2 * decodekey.c - Routines to further decode an OpenPGP key.
4 * Copyright 2002-2008 Jonathan McDowell <noodles@earth.li>
6 * This program is free software: you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the Free
8 * Software Foundation; version 2 of the License.
10 * This program is distributed in the hope that it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
15 * You should have received a copy of the GNU General Public License along with
16 * this program; if not, write to the Free Software Foundation, Inc., 51
17 * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26 #include "decodekey.h"
29 #include "keystructs.h"
35 * parse_subpackets - Parse the subpackets of a Type 4 signature.
36 * @data: The subpacket data.
37 * @keyid: A pointer to where we should return the keyid.
38 * @creationtime: A pointer to where we should return the creation time.
40 * This function parses the subkey data of a Type 4 signature and fills
41 * in the supplied variables. It also returns the length of the data
42 * processed. If the value of any piece of data is not desired a NULL
43 * can be passed instead of a pointer to a storage area for that value.
45 int parse_subpackets(unsigned char *data, uint64_t *keyid, time_t *creation)
51 log_assert(data != NULL);
53 length = (data[0] << 8) + data[1] + 2;
56 while (offset < length) {
57 packetlen = data[offset++];
58 if (packetlen > 191 && packetlen < 255) {
59 packetlen = ((packetlen - 192) << 8) +
61 } else if (packetlen == 255) {
62 packetlen = data[offset++];
64 packetlen = data[offset++];
66 packetlen = data[offset++];
68 packetlen = data[offset++];
70 switch (data[offset] & 0x7F) {
71 case OPENPGP_SIGSUB_CREATION:
73 * Signature creation time.
75 if (creation != NULL) {
76 *creation = data[offset + packetlen - 4];
78 *creation = data[offset + packetlen - 3];
80 *creation = data[offset + packetlen - 2];
82 *creation = data[offset + packetlen - 1];
86 * Signature expiration time. Might want to output this?
89 case OPENPGP_SIGSUB_ISSUER:
91 *keyid = data[offset+packetlen - 8];
93 *keyid += data[offset+packetlen - 7];
95 *keyid += data[offset+packetlen - 6];
97 *keyid += data[offset+packetlen - 5];
99 *keyid += data[offset+packetlen - 4];
101 *keyid += data[offset+packetlen - 3];
103 *keyid += data[offset+packetlen - 2];
105 *keyid += data[offset+packetlen - 1];
108 case OPENPGP_SIGSUB_EXPIRY:
109 case OPENPGP_SIGSUB_EXPORTABLE:
110 case OPENPGP_SIGSUB_TRUSTSIG:
111 case OPENPGP_SIGSUB_REGEX:
112 case OPENPGP_SIGSUB_KEYEXPIRY:
113 case OPENPGP_SIGSUB_PREFSYM:
114 case OPENPGP_SIGSUB_NOTATION:
115 case OPENPGP_SIGSUB_PREFHASH:
116 case OPENPGP_SIGSUB_PREFCOMPRESS:
117 case OPENPGP_SIGSUB_KEYSERVER:
118 case OPENPGP_SIGSUB_PRIMARYUID:
119 case OPENPGP_SIGSUB_POLICYURI:
120 case OPENPGP_SIGSUB_KEYFLAGS:
122 * Various subpacket types we know about, but don't
123 * currently handle. Some are candidates for being
124 * supported if we add signature checking support.
129 * We don't care about unrecognized packets unless bit
130 * 7 is set in which case we log a major error.
132 if (data[offset] & 0x80) {
133 logthing(LOGTHING_CRITICAL,
134 "Critical subpacket type not parsed: 0x%X",
146 * keysigs - Return the sigs on a given OpenPGP signature list.
147 * @curll: The current linked list. Can be NULL to create a new list.
148 * @sigs: The signature list we want the sigs on.
150 * Returns a linked list of stats_key elements containing the sigs on the
151 * supplied OpenPGP packet list.
153 struct ll *keysigs(struct ll *curll,
154 struct openpgp_packet_list *sigs)
158 while (sigs != NULL) {
159 keyid = sig_keyid(sigs->packet);
161 curll = lladd(curll, createandaddtohash(keyid));
168 * sig_info - Get info on a given OpenPGP signature packet
169 * @packet: The signature packet
170 * @keyid: A pointer for where to return the signature keyid
171 * @creation: A pointer for where to return the signature creation time
173 * Gets any info about a signature packet; parses the subpackets for a v4
174 * key or pulls the data directly from v2/3. NULL can be passed for any
175 * values which aren't cared about.
177 void sig_info(struct openpgp_packet *packet, uint64_t *keyid, time_t *creation)
181 if (packet != NULL) {
182 switch (packet->data[0]) {
186 *keyid = packet->data[7];
188 *keyid += packet->data[8];
190 *keyid += packet->data[9];
192 *keyid += packet->data[10];
194 *keyid += packet->data[11];
196 *keyid += packet->data[12];
198 *keyid += packet->data[13];
200 *keyid += packet->data[14];
202 if (creation != NULL) {
203 *creation = packet->data[3];
205 *creation = packet->data[4];
207 *creation = packet->data[5];
209 *creation = packet->data[6];
213 length = parse_subpackets(&packet->data[4],
215 parse_subpackets(&packet->data[length + 4],
218 * Don't bother to look at the unsigned packets.
230 * sig_keyid - Return the keyid for a given OpenPGP signature packet.
231 * @packet: The signature packet.
233 * Returns the keyid for the supplied signature packet.
235 uint64_t sig_keyid(struct openpgp_packet *packet)
239 sig_info(packet, &keyid, NULL);
246 * TODO: Abstract out; all our linked lists should be generic and then we can
249 int spsize(struct openpgp_signedpacket_list *list)
252 struct openpgp_signedpacket_list *cur;
254 for (cur = list; cur != NULL; cur = cur->next, size++) ;
260 * keyuids - Takes a key and returns an array of its UIDs
261 * @key: The key to get the uids of.
262 * @primary: A pointer to store the primary UID in.
264 * keyuids takes a public key structure and builds an array of the UIDs
265 * on the key. It also attempts to work out the primary UID and returns a
266 * separate pointer to that particular element of the array.
268 char **keyuids(struct openpgp_publickey *key, char **primary)
270 struct openpgp_signedpacket_list *curuid = NULL;
275 if (primary != NULL) {
279 if (key != NULL && key->uids != NULL) {
280 uids = malloc((spsize(key->uids) + 1) * sizeof (char *));
283 while (curuid != NULL) {
285 if (curuid->packet->tag == OPENPGP_PACKET_UID) {
286 snprintf(buf, 1023, "%.*s",
287 (int) curuid->packet->length,
288 curuid->packet->data);
289 uids[count++] = strdup(buf);
291 curuid = curuid -> next;
296 * TODO: Parse subpackets for real primary ID (v4 keys)
298 if (primary != NULL) {
307 * keysubkeys - Takes a key and returns an array of its subkey keyids.
308 * @key: The key to get the subkeys of.
310 * keysubkeys takes a public key structure and returns an array of the
311 * subkey keyids for that key.
313 uint64_t *keysubkeys(struct openpgp_publickey *key)
315 struct openpgp_signedpacket_list *cursubkey = NULL;
316 uint64_t *subkeys = NULL;
319 if (key != NULL && key->subkeys != NULL) {
320 subkeys = malloc((spsize(key->subkeys) + 1) *
322 cursubkey = key->subkeys;
323 while (cursubkey != NULL) {
324 get_packetid(cursubkey->packet, &subkeys[count++]);
325 cursubkey = cursubkey -> next;