decodekey.c

   1 /*
   2  * decodekey.c - Routines to further decode an OpenPGP key.
   3  *
   4  * Copyright 2002-2008 Jonathan McDowell <noodles@earth.li>
   5  *
   6  * This program is free software: you can redistribute it and/or modify it
   7  * under the terms of the GNU General Public License as published by the Free
   8  * Software Foundation; version 2 of the License.
   9  *
  10  * This program is distributed in the hope that it will be useful, but WITHOUT
  11  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  12  * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
  13  * more details.
  14  *
  15  * You should have received a copy of the GNU General Public License along with
  16  * this program.  If not, see <https://www.gnu.org/licenses/>.
  17  */
  18
  19 #include <assert.h>
  20 #include <stdio.h>
  21 #include <stdlib.h>
  22 #include <string.h>
  23 #include <time.h>
  24
  25 #include "decodekey.h"
  26 #include "hash.h"
  27 #include "keyid.h"
  28 #include "keystructs.h"
  29 #include "ll.h"
  30 #include "openpgp.h"
  31
  32 /*
  33  *      parse_subpackets - Parse the subpackets of a Type 4 signature.
  34  *      @data: The subpacket data.
  35  *      @len: The amount of data available to read.
  36  *      @parselen: The amount of data that was actually parsed.
  37  *      @keyid: A pointer to where we should return the keyid.
  38  *      @creationtime: A pointer to where we should return the creation time.
  39  *
  40  *      This function parses the subkey data of a Type 4 signature and fills
  41  *      in the supplied variables. It also returns the length of the data
  42  *      processed. If the value of any piece of data is not desired a NULL
  43  *      can be passed instead of a pointer to a storage area for that value.
  44  */
  45 onak_status_t parse_subpackets(unsigned char *data, size_t len,
  46                 size_t *parselen, uint64_t *keyid, time_t *creation)
  47 {
  48         int offset = 0;
  49         int length = 0;
  50         int packetlen = 0;
  51         struct openpgp_fingerprint fp;
  52         int i;
  53
  54         assert(data != NULL);
  55
  56         /* Make sure we actually have the 2 byte length field */
  57         if (len < 2) {
  58                 return ONAK_E_INVALID_PKT;
  59         }
  60
  61         length = (data[0] << 8) + data[1] + 2;
  62
  63         /* If the length is off the end of the data available, it's bogus */
  64         if (len < length) {
  65                 return ONAK_E_INVALID_PKT;
  66         }
  67
  68         *parselen = length;
  69
  70         offset = 2;
  71         while (offset < length) {
  72                 packetlen = data[offset++];
  73                 if (packetlen > 191 && packetlen < 255) {
  74                         packetlen = ((packetlen - 192) << 8) +
  75                                         data[offset++] + 192;
  76                 } else if (packetlen == 255) {
  77                         packetlen = data[offset++];
  78                         packetlen <<= 8;
  79                         packetlen |= data[offset++];
  80                         packetlen <<= 8;
  81                         packetlen |= data[offset++];
  82                         packetlen <<= 8;
  83                         packetlen |= data[offset++];
  84                 }
  85                 /* Check the supplied length is within the remaining data */
  86                 if (packetlen == 0 || (packetlen + offset) > length) {
  87                         return ONAK_E_INVALID_PKT;
  88                 }
  89                 switch (data[offset] & 0x7F) {
  90                 case OPENPGP_SIGSUB_CREATION:
  91                         /*
  92                          * Signature creation time.
  93                          */
  94                         if (creation != NULL) {
  95                                 *creation = data[offset + packetlen - 4];
  96                                 *creation <<= 8;
  97                                 *creation = data[offset + packetlen - 3];
  98                                 *creation <<= 8;
  99                                 *creation = data[offset + packetlen - 2];
 100                                 *creation <<= 8;
 101                                 *creation = data[offset + packetlen - 1];
 102                         }
 103                         break;
 104                         /*
 105                          * Signature expiration time. Might want to output this?
 106                          */
 107                         break;
 108                 case OPENPGP_SIGSUB_ISSUER:
 109                         if (keyid != NULL) {
 110                                 *keyid = data[offset+packetlen - 8];
 111                                 *keyid <<= 8;
 112                                 *keyid += data[offset+packetlen - 7];
 113                                 *keyid <<= 8;
 114                                 *keyid += data[offset+packetlen - 6];
 115                                 *keyid <<= 8;
 116                                 *keyid += data[offset+packetlen - 5];
 117                                 *keyid <<= 8;
 118                                 *keyid += data[offset+packetlen - 4];
 119                                 *keyid <<= 8;
 120                                 *keyid += data[offset+packetlen - 3];
 121                                 *keyid <<= 8;
 122                                 *keyid += data[offset+packetlen - 2];
 123                                 *keyid <<= 8;
 124                                 *keyid += data[offset+packetlen - 1];
 125                         }
 126                         break;
 127                 case OPENPGP_SIGSUB_ISSUER_FINGER:
 128                         if ((packetlen - 2) <= MAX_FINGERPRINT_LEN &&
 129                                         keyid != NULL) {
 130                                 fp.length = packetlen - 2;
 131                                 for (i = 0; i < fp.length; i++) {
 132                                         fp.fp[i] = data[offset + i + 2];
 133                                 }
 134                                 *keyid = fingerprint2keyid(&fp);
 135                         }
 136                         break;
 137                 case OPENPGP_SIGSUB_EXPIRY:
 138                 case OPENPGP_SIGSUB_EXPORTABLE:
 139                 case OPENPGP_SIGSUB_TRUSTSIG:
 140                 case OPENPGP_SIGSUB_REGEX:
 141                 case OPENPGP_SIGSUB_REVOCABLE:
 142                 case OPENPGP_SIGSUB_CAPABILITIES:
 143                 case OPENPGP_SIGSUB_KEYEXPIRY:
 144                 case OPENPGP_SIGSUB_ARR:
 145                 case OPENPGP_SIGSUB_PREFSYM:
 146                 case OPENPGP_SIGSUB_REVOCATION_KEY:
 147                 case OPENPGP_SIGSUB_ISSUER_UID:
 148                 case OPENPGP_SIGSUB_URL:
 149                 case OPENPGP_SIGSUB_X_ISSUER_FINGER:
 150                 case OPENPGP_SIGSUB_NOTATION:
 151                 case OPENPGP_SIGSUB_PREFHASH:
 152                 case OPENPGP_SIGSUB_PREFCOMPRESS:
 153                 case OPENPGP_SIGSUB_KEYSERVER:
 154                 case OPENPGP_SIGSUB_PREFKEYSERVER:
 155                 case OPENPGP_SIGSUB_PRIMARYUID:
 156                 case OPENPGP_SIGSUB_POLICYURI:
 157                 case OPENPGP_SIGSUB_KEYFLAGS:
 158                 case OPENPGP_SIGSUB_SIGNER_UID:
 159                 case OPENPGP_SIGSUB_REVOKE_REASON:
 160                 case OPENPGP_SIGSUB_FEATURES:
 161                 case OPENPGP_SIGSUB_SIGNATURE_TARGET:
 162                 case OPENPGP_SIGSUB_EMBEDDED_SIG:
 163                         /*
 164                          * Various subpacket types we know about, but don't
 165                          * currently handle. Some are candidates for being
 166                          * supported if we add signature checking support.
 167                          */
 168                         break;
 169                 default:
 170                         /*
 171                          * We don't care about unrecognized packets unless bit
 172                          * 7 is set in which case we log a major error.
 173                          */
 174                         if (data[offset] & 0x80) {
 175                                 return ONAK_E_UNSUPPORTED_FEATURE;
 176                         }
 177                 }
 178                 offset += packetlen;
 179         }
 180
 181         return ONAK_E_OK;
 182 }
 183
 184 /**
 185  *      sig_info - Get info on a given OpenPGP signature packet
 186  *      @packet: The signature packet
 187  *      @keyid: A pointer for where to return the signature keyid
 188  *      @creation: A pointer for where to return the signature creation time
 189  *
 190  *      Gets any info about a signature packet; parses the subpackets for a v4
 191  *      key or pulls the data directly from v2/3. NULL can be passed for any
 192  *      values which aren't cared about.
 193  */
 194 onak_status_t sig_info(struct openpgp_packet *packet, uint64_t *keyid,
 195                 time_t *creation)
 196 {
 197         size_t length = 0;
 198         onak_status_t res;
 199
 200         if (packet != NULL) {
 201                 switch (packet->data[0]) {
 202                 case 2:
 203                 case 3:
 204                         if (keyid != NULL) {
 205                                 *keyid = packet->data[7];
 206                                 *keyid <<= 8;
 207                                 *keyid += packet->data[8];
 208                                 *keyid <<= 8;
 209                                 *keyid += packet->data[9];
 210                                 *keyid <<= 8;
 211                                 *keyid += packet->data[10];
 212                                 *keyid <<= 8;
 213                                 *keyid += packet->data[11];
 214                                 *keyid <<= 8;
 215                                 *keyid += packet->data[12];
 216                                 *keyid <<= 8;
 217                                 *keyid += packet->data[13];
 218                                 *keyid <<= 8;
 219                                 *keyid += packet->data[14];
 220                         }
 221                         if (creation != NULL) {
 222                                 *creation = packet->data[3];
 223                                 *creation <<= 8;
 224                                 *creation = packet->data[4];
 225                                 *creation <<= 8;
 226                                 *creation = packet->data[5];
 227                                 *creation <<= 8;
 228                                 *creation = packet->data[6];
 229                         }
 230                         break;
 231                 case 4:
 232                 case 5:
 233                         res = parse_subpackets(&packet->data[4],
 234                                         packet->length - 4,
 235                                         &length, keyid, creation);
 236                         if (res != ONAK_E_OK) {
 237                                 return res;
 238                         }
 239                         res = parse_subpackets(&packet->data[length + 4],
 240                                         packet->length - (4 + length),
 241                                         &length, keyid, creation);
 242                         if (res != ONAK_E_OK) {
 243                                 return res;
 244                         }
 245                         break;
 246                 default:
 247                         break;
 248                 }
 249         }
 250
 251         return ONAK_E_OK;
 252 }
 253
 254 /**
 255  *      sig_keyid - Return the keyid for a given OpenPGP signature packet.
 256  *      @packet: The signature packet.
 257  *
 258  *      Returns the keyid for the supplied signature packet.
 259  */
 260 uint64_t sig_keyid(struct openpgp_packet *packet)
 261 {
 262         uint64_t keyid = 0;
 263
 264         sig_info(packet, &keyid, NULL);
 265
 266         return keyid;
 267 }
 268
 269
 270 /*
 271  * TODO: Abstract out; all our linked lists should be generic and then we can
 272  * llsize them.
 273  */
 274 int spsize(struct openpgp_signedpacket_list *list)
 275 {
 276         int size = 0;
 277         struct openpgp_signedpacket_list *cur;
 278
 279         for (cur = list; cur != NULL; cur = cur->next, size++) ;
 280
 281         return size;
 282 }
 283
 284 /**
 285  *      keyuids - Takes a key and returns an array of its UIDs
 286  *      @key: The key to get the uids of.
 287  *      @primary: A pointer to store the primary UID in.
 288  *
 289  *      keyuids takes a public key structure and builds an array of the UIDs
 290  *      on the key. It also attempts to work out the primary UID and returns a
 291  *      separate pointer to that particular element of the array.
 292  */
 293 char **keyuids(struct openpgp_publickey *key, char **primary)
 294 {
 295         struct openpgp_signedpacket_list *curuid = NULL;
 296         char buf[1024];
 297         char **uids = NULL;
 298         int count = 0;
 299
 300         if (primary != NULL) {
 301                 *primary = NULL;
 302         }
 303
 304         if (key != NULL && key->uids != NULL) {
 305                 uids = malloc((spsize(key->uids) + 1) * sizeof (char *));
 306
 307                 curuid = key->uids;
 308                 while (curuid != NULL) {
 309                         buf[0] = 0;
 310                         if (curuid->packet->tag == OPENPGP_PACKET_UID) {
 311                                 snprintf(buf, 1023, "%.*s",
 312                                                 (int) curuid->packet->length,
 313                                                 curuid->packet->data);
 314                                 uids[count++] = strdup(buf);
 315                         }
 316                         curuid = curuid -> next;
 317                 }
 318                 uids[count] = NULL;
 319
 320                 /*
 321                  * TODO: Parse subpackets for real primary ID (v4 keys)
 322                  */
 323                 if (primary != NULL) {
 324                         *primary = uids[0];
 325                 }
 326         }
 327
 328         return uids;
 329 }
 330
 331 /**
 332  *      keysubkeys - Takes a key and returns an array of its subkey keyids.
 333  *      @key: The key to get the subkeys of.
 334  *
 335  *      keysubkeys takes a public key structure and returns an array of the
 336  *      subkey keyids for that key.
 337  */
 338 struct openpgp_fingerprint *keysubkeys(struct openpgp_publickey *key)
 339 {
 340         struct openpgp_signedpacket_list *cursubkey = NULL;
 341         struct openpgp_fingerprint       *subkeys = NULL;
 342         int                               count = 0;
 343
 344         if (key != NULL && key->subkeys != NULL) {
 345                 subkeys = malloc((spsize(key->subkeys) + 1) *
 346                                 sizeof (struct openpgp_fingerprint));
 347                 cursubkey = key->subkeys;
 348                 while (cursubkey != NULL) {
 349                         get_fingerprint(cursubkey->packet, &subkeys[count++]);
 350                         cursubkey = cursubkey -> next;
 351                 }
 352                 subkeys[count].length = 0;
 353         }
 354
 355         return subkeys;
 356 }
 357
 358 enum onak_oid onak_parse_oid(uint8_t *buf, size_t len)
 359 {
 360         enum onak_oid oid;
 361
 362         /* Elliptic curve key size is based on OID */
 363         if (len == 0 || (buf[0] >= len)) {
 364                 oid = ONAK_OID_INVALID;
 365         /* Curve25519 / 1.3.6.1.4.1.3029.1.5.1 */
 366         } else if ((buf[0] == 10) &&
 367                         (buf[1] == 0x2B) && (buf[2] == 0x06) &&
 368                         (buf[3] == 0x01) && (buf[4] == 0x04) &&
 369                         (buf[5] == 0x01) && (buf[6] == 0x97) &&
 370                         (buf[7] == 0x55) && (buf[8] == 0x01) &&
 371                         (buf[9] == 0x05) && (buf[10] == 0x01)) {
 372                 oid = ONAK_OID_CURVE25519;
 373         /* Ed25519 / 1.3.6.1.4.1.11591.15.1 */
 374         } else if ((buf[0] == 9) &&
 375                         (buf[1] == 0x2B) && (buf[2] == 0x06) &&
 376                         (buf[3] == 0x01) && (buf[4] == 0x04) &&
 377                         (buf[5] == 0x01) && (buf[6] == 0xDA) &&
 378                         (buf[7] == 0x47) && (buf[8] == 0x0F) &&
 379                         (buf[9] == 0x01)) {
 380                 oid = ONAK_OID_ED25519;
 381         /* nistp256 / 1.2.840.10045.3.1.7 */
 382         } else if ((buf[0] == 8) &&
 383                         (buf[1] == 0x2A) && (buf[2] == 0x86) &&
 384                         (buf[3] == 0x48) && (buf[4] == 0xCE) &&
 385                         (buf[5] == 0x3D) && (buf[6] == 0x03) &&
 386                         (buf[7] == 0x01) && (buf[8] == 0x07)) {
 387                 oid = ONAK_OID_NISTP256;
 388         /* nistp384 / 1.3.132.0.34 */
 389         } else if ((buf[0] == 5) &&
 390                         (buf[1] == 0x2B) && (buf[2] == 0x81) &&
 391                         (buf[3] == 0x04) && (buf[4] == 0x00) &&
 392                         (buf[5] == 0x22)) {
 393                 oid = ONAK_OID_NISTP384;
 394         /* nistp521 / 1.3.132.0.35 */
 395         } else if ((buf[0] == 5) &&
 396                         (buf[1] == 0x2B) && (buf[2] == 0x81) &&
 397                         (buf[3] == 0x04) && (buf[4] == 0x00) &&
 398                         (buf[5] == 0x23)) {
 399                 oid = ONAK_OID_NISTP521;
 400         /* brainpoolP256r1 / 1.3.36.3.3.2.8.1.1.7 */
 401         } else if ((buf[0] == 9) &&
 402                         (buf[1] == 0x2B) && (buf[2] == 0x24) &&
 403                         (buf[3] == 0x03) && (buf[4] == 0x03) &&
 404                         (buf[5] == 0x02) && (buf[6] == 0x08) &&
 405                         (buf[7] == 0x01) && (buf[8] == 0x01) &&
 406                         (buf[9] == 0x07)) {
 407                 oid = ONAK_OID_BRAINPOOLP256R1;
 408         /* brainpoolP384r1 / 1.3.36.3.3.2.8.1.1.11 */
 409         } else if ((buf[0] == 9) &&
 410                         (buf[1] == 0x2B) && (buf[2] == 0x24) &&
 411                         (buf[3] == 0x03) && (buf[4] == 0x03) &&
 412                         (buf[5] == 0x02) && (buf[6] == 0x08) &&
 413                         (buf[7] == 0x01) && (buf[8] == 0x01) &&
 414                         (buf[9] == 0x0B)) {
 415                 oid = ONAK_OID_BRAINPOOLP384R1;
 416         /* brainpoolP512r1 / 1.3.36.3.3.2.8.1.1.13 */
 417         } else if ((buf[0] == 9) &&
 418                         (buf[1] == 0x2B) && (buf[2] == 0x24) &&
 419                         (buf[3] == 0x03) && (buf[4] == 0x03) &&
 420                         (buf[5] == 0x02) && (buf[6] == 0x08) &&
 421                         (buf[7] == 0x01) && (buf[8] == 0x01) &&
 422                         (buf[9] == 0x0D)) {
 423                 oid = ONAK_OID_BRAINPOOLP512R1;
 424         /* secp256k1 / 1.3.132.0.10 */
 425         } else if ((buf[0] == 5) &&
 426                         (buf[1] == 0x2B) && (buf[2] == 0x81) &&
 427                         (buf[3] == 0x04) && (buf[4] == 0x00) &&
 428                         (buf[5] == 0x0A)) {
 429                 oid = ONAK_OID_SECP256K1;
 430         } else {
 431                 oid = ONAK_OID_UNKNOWN;
 432         }
 433
 434         return oid;
 435 }