gpg: First working support for keyboxes.

* g10/getkey.c (get_pubkey_fast): Improve the assertion. * kbx/keybox.h: Include iobuf.h. * kbx/keybox-blob.c (keyboxblob_uid): Add field OFF. (KEYBOX_WITH_OPENPGP): Remove use of this macro. (pgp_create_key_part_single): New. (pgp_temp_store_kid): Change to use the keybox-openpgp parser. (pgp_create_key_part): Ditto. (pgp_create_uid_part): Ditto. (pgp_create_sig_part): Ditto. (pgp_create_blob_keyblock): Ditto. (_keybox_create_openpgp_blob): Ditto. * kbx/keybox-search.c (keybox_get_keyblock): New. * kbx/keybox-update.c (keybox_insert_keyblock): New. * g10/keydb.c (parse_keyblock_image): (keydb_get_keyblock): Support keybox. (build_keyblock_image): New. (keydb_insert_keyblock): Support keybox. * kbx/kbxutil.c (import_openpgp, main): Add option --dry-run and print a kbx file to stdout. * kbx/keybox-file.c (_keybox_read_blob2): Allow keyblocks up to 10^6 bytes. -- Import and key listing does now work with the keybox format. It is still quite slow and signature caching is completely missing. Increasing the maximum allowed length for a keyblock was required due to a 700k keyblock which inhibited kbxutil to list the file. kbxutil's option name --import-openpgp is not quite appropriate because it only creates KBX blobs from OpenPGP data.
2025-07-03 22:56:33 +02:00 · 2012-12-28 14:03:16 +01:00 · 2012-12-28 14:03:16 +01:00 · a986383424
commit a986383424
parent f7495f1004
9 changed files with 429 additions and 182 deletions
--- a/kbx/kbxutil.c
+++ b/kbx/kbxutil.c
@ -371,13 +371,14 @@ dump_openpgp_key (keybox_openpgp_info_t info, const unsigned char *image)


 static void
-import_openpgp (const char *filename)
+import_openpgp (const char *filename, int dryrun)
 {
  gpg_error_t err;
  char *buffer;
  size_t buflen, nparsed;
  unsigned char *p;
  struct _keybox_openpgp_info info;
+  KEYBOXBLOB blob;

  buffer = read_file (filename, &buflen);
  if (!buffer)
@ -406,7 +407,30 @@ import_openpgp (const char *filename)
        }
      else
        {
-          dump_openpgp_key (&info, p);
+          if (dryrun)
+            dump_openpgp_key (&info, p);
+          else
+            {
+              err = _keybox_create_openpgp_blob (&blob, &info, p, nparsed, 0);
+              if (err)
+                {
+                  fflush (stdout);
+                  log_error ("%s: failed to create OpenPGP keyblock: %s\n",
+                             filename, gpg_strerror (err));
+                }
+              else
+                {
+                  err = _keybox_write_blob (blob, stdout);
+                  _keybox_release_blob (blob);
+                  if (err)
+                    {
+                      fflush (stdout);
+                      log_error ("%s: failed to write OpenPGP keyblock: %s\n",
+                                 filename, gpg_strerror (err));
+                    }
+                }
+            }
+
          _keybox_destroy_openpgp_info (&info);
        }
      p += nparsed;
@ -424,6 +448,7 @@ main( int argc, char **argv )
  ARGPARSE_ARGS pargs;
  enum cmd_and_opt_values cmd = 0;
  unsigned long from = 0, to = ULONG_MAX;
+  int dry_run = 0;

  set_strusage( my_strusage );
  gcry_control (GCRYCTL_DISABLE_SECMEM);
@ -481,6 +506,8 @@ main( int argc, char **argv )
        case oFrom: from = pargs.r.ret_ulong; break;
        case oTo: to = pargs.r.ret_ulong; break;

+        case oDryRun: dry_run = 1; break;
+
        default:
          pargs.err = 2;
          break;
@ -537,11 +564,11 @@ main( int argc, char **argv )
  else if (cmd == aImportOpenPGP)
    {
      if (!argc)
-        import_openpgp ("-");
+        import_openpgp ("-", dry_run);
      else
        {
          for (; argc; argc--, argv++)
-            import_openpgp (*argv);
+            import_openpgp (*argv, dry_run);
        }
    }
 #if 0