mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-05 12:31:50 +01:00
65288fc52f
* kbx/backend-support.c (be_is_x509_blob): Loose detection. -- Here is a sample v0 cert: -----BEGIN CERTIFICATE----- MIIDAzCCAmwCEQC5L2DMiJ+hekYJuFtwbIqvMA0GCSqGSIb3DQEBBQUAMIHBMQsw CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xPDA6BgNVBAsTM0Ns YXNzIDIgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBH MjE6MDgGA1UECxMxKGMpIDE5OTggVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9y aXplZCB1c2Ugb25seTEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazAe Fw05ODA1MTgwMDAwMDBaFw0yODA4MDEyMzU5NTlaMIHBMQswCQYDVQQGEwJVUzEX MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xPDA6BgNVBAsTM0NsYXNzIDIgUHVibGlj IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMjE6MDgGA1UECxMx KGMpIDE5OTggVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s eTEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazCBnzANBgkqhkiG9w0B AQEFAAOBjQAwgYkCgYEAp4gBIXQs5xoD8JjhlzwPIQjxnNuX6Zr8wgQGE75fUsjM HiwSViy4AWkszJkfrbCWrnkE8hM5wXuYuggs6MKEEyyqaekJ9MepAqRCwiNPStjw DqL7MWzJ5m+ZJwf15vRMeJ5t60aG+rmGyVTyssSv1EYcWskVMP8NbPUtDm3Of3cC AwEAATANBgkqhkiG9w0BAQUFAAOBgQByLvl/0fFx+8Se9sVeUYpAmLho+Jscg9ji nb3/7aHmZuovCfTK1+qlK5X2JGCGTUQug6XELaDTrnhpb3LabK4I8GOSN+a7xDAX rXfMSTWqz9iP0b63GJZHc2pUIjRkLbYWm1lbtFFZOrMLFPQS32eg9K0yZF6xRnIn jBJ7xUS0rg== -----END CERTIFICATE-----
365 lines
9.9 KiB
C
365 lines
9.9 KiB
C
/* backend-support.c - Supporting functions for the backend.
|
|
* Copyright (C) 2019 g10 Code GmbH
|
|
*
|
|
* This file is part of GnuPG.
|
|
*
|
|
* GnuPG is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 3 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* GnuPG is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program; if not, see <https://www.gnu.org/licenses/>.
|
|
* SPDX-License-Identifier: GPL-3.0+
|
|
*/
|
|
|
|
#include <config.h>
|
|
#include <stdio.h>
|
|
#include <stdlib.h>
|
|
#include <stddef.h>
|
|
#include <string.h>
|
|
|
|
#include "keyboxd.h"
|
|
#include "../common/i18n.h"
|
|
#include "../common/asshelp.h"
|
|
#include "../common/tlv.h"
|
|
#include "backend.h"
|
|
#include "keybox-defs.h"
|
|
|
|
|
|
/* Common definition part of all backend handle. All definitions of
|
|
* this structure must start with these fields. */
|
|
struct backend_handle_s
|
|
{
|
|
enum database_types db_type;
|
|
unsigned int backend_id;
|
|
};
|
|
|
|
|
|
|
|
/* Return a string with the name of the database type T. */
|
|
const char *
|
|
strdbtype (enum database_types t)
|
|
{
|
|
switch (t)
|
|
{
|
|
case DB_TYPE_NONE: return "none";
|
|
case DB_TYPE_CACHE:return "cache";
|
|
case DB_TYPE_KBX: return "keybox";
|
|
case DB_TYPE_SQLITE: return "sqlite";
|
|
}
|
|
return "?";
|
|
}
|
|
|
|
|
|
/* Return a new backend ID. Backend IDs are used to identify backends
|
|
* without using the actual object. The number of backend resources
|
|
* is limited because they are specified in the config file. Thus an
|
|
* overflow check is not required. */
|
|
unsigned int
|
|
be_new_backend_id (void)
|
|
{
|
|
static unsigned int last;
|
|
|
|
return ++last;
|
|
}
|
|
|
|
|
|
/* Release the backend described by HD. This is a generic function
|
|
* which dispatches to the the actual backend. */
|
|
void
|
|
be_generic_release_backend (ctrl_t ctrl, backend_handle_t hd)
|
|
{
|
|
if (!hd)
|
|
return;
|
|
switch (hd->db_type)
|
|
{
|
|
case DB_TYPE_NONE:
|
|
xfree (hd);
|
|
break;
|
|
case DB_TYPE_CACHE:
|
|
be_cache_release_resource (ctrl, hd);
|
|
break;
|
|
case DB_TYPE_KBX:
|
|
be_kbx_release_resource (ctrl, hd);
|
|
break;
|
|
case DB_TYPE_SQLITE:
|
|
be_sqlite_release_resource (ctrl, hd);
|
|
break;
|
|
default:
|
|
log_error ("%s: faulty backend handle of type %d given\n",
|
|
__func__, hd->db_type);
|
|
}
|
|
}
|
|
|
|
|
|
/* Release the request object REQ. */
|
|
void
|
|
be_release_request (db_request_t req)
|
|
{
|
|
db_request_part_t part, partn;
|
|
|
|
if (!req)
|
|
return;
|
|
|
|
for (part = req->part; part; part = partn)
|
|
{
|
|
partn = part->next;
|
|
be_kbx_release_kbx_hd (part->kbx_hd);
|
|
be_sqlite_release_local (part->besqlite);
|
|
xfree (part);
|
|
}
|
|
}
|
|
|
|
|
|
/* Given the backend handle BACKEND_HD and the REQUEST find or
|
|
* allocate a request part for that backend and store it at R_PART.
|
|
* On error R_PART is set to NULL and an error returned. */
|
|
gpg_error_t
|
|
be_find_request_part (backend_handle_t backend_hd, db_request_t request,
|
|
db_request_part_t *r_part)
|
|
{
|
|
gpg_error_t err;
|
|
db_request_part_t part;
|
|
|
|
for (part = request->part; part; part = part->next)
|
|
if (part->backend_id == backend_hd->backend_id)
|
|
break;
|
|
if (!part)
|
|
{
|
|
part = xtrycalloc (1, sizeof *part);
|
|
if (!part)
|
|
return gpg_error_from_syserror ();
|
|
part->backend_id = backend_hd->backend_id;
|
|
if (backend_hd->db_type == DB_TYPE_KBX)
|
|
{
|
|
err = be_kbx_init_request_part (backend_hd, part);
|
|
if (err)
|
|
{
|
|
xfree (part);
|
|
return err;
|
|
}
|
|
}
|
|
else if (backend_hd->db_type == DB_TYPE_SQLITE)
|
|
{
|
|
err = be_sqlite_init_local (backend_hd, part);
|
|
if (err)
|
|
{
|
|
xfree (part);
|
|
return err;
|
|
}
|
|
}
|
|
part->next = request->part;
|
|
request->part = part;
|
|
}
|
|
*r_part = part;
|
|
return 0;
|
|
}
|
|
|
|
|
|
/* Return the public key (BUFFER,BUFLEN) which has the type
|
|
* PUBKEY_TYPE to the caller. */
|
|
gpg_error_t
|
|
be_return_pubkey (ctrl_t ctrl, const void *buffer, size_t buflen,
|
|
enum pubkey_types pubkey_type, const unsigned char *ubid,
|
|
int is_ephemeral, int is_revoked, int uid_no, int pk_no)
|
|
{
|
|
gpg_error_t err;
|
|
char hexubid[2*UBID_LEN+1];
|
|
|
|
bin2hex (ubid, UBID_LEN, hexubid);
|
|
err = kbxd_status_printf (ctrl, "PUBKEY_INFO", "%d %s %c%c %d %d",
|
|
pubkey_type, hexubid,
|
|
is_ephemeral? 'e':'-',
|
|
is_revoked? 'r':'-',
|
|
uid_no, pk_no);
|
|
if (err)
|
|
goto leave;
|
|
|
|
if (ctrl->no_data_return)
|
|
err = 0;
|
|
else
|
|
err = kbxd_write_data_line (ctrl, buffer, buflen);
|
|
|
|
leave:
|
|
return err;
|
|
}
|
|
|
|
|
|
|
|
/* Return true if (BLOB/BLOBLEN) seems to be an X509 certificate. */
|
|
int
|
|
be_is_x509_blob (const unsigned char *blob, size_t bloblen)
|
|
{
|
|
const unsigned char *p;
|
|
size_t n, objlen, hdrlen;
|
|
int class, tag, cons, ndef;
|
|
|
|
/* An X.509 certificate can be identified by this DER encoding:
|
|
*
|
|
* 30 82 05 B8 30 82 04 A0 A0 03 02 01 02 02 07 15 46 A0 BF 30 07 39
|
|
* ----------- +++++++++++ ----- ++++++++ --------------------------
|
|
* SEQUENCE SEQUENCE [0] INTEGER INTEGER
|
|
* (tbs) (version) (s/n)
|
|
*
|
|
* Note that v0 certificates don't have an explict version number.
|
|
*/
|
|
|
|
p = blob;
|
|
n = bloblen;
|
|
if (parse_ber_header (&p, &n, &class, &tag, &cons, &ndef, &objlen, &hdrlen))
|
|
return 0; /* Not a proper BER object. */
|
|
if (!(class == CLASS_UNIVERSAL && tag == TAG_SEQUENCE && cons))
|
|
return 0; /* Does not start with a sequence. */
|
|
|
|
if (parse_ber_header (&p, &n, &class, &tag, &cons, &ndef, &objlen, &hdrlen))
|
|
return 0; /* Not a proper BER object. */
|
|
if (!(class == CLASS_UNIVERSAL && tag == TAG_SEQUENCE && cons))
|
|
return 0; /* No TBS sequence. */
|
|
if (n < 7 || objlen < 7)
|
|
return 0; /* Too short: [0], version and min. s/n required. */
|
|
|
|
if (parse_ber_header (&p, &n, &class, &tag, &cons, &ndef, &objlen, &hdrlen))
|
|
return 0; /* Not a proper BER object. */
|
|
if (!(class == CLASS_CONTEXT && tag == 0 && cons))
|
|
{
|
|
if (class == CLASS_UNIVERSAL && tag == TAG_INTEGER && !cons)
|
|
return 1; /* Might be a X.509 v0 cert with implict version. */
|
|
return 0; /* No context tag. */
|
|
}
|
|
|
|
if (parse_ber_header (&p, &n, &class, &tag, &cons, &ndef, &objlen, &hdrlen))
|
|
return 0; /* Not a proper BER object. */
|
|
|
|
if (!(class == CLASS_UNIVERSAL && tag == TAG_INTEGER
|
|
&& !cons && objlen == 1 && n && (*p == 1 || *p == 2)))
|
|
return 0; /* Unknown X.509 version. */
|
|
p++; /* Skip version number. */
|
|
n--;
|
|
|
|
if (parse_ber_header (&p, &n, &class, &tag, &cons, &ndef, &objlen, &hdrlen))
|
|
return 0; /* Not a proper BER object. */
|
|
if (!(class == CLASS_UNIVERSAL && tag == TAG_INTEGER && !cons))
|
|
return 0; /* No s/n. */
|
|
|
|
return 1; /* Looks like an X.509 certificate. */
|
|
}
|
|
|
|
|
|
/* Return the public key type and the (primary) fingerprint for
|
|
* (BLOB,BLOBLEN). r_UBID must point to a buffer of at least UBID_LEN
|
|
* bytes, on success it receives the UBID (primary fingerprint
|
|
* truncated 20 octets). R_PKTYPE receives the public key type. */
|
|
gpg_error_t
|
|
be_ubid_from_blob (const void *blob, size_t bloblen,
|
|
enum pubkey_types *r_pktype, char *r_ubid)
|
|
{
|
|
gpg_error_t err;
|
|
|
|
if (be_is_x509_blob (blob, bloblen))
|
|
{
|
|
/* Although libksba has a dedicated function to compute the
|
|
* fingerprint we compute it here directly because we know that
|
|
* we have the entire certificate here (we checked the start of
|
|
* the blob and assume that the length is also okay). */
|
|
*r_pktype = PUBKEY_TYPE_X509;
|
|
gcry_md_hash_buffer (GCRY_MD_SHA1, r_ubid, blob, bloblen);
|
|
err = 0;
|
|
}
|
|
else
|
|
{
|
|
struct _keybox_openpgp_info info;
|
|
|
|
err = _keybox_parse_openpgp (blob, bloblen, NULL, &info);
|
|
if (err)
|
|
{
|
|
log_info ("error parsing OpenPGP blob: %s\n", gpg_strerror (err));
|
|
err = gpg_error (GPG_ERR_WRONG_BLOB_TYPE);
|
|
}
|
|
else
|
|
{
|
|
*r_pktype = PUBKEY_TYPE_OPGP;
|
|
log_assert (info.primary.fprlen >= 20);
|
|
memcpy (r_ubid, info.primary.fpr, UBID_LEN);
|
|
_keybox_destroy_openpgp_info (&info);
|
|
}
|
|
}
|
|
|
|
return err;
|
|
}
|
|
|
|
|
|
|
|
/* Return a certificates serial number in hex encoding. Caller must
|
|
* free the returned string. NULL is returned on error but ERRNO
|
|
* might not be set if the certificate and thus Libksba is broken. */
|
|
char *
|
|
be_get_x509_serial (ksba_cert_t cert)
|
|
{
|
|
const char *p;
|
|
unsigned long n;
|
|
char *endp;
|
|
|
|
p = (const char *)ksba_cert_get_serial (cert);
|
|
if (!p)
|
|
{
|
|
log_debug ("oops: Libksba returned a certificate w/o a serial\n");
|
|
return NULL;
|
|
}
|
|
|
|
if (*p != '(')
|
|
{
|
|
log_debug ("oops: Libksba returned an invalid s-expression\n");
|
|
return NULL;
|
|
}
|
|
|
|
p++;
|
|
n = strtoul (p, &endp, 10);
|
|
p = endp;
|
|
if (*p != ':')
|
|
{
|
|
log_debug ("oops: Libksba returned an invalid s-expression\n");
|
|
return NULL;
|
|
}
|
|
p++;
|
|
|
|
return bin2hex (p, n, NULL);
|
|
}
|
|
|
|
|
|
/* Return the keygrip for the X.509 certificate CERT. The grip is
|
|
* stored at KEYGRIP which must have been allocated by the caller
|
|
* with a size of KEYGRIP_LEN. */
|
|
gpg_error_t
|
|
be_get_x509_keygrip (ksba_cert_t cert, unsigned char *keygrip)
|
|
{
|
|
gpg_error_t err;
|
|
size_t n;
|
|
ksba_sexp_t p;
|
|
gcry_sexp_t s_pkey;
|
|
|
|
p = ksba_cert_get_public_key (cert);
|
|
if (!p)
|
|
return gpg_error (GPG_ERR_NO_PUBKEY);
|
|
n = gcry_sexp_canon_len (p, 0, NULL, NULL);
|
|
if (!n)
|
|
{
|
|
ksba_free (p);
|
|
return gpg_error (GPG_ERR_NO_PUBKEY);
|
|
}
|
|
err = gcry_sexp_sscan (&s_pkey, NULL, (char*)p, n);
|
|
ksba_free (p);
|
|
if (err)
|
|
return err;
|
|
|
|
if (!gcry_pk_get_keygrip (s_pkey, keygrip))
|
|
err = gpg_error (GPG_ERR_PUBKEY_ALGO);
|
|
gcry_sexp_release (s_pkey);
|
|
return err;
|
|
}
|