]> git.sommitrealweird.co.uk Git - onak.git/blobdiff - keyindex.c
Switch debian build system to dh
[onak.git] / keyindex.c
index a7218b218557af5689cb9e57bfe26c8836e2e41b..46e778c21b3822f6a48e7228e93a641461849843 100644 (file)
@@ -1,53 +1,77 @@
 /*
  * keyindex.c - Routines to list an OpenPGP key.
  *
- * Jonathan McDowell <noodles@earth.li>
+ * Copyright 2002-2008 Jonathan McDowell <noodles@earth.li>
  *
- * Copyright 2002 Project Purple
+ * This program is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program; if not, write to the Free Software Foundation, Inc., 51
+ * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
  */
 
-#include <assert.h>
+#include <inttypes.h>
 #include <stdbool.h>
 #include <stdio.h>
-#include <stdint.h>
 #include <stdlib.h>
 #include <string.h>
 #include <time.h>
 
+#include "decodekey.h"
 #include "getcgi.h"
 #include "hash.h"
 #include "keydb.h"
 #include "keyid.h"
 #include "keyindex.h"
 #include "keystructs.h"
-#include "ll.h"
-#include "stats.h"
+#include "log.h"
+#include "onak.h"
+#include "onak-conf.h"
+#include "openpgp.h"
 
 int list_sigs(struct openpgp_packet_list *sigs, bool html)
 {
-       int length = 0;
        char *uid = NULL;
        uint64_t sigid = 0;
+       char *sig = NULL;
 
        while (sigs != NULL) {
                sigid = sig_keyid(sigs->packet);
-               uid = keyid2uid(sigid);
+               uid = config.dbbackend->keyid2uid(sigid);
+               if (sigs->packet->data[0] == 4 &&
+                               sigs->packet->data[1] == 0x30) {
+                       /* It's a Type 4 sig revocation */
+                       sig = "rev";
+               } else {
+                       sig = "sig";
+               }
                if (html && uid != NULL) {
-                       printf("sig         <a href=\"lookup?op=get&"
-                               "search=%08llX\">%08llX</a>             "
-                               "<a href=\"lookup?op=vindex&search=0x%08llX\">"
-                               "%s</a>\n",
-                               sigid & 0xFFFFFFFF,
-                               sigid & 0xFFFFFFFF,
+                       printf("%s         <a href=\"lookup?op=get&"
+                               "search=0x%016" PRIX64 "\">%08" PRIX64
+                               "</a>             "
+                               "<a href=\"lookup?op=vindex&search=0x%016"
+                               PRIX64 "\">%s</a>\n",
+                               sig,
+                               sigid,
                                sigid & 0xFFFFFFFF,
+                               sigid,
                                txt2html(uid));
                } else if (html && uid == NULL) {
-                       printf("sig         %08llX             "
+                       printf("%s         %08" PRIX64 "             "
                                "[User id not found]\n",
+                               sig,
                                sigid & 0xFFFFFFFF);
                } else {
-                       printf("sig         %08llX"
+                       printf("%s         %08" PRIX64
                                "             %s\n",
+                               sig,
                                sigid & 0xFFFFFFFF,
                                (uid != NULL) ? uid :
                                "[User id not found]");
@@ -62,20 +86,31 @@ int list_sigs(struct openpgp_packet_list *sigs, bool html)
        return 0;
 }
 
-int list_uids(struct openpgp_signedpacket_list *uids, bool verbose, bool html)
+int list_uids(uint64_t keyid, struct openpgp_signedpacket_list *uids,
+               bool verbose, bool html)
 {
        char buf[1024];
+       int  imgindx = 0;
 
        while (uids != NULL) {
-               if (uids->packet->tag == 13) {
+               if (uids->packet->tag == OPENPGP_PACKET_UID) {
                        snprintf(buf, 1023, "%.*s",
                                (int) uids->packet->length,
                                uids->packet->data);
-                       printf("uid                             %s\n",
+                       printf("                                %s\n",
                                (html) ? txt2html(buf) : buf);
-               } else if (uids->packet->tag == 17) {
-                       printf("uid                             "
-                               "[photo id]\n");
+               } else if (uids->packet->tag == OPENPGP_PACKET_UAT) {
+                       printf("                                ");
+                       if (html) {
+                               printf("<img src=\"lookup?op=photo&search="
+                                       "0x%016" PRIX64 "&idx=%d\" alt=\""
+                                       "[photo id]\">\n",
+                                       keyid,
+                                       imgindx);
+                               imgindx++;
+                       } else {
+                               printf("[photo id]\n");
+                       }
                }
                if (verbose) {
                        list_sigs(uids->sigs, html);
@@ -86,6 +121,115 @@ int list_uids(struct openpgp_signedpacket_list *uids, bool verbose, bool html)
        return 0;
 }
 
+int list_subkeys(struct openpgp_signedpacket_list *subkeys, bool verbose,
+               bool html)
+{
+       struct tm       *created = NULL;
+       time_t          created_time = 0;
+       int             type = 0;
+       int             length = 0;
+       uint64_t        keyid = 0;
+
+       while (subkeys != NULL) {
+               if (subkeys->packet->tag == OPENPGP_PACKET_PUBLICSUBKEY) {
+
+                       created_time = (subkeys->packet->data[1] << 24) +
+                                       (subkeys->packet->data[2] << 16) +
+                                       (subkeys->packet->data[3] << 8) +
+                                       subkeys->packet->data[4];
+                       created = gmtime(&created_time);
+
+                       switch (subkeys->packet->data[0]) {
+                       case 2:
+                       case 3:
+                               type = subkeys->packet->data[7];
+                               length = (subkeys->packet->data[8] << 8) +
+                                       subkeys->packet->data[9];
+                               break;
+                       case 4:
+                               type = subkeys->packet->data[5];
+                               length = (subkeys->packet->data[6] << 8) +
+                                       subkeys->packet->data[7];
+                               break;
+                       default:
+                               logthing(LOGTHING_ERROR,
+                                       "Unknown key type: %d",
+                                       subkeys->packet->data[0]);
+                       }
+
+                       if (get_packetid(subkeys->packet,
+                                       &keyid) != ONAK_E_OK) {
+                               logthing(LOGTHING_ERROR, "Couldn't get keyid.");
+                       }
+                       printf("sub  %5d%c/%08X %04d/%02d/%02d\n",
+                               length,
+                               (type == OPENPGP_PKALGO_RSA) ? 'R' :
+                               ((type == OPENPGP_PKALGO_ELGAMAL_ENC) ? 'g' :
+                               ((type == OPENPGP_PKALGO_DSA) ? 'D' : '?')),
+                               (uint32_t) (keyid & 0xFFFFFFFF),
+                               created->tm_year + 1900,
+                               created->tm_mon + 1,
+                               created->tm_mday);
+
+               }
+               if (verbose) {
+                       list_sigs(subkeys->sigs, html);
+               }
+               subkeys = subkeys->next;
+       }
+
+       return 0;
+}
+
+void display_fingerprint(struct openpgp_publickey *key)
+{
+       int             i = 0;
+       size_t          length = 0;
+       unsigned char   fp[20];
+
+       get_fingerprint(key->publickey, fp, &length);
+       printf("      Key fingerprint =");
+       for (i = 0; i < length; i++) {
+               if ((length == 16) ||
+                       (i % 2 == 0)) {
+                       printf(" ");
+               }
+               if (length == 20 && (i * 2) == length) {
+                       /* Extra space in the middle of a SHA1 fingerprint */
+                       printf(" ");
+               }
+               printf("%02X", fp[i]);
+       }
+       printf("\n");
+
+       return;
+}
+
+void display_skshash(struct openpgp_publickey *key, bool html)
+{
+       int             i = 0;
+       struct skshash  hash;
+
+       get_skshash(key, &hash);
+       printf("      Key hash = ");
+       if (html) {
+               printf("<a href=\"lookup?op=hget&search=");
+               for (i = 0; i < sizeof(hash.hash); i++) {
+                       printf("%02X", hash.hash[i]);
+               }
+               printf("\">");
+       }
+       for (i = 0; i < sizeof(hash.hash); i++) {
+               printf("%02X", hash.hash[i]);
+       }
+       if (html) {
+               printf("</a>");
+       }
+       printf("\n");
+
+       return;
+}
+
 /**
  *     key_index - List a set of OpenPGP keys.
  *     @keys: The keys to display.
@@ -97,14 +241,16 @@ int list_uids(struct openpgp_signedpacket_list *uids, bool verbose, bool html)
  *     of them. Useful for debugging or the keyserver Index function.
  */
 int key_index(struct openpgp_publickey *keys, bool verbose, bool fingerprint,
-                       bool html)
+                       bool skshash, bool html)
 {
        struct openpgp_signedpacket_list        *curuid = NULL;
        struct tm                               *created = NULL;
        time_t                                   created_time = 0;
        int                                      type = 0;
+       char                                     typech;
        int                                      length = 0;
        char                                     buf[1024];
+       uint64_t                                 keyid;
 
        if (html) {
                puts("<pre>");
@@ -130,35 +276,90 @@ int key_index(struct openpgp_publickey *keys, bool verbose, bool fingerprint,
                                        keys->publickey->data[7];
                        break;
                default:
-                       fprintf(stderr, "Unknown key type: %d\n",
+                       logthing(LOGTHING_ERROR, "Unknown key type: %d",
                                keys->publickey->data[0]);
                }
                
-               printf("pub  %5d%c/%08X %04d/%02d/%02d ",
-                       length,
-                       (type == 1) ? 'R' : ((type == 17) ? 'D' : '?'),
-                       (uint32_t) (get_keyid(keys) & 0xFFFFFFFF),
-                       created->tm_year + 1900,
-                       created->tm_mon + 1,
-                       created->tm_mday);
+               if (get_keyid(keys, &keyid) != ONAK_E_OK) {
+                       logthing(LOGTHING_ERROR, "Couldn't get keyid.");
+               }
+
+               switch (type) {
+               case OPENPGP_PKALGO_RSA:
+                       typech = 'R';
+                       break;
+               case OPENPGP_PKALGO_ELGAMAL_ENC:
+                       typech = 'g';
+                       break;
+               case OPENPGP_PKALGO_DSA:
+                       typech = 'D';
+                       break;
+               case OPENPGP_PKALGO_ELGAMAL_SIGN:
+                       typech = 'G';
+                       break;
+               default:
+                       typech = '?';
+                       break;
+               }
+
+               if (html) {
+                       printf("pub  %5d%c/<a href=\"lookup?op=get&"
+                               "search=0x%016" PRIX64 "\">%08" PRIX64
+                               "</a> %04d/%02d/%02d ",
+                               length,
+                               typech,
+                               keyid,
+                               keyid & 0xFFFFFFFF,
+                               created->tm_year + 1900,
+                               created->tm_mon + 1,
+                               created->tm_mday);
+               } else {
+                       printf("pub  %5d%c/%08" PRIX64 " %04d/%02d/%02d ",
+                               length,
+                               typech,
+                               keyid & 0xFFFFFFFF,
+                               created->tm_year + 1900,
+                               created->tm_mon + 1,
+                               created->tm_mday);
+               }
 
                curuid = keys->uids;
-               if (curuid != NULL && curuid->packet->tag == 13) {
+               if (curuid != NULL &&
+                               curuid->packet->tag == OPENPGP_PACKET_UID) {
                        snprintf(buf, 1023, "%.*s",
                                (int) curuid->packet->length,
                                curuid->packet->data);
-                       printf("%s\n", (html) ? txt2html(buf) : buf);
+                       if (html) {
+                               printf("<a href=\"lookup?op=vindex&"
+                                       "search=0x%016" PRIX64 "\">",
+                                       keyid);
+                       }
+                       printf("%s%s%s\n", 
+                               (html) ? txt2html(buf) : buf,
+                               (html) ? "</a>" : "",
+                               (keys->revoked) ? " *** REVOKED ***" : "");
+                       if (skshash) {
+                               display_skshash(keys, html);
+                       }
+                       if (fingerprint) {
+                               display_fingerprint(keys);
+                       }
                        if (verbose) {
                                list_sigs(curuid->sigs, html);
                        }
                        curuid = curuid->next;
                } else {
-                       putchar('\n');
+                       printf("%s\n", 
+                               (keys->revoked) ? "*** REVOKED ***": "");
+                       if (fingerprint) {
+                               display_fingerprint(keys);
+                       }
                }
 
-               list_uids(curuid, verbose, html);
-
-               //TODO: List subkeys.
+               list_uids(keyid, curuid, verbose, html);
+               if (verbose) {
+                       list_subkeys(keys->subkeys, verbose, html);
+               }
 
                keys = keys->next;
        }
@@ -170,215 +371,87 @@ int key_index(struct openpgp_publickey *keys, bool verbose, bool fingerprint,
        return 0;
 }
 
-/*
- *     parse_subpackets - Parse the subpackets of a Type 4 signature.
- *     @data: The subpacket data.
- *      @keyid: A pointer to where we should return the keyid.
- *
- *     This function parses the subkey data of a Type 4 signature and fills
- *     in the supplied variables. It also returns the length of the data
- *     processed.
- */
-int parse_subpackets(unsigned char *data, uint64_t *keyid)
-{
-       int offset = 0;
-       int length = 0;
-       int packetlen = 0;
-
-       assert(data != NULL);
-
-       length = (data[0] << 8) + data[1] + 2;
-
-       offset = 2;
-       while (offset < length) {
-               packetlen = data[offset++];
-               if (packetlen > 191 && packetlen < 255) {
-                       packetlen = ((packetlen - 192) << 8) +
-                                       data[offset++] + 192;
-               } else if (packetlen == 255) {
-                       packetlen = data[offset++];
-                       packetlen <<= 8;
-                       packetlen = data[offset++];
-                       packetlen <<= 8;
-                       packetlen = data[offset++];
-                       packetlen <<= 8;
-                       packetlen = data[offset++];
-               }
-               switch (data[offset]) {
-               case 2:
-                       /*
-                        * Signature creation time. Might want to output this?
-                        */
-                       break;
-               case 0x83:
-                       /*
-                        * Signature expiration time. Might want to output this?
-                        */
-                       break;
-               case 16:
-                       *keyid = data[offset+packetlen - 8];
-                       *keyid <<= 8;
-                       *keyid += data[offset+packetlen - 7];
-                       *keyid <<= 8;
-                       *keyid += data[offset+packetlen - 6];
-                       *keyid <<= 8;
-                       *keyid += data[offset+packetlen - 5];
-                       *keyid <<= 8;
-                       *keyid += data[offset+packetlen - 4];
-                       *keyid <<= 8;
-                       *keyid += data[offset+packetlen - 3];
-                       *keyid <<= 8;
-                       *keyid += data[offset+packetlen - 2];
-                       *keyid <<= 8;
-                       *keyid += data[offset+packetlen - 1];
-                       break;
-               case 23:
-                       /*
-                        * Key server preferences. Including no-modify.
-                        */
-                       break;
-               case 25:
-                       /*
-                        * Primary UID.
-                        */
-                       break;
-               default:
-                       /*
-                        * We don't care about unrecognized packets unless bit
-                        * 7 is set in which case we prefer an error than
-                        * ignoring it.
-                        */
-                       assert(!(data[offset] & 0x80));
-               }
-               offset += packetlen;
-       }
-
-       return length;
-}
-
 /**
- *     keysigs - Return the sigs on a given OpenPGP signature list.
- *     @curll: The current linked list. Can be NULL to create a new list.
- *     @sigs: The signature list we want the sigs on.
+ *     mrkey_index - List a set of OpenPGP keys in the MRHKP format.
+ *     @keys: The keys to display.
  *
- *     Returns a linked list of stats_key elements containing the sigs on the
- *     supplied OpenPGP packet list.
+ *     This function takes a list of OpenPGP public keys and displays a
+ *     machine readable list of them.
  */
-struct ll *keysigs(struct ll *curll,
-               struct openpgp_packet_list *sigs)
+int mrkey_index(struct openpgp_publickey *keys)
 {
-       uint64_t keyid = 0;
-       
-       while (sigs != NULL) {
-               keyid = sig_keyid(sigs->packet);
-               sigs = sigs->next;
-               curll = lladd(curll, createandaddtohash(keyid));
-       }
+       struct openpgp_signedpacket_list        *curuid = NULL;
+       time_t                                   created_time = 0;
+       int                                      type = 0;
+       int                                      length = 0;
+       int                                      i = 0;
+       size_t                                   fplength = 0;
+       unsigned char                            fp[20];
+       int                                      c;
+       uint64_t                                 keyid;
 
-       return curll;
-}
+       while (keys != NULL) {
+               created_time = (keys->publickey->data[1] << 24) +
+                                       (keys->publickey->data[2] << 16) +
+                                       (keys->publickey->data[3] << 8) +
+                                       keys->publickey->data[4];
 
-/**
- *     sig_keyid - Return the keyid for a given OpenPGP signature packet.
- *     @packet: The signature packet.
- *
- *     Returns the keyid for the supplied signature packet.
- */
-uint64_t sig_keyid(struct openpgp_packet *packet)
-{
-       int length = 0;
-       uint64_t keyid = 0;
-       
-       if (packet != NULL) {
-               keyid = 0;
-               switch (packet->data[0]) {
+               printf("pub:");
+
+               switch (keys->publickey->data[0]) {
                case 2:
                case 3:
-                       keyid = packet->data[7];
-                       keyid <<= 8;
-                       keyid += packet->data[8];
-                       keyid <<= 8;
-                       keyid += packet->data[9];
-                       keyid <<= 8;
-                       keyid += packet->data[10];
-                       keyid <<= 8;
-                       keyid += packet->data[11];
-                       keyid <<= 8;
-                       keyid += packet->data[12];
-                       keyid <<= 8;
-                       keyid += packet->data[13];
-                       keyid <<= 8;
-                       keyid += packet->data[14];
+                       if (get_keyid(keys, &keyid) != ONAK_E_OK) {
+                               logthing(LOGTHING_ERROR, "Couldn't get keyid");
+                       }
+                       printf("%016" PRIX64, keyid);
+                       type = keys->publickey->data[7];
+                       length = (keys->publickey->data[8] << 8) +
+                                       keys->publickey->data[9];
                        break;
                case 4:
-                       length = parse_subpackets(&packet->data[4],
-                                       &keyid);
-                       parse_subpackets(&packet->data[length + 4],
-                                       &keyid);
-                       /*
-                        * Don't bother to look at the unsigned packets.
-                        */
+                       (void) get_fingerprint(keys->publickey, fp, &fplength);
+
+                       for (i = 0; i < fplength; i++) {
+                               printf("%02X", fp[i]);
+                       }
+
+                       type = keys->publickey->data[5];
+                       length = (keys->publickey->data[6] << 8) +
+                                       keys->publickey->data[7];
                        break;
                default:
-                       break;
+                       logthing(LOGTHING_ERROR, "Unknown key type: %d",
+                               keys->publickey->data[0]);
                }
-       }
-
-       return keyid;
-}
-
-/*
- * TODO: Abstract out; all our linked lists should be generic and then we can
- * llsize them.
- */
-int spsize(struct openpgp_signedpacket_list *list)
-{
-       int size = 0;
-       struct openpgp_signedpacket_list *cur;
-
-       for (cur = list; cur != NULL; cur = cur->next, size++) ;
-
-       return size;
-}
-
-/**
- *     keyuids - Takes a key and returns an array of its UIDs
- *     @key: The key to get the uids of.
- *     @primary: A pointer to store the primary UID in.
- *
- *     keyuids takes a public key structure and builds an array of the UIDs 
- *     on the key. It also attempts to work out the primary UID and returns a
- *     separate pointer to that particular element of the array.
- */
-char **keyuids(struct openpgp_publickey *key, char **primary)
-{
-       struct openpgp_signedpacket_list *curuid = NULL;
-       char buf[1024];
-       char **uids = NULL;
-       int count = 0;
 
-       if (key != NULL && key->uids != NULL) {
-               uids = malloc((spsize(key->uids) + 1) * sizeof (char *));
+               printf(":%d:%d:%ld::%s\n",
+                       type,
+                       length,
+                       created_time,
+                       (keys->revoked) ? "r" : "");
        
-               curuid = key->uids;
-               while (curuid != NULL) {
-                       buf[0] = 0;
-                       if (curuid->packet->tag == 13) {
-                               snprintf(buf, 1023, "%.*s",
-                                               (int) curuid->packet->length,
-                                               curuid->packet->data);
-                               uids[count++] = strdup(buf);
+               for (curuid = keys->uids; curuid != NULL;
+                        curuid = curuid->next) {
+               
+                       if (curuid->packet->tag == OPENPGP_PACKET_UID) {
+                               printf("uid:");
+                               for (i = 0; i < (int) curuid->packet->length;
+                                               i++) {
+                                       c = curuid->packet->data[i];
+                                       if (c == '%') {
+                                               putchar('%');
+                                               putchar(c);
+                                       } else if (c == ':' || c > 127) {
+                                               printf("%%%X", c);
+                                       } else {
+                                               putchar(c);
+                                       }
+                               }
+                               printf("\n");
                        }
-                       curuid = curuid -> next;
                }
-               uids[count] = NULL;
-       }
-       /*
-        * TODO: Parse subpackets for real primary ID (v4 keys)
-        */
-       if (primary != NULL) {
-               *primary = uids[0];
+               keys = keys->next;
        }
-
-       return uids;
+       return 0;
 }