig.signer[0] == 0x0) { |
1222 | sigpkt->sig.signer = get_ref(&sigpkt->sig.hashstart) + 16; | | 1231 | memcpy(sigpkt->sig.signer, |
| | | 1232 | get_ref(&sigpkt->sig.hashstart) + 16, |
| | | 1233 | sizeof(sigpkt->sig.signer)); |
1223 | } | | 1234 | } |
1224 | p += sigpkt->subslen; | | 1235 | p += sigpkt->subslen; |
1225 | sigpkt->sig.hashlen = (unsigned)(p - base); | | 1236 | sigpkt->sig.hashlen = (unsigned)(p - base); |
1226 | sigpkt->unhashlen = get_16(p); | | 1237 | sigpkt->unhashlen = get_16(p); |
1227 | p += sizeof(sigpkt->unhashlen) + sigpkt->unhashlen; | | 1238 | p += sizeof(sigpkt->unhashlen) + sigpkt->unhashlen; |
1228 | sigpkt->sig.hash2 = p; | | 1239 | sigpkt->sig.hash2 = p; |
1229 | if (!read_signature_mpis(sigpkt, sigpkt->sig.mpi = p + 2, pktlen)) { | | 1240 | if (!read_signature_mpis(sigpkt, sigpkt->sig.mpi = p + 2, pktlen)) { |
1230 | printf("read_sigpkt: can't read sigs, v4\n"); | | 1241 | printf("read_sigpkt: can't read sigs, v4\n"); |
1231 | return 0; | | 1242 | return 0; |
1232 | } | | 1243 | } |
1233 | break; | | 1244 | break; |
1234 | default: | | 1245 | default: |
1235 | printf("read_sigpkt: unusual signature version (%u)\n", sigpkt->sig.version); | | 1246 | printf("read_sigpkt: unusual signature version (%u)\n", sigpkt->sig.version); |
| @@ -1433,28 +1444,29 @@ read_litdata(pgpv_t *pgp, pgpv_litdata_t | | | @@ -1433,28 +1444,29 @@ read_litdata(pgpv_t *pgp, pgpv_litdata_t |
1433 | size_t cc; | | 1444 | size_t cc; |
1434 | | | 1445 | |
1435 | cc = 0; | | 1446 | cc = 0; |
1436 | switch(litdata->format = p[cc++]) { | | 1447 | switch(litdata->format = p[cc++]) { |
1437 | case LITDATA_BINARY: | | 1448 | case LITDATA_BINARY: |
1438 | case LITDATA_TEXT: | | 1449 | case LITDATA_TEXT: |
1439 | case LITDATA_UTF8: | | 1450 | case LITDATA_UTF8: |
1440 | litdata->namelen = 0; | | 1451 | litdata->namelen = 0; |
1441 | break; | | 1452 | break; |
1442 | default: | | 1453 | default: |
1443 | printf("weird litdata format %u\n", litdata->format); | | 1454 | printf("weird litdata format %u\n", litdata->format); |
1444 | break; | | 1455 | break; |
1445 | } | | 1456 | } |
1446 | litdata->namelen = p[cc++]; | | 1457 | litdata->filename.size = litdata->namelen = p[cc++]; |
1447 | litdata->filename = &p[cc]; | | 1458 | litdata->filename.data = &p[cc]; |
| | | 1459 | litdata->filename.allocated = 0; |
1448 | cc += litdata->namelen; | | 1460 | cc += litdata->namelen; |
1449 | litdata->secs = get_32(&p[cc]); | | 1461 | litdata->secs = get_32(&p[cc]); |
1450 | cc += 4; | | 1462 | cc += 4; |
1451 | litdata->s.data = &p[cc]; | | 1463 | litdata->s.data = &p[cc]; |
1452 | litdata->len = litdata->s.size = size - cc; | | 1464 | litdata->len = litdata->s.size = size - cc; |
1453 | litdata->mem = ARRAY_COUNT(pgp->areas) - 1; | | 1465 | litdata->mem = ARRAY_COUNT(pgp->areas) - 1; |
1454 | litdata->offset = cc; | | 1466 | litdata->offset = cc; |
1455 | return 1; | | 1467 | return 1; |
1456 | } | | 1468 | } |
1457 | | | 1469 | |
1458 | /* parse a single packet */ | | 1470 | /* parse a single packet */ |
1459 | static int | | 1471 | static int |
1460 | read_pkt(pgpv_t *pgp, pgpv_mem_t *mem) | | 1472 | read_pkt(pgpv_t *pgp, pgpv_mem_t *mem) |
| @@ -1506,26 +1518,27 @@ read_pkt(pgpv_t *pgp, pgpv_mem_t *mem) | | | @@ -1506,26 +1518,27 @@ read_pkt(pgpv_t *pgp, pgpv_mem_t *mem) |
1506 | case PUBKEY_PKT: | | 1518 | case PUBKEY_PKT: |
1507 | case PUB_SUBKEY_PKT: | | 1519 | case PUB_SUBKEY_PKT: |
1508 | break; | | 1520 | break; |
1509 | case LITDATA_PKT: | | 1521 | case LITDATA_PKT: |
1510 | read_litdata(pgp, &pkt.u.litdata, pkt.s.data, pkt.s.size); | | 1522 | read_litdata(pgp, &pkt.u.litdata, pkt.s.data, pkt.s.size); |
1511 | break; | | 1523 | break; |
1512 | case TRUST_PKT: | | 1524 | case TRUST_PKT: |
1513 | pkt.u.trust.level = pkt.s.data[0]; | | 1525 | pkt.u.trust.level = pkt.s.data[0]; |
1514 | pkt.u.trust.amount = pkt.s.data[1]; | | 1526 | pkt.u.trust.amount = pkt.s.data[1]; |
1515 | break; | | 1527 | break; |
1516 | case USERID_PKT: | | 1528 | case USERID_PKT: |
1517 | pkt.u.userid.size = pkt.s.size; | | 1529 | pkt.u.userid.size = pkt.s.size; |
1518 | pkt.u.userid.data = pkt.s.data; | | 1530 | pkt.u.userid.data = pkt.s.data; |
| | | 1531 | pkt.u.userid.allocated = 0; |
1519 | break; | | 1532 | break; |
1520 | case COMPRESSED_DATA_PKT: | | 1533 | case COMPRESSED_DATA_PKT: |
1521 | read_compressed(pgp, &pkt.u.compressed, pkt.s.data, pkt.s.size); | | 1534 | read_compressed(pgp, &pkt.u.compressed, pkt.s.data, pkt.s.size); |
1522 | ARRAY_APPEND(pgp->pkts, pkt); | | 1535 | ARRAY_APPEND(pgp->pkts, pkt); |
1523 | read_all_packets(pgp, &ARRAY_LAST(pgp->areas), pgp->op); | | 1536 | read_all_packets(pgp, &ARRAY_LAST(pgp->areas), pgp->op); |
1524 | break; | | 1537 | break; |
1525 | case USER_ATTRIBUTE_PKT: | | 1538 | case USER_ATTRIBUTE_PKT: |
1526 | read_userattr(&pkt.u.userattr, pkt.s.data, pkt.s.size); | | 1539 | read_userattr(&pkt.u.userattr, pkt.s.data, pkt.s.size); |
1527 | break; | | 1540 | break; |
1528 | default: | | 1541 | default: |
1529 | printf("hi, need to implement %d, offset %zu\n", pkt.tag, mem->cc); | | 1542 | printf("hi, need to implement %d, offset %zu\n", pkt.tag, mem->cc); |
1530 | break; | | 1543 | break; |
1531 | } | | 1544 | } |
| @@ -1589,33 +1602,35 @@ static int | | | @@ -1589,33 +1602,35 @@ static int |
1589 | recog_userid(pgpv_t *pgp, pgpv_signed_userid_t *userid) | | 1602 | recog_userid(pgpv_t *pgp, pgpv_signed_userid_t *userid) |
1590 | { | | 1603 | { |
1591 | pgpv_signature_t signature; | | 1604 | pgpv_signature_t signature; |
1592 | pgpv_pkt_t *pkt; | | 1605 | pgpv_pkt_t *pkt; |
1593 | | | 1606 | |
1594 | memset(userid, 0x0, sizeof(*userid)); | | 1607 | memset(userid, 0x0, sizeof(*userid)); |
1595 | if (!pkt_is(pgp, USERID_PKT)) { | | 1608 | if (!pkt_is(pgp, USERID_PKT)) { |
1596 | printf("recog_userid: not %d\n", USERID_PKT); | | 1609 | printf("recog_userid: not %d\n", USERID_PKT); |
1597 | return 0; | | 1610 | return 0; |
1598 | } | | 1611 | } |
1599 | pkt = &ARRAY_ELEMENT(pgp->pkts, pgp->pkt); | | 1612 | pkt = &ARRAY_ELEMENT(pgp->pkts, pgp->pkt); |
1600 | userid->userid.size = pkt->s.size; | | 1613 | userid->userid.size = pkt->s.size; |
1601 | userid->userid.data = pkt->s.data; | | 1614 | userid->userid.data = pkt->s.data; |
| | | 1615 | userid->userid.allocated = 0; |
1602 | pgp->pkt += 1; | | 1616 | pgp->pkt += 1; |
1603 | while (pkt_is(pgp, SIGNATURE_PKT)) { | | 1617 | while (pkt_is(pgp, SIGNATURE_PKT)) { |
1604 | if (!recog_signature(pgp, &signature)) { | | 1618 | if (!recog_signature(pgp, &signature)) { |
1605 | printf("recog_userid: can't recognise signature/trust\n"); | | 1619 | printf("recog_userid: can't recognise signature/trust\n"); |
1606 | return 0; | | 1620 | return 0; |
1607 | } | | 1621 | } |
1608 | ARRAY_APPEND(userid->sigs, signature); | | 1622 | ARRAY_APPEND(userid->signatures, ARRAY_COUNT(pgp->signatures)); |
| | | 1623 | ARRAY_APPEND(pgp->signatures, signature); |
1609 | if (signature.primary_userid) { | | 1624 | if (signature.primary_userid) { |
1610 | userid->primary_userid = signature.primary_userid; | | 1625 | userid->primary_userid = signature.primary_userid; |
1611 | } | | 1626 | } |
1612 | if (signature.revoked) { | | 1627 | if (signature.revoked) { |
1613 | userid->revoked = signature.revoked; | | 1628 | userid->revoked = signature.revoked; |
1614 | } | | 1629 | } |
1615 | } | | 1630 | } |
1616 | return 1; | | 1631 | return 1; |
1617 | } | | 1632 | } |
1618 | | | 1633 | |
1619 | /* recognise user attributes packet */ | | 1634 | /* recognise user attributes packet */ |
1620 | static int | | 1635 | static int |
1621 | recog_userattr(pgpv_t *pgp, pgpv_signed_userattr_t *userattr) | | 1636 | recog_userattr(pgpv_t *pgp, pgpv_signed_userattr_t *userattr) |
| @@ -1624,27 +1639,28 @@ recog_userattr(pgpv_t *pgp, pgpv_signed_ | | | @@ -1624,27 +1639,28 @@ recog_userattr(pgpv_t *pgp, pgpv_signed_ |
1624 | | | 1639 | |
1625 | memset(userattr, 0x0, sizeof(*userattr)); | | 1640 | memset(userattr, 0x0, sizeof(*userattr)); |
1626 | if (!pkt_is(pgp, USER_ATTRIBUTE_PKT)) { | | 1641 | if (!pkt_is(pgp, USER_ATTRIBUTE_PKT)) { |
1627 | printf("recog_userattr: not %d\n", USER_ATTRIBUTE_PKT); | | 1642 | printf("recog_userattr: not %d\n", USER_ATTRIBUTE_PKT); |
1628 | return 0; | | 1643 | return 0; |
1629 | } | | 1644 | } |
1630 | userattr->userattr = ARRAY_ELEMENT(pgp->pkts, pgp->pkt).u.userattr; | | 1645 | userattr->userattr = ARRAY_ELEMENT(pgp->pkts, pgp->pkt).u.userattr; |
1631 | pgp->pkt += 1; | | 1646 | pgp->pkt += 1; |
1632 | while (pkt_is(pgp, SIGNATURE_PKT)) { | | 1647 | while (pkt_is(pgp, SIGNATURE_PKT)) { |
1633 | if (!recog_signature(pgp, &signature)) { | | 1648 | if (!recog_signature(pgp, &signature)) { |
1634 | printf("recog_userattr: can't recognise signature/trust\n"); | | 1649 | printf("recog_userattr: can't recognise signature/trust\n"); |
1635 | return 0; | | 1650 | return 0; |
1636 | } | | 1651 | } |
1637 | ARRAY_APPEND(userattr->sigs, signature); | | 1652 | ARRAY_APPEND(userattr->signatures, ARRAY_COUNT(pgp->signatures)); |
| | | 1653 | ARRAY_APPEND(pgp->signatures, signature); |
1638 | if (signature.revoked) { | | 1654 | if (signature.revoked) { |
1639 | userattr->revoked = signature.revoked; | | 1655 | userattr->revoked = signature.revoked; |
1640 | } | | 1656 | } |
1641 | } | | 1657 | } |
1642 | return 1; | | 1658 | return 1; |
1643 | } | | 1659 | } |
1644 | | | 1660 | |
1645 | /* recognise a sub key */ | | 1661 | /* recognise a sub key */ |
1646 | static int | | 1662 | static int |
1647 | recog_subkey(pgpv_t *pgp, pgpv_signed_subkey_t *subkey) | | 1663 | recog_subkey(pgpv_t *pgp, pgpv_signed_subkey_t *subkey) |
1648 | { | | 1664 | { |
1649 | pgpv_signature_t signature; | | 1665 | pgpv_signature_t signature; |
1650 | pgpv_pkt_t *pkt; | | 1666 | pgpv_pkt_t *pkt; |
| @@ -1658,27 +1674,28 @@ recog_subkey(pgpv_t *pgp, pgpv_signed_su | | | @@ -1658,27 +1674,28 @@ recog_subkey(pgpv_t *pgp, pgpv_signed_su |
1658 | pkt_sigtype_is(pgp, SIGTYPE_CERT_REVOCATION)) { | | 1674 | pkt_sigtype_is(pgp, SIGTYPE_CERT_REVOCATION)) { |
1659 | recog_signature(pgp, &signature); | | 1675 | recog_signature(pgp, &signature); |
1660 | subkey->revoc_self_sig = signature; | | 1676 | subkey->revoc_self_sig = signature; |
1661 | } | | 1677 | } |
1662 | do { | | 1678 | do { |
1663 | if (!pkt_is(pgp, SIGNATURE_PKT)) { | | 1679 | if (!pkt_is(pgp, SIGNATURE_PKT)) { |
1664 | printf("recog_subkey: not signature packet at %zu\n", pgp->pkt); | | 1680 | printf("recog_subkey: not signature packet at %zu\n", pgp->pkt); |
1665 | return 0; | | 1681 | return 0; |
1666 | } | | 1682 | } |
1667 | if (!recog_signature(pgp, &signature)) { | | 1683 | if (!recog_signature(pgp, &signature)) { |
1668 | printf("recog_subkey: bad signature/trust at %zu\n", pgp->pkt); | | 1684 | printf("recog_subkey: bad signature/trust at %zu\n", pgp->pkt); |
1669 | return 0; | | 1685 | return 0; |
1670 | } | | 1686 | } |
1671 | ARRAY_APPEND(subkey->sigs, signature); | | 1687 | ARRAY_APPEND(subkey->signatures, ARRAY_COUNT(pgp->signatures)); |
| | | 1688 | ARRAY_APPEND(pgp->signatures, signature); |
1672 | if (signature.keyexpiry) { | | 1689 | if (signature.keyexpiry) { |
1673 | /* XXX - check it's a good key expiry */ | | 1690 | /* XXX - check it's a good key expiry */ |
1674 | subkey->subkey.expiry = signature.keyexpiry; | | 1691 | subkey->subkey.expiry = signature.keyexpiry; |
1675 | } | | 1692 | } |
1676 | } while (pkt_is(pgp, SIGNATURE_PKT)); | | 1693 | } while (pkt_is(pgp, SIGNATURE_PKT)); |
1677 | return 1; | | 1694 | return 1; |
1678 | } | | 1695 | } |
1679 | | | 1696 | |
1680 | /* use a sparse map for the text strings here to save space */ | | 1697 | /* use a sparse map for the text strings here to save space */ |
1681 | static const char *keyalgs[] = { | | 1698 | static const char *keyalgs[] = { |
1682 | "[Unknown]", | | 1699 | "[Unknown]", |
1683 | "RSA (Encrypt or Sign)", | | 1700 | "RSA (Encrypt or Sign)", |
1684 | "RSA (Encrypt Only)", | | 1701 | "RSA (Encrypt Only)", |
| @@ -1747,87 +1764,97 @@ fmt_pubkey(obuf_t *obuf, pgpv_pubkey_t * | | | @@ -1747,87 +1764,97 @@ fmt_pubkey(obuf_t *obuf, pgpv_pubkey_t * |
1747 | } | | 1764 | } |
1748 | } | | 1765 | } |
1749 | if (!obuf_add_mem(obuf, "\n", 1)) { | | 1766 | if (!obuf_add_mem(obuf, "\n", 1)) { |
1750 | return 0; | | 1767 | return 0; |
1751 | } | | 1768 | } |
1752 | return fmt_fingerprint(obuf, &pubkey->fingerprint, "fingerprint "); | | 1769 | return fmt_fingerprint(obuf, &pubkey->fingerprint, "fingerprint "); |
1753 | } | | 1770 | } |
1754 | | | 1771 | |
1755 | /* we add 1 to revocation value to denote compromised */ | | 1772 | /* we add 1 to revocation value to denote compromised */ |
1756 | #define COMPROMISED (0x02 + 1) | | 1773 | #define COMPROMISED (0x02 + 1) |
1757 | | | 1774 | |
1758 | /* format a userid - used to order the userids when formatting */ | | 1775 | /* format a userid - used to order the userids when formatting */ |
1759 | static int | | 1776 | static int |
1760 | fmt_userid(obuf_t *obuf, pgpv_primarykey_t *primary, uint8_t u) | | 1777 | fmt_userid(obuf_t *obuf, pgpv_t *pgp, pgpv_primarykey_t *primary, uint8_t u) |
1761 | { | | 1778 | { |
1762 | pgpv_signed_userid_t *userid; | | 1779 | pgpv_signed_userid_t *userid; |
1763 | const char *s; | | 1780 | const char *s; |
| | | 1781 | uint64_t id; |
1764 | | | 1782 | |
1765 | userid = &ARRAY_ELEMENT(primary->signed_userids, u); | | 1783 | id = ARRAY_ELEMENT(primary->signed_userids, u); |
| | | 1784 | userid = &ARRAY_ELEMENT(pgp->signed_userids, id); |
1766 | s = (userid->revoked == COMPROMISED) ? " [COMPROMISED AND REVOKED]\n" : | | 1785 | s = (userid->revoked == COMPROMISED) ? " [COMPROMISED AND REVOKED]\n" : |
1767 | (userid->revoked) ? " [REVOKED]\n" : "\n"; | | 1786 | (userid->revoked) ? " [REVOKED]\n" : "\n"; |
1768 | return obuf_add_mem(obuf, "uid ", 14) && | | 1787 | return obuf_add_mem(obuf, "uid ", 14) && |
1769 | obuf_add_mem(obuf, userid->userid.data, userid->userid.size) && | | 1788 | obuf_add_mem(obuf, userid->userid.data, userid->userid.size) && |
1770 | obuf_add_mem(obuf, s, strlen(s)); | | 1789 | obuf_add_mem(obuf, s, strlen(s)); |
1771 | } | | 1790 | } |
1772 | | | 1791 | |
1773 | /* format a trust sig - used to order the userids when formatting */ | | 1792 | /* format a trust sig - used to order the userids when formatting */ |
1774 | static int | | 1793 | static int |
1775 | fmt_trust(obuf_t *obuf, pgpv_signed_userid_t *userid, uint32_t u) | | 1794 | fmt_trust(obuf_t *obuf, pgpv_signature_t *sig) |
1776 | { | | 1795 | { |
1777 | pgpv_signature_t *sig; | | | |
1778 | | | | |
1779 | sig = &ARRAY_ELEMENT(userid->sigs, u); | | | |
1780 | if (!obuf_add_mem(obuf, "trust ", 15) || | | 1796 | if (!obuf_add_mem(obuf, "trust ", 15) || |
1781 | !fmt_binary(obuf, sig->signer, 8)) { | | 1797 | !fmt_binary(obuf, sig->signer, PGPV_KEYID_LEN)) { |
1782 | return 0; | | 1798 | return 0; |
1783 | } | | 1799 | } |
1784 | return obuf_add_mem(obuf, "\n", 1); | | 1800 | return obuf_add_mem(obuf, "\n", 1); |
1785 | } | | 1801 | } |
1786 | | | 1802 | |
1787 | /* print a primary key, per RFC 4880 */ | | 1803 | /* print a primary key, per RFC 4880 */ |
1788 | static int | | 1804 | static int |
1789 | fmt_primary(obuf_t *obuf, pgpv_primarykey_t *primary, unsigned subkey, const char *modifiers) | | 1805 | fmt_primary(obuf_t *obuf, pgpv_t *pgp, pgpv_primarykey_t *primary, unsigned subkey, const char *modifiers) |
1790 | { | | 1806 | { |
1791 | pgpv_signed_userid_t *userid; | | 1807 | pgpv_signed_userid_t *userid; |
| | | 1808 | pgpv_signed_subkey_t *signed_subkey; |
1792 | pgpv_pubkey_t *pubkey; | | 1809 | pgpv_pubkey_t *pubkey; |
1793 | unsigned i; | | 1810 | unsigned i; |
1794 | unsigned j; | | 1811 | unsigned j; |
| | | 1812 | uint64_t id; |
1795 | | | 1813 | |
1796 | pubkey = (subkey == 0) ? &primary->primary : &ARRAY_ELEMENT(primary->signed_subkeys, subkey - 1).subkey; | | 1814 | if (subkey == 0) { |
| | | 1815 | pubkey = &primary->primary; |
| | | 1816 | } else { |
| | | 1817 | id = ARRAY_ELEMENT(primary->signed_subkeys, subkey); |
| | | 1818 | pubkey = &ARRAY_ELEMENT(pgp->signed_subkeys, id - 1).subkey; |
| | | 1819 | } |
1797 | if (!fmt_pubkey(obuf, pubkey, "signature ")) { | | 1820 | if (!fmt_pubkey(obuf, pubkey, "signature ")) { |
1798 | return 0; | | 1821 | return 0; |
1799 | } | | 1822 | } |
1800 | if (!fmt_userid(obuf, primary, primary->primary_userid)) { | | 1823 | if (!fmt_userid(obuf, pgp, primary, primary->primary_userid)) { |
1801 | return 0; | | 1824 | return 0; |
1802 | } | | 1825 | } |
1803 | for (i = 0 ; i < ARRAY_COUNT(primary->signed_userids) ; i++) { | | 1826 | for (i = 0 ; i < ARRAY_COUNT(primary->signed_userids) ; i++) { |
1804 | if (i != primary->primary_userid) { | | 1827 | if (i != primary->primary_userid) { |
1805 | if (!fmt_userid(obuf, primary, i)) { | | 1828 | if (!fmt_userid(obuf, pgp, primary, i)) { |
1806 | return 0; | | 1829 | return 0; |
1807 | } | | 1830 | } |
1808 | if (strcasecmp(modifiers, "trust") == 0) { | | 1831 | if (strcasecmp(modifiers, "trust") == 0) { |
1809 | userid = &ARRAY_ELEMENT(primary->signed_userids, i); | | 1832 | id = ARRAY_ELEMENT(primary->signed_userids, i); |
1810 | for (j = 0 ; j < ARRAY_COUNT(userid->sigs) ; j++) { | | 1833 | userid = &ARRAY_ELEMENT(pgp->signed_userids, id); |
1811 | if (!fmt_trust(obuf, userid, j)) { | | 1834 | for (j = 0 ; j < ARRAY_COUNT(userid->signatures) ; j++) { |
| | | 1835 | if (!fmt_trust(obuf, &ARRAY_ELEMENT(pgp->signatures, |
| | | 1836 | ARRAY_ELEMENT(userid->signatures, j)))) { |
1812 | return 0; | | 1837 | return 0; |
1813 | } | | 1838 | } |
1814 | } | | 1839 | } |
1815 | } | | 1840 | } |
1816 | } | | 1841 | } |
1817 | } | | 1842 | } |
1818 | if (strcasecmp(modifiers, "subkeys") == 0) { | | 1843 | if (strcasecmp(modifiers, "subkeys") == 0) { |
1819 | for (i = 0 ; i < ARRAY_COUNT(primary->signed_subkeys) ; i++) { | | 1844 | for (i = 0 ; i < ARRAY_COUNT(primary->signed_subkeys) ; i++) { |
1820 | if (!fmt_pubkey(obuf, &ARRAY_ELEMENT(primary->signed_subkeys, i).subkey, "encryption")) { | | 1845 | id = ARRAY_ELEMENT(primary->signed_subkeys, i); |
| | | 1846 | signed_subkey = &ARRAY_ELEMENT(pgp->signed_subkeys, id); |
| | | 1847 | if (!fmt_pubkey(obuf, &signed_subkey->subkey, "encryption")) { |
1821 | return 0; | | 1848 | return 0; |
1822 | } | | 1849 | } |
1823 | } | | 1850 | } |
1824 | } | | 1851 | } |
1825 | return obuf_add_mem(obuf, "\n", 1); | | 1852 | return obuf_add_mem(obuf, "\n", 1); |
1826 | } | | 1853 | } |
1827 | | | 1854 | |
1828 | | | 1855 | |
1829 | /* check the padding on the signature */ | | 1856 | /* check the padding on the signature */ |
1830 | static int | | 1857 | static int |
1831 | rsa_padding_check_none(uint8_t *to, int tlen, const uint8_t *from, int flen, int num) | | 1858 | rsa_padding_check_none(uint8_t *to, int tlen, const uint8_t *from, int flen, int num) |
1832 | { | | 1859 | { |
1833 | USE_ARG(num); | | 1860 | USE_ARG(num); |
| @@ -2199,26 +2226,40 @@ find_bin_string(const void *blockarg, si | | | @@ -2199,26 +2226,40 @@ find_bin_string(const void *blockarg, si |
2199 | return __UNCONST(blockarg); | | 2226 | return __UNCONST(blockarg); |
2200 | } | | 2227 | } |
2201 | if (blen < plen) { | | 2228 | if (blen < plen) { |
2202 | return NULL; | | 2229 | return NULL; |
2203 | } | | 2230 | } |
2204 | for (bp = block = blockarg ; (size_t)(bp - block) < blen - plen + 1 ; bp++) { | | 2231 | for (bp = block = blockarg ; (size_t)(bp - block) < blen - plen + 1 ; bp++) { |
2205 | if (memcmp(bp, pat, plen) == 0) { | | 2232 | if (memcmp(bp, pat, plen) == 0) { |
2206 | return __UNCONST(bp); | | 2233 | return __UNCONST(bp); |
2207 | } | | 2234 | } |
2208 | } | | 2235 | } |
2209 | return NULL; | | 2236 | return NULL; |
2210 | } | | 2237 | } |
2211 | | | 2238 | |
| | | 2239 | /* store string in allocated memory */ |
| | | 2240 | static uint8_t * |
| | | 2241 | pgpv_strdup(const char *s) |
| | | 2242 | { |
| | | 2243 | uint8_t *cp; |
| | | 2244 | size_t len; |
| | | 2245 | |
| | | 2246 | len = strlen(s); |
| | | 2247 | if ((cp = calloc(len + 1, 1)) != NULL) { |
| | | 2248 | memcpy(cp, s, len); |
| | | 2249 | } |
| | | 2250 | return cp; |
| | | 2251 | } |
| | | 2252 | |
2212 | #define SIGSTART "-----BEGIN PGP SIGNATURE-----\n" | | 2253 | #define SIGSTART "-----BEGIN PGP SIGNATURE-----\n" |
2213 | #define SIGEND "-----END PGP SIGNATURE-----\n" | | 2254 | #define SIGEND "-----END PGP SIGNATURE-----\n" |
2214 | | | 2255 | |
2215 | /* for ascii armor, we don't get a onepass packet - make one */ | | 2256 | /* for ascii armor, we don't get a onepass packet - make one */ |
2216 | static const char *cons_onepass = "\304\015\003\0\0\0\0\377\377\377\377\377\377\377\377\1"; | | 2257 | static const char *cons_onepass = "\304\015\003\0\0\0\0\377\377\377\377\377\377\377\377\1"; |
2217 | | | 2258 | |
2218 | /* read ascii armor */ | | 2259 | /* read ascii armor */ |
2219 | static int | | 2260 | static int |
2220 | read_ascii_armor(pgpv_cursor_t *cursor, pgpv_mem_t *mem, const char *filename) | | 2261 | read_ascii_armor(pgpv_cursor_t *cursor, pgpv_mem_t *mem, const char *filename) |
2221 | { | | 2262 | { |
2222 | pgpv_onepass_t *onepass; | | 2263 | pgpv_onepass_t *onepass; |
2223 | pgpv_sigpkt_t *sigpkt; | | 2264 | pgpv_sigpkt_t *sigpkt; |
2224 | pgpv_pkt_t litdata; | | 2265 | pgpv_pkt_t litdata; |
| @@ -2231,27 +2272,28 @@ read_ascii_armor(pgpv_cursor_t *cursor, | | | @@ -2231,27 +2272,28 @@ read_ascii_armor(pgpv_cursor_t *cursor, |
2231 | /* cons up litdata pkt */ | | 2272 | /* cons up litdata pkt */ |
2232 | memset(&litdata, 0x0, sizeof(litdata)); | | 2273 | memset(&litdata, 0x0, sizeof(litdata)); |
2233 | litdata.u.litdata.mem = ARRAY_COUNT(cursor->pgp->areas) - 1; | | 2274 | litdata.u.litdata.mem = ARRAY_COUNT(cursor->pgp->areas) - 1; |
2234 | p = mem->mem; | | 2275 | p = mem->mem; |
2235 | /* jump over signed message line */ | | 2276 | /* jump over signed message line */ |
2236 | if ((p = find_bin_string(mem->mem, mem->size, "\n\n", 2)) == NULL) { | | 2277 | if ((p = find_bin_string(mem->mem, mem->size, "\n\n", 2)) == NULL) { |
2237 | snprintf(cursor->why, sizeof(cursor->why), "malformed armor at offset 0"); | | 2278 | snprintf(cursor->why, sizeof(cursor->why), "malformed armor at offset 0"); |
2238 | return 0; | | 2279 | return 0; |
2239 | } | | 2280 | } |
2240 | p += 2; | | 2281 | p += 2; |
2241 | litdata.tag = LITDATA_PKT; | | 2282 | litdata.tag = LITDATA_PKT; |
2242 | litdata.s.data = p; | | 2283 | litdata.s.data = p; |
2243 | litdata.u.litdata.offset = (size_t)(p - mem->mem); | | 2284 | litdata.u.litdata.offset = (size_t)(p - mem->mem); |
2244 | litdata.u.litdata.filename = (uint8_t *)strdup(filename); | | 2285 | litdata.u.litdata.filename.data = pgpv_strdup(filename); |
| | | 2286 | litdata.u.litdata.filename.allocated = 1; |
2245 | if ((p = find_bin_string(datastart = p, mem->size - litdata.offset, SIGSTART, strlen(SIGSTART))) == NULL) { | | 2287 | if ((p = find_bin_string(datastart = p, mem->size - litdata.offset, SIGSTART, strlen(SIGSTART))) == NULL) { |
2246 | snprintf(cursor->why, sizeof(cursor->why), | | 2288 | snprintf(cursor->why, sizeof(cursor->why), |
2247 | "malformed armor - no sig - at %zu", (size_t)(p - mem->mem)); | | 2289 | "malformed armor - no sig - at %zu", (size_t)(p - mem->mem)); |
2248 | return 0; | | 2290 | return 0; |
2249 | } | | 2291 | } |
2250 | litdata.u.litdata.len = litdata.s.size = (size_t)(p - datastart); | | 2292 | litdata.u.litdata.len = litdata.s.size = (size_t)(p - datastart); |
2251 | /* this puts p at the newline character, so it will find \n\n if no version */ | | 2293 | /* this puts p at the newline character, so it will find \n\n if no version */ |
2252 | p += strlen(SIGSTART) - 1; | | 2294 | p += strlen(SIGSTART) - 1; |
2253 | if ((p = find_bin_string(p, mem->size, "\n\n", 2)) == NULL) { | | 2295 | if ((p = find_bin_string(p, mem->size, "\n\n", 2)) == NULL) { |
2254 | snprintf(cursor->why, sizeof(cursor->why), | | 2296 | snprintf(cursor->why, sizeof(cursor->why), |
2255 | "malformed armed signature at %zu", (size_t)(p - mem->mem)); | | 2297 | "malformed armed signature at %zu", (size_t)(p - mem->mem)); |
2256 | return 0; | | 2298 | return 0; |
2257 | } | | 2299 | } |
| @@ -2404,62 +2446,67 @@ recog_primary_key(pgpv_t *pgp, pgpv_prim | | | @@ -2404,62 +2446,67 @@ recog_primary_key(pgpv_t *pgp, pgpv_prim |
2404 | printf("recog_primary_key: no signature/trust at PGPV_SIGTYPE_KEY_REVOCATION\n"); | | 2446 | printf("recog_primary_key: no signature/trust at PGPV_SIGTYPE_KEY_REVOCATION\n"); |
2405 | return 0; | | 2447 | return 0; |
2406 | } | | 2448 | } |
2407 | } | | 2449 | } |
2408 | while (pkt_sigtype_is(pgp, SIGTYPE_DIRECT_KEY)) { | | 2450 | while (pkt_sigtype_is(pgp, SIGTYPE_DIRECT_KEY)) { |
2409 | if (!recog_signature(pgp, &signature)) { | | 2451 | if (!recog_signature(pgp, &signature)) { |
2410 | printf("recog_primary_key: no signature/trust at PGPV_SIGTYPE_DIRECT_KEY\n"); | | 2452 | printf("recog_primary_key: no signature/trust at PGPV_SIGTYPE_DIRECT_KEY\n"); |
2411 | return 0; | | 2453 | return 0; |
2412 | } | | 2454 | } |
2413 | if (signature.keyexpiry) { | | 2455 | if (signature.keyexpiry) { |
2414 | /* XXX - check it's a good key expiry */ | | 2456 | /* XXX - check it's a good key expiry */ |
2415 | primary->primary.expiry = signature.keyexpiry; | | 2457 | primary->primary.expiry = signature.keyexpiry; |
2416 | } | | 2458 | } |
2417 | ARRAY_APPEND(primary->direct_sigs, signature); | | 2459 | ARRAY_APPEND(primary->signatures, ARRAY_COUNT(pgp->signatures)); |
| | | 2460 | ARRAY_APPEND(pgp->signatures, signature); |
2418 | } | | 2461 | } |
2419 | /* some keys out there have user ids where they shouldn't */ | | 2462 | /* some keys out there have user ids where they shouldn't */ |
2420 | do { | | 2463 | do { |
2421 | if (!recog_userid(pgp, &userid)) { | | 2464 | if (!recog_userid(pgp, &userid)) { |
2422 | printf("recog_primary_key: not userid\n"); | | 2465 | printf("recog_primary_key: not userid\n"); |
2423 | return 0; | | 2466 | return 0; |
2424 | } | | 2467 | } |
2425 | ARRAY_APPEND(primary->signed_userids, userid); | | 2468 | ARRAY_APPEND(primary->signed_userids, ARRAY_COUNT(pgp->signed_userids)); |
| | | 2469 | ARRAY_APPEND(pgp->signed_userids, userid); |
2426 | if (userid.primary_userid) { | | 2470 | if (userid.primary_userid) { |
2427 | primary->primary_userid = ARRAY_COUNT(primary->signed_userids) - 1; | | 2471 | primary->primary_userid = ARRAY_COUNT(primary->signed_userids) - 1; |
2428 | } | | 2472 | } |
2429 | while (pkt_is(pgp, USERID_PKT)) { | | 2473 | while (pkt_is(pgp, USERID_PKT)) { |
2430 | if (!recog_userid(pgp, &userid)) { | | 2474 | if (!recog_userid(pgp, &userid)) { |
2431 | printf("recog_primary_key: not signed secondary userid\n"); | | 2475 | printf("recog_primary_key: not signed secondary userid\n"); |
2432 | return 0; | | 2476 | return 0; |
2433 | } | | 2477 | } |
2434 | ARRAY_APPEND(primary->signed_userids, userid); | | 2478 | ARRAY_APPEND(primary->signed_userids, ARRAY_COUNT(pgp->signed_userids)); |
| | | 2479 | ARRAY_APPEND(pgp->signed_userids, userid); |
2435 | if (userid.primary_userid) { | | 2480 | if (userid.primary_userid) { |
2436 | primary->primary_userid = ARRAY_COUNT(primary->signed_userids) - 1; | | 2481 | primary->primary_userid = ARRAY_COUNT(primary->signed_userids) - 1; |
2437 | } | | 2482 | } |
2438 | } | | 2483 | } |
2439 | while (pkt_is(pgp, USER_ATTRIBUTE_PKT)) { | | 2484 | while (pkt_is(pgp, USER_ATTRIBUTE_PKT)) { |
2440 | if (!recog_userattr(pgp, &userattr)) { | | 2485 | if (!recog_userattr(pgp, &userattr)) { |
2441 | printf("recog_primary_key: not signed user attribute\n"); | | 2486 | printf("recog_primary_key: not signed user attribute\n"); |
2442 | return 0; | | 2487 | return 0; |
2443 | } | | 2488 | } |
2444 | ARRAY_APPEND(primary->signed_userattrs, userattr); | | 2489 | ARRAY_APPEND(primary->signed_userattrs, ARRAY_COUNT(pgp->signed_userattrs)); |
| | | 2490 | ARRAY_APPEND(pgp->signed_userattrs, userattr); |
2445 | } | | 2491 | } |
2446 | while (pkt_is(pgp, PUB_SUBKEY_PKT)) { | | 2492 | while (pkt_is(pgp, PUB_SUBKEY_PKT)) { |
2447 | if (!recog_subkey(pgp, &subkey)) { | | 2493 | if (!recog_subkey(pgp, &subkey)) { |
2448 | printf("recog_primary_key: not signed public subkey\n"); | | 2494 | printf("recog_primary_key: not signed public subkey\n"); |
2449 | return 0; | | 2495 | return 0; |
2450 | } | | 2496 | } |
2451 | calc_keyid(&subkey.subkey, "sha1"); | | 2497 | calc_keyid(&subkey.subkey, "sha1"); |
2452 | ARRAY_APPEND(primary->signed_subkeys, subkey); | | 2498 | ARRAY_APPEND(primary->signed_subkeys, ARRAY_COUNT(pgp->signed_subkeys)); |
| | | 2499 | ARRAY_APPEND(pgp->signed_subkeys, subkey); |
2453 | } | | 2500 | } |
2454 | } while (pgp->pkt < ARRAY_COUNT(pgp->pkts) && pkt_is(pgp, USERID_PKT)); | | 2501 | } while (pgp->pkt < ARRAY_COUNT(pgp->pkts) && pkt_is(pgp, USERID_PKT)); |
2455 | primary->fmtsize = estimate_primarykey_size(primary); | | 2502 | primary->fmtsize = estimate_primarykey_size(primary); |
2456 | return 1; | | 2503 | return 1; |
2457 | } | | 2504 | } |
2458 | | | 2505 | |
2459 | /* parse all of the packets for a given operation */ | | 2506 | /* parse all of the packets for a given operation */ |
2460 | static int | | 2507 | static int |
2461 | read_all_packets(pgpv_t *pgp, pgpv_mem_t *mem, const char *op) | | 2508 | read_all_packets(pgpv_t *pgp, pgpv_mem_t *mem, const char *op) |
2462 | { | | 2509 | { |
2463 | pgpv_primarykey_t primary; | | 2510 | pgpv_primarykey_t primary; |
2464 | | | 2511 | |
2465 | if (op == NULL) { | | 2512 | if (op == NULL) { |
| @@ -2678,31 +2725,33 @@ read_ssh_file(pgpv_t *pgp, pgpv_primaryk | | | @@ -2678,31 +2725,33 @@ read_ssh_file(pgpv_t *pgp, pgpv_primaryk |
2678 | (void) gethostname(hostname, sizeof(hostname)); | | 2725 | (void) gethostname(hostname, sizeof(hostname)); |
2679 | if (strlen(space + 1) - 1 == 0) { | | 2726 | if (strlen(space + 1) - 1 == 0) { |
2680 | (void) snprintf(owner, sizeof(owner), "<root@%s>", | | 2727 | (void) snprintf(owner, sizeof(owner), "<root@%s>", |
2681 | hostname); | | 2728 | hostname); |
2682 | } else { | | 2729 | } else { |
2683 | (void) snprintf(owner, sizeof(owner), "<%.*s>", | | 2730 | (void) snprintf(owner, sizeof(owner), "<%.*s>", |
2684 | (int)strlen(space + 1) - 1, | | 2731 | (int)strlen(space + 1) - 1, |
2685 | space + 1); | | 2732 | space + 1); |
2686 | } | | 2733 | } |
2687 | calc_keyid(pubkey, "sha1"); | | 2734 | calc_keyid(pubkey, "sha1"); |
2688 | cc = snprintf(newbuf, sizeof(newbuf), "%s (%s) %s", | | 2735 | cc = snprintf(newbuf, sizeof(newbuf), "%s (%s) %s", |
2689 | hostname, f, owner); | | 2736 | hostname, f, owner); |
2690 | userid.userid.size = cc; | | 2737 | userid.userid.size = cc; |
| | | 2738 | userid.userid.allocated = 1; |
2691 | if ((userid.userid.data = calloc(1, cc + 1)) == NULL) { | | 2739 | if ((userid.userid.data = calloc(1, cc + 1)) == NULL) { |
2692 | ok = 0; | | 2740 | ok = 0; |
2693 | } else { | | 2741 | } else { |
2694 | memcpy(userid.userid.data, newbuf, cc); | | 2742 | memcpy(userid.userid.data, newbuf, cc); |
2695 | ARRAY_APPEND(primary->signed_userids, userid); | | 2743 | ARRAY_APPEND(primary->signed_userids, ARRAY_COUNT(pgp->signed_userids)); |
| | | 2744 | ARRAY_APPEND(pgp->signed_userids, userid); |
2696 | primary->fmtsize = estimate_primarykey_size(primary) + 1024; | | 2745 | primary->fmtsize = estimate_primarykey_size(primary) + 1024; |
2697 | } | | 2746 | } |
2698 | } | | 2747 | } |
2699 | (void) free(bin); | | 2748 | (void) free(bin); |
2700 | (void) free(buf); | | 2749 | (void) free(buf); |
2701 | bufgap_close(&bg); | | 2750 | bufgap_close(&bg); |
2702 | return ok; | | 2751 | return ok; |
2703 | } | | 2752 | } |
2704 | | | 2753 | |
2705 | /* parse memory according to "op" */ | | 2754 | /* parse memory according to "op" */ |
2706 | static int | | 2755 | static int |
2707 | read_binary_memory(pgpv_t *pgp, const char *op, const void *memory, size_t size) | | 2756 | read_binary_memory(pgpv_t *pgp, const char *op, const void *memory, size_t size) |
2708 | { | | 2757 | { |
| @@ -2745,27 +2794,28 @@ fixup_detached(pgpv_cursor_t *cursor, co | | | @@ -2745,27 +2794,28 @@ fixup_detached(pgpv_cursor_t *cursor, co |
2745 | onepass = &ARRAY_ELEMENT(cursor->pgp->pkts, el).u.onepass; | | 2794 | onepass = &ARRAY_ELEMENT(cursor->pgp->pkts, el).u.onepass; |
2746 | /* read the original file into litdata */ | | 2795 | /* read the original file into litdata */ |
2747 | snprintf(original, sizeof(original), "%.*s", (int)(dot - f), f); | | 2796 | snprintf(original, sizeof(original), "%.*s", (int)(dot - f), f); |
2748 | if (!read_file(cursor->pgp, original)) { | | 2797 | if (!read_file(cursor->pgp, original)) { |
2749 | printf("can't read file '%s'\n", original); | | 2798 | printf("can't read file '%s'\n", original); |
2750 | return 0; | | 2799 | return 0; |
2751 | } | | 2800 | } |
2752 | memset(&litdata, 0x0, sizeof(litdata)); | | 2801 | memset(&litdata, 0x0, sizeof(litdata)); |
2753 | mem = &ARRAY_LAST(cursor->pgp->areas); | | 2802 | mem = &ARRAY_LAST(cursor->pgp->areas); |
2754 | litdata.tag = LITDATA_PKT; | | 2803 | litdata.tag = LITDATA_PKT; |
2755 | litdata.s.data = mem->mem; | | 2804 | litdata.s.data = mem->mem; |
2756 | litdata.u.litdata.format = LITDATA_BINARY; | | 2805 | litdata.u.litdata.format = LITDATA_BINARY; |
2757 | litdata.u.litdata.offset = 0; | | 2806 | litdata.u.litdata.offset = 0; |
2758 | litdata.u.litdata.filename = (uint8_t *)strdup(original); | | 2807 | litdata.u.litdata.filename.data = pgpv_strdup(original); |
| | | 2808 | litdata.u.litdata.filename.allocated = 1; |
2759 | litdata.u.litdata.mem = ARRAY_COUNT(cursor->pgp->areas) - 1; | | 2809 | litdata.u.litdata.mem = ARRAY_COUNT(cursor->pgp->areas) - 1; |
2760 | litdata.u.litdata.len = litdata.s.size = mem->size; | | 2810 | litdata.u.litdata.len = litdata.s.size = mem->size; |
2761 | ARRAY_APPEND(cursor->pgp->pkts, litdata); | | 2811 | ARRAY_APPEND(cursor->pgp->pkts, litdata); |
2762 | ARRAY_APPEND(cursor->pgp->pkts, sigpkt); | | 2812 | ARRAY_APPEND(cursor->pgp->pkts, sigpkt); |
2763 | memcpy(onepass->keyid, sigpkt.u.sigpkt.sig.signer, sizeof(onepass->keyid)); | | 2813 | memcpy(onepass->keyid, sigpkt.u.sigpkt.sig.signer, sizeof(onepass->keyid)); |
2764 | onepass->hashalg = sigpkt.u.sigpkt.sig.hashalg; | | 2814 | onepass->hashalg = sigpkt.u.sigpkt.sig.hashalg; |
2765 | onepass->keyalg = sigpkt.u.sigpkt.sig.keyalg; | | 2815 | onepass->keyalg = sigpkt.u.sigpkt.sig.keyalg; |
2766 | return 1; | | 2816 | return 1; |
2767 | } | | 2817 | } |
2768 | | | 2818 | |
2769 | /* match the calculated signature against the one in the signature packet */ | | 2819 | /* match the calculated signature against the one in the signature packet */ |
2770 | static int | | 2820 | static int |
2771 | match_sig(pgpv_cursor_t *cursor, pgpv_signature_t *signature, pgpv_pubkey_t *pubkey, uint8_t *data, size_t size) | | 2821 | match_sig(pgpv_cursor_t *cursor, pgpv_signature_t *signature, pgpv_pubkey_t *pubkey, uint8_t *data, size_t size) |
| @@ -2804,155 +2854,104 @@ match_sig(pgpv_cursor_t *cursor, pgpv_si | | | @@ -2804,155 +2854,104 @@ match_sig(pgpv_cursor_t *cursor, pgpv_si |
2804 | if (valid_dates(signature, pubkey, cursor->why, sizeof(cursor->why)) > 0) { | | 2854 | if (valid_dates(signature, pubkey, cursor->why, sizeof(cursor->why)) > 0) { |
2805 | return 0; | | 2855 | return 0; |
2806 | } | | 2856 | } |
2807 | if (key_expired(pubkey, cursor->why, sizeof(cursor->why))) { | | 2857 | if (key_expired(pubkey, cursor->why, sizeof(cursor->why))) { |
2808 | return 0; | | 2858 | return 0; |
2809 | } | | 2859 | } |
2810 | if (signature->revoked) { | | 2860 | if (signature->revoked) { |
2811 | snprintf(cursor->why, sizeof(cursor->why), "Signature was revoked"); | | 2861 | snprintf(cursor->why, sizeof(cursor->why), "Signature was revoked"); |
2812 | return 0; | | 2862 | return 0; |
2813 | } | | 2863 | } |
2814 | return 1; | | 2864 | return 1; |
2815 | } | | 2865 | } |
2816 | | | 2866 | |
2817 | /* check return value from getenv */ | | | |
2818 | static const char * | | | |
2819 | nonnull_getenv(const char *key) | | | |
2820 | { | | | |
2821 | char *value; | | | |
2822 | | | | |
2823 | return ((value = getenv(key)) == NULL) ? "" : value; | | | |
2824 | } | | | |
2825 | | | | |
2826 | /************************************************************************/ | | | |
2827 | /* start of exported functions */ | | | |
2828 | /************************************************************************/ | | | |
2829 | | | | |
2830 | /* close all stuff */ | | | |
2831 | int | | | |
2832 | pgpv_close(pgpv_t *pgp) | | | |
2833 | { | | | |
2834 | unsigned i; | | | |
2835 | | | | |
2836 | if (pgp == NULL) { | | | |
2837 | return 0; | | | |
2838 | } | | | |
2839 | for (i = 0 ; i < ARRAY_COUNT(pgp->areas) ; i++) { | | | |
2840 | if (ARRAY_ELEMENT(pgp->areas, i).size > 0) { | | | |
2841 | closemem(&ARRAY_ELEMENT(pgp->areas, i)); | | | |
2842 | } | | | |
2843 | } | | | |
2844 | return 1; | | | |
2845 | } | | | |
2846 | | | | |
2847 | /* return the formatted entry for the primary key desired */ | | | |
2848 | size_t | | | |
2849 | pgpv_get_entry(pgpv_t *pgp, unsigned ent, char **s, const char *modifiers) | | | |
2850 | { | | | |
2851 | unsigned subkey; | | | |
2852 | unsigned prim; | | | |
2853 | obuf_t obuf; | | | |
2854 | | | | |
2855 | prim = ((ent >> 8) & 0xffffff); | | | |
2856 | subkey = (ent & 0xff); | | | |
2857 | if (s == NULL || pgp == NULL || prim >= ARRAY_COUNT(pgp->primaries)) { | | | |
2858 | return 0; | | | |
2859 | } | | | |
2860 | *s = NULL; | | | |
2861 | if (modifiers == NULL || (strcasecmp(modifiers, "trust") != 0 && strcasecmp(modifiers, "subkeys") != 0)) { | | | |
2862 | modifiers = "no-subkeys"; | | | |
2863 | } | | | |
2864 | memset(&obuf, 0x0, sizeof(obuf)); | | | |
2865 | if (!fmt_primary(&obuf, &ARRAY_ELEMENT(pgp->primaries, prim), subkey, modifiers)) { | | | |
2866 | return 0; | | | |
2867 | } | | | |
2868 | *s = (char *)obuf.v; | | | |
2869 | return obuf.c; | | | |
2870 | } | | | |
2871 | | | | |
2872 | /* fixup key id, with birth, keyalg and hashalg value from signature */ | | 2867 | /* fixup key id, with birth, keyalg and hashalg value from signature */ |
2873 | static int | | 2868 | static int |
2874 | fixup_ssh_keyid(pgpv_t *pgp, pgpv_signature_t *signature, const char *hashtype) | | 2869 | fixup_ssh_keyid(pgpv_t *pgp, pgpv_signature_t *signature, const char *hashtype) |
2875 | { | | 2870 | { |
2876 | pgpv_pubkey_t *pubkey; | | 2871 | pgpv_pubkey_t *pubkey; |
2877 | unsigned i; | | 2872 | unsigned i; |
2878 | | | 2873 | |
2879 | for (i = 0 ; i < ARRAY_COUNT(pgp->primaries) ; i++) { | | 2874 | for (i = 0 ; i < ARRAY_COUNT(pgp->primaries) ; i++) { |
2880 | pubkey = &ARRAY_ELEMENT(pgp->primaries, i).primary; | | 2875 | pubkey = &ARRAY_ELEMENT(pgp->primaries, i).primary; |
2881 | pubkey->keyalg = signature->keyalg; | | 2876 | pubkey->keyalg = signature->keyalg; |
2882 | calc_keyid(pubkey, hashtype); | | 2877 | calc_keyid(pubkey, hashtype); |
2883 | } | | 2878 | } |
2884 | return 1; | | 2879 | return 1; |
2885 | } | | 2880 | } |
2886 | | | 2881 | |
2887 | /* find key id */ | | 2882 | /* find key id */ |
2888 | static int | | 2883 | static int |
2889 | find_keyid(pgpv_t *pgp, const char *strkeyid, uint8_t *keyid, unsigned *sub) | | 2884 | find_keyid(pgpv_t *pgp, const char *strkeyid, uint8_t *keyid, unsigned *sub) |
2890 | { | | 2885 | { |
2891 | pgpv_signed_subkey_t *subkey; | | 2886 | pgpv_signed_subkey_t *subkey; |
2892 | pgpv_primarykey_t *prim; | | 2887 | pgpv_primarykey_t *prim; |
2893 | unsigned i; | | 2888 | unsigned i; |
2894 | unsigned j; | | 2889 | unsigned j; |
| | | 2890 | uint64_t n; |
2895 | uint8_t binkeyid[PGPV_KEYID_LEN]; | | 2891 | uint8_t binkeyid[PGPV_KEYID_LEN]; |
2896 | size_t off; | | 2892 | size_t off; |
2897 | size_t cmp; | | 2893 | size_t cmp; |
2898 | | | 2894 | |
2899 | if (strkeyid == NULL && keyid == NULL) { | | 2895 | if (strkeyid == NULL && keyid == NULL) { |
2900 | return 0; | | 2896 | return 0; |
2901 | } | | 2897 | } |
2902 | if (strkeyid) { | | 2898 | if (strkeyid) { |
2903 | str_to_keyid(strkeyid, binkeyid); | | 2899 | str_to_keyid(strkeyid, binkeyid); |
2904 | cmp = strlen(strkeyid) / 2; | | 2900 | cmp = strlen(strkeyid) / 2; |
2905 | } else { | | 2901 | } else { |
2906 | memcpy(binkeyid, keyid, sizeof(binkeyid)); | | 2902 | memcpy(binkeyid, keyid, sizeof(binkeyid)); |
2907 | cmp = PGPV_KEYID_LEN; | | 2903 | cmp = PGPV_KEYID_LEN; |
2908 | } | | 2904 | } |
2909 | *sub = 0; | | 2905 | *sub = 0; |
2910 | off = PGPV_KEYID_LEN - cmp; | | 2906 | off = PGPV_KEYID_LEN - cmp; |
2911 | for (i = 0 ; i < ARRAY_COUNT(pgp->primaries) ; i++) { | | 2907 | for (i = 0 ; i < ARRAY_COUNT(pgp->primaries) ; i++) { |
2912 | prim = &ARRAY_ELEMENT(pgp->primaries, i); | | 2908 | prim = &ARRAY_ELEMENT(pgp->primaries, i); |
2913 | if (memcmp(&prim->primary.keyid[off], &binkeyid[off], cmp) == 0) { | | 2909 | if (memcmp(&prim->primary.keyid[off], &binkeyid[off], cmp) == 0) { |
2914 | return i; | | 2910 | return i; |
2915 | } | | 2911 | } |
2916 | for (j = 0 ; j < ARRAY_COUNT(prim->signed_subkeys) ; j++) { | | 2912 | for (j = 0 ; j < ARRAY_COUNT(prim->signed_subkeys) ; j++) { |
2917 | subkey = &ARRAY_ELEMENT(prim->signed_subkeys, j); | | 2913 | n = ARRAY_ELEMENT(prim->signed_subkeys, j); |
| | | 2914 | subkey = &ARRAY_ELEMENT(pgp->signed_subkeys, n); |
2918 | if (memcmp(&subkey->subkey.keyid[off], &binkeyid[off], cmp) == 0) { | | 2915 | if (memcmp(&subkey->subkey.keyid[off], &binkeyid[off], cmp) == 0) { |
2919 | *sub = j + 1; | | 2916 | *sub = j + 1; |
2920 | return i; | | 2917 | return i; |
2921 | } | | 2918 | } |
2922 | } | | 2919 | } |
2923 | | | 2920 | |
2924 | } | | 2921 | } |
2925 | return -1; | | 2922 | return -1; |
2926 | } | | 2923 | } |
2927 | | | 2924 | |
2928 | /* match the signature with the id indexed by 'primary' */ | | 2925 | /* match the signature with the id indexed by 'primary' */ |
2929 | static int | | 2926 | static int |
2930 | match_sig_id(pgpv_cursor_t *cursor, pgpv_signature_t *signature, pgpv_litdata_t *litdata, unsigned primary, unsigned sub) | | 2927 | match_sig_id(pgpv_cursor_t *cursor, pgpv_t *pgp, pgpv_signature_t *signature, pgpv_litdata_t *litdata, unsigned primary, unsigned sub) |
2931 | { | | 2928 | { |
2932 | pgpv_primarykey_t *prim; | | 2929 | pgpv_primarykey_t *prim; |
2933 | pgpv_pubkey_t *pubkey; | | 2930 | pgpv_pubkey_t *pubkey; |
| | | 2931 | uint64_t n; |
2934 | uint8_t *data; | | 2932 | uint8_t *data; |
2935 | size_t insize; | | 2933 | size_t insize; |
2936 | | | 2934 | |
2937 | cursor->sigtime = signature->birth; | | 2935 | cursor->sigtime = signature->birth; |
2938 | /* calc hash on data packet */ | | 2936 | /* calc hash on data packet */ |
2939 | data = get_literal_data(cursor, litdata, &insize); | | 2937 | data = get_literal_data(cursor, litdata, &insize); |
2940 | if (sub == 0) { | | 2938 | if (sub == 0) { |
2941 | pubkey = &ARRAY_ELEMENT(cursor->pgp->primaries, primary).primary; | | 2939 | pubkey = &ARRAY_ELEMENT(cursor->pgp->primaries, primary).primary; |
2942 | return match_sig(cursor, signature, pubkey, data, insize); | | 2940 | return match_sig(cursor, signature, pubkey, data, insize); |
2943 | } | | 2941 | } |
2944 | prim = &ARRAY_ELEMENT(cursor->pgp->primaries, primary); | | 2942 | prim = &ARRAY_ELEMENT(cursor->pgp->primaries, primary); |
2945 | pubkey = &ARRAY_ELEMENT(prim->signed_subkeys, sub - 1).subkey; | | 2943 | n = ARRAY_ELEMENT(prim->signed_subkeys, sub - 1); |
| | | 2944 | pubkey = &ARRAY_ELEMENT(pgp->signed_subkeys, n).subkey; |
2946 | return match_sig(cursor, signature, pubkey, data, insize); | | 2945 | return match_sig(cursor, signature, pubkey, data, insize); |
2947 | } | | 2946 | } |
2948 | | | 2947 | |
2949 | /* return the packet type */ | | 2948 | /* return the packet type */ |
2950 | static const char * | | 2949 | static const char * |
2951 | get_packet_type(uint8_t tag) | | 2950 | get_packet_type(uint8_t tag) |
2952 | { | | 2951 | { |
2953 | switch(tag) { | | 2952 | switch(tag) { |
2954 | case SIGNATURE_PKT: | | 2953 | case SIGNATURE_PKT: |
2955 | return "signature packet"; | | 2954 | return "signature packet"; |
2956 | case ONEPASS_SIGNATURE_PKT: | | 2955 | case ONEPASS_SIGNATURE_PKT: |
2957 | return "onepass signature packet"; | | 2956 | return "onepass signature packet"; |
2958 | case PUBKEY_PKT: | | 2957 | case PUBKEY_PKT: |
| @@ -2966,27 +2965,149 @@ get_packet_type(uint8_t tag) | | | @@ -2966,27 +2965,149 @@ get_packet_type(uint8_t tag) |
2966 | case TRUST_PKT: | | 2965 | case TRUST_PKT: |
2967 | return "trust packet"; | | 2966 | return "trust packet"; |
2968 | case USERID_PKT: | | 2967 | case USERID_PKT: |
2969 | return "userid packet"; | | 2968 | return "userid packet"; |
2970 | case PUB_SUBKEY_PKT: | | 2969 | case PUB_SUBKEY_PKT: |
2971 | return "public subkey packet"; | | 2970 | return "public subkey packet"; |
2972 | case USER_ATTRIBUTE_PKT: | | 2971 | case USER_ATTRIBUTE_PKT: |
2973 | return "user attribute packet"; | | 2972 | return "user attribute packet"; |
2974 | default: | | 2973 | default: |
2975 | return "[UNKNOWN]"; | | 2974 | return "[UNKNOWN]"; |
2976 | } | | 2975 | } |
2977 | } | | 2976 | } |
2978 | | | 2977 | |
2979 | /**************************************************************************/ | | 2978 | /* check return value from getenv */ |
| | | 2979 | static const char * |
| | | 2980 | nonnull_getenv(const char *key) |
| | | 2981 | { |
| | | 2982 | char *value; |
| | | 2983 | |
| | | 2984 | return ((value = getenv(key)) == NULL) ? "" : value; |
| | | 2985 | } |
| | | 2986 | |
| | | 2987 | /* free an array of bignums */ |
| | | 2988 | static void |
| | | 2989 | free_bn_array(pgpv_bignum_t *v, unsigned n) |
| | | 2990 | { |
| | | 2991 | unsigned i; |
| | | 2992 | |
| | | 2993 | for (i = 0 ; i < n ; i++) { |
| | | 2994 | PGPV_BN_free(v[i].bn); |
| | | 2995 | } |
| | | 2996 | } |
| | | 2997 | |
| | | 2998 | /************************************************************************/ |
| | | 2999 | /* start of exported functions */ |
| | | 3000 | /************************************************************************/ |
| | | 3001 | |
| | | 3002 | /* close all stuff */ |
| | | 3003 | int |
| | | 3004 | pgpv_close(pgpv_t *pgp) |
| | | 3005 | { |
| | | 3006 | pgpv_primarykey_t *primary; |
| | | 3007 | pgpv_pkt_t *pkt; |
| | | 3008 | unsigned i; |
| | | 3009 | |
| | | 3010 | if (pgp == NULL) { |
| | | 3011 | return 0; |
| | | 3012 | } |
| | | 3013 | for (i = 0 ; i < ARRAY_COUNT(pgp->areas) ; i++) { |
| | | 3014 | if (ARRAY_ELEMENT(pgp->areas, i).size > 0) { |
| | | 3015 | closemem(&ARRAY_ELEMENT(pgp->areas, i)); |
| | | 3016 | } |
| | | 3017 | } |
| | | 3018 | ARRAY_FREE(pgp->areas); |
| | | 3019 | for (i = 0 ; i < ARRAY_COUNT(pgp->pkts) ; i++) { |
| | | 3020 | pkt = &ARRAY_ELEMENT(pgp->pkts, i); |
| | | 3021 | switch(pkt->tag) { |
| | | 3022 | case SIGNATURE_PKT: |
| | | 3023 | free_bn_array(pkt->u.sigpkt.sig.bn, PGPV_MAX_SIG_BN); |
| | | 3024 | ARRAY_FREE(pkt->u.sigpkt.subpackets); |
| | | 3025 | break; |
| | | 3026 | case LITDATA_PKT: |
| | | 3027 | if (pkt->u.litdata.filename.allocated) { |
| | | 3028 | free(pkt->u.litdata.filename.data); |
| | | 3029 | } |
| | | 3030 | break; |
| | | 3031 | case PUBKEY_PKT: |
| | | 3032 | free_bn_array(pkt->u.pubkey.bn, PGPV_MAX_PUBKEY_BN); |
| | | 3033 | break; |
| | | 3034 | case USERID_PKT: |
| | | 3035 | if (pkt->u.userid.allocated) { |
| | | 3036 | free(pkt->u.userid.data); |
| | | 3037 | } |
| | | 3038 | break; |
| | | 3039 | case USER_ATTRIBUTE_PKT: |
| | | 3040 | ARRAY_FREE(pkt->u.userattr.subattrs); |
| | | 3041 | break; |
| | | 3042 | } |
| | | 3043 | } |
| | | 3044 | ARRAY_FREE(pgp->pkts); |
| | | 3045 | for (i = 0 ; i < ARRAY_COUNT(pgp->primaries) ; i++) { |
| | | 3046 | primary = &ARRAY_ELEMENT(pgp->primaries, i); |
| | | 3047 | free_bn_array(primary->primary.bn, PGPV_MAX_PUBKEY_BN); |
| | | 3048 | ARRAY_FREE(primary->signatures); |
| | | 3049 | ARRAY_FREE(primary->signed_userids); |
| | | 3050 | ARRAY_FREE(primary->signed_userattrs); |
| | | 3051 | ARRAY_FREE(primary->signed_subkeys); |
| | | 3052 | } |
| | | 3053 | for (i = 0 ; i < ARRAY_COUNT(pgp->signatures) ; i++) { |
| | | 3054 | free_bn_array(ARRAY_ELEMENT(pgp->signatures, i).bn, PGPV_MAX_SIG_BN); |
| | | 3055 | } |
| | | 3056 | ARRAY_FREE(pgp->primaries); |
| | | 3057 | ARRAY_FREE(pgp->datastarts); |
| | | 3058 | ARRAY_FREE(pgp->signatures); |
| | | 3059 | ARRAY_FREE(pgp->signed_userids); |
| | | 3060 | ARRAY_FREE(pgp->signed_userattrs); |
| | | 3061 | ARRAY_FREE(pgp->signed_subkeys); |
| | | 3062 | ARRAY_FREE(pgp->subpkts); |
| | | 3063 | return 1; |
| | | 3064 | } |
| | | 3065 | |
| | | 3066 | /* free resources attached to cursor */ |
| | | 3067 | int |
| | | 3068 | pgpv_cursor_close(pgpv_cursor_t *cursor) |
| | | 3069 | { |
| | | 3070 | if (cursor) { |
| | | 3071 | ARRAY_FREE(cursor->datacookies); |
| | | 3072 | ARRAY_FREE(cursor->found); |
| | | 3073 | } |
| | | 3074 | return 0; |
| | | 3075 | } |
| | | 3076 | |
| | | 3077 | /* return the formatted entry for the primary key desired */ |
| | | 3078 | size_t |
| | | 3079 | pgpv_get_entry(pgpv_t *pgp, unsigned ent, char **s, const char *modifiers) |
| | | 3080 | { |
| | | 3081 | unsigned subkey; |
| | | 3082 | unsigned prim; |
| | | 3083 | obuf_t obuf; |
| | | 3084 | |
| | | 3085 | prim = ((ent >> 8) & 0xffffff); |
| | | 3086 | subkey = (ent & 0xff); |
| | | 3087 | if (s == NULL || pgp == NULL || prim >= ARRAY_COUNT(pgp->primaries)) { |
| | | 3088 | return 0; |
| | | 3089 | } |
| | | 3090 | *s = NULL; |
| | | 3091 | if (modifiers == NULL || (strcasecmp(modifiers, "trust") != 0 && strcasecmp(modifiers, "subkeys") != 0)) { |
| | | 3092 | modifiers = "no-subkeys"; |
| | | 3093 | } |
| | | 3094 | memset(&obuf, 0x0, sizeof(obuf)); |
| | | 3095 | if (!fmt_primary(&obuf, pgp, &ARRAY_ELEMENT(pgp->primaries, prim), subkey, modifiers)) { |
| | | 3096 | return 0; |
| | | 3097 | } |
| | | 3098 | *s = (char *)obuf.v; |
| | | 3099 | return obuf.c; |
| | | 3100 | } |
2980 | | | 3101 | |
2981 | /* make a new pgpv struct */ | | 3102 | /* make a new pgpv struct */ |
2982 | pgpv_t * | | 3103 | pgpv_t * |
2983 | pgpv_new(void) | | 3104 | pgpv_new(void) |
2984 | { | | 3105 | { |
2985 | return calloc(1, sizeof(pgpv_t)); | | 3106 | return calloc(1, sizeof(pgpv_t)); |
2986 | } | | 3107 | } |
2987 | | | 3108 | |
2988 | /* make a new pgpv_cursor struct */ | | 3109 | /* make a new pgpv_cursor struct */ |
2989 | pgpv_cursor_t * | | 3110 | pgpv_cursor_t * |
2990 | pgpv_new_cursor(void) | | 3111 | pgpv_new_cursor(void) |
2991 | { | | 3112 | { |
2992 | return calloc(1, sizeof(pgpv_cursor_t)); | | 3113 | return calloc(1, sizeof(pgpv_cursor_t)); |
| @@ -3071,27 +3192,27 @@ pgpv_verify(pgpv_cursor_t *cursor, pgpv_ | | | @@ -3071,27 +3192,27 @@ pgpv_verify(pgpv_cursor_t *cursor, pgpv_ |
3071 | fixup_ssh_keyid(cursor->pgp, signature, "sha1"); | | 3192 | fixup_ssh_keyid(cursor->pgp, signature, "sha1"); |
3072 | } | | 3193 | } |
3073 | sub = 0; | | 3194 | sub = 0; |
3074 | if ((j = find_keyid(cursor->pgp, NULL, onepass->keyid, &sub)) < 0) { | | 3195 | if ((j = find_keyid(cursor->pgp, NULL, onepass->keyid, &sub)) < 0) { |
3075 | if (!fmt_binary(&obuf, onepass->keyid, (unsigned)sizeof(onepass->keyid))) { | | 3196 | if (!fmt_binary(&obuf, onepass->keyid, (unsigned)sizeof(onepass->keyid))) { |
3076 | snprintf(cursor->why, sizeof(cursor->why), "Memory allocation failure"); | | 3197 | snprintf(cursor->why, sizeof(cursor->why), "Memory allocation failure"); |
3077 | return 0; | | 3198 | return 0; |
3078 | } | | 3199 | } |
3079 | snprintf(cursor->why, sizeof(cursor->why), | | 3200 | snprintf(cursor->why, sizeof(cursor->why), |
3080 | "Signature key id %.*s not found ", | | 3201 | "Signature key id %.*s not found ", |
3081 | (int)obuf.c, (char *)obuf.v); | | 3202 | (int)obuf.c, (char *)obuf.v); |
3082 | return 0; | | 3203 | return 0; |
3083 | } | | 3204 | } |
3084 | if (!match_sig_id(cursor, signature, litdata, (unsigned)j, sub)) { | | 3205 | if (!match_sig_id(cursor, pgp, signature, litdata, (unsigned)j, sub)) { |
3085 | snprintf(cursor->why, sizeof(cursor->why), | | 3206 | snprintf(cursor->why, sizeof(cursor->why), |
3086 | "Signature does not match %.*s", | | 3207 | "Signature does not match %.*s", |
3087 | (int)obuf.c, (char *)obuf.v); | | 3208 | (int)obuf.c, (char *)obuf.v); |
3088 | return 0; | | 3209 | return 0; |
3089 | } | | 3210 | } |
3090 | ARRAY_APPEND(cursor->datacookies, pkt); | | 3211 | ARRAY_APPEND(cursor->datacookies, pkt); |
3091 | j = ((j & 0xffffff) << 8) | (sub & 0xff); | | 3212 | j = ((j & 0xffffff) << 8) | (sub & 0xff); |
3092 | ARRAY_APPEND(cursor->found, j); | | 3213 | ARRAY_APPEND(cursor->found, j); |
3093 | return pkt + 1; | | 3214 | return pkt + 1; |
3094 | } | | 3215 | } |
3095 | | | 3216 | |
3096 | /* set up the pubkey keyring */ | | 3217 | /* set up the pubkey keyring */ |
3097 | int | | 3218 | int |