2 * parsekey.c - Routines to parse an OpenPGP key.
4 * Copyright 2002-2004,2007-2008,2011 Jonathan McDowell <noodles@earth.li>
6 * This program is free software: you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the Free
8 * Software Foundation; version 2 of the License.
10 * This program is distributed in the hope that it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
15 * You should have received a copy of the GNU General Public License along with
16 * this program; if not, write to the Free Software Foundation, Inc., 51
17 * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26 #include "keystructs.h"
34 * parse_keys - Process a stream of packets for public keys + sigs.
35 * @packets: The packet list to parse.
36 * @keys: The returned list of public keys.
38 * This function takes an list of OpenPGP packets and attempts to parse it
39 * into a list of public keys with signatures and subkeys.
41 * Returns a count of how many keys we parsed.
43 int parse_keys(struct openpgp_packet_list *packets,
44 struct openpgp_publickey **keys)
46 struct openpgp_publickey *curkey = NULL;
52 * If keys already has some keys in it then set curkey to the last one
53 * so we add to the end of the list.
55 for (curkey = *keys; curkey != NULL && curkey->next != NULL;
56 curkey = curkey->next) ;
58 while (packets != NULL) {
59 switch (packets->packet->tag) {
60 case OPENPGP_PACKET_SIGNATURE:
62 * It's a signature packet. Add it to either the public
63 * key, to the current UID or the current subkey.
66 return ONAK_E_INVALID_PARAM;
67 if (curkey->subkeys != NULL) {
68 ADD_PACKET_TO_LIST_END(curkey->last_subkey,
70 packet_dup(packets->packet));
71 } else if (curkey->uids != NULL) {
72 ADD_PACKET_TO_LIST_END(curkey->last_uid,
74 packet_dup(packets->packet));
76 ADD_PACKET_TO_LIST_END(curkey,
78 packet_dup(packets->packet));
80 * This is a signature on the public key; check
81 * if it's a revocation.
83 if (packets->packet->data[0] == 3 &&
84 packets->packet->data[2] ==
85 OPENPGP_SIGTYPE_KEY_REV) {
87 * Type 3 key, 0x20 == revocation
89 curkey->revoked = true;
90 } else if (packets->packet->data[0] == 4 &&
91 packets->packet->data[1] ==
92 OPENPGP_SIGTYPE_KEY_REV) {
94 * Type 4 key, 0x20 == revocation
96 curkey->revoked = true;
100 case OPENPGP_PACKET_PUBLICKEY:
102 * It's a public key packet, so start a new key in our
105 if (curkey != NULL) {
106 curkey->next = malloc(sizeof (*curkey));
107 curkey = curkey->next;
110 malloc(sizeof (*curkey));
112 memset(curkey, 0, sizeof(*curkey));
113 curkey->publickey = packet_dup(packets->packet);
116 case OPENPGP_PACKET_UID:
117 case OPENPGP_PACKET_UAT:
119 * It's a UID packet (or a photo id, which is similar).
122 return ONAK_E_INVALID_PARAM;
123 if (curkey->subkeys != NULL)
124 return ONAK_E_INVALID_PARAM;
125 ADD_PACKET_TO_LIST_END(curkey,
127 packet_dup(packets->packet));
129 case OPENPGP_PACKET_PUBLICSUBKEY:
131 * It's a subkey packet.
134 return ONAK_E_INVALID_PARAM;
135 ADD_PACKET_TO_LIST_END(curkey,
137 packet_dup(packets->packet));
139 case OPENPGP_PACKET_TRUST:
140 case OPENPGP_PACKET_COMMENT:
144 * Trust packet. Ignore.
145 * Comment packet. Ignore.
149 /* Unsupported packet. Do what? Ignore for now. */
152 packets = packets->next;
159 * debug_packet - Print debug info about a packet
160 * @packet: The packet to display.
162 * This function takes an OpenPGP packet and displays some information
163 * about it to stdout. Useful for debugging purposes or curiousity about
164 * an OpenPGP packet stream.
166 int debug_packet(struct openpgp_packet *packet)
168 printf("\tNew format: %d, Tag: %u, Length: %zd\n",
177 * read_openpgp_stream - Reads a stream of OpenPGP packets.
178 * @getchar_func: The function to get the next character from the stream.
179 * @ctx: A pointer to the context structure for getchar_func.
180 * @packets: The outputted list of packets.
181 * @maxnum: The maximum number of keys to read. 0 means unlimited.
183 * This function uses getchar_func to read characters from an OpenPGP
184 * packet stream and reads the packets into a linked list of packets
185 * ready for parsing as a public key or whatever.
187 onak_status_t read_openpgp_stream(int (*getchar_func)(void *ctx, size_t count,
190 struct openpgp_packet_list **packets,
193 unsigned char curchar = 0;
194 struct openpgp_packet_list *curpacket = NULL, **packetend = NULL;
195 onak_status_t rc = ONAK_E_OK;
199 return ONAK_E_INVALID_PARAM;
201 curpacket = *packets;
202 if (curpacket != NULL) {
203 while (curpacket->next != NULL) {
204 curpacket = curpacket->next;
208 while (rc == ONAK_E_OK && (maxnum == 0 || keys < maxnum) &&
209 !getchar_func(ctx, 1, &curchar)) {
210 if (curchar & 0x80) {
212 * New packet. Allocate memory for it.
214 if (curpacket != NULL) {
215 curpacket->next = malloc(sizeof (*curpacket));
216 packetend = &curpacket->next;
217 curpacket = curpacket->next;
219 *packets = curpacket =
220 malloc(sizeof (*curpacket));
223 memset(curpacket, 0, sizeof(*curpacket));
225 malloc(sizeof (*curpacket->packet));
226 memset(curpacket->packet, 0,
227 sizeof(*curpacket->packet));
229 curpacket->packet->newformat = (curchar & 0x40);
232 * TODO: Better error checking on getchar_func.
234 if (curpacket->packet->newformat) {
235 curpacket->packet->tag = (curchar & 0x3F);
236 if (getchar_func(ctx, 1, &curchar)) {
237 rc = ONAK_E_INVALID_PKT;
240 curpacket->packet->length = curchar;
241 if (curpacket->packet->length > 191 &&
242 curpacket->packet->length < 224) {
243 rc = getchar_func(ctx, 1, &curchar);
244 curpacket->packet->length -= 192;
245 curpacket->packet->length <<= 8;
246 curpacket->packet->length += curchar;
247 curpacket->packet->length += 192;
248 } else if (curpacket->packet->length > 223 &&
249 curpacket->packet->length < 255) {
250 free(curpacket->packet);
251 curpacket->packet = NULL;
252 rc = ONAK_E_UNSUPPORTED_FEATURE;
253 } else if (curpacket->packet->length == 255) {
255 * 5 byte length; ie 255 followed by 3
256 * bytes of MSB length.
258 if (getchar_func(ctx, 1, &curchar)) {
259 rc = ONAK_E_INVALID_PKT;
262 curpacket->packet->length = curchar;
263 curpacket->packet->length <<= 8;
264 if (getchar_func(ctx, 1, &curchar)) {
265 rc = ONAK_E_INVALID_PKT;
268 curpacket->packet->length += curchar;
269 curpacket->packet->length <<= 8;
270 if (getchar_func(ctx, 1, &curchar)) {
271 rc = ONAK_E_INVALID_PKT;
274 curpacket->packet->length += curchar;
275 curpacket->packet->length <<= 8;
276 if (getchar_func(ctx, 1, &curchar)) {
277 rc = ONAK_E_INVALID_PKT;
280 curpacket->packet->length += curchar;
283 curpacket->packet->tag = (curchar & 0x3C) >> 2;
284 switch (curchar & 3) {
286 if (getchar_func(ctx, 1, &curchar)) {
287 rc = ONAK_E_INVALID_PKT;
290 curpacket->packet->length = curchar;
293 if (getchar_func(ctx, 1, &curchar)) {
294 rc = ONAK_E_INVALID_PKT;
297 curpacket->packet->length = curchar;
298 curpacket->packet->length <<= 8;
299 if (getchar_func(ctx, 1, &curchar)) {
300 rc = ONAK_E_INVALID_PKT;
303 curpacket->packet->length += curchar;
306 if (getchar_func(ctx, 1, &curchar)) {
307 rc = ONAK_E_INVALID_PKT;
310 curpacket->packet->length =
311 ((unsigned) curchar << 24);
312 if (getchar_func(ctx, 1, &curchar)) {
313 rc = ONAK_E_INVALID_PKT;
316 curpacket->packet->length +=
318 if (getchar_func(ctx, 1, &curchar)) {
319 rc = ONAK_E_INVALID_PKT;
322 curpacket->packet->length +=
324 if (getchar_func(ctx, 1, &curchar)) {
325 rc = ONAK_E_INVALID_PKT;
328 curpacket->packet->length += curchar;
331 rc = ONAK_E_UNSUPPORTED_FEATURE;
332 free(curpacket->packet);
333 curpacket->packet = NULL;
339 if (curpacket->packet->tag ==
340 OPENPGP_PACKET_PUBLICKEY) {
343 curpacket->packet->data =
344 malloc(curpacket->packet->length *
345 sizeof(unsigned char));
346 if (curpacket->packet->data == NULL) {
349 rc = getchar_func(ctx,
350 curpacket->packet->length,
351 curpacket->packet->data);
355 rc = ONAK_E_INVALID_PKT;
359 if (packetend != NULL) {
360 if ((*packetend)->packet != NULL) {
361 /* If we got an invalid final packet, discard it. */
362 if ((*packetend)->packet->data != NULL &&
364 free((*packetend)->packet->data);
365 (*packetend)->packet->data = NULL;
367 /* If we didn't get any data, clean it up. */
368 if ((*packetend)->packet->data == NULL) {
369 free((*packetend)->packet);
370 (*packetend)->packet = NULL;
373 /* Trim the last packet if it doesn't actually exist */
374 if ((*packetend)->packet == NULL) {
384 * write_openpgp_stream - Reads a stream of OpenPGP packets.
385 * @putchar_func: The function to put the next character to the stream.
386 * @ctx: A pointer to the context structure for putchar_func.
387 * @packets: The list of packets.
389 * This function uses putchar_func to write characters to an OpenPGP
390 * packet stream from a linked list of packets.
392 onak_status_t write_openpgp_stream(int (*putchar_func)(void *ctx, size_t count,
395 struct openpgp_packet_list *packets)
397 unsigned char curchar = 0;
399 while (packets != NULL) {
401 if (packets->packet->newformat) {
403 curchar |= packets->packet->tag;
404 putchar_func(ctx, 1, &curchar);
406 if (packets->packet->length < 192) {
407 curchar = packets->packet->length;
408 putchar_func(ctx, 1, &curchar);
409 } else if (packets->packet->length > 191 &&
410 packets->packet->length < 8383) {
411 curchar = (((packets->packet->length - 192) &
413 putchar_func(ctx, 1, &curchar);
415 curchar = (packets->packet->length - 192) &
417 putchar_func(ctx, 1, &curchar);
418 } else if (packets->packet->length > 8382 &&
419 packets->packet->length < 0xFFFFFFFF) {
421 putchar_func(ctx, 1, &curchar);
423 curchar = (packets->packet->length >> 24);
425 putchar_func(ctx, 1, &curchar);
427 curchar = (packets->packet->length >> 16);
429 putchar_func(ctx, 1, &curchar);
431 curchar = (packets->packet->length >> 8);
433 putchar_func(ctx, 1, &curchar);
435 curchar = packets->packet->length;
437 putchar_func(ctx, 1, &curchar);
439 return ONAK_E_UNSUPPORTED_FEATURE;
442 curchar |= (packets->packet->tag << 2);
443 if (packets->packet->length < 256) {
444 putchar_func(ctx, 1, &curchar);
445 curchar = packets->packet->length;
446 putchar_func(ctx, 1, &curchar);
447 } else if (packets->packet->length < 0x10000) {
449 putchar_func(ctx, 1, &curchar);
450 curchar = packets->packet->length >> 8;
451 putchar_func(ctx, 1, &curchar);
452 curchar = packets->packet->length & 0xFF;
453 putchar_func(ctx, 1, &curchar);
456 putchar_func(ctx, 1, &curchar);
457 curchar = packets->packet->length >> 24;
458 putchar_func(ctx, 1, &curchar);
459 curchar = (packets->packet->length >> 16) & 0xFF;
460 putchar_func(ctx, 1, &curchar);
461 curchar = (packets->packet->length >> 8) & 0xFF;
462 putchar_func(ctx, 1, &curchar);
463 curchar = packets->packet->length & 0xFF;
464 putchar_func(ctx, 1, &curchar);
468 putchar_func(ctx, packets->packet->length,
469 packets->packet->data);
470 packets = packets->next;
477 * flatten_publickey - Convert a publickey to an OpenPGP packet list.
478 * @key: The public key.
479 * @packets: The outputted packet list.
481 * This function converts public key structure to a linked list of OpenPGP
482 * packets ready for outputing or storage.
484 int flatten_publickey(struct openpgp_publickey *key,
485 struct openpgp_packet_list **packets,
486 struct openpgp_packet_list **list_end)
488 struct openpgp_signedpacket_list *tmpsignedlist = NULL;
489 struct openpgp_packet_list *tmplist = NULL;
491 while (key != NULL) {
493 * First write the public key packet out.
495 ADD_PACKET_TO_LIST((*list_end), packet_dup(key->publickey));
496 if (*packets == NULL) {
497 *packets = *list_end;
501 * Now do any signatures on the main key.
503 for (tmplist = key->sigs; tmplist != NULL;
504 tmplist = tmplist->next) {
505 ADD_PACKET_TO_LIST((*list_end),
506 packet_dup(tmplist->packet));
510 * Output any UIDs along with their signatures.
512 for (tmpsignedlist = key->uids; tmpsignedlist != NULL;
513 tmpsignedlist = tmpsignedlist->next) {
515 ADD_PACKET_TO_LIST((*list_end),
516 packet_dup(tmpsignedlist->packet));
517 for (tmplist = tmpsignedlist->sigs; tmplist != NULL;
518 tmplist = tmplist->next) {
519 ADD_PACKET_TO_LIST((*list_end),
520 packet_dup(tmplist->packet));
525 * Output any subkeys along with their signatures.
527 for (tmpsignedlist = key->subkeys; tmpsignedlist != NULL;
528 tmpsignedlist = tmpsignedlist->next) {
530 ADD_PACKET_TO_LIST((*list_end),
531 packet_dup(tmpsignedlist->packet));
532 for (tmplist = tmpsignedlist->sigs; tmplist != NULL;
533 tmplist = tmplist->next) {
534 ADD_PACKET_TO_LIST((*list_end),
535 packet_dup(tmplist->packet));