1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00
gnupg/g10/main.h

322 lines
11 KiB
C
Raw Normal View History

1997-11-18 14:06:00 +00:00
/* main.h
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
* 2008 Free Software Foundation, Inc.
1997-11-18 14:06:00 +00:00
*
* This file is part of GnuPG.
1997-11-18 14:06:00 +00:00
*
* GnuPG is free software; you can redistribute it and/or modify
1997-11-18 14:06:00 +00:00
* it under the terms of the GNU General Public License as published by
2007-10-23 10:48:09 +00:00
* the Free Software Foundation; either version 3 of the License, or
1997-11-18 14:06:00 +00:00
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
1997-11-18 14:06:00 +00:00
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
2007-10-23 10:48:09 +00:00
* along with this program; if not, see <http://www.gnu.org/licenses/>.
1997-11-18 14:06:00 +00:00
*/
2002-06-29 13:46:34 +00:00
#ifndef G10_MAIN_H
#define G10_MAIN_H
#include "types.h"
1997-11-24 11:04:11 +00:00
#include "iobuf.h"
2002-06-29 13:46:34 +00:00
#include "mpi.h"
#include "cipher.h"
1997-12-16 19:15:09 +00:00
#include "keydb.h"
1997-11-24 22:24:04 +00:00
/* It could be argued that the default cipher should be 3DES rather
than AES128, and the default compression should be 0
(i.e. uncompressed) rather than 1 (zip). However, the real world
issues of speed and size come into play here. */
#if USE_AES
# define DEFAULT_CIPHER_ALGO CIPHER_ALGO_AES
#elif USE_CAST5
# define DEFAULT_CIPHER_ALGO CIPHER_ALGO_CAST5
#else
# define DEFAULT_CIPHER_ALGO CIPHER_ALGO_3DES
#endif
#define DEFAULT_DIGEST_ALGO DIGEST_ALGO_SHA1
#define DEFAULT_COMPRESS_ALGO COMPRESS_ALGO_ZIP
#define DEFAULT_S2K_DIGEST_ALGO DIGEST_ALGO_SHA1
#define S2K_DIGEST_ALGO (opt.s2k_digest_algo?opt.s2k_digest_algo:DEFAULT_S2K_DIGEST_ALGO)
1998-01-02 20:40:10 +00:00
typedef struct
{
int header_okay;
PK_LIST pk_list;
DEK *symkey_dek;
STRING2KEY *symkey_s2k;
cipher_filter_context_t cfx;
2002-06-29 13:46:34 +00:00
} encrypt_filter_context_t;
2002-06-29 13:46:34 +00:00
struct groupitem
{
char *name;
STRLIST values;
struct groupitem *next;
};
1998-01-02 20:40:10 +00:00
gpg: Add option --weak-digest to gpg and gpgv. * g10/options.h: Add weak_digests linked list to opts. * g10/main.h: Declare weakhash linked list struct and additional_weak_digest() function to insert newly-declared weak digests into opts. * g10/misc.c: (additional_weak_digest): New function. (print_digest_algo_note): Check for deprecated digests. * g10/sig-check.c: (do_check): Reject all weak digests. * g10/gpg.c: Add --weak-digest option to gpg. * doc/gpg.texi: Document gpg --weak-digest option. * g10/gpgv.c: Add --weak-digest option to gpgv. * doc/gpgv.texi: Document gpgv --weak-digest option. -- gpg and gpgv treat signatures made over MD5 as unreliable, unless the user supplies --allow-weak-digests to gpg. Signatures over any other digest are considered acceptable. Despite SHA-1 being a mandatory-to-implement digest algorithm in RFC 4880, the collision-resistance of SHA-1 is weaker than anyone would like it to be. Some operators of high-value targets that depend on OpenPGP signatures may wish to require their signers to use a stronger digest algorithm than SHA1, even if the OpenPGP ecosystem at large cannot deprecate SHA1 entirely today. This changeset adds a new "--weak-digest DIGEST" option for both gpg and gpgv, which makes it straightforward for anyone to treat any signature or certification made over the specified digest as unreliable. This option can be supplied multiple times if the operator wishes to deprecate multiple digest algorithms, and will be ignored completely if the operator supplies --allow-weak-digests (as before). MD5 is always considered weak, regardless of any further --weak-digest options supplied. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> (this is a rough cherry-pick of applying the following commits to STABLE-BRANCH-1-4: 76afaed65e3b0ddfa4923cb577ada43217dd4b18 b98939812abf6c643c752ce7c325f98039a1a9e2 91015d021b3dcbe21ad0e580a4f34c523abf9e72 )
2015-10-27 00:01:32 -04:00
struct weakhash
{
int algo;
int rejection_shown;
struct weakhash *next;
};
/*-- gpg.c --*/
2002-06-29 13:46:34 +00:00
extern int g10_errors_seen;
1998-11-10 12:59:59 +00:00
1998-01-28 16:09:43 +00:00
#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 5 )
2002-06-29 13:46:34 +00:00
void g10_exit(int rc) __attribute__ ((noreturn));
1998-01-28 16:09:43 +00:00
#else
2002-06-29 13:46:34 +00:00
void g10_exit(int rc);
1998-01-28 16:09:43 +00:00
#endif
void print_pubkey_algo_note( int algo );
void print_cipher_algo_note( int algo );
void print_digest_algo_note( int algo );
gpg: Add option --weak-digest to gpg and gpgv. * g10/options.h: Add weak_digests linked list to opts. * g10/main.h: Declare weakhash linked list struct and additional_weak_digest() function to insert newly-declared weak digests into opts. * g10/misc.c: (additional_weak_digest): New function. (print_digest_algo_note): Check for deprecated digests. * g10/sig-check.c: (do_check): Reject all weak digests. * g10/gpg.c: Add --weak-digest option to gpg. * doc/gpg.texi: Document gpg --weak-digest option. * g10/gpgv.c: Add --weak-digest option to gpgv. * doc/gpgv.texi: Document gpgv --weak-digest option. -- gpg and gpgv treat signatures made over MD5 as unreliable, unless the user supplies --allow-weak-digests to gpg. Signatures over any other digest are considered acceptable. Despite SHA-1 being a mandatory-to-implement digest algorithm in RFC 4880, the collision-resistance of SHA-1 is weaker than anyone would like it to be. Some operators of high-value targets that depend on OpenPGP signatures may wish to require their signers to use a stronger digest algorithm than SHA1, even if the OpenPGP ecosystem at large cannot deprecate SHA1 entirely today. This changeset adds a new "--weak-digest DIGEST" option for both gpg and gpgv, which makes it straightforward for anyone to treat any signature or certification made over the specified digest as unreliable. This option can be supplied multiple times if the operator wishes to deprecate multiple digest algorithms, and will be ignored completely if the operator supplies --allow-weak-digests (as before). MD5 is always considered weak, regardless of any further --weak-digest options supplied. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> (this is a rough cherry-pick of applying the following commits to STABLE-BRANCH-1-4: 76afaed65e3b0ddfa4923cb577ada43217dd4b18 b98939812abf6c643c752ce7c325f98039a1a9e2 91015d021b3dcbe21ad0e580a4f34c523abf9e72 )
2015-10-27 00:01:32 -04:00
void additional_weak_digest (const char* digestname);
1998-01-28 16:09:43 +00:00
/*-- armor.c --*/
char *make_radix64_string( const byte *data, size_t len );
int parse_key_failed_line (const void *lineptr, unsigned int len);
1998-04-07 18:16:10 +00:00
/*-- misc.c --*/
1998-05-15 18:49:19 +00:00
void trap_unaligned(void);
int disable_core_dumps(void);
void register_secured_file (const char *fname);
void unregister_secured_file (const char *fname);
int is_secured_file (int fd);
int is_secured_filename (const char *fname);
1998-04-07 18:16:10 +00:00
u16 checksum_u16( unsigned n );
u16 checksum( byte *p, unsigned n );
u16 checksum_mpi( MPI a );
1998-06-25 10:19:08 +00:00
u32 buffer_to_u32( const byte *buffer );
2002-06-29 13:46:34 +00:00
const byte *get_session_marker( size_t *rlen );
int openpgp_cipher_test_algo( int algo );
int openpgp_pk_test_algo( int algo, unsigned int usage_flags );
int openpgp_pk_algo_usage ( int algo );
int openpgp_md_test_algo( int algo );
2009-08-03 17:47:18 +00:00
void md5_digest_warn (int show);
void not_in_gpg1_notice (void);
2002-06-29 13:46:34 +00:00
struct expando_args
{
PKT_public_key *pk;
PKT_secret_key *sk;
byte imagetype;
int validity_info;
const char *validity_string;
2002-06-29 13:46:34 +00:00
};
char *pct_expando(const char *string,struct expando_args *args);
void deprecated_warning(const char *configname,unsigned int configlineno,
const char *option,const char *repl1,const char *repl2);
void deprecated_command (const char *name);
2002-06-29 13:46:34 +00:00
const char *compress_algo_to_string(int algo);
int string_to_compress_algo(const char *string);
2002-06-29 13:46:34 +00:00
int check_compress_algo(int algo);
int default_cipher_algo(void);
int default_compress_algo(void);
* packet.h, build-packet.c (build_sig_subpkt), export.c (do_export_stream), import.c (remove_bad_stuff, import), parse-packet.c (dump_sig_subpkt, parse_one_sig_subpkt): Remove vestigal code for the old sig cache subpacket. This wasn't completely harmless as it caused subpacket 101 to disappear on import and export. * options.h, armor.c, cipher.c, g10.c, keyedit.c, pkclist.c, sign.c, encode.c, getkey.c, revoke.c: The current flags for different levels of PGP-ness are massively complex. This is step one in simplifying them. No functional change yet, just use a macro to check for compliance level. * sign.c (sign_file): Fix bug that causes spurious compression preference warning. * sign.c (clearsign_file): Fix bug that prevents proper warning message from appearing when clearsigning in --pgp2 mode with a non-v3 RSA key. * main.h, misc.c (compliance_option_string, compliance_string, compliance_failure), pkclist.c (build_pk_list), sign.c (sign_file, clearsign_file), encode.c (encode_crypt, write_pubkey_enc_from_list): New functions to put the "this message may not be usable...." warning in one place. * options.h, g10.c (main): Part two of the simplification. Use a single enum to indicate what we are compliant to (1991, 2440, PGPx, etc.) * g10.c (main): Show errors for failure in export, send-keys, recv-keys, and refresh-keys. * options.h, g10.c (main): Give algorithm warnings for algorithms chosen against the --pgpX and --openpgp rules. * keydb.h, pkclist.c (algo_available): Make TIGER192 invalid in --openpgp mode. * sign.c (sign_file), pkclist.c (algo_available): Allow passing a hint of 0.
2003-05-03 04:07:45 +00:00
const char *compliance_option_string(void);
void compliance_failure(void);
struct parse_options
{
char *name;
unsigned int bit;
char **value;
char *help;
};
char *optsep(char **stringp);
char *argsplit(char *string);
int parse_options(char *str,unsigned int *options,
struct parse_options *opts,int noisy);
char *unescape_percent_string (const unsigned char *s);
char *default_homedir (void);
const char *get_libexecdir (void);
int path_access(const char *file,int mode);
/*-- helptext.c --*/
void display_online_help( const char *keyword );
1997-11-18 14:06:00 +00:00
/*-- encode.c --*/
int setup_symkey(STRING2KEY **symkey_s2k,DEK **symkey_dek);
1997-11-18 14:06:00 +00:00
int encode_symmetric( const char *filename );
int encode_store( const char *filename );
int encode_crypt( const char *filename, STRLIST remusr, int use_symkey );
2002-06-29 13:46:34 +00:00
void encode_crypt_files(int nfiles, char **files, STRLIST remusr);
1998-01-02 20:40:10 +00:00
int encrypt_filter( void *opaque, int control,
IOBUF a, byte *buf, size_t *ret_len);
1997-11-18 14:06:00 +00:00
1997-11-24 11:04:11 +00:00
/*-- sign.c --*/
2002-06-29 13:46:34 +00:00
int complete_sig( PKT_signature *sig, PKT_secret_key *sk, MD_HANDLE md );
1998-01-13 19:04:23 +00:00
int sign_file( STRLIST filenames, int detached, STRLIST locusr,
int do_encrypt, STRLIST remusr, const char *outfile );
1998-02-04 18:54:31 +00:00
int clearsign_file( const char *fname, STRLIST locusr, const char *outfile );
2002-06-29 13:46:34 +00:00
int sign_symencrypt_file (const char *fname, STRLIST locusr);
1998-04-09 11:19:09 +00:00
/*-- sig-check.c --*/
int check_revocation_keys (PKT_public_key *pk, PKT_signature *sig);
int check_backsig(PKT_public_key *main_pk,PKT_public_key *sub_pk,
PKT_signature *backsig);
1998-04-09 11:19:09 +00:00
int check_key_signature( KBNODE root, KBNODE node, int *is_selfsig );
int check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
PKT_public_key *ret_pk, int *is_selfsig,
u32 *r_expiredate, int *r_expired );
1998-04-09 11:19:09 +00:00
1998-09-11 05:47:32 +00:00
/*-- delkey.c --*/
2002-06-29 13:46:34 +00:00
int delete_keys( STRLIST names, int secret, int allow_both );
1998-09-11 05:47:32 +00:00
/*-- keyedit.c --*/
void keyedit_menu( const char *username, STRLIST locusr,
STRLIST commands, int quiet, int seckey_check );
void show_basic_key_info (KBNODE keyblock);
1997-11-24 11:04:11 +00:00
1997-11-18 14:06:00 +00:00
/*-- keygen.c --*/
u32 parse_expire_string(u32 timestamp,const char *string);
u32 ask_expire_interval(u32 timestamp,int object,const char *def_expire);
void generate_keypair( const char *fname, const char *card_serialno,
const char *backup_encryption_dir );
2002-06-29 13:46:34 +00:00
int keygen_set_std_prefs (const char *string,int personal);
PKT_user_id *keygen_get_std_prefs (void);
int keygen_add_key_expire( PKT_signature *sig, void *opaque );
1998-07-29 19:35:05 +00:00
int keygen_add_std_prefs( PKT_signature *sig, void *opaque );
2002-06-29 13:46:34 +00:00
int keygen_upd_std_prefs( PKT_signature *sig, void *opaque );
int keygen_add_keyserver_url(PKT_signature *sig, void *opaque);
int keygen_add_notations(PKT_signature *sig,void *opaque);
2002-06-29 13:46:34 +00:00
int keygen_add_revkey(PKT_signature *sig, void *opaque);
int make_backsig(PKT_signature *sig,PKT_public_key *pk,
PKT_public_key *sub_pk,PKT_secret_key *sub_sk,
u32 timestamp);
1998-07-29 19:35:05 +00:00
int generate_subkeypair( KBNODE pub_keyblock, KBNODE sec_keyblock );
#ifdef ENABLE_CARD_SUPPORT
int generate_card_subkeypair (KBNODE pub_keyblock, KBNODE sec_keyblock,
int keyno, const char *serialno);
int save_unprotected_key_to_card (PKT_secret_key *sk, int keyno);
#endif
1997-11-18 14:06:00 +00:00
1997-11-24 11:04:11 +00:00
/*-- openfile.c --*/
1997-11-18 14:06:00 +00:00
int overwrite_filep( const char *fname );
char *make_outfile_name( const char *iname );
char *ask_outfile_name( const char *name, size_t namelen );
1998-08-11 17:29:34 +00:00
int open_outfile( const char *iname, int mode, IOBUF *a );
char *get_matching_datafile (const char *sigfilename);
IOBUF open_sigfile( const char *iname, progress_filter_context_t *pfx );
void try_make_homedir( const char *fname );
1997-11-18 14:06:00 +00:00
1997-11-24 22:24:04 +00:00
/*-- seskey.c --*/
void make_session_key( DEK *dek );
MPI encode_session_key( DEK *dek, unsigned nbits );
MPI pkcs1_encode_md( MD_HANDLE md, int algo, size_t len, unsigned nbits,
const byte *asn, size_t asnlen );
MPI encode_md_value( PKT_public_key *pk, PKT_secret_key *sk,
MD_HANDLE md, int hash_algo );
1997-11-24 22:24:04 +00:00
1998-01-16 21:15:24 +00:00
/*-- import.c --*/
typedef int (*import_filter_t)(kbnode_t keyblock, void *arg);
int parse_import_options(char *str,unsigned int *options,int noisy);
2002-09-23 13:03:52 +00:00
void import_keys( char **fnames, int nnames,
void *stats_hd, unsigned int options );
int import_keys_stream (IOBUF inp,void *stats_hd,unsigned char **fpr,
size_t *fpr_len,unsigned int options,
import_filter_t filter, void *filter_arg,
int *r_gpgkeys_err);
2002-06-29 13:46:34 +00:00
void *import_new_stats_handle (void);
void import_release_stats_handle (void *p);
void import_print_stats (void *hd);
int collapse_uids( KBNODE *keyblock );
int auto_create_card_key_stub ( const char *serialnostr,
const unsigned char *fpr1,
const unsigned char *fpr2,
const unsigned char *fpr3);
1998-01-26 22:09:01 +00:00
/*-- export.c --*/
int parse_export_options(char *str,unsigned int *options,int noisy);
int export_pubkeys( STRLIST users, unsigned int options );
int export_pubkeys_stream( IOBUF out, STRLIST users,
KBNODE *keyblock_out, unsigned int options );
1998-06-29 12:30:57 +00:00
int export_seckeys( STRLIST users );
int export_secsubkeys( STRLIST users );
1998-06-29 12:30:57 +00:00
1998-02-16 20:05:02 +00:00
/* dearmor.c --*/
int dearmor_file( const char *fname );
1998-02-17 20:48:52 +00:00
int enarmor_file( const char *fname );
1998-01-16 21:15:24 +00:00
1998-02-16 20:05:02 +00:00
/*-- revoke.c --*/
struct revocation_reason_info;
1998-02-16 20:05:02 +00:00
int gen_revoke( const char *uname );
int gen_desig_revoke( const char *uname, STRLIST locusr);
int revocation_reason_build_cb( PKT_signature *sig, void *opaque );
struct revocation_reason_info *
ask_revocation_reason( int key_rev, int cert_rev, int hint );
void release_revocation_reason_info( struct revocation_reason_info *reason );
1997-12-31 12:32:54 +00:00
1998-03-05 09:22:13 +00:00
/*-- keylist.c --*/
void public_key_list( STRLIST list );
void secret_key_list( STRLIST list );
void print_subpackets_colon(PKT_signature *sig);
void reorder_keyblock (KBNODE keyblock);
2002-06-29 13:46:34 +00:00
void list_keyblock( KBNODE keyblock, int secret, int fpr, void *opaque );
void print_fingerprint (PKT_public_key *pk, PKT_secret_key *sk, int mode);
void print_revokers(PKT_public_key *pk);
void show_policy_url(PKT_signature *sig,int indent,int mode);
void show_keyserver_url(PKT_signature *sig,int indent,int mode);
void show_notation(PKT_signature *sig,int indent,int mode,int which);
* trustdb.h, trustdb.c (is_disabled), gpgv.c (is_disabled): Rename is_disabled to cache_disabled_value, which now takes a pk and not just the keyid. This is for speed since there is no need to re-fetch a key when we already have that key handy. Cache the result of the check so we don't need to hit the trustdb more than once. * getkey.c (skip_disabled): New function to get a pk and call is_disabled on it. (key_byname): Use it here. * packet.h, getkey.c (skip_disabled), keylist.c (print_capabilities): New "pk_is_disabled" macro to retrieve the cached disabled value if available, and fill it in via cache_disabled_value if not available. * trustdb.c (get_validity): Cache the disabled value since we have it handy and it might be useful later. * parse-packet.c (parse_key): Clear disabled flag when parsing a new key. Just in case someone forgets to clear the whole key. * getkey.c (merge_selfsigs_main): Add an "if all else fails" path for setting a single user ID primary when there are multiple set primaries all at the same second, or no primaries set and the most recent user IDs are at the same second, or no signed user IDs at all. This is arbitrary, but deterministic. * exec.h, photoid.h: Add copyright message. * keylist.c (list_keyblock_print): Don't dump attribs for revoked/expired/etc uids for non-colon key listings. This is for consistency with --show-photos. * main.h, keylist.c (dump_attribs), mainproc.c (check_sig_and_print): Dump attribs if --attrib-fd is set when verifying signatures. * g10.c (main): New --gnupg option to disable the various --openpgp, --pgpX, etc. options. This is the same as --no-XXXX for those options. * revoke.c (ask_revocation_reason): Clear old reason if user elects to repeat question. This is bug 153. * keyedit.c (sign_uids): Show keyid of the key making the signature.
2003-05-21 16:42:22 +00:00
void dump_attribs(const PKT_user_id *uid,
PKT_public_key *pk,PKT_secret_key *sk);
2002-06-29 13:46:34 +00:00
void set_attrib_fd(int fd);
void print_seckey_info (PKT_secret_key *sk);
void print_pubkey_info (FILE *fp, PKT_public_key *pk);
void print_card_key_info (FILE *fp, KBNODE keyblock);
1998-03-09 21:44:06 +00:00
/*-- verify.c --*/
2002-06-29 13:46:34 +00:00
void print_file_status( int status, const char *name, int what );
1998-03-09 21:44:06 +00:00
int verify_signatures( int nfiles, char **files );
int verify_files( int nfiles, char **files );
1998-03-09 21:44:06 +00:00
/*-- decrypt.c --*/
int decrypt_message( const char *filename );
void decrypt_messages(int nfiles, char *files[]);
1998-03-09 21:44:06 +00:00
/*-- plaintext.c --*/
2002-06-29 13:46:34 +00:00
int hash_datafiles( MD_HANDLE md, MD_HANDLE md2,
STRLIST files, const char *sigfilename, int textmode );
PKT_plaintext *setup_plaintext_name(const char *filename,IOBUF iobuf);
1998-03-05 09:22:13 +00:00
2002-06-29 13:46:34 +00:00
/*-- pipemode.c --*/
void run_in_pipemode (void);
1998-03-19 15:27:29 +00:00
/*-- signal.c --*/
void init_signals(void);
1998-08-11 17:29:34 +00:00
void pause_on_sigusr( int which );
1998-11-08 17:23:14 +00:00
void block_all_signals(void);
void unblock_all_signals(void);
1998-03-19 15:27:29 +00:00
#ifdef ENABLE_CARD_SUPPORT
/*-- card-util.c --*/
void change_pin (int no, int allow_admin);
void card_status (FILE *fp, char *serialno, size_t serialnobuflen);
void card_edit (STRLIST commands);
int card_generate_subkey (KBNODE pub_keyblock, KBNODE sec_keyblock);
int card_store_subkey (KBNODE node, int use);
#endif
#define S2K_DECODE_COUNT(_val) ((16ul + ((_val) & 15)) << (((_val) >> 4) + 6))
2002-06-29 13:46:34 +00:00
#endif /*G10_MAIN_H*/