search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
2006-09-06 Marcus Brinkmann <marcus@g10code.de>
[gnupg.git] / g10 / build-packet.c
blob8784819617d79a22f27ee377c5d6a680cbd09d31
1 /* build-packet.c - assemble packets and write them
2 * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
3 * 2006 Free Software Foundation, Inc.
4 *
5 * This file is part of GnuPG.
6 *
7 * GnuPG is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * GnuPG is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
20 * USA.
21 */
22
23 #include <config.h>
24 #include <stdio.h>
25 #include <stdlib.h>
26 #include <string.h>
27 #include <assert.h>
28 #include <ctype.h>
29
30 #include "gpg.h"
31 #include "packet.h"
32 #include "errors.h"
33 #include "iobuf.h"
34 #include "util.h"
35 #include "cipher.h"
36 #include "i18n.h"
37 #include "options.h"
38
39 static int do_user_id( IOBUF out, int ctb, PKT_user_id *uid );
40 static int do_public_key( IOBUF out, int ctb, PKT_public_key *pk );
41 static int do_secret_key( IOBUF out, int ctb, PKT_secret_key *pk );
42 static int do_symkey_enc( IOBUF out, int ctb, PKT_symkey_enc *enc );
43 static int do_pubkey_enc( IOBUF out, int ctb, PKT_pubkey_enc *enc );
44 static u32 calc_plaintext( PKT_plaintext *pt );
45 static int do_plaintext( IOBUF out, int ctb, PKT_plaintext *pt );
46 static int do_encrypted( IOBUF out, int ctb, PKT_encrypted *ed );
47 static int do_encrypted_mdc( IOBUF out, int ctb, PKT_encrypted *ed );
48 static int do_compressed( IOBUF out, int ctb, PKT_compressed *cd );
49 static int do_signature( IOBUF out, int ctb, PKT_signature *sig );
50 static int do_onepass_sig( IOBUF out, int ctb, PKT_onepass_sig *ops );
51
52 static int calc_header_length( u32 len, int new_ctb );
53 static int write_16(IOBUF inp, u16 a);
54 static int write_32(IOBUF inp, u32 a);
55 static int write_header( IOBUF out, int ctb, u32 len );
56 static int write_sign_packet_header( IOBUF out, int ctb, u32 len );
57 static int write_header2( IOBUF out, int ctb, u32 len, int hdrlen );
58 static int write_new_header( IOBUF out, int ctb, u32 len, int hdrlen );
59 static int write_version( IOBUF out, int ctb );
60
61 /****************
62 * Build a packet and write it to INP
63 * Returns: 0 := okay
64 * >0 := error
65 * Note: Caller must free the packet
66 */
67 int
68 build_packet( IOBUF out, PACKET *pkt )
69 {
70 int new_ctb=0, rc=0, ctb;
71 int pkttype;
72
73 if( DBG_PACKET )
74 log_debug("build_packet() type=%d\n", pkt->pkttype );
75 assert( pkt->pkt.generic );
76
77 switch( (pkttype = pkt->pkttype) )
78 {
79 case PKT_PLAINTEXT: new_ctb = pkt->pkt.plaintext->new_ctb; break;
80 case PKT_ENCRYPTED:
81 case PKT_ENCRYPTED_MDC: new_ctb = pkt->pkt.encrypted->new_ctb; break;
82 case PKT_COMPRESSED:new_ctb = pkt->pkt.compressed->new_ctb; break;
83 case PKT_USER_ID:
84 if( pkt->pkt.user_id->attrib_data )
85 pkttype = PKT_ATTRIBUTE;
86 break;
87 default: break;
88 }
89
90 if( new_ctb || pkttype > 15 ) /* new format */
91 ctb = 0xc0 | (pkttype & 0x3f);
92 else
93 ctb = 0x80 | ((pkttype & 15)<<2);
94 switch( pkttype )
95 {
96 case PKT_ATTRIBUTE:
97 case PKT_USER_ID:
98 rc = do_user_id( out, ctb, pkt->pkt.user_id );
99 break;
100 case PKT_OLD_COMMENT:
101 case PKT_COMMENT:
102 /*
103 Ignore these. Theoretically, this will never be called as
104 we have no way to output comment packets any longer, but
105 just in case there is some code path that would end up
106 outputting a comment that was written before comments were
107 dropped (in the public key?) this is a no-op.
108 */
109 break;
110 case PKT_PUBLIC_SUBKEY:
111 case PKT_PUBLIC_KEY:
112 rc = do_public_key( out, ctb, pkt->pkt.public_key );
113 break;
114 case PKT_SECRET_SUBKEY:
115 case PKT_SECRET_KEY:
116 rc = do_secret_key( out, ctb, pkt->pkt.secret_key );
117 break;
118 case PKT_SYMKEY_ENC:
119 rc = do_symkey_enc( out, ctb, pkt->pkt.symkey_enc );
120 break;
121 case PKT_PUBKEY_ENC:
122 rc = do_pubkey_enc( out, ctb, pkt->pkt.pubkey_enc );
123 break;
124 case PKT_PLAINTEXT:
125 rc = do_plaintext( out, ctb, pkt->pkt.plaintext );
126 break;
127 case PKT_ENCRYPTED:
128 rc = do_encrypted( out, ctb, pkt->pkt.encrypted );
129 break;
130 case PKT_ENCRYPTED_MDC:
131 rc = do_encrypted_mdc( out, ctb, pkt->pkt.encrypted );
132 break;
133 case PKT_COMPRESSED:
134 rc = do_compressed( out, ctb, pkt->pkt.compressed );
135 break;
136 case PKT_SIGNATURE:
137 rc = do_signature( out, ctb, pkt->pkt.signature );
138 break;
139 case PKT_ONEPASS_SIG:
140 rc = do_onepass_sig( out, ctb, pkt->pkt.onepass_sig );
141 break;
142 case PKT_RING_TRUST:
143 break; /* ignore it (keyring.c does write it directly)*/
144 case PKT_MDC: /* we write it directly, so we should never see it here. */
145 default:
146 log_bug("invalid packet type in build_packet()\n");
147 break;
148 }
149
150 return rc;
151 }
152
153
154 /*
155 * Write the mpi A to OUT.
156 */
157 static int
158 mpi_write (iobuf_t out, gcry_mpi_t a)
159 {
160 char buffer[(MAX_EXTERN_MPI_BITS+7)/8];
161 size_t nbytes;
162 int rc;
163
164 nbytes = (MAX_EXTERN_MPI_BITS+7)/8;
165 rc = gcry_mpi_print (GCRYMPI_FMT_PGP, buffer, nbytes, &nbytes, a );
166 if( !rc )
167 rc = iobuf_write( out, buffer, nbytes );
168
169 return rc;
170 }
171
172
173
174 /****************
175 * calculate the length of a packet described by PKT
176 */
177 u32
178 calc_packet_length( PACKET *pkt )
179 {
180 u32 n=0;
181 int new_ctb = 0;
182
183 assert( pkt->pkt.generic );
184 switch( pkt->pkttype ) {
185 case PKT_PLAINTEXT:
186 n = calc_plaintext( pkt->pkt.plaintext );
187 new_ctb = pkt->pkt.plaintext->new_ctb;
188 break;
189 case PKT_ATTRIBUTE:
190 case PKT_USER_ID:
191 case PKT_COMMENT:
192 case PKT_PUBLIC_KEY:
193 case PKT_SECRET_KEY:
194 case PKT_SYMKEY_ENC:
195 case PKT_PUBKEY_ENC:
196 case PKT_ENCRYPTED:
197 case PKT_SIGNATURE:
198 case PKT_ONEPASS_SIG:
199 case PKT_RING_TRUST:
200 case PKT_COMPRESSED:
201 default:
202 log_bug("invalid packet type in calc_packet_length()");
203 break;
204 }
205
206 n += calc_header_length(n, new_ctb);
207 return n;
208 }
209
210 static void
211 write_fake_data (IOBUF out, gcry_mpi_t a)
212 {
213 if (a)
214 {
215 unsigned int n;
216 void *p;
217
218 p = gcry_mpi_get_opaque ( a, &n );
219 iobuf_write (out, p, (n+7)/8 );
220 }
221 }
222
223 static int
224 do_user_id( IOBUF out, int ctb, PKT_user_id *uid )
225 {
226 int rc;
227
228 if( uid->attrib_data )
229 {
230 write_header(out, ctb, uid->attrib_len);
231 rc = iobuf_write( out, uid->attrib_data, uid->attrib_len );
232 }
233 else
234 {
235 write_header2( out, ctb, uid->len, 2 );
236 rc = iobuf_write( out, uid->name, uid->len );
237 }
238 return 0;
239 }
240
241 static int
242 do_public_key( IOBUF out, int ctb, PKT_public_key *pk )
243 {
244 int rc = 0;
245 int n, i;
246 IOBUF a = iobuf_temp();
247
248 if( !pk->version )
249 iobuf_put( a, 3 );
250 else
251 iobuf_put( a, pk->version );
252 write_32(a, pk->timestamp );
253 if( pk->version < 4 ) {
254 u16 ndays;
255 if( pk->expiredate )
256 ndays = (u16)((pk->expiredate - pk->timestamp) / 86400L);
257 else
258 ndays = 0;
259 write_16(a, ndays );
260 }
261 iobuf_put(a, pk->pubkey_algo );
262 n = pubkey_get_npkey( pk->pubkey_algo );
263 if( !n )
264 write_fake_data( a, pk->pkey[0] );
265 for(i=0; i < n; i++ )
266 mpi_write(a, pk->pkey[i] );
267
268 write_header2(out, ctb, iobuf_get_temp_length(a), pk->hdrbytes);
269 rc = iobuf_write_temp( out, a );
270
271 iobuf_close(a);
272 return rc;
273 }
274
275
276 static int
277 do_secret_key( IOBUF out, int ctb, PKT_secret_key *sk )
278 {
279 int rc = 0;
280 int i, nskey, npkey;
281 IOBUF a = iobuf_temp(); /* build in a self-enlarging buffer */
282
283 /* Write the version number - if none is specified, use 3 */
284 if( !sk->version )
285 iobuf_put( a, 3 );
286 else
287 iobuf_put( a, sk->version );
288 write_32(a, sk->timestamp );
289
290 /* v3 needs the expiration time */
291 if( sk->version < 4 ) {
292 u16 ndays;
293 if( sk->expiredate )
294 ndays = (u16)((sk->expiredate - sk->timestamp) / 86400L);
295 else
296 ndays = 0;
297 write_16(a, ndays);
298 }
299
300 iobuf_put(a, sk->pubkey_algo );
301
302 /* get number of secret and public parameters. They are held in
303 one array first the public ones, then the secret ones */
304 nskey = pubkey_get_nskey( sk->pubkey_algo );
305 npkey = pubkey_get_npkey( sk->pubkey_algo );
306
307 /* If we don't have any public parameters - which is the case if
308 we don't know the algorithm used - the parameters are stored as
309 one blob in a faked (opaque) MPI */
310 if( !npkey ) {
311 write_fake_data( a, sk->skey[0] );
312 goto leave;
313 }
314 assert( npkey < nskey );
315
316 /* Writing the public parameters is easy */
317 for(i=0; i < npkey; i++ )
318 mpi_write(a, sk->skey[i] );
319
320 /* build the header for protected (encrypted) secret parameters */
321 if( sk->is_protected ) {
322 if( is_RSA(sk->pubkey_algo) && sk->version < 4
323 && !sk->protect.s2k.mode ) {
324 /* the simple rfc1991 (v3) way */
325 iobuf_put(a, sk->protect.algo );
326 iobuf_write(a, sk->protect.iv, sk->protect.ivlen );
327 }
328 else {
329 /* OpenPGP protection according to rfc2440 */
330 iobuf_put(a, sk->protect.sha1chk? 0xfe : 0xff );
331 iobuf_put(a, sk->protect.algo );
332 if( sk->protect.s2k.mode >= 1000 ) {
333 /* These modes are not possible in OpenPGP, we use them
334 to implement our extensions, 101 can be seen as a
335 private/experimental extension (this is not
336 specified in rfc2440 but the same scheme is used
337 for all other algorithm identifiers) */
338 iobuf_put(a, 101 );
339 iobuf_put(a, sk->protect.s2k.hash_algo );
340 iobuf_write(a, "GNU", 3 );
341 iobuf_put(a, sk->protect.s2k.mode - 1000 );
342 }
343 else {
344 iobuf_put(a, sk->protect.s2k.mode );
345 iobuf_put(a, sk->protect.s2k.hash_algo );
346 }
347 if( sk->protect.s2k.mode == 1
348 || sk->protect.s2k.mode == 3 )
349 iobuf_write(a, sk->protect.s2k.salt, 8 );
350 if( sk->protect.s2k.mode == 3 )
351 iobuf_put(a, sk->protect.s2k.count );
352
353 /* For out special modes 1001, 1002 we do not need an IV */
354 if( sk->protect.s2k.mode != 1001
355 && sk->protect.s2k.mode != 1002 )
356 iobuf_write(a, sk->protect.iv, sk->protect.ivlen );
357 }
358 }
359 else
360 iobuf_put(a, 0 );
361
362 if( sk->protect.s2k.mode == 1001 )
363 ; /* GnuPG extension - don't write a secret key at all */
364 else if( sk->protect.s2k.mode == 1002 )
365 { /* GnuPG extension - divert to OpenPGP smartcard. */
366 iobuf_put(a, sk->protect.ivlen ); /* length of the serial
367 number or 0 for no serial
368 number. */
369 /* The serial number gets stored in the IV field. */
370 iobuf_write(a, sk->protect.iv, sk->protect.ivlen);
371 }
372 else if( sk->is_protected && sk->version >= 4 ) {
373 /* The secret key is protected - write it out as it is */
374 byte *p;
375 unsigned int ndatabits;
376
377 assert (gcry_mpi_get_flag (sk->skey[npkey], GCRYMPI_FLAG_OPAQUE));
378 p = gcry_mpi_get_opaque (sk->skey[npkey], &ndatabits );
379 iobuf_write (a, p, (ndatabits+7)/8 );
380 }
381 else if( sk->is_protected ) {
382 /* The secret key is protected te old v4 way. */
383 for( ; i < nskey; i++ ) {
384 byte *p;
385 unsigned int ndatabits;
386
387 assert (gcry_mpi_get_flag (sk->skey[i], GCRYMPI_FLAG_OPAQUE));
388 p = gcry_mpi_get_opaque (sk->skey[i], &ndatabits);
389 iobuf_write (a, p, (ndatabits+7)/8);
390 }
391 write_16(a, sk->csum );
392 }
393 else {
394 /* non-protected key */
395 for( ; i < nskey; i++ )
396 mpi_write(a, sk->skey[i] );
397 write_16(a, sk->csum );
398 }
399
400 leave:
401 /* Build the header of the packet - which we must do after writing all
402 the other stuff, so that we know the length of the packet */
403 write_header2(out, ctb, iobuf_get_temp_length(a), sk->hdrbytes);
404 /* And finally write it out the real stream */
405 rc = iobuf_write_temp( out, a );
406
407 iobuf_close(a); /* close the remporary buffer */
408 return rc;
409 }
410
411 static int
412 do_symkey_enc( IOBUF out, int ctb, PKT_symkey_enc *enc )
413 {
414 int rc = 0;
415 IOBUF a = iobuf_temp();
416
417 assert( enc->version == 4 );
418 switch( enc->s2k.mode ) {
419 case 0: case 1: case 3: break;
420 default: log_bug("do_symkey_enc: s2k=%d\n", enc->s2k.mode );
421 }
422 iobuf_put( a, enc->version );
423 iobuf_put( a, enc->cipher_algo );
424 iobuf_put( a, enc->s2k.mode );
425 iobuf_put( a, enc->s2k.hash_algo );
426 if( enc->s2k.mode == 1 || enc->s2k.mode == 3 ) {
427 iobuf_write(a, enc->s2k.salt, 8 );
428 if( enc->s2k.mode == 3 )
429 iobuf_put(a, enc->s2k.count);
430 }
431 if( enc->seskeylen )
432 iobuf_write(a, enc->seskey, enc->seskeylen );
433
434 write_header(out, ctb, iobuf_get_temp_length(a) );
435 rc = iobuf_write_temp( out, a );
436
437 iobuf_close(a);
438 return rc;
439 }
440
441
442 static int
443 do_pubkey_enc( IOBUF out, int ctb, PKT_pubkey_enc *enc )
444 {
445 int rc = 0;
446 int n, i;
447 IOBUF a = iobuf_temp();
448
449 write_version( a, ctb );
450 if( enc->throw_keyid ) {
451 write_32(a, 0 ); /* don't tell Eve who can decrypt the message */
452 write_32(a, 0 );
453 }
454 else {
455 write_32(a, enc->keyid[0] );
456 write_32(a, enc->keyid[1] );
457 }
458 iobuf_put(a,enc->pubkey_algo );
459 n = pubkey_get_nenc( enc->pubkey_algo );
460 if( !n )
461 write_fake_data( a, enc->data[0] );
462 for(i=0; i < n; i++ )
463 mpi_write(a, enc->data[i] );
464
465 write_header(out, ctb, iobuf_get_temp_length(a) );
466 rc = iobuf_write_temp( out, a );
467
468 iobuf_close(a);
469 return rc;
470 }
471
472
473 static u32
474 calc_plaintext( PKT_plaintext *pt )
475 {
476 /* Truncate namelen to the maximum 255 characters. Note this means
477 that a function that calls build_packet with an illegal literal
478 packet will get it back legalized. */
479
480 if(pt->namelen>255)
481 pt->namelen=255;
482
483 return pt->len? (1 + 1 + pt->namelen + 4 + pt->len) : 0;
484 }
485
486 static int
487 do_plaintext( IOBUF out, int ctb, PKT_plaintext *pt )
488 {
489 int i, rc = 0;
490 u32 n;
491 byte buf[1000]; /* this buffer has the plaintext! */
492 int nbytes;
493
494 write_header(out, ctb, calc_plaintext( pt ) );
495 iobuf_put(out, pt->mode );
496 iobuf_put(out, pt->namelen );
497 for(i=0; i < pt->namelen; i++ )
498 iobuf_put(out, pt->name[i] );
499 rc = write_32(out, pt->timestamp );
500 if (rc)
501 return rc;
502
503 n = 0;
504 while( (nbytes=iobuf_read(pt->buf, buf, 1000)) != -1 ) {
505 rc = iobuf_write (out, buf, nbytes);
506 if (rc)
507 break;
508 n += nbytes;
509 }
510 wipememory(buf,1000); /* burn the buffer */
511 if( (ctb&0x40) && !pt->len )
512 iobuf_set_partial_block_mode(out, 0 ); /* turn off partial */
513 if( pt->len && n != pt->len )
514 log_error("do_plaintext(): wrote %lu bytes but expected %lu bytes\n",
515 (ulong)n, (ulong)pt->len );
516
517 return rc;
518 }
519
520
521
522 static int
523 do_encrypted( IOBUF out, int ctb, PKT_encrypted *ed )
524 {
525 int rc = 0;
526 u32 n;
527
528 n = ed->len ? (ed->len + ed->extralen) : 0;
529 write_header(out, ctb, n );
530
531 /* This is all. The caller has to write the real data */
532
533 return rc;
534 }
535
536 static int
537 do_encrypted_mdc( IOBUF out, int ctb, PKT_encrypted *ed )
538 {
539 int rc = 0;
540 u32 n;
541
542 assert( ed->mdc_method );
543
544 /* Take version number and the following MDC packet in account. */
545 n = ed->len ? (ed->len + ed->extralen + 1 + 22) : 0;
546 write_header(out, ctb, n );
547 iobuf_put(out, 1 ); /* version */
548
549 /* This is all. The caller has to write the real data */
550
551 return rc;
552 }
553
554
555 static int
556 do_compressed( IOBUF out, int ctb, PKT_compressed *cd )
557 {
558 int rc = 0;
559
560 /* We must use the old convention and don't use blockmode for tyhe
561 sake of PGP 2 compatibility. However if the new_ctb flag was
562 set, CTB is already formatted as new style and write_header2
563 does create a partial length encoding using new the new
564 style. */
565 write_header2(out, ctb, 0, 0);
566 iobuf_put(out, cd->algorithm );
567
568 /* This is all. The caller has to write the real data */
569
570 return rc;
571 }
572
573
574 /****************
575 * Delete all subpackets of type REQTYPE and return a bool whether a packet
576 * was deleted.
577 */
578 int
579 delete_sig_subpkt (subpktarea_t *area, sigsubpkttype_t reqtype )
580 {
581 int buflen;
582 sigsubpkttype_t type;
583 byte *buffer, *bufstart;
584 size_t n;
585 size_t unused = 0;
586 int okay = 0;
587
588 if( !area )
589 return 0;
590 buflen = area->len;
591 buffer = area->data;
592 for(;;) {
593 if( !buflen ) {
594 okay = 1;
595 break;
596 }
597 bufstart = buffer;
598 n = *buffer++; buflen--;
599 if( n == 255 ) {
600 if( buflen < 4 )
601 break;
602 n = (buffer[0] << 24) | (buffer[1] << 16)
603 | (buffer[2] << 8) | buffer[3];
604 buffer += 4;
605 buflen -= 4;
606 }
607 else if( n >= 192 ) {
608 if( buflen < 2 )
609 break;
610 n = (( n - 192 ) << 8) + *buffer + 192;
611 buffer++;
612 buflen--;
613 }
614 if( buflen < n )
615 break;
616
617 type = *buffer & 0x7f;
618 if( type == reqtype ) {
619 buffer++;
620 buflen--;
621 n--;
622 if( n > buflen )
623 break;
624 buffer += n; /* point to next subpkt */
625 buflen -= n;
626 memmove (bufstart, buffer, buflen); /* shift */
627 unused += buffer - bufstart;
628 buffer = bufstart;
629 }
630 else {
631 buffer += n; buflen -=n;
632 }
633 }
634
635 if (!okay)
636 log_error ("delete_subpkt: buffer shorter than subpacket\n");
637 assert (unused <= area->len);
638 area->len -= unused;
639 return !!unused;
640 }
641
642
643 /****************
644 * Create or update a signature subpacket for SIG of TYPE. This
645 * functions knows where to put the data (hashed or unhashed). The
646 * function may move data from the unhashed part to the hashed one.
647 * Note: All pointers into sig->[un]hashed (e.g. returned by
648 * parse_sig_subpkt) are not valid after a call to this function. The
649 * data to put into the subpaket should be in a buffer with a length
650 * of buflen.
651 */
652 void
653 build_sig_subpkt (PKT_signature *sig, sigsubpkttype_t type,
654 const byte *buffer, size_t buflen )
655 {
656 byte *p;
657 int critical, hashed;
658 subpktarea_t *oldarea, *newarea;
659 size_t nlen, n, n0;
660
661 critical = (type & SIGSUBPKT_FLAG_CRITICAL);
662 type &= ~SIGSUBPKT_FLAG_CRITICAL;
663
664 /* Sanity check buffer sizes */
665 if(parse_one_sig_subpkt(buffer,buflen,type)<0)
666 BUG();
667
668 switch(type)
669 {
670 case SIGSUBPKT_NOTATION:
671 case SIGSUBPKT_POLICY:
672 case SIGSUBPKT_REV_KEY:
673 case SIGSUBPKT_SIGNATURE:
674 /* we do allow multiple subpackets */
675 break;
676
677 default:
678 /* we don't allow multiple subpackets */
679 delete_sig_subpkt(sig->hashed,type);
680 delete_sig_subpkt(sig->unhashed,type);
681 break;
682 }
683
684 /* Any special magic that needs to be done for this type so the
685 packet doesn't need to be reparsed? */
686 switch(type)
687 {
688 case SIGSUBPKT_NOTATION:
689 sig->flags.notation=1;
690 break;
691
692 case SIGSUBPKT_POLICY:
693 sig->flags.policy_url=1;
694 break;
695
696 case SIGSUBPKT_PREF_KS:
697 sig->flags.pref_ks=1;
698 break;
699
700 case SIGSUBPKT_EXPORTABLE:
701 if(buffer[0])
702 sig->flags.exportable=1;
703 else
704 sig->flags.exportable=0;
705 break;
706
707 case SIGSUBPKT_REVOCABLE:
708 if(buffer[0])
709 sig->flags.revocable=1;
710 else
711 sig->flags.revocable=0;
712 break;
713
714 case SIGSUBPKT_TRUST:
715 sig->trust_depth=buffer[0];
716 sig->trust_value=buffer[1];
717 break;
718
719 case SIGSUBPKT_REGEXP:
720 sig->trust_regexp=buffer;
721 break;
722
723 /* This should never happen since we don't currently allow
724 creating such a subpacket, but just in case... */
725 case SIGSUBPKT_SIG_EXPIRE:
726 if(buffer_to_u32(buffer)+sig->timestamp<=make_timestamp())
727 sig->flags.expired=1;
728 else
729 sig->flags.expired=0;
730 break;
731
732 default:
733 break;
734 }
735
736 if( (buflen+1) >= 8384 )
737 nlen = 5; /* write 5 byte length header */
738 else if( (buflen+1) >= 192 )
739 nlen = 2; /* write 2 byte length header */
740 else
741 nlen = 1; /* just a 1 byte length header */
742
743 switch( type )
744 {
745 /* The issuer being unhashed is a historical oddity. It
746 should work equally as well hashed. Of course, if even an
747 unhashed issuer is tampered with, it makes it awfully hard
748 to verify the sig... */
749 case SIGSUBPKT_ISSUER:
750 case SIGSUBPKT_SIGNATURE:
751 hashed = 0;
752 break;
753 default:
754 hashed = 1;
755 break;
756 }
757
758 if( critical )
759 type |= SIGSUBPKT_FLAG_CRITICAL;
760
761 oldarea = hashed? sig->hashed : sig->unhashed;
762
763 /* Calculate new size of the area and allocate */
764 n0 = oldarea? oldarea->len : 0;
765 n = n0 + nlen + 1 + buflen; /* length, type, buffer */
766 if (oldarea && n <= oldarea->size) { /* fits into the unused space */
767 newarea = oldarea;
768 /*log_debug ("updating area for type %d\n", type );*/
769 }
770 else if (oldarea) {
771 newarea = xrealloc (oldarea, sizeof (*newarea) + n - 1);
772 newarea->size = n;
773 /*log_debug ("reallocating area for type %d\n", type );*/
774 }
775 else {
776 newarea = xmalloc (sizeof (*newarea) + n - 1);
777 newarea->size = n;
778 /*log_debug ("allocating area for type %d\n", type );*/
779 }
780 newarea->len = n;
781
782 p = newarea->data + n0;
783 if (nlen == 5) {
784 *p++ = 255;
785 *p++ = (buflen+1) >> 24;
786 *p++ = (buflen+1) >> 16;
787 *p++ = (buflen+1) >> 8;
788 *p++ = (buflen+1);
789 *p++ = type;
790 memcpy (p, buffer, buflen);
791 }
792 else if (nlen == 2) {
793 *p++ = (buflen+1-192) / 256 + 192;
794 *p++ = (buflen+1-192) % 256;
795 *p++ = type;
796 memcpy (p, buffer, buflen);
797 }
798 else {
799 *p++ = buflen+1;
800 *p++ = type;
801 memcpy (p, buffer, buflen);
802 }
803
804 if (hashed)
805 sig->hashed = newarea;
806 else
807 sig->unhashed = newarea;
808 }
809
810 /****************
811 * Put all the required stuff from SIG into subpackets of sig.
812 * Hmmm, should we delete those subpackets which are in a wrong area?
813 */
814 void
815 build_sig_subpkt_from_sig( PKT_signature *sig )
816 {
817 u32 u;
818 byte buf[8];
819
820 u = sig->keyid[0];
821 buf[0] = (u >> 24) & 0xff;
822 buf[1] = (u >> 16) & 0xff;
823 buf[2] = (u >> 8) & 0xff;
824 buf[3] = u & 0xff;
825 u = sig->keyid[1];
826 buf[4] = (u >> 24) & 0xff;
827 buf[5] = (u >> 16) & 0xff;
828 buf[6] = (u >> 8) & 0xff;
829 buf[7] = u & 0xff;
830 build_sig_subpkt( sig, SIGSUBPKT_ISSUER, buf, 8 );
831
832 u = sig->timestamp;
833 buf[0] = (u >> 24) & 0xff;
834 buf[1] = (u >> 16) & 0xff;
835 buf[2] = (u >> 8) & 0xff;
836 buf[3] = u & 0xff;
837 build_sig_subpkt( sig, SIGSUBPKT_SIG_CREATED, buf, 4 );
838
839 if(sig->expiredate)
840 {
841 if(sig->expiredate>sig->timestamp)
842 u=sig->expiredate-sig->timestamp;
843 else
844 u=1; /* A 1-second expiration time is the shortest one
845 OpenPGP has */
846
847 buf[0] = (u >> 24) & 0xff;
848 buf[1] = (u >> 16) & 0xff;
849 buf[2] = (u >> 8) & 0xff;
850 buf[3] = u & 0xff;
851
852 /* Mark this CRITICAL, so if any implementation doesn't
853 understand sigs that can expire, it'll just disregard this
854 sig altogether. */
855
856 build_sig_subpkt( sig, SIGSUBPKT_SIG_EXPIRE | SIGSUBPKT_FLAG_CRITICAL,
857 buf, 4 );
858 }
859 }
860
861 void
862 build_attribute_subpkt(PKT_user_id *uid,byte type,
863 const void *buf,u32 buflen,
864 const void *header,u32 headerlen)
865 {
866 byte *attrib;
867 int idx;
868
869 if(1+headerlen+buflen>8383)
870 idx=5;
871 else if(1+headerlen+buflen>191)
872 idx=2;
873 else
874 idx=1;
875
876 /* realloc uid->attrib_data to the right size */
877
878 uid->attrib_data=xrealloc(uid->attrib_data,
879 uid->attrib_len+idx+1+headerlen+buflen);
880
881 attrib=&uid->attrib_data[uid->attrib_len];
882
883 if(idx==5)
884 {
885 attrib[0]=255;
886 attrib[1]=(1+headerlen+buflen) >> 24;
887 attrib[2]=(1+headerlen+buflen) >> 16;
888 attrib[3]=(1+headerlen+buflen) >> 8;
889 attrib[4]=1+headerlen+buflen;
890 }
891 else if(idx==2)
892 {
893 attrib[0]=(1+headerlen+buflen-192) / 256 + 192;
894 attrib[1]=(1+headerlen+buflen-192) % 256;
895 }
896 else
897 attrib[0]=1+headerlen+buflen; /* Good luck finding a JPEG this small! */
898
899 attrib[idx++]=type;
900
901 /* Tack on our data at the end */
902
903 if(headerlen>0)
904 memcpy(&attrib[idx],header,headerlen);
905 memcpy(&attrib[idx+headerlen],buf,buflen);
906 uid->attrib_len+=idx+headerlen+buflen;
907 }
908
909 struct notation *
910 string_to_notation(const char *string,int is_utf8)
911 {
912 const char *s;
913 int saw_at=0;
914 struct notation *notation;
915
916 notation=xmalloc_clear(sizeof(*notation));
917
918 if(*string=='-')
919 {
920 notation->flags.ignore=1;
921 string++;
922 }
923
924 if(*string=='!')
925 {
926 notation->flags.critical=1;
927 string++;
928 }
929
930 /* If and when the IETF assigns some official name tags, we'll have
931 to add them here. */
932
933 for( s=string ; *s != '='; s++ )
934 {
935 if( *s=='@')
936 saw_at++;
937
938 /* -notationname is legal without an = sign */
939 if(!*s && notation->flags.ignore)
940 break;
941
942 if( !*s || !isascii (*s) || (!isgraph(*s) && !isspace(*s)) )
943 {
944 log_error(_("a notation name must have only printable characters"
945 " or spaces, and end with an '='\n") );
946 goto fail;
947 }
948 }
949
950 notation->name=xmalloc((s-string)+1);
951 strncpy(notation->name,string,s-string);
952 notation->name[s-string]='\0';
953
954 if(!saw_at && !opt.expert)
955 {
956 log_error(_("a user notation name must contain the '@' character\n"));
957 goto fail;
958 }
959
960 if (saw_at > 1)
961 {
962 log_error(_("a notation name must not contain more than"
963 " one '@' character\n"));
964 goto fail;
965 }
966
967 if(*s)
968 {
969 const char *i=s+1;
970 int highbit=0;
971
972 /* we only support printable text - therefore we enforce the use
973 of only printable characters (an empty value is valid) */
974 for(s++; *s ; s++ )
975 {
976 if ( !isascii (*s) )
977 highbit=1;
978 else if (iscntrl(*s))
979 {
980 log_error(_("a notation value must not use any"
981 " control characters\n"));
982 goto fail;
983 }
984 }
985
986 if(!highbit || is_utf8)
987 notation->value=xstrdup(i);
988 else
989 notation->value=native_to_utf8(i);
990 }
991
992 return notation;
993
994 fail:
995 free_notation(notation);
996 return NULL;
997 }
998
999 struct notation *
1000 sig_to_notation(PKT_signature *sig)
1001 {
1002 const byte *p;
1003 size_t len;
1004 int seq=0,crit;
1005 struct notation *list=NULL;
1006
1007 while((p=enum_sig_subpkt(sig->hashed,SIGSUBPKT_NOTATION,&len,&seq,&crit)))
1008 {
1009 int n1,n2;
1010 struct notation *n=NULL;
1011
1012 if(len<8)
1013 {
1014 log_info(_("WARNING: invalid notation data found\n"));
1015 continue;
1016 }
1017
1018 n1=(p[4]<<8)|p[5];
1019 n2=(p[6]<<8)|p[7];
1020
1021 if(8+n1+n2!=len)
1022 {
1023 log_info(_("WARNING: invalid notation data found\n"));
1024 continue;
1025 }
1026
1027 n=xmalloc_clear(sizeof(*n));
1028 n->name=xmalloc(n1+1);
1029
1030 memcpy(n->name,&p[8],n1);
1031 n->name[n1]='\0';
1032
1033 if(p[0]&0x80)
1034 {
1035 n->value=xmalloc(n2+1);
1036 memcpy(n->value,&p[8+n1],n2);
1037 n->value[n2]='\0';
1038 }
1039 else
1040 {
1041 n->bdat=xmalloc(n2);
1042 n->blen=n2;
1043 memcpy(n->bdat,&p[8+n1],n2);
1044
1045 n->value=xmalloc(2+strlen(_("not human readable"))+2+1);
1046 strcpy(n->value,"[ ");
1047 strcat(n->value,_("not human readable"));
1048 strcat(n->value," ]");
1049 }
1050
1051 n->flags.critical=crit;
1052
1053 n->next=list;
1054 list=n;
1055 }
1056
1057 return list;
1058 }
1059
1060 void
1061 free_notation(struct notation *notation)
1062 {
1063 while(notation)
1064 {
1065 struct notation *n=notation;
1066
1067 xfree(n->name);
1068 xfree(n->value);
1069 xfree(n->altvalue);
1070 xfree(n->bdat);
1071 notation=n->next;
1072 xfree(n);
1073 }
1074 }
1075
1076 static int
1077 do_signature( IOBUF out, int ctb, PKT_signature *sig )
1078 {
1079 int rc = 0;
1080 int n, i;
1081 IOBUF a = iobuf_temp();
1082
1083 if( !sig->version )
1084 iobuf_put( a, 3 );
1085 else
1086 iobuf_put( a, sig->version );
1087 if( sig->version < 4 )
1088 iobuf_put(a, 5 ); /* constant */
1089 iobuf_put(a, sig->sig_class );
1090 if( sig->version < 4 ) {
1091 write_32(a, sig->timestamp );
1092 write_32(a, sig->keyid[0] );
1093 write_32(a, sig->keyid[1] );
1094 }
1095 iobuf_put(a, sig->pubkey_algo );
1096 iobuf_put(a, sig->digest_algo );
1097 if( sig->version >= 4 ) {
1098 size_t nn;
1099 /* timestamp and keyid must have been packed into the
1100 * subpackets prior to the call of this function, because
1101 * these subpackets are hashed */
1102 nn = sig->hashed? sig->hashed->len : 0;
1103 write_16(a, nn);
1104 if( nn )
1105 iobuf_write( a, sig->hashed->data, nn );
1106 nn = sig->unhashed? sig->unhashed->len : 0;
1107 write_16(a, nn);
1108 if( nn )
1109 iobuf_write( a, sig->unhashed->data, nn );
1110 }
1111 iobuf_put(a, sig->digest_start[0] );
1112 iobuf_put(a, sig->digest_start[1] );
1113 n = pubkey_get_nsig( sig->pubkey_algo );
1114 if( !n )
1115 write_fake_data( a, sig->data[0] );
1116 for(i=0; i < n; i++ )
1117 mpi_write(a, sig->data[i] );
1118
1119 if( is_RSA(sig->pubkey_algo) && sig->version < 4 )
1120 write_sign_packet_header(out, ctb, iobuf_get_temp_length(a) );
1121 else
1122 write_header(out, ctb, iobuf_get_temp_length(a) );
1123 rc = iobuf_write_temp( out, a );
1124
1125 iobuf_close(a);
1126 return rc;
1127 }
1128
1129
1130 static int
1131 do_onepass_sig( IOBUF out, int ctb, PKT_onepass_sig *ops )
1132 {
1133 int rc = 0;
1134 IOBUF a = iobuf_temp();
1135
1136 write_version( a, ctb );
1137 iobuf_put(a, ops->sig_class );
1138 iobuf_put(a, ops->digest_algo );
1139 iobuf_put(a, ops->pubkey_algo );
1140 write_32(a, ops->keyid[0] );
1141 write_32(a, ops->keyid[1] );
1142 iobuf_put(a, ops->last );
1143
1144 write_header(out, ctb, iobuf_get_temp_length(a) );
1145 rc = iobuf_write_temp( out, a );
1146
1147 iobuf_close(a);
1148 return rc;
1149 }
1150
1151
1152 static int
1153 write_16(IOBUF out, u16 a)
1154 {
1155 iobuf_put(out, a>>8);
1156 if( iobuf_put(out,a) )
1157 return -1;
1158 return 0;
1159 }
1160
1161 static int
1162 write_32(IOBUF out, u32 a)
1163 {
1164 iobuf_put(out, a>> 24);
1165 iobuf_put(out, a>> 16);
1166 iobuf_put(out, a>> 8);
1167 return iobuf_put(out, a);
1168 }
1169
1170
1171 /****************
1172 * calculate the length of a header
1173 */
1174 static int
1175 calc_header_length( u32 len, int new_ctb )
1176 {
1177 if( !len )
1178 return 1; /* only the ctb */
1179
1180 if( new_ctb ) {
1181 if( len < 192 )
1182 return 2;
1183 if( len < 8384 )
1184 return 3;
1185 else
1186 return 6;
1187 }
1188 if( len < 256 )
1189 return 2;
1190 if( len < 65536 )
1191 return 3;
1192
1193 return 5;
1194 }
1195
1196 /****************
1197 * Write the CTB and the packet length
1198 */
1199 static int
1200 write_header( IOBUF out, int ctb, u32 len )
1201 {
1202 return write_header2( out, ctb, len, 0 );
1203 }
1204
1205
1206 static int
1207 write_sign_packet_header( IOBUF out, int ctb, u32 len )
1208 {
1209 /* work around a bug in the pgp read function for signature packets,
1210 * which are not correctly coded and silently assume at some
1211 * point 2 byte length headers.*/
1212 iobuf_put(out, 0x89 );
1213 iobuf_put(out, len >> 8 );
1214 return iobuf_put(out, len ) == -1 ? -1:0;
1215 }
1216
1217 /****************
1218 * If HDRLEN is > 0, try to build a header of this length. We need
1219 * this so that we can hash packets without reading them again. If
1220 * len is 0, write a partial or indeterminate length header, unless
1221 * hdrlen is specified in which case write an actual zero length
1222 * (using the specified hdrlen).
1223 */
1224 static int
1225 write_header2( IOBUF out, int ctb, u32 len, int hdrlen )
1226 {
1227 if( ctb & 0x40 )
1228 return write_new_header( out, ctb, len, hdrlen );
1229
1230 if( hdrlen )
1231 {
1232 if( hdrlen == 2 && len < 256 )
1233 ;
1234 else if( hdrlen == 3 && len < 65536 )
1235 ctb |= 1;
1236 else
1237 ctb |= 2;
1238 }
1239 else
1240 {
1241 if( !len )
1242 ctb |= 3;
1243 else if( len < 256 )
1244 ;
1245 else if( len < 65536 )
1246 ctb |= 1;
1247 else
1248 ctb |= 2;
1249 }
1250
1251 if( iobuf_put(out, ctb ) )
1252 return -1;
1253
1254 if( len || hdrlen )
1255 {
1256 if( ctb & 2 )
1257 {
1258 if(iobuf_put(out, len >> 24 ))
1259 return -1;
1260 if(iobuf_put(out, len >> 16 ))
1261 return -1;
1262 }
1263
1264 if( ctb & 3 )
1265 if(iobuf_put(out, len >> 8 ))
1266 return -1;
1267
1268 if( iobuf_put(out, len ) )
1269 return -1;
1270 }
1271
1272 return 0;
1273 }
1274
1275
1276 static int
1277 write_new_header( IOBUF out, int ctb, u32 len, int hdrlen )
1278 {
1279 if( hdrlen )
1280 log_bug("can't cope with hdrlen yet\n");
1281
1282 if( iobuf_put(out, ctb ) )
1283 return -1;
1284 if( !len ) {
1285 iobuf_set_partial_block_mode(out, 512 );
1286 }
1287 else {
1288 if( len < 192 ) {
1289 if( iobuf_put(out, len ) )
1290 return -1;
1291 }
1292 else if( len < 8384 ) {
1293 len -= 192;
1294 if( iobuf_put( out, (len / 256) + 192) )
1295 return -1;
1296 if( iobuf_put( out, (len % 256) ) )
1297 return -1;
1298 }
1299 else {
1300 if( iobuf_put( out, 0xff ) )
1301 return -1;
1302 if( iobuf_put( out, (len >> 24)&0xff ) )
1303 return -1;
1304 if( iobuf_put( out, (len >> 16)&0xff ) )
1305 return -1;
1306 if( iobuf_put( out, (len >> 8)&0xff ) )
1307 return -1;
1308 if( iobuf_put( out, len & 0xff ) )
1309 return -1;
1310 }
1311 }
1312 return 0;
1313 }
1314
1315 static int
1316 write_version( IOBUF out, int ctb )
1317 {
1318 if( iobuf_put( out, 3 ) )
1319 return -1;
1320 return 0;
1321 }
gnupg svn clone