diff options
Diffstat (limited to '')
| -rw-r--r-- | g10/getkey.c | 111 | ||||
| -rw-r--r-- | g10/gpg.h | 3 | ||||
| -rw-r--r-- | g10/import.c | 44 | ||||
| -rw-r--r-- | g10/keydb.c | 33 | ||||
| -rw-r--r-- | g10/keydb.h | 5 | ||||
| -rw-r--r-- | g10/keyid.c | 3 |
6 files changed, 143 insertions, 56 deletions
diff --git a/g10/getkey.c b/g10/getkey.c index 707a106e4..4f10c1821 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -74,6 +74,7 @@ static struct typedef struct keyid_list { struct keyid_list *next; + char fpr[MAX_FINGERPRINT_LEN]; u32 keyid[2]; } *keyid_list_t; @@ -263,6 +264,7 @@ cache_user_id (KBNODE keyblock) keyid_list_t a = xmalloc_clear (sizeof *a); /* Hmmm: For a long list of keyids it might be an advantage * to append the keys. */ + fingerprint_from_pk (k->pkt->pkt.public_key, a->fpr, NULL); keyid_from_pk (k->pkt->pkt.public_key, a->keyid); /* First check for duplicates. */ for (r = user_id_db; r; r = r->next) @@ -270,8 +272,7 @@ cache_user_id (KBNODE keyblock) keyid_list_t b = r->keyids; for (b = r->keyids; b; b = b->next) { - if (b->keyid[0] == a->keyid[0] - && b->keyid[1] == a->keyid[1]) + if (!memcmp (b->fpr, a->fpr, MAX_FINGERPRINT_LEN)) { if (DBG_CACHE) log_debug ("cache_user_id: already in cache\n"); @@ -950,6 +951,34 @@ get_pubkey_end (GETKEY_CTX ctx) } +/* Search for a key with the given standard fingerprint. In contrast + * to get_pubkey_byfprint we assume a right padded fingerprint of the + * standard length. PK may be NULL to only put the result into the + * internal caches. */ +gpg_error_t +get_pubkey_byfpr (PKT_public_key *pk, const byte *fpr) +{ + gpg_error_t err; + struct getkey_ctx_s ctx; + kbnode_t kb = NULL; + + memset (&ctx, 0, sizeof ctx); + ctx.exact = 1; + ctx.not_allocated = 1; + ctx.kr_handle = keydb_new (); + ctx.nitems = 1; + ctx.items[0].mode = KEYDB_SEARCH_MODE_FPR; + memcpy (ctx.items[0].u.fpr, fpr, MAX_FINGERPRINT_LEN); + err = lookup (&ctx, &kb, 0); + if (!err && pk) + pk_from_block (&ctx, pk, kb); + release_kbnode (kb); + get_pubkey_end (&ctx); + + return err; +} + + /* Search for a key with the given fingerprint. * FIXME: * We should replace this with the _byname function. This can be done @@ -2687,11 +2716,10 @@ enum_secret_keys (void **context, PKT_public_key *sk) /* Return a string with a printable representation of the user_id. * this string must be freed by xfree. */ -char * +static char * get_user_id_string (u32 * keyid) { user_id_db_t r; - char *p; int pass = 0; /* Try it two times; second pass reads from key resources. */ do @@ -2703,17 +2731,13 @@ get_user_id_string (u32 * keyid) { if (a->keyid[0] == keyid[0] && a->keyid[1] == keyid[1]) { - p = xmalloc (keystrlen () + 1 + r->len + 1); - sprintf (p, "%s %.*s", keystr (keyid), r->len, r->name); - return p; + return xasprintf ("%s %.*s", keystr (keyid), r->len, r->name); } } } } while (++pass < 2 && !get_pubkey (NULL, keyid)); - p = xmalloc (keystrlen () + 5); - sprintf (p, "%s [?]", keystr (keyid)); - return p; + return xasprintf ("%s [?]", keystr (keyid)); } @@ -2731,33 +2755,30 @@ char * get_long_user_id_string (u32 * keyid) { user_id_db_t r; - char *p; + keyid_list_t a; int pass = 0; /* Try it two times; second pass reads from key resources. */ do { for (r = user_id_db; r; r = r->next) { - keyid_list_t a; for (a = r->keyids; a; a = a->next) { if (a->keyid[0] == keyid[0] && a->keyid[1] == keyid[1]) { - p = xmalloc (r->len + 20); - sprintf (p, "%08lX%08lX %.*s", - (ulong) keyid[0], (ulong) keyid[1], - r->len, r->name); - return p; + return xasprintf ("%08lX%08lX %.*s", + (ulong) keyid[0], (ulong) keyid[1], + r->len, r->name); } } } } while (++pass < 2 && !get_pubkey (NULL, keyid)); - p = xmalloc (25); - sprintf (p, "%08lX%08lX [?]", (ulong) keyid[0], (ulong) keyid[1]); - return p; + return xasprintf ("%08lX%08lX [?]", (ulong) keyid[0], (ulong) keyid[1]); } + +/* Please try to use get_user_id_native instead of this one. */ char * get_user_id (u32 * keyid, size_t * rn) { @@ -2792,6 +2813,7 @@ get_user_id (u32 * keyid, size_t * rn) return p; } +/* Please try to use get_user_id_byfpr_native instead of this one. */ char * get_user_id_native (u32 * keyid) { @@ -2802,6 +2824,55 @@ get_user_id_native (u32 * keyid) return p2; } + +/* Return a user id from the caching by looking it up using the FPR + which mustbe of size MAX_FINGERPRINT_LEN. */ +char * +get_user_id_byfpr (const byte *fpr, size_t *rn) +{ + user_id_db_t r; + char *p; + int pass = 0; + + /* Try it two times; second pass reads from key resources. */ + do + { + for (r = user_id_db; r; r = r->next) + { + keyid_list_t a; + for (a = r->keyids; a; a = a->next) + { + if (!memcmp (a->fpr, fpr, MAX_FINGERPRINT_LEN)) + { + /* An empty string as user id is possible. Make + sure that the malloc allocates one byte and does + not bail out. */ + p = xmalloc (r->len? r->len : 1); + memcpy (p, r->name, r->len); + *rn = r->len; + return p; + } + } + } + } + while (++pass < 2 && !get_pubkey_byfpr (NULL, fpr)); + p = xstrdup (user_id_not_found_utf8 ()); + *rn = strlen (p); + return p; +} + +char * +get_user_id_byfpr_native (const byte *fpr) +{ + size_t rn; + char *p = get_user_id_byfpr (fpr, &rn); + char *p2 = utf8_to_native (p, rn, 0); + xfree (p); + return p2; +} + + + KEYDB_HANDLE get_ctx_handle (GETKEY_CTX ctx) { @@ -37,7 +37,8 @@ /* Number of bits we accept when reading or writing MPIs. */ #define MAX_EXTERN_MPI_BITS 16384 -/* The maximum length of a binary fingerprints. */ +/* The maximum length of a binary fingerprints. + Warning: At some places we still use 20 instead of this macro. */ #define MAX_FINGERPRINT_LEN 20 diff --git a/g10/import.c b/g10/import.c index ca35ce1b9..16e2b0b4b 100644 --- a/g10/import.c +++ b/g10/import.c @@ -45,7 +45,6 @@ struct stats_s { ulong count; ulong no_user_id; ulong imported; - ulong imported_rsa; ulong n_uids; ulong n_sigs; ulong n_subk; @@ -399,10 +398,8 @@ import_print_stats (void *hd) stats->skipped_new_keys ); if( stats->no_user_id ) log_info(_(" w/o user IDs: %lu\n"), stats->no_user_id ); - if( stats->imported || stats->imported_rsa ) { + if( stats->imported) { log_info(_(" imported: %lu"), stats->imported ); - if (stats->imported_rsa) - log_printf (" (RSA: %lu)", stats->imported_rsa ); log_printf ("\n"); } if( stats->unchanged ) @@ -431,11 +428,10 @@ import_print_stats (void *hd) if( is_status_enabled() ) { char buf[14*20]; - sprintf(buf, "%lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu", + sprintf(buf, "%lu %lu %lu 0 %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu", stats->count, stats->no_user_id, stats->imported, - stats->imported_rsa, stats->unchanged, stats->n_uids, stats->n_subk, @@ -855,12 +851,15 @@ import_one (ctrl_t ctrl, PKT_public_key *pk_orig; KBNODE node, uidnode; KBNODE keyblock_orig = NULL; + byte fpr2[MAX_FINGERPRINT_LEN]; + size_t fpr2len; u32 keyid[2]; int rc = 0; int new_key = 0; int mod_key = 0; int same_key = 0; int non_self = 0; + size_t an; char pkstrbuf[PUBKEY_STRING_SIZE]; /* get the key and print some info about it */ @@ -870,6 +869,9 @@ import_one (ctrl_t ctrl, pk = node->pkt->pkt.public_key; + fingerprint_from_pk (pk, fpr2, &fpr2len); + for (an = fpr2len; an < MAX_FINGERPRINT_LEN; an++) + fpr2[an] = 0; keyid_from_pk( pk, keyid ); uidnode = find_next_kbnode( keyblock, PKT_USER_ID ); @@ -957,7 +959,7 @@ import_one (ctrl_t ctrl, /* do we have this key already in one of our pubrings ? */ pk_orig = xmalloc_clear( sizeof *pk_orig ); - rc = get_pubkey_fast ( pk_orig, keyid ); + rc = get_pubkey_byfprint_fast (pk_orig, fpr2, fpr2len); if( rc && rc != G10ERR_NO_PUBKEY && rc != G10ERR_UNU_PUBKEY ) { if (!silent) @@ -1003,9 +1005,9 @@ import_one (ctrl_t ctrl, /* we are ready */ if( !opt.quiet && !silent) { - char *p=get_user_id_native (keyid); - log_info( _("key %s: public key \"%s\" imported\n"), - keystr(keyid),p); + char *p = get_user_id_byfpr_native (fpr2); + log_info (_("key %s: public key \"%s\" imported\n"), + keystr(keyid), p); xfree(p); } if( is_status_enabled() ) @@ -1016,8 +1018,6 @@ import_one (ctrl_t ctrl, print_import_ok (pk, 1); } stats->imported++; - if( is_RSA( pk->pubkey_algo ) ) - stats->imported_rsa++; new_key = 1; } else { /* merge */ @@ -1033,17 +1033,11 @@ import_one (ctrl_t ctrl, goto leave; } - /* now read the original keyblock */ + /* Now read the original keyblock again so that we can use + that handle for updating the keyblock. */ hd = keydb_new (); - { - byte afp[MAX_FINGERPRINT_LEN]; - size_t an; - - fingerprint_from_pk (pk_orig, afp, &an); - while (an < MAX_FINGERPRINT_LEN) - afp[an++] = 0; - rc = keydb_search_fpr (hd, afp); - } + keydb_disable_caching (hd); + rc = keydb_search_fpr (hd, fpr2); if( rc ) { log_error (_("key %s: can't locate original keyblock: %s\n"), @@ -1051,7 +1045,7 @@ import_one (ctrl_t ctrl, keydb_release (hd); goto leave; } - rc = keydb_get_keyblock (hd, &keyblock_orig ); + rc = keydb_get_keyblock (hd, &keyblock_orig); if (rc) { log_error (_("key %s: can't read original keyblock: %s\n"), @@ -1094,7 +1088,7 @@ import_one (ctrl_t ctrl, /* we are ready */ if( !opt.quiet && !silent) { - char *p=get_user_id_native(keyid); + char *p = get_user_id_byfpr_native (fpr2); if( n_uids == 1 ) log_info( _("key %s: \"%s\" 1 new user ID\n"), keystr(keyid),p); @@ -1145,7 +1139,7 @@ import_one (ctrl_t ctrl, if( !opt.quiet && !silent) { - char *p=get_user_id_native(keyid); + char *p = get_user_id_byfpr_native (fpr2); log_info( _("key %s: \"%s\" not changed\n"),keystr(keyid),p); xfree(p); } diff --git a/g10/keydb.c b/g10/keydb.c index a9a975378..c192e06b4 100644 --- a/g10/keydb.c +++ b/g10/keydb.c @@ -68,6 +68,7 @@ struct keydb_handle int locked; int found; unsigned long skipped_long_blobs; + int no_caching; int current; int used; /* Number of items in ACTIVE. */ struct resource_item active[MAX_KEYDB_RESOURCES]; @@ -75,7 +76,7 @@ struct keydb_handle /* This is a simple cache used to return the last result of a - successful long kid search. This works only for keybox resources + successful fingerprint search. This works only for keybox resources because (due to lack of a copy_keyblock function) we need to store an image of the keyblock which is fortunately instantly available for keyboxes. */ @@ -87,7 +88,7 @@ enum keyblock_cache_states { struct { enum keyblock_cache_states state; - u32 kid[2]; + byte fpr[MAX_FINGERPRINT_LEN]; iobuf_t iobuf; /* Image of the keyblock. */ u32 *sigstatus; int pk_no; @@ -570,6 +571,7 @@ keydb_new (void) return hd; } + void keydb_release (KEYDB_HANDLE hd) { @@ -600,6 +602,17 @@ keydb_release (KEYDB_HANDLE hd) } +/* Set a flag on handle to not use cached results. This is required + for updating a keyring. Fixme: Using a new parameter for keydb_new + might be a better solution. */ +void +keydb_disable_caching (KEYDB_HANDLE hd) +{ + if (hd) + hd->no_caching = 1; +} + + /* * Return the name of the current resource. This is function first * looks for the last found found, then for the current search @@ -1407,10 +1420,12 @@ keydb_search (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc, if (DBG_CACHE) dump_search_desc ("keydb_search", desc, ndesc); - if (ndesc == 1 && desc[0].mode == KEYDB_SEARCH_MODE_LONG_KID + if (!hd->no_caching + && ndesc == 1 + && (desc[0].mode == KEYDB_SEARCH_MODE_FPR20 + || desc[0].mode == KEYDB_SEARCH_MODE_FPR) && keyblock_cache.state == KEYBLOCK_CACHE_FILLED - && keyblock_cache.kid[0] == desc[0].u.kid[0] - && keyblock_cache.kid[1] == desc[0].u.kid[1]) + && !memcmp (keyblock_cache.fpr, desc[0].u.fpr, 20)) { /* (DESCINDEX is already set). */ if (DBG_CLOCK) @@ -1450,11 +1465,13 @@ keydb_search (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc, : rc); keyblock_cache_clear (); - if (!rc && ndesc == 1 && desc[0].mode == KEYDB_SEARCH_MODE_LONG_KID) + if (!hd->no_caching + && !rc + && ndesc == 1 && (desc[0].mode == KEYDB_SEARCH_MODE_FPR20 + || desc[0].mode == KEYDB_SEARCH_MODE_FPR)) { keyblock_cache.state = KEYBLOCK_CACHE_PREPARED; - keyblock_cache.kid[0] = desc[0].u.kid[0]; - keyblock_cache.kid[1] = desc[0].u.kid[1]; + memcpy (keyblock_cache.fpr, desc[0].u.fpr, 20); } if (DBG_CLOCK) diff --git a/g10/keydb.h b/g10/keydb.h index 78d151a51..c61e0ae18 100644 --- a/g10/keydb.h +++ b/g10/keydb.h @@ -135,6 +135,7 @@ gpg_error_t keydb_add_resource (const char *url, unsigned int flags); KEYDB_HANDLE keydb_new (void); void keydb_release (KEYDB_HANDLE hd); +void keydb_disable_caching (KEYDB_HANDLE hd); const char *keydb_get_resource_name (KEYDB_HANDLE hd); gpg_error_t keydb_get_keyblock (KEYDB_HANDLE hd, KBNODE *ret_kb); gpg_error_t keydb_update_keyblock (KEYDB_HANDLE hd, kbnode_t kb); @@ -221,6 +222,7 @@ int get_pubkey_bynames( GETKEY_CTX *rx, PKT_public_key *pk, int get_pubkey_next( GETKEY_CTX ctx, PKT_public_key *pk, KBNODE *ret_keyblock ); void get_pubkey_end( GETKEY_CTX ctx ); gpg_error_t get_seckey (PKT_public_key *pk, u32 *keyid); +gpg_error_t get_pubkey_byfpr (PKT_public_key *pk, const byte *fpr); int get_pubkey_byfprint( PKT_public_key *pk, const byte *fprint, size_t fprint_len ); int get_pubkey_byfprint_fast (PKT_public_key *pk, @@ -251,11 +253,12 @@ gpg_error_t enum_secret_keys (void **context, PKT_public_key *pk); void setup_main_keyids (kbnode_t keyblock); void merge_keys_and_selfsig( KBNODE keyblock ); -char*get_user_id_string( u32 *keyid ); char*get_user_id_string_native( u32 *keyid ); char*get_long_user_id_string( u32 *keyid ); char*get_user_id( u32 *keyid, size_t *rn ); char*get_user_id_native( u32 *keyid ); +char *get_user_id_byfpr (const byte *fpr, size_t *rn); +char *get_user_id_byfpr_native (const byte *fpr); KEYDB_HANDLE get_ctx_handle(GETKEY_CTX ctx); void release_akl(void); int parse_auto_key_locate(char *options); diff --git a/g10/keyid.c b/g10/keyid.c index f1fbec211..662806b3e 100644 --- a/g10/keyid.c +++ b/g10/keyid.c @@ -695,7 +695,8 @@ fingerprint_from_pk (PKT_public_key *pk, byte *array, size_t *ret_len) pk->keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ; gcry_md_close( md); - *ret_len = len; + if (ret_len) + *ret_len = len; return array; } |