/*
* merge.c - Routines to merge OpenPGP public keys.
*
- * Jonathan McDowell <noodles@earth.li>
+ * Copyright 2002-2005,2007,2011 Jonathan McDowell <noodles@earth.li>
*
- * Copyright 2002 Project Purple
+ * This program is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program; if not, write to the Free Software Foundation, Inc., 51
+ * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
-#include <assert.h>
#include <stdio.h>
#include <stdlib.h>
+#include <string.h>
+#include "decodekey.h"
+#include "keydb.h"
#include "keyid.h"
#include "keystructs.h"
#include "ll.h"
+#include "log.h"
#include "mem.h"
#include "merge.h"
/**
* compare_packets - Check to see if 2 OpenPGP packets are the same.
- * @a: The first key to compare.
- * @b: The second key to compare.
+ * @a: The first packet to compare.
+ * @b: The second packet to compare.
*
- * Takes 2 keys and returns true if they are the same and false otherwise.
+ * Takes 2 packets and returns 0 if they are the same, -1 if a is
+ * less than b, or 1 if a is greater than b.
*/
-bool compare_packets(struct openpgp_packet *a, struct openpgp_packet *b)
+int compare_packets(struct openpgp_packet *a, struct openpgp_packet *b)
{
- return (a->tag == b->tag && a->length == b->length &&
- !memcmp(a->data, b->data, b->length));
+ int ret, len;
+
+ if (a->tag > b->tag) {
+ ret = 1;
+ } else if (b->tag > a->tag) {
+ ret = -1;
+ } else {
+ len = (a->length < b->length) ? a->length : b->length;
+ ret = memcmp(a->data, b->data, len);
+ if (ret == 0 && a->length != b->length) {
+ ret = (a->length < b->length) ? -1 : 1;
+ }
+ }
+
+ return ret;
+}
+
+/**
+ * compare_signatures - Check to see if 2 OpenPGP signatures are the same.
+ * @a: The first signature to compare.
+ * @b: The second signature to compare.
+ *
+ * Takes 2 signature packets and returns true if they are the same and
+ * false otherwise.
+ */
+bool compare_signatures(struct openpgp_packet *a, struct openpgp_packet *b)
+{
+ uint64_t a_keyid, b_keyid;
+ time_t a_creation, b_creation;
+
+ if (a->data[0] != b->data[0]) {
+ /* Different signature versions, so not the same */
+ return false;
+ } else if (a->data[0] == 4 && a->data[1] != b->data[1]) {
+ /* Type 4 signature, but different types */
+ return false;
+ } else {
+ sig_info(a, &a_keyid, &a_creation);
+ sig_info(b, &b_keyid, &b_creation);
+ return (a_creation == b_creation) && (a_keyid == b_keyid);
+ }
}
/**
bool found = false;
while (!found && packet_list != NULL) {
- if (compare_packets(packet_list->packet, packet)) {
+ if (compare_packets(packet_list->packet, packet) == 0) {
found = true;
}
packet_list = packet_list -> next;
return found;
}
+/**
+ * find_signature - Checks to see if an OpenPGP signature exists in a list.
+ * @packet_list: The list of packets to look in.
+ * @packet: The signature to look for.
+ *
+ * Walks through the packet_list checking to see if the signature given is
+ * present in it. Returns a pointer to it if it is, NULL otherwise.
+ *
+ */
+struct openpgp_packet_list *find_signature(
+ struct openpgp_packet_list *packet_list,
+ struct openpgp_packet *packet)
+{
+ struct openpgp_packet_list *found = NULL;
+
+ while (!found && packet_list != NULL) {
+ if (compare_signatures(packet_list->packet, packet)) {
+ found = packet_list;
+ }
+ packet_list = packet_list -> next;
+ }
+
+ return found;
+}
+
/**
* get_signed_packet - Gets a signed packet from a list.
* @packet_list: The list of packets to look in.
struct openpgp_signedpacket_list *found = NULL;
while (found == NULL && packet_list != NULL) {
- if (compare_packets(packet_list->packet, packet)) {
+ if (compare_packets(packet_list->packet, packet) == 0) {
found = packet_list;
}
packet_list = packet_list -> next;
bool found = false;
for (cur = *packet_list; !found && (cur != NULL); cur = cur->next) {
- if (compare_packets(cur->packet, packet)) {
+ if (compare_packets(cur->packet, packet) == 0) {
found = true;
if (prev == NULL) {
*packet_list = cur->next;
if (cur->next == NULL) {
*list_end = prev;
}
+ /*
+ * TODO: Free the removed signed packet...
+ */
}
+ prev = cur;
}
return found;
struct openpgp_packet_list *curpacket = NULL;
struct openpgp_packet_list *nextpacket = NULL;
- assert(compare_packets(old->packet, new->packet));
+ log_assert(compare_packets(old->packet, new->packet) == 0);
curpacket = new->sigs;
while (curpacket != NULL) {
nextpacket = curpacket->next;
- if (find_packet(old->sigs, curpacket->packet)) {
+ /*
+ * TODO: We should be checking the signature and then
+ * potentially merging/replacing it depending on the subpackets
+ * really. For now this stops us adding the same one twice
+ * however.
+ */
+ if (find_signature(old->sigs, curpacket->packet)) {
/*
* We already have this sig, remove it from the
* difference list and free the memory allocated for
if (lastpacket != NULL) {
lastpacket->next = curpacket->next;
} else {
- assert(curpacket == new->sigs);
+ log_assert(curpacket == new->sigs);
new->sigs = curpacket->next;
}
curpacket->next = NULL;
if (newelem->sigs == NULL) {
remove_signed_packet(new,
new_end,
- curelem->packet);
+ newelem->packet);
}
}
}
/*
- * If *new != NULL now then there are UIDs on the new key that weren't
- * on the old key. Add them.
+ * If *new != NULL now then there might be UIDs on the new key that
+ * weren't on the old key. Walk through them, checking if the UID is
+ * on the old key and if not adding them to it.
*/
for (curelem = *new; curelem != NULL;
curelem = curelem->next) {
- ADD_PACKET_TO_LIST((*old_end),
+
+ if (find_signed_packet(*old, curelem->packet) == NULL) {
+ ADD_PACKET_TO_LIST((*old_end),
packet_dup(curelem->packet));
- if (*old == NULL) {
- *old = *old_end;
- }
- packet_list_add(&(*old_end)->sigs,
+ if (*old == NULL) {
+ *old = *old_end;
+ }
+ packet_list_add(&(*old_end)->sigs,
&(*old_end)->last_sig,
curelem->sigs);
+ }
}
return 0;
struct openpgp_packet_list *curpacket = NULL;
struct openpgp_packet_list *lastpacket = NULL;
struct openpgp_packet_list *nextpacket = NULL;
+ uint64_t keya, keyb;
if (a == NULL || b == NULL) {
/*
* Do nothing.
*/
- rc = 1;
- } else if (get_keyid(a) != get_keyid(b)) {
+ return 1;
+ }
+
+ if (get_keyid(a, &keya) != ONAK_E_OK) {
+ return 1;
+ } else if (get_keyid(b, &keyb) != ONAK_E_OK) {
+ return 1;
+ } else if (keya != keyb) {
/*
* Key IDs are different.
*/
/*
* Key IDs are the same, so I guess we have to merge them.
*/
- curpacket = b->revocations;
+ curpacket = b->sigs;
while (curpacket != NULL) {
nextpacket = curpacket->next;
- if (find_packet(a->revocations, curpacket->packet)) {
+ if (find_packet(a->sigs, curpacket->packet)) {
/*
- * We already have this revocation, remove it
+ * We already have this signature, remove it
* from the difference list and free the memory
* allocated for it.
*/
if (lastpacket != NULL) {
lastpacket->next = curpacket->next;
} else {
- assert(curpacket == b->revocations);
- b->revocations = curpacket->next;
+ log_assert(curpacket == b->sigs);
+ b->sigs = curpacket->next;
}
curpacket->next = NULL;
free_packet_list(curpacket);
}
curpacket = nextpacket;
}
- b->last_revocation = lastpacket;
+ b->last_sig = lastpacket;
/*
- * Anything left on b->revocations doesn't exist on
- * a->revocations, so add them to the list.
+ * Anything left on b->sigs doesn't exist on
+ * a->sigs, so add them to the list.
*/
- packet_list_add(&a->revocations,
- &a->last_revocation,
- b->revocations);
+ packet_list_add(&a->sigs,
+ &a->last_sig,
+ b->sigs);
/*
* Merge uids (signed list).
*/
merge_signed_packets(&a->uids, &a->last_uid,
&b->uids, &b->last_uid);
- merge_signed_packets(&a->subkeys, &a->last_uid,
+ merge_signed_packets(&a->subkeys, &a->last_subkey,
&b->subkeys, &b->last_subkey);
}
+ /*
+ * If either key was revoked, make sure both the new ones are marked as
+ * being so.
+ */
+ if (a->revoked || b->revoked) {
+ a->revoked = b->revoked = true;
+ }
+
return rc;
}