diff --git a/common/openpgpdefs.h b/common/openpgpdefs.h index 73776b368..4dcfc25c4 100644 --- a/common/openpgpdefs.h +++ b/common/openpgpdefs.h @@ -115,7 +115,10 @@ typedef enum SIGSUBPKT_FEATURES = 30, /* Feature flags. */ SIGSUBPKT_SIGNATURE = 32, /* Embedded signature. */ - SIGSUBPKT_ISSUER_FPR = 33, /* EXPERIMENTAL: Issuer fingerprint. */ + SIGSUBPKT_ISSUER_FPR = 33, /* Issuer fingerprint. */ + SIGSUBPKT_PREF_AEAD = 34, /* Preferred AEAD algorithms. */ + + SIGSUBPKT_KEY_BLOCK = 38, /* Entire key used. */ SIGSUBPKT_FLAG_CRITICAL = 128 } diff --git a/doc/gpg.texi b/doc/gpg.texi index 6437948db..83be00e20 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -2664,6 +2664,16 @@ As of now this is only done if the signing key has been specified with information can be helpful for verifier to locate the key; see option @option{--auto-key-retrieve}. +@item --include-key-block +@opindex include-key-block +This option is used to embed the actual signing key into a data +signature. The embedded key is stripped down to a single user id and +includes only the signing subkey used to create the signature as well +as as valid encryption subkeys. All other info is removed from the +key to keep it and thus the signature small. This option is the +OpenPGP counterpart to the @command{gpgsm} option +@option{--include-certs}. + @item --personal-cipher-preferences @var{string} @opindex personal-cipher-preferences Set the list of personal cipher preferences to @var{string}. Use diff --git a/g10/gpg.c b/g10/gpg.c index 55165ec89..085e6780c 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -424,6 +424,7 @@ enum cmd_and_opt_values oRequestOrigin, oNoSymkeyCache, oUseOnlyOpenPGPCard, + oIncludeKeyBlock, oNoop }; @@ -888,6 +889,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_n (oNoAutoKeyLocate, "no-auto-key-locate", "@"), ARGPARSE_s_n (oNoAutostart, "no-autostart", "@"), ARGPARSE_s_n (oNoSymkeyCache, "no-symkey-cache", "@"), + ARGPARSE_s_n (oIncludeKeyBlock, "include-key-block", "@"), /* Options to override new security defaults. */ ARGPARSE_s_n (oAllowWeakKeySignatures, "allow-weak-key-signatures", "@"), @@ -2990,6 +2992,7 @@ main (int argc, char **argv) case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break; case oDisableSignerUID: opt.flags.disable_signer_uid = 1; break; + case oIncludeKeyBlock: opt.flags.include_key_block = 1; break; case oS2KMode: opt.s2k_mode = pargs.r.ret_int; break; case oS2KDigest: s2k_digest_string = xstrdup(pargs.r.ret_str); break; diff --git a/g10/options.h b/g10/options.h index efe7f52d0..cb3d00d59 100644 --- a/g10/options.h +++ b/g10/options.h @@ -232,6 +232,7 @@ struct unsigned int allow_weak_key_signatures:1; unsigned int large_rsa:1; unsigned int disable_signer_uid:1; + unsigned int include_key_block:1; /* Flag to enable experimental features from RFC4880bis. */ unsigned int rfc4880bis:1; /* Hack: --output is not given but OUTFILE was temporary set to "-". */ diff --git a/g10/parse-packet.c b/g10/parse-packet.c index 85d8f33b7..5e8375b98 100644 --- a/g10/parse-packet.c +++ b/g10/parse-packet.c @@ -1548,6 +1548,24 @@ dump_sig_subpkt (int hashed, int type, int critical, buffer[0] == 3 ? buffer[15] : buffer[2], buffer[0] == 3 ? buffer[16] : buffer[3]); break; + + case SIGSUBPKT_KEY_BLOCK: + es_fputs ("key-block: ", listfp); + if (length && buffer[0]) + p = "[unknown reserved octet]"; + else if (length < 50) /* 50 is an arbitrary min. length. */ + p = "[invalid subpacket]"; + else + { + /* estream_t fp; */ + /* fp = es_fopen ("a.key-block", "wb"); */ + /* log_assert (fp); */ + /* es_fwrite ( buffer+1, length-1, 1, fp); */ + /* es_fclose (fp); */ + es_fprintf (listfp, "[%u octets]", (unsigned int)length-1); + } + break; + default: if (type >= 100 && type <= 110) p = "experimental / private subpacket"; @@ -1622,6 +1640,12 @@ parse_one_sig_subpkt (const byte * buffer, size_t n, int type) if (n != 2) break; return 0; + case SIGSUBPKT_KEY_BLOCK: + if (n && buffer[0]) + return -1; /* Unknown version - ignore. */ + if (n < 50) + break; /* Definitely too short to carry a key block. */ + return 0; default: return 0; } @@ -1688,6 +1712,12 @@ can_handle_critical (const byte * buffer, size_t n, int type) case SIGSUBPKT_REVOC_REASON: /* At least we know about it. */ return 1; + case SIGSUBPKT_KEY_BLOCK: + if (n && !buffer[0]) + return 1; + else + return 0; + default: return 0; } diff --git a/g10/sign.c b/g10/sign.c index 01a7045aa..6e9f68ec0 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -185,6 +185,91 @@ mk_notation_policy_etc (PKT_signature *sig, } + +/* + * Put the Key Block subpakcet into SIG for key PKSK. Returns an + * error code on failure. + */ +static gpg_error_t +mk_sig_subpkt_key_block (ctrl_t ctrl, PKT_signature *sig, PKT_public_key *pksk) +{ + gpg_error_t err; + char *mbox; + char *filterexp = NULL; + int save_opt_armor = opt.armor; + int save_opt_verbose = opt.verbose; + char hexfpr[2*MAX_FINGERPRINT_LEN + 1]; + void *data = NULL; + size_t datalen; + kbnode_t keyblock = NULL; + + push_export_filters (); + opt.armor = 0; + + hexfingerprint (pksk, hexfpr, sizeof hexfpr); + + /* Get the user id so that we know which one to insert into the + * key. */ + if (pksk->user_id + && (mbox = mailbox_from_userid (pksk->user_id->name))) + { + if (DBG_LOOKUP) + log_debug ("including key with UID '%s' (specified)\n", mbox); + filterexp = xasprintf ("keep-uid= -- mbox = %s", mbox); + xfree (mbox); + } + else if (opt.sender_list) + { + /* If --sender was given we use the first one from that list. */ + if (DBG_LOOKUP) + log_debug ("including key with UID '%s' (--sender)\n", + opt.sender_list->d); + filterexp = xasprintf ("keep-uid= -- mbox = %s", opt.sender_list->d); + } + else /* Use the primary user id. */ + { + if (DBG_LOOKUP) + log_debug ("including key with primary UID\n"); + filterexp = xstrdup ("keep-uid= primary -t"); + } + + if (DBG_LOOKUP) + log_debug ("export filter expression: %s\n", filterexp); + err = parse_and_set_export_filter (filterexp); + if (err) + goto leave; + xfree (filterexp); + filterexp = xasprintf ("drop-subkey= fpr <> %s && usage !~ e", hexfpr); + if (DBG_LOOKUP) + log_debug ("export filter expression: %s\n", filterexp); + err = parse_and_set_export_filter (filterexp); + if (err) + goto leave; + + + opt.verbose = 0; + err = export_pubkey_buffer (ctrl, hexfpr, EXPORT_MINIMAL|EXPORT_CLEAN, + "", 1, /* Prefix with the reserved byte. */ + NULL, &keyblock, &data, &datalen); + opt.verbose = save_opt_verbose; + if (err) + { + log_error ("failed to get to be included key: %s\n", gpg_strerror (err)); + goto leave; + } + + build_sig_subpkt (sig, SIGSUBPKT_KEY_BLOCK, data, datalen); + + leave: + xfree (data); + release_kbnode (keyblock); + xfree (filterexp); + opt.armor = save_opt_armor; + pop_export_filters (); + return err; +} + + /* * Helper to hash a user ID packet. */ @@ -737,7 +822,7 @@ write_signature_packets (ctrl_t ctrl, PKT_public_key *pk; PKT_signature *sig; gcry_md_hd_t md; - int rc; + gpg_error_t err; pk = sk_rover->pk; @@ -770,14 +855,18 @@ write_signature_packets (ctrl_t ctrl, { build_sig_subpkt_from_sig (sig, pk); mk_notation_policy_etc (sig, NULL, pk); + if (opt.flags.include_key_block && IS_SIG (sig)) + err = mk_sig_subpkt_key_block (ctrl, sig, pk); + else + err = 0; } - hash_sigversion_to_magic (md, sig); gcry_md_final (md); - rc = do_sign (ctrl, pk, sig, md, hash_for (pk), cache_nonce, 0); + if (!err) + err = do_sign (ctrl, pk, sig, md, hash_for (pk), cache_nonce, 0); gcry_md_close (md); - if (!rc) + if (!err) { /* Write the packet. */ PACKET pkt; @@ -785,19 +874,19 @@ write_signature_packets (ctrl_t ctrl, init_packet (&pkt); pkt.pkttype = PKT_SIGNATURE; pkt.pkt.signature = sig; - rc = build_packet (out, &pkt); - if (!rc && is_status_enabled()) + err = build_packet (out, &pkt); + if (!err && is_status_enabled()) print_status_sig_created (pk, sig, status_letter); free_packet (&pkt, NULL); - if (rc) + if (err) log_error ("build signature packet failed: %s\n", - gpg_strerror (rc)); + gpg_strerror (err)); } else free_seckey_enc (sig); - if (rc) - return rc; + if (err) + return err; } return 0;