| blob | 573c12903de575f71d5cbeff87e7c36aa6b87d76 |
1 /* trustdb.c
2 * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004,
3 * 2005 Free Software Foundation, Inc.
4 *
5 * This file is part of GnuPG.
6 *
7 * GnuPG is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * GnuPG is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
20 * USA.
21 */
23 #include <config.h>
24 #include <stdio.h>
25 #include <stdlib.h>
26 #include <string.h>
27 #include <assert.h>
29 #ifndef DISABLE_REGEX
30 #include <sys/types.h>
31 #ifdef USE_INTERNAL_REGEX
33 #else
34 #include <regex.h>
35 #endif
51 /*
52 * A structure to store key identification as well as some stuff needed
53 * for validation
54 */
58 byte trust_depth;
59 byte trust_value;
62 };
67 /*
68 * Structure to keep track of keys, this is used as an array wherre
69 * the item right after the last one has a keyblock set to NULL.
70 * Maybe we can drop this thing and replace it by key_item
71 */
73 KBNODE keyblock;
74 };
77 /* control information for the trust DB */
84 /* some globals */
92 \f
93 /**********************************************
94 ************* some helpers *******************
95 **********************************************/
99 {
104 }
106 static void
108 {
112 {
116 }
117 }
119 /*
120 * For fast keylook up we need a hash table. Each byte of a KeyIDs
121 * should be distributed equally over the 256 possible values (except
122 * for v3 keyIDs but we consider them as not important here). So we
123 * can just use 10 bits to index a table of 1024 key items.
124 * Possible optimization: Don not use key_items but other hash_table when the
125 * duplicates lists gets too large.
126 */
127 static KeyHashTable
129 {
134 }
136 static void
138 {
146 }
148 /*
149 * Returns: True if the keyID is in the given hash table
150 */
151 static int
153 {
160 }
162 /*
163 * Add a new key to the hash table. The key is identified by its key ID.
164 */
165 static void
167 {
179 }
181 /*
182 * Release a key_array
183 */
184 static void
186 {
193 }
194 }
196 \f
197 /*********************************************
198 ********** Initialization *****************
199 *********************************************/
203 /*
204 * Used to register extra ultimately trusted keys - this has to be done
205 * before initializing the validation module.
206 * FIXME: Should be replaced by a function to add those keys to the trustdb.
207 */
208 void
210 {
218 }
220 void
222 {
223 KEYDB_SEARCH_DESC desc;
226 {
229 }
232 }
234 /*
235 * Helper to add a key to the global list of ultimately trusted keys.
236 * Retruns: true = inserted, false = already in in list.
237 */
238 static int
240 {
244 {
246 {
248 }
249 }
260 }
263 /****************
264 * Verify that all our secret keys are usable and put them into the utk_list.
265 */
266 static void
268 {
269 TRUSTREC rec;
270 ulong recnum;
277 /* scan the trustdb to find all ultimately trusted keys */
279 {
282 {
287 /* Problem: We do only use fingerprints in the trustdb but
288 * we need the keyID here to indetify the key; we can only
289 * use that ugly hack to distinguish between 16 and 20
290 * butes fpr - it does not work always so we better change
291 * the whole validation code to only work with
292 * fingerprints */
298 }
299 }
301 /* Put any --trusted-key keys into the trustdb */
303 {
306 PKT_public_key pk;
313 else
314 {
319 }
322 }
323 }
325 /* release the helper table table */
329 }
331 \f
332 /*********************************************
333 *********** TrustDB stuff *******************
334 *********************************************/
336 /*
337 * Read a record but die if it does not exist
338 */
339 static void
341 {
344 {
348 }
350 {
354 }
355 }
357 /*
358 * Write a record and die on error
359 */
360 static void
362 {
365 {
369 }
370 }
372 /*
373 * sync the TrustDb and die on error
374 */
375 static void
377 {
380 {
383 }
384 }
388 {
390 {
397 }
398 }
400 /****************
401 * Perform some checks over the trustdb
402 * level 0: only open the db
403 * 1: used for initial program startup
404 */
405 int
407 {
408 /* just store the args */
414 }
416 void
418 {
428 {
432 }
433 else
437 {
438 /* Try and set the trust model off of whatever the trustdb says
439 it is. */
442 /* Sanity check this ;) */
446 {
450 }
454 }
457 {
458 /* Verify the list of ultimately trusted keys and move the
459 --trusted-keys list there as well. */
465 }
466 }
469 /***********************************************
470 ************* Print helpers ****************
471 ***********************************************/
473 /****************
474 * This function returns a letter for a trustvalue Trust flags
475 * are ignore.
476 */
477 static int
479 {
481 {
490 }
491 }
493 /* NOTE TO TRANSLATOR: these strings are similar to those in
494 trust_value_to_string(), but are a fixed length. This is needed to
495 make attractive information listings where columns line up
496 properly. The value "10" should be the length of the strings you
497 choose to translate to. This is the length in printable columns.
498 It gets passed to atoi() so everything after the number is
499 essentially a comment and need not be translated. Either key and
500 uid are both NULL, or neither are NULL. */
503 {
512 {
519 }
522 }
524 /* The strings here are similar to those in
525 pkclist.c:do_edit_ownertrust() */
528 {
530 {
539 }
540 }
542 int
544 {
555 else
557 }
559 /****************
560 * Recreate the WoT but do not ask for new ownertrusts. Special
561 * feature: In batch mode and without a forced yes, this is only done
562 * when a check is due. This can be used to run the check from a crontab
563 */
564 void
566 {
569 {
571 {
572 ulong scheduled;
576 {
579 }
582 {
586 }
587 }
590 }
591 else
594 }
597 /*
598 * Recreate the WoT.
599 */
600 void
602 {
606 else
609 }
611 void
613 {
615 /* we simply set the time for the next check to 1 (far back in 1970)
616 * so that a --update-trustdb will be scheduled */
620 }
622 int
624 {
626 }
628 /* If the trustdb is dirty, and we're interactive, update it.
629 Otherwise, check it unless no-auto-check-trustdb is set. */
630 void
632 {
634 {
639 }
640 }
642 void
645 {
646 TRUSTREC opts;
664 }
666 /***********************************************
667 *********** Ownertrust et al. ****************
668 ***********************************************/
670 static int
672 {
680 {
684 }
687 {
691 }
694 }
696 /****************
697 * Return the assigned ownertrust value for the given public key.
698 * The key should be the primary key.
699 */
700 unsigned int
702 {
703 TRUSTREC rec;
710 {
713 }
716 }
718 unsigned int
720 {
721 TRUSTREC rec;
728 {
731 }
734 }
736 /*
737 * Same as get_ownertrust but this takes the minimum ownertrust value
738 * into into account, and will bump up the value as needed.
739 */
740 static int
742 {
748 {
749 /* If the trust that the user has set is less than the trust
750 that was calculated from a trust signature chain, use the
751 higher of the two. We do this here and not in
752 get_ownertrust since the underlying ownertrust should not
753 really be set - just the appearance of the ownertrust. */
756 }
759 }
761 /*
762 * Same as get_ownertrust but return a trust letter instead of an
763 * value. This takes the minimum ownertrust value into account.
764 */
765 int
767 {
769 }
771 /*
772 * Same as get_ownertrust but return a trust string instead of an
773 * value. This takes the minimum ownertrust value into account.
774 */
777 {
779 }
781 /*
782 * Set the trust value of the given public key to the new value.
783 * The key should be a primary one.
784 */
785 void
787 {
788 TRUSTREC rec;
793 {
798 {
803 }
804 }
821 }
822 else
823 {
825 }
826 }
828 static void
830 {
832 TRUSTREC rec;
838 {
841 }
845 {
850 new_trust );
852 {
857 }
858 }
875 }
876 else
877 {
879 }
880 }
882 /* Clear the ownertrust and min_ownertrust values. Return true if a
883 change actually happened. */
884 int
886 {
887 TRUSTREC rec;
892 {
894 {
899 }
901 {
908 }
909 }
911 {
913 }
915 }
917 /*
918 * Note: Caller has to do a sync
919 */
920 static void
923 {
926 ulong recno;
932 {
935 }
937 {
946 }
948 /* locate an existing one */
951 {
956 }
959 {
966 }
973 }
976 /***********************************************
977 ********* Query trustdb values **************
978 ***********************************************/
980 /* Return true if key is disabled */
981 int
983 {
985 TRUSTREC trec;
995 {
998 }
1005 /* Cache it for later so we don't need to look at the trustdb every
1006 time */
1009 else
1012 leave:
1014 }
1016 void
1018 {
1024 {
1025 ulong scheduled;
1030 {
1032 {
1035 }
1036 else
1037 {
1040 }
1041 }
1042 }
1043 }
1045 /*
1046 * Return the validity information for PK. If the namehash is not
1047 * NULL, the validity of the corresponsing user ID is returned,
1048 * otherwise, a reasonable value for the entire key is returned.
1049 */
1050 unsigned int
1052 {
1055 ulong recno;
1072 {
1079 }
1080 }
1081 else
1085 {
1086 /* Note that this happens BEFORE any user ID stuff is checked.
1087 The direct trust model applies to keys as a whole. */
1090 }
1094 {
1097 }
1099 {
1102 }
1104 /* loop over all user IDs */
1108 {
1112 {
1113 /* If a user ID is given we return the validity for that
1114 user ID ONLY. If the namehash is not found, then there
1115 is no validity at all (i.e. the user ID wasn't
1116 signed). */
1118 {
1121 }
1122 }
1123 else
1124 {
1125 /* If no namehash is given, we take the maximum validity
1126 over all user IDs */
1129 }
1132 }
1135 {
1138 }
1139 else
1142 leave:
1143 /* set some flags direct from the key */
1148 /* Note: expiration is a trust value and not a flag - don't know why
1149 * I initially designed it that way */
1159 }
1161 int
1163 {
1170 }
1174 {
1181 }
1183 static void
1185 {
1187 ulong recno;
1201 /* loop over all user IDs */
1204 {
1208 {
1211 /* printf("Fetched marginal %d, full %d\n",uid->help_marginal_count,uid->help_full_count); */
1213 }
1216 }
1217 }
1219 void
1221 {
1222 }
1224 /****************
1225 * Enumerate all keys, which are needed to build all trust paths for
1226 * the given key. This function does not return the key itself or
1227 * the ultimate key (the last point in cerificate chain). Only
1228 * certificate chains which ends up at an ultimately trusted key
1229 * are listed. If ownertrust or validity is not NULL, the corresponding
1230 * value for the returned LID is also returned in these variable(s).
1231 *
1232 * 1) create a void pointer and initialize it to NULL
1233 * 2) pass this void pointer by reference to this function.
1234 * Set lid to the key you want to enumerate and pass it by reference.
1235 * 3) call this function as long as it does not return -1
1236 * to indicate EOF. LID does contain the next key used to build the web
1237 * 4) Always call this function a last time with LID set to NULL,
1238 * so that it can free its context.
1239 *
1240 * Returns: -1 on EOF or the level of the returned LID
1241 */
1242 int
1245 {
1247 }
1250 /****************
1251 * Print the current path
1252 */
1253 void
1256 {
1258 }
1261 \f
1262 /****************************************
1263 *********** NEW NEW NEW ****************
1264 ****************************************/
1266 static int
1268 {
1276 {
1280 }
1283 {
1288 }
1289 else
1290 {
1296 else
1298 }
1303 }
1306 static void
1308 {
1312 {
1317 }
1318 }
1321 static void
1323 {
1327 {
1336 {
1338 {
1351 }
1352 }
1353 }
1354 }
1357 static void
1359 {
1360 KBNODE node;
1365 {
1367 {
1375 else
1379 {
1386 }
1387 }
1388 }
1392 }
1394 /*
1395 * check whether the signature sig is in the klist k
1396 */
1399 {
1401 {
1404 }
1406 }
1408 /*
1409 * Mark the signature of the given UID which are used to certify it.
1410 * To do this, we first revmove all signatures which are not valid and
1411 * from the remain ones we look for the latest one. If this is not a
1412 * certification revocation signature we mark the signature by setting
1413 * node flag bit 8. Revocations are marked with flag 11, and sigs
1414 * from unavailable keys are marked with flag 12. Note that flag bits
1415 * 9 and 10 are used for internal purposes.
1416 */
1417 static void
1421 {
1422 KBNODE node;
1425 /* first check all signatures */
1427 {
1445 invalid signature */
1449 {
1450 /* we ignore anything that won't verify, but tag the
1451 no_pubkey case */
1455 }
1457 }
1458 /* reset the remaining flags */
1462 /* kbnode flag usage: bit 9 is here set for signatures to consider,
1463 * bit 10 will be set by the loop to keep track of keyIDs already
1464 * processed, bit 8 will be set for the usable signatures, and bit
1465 * 11 will be set for usable revocations. */
1467 /* for each cert figure out the latest valid one */
1469 {
1472 u32 sigdate;
1486 /* Now find the latest and greatest signature */
1488 {
1500 /* If signode is nonrevocable and unexpired and n isn't,
1501 then take signode (skip). It doesn't matter which is
1502 older: if signode was older then we don't want to take n
1503 as signode is nonrevocable. If n was older then we're
1504 automatically fine. */
1516 /* If n is nonrevocable and unexpired and signode isn't,
1517 then take n. Again, it doesn't matter which is older: if
1518 n was older then we don't want to take signode as n is
1519 nonrevocable. If signode was older then we're
1520 automatically fine. */
1530 {
1534 }
1536 /* At this point, if it's newer, it goes in as the only
1537 remaining possibilities are signode and n are both either
1538 revocable or expired or both nonrevocable and unexpired.
1539 If the timestamps are equal take the later ordered
1540 packet, presuming that the key packets are hopefully in
1541 their original order. */
1544 {
1547 }
1548 }
1553 * Just need to check whether there is an expiration time,
1554 * We do the expired certification after finding a suitable
1555 * certification, the assumption is that a signator does not
1556 * want that after the expiration of his certificate the
1557 * system falls back to an older certification which has a
1558 * different expiration time */
1560 u32 expire;
1566 {
1570 }
1571 }
1572 else
1574 }
1575 }
1577 static int
1579 {
1581 KBNODE node;
1588 /* Passing in a 0 for current time here means that we'll never weed
1589 out an expired sig. This is correct behavior since we want to
1590 keep the most recent expired sig in a series. */
1593 /* What we want to do here is remove signatures that are not
1594 considered as part of the trust calculations. Thus, all invalid
1595 signatures are out, as are any signatures that aren't the last of
1596 a series of uid sigs or revocations It breaks down like this:
1597 coming out of mark_usable_uid_certs, if a sig is unflagged, it is
1598 not even a candidate. If a sig has flag 9 or 10, that means it
1599 was selected as a candidate and vetted. If a sig has flag 8 it
1600 is a usable signature. If a sig has flag 11 it is a usable
1601 revocation. If a sig has flag 12 it was issued by an unavailable
1602 key. "Usable" here means the most recent valid
1603 signature/revocation in a series from a particular signer.
1605 Delete everything that isn't a usable uid sig (which might be
1606 expired), a usable revocation, or a sig from an unavailable
1607 key. */
1612 {
1616 /* Keep usable uid sigs ... */
1620 /* ... and usable revocations... */
1624 /* ... and sigs from unavailable keys. */
1625 /* disabled for now since more people seem to want sigs from
1626 unavailable keys removed altogether. */
1627 /*
1628 if(node->flag & (1<<12))
1629 continue;
1630 */
1632 /* Everything else we delete */
1634 /* At this point, if 12 is set, the signing key was unavailable.
1635 If 9 or 10 is set, it's superceded. Otherwise, it's
1636 invalid. */
1646 deleted++;
1647 }
1650 }
1652 /* This is substantially easier than clean_sigs_from_uid since we just
1653 have to establish if the uid has a valid self-sig, is not revoked,
1654 and is not expired. Note that this does not take into account
1655 whether the uid has a trust path to it - just whether the keyholder
1656 themselves has certified the uid. Returns true if the uid was
1657 compacted. To "compact" a user ID, we simply remove ALL signatures
1658 except the self-sig that caused the user ID to be remove-worthy.
1659 We don't actually remove the user ID packet itself since it might
1660 be ressurected in a later merge. Note that this function requires
1661 that the caller has already done a merge_keys_and_selfsig().
1663 TODO: change the import code to allow importing a uid with only a
1664 revocation if the uid already exists on the keyring. */
1666 static int
1668 {
1669 KBNODE node;
1676 /* Skip valid user IDs, compacted user IDs, and non-self-signed user
1677 IDs if --allow-non-selfsigned-uid is set. */
1687 {
1691 }
1694 {
1702 else
1707 reason);
1710 }
1713 }
1715 /* Needs to be called after a merge_keys_and_selfsig() */
1716 void
1719 {
1731 /* Do clean_uid_from_key first since if it fires off, we don't
1732 have to bother with the other */
1736 }
1738 void
1741 {
1742 KBNODE uidnode;
1752 }
1754 /* Used by validate_one_keyblock to confirm a regexp within a trust
1755 signature. Returns 1 for match, and 0 for no match or regex
1756 error. */
1757 static int
1759 {
1760 #ifdef DISABLE_REGEX
1761 /* When DISABLE_REGEX is defined, assume all regexps do not
1762 match. */
1764 #elif defined(__riscos__)
1766 #else
1768 regex_t pat;
1781 #endif
1782 }
1784 /*
1785 * Return true if the key is signed by one of the keys in the given
1786 * key ID list. User IDs with a valid signature are marked by node
1787 * flags as follows:
1788 * flag bit 0: There is at least one signature
1789 * 1: There is marginal confidence that this is a legitimate uid
1790 * 2: There is full confidence that this is a legitimate uid.
1791 * 8: Used for internal purposes.
1792 * 9: Ditto (in mark_usable_uid_certs())
1793 * 10: Ditto (ditto)
1794 * This function assumes that all kbnode flags are cleared on entry.
1795 */
1796 static int
1799 {
1809 {
1810 /* A bit of discussion here: is it better for the web of trust
1811 to be built among only self-signed uids? On the one hand, a
1812 self-signed uid is a statement that the key owner definitely
1813 intended that uid to be there, but on the other hand, a
1814 signed (but not self-signed) uid does carry trust, of a sort,
1815 even if it is a statement being made by people other than the
1816 key owner "through" the uids on the key owner's key. I'm
1817 going with the latter. However, if the user ID was
1818 explicitly revoked, or passively allowed to expire, that
1819 should stop validity through the user ID until it is
1820 resigned. -dshaw */
1825 {
1827 {
1835 }
1839 /* If the selfsig is going to expire... */
1847 }
1850 {
1851 /* Note that we are only seeing unrevoked sigs here */
1855 /* If the trust_regexp does not match, it's as if the sig
1856 did not exist. This is safe for non-trust sigs as well
1857 since we don't accept a regexp on the sig unless it's a
1858 trust sig. */
1862 {
1868 /* Are we part of a trust sig chain? We always favor
1869 the latest trust sig, rather than the greater or
1870 lesser trust sig or value. I could make a decent
1871 argument for any of these cases, but this seems to be
1872 what PGP does, and I'd like to be compatible. -dms */
1877 {
1878 /* If we got here, we know that:
1880 this is a trust sig.
1882 it's a newer trust sig than any previous trust
1883 sig on this key (not uid).
1885 it is legal in that it was either generated by an
1886 ultimate key, or a key that was part of a trust
1887 chain, and the depth does not violate the
1888 original trust sig.
1890 if there is a regexp attached, it matched
1891 successfully.
1892 */
1903 /* If the trust sig contains a regexp, record it
1904 on the pk for the next round. */
1907 }
1916 }
1917 }
1918 }
1921 {
1929 }
1932 }
1935 static int
1937 {
1939 }
1942 /*
1943 * Scan all keys and return a key_array of all suitable keys from
1944 * kllist. The caller has to pass keydb handle so that we don't use
1945 * to create our own. Returns either a key_array or NULL in case of
1946 * an error. No results found are indicated by an empty array.
1947 * Caller hast to release the returned array.
1948 */
1952 {
1957 KEYDB_SEARCH_DESC desc;
1965 {
1969 }
1977 {
1980 }
1982 {
1986 }
1989 do
1990 {
1995 {
1999 }
2002 {
2008 }
2010 /* prepare the keyblock for further processing */
2015 {
2016 /* it does not make sense to look further at those keys */
2018 }
2020 {
2021 KBNODE node;
2030 }
2033 /* Optimization - if all uids are fully trusted, then we
2034 never need to consider this key as a candidate again. */
2044 }
2048 }
2051 {
2055 }
2059 }
2061 /* Caller must sync */
2062 static void
2064 {
2065 TRUSTREC rec;
2066 ulong recnum;
2070 {
2072 {
2073 count++;
2075 {
2078 }
2080 }
2085 {
2088 nreset++;
2090 }
2092 }
2097 }
2099 /*
2100 * Run the key validation procedure.
2101 *
2102 * This works this way:
2103 * Step 1: Find all ultimately trusted keys (UTK).
2104 * mark them all as seen and put them into klist.
2105 * Step 2: loop max_cert_times
2106 * Step 3: if OWNERTRUST of any key in klist is undefined
2107 * ask user to assign ownertrust
2108 * Step 4: Loop over all keys in the keyDB which are not marked seen
2109 * Step 5: if key is revoked or expired
2110 * mark key as seen
2111 * continue loop at Step 4
2112 * Step 6: For each user ID of that key signed by a key in klist
2113 * Calculate validity by counting trusted signatures.
2114 * Set validity of user ID
2115 * Step 7: If any signed user ID was found
2116 * mark key as seen
2117 * End Loop
2118 * Step 8: Build a new klist from all fully trusted keys from step 6
2119 * End Loop
2120 * Ready
2121 *
2122 */
2123 static int
2125 {
2133 KBNODE node;
2139 /* Make sure we have all sigs cached. TODO: This is going to
2140 require some architectual re-thinking, as it is agonizingly slow.
2141 Perhaps combine this with reset_trust_records(), or only check
2142 the caches on keys that are actually involved in the web of
2143 trust. */
2155 /* Fixme: Instead of always building a UTK list, we could just build it
2156 * here when needed */
2158 {
2162 }
2164 /* mark all UTKs as used and fully_trusted and set validity to
2165 ultimate */
2167 {
2168 KBNODE keyblock;
2173 {
2177 }
2183 {
2186 }
2193 }
2201 {
2203 /* See whether we should assign ownertrust values to the keys in
2204 klist. */
2208 {
2211 /* 120 and 60 are as per RFC2440 */
2221 {
2225 {
2228 }
2229 }
2231 /* This can happen during transition from an old trustdb
2232 before trust sigs. It can also happen if a user uses two
2233 different versions of GnuPG or changes the --trust-model
2234 setting. */
2236 {
2245 }
2248 ot_unknown++;
2250 ot_undefined++;
2252 ot_never++;
2254 ot_marginal++;
2256 ot_full++;
2258 ot_ultimate++;
2260 valids++;
2261 }
2263 /* Find all keys which are signed by a key in kdlist */
2267 {
2271 }
2274 ;
2276 /* Store the calculated valididation status somewhere */
2288 /* Build a new kdlist from all fully valid keys in KEYS */
2293 {
2295 {
2297 {
2300 /* have we used this key already? */
2303 {
2304 /* Normally we add both the primary and subkey
2305 ids to the hash via mark_keyblock_seen, but
2306 since we aren't using this hash as a skipfnc,
2307 that doesn't matter here. */
2328 }
2329 }
2330 }
2331 }
2336 }
2338 leave:
2346 {
2349 else
2350 {
2354 }
2357 {
2361 }
2365 }
2368 }