search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
2006-09-06 Marcus Brinkmann <marcus@g10code.de>
[gnupg.git] / g10 / mainproc.c
blobaf3aac70fe239e55e977a9114e8eb086b9704fa5
1 /* mainproc.c - handle packets
2 * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004,
3 * 2005, 2006 Free Software Foundation, Inc.
4 *
5 * This file is part of GnuPG.
6 *
7 * GnuPG is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * GnuPG is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
20 * USA.
21 */
22
23 #include <config.h>
24 #include <stdio.h>
25 #include <stdlib.h>
26 #include <string.h>
27 #include <assert.h>
28 #include <time.h>
29
30 #include "gpg.h"
31 #include "packet.h"
32 #include "iobuf.h"
33 #include "options.h"
34 #include "util.h"
35 #include "cipher.h"
36 #include "keydb.h"
37 #include "filter.h"
38 #include "main.h"
39 #include "status.h"
40 #include "i18n.h"
41 #include "trustdb.h"
42 #include "keyserver-internal.h"
43 #include "photoid.h"
44 #include "pka.h"
45
46
47 struct kidlist_item {
48 struct kidlist_item *next;
49 u32 kid[2];
50 int pubkey_algo;
51 int reason;
52 };
53
54
55 /****************
56 * Structure to hold the context
57 */
58 typedef struct mainproc_context *CTX;
59 struct mainproc_context
60 {
61 struct mainproc_context *anchor; /* May be useful in the future. */
62 PKT_public_key *last_pubkey;
63 PKT_secret_key *last_seckey;
64 PKT_user_id *last_user_id;
65 md_filter_context_t mfx;
66 int sigs_only; /* Process only signatures and reject all other stuff. */
67 int encrypt_only; /* Process only encryption messages. */
68 STRLIST signed_data;
69 const char *sigfilename;
70 DEK *dek;
71 int last_was_session_key;
72 KBNODE list; /* The current list of packets. */
73 int have_data;
74 IOBUF iobuf; /* Used to get the filename etc. */
75 int trustletter; /* Temporary usage in list_node. */
76 ulong symkeys;
77 struct kidlist_item *pkenc_list; /* List of encryption packets. */
78 int any_sig_seen; /* Set to true if a signature packet has been seen. */
79 };
80
81
82 static int do_proc_packets( CTX c, IOBUF a );
83
84 static void list_node( CTX c, KBNODE node );
85 static void proc_tree( CTX c, KBNODE node );
86
87
88 static void
89 release_list( CTX c )
90 {
91 if( !c->list )
92 return;
93 proc_tree(c, c->list );
94 release_kbnode( c->list );
95 while( c->pkenc_list ) {
96 struct kidlist_item *tmp = c->pkenc_list->next;
97 xfree( c->pkenc_list );
98 c->pkenc_list = tmp;
99 }
100 c->pkenc_list = NULL;
101 c->list = NULL;
102 c->have_data = 0;
103 c->last_was_session_key = 0;
104 xfree(c->dek); c->dek = NULL;
105 }
106
107
108 static int
109 add_onepass_sig( CTX c, PACKET *pkt )
110 {
111 KBNODE node;
112
113 if ( c->list ) /* add another packet */
114 add_kbnode( c->list, new_kbnode( pkt ));
115 else /* insert the first one */
116 c->list = node = new_kbnode( pkt );
117
118 return 1;
119 }
120
121
122 static int
123 add_gpg_control( CTX c, PACKET *pkt )
124 {
125 if ( pkt->pkt.gpg_control->control == CTRLPKT_CLEARSIGN_START ) {
126 /* New clear text signature.
127 * Process the last one and reset everything */
128 release_list(c);
129 }
130
131 if( c->list ) /* add another packet */
132 add_kbnode( c->list, new_kbnode( pkt ));
133 else /* insert the first one */
134 c->list = new_kbnode( pkt );
135
136 return 1;
137 }
138
139
140
141 static int
142 add_user_id( CTX c, PACKET *pkt )
143 {
144 if( !c->list ) {
145 log_error("orphaned user ID\n" );
146 return 0;
147 }
148 add_kbnode( c->list, new_kbnode( pkt ) );
149 return 1;
150 }
151
152 static int
153 add_subkey( CTX c, PACKET *pkt )
154 {
155 if( !c->list ) {
156 log_error("subkey w/o mainkey\n" );
157 return 0;
158 }
159 add_kbnode( c->list, new_kbnode( pkt ) );
160 return 1;
161 }
162
163 static int
164 add_ring_trust( CTX c, PACKET *pkt )
165 {
166 if( !c->list ) {
167 log_error("ring trust w/o key\n" );
168 return 0;
169 }
170 add_kbnode( c->list, new_kbnode( pkt ) );
171 return 1;
172 }
173
174
175 static int
176 add_signature( CTX c, PACKET *pkt )
177 {
178 KBNODE node;
179
180 c->any_sig_seen = 1;
181 if( pkt->pkttype == PKT_SIGNATURE && !c->list ) {
182 /* This is the first signature for the following datafile.
183 * GPG does not write such packets; instead it always uses
184 * onepass-sig packets. The drawback of PGP's method
185 * of prepending the signature to the data is
186 * that it is not possible to make a signature from data read
187 * from stdin. (GPG is able to read PGP stuff anyway.) */
188 node = new_kbnode( pkt );
189 c->list = node;
190 return 1;
191 }
192 else if( !c->list )
193 return 0; /* oops (invalid packet sequence)*/
194 else if( !c->list->pkt )
195 BUG(); /* so nicht */
196
197 /* add a new signature node id at the end */
198 node = new_kbnode( pkt );
199 add_kbnode( c->list, node );
200 return 1;
201 }
202
203 static int
204 symkey_decrypt_seskey( DEK *dek, byte *seskey, size_t slen )
205 {
206 gcry_cipher_hd_t hd;
207
208 if(slen < 17 || slen > 33)
209 {
210 log_error ( _("weird size for an encrypted session key (%d)\n"),
211 (int)slen);
212 return G10ERR_BAD_KEY;
213 }
214
215 if (gcry_cipher_open (&hd, dek->algo, GCRY_CIPHER_MODE_CFB, 1))
216 BUG ();
217 if (gcry_cipher_setkey ( hd, dek->key, dek->keylen ))
218 BUG ();
219 gcry_cipher_setiv ( hd, NULL, 0 );
220 gcry_cipher_decrypt ( hd, seskey, slen, NULL, 0 );
221 gcry_cipher_close ( hd );
222
223 /* Now we replace the dek components with the real session key to
224 decrypt the contents of the sequencing packet. */
225
226 dek->keylen=slen-1;
227 dek->algo=seskey[0];
228
229 if(dek->keylen > DIM(dek->key))
230 BUG ();
231
232 /* This is not completely accurate, since a bad passphrase may have
233 resulted in a garbage algorithm byte, but it's close enough since
234 a bogus byte here will fail later. */
235 if(dek->algo==CIPHER_ALGO_IDEA)
236 idea_cipher_warn(0);
237
238 memcpy(dek->key, seskey + 1, dek->keylen);
239
240 /*log_hexdump( "thekey", dek->key, dek->keylen );*/
241
242 return 0;
243 }
244
245 static void
246 proc_symkey_enc( CTX c, PACKET *pkt )
247 {
248 PKT_symkey_enc *enc;
249
250 enc = pkt->pkt.symkey_enc;
251 if (!enc)
252 log_error ("invalid symkey encrypted packet\n");
253 else if(!c->dek)
254 {
255 int algo = enc->cipher_algo;
256 const char *s = gcry_cipher_algo_name (algo);
257
258 if(s)
259 {
260 if(!opt.quiet)
261 {
262 if(enc->seskeylen)
263 log_info(_("%s encrypted session key\n"), s );
264 else
265 log_info(_("%s encrypted data\n"), s );
266 }
267 }
268 else
269 log_error(_("encrypted with unknown algorithm %d\n"), algo );
270
271 if(openpgp_md_test_algo (enc->s2k.hash_algo))
272 {
273 log_error(_("passphrase generated with unknown digest"
274 " algorithm %d\n"),enc->s2k.hash_algo);
275 s=NULL;
276 }
277
278 c->last_was_session_key = 2;
279 if(!s || opt.list_only)
280 goto leave;
281
282 if(opt.override_session_key)
283 {
284 c->dek = xmalloc_clear( sizeof *c->dek );
285 if(get_override_session_key(c->dek, opt.override_session_key))
286 {
287 xfree(c->dek);
288 c->dek = NULL;
289 }
290 }
291 else
292 {
293 int canceled;
294
295 c->dek = passphrase_to_dek (NULL, 0, algo, &enc->s2k, 0,
296 NULL, &canceled);
297 if (canceled)
298 {
299 /* For unknown reasons passphrase_to_dek does only
300 return NULL if a new passphrase has been requested
301 and has not been repeated correctly. Thus even
302 with a cancel requested (by means of the gpg-agent)
303 it won't return NULL but an empty passphrase. We
304 take the most conservative approach for now and
305 work around it right here. */
306 xfree (c->dek);
307 c->dek = NULL;
308 }
309
310 if(c->dek)
311 {
312 c->dek->symmetric=1;
313
314 /* FIXME: This doesn't work perfectly if a symmetric
315 key comes before a public key in the message - if
316 the user doesn't know the passphrase, then there is
317 a chance that the "decrypted" algorithm will happen
318 to be a valid one, which will make the returned dek
319 appear valid, so we won't try any public keys that
320 come later. */
321 if(enc->seskeylen)
322 {
323 if(symkey_decrypt_seskey(c->dek, enc->seskey,
324 enc->seskeylen))
325 {
326 xfree(c->dek);
327 c->dek=NULL;
328 }
329 }
330 else
331 c->dek->algo_info_printed = 1;
332 }
333 }
334 }
335
336 leave:
337 c->symkeys++;
338 free_packet(pkt);
339 }
340
341 static void
342 proc_pubkey_enc( CTX c, PACKET *pkt )
343 {
344 PKT_pubkey_enc *enc;
345 int result = 0;
346
347 /* check whether the secret key is available and store in this case */
348 c->last_was_session_key = 1;
349 enc = pkt->pkt.pubkey_enc;
350 /*printf("enc: encrypted by a pubkey with keyid %08lX\n", enc->keyid[1] );*/
351 /* Hmmm: why do I have this algo check here - anyway there is
352 * function to check it. */
353 if( opt.verbose )
354 log_info(_("public key is %s\n"), keystr(enc->keyid) );
355
356 if( is_status_enabled() ) {
357 char buf[50];
358 sprintf(buf, "%08lX%08lX %d 0",
359 (ulong)enc->keyid[0], (ulong)enc->keyid[1], enc->pubkey_algo );
360 write_status_text( STATUS_ENC_TO, buf );
361 }
362
363 if( !opt.list_only && opt.override_session_key ) {
364 /* It does not make much sense to store the session key in
365 * secure memory because it has already been passed on the
366 * command line and the GCHQ knows about it. */
367 c->dek = xmalloc_clear( sizeof *c->dek );
368 result = get_override_session_key ( c->dek, opt.override_session_key );
369 if ( result ) {
370 xfree(c->dek); c->dek = NULL;
371 }
372 }
373 else if( is_ELGAMAL(enc->pubkey_algo)
374 || enc->pubkey_algo == PUBKEY_ALGO_DSA
375 || is_RSA(enc->pubkey_algo) ) {
376 /* FIXME: strore this all in a list and process it later */
377
378 if ( !c->dek && ((!enc->keyid[0] && !enc->keyid[1])
379 || opt.try_all_secrets
380 || !seckey_available( enc->keyid )) ) {
381 if( opt.list_only )
382 result = -1;
383 else {
384 c->dek = xmalloc_secure_clear( sizeof *c->dek );
385 if( (result = get_session_key( enc, c->dek )) ) {
386 /* error: delete the DEK */
387 xfree(c->dek); c->dek = NULL;
388 }
389 }
390 }
391 else
392 result = G10ERR_NO_SECKEY;
393 }
394 else
395 result = G10ERR_PUBKEY_ALGO;
396
397 if( result == -1 )
398 ;
399 else
400 {
401 /* store it for later display */
402 struct kidlist_item *x = xmalloc( sizeof *x );
403 x->kid[0] = enc->keyid[0];
404 x->kid[1] = enc->keyid[1];
405 x->pubkey_algo = enc->pubkey_algo;
406 x->reason = result;
407 x->next = c->pkenc_list;
408 c->pkenc_list = x;
409
410 if( !result && opt.verbose > 1 )
411 log_info( _("public key encrypted data: good DEK\n") );
412 }
413
414 free_packet(pkt);
415 }
416
417
418
419 /****************
420 * Print the list of public key encrypted packets which we could
421 * not decrypt.
422 */
423 static void
424 print_pkenc_list( struct kidlist_item *list, int failed )
425 {
426 for( ; list; list = list->next ) {
427 PKT_public_key *pk;
428 const char *algstr;
429
430 if ( failed && !list->reason )
431 continue;
432 if ( !failed && list->reason )
433 continue;
434
435 algstr = gcry_pk_algo_name ( list->pubkey_algo );
436 pk = xmalloc_clear( sizeof *pk );
437
438 if( !algstr )
439 algstr = "[?]";
440 pk->pubkey_algo = list->pubkey_algo;
441 if( !get_pubkey( pk, list->kid ) )
442 {
443 char *p;
444 log_info( _("encrypted with %u-bit %s key, ID %s, created %s\n"),
445 nbits_from_pk( pk ), algstr, keystr_from_pk(pk),
446 strtimestamp(pk->timestamp) );
447 p=get_user_id_native(list->kid);
448 log_printf (_(" \"%s\"\n"),p);
449 xfree(p);
450 }
451 else
452 log_info(_("encrypted with %s key, ID %s\n"),
453 algstr,keystr(list->kid));
454
455 free_public_key( pk );
456
457 if( list->reason == G10ERR_NO_SECKEY ) {
458 if( is_status_enabled() ) {
459 char buf[20];
460 sprintf(buf,"%08lX%08lX", (ulong)list->kid[0],
461 (ulong)list->kid[1] );
462 write_status_text( STATUS_NO_SECKEY, buf );
463 }
464 }
465 else if (list->reason)
466 log_info(_("public key decryption failed: %s\n"),
467 g10_errstr(list->reason));
468 }
469 }
470
471
472 static void
473 proc_encrypted( CTX c, PACKET *pkt )
474 {
475 int result = 0;
476
477 if (!opt.quiet)
478 {
479 if(c->symkeys>1)
480 log_info(_("encrypted with %lu passphrases\n"),c->symkeys);
481 else if(c->symkeys==1)
482 log_info(_("encrypted with 1 passphrase\n"));
483 print_pkenc_list ( c->pkenc_list, 1 );
484 print_pkenc_list ( c->pkenc_list, 0 );
485 }
486
487 /* FIXME: Figure out the session key by looking at all pkenc packets. */
488
489
490 write_status( STATUS_BEGIN_DECRYPTION );
491
492 /*log_debug("dat: %sencrypted data\n", c->dek?"":"conventional ");*/
493 if( opt.list_only )
494 result = -1;
495 else if( !c->dek && !c->last_was_session_key ) {
496 int algo;
497 STRING2KEY s2kbuf, *s2k = NULL;
498
499 if(opt.override_session_key)
500 {
501 c->dek = xmalloc_clear( sizeof *c->dek );
502 result=get_override_session_key(c->dek, opt.override_session_key);
503 if(result)
504 {
505 xfree(c->dek);
506 c->dek = NULL;
507 }
508 }
509 else
510 {
511 /* Assume this is old style conventional encrypted data. */
512 algo = opt.def_cipher_algo;
513 if ( algo )
514 log_info (_("assuming %s encrypted data\n"),
515 gcry_cipher_algo_name (algo));
516 else if ( gcry_cipher_test_algo (CIPHER_ALGO_IDEA) )
517 {
518 algo = opt.def_cipher_algo;
519 if (!algo)
520 algo = opt.s2k_cipher_algo;
521 idea_cipher_warn(1);
522 log_info (_("IDEA cipher unavailable, "
523 "optimistically attempting to use %s instead\n"),
524 gcry_cipher_algo_name (algo));
525 }
526 else
527 {
528 algo = CIPHER_ALGO_IDEA;
529 if (!opt.s2k_digest_algo)
530 {
531 /* If no digest is given we assume MD5 */
532 s2kbuf.mode = 0;
533 s2kbuf.hash_algo = DIGEST_ALGO_MD5;
534 s2k = &s2kbuf;
535 }
536 log_info (_("assuming %s encrypted data\n"), "IDEA");
537 }
538
539 c->dek = passphrase_to_dek ( NULL, 0, algo, s2k, 0, NULL, NULL );
540 if (c->dek)
541 c->dek->algo_info_printed = 1;
542 }
543 }
544 else if( !c->dek )
545 result = G10ERR_NO_SECKEY;
546 if( !result )
547 result = decrypt_data( c, pkt->pkt.encrypted, c->dek );
548
549 if( result == -1 )
550 ;
551 else if( !result || (gpg_err_code (result) == GPG_ERR_BAD_SIGNATURE
552 && opt.ignore_mdc_error)) {
553 write_status( STATUS_DECRYPTION_OKAY );
554 if( opt.verbose > 1 )
555 log_info(_("decryption okay\n"));
556 if( pkt->pkt.encrypted->mdc_method && !result )
557 write_status( STATUS_GOODMDC );
558 else if(!opt.no_mdc_warn)
559 log_info (_("WARNING: message was not integrity protected\n"));
560 if(opt.show_session_key)
561 {
562 int i;
563 char *buf = xmalloc ( c->dek->keylen*2 + 20 );
564 sprintf ( buf, "%d:", c->dek->algo );
565 for(i=0; i < c->dek->keylen; i++ )
566 sprintf(buf+strlen(buf), "%02X", c->dek->key[i] );
567 log_info( "session key: `%s'\n", buf );
568 write_status_text ( STATUS_SESSION_KEY, buf );
569 }
570 }
571 else if( result == G10ERR_BAD_SIGN ) {
572 log_error(_("WARNING: encrypted message has been manipulated!\n"));
573 write_status( STATUS_BADMDC );
574 write_status( STATUS_DECRYPTION_FAILED );
575 }
576 else {
577 write_status( STATUS_DECRYPTION_FAILED );
578 log_error(_("decryption failed: %s\n"), g10_errstr(result));
579 /* Hmmm: does this work when we have encrypted using multiple
580 * ways to specify the session key (symmmetric and PK)*/
581 }
582 xfree(c->dek); c->dek = NULL;
583 free_packet(pkt);
584 c->last_was_session_key = 0;
585 write_status( STATUS_END_DECRYPTION );
586 }
587
588
589 static void
590 proc_plaintext( CTX c, PACKET *pkt )
591 {
592 PKT_plaintext *pt = pkt->pkt.plaintext;
593 int any, clearsig, only_md5, rc;
594 KBNODE n;
595
596 if( pt->namelen == 8 && !memcmp( pt->name, "_CONSOLE", 8 ) )
597 log_info(_("NOTE: sender requested \"for-your-eyes-only\"\n"));
598 else if( opt.verbose )
599 log_info(_("original file name='%.*s'\n"), pt->namelen, pt->name);
600 free_md_filter_context( &c->mfx );
601 if (gcry_md_open (&c->mfx.md, 0, 0))
602 BUG ();
603 /* fixme: we may need to push the textfilter if we have sigclass 1
604 * and no armoring - Not yet tested
605 * Hmmm, why don't we need it at all if we have sigclass 1
606 * Should we assume that plaintext in mode 't' has always sigclass 1??
607 * See: Russ Allbery's mail 1999-02-09
608 */
609 any = clearsig = only_md5 = 0;
610 for(n=c->list; n; n = n->next )
611 {
612 if( n->pkt->pkttype == PKT_ONEPASS_SIG )
613 {
614 /* For the onepass signature case */
615 if( n->pkt->pkt.onepass_sig->digest_algo )
616 {
617 gcry_md_enable (c->mfx.md,
618 n->pkt->pkt.onepass_sig->digest_algo);
619 if( !any && n->pkt->pkt.onepass_sig->digest_algo
620 == DIGEST_ALGO_MD5 )
621 only_md5 = 1;
622 else
623 only_md5 = 0;
624 any = 1;
625 }
626 if( n->pkt->pkt.onepass_sig->sig_class != 0x01 )
627 only_md5 = 0;
628 }
629 else if( n->pkt->pkttype == PKT_GPG_CONTROL
630 && n->pkt->pkt.gpg_control->control
631 == CTRLPKT_CLEARSIGN_START )
632 {
633 /* For the clearsigned message case */
634 size_t datalen = n->pkt->pkt.gpg_control->datalen;
635 const byte *data = n->pkt->pkt.gpg_control->data;
636
637 /* check that we have at least the sigclass and one hash */
638 if ( datalen < 2 )
639 log_fatal("invalid control packet CTRLPKT_CLEARSIGN_START\n");
640 /* Note that we don't set the clearsig flag for not-dash-escaped
641 * documents */
642 clearsig = (*data == 0x01);
643 for( data++, datalen--; datalen; datalen--, data++ )
644 gcry_md_enable (c->mfx.md, *data);
645 any = 1;
646 break; /* Stop here as one-pass signature packets are not
647 expected. */
648 }
649 else if(n->pkt->pkttype==PKT_SIGNATURE)
650 {
651 /* For the SIG+LITERAL case that PGP used to use. */
652 gcry_md_enable ( c->mfx.md, n->pkt->pkt.signature->digest_algo );
653 any=1;
654 }
655 }
656
657 if( !any && !opt.skip_verify )
658 {
659 /* This is for the old GPG LITERAL+SIG case. It's not legal
660 according to 2440, so hopefully it won't come up that
661 often. There is no good way to specify what algorithms to
662 use in that case, so these three are the historical
663 answer. */
664 gcry_md_enable( c->mfx.md, DIGEST_ALGO_RMD160 );
665 gcry_md_enable( c->mfx.md, DIGEST_ALGO_SHA1 );
666 gcry_md_enable( c->mfx.md, DIGEST_ALGO_MD5 );
667 }
668 if( opt.pgp2_workarounds && only_md5 && !opt.skip_verify ) {
669 /* This is a kludge to work around a bug in pgp2. It does only
670 * catch those mails which are armored. To catch the non-armored
671 * pgp mails we could see whether there is the signature packet
672 * in front of the plaintext. If someone needs this, send me a patch.
673 */
674 if ( gcry_md_open (&c->mfx.md2, DIGEST_ALGO_MD5, 0) )
675 BUG ();
676 }
677 if ( DBG_HASHING ) {
678 gcry_md_start_debug ( c->mfx.md, "verify" );
679 if ( c->mfx.md2 )
680 gcry_md_start_debug ( c->mfx.md2, "verify2" );
681 }
682
683 rc = handle_plaintext( pt, &c->mfx, c->sigs_only, clearsig );
684 if ( gpg_err_code (rc) == GPG_ERR_EACCES && !c->sigs_only )
685 {
686 /* Can't write output but we hash it anyway to check the
687 signature. */
688 rc = handle_plaintext( pt, &c->mfx, 1, clearsig );
689 }
690
691 if( rc )
692 log_error( "handle plaintext failed: %s\n", g10_errstr(rc));
693 free_packet(pkt);
694 c->last_was_session_key = 0;
695
696 /* We add a marker control packet instead of the plaintext packet.
697 * This is so that we can later detect invalid packet sequences.
698 */
699 n = new_kbnode (create_gpg_control (CTRLPKT_PLAINTEXT_MARK, NULL, 0));
700 if (c->list)
701 add_kbnode (c->list, n);
702 else
703 c->list = n;
704 }
705
706
707 static int
708 proc_compressed_cb( IOBUF a, void *info )
709 {
710 return proc_signature_packets( info, a, ((CTX)info)->signed_data,
711 ((CTX)info)->sigfilename );
712 }
713
714 static int
715 proc_encrypt_cb( IOBUF a, void *info )
716 {
717 return proc_encryption_packets( info, a );
718 }
719
720 static void
721 proc_compressed( CTX c, PACKET *pkt )
722 {
723 PKT_compressed *zd = pkt->pkt.compressed;
724 int rc;
725
726 /*printf("zip: compressed data packet\n");*/
727 if( !zd->algorithm )
728 rc=G10ERR_COMPR_ALGO;
729 else if( c->sigs_only )
730 rc = handle_compressed( c, zd, proc_compressed_cb, c );
731 else if( c->encrypt_only )
732 rc = handle_compressed( c, zd, proc_encrypt_cb, c );
733 else
734 rc = handle_compressed( c, zd, NULL, NULL );
735 if( rc )
736 log_error("uncompressing failed: %s\n", g10_errstr(rc));
737 free_packet(pkt);
738 c->last_was_session_key = 0;
739 }
740
741 /****************
742 * check the signature
743 * Returns: 0 = valid signature or an error code
744 */
745 static int
746 do_check_sig( CTX c, KBNODE node, int *is_selfsig,
747 int *is_expkey, int *is_revkey )
748 {
749 PKT_signature *sig;
750 gcry_md_hd_t md = NULL, md2 = NULL;
751 int algo, rc;
752
753 assert( node->pkt->pkttype == PKT_SIGNATURE );
754 if( is_selfsig )
755 *is_selfsig = 0;
756 sig = node->pkt->pkt.signature;
757
758 algo = sig->digest_algo;
759 rc = openpgp_md_test_algo(algo);
760 if (rc)
761 return rc;
762
763 if( sig->sig_class == 0x00 ) {
764 if( c->mfx.md )
765 {
766 if (gcry_md_copy (&md, c->mfx.md ))
767 BUG ();
768 }
769 else /* detached signature */
770 {
771 /* signature_check() will enable the md*/
772 if (gcry_md_open (&md, 0, 0 ))
773 BUG ();
774 }
775 }
776 else if( sig->sig_class == 0x01 ) {
777 /* how do we know that we have to hash the (already hashed) text
778 * in canonical mode ??? (calculating both modes???) */
779 if( c->mfx.md ) {
780 if (gcry_md_copy (&md, c->mfx.md ))
781 BUG ();
782 if( c->mfx.md2 && gcry_md_copy (&md2, c->mfx.md2 ))
783 BUG ();
784 }
785 else { /* detached signature */
786 log_debug("Do we really need this here?");
787 /* signature_check() will enable the md*/
788 if (gcry_md_open (&md, 0, 0 ))
789 BUG ();
790 if (gcry_md_open (&md2, 0, 0 ))
791 BUG ();
792 }
793 }
794 else if( (sig->sig_class&~3) == 0x10
795 || sig->sig_class == 0x18
796 || sig->sig_class == 0x1f
797 || sig->sig_class == 0x20
798 || sig->sig_class == 0x28
799 || sig->sig_class == 0x30 ) {
800 if( c->list->pkt->pkttype == PKT_PUBLIC_KEY
801 || c->list->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
802 return check_key_signature( c->list, node, is_selfsig );
803 }
804 else if( sig->sig_class == 0x20 ) {
805 log_error (_("standalone revocation - "
806 "use \"gpg --import\" to apply\n"));
807 return G10ERR_NOT_PROCESSED;
808 }
809 else {
810 log_error("invalid root packet for sigclass %02x\n",
811 sig->sig_class);
812 return G10ERR_SIG_CLASS;
813 }
814 }
815 else
816 return G10ERR_SIG_CLASS;
817 rc = signature_check2( sig, md, NULL, is_expkey, is_revkey, NULL );
818 if( gpg_err_code (rc) == GPG_ERR_BAD_SIGNATURE && md2 )
819 rc = signature_check2( sig, md2, NULL, is_expkey, is_revkey, NULL );
820 gcry_md_close(md);
821 gcry_md_close(md2);
822
823 return rc;
824 }
825
826
827 static void
828 print_userid( PACKET *pkt )
829 {
830 if( !pkt )
831 BUG();
832 if( pkt->pkttype != PKT_USER_ID ) {
833 printf("ERROR: unexpected packet type %d", pkt->pkttype );
834 return;
835 }
836 if( opt.with_colons )
837 {
838 if(pkt->pkt.user_id->attrib_data)
839 printf("%u %lu",
840 pkt->pkt.user_id->numattribs,
841 pkt->pkt.user_id->attrib_len);
842 else
843 print_string( stdout, pkt->pkt.user_id->name,
844 pkt->pkt.user_id->len, ':');
845 }
846 else
847 print_utf8_string( stdout, pkt->pkt.user_id->name,
848 pkt->pkt.user_id->len );
849 }
850
851
852 /****************
853 * List the certificate in a user friendly way
854 */
855
856 static void
857 list_node( CTX c, KBNODE node )
858 {
859 int any=0;
860 int mainkey;
861
862 if( !node )
863 ;
864 else if( (mainkey = (node->pkt->pkttype == PKT_PUBLIC_KEY) )
865 || node->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
866 PKT_public_key *pk = node->pkt->pkt.public_key;
867
868 if( opt.with_colons )
869 {
870 u32 keyid[2];
871 keyid_from_pk( pk, keyid );
872 if( mainkey )
873 c->trustletter = opt.fast_list_mode?
874 0 : get_validity_info( pk, NULL );
875 printf("%s:", mainkey? "pub":"sub" );
876 if( c->trustletter )
877 putchar( c->trustletter );
878 printf(":%u:%d:%08lX%08lX:%s:%s::",
879 nbits_from_pk( pk ),
880 pk->pubkey_algo,
881 (ulong)keyid[0],(ulong)keyid[1],
882 colon_datestr_from_pk( pk ),
883 colon_strtime (pk->expiredate) );
884 if( mainkey && !opt.fast_list_mode )
885 putchar( get_ownertrust_info (pk) );
886 putchar(':');
887 if( node->next && node->next->pkt->pkttype == PKT_RING_TRUST) {
888 putchar('\n'); any=1;
889 if( opt.fingerprint )
890 print_fingerprint( pk, NULL, 0 );
891 printf("rtv:1:%u:\n",
892 node->next->pkt->pkt.ring_trust->trustval );
893 }
894 }
895 else
896 printf("%s %4u%c/%s %s%s",
897 mainkey? "pub":"sub", nbits_from_pk( pk ),
898 pubkey_letter( pk->pubkey_algo ), keystr_from_pk( pk ),
899 datestr_from_pk( pk ), mainkey?" ":"");
900
901 if( mainkey ) {
902 /* and now list all userids with their signatures */
903 for( node = node->next; node; node = node->next ) {
904 if( node->pkt->pkttype == PKT_SIGNATURE ) {
905 if( !any ) {
906 if( node->pkt->pkt.signature->sig_class == 0x20 )
907 puts("[revoked]");
908 else
909 putchar('\n');
910 any = 1;
911 }
912 list_node(c, node );
913 }
914 else if( node->pkt->pkttype == PKT_USER_ID ) {
915 if( any ) {
916 if( opt.with_colons )
917 printf("%s:::::::::",
918 node->pkt->pkt.user_id->attrib_data?"uat":"uid");
919 else
920 printf( "uid%*s", 28, "" );
921 }
922 print_userid( node->pkt );
923 if( opt.with_colons )
924 putchar(':');
925 putchar('\n');
926 if( opt.fingerprint && !any )
927 print_fingerprint( pk, NULL, 0 );
928 if( opt.with_colons
929 && node->next
930 && node->next->pkt->pkttype == PKT_RING_TRUST ) {
931 printf("rtv:2:%u:\n",
932 node->next->pkt->pkt.ring_trust?
933 node->next->pkt->pkt.ring_trust->trustval : 0);
934 }
935 any=1;
936 }
937 else if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
938 if( !any ) {
939 putchar('\n');
940 any = 1;
941 }
942 list_node(c, node );
943 }
944 }
945 }
946 else
947 {
948 /* of subkey */
949 if( pk->is_revoked )
950 {
951 printf(" [");
952 printf(_("revoked: %s"),revokestr_from_pk(pk));
953 printf("]");
954 }
955 else if( pk->expiredate )
956 {
957 printf(" [");
958 printf(_("expires: %s"),expirestr_from_pk(pk));
959 printf("]");
960 }
961 }
962
963 if( !any )
964 putchar('\n');
965 if( !mainkey && opt.fingerprint > 1 )
966 print_fingerprint( pk, NULL, 0 );
967 }
968 else if( (mainkey = (node->pkt->pkttype == PKT_SECRET_KEY) )
969 || node->pkt->pkttype == PKT_SECRET_SUBKEY ) {
970 PKT_secret_key *sk = node->pkt->pkt.secret_key;
971
972 if( opt.with_colons )
973 {
974 u32 keyid[2];
975 keyid_from_sk( sk, keyid );
976 printf("%s::%u:%d:%08lX%08lX:%s:%s:::",
977 mainkey? "sec":"ssb",
978 nbits_from_sk( sk ),
979 sk->pubkey_algo,
980 (ulong)keyid[0],(ulong)keyid[1],
981 colon_datestr_from_sk( sk ),
982 colon_strtime (sk->expiredate)
983 /* fixme: add LID */ );
984 }
985 else
986 printf("%s %4u%c/%s %s ", mainkey? "sec":"ssb",
987 nbits_from_sk( sk ), pubkey_letter( sk->pubkey_algo ),
988 keystr_from_sk( sk ), datestr_from_sk( sk ));
989 if( mainkey ) {
990 /* and now list all userids with their signatures */
991 for( node = node->next; node; node = node->next ) {
992 if( node->pkt->pkttype == PKT_SIGNATURE ) {
993 if( !any ) {
994 if( node->pkt->pkt.signature->sig_class == 0x20 )
995 puts("[revoked]");
996 else
997 putchar('\n');
998 any = 1;
999 }
1000 list_node(c, node );
1001 }
1002 else if( node->pkt->pkttype == PKT_USER_ID ) {
1003 if( any ) {
1004 if( opt.with_colons )
1005 printf("%s:::::::::",
1006 node->pkt->pkt.user_id->attrib_data?"uat":"uid");
1007 else
1008 printf( "uid%*s", 28, "" );
1009 }
1010 print_userid( node->pkt );
1011 if( opt.with_colons )
1012 putchar(':');
1013 putchar('\n');
1014 if( opt.fingerprint && !any )
1015 print_fingerprint( NULL, sk, 0 );
1016 any=1;
1017 }
1018 else if( node->pkt->pkttype == PKT_SECRET_SUBKEY ) {
1019 if( !any ) {
1020 putchar('\n');
1021 any = 1;
1022 }
1023 list_node(c, node );
1024 }
1025 }
1026 }
1027 if( !any )
1028 putchar('\n');
1029 if( !mainkey && opt.fingerprint > 1 )
1030 print_fingerprint( NULL, sk, 0 );
1031 }
1032 else if( node->pkt->pkttype == PKT_SIGNATURE ) {
1033 PKT_signature *sig = node->pkt->pkt.signature;
1034 int is_selfsig = 0;
1035 int rc2=0;
1036 size_t n;
1037 char *p;
1038 int sigrc = ' ';
1039
1040 if( !opt.verbose )
1041 return;
1042
1043 if( sig->sig_class == 0x20 || sig->sig_class == 0x30 )
1044 fputs("rev", stdout);
1045 else
1046 fputs("sig", stdout);
1047 if( opt.check_sigs ) {
1048 fflush(stdout);
1049 rc2=do_check_sig( c, node, &is_selfsig, NULL, NULL );
1050 switch (gpg_err_code (rc2)) {
1051 case 0: sigrc = '!'; break;
1052 case GPG_ERR_BAD_SIGNATURE: sigrc = '-'; break;
1053 case GPG_ERR_NO_PUBKEY:
1054 case GPG_ERR_UNUSABLE_PUBKEY: sigrc = '?'; break;
1055 default: sigrc = '%'; break;
1056 }
1057 }
1058 else { /* check whether this is a self signature */
1059 u32 keyid[2];
1060
1061 if( c->list->pkt->pkttype == PKT_PUBLIC_KEY
1062 || c->list->pkt->pkttype == PKT_SECRET_KEY ) {
1063 if( c->list->pkt->pkttype == PKT_PUBLIC_KEY )
1064 keyid_from_pk( c->list->pkt->pkt.public_key, keyid );
1065 else
1066 keyid_from_sk( c->list->pkt->pkt.secret_key, keyid );
1067
1068 if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] )
1069 is_selfsig = 1;
1070 }
1071 }
1072 if( opt.with_colons ) {
1073 putchar(':');
1074 if( sigrc != ' ' )
1075 putchar(sigrc);
1076 printf("::%d:%08lX%08lX:%s:%s:", sig->pubkey_algo,
1077 (ulong)sig->keyid[0], (ulong)sig->keyid[1],
1078 colon_datestr_from_sig(sig),
1079 colon_expirestr_from_sig(sig));
1080
1081 if(sig->trust_depth || sig->trust_value)
1082 printf("%d %d",sig->trust_depth,sig->trust_value);
1083 printf(":");
1084
1085 if(sig->trust_regexp)
1086 print_string(stdout,sig->trust_regexp,
1087 strlen(sig->trust_regexp),':');
1088 printf(":");
1089 }
1090 else
1091 printf("%c %s %s ",
1092 sigrc, keystr(sig->keyid), datestr_from_sig(sig));
1093 if( sigrc == '%' )
1094 printf("[%s] ", g10_errstr(rc2) );
1095 else if( sigrc == '?' )
1096 ;
1097 else if( is_selfsig ) {
1098 if( opt.with_colons )
1099 putchar(':');
1100 fputs( sig->sig_class == 0x18? "[keybind]":"[selfsig]", stdout);
1101 if( opt.with_colons )
1102 putchar(':');
1103 }
1104 else if( !opt.fast_list_mode ) {
1105 p = get_user_id( sig->keyid, &n );
1106 print_string( stdout, p, n, opt.with_colons );
1107 xfree(p);
1108 }
1109 if( opt.with_colons )
1110 printf(":%02x%c:", sig->sig_class, sig->flags.exportable?'x':'l');
1111 putchar('\n');
1112 }
1113 else
1114 log_error("invalid node with packet of type %d\n", node->pkt->pkttype);
1115 }
1116
1117
1118
1119 int
1120 proc_packets( void *anchor, IOBUF a )
1121 {
1122 int rc;
1123 CTX c = xmalloc_clear( sizeof *c );
1124
1125 c->anchor = anchor;
1126 rc = do_proc_packets( c, a );
1127 xfree( c );
1128 return rc;
1129 }
1130
1131
1132
1133 int
1134 proc_signature_packets( void *anchor, IOBUF a,
1135 STRLIST signedfiles, const char *sigfilename )
1136 {
1137 CTX c = xmalloc_clear( sizeof *c );
1138 int rc;
1139
1140 c->anchor = anchor;
1141 c->sigs_only = 1;
1142 c->signed_data = signedfiles;
1143 c->sigfilename = sigfilename;
1144 rc = do_proc_packets( c, a );
1145
1146 /* If we have not encountered any signature we print an error
1147 messages, send a NODATA status back and return an error code.
1148 Using log_error is required because verify_files does not check
1149 error codes for each file but we want to terminate the process
1150 with an error. */
1151 if (!rc && !c->any_sig_seen)
1152 {
1153 write_status_text (STATUS_NODATA, "4");
1154 log_error (_("no signature found\n"));
1155 rc = G10ERR_NO_DATA;
1156 }
1157
1158 /* Propagate the signature seen flag upward. Do this only on
1159 success so that we won't issue the nodata status several
1160 times. */
1161 if (!rc && c->anchor && c->any_sig_seen)
1162 c->anchor->any_sig_seen = 1;
1163
1164 xfree( c );
1165 return rc;
1166 }
1167
1168 int
1169 proc_encryption_packets( void *anchor, IOBUF a )
1170 {
1171 CTX c = xmalloc_clear( sizeof *c );
1172 int rc;
1173
1174 c->anchor = anchor;
1175 c->encrypt_only = 1;
1176 rc = do_proc_packets( c, a );
1177 xfree( c );
1178 return rc;
1179 }
1180
1181
1182 int
1183 do_proc_packets( CTX c, IOBUF a )
1184 {
1185 PACKET *pkt = xmalloc( sizeof *pkt );
1186 int rc=0;
1187 int any_data=0;
1188 int newpkt;
1189
1190 c->iobuf = a;
1191 init_packet(pkt);
1192 while( (rc=parse_packet(a, pkt)) != -1 ) {
1193 any_data = 1;
1194 if( rc ) {
1195 free_packet(pkt);
1196 /* stop processing when an invalid packet has been encountered
1197 * but don't do so when we are doing a --list-packets. */
1198 if (gpg_err_code (rc) == GPG_ERR_INV_PACKET
1199 && opt.list_packets != 2 )
1200 break;
1201 continue;
1202 }
1203 newpkt = -1;
1204 if( opt.list_packets ) {
1205 switch( pkt->pkttype ) {
1206 case PKT_PUBKEY_ENC: proc_pubkey_enc( c, pkt ); break;
1207 case PKT_SYMKEY_ENC: proc_symkey_enc( c, pkt ); break;
1208 case PKT_ENCRYPTED:
1209 case PKT_ENCRYPTED_MDC: proc_encrypted( c, pkt ); break;
1210 case PKT_COMPRESSED: proc_compressed( c, pkt ); break;
1211 default: newpkt = 0; break;
1212 }
1213 }
1214 else if( c->sigs_only ) {
1215 switch( pkt->pkttype ) {
1216 case PKT_PUBLIC_KEY:
1217 case PKT_SECRET_KEY:
1218 case PKT_USER_ID:
1219 case PKT_SYMKEY_ENC:
1220 case PKT_PUBKEY_ENC:
1221 case PKT_ENCRYPTED:
1222 case PKT_ENCRYPTED_MDC:
1223 write_status_text( STATUS_UNEXPECTED, "0" );
1224 rc = G10ERR_UNEXPECTED;
1225 goto leave;
1226 case PKT_SIGNATURE: newpkt = add_signature( c, pkt ); break;
1227 case PKT_PLAINTEXT: proc_plaintext( c, pkt ); break;
1228 case PKT_COMPRESSED: proc_compressed( c, pkt ); break;
1229 case PKT_ONEPASS_SIG: newpkt = add_onepass_sig( c, pkt ); break;
1230 case PKT_GPG_CONTROL: newpkt = add_gpg_control(c, pkt); break;
1231 default: newpkt = 0; break;
1232 }
1233 }
1234 else if( c->encrypt_only ) {
1235 switch( pkt->pkttype ) {
1236 case PKT_PUBLIC_KEY:
1237 case PKT_SECRET_KEY:
1238 case PKT_USER_ID:
1239 write_status_text( STATUS_UNEXPECTED, "0" );
1240 rc = G10ERR_UNEXPECTED;
1241 goto leave;
1242 case PKT_SIGNATURE: newpkt = add_signature( c, pkt ); break;
1243 case PKT_SYMKEY_ENC: proc_symkey_enc( c, pkt ); break;
1244 case PKT_PUBKEY_ENC: proc_pubkey_enc( c, pkt ); break;
1245 case PKT_ENCRYPTED:
1246 case PKT_ENCRYPTED_MDC: proc_encrypted( c, pkt ); break;
1247 case PKT_PLAINTEXT: proc_plaintext( c, pkt ); break;
1248 case PKT_COMPRESSED: proc_compressed( c, pkt ); break;
1249 case PKT_ONEPASS_SIG: newpkt = add_onepass_sig( c, pkt ); break;
1250 case PKT_GPG_CONTROL: newpkt = add_gpg_control(c, pkt); break;
1251 default: newpkt = 0; break;
1252 }
1253 }
1254 else {
1255 switch( pkt->pkttype ) {
1256 case PKT_PUBLIC_KEY:
1257 case PKT_SECRET_KEY:
1258 release_list( c );
1259 c->list = new_kbnode( pkt );
1260 newpkt = 1;
1261 break;
1262 case PKT_PUBLIC_SUBKEY:
1263 case PKT_SECRET_SUBKEY:
1264 newpkt = add_subkey( c, pkt );
1265 break;
1266 case PKT_USER_ID: newpkt = add_user_id( c, pkt ); break;
1267 case PKT_SIGNATURE: newpkt = add_signature( c, pkt ); break;
1268 case PKT_PUBKEY_ENC: proc_pubkey_enc( c, pkt ); break;
1269 case PKT_SYMKEY_ENC: proc_symkey_enc( c, pkt ); break;
1270 case PKT_ENCRYPTED:
1271 case PKT_ENCRYPTED_MDC: proc_encrypted( c, pkt ); break;
1272 case PKT_PLAINTEXT: proc_plaintext( c, pkt ); break;
1273 case PKT_COMPRESSED: proc_compressed( c, pkt ); break;
1274 case PKT_ONEPASS_SIG: newpkt = add_onepass_sig( c, pkt ); break;
1275 case PKT_GPG_CONTROL: newpkt = add_gpg_control(c, pkt); break;
1276 case PKT_RING_TRUST: newpkt = add_ring_trust( c, pkt ); break;
1277 default: newpkt = 0; break;
1278 }
1279 }
1280 /* This is a very ugly construct and frankly, I don't remember why
1281 * I used it. Adding the MDC check here is a hack.
1282 * The right solution is to initiate another context for encrypted
1283 * packet and not to reuse the current one ... It works right
1284 * when there is a compression packet inbetween which adds just
1285 * an extra layer.
1286 * Hmmm: Rewrite this whole module here??
1287 */
1288 if( pkt->pkttype != PKT_SIGNATURE && pkt->pkttype != PKT_MDC )
1289 c->have_data = pkt->pkttype == PKT_PLAINTEXT;
1290
1291 if( newpkt == -1 )
1292 ;
1293 else if( newpkt ) {
1294 pkt = xmalloc( sizeof *pkt );
1295 init_packet(pkt);
1296 }
1297 else
1298 free_packet(pkt);
1299 }
1300 if( rc == G10ERR_INVALID_PACKET )
1301 write_status_text( STATUS_NODATA, "3" );
1302 if( any_data )
1303 rc = 0;
1304 else if( rc == -1 )
1305 write_status_text( STATUS_NODATA, "2" );
1306
1307
1308 leave:
1309 release_list( c );
1310 xfree(c->dek);
1311 free_packet( pkt );
1312 xfree( pkt );
1313 free_md_filter_context( &c->mfx );
1314 return rc;
1315 }
1316
1317
1318 /* Helper for pka_uri_from_sig to parse the to-be-verified address out
1319 of the notation data. */
1320 static pka_info_t *
1321 get_pka_address (PKT_signature *sig)
1322 {
1323 pka_info_t *pka = NULL;
1324 struct notation *nd,*notation;
1325
1326 notation=sig_to_notation(sig);
1327
1328 for(nd=notation;nd;nd=nd->next)
1329 {
1330 if(strcmp(nd->name,"pka-address@gnupg.org")!=0)
1331 continue; /* Not the notation we want. */
1332
1333 /* For now we only use the first valid PKA notation. In future
1334 we might want to keep additional PKA notations in a linked
1335 list. */
1336 if (is_valid_mailbox (nd->value))
1337 {
1338 pka = xmalloc (sizeof *pka + strlen(nd->value));
1339 pka->valid = 0;
1340 pka->checked = 0;
1341 pka->uri = NULL;
1342 strcpy (pka->email, nd->value);
1343 break;
1344 }
1345 }
1346
1347 free_notation(notation);
1348
1349 return pka;
1350 }
1351
1352
1353 /* Return the URI from a DNS PKA record. If this record has already
1354 be retrieved for the signature we merely return it; if not we go
1355 out and try to get that DNS record. */
1356 static const char *
1357 pka_uri_from_sig (PKT_signature *sig)
1358 {
1359 if (!sig->flags.pka_tried)
1360 {
1361 assert (!sig->pka_info);
1362 sig->flags.pka_tried = 1;
1363 sig->pka_info = get_pka_address (sig);
1364 if (sig->pka_info)
1365 {
1366 char *uri;
1367
1368 uri = get_pka_info (sig->pka_info->email, sig->pka_info->fpr);
1369 if (uri)
1370 {
1371 sig->pka_info->valid = 1;
1372 if (!*uri)
1373 xfree (uri);
1374 else
1375 sig->pka_info->uri = uri;
1376 }
1377 }
1378 }
1379 return sig->pka_info? sig->pka_info->uri : NULL;
1380 }
1381
1382
1383 static int
1384 check_sig_and_print( CTX c, KBNODE node )
1385 {
1386 PKT_signature *sig = node->pkt->pkt.signature;
1387 const char *astr;
1388 int rc, is_expkey=0, is_revkey=0;
1389
1390 if (opt.skip_verify)
1391 {
1392 log_info(_("signature verification suppressed\n"));
1393 return 0;
1394 }
1395
1396 /* Check that the message composition is valid.
1397
1398 Per RFC-2440bis (-15) allowed:
1399
1400 S{1,n} -- detached signature.
1401 S{1,n} P -- old style PGP2 signature
1402 O{1,n} P S{1,n} -- standard OpenPGP signature.
1403 C P S{1,n} -- cleartext signature.
1404
1405
1406 O = One-Pass Signature packet.
1407 S = Signature packet.
1408 P = OpenPGP Message packet (Encrypted | Compressed | Literal)
1409 (Note that the current rfc2440bis draft also allows
1410 for a signed message but that does not work as it
1411 introduces ambiguities.)
1412 We keep track of these packages using the marker packet
1413 CTRLPKT_PLAINTEXT_MARK.
1414 C = Marker packet for cleartext signatures.
1415
1416 We reject all other messages.
1417
1418 Actually we are calling this too often, i.e. for verification of
1419 each message but better have some duplicate work than to silently
1420 introduce a bug here.
1421 */
1422 {
1423 KBNODE n;
1424 int n_onepass, n_sig;
1425
1426 /* log_debug ("checking signature packet composition\n"); */
1427 /* dump_kbnode (c->list); */
1428
1429 n = c->list;
1430 assert (n);
1431 if ( n->pkt->pkttype == PKT_SIGNATURE )
1432 {
1433 /* This is either "S{1,n}" case (detached signature) or
1434 "S{1,n} P" (old style PGP2 signature). */
1435 for (n = n->next; n; n = n->next)
1436 if (n->pkt->pkttype != PKT_SIGNATURE)
1437 break;
1438 if (!n)
1439 ; /* Okay, this is a detached signature. */
1440 else if (n->pkt->pkttype == PKT_GPG_CONTROL
1441 && (n->pkt->pkt.gpg_control->control
1442 == CTRLPKT_PLAINTEXT_MARK) )
1443 {
1444 if (n->next)
1445 goto ambiguous; /* We only allow one P packet. */
1446 }
1447 else
1448 goto ambiguous;
1449 }
1450 else if (n->pkt->pkttype == PKT_ONEPASS_SIG)
1451 {
1452 /* This is the "O{1,n} P S{1,n}" case (standard signature). */
1453 for (n_onepass=1, n = n->next;
1454 n && n->pkt->pkttype == PKT_ONEPASS_SIG; n = n->next)
1455 n_onepass++;
1456 if (!n || !(n->pkt->pkttype == PKT_GPG_CONTROL
1457 && (n->pkt->pkt.gpg_control->control
1458 == CTRLPKT_PLAINTEXT_MARK)))
1459 goto ambiguous;
1460 for (n_sig=0, n = n->next;
1461 n && n->pkt->pkttype == PKT_SIGNATURE; n = n->next)
1462 n_sig++;
1463 if (!n_sig)
1464 goto ambiguous;
1465 if (n && !opt.allow_multisig_verification)
1466 goto ambiguous;
1467 if (n_onepass != n_sig)
1468 {
1469 log_info ("number of one-pass packets does not match "
1470 "number of signature packets\n");
1471 goto ambiguous;
1472 }
1473 }
1474 else if (n->pkt->pkttype == PKT_GPG_CONTROL
1475 && n->pkt->pkt.gpg_control->control == CTRLPKT_CLEARSIGN_START )
1476 {
1477 /* This is the "C P S{1,n}" case (clear text signature). */
1478 n = n->next;
1479 if (!n || !(n->pkt->pkttype == PKT_GPG_CONTROL
1480 && (n->pkt->pkt.gpg_control->control
1481 == CTRLPKT_PLAINTEXT_MARK)))
1482 goto ambiguous;
1483 for (n_sig=0, n = n->next;
1484 n && n->pkt->pkttype == PKT_SIGNATURE; n = n->next)
1485 n_sig++;
1486 if (n || !n_sig)
1487 goto ambiguous;
1488 }
1489 else
1490 {
1491 ambiguous:
1492 log_error(_("can't handle this ambiguous signature data\n"));
1493 return 0;
1494 }
1495
1496 }
1497
1498 /* (Indendation below not yet changed to GNU style.) */
1499
1500 astr = gcry_pk_algo_name ( sig->pubkey_algo );
1501 if(keystrlen()>8)
1502 {
1503 log_info(_("Signature made %s\n"),asctimestamp(sig->timestamp));
1504 log_info(_(" using %s key %s\n"),
1505 astr? astr: "?",keystr(sig->keyid));
1506 }
1507 else
1508 log_info(_("Signature made %s using %s key ID %s\n"),
1509 asctimestamp(sig->timestamp), astr? astr: "?",
1510 keystr(sig->keyid));
1511
1512 rc = do_check_sig(c, node, NULL, &is_expkey, &is_revkey );
1513
1514 /* If the key isn't found, check for a preferred keyserver */
1515
1516 if(rc==G10ERR_NO_PUBKEY && sig->flags.pref_ks)
1517 {
1518 const byte *p;
1519 int seq=0;
1520 size_t n;
1521
1522 while((p=enum_sig_subpkt(sig->hashed,SIGSUBPKT_PREF_KS,&n,&seq,NULL)))
1523 {
1524 /* According to my favorite copy editor, in English
1525 grammar, you say "at" if the key is located on a web
1526 page, but "from" if it is located on a keyserver. I'm
1527 not going to even try to make two strings here :) */
1528 log_info(_("Key available at: ") );
1529 print_utf8_string( log_get_stream(), p, n );
1530 log_printf ("\n");
1531
1532 if(opt.keyserver_options.options&KEYSERVER_AUTO_KEY_RETRIEVE
1533 && opt.keyserver_options.options&KEYSERVER_HONOR_KEYSERVER_URL)
1534 {
1535 struct keyserver_spec *spec;
1536
1537 spec=parse_preferred_keyserver(sig);
1538 if(spec)
1539 {
1540 int res;
1541
1542 glo_ctrl.in_auto_key_retrieve++;
1543 res=keyserver_import_keyid(sig->keyid,spec);
1544 glo_ctrl.in_auto_key_retrieve--;
1545 if(!res)
1546 rc=do_check_sig(c, node, NULL, &is_expkey, &is_revkey );
1547 free_keyserver_spec(spec);
1548
1549 if(!rc)
1550 break;
1551 }
1552 }
1553 }
1554 }
1555
1556 /* If the preferred keyserver thing above didn't work, our second
1557 try is to use the URI from a DNS PKA record. */
1558 if ( rc == G10ERR_NO_PUBKEY
1559 && opt.keyserver_options.options&KEYSERVER_AUTO_KEY_RETRIEVE
1560 && opt.keyserver_options.options&KEYSERVER_HONOR_PKA_RECORD)
1561 {
1562 const char *uri = pka_uri_from_sig (sig);
1563
1564 if (uri)
1565 {
1566 /* FIXME: We might want to locate the key using the
1567 fingerprint instead of the keyid. */
1568 int res;
1569 struct keyserver_spec *spec;
1570
1571 spec = parse_keyserver_uri (uri, 1, NULL, 0);
1572 if (spec)
1573 {
1574 glo_ctrl.in_auto_key_retrieve++;
1575 res = keyserver_import_keyid (sig->keyid, spec);
1576 glo_ctrl.in_auto_key_retrieve--;
1577 free_keyserver_spec (spec);
1578 if (!res)
1579 rc = do_check_sig(c, node, NULL, &is_expkey, &is_revkey );
1580 }
1581 }
1582 }
1583
1584 /* If the preferred keyserver thing above didn't work and we got
1585 no information from the DNS PKA, this is a third try. */
1586
1587 if( rc == G10ERR_NO_PUBKEY && opt.keyserver
1588 && opt.keyserver_options.options&KEYSERVER_AUTO_KEY_RETRIEVE)
1589 {
1590 int res;
1591
1592 glo_ctrl.in_auto_key_retrieve++;
1593 res=keyserver_import_keyid ( sig->keyid, opt.keyserver );
1594 glo_ctrl.in_auto_key_retrieve--;
1595 if(!res)
1596 rc = do_check_sig(c, node, NULL, &is_expkey, &is_revkey );
1597 }
1598
1599 if( !rc || gpg_err_code (rc) == GPG_ERR_BAD_SIGNATURE ) {
1600 KBNODE un, keyblock;
1601 int count=0, statno;
1602 char keyid_str[50];
1603 PKT_public_key *pk=NULL;
1604
1605 if(rc)
1606 statno=STATUS_BADSIG;
1607 else if(sig->flags.expired)
1608 statno=STATUS_EXPSIG;
1609 else if(is_expkey)
1610 statno=STATUS_EXPKEYSIG;
1611 else if(is_revkey)
1612 statno=STATUS_REVKEYSIG;
1613 else
1614 statno=STATUS_GOODSIG;
1615
1616 keyblock = get_pubkeyblock( sig->keyid );
1617
1618 sprintf (keyid_str, "%08lX%08lX [uncertain] ",
1619 (ulong)sig->keyid[0], (ulong)sig->keyid[1]);
1620
1621 /* find and print the primary user ID */
1622 for( un=keyblock; un; un = un->next ) {
1623 char *p;
1624 int valid;
1625 if(un->pkt->pkttype==PKT_PUBLIC_KEY)
1626 {
1627 pk=un->pkt->pkt.public_key;
1628 continue;
1629 }
1630 if( un->pkt->pkttype != PKT_USER_ID )
1631 continue;
1632 if ( !un->pkt->pkt.user_id->created )
1633 continue;
1634 if ( un->pkt->pkt.user_id->is_revoked )
1635 continue;
1636 if ( un->pkt->pkt.user_id->is_expired )
1637 continue;
1638 if ( !un->pkt->pkt.user_id->is_primary )
1639 continue;
1640 /* We want the textual primary user ID here */
1641 if ( un->pkt->pkt.user_id->attrib_data )
1642 continue;
1643
1644 assert(pk);
1645
1646 /* Get it before we print anything to avoid interrupting
1647 the output with the "please do a --check-trustdb"
1648 line. */
1649 valid=get_validity(pk,un->pkt->pkt.user_id);
1650
1651 keyid_str[17] = 0; /* cut off the "[uncertain]" part */
1652 write_status_text_and_buffer (statno, keyid_str,
1653 un->pkt->pkt.user_id->name,
1654 un->pkt->pkt.user_id->len,
1655 -1 );
1656
1657 p=utf8_to_native(un->pkt->pkt.user_id->name,
1658 un->pkt->pkt.user_id->len,0);
1659
1660 if(rc)
1661 log_info(_("BAD signature from \"%s\""),p);
1662 else if(sig->flags.expired)
1663 log_info(_("Expired signature from \"%s\""),p);
1664 else
1665 log_info(_("Good signature from \"%s\""),p);
1666
1667 xfree(p);
1668
1669 if(opt.verify_options&VERIFY_SHOW_UID_VALIDITY)
1670 log_printf (" [%s]\n",trust_value_to_string(valid));
1671 else
1672 log_printf ("\n");
1673 count++;
1674 }
1675 if( !count ) { /* just in case that we have no valid textual
1676 userid */
1677 char *p;
1678
1679 /* Try for an invalid textual userid */
1680 for( un=keyblock; un; un = un->next ) {
1681 if( un->pkt->pkttype == PKT_USER_ID &&
1682 !un->pkt->pkt.user_id->attrib_data )
1683 break;
1684 }
1685
1686 /* Try for any userid at all */
1687 if(!un) {
1688 for( un=keyblock; un; un = un->next ) {
1689 if( un->pkt->pkttype == PKT_USER_ID )
1690 break;
1691 }
1692 }
1693
1694 if (opt.trust_model==TM_ALWAYS || !un)
1695 keyid_str[17] = 0; /* cut off the "[uncertain]" part */
1696
1697 write_status_text_and_buffer (statno, keyid_str,
1698 un? un->pkt->pkt.user_id->name:"[?]",
1699 un? un->pkt->pkt.user_id->len:3,
1700 -1 );
1701
1702 if(un)
1703 p=utf8_to_native(un->pkt->pkt.user_id->name,
1704 un->pkt->pkt.user_id->len,0);
1705 else
1706 p=xstrdup("[?]");
1707
1708 if(rc)
1709 log_info(_("BAD signature from \"%s\""),p);
1710 else if(sig->flags.expired)
1711 log_info(_("Expired signature from \"%s\""),p);
1712 else
1713 log_info(_("Good signature from \"%s\""),p);
1714 if (opt.trust_model!=TM_ALWAYS && un)
1715 log_printf (" %s",_("[uncertain]") );
1716 log_printf ("\n");
1717 }
1718
1719 /* If we have a good signature and already printed
1720 * the primary user ID, print all the other user IDs */
1721 if ( count && !rc ) {
1722 char *p;
1723 for( un=keyblock; un; un = un->next ) {
1724 if( un->pkt->pkttype != PKT_USER_ID )
1725 continue;
1726 if((un->pkt->pkt.user_id->is_revoked
1727 || un->pkt->pkt.user_id->is_expired)
1728 && !(opt.verify_options&VERIFY_SHOW_UNUSABLE_UIDS))
1729 continue;
1730 /* Only skip textual primaries */
1731 if ( un->pkt->pkt.user_id->is_primary &&
1732 !un->pkt->pkt.user_id->attrib_data )
1733 continue;
1734
1735 if(un->pkt->pkt.user_id->attrib_data)
1736 {
1737 dump_attribs(un->pkt->pkt.user_id,pk,NULL);
1738
1739 if(opt.verify_options&VERIFY_SHOW_PHOTOS)
1740 show_photos(un->pkt->pkt.user_id->attribs,
1741 un->pkt->pkt.user_id->numattribs,pk,NULL);
1742 }
1743
1744 p=utf8_to_native(un->pkt->pkt.user_id->name,
1745 un->pkt->pkt.user_id->len,0);
1746 log_info(_(" aka \"%s\""),p);
1747 xfree(p);
1748
1749 if(opt.verify_options&VERIFY_SHOW_UID_VALIDITY)
1750 {
1751 const char *valid;
1752 if(un->pkt->pkt.user_id->is_revoked)
1753 valid=_("revoked");
1754 else if(un->pkt->pkt.user_id->is_expired)
1755 valid=_("expired");
1756 else
1757 valid=trust_value_to_string(get_validity(pk,
1758 un->pkt->
1759 pkt.user_id));
1760 log_printf (" [%s]\n",valid);
1761 }
1762 else
1763 log_printf ("\n");
1764 }
1765 }
1766 release_kbnode( keyblock );
1767
1768 if( !rc )
1769 {
1770 if(opt.verify_options&VERIFY_SHOW_POLICY_URLS)
1771 show_policy_url(sig,0,1);
1772 else
1773 show_policy_url(sig,0,2);
1774
1775 if(opt.verify_options&VERIFY_SHOW_KEYSERVER_URLS)
1776 show_keyserver_url(sig,0,1);
1777 else
1778 show_keyserver_url(sig,0,2);
1779
1780 if(opt.verify_options&VERIFY_SHOW_NOTATIONS)
1781 show_notation(sig,0,1,
1782 ((opt.verify_options&VERIFY_SHOW_STD_NOTATIONS)?1:0)+
1783 ((opt.verify_options&VERIFY_SHOW_USER_NOTATIONS)?2:0));
1784 else
1785 show_notation(sig,0,2,0);
1786 }
1787
1788 if( !rc && is_status_enabled() ) {
1789 /* print a status response with the fingerprint */
1790 PKT_public_key *vpk = xmalloc_clear( sizeof *vpk );
1791
1792 if( !get_pubkey( vpk, sig->keyid ) ) {
1793 byte array[MAX_FINGERPRINT_LEN], *p;
1794 char buf[MAX_FINGERPRINT_LEN*4+90], *bufp;
1795 size_t i, n;
1796
1797 bufp = buf;
1798 fingerprint_from_pk( vpk, array, &n );
1799 p = array;
1800 for(i=0; i < n ; i++, p++, bufp += 2)
1801 sprintf(bufp, "%02X", *p );
1802 /* TODO: Replace the reserved '0' in the field below
1803 with bits for status flags (policy url, notation,
1804 etc.). Remember to make the buffer larger to
1805 match! */
1806 sprintf(bufp, " %s %lu %lu %d 0 %d %d %02X ",
1807 strtimestamp( sig->timestamp ),
1808 (ulong)sig->timestamp,(ulong)sig->expiredate,
1809 sig->version,sig->pubkey_algo,sig->digest_algo,
1810 sig->sig_class);
1811 bufp = bufp + strlen (bufp);
1812 if (!vpk->is_primary) {
1813 u32 akid[2];
1814
1815 akid[0] = vpk->main_keyid[0];
1816 akid[1] = vpk->main_keyid[1];
1817 free_public_key (vpk);
1818 vpk = xmalloc_clear( sizeof *vpk );
1819 if (get_pubkey (vpk, akid)) {
1820 /* impossible error, we simply return a zeroed out fpr */
1821 n = MAX_FINGERPRINT_LEN < 20? MAX_FINGERPRINT_LEN : 20;
1822 memset (array, 0, n);
1823 }
1824 else
1825 fingerprint_from_pk( vpk, array, &n );
1826 }
1827 p = array;
1828 for(i=0; i < n ; i++, p++, bufp += 2)
1829 sprintf(bufp, "%02X", *p );
1830 write_status_text( STATUS_VALIDSIG, buf );
1831 }
1832 free_public_key( vpk );
1833 }
1834
1835 if (!rc)
1836 {
1837 if(opt.verify_options&VERIFY_PKA_LOOKUPS)
1838 pka_uri_from_sig (sig); /* Make sure PKA info is available. */
1839 rc = check_signatures_trust( sig );
1840 }
1841
1842 if(sig->flags.expired)
1843 {
1844 log_info(_("Signature expired %s\n"),
1845 asctimestamp(sig->expiredate));
1846 rc=G10ERR_GENERAL; /* need a better error here? */
1847 }
1848 else if(sig->expiredate)
1849 log_info(_("Signature expires %s\n"),asctimestamp(sig->expiredate));
1850
1851 if(opt.verbose)
1852 log_info(_("%s signature, digest algorithm %s\n"),
1853 sig->sig_class==0x00?_("binary"):
1854 sig->sig_class==0x01?_("textmode"):_("unknown"),
1855 gcry_md_algo_name (sig->digest_algo));
1856
1857 if( rc )
1858 g10_errors_seen = 1;
1859 if( opt.batch && rc )
1860 g10_exit(1);
1861 }
1862 else {
1863 char buf[50];
1864 sprintf(buf, "%08lX%08lX %d %d %02x %lu %d",
1865 (ulong)sig->keyid[0], (ulong)sig->keyid[1],
1866 sig->pubkey_algo, sig->digest_algo,
1867 sig->sig_class, (ulong)sig->timestamp, rc );
1868 write_status_text( STATUS_ERRSIG, buf );
1869 if( rc == G10ERR_NO_PUBKEY ) {
1870 buf[16] = 0;
1871 write_status_text( STATUS_NO_PUBKEY, buf );
1872 }
1873 if( rc != G10ERR_NOT_PROCESSED )
1874 log_error(_("Can't check signature: %s\n"), g10_errstr(rc) );
1875 }
1876 return rc;
1877 }
1878
1879
1880 /****************
1881 * Process the tree which starts at node
1882 */
1883 static void
1884 proc_tree( CTX c, KBNODE node )
1885 {
1886 KBNODE n1;
1887 int rc;
1888
1889 if( opt.list_packets || opt.list_only )
1890 return;
1891
1892 /* we must skip our special plaintext marker packets here becuase
1893 they may be the root packet. These packets are only used in
1894 addionla checks and skipping them here doesn't matter */
1895 while ( node
1896 && node->pkt->pkttype == PKT_GPG_CONTROL
1897 && node->pkt->pkt.gpg_control->control
1898 == CTRLPKT_PLAINTEXT_MARK ) {
1899 node = node->next;
1900 }
1901 if (!node)
1902 return;
1903
1904 c->trustletter = ' ';
1905 if( node->pkt->pkttype == PKT_PUBLIC_KEY
1906 || node->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
1907 merge_keys_and_selfsig( node );
1908 list_node( c, node );
1909 }
1910 else if( node->pkt->pkttype == PKT_SECRET_KEY ) {
1911 merge_keys_and_selfsig( node );
1912 list_node( c, node );
1913 }
1914 else if( node->pkt->pkttype == PKT_ONEPASS_SIG ) {
1915 /* check all signatures */
1916 if( !c->have_data ) {
1917 free_md_filter_context( &c->mfx );
1918 /* prepare to create all requested message digests */
1919 if (gcry_md_open (&c->mfx.md, 0, 0))
1920 BUG ();
1921
1922 /* fixme: why looking for the signature packet and not the
1923 one-pass packet? */
1924 for ( n1 = node; (n1 = find_next_kbnode(n1, PKT_SIGNATURE )); )
1925 {
1926 gcry_md_enable (c->mfx.md,
1927 n1->pkt->pkt.signature->digest_algo);
1928 }
1929 /* ask for file and hash it */
1930 if( c->sigs_only ) {
1931 rc = hash_datafiles( c->mfx.md, NULL,
1932 c->signed_data, c->sigfilename,
1933 n1? (n1->pkt->pkt.onepass_sig->sig_class == 0x01):0 );
1934 }
1935 else {
1936 rc = ask_for_detached_datafile( c->mfx.md, c->mfx.md2,
1937 iobuf_get_real_fname(c->iobuf),
1938 n1? (n1->pkt->pkt.onepass_sig->sig_class == 0x01):0 );
1939 }
1940 if( rc ) {
1941 log_error("can't hash datafile: %s\n", g10_errstr(rc));
1942 return;
1943 }
1944 }
1945 else if ( c->signed_data ) {
1946 log_error (_("not a detached signature\n") );
1947 return;
1948 }
1949
1950 for( n1 = node; (n1 = find_next_kbnode(n1, PKT_SIGNATURE )); )
1951 check_sig_and_print( c, n1 );
1952 }
1953 else if( node->pkt->pkttype == PKT_GPG_CONTROL
1954 && node->pkt->pkt.gpg_control->control
1955 == CTRLPKT_CLEARSIGN_START ) {
1956 /* clear text signed message */
1957 if( !c->have_data ) {
1958 log_error("cleartext signature without data\n" );
1959 return;
1960 }
1961 else if ( c->signed_data ) {
1962 log_error (_("not a detached signature\n") );
1963 return;
1964 }
1965
1966 for( n1 = node; (n1 = find_next_kbnode(n1, PKT_SIGNATURE )); )
1967 check_sig_and_print( c, n1 );
1968 }
1969 else if( node->pkt->pkttype == PKT_SIGNATURE ) {
1970 PKT_signature *sig = node->pkt->pkt.signature;
1971 int multiple_ok=1;
1972
1973 n1=find_next_kbnode(node, PKT_SIGNATURE);
1974 if(n1)
1975 {
1976 byte class=sig->sig_class;
1977 byte hash=sig->digest_algo;
1978
1979 for(; n1; (n1 = find_next_kbnode(n1, PKT_SIGNATURE)))
1980 {
1981 /* We can't currently handle multiple signatures of
1982 different classes or digests (we'd pretty much have
1983 to run a different hash context for each), but if
1984 they are all the same, make an exception. */
1985 if(n1->pkt->pkt.signature->sig_class!=class
1986 || n1->pkt->pkt.signature->digest_algo!=hash)
1987 {
1988 multiple_ok=0;
1989 log_info(_("WARNING: multiple signatures detected. "
1990 "Only the first will be checked.\n"));
1991 break;
1992 }
1993 }
1994 }
1995
1996 if( sig->sig_class != 0x00 && sig->sig_class != 0x01 )
1997 log_info(_("standalone signature of class 0x%02x\n"),
1998 sig->sig_class);
1999 else if( !c->have_data ) {
2000 /* detached signature */
2001 free_md_filter_context( &c->mfx );
2002 if (gcry_md_open (&c->mfx.md, sig->digest_algo, 0))
2003 BUG ();
2004
2005 if( !opt.pgp2_workarounds )
2006 ;
2007 else if( sig->digest_algo == DIGEST_ALGO_MD5
2008 && is_RSA( sig->pubkey_algo ) ) {
2009 /* enable a workaround for a pgp2 bug */
2010 if (gcry_md_open (&c->mfx.md2, DIGEST_ALGO_MD5, 0))
2011 BUG ();
2012 }
2013 else if( sig->digest_algo == DIGEST_ALGO_SHA1
2014 && sig->pubkey_algo == PUBKEY_ALGO_DSA
2015 && sig->sig_class == 0x01 ) {
2016 /* enable the workaround also for pgp5 when the detached
2017 * signature has been created in textmode */
2018 if (gcry_md_open (&c->mfx.md2, sig->digest_algo, 0 ))
2019 BUG ();
2020 }
2021 #if 0 /* workaround disabled */
2022 /* Here we have another hack to work around a pgp 2 bug
2023 * It works by not using the textmode for detached signatures;
2024 * this will let the first signature check (on md) fail
2025 * but the second one (on md2) which adds an extra CR should
2026 * then produce the "correct" hash. This is very, very ugly
2027 * hack but it may help in some cases (and break others)
2028 */
2029 /* c->mfx.md2? 0 :(sig->sig_class == 0x01) */
2030 #endif
2031 if ( DBG_HASHING ) {
2032 gcry_md_start_debug( c->mfx.md, "verify" );
2033 if ( c->mfx.md2 )
2034 gcry_md_start_debug( c->mfx.md2, "verify2" );
2035 }
2036 if( c->sigs_only ) {
2037 rc = hash_datafiles( c->mfx.md, c->mfx.md2,
2038 c->signed_data, c->sigfilename,
2039 (sig->sig_class == 0x01) );
2040 }
2041 else {
2042 rc = ask_for_detached_datafile( c->mfx.md, c->mfx.md2,
2043 iobuf_get_real_fname(c->iobuf),
2044 (sig->sig_class == 0x01) );
2045 }
2046 if( rc ) {
2047 log_error("can't hash datafile: %s\n", g10_errstr(rc));
2048 return;
2049 }
2050 }
2051 else if ( c->signed_data ) {
2052 log_error (_("not a detached signature\n") );
2053 return;
2054 }
2055 else if (!opt.quiet)
2056 log_info(_("old style (PGP 2.x) signature\n"));
2057
2058 if(multiple_ok)
2059 for( n1 = node; n1; (n1 = find_next_kbnode(n1, PKT_SIGNATURE )) )
2060 check_sig_and_print( c, n1 );
2061 else
2062 check_sig_and_print( c, node );
2063 }
2064 else {
2065 dump_kbnode (c->list);
2066 log_error(_("invalid root packet detected in proc_tree()\n"));
2067 dump_kbnode (node);
2068 }
2069 }
gnupg svn clone