Now we are storing the SKS hash details of a key add the ability to
display the hash in /pks/lookup and retrieve it via the new hget
function. This should be compatible with the way in which SKS extends
lookup to support its hashes.
Also add hget to the onak CLI tool and the -s option for showing the
SKS hash of keys.
* Copyright 2002 Project Purple
*/
* Copyright 2002 Project Purple
*/
#include <sys/types.h>
#include <arpa/inet.h>
#include <sys/types.h>
#include <arpa/inet.h>
md5_finish_ctx(&md5_context, &hash->hash);
free_packet_list(packets);
}
md5_finish_ctx(&md5_context, &hash->hash);
free_packet_list(packets);
}
+
+uint8_t hexdigit(char c)
+{
+ if (c >= '0' && c <= '9')
+ return c - '0';
+ else if (c >= 'a' && c <= 'f')
+ return c - 'a' + 10;
+ else if (c >= 'A' && c <= 'F')
+ return c - 'A' + 10;
+ else
+ return 0;
+}
+
+int parse_skshash(char *search, struct skshash *hash)
+{
+ int i, len;
+
+ len = strlen(search);
+ if (len > 32) {
+ return 0;
+ }
+
+ for (i = 0; i < len; i += 2) {
+ hash->hash[i >> 1] = (hexdigit(search[i]) << 4) +
+ hexdigit(search[i + 1]);
+ }
+
+ return 1;
+}
*/
void get_skshash(struct openpgp_publickey *publickey, struct skshash *hash);
*/
void get_skshash(struct openpgp_publickey *publickey, struct skshash *hash);
+/**
+ * parse_skshash - Parse a string into an SKS hash structure.
+ * @search: The string representing the SKS hash.
+ * @hash: A pointer to the structure to store the hash in.
+ *
+ * Takes a string and tries to parse it as an SKS hash hex
+ * representation. Puts the hash into the supplied structure
+ * if successful. Returns 1 if we parsed something ok, 0 if
+ * we failed.
+ */
+int parse_skshash(char *search, struct skshash *hash);
+
+void display_skshash(struct openpgp_publickey *key, bool html)
+{
+ int i = 0;
+ struct skshash hash;
+
+ get_skshash(key, &hash);
+ printf(" Key hash = ");
+ if (html) {
+ printf("<a href=\"lookup?op=hget&search=");
+ for (i = 0; i < sizeof(hash.hash); i++) {
+ printf("%02X", hash.hash[i]);
+ }
+ printf("\">");
+ }
+ for (i = 0; i < sizeof(hash.hash); i++) {
+ printf("%02X", hash.hash[i]);
+ }
+ if (html) {
+ printf("</a>");
+ }
+ printf("\n");
+
+ return;
+}
+
/**
* key_index - List a set of OpenPGP keys.
* @keys: The keys to display.
/**
* key_index - List a set of OpenPGP keys.
* @keys: The keys to display.
* of them. Useful for debugging or the keyserver Index function.
*/
int key_index(struct openpgp_publickey *keys, bool verbose, bool fingerprint,
* of them. Useful for debugging or the keyserver Index function.
*/
int key_index(struct openpgp_publickey *keys, bool verbose, bool fingerprint,
+ bool skshash, bool html)
{
struct openpgp_signedpacket_list *curuid = NULL;
struct tm *created = NULL;
{
struct openpgp_signedpacket_list *curuid = NULL;
struct tm *created = NULL;
(html) ? txt2html(buf) : buf,
(html) ? "</a>" : "",
(keys->revoked) ? " *** REVOKED ***" : "");
(html) ? txt2html(buf) : buf,
(html) ? "</a>" : "",
(keys->revoked) ? " *** REVOKED ***" : "");
+ if (skshash) {
+ display_skshash(keys, html);
+ }
if (fingerprint) {
display_fingerprint(keys);
}
if (fingerprint) {
display_fingerprint(keys);
}
* @keys: The keys to display.
* @verbose: Should we list sigs as well?
* @fingerprint: List the fingerprint?
* @keys: The keys to display.
* @verbose: Should we list sigs as well?
* @fingerprint: List the fingerprint?
+ * @skshash: List the sks hash?
* @html: Should we tailor the output for HTML?
*
* This function takes a list of OpenPGP public keys and displays an index
* of them. Useful for debugging or the keyserver Index function.
*/
int key_index(struct openpgp_publickey *keys, bool verbose,
* @html: Should we tailor the output for HTML?
*
* This function takes a list of OpenPGP public keys and displays an index
* of them. Useful for debugging or the keyserver Index function.
*/
int key_index(struct openpgp_publickey *keys, bool verbose,
- bool fingerprint, bool html);
+ bool fingerprint, bool skshash, bool html);
/**
* mrkey_index - List a set of OpenPGP keys in the MRHKP format.
/**
* mrkey_index - List a set of OpenPGP keys in the MRHKP format.
#include "cleanup.h"
#include "getcgi.h"
#include "keydb.h"
#include "cleanup.h"
#include "getcgi.h"
#include "keydb.h"
#include "keyindex.h"
#include "log.h"
#include "mem.h"
#include "keyindex.h"
#include "log.h"
#include "mem.h"
#define OP_INDEX 2
#define OP_VINDEX 3
#define OP_PHOTO 4
#define OP_INDEX 2
#define OP_VINDEX 3
#define OP_PHOTO 4
void find_keys(char *search, uint64_t keyid, bool ishex,
void find_keys(char *search, uint64_t keyid, bool ishex,
- bool fingerprint, bool exact, bool verbose, bool mrhkp)
+ bool fingerprint, bool skshash, bool exact, bool verbose,
+ bool mrhkp)
{
struct openpgp_publickey *publickey = NULL;
int count = 0;
{
struct openpgp_publickey *publickey = NULL;
int count = 0;
printf("info:1:%d\n", count);
mrkey_index(publickey);
} else {
printf("info:1:%d\n", count);
mrkey_index(publickey);
} else {
- key_index(publickey, verbose, fingerprint, true);
+ key_index(publickey, verbose, fingerprint, skshash,
+ true);
}
free_publickey(publickey);
} else if (count == 0) {
}
free_publickey(publickey);
} else if (count == 0) {
int i;
int indx = 0;
bool fingerprint = false;
int i;
int indx = 0;
bool fingerprint = false;
bool exact = false;
bool ishex = false;
bool mrhkp = false;
bool exact = false;
bool ishex = false;
bool mrhkp = false;
struct openpgp_packet_list *packets = NULL;
struct openpgp_packet_list *list_end = NULL;
int result;
struct openpgp_packet_list *packets = NULL;
struct openpgp_packet_list *list_end = NULL;
int result;
params = getcgivars(argc, argv);
for (i = 0; params != NULL && params[i] != NULL; i += 2) {
if (!strcmp(params[i], "op")) {
if (!strcmp(params[i+1], "get")) {
op = OP_GET;
params = getcgivars(argc, argv);
for (i = 0; params != NULL && params[i] != NULL; i += 2) {
if (!strcmp(params[i], "op")) {
if (!strcmp(params[i+1], "get")) {
op = OP_GET;
+ } else if (!strcmp(params[i+1], "hget")) {
+ op = OP_HGET;
} else if (!strcmp(params[i+1], "index")) {
op = OP_INDEX;
} else if (!strcmp(params[i+1], "vindex")) {
} else if (!strcmp(params[i+1], "index")) {
op = OP_INDEX;
} else if (!strcmp(params[i+1], "vindex")) {
if (!strcmp(params[i+1], "on")) {
fingerprint = true;
}
if (!strcmp(params[i+1], "on")) {
fingerprint = true;
}
+ } else if (!strcmp(params[i], "hash")) {
+ if (!strcmp(params[i+1], "on")) {
+ skshash = true;
+ }
} else if (!strcmp(params[i], "exact")) {
if (!strcmp(params[i+1], "on")) {
exact = true;
} else if (!strcmp(params[i], "exact")) {
if (!strcmp(params[i+1], "on")) {
exact = true;
config.dbbackend->initdb(false);
switch (op) {
case OP_GET:
config.dbbackend->initdb(false);
switch (op) {
case OP_GET:
+ case OP_HGET:
+ if (op == OP_HGET) {
+ parse_skshash(search, &hash);
+ result = config.dbbackend->fetch_key_skshash(
+ &hash, &publickey);
+ } else if (ishex) {
result = config.dbbackend->fetch_key(keyid,
&publickey, false);
} else {
result = config.dbbackend->fetch_key(keyid,
&publickey, false);
} else {
- find_keys(search, keyid, ishex, fingerprint, exact,
- false, mrhkp);
+ find_keys(search, keyid, ishex, fingerprint, skshash,
+ exact, false, mrhkp);
- find_keys(search, keyid, ishex, fingerprint, exact,
- true, mrhkp);
+ find_keys(search, keyid, ishex, fingerprint, skshash,
+ exact, true, mrhkp);
break;
case OP_PHOTO:
if (config.dbbackend->fetch_key(keyid, &publickey,
break;
case OP_PHOTO:
if (config.dbbackend->fetch_key(keyid, &publickey,
#include "version.h"
void find_keys(char *search, uint64_t keyid, bool ishex,
#include "version.h"
void find_keys(char *search, uint64_t keyid, bool ishex,
- bool fingerprint, bool exact, bool verbose)
+ bool fingerprint, bool skshash, bool exact, bool verbose)
{
struct openpgp_publickey *publickey = NULL;
int count = 0;
{
struct openpgp_publickey *publickey = NULL;
int count = 0;
count = config.dbbackend->fetch_key_text(search, &publickey);
}
if (publickey != NULL) {
count = config.dbbackend->fetch_key_text(search, &publickey);
}
if (publickey != NULL) {
- key_index(publickey, verbose, fingerprint, false);
+ key_index(publickey, verbose, fingerprint, skshash, false);
free_publickey(publickey);
} else if (count == 0) {
puts("Key not found.");
free_publickey(publickey);
} else if (count == 0) {
puts("Key not found.");
bool update = false;
bool binary = false;
bool fingerprint = false;
bool update = false;
bool binary = false;
bool fingerprint = false;
int optchar;
struct dump_ctx dumpstate;
int optchar;
struct dump_ctx dumpstate;
- while ((optchar = getopt(argc, argv, "bc:fuv")) != -1 ) {
+ while ((optchar = getopt(argc, argv, "bc:fsuv")) != -1 ) {
switch (optchar) {
case 'b':
binary = true;
switch (optchar) {
case 'b':
binary = true;
case 'f':
fingerprint = true;
break;
case 'f':
fingerprint = true;
break;
+ case 's':
+ skshash = true;
+ break;
case 'u':
update = true;
break;
case 'u':
update = true;
break;
}
config.dbbackend->initdb(false);
if (!strcmp("index", argv[optind])) {
}
config.dbbackend->initdb(false);
if (!strcmp("index", argv[optind])) {
- find_keys(search, keyid, ishex, fingerprint,
+ find_keys(search, keyid, ishex, fingerprint, skshash,
false, false);
} else if (!strcmp("vindex", argv[optind])) {
false, false);
} else if (!strcmp("vindex", argv[optind])) {
- find_keys(search, keyid, ishex, fingerprint,
+ find_keys(search, keyid, ishex, fingerprint, skshash,
false, true);
} else if (!strcmp("getphoto", argv[optind])) {
if (!ishex) {
false, true);
} else if (!strcmp("getphoto", argv[optind])) {
if (!ishex) {
} else {
puts("Key not found");
}
} else {
puts("Key not found");
}
+ } else if (!strcmp("hget", argv[optind])) {
+ if (!parse_skshash(search, &hash)) {
+ puts("Couldn't parse sks hash.");
+ } else if (config.dbbackend->fetch_key_skshash(&hash,
+ &keys)) {
+ logthing(LOGTHING_INFO, "Got key.");
+ flatten_publickey(keys,
+ &packets,
+ &list_end);
+ free_publickey(keys);
+ if (binary) {
+ write_openpgp_stream(stdout_putchar,
+ NULL,
+ packets);
+ } else {
+ armor_openpgp_stream(stdout_putchar,
+ NULL,
+ packets);
+ }
+ free_packet_list(packets);
+ packets = NULL;
+ } else {
+ puts("Key not found");
+ }
}
config.dbbackend->cleanupdb();
} else {
}
config.dbbackend->cleanupdb();
} else {