1997-11-18 15:06:00 +01:00
|
|
|
/* keygen.c - generate a key pair
|
2006-03-09 00:30:12 +01:00
|
|
|
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
|
|
|
|
* 2006 Free Software Foundation, Inc.
|
1997-11-18 15:06:00 +01:00
|
|
|
*
|
1998-12-23 13:41:40 +01:00
|
|
|
* This file is part of GnuPG.
|
1997-11-18 15:06:00 +01:00
|
|
|
*
|
1998-12-23 13:41:40 +01:00
|
|
|
* GnuPG is free software; you can redistribute it and/or modify
|
1997-11-18 15:06:00 +01:00
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
|
|
* (at your option) any later version.
|
|
|
|
*
|
1998-12-23 13:41:40 +01:00
|
|
|
* GnuPG is distributed in the hope that it will be useful,
|
1997-11-18 15:06:00 +01:00
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program; if not, write to the Free Software
|
2005-05-31 10:39:18 +02:00
|
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
|
|
|
|
* USA.
|
1997-11-18 15:06:00 +01:00
|
|
|
*/
|
|
|
|
|
|
|
|
#include <config.h>
|
|
|
|
#include <stdio.h>
|
|
|
|
#include <stdlib.h>
|
|
|
|
#include <string.h>
|
1998-01-12 11:18:17 +01:00
|
|
|
#include <ctype.h>
|
1997-11-18 15:06:00 +01:00
|
|
|
#include <errno.h>
|
|
|
|
#include <assert.h>
|
2004-05-11 09:43:19 +02:00
|
|
|
#include <sys/types.h>
|
|
|
|
#include <sys/stat.h>
|
|
|
|
#include <unistd.h>
|
1997-11-18 15:06:00 +01:00
|
|
|
#include "util.h"
|
|
|
|
#include "main.h"
|
|
|
|
#include "packet.h"
|
2002-06-29 15:46:34 +02:00
|
|
|
#include "cipher.h"
|
1997-11-18 15:06:00 +01:00
|
|
|
#include "ttyio.h"
|
|
|
|
#include "options.h"
|
1997-12-16 20:15:09 +01:00
|
|
|
#include "keydb.h"
|
2002-06-29 15:46:34 +02:00
|
|
|
#include "trustdb.h"
|
1998-08-05 18:51:59 +02:00
|
|
|
#include "status.h"
|
1998-01-28 17:09:43 +01:00
|
|
|
#include "i18n.h"
|
2003-10-08 17:21:20 +02:00
|
|
|
#include "cardglue.h"
|
1997-11-18 15:06:00 +01:00
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
#define MAX_PREFS 30
|
|
|
|
|
2000-07-14 19:34:53 +02:00
|
|
|
enum para_name {
|
|
|
|
pKEYTYPE,
|
|
|
|
pKEYLENGTH,
|
2002-06-29 15:46:34 +02:00
|
|
|
pKEYUSAGE,
|
2000-07-14 19:34:53 +02:00
|
|
|
pSUBKEYTYPE,
|
|
|
|
pSUBKEYLENGTH,
|
2002-06-29 15:46:34 +02:00
|
|
|
pSUBKEYUSAGE,
|
2003-10-08 17:21:20 +02:00
|
|
|
pAUTHKEYTYPE,
|
2000-07-14 19:34:53 +02:00
|
|
|
pNAMEREAL,
|
|
|
|
pNAMEEMAIL,
|
|
|
|
pNAMECOMMENT,
|
2002-06-29 15:46:34 +02:00
|
|
|
pPREFERENCES,
|
|
|
|
pREVOKER,
|
2000-07-14 19:34:53 +02:00
|
|
|
pUSERID,
|
|
|
|
pEXPIREDATE,
|
|
|
|
pKEYEXPIRE, /* in n seconds */
|
|
|
|
pSUBKEYEXPIRE, /* in n seconds */
|
|
|
|
pPASSPHRASE,
|
|
|
|
pPASSPHRASE_DEK,
|
2003-10-08 17:21:20 +02:00
|
|
|
pPASSPHRASE_S2K,
|
2004-09-23 21:34:45 +02:00
|
|
|
pSERIALNO,
|
2004-10-13 09:10:51 +02:00
|
|
|
pBACKUPENCDIR,
|
|
|
|
pHANDLE
|
2000-07-14 19:34:53 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
struct para_data_s {
|
|
|
|
struct para_data_s *next;
|
|
|
|
int lnr;
|
|
|
|
enum para_name key;
|
|
|
|
union {
|
2002-06-29 15:46:34 +02:00
|
|
|
DEK *dek;
|
|
|
|
STRING2KEY *s2k;
|
|
|
|
u32 expire;
|
|
|
|
unsigned int usage;
|
|
|
|
struct revocation_key revkey;
|
|
|
|
char value[1];
|
2000-07-14 19:34:53 +02:00
|
|
|
} u;
|
|
|
|
};
|
|
|
|
|
|
|
|
struct output_control_s {
|
|
|
|
int lnr;
|
|
|
|
int dryrun;
|
|
|
|
int use_files;
|
|
|
|
struct {
|
|
|
|
char *fname;
|
|
|
|
char *newfname;
|
|
|
|
IOBUF stream;
|
|
|
|
armor_filter_context_t afx;
|
|
|
|
} pub;
|
|
|
|
struct {
|
|
|
|
char *fname;
|
|
|
|
char *newfname;
|
|
|
|
IOBUF stream;
|
|
|
|
armor_filter_context_t afx;
|
|
|
|
} sec;
|
|
|
|
};
|
|
|
|
|
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
struct opaque_data_usage_and_pk {
|
|
|
|
unsigned int usage;
|
|
|
|
PKT_public_key *pk;
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
static int prefs_initialized = 0;
|
|
|
|
static byte sym_prefs[MAX_PREFS];
|
|
|
|
static int nsym_prefs;
|
|
|
|
static byte hash_prefs[MAX_PREFS];
|
|
|
|
static int nhash_prefs;
|
|
|
|
static byte zip_prefs[MAX_PREFS];
|
|
|
|
static int nzip_prefs;
|
2003-02-23 00:58:39 +01:00
|
|
|
static int mdc_available,ks_modify;
|
2002-06-29 15:46:34 +02:00
|
|
|
|
2000-07-14 19:34:53 +02:00
|
|
|
static void do_generate_keypair( struct para_data_s *para,
|
2003-10-08 17:21:20 +02:00
|
|
|
struct output_control_s *outctrl, int card );
|
2000-07-14 19:34:53 +02:00
|
|
|
static int write_keyblock( IOBUF out, KBNODE node );
|
2004-09-20 20:38:39 +02:00
|
|
|
static int gen_card_key (int algo, int keyno, int is_primary,
|
|
|
|
KBNODE pub_root, KBNODE sec_root,
|
2003-10-08 17:21:20 +02:00
|
|
|
u32 expireval, struct para_data_s *para);
|
2004-09-23 21:34:45 +02:00
|
|
|
static int gen_card_key_with_backup (int algo, int keyno, int is_primary,
|
|
|
|
KBNODE pub_root, KBNODE sec_root,
|
|
|
|
u32 expireval, struct para_data_s *para,
|
|
|
|
const char *backup_dir);
|
|
|
|
|
|
|
|
|
2004-10-13 09:10:51 +02:00
|
|
|
static void
|
|
|
|
print_status_key_created (int letter, PKT_public_key *pk, const char *handle)
|
|
|
|
{
|
2004-10-14 09:11:57 +02:00
|
|
|
byte array[MAX_FINGERPRINT_LEN], *s;
|
2004-10-13 09:10:51 +02:00
|
|
|
char *buf, *p;
|
|
|
|
size_t i, n;
|
|
|
|
|
|
|
|
if (!handle)
|
|
|
|
handle = "";
|
|
|
|
|
|
|
|
buf = xmalloc (MAX_FINGERPRINT_LEN*2+31 + strlen (handle) + 1);
|
|
|
|
|
|
|
|
p = buf;
|
|
|
|
if (letter || pk)
|
|
|
|
{
|
|
|
|
*p++ = letter;
|
|
|
|
*p++ = ' ';
|
|
|
|
fingerprint_from_pk (pk, array, &n);
|
|
|
|
s = array;
|
|
|
|
for (i=0; i < n ; i++, s++, p += 2)
|
|
|
|
sprintf (p, "%02X", *s);
|
|
|
|
}
|
|
|
|
if (*handle)
|
|
|
|
{
|
|
|
|
*p++ = ' ';
|
|
|
|
for (i=0; handle[i] && i < 100; i++)
|
|
|
|
*p++ = isspace ((unsigned int)handle[i])? '_':handle[i];
|
|
|
|
}
|
|
|
|
*p = 0;
|
|
|
|
write_status_text ((letter || pk)?STATUS_KEY_CREATED:STATUS_KEY_NOT_CREATED,
|
|
|
|
buf);
|
|
|
|
xfree (buf);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
print_status_key_not_created (const char *handle)
|
|
|
|
{
|
|
|
|
print_status_key_created (0, NULL, handle);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
1997-11-18 15:06:00 +01:00
|
|
|
static void
|
1997-12-16 20:15:09 +01:00
|
|
|
write_uid( KBNODE root, const char *s )
|
1997-11-18 15:06:00 +01:00
|
|
|
{
|
2005-07-27 20:10:56 +02:00
|
|
|
PACKET *pkt = xmalloc_clear(sizeof *pkt );
|
1997-11-18 15:06:00 +01:00
|
|
|
size_t n = strlen(s);
|
|
|
|
|
1997-12-16 20:15:09 +01:00
|
|
|
pkt->pkttype = PKT_USER_ID;
|
2005-07-27 20:10:56 +02:00
|
|
|
pkt->pkt.user_id = xmalloc_clear( sizeof *pkt->pkt.user_id + n - 1 );
|
1997-12-16 20:15:09 +01:00
|
|
|
pkt->pkt.user_id->len = n;
|
2002-06-29 15:46:34 +02:00
|
|
|
pkt->pkt.user_id->ref = 1;
|
1997-12-16 20:15:09 +01:00
|
|
|
strcpy(pkt->pkt.user_id->name, s);
|
|
|
|
add_kbnode( root, new_kbnode( pkt ) );
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
static void
|
|
|
|
do_add_key_flags (PKT_signature *sig, unsigned int use)
|
|
|
|
{
|
|
|
|
byte buf[1];
|
|
|
|
|
|
|
|
buf[0] = 0;
|
2004-10-10 16:19:39 +02:00
|
|
|
|
|
|
|
/* The spec says that all primary keys MUST be able to certify. */
|
|
|
|
if(sig->sig_class!=0x18)
|
|
|
|
buf[0] |= 0x01;
|
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
if (use & PUBKEY_USAGE_SIG)
|
2004-10-10 16:19:39 +02:00
|
|
|
buf[0] |= 0x02;
|
2002-06-29 15:46:34 +02:00
|
|
|
if (use & PUBKEY_USAGE_ENC)
|
|
|
|
buf[0] |= 0x04 | 0x08;
|
2003-09-30 10:00:08 +02:00
|
|
|
if (use & PUBKEY_USAGE_AUTH)
|
|
|
|
buf[0] |= 0x20;
|
2005-08-27 05:09:40 +02:00
|
|
|
|
|
|
|
if (!buf[0])
|
|
|
|
return;
|
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
build_sig_subpkt (sig, SIGSUBPKT_KEY_FLAGS, buf, 1);
|
|
|
|
}
|
1997-11-18 15:06:00 +01:00
|
|
|
|
1998-06-25 12:19:08 +02:00
|
|
|
|
2002-12-01 21:59:04 +01:00
|
|
|
int
|
2002-12-04 19:50:10 +01:00
|
|
|
keygen_add_key_expire( PKT_signature *sig, void *opaque )
|
2002-12-01 21:59:04 +01:00
|
|
|
{
|
2002-12-04 19:50:10 +01:00
|
|
|
PKT_public_key *pk = opaque;
|
|
|
|
byte buf[8];
|
|
|
|
u32 u;
|
|
|
|
|
|
|
|
if( pk->expiredate ) {
|
|
|
|
if(pk->expiredate > pk->timestamp)
|
|
|
|
u= pk->expiredate - pk->timestamp;
|
|
|
|
else
|
|
|
|
u= 0;
|
|
|
|
|
|
|
|
buf[0] = (u >> 24) & 0xff;
|
|
|
|
buf[1] = (u >> 16) & 0xff;
|
|
|
|
buf[2] = (u >> 8) & 0xff;
|
|
|
|
buf[3] = u & 0xff;
|
|
|
|
build_sig_subpkt( sig, SIGSUBPKT_KEY_EXPIRE, buf, 4 );
|
|
|
|
}
|
2002-12-26 23:22:50 +01:00
|
|
|
else
|
|
|
|
{
|
|
|
|
/* Make sure we don't leave a key expiration subpacket lying
|
|
|
|
around */
|
|
|
|
delete_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE);
|
|
|
|
}
|
2002-12-01 21:59:04 +01:00
|
|
|
|
2002-12-04 19:50:10 +01:00
|
|
|
return 0;
|
1998-06-25 12:19:08 +02:00
|
|
|
}
|
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
static int
|
|
|
|
keygen_add_key_flags_and_expire (PKT_signature *sig, void *opaque)
|
|
|
|
{
|
2002-12-04 19:50:10 +01:00
|
|
|
struct opaque_data_usage_and_pk *oduap = opaque;
|
2002-06-29 15:46:34 +02:00
|
|
|
|
2002-12-04 19:50:10 +01:00
|
|
|
do_add_key_flags (sig, oduap->usage);
|
|
|
|
return keygen_add_key_expire (sig, oduap->pk);
|
2002-06-29 15:46:34 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
2002-11-03 01:00:42 +01:00
|
|
|
set_one_pref (int val, int type, const char *item, byte *buf, int *nbuf)
|
2002-06-29 15:46:34 +02:00
|
|
|
{
|
|
|
|
int i;
|
|
|
|
|
2002-11-03 01:00:42 +01:00
|
|
|
for (i=0; i < *nbuf; i++ )
|
|
|
|
if (buf[i] == val)
|
|
|
|
{
|
|
|
|
log_info (_("preference `%s' duplicated\n"), item);
|
|
|
|
return -1;
|
2002-06-29 15:46:34 +02:00
|
|
|
}
|
2002-11-03 01:00:42 +01:00
|
|
|
|
|
|
|
if (*nbuf >= MAX_PREFS)
|
|
|
|
{
|
|
|
|
if(type==1)
|
|
|
|
log_info(_("too many cipher preferences\n"));
|
|
|
|
else if(type==2)
|
|
|
|
log_info(_("too many digest preferences\n"));
|
|
|
|
else if(type==3)
|
|
|
|
log_info(_("too many compression preferences\n"));
|
|
|
|
else
|
|
|
|
BUG();
|
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
return -1;
|
2002-11-03 01:00:42 +01:00
|
|
|
}
|
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
buf[(*nbuf)++] = val;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
2002-11-03 01:00:42 +01:00
|
|
|
* Parse the supplied string and use it to set the standard
|
|
|
|
* preferences. The string may be in a form like the one printed by
|
|
|
|
* "pref" (something like: "S10 S3 H3 H2 Z2 Z1") or the actual
|
|
|
|
* cipher/hash/compress names. Use NULL to set the default
|
|
|
|
* preferences. Returns: 0 = okay
|
2002-06-29 15:46:34 +02:00
|
|
|
*/
|
|
|
|
int
|
|
|
|
keygen_set_std_prefs (const char *string,int personal)
|
|
|
|
{
|
|
|
|
byte sym[MAX_PREFS], hash[MAX_PREFS], zip[MAX_PREFS];
|
2003-02-23 00:58:39 +01:00
|
|
|
int nsym=0, nhash=0, nzip=0, val, rc=0;
|
|
|
|
int mdc=1, modify=0; /* mdc defaults on, modify defaults off. */
|
2005-04-01 11:03:15 +02:00
|
|
|
char dummy_string[45+1]; /* Enough for 15 items. */
|
2002-06-29 15:46:34 +02:00
|
|
|
|
2004-02-10 23:42:34 +01:00
|
|
|
if (!string || !ascii_strcasecmp (string, "default"))
|
|
|
|
{
|
|
|
|
if (opt.def_preference_list)
|
|
|
|
string=opt.def_preference_list;
|
|
|
|
else
|
|
|
|
{
|
|
|
|
dummy_string[0]='\0';
|
|
|
|
|
2005-04-01 11:03:15 +02:00
|
|
|
/* The rationale why we use the order AES256,192,128 is
|
|
|
|
for compatibility reasons with PGP. If gpg would
|
|
|
|
define AES128 first, we would get the somewhat
|
|
|
|
confusing situation:
|
|
|
|
|
|
|
|
gpg -r pgpkey -r gpgkey ---gives--> AES256
|
|
|
|
gpg -r gpgkey -r pgpkey ---gives--> AES
|
|
|
|
|
|
|
|
Note that by using --personal-cipher-preferences it is
|
|
|
|
possible to prefer AES128.
|
|
|
|
*/
|
|
|
|
|
2004-02-10 23:42:34 +01:00
|
|
|
/* Make sure we do not add more than 15 items here, as we
|
2005-05-05 23:18:47 +02:00
|
|
|
could overflow the size of dummy_string. We currently
|
|
|
|
have at most 12. */
|
2004-02-10 23:42:34 +01:00
|
|
|
if(!check_cipher_algo(CIPHER_ALGO_AES256))
|
|
|
|
strcat(dummy_string,"S9 ");
|
|
|
|
if(!check_cipher_algo(CIPHER_ALGO_AES192))
|
|
|
|
strcat(dummy_string,"S8 ");
|
|
|
|
if(!check_cipher_algo(CIPHER_ALGO_AES))
|
|
|
|
strcat(dummy_string,"S7 ");
|
|
|
|
if(!check_cipher_algo(CIPHER_ALGO_CAST5))
|
|
|
|
strcat(dummy_string,"S3 ");
|
|
|
|
strcat(dummy_string,"S2 "); /* 3DES */
|
|
|
|
/* If we have it, IDEA goes *after* 3DES so it won't be
|
|
|
|
used unless we're encrypting along with a V3 key.
|
|
|
|
Ideally, we would only put the S1 preference in if the
|
|
|
|
key was RSA and <=2048 bits, as that is what won't
|
|
|
|
break PGP2, but that is difficult with the current
|
|
|
|
code, and not really worth checking as a non-RSA <=2048
|
|
|
|
bit key wouldn't be usable by PGP2 anyway. -dms */
|
|
|
|
if(!check_cipher_algo(CIPHER_ALGO_IDEA))
|
|
|
|
strcat(dummy_string,"S1 ");
|
|
|
|
|
2005-05-05 23:18:47 +02:00
|
|
|
/* SHA-1 */
|
|
|
|
strcat(dummy_string,"H2 ");
|
|
|
|
|
|
|
|
if(!check_digest_algo(DIGEST_ALGO_SHA256))
|
|
|
|
strcat(dummy_string,"H8 ");
|
|
|
|
|
|
|
|
/* RIPEMD160 */
|
|
|
|
strcat(dummy_string,"H3 ");
|
|
|
|
|
|
|
|
/* ZLIB */
|
|
|
|
strcat(dummy_string,"Z2 ");
|
|
|
|
|
|
|
|
if(!check_compress_algo(COMPRESS_ALGO_BZIP2))
|
|
|
|
strcat(dummy_string,"Z3 ");
|
|
|
|
|
|
|
|
/* ZIP */
|
|
|
|
strcat(dummy_string,"Z1");
|
2004-02-10 23:42:34 +01:00
|
|
|
|
|
|
|
string=dummy_string;
|
|
|
|
}
|
|
|
|
}
|
2002-06-29 15:46:34 +02:00
|
|
|
else if (!ascii_strcasecmp (string, "none"))
|
|
|
|
string = "";
|
|
|
|
|
2002-11-21 17:25:05 +01:00
|
|
|
if(strlen(string))
|
2002-11-03 01:00:42 +01:00
|
|
|
{
|
2002-11-21 17:25:05 +01:00
|
|
|
char *tok,*prefstring;
|
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
prefstring=xstrdup(string); /* need a writable string! */
|
2002-11-21 17:25:05 +01:00
|
|
|
|
|
|
|
while((tok=strsep(&prefstring," ,")))
|
2002-11-03 01:00:42 +01:00
|
|
|
{
|
2002-11-21 17:25:05 +01:00
|
|
|
if((val=string_to_cipher_algo(tok)))
|
|
|
|
{
|
|
|
|
if(set_one_pref(val,1,tok,sym,&nsym))
|
|
|
|
rc=-1;
|
|
|
|
}
|
|
|
|
else if((val=string_to_digest_algo(tok)))
|
|
|
|
{
|
|
|
|
if(set_one_pref(val,2,tok,hash,&nhash))
|
|
|
|
rc=-1;
|
|
|
|
}
|
|
|
|
else if((val=string_to_compress_algo(tok))>-1)
|
|
|
|
{
|
|
|
|
if(set_one_pref(val,3,tok,zip,&nzip))
|
|
|
|
rc=-1;
|
|
|
|
}
|
|
|
|
else if (ascii_strcasecmp(tok,"mdc")==0)
|
|
|
|
mdc=1;
|
|
|
|
else if (ascii_strcasecmp(tok,"no-mdc")==0)
|
|
|
|
mdc=0;
|
2003-02-23 00:58:39 +01:00
|
|
|
else if (ascii_strcasecmp(tok,"ks-modify")==0)
|
|
|
|
modify=1;
|
|
|
|
else if (ascii_strcasecmp(tok,"no-ks-modify")==0)
|
|
|
|
modify=0;
|
2002-11-21 17:25:05 +01:00
|
|
|
else
|
|
|
|
{
|
|
|
|
log_info (_("invalid item `%s' in preference string\n"),tok);
|
2003-01-07 16:30:02 +01:00
|
|
|
|
|
|
|
/* Complain if IDEA is not available. */
|
|
|
|
if(ascii_strcasecmp(tok,"s1")==0
|
|
|
|
|| ascii_strcasecmp(tok,"idea")==0)
|
|
|
|
idea_cipher_warn(1);
|
|
|
|
|
2002-11-21 17:25:05 +01:00
|
|
|
rc=-1;
|
|
|
|
}
|
2002-11-03 01:00:42 +01:00
|
|
|
}
|
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree(prefstring);
|
2002-11-21 17:25:05 +01:00
|
|
|
}
|
2002-06-29 15:46:34 +02:00
|
|
|
|
2002-11-03 01:00:42 +01:00
|
|
|
if(!rc)
|
2002-06-29 15:46:34 +02:00
|
|
|
{
|
|
|
|
if(personal)
|
|
|
|
{
|
|
|
|
if(personal==PREFTYPE_SYM)
|
|
|
|
{
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree(opt.personal_cipher_prefs);
|
2002-06-29 15:46:34 +02:00
|
|
|
|
|
|
|
if(nsym==0)
|
|
|
|
opt.personal_cipher_prefs=NULL;
|
|
|
|
else
|
|
|
|
{
|
|
|
|
int i;
|
|
|
|
|
|
|
|
opt.personal_cipher_prefs=
|
2005-07-27 20:10:56 +02:00
|
|
|
xmalloc(sizeof(prefitem_t *)*(nsym+1));
|
2002-06-29 15:46:34 +02:00
|
|
|
|
|
|
|
for (i=0; i<nsym; i++)
|
|
|
|
{
|
|
|
|
opt.personal_cipher_prefs[i].type = PREFTYPE_SYM;
|
|
|
|
opt.personal_cipher_prefs[i].value = sym[i];
|
|
|
|
}
|
|
|
|
|
|
|
|
opt.personal_cipher_prefs[i].type = PREFTYPE_NONE;
|
|
|
|
opt.personal_cipher_prefs[i].value = 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else if(personal==PREFTYPE_HASH)
|
|
|
|
{
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree(opt.personal_digest_prefs);
|
2002-06-29 15:46:34 +02:00
|
|
|
|
|
|
|
if(nhash==0)
|
|
|
|
opt.personal_digest_prefs=NULL;
|
|
|
|
else
|
|
|
|
{
|
|
|
|
int i;
|
|
|
|
|
|
|
|
opt.personal_digest_prefs=
|
2005-07-27 20:10:56 +02:00
|
|
|
xmalloc(sizeof(prefitem_t *)*(nhash+1));
|
2002-06-29 15:46:34 +02:00
|
|
|
|
|
|
|
for (i=0; i<nhash; i++)
|
|
|
|
{
|
|
|
|
opt.personal_digest_prefs[i].type = PREFTYPE_HASH;
|
|
|
|
opt.personal_digest_prefs[i].value = hash[i];
|
|
|
|
}
|
|
|
|
|
|
|
|
opt.personal_digest_prefs[i].type = PREFTYPE_NONE;
|
|
|
|
opt.personal_digest_prefs[i].value = 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else if(personal==PREFTYPE_ZIP)
|
|
|
|
{
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree(opt.personal_compress_prefs);
|
2002-06-29 15:46:34 +02:00
|
|
|
|
|
|
|
if(nzip==0)
|
|
|
|
opt.personal_compress_prefs=NULL;
|
|
|
|
else
|
|
|
|
{
|
|
|
|
int i;
|
|
|
|
|
|
|
|
opt.personal_compress_prefs=
|
2005-07-27 20:10:56 +02:00
|
|
|
xmalloc(sizeof(prefitem_t *)*(nzip+1));
|
2002-06-29 15:46:34 +02:00
|
|
|
|
|
|
|
for (i=0; i<nzip; i++)
|
|
|
|
{
|
|
|
|
opt.personal_compress_prefs[i].type = PREFTYPE_ZIP;
|
|
|
|
opt.personal_compress_prefs[i].value = zip[i];
|
|
|
|
}
|
|
|
|
|
|
|
|
opt.personal_compress_prefs[i].type = PREFTYPE_NONE;
|
|
|
|
opt.personal_compress_prefs[i].value = 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
memcpy (sym_prefs, sym, (nsym_prefs=nsym));
|
|
|
|
memcpy (hash_prefs, hash, (nhash_prefs=nhash));
|
|
|
|
memcpy (zip_prefs, zip, (nzip_prefs=nzip));
|
|
|
|
mdc_available = mdc;
|
2003-02-23 00:58:39 +01:00
|
|
|
ks_modify = modify;
|
2002-06-29 15:46:34 +02:00
|
|
|
prefs_initialized = 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
2002-11-03 01:00:42 +01:00
|
|
|
/* Return a fake user ID containing the preferences. Caller must
|
|
|
|
free. */
|
|
|
|
PKT_user_id *keygen_get_std_prefs(void)
|
2002-06-29 15:46:34 +02:00
|
|
|
{
|
2002-11-03 01:00:42 +01:00
|
|
|
int i,j=0;
|
2005-07-27 20:10:56 +02:00
|
|
|
PKT_user_id *uid=xmalloc_clear(sizeof(PKT_user_id));
|
2002-06-29 15:46:34 +02:00
|
|
|
|
2002-11-03 01:00:42 +01:00
|
|
|
if(!prefs_initialized)
|
|
|
|
keygen_set_std_prefs(NULL,0);
|
2002-06-29 15:46:34 +02:00
|
|
|
|
2004-12-19 06:20:07 +01:00
|
|
|
uid->ref=1;
|
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
uid->prefs=xmalloc((sizeof(prefitem_t *)*
|
2002-11-03 01:00:42 +01:00
|
|
|
(nsym_prefs+nhash_prefs+nzip_prefs+1)));
|
2002-06-29 15:46:34 +02:00
|
|
|
|
2002-11-03 01:00:42 +01:00
|
|
|
for(i=0;i<nsym_prefs;i++,j++)
|
|
|
|
{
|
|
|
|
uid->prefs[j].type=PREFTYPE_SYM;
|
|
|
|
uid->prefs[j].value=sym_prefs[i];
|
|
|
|
}
|
2002-06-29 15:46:34 +02:00
|
|
|
|
2002-11-03 01:00:42 +01:00
|
|
|
for(i=0;i<nhash_prefs;i++,j++)
|
|
|
|
{
|
|
|
|
uid->prefs[j].type=PREFTYPE_HASH;
|
|
|
|
uid->prefs[j].value=hash_prefs[i];
|
|
|
|
}
|
2002-06-29 15:46:34 +02:00
|
|
|
|
2002-11-03 01:00:42 +01:00
|
|
|
for(i=0;i<nzip_prefs;i++,j++)
|
|
|
|
{
|
|
|
|
uid->prefs[j].type=PREFTYPE_ZIP;
|
|
|
|
uid->prefs[j].value=zip_prefs[i];
|
|
|
|
}
|
|
|
|
|
|
|
|
uid->prefs[j].type=PREFTYPE_NONE;
|
|
|
|
uid->prefs[j].value=0;
|
|
|
|
|
2005-11-10 23:50:46 +01:00
|
|
|
uid->flags.mdc=mdc_available;
|
|
|
|
uid->flags.ks_modify=ks_modify;
|
2002-11-03 01:00:42 +01:00
|
|
|
|
|
|
|
return uid;
|
|
|
|
}
|
2002-06-29 15:46:34 +02:00
|
|
|
|
|
|
|
static void
|
|
|
|
add_feature_mdc (PKT_signature *sig,int enabled)
|
|
|
|
{
|
|
|
|
const byte *s;
|
|
|
|
size_t n;
|
|
|
|
int i;
|
|
|
|
char *buf;
|
|
|
|
|
|
|
|
s = parse_sig_subpkt (sig->hashed, SIGSUBPKT_FEATURES, &n );
|
|
|
|
/* Already set or cleared */
|
|
|
|
if (s && n &&
|
|
|
|
((enabled && (s[0] & 0x01)) || (!enabled && !(s[0] & 0x01))))
|
|
|
|
return;
|
|
|
|
|
|
|
|
if (!s || !n) { /* create a new one */
|
|
|
|
n = 1;
|
2005-07-27 20:10:56 +02:00
|
|
|
buf = xmalloc_clear (n);
|
2002-06-29 15:46:34 +02:00
|
|
|
}
|
|
|
|
else {
|
2005-07-27 20:10:56 +02:00
|
|
|
buf = xmalloc (n);
|
2002-06-29 15:46:34 +02:00
|
|
|
memcpy (buf, s, n);
|
|
|
|
}
|
|
|
|
|
|
|
|
if(enabled)
|
|
|
|
buf[0] |= 0x01; /* MDC feature */
|
|
|
|
else
|
|
|
|
buf[0] &= ~0x01;
|
|
|
|
|
|
|
|
/* Are there any bits set? */
|
|
|
|
for(i=0;i<n;i++)
|
|
|
|
if(buf[i]!=0)
|
|
|
|
break;
|
|
|
|
|
|
|
|
if(i==n)
|
|
|
|
delete_sig_subpkt (sig->hashed, SIGSUBPKT_FEATURES);
|
|
|
|
else
|
|
|
|
build_sig_subpkt (sig, SIGSUBPKT_FEATURES, buf, n);
|
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree (buf);
|
2002-06-29 15:46:34 +02:00
|
|
|
}
|
|
|
|
|
2003-02-23 00:58:39 +01:00
|
|
|
static void
|
|
|
|
add_keyserver_modify (PKT_signature *sig,int enabled)
|
|
|
|
{
|
|
|
|
const byte *s;
|
|
|
|
size_t n;
|
|
|
|
int i;
|
|
|
|
char *buf;
|
|
|
|
|
|
|
|
/* The keyserver modify flag is a negative flag (i.e. no-modify) */
|
|
|
|
enabled=!enabled;
|
|
|
|
|
|
|
|
s = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KS_FLAGS, &n );
|
|
|
|
/* Already set or cleared */
|
|
|
|
if (s && n &&
|
|
|
|
((enabled && (s[0] & 0x80)) || (!enabled && !(s[0] & 0x80))))
|
|
|
|
return;
|
|
|
|
|
|
|
|
if (!s || !n) { /* create a new one */
|
|
|
|
n = 1;
|
2005-07-27 20:10:56 +02:00
|
|
|
buf = xmalloc_clear (n);
|
2003-02-23 00:58:39 +01:00
|
|
|
}
|
|
|
|
else {
|
2005-07-27 20:10:56 +02:00
|
|
|
buf = xmalloc (n);
|
2003-02-23 00:58:39 +01:00
|
|
|
memcpy (buf, s, n);
|
|
|
|
}
|
|
|
|
|
|
|
|
if(enabled)
|
|
|
|
buf[0] |= 0x80; /* no-modify flag */
|
|
|
|
else
|
|
|
|
buf[0] &= ~0x80;
|
|
|
|
|
|
|
|
/* Are there any bits set? */
|
|
|
|
for(i=0;i<n;i++)
|
|
|
|
if(buf[i]!=0)
|
|
|
|
break;
|
|
|
|
|
|
|
|
if(i==n)
|
|
|
|
delete_sig_subpkt (sig->hashed, SIGSUBPKT_KS_FLAGS);
|
|
|
|
else
|
|
|
|
build_sig_subpkt (sig, SIGSUBPKT_KS_FLAGS, buf, n);
|
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree (buf);
|
2003-02-23 00:58:39 +01:00
|
|
|
}
|
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
int
|
|
|
|
keygen_upd_std_prefs( PKT_signature *sig, void *opaque )
|
|
|
|
{
|
|
|
|
if (!prefs_initialized)
|
|
|
|
keygen_set_std_prefs (NULL, 0);
|
|
|
|
|
|
|
|
if (nsym_prefs)
|
|
|
|
build_sig_subpkt (sig, SIGSUBPKT_PREF_SYM, sym_prefs, nsym_prefs);
|
|
|
|
else
|
|
|
|
{
|
|
|
|
delete_sig_subpkt (sig->hashed, SIGSUBPKT_PREF_SYM);
|
|
|
|
delete_sig_subpkt (sig->unhashed, SIGSUBPKT_PREF_SYM);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (nhash_prefs)
|
|
|
|
build_sig_subpkt (sig, SIGSUBPKT_PREF_HASH, hash_prefs, nhash_prefs);
|
|
|
|
else
|
|
|
|
{
|
|
|
|
delete_sig_subpkt (sig->hashed, SIGSUBPKT_PREF_HASH);
|
|
|
|
delete_sig_subpkt (sig->unhashed, SIGSUBPKT_PREF_HASH);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (nzip_prefs)
|
|
|
|
build_sig_subpkt (sig, SIGSUBPKT_PREF_COMPR, zip_prefs, nzip_prefs);
|
|
|
|
else
|
|
|
|
{
|
|
|
|
delete_sig_subpkt (sig->hashed, SIGSUBPKT_PREF_COMPR);
|
|
|
|
delete_sig_subpkt (sig->unhashed, SIGSUBPKT_PREF_COMPR);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Make sure that the MDC feature flag is set if needed */
|
|
|
|
add_feature_mdc (sig,mdc_available);
|
2003-02-23 00:58:39 +01:00
|
|
|
add_keyserver_modify (sig,ks_modify);
|
2002-06-29 15:46:34 +02:00
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
1998-06-25 12:19:08 +02:00
|
|
|
|
|
|
|
/****************
|
|
|
|
* Add preference to the self signature packet.
|
|
|
|
* This is only called for packets with version > 3.
|
2002-06-29 15:46:34 +02:00
|
|
|
|
1998-06-25 12:19:08 +02:00
|
|
|
*/
|
1998-07-29 21:35:05 +02:00
|
|
|
int
|
|
|
|
keygen_add_std_prefs( PKT_signature *sig, void *opaque )
|
1998-06-25 12:19:08 +02:00
|
|
|
{
|
2002-06-29 15:46:34 +02:00
|
|
|
PKT_public_key *pk = opaque;
|
1998-06-25 12:19:08 +02:00
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
do_add_key_flags (sig, pk->pubkey_usage);
|
2002-12-04 19:50:10 +01:00
|
|
|
keygen_add_key_expire( sig, opaque );
|
2002-06-29 15:46:34 +02:00
|
|
|
keygen_upd_std_prefs (sig, opaque);
|
2000-10-11 19:26:49 +02:00
|
|
|
|
1998-06-25 12:19:08 +02:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2003-08-31 05:45:41 +02:00
|
|
|
int
|
|
|
|
keygen_add_keyserver_url(PKT_signature *sig, void *opaque)
|
|
|
|
{
|
|
|
|
const char *url=opaque;
|
|
|
|
|
2004-09-16 22:07:42 +02:00
|
|
|
if(url)
|
|
|
|
build_sig_subpkt(sig,SIGSUBPKT_PREF_KS,url,strlen(url));
|
|
|
|
else
|
|
|
|
delete_sig_subpkt (sig->hashed,SIGSUBPKT_PREF_KS);
|
2003-08-31 05:45:41 +02:00
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2006-03-09 00:30:12 +01:00
|
|
|
int
|
|
|
|
keygen_add_notations(PKT_signature *sig,void *opaque)
|
|
|
|
{
|
|
|
|
struct notation *notation;
|
|
|
|
|
|
|
|
/* We always start clean */
|
|
|
|
delete_sig_subpkt(sig->hashed,SIGSUBPKT_NOTATION);
|
|
|
|
delete_sig_subpkt(sig->unhashed,SIGSUBPKT_NOTATION);
|
|
|
|
sig->flags.notation=0;
|
|
|
|
|
|
|
|
for(notation=opaque;notation;notation=notation->next)
|
|
|
|
if(!notation->flags.ignore)
|
|
|
|
{
|
|
|
|
unsigned char *buf;
|
|
|
|
unsigned int n1,n2;
|
|
|
|
|
|
|
|
n1=strlen(notation->name);
|
|
|
|
if(notation->altvalue)
|
|
|
|
n2=strlen(notation->altvalue);
|
|
|
|
else
|
|
|
|
n2=strlen(notation->value);
|
|
|
|
|
|
|
|
buf = xmalloc( 8 + n1 + n2 );
|
|
|
|
|
|
|
|
buf[0] = 0x80; /* human readable */
|
|
|
|
buf[1] = buf[2] = buf[3] = 0;
|
|
|
|
buf[4] = n1 >> 8;
|
|
|
|
buf[5] = n1;
|
|
|
|
buf[6] = n2 >> 8;
|
|
|
|
buf[7] = n2;
|
|
|
|
memcpy(buf+8, notation->name, n1 );
|
|
|
|
if(notation->altvalue)
|
|
|
|
memcpy(buf+8+n1, notation->altvalue, n2 );
|
|
|
|
else
|
|
|
|
memcpy(buf+8+n1, notation->value, n2 );
|
|
|
|
build_sig_subpkt( sig, SIGSUBPKT_NOTATION |
|
|
|
|
(notation->flags.critical?SIGSUBPKT_FLAG_CRITICAL:0),
|
|
|
|
buf, 8+n1+n2 );
|
|
|
|
xfree(buf);
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
int
|
|
|
|
keygen_add_revkey(PKT_signature *sig, void *opaque)
|
|
|
|
{
|
|
|
|
struct revocation_key *revkey=opaque;
|
|
|
|
byte buf[2+MAX_FINGERPRINT_LEN];
|
|
|
|
|
|
|
|
buf[0]=revkey->class;
|
|
|
|
buf[1]=revkey->algid;
|
|
|
|
memcpy(&buf[2],revkey->fpr,MAX_FINGERPRINT_LEN);
|
|
|
|
|
|
|
|
build_sig_subpkt(sig,SIGSUBPKT_REV_KEY,buf,2+MAX_FINGERPRINT_LEN);
|
1998-06-25 12:19:08 +02:00
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
/* All sigs with revocation keys set are nonrevocable */
|
|
|
|
sig->flags.revocable=0;
|
|
|
|
buf[0] = 0;
|
|
|
|
build_sig_subpkt( sig, SIGSUBPKT_REVOCABLE, buf, 1 );
|
|
|
|
|
|
|
|
parse_revkeys(sig);
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
1998-06-25 12:19:08 +02:00
|
|
|
|
2005-10-14 06:07:13 +02:00
|
|
|
int
|
2005-10-12 00:13:49 +02:00
|
|
|
make_backsig(PKT_signature *sig,PKT_public_key *pk,
|
|
|
|
PKT_public_key *sub_pk,PKT_secret_key *sub_sk)
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
{
|
|
|
|
PKT_signature *backsig;
|
|
|
|
int rc;
|
|
|
|
|
2005-10-12 00:13:49 +02:00
|
|
|
cache_public_key(sub_pk);
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
|
2005-10-12 00:13:49 +02:00
|
|
|
rc=make_keysig_packet(&backsig,pk,NULL,sub_pk,sub_sk,0x19,0,0,0,0,NULL,NULL);
|
|
|
|
if(rc)
|
|
|
|
log_error("make_keysig_packet failed for backsig: %s\n",g10_errstr(rc));
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
else
|
|
|
|
{
|
|
|
|
/* get it into a binary packed form. */
|
|
|
|
IOBUF backsig_out=iobuf_temp();
|
|
|
|
PACKET backsig_pkt;
|
|
|
|
|
|
|
|
init_packet(&backsig_pkt);
|
|
|
|
backsig_pkt.pkttype=PKT_SIGNATURE;
|
|
|
|
backsig_pkt.pkt.signature=backsig;
|
2004-07-15 23:00:35 +02:00
|
|
|
rc=build_packet(backsig_out,&backsig_pkt);
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
free_packet(&backsig_pkt);
|
2004-07-15 23:00:35 +02:00
|
|
|
if(rc)
|
|
|
|
log_error("build_packet failed for backsig: %s\n",g10_errstr(rc));
|
|
|
|
else
|
|
|
|
{
|
|
|
|
size_t pktlen=0;
|
|
|
|
byte *buf=iobuf_get_temp_buffer(backsig_out);
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
|
2004-07-15 23:00:35 +02:00
|
|
|
/* Remove the packet header */
|
|
|
|
if(buf[0]&0x40)
|
|
|
|
{
|
|
|
|
if(buf[1]<192)
|
|
|
|
{
|
|
|
|
pktlen=buf[1];
|
|
|
|
buf+=2;
|
|
|
|
}
|
|
|
|
else if(buf[1]<224)
|
|
|
|
{
|
|
|
|
pktlen=(buf[1]-192)*256;
|
|
|
|
pktlen+=buf[2]+192;
|
|
|
|
buf+=3;
|
|
|
|
}
|
|
|
|
else if(buf[1]==255)
|
|
|
|
{
|
|
|
|
pktlen =buf[2] << 24;
|
|
|
|
pktlen|=buf[3] << 16;
|
|
|
|
pktlen|=buf[4] << 8;
|
|
|
|
pktlen|=buf[5];
|
|
|
|
buf+=6;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
BUG();
|
|
|
|
}
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
else
|
2004-07-15 23:00:35 +02:00
|
|
|
{
|
|
|
|
int mark=1;
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
|
2004-07-15 23:00:35 +02:00
|
|
|
switch(buf[0]&3)
|
|
|
|
{
|
|
|
|
case 3:
|
|
|
|
BUG();
|
|
|
|
break;
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
|
2004-07-15 23:00:35 +02:00
|
|
|
case 2:
|
|
|
|
pktlen =buf[mark++] << 24;
|
|
|
|
pktlen|=buf[mark++] << 16;
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
|
2004-07-15 23:00:35 +02:00
|
|
|
case 1:
|
|
|
|
pktlen|=buf[mark++] << 8;
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
|
2004-07-15 23:00:35 +02:00
|
|
|
case 0:
|
|
|
|
pktlen|=buf[mark++];
|
|
|
|
}
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
|
2004-07-15 23:00:35 +02:00
|
|
|
buf+=mark;
|
|
|
|
}
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
|
2004-07-15 23:00:35 +02:00
|
|
|
/* now make the binary blob into a subpacket */
|
|
|
|
build_sig_subpkt(sig,SIGSUBPKT_SIGNATURE,buf,pktlen);
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
|
2004-07-15 23:00:35 +02:00
|
|
|
iobuf_close(backsig_out);
|
|
|
|
}
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
1997-12-09 13:46:23 +01:00
|
|
|
static int
|
2002-06-29 15:46:34 +02:00
|
|
|
write_direct_sig( KBNODE root, KBNODE pub_root, PKT_secret_key *sk,
|
|
|
|
struct revocation_key *revkey )
|
|
|
|
{
|
|
|
|
PACKET *pkt;
|
|
|
|
PKT_signature *sig;
|
|
|
|
int rc=0;
|
|
|
|
KBNODE node;
|
|
|
|
PKT_public_key *pk;
|
|
|
|
|
|
|
|
if( opt.verbose )
|
|
|
|
log_info(_("writing direct signature\n"));
|
|
|
|
|
|
|
|
/* get the pk packet from the pub_tree */
|
|
|
|
node = find_kbnode( pub_root, PKT_PUBLIC_KEY );
|
|
|
|
if( !node )
|
|
|
|
BUG();
|
|
|
|
pk = node->pkt->pkt.public_key;
|
|
|
|
|
|
|
|
/* we have to cache the key, so that the verification of the signature
|
|
|
|
* creation is able to retrieve the public key */
|
|
|
|
cache_public_key (pk);
|
|
|
|
|
|
|
|
/* and make the signature */
|
|
|
|
rc = make_keysig_packet(&sig,pk,NULL,NULL,sk,0x1F,0,0,0,0,
|
|
|
|
keygen_add_revkey,revkey);
|
|
|
|
if( rc ) {
|
|
|
|
log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
pkt = xmalloc_clear( sizeof *pkt );
|
2002-06-29 15:46:34 +02:00
|
|
|
pkt->pkttype = PKT_SIGNATURE;
|
|
|
|
pkt->pkt.signature = sig;
|
|
|
|
add_kbnode( root, new_kbnode( pkt ) );
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
2005-05-11 21:31:53 +02:00
|
|
|
write_selfsigs( KBNODE sec_root, KBNODE pub_root, PKT_secret_key *sk,
|
|
|
|
unsigned int use )
|
1997-12-09 13:46:23 +01:00
|
|
|
{
|
1997-12-16 20:15:09 +01:00
|
|
|
PACKET *pkt;
|
1997-12-09 13:46:23 +01:00
|
|
|
PKT_signature *sig;
|
1997-12-16 20:15:09 +01:00
|
|
|
PKT_user_id *uid;
|
1997-12-09 13:46:23 +01:00
|
|
|
int rc=0;
|
1998-02-11 04:25:44 +01:00
|
|
|
KBNODE node;
|
1998-06-29 14:30:57 +02:00
|
|
|
PKT_public_key *pk;
|
1997-12-09 13:46:23 +01:00
|
|
|
|
|
|
|
if( opt.verbose )
|
1998-01-28 17:09:43 +01:00
|
|
|
log_info(_("writing self signature\n"));
|
1997-12-09 13:46:23 +01:00
|
|
|
|
1998-02-11 04:25:44 +01:00
|
|
|
/* get the uid packet from the list */
|
2005-05-11 21:31:53 +02:00
|
|
|
node = find_kbnode( pub_root, PKT_USER_ID );
|
1997-12-16 20:15:09 +01:00
|
|
|
if( !node )
|
1998-01-16 22:15:24 +01:00
|
|
|
BUG(); /* no user id packet in tree */
|
1997-12-16 20:15:09 +01:00
|
|
|
uid = node->pkt->pkt.user_id;
|
1998-06-29 14:30:57 +02:00
|
|
|
/* get the pk packet from the pub_tree */
|
|
|
|
node = find_kbnode( pub_root, PKT_PUBLIC_KEY );
|
1997-12-16 20:15:09 +01:00
|
|
|
if( !node )
|
1998-01-16 22:15:24 +01:00
|
|
|
BUG();
|
1998-06-29 14:30:57 +02:00
|
|
|
pk = node->pkt->pkt.public_key;
|
2002-06-29 15:46:34 +02:00
|
|
|
pk->pubkey_usage = use;
|
|
|
|
/* we have to cache the key, so that the verification of the signature
|
|
|
|
* creation is able to retrieve the public key */
|
|
|
|
cache_public_key (pk);
|
1997-12-16 20:15:09 +01:00
|
|
|
|
|
|
|
/* and make the signature */
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x13, 0, 0, 0, 0,
|
|
|
|
keygen_add_std_prefs, pk );
|
1998-05-26 15:38:00 +02:00
|
|
|
if( rc ) {
|
2002-06-29 15:46:34 +02:00
|
|
|
log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );
|
1998-05-26 15:38:00 +02:00
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
pkt = xmalloc_clear( sizeof *pkt );
|
1998-05-26 15:38:00 +02:00
|
|
|
pkt->pkttype = PKT_SIGNATURE;
|
|
|
|
pkt->pkt.signature = sig;
|
2005-05-11 21:31:53 +02:00
|
|
|
add_kbnode( sec_root, new_kbnode( pkt ) );
|
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
pkt = xmalloc_clear( sizeof *pkt );
|
2005-05-11 21:31:53 +02:00
|
|
|
pkt->pkttype = PKT_SIGNATURE;
|
|
|
|
pkt->pkt.signature = copy_signature(NULL,sig);
|
|
|
|
add_kbnode( pub_root, new_kbnode( pkt ) );
|
1998-05-26 15:38:00 +02:00
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
/* sub_sk is currently unused (reserved for backsigs) */
|
1998-05-26 15:38:00 +02:00
|
|
|
static int
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
write_keybinding( KBNODE root, KBNODE pub_root,
|
|
|
|
PKT_secret_key *pri_sk, PKT_secret_key *sub_sk,
|
2002-06-29 15:46:34 +02:00
|
|
|
unsigned int use )
|
1998-05-26 15:38:00 +02:00
|
|
|
{
|
|
|
|
PACKET *pkt;
|
|
|
|
PKT_signature *sig;
|
|
|
|
int rc=0;
|
|
|
|
KBNODE node;
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
PKT_public_key *pri_pk, *sub_pk;
|
2002-06-29 15:46:34 +02:00
|
|
|
struct opaque_data_usage_and_pk oduap;
|
1998-05-26 15:38:00 +02:00
|
|
|
|
|
|
|
if( opt.verbose )
|
|
|
|
log_info(_("writing key binding signature\n"));
|
|
|
|
|
1998-06-29 14:30:57 +02:00
|
|
|
/* get the pk packet from the pub_tree */
|
|
|
|
node = find_kbnode( pub_root, PKT_PUBLIC_KEY );
|
1998-05-26 15:38:00 +02:00
|
|
|
if( !node )
|
|
|
|
BUG();
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
pri_pk = node->pkt->pkt.public_key;
|
2002-06-29 15:46:34 +02:00
|
|
|
/* we have to cache the key, so that the verification of the signature
|
|
|
|
* creation is able to retrieve the public key */
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
cache_public_key (pri_pk);
|
2002-06-29 15:46:34 +02:00
|
|
|
|
1998-05-26 15:38:00 +02:00
|
|
|
/* find the last subkey */
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
sub_pk = NULL;
|
1998-05-26 15:38:00 +02:00
|
|
|
for(node=pub_root; node; node = node->next ) {
|
1998-06-29 14:30:57 +02:00
|
|
|
if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
sub_pk = node->pkt->pkt.public_key;
|
1998-05-26 15:38:00 +02:00
|
|
|
}
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
if( !sub_pk )
|
1998-05-26 15:38:00 +02:00
|
|
|
BUG();
|
|
|
|
|
|
|
|
/* and make the signature */
|
2002-06-29 15:46:34 +02:00
|
|
|
oduap.usage = use;
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
oduap.pk = sub_pk;
|
|
|
|
rc=make_keysig_packet(&sig, pri_pk, NULL, sub_pk, pri_sk, 0x18, 0, 0, 0, 0,
|
|
|
|
keygen_add_key_flags_and_expire, &oduap );
|
1997-12-09 13:46:23 +01:00
|
|
|
if( rc ) {
|
2002-06-29 15:46:34 +02:00
|
|
|
log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );
|
1997-12-09 13:46:23 +01:00
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
/* make a backsig */
|
|
|
|
if(use&PUBKEY_USAGE_SIG)
|
|
|
|
{
|
|
|
|
rc=make_backsig(sig,pri_pk,sub_pk,sub_sk);
|
|
|
|
if(rc)
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
pkt = xmalloc_clear( sizeof *pkt );
|
1997-12-16 20:15:09 +01:00
|
|
|
pkt->pkttype = PKT_SIGNATURE;
|
|
|
|
pkt->pkt.signature = sig;
|
|
|
|
add_kbnode( root, new_kbnode( pkt ) );
|
1997-12-09 13:46:23 +01:00
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
1997-12-16 20:15:09 +01:00
|
|
|
static int
|
1998-06-25 12:19:08 +02:00
|
|
|
gen_elg(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
STRING2KEY *s2k, PKT_secret_key **ret_sk, u32 expireval, int is_subkey)
|
1997-12-16 20:15:09 +01:00
|
|
|
{
|
|
|
|
int rc;
|
|
|
|
PACKET *pkt;
|
1998-06-29 14:30:57 +02:00
|
|
|
PKT_secret_key *sk;
|
|
|
|
PKT_public_key *pk;
|
2002-06-29 15:46:34 +02:00
|
|
|
MPI skey[4];
|
|
|
|
MPI *factors;
|
2000-01-27 17:50:45 +01:00
|
|
|
|
2000-07-14 19:34:53 +02:00
|
|
|
assert( is_ELGAMAL(algo) );
|
|
|
|
|
|
|
|
if( nbits < 512 ) {
|
|
|
|
nbits = 1024;
|
|
|
|
log_info(_("keysize invalid; using %u bits\n"), nbits );
|
|
|
|
}
|
|
|
|
|
|
|
|
if( (nbits % 32) ) {
|
|
|
|
nbits = ((nbits + 31) / 32) * 32;
|
|
|
|
log_info(_("keysize rounded up to %u bits\n"), nbits );
|
|
|
|
}
|
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = pubkey_generate( algo, nbits, skey, &factors );
|
1998-06-13 19:00:02 +02:00
|
|
|
if( rc ) {
|
2002-06-29 15:46:34 +02:00
|
|
|
log_error("pubkey_generate failed: %s\n", g10_errstr(rc) );
|
1998-06-13 19:00:02 +02:00
|
|
|
return rc;
|
|
|
|
}
|
1997-12-16 20:15:09 +01:00
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
sk = xmalloc_clear( sizeof *sk );
|
|
|
|
pk = xmalloc_clear( sizeof *pk );
|
1998-06-29 14:30:57 +02:00
|
|
|
sk->timestamp = pk->timestamp = make_timestamp();
|
2000-07-14 19:34:53 +02:00
|
|
|
sk->version = pk->version = 4;
|
1998-11-20 18:42:18 +01:00
|
|
|
if( expireval ) {
|
|
|
|
sk->expiredate = pk->expiredate = sk->timestamp + expireval;
|
|
|
|
}
|
1998-06-29 14:30:57 +02:00
|
|
|
sk->pubkey_algo = pk->pubkey_algo = algo;
|
2002-06-29 15:46:34 +02:00
|
|
|
pk->pkey[0] = mpi_copy( skey[0] );
|
|
|
|
pk->pkey[1] = mpi_copy( skey[1] );
|
|
|
|
pk->pkey[2] = mpi_copy( skey[2] );
|
|
|
|
sk->skey[0] = skey[0];
|
|
|
|
sk->skey[1] = skey[1];
|
|
|
|
sk->skey[2] = skey[2];
|
|
|
|
sk->skey[3] = skey[3];
|
1998-06-29 14:30:57 +02:00
|
|
|
sk->is_protected = 0;
|
|
|
|
sk->protect.algo = 0;
|
|
|
|
|
2002-09-11 09:27:54 +02:00
|
|
|
sk->csum = checksum_mpi( sk->skey[3] );
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
if( ret_sk ) /* return an unprotected version of the sk */
|
1998-06-29 14:30:57 +02:00
|
|
|
*ret_sk = copy_secret_key( NULL, sk );
|
1997-12-16 20:15:09 +01:00
|
|
|
|
1997-12-19 12:41:47 +01:00
|
|
|
if( dek ) {
|
1998-06-29 14:30:57 +02:00
|
|
|
sk->protect.algo = dek->algo;
|
|
|
|
sk->protect.s2k = *s2k;
|
|
|
|
rc = protect_secret_key( sk, dek );
|
1997-12-16 20:15:09 +01:00
|
|
|
if( rc ) {
|
2002-06-29 15:46:34 +02:00
|
|
|
log_error("protect_secret_key failed: %s\n", g10_errstr(rc) );
|
1998-06-29 14:30:57 +02:00
|
|
|
free_public_key(pk);
|
|
|
|
free_secret_key(sk);
|
1997-12-16 20:15:09 +01:00
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
pkt = xmalloc_clear(sizeof *pkt);
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
pkt->pkttype = is_subkey ? PKT_PUBLIC_SUBKEY : PKT_PUBLIC_KEY;
|
1998-06-29 14:30:57 +02:00
|
|
|
pkt->pkt.public_key = pk;
|
1997-12-16 20:15:09 +01:00
|
|
|
add_kbnode(pub_root, new_kbnode( pkt ));
|
|
|
|
|
1998-04-14 19:51:16 +02:00
|
|
|
/* don't know whether it makes sense to have the factors, so for now
|
1998-05-03 17:42:08 +02:00
|
|
|
* we store them in the secret keyring (but they are not secret) */
|
2005-07-27 20:10:56 +02:00
|
|
|
pkt = xmalloc_clear(sizeof *pkt);
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
pkt->pkttype = is_subkey ? PKT_SECRET_SUBKEY : PKT_SECRET_KEY;
|
1998-06-29 14:30:57 +02:00
|
|
|
pkt->pkt.secret_key = sk;
|
1997-12-16 20:15:09 +01:00
|
|
|
add_kbnode(sec_root, new_kbnode( pkt ));
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
1998-05-05 22:34:20 +02:00
|
|
|
/****************
|
|
|
|
* Generate a DSA key
|
|
|
|
*/
|
1997-11-24 23:24:04 +01:00
|
|
|
static int
|
2000-07-14 19:34:53 +02:00
|
|
|
gen_dsa(unsigned int nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
STRING2KEY *s2k, PKT_secret_key **ret_sk, u32 expireval, int is_subkey)
|
1997-11-24 23:24:04 +01:00
|
|
|
{
|
1998-05-05 22:34:20 +02:00
|
|
|
int rc;
|
|
|
|
PACKET *pkt;
|
1998-06-29 14:30:57 +02:00
|
|
|
PKT_secret_key *sk;
|
|
|
|
PKT_public_key *pk;
|
2002-06-29 15:46:34 +02:00
|
|
|
MPI skey[5];
|
|
|
|
MPI *factors;
|
1998-05-05 22:34:20 +02:00
|
|
|
|
2000-07-14 19:34:53 +02:00
|
|
|
if( nbits > 1024 || nbits < 512 ) {
|
1998-05-05 22:34:20 +02:00
|
|
|
nbits = 1024;
|
2000-07-14 19:34:53 +02:00
|
|
|
log_info(_("keysize invalid; using %u bits\n"), nbits );
|
|
|
|
}
|
|
|
|
|
|
|
|
if( (nbits % 64) ) {
|
|
|
|
nbits = ((nbits + 63) / 64) * 64;
|
|
|
|
log_info(_("keysize rounded up to %u bits\n"), nbits );
|
|
|
|
}
|
1998-05-05 22:34:20 +02:00
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = pubkey_generate( PUBKEY_ALGO_DSA, nbits, skey, &factors );
|
1998-06-13 19:00:02 +02:00
|
|
|
if( rc ) {
|
2002-06-29 15:46:34 +02:00
|
|
|
log_error("pubkey_generate failed: %s\n", g10_errstr(rc) );
|
1998-06-13 19:00:02 +02:00
|
|
|
return rc;
|
|
|
|
}
|
1998-05-05 22:34:20 +02:00
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
sk = xmalloc_clear( sizeof *sk );
|
|
|
|
pk = xmalloc_clear( sizeof *pk );
|
1998-06-29 14:30:57 +02:00
|
|
|
sk->timestamp = pk->timestamp = make_timestamp();
|
|
|
|
sk->version = pk->version = 4;
|
1998-11-20 18:42:18 +01:00
|
|
|
if( expireval ) {
|
|
|
|
sk->expiredate = pk->expiredate = sk->timestamp + expireval;
|
|
|
|
}
|
2002-06-29 15:46:34 +02:00
|
|
|
sk->pubkey_algo = pk->pubkey_algo = PUBKEY_ALGO_DSA;
|
|
|
|
pk->pkey[0] = mpi_copy( skey[0] );
|
|
|
|
pk->pkey[1] = mpi_copy( skey[1] );
|
|
|
|
pk->pkey[2] = mpi_copy( skey[2] );
|
|
|
|
pk->pkey[3] = mpi_copy( skey[3] );
|
|
|
|
sk->skey[0] = skey[0];
|
|
|
|
sk->skey[1] = skey[1];
|
|
|
|
sk->skey[2] = skey[2];
|
|
|
|
sk->skey[3] = skey[3];
|
|
|
|
sk->skey[4] = skey[4];
|
1998-06-29 14:30:57 +02:00
|
|
|
sk->is_protected = 0;
|
|
|
|
sk->protect.algo = 0;
|
|
|
|
|
2002-09-11 09:27:54 +02:00
|
|
|
sk->csum = checksum_mpi ( sk->skey[4] );
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
if( ret_sk ) /* return an unprotected version of the sk */
|
1998-06-29 14:30:57 +02:00
|
|
|
*ret_sk = copy_secret_key( NULL, sk );
|
1998-05-05 22:34:20 +02:00
|
|
|
|
|
|
|
if( dek ) {
|
1998-06-29 14:30:57 +02:00
|
|
|
sk->protect.algo = dek->algo;
|
|
|
|
sk->protect.s2k = *s2k;
|
|
|
|
rc = protect_secret_key( sk, dek );
|
1998-05-05 22:34:20 +02:00
|
|
|
if( rc ) {
|
2002-06-29 15:46:34 +02:00
|
|
|
log_error("protect_secret_key failed: %s\n", g10_errstr(rc) );
|
1998-06-29 14:30:57 +02:00
|
|
|
free_public_key(pk);
|
|
|
|
free_secret_key(sk);
|
1998-05-05 22:34:20 +02:00
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
pkt = xmalloc_clear(sizeof *pkt);
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
pkt->pkttype = is_subkey ? PKT_PUBLIC_SUBKEY : PKT_PUBLIC_KEY;
|
1998-06-29 14:30:57 +02:00
|
|
|
pkt->pkt.public_key = pk;
|
1998-05-05 22:34:20 +02:00
|
|
|
add_kbnode(pub_root, new_kbnode( pkt ));
|
|
|
|
|
|
|
|
/* don't know whether it makes sense to have the factors, so for now
|
|
|
|
* we store them in the secret keyring (but they are not secret)
|
2002-06-29 15:46:34 +02:00
|
|
|
* p = 2 * q * f1 * f2 * ... * fn
|
|
|
|
* We store only f1 to f_n-1; fn can be calculated because p and q
|
|
|
|
* are known.
|
1998-05-05 22:34:20 +02:00
|
|
|
*/
|
2005-07-27 20:10:56 +02:00
|
|
|
pkt = xmalloc_clear(sizeof *pkt);
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
pkt->pkttype = is_subkey ? PKT_SECRET_SUBKEY : PKT_SECRET_KEY;
|
1998-06-29 14:30:57 +02:00
|
|
|
pkt->pkt.secret_key = sk;
|
1998-05-05 22:34:20 +02:00
|
|
|
add_kbnode(sec_root, new_kbnode( pkt ));
|
2002-06-29 15:46:34 +02:00
|
|
|
|
1998-05-05 22:34:20 +02:00
|
|
|
return 0;
|
1997-11-24 23:24:04 +01:00
|
|
|
}
|
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Generate an RSA key.
|
|
|
|
*/
|
2000-07-14 19:34:53 +02:00
|
|
|
static int
|
|
|
|
gen_rsa(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
STRING2KEY *s2k, PKT_secret_key **ret_sk, u32 expireval, int is_subkey)
|
2000-07-14 19:34:53 +02:00
|
|
|
{
|
|
|
|
int rc;
|
|
|
|
PACKET *pkt;
|
|
|
|
PKT_secret_key *sk;
|
|
|
|
PKT_public_key *pk;
|
2002-06-29 15:46:34 +02:00
|
|
|
MPI skey[6];
|
2000-07-14 19:34:53 +02:00
|
|
|
MPI *factors;
|
|
|
|
|
|
|
|
assert( is_RSA(algo) );
|
|
|
|
|
|
|
|
if( nbits < 1024 ) {
|
|
|
|
nbits = 1024;
|
|
|
|
log_info(_("keysize invalid; using %u bits\n"), nbits );
|
|
|
|
}
|
|
|
|
|
|
|
|
if( (nbits % 32) ) {
|
|
|
|
nbits = ((nbits + 31) / 32) * 32;
|
|
|
|
log_info(_("keysize rounded up to %u bits\n"), nbits );
|
|
|
|
}
|
|
|
|
|
|
|
|
rc = pubkey_generate( algo, nbits, skey, &factors );
|
|
|
|
if( rc ) {
|
2002-06-29 15:46:34 +02:00
|
|
|
log_error("pubkey_generate failed: %s\n", g10_errstr(rc) );
|
2000-07-14 19:34:53 +02:00
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
sk = xmalloc_clear( sizeof *sk );
|
|
|
|
pk = xmalloc_clear( sizeof *pk );
|
2000-07-14 19:34:53 +02:00
|
|
|
sk->timestamp = pk->timestamp = make_timestamp();
|
|
|
|
sk->version = pk->version = 4;
|
|
|
|
if( expireval ) {
|
|
|
|
sk->expiredate = pk->expiredate = sk->timestamp + expireval;
|
|
|
|
}
|
|
|
|
sk->pubkey_algo = pk->pubkey_algo = algo;
|
|
|
|
pk->pkey[0] = mpi_copy( skey[0] );
|
|
|
|
pk->pkey[1] = mpi_copy( skey[1] );
|
|
|
|
sk->skey[0] = skey[0];
|
|
|
|
sk->skey[1] = skey[1];
|
|
|
|
sk->skey[2] = skey[2];
|
|
|
|
sk->skey[3] = skey[3];
|
|
|
|
sk->skey[4] = skey[4];
|
|
|
|
sk->skey[5] = skey[5];
|
|
|
|
sk->is_protected = 0;
|
|
|
|
sk->protect.algo = 0;
|
|
|
|
|
2002-09-11 09:27:54 +02:00
|
|
|
sk->csum = checksum_mpi (sk->skey[2] );
|
|
|
|
sk->csum += checksum_mpi (sk->skey[3] );
|
|
|
|
sk->csum += checksum_mpi (sk->skey[4] );
|
|
|
|
sk->csum += checksum_mpi (sk->skey[5] );
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
if( ret_sk ) /* return an unprotected version of the sk */
|
2000-07-14 19:34:53 +02:00
|
|
|
*ret_sk = copy_secret_key( NULL, sk );
|
|
|
|
|
|
|
|
if( dek ) {
|
|
|
|
sk->protect.algo = dek->algo;
|
|
|
|
sk->protect.s2k = *s2k;
|
|
|
|
rc = protect_secret_key( sk, dek );
|
|
|
|
if( rc ) {
|
2002-06-29 15:46:34 +02:00
|
|
|
log_error("protect_secret_key failed: %s\n", g10_errstr(rc) );
|
2000-07-14 19:34:53 +02:00
|
|
|
free_public_key(pk);
|
|
|
|
free_secret_key(sk);
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
pkt = xmalloc_clear(sizeof *pkt);
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
pkt->pkttype = is_subkey ? PKT_PUBLIC_SUBKEY : PKT_PUBLIC_KEY;
|
2000-07-14 19:34:53 +02:00
|
|
|
pkt->pkt.public_key = pk;
|
|
|
|
add_kbnode(pub_root, new_kbnode( pkt ));
|
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
pkt = xmalloc_clear(sizeof *pkt);
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
pkt->pkttype = is_subkey ? PKT_SECRET_SUBKEY : PKT_SECRET_KEY;
|
2000-07-14 19:34:53 +02:00
|
|
|
pkt->pkt.secret_key = sk;
|
|
|
|
add_kbnode(sec_root, new_kbnode( pkt ));
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
1997-11-18 15:06:00 +01:00
|
|
|
|
|
|
|
|
1998-04-02 12:30:03 +02:00
|
|
|
/****************
|
|
|
|
* check valid days:
|
|
|
|
* return 0 on error or the multiplier
|
|
|
|
*/
|
|
|
|
static int
|
|
|
|
check_valid_days( const char *s )
|
|
|
|
{
|
* parse-packet.c (parse_signature): No need to reserve 8 bytes for the
unhashed signature cache any longer.
* misc.c (pct_expando): Add two new expandos - signer's fingerprint (%g),
and signer's primary fingerprint (%p).
* Makefile.am: Include W32LIBS where appropriate.
* g10.c (main): Add --rfc2440 alias for --openpgp since in a few months,
they won't be the same thing.
* keyserver.c (parse_keyserver_uri): Accept "http" as an alias for "hkp",
since it is occasionally written that way. (keyserver_spawn): Use
ascii_isspace to avoid locale issues.
* keygen.c (ask_user_id): Make --allow-freeform-uid apply to the email
field as well as the name field, and allow mixing fields when it is set.
* options.skel: Use subkeys.pgp.net as the default keyserver.
* trustdb.c (validate_one_keyblock): Certifications on revoked or expired
uids do not count in the web of trust.
* signal.c (init_one_signal, pause_on_sigusr, do_block): Only use
sigprocmask() if we have sigset_t, and only use sigaction() if we have
struct sigaction. This is for Forte c89 on Solaris which seems to define
only the function call half of the two pairs by default.
(pause_on_sigusr): Typo. (do_block): If we can't use sigprocmask() and
sigset_t, try to get the number of signals from NSIG as well as MAXSIG,
and if we can't, fail with an explanation.
* signal.c, tdbio.c: Comment out the transaction code. It was not used in
this version, and was causing some build problems on quasi-posix platforms
(Solaris and Forte c89).
* keylist.c (list_keyblock_colon): Don't include validity values when
listing secret keys since they can be incorrect and/or misleading. This
is a temporary kludge, and will be handled properly in 1.9/2.0.
* mainproc.c (check_sig_and_print): Only show the "key available from"
preferred keyserver line if the key is not currently present.
* keyedit.c (sign_uids): Do not sign expired uids without --expert (same
behavior as revoked uids). Do not allow signing a user ID without a
self-signature. --expert overrides. Add additional prompt to the
signature level question. (menu_expire): When changing expiration dates,
don't replace selfsigs on revoked uids since this would effectively
unrevoke them. There is also no point in replacing expired selfsigs.
This is bug #181
* g10.c (add_notation_data): Make sure that only ascii is passed to
iscntrl. Noted by Christian Biere.
* getkey.c (classify_user_id2): Replaced isspace by spacep
* keygen.c (ask_user_id): Ditto. (get_parameter_algo): Ditto.
* keyedit.c (keyedit_menu): Ditto.
* tdbdump.c (import_ownertrust): Ditto. s/isxdigit/hexdigitp/.
* revoke.c (ask_revocation_reason):
* keyserver.c (keyserver_spawn): Dito.
2003-07-10 16:30:07 +02:00
|
|
|
if( !digitp(s) )
|
1998-04-02 12:30:03 +02:00
|
|
|
return 0;
|
|
|
|
for( s++; *s; s++)
|
* parse-packet.c (parse_signature): No need to reserve 8 bytes for the
unhashed signature cache any longer.
* misc.c (pct_expando): Add two new expandos - signer's fingerprint (%g),
and signer's primary fingerprint (%p).
* Makefile.am: Include W32LIBS where appropriate.
* g10.c (main): Add --rfc2440 alias for --openpgp since in a few months,
they won't be the same thing.
* keyserver.c (parse_keyserver_uri): Accept "http" as an alias for "hkp",
since it is occasionally written that way. (keyserver_spawn): Use
ascii_isspace to avoid locale issues.
* keygen.c (ask_user_id): Make --allow-freeform-uid apply to the email
field as well as the name field, and allow mixing fields when it is set.
* options.skel: Use subkeys.pgp.net as the default keyserver.
* trustdb.c (validate_one_keyblock): Certifications on revoked or expired
uids do not count in the web of trust.
* signal.c (init_one_signal, pause_on_sigusr, do_block): Only use
sigprocmask() if we have sigset_t, and only use sigaction() if we have
struct sigaction. This is for Forte c89 on Solaris which seems to define
only the function call half of the two pairs by default.
(pause_on_sigusr): Typo. (do_block): If we can't use sigprocmask() and
sigset_t, try to get the number of signals from NSIG as well as MAXSIG,
and if we can't, fail with an explanation.
* signal.c, tdbio.c: Comment out the transaction code. It was not used in
this version, and was causing some build problems on quasi-posix platforms
(Solaris and Forte c89).
* keylist.c (list_keyblock_colon): Don't include validity values when
listing secret keys since they can be incorrect and/or misleading. This
is a temporary kludge, and will be handled properly in 1.9/2.0.
* mainproc.c (check_sig_and_print): Only show the "key available from"
preferred keyserver line if the key is not currently present.
* keyedit.c (sign_uids): Do not sign expired uids without --expert (same
behavior as revoked uids). Do not allow signing a user ID without a
self-signature. --expert overrides. Add additional prompt to the
signature level question. (menu_expire): When changing expiration dates,
don't replace selfsigs on revoked uids since this would effectively
unrevoke them. There is also no point in replacing expired selfsigs.
This is bug #181
* g10.c (add_notation_data): Make sure that only ascii is passed to
iscntrl. Noted by Christian Biere.
* getkey.c (classify_user_id2): Replaced isspace by spacep
* keygen.c (ask_user_id): Ditto. (get_parameter_algo): Ditto.
* keyedit.c (keyedit_menu): Ditto.
* tdbdump.c (import_ownertrust): Ditto. s/isxdigit/hexdigitp/.
* revoke.c (ask_revocation_reason):
* keyserver.c (keyserver_spawn): Dito.
2003-07-10 16:30:07 +02:00
|
|
|
if( !digitp(s) )
|
1998-04-02 12:30:03 +02:00
|
|
|
break;
|
|
|
|
if( !*s )
|
|
|
|
return 1;
|
|
|
|
if( s[1] )
|
|
|
|
return 0; /* e.g. "2323wc" */
|
|
|
|
if( *s == 'd' || *s == 'D' )
|
|
|
|
return 1;
|
|
|
|
if( *s == 'w' || *s == 'W' )
|
|
|
|
return 7;
|
|
|
|
if( *s == 'm' || *s == 'M' )
|
|
|
|
return 30;
|
|
|
|
if( *s == 'y' || *s == 'Y' )
|
|
|
|
return 365;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2004-10-10 16:33:37 +02:00
|
|
|
static void
|
|
|
|
print_key_flags(int flags)
|
|
|
|
{
|
|
|
|
if(flags&PUBKEY_USAGE_SIG)
|
|
|
|
tty_printf("%s ",_("Sign"));
|
|
|
|
|
2005-08-27 05:09:40 +02:00
|
|
|
if(flags&PUBKEY_USAGE_CERT)
|
|
|
|
tty_printf("%s ",_("Certify"));
|
|
|
|
|
2004-10-10 16:33:37 +02:00
|
|
|
if(flags&PUBKEY_USAGE_ENC)
|
|
|
|
tty_printf("%s ",_("Encrypt"));
|
|
|
|
|
|
|
|
if(flags&PUBKEY_USAGE_AUTH)
|
|
|
|
tty_printf("%s ",_("Authenticate"));
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/* Returns the key flags */
|
|
|
|
static unsigned int
|
2005-08-27 05:09:40 +02:00
|
|
|
ask_key_flags(int algo,int subkey)
|
2004-10-10 16:33:37 +02:00
|
|
|
{
|
|
|
|
const char *togglers=_("SsEeAaQq");
|
|
|
|
char *answer=NULL;
|
|
|
|
unsigned int current=0;
|
|
|
|
unsigned int possible=openpgp_pk_algo_usage(algo);
|
|
|
|
|
|
|
|
if(strlen(togglers)!=8)
|
|
|
|
BUG();
|
|
|
|
|
2005-08-27 05:09:40 +02:00
|
|
|
/* Only primary keys may certify. */
|
|
|
|
if(subkey)
|
|
|
|
possible&=~PUBKEY_USAGE_CERT;
|
|
|
|
|
2004-10-10 16:33:37 +02:00
|
|
|
/* Preload the current set with the possible set, minus
|
|
|
|
authentication, since nobody really uses auth yet. */
|
|
|
|
current=possible&~PUBKEY_USAGE_AUTH;
|
|
|
|
|
|
|
|
for(;;)
|
|
|
|
{
|
|
|
|
tty_printf("\n");
|
|
|
|
tty_printf(_("Possible actions for a %s key: "),
|
|
|
|
pubkey_algo_to_string(algo));
|
|
|
|
print_key_flags(possible);
|
|
|
|
tty_printf("\n");
|
|
|
|
tty_printf(_("Current allowed actions: "));
|
|
|
|
print_key_flags(current);
|
|
|
|
tty_printf("\n\n");
|
|
|
|
|
|
|
|
if(possible&PUBKEY_USAGE_SIG)
|
|
|
|
tty_printf(_(" (%c) Toggle the sign capability\n"),
|
|
|
|
togglers[0]);
|
|
|
|
if(possible&PUBKEY_USAGE_ENC)
|
|
|
|
tty_printf(_(" (%c) Toggle the encrypt capability\n"),
|
|
|
|
togglers[2]);
|
|
|
|
if(possible&PUBKEY_USAGE_AUTH)
|
|
|
|
tty_printf(_(" (%c) Toggle the authenticate capability\n"),
|
|
|
|
togglers[4]);
|
|
|
|
|
|
|
|
tty_printf(_(" (%c) Finished\n"),togglers[6]);
|
|
|
|
tty_printf("\n");
|
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree(answer);
|
2004-10-10 16:33:37 +02:00
|
|
|
answer = cpr_get("keygen.flags",_("Your selection? "));
|
|
|
|
cpr_kill_prompt();
|
|
|
|
|
|
|
|
if(strlen(answer)>1)
|
2005-08-27 05:09:40 +02:00
|
|
|
tty_printf(_("Invalid selection.\n"));
|
2004-10-10 16:33:37 +02:00
|
|
|
else if(*answer=='\0' || *answer==togglers[6] || *answer==togglers[7])
|
|
|
|
break;
|
|
|
|
else if((*answer==togglers[0] || *answer==togglers[1])
|
|
|
|
&& possible&PUBKEY_USAGE_SIG)
|
|
|
|
{
|
|
|
|
if(current&PUBKEY_USAGE_SIG)
|
|
|
|
current&=~PUBKEY_USAGE_SIG;
|
|
|
|
else
|
|
|
|
current|=PUBKEY_USAGE_SIG;
|
|
|
|
}
|
|
|
|
else if((*answer==togglers[2] || *answer==togglers[3])
|
|
|
|
&& possible&PUBKEY_USAGE_ENC)
|
|
|
|
{
|
|
|
|
if(current&PUBKEY_USAGE_ENC)
|
|
|
|
current&=~PUBKEY_USAGE_ENC;
|
|
|
|
else
|
|
|
|
current|=PUBKEY_USAGE_ENC;
|
|
|
|
}
|
|
|
|
else if((*answer==togglers[4] || *answer==togglers[5])
|
|
|
|
&& possible&PUBKEY_USAGE_AUTH)
|
|
|
|
{
|
|
|
|
if(current&PUBKEY_USAGE_AUTH)
|
|
|
|
current&=~PUBKEY_USAGE_AUTH;
|
|
|
|
else
|
|
|
|
current|=PUBKEY_USAGE_AUTH;
|
|
|
|
}
|
2005-08-27 05:09:40 +02:00
|
|
|
else
|
|
|
|
tty_printf(_("Invalid selection.\n"));
|
2004-10-10 16:33:37 +02:00
|
|
|
}
|
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree(answer);
|
2004-10-10 16:33:37 +02:00
|
|
|
|
|
|
|
return current;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
1998-06-25 12:19:08 +02:00
|
|
|
/****************
|
2004-02-26 03:03:27 +01:00
|
|
|
* Returns: 0 to create both a DSA and a Elgamal key.
|
2002-06-29 15:46:34 +02:00
|
|
|
* and only if key flags are to be written the desired usage.
|
1998-06-25 12:19:08 +02:00
|
|
|
*/
|
1998-05-26 15:38:00 +02:00
|
|
|
static int
|
2002-06-29 15:46:34 +02:00
|
|
|
ask_algo (int addmode, unsigned int *r_usage)
|
1997-11-18 15:06:00 +01:00
|
|
|
{
|
|
|
|
char *answer;
|
1997-11-24 23:24:04 +01:00
|
|
|
int algo;
|
1998-01-28 17:09:43 +01:00
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
*r_usage = 0;
|
1998-06-25 12:19:08 +02:00
|
|
|
tty_printf(_("Please select what kind of key you want:\n"));
|
|
|
|
if( !addmode )
|
2004-02-26 03:03:27 +01:00
|
|
|
tty_printf(_(" (%d) DSA and Elgamal (default)\n"), 1 );
|
1998-12-10 20:20:47 +01:00
|
|
|
tty_printf( _(" (%d) DSA (sign only)\n"), 2 );
|
2004-12-09 16:49:47 +01:00
|
|
|
if (opt.expert)
|
|
|
|
tty_printf( _(" (%d) DSA (set your own capabilities)\n"), 3 );
|
1998-10-06 14:10:02 +02:00
|
|
|
if( addmode )
|
2004-12-09 16:49:47 +01:00
|
|
|
tty_printf(_(" (%d) Elgamal (encrypt only)\n"), 4 );
|
|
|
|
tty_printf( _(" (%d) RSA (sign only)\n"), 5 );
|
2002-06-29 15:46:34 +02:00
|
|
|
if (addmode)
|
2004-12-09 16:49:47 +01:00
|
|
|
tty_printf(_(" (%d) RSA (encrypt only)\n"), 6 );
|
2002-06-29 15:46:34 +02:00
|
|
|
if (opt.expert)
|
2004-12-09 16:49:47 +01:00
|
|
|
tty_printf( _(" (%d) RSA (set your own capabilities)\n"), 7 );
|
1997-11-24 23:24:04 +01:00
|
|
|
|
|
|
|
for(;;) {
|
1998-11-27 12:42:49 +01:00
|
|
|
answer = cpr_get("keygen.algo",_("Your selection? "));
|
1998-08-08 21:27:00 +02:00
|
|
|
cpr_kill_prompt();
|
1997-11-24 23:24:04 +01:00
|
|
|
algo = *answer? atoi(answer): 1;
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree(answer);
|
1998-06-25 12:19:08 +02:00
|
|
|
if( algo == 1 && !addmode ) {
|
|
|
|
algo = 0; /* create both keys */
|
|
|
|
break;
|
|
|
|
}
|
2004-12-09 16:49:47 +01:00
|
|
|
else if( algo == 7 && opt.expert ) {
|
2002-12-11 18:50:38 +01:00
|
|
|
algo = PUBKEY_ALGO_RSA;
|
2005-08-27 05:09:40 +02:00
|
|
|
*r_usage=ask_key_flags(algo,addmode);
|
2002-12-11 18:50:38 +01:00
|
|
|
break;
|
2002-06-29 15:46:34 +02:00
|
|
|
}
|
2004-12-09 16:49:47 +01:00
|
|
|
else if( algo == 6 && addmode ) {
|
2002-06-29 15:46:34 +02:00
|
|
|
algo = PUBKEY_ALGO_RSA;
|
|
|
|
*r_usage = PUBKEY_USAGE_ENC;
|
|
|
|
break;
|
|
|
|
}
|
2004-12-09 16:49:47 +01:00
|
|
|
else if( algo == 5 ) {
|
2002-06-29 15:46:34 +02:00
|
|
|
algo = PUBKEY_ALGO_RSA;
|
|
|
|
*r_usage = PUBKEY_USAGE_SIG;
|
|
|
|
break;
|
2000-07-14 19:34:53 +02:00
|
|
|
}
|
2004-12-09 16:49:47 +01:00
|
|
|
else if( algo == 4 && addmode ) {
|
2002-06-29 15:46:34 +02:00
|
|
|
algo = PUBKEY_ALGO_ELGAMAL_E;
|
2003-07-22 01:19:15 +02:00
|
|
|
*r_usage = PUBKEY_USAGE_ENC;
|
1998-05-05 22:34:20 +02:00
|
|
|
break;
|
1997-12-23 18:30:18 +01:00
|
|
|
}
|
2004-12-09 16:49:47 +01:00
|
|
|
else if( algo == 3 && opt.expert ) {
|
|
|
|
algo = PUBKEY_ALGO_DSA;
|
2005-08-27 05:09:40 +02:00
|
|
|
*r_usage=ask_key_flags(algo,addmode);
|
2004-12-09 16:49:47 +01:00
|
|
|
break;
|
|
|
|
}
|
1998-12-10 20:20:47 +01:00
|
|
|
else if( algo == 2 ) {
|
2002-06-29 15:46:34 +02:00
|
|
|
algo = PUBKEY_ALGO_DSA;
|
2003-07-22 01:19:15 +02:00
|
|
|
*r_usage = PUBKEY_USAGE_SIG;
|
1998-06-25 12:19:08 +02:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
tty_printf(_("Invalid selection.\n"));
|
1997-11-24 23:24:04 +01:00
|
|
|
}
|
2004-10-10 16:33:37 +02:00
|
|
|
|
1998-05-26 15:38:00 +02:00
|
|
|
return algo;
|
|
|
|
}
|
1997-11-24 23:24:04 +01:00
|
|
|
|
|
|
|
|
1998-05-26 15:38:00 +02:00
|
|
|
static unsigned
|
|
|
|
ask_keysize( int algo )
|
|
|
|
{
|
2004-12-07 18:58:35 +01:00
|
|
|
unsigned nbits,min,def=2048,max=4096;
|
2002-06-29 15:46:34 +02:00
|
|
|
|
2004-12-07 18:58:35 +01:00
|
|
|
if(opt.expert)
|
|
|
|
min=512;
|
|
|
|
else
|
|
|
|
min=1024;
|
|
|
|
|
|
|
|
switch(algo)
|
|
|
|
{
|
|
|
|
case PUBKEY_ALGO_DSA:
|
|
|
|
if(opt.expert)
|
|
|
|
{
|
|
|
|
def=1024;
|
|
|
|
max=1024;
|
1999-04-07 20:58:34 +02:00
|
|
|
}
|
2004-12-07 18:58:35 +01:00
|
|
|
else
|
|
|
|
{
|
|
|
|
tty_printf(_("DSA keypair will have %u bits.\n"),1024);
|
|
|
|
return 1024;
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
2004-12-07 18:58:35 +01:00
|
|
|
break;
|
|
|
|
|
|
|
|
case PUBKEY_ALGO_RSA:
|
|
|
|
min=1024;
|
|
|
|
break;
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
2004-12-07 18:58:35 +01:00
|
|
|
|
|
|
|
tty_printf(_("%s keys may be between %u and %u bits long.\n"),
|
|
|
|
pubkey_algo_to_string(algo),min,max);
|
|
|
|
|
|
|
|
for(;;)
|
|
|
|
{
|
|
|
|
char *prompt,*answer;
|
|
|
|
|
|
|
|
#define PROMPTSTRING _("What keysize do you want? (%u) ")
|
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
prompt=xmalloc(strlen(PROMPTSTRING)+20);
|
2004-12-07 18:58:35 +01:00
|
|
|
sprintf(prompt,PROMPTSTRING,def);
|
|
|
|
|
|
|
|
#undef PROMPTSTRING
|
|
|
|
|
|
|
|
answer = cpr_get("keygen.size",prompt);
|
|
|
|
cpr_kill_prompt();
|
|
|
|
nbits = *answer? atoi(answer): def;
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree(prompt);
|
|
|
|
xfree(answer);
|
2004-12-07 18:58:35 +01:00
|
|
|
|
|
|
|
if(nbits<min || nbits>max)
|
|
|
|
tty_printf(_("%s keysizes must be in the range %u-%u\n"),
|
|
|
|
pubkey_algo_to_string(algo),min,max);
|
|
|
|
else
|
|
|
|
break;
|
1997-12-16 20:15:09 +01:00
|
|
|
}
|
2004-12-07 18:58:35 +01:00
|
|
|
|
|
|
|
tty_printf(_("Requested keysize is %u bits\n"), nbits );
|
|
|
|
|
|
|
|
if( algo == PUBKEY_ALGO_DSA && (nbits % 64) )
|
|
|
|
{
|
|
|
|
nbits = ((nbits + 63) / 64) * 64;
|
|
|
|
tty_printf(_("rounded up to %u bits\n"), nbits );
|
|
|
|
}
|
|
|
|
else if( (nbits % 32) )
|
|
|
|
{
|
|
|
|
nbits = ((nbits + 31) / 32) * 32;
|
|
|
|
tty_printf(_("rounded up to %u bits\n"), nbits );
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
2004-12-07 18:58:35 +01:00
|
|
|
|
|
|
|
return nbits;
|
1998-05-26 15:38:00 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2000-07-14 19:34:53 +02:00
|
|
|
/****************
|
2005-05-06 21:25:19 +02:00
|
|
|
* Parse an expire string and return its value in seconds.
|
|
|
|
* Returns (u32)-1 on error.
|
|
|
|
* This isn't perfect since scan_isodatestr returns unix time, and
|
|
|
|
* OpenPGP actually allows a 32-bit time *plus* a 32-bit offset.
|
|
|
|
* Because of this, we only permit setting expirations up to 2106, but
|
|
|
|
* OpenPGP could theoretically allow up to 2242. I think we'll all
|
|
|
|
* just cope for the next few years until we get a 64-bit time_t or
|
|
|
|
* similar.
|
2000-07-14 19:34:53 +02:00
|
|
|
*/
|
2005-05-06 21:25:19 +02:00
|
|
|
u32
|
2000-07-14 19:34:53 +02:00
|
|
|
parse_expire_string( const char *string )
|
|
|
|
{
|
|
|
|
int mult;
|
2005-05-06 21:25:19 +02:00
|
|
|
u32 seconds,abs_date=0,curtime = make_timestamp();
|
2000-07-14 19:34:53 +02:00
|
|
|
|
|
|
|
if( !*string )
|
2005-05-06 21:25:19 +02:00
|
|
|
seconds = 0;
|
2005-10-18 19:41:20 +02:00
|
|
|
else if ( !strncmp (string, "seconds=", 8) )
|
|
|
|
seconds = atoi (string+8);
|
2005-05-06 21:25:19 +02:00
|
|
|
else if( (abs_date = scan_isodatestr(string)) && abs_date > curtime )
|
|
|
|
seconds = abs_date - curtime;
|
|
|
|
else if( (mult=check_valid_days(string)) )
|
|
|
|
seconds = atoi(string) * 86400L * mult;
|
|
|
|
else
|
|
|
|
seconds=(u32)-1;
|
|
|
|
|
|
|
|
return seconds;
|
2000-07-14 19:34:53 +02:00
|
|
|
}
|
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
/* object == 0 for a key, and 1 for a sig */
|
|
|
|
u32
|
2005-05-05 21:21:40 +02:00
|
|
|
ask_expire_interval(int object,const char *def_expire)
|
1998-05-26 15:38:00 +02:00
|
|
|
{
|
2005-05-06 21:25:19 +02:00
|
|
|
u32 interval;
|
1998-05-26 15:38:00 +02:00
|
|
|
char *answer;
|
1997-11-24 23:24:04 +01:00
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
switch(object)
|
|
|
|
{
|
|
|
|
case 0:
|
2005-05-05 21:21:40 +02:00
|
|
|
if(def_expire)
|
|
|
|
BUG();
|
2002-06-29 15:46:34 +02:00
|
|
|
tty_printf(_("Please specify how long the key should be valid.\n"
|
|
|
|
" 0 = key does not expire\n"
|
|
|
|
" <n> = key expires in n days\n"
|
|
|
|
" <n>w = key expires in n weeks\n"
|
|
|
|
" <n>m = key expires in n months\n"
|
|
|
|
" <n>y = key expires in n years\n"));
|
|
|
|
break;
|
|
|
|
|
|
|
|
case 1:
|
2005-05-05 21:21:40 +02:00
|
|
|
if(!def_expire)
|
|
|
|
BUG();
|
2002-06-29 15:46:34 +02:00
|
|
|
tty_printf(_("Please specify how long the signature should be valid.\n"
|
|
|
|
" 0 = signature does not expire\n"
|
|
|
|
" <n> = signature expires in n days\n"
|
|
|
|
" <n>w = signature expires in n weeks\n"
|
|
|
|
" <n>m = signature expires in n months\n"
|
|
|
|
" <n>y = signature expires in n years\n"));
|
|
|
|
break;
|
|
|
|
|
|
|
|
default:
|
|
|
|
BUG();
|
|
|
|
}
|
|
|
|
|
1998-11-20 18:42:18 +01:00
|
|
|
/* Note: The elgamal subkey for DSA has no expiration date because
|
1998-10-18 17:21:22 +02:00
|
|
|
* it must be signed with the DSA key and this one has the expiration
|
1998-05-05 22:34:20 +02:00
|
|
|
* date */
|
|
|
|
|
1998-04-02 12:30:03 +02:00
|
|
|
answer = NULL;
|
2005-05-05 21:21:40 +02:00
|
|
|
for(;;)
|
|
|
|
{
|
2000-07-14 19:34:53 +02:00
|
|
|
u32 curtime=make_timestamp();
|
1998-04-02 12:30:03 +02:00
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree(answer);
|
2002-06-29 15:46:34 +02:00
|
|
|
if(object==0)
|
|
|
|
answer = cpr_get("keygen.valid",_("Key is valid for? (0) "));
|
|
|
|
else
|
2005-05-05 21:21:40 +02:00
|
|
|
{
|
|
|
|
char *prompt;
|
|
|
|
|
|
|
|
#define PROMPTSTRING _("Signature is valid for? (%s) ")
|
|
|
|
/* This will actually end up larger than necessary because
|
|
|
|
of the 2 bytes for '%s' */
|
2005-07-27 20:10:56 +02:00
|
|
|
prompt=xmalloc(strlen(PROMPTSTRING)+strlen(def_expire)+1);
|
2005-05-05 21:21:40 +02:00
|
|
|
sprintf(prompt,PROMPTSTRING,def_expire);
|
|
|
|
#undef PROMPTSTRING
|
|
|
|
|
|
|
|
answer = cpr_get("siggen.valid",prompt);
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree(prompt);
|
2005-05-05 21:21:40 +02:00
|
|
|
|
|
|
|
if(*answer=='\0')
|
2005-07-27 20:10:56 +02:00
|
|
|
answer=xstrdup(def_expire);
|
2005-05-05 21:21:40 +02:00
|
|
|
}
|
1998-08-08 21:27:00 +02:00
|
|
|
cpr_kill_prompt();
|
1998-04-02 12:30:03 +02:00
|
|
|
trim_spaces(answer);
|
2005-05-06 21:25:19 +02:00
|
|
|
interval = parse_expire_string( answer );
|
|
|
|
if( interval == (u32)-1 )
|
|
|
|
{
|
|
|
|
tty_printf(_("invalid value\n"));
|
|
|
|
continue;
|
|
|
|
}
|
1998-04-02 12:30:03 +02:00
|
|
|
|
2005-05-06 21:25:19 +02:00
|
|
|
if( !interval )
|
2004-12-21 16:49:56 +01:00
|
|
|
{
|
2004-12-20 19:14:57 +01:00
|
|
|
tty_printf((object==0)
|
2004-12-21 16:49:56 +01:00
|
|
|
? _("Key does not expire at all\n")
|
2004-12-20 19:14:57 +01:00
|
|
|
: _("Signature does not expire at all\n"));
|
2004-12-21 16:49:56 +01:00
|
|
|
}
|
2005-05-06 21:25:19 +02:00
|
|
|
else
|
|
|
|
{
|
|
|
|
tty_printf(object==0
|
|
|
|
? _("Key expires at %s\n")
|
|
|
|
: _("Signature expires at %s\n"),
|
|
|
|
asctimestamp((ulong)(curtime + interval) ) );
|
|
|
|
/* FIXME: This check yields warning on alhas: Write a
|
|
|
|
configure check and to this check here only for 32 bit
|
|
|
|
machines */
|
|
|
|
if( (time_t)((ulong)(curtime+interval)) < 0 )
|
|
|
|
tty_printf(_("Your system can't display dates beyond 2038.\n"
|
|
|
|
"However, it will be correctly handled up to 2106.\n"));
|
|
|
|
}
|
1998-04-02 12:30:03 +02:00
|
|
|
|
1999-09-01 15:40:07 +02:00
|
|
|
if( cpr_enabled() || cpr_get_answer_is_yes("keygen.valid.okay",
|
2005-05-05 21:21:40 +02:00
|
|
|
_("Is this correct? (y/N) ")) )
|
|
|
|
break;
|
|
|
|
}
|
2005-05-06 21:25:19 +02:00
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree(answer);
|
1998-11-20 18:42:18 +01:00
|
|
|
return interval;
|
1998-05-26 15:38:00 +02:00
|
|
|
}
|
1998-04-02 12:30:03 +02:00
|
|
|
|
1998-11-20 18:42:18 +01:00
|
|
|
u32
|
|
|
|
ask_expiredate()
|
|
|
|
{
|
2005-05-05 21:21:40 +02:00
|
|
|
u32 x = ask_expire_interval(0,NULL);
|
1998-11-20 18:42:18 +01:00
|
|
|
return x? make_timestamp() + x : 0;
|
|
|
|
}
|
1998-04-02 12:30:03 +02:00
|
|
|
|
1998-06-26 11:45:36 +02:00
|
|
|
|
1998-05-26 15:38:00 +02:00
|
|
|
static char *
|
1998-07-29 21:35:05 +02:00
|
|
|
ask_user_id( int mode )
|
1998-05-26 15:38:00 +02:00
|
|
|
{
|
|
|
|
char *answer;
|
|
|
|
char *aname, *acomment, *amail, *uid;
|
1998-04-02 12:30:03 +02:00
|
|
|
|
1998-07-29 21:35:05 +02:00
|
|
|
if( !mode )
|
|
|
|
tty_printf( _("\n"
|
2005-02-15 12:02:32 +01:00
|
|
|
"You need a user ID to identify your key; "
|
|
|
|
"the software constructs the user ID\n"
|
* main.h: Create S2K_DIGEST_ALGO macro so we do not need to always set
opt.s2k_digest_algo. This helps fix a problem with PGP 2.x encrypted
symmetric messages. Change all callers (encode.c, g10.c, keyedit.c,
keygen.c, passphrase.c, sign.c).
* armor.c, cardglue.c, getkey.c, import.c, keygen.c: Be consistent in some
more quoted strings. Always use 'user ID', not 'user id', "quotes" for
user IDs, etc.
2004-09-24 22:34:38 +02:00
|
|
|
"from the Real Name, Comment and Email Address in this form:\n"
|
1998-04-02 12:30:03 +02:00
|
|
|
" \"Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>\"\n\n") );
|
1998-05-26 15:38:00 +02:00
|
|
|
uid = aname = acomment = amail = NULL;
|
1997-11-18 15:06:00 +01:00
|
|
|
for(;;) {
|
1998-01-07 21:47:46 +01:00
|
|
|
char *p;
|
2000-07-14 19:34:53 +02:00
|
|
|
int fail=0;
|
1998-01-07 21:47:46 +01:00
|
|
|
|
|
|
|
if( !aname ) {
|
|
|
|
for(;;) {
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree(aname);
|
1998-11-27 12:42:49 +01:00
|
|
|
aname = cpr_get("keygen.name",_("Real name: "));
|
1998-01-07 21:47:46 +01:00
|
|
|
trim_spaces(aname);
|
1998-08-08 21:27:00 +02:00
|
|
|
cpr_kill_prompt();
|
2000-09-18 16:35:34 +02:00
|
|
|
|
|
|
|
if( opt.allow_freeform_uid )
|
|
|
|
break;
|
|
|
|
|
|
|
|
if( strpbrk( aname, "<>" ) )
|
1998-01-28 17:09:43 +01:00
|
|
|
tty_printf(_("Invalid character in name\n"));
|
* parse-packet.c (parse_signature): No need to reserve 8 bytes for the
unhashed signature cache any longer.
* misc.c (pct_expando): Add two new expandos - signer's fingerprint (%g),
and signer's primary fingerprint (%p).
* Makefile.am: Include W32LIBS where appropriate.
* g10.c (main): Add --rfc2440 alias for --openpgp since in a few months,
they won't be the same thing.
* keyserver.c (parse_keyserver_uri): Accept "http" as an alias for "hkp",
since it is occasionally written that way. (keyserver_spawn): Use
ascii_isspace to avoid locale issues.
* keygen.c (ask_user_id): Make --allow-freeform-uid apply to the email
field as well as the name field, and allow mixing fields when it is set.
* options.skel: Use subkeys.pgp.net as the default keyserver.
* trustdb.c (validate_one_keyblock): Certifications on revoked or expired
uids do not count in the web of trust.
* signal.c (init_one_signal, pause_on_sigusr, do_block): Only use
sigprocmask() if we have sigset_t, and only use sigaction() if we have
struct sigaction. This is for Forte c89 on Solaris which seems to define
only the function call half of the two pairs by default.
(pause_on_sigusr): Typo. (do_block): If we can't use sigprocmask() and
sigset_t, try to get the number of signals from NSIG as well as MAXSIG,
and if we can't, fail with an explanation.
* signal.c, tdbio.c: Comment out the transaction code. It was not used in
this version, and was causing some build problems on quasi-posix platforms
(Solaris and Forte c89).
* keylist.c (list_keyblock_colon): Don't include validity values when
listing secret keys since they can be incorrect and/or misleading. This
is a temporary kludge, and will be handled properly in 1.9/2.0.
* mainproc.c (check_sig_and_print): Only show the "key available from"
preferred keyserver line if the key is not currently present.
* keyedit.c (sign_uids): Do not sign expired uids without --expert (same
behavior as revoked uids). Do not allow signing a user ID without a
self-signature. --expert overrides. Add additional prompt to the
signature level question. (menu_expire): When changing expiration dates,
don't replace selfsigs on revoked uids since this would effectively
unrevoke them. There is also no point in replacing expired selfsigs.
This is bug #181
* g10.c (add_notation_data): Make sure that only ascii is passed to
iscntrl. Noted by Christian Biere.
* getkey.c (classify_user_id2): Replaced isspace by spacep
* keygen.c (ask_user_id): Ditto. (get_parameter_algo): Ditto.
* keyedit.c (keyedit_menu): Ditto.
* tdbdump.c (import_ownertrust): Ditto. s/isxdigit/hexdigitp/.
* revoke.c (ask_revocation_reason):
* keyserver.c (keyserver_spawn): Dito.
2003-07-10 16:30:07 +02:00
|
|
|
else if( digitp(aname) )
|
1998-01-28 17:09:43 +01:00
|
|
|
tty_printf(_("Name may not start with a digit\n"));
|
1998-01-07 21:47:46 +01:00
|
|
|
else if( strlen(aname) < 5 )
|
1998-01-28 17:09:43 +01:00
|
|
|
tty_printf(_("Name must be at least 5 characters long\n"));
|
1998-01-07 21:47:46 +01:00
|
|
|
else
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if( !amail ) {
|
|
|
|
for(;;) {
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree(amail);
|
1998-11-27 12:42:49 +01:00
|
|
|
amail = cpr_get("keygen.email",_("Email address: "));
|
1998-01-07 21:47:46 +01:00
|
|
|
trim_spaces(amail);
|
1998-08-08 21:27:00 +02:00
|
|
|
cpr_kill_prompt();
|
* parse-packet.c (parse_signature): No need to reserve 8 bytes for the
unhashed signature cache any longer.
* misc.c (pct_expando): Add two new expandos - signer's fingerprint (%g),
and signer's primary fingerprint (%p).
* Makefile.am: Include W32LIBS where appropriate.
* g10.c (main): Add --rfc2440 alias for --openpgp since in a few months,
they won't be the same thing.
* keyserver.c (parse_keyserver_uri): Accept "http" as an alias for "hkp",
since it is occasionally written that way. (keyserver_spawn): Use
ascii_isspace to avoid locale issues.
* keygen.c (ask_user_id): Make --allow-freeform-uid apply to the email
field as well as the name field, and allow mixing fields when it is set.
* options.skel: Use subkeys.pgp.net as the default keyserver.
* trustdb.c (validate_one_keyblock): Certifications on revoked or expired
uids do not count in the web of trust.
* signal.c (init_one_signal, pause_on_sigusr, do_block): Only use
sigprocmask() if we have sigset_t, and only use sigaction() if we have
struct sigaction. This is for Forte c89 on Solaris which seems to define
only the function call half of the two pairs by default.
(pause_on_sigusr): Typo. (do_block): If we can't use sigprocmask() and
sigset_t, try to get the number of signals from NSIG as well as MAXSIG,
and if we can't, fail with an explanation.
* signal.c, tdbio.c: Comment out the transaction code. It was not used in
this version, and was causing some build problems on quasi-posix platforms
(Solaris and Forte c89).
* keylist.c (list_keyblock_colon): Don't include validity values when
listing secret keys since they can be incorrect and/or misleading. This
is a temporary kludge, and will be handled properly in 1.9/2.0.
* mainproc.c (check_sig_and_print): Only show the "key available from"
preferred keyserver line if the key is not currently present.
* keyedit.c (sign_uids): Do not sign expired uids without --expert (same
behavior as revoked uids). Do not allow signing a user ID without a
self-signature. --expert overrides. Add additional prompt to the
signature level question. (menu_expire): When changing expiration dates,
don't replace selfsigs on revoked uids since this would effectively
unrevoke them. There is also no point in replacing expired selfsigs.
This is bug #181
* g10.c (add_notation_data): Make sure that only ascii is passed to
iscntrl. Noted by Christian Biere.
* getkey.c (classify_user_id2): Replaced isspace by spacep
* keygen.c (ask_user_id): Ditto. (get_parameter_algo): Ditto.
* keyedit.c (keyedit_menu): Ditto.
* tdbdump.c (import_ownertrust): Ditto. s/isxdigit/hexdigitp/.
* revoke.c (ask_revocation_reason):
* keyserver.c (keyserver_spawn): Dito.
2003-07-10 16:30:07 +02:00
|
|
|
if( !*amail || opt.allow_freeform_uid )
|
1998-01-07 21:47:46 +01:00
|
|
|
break; /* no email address is okay */
|
2005-08-05 16:46:59 +02:00
|
|
|
else if ( !is_valid_mailbox (amail) )
|
|
|
|
tty_printf(_("Not a valid email address\n"));
|
1998-01-07 21:47:46 +01:00
|
|
|
else
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if( !acomment ) {
|
|
|
|
for(;;) {
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree(acomment);
|
1998-11-27 12:42:49 +01:00
|
|
|
acomment = cpr_get("keygen.comment",_("Comment: "));
|
1998-01-07 21:47:46 +01:00
|
|
|
trim_spaces(acomment);
|
1998-08-08 21:27:00 +02:00
|
|
|
cpr_kill_prompt();
|
1998-01-07 21:47:46 +01:00
|
|
|
if( !*acomment )
|
|
|
|
break; /* no comment is okay */
|
|
|
|
else if( strpbrk( acomment, "()" ) )
|
1998-01-28 17:09:43 +01:00
|
|
|
tty_printf(_("Invalid character in comment\n"));
|
1998-01-07 21:47:46 +01:00
|
|
|
else
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2000-07-14 19:34:53 +02:00
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree(uid);
|
|
|
|
uid = p = xmalloc(strlen(aname)+strlen(amail)+strlen(acomment)+12+10);
|
1998-01-07 21:47:46 +01:00
|
|
|
p = stpcpy(p, aname );
|
|
|
|
if( *acomment )
|
|
|
|
p = stpcpy(stpcpy(stpcpy(p," ("), acomment),")");
|
|
|
|
if( *amail )
|
|
|
|
p = stpcpy(stpcpy(stpcpy(p," <"), amail),">");
|
1998-01-16 22:15:24 +01:00
|
|
|
|
|
|
|
/* append a warning if we do not have dev/random
|
|
|
|
* or it is switched into quick testmode */
|
|
|
|
if( quick_random_gen(-1) )
|
|
|
|
strcpy(p, " (INSECURE!)" );
|
|
|
|
|
1999-03-02 16:48:37 +01:00
|
|
|
/* print a note in case that UTF8 mapping has to be done */
|
|
|
|
for(p=uid; *p; p++ ) {
|
|
|
|
if( *p & 0x80 ) {
|
|
|
|
tty_printf(_("You are using the `%s' character set.\n"),
|
|
|
|
get_native_charset() );
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
1998-01-07 21:47:46 +01:00
|
|
|
|
1998-01-28 17:09:43 +01:00
|
|
|
tty_printf(_("You selected this USER-ID:\n \"%s\"\n\n"), uid);
|
1998-04-14 19:51:16 +02:00
|
|
|
/* fixme: add a warning if this user-id already exists */
|
* parse-packet.c (parse_signature): No need to reserve 8 bytes for the
unhashed signature cache any longer.
* misc.c (pct_expando): Add two new expandos - signer's fingerprint (%g),
and signer's primary fingerprint (%p).
* Makefile.am: Include W32LIBS where appropriate.
* g10.c (main): Add --rfc2440 alias for --openpgp since in a few months,
they won't be the same thing.
* keyserver.c (parse_keyserver_uri): Accept "http" as an alias for "hkp",
since it is occasionally written that way. (keyserver_spawn): Use
ascii_isspace to avoid locale issues.
* keygen.c (ask_user_id): Make --allow-freeform-uid apply to the email
field as well as the name field, and allow mixing fields when it is set.
* options.skel: Use subkeys.pgp.net as the default keyserver.
* trustdb.c (validate_one_keyblock): Certifications on revoked or expired
uids do not count in the web of trust.
* signal.c (init_one_signal, pause_on_sigusr, do_block): Only use
sigprocmask() if we have sigset_t, and only use sigaction() if we have
struct sigaction. This is for Forte c89 on Solaris which seems to define
only the function call half of the two pairs by default.
(pause_on_sigusr): Typo. (do_block): If we can't use sigprocmask() and
sigset_t, try to get the number of signals from NSIG as well as MAXSIG,
and if we can't, fail with an explanation.
* signal.c, tdbio.c: Comment out the transaction code. It was not used in
this version, and was causing some build problems on quasi-posix platforms
(Solaris and Forte c89).
* keylist.c (list_keyblock_colon): Don't include validity values when
listing secret keys since they can be incorrect and/or misleading. This
is a temporary kludge, and will be handled properly in 1.9/2.0.
* mainproc.c (check_sig_and_print): Only show the "key available from"
preferred keyserver line if the key is not currently present.
* keyedit.c (sign_uids): Do not sign expired uids without --expert (same
behavior as revoked uids). Do not allow signing a user ID without a
self-signature. --expert overrides. Add additional prompt to the
signature level question. (menu_expire): When changing expiration dates,
don't replace selfsigs on revoked uids since this would effectively
unrevoke them. There is also no point in replacing expired selfsigs.
This is bug #181
* g10.c (add_notation_data): Make sure that only ascii is passed to
iscntrl. Noted by Christian Biere.
* getkey.c (classify_user_id2): Replaced isspace by spacep
* keygen.c (ask_user_id): Ditto. (get_parameter_algo): Ditto.
* keyedit.c (keyedit_menu): Ditto.
* tdbdump.c (import_ownertrust): Ditto. s/isxdigit/hexdigitp/.
* revoke.c (ask_revocation_reason):
* keyserver.c (keyserver_spawn): Dito.
2003-07-10 16:30:07 +02:00
|
|
|
if( !*amail && !opt.allow_freeform_uid
|
|
|
|
&& (strchr( aname, '@' ) || strchr( acomment, '@'))) {
|
2000-07-14 19:34:53 +02:00
|
|
|
fail = 1;
|
|
|
|
tty_printf(_("Please don't put the email address "
|
|
|
|
"into the real name or the comment\n") );
|
|
|
|
}
|
|
|
|
|
1998-01-07 21:47:46 +01:00
|
|
|
for(;;) {
|
2005-02-15 12:02:32 +01:00
|
|
|
/* TRANSLATORS: These are the allowed answers in
|
2004-10-15 11:39:25 +02:00
|
|
|
lower and uppercase. Below you will find the matching
|
|
|
|
string which should be translated accordingly and the
|
|
|
|
letter changed to match the one in the answer string.
|
|
|
|
|
|
|
|
n = Change name
|
|
|
|
c = Change comment
|
|
|
|
e = Change email
|
|
|
|
o = Okay (ready, continue)
|
|
|
|
q = Quit
|
|
|
|
*/
|
2002-06-29 15:46:34 +02:00
|
|
|
const char *ansstr = _("NnCcEeOoQq");
|
1998-08-05 18:51:59 +02:00
|
|
|
|
1998-08-11 19:29:34 +02:00
|
|
|
if( strlen(ansstr) != 10 )
|
|
|
|
BUG();
|
1998-08-05 18:51:59 +02:00
|
|
|
if( cpr_enabled() ) {
|
2005-07-27 20:10:56 +02:00
|
|
|
answer = xstrdup(ansstr+6);
|
1998-08-05 18:51:59 +02:00
|
|
|
answer[1] = 0;
|
|
|
|
}
|
|
|
|
else {
|
2000-07-14 19:34:53 +02:00
|
|
|
answer = cpr_get("keygen.userid.cmd", fail?
|
|
|
|
_("Change (N)ame, (C)omment, (E)mail or (Q)uit? ") :
|
|
|
|
_("Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? "));
|
1998-08-08 21:27:00 +02:00
|
|
|
cpr_kill_prompt();
|
1998-08-05 18:51:59 +02:00
|
|
|
}
|
1998-01-07 21:47:46 +01:00
|
|
|
if( strlen(answer) > 1 )
|
|
|
|
;
|
1998-07-29 21:35:05 +02:00
|
|
|
else if( *answer == ansstr[0] || *answer == ansstr[1] ) {
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree(aname); aname = NULL;
|
1998-01-07 21:47:46 +01:00
|
|
|
break;
|
|
|
|
}
|
1998-07-29 21:35:05 +02:00
|
|
|
else if( *answer == ansstr[2] || *answer == ansstr[3] ) {
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree(acomment); acomment = NULL;
|
1998-01-07 21:47:46 +01:00
|
|
|
break;
|
|
|
|
}
|
1998-07-29 21:35:05 +02:00
|
|
|
else if( *answer == ansstr[4] || *answer == ansstr[5] ) {
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree(amail); amail = NULL;
|
1998-01-07 21:47:46 +01:00
|
|
|
break;
|
|
|
|
}
|
1998-07-29 21:35:05 +02:00
|
|
|
else if( *answer == ansstr[6] || *answer == ansstr[7] ) {
|
2000-07-14 19:34:53 +02:00
|
|
|
if( fail ) {
|
|
|
|
tty_printf(_("Please correct the error first\n"));
|
|
|
|
}
|
|
|
|
else {
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree(aname); aname = NULL;
|
|
|
|
xfree(acomment); acomment = NULL;
|
|
|
|
xfree(amail); amail = NULL;
|
2000-07-14 19:34:53 +02:00
|
|
|
break;
|
|
|
|
}
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
1998-07-29 21:35:05 +02:00
|
|
|
else if( *answer == ansstr[8] || *answer == ansstr[9] ) {
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree(aname); aname = NULL;
|
|
|
|
xfree(acomment); acomment = NULL;
|
|
|
|
xfree(amail); amail = NULL;
|
|
|
|
xfree(uid); uid = NULL;
|
1998-07-29 21:35:05 +02:00
|
|
|
break;
|
|
|
|
}
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree(answer);
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree(answer);
|
1998-01-07 21:47:46 +01:00
|
|
|
if( !amail && !acomment && !amail )
|
|
|
|
break;
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree(uid); uid = NULL;
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
1998-11-03 20:38:58 +01:00
|
|
|
if( uid ) {
|
|
|
|
char *p = native_to_utf8( uid );
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree( uid );
|
1998-11-03 20:38:58 +01:00
|
|
|
uid = p;
|
|
|
|
}
|
1998-05-26 15:38:00 +02:00
|
|
|
return uid;
|
|
|
|
}
|
|
|
|
|
1997-12-09 13:46:23 +01:00
|
|
|
|
2004-09-23 21:34:45 +02:00
|
|
|
/* FIXME: We need a way to cancel this prompt. */
|
1998-05-26 15:38:00 +02:00
|
|
|
static DEK *
|
2003-09-30 10:00:08 +02:00
|
|
|
do_ask_passphrase( STRING2KEY **ret_s2k )
|
1998-05-26 15:38:00 +02:00
|
|
|
{
|
|
|
|
DEK *dek = NULL;
|
|
|
|
STRING2KEY *s2k;
|
2002-06-29 15:46:34 +02:00
|
|
|
const char *errtext = NULL;
|
1997-12-09 13:46:23 +01:00
|
|
|
|
1998-01-28 17:09:43 +01:00
|
|
|
tty_printf(_("You need a Passphrase to protect your secret key.\n\n") );
|
1997-12-09 13:46:23 +01:00
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
s2k = xmalloc_secure( sizeof *s2k );
|
1997-12-20 18:23:29 +01:00
|
|
|
for(;;) {
|
1998-09-28 21:25:31 +02:00
|
|
|
s2k->mode = opt.s2k_mode;
|
* main.h: Create S2K_DIGEST_ALGO macro so we do not need to always set
opt.s2k_digest_algo. This helps fix a problem with PGP 2.x encrypted
symmetric messages. Change all callers (encode.c, g10.c, keyedit.c,
keygen.c, passphrase.c, sign.c).
* armor.c, cardglue.c, getkey.c, import.c, keygen.c: Be consistent in some
more quoted strings. Always use 'user ID', not 'user id', "quotes" for
user IDs, etc.
2004-09-24 22:34:38 +02:00
|
|
|
s2k->hash_algo = S2K_DIGEST_ALGO;
|
2003-04-10 11:56:47 +02:00
|
|
|
dek = passphrase_to_dek( NULL, 0, opt.s2k_cipher_algo, s2k,2,
|
|
|
|
errtext, NULL);
|
1998-05-04 20:49:26 +02:00
|
|
|
if( !dek ) {
|
2003-04-10 11:56:47 +02:00
|
|
|
errtext = N_("passphrase not correctly repeated; try again");
|
|
|
|
tty_printf(_("%s.\n"), _(errtext));
|
1998-05-04 20:49:26 +02:00
|
|
|
}
|
|
|
|
else if( !dek->keylen ) {
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree(dek); dek = NULL;
|
|
|
|
xfree(s2k); s2k = NULL;
|
1998-01-28 17:09:43 +01:00
|
|
|
tty_printf(_(
|
1998-04-14 19:51:16 +02:00
|
|
|
"You don't want a passphrase - this is probably a *bad* idea!\n"
|
|
|
|
"I will do it anyway. You can change your passphrase at any time,\n"
|
1998-07-29 21:35:05 +02:00
|
|
|
"using this program with the option \"--edit-key\".\n\n"));
|
1997-12-20 18:23:29 +01:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
break; /* okay */
|
1997-12-09 13:46:23 +01:00
|
|
|
}
|
1998-05-26 15:38:00 +02:00
|
|
|
*ret_s2k = s2k;
|
|
|
|
return dek;
|
|
|
|
}
|
1997-12-09 13:46:23 +01:00
|
|
|
|
|
|
|
|
1998-05-26 15:38:00 +02:00
|
|
|
static int
|
2002-06-29 15:46:34 +02:00
|
|
|
do_create( int algo, unsigned int nbits, KBNODE pub_root, KBNODE sec_root,
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
DEK *dek, STRING2KEY *s2k, PKT_secret_key **sk, u32 expiredate,
|
|
|
|
int is_subkey )
|
1998-05-26 15:38:00 +02:00
|
|
|
{
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
int rc=0;
|
1997-11-18 15:06:00 +01:00
|
|
|
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
if( !opt.batch )
|
|
|
|
tty_printf(_(
|
1997-12-20 18:23:29 +01:00
|
|
|
"We need to generate a lot of random bytes. It is a good idea to perform\n"
|
1999-03-14 19:35:18 +01:00
|
|
|
"some other action (type on the keyboard, move the mouse, utilize the\n"
|
1999-04-07 20:58:34 +02:00
|
|
|
"disks) during the prime generation; this gives the random number\n"
|
|
|
|
"generator a better chance to gain enough entropy.\n") );
|
1997-12-20 18:23:29 +01:00
|
|
|
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
if( algo == PUBKEY_ALGO_ELGAMAL_E )
|
|
|
|
rc = gen_elg(algo, nbits, pub_root, sec_root, dek, s2k, sk, expiredate,
|
|
|
|
is_subkey);
|
|
|
|
else if( algo == PUBKEY_ALGO_DSA )
|
|
|
|
rc = gen_dsa(nbits, pub_root, sec_root, dek, s2k, sk, expiredate,
|
|
|
|
is_subkey);
|
|
|
|
else if( algo == PUBKEY_ALGO_RSA )
|
|
|
|
rc = gen_rsa(algo, nbits, pub_root, sec_root, dek, s2k, sk, expiredate,
|
|
|
|
is_subkey);
|
|
|
|
else
|
|
|
|
BUG();
|
1998-10-16 18:00:17 +02:00
|
|
|
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
return rc;
|
1998-05-26 15:38:00 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
1998-07-29 21:35:05 +02:00
|
|
|
/****************
|
1999-06-16 20:25:37 +02:00
|
|
|
* Generate a new user id packet, or return NULL if canceled
|
1998-07-29 21:35:05 +02:00
|
|
|
*/
|
|
|
|
PKT_user_id *
|
|
|
|
generate_user_id()
|
|
|
|
{
|
|
|
|
PKT_user_id *uid;
|
|
|
|
char *p;
|
|
|
|
size_t n;
|
|
|
|
|
|
|
|
p = ask_user_id( 1 );
|
|
|
|
if( !p )
|
|
|
|
return NULL;
|
|
|
|
n = strlen(p);
|
2005-07-27 20:10:56 +02:00
|
|
|
uid = xmalloc_clear( sizeof *uid + n - 1 );
|
1998-07-29 21:35:05 +02:00
|
|
|
uid->len = n;
|
|
|
|
strcpy(uid->name, p);
|
2002-06-29 15:46:34 +02:00
|
|
|
uid->ref = 1;
|
1998-07-29 21:35:05 +02:00
|
|
|
return uid;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2000-07-14 19:34:53 +02:00
|
|
|
static void
|
|
|
|
release_parameter_list( struct para_data_s *r )
|
|
|
|
{
|
|
|
|
struct para_data_s *r2;
|
|
|
|
|
|
|
|
for( ; r ; r = r2 ) {
|
|
|
|
r2 = r->next;
|
|
|
|
if( r->key == pPASSPHRASE_DEK )
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree( r->u.dek );
|
2000-07-14 19:34:53 +02:00
|
|
|
else if( r->key == pPASSPHRASE_S2K )
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree( r->u.s2k );
|
2000-07-14 19:34:53 +02:00
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree(r);
|
2000-07-14 19:34:53 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static struct para_data_s *
|
|
|
|
get_parameter( struct para_data_s *para, enum para_name key )
|
|
|
|
{
|
|
|
|
struct para_data_s *r;
|
|
|
|
|
|
|
|
for( r = para; r && r->key != key; r = r->next )
|
|
|
|
;
|
|
|
|
return r;
|
|
|
|
}
|
|
|
|
|
|
|
|
static const char *
|
|
|
|
get_parameter_value( struct para_data_s *para, enum para_name key )
|
|
|
|
{
|
|
|
|
struct para_data_s *r = get_parameter( para, key );
|
|
|
|
return (r && *r->u.value)? r->u.value : NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
get_parameter_algo( struct para_data_s *para, enum para_name key )
|
|
|
|
{
|
2002-06-29 15:46:34 +02:00
|
|
|
int i;
|
2000-07-14 19:34:53 +02:00
|
|
|
struct para_data_s *r = get_parameter( para, key );
|
|
|
|
if( !r )
|
|
|
|
return -1;
|
* parse-packet.c (parse_signature): No need to reserve 8 bytes for the
unhashed signature cache any longer.
* misc.c (pct_expando): Add two new expandos - signer's fingerprint (%g),
and signer's primary fingerprint (%p).
* Makefile.am: Include W32LIBS where appropriate.
* g10.c (main): Add --rfc2440 alias for --openpgp since in a few months,
they won't be the same thing.
* keyserver.c (parse_keyserver_uri): Accept "http" as an alias for "hkp",
since it is occasionally written that way. (keyserver_spawn): Use
ascii_isspace to avoid locale issues.
* keygen.c (ask_user_id): Make --allow-freeform-uid apply to the email
field as well as the name field, and allow mixing fields when it is set.
* options.skel: Use subkeys.pgp.net as the default keyserver.
* trustdb.c (validate_one_keyblock): Certifications on revoked or expired
uids do not count in the web of trust.
* signal.c (init_one_signal, pause_on_sigusr, do_block): Only use
sigprocmask() if we have sigset_t, and only use sigaction() if we have
struct sigaction. This is for Forte c89 on Solaris which seems to define
only the function call half of the two pairs by default.
(pause_on_sigusr): Typo. (do_block): If we can't use sigprocmask() and
sigset_t, try to get the number of signals from NSIG as well as MAXSIG,
and if we can't, fail with an explanation.
* signal.c, tdbio.c: Comment out the transaction code. It was not used in
this version, and was causing some build problems on quasi-posix platforms
(Solaris and Forte c89).
* keylist.c (list_keyblock_colon): Don't include validity values when
listing secret keys since they can be incorrect and/or misleading. This
is a temporary kludge, and will be handled properly in 1.9/2.0.
* mainproc.c (check_sig_and_print): Only show the "key available from"
preferred keyserver line if the key is not currently present.
* keyedit.c (sign_uids): Do not sign expired uids without --expert (same
behavior as revoked uids). Do not allow signing a user ID without a
self-signature. --expert overrides. Add additional prompt to the
signature level question. (menu_expire): When changing expiration dates,
don't replace selfsigs on revoked uids since this would effectively
unrevoke them. There is also no point in replacing expired selfsigs.
This is bug #181
* g10.c (add_notation_data): Make sure that only ascii is passed to
iscntrl. Noted by Christian Biere.
* getkey.c (classify_user_id2): Replaced isspace by spacep
* keygen.c (ask_user_id): Ditto. (get_parameter_algo): Ditto.
* keyedit.c (keyedit_menu): Ditto.
* tdbdump.c (import_ownertrust): Ditto. s/isxdigit/hexdigitp/.
* revoke.c (ask_revocation_reason):
* keyserver.c (keyserver_spawn): Dito.
2003-07-10 16:30:07 +02:00
|
|
|
if( digitp( r->u.value ) )
|
2002-06-29 15:46:34 +02:00
|
|
|
i = atoi( r->u.value );
|
|
|
|
else
|
|
|
|
i = string_to_pubkey_algo( r->u.value );
|
|
|
|
if (i == PUBKEY_ALGO_RSA_E || i == PUBKEY_ALGO_RSA_S)
|
|
|
|
i = 0; /* we don't want to allow generation of these algorithms */
|
|
|
|
return i;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* parse the usage parameter and set the keyflags. Return true on error.
|
|
|
|
*/
|
|
|
|
static int
|
|
|
|
parse_parameter_usage (const char *fname,
|
|
|
|
struct para_data_s *para, enum para_name key)
|
|
|
|
{
|
|
|
|
struct para_data_s *r = get_parameter( para, key );
|
|
|
|
char *p, *pn;
|
|
|
|
unsigned int use;
|
|
|
|
|
|
|
|
if( !r )
|
|
|
|
return 0; /* none (this is an optional parameter)*/
|
|
|
|
|
|
|
|
use = 0;
|
|
|
|
pn = r->u.value;
|
|
|
|
while ( (p = strsep (&pn, " \t,")) ) {
|
|
|
|
if ( !*p)
|
|
|
|
;
|
|
|
|
else if ( !ascii_strcasecmp (p, "sign") )
|
|
|
|
use |= PUBKEY_USAGE_SIG;
|
|
|
|
else if ( !ascii_strcasecmp (p, "encrypt") )
|
|
|
|
use |= PUBKEY_USAGE_ENC;
|
2003-09-30 10:00:08 +02:00
|
|
|
else if ( !ascii_strcasecmp (p, "auth") )
|
|
|
|
use |= PUBKEY_USAGE_AUTH;
|
2002-06-29 15:46:34 +02:00
|
|
|
else {
|
|
|
|
log_error("%s:%d: invalid usage list\n", fname, r->lnr );
|
|
|
|
return -1; /* error */
|
|
|
|
}
|
|
|
|
}
|
|
|
|
r->u.usage = use;
|
2005-10-26 18:09:23 +02:00
|
|
|
return 1;
|
2002-06-29 15:46:34 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
parse_revocation_key (const char *fname,
|
|
|
|
struct para_data_s *para, enum para_name key)
|
|
|
|
{
|
|
|
|
struct para_data_s *r = get_parameter( para, key );
|
|
|
|
struct revocation_key revkey;
|
|
|
|
char *pn;
|
|
|
|
int i;
|
|
|
|
|
|
|
|
if( !r )
|
|
|
|
return 0; /* none (this is an optional parameter) */
|
|
|
|
|
|
|
|
pn = r->u.value;
|
|
|
|
|
|
|
|
revkey.class=0x80;
|
|
|
|
revkey.algid=atoi(pn);
|
|
|
|
if(!revkey.algid)
|
|
|
|
goto fail;
|
|
|
|
|
|
|
|
/* Skip to the fpr */
|
|
|
|
while(*pn && *pn!=':')
|
|
|
|
pn++;
|
|
|
|
|
|
|
|
if(*pn!=':')
|
|
|
|
goto fail;
|
|
|
|
|
|
|
|
pn++;
|
|
|
|
|
|
|
|
for(i=0;i<MAX_FINGERPRINT_LEN && *pn;i++,pn+=2)
|
|
|
|
{
|
|
|
|
int c=hextobyte(pn);
|
|
|
|
if(c==-1)
|
|
|
|
goto fail;
|
|
|
|
|
|
|
|
revkey.fpr[i]=c;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* skip to the tag */
|
|
|
|
while(*pn && *pn!='s' && *pn!='S')
|
|
|
|
pn++;
|
|
|
|
|
|
|
|
if(ascii_strcasecmp(pn,"sensitive")==0)
|
|
|
|
revkey.class|=0x40;
|
|
|
|
|
|
|
|
memcpy(&r->u.revkey,&revkey,sizeof(struct revocation_key));
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
fail:
|
|
|
|
log_error("%s:%d: invalid revocation key\n", fname, r->lnr );
|
|
|
|
return -1; /* error */
|
2000-07-14 19:34:53 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static u32
|
|
|
|
get_parameter_u32( struct para_data_s *para, enum para_name key )
|
|
|
|
{
|
|
|
|
struct para_data_s *r = get_parameter( para, key );
|
|
|
|
|
|
|
|
if( !r )
|
|
|
|
return 0;
|
|
|
|
if( r->key == pKEYEXPIRE || r->key == pSUBKEYEXPIRE )
|
|
|
|
return r->u.expire;
|
2002-06-29 15:46:34 +02:00
|
|
|
if( r->key == pKEYUSAGE || r->key == pSUBKEYUSAGE )
|
|
|
|
return r->u.usage;
|
2000-07-14 19:34:53 +02:00
|
|
|
|
|
|
|
return (unsigned int)strtoul( r->u.value, NULL, 10 );
|
|
|
|
}
|
|
|
|
|
|
|
|
static unsigned int
|
|
|
|
get_parameter_uint( struct para_data_s *para, enum para_name key )
|
|
|
|
{
|
|
|
|
return get_parameter_u32( para, key );
|
|
|
|
}
|
|
|
|
|
|
|
|
static DEK *
|
|
|
|
get_parameter_dek( struct para_data_s *para, enum para_name key )
|
|
|
|
{
|
|
|
|
struct para_data_s *r = get_parameter( para, key );
|
|
|
|
return r? r->u.dek : NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
static STRING2KEY *
|
|
|
|
get_parameter_s2k( struct para_data_s *para, enum para_name key )
|
|
|
|
{
|
|
|
|
struct para_data_s *r = get_parameter( para, key );
|
|
|
|
return r? r->u.s2k : NULL;
|
|
|
|
}
|
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
static struct revocation_key *
|
|
|
|
get_parameter_revkey( struct para_data_s *para, enum para_name key )
|
|
|
|
{
|
|
|
|
struct para_data_s *r = get_parameter( para, key );
|
|
|
|
return r? &r->u.revkey : NULL;
|
|
|
|
}
|
2000-07-14 19:34:53 +02:00
|
|
|
|
|
|
|
static int
|
|
|
|
proc_parameter_file( struct para_data_s *para, const char *fname,
|
2003-10-08 17:21:20 +02:00
|
|
|
struct output_control_s *outctrl, int card )
|
2000-07-14 19:34:53 +02:00
|
|
|
{
|
2005-08-05 05:30:13 +02:00
|
|
|
struct para_data_s *r;
|
|
|
|
const char *s1, *s2, *s3;
|
|
|
|
size_t n;
|
|
|
|
char *p;
|
2005-10-26 18:09:23 +02:00
|
|
|
int have_user_id=0,err,algo;
|
2000-07-14 19:34:53 +02:00
|
|
|
|
2005-08-05 05:30:13 +02:00
|
|
|
/* Check that we have all required parameters. */
|
|
|
|
r = get_parameter( para, pKEYTYPE );
|
|
|
|
if(r)
|
|
|
|
{
|
2005-10-26 18:09:23 +02:00
|
|
|
algo=get_parameter_algo(para,pKEYTYPE);
|
|
|
|
if(check_pubkey_algo2(algo,PUBKEY_USAGE_SIG))
|
2005-08-05 05:30:13 +02:00
|
|
|
{
|
|
|
|
log_error("%s:%d: invalid algorithm\n", fname, r->lnr );
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
log_error("%s: no Key-Type specified\n",fname);
|
|
|
|
return -1;
|
2000-07-14 19:34:53 +02:00
|
|
|
}
|
|
|
|
|
2005-10-26 18:09:23 +02:00
|
|
|
err=parse_parameter_usage (fname, para, pKEYUSAGE);
|
|
|
|
if(err==0)
|
|
|
|
{
|
|
|
|
/* Default to algo capabilities if key-usage is not provided */
|
|
|
|
r=xmalloc_clear(sizeof(*r));
|
|
|
|
r->key=pKEYUSAGE;
|
|
|
|
r->u.usage=openpgp_pk_algo_usage(algo);
|
|
|
|
r->next=para;
|
|
|
|
para=r;
|
|
|
|
}
|
|
|
|
else if(err==-1)
|
2005-08-05 05:30:13 +02:00
|
|
|
return -1;
|
|
|
|
|
|
|
|
r = get_parameter( para, pSUBKEYTYPE );
|
|
|
|
if(r)
|
|
|
|
{
|
2005-10-26 18:09:23 +02:00
|
|
|
algo=get_parameter_algo( para, pSUBKEYTYPE);
|
|
|
|
if(check_pubkey_algo(algo))
|
2005-08-05 05:30:13 +02:00
|
|
|
{
|
|
|
|
log_error("%s:%d: invalid algorithm\n", fname, r->lnr );
|
|
|
|
return -1;
|
|
|
|
}
|
2002-06-29 15:46:34 +02:00
|
|
|
|
2005-10-26 18:09:23 +02:00
|
|
|
err=parse_parameter_usage (fname, para, pSUBKEYUSAGE);
|
|
|
|
if(err==0)
|
|
|
|
{
|
|
|
|
/* Default to algo capabilities if subkey-usage is not
|
|
|
|
provided */
|
|
|
|
r=xmalloc_clear(sizeof(*r));
|
|
|
|
r->key=pSUBKEYUSAGE;
|
|
|
|
r->u.usage=openpgp_pk_algo_usage(algo);
|
|
|
|
r->next=para;
|
|
|
|
para=r;
|
|
|
|
}
|
|
|
|
else if(err==-1)
|
2000-07-14 19:34:53 +02:00
|
|
|
return -1;
|
|
|
|
}
|
2002-06-29 15:46:34 +02:00
|
|
|
|
2005-08-05 05:30:13 +02:00
|
|
|
if( get_parameter_value( para, pUSERID ) )
|
|
|
|
have_user_id=1;
|
|
|
|
else
|
|
|
|
{
|
|
|
|
/* create the formatted user ID */
|
|
|
|
s1 = get_parameter_value( para, pNAMEREAL );
|
|
|
|
s2 = get_parameter_value( para, pNAMECOMMENT );
|
|
|
|
s3 = get_parameter_value( para, pNAMEEMAIL );
|
|
|
|
if( s1 || s2 || s3 )
|
|
|
|
{
|
|
|
|
n = (s1?strlen(s1):0) + (s2?strlen(s2):0) + (s3?strlen(s3):0);
|
|
|
|
r = xmalloc_clear( sizeof *r + n + 20 );
|
|
|
|
r->key = pUSERID;
|
|
|
|
p = r->u.value;
|
|
|
|
if( s1 )
|
|
|
|
p = stpcpy(p, s1 );
|
|
|
|
if( s2 )
|
|
|
|
p = stpcpy(stpcpy(stpcpy(p," ("), s2 ),")");
|
|
|
|
if( s3 )
|
|
|
|
p = stpcpy(stpcpy(stpcpy(p," <"), s3 ),">");
|
|
|
|
r->next = para;
|
|
|
|
para = r;
|
|
|
|
have_user_id=1;
|
2000-07-14 19:34:53 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2005-08-05 05:30:13 +02:00
|
|
|
if(!have_user_id)
|
|
|
|
{
|
|
|
|
log_error("%s: no User-ID specified\n",fname);
|
2002-06-29 15:46:34 +02:00
|
|
|
return -1;
|
2005-08-05 05:30:13 +02:00
|
|
|
}
|
2002-06-29 15:46:34 +02:00
|
|
|
|
2005-08-05 05:30:13 +02:00
|
|
|
/* Set preferences, if any. */
|
|
|
|
keygen_set_std_prefs(get_parameter_value( para, pPREFERENCES ), 0);
|
2000-07-14 19:34:53 +02:00
|
|
|
|
2005-08-05 05:30:13 +02:00
|
|
|
/* Set revoker, if any. */
|
|
|
|
if (parse_revocation_key (fname, para, pREVOKER))
|
|
|
|
return -1;
|
2000-07-14 19:34:53 +02:00
|
|
|
|
2005-08-05 05:30:13 +02:00
|
|
|
/* make DEK and S2K from the Passphrase */
|
|
|
|
r = get_parameter( para, pPASSPHRASE );
|
|
|
|
if( r && *r->u.value ) {
|
|
|
|
/* we have a plain text passphrase - create a DEK from it.
|
|
|
|
* It is a little bit ridiculous to keep it ih secure memory
|
|
|
|
* but becuase we do this alwasy, why not here */
|
|
|
|
STRING2KEY *s2k;
|
|
|
|
DEK *dek;
|
2005-05-06 21:25:19 +02:00
|
|
|
|
2005-08-05 05:30:13 +02:00
|
|
|
s2k = xmalloc_secure( sizeof *s2k );
|
|
|
|
s2k->mode = opt.s2k_mode;
|
|
|
|
s2k->hash_algo = S2K_DIGEST_ALGO;
|
|
|
|
set_next_passphrase( r->u.value );
|
|
|
|
dek = passphrase_to_dek( NULL, 0, opt.s2k_cipher_algo, s2k, 2,
|
|
|
|
NULL, NULL);
|
|
|
|
set_next_passphrase( NULL );
|
|
|
|
assert( dek );
|
|
|
|
memset( r->u.value, 0, strlen(r->u.value) );
|
|
|
|
|
|
|
|
r = xmalloc_clear( sizeof *r );
|
|
|
|
r->key = pPASSPHRASE_S2K;
|
|
|
|
r->u.s2k = s2k;
|
|
|
|
r->next = para;
|
|
|
|
para = r;
|
|
|
|
r = xmalloc_clear( sizeof *r );
|
|
|
|
r->key = pPASSPHRASE_DEK;
|
|
|
|
r->u.dek = dek;
|
|
|
|
r->next = para;
|
|
|
|
para = r;
|
|
|
|
}
|
2000-07-14 19:34:53 +02:00
|
|
|
|
2005-08-05 05:30:13 +02:00
|
|
|
/* make KEYEXPIRE from Expire-Date */
|
|
|
|
r = get_parameter( para, pEXPIREDATE );
|
|
|
|
if( r && *r->u.value )
|
|
|
|
{
|
|
|
|
u32 seconds;
|
|
|
|
|
|
|
|
seconds = parse_expire_string( r->u.value );
|
|
|
|
if( seconds == (u32)-1 )
|
|
|
|
{
|
|
|
|
log_error("%s:%d: invalid expire date\n", fname, r->lnr );
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
r->u.expire = seconds;
|
|
|
|
r->key = pKEYEXPIRE; /* change hat entry */
|
|
|
|
/* also set it for the subkey */
|
|
|
|
r = xmalloc_clear( sizeof *r + 20 );
|
|
|
|
r->key = pSUBKEYEXPIRE;
|
|
|
|
r->u.expire = seconds;
|
|
|
|
r->next = para;
|
|
|
|
para = r;
|
2000-07-14 19:34:53 +02:00
|
|
|
}
|
|
|
|
|
2005-08-05 05:30:13 +02:00
|
|
|
if( !!outctrl->pub.newfname ^ !!outctrl->sec.newfname ) {
|
|
|
|
log_error("%s:%d: only one ring name is set\n", fname, outctrl->lnr );
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
do_generate_keypair( para, outctrl, card );
|
|
|
|
return 0;
|
2000-07-14 19:34:53 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/****************
|
|
|
|
* Kludge to allow non interactive key generation controlled
|
2004-10-13 09:10:51 +02:00
|
|
|
* by a parameter file.
|
2000-07-14 19:34:53 +02:00
|
|
|
* Note, that string parameters are expected to be in UTF-8
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
read_parameter_file( const char *fname )
|
|
|
|
{
|
|
|
|
static struct { const char *name;
|
|
|
|
enum para_name key;
|
|
|
|
} keywords[] = {
|
|
|
|
{ "Key-Type", pKEYTYPE},
|
|
|
|
{ "Key-Length", pKEYLENGTH },
|
2002-06-29 15:46:34 +02:00
|
|
|
{ "Key-Usage", pKEYUSAGE },
|
2000-07-14 19:34:53 +02:00
|
|
|
{ "Subkey-Type", pSUBKEYTYPE },
|
|
|
|
{ "Subkey-Length", pSUBKEYLENGTH },
|
2002-06-29 15:46:34 +02:00
|
|
|
{ "Subkey-Usage", pSUBKEYUSAGE },
|
2000-07-14 19:34:53 +02:00
|
|
|
{ "Name-Real", pNAMEREAL },
|
|
|
|
{ "Name-Email", pNAMEEMAIL },
|
|
|
|
{ "Name-Comment", pNAMECOMMENT },
|
|
|
|
{ "Expire-Date", pEXPIREDATE },
|
|
|
|
{ "Passphrase", pPASSPHRASE },
|
2002-06-29 15:46:34 +02:00
|
|
|
{ "Preferences", pPREFERENCES },
|
|
|
|
{ "Revoker", pREVOKER },
|
2004-10-13 09:10:51 +02:00
|
|
|
{ "Handle", pHANDLE },
|
2000-07-14 19:34:53 +02:00
|
|
|
{ NULL, 0 }
|
|
|
|
};
|
2004-10-12 18:41:17 +02:00
|
|
|
IOBUF fp;
|
2004-10-14 22:47:56 +02:00
|
|
|
byte *line;
|
2004-10-12 18:41:17 +02:00
|
|
|
unsigned int maxlen, nline;
|
|
|
|
char *p;
|
2000-07-14 19:34:53 +02:00
|
|
|
int lnr;
|
|
|
|
const char *err = NULL;
|
|
|
|
struct para_data_s *para, *r;
|
|
|
|
int i;
|
|
|
|
struct output_control_s outctrl;
|
|
|
|
|
|
|
|
memset( &outctrl, 0, sizeof( outctrl ) );
|
|
|
|
|
2004-10-12 18:41:17 +02:00
|
|
|
if( !fname || !*fname)
|
|
|
|
fname = "-";
|
|
|
|
|
|
|
|
fp = iobuf_open (fname);
|
2004-10-13 20:10:06 +02:00
|
|
|
if (fp && is_secured_file (iobuf_get_fd (fp)))
|
|
|
|
{
|
|
|
|
iobuf_close (fp);
|
|
|
|
fp = NULL;
|
|
|
|
errno = EPERM;
|
|
|
|
}
|
2004-10-12 18:41:17 +02:00
|
|
|
if (!fp) {
|
|
|
|
log_error (_("can't open `%s': %s\n"), fname, strerror(errno) );
|
|
|
|
return;
|
2000-07-14 19:34:53 +02:00
|
|
|
}
|
2004-10-12 18:41:17 +02:00
|
|
|
iobuf_ioctl (fp, 3, 1, NULL); /* No file caching. */
|
2000-07-14 19:34:53 +02:00
|
|
|
|
|
|
|
lnr = 0;
|
|
|
|
err = NULL;
|
|
|
|
para = NULL;
|
2004-10-12 18:41:17 +02:00
|
|
|
maxlen = 1024;
|
|
|
|
line = NULL;
|
|
|
|
while ( iobuf_read_line (fp, &line, &nline, &maxlen) ) {
|
2000-07-14 19:34:53 +02:00
|
|
|
char *keyword, *value;
|
|
|
|
|
|
|
|
lnr++;
|
2004-10-12 18:41:17 +02:00
|
|
|
if( !maxlen ) {
|
2000-07-14 19:34:53 +02:00
|
|
|
err = "line too long";
|
|
|
|
break;
|
|
|
|
}
|
2002-06-29 15:46:34 +02:00
|
|
|
for( p = line; isspace(*(byte*)p); p++ )
|
2000-07-14 19:34:53 +02:00
|
|
|
;
|
|
|
|
if( !*p || *p == '#' )
|
|
|
|
continue;
|
|
|
|
keyword = p;
|
|
|
|
if( *keyword == '%' ) {
|
2002-06-29 15:46:34 +02:00
|
|
|
for( ; !isspace(*(byte*)p); p++ )
|
2000-07-14 19:34:53 +02:00
|
|
|
;
|
|
|
|
if( *p )
|
|
|
|
*p++ = 0;
|
2002-06-29 15:46:34 +02:00
|
|
|
for( ; isspace(*(byte*)p); p++ )
|
2000-07-14 19:34:53 +02:00
|
|
|
;
|
|
|
|
value = p;
|
|
|
|
trim_trailing_ws( value, strlen(value) );
|
2002-06-29 15:46:34 +02:00
|
|
|
if( !ascii_strcasecmp( keyword, "%echo" ) )
|
2000-07-14 19:34:53 +02:00
|
|
|
log_info("%s\n", value );
|
2002-06-29 15:46:34 +02:00
|
|
|
else if( !ascii_strcasecmp( keyword, "%dry-run" ) )
|
2000-07-14 19:34:53 +02:00
|
|
|
outctrl.dryrun = 1;
|
2002-06-29 15:46:34 +02:00
|
|
|
else if( !ascii_strcasecmp( keyword, "%commit" ) ) {
|
2000-07-14 19:34:53 +02:00
|
|
|
outctrl.lnr = lnr;
|
2004-10-13 09:10:51 +02:00
|
|
|
if (proc_parameter_file( para, fname, &outctrl, 0 ))
|
|
|
|
print_status_key_not_created
|
|
|
|
(get_parameter_value (para, pHANDLE));
|
2000-07-14 19:34:53 +02:00
|
|
|
release_parameter_list( para );
|
|
|
|
para = NULL;
|
|
|
|
}
|
2002-06-29 15:46:34 +02:00
|
|
|
else if( !ascii_strcasecmp( keyword, "%pubring" ) ) {
|
2000-07-14 19:34:53 +02:00
|
|
|
if( outctrl.pub.fname && !strcmp( outctrl.pub.fname, value ) )
|
|
|
|
; /* still the same file - ignore it */
|
|
|
|
else {
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree( outctrl.pub.newfname );
|
|
|
|
outctrl.pub.newfname = xstrdup( value );
|
2000-07-14 19:34:53 +02:00
|
|
|
outctrl.use_files = 1;
|
|
|
|
}
|
|
|
|
}
|
2002-06-29 15:46:34 +02:00
|
|
|
else if( !ascii_strcasecmp( keyword, "%secring" ) ) {
|
2000-07-14 19:34:53 +02:00
|
|
|
if( outctrl.sec.fname && !strcmp( outctrl.sec.fname, value ) )
|
|
|
|
; /* still the same file - ignore it */
|
|
|
|
else {
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree( outctrl.sec.newfname );
|
|
|
|
outctrl.sec.newfname = xstrdup( value );
|
2000-07-14 19:34:53 +02:00
|
|
|
outctrl.use_files = 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else
|
|
|
|
log_info("skipping control `%s' (%s)\n", keyword, value );
|
|
|
|
|
|
|
|
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if( !(p = strchr( p, ':' )) || p == keyword ) {
|
|
|
|
err = "missing colon";
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
if( *p )
|
|
|
|
*p++ = 0;
|
2002-06-29 15:46:34 +02:00
|
|
|
for( ; isspace(*(byte*)p); p++ )
|
2000-07-14 19:34:53 +02:00
|
|
|
;
|
|
|
|
if( !*p ) {
|
|
|
|
err = "missing argument";
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
value = p;
|
|
|
|
trim_trailing_ws( value, strlen(value) );
|
|
|
|
|
|
|
|
for(i=0; keywords[i].name; i++ ) {
|
2002-06-29 15:46:34 +02:00
|
|
|
if( !ascii_strcasecmp( keywords[i].name, keyword ) )
|
2000-07-14 19:34:53 +02:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
if( !keywords[i].name ) {
|
|
|
|
err = "unknown keyword";
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
if( keywords[i].key != pKEYTYPE && !para ) {
|
|
|
|
err = "parameter block does not start with \"Key-Type\"";
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
if( keywords[i].key == pKEYTYPE && para ) {
|
|
|
|
outctrl.lnr = lnr;
|
2004-10-13 09:10:51 +02:00
|
|
|
if (proc_parameter_file( para, fname, &outctrl, 0 ))
|
|
|
|
print_status_key_not_created
|
|
|
|
(get_parameter_value (para, pHANDLE));
|
2000-07-14 19:34:53 +02:00
|
|
|
release_parameter_list( para );
|
|
|
|
para = NULL;
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
for( r = para; r; r = r->next ) {
|
|
|
|
if( r->key == keywords[i].key )
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
if( r ) {
|
|
|
|
err = "duplicate keyword";
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
2005-07-27 20:10:56 +02:00
|
|
|
r = xmalloc_clear( sizeof *r + strlen( value ) );
|
2000-07-14 19:34:53 +02:00
|
|
|
r->lnr = lnr;
|
|
|
|
r->key = keywords[i].key;
|
|
|
|
strcpy( r->u.value, value );
|
|
|
|
r->next = para;
|
|
|
|
para = r;
|
|
|
|
}
|
|
|
|
if( err )
|
|
|
|
log_error("%s:%d: %s\n", fname, lnr, err );
|
2004-10-12 18:41:17 +02:00
|
|
|
else if( iobuf_error (fp) ) {
|
|
|
|
log_error("%s:%d: read error\n", fname, lnr);
|
2000-07-14 19:34:53 +02:00
|
|
|
}
|
|
|
|
else if( para ) {
|
|
|
|
outctrl.lnr = lnr;
|
2004-10-13 09:10:51 +02:00
|
|
|
if (proc_parameter_file( para, fname, &outctrl, 0 ))
|
|
|
|
print_status_key_not_created (get_parameter_value (para, pHANDLE));
|
2000-07-14 19:34:53 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
if( outctrl.use_files ) { /* close open streams */
|
|
|
|
iobuf_close( outctrl.pub.stream );
|
|
|
|
iobuf_close( outctrl.sec.stream );
|
2004-05-11 09:43:19 +02:00
|
|
|
|
|
|
|
/* Must invalidate that ugly cache to actually close it. */
|
|
|
|
if (outctrl.pub.fname)
|
|
|
|
iobuf_ioctl (NULL, 2, 0, (char*)outctrl.pub.fname);
|
|
|
|
if (outctrl.sec.fname)
|
|
|
|
iobuf_ioctl (NULL, 2, 0, (char*)outctrl.sec.fname);
|
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree( outctrl.pub.fname );
|
|
|
|
xfree( outctrl.pub.newfname );
|
|
|
|
xfree( outctrl.sec.fname );
|
|
|
|
xfree( outctrl.sec.newfname );
|
2000-07-14 19:34:53 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
release_parameter_list( para );
|
2004-10-12 18:41:17 +02:00
|
|
|
iobuf_close (fp);
|
2000-07-14 19:34:53 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2003-10-08 17:21:20 +02:00
|
|
|
/*
|
|
|
|
* Generate a keypair (fname is only used in batch mode) If
|
|
|
|
* CARD_SERIALNO is not NULL the fucntion will create the keys on an
|
2004-09-23 21:34:45 +02:00
|
|
|
* OpenPGP Card. If BACKUP_ENCRYPTION_DIR has been set and
|
|
|
|
* CARD_SERIALNO is NOT NULL, the encryption key for the card gets
|
|
|
|
* generate in software, imported to the card and a backup file
|
|
|
|
* written to directory given by this argument .
|
1998-05-26 15:38:00 +02:00
|
|
|
*/
|
|
|
|
void
|
2004-09-23 21:34:45 +02:00
|
|
|
generate_keypair (const char *fname, const char *card_serialno,
|
|
|
|
const char *backup_encryption_dir)
|
1998-05-26 15:38:00 +02:00
|
|
|
{
|
2003-10-08 17:21:20 +02:00
|
|
|
unsigned int nbits;
|
|
|
|
char *uid = NULL;
|
|
|
|
DEK *dek;
|
|
|
|
STRING2KEY *s2k;
|
|
|
|
int algo;
|
|
|
|
unsigned int use;
|
|
|
|
int both = 0;
|
|
|
|
u32 expire;
|
|
|
|
struct para_data_s *para = NULL;
|
|
|
|
struct para_data_s *r;
|
|
|
|
struct output_control_s outctrl;
|
|
|
|
|
|
|
|
memset( &outctrl, 0, sizeof( outctrl ) );
|
|
|
|
|
|
|
|
if (opt.batch && card_serialno)
|
|
|
|
{
|
|
|
|
/* We don't yet support unattended key generation. */
|
2004-10-28 05:57:30 +02:00
|
|
|
log_error (_("can't do this in batch mode\n"));
|
2003-10-08 17:21:20 +02:00
|
|
|
return;
|
1998-06-25 12:19:08 +02:00
|
|
|
}
|
2003-10-08 17:21:20 +02:00
|
|
|
|
2004-09-23 21:34:45 +02:00
|
|
|
if (opt.batch)
|
|
|
|
{
|
|
|
|
read_parameter_file( fname );
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (card_serialno)
|
|
|
|
{
|
2003-10-08 17:21:20 +02:00
|
|
|
#ifdef ENABLE_CARD_SUPPORT
|
2004-09-23 21:34:45 +02:00
|
|
|
r = xcalloc (1, sizeof *r + strlen (card_serialno) );
|
|
|
|
r->key = pSERIALNO;
|
|
|
|
strcpy( r->u.value, card_serialno);
|
|
|
|
r->next = para;
|
|
|
|
para = r;
|
2003-10-08 17:21:20 +02:00
|
|
|
|
2004-09-23 21:34:45 +02:00
|
|
|
algo = PUBKEY_ALGO_RSA;
|
2003-10-08 17:21:20 +02:00
|
|
|
|
2004-09-23 21:34:45 +02:00
|
|
|
r = xcalloc (1, sizeof *r + 20 );
|
|
|
|
r->key = pKEYTYPE;
|
|
|
|
sprintf( r->u.value, "%d", algo );
|
|
|
|
r->next = para;
|
|
|
|
para = r;
|
|
|
|
r = xcalloc (1, sizeof *r + 20 );
|
|
|
|
r->key = pKEYUSAGE;
|
|
|
|
strcpy (r->u.value, "sign");
|
|
|
|
r->next = para;
|
|
|
|
para = r;
|
2003-10-08 17:21:20 +02:00
|
|
|
|
2004-09-23 21:34:45 +02:00
|
|
|
r = xcalloc (1, sizeof *r + 20 );
|
|
|
|
r->key = pSUBKEYTYPE;
|
|
|
|
sprintf( r->u.value, "%d", algo );
|
|
|
|
r->next = para;
|
|
|
|
para = r;
|
|
|
|
r = xcalloc (1, sizeof *r + 20 );
|
|
|
|
r->key = pSUBKEYUSAGE;
|
|
|
|
strcpy (r->u.value, "encrypt");
|
|
|
|
r->next = para;
|
|
|
|
para = r;
|
2003-10-08 17:21:20 +02:00
|
|
|
|
2004-09-23 21:34:45 +02:00
|
|
|
r = xcalloc (1, sizeof *r + 20 );
|
|
|
|
r->key = pAUTHKEYTYPE;
|
|
|
|
sprintf( r->u.value, "%d", algo );
|
|
|
|
r->next = para;
|
|
|
|
para = r;
|
|
|
|
|
|
|
|
if (backup_encryption_dir)
|
|
|
|
{
|
|
|
|
r = xcalloc (1, sizeof *r + strlen (backup_encryption_dir) );
|
|
|
|
r->key = pBACKUPENCDIR;
|
|
|
|
strcpy (r->u.value, backup_encryption_dir);
|
|
|
|
r->next = para;
|
|
|
|
para = r;
|
|
|
|
}
|
2003-10-08 17:21:20 +02:00
|
|
|
#endif /*ENABLE_CARD_SUPPORT*/
|
2004-09-23 21:34:45 +02:00
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
algo = ask_algo( 0, &use );
|
|
|
|
if( !algo )
|
|
|
|
{ /* default: DSA with ElG subkey of the specified size */
|
|
|
|
both = 1;
|
2005-07-27 20:10:56 +02:00
|
|
|
r = xmalloc_clear( sizeof *r + 20 );
|
2004-09-23 21:34:45 +02:00
|
|
|
r->key = pKEYTYPE;
|
|
|
|
sprintf( r->u.value, "%d", PUBKEY_ALGO_DSA );
|
|
|
|
r->next = para;
|
|
|
|
para = r;
|
2004-12-07 18:58:35 +01:00
|
|
|
tty_printf(_("DSA keypair will have %u bits.\n"),1024);
|
2005-07-27 20:10:56 +02:00
|
|
|
r = xmalloc_clear( sizeof *r + 20 );
|
2004-09-23 21:34:45 +02:00
|
|
|
r->key = pKEYLENGTH;
|
|
|
|
strcpy( r->u.value, "1024" );
|
|
|
|
r->next = para;
|
|
|
|
para = r;
|
2005-07-27 20:10:56 +02:00
|
|
|
r = xmalloc_clear( sizeof *r + 20 );
|
2004-09-23 21:34:45 +02:00
|
|
|
r->key = pKEYUSAGE;
|
|
|
|
strcpy( r->u.value, "sign" );
|
|
|
|
r->next = para;
|
|
|
|
para = r;
|
2003-10-08 17:21:20 +02:00
|
|
|
|
2004-09-23 21:34:45 +02:00
|
|
|
algo = PUBKEY_ALGO_ELGAMAL_E;
|
2005-07-27 20:10:56 +02:00
|
|
|
r = xmalloc_clear( sizeof *r + 20 );
|
2004-09-23 21:34:45 +02:00
|
|
|
r->key = pSUBKEYTYPE;
|
|
|
|
sprintf( r->u.value, "%d", algo );
|
|
|
|
r->next = para;
|
|
|
|
para = r;
|
2005-07-27 20:10:56 +02:00
|
|
|
r = xmalloc_clear( sizeof *r + 20 );
|
2004-09-23 21:34:45 +02:00
|
|
|
r->key = pSUBKEYUSAGE;
|
|
|
|
strcpy( r->u.value, "encrypt" );
|
|
|
|
r->next = para;
|
|
|
|
para = r;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
2005-07-27 20:10:56 +02:00
|
|
|
r = xmalloc_clear( sizeof *r + 20 );
|
2004-09-23 21:34:45 +02:00
|
|
|
r->key = pKEYTYPE;
|
|
|
|
sprintf( r->u.value, "%d", algo );
|
|
|
|
r->next = para;
|
|
|
|
para = r;
|
2003-10-08 17:21:20 +02:00
|
|
|
|
2004-09-23 21:34:45 +02:00
|
|
|
if (use)
|
|
|
|
{
|
2005-07-27 20:10:56 +02:00
|
|
|
r = xmalloc_clear( sizeof *r + 25 );
|
2004-09-23 21:34:45 +02:00
|
|
|
r->key = pKEYUSAGE;
|
2004-10-10 15:13:47 +02:00
|
|
|
sprintf( r->u.value, "%s%s%s",
|
2004-09-23 21:34:45 +02:00
|
|
|
(use & PUBKEY_USAGE_SIG)? "sign ":"",
|
2004-10-10 15:13:47 +02:00
|
|
|
(use & PUBKEY_USAGE_ENC)? "encrypt ":"",
|
|
|
|
(use & PUBKEY_USAGE_AUTH)? "auth":"" );
|
2004-09-23 21:34:45 +02:00
|
|
|
r->next = para;
|
|
|
|
para = r;
|
|
|
|
}
|
2003-10-08 17:21:20 +02:00
|
|
|
|
2004-09-23 21:34:45 +02:00
|
|
|
}
|
2003-10-08 17:21:20 +02:00
|
|
|
|
2004-09-23 21:34:45 +02:00
|
|
|
nbits = ask_keysize( algo );
|
2005-07-27 20:10:56 +02:00
|
|
|
r = xmalloc_clear( sizeof *r + 20 );
|
2004-09-23 21:34:45 +02:00
|
|
|
r->key = both? pSUBKEYLENGTH : pKEYLENGTH;
|
|
|
|
sprintf( r->u.value, "%u", nbits);
|
|
|
|
r->next = para;
|
|
|
|
para = r;
|
|
|
|
}
|
|
|
|
|
2005-05-05 21:21:40 +02:00
|
|
|
expire = ask_expire_interval(0,NULL);
|
2005-07-27 20:10:56 +02:00
|
|
|
r = xmalloc_clear( sizeof *r + 20 );
|
2004-09-23 21:34:45 +02:00
|
|
|
r->key = pKEYEXPIRE;
|
|
|
|
r->u.expire = expire;
|
|
|
|
r->next = para;
|
|
|
|
para = r;
|
2005-07-27 20:10:56 +02:00
|
|
|
r = xmalloc_clear( sizeof *r + 20 );
|
2004-09-23 21:34:45 +02:00
|
|
|
r->key = pSUBKEYEXPIRE;
|
|
|
|
r->u.expire = expire;
|
|
|
|
r->next = para;
|
|
|
|
para = r;
|
|
|
|
|
|
|
|
uid = ask_user_id(0);
|
|
|
|
if( !uid )
|
|
|
|
{
|
|
|
|
log_error(_("Key generation canceled.\n"));
|
|
|
|
release_parameter_list( para );
|
|
|
|
return;
|
|
|
|
}
|
2005-07-27 20:10:56 +02:00
|
|
|
r = xmalloc_clear( sizeof *r + strlen(uid) );
|
2004-09-23 21:34:45 +02:00
|
|
|
r->key = pUSERID;
|
|
|
|
strcpy( r->u.value, uid );
|
|
|
|
r->next = para;
|
|
|
|
para = r;
|
2003-10-08 17:21:20 +02:00
|
|
|
|
2004-09-23 21:34:45 +02:00
|
|
|
dek = card_serialno? NULL : do_ask_passphrase( &s2k );
|
|
|
|
if( dek )
|
|
|
|
{
|
2005-07-27 20:10:56 +02:00
|
|
|
r = xmalloc_clear( sizeof *r );
|
2004-09-23 21:34:45 +02:00
|
|
|
r->key = pPASSPHRASE_DEK;
|
|
|
|
r->u.dek = dek;
|
|
|
|
r->next = para;
|
|
|
|
para = r;
|
2005-07-27 20:10:56 +02:00
|
|
|
r = xmalloc_clear( sizeof *r );
|
2004-09-23 21:34:45 +02:00
|
|
|
r->key = pPASSPHRASE_S2K;
|
|
|
|
r->u.s2k = s2k;
|
|
|
|
r->next = para;
|
|
|
|
para = r;
|
|
|
|
}
|
2003-10-08 17:21:20 +02:00
|
|
|
|
2004-09-23 21:34:45 +02:00
|
|
|
proc_parameter_file( para, "[internal]", &outctrl, !!card_serialno);
|
|
|
|
release_parameter_list( para );
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2004-09-24 16:34:45 +02:00
|
|
|
#ifdef ENABLE_CARD_SUPPORT
|
2004-09-23 21:34:45 +02:00
|
|
|
/* Generate a raw key and return it as a secret key packet. The
|
|
|
|
function will ask for the passphrase and return a protected as well
|
|
|
|
as an unprotected copy of a new secret key packet. 0 is returned
|
|
|
|
on success and the caller must then free the returned values. */
|
|
|
|
static int
|
|
|
|
generate_raw_key (int algo, unsigned int nbits, u32 created_at,
|
|
|
|
PKT_secret_key **r_sk_unprotected,
|
|
|
|
PKT_secret_key **r_sk_protected)
|
|
|
|
{
|
|
|
|
int rc;
|
|
|
|
DEK *dek = NULL;
|
|
|
|
STRING2KEY *s2k = NULL;
|
|
|
|
PKT_secret_key *sk = NULL;
|
|
|
|
int i;
|
|
|
|
size_t nskey, npkey;
|
|
|
|
|
|
|
|
npkey = pubkey_get_npkey (algo);
|
|
|
|
nskey = pubkey_get_nskey (algo);
|
|
|
|
assert (nskey <= PUBKEY_MAX_NSKEY && npkey < nskey);
|
|
|
|
|
|
|
|
if (nbits < 512)
|
|
|
|
{
|
|
|
|
nbits = 512;
|
|
|
|
log_info (_("keysize invalid; using %u bits\n"), nbits );
|
|
|
|
}
|
|
|
|
|
|
|
|
if ((nbits % 32))
|
|
|
|
{
|
|
|
|
nbits = ((nbits + 31) / 32) * 32;
|
|
|
|
log_info(_("keysize rounded up to %u bits\n"), nbits );
|
|
|
|
}
|
|
|
|
|
|
|
|
dek = do_ask_passphrase (&s2k);
|
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
sk = xmalloc_clear (sizeof *sk);
|
2004-09-23 21:34:45 +02:00
|
|
|
sk->timestamp = created_at;
|
|
|
|
sk->version = 4;
|
|
|
|
sk->pubkey_algo = algo;
|
|
|
|
|
|
|
|
rc = pubkey_generate (algo, nbits, sk->skey, NULL);
|
|
|
|
if (rc)
|
|
|
|
{
|
|
|
|
log_error("pubkey_generate failed: %s\n", g10_errstr(rc) );
|
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
|
|
|
|
for (i=npkey; i < nskey; i++)
|
|
|
|
sk->csum += checksum_mpi (sk->skey[i]);
|
|
|
|
|
|
|
|
if (r_sk_unprotected)
|
|
|
|
*r_sk_unprotected = copy_secret_key (NULL, sk);
|
|
|
|
|
|
|
|
if (dek)
|
|
|
|
{
|
|
|
|
sk->protect.algo = dek->algo;
|
|
|
|
sk->protect.s2k = *s2k;
|
|
|
|
rc = protect_secret_key (sk, dek);
|
|
|
|
if (rc)
|
|
|
|
{
|
|
|
|
log_error ("protect_secret_key failed: %s\n", g10_errstr(rc));
|
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (r_sk_protected)
|
|
|
|
{
|
|
|
|
*r_sk_protected = sk;
|
|
|
|
sk = NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
leave:
|
|
|
|
if (sk)
|
|
|
|
free_secret_key (sk);
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree (dek);
|
|
|
|
xfree (s2k);
|
2004-09-23 21:34:45 +02:00
|
|
|
return rc;
|
2000-07-14 19:34:53 +02:00
|
|
|
}
|
2004-09-24 16:34:45 +02:00
|
|
|
#endif /* ENABLE_CARD_SUPPORT */
|
1998-05-26 15:38:00 +02:00
|
|
|
|
2005-05-06 00:08:37 +02:00
|
|
|
/* Create and delete a dummy packet to start off a list of kbnodes. */
|
|
|
|
static void
|
|
|
|
start_tree(KBNODE *tree)
|
|
|
|
{
|
|
|
|
PACKET *pkt;
|
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
pkt=xmalloc_clear(sizeof(*pkt));
|
2005-08-04 23:39:43 +02:00
|
|
|
pkt->pkttype=PKT_NONE;
|
2005-05-06 00:08:37 +02:00
|
|
|
*tree=new_kbnode(pkt);
|
|
|
|
delete_kbnode(*tree);
|
|
|
|
}
|
1998-05-26 15:38:00 +02:00
|
|
|
|
2000-07-14 19:34:53 +02:00
|
|
|
static void
|
|
|
|
do_generate_keypair( struct para_data_s *para,
|
2003-10-08 17:21:20 +02:00
|
|
|
struct output_control_s *outctrl, int card )
|
2000-07-14 19:34:53 +02:00
|
|
|
{
|
|
|
|
KBNODE pub_root = NULL;
|
|
|
|
KBNODE sec_root = NULL;
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
PKT_secret_key *pri_sk = NULL, *sub_sk = NULL;
|
2000-07-14 19:34:53 +02:00
|
|
|
const char *s;
|
2002-06-29 15:46:34 +02:00
|
|
|
struct revocation_key *revkey;
|
2000-07-14 19:34:53 +02:00
|
|
|
int rc;
|
2002-06-29 15:46:34 +02:00
|
|
|
int did_sub = 0;
|
2000-07-14 19:34:53 +02:00
|
|
|
|
2005-05-06 00:08:37 +02:00
|
|
|
if( outctrl->dryrun )
|
|
|
|
{
|
2000-07-14 19:34:53 +02:00
|
|
|
log_info("dry-run mode - key generation skipped\n");
|
|
|
|
return;
|
2005-05-06 00:08:37 +02:00
|
|
|
}
|
2000-07-14 19:34:53 +02:00
|
|
|
|
|
|
|
if( outctrl->use_files ) {
|
|
|
|
if( outctrl->pub.newfname ) {
|
|
|
|
iobuf_close(outctrl->pub.stream);
|
|
|
|
outctrl->pub.stream = NULL;
|
2004-05-11 09:43:19 +02:00
|
|
|
if (outctrl->pub.fname)
|
|
|
|
iobuf_ioctl (NULL, 2, 0, (char*)outctrl->pub.fname);
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree( outctrl->pub.fname );
|
2000-07-14 19:34:53 +02:00
|
|
|
outctrl->pub.fname = outctrl->pub.newfname;
|
|
|
|
outctrl->pub.newfname = NULL;
|
|
|
|
|
2004-10-14 09:11:57 +02:00
|
|
|
if (is_secured_filename (outctrl->pub.fname) ) {
|
|
|
|
outctrl->pub.stream = NULL;
|
|
|
|
errno = EPERM;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
outctrl->pub.stream = iobuf_create( outctrl->pub.fname );
|
2000-07-14 19:34:53 +02:00
|
|
|
if( !outctrl->pub.stream ) {
|
2004-10-14 09:11:57 +02:00
|
|
|
log_error(_("can't create `%s': %s\n"), outctrl->pub.newfname,
|
2000-07-14 19:34:53 +02:00
|
|
|
strerror(errno) );
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
if( opt.armor ) {
|
|
|
|
outctrl->pub.afx.what = 1;
|
|
|
|
iobuf_push_filter( outctrl->pub.stream, armor_filter,
|
|
|
|
&outctrl->pub.afx );
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if( outctrl->sec.newfname ) {
|
2004-05-11 09:43:19 +02:00
|
|
|
mode_t oldmask;
|
|
|
|
|
2000-07-14 19:34:53 +02:00
|
|
|
iobuf_close(outctrl->sec.stream);
|
|
|
|
outctrl->sec.stream = NULL;
|
2004-05-11 09:43:19 +02:00
|
|
|
if (outctrl->sec.fname)
|
|
|
|
iobuf_ioctl (NULL, 2, 0, (char*)outctrl->sec.fname);
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree( outctrl->sec.fname );
|
2000-07-14 19:34:53 +02:00
|
|
|
outctrl->sec.fname = outctrl->sec.newfname;
|
|
|
|
outctrl->sec.newfname = NULL;
|
|
|
|
|
2004-05-11 09:43:19 +02:00
|
|
|
oldmask = umask (077);
|
2004-10-14 09:11:57 +02:00
|
|
|
if (is_secured_filename (outctrl->sec.fname) ) {
|
|
|
|
outctrl->sec.stream = NULL;
|
|
|
|
errno = EPERM;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
outctrl->sec.stream = iobuf_create( outctrl->sec.fname );
|
2004-05-11 09:43:19 +02:00
|
|
|
umask (oldmask);
|
2000-07-14 19:34:53 +02:00
|
|
|
if( !outctrl->sec.stream ) {
|
2004-10-14 09:11:57 +02:00
|
|
|
log_error(_("can't create `%s': %s\n"), outctrl->sec.newfname,
|
2000-07-14 19:34:53 +02:00
|
|
|
strerror(errno) );
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
if( opt.armor ) {
|
|
|
|
outctrl->sec.afx.what = 5;
|
|
|
|
iobuf_push_filter( outctrl->sec.stream, armor_filter,
|
|
|
|
&outctrl->sec.afx );
|
|
|
|
}
|
|
|
|
}
|
|
|
|
assert( outctrl->pub.stream );
|
|
|
|
assert( outctrl->sec.stream );
|
2002-06-29 15:46:34 +02:00
|
|
|
if( opt.verbose ) {
|
|
|
|
log_info(_("writing public key to `%s'\n"), outctrl->pub.fname );
|
2003-10-08 17:21:20 +02:00
|
|
|
if (card)
|
|
|
|
log_info (_("writing secret key stub to `%s'\n"),
|
|
|
|
outctrl->sec.fname);
|
|
|
|
else
|
|
|
|
log_info(_("writing secret key to `%s'\n"), outctrl->sec.fname );
|
2002-06-29 15:46:34 +02:00
|
|
|
}
|
2000-07-14 19:34:53 +02:00
|
|
|
}
|
|
|
|
|
1998-05-26 15:38:00 +02:00
|
|
|
|
2005-05-06 00:08:37 +02:00
|
|
|
/* we create the packets as a tree of kbnodes. Because the
|
|
|
|
* structure we create is known in advance we simply generate a
|
|
|
|
* linked list. The first packet is a dummy packet which we flag
|
1998-06-29 14:30:57 +02:00
|
|
|
* as deleted. The very first packet must always be a KEY packet.
|
1998-05-26 15:38:00 +02:00
|
|
|
*/
|
2005-05-06 00:08:37 +02:00
|
|
|
|
|
|
|
start_tree(&pub_root);
|
|
|
|
start_tree(&sec_root);
|
1998-05-26 15:38:00 +02:00
|
|
|
|
2003-10-08 17:21:20 +02:00
|
|
|
if (!card)
|
|
|
|
{
|
|
|
|
rc = do_create( get_parameter_algo( para, pKEYTYPE ),
|
|
|
|
get_parameter_uint( para, pKEYLENGTH ),
|
|
|
|
pub_root, sec_root,
|
|
|
|
get_parameter_dek( para, pPASSPHRASE_DEK ),
|
|
|
|
get_parameter_s2k( para, pPASSPHRASE_S2K ),
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
&pri_sk,
|
|
|
|
get_parameter_u32( para, pKEYEXPIRE ), 0 );
|
2003-10-08 17:21:20 +02:00
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
2004-09-20 20:38:39 +02:00
|
|
|
rc = gen_card_key (PUBKEY_ALGO_RSA, 1, 1, pub_root, sec_root,
|
2003-10-08 17:21:20 +02:00
|
|
|
get_parameter_u32 (para, pKEYEXPIRE), para);
|
|
|
|
if (!rc)
|
|
|
|
{
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
pri_sk = sec_root->next->pkt->pkt.secret_key;
|
|
|
|
assert (pri_sk);
|
2003-10-08 17:21:20 +02:00
|
|
|
}
|
|
|
|
}
|
2002-06-29 15:46:34 +02:00
|
|
|
|
|
|
|
if(!rc && (revkey=get_parameter_revkey(para,pREVOKER)))
|
|
|
|
{
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
rc=write_direct_sig(pub_root,pub_root,pri_sk,revkey);
|
2002-06-29 15:46:34 +02:00
|
|
|
if(!rc)
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
write_direct_sig(sec_root,pub_root,pri_sk,revkey);
|
2002-06-29 15:46:34 +02:00
|
|
|
}
|
|
|
|
|
2005-05-11 21:31:53 +02:00
|
|
|
if( !rc && (s=get_parameter_value(para, pUSERID)) )
|
|
|
|
{
|
2000-07-14 19:34:53 +02:00
|
|
|
write_uid(pub_root, s );
|
|
|
|
if( !rc )
|
2005-05-11 21:31:53 +02:00
|
|
|
write_uid(sec_root, s );
|
|
|
|
|
2000-07-14 19:34:53 +02:00
|
|
|
if( !rc )
|
2005-05-11 21:31:53 +02:00
|
|
|
rc = write_selfsigs(sec_root, pub_root, pri_sk,
|
|
|
|
get_parameter_uint (para, pKEYUSAGE));
|
|
|
|
}
|
1997-12-09 13:46:23 +01:00
|
|
|
|
2005-02-01 06:26:25 +01:00
|
|
|
/* Write the auth key to the card before the encryption key. This
|
|
|
|
is a partial workaround for a PGP bug (as of this writing, all
|
|
|
|
versions including 8.1), that causes it to try and encrypt to
|
|
|
|
the most recent subkey regardless of whether that subkey is
|
|
|
|
actually an encryption type. In this case, the auth key is an
|
|
|
|
RSA key so it succeeds. */
|
|
|
|
|
|
|
|
if (!rc && card && get_parameter (para, pAUTHKEYTYPE))
|
|
|
|
{
|
|
|
|
rc = gen_card_key (PUBKEY_ALGO_RSA, 3, 0, pub_root, sec_root,
|
|
|
|
get_parameter_u32 (para, pKEYEXPIRE), para);
|
|
|
|
|
|
|
|
if (!rc)
|
|
|
|
rc = write_keybinding (pub_root, pub_root, pri_sk, sub_sk, PUBKEY_USAGE_AUTH);
|
|
|
|
if (!rc)
|
|
|
|
rc = write_keybinding (sec_root, pub_root, pri_sk, sub_sk, PUBKEY_USAGE_AUTH);
|
|
|
|
}
|
|
|
|
|
2005-01-25 15:34:51 +01:00
|
|
|
if( !rc && get_parameter( para, pSUBKEYTYPE ) )
|
2003-10-08 17:21:20 +02:00
|
|
|
{
|
|
|
|
if (!card)
|
|
|
|
{
|
|
|
|
rc = do_create( get_parameter_algo( para, pSUBKEYTYPE ),
|
|
|
|
get_parameter_uint( para, pSUBKEYLENGTH ),
|
|
|
|
pub_root, sec_root,
|
|
|
|
get_parameter_dek( para, pPASSPHRASE_DEK ),
|
|
|
|
get_parameter_s2k( para, pPASSPHRASE_S2K ),
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
&sub_sk,
|
|
|
|
get_parameter_u32( para, pSUBKEYEXPIRE ), 1 );
|
2003-10-08 17:21:20 +02:00
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
2004-09-23 21:34:45 +02:00
|
|
|
if ((s = get_parameter_value (para, pBACKUPENCDIR)))
|
|
|
|
{
|
|
|
|
/* A backup of the encryption key has been requested.
|
|
|
|
Generate the key i software and import it then to
|
|
|
|
the card. Write a backup file. */
|
|
|
|
rc = gen_card_key_with_backup (PUBKEY_ALGO_RSA, 2, 0,
|
|
|
|
pub_root, sec_root,
|
|
|
|
get_parameter_u32 (para,
|
|
|
|
pKEYEXPIRE),
|
|
|
|
para, s);
|
|
|
|
}
|
|
|
|
else
|
|
|
|
rc = gen_card_key (PUBKEY_ALGO_RSA, 2, 0, pub_root, sec_root,
|
|
|
|
get_parameter_u32 (para, pKEYEXPIRE), para);
|
2003-10-08 17:21:20 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
if( !rc )
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
rc = write_keybinding(pub_root, pub_root, pri_sk, sub_sk,
|
2003-10-08 17:21:20 +02:00
|
|
|
get_parameter_uint (para, pSUBKEYUSAGE));
|
|
|
|
if( !rc )
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
rc = write_keybinding(sec_root, pub_root, pri_sk, sub_sk,
|
2003-10-08 17:21:20 +02:00
|
|
|
get_parameter_uint (para, pSUBKEYUSAGE));
|
2002-06-29 15:46:34 +02:00
|
|
|
did_sub = 1;
|
2003-10-08 17:21:20 +02:00
|
|
|
}
|
1998-06-25 12:19:08 +02:00
|
|
|
|
2000-07-14 19:34:53 +02:00
|
|
|
if( !rc && outctrl->use_files ) { /* direct write to specified files */
|
|
|
|
rc = write_keyblock( outctrl->pub.stream, pub_root );
|
|
|
|
if( rc )
|
2002-06-29 15:46:34 +02:00
|
|
|
log_error("can't write public key: %s\n", g10_errstr(rc) );
|
2000-07-14 19:34:53 +02:00
|
|
|
if( !rc ) {
|
|
|
|
rc = write_keyblock( outctrl->sec.stream, sec_root );
|
|
|
|
if( rc )
|
2002-06-29 15:46:34 +02:00
|
|
|
log_error("can't write secret key: %s\n", g10_errstr(rc) );
|
2000-07-14 19:34:53 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
else if( !rc ) { /* write to the standard keyrings */
|
2002-06-29 15:46:34 +02:00
|
|
|
KEYDB_HANDLE pub_hd = keydb_new (0);
|
|
|
|
KEYDB_HANDLE sec_hd = keydb_new (1);
|
|
|
|
|
|
|
|
/* FIXME: we may have to create the keyring first */
|
|
|
|
rc = keydb_locate_writable (pub_hd, NULL);
|
|
|
|
if (rc)
|
|
|
|
log_error (_("no writable public keyring found: %s\n"),
|
|
|
|
g10_errstr (rc));
|
|
|
|
|
|
|
|
if (!rc) {
|
|
|
|
rc = keydb_locate_writable (sec_hd, NULL);
|
|
|
|
if (rc)
|
|
|
|
log_error (_("no writable secret keyring found: %s\n"),
|
|
|
|
g10_errstr (rc));
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!rc && opt.verbose) {
|
|
|
|
log_info(_("writing public key to `%s'\n"),
|
|
|
|
keydb_get_resource_name (pub_hd));
|
2003-10-08 17:21:20 +02:00
|
|
|
if (card)
|
|
|
|
log_info (_("writing secret key stub to `%s'\n"),
|
|
|
|
keydb_get_resource_name (sec_hd));
|
|
|
|
else
|
|
|
|
log_info(_("writing secret key to `%s'\n"),
|
|
|
|
keydb_get_resource_name (sec_hd));
|
2002-06-29 15:46:34 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
if (!rc) {
|
|
|
|
rc = keydb_insert_keyblock (pub_hd, pub_root);
|
|
|
|
if (rc)
|
|
|
|
log_error (_("error writing public keyring `%s': %s\n"),
|
|
|
|
keydb_get_resource_name (pub_hd), g10_errstr(rc));
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!rc) {
|
|
|
|
rc = keydb_insert_keyblock (sec_hd, sec_root);
|
|
|
|
if (rc)
|
|
|
|
log_error (_("error writing secret keyring `%s': %s\n"),
|
|
|
|
keydb_get_resource_name (pub_hd), g10_errstr(rc));
|
|
|
|
}
|
|
|
|
|
|
|
|
keydb_release (pub_hd);
|
|
|
|
keydb_release (sec_hd);
|
|
|
|
|
|
|
|
if (!rc) {
|
|
|
|
int no_enc_rsa =
|
|
|
|
get_parameter_algo(para, pKEYTYPE) == PUBKEY_ALGO_RSA
|
|
|
|
&& get_parameter_uint( para, pKEYUSAGE )
|
|
|
|
&& !(get_parameter_uint( para,pKEYUSAGE) & PUBKEY_USAGE_ENC);
|
|
|
|
PKT_public_key *pk = find_kbnode (pub_root,
|
|
|
|
PKT_PUBLIC_KEY)->pkt->pkt.public_key;
|
2003-11-01 02:13:16 +01:00
|
|
|
|
|
|
|
keyid_from_pk(pk,pk->main_keyid);
|
|
|
|
register_trusted_keyid(pk->main_keyid);
|
|
|
|
|
|
|
|
update_ownertrust (pk,
|
|
|
|
((get_ownertrust (pk) & ~TRUST_MASK)
|
|
|
|
| TRUST_ULTIMATE ));
|
2002-06-29 15:46:34 +02:00
|
|
|
|
|
|
|
if (!opt.batch) {
|
|
|
|
tty_printf(_("public and secret key created and signed.\n") );
|
|
|
|
tty_printf("\n");
|
|
|
|
list_keyblock(pub_root,0,1,NULL);
|
|
|
|
}
|
|
|
|
|
1997-12-16 20:15:09 +01:00
|
|
|
|
2000-07-14 19:34:53 +02:00
|
|
|
if( !opt.batch
|
2002-06-29 15:46:34 +02:00
|
|
|
&& ( get_parameter_algo( para, pKEYTYPE ) == PUBKEY_ALGO_DSA
|
|
|
|
|| no_enc_rsa )
|
2000-07-14 19:34:53 +02:00
|
|
|
&& !get_parameter( para, pSUBKEYTYPE ) )
|
|
|
|
{
|
1998-05-26 15:38:00 +02:00
|
|
|
tty_printf(_("Note that this key cannot be used for "
|
|
|
|
"encryption. You may want to use\n"
|
1999-01-19 19:37:41 +01:00
|
|
|
"the command \"--edit-key\" to generate a "
|
2004-12-20 06:19:09 +01:00
|
|
|
"subkey for this purpose.\n") );
|
2000-07-14 19:34:53 +02:00
|
|
|
}
|
1997-12-16 20:15:09 +01:00
|
|
|
}
|
1997-12-09 13:46:23 +01:00
|
|
|
}
|
1997-12-16 20:15:09 +01:00
|
|
|
|
2000-07-14 19:34:53 +02:00
|
|
|
if( rc ) {
|
|
|
|
if( opt.batch )
|
2002-06-29 15:46:34 +02:00
|
|
|
log_error("key generation failed: %s\n", g10_errstr(rc) );
|
2000-07-14 19:34:53 +02:00
|
|
|
else
|
2002-06-29 15:46:34 +02:00
|
|
|
tty_printf(_("Key generation failed: %s\n"), g10_errstr(rc) );
|
2004-10-13 09:10:51 +02:00
|
|
|
print_status_key_not_created ( get_parameter_value (para, pHANDLE) );
|
2002-06-29 15:46:34 +02:00
|
|
|
}
|
|
|
|
else {
|
2002-10-12 13:47:40 +02:00
|
|
|
PKT_public_key *pk = find_kbnode (pub_root,
|
|
|
|
PKT_PUBLIC_KEY)->pkt->pkt.public_key;
|
2004-10-13 09:10:51 +02:00
|
|
|
print_status_key_created (did_sub? 'B':'P', pk,
|
|
|
|
get_parameter_value (para, pHANDLE));
|
2000-07-14 19:34:53 +02:00
|
|
|
}
|
1997-12-16 20:15:09 +01:00
|
|
|
release_kbnode( pub_root );
|
|
|
|
release_kbnode( sec_root );
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
|
|
|
|
if( pri_sk && !card) /* the unprotected secret key unless we have a */
|
|
|
|
free_secret_key(pri_sk); /* shallow copy in card mode. */
|
|
|
|
if( sub_sk )
|
|
|
|
free_secret_key(sub_sk);
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
|
|
|
|
1998-05-05 22:34:20 +02:00
|
|
|
|
|
|
|
/****************
|
|
|
|
* add a new subkey to an existing key.
|
1998-07-29 21:35:05 +02:00
|
|
|
* Returns true if a new key has been generated and put into the keyblocks.
|
1998-05-05 22:34:20 +02:00
|
|
|
*/
|
1998-07-29 21:35:05 +02:00
|
|
|
int
|
|
|
|
generate_subkeypair( KBNODE pub_keyblock, KBNODE sec_keyblock )
|
1998-05-05 22:34:20 +02:00
|
|
|
{
|
1998-07-29 21:35:05 +02:00
|
|
|
int okay=0, rc=0;
|
1998-05-26 15:38:00 +02:00
|
|
|
KBNODE node;
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
PKT_secret_key *pri_sk = NULL, *sub_sk = NULL;
|
2000-07-14 19:34:53 +02:00
|
|
|
int algo;
|
2002-06-29 15:46:34 +02:00
|
|
|
unsigned int use;
|
1998-11-20 18:42:18 +01:00
|
|
|
u32 expire;
|
1998-05-26 15:38:00 +02:00
|
|
|
unsigned nbits;
|
|
|
|
char *passphrase = NULL;
|
|
|
|
DEK *dek = NULL;
|
|
|
|
STRING2KEY *s2k = NULL;
|
1999-01-12 11:20:24 +01:00
|
|
|
u32 cur_time;
|
2005-01-27 12:48:33 +01:00
|
|
|
int ask_pass = 0;
|
1998-05-26 15:38:00 +02:00
|
|
|
|
1998-07-29 21:35:05 +02:00
|
|
|
/* break out the primary secret key */
|
1998-06-29 14:30:57 +02:00
|
|
|
node = find_kbnode( sec_keyblock, PKT_SECRET_KEY );
|
1998-05-26 15:38:00 +02:00
|
|
|
if( !node ) {
|
|
|
|
log_error("Oops; secret key not found anymore!\n");
|
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
|
1998-06-29 14:30:57 +02:00
|
|
|
/* make a copy of the sk to keep the protected one in the keyblock */
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
pri_sk = copy_secret_key( NULL, node->pkt->pkt.secret_key );
|
1999-01-12 11:20:24 +01:00
|
|
|
|
|
|
|
cur_time = make_timestamp();
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
if( pri_sk->timestamp > cur_time ) {
|
|
|
|
ulong d = pri_sk->timestamp - cur_time;
|
1999-01-12 11:20:24 +01:00
|
|
|
log_info( d==1 ? _("key has been created %lu second "
|
|
|
|
"in future (time warp or clock problem)\n")
|
|
|
|
: _("key has been created %lu seconds "
|
|
|
|
"in future (time warp or clock problem)\n"), d );
|
2000-07-14 19:34:53 +02:00
|
|
|
if( !opt.ignore_time_conflict ) {
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = G10ERR_TIME_CONFLICT;
|
2000-07-14 19:34:53 +02:00
|
|
|
goto leave;
|
|
|
|
}
|
1999-01-12 11:20:24 +01:00
|
|
|
}
|
|
|
|
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
if (pri_sk->version < 4) {
|
2002-06-29 15:46:34 +02:00
|
|
|
log_info (_("NOTE: creating subkeys for v3 keys "
|
|
|
|
"is not OpenPGP compliant\n"));
|
|
|
|
goto leave;
|
|
|
|
}
|
1999-01-12 11:20:24 +01:00
|
|
|
|
2005-01-27 12:48:33 +01:00
|
|
|
if (pri_sk->is_protected && pri_sk->protect.s2k.mode == 1001) {
|
|
|
|
tty_printf(_("Secret parts of primary key are not available.\n"));
|
|
|
|
rc = G10ERR_NO_SECKEY;
|
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/* Unprotect to get the passphrase. */
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
switch( is_secret_key_protected( pri_sk ) ) {
|
1998-05-26 15:38:00 +02:00
|
|
|
case -1:
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = G10ERR_PUBKEY_ALGO;
|
1998-05-26 15:38:00 +02:00
|
|
|
break;
|
|
|
|
case 0:
|
2005-01-27 12:48:33 +01:00
|
|
|
tty_printf(_("This key is not protected.\n"));
|
1998-05-26 15:38:00 +02:00
|
|
|
break;
|
2005-01-27 12:48:33 +01:00
|
|
|
case -2:
|
2005-01-28 01:50:10 +01:00
|
|
|
tty_printf(_("Secret parts of primary key are stored on-card.\n"));
|
2005-01-27 12:48:33 +01:00
|
|
|
ask_pass = 1;
|
|
|
|
break;
|
1998-05-26 15:38:00 +02:00
|
|
|
default:
|
2005-01-27 12:48:33 +01:00
|
|
|
tty_printf(_("Key is protected.\n"));
|
|
|
|
rc = check_secret_key( pri_sk, 0 );
|
|
|
|
if( !rc )
|
|
|
|
passphrase = get_last_passphrase();
|
|
|
|
break;
|
1998-05-26 15:38:00 +02:00
|
|
|
}
|
|
|
|
if( rc )
|
|
|
|
goto leave;
|
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
algo = ask_algo( 1, &use );
|
1998-06-25 12:19:08 +02:00
|
|
|
assert(algo);
|
1998-05-26 15:38:00 +02:00
|
|
|
nbits = ask_keysize( algo );
|
2005-05-05 21:21:40 +02:00
|
|
|
expire = ask_expire_interval(0,NULL);
|
1998-11-27 12:42:49 +01:00
|
|
|
if( !cpr_enabled() && !cpr_get_answer_is_yes("keygen.sub.okay",
|
2004-10-10 17:27:14 +02:00
|
|
|
_("Really create? (y/N) ")))
|
1998-07-29 21:35:05 +02:00
|
|
|
goto leave;
|
1998-05-26 15:38:00 +02:00
|
|
|
|
2005-01-27 12:48:33 +01:00
|
|
|
if (ask_pass)
|
|
|
|
dek = do_ask_passphrase (&s2k);
|
|
|
|
else if (passphrase) {
|
2005-07-27 20:10:56 +02:00
|
|
|
s2k = xmalloc_secure( sizeof *s2k );
|
1998-09-28 21:25:31 +02:00
|
|
|
s2k->mode = opt.s2k_mode;
|
* main.h: Create S2K_DIGEST_ALGO macro so we do not need to always set
opt.s2k_digest_algo. This helps fix a problem with PGP 2.x encrypted
symmetric messages. Change all callers (encode.c, g10.c, keyedit.c,
keygen.c, passphrase.c, sign.c).
* armor.c, cardglue.c, getkey.c, import.c, keygen.c: Be consistent in some
more quoted strings. Always use 'user ID', not 'user id', "quotes" for
user IDs, etc.
2004-09-24 22:34:38 +02:00
|
|
|
s2k->hash_algo = S2K_DIGEST_ALGO;
|
1998-05-26 15:38:00 +02:00
|
|
|
set_next_passphrase( passphrase );
|
2003-04-10 11:56:47 +02:00
|
|
|
dek = passphrase_to_dek( NULL, 0, opt.s2k_cipher_algo, s2k, 2,
|
|
|
|
NULL, NULL );
|
1998-05-26 15:38:00 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
rc = do_create( algo, nbits, pub_keyblock, sec_keyblock,
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
dek, s2k, &sub_sk, expire, 1 );
|
1998-05-26 15:38:00 +02:00
|
|
|
if( !rc )
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
rc = write_keybinding(pub_keyblock, pub_keyblock, pri_sk, sub_sk, use);
|
1998-05-26 15:38:00 +02:00
|
|
|
if( !rc )
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
rc = write_keybinding(sec_keyblock, pub_keyblock, pri_sk, sub_sk, use);
|
2002-06-29 15:46:34 +02:00
|
|
|
if( !rc ) {
|
1998-07-29 21:35:05 +02:00
|
|
|
okay = 1;
|
2002-06-29 15:46:34 +02:00
|
|
|
write_status_text (STATUS_KEY_CREATED, "S");
|
|
|
|
}
|
1998-05-26 15:38:00 +02:00
|
|
|
|
|
|
|
leave:
|
|
|
|
if( rc )
|
2002-06-29 15:46:34 +02:00
|
|
|
log_error(_("Key generation failed: %s\n"), g10_errstr(rc) );
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree( passphrase );
|
|
|
|
xfree( dek );
|
|
|
|
xfree( s2k );
|
* keygen.c (gen_elg, gen_dsa, gen_rsa, do_create, do_generate_keypair,
generate_subkeypair): New is_subkey argument to set whether a generated
key is a subkey. Do not overload the ret_sk. This is some early cleanup
to do backsigs for signing subkeys.
* keygen.c (write_keybinding, do_generate_keypair, generate_subkeypair):
Keep track of the unprotected subkey secret key so we can make a backsig
with it.
* keygen.c (make_backsig): New function to add a backsig to a binding sig
of signing subkeys. Currently disabled. (write_keybinding): Call it here,
for signing subkeys only.
* sign.c (make_keysig_packet): Allow generating 0x19 signatures (same as
0x18 or 0x28, but used for backsigs).
* packet.h, build-packet.c (build_sig_subpkt): Add new SIGSUBPKT_SIGNATURE
type for embedded signatures.
2004-04-16 18:07:07 +02:00
|
|
|
/* release the copy of the (now unprotected) secret keys */
|
|
|
|
if( pri_sk )
|
|
|
|
free_secret_key(pri_sk);
|
|
|
|
if( sub_sk )
|
|
|
|
free_secret_key(sub_sk);
|
1998-05-26 15:38:00 +02:00
|
|
|
set_next_passphrase( NULL );
|
1998-07-29 21:35:05 +02:00
|
|
|
return okay;
|
1998-05-05 22:34:20 +02:00
|
|
|
}
|
|
|
|
|
2004-09-20 20:38:39 +02:00
|
|
|
|
|
|
|
#ifdef ENABLE_CARD_SUPPORT
|
|
|
|
/* Generate a subkey on a card. */
|
|
|
|
int
|
|
|
|
generate_card_subkeypair (KBNODE pub_keyblock, KBNODE sec_keyblock,
|
|
|
|
int keyno, const char *serialno)
|
|
|
|
{
|
|
|
|
int okay=0, rc=0;
|
|
|
|
KBNODE node;
|
|
|
|
PKT_secret_key *pri_sk = NULL;
|
|
|
|
int algo;
|
|
|
|
unsigned int use;
|
|
|
|
u32 expire;
|
|
|
|
char *passphrase = NULL;
|
|
|
|
u32 cur_time;
|
|
|
|
struct para_data_s *para = NULL;
|
|
|
|
|
|
|
|
assert (keyno >= 1 && keyno <= 3);
|
|
|
|
|
|
|
|
para = xcalloc (1, sizeof *para + strlen (serialno) );
|
|
|
|
para->key = pSERIALNO;
|
|
|
|
strcpy (para->u.value, serialno);
|
|
|
|
|
|
|
|
/* Break out the primary secret key */
|
|
|
|
node = find_kbnode( sec_keyblock, PKT_SECRET_KEY );
|
|
|
|
if(!node)
|
|
|
|
{
|
|
|
|
log_error("Oops; secret key not found anymore!\n");
|
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Make a copy of the sk to keep the protected one in the keyblock */
|
|
|
|
pri_sk = copy_secret_key (NULL, node->pkt->pkt.secret_key);
|
|
|
|
|
|
|
|
cur_time = make_timestamp();
|
|
|
|
if (pri_sk->timestamp > cur_time)
|
|
|
|
{
|
|
|
|
ulong d = pri_sk->timestamp - cur_time;
|
|
|
|
log_info (d==1 ? _("key has been created %lu second "
|
|
|
|
"in future (time warp or clock problem)\n")
|
|
|
|
: _("key has been created %lu seconds "
|
|
|
|
"in future (time warp or clock problem)\n"), d );
|
|
|
|
if (!opt.ignore_time_conflict)
|
|
|
|
{
|
|
|
|
rc = G10ERR_TIME_CONFLICT;
|
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (pri_sk->version < 4)
|
|
|
|
{
|
|
|
|
log_info (_("NOTE: creating subkeys for v3 keys "
|
|
|
|
"is not OpenPGP compliant\n"));
|
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Unprotect to get the passphrase. */
|
|
|
|
switch( is_secret_key_protected (pri_sk) )
|
|
|
|
{
|
|
|
|
case -1:
|
|
|
|
rc = G10ERR_PUBKEY_ALGO;
|
|
|
|
break;
|
|
|
|
case 0:
|
|
|
|
tty_printf("This key is not protected.\n");
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
tty_printf("Key is protected.\n");
|
|
|
|
rc = check_secret_key( pri_sk, 0 );
|
|
|
|
if (!rc)
|
|
|
|
passphrase = get_last_passphrase();
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
if (rc)
|
|
|
|
goto leave;
|
|
|
|
|
|
|
|
algo = PUBKEY_ALGO_RSA;
|
2005-05-05 21:21:40 +02:00
|
|
|
expire = ask_expire_interval (0,NULL);
|
2004-09-20 20:38:39 +02:00
|
|
|
if (keyno == 1)
|
|
|
|
use = PUBKEY_USAGE_SIG;
|
|
|
|
else if (keyno == 2)
|
|
|
|
use = PUBKEY_USAGE_ENC;
|
|
|
|
else
|
|
|
|
use = PUBKEY_USAGE_AUTH;
|
|
|
|
if (!cpr_enabled() && !cpr_get_answer_is_yes("keygen.cardsub.okay",
|
2004-10-10 17:27:14 +02:00
|
|
|
_("Really create? (y/N) ")))
|
2004-09-20 20:38:39 +02:00
|
|
|
goto leave;
|
|
|
|
|
|
|
|
if (passphrase)
|
|
|
|
set_next_passphrase (passphrase);
|
|
|
|
rc = gen_card_key (algo, keyno, 0, pub_keyblock, sec_keyblock, expire, para);
|
|
|
|
if (!rc)
|
|
|
|
rc = write_keybinding (pub_keyblock, pub_keyblock, pri_sk, NULL, use);
|
|
|
|
if (!rc)
|
|
|
|
rc = write_keybinding (sec_keyblock, pub_keyblock, pri_sk, NULL, use);
|
|
|
|
if (!rc)
|
|
|
|
{
|
|
|
|
okay = 1;
|
|
|
|
write_status_text (STATUS_KEY_CREATED, "S");
|
|
|
|
}
|
|
|
|
|
|
|
|
leave:
|
|
|
|
if (rc)
|
|
|
|
log_error (_("Key generation failed: %s\n"), g10_errstr(rc) );
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree (passphrase);
|
2004-09-20 20:38:39 +02:00
|
|
|
/* Release the copy of the (now unprotected) secret keys. */
|
|
|
|
if (pri_sk)
|
|
|
|
free_secret_key (pri_sk);
|
|
|
|
set_next_passphrase( NULL );
|
|
|
|
release_parameter_list (para);
|
|
|
|
return okay;
|
|
|
|
}
|
|
|
|
#endif /* !ENABLE_CARD_SUPPORT */
|
|
|
|
|
|
|
|
|
2000-07-14 19:34:53 +02:00
|
|
|
/****************
|
|
|
|
* Write a keyblock to an output stream
|
|
|
|
*/
|
|
|
|
static int
|
|
|
|
write_keyblock( IOBUF out, KBNODE node )
|
|
|
|
{
|
2005-08-04 23:41:11 +02:00
|
|
|
for( ; node ; node = node->next )
|
|
|
|
{
|
|
|
|
if(!is_deleted_kbnode(node))
|
|
|
|
{
|
|
|
|
int rc = build_packet( out, node->pkt );
|
|
|
|
if( rc )
|
|
|
|
{
|
|
|
|
log_error("build_packet(%d) failed: %s\n",
|
2002-06-29 15:46:34 +02:00
|
|
|
node->pkt->pkttype, g10_errstr(rc) );
|
2005-08-04 23:41:11 +02:00
|
|
|
return G10ERR_WRITE_FILE;
|
|
|
|
}
|
2000-07-14 19:34:53 +02:00
|
|
|
}
|
|
|
|
}
|
2005-08-04 23:41:11 +02:00
|
|
|
|
|
|
|
return 0;
|
2000-07-14 19:34:53 +02:00
|
|
|
}
|
2003-10-08 17:21:20 +02:00
|
|
|
|
|
|
|
|
|
|
|
static int
|
2004-09-20 20:38:39 +02:00
|
|
|
gen_card_key (int algo, int keyno, int is_primary,
|
|
|
|
KBNODE pub_root, KBNODE sec_root,
|
2003-10-08 17:21:20 +02:00
|
|
|
u32 expireval, struct para_data_s *para)
|
|
|
|
{
|
|
|
|
#ifdef ENABLE_CARD_SUPPORT
|
|
|
|
int rc;
|
|
|
|
const char *s;
|
|
|
|
struct agent_card_genkey_s info;
|
|
|
|
PACKET *pkt;
|
|
|
|
PKT_secret_key *sk;
|
|
|
|
PKT_public_key *pk;
|
|
|
|
|
|
|
|
assert (algo == PUBKEY_ALGO_RSA);
|
2004-09-23 21:34:45 +02:00
|
|
|
|
2005-10-18 19:41:20 +02:00
|
|
|
/* Fixme: We don't have the serialnumber available, thus passing NULL. */
|
|
|
|
rc = agent_scd_genkey (&info, keyno, 1, NULL);
|
2003-10-08 17:21:20 +02:00
|
|
|
/* if (gpg_err_code (rc) == GPG_ERR_EEXIST) */
|
|
|
|
/* { */
|
|
|
|
/* tty_printf ("\n"); */
|
|
|
|
/* log_error ("WARNING: key does already exists!\n"); */
|
|
|
|
/* tty_printf ("\n"); */
|
|
|
|
/* if ( cpr_get_answer_is_yes( "keygen.card.replace_key", */
|
|
|
|
/* _("Replace existing key? "))) */
|
|
|
|
/* rc = agent_scd_genkey (&info, keyno, 1); */
|
|
|
|
/* } */
|
|
|
|
|
|
|
|
if (rc)
|
|
|
|
{
|
|
|
|
log_error ("key generation failed: %s\n", gpg_strerror (rc));
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
if ( !info.n || !info.e )
|
|
|
|
{
|
|
|
|
log_error ("communication error with SCD\n");
|
|
|
|
mpi_free (info.n);
|
|
|
|
mpi_free (info.e);
|
|
|
|
return gpg_error (GPG_ERR_GENERAL);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
pk = xcalloc (1, sizeof *pk );
|
|
|
|
sk = xcalloc (1, sizeof *sk );
|
|
|
|
sk->timestamp = pk->timestamp = info.created_at;
|
|
|
|
sk->version = pk->version = 4;
|
|
|
|
if (expireval)
|
|
|
|
sk->expiredate = pk->expiredate = pk->timestamp + expireval;
|
|
|
|
sk->pubkey_algo = pk->pubkey_algo = algo;
|
|
|
|
pk->pkey[0] = info.n;
|
|
|
|
pk->pkey[1] = info.e;
|
|
|
|
sk->skey[0] = mpi_copy (pk->pkey[0]);
|
|
|
|
sk->skey[1] = mpi_copy (pk->pkey[1]);
|
|
|
|
sk->skey[2] = mpi_set_opaque (NULL, xstrdup ("dummydata"), 10);
|
|
|
|
sk->is_protected = 1;
|
|
|
|
sk->protect.s2k.mode = 1002;
|
|
|
|
s = get_parameter_value (para, pSERIALNO);
|
|
|
|
if (s)
|
|
|
|
{
|
|
|
|
for (sk->protect.ivlen=0; sk->protect.ivlen < 16 && *s && s[1];
|
|
|
|
sk->protect.ivlen++, s += 2)
|
|
|
|
sk->protect.iv[sk->protect.ivlen] = xtoi_2 (s);
|
|
|
|
}
|
|
|
|
|
|
|
|
pkt = xcalloc (1,sizeof *pkt);
|
2004-09-20 20:38:39 +02:00
|
|
|
pkt->pkttype = is_primary ? PKT_PUBLIC_KEY : PKT_PUBLIC_SUBKEY;
|
2003-10-08 17:21:20 +02:00
|
|
|
pkt->pkt.public_key = pk;
|
|
|
|
add_kbnode(pub_root, new_kbnode( pkt ));
|
|
|
|
|
|
|
|
pkt = xcalloc (1,sizeof *pkt);
|
2004-09-20 20:38:39 +02:00
|
|
|
pkt->pkttype = is_primary ? PKT_SECRET_KEY : PKT_SECRET_SUBKEY;
|
2003-10-08 17:21:20 +02:00
|
|
|
pkt->pkt.secret_key = sk;
|
|
|
|
add_kbnode(sec_root, new_kbnode( pkt ));
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
#else
|
|
|
|
return -1;
|
|
|
|
#endif /*!ENABLE_CARD_SUPPORT*/
|
|
|
|
}
|
2004-09-23 21:34:45 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
|
|
|
gen_card_key_with_backup (int algo, int keyno, int is_primary,
|
|
|
|
KBNODE pub_root, KBNODE sec_root,
|
|
|
|
u32 expireval, struct para_data_s *para,
|
|
|
|
const char *backup_dir)
|
|
|
|
{
|
|
|
|
#ifdef ENABLE_CARD_SUPPORT
|
|
|
|
int rc;
|
|
|
|
const char *s;
|
|
|
|
PACKET *pkt;
|
|
|
|
PKT_secret_key *sk, *sk_unprotected, *sk_protected;
|
|
|
|
PKT_public_key *pk;
|
|
|
|
size_t n;
|
|
|
|
int i;
|
|
|
|
|
|
|
|
rc = generate_raw_key (algo, 1024, make_timestamp (),
|
|
|
|
&sk_unprotected, &sk_protected);
|
|
|
|
if (rc)
|
|
|
|
return rc;
|
|
|
|
|
|
|
|
/* First, store the key to the card. */
|
|
|
|
rc = save_unprotected_key_to_card (sk_unprotected, keyno);
|
|
|
|
if (rc)
|
|
|
|
{
|
|
|
|
log_error (_("storing key onto card failed: %s\n"), g10_errstr (rc));
|
|
|
|
free_secret_key (sk_unprotected);
|
|
|
|
free_secret_key (sk_protected);
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Get rid of the secret key parameters and store the serial numer. */
|
|
|
|
sk = sk_unprotected;
|
|
|
|
n = pubkey_get_nskey (sk->pubkey_algo);
|
|
|
|
for (i=pubkey_get_npkey (sk->pubkey_algo); i < n; i++)
|
|
|
|
{
|
|
|
|
mpi_free (sk->skey[i]);
|
|
|
|
sk->skey[i] = NULL;
|
|
|
|
}
|
|
|
|
i = pubkey_get_npkey (sk->pubkey_algo);
|
|
|
|
sk->skey[i] = mpi_set_opaque (NULL, xstrdup ("dummydata"), 10);
|
|
|
|
sk->is_protected = 1;
|
|
|
|
sk->protect.s2k.mode = 1002;
|
|
|
|
s = get_parameter_value (para, pSERIALNO);
|
|
|
|
assert (s);
|
|
|
|
for (sk->protect.ivlen=0; sk->protect.ivlen < 16 && *s && s[1];
|
|
|
|
sk->protect.ivlen++, s += 2)
|
|
|
|
sk->protect.iv[sk->protect.ivlen] = xtoi_2 (s);
|
|
|
|
|
|
|
|
/* Now write the *protected* secret key to the file. */
|
|
|
|
{
|
|
|
|
char name_buffer[50];
|
|
|
|
char *fname;
|
|
|
|
IOBUF fp;
|
|
|
|
mode_t oldmask;
|
|
|
|
|
|
|
|
keyid_from_sk (sk, NULL);
|
|
|
|
sprintf (name_buffer,"sk_%08lX%08lX.gpg",
|
|
|
|
(ulong)sk->keyid[0], (ulong)sk->keyid[1]);
|
|
|
|
|
|
|
|
fname = make_filename (backup_dir, name_buffer, NULL);
|
|
|
|
oldmask = umask (077);
|
2004-10-14 09:11:57 +02:00
|
|
|
if (is_secured_filename (fname))
|
|
|
|
{
|
|
|
|
fp = NULL;
|
|
|
|
errno = EPERM;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
fp = iobuf_create (fname);
|
2004-09-23 21:34:45 +02:00
|
|
|
umask (oldmask);
|
|
|
|
if (!fp)
|
|
|
|
{
|
|
|
|
log_error (_("can't create backup file `%s': %s\n"),
|
|
|
|
fname, strerror(errno) );
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree (fname);
|
2004-09-23 21:34:45 +02:00
|
|
|
free_secret_key (sk_unprotected);
|
|
|
|
free_secret_key (sk_protected);
|
|
|
|
return G10ERR_OPEN_FILE;
|
|
|
|
}
|
|
|
|
|
|
|
|
pkt = xcalloc (1, sizeof *pkt);
|
|
|
|
pkt->pkttype = PKT_SECRET_KEY;
|
|
|
|
pkt->pkt.secret_key = sk_protected;
|
|
|
|
sk_protected = NULL;
|
|
|
|
|
|
|
|
rc = build_packet (fp, pkt);
|
|
|
|
if (rc)
|
|
|
|
{
|
|
|
|
log_error("build packet failed: %s\n", g10_errstr(rc) );
|
|
|
|
iobuf_cancel (fp);
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
2005-03-14 20:19:21 +01:00
|
|
|
byte array[MAX_FINGERPRINT_LEN];
|
|
|
|
char *fprbuf, *p;
|
|
|
|
|
2004-09-23 21:34:45 +02:00
|
|
|
iobuf_close (fp);
|
|
|
|
iobuf_ioctl (NULL, 2, 0, (char*)fname);
|
|
|
|
log_info (_("NOTE: backup of card key saved to `%s'\n"), fname);
|
2005-03-14 20:19:21 +01:00
|
|
|
|
|
|
|
fingerprint_from_sk (sk, array, &n);
|
|
|
|
p = fprbuf = xmalloc (MAX_FINGERPRINT_LEN*2 + 1 + 1);
|
|
|
|
for (i=0; i < n ; i++, p += 2)
|
|
|
|
sprintf (p, "%02X", array[i]);
|
|
|
|
*p++ = ' ';
|
|
|
|
*p = 0;
|
|
|
|
|
|
|
|
write_status_text_and_buffer (STATUS_BACKUP_KEY_CREATED,
|
|
|
|
fprbuf,
|
|
|
|
fname, strlen (fname),
|
|
|
|
0);
|
|
|
|
xfree (fprbuf);
|
2004-09-23 21:34:45 +02:00
|
|
|
}
|
|
|
|
free_packet (pkt);
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree (pkt);
|
|
|
|
xfree (fname);
|
2004-09-23 21:34:45 +02:00
|
|
|
if (rc)
|
|
|
|
{
|
|
|
|
free_secret_key (sk_unprotected);
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Create the public key from the secret key. */
|
|
|
|
pk = xcalloc (1, sizeof *pk );
|
|
|
|
pk->timestamp = sk->timestamp;
|
|
|
|
pk->version = sk->version;
|
|
|
|
if (expireval)
|
|
|
|
pk->expiredate = sk->expiredate = sk->timestamp + expireval;
|
|
|
|
pk->pubkey_algo = sk->pubkey_algo;
|
|
|
|
n = pubkey_get_npkey (sk->pubkey_algo);
|
|
|
|
for (i=0; i < n; i++)
|
|
|
|
pk->pkey[i] = mpi_copy (sk->skey[i]);
|
|
|
|
|
|
|
|
/* Build packets and add them to the node lists. */
|
|
|
|
pkt = xcalloc (1,sizeof *pkt);
|
|
|
|
pkt->pkttype = is_primary ? PKT_PUBLIC_KEY : PKT_PUBLIC_SUBKEY;
|
|
|
|
pkt->pkt.public_key = pk;
|
|
|
|
add_kbnode(pub_root, new_kbnode( pkt ));
|
|
|
|
|
|
|
|
pkt = xcalloc (1,sizeof *pkt);
|
|
|
|
pkt->pkttype = is_primary ? PKT_SECRET_KEY : PKT_SECRET_SUBKEY;
|
|
|
|
pkt->pkt.secret_key = sk;
|
|
|
|
add_kbnode(sec_root, new_kbnode( pkt ));
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
#else
|
|
|
|
return -1;
|
|
|
|
#endif /*!ENABLE_CARD_SUPPORT*/
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
#ifdef ENABLE_CARD_SUPPORT
|
|
|
|
int
|
|
|
|
save_unprotected_key_to_card (PKT_secret_key *sk, int keyno)
|
|
|
|
{
|
|
|
|
int rc;
|
2005-05-21 16:04:32 +02:00
|
|
|
unsigned char *rsa_n = NULL;
|
|
|
|
unsigned char *rsa_e = NULL;
|
|
|
|
unsigned char *rsa_p = NULL;
|
|
|
|
unsigned char *rsa_q = NULL;
|
|
|
|
unsigned int rsa_n_len, rsa_e_len, rsa_p_len, rsa_q_len;
|
|
|
|
unsigned char *sexp = NULL;
|
|
|
|
unsigned char *p;
|
|
|
|
char numbuf[55], numbuf2[50];
|
2004-09-23 21:34:45 +02:00
|
|
|
|
|
|
|
assert (is_RSA (sk->pubkey_algo));
|
|
|
|
assert (!sk->is_protected);
|
|
|
|
|
2005-05-21 16:04:32 +02:00
|
|
|
/* Copy the parameters into straight buffers. */
|
|
|
|
rsa_n = mpi_get_secure_buffer (sk->skey[0], &rsa_n_len, NULL);
|
|
|
|
rsa_e = mpi_get_secure_buffer (sk->skey[1], &rsa_e_len, NULL);
|
|
|
|
rsa_p = mpi_get_secure_buffer (sk->skey[3], &rsa_p_len, NULL);
|
|
|
|
rsa_q = mpi_get_secure_buffer (sk->skey[4], &rsa_q_len, NULL);
|
|
|
|
if (!rsa_n || !rsa_e || !rsa_p || !rsa_q)
|
2004-09-23 21:34:45 +02:00
|
|
|
{
|
2005-05-21 16:04:32 +02:00
|
|
|
rc = G10ERR_INV_ARG;
|
2004-09-23 21:34:45 +02:00
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
|
2005-05-21 16:04:32 +02:00
|
|
|
/* Put the key into an S-expression. */
|
|
|
|
sexp = p = xmalloc_secure (30
|
|
|
|
+ rsa_n_len + rsa_e_len + rsa_p_len + rsa_q_len
|
|
|
|
+ 4*sizeof (numbuf) + 25 + sizeof(numbuf) + 20);
|
2004-09-23 21:34:45 +02:00
|
|
|
|
2005-05-21 16:04:32 +02:00
|
|
|
p = stpcpy (p,"(11:private-key(3:rsa(1:n");
|
|
|
|
sprintf (numbuf, "%u:", rsa_n_len);
|
|
|
|
p = stpcpy (p, numbuf);
|
|
|
|
memcpy (p, rsa_n, rsa_n_len);
|
|
|
|
p += rsa_n_len;
|
|
|
|
|
|
|
|
sprintf (numbuf, ")(1:e%u:", rsa_e_len);
|
|
|
|
p = stpcpy (p, numbuf);
|
|
|
|
memcpy (p, rsa_e, rsa_e_len);
|
|
|
|
p += rsa_e_len;
|
|
|
|
|
|
|
|
sprintf (numbuf, ")(1:p%u:", rsa_p_len);
|
|
|
|
p = stpcpy (p, numbuf);
|
|
|
|
memcpy (p, rsa_p, rsa_p_len);
|
|
|
|
p += rsa_p_len;
|
|
|
|
|
|
|
|
sprintf (numbuf, ")(1:q%u:", rsa_q_len);
|
|
|
|
p = stpcpy (p, numbuf);
|
|
|
|
memcpy (p, rsa_q, rsa_q_len);
|
|
|
|
p += rsa_q_len;
|
|
|
|
|
|
|
|
p = stpcpy (p,"))(10:created-at");
|
|
|
|
sprintf (numbuf2, "%lu", (unsigned long)sk->timestamp);
|
2005-06-20 19:32:09 +02:00
|
|
|
sprintf (numbuf, "%lu:", (unsigned long)strlen (numbuf2));
|
2005-05-21 16:04:32 +02:00
|
|
|
p = stpcpy (stpcpy (stpcpy (p, numbuf), numbuf2), "))");
|
2004-09-23 21:34:45 +02:00
|
|
|
|
2005-10-18 19:41:20 +02:00
|
|
|
/* Fixme: Unfortunately we don't have the serialnumber available -
|
|
|
|
thus we can't pass it down to the agent. */
|
|
|
|
rc = agent_scd_writekey (keyno, NULL, sexp, p - sexp);
|
2004-09-23 21:34:45 +02:00
|
|
|
|
|
|
|
leave:
|
2005-05-21 16:04:32 +02:00
|
|
|
xfree (sexp);
|
|
|
|
xfree (rsa_n);
|
|
|
|
xfree (rsa_e);
|
|
|
|
xfree (rsa_p);
|
|
|
|
xfree (rsa_q);
|
2004-09-23 21:34:45 +02:00
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
#endif /*ENABLE_CARD_SUPPORT*/
|