]> git.sommitrealweird.co.uk Git - onak.git/blob - decodekey.c
Switch debian build system to dh
[onak.git] / decodekey.c
1 /*
2  * decodekey.c - Routines to further decode an OpenPGP key.
3  *
4  * Copyright 2002-2008 Jonathan McDowell <noodles@earth.li>
5  *
6  * This program is free software: you can redistribute it and/or modify it
7  * under the terms of the GNU General Public License as published by the Free
8  * Software Foundation; version 2 of the License.
9  *
10  * This program is distributed in the hope that it will be useful, but WITHOUT
11  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12  * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
13  * more details.
14  *
15  * You should have received a copy of the GNU General Public License along with
16  * this program; if not, write to the Free Software Foundation, Inc., 51
17  * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18  */
19
20 #include <stdbool.h>
21 #include <stdio.h>
22 #include <stdlib.h>
23 #include <string.h>
24 #include <time.h>
25
26 #include "decodekey.h"
27 #include "hash.h"
28 #include "keyid.h"
29 #include "keystructs.h"
30 #include "ll.h"
31 #include "log.h"
32 #include "openpgp.h"
33
34 /*
35  *      parse_subpackets - Parse the subpackets of a Type 4 signature.
36  *      @data: The subpacket data.
37  *      @keyid: A pointer to where we should return the keyid.
38  *      @creationtime: A pointer to where we should return the creation time.
39  *
40  *      This function parses the subkey data of a Type 4 signature and fills
41  *      in the supplied variables. It also returns the length of the data
42  *      processed. If the value of any piece of data is not desired a NULL
43  *      can be passed instead of a pointer to a storage area for that value.
44  */
45 int parse_subpackets(unsigned char *data, uint64_t *keyid, time_t *creation)
46 {
47         int offset = 0;
48         int length = 0;
49         int packetlen = 0;
50
51         log_assert(data != NULL);
52
53         length = (data[0] << 8) + data[1] + 2;
54
55         offset = 2;
56         while (offset < length) {
57                 packetlen = data[offset++];
58                 if (packetlen > 191 && packetlen < 255) {
59                         packetlen = ((packetlen - 192) << 8) +
60                                         data[offset++] + 192;
61                 } else if (packetlen == 255) {
62                         packetlen = data[offset++];
63                         packetlen <<= 8;
64                         packetlen = data[offset++];
65                         packetlen <<= 8;
66                         packetlen = data[offset++];
67                         packetlen <<= 8;
68                         packetlen = data[offset++];
69                 }
70                 switch (data[offset] & 0x7F) {
71                 case OPENPGP_SIGSUB_CREATION:
72                         /*
73                          * Signature creation time.
74                          */
75                         if (creation != NULL) {
76                                 *creation = data[offset + packetlen - 4];
77                                 *creation <<= 8;
78                                 *creation = data[offset + packetlen - 3];
79                                 *creation <<= 8;
80                                 *creation = data[offset + packetlen - 2];
81                                 *creation <<= 8;
82                                 *creation = data[offset + packetlen - 1];
83                         }
84                         break;
85                         /*
86                          * Signature expiration time. Might want to output this?
87                          */
88                         break;
89                 case OPENPGP_SIGSUB_ISSUER:
90                         if (keyid != NULL) {
91                                 *keyid = data[offset+packetlen - 8];
92                                 *keyid <<= 8;
93                                 *keyid += data[offset+packetlen - 7];
94                                 *keyid <<= 8;
95                                 *keyid += data[offset+packetlen - 6];
96                                 *keyid <<= 8;
97                                 *keyid += data[offset+packetlen - 5];
98                                 *keyid <<= 8;
99                                 *keyid += data[offset+packetlen - 4];
100                                 *keyid <<= 8;
101                                 *keyid += data[offset+packetlen - 3];
102                                 *keyid <<= 8;
103                                 *keyid += data[offset+packetlen - 2];
104                                 *keyid <<= 8;
105                                 *keyid += data[offset+packetlen - 1];
106                         }
107                         break;
108                 case OPENPGP_SIGSUB_EXPIRY:
109                 case OPENPGP_SIGSUB_EXPORTABLE:
110                 case OPENPGP_SIGSUB_TRUSTSIG:
111                 case OPENPGP_SIGSUB_REGEX:
112                 case OPENPGP_SIGSUB_KEYEXPIRY:
113                 case OPENPGP_SIGSUB_PREFSYM:
114                 case OPENPGP_SIGSUB_NOTATION:
115                 case OPENPGP_SIGSUB_PREFHASH:
116                 case OPENPGP_SIGSUB_PREFCOMPRESS:
117                 case OPENPGP_SIGSUB_KEYSERVER:
118                 case OPENPGP_SIGSUB_PRIMARYUID:
119                 case OPENPGP_SIGSUB_POLICYURI:
120                 case OPENPGP_SIGSUB_KEYFLAGS:
121                         /*
122                          * Various subpacket types we know about, but don't
123                          * currently handle. Some are candidates for being
124                          * supported if we add signature checking support.
125                          */
126                         break;
127                 default:
128                         /*
129                          * We don't care about unrecognized packets unless bit
130                          * 7 is set in which case we log a major error.
131                          */
132                         if (data[offset] & 0x80) {
133                                 logthing(LOGTHING_CRITICAL,
134                                 "Critical subpacket type not parsed: 0x%X",
135                                         data[offset]);
136                         }
137                                 
138                 }
139                 offset += packetlen;
140         }
141
142         return length;
143 }
144
145 /**
146  *      keysigs - Return the sigs on a given OpenPGP signature list.
147  *      @curll: The current linked list. Can be NULL to create a new list.
148  *      @sigs: The signature list we want the sigs on.
149  *
150  *      Returns a linked list of stats_key elements containing the sigs on the
151  *      supplied OpenPGP packet list.
152  */
153 struct ll *keysigs(struct ll *curll,
154                 struct openpgp_packet_list *sigs)
155 {
156         uint64_t keyid = 0;
157         
158         while (sigs != NULL) {
159                 keyid = sig_keyid(sigs->packet);
160                 sigs = sigs->next;
161                 curll = lladd(curll, createandaddtohash(keyid));
162         }
163
164         return curll;
165 }
166
167 /**
168  *      sig_info - Get info on a given OpenPGP signature packet
169  *      @packet: The signature packet
170  *      @keyid: A pointer for where to return the signature keyid
171  *      @creation: A pointer for where to return the signature creation time
172  *
173  *      Gets any info about a signature packet; parses the subpackets for a v4
174  *      key or pulls the data directly from v2/3. NULL can be passed for any
175  *      values which aren't cared about.
176  */
177 void sig_info(struct openpgp_packet *packet, uint64_t *keyid, time_t *creation)
178 {
179         int length = 0;
180         
181         if (packet != NULL) {
182                 switch (packet->data[0]) {
183                 case 2:
184                 case 3:
185                         if (keyid != NULL) {
186                                 *keyid = packet->data[7];
187                                 *keyid <<= 8;
188                                 *keyid += packet->data[8];
189                                 *keyid <<= 8;
190                                 *keyid += packet->data[9];
191                                 *keyid <<= 8;
192                                 *keyid += packet->data[10];
193                                 *keyid <<= 8;
194                                 *keyid += packet->data[11];
195                                 *keyid <<= 8;
196                                 *keyid += packet->data[12];
197                                 *keyid <<= 8;
198                                 *keyid += packet->data[13];
199                                 *keyid <<= 8;
200                                 *keyid += packet->data[14];
201                         }
202                         if (creation != NULL) {
203                                 *creation = packet->data[3];
204                                 *creation <<= 8;
205                                 *creation = packet->data[4];
206                                 *creation <<= 8;
207                                 *creation = packet->data[5];
208                                 *creation <<= 8;
209                                 *creation = packet->data[6];
210                         }
211                         break;
212                 case 4:
213                         length = parse_subpackets(&packet->data[4],
214                                         keyid, creation);
215                         parse_subpackets(&packet->data[length + 4],
216                                         keyid, creation);
217                         /*
218                          * Don't bother to look at the unsigned packets.
219                          */
220                         break;
221                 default:
222                         break;
223                 }
224         }
225
226         return;
227 }
228
229 /**
230  *      sig_keyid - Return the keyid for a given OpenPGP signature packet.
231  *      @packet: The signature packet.
232  *
233  *      Returns the keyid for the supplied signature packet.
234  */
235 uint64_t sig_keyid(struct openpgp_packet *packet)
236 {
237         uint64_t keyid = 0;
238
239         sig_info(packet, &keyid, NULL);
240
241         return keyid;
242 }
243
244
245 /*
246  * TODO: Abstract out; all our linked lists should be generic and then we can
247  * llsize them.
248  */
249 int spsize(struct openpgp_signedpacket_list *list)
250 {
251         int size = 0;
252         struct openpgp_signedpacket_list *cur;
253
254         for (cur = list; cur != NULL; cur = cur->next, size++) ;
255
256         return size;
257 }
258
259 /**
260  *      keyuids - Takes a key and returns an array of its UIDs
261  *      @key: The key to get the uids of.
262  *      @primary: A pointer to store the primary UID in.
263  *
264  *      keyuids takes a public key structure and builds an array of the UIDs 
265  *      on the key. It also attempts to work out the primary UID and returns a
266  *      separate pointer to that particular element of the array.
267  */
268 char **keyuids(struct openpgp_publickey *key, char **primary)
269 {
270         struct openpgp_signedpacket_list *curuid = NULL;
271         char buf[1024];
272         char **uids = NULL;
273         int count = 0;
274         
275         if (primary != NULL) {
276                 *primary = NULL;
277         }
278
279         if (key != NULL && key->uids != NULL) {
280                 uids = malloc((spsize(key->uids) + 1) * sizeof (char *));
281         
282                 curuid = key->uids;
283                 while (curuid != NULL) {
284                         buf[0] = 0;
285                         if (curuid->packet->tag == OPENPGP_PACKET_UID) {
286                                 snprintf(buf, 1023, "%.*s",
287                                                 (int) curuid->packet->length,
288                                                 curuid->packet->data);
289                                 uids[count++] = strdup(buf);
290                         }
291                         curuid = curuid -> next;
292                 }
293                 uids[count] = NULL;
294
295                 /*
296                  * TODO: Parse subpackets for real primary ID (v4 keys)
297                  */
298                 if (primary != NULL) {
299                         *primary = uids[0];
300                 }
301         }
302
303         return uids;
304 }
305
306 /**
307  *      keysubkeys - Takes a key and returns an array of its subkey keyids.
308  *      @key: The key to get the subkeys of.
309  *
310  *      keysubkeys takes a public key structure and returns an array of the
311  *      subkey keyids for that key.
312  */
313 uint64_t *keysubkeys(struct openpgp_publickey *key)
314 {
315         struct openpgp_signedpacket_list *cursubkey = NULL;
316         uint64_t                         *subkeys = NULL;
317         int                               count = 0;
318
319         if (key != NULL && key->subkeys != NULL) {
320                 subkeys = malloc((spsize(key->subkeys) + 1) *
321                                 sizeof (uint64_t));
322                 cursubkey = key->subkeys;
323                 while (cursubkey != NULL) {
324                         get_packetid(cursubkey->packet, &subkeys[count++]);
325                         cursubkey = cursubkey -> next;
326                 }
327                 subkeys[count] = 0;
328         }
329
330         return subkeys;
331 }