security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-03 22:56:33 +02:00
Code Activity

Unification of the search descriptor usage.

Browse source
This commit is contained in:
Werner Koch 2009-12-08 16:30:33 +00:00
parent bb861ac730
commit 9a96043be4
32 changed files with 501 additions and 599 deletions
Download patch file Download diff file Expand all files Collapse all files

20
g10/ChangeLog
View file

@ -1,3 +1,23 @@
2009-12-08 Werner Koch <wk@g10code.com>
* keyring.h: Include userids.h.
* gpg.h (KEYDB_SEARCH_DESC): Remove.
* packet.h: Include userids.h.
(PKT_user_id): Declare using gpg_pkt_user_id_s.
* keydb.h (KeydbSearchMode, struct keydb_search_desc): Remove. We
now use those in ../kbx.
* getkey.c (classify_user_id): Remove. It is now in common/.
(key_byname): Adjust for changed classify_user_id.
* delkey.c (do_delete_key): Ditto.
* trustdb.c (register_trusted_key): Ditto.
* revoke.c (gen_desig_revoke, gen_revoke): Ditto.
* keyserver.c (parse_keyrec, keyserver_export, keyserver_import)
(keyidlist): Ditto.
* export.c (do_export_stream): Ditto.
* pkclist.c (find_and_check_key): Replace GPG_ERR_INV_NAME by
GPG_ERR_INV_USER_ID.
2009-12-04 Werner Koch <wk@g10code.com>
* keygen.c (DEFAULT_STD_ALGO, DEFAULT_STD_KEYSIZE): New.

7
g10/delkey.c
View file

@ -63,12 +63,13 @@ do_delete_key( const char *username, int secret, int force, int *r_sec_avail )
*r_sec_avail = 0;
/* search the userid */
classify_user_id (username, &desc);
/* Search the userid */
rc = classify_user_id (username, &desc);
exactmatch = (desc.mode == KEYDB_SEARCH_MODE_FPR
|| desc.mode == KEYDB_SEARCH_MODE_FPR16
|| desc.mode == KEYDB_SEARCH_MODE_FPR20);
rc = desc.mode? keydb_search (hd, &desc, 1):G10ERR_INV_USER_ID;
if (!rc)
rc = keydb_search (hd, &desc, 1);
if (rc) {
log_error (_("key \"%s\" not found: %s\n"), username, g10_errstr (rc));
write_status_text( STATUS_DELETE_PROBLEM, "1" );

5
g10/export.c
View file

@ -293,6 +293,7 @@ do_export_stream( IOBUF out, strlist_t users, int secret,
KBNODE *keyblock_out, unsigned int options, int *any )
{
int rc = 0;
gpg_error_t err;
PACKET pkt;
KBNODE keyblock = NULL;
KBNODE kbctx, node;
@ -318,11 +319,11 @@ do_export_stream( IOBUF out, strlist_t users, int secret,
desc = xmalloc ( ndesc * sizeof *desc);
for (ndesc=0, sl=users; sl; sl = sl->next) {
if (classify_user_id (sl->d, desc+ndesc))
if (!(err=classify_user_id (sl->d, desc+ndesc)))
ndesc++;
else
log_error (_("key \"%s\" not found: %s\n"),
sl->d, g10_errstr (G10ERR_INV_USER_ID));
sl->d, gpg_strerror (err));
}
/* It would be nice to see which of the given users did

230
g10/getkey.c
View file

@ -536,228 +536,6 @@ seckey_available( u32 *keyid )
}
/****************
* Return the type of the user id:
*
* Please use the constants KEYDB_SERCH_MODE_xxx
* 0 = Invalid user ID
* 1 = exact match
* 2 = match a substring
* 3 = match an email address
* 4 = match a substring of an email address
* 5 = match an email address, but compare from end
* 6 = word match mode
* 10 = it is a short KEYID (don't care about keyid[0])
* 11 = it is a long KEYID
* 12 = it is a trustdb index (keyid is looked up)
* 16 = it is a 16 byte fingerprint
* 20 = it is a 20 byte fingerprint
* 21 = Unified fingerprint :fpr:pk_algo:
* (We don't use pk_algo yet)
*
* Rules used:
* - If the username starts with 8,9,16 or 17 hex-digits (the first one
* must be in the range 0..9), this is considered a keyid; depending
* on the length a short or complete one.
* - If the username starts with 32,33,40 or 41 hex-digits (the first one
* must be in the range 0..9), this is considered a fingerprint.
* - If the username starts with a left angle, we assume it is a complete
* email address and look only at this part.
* - If the username starts with a colon we assume it is a unified
* key specfification.
* - If the username starts with a '.', we assume it is the ending
* part of an email address
* - If the username starts with an '@', we assume it is a part of an
* email address
* - If the userid start with an '=' an exact compare is done.
* - If the userid starts with a '*' a case insensitive substring search is
* done (This is the default).
* - If the userid starts with a '+' we will compare individual words
* and a match requires that all the words are in the userid.
* Words are delimited by white space or "()<>[]{}.@-+_,;/&!"
* (note that you can't search for these characters). Compare
* is not case sensitive.
* - If the userid starts with a '&' a 40 hex digits keygrip is expected.
*/
int
classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc )
{
const char *s;
int hexprefix = 0;
int hexlength;
int mode = 0;
KEYDB_SEARCH_DESC dummy_desc;
if (!desc)
desc = &dummy_desc;
/* clear the structure so that the mode field is set to zero unless
* we set it to the correct value right at the end of this function */
memset (desc, 0, sizeof *desc);
/* skip leading spaces. Fixme: what is with trailing spaces? */
for(s = name; *s && spacep (s); s++ )
;
switch (*s) {
case 0: /* empty string is an error */
return 0;
#if 0
case '.': /* an email address, compare from end */
mode = KEYDB_SEARCH_MODE_MAILEND;
s++;
desc->u.name = s;
break;
#endif
case '<': /* an email address */
mode = KEYDB_SEARCH_MODE_MAIL;
desc->u.name = s;
break;
case '@': /* part of an email address */
mode = KEYDB_SEARCH_MODE_MAILSUB;
s++;
desc->u.name = s;
break;
case '=': /* exact compare */
mode = KEYDB_SEARCH_MODE_EXACT;
s++;
desc->u.name = s;
break;
case '*': /* case insensitive substring search */
mode = KEYDB_SEARCH_MODE_SUBSTR;
s++;
desc->u.name = s;
break;
#if 0
case '+': /* compare individual words */
mode = KEYDB_SEARCH_MODE_WORDS;
s++;
desc->u.name = s;
break;
#endif
case '#': /* local user id */
return 0; /* This is now obsolete and can't not be used anymore*/
case ':': /*Unified fingerprint */
{
const char *se, *si;
int i;
se = strchr( ++s,':');
if ( !se )
return 0;
for (i=0,si=s; si < se; si++, i++ ) {
if ( !strchr("01234567890abcdefABCDEF", *si ) )
return 0; /* invalid digit */
}
if (i != 32 && i != 40)
return 0; /* invalid length of fpr*/
for (i=0,si=s; si < se; i++, si +=2)
desc->u.fpr[i] = hextobyte(si);
for ( ; i < 20; i++)
desc->u.fpr[i]= 0;
s = se + 1;
mode = KEYDB_SEARCH_MODE_FPR;
}
break;
case '&': /* keygrip */
return 0; /* Not yet implememted. */
default:
if (s[0] == '0' && s[1] == 'x') {
hexprefix = 1;
s += 2;
}
hexlength = strspn(s, "0123456789abcdefABCDEF");
if (hexlength >= 8 && s[hexlength] =='!') {
desc->exact = 1;
hexlength++; /* just for the following check */
}
/* check if a hexadecimal number is terminated by EOS or blank */
if (hexlength && s[hexlength] && !spacep(s+hexlength)) {
if (hexprefix) /* a "0x" prefix without correct */
return 0; /* termination is an error */
else /* The first chars looked like */
hexlength = 0; /* a hex number, but really were not. */
}
if (desc->exact)
hexlength--;
if (hexlength == 8
|| (!hexprefix && hexlength == 9 && *s == '0')){
/* short keyid */
if (hexlength == 9)
s++;
desc->u.kid[0] = 0;
desc->u.kid[1] = strtoul( s, NULL, 16 );
mode = KEYDB_SEARCH_MODE_SHORT_KID;
}
else if (hexlength == 16
|| (!hexprefix && hexlength == 17 && *s == '0')) {
/* complete keyid */
char buf[9];
if (hexlength == 17)
s++;
mem2str(buf, s, 9 );
desc->u.kid[0] = strtoul( buf, NULL, 16 );
desc->u.kid[1] = strtoul( s+8, NULL, 16 );
mode = KEYDB_SEARCH_MODE_LONG_KID;
}
else if (hexlength == 32 || (!hexprefix && hexlength == 33
&& *s == '0')) {
/* md5 fingerprint */
int i;
if (hexlength == 33)
s++;
memset(desc->u.fpr+16, 0, 4);
for (i=0; i < 16; i++, s+=2) {
int c = hextobyte(s);
if (c == -1)
return 0;
desc->u.fpr[i] = c;
}
mode = KEYDB_SEARCH_MODE_FPR16;
}
else if (hexlength == 40 || (!hexprefix && hexlength == 41
&& *s == '0')) {
/* sha1/rmd160 fingerprint */
int i;
if (hexlength == 41)
s++;
for (i=0; i < 20; i++, s+=2) {
int c = hextobyte(s);
if (c == -1)
return 0;
desc->u.fpr[i] = c;
}
mode = KEYDB_SEARCH_MODE_FPR20;
}
else {
if (hexprefix) /* This was a hex number with a prefix */
return 0; /* and a wrong length */
desc->exact = 0;
desc->u.name = s;
mode = KEYDB_SEARCH_MODE_SUBSTR; /* default mode */
}
}
desc->mode = mode;
return mode;
}
static int
skip_unusable (void *dummy, u32 *keyid, PKT_user_id *uid)
@ -851,14 +629,16 @@ key_byname( GETKEY_CTX *retctx, strlist_t namelist,
for(n=0, r=namelist; r; r = r->next, n++ )
{
classify_user_id (r->d, &ctx->items[n]);
gpg_error_t err;
err = classify_user_id (r->d, &ctx->items[n]);
if (ctx->items[n].exact)
ctx->exact = 1;
if (!ctx->items[n].mode)
if (err)
{
xfree (ctx);
return G10ERR_INV_USER_ID;
return gpg_err_code (err); /* FIXME: remove gpg_err_code. */
}
if(!include_unusable
&& ctx->items[n].mode!=KEYDB_SEARCH_MODE_SHORT_KID

3
g10/gpg.h
View file

@ -50,9 +50,6 @@ struct server_local_s;
/* Object used to describe a keyblok node. */
typedef struct kbnode_struct *KBNODE;
/* Object used for looking ob keys. */
typedef struct keydb_search_desc KEYDB_SEARCH_DESC;
/* Session control object. This object is passed to most functions to

30
g10/keydb.h
View file

@ -115,35 +115,6 @@ struct pubkey_find_info {
typedef struct keydb_handle *KEYDB_HANDLE;
typedef enum {
KEYDB_SEARCH_MODE_NONE,
KEYDB_SEARCH_MODE_EXACT,
KEYDB_SEARCH_MODE_SUBSTR,
KEYDB_SEARCH_MODE_MAIL,
KEYDB_SEARCH_MODE_MAILSUB,
KEYDB_SEARCH_MODE_MAILEND,
KEYDB_SEARCH_MODE_WORDS,
KEYDB_SEARCH_MODE_SHORT_KID,
KEYDB_SEARCH_MODE_LONG_KID,
KEYDB_SEARCH_MODE_FPR16,
KEYDB_SEARCH_MODE_FPR20,
KEYDB_SEARCH_MODE_FPR,
KEYDB_SEARCH_MODE_FIRST,
KEYDB_SEARCH_MODE_NEXT
} KeydbSearchMode;
struct keydb_search_desc {
KeydbSearchMode mode;
int (*skipfnc)(void *,u32*,PKT_user_id*);
void *skipfncvalue;
union {
const char *name;
byte fpr[MAX_FINGERPRINT_LEN];
u32 kid[2];
} u;
int exact;
};
/* Helper type for preference fucntions. */
union pref_hint
@ -221,7 +192,6 @@ char *get_last_passphrase(void);
void next_to_last_passphrase(void);
/*-- getkey.c --*/
int classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc);
void cache_public_key( PKT_public_key *pk );
void getkey_disable_caches(void);
int get_pubkey( PKT_public_key *pk, u32 *keyid );

1
g10/keyring.h
View file

@ -20,6 +20,7 @@
#ifndef GPG_KEYRING_H
#define GPG_KEYRING_H 1
#include "../common/userids.h"
typedef struct keyring_handle *KEYRING_HANDLE;

41
g10/keyserver.c
View file

@ -46,6 +46,7 @@
#include "srv.h"
#endif
#ifdef HAVE_W32_SYSTEM
/* It seems Vista doesn't grok X_OK and so fails access() tests.
Previous versions interpreted X_OK as F_OK anyway, so we'll just
@ -595,6 +596,7 @@ parse_keyrec(char *keystring)
if(ascii_strcasecmp("pub",record)==0)
{
char *tok;
gpg_error_t err;
if(work->desc.mode)
{
@ -606,11 +608,11 @@ parse_keyrec(char *keystring)
if((tok=strsep(&keystring,":"))==NULL)
return ret;
classify_user_id(tok,&work->desc);
if(work->desc.mode!=KEYDB_SEARCH_MODE_SHORT_KID
&& work->desc.mode!=KEYDB_SEARCH_MODE_LONG_KID
&& work->desc.mode!=KEYDB_SEARCH_MODE_FPR16
&& work->desc.mode!=KEYDB_SEARCH_MODE_FPR20)
err = classify_user_id (tok, &work->desc);
if (err || (work->desc.mode != KEYDB_SEARCH_MODE_SHORT_KID
&& work->desc.mode != KEYDB_SEARCH_MODE_LONG_KID
&& work->desc.mode != KEYDB_SEARCH_MODE_FPR16
&& work->desc.mode != KEYDB_SEARCH_MODE_FPR20))
{
work->desc.mode=KEYDB_SEARCH_MODE_NONE;
return ret;
@ -1598,6 +1600,7 @@ keyserver_work(enum ks_action action,strlist_t list,KEYDB_SEARCH_DESC *desc,
int
keyserver_export(strlist_t users)
{
gpg_error_t err;
strlist_t sl=NULL;
KEYDB_SEARCH_DESC desc;
int rc=0;
@ -1605,11 +1608,11 @@ keyserver_export(strlist_t users)
/* Weed out descriptors that we don't support sending */
for(;users;users=users->next)
{
classify_user_id (users->d, &desc);
if(desc.mode!=KEYDB_SEARCH_MODE_SHORT_KID &&
desc.mode!=KEYDB_SEARCH_MODE_LONG_KID &&
desc.mode!=KEYDB_SEARCH_MODE_FPR16 &&
desc.mode!=KEYDB_SEARCH_MODE_FPR20)
err = classify_user_id (users->d, &desc);
if (err || (desc.mode != KEYDB_SEARCH_MODE_SHORT_KID
&& desc.mode != KEYDB_SEARCH_MODE_LONG_KID
&& desc.mode != KEYDB_SEARCH_MODE_FPR16
&& desc.mode != KEYDB_SEARCH_MODE_FPR20))
{
log_error(_("\"%s\" not a key ID: skipping\n"),users->d);
continue;
@ -1630,6 +1633,7 @@ keyserver_export(strlist_t users)
int
keyserver_import(strlist_t users)
{
gpg_error_t err;
KEYDB_SEARCH_DESC *desc;
int num=100,count=0;
int rc=0;
@ -1639,13 +1643,13 @@ keyserver_import(strlist_t users)
for(;users;users=users->next)
{
classify_user_id (users->d, &desc[count]);
if(desc[count].mode!=KEYDB_SEARCH_MODE_SHORT_KID &&
desc[count].mode!=KEYDB_SEARCH_MODE_LONG_KID &&
desc[count].mode!=KEYDB_SEARCH_MODE_FPR16 &&
desc[count].mode!=KEYDB_SEARCH_MODE_FPR20)
err = classify_user_id (users->d, &desc[count]);
if (err || (desc[count].mode != KEYDB_SEARCH_MODE_SHORT_KID
&& desc[count].mode != KEYDB_SEARCH_MODE_LONG_KID
&& desc[count].mode != KEYDB_SEARCH_MODE_FPR16
&& desc[count].mode != KEYDB_SEARCH_MODE_FPR20))
{
log_error(_("\"%s\" not a key ID: skipping\n"),users->d);
log_error (_("\"%s\" not a key ID: skipping\n"), users->d);
continue;
}
@ -1731,11 +1735,12 @@ keyidlist(strlist_t users,KEYDB_SEARCH_DESC **klist,int *count,int fakev3)
for (ndesc=0, sl=users; sl; sl = sl->next)
{
if(classify_user_id (sl->d, desc+ndesc))
gpg_error_t err;
if (!(err = classify_user_id (sl->d, desc+ndesc)))
ndesc++;
else
log_error (_("key \"%s\" not found: %s\n"),
sl->d, g10_errstr (G10ERR_INV_USER_ID));
sl->d, gpg_strerror (err));
}
}

18
g10/packet.h
View file

@ -27,6 +27,7 @@
#include "cipher.h"
#include "filter.h"
#include "../common/openpgpdefs.h"
#include "../common/userids.h"
#define DEBUG_PARSE_PACKET 1
@ -151,14 +152,16 @@ typedef struct
#define ATTRIB_IMAGE 1
/* This is the cooked form of attributes */
/* This is the cooked form of attributes. */
struct user_attribute {
byte type;
const byte *data;
u32 len;
};
typedef struct
/* (See also keybox-search-desc.h) */
struct gpg_pkt_user_id_s
{
int ref; /* reference counter */
int len; /* length of the name */
@ -181,12 +184,15 @@ typedef struct
struct
{
/* TODO: Move more flags here */
unsigned mdc:1;
unsigned ks_modify:1;
unsigned compacted:1;
unsigned int mdc:1;
unsigned int ks_modify:1;
unsigned int compacted:1;
} flags;
char name[1];
} PKT_user_id;
};
typedef struct gpg_pkt_user_id_s PKT_user_id;
struct revoke_info
{

2
g10/pkclist.c
View file

@ -787,7 +787,7 @@ find_and_check_key (const char *name, unsigned int use,
int trustlevel;
if (!name || !*name)
return gpg_error (GPG_ERR_INV_NAME);
return gpg_error (GPG_ERR_INV_USER_ID);
pk = xtrycalloc (1, sizeof *pk);
if (!pk)

10
g10/revoke.c
View file

@ -220,8 +220,9 @@ gen_desig_revoke( const char *uname, strlist_t locusr )
afx = new_armor_context ();
kdbhd = keydb_new (0);
classify_user_id (uname, &desc);
rc = desc.mode? keydb_search (kdbhd, &desc, 1) : G10ERR_INV_USER_ID;
rc = classify_user_id (uname, &desc);
if (!rc)
rc = keydb_search (kdbhd, &desc, 1);
if (rc) {
log_error (_("key \"%s\" not found: %s\n"),uname, g10_errstr (rc));
goto leave;
@ -463,8 +464,9 @@ gen_revoke( const char *uname )
* We don't want the whole getkey stuff here but the entire keyblock
*/
kdbhd = keydb_new (1);
classify_user_id (uname, &desc);
rc = desc.mode? keydb_search (kdbhd, &desc, 1) : G10ERR_INV_USER_ID;
rc = classify_user_id (uname, &desc);
if (!rc)
rc = keydb_search (kdbhd, &desc, 1);
if (rc)
{
log_error (_("secret key \"%s\" not found: %s\n"),

4
g10/trustdb.c
View file

@ -214,9 +214,11 @@ register_trusted_keyid(u32 *keyid)
void
register_trusted_key( const char *string )
{
gpg_error_t err;
KEYDB_SEARCH_DESC desc;
if (classify_user_id (string, &desc) != KEYDB_SEARCH_MODE_LONG_KID )
err = classify_user_id (string, &desc);
if (err || desc.mode != KEYDB_SEARCH_MODE_LONG_KID )
{
log_error(_("`%s' is not a valid long keyID\n"), string );
return;