1997-11-18 15:06:00 +01:00
|
|
|
/* parse-packet.c - read packets
|
2008-04-17 19:40:30 +02:00
|
|
|
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
|
|
|
|
* 2008 Free Software Foundation, Inc.
|
1997-11-18 15:06:00 +01:00
|
|
|
*
|
1998-12-23 13:41:40 +01:00
|
|
|
* This file is part of GnuPG.
|
1997-11-18 15:06:00 +01:00
|
|
|
*
|
1998-12-23 13:41:40 +01:00
|
|
|
* GnuPG is free software; you can redistribute it and/or modify
|
1997-11-18 15:06:00 +01:00
|
|
|
* it under the terms of the GNU General Public License as published by
|
2007-10-23 12:48:09 +02:00
|
|
|
* the Free Software Foundation; either version 3 of the License, or
|
1997-11-18 15:06:00 +01:00
|
|
|
* (at your option) any later version.
|
|
|
|
*
|
1998-12-23 13:41:40 +01:00
|
|
|
* GnuPG is distributed in the hope that it will be useful,
|
1997-11-18 15:06:00 +01:00
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
2007-10-23 12:48:09 +02:00
|
|
|
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
1997-11-18 15:06:00 +01:00
|
|
|
*/
|
|
|
|
|
|
|
|
#include <config.h>
|
|
|
|
#include <stdio.h>
|
|
|
|
#include <stdlib.h>
|
|
|
|
#include <string.h>
|
|
|
|
#include <assert.h>
|
|
|
|
|
|
|
|
#include "packet.h"
|
|
|
|
#include "iobuf.h"
|
2002-06-29 15:46:34 +02:00
|
|
|
#include "mpi.h"
|
1997-11-18 15:06:00 +01:00
|
|
|
#include "util.h"
|
2002-06-29 15:46:34 +02:00
|
|
|
#include "cipher.h"
|
|
|
|
#include "memory.h"
|
1997-11-18 15:06:00 +01:00
|
|
|
#include "filter.h"
|
2002-06-29 15:46:34 +02:00
|
|
|
#include "photoid.h"
|
1997-11-18 15:06:00 +01:00
|
|
|
#include "options.h"
|
1998-06-25 12:19:08 +02:00
|
|
|
#include "main.h"
|
1998-11-10 13:59:59 +01:00
|
|
|
#include "i18n.h"
|
2015-02-22 05:10:32 +01:00
|
|
|
#include "host2net.h"
|
1997-11-18 15:06:00 +01:00
|
|
|
|
2007-02-04 18:20:24 +01:00
|
|
|
#ifndef MAX_EXTERN_MPI_BITS
|
|
|
|
#define MAX_EXTERN_MPI_BITS 16384
|
|
|
|
#endif
|
|
|
|
|
2015-02-22 05:10:27 +01:00
|
|
|
/* Maximum length of packets to avoid excessive memory allocation. */
|
|
|
|
#define MAX_KEY_PACKET_LENGTH (256 * 1024)
|
|
|
|
#define MAX_UID_PACKET_LENGTH ( 2 * 1024)
|
|
|
|
#define MAX_COMMENT_PACKET_LENGTH ( 64 * 1024)
|
|
|
|
#define MAX_ATTR_PACKET_LENGTH ( 16 * 1024*1024)
|
|
|
|
|
2007-02-04 18:20:24 +01:00
|
|
|
|
2005-02-03 10:32:53 +01:00
|
|
|
static int mpi_print_mode;
|
|
|
|
static int list_mode;
|
|
|
|
static FILE *listfp;
|
1997-11-18 15:06:00 +01:00
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
static int parse( IOBUF inp, PACKET *pkt, int onlykeypkts,
|
|
|
|
off_t *retpos, int *skip, IOBUF out, int do_skip
|
* armor.c, g10.c, kbnode.c, misc.c, pkclist.c, sign.c, build-packet.c,
getkey.c, keydb.c, openfile.c, plaintext.c, status.c, gpgv.c, keygen.c,
options.h, sig-check.c, tdbio.h, encode.c, mainproc.c, parse-packet.c,
signal.c, textfilter.c: Edit all preprocessor instructions to remove
whitespace before the '#'. This is not required by C89, but there are some
compilers out there that don't like it.
2003-05-24 23:50:33 +02:00
|
|
|
#ifdef DEBUG_PARSE_PACKET
|
1998-12-23 13:41:40 +01:00
|
|
|
,const char *dbg_w, const char *dbg_f, int dbg_l
|
* armor.c, g10.c, kbnode.c, misc.c, pkclist.c, sign.c, build-packet.c,
getkey.c, keydb.c, openfile.c, plaintext.c, status.c, gpgv.c, keygen.c,
options.h, sig-check.c, tdbio.h, encode.c, mainproc.c, parse-packet.c,
signal.c, textfilter.c: Edit all preprocessor instructions to remove
whitespace before the '#'. This is not required by C89, but there are some
compilers out there that don't like it.
2003-05-24 23:50:33 +02:00
|
|
|
#endif
|
1998-12-23 13:41:40 +01:00
|
|
|
);
|
1998-02-11 04:25:44 +01:00
|
|
|
static int copy_packet( IOBUF inp, IOBUF out, int pkttype,
|
2004-03-03 01:09:16 +01:00
|
|
|
unsigned long pktlen, int partial );
|
|
|
|
static void skip_packet( IOBUF inp, int pkttype,
|
|
|
|
unsigned long pktlen, int partial );
|
|
|
|
static void *read_rest( IOBUF inp, size_t pktlen, int partial );
|
2007-04-04 06:00:20 +02:00
|
|
|
static int parse_marker( IOBUF inp, int pkttype, unsigned long pktlen );
|
1998-05-03 17:42:08 +02:00
|
|
|
static int parse_symkeyenc( IOBUF inp, int pkttype, unsigned long pktlen,
|
|
|
|
PACKET *packet );
|
|
|
|
static int parse_pubkeyenc( IOBUF inp, int pkttype, unsigned long pktlen,
|
1997-11-18 15:06:00 +01:00
|
|
|
PACKET *packet );
|
1997-12-02 20:36:53 +01:00
|
|
|
static int parse_onepass_sig( IOBUF inp, int pkttype, unsigned long pktlen,
|
|
|
|
PKT_onepass_sig *ops );
|
1998-06-29 14:30:57 +02:00
|
|
|
static int parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
|
1997-11-18 15:06:00 +01:00
|
|
|
byte *hdr, int hdrlen, PACKET *packet );
|
|
|
|
static int parse_user_id( IOBUF inp, int pkttype, unsigned long pktlen,
|
|
|
|
PACKET *packet );
|
2002-06-29 15:46:34 +02:00
|
|
|
static int parse_attribute( IOBUF inp, int pkttype, unsigned long pktlen,
|
2000-07-14 19:34:53 +02:00
|
|
|
PACKET *packet );
|
1998-02-11 04:25:44 +01:00
|
|
|
static int parse_comment( IOBUF inp, int pkttype, unsigned long pktlen,
|
|
|
|
PACKET *packet );
|
1999-07-08 16:24:35 +02:00
|
|
|
static void parse_trust( IOBUF inp, int pkttype, unsigned long pktlen,
|
|
|
|
PACKET *packet );
|
1997-11-18 15:06:00 +01:00
|
|
|
static int parse_plaintext( IOBUF inp, int pkttype, unsigned long pktlen,
|
2004-03-03 01:09:16 +01:00
|
|
|
PACKET *packet, int new_ctb, int partial);
|
1997-11-18 15:06:00 +01:00
|
|
|
static int parse_compressed( IOBUF inp, int pkttype, unsigned long pktlen,
|
1998-07-02 21:31:46 +02:00
|
|
|
PACKET *packet, int new_ctb );
|
1997-11-18 15:06:00 +01:00
|
|
|
static int parse_encrypted( IOBUF inp, int pkttype, unsigned long pktlen,
|
2004-03-03 01:09:16 +01:00
|
|
|
PACKET *packet, int new_ctb, int partial);
|
2000-07-14 19:34:53 +02:00
|
|
|
static int parse_mdc( IOBUF inp, int pkttype, unsigned long pktlen,
|
|
|
|
PACKET *packet, int new_ctb);
|
2002-06-29 15:46:34 +02:00
|
|
|
static int parse_gpg_control( IOBUF inp, int pkttype, unsigned long pktlen,
|
2004-03-03 01:09:16 +01:00
|
|
|
PACKET *packet, int partial );
|
1997-11-18 15:06:00 +01:00
|
|
|
|
|
|
|
static unsigned short
|
|
|
|
read_16(IOBUF inp)
|
|
|
|
{
|
|
|
|
unsigned short a;
|
2015-02-22 05:10:32 +01:00
|
|
|
a = (unsigned short)iobuf_get_noeof(inp) << 8;
|
1997-11-18 15:06:00 +01:00
|
|
|
a |= iobuf_get_noeof(inp);
|
|
|
|
return a;
|
|
|
|
}
|
|
|
|
|
|
|
|
static unsigned long
|
|
|
|
read_32(IOBUF inp)
|
|
|
|
{
|
|
|
|
unsigned long a;
|
2015-02-22 05:10:32 +01:00
|
|
|
a = (unsigned long)iobuf_get_noeof(inp) << 24;
|
1997-11-18 15:06:00 +01:00
|
|
|
a |= iobuf_get_noeof(inp) << 16;
|
|
|
|
a |= iobuf_get_noeof(inp) << 8;
|
|
|
|
a |= iobuf_get_noeof(inp);
|
|
|
|
return a;
|
|
|
|
}
|
|
|
|
|
1998-03-09 22:44:06 +01:00
|
|
|
|
1997-11-18 15:06:00 +01:00
|
|
|
int
|
|
|
|
set_packet_list_mode( int mode )
|
|
|
|
{
|
|
|
|
int old = list_mode;
|
|
|
|
list_mode = mode;
|
2002-06-29 15:46:34 +02:00
|
|
|
mpi_print_mode = DBG_MPI;
|
2005-02-03 10:32:53 +01:00
|
|
|
/* We use stdout print only if invoked by the --list-packets
|
|
|
|
command but switch to stderr in all otehr cases. This breaks
|
|
|
|
the previous behaviour but that seems to be more of a bug than
|
|
|
|
intentional. I don't believe that any application makes use of
|
|
|
|
this long standing annoying way of printing to stdout except
|
|
|
|
when doing a --list-packets. If this assumption fails, it will
|
|
|
|
be easy to add an option for the listing stream. Note that we
|
|
|
|
initialize it only once; mainly because some code may switch
|
|
|
|
the option value later back to 1 and we want to have all output
|
2011-07-22 14:00:08 +02:00
|
|
|
to the same stream.
|
2005-02-03 10:32:53 +01:00
|
|
|
|
|
|
|
Using stderr is not actually very clean because it bypasses the
|
|
|
|
logging code but it is a special thing anyay. I am not sure
|
|
|
|
whether using log_stream() would be better. Perhaps we should
|
|
|
|
enable the list mdoe only with a special option. */
|
|
|
|
if (!listfp)
|
2016-06-28 08:56:48 +02:00
|
|
|
listfp = opt.list_packets ? stdout : stderr;
|
1997-11-18 15:06:00 +01:00
|
|
|
return old;
|
|
|
|
}
|
|
|
|
|
1998-07-02 21:31:46 +02:00
|
|
|
static void
|
|
|
|
unknown_pubkey_warning( int algo )
|
|
|
|
{
|
|
|
|
static byte unknown_pubkey_algos[256];
|
|
|
|
|
|
|
|
algo &= 0xff;
|
|
|
|
if( !unknown_pubkey_algos[algo] ) {
|
|
|
|
if( opt.verbose )
|
1998-11-10 13:59:59 +01:00
|
|
|
log_info(_("can't handle public key algorithm %d\n"), algo );
|
1998-07-02 21:31:46 +02:00
|
|
|
unknown_pubkey_algos[algo] = 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
1997-11-18 15:06:00 +01:00
|
|
|
/****************
|
|
|
|
* Parse a Packet and return it in packet
|
|
|
|
* Returns: 0 := valid packet in pkt
|
|
|
|
* -1 := no more packets
|
|
|
|
* >0 := error
|
|
|
|
* Note: The function may return an error and a partly valid packet;
|
|
|
|
* caller must free this packet.
|
|
|
|
*/
|
1998-12-23 13:41:40 +01:00
|
|
|
#ifdef DEBUG_PARSE_PACKET
|
|
|
|
int
|
2002-06-29 15:46:34 +02:00
|
|
|
dbg_parse_packet( IOBUF inp, PACKET *pkt, const char *dbg_f, int dbg_l )
|
1998-12-23 13:41:40 +01:00
|
|
|
{
|
|
|
|
int skip, rc;
|
|
|
|
|
|
|
|
do {
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = parse( inp, pkt, 0, NULL, &skip, NULL, 0, "parse", dbg_f, dbg_l );
|
1998-12-23 13:41:40 +01:00
|
|
|
} while( skip );
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
#else
|
1997-11-18 15:06:00 +01:00
|
|
|
int
|
2002-06-29 15:46:34 +02:00
|
|
|
parse_packet( IOBUF inp, PACKET *pkt )
|
1997-12-12 13:03:58 +01:00
|
|
|
{
|
|
|
|
int skip, rc;
|
|
|
|
|
|
|
|
do {
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = parse( inp, pkt, 0, NULL, &skip, NULL, 0 );
|
1997-12-12 13:03:58 +01:00
|
|
|
} while( skip );
|
|
|
|
return rc;
|
|
|
|
}
|
1998-12-23 13:41:40 +01:00
|
|
|
#endif
|
1997-12-12 13:03:58 +01:00
|
|
|
|
|
|
|
/****************
|
2002-06-29 15:46:34 +02:00
|
|
|
* Like parse packet, but only return secret or public (sub)key packets.
|
1997-12-12 13:03:58 +01:00
|
|
|
*/
|
1998-12-23 13:41:40 +01:00
|
|
|
#ifdef DEBUG_PARSE_PACKET
|
|
|
|
int
|
2002-06-29 15:46:34 +02:00
|
|
|
dbg_search_packet( IOBUF inp, PACKET *pkt, off_t *retpos, int with_uid,
|
1998-12-23 13:41:40 +01:00
|
|
|
const char *dbg_f, int dbg_l )
|
|
|
|
{
|
|
|
|
int skip, rc;
|
|
|
|
|
|
|
|
do {
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = parse( inp, pkt, with_uid?2:1, retpos, &skip, NULL, 0, "search", dbg_f, dbg_l );
|
1998-12-23 13:41:40 +01:00
|
|
|
} while( skip );
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
#else
|
1997-12-12 13:03:58 +01:00
|
|
|
int
|
2002-06-29 15:46:34 +02:00
|
|
|
search_packet( IOBUF inp, PACKET *pkt, off_t *retpos, int with_uid )
|
1997-12-12 13:03:58 +01:00
|
|
|
{
|
|
|
|
int skip, rc;
|
|
|
|
|
|
|
|
do {
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = parse( inp, pkt, with_uid?2:1, retpos, &skip, NULL, 0 );
|
1997-12-12 13:03:58 +01:00
|
|
|
} while( skip );
|
|
|
|
return rc;
|
|
|
|
}
|
1998-12-23 13:41:40 +01:00
|
|
|
#endif
|
1997-12-12 13:03:58 +01:00
|
|
|
|
1998-02-11 04:25:44 +01:00
|
|
|
/****************
|
|
|
|
* Copy all packets from INP to OUT, thereby removing unused spaces.
|
|
|
|
*/
|
1998-12-23 13:41:40 +01:00
|
|
|
#ifdef DEBUG_PARSE_PACKET
|
|
|
|
int
|
|
|
|
dbg_copy_all_packets( IOBUF inp, IOBUF out,
|
|
|
|
const char *dbg_f, int dbg_l )
|
|
|
|
{
|
|
|
|
PACKET pkt;
|
|
|
|
int skip, rc=0;
|
|
|
|
do {
|
|
|
|
init_packet(&pkt);
|
|
|
|
} while( !(rc = parse( inp, &pkt, 0, NULL, &skip, out, 0, "copy", dbg_f, dbg_l )));
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
#else
|
1998-02-11 04:25:44 +01:00
|
|
|
int
|
|
|
|
copy_all_packets( IOBUF inp, IOBUF out )
|
|
|
|
{
|
|
|
|
PACKET pkt;
|
|
|
|
int skip, rc=0;
|
|
|
|
do {
|
|
|
|
init_packet(&pkt);
|
|
|
|
} while( !(rc = parse( inp, &pkt, 0, NULL, &skip, out, 0 )));
|
|
|
|
return rc;
|
|
|
|
}
|
1998-12-23 13:41:40 +01:00
|
|
|
#endif
|
1998-02-11 04:25:44 +01:00
|
|
|
|
|
|
|
/****************
|
|
|
|
* Copy some packets from INP to OUT, thereby removing unused spaces.
|
1998-04-14 19:51:16 +02:00
|
|
|
* Stop at offset STOPoff (i.e. don't copy packets at this or later offsets)
|
1998-02-11 04:25:44 +01:00
|
|
|
*/
|
1998-12-23 13:41:40 +01:00
|
|
|
#ifdef DEBUG_PARSE_PACKET
|
|
|
|
int
|
2002-06-29 15:46:34 +02:00
|
|
|
dbg_copy_some_packets( IOBUF inp, IOBUF out, off_t stopoff,
|
1998-12-23 13:41:40 +01:00
|
|
|
const char *dbg_f, int dbg_l )
|
|
|
|
{
|
|
|
|
PACKET pkt;
|
|
|
|
int skip, rc=0;
|
|
|
|
do {
|
|
|
|
if( iobuf_tell(inp) >= stopoff )
|
|
|
|
return 0;
|
|
|
|
init_packet(&pkt);
|
|
|
|
} while( !(rc = parse( inp, &pkt, 0, NULL, &skip, out, 0,
|
|
|
|
"some", dbg_f, dbg_l )) );
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
#else
|
1998-02-11 04:25:44 +01:00
|
|
|
int
|
2002-06-29 15:46:34 +02:00
|
|
|
copy_some_packets( IOBUF inp, IOBUF out, off_t stopoff )
|
1998-02-11 04:25:44 +01:00
|
|
|
{
|
|
|
|
PACKET pkt;
|
|
|
|
int skip, rc=0;
|
|
|
|
do {
|
|
|
|
if( iobuf_tell(inp) >= stopoff )
|
|
|
|
return 0;
|
|
|
|
init_packet(&pkt);
|
|
|
|
} while( !(rc = parse( inp, &pkt, 0, NULL, &skip, out, 0 )) );
|
|
|
|
return rc;
|
|
|
|
}
|
1998-12-23 13:41:40 +01:00
|
|
|
#endif
|
1998-02-11 04:25:44 +01:00
|
|
|
|
|
|
|
/****************
|
|
|
|
* Skip over N packets
|
|
|
|
*/
|
1998-12-23 13:41:40 +01:00
|
|
|
#ifdef DEBUG_PARSE_PACKET
|
|
|
|
int
|
|
|
|
dbg_skip_some_packets( IOBUF inp, unsigned n,
|
|
|
|
const char *dbg_f, int dbg_l )
|
|
|
|
{
|
|
|
|
int skip, rc=0;
|
|
|
|
PACKET pkt;
|
|
|
|
|
|
|
|
for( ;n && !rc; n--) {
|
|
|
|
init_packet(&pkt);
|
|
|
|
rc = parse( inp, &pkt, 0, NULL, &skip, NULL, 1, "skip", dbg_f, dbg_l );
|
|
|
|
}
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
#else
|
1998-02-11 04:25:44 +01:00
|
|
|
int
|
|
|
|
skip_some_packets( IOBUF inp, unsigned n )
|
|
|
|
{
|
|
|
|
int skip, rc=0;
|
|
|
|
PACKET pkt;
|
|
|
|
|
|
|
|
for( ;n && !rc; n--) {
|
|
|
|
init_packet(&pkt);
|
|
|
|
rc = parse( inp, &pkt, 0, NULL, &skip, NULL, 1 );
|
|
|
|
}
|
|
|
|
return rc;
|
|
|
|
}
|
1998-12-23 13:41:40 +01:00
|
|
|
#endif
|
1998-06-29 14:30:57 +02:00
|
|
|
|
|
|
|
|
1997-12-12 13:03:58 +01:00
|
|
|
/****************
|
2002-06-29 15:46:34 +02:00
|
|
|
* Parse packet. Set the variable skip points to 1 if the packet
|
|
|
|
* should be skipped; this is the case if either ONLYKEYPKTS is set
|
|
|
|
* and the parsed packet isn't one or the
|
1997-12-12 13:03:58 +01:00
|
|
|
* packet-type is 0, indicating deleted stuff.
|
1998-02-11 04:25:44 +01:00
|
|
|
* if OUT is not NULL, a special copymode is used.
|
1997-12-12 13:03:58 +01:00
|
|
|
*/
|
|
|
|
static int
|
2002-06-29 15:46:34 +02:00
|
|
|
parse( IOBUF inp, PACKET *pkt, int onlykeypkts, off_t *retpos,
|
1998-12-23 13:41:40 +01:00
|
|
|
int *skip, IOBUF out, int do_skip
|
|
|
|
#ifdef DEBUG_PARSE_PACKET
|
|
|
|
,const char *dbg_w, const char *dbg_f, int dbg_l
|
|
|
|
#endif
|
|
|
|
)
|
1997-11-18 15:06:00 +01:00
|
|
|
{
|
1998-07-06 12:23:57 +02:00
|
|
|
int rc=0, c, ctb, pkttype, lenbytes;
|
1997-11-18 15:06:00 +01:00
|
|
|
unsigned long pktlen;
|
1998-05-13 19:53:36 +02:00
|
|
|
byte hdr[8];
|
1997-11-18 15:06:00 +01:00
|
|
|
int hdrlen;
|
2004-03-03 01:09:16 +01:00
|
|
|
int new_ctb = 0, partial=0;
|
2002-06-29 15:46:34 +02:00
|
|
|
int with_uid = (onlykeypkts == 2);
|
1997-11-18 15:06:00 +01:00
|
|
|
|
1997-12-12 13:03:58 +01:00
|
|
|
*skip = 0;
|
1997-11-18 15:06:00 +01:00
|
|
|
assert( !pkt->pkt.generic );
|
1997-12-12 13:03:58 +01:00
|
|
|
if( retpos )
|
|
|
|
*retpos = iobuf_tell(inp);
|
1998-12-23 13:41:40 +01:00
|
|
|
|
1998-07-06 12:23:57 +02:00
|
|
|
if( (ctb = iobuf_get(inp)) == -1 ) {
|
|
|
|
rc = -1;
|
|
|
|
goto leave;
|
|
|
|
}
|
1997-11-18 15:06:00 +01:00
|
|
|
hdrlen=0;
|
|
|
|
hdr[hdrlen++] = ctb;
|
|
|
|
if( !(ctb & 0x80) ) {
|
2002-06-29 15:46:34 +02:00
|
|
|
log_error("%s: invalid packet (ctb=%02x)\n", iobuf_where(inp), ctb );
|
|
|
|
rc = G10ERR_INVALID_PACKET;
|
1998-07-06 12:23:57 +02:00
|
|
|
goto leave;
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
|
|
|
pktlen = 0;
|
1998-07-02 21:31:46 +02:00
|
|
|
new_ctb = !!(ctb & 0x40);
|
|
|
|
if( new_ctb ) {
|
2002-08-30 18:34:13 +02:00
|
|
|
pkttype = ctb & 0x3f;
|
1998-01-16 22:15:24 +01:00
|
|
|
if( (c = iobuf_get(inp)) == -1 ) {
|
|
|
|
log_error("%s: 1st length byte missing\n", iobuf_where(inp) );
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = G10ERR_INVALID_PACKET;
|
1998-07-06 12:23:57 +02:00
|
|
|
goto leave;
|
1998-01-16 22:15:24 +01:00
|
|
|
}
|
2009-05-05 11:30:34 +02:00
|
|
|
/* The follwing code has been here for ages (2002-08-30) but it is
|
|
|
|
clearly wrong: For example passing a 0 as second argument to
|
|
|
|
iobuf_set_partial_block_mode stops the partial block mode which we
|
|
|
|
definitely do not want. Also all values < 224 or 255 are not
|
|
|
|
valid. Let's disable it and put PKT_COMPRESSED into the list of
|
|
|
|
allowed packets with partial header until someone complains. */
|
|
|
|
/* if (pkttype == PKT_COMPRESSED) { */
|
|
|
|
/* iobuf_set_partial_block_mode(inp, c & 0xff); */
|
|
|
|
/* pktlen = 0;/\* to indicate partial length *\/ */
|
|
|
|
/* partial=1; */
|
|
|
|
/* } */
|
|
|
|
/* else { */
|
|
|
|
{
|
2002-08-30 18:34:13 +02:00
|
|
|
hdr[hdrlen++] = c;
|
|
|
|
if( c < 192 )
|
2004-03-02 00:10:35 +01:00
|
|
|
pktlen = c;
|
|
|
|
else if( c < 224 )
|
|
|
|
{
|
|
|
|
pktlen = (c - 192) * 256;
|
|
|
|
if( (c = iobuf_get(inp)) == -1 )
|
|
|
|
{
|
|
|
|
log_error("%s: 2nd length byte missing\n",
|
|
|
|
iobuf_where(inp) );
|
|
|
|
rc = G10ERR_INVALID_PACKET;
|
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
hdr[hdrlen++] = c;
|
|
|
|
pktlen += c + 192;
|
|
|
|
}
|
|
|
|
else if( c == 255 )
|
|
|
|
{
|
2015-02-22 05:10:32 +01:00
|
|
|
pktlen =
|
|
|
|
(unsigned long)(hdr[hdrlen++] = iobuf_get_noeof(inp)) << 24;
|
2004-03-02 00:10:35 +01:00
|
|
|
pktlen |= (hdr[hdrlen++] = iobuf_get_noeof(inp)) << 16;
|
|
|
|
pktlen |= (hdr[hdrlen++] = iobuf_get_noeof(inp)) << 8;
|
|
|
|
if( (c = iobuf_get(inp)) == -1 )
|
|
|
|
{
|
|
|
|
log_error("%s: 4 byte length invalid\n",
|
|
|
|
iobuf_where(inp) );
|
|
|
|
rc = G10ERR_INVALID_PACKET;
|
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
pktlen |= (hdr[hdrlen++] = c );
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
2009-05-05 11:30:34 +02:00
|
|
|
/* Partial body length. */
|
|
|
|
switch (pkttype)
|
|
|
|
{
|
|
|
|
case PKT_PLAINTEXT:
|
|
|
|
case PKT_ENCRYPTED:
|
|
|
|
case PKT_ENCRYPTED_MDC:
|
|
|
|
case PKT_COMPRESSED:
|
|
|
|
iobuf_set_partial_block_mode (inp, (c & 0xff));
|
|
|
|
pktlen = 0; /* Indicate partial length. */
|
|
|
|
partial= 1;
|
|
|
|
break;
|
|
|
|
|
|
|
|
default:
|
|
|
|
log_error ("%s: partial length for invalid"
|
|
|
|
" packet type %d\n", iobuf_where(inp),pkttype);
|
|
|
|
rc = G10ERR_INVALID_PACKET;
|
2004-03-02 00:10:35 +01:00
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
}
|
1998-01-16 22:15:24 +01:00
|
|
|
}
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
2004-03-03 17:38:34 +01:00
|
|
|
else
|
|
|
|
{
|
1998-01-16 22:15:24 +01:00
|
|
|
pkttype = (ctb>>2)&0xf;
|
|
|
|
lenbytes = ((ctb&3)==3)? 0 : (1<<(ctb & 3));
|
2004-03-03 17:38:34 +01:00
|
|
|
if( !lenbytes )
|
|
|
|
{
|
1998-01-16 22:15:24 +01:00
|
|
|
pktlen = 0; /* don't know the value */
|
2004-03-03 17:38:34 +01:00
|
|
|
/* This isn't really partial, but we can treat it the same
|
|
|
|
in a "read until the end" sort of way. */
|
2004-03-03 01:09:16 +01:00
|
|
|
partial=1;
|
2004-03-03 17:38:34 +01:00
|
|
|
if(pkttype!=PKT_ENCRYPTED && pkttype!=PKT_PLAINTEXT
|
|
|
|
&& pkttype!=PKT_COMPRESSED)
|
|
|
|
{
|
|
|
|
log_error ("%s: indeterminate length for invalid"
|
|
|
|
" packet type %d\n", iobuf_where(inp), pkttype );
|
|
|
|
rc = G10ERR_INVALID_PACKET;
|
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
for( ; lenbytes; lenbytes-- )
|
|
|
|
{
|
1998-01-16 22:15:24 +01:00
|
|
|
pktlen <<= 8;
|
|
|
|
pktlen |= hdr[hdrlen++] = iobuf_get_noeof(inp);
|
2004-03-03 17:38:34 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
1997-11-18 15:06:00 +01:00
|
|
|
|
2009-06-17 12:36:12 +02:00
|
|
|
if (pktlen == (unsigned long)(-1)) {
|
|
|
|
/* With some probability this is caused by a problem in the
|
2002-06-29 15:46:34 +02:00
|
|
|
* the uncompressing layer - in some error cases it just loops
|
|
|
|
* and spits out 0xff bytes. */
|
|
|
|
log_error ("%s: garbled packet detected\n", iobuf_where(inp) );
|
|
|
|
g10_exit (2);
|
|
|
|
}
|
|
|
|
|
1998-02-11 04:25:44 +01:00
|
|
|
if( out && pkttype ) {
|
|
|
|
if( iobuf_write( out, hdr, hdrlen ) == -1 )
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = G10ERR_WRITE_FILE;
|
1998-02-11 04:25:44 +01:00
|
|
|
else
|
2004-03-03 01:09:16 +01:00
|
|
|
rc = copy_packet(inp, out, pkttype, pktlen, partial );
|
1998-07-06 12:23:57 +02:00
|
|
|
goto leave;
|
1998-02-11 04:25:44 +01:00
|
|
|
}
|
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
if (with_uid && pkttype == PKT_USER_ID)
|
|
|
|
;
|
2011-07-22 14:00:08 +02:00
|
|
|
else if( do_skip
|
2002-06-29 15:46:34 +02:00
|
|
|
|| !pkttype
|
|
|
|
|| (onlykeypkts && pkttype != PKT_PUBLIC_SUBKEY
|
|
|
|
&& pkttype != PKT_PUBLIC_KEY
|
|
|
|
&& pkttype != PKT_SECRET_SUBKEY
|
|
|
|
&& pkttype != PKT_SECRET_KEY ) ) {
|
2004-09-09 14:42:10 +02:00
|
|
|
iobuf_skip_rest(inp, pktlen, partial);
|
1997-12-12 13:03:58 +01:00
|
|
|
*skip = 1;
|
1998-07-06 12:23:57 +02:00
|
|
|
rc = 0;
|
|
|
|
goto leave;
|
1997-12-12 13:03:58 +01:00
|
|
|
}
|
|
|
|
|
1998-12-23 13:41:40 +01:00
|
|
|
if( DBG_PACKET ) {
|
2002-08-30 18:34:13 +02:00
|
|
|
#ifdef DEBUG_PARSE_PACKET
|
1998-12-23 13:41:40 +01:00
|
|
|
log_debug("parse_packet(iob=%d): type=%d length=%lu%s (%s.%s.%d)\n",
|
|
|
|
iobuf_id(inp), pkttype, pktlen, new_ctb?" (new_ctb)":"",
|
|
|
|
dbg_w, dbg_f, dbg_l );
|
2002-08-30 18:34:13 +02:00
|
|
|
#else
|
1998-01-16 22:15:24 +01:00
|
|
|
log_debug("parse_packet(iob=%d): type=%d length=%lu%s\n",
|
1998-07-02 21:31:46 +02:00
|
|
|
iobuf_id(inp), pkttype, pktlen, new_ctb?" (new_ctb)":"" );
|
2002-08-30 18:34:13 +02:00
|
|
|
#endif
|
1998-12-23 13:41:40 +01:00
|
|
|
}
|
1997-11-18 15:06:00 +01:00
|
|
|
pkt->pkttype = pkttype;
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = G10ERR_UNKNOWN_PACKET; /* default error */
|
1997-11-18 15:06:00 +01:00
|
|
|
switch( pkttype ) {
|
1998-06-29 14:30:57 +02:00
|
|
|
case PKT_PUBLIC_KEY:
|
|
|
|
case PKT_PUBLIC_SUBKEY:
|
2005-07-27 20:10:56 +02:00
|
|
|
pkt->pkt.public_key = xmalloc_clear(sizeof *pkt->pkt.public_key );
|
1998-06-29 14:30:57 +02:00
|
|
|
rc = parse_key(inp, pkttype, pktlen, hdr, hdrlen, pkt );
|
1997-11-18 15:06:00 +01:00
|
|
|
break;
|
1998-06-29 14:30:57 +02:00
|
|
|
case PKT_SECRET_KEY:
|
|
|
|
case PKT_SECRET_SUBKEY:
|
2005-07-27 20:10:56 +02:00
|
|
|
pkt->pkt.secret_key = xmalloc_clear(sizeof *pkt->pkt.secret_key );
|
1998-06-29 14:30:57 +02:00
|
|
|
rc = parse_key(inp, pkttype, pktlen, hdr, hdrlen, pkt );
|
1997-11-18 15:06:00 +01:00
|
|
|
break;
|
1998-05-03 17:42:08 +02:00
|
|
|
case PKT_SYMKEY_ENC:
|
|
|
|
rc = parse_symkeyenc( inp, pkttype, pktlen, pkt );
|
|
|
|
break;
|
1997-11-18 15:06:00 +01:00
|
|
|
case PKT_PUBKEY_ENC:
|
1998-05-03 17:42:08 +02:00
|
|
|
rc = parse_pubkeyenc(inp, pkttype, pktlen, pkt );
|
1997-11-18 15:06:00 +01:00
|
|
|
break;
|
|
|
|
case PKT_SIGNATURE:
|
2005-07-27 20:10:56 +02:00
|
|
|
pkt->pkt.signature = xmalloc_clear(sizeof *pkt->pkt.signature );
|
1997-11-18 15:06:00 +01:00
|
|
|
rc = parse_signature(inp, pkttype, pktlen, pkt->pkt.signature );
|
|
|
|
break;
|
1997-12-02 20:36:53 +01:00
|
|
|
case PKT_ONEPASS_SIG:
|
2005-07-27 20:10:56 +02:00
|
|
|
pkt->pkt.onepass_sig = xmalloc_clear(sizeof *pkt->pkt.onepass_sig );
|
1997-12-02 20:36:53 +01:00
|
|
|
rc = parse_onepass_sig(inp, pkttype, pktlen, pkt->pkt.onepass_sig );
|
|
|
|
break;
|
1997-11-18 15:06:00 +01:00
|
|
|
case PKT_USER_ID:
|
|
|
|
rc = parse_user_id(inp, pkttype, pktlen, pkt );
|
|
|
|
break;
|
2002-06-29 15:46:34 +02:00
|
|
|
case PKT_ATTRIBUTE:
|
|
|
|
pkt->pkttype = pkttype = PKT_USER_ID; /* we store it in the userID */
|
|
|
|
rc = parse_attribute(inp, pkttype, pktlen, pkt);
|
2000-07-14 19:34:53 +02:00
|
|
|
break;
|
1998-05-03 21:35:33 +02:00
|
|
|
case PKT_OLD_COMMENT:
|
1997-11-18 15:06:00 +01:00
|
|
|
case PKT_COMMENT:
|
1998-02-11 04:25:44 +01:00
|
|
|
rc = parse_comment(inp, pkttype, pktlen, pkt);
|
1997-11-18 15:06:00 +01:00
|
|
|
break;
|
|
|
|
case PKT_RING_TRUST:
|
1999-07-08 16:24:35 +02:00
|
|
|
parse_trust(inp, pkttype, pktlen, pkt);
|
|
|
|
rc = 0;
|
1997-11-18 15:06:00 +01:00
|
|
|
break;
|
|
|
|
case PKT_PLAINTEXT:
|
2004-03-03 01:09:16 +01:00
|
|
|
rc = parse_plaintext(inp, pkttype, pktlen, pkt, new_ctb, partial );
|
1997-11-18 15:06:00 +01:00
|
|
|
break;
|
1997-12-01 11:33:23 +01:00
|
|
|
case PKT_COMPRESSED:
|
1998-07-02 21:31:46 +02:00
|
|
|
rc = parse_compressed(inp, pkttype, pktlen, pkt, new_ctb );
|
1997-11-18 15:06:00 +01:00
|
|
|
break;
|
1997-12-01 11:33:23 +01:00
|
|
|
case PKT_ENCRYPTED:
|
1999-05-17 22:03:24 +02:00
|
|
|
case PKT_ENCRYPTED_MDC:
|
2004-03-03 01:09:16 +01:00
|
|
|
rc = parse_encrypted(inp, pkttype, pktlen, pkt, new_ctb, partial );
|
1997-11-18 15:06:00 +01:00
|
|
|
break;
|
2000-07-14 19:34:53 +02:00
|
|
|
case PKT_MDC:
|
|
|
|
rc = parse_mdc(inp, pkttype, pktlen, pkt, new_ctb );
|
|
|
|
break;
|
2002-06-29 15:46:34 +02:00
|
|
|
case PKT_GPG_CONTROL:
|
2004-03-03 01:09:16 +01:00
|
|
|
rc = parse_gpg_control(inp, pkttype, pktlen, pkt, partial );
|
2002-06-29 15:46:34 +02:00
|
|
|
break;
|
2007-04-04 06:00:20 +02:00
|
|
|
case PKT_MARKER:
|
|
|
|
rc = parse_marker(inp,pkttype,pktlen);
|
|
|
|
break;
|
1997-11-18 15:06:00 +01:00
|
|
|
default:
|
2004-03-03 01:09:16 +01:00
|
|
|
skip_packet(inp, pkttype, pktlen, partial);
|
1997-11-18 15:06:00 +01:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
1998-07-06 12:23:57 +02:00
|
|
|
leave:
|
1998-07-29 21:35:05 +02:00
|
|
|
if( !rc && iobuf_error(inp) )
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = G10ERR_INV_KEYRING;
|
1997-11-18 15:06:00 +01:00
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
1998-01-16 22:15:24 +01:00
|
|
|
static void
|
|
|
|
dump_hex_line( int c, int *i )
|
|
|
|
{
|
|
|
|
if( *i && !(*i%8) ) {
|
|
|
|
if( *i && !(*i%24) )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "\n%4d:", *i );
|
1998-01-16 22:15:24 +01:00
|
|
|
else
|
2005-02-03 10:32:53 +01:00
|
|
|
putc (' ', listfp);
|
1998-01-16 22:15:24 +01:00
|
|
|
}
|
|
|
|
if( c == -1 )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, " EOF" );
|
1998-01-16 22:15:24 +01:00
|
|
|
else
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, " %02x", c );
|
1998-01-16 22:15:24 +01:00
|
|
|
++*i;
|
|
|
|
}
|
|
|
|
|
1997-11-18 15:06:00 +01:00
|
|
|
|
1998-02-11 04:25:44 +01:00
|
|
|
static int
|
2004-03-03 01:09:16 +01:00
|
|
|
copy_packet( IOBUF inp, IOBUF out, int pkttype,
|
|
|
|
unsigned long pktlen, int partial )
|
1998-02-11 04:25:44 +01:00
|
|
|
{
|
|
|
|
int n;
|
|
|
|
char buf[100];
|
|
|
|
|
2004-03-03 01:09:16 +01:00
|
|
|
if( partial ) {
|
1998-02-11 04:25:44 +01:00
|
|
|
while( (n = iobuf_read( inp, buf, 100 )) != -1 )
|
|
|
|
if( iobuf_write(out, buf, n ) )
|
2002-06-29 15:46:34 +02:00
|
|
|
return G10ERR_WRITE_FILE; /* write error */
|
1998-02-11 04:25:44 +01:00
|
|
|
}
|
|
|
|
else if( !pktlen && pkttype == PKT_COMPRESSED ) {
|
1998-12-23 13:41:40 +01:00
|
|
|
log_debug("copy_packet: compressed!\n");
|
1998-02-11 04:25:44 +01:00
|
|
|
/* compressed packet, copy till EOF */
|
|
|
|
while( (n = iobuf_read( inp, buf, 100 )) != -1 )
|
|
|
|
if( iobuf_write(out, buf, n ) )
|
2002-06-29 15:46:34 +02:00
|
|
|
return G10ERR_WRITE_FILE; /* write error */
|
1998-02-11 04:25:44 +01:00
|
|
|
}
|
|
|
|
else {
|
|
|
|
for( ; pktlen; pktlen -= n ) {
|
|
|
|
n = pktlen > 100 ? 100 : pktlen;
|
|
|
|
n = iobuf_read( inp, buf, n );
|
|
|
|
if( n == -1 )
|
2002-06-29 15:46:34 +02:00
|
|
|
return G10ERR_READ_FILE;
|
1998-02-11 04:25:44 +01:00
|
|
|
if( iobuf_write(out, buf, n ) )
|
2002-06-29 15:46:34 +02:00
|
|
|
return G10ERR_WRITE_FILE; /* write error */
|
1998-02-11 04:25:44 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
1997-11-18 15:06:00 +01:00
|
|
|
static void
|
2004-03-03 01:09:16 +01:00
|
|
|
skip_packet( IOBUF inp, int pkttype, unsigned long pktlen, int partial )
|
1997-11-18 15:06:00 +01:00
|
|
|
{
|
2007-04-04 06:00:20 +02:00
|
|
|
if( list_mode )
|
|
|
|
{
|
|
|
|
fprintf (listfp, ":unknown packet: type %2d, length %lu\n",
|
|
|
|
pkttype, pktlen);
|
|
|
|
if( pkttype )
|
|
|
|
{
|
|
|
|
int c, i=0 ;
|
|
|
|
fputs("dump:", listfp );
|
|
|
|
if( partial )
|
|
|
|
{
|
|
|
|
while( (c=iobuf_get(inp)) != -1 )
|
|
|
|
dump_hex_line(c, &i);
|
1998-01-16 22:15:24 +01:00
|
|
|
}
|
2007-04-04 06:00:20 +02:00
|
|
|
else
|
|
|
|
{
|
|
|
|
for( ; pktlen; pktlen-- )
|
2010-06-18 10:08:21 +02:00
|
|
|
{
|
|
|
|
dump_hex_line ((c=iobuf_get(inp)), &i);
|
|
|
|
if (c==-1)
|
|
|
|
break;
|
|
|
|
}
|
1998-01-16 22:15:24 +01:00
|
|
|
}
|
2007-04-04 06:00:20 +02:00
|
|
|
putc ('\n', listfp);
|
|
|
|
return;
|
1998-01-16 22:15:24 +01:00
|
|
|
}
|
|
|
|
}
|
2007-04-04 06:00:20 +02:00
|
|
|
iobuf_skip_rest(inp,pktlen,partial);
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
|
|
|
|
1998-08-05 18:51:59 +02:00
|
|
|
static void *
|
2004-03-03 01:09:16 +01:00
|
|
|
read_rest( IOBUF inp, size_t pktlen, int partial )
|
1998-08-05 18:51:59 +02:00
|
|
|
{
|
|
|
|
byte *p;
|
|
|
|
int i;
|
|
|
|
|
2004-03-03 01:09:16 +01:00
|
|
|
if( partial ) {
|
1998-08-05 18:51:59 +02:00
|
|
|
log_error("read_rest: can't store stream data\n");
|
|
|
|
p = NULL;
|
|
|
|
}
|
|
|
|
else {
|
2005-07-27 20:10:56 +02:00
|
|
|
p = xmalloc( pktlen );
|
1998-08-05 18:51:59 +02:00
|
|
|
for(i=0; pktlen; pktlen--, i++ )
|
|
|
|
p[i] = iobuf_get(inp);
|
|
|
|
}
|
|
|
|
return p;
|
|
|
|
}
|
|
|
|
|
2007-04-04 06:00:20 +02:00
|
|
|
static int
|
|
|
|
parse_marker( IOBUF inp, int pkttype, unsigned long pktlen )
|
|
|
|
{
|
|
|
|
if(pktlen!=3)
|
|
|
|
goto fail;
|
|
|
|
|
|
|
|
if(iobuf_get(inp)!='P')
|
|
|
|
{
|
|
|
|
pktlen--;
|
|
|
|
goto fail;
|
|
|
|
}
|
|
|
|
|
|
|
|
if(iobuf_get(inp)!='G')
|
|
|
|
{
|
|
|
|
pktlen--;
|
|
|
|
goto fail;
|
|
|
|
}
|
|
|
|
|
|
|
|
if(iobuf_get(inp)!='P')
|
|
|
|
{
|
|
|
|
pktlen--;
|
|
|
|
goto fail;
|
|
|
|
}
|
1998-08-05 18:51:59 +02:00
|
|
|
|
2007-04-04 06:00:20 +02:00
|
|
|
if(list_mode)
|
|
|
|
fputs(":marker packet: PGP\n", listfp );
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
fail:
|
|
|
|
log_error("invalid marker packet\n");
|
|
|
|
iobuf_skip_rest(inp,pktlen,0);
|
|
|
|
return G10ERR_INVALID_PACKET;
|
|
|
|
}
|
1997-11-18 15:06:00 +01:00
|
|
|
|
|
|
|
static int
|
1998-05-03 17:42:08 +02:00
|
|
|
parse_symkeyenc( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
|
|
|
|
{
|
|
|
|
PKT_symkey_enc *k;
|
2002-06-29 15:46:34 +02:00
|
|
|
int rc = 0;
|
1998-05-03 17:42:08 +02:00
|
|
|
int i, version, s2kmode, cipher_algo, hash_algo, seskeylen, minlen;
|
|
|
|
|
|
|
|
if( pktlen < 4 ) {
|
|
|
|
log_error("packet(%d) too short\n", pkttype);
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = G10ERR_INVALID_PACKET;
|
1998-05-03 17:42:08 +02:00
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
version = iobuf_get_noeof(inp); pktlen--;
|
1998-05-04 20:49:26 +02:00
|
|
|
if( version != 4 ) {
|
1998-05-03 17:42:08 +02:00
|
|
|
log_error("packet(%d) with unknown version %d\n", pkttype, version);
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = G10ERR_INVALID_PACKET;
|
1998-05-03 17:42:08 +02:00
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
if( pktlen > 200 ) { /* (we encode the seskeylen in a byte) */
|
|
|
|
log_error("packet(%d) too large\n", pkttype);
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = G10ERR_INVALID_PACKET;
|
1998-05-03 17:42:08 +02:00
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
cipher_algo = iobuf_get_noeof(inp); pktlen--;
|
|
|
|
s2kmode = iobuf_get_noeof(inp); pktlen--;
|
|
|
|
hash_algo = iobuf_get_noeof(inp); pktlen--;
|
|
|
|
switch( s2kmode ) {
|
|
|
|
case 0: /* simple s2k */
|
|
|
|
minlen = 0;
|
|
|
|
break;
|
|
|
|
case 1: /* salted s2k */
|
|
|
|
minlen = 8;
|
|
|
|
break;
|
1998-08-05 18:51:59 +02:00
|
|
|
case 3: /* iterated+salted s2k */
|
|
|
|
minlen = 9;
|
1998-05-03 17:42:08 +02:00
|
|
|
break;
|
|
|
|
default:
|
|
|
|
log_error("unknown S2K %d\n", s2kmode );
|
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
if( minlen > pktlen ) {
|
|
|
|
log_error("packet with S2K %d too short\n", s2kmode );
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = G10ERR_INVALID_PACKET;
|
1998-05-03 17:42:08 +02:00
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
seskeylen = pktlen - minlen;
|
2005-07-27 20:10:56 +02:00
|
|
|
k = packet->pkt.symkey_enc = xmalloc_clear( sizeof *packet->pkt.symkey_enc
|
1998-05-03 17:42:08 +02:00
|
|
|
+ seskeylen - 1 );
|
|
|
|
k->version = version;
|
|
|
|
k->cipher_algo = cipher_algo;
|
|
|
|
k->s2k.mode = s2kmode;
|
|
|
|
k->s2k.hash_algo = hash_algo;
|
1998-08-05 18:51:59 +02:00
|
|
|
if( s2kmode == 1 || s2kmode == 3 ) {
|
1998-05-03 17:42:08 +02:00
|
|
|
for(i=0; i < 8 && pktlen; i++, pktlen-- )
|
|
|
|
k->s2k.salt[i] = iobuf_get_noeof(inp);
|
|
|
|
}
|
1998-08-05 18:51:59 +02:00
|
|
|
if( s2kmode == 3 ) {
|
|
|
|
k->s2k.count = iobuf_get(inp); pktlen--;
|
1998-05-03 17:42:08 +02:00
|
|
|
}
|
|
|
|
k->seskeylen = seskeylen;
|
2003-10-01 17:15:58 +02:00
|
|
|
if(k->seskeylen)
|
|
|
|
{
|
|
|
|
for(i=0; i < seskeylen && pktlen; i++, pktlen-- )
|
|
|
|
k->seskey[i] = iobuf_get_noeof(inp);
|
|
|
|
|
|
|
|
/* What we're watching out for here is a session key decryptor
|
|
|
|
with no salt. The RFC says that using salt for this is a
|
|
|
|
MUST. */
|
|
|
|
if(s2kmode!=1 && s2kmode!=3)
|
|
|
|
log_info(_("WARNING: potentially insecure symmetrically"
|
|
|
|
" encrypted session key\n"));
|
|
|
|
}
|
1998-05-03 17:42:08 +02:00
|
|
|
assert( !pktlen );
|
|
|
|
|
|
|
|
if( list_mode ) {
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, ":symkey enc packet: version %d, cipher %d, s2k %d, hash %d",
|
2003-10-01 17:15:58 +02:00
|
|
|
version, cipher_algo, s2kmode, hash_algo);
|
|
|
|
if(seskeylen)
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, ", seskey %d bits",(seskeylen-1)*8);
|
|
|
|
fprintf (listfp, "\n");
|
1998-08-05 18:51:59 +02:00
|
|
|
if( s2kmode == 1 || s2kmode == 3 ) {
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "\tsalt ");
|
1998-05-03 17:42:08 +02:00
|
|
|
for(i=0; i < 8; i++ )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "%02x", k->s2k.salt[i]);
|
1998-08-05 18:51:59 +02:00
|
|
|
if( s2kmode == 3 )
|
2006-10-13 05:44:34 +02:00
|
|
|
fprintf (listfp, ", count %lu (%lu)",
|
|
|
|
S2K_DECODE_COUNT((ulong)k->s2k.count),
|
|
|
|
(ulong)k->s2k.count );
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "\n");
|
1998-05-03 17:42:08 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
leave:
|
2004-09-09 14:42:10 +02:00
|
|
|
iobuf_skip_rest(inp, pktlen, 0);
|
2002-06-29 15:46:34 +02:00
|
|
|
return rc;
|
1998-05-03 17:42:08 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
parse_pubkeyenc( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
|
1997-11-18 15:06:00 +01:00
|
|
|
{
|
2002-06-29 15:46:34 +02:00
|
|
|
unsigned int n;
|
|
|
|
int rc = 0;
|
1998-06-13 08:59:14 +02:00
|
|
|
int i, ndata;
|
1997-11-18 15:06:00 +01:00
|
|
|
PKT_pubkey_enc *k;
|
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
k = packet->pkt.pubkey_enc = xmalloc_clear(sizeof *packet->pkt.pubkey_enc);
|
1997-11-18 15:06:00 +01:00
|
|
|
if( pktlen < 12 ) {
|
|
|
|
log_error("packet(%d) too short\n", pkttype);
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = G10ERR_INVALID_PACKET;
|
1997-11-18 15:06:00 +01:00
|
|
|
goto leave;
|
|
|
|
}
|
1998-03-19 16:27:29 +01:00
|
|
|
k->version = iobuf_get_noeof(inp); pktlen--;
|
|
|
|
if( k->version != 2 && k->version != 3 ) {
|
|
|
|
log_error("packet(%d) with unknown version %d\n", pkttype, k->version);
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = G10ERR_INVALID_PACKET;
|
1997-11-18 15:06:00 +01:00
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
k->keyid[0] = read_32(inp); pktlen -= 4;
|
|
|
|
k->keyid[1] = read_32(inp); pktlen -= 4;
|
|
|
|
k->pubkey_algo = iobuf_get_noeof(inp); pktlen--;
|
1998-09-11 07:47:32 +02:00
|
|
|
k->throw_keyid = 0; /* only used as flag for build_packet */
|
1997-11-18 15:06:00 +01:00
|
|
|
if( list_mode )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, ":pubkey enc packet: version %d, algo %d, keyid %08lX%08lX\n",
|
1998-05-04 20:49:26 +02:00
|
|
|
k->version, k->pubkey_algo, (ulong)k->keyid[0], (ulong)k->keyid[1]);
|
1998-06-13 08:59:14 +02:00
|
|
|
|
|
|
|
ndata = pubkey_get_nenc(k->pubkey_algo);
|
1998-07-02 21:31:46 +02:00
|
|
|
if( !ndata ) {
|
|
|
|
if( list_mode )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "\tunsupported algorithm %d\n", k->pubkey_algo );
|
1998-07-02 21:31:46 +02:00
|
|
|
unknown_pubkey_warning( k->pubkey_algo );
|
|
|
|
k->data[0] = NULL; /* no need to store the encrypted data */
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
for( i=0; i < ndata; i++ ) {
|
|
|
|
n = pktlen;
|
|
|
|
k->data[i] = mpi_read(inp, &n, 0); pktlen -=n;
|
|
|
|
if( list_mode ) {
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "\tdata: ");
|
|
|
|
mpi_print(listfp, k->data[i], mpi_print_mode );
|
|
|
|
putc ('\n', listfp);
|
1998-07-02 21:31:46 +02:00
|
|
|
}
|
2002-06-29 15:46:34 +02:00
|
|
|
if (!k->data[i])
|
|
|
|
rc = G10ERR_INVALID_PACKET;
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
leave:
|
2004-09-09 14:42:10 +02:00
|
|
|
iobuf_skip_rest(inp, pktlen, 0);
|
2002-06-29 15:46:34 +02:00
|
|
|
return rc;
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
1998-10-18 17:21:22 +02:00
|
|
|
static void
|
|
|
|
dump_sig_subpkt( int hashed, int type, int critical,
|
1998-11-18 20:59:06 +01:00
|
|
|
const byte *buffer, size_t buflen, size_t length )
|
1998-10-18 17:21:22 +02:00
|
|
|
{
|
|
|
|
const char *p=NULL;
|
1998-11-18 20:59:06 +01:00
|
|
|
int i;
|
1998-10-18 17:21:22 +02:00
|
|
|
|
2000-09-18 16:35:34 +02:00
|
|
|
/* The CERT has warning out with explains how to use GNUPG to
|
|
|
|
* detect the ARRs - we print our old message here when it is a faked
|
|
|
|
* ARR and add an additional notice */
|
|
|
|
if ( type == SIGSUBPKT_ARR && !hashed ) {
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp,
|
|
|
|
"\tsubpkt %d len %u (additional recipient request)\n"
|
|
|
|
"WARNING: PGP versions > 5.0 and < 6.5.8 will automagically "
|
|
|
|
"encrypt to this key and thereby reveal the plaintext to "
|
|
|
|
"the owner of this ARR key. Detailed info follows:\n",
|
|
|
|
type, (unsigned)length );
|
2000-09-18 16:35:34 +02:00
|
|
|
}
|
2011-07-22 14:00:08 +02:00
|
|
|
|
2003-03-04 16:24:12 +01:00
|
|
|
buffer++;
|
|
|
|
length--;
|
2011-07-22 14:00:08 +02:00
|
|
|
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "\t%s%ssubpkt %d len %u (", /*)*/
|
1998-10-18 17:21:22 +02:00
|
|
|
critical ? "critical ":"",
|
|
|
|
hashed ? "hashed ":"", type, (unsigned)length );
|
|
|
|
if( length > buflen ) {
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "too short: buffer is only %u)\n", (unsigned)buflen );
|
1998-10-18 17:21:22 +02:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
switch( type ) {
|
|
|
|
case SIGSUBPKT_SIG_CREATED:
|
|
|
|
if( length >= 4 )
|
2015-02-22 05:10:32 +01:00
|
|
|
fprintf (listfp, "sig created %s",
|
|
|
|
strtimestamp (buf32_to_u32(buffer)) );
|
1998-10-18 17:21:22 +02:00
|
|
|
break;
|
|
|
|
case SIGSUBPKT_SIG_EXPIRE:
|
|
|
|
if( length >= 4 )
|
2006-05-23 05:58:53 +02:00
|
|
|
{
|
2015-02-22 05:10:32 +01:00
|
|
|
if(buf32_to_u32(buffer))
|
2006-05-23 05:58:53 +02:00
|
|
|
fprintf (listfp, "sig expires after %s",
|
2015-02-22 05:10:32 +01:00
|
|
|
strtimevalue( buf32_to_u32(buffer) ) );
|
2006-05-23 05:58:53 +02:00
|
|
|
else
|
|
|
|
fprintf (listfp, "sig does not expire");
|
|
|
|
}
|
1998-10-18 17:21:22 +02:00
|
|
|
break;
|
|
|
|
case SIGSUBPKT_EXPORTABLE:
|
1998-11-03 20:38:58 +01:00
|
|
|
if( length )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "%sexportable", *buffer? "":"not ");
|
1998-10-18 17:21:22 +02:00
|
|
|
break;
|
|
|
|
case SIGSUBPKT_TRUST:
|
2002-06-29 15:46:34 +02:00
|
|
|
if(length!=2)
|
* keyedit.c (print_and_check_one_sig, show_key_and_fingerprint,
menu_addrevoker), keylist.c (list_keyblock_print, print_fingerprint): Show
"T" or the trust depth for trust signatures, and add spaces to some
strings to make room for it.
* packet.h, parse-packet.c (dump_sig_subpkt, parse_one_sig_subpkt,
parse_signature): Parse trust signature values.
* tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record): Reserve a byte
for the minimum ownertrust value (for use with trust signatures).
2002-10-29 19:00:07 +01:00
|
|
|
p="[invalid trust subpacket]";
|
2002-06-29 15:46:34 +02:00
|
|
|
else
|
2014-11-24 19:41:46 +01:00
|
|
|
fprintf (listfp, "trust signature of depth %d, value %d",
|
|
|
|
buffer[0],buffer[1]);
|
1998-10-18 17:21:22 +02:00
|
|
|
break;
|
|
|
|
case SIGSUBPKT_REGEXP:
|
2002-06-29 15:46:34 +02:00
|
|
|
if(!length)
|
* keyedit.c (print_and_check_one_sig, show_key_and_fingerprint,
menu_addrevoker), keylist.c (list_keyblock_print, print_fingerprint): Show
"T" or the trust depth for trust signatures, and add spaces to some
strings to make room for it.
* packet.h, parse-packet.c (dump_sig_subpkt, parse_one_sig_subpkt,
parse_signature): Parse trust signature values.
* tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record): Reserve a byte
for the minimum ownertrust value (for use with trust signatures).
2002-10-29 19:00:07 +01:00
|
|
|
p="[invalid regexp subpacket]";
|
2002-06-29 15:46:34 +02:00
|
|
|
else
|
2014-11-24 19:41:46 +01:00
|
|
|
{
|
|
|
|
fprintf (listfp, "regular expression: \"");
|
|
|
|
print_string (listfp, buffer, length, '\"');
|
|
|
|
p = "\"";
|
|
|
|
}
|
1998-10-18 17:21:22 +02:00
|
|
|
break;
|
|
|
|
case SIGSUBPKT_REVOCABLE:
|
2002-06-29 15:46:34 +02:00
|
|
|
if( length )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "%srevocable", *buffer? "":"not ");
|
1998-10-18 17:21:22 +02:00
|
|
|
break;
|
|
|
|
case SIGSUBPKT_KEY_EXPIRE:
|
|
|
|
if( length >= 4 )
|
2006-05-23 05:58:53 +02:00
|
|
|
{
|
2015-02-22 05:10:32 +01:00
|
|
|
if(buf32_to_u32(buffer))
|
2006-05-23 05:58:53 +02:00
|
|
|
fprintf (listfp, "key expires after %s",
|
2015-02-22 05:10:32 +01:00
|
|
|
strtimevalue( buf32_to_u32(buffer) ) );
|
2006-05-23 05:58:53 +02:00
|
|
|
else
|
|
|
|
fprintf (listfp, "key does not expire");
|
|
|
|
}
|
1998-10-18 17:21:22 +02:00
|
|
|
break;
|
|
|
|
case SIGSUBPKT_PREF_SYM:
|
2005-02-03 10:32:53 +01:00
|
|
|
fputs("pref-sym-algos:", listfp );
|
1998-11-18 20:59:06 +01:00
|
|
|
for( i=0; i < length; i++ )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, " %d", buffer[i] );
|
1998-10-18 17:21:22 +02:00
|
|
|
break;
|
|
|
|
case SIGSUBPKT_REV_KEY:
|
2005-02-03 10:32:53 +01:00
|
|
|
fputs("revocation key: ", listfp );
|
1999-08-04 10:45:27 +02:00
|
|
|
if( length < 22 )
|
|
|
|
p = "[too short]";
|
|
|
|
else {
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "c=%02x a=%d f=", buffer[0], buffer[1] );
|
1999-08-04 10:45:27 +02:00
|
|
|
for( i=2; i < length; i++ )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "%02X", buffer[i] );
|
1999-08-04 10:45:27 +02:00
|
|
|
}
|
1998-10-18 17:21:22 +02:00
|
|
|
break;
|
|
|
|
case SIGSUBPKT_ISSUER:
|
|
|
|
if( length >= 8 )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "issuer key ID %08lX%08lX",
|
2015-02-22 05:10:32 +01:00
|
|
|
buf32_to_ulong (buffer),
|
|
|
|
buf32_to_ulong (buffer+4));
|
1998-10-18 17:21:22 +02:00
|
|
|
break;
|
|
|
|
case SIGSUBPKT_NOTATION:
|
1999-05-25 19:56:15 +02:00
|
|
|
{
|
2005-02-03 10:32:53 +01:00
|
|
|
fputs("notation: ", listfp );
|
1999-05-25 19:56:15 +02:00
|
|
|
if( length < 8 )
|
|
|
|
p = "[too short]";
|
|
|
|
else {
|
|
|
|
const byte *s = buffer;
|
|
|
|
size_t n1, n2;
|
|
|
|
|
|
|
|
n1 = (s[4] << 8) | s[5];
|
|
|
|
n2 = (s[6] << 8) | s[7];
|
|
|
|
s += 8;
|
|
|
|
if( 8+n1+n2 != length )
|
|
|
|
p = "[error]";
|
|
|
|
else {
|
2005-02-03 10:32:53 +01:00
|
|
|
print_string( listfp, s, n1, ')' );
|
|
|
|
putc( '=', listfp );
|
2003-03-04 16:24:12 +01:00
|
|
|
|
|
|
|
if( *buffer & 0x80 )
|
2005-02-03 10:32:53 +01:00
|
|
|
print_string( listfp, s+n1, n2, ')' );
|
2003-03-04 16:24:12 +01:00
|
|
|
else
|
|
|
|
p = "[not human readable]";
|
1999-05-25 19:56:15 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
1998-10-18 17:21:22 +02:00
|
|
|
break;
|
|
|
|
case SIGSUBPKT_PREF_HASH:
|
2005-02-03 10:32:53 +01:00
|
|
|
fputs("pref-hash-algos:", listfp );
|
1998-11-18 20:59:06 +01:00
|
|
|
for( i=0; i < length; i++ )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, " %d", buffer[i] );
|
1998-10-18 17:21:22 +02:00
|
|
|
break;
|
|
|
|
case SIGSUBPKT_PREF_COMPR:
|
2005-02-03 10:32:53 +01:00
|
|
|
fputs("pref-zip-algos:", listfp );
|
1998-11-18 20:59:06 +01:00
|
|
|
for( i=0; i < length; i++ )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, " %d", buffer[i] );
|
1998-10-18 17:21:22 +02:00
|
|
|
break;
|
|
|
|
case SIGSUBPKT_KS_FLAGS:
|
2005-02-03 10:32:53 +01:00
|
|
|
fputs("key server preferences:",listfp);
|
2002-06-29 15:46:34 +02:00
|
|
|
for(i=0;i<length;i++)
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, " %02X", buffer[i]);
|
1998-10-18 17:21:22 +02:00
|
|
|
break;
|
|
|
|
case SIGSUBPKT_PREF_KS:
|
2005-02-03 10:32:53 +01:00
|
|
|
fputs("preferred key server: ", listfp );
|
|
|
|
print_string( listfp, buffer, length, ')' );
|
1998-10-18 17:21:22 +02:00
|
|
|
break;
|
|
|
|
case SIGSUBPKT_PRIMARY_UID:
|
1999-09-01 15:40:07 +02:00
|
|
|
p = "primary user ID";
|
1998-10-18 17:21:22 +02:00
|
|
|
break;
|
|
|
|
case SIGSUBPKT_POLICY:
|
2005-02-03 10:32:53 +01:00
|
|
|
fputs("policy: ", listfp );
|
|
|
|
print_string( listfp, buffer, length, ')' );
|
1998-10-18 17:21:22 +02:00
|
|
|
break;
|
|
|
|
case SIGSUBPKT_KEY_FLAGS:
|
2005-02-03 10:32:53 +01:00
|
|
|
fputs ( "key flags:", listfp );
|
2000-09-18 16:35:34 +02:00
|
|
|
for( i=0; i < length; i++ )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, " %02X", buffer[i] );
|
2002-06-29 15:46:34 +02:00
|
|
|
break;
|
1998-10-18 17:21:22 +02:00
|
|
|
case SIGSUBPKT_SIGNERS_UID:
|
1999-09-01 15:40:07 +02:00
|
|
|
p = "signer's user ID";
|
1998-10-18 17:21:22 +02:00
|
|
|
break;
|
2000-07-14 19:34:53 +02:00
|
|
|
case SIGSUBPKT_REVOC_REASON:
|
2002-06-29 15:46:34 +02:00
|
|
|
if( length ) {
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "revocation reason 0x%02x (", *buffer );
|
|
|
|
print_string( listfp, buffer+1, length-1, ')' );
|
2000-07-14 19:34:53 +02:00
|
|
|
p = ")";
|
|
|
|
}
|
|
|
|
break;
|
2000-09-18 16:35:34 +02:00
|
|
|
case SIGSUBPKT_ARR:
|
2005-02-03 10:32:53 +01:00
|
|
|
fputs("Big Brother's key (ignored): ", listfp );
|
2000-09-18 16:35:34 +02:00
|
|
|
if( length < 22 )
|
|
|
|
p = "[too short]";
|
|
|
|
else {
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "c=%02x a=%d f=", buffer[0], buffer[1] );
|
2000-09-18 16:35:34 +02:00
|
|
|
for( i=2; i < length; i++ )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "%02X", buffer[i] );
|
2000-09-18 16:35:34 +02:00
|
|
|
}
|
|
|
|
break;
|
2000-10-11 19:26:49 +02:00
|
|
|
case SIGSUBPKT_FEATURES:
|
2005-02-03 10:32:53 +01:00
|
|
|
fputs ( "features:", listfp );
|
2000-10-11 19:26:49 +02:00
|
|
|
for( i=0; i < length; i++ )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, " %02x", buffer[i] );
|
2002-06-29 15:46:34 +02:00
|
|
|
break;
|
2004-04-22 02:54:30 +02:00
|
|
|
case SIGSUBPKT_SIGNATURE:
|
2005-02-03 10:32:53 +01:00
|
|
|
fputs("signature: ",listfp);
|
2004-04-22 02:54:30 +02:00
|
|
|
if(length<17)
|
|
|
|
p="[too short]";
|
|
|
|
else
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "v%d, class 0x%02X, algo %d, digest algo %d",
|
2004-04-22 02:54:30 +02:00
|
|
|
buffer[0],
|
|
|
|
buffer[0]==3?buffer[2]:buffer[1],
|
|
|
|
buffer[0]==3?buffer[15]:buffer[2],
|
|
|
|
buffer[0]==3?buffer[16]:buffer[3]);
|
|
|
|
break;
|
* packet.h, build-packet.c (build_sig_subpkt), export.c
(do_export_stream), import.c (remove_bad_stuff, import), parse-packet.c
(dump_sig_subpkt, parse_one_sig_subpkt): Remove vestigal code for the old
sig cache subpacket. This wasn't completely harmless as it caused
subpacket 101 to disappear on import and export.
* options.h, armor.c, cipher.c, g10.c, keyedit.c, pkclist.c, sign.c,
encode.c, getkey.c, revoke.c: The current flags for different levels of
PGP-ness are massively complex. This is step one in simplifying them. No
functional change yet, just use a macro to check for compliance level.
* sign.c (sign_file): Fix bug that causes spurious compression preference
warning.
* sign.c (clearsign_file): Fix bug that prevents proper warning message
from appearing when clearsigning in --pgp2 mode with a non-v3 RSA key.
* main.h, misc.c (compliance_option_string, compliance_string,
compliance_failure), pkclist.c (build_pk_list), sign.c (sign_file,
clearsign_file), encode.c (encode_crypt, write_pubkey_enc_from_list): New
functions to put the "this message may not be usable...." warning in one
place.
* options.h, g10.c (main): Part two of the simplification. Use a single
enum to indicate what we are compliant to (1991, 2440, PGPx, etc.)
* g10.c (main): Show errors for failure in export, send-keys, recv-keys,
and refresh-keys.
* options.h, g10.c (main): Give algorithm warnings for algorithms chosen
against the --pgpX and --openpgp rules.
* keydb.h, pkclist.c (algo_available): Make TIGER192 invalid in --openpgp
mode.
* sign.c (sign_file), pkclist.c (algo_available): Allow passing a hint of
0.
2003-05-03 06:07:45 +02:00
|
|
|
default:
|
|
|
|
if(type>=100 && type<=110)
|
|
|
|
p="experimental / private subpacket";
|
|
|
|
else
|
|
|
|
p = "?";
|
1998-10-18 17:21:22 +02:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "%s)\n", p? p: "");
|
1998-10-18 17:21:22 +02:00
|
|
|
}
|
|
|
|
|
1998-12-14 21:22:42 +01:00
|
|
|
/****************
|
2004-10-17 00:48:20 +02:00
|
|
|
* Returns: >= 0 use this offset into buffer
|
|
|
|
* -1 explicitly reject returning this type
|
|
|
|
* -2 subpacket too short
|
1998-12-14 21:22:42 +01:00
|
|
|
*/
|
2002-06-29 15:46:34 +02:00
|
|
|
int
|
1998-12-14 21:22:42 +01:00
|
|
|
parse_one_sig_subpkt( const byte *buffer, size_t n, int type )
|
|
|
|
{
|
2004-04-22 02:54:30 +02:00
|
|
|
switch( type )
|
|
|
|
{
|
|
|
|
case SIGSUBPKT_REV_KEY:
|
|
|
|
if(n < 22)
|
|
|
|
break;
|
|
|
|
return 0;
|
|
|
|
case SIGSUBPKT_SIG_CREATED:
|
|
|
|
case SIGSUBPKT_SIG_EXPIRE:
|
|
|
|
case SIGSUBPKT_KEY_EXPIRE:
|
|
|
|
if( n < 4 )
|
|
|
|
break;
|
|
|
|
return 0;
|
|
|
|
case SIGSUBPKT_KEY_FLAGS:
|
|
|
|
case SIGSUBPKT_KS_FLAGS:
|
|
|
|
case SIGSUBPKT_PREF_SYM:
|
|
|
|
case SIGSUBPKT_PREF_HASH:
|
|
|
|
case SIGSUBPKT_PREF_COMPR:
|
|
|
|
case SIGSUBPKT_POLICY:
|
|
|
|
case SIGSUBPKT_PREF_KS:
|
|
|
|
case SIGSUBPKT_FEATURES:
|
|
|
|
case SIGSUBPKT_REGEXP:
|
|
|
|
return 0;
|
|
|
|
case SIGSUBPKT_SIGNATURE:
|
|
|
|
case SIGSUBPKT_EXPORTABLE:
|
|
|
|
case SIGSUBPKT_REVOCABLE:
|
|
|
|
case SIGSUBPKT_REVOC_REASON:
|
|
|
|
if( !n )
|
|
|
|
break;
|
|
|
|
return 0;
|
|
|
|
case SIGSUBPKT_ISSUER: /* issuer key ID */
|
|
|
|
if( n < 8 )
|
|
|
|
break;
|
|
|
|
return 0;
|
|
|
|
case SIGSUBPKT_NOTATION:
|
2005-05-11 21:31:53 +02:00
|
|
|
/* minimum length needed, and the subpacket must be well-formed
|
|
|
|
where the name length and value length all fit inside the
|
|
|
|
packet. */
|
|
|
|
if(n<8 || 8+((buffer[4]<<8)|buffer[5])+((buffer[6]<<8)|buffer[7]) != n)
|
2004-04-22 02:54:30 +02:00
|
|
|
break;
|
|
|
|
return 0;
|
|
|
|
case SIGSUBPKT_PRIMARY_UID:
|
|
|
|
if ( n != 1 )
|
|
|
|
break;
|
|
|
|
return 0;
|
|
|
|
case SIGSUBPKT_TRUST:
|
|
|
|
if ( n != 2 )
|
|
|
|
break;
|
|
|
|
return 0;
|
2004-10-17 00:48:20 +02:00
|
|
|
default: return 0;
|
1998-12-14 21:22:42 +01:00
|
|
|
}
|
2004-10-17 00:48:20 +02:00
|
|
|
return -2;
|
1998-12-14 21:22:42 +01:00
|
|
|
}
|
|
|
|
|
2005-05-11 21:31:53 +02:00
|
|
|
/* Not many critical notations we understand yet... */
|
|
|
|
static int
|
|
|
|
can_handle_critical_notation(const byte *name,size_t len)
|
|
|
|
{
|
|
|
|
if(len==32 && memcmp(name,"preferred-email-encoding@pgp.com",32)==0)
|
|
|
|
return 1;
|
2005-07-28 20:59:36 +02:00
|
|
|
if(len==21 && memcmp(name,"pka-address@gnupg.org",21)==0)
|
|
|
|
return 1;
|
2005-05-11 21:31:53 +02:00
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
1999-05-26 14:41:46 +02:00
|
|
|
|
|
|
|
static int
|
|
|
|
can_handle_critical( const byte *buffer, size_t n, int type )
|
|
|
|
{
|
2004-04-22 02:54:30 +02:00
|
|
|
switch( type )
|
|
|
|
{
|
|
|
|
case SIGSUBPKT_NOTATION:
|
2014-12-12 10:41:25 +01:00
|
|
|
if (n >= 8)
|
|
|
|
{
|
|
|
|
size_t notation_len = ((buffer[4] << 8) | buffer[5]);
|
|
|
|
if (n - 8 >= notation_len)
|
|
|
|
return can_handle_critical_notation (buffer + 8, notation_len);
|
|
|
|
}
|
|
|
|
return 0;
|
2004-04-22 02:54:30 +02:00
|
|
|
case SIGSUBPKT_SIGNATURE:
|
|
|
|
case SIGSUBPKT_SIG_CREATED:
|
|
|
|
case SIGSUBPKT_SIG_EXPIRE:
|
|
|
|
case SIGSUBPKT_KEY_EXPIRE:
|
|
|
|
case SIGSUBPKT_EXPORTABLE:
|
|
|
|
case SIGSUBPKT_REVOCABLE:
|
|
|
|
case SIGSUBPKT_REV_KEY:
|
|
|
|
case SIGSUBPKT_ISSUER:/* issuer key ID */
|
|
|
|
case SIGSUBPKT_PREF_SYM:
|
|
|
|
case SIGSUBPKT_PREF_HASH:
|
|
|
|
case SIGSUBPKT_PREF_COMPR:
|
|
|
|
case SIGSUBPKT_KEY_FLAGS:
|
|
|
|
case SIGSUBPKT_PRIMARY_UID:
|
|
|
|
case SIGSUBPKT_FEATURES:
|
|
|
|
case SIGSUBPKT_TRUST:
|
|
|
|
case SIGSUBPKT_REGEXP:
|
|
|
|
/* Is it enough to show the policy or keyserver? */
|
|
|
|
case SIGSUBPKT_POLICY:
|
|
|
|
case SIGSUBPKT_PREF_KS:
|
|
|
|
return 1;
|
|
|
|
|
|
|
|
default:
|
|
|
|
return 0;
|
1999-05-26 14:41:46 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
1998-05-13 19:53:36 +02:00
|
|
|
const byte *
|
2002-06-29 15:46:34 +02:00
|
|
|
enum_sig_subpkt( const subpktarea_t *pktbuf, sigsubpkttype_t reqtype,
|
|
|
|
size_t *ret_n, int *start, int *critical )
|
1998-03-09 22:44:06 +01:00
|
|
|
{
|
2002-06-29 15:46:34 +02:00
|
|
|
const byte *buffer;
|
1998-05-13 19:53:36 +02:00
|
|
|
int buflen;
|
1998-03-09 22:44:06 +01:00
|
|
|
int type;
|
2002-06-29 15:46:34 +02:00
|
|
|
int critical_dummy;
|
1998-12-14 21:22:42 +01:00
|
|
|
int offset;
|
1998-03-09 22:44:06 +01:00
|
|
|
size_t n;
|
1999-05-26 14:41:46 +02:00
|
|
|
int seq = 0;
|
|
|
|
int reqseq = start? *start: 0;
|
1998-03-09 22:44:06 +01:00
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
if(!critical)
|
|
|
|
critical=&critical_dummy;
|
|
|
|
|
|
|
|
if( !pktbuf || reqseq == -1 ) {
|
2014-09-18 15:08:51 +02:00
|
|
|
static char dummy[] = "x";
|
|
|
|
/* Return a value different from NULL to indicate that
|
|
|
|
* there is no critical bit we do not understand. */
|
|
|
|
return reqtype == SIGSUBPKT_TEST_CRITICAL ? dummy : NULL;
|
2000-07-14 19:34:53 +02:00
|
|
|
}
|
2002-06-29 15:46:34 +02:00
|
|
|
buffer = pktbuf->data;
|
|
|
|
buflen = pktbuf->len;
|
1998-12-14 21:22:42 +01:00
|
|
|
while( buflen ) {
|
1998-03-09 22:44:06 +01:00
|
|
|
n = *buffer++; buflen--;
|
2002-06-29 15:46:34 +02:00
|
|
|
if( n == 255 ) { /* 4 byte length header */
|
1998-05-13 19:53:36 +02:00
|
|
|
if( buflen < 4 )
|
|
|
|
goto too_short;
|
2015-02-22 05:10:32 +01:00
|
|
|
n = buf32_to_size_t (buffer);
|
1998-05-13 19:53:36 +02:00
|
|
|
buffer += 4;
|
|
|
|
buflen -= 4;
|
|
|
|
}
|
2002-06-29 15:46:34 +02:00
|
|
|
else if( n >= 192 ) { /* 2 byte special encoded length header */
|
1998-03-09 22:44:06 +01:00
|
|
|
if( buflen < 2 )
|
|
|
|
goto too_short;
|
|
|
|
n = (( n - 192 ) << 8) + *buffer + 192;
|
1999-05-17 22:03:24 +02:00
|
|
|
buffer++;
|
1998-03-09 22:44:06 +01:00
|
|
|
buflen--;
|
|
|
|
}
|
|
|
|
if( buflen < n )
|
|
|
|
goto too_short;
|
|
|
|
type = *buffer;
|
|
|
|
if( type & 0x80 ) {
|
|
|
|
type &= 0x7f;
|
2002-06-29 15:46:34 +02:00
|
|
|
*critical = 1;
|
1998-03-09 22:44:06 +01:00
|
|
|
}
|
|
|
|
else
|
2002-06-29 15:46:34 +02:00
|
|
|
*critical = 0;
|
1999-05-26 14:41:46 +02:00
|
|
|
if( !(++seq > reqseq) )
|
|
|
|
;
|
|
|
|
else if( reqtype == SIGSUBPKT_TEST_CRITICAL ) {
|
2002-06-29 15:46:34 +02:00
|
|
|
if( *critical ) {
|
1998-12-14 21:22:42 +01:00
|
|
|
if( n-1 > buflen+1 )
|
|
|
|
goto too_short;
|
* g10.c (main): Add --no-textmode.
* export.c (do_export_stream), keyedit.c (show_key_with_all_names,
menu_addrevoker), mainproc.c (check_sig_and_print), photoid.c
(show_photos), sign.c (mk_notation_and_policy), trustdb.c (get_validity,
reset_trust_records, validate_keys): Make some strings translatable.
* mainproc.c (check_sig_and_print): Show digest algorithm and sig class
when verifying a sig with --verbose on, and add version, pk and hash
algorithms and sig class to VALIDSIG.
* parse-packet.c (enum_sig_subpkt): Make a warning message a --verbose
warning message since we don't need to warn every time we see an unknown
critical (we only need to invalidate the signature).
* trustdb.c (init_trustdb): Check the trustdb options even with TM_AUTO
since the auto may become TM_CLASSIC or TM_OPENPGP.
2003-04-27 22:22:09 +02:00
|
|
|
if( !can_handle_critical(buffer+1, n-1, type ) )
|
|
|
|
{
|
|
|
|
if(opt.verbose)
|
|
|
|
log_info(_("subpacket of type %d has "
|
|
|
|
"critical bit set\n"),type);
|
1999-05-26 14:41:46 +02:00
|
|
|
if( start )
|
* g10.c (main): Add --no-textmode.
* export.c (do_export_stream), keyedit.c (show_key_with_all_names,
menu_addrevoker), mainproc.c (check_sig_and_print), photoid.c
(show_photos), sign.c (mk_notation_and_policy), trustdb.c (get_validity,
reset_trust_records, validate_keys): Make some strings translatable.
* mainproc.c (check_sig_and_print): Show digest algorithm and sig class
when verifying a sig with --verbose on, and add version, pk and hash
algorithms and sig class to VALIDSIG.
* parse-packet.c (enum_sig_subpkt): Make a warning message a --verbose
warning message since we don't need to warn every time we see an unknown
critical (we only need to invalidate the signature).
* trustdb.c (init_trustdb): Check the trustdb options even with TM_AUTO
since the auto may become TM_CLASSIC or TM_OPENPGP.
2003-04-27 22:22:09 +02:00
|
|
|
*start = seq;
|
1998-12-14 21:22:42 +01:00
|
|
|
return NULL; /* this is an error */
|
* g10.c (main): Add --no-textmode.
* export.c (do_export_stream), keyedit.c (show_key_with_all_names,
menu_addrevoker), mainproc.c (check_sig_and_print), photoid.c
(show_photos), sign.c (mk_notation_and_policy), trustdb.c (get_validity,
reset_trust_records, validate_keys): Make some strings translatable.
* mainproc.c (check_sig_and_print): Show digest algorithm and sig class
when verifying a sig with --verbose on, and add version, pk and hash
algorithms and sig class to VALIDSIG.
* parse-packet.c (enum_sig_subpkt): Make a warning message a --verbose
warning message since we don't need to warn every time we see an unknown
critical (we only need to invalidate the signature).
* trustdb.c (init_trustdb): Check the trustdb options even with TM_AUTO
since the auto may become TM_CLASSIC or TM_OPENPGP.
2003-04-27 22:22:09 +02:00
|
|
|
}
|
1998-12-14 21:22:42 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
else if( reqtype < 0 ) /* list packets */
|
1998-10-18 17:21:22 +02:00
|
|
|
dump_sig_subpkt( reqtype == SIGSUBPKT_LIST_HASHED,
|
2002-06-29 15:46:34 +02:00
|
|
|
type, *critical, buffer, buflen, n );
|
1998-12-14 21:22:42 +01:00
|
|
|
else if( type == reqtype ) { /* found */
|
|
|
|
buffer++;
|
|
|
|
n--;
|
|
|
|
if( n > buflen )
|
|
|
|
goto too_short;
|
|
|
|
if( ret_n )
|
|
|
|
*ret_n = n;
|
|
|
|
offset = parse_one_sig_subpkt(buffer, n, type );
|
|
|
|
switch( offset ) {
|
|
|
|
case -2:
|
2004-10-17 00:48:20 +02:00
|
|
|
log_error("subpacket of type %d too short\n", type);
|
1998-12-14 21:22:42 +01:00
|
|
|
return NULL;
|
|
|
|
case -1:
|
2004-10-17 00:48:20 +02:00
|
|
|
return NULL;
|
1998-12-14 21:22:42 +01:00
|
|
|
default:
|
|
|
|
break;
|
|
|
|
}
|
1999-05-26 14:41:46 +02:00
|
|
|
if( start )
|
|
|
|
*start = seq;
|
1998-12-14 21:22:42 +01:00
|
|
|
return buffer+offset;
|
|
|
|
}
|
1998-03-09 22:44:06 +01:00
|
|
|
buffer += n; buflen -=n;
|
|
|
|
}
|
1998-12-14 21:22:42 +01:00
|
|
|
if( reqtype == SIGSUBPKT_TEST_CRITICAL )
|
1999-01-09 18:59:58 +01:00
|
|
|
return buffer; /* as value true to indicate that there is no */
|
1998-12-14 21:22:42 +01:00
|
|
|
/* critical bit we don't understand */
|
1999-05-26 14:41:46 +02:00
|
|
|
if( start )
|
|
|
|
*start = -1;
|
1998-12-14 21:22:42 +01:00
|
|
|
return NULL; /* end of packets; not found */
|
1998-03-09 22:44:06 +01:00
|
|
|
|
|
|
|
too_short:
|
2005-09-02 21:23:33 +02:00
|
|
|
if(opt.verbose)
|
|
|
|
log_info("buffer shorter than subpacket\n");
|
1999-05-26 14:41:46 +02:00
|
|
|
if( start )
|
|
|
|
*start = -1;
|
1998-03-09 22:44:06 +01:00
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
1999-05-26 14:41:46 +02:00
|
|
|
const byte *
|
2002-06-29 15:46:34 +02:00
|
|
|
parse_sig_subpkt (const subpktarea_t *buffer, sigsubpkttype_t reqtype,
|
|
|
|
size_t *ret_n)
|
1999-05-26 14:41:46 +02:00
|
|
|
{
|
2002-06-29 15:46:34 +02:00
|
|
|
return enum_sig_subpkt( buffer, reqtype, ret_n, NULL, NULL );
|
1999-05-26 14:41:46 +02:00
|
|
|
}
|
|
|
|
|
1998-08-05 18:51:59 +02:00
|
|
|
const byte *
|
2002-06-29 15:46:34 +02:00
|
|
|
parse_sig_subpkt2 (PKT_signature *sig, sigsubpkttype_t reqtype,
|
|
|
|
size_t *ret_n )
|
1998-08-05 18:51:59 +02:00
|
|
|
{
|
|
|
|
const byte *p;
|
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
p = parse_sig_subpkt (sig->hashed, reqtype, ret_n );
|
1998-08-05 18:51:59 +02:00
|
|
|
if( !p )
|
2002-06-29 15:46:34 +02:00
|
|
|
p = parse_sig_subpkt (sig->unhashed, reqtype, ret_n );
|
1998-08-05 18:51:59 +02:00
|
|
|
return p;
|
|
|
|
}
|
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
/* Find all revocation keys. Look in hashed area only. */
|
|
|
|
void parse_revkeys(PKT_signature *sig)
|
|
|
|
{
|
|
|
|
struct revocation_key *revkey;
|
|
|
|
int seq=0;
|
|
|
|
size_t len;
|
|
|
|
|
|
|
|
if(sig->sig_class!=0x1F)
|
|
|
|
return;
|
|
|
|
|
|
|
|
while((revkey=
|
|
|
|
(struct revocation_key *)enum_sig_subpkt(sig->hashed,
|
|
|
|
SIGSUBPKT_REV_KEY,
|
|
|
|
&len,&seq,NULL)))
|
|
|
|
{
|
|
|
|
if(len==sizeof(struct revocation_key) &&
|
|
|
|
(revkey->class&0x80)) /* 0x80 bit must be set */
|
|
|
|
{
|
2005-07-27 20:10:56 +02:00
|
|
|
sig->revkey=xrealloc(sig->revkey,
|
2002-06-29 15:46:34 +02:00
|
|
|
sizeof(struct revocation_key *)*(sig->numrevkeys+1));
|
|
|
|
sig->revkey[sig->numrevkeys]=revkey;
|
|
|
|
sig->numrevkeys++;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
1998-08-05 18:51:59 +02:00
|
|
|
|
2004-04-23 05:25:58 +02:00
|
|
|
int
|
1997-11-18 15:06:00 +01:00
|
|
|
parse_signature( IOBUF inp, int pkttype, unsigned long pktlen,
|
|
|
|
PKT_signature *sig )
|
|
|
|
{
|
1998-03-09 22:44:06 +01:00
|
|
|
int md5_len=0;
|
1997-11-18 15:06:00 +01:00
|
|
|
unsigned n;
|
1998-03-09 22:44:06 +01:00
|
|
|
int is_v4=0;
|
|
|
|
int rc=0;
|
1998-06-13 08:59:14 +02:00
|
|
|
int i, ndata;
|
1997-11-18 15:06:00 +01:00
|
|
|
|
|
|
|
if( pktlen < 16 ) {
|
|
|
|
log_error("packet(%d) too short\n", pkttype);
|
|
|
|
goto leave;
|
|
|
|
}
|
1998-03-09 22:44:06 +01:00
|
|
|
sig->version = iobuf_get_noeof(inp); pktlen--;
|
|
|
|
if( sig->version == 4 )
|
|
|
|
is_v4=1;
|
|
|
|
else if( sig->version != 2 && sig->version != 3 ) {
|
|
|
|
log_error("packet(%d) with unknown version %d\n", pkttype, sig->version);
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = G10ERR_INVALID_PACKET;
|
1997-11-18 15:06:00 +01:00
|
|
|
goto leave;
|
|
|
|
}
|
1998-03-09 22:44:06 +01:00
|
|
|
|
|
|
|
if( !is_v4 ) {
|
|
|
|
md5_len = iobuf_get_noeof(inp); pktlen--;
|
|
|
|
}
|
1997-11-18 15:06:00 +01:00
|
|
|
sig->sig_class = iobuf_get_noeof(inp); pktlen--;
|
1998-03-09 22:44:06 +01:00
|
|
|
if( !is_v4 ) {
|
|
|
|
sig->timestamp = read_32(inp); pktlen -= 4;
|
|
|
|
sig->keyid[0] = read_32(inp); pktlen -= 4;
|
|
|
|
sig->keyid[1] = read_32(inp); pktlen -= 4;
|
|
|
|
}
|
1997-11-18 15:06:00 +01:00
|
|
|
sig->pubkey_algo = iobuf_get_noeof(inp); pktlen--;
|
1998-03-09 22:44:06 +01:00
|
|
|
sig->digest_algo = iobuf_get_noeof(inp); pktlen--;
|
2002-06-29 15:46:34 +02:00
|
|
|
sig->flags.exportable=1;
|
|
|
|
sig->flags.revocable=1;
|
1998-03-09 22:44:06 +01:00
|
|
|
if( is_v4 ) { /* read subpackets */
|
|
|
|
n = read_16(inp); pktlen -= 2; /* length of hashed data */
|
|
|
|
if( n > 10000 ) {
|
|
|
|
log_error("signature packet: hashed data too long\n");
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = G10ERR_INVALID_PACKET;
|
1998-03-09 22:44:06 +01:00
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
if( n ) {
|
2005-07-27 20:10:56 +02:00
|
|
|
sig->hashed = xmalloc (sizeof (*sig->hashed) + n - 1 );
|
2002-06-29 15:46:34 +02:00
|
|
|
sig->hashed->size = n;
|
|
|
|
sig->hashed->len = n;
|
|
|
|
if( iobuf_read (inp, sig->hashed->data, n ) != n ) {
|
|
|
|
log_error ("premature eof while reading "
|
|
|
|
"hashed signature data\n");
|
1998-03-09 22:44:06 +01:00
|
|
|
rc = -1;
|
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
pktlen -= n;
|
|
|
|
}
|
|
|
|
n = read_16(inp); pktlen -= 2; /* length of unhashed data */
|
|
|
|
if( n > 10000 ) {
|
|
|
|
log_error("signature packet: unhashed data too long\n");
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = G10ERR_INVALID_PACKET;
|
1998-03-09 22:44:06 +01:00
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
if( n ) {
|
2005-07-27 20:10:56 +02:00
|
|
|
sig->unhashed = xmalloc (sizeof(*sig->unhashed) + n - 1 );
|
* parse-packet.c (parse_signature): No need to reserve 8 bytes for the
unhashed signature cache any longer.
* misc.c (pct_expando): Add two new expandos - signer's fingerprint (%g),
and signer's primary fingerprint (%p).
* Makefile.am: Include W32LIBS where appropriate.
* g10.c (main): Add --rfc2440 alias for --openpgp since in a few months,
they won't be the same thing.
* keyserver.c (parse_keyserver_uri): Accept "http" as an alias for "hkp",
since it is occasionally written that way. (keyserver_spawn): Use
ascii_isspace to avoid locale issues.
* keygen.c (ask_user_id): Make --allow-freeform-uid apply to the email
field as well as the name field, and allow mixing fields when it is set.
* options.skel: Use subkeys.pgp.net as the default keyserver.
* trustdb.c (validate_one_keyblock): Certifications on revoked or expired
uids do not count in the web of trust.
* signal.c (init_one_signal, pause_on_sigusr, do_block): Only use
sigprocmask() if we have sigset_t, and only use sigaction() if we have
struct sigaction. This is for Forte c89 on Solaris which seems to define
only the function call half of the two pairs by default.
(pause_on_sigusr): Typo. (do_block): If we can't use sigprocmask() and
sigset_t, try to get the number of signals from NSIG as well as MAXSIG,
and if we can't, fail with an explanation.
* signal.c, tdbio.c: Comment out the transaction code. It was not used in
this version, and was causing some build problems on quasi-posix platforms
(Solaris and Forte c89).
* keylist.c (list_keyblock_colon): Don't include validity values when
listing secret keys since they can be incorrect and/or misleading. This
is a temporary kludge, and will be handled properly in 1.9/2.0.
* mainproc.c (check_sig_and_print): Only show the "key available from"
preferred keyserver line if the key is not currently present.
* keyedit.c (sign_uids): Do not sign expired uids without --expert (same
behavior as revoked uids). Do not allow signing a user ID without a
self-signature. --expert overrides. Add additional prompt to the
signature level question. (menu_expire): When changing expiration dates,
don't replace selfsigs on revoked uids since this would effectively
unrevoke them. There is also no point in replacing expired selfsigs.
This is bug #181
* g10.c (add_notation_data): Make sure that only ascii is passed to
iscntrl. Noted by Christian Biere.
* getkey.c (classify_user_id2): Replaced isspace by spacep
* keygen.c (ask_user_id): Ditto. (get_parameter_algo): Ditto.
* keyedit.c (keyedit_menu): Ditto.
* tdbdump.c (import_ownertrust): Ditto. s/isxdigit/hexdigitp/.
* revoke.c (ask_revocation_reason):
* keyserver.c (keyserver_spawn): Dito.
2003-07-10 16:30:07 +02:00
|
|
|
sig->unhashed->size = n;
|
2002-06-29 15:46:34 +02:00
|
|
|
sig->unhashed->len = n;
|
|
|
|
if( iobuf_read(inp, sig->unhashed->data, n ) != n ) {
|
|
|
|
log_error("premature eof while reading "
|
|
|
|
"unhashed signature data\n");
|
1998-03-09 22:44:06 +01:00
|
|
|
rc = -1;
|
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
pktlen -= n;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if( pktlen < 5 ) { /* sanity check */
|
|
|
|
log_error("packet(%d) too short\n", pkttype);
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = G10ERR_INVALID_PACKET;
|
1998-03-09 22:44:06 +01:00
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
|
|
|
|
sig->digest_start[0] = iobuf_get_noeof(inp); pktlen--;
|
|
|
|
sig->digest_start[1] = iobuf_get_noeof(inp); pktlen--;
|
|
|
|
|
2005-09-02 21:23:33 +02:00
|
|
|
if( is_v4 && sig->pubkey_algo )
|
|
|
|
{ /*extract required information */
|
1998-03-09 22:44:06 +01:00
|
|
|
const byte *p;
|
* keyedit.c (print_and_check_one_sig, show_key_and_fingerprint,
menu_addrevoker), keylist.c (list_keyblock_print, print_fingerprint): Show
"T" or the trust depth for trust signatures, and add spaces to some
strings to make room for it.
* packet.h, parse-packet.c (dump_sig_subpkt, parse_one_sig_subpkt,
parse_signature): Parse trust signature values.
* tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record): Reserve a byte
for the minimum ownertrust value (for use with trust signatures).
2002-10-29 19:00:07 +01:00
|
|
|
size_t len;
|
1998-10-01 09:23:00 +02:00
|
|
|
|
1998-12-14 21:22:42 +01:00
|
|
|
/* set sig->flags.unknown_critical if there is a
|
|
|
|
* critical bit set for packets which we do not understand */
|
2002-06-29 15:46:34 +02:00
|
|
|
if( !parse_sig_subpkt (sig->hashed, SIGSUBPKT_TEST_CRITICAL, NULL)
|
2005-09-02 21:23:33 +02:00
|
|
|
|| !parse_sig_subpkt (sig->unhashed, SIGSUBPKT_TEST_CRITICAL,
|
|
|
|
NULL) )
|
|
|
|
sig->flags.unknown_critical = 1;
|
1998-12-14 21:22:42 +01:00
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_SIG_CREATED, NULL );
|
2003-08-13 05:31:36 +02:00
|
|
|
if(p)
|
2015-02-22 05:10:32 +01:00
|
|
|
sig->timestamp = buf32_to_u32 (p);
|
2005-09-02 21:23:33 +02:00
|
|
|
else if(!(sig->pubkey_algo>=100 && sig->pubkey_algo<=110)
|
|
|
|
&& opt.verbose)
|
2005-06-18 13:49:50 +02:00
|
|
|
log_info ("signature packet without timestamp\n");
|
2003-08-13 05:31:36 +02:00
|
|
|
|
1998-08-05 18:51:59 +02:00
|
|
|
p = parse_sig_subpkt2( sig, SIGSUBPKT_ISSUER, NULL );
|
2003-08-13 05:31:36 +02:00
|
|
|
if(p)
|
|
|
|
{
|
2015-02-22 05:10:32 +01:00
|
|
|
sig->keyid[0] = buf32_to_u32 (p);
|
|
|
|
sig->keyid[1] = buf32_to_u32 (p+4);
|
2003-08-13 05:31:36 +02:00
|
|
|
}
|
2005-09-02 21:23:33 +02:00
|
|
|
else if(!(sig->pubkey_algo>=100 && sig->pubkey_algo<=110)
|
|
|
|
&& opt.verbose)
|
2005-06-18 13:49:50 +02:00
|
|
|
log_info ("signature packet without keyid\n");
|
2002-06-29 15:46:34 +02:00
|
|
|
|
|
|
|
p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_SIG_EXPIRE,NULL);
|
2015-02-22 05:10:32 +01:00
|
|
|
if(p && buf32_to_u32 (p))
|
|
|
|
sig->expiredate = sig->timestamp + buf32_to_u32 (p);
|
2002-06-29 15:46:34 +02:00
|
|
|
if(sig->expiredate && sig->expiredate<=make_timestamp())
|
2005-09-02 21:23:33 +02:00
|
|
|
sig->flags.expired=1;
|
2002-06-29 15:46:34 +02:00
|
|
|
|
|
|
|
p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_POLICY,NULL);
|
|
|
|
if(p)
|
|
|
|
sig->flags.policy_url=1;
|
|
|
|
|
2003-08-26 05:56:47 +02:00
|
|
|
p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_PREF_KS,NULL);
|
|
|
|
if(p)
|
|
|
|
sig->flags.pref_ks=1;
|
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_NOTATION,NULL);
|
|
|
|
if(p)
|
|
|
|
sig->flags.notation=1;
|
|
|
|
|
|
|
|
p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_REVOCABLE,NULL);
|
|
|
|
if(p && *p==0)
|
|
|
|
sig->flags.revocable=0;
|
|
|
|
|
* keyedit.c (print_and_check_one_sig, show_key_and_fingerprint,
menu_addrevoker), keylist.c (list_keyblock_print, print_fingerprint): Show
"T" or the trust depth for trust signatures, and add spaces to some
strings to make room for it.
* packet.h, parse-packet.c (dump_sig_subpkt, parse_one_sig_subpkt,
parse_signature): Parse trust signature values.
* tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record): Reserve a byte
for the minimum ownertrust value (for use with trust signatures).
2002-10-29 19:00:07 +01:00
|
|
|
p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_TRUST,&len);
|
|
|
|
if(p && len==2)
|
|
|
|
{
|
|
|
|
sig->trust_depth=p[0];
|
|
|
|
sig->trust_value=p[1];
|
|
|
|
|
2002-10-30 04:11:57 +01:00
|
|
|
/* Only look for a regexp if there is also a trust
|
|
|
|
subpacket. */
|
* keyedit.c (print_and_check_one_sig, show_key_and_fingerprint,
menu_addrevoker), keylist.c (list_keyblock_print, print_fingerprint): Show
"T" or the trust depth for trust signatures, and add spaces to some
strings to make room for it.
* packet.h, parse-packet.c (dump_sig_subpkt, parse_one_sig_subpkt,
parse_signature): Parse trust signature values.
* tdbio.h, tdbio.c (tdbio_read_record, tdbio_write_record): Reserve a byte
for the minimum ownertrust value (for use with trust signatures).
2002-10-29 19:00:07 +01:00
|
|
|
sig->trust_regexp=
|
|
|
|
parse_sig_subpkt(sig->hashed,SIGSUBPKT_REGEXP,&len);
|
|
|
|
|
|
|
|
/* If the regular expression is of 0 length, there is no
|
|
|
|
regular expression. */
|
|
|
|
if(len==0)
|
|
|
|
sig->trust_regexp=NULL;
|
|
|
|
}
|
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
/* We accept the exportable subpacket from either the hashed
|
|
|
|
or unhashed areas as older versions of gpg put it in the
|
|
|
|
unhashed area. In theory, anyway, we should never see this
|
|
|
|
packet off of a local keyring. */
|
|
|
|
|
|
|
|
p=parse_sig_subpkt2(sig,SIGSUBPKT_EXPORTABLE,NULL);
|
|
|
|
if(p && *p==0)
|
|
|
|
sig->flags.exportable=0;
|
|
|
|
|
|
|
|
/* Find all revocation keys. */
|
|
|
|
if(sig->sig_class==0x1F)
|
|
|
|
parse_revkeys(sig);
|
2005-09-02 21:23:33 +02:00
|
|
|
}
|
1998-03-09 22:44:06 +01:00
|
|
|
|
|
|
|
if( list_mode ) {
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, ":signature packet: algo %d, keyid %08lX%08lX\n"
|
2007-02-14 04:41:24 +01:00
|
|
|
"\tversion %d, created %lu, md5len %d, sigclass 0x%02x\n"
|
1998-03-09 22:44:06 +01:00
|
|
|
"\tdigest algo %d, begin of digest %02x %02x\n",
|
1998-05-04 20:49:26 +02:00
|
|
|
sig->pubkey_algo,
|
1998-02-03 13:09:20 +01:00
|
|
|
(ulong)sig->keyid[0], (ulong)sig->keyid[1],
|
1998-03-09 22:44:06 +01:00
|
|
|
sig->version, (ulong)sig->timestamp, md5_len, sig->sig_class,
|
|
|
|
sig->digest_algo,
|
|
|
|
sig->digest_start[0], sig->digest_start[1] );
|
|
|
|
if( is_v4 ) {
|
2002-06-29 15:46:34 +02:00
|
|
|
parse_sig_subpkt (sig->hashed, SIGSUBPKT_LIST_HASHED, NULL );
|
|
|
|
parse_sig_subpkt (sig->unhashed, SIGSUBPKT_LIST_UNHASHED, NULL);
|
1997-11-24 23:24:04 +01:00
|
|
|
}
|
1998-03-09 22:44:06 +01:00
|
|
|
}
|
1998-06-13 08:59:14 +02:00
|
|
|
|
1999-05-08 19:35:16 +02:00
|
|
|
ndata = pubkey_get_nsig(sig->pubkey_algo);
|
|
|
|
if( !ndata ) {
|
|
|
|
if( list_mode )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "\tunknown algorithm %d\n", sig->pubkey_algo );
|
1999-05-08 19:35:16 +02:00
|
|
|
unknown_pubkey_warning( sig->pubkey_algo );
|
2007-02-04 18:20:24 +01:00
|
|
|
/* We store the plain material in data[0], so that we are able
|
1999-05-08 19:35:16 +02:00
|
|
|
* to write it back with build_packet() */
|
2007-02-04 18:20:24 +01:00
|
|
|
if (pktlen > (5 * MAX_EXTERN_MPI_BITS/8))
|
|
|
|
{
|
|
|
|
/* However we include a limit to avoid too trivial DoS
|
|
|
|
attacks by having gpg allocate too much memory. */
|
|
|
|
log_error ("signature packet: too much data\n");
|
|
|
|
rc = G10ERR_INVALID_PACKET;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
sig->data[0]= mpi_set_opaque (NULL, read_rest(inp, pktlen, 0),
|
|
|
|
pktlen );
|
|
|
|
pktlen = 0;
|
|
|
|
}
|
1998-07-02 21:31:46 +02:00
|
|
|
}
|
|
|
|
else {
|
1999-05-08 19:35:16 +02:00
|
|
|
for( i=0; i < ndata; i++ ) {
|
|
|
|
n = pktlen;
|
|
|
|
sig->data[i] = mpi_read(inp, &n, 0 );
|
|
|
|
pktlen -=n;
|
|
|
|
if( list_mode ) {
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "\tdata: ");
|
|
|
|
mpi_print(listfp, sig->data[i], mpi_print_mode );
|
|
|
|
putc ('\n', listfp);
|
1998-07-02 21:31:46 +02:00
|
|
|
}
|
2002-06-29 15:46:34 +02:00
|
|
|
if (!sig->data[i])
|
|
|
|
rc = G10ERR_INVALID_PACKET;
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
leave:
|
2004-09-09 14:42:10 +02:00
|
|
|
iobuf_skip_rest(inp, pktlen, 0);
|
1998-03-09 22:44:06 +01:00
|
|
|
return rc;
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
1997-12-02 20:36:53 +01:00
|
|
|
static int
|
|
|
|
parse_onepass_sig( IOBUF inp, int pkttype, unsigned long pktlen,
|
|
|
|
PKT_onepass_sig *ops )
|
|
|
|
{
|
|
|
|
int version;
|
2002-06-29 15:46:34 +02:00
|
|
|
int rc = 0;
|
1997-12-02 20:36:53 +01:00
|
|
|
|
|
|
|
if( pktlen < 13 ) {
|
|
|
|
log_error("packet(%d) too short\n", pkttype);
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = G10ERR_INVALID_PACKET;
|
1997-12-02 20:36:53 +01:00
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
version = iobuf_get_noeof(inp); pktlen--;
|
|
|
|
if( version != 3 ) {
|
|
|
|
log_error("onepass_sig with unknown version %d\n", version);
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = G10ERR_INVALID_PACKET;
|
1997-12-02 20:36:53 +01:00
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
ops->sig_class = iobuf_get_noeof(inp); pktlen--;
|
|
|
|
ops->digest_algo = iobuf_get_noeof(inp); pktlen--;
|
|
|
|
ops->pubkey_algo = iobuf_get_noeof(inp); pktlen--;
|
|
|
|
ops->keyid[0] = read_32(inp); pktlen -= 4;
|
|
|
|
ops->keyid[1] = read_32(inp); pktlen -= 4;
|
|
|
|
ops->last = iobuf_get_noeof(inp); pktlen--;
|
|
|
|
if( list_mode )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, ":onepass_sig packet: keyid %08lX%08lX\n"
|
2007-10-27 22:00:20 +02:00
|
|
|
"\tversion %d, sigclass 0x%02x, digest %d, pubkey %d, last=%d\n",
|
1998-02-03 13:09:20 +01:00
|
|
|
(ulong)ops->keyid[0], (ulong)ops->keyid[1],
|
1997-12-02 20:36:53 +01:00
|
|
|
version, ops->sig_class,
|
|
|
|
ops->digest_algo, ops->pubkey_algo, ops->last );
|
|
|
|
|
|
|
|
|
|
|
|
leave:
|
2004-09-09 14:42:10 +02:00
|
|
|
iobuf_skip_rest(inp, pktlen, 0);
|
2002-06-29 15:46:34 +02:00
|
|
|
return rc;
|
1997-12-02 20:36:53 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2002-09-11 09:27:54 +02:00
|
|
|
static MPI
|
|
|
|
read_protected_v3_mpi (IOBUF inp, unsigned long *length)
|
|
|
|
{
|
|
|
|
int c;
|
|
|
|
unsigned int nbits, nbytes;
|
|
|
|
unsigned char *buf, *p;
|
|
|
|
MPI val;
|
|
|
|
|
|
|
|
if (*length < 2)
|
|
|
|
{
|
|
|
|
log_error ("mpi too small\n");
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
if ((c=iobuf_get (inp)) == -1)
|
|
|
|
return NULL;
|
|
|
|
--*length;
|
|
|
|
nbits = c << 8;
|
|
|
|
if ((c=iobuf_get(inp)) == -1)
|
|
|
|
return NULL;
|
|
|
|
--*length;
|
|
|
|
nbits |= c;
|
|
|
|
|
|
|
|
if (nbits > 16384)
|
|
|
|
{
|
|
|
|
log_error ("mpi too large (%u bits)\n", nbits);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
nbytes = (nbits+7) / 8;
|
2005-07-27 20:10:56 +02:00
|
|
|
buf = p = xmalloc (2 + nbytes);
|
2002-09-11 09:27:54 +02:00
|
|
|
*p++ = nbits >> 8;
|
|
|
|
*p++ = nbits;
|
2007-01-15 20:30:33 +01:00
|
|
|
for (; nbytes && *length; nbytes--, --*length)
|
2002-09-11 09:27:54 +02:00
|
|
|
*p++ = iobuf_get (inp);
|
|
|
|
if (nbytes)
|
|
|
|
{
|
|
|
|
log_error ("packet shorter tham mpi\n");
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree (buf);
|
2002-09-11 09:27:54 +02:00
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* convert buffer into an opaque MPI */
|
2011-07-22 14:00:08 +02:00
|
|
|
val = mpi_set_opaque (NULL, buf, p-buf);
|
2002-09-11 09:27:54 +02:00
|
|
|
return val;
|
|
|
|
}
|
1997-11-18 15:06:00 +01:00
|
|
|
|
|
|
|
|
|
|
|
static int
|
1998-06-29 14:30:57 +02:00
|
|
|
parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
|
1997-11-18 15:06:00 +01:00
|
|
|
byte *hdr, int hdrlen, PACKET *pkt )
|
|
|
|
{
|
|
|
|
int i, version, algorithm;
|
|
|
|
unsigned n;
|
2002-06-29 15:46:34 +02:00
|
|
|
unsigned long timestamp, expiredate, max_expiredate;
|
1998-06-29 14:30:57 +02:00
|
|
|
int npkey, nskey;
|
1997-11-24 23:24:04 +01:00
|
|
|
int is_v4=0;
|
1998-02-24 19:50:46 +01:00
|
|
|
int rc=0;
|
2013-10-18 10:24:32 +02:00
|
|
|
u32 keyid[2];
|
1997-11-18 15:06:00 +01:00
|
|
|
|
|
|
|
version = iobuf_get_noeof(inp); pktlen--;
|
1998-06-29 14:30:57 +02:00
|
|
|
if( pkttype == PKT_PUBLIC_SUBKEY && version == '#' ) {
|
2002-06-29 15:46:34 +02:00
|
|
|
/* early versions of G10 use old PGP comments packets;
|
1998-05-03 21:35:33 +02:00
|
|
|
* luckily all those comments are started by a hash */
|
1998-04-02 12:30:03 +02:00
|
|
|
if( list_mode ) {
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, ":rfc1991 comment packet: \"" );
|
1998-04-02 12:30:03 +02:00
|
|
|
for( ; pktlen; pktlen-- ) {
|
|
|
|
int c;
|
|
|
|
c = iobuf_get_noeof(inp);
|
|
|
|
if( c >= ' ' && c <= 'z' )
|
2005-02-03 10:32:53 +01:00
|
|
|
putc (c, listfp);
|
1998-04-02 12:30:03 +02:00
|
|
|
else
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "\\x%02x", c );
|
1998-04-02 12:30:03 +02:00
|
|
|
}
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "\"\n");
|
1998-04-02 12:30:03 +02:00
|
|
|
}
|
2004-09-09 14:42:10 +02:00
|
|
|
iobuf_skip_rest(inp, pktlen, 0);
|
1998-04-02 12:30:03 +02:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
else if( version == 4 )
|
1997-11-24 23:24:04 +01:00
|
|
|
is_v4=1;
|
|
|
|
else if( version != 2 && version != 3 ) {
|
1997-11-18 15:06:00 +01:00
|
|
|
log_error("packet(%d) with unknown version %d\n", pkttype, version);
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = G10ERR_INVALID_PACKET;
|
1997-11-18 15:06:00 +01:00
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
|
1998-04-02 12:30:03 +02:00
|
|
|
if( pktlen < 11 ) {
|
|
|
|
log_error("packet(%d) too short\n", pkttype);
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = G10ERR_INVALID_PACKET;
|
1998-04-02 12:30:03 +02:00
|
|
|
goto leave;
|
|
|
|
}
|
2015-02-22 05:10:27 +01:00
|
|
|
else if (pktlen > MAX_KEY_PACKET_LENGTH) {
|
|
|
|
log_error ("packet(%d) too large\n", pkttype);
|
|
|
|
if (list_mode)
|
|
|
|
fputs (":key packet: [too large]\n", listfp);
|
|
|
|
rc = G10ERR_INVALID_PACKET;
|
|
|
|
goto leave;
|
|
|
|
}
|
1998-04-02 12:30:03 +02:00
|
|
|
|
1997-11-18 15:06:00 +01:00
|
|
|
timestamp = read_32(inp); pktlen -= 4;
|
2002-06-29 15:46:34 +02:00
|
|
|
if( is_v4 ) {
|
1998-10-16 18:00:17 +02:00
|
|
|
expiredate = 0; /* have to get it from the selfsignature */
|
2002-06-29 15:46:34 +02:00
|
|
|
max_expiredate = 0;
|
|
|
|
}
|
1998-01-16 22:15:24 +01:00
|
|
|
else {
|
1998-10-16 18:00:17 +02:00
|
|
|
unsigned short ndays;
|
|
|
|
ndays = read_16(inp); pktlen -= 2;
|
|
|
|
if( ndays )
|
|
|
|
expiredate = timestamp + ndays * 86400L;
|
|
|
|
else
|
|
|
|
expiredate = 0;
|
2002-06-29 15:46:34 +02:00
|
|
|
|
|
|
|
max_expiredate=expiredate;
|
1998-01-16 22:15:24 +01:00
|
|
|
}
|
1997-11-18 15:06:00 +01:00
|
|
|
algorithm = iobuf_get_noeof(inp); pktlen--;
|
|
|
|
if( list_mode )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, ":%s key packet:\n"
|
1998-10-16 18:00:17 +02:00
|
|
|
"\tversion %d, algo %d, created %lu, expires %lu\n",
|
1998-06-29 14:30:57 +02:00
|
|
|
pkttype == PKT_PUBLIC_KEY? "public" :
|
|
|
|
pkttype == PKT_SECRET_KEY? "secret" :
|
|
|
|
pkttype == PKT_PUBLIC_SUBKEY? "public sub" :
|
|
|
|
pkttype == PKT_SECRET_SUBKEY? "secret sub" : "??",
|
1998-10-16 18:00:17 +02:00
|
|
|
version, algorithm, timestamp, expiredate );
|
1998-06-29 14:30:57 +02:00
|
|
|
|
|
|
|
if( pkttype == PKT_SECRET_KEY || pkttype == PKT_SECRET_SUBKEY ) {
|
|
|
|
PKT_secret_key *sk = pkt->pkt.secret_key;
|
|
|
|
|
|
|
|
sk->timestamp = timestamp;
|
1998-10-16 18:00:17 +02:00
|
|
|
sk->expiredate = expiredate;
|
2002-06-29 15:46:34 +02:00
|
|
|
sk->max_expiredate = max_expiredate;
|
1998-06-29 14:30:57 +02:00
|
|
|
sk->hdrbytes = hdrlen;
|
|
|
|
sk->version = version;
|
1999-01-07 18:05:48 +01:00
|
|
|
sk->is_primary = pkttype == PKT_SECRET_KEY;
|
1998-06-29 14:30:57 +02:00
|
|
|
sk->pubkey_algo = algorithm;
|
2011-07-22 14:00:08 +02:00
|
|
|
sk->req_usage = 0;
|
2002-06-29 15:46:34 +02:00
|
|
|
sk->pubkey_usage = 0; /* not yet used */
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
|
|
|
else {
|
1998-06-29 14:30:57 +02:00
|
|
|
PKT_public_key *pk = pkt->pkt.public_key;
|
1997-11-18 15:06:00 +01:00
|
|
|
|
1998-06-29 14:30:57 +02:00
|
|
|
pk->timestamp = timestamp;
|
1998-10-16 18:00:17 +02:00
|
|
|
pk->expiredate = expiredate;
|
2002-06-29 15:46:34 +02:00
|
|
|
pk->max_expiredate = max_expiredate;
|
1998-06-29 14:30:57 +02:00
|
|
|
pk->hdrbytes = hdrlen;
|
|
|
|
pk->version = version;
|
2002-10-03 21:20:37 +02:00
|
|
|
pk->is_primary = pkttype == PKT_PUBLIC_KEY;
|
1998-06-29 14:30:57 +02:00
|
|
|
pk->pubkey_algo = algorithm;
|
2011-07-22 14:00:08 +02:00
|
|
|
pk->req_usage = 0;
|
2002-06-29 15:46:34 +02:00
|
|
|
pk->pubkey_usage = 0; /* not yet used */
|
2000-09-18 16:35:34 +02:00
|
|
|
pk->is_revoked = 0;
|
* trustdb.h, trustdb.c (is_disabled), gpgv.c (is_disabled): Rename
is_disabled to cache_disabled_value, which now takes a pk and not just the
keyid. This is for speed since there is no need to re-fetch a key when we
already have that key handy. Cache the result of the check so we don't
need to hit the trustdb more than once.
* getkey.c (skip_disabled): New function to get a pk and call is_disabled
on it. (key_byname): Use it here.
* packet.h, getkey.c (skip_disabled), keylist.c (print_capabilities): New
"pk_is_disabled" macro to retrieve the cached disabled value if available,
and fill it in via cache_disabled_value if not available.
* trustdb.c (get_validity): Cache the disabled value since we have it
handy and it might be useful later.
* parse-packet.c (parse_key): Clear disabled flag when parsing a new key.
Just in case someone forgets to clear the whole key.
* getkey.c (merge_selfsigs_main): Add an "if all else fails" path for
setting a single user ID primary when there are multiple set primaries all
at the same second, or no primaries set and the most recent user IDs are
at the same second, or no signed user IDs at all. This is arbitrary, but
deterministic.
* exec.h, photoid.h: Add copyright message.
* keylist.c (list_keyblock_print): Don't dump attribs for
revoked/expired/etc uids for non-colon key listings. This is for
consistency with --show-photos.
* main.h, keylist.c (dump_attribs), mainproc.c (check_sig_and_print): Dump
attribs if --attrib-fd is set when verifying signatures.
* g10.c (main): New --gnupg option to disable the various --openpgp,
--pgpX, etc. options. This is the same as --no-XXXX for those options.
* revoke.c (ask_revocation_reason): Clear old reason if user elects to
repeat question. This is bug 153.
* keyedit.c (sign_uids): Show keyid of the key making the signature.
2003-05-21 18:42:22 +02:00
|
|
|
pk->is_disabled = 0;
|
1998-07-09 15:37:17 +02:00
|
|
|
pk->keyid[0] = 0;
|
|
|
|
pk->keyid[1] = 0;
|
1998-06-29 14:30:57 +02:00
|
|
|
}
|
|
|
|
nskey = pubkey_get_nskey( algorithm );
|
|
|
|
npkey = pubkey_get_npkey( algorithm );
|
|
|
|
if( !npkey ) {
|
|
|
|
if( list_mode )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "\tunknown algorithm %d\n", algorithm );
|
1998-07-02 21:31:46 +02:00
|
|
|
unknown_pubkey_warning( algorithm );
|
1998-06-29 14:30:57 +02:00
|
|
|
}
|
1998-02-24 19:50:46 +01:00
|
|
|
|
1998-08-05 18:51:59 +02:00
|
|
|
if( pkttype == PKT_SECRET_KEY || pkttype == PKT_SECRET_SUBKEY ) {
|
1998-06-29 14:30:57 +02:00
|
|
|
PKT_secret_key *sk = pkt->pkt.secret_key;
|
1999-06-26 12:23:06 +02:00
|
|
|
byte temp[16];
|
2003-09-30 10:00:08 +02:00
|
|
|
size_t snlen = 0;
|
1998-02-24 19:50:46 +01:00
|
|
|
|
2015-04-05 19:42:59 +02:00
|
|
|
if (pktlen < 1)
|
|
|
|
{
|
|
|
|
rc = G10ERR_INVALID_PACKET;
|
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
|
1998-07-02 21:31:46 +02:00
|
|
|
if( !npkey ) {
|
2002-06-29 15:46:34 +02:00
|
|
|
sk->skey[0] = mpi_set_opaque( NULL,
|
2004-03-03 01:09:16 +01:00
|
|
|
read_rest(inp, pktlen, 0), pktlen );
|
1999-05-08 19:35:16 +02:00
|
|
|
pktlen = 0;
|
1998-07-02 21:31:46 +02:00
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
|
1998-06-29 14:30:57 +02:00
|
|
|
for(i=0; i < npkey; i++ ) {
|
2015-04-05 19:42:59 +02:00
|
|
|
n = pktlen;
|
|
|
|
sk->skey[i] = mpi_read(inp, &n, 0 );
|
|
|
|
pktlen -=n;
|
1998-06-29 14:30:57 +02:00
|
|
|
if( list_mode ) {
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "\tskey[%d]: ", i);
|
|
|
|
mpi_print(listfp, sk->skey[i], mpi_print_mode );
|
|
|
|
putc ('\n', listfp);
|
1998-06-29 14:30:57 +02:00
|
|
|
}
|
2002-06-29 15:46:34 +02:00
|
|
|
if (!sk->skey[i])
|
|
|
|
rc = G10ERR_INVALID_PACKET;
|
1998-06-29 14:30:57 +02:00
|
|
|
}
|
2002-06-29 15:46:34 +02:00
|
|
|
if (rc) /* one of the MPIs were bad */
|
|
|
|
goto leave;
|
2013-10-18 10:24:32 +02:00
|
|
|
if (list_mode && npkey)
|
|
|
|
keyid_from_sk (sk, keyid);
|
|
|
|
|
2015-04-05 19:42:59 +02:00
|
|
|
sk->protect.algo = iobuf_get_noeof(inp);
|
|
|
|
pktlen--;
|
2002-06-29 15:46:34 +02:00
|
|
|
sk->protect.sha1chk = 0;
|
1998-06-29 14:30:57 +02:00
|
|
|
if( sk->protect.algo ) {
|
|
|
|
sk->is_protected = 1;
|
|
|
|
sk->protect.s2k.count = 0;
|
2002-06-29 15:46:34 +02:00
|
|
|
if( sk->protect.algo == 254 || sk->protect.algo == 255 ) {
|
1998-06-29 14:30:57 +02:00
|
|
|
if( pktlen < 3 ) {
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = G10ERR_INVALID_PACKET;
|
1998-06-29 14:30:57 +02:00
|
|
|
goto leave;
|
1998-02-24 19:50:46 +01:00
|
|
|
}
|
2002-06-29 15:46:34 +02:00
|
|
|
sk->protect.sha1chk = (sk->protect.algo == 254);
|
2015-04-05 19:42:59 +02:00
|
|
|
sk->protect.algo = iobuf_get_noeof(inp);
|
|
|
|
pktlen--;
|
2002-10-03 00:01:29 +02:00
|
|
|
/* Note that a sk->protect.algo > 110 is illegal, but
|
|
|
|
I'm not erroring on it here as otherwise there
|
|
|
|
would be no way to delete such a key. */
|
2015-04-05 19:42:59 +02:00
|
|
|
sk->protect.s2k.mode = iobuf_get_noeof(inp);
|
|
|
|
pktlen--;
|
|
|
|
sk->protect.s2k.hash_algo = iobuf_get_noeof(inp);
|
|
|
|
pktlen--;
|
2000-07-14 19:34:53 +02:00
|
|
|
/* check for the special GNU extension */
|
|
|
|
if( is_v4 && sk->protect.s2k.mode == 101 ) {
|
|
|
|
for(i=0; i < 4 && pktlen; i++, pktlen-- )
|
|
|
|
temp[i] = iobuf_get_noeof(inp);
|
|
|
|
if( i < 4 || memcmp( temp, "GNU", 3 ) ) {
|
|
|
|
if( list_mode )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "\tunknown S2K %d\n",
|
2000-07-14 19:34:53 +02:00
|
|
|
sk->protect.s2k.mode );
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = G10ERR_INVALID_PACKET;
|
2000-07-14 19:34:53 +02:00
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
/* here we know that it is a gnu extension
|
|
|
|
* What follows is the GNU protection mode:
|
|
|
|
* All values have special meanings
|
|
|
|
* and they are mapped in the mode with a base of 1000.
|
|
|
|
*/
|
|
|
|
sk->protect.s2k.mode = 1000 + temp[3];
|
|
|
|
}
|
1998-06-29 14:30:57 +02:00
|
|
|
switch( sk->protect.s2k.mode ) {
|
|
|
|
case 1:
|
1998-08-05 18:51:59 +02:00
|
|
|
case 3:
|
1998-06-29 14:30:57 +02:00
|
|
|
for(i=0; i < 8 && pktlen; i++, pktlen-- )
|
|
|
|
temp[i] = iobuf_get_noeof(inp);
|
|
|
|
memcpy(sk->protect.s2k.salt, temp, 8 );
|
|
|
|
break;
|
1998-02-24 19:50:46 +01:00
|
|
|
}
|
1998-06-29 14:30:57 +02:00
|
|
|
switch( sk->protect.s2k.mode ) {
|
2005-02-03 10:32:53 +01:00
|
|
|
case 0: if( list_mode ) fprintf (listfp, "\tsimple S2K" );
|
1998-06-29 14:30:57 +02:00
|
|
|
break;
|
2005-02-03 10:32:53 +01:00
|
|
|
case 1: if( list_mode ) fprintf (listfp, "\tsalted S2K" );
|
1998-06-29 14:30:57 +02:00
|
|
|
break;
|
2005-02-03 10:32:53 +01:00
|
|
|
case 3: if( list_mode ) fprintf (listfp, "\titer+salt S2K" );
|
1998-06-29 14:30:57 +02:00
|
|
|
break;
|
2005-02-03 10:32:53 +01:00
|
|
|
case 1001: if( list_mode ) fprintf (listfp,
|
|
|
|
"\tgnu-dummy S2K" );
|
2000-07-14 19:34:53 +02:00
|
|
|
break;
|
2005-02-03 10:32:53 +01:00
|
|
|
case 1002: if (list_mode) fprintf (listfp,
|
|
|
|
"\tgnu-divert-to-card S2K");
|
2003-09-30 10:00:08 +02:00
|
|
|
break;
|
1998-06-29 14:30:57 +02:00
|
|
|
default:
|
|
|
|
if( list_mode )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "\tunknown %sS2K %d\n",
|
2000-07-14 19:34:53 +02:00
|
|
|
sk->protect.s2k.mode < 1000? "":"GNU ",
|
|
|
|
sk->protect.s2k.mode );
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = G10ERR_INVALID_PACKET;
|
1998-02-24 19:50:46 +01:00
|
|
|
goto leave;
|
|
|
|
}
|
1998-06-29 14:30:57 +02:00
|
|
|
|
1997-11-24 23:24:04 +01:00
|
|
|
if( list_mode ) {
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, ", algo: %d,%s hash: %d",
|
1998-06-29 14:30:57 +02:00
|
|
|
sk->protect.algo,
|
2002-06-29 15:46:34 +02:00
|
|
|
sk->protect.sha1chk?" SHA1 protection,"
|
|
|
|
:" simple checksum,",
|
1998-06-29 14:30:57 +02:00
|
|
|
sk->protect.s2k.hash_algo );
|
|
|
|
if( sk->protect.s2k.mode == 1
|
1998-08-05 18:51:59 +02:00
|
|
|
|| sk->protect.s2k.mode == 3 ) {
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, ", salt: ");
|
1998-06-29 14:30:57 +02:00
|
|
|
for(i=0; i < 8; i++ )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "%02x", sk->protect.s2k.salt[i]);
|
1998-06-29 14:30:57 +02:00
|
|
|
}
|
2005-02-03 10:32:53 +01:00
|
|
|
putc ('\n', listfp);
|
1997-11-24 23:24:04 +01:00
|
|
|
}
|
1998-06-29 14:30:57 +02:00
|
|
|
|
1998-08-05 18:51:59 +02:00
|
|
|
if( sk->protect.s2k.mode == 3 ) {
|
|
|
|
if( pktlen < 1 ) {
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = G10ERR_INVALID_PACKET;
|
1998-03-09 22:44:06 +01:00
|
|
|
goto leave;
|
|
|
|
}
|
1998-08-05 18:51:59 +02:00
|
|
|
sk->protect.s2k.count = iobuf_get(inp);
|
|
|
|
pktlen--;
|
1998-09-28 21:25:31 +02:00
|
|
|
if( list_mode )
|
2011-07-22 14:00:08 +02:00
|
|
|
fprintf (listfp, "\tprotect count: %lu (%lu)\n",
|
|
|
|
(ulong)S2K_DECODE_COUNT
|
|
|
|
((ulong)sk->protect.s2k.count),
|
|
|
|
(ulong)sk->protect.s2k.count);
|
1998-03-09 22:44:06 +01:00
|
|
|
}
|
2003-09-30 10:00:08 +02:00
|
|
|
else if( sk->protect.s2k.mode == 1002 ) {
|
|
|
|
/* Read the serial number. */
|
|
|
|
if (pktlen < 1) {
|
|
|
|
rc = G10ERR_INVALID_PACKET;
|
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
snlen = iobuf_get (inp);
|
|
|
|
pktlen--;
|
2010-10-20 08:51:11 +02:00
|
|
|
if (pktlen < snlen || snlen == (size_t)(-1)) {
|
2003-09-30 10:00:08 +02:00
|
|
|
rc = G10ERR_INVALID_PACKET;
|
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
}
|
1998-06-29 14:30:57 +02:00
|
|
|
}
|
2002-10-03 00:01:29 +02:00
|
|
|
/* Note that a sk->protect.algo > 110 is illegal, but I'm
|
|
|
|
not erroring on it here as otherwise there would be no
|
|
|
|
way to delete such a key. */
|
1998-06-29 14:30:57 +02:00
|
|
|
else { /* old version; no S2K, so we set mode to 0, hash MD5 */
|
|
|
|
sk->protect.s2k.mode = 0;
|
2002-06-29 15:46:34 +02:00
|
|
|
sk->protect.s2k.hash_algo = DIGEST_ALGO_MD5;
|
1998-06-29 14:30:57 +02:00
|
|
|
if( list_mode )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "\tprotect algo: %d (hash algo: %d)\n",
|
1998-06-29 14:30:57 +02:00
|
|
|
sk->protect.algo, sk->protect.s2k.hash_algo );
|
|
|
|
}
|
1999-04-18 10:18:52 +02:00
|
|
|
/* It is really ugly that we don't know the size
|
|
|
|
* of the IV here in cases we are not aware of the algorithm.
|
|
|
|
* so a
|
|
|
|
* sk->protect.ivlen = cipher_get_blocksize(sk->protect.algo);
|
|
|
|
* won't work. The only solution I see is to hardwire it here.
|
1999-06-26 12:23:06 +02:00
|
|
|
* NOTE: if you change the ivlen above 16, don't forget to
|
|
|
|
* enlarge temp.
|
1999-04-18 10:18:52 +02:00
|
|
|
*/
|
|
|
|
switch( sk->protect.algo ) {
|
2008-03-17 19:20:39 +01:00
|
|
|
case 7: case 8: case 9: /* AES */
|
1999-04-18 10:18:52 +02:00
|
|
|
case 10: /* Twofish */
|
2008-04-17 19:40:30 +02:00
|
|
|
case 11: case 12: case 13: /* Camellia */
|
1999-04-18 10:18:52 +02:00
|
|
|
sk->protect.ivlen = 16;
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
sk->protect.ivlen = 8;
|
|
|
|
}
|
2000-07-14 19:34:53 +02:00
|
|
|
if( sk->protect.s2k.mode == 1001 )
|
|
|
|
sk->protect.ivlen = 0;
|
2003-09-30 10:00:08 +02:00
|
|
|
else if( sk->protect.s2k.mode == 1002 )
|
|
|
|
sk->protect.ivlen = snlen < 16? snlen : 16;
|
2000-07-14 19:34:53 +02:00
|
|
|
|
1999-04-18 10:18:52 +02:00
|
|
|
if( pktlen < sk->protect.ivlen ) {
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = G10ERR_INVALID_PACKET;
|
1998-06-29 14:30:57 +02:00
|
|
|
goto leave;
|
|
|
|
}
|
1999-04-18 10:18:52 +02:00
|
|
|
for(i=0; i < sk->protect.ivlen && pktlen; i++, pktlen-- )
|
1998-06-29 14:30:57 +02:00
|
|
|
temp[i] = iobuf_get_noeof(inp);
|
|
|
|
if( list_mode ) {
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp,
|
|
|
|
sk->protect.s2k.mode == 1002? "\tserial-number: "
|
|
|
|
: "\tprotect IV: ");
|
1999-04-18 10:18:52 +02:00
|
|
|
for(i=0; i < sk->protect.ivlen; i++ )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, " %02x", temp[i] );
|
|
|
|
putc ('\n', listfp);
|
1998-06-29 14:30:57 +02:00
|
|
|
}
|
1999-04-18 10:18:52 +02:00
|
|
|
memcpy(sk->protect.iv, temp, sk->protect.ivlen );
|
1998-06-29 14:30:57 +02:00
|
|
|
}
|
|
|
|
else
|
|
|
|
sk->is_protected = 0;
|
|
|
|
/* It does not make sense to read it into secure memory.
|
|
|
|
* If the user is so careless, not to protect his secret key,
|
|
|
|
* we can assume, that he operates an open system :=(.
|
|
|
|
* So we put the key into secure memory when we unprotect it. */
|
2011-07-22 14:00:08 +02:00
|
|
|
if( sk->protect.s2k.mode == 1001
|
2003-09-30 10:00:08 +02:00
|
|
|
|| sk->protect.s2k.mode == 1002 ) {
|
2000-07-14 19:34:53 +02:00
|
|
|
/* better set some dummy stuff here */
|
2005-07-27 20:10:56 +02:00
|
|
|
sk->skey[npkey] = mpi_set_opaque(NULL, xstrdup("dummydata"), 10);
|
2000-07-14 19:34:53 +02:00
|
|
|
pktlen = 0;
|
|
|
|
}
|
|
|
|
else if( is_v4 && sk->is_protected ) {
|
1998-08-08 21:27:00 +02:00
|
|
|
/* ugly; the length is encrypted too, so we read all
|
1998-08-05 18:51:59 +02:00
|
|
|
* stuff up to the end of the packet into the first
|
2000-07-14 19:34:53 +02:00
|
|
|
* skey element */
|
2015-04-05 19:42:59 +02:00
|
|
|
if (pktlen < 2) /* At least two bytes for the length. */
|
|
|
|
{
|
|
|
|
rc = G10ERR_INVALID_PACKET;
|
|
|
|
goto leave;
|
|
|
|
}
|
2002-06-29 15:46:34 +02:00
|
|
|
sk->skey[npkey] = mpi_set_opaque(NULL,
|
2004-03-03 01:09:16 +01:00
|
|
|
read_rest(inp, pktlen, 0),pktlen);
|
1998-08-05 18:51:59 +02:00
|
|
|
pktlen = 0;
|
1998-06-29 14:30:57 +02:00
|
|
|
if( list_mode ) {
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "\tencrypted stuff follows\n");
|
1998-08-05 18:51:59 +02:00
|
|
|
}
|
|
|
|
}
|
2002-06-29 15:46:34 +02:00
|
|
|
else { /* v3 method: the mpi length is not encrypted */
|
1998-08-05 18:51:59 +02:00
|
|
|
for(i=npkey; i < nskey; i++ ) {
|
2002-09-11 09:27:54 +02:00
|
|
|
if ( sk->is_protected ) {
|
|
|
|
sk->skey[i] = read_protected_v3_mpi (inp, &pktlen);
|
2011-07-22 14:00:08 +02:00
|
|
|
if( list_mode )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "\tskey[%d]: [encrypted]\n", i);
|
2002-09-11 09:27:54 +02:00
|
|
|
}
|
|
|
|
else {
|
2015-04-05 19:42:59 +02:00
|
|
|
if (pktlen < 2) /* At least two bytes for the length. */
|
|
|
|
{
|
|
|
|
rc = G10ERR_INVALID_PACKET;
|
|
|
|
goto leave;
|
|
|
|
}
|
2002-09-11 09:27:54 +02:00
|
|
|
n = pktlen;
|
|
|
|
sk->skey[i] = mpi_read(inp, &n, 0 );
|
|
|
|
pktlen -=n;
|
|
|
|
if( list_mode ) {
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "\tskey[%d]: ", i);
|
|
|
|
mpi_print(listfp, sk->skey[i], mpi_print_mode );
|
|
|
|
putc ('\n', listfp);
|
2002-09-11 09:27:54 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
if (!sk->skey[i])
|
|
|
|
rc = G10ERR_INVALID_PACKET;
|
1998-03-09 22:44:06 +01:00
|
|
|
}
|
2002-06-29 15:46:34 +02:00
|
|
|
if (rc)
|
|
|
|
goto leave;
|
1997-11-24 23:24:04 +01:00
|
|
|
|
2015-04-05 19:42:59 +02:00
|
|
|
if (pktlen < 2)
|
|
|
|
{
|
|
|
|
rc = G10ERR_INVALID_PACKET;
|
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
sk->csum = read_16(inp);
|
|
|
|
pktlen -= 2;
|
1998-08-05 18:51:59 +02:00
|
|
|
if( list_mode ) {
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "\tchecksum: %04hx\n", sk->csum);
|
1998-08-05 18:51:59 +02:00
|
|
|
}
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
1998-06-29 14:30:57 +02:00
|
|
|
}
|
|
|
|
else {
|
|
|
|
PKT_public_key *pk = pkt->pkt.public_key;
|
1997-11-18 15:06:00 +01:00
|
|
|
|
2015-04-05 19:42:59 +02:00
|
|
|
if (pktlen < 1)
|
|
|
|
{
|
|
|
|
rc = G10ERR_INVALID_PACKET;
|
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
|
1998-07-02 21:31:46 +02:00
|
|
|
if( !npkey ) {
|
2002-06-29 15:46:34 +02:00
|
|
|
pk->pkey[0] = mpi_set_opaque( NULL,
|
2004-03-03 01:09:16 +01:00
|
|
|
read_rest(inp, pktlen, 0), pktlen );
|
1999-05-08 19:35:16 +02:00
|
|
|
pktlen = 0;
|
1998-07-02 21:31:46 +02:00
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
|
1998-06-29 14:30:57 +02:00
|
|
|
for(i=0; i < npkey; i++ ) {
|
2015-04-05 19:42:59 +02:00
|
|
|
n = pktlen;
|
|
|
|
pk->pkey[i] = mpi_read(inp, &n, 0 );
|
|
|
|
pktlen -=n;
|
1997-11-18 15:06:00 +01:00
|
|
|
if( list_mode ) {
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "\tpkey[%d]: ", i);
|
|
|
|
mpi_print(listfp, pk->pkey[i], mpi_print_mode );
|
|
|
|
putc ('\n', listfp);
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
2002-06-29 15:46:34 +02:00
|
|
|
if (!pk->pkey[i])
|
|
|
|
rc = G10ERR_INVALID_PACKET;
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
2002-06-29 15:46:34 +02:00
|
|
|
if (rc)
|
|
|
|
goto leave;
|
2013-10-18 10:24:32 +02:00
|
|
|
|
|
|
|
if (list_mode)
|
|
|
|
keyid_from_pk (pk, keyid);
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
|
|
|
|
2013-10-18 10:24:32 +02:00
|
|
|
if (list_mode && npkey)
|
|
|
|
fprintf (listfp, "\tkeyid: %08lX%08lX\n",
|
|
|
|
(ulong) keyid[0], (ulong) keyid[1]);
|
|
|
|
|
1997-11-18 15:06:00 +01:00
|
|
|
leave:
|
2004-09-09 14:42:10 +02:00
|
|
|
iobuf_skip_rest(inp, pktlen, 0);
|
1998-02-24 19:50:46 +01:00
|
|
|
return rc;
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
/* Attribute subpackets have the same format as v4 signature
|
|
|
|
subpackets. This is not part of OpenPGP, but is done in several
|
|
|
|
versions of PGP nevertheless. */
|
|
|
|
int
|
|
|
|
parse_attribute_subpkts(PKT_user_id *uid)
|
|
|
|
{
|
|
|
|
size_t n;
|
|
|
|
int count=0;
|
|
|
|
struct user_attribute *attribs=NULL;
|
|
|
|
const byte *buffer=uid->attrib_data;
|
|
|
|
int buflen=uid->attrib_len;
|
|
|
|
byte type;
|
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
xfree(uid->attribs);
|
2002-06-29 15:46:34 +02:00
|
|
|
|
|
|
|
while(buflen)
|
|
|
|
{
|
|
|
|
n = *buffer++; buflen--;
|
|
|
|
if( n == 255 ) { /* 4 byte length header */
|
|
|
|
if( buflen < 4 )
|
|
|
|
goto too_short;
|
2015-02-22 05:10:32 +01:00
|
|
|
n = buf32_to_size_t (buffer);
|
|
|
|
buffer += 4;
|
2002-06-29 15:46:34 +02:00
|
|
|
buflen -= 4;
|
|
|
|
}
|
|
|
|
else if( n >= 192 ) { /* 2 byte special encoded length header */
|
|
|
|
if( buflen < 2 )
|
|
|
|
goto too_short;
|
|
|
|
n = (( n - 192 ) << 8) + *buffer + 192;
|
|
|
|
buffer++;
|
|
|
|
buflen--;
|
|
|
|
}
|
|
|
|
if( buflen < n )
|
|
|
|
goto too_short;
|
|
|
|
|
2014-11-24 19:38:04 +01:00
|
|
|
if (!n)
|
|
|
|
{
|
|
|
|
/* Too short to encode the subpacket type. */
|
|
|
|
if (opt.verbose)
|
|
|
|
log_info ("attribute subpacket too short\n");
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
attribs=xrealloc(attribs,(count+1)*sizeof(struct user_attribute));
|
2002-06-29 15:46:34 +02:00
|
|
|
memset(&attribs[count],0,sizeof(struct user_attribute));
|
|
|
|
|
|
|
|
type=*buffer;
|
|
|
|
buffer++;
|
|
|
|
buflen--;
|
|
|
|
n--;
|
|
|
|
|
|
|
|
attribs[count].type=type;
|
|
|
|
attribs[count].data=buffer;
|
|
|
|
attribs[count].len=n;
|
|
|
|
buffer+=n;
|
|
|
|
buflen-=n;
|
|
|
|
count++;
|
|
|
|
}
|
|
|
|
|
|
|
|
uid->attribs=attribs;
|
|
|
|
uid->numattribs=count;
|
|
|
|
return count;
|
|
|
|
|
|
|
|
too_short:
|
2005-09-02 21:23:33 +02:00
|
|
|
if(opt.verbose)
|
|
|
|
log_info("buffer shorter than attribute subpacket\n");
|
2002-06-29 15:46:34 +02:00
|
|
|
uid->attribs=attribs;
|
|
|
|
uid->numattribs=count;
|
|
|
|
return count;
|
|
|
|
}
|
|
|
|
|
1997-11-18 15:06:00 +01:00
|
|
|
|
|
|
|
static int
|
|
|
|
parse_user_id( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
|
|
|
|
{
|
|
|
|
byte *p;
|
|
|
|
|
2006-06-09 21:45:19 +02:00
|
|
|
/* Cap the size of a user ID at 2k: a value absurdly large enough
|
|
|
|
that there is no sane user ID string (which is printable text
|
|
|
|
as of RFC2440bis) that won't fit in it, but yet small enough to
|
|
|
|
avoid allocation problems. A large pktlen may not be
|
|
|
|
allocatable, and a very large pktlen could actually cause our
|
|
|
|
allocation to wrap around in xmalloc to a small number. */
|
|
|
|
|
2015-02-22 05:10:27 +01:00
|
|
|
if (pktlen > MAX_UID_PACKET_LENGTH)
|
2006-06-09 21:45:19 +02:00
|
|
|
{
|
|
|
|
log_error("packet(%d) too large\n", pkttype);
|
|
|
|
iobuf_skip_rest(inp, pktlen, 0);
|
|
|
|
return G10ERR_INVALID_PACKET;
|
|
|
|
}
|
|
|
|
|
2005-11-12 05:53:03 +01:00
|
|
|
packet->pkt.user_id = xmalloc_clear(sizeof *packet->pkt.user_id + pktlen);
|
1997-11-18 15:06:00 +01:00
|
|
|
packet->pkt.user_id->len = pktlen;
|
2005-11-12 05:53:03 +01:00
|
|
|
packet->pkt.user_id->ref=1;
|
2002-06-29 15:46:34 +02:00
|
|
|
|
1997-11-18 15:06:00 +01:00
|
|
|
p = packet->pkt.user_id->name;
|
1999-02-16 14:16:33 +01:00
|
|
|
for( ; pktlen; pktlen--, p++ )
|
1997-11-18 15:06:00 +01:00
|
|
|
*p = iobuf_get_noeof(inp);
|
1999-01-24 18:16:40 +01:00
|
|
|
*p = 0;
|
1997-11-18 15:06:00 +01:00
|
|
|
|
|
|
|
if( list_mode ) {
|
|
|
|
int n = packet->pkt.user_id->len;
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, ":user ID packet: \"");
|
2002-06-29 15:46:34 +02:00
|
|
|
/* fixme: Hey why don't we replace this with print_string?? */
|
1997-11-18 15:06:00 +01:00
|
|
|
for(p=packet->pkt.user_id->name; n; p++, n-- ) {
|
|
|
|
if( *p >= ' ' && *p <= 'z' )
|
2005-02-03 10:32:53 +01:00
|
|
|
putc (*p, listfp);
|
1997-11-18 15:06:00 +01:00
|
|
|
else
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "\\x%02x", *p );
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "\"\n");
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2002-09-10 10:40:12 +02:00
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
void
|
2002-09-10 10:40:12 +02:00
|
|
|
make_attribute_uidname(PKT_user_id *uid, size_t max_namelen)
|
2002-06-29 15:46:34 +02:00
|
|
|
{
|
2002-09-10 10:40:12 +02:00
|
|
|
assert ( max_namelen > 70 );
|
2002-06-29 15:46:34 +02:00
|
|
|
if(uid->numattribs<=0)
|
|
|
|
sprintf(uid->name,"[bad attribute packet of size %lu]",uid->attrib_len);
|
|
|
|
else if(uid->numattribs>1)
|
|
|
|
sprintf(uid->name,"[%d attributes of size %lu]",
|
|
|
|
uid->numattribs,uid->attrib_len);
|
|
|
|
else
|
|
|
|
{
|
|
|
|
/* Only one attribute, so list it as the "user id" */
|
|
|
|
|
|
|
|
if(uid->attribs->type==ATTRIB_IMAGE)
|
|
|
|
{
|
|
|
|
u32 len;
|
|
|
|
byte type;
|
|
|
|
|
|
|
|
if(parse_image_header(uid->attribs,&type,&len))
|
2002-09-10 10:40:12 +02:00
|
|
|
sprintf(uid->name,"[%.20s image of size %lu]",
|
2002-06-29 15:46:34 +02:00
|
|
|
image_type_to_string(type,1),(ulong)len);
|
|
|
|
else
|
|
|
|
sprintf(uid->name,"[invalid image]");
|
|
|
|
}
|
|
|
|
else
|
2002-07-01 18:47:22 +02:00
|
|
|
sprintf(uid->name,"[unknown attribute of size %lu]",
|
|
|
|
(ulong)uid->attribs->len);
|
2002-06-29 15:46:34 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
uid->len = strlen(uid->name);
|
|
|
|
}
|
1998-01-16 22:15:24 +01:00
|
|
|
|
2000-07-14 19:34:53 +02:00
|
|
|
static int
|
2002-06-29 15:46:34 +02:00
|
|
|
parse_attribute( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
|
2000-07-14 19:34:53 +02:00
|
|
|
{
|
|
|
|
byte *p;
|
|
|
|
|
2015-02-22 05:10:27 +01:00
|
|
|
(void)pkttype;
|
|
|
|
|
|
|
|
/* We better cap the size of an attribute packet to make DoS not
|
|
|
|
too easy. 16MB should be more then enough for one attribute
|
|
|
|
packet (ie. a photo). */
|
|
|
|
if (pktlen > MAX_ATTR_PACKET_LENGTH) {
|
|
|
|
log_error ("packet(%d) too large\n", pkttype);
|
|
|
|
if (list_mode)
|
|
|
|
fprintf (listfp, ":attribute packet: [too large]\n");
|
|
|
|
iobuf_skip_rest (inp, pktlen, 0);
|
|
|
|
return G10ERR_INVALID_PACKET;
|
|
|
|
}
|
|
|
|
|
2002-09-10 10:40:12 +02:00
|
|
|
#define EXTRA_UID_NAME_SPACE 71
|
2005-11-12 05:53:03 +01:00
|
|
|
packet->pkt.user_id = xmalloc_clear(sizeof *packet->pkt.user_id
|
|
|
|
+ EXTRA_UID_NAME_SPACE);
|
|
|
|
packet->pkt.user_id->ref=1;
|
2005-07-27 20:10:56 +02:00
|
|
|
packet->pkt.user_id->attrib_data = xmalloc(pktlen);
|
2002-06-29 15:46:34 +02:00
|
|
|
packet->pkt.user_id->attrib_len = pktlen;
|
2005-11-12 05:53:03 +01:00
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
p = packet->pkt.user_id->attrib_data;
|
2000-07-14 19:34:53 +02:00
|
|
|
for( ; pktlen; pktlen--, p++ )
|
|
|
|
*p = iobuf_get_noeof(inp);
|
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
/* Now parse out the individual attribute subpackets. This is
|
|
|
|
somewhat pointless since there is only one currently defined
|
|
|
|
attribute type (jpeg), but it is correct by the spec. */
|
|
|
|
parse_attribute_subpkts(packet->pkt.user_id);
|
|
|
|
|
2002-09-10 10:40:12 +02:00
|
|
|
make_attribute_uidname(packet->pkt.user_id, EXTRA_UID_NAME_SPACE);
|
2002-06-29 15:46:34 +02:00
|
|
|
|
2000-07-14 19:34:53 +02:00
|
|
|
if( list_mode ) {
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, ":attribute packet: %s\n", packet->pkt.user_id->name );
|
2000-07-14 19:34:53 +02:00
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
1998-01-16 22:15:24 +01:00
|
|
|
|
1998-02-11 04:25:44 +01:00
|
|
|
static int
|
|
|
|
parse_comment( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
|
1997-11-18 15:06:00 +01:00
|
|
|
{
|
1998-02-11 04:25:44 +01:00
|
|
|
byte *p;
|
|
|
|
|
2006-07-26 13:25:36 +02:00
|
|
|
/* Cap comment packet at a reasonable value to avoid an integer
|
|
|
|
overflow in the malloc below. Comment packets are actually not
|
|
|
|
anymore define my OpenPGP and we even stopped to use our
|
|
|
|
private comment packet. */
|
2015-02-22 05:10:27 +01:00
|
|
|
if (pktlen > MAX_COMMENT_PACKET_LENGTH)
|
2006-07-26 13:25:36 +02:00
|
|
|
{
|
|
|
|
log_error ("packet(%d) too large\n", pkttype);
|
|
|
|
iobuf_skip_rest (inp, pktlen, 0);
|
|
|
|
return G10ERR_INVALID_PACKET;
|
|
|
|
}
|
2005-07-27 20:10:56 +02:00
|
|
|
packet->pkt.comment = xmalloc(sizeof *packet->pkt.comment + pktlen - 1);
|
1998-02-11 04:25:44 +01:00
|
|
|
packet->pkt.comment->len = pktlen;
|
|
|
|
p = packet->pkt.comment->data;
|
|
|
|
for( ; pktlen; pktlen--, p++ )
|
|
|
|
*p = iobuf_get_noeof(inp);
|
|
|
|
|
1997-11-18 15:06:00 +01:00
|
|
|
if( list_mode ) {
|
1998-02-11 04:25:44 +01:00
|
|
|
int n = packet->pkt.comment->len;
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, ":%scomment packet: \"", pkttype == PKT_OLD_COMMENT?
|
2006-07-26 13:25:36 +02:00
|
|
|
"OpenPGP draft " : "GnuPG " );
|
1998-02-11 04:25:44 +01:00
|
|
|
for(p=packet->pkt.comment->data; n; p++, n-- ) {
|
|
|
|
if( *p >= ' ' && *p <= 'z' )
|
2005-02-03 10:32:53 +01:00
|
|
|
putc (*p, listfp);
|
1997-11-18 15:06:00 +01:00
|
|
|
else
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "\\x%02x", *p );
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "\"\n");
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
1998-02-11 04:25:44 +01:00
|
|
|
return 0;
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static void
|
1999-07-08 16:24:35 +02:00
|
|
|
parse_trust( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *pkt )
|
1997-11-18 15:06:00 +01:00
|
|
|
{
|
2002-06-29 15:46:34 +02:00
|
|
|
int c;
|
|
|
|
|
2015-02-22 05:10:28 +01:00
|
|
|
(void)pkttype;
|
|
|
|
|
|
|
|
pkt->pkt.ring_trust = xmalloc( sizeof *pkt->pkt.ring_trust );
|
2002-06-29 15:46:34 +02:00
|
|
|
if (pktlen)
|
|
|
|
{
|
|
|
|
c = iobuf_get_noeof(inp);
|
|
|
|
pktlen--;
|
|
|
|
pkt->pkt.ring_trust->trustval = c;
|
|
|
|
pkt->pkt.ring_trust->sigcache = 0;
|
|
|
|
if (!c && pktlen==1)
|
|
|
|
{
|
|
|
|
c = iobuf_get_noeof (inp);
|
|
|
|
pktlen--;
|
|
|
|
/* we require that bit 7 of the sigcache is 0 (easier eof handling)*/
|
|
|
|
if ( !(c & 0x80) )
|
|
|
|
pkt->pkt.ring_trust->sigcache = c;
|
|
|
|
}
|
|
|
|
if( list_mode )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, ":trust packet: flag=%02x sigcache=%02x\n",
|
2002-06-29 15:46:34 +02:00
|
|
|
pkt->pkt.ring_trust->trustval,
|
|
|
|
pkt->pkt.ring_trust->sigcache);
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
2015-02-22 05:10:28 +01:00
|
|
|
pkt->pkt.ring_trust->trustval = 0;
|
|
|
|
pkt->pkt.ring_trust->sigcache = 0;
|
|
|
|
if (list_mode)
|
|
|
|
fprintf (listfp, ":trust packet: empty\n");
|
2002-06-29 15:46:34 +02:00
|
|
|
}
|
2004-09-09 14:42:10 +02:00
|
|
|
iobuf_skip_rest (inp, pktlen, 0);
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
1998-07-02 21:31:46 +02:00
|
|
|
parse_plaintext( IOBUF inp, int pkttype, unsigned long pktlen,
|
2004-03-03 01:09:16 +01:00
|
|
|
PACKET *pkt, int new_ctb, int partial )
|
1997-11-18 15:06:00 +01:00
|
|
|
{
|
2002-06-29 15:46:34 +02:00
|
|
|
int rc = 0;
|
2004-03-03 01:09:16 +01:00
|
|
|
int mode, namelen;
|
1997-11-18 15:06:00 +01:00
|
|
|
PKT_plaintext *pt;
|
|
|
|
byte *p;
|
|
|
|
int c, i;
|
|
|
|
|
2004-03-03 01:09:16 +01:00
|
|
|
if( !partial && pktlen < 6 ) {
|
1997-11-18 15:06:00 +01:00
|
|
|
log_error("packet(%d) too short (%lu)\n", pkttype, (ulong)pktlen);
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = G10ERR_INVALID_PACKET;
|
1997-11-18 15:06:00 +01:00
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
mode = iobuf_get_noeof(inp); if( pktlen ) pktlen--;
|
|
|
|
namelen = iobuf_get_noeof(inp); if( pktlen ) pktlen--;
|
2006-07-26 13:25:36 +02:00
|
|
|
/* Note that namelen will never exceeds 255 byte. */
|
2005-07-27 20:10:56 +02:00
|
|
|
pt = pkt->pkt.plaintext = xmalloc(sizeof *pkt->pkt.plaintext + namelen -1);
|
1998-07-02 21:31:46 +02:00
|
|
|
pt->new_ctb = new_ctb;
|
1997-11-18 15:06:00 +01:00
|
|
|
pt->mode = mode;
|
|
|
|
pt->namelen = namelen;
|
2002-06-29 15:46:34 +02:00
|
|
|
pt->is_partial = partial;
|
1997-11-18 15:06:00 +01:00
|
|
|
if( pktlen ) {
|
|
|
|
for( i=0; pktlen > 4 && i < namelen; pktlen--, i++ )
|
|
|
|
pt->name[i] = iobuf_get_noeof(inp);
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
for( i=0; i < namelen; i++ )
|
|
|
|
if( (c=iobuf_get(inp)) == -1 )
|
|
|
|
break;
|
|
|
|
else
|
|
|
|
pt->name[i] = c;
|
|
|
|
}
|
|
|
|
pt->timestamp = read_32(inp); if( pktlen) pktlen -= 4;
|
|
|
|
pt->len = pktlen;
|
|
|
|
pt->buf = inp;
|
|
|
|
pktlen = 0;
|
|
|
|
|
|
|
|
if( list_mode ) {
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, ":literal data packet:\n"
|
2004-07-15 23:00:35 +02:00
|
|
|
"\tmode %c (%X), created %lu, name=\"",
|
|
|
|
mode >= ' ' && mode <'z'? mode : '?', mode,
|
1998-02-03 13:09:20 +01:00
|
|
|
(ulong)pt->timestamp );
|
1997-11-18 15:06:00 +01:00
|
|
|
for(p=pt->name,i=0; i < namelen; p++, i++ ) {
|
|
|
|
if( *p >= ' ' && *p <= 'z' )
|
2005-02-03 10:32:53 +01:00
|
|
|
putc (*p, listfp);
|
1997-11-18 15:06:00 +01:00
|
|
|
else
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "\\x%02x", *p );
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "\",\n\traw data: ");
|
2004-03-03 01:09:16 +01:00
|
|
|
if(partial)
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "unknown length\n");
|
2004-03-03 01:09:16 +01:00
|
|
|
else
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "%lu bytes\n", (ulong)pt->len );
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
leave:
|
2002-06-29 15:46:34 +02:00
|
|
|
return rc;
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
1998-07-02 21:31:46 +02:00
|
|
|
parse_compressed( IOBUF inp, int pkttype, unsigned long pktlen,
|
|
|
|
PACKET *pkt, int new_ctb )
|
1997-11-18 15:06:00 +01:00
|
|
|
{
|
|
|
|
PKT_compressed *zd;
|
|
|
|
|
|
|
|
/* pktlen is here 0, but data follows
|
|
|
|
* (this should be the last object in a file or
|
|
|
|
* the compress algorithm should know the length)
|
|
|
|
*/
|
2005-07-27 20:10:56 +02:00
|
|
|
zd = pkt->pkt.compressed = xmalloc(sizeof *pkt->pkt.compressed );
|
1997-11-18 15:06:00 +01:00
|
|
|
zd->algorithm = iobuf_get_noeof(inp);
|
2011-07-22 14:00:08 +02:00
|
|
|
zd->len = 0; /* not used */
|
1998-07-02 21:31:46 +02:00
|
|
|
zd->new_ctb = new_ctb;
|
1997-11-18 15:06:00 +01:00
|
|
|
zd->buf = inp;
|
|
|
|
if( list_mode )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, ":compressed packet: algo=%d\n", zd->algorithm);
|
1997-11-18 15:06:00 +01:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
1998-07-02 21:31:46 +02:00
|
|
|
parse_encrypted( IOBUF inp, int pkttype, unsigned long pktlen,
|
2004-03-03 01:09:16 +01:00
|
|
|
PACKET *pkt, int new_ctb, int partial )
|
1997-11-18 15:06:00 +01:00
|
|
|
{
|
2002-06-29 15:46:34 +02:00
|
|
|
int rc = 0;
|
1997-12-01 11:33:23 +01:00
|
|
|
PKT_encrypted *ed;
|
2002-06-29 15:46:34 +02:00
|
|
|
unsigned long orig_pktlen = pktlen;
|
1997-11-18 15:06:00 +01:00
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
ed = pkt->pkt.encrypted = xmalloc(sizeof *pkt->pkt.encrypted );
|
1997-11-18 15:06:00 +01:00
|
|
|
ed->len = pktlen;
|
2002-06-29 15:46:34 +02:00
|
|
|
/* we don't know the extralen which is (cipher_blocksize+2)
|
|
|
|
because the algorithm ist not specified in this packet.
|
2002-08-30 18:34:13 +02:00
|
|
|
However, it is only important to know this for some sanity
|
|
|
|
checks on the packet length - it doesn't matter that we can't
|
2002-06-29 15:46:34 +02:00
|
|
|
do it */
|
|
|
|
ed->extralen = 0;
|
1997-11-18 15:06:00 +01:00
|
|
|
ed->buf = NULL;
|
1998-07-02 21:31:46 +02:00
|
|
|
ed->new_ctb = new_ctb;
|
2004-03-03 01:09:16 +01:00
|
|
|
ed->is_partial = partial;
|
1999-05-17 22:03:24 +02:00
|
|
|
ed->mdc_method = 0;
|
|
|
|
if( pkttype == PKT_ENCRYPTED_MDC ) {
|
|
|
|
/* fixme: add some pktlen sanity checks */
|
2000-07-14 19:34:53 +02:00
|
|
|
int version;
|
1999-05-17 22:03:24 +02:00
|
|
|
|
2011-07-22 14:00:08 +02:00
|
|
|
version = iobuf_get_noeof(inp);
|
2002-06-29 15:46:34 +02:00
|
|
|
if (orig_pktlen)
|
|
|
|
pktlen--;
|
1999-05-17 22:03:24 +02:00
|
|
|
if( version != 1 ) {
|
|
|
|
log_error("encrypted_mdc packet with unknown version %d\n",
|
|
|
|
version);
|
2002-06-29 15:46:34 +02:00
|
|
|
/*skip_rest(inp, pktlen); should we really do this? */
|
|
|
|
rc = G10ERR_INVALID_PACKET;
|
1999-05-17 22:03:24 +02:00
|
|
|
goto leave;
|
|
|
|
}
|
2002-06-29 15:46:34 +02:00
|
|
|
ed->mdc_method = DIGEST_ALGO_SHA1;
|
1999-05-17 22:03:24 +02:00
|
|
|
}
|
2002-06-29 15:46:34 +02:00
|
|
|
if( orig_pktlen && pktlen < 10 ) { /* actually this is blocksize+2 */
|
1997-11-18 15:06:00 +01:00
|
|
|
log_error("packet(%d) too short\n", pkttype);
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = G10ERR_INVALID_PACKET;
|
2004-09-09 14:42:10 +02:00
|
|
|
iobuf_skip_rest(inp, pktlen, partial);
|
1997-11-18 15:06:00 +01:00
|
|
|
goto leave;
|
|
|
|
}
|
1998-04-14 19:51:16 +02:00
|
|
|
if( list_mode ) {
|
2002-06-29 15:46:34 +02:00
|
|
|
if( orig_pktlen )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, ":encrypted data packet:\n\tlength: %lu\n",
|
|
|
|
orig_pktlen);
|
1997-11-18 15:06:00 +01:00
|
|
|
else
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, ":encrypted data packet:\n\tlength: unknown\n");
|
1999-05-17 22:03:24 +02:00
|
|
|
if( ed->mdc_method )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "\tmdc_method: %d\n", ed->mdc_method );
|
1998-04-14 19:51:16 +02:00
|
|
|
}
|
1997-11-18 15:06:00 +01:00
|
|
|
|
|
|
|
ed->buf = inp;
|
|
|
|
|
|
|
|
leave:
|
2002-06-29 15:46:34 +02:00
|
|
|
return rc;
|
1997-11-18 15:06:00 +01:00
|
|
|
}
|
|
|
|
|
2000-07-14 19:34:53 +02:00
|
|
|
|
|
|
|
static int
|
|
|
|
parse_mdc( IOBUF inp, int pkttype, unsigned long pktlen,
|
|
|
|
PACKET *pkt, int new_ctb )
|
|
|
|
{
|
2002-06-29 15:46:34 +02:00
|
|
|
int rc = 0;
|
2000-07-14 19:34:53 +02:00
|
|
|
PKT_mdc *mdc;
|
|
|
|
byte *p;
|
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
mdc = pkt->pkt.mdc= xmalloc(sizeof *pkt->pkt.mdc );
|
2000-07-14 19:34:53 +02:00
|
|
|
if( list_mode )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, ":mdc packet: length=%lu\n", pktlen);
|
2000-07-14 19:34:53 +02:00
|
|
|
if( !new_ctb || pktlen != 20 ) {
|
|
|
|
log_error("mdc_packet with invalid encoding\n");
|
2002-06-29 15:46:34 +02:00
|
|
|
rc = G10ERR_INVALID_PACKET;
|
2000-07-14 19:34:53 +02:00
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
p = mdc->hash;
|
|
|
|
for( ; pktlen; pktlen--, p++ )
|
|
|
|
*p = iobuf_get_noeof(inp);
|
|
|
|
|
|
|
|
leave:
|
2002-06-29 15:46:34 +02:00
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
2006-07-26 13:25:36 +02:00
|
|
|
* This packet is internally generated by GPG (by armor.c) to
|
2002-06-29 15:46:34 +02:00
|
|
|
* transfer some information to the lower layer. To make sure that
|
|
|
|
* this packet is really a GPG faked one and not one comming from outside,
|
2006-07-26 13:25:36 +02:00
|
|
|
* we first check that there is a unique tag in it.
|
2002-06-29 15:46:34 +02:00
|
|
|
* The format of such a control packet is:
|
|
|
|
* n byte session marker
|
|
|
|
* 1 byte control type CTRLPKT_xxxxx
|
|
|
|
* m byte control data
|
|
|
|
*/
|
|
|
|
|
|
|
|
static int
|
2004-03-03 01:09:16 +01:00
|
|
|
parse_gpg_control( IOBUF inp, int pkttype,
|
|
|
|
unsigned long pktlen, PACKET *packet, int partial )
|
2002-06-29 15:46:34 +02:00
|
|
|
{
|
|
|
|
byte *p;
|
|
|
|
const byte *sesmark;
|
|
|
|
size_t sesmarklen;
|
|
|
|
int i;
|
|
|
|
|
|
|
|
if ( list_mode )
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, ":packet 63: length %lu ", pktlen);
|
2002-06-29 15:46:34 +02:00
|
|
|
|
|
|
|
sesmark = get_session_marker ( &sesmarklen );
|
|
|
|
if ( pktlen < sesmarklen+1 ) /* 1 is for the control bytes */
|
|
|
|
goto skipit;
|
|
|
|
for( i=0; i < sesmarklen; i++, pktlen-- ) {
|
|
|
|
if ( sesmark[i] != iobuf_get_noeof(inp) )
|
|
|
|
goto skipit;
|
|
|
|
}
|
2006-07-26 13:25:36 +02:00
|
|
|
if (pktlen > 4096)
|
|
|
|
goto skipit; /* Definitely too large. We skip it to avoid an
|
|
|
|
overflow in the malloc. */
|
2002-06-29 15:46:34 +02:00
|
|
|
if ( list_mode )
|
|
|
|
puts ("- gpg control packet");
|
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
packet->pkt.gpg_control = xmalloc(sizeof *packet->pkt.gpg_control
|
2002-06-29 15:46:34 +02:00
|
|
|
+ pktlen - 1);
|
|
|
|
packet->pkt.gpg_control->control = iobuf_get_noeof(inp); pktlen--;
|
|
|
|
packet->pkt.gpg_control->datalen = pktlen;
|
|
|
|
p = packet->pkt.gpg_control->data;
|
|
|
|
for( ; pktlen; pktlen--, p++ )
|
|
|
|
*p = iobuf_get_noeof(inp);
|
|
|
|
|
2000-07-14 19:34:53 +02:00
|
|
|
return 0;
|
2002-06-29 15:46:34 +02:00
|
|
|
|
|
|
|
skipit:
|
|
|
|
if ( list_mode ) {
|
|
|
|
int c;
|
|
|
|
|
|
|
|
i=0;
|
2005-02-03 10:32:53 +01:00
|
|
|
fprintf (listfp, "- private (rest length %lu)\n", pktlen);
|
2004-03-03 01:09:16 +01:00
|
|
|
if( partial ) {
|
2002-06-29 15:46:34 +02:00
|
|
|
while( (c=iobuf_get(inp)) != -1 )
|
|
|
|
dump_hex_line(c, &i);
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
for( ; pktlen; pktlen-- )
|
2010-06-18 10:08:21 +02:00
|
|
|
{
|
|
|
|
dump_hex_line ((c=iobuf_get (inp)), &i);
|
|
|
|
if (c == -1)
|
|
|
|
break;
|
|
|
|
}
|
2002-06-29 15:46:34 +02:00
|
|
|
}
|
2005-02-03 10:32:53 +01:00
|
|
|
putc ('\n', listfp);
|
2002-06-29 15:46:34 +02:00
|
|
|
}
|
2004-09-09 14:42:10 +02:00
|
|
|
iobuf_skip_rest(inp,pktlen, 0);
|
2002-06-29 15:46:34 +02:00
|
|
|
return G10ERR_INVALID_PACKET;
|
2000-07-14 19:34:53 +02:00
|
|
|
}
|
|
|
|
|
2002-06-29 15:46:34 +02:00
|
|
|
/* create a gpg control packet to be used internally as a placeholder */
|
|
|
|
PACKET *
|
|
|
|
create_gpg_control( ctrlpkttype_t type, const byte *data, size_t datalen )
|
|
|
|
{
|
|
|
|
PACKET *packet;
|
|
|
|
byte *p;
|
|
|
|
|
2005-07-27 20:10:56 +02:00
|
|
|
packet = xmalloc( sizeof *packet );
|
2002-06-29 15:46:34 +02:00
|
|
|
init_packet(packet);
|
|
|
|
packet->pkttype = PKT_GPG_CONTROL;
|
2005-07-27 20:10:56 +02:00
|
|
|
packet->pkt.gpg_control = xmalloc(sizeof *packet->pkt.gpg_control
|
2002-06-29 15:46:34 +02:00
|
|
|
+ datalen - 1);
|
|
|
|
packet->pkt.gpg_control->control = type;
|
|
|
|
packet->pkt.gpg_control->datalen = datalen;
|
|
|
|
p = packet->pkt.gpg_control->data;
|
|
|
|
for( ; datalen; datalen--, p++ )
|
|
|
|
*p = *data++;
|
|
|
|
|
|
|
|
return packet;
|
|
|
|
}
|