diff options
Diffstat (limited to 'g10/getkey.c')
| -rw-r--r-- | g10/getkey.c | 150 |
1 files changed, 76 insertions, 74 deletions
diff --git a/g10/getkey.c b/g10/getkey.c index 4506c7c92..9cb5b9504 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -195,7 +195,7 @@ get_primary_uid ( KBNODE keyblock, size_t *uidlen ) *uidlen = k->pkt->pkt.user_id->len; return k->pkt->pkt.user_id->name; } - } + } s = user_id_not_found_utf8 (); *uidlen = strlen (s); return s; @@ -303,7 +303,7 @@ pk_from_block ( GETKEY_CTX ctx, PKT_public_key *pk, KBNODE keyblock ) assert ( a->pkt->pkttype == PKT_PUBLIC_KEY || a->pkt->pkttype == PKT_PUBLIC_SUBKEY ); - + copy_public_key ( pk, a->pkt->pkt.public_key ); } @@ -315,7 +315,7 @@ sk_from_block ( GETKEY_CTX ctx, assert ( a->pkt->pkttype == PKT_SECRET_KEY || a->pkt->pkttype == PKT_SECRET_SUBKEY ); - + copy_secret_key( sk, a->pkt->pkt.secret_key); } @@ -400,7 +400,7 @@ get_pubkey_fast (PKT_public_key *pk, u32 *keyid) KEYDB_HANDLE hd; KBNODE keyblock; u32 pkid[2]; - + assert (pk); #if MAX_PK_CACHE_ENTRIES { /* Try to get it from the cache */ @@ -427,7 +427,7 @@ get_pubkey_fast (PKT_public_key *pk, u32 *keyid) } rc = keydb_get_keyblock (hd, &keyblock); keydb_release (hd); - if (rc) + if (rc) { log_error ("keydb_get_keyblock failed: %s\n", g10_errstr(rc)); return G10ERR_NO_PUBKEY; @@ -561,8 +561,8 @@ seckey_available( u32 *keyid ) * must be in the range 0..9), this is considered a fingerprint. * - If the username starts with a left angle, we assume it is a complete * email address and look only at this part. - * - If the username starts with a colon we assume it is a unified - * key specfification. + * - If the username starts with a colon we assume it is a unified + * key specfification. * - If the username starts with a '.', we assume it is the ending * part of an email address * - If the username starts with an '@', we assume it is a part of an @@ -583,7 +583,7 @@ classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc ) const char *s; int hexprefix = 0; int hexlength; - int mode = 0; + int mode = 0; KEYDB_SEARCH_DESC dummy_desc; if (!desc) @@ -642,12 +642,12 @@ classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc ) case '#': /* local user id */ return 0; /* This is now obsolete and van't not be used anymore*/ - + case ':': /*Unified fingerprint */ - { + { const char *se, *si; int i; - + se = strchr( ++s,':'); if ( !se ) return 0; @@ -657,15 +657,15 @@ classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc ) } if (i != 32 && i != 40) return 0; /* invalid length of fpr*/ - for (i=0,si=s; si < se; i++, si +=2) + for (i=0,si=s; si < se; i++, si +=2) desc->u.fpr[i] = hextobyte(si); for ( ; i < 20; i++) desc->u.fpr[i]= 0; s = se + 1; mode = KEYDB_SEARCH_MODE_FPR; - } + } break; - + default: if (s[0] == '0' && s[1] == 'x') { hexprefix = 1; @@ -715,7 +715,7 @@ classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc ) int i; if (hexlength == 33) s++; - memset(desc->u.fpr+16, 0, 4); + memset(desc->u.fpr+16, 0, 4); for (i=0; i < 16; i++, s+=2) { int c = hextobyte(s); if (c == -1) @@ -754,11 +754,13 @@ classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc ) static int -skip_unusable(void *dummy,u32 *keyid,PKT_user_id *uid) +skip_unusable(void *dummy, u32 *keyid,PKT_user_id *uid) { int unusable=0; KBNODE keyblock; + (void)dummy; + keyblock=get_pubkeyblock(keyid); if(!keyblock) { @@ -815,7 +817,7 @@ key_byname( GETKEY_CTX *retctx, STRLIST namelist, STRLIST r; GETKEY_CTX ctx; KBNODE help_kb = NULL; - + if( retctx ) {/* reset the returned context in case of error */ assert (!ret_kdbhd); /* not allowed because the handle is stored in the context */ @@ -844,7 +846,7 @@ key_byname( GETKEY_CTX *retctx, STRLIST namelist, for(n=0, r=namelist; r; r = r->next, n++ ) { classify_user_id (r->d, &ctx->items[n]); - + if (ctx->items[n].exact) ctx->exact = 1; if (!ctx->items[n].mode) @@ -863,7 +865,7 @@ key_byname( GETKEY_CTX *retctx, STRLIST namelist, } ctx->kr_handle = keydb_new (secmode); - if ( !ret_kb ) + if ( !ret_kb ) ret_kb = &help_kb; if( secmode ) { @@ -1054,7 +1056,7 @@ get_pubkey_next( GETKEY_CTX ctx, PKT_public_key *pk, KBNODE *ret_keyblock ) rc = lookup( ctx, ret_keyblock, 0 ); if ( !rc && pk && ret_keyblock ) pk_from_block ( ctx, pk, *ret_keyblock ); - + return rc; } @@ -1074,7 +1076,7 @@ get_pubkey_end( GETKEY_CTX ctx ) * Search for a key with the given fingerprint. * FIXME: * We should replace this with the _byname function. Thiscsan be done - * by creating a userID conforming to the unified fingerprint style. + * by creating a userID conforming to the unified fingerprint style. */ int get_pubkey_byfprint( PKT_public_key *pk, @@ -1120,10 +1122,10 @@ get_pubkey_byfprint_fast (PKT_public_key *pk, KBNODE keyblock; byte fprbuf[MAX_FINGERPRINT_LEN]; int i; - + for (i=0; i < MAX_FINGERPRINT_LEN && i < fprint_len; i++) fprbuf[i] = fprint[i]; - while (i < MAX_FINGERPRINT_LEN) + while (i < MAX_FINGERPRINT_LEN) fprbuf[i++] = 0; hd = keydb_new (0); @@ -1135,12 +1137,12 @@ get_pubkey_byfprint_fast (PKT_public_key *pk, } rc = keydb_get_keyblock (hd, &keyblock); keydb_release (hd); - if (rc) + if (rc) { log_error ("keydb_get_keyblock failed: %s\n", g10_errstr(rc)); return G10ERR_NO_PUBKEY; } - + assert ( keyblock->pkt->pkttype == PKT_PUBLIC_KEY || keyblock->pkt->pkttype == PKT_PUBLIC_SUBKEY ); if (pk) @@ -1216,7 +1218,7 @@ get_seckey_byname2( GETKEY_CTX *retctx, return rc; } -int +int get_seckey_byname( PKT_secret_key *sk, const char *name, int unlock ) { return get_seckey_byname2 ( NULL, sk, name, unlock, NULL ); @@ -1255,7 +1257,7 @@ get_seckey_end( GETKEY_CTX ctx ) * Search for a key with the given fingerprint. * FIXME: * We should replace this with the _byname function. Thiscsan be done - * by creating a userID conforming to the unified fingerprint style. + * by creating a userID conforming to the unified fingerprint style. */ int get_seckey_byfprint( PKT_secret_key *sk, @@ -1295,10 +1297,10 @@ get_seckeyblock_byfprint (KBNODE *ret_keyblock, const byte *fprint, { int rc; struct getkey_ctx_s ctx; - + if (fprint_len != 20 && fprint_len == 16) return G10ERR_GENERAL; /* Oops */ - + memset (&ctx, 0, sizeof ctx); ctx.not_allocated = 1; ctx.kr_handle = keydb_new (1); @@ -1309,7 +1311,7 @@ get_seckeyblock_byfprint (KBNODE *ret_keyblock, const byte *fprint, memcpy (ctx.items[0].u.fpr, fprint, fprint_len); rc = lookup (&ctx, ret_keyblock, 1); get_seckey_end (&ctx); - + return rc; } @@ -1525,7 +1527,7 @@ fixup_uidnode ( KBNODE uidnode, KBNODE signode, u32 keycreated ) /* We could also query this from the unhashed area if it is not in * the hased area and then later try to decide which is the better * there should be no security problem with this. - * For now we only look at the hashed one. + * For now we only look at the hashed one. */ /* Now build the preferences list. These must come from the @@ -1537,7 +1539,7 @@ fixup_uidnode ( KBNODE uidnode, KBNODE signode, u32 keycreated ) hash = p; nhash = p?n:0; p = parse_sig_subpkt ( sig->hashed, SIGSUBPKT_PREF_COMPR, &n ); zip = p; nzip = p?n:0; - if (uid->prefs) + if (uid->prefs) xfree (uid->prefs); n = nsym + nhash + nzip; if (!n) @@ -1632,7 +1634,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo) for(k=keyblock; k && k->pkt->pkttype != PKT_USER_ID; k = k->next ) { if ( k->pkt->pkttype == PKT_SIGNATURE ) { PKT_signature *sig = k->pkt->pkt.signature; - if ( sig->keyid[0] == kid[0] && sig->keyid[1]==kid[1] ) { + if ( sig->keyid[0] == kid[0] && sig->keyid[1]==kid[1] ) { if ( check_key_signature( keyblock, k, NULL ) ) ; /* signature did not verify */ else if ( IS_KEY_REV (sig) ){ @@ -1642,9 +1644,9 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo) * here because we have to assume that an attacker can * generate all kinds of signatures. However due to the * fact that the key has been revoked it does not harm - * either and by continuing we gather some more info on + * either and by continuing we gather some more info on * that key. - */ + */ *r_revoked = 1; sig_to_revoke_info(sig,rinfo); } @@ -1732,7 +1734,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo) key_expire_seen = 1; } - /* mark that key as valid: one direct key signature should + /* mark that key as valid: one direct key signature should * render a key as valid */ pk->is_valid = 1; } @@ -1751,7 +1753,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo) if(IS_KEY_REV(sig) && (sig->keyid[0]!=kid[0] || sig->keyid[1]!=kid[1])) - { + { int rc=check_revocation_keys(pk,sig); if(rc==0) { @@ -1781,7 +1783,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo) sigdate = 0; /* helper to find the latest signature in one user ID */ for(k=keyblock; k && k->pkt->pkttype != PKT_PUBLIC_SUBKEY; k = k->next ) { if ( k->pkt->pkttype == PKT_USER_ID ) { - if ( uidnode && signode ) + if ( uidnode && signode ) { fixup_uidnode ( uidnode, signode, keytimestamp ); pk->is_valid=1; @@ -1792,7 +1794,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo) } else if ( k->pkt->pkttype == PKT_SIGNATURE && uidnode ) { PKT_signature *sig = k->pkt->pkt.signature; - if ( sig->keyid[0] == kid[0] && sig->keyid[1]==kid[1] ) { + if ( sig->keyid[0] == kid[0] && sig->keyid[1]==kid[1] ) { if ( check_key_signature( keyblock, k, NULL ) ) ; /* signature did not verify */ else if ( (IS_UID_SIG (sig) || IS_UID_REV (sig)) @@ -1887,7 +1889,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo) /* Now that we had a look at all user IDs we can now get some information * from those user IDs. */ - + if ( !key_usage ) { /* find the latest user ID with key flags set */ uiddate = 0; /* helper to find the latest user ID */ @@ -1908,17 +1910,17 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo) else { /* check that the usage matches the usage as given by the algo */ int x = openpgp_pk_algo_usage ( pk->pubkey_algo ); if ( x ) /* mask it down to the actual allowed usage */ - key_usage &= x; + key_usage &= x; } /* Whatever happens, it's a primary key, so it can certify. */ pk->pubkey_usage = key_usage|PUBKEY_USAGE_CERT; if ( !key_expire_seen ) { - /* find the latest valid user ID with a key expiration set + /* find the latest valid user ID with a key expiration set * Note, that this may be a different one from the above because * some user IDs may have no expiration date set */ - uiddate = 0; + uiddate = 0; for(k=keyblock; k && k->pkt->pkttype != PKT_PUBLIC_SUBKEY; k = k->next ) { if ( k->pkt->pkttype == PKT_USER_ID ) { @@ -1989,7 +1991,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo) if ( k->pkt->pkttype == PKT_USER_ID && !k->pkt->pkt.user_id->attrib_data) { PKT_user_id *uid = k->pkt->pkt.user_id; - if ( k != uidnode ) + if ( k != uidnode ) uid->is_primary = 0; } } @@ -2093,7 +2095,7 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode ) k = k->next ) { if ( k->pkt->pkttype == PKT_SIGNATURE ) { sig = k->pkt->pkt.signature; - if ( sig->keyid[0] == mainkid[0] && sig->keyid[1]==mainkid[1] ) { + if ( sig->keyid[0] == mainkid[0] && sig->keyid[1]==mainkid[1] ) { if ( check_key_signature( keyblock, k, NULL ) ) ; /* signature did not verify */ else if ( IS_SUBKEY_REV (sig) ) { @@ -2107,7 +2109,7 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode ) does this the same way. */ subpk->is_revoked = 1; sig_to_revoke_info(sig,&subpk->revoked); - /* although we could stop now, we continue to + /* although we could stop now, we continue to * figure out other information like the old expiration * time */ } @@ -2144,11 +2146,11 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode ) /* check that the usage matches the usage as given by the algo */ int x = openpgp_pk_algo_usage ( subpk->pubkey_algo ); if ( x ) /* mask it down to the actual allowed usage */ - key_usage &= x; + key_usage &= x; } subpk->pubkey_usage = key_usage; - + p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL); if ( p && buffer_to_u32(p) ) key_expire = keytimestamp + buffer_to_u32(p); @@ -2240,7 +2242,7 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode ) } -/* +/* * Merge information from the self-signatures with the key, so that * we can later use them more easy. * The function works by first applying the self signatures to the @@ -2250,7 +2252,7 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode ) * We check all self signatures or validity and ignore all invalid signatures. * All signatures are then ordered by their creation date .... * For the primary key: - * FIXME the docs + * FIXME the docs */ static void merge_selfsigs( KBNODE keyblock ) @@ -2311,7 +2313,7 @@ merge_selfsigs( KBNODE keyblock ) * which user ID the key has been selected. * fixme: we should keep atoms of commonly used preferences or * use reference counting to optimize the preference lists storage. - * FIXME: it might be better to use the intersection of + * FIXME: it might be better to use the intersection of * all preferences. * Do a similar thing for the MDC feature flag. */ @@ -2325,7 +2327,7 @@ merge_selfsigs( KBNODE keyblock ) mdc_feature = k->pkt->pkt.user_id->flags.mdc; break; } - } + } for(k=keyblock; k; k = k->next ) { if ( k->pkt->pkttype == PKT_PUBLIC_KEY || k->pkt->pkttype == PKT_PUBLIC_SUBKEY ) { @@ -2353,7 +2355,7 @@ merge_public_with_secret ( KBNODE pubblock, KBNODE secblock ) assert ( pubblock->pkt->pkttype == PKT_PUBLIC_KEY ); assert ( secblock->pkt->pkttype == PKT_SECRET_KEY ); - + for (pub=pubblock; pub; pub = pub->next ) { if ( pub->pkt->pkttype == PKT_PUBLIC_KEY ) { PKT_public_key *pk = pub->pkt->pkt.public_key; @@ -2385,7 +2387,7 @@ merge_public_with_secret ( KBNODE pubblock, KBNODE secblock ) } } } - if ( !sec ) + if ( !sec ) BUG(); /* already checked in premerge */ } } @@ -2404,7 +2406,7 @@ premerge_public_with_secret ( KBNODE pubblock, KBNODE secblock ) assert ( pubblock->pkt->pkttype == PKT_PUBLIC_KEY ); assert ( secblock->pkt->pkttype == PKT_SECRET_KEY ); - + for (pub=pubblock,last=NULL; pub; last = pub, pub = pub->next ) { pub->flag &= ~3; /* reset bits 0 and 1 */ if ( pub->pkt->pkttype == PKT_PUBLIC_SUBKEY ) { @@ -2433,14 +2435,14 @@ premerge_public_with_secret ( KBNODE pubblock, KBNODE secblock ) if (opt.verbose) log_info (_("no secret subkey" - " for public subkey %s - ignoring\n"), + " for public subkey %s - ignoring\n"), keystr_from_pk (pk)); /* we have to remove the subkey in this case */ assert ( last ); /* find the next subkey */ for (next=pub->next,ll=pub; next && next->pkt->pkttype != PKT_PUBLIC_SUBKEY; - ll = next, next = next->next ) + ll = next, next = next->next ) ; /* make new link */ last->next = next; @@ -2510,7 +2512,7 @@ finish_lookup (GETKEY_CTX ctx) u32 curtime = make_timestamp (); assert( keyblock->pkt->pkttype == PKT_PUBLIC_KEY ); - + ctx->found_key = NULL; if (ctx->exact) { @@ -2579,7 +2581,7 @@ finish_lookup (GETKEY_CTX ctx) log_debug( "\tsubkey not yet valid\n"); continue; } - + if ( !((pk->pubkey_usage&USAGE_MASK) & req_usage) ) { if (DBG_CACHE) log_debug( "\tusage does not match: want=%x have=%x\n", @@ -2596,7 +2598,7 @@ finish_lookup (GETKEY_CTX ctx) } } - /* Okay now try the primary key unless we want an exact + /* Okay now try the primary key unless we want an exact * key ID match on a subkey */ if ((!latest_key && !(ctx->exact && foundk != keyblock)) || req_prim) { PKT_public_key *pk; @@ -2628,7 +2630,7 @@ finish_lookup (GETKEY_CTX ctx) latest_date = pk->timestamp; } } - + if ( !latest_key ) { if (DBG_CACHE) log_debug("\tno suitable key found - giving up\n"); @@ -2645,8 +2647,8 @@ finish_lookup (GETKEY_CTX ctx) if (pk->user_id) free_user_id (pk->user_id); pk->user_id = scopy_user_id (foundu); - } - + } + ctx->found_key = latest_key; if (latest_key != keyblock && opt.verbose) @@ -2659,7 +2661,7 @@ finish_lookup (GETKEY_CTX ctx) } cache_user_id( keyblock ); - + return 1; /* found */ } @@ -2670,7 +2672,7 @@ lookup( GETKEY_CTX ctx, KBNODE *ret_keyblock, int secmode ) int rc; KBNODE secblock = NULL; /* helper */ int no_suitable_key = 0; - + rc = 0; while (!(rc = keydb_search (ctx->kr_handle, ctx->items, ctx->nitems))) { /* If we are searching for the first key we have to make sure @@ -2685,13 +2687,13 @@ lookup( GETKEY_CTX ctx, KBNODE *ret_keyblock, int secmode ) rc = 0; goto skip; } - + if ( secmode ) { - /* find the correspondig public key and use this + /* find the correspondig public key and use this * this one for the selection process */ u32 aki[2]; KBNODE k = ctx->keyblock; - + if (k->pkt->pkttype != PKT_SECRET_KEY) BUG(); @@ -2726,7 +2728,7 @@ lookup( GETKEY_CTX ctx, KBNODE *ret_keyblock, int secmode ) } else no_suitable_key = 1; - + skip: /* release resources and continue search */ if ( secmode ) { @@ -2765,8 +2767,8 @@ lookup( GETKEY_CTX ctx, KBNODE *ret_keyblock, int secmode ) /**************** - * FIXME: Replace by the generic function - * It does not work as it is right now - it is used at + * FIXME: Replace by the generic function + * It does not work as it is right now - it is used at * 2 places: a) to get the key for an anonyous recipient * b) to get the ultimately trusted keys. * The a) usage might have some problems. @@ -2832,7 +2834,7 @@ enum_secret_keys( void **context, PKT_secret_key *sk, } release_kbnode (c->keyblock); c->keyblock = c->node = NULL; - + rc = c->first? keydb_search_first (c->hd) : keydb_search_next (c->hd); c->first = 0; if (rc) { @@ -2840,7 +2842,7 @@ enum_secret_keys( void **context, PKT_secret_key *sk, c->eof = 1; return -1; /* eof */ } - + rc = keydb_get_keyblock (c->hd, &c->keyblock); c->node = c->keyblock; } while (!rc); @@ -2999,7 +3001,7 @@ parse_auto_key_locate(char *options) continue; /* For now we silently ignore the new methods introduced with - 2.0.10. */ + 2.0.10. */ if (!ascii_strcasecmp (tok,"nodefault") || !ascii_strcasecmp (tok,"local")) continue; |