X-Git-Url: http://the.earth.li/gitweb/?a=blobdiff_plain;f=keyindex.c;h=13a2ccdb2cb19917bf6f13364536b0c9acebeb16;hb=469a7046cd4b3087184beec190c372edb929fe55;hp=f3c36aafbf3527408894357ce80c1c7f6ecc2bd0;hpb=f8e9e43f90418ec6c8b5768a7981cbdabb64b198;p=onak.git diff --git a/keyindex.c b/keyindex.c index f3c36aa..13a2ccd 100644 --- a/keyindex.c +++ b/keyindex.c @@ -48,6 +48,7 @@ char pkalgo2char(uint8_t algo) typech = 'D'; break; case OPENPGP_PKALGO_ECDSA: + case OPENPGP_PKALGO_EDDSA: typech = 'E'; break; case OPENPGP_PKALGO_EC: @@ -93,8 +94,35 @@ unsigned int keylength(struct openpgp_packet *keydata) switch (keydata->data[5]) { case OPENPGP_PKALGO_EC: case OPENPGP_PKALGO_ECDSA: + case OPENPGP_PKALGO_EDDSA: /* Elliptic curve key size is based on OID */ - if ((keydata->data[6] == 8) && + /* Curve25519 / 1.3.6.1.4.1.3029.1.5.1 */ + if ((keydata->data[6] == 10) && + (keydata->data[7] == 0x2B) && + (keydata->data[8] == 0x06) && + (keydata->data[9] == 0x01) && + (keydata->data[10] == 0x04) && + (keydata->data[11] == 0x01) && + (keydata->data[12] == 0x97) && + (keydata->data[13] == 0x55) && + (keydata->data[14] == 0x01) && + (keydata->data[15] == 0x05) && + (keydata->data[16] == 0x01)) { + length = 255; + /* Ed25519 / 1.3.6.1.4.1.11591.15.1 */ + } else if ((keydata->data[6] == 9) && + (keydata->data[7] == 0x2B) && + (keydata->data[8] == 0x06) && + (keydata->data[9] == 0x01) && + (keydata->data[10] == 0x04) && + (keydata->data[11] == 0x01) && + (keydata->data[12] == 0xDA) && + (keydata->data[13] == 0x47) && + (keydata->data[14] == 0x0F) && + (keydata->data[15] == 0x01)) { + length = 255; + /* nistp256 / 1.2.840.10045.3.1.7 */ + } else if ((keydata->data[6] == 8) && (keydata->data[7] == 0x2A) && (keydata->data[8] == 0x86) && (keydata->data[9] == 0x48) && @@ -104,6 +132,7 @@ unsigned int keylength(struct openpgp_packet *keydata) (keydata->data[13] == 0x01) && (keydata->data[14] == 0x07)) { length = 256; + /* nistp384 / 1.3.132.0.34 */ } else if ((keydata->data[6] == 5) && (keydata->data[7] == 0x2B) && (keydata->data[8] == 0x81) && @@ -111,6 +140,7 @@ unsigned int keylength(struct openpgp_packet *keydata) (keydata->data[10] == 0x00) && (keydata->data[11] == 0x22)) { length = 384; + /* nistp521 / 1.3.132.0.35 */ } else if ((keydata->data[6] == 5) && (keydata->data[7] == 0x2B) && (keydata->data[8] == 0x81) && @@ -118,6 +148,50 @@ unsigned int keylength(struct openpgp_packet *keydata) (keydata->data[10] == 0x00) && (keydata->data[11] == 0x23)) { length = 521; + /* brainpoolP256r1 / 1.3.36.3.3.2.8.1.1.7 */ + } else if ((keydata->data[6] == 9) && + (keydata->data[7] == 0x2B) && + (keydata->data[8] == 0x24) && + (keydata->data[9] == 0x03) && + (keydata->data[10] == 0x03) && + (keydata->data[11] == 0x02) && + (keydata->data[12] == 0x08) && + (keydata->data[13] == 0x01) && + (keydata->data[14] == 0x01) && + (keydata->data[15] == 0x07)) { + length = 256; + /* brainpoolP384r1 / 1.3.36.3.3.2.8.1.1.11 */ + } else if ((keydata->data[6] == 9) && + (keydata->data[7] == 0x2B) && + (keydata->data[8] == 0x24) && + (keydata->data[9] == 0x03) && + (keydata->data[10] == 0x03) && + (keydata->data[11] == 0x02) && + (keydata->data[12] == 0x08) && + (keydata->data[13] == 0x01) && + (keydata->data[14] == 0x01) && + (keydata->data[15] == 0x0B)) { + length = 384; + /* brainpoolP512r1 / 1.3.36.3.3.2.8.1.1.13 */ + } else if ((keydata->data[6] == 9) && + (keydata->data[7] == 0x2B) && + (keydata->data[8] == 0x24) && + (keydata->data[9] == 0x03) && + (keydata->data[10] == 0x03) && + (keydata->data[11] == 0x02) && + (keydata->data[12] == 0x08) && + (keydata->data[13] == 0x01) && + (keydata->data[14] == 0x01) && + (keydata->data[15] == 0x0D)) { + length = 512; + /* secp256k1 / 1.3.132.0.10 */ + } else if ((keydata->data[6] == 5) && + (keydata->data[7] == 0x2B) && + (keydata->data[8] == 0x81) && + (keydata->data[9] == 0x04) && + (keydata->data[10] == 0x00) && + (keydata->data[11] == 0x0A)) { + length = 256; } else { logthing(LOGTHING_ERROR, "Unknown elliptic curve size"); @@ -138,7 +212,8 @@ unsigned int keylength(struct openpgp_packet *keydata) return length; } -int list_sigs(struct openpgp_packet_list *sigs, bool html) +int list_sigs(struct onak_dbctx *dbctx, + struct openpgp_packet_list *sigs, bool html) { char *uid = NULL; uint64_t sigid = 0; @@ -146,7 +221,7 @@ int list_sigs(struct openpgp_packet_list *sigs, bool html) while (sigs != NULL) { sigid = sig_keyid(sigs->packet); - uid = config.dbbackend->keyid2uid(sigid); + uid = dbctx->keyid2uid(dbctx, sigid); if (sigs->packet->data[0] == 4 && sigs->packet->data[1] == 0x30) { /* It's a Type 4 sig revocation */ @@ -188,7 +263,8 @@ int list_sigs(struct openpgp_packet_list *sigs, bool html) return 0; } -int list_uids(uint64_t keyid, struct openpgp_signedpacket_list *uids, +int list_uids(struct onak_dbctx *dbctx, + uint64_t keyid, struct openpgp_signedpacket_list *uids, bool verbose, bool html) { char buf[1024]; @@ -215,7 +291,7 @@ int list_uids(uint64_t keyid, struct openpgp_signedpacket_list *uids, } } if (verbose) { - list_sigs(uids->sigs, html); + list_sigs(dbctx, uids->sigs, html); } uids = uids->next; } @@ -223,7 +299,8 @@ int list_uids(uint64_t keyid, struct openpgp_signedpacket_list *uids, return 0; } -int list_subkeys(struct openpgp_signedpacket_list *subkeys, bool verbose, +int list_subkeys(struct onak_dbctx *dbctx, + struct openpgp_signedpacket_list *subkeys, bool verbose, bool html) { struct tm *created = NULL; @@ -270,7 +347,7 @@ int list_subkeys(struct openpgp_signedpacket_list *subkeys, bool verbose, } if (verbose) { - list_sigs(subkeys->sigs, html); + list_sigs(dbctx, subkeys->sigs, html); } subkeys = subkeys->next; } @@ -281,21 +358,21 @@ int list_subkeys(struct openpgp_signedpacket_list *subkeys, bool verbose, void display_fingerprint(struct openpgp_publickey *key) { int i = 0; - size_t length = 0; - unsigned char fp[20]; + struct openpgp_fingerprint fingerprint; - get_fingerprint(key->publickey, fp, &length); + get_fingerprint(key->publickey, &fingerprint); printf(" Key fingerprint ="); - for (i = 0; i < length; i++) { - if ((length == 16) || + for (i = 0; i < fingerprint.length; i++) { + if ((fingerprint.length == 16) || (i % 2 == 0)) { printf(" "); } - if (length == 20 && (i * 2) == length) { + if (fingerprint.length == 20 && + (i * 2) == fingerprint.length) { /* Extra space in the middle of a SHA1 fingerprint */ printf(" "); } - printf("%02X", fp[i]); + printf("%02X", fingerprint.fp[i]); } printf("\n"); @@ -337,7 +414,8 @@ void display_skshash(struct openpgp_publickey *key, bool html) * This function takes a list of OpenPGP public keys and displays an index * of them. Useful for debugging or the keyserver Index function. */ -int key_index(struct openpgp_publickey *keys, bool verbose, bool fingerprint, +int key_index(struct onak_dbctx *dbctx, + struct openpgp_publickey *keys, bool verbose, bool fingerprint, bool skshash, bool html) { struct openpgp_signedpacket_list *curuid = NULL; @@ -420,7 +498,7 @@ int key_index(struct openpgp_publickey *keys, bool verbose, bool fingerprint, display_fingerprint(keys); } if (verbose) { - list_sigs(curuid->sigs, html); + list_sigs(dbctx, curuid->sigs, html); } curuid = curuid->next; } else { @@ -431,9 +509,9 @@ int key_index(struct openpgp_publickey *keys, bool verbose, bool fingerprint, } } - list_uids(keyid, curuid, verbose, html); + list_uids(dbctx, keyid, curuid, verbose, html); if (verbose) { - list_subkeys(keys->subkeys, verbose, html); + list_subkeys(dbctx, keys->subkeys, verbose, html); } keys = keys->next; @@ -460,10 +538,9 @@ int mrkey_index(struct openpgp_publickey *keys) int type = 0; int length = 0; int i = 0; - size_t fplength = 0; - unsigned char fp[20]; int c; uint64_t keyid; + struct openpgp_fingerprint fingerprint; while (keys != NULL) { created_time = (keys->publickey->data[1] << 24) + @@ -483,10 +560,10 @@ int mrkey_index(struct openpgp_publickey *keys) type = keys->publickey->data[7]; break; case 4: - (void) get_fingerprint(keys->publickey, fp, &fplength); + (void) get_fingerprint(keys->publickey, &fingerprint); - for (i = 0; i < fplength; i++) { - printf("%02X", fp[i]); + for (i = 0; i < fingerprint.length; i++) { + printf("%02X", fingerprint.fp[i]); } type = keys->publickey->data[5];