security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

See ChangeLog: Fri Oct 6 14:29:16 CEST 2000 Werner Koch

This commit is contained in:
Werner Koch 2000-10-06 12:28:44 +00:00
parent 9c20f65cbe
commit 14974bc5d7
18 changed files with 470 additions and 1332 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
NEWS
View File

@ -5,6 +5,8 @@ Noteworthy changes in the current CVS HEAD
* Add Rijndael (AES) support.
* Removed gdbm support.
* Fixed problems with piping to/from other MS-Windows software
* Expiration time of the primary key can be changed again.
@ -28,8 +30,6 @@ Noteworthy changes in the current CVS HEAD
* Twofish and MDC enhanced encryption is now used. PGP 7 supports
this. Older versions of GnuPG don't support it, so they should be
upgraded to at least 1.0.2
Noteworthy changes in version 1.1.1

17
configure.in
View File

@ -184,7 +184,6 @@ MPI_OPT_FLAGS=""
try_gettext=yes
try_gdbm=yes
case "${target}" in
*-*-mingw32*)
# special stuff for Windoze NT
@ -194,7 +193,6 @@ case "${target}" in
AC_DEFINE(HAVE_DOSISH_SYSTEM)
AC_DEFINE(USE_SIMPLE_GETTEXT)
try_gettext="no"
try_gdbm="no"
;;
i?86-emx-os2 | i?86-*-os2*emx )
# OS/2 with the EMX environment
@ -202,7 +200,6 @@ case "${target}" in
AC_DEFINE(HAVE_DRIVE_LETTERS)
AC_DEFINE(HAVE_DOSISH_SYSTEM)
try_gettext="no"
try_gdbm="no"
;;
i?86-*-msdosdjgpp*)
@ -211,7 +208,6 @@ case "${target}" in
AC_DEFINE(HAVE_DRIVE_LETTERS)
AC_DEFINE(HAVE_DOSISH_SYSTEM)
try_gettext="no"
try_gdbm="no"
;;
*-*-freebsd*)
@ -331,19 +327,6 @@ fi
AM_CONDITIONAL(COMPILE_AGENT, test x$compile_agent = xyes)
dnl
dnl There are lot of misconfigured systems. We include
dnl gdbm support only if the lib and the header is installed.
dnl
if test "$try_gdbm" = yes; then
AC_CHECK_HEADERS(gdbm.h)
if test "$ac_cv_header_gdbm_h" = yes ; then
AC_CHECK_LIB(gdbm,gdbm_firstkey)
fi
fi
dnl Solaris needs -lsocket and -lnsl. Unisys system includes
dnl gethostbyname in libsocket but needs libnsl for socket.
AC_CHECK_LIB(nsl, gethostbyname)

34
g10/ChangeLog
View File

@ -1,3 +1,37 @@
Fri Oct 6 14:29:16 CEST 2000 Werner Koch <wk@openit.de>
Started to rework the whole getkey/ringedit stuff to make
it simpler, correcter and faster.
* parse-packet.c (parse_packet): Add a 3rd arg to return the filepos.
Changed all callers.
* getkey.c (classify_user_id): Add new mode 21.
(find_by_fpr): Find using this new mode.
(get_seckey_byname): New arg to return the context. Changed all
callers.
* keyid.c (unified_fingerprint_from_pk): New.
(unified_fingerprint_from_sk): New.
* ringedit.c (find_keyblock_bypk): Changed to use the unified
fingerprint for lookup. I can't see a reason why we did compare
the entire public key.
(find_keyblock_bysk): Ditto.
(search,cmp_pubkey,cmp_seckey): Removed.
(keyring_search, do_kbxf_search): Removed.
(locate_keyblock_by_fpr,locate_keyblock_by_keyid): Removed.
(find_keyblock_byname): Removed use o search function.
(find_secret_keyblock_byname): Ditto.
(merge_public_with_secret): Fixed removing subkeys.
(premerge_public_with_secret): New.
* ringedit.c: Removed all GDBM support
* ringedit.c (read_keyblock): Removed.
* ringedit.c (find_keyblock_byname,find_secret_keyblock_byname,
find_keyblock_bypk,find_keyblock_bysk): Moved from here to ....
* getkey.c: ... here. Changed first arg to return a keyblock and
changed all callers to merge the old read_keyblock() with these
functions.
Wed Oct 4 13:16:18 CEST 2000 Werner Koch <wk@openit.de>
* getkey.c (merge_selfsigs_main): Fixed for v3 keys.

13
g10/delkey.c
View File

@ -58,21 +58,14 @@ delete_key( const char *username, int secret )
int yes;
/* search the userid */
rc = secret? find_secret_keyblock_byname( &kbpos, username )
: find_keyblock_byname( &kbpos, username );
rc = secret? find_secret_keyblock_byname( &keyblock, username )
: find_keyblock_byname( &keyblock, username );
if( rc ) {
log_error(_("%s: user not found\n"), username );
log_error(_("%s: user not found: %s\n"), username, gpg_errstr(rc) );
write_status_text( STATUS_DELETE_PROBLEM, "1" );
goto leave;
}
/* read the keyblock */
rc = read_keyblock( &kbpos, &keyblock );
if( rc ) {
log_error("%s: read problem: %s\n", username, gpg_errstr(rc) );
goto leave;
}
/* get the keyid from the keyblock */
node = find_kbnode( keyblock, secret? PKT_SECRET_KEY:PKT_PUBLIC_KEY );
if( !node ) {

11
g10/export.c
View File

@ -147,22 +147,15 @@ do_export_stream( IOBUF out, STRLIST users, int secret, int onlyrfc, int *any )
}
else {
/* search the userid */
rc = secret? find_secret_keyblock_byname( &kbpos, sl->d )
: find_keyblock_byname( &kbpos, sl->d );
rc = secret? find_secret_keyblock_byname( &keyblock, sl->d )
: find_keyblock_byname( &keyblock, sl->d );
if( rc ) {
log_error(_("%s: user not found: %s\n"), sl->d, gpg_errstr(rc));
rc = 0;
continue;
}
/* read the keyblock */
rc = read_keyblock( &kbpos, &keyblock );
}
if( rc ) {
log_error(_("certificate read problem: %s\n"), gpg_errstr(rc));
goto leave;
}
/* do not export keys which are incompatible with rfc2440 */
if( onlyrfc && (node = find_kbnode( keyblock, PKT_PUBLIC_KEY )) ) {

250
g10/getkey.c
View File

@ -112,10 +112,6 @@ struct getkey_ctx_s {
getkey_item_t items[1];
};
#if 0
static struct {
int any;
@ -595,6 +591,8 @@ hextobyte( const byte *s )
* 12 = it is a trustdb index (keyid is looked up)
* 16 = it is a 16 byte fingerprint
* 20 = it is a 20 byte fingerprint
* 21 = Unified fingerprint :fpr:pk_algo:
* (We don't use pk_algo yet)
*
* if fprint is not NULL, it should be an array of at least 20 bytes.
*
@ -606,6 +604,8 @@ hextobyte( const byte *s )
* must be in the range 0..9), this is considered a fingerprint.
* - If the username starts with a left angle, we assume it is a complete
* email address and look only at this part.
* - If the username starts with a colon we assume it is a unified
* key specfification.
* - If the username starts with a '.', we assume it is the ending
* part of an email address
* - If the username starts with an '@', we assume it is a part of an
@ -674,7 +674,32 @@ classify_user_id( const char *name, u32 *keyid, byte *fprint,
keyid[0] = keyid[1] = 0;
}
break;
case ':': /*Unified fingerprint */
{
const char *se, *si;
int i;
se = strchr( ++s,':');
if ( !se )
return 0;
for (i=0,si=s; si < se; si++, i++ ) {
if ( !strchr("01234567890abcdefABCDEF", *si ) )
return 0; /* invalid digit */
}
if (i != 32 && i != 40)
return 0; /* invalid length of fpr*/
if (fprint) {
for (i=0,si=s; si < se; i++, si +=2)
fprint[i] = hextobyte(si);
for ( ; i < 20; i++)
fprint[i]= 0;
}
s = se + 1;
mode = 21;
}
break;
default:
if (s[0] == '0' && s[1] == 'x') {
hexprefix = 1;
@ -803,7 +828,8 @@ key_byname( GETKEY_CTX *retctx, STRLIST namelist,
/* if we don't use one of the exact key specifications, we assume that
* the primary key is requested */
if ( mode != 10 && mode != 11 && mode != 16 && mode == 20 )
if ( mode != 10 && mode != 11
&& mode != 16 && mode == 20 && mode != 21 )
ctx->primary = 1;
ctx->items[n].mode = mode;
@ -836,6 +862,10 @@ key_byname( GETKEY_CTX *retctx, STRLIST namelist,
}
}
if (!rc )
log_debug ( "pk_byname: kbpos %s %lu %p\n",
ctx->kbpos.valid? "valid":"",
ctx->kbpos.offset, ctx->kbpos.fp );
release_kbnode ( help_kb );
if( retctx ) /* caller wants the context */
@ -883,6 +913,7 @@ get_pubkey_next( GETKEY_CTX ctx, PKT_public_key *pk, KBNODE *ret_keyblock )
return rc;
}
void
get_pubkey_end( GETKEY_CTX ctx )
{
@ -897,8 +928,66 @@ get_pubkey_end( GETKEY_CTX ctx )
}
}
/****************
* Combined function to search for a username and get the position
* of the keyblock.
*/
int
find_keyblock_byname( KBNODE *retblock, const char *username )
{
PKT_public_key *pk = gcry_xcalloc( 1, sizeof *pk );
int rc;
rc = get_pubkey_byname( NULL, pk, username, retblock );
free_public_key(pk);
return rc;
}
/****************
* Combined function to search for a key and get the position
* of the keyblock. Used for merging while importing keys.
*/
int
find_keyblock_bypk( KBNODE *retblock, PKT_public_key *pk )
{
char ufpr[50];
unified_fingerprint_from_pk( pk, ufpr, sizeof ufpr );
return find_keyblock_byname( retblock, ufpr );
}
int
find_kblocation_bypk( void *re_opaque, PKT_public_key *pk )
{
PKT_public_key *dummy_pk = gcry_xcalloc( 1, sizeof *pk );
char ufpr[50];
GETKEY_CTX ctx;
int rc;
unified_fingerprint_from_pk( pk, ufpr, sizeof ufpr );
/* FIXME: There is no need to return any informaton, we just
* wnat to know the location. Using the general lookup function
* has the problem that we might not get the key becuase it has expired
* or due to some similar probelm. A solotion would be a locate-only
* flag in the ctx */
rc = get_pubkey_byname( &ctx, dummy_pk, ufpr, NULL );
free_public_key(dummy_pk);
if ( !rc )
ringedit_copy_kbpos( re_opaque, &ctx->kbpos );
get_pubkey_end( ctx );
return rc;
}
/****************
* Search for a key with the given fingerprint.
* FIXME:
* We should replace this with the _byname function. Thiscsan be done
* by creating a userID conforming to the unified fingerprint style.
*/
int
get_pubkey_byfprint( PKT_public_key *pk,
@ -988,19 +1077,23 @@ get_keyblock_bylid( KBNODE *ret_keyblock, ulong lid )
* If NAME is NULL use the default key
*/
int
get_seckey_byname( PKT_secret_key *sk, const char *name, int unprotect )
get_seckey_byname( GETKEY_CTX *retctx,
PKT_secret_key *sk, const char *name, int unprotect,
KBNODE *retblock )
{
STRLIST namelist = NULL;
int rc;
if( !name && opt.def_secret_key && *opt.def_secret_key ) {
add_to_strlist( &namelist, opt.def_secret_key );
rc = key_byname( NULL, namelist, NULL, sk, NULL );
rc = key_byname( retctx, namelist, NULL, sk, retblock );
}
else if( !name ) { /* use the first one as default key */
struct getkey_ctx_s ctx;
KBNODE kb = NULL;
assert (!retctx ); /* do we need this at all */
assert (!retblock);
memset( &ctx, 0, sizeof ctx );
ctx.not_allocated = 1;
ctx.primary = 1;
@ -1014,7 +1107,7 @@ get_seckey_byname( PKT_secret_key *sk, const char *name, int unprotect )
}
else {
add_to_strlist( &namelist, name );
rc = key_byname( NULL, namelist, NULL, sk, NULL );
rc = key_byname( retctx, namelist, NULL, sk, retblock );
}
free_strlist( namelist );
@ -1045,6 +1138,7 @@ get_seckey_next( GETKEY_CTX ctx, PKT_secret_key *sk, KBNODE *ret_keyblock )
return rc;
}
void
get_seckey_end( GETKEY_CTX ctx )
{
@ -1052,6 +1146,57 @@ get_seckey_end( GETKEY_CTX ctx )
}
/****************
* Combined function to search for a username and get the position
* of the keyblock. This function does not unprotect the secret key.
*/
int
find_secret_keyblock_byname( KBNODE *retblock, const char *username )
{
PKT_secret_key *sk = gcry_xcalloc( 1, sizeof *sk );
int rc;
rc = get_seckey_byname( NULL, sk, username, 0, retblock );
free_secret_key(sk);
return rc;
}
/****************
* Combined function to search for a key and get the position
* of the keyblock.
*/
int
find_keyblock_bysk( KBNODE *retblock, PKT_secret_key *sk )
{
char ufpr[50];
unified_fingerprint_from_sk( sk, ufpr, sizeof ufpr );
return find_secret_keyblock_byname( retblock, ufpr );
}
int
find_kblocation_bysk( void *re_opaque, PKT_secret_key *sk )
{
PKT_secret_key *dummy_sk = gcry_xcalloc( 1, sizeof *sk );
char ufpr[50];
GETKEY_CTX ctx;
int rc;
unified_fingerprint_from_sk( sk, ufpr, sizeof ufpr );
rc = get_seckey_byname( &ctx, dummy_sk, ufpr, 0, NULL );
free_secret_key(dummy_sk);
if ( !rc )
ringedit_copy_kbpos( re_opaque, &ctx->kbpos );
get_seckey_end( ctx );
return rc;
}
/*******************************************************
************** compare functions **********************
@ -1728,8 +1873,6 @@ void
merge_public_with_secret ( KBNODE pubblock, KBNODE secblock )
{
KBNODE pub;
int deleting = 0;
int any_deleted = 0;
assert ( pubblock->pkt->pkttype == PKT_PUBLIC_KEY );
assert ( secblock->pkt->pkttype == PKT_SECRET_KEY );
@ -1750,7 +1893,6 @@ merge_public_with_secret ( KBNODE pubblock, KBNODE secblock )
KBNODE sec;
PKT_public_key *pk = pub->pkt->pkt.public_key;
deleting = 0;
/* this is more complicated: it may happen that the sequence
* of the subkeys dosn't match, so we have to find the
* appropriate secret key */
@ -1766,26 +1908,57 @@ merge_public_with_secret ( KBNODE pubblock, KBNODE secblock )
}
}
}
if ( !sec ) {
log_error ( "no corresponding secret subkey "
"for public subkey - removing\n" );
/* better remove the public subkey in this case */
delete_kbnode ( pub );
deleting = 1;
any_deleted = 1;
}
}
else if ( deleting ) {
delete_kbnode (pub);
if ( !sec )
BUG(); /* already checked in premerge */
}
}
}
if ( any_deleted ) {
/* because we have not deleted the root node, we don't need to
* update the pubblock */
pub = pubblock;
commit_kbnode ( &pubblock );
assert ( pub == pubblock );
/* This function checks that for every public subkey a corresponding
* secret subkey is avalable and deletes the public subkey otherwise.
* We need this function becuase we can'tdelete it later when we
* actually merge the secret parts into the pubring.
*/
void
premerge_public_with_secret ( KBNODE pubblock, KBNODE secblock )
{
KBNODE last, pub;
assert ( pubblock->pkt->pkttype == PKT_PUBLIC_KEY );
assert ( secblock->pkt->pkttype == PKT_SECRET_KEY );
for (pub=pubblock,last=NULL; pub; last = pub, pub = pub->next ) {
if ( pub->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
KBNODE sec;
PKT_public_key *pk = pub->pkt->pkt.public_key;
for (sec=secblock->next; sec; sec = sec->next ) {
if ( sec->pkt->pkttype == PKT_SECRET_SUBKEY ) {
PKT_secret_key *sk = sec->pkt->pkt.secret_key;
if ( !cmp_public_secret_key ( pk, sk ) )
break;
}
}
if ( !sec ) {
KBNODE next, ll;
log_error ( "no corresponding secret subkey "
"for public subkey - removing\n" );
/* we have to remove the subkey in this case */
assert ( last );
/* find the next subkey */
for (next=pub->next,ll=pub;
next && pub->pkt->pkttype != PKT_PUBLIC_SUBKEY;
ll = next, next = next->next )
;
/* make new link */
last->next = next;
/* release this public subkey with all sigs */
ll->next = NULL;
release_kbnode( pub );
/* let the loop continue */
pub = last;
}
}
}
}
@ -1859,8 +2032,17 @@ find_by_fpr( KBNODE keyblock, const char *name, int mode )
size_t an;
fingerprint_from_pk(k->pkt->pkt.public_key, afp, &an );
if( an == mode && !memcmp( afp, name, an) ) {
return k;
if ( mode == 21 ) {
/* Unified fingerprint. The fingerprint is always 20 bytes*/
while ( an < 20 )
afp[an++] = 0;
if ( !memcmp( afp, name, 20 ) )
return k;
}
else {
if( an == mode && !memcmp( afp, name, an) ) {
return k;
}
}
}
}
@ -2055,6 +2237,7 @@ lookup( GETKEY_CTX ctx, KBNODE *ret_keyblock, int secmode )
}
secblock = ctx->keyblock;
ctx->keyblock = k;
premerge_public_with_secret ( ctx->keyblock, secblock );
}
@ -2078,7 +2261,8 @@ lookup( GETKEY_CTX ctx, KBNODE *ret_keyblock, int secmode )
else if( item->mode == 15 ) {
found = 1;
}
else if( item->mode == 16 || item->mode == 20 ) {
else if( item->mode == 16 || item->mode == 20
|| item->mode == 21 ) {
k = find_by_fpr( ctx->keyblock,
item->fprint, item->mode );
found = !!k;
@ -2218,7 +2402,7 @@ enum_secret_keys( void **context, PKT_secret_key *sk, int with_subkeys )
save_mode = set_packet_list_mode(0);
init_packet(&pkt);
while( (rc=parse_packet(c->iobuf, &pkt)) != -1 ) {
while( (rc=parse_packet(c->iobuf, &pkt, NULL)) != -1 ) {
if( rc )
; /* e.g. unknown packet */
else if( pkt.pkttype == PKT_SECRET_KEY

26
g10/import.c
View File

@ -274,7 +274,7 @@ read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root )
in_cert = 0;
pkt = gcry_xmalloc( sizeof *pkt );
init_packet(pkt);
while( (rc=parse_packet(a, pkt)) != -1 ) {
while( (rc=parse_packet(a, pkt, NULL)) != -1 ) {
if( rc ) { /* ignore errors */
if( rc != GPGERR_UNKNOWN_PACKET ) {
log_error("read_block: read error: %s\n", gpg_errstr(rc) );
@ -436,7 +436,7 @@ import_one( const char *fname, KBNODE keyblock, int fast )
if( (rc=lock_keyblock( &kbpos )) )
log_error(_("can't lock keyring `%s': %s\n"),
keyblock_resource_name(&kbpos), gpg_errstr(rc) );
else if( (rc=insert_keyblock( &kbpos, keyblock )) )
else if( (rc=insert_keyblock( keyblock )) )
log_error( _("error writing keyring `%s': %s\n"),
keyblock_resource_name(&kbpos), gpg_errstr(rc) );
unlock_keyblock( &kbpos );
@ -466,18 +466,12 @@ import_one( const char *fname, KBNODE keyblock, int fast )
}
/* now read the original keyblock */
rc = find_keyblock_bypk( &kbpos, pk_orig );
rc = find_keyblock_bypk( &keyblock_orig, pk_orig );
if( rc ) {
log_error( _("key %08lX: can't locate original keyblock: %s\n"),
(ulong)keyid[1], gpg_errstr(rc));
goto leave;
}
rc = read_keyblock( &kbpos, &keyblock_orig );
if( rc ) {
log_error( _("key %08lX: can't read original keyblock: %s\n"),
(ulong)keyid[1], gpg_errstr(rc));
goto leave;
}
collapse_uids( &keyblock );
/* and try to merge the block */
@ -494,7 +488,7 @@ import_one( const char *fname, KBNODE keyblock, int fast )
if( (rc=lock_keyblock( &kbpos )) )
log_error( _("can't lock keyring `%s': %s\n"),
keyblock_resource_name(&kbpos), gpg_errstr(rc) );
else if( (rc=update_keyblock( &kbpos, keyblock_orig )) )
else if( (rc=update_keyblock( keyblock_orig )) )
log_error( _("error writing keyring `%s': %s\n"),
keyblock_resource_name(&kbpos), gpg_errstr(rc) );
unlock_keyblock( &kbpos );
@ -603,7 +597,7 @@ import_secret_one( const char *fname, KBNODE keyblock )
if( (rc=lock_keyblock( &kbpos )) )
log_error( _("can't lock keyring `%s': %s\n"),
keyblock_resource_name(&kbpos), gpg_errstr(rc) );
else if( (rc=insert_keyblock( &kbpos, keyblock )) )
else if( (rc=insert_keyblock( keyblock )) )
log_error( _("error writing keyring `%s': %s\n"),
keyblock_resource_name(&kbpos), gpg_errstr(rc) );
unlock_keyblock( &kbpos );
@ -659,18 +653,12 @@ import_revoke_cert( const char *fname, KBNODE node )
}
/* read the original keyblock */
rc = find_keyblock_bypk( &kbpos, pk );
rc = find_keyblock_bypk( &keyblock, pk );
if( rc ) {
log_error( _("key %08lX: can't locate original keyblock: %s\n"),
(ulong)keyid[1], gpg_errstr(rc));
goto leave;
}
rc = read_keyblock( &kbpos, &keyblock );
if( rc ) {
log_error( _("key %08lX: can't read original keyblock: %s\n"),
(ulong)keyid[1], gpg_errstr(rc));
goto leave;
}
/* it is okay, that node is not in keyblock because
@ -704,7 +692,7 @@ import_revoke_cert( const char *fname, KBNODE node )
if( (rc=lock_keyblock( &kbpos )) )
log_error( _("can't lock keyring `%s': %s\n"),
keyblock_resource_name(&kbpos), gpg_errstr(rc) );
else if( (rc=update_keyblock( &kbpos, keyblock )) )
else if( (rc=update_keyblock( keyblock )) )
log_error( _("error writing keyring `%s': %s\n"),
keyblock_resource_name(&kbpos), gpg_errstr(rc) );
unlock_keyblock( &kbpos );

75
g10/keydb.h
View File

@ -21,10 +21,6 @@
#ifndef GPG_KEYDB_H
#define GPG_KEYDB_H
#ifdef HAVE_LIBGDBM
#include <gdbm.h>
#endif
#include "types.h"
#include "basicdefs.h"
#include "packet.h"
@ -67,30 +63,16 @@ struct kbnode_struct {
enum resource_type {
rt_UNKNOWN = 0,
rt_RING = 1,
rt_GDBM = 2,
rt_KBXF = 3
rt_KBXF = 2
};
/****************
* A data structre to hold information about the external position
* A data structure to hold information about the external position
* of a keyblock.
*/
struct keyblock_pos_struct {
int resno; /* resource number */
enum resource_type rt;
ulong offset; /* position information */
unsigned count; /* length of the keyblock in packets */
IOBUF fp; /* used by enum_keyblocks */
int secret; /* working on a secret keyring */
#ifdef HAVE_LIBGDBM
GDBM_FILE dbf;
byte keybuf[21];
#endif
PACKET *pkt; /* ditto */
int valid;
};
typedef struct keyblock_pos_struct KBPOS;
struct keyblock_pos_struct;
typedef struct keyblock_pos_struct *KBPOS;
/* structure to hold a couple of public key certificates */
struct pk_list {
@ -106,18 +88,6 @@ struct sk_list {
int mark;
};
/* structure to collect all information which can be used to
* identify a public key */
typedef struct pubkey_find_info *PUBKEY_FIND_INFO;
struct pubkey_find_info {
u32 keyid[2];
unsigned nbits;
byte pubkey_algo;
byte fingerprint[MAX_FINGERPRINT_LEN];
char userid[1];
};
/*-- pkclist.c --*/
int check_signatures_trust( PKT_signature *sig );
@ -159,11 +129,18 @@ int get_keyblock_byfprint( KBNODE *ret_keyblock, const byte *fprint,
size_t fprint_len );
int get_keyblock_bylid( KBNODE *ret_keyblock, ulong lid );
int seckey_available( u32 *keyid );
int get_seckey_byname( PKT_secret_key *sk, const char *name, int unlock );
int get_seckey_byname( GETKEY_CTX *rx,
PKT_secret_key *sk, const char *name, int unlock,
KBNODE *retblock );
int get_seckey_bynames( GETKEY_CTX *rx, PKT_secret_key *sk,
STRLIST names, KBNODE *ret_keyblock );
int get_seckey_next( GETKEY_CTX ctx, PKT_secret_key *sk, KBNODE *ret_keyblock );
void get_seckey_end( GETKEY_CTX ctx );
int find_keyblock_byname( KBNODE *retblock, const char *username );
int find_secret_keyblock_byname( KBNODE *retblock, const char *username );
int find_keyblock_bypk( KBNODE *retblock, PKT_public_key *pk );
int find_keyblock_bysk( KBNODE *retblock, PKT_secret_key *sk );
int enum_secret_keys( void **context, PKT_secret_key *sk, int with_subkeys );
void merge_keys_and_selfsig( KBNODE keyblock );
void merge_public_with_secret ( KBNODE pubblock, KBNODE secblock );
@ -187,6 +164,10 @@ const char *expirestr_from_pk( PKT_public_key *pk );
const char *expirestr_from_sk( PKT_secret_key *sk );
byte *fingerprint_from_sk( PKT_secret_key *sk, byte *buf, size_t *ret_len );
byte *fingerprint_from_pk( PKT_public_key *pk, byte *buf, size_t *ret_len );
char *unified_fingerprint_from_pk( PKT_public_key *pk,
char *buffer, size_t bufsize );
char *unified_fingerprint_from_sk( PKT_secret_key *sk,
char *buffer, size_t bufsize );
/*-- kbnode.c --*/
KBNODE new_kbnode( PACKET *pkt );
@ -208,25 +189,13 @@ void dump_kbnode( KBNODE node );
/*-- ringedit.c --*/
const char *enum_keyblock_resources( int *sequence, int secret );
int add_keyblock_resource( const char *resname, int force, int secret );
const char *keyblock_resource_name( KBPOS *kbpos );
int get_keyblock_handle( const char *filename, int secret, KBPOS *kbpos );
const char *keyblock_resource_name( KBPOS kbpos );
int get_keyblock_handle( const char *filename, int secret, KBPOS kbpos );
char *get_writable_keyblock_file( int secret );
int locate_keyblock_by_fpr( KBPOS *kbpos, const byte *fpr,
int fprlen, int secret );
int locate_keyblock_by_keyid( KBPOS *kbpos, u32 *keyid,
int shortkid, int secret );
int find_keyblock( PUBKEY_FIND_INFO info, KBPOS *kbpos );
int find_keyblock_byname( KBPOS *kbpos, const char *username );
int find_keyblock_bypk( KBPOS *kbpos, PKT_public_key *pk );
int find_keyblock_bysk( KBPOS *kbpos, PKT_secret_key *sk );
int find_secret_keyblock_byname( KBPOS *kbpos, const char *username );
int lock_keyblock( KBPOS *kbpos );
void unlock_keyblock( KBPOS *kbpos );
int read_keyblock( KBPOS *kbpos, KBNODE *ret_root );
int enum_keyblocks( int mode, KBPOS *kbpos, KBNODE *ret_root );
int insert_keyblock( KBPOS *kbpos, KBNODE root );
int delete_keyblock( KBPOS *kbpos );
int update_keyblock( KBPOS *kbpos, KBNODE root );
int enum_keyblocks( int mode, KBPOS kbpos, KBNODE *ret_root );
int insert_keyblock( KBNODE keyblock );
int delete_keyblock( KBNODE keyblock );
int update_keyblock( KBNODE keyblock );
#endif /*GPG_KEYDB_H*/

27
g10/keyedit.c
View File

@ -89,18 +89,13 @@ get_keyblock_byname( KBNODE *keyblock, KBPOS *kbpos, const char *username )
*keyblock = NULL;
/* search the userid */
rc = find_keyblock_byname( kbpos, username );
rc = find_keyblock_byname( keyblock, username );
if( rc ) {
log_error(_("%s: user not found\n"), username );
log_error(_("%s: user not found: %s\n"), username, gpg_errstr(rc) );
return rc;
}
/* read the keyblock */
rc = read_keyblock( kbpos, keyblock );
if( rc )
log_error("%s: keyblock read problem: %s\n", username, gpg_errstr(rc));
else
merge_keys_and_selfsig( *keyblock );
merge_keys_and_selfsig( *keyblock );
return rc;
}
@ -616,7 +611,6 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
KBNODE keyblock = NULL;
KBPOS keyblockpos;
KBNODE sec_keyblock = NULL;
KBPOS sec_keyblockpos;
KBNODE cur_keyblock;
char *answer = NULL;
int redisplay = 1;
@ -640,14 +634,11 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
if( !sign_mode ) {
/* first try to locate it as secret key */
rc = find_secret_keyblock_byname( &sec_keyblockpos, username );
if( !rc ) {
rc = read_keyblock( &sec_keyblockpos, &sec_keyblock );
if( rc ) {
log_error("%s: secret keyblock read problem: %s\n",
rc = find_secret_keyblock_byname( &sec_keyblock, username );
if( rc && rc != GPGERR_NO_SECKEY )
log_debug("%s: secret keyblock read problem: %s\n",
username, gpg_errstr(rc));
goto leave;
}
if( !rc ) {
merge_keys_and_selfsig( sec_keyblock );
if( fix_keyblock( sec_keyblock ) )
sec_modified++;
@ -966,14 +957,14 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
do_cmd_save:
if( modified || sec_modified ) {
if( modified ) {
rc = update_keyblock( &keyblockpos, keyblock );
rc = update_keyblock( keyblock );
if( rc ) {
log_error(_("update failed: %s\n"), gpg_errstr(rc) );
break;
}
}
if( sec_modified ) {
rc = update_keyblock( &sec_keyblockpos, sec_keyblock );
rc = update_keyblock( sec_keyblock );
if( rc ) {
log_error(_("update secret failed: %s\n"),
gpg_errstr(rc) );

4
g10/keygen.c
View File

@ -1752,9 +1752,9 @@ do_generate_keypair( struct para_data_s *para,
log_error("can't lock public keyring: %s\n", gpg_errstr(rc) );
else if( (rc=rc2=lock_keyblock( &sec_kbpos )) )
log_error("can't lock secret keyring: %s\n", gpg_errstr(rc) );
else if( (rc=insert_keyblock( &pub_kbpos, pub_root )) )
else if( (rc=insert_keyblock( pub_root )) )
log_error("can't write public key: %s\n", gpg_errstr(rc) );
else if( (rc=insert_keyblock( &sec_kbpos, sec_root )) )
else if( (rc=insert_keyblock( sec_root )) )
log_error("can't write secret key: %s\n", gpg_errstr(rc) );
else {
if( !opt.batch )

65
g10/keyid.c
View File

@ -436,6 +436,40 @@ fingerprint_from_pk( PKT_public_key *pk, byte *array, size_t *ret_len )
return array;
}
/* Create a unified fingerprint, that is a printable fingerprint along
* wth some other information suitable to passto get_pubkye_byname.
* Pass NULL for buffer to let this function allocate the buffer.
* This function will truncate the buffer in a way that a valid C string
* is returnd (unless bufsize is 0)
* Returns: Supplied buffer or newly allocated buffer
*/
char *
unified_fingerprint_from_pk( PKT_public_key *pk,
char *buffer, size_t bufsize )
{
byte fpr[MAX_FINGERPRINT_LEN];
size_t fprlen;
int i;
fingerprint_from_pk( pk, fpr, &fprlen );
if ( !buffer ) {
bufsize = 1+fprlen*2+1+4+1+1;
buffer = gcry_xmalloc( bufsize );
}
if ( bufsize < 1+fprlen*2+1+4+1+1 ) {
/* Hmmm, that should be sufficiend also not very nice */
if ( bufsize )
*buffer = 0;
return buffer;
}
*buffer = ':';
for (i=0; i < fprlen; i++ )
sprintf( buffer+1+i*2, "%02X", fpr[i] );
sprintf( buffer+1+i*2, ":%d:", (pk->pubkey_algo & 0xff) );
return buffer;
}
byte *
fingerprint_from_sk( PKT_secret_key *sk, byte *array, size_t *ret_len )
{
@ -495,5 +529,36 @@ fingerprint_from_sk( PKT_secret_key *sk, byte *array, size_t *ret_len )
return array;
}
char *
unified_fingerprint_from_sk( PKT_secret_key *sk,
char *buffer, size_t bufsize )
{
byte fpr[MAX_FINGERPRINT_LEN];
size_t fprlen;
int i;
fingerprint_from_sk( sk, fpr, &fprlen );
if ( !buffer ) {
bufsize = 1+fprlen*2+1+4+1+1;
buffer = gcry_xmalloc( bufsize );
}
if ( bufsize < 1+fprlen*2+1+4+1+1 ) {
/* Hmmm, that should be sufficiend also not very nice */
if ( bufsize )
*buffer = 0;
return buffer;
}
*buffer = ':';
for (i=0; i < fprlen; i++ )
sprintf( buffer+1+i*2, "%02X", fpr[i] );
sprintf( buffer+1+i*2, ":%d:", (sk->pubkey_algo & 0xff) );
return buffer;
}

2
g10/mainproc.c
View File

@ -953,7 +953,7 @@ do_proc_packets( CTX c, IOBUF a )
c->iobuf = a;
init_packet(pkt);
while( (rc=parse_packet(a, pkt)) != -1 ) {
while( (rc=parse_packet(a, pkt, NULL)) != -1 ) {
any_data = 1;
if( rc ) {
free_packet(pkt);

7
g10/packet.h
View File

@ -293,18 +293,19 @@ int set_packet_list_mode( int mode );
#if DEBUG_PARSE_PACKET
int dbg_search_packet( IOBUF inp, PACKET *pkt, int pkttype, ulong *retpos, const char* file, int lineno );
int dbg_parse_packet( IOBUF inp, PACKET *ret_pkt, const char* file, int lineno );
int dbg_parse_packet( IOBUF inp, PACKET *ret_pkt, ulong *pos,
const char* file, int lineno );
int dbg_copy_all_packets( IOBUF inp, IOBUF out, const char* file, int lineno );
int dbg_copy_some_packets( IOBUF inp, IOBUF out, ulong stopoff, const char* file, int lineno );
int dbg_skip_some_packets( IOBUF inp, unsigned n, const char* file, int lineno );
#define search_packet( a,b,c,d ) dbg_search_packet( (a), (b), (c), (d), __FILE__, __LINE__ )
#define parse_packet( a, b ) dbg_parse_packet( (a), (b), __FILE__, __LINE__ )
#define parse_packet( a, b, c ) dbg_parse_packet( (a), (b), (c), __FILE__, __LINE__ )
#define copy_all_packets( a,b ) dbg_copy_all_packets((a),(b), __FILE__, __LINE__ )
#define copy_some_packets( a,b,c ) dbg_copy_some_packets((a),(b),(c), __FILE__, __LINE__ )
#define skip_some_packets( a,b ) dbg_skip_some_packets((a),(b), __FILE__, __LINE__ )
#else
int search_packet( IOBUF inp, PACKET *pkt, int pkttype, ulong *retpos );
int parse_packet( IOBUF inp, PACKET *ret_pkt);
int parse_packet( IOBUF inp, PACKET *ret_pkt, ulong *retpos);
int copy_all_packets( IOBUF inp, IOBUF out );
int copy_some_packets( IOBUF inp, IOBUF out, ulong stopoff );
int skip_some_packets( IOBUF inp, unsigned n );

10
g10/parse-packet.c
View File

@ -127,23 +127,25 @@ unknown_pubkey_warning( int algo )
*/
#ifdef DEBUG_PARSE_PACKET
int
dbg_parse_packet( IOBUF inp, PACKET *pkt, const char *dbg_f, int dbg_l )
dbg_parse_packet( IOBUF inp, PACKET *pkt, ulong *retpos,
const char *dbg_f, int dbg_l )
{
int skip, rc;
do {
rc = parse( inp, pkt, 0, NULL, &skip, NULL, 0, "parse", dbg_f, dbg_l );
rc = parse( inp, pkt, 0, retpos,
&skip, NULL, 0, "parse", dbg_f, dbg_l );
} while( skip );
return rc;
}
#else
int
parse_packet( IOBUF inp, PACKET *pkt )
parse_packet( IOBUF inp, PACKET *pkt, ulong *retpos )
{
int skip, rc;
do {
rc = parse( inp, pkt, 0, NULL, &skip, NULL, 0 );
rc = parse( inp, pkt, 0, retpos, &skip, NULL, 0 );
} while( skip );
return rc;
}

2
g10/pkclist.c
View File

@ -779,7 +779,7 @@ default_recipient(void)
if( !opt.def_recipient_self )
return NULL;
sk = gcry_xcalloc( 1, sizeof *sk );
i = get_seckey_byname( sk, NULL, 0 );
i = get_seckey_byname( NULL, sk, NULL, 0, NULL );
if( i ) {
free_secret_key( sk );
return NULL;

13
g10/revoke.c
View File

@ -87,7 +87,6 @@ gen_revoke( const char *uname )
IOBUF out = NULL;
KBNODE keyblock = NULL;
KBNODE node;
KBPOS kbpos;
struct revocation_reason_info *reason = NULL;
if( opt.batch ) {
@ -102,16 +101,10 @@ gen_revoke( const char *uname )
/* search the userid */
rc = find_secret_keyblock_byname( &kbpos, uname );
rc = find_secret_keyblock_byname( &keyblock, uname );
if( rc ) {
log_error(_("secret key for user `%s' not found\n"), uname );
goto leave;
}
/* read the keyblock */
rc = read_keyblock( &kbpos, &keyblock );
if( rc ) {
log_error(_("error reading the certificate: %s\n"), gpg_errstr(rc) );
log_error(_("secret key for user `%s' not found: %s\n"),
uname, gpg_errstr(rc) );
goto leave;
}

1238
g10/ringedit.c
View File

File diff suppressed because it is too large Load Diff

4
g10/skclist.c
View File

@ -60,7 +60,7 @@ build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list, int unlock,
sk = gcry_xcalloc( 1, sizeof *sk );
sk->req_usage = use;
if( (rc = get_seckey_byname( sk, NULL, unlock )) ) {
if( (rc = get_seckey_byname( NULL, sk, NULL, unlock, NULL )) ) {
free_secret_key( sk ); sk = NULL;
log_error("no default secret key: %s\n", gpg_errstr(rc) );
}
@ -93,7 +93,7 @@ build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list, int unlock,
sk = gcry_xcalloc( 1, sizeof *sk );
sk->req_usage = use;
if( (rc = get_seckey_byname( sk, locusr->d, unlock )) ) {
if( (rc = get_seckey_byname( NULL, sk, locusr->d, unlock, NULL))) {
free_secret_key( sk ); sk = NULL;
log_error(_("skipped `%s': %s\n"), locusr->d, gpg_errstr(rc) );
}