X-Git-Url: http://the.earth.li/gitweb/?a=blobdiff_plain;f=decodekey.c;h=481b8aaa94e68cae12de3c5f1df987300a349465;hb=a8c0920cce727a12697154a85896f2a3ba47eb75;hp=be80151d2822c31ddef27de3dfe6cfbfc1d42368;hpb=4e785b6122f020d1ce1a31af8001316162051183;p=onak.git
diff --git a/decodekey.c b/decodekey.c
index be80151..481b8aa 100644
--- a/decodekey.c
+++ b/decodekey.c
@@ -13,11 +13,10 @@
* more details.
*
* You should have received a copy of the GNU General Public License along with
- * this program; if not, write to the Free Software Foundation, Inc., 51
- * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ * this program. If not, see .
*/
-#include
+#include
#include
#include
#include
@@ -28,7 +27,6 @@
#include "keyid.h"
#include "keystructs.h"
#include "ll.h"
-#include "log.h"
#include "openpgp.h"
/*
@@ -50,8 +48,10 @@ onak_status_t parse_subpackets(unsigned char *data, size_t len,
int offset = 0;
int length = 0;
int packetlen = 0;
+ struct openpgp_fingerprint fp;
+ int i;
- log_assert(data != NULL);
+ assert(data != NULL);
/* Make sure we actually have the 2 byte length field */
if (len < 2) {
@@ -124,6 +124,16 @@ onak_status_t parse_subpackets(unsigned char *data, size_t len,
*keyid += data[offset+packetlen - 1];
}
break;
+ case OPENPGP_SIGSUB_ISSUER_FINGER:
+ if ((packetlen - 2) <= MAX_FINGERPRINT_LEN &&
+ keyid != NULL) {
+ fp.length = packetlen - 2;
+ for (i = 0; i < fp.length; i++) {
+ fp.fp[i] = data[offset + i + 2];
+ }
+ *keyid = fingerprint2keyid(&fp);
+ }
+ break;
case OPENPGP_SIGSUB_EXPIRY:
case OPENPGP_SIGSUB_EXPORTABLE:
case OPENPGP_SIGSUB_TRUSTSIG:
@@ -136,7 +146,7 @@ onak_status_t parse_subpackets(unsigned char *data, size_t len,
case OPENPGP_SIGSUB_REVOCATION_KEY:
case OPENPGP_SIGSUB_ISSUER_UID:
case OPENPGP_SIGSUB_URL:
- case OPENPGP_SIGSUB_ISSUER_FINGER:
+ case OPENPGP_SIGSUB_X_ISSUER_FINGER:
case OPENPGP_SIGSUB_NOTATION:
case OPENPGP_SIGSUB_PREFHASH:
case OPENPGP_SIGSUB_PREFCOMPRESS:
@@ -162,11 +172,8 @@ onak_status_t parse_subpackets(unsigned char *data, size_t len,
* 7 is set in which case we log a major error.
*/
if (data[offset] & 0x80) {
- logthing(LOGTHING_CRITICAL,
- "Critical subpacket type not parsed: 0x%X",
- data[offset]);
+ return ONAK_E_UNSUPPORTED_FEATURE;
}
-
}
offset += packetlen;
}
@@ -174,28 +181,6 @@ onak_status_t parse_subpackets(unsigned char *data, size_t len,
return ONAK_E_OK;
}
-/**
- * keysigs - Return the sigs on a given OpenPGP signature list.
- * @curll: The current linked list. Can be NULL to create a new list.
- * @sigs: The signature list we want the sigs on.
- *
- * Returns a linked list of stats_key elements containing the sigs on the
- * supplied OpenPGP packet list.
- */
-struct ll *keysigs(struct ll *curll,
- struct openpgp_packet_list *sigs)
-{
- uint64_t keyid = 0;
-
- while (sigs != NULL) {
- keyid = sig_keyid(sigs->packet);
- sigs = sigs->next;
- curll = lladd(curll, createandaddtohash(keyid));
- }
-
- return curll;
-}
-
/**
* sig_info - Get info on a given OpenPGP signature packet
* @packet: The signature packet
@@ -244,6 +229,7 @@ onak_status_t sig_info(struct openpgp_packet *packet, uint64_t *keyid,
}
break;
case 4:
+ case 5:
res = parse_subpackets(&packet->data[4],
packet->length - 4,
&length, keyid, creation);
@@ -368,3 +354,82 @@ struct openpgp_fingerprint *keysubkeys(struct openpgp_publickey *key)
return subkeys;
}
+
+enum onak_oid onak_parse_oid(uint8_t *buf, size_t len)
+{
+ enum onak_oid oid;
+
+ /* Elliptic curve key size is based on OID */
+ if (len == 0 || (buf[0] >= len)) {
+ oid = ONAK_OID_INVALID;
+ /* Curve25519 / 1.3.6.1.4.1.3029.1.5.1 */
+ } else if ((buf[0] == 10) &&
+ (buf[1] == 0x2B) && (buf[2] == 0x06) &&
+ (buf[3] == 0x01) && (buf[4] == 0x04) &&
+ (buf[5] == 0x01) && (buf[6] == 0x97) &&
+ (buf[7] == 0x55) && (buf[8] == 0x01) &&
+ (buf[9] == 0x05) && (buf[10] == 0x01)) {
+ oid = ONAK_OID_CURVE25519;
+ /* Ed25519 / 1.3.6.1.4.1.11591.15.1 */
+ } else if ((buf[0] == 9) &&
+ (buf[1] == 0x2B) && (buf[2] == 0x06) &&
+ (buf[3] == 0x01) && (buf[4] == 0x04) &&
+ (buf[5] == 0x01) && (buf[6] == 0xDA) &&
+ (buf[7] == 0x47) && (buf[8] == 0x0F) &&
+ (buf[9] == 0x01)) {
+ oid = ONAK_OID_ED25519;
+ /* nistp256 / 1.2.840.10045.3.1.7 */
+ } else if ((buf[0] == 8) &&
+ (buf[1] == 0x2A) && (buf[2] == 0x86) &&
+ (buf[3] == 0x48) && (buf[4] == 0xCE) &&
+ (buf[5] == 0x3D) && (buf[6] == 0x03) &&
+ (buf[7] == 0x01) && (buf[8] == 0x07)) {
+ oid = ONAK_OID_NISTP256;
+ /* nistp384 / 1.3.132.0.34 */
+ } else if ((buf[0] == 5) &&
+ (buf[1] == 0x2B) && (buf[2] == 0x81) &&
+ (buf[3] == 0x04) && (buf[4] == 0x00) &&
+ (buf[5] == 0x22)) {
+ oid = ONAK_OID_NISTP384;
+ /* nistp521 / 1.3.132.0.35 */
+ } else if ((buf[0] == 5) &&
+ (buf[1] == 0x2B) && (buf[2] == 0x81) &&
+ (buf[3] == 0x04) && (buf[4] == 0x00) &&
+ (buf[5] == 0x23)) {
+ oid = ONAK_OID_NISTP521;
+ /* brainpoolP256r1 / 1.3.36.3.3.2.8.1.1.7 */
+ } else if ((buf[0] == 9) &&
+ (buf[1] == 0x2B) && (buf[2] == 0x24) &&
+ (buf[3] == 0x03) && (buf[4] == 0x03) &&
+ (buf[5] == 0x02) && (buf[6] == 0x08) &&
+ (buf[7] == 0x01) && (buf[8] == 0x01) &&
+ (buf[9] == 0x07)) {
+ oid = ONAK_OID_BRAINPOOLP256R1;
+ /* brainpoolP384r1 / 1.3.36.3.3.2.8.1.1.11 */
+ } else if ((buf[0] == 9) &&
+ (buf[1] == 0x2B) && (buf[2] == 0x24) &&
+ (buf[3] == 0x03) && (buf[4] == 0x03) &&
+ (buf[5] == 0x02) && (buf[6] == 0x08) &&
+ (buf[7] == 0x01) && (buf[8] == 0x01) &&
+ (buf[9] == 0x0B)) {
+ oid = ONAK_OID_BRAINPOOLP384R1;
+ /* brainpoolP512r1 / 1.3.36.3.3.2.8.1.1.13 */
+ } else if ((buf[0] == 9) &&
+ (buf[1] == 0x2B) && (buf[2] == 0x24) &&
+ (buf[3] == 0x03) && (buf[4] == 0x03) &&
+ (buf[5] == 0x02) && (buf[6] == 0x08) &&
+ (buf[7] == 0x01) && (buf[8] == 0x01) &&
+ (buf[9] == 0x0D)) {
+ oid = ONAK_OID_BRAINPOOLP512R1;
+ /* secp256k1 / 1.3.132.0.10 */
+ } else if ((buf[0] == 5) &&
+ (buf[1] == 0x2B) && (buf[2] == 0x81) &&
+ (buf[3] == 0x04) && (buf[4] == 0x00) &&
+ (buf[5] == 0x0A)) {
+ oid = ONAK_OID_SECP256K1;
+ } else {
+ oid = ONAK_OID_UNKNOWN;
+ }
+
+ return oid;
+}