mirror of
git://git.gnupg.org/gnupg.git
synced 2024-10-30 19:58:44 +01:00
e4f61df850
* g10/getkey.c (get_pubkey_fromfile): Add optional arg r_keyblock. * g10/pkclist.c (find_and_check_key): Also encrypt to RENC subkeys. * g10/getkey.c (parse_key_usage): Make public. * g10/misc.c (openpgp_pk_algo_usage): Take PUBKEY_USAGE_RENC in account. * g10/packet.h (PKT_public_key): Change pubkey_usage from byte to u16. (PKT_user_id): Cosmetic fix: change help_key_usage from int to u16. * g10/sig-check.c (check_signature_metadata_validity): Handle time conflict for ADSKs. -- GnuPG-bug-id: 6395 This patch handles ADSK keys and encrypts to them. It does not yet allow the creation of them. We backport this from master early to get this part of the code out into the field.
1906 lines
44 KiB
C
1906 lines
44 KiB
C
/* misc.c - miscellaneous functions
|
||
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
|
||
* 2008, 2009, 2010 Free Software Foundation, Inc.
|
||
* Copyright (C) 2014 Werner Koch
|
||
*
|
||
* This file is part of GnuPG.
|
||
*
|
||
* GnuPG is free software; you can redistribute it and/or modify
|
||
* it under the terms of the GNU General Public License as published by
|
||
* the Free Software Foundation; either version 3 of the License, or
|
||
* (at your option) any later version.
|
||
*
|
||
* GnuPG is distributed in the hope that it will be useful,
|
||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||
* GNU General Public License for more details.
|
||
*
|
||
* You should have received a copy of the GNU General Public License
|
||
* along with this program; if not, see <https://www.gnu.org/licenses/>.
|
||
*/
|
||
|
||
#include <config.h>
|
||
#include <stdio.h>
|
||
#include <stdlib.h>
|
||
#include <string.h>
|
||
#include <unistd.h>
|
||
#include <errno.h>
|
||
#if defined(__linux__) && defined(__alpha__) && __GLIBC__ < 2
|
||
#include <asm/sysinfo.h>
|
||
#include <asm/unistd.h>
|
||
#endif
|
||
#ifdef HAVE_SETRLIMIT
|
||
#include <time.h>
|
||
#include <sys/time.h>
|
||
#include <sys/resource.h>
|
||
#endif
|
||
#ifdef ENABLE_SELINUX_HACKS
|
||
#include <sys/stat.h>
|
||
#endif
|
||
|
||
#ifdef HAVE_W32_SYSTEM
|
||
#include <time.h>
|
||
#include <process.h>
|
||
#ifdef HAVE_WINSOCK2_H
|
||
# define WIN32_LEAN_AND_MEAN 1
|
||
# include <winsock2.h>
|
||
#endif
|
||
#include <windows.h>
|
||
#include <shlobj.h>
|
||
#ifndef CSIDL_APPDATA
|
||
#define CSIDL_APPDATA 0x001a
|
||
#endif
|
||
#ifndef CSIDL_LOCAL_APPDATA
|
||
#define CSIDL_LOCAL_APPDATA 0x001c
|
||
#endif
|
||
#ifndef CSIDL_FLAG_CREATE
|
||
#define CSIDL_FLAG_CREATE 0x8000
|
||
#endif
|
||
#endif /*HAVE_W32_SYSTEM*/
|
||
|
||
#include "gpg.h"
|
||
#ifdef HAVE_W32_SYSTEM
|
||
# include "../common/status.h"
|
||
#endif /*HAVE_W32_SYSTEM*/
|
||
#include "../common/util.h"
|
||
#include "main.h"
|
||
#include "photoid.h"
|
||
#include "options.h"
|
||
#include "call-agent.h"
|
||
#include "../common/i18n.h"
|
||
#include "../common/zb32.h"
|
||
|
||
/* FIXME: Libgcrypt 1.9 will support EAX. Until we name this a
|
||
* requirement we hardwire the enum used for EAX. */
|
||
#define MY_GCRY_CIPHER_MODE_EAX 14
|
||
|
||
|
||
#ifdef ENABLE_SELINUX_HACKS
|
||
/* A object and a global variable to keep track of files marked as
|
||
secured. */
|
||
struct secured_file_item
|
||
{
|
||
struct secured_file_item *next;
|
||
ino_t ino;
|
||
dev_t dev;
|
||
};
|
||
static struct secured_file_item *secured_files;
|
||
#endif /*ENABLE_SELINUX_HACKS*/
|
||
|
||
|
||
|
||
|
||
/* For the sake of SELinux we want to restrict access through gpg to
|
||
certain files we keep under our own control. This function
|
||
registers such a file and is_secured_file may then be used to
|
||
check whether a file has ben registered as secured. */
|
||
void
|
||
register_secured_file (const char *fname)
|
||
{
|
||
#ifdef ENABLE_SELINUX_HACKS
|
||
struct stat buf;
|
||
struct secured_file_item *sf;
|
||
|
||
/* Note that we stop immediately if something goes wrong here. */
|
||
if (gnupg_stat (fname, &buf))
|
||
log_fatal (_("fstat of '%s' failed in %s: %s\n"), fname,
|
||
"register_secured_file", strerror (errno));
|
||
/* log_debug ("registering '%s' i=%lu.%lu\n", fname, */
|
||
/* (unsigned long)buf.st_dev, (unsigned long)buf.st_ino); */
|
||
for (sf=secured_files; sf; sf = sf->next)
|
||
{
|
||
if (sf->ino == buf.st_ino && sf->dev == buf.st_dev)
|
||
return; /* Already registered. */
|
||
}
|
||
|
||
sf = xmalloc (sizeof *sf);
|
||
sf->ino = buf.st_ino;
|
||
sf->dev = buf.st_dev;
|
||
sf->next = secured_files;
|
||
secured_files = sf;
|
||
#else /*!ENABLE_SELINUX_HACKS*/
|
||
(void)fname;
|
||
#endif /*!ENABLE_SELINUX_HACKS*/
|
||
}
|
||
|
||
/* Remove a file registered as secure. */
|
||
void
|
||
unregister_secured_file (const char *fname)
|
||
{
|
||
#ifdef ENABLE_SELINUX_HACKS
|
||
struct stat buf;
|
||
struct secured_file_item *sf, *sfprev;
|
||
|
||
if (gnupg_stat (fname, &buf))
|
||
{
|
||
log_error (_("fstat of '%s' failed in %s: %s\n"), fname,
|
||
"unregister_secured_file", strerror (errno));
|
||
return;
|
||
}
|
||
/* log_debug ("unregistering '%s' i=%lu.%lu\n", fname, */
|
||
/* (unsigned long)buf.st_dev, (unsigned long)buf.st_ino); */
|
||
for (sfprev=NULL,sf=secured_files; sf; sfprev=sf, sf = sf->next)
|
||
{
|
||
if (sf->ino == buf.st_ino && sf->dev == buf.st_dev)
|
||
{
|
||
if (sfprev)
|
||
sfprev->next = sf->next;
|
||
else
|
||
secured_files = sf->next;
|
||
xfree (sf);
|
||
return;
|
||
}
|
||
}
|
||
#else /*!ENABLE_SELINUX_HACKS*/
|
||
(void)fname;
|
||
#endif /*!ENABLE_SELINUX_HACKS*/
|
||
}
|
||
|
||
/* Return true if FD is corresponds to a secured file. Using -1 for
|
||
FS is allowed and will return false. */
|
||
int
|
||
is_secured_file (int fd)
|
||
{
|
||
#ifdef ENABLE_SELINUX_HACKS
|
||
struct stat buf;
|
||
struct secured_file_item *sf;
|
||
|
||
if (fd == -1)
|
||
return 0; /* No file descriptor so it can't be secured either. */
|
||
|
||
/* Note that we print out a error here and claim that a file is
|
||
secure if something went wrong. */
|
||
if (fstat (fd, &buf))
|
||
{
|
||
log_error (_("fstat(%d) failed in %s: %s\n"), fd,
|
||
"is_secured_file", strerror (errno));
|
||
return 1;
|
||
}
|
||
/* log_debug ("is_secured_file (%d) i=%lu.%lu\n", fd, */
|
||
/* (unsigned long)buf.st_dev, (unsigned long)buf.st_ino); */
|
||
for (sf=secured_files; sf; sf = sf->next)
|
||
{
|
||
if (sf->ino == buf.st_ino && sf->dev == buf.st_dev)
|
||
return 1; /* Yes. */
|
||
}
|
||
#else /*!ENABLE_SELINUX_HACKS*/
|
||
(void)fd;
|
||
#endif /*!ENABLE_SELINUX_HACKS*/
|
||
return 0; /* No. */
|
||
}
|
||
|
||
/* Return true if FNAME is corresponds to a secured file. Using NULL,
|
||
"" or "-" for FS is allowed and will return false. This function is
|
||
used before creating a file, thus it won't fail if the file does
|
||
not exist. */
|
||
int
|
||
is_secured_filename (const char *fname)
|
||
{
|
||
#ifdef ENABLE_SELINUX_HACKS
|
||
struct stat buf;
|
||
struct secured_file_item *sf;
|
||
|
||
if (iobuf_is_pipe_filename (fname) || !*fname)
|
||
return 0;
|
||
|
||
/* Note that we print out a error here and claim that a file is
|
||
secure if something went wrong. */
|
||
if (gnupg_stat (fname, &buf))
|
||
{
|
||
if (errno == ENOENT || errno == EPERM || errno == EACCES)
|
||
return 0;
|
||
log_error (_("fstat of '%s' failed in %s: %s\n"), fname,
|
||
"is_secured_filename", strerror (errno));
|
||
return 1;
|
||
}
|
||
/* log_debug ("is_secured_filename (%s) i=%lu.%lu\n", fname, */
|
||
/* (unsigned long)buf.st_dev, (unsigned long)buf.st_ino); */
|
||
for (sf=secured_files; sf; sf = sf->next)
|
||
{
|
||
if (sf->ino == buf.st_ino && sf->dev == buf.st_dev)
|
||
return 1; /* Yes. */
|
||
}
|
||
#else /*!ENABLE_SELINUX_HACKS*/
|
||
(void)fname;
|
||
#endif /*!ENABLE_SELINUX_HACKS*/
|
||
return 0; /* No. */
|
||
}
|
||
|
||
|
||
|
||
u16
|
||
checksum_u16( unsigned n )
|
||
{
|
||
u16 a;
|
||
|
||
a = (n >> 8) & 0xff;
|
||
a += n & 0xff;
|
||
return a;
|
||
}
|
||
|
||
|
||
u16
|
||
checksum( byte *p, unsigned n )
|
||
{
|
||
u16 a;
|
||
|
||
for(a=0; n; n-- )
|
||
a += *p++;
|
||
return a;
|
||
}
|
||
|
||
u16
|
||
checksum_mpi (gcry_mpi_t a)
|
||
{
|
||
u16 csum;
|
||
byte *buffer;
|
||
size_t nbytes;
|
||
|
||
if ( gcry_mpi_print (GCRYMPI_FMT_PGP, NULL, 0, &nbytes, a) )
|
||
BUG ();
|
||
/* Fixme: For numbers not in secure memory we should use a stack
|
||
* based buffer and only allocate a larger one if mpi_print returns
|
||
* an error. */
|
||
buffer = (gcry_is_secure(a)?
|
||
gcry_xmalloc_secure (nbytes) : gcry_xmalloc (nbytes));
|
||
if ( gcry_mpi_print (GCRYMPI_FMT_PGP, buffer, nbytes, NULL, a) )
|
||
BUG ();
|
||
csum = checksum (buffer, nbytes);
|
||
xfree (buffer);
|
||
return csum;
|
||
}
|
||
|
||
|
||
void
|
||
print_pubkey_algo_note (pubkey_algo_t algo)
|
||
{
|
||
if(algo >= 100 && algo <= 110)
|
||
{
|
||
static int warn=0;
|
||
if(!warn)
|
||
{
|
||
warn=1;
|
||
es_fflush (es_stdout);
|
||
log_info (_("WARNING: using experimental public key algorithm %s\n"),
|
||
openpgp_pk_algo_name (algo));
|
||
}
|
||
}
|
||
else if (algo == PUBKEY_ALGO_ELGAMAL)
|
||
{
|
||
es_fflush (es_stdout);
|
||
log_info (_("WARNING: Elgamal sign+encrypt keys are deprecated\n"));
|
||
}
|
||
}
|
||
|
||
void
|
||
print_cipher_algo_note (cipher_algo_t algo)
|
||
{
|
||
if(algo >= 100 && algo <= 110)
|
||
{
|
||
static int warn=0;
|
||
if(!warn)
|
||
{
|
||
warn=1;
|
||
es_fflush (es_stdout);
|
||
log_info (_("WARNING: using experimental cipher algorithm %s\n"),
|
||
openpgp_cipher_algo_name (algo));
|
||
}
|
||
}
|
||
}
|
||
|
||
void
|
||
print_digest_algo_note (digest_algo_t algo)
|
||
{
|
||
if(algo >= 100 && algo <= 110)
|
||
{
|
||
static int warn=0;
|
||
const enum gcry_md_algos galgo = map_md_openpgp_to_gcry (algo);
|
||
|
||
if(!warn)
|
||
{
|
||
warn=1;
|
||
es_fflush (es_stdout);
|
||
log_info (_("WARNING: using experimental digest algorithm %s\n"),
|
||
gcry_md_algo_name (galgo));
|
||
}
|
||
}
|
||
else if (is_weak_digest (algo))
|
||
{
|
||
const enum gcry_md_algos galgo = map_md_openpgp_to_gcry (algo);
|
||
es_fflush (es_stdout);
|
||
log_info (_("WARNING: digest algorithm %s is deprecated\n"),
|
||
gcry_md_algo_name (galgo));
|
||
}
|
||
}
|
||
|
||
|
||
void
|
||
print_digest_rejected_note (enum gcry_md_algos algo)
|
||
{
|
||
struct weakhash* weak;
|
||
int show = 1;
|
||
|
||
if (opt.quiet)
|
||
return;
|
||
|
||
for (weak = opt.weak_digests; weak; weak = weak->next)
|
||
if (weak->algo == algo)
|
||
{
|
||
if (weak->rejection_shown)
|
||
show = 0;
|
||
else
|
||
weak->rejection_shown = 1;
|
||
break;
|
||
}
|
||
|
||
if (show)
|
||
{
|
||
es_fflush (es_stdout);
|
||
log_info
|
||
(_("Note: signatures using the %s algorithm are rejected\n"),
|
||
gcry_md_algo_name(algo));
|
||
}
|
||
}
|
||
|
||
|
||
void
|
||
print_sha1_keysig_rejected_note (void)
|
||
{
|
||
static int shown;
|
||
|
||
if (shown || opt.quiet)
|
||
return;
|
||
|
||
shown = 1;
|
||
es_fflush (es_stdout);
|
||
log_info (_("Note: third-party key signatures using"
|
||
" the %s algorithm are rejected\n"),
|
||
gcry_md_algo_name (GCRY_MD_SHA1));
|
||
print_further_info ("use option \"%s\" to override",
|
||
"--allow-weak-key-signatures");
|
||
}
|
||
|
||
|
||
/* Print a message
|
||
* "(reported error: %s)\n
|
||
* in verbose mode to further explain an error. If the error code has
|
||
* the value IGNORE_EC no message is printed. A message is also not
|
||
* printed if ERR is 0. */
|
||
void
|
||
print_reported_error (gpg_error_t err, gpg_err_code_t ignore_ec)
|
||
{
|
||
if (!opt.verbose)
|
||
return;
|
||
|
||
if (!gpg_err_code (err))
|
||
;
|
||
else if (gpg_err_code (err) == ignore_ec)
|
||
;
|
||
else if (gpg_err_source (err) == GPG_ERR_SOURCE_DEFAULT)
|
||
log_info (_("(reported error: %s)\n"),
|
||
gpg_strerror (err));
|
||
else
|
||
log_info (_("(reported error: %s <%s>)\n"),
|
||
gpg_strerror (err), gpg_strsource (err));
|
||
|
||
}
|
||
|
||
|
||
/* Print a message
|
||
* "(further info: %s)\n
|
||
* in verbose mode to further explain an error. That message is
|
||
* intended to help debug a problem and should not be translated.
|
||
*/
|
||
void
|
||
print_further_info (const char *format, ...)
|
||
{
|
||
va_list arg_ptr;
|
||
|
||
if (!opt.verbose)
|
||
return;
|
||
|
||
log_info (_("(further info: "));
|
||
va_start (arg_ptr, format);
|
||
log_logv (GPGRT_LOG_CONT, format, arg_ptr);
|
||
va_end (arg_ptr);
|
||
log_printf (")\n");
|
||
}
|
||
|
||
|
||
/* Map OpenPGP algo numbers to those used by Libgcrypt. We need to do
|
||
this for algorithms we implemented in Libgcrypt after they become
|
||
part of OpenPGP. */
|
||
enum gcry_cipher_algos
|
||
map_cipher_openpgp_to_gcry (cipher_algo_t algo)
|
||
{
|
||
switch (algo)
|
||
{
|
||
case CIPHER_ALGO_NONE: return GCRY_CIPHER_NONE;
|
||
|
||
#ifdef GPG_USE_IDEA
|
||
case CIPHER_ALGO_IDEA: return GCRY_CIPHER_IDEA;
|
||
#else
|
||
case CIPHER_ALGO_IDEA: return 0;
|
||
#endif
|
||
|
||
case CIPHER_ALGO_3DES: return GCRY_CIPHER_3DES;
|
||
|
||
#ifdef GPG_USE_CAST5
|
||
case CIPHER_ALGO_CAST5: return GCRY_CIPHER_CAST5;
|
||
#else
|
||
case CIPHER_ALGO_CAST5: return 0;
|
||
#endif
|
||
|
||
#ifdef GPG_USE_BLOWFISH
|
||
case CIPHER_ALGO_BLOWFISH: return GCRY_CIPHER_BLOWFISH;
|
||
#else
|
||
case CIPHER_ALGO_BLOWFISH: return 0;
|
||
#endif
|
||
|
||
#ifdef GPG_USE_AES128
|
||
case CIPHER_ALGO_AES: return GCRY_CIPHER_AES;
|
||
#else
|
||
case CIPHER_ALGO_AES: return 0;
|
||
#endif
|
||
|
||
#ifdef GPG_USE_AES192
|
||
case CIPHER_ALGO_AES192: return GCRY_CIPHER_AES192;
|
||
#else
|
||
case CIPHER_ALGO_AES192: return 0;
|
||
#endif
|
||
|
||
#ifdef GPG_USE_AES256
|
||
case CIPHER_ALGO_AES256: return GCRY_CIPHER_AES256;
|
||
#else
|
||
case CIPHER_ALGO_AES256: return 0;
|
||
#endif
|
||
|
||
#ifdef GPG_USE_TWOFISH
|
||
case CIPHER_ALGO_TWOFISH: return GCRY_CIPHER_TWOFISH;
|
||
#else
|
||
case CIPHER_ALGO_TWOFISH: return 0;
|
||
#endif
|
||
|
||
#ifdef GPG_USE_CAMELLIA128
|
||
case CIPHER_ALGO_CAMELLIA128: return GCRY_CIPHER_CAMELLIA128;
|
||
#else
|
||
case CIPHER_ALGO_CAMELLIA128: return 0;
|
||
#endif
|
||
|
||
#ifdef GPG_USE_CAMELLIA192
|
||
case CIPHER_ALGO_CAMELLIA192: return GCRY_CIPHER_CAMELLIA192;
|
||
#else
|
||
case CIPHER_ALGO_CAMELLIA192: return 0;
|
||
#endif
|
||
|
||
#ifdef GPG_USE_CAMELLIA256
|
||
case CIPHER_ALGO_CAMELLIA256: return GCRY_CIPHER_CAMELLIA256;
|
||
#else
|
||
case CIPHER_ALGO_CAMELLIA256: return 0;
|
||
#endif
|
||
default: return 0;
|
||
}
|
||
}
|
||
|
||
/* The inverse function of above. */
|
||
static cipher_algo_t
|
||
map_cipher_gcry_to_openpgp (enum gcry_cipher_algos algo)
|
||
{
|
||
switch (algo)
|
||
{
|
||
case GCRY_CIPHER_NONE: return CIPHER_ALGO_NONE;
|
||
case GCRY_CIPHER_IDEA: return CIPHER_ALGO_IDEA;
|
||
case GCRY_CIPHER_3DES: return CIPHER_ALGO_3DES;
|
||
case GCRY_CIPHER_CAST5: return CIPHER_ALGO_CAST5;
|
||
case GCRY_CIPHER_BLOWFISH: return CIPHER_ALGO_BLOWFISH;
|
||
case GCRY_CIPHER_AES: return CIPHER_ALGO_AES;
|
||
case GCRY_CIPHER_AES192: return CIPHER_ALGO_AES192;
|
||
case GCRY_CIPHER_AES256: return CIPHER_ALGO_AES256;
|
||
case GCRY_CIPHER_TWOFISH: return CIPHER_ALGO_TWOFISH;
|
||
case GCRY_CIPHER_CAMELLIA128: return CIPHER_ALGO_CAMELLIA128;
|
||
case GCRY_CIPHER_CAMELLIA192: return CIPHER_ALGO_CAMELLIA192;
|
||
case GCRY_CIPHER_CAMELLIA256: return CIPHER_ALGO_CAMELLIA256;
|
||
default: return 0;
|
||
}
|
||
}
|
||
|
||
/* Map Gcrypt public key algorithm numbers to those used by OpenPGP.
|
||
FIXME: This mapping is used at only two places - we should get rid
|
||
of it. */
|
||
pubkey_algo_t
|
||
map_pk_gcry_to_openpgp (enum gcry_pk_algos algo)
|
||
{
|
||
switch (algo)
|
||
{
|
||
case GCRY_PK_EDDSA: return PUBKEY_ALGO_EDDSA;
|
||
case GCRY_PK_ECDSA: return PUBKEY_ALGO_ECDSA;
|
||
case GCRY_PK_ECDH: return PUBKEY_ALGO_ECDH;
|
||
default: return algo < 110 ? (pubkey_algo_t)algo : 0;
|
||
}
|
||
}
|
||
|
||
|
||
/* Return the block length of an OpenPGP cipher algorithm. */
|
||
int
|
||
openpgp_cipher_blocklen (cipher_algo_t algo)
|
||
{
|
||
/* We use the numbers from OpenPGP to be sure that we get the right
|
||
block length. This is so that the packet parsing code works even
|
||
for unknown algorithms (for which we assume 8 due to tradition).
|
||
|
||
NOTE: If you change the returned blocklen above 16, check
|
||
the callers because they may use a fixed size buffer of that
|
||
size. */
|
||
switch (algo)
|
||
{
|
||
case CIPHER_ALGO_AES:
|
||
case CIPHER_ALGO_AES192:
|
||
case CIPHER_ALGO_AES256:
|
||
case CIPHER_ALGO_TWOFISH:
|
||
case CIPHER_ALGO_CAMELLIA128:
|
||
case CIPHER_ALGO_CAMELLIA192:
|
||
case CIPHER_ALGO_CAMELLIA256:
|
||
return 16;
|
||
|
||
default:
|
||
return 8;
|
||
}
|
||
}
|
||
|
||
/****************
|
||
* Wrapper around the libgcrypt function with additional checks on
|
||
* the OpenPGP contraints for the algo ID.
|
||
*/
|
||
int
|
||
openpgp_cipher_test_algo (cipher_algo_t algo)
|
||
{
|
||
enum gcry_cipher_algos ga;
|
||
|
||
ga = map_cipher_openpgp_to_gcry (algo);
|
||
if (!ga)
|
||
return gpg_error (GPG_ERR_CIPHER_ALGO);
|
||
|
||
return gcry_cipher_test_algo (ga);
|
||
}
|
||
|
||
/* Map the OpenPGP cipher algorithm whose ID is contained in ALGORITHM to a
|
||
string representation of the algorithm name. For unknown algorithm
|
||
IDs this function returns "?". */
|
||
const char *
|
||
openpgp_cipher_algo_name (cipher_algo_t algo)
|
||
{
|
||
switch (algo)
|
||
{
|
||
case CIPHER_ALGO_IDEA: return "IDEA";
|
||
case CIPHER_ALGO_3DES: return "3DES";
|
||
case CIPHER_ALGO_CAST5: return "CAST5";
|
||
case CIPHER_ALGO_BLOWFISH: return "BLOWFISH";
|
||
case CIPHER_ALGO_AES: return "AES";
|
||
case CIPHER_ALGO_AES192: return "AES192";
|
||
case CIPHER_ALGO_AES256: return "AES256";
|
||
case CIPHER_ALGO_TWOFISH: return "TWOFISH";
|
||
case CIPHER_ALGO_CAMELLIA128: return "CAMELLIA128";
|
||
case CIPHER_ALGO_CAMELLIA192: return "CAMELLIA192";
|
||
case CIPHER_ALGO_CAMELLIA256: return "CAMELLIA256";
|
||
case CIPHER_ALGO_NONE:
|
||
default: return "?";
|
||
}
|
||
}
|
||
|
||
|
||
/* Same as openpgp_cipher_algo_name but returns a string in the form
|
||
* "ALGO.MODE" if AEAD is not 0. Note that in this version we do not
|
||
* print "ALGO.CFB" as we do in 2.3 to avoid confusing users. */
|
||
const char *
|
||
openpgp_cipher_algo_mode_name (cipher_algo_t algo, aead_algo_t aead)
|
||
{
|
||
|
||
if (aead == AEAD_ALGO_NONE)
|
||
return openpgp_cipher_algo_name (algo);
|
||
|
||
return map_static_strings ("openpgp_cipher_algo_mode_name", algo, aead,
|
||
openpgp_cipher_algo_name (algo),
|
||
".",
|
||
openpgp_aead_algo_name (aead),
|
||
NULL);
|
||
}
|
||
|
||
|
||
/* Return 0 if ALGO is supported. Return an error if not. */
|
||
gpg_error_t
|
||
openpgp_aead_test_algo (aead_algo_t algo)
|
||
{
|
||
/* FIXME: We currently have no easy way to test whether libgcrypt
|
||
* implements a mode. The only way we can do this is to open a
|
||
* cipher context with that mode and close it immediately. That is
|
||
* a bit costly. So we look at the libgcrypt version and assume
|
||
* nothing has been patched out. */
|
||
switch (algo)
|
||
{
|
||
case AEAD_ALGO_NONE:
|
||
break;
|
||
|
||
case AEAD_ALGO_EAX:
|
||
#if GCRYPT_VERSION_NUMBER < 0x010900
|
||
break;
|
||
#else
|
||
return 0;
|
||
#endif
|
||
|
||
case AEAD_ALGO_OCB:
|
||
return 0;
|
||
}
|
||
|
||
return gpg_error (GPG_ERR_INV_CIPHER_MODE);
|
||
}
|
||
|
||
|
||
/* Map the OpenPGP AEAD algorithm with ID ALGO to a string
|
||
* representation of the algorithm name. For unknown algorithm IDs
|
||
* this function returns "?". */
|
||
const char *
|
||
openpgp_aead_algo_name (aead_algo_t algo)
|
||
{
|
||
switch (algo)
|
||
{
|
||
case AEAD_ALGO_NONE: break;
|
||
case AEAD_ALGO_EAX: return "EAX";
|
||
case AEAD_ALGO_OCB: return "OCB";
|
||
}
|
||
|
||
return "?";
|
||
}
|
||
|
||
|
||
/* Return information for the AEAD algorithm ALGO. The corresponding
|
||
* Libgcrypt ciphermode is stored at R_MODE and the required number of
|
||
* octets for the nonce at R_NONCELEN. On error and error code is
|
||
* returned. Note that the taglen is always 128 bits. */
|
||
gpg_error_t
|
||
openpgp_aead_algo_info (aead_algo_t algo, enum gcry_cipher_modes *r_mode,
|
||
unsigned int *r_noncelen)
|
||
{
|
||
switch (algo)
|
||
{
|
||
case AEAD_ALGO_OCB:
|
||
*r_mode = GCRY_CIPHER_MODE_OCB;
|
||
*r_noncelen = 15;
|
||
break;
|
||
|
||
case AEAD_ALGO_EAX: /* Only for decryption of some old data. */
|
||
*r_mode = MY_GCRY_CIPHER_MODE_EAX;
|
||
*r_noncelen = 16;
|
||
break;
|
||
|
||
default:
|
||
log_error ("unsupported AEAD algo %d\n", algo);
|
||
return gpg_error (GPG_ERR_INV_CIPHER_MODE);
|
||
}
|
||
return 0;
|
||
}
|
||
|
||
|
||
/* Return 0 if ALGO is a supported OpenPGP public key algorithm. */
|
||
int
|
||
openpgp_pk_test_algo (pubkey_algo_t algo)
|
||
{
|
||
return openpgp_pk_test_algo2 (algo, 0);
|
||
}
|
||
|
||
|
||
/* Return 0 if ALGO is a supported OpenPGP public key algorithm and
|
||
allows the usage USE. */
|
||
int
|
||
openpgp_pk_test_algo2 (pubkey_algo_t algo, unsigned int use)
|
||
{
|
||
enum gcry_pk_algos ga = 0;
|
||
size_t use_buf = use;
|
||
|
||
switch (algo)
|
||
{
|
||
#ifdef GPG_USE_RSA
|
||
case PUBKEY_ALGO_RSA: ga = GCRY_PK_RSA; break;
|
||
case PUBKEY_ALGO_RSA_E: ga = GCRY_PK_RSA_E; break;
|
||
case PUBKEY_ALGO_RSA_S: ga = GCRY_PK_RSA_S; break;
|
||
#else
|
||
case PUBKEY_ALGO_RSA: break;
|
||
case PUBKEY_ALGO_RSA_E: break;
|
||
case PUBKEY_ALGO_RSA_S: break;
|
||
#endif
|
||
|
||
case PUBKEY_ALGO_ELGAMAL_E: ga = GCRY_PK_ELG; break;
|
||
case PUBKEY_ALGO_DSA: ga = GCRY_PK_DSA; break;
|
||
|
||
#ifdef GPG_USE_ECDH
|
||
case PUBKEY_ALGO_ECDH: ga = GCRY_PK_ECC; break;
|
||
#else
|
||
case PUBKEY_ALGO_ECDH: break;
|
||
#endif
|
||
|
||
#ifdef GPG_USE_ECDSA
|
||
case PUBKEY_ALGO_ECDSA: ga = GCRY_PK_ECC; break;
|
||
#else
|
||
case PUBKEY_ALGO_ECDSA: break;
|
||
#endif
|
||
|
||
#ifdef GPG_USE_EDDSA
|
||
case PUBKEY_ALGO_EDDSA: ga = GCRY_PK_ECC; break;
|
||
#else
|
||
case PUBKEY_ALGO_EDDSA: break;
|
||
#endif
|
||
|
||
case PUBKEY_ALGO_ELGAMAL:
|
||
/* Dont't allow type 20 keys unless in rfc2440 mode. */
|
||
if (RFC2440)
|
||
ga = GCRY_PK_ELG;
|
||
break;
|
||
|
||
default:
|
||
break;
|
||
}
|
||
if (!ga)
|
||
return gpg_error (GPG_ERR_PUBKEY_ALGO);
|
||
|
||
/* Elgamal in OpenPGP used to support signing and Libgcrypt still
|
||
* does. However, we removed the signing capability from gpg ages
|
||
* ago. This function should reflect this so that errors are thrown
|
||
* early and not only when we try to sign using Elgamal. */
|
||
if (ga == GCRY_PK_ELG && (use & (PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG)))
|
||
return gpg_error (GPG_ERR_WRONG_PUBKEY_ALGO);
|
||
|
||
/* Now check whether Libgcrypt has support for the algorithm. */
|
||
return gcry_pk_algo_info (ga, GCRYCTL_TEST_ALGO, NULL, &use_buf);
|
||
}
|
||
|
||
|
||
int
|
||
openpgp_pk_algo_usage ( int algo )
|
||
{
|
||
int use = 0;
|
||
|
||
/* They are hardwired in gpg 1.0. */
|
||
switch ( algo ) {
|
||
case PUBKEY_ALGO_RSA:
|
||
use = (PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG
|
||
| PUBKEY_USAGE_ENC | PUBKEY_USAGE_RENC | PUBKEY_USAGE_AUTH);
|
||
break;
|
||
case PUBKEY_ALGO_RSA_E:
|
||
case PUBKEY_ALGO_ECDH:
|
||
use = PUBKEY_USAGE_ENC | PUBKEY_USAGE_RENC;
|
||
break;
|
||
case PUBKEY_ALGO_RSA_S:
|
||
use = PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG;
|
||
break;
|
||
case PUBKEY_ALGO_ELGAMAL:
|
||
if (RFC2440)
|
||
use = PUBKEY_USAGE_ENC | PUBKEY_USAGE_RENC;
|
||
break;
|
||
case PUBKEY_ALGO_ELGAMAL_E:
|
||
use = PUBKEY_USAGE_ENC | PUBKEY_USAGE_RENC;
|
||
break;
|
||
case PUBKEY_ALGO_DSA:
|
||
use = PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG | PUBKEY_USAGE_AUTH;
|
||
break;
|
||
case PUBKEY_ALGO_ECDSA:
|
||
case PUBKEY_ALGO_EDDSA:
|
||
use = PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG | PUBKEY_USAGE_AUTH;
|
||
default:
|
||
break;
|
||
}
|
||
return use;
|
||
}
|
||
|
||
/* Map the OpenPGP pubkey algorithm whose ID is contained in ALGO to a
|
||
string representation of the algorithm name. For unknown algorithm
|
||
IDs this function returns "?". */
|
||
const char *
|
||
openpgp_pk_algo_name (pubkey_algo_t algo)
|
||
{
|
||
switch (algo)
|
||
{
|
||
case PUBKEY_ALGO_RSA:
|
||
case PUBKEY_ALGO_RSA_E:
|
||
case PUBKEY_ALGO_RSA_S: return "RSA";
|
||
case PUBKEY_ALGO_ELGAMAL:
|
||
case PUBKEY_ALGO_ELGAMAL_E: return "ELG";
|
||
case PUBKEY_ALGO_DSA: return "DSA";
|
||
case PUBKEY_ALGO_ECDH: return "ECDH";
|
||
case PUBKEY_ALGO_ECDSA: return "ECDSA";
|
||
case PUBKEY_ALGO_EDDSA: return "EDDSA";
|
||
default: return "?";
|
||
}
|
||
}
|
||
|
||
|
||
/* Explicit mapping of OpenPGP digest algos to Libgcrypt. */
|
||
/* FIXME: We do not yes use it everywhere. */
|
||
enum gcry_md_algos
|
||
map_md_openpgp_to_gcry (digest_algo_t algo)
|
||
{
|
||
switch (algo)
|
||
{
|
||
#ifdef GPG_USE_MD5
|
||
case DIGEST_ALGO_MD5: return GCRY_MD_MD5;
|
||
#else
|
||
case DIGEST_ALGO_MD5: return 0;
|
||
#endif
|
||
|
||
case DIGEST_ALGO_SHA1: return GCRY_MD_SHA1;
|
||
|
||
#ifdef GPG_USE_RMD160
|
||
case DIGEST_ALGO_RMD160: return GCRY_MD_RMD160;
|
||
#else
|
||
case DIGEST_ALGO_RMD160: return 0;
|
||
#endif
|
||
|
||
#ifdef GPG_USE_SHA224
|
||
case DIGEST_ALGO_SHA224: return GCRY_MD_SHA224;
|
||
#else
|
||
case DIGEST_ALGO_SHA224: return 0;
|
||
#endif
|
||
|
||
case DIGEST_ALGO_SHA256: return GCRY_MD_SHA256;
|
||
|
||
#ifdef GPG_USE_SHA384
|
||
case DIGEST_ALGO_SHA384: return GCRY_MD_SHA384;
|
||
#else
|
||
case DIGEST_ALGO_SHA384: return 0;
|
||
#endif
|
||
|
||
#ifdef GPG_USE_SHA512
|
||
case DIGEST_ALGO_SHA512: return GCRY_MD_SHA512;
|
||
#else
|
||
case DIGEST_ALGO_SHA512: return 0;
|
||
#endif
|
||
default: return 0;
|
||
}
|
||
}
|
||
|
||
|
||
/* Return 0 if ALGO is suitable and implemented OpenPGP hash
|
||
algorithm. */
|
||
int
|
||
openpgp_md_test_algo (digest_algo_t algo)
|
||
{
|
||
enum gcry_md_algos ga;
|
||
|
||
ga = map_md_openpgp_to_gcry (algo);
|
||
if (!ga)
|
||
return gpg_error (GPG_ERR_DIGEST_ALGO);
|
||
|
||
return gcry_md_test_algo (ga);
|
||
}
|
||
|
||
|
||
/* Map the OpenPGP digest algorithm whose ID is contained in ALGO to a
|
||
string representation of the algorithm name. For unknown algorithm
|
||
IDs this function returns "?". */
|
||
const char *
|
||
openpgp_md_algo_name (int algo)
|
||
{
|
||
switch (algo)
|
||
{
|
||
case DIGEST_ALGO_MD5: return "MD5";
|
||
case DIGEST_ALGO_SHA1: return "SHA1";
|
||
case DIGEST_ALGO_RMD160: return "RIPEMD160";
|
||
case DIGEST_ALGO_SHA256: return "SHA256";
|
||
case DIGEST_ALGO_SHA384: return "SHA384";
|
||
case DIGEST_ALGO_SHA512: return "SHA512";
|
||
case DIGEST_ALGO_SHA224: return "SHA224";
|
||
}
|
||
return "?";
|
||
}
|
||
|
||
|
||
static unsigned long
|
||
get_signature_count (PKT_public_key *pk)
|
||
{
|
||
#ifdef ENABLE_CARD_SUPPORT
|
||
struct agent_card_info_s info;
|
||
|
||
(void)pk;
|
||
if (!agent_scd_getattr ("SIG-COUNTER",&info))
|
||
return info.sig_counter;
|
||
else
|
||
return 0;
|
||
#else
|
||
(void)pk;
|
||
return 0;
|
||
#endif
|
||
}
|
||
|
||
/* Expand %-strings. Returns a string which must be xfreed. Returns
|
||
NULL if the string cannot be expanded (too large). */
|
||
char *
|
||
pct_expando(const char *string,struct expando_args *args)
|
||
{
|
||
const char *ch=string;
|
||
int idx=0,maxlen=0,done=0;
|
||
u32 pk_keyid[2]={0,0},sk_keyid[2]={0,0};
|
||
char *ret=NULL;
|
||
|
||
/* The parser below would return NULL for an empty string, thus we
|
||
* catch it here. Also catch NULL here. */
|
||
if (!string || !*string)
|
||
return xstrdup ("");
|
||
|
||
if(args->pk)
|
||
keyid_from_pk(args->pk,pk_keyid);
|
||
|
||
if(args->pksk)
|
||
keyid_from_pk (args->pksk, sk_keyid);
|
||
|
||
/* This is used so that %k works in photoid command strings in
|
||
--list-secret-keys (which of course has a sk, but no pk). */
|
||
if(!args->pk && args->pksk)
|
||
keyid_from_pk (args->pksk, pk_keyid);
|
||
|
||
while(*ch!='\0')
|
||
{
|
||
if(!done)
|
||
{
|
||
/* 8192 is way bigger than we'll need here */
|
||
if(maxlen>=8192)
|
||
goto fail;
|
||
|
||
maxlen+=1024;
|
||
ret=xrealloc(ret,maxlen);
|
||
}
|
||
|
||
done=0;
|
||
|
||
if(*ch=='%')
|
||
{
|
||
switch(*(ch+1))
|
||
{
|
||
case 's': /* short key id */
|
||
if(idx+8<maxlen)
|
||
{
|
||
sprintf(&ret[idx],"%08lX",(ulong)sk_keyid[1]);
|
||
idx+=8;
|
||
done=1;
|
||
}
|
||
break;
|
||
|
||
case 'S': /* long key id */
|
||
if(idx+16<maxlen)
|
||
{
|
||
sprintf(&ret[idx],"%08lX%08lX",
|
||
(ulong)sk_keyid[0],(ulong)sk_keyid[1]);
|
||
idx+=16;
|
||
done=1;
|
||
}
|
||
break;
|
||
|
||
case 'k': /* short key id */
|
||
if(idx+8<maxlen)
|
||
{
|
||
sprintf(&ret[idx],"%08lX",(ulong)pk_keyid[1]);
|
||
idx+=8;
|
||
done=1;
|
||
}
|
||
break;
|
||
|
||
case 'K': /* long key id */
|
||
if(idx+16<maxlen)
|
||
{
|
||
sprintf(&ret[idx],"%08lX%08lX",
|
||
(ulong)pk_keyid[0],(ulong)pk_keyid[1]);
|
||
idx+=16;
|
||
done=1;
|
||
}
|
||
break;
|
||
|
||
case 'U': /* z-base-32 encoded user id hash. */
|
||
if (args->namehash)
|
||
{
|
||
char *tmp = zb32_encode (args->namehash, 8*20);
|
||
if (tmp)
|
||
{
|
||
if (idx + strlen (tmp) < maxlen)
|
||
{
|
||
strcpy (ret+idx, tmp);
|
||
idx += strlen (tmp);
|
||
}
|
||
xfree (tmp);
|
||
done = 1;
|
||
}
|
||
}
|
||
break;
|
||
|
||
case 'c': /* signature count from card, if any. */
|
||
if(idx+10<maxlen)
|
||
{
|
||
sprintf (&ret[idx],"%lu", get_signature_count (args->pksk));
|
||
idx+=strlen(&ret[idx]);
|
||
done=1;
|
||
}
|
||
break;
|
||
|
||
case 'f': /* Fingerprint of key being signed */
|
||
case 'p': /* Fingerprint of the primary key making the signature. */
|
||
case 'g': /* Fingerprint of the key making the signature. */
|
||
{
|
||
byte array[MAX_FINGERPRINT_LEN];
|
||
size_t len;
|
||
int i;
|
||
|
||
if ((*(ch+1))=='f' && args->pk)
|
||
fingerprint_from_pk (args->pk, array, &len);
|
||
else if ((*(ch+1))=='p' && args->pksk)
|
||
{
|
||
if(args->pksk->flags.primary)
|
||
fingerprint_from_pk (args->pksk, array, &len);
|
||
else if (args->pksk->main_keyid[0]
|
||
|| args->pksk->main_keyid[1])
|
||
{
|
||
/* Not the primary key: Find the fingerprint
|
||
of the primary key. */
|
||
PKT_public_key *pk=
|
||
xmalloc_clear(sizeof(PKT_public_key));
|
||
|
||
if (!get_pubkey_fast (pk,args->pksk->main_keyid))
|
||
fingerprint_from_pk (pk, array, &len);
|
||
else
|
||
memset (array, 0, (len=MAX_FINGERPRINT_LEN));
|
||
free_public_key (pk);
|
||
}
|
||
else /* Oops: info about the primary key missing. */
|
||
memset(array,0,(len=MAX_FINGERPRINT_LEN));
|
||
}
|
||
else if((*(ch+1))=='g' && args->pksk)
|
||
fingerprint_from_pk (args->pksk, array, &len);
|
||
else
|
||
memset(array,0,(len=MAX_FINGERPRINT_LEN));
|
||
|
||
if(idx+(len*2)<maxlen)
|
||
{
|
||
for(i=0;i<len;i++)
|
||
{
|
||
sprintf(&ret[idx],"%02X",array[i]);
|
||
idx+=2;
|
||
}
|
||
done=1;
|
||
}
|
||
}
|
||
break;
|
||
|
||
case 'v': /* validity letters */
|
||
if(args->validity_info && idx+1<maxlen)
|
||
{
|
||
ret[idx++]=args->validity_info;
|
||
ret[idx]='\0';
|
||
done=1;
|
||
}
|
||
break;
|
||
|
||
/* The text string types */
|
||
case 't':
|
||
case 'T':
|
||
case 'V':
|
||
{
|
||
const char *str=NULL;
|
||
|
||
switch(*(ch+1))
|
||
{
|
||
case 't': /* e.g. "jpg" */
|
||
str=image_type_to_string(args->imagetype,0);
|
||
break;
|
||
|
||
case 'T': /* e.g. "image/jpeg" */
|
||
str=image_type_to_string(args->imagetype,2);
|
||
break;
|
||
|
||
case 'V': /* e.g. "full", "expired", etc. */
|
||
str=args->validity_string;
|
||
break;
|
||
}
|
||
|
||
if(str && idx+strlen(str)<maxlen)
|
||
{
|
||
strcpy(&ret[idx],str);
|
||
idx+=strlen(str);
|
||
done=1;
|
||
}
|
||
}
|
||
break;
|
||
|
||
case '%':
|
||
if(idx+1<maxlen)
|
||
{
|
||
ret[idx++]='%';
|
||
ret[idx]='\0';
|
||
done=1;
|
||
}
|
||
break;
|
||
|
||
/* Any unknown %-keys (like %i, %o, %I, and %O) are
|
||
passed through for later expansion. Note this also
|
||
handles the case where the last character in the
|
||
string is a '%' - the terminating \0 will end up here
|
||
and properly terminate the string. */
|
||
default:
|
||
if(idx+2<maxlen)
|
||
{
|
||
ret[idx++]='%';
|
||
ret[idx++]=*(ch+1);
|
||
ret[idx]='\0';
|
||
done=1;
|
||
}
|
||
break;
|
||
}
|
||
|
||
if(done)
|
||
ch++;
|
||
}
|
||
else
|
||
{
|
||
if(idx+1<maxlen)
|
||
{
|
||
ret[idx++]=*ch;
|
||
ret[idx]='\0';
|
||
done=1;
|
||
}
|
||
}
|
||
|
||
if(done)
|
||
ch++;
|
||
}
|
||
|
||
return ret;
|
||
|
||
fail:
|
||
xfree(ret);
|
||
return NULL;
|
||
}
|
||
|
||
void
|
||
deprecated_warning(const char *configname,unsigned int configlineno,
|
||
const char *option,const char *repl1,const char *repl2)
|
||
{
|
||
if(configname)
|
||
{
|
||
if(strncmp("--",option,2)==0)
|
||
option+=2;
|
||
|
||
if(strncmp("--",repl1,2)==0)
|
||
repl1+=2;
|
||
|
||
log_info(_("%s:%d: deprecated option \"%s\"\n"),
|
||
configname,configlineno,option);
|
||
}
|
||
else
|
||
log_info(_("WARNING: \"%s\" is a deprecated option\n"),option);
|
||
|
||
log_info(_("please use \"%s%s\" instead\n"),repl1,repl2);
|
||
}
|
||
|
||
|
||
void
|
||
deprecated_command (const char *name)
|
||
{
|
||
log_info(_("WARNING: \"%s\" is a deprecated command - do not use it\n"),
|
||
name);
|
||
}
|
||
|
||
|
||
void
|
||
obsolete_scdaemon_option (const char *configname, unsigned int configlineno,
|
||
const char *name)
|
||
{
|
||
if (configname)
|
||
log_info (_("%s:%u: \"%s\" is obsolete in this file"
|
||
" - it only has effect in %s\n"),
|
||
configname, configlineno, name, SCDAEMON_NAME EXTSEP_S "conf");
|
||
else
|
||
log_info (_("WARNING: \"%s%s\" is an obsolete option"
|
||
" - it has no effect except on %s\n"),
|
||
"--", name, SCDAEMON_NAME);
|
||
}
|
||
|
||
|
||
/*
|
||
* Wrapper around gcry_cipher_map_name to provide a fallback using the
|
||
* "Sn" syntax as used by the preference strings.
|
||
*/
|
||
int
|
||
string_to_cipher_algo (const char *string)
|
||
{
|
||
int val;
|
||
|
||
val = map_cipher_gcry_to_openpgp (gcry_cipher_map_name (string));
|
||
if (!val && string && (string[0]=='S' || string[0]=='s'))
|
||
{
|
||
char *endptr;
|
||
|
||
string++;
|
||
val = strtol (string, &endptr, 10);
|
||
if (!*string || *endptr || openpgp_cipher_test_algo (val))
|
||
val = 0;
|
||
}
|
||
|
||
return val;
|
||
}
|
||
|
||
/*
|
||
* Wrapper around gcry_md_map_name to provide a fallback using the
|
||
* "Hn" syntax as used by the preference strings.
|
||
*/
|
||
int
|
||
string_to_digest_algo (const char *string)
|
||
{
|
||
int val;
|
||
|
||
/* FIXME: We should make use of our wrapper function and not assume
|
||
that there is a 1 to 1 mapping between OpenPGP and Libgcrypt. */
|
||
val = gcry_md_map_name (string);
|
||
if (!val && string && (string[0]=='H' || string[0]=='h'))
|
||
{
|
||
char *endptr;
|
||
|
||
string++;
|
||
val = strtol (string, &endptr, 10);
|
||
if (!*string || *endptr || openpgp_md_test_algo (val))
|
||
val = 0;
|
||
}
|
||
|
||
return val;
|
||
}
|
||
|
||
|
||
|
||
const char *
|
||
compress_algo_to_string(int algo)
|
||
{
|
||
const char *s=NULL;
|
||
|
||
switch(algo)
|
||
{
|
||
case COMPRESS_ALGO_NONE:
|
||
s=_("Uncompressed");
|
||
break;
|
||
|
||
case COMPRESS_ALGO_ZIP:
|
||
s="ZIP";
|
||
break;
|
||
|
||
case COMPRESS_ALGO_ZLIB:
|
||
s="ZLIB";
|
||
break;
|
||
|
||
#ifdef HAVE_BZIP2
|
||
case COMPRESS_ALGO_BZIP2:
|
||
s="BZIP2";
|
||
break;
|
||
#endif
|
||
}
|
||
|
||
return s;
|
||
}
|
||
|
||
int
|
||
string_to_compress_algo(const char *string)
|
||
{
|
||
/* TRANSLATORS: See doc/TRANSLATE about this string. */
|
||
if(match_multistr(_("uncompressed|none"),string))
|
||
return 0;
|
||
else if(ascii_strcasecmp(string,"uncompressed")==0)
|
||
return 0;
|
||
else if(ascii_strcasecmp(string,"none")==0)
|
||
return 0;
|
||
else if(ascii_strcasecmp(string,"zip")==0)
|
||
return 1;
|
||
else if(ascii_strcasecmp(string,"zlib")==0)
|
||
return 2;
|
||
#ifdef HAVE_BZIP2
|
||
else if(ascii_strcasecmp(string,"bzip2")==0)
|
||
return 3;
|
||
#endif
|
||
else if(ascii_strcasecmp(string,"z0")==0)
|
||
return 0;
|
||
else if(ascii_strcasecmp(string,"z1")==0)
|
||
return 1;
|
||
else if(ascii_strcasecmp(string,"z2")==0)
|
||
return 2;
|
||
#ifdef HAVE_BZIP2
|
||
else if(ascii_strcasecmp(string,"z3")==0)
|
||
return 3;
|
||
#endif
|
||
else
|
||
return -1;
|
||
}
|
||
|
||
int
|
||
check_compress_algo(int algo)
|
||
{
|
||
switch (algo)
|
||
{
|
||
case 0: return 0;
|
||
#ifdef HAVE_ZIP
|
||
case 1:
|
||
case 2: return 0;
|
||
#endif
|
||
#ifdef HAVE_BZIP2
|
||
case 3: return 0;
|
||
#endif
|
||
default: return GPG_ERR_COMPR_ALGO;
|
||
}
|
||
}
|
||
|
||
int
|
||
default_cipher_algo(void)
|
||
{
|
||
if(opt.def_cipher_algo)
|
||
return opt.def_cipher_algo;
|
||
else if(opt.personal_cipher_prefs)
|
||
return opt.personal_cipher_prefs[0].value;
|
||
else
|
||
return opt.s2k_cipher_algo;
|
||
}
|
||
|
||
/* There is no default_digest_algo function, but see
|
||
sign.c:hash_for() */
|
||
|
||
int
|
||
default_compress_algo(void)
|
||
{
|
||
if(opt.compress_algo!=-1)
|
||
return opt.compress_algo;
|
||
else if(opt.personal_compress_prefs)
|
||
return opt.personal_compress_prefs[0].value;
|
||
else
|
||
return DEFAULT_COMPRESS_ALGO;
|
||
}
|
||
|
||
|
||
void
|
||
compliance_failure(void)
|
||
{
|
||
char *ver="???";
|
||
|
||
switch(opt.compliance)
|
||
{
|
||
case CO_GNUPG:
|
||
ver="GnuPG";
|
||
break;
|
||
|
||
case CO_RFC4880:
|
||
ver="OpenPGP";
|
||
break;
|
||
|
||
case CO_RFC2440:
|
||
ver="OpenPGP (older)";
|
||
break;
|
||
|
||
case CO_PGP6:
|
||
ver="PGP 6.x";
|
||
break;
|
||
|
||
case CO_PGP7:
|
||
ver="PGP 7.x";
|
||
break;
|
||
|
||
case CO_PGP8:
|
||
ver="PGP 8.x";
|
||
break;
|
||
|
||
case CO_DE_VS:
|
||
/* For de-vs we do not allow any kind of fallback. */
|
||
write_status_failure ("compliance-check", gpg_error (GPG_ERR_FORBIDDEN));
|
||
log_error (_("operation forced to fail due to"
|
||
" unfulfilled compliance rules\n"));
|
||
g10_errors_seen = 1;
|
||
return;
|
||
}
|
||
|
||
log_info(_("this message may not be usable by %s\n"),ver);
|
||
opt.compliance=CO_GNUPG;
|
||
}
|
||
|
||
/* Break a string into successive option pieces. Accepts single word
|
||
options and key=value argument options. */
|
||
char *
|
||
optsep(char **stringp)
|
||
{
|
||
char *tok,*end;
|
||
|
||
tok=*stringp;
|
||
if(tok)
|
||
{
|
||
end=strpbrk(tok," ,=");
|
||
if(end)
|
||
{
|
||
int sawequals=0;
|
||
char *ptr=end;
|
||
|
||
/* what we need to do now is scan along starting with *end,
|
||
If the next character we see (ignoring spaces) is an =
|
||
sign, then there is an argument. */
|
||
|
||
while(*ptr)
|
||
{
|
||
if(*ptr=='=')
|
||
sawequals=1;
|
||
else if(*ptr!=' ')
|
||
break;
|
||
ptr++;
|
||
}
|
||
|
||
/* There is an argument, so grab that too. At this point,
|
||
ptr points to the first character of the argument. */
|
||
if(sawequals)
|
||
{
|
||
/* Is it a quoted argument? */
|
||
if(*ptr=='"')
|
||
{
|
||
ptr++;
|
||
end=strchr(ptr,'"');
|
||
if(end)
|
||
end++;
|
||
}
|
||
else
|
||
end=strpbrk(ptr," ,");
|
||
}
|
||
|
||
if(end && *end)
|
||
{
|
||
*end='\0';
|
||
*stringp=end+1;
|
||
}
|
||
else
|
||
*stringp=NULL;
|
||
}
|
||
else
|
||
*stringp=NULL;
|
||
}
|
||
|
||
return tok;
|
||
}
|
||
|
||
/* Breaks an option value into key and value. Returns NULL if there
|
||
is no value. Note that "string" is modified to remove the =value
|
||
part. */
|
||
char *
|
||
argsplit(char *string)
|
||
{
|
||
char *equals,*arg=NULL;
|
||
|
||
equals=strchr(string,'=');
|
||
if(equals)
|
||
{
|
||
char *quote,*space;
|
||
|
||
*equals='\0';
|
||
arg=equals+1;
|
||
|
||
/* Quoted arg? */
|
||
quote=strchr(arg,'"');
|
||
if(quote)
|
||
{
|
||
arg=quote+1;
|
||
|
||
quote=strchr(arg,'"');
|
||
if(quote)
|
||
*quote='\0';
|
||
}
|
||
else
|
||
{
|
||
size_t spaces;
|
||
|
||
/* Trim leading spaces off of the arg */
|
||
spaces=strspn(arg," ");
|
||
arg+=spaces;
|
||
}
|
||
|
||
/* Trim tailing spaces off of the tag */
|
||
space=strchr(string,' ');
|
||
if(space)
|
||
*space='\0';
|
||
}
|
||
|
||
return arg;
|
||
}
|
||
|
||
/* Return the length of the initial token, leaving off any
|
||
argument. */
|
||
static size_t
|
||
optlen(const char *s)
|
||
{
|
||
char *end=strpbrk(s," =");
|
||
|
||
if(end)
|
||
return end-s;
|
||
else
|
||
return strlen(s);
|
||
}
|
||
|
||
int
|
||
parse_options(char *str,unsigned int *options,
|
||
struct parse_options *opts,int noisy)
|
||
{
|
||
char *tok;
|
||
|
||
if (str && !strcmp (str, "help"))
|
||
{
|
||
int i,maxlen=0;
|
||
|
||
/* Figure out the longest option name so we can line these up
|
||
neatly. */
|
||
for(i=0;opts[i].name;i++)
|
||
if(opts[i].help && maxlen<strlen(opts[i].name))
|
||
maxlen=strlen(opts[i].name);
|
||
|
||
for(i=0;opts[i].name;i++)
|
||
if(opts[i].help)
|
||
es_printf("%s%*s%s\n",opts[i].name,
|
||
maxlen+2-(int)strlen(opts[i].name),"",_(opts[i].help));
|
||
|
||
g10_exit(0);
|
||
}
|
||
|
||
while((tok=optsep(&str)))
|
||
{
|
||
int i,rev=0;
|
||
char *otok=tok;
|
||
|
||
if(tok[0]=='\0')
|
||
continue;
|
||
|
||
if(ascii_strncasecmp("no-",tok,3)==0)
|
||
{
|
||
rev=1;
|
||
tok+=3;
|
||
}
|
||
|
||
for(i=0;opts[i].name;i++)
|
||
{
|
||
size_t toklen=optlen(tok);
|
||
|
||
if(ascii_strncasecmp(opts[i].name,tok,toklen)==0)
|
||
{
|
||
/* We have a match, but it might be incomplete */
|
||
if(toklen!=strlen(opts[i].name))
|
||
{
|
||
int j;
|
||
|
||
for(j=i+1;opts[j].name;j++)
|
||
{
|
||
if(ascii_strncasecmp(opts[j].name,tok,toklen)==0)
|
||
{
|
||
if(noisy)
|
||
log_info(_("ambiguous option '%s'\n"),otok);
|
||
return 0;
|
||
}
|
||
}
|
||
}
|
||
|
||
if(rev)
|
||
{
|
||
*options&=~opts[i].bit;
|
||
if(opts[i].value)
|
||
*opts[i].value=NULL;
|
||
}
|
||
else
|
||
{
|
||
*options|=opts[i].bit;
|
||
if(opts[i].value)
|
||
*opts[i].value=argsplit(tok);
|
||
}
|
||
break;
|
||
}
|
||
}
|
||
|
||
if(!opts[i].name)
|
||
{
|
||
if(noisy)
|
||
log_info(_("unknown option '%s'\n"),otok);
|
||
return 0;
|
||
}
|
||
}
|
||
|
||
return 1;
|
||
}
|
||
|
||
|
||
/* Similar to access(2), but uses PATH to find the file. */
|
||
int
|
||
path_access(const char *file,int mode)
|
||
{
|
||
char *envpath;
|
||
int ret=-1;
|
||
|
||
envpath=getenv("PATH");
|
||
|
||
if(!envpath
|
||
#ifdef HAVE_DRIVE_LETTERS
|
||
|| (((file[0]>='A' && file[0]<='Z')
|
||
|| (file[0]>='a' && file[0]<='z'))
|
||
&& file[1]==':')
|
||
#else
|
||
|| file[0]=='/'
|
||
#endif
|
||
)
|
||
return access(file,mode);
|
||
else
|
||
{
|
||
/* At least as large as, but most often larger than we need. */
|
||
char *buffer=xmalloc(strlen(envpath)+1+strlen(file)+1);
|
||
char *split,*item,*path=xstrdup(envpath);
|
||
|
||
split=path;
|
||
|
||
while((item=strsep(&split,PATHSEP_S)))
|
||
{
|
||
strcpy(buffer,item);
|
||
strcat(buffer,"/");
|
||
strcat(buffer,file);
|
||
ret=access(buffer,mode);
|
||
if(ret==0)
|
||
break;
|
||
}
|
||
|
||
xfree(path);
|
||
xfree(buffer);
|
||
}
|
||
|
||
return ret;
|
||
}
|
||
|
||
|
||
|
||
/* Return the number of public key parameters as used by OpenPGP. */
|
||
int
|
||
pubkey_get_npkey (pubkey_algo_t algo)
|
||
{
|
||
switch (algo)
|
||
{
|
||
case PUBKEY_ALGO_RSA:
|
||
case PUBKEY_ALGO_RSA_E:
|
||
case PUBKEY_ALGO_RSA_S: return 2;
|
||
case PUBKEY_ALGO_ELGAMAL_E: return 3;
|
||
case PUBKEY_ALGO_DSA: return 4;
|
||
case PUBKEY_ALGO_ECDH: return 3;
|
||
case PUBKEY_ALGO_ECDSA: return 2;
|
||
case PUBKEY_ALGO_ELGAMAL: return 3;
|
||
case PUBKEY_ALGO_EDDSA: return 2;
|
||
default: return 0;
|
||
}
|
||
}
|
||
|
||
|
||
/* Return the number of secret key parameters as used by OpenPGP. */
|
||
int
|
||
pubkey_get_nskey (pubkey_algo_t algo)
|
||
{
|
||
switch (algo)
|
||
{
|
||
case PUBKEY_ALGO_RSA:
|
||
case PUBKEY_ALGO_RSA_E:
|
||
case PUBKEY_ALGO_RSA_S: return 6;
|
||
case PUBKEY_ALGO_ELGAMAL_E: return 4;
|
||
case PUBKEY_ALGO_DSA: return 5;
|
||
case PUBKEY_ALGO_ECDH: return 4;
|
||
case PUBKEY_ALGO_ECDSA: return 3;
|
||
case PUBKEY_ALGO_ELGAMAL: return 4;
|
||
case PUBKEY_ALGO_EDDSA: return 3;
|
||
default: return 0;
|
||
}
|
||
}
|
||
|
||
/* Temporary helper. */
|
||
int
|
||
pubkey_get_nsig (pubkey_algo_t algo)
|
||
{
|
||
switch (algo)
|
||
{
|
||
case PUBKEY_ALGO_RSA:
|
||
case PUBKEY_ALGO_RSA_E:
|
||
case PUBKEY_ALGO_RSA_S: return 1;
|
||
case PUBKEY_ALGO_ELGAMAL_E: return 0;
|
||
case PUBKEY_ALGO_DSA: return 2;
|
||
case PUBKEY_ALGO_ECDH: return 0;
|
||
case PUBKEY_ALGO_ECDSA: return 2;
|
||
case PUBKEY_ALGO_ELGAMAL: return 2;
|
||
case PUBKEY_ALGO_EDDSA: return 2;
|
||
default: return 0;
|
||
}
|
||
}
|
||
|
||
|
||
/* Temporary helper. */
|
||
int
|
||
pubkey_get_nenc (pubkey_algo_t algo)
|
||
{
|
||
switch (algo)
|
||
{
|
||
case PUBKEY_ALGO_RSA:
|
||
case PUBKEY_ALGO_RSA_E:
|
||
case PUBKEY_ALGO_RSA_S: return 1;
|
||
case PUBKEY_ALGO_ELGAMAL_E: return 2;
|
||
case PUBKEY_ALGO_DSA: return 0;
|
||
case PUBKEY_ALGO_ECDH: return 2;
|
||
case PUBKEY_ALGO_ECDSA: return 0;
|
||
case PUBKEY_ALGO_ELGAMAL: return 2;
|
||
case PUBKEY_ALGO_EDDSA: return 0;
|
||
default: return 0;
|
||
}
|
||
}
|
||
|
||
|
||
/* Temporary helper. */
|
||
unsigned int
|
||
pubkey_nbits( int algo, gcry_mpi_t *key )
|
||
{
|
||
int rc, nbits;
|
||
gcry_sexp_t sexp;
|
||
|
||
if (algo == PUBKEY_ALGO_DSA
|
||
&& key[0] && key[1] && key[2] && key[3])
|
||
{
|
||
rc = gcry_sexp_build (&sexp, NULL,
|
||
"(public-key(dsa(p%m)(q%m)(g%m)(y%m)))",
|
||
key[0], key[1], key[2], key[3] );
|
||
}
|
||
else if ((algo == PUBKEY_ALGO_ELGAMAL || algo == PUBKEY_ALGO_ELGAMAL_E)
|
||
&& key[0] && key[1] && key[2])
|
||
{
|
||
rc = gcry_sexp_build (&sexp, NULL,
|
||
"(public-key(elg(p%m)(g%m)(y%m)))",
|
||
key[0], key[1], key[2] );
|
||
}
|
||
else if (is_RSA (algo)
|
||
&& key[0] && key[1])
|
||
{
|
||
rc = gcry_sexp_build (&sexp, NULL,
|
||
"(public-key(rsa(n%m)(e%m)))",
|
||
key[0], key[1] );
|
||
}
|
||
else if ((algo == PUBKEY_ALGO_ECDSA || algo == PUBKEY_ALGO_ECDH
|
||
|| algo == PUBKEY_ALGO_EDDSA)
|
||
&& key[0] && key[1])
|
||
{
|
||
char *curve = openpgp_oid_to_str (key[0]);
|
||
if (!curve)
|
||
rc = gpg_error_from_syserror ();
|
||
else
|
||
{
|
||
rc = gcry_sexp_build (&sexp, NULL,
|
||
"(public-key(ecc(curve%s)(q%m)))",
|
||
curve, key[1]);
|
||
xfree (curve);
|
||
}
|
||
}
|
||
else
|
||
return 0;
|
||
|
||
if (rc)
|
||
BUG ();
|
||
|
||
nbits = gcry_pk_get_nbits (sexp);
|
||
gcry_sexp_release (sexp);
|
||
return nbits;
|
||
}
|
||
|
||
|
||
|
||
int
|
||
mpi_print (estream_t fp, gcry_mpi_t a, int mode)
|
||
{
|
||
int n = 0;
|
||
size_t nwritten;
|
||
|
||
if (!a)
|
||
return es_fprintf (fp, "[MPI_NULL]");
|
||
if (!mode)
|
||
{
|
||
unsigned int n1;
|
||
n1 = gcry_mpi_get_nbits(a);
|
||
n += es_fprintf (fp, "[%u bits]", n1);
|
||
}
|
||
else if (gcry_mpi_get_flag (a, GCRYMPI_FLAG_OPAQUE))
|
||
{
|
||
unsigned int nbits;
|
||
unsigned char *p = gcry_mpi_get_opaque (a, &nbits);
|
||
if (!p)
|
||
n += es_fprintf (fp, "[invalid opaque value]");
|
||
else
|
||
{
|
||
if (!es_write_hexstring (fp, p, (nbits + 7)/8, 0, &nwritten))
|
||
n += nwritten;
|
||
}
|
||
}
|
||
else
|
||
{
|
||
unsigned char *buffer;
|
||
size_t buflen;
|
||
|
||
if (gcry_mpi_aprint (GCRYMPI_FMT_USG, &buffer, &buflen, a))
|
||
BUG ();
|
||
if (!es_write_hexstring (fp, buffer, buflen, 0, &nwritten))
|
||
n += nwritten;
|
||
gcry_free (buffer);
|
||
}
|
||
return n;
|
||
}
|
||
|
||
|
||
/* pkey[1] or skey[1] is Q for ECDSA, which is an uncompressed point,
|
||
i.e. 04 <x> <y> */
|
||
unsigned int
|
||
ecdsa_qbits_from_Q (unsigned int qbits)
|
||
{
|
||
if ((qbits%8) > 3)
|
||
{
|
||
log_error (_("ECDSA public key is expected to be in SEC encoding "
|
||
"multiple of 8 bits\n"));
|
||
return 0;
|
||
}
|
||
qbits -= qbits%8;
|
||
qbits /= 2;
|
||
return qbits;
|
||
}
|
||
|
||
|
||
/* Ignore signatures and certifications made over certain digest
|
||
* algorithms by default, MD5 is considered weak. This allows users
|
||
* to deprecate support for other algorithms as well.
|
||
*/
|
||
void
|
||
additional_weak_digest (const char* digestname)
|
||
{
|
||
struct weakhash *weak = NULL;
|
||
const enum gcry_md_algos algo = string_to_digest_algo(digestname);
|
||
|
||
if (algo == GCRY_MD_NONE)
|
||
{
|
||
log_error (_("unknown weak digest '%s'\n"), digestname);
|
||
return;
|
||
}
|
||
|
||
/* Check to ensure it's not already present. */
|
||
for (weak = opt.weak_digests; weak; weak = weak->next)
|
||
if (algo == weak->algo)
|
||
return;
|
||
|
||
/* Add it to the head of the list. */
|
||
weak = xmalloc(sizeof(*weak));
|
||
weak->algo = algo;
|
||
weak->rejection_shown = 0;
|
||
weak->next = opt.weak_digests;
|
||
opt.weak_digests = weak;
|
||
}
|
||
|
||
|
||
/* Return true if ALGO is in the list of weak digests. */
|
||
int
|
||
is_weak_digest (digest_algo_t algo)
|
||
{
|
||
const enum gcry_md_algos galgo = map_md_openpgp_to_gcry (algo);
|
||
const struct weakhash *weak;
|
||
|
||
for (weak = opt.weak_digests; weak; weak = weak->next)
|
||
if (weak->algo == galgo)
|
||
return 1;
|
||
return 0;
|
||
}
|