1 /* misc.c - miscellaneous functions
2 * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
3 * 2008, 2009 Free Software Foundation, Inc.
5 * This file is part of GnuPG.
7 * GnuPG is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 3 of the License, or
10 * (at your option) any later version.
12 * GnuPG is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, see <http://www.gnu.org/licenses/>.
27 #if defined(__linux__) && defined(__alpha__) && __GLIBC__ < 2
28 #include <asm/sysinfo.h>
29 #include <asm/unistd.h>
34 #include <sys/resource.h>
36 #ifdef ENABLE_SELINUX_HACKS
40 #ifdef HAVE_W32_SYSTEM
46 #define CSIDL_APPDATA 0x001a
48 #ifndef CSIDL_LOCAL_APPDATA
49 #define CSIDL_LOCAL_APPDATA 0x001c
51 #ifndef CSIDL_FLAG_CREATE
52 #define CSIDL_FLAG_CREATE 0x8000
54 #endif /*HAVE_W32_SYSTEM*/
57 #ifdef HAVE_W32_SYSTEM
59 #endif /*HAVE_W32_SYSTEM*/
64 #include "call-agent.h"
69 string_count_chr (const char *string
, int c
)
73 for (count
=0; *string
; string
++ )
81 #ifdef ENABLE_SELINUX_HACKS
82 /* A object and a global variable to keep track of files marked as
84 struct secured_file_item
86 struct secured_file_item
*next
;
90 static struct secured_file_item
*secured_files
;
91 #endif /*ENABLE_SELINUX_HACKS*/
96 /* For the sake of SELinux we want to restrict access through gpg to
97 certain files we keep under our own control. This function
98 registers such a file and is_secured_file may then be used to
99 check whether a file has ben registered as secured. */
101 register_secured_file (const char *fname
)
103 #ifdef ENABLE_SELINUX_HACKS
105 struct secured_file_item
*sf
;
107 /* Note that we stop immediatley if something goes wrong here. */
108 if (stat (fname
, &buf
))
109 log_fatal (_("fstat of `%s' failed in %s: %s\n"), fname
,
110 "register_secured_file", strerror (errno
));
111 /* log_debug ("registering `%s' i=%lu.%lu\n", fname, */
112 /* (unsigned long)buf.st_dev, (unsigned long)buf.st_ino); */
113 for (sf
=secured_files
; sf
; sf
= sf
->next
)
115 if (sf
->ino
== buf
.st_ino
&& sf
->dev
== buf
.st_dev
)
116 return; /* Already registered. */
119 sf
= xmalloc (sizeof *sf
);
120 sf
->ino
= buf
.st_ino
;
121 sf
->dev
= buf
.st_dev
;
122 sf
->next
= secured_files
;
124 #else /*!ENABLE_SELINUX_HACKS*/
126 #endif /*!ENABLE_SELINUX_HACKS*/
129 /* Remove a file registered as secure. */
131 unregister_secured_file (const char *fname
)
133 #ifdef ENABLE_SELINUX_HACKS
135 struct secured_file_item
*sf
, *sfprev
;
137 if (stat (fname
, &buf
))
139 log_error (_("fstat of `%s' failed in %s: %s\n"), fname
,
140 "unregister_secured_file", strerror (errno
));
143 /* log_debug ("unregistering `%s' i=%lu.%lu\n", fname, */
144 /* (unsigned long)buf.st_dev, (unsigned long)buf.st_ino); */
145 for (sfprev
=NULL
,sf
=secured_files
; sf
; sfprev
=sf
, sf
= sf
->next
)
147 if (sf
->ino
== buf
.st_ino
&& sf
->dev
== buf
.st_dev
)
150 sfprev
->next
= sf
->next
;
152 secured_files
= sf
->next
;
157 #else /*!ENABLE_SELINUX_HACKS*/
159 #endif /*!ENABLE_SELINUX_HACKS*/
162 /* Return true if FD is corresponds to a secured file. Using -1 for
163 FS is allowed and will return false. */
165 is_secured_file (int fd
)
167 #ifdef ENABLE_SELINUX_HACKS
169 struct secured_file_item
*sf
;
172 return 0; /* No file descriptor so it can't be secured either. */
174 /* Note that we print out a error here and claim that a file is
175 secure if something went wrong. */
176 if (fstat (fd
, &buf
))
178 log_error (_("fstat(%d) failed in %s: %s\n"), fd
,
179 "is_secured_file", strerror (errno
));
182 /* log_debug ("is_secured_file (%d) i=%lu.%lu\n", fd, */
183 /* (unsigned long)buf.st_dev, (unsigned long)buf.st_ino); */
184 for (sf
=secured_files
; sf
; sf
= sf
->next
)
186 if (sf
->ino
== buf
.st_ino
&& sf
->dev
== buf
.st_dev
)
189 #else /*!ENABLE_SELINUX_HACKS*/
191 #endif /*!ENABLE_SELINUX_HACKS*/
195 /* Return true if FNAME is corresponds to a secured file. Using NULL,
196 "" or "-" for FS is allowed and will return false. This function is
197 used before creating a file, thus it won't fail if the file does
200 is_secured_filename (const char *fname
)
202 #ifdef ENABLE_SELINUX_HACKS
204 struct secured_file_item
*sf
;
206 if (iobuf_is_pipe_filename (fname
) || !*fname
)
209 /* Note that we print out a error here and claim that a file is
210 secure if something went wrong. */
211 if (stat (fname
, &buf
))
213 if (errno
== ENOENT
|| errno
== EPERM
|| errno
== EACCES
)
215 log_error (_("fstat of `%s' failed in %s: %s\n"), fname
,
216 "is_secured_filename", strerror (errno
));
219 /* log_debug ("is_secured_filename (%s) i=%lu.%lu\n", fname, */
220 /* (unsigned long)buf.st_dev, (unsigned long)buf.st_ino); */
221 for (sf
=secured_files
; sf
; sf
= sf
->next
)
223 if (sf
->ino
== buf
.st_ino
&& sf
->dev
== buf
.st_dev
)
226 #else /*!ENABLE_SELINUX_HACKS*/
228 #endif /*!ENABLE_SELINUX_HACKS*/
235 checksum_u16( unsigned n
)
246 checksum( byte
*p
, unsigned n
)
256 checksum_mpi (gcry_mpi_t a
)
262 if ( gcry_mpi_print (GCRYMPI_FMT_PGP
, NULL
, 0, &nbytes
, a
) )
264 /* Fixme: For numbers not in secure memory we should use a stack
265 * based buffer and only allocate a larger one if mpi_print returns
267 buffer
= (gcry_is_secure(a
)?
268 gcry_xmalloc_secure (nbytes
) : gcry_xmalloc (nbytes
));
269 if ( gcry_mpi_print (GCRYMPI_FMT_PGP
, buffer
, nbytes
, NULL
, a
) )
271 csum
= checksum (buffer
, nbytes
);
277 buffer_to_u32( const byte
*buffer
)
281 a
|= buffer
[1] << 16;
288 print_pubkey_algo_note( int algo
)
290 if(algo
>= 100 && algo
<= 110)
296 log_info (_("WARNING: using experimental public key algorithm %s\n"),
297 gcry_pk_algo_name (algo
));
302 log_info (_("WARNING: Elgamal sign+encrypt keys are deprecated\n"));
307 print_cipher_algo_note( int algo
)
309 if(algo
>= 100 && algo
<= 110)
315 log_info (_("WARNING: using experimental cipher algorithm %s\n"),
316 openpgp_cipher_algo_name (algo
));
322 print_digest_algo_note( int algo
)
324 if(algo
>= 100 && algo
<= 110)
330 log_info (_("WARNING: using experimental digest algorithm %s\n"),
331 gcry_md_algo_name (algo
));
334 else if(algo
==DIGEST_ALGO_MD5
)
335 log_info (_("WARNING: digest algorithm %s is deprecated\n"),
336 gcry_md_algo_name (algo
));
340 /* Map OpenPGP algo numbers to those used by Libgcrypt. We need to do
341 this for algorithms we implemented in Libgcrypt after they become
344 map_cipher_openpgp_to_gcry (int algo
)
348 case CIPHER_ALGO_CAMELLIA128
: return 310;
349 case CIPHER_ALGO_CAMELLIA192
: return 311;
350 case CIPHER_ALGO_CAMELLIA256
: return 312;
351 default: return algo
;
355 /* The inverse fucntion of above. */
357 map_cipher_gcry_to_openpgp (int algo
)
361 case 310: return CIPHER_ALGO_CAMELLIA128
;
362 case 311: return CIPHER_ALGO_CAMELLIA192
;
363 case 312: return CIPHER_ALGO_CAMELLIA256
;
364 default: return algo
;
369 /* Return the block length of an OpenPGP cipher algorithm. */
371 openpgp_cipher_blocklen (int algo
)
373 /* We use the numbers from OpenPGP to be sure that we get the right
374 block length. This is so that the packet parsing code works even
375 for unknown algorithms (for which we assume 8 due to tradition).
377 NOTE: If you change the the returned blocklen above 16, check
378 the callers because they may use a fixed size buffer of that
382 case 7: case 8: case 9: /* AES */
383 case 10: /* Twofish */
384 case 11: case 12: case 13: /* Camellia */
393 * Wrapper around the libgcrypt function with additonal checks on
394 * the OpenPGP contraints for the algo ID.
397 openpgp_cipher_test_algo( int algo
)
399 /* (5 and 6 are marked reserved by rfc4880.) */
400 if ( algo
< 0 || algo
> 110 || algo
== 5 || algo
== 6 )
401 return gpg_error (GPG_ERR_CIPHER_ALGO
);
403 return gcry_cipher_test_algo (map_cipher_openpgp_to_gcry (algo
));
406 /* Map the OpenPGP cipher algorithm whose ID is contained in ALGORITHM to a
407 string representation of the algorithm name. For unknown algorithm
408 IDs this function returns "?". */
410 openpgp_cipher_algo_name (int algo
)
412 return gcry_cipher_algo_name (map_cipher_openpgp_to_gcry (algo
));
416 openpgp_pk_test_algo( int algo
)
418 /* Dont't allow type 20 keys unless in rfc2440 mode. */
419 if (!RFC2440
&& algo
== 20)
420 return gpg_error (GPG_ERR_PUBKEY_ALGO
);
422 if (algo
== GCRY_PK_ELG_E
)
425 if (algo
< 0 || algo
> 110)
426 return gpg_error (GPG_ERR_PUBKEY_ALGO
);
427 return gcry_pk_test_algo (algo
);
431 openpgp_pk_test_algo2( int algo
, unsigned int use
)
433 size_t use_buf
= use
;
435 /* Dont't allow type 20 keys unless in rfc2440 mode. */
436 if (!RFC2440
&& algo
== 20)
437 return gpg_error (GPG_ERR_PUBKEY_ALGO
);
439 if (algo
== GCRY_PK_ELG_E
)
442 if (algo
< 0 || algo
> 110)
443 return gpg_error (GPG_ERR_PUBKEY_ALGO
);
445 return gcry_pk_algo_info (algo
, GCRYCTL_TEST_ALGO
, NULL
, &use_buf
);
449 openpgp_pk_algo_usage ( int algo
)
453 /* They are hardwired in gpg 1.0. */
455 case PUBKEY_ALGO_RSA
:
456 use
= (PUBKEY_USAGE_CERT
| PUBKEY_USAGE_SIG
457 | PUBKEY_USAGE_ENC
| PUBKEY_USAGE_AUTH
);
459 case PUBKEY_ALGO_RSA_E
:
460 use
= PUBKEY_USAGE_ENC
;
462 case PUBKEY_ALGO_RSA_S
:
463 use
= PUBKEY_USAGE_CERT
| PUBKEY_USAGE_SIG
;
465 case PUBKEY_ALGO_ELGAMAL
:
467 use
= PUBKEY_USAGE_ENC
;
469 case PUBKEY_ALGO_ELGAMAL_E
:
470 use
= PUBKEY_USAGE_ENC
;
472 case PUBKEY_ALGO_DSA
:
473 use
= PUBKEY_USAGE_CERT
| PUBKEY_USAGE_SIG
| PUBKEY_USAGE_AUTH
;
482 openpgp_md_test_algo( int algo
)
484 /* Note: If the list of actual supported OpenPGP algorithms changes,
485 make sure that our hard coded values at
486 print_status_begin_signing() gets updated. */
487 /* 4, 5, 6, 7 are defined by rfc2440 but will be removed from the
488 next revision of the standard. */
489 if (algo
< 0 || algo
> 110 || (algo
>= 4 && algo
<= 7))
490 return gpg_error (GPG_ERR_DIGEST_ALGO
);
491 return gcry_md_test_algo (algo
);
495 /* Special warning for the IDEA cipher */
497 idea_cipher_warn(int show
)
503 log_info(_("the IDEA cipher plugin is not present\n"));
504 log_info(_("please see %s for more information\n"),
505 "http://www.gnupg.org/faq/why-not-idea.html");
513 get_signature_count (PKT_secret_key
*sk
)
515 #ifdef ENABLE_CARD_SUPPORT
516 if(sk
&& sk
->is_protected
&& sk
->protect
.s2k
.mode
==1002)
518 struct agent_card_info_s info
;
519 if(agent_scd_getattr("SIG-COUNTER",&info
)==0)
520 return info
.sig_counter
;
524 /* How to do this without a card? */
529 /* Expand %-strings. Returns a string which must be xfreed. Returns
530 NULL if the string cannot be expanded (too large). */
532 pct_expando(const char *string
,struct expando_args
*args
)
534 const char *ch
=string
;
535 int idx
=0,maxlen
=0,done
=0;
536 u32 pk_keyid
[2]={0,0},sk_keyid
[2]={0,0};
540 keyid_from_pk(args
->pk
,pk_keyid
);
543 keyid_from_sk(args
->sk
,sk_keyid
);
545 /* This is used so that %k works in photoid command strings in
546 --list-secret-keys (which of course has a sk, but no pk). */
547 if(!args
->pk
&& args
->sk
)
548 keyid_from_sk(args
->sk
,pk_keyid
);
554 /* 8192 is way bigger than we'll need here */
559 ret
=xrealloc(ret
,maxlen
);
568 case 's': /* short key id */
571 sprintf(&ret
[idx
],"%08lX",(ulong
)sk_keyid
[1]);
577 case 'S': /* long key id */
580 sprintf(&ret
[idx
],"%08lX%08lX",
581 (ulong
)sk_keyid
[0],(ulong
)sk_keyid
[1]);
587 case 'k': /* short key id */
590 sprintf(&ret
[idx
],"%08lX",(ulong
)pk_keyid
[1]);
596 case 'K': /* long key id */
599 sprintf(&ret
[idx
],"%08lX%08lX",
600 (ulong
)pk_keyid
[0],(ulong
)pk_keyid
[1]);
606 case 'c': /* signature count from card, if any. */
609 sprintf(&ret
[idx
],"%lu",get_signature_count(args
->sk
));
610 idx
+=strlen(&ret
[idx
]);
615 case 'p': /* primary pk fingerprint of a sk */
616 case 'f': /* pk fingerprint */
617 case 'g': /* sk fingerprint */
619 byte array
[MAX_FINGERPRINT_LEN
];
623 if((*(ch
+1))=='p' && args
->sk
)
625 if(args
->sk
->is_primary
)
626 fingerprint_from_sk(args
->sk
,array
,&len
);
627 else if(args
->sk
->main_keyid
[0] || args
->sk
->main_keyid
[1])
630 xmalloc_clear(sizeof(PKT_public_key
));
632 if(get_pubkey_fast(pk
,args
->sk
->main_keyid
)==0)
633 fingerprint_from_pk(pk
,array
,&len
);
635 memset(array
,0,(len
=MAX_FINGERPRINT_LEN
));
639 memset(array
,0,(len
=MAX_FINGERPRINT_LEN
));
641 else if((*(ch
+1))=='f' && args
->pk
)
642 fingerprint_from_pk(args
->pk
,array
,&len
);
643 else if((*(ch
+1))=='g' && args
->sk
)
644 fingerprint_from_sk(args
->sk
,array
,&len
);
646 memset(array
,0,(len
=MAX_FINGERPRINT_LEN
));
648 if(idx
+(len
*2)<maxlen
)
652 sprintf(&ret
[idx
],"%02X",array
[i
]);
660 case 'v': /* validity letters */
661 if(args
->validity_info
&& idx
+1<maxlen
)
663 ret
[idx
++]=args
->validity_info
;
669 /* The text string types */
674 const char *str
=NULL
;
678 case 't': /* e.g. "jpg" */
679 str
=image_type_to_string(args
->imagetype
,0);
682 case 'T': /* e.g. "image/jpeg" */
683 str
=image_type_to_string(args
->imagetype
,2);
686 case 'V': /* e.g. "full", "expired", etc. */
687 str
=args
->validity_string
;
691 if(str
&& idx
+strlen(str
)<maxlen
)
693 strcpy(&ret
[idx
],str
);
709 /* Any unknown %-keys (like %i, %o, %I, and %O) are
710 passed through for later expansion. Note this also
711 handles the case where the last character in the
712 string is a '%' - the terminating \0 will end up here
713 and properly terminate the string. */
750 deprecated_warning(const char *configname
,unsigned int configlineno
,
751 const char *option
,const char *repl1
,const char *repl2
)
755 if(strncmp("--",option
,2)==0)
758 if(strncmp("--",repl1
,2)==0)
761 log_info(_("%s:%d: deprecated option \"%s\"\n"),
762 configname
,configlineno
,option
);
765 log_info(_("WARNING: \"%s\" is a deprecated option\n"),option
);
767 log_info(_("please use \"%s%s\" instead\n"),repl1
,repl2
);
772 deprecated_command (const char *name
)
774 log_info(_("WARNING: \"%s\" is a deprecated command - do not use it\n"),
780 obsolete_option (const char *configname
, unsigned int configlineno
,
784 log_info (_("%s:%u: obsolete option \"%s\" - it has no effect\n"),
785 configname
, configlineno
, name
);
787 log_info (_("WARNING: \"%s\" is an obsolete option - it has no effect\n"),
793 * Wrapper around gcry_cipher_map_name to provide a fallback using the
794 * "Sn" syntax as used by the preference strings.
797 string_to_cipher_algo (const char *string
)
801 val
= map_cipher_gcry_to_openpgp (gcry_cipher_map_name (string
));
802 if (!val
&& string
&& (string
[0]=='S' || string
[0]=='s'))
807 val
= strtol (string
, &endptr
, 10);
808 if (!*string
|| *endptr
|| openpgp_cipher_test_algo (val
))
816 * Wrapper around gcry_md_map_name to provide a fallback using the
817 * "Hn" syntax as used by the preference strings.
820 string_to_digest_algo (const char *string
)
824 val
= gcry_md_map_name (string
);
825 if (!val
&& string
&& (string
[0]=='H' || string
[0]=='h'))
830 val
= strtol (string
, &endptr
, 10);
831 if (!*string
|| *endptr
|| openpgp_md_test_algo (val
))
841 compress_algo_to_string(int algo
)
847 case COMPRESS_ALGO_NONE
:
851 case COMPRESS_ALGO_ZIP
:
855 case COMPRESS_ALGO_ZLIB
:
860 case COMPRESS_ALGO_BZIP2
:
870 string_to_compress_algo(const char *string
)
872 /* TRANSLATORS: See doc/TRANSLATE about this string. */
873 if(match_multistr(_("uncompressed|none"),string
))
875 else if(ascii_strcasecmp(string
,"uncompressed")==0)
877 else if(ascii_strcasecmp(string
,"none")==0)
879 else if(ascii_strcasecmp(string
,"zip")==0)
881 else if(ascii_strcasecmp(string
,"zlib")==0)
884 else if(ascii_strcasecmp(string
,"bzip2")==0)
887 else if(ascii_strcasecmp(string
,"z0")==0)
889 else if(ascii_strcasecmp(string
,"z1")==0)
891 else if(ascii_strcasecmp(string
,"z2")==0)
894 else if(ascii_strcasecmp(string
,"z3")==0)
902 check_compress_algo(int algo
)
905 if(algo
>=0 && algo
<=3)
908 if(algo
>=0 && algo
<=2)
912 return G10ERR_COMPR_ALGO
;
916 default_cipher_algo(void)
918 if(opt
.def_cipher_algo
)
919 return opt
.def_cipher_algo
;
920 else if(opt
.personal_cipher_prefs
)
921 return opt
.personal_cipher_prefs
[0].value
;
923 return opt
.s2k_cipher_algo
;
926 /* There is no default_digest_algo function, but see
930 default_compress_algo(void)
932 if(opt
.compress_algo
!=-1)
933 return opt
.compress_algo
;
934 else if(opt
.personal_compress_prefs
)
935 return opt
.personal_compress_prefs
[0].value
;
937 return DEFAULT_COMPRESS_ALGO
;
941 compliance_option_string(void)
945 switch(opt
.compliance
)
947 case CO_GNUPG
: return "--gnupg";
948 case CO_RFC4880
: return "--openpgp";
949 case CO_RFC2440
: return "--rfc2440";
950 case CO_RFC1991
: return "--rfc1991";
951 case CO_PGP2
: return "--pgp2";
952 case CO_PGP6
: return "--pgp6";
953 case CO_PGP7
: return "--pgp7";
954 case CO_PGP8
: return "--pgp8";
961 compliance_failure(void)
965 switch(opt
.compliance
)
976 ver
="OpenPGP (older)";
1000 log_info(_("this message may not be usable by %s\n"),ver
);
1001 opt
.compliance
=CO_GNUPG
;
1004 /* Break a string into successive option pieces. Accepts single word
1005 options and key=value argument options. */
1007 optsep(char **stringp
)
1014 end
=strpbrk(tok
," ,=");
1020 /* what we need to do now is scan along starting with *end,
1021 If the next character we see (ignoring spaces) is an =
1022 sign, then there is an argument. */
1033 /* There is an argument, so grab that too. At this point,
1034 ptr points to the first character of the argument. */
1037 /* Is it a quoted argument? */
1041 end
=strchr(ptr
,'"');
1046 end
=strpbrk(ptr
," ,");
1064 /* Breaks an option value into key and value. Returns NULL if there
1065 is no value. Note that "string" is modified to remove the =value
1068 argsplit(char *string
)
1070 char *equals
,*arg
=NULL
;
1072 equals
=strchr(string
,'=');
1081 quote
=strchr(arg
,'"');
1086 quote
=strchr(arg
,'"');
1094 /* Trim leading spaces off of the arg */
1095 spaces
=strspn(arg
," ");
1099 /* Trim tailing spaces off of the tag */
1100 space
=strchr(string
,' ');
1108 /* Return the length of the initial token, leaving off any
1111 optlen(const char *s
)
1113 char *end
=strpbrk(s
," =");
1122 parse_options(char *str
,unsigned int *options
,
1123 struct parse_options
*opts
,int noisy
)
1127 if (str
&& !strcmp (str
, "help"))
1131 /* Figure out the longest option name so we can line these up
1133 for(i
=0;opts
[i
].name
;i
++)
1134 if(opts
[i
].help
&& maxlen
<strlen(opts
[i
].name
))
1135 maxlen
=strlen(opts
[i
].name
);
1137 for(i
=0;opts
[i
].name
;i
++)
1139 printf("%s%*s%s\n",opts
[i
].name
,
1140 maxlen
+2-(int)strlen(opts
[i
].name
),"",_(opts
[i
].help
));
1145 while((tok
=optsep(&str
)))
1153 if(ascii_strncasecmp("no-",tok
,3)==0)
1159 for(i
=0;opts
[i
].name
;i
++)
1161 size_t toklen
=optlen(tok
);
1163 if(ascii_strncasecmp(opts
[i
].name
,tok
,toklen
)==0)
1165 /* We have a match, but it might be incomplete */
1166 if(toklen
!=strlen(opts
[i
].name
))
1170 for(j
=i
+1;opts
[j
].name
;j
++)
1172 if(ascii_strncasecmp(opts
[j
].name
,tok
,toklen
)==0)
1175 log_info(_("ambiguous option `%s'\n"),otok
);
1183 *options
&=~opts
[i
].bit
;
1185 *opts
[i
].value
=NULL
;
1189 *options
|=opts
[i
].bit
;
1191 *opts
[i
].value
=argsplit(tok
);
1200 log_info(_("unknown option `%s'\n"),otok
);
1209 /* Check whether the string has characters not valid in an RFC-822
1210 address. To cope with OpenPGP we ignore non-ascii characters
1211 so that for example umlauts are legal in an email address. An
1212 OpenPGP user ID must be utf-8 encoded but there is no strict
1213 requirement for RFC-822. Thus to avoid IDNA encoding we put the
1214 address verbatim as utf-8 into the user ID under the assumption
1215 that mail programs handle IDNA at a lower level and take OpenPGP
1216 user IDs as utf-8. Note that we can't do an utf-8 encoding
1217 checking here because in keygen.c this function is called with the
1218 native encoding and native to utf-8 encoding is only done later. */
1220 has_invalid_email_chars (const char *s
)
1223 const char *valid_chars
=
1224 "01234567890_-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
1229 continue; /* We only care about ASCII. */
1232 else if ( !at_seen
&& !( !!strchr( valid_chars
, *s
) || *s
== '+' ) )
1234 else if ( at_seen
&& !strchr( valid_chars
, *s
) )
1241 /* Check whether NAME represents a valid mailbox according to
1242 RFC822. Returns true if so. */
1244 is_valid_mailbox (const char *name
)
1248 || has_invalid_email_chars (name
)
1249 || string_count_chr (name
,'@') != 1
1251 || name
[strlen(name
)-1] == '@'
1252 || name
[strlen(name
)-1] == '.'
1253 || strstr (name
, "..") );
1257 /* Similar to access(2), but uses PATH to find the file. */
1259 path_access(const char *file
,int mode
)
1264 envpath
=getenv("PATH");
1267 #ifdef HAVE_DRIVE_LETTERS
1268 || (((file
[0]>='A' && file
[0]<='Z')
1269 || (file
[0]>='a' && file
[0]<='z'))
1275 return access(file
,mode
);
1278 /* At least as large as, but most often larger than we need. */
1279 char *buffer
=xmalloc(strlen(envpath
)+1+strlen(file
)+1);
1280 char *split
,*item
,*path
=xstrdup(envpath
);
1284 while((item
=strsep(&split
,PATHSEP_S
)))
1286 strcpy(buffer
,item
);
1288 strcat(buffer
,file
);
1289 ret
=access(buffer
,mode
);
1303 /* Temporary helper. */
1305 pubkey_get_npkey( int algo
)
1309 if (algo
== GCRY_PK_ELG_E
)
1311 if (gcry_pk_algo_info( algo
, GCRYCTL_GET_ALGO_NPKEY
, NULL
, &n
))
1316 /* Temporary helper. */
1318 pubkey_get_nskey( int algo
)
1322 if (algo
== GCRY_PK_ELG_E
)
1324 if (gcry_pk_algo_info( algo
, GCRYCTL_GET_ALGO_NSKEY
, NULL
, &n
))
1329 /* Temporary helper. */
1331 pubkey_get_nsig( int algo
)
1335 if (algo
== GCRY_PK_ELG_E
)
1337 if (gcry_pk_algo_info( algo
, GCRYCTL_GET_ALGO_NSIGN
, NULL
, &n
))
1342 /* Temporary helper. */
1344 pubkey_get_nenc( int algo
)
1348 if (algo
== GCRY_PK_ELG_E
)
1350 if (gcry_pk_algo_info( algo
, GCRYCTL_GET_ALGO_NENCR
, NULL
, &n
))
1356 /* Temporary helper. */
1358 pubkey_nbits( int algo
, gcry_mpi_t
*key
)
1363 if( algo
== GCRY_PK_DSA
) {
1364 rc
= gcry_sexp_build ( &sexp
, NULL
,
1365 "(public-key(dsa(p%m)(q%m)(g%m)(y%m)))",
1366 key
[0], key
[1], key
[2], key
[3] );
1368 else if( algo
== GCRY_PK_ELG
|| algo
== GCRY_PK_ELG_E
) {
1369 rc
= gcry_sexp_build ( &sexp
, NULL
,
1370 "(public-key(elg(p%m)(g%m)(y%m)))",
1371 key
[0], key
[1], key
[2] );
1373 else if( algo
== GCRY_PK_RSA
) {
1374 rc
= gcry_sexp_build ( &sexp
, NULL
,
1375 "(public-key(rsa(n%m)(e%m)))",
1384 nbits
= gcry_pk_get_nbits( sexp
);
1385 gcry_sexp_release( sexp
);
1391 /* FIXME: Use gcry_mpi_print directly. */
1393 mpi_print( FILE *fp
, gcry_mpi_t a
, int mode
)
1398 return fprintf(fp
, "[MPI_NULL]");
1401 n1
= gcry_mpi_get_nbits(a
);
1402 n
+= fprintf(fp
, "[%u bits]", n1
);
1405 unsigned char *buffer
;
1407 if (gcry_mpi_aprint (GCRYMPI_FMT_HEX
, &buffer
, NULL
, a
))
1409 fputs( buffer
, fp
);
1410 n
+= strlen(buffer
);
1411 gcry_free( buffer
);