1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-23 15:07:03 +01:00
gnupg/g10/pkclist.c

1123 lines
29 KiB
C
Raw Normal View History

1997-12-31 12:32:54 +00:00
/* pkclist.c
2001-03-08 14:33:24 +00:00
* Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
1997-12-31 12:32:54 +00:00
*
* This file is part of GnuPG.
1997-12-31 12:32:54 +00:00
*
* GnuPG is free software; you can redistribute it and/or modify
1997-12-31 12:32:54 +00:00
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
1997-12-31 12:32:54 +00:00
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <assert.h>
#include "options.h"
#include "packet.h"
#include "errors.h"
#include "keydb.h"
#include "memory.h"
#include "util.h"
2001-09-20 07:12:52 +00:00
#include "main.h"
1998-01-12 10:18:17 +00:00
#include "trustdb.h"
1998-01-19 18:54:44 +00:00
#include "ttyio.h"
1998-07-09 13:37:17 +00:00
#include "status.h"
1998-01-26 22:09:01 +00:00
#include "i18n.h"
1998-01-19 18:54:44 +00:00
1998-09-11 05:47:32 +00:00
#define CONTROL_D ('D' - 'A' + 1)
/****************
* Show the revocation reason as it is stored with the given signature
*/
static void
do_show_revocation_reason( PKT_signature *sig )
{
size_t n, nn;
const byte *p, *pp;
int seq = 0;
const char *text;
while( (p = enum_sig_subpkt (sig->hashed, SIGSUBPKT_REVOC_REASON,
&n, &seq )) ) {
if( !n )
continue; /* invalid - just skip it */
if( *p == 0 )
text = _("No reason specified");
else if( *p == 0x01 )
text = _("Key is superseded");
else if( *p == 0x02 )
text = _("Key has been compromised");
else if( *p == 0x03 )
text = _("Key is no longer used");
else if( *p == 0x20 )
text = _("User ID is no longer valid");
else
text = NULL;
log_info( _("Reason for revocation: ") );
if( text )
fputs( text, log_stream() );
else
fprintf( log_stream(), "code=%02x", *p );
putc( '\n', log_stream() );
n--; p++;
pp = NULL;
do {
/* We don't want any empty lines, so skip them */
while( n && *p == '\n' ) {
p++;
n--;
}
if( n ) {
pp = memchr( p, '\n', n );
nn = pp? pp - p : n;
log_info( _("Revocation comment: ") );
print_string( log_stream(), p, nn, 0 );
putc( '\n', log_stream() );
p += nn; n -= nn;
}
} while( pp );
}
}
static void
show_revocation_reason( PKT_public_key *pk )
{
/* Hmmm, this is not so easy becuase we have to duplicate the code
* used in the trustbd to calculate the keyflags. We need to find
* a clean way to check revocation certificates on keys and signatures.
* And there should be no duplicate code. Because we enter this function
* only when the trustdb toldus, taht we have a revoked key, we could
* simplylook for a revocation cert and display this one, when there is
* only one. Let's try to do this until we have a better solution.
*/
KBNODE node, keyblock = NULL;
byte fingerprint[MAX_FINGERPRINT_LEN];
size_t fingerlen;
int rc;
/* get the keyblock */
fingerprint_from_pk( pk, fingerprint, &fingerlen );
rc = get_keyblock_byfprint( &keyblock, fingerprint, fingerlen );
if( rc ) { /* that should never happen */
log_debug( "failed to get the keyblock\n");
return;
}
for( node=keyblock; node; node = node->next ) {
if( ( node->pkt->pkttype == PKT_PUBLIC_KEY
|| node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
&& !cmp_public_keys( node->pkt->pkt.public_key, pk ) )
break;
}
if( !node ) {
log_debug("Oops, PK not in keyblock\n");
release_kbnode( keyblock );
return;
}
/* now find the revocation certificate */
for( node = node->next; node ; node = node->next ) {
if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
break;
if( node->pkt->pkttype == PKT_SIGNATURE
&& (node->pkt->pkt.signature->sig_class == 0x20
|| node->pkt->pkt.signature->sig_class == 0x28 ) ) {
/* FIXME: we should check the signature here */
do_show_revocation_reason ( node->pkt->pkt.signature );
}
}
release_kbnode( keyblock );
}
1998-09-11 05:47:32 +00:00
static void
2001-09-24 16:03:14 +00:00
show_paths (const PKT_public_key *pk, int only_first )
{
2001-09-24 16:03:14 +00:00
#warning must change enum_cert_paths to use pk
#if 0
void *context = NULL;
unsigned otrust, validity;
1998-11-18 19:59:06 +00:00
int last_level, level;
1998-11-18 19:59:06 +00:00
last_level = 0;
while( (level=enum_cert_paths( &context, &lid, &otrust, &validity)) != -1){
char *p;
int c, rc;
size_t n;
u32 keyid[2];
PKT_public_key *pk ;
1998-11-18 19:59:06 +00:00
if( level < last_level && only_first )
break;
last_level = level;
rc = keyid_from_lid( lid, keyid );
2001-09-24 16:03:14 +00:00
if( rc ) {
log_error("ooops: can't get keyid for lid %lu\n", lid);
return;
}
pk = m_alloc_clear( sizeof *pk );
rc = get_pubkey( pk, keyid );
if( rc ) {
log_error("key %08lX: public key not found: %s\n",
(ulong)keyid[1], g10_errstr(rc) );
return;
}
tty_printf("%*s%4u%c/%08lX.%lu %s \"",
1998-11-18 19:59:06 +00:00
level*2, "",
nbits_from_pk( pk ), pubkey_letter( pk->pubkey_algo ),
(ulong)keyid[1], lid, datestr_from_pk( pk ) );
c = trust_letter(otrust);
if( c )
putchar( c );
else
printf( "%02x", otrust );
putchar('/');
c = trust_letter(validity);
if( c )
putchar( c );
else
printf( "%02x", validity );
putchar(' ');
p = get_user_id( keyid, &n );
tty_print_utf8_string( p, n ),
m_free(p);
1998-11-18 19:59:06 +00:00
tty_printf("\"\n");
free_public_key( pk );
}
enum_cert_paths( &context, NULL, NULL, NULL ); /* release context */
2001-09-24 16:03:14 +00:00
#endif
1998-11-18 19:59:06 +00:00
tty_printf("\n");
}
1998-01-24 16:32:27 +00:00
/****************
2001-09-24 16:03:14 +00:00
* mode: 0 = standard
* 1 = Without key info and additional menu option 'm'
* Returns:
* -2 = nothing changed - caller should show some additional info
* -1 = quit operation
* 0 = nothing changed
* 1 = new ownertrust now ion new_trust
1998-01-24 16:32:27 +00:00
*/
static int
2001-09-24 16:03:14 +00:00
do_edit_ownertrust (PKT_public_key *pk, int mode,
unsigned *new_trust, int defer_help )
1998-01-19 18:54:44 +00:00
{
2001-09-24 16:03:14 +00:00
char *p;
size_t n;
u32 keyid[2];
int changed=0;
int quit=0;
int show=0;
int did_help=defer_help;
keyid_from_pk (pk, keyid);
for(;;) {
/* a string with valid answers */
const char *ans = _("sSmMqQ");
if( !did_help )
{
if( !mode )
{
tty_printf(_("No trust value assigned to:\n"
"%4u%c/%08lX %s \""),
nbits_from_pk( pk ), pubkey_letter( pk->pubkey_algo ),
(ulong)keyid[1], datestr_from_pk( pk ) );
p = get_user_id( keyid, &n );
tty_print_utf8_string( p, n ),
m_free(p);
tty_printf("\"\n");
print_fingerprint (pk, NULL, 2);
tty_printf("\n");
}
tty_printf(_(
"Please decide how far you trust this user to correctly\n"
"verify other users' keys (by looking at passports,\n"
"checking fingerprints from different sources...)?\n\n"
" 1 = Don't know\n"
" 2 = I do NOT trust\n"
" 3 = I trust marginally\n"
" 4 = I trust fully\n"
" s = please show me more information\n") );
if( mode )
tty_printf(_(" m = back to the main menu\n"));
else
tty_printf(_(" q = quit\n"));
tty_printf("\n");
did_help = 1;
}
if( strlen(ans) != 6 )
BUG();
p = cpr_get("edit_ownertrust.value",_("Your decision? "));
trim_spaces(p);
cpr_kill_prompt();
if( !*p )
did_help = 0;
else if( *p && p[1] )
;
else if( !p[1] && (*p >= '1' && *p <= '4') )
{
unsigned trust;
switch( *p )
{
case '1': trust = TRUST_UNDEFINED; break;
case '2': trust = TRUST_NEVER ; break;
case '3': trust = TRUST_MARGINAL ; break;
case '4': trust = TRUST_FULLY ; break;
default: BUG();
}
*new_trust = trust;
changed = 1;
break;
}
else if( *p == ans[0] || *p == ans[1] )
{
tty_printf(_("Certificates leading to an ultimately trusted key:\n"));
show = 1;
break;
}
else if( mode && (*p == ans[2] || *p == ans[3] || *p == CONTROL_D ) )
{
break ; /* back to the menu */
}
else if( !mode && (*p == ans[4] || *p == ans[5] ) )
{
quit = 1;
break ; /* back to the menu */
}
m_free(p); p = NULL;
}
m_free(p);
return show? -2: quit? -1 : changed;
1998-01-19 18:54:44 +00:00
}
2001-09-24 16:03:14 +00:00
/*
* Display a menu to change the ownertrust of the key PK (which should
* be a primary key).
* For mode values see do_edit_ownertrust ()
*/
int
2001-09-24 16:03:14 +00:00
edit_ownertrust (PKT_public_key *pk, int mode )
{
2001-09-24 16:03:14 +00:00
unsigned int trust;
int no_help = 0;
for(;;)
{
switch ( do_edit_ownertrust (pk, mode, &trust, no_help ) )
{
case -1: /* quit */
return 0;
case -2: /* show info */
show_paths(pk, 1);
no_help = 1;
break;
case 1: /* trust value set */
trust &= ~TRUST_FLAG_DISABLED;
trust |= get_ownertrust (pk) & TRUST_FLAG_DISABLED;
update_ownertrust (pk, trust );
return 0;
default:
return 0;
}
}
}
static int
2001-09-24 16:03:14 +00:00
add_ownertrust_cb (PKT_public_key *pk )
{
2001-09-24 16:03:14 +00:00
unsigned int trust;
int rc = do_edit_ownertrust (pk, 0, &trust, 0 );
if( rc == 1 )
return trust & TRUST_MASK;
return rc > 0? 0 : rc;
}
1998-01-24 16:32:27 +00:00
/****************
* Try to add some more owner trusts (interactive)
* This function presents all the signator in a certificate
* chain who have no ownertrust value assigned.
1998-01-24 16:32:27 +00:00
* Returns: -1 if no ownertrust were added.
*/
static int
add_ownertrust( PKT_public_key *pk, int *quit, int *trustlevel )
1998-01-24 16:32:27 +00:00
{
int rc;
unsigned flags = 0;
1998-01-24 16:32:27 +00:00
2001-09-24 16:03:14 +00:00
#warning This function does not make sense anymore
*quit = 0;
*trustlevel = 0;
1998-01-24 16:32:27 +00:00
tty_printf(
1998-04-14 17:51:16 +00:00
_("Could not find a valid trust path to the key. Let's see whether we\n"
1998-01-26 22:09:01 +00:00
"can assign some missing owner trust values.\n\n"));
1998-01-24 16:32:27 +00:00
2001-09-24 16:03:14 +00:00
*trustlevel = get_validity ( pk, NULL);
1998-01-24 16:32:27 +00:00
if( !(flags & 1) )
tty_printf(_("No path leading to one of our keys found.\n\n") );
else if( !(flags & 2) )
tty_printf(_("No certificates with undefined trust found.\n\n") );
else if( !(flags & 4) )
tty_printf(_("No trust values changed.\n\n") );
1998-01-24 16:32:27 +00:00
return (flags & 4)? 0:-1;
1998-01-24 16:32:27 +00:00
}
1998-01-12 10:18:17 +00:00
/****************
1998-06-29 12:30:57 +00:00
* Check whether we can trust this pk which has a trustlevel of TRUSTLEVEL
* Returns: true if we trust. Might change the trustlevel
1998-01-12 10:18:17 +00:00
*/
static int
do_we_trust( PKT_public_key *pk, int *trustlevel )
1998-01-12 10:18:17 +00:00
{
1998-01-13 19:04:23 +00:00
int rc;
int did_add = 0;
int trustmask = 0;
1998-01-13 19:04:23 +00:00
retry:
if( (*trustlevel & TRUST_FLAG_REVOKED) ) {
1998-11-10 12:59:59 +00:00
log_info(_("key %08lX: key has been revoked!\n"),
1998-09-28 19:25:31 +00:00
(ulong)keyid_from_pk( pk, NULL) );
show_revocation_reason( pk );
if( opt.batch )
return 0;
if( !cpr_get_answer_is_yes("revoked_key.override",
1998-08-08 19:27:00 +00:00
_("Use this key anyway? ")) )
return 0;
trustmask |= TRUST_FLAG_REVOKED;
}
else if( (*trustlevel & TRUST_FLAG_SUB_REVOKED) ) {
log_info(_("key %08lX: subkey has been revoked!\n"),
(ulong)keyid_from_pk( pk, NULL) );
show_revocation_reason( pk );
if( opt.batch )
return 0;
if( !cpr_get_answer_is_yes("revoked_key.override",
_("Use this key anyway? ")) )
return 0;
trustmask |= TRUST_FLAG_SUB_REVOKED;
}
*trustlevel &= ~trustmask;
if( opt.always_trust) {
if( opt.verbose )
log_info("No trust check due to --always-trust option\n");
/* The problem with this, is that EXPIRE can't be checked as
2001-04-23 11:44:46 +00:00
* this needs to insert a new key into the trustdb first and
* we don't want that - IS this still true? */
return 1;
}
switch( (*trustlevel & TRUST_MASK) ) {
1998-01-19 18:54:44 +00:00
case TRUST_UNKNOWN: /* No pubkey in trustDB: Insert and check again */
2001-09-24 16:03:14 +00:00
*trustlevel = get_validity (pk, NULL);
*trustlevel &= ~trustmask;
if( *trustlevel == TRUST_UNKNOWN || *trustlevel == TRUST_EXPIRED ) {
log_debug("do_we_trust: oops at %d\n", __LINE__ );
return 0;
}
1998-06-29 12:30:57 +00:00
return do_we_trust( pk, trustlevel );
1998-01-19 18:54:44 +00:00
case TRUST_EXPIRED:
1998-11-10 12:59:59 +00:00
log_info(_("%08lX: key has expired\n"),
(ulong)keyid_from_pk( pk, NULL) );
1998-01-19 18:54:44 +00:00
return 0; /* no */
case TRUST_UNDEFINED:
if( opt.batch || opt.answer_no )
1998-11-10 12:59:59 +00:00
log_info(_("%08lX: no info to calculate a trust probability\n"),
1998-09-28 19:25:31 +00:00
(ulong)keyid_from_pk( pk, NULL) );
1998-01-19 18:54:44 +00:00
else {
int quit;
rc = add_ownertrust( pk, &quit, trustlevel );
*trustlevel &= ~trustmask;
if( !rc && !did_add && !quit ) {
did_add = 1;
goto retry;
1998-01-24 16:32:27 +00:00
}
1998-01-19 18:54:44 +00:00
}
1998-04-02 10:30:03 +00:00
return 0;
1998-01-19 18:54:44 +00:00
case TRUST_NEVER:
1998-11-10 12:59:59 +00:00
log_info(_("%08lX: We do NOT trust this key\n"),
1998-09-28 19:25:31 +00:00
(ulong)keyid_from_pk( pk, NULL) );
1998-01-19 18:54:44 +00:00
return 0; /* no */
case TRUST_MARGINAL:
1998-11-10 12:59:59 +00:00
log_info(
_("%08lX: It is not sure that this key really belongs to the owner\n"
1998-11-10 12:59:59 +00:00
"but it is accepted anyway\n"), (ulong)keyid_from_pk( pk, NULL) );
1998-01-19 18:54:44 +00:00
return 1; /* yes */
case TRUST_FULLY:
1998-02-11 23:22:09 +00:00
if( opt.verbose )
1998-11-10 12:59:59 +00:00
log_info(_("This key probably belongs to the owner\n"));
1998-01-19 18:54:44 +00:00
return 1; /* yes */
case TRUST_ULTIMATE:
1998-02-11 23:22:09 +00:00
if( opt.verbose )
log_info(_("This key belongs to us\n"));
1998-01-19 18:54:44 +00:00
return 1; /* yes */
default: BUG();
1998-01-13 19:04:23 +00:00
}
1998-01-12 10:18:17 +00:00
return 1; /* yes */
}
1997-12-31 12:32:54 +00:00
1998-03-03 08:43:28 +00:00
/****************
1998-04-14 17:51:16 +00:00
* wrapper around do_we_trust, so we can ask whether to use the
1998-03-03 08:43:28 +00:00
* key anyway.
*/
static int
1998-06-29 12:30:57 +00:00
do_we_trust_pre( PKT_public_key *pk, int trustlevel )
1998-03-03 08:43:28 +00:00
{
int rc;
rc = do_we_trust( pk, &trustlevel );
1998-03-03 08:43:28 +00:00
if( (trustlevel & TRUST_FLAG_REVOKED) && !rc )
return 0;
if( (trustlevel & TRUST_FLAG_SUB_REVOKED) && !rc )
return 0;
else if( !opt.batch && !rc ) {
char *p;
u32 keyid[2];
size_t n;
keyid_from_pk( pk, keyid);
tty_printf( "%4u%c/%08lX %s \"",
nbits_from_pk( pk ), pubkey_letter( pk->pubkey_algo ),
(ulong)keyid[1], datestr_from_pk( pk ) );
p = get_user_id( keyid, &n );
tty_print_utf8_string( p, n ),
m_free(p);
tty_printf("\"\n");
2001-09-20 07:12:52 +00:00
print_fingerprint (pk, NULL, 2);
tty_printf("\n");
1998-03-03 08:43:28 +00:00
tty_printf(_(
1998-04-14 17:51:16 +00:00
"It is NOT certain that the key belongs to its owner.\n"
1998-03-03 08:43:28 +00:00
"If you *really* know what you are doing, you may answer\n"
"the next question with yes\n\n") );
if( cpr_get_answer_is_yes("untrusted_key.override",
_("Use this key anyway? ")) )
1998-03-03 08:43:28 +00:00
rc = 1;
/* Hmmm: Should we set a flag to tell the user the user about
* his decision the next time he encrypts for this recipient?
*/
1998-03-03 08:43:28 +00:00
}
1998-05-29 11:53:54 +00:00
else if( opt.always_trust && !rc ) {
if( !opt.quiet )
log_info(_("WARNING: Using untrusted key!\n"));
1998-05-29 11:53:54 +00:00
rc = 1;
}
1998-03-03 08:43:28 +00:00
return rc;
}
1997-12-31 12:32:54 +00:00
1998-07-09 13:37:17 +00:00
/****************
* Check whether we can trust this signature.
* Returns: Error if we shall not trust this signatures.
*/
int
check_signatures_trust( PKT_signature *sig )
{
PKT_public_key *pk = m_alloc_clear( sizeof *pk );
int trustlevel;
int did_add = 0;
1998-07-09 13:37:17 +00:00
int rc=0;
if( opt.always_trust ) {
if( !opt.quiet )
log_info(_("WARNING: Using untrusted key!\n"));
2001-09-06 17:10:00 +00:00
if (opt.with_fingerprint)
2001-09-20 07:12:52 +00:00
print_fingerprint (pk, NULL, 1);
2001-09-06 17:10:00 +00:00
rc = 0;
goto leave;
}
1998-07-09 13:37:17 +00:00
rc = get_pubkey( pk, sig->keyid );
if( rc ) { /* this should not happen */
log_error("Ooops; the key vanished - can't check the trust\n");
rc = G10ERR_NO_PUBKEY;
goto leave;
}
2001-09-24 16:03:14 +00:00
trustlevel = get_validity (pk, NULL);
1998-07-09 13:37:17 +00:00
retry:
1998-07-09 13:37:17 +00:00
if( (trustlevel & TRUST_FLAG_REVOKED) ) {
write_status( STATUS_KEYREVOKED );
log_info(_("WARNING: This key has been revoked by its owner!\n"));
log_info(_(" This could mean that the signature is forgery.\n"));
show_revocation_reason( pk );
1998-07-09 13:37:17 +00:00
}
else if( (trustlevel & TRUST_FLAG_SUB_REVOKED) ) {
write_status( STATUS_KEYREVOKED );
log_info(_("WARNING: This subkey has been revoked by its owner!\n"));
show_revocation_reason( pk );
}
1998-07-09 13:37:17 +00:00
switch( (trustlevel & TRUST_MASK) ) {
case TRUST_UNKNOWN: /* No pubkey in trustDB: Insert and check again */
2001-09-24 16:03:14 +00:00
trustlevel = get_validity (pk, NULL);
1998-07-09 13:37:17 +00:00
if( trustlevel == TRUST_UNKNOWN || trustlevel == TRUST_EXPIRED )
BUG();
goto retry;
case TRUST_EXPIRED:
log_info(_("Note: This key has expired!\n"));
2001-09-20 07:12:52 +00:00
print_fingerprint (pk, NULL, 1);
1998-07-09 13:37:17 +00:00
break;
case TRUST_UNDEFINED:
if( did_add || opt.batch || opt.answer_no ) {
1998-07-09 13:37:17 +00:00
write_status( STATUS_TRUST_UNDEFINED );
log_info(_(
"WARNING: This key is not certified with a trusted signature!\n"));
log_info(_(
" There is no indication that the "
"signature belongs to the owner.\n" ));
2001-09-20 07:12:52 +00:00
print_fingerprint (pk, NULL, 1);
1998-07-09 13:37:17 +00:00
}
else {
int quit;
rc = add_ownertrust( pk, &quit, &trustlevel );
if( rc || quit ) {
did_add = 1;
1998-07-09 13:37:17 +00:00
rc = 0;
}
goto retry;
}
break;
case TRUST_NEVER:
write_status( STATUS_TRUST_NEVER );
log_info(_("WARNING: We do NOT trust this key!\n"));
log_info(_(" The signature is probably a FORGERY.\n"));
2001-09-06 17:10:00 +00:00
if (opt.with_fingerprint)
2001-09-20 07:12:52 +00:00
print_fingerprint (pk, NULL, 1);
1998-07-09 13:37:17 +00:00
rc = G10ERR_BAD_SIGN;
break;
case TRUST_MARGINAL:
write_status( STATUS_TRUST_MARGINAL );
log_info(_(
1998-07-14 17:10:28 +00:00
"WARNING: This key is not certified with sufficiently trusted signatures!\n"
1998-07-09 13:37:17 +00:00
));
log_info(_(
" It is not certain that the signature belongs to the owner.\n"
));
2001-09-20 07:12:52 +00:00
print_fingerprint (pk, NULL, 1);
1998-07-09 13:37:17 +00:00
break;
case TRUST_FULLY:
write_status( STATUS_TRUST_FULLY );
2001-09-06 17:10:00 +00:00
if (opt.with_fingerprint)
2001-09-20 07:12:52 +00:00
print_fingerprint (pk, NULL, 1);
1998-07-09 13:37:17 +00:00
break;
case TRUST_ULTIMATE:
write_status( STATUS_TRUST_ULTIMATE );
2001-09-06 17:10:00 +00:00
if (opt.with_fingerprint)
2001-09-20 07:12:52 +00:00
print_fingerprint (pk, NULL, 1);
1998-07-09 13:37:17 +00:00
break;
default: BUG();
}
leave:
free_public_key( pk );
return rc;
}
1997-12-31 12:32:54 +00:00
void
1998-06-29 12:30:57 +00:00
release_pk_list( PK_LIST pk_list )
1997-12-31 12:32:54 +00:00
{
1998-06-29 12:30:57 +00:00
PK_LIST pk_rover;
1997-12-31 12:32:54 +00:00
1998-06-29 12:30:57 +00:00
for( ; pk_list; pk_list = pk_rover ) {
pk_rover = pk_list->next;
free_public_key( pk_list->pk );
m_free( pk_list );
1997-12-31 12:32:54 +00:00
}
}
static int
key_present_in_pk_list(PK_LIST pk_list, PKT_public_key *pk)
{
for( ; pk_list; pk_list = pk_list->next)
if (cmp_public_keys(pk_list->pk, pk) == 0)
return 0;
return -1;
}
/****************
* Return a malloced string with a default reciepient if there is any
*/
static char *
default_recipient(void)
{
PKT_secret_key *sk;
byte fpr[MAX_FINGERPRINT_LEN+1];
size_t n;
char *p;
int i;
if( opt.def_recipient )
return m_strdup( opt.def_recipient );
if( !opt.def_recipient_self )
return NULL;
sk = m_alloc_clear( sizeof *sk );
i = get_seckey_byname( sk, NULL, 0 );
if( i ) {
free_secret_key( sk );
return NULL;
}
n = MAX_FINGERPRINT_LEN;
fingerprint_from_sk( sk, fpr, &n );
free_secret_key( sk );
p = m_alloc( 2*n+3 );
*p++ = '0';
*p++ = 'x';
for(i=0; i < n; i++ )
sprintf( p+2*i, "%02X", fpr[i] );
p -= 2;
return p;
}
1997-12-31 12:32:54 +00:00
int
build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned use )
1997-12-31 12:32:54 +00:00
{
1998-06-29 12:30:57 +00:00
PK_LIST pk_list = NULL;
PKT_public_key *pk=NULL;
1998-03-03 08:43:28 +00:00
int rc=0;
int any_recipients=0;
STRLIST rov;
char *def_rec = NULL;
/* check whether there are any recipients in the list and build the
* list of the encrypt-to ones (we always trust them) */
for( rov = remusr; rov; rov = rov->next ) {
if( !(rov->flags & 1) )
any_recipients = 1;
else if( (use & PUBKEY_USAGE_ENC) && !opt.no_encrypt_to ) {
pk = m_alloc_clear( sizeof *pk );
2001-02-08 16:28:28 +00:00
pk->req_usage = use;
2001-09-06 17:10:00 +00:00
if( (rc = get_pubkey_byname( pk, rov->d, NULL, NULL )) ) {
free_public_key( pk ); pk = NULL;
log_error(_("%s: skipped: %s\n"), rov->d, g10_errstr(rc) );
2001-09-06 17:10:00 +00:00
write_status_text_and_buffer (STATUS_INV_RECP, "0 ",
rov->d, strlen (rov->d), -1);
}
else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use )) ) {
/* Skip the actual key if the key is already present
* in the list */
if (key_present_in_pk_list(pk_list, pk) == 0) {
free_public_key(pk); pk = NULL;
log_info(_("%s: skipped: public key already present\n"),
rov->d);
}
else {
PK_LIST r;
r = m_alloc( sizeof *r );
r->pk = pk; pk = NULL;
r->next = pk_list;
r->mark = 0;
pk_list = r;
}
}
else {
free_public_key( pk ); pk = NULL;
log_error(_("%s: skipped: %s\n"), rov->d, g10_errstr(rc) );
2001-09-06 17:10:00 +00:00
write_status_text_and_buffer (STATUS_INV_RECP, "0 ",
rov->d, strlen (rov->d), -1);
}
}
}
1998-03-03 08:43:28 +00:00
if( !any_recipients && !opt.batch ) { /* ask */
1998-03-03 08:43:28 +00:00
char *answer=NULL;
int have_def_rec;
1998-03-03 08:43:28 +00:00
def_rec = default_recipient();
have_def_rec = !!def_rec;
if( !have_def_rec )
tty_printf(_(
1998-03-03 08:43:28 +00:00
"You did not specify a user ID. (you may use \"-r\")\n\n"));
for(;;) {
rc = 0;
m_free(answer);
if( have_def_rec ) {
answer = def_rec;
def_rec = NULL;
}
else {
answer = cpr_get_utf8("pklist.user_id.enter",
_("Enter the user ID: "));
trim_spaces(answer);
cpr_kill_prompt();
}
1998-03-03 08:43:28 +00:00
if( !*answer )
break;
1998-06-29 12:30:57 +00:00
if( pk )
free_public_key( pk );
pk = m_alloc_clear( sizeof *pk );
2001-02-08 16:28:28 +00:00
pk->req_usage = use;
2001-09-06 17:10:00 +00:00
rc = get_pubkey_byname( pk, answer, NULL, NULL );
1998-03-03 08:43:28 +00:00
if( rc )
1998-07-06 10:23:57 +00:00
tty_printf(_("No such user ID.\n"));
else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use)) ) {
if( have_def_rec ) {
if (key_present_in_pk_list(pk_list, pk) == 0) {
free_public_key(pk); pk = NULL;
log_info(_("skipped: public key "
"already set as default recipient\n") );
}
else {
PK_LIST r = m_alloc( sizeof *r );
r->pk = pk; pk = NULL;
r->next = pk_list;
r->mark = 0;
pk_list = r;
}
any_recipients = 1;
1998-03-03 08:43:28 +00:00
break;
}
else {
int trustlevel;
2001-09-24 16:03:14 +00:00
trustlevel = get_validity (pk, NULL);
if( (trustlevel & TRUST_FLAG_DISABLED) ) {
tty_printf(_("Public key is disabled.\n") );
}
else if( do_we_trust_pre( pk, trustlevel ) ) {
/* Skip the actual key if the key is already present
* in the list */
if (key_present_in_pk_list(pk_list, pk) == 0) {
free_public_key(pk); pk = NULL;
log_info(_("skipped: public key "
"already set with --encrypt-to\n") );
}
else {
PK_LIST r;
r = m_alloc( sizeof *r );
r->pk = pk; pk = NULL;
r->next = pk_list;
r->mark = 0;
pk_list = r;
}
any_recipients = 1;
break;
}
}
1998-03-03 08:43:28 +00:00
}
m_free(def_rec); def_rec = NULL;
have_def_rec = 0;
1998-03-03 08:43:28 +00:00
}
m_free(answer);
1998-06-29 12:30:57 +00:00
if( pk ) {
free_public_key( pk );
pk = NULL;
1998-03-03 08:43:28 +00:00
}
1997-12-31 12:32:54 +00:00
}
else if( !any_recipients && (def_rec = default_recipient()) ) {
pk = m_alloc_clear( sizeof *pk );
2001-02-08 16:28:28 +00:00
pk->req_usage = use;
2001-09-06 17:10:00 +00:00
rc = get_pubkey_byname( pk, def_rec, NULL, NULL );
if( rc )
log_error(_("unknown default recipient `%s'\n"), def_rec );
else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use)) ) {
PK_LIST r = m_alloc( sizeof *r );
r->pk = pk; pk = NULL;
r->next = pk_list;
r->mark = 0;
pk_list = r;
any_recipients = 1;
}
if( pk ) {
free_public_key( pk );
pk = NULL;
}
m_free(def_rec); def_rec = NULL;
}
1997-12-31 12:32:54 +00:00
else {
any_recipients = 0;
1997-12-31 12:32:54 +00:00
for(; remusr; remusr = remusr->next ) {
if( (remusr->flags & 1) )
continue; /* encrypt-to keys are already handled */
1997-12-31 12:32:54 +00:00
1998-06-29 12:30:57 +00:00
pk = m_alloc_clear( sizeof *pk );
2001-02-08 16:28:28 +00:00
pk->req_usage = use;
2001-09-06 17:10:00 +00:00
if( (rc = get_pubkey_byname( pk, remusr->d, NULL, NULL )) ) {
1998-06-29 12:30:57 +00:00
free_public_key( pk ); pk = NULL;
1998-07-06 10:23:57 +00:00
log_error(_("%s: skipped: %s\n"), remusr->d, g10_errstr(rc) );
2001-09-06 17:10:00 +00:00
write_status_text_and_buffer (STATUS_INV_RECP, "0 ",
remusr->d, strlen (remusr->d),
-1);
1997-12-31 12:32:54 +00:00
}
else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use )) ) {
1998-01-12 10:18:17 +00:00
int trustlevel;
2001-09-24 16:03:14 +00:00
trustlevel = get_validity (pk, pk->namehash);
if( (trustlevel & TRUST_FLAG_DISABLED) ) {
free_public_key(pk); pk = NULL;
log_info(_("%s: skipped: public key is disabled\n"),
remusr->d);
2001-09-06 17:10:00 +00:00
write_status_text_and_buffer (STATUS_INV_RECP, "0 ",
remusr->d,
strlen (remusr->d),
-1);
}
1998-06-29 12:30:57 +00:00
else if( do_we_trust_pre( pk, trustlevel ) ) {
1998-01-13 19:04:23 +00:00
/* note: do_we_trust may have changed the trustlevel */
1998-01-12 10:18:17 +00:00
/* We have at least one valid recipient. It doesn't matters
* if this recipient is already present. */
any_recipients = 1;
/* Skip the actual key if the key is already present
* in the list */
if (key_present_in_pk_list(pk_list, pk) == 0) {
free_public_key(pk); pk = NULL;
log_info(_("%s: skipped: public key already present\n"),
remusr->d);
}
else {
PK_LIST r;
r = m_alloc( sizeof *r );
r->pk = pk; pk = NULL;
r->next = pk_list;
r->mark = 0;
pk_list = r;
}
1998-01-12 10:18:17 +00:00
}
1998-06-29 12:30:57 +00:00
else { /* we don't trust this pk */
free_public_key( pk ); pk = NULL;
2001-09-06 17:10:00 +00:00
write_status_text_and_buffer (STATUS_INV_RECP, "0 ",
remusr->d,
strlen (remusr->d),
-1);
1998-01-12 10:18:17 +00:00
}
1997-12-31 12:32:54 +00:00
}
else {
1998-06-29 12:30:57 +00:00
free_public_key( pk ); pk = NULL;
2001-09-06 17:10:00 +00:00
write_status_text_and_buffer (STATUS_INV_RECP, "0 ",
remusr->d,
strlen (remusr->d),
-1);
1998-07-06 10:23:57 +00:00
log_error(_("%s: skipped: %s\n"), remusr->d, g10_errstr(rc) );
1997-12-31 12:32:54 +00:00
}
}
}
if( !rc && !any_recipients ) {
1998-07-06 10:23:57 +00:00
log_error(_("no valid addressees\n"));
write_status_text (STATUS_NO_RECP, "0");
1997-12-31 12:32:54 +00:00
rc = G10ERR_NO_USER_ID;
}
if( rc )
1998-06-29 12:30:57 +00:00
release_pk_list( pk_list );
1997-12-31 12:32:54 +00:00
else
1998-06-29 12:30:57 +00:00
*ret_pk_list = pk_list;
1997-12-31 12:32:54 +00:00
return rc;
}
static int
algo_available( int preftype, int algo )
{
if( preftype == PREFTYPE_SYM ) {
return algo && !check_cipher_algo( algo );
}
else if( preftype == PREFTYPE_HASH ) {
return algo && !check_digest_algo( algo );
}
2001-08-10 14:04:32 +00:00
else if( preftype == PREFTYPE_ZIP ) {
return !algo || algo == 1 || algo == 2;
}
else
return 0;
}
2001-08-10 14:04:32 +00:00
1998-08-05 16:51:59 +00:00
/****************
* Return -1 if we could not find an algorithm.
*/
int
select_algo_from_prefs( PK_LIST pk_list, int preftype )
{
PK_LIST pkr;
u32 bits[8];
2001-08-10 14:04:32 +00:00
const prefitem_t *prefs;
1998-08-05 16:51:59 +00:00
int i, j;
int compr_hack=0;
int any;
if( !pk_list )
return -1;
memset( bits, ~0, 8 * sizeof *bits );
for( pkr = pk_list; pkr; pkr = pkr->next ) {
u32 mask[8];
memset( mask, 0, 8 * sizeof *mask );
if( preftype == PREFTYPE_SYM )
mask[0] |= (1<<2); /* 3DES is implicitly there */
2001-08-10 14:04:32 +00:00
if (pkr->pk->user_id) /* selected by user ID */
prefs = pkr->pk->user_id->prefs;
else
prefs = pkr->pk->prefs;
1998-08-05 16:51:59 +00:00
any = 0;
2001-08-10 14:04:32 +00:00
if( prefs ) {
for (i=0; prefs[i].type; i++ ) {
if( prefs[i].type == preftype ) {
mask[prefs[i].value/32] |= 1 << (prefs[i].value%32);
1998-08-05 16:51:59 +00:00
any = 1;
}
}
}
2001-08-10 14:04:32 +00:00
if( (!prefs || !any) && preftype == PREFTYPE_ZIP ) {
1998-08-05 16:51:59 +00:00
mask[0] |= 3; /* asume no_compression and old pgp */
compr_hack = 1;
}
#if 0
2001-08-10 14:04:32 +00:00
log_debug("pref mask=%08lX%08lX%08lX%08lX%08lX%08lX%08lX%08lX\n",
1998-08-05 16:51:59 +00:00
(ulong)mask[7], (ulong)mask[6], (ulong)mask[5], (ulong)mask[4],
(ulong)mask[3], (ulong)mask[2], (ulong)mask[1], (ulong)mask[0]);
#endif
1998-08-05 16:51:59 +00:00
for(i=0; i < 8; i++ )
bits[i] &= mask[i];
#if 0
2001-08-10 14:04:32 +00:00
log_debug("pref bits=%08lX%08lX%08lX%08lX%08lX%08lX%08lX%08lX\n",
1998-08-05 16:51:59 +00:00
(ulong)bits[7], (ulong)bits[6], (ulong)bits[5], (ulong)bits[4],
(ulong)bits[3], (ulong)bits[2], (ulong)bits[1], (ulong)bits[0]);
#endif
1998-08-05 16:51:59 +00:00
}
/* usable algorithms are now in bits
* We now use the last key from pk_list to select
* the algorithm we want to use. there are no
* preferences for the last key, we select the one
* corresponding to first set bit.
*/
i = -1;
any = 0;
2001-08-10 14:04:32 +00:00
if( prefs ) {
for(j=0; prefs[j].type; j++ ) {
if( prefs[j].type == preftype ) {
if( (bits[prefs[j].value/32] & (1<<(prefs[j].value%32))) ) {
if( algo_available( preftype, prefs[j].value ) ) {
any = 1;
2001-08-10 14:04:32 +00:00
i = prefs[j].value;
break;
}
1998-08-05 16:51:59 +00:00
}
}
}
}
2001-08-10 14:04:32 +00:00
if( !prefs || !any ) {
1998-08-05 16:51:59 +00:00
for(j=0; j < 256; j++ )
if( (bits[j/32] & (1<<(j%32))) ) {
if( algo_available( preftype, j ) ) {
i = j;
break;
}
1998-08-05 16:51:59 +00:00
}
}
#if 0
log_debug("prefs of type %d: selected %d\n", preftype, i );
#endif
1998-08-05 16:51:59 +00:00
if( compr_hack && !i ) {
/* selected no compression, but we should check whether
* algorithm 1 is also available (the ordering is not relevant
* in this case). */
if( bits[0] & (1<<1) )
i = 1; /* yep; we can use compression algo 1 */
}
return i;
}
2001-08-30 16:39:23 +00:00
/*
* Select the MDC flag from the pk_list. We can only use MDC if all recipients
* support this feature
*/
int
select_mdc_from_pklist (PK_LIST pk_list)
{
PK_LIST pkr;
if( !pk_list )
return 0;
for (pkr = pk_list; pkr; pkr = pkr->next) {
int mdc;
if (pkr->pk->user_id) /* selected by user ID */
mdc = pkr->pk->user_id->mdc_feature;
else
mdc = pkr->pk->mdc_feature;
if (!mdc)
return 0; /* at least on recipeint does not support it */
}
return 1; /* can be used */
}
1998-08-05 16:51:59 +00:00