2008-05-15 Marcus Brinkmann <marcus@g10code.de>
[gnupg.git] / g10 / keyid.c
blob89b2ddfe26416b8687b4fd6b4178d6d929e100ac
1 /* keyid.c - key ID and fingerprint handling
2 * Copyright (C) 1998, 1999, 2000, 2001, 2003,
3 * 2004, 2006 Free Software Foundation, Inc.
5 * This file is part of GnuPG.
7 * GnuPG is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 3 of the License, or
10 * (at your option) any later version.
12 * GnuPG is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, see <http://www.gnu.org/licenses/>.
21 #include <config.h>
22 #include <stdio.h>
23 #include <stdlib.h>
24 #include <string.h>
25 #include <errno.h>
26 #include <time.h>
27 #include <assert.h>
29 #include "gpg.h"
30 #include "util.h"
31 #include "main.h"
32 #include "packet.h"
33 #include "options.h"
34 #include "keydb.h"
35 #include "i18n.h"
37 int
38 pubkey_letter( int algo )
40 switch( algo ) {
41 case PUBKEY_ALGO_RSA: return 'R' ;
42 case PUBKEY_ALGO_RSA_E: return 'r' ;
43 case PUBKEY_ALGO_RSA_S: return 's' ;
44 case PUBKEY_ALGO_ELGAMAL_E: return 'g';
45 case PUBKEY_ALGO_ELGAMAL: return 'G' ;
46 case PUBKEY_ALGO_DSA: return 'D' ;
47 default: return '?';
51 /* This function is useful for v4 fingerprints and v3 or v4 key
52 signing. */
53 void
54 hash_public_key( gcry_md_hd_t md, PKT_public_key *pk )
56 unsigned int n = 6;
57 unsigned int nn[PUBKEY_MAX_NPKEY];
58 byte *pp[PUBKEY_MAX_NPKEY];
59 int i;
60 unsigned int nbits;
61 size_t nbytes;
62 int npkey = pubkey_get_npkey (pk->pubkey_algo);
64 /* Two extra bytes for the expiration date in v3 */
65 if(pk->version<4)
66 n+=2;
68 if (npkey==0 && pk->pkey[0]
69 && gcry_mpi_get_flag (pk->pkey[0], GCRYMPI_FLAG_OPAQUE))
71 pp[0] = gcry_mpi_get_opaque (pk->pkey[0], &nbits);
72 nn[0] = (nbits+7)/8;
73 n+=nn[0];
75 else
76 for(i=0; i < npkey; i++ )
78 if (gcry_mpi_print (GCRYMPI_FMT_PGP, NULL, 0, &nbytes, pk->pkey[i]))
79 BUG ();
80 pp[i] = xmalloc (nbytes);
81 if (gcry_mpi_print (GCRYMPI_FMT_PGP, pp[i], nbytes,
82 &nbytes, pk->pkey[i]))
83 BUG ();
84 nn[i] = nbytes;
85 n += nn[i];
88 gcry_md_putc ( md, 0x99 ); /* ctb */
89 /* What does it mean if n is greater than than 0xFFFF ? */
90 gcry_md_putc ( md, n >> 8 ); /* 2 byte length header */
91 gcry_md_putc ( md, n );
92 gcry_md_putc ( md, pk->version );
94 gcry_md_putc ( md, pk->timestamp >> 24 );
95 gcry_md_putc ( md, pk->timestamp >> 16 );
96 gcry_md_putc ( md, pk->timestamp >> 8 );
97 gcry_md_putc ( md, pk->timestamp );
99 if(pk->version<4)
101 u16 days=0;
102 if(pk->expiredate)
103 days=(u16)((pk->expiredate - pk->timestamp) / 86400L);
105 gcry_md_putc ( md, days >> 8 );
106 gcry_md_putc ( md, days );
109 gcry_md_putc ( md, pk->pubkey_algo );
111 if(npkey==0 && pk->pkey[0]
112 && gcry_mpi_get_flag (pk->pkey[0], GCRYMPI_FLAG_OPAQUE))
114 gcry_md_write (md, pp[0], nn[0]);
116 else
117 for(i=0; i < npkey; i++ )
119 gcry_md_write ( md, pp[i], nn[i] );
120 xfree(pp[i]);
124 static gcry_md_hd_t
125 do_fingerprint_md( PKT_public_key *pk )
127 gcry_md_hd_t md;
129 if (gcry_md_open (&md, DIGEST_ALGO_SHA1, 0))
130 BUG ();
131 hash_public_key(md,pk);
132 gcry_md_final( md );
134 return md;
137 static gcry_md_hd_t
138 do_fingerprint_md_sk( PKT_secret_key *sk )
140 PKT_public_key pk;
141 int npkey = pubkey_get_npkey( sk->pubkey_algo ); /* npkey is correct! */
142 int i;
144 if(npkey==0)
145 return NULL;
147 pk.pubkey_algo = sk->pubkey_algo;
148 pk.version = sk->version;
149 pk.timestamp = sk->timestamp;
150 pk.expiredate = sk->expiredate;
151 pk.pubkey_algo = sk->pubkey_algo;
152 for( i=0; i < npkey; i++ )
153 pk.pkey[i] = sk->skey[i];
154 return do_fingerprint_md( &pk );
159 v3_keyid (gcry_mpi_t a, u32 *ki)
161 byte *buffer, *p;
162 size_t nbytes;
164 if (gcry_mpi_print (GCRYMPI_FMT_USG, NULL, 0, &nbytes, a ))
165 BUG ();
166 /* fixme: allocate it on the stack */
167 buffer = xmalloc (nbytes);
168 if (gcry_mpi_print( GCRYMPI_FMT_USG, buffer, nbytes, NULL, a ))
169 BUG ();
170 if (nbytes < 8) /* oops */
171 ki[0] = ki[1] = 0;
172 else
174 p = buffer + nbytes - 8;
175 ki[0] = (p[0] << 24) | (p[1] <<16) | (p[2] << 8) | p[3];
176 p += 4;
177 ki[1] = (p[0] << 24) | (p[1] <<16) | (p[2] << 8) | p[3];
179 xfree (buffer);
180 return ki[1];
184 size_t
185 keystrlen(void)
187 switch(opt.keyid_format)
189 case KF_SHORT:
190 return 8;
192 case KF_LONG:
193 return 16;
195 case KF_0xSHORT:
196 return 10;
198 case KF_0xLONG:
199 return 18;
201 default:
202 BUG();
206 const char *
207 keystr(u32 *keyid)
209 static char keyid_str[19];
211 switch(opt.keyid_format)
213 case KF_SHORT:
214 sprintf(keyid_str,"%08lX",(ulong)keyid[1]);
215 break;
217 case KF_LONG:
218 if(keyid[0])
219 sprintf(keyid_str,"%08lX%08lX",(ulong)keyid[0],(ulong)keyid[1]);
220 else
221 sprintf(keyid_str,"%08lX",(ulong)keyid[1]);
222 break;
224 case KF_0xSHORT:
225 sprintf(keyid_str,"0x%08lX",(ulong)keyid[1]);
226 break;
228 case KF_0xLONG:
229 if(keyid[0])
230 sprintf(keyid_str,"0x%08lX%08lX",(ulong)keyid[0],(ulong)keyid[1]);
231 else
232 sprintf(keyid_str,"0x%08lX",(ulong)keyid[1]);
233 break;
235 default:
236 BUG();
239 return keyid_str;
242 const char *
243 keystr_from_pk(PKT_public_key *pk)
245 keyid_from_pk(pk,NULL);
247 return keystr(pk->keyid);
250 const char *
251 keystr_from_sk(PKT_secret_key *sk)
253 keyid_from_sk(sk,NULL);
255 return keystr(sk->keyid);
258 const char *
259 keystr_from_desc(KEYDB_SEARCH_DESC *desc)
261 switch(desc->mode)
263 case KEYDB_SEARCH_MODE_LONG_KID:
264 case KEYDB_SEARCH_MODE_SHORT_KID:
265 return keystr(desc->u.kid);
267 case KEYDB_SEARCH_MODE_FPR20:
269 u32 keyid[2];
271 keyid[0] = ((unsigned char)desc->u.fpr[12] << 24
272 | (unsigned char)desc->u.fpr[13] << 16
273 | (unsigned char)desc->u.fpr[14] << 8
274 | (unsigned char)desc->u.fpr[15]);
275 keyid[1] = ((unsigned char)desc->u.fpr[16] << 24
276 | (unsigned char)desc->u.fpr[17] << 16
277 | (unsigned char)desc->u.fpr[18] << 8
278 | (unsigned char)desc->u.fpr[19]);
280 return keystr(keyid);
283 case KEYDB_SEARCH_MODE_FPR16:
284 return "?v3 fpr?";
286 default:
287 BUG();
291 /****************
292 * Get the keyid from the secret key and put it into keyid
293 * if this is not NULL. Return the 32 low bits of the keyid.
296 keyid_from_sk( PKT_secret_key *sk, u32 *keyid )
298 u32 lowbits;
299 u32 dummy_keyid[2];
301 if( !keyid )
302 keyid = dummy_keyid;
304 if( sk->keyid[0] || sk->keyid[1] )
306 keyid[0] = sk->keyid[0];
307 keyid[1] = sk->keyid[1];
308 lowbits = keyid[1];
310 else if( sk->version < 4 )
312 if( is_RSA(sk->pubkey_algo) )
314 lowbits = (pubkey_get_npkey (sk->pubkey_algo) ?
315 v3_keyid( sk->skey[0], keyid ) : 0); /* Take n. */
316 sk->keyid[0]=keyid[0];
317 sk->keyid[1]=keyid[1];
319 else
320 sk->keyid[0]=sk->keyid[1]=keyid[0]=keyid[1]=lowbits=0xFFFFFFFF;
322 else
324 const byte *dp;
325 gcry_md_hd_t md;
327 md = do_fingerprint_md_sk(sk);
328 if(md)
330 dp = gcry_md_read (md, 0);
331 keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ;
332 keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ;
333 lowbits = keyid[1];
334 gcry_md_close (md);
335 sk->keyid[0] = keyid[0];
336 sk->keyid[1] = keyid[1];
338 else
339 sk->keyid[0]=sk->keyid[1]=keyid[0]=keyid[1]=lowbits=0xFFFFFFFF;
342 return lowbits;
346 /****************
347 * Get the keyid from the public key and put it into keyid
348 * if this is not NULL. Return the 32 low bits of the keyid.
351 keyid_from_pk( PKT_public_key *pk, u32 *keyid )
353 u32 lowbits;
354 u32 dummy_keyid[2];
356 if( !keyid )
357 keyid = dummy_keyid;
359 if( pk->keyid[0] || pk->keyid[1] )
361 keyid[0] = pk->keyid[0];
362 keyid[1] = pk->keyid[1];
363 lowbits = keyid[1];
365 else if( pk->version < 4 )
367 if( is_RSA(pk->pubkey_algo) )
369 lowbits = (pubkey_get_npkey (pk->pubkey_algo) ?
370 v3_keyid ( pk->pkey[0], keyid ) : 0); /* From n. */
371 pk->keyid[0] = keyid[0];
372 pk->keyid[1] = keyid[1];
374 else
375 pk->keyid[0]=pk->keyid[1]=keyid[0]=keyid[1]=lowbits=0xFFFFFFFF;
377 else
379 const byte *dp;
380 gcry_md_hd_t md;
382 md = do_fingerprint_md(pk);
383 if(md)
385 dp = gcry_md_read ( md, 0 );
386 keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ;
387 keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ;
388 lowbits = keyid[1];
389 gcry_md_close (md);
390 pk->keyid[0] = keyid[0];
391 pk->keyid[1] = keyid[1];
393 else
394 pk->keyid[0]=pk->keyid[1]=keyid[0]=keyid[1]=lowbits=0xFFFFFFFF;
397 return lowbits;
401 /****************
402 * Get the keyid from the fingerprint. This function is simple for most
403 * keys, but has to do a keylookup for old stayle keys.
406 keyid_from_fingerprint( const byte *fprint, size_t fprint_len, u32 *keyid )
408 u32 dummy_keyid[2];
410 if( !keyid )
411 keyid = dummy_keyid;
413 if( fprint_len != 20 ) {
414 /* This is special as we have to lookup the key first */
415 PKT_public_key pk;
416 int rc;
418 memset( &pk, 0, sizeof pk );
419 rc = get_pubkey_byfprint( &pk, fprint, fprint_len );
420 if( rc ) {
421 log_error("Oops: keyid_from_fingerprint: no pubkey\n");
422 keyid[0] = 0;
423 keyid[1] = 0;
425 else
426 keyid_from_pk( &pk, keyid );
428 else {
429 const byte *dp = fprint;
430 keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ;
431 keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ;
434 return keyid[1];
439 keyid_from_sig( PKT_signature *sig, u32 *keyid )
441 if( keyid ) {
442 keyid[0] = sig->keyid[0];
443 keyid[1] = sig->keyid[1];
445 return sig->keyid[1];
448 byte *
449 namehash_from_uid(PKT_user_id *uid)
451 if(uid->namehash==NULL)
453 uid->namehash = xmalloc(20);
455 if(uid->attrib_data)
456 gcry_md_hash_buffer (GCRY_MD_RMD160, uid->namehash,
457 uid->attrib_data, uid->attrib_len);
458 else
459 gcry_md_hash_buffer (GCRY_MD_RMD160, uid->namehash,
460 uid->name, uid->len);
463 return uid->namehash;
466 /****************
467 * return the number of bits used in the pk
469 unsigned
470 nbits_from_pk( PKT_public_key *pk )
472 return pubkey_nbits( pk->pubkey_algo, pk->pkey );
475 /****************
476 * return the number of bits used in the sk
478 unsigned
479 nbits_from_sk( PKT_secret_key *sk )
481 return pubkey_nbits( sk->pubkey_algo, sk->skey );
484 static const char *
485 mk_datestr (char *buffer, time_t atime)
487 struct tm *tp;
489 if ( atime < 0 ) /* 32 bit time_t and after 2038-01-19 */
490 strcpy (buffer, "????" "-??" "-??"); /* mark this as invalid */
491 else {
492 tp = gmtime (&atime);
493 sprintf (buffer,"%04d-%02d-%02d",
494 1900+tp->tm_year, tp->tm_mon+1, tp->tm_mday );
496 return buffer;
499 /****************
500 * return a string with the creation date of the pk
501 * Note: this is alloced in a static buffer.
502 * Format is: yyyy-mm-dd
504 const char *
505 datestr_from_pk( PKT_public_key *pk )
507 static char buffer[11+5];
508 time_t atime = pk->timestamp;
510 return mk_datestr (buffer, atime);
513 const char *
514 datestr_from_sk( PKT_secret_key *sk )
516 static char buffer[11+5];
517 time_t atime = sk->timestamp;
519 return mk_datestr (buffer, atime);
522 const char *
523 datestr_from_sig( PKT_signature *sig )
525 static char buffer[11+5];
526 time_t atime = sig->timestamp;
528 return mk_datestr (buffer, atime);
531 const char *
532 expirestr_from_pk( PKT_public_key *pk )
534 static char buffer[11+5];
535 time_t atime;
537 if( !pk->expiredate )
538 return _("never ");
539 atime = pk->expiredate;
540 return mk_datestr (buffer, atime);
543 const char *
544 expirestr_from_sk( PKT_secret_key *sk )
546 static char buffer[11+5];
547 time_t atime;
549 if( !sk->expiredate )
550 return _("never ");
551 atime = sk->expiredate;
552 return mk_datestr (buffer, atime);
555 const char *
556 expirestr_from_sig( PKT_signature *sig )
558 static char buffer[11+5];
559 time_t atime;
561 if(!sig->expiredate)
562 return _("never ");
563 atime=sig->expiredate;
564 return mk_datestr (buffer, atime);
567 const char *
568 revokestr_from_pk( PKT_public_key *pk )
570 static char buffer[11+5];
571 time_t atime;
573 if(!pk->revoked.date)
574 return _("never ");
575 atime=pk->revoked.date;
576 return mk_datestr (buffer, atime);
580 const char *
581 usagestr_from_pk( PKT_public_key *pk )
583 static char buffer[10];
584 int i = 0;
585 unsigned int use = pk->pubkey_usage;
587 if ( use & PUBKEY_USAGE_SIG )
588 buffer[i++] = 'S';
590 if ( use & PUBKEY_USAGE_CERT )
591 buffer[i++] = 'C';
593 if ( use & PUBKEY_USAGE_ENC )
594 buffer[i++] = 'E';
596 if ( (use & PUBKEY_USAGE_AUTH) )
597 buffer[i++] = 'A';
599 while (i < 4)
600 buffer[i++] = ' ';
602 buffer[i] = 0;
603 return buffer;
607 const char *
608 colon_strtime (u32 t)
610 if (!t)
611 return "";
612 if (opt.fixed_list_mode) {
613 static char buf[15];
614 sprintf (buf, "%lu", (ulong)t);
615 return buf;
617 return strtimestamp(t);
620 const char *
621 colon_datestr_from_pk (PKT_public_key *pk)
623 if (opt.fixed_list_mode) {
624 static char buf[15];
625 sprintf (buf, "%lu", (ulong)pk->timestamp);
626 return buf;
628 return datestr_from_pk (pk);
631 const char *
632 colon_datestr_from_sk (PKT_secret_key *sk)
634 if (opt.fixed_list_mode) {
635 static char buf[15];
636 sprintf (buf, "%lu", (ulong)sk->timestamp);
637 return buf;
639 return datestr_from_sk (sk);
642 const char *
643 colon_datestr_from_sig (PKT_signature *sig)
645 if (opt.fixed_list_mode) {
646 static char buf[15];
647 sprintf (buf, "%lu", (ulong)sig->timestamp);
648 return buf;
650 return datestr_from_sig (sig);
653 const char *
654 colon_expirestr_from_sig (PKT_signature *sig)
656 if(!sig->expiredate)
657 return "";
658 if (opt.fixed_list_mode) {
659 static char buf[15];
660 sprintf (buf, "%lu", (ulong)sig->expiredate);
661 return buf;
663 return expirestr_from_sig (sig);
667 /**************** .
668 * Return a byte array with the fingerprint for the given PK/SK
669 * The length of the array is returned in ret_len. Caller must free
670 * the array or provide an array of length MAX_FINGERPRINT_LEN.
673 byte *
674 fingerprint_from_pk( PKT_public_key *pk, byte *array, size_t *ret_len )
676 byte *buf;
677 const byte *dp;
678 size_t len, nbytes;
679 int i;
681 if ( pk->version < 4 )
683 if ( is_RSA(pk->pubkey_algo) )
685 /* RSA in version 3 packets is special. */
686 gcry_md_hd_t md;
688 if (gcry_md_open (&md, DIGEST_ALGO_MD5, 0))
689 BUG ();
690 if ( pubkey_get_npkey (pk->pubkey_algo) > 1 )
692 for (i=0; i < 2; i++)
694 if (gcry_mpi_print (GCRYMPI_FMT_USG, NULL, 0,
695 &nbytes, pk->pkey[i]))
696 BUG ();
697 /* fixme: Better allocate BUF on the stack */
698 buf = xmalloc (nbytes);
699 if (gcry_mpi_print (GCRYMPI_FMT_USG, buf, nbytes,
700 NULL, pk->pkey[i]))
701 BUG ();
702 gcry_md_write (md, buf, nbytes);
703 xfree (buf);
706 gcry_md_final (md);
707 if (!array)
708 array = xmalloc (16);
709 len = 16;
710 memcpy (array, gcry_md_read (md, DIGEST_ALGO_MD5), 16);
711 gcry_md_close(md);
713 else
715 if (!array)
716 array = xmalloc(16);
717 len = 16;
718 memset (array,0,16);
721 else
723 gcry_md_hd_t md;
725 md = do_fingerprint_md(pk);
726 dp = gcry_md_read( md, 0 );
727 len = gcry_md_get_algo_dlen (gcry_md_get_algo (md));
728 assert( len <= MAX_FINGERPRINT_LEN );
729 if (!array)
730 array = xmalloc ( len );
731 memcpy (array, dp, len );
732 pk->keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ;
733 pk->keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ;
734 gcry_md_close( md);
737 *ret_len = len;
738 return array;
741 byte *
742 fingerprint_from_sk( PKT_secret_key *sk, byte *array, size_t *ret_len )
744 byte *buf;
745 const char *dp;
746 size_t len, nbytes;
747 int i;
749 if (sk->version < 4)
751 if ( is_RSA(sk->pubkey_algo) )
753 /* RSA in version 3 packets is special. */
754 gcry_md_hd_t md;
756 if (gcry_md_open (&md, DIGEST_ALGO_MD5, 0))
757 BUG ();
758 if (pubkey_get_npkey( sk->pubkey_algo ) > 1)
760 for (i=0; i < 2; i++)
762 if (gcry_mpi_print (GCRYMPI_FMT_USG, NULL, 0,
763 &nbytes, sk->skey[i]))
764 BUG ();
765 /* fixme: Better allocate BUF on the stack */
766 buf = xmalloc (nbytes);
767 if (gcry_mpi_print (GCRYMPI_FMT_USG, buf, nbytes,
768 NULL, sk->skey[i]))
769 BUG ();
770 gcry_md_write (md, buf, nbytes);
771 xfree (buf);
774 gcry_md_final(md);
775 if (!array)
776 array = xmalloc (16);
777 len = 16;
778 memcpy (array, gcry_md_read (md, DIGEST_ALGO_MD5), 16);
779 gcry_md_close (md);
781 else
783 if (!array)
784 array = xmalloc (16);
785 len=16;
786 memset (array,0,16);
789 else
791 gcry_md_hd_t md;
793 md = do_fingerprint_md_sk(sk);
794 if (md)
796 dp = gcry_md_read ( md, 0 );
797 len = gcry_md_get_algo_dlen ( gcry_md_get_algo (md) );
798 assert ( len <= MAX_FINGERPRINT_LEN );
799 if (!array)
800 array = xmalloc( len );
801 memcpy (array, dp, len);
802 gcry_md_close (md);
804 else
806 len = MAX_FINGERPRINT_LEN;
807 if (!array)
808 array = xmalloc (len);
809 memset (array, 0, len);
813 *ret_len = len;
814 return array;
818 /* Create a serialno/fpr string from the serial number and the secret
819 key. Caller must free the returned string. There is no error
820 return. */
821 char *
822 serialno_and_fpr_from_sk (const unsigned char *sn, size_t snlen,
823 PKT_secret_key *sk)
825 unsigned char fpr[MAX_FINGERPRINT_LEN];
826 size_t fprlen;
827 char *buffer, *p;
828 int i;
830 fingerprint_from_sk (sk, fpr, &fprlen);
831 buffer = p = xmalloc (snlen*2 + 1 + fprlen*2 + 1);
832 for (i=0; i < snlen; i++, p+=2)
833 sprintf (p, "%02X", sn[i]);
834 *p++ = '/';
835 for (i=0; i < fprlen; i++, p+=2)
836 sprintf (p, "%02X", fpr[i]);
837 *p = 0;
838 return buffer;