mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-09 12:54:23 +01:00
819 lines
20 KiB
C
819 lines
20 KiB
C
/* pkclist.c
|
|
* Copyright (C) 1998 Free Software Foundation, Inc.
|
|
*
|
|
* This file is part of GnuPG.
|
|
*
|
|
* GnuPG is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* GnuPG is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program; if not, write to the Free Software
|
|
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
|
|
*/
|
|
|
|
#include <config.h>
|
|
#include <stdio.h>
|
|
#include <stdlib.h>
|
|
#include <string.h>
|
|
#include <errno.h>
|
|
#include <assert.h>
|
|
|
|
#include "options.h"
|
|
#include "packet.h"
|
|
#include "errors.h"
|
|
#include "keydb.h"
|
|
#include "memory.h"
|
|
#include "util.h"
|
|
#include "trustdb.h"
|
|
#include "ttyio.h"
|
|
#include "status.h"
|
|
#include "i18n.h"
|
|
|
|
|
|
#define CONTROL_D ('D' - 'A' + 1)
|
|
|
|
|
|
static void
|
|
show_paths( ulong lid, int only_first )
|
|
{
|
|
void *context = NULL;
|
|
unsigned otrust, validity;
|
|
int last_level, level;
|
|
|
|
last_level = 0;
|
|
while( (level=enum_cert_paths( &context, &lid, &otrust, &validity)) != -1){
|
|
char *p;
|
|
int c, rc;
|
|
size_t n;
|
|
u32 keyid[2];
|
|
PKT_public_key *pk ;
|
|
|
|
if( level < last_level && only_first )
|
|
break;
|
|
last_level = level;
|
|
|
|
rc = keyid_from_lid( lid, keyid );
|
|
if( rc ) {
|
|
log_error("ooops: can't get keyid for lid %lu\n", lid);
|
|
return;
|
|
}
|
|
|
|
pk = m_alloc_clear( sizeof *pk );
|
|
rc = get_pubkey( pk, keyid );
|
|
if( rc ) {
|
|
log_error("key %08lX: public key not found: %s\n",
|
|
(ulong)keyid[1], g10_errstr(rc) );
|
|
return;
|
|
}
|
|
|
|
tty_printf("%*s%4u%c/%08lX.%lu %s \"",
|
|
level*2, "",
|
|
nbits_from_pk( pk ), pubkey_letter( pk->pubkey_algo ),
|
|
(ulong)keyid[1], lid, datestr_from_pk( pk ) );
|
|
|
|
c = trust_letter(otrust);
|
|
if( c )
|
|
putchar( c );
|
|
else
|
|
printf( "%02x", otrust );
|
|
putchar('/');
|
|
c = trust_letter(validity);
|
|
if( c )
|
|
putchar( c );
|
|
else
|
|
printf( "%02x", validity );
|
|
putchar(' ');
|
|
|
|
p = get_user_id( keyid, &n );
|
|
tty_print_string( p, n ),
|
|
m_free(p);
|
|
tty_printf("\"\n");
|
|
free_public_key( pk );
|
|
}
|
|
enum_cert_paths( &context, NULL, NULL, NULL ); /* release context */
|
|
tty_printf("\n");
|
|
}
|
|
|
|
|
|
|
|
|
|
/****************
|
|
* Returns true if an ownertrust has changed.
|
|
*/
|
|
static int
|
|
do_edit_ownertrust( ulong lid, int mode, unsigned *new_trust )
|
|
{
|
|
char *p;
|
|
int rc;
|
|
size_t n;
|
|
u32 keyid[2];
|
|
PKT_public_key *pk ;
|
|
int changed=0;
|
|
int quit=0;
|
|
int show=0;
|
|
|
|
rc = keyid_from_lid( lid, keyid );
|
|
if( rc ) {
|
|
log_error("ooops: can't get keyid for lid %lu\n", lid);
|
|
return 0;
|
|
}
|
|
|
|
pk = m_alloc_clear( sizeof *pk );
|
|
rc = get_pubkey( pk, keyid );
|
|
if( rc ) {
|
|
log_error("key %08lX: public key not found: %s\n",
|
|
(ulong)keyid[1], g10_errstr(rc) );
|
|
return 0;
|
|
}
|
|
|
|
if( !mode ) {
|
|
tty_printf(_("No trust value assigned to %lu:\n"
|
|
"%4u%c/%08lX %s \""), lid,
|
|
nbits_from_pk( pk ), pubkey_letter( pk->pubkey_algo ),
|
|
(ulong)keyid[1], datestr_from_pk( pk ) );
|
|
p = get_user_id( keyid, &n );
|
|
tty_print_string( p, n ),
|
|
m_free(p);
|
|
tty_printf("\"\n\n");
|
|
}
|
|
tty_printf(_(
|
|
"Please decide how far you trust this user to correctly\n"
|
|
"verify other users' keys (by looking at passports,\n"
|
|
"checking fingerprints from different sources...)?\n\n"
|
|
" 1 = Don't know\n"
|
|
" 2 = I do NOT trust\n"
|
|
" 3 = I trust marginally\n"
|
|
" 4 = I trust fully\n"
|
|
" s = please show me more information\n") );
|
|
if( mode )
|
|
tty_printf(_(" m = back to the main menu\n"));
|
|
else
|
|
tty_printf(_(" q = quit\n"));
|
|
tty_printf("\n");
|
|
|
|
for(;;) {
|
|
/* a string with valid answers */
|
|
char *ans = _("sSmMqQ");
|
|
|
|
if( strlen(ans) != 6 )
|
|
BUG();
|
|
p = cpr_get("edit_ownertrust.value",_("Your decision? "));
|
|
trim_spaces(p);
|
|
cpr_kill_prompt();
|
|
if( *p && p[1] )
|
|
;
|
|
else if( !p[1] && (*p >= '1' && *p <= '4') ) {
|
|
unsigned trust;
|
|
switch( *p ) {
|
|
case '1': trust = TRUST_UNDEFINED; break;
|
|
case '2': trust = TRUST_NEVER ; break;
|
|
case '3': trust = TRUST_MARGINAL ; break;
|
|
case '4': trust = TRUST_FULLY ; break;
|
|
default: BUG();
|
|
}
|
|
*new_trust = trust;
|
|
changed = 1;
|
|
break;
|
|
}
|
|
else if( *p == ans[0] || *p == ans[1] ) {
|
|
tty_printf(_(
|
|
"Certificates leading to an ultimately trusted key:\n"));
|
|
show = 1;
|
|
break;
|
|
}
|
|
else if( mode && (*p == ans[2] || *p == ans[3] || *p == CONTROL_D ) ) {
|
|
break ; /* back to the menu */
|
|
}
|
|
else if( !mode && (*p == ans[4] || *p == ans[5] ) ) {
|
|
quit = 1;
|
|
break ; /* back to the menu */
|
|
}
|
|
m_free(p); p = NULL;
|
|
}
|
|
m_free(p);
|
|
m_free(pk);
|
|
return show? -2: quit? -1 : changed;
|
|
}
|
|
|
|
|
|
int
|
|
edit_ownertrust( ulong lid, int mode )
|
|
{
|
|
unsigned trust;
|
|
|
|
for(;;) {
|
|
switch( do_edit_ownertrust( lid, mode, &trust ) ) {
|
|
case -1:
|
|
return 0;
|
|
case -2:
|
|
show_paths( lid, 1 );
|
|
break;
|
|
case 1:
|
|
if( !update_ownertrust( lid, trust ) )
|
|
return 1;
|
|
return 0;
|
|
default:
|
|
return 0;
|
|
}
|
|
}
|
|
}
|
|
|
|
static int
|
|
add_ownertrust_cb( ulong lid )
|
|
{
|
|
unsigned trust;
|
|
int rc = do_edit_ownertrust( lid, 0, &trust );
|
|
|
|
if( rc == 1 )
|
|
return trust & TRUST_MASK;
|
|
return rc > 0? 0 : rc;
|
|
}
|
|
|
|
/****************
|
|
* Try to add some more owner trusts (interactive)
|
|
* This function presents all the signator in a certificate
|
|
* chain who have no ownertrust value assigned.
|
|
* Returns: -1 if no ownertrust were added.
|
|
*/
|
|
static int
|
|
add_ownertrust( PKT_public_key *pk, int *quit, unsigned *trustlevel )
|
|
{
|
|
int rc;
|
|
unsigned flags = 0;
|
|
|
|
*quit = 0;
|
|
*trustlevel = 0;
|
|
tty_printf(
|
|
_("Could not find a valid trust path to the key. Let's see whether we\n"
|
|
"can assign some missing owner trust values.\n\n"));
|
|
|
|
rc = check_trust( pk, trustlevel, NULL, add_ownertrust_cb, &flags );
|
|
|
|
if( !(flags & 1) )
|
|
tty_printf(_("No path leading to one of our keys found.\n\n") );
|
|
else if( !(flags & 2) )
|
|
tty_printf(_("No certificates with undefined trust found.\n\n") );
|
|
else if( !(flags & 4) )
|
|
tty_printf(_("No trust values changed.\n\n") );
|
|
|
|
return (flags & 4)? 0:-1;
|
|
}
|
|
|
|
/****************
|
|
* Check whether we can trust this pk which has a trustlevel of TRUSTLEVEL
|
|
* Returns: true if we trust.
|
|
*/
|
|
static int
|
|
do_we_trust( PKT_public_key *pk, int trustlevel )
|
|
{
|
|
int rc;
|
|
int did_add = 0;
|
|
|
|
retry:
|
|
if( (trustlevel & TRUST_FLAG_REVOKED) ) {
|
|
log_info(_("key %08lX: key has been revoked!\n"),
|
|
(ulong)keyid_from_pk( pk, NULL) );
|
|
if( opt.batch )
|
|
return 0;
|
|
|
|
if( !cpr_get_answer_is_yes("revoked_key.override",
|
|
_("Use this key anyway? ")) )
|
|
return 0;
|
|
}
|
|
else if( (trustlevel & TRUST_FLAG_SUB_REVOKED) ) {
|
|
log_info(_("key %08lX: subkey has been revoked!\n"),
|
|
(ulong)keyid_from_pk( pk, NULL) );
|
|
if( opt.batch )
|
|
return 0;
|
|
|
|
if( !cpr_get_answer_is_yes("revoked_key.override",
|
|
_("Use this key anyway? ")) )
|
|
return 0;
|
|
}
|
|
|
|
|
|
switch( (trustlevel & TRUST_MASK) ) {
|
|
case TRUST_UNKNOWN: /* No pubkey in trustDB: Insert and check again */
|
|
rc = insert_trust_record( pk );
|
|
if( rc ) {
|
|
log_error("failed to insert it into the trustdb: %s\n",
|
|
g10_errstr(rc) );
|
|
return 0; /* no */
|
|
}
|
|
rc = check_trust( pk, &trustlevel, NULL, NULL, NULL );
|
|
if( rc )
|
|
log_fatal("trust check after insert failed: %s\n",
|
|
g10_errstr(rc) );
|
|
if( trustlevel == TRUST_UNKNOWN || trustlevel == TRUST_EXPIRED ) {
|
|
log_debug("do_we_trust: oops at %d\n", __LINE__ );
|
|
return 0;
|
|
}
|
|
return do_we_trust( pk, trustlevel );
|
|
|
|
case TRUST_EXPIRED:
|
|
log_info(_("%08lX: key has expired\n"),
|
|
(ulong)keyid_from_pk( pk, NULL) );
|
|
return 0; /* no */
|
|
|
|
case TRUST_UNDEFINED:
|
|
if( opt.batch || opt.answer_no )
|
|
log_info(_("%08lX: no info to calculate a trust probability\n"),
|
|
(ulong)keyid_from_pk( pk, NULL) );
|
|
else {
|
|
int quit;
|
|
|
|
rc = add_ownertrust( pk, &quit, &trustlevel );
|
|
if( !rc && !did_add && !quit ) {
|
|
did_add = 1;
|
|
goto retry;
|
|
}
|
|
}
|
|
return 0;
|
|
|
|
case TRUST_NEVER:
|
|
log_info(_("%08lX: We do NOT trust this key\n"),
|
|
(ulong)keyid_from_pk( pk, NULL) );
|
|
return 0; /* no */
|
|
|
|
case TRUST_MARGINAL:
|
|
log_info(
|
|
_("%08lX: It is not sure that this key really belongs to the owner\n"
|
|
"but it is accepted anyway\n"), (ulong)keyid_from_pk( pk, NULL) );
|
|
return 1; /* yes */
|
|
|
|
case TRUST_FULLY:
|
|
if( opt.verbose )
|
|
log_info(_("This key probably belongs to the owner\n"));
|
|
return 1; /* yes */
|
|
|
|
case TRUST_ULTIMATE:
|
|
if( opt.verbose )
|
|
log_info(_("This key belongs to us\n"));
|
|
return 1; /* yes */
|
|
|
|
default: BUG();
|
|
}
|
|
|
|
return 1; /* yes */
|
|
}
|
|
|
|
|
|
/****************
|
|
* wrapper around do_we_trust, so we can ask whether to use the
|
|
* key anyway.
|
|
*/
|
|
static int
|
|
do_we_trust_pre( PKT_public_key *pk, int trustlevel )
|
|
{
|
|
int rc;
|
|
|
|
rc = do_we_trust( pk, trustlevel );
|
|
|
|
if( (trustlevel & TRUST_FLAG_REVOKED) && !rc )
|
|
return 0;
|
|
if( (trustlevel & TRUST_FLAG_SUB_REVOKED) && !rc )
|
|
return 0;
|
|
else if( !opt.batch && !rc ) {
|
|
char *p;
|
|
u32 keyid[2];
|
|
size_t n;
|
|
|
|
keyid_from_pk( pk, keyid);
|
|
tty_printf( "%4u%c/%08lX %s \"",
|
|
nbits_from_pk( pk ), pubkey_letter( pk->pubkey_algo ),
|
|
(ulong)keyid[1], datestr_from_pk( pk ) );
|
|
p = get_user_id( keyid, &n );
|
|
tty_print_string( p, n ),
|
|
m_free(p);
|
|
tty_printf("\"\n\n");
|
|
|
|
tty_printf(_(
|
|
"It is NOT certain that the key belongs to its owner.\n"
|
|
"If you *really* know what you are doing, you may answer\n"
|
|
"the next question with yes\n\n") );
|
|
|
|
if( cpr_get_answer_is_yes("untrusted_key.override",
|
|
_("Use this key anyway? ")) )
|
|
rc = 1;
|
|
|
|
/* Hmmm: Should we set a flag to tell the user the user about
|
|
* his decision the next time he encrypts for this recipient?
|
|
*/
|
|
}
|
|
else if( opt.always_trust && !rc ) {
|
|
log_info(_("WARNING: Using untrusted key!\n"));
|
|
rc = 1;
|
|
}
|
|
return rc;
|
|
}
|
|
|
|
|
|
|
|
/****************
|
|
* Check whether we can trust this signature.
|
|
* Returns: Error if we shall not trust this signatures.
|
|
*/
|
|
int
|
|
check_signatures_trust( PKT_signature *sig )
|
|
{
|
|
PKT_public_key *pk = m_alloc_clear( sizeof *pk );
|
|
int trustlevel;
|
|
int did_add = 0;
|
|
int rc=0;
|
|
|
|
|
|
if( opt.always_trust ) {
|
|
log_info(_("WARNING: Using untrusted key!\n"));
|
|
return 0;
|
|
}
|
|
|
|
|
|
rc = get_pubkey( pk, sig->keyid );
|
|
if( rc ) { /* this should not happen */
|
|
log_error("Ooops; the key vanished - can't check the trust\n");
|
|
rc = G10ERR_NO_PUBKEY;
|
|
goto leave;
|
|
}
|
|
|
|
rc = check_trust( pk, &trustlevel, NULL, NULL, NULL );
|
|
if( rc ) {
|
|
log_error("check trust failed: %s\n", g10_errstr(rc));
|
|
goto leave;
|
|
}
|
|
|
|
retry:
|
|
if( (trustlevel & TRUST_FLAG_REVOKED) ) {
|
|
write_status( STATUS_KEYREVOKED );
|
|
log_info(_("WARNING: This key has been revoked by its owner!\n"));
|
|
log_info(_(" This could mean that the signature is forgery.\n"));
|
|
}
|
|
else if( (trustlevel & TRUST_FLAG_SUB_REVOKED) ) {
|
|
write_status( STATUS_KEYREVOKED );
|
|
log_info(_("WARNING: This subkey has been revoked by its owner!\n"));
|
|
}
|
|
|
|
|
|
switch( (trustlevel & TRUST_MASK) ) {
|
|
case TRUST_UNKNOWN: /* No pubkey in trustDB: Insert and check again */
|
|
rc = insert_trust_record( pk );
|
|
if( rc ) {
|
|
log_error("failed to insert it into the trustdb: %s\n",
|
|
g10_errstr(rc) );
|
|
goto leave;
|
|
}
|
|
rc = check_trust( pk, &trustlevel, NULL, NULL, NULL );
|
|
if( rc )
|
|
log_fatal("trust check after insert failed: %s\n",
|
|
g10_errstr(rc) );
|
|
if( trustlevel == TRUST_UNKNOWN || trustlevel == TRUST_EXPIRED )
|
|
BUG();
|
|
goto retry;
|
|
|
|
case TRUST_EXPIRED:
|
|
log_info(_("Note: This key has expired!\n"));
|
|
break;
|
|
|
|
case TRUST_UNDEFINED:
|
|
if( did_add || opt.batch || opt.answer_no ) {
|
|
write_status( STATUS_TRUST_UNDEFINED );
|
|
log_info(_(
|
|
"WARNING: This key is not certified with a trusted signature!\n"));
|
|
log_info(_(
|
|
" There is no indication that the "
|
|
"signature belongs to the owner.\n" ));
|
|
}
|
|
else {
|
|
int quit;
|
|
rc = add_ownertrust( pk, &quit, &trustlevel );
|
|
if( rc || quit ) {
|
|
did_add = 1;
|
|
rc = 0;
|
|
}
|
|
goto retry;
|
|
}
|
|
break;
|
|
|
|
case TRUST_NEVER:
|
|
write_status( STATUS_TRUST_NEVER );
|
|
log_info(_("WARNING: We do NOT trust this key!\n"));
|
|
log_info(_(" The signature is probably a FORGERY.\n"));
|
|
rc = G10ERR_BAD_SIGN;
|
|
break;
|
|
|
|
case TRUST_MARGINAL:
|
|
write_status( STATUS_TRUST_MARGINAL );
|
|
log_info(_(
|
|
"WARNING: This key is not certified with sufficiently trusted signatures!\n"
|
|
));
|
|
log_info(_(
|
|
" It is not certain that the signature belongs to the owner.\n"
|
|
));
|
|
break;
|
|
|
|
case TRUST_FULLY:
|
|
write_status( STATUS_TRUST_FULLY );
|
|
break;
|
|
|
|
case TRUST_ULTIMATE:
|
|
write_status( STATUS_TRUST_ULTIMATE );
|
|
break;
|
|
|
|
default: BUG();
|
|
}
|
|
|
|
|
|
leave:
|
|
free_public_key( pk );
|
|
return rc;
|
|
}
|
|
|
|
|
|
void
|
|
release_pk_list( PK_LIST pk_list )
|
|
{
|
|
PK_LIST pk_rover;
|
|
|
|
for( ; pk_list; pk_list = pk_rover ) {
|
|
pk_rover = pk_list->next;
|
|
free_public_key( pk_list->pk );
|
|
m_free( pk_list );
|
|
}
|
|
}
|
|
|
|
int
|
|
build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned use )
|
|
{
|
|
PK_LIST pk_list = NULL;
|
|
PKT_public_key *pk=NULL;
|
|
int rc=0;
|
|
int any_recipients=0;
|
|
STRLIST rov;
|
|
|
|
/* check whether there are any recipients in the list and build the
|
|
* list of the encrypt-to ones (we always trust them) */
|
|
for( rov = remusr; rov; rov = rov->next ) {
|
|
if( !(rov->flags & 1) )
|
|
any_recipients = 1;
|
|
else if( (use & PUBKEY_USAGE_ENC) && !opt.no_encrypt_to ) {
|
|
pk = m_alloc_clear( sizeof *pk );
|
|
pk->pubkey_usage = use;
|
|
if( (rc = get_pubkey_byname( NULL, pk, rov->d, NULL )) ) {
|
|
free_public_key( pk ); pk = NULL;
|
|
log_error(_("%s: skipped: %s\n"), rov->d, g10_errstr(rc) );
|
|
}
|
|
else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use )) ) {
|
|
PK_LIST r;
|
|
|
|
r = m_alloc( sizeof *r );
|
|
r->pk = pk; pk = NULL;
|
|
r->next = pk_list;
|
|
r->mark = 0;
|
|
pk_list = r;
|
|
}
|
|
else {
|
|
free_public_key( pk ); pk = NULL;
|
|
log_error(_("%s: skipped: %s\n"), rov->d, g10_errstr(rc) );
|
|
}
|
|
}
|
|
}
|
|
|
|
if( !any_recipients && !opt.batch ) { /* ask */
|
|
char *answer=NULL;
|
|
|
|
tty_printf(_(
|
|
"You did not specify a user ID. (you may use \"-r\")\n\n"));
|
|
for(;;) {
|
|
rc = 0;
|
|
m_free(answer);
|
|
answer = cpr_get_utf8("pklist.user_id.enter",
|
|
_("Enter the user ID: "));
|
|
trim_spaces(answer);
|
|
cpr_kill_prompt();
|
|
if( !*answer )
|
|
break;
|
|
if( pk )
|
|
free_public_key( pk );
|
|
pk = m_alloc_clear( sizeof *pk );
|
|
pk->pubkey_usage = use;
|
|
rc = get_pubkey_byname( NULL, pk, answer, NULL );
|
|
if( rc )
|
|
tty_printf(_("No such user ID.\n"));
|
|
else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use)) ) {
|
|
int trustlevel;
|
|
|
|
rc = check_trust( pk, &trustlevel, NULL, NULL, NULL );
|
|
if( rc ) {
|
|
log_error("error checking pk of `%s': %s\n",
|
|
answer, g10_errstr(rc) );
|
|
}
|
|
else if( do_we_trust_pre( pk, trustlevel ) ) {
|
|
PK_LIST r;
|
|
|
|
r = m_alloc( sizeof *r );
|
|
r->pk = pk; pk = NULL;
|
|
r->next = pk_list;
|
|
r->mark = 0;
|
|
pk_list = r;
|
|
any_recipients = 1;
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
m_free(answer);
|
|
if( pk ) {
|
|
free_public_key( pk );
|
|
pk = NULL;
|
|
}
|
|
}
|
|
else {
|
|
any_recipients = 0;
|
|
for(; remusr; remusr = remusr->next ) {
|
|
if( (remusr->flags & 1) )
|
|
continue; /* encrypt-to keys are already handled */
|
|
|
|
pk = m_alloc_clear( sizeof *pk );
|
|
pk->pubkey_usage = use;
|
|
if( (rc = get_pubkey_byname( NULL, pk, remusr->d, NULL )) ) {
|
|
free_public_key( pk ); pk = NULL;
|
|
log_error(_("%s: skipped: %s\n"), remusr->d, g10_errstr(rc) );
|
|
}
|
|
else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use )) ) {
|
|
int trustlevel;
|
|
|
|
rc = check_trust( pk, &trustlevel, NULL, NULL, NULL );
|
|
if( rc ) {
|
|
free_public_key( pk ); pk = NULL;
|
|
log_error(_("%s: error checking key: %s\n"),
|
|
remusr->d, g10_errstr(rc) );
|
|
}
|
|
else if( do_we_trust_pre( pk, trustlevel ) ) {
|
|
/* note: do_we_trust may have changed the trustlevel */
|
|
PK_LIST r;
|
|
|
|
r = m_alloc( sizeof *r );
|
|
r->pk = pk; pk = NULL;
|
|
r->next = pk_list;
|
|
r->mark = 0;
|
|
pk_list = r;
|
|
any_recipients = 1;
|
|
}
|
|
else { /* we don't trust this pk */
|
|
free_public_key( pk ); pk = NULL;
|
|
}
|
|
}
|
|
else {
|
|
free_public_key( pk ); pk = NULL;
|
|
log_error(_("%s: skipped: %s\n"), remusr->d, g10_errstr(rc) );
|
|
}
|
|
}
|
|
}
|
|
|
|
if( !rc && !any_recipients ) {
|
|
log_error(_("no valid addressees\n"));
|
|
rc = G10ERR_NO_USER_ID;
|
|
}
|
|
|
|
if( rc )
|
|
release_pk_list( pk_list );
|
|
else
|
|
*ret_pk_list = pk_list;
|
|
return rc;
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
algo_available( int preftype, int algo )
|
|
{
|
|
if( preftype == PREFTYPE_SYM ) {
|
|
if( algo == CIPHER_ALGO_TWOFISH )
|
|
return 0; /* we don't want to generate Twofish messages for now*/
|
|
return algo && !check_cipher_algo( algo );
|
|
}
|
|
else if( preftype == PREFTYPE_HASH ) {
|
|
return algo && !check_digest_algo( algo );
|
|
}
|
|
else if( preftype == PREFTYPE_COMPR ) {
|
|
return !algo || algo == 1 || algo == 2;
|
|
}
|
|
else
|
|
return 0;
|
|
}
|
|
|
|
/****************
|
|
* Return -1 if we could not find an algorithm.
|
|
*/
|
|
int
|
|
select_algo_from_prefs( PK_LIST pk_list, int preftype )
|
|
{
|
|
PK_LIST pkr;
|
|
u32 bits[8];
|
|
byte *pref = NULL;
|
|
size_t npref;
|
|
int i, j;
|
|
int compr_hack=0;
|
|
int any;
|
|
|
|
if( !pk_list )
|
|
return -1;
|
|
|
|
memset( bits, ~0, 8 * sizeof *bits );
|
|
for( pkr = pk_list; pkr; pkr = pkr->next ) {
|
|
u32 mask[8];
|
|
|
|
memset( mask, 0, 8 * sizeof *mask );
|
|
if( !pkr->pk->local_id ) { /* try to set the local id */
|
|
query_trust_info( pkr->pk, NULL );
|
|
if( !pkr->pk->local_id ) {
|
|
log_debug("select_algo_from_prefs: can't get LID\n");
|
|
continue;
|
|
}
|
|
}
|
|
if( preftype == PREFTYPE_SYM )
|
|
mask[0] |= (1<<2); /* 3DES is implicitly there */
|
|
m_free(pref);
|
|
pref = get_pref_data( pkr->pk->local_id, pkr->pk->namehash, &npref);
|
|
any = 0;
|
|
if( pref ) {
|
|
#if 0
|
|
log_hexdump("raw: ", pref, npref );
|
|
#endif
|
|
for(i=0; i+1 < npref; i+=2 ) {
|
|
if( pref[i] == preftype ) {
|
|
mask[pref[i+1]/32] |= 1 << (pref[i+1]%32);
|
|
any = 1;
|
|
}
|
|
}
|
|
}
|
|
if( (!pref || !any) && preftype == PREFTYPE_COMPR ) {
|
|
mask[0] |= 3; /* asume no_compression and old pgp */
|
|
compr_hack = 1;
|
|
}
|
|
|
|
#if 0
|
|
log_debug("mask=%08lX%08lX%08lX%08lX%08lX%08lX%08lX%08lX\n",
|
|
(ulong)mask[7], (ulong)mask[6], (ulong)mask[5], (ulong)mask[4],
|
|
(ulong)mask[3], (ulong)mask[2], (ulong)mask[1], (ulong)mask[0]);
|
|
#endif
|
|
for(i=0; i < 8; i++ )
|
|
bits[i] &= mask[i];
|
|
#if 0
|
|
log_debug("bits=%08lX%08lX%08lX%08lX%08lX%08lX%08lX%08lX\n",
|
|
(ulong)bits[7], (ulong)bits[6], (ulong)bits[5], (ulong)bits[4],
|
|
(ulong)bits[3], (ulong)bits[2], (ulong)bits[1], (ulong)bits[0]);
|
|
#endif
|
|
}
|
|
/* usable algorithms are now in bits
|
|
* We now use the last key from pk_list to select
|
|
* the algorithm we want to use. there are no
|
|
* preferences for the last key, we select the one
|
|
* corresponding to first set bit.
|
|
*/
|
|
i = -1;
|
|
any = 0;
|
|
if( pref ) {
|
|
for(j=0; j+1 < npref; j+=2 ) {
|
|
if( pref[j] == preftype ) {
|
|
if( (bits[pref[j+1]/32] & (1<<(pref[j+1]%32))) ) {
|
|
if( algo_available( preftype, pref[j+1] ) ) {
|
|
any = 1;
|
|
i = pref[j+1];
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
if( !pref || !any ) {
|
|
for(j=0; j < 256; j++ )
|
|
if( (bits[j/32] & (1<<(j%32))) ) {
|
|
if( algo_available( preftype, j ) ) {
|
|
i = j;
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
#if 0
|
|
log_debug("prefs of type %d: selected %d\n", preftype, i );
|
|
#endif
|
|
if( compr_hack && !i ) {
|
|
/* selected no compression, but we should check whether
|
|
* algorithm 1 is also available (the ordering is not relevant
|
|
* in this case). */
|
|
if( bits[0] & (1<<1) )
|
|
i = 1; /* yep; we can use compression algo 1 */
|
|
}
|
|
|
|
m_free(pref);
|
|
return i;
|
|
}
|
|
|
|
|