2 * decodekey.c - Routines to further decode an OpenPGP key.
4 * Copyright 2002-2008 Jonathan McDowell <noodles@earth.li>
6 * This program is free software: you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the Free
8 * Software Foundation; version 2 of the License.
10 * This program is distributed in the hope that it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
15 * You should have received a copy of the GNU General Public License along with
16 * this program. If not, see <https://www.gnu.org/licenses/>.
25 #include "decodekey.h"
28 #include "keystructs.h"
33 * parse_subpackets - Parse the subpackets of a Type 4 signature.
34 * @data: The subpacket data.
35 * @len: The amount of data available to read.
36 * @parselen: The amount of data that was actually parsed.
37 * @keyid: A pointer to where we should return the keyid.
38 * @creationtime: A pointer to where we should return the creation time.
40 * This function parses the subkey data of a Type 4 signature and fills
41 * in the supplied variables. It also returns the length of the data
42 * processed. If the value of any piece of data is not desired a NULL
43 * can be passed instead of a pointer to a storage area for that value.
45 onak_status_t parse_subpackets(unsigned char *data, size_t len,
46 size_t *parselen, uint64_t *keyid, time_t *creation)
51 struct openpgp_fingerprint fp;
56 /* Make sure we actually have the 2 byte length field */
58 return ONAK_E_INVALID_PKT;
61 length = (data[0] << 8) + data[1] + 2;
63 /* If the length is off the end of the data available, it's bogus */
65 return ONAK_E_INVALID_PKT;
71 while (offset < length) {
72 packetlen = data[offset++];
73 if (packetlen > 191 && packetlen < 255) {
74 packetlen = ((packetlen - 192) << 8) +
76 } else if (packetlen == 255) {
77 packetlen = data[offset++];
79 packetlen |= data[offset++];
81 packetlen |= data[offset++];
83 packetlen |= data[offset++];
85 /* Check the supplied length is within the remaining data */
86 if (packetlen == 0 || (packetlen + offset) > length) {
87 return ONAK_E_INVALID_PKT;
89 switch (data[offset] & 0x7F) {
90 case OPENPGP_SIGSUB_CREATION:
92 * Signature creation time.
94 if (creation != NULL) {
95 *creation = data[offset + packetlen - 4];
97 *creation += data[offset + packetlen - 3];
99 *creation += data[offset + packetlen - 2];
101 *creation += data[offset + packetlen - 1];
105 * Signature expiration time. Might want to output this?
108 case OPENPGP_SIGSUB_ISSUER:
110 *keyid = data[offset+packetlen - 8];
112 *keyid += data[offset+packetlen - 7];
114 *keyid += data[offset+packetlen - 6];
116 *keyid += data[offset+packetlen - 5];
118 *keyid += data[offset+packetlen - 4];
120 *keyid += data[offset+packetlen - 3];
122 *keyid += data[offset+packetlen - 2];
124 *keyid += data[offset+packetlen - 1];
127 case OPENPGP_SIGSUB_ISSUER_FINGER:
128 if ((packetlen - 2) <= MAX_FINGERPRINT_LEN &&
130 fp.length = packetlen - 2;
131 for (i = 0; i < fp.length; i++) {
132 fp.fp[i] = data[offset + i + 2];
134 *keyid = fingerprint2keyid(&fp);
137 case OPENPGP_SIGSUB_EXPIRY:
138 case OPENPGP_SIGSUB_EXPORTABLE:
139 case OPENPGP_SIGSUB_TRUSTSIG:
140 case OPENPGP_SIGSUB_REGEX:
141 case OPENPGP_SIGSUB_REVOCABLE:
142 case OPENPGP_SIGSUB_CAPABILITIES:
143 case OPENPGP_SIGSUB_KEYEXPIRY:
144 case OPENPGP_SIGSUB_ARR:
145 case OPENPGP_SIGSUB_PREFSYM:
146 case OPENPGP_SIGSUB_REVOCATION_KEY:
147 case OPENPGP_SIGSUB_ISSUER_UID:
148 case OPENPGP_SIGSUB_URL:
149 case OPENPGP_SIGSUB_X_ISSUER_FINGER:
150 case OPENPGP_SIGSUB_NOTATION:
151 case OPENPGP_SIGSUB_PREFHASH:
152 case OPENPGP_SIGSUB_PREFCOMPRESS:
153 case OPENPGP_SIGSUB_KEYSERVER:
154 case OPENPGP_SIGSUB_PREFKEYSERVER:
155 case OPENPGP_SIGSUB_PRIMARYUID:
156 case OPENPGP_SIGSUB_POLICYURI:
157 case OPENPGP_SIGSUB_KEYFLAGS:
158 case OPENPGP_SIGSUB_SIGNER_UID:
159 case OPENPGP_SIGSUB_REVOKE_REASON:
160 case OPENPGP_SIGSUB_FEATURES:
161 case OPENPGP_SIGSUB_SIGNATURE_TARGET:
162 case OPENPGP_SIGSUB_EMBEDDED_SIG:
164 * Various subpacket types we know about, but don't
165 * currently handle. Some are candidates for being
166 * supported if we add signature checking support.
171 * We don't care about unrecognized packets unless bit
172 * 7 is set in which case we log a major error.
174 if (data[offset] & 0x80) {
175 return ONAK_E_UNSUPPORTED_FEATURE;
185 * sig_info - Get info on a given OpenPGP signature packet
186 * @packet: The signature packet
187 * @keyid: A pointer for where to return the signature keyid
188 * @creation: A pointer for where to return the signature creation time
190 * Gets any info about a signature packet; parses the subpackets for a v4
191 * key or pulls the data directly from v2/3. NULL can be passed for any
192 * values which aren't cared about.
194 onak_status_t sig_info(struct openpgp_packet *packet, uint64_t *keyid,
200 if (packet != NULL) {
201 switch (packet->data[0]) {
205 *keyid = packet->data[7];
207 *keyid += packet->data[8];
209 *keyid += packet->data[9];
211 *keyid += packet->data[10];
213 *keyid += packet->data[11];
215 *keyid += packet->data[12];
217 *keyid += packet->data[13];
219 *keyid += packet->data[14];
221 if (creation != NULL) {
222 *creation = packet->data[3];
224 *creation = packet->data[4];
226 *creation = packet->data[5];
228 *creation = packet->data[6];
236 res = parse_subpackets(&packet->data[4],
238 &length, keyid, creation);
239 if (res != ONAK_E_OK) {
243 * Only look at the unhashed subpackets if we want the
244 * keyid and it wasn't in the signed subpacket
247 if (keyid != NULL && *keyid == 0) {
248 res = parse_subpackets(&packet->data[length + 4],
249 packet->length - (4 + length),
250 &length, keyid, NULL);
251 if (res != ONAK_E_OK) {
265 * sig_keyid - Return the keyid for a given OpenPGP signature packet.
266 * @packet: The signature packet.
268 * Returns the keyid for the supplied signature packet.
270 uint64_t sig_keyid(struct openpgp_packet *packet)
274 sig_info(packet, &keyid, NULL);
281 * TODO: Abstract out; all our linked lists should be generic and then we can
284 int spsize(struct openpgp_signedpacket_list *list)
287 struct openpgp_signedpacket_list *cur;
289 for (cur = list; cur != NULL; cur = cur->next, size++) ;
295 * keyuids - Takes a key and returns an array of its UIDs
296 * @key: The key to get the uids of.
297 * @primary: A pointer to store the primary UID in.
299 * keyuids takes a public key structure and builds an array of the UIDs
300 * on the key. It also attempts to work out the primary UID and returns a
301 * separate pointer to that particular element of the array.
303 char **keyuids(struct openpgp_publickey *key, char **primary)
305 struct openpgp_signedpacket_list *curuid = NULL;
310 if (primary != NULL) {
314 if (key != NULL && key->uids != NULL) {
315 uids = malloc((spsize(key->uids) + 1) * sizeof (char *));
318 while (curuid != NULL) {
320 if (curuid->packet->tag == OPENPGP_PACKET_UID) {
321 snprintf(buf, 1023, "%.*s",
322 (int) curuid->packet->length,
323 curuid->packet->data);
324 uids[count++] = strdup(buf);
326 curuid = curuid -> next;
331 * TODO: Parse subpackets for real primary ID (v4 keys)
333 if (primary != NULL) {
342 * keysubkeys - Takes a key and returns an array of its subkey keyids.
343 * @key: The key to get the subkeys of.
345 * keysubkeys takes a public key structure and returns an array of the
346 * subkey keyids for that key.
348 struct openpgp_fingerprint *keysubkeys(struct openpgp_publickey *key)
350 struct openpgp_signedpacket_list *cursubkey = NULL;
351 struct openpgp_fingerprint *subkeys = NULL;
354 if (key != NULL && key->subkeys != NULL) {
355 subkeys = malloc((spsize(key->subkeys) + 1) *
356 sizeof (struct openpgp_fingerprint));
357 cursubkey = key->subkeys;
358 while (cursubkey != NULL) {
359 get_fingerprint(cursubkey->packet, &subkeys[count++]);
360 cursubkey = cursubkey -> next;
362 subkeys[count].length = 0;
368 enum onak_oid onak_parse_oid(uint8_t *buf, size_t len)
372 /* Elliptic curve key size is based on OID */
373 if (len == 0 || (buf[0] >= len)) {
374 oid = ONAK_OID_INVALID;
375 /* Curve25519 / 1.3.6.1.4.1.3029.1.5.1 */
376 } else if ((buf[0] == 10) &&
377 (buf[1] == 0x2B) && (buf[2] == 0x06) &&
378 (buf[3] == 0x01) && (buf[4] == 0x04) &&
379 (buf[5] == 0x01) && (buf[6] == 0x97) &&
380 (buf[7] == 0x55) && (buf[8] == 0x01) &&
381 (buf[9] == 0x05) && (buf[10] == 0x01)) {
382 oid = ONAK_OID_CURVE25519;
383 /* Ed25519 / 1.3.6.1.4.1.11591.15.1 */
384 } else if ((buf[0] == 9) &&
385 (buf[1] == 0x2B) && (buf[2] == 0x06) &&
386 (buf[3] == 0x01) && (buf[4] == 0x04) &&
387 (buf[5] == 0x01) && (buf[6] == 0xDA) &&
388 (buf[7] == 0x47) && (buf[8] == 0x0F) &&
390 oid = ONAK_OID_ED25519;
391 /* nistp256 / 1.2.840.10045.3.1.7 */
392 } else if ((buf[0] == 8) &&
393 (buf[1] == 0x2A) && (buf[2] == 0x86) &&
394 (buf[3] == 0x48) && (buf[4] == 0xCE) &&
395 (buf[5] == 0x3D) && (buf[6] == 0x03) &&
396 (buf[7] == 0x01) && (buf[8] == 0x07)) {
397 oid = ONAK_OID_NISTP256;
398 /* nistp384 / 1.3.132.0.34 */
399 } else if ((buf[0] == 5) &&
400 (buf[1] == 0x2B) && (buf[2] == 0x81) &&
401 (buf[3] == 0x04) && (buf[4] == 0x00) &&
403 oid = ONAK_OID_NISTP384;
404 /* nistp521 / 1.3.132.0.35 */
405 } else if ((buf[0] == 5) &&
406 (buf[1] == 0x2B) && (buf[2] == 0x81) &&
407 (buf[3] == 0x04) && (buf[4] == 0x00) &&
409 oid = ONAK_OID_NISTP521;
410 /* brainpoolP256r1 / 1.3.36.3.3.2.8.1.1.7 */
411 } else if ((buf[0] == 9) &&
412 (buf[1] == 0x2B) && (buf[2] == 0x24) &&
413 (buf[3] == 0x03) && (buf[4] == 0x03) &&
414 (buf[5] == 0x02) && (buf[6] == 0x08) &&
415 (buf[7] == 0x01) && (buf[8] == 0x01) &&
417 oid = ONAK_OID_BRAINPOOLP256R1;
418 /* brainpoolP384r1 / 1.3.36.3.3.2.8.1.1.11 */
419 } else if ((buf[0] == 9) &&
420 (buf[1] == 0x2B) && (buf[2] == 0x24) &&
421 (buf[3] == 0x03) && (buf[4] == 0x03) &&
422 (buf[5] == 0x02) && (buf[6] == 0x08) &&
423 (buf[7] == 0x01) && (buf[8] == 0x01) &&
425 oid = ONAK_OID_BRAINPOOLP384R1;
426 /* brainpoolP512r1 / 1.3.36.3.3.2.8.1.1.13 */
427 } else if ((buf[0] == 9) &&
428 (buf[1] == 0x2B) && (buf[2] == 0x24) &&
429 (buf[3] == 0x03) && (buf[4] == 0x03) &&
430 (buf[5] == 0x02) && (buf[6] == 0x08) &&
431 (buf[7] == 0x01) && (buf[8] == 0x01) &&
433 oid = ONAK_OID_BRAINPOOLP512R1;
434 /* secp256k1 / 1.3.132.0.10 */
435 } else if ((buf[0] == 5) &&
436 (buf[1] == 0x2B) && (buf[2] == 0x81) &&
437 (buf[3] == 0x04) && (buf[4] == 0x00) &&
439 oid = ONAK_OID_SECP256K1;
441 oid = ONAK_OID_UNKNOWN;