security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-10 13:04:23 +01:00
Code Activity

Treat key lists internally as fingerprints when possible. All this is via

Browse Source 
KEYDB_SEARCH_DESC - no point in reinventing the wheel. This allows the
helper program to search the keyserver by fingerprint if desired (and the
keyserver supports it).  Note that automatic fingerprint promotion during
refresh only applies to v4 keys as a v4 fingerprint can be easily changed
into a long or short key id, and a v3 cannot.

Take two copies of hextobyte() from pubkey-enc.c and getkey.c and make
them into one copy in misc.c.
This commit is contained in:
David Shaw 2002-02-26 01:00:12 +00:00
parent 3720c5b008
commit 6deb95687d
8 changed files with 161 additions and 119 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
g10/ChangeLog
View File

@ -1,4 +1,19 @@
2002-03-12 David Shaw <dshaw@jabberwocky.com> 2002-02-25 David Shaw <dshaw@jabberwocky.com>
* hkp.c (hkp_ask_import), hkp.h, keyserver.c (all): treat key
lists internally as fingerprints when possible. All this is via
KEYDB_SEARCH_DESC - no point in reinventing the wheel. This allows
the helper program to search the keyserver by fingerprint if
desired (and the keyserver supports it). Note that automatic
fingerprint promotion during refresh only applies to v4 keys as a
v4 fingerprint can be easily changed into a long or short key id,
and a v3 cannot.
* pubkey-enc.c, getkey.c, misc.c, main.h: Take two copies of
hextobyte() from pubkey-enc.c and getkey.c and make them into one
copy in misc.c.
2002-02-22 David Shaw <dshaw@jabberwocky.com>
* keyserver.c (keyserver_search_prompt): Detect a "no keys found" * keyserver.c (keyserver_search_prompt): Detect a "no keys found"
case even if the helper program does not explicitly say how many case even if the helper program does not explicitly say how many

28
g10/getkey.c
View File

@ -451,34 +451,6 @@ seckey_available( u32 *keyid )
} }
static int
hextobyte( const byte *s )
{
int c;
if( *s >= '0' && *s <= '9' )
c = 16 * (*s - '0');
else if( *s >= 'A' && *s <= 'F' )
c = 16 * (10 + *s - 'A');
else if( *s >= 'a' && *s <= 'f' )
c = 16 * (10 + *s - 'a');
else
return -1;
s++;
if( *s >= '0' && *s <= '9' )
c += *s - '0';
else if( *s >= 'A' && *s <= 'F' )
c += 10 + *s - 'A';
else if( *s >= 'a' && *s <= 'f' )
c += 10 + *s - 'a';
else
return -1;
return c;
}
/**************** /****************
* Return the type of the user id: * Return the type of the user id:
* *

18
g10/hkp.c
View File

@ -48,15 +48,27 @@ static int urlencode_filter( void *opaque, int control,
* or other error codes. * or other error codes.
*/ */
int int
hkp_ask_import( u32 *keyid, void *stats_handle) hkp_ask_import( KEYDB_SEARCH_DESC *desc, void *stats_handle)
{ {
struct http_context hd; struct http_context hd;
char *request; char *request;
int rc; int rc;
unsigned int hflags = opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY : 0; unsigned int hflags = opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY : 0;
u32 key[2];
if(desc->mode==KEYDB_SEARCH_MODE_FPR20)
keyid_from_fingerprint(desc->u.fpr,MAX_FINGERPRINT_LEN,key);
else if(desc->mode==KEYDB_SEARCH_MODE_LONG_KID ||
desc->mode==KEYDB_SEARCH_MODE_SHORT_KID)
{
key[0]=desc->u.kid[0];
key[1]=desc->u.kid[1];
}
else
return -1; /* HKP does not support v3 fingerprints */
log_info(_("requesting key %08lX from HKP keyserver %s\n"), log_info(_("requesting key %08lX from HKP keyserver %s\n"),
(ulong)keyid[1],opt.keyserver_host ); (ulong)key[1],opt.keyserver_host );
request = m_alloc( strlen( opt.keyserver_host ) + 100 ); request = m_alloc( strlen( opt.keyserver_host ) + 100 );
/* hkp does not accept the long keyid - we should really write a /* hkp does not accept the long keyid - we should really write a
* nicer one :-) * nicer one :-)
@ -72,7 +84,7 @@ hkp_ask_import( u32 *keyid, void *stats_handle)
opt.keyserver_host, opt.keyserver_host,
atoi(opt.keyserver_port)>0?":":"", atoi(opt.keyserver_port)>0?":":"",
atoi(opt.keyserver_port)>0?opt.keyserver_port:"", atoi(opt.keyserver_port)>0?opt.keyserver_port:"",
(ulong)keyid[1] ); (ulong)key[1] );
if(opt.keyserver_options.verbose>2) if(opt.keyserver_options.verbose>2)
log_info("request is \"%s\"\n",request); log_info("request is \"%s\"\n",request);

2
g10/hkp.h
View File

@ -21,7 +21,7 @@
#ifndef G10_HKP_H #ifndef G10_HKP_H
#define G10_HKP_H 1 #define G10_HKP_H 1
int hkp_ask_import( u32 *keyid, void *stats_handle); int hkp_ask_import( KEYDB_SEARCH_DESC *desc, void *stats_handle);
int hkp_import( STRLIST users ); int hkp_import( STRLIST users );
int hkp_export( STRLIST users ); int hkp_export( STRLIST users );
int hkp_search(STRLIST tokens); int hkp_search(STRLIST tokens);

144
g10/keyserver.c
View File

@ -177,7 +177,7 @@ printunquoted(char *string,char delim)
} }
static int static int
print_keyinfo(int count,char *keystring,u32 *keyid) print_keyinfo(int count,char *keystring,KEYDB_SEARCH_DESC *desc)
{ {
char *certid,*userid,*keytype,*tok; char *certid,*userid,*keytype,*tok;
int flags,keysize=0; int flags,keysize=0;
@ -186,14 +186,12 @@ print_keyinfo(int count,char *keystring,u32 *keyid)
if((certid=strsep(&keystring,":"))==NULL) if((certid=strsep(&keystring,":"))==NULL)
return -1; return -1;
/* Ideally this is the long key ID, but HKP uses the short key classify_user_id (certid, desc);
ID. */ if(desc->mode!=KEYDB_SEARCH_MODE_SHORT_KID &&
if(sscanf(certid,"%08lX%08lX",(ulong *)&keyid[0],(ulong *)&keyid[1])!=2) desc->mode!=KEYDB_SEARCH_MODE_LONG_KID &&
{ desc->mode!=KEYDB_SEARCH_MODE_FPR16 &&
keyid[0]=0; desc->mode!=KEYDB_SEARCH_MODE_FPR20)
if(sscanf(certid,"%08lX",(ulong *)&keyid[1])!=1)
return -1; return -1;
}
if((tok=strsep(&keystring,":"))==NULL) if((tok=strsep(&keystring,":"))==NULL)
return -1; return -1;
@ -249,7 +247,7 @@ print_keyinfo(int count,char *keystring,u32 *keyid)
if(expiretime>0) if(expiretime>0)
printf(" expires %s,",strtimestamp(expiretime)); printf(" expires %s,",strtimestamp(expiretime));
printf(" keyid %s\n",certid); printf(" key %s\n",certid);
return 0; return 0;
} }
@ -258,7 +256,8 @@ print_keyinfo(int count,char *keystring,u32 *keyid)
#define KEYSERVER_ARGS_NOKEEP " -o \"%o\" \"%i\"" #define KEYSERVER_ARGS_NOKEEP " -o \"%o\" \"%i\""
static int static int
keyserver_spawn(int action,STRLIST list,u32 (*kidlist)[2],int count,int *prog) keyserver_spawn(int action,STRLIST list,
KEYDB_SEARCH_DESC *desc,int count,int *prog)
{ {
int ret=0,i,gotversion=0,outofband=0; int ret=0,i,gotversion=0,outofband=0;
STRLIST temp; STRLIST temp;
@ -333,8 +332,37 @@ keyserver_spawn(int action,STRLIST list,u32 (*kidlist)[2],int count,int *prog)
/* Which keys do we want? */ /* Which keys do we want? */
for(i=0;i<count;i++) for(i=0;i<count;i++)
{
if(desc[i].mode==KEYDB_SEARCH_MODE_FPR20)
{
int f;
fprintf(spawn->tochild,"0x");
for(f=0;f<MAX_FINGERPRINT_LEN;f++)
fprintf(spawn->tochild,"%02X",(byte)desc[i].u.fpr[f]);
fprintf(spawn->tochild,"\n");
}
else if(desc[i].mode==KEYDB_SEARCH_MODE_FPR16)
{
int f;
fprintf(spawn->tochild,"0x");
for(f=0;f<16;f++)
fprintf(spawn->tochild,"%02X",(byte)desc[i].u.fpr[f]);
fprintf(spawn->tochild,"\n");
}
else if(desc[i].mode==KEYDB_SEARCH_MODE_LONG_KID)
fprintf(spawn->tochild,"0x%08lX%08lX\n", fprintf(spawn->tochild,"0x%08lX%08lX\n",
(ulong)kidlist[i][0],(ulong)kidlist[i][1]); (ulong)desc[i].u.kid[0],
(ulong)desc[i].u.kid[1]);
else
fprintf(spawn->tochild,"0x%08lX\n",
(ulong)desc[i].u.kid[1]);
}
fprintf(spawn->tochild,"\n"); fprintf(spawn->tochild,"\n");
@ -526,7 +554,7 @@ keyserver_spawn(int action,STRLIST list,u32 (*kidlist)[2],int count,int *prog)
} }
static int static int
keyserver_work(int action,STRLIST list,u32 (*kidlist)[2],int count) keyserver_work(int action,STRLIST list,KEYDB_SEARCH_DESC *desc,int count)
{ {
int rc=0,ret=0; int rc=0,ret=0;
@ -550,7 +578,7 @@ keyserver_work(int action,STRLIST list,u32 (*kidlist)[2],int count)
{ {
case GET: case GET:
for(count--;count>=0;count--) for(count--;count>=0;count--)
if(hkp_ask_import(kidlist[count],stats_handle)) if(hkp_ask_import(&desc[count],stats_handle))
log_inc_errorcount(); log_inc_errorcount();
break; break;
case SEND: case SEND:
@ -568,7 +596,7 @@ keyserver_work(int action,STRLIST list,u32 (*kidlist)[2],int count)
/* It's not the internal HKP code, so try and spawn a handler for it */ /* It's not the internal HKP code, so try and spawn a handler for it */
rc=keyserver_spawn(action,list,kidlist,count,&ret); rc=keyserver_spawn(action,list,desc,count,&ret);
if(ret) if(ret)
{ {
switch(ret) switch(ret)
@ -613,42 +641,37 @@ keyserver_export(STRLIST users)
int int
keyserver_import(STRLIST users) keyserver_import(STRLIST users)
{ {
u32 (*kidlist)[2]; KEYDB_SEARCH_DESC *desc;
int num=100,count=0; int num=100,count=0;
int rc=0; int rc=0;
/* Build a list of key ids */ /* Build a list of key ids */
desc=m_alloc(sizeof(KEYDB_SEARCH_DESC)*num);
kidlist=m_alloc(sizeof(u32)*2*num);
for(;users;users=users->next) for(;users;users=users->next)
{ {
KEYDB_SEARCH_DESC desc; classify_user_id (users->d, &desc[count]);
if(desc[count].mode!=KEYDB_SEARCH_MODE_SHORT_KID &&
classify_user_id (users->d, &desc); desc[count].mode!=KEYDB_SEARCH_MODE_LONG_KID &&
if(desc.mode==KEYDB_SEARCH_MODE_SHORT_KID || desc[count].mode!=KEYDB_SEARCH_MODE_FPR16 &&
desc.mode==KEYDB_SEARCH_MODE_LONG_KID) desc[count].mode!=KEYDB_SEARCH_MODE_FPR20)
{ {
kidlist[count][0]=desc.u.kid[0]; log_error(_("skipping invalid key ID \"%s\"\n"),users->d);
kidlist[count][1]=desc.u.kid[1]; continue;
}
count++; count++;
if(count==num) if(count==num)
{ {
num+=100; num+=100;
kidlist=m_realloc(kidlist,sizeof(u32)*2*num); desc=m_realloc(desc,sizeof(KEYDB_SEARCH_DESC)*num);
}
}
else
{
log_error (_("skipping invalid key ID \"%s\"\n"), users->d );
continue;
} }
} }
if(count>0) if(count>0)
rc=keyserver_work(GET,NULL,kidlist,count); rc=keyserver_work(GET,NULL,desc,count);
m_free(kidlist); m_free(desc);
return rc; return rc;
} }
@ -673,7 +696,7 @@ keyserver_import_keyid(u32 *keyid)
/* code mostly stolen from do_export_stream */ /* code mostly stolen from do_export_stream */
static int static int
keyidlist(STRLIST users,u32 (**kidlist)[2],int *count,int fakev3) keyidlist(STRLIST users,KEYDB_SEARCH_DESC **klist,int *count,int fakev3)
{ {
int rc=0,ndesc,num=100; int rc=0,ndesc,num=100;
KBNODE keyblock=NULL,node; KBNODE keyblock=NULL,node;
@ -683,7 +706,7 @@ keyidlist(STRLIST users,u32 (**kidlist)[2],int *count,int fakev3)
*count=0; *count=0;
*kidlist=m_alloc(sizeof(u32)*2*num); *klist=m_alloc(sizeof(KEYDB_SEARCH_DESC)*num);
kdbhd=keydb_new(0); kdbhd=keydb_new(0);
@ -734,33 +757,52 @@ keyidlist(STRLIST users,u32 (**kidlist)[2],int *count,int fakev3)
if(fakev3 && is_RSA(node->pkt->pkt.public_key->pubkey_algo) && if(fakev3 && is_RSA(node->pkt->pkt.public_key->pubkey_algo) &&
node->pkt->pkt.public_key->version>=4) node->pkt->pkt.public_key->version>=4)
{ {
(*klist)[*count].mode=KEYDB_SEARCH_MODE_LONG_KID;
mpi_get_keyid(node->pkt->pkt.public_key->pkey[0], mpi_get_keyid(node->pkt->pkt.public_key->pkey[0],
(*kidlist)[*count]); (*klist)[*count].u.kid);
(*count)++; (*count)++;
if(*count==num) if(*count==num)
{ {
num+=100; num+=100;
*kidlist=m_realloc(*kidlist,sizeof(u32)*2*num); *klist=m_realloc(*klist,sizeof(KEYDB_SEARCH_DESC)*num);
} }
} }
keyid_from_pk(node->pkt->pkt.public_key,(*kidlist)[*count]); /* v4 keys get full fingerprints. v3 keys get long keyids.
This is because it's easy to calculate any sort of key id
from a v4 fingerprint, but not a v3 fingerprint. */
if(node->pkt->pkt.public_key->version<4)
{
(*klist)[*count].mode=KEYDB_SEARCH_MODE_LONG_KID;
keyid_from_pk(node->pkt->pkt.public_key,
(*klist)[*count].u.kid);
}
else
{
size_t dummy;
(*klist)[*count].mode=KEYDB_SEARCH_MODE_FPR20;
fingerprint_from_pk(node->pkt->pkt.public_key,
(*klist)[*count].u.fpr,&dummy);
}
(*count)++; (*count)++;
if(*count==num) if(*count==num)
{ {
num+=100; num+=100;
*kidlist=m_realloc(*kidlist,sizeof(u32)*2*num); *klist=m_realloc(*klist,sizeof(KEYDB_SEARCH_DESC)*num);
} }
} }
} }
if( rc == -1 ) if(rc==-1)
rc = 0; rc=0;
leave: leave:
m_free(desc);
keydb_release(kdbhd); keydb_release(kdbhd);
release_kbnode(keyblock); release_kbnode(keyblock);
@ -774,7 +816,7 @@ int
keyserver_refresh(STRLIST users) keyserver_refresh(STRLIST users)
{ {
int rc,count,fakev3=0; int rc,count,fakev3=0;
u32 (*kidlist)[2]; KEYDB_SEARCH_DESC *desc;
/* If refresh_add_fake_v3_keyids is on and it's a HKP scheme, then /* If refresh_add_fake_v3_keyids is on and it's a HKP scheme, then
enable fake v3 keyid generation. */ enable fake v3 keyid generation. */
@ -785,7 +827,7 @@ keyserver_refresh(STRLIST users)
strcasecmp(opt.keyserver_scheme,"x-broken-hkp")==0)) strcasecmp(opt.keyserver_scheme,"x-broken-hkp")==0))
fakev3=1; fakev3=1;
rc=keyidlist(users,&kidlist,&count,fakev3); rc=keyidlist(users,&desc,&count,fakev3);
if(rc) if(rc)
return rc; return rc;
@ -795,9 +837,9 @@ keyserver_refresh(STRLIST users)
log_info(_("%d keys to refresh\n"),count); log_info(_("%d keys to refresh\n"),count);
if(count>0) if(count>0)
rc=keyserver_work(GET,NULL,kidlist,count); rc=keyserver_work(GET,NULL,desc,count);
m_free(kidlist); m_free(desc);
return 0; return 0;
} }
@ -819,7 +861,7 @@ keyserver_search_prompt(IOBUF buffer,int count,const char *searchstr)
{ {
int i=0,validcount=1; int i=0,validcount=1;
unsigned int maxlen=256,buflen=0; unsigned int maxlen=256,buflen=0;
u32 (*keyids)[2]; KEYDB_SEARCH_DESC *desc;
byte *line=NULL; byte *line=NULL;
char *answer; char *answer;
@ -832,7 +874,7 @@ keyserver_search_prompt(IOBUF buffer,int count,const char *searchstr)
count=1; count=1;
} }
keyids=m_alloc(count*sizeof(u32)*2); desc=m_alloc(count*sizeof(KEYDB_SEARCH_DESC));
/* Read each line and show it to the user */ /* Read each line and show it to the user */
@ -843,7 +885,7 @@ keyserver_search_prompt(IOBUF buffer,int count,const char *searchstr)
if(i==count) if(i==count)
{ {
count++; count++;
keyids=m_realloc(keyids,count*sizeof(u32)*2); desc=m_realloc(desc,count*sizeof(KEYDB_SEARCH_DESC));
validcount=0; validcount=0;
} }
@ -861,7 +903,7 @@ keyserver_search_prompt(IOBUF buffer,int count,const char *searchstr)
rl=iobuf_read_line(buffer,&line,&buflen,&maxlen); rl=iobuf_read_line(buffer,&line,&buflen,&maxlen);
if(rl>0) if(rl>0)
{ {
if(print_keyinfo(i,line,keyids[i-1])) if(print_keyinfo(i,line,&desc[i-1])==-1)
continue; continue;
} }
else else
@ -888,7 +930,7 @@ keyserver_search_prompt(IOBUF buffer,int count,const char *searchstr)
while((num=strsep(&split," ,"))!=NULL) while((num=strsep(&split," ,"))!=NULL)
if(atoi(num)>=1 && atoi(num)<=i) if(atoi(num)>=1 && atoi(num)<=i)
keyserver_work(GET,NULL,&keyids[atoi(num)-1],1); keyserver_work(GET,NULL,&desc[atoi(num)-1],1);
m_free(answer); m_free(answer);
break; break;
@ -896,7 +938,7 @@ keyserver_search_prompt(IOBUF buffer,int count,const char *searchstr)
} }
} }
m_free(keyids); m_free(desc);
m_free(line); m_free(line);
notfound: notfound:

1
g10/main.h
View File

@ -68,6 +68,7 @@ int openpgp_md_test_algo( int algo );
int check_permissions(const char *path,int extension,int checkonly); int check_permissions(const char *path,int extension,int checkonly);
void idea_cipher_warn( int show ); void idea_cipher_warn( int show );
char *pct_expando(const char *string,PKT_public_key *pk); char *pct_expando(const char *string,PKT_public_key *pk);
int hextobyte( const char *s );
/*-- helptext.c --*/ /*-- helptext.c --*/
void display_online_help( const char *keyword ); void display_online_help( const char *keyword );

25
g10/misc.c
View File

@ -550,3 +550,28 @@ pct_expando(const char *string,PKT_public_key *pk)
m_free(ret); m_free(ret);
return NULL; return NULL;
} }
int
hextobyte( const char *s )
{
int c;
if( *s >= '0' && *s <= '9' )
c = 16 * (*s - '0');
else if( *s >= 'A' && *s <= 'F' )
c = 16 * (10 + *s - 'A');
else if( *s >= 'a' && *s <= 'f' )
c = 16 * (10 + *s - 'a');
else
return -1;
s++;
if( *s >= '0' && *s <= '9' )
c += *s - '0';
else if( *s >= 'A' && *s <= 'F' )
c += 10 + *s - 'A';
else if( *s >= 'a' && *s <= 'f' )
c += 10 + *s - 'a';
else
return -1;
return c;
}

25
g10/pubkey-enc.c
View File

@ -263,31 +263,6 @@ get_it( PKT_pubkey_enc *enc, DEK *dek, PKT_secret_key *sk, u32 *keyid )
} }
static int
hextobyte( const char *s )
{
int c;
if( *s >= '0' && *s <= '9' )
c = 16 * (*s - '0');
else if( *s >= 'A' && *s <= 'F' )
c = 16 * (10 + *s - 'A');
else if( *s >= 'a' && *s <= 'f' )
c = 16 * (10 + *s - 'a');
else
return -1;
s++;
if( *s >= '0' && *s <= '9' )
c += *s - '0';
else if( *s >= 'A' && *s <= 'F' )
c += 10 + *s - 'A';
else if( *s >= 'a' && *s <= 'f' )
c += 10 + *s - 'a';
else
return -1;
return c;
}
/**************** /****************
* Get the session key from the given string. * Get the session key from the given string.
* String is supposed to be formatted as this: * String is supposed to be formatted as this: