mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-24 15:17:02 +01:00
2c814806d7
* g10/gpg.c (oLegacyListMode, opts, main): Add --legacy-list-mode. * g10/options.h (struct opt): Add field legacy_list_mode. * g10/keydb.h (PUBKEY_STRING_SIZE): New. * g10/keyid.c (pubkey_string): New. * g10/import.c (import_one, import_secret_one): Use pubkey_string. * g10/keylist.c (print_seckey_info): Ditto. (print_pubkey_info, print_card_key_info): Ditto. (list_keyblock_print): Ditto. * g10/mainproc.c (list_node): Ditto. * g10/pkclist.c (do_edit_ownertrust, build_pk_list): Ditto. * g10/keyedit.c (show_key_with_all_names): Ditto. Also change the format. (show_basic_key_info): Ditto. * common/openpgp-oid.c (openpgp_curve_to_oid): Also allow "ed25519". (openpgp_oid_to_curve): Downcase "ed25519" -- For ECC it seems to be better to show the name of the curve and not just the size of the prime field. The curve name does not anymore fit into the "<size><letter>" descriptor (e.g. "2048R") and a fixed length format does not work either. Thus the new format uses "rsa2048" - RSA with 2048 bit "elg1024" - Elgamal with 1024 bit "ed25519" - ECC using the curve Ed25519. "E_1.2.3.4" - ECC using the unsupported curve with OID "1.2.3.4". unless --legacy-list-mode is given. In does not anymore line up nicely in columns thus I expect further changes to this new format. Signed-off-by: Werner Koch <wk@gnupg.org>
357 lines
8.9 KiB
C
357 lines
8.9 KiB
C
/* openpgp-oids.c - OID helper for OpenPGP
|
|
* Copyright (C) 2011 Free Software Foundation, Inc.
|
|
* Copyright (C) 2013 Werner Koch
|
|
*
|
|
* This file is part of GnuPG.
|
|
*
|
|
* This file is free software; you can redistribute it and/or modify
|
|
* it under the terms of either
|
|
*
|
|
* - the GNU Lesser General Public License as published by the Free
|
|
* Software Foundation; either version 3 of the License, or (at
|
|
* your option) any later version.
|
|
*
|
|
* or
|
|
*
|
|
* - the GNU General Public License as published by the Free
|
|
* Software Foundation; either version 2 of the License, or (at
|
|
* your option) any later version.
|
|
*
|
|
* or both in parallel, as here.
|
|
*
|
|
* This file is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
#include <config.h>
|
|
#include <stdlib.h>
|
|
#include <errno.h>
|
|
#include <ctype.h>
|
|
#include <assert.h>
|
|
|
|
#include "util.h"
|
|
|
|
|
|
/* The OID for Curve Ed25519 in OpenPGP format. */
|
|
static const char oid_ed25519[] =
|
|
{ 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x97, 0x55, 0x01, 0x05, 0x01 };
|
|
|
|
|
|
/* Helper for openpgp_oid_from_str. */
|
|
static size_t
|
|
make_flagged_int (unsigned long value, char *buf, size_t buflen)
|
|
{
|
|
int more = 0;
|
|
int shift;
|
|
|
|
/* fixme: figure out the number of bits in an ulong and start with
|
|
that value as shift (after making it a multiple of 7) a more
|
|
straigtforward implementation is to do it in reverse order using
|
|
a temporary buffer - saves a lot of compares */
|
|
for (more=0, shift=28; shift > 0; shift -= 7)
|
|
{
|
|
if (more || value >= (1<<shift))
|
|
{
|
|
buf[buflen++] = 0x80 | (value >> shift);
|
|
value -= (value >> shift) << shift;
|
|
more = 1;
|
|
}
|
|
}
|
|
buf[buflen++] = value;
|
|
return buflen;
|
|
}
|
|
|
|
|
|
/* Convert the OID given in dotted decimal form in STRING to an DER
|
|
* encoding and store it as an opaque value at R_MPI. The format of
|
|
* the DER encoded is not a regular ASN.1 object but the modified
|
|
* format as used by OpenPGP for the ECC curve description. On error
|
|
* the function returns and error code an NULL is stored at R_BUG.
|
|
* Note that scanning STRING stops at the first white space
|
|
* character. */
|
|
gpg_error_t
|
|
openpgp_oid_from_str (const char *string, gcry_mpi_t *r_mpi)
|
|
{
|
|
unsigned char *buf;
|
|
size_t buflen;
|
|
unsigned long val1, val;
|
|
const char *endp;
|
|
int arcno;
|
|
|
|
*r_mpi = NULL;
|
|
|
|
if (!string || !*string)
|
|
return gpg_error (GPG_ERR_INV_VALUE);
|
|
|
|
/* We can safely assume that the encoded OID is shorter than the string. */
|
|
buf = xtrymalloc (1 + strlen (string) + 2);
|
|
if (!buf)
|
|
return gpg_error_from_syserror ();
|
|
/* Save the first byte for the length. */
|
|
buflen = 1;
|
|
|
|
val1 = 0; /* Avoid compiler warning. */
|
|
arcno = 0;
|
|
do {
|
|
arcno++;
|
|
val = strtoul (string, (char**)&endp, 10);
|
|
if (!digitp (string) || !(*endp == '.' || !*endp))
|
|
{
|
|
xfree (buf);
|
|
return gpg_error (GPG_ERR_INV_OID_STRING);
|
|
}
|
|
if (*endp == '.')
|
|
string = endp+1;
|
|
|
|
if (arcno == 1)
|
|
{
|
|
if (val > 2)
|
|
break; /* Not allowed, error catched below. */
|
|
val1 = val;
|
|
}
|
|
else if (arcno == 2)
|
|
{ /* Need to combine the first two arcs in one octet. */
|
|
if (val1 < 2)
|
|
{
|
|
if (val > 39)
|
|
{
|
|
xfree (buf);
|
|
return gpg_error (GPG_ERR_INV_OID_STRING);
|
|
}
|
|
buf[buflen++] = val1*40 + val;
|
|
}
|
|
else
|
|
{
|
|
val += 80;
|
|
buflen = make_flagged_int (val, buf, buflen);
|
|
}
|
|
}
|
|
else
|
|
{
|
|
buflen = make_flagged_int (val, buf, buflen);
|
|
}
|
|
} while (*endp == '.');
|
|
|
|
if (arcno == 1 || buflen < 2 || buflen > 254 )
|
|
{ /* It is not possible to encode only the first arc. */
|
|
xfree (buf);
|
|
return gpg_error (GPG_ERR_INV_OID_STRING);
|
|
}
|
|
|
|
*buf = buflen - 1;
|
|
*r_mpi = gcry_mpi_set_opaque (NULL, buf, buflen * 8);
|
|
if (!*r_mpi)
|
|
{
|
|
xfree (buf);
|
|
return gpg_error_from_syserror ();
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
|
|
/* Return a malloced string represenation of the OID in the opaque MPI
|
|
A. In case of an error NULL is returned and ERRNO is set. */
|
|
char *
|
|
openpgp_oid_to_str (gcry_mpi_t a)
|
|
{
|
|
const unsigned char *buf;
|
|
size_t length;
|
|
unsigned int lengthi;
|
|
char *string, *p;
|
|
int n = 0;
|
|
unsigned long val, valmask;
|
|
|
|
valmask = (unsigned long)0xfe << (8 * (sizeof (valmask) - 1));
|
|
|
|
if (!a || !gcry_mpi_get_flag (a, GCRYMPI_FLAG_OPAQUE))
|
|
{
|
|
gpg_err_set_errno (EINVAL);
|
|
return NULL;
|
|
}
|
|
|
|
buf = gcry_mpi_get_opaque (a, &lengthi);
|
|
length = (lengthi+7)/8;
|
|
|
|
/* The first bytes gives the length; check consistency. */
|
|
if (!length || buf[0] != length -1)
|
|
{
|
|
gpg_err_set_errno (EINVAL);
|
|
return NULL;
|
|
}
|
|
/* Skip length byte. */
|
|
length--;
|
|
buf++;
|
|
|
|
/* To calculate the length of the string we can safely assume an
|
|
upper limit of 3 decimal characters per byte. Two extra bytes
|
|
account for the special first octect */
|
|
string = p = xtrymalloc (length*(1+3)+2+1);
|
|
if (!string)
|
|
return NULL;
|
|
if (!buf || !length)
|
|
{
|
|
*p = 0;
|
|
return string;
|
|
}
|
|
|
|
if (buf[0] < 40)
|
|
p += sprintf (p, "0.%d", buf[n]);
|
|
else if (buf[0] < 80)
|
|
p += sprintf (p, "1.%d", buf[n]-40);
|
|
else {
|
|
val = buf[n] & 0x7f;
|
|
while ( (buf[n]&0x80) && ++n < length )
|
|
{
|
|
if ( (val & valmask) )
|
|
goto badoid; /* Overflow. */
|
|
val <<= 7;
|
|
val |= buf[n] & 0x7f;
|
|
}
|
|
val -= 80;
|
|
sprintf (p, "2.%lu", val);
|
|
p += strlen (p);
|
|
}
|
|
for (n++; n < length; n++)
|
|
{
|
|
val = buf[n] & 0x7f;
|
|
while ( (buf[n]&0x80) && ++n < length )
|
|
{
|
|
if ( (val & valmask) )
|
|
goto badoid; /* Overflow. */
|
|
val <<= 7;
|
|
val |= buf[n] & 0x7f;
|
|
}
|
|
sprintf (p, ".%lu", val);
|
|
p += strlen (p);
|
|
}
|
|
|
|
*p = 0;
|
|
return string;
|
|
|
|
badoid:
|
|
/* Return a special OID (gnu.gnupg.badoid) to indicate the error
|
|
case. The OID is broken and thus we return one which can't do
|
|
any harm. Formally this does not need to be a bad OID but an OID
|
|
with an arc that can't be represented in a 32 bit word is more
|
|
than likely corrupt. */
|
|
xfree (string);
|
|
return xtrystrdup ("1.3.6.1.4.1.11591.2.12242973");
|
|
}
|
|
|
|
|
|
|
|
/* Return true if A represents the OID for Ed25519. */
|
|
int
|
|
openpgp_oid_is_ed25519 (gcry_mpi_t a)
|
|
{
|
|
const unsigned char *buf;
|
|
unsigned int nbits;
|
|
size_t n;
|
|
|
|
if (!a || !gcry_mpi_get_flag (a, GCRYMPI_FLAG_OPAQUE))
|
|
return 0;
|
|
|
|
buf = gcry_mpi_get_opaque (a, &nbits);
|
|
n = (nbits+7)/8;
|
|
return (n == DIM (oid_ed25519)
|
|
&& !memcmp (buf, oid_ed25519, DIM (oid_ed25519)));
|
|
}
|
|
|
|
|
|
|
|
/* Map the Libgcrypt ECC curve NAME to an OID. If R_NBITS is not NULL
|
|
store the bit size of the curve there. Returns NULL for unknown
|
|
curve names. */
|
|
const char *
|
|
openpgp_curve_to_oid (const char *name, unsigned int *r_nbits)
|
|
{
|
|
unsigned int nbits = 0;
|
|
const char *oidstr;
|
|
|
|
if (!name)
|
|
oidstr = NULL;
|
|
else if (!strcmp (name, "Ed25519") || !strcmp (name, "ed25519"))
|
|
{
|
|
oidstr = "1.3.6.1.4.1.11591.15.1";
|
|
nbits = 255;
|
|
}
|
|
else if (!strcmp (name, "nistp256"))
|
|
{
|
|
oidstr = "1.2.840.10045.3.1.7";
|
|
nbits = 256;
|
|
}
|
|
else if (!strcmp (name, "nistp384"))
|
|
{
|
|
oidstr = "1.3.132.0.34";
|
|
nbits = 384;
|
|
}
|
|
else if (!strcmp (name, "nistp521"))
|
|
{
|
|
oidstr = "1.3.132.0.35";
|
|
nbits = 521;
|
|
}
|
|
else if (!strcmp (name,"brainpoolP256r1"))
|
|
{
|
|
oidstr = "1.3.36.3.3.2.8.1.1.7";
|
|
nbits = 256;
|
|
}
|
|
else if (!strcmp (name, "brainpoolP384r1"))
|
|
{
|
|
oidstr = "1.3.36.3.3.2.8.1.1.11";
|
|
nbits = 384;
|
|
}
|
|
else if (!strcmp (name, "brainpoolP512r1"))
|
|
{
|
|
oidstr = "1.3.36.3.3.2.8.1.1.13";
|
|
nbits = 512;
|
|
}
|
|
else if (!strcmp (name, "secp256k1"))
|
|
{
|
|
oidstr = "1.3.132.0.10";
|
|
nbits = 256;
|
|
}
|
|
else
|
|
oidstr = NULL;
|
|
|
|
if (r_nbits)
|
|
*r_nbits = nbits;
|
|
return oidstr;
|
|
}
|
|
|
|
|
|
/* Map an OpenPGP OID to the Libgcrypt curve NAME. Returns "?" for
|
|
unknown curve names. */
|
|
const char *
|
|
openpgp_oid_to_curve (const char *oid)
|
|
{
|
|
const char *name;
|
|
|
|
if (!oid)
|
|
name = "";
|
|
else if (!strcmp (oid, "1.3.6.1.4.1.11591.15.1"))
|
|
name = "ed25519";
|
|
else if (!strcmp (oid, "1.2.840.10045.3.1.7"))
|
|
name = "nistp256";
|
|
else if (!strcmp (oid, "1.3.132.0.10"))
|
|
name = "secp256k1";
|
|
else if (!strcmp (oid, "1.3.132.0.34"))
|
|
name = "nistp384";
|
|
else if (!strcmp (oid, "1.3.132.0.35"))
|
|
name = "nistp521";
|
|
else if (!strcmp (oid, "1.3.36.3.3.2.8.1.1.7"))
|
|
name = "brainpoolP256r1";
|
|
else if (!strcmp (oid, "1.3.36.3.3.2.8.1.1.11"))
|
|
name = "brainpoolP384r1";
|
|
else if (!strcmp (oid, "1.3.36.3.3.2.8.1.1.13"))
|
|
name = "brainpoolP512r1";
|
|
else
|
|
name = "?";
|
|
|
|
return name;
|
|
}
|