2 * parsekey.c - Routines to parse an OpenPGP key.
4 * Copyright 2002-2004,2007-2008,2011 Jonathan McDowell <noodles@earth.li>
6 * This program is free software: you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the Free
8 * Software Foundation; version 2 of the License.
10 * This program is distributed in the hope that it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
15 * You should have received a copy of the GNU General Public License along with
16 * this program; if not, write to the Free Software Foundation, Inc., 51
17 * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26 #include "keystructs.h"
34 * parse_keys - Process a stream of packets for public keys + sigs.
35 * @packets: The packet list to parse.
36 * @keys: The returned list of public keys.
38 * This function takes an list of OpenPGP packets and attempts to parse it
39 * into a list of public keys with signatures and subkeys.
41 * Returns a count of how many keys we parsed.
43 int parse_keys(struct openpgp_packet_list *packets,
44 struct openpgp_publickey **keys)
46 struct openpgp_publickey *curkey = NULL;
52 * If keys already has some keys in it then set curkey to the last one
53 * so we add to the end of the list.
55 for (curkey = *keys; curkey != NULL && curkey->next != NULL;
56 curkey = curkey->next) ;
58 while (packets != NULL) {
59 switch (packets->packet->tag) {
60 case OPENPGP_PACKET_SIGNATURE:
62 * It's a signature packet. Add it to either the public
63 * key, to the current UID or the current subkey.
66 return ONAK_E_INVALID_PARAM;
67 if (curkey->subkeys != NULL) {
68 ADD_PACKET_TO_LIST_END(curkey->last_subkey,
70 packet_dup(packets->packet));
71 } else if (curkey->uids != NULL) {
72 ADD_PACKET_TO_LIST_END(curkey->last_uid,
74 packet_dup(packets->packet));
76 ADD_PACKET_TO_LIST_END(curkey,
78 packet_dup(packets->packet));
80 * This is a signature on the public key; check
81 * if it's a revocation.
83 if (packets->packet->data[0] == 3 &&
84 packets->packet->data[2] ==
85 OPENPGP_SIGTYPE_KEY_REV) {
87 * Type 3 key, 0x20 == revocation
89 curkey->revoked = true;
90 } else if (packets->packet->data[0] == 4 &&
91 packets->packet->data[1] ==
92 OPENPGP_SIGTYPE_KEY_REV) {
94 * Type 4 key, 0x20 == revocation
96 curkey->revoked = true;
100 case OPENPGP_PACKET_PUBLICKEY:
102 * It's a public key packet, so start a new key in our
105 if (curkey != NULL) {
106 curkey->next = malloc(sizeof (*curkey));
107 curkey = curkey->next;
110 malloc(sizeof (*curkey));
112 memset(curkey, 0, sizeof(*curkey));
113 curkey->publickey = packet_dup(packets->packet);
116 case OPENPGP_PACKET_UID:
117 case OPENPGP_PACKET_UAT:
119 * It's a UID packet (or a photo id, which is similar).
122 return ONAK_E_INVALID_PARAM;
123 if (curkey->subkeys != NULL)
124 return ONAK_E_INVALID_PARAM;
125 ADD_PACKET_TO_LIST_END(curkey,
127 packet_dup(packets->packet));
129 case OPENPGP_PACKET_PUBLICSUBKEY:
131 * It's a subkey packet.
134 return ONAK_E_INVALID_PARAM;
135 ADD_PACKET_TO_LIST_END(curkey,
137 packet_dup(packets->packet));
139 case OPENPGP_PACKET_TRUST:
140 case OPENPGP_PACKET_COMMENT:
144 * Trust packet. Ignore.
145 * Comment packet. Ignore.
149 /* Unsupported packet. Do what? Ignore for now. */
152 packets = packets->next;
159 * debug_packet - Print debug info about a packet
160 * @packet: The packet to display.
162 * This function takes an OpenPGP packet and displays some information
163 * about it to stdout. Useful for debugging purposes or curiousity about
164 * an OpenPGP packet stream.
166 int debug_packet(struct openpgp_packet *packet)
168 printf("\tNew format: %d, Tag: %u, Length: %zd\n",
177 * read_openpgp_stream - Reads a stream of OpenPGP packets.
178 * @getchar_func: The function to get the next character from the stream.
179 * @ctx: A pointer to the context structure for getchar_func.
180 * @packets: The outputted list of packets.
181 * @maxnum: The maximum number of keys to read. 0 means unlimited.
183 * This function uses getchar_func to read characters from an OpenPGP
184 * packet stream and reads the packets into a linked list of packets
185 * ready for parsing as a public key or whatever.
187 onak_status_t read_openpgp_stream(int (*getchar_func)(void *ctx, size_t count,
190 struct openpgp_packet_list **packets,
193 unsigned char curchar = 0;
194 struct openpgp_packet_list *curpacket = NULL, **packetend = NULL;
195 onak_status_t rc = ONAK_E_OK;
199 return ONAK_E_INVALID_PARAM;
201 curpacket = *packets;
202 if (curpacket != NULL) {
203 while (curpacket->next != NULL) {
204 curpacket = curpacket->next;
208 while (rc == ONAK_E_OK && (maxnum == 0 || keys < maxnum) &&
209 !getchar_func(ctx, 1, &curchar)) {
210 if (curchar & 0x80) {
212 * New packet. Allocate memory for it.
214 if (curpacket != NULL) {
215 curpacket->next = malloc(sizeof (*curpacket));
216 packetend = &curpacket->next;
217 curpacket = curpacket->next;
219 *packets = curpacket =
220 malloc(sizeof (*curpacket));
223 memset(curpacket, 0, sizeof(*curpacket));
225 malloc(sizeof (*curpacket->packet));
226 memset(curpacket->packet, 0,
227 sizeof(*curpacket->packet));
229 curpacket->packet->newformat = (curchar & 0x40);
232 * TODO: Better error checking on getchar_func.
234 if (curpacket->packet->newformat) {
235 curpacket->packet->tag = (curchar & 0x3F);
236 if (getchar_func(ctx, 1, &curchar)) {
237 rc = ONAK_E_INVALID_PKT;
240 curpacket->packet->length = curchar;
241 if (curpacket->packet->length > 191 &&
242 curpacket->packet->length < 224) {
243 rc = getchar_func(ctx, 1, &curchar);
244 curpacket->packet->length -= 192;
245 curpacket->packet->length <<= 8;
246 curpacket->packet->length += curchar;
247 curpacket->packet->length += 192;
248 } else if (curpacket->packet->length > 223 &&
249 curpacket->packet->length < 255) {
250 free(curpacket->packet);
251 curpacket->packet = NULL;
252 rc = ONAK_E_UNSUPPORTED_FEATURE;
253 } else if (curpacket->packet->length == 255) {
255 * 5 byte length; ie 255 followed by 3
256 * bytes of MSB length.
258 if (getchar_func(ctx, 1, &curchar)) {
259 rc = ONAK_E_INVALID_PKT;
262 curpacket->packet->length = curchar;
263 curpacket->packet->length <<= 8;
264 if (getchar_func(ctx, 1, &curchar)) {
265 rc = ONAK_E_INVALID_PKT;
268 curpacket->packet->length += curchar;
269 curpacket->packet->length <<= 8;
270 if (getchar_func(ctx, 1, &curchar)) {
271 rc = ONAK_E_INVALID_PKT;
274 curpacket->packet->length += curchar;
275 curpacket->packet->length <<= 8;
276 if (getchar_func(ctx, 1, &curchar)) {
277 rc = ONAK_E_INVALID_PKT;
280 curpacket->packet->length += curchar;
283 curpacket->packet->tag = (curchar & 0x3C) >> 2;
284 switch (curchar & 3) {
286 if (getchar_func(ctx, 1, &curchar)) {
287 rc = ONAK_E_INVALID_PKT;
290 curpacket->packet->length = curchar;
293 if (getchar_func(ctx, 1, &curchar)) {
294 rc = ONAK_E_INVALID_PKT;
297 curpacket->packet->length = curchar;
298 curpacket->packet->length <<= 8;
299 if (getchar_func(ctx, 1, &curchar)) {
300 rc = ONAK_E_INVALID_PKT;
303 curpacket->packet->length += curchar;
306 if (getchar_func(ctx, 1, &curchar)) {
307 rc = ONAK_E_INVALID_PKT;
310 curpacket->packet->length =
312 if (getchar_func(ctx, 1, &curchar)) {
313 rc = ONAK_E_INVALID_PKT;
316 curpacket->packet->length +=
318 if (getchar_func(ctx, 1, &curchar)) {
319 rc = ONAK_E_INVALID_PKT;
322 curpacket->packet->length +=
324 if (getchar_func(ctx, 1, &curchar)) {
325 rc = ONAK_E_INVALID_PKT;
328 curpacket->packet->length += curchar;
331 rc = ONAK_E_UNSUPPORTED_FEATURE;
332 free(curpacket->packet);
333 curpacket->packet = NULL;
339 if (curpacket->packet->tag ==
340 OPENPGP_PACKET_PUBLICKEY) {
343 curpacket->packet->data =
344 malloc(curpacket->packet->length *
345 sizeof(unsigned char));
346 if (curpacket->packet->data == NULL) {
349 rc = getchar_func(ctx,
350 curpacket->packet->length,
351 curpacket->packet->data);
355 rc = ONAK_E_INVALID_PKT;
359 /* Trim the last packet if it doesn't actually exist */
360 if (packetend != NULL && (*packetend)->packet == NULL) {
369 * write_openpgp_stream - Reads a stream of OpenPGP packets.
370 * @putchar_func: The function to put the next character to the stream.
371 * @ctx: A pointer to the context structure for putchar_func.
372 * @packets: The list of packets.
374 * This function uses putchar_func to write characters to an OpenPGP
375 * packet stream from a linked list of packets.
377 onak_status_t write_openpgp_stream(int (*putchar_func)(void *ctx, size_t count,
380 struct openpgp_packet_list *packets)
382 unsigned char curchar = 0;
384 while (packets != NULL) {
386 if (packets->packet->newformat) {
388 curchar |= packets->packet->tag;
389 putchar_func(ctx, 1, &curchar);
391 if (packets->packet->length < 192) {
392 curchar = packets->packet->length;
393 putchar_func(ctx, 1, &curchar);
394 } else if (packets->packet->length > 191 &&
395 packets->packet->length < 8383) {
396 curchar = (((packets->packet->length - 192) &
398 putchar_func(ctx, 1, &curchar);
400 curchar = (packets->packet->length - 192) &
402 putchar_func(ctx, 1, &curchar);
403 } else if (packets->packet->length > 8382 &&
404 packets->packet->length < 0xFFFFFFFF) {
406 putchar_func(ctx, 1, &curchar);
408 curchar = (packets->packet->length >> 24);
410 putchar_func(ctx, 1, &curchar);
412 curchar = (packets->packet->length >> 16);
414 putchar_func(ctx, 1, &curchar);
416 curchar = (packets->packet->length >> 8);
418 putchar_func(ctx, 1, &curchar);
420 curchar = packets->packet->length;
422 putchar_func(ctx, 1, &curchar);
424 return ONAK_E_UNSUPPORTED_FEATURE;
427 curchar |= (packets->packet->tag << 2);
428 if (packets->packet->length < 256) {
429 putchar_func(ctx, 1, &curchar);
430 curchar = packets->packet->length;
431 putchar_func(ctx, 1, &curchar);
432 } else if (packets->packet->length < 0x10000) {
434 putchar_func(ctx, 1, &curchar);
435 curchar = packets->packet->length >> 8;
436 putchar_func(ctx, 1, &curchar);
437 curchar = packets->packet->length & 0xFF;
438 putchar_func(ctx, 1, &curchar);
441 putchar_func(ctx, 1, &curchar);
442 curchar = packets->packet->length >> 24;
443 putchar_func(ctx, 1, &curchar);
444 curchar = (packets->packet->length >> 16) & 0xFF;
445 putchar_func(ctx, 1, &curchar);
446 curchar = (packets->packet->length >> 8) & 0xFF;
447 putchar_func(ctx, 1, &curchar);
448 curchar = packets->packet->length & 0xFF;
449 putchar_func(ctx, 1, &curchar);
453 putchar_func(ctx, packets->packet->length,
454 packets->packet->data);
455 packets = packets->next;
462 * flatten_publickey - Convert a publickey to an OpenPGP packet list.
463 * @key: The public key.
464 * @packets: The outputted packet list.
466 * This function converts public key structure to a linked list of OpenPGP
467 * packets ready for outputing or storage.
469 int flatten_publickey(struct openpgp_publickey *key,
470 struct openpgp_packet_list **packets,
471 struct openpgp_packet_list **list_end)
473 struct openpgp_signedpacket_list *tmpsignedlist = NULL;
474 struct openpgp_packet_list *tmplist = NULL;
476 while (key != NULL) {
478 * First write the public key packet out.
480 ADD_PACKET_TO_LIST((*list_end), packet_dup(key->publickey));
481 if (*packets == NULL) {
482 *packets = *list_end;
486 * Now do any signatures on the main key.
488 for (tmplist = key->sigs; tmplist != NULL;
489 tmplist = tmplist->next) {
490 ADD_PACKET_TO_LIST((*list_end),
491 packet_dup(tmplist->packet));
495 * Output any UIDs along with their signatures.
497 for (tmpsignedlist = key->uids; tmpsignedlist != NULL;
498 tmpsignedlist = tmpsignedlist->next) {
500 ADD_PACKET_TO_LIST((*list_end),
501 packet_dup(tmpsignedlist->packet));
502 for (tmplist = tmpsignedlist->sigs; tmplist != NULL;
503 tmplist = tmplist->next) {
504 ADD_PACKET_TO_LIST((*list_end),
505 packet_dup(tmplist->packet));
510 * Output any subkeys along with their signatures.
512 for (tmpsignedlist = key->subkeys; tmpsignedlist != NULL;
513 tmpsignedlist = tmpsignedlist->next) {
515 ADD_PACKET_TO_LIST((*list_end),
516 packet_dup(tmpsignedlist->packet));
517 for (tmplist = tmpsignedlist->sigs; tmplist != NULL;
518 tmplist = tmplist->next) {
519 ADD_PACKET_TO_LIST((*list_end),
520 packet_dup(tmplist->packet));