1 /* build-packet.c - assemble packets and write them
2 * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
3 * 2006 Free Software Foundation, Inc.
5 * This file is part of GnuPG.
7 * GnuPG is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 3 of the License, or
10 * (at your option) any later version.
12 * GnuPG is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, see <http://www.gnu.org/licenses/>.
37 static int do_user_id( IOBUF out
, int ctb
, PKT_user_id
*uid
);
38 static int do_public_key( IOBUF out
, int ctb
, PKT_public_key
*pk
);
39 static int do_secret_key( IOBUF out
, int ctb
, PKT_secret_key
*pk
);
40 static int do_symkey_enc( IOBUF out
, int ctb
, PKT_symkey_enc
*enc
);
41 static int do_pubkey_enc( IOBUF out
, int ctb
, PKT_pubkey_enc
*enc
);
42 static u32
calc_plaintext( PKT_plaintext
*pt
);
43 static int do_plaintext( IOBUF out
, int ctb
, PKT_plaintext
*pt
);
44 static int do_encrypted( IOBUF out
, int ctb
, PKT_encrypted
*ed
);
45 static int do_encrypted_mdc( IOBUF out
, int ctb
, PKT_encrypted
*ed
);
46 static int do_compressed( IOBUF out
, int ctb
, PKT_compressed
*cd
);
47 static int do_signature( IOBUF out
, int ctb
, PKT_signature
*sig
);
48 static int do_onepass_sig( IOBUF out
, int ctb
, PKT_onepass_sig
*ops
);
50 static int calc_header_length( u32 len
, int new_ctb
);
51 static int write_16(IOBUF inp
, u16 a
);
52 static int write_32(IOBUF inp
, u32 a
);
53 static int write_header( IOBUF out
, int ctb
, u32 len
);
54 static int write_sign_packet_header( IOBUF out
, int ctb
, u32 len
);
55 static int write_header2( IOBUF out
, int ctb
, u32 len
, int hdrlen
);
56 static int write_new_header( IOBUF out
, int ctb
, u32 len
, int hdrlen
);
57 static int write_version( IOBUF out
, int ctb
);
60 * Build a packet and write it to INP
63 * Note: Caller must free the packet
66 build_packet( IOBUF out
, PACKET
*pkt
)
68 int new_ctb
=0, rc
=0, ctb
;
72 log_debug("build_packet() type=%d\n", pkt
->pkttype
);
73 assert( pkt
->pkt
.generic
);
75 switch( (pkttype
= pkt
->pkttype
) )
77 case PKT_PLAINTEXT
: new_ctb
= pkt
->pkt
.plaintext
->new_ctb
; break;
79 case PKT_ENCRYPTED_MDC
: new_ctb
= pkt
->pkt
.encrypted
->new_ctb
; break;
80 case PKT_COMPRESSED
:new_ctb
= pkt
->pkt
.compressed
->new_ctb
; break;
82 if( pkt
->pkt
.user_id
->attrib_data
)
83 pkttype
= PKT_ATTRIBUTE
;
88 if( new_ctb
|| pkttype
> 15 ) /* new format */
89 ctb
= 0xc0 | (pkttype
& 0x3f);
91 ctb
= 0x80 | ((pkttype
& 15)<<2);
96 rc
= do_user_id( out
, ctb
, pkt
->pkt
.user_id
);
101 Ignore these. Theoretically, this will never be called as
102 we have no way to output comment packets any longer, but
103 just in case there is some code path that would end up
104 outputting a comment that was written before comments were
105 dropped (in the public key?) this is a no-op.
108 case PKT_PUBLIC_SUBKEY
:
110 rc
= do_public_key( out
, ctb
, pkt
->pkt
.public_key
);
112 case PKT_SECRET_SUBKEY
:
114 rc
= do_secret_key( out
, ctb
, pkt
->pkt
.secret_key
);
117 rc
= do_symkey_enc( out
, ctb
, pkt
->pkt
.symkey_enc
);
120 rc
= do_pubkey_enc( out
, ctb
, pkt
->pkt
.pubkey_enc
);
123 rc
= do_plaintext( out
, ctb
, pkt
->pkt
.plaintext
);
126 rc
= do_encrypted( out
, ctb
, pkt
->pkt
.encrypted
);
128 case PKT_ENCRYPTED_MDC
:
129 rc
= do_encrypted_mdc( out
, ctb
, pkt
->pkt
.encrypted
);
132 rc
= do_compressed( out
, ctb
, pkt
->pkt
.compressed
);
135 rc
= do_signature( out
, ctb
, pkt
->pkt
.signature
);
137 case PKT_ONEPASS_SIG
:
138 rc
= do_onepass_sig( out
, ctb
, pkt
->pkt
.onepass_sig
);
141 break; /* ignore it (keyring.c does write it directly)*/
142 case PKT_MDC
: /* we write it directly, so we should never see it here. */
144 log_bug("invalid packet type in build_packet()\n");
153 * Write the mpi A to OUT.
156 mpi_write (iobuf_t out
, gcry_mpi_t a
)
158 char buffer
[(MAX_EXTERN_MPI_BITS
+7)/8+2]; /* 2 is for the mpi length. */
162 nbytes
= DIM(buffer
);
163 rc
= gcry_mpi_print (GCRYMPI_FMT_PGP
, buffer
, nbytes
, &nbytes
, a
);
165 rc
= iobuf_write( out
, buffer
, nbytes
);
166 else if (gpg_err_code(rc
) == GPG_ERR_TOO_SHORT
)
168 log_info ("mpi too large (%u bits)\n", gcry_mpi_get_nbits (a
));
169 /* The buffer was too small. We better tell the user about the MPI. */
170 rc
= gpg_error (GPG_ERR_TOO_LARGE
);
179 * calculate the length of a packet described by PKT
182 calc_packet_length( PACKET
*pkt
)
187 assert( pkt
->pkt
.generic
);
188 switch( pkt
->pkttype
) {
190 n
= calc_plaintext( pkt
->pkt
.plaintext
);
191 new_ctb
= pkt
->pkt
.plaintext
->new_ctb
;
202 case PKT_ONEPASS_SIG
:
206 log_bug("invalid packet type in calc_packet_length()");
210 n
+= calc_header_length(n
, new_ctb
);
215 write_fake_data (IOBUF out
, gcry_mpi_t a
)
222 p
= gcry_mpi_get_opaque ( a
, &n
);
223 iobuf_write (out
, p
, (n
+7)/8 );
228 do_user_id( IOBUF out
, int ctb
, PKT_user_id
*uid
)
232 if( uid
->attrib_data
)
234 write_header(out
, ctb
, uid
->attrib_len
);
235 rc
= iobuf_write( out
, uid
->attrib_data
, uid
->attrib_len
);
239 write_header2( out
, ctb
, uid
->len
, 2 );
240 rc
= iobuf_write( out
, uid
->name
, uid
->len
);
246 do_public_key( IOBUF out
, int ctb
, PKT_public_key
*pk
)
250 IOBUF a
= iobuf_temp();
255 iobuf_put( a
, pk
->version
);
256 write_32(a
, pk
->timestamp
);
257 if ( pk
->version
< 4 )
260 if ( pk
->expiredate
)
261 ndays
= (u16
)((pk
->expiredate
- pk
->timestamp
) / 86400L);
266 iobuf_put (a
, pk
->pubkey_algo
);
267 n
= pubkey_get_npkey ( pk
->pubkey_algo
);
269 write_fake_data( a
, pk
->pkey
[0] );
270 for (i
=0; i
< n
&& !rc
; i
++ )
271 rc
= mpi_write(a
, pk
->pkey
[i
] );
275 write_header2 (out
, ctb
, iobuf_get_temp_length(a
), pk
->hdrbytes
);
276 rc
= iobuf_write_temp ( out
, a
);
285 do_secret_key( IOBUF out
, int ctb
, PKT_secret_key
*sk
)
289 IOBUF a
= iobuf_temp(); /* Build in a self-enlarging buffer. */
291 /* Write the version number - if none is specified, use 3 */
295 iobuf_put ( a
, sk
->version
);
296 write_32 (a
, sk
->timestamp
);
298 /* v3 needs the expiration time. */
299 if ( sk
->version
< 4 )
302 if ( sk
->expiredate
)
303 ndays
= (u16
)((sk
->expiredate
- sk
->timestamp
) / 86400L);
309 iobuf_put (a
, sk
->pubkey_algo
);
311 /* Get number of secret and public parameters. They are held in one
312 array first the public ones, then the secret ones. */
313 nskey
= pubkey_get_nskey ( sk
->pubkey_algo
);
314 npkey
= pubkey_get_npkey ( sk
->pubkey_algo
);
316 /* If we don't have any public parameters - which is the case if we
317 don't know the algorithm used - the parameters are stored as one
318 blob in a faked (opaque) MPI. */
321 write_fake_data( a
, sk
->skey
[0] );
324 assert ( npkey
< nskey
);
326 /* Writing the public parameters is easy. */
327 for (i
=0; i
< npkey
; i
++ )
328 if ((rc
= mpi_write (a
, sk
->skey
[i
])))
331 /* Build the header for protected (encrypted) secret parameters. */
332 if ( sk
->is_protected
)
334 if ( is_RSA(sk
->pubkey_algo
)
336 && !sk
->protect
.s2k
.mode
)
338 /* The simple rfc1991 (v3) way. */
339 iobuf_put (a
, sk
->protect
.algo
);
340 iobuf_write (a
, sk
->protect
.iv
, sk
->protect
.ivlen
);
344 /* OpenPGP protection according to rfc2440. */
345 iobuf_put(a
, sk
->protect
.sha1chk
? 0xfe : 0xff );
346 iobuf_put(a
, sk
->protect
.algo
);
347 if ( sk
->protect
.s2k
.mode
>= 1000 )
349 /* These modes are not possible in OpenPGP, we use them
350 to implement our extensions, 101 can be seen as a
351 private/experimental extension (this is not specified
352 in rfc2440 but the same scheme is used for all other
353 algorithm identifiers) */
355 iobuf_put(a
, sk
->protect
.s2k
.hash_algo
);
356 iobuf_write(a
, "GNU", 3 );
357 iobuf_put(a
, sk
->protect
.s2k
.mode
- 1000 );
361 iobuf_put(a
, sk
->protect
.s2k
.mode
);
362 iobuf_put(a
, sk
->protect
.s2k
.hash_algo
);
364 if ( sk
->protect
.s2k
.mode
== 1
365 || sk
->protect
.s2k
.mode
== 3 )
366 iobuf_write (a
, sk
->protect
.s2k
.salt
, 8 );
368 if ( sk
->protect
.s2k
.mode
== 3 )
369 iobuf_put (a
, sk
->protect
.s2k
.count
);
371 /* For our special modes 1001, 1002 we do not need an IV. */
372 if ( sk
->protect
.s2k
.mode
!= 1001
373 && sk
->protect
.s2k
.mode
!= 1002 )
374 iobuf_write (a
, sk
->protect
.iv
, sk
->protect
.ivlen
);
380 if ( sk
->protect
.s2k
.mode
== 1001 )
381 ; /* GnuPG extension - don't write a secret key at all. */
382 else if ( sk
->protect
.s2k
.mode
== 1002 )
384 /* GnuPG extension - divert to OpenPGP smartcard. */
385 iobuf_put(a
, sk
->protect
.ivlen
); /* Length of the serial number
388 /* The serial number gets stored in the IV field. */
389 iobuf_write(a
, sk
->protect
.iv
, sk
->protect
.ivlen
);
391 else if ( sk
->is_protected
&& sk
->version
>= 4 )
393 /* The secret key is protected - write it out as it is. */
395 unsigned int ndatabits
;
397 assert (gcry_mpi_get_flag (sk
->skey
[npkey
], GCRYMPI_FLAG_OPAQUE
));
398 p
= gcry_mpi_get_opaque (sk
->skey
[npkey
], &ndatabits
);
399 iobuf_write (a
, p
, (ndatabits
+7)/8 );
401 else if ( sk
->is_protected
)
403 /* The secret key is protected the old v4 way. */
404 for ( ; i
< nskey
; i
++ )
407 unsigned int ndatabits
;
409 assert (gcry_mpi_get_flag (sk
->skey
[i
], GCRYMPI_FLAG_OPAQUE
));
410 p
= gcry_mpi_get_opaque (sk
->skey
[i
], &ndatabits
);
411 iobuf_write (a
, p
, (ndatabits
+7)/8);
413 write_16(a
, sk
->csum
);
417 /* Non-protected key. */
418 for ( ; i
< nskey
; i
++ )
419 if ( (rc
= mpi_write (a
, sk
->skey
[i
])))
421 write_16 (a
, sk
->csum
);
427 /* Build the header of the packet - which we must do after
428 writing all the other stuff, so that we know the length of
430 write_header2(out
, ctb
, iobuf_get_temp_length(a
), sk
->hdrbytes
);
431 /* And finally write it out the real stream */
432 rc
= iobuf_write_temp( out
, a
);
435 iobuf_close(a
); /* Close the remporary buffer */
440 do_symkey_enc( IOBUF out
, int ctb
, PKT_symkey_enc
*enc
)
443 IOBUF a
= iobuf_temp();
445 assert( enc
->version
== 4 );
446 switch( enc
->s2k
.mode
) {
447 case 0: case 1: case 3: break;
448 default: log_bug("do_symkey_enc: s2k=%d\n", enc
->s2k
.mode
);
450 iobuf_put( a
, enc
->version
);
451 iobuf_put( a
, enc
->cipher_algo
);
452 iobuf_put( a
, enc
->s2k
.mode
);
453 iobuf_put( a
, enc
->s2k
.hash_algo
);
454 if( enc
->s2k
.mode
== 1 || enc
->s2k
.mode
== 3 ) {
455 iobuf_write(a
, enc
->s2k
.salt
, 8 );
456 if( enc
->s2k
.mode
== 3 )
457 iobuf_put(a
, enc
->s2k
.count
);
460 iobuf_write(a
, enc
->seskey
, enc
->seskeylen
);
462 write_header(out
, ctb
, iobuf_get_temp_length(a
) );
463 rc
= iobuf_write_temp( out
, a
);
471 do_pubkey_enc( IOBUF out
, int ctb
, PKT_pubkey_enc
*enc
)
475 IOBUF a
= iobuf_temp();
477 write_version( a
, ctb
);
478 if ( enc
->throw_keyid
)
480 write_32(a
, 0 ); /* Don't tell Eve who can decrypt the message. */
485 write_32(a
, enc
->keyid
[0] );
486 write_32(a
, enc
->keyid
[1] );
488 iobuf_put(a
,enc
->pubkey_algo
);
489 n
= pubkey_get_nenc( enc
->pubkey_algo
);
491 write_fake_data( a
, enc
->data
[0] );
492 for (i
=0; i
< n
&& !rc
; i
++ )
493 rc
= mpi_write(a
, enc
->data
[i
] );
497 write_header(out
, ctb
, iobuf_get_temp_length(a
) );
498 rc
= iobuf_write_temp( out
, a
);
506 calc_plaintext( PKT_plaintext
*pt
)
508 /* Truncate namelen to the maximum 255 characters. Note this means
509 that a function that calls build_packet with an illegal literal
510 packet will get it back legalized. */
515 return pt
->len
? (1 + 1 + pt
->namelen
+ 4 + pt
->len
) : 0;
519 do_plaintext( IOBUF out
, int ctb
, PKT_plaintext
*pt
)
523 byte buf
[1000]; /* this buffer has the plaintext! */
526 write_header(out
, ctb
, calc_plaintext( pt
) );
527 iobuf_put(out
, pt
->mode
);
528 iobuf_put(out
, pt
->namelen
);
529 for(i
=0; i
< pt
->namelen
; i
++ )
530 iobuf_put(out
, pt
->name
[i
] );
531 rc
= write_32(out
, pt
->timestamp
);
536 while( (nbytes
=iobuf_read(pt
->buf
, buf
, 1000)) != -1 ) {
537 rc
= iobuf_write (out
, buf
, nbytes
);
542 wipememory(buf
,1000); /* burn the buffer */
543 if( (ctb
&0x40) && !pt
->len
)
544 iobuf_set_partial_block_mode(out
, 0 ); /* turn off partial */
545 if( pt
->len
&& n
!= pt
->len
)
546 log_error("do_plaintext(): wrote %lu bytes but expected %lu bytes\n",
547 (ulong
)n
, (ulong
)pt
->len
);
555 do_encrypted( IOBUF out
, int ctb
, PKT_encrypted
*ed
)
560 n
= ed
->len
? (ed
->len
+ ed
->extralen
) : 0;
561 write_header(out
, ctb
, n
);
563 /* This is all. The caller has to write the real data */
569 do_encrypted_mdc( IOBUF out
, int ctb
, PKT_encrypted
*ed
)
574 assert( ed
->mdc_method
);
576 /* Take version number and the following MDC packet in account. */
577 n
= ed
->len
? (ed
->len
+ ed
->extralen
+ 1 + 22) : 0;
578 write_header(out
, ctb
, n
);
579 iobuf_put(out
, 1 ); /* version */
581 /* This is all. The caller has to write the real data */
588 do_compressed( IOBUF out
, int ctb
, PKT_compressed
*cd
)
592 /* We must use the old convention and don't use blockmode for tyhe
593 sake of PGP 2 compatibility. However if the new_ctb flag was
594 set, CTB is already formatted as new style and write_header2
595 does create a partial length encoding using new the new
597 write_header2(out
, ctb
, 0, 0);
598 iobuf_put(out
, cd
->algorithm
);
600 /* This is all. The caller has to write the real data */
607 * Delete all subpackets of type REQTYPE and return a bool whether a packet
611 delete_sig_subpkt (subpktarea_t
*area
, sigsubpkttype_t reqtype
)
614 sigsubpkttype_t type
;
615 byte
*buffer
, *bufstart
;
630 n
= *buffer
++; buflen
--;
634 n
= (buffer
[0] << 24) | (buffer
[1] << 16)
635 | (buffer
[2] << 8) | buffer
[3];
639 else if( n
>= 192 ) {
642 n
= (( n
- 192 ) << 8) + *buffer
+ 192;
649 type
= *buffer
& 0x7f;
650 if( type
== reqtype
) {
656 buffer
+= n
; /* point to next subpkt */
658 memmove (bufstart
, buffer
, buflen
); /* shift */
659 unused
+= buffer
- bufstart
;
663 buffer
+= n
; buflen
-=n
;
668 log_error ("delete_subpkt: buffer shorter than subpacket\n");
669 assert (unused
<= area
->len
);
676 * Create or update a signature subpacket for SIG of TYPE. This
677 * functions knows where to put the data (hashed or unhashed). The
678 * function may move data from the unhashed part to the hashed one.
679 * Note: All pointers into sig->[un]hashed (e.g. returned by
680 * parse_sig_subpkt) are not valid after a call to this function. The
681 * data to put into the subpaket should be in a buffer with a length
685 build_sig_subpkt (PKT_signature
*sig
, sigsubpkttype_t type
,
686 const byte
*buffer
, size_t buflen
)
689 int critical
, hashed
;
690 subpktarea_t
*oldarea
, *newarea
;
693 critical
= (type
& SIGSUBPKT_FLAG_CRITICAL
);
694 type
&= ~SIGSUBPKT_FLAG_CRITICAL
;
696 /* Sanity check buffer sizes */
697 if(parse_one_sig_subpkt(buffer
,buflen
,type
)<0)
702 case SIGSUBPKT_NOTATION
:
703 case SIGSUBPKT_POLICY
:
704 case SIGSUBPKT_REV_KEY
:
705 case SIGSUBPKT_SIGNATURE
:
706 /* we do allow multiple subpackets */
710 /* we don't allow multiple subpackets */
711 delete_sig_subpkt(sig
->hashed
,type
);
712 delete_sig_subpkt(sig
->unhashed
,type
);
716 /* Any special magic that needs to be done for this type so the
717 packet doesn't need to be reparsed? */
720 case SIGSUBPKT_NOTATION
:
721 sig
->flags
.notation
=1;
724 case SIGSUBPKT_POLICY
:
725 sig
->flags
.policy_url
=1;
728 case SIGSUBPKT_PREF_KS
:
729 sig
->flags
.pref_ks
=1;
732 case SIGSUBPKT_EXPORTABLE
:
734 sig
->flags
.exportable
=1;
736 sig
->flags
.exportable
=0;
739 case SIGSUBPKT_REVOCABLE
:
741 sig
->flags
.revocable
=1;
743 sig
->flags
.revocable
=0;
746 case SIGSUBPKT_TRUST
:
747 sig
->trust_depth
=buffer
[0];
748 sig
->trust_value
=buffer
[1];
751 case SIGSUBPKT_REGEXP
:
752 sig
->trust_regexp
=buffer
;
755 /* This should never happen since we don't currently allow
756 creating such a subpacket, but just in case... */
757 case SIGSUBPKT_SIG_EXPIRE
:
758 if(buffer_to_u32(buffer
)+sig
->timestamp
<=make_timestamp())
759 sig
->flags
.expired
=1;
761 sig
->flags
.expired
=0;
768 if( (buflen
+1) >= 8384 )
769 nlen
= 5; /* write 5 byte length header */
770 else if( (buflen
+1) >= 192 )
771 nlen
= 2; /* write 2 byte length header */
773 nlen
= 1; /* just a 1 byte length header */
777 /* The issuer being unhashed is a historical oddity. It
778 should work equally as well hashed. Of course, if even an
779 unhashed issuer is tampered with, it makes it awfully hard
780 to verify the sig... */
781 case SIGSUBPKT_ISSUER
:
782 case SIGSUBPKT_SIGNATURE
:
791 type
|= SIGSUBPKT_FLAG_CRITICAL
;
793 oldarea
= hashed
? sig
->hashed
: sig
->unhashed
;
795 /* Calculate new size of the area and allocate */
796 n0
= oldarea
? oldarea
->len
: 0;
797 n
= n0
+ nlen
+ 1 + buflen
; /* length, type, buffer */
798 if (oldarea
&& n
<= oldarea
->size
) { /* fits into the unused space */
800 /*log_debug ("updating area for type %d\n", type );*/
803 newarea
= xrealloc (oldarea
, sizeof (*newarea
) + n
- 1);
805 /*log_debug ("reallocating area for type %d\n", type );*/
808 newarea
= xmalloc (sizeof (*newarea
) + n
- 1);
810 /*log_debug ("allocating area for type %d\n", type );*/
814 p
= newarea
->data
+ n0
;
817 *p
++ = (buflen
+1) >> 24;
818 *p
++ = (buflen
+1) >> 16;
819 *p
++ = (buflen
+1) >> 8;
822 memcpy (p
, buffer
, buflen
);
824 else if (nlen
== 2) {
825 *p
++ = (buflen
+1-192) / 256 + 192;
826 *p
++ = (buflen
+1-192) % 256;
828 memcpy (p
, buffer
, buflen
);
833 memcpy (p
, buffer
, buflen
);
837 sig
->hashed
= newarea
;
839 sig
->unhashed
= newarea
;
843 * Put all the required stuff from SIG into subpackets of sig.
844 * Hmmm, should we delete those subpackets which are in a wrong area?
847 build_sig_subpkt_from_sig( PKT_signature
*sig
)
853 buf
[0] = (u
>> 24) & 0xff;
854 buf
[1] = (u
>> 16) & 0xff;
855 buf
[2] = (u
>> 8) & 0xff;
858 buf
[4] = (u
>> 24) & 0xff;
859 buf
[5] = (u
>> 16) & 0xff;
860 buf
[6] = (u
>> 8) & 0xff;
862 build_sig_subpkt( sig
, SIGSUBPKT_ISSUER
, buf
, 8 );
865 buf
[0] = (u
>> 24) & 0xff;
866 buf
[1] = (u
>> 16) & 0xff;
867 buf
[2] = (u
>> 8) & 0xff;
869 build_sig_subpkt( sig
, SIGSUBPKT_SIG_CREATED
, buf
, 4 );
873 if(sig
->expiredate
>sig
->timestamp
)
874 u
=sig
->expiredate
-sig
->timestamp
;
876 u
=1; /* A 1-second expiration time is the shortest one
879 buf
[0] = (u
>> 24) & 0xff;
880 buf
[1] = (u
>> 16) & 0xff;
881 buf
[2] = (u
>> 8) & 0xff;
884 /* Mark this CRITICAL, so if any implementation doesn't
885 understand sigs that can expire, it'll just disregard this
888 build_sig_subpkt( sig
, SIGSUBPKT_SIG_EXPIRE
| SIGSUBPKT_FLAG_CRITICAL
,
894 build_attribute_subpkt(PKT_user_id
*uid
,byte type
,
895 const void *buf
,u32 buflen
,
896 const void *header
,u32 headerlen
)
901 if(1+headerlen
+buflen
>8383)
903 else if(1+headerlen
+buflen
>191)
908 /* realloc uid->attrib_data to the right size */
910 uid
->attrib_data
=xrealloc(uid
->attrib_data
,
911 uid
->attrib_len
+idx
+1+headerlen
+buflen
);
913 attrib
=&uid
->attrib_data
[uid
->attrib_len
];
918 attrib
[1]=(1+headerlen
+buflen
) >> 24;
919 attrib
[2]=(1+headerlen
+buflen
) >> 16;
920 attrib
[3]=(1+headerlen
+buflen
) >> 8;
921 attrib
[4]=1+headerlen
+buflen
;
925 attrib
[0]=(1+headerlen
+buflen
-192) / 256 + 192;
926 attrib
[1]=(1+headerlen
+buflen
-192) % 256;
929 attrib
[0]=1+headerlen
+buflen
; /* Good luck finding a JPEG this small! */
933 /* Tack on our data at the end */
936 memcpy(&attrib
[idx
],header
,headerlen
);
937 memcpy(&attrib
[idx
+headerlen
],buf
,buflen
);
938 uid
->attrib_len
+=idx
+headerlen
+buflen
;
942 string_to_notation(const char *string
,int is_utf8
)
946 struct notation
*notation
;
948 notation
=xmalloc_clear(sizeof(*notation
));
952 notation
->flags
.ignore
=1;
958 notation
->flags
.critical
=1;
962 /* If and when the IETF assigns some official name tags, we'll have
965 for( s
=string
; *s
!= '='; s
++ )
970 /* -notationname is legal without an = sign */
971 if(!*s
&& notation
->flags
.ignore
)
974 if( !*s
|| !isascii (*s
) || (!isgraph(*s
) && !isspace(*s
)) )
976 log_error(_("a notation name must have only printable characters"
977 " or spaces, and end with an '='\n") );
982 notation
->name
=xmalloc((s
-string
)+1);
983 strncpy(notation
->name
,string
,s
-string
);
984 notation
->name
[s
-string
]='\0';
986 if(!saw_at
&& !opt
.expert
)
988 log_error(_("a user notation name must contain the '@' character\n"));
994 log_error(_("a notation name must not contain more than"
995 " one '@' character\n"));
1004 /* we only support printable text - therefore we enforce the use
1005 of only printable characters (an empty value is valid) */
1008 if ( !isascii (*s
) )
1010 else if (iscntrl(*s
))
1012 log_error(_("a notation value must not use any"
1013 " control characters\n"));
1018 if(!highbit
|| is_utf8
)
1019 notation
->value
=xstrdup(i
);
1021 notation
->value
=native_to_utf8(i
);
1027 free_notation(notation
);
1032 sig_to_notation(PKT_signature
*sig
)
1037 struct notation
*list
=NULL
;
1039 while((p
=enum_sig_subpkt(sig
->hashed
,SIGSUBPKT_NOTATION
,&len
,&seq
,&crit
)))
1042 struct notation
*n
=NULL
;
1046 log_info(_("WARNING: invalid notation data found\n"));
1055 log_info(_("WARNING: invalid notation data found\n"));
1059 n
=xmalloc_clear(sizeof(*n
));
1060 n
->name
=xmalloc(n1
+1);
1062 memcpy(n
->name
,&p
[8],n1
);
1067 n
->value
=xmalloc(n2
+1);
1068 memcpy(n
->value
,&p
[8+n1
],n2
);
1073 n
->bdat
=xmalloc(n2
);
1075 memcpy(n
->bdat
,&p
[8+n1
],n2
);
1077 n
->value
=xmalloc(2+strlen(_("not human readable"))+2+1);
1078 strcpy(n
->value
,"[ ");
1079 strcat(n
->value
,_("not human readable"));
1080 strcat(n
->value
," ]");
1083 n
->flags
.critical
=crit
;
1093 free_notation(struct notation
*notation
)
1097 struct notation
*n
=notation
;
1109 do_signature( IOBUF out
, int ctb
, PKT_signature
*sig
)
1113 IOBUF a
= iobuf_temp();
1115 if ( !sig
->version
)
1118 iobuf_put( a
, sig
->version
);
1119 if ( sig
->version
< 4 )
1120 iobuf_put (a
, 5 ); /* Constant */
1121 iobuf_put (a
, sig
->sig_class
);
1122 if ( sig
->version
< 4 )
1124 write_32(a
, sig
->timestamp
);
1125 write_32(a
, sig
->keyid
[0] );
1126 write_32(a
, sig
->keyid
[1] );
1128 iobuf_put(a
, sig
->pubkey_algo
);
1129 iobuf_put(a
, sig
->digest_algo
);
1130 if ( sig
->version
>= 4 )
1133 /* Timestamp and keyid must have been packed into the subpackets
1134 prior to the call of this function, because these subpackets
1136 nn
= sig
->hashed
? sig
->hashed
->len
: 0;
1139 iobuf_write( a
, sig
->hashed
->data
, nn
);
1140 nn
= sig
->unhashed
? sig
->unhashed
->len
: 0;
1143 iobuf_write( a
, sig
->unhashed
->data
, nn
);
1145 iobuf_put(a
, sig
->digest_start
[0] );
1146 iobuf_put(a
, sig
->digest_start
[1] );
1147 n
= pubkey_get_nsig( sig
->pubkey_algo
);
1149 write_fake_data( a
, sig
->data
[0] );
1150 for (i
=0; i
< n
&& !rc
; i
++ )
1151 rc
= mpi_write(a
, sig
->data
[i
] );
1155 if ( is_RSA(sig
->pubkey_algo
) && sig
->version
< 4 )
1156 write_sign_packet_header(out
, ctb
, iobuf_get_temp_length(a
) );
1158 write_header(out
, ctb
, iobuf_get_temp_length(a
) );
1159 rc
= iobuf_write_temp( out
, a
);
1168 do_onepass_sig( IOBUF out
, int ctb
, PKT_onepass_sig
*ops
)
1171 IOBUF a
= iobuf_temp();
1173 write_version( a
, ctb
);
1174 iobuf_put(a
, ops
->sig_class
);
1175 iobuf_put(a
, ops
->digest_algo
);
1176 iobuf_put(a
, ops
->pubkey_algo
);
1177 write_32(a
, ops
->keyid
[0] );
1178 write_32(a
, ops
->keyid
[1] );
1179 iobuf_put(a
, ops
->last
);
1181 write_header(out
, ctb
, iobuf_get_temp_length(a
) );
1182 rc
= iobuf_write_temp( out
, a
);
1190 write_16(IOBUF out
, u16 a
)
1192 iobuf_put(out
, a
>>8);
1193 if( iobuf_put(out
,a
) )
1199 write_32(IOBUF out
, u32 a
)
1201 iobuf_put(out
, a
>> 24);
1202 iobuf_put(out
, a
>> 16);
1203 iobuf_put(out
, a
>> 8);
1204 return iobuf_put(out
, a
);
1209 * calculate the length of a header
1212 calc_header_length( u32 len
, int new_ctb
)
1215 return 1; /* only the ctb */
1234 * Write the CTB and the packet length
1237 write_header( IOBUF out
, int ctb
, u32 len
)
1239 return write_header2( out
, ctb
, len
, 0 );
1244 write_sign_packet_header( IOBUF out
, int ctb
, u32 len
)
1246 /* work around a bug in the pgp read function for signature packets,
1247 * which are not correctly coded and silently assume at some
1248 * point 2 byte length headers.*/
1249 iobuf_put(out
, 0x89 );
1250 iobuf_put(out
, len
>> 8 );
1251 return iobuf_put(out
, len
) == -1 ? -1:0;
1255 * If HDRLEN is > 0, try to build a header of this length. We need
1256 * this so that we can hash packets without reading them again. If
1257 * len is 0, write a partial or indeterminate length header, unless
1258 * hdrlen is specified in which case write an actual zero length
1259 * (using the specified hdrlen).
1262 write_header2( IOBUF out
, int ctb
, u32 len
, int hdrlen
)
1265 return write_new_header( out
, ctb
, len
, hdrlen
);
1269 if( hdrlen
== 2 && len
< 256 )
1271 else if( hdrlen
== 3 && len
< 65536 )
1280 else if( len
< 256 )
1282 else if( len
< 65536 )
1288 if( iobuf_put(out
, ctb
) )
1295 if(iobuf_put(out
, len
>> 24 ))
1297 if(iobuf_put(out
, len
>> 16 ))
1302 if(iobuf_put(out
, len
>> 8 ))
1305 if( iobuf_put(out
, len
) )
1314 write_new_header( IOBUF out
, int ctb
, u32 len
, int hdrlen
)
1317 log_bug("can't cope with hdrlen yet\n");
1319 if( iobuf_put(out
, ctb
) )
1322 iobuf_set_partial_block_mode(out
, 512 );
1326 if( iobuf_put(out
, len
) )
1329 else if( len
< 8384 ) {
1331 if( iobuf_put( out
, (len
/ 256) + 192) )
1333 if( iobuf_put( out
, (len
% 256) ) )
1337 if( iobuf_put( out
, 0xff ) )
1339 if( iobuf_put( out
, (len
>> 24)&0xff ) )
1341 if( iobuf_put( out
, (len
>> 16)&0xff ) )
1343 if( iobuf_put( out
, (len
>> 8)&0xff ) )
1345 if( iobuf_put( out
, len
& 0xff ) )
1353 write_version( IOBUF out
, int ctb
)
1355 if( iobuf_put( out
, 3 ) )