From 7f3ce66ec56a5aea6170b7eb1bda5626eb208c83 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Tue, 2 Feb 2021 19:53:21 +0100 Subject: [PATCH] gpg: Remove support for PKA. * g10/gpg.c (oPrintPKARecords): Remove. (opts): Remove --print-pka-records. (main): Remove "pka-lookups","pka-trust-increase" and other PKA stuff. * g10/options.h (EXPORT_DANE_FORMAT): Remove. (VERIFY_PKA_LOOKUPS, VERIFY_PKA_TRUST_INCREASE): Remove. (KEYSERVER_HONOR_PKA_RECORD): Remove. * g10/packet.h (pka_info_t): Remove. (PKT_signature): Remove flags.pka_tried and pka_info. * g10/parse-packet.c (register_known_notation): Remove "pka-address@gnupg.org". * g10/pkclist.c (check_signatures_trust): Remove PKA stuff. * g10/call-dirmngr.c (gpg_dirmngr_get_pka): Remove. * g10/export.c (parse_export_options): Remove "export-pka". (do_export): Adjust for this. (write_keyblock_to_output): Ditto. (do_export_stream): Ditto. (print_pka_or_dane_records): Rename to ... (print_dane_records): this and remove two args. Remove PKA printing. * g10/free-packet.c (free_seckey_enc, cp_pka_info): Adjust for removed pka_info field. * g10/getkey.c (get_pubkey_byname): Make AKL_PKA a dummy. * g10/keyserver.c: Remove "honor-pka-record". (keyserver_import_pka): Remove. * g10/mainproc.c (get_pka_address): Remove. (pka_uri_from_sig): Remove. (check_sig_and_print): Remove code for PKA. -- PKA (Public Key Association) was a DNS based key discovery method which looked up fingerprint by mail addresses in the DNS. This goes back to the conference where DKIM was suggested to show that we already had a better method for this available with PGP/MIME. PKA was was later superseded by an experimental DANE method and is today not anymore relevant. It is anyway doubtful whether PKA was ever widely used. Signed-off-by: Werner Koch --- NEWS | 7 +++ doc/gpg.texi | 39 ++----------- g10/call-dirmngr.c | 66 ---------------------- g10/call-dirmngr.h | 3 - g10/export.c | 66 +++++++--------------- g10/free-packet.c | 20 ------- g10/getkey.c | 7 +-- g10/gpg.c | 14 +---- g10/gpgv.c | 24 -------- g10/keyserver-internal.h | 2 - g10/keyserver.c | 35 ------------ g10/mainproc.c | 117 --------------------------------------- g10/options.h | 4 -- g10/packet.h | 16 ------ g10/parse-packet.c | 4 +- g10/pkclist.c | 51 ----------------- g10/test-stubs.c | 24 -------- 17 files changed, 35 insertions(+), 464 deletions(-) diff --git a/NEWS b/NEWS index cab323ac9..22f1fd053 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,12 @@ Noteworthy changes in version 2.3.0 (unreleased) ------------------------------------------------ + * The legacy key discovory method PKA is no longer supported. The + command --print-pka-records and the PKA related import and export + options have been removed. + + + Changes also found in 2.2.21: * gpg: Add option --no-include-key-block. [#4856] @@ -742,6 +748,7 @@ Noteworthy changes in version 2.3.0 (unreleased) certificates are configured. If build with GNUTLS, this was already the case. + Release-info: https://dev.gnupg.org/T4702 See-also: gnupg-announce/2017q3/000415.html Release dates of 2.2.x versions: diff --git a/doc/gpg.texi b/doc/gpg.texi index 23b0d9c19..d44a9a211 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -1434,18 +1434,6 @@ the opposite meaning. The options are: all the AKA lines as well as photo Ids are not shown with the signature verification status. - @item pka-lookups - @opindex verify-options:pka-lookups - Enable PKA lookups to verify sender addresses. Note that PKA is based - on DNS, and so enabling this option may disclose information on when - and what signatures are verified or to whom data is encrypted. This - is similar to the "web bug" described for the @option{--auto-key-retrieve} - option. - - @item pka-trust-increase - @opindex verify-options:pka-trust-increase - Raise the trust in a signature to full if the signature passes PKA - validation. This option is only meaningful if pka-lookups is set. @end table @item --enable-large-rsa @@ -1810,9 +1798,6 @@ list. The default is "local,wkd". @item cert Locate a key using DNS CERT, as specified in RFC-4398. - @item pka - Locate a key using DNS PKA. - @item dane Locate a key using DANE, as specified in draft-ietf-dane-openpgpkey-05.txt. @@ -1896,10 +1881,7 @@ preferred keyserver for data signatures. disabled by removing WKD from the auto-key-locate list or by using the option @option{--disable-signer-uid}. -4. If the option @option{honor-pka-record} is active, the legacy PKA -method is used. - -5. If any keyserver is configured and the Issuer Fingerprint is part +4. If any keyserver is configured and the Issuer Fingerprint is part of the signature (since GnuPG 2.1.16), the configured keyservers are tried. @@ -1980,11 +1962,6 @@ are available for all keyserver types, some common options are: "web bug": The creator of the key can see when the keys is refreshed. Thus this option is not enabled by default. - @item honor-pka-record - If @option{--auto-key-retrieve} is used, and the signature being - verified has a PKA record, then use the PKA information to fetch - the key. Defaults to "yes". - @item include-subkeys When receiving a key, include subkeys as potential targets. Note that this option is not used with HKP keyservers, as they do not support @@ -2002,8 +1979,7 @@ are available for all keyserver types, some common options are: @end table The default list of options is: "self-sigs-only, import-clean, -repair-keys, repair-pks-subkey-bug, export-attributes, -honor-pka-record". +repair-keys, repair-pks-subkey-bug, export-attributes". @item --completes-needed @var{n} @@ -2434,9 +2410,9 @@ opposite meaning. The options are: @item import-export Run the entire import code but instead of storing the key to the - local keyring write it to the output. The export options - @option{export-pka} and @option{export-dane} affect the output. This - option can be used to remove all invalid parts from a key without the + local keyring write it to the output. The export option + @option{export-dane} affect the output. This option can for example + be used to remove all invalid parts from a key without the need to store it. @item merge-only @@ -2634,11 +2610,6 @@ opposite meaning. The options are: running the @option{--edit-key} command "minimize" before export except that the local copy of the key is not modified. Defaults to no. - @item export-pka - Instead of outputting the key material output PKA records suitable - to put into DNS zone files. An ORIGIN line is printed before each - record to allow diverting the records to the corresponding zone file. - @item export-dane Instead of outputting the key material output OpenPGP DANE records suitable to put into DNS zone files. An ORIGIN line is printed before diff --git a/g10/call-dirmngr.c b/g10/call-dirmngr.c index 17f5fdcf3..21edab639 100644 --- a/g10/call-dirmngr.c +++ b/g10/call-dirmngr.c @@ -1249,72 +1249,6 @@ gpg_dirmngr_dns_cert (ctrl_t ctrl, const char *name, const char *certtype, } -/* Ask the dirmngr for PKA info. On success the retrieved fingerprint - is returned in a malloced buffer at R_FPR and its length is stored - at R_FPRLEN. If an URL is available it is stored as a malloced - string at R_URL. On error all return values are set to NULL/0. */ -gpg_error_t -gpg_dirmngr_get_pka (ctrl_t ctrl, const char *userid, - unsigned char **r_fpr, size_t *r_fprlen, - char **r_url) -{ - gpg_error_t err; - assuan_context_t ctx; - struct dns_cert_parm_s parm; - char *line = NULL; - - memset (&parm, 0, sizeof parm); - if (r_fpr) - *r_fpr = NULL; - if (r_fprlen) - *r_fprlen = 0; - if (r_url) - *r_url = NULL; - - err = open_context (ctrl, &ctx); - if (err) - return err; - - line = es_bsprintf ("DNS_CERT --pka -- %s", userid); - if (!line) - { - err = gpg_error_from_syserror (); - goto leave; - } - if (strlen (line) + 2 >= ASSUAN_LINELENGTH) - { - err = gpg_error (GPG_ERR_TOO_LARGE); - goto leave; - } - - err = assuan_transact (ctx, line, dns_cert_data_cb, &parm, - NULL, NULL, dns_cert_status_cb, &parm); - if (err) - goto leave; - - if (r_fpr && parm.fpr) - { - *r_fpr = parm.fpr; - parm.fpr = NULL; - } - if (r_fprlen) - *r_fprlen = parm.fprlen; - - if (r_url && parm.url) - { - *r_url = parm.url; - parm.url = NULL; - } - - leave: - xfree (parm.fpr); - xfree (parm.url); - xfree (line); - close_context (ctrl, ctx); - return err; -} - - /* Ask the dirmngr to retrieve a key via the Web Key Directory * protocol. If QUICK is set the dirmngr is advised to use a shorter diff --git a/g10/call-dirmngr.h b/g10/call-dirmngr.h index 285c4cb4d..8679777c2 100644 --- a/g10/call-dirmngr.h +++ b/g10/call-dirmngr.h @@ -37,9 +37,6 @@ gpg_error_t gpg_dirmngr_dns_cert (ctrl_t ctrl, estream_t *r_key, unsigned char **r_fpr, size_t *r_fprlen, char **r_url); -gpg_error_t gpg_dirmngr_get_pka (ctrl_t ctrl, const char *userid, - unsigned char **r_fpr, size_t *r_fprlen, - char **r_url); gpg_error_t gpg_dirmngr_wkd_get (ctrl_t ctrl, const char *name, int quick, estream_t *r_key, char **r_url); diff --git a/g10/export.c b/g10/export.c index 396bc2780..d24fd16a4 100644 --- a/g10/export.c +++ b/g10/export.c @@ -93,10 +93,9 @@ static int do_export_stream (ctrl_t ctrl, iobuf_t out, strlist_t users, int secret, kbnode_t *keyblock_out, unsigned int options, export_stats_t stats, int *any); -static gpg_error_t print_pka_or_dane_records +static gpg_error_t print_dane_records /**/ (iobuf_t out, kbnode_t keyblock, PKT_public_key *pk, - const void *data, size_t datalen, - int print_pka, int print_dane); + const void *data, size_t datalen); static void @@ -127,7 +126,6 @@ parse_export_options(char *str,unsigned int *options,int noisy) {"export-minimal",EXPORT_MINIMAL|EXPORT_CLEAN,NULL, N_("remove as much as possible from key during export")}, - {"export-pka", EXPORT_PKA_FORMAT, NULL, NULL }, {"export-dane", EXPORT_DANE_FORMAT, NULL, NULL }, {"backup", EXPORT_BACKUP, NULL, @@ -157,7 +155,7 @@ parse_export_options(char *str,unsigned int *options,int noisy) *options |= (EXPORT_LOCAL_SIGS | EXPORT_ATTRIBUTES | EXPORT_SENSITIVE_REVKEYS); *options &= ~(EXPORT_CLEAN | EXPORT_MINIMAL - | EXPORT_PKA_FORMAT | EXPORT_DANE_FORMAT); + | EXPORT_DANE_FORMAT); } return rc; @@ -413,7 +411,7 @@ do_export (ctrl_t ctrl, strlist_t users, int secret, unsigned int options, if (rc) return rc; - if ( opt.armor && !(options & (EXPORT_PKA_FORMAT|EXPORT_DANE_FORMAT)) ) + if ( opt.armor && !(options & EXPORT_DANE_FORMAT) ) { afx = new_armor_context (); afx->what = secret? 5 : 1; @@ -1334,7 +1332,7 @@ write_keyblock_to_output (kbnode_t keyblock, int with_armor, if (opt.verbose) log_info (_("writing to '%s'\n"), iobuf_get_fname_nonnull (out)); - if ((options & (EXPORT_PKA_FORMAT|EXPORT_DANE_FORMAT))) + if ((options & EXPORT_DANE_FORMAT)) { with_armor = 0; out_help = iobuf_temp (); @@ -1371,7 +1369,7 @@ write_keyblock_to_output (kbnode_t keyblock, int with_armor, } err = 0; - if (out_help && pk) + if (out_help && pk && (options & EXPORT_DANE_FORMAT)) { const void *data; size_t datalen; @@ -1380,10 +1378,7 @@ write_keyblock_to_output (kbnode_t keyblock, int with_armor, data = iobuf_get_temp_buffer (out_help); datalen = iobuf_get_temp_length (out_help); - err = print_pka_or_dane_records (out, - keyblock, pk, data, datalen, - (options & EXPORT_PKA_FORMAT), - (options & EXPORT_DANE_FORMAT)); + err = print_dane_records (out, keyblock, pk, data, datalen); } leave: @@ -1474,13 +1469,12 @@ apply_drop_subkey_filter (ctrl_t ctrl, kbnode_t keyblock, } -/* Print DANE or PKA records for all user IDs in KEYBLOCK to OUT. The - * data for the record is taken from (DATA,DATELEN). PK is the public - * key packet with the primary key. */ +/* Print DANErecords for all user IDs in KEYBLOCK to OUT. The data + * for the record is taken from (DATA,DATELEN). PK is the public key + * packet with the primary key. */ static gpg_error_t -print_pka_or_dane_records (iobuf_t out, kbnode_t keyblock, PKT_public_key *pk, - const void *data, size_t datalen, - int print_pka, int print_dane) +print_dane_records (iobuf_t out, kbnode_t keyblock, PKT_public_key *pk, + const void *data, size_t datalen) { gpg_error_t err = 0; kbnode_t kbctx, node; @@ -1532,25 +1526,7 @@ print_pka_or_dane_records (iobuf_t out, kbnode_t keyblock, PKT_public_key *pk, domain = strchr (mbox, '@'); *domain++ = 0; - if (print_pka) - { - es_fprintf (fp, "$ORIGIN _pka.%s.\n; %s\n; ", domain, hexfpr); - print_utf8_buffer (fp, uid->name, uid->len); - es_putc ('\n', fp); - gcry_md_hash_buffer (GCRY_MD_SHA1, hashbuf, mbox, strlen (mbox)); - xfree (hash); - hash = zb32_encode (hashbuf, 8*20); - if (!hash) - { - err = gpg_error_from_syserror (); - goto leave; - } - len = strlen (hexfpr)/2; - es_fprintf (fp, "%s TYPE37 \\# %u 0006 0000 00 %02X %s\n\n", - hash, 6 + len, len, hexfpr); - } - - if (print_dane && hexdata) + if (1) { es_fprintf (fp, "$ORIGIN _openpgpkey.%s.\n; %s\n; ", domain, hexfpr); print_utf8_buffer (fp, uid->name, uid->len); @@ -1930,13 +1906,12 @@ do_export_stream (ctrl_t ctrl, iobuf_t out, strlist_t users, int secret, if (!kdbhd) return gpg_error_from_syserror (); - /* For the PKA and DANE format open a helper iobuf and for DANE + /* For the DANE format open a helper iobuf and * enforce some options. */ - if ((options & (EXPORT_PKA_FORMAT | EXPORT_DANE_FORMAT))) + if ((options & EXPORT_DANE_FORMAT)) { out_help = iobuf_temp (); - if ((options & EXPORT_DANE_FORMAT)) - options |= EXPORT_MINIMAL | EXPORT_CLEAN; + options |= EXPORT_MINIMAL | EXPORT_CLEAN; } if (!users) @@ -2110,9 +2085,9 @@ do_export_stream (ctrl_t ctrl, iobuf_t out, strlist_t users, int secret, break; } - if (out_help) + if (out_help && (options & EXPORT_DANE_FORMAT)) { - /* We want to write PKA or DANE records. OUT_HELP has the + /* We want to write DANE records. OUT_HELP has the * keyblock and we print a record for each uid to OUT. */ const void *data; size_t datalen; @@ -2121,10 +2096,7 @@ do_export_stream (ctrl_t ctrl, iobuf_t out, strlist_t users, int secret, data = iobuf_get_temp_buffer (out_help); datalen = iobuf_get_temp_length (out_help); - err = print_pka_or_dane_records (out, - keyblock, pk, data, datalen, - (options & EXPORT_PKA_FORMAT), - (options & EXPORT_DANE_FORMAT)); + err = print_dane_records (out, keyblock, pk, data, datalen); if (err) goto leave; diff --git a/g10/free-packet.c b/g10/free-packet.c index 6bc534656..6d7b34961 100644 --- a/g10/free-packet.c +++ b/g10/free-packet.c @@ -104,11 +104,6 @@ free_seckey_enc( PKT_signature *sig ) xfree(sig->hashed); xfree(sig->unhashed); - if (sig->pka_info) - { - xfree (sig->pka_info->uri); - xfree (sig->pka_info); - } xfree (sig->signers_uid); xfree(sig); @@ -262,20 +257,6 @@ copy_public_key (PKT_public_key *d, PKT_public_key *s) -static pka_info_t * -cp_pka_info (const pka_info_t *s) -{ - pka_info_t *d = xmalloc (sizeof *s + strlen (s->email)); - - d->valid = s->valid; - d->checked = s->checked; - d->uri = s->uri? xstrdup (s->uri):NULL; - memcpy (d->fpr, s->fpr, sizeof s->fpr); - strcpy (d->email, s->email); - return d; -} - - PKT_signature * copy_signature( PKT_signature *d, PKT_signature *s ) { @@ -291,7 +272,6 @@ copy_signature( PKT_signature *d, PKT_signature *s ) for(i=0; i < n; i++ ) d->data[i] = my_mpi_copy( s->data[i] ); } - d->pka_info = s->pka_info? cp_pka_info (s->pka_info) : NULL; d->hashed = cp_subpktarea (s->hashed); d->unhashed = cp_subpktarea (s->unhashed); if (s->signers_uid) diff --git a/g10/getkey.c b/g10/getkey.c index 85c7d3fdd..d4c991f85 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -1080,10 +1080,7 @@ get_pubkey_byname (ctrl_t ctrl, enum get_pubkey_modes mode, break; case AKL_PKA: - mechanism_string = "PKA"; - glo_ctrl.in_auto_key_retrieve++; - rc = keyserver_import_pka (ctrl, name, &fpr, &fpr_len); - glo_ctrl.in_auto_key_retrieve--; + /* This is now obsolete. */ break; case AKL_DANE: @@ -1151,7 +1148,7 @@ get_pubkey_byname (ctrl_t ctrl, enum get_pubkey_modes mode, /* Use the fingerprint of the key that we actually fetched. * This helps prevent problems where the key that we fetched * doesn't have the same name that we used to fetch it. In - * the case of CERT and PKA, this is an actual security + * the case of CERT, this is an actual security * requirement as the URL might point to a key put in by an * attacker. By forcing the use of the fingerprint, we * won't use the attacker's key here. */ diff --git a/g10/gpg.c b/g10/gpg.c index 79732abef..e795f744a 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -421,7 +421,6 @@ enum cmd_and_opt_values oAllowWeakKeySignatures, oFakedSystemTime, oNoAutostart, - oPrintPKARecords, oPrintDANERecords, oTOFUDefaultPolicy, oTOFUDBFormat, @@ -810,7 +809,6 @@ static gpgrt_opt_t opts[] = { ARGPARSE_s_n (oFastListMode, "fast-list-mode", "@"), ARGPARSE_s_n (oFixedListMode, "fixed-list-mode", "@"), ARGPARSE_s_n (oLegacyListMode, "legacy-list-mode", "@"), - ARGPARSE_s_n (oPrintPKARecords, "print-pka-records", "@"), ARGPARSE_s_n (oPrintDANERecords, "print-dane-records", "@"), ARGPARSE_s_s (oKeyidFormat, "keyid-format", "@"), ARGPARSE_s_n (oShowKeyring, "show-keyring", "@"), @@ -2335,7 +2333,6 @@ main (int argc, char **argv) ctrl_t ctrl; static int print_dane_records; - static int print_pka_records; static int allow_large_chunks; static const char *homedirvalue; static const char *changeuser; @@ -2409,7 +2406,7 @@ main (int argc, char **argv) | IMPORT_COLLAPSE_SUBKEYS | IMPORT_CLEAN); opt.keyserver_options.export_options = EXPORT_ATTRIBUTES; - opt.keyserver_options.options = KEYSERVER_HONOR_PKA_RECORD; + opt.keyserver_options.options = 0; opt.verify_options = (LIST_SHOW_UID_VALIDITY | VERIFY_SHOW_POLICY_URLS | VERIFY_SHOW_STD_NOTATIONS @@ -3345,10 +3342,6 @@ main (int argc, char **argv) N_("show revoked and expired user IDs in signature verification")}, {"show-primary-uid-only",VERIFY_SHOW_PRIMARY_UID_ONLY,NULL, N_("show only the primary user ID in signature verification")}, - {"pka-lookups",VERIFY_PKA_LOOKUPS,NULL, - N_("validate signatures with PKA data")}, - {"pka-trust-increase",VERIFY_PKA_TRUST_INCREASE,NULL, - N_("elevate the trust of signatures with valid PKA data")}, {NULL,0,NULL,NULL} }; @@ -3416,7 +3409,6 @@ main (int argc, char **argv) case oFastListMode: opt.fast_list_mode = 1; break; case oFixedListMode: /* Dummy */ break; case oLegacyListMode: opt.legacy_list_mode = 1; break; - case oPrintPKARecords: print_pka_records = 1; break; case oPrintDANERecords: print_dane_records = 1; break; case oListOnly: opt.list_only=1; break; case oIgnoreTimeConflict: opt.ignore_time_conflict = 1; break; @@ -3684,10 +3676,6 @@ main (int argc, char **argv) log_error ("invalid option \"%s\"; use \"%s\" instead\n", "--print-dane-records", "--export-options export-dane"); - if (print_pka_records) - log_error ("invalid option \"%s\"; use \"%s\" instead\n", - "--print-pks-records", - "--export-options export-pka"); if (log_get_errorcount (0)) { write_status_failure ("option-checking", gpg_error(GPG_ERR_GENERAL)); diff --git a/g10/gpgv.c b/g10/gpgv.c index f80458db4..82fbf8fce 100644 --- a/g10/gpgv.c +++ b/g10/gpgv.c @@ -450,14 +450,6 @@ keyserver_import_cert (const char *name) return -1; } -int -keyserver_import_pka (const char *name,unsigned char *fpr) -{ - (void)name; - (void)fpr; - return -1; -} - gpg_error_t keyserver_import_wkd (ctrl_t ctrl, const char *name, int quick, unsigned char **fpr, size_t *fpr_len) @@ -723,22 +715,6 @@ agent_get_keyinfo (ctrl_t ctrl, const char *hexkeygrip, return gpg_error (GPG_ERR_NO_SECKEY); } -gpg_error_t -gpg_dirmngr_get_pka (ctrl_t ctrl, const char *userid, - unsigned char **r_fpr, size_t *r_fprlen, - char **r_url) -{ - (void)ctrl; - (void)userid; - if (r_fpr) - *r_fpr = NULL; - if (r_fprlen) - *r_fprlen = 0; - if (r_url) - *r_url = NULL; - return gpg_error (GPG_ERR_NOT_FOUND); -} - gpg_error_t export_pubkey_buffer (ctrl_t ctrl, const char *keyspec, unsigned int options, const void *prefix, size_t prefixlen, diff --git a/g10/keyserver-internal.h b/g10/keyserver-internal.h index f5f7f3620..6d0e7f4ae 100644 --- a/g10/keyserver-internal.h +++ b/g10/keyserver-internal.h @@ -43,8 +43,6 @@ gpg_error_t keyserver_search (ctrl_t ctrl, strlist_t tokens); int keyserver_fetch (ctrl_t ctrl, strlist_t urilist, int origin); int keyserver_import_cert (ctrl_t ctrl, const char *name, int dane_mode, unsigned char **fpr,size_t *fpr_len); -gpg_error_t keyserver_import_pka (ctrl_t ctrl, const char *name, - unsigned char **fpr,size_t *fpr_len); gpg_error_t keyserver_import_wkd (ctrl_t ctrl, const char *name, int quick, unsigned char **fpr, size_t *fpr_len); int keyserver_import_ntds (ctrl_t ctrl, const char *name, diff --git a/g10/keyserver.c b/g10/keyserver.c index f42bca15c..0b3718050 100644 --- a/g10/keyserver.c +++ b/g10/keyserver.c @@ -99,8 +99,6 @@ static struct parse_options keyserver_opts[]= N_("automatically retrieve keys when verifying signatures")}, {"honor-keyserver-url",KEYSERVER_HONOR_KEYSERVER_URL,NULL, N_("honor the preferred keyserver URL set on the key")}, - {"honor-pka-record",KEYSERVER_HONOR_PKA_RECORD,NULL, - N_("honor the PKA record set on a key when retrieving keys")}, {NULL,0,NULL,NULL} }; @@ -2021,39 +2019,6 @@ keyserver_import_cert (ctrl_t ctrl, const char *name, int dane_mode, return err; } -/* Import key pointed to by a PKA record. Return the requested - fingerprint in fpr. */ -gpg_error_t -keyserver_import_pka (ctrl_t ctrl, const char *name, - unsigned char **fpr, size_t *fpr_len) -{ - gpg_error_t err; - char *url; - - err = gpg_dirmngr_get_pka (ctrl, name, fpr, fpr_len, &url); - if (url && *url && fpr && fpr_len) - { - /* An URL is available. Lookup the key. */ - struct keyserver_spec *spec; - spec = parse_keyserver_uri (url, 1); - if (spec) - { - err = keyserver_import_fprint (ctrl, *fpr, *fpr_len, spec, 0); - free_keyserver_spec (spec); - } - } - xfree (url); - - if (err) - { - xfree(*fpr); - *fpr = NULL; - *fpr_len = 0; - } - - return err; -} - /* Import a key using the Web Key Directory protocol. */ gpg_error_t diff --git a/g10/mainproc.c b/g10/mainproc.c index ca6c24323..a75755ee3 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -1695,83 +1695,6 @@ do_proc_packets (CTX c, iobuf_t a) } -/* Helper for pka_uri_from_sig to parse the to-be-verified address out - of the notation data. */ -static pka_info_t * -get_pka_address (PKT_signature *sig) -{ - pka_info_t *pka = NULL; - struct notation *nd,*notation; - - notation=sig_to_notation(sig); - - for(nd=notation;nd;nd=nd->next) - { - if(strcmp(nd->name,"pka-address@gnupg.org")!=0) - continue; /* Not the notation we want. */ - - /* For now we only use the first valid PKA notation. In future - we might want to keep additional PKA notations in a linked - list. */ - if (is_valid_mailbox (nd->value)) - { - pka = xmalloc (sizeof *pka + strlen(nd->value)); - pka->valid = 0; - pka->checked = 0; - pka->uri = NULL; - strcpy (pka->email, nd->value); - break; - } - } - - free_notation(notation); - - return pka; -} - - -/* Return the URI from a DNS PKA record. If this record has already - be retrieved for the signature we merely return it; if not we go - out and try to get that DNS record. */ -static const char * -pka_uri_from_sig (CTX c, PKT_signature *sig) -{ - if (!sig->flags.pka_tried) - { - log_assert (!sig->pka_info); - sig->flags.pka_tried = 1; - sig->pka_info = get_pka_address (sig); - if (sig->pka_info) - { - char *url; - unsigned char *fpr; - size_t fprlen; - - if (!gpg_dirmngr_get_pka (c->ctrl, sig->pka_info->email, - &fpr, &fprlen, &url)) - { - if (fpr && fprlen == sizeof sig->pka_info->fpr) - { - memcpy (sig->pka_info->fpr, fpr, fprlen); - if (url) - { - sig->pka_info->valid = 1; - if (!*url) - xfree (url); - else - sig->pka_info->uri = url; - url = NULL; - } - } - xfree (fpr); - xfree (url); - } - } - } - return sig->pka_info? sig->pka_info->uri : NULL; -} - - /* Return true if the AKL has the WKD method specified. */ static int akl_has_wkd_method (void) @@ -2138,44 +2061,6 @@ check_sig_and_print (CTX c, kbnode_t node) log_debug ("lookup via %s failed: %s\n", "WKD", gpg_strerror (res)); } - /* If the avove methods didn't work, our next try is to use the URI - * from a DNS PKA record. This is a legacy method which will - * eventually be removed. */ - if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY - && (opt.keyserver_options.options & KEYSERVER_AUTO_KEY_RETRIEVE) - && (opt.keyserver_options.options & KEYSERVER_HONOR_PKA_RECORD)) - { - const char *uri = pka_uri_from_sig (c, sig); - - if (uri) - { - /* FIXME: We might want to locate the key using the - fingerprint instead of the keyid. */ - int res; - struct keyserver_spec *spec; - - spec = parse_keyserver_uri (uri, 1); - if (spec) - { - if (DBG_LOOKUP) - log_debug ("trying auto-key-retrieve method %s\n", "PKA"); - - free_public_key (pk); - pk = NULL; - glo_ctrl.in_auto_key_retrieve++; - res = keyserver_import_keyid (c->ctrl, sig->keyid, spec, 1); - glo_ctrl.in_auto_key_retrieve--; - free_keyserver_spec (spec); - if (!res) - rc = do_check_sig (c, node, extrahash, extrahashlen, NULL, - NULL, &is_expkey, &is_revkey, &pk); - else if (DBG_LOOKUP) - log_debug ("lookup via %s failed: %s\n", "PKA", - gpg_strerror (res)); - } - } - } - /* If the above methods didn't work, our next try is to locate * the key via its fingerprint from a keyserver. This requires * that the signers fingerprint is encoded in the signature. */ @@ -2466,8 +2351,6 @@ check_sig_and_print (CTX c, kbnode_t node) how to resolve a conflict. */ if (!rc) { - if ((opt.verify_options & VERIFY_PKA_LOOKUPS)) - pka_uri_from_sig (c, sig); /* Make sure PKA info is available. */ rc = check_signatures_trust (c->ctrl, keyblock, pk, sig); } diff --git a/g10/options.h b/g10/options.h index 9e4309671..5b0b12fd3 100644 --- a/g10/options.h +++ b/g10/options.h @@ -379,7 +379,6 @@ EXTERN_UNLESS_MAIN_MODULE int memory_stat_debug_mode; #define EXPORT_RESET_SUBKEY_PASSWD (1<<3) #define EXPORT_MINIMAL (1<<4) #define EXPORT_CLEAN (1<<5) -#define EXPORT_PKA_FORMAT (1<<6) #define EXPORT_DANE_FORMAT (1<<7) #define EXPORT_BACKUP (1<<10) @@ -407,8 +406,6 @@ EXTERN_UNLESS_MAIN_MODULE int memory_stat_debug_mode; #define VERIFY_SHOW_KEYSERVER_URLS (1<<4) #define VERIFY_SHOW_UID_VALIDITY (1<<5) #define VERIFY_SHOW_UNUSABLE_UIDS (1<<6) -#define VERIFY_PKA_LOOKUPS (1<<7) -#define VERIFY_PKA_TRUST_INCREASE (1<<8) #define VERIFY_SHOW_PRIMARY_UID_ONLY (1<<9) #define KEYSERVER_HTTP_PROXY (1<<0) @@ -416,7 +413,6 @@ EXTERN_UNLESS_MAIN_MODULE int memory_stat_debug_mode; #define KEYSERVER_ADD_FAKE_V3 (1<<2) #define KEYSERVER_AUTO_KEY_RETRIEVE (1<<3) #define KEYSERVER_HONOR_KEYSERVER_URL (1<<4) -#define KEYSERVER_HONOR_PKA_RECORD (1<<5) #endif /*G10_OPTIONS_H*/ diff --git a/g10/packet.h b/g10/packet.h index eec3050e9..b27beccdd 100644 --- a/g10/packet.h +++ b/g10/packet.h @@ -193,19 +193,6 @@ struct revocation_key { }; -/* Object to keep information about a PKA DNS record. */ -typedef struct -{ - int valid; /* An actual PKA record exists for EMAIL. */ - int checked; /* Set to true if the FPR has been checked against the - actual key. */ - char *uri; /* Malloced string with the URI. NULL if the URI is - not available.*/ - unsigned char fpr[20]; /* The fingerprint as stored in the PKA RR. */ - char email[1];/* The email address from the notation data. */ -} pka_info_t; - - /* A signature packet (RFC 4880, Section 5.2). Only a subset of these fields are directly serialized (these are marked as such); the rest are read from the subpackets, which are not synthesized when @@ -226,7 +213,6 @@ typedef struct unsigned pref_ks:1; /* At least one preferred keyserver is present */ unsigned key_block:1; /* A key block subpacket is present. */ unsigned expired:1; - unsigned pka_tried:1; /* Set if we tried to retrieve the PKA record. */ } flags; /* The key that allegedly generated this signature. (Directly serialized in v3 sigs; for v4 sigs, this must be explicitly added @@ -254,8 +240,6 @@ typedef struct struct revocation_key *revkey; int numrevkeys; int help_counter; /* Used internally bu some functions. */ - pka_info_t *pka_info; /* Malloced PKA data or NULL if not - available. See also flags.pka_tried. */ char *signers_uid; /* Malloced value of the SIGNERS_UID * subpacket or NULL. This string has * already been sanitized. */ diff --git a/g10/parse-packet.c b/g10/parse-packet.c index c3f6b544d..bb05eabb7 100644 --- a/g10/parse-packet.c +++ b/g10/parse-packet.c @@ -268,9 +268,7 @@ register_known_notation (const char *string) { sl = add_to_strlist (&known_notations_list, "preferred-email-encoding@pgp.com"); - sl->flags = 32; - sl = add_to_strlist (&known_notations_list, "pka-address@gnupg.org"); - sl->flags = 21; + sl->flags = 32; /* Length of the string. */ } if (!string) return; /* Only initialized the default known notations. */ diff --git a/g10/pkclist.c b/g10/pkclist.c index 643a0fb03..d53af7223 100644 --- a/g10/pkclist.c +++ b/g10/pkclist.c @@ -710,57 +710,6 @@ check_signatures_trust (ctrl_t ctrl, kbnode_t keyblock, PKT_public_key *pk, if ((trustlevel & TRUST_FLAG_DISABLED)) log_info (_("Note: This key has been disabled.\n")); - /* If we have PKA information adjust the trustlevel. */ - if (sig->pka_info && sig->pka_info->valid && !(uidbased && !targetuid)) - { - unsigned char fpr[MAX_FINGERPRINT_LEN]; - PKT_public_key *primary_pk; - size_t fprlen; - int okay; - - primary_pk = xmalloc_clear (sizeof *primary_pk); - get_pubkey (ctrl, primary_pk, pk->main_keyid); - fingerprint_from_pk (primary_pk, fpr, &fprlen); - free_public_key (primary_pk); - - if ( fprlen == 20 && !memcmp (sig->pka_info->fpr, fpr, 20) ) - { - okay = 1; - write_status_text (STATUS_PKA_TRUST_GOOD, sig->pka_info->email); - log_info (_("Note: Verified signer's address is '%s'\n"), - sig->pka_info->email); - } - else - { - okay = 0; - write_status_text (STATUS_PKA_TRUST_BAD, sig->pka_info->email); - log_info (_("Note: Signer's address '%s' " - "does not match DNS entry\n"), sig->pka_info->email); - } - - switch ( (trustlevel & TRUST_MASK) ) - { - case TRUST_UNKNOWN: - case TRUST_UNDEFINED: - case TRUST_MARGINAL: - if (okay && opt.verify_options&VERIFY_PKA_TRUST_INCREASE) - { - trustlevel = ((trustlevel & ~TRUST_MASK) | TRUST_FULLY); - log_info (_("trustlevel adjusted to FULL" - " due to valid PKA info\n")); - } - /* fall through */ - case TRUST_FULLY: - if (!okay) - { - trustlevel = ((trustlevel & ~TRUST_MASK) | TRUST_NEVER); - log_info (_("trustlevel adjusted to NEVER" - " due to bad PKA info\n")); - } - break; - } - } - /* Now let the user know what up with the trustlevel. */ switch ( (trustlevel & TRUST_MASK) ) { diff --git a/g10/test-stubs.c b/g10/test-stubs.c index f7b6a22ad..913d49890 100644 --- a/g10/test-stubs.c +++ b/g10/test-stubs.c @@ -208,14 +208,6 @@ keyserver_import_cert (const char *name) return -1; } -int -keyserver_import_pka (const char *name,unsigned char *fpr) -{ - (void)name; - (void)fpr; - return -1; -} - gpg_error_t keyserver_import_wkd (ctrl_t ctrl, const char *name, int quick, unsigned char **fpr, size_t *fpr_len) @@ -480,22 +472,6 @@ agent_get_keyinfo (ctrl_t ctrl, const char *hexkeygrip, return gpg_error (GPG_ERR_NO_SECKEY); } -gpg_error_t -gpg_dirmngr_get_pka (ctrl_t ctrl, const char *userid, - unsigned char **r_fpr, size_t *r_fprlen, - char **r_url) -{ - (void)ctrl; - (void)userid; - if (r_fpr) - *r_fpr = NULL; - if (r_fprlen) - *r_fprlen = 0; - if (r_url) - *r_url = NULL; - return gpg_error (GPG_ERR_NOT_FOUND); -} - gpg_error_t export_pubkey_buffer (ctrl_t ctrl, const char *keyspec, unsigned int options, const void *prefix, size_t prefixlen,