X-Git-Url: http://the.earth.li/gitweb/?a=blobdiff_plain;f=keyindex.c;h=3ce87359311a3f71d257875d5d6f69d3c6944954;hb=refs%2Fheads%2Fmain;hp=94f52f7e25c705d3644da6545c997092f529be3a;hpb=85187675424f3854869f1607afd8a1e84e536946;p=onak.git diff --git a/keyindex.c b/keyindex.c index 94f52f7..3ce8735 100644 --- a/keyindex.c +++ b/keyindex.c @@ -24,7 +24,6 @@ #include #include "decodekey.h" -#include "getcgi.h" #include "keydb.h" #include "keyid.h" #include "keyindex.h" @@ -74,6 +73,85 @@ char pkalgo2char(uint8_t algo) return typech; } +/** + * html_escape - Takes a string and converts it to HTML. + * @src: The string to HTMLize. + * @src_len: The length of the source string + * @dst: A buffer to put the escaped string into + * @dst_len: Length of the destination buffer (including a trailing NULL) + * + * Takes a string and escapes any HTML entities (<, >, &, ", '). Returns + * dst. + */ +const char *html_escape(const char *src, size_t src_len, + char *dst, size_t dst_len) +{ + size_t in_pos, out_pos; + + dst_len--; + + for (in_pos = 0, out_pos = 0; + in_pos < src_len && out_pos < (dst_len - 1); + in_pos++, out_pos++) { + switch (src[in_pos]) { + case '<': + if ((out_pos + 4) >= dst_len) { + break; + } + dst[out_pos++] = '&'; + dst[out_pos++] = 'l'; + dst[out_pos++] = 't'; + dst[out_pos] = ';'; + break; + case '>': + if ((out_pos + 4) >= dst_len) { + break; + } + dst[out_pos++] = '&'; + dst[out_pos++] = 'g'; + dst[out_pos++] = 't'; + dst[out_pos] = ';'; + break; + case '"': + if ((out_pos + 6) >= dst_len) { + break; + } + dst[out_pos++] = '&'; + dst[out_pos++] = 'q'; + dst[out_pos++] = 'u'; + dst[out_pos++] = 'o'; + dst[out_pos++] = 't'; + dst[out_pos] = ';'; + break; + case '\'': + if ((out_pos + 5) >= dst_len) { + break; + } + dst[out_pos++] = '&'; + dst[out_pos++] = '#'; + dst[out_pos++] = '3'; + dst[out_pos++] = '9'; + dst[out_pos] = ';'; + break; + case '&': + if ((out_pos + 5) >= dst_len) { + break; + } + dst[out_pos++] = '&'; + dst[out_pos++] = 'a'; + dst[out_pos++] = 'm'; + dst[out_pos++] = 'p'; + dst[out_pos] = ';'; + break; + default: + dst[out_pos] = src[in_pos]; + } + } + dst[out_pos] = 0; + + return dst; +} + /* * Given a public key/subkey packet return the key length. */ @@ -81,6 +159,7 @@ unsigned int keylength(struct openpgp_packet *keydata) { unsigned int length; uint8_t keyofs; + enum onak_oid oid; switch (keydata->data[0]) { case 2: @@ -97,101 +176,25 @@ unsigned int keylength(struct openpgp_packet *keydata) case OPENPGP_PKALGO_ECDSA: case OPENPGP_PKALGO_EDDSA: /* Elliptic curve key size is based on OID */ - /* Curve25519 / 1.3.6.1.4.1.3029.1.5.1 */ - if ((keydata->data[keyofs] == 10) && - (keydata->data[keyofs + 1] == 0x2B) && - (keydata->data[keyofs + 2] == 0x06) && - (keydata->data[keyofs + 3] == 0x01) && - (keydata->data[keyofs + 4] == 0x04) && - (keydata->data[keyofs + 5] == 0x01) && - (keydata->data[keyofs + 6] == 0x97) && - (keydata->data[keyofs + 7] == 0x55) && - (keydata->data[keyofs + 8] == 0x01) && - (keydata->data[keyofs + 9] == 0x05) && - (keydata->data[keyofs + 10] == 0x01)) { + oid = onak_parse_oid(&keydata->data[keyofs], + keydata->length - keyofs); + if (oid == ONAK_OID_CURVE25519) { length = 255; - /* Ed25519 / 1.3.6.1.4.1.11591.15.1 */ - } else if ((keydata->data[keyofs] == 9) && - (keydata->data[keyofs + 1] == 0x2B) && - (keydata->data[keyofs + 2] == 0x06) && - (keydata->data[keyofs + 3] == 0x01) && - (keydata->data[keyofs + 4] == 0x04) && - (keydata->data[keyofs + 5] == 0x01) && - (keydata->data[keyofs + 6] == 0xDA) && - (keydata->data[keyofs + 7] == 0x47) && - (keydata->data[keyofs + 8] == 0x0F) && - (keydata->data[keyofs + 9] == 0x01)) { + } else if (oid == ONAK_OID_ED25519) { length = 255; - /* nistp256 / 1.2.840.10045.3.1.7 */ - } else if ((keydata->data[keyofs] == 8) && - (keydata->data[keyofs + 1] == 0x2A) && - (keydata->data[keyofs + 2] == 0x86) && - (keydata->data[keyofs + 3] == 0x48) && - (keydata->data[keyofs + 4] == 0xCE) && - (keydata->data[keyofs + 5] == 0x3D) && - (keydata->data[keyofs + 6] == 0x03) && - (keydata->data[keyofs + 7] == 0x01) && - (keydata->data[keyofs + 8] == 0x07)) { + } else if (oid == ONAK_OID_NISTP256) { length = 256; - /* nistp384 / 1.3.132.0.34 */ - } else if ((keydata->data[keyofs] == 5) && - (keydata->data[keyofs + 1] == 0x2B) && - (keydata->data[keyofs + 2] == 0x81) && - (keydata->data[keyofs + 3] == 0x04) && - (keydata->data[keyofs + 4] == 0x00) && - (keydata->data[keyofs + 5] == 0x22)) { + } else if (oid == ONAK_OID_NISTP384) { length = 384; - /* nistp521 / 1.3.132.0.35 */ - } else if ((keydata->data[keyofs] == 5) && - (keydata->data[keyofs + 1] == 0x2B) && - (keydata->data[keyofs + 2] == 0x81) && - (keydata->data[keyofs + 3] == 0x04) && - (keydata->data[keyofs + 4] == 0x00) && - (keydata->data[keyofs + 5] == 0x23)) { + } else if (oid == ONAK_OID_NISTP521) { length = 521; - /* brainpoolP256r1 / 1.3.36.3.3.2.8.1.1.7 */ - } else if ((keydata->data[keyofs] == 9) && - (keydata->data[keyofs + 1] == 0x2B) && - (keydata->data[keyofs + 2] == 0x24) && - (keydata->data[keyofs + 3] == 0x03) && - (keydata->data[keyofs + 4] == 0x03) && - (keydata->data[keyofs + 5] == 0x02) && - (keydata->data[keyofs + 6] == 0x08) && - (keydata->data[keyofs + 7] == 0x01) && - (keydata->data[keyofs + 8] == 0x01) && - (keydata->data[keyofs + 9] == 0x07)) { + } else if (oid == ONAK_OID_BRAINPOOLP256R1) { length = 256; - /* brainpoolP384r1 / 1.3.36.3.3.2.8.1.1.11 */ - } else if ((keydata->data[keyofs] == 9) && - (keydata->data[keyofs + 1] == 0x2B) && - (keydata->data[keyofs + 2] == 0x24) && - (keydata->data[keyofs + 3] == 0x03) && - (keydata->data[keyofs + 4] == 0x03) && - (keydata->data[keyofs + 5] == 0x02) && - (keydata->data[keyofs + 6] == 0x08) && - (keydata->data[keyofs + 7] == 0x01) && - (keydata->data[keyofs + 8] == 0x01) && - (keydata->data[keyofs + 9] == 0x0B)) { + } else if (oid == ONAK_OID_BRAINPOOLP384R1) { length = 384; - /* brainpoolP512r1 / 1.3.36.3.3.2.8.1.1.13 */ - } else if ((keydata->data[keyofs] == 9) && - (keydata->data[keyofs + 1] == 0x2B) && - (keydata->data[keyofs + 2] == 0x24) && - (keydata->data[keyofs + 3] == 0x03) && - (keydata->data[keyofs + 4] == 0x03) && - (keydata->data[keyofs + 5] == 0x02) && - (keydata->data[keyofs + 6] == 0x08) && - (keydata->data[keyofs + 7] == 0x01) && - (keydata->data[keyofs + 8] == 0x01) && - (keydata->data[keyofs + 9] == 0x0D)) { + } else if (oid == ONAK_OID_BRAINPOOLP512R1) { length = 512; - /* secp256k1 / 1.3.132.0.10 */ - } else if ((keydata->data[keyofs] == 5) && - (keydata->data[keyofs + 1] == 0x2B) && - (keydata->data[keyofs + 2] == 0x81) && - (keydata->data[keyofs + 3] == 0x04) && - (keydata->data[keyofs + 4] == 0x00) && - (keydata->data[keyofs + 5] == 0x0A)) { + } else if (oid == ONAK_OID_SECP256K1) { length = 256; } else { logthing(LOGTHING_ERROR, @@ -219,10 +222,13 @@ int list_sigs(struct onak_dbctx *dbctx, char *uid = NULL; uint64_t sigid = 0; char *sig = NULL; + char buf[1024]; while (sigs != NULL) { sigid = sig_keyid(sigs->packet); - uid = dbctx->keyid2uid(dbctx, sigid); + if (dbctx) { + uid = dbctx->keyid2uid(dbctx, sigid); + } if (sigs->packet->data[0] == 4 && sigs->packet->data[1] == 0x30) { /* It's a Type 4 sig revocation */ @@ -232,25 +238,25 @@ int list_sigs(struct onak_dbctx *dbctx, } if (html && uid != NULL) { printf("%s %08" PRIX64 + "search=0x%016" PRIX64 "\">0x%016" PRIX64 " " "%s\n", sig, sigid, - sigid & 0xFFFFFFFF, sigid, - txt2html(uid)); + sigid, + html_escape(uid, strlen(uid), buf, sizeof(buf))); } else if (html && uid == NULL) { - printf("%s %08" PRIX64 " " + printf("%s 0x%016" PRIX64 " " "[User id not found]\n", sig, - sigid & 0xFFFFFFFF); + sigid); } else { - printf("%s %08" PRIX64 + printf("%s 0x%016" PRIX64 " %s\n", sig, - sigid & 0xFFFFFFFF, + sigid, (uid != NULL) ? uid : "[User id not found]"); } @@ -276,8 +282,17 @@ int list_uids(struct onak_dbctx *dbctx, snprintf(buf, 1023, "%.*s", (int) uids->packet->length, uids->packet->data); - printf(" %s\n", - (html) ? txt2html(buf) : buf); + if (html) { + printf(" %s\n", + html_escape((char *) uids->packet->data, + uids->packet->length, + buf, + sizeof(buf))); + } else { + printf(" %.*s\n", + (int) uids->packet->length, + uids->packet->data); + } } else if (uids->packet->tag == OPENPGP_PACKET_UAT) { printf(" "); if (html) { @@ -304,7 +319,7 @@ int list_subkeys(struct onak_dbctx *dbctx, struct openpgp_signedpacket_list *subkeys, bool verbose, bool html) { - struct tm *created = NULL; + struct tm created; time_t created_time = 0; int type = 0; int length = 0; @@ -317,7 +332,7 @@ int list_subkeys(struct onak_dbctx *dbctx, (subkeys->packet->data[2] << 16) + (subkeys->packet->data[3] << 8) + subkeys->packet->data[4]; - created = gmtime(&created_time); + gmtime_r(&created_time, &created); switch (subkeys->packet->data[0]) { case 2: @@ -339,13 +354,13 @@ int list_subkeys(struct onak_dbctx *dbctx, &keyid) != ONAK_E_OK) { logthing(LOGTHING_ERROR, "Couldn't get keyid."); } - printf("sub %5d%c/%08X %04d/%02d/%02d\n", + printf("sub %5d%c/0x%016" PRIX64 " %04d/%02d/%02d\n", length, pkalgo2char(type), - (uint32_t) (keyid & 0xFFFFFFFF), - created->tm_year + 1900, - created->tm_mon + 1, - created->tm_mday); + keyid, + created.tm_year + 1900, + created.tm_mon + 1, + created.tm_mday); } if (verbose) { @@ -421,13 +436,14 @@ int key_index(struct onak_dbctx *dbctx, bool skshash, bool html) { struct openpgp_signedpacket_list *curuid = NULL; - struct tm *created = NULL; + struct tm created; time_t created_time = 0; int type = 0; int length = 0; char buf[1024]; uint64_t keyid; + if (html) { puts("
");
 	}
@@ -437,7 +453,7 @@ int key_index(struct onak_dbctx *dbctx,
 					(keys->publickey->data[2] << 16) +
 					(keys->publickey->data[3] << 8) +
 					keys->publickey->data[4];
-		created = gmtime(&created_time);
+		gmtime_r(&created_time, &created);
 
 		switch (keys->publickey->data[0]) {
 		case 2:
@@ -460,40 +476,44 @@ int key_index(struct onak_dbctx *dbctx,
 
 		if (html) {
 			printf("pub  %5d%c/%08" PRIX64
+				"search=0x%016" PRIX64 "\">0x%016" PRIX64
 				" %04d/%02d/%02d ",
 				length,
 				pkalgo2char(type),
 				keyid,
-				keyid & 0xFFFFFFFF,
-				created->tm_year + 1900,
-				created->tm_mon + 1,
-				created->tm_mday);
+				keyid,
+				created.tm_year + 1900,
+				created.tm_mon + 1,
+				created.tm_mday);
 		} else {
-			printf("pub  %5d%c/%08" PRIX64 " %04d/%02d/%02d ",
+			printf("pub  %5d%c/0x%016" PRIX64 " %04d/%02d/%02d ",
 				length,
 				pkalgo2char(type),
-				keyid & 0xFFFFFFFF,
-				created->tm_year + 1900,
-				created->tm_mon + 1,
-				created->tm_mday);
+				keyid,
+				created.tm_year + 1900,
+				created.tm_mon + 1,
+				created.tm_mday);
 		}
 
 		curuid = keys->uids;
 		if (curuid != NULL &&
 				curuid->packet->tag == OPENPGP_PACKET_UID) {
-			snprintf(buf, 1023, "%.*s",
-				(int) curuid->packet->length,
-				curuid->packet->data);
 			if (html) {
 				printf("",
-					keyid);
+					"search=0x%016" PRIX64 "\">"
+					"%s%s\n",
+					keyid,
+					html_escape((char *) curuid->packet->data,
+						curuid->packet->length,
+						buf,
+						sizeof(buf)),
+					(keys->revoked) ? " *** REVOKED ***" : "");
+			} else {
+				printf("%.*s%s\n",
+					(int) curuid->packet->length,
+					curuid->packet->data,
+					(keys->revoked) ? " *** REVOKED ***" : "");
 			}
-			printf("%s%s%s\n", 
-				(html) ? txt2html(buf) : buf,
-				(html) ? "" : "",
-				(keys->revoked) ? " *** REVOKED ***" : "");
 			if (skshash) {
 				display_skshash(keys, html);
 			}