aboutsummaryrefslogtreecommitdiffstats
path: root/g10
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--g10/ChangeLog12
-rw-r--r--g10/Makefile.am1
-rw-r--r--g10/Makefile.in22
-rw-r--r--g10/import.c7
-rw-r--r--g10/main.h9
-rw-r--r--g10/rsa.c2
-rw-r--r--g10/seckey-cert.c322
-rw-r--r--g10/sign.c686
8 files changed, 152 insertions, 909 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog
index 94617fcc6..792dae02b 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,15 @@
+Thu Apr 9 11:35:22 1998 Werner Koch ([email protected])
+
+ * seckey-cert.c (do_check): New; combines all the check functions
+ into one.
+
+ * sign.c: removed all key management functions
+ * keyedit.c: New.
+
+Thu Apr 9 09:49:36 1998 Werner Koch ([email protected])
+
+ * import.c (chk_self_sigs): Changed an error message.
+
Wed Apr 8 16:19:39 1998 Werner Koch ([email protected])
* packet.h: packet structs now uses structs from the pubkey,
diff --git a/g10/Makefile.am b/g10/Makefile.am
index ba9ca29df..0f693226d 100644
--- a/g10/Makefile.am
+++ b/g10/Makefile.am
@@ -45,6 +45,7 @@ common_source = \
status.c \
status.h \
sign.c \
+ keyedit.c \
plaintext.c \
encr-data.c \
encode.c \
diff --git a/g10/Makefile.in b/g10/Makefile.in
index b2a106c2b..4b37cc030 100644
--- a/g10/Makefile.in
+++ b/g10/Makefile.in
@@ -137,6 +137,7 @@ common_source = \
status.c \
status.h \
sign.c \
+ keyedit.c \
plaintext.c \
encr-data.c \
encode.c \
@@ -174,9 +175,9 @@ gpg_OBJECTS = g10.o build-packet.o compress.o free-packet.o getkey.o \
pkclist.o skclist.o ringedit.o kbnode.o mainproc.o armor.o mdfilter.o \
textfilter.o cipher.o elg.o dsa.o rsa.o misc.o openfile.o keyid.o \
trustdb.o parse-packet.o passphrase.o pubkey-enc.o seckey-cert.o \
-seskey.o import.o export.o comment.o status.o sign.o plaintext.o \
-encr-data.o encode.o revoke.o keylist.o sig-check.o signal.o verify.o \
-decrypt.o keygen.o
+seskey.o import.o export.o comment.o status.o sign.o keyedit.o \
+plaintext.o encr-data.o encode.o revoke.o keylist.o sig-check.o \
+signal.o verify.o decrypt.o keygen.o
gpg_LDADD = $(LDADD)
gpg_DEPENDENCIES = ../cipher/libcipher.a ../mpi/libmpi.a \
../util/libutil.a
@@ -186,8 +187,8 @@ getkey.o pkclist.o skclist.o ringedit.o kbnode.o mainproc.o armor.o \
mdfilter.o textfilter.o cipher.o elg.o dsa.o rsa.o misc.o openfile.o \
keyid.o trustdb.o parse-packet.o passphrase.o pubkey-enc.o \
seckey-cert.o seskey.o import.o export.o comment.o status.o sign.o \
-plaintext.o encr-data.o encode.o revoke.o keylist.o sig-check.o \
-signal.o
+keyedit.o plaintext.o encr-data.o encode.o revoke.o keylist.o \
+sig-check.o signal.o
gpgm_DEPENDENCIES = g10maint.o ../cipher/libcipher.a ../mpi/libmpi.a \
../util/libutil.a
gpgm_LDFLAGS =
@@ -195,8 +196,9 @@ gpgd_OBJECTS = gpgd.o build-packet.o compress.o free-packet.o getkey.o \
pkclist.o skclist.o ringedit.o kbnode.o mainproc.o armor.o mdfilter.o \
textfilter.o cipher.o elg.o dsa.o rsa.o misc.o openfile.o keyid.o \
trustdb.o parse-packet.o passphrase.o pubkey-enc.o seckey-cert.o \
-seskey.o import.o export.o comment.o status.o sign.o plaintext.o \
-encr-data.o encode.o revoke.o keylist.o sig-check.o signal.o
+seskey.o import.o export.o comment.o status.o sign.o keyedit.o \
+plaintext.o encr-data.o encode.o revoke.o keylist.o sig-check.o \
+signal.o
gpgd_LDADD = $(LDADD)
gpgd_DEPENDENCIES = ../cipher/libcipher.a ../mpi/libmpi.a \
../util/libutil.a
@@ -215,9 +217,9 @@ DEP_FILES = .deps/armor.P .deps/build-packet.P .deps/cipher.P \
.deps/comment.P .deps/compress.P .deps/dearmor.P .deps/decrypt.P \
.deps/dsa.P .deps/elg.P .deps/encode.P .deps/encr-data.P .deps/export.P \
.deps/free-packet.P .deps/g10.P .deps/getkey.P .deps/gpgd.P \
-.deps/import.P .deps/kbnode.P .deps/keygen.P .deps/keyid.P \
-.deps/keylist.P .deps/mainproc.P .deps/mdfilter.P .deps/misc.P \
-.deps/openfile.P .deps/parse-packet.P .deps/passphrase.P \
+.deps/import.P .deps/kbnode.P .deps/keyedit.P .deps/keygen.P \
+.deps/keyid.P .deps/keylist.P .deps/mainproc.P .deps/mdfilter.P \
+.deps/misc.P .deps/openfile.P .deps/parse-packet.P .deps/passphrase.P \
.deps/pkclist.P .deps/plaintext.P .deps/pubkey-enc.P .deps/revoke.P \
.deps/ringedit.P .deps/rsa.P .deps/seckey-cert.P .deps/seskey.P \
.deps/sig-check.P .deps/sign.P .deps/signal.P .deps/skclist.P \
diff --git a/g10/import.c b/g10/import.c
index 8e4a54710..874fa8520 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -501,8 +501,11 @@ chk_self_sigs( const char *fname, KBNODE keyblock,
}
rc = check_key_signature( keyblock, n, NULL);
if( rc ) {
- log_error("%s: key %08lX, invalid self-signature\n",
- fname, (ulong)keyid[1]);
+ log_error( rc == G10ERR_PUBKEY_ALGO ?
+ "%s: key %08lX, unsupported public key algorithm\n":
+ "%s: key %08lX, invalid self-signature\n",
+ fname, (ulong)keyid[1]);
+
unode->flag |= 2; /* mark as invalid */
}
unode->flag |= 1; /* mark that user-id checked */
diff --git a/g10/main.h b/g10/main.h
index 82f2373d7..4450849d6 100644
--- a/g10/main.h
+++ b/g10/main.h
@@ -54,17 +54,20 @@ int encrypt_filter( void *opaque, int control,
/*-- sign.c --*/
+int complete_sig( PKT_signature *sig, PKT_secret_cert *skc, MD_HANDLE md );
int sign_file( STRLIST filenames, int detached, STRLIST locusr,
int encrypt, STRLIST remusr, const char *outfile );
int clearsign_file( const char *fname, STRLIST locusr, const char *outfile );
+
+/*-- sig-check.c --*/
+int check_key_signature( KBNODE root, KBNODE node, int *is_selfsig );
+
+/*-- keyedit.c --*/
int sign_key( const char *username, STRLIST locusr );
int edit_keysigs( const char *username );
int delete_key( const char *username, int secure );
int change_passphrase( const char *username );
-/*-- sig-check.c --*/
-int check_key_signature( KBNODE root, KBNODE node, int *is_selfsig );
-
/*-- keygen.c --*/
void generate_keypair(void);
diff --git a/g10/rsa.c b/g10/rsa.c
index ceba3fd1f..edecdfb1c 100644
--- a/g10/rsa.c
+++ b/g10/rsa.c
@@ -1,4 +1,4 @@
-/* rsa.c
+/* rsa.c - glue code for RSA cipher
* Copyright (C) 1998 Free Software Foundation, Inc.
*
* This file is part of GNUPG.
diff --git a/g10/seckey-cert.c b/g10/seckey-cert.c
index d0e10b528..942303fa9 100644
--- a/g10/seckey-cert.c
+++ b/g10/seckey-cert.c
@@ -34,19 +34,19 @@
static int
-check_elg( PKT_secret_cert *cert )
+do_check( PKT_secret_cert *cert )
{
byte *buffer;
u16 csum=0;
int res;
unsigned nbytes;
- u32 keyid[2];
- char save_iv[8];
if( cert->is_protected ) { /* remove the protection */
DEK *dek = NULL;
- MPI test_x;
+ u32 keyid[2];
CIPHER_HANDLE cipher_hd=NULL;
+ PKT_secret_cert *save_cert;
+ char save_iv[8];
switch( cert->protect.algo ) {
case CIPHER_ALGO_NONE: BUG(); break;
@@ -64,44 +64,87 @@ check_elg( PKT_secret_cert *cert )
cipher_setkey( cipher_hd, dek->key, dek->keylen );
cipher_setiv( cipher_hd, NULL );
m_free(dek); /* pw is in secure memory, so m_free() burns it */
+ save_cert = copy_secret_cert( NULL, cert );
memcpy(save_iv, cert->protect.iv, 8 );
cipher_decrypt( cipher_hd, cert->protect.iv, cert->protect.iv, 8 );
- mpi_set_secure(cert->d.elg.x );
- /*fixme: maybe it is better to set the buffer secure with a
- * new get_buffer_secure() function */
- buffer = mpi_get_buffer( cert->d.elg.x, &nbytes, NULL );
- cipher_decrypt( cipher_hd, buffer, buffer, nbytes );
- test_x = mpi_alloc_secure( mpi_get_nlimbs(cert->d.elg.x) );
- mpi_set_buffer( test_x, buffer, nbytes, 0 );
- csum = checksum_mpi( test_x );
- m_free( buffer );
+ switch( cert->pubkey_algo ) {
+ case PUBKEY_ALGO_ELGAMAL:
+ buffer = mpi_get_secure_buffer( cert->d.elg.x, &nbytes, NULL );
+ cipher_decrypt( cipher_hd, buffer, buffer, nbytes );
+ mpi_set_buffer( cert->d.elg.x, buffer, nbytes, 0 );
+ csum = checksum_mpi( cert->d.elg.x );
+ m_free( buffer );
+ break;
+ case PUBKEY_ALGO_DSA:
+ buffer = mpi_get_secure_buffer( cert->d.dsa.x, &nbytes, NULL );
+ cipher_decrypt( cipher_hd, buffer, buffer, nbytes );
+ mpi_set_buffer( cert->d.dsa.x, buffer, nbytes, 0 );
+ csum = checksum_mpi( cert->d.dsa.x );
+ m_free( buffer );
+ break;
+ #ifdef HAVE_RSA_CIPHER
+ case PUBKEY_ALGO_RSA:
+ csum = 0;
+ #define X(a) do { \
+ buffer = mpi_get_secure_buffer( cert->d.rsa.##a, \
+ &nbytes, NULL ); \
+ csum += checksum_u16( nbytes*8 ); \
+ cipher_decrypt( cipher_hd, buffer, buffer, nbytes ); \
+ csum += checksum( buffer, nbytes ); \
+ mpi_set_buffer(cert->d.rsa.##a, buffer, nbytes, 0 ); \
+ m_free( buffer ); \
+ } while(0)
+ X(d);
+ X(p);
+ X(q);
+ X(u);
+ #undef X
+ break;
+ #endif /* HAVE_RSA_CIPHER */
+
+ default: BUG();
+ }
cipher_close( cipher_hd );
/* now let's see wether we have used the right passphrase */
if( csum != cert->csum ) {
- /* very bad kludge to work around an early bug */
- csum -= checksum_u16( mpi_get_nbits(test_x) );
- nbytes = mpi_get_nlimbs(test_x) * 4;
- csum += checksum_u16( nbytes*8 );
+ if( cert->pubkey_algo == PUBKEY_ALGO_ELGAMAL ) {
+ /* very bad kludge to work around an early bug */
+ csum -= checksum_u16( mpi_get_nbits(cert->d.elg.x) );
+ nbytes = mpi_get_nlimbs(cert->d.elg.x) * 4;
+ csum += checksum_u16( nbytes*8 );
+ if( !opt.batch && csum == cert->csum )
+ log_info("Probably you have an old key - use "
+ "\"--change-passphrase\" to convert.\n");
+ }
if( csum != cert->csum ) {
- mpi_free(test_x);
+ copy_secret_cert( cert, save_cert );
+ free_secret_cert( save_cert );
memcpy( cert->protect.iv, save_iv, 8 );
return G10ERR_BAD_PASS;
}
- if( !opt.batch )
- log_info("Probably you have an old key - use "
- "\"--change-passphrase\" to convert.\n");
}
- mpi_swap( cert->d.elg.x, test_x );
- res = elg_check_secret_key( &cert->d.elg );
- mpi_swap( cert->d.elg.x, test_x );
+ switch( cert->pubkey_algo ) {
+ case PUBKEY_ALGO_ELGAMAL:
+ res = elg_check_secret_key( &cert->d.elg );
+ break;
+ case PUBKEY_ALGO_DSA:
+ res = dsa_check_secret_key( &cert->d.dsa );
+ break;
+ #ifdef HAVE_RSA_CIPHER
+ case PUBKEY_ALGO_RSA:
+ res = rsa_check_secret_key( &cert->d.rsa );
+ break;
+ #endif
+ default: BUG();
+ }
if( !res ) {
- mpi_free(test_x);
+ copy_secret_cert( cert, save_cert );
+ free_secret_cert( save_cert );
memcpy( cert->protect.iv, save_iv, 8 );
return G10ERR_BAD_PASS;
}
- mpi_set(cert->d.elg.x, test_x);
- mpi_free(test_x);
+ free_secret_cert( save_cert );
cert->is_protected = 0;
break;
@@ -110,187 +153,53 @@ check_elg( PKT_secret_cert *cert )
}
}
else { /* not protected */
- csum = checksum_mpi( cert->d.elg.x );
- if( csum != cert->csum ) {
- /* very bad kludge to work around an early bug */
- csum -= checksum_u16( mpi_get_nbits(cert->d.elg.x) );
- nbytes = mpi_get_nlimbs(cert->d.elg.x) * 4;
+ switch( cert->pubkey_algo ) {
+ case PUBKEY_ALGO_ELGAMAL:
+ csum = checksum_mpi( cert->d.elg.x );
+ break;
+ case PUBKEY_ALGO_DSA:
+ csum = checksum_mpi( cert->d.dsa.x );
+ break;
+ #ifdef HAVE_RSA_CIPHER
+ case PUBKEY_ALGO_RSA:
+ csum =0;
+ buffer = mpi_get_buffer( cert->d.rsa.rsa_d, &nbytes, NULL );
csum += checksum_u16( nbytes*8 );
- if( csum != cert->csum )
- return G10ERR_CHECKSUM;
- if( !opt.batch )
- log_info("Probably you have an old key - use "
- "\"--change-passphrase\" to convert.\n");
- }
- }
-
- return 0;
-}
-
-
-static int
-check_dsa( PKT_secret_cert *cert )
-{
- byte *buffer;
- u16 csum=0;
- int res;
- unsigned nbytes;
- u32 keyid[2];
- char save_iv[8];
-
- if( cert->is_protected ) { /* remove the protection */
- DEK *dek = NULL;
- MPI test_x;
- CIPHER_HANDLE cipher_hd=NULL;
-
- switch( cert->protect.algo ) {
- case CIPHER_ALGO_NONE: BUG(); break;
- case CIPHER_ALGO_BLOWFISH:
- case CIPHER_ALGO_CAST:
- keyid_from_skc( cert, keyid );
- if( cert->protect.s2k == 1 || cert->protect.s2k == 3 )
- dek = get_passphrase_hash( keyid, NULL,
- cert->protect.salt );
- else
- dek = get_passphrase_hash( keyid, NULL, NULL );
-
- cipher_hd = cipher_open( cert->protect.algo,
- CIPHER_MODE_AUTO_CFB, 1);
- cipher_setkey( cipher_hd, dek->key, dek->keylen );
- cipher_setiv( cipher_hd, NULL );
- m_free(dek); /* pw is in secure memory, so m_free() burns it */
- memcpy(save_iv, cert->protect.iv, 8 );
- cipher_decrypt( cipher_hd, cert->protect.iv, cert->protect.iv, 8 );
- mpi_set_secure(cert->d.dsa.x );
- /*fixme: maybe it is better to set the buffer secure with a
- * new get_buffer_secure() function */
- buffer = mpi_get_buffer( cert->d.dsa.x, &nbytes, NULL );
- cipher_decrypt( cipher_hd, buffer, buffer, nbytes );
- test_x = mpi_alloc_secure( mpi_get_nlimbs(cert->d.dsa.x) );
- mpi_set_buffer( test_x, buffer, nbytes, 0 );
- csum = checksum_mpi( test_x );
+ csum += checksum( buffer, nbytes );
+ m_free( buffer );
+ buffer = mpi_get_buffer( cert->d.rsa.rsa_p, &nbytes, NULL );
+ csum += checksum_u16( nbytes*8 );
+ csum += checksum( buffer, nbytes );
+ m_free( buffer );
+ buffer = mpi_get_buffer( cert->d.rsa.rsa_q, &nbytes, NULL );
+ csum += checksum_u16( nbytes*8 );
+ csum += checksum( buffer, nbytes );
+ m_free( buffer );
+ buffer = mpi_get_buffer( cert->d.rsa.rsa_u, &nbytes, NULL );
+ csum += checksum_u16( nbytes*8 );
+ csum += checksum( buffer, nbytes );
m_free( buffer );
- cipher_close( cipher_hd );
- /* now let's see wether we have used the right passphrase */
- if( csum != cert->csum ) {
- mpi_free(test_x);
- memcpy( cert->protect.iv, save_iv, 8 );
- return G10ERR_BAD_PASS;
- }
-
- mpi_swap( cert->d.dsa.x, test_x );
- res = dsa_check_secret_key( &cert->d.dsa );
- mpi_swap( cert->d.dsa.x, test_x );
- if( !res ) {
- mpi_free(test_x);
- memcpy( cert->protect.iv, save_iv, 8 );
- return G10ERR_BAD_PASS;
- }
- mpi_set(cert->d.dsa.x, test_x);
- mpi_free(test_x);
- cert->is_protected = 0;
break;
-
- default:
- return G10ERR_CIPHER_ALGO; /* unsupport protection algorithm */
+ #endif
+ default: BUG();
}
- }
- else { /* not protected */
- csum = checksum_mpi( cert->d.dsa.x );
- if( csum != cert->csum )
- return G10ERR_CHECKSUM;
- }
-
- return 0;
-}
-
-
-
-#ifdef HAVE_RSA_CIPHER
-/****************
- * FIXME: fix checksum stuff
- */
-static int
-check_rsa( PKT_secret_cert *cert )
-{
- byte *buffer;
- u16 csum=0;
- int res;
- unsigned nbytes;
- u32 keyid[2];
-
- if( cert->is_protected ) { /* remove the protection */
- DEK *dek = NULL;
- BLOWFISH_context *blowfish_ctx=NULL;
-
- switch( cert->protect.algo ) {
- /* FIXME: use test variables to check for the correct key */
- case CIPHER_ALGO_NONE: BUG(); break;
- case CIPHER_ALGO_BLOWFISH:
- keyid_from_skc( cert, keyid );
- dek = get_passphrase_hash( keyid, NULL, NULL );
- blowfish_ctx = m_alloc_secure( sizeof *blowfish_ctx );
- blowfish_setkey( blowfish_ctx, dek->key, dek->keylen );
- m_free(dek); /* pw is in secure memory, so m_free() burns it */
- blowfish_setiv( blowfish_ctx, NULL );
- blowfish_decode_cfb( blowfish_ctx, cert->protect.iv,
- cert->protect.iv, 8 );
- csum = 0;
- #define X(a) do { \
- mpi_set_secure(cert->d.rsa.rsa_##a); \
- buffer = mpi_get_buffer( cert->d.rsa.rsa_##a, &nbytes, NULL );\
- csum += checksum_u16( nbytes*8 ); \
- blowfish_decode_cfb( blowfish_ctx, buffer, buffer, nbytes ); \
- csum += checksum( buffer, nbytes ); \
- mpi_set_buffer(cert->d.rsa.rsa_##a, buffer, nbytes, 0 ); \
- m_free( buffer ); \
- } while(0)
- X(d);
- X(p);
- X(q);
- X(u);
- #undef X
- cert->is_protected = 0;
- m_free( blowfish_ctx );
- /* now let's see wether we have used the right passphrase */
+ if( csum != cert->csum ) {
+ if( cert->pubkey_algo == PUBKEY_ALGO_ELGAMAL ) {
+ /* very bad kludge to work around an early bug */
+ csum -= checksum_u16( mpi_get_nbits(cert->d.elg.x) );
+ nbytes = mpi_get_nlimbs(cert->d.elg.x) * 4;
+ csum += checksum_u16( nbytes*8 );
+ if( !opt.batch && csum == cert->csum )
+ log_info("Probably you have an old key - use "
+ "\"--change-passphrase\" to convert.\n");
+ }
if( csum != cert->csum )
- return G10ERR_BAD_PASS;
-
- res = rsa_check_secret_key( &cert->d.rsa );
- if( !res )
- return G10ERR_BAD_PASS;
- break;
-
- default:
- return G10ERR_CIPHER_ALGO; /* unsupported protection algorithm */
+ return G10ERR_CHECKSUM;
}
}
- else { /* not protected */
- csum =0;
- buffer = mpi_get_buffer( cert->d.rsa.rsa_d, &nbytes, NULL );
- csum += checksum_u16( nbytes*8 );
- csum += checksum( buffer, nbytes );
- m_free( buffer );
- buffer = mpi_get_buffer( cert->d.rsa.rsa_p, &nbytes, NULL );
- csum += checksum_u16( nbytes*8 );
- csum += checksum( buffer, nbytes );
- m_free( buffer );
- buffer = mpi_get_buffer( cert->d.rsa.rsa_q, &nbytes, NULL );
- csum += checksum_u16( nbytes*8 );
- csum += checksum( buffer, nbytes );
- m_free( buffer );
- buffer = mpi_get_buffer( cert->d.rsa.rsa_u, &nbytes, NULL );
- csum += checksum_u16( nbytes*8 );
- csum += checksum( buffer, nbytes );
- m_free( buffer );
- if( csum != cert->csum )
- return G10ERR_CHECKSUM;
- }
return 0;
}
-#endif /*HAVE_RSA_CIPHER*/
-
@@ -307,16 +216,13 @@ check_secret_key( PKT_secret_cert *cert )
for(i=0; i < 3 && rc == G10ERR_BAD_PASS; i++ ) {
if( i )
log_error("Invalid passphrase; please try again ...\n");
- if( cert->pubkey_algo == PUBKEY_ALGO_ELGAMAL )
- rc = check_elg( cert );
- else if( cert->pubkey_algo == PUBKEY_ALGO_DSA )
- rc = check_dsa( cert );
- #ifdef HAVE_RSA_CIPHER
- else if( cert->pubkey_algo == PUBKEY_ALGO_RSA )
- rc = check_rsa( cert );
- #endif
- else
- rc = G10ERR_PUBKEY_ALGO;
+ switch( cert->pubkey_algo ) {
+ case PUBKEY_ALGO_ELGAMAL:
+ case PUBKEY_ALGO_DSA:
+ rc = do_check( cert );
+ break;
+ default: rc = G10ERR_PUBKEY_ALGO;
+ }
if( get_passphrase_fd() != -1 )
break;
}
diff --git a/g10/sign.c b/g10/sign.c
index 7e7921034..0fffc5f0b 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -39,9 +39,7 @@
-
-
-static int
+int
complete_sig( PKT_signature *sig, PKT_secret_cert *skc, MD_HANDLE md )
{
int rc=0;
@@ -468,685 +466,3 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
-
-static void
-show_fingerprint( PKT_public_cert *pkc )
-{
- byte *array, *p;
- size_t i, n;
-
- p = array = fingerprint_from_pkc( pkc, &n );
- tty_printf(" Fingerprint:");
- if( n == 20 ) {
- for(i=0; i < n ; i++, i++, p += 2 ) {
- if( i == 10 )
- tty_printf(" ");
- tty_printf(" %02X%02X", *p, p[1] );
- }
- }
- else {
- for(i=0; i < n ; i++, p++ ) {
- if( i && !(i%8) )
- tty_printf(" ");
- tty_printf(" %02X", *p );
- }
- }
- tty_printf("\n");
- m_free(array);
-}
-
-
-/****************
- * Ask wether the user is willing to sign the key. Return true if so.
- */
-static int
-sign_it_p( PKT_public_cert *pkc, PKT_user_id *uid )
-{
- char *answer;
- int yes;
-
- tty_printf("\nAre you really sure that you want so sign this key:\n\n"
- "%4u%c/%08lX %s ",
- nbits_from_pkc( pkc ),
- pubkey_letter( pkc->pubkey_algo ),
- (ulong)keyid_from_pkc( pkc, NULL ),
- datestr_from_pkc( pkc ) );
- tty_print_string( uid->name, uid->len );
- tty_printf("\n");
- show_fingerprint(pkc);
- tty_printf("\n");
- answer = tty_get("Sign this key? ");
- tty_kill_prompt();
- yes = answer_is_yes(answer);
- m_free(answer);
- return yes;
-}
-
-
-/****************
- * Check the keysigs and set the flags to indicate errors.
- * Usage of nodes flag bits:
- * Bit 0 = bad signature
- * 1 = no public key
- * 2 = other error
- * Returns true if error found.
- */
-static int
-check_all_keysigs( KBNODE keyblock )
-{
- KBNODE kbctx;
- KBNODE node;
- int rc;
- int inv_sigs = 0;
- int no_key = 0;
- int oth_err = 0;
-
- for( kbctx=NULL; (node=walk_kbnode( keyblock, &kbctx, 0)) ; ) {
- if( node->pkt->pkttype == PKT_SIGNATURE
- && (node->pkt->pkt.signature->sig_class&~3) == 0x10 ) {
- PKT_signature *sig = node->pkt->pkt.signature;
- int sigrc;
-
- tty_printf("sig");
- switch( (rc = check_key_signature( keyblock, node,NULL)) ) {
- case 0: node->flag = 0; sigrc = '!'; break;
- case G10ERR_BAD_SIGN: inv_sigs++; node->flag = 1; sigrc = '-'; break;
- case G10ERR_NO_PUBKEY: no_key++; node->flag = 2; sigrc = '?'; break;
- default: oth_err++; node->flag = 4; sigrc = '%'; break;
- }
- tty_printf("%c %08lX %s ",
- sigrc, sig->keyid[1], datestr_from_sig(sig));
- if( sigrc == '%' )
- tty_printf("[%s] ", g10_errstr(rc) );
- else if( sigrc == '?' )
- ;
- else {
- size_t n;
- char *p = get_user_id( sig->keyid, &n );
- tty_print_string( p, n > 40? 40 : n );
- m_free(p);
- }
- tty_printf("\n");
- /* FIXME: update the trustdb */
- }
- }
- if( inv_sigs )
- tty_printf("%d bad signatures\n", inv_sigs );
- if( no_key )
- tty_printf("No public key for %d signatures\n", no_key );
- if( oth_err )
- tty_printf("%d signatures not checked due to errors\n", oth_err );
- return inv_sigs || no_key || oth_err;
-}
-
-
-/****************
- * Ask and remove invalid signatures are to be removed.
- */
-static int
-remove_keysigs( KBNODE keyblock, u32 *keyid, int all )
-{
- KBNODE kbctx;
- KBNODE node;
- char *answer;
- int yes;
- int count;
-
- count = 0;
- for( kbctx=NULL; (node=walk_kbnode( keyblock, &kbctx, 0)) ; ) {
- if( ((node->flag & 7) || all )
- && node->pkt->pkttype == PKT_SIGNATURE
- && (node->pkt->pkt.signature->sig_class&~3) == 0x10 ) {
- PKT_signature *sig = node->pkt->pkt.signature;
-
- if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] ) {
- /* fixme: skip self-sig */
- }
-
- tty_printf("\n \"%08lX %s ",
- sig->keyid[1], datestr_from_sig(sig));
- if( node->flag & 6 )
- tty_printf("[User name not available] ");
- else {
- size_t n;
- char *p = get_user_id( sig->keyid, &n );
- tty_print_string( p, n );
- m_free(p);
- }
- tty_printf("\"\n");
- if( node->flag & 1 )
- tty_printf("This is a BAD signature!\n");
- else if( node->flag & 2 )
- tty_printf("Public key not available.\n");
- else if( node->flag & 4 )
- tty_printf("The signature could not be checked!\n");
-
- if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] )
- continue; /* do not remove self-signatures */
-
- answer = tty_get("\nRemove this signature? ");
- tty_kill_prompt();
- if( answer_is_yes(answer) ) {
- node->flag |= 128; /* use bit 7 to mark this node */
- count++;
- }
- m_free(answer);
- }
- }
-
- if( !count )
- return 0; /* nothing to remove */
- answer = tty_get("Do you really want to remove the selected signatures? ");
- tty_kill_prompt();
- yes = answer_is_yes(answer);
- m_free(answer);
- if( !yes )
- return 0;
-
- for( kbctx=NULL; (node=walk_kbnode( keyblock, &kbctx, 1)) ; ) {
- if( node->flag & 128)
- delete_kbnode(node );
- }
-
- return 1;
-}
-
-
-/****************
- * This functions signs the key of USERNAME with all users listed in
- * LOCUSR. If LOCUSR is NULL the default secret certificate will
- * be used. This works on all keyrings, so there is no armor or
- * compress stuff here.
- */
-int
-sign_key( const char *username, STRLIST locusr )
-{
- md_filter_context_t mfx;
- int rc = 0;
- SKC_LIST skc_list = NULL;
- SKC_LIST skc_rover = NULL;
- KBNODE keyblock = NULL;
- KBNODE kbctx, node;
- KBPOS kbpos;
- PKT_public_cert *pkc;
- u32 pkc_keyid[2];
- char *answer;
-
- memset( &mfx, 0, sizeof mfx);
-
- /* search the userid */
- rc = find_keyblock_byname( &kbpos, username );
- if( rc ) {
- log_error("user '%s' not found\n", username );
- goto leave;
- }
-
- /* build a list of all signators */
- rc=build_skc_list( locusr, &skc_list, 0, 1 );
- if( rc )
- goto leave;
-
-
- /* read the keyblock */
- rc = read_keyblock( &kbpos, &keyblock );
- if( rc ) {
- log_error("error reading the certificate: %s\n", g10_errstr(rc) );
- goto leave;
- }
-
- /* get the keyid from the keyblock */
- node = find_kbnode( keyblock, PKT_PUBLIC_CERT );
- if( !node ) {
- log_error("Oops; public key not found anymore!\n");
- rc = G10ERR_GENERAL;
- goto leave;
- }
-
- pkc = node->pkt->pkt.public_cert;
- keyid_from_pkc( pkc, pkc_keyid );
- log_info("Checking signatures of this public key certificate:\n");
- tty_printf("pub %4u%c/%08lX %s ",
- nbits_from_pkc( pkc ),
- pubkey_letter( pkc->pubkey_algo ),
- pkc_keyid[1], datestr_from_pkc(pkc) );
- {
- size_t n;
- char *p = get_user_id( pkc_keyid, &n );
- tty_print_string( p, n > 40? 40 : n );
- m_free(p);
- tty_printf("\n");
- }
-
- clear_kbnode_flags( keyblock );
- if( check_all_keysigs( keyblock ) ) {
- if( !opt.batch ) {
- /* ask wether we really should do anything */
- answer = tty_get("To you want to remove some of the invalid sigs? ");
- tty_kill_prompt();
- if( answer_is_yes(answer) )
- remove_keysigs( keyblock, pkc_keyid, 0 );
- m_free(answer);
- }
- }
-
- /* check wether we have already signed it */
- for( skc_rover = skc_list; skc_rover; skc_rover = skc_rover->next ) {
- u32 akeyid[2];
-
- keyid_from_skc( skc_rover->skc, akeyid );
- for( kbctx=NULL; (node=walk_kbnode( keyblock, &kbctx, 0)) ; ) {
- if( node->pkt->pkttype == PKT_SIGNATURE
- && (node->pkt->pkt.signature->sig_class&~3) == 0x10 ) {
- if( akeyid[0] == node->pkt->pkt.signature->keyid[0]
- && akeyid[1] == node->pkt->pkt.signature->keyid[1] ) {
- log_info("Already signed by keyid %08lX\n",
- (ulong)akeyid[1] );
- skc_rover->mark = 1;
- }
- }
- }
- }
- for( skc_rover = skc_list; skc_rover; skc_rover = skc_rover->next ) {
- if( !skc_rover->mark )
- break;
- }
- if( !skc_rover ) {
- log_info("Nothing to sign\n");
- goto leave;
- }
-
- /* Loop over all signers and all user ids and sign */
- for( skc_rover = skc_list; skc_rover; skc_rover = skc_rover->next ) {
- if( skc_rover->mark )
- continue;
- for( kbctx=NULL; (node=walk_kbnode( keyblock, &kbctx, 0)) ; ) {
- if( node->pkt->pkttype == PKT_USER_ID ) {
- if( sign_it_p( pkc, node->pkt->pkt.user_id ) ) {
- PACKET *pkt;
- PKT_signature *sig;
-
- rc = make_keysig_packet( &sig, pkc,
- node->pkt->pkt.user_id,
- skc_rover->skc,
- 0x10,
- DIGEST_ALGO_RMD160 );
- if( rc ) {
- log_error("make_keysig_packet failed: %s\n", g10_errstr(rc));
- goto leave;
- }
-
- pkt = m_alloc_clear( sizeof *pkt );
- pkt->pkttype = PKT_SIGNATURE;
- pkt->pkt.signature = sig;
- insert_kbnode( node, new_kbnode(pkt), PKT_USER_ID );
- }
- }
- }
- }
-
- rc = update_keyblock( &kbpos, keyblock );
- if( rc ) {
- log_error("update_keyblock failed: %s\n", g10_errstr(rc) );
- goto leave;
- }
-
- leave:
- release_kbnode( keyblock );
- release_skc_list( skc_list );
- md_close( mfx.md );
- return rc;
-}
-
-
-
-int
-edit_keysigs( const char *username )
-{
- int rc = 0;
- KBNODE keyblock = NULL;
- KBNODE node;
- KBPOS kbpos;
- PKT_public_cert *pkc;
- u32 pkc_keyid[2];
-
- /* search the userid */
- rc = find_keyblock_byname( &kbpos, username );
- if( rc ) {
- log_error("%s: user not found\n", username );
- goto leave;
- }
-
- /* read the keyblock */
- rc = read_keyblock( &kbpos, &keyblock );
- if( rc ) {
- log_error("%s: certificate read problem: %s\n", username, g10_errstr(rc) );
- goto leave;
- }
-
- /* get the keyid from the keyblock */
- node = find_kbnode( keyblock, PKT_PUBLIC_CERT );
- if( !node ) {
- log_error("Oops; public key not found anymore!\n");
- rc = G10ERR_GENERAL;
- goto leave;
- }
-
- pkc = node->pkt->pkt.public_cert;
- keyid_from_pkc( pkc, pkc_keyid );
- log_info("Checking signatures of this public key certificate:\n");
- tty_printf("pub %4u%c/%08lX %s ",
- nbits_from_pkc( pkc ),
- pubkey_letter( pkc->pubkey_algo ),
- pkc_keyid[1], datestr_from_pkc(pkc) );
- {
- size_t n;
- char *p = get_user_id( pkc_keyid, &n );
- tty_print_string( p, n > 40? 40 : n );
- m_free(p);
- tty_printf("\n");
- }
-
- clear_kbnode_flags( keyblock );
- check_all_keysigs( keyblock );
- if( remove_keysigs( keyblock, pkc_keyid, 1 ) ) {
- rc = update_keyblock( &kbpos, keyblock );
- if( rc ) {
- log_error("update_keyblock failed: %s\n", g10_errstr(rc) );
- goto leave;
- }
- }
-
- leave:
- release_kbnode( keyblock );
- return rc;
-}
-
-
-/****************
- * Delete a public or secret key from a keyring.
- */
-int
-delete_key( const char *username, int secret )
-{
- int rc = 0;
- KBNODE keyblock = NULL;
- KBNODE node;
- KBPOS kbpos;
- PKT_public_cert *pkc = NULL;
- PKT_secret_cert *skc = NULL;
- u32 keyid[2];
- int okay=0;
-
- /* search the userid */
- rc = secret? find_secret_keyblock_byname( &kbpos, username )
- : find_keyblock_byname( &kbpos, username );
- if( rc ) {
- log_error("%s: user not found\n", username );
- goto leave;
- }
-
- /* read the keyblock */
- rc = read_keyblock( &kbpos, &keyblock );
- if( rc ) {
- log_error("%s: read problem: %s\n", username, g10_errstr(rc) );
- goto leave;
- }
-
- /* get the keyid from the keyblock */
- node = find_kbnode( keyblock, secret? PKT_SECRET_CERT:PKT_PUBLIC_CERT );
- if( !node ) {
- log_error("Oops; key not found anymore!\n");
- rc = G10ERR_GENERAL;
- goto leave;
- }
-
- if( secret ) {
- skc = node->pkt->pkt.secret_cert;
- keyid_from_skc( skc, keyid );
- }
- else {
- pkc = node->pkt->pkt.public_cert;
- keyid_from_pkc( pkc, keyid );
- rc = seckey_available( keyid );
- if( !rc ) {
- log_error(_(
- "there is a secret key for this public key!\n"));
- log_info(_(
- "use option \"--delete-secret-key\" to delete it first.\n"));
- rc = -1;
- }
- else if( rc != G10ERR_NO_SECKEY )
- log_error("%s: get secret key: %s\n", username, g10_errstr(rc) );
- else
- rc = 0;
- }
-
- if( rc )
- rc = 0;
- else if( opt.batch && secret )
- log_error(_("can't do that in batch-mode\n"));
- else if( opt.batch && opt.answer_yes )
- okay++;
- else if( opt.batch )
- log_error(_("can't do that in batch-mode without \"--yes\"\n"));
- else {
- char *p;
- size_t n;
-
- if( secret )
- tty_printf("sec %4u%c/%08lX %s ",
- nbits_from_skc( skc ),
- pubkey_letter( skc->pubkey_algo ),
- keyid[1], datestr_from_skc(skc) );
- else
- tty_printf("pub %4u%c/%08lX %s ",
- nbits_from_pkc( pkc ),
- pubkey_letter( pkc->pubkey_algo ),
- keyid[1], datestr_from_pkc(pkc) );
- p = get_user_id( keyid, &n );
- tty_print_string( p, n );
- m_free(p);
- tty_printf("\n\n");
-
- p = tty_get(_("Delete this key from the keyring? "));
- tty_kill_prompt();
- if( secret && answer_is_yes(p)) {
- /* I think it is not required to check a passphrase; if
- * the user is so stupid to let others access his secret keyring
- * (and has no backup) - it is up him to read some very
- * basic texts about security.
- */
- m_free(p);
- p = tty_get(_("This is a secret key! - really delete? "));
- }
- if( answer_is_yes(p) )
- okay++;
- m_free(p);
- }
-
-
- if( okay ) {
- rc = delete_keyblock( &kbpos );
- if( rc ) {
- log_error("delete_keyblock failed: %s\n", g10_errstr(rc) );
- goto leave;
- }
- }
-
- leave:
- release_kbnode( keyblock );
- return rc;
-}
-
-
-int
-change_passphrase( const char *username )
-{
- int rc = 0;
- KBNODE keyblock = NULL;
- KBNODE node;
- KBPOS kbpos;
- PKT_secret_cert *skc;
- u32 skc_keyid[2];
- char *answer;
- int changed=0;
-
- /* search the userid */
- rc = find_secret_keyblock_byname( &kbpos, username );
- if( rc ) {
- log_error("secret key for user '%s' not found\n", username );
- goto leave;
- }
-
- /* read the keyblock */
- rc = read_keyblock( &kbpos, &keyblock );
- if( rc ) {
- log_error("error reading the certificate: %s\n", g10_errstr(rc) );
- goto leave;
- }
-
- /* get the keyid from the keyblock */
- node = find_kbnode( keyblock, PKT_SECRET_CERT );
- if( !node ) {
- log_error("Oops; secret key not found anymore!\n");
- rc = G10ERR_GENERAL;
- goto leave;
- }
-
- skc = node->pkt->pkt.secret_cert;
- keyid_from_skc( skc, skc_keyid );
- tty_printf("sec %4u%c/%08lX %s ",
- nbits_from_skc( skc ),
- pubkey_letter( skc->pubkey_algo ),
- skc_keyid[1], datestr_from_skc(skc) );
- {
- size_t n;
- char *p = get_user_id( skc_keyid, &n );
- tty_print_string( p, n );
- m_free(p);
- tty_printf("\n");
- }
-
- clear_kbnode_flags( keyblock );
- switch( is_secret_key_protected( skc ) ) {
- case -1:
- rc = G10ERR_PUBKEY_ALGO;
- break;
- case 0:
- tty_printf("This key is not protected.\n");
- break;
- default:
- tty_printf("Key is protected.\n");
- rc = check_secret_key( skc );
- break;
- }
-
- if( rc )
- tty_printf("Can't edit this key: %s\n", g10_errstr(rc));
- else {
- DEK *dek = m_alloc_secure( sizeof *dek + 8 );
- byte *salt = (byte*)dek + sizeof( *dek );
-
- tty_printf( "Enter the new passphrase for this secret key.\n\n" );
-
- for(;;) {
- dek->algo = CIPHER_ALGO_BLOWFISH;
- randomize_buffer(salt, 8, 1);
- rc = make_dek_from_passphrase( dek , 2, salt );
- if( rc == -1 ) {
- rc = 0;
- tty_printf( "You don't want a passphrase -"
- " this is probably a *bad* idea!\n\n");
- answer = tty_get("Do you really want to do this? ");
- tty_kill_prompt();
- if( answer_is_yes(answer) )
- changed++;
- m_free(answer);
- break;
- }
- else if( rc == G10ERR_PASSPHRASE ) {
- tty_printf("passphrase not correctly repeated; try again.\n");
- }
- else if( rc ) {
- m_free(dek); dek = NULL;
- log_error("Error getting the passphrase: %s\n", g10_errstr(rc));
- break;
- }
- else { /* okay */
- skc->protect.algo = CIPHER_ALGO_BLOWFISH;
- skc->protect.s2k = 1;
- skc->protect.hash = DIGEST_ALGO_RMD160;
- memcpy(skc->protect.salt, salt, 8);
- randomize_buffer(skc->protect.iv, 8, 1);
- rc = protect_secret_key( skc, dek );
- if( rc )
- log_error("protect_secret_key failed: %s\n", g10_errstr(rc) );
- else
- changed++;
- break;
- }
- }
- m_free(dek);
- }
-
-
- if( changed ) {
- rc = update_keyblock( &kbpos, keyblock );
- if( rc ) {
- log_error("update_keyblock failed: %s\n", g10_errstr(rc) );
- goto leave;
- }
- }
-
- leave:
- release_kbnode( keyblock );
- return rc;
-}
-
-
-/****************
- * Create a signature packet for the given public key certificate
- * and the user id and return it in ret_sig. User signature class SIGCLASS
- * user-id is not used (and may be NULL if sigclass is 0x20)
- */
-int
-make_keysig_packet( PKT_signature **ret_sig, PKT_public_cert *pkc,
- PKT_user_id *uid, PKT_secret_cert *skc,
- int sigclass, int digest_algo )
-{
- PKT_signature *sig;
- int rc=0;
- MD_HANDLE md;
-
- assert( (sigclass >= 0x10 && sigclass <= 0x13) || sigclass == 0x20 );
- md = md_open( digest_algo, 0 );
-
- /* hash the public key certificate and the user id */
- hash_public_cert( md, pkc );
- if( sigclass != 0x20 )
- md_write( md, uid->name, uid->len );
- /* and make the signature packet */
- sig = m_alloc_clear( sizeof *sig );
- sig->pubkey_algo = skc->pubkey_algo;
- sig->timestamp = make_timestamp();
- sig->sig_class = sigclass;
-
- md_putc( md, sig->sig_class );
- { u32 a = sig->timestamp;
- md_putc( md, (a >> 24) & 0xff );
- md_putc( md, (a >> 16) & 0xff );
- md_putc( md, (a >> 8) & 0xff );
- md_putc( md, a & 0xff );
- }
- md_final(md);
-
- rc = complete_sig( sig, skc, md );
-
- md_close( md );
- if( rc )
- free_seckey_enc( sig );
- else
- *ret_sig = sig;
- return rc;
-}
-
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-17 05:34:40 +0000