decodekey.c

   1 /*
   2  * decodekey.c - Routines to further decode an OpenPGP key.
   3  *
   4  * Copyright 2002-2008 Jonathan McDowell <noodles@earth.li>
   5  *
   6  * This program is free software: you can redistribute it and/or modify it
   7  * under the terms of the GNU General Public License as published by the Free
   8  * Software Foundation; version 2 of the License.
   9  *
  10  * This program is distributed in the hope that it will be useful, but WITHOUT
  11  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  12  * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
  13  * more details.
  14  *
  15  * You should have received a copy of the GNU General Public License along with
  16  * this program; if not, write to the Free Software Foundation, Inc., 51
  17  * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
  18  */
  19
  20 #include <stdbool.h>
  21 #include <stdio.h>
  22 #include <stdlib.h>
  23 #include <string.h>
  24 #include <time.h>
  25
  26 #include "decodekey.h"
  27 #include "hash.h"
  28 #include "keyid.h"
  29 #include "keystructs.h"
  30 #include "ll.h"
  31 #include "log.h"
  32 #include "openpgp.h"
  33
  34 /*
  35  *      parse_subpackets - Parse the subpackets of a Type 4 signature.
  36  *      @data: The subpacket data.
  37  *      @keyid: A pointer to where we should return the keyid.
  38  *      @creationtime: A pointer to where we should return the creation time.
  39  *
  40  *      This function parses the subkey data of a Type 4 signature and fills
  41  *      in the supplied variables. It also returns the length of the data
  42  *      processed. If the value of any piece of data is not desired a NULL
  43  *      can be passed instead of a pointer to a storage area for that value.
  44  */
  45 int parse_subpackets(unsigned char *data, uint64_t *keyid, time_t *creation)
  46 {
  47         int offset = 0;
  48         int length = 0;
  49         int packetlen = 0;
  50
  51         log_assert(data != NULL);
  52
  53         length = (data[0] << 8) + data[1] + 2;
  54
  55         offset = 2;
  56         while (offset < length) {
  57                 packetlen = data[offset++];
  58                 if (packetlen > 191 && packetlen < 255) {
  59                         packetlen = ((packetlen - 192) << 8) +
  60                                         data[offset++] + 192;
  61                 } else if (packetlen == 255) {
  62                         packetlen = data[offset++];
  63                         packetlen <<= 8;
  64                         packetlen = data[offset++];
  65                         packetlen <<= 8;
  66                         packetlen = data[offset++];
  67                         packetlen <<= 8;
  68                         packetlen = data[offset++];
  69                 }
  70                 switch (data[offset] & 0x7F) {
  71                 case OPENPGP_SIGSUB_CREATION:
  72                         /*
  73                          * Signature creation time.
  74                          */
  75                         if (creation != NULL) {
  76                                 *creation = data[offset + packetlen - 4];
  77                                 *creation <<= 8;
  78                                 *creation = data[offset + packetlen - 3];
  79                                 *creation <<= 8;
  80                                 *creation = data[offset + packetlen - 2];
  81                                 *creation <<= 8;
  82                                 *creation = data[offset + packetlen - 1];
  83                         }
  84                         break;
  85                 case OPENPGP_SIGSUB_EXPIRY:
  86                         /*
  87                          * Signature expiration time. Might want to output this?
  88                          */
  89                         break;
  90                 case OPENPGP_SIGSUB_REGEX:
  91                         /*
  92                          * Regular expression for UIDs this sig is over.
  93                          */
  94                         break;
  95                 case OPENPGP_SIGSUB_ISSUER:
  96                         if (keyid != NULL) {
  97                                 *keyid = data[offset+packetlen - 8];
  98                                 *keyid <<= 8;
  99                                 *keyid += data[offset+packetlen - 7];
 100                                 *keyid <<= 8;
 101                                 *keyid += data[offset+packetlen - 6];
 102                                 *keyid <<= 8;
 103                                 *keyid += data[offset+packetlen - 5];
 104                                 *keyid <<= 8;
 105                                 *keyid += data[offset+packetlen - 4];
 106                                 *keyid <<= 8;
 107                                 *keyid += data[offset+packetlen - 3];
 108                                 *keyid <<= 8;
 109                                 *keyid += data[offset+packetlen - 2];
 110                                 *keyid <<= 8;
 111                                 *keyid += data[offset+packetlen - 1];
 112                         }
 113                         break;
 114                 case OPENPGP_SIGSUB_NOTATION:
 115                         /*
 116                          * Annotation data.
 117                          */
 118                         break;
 119
 120                 case OPENPGP_SIGSUB_KEYSERVER:
 121                         /*
 122                          * Key server preferences. Including no-modify.
 123                          */
 124                         break;
 125                 case OPENPGP_SIGSUB_PRIMARYUID:
 126                         /*
 127                          * Primary UID.
 128                          */
 129                         break;
 130                 case OPENPGP_SIGSUB_POLICYURI:
 131                         /*
 132                          * Policy URI.
 133                          */
 134                         break;
 135                 default:
 136                         /*
 137                          * We don't care about unrecognized packets unless bit
 138                          * 7 is set in which case we log a major error.
 139                          */
 140                         if (data[offset] & 0x80) {
 141                                 logthing(LOGTHING_CRITICAL,
 142                                 "Critical subpacket type not parsed: 0x%X",
 143                                         data[offset]);
 144                         }
 145
 146                 }
 147                 offset += packetlen;
 148         }
 149
 150         return length;
 151 }
 152
 153 /**
 154  *      keysigs - Return the sigs on a given OpenPGP signature list.
 155  *      @curll: The current linked list. Can be NULL to create a new list.
 156  *      @sigs: The signature list we want the sigs on.
 157  *
 158  *      Returns a linked list of stats_key elements containing the sigs on the
 159  *      supplied OpenPGP packet list.
 160  */
 161 struct ll *keysigs(struct ll *curll,
 162                 struct openpgp_packet_list *sigs)
 163 {
 164         uint64_t keyid = 0;
 165
 166         while (sigs != NULL) {
 167                 keyid = sig_keyid(sigs->packet);
 168                 sigs = sigs->next;
 169                 curll = lladd(curll, createandaddtohash(keyid));
 170         }
 171
 172         return curll;
 173 }
 174
 175 /**
 176  *      sig_info - Get info on a given OpenPGP signature packet
 177  *      @packet: The signature packet
 178  *      @keyid: A pointer for where to return the signature keyid
 179  *      @creation: A pointer for where to return the signature creation time
 180  *
 181  *      Gets any info about a signature packet; parses the subpackets for a v4
 182  *      key or pulls the data directly from v2/3. NULL can be passed for any
 183  *      values which aren't cared about.
 184  */
 185 void sig_info(struct openpgp_packet *packet, uint64_t *keyid, time_t *creation)
 186 {
 187         int length = 0;
 188
 189         if (packet != NULL) {
 190                 switch (packet->data[0]) {
 191                 case 2:
 192                 case 3:
 193                         if (keyid != NULL) {
 194                                 *keyid = packet->data[7];
 195                                 *keyid <<= 8;
 196                                 *keyid += packet->data[8];
 197                                 *keyid <<= 8;
 198                                 *keyid += packet->data[9];
 199                                 *keyid <<= 8;
 200                                 *keyid += packet->data[10];
 201                                 *keyid <<= 8;
 202                                 *keyid += packet->data[11];
 203                                 *keyid <<= 8;
 204                                 *keyid += packet->data[12];
 205                                 *keyid <<= 8;
 206                                 *keyid += packet->data[13];
 207                                 *keyid <<= 8;
 208                                 *keyid += packet->data[14];
 209                         }
 210                         if (creation != NULL) {
 211                                 *creation = packet->data[3];
 212                                 *creation <<= 8;
 213                                 *creation = packet->data[4];
 214                                 *creation <<= 8;
 215                                 *creation = packet->data[5];
 216                                 *creation <<= 8;
 217                                 *creation = packet->data[6];
 218                         }
 219                         break;
 220                 case 4:
 221                         length = parse_subpackets(&packet->data[4],
 222                                         keyid, creation);
 223                         parse_subpackets(&packet->data[length + 4],
 224                                         keyid, creation);
 225                         /*
 226                          * Don't bother to look at the unsigned packets.
 227                          */
 228                         break;
 229                 default:
 230                         break;
 231                 }
 232         }
 233
 234         return;
 235 }
 236
 237 /**
 238  *      sig_keyid - Return the keyid for a given OpenPGP signature packet.
 239  *      @packet: The signature packet.
 240  *
 241  *      Returns the keyid for the supplied signature packet.
 242  */
 243 uint64_t sig_keyid(struct openpgp_packet *packet)
 244 {
 245         uint64_t keyid = 0;
 246
 247         sig_info(packet, &keyid, NULL);
 248
 249         return keyid;
 250 }
 251
 252
 253 /*
 254  * TODO: Abstract out; all our linked lists should be generic and then we can
 255  * llsize them.
 256  */
 257 int spsize(struct openpgp_signedpacket_list *list)
 258 {
 259         int size = 0;
 260         struct openpgp_signedpacket_list *cur;
 261
 262         for (cur = list; cur != NULL; cur = cur->next, size++) ;
 263
 264         return size;
 265 }
 266
 267 /**
 268  *      keyuids - Takes a key and returns an array of its UIDs
 269  *      @key: The key to get the uids of.
 270  *      @primary: A pointer to store the primary UID in.
 271  *
 272  *      keyuids takes a public key structure and builds an array of the UIDs
 273  *      on the key. It also attempts to work out the primary UID and returns a
 274  *      separate pointer to that particular element of the array.
 275  */
 276 char **keyuids(struct openpgp_publickey *key, char **primary)
 277 {
 278         struct openpgp_signedpacket_list *curuid = NULL;
 279         char buf[1024];
 280         char **uids = NULL;
 281         int count = 0;
 282
 283         if (primary != NULL) {
 284                 *primary = NULL;
 285         }
 286
 287         if (key != NULL && key->uids != NULL) {
 288                 uids = malloc((spsize(key->uids) + 1) * sizeof (char *));
 289
 290                 curuid = key->uids;
 291                 while (curuid != NULL) {
 292                         buf[0] = 0;
 293                         if (curuid->packet->tag == OPENPGP_PACKET_UID) {
 294                                 snprintf(buf, 1023, "%.*s",
 295                                                 (int) curuid->packet->length,
 296                                                 curuid->packet->data);
 297                                 uids[count++] = strdup(buf);
 298                         }
 299                         curuid = curuid -> next;
 300                 }
 301                 uids[count] = NULL;
 302
 303                 /*
 304                  * TODO: Parse subpackets for real primary ID (v4 keys)
 305                  */
 306                 if (primary != NULL) {
 307                         *primary = uids[0];
 308                 }
 309         }
 310
 311         return uids;
 312 }
 313
 314 /**
 315  *      keysubkeys - Takes a key and returns an array of its subkey keyids.
 316  *      @key: The key to get the subkeys of.
 317  *
 318  *      keysubkeys takes a public key structure and returns an array of the
 319  *      subkey keyids for that key.
 320  */
 321 uint64_t *keysubkeys(struct openpgp_publickey *key)
 322 {
 323         struct openpgp_signedpacket_list *cursubkey = NULL;
 324         uint64_t                         *subkeys = NULL;
 325         int                               count = 0;
 326
 327         if (key != NULL && key->subkeys != NULL) {
 328                 subkeys = malloc((spsize(key->subkeys) + 1) *
 329                                 sizeof (uint64_t));
 330                 cursubkey = key->subkeys;
 331                 while (cursubkey != NULL) {
 332                         subkeys[count++] = get_packetid(cursubkey->packet);
 333                         cursubkey = cursubkey -> next;
 334                 }
 335                 subkeys[count] = 0;
 336         }
 337
 338         return subkeys;
 339 }