X-Git-Url: https://the.earth.li/gitweb/?a=blobdiff_plain;f=cleankey.c;h=55e3161d0d87bb35ebb7d6be2826c919a6571fff;hb=52f5de3b2bfc272187772b03b3bcb8e069626b51;hp=3ef76f9167679b61316f03f817fd81816ac7437c;hpb=a0d1c99184eeb07a6a7711e168c3db4b8c0937eb;p=onak.git diff --git a/cleankey.c b/cleankey.c index 3ef76f9..55e3161 100644 --- a/cleankey.c +++ b/cleankey.c @@ -26,7 +26,7 @@ #include "log.h" #include "mem.h" #include "merge.h" -#include "onak-conf.h" +#include "openpgp.h" #include "sigcheck.h" /** @@ -137,10 +137,28 @@ int clean_sighashes(struct openpgp_publickey *key, struct openpgp_packet_list **sigs) { struct openpgp_packet_list *tmpsig; + onak_status_t ret; + uint8_t hashtype; + uint8_t hash[64]; + uint8_t *sighash; int removed = 0; + uint64_t keyid; while (*sigs != NULL) { - if (check_packet_sighash(key, sigdata, (*sigs)->packet) == 0) { + ret = calculate_packet_sighash(key, sigdata, (*sigs)->packet, + &hashtype, hash, &sighash); + + if (ret == ONAK_E_UNSUPPORTED_FEATURE) { + get_keyid(key, &keyid); + logthing(LOGTHING_ERROR, + "Unsupported signature hash type %d on 0x%016" + PRIX64, + hashtype, + keyid); + sigs = &(*sigs)->next; + } else if (ret != ONAK_E_OK || + !(hash[0] == sighash[0] && + hash[1] == sighash[1])) { tmpsig = *sigs; *sigs = (*sigs)->next; tmpsig->next = NULL; @@ -179,6 +197,54 @@ int clean_key_sighashes(struct openpgp_publickey *key) return removed; } +#define UAT_LIMIT 0xFFFF +#define UID_LIMIT 1024 +#define PACKET_LIMIT 8383 /* Fits in 2 byte packet length */ +int clean_large_packets(struct openpgp_publickey *key) +{ + struct openpgp_signedpacket_list **curuid = NULL; + struct openpgp_signedpacket_list *tmp = NULL; + bool drop; + int dropped = 0; + + log_assert(key != NULL); + curuid = &key->uids; + while (*curuid != NULL) { + drop = false; + switch ((*curuid)->packet->tag) { + case OPENPGP_PACKET_UID: + if ((*curuid)->packet->length > UID_LIMIT) + drop = true; + break; + case OPENPGP_PACKET_UAT: + if ((*curuid)->packet->length > UAT_LIMIT) + drop = true; + break; + default: + if ((*curuid)->packet->length > PACKET_LIMIT) + drop = true; + break; + } + + if (drop) { + logthing(LOGTHING_INFO, + "Dropping large (%d) packet, type %d", + (*curuid)->packet->length, + (*curuid)->packet->tag); + /* Remove the entire large signed packet list */ + tmp = *curuid; + *curuid = (*curuid)->next; + tmp->next = NULL; + free_signedpacket_list(tmp); + dropped++; + } else { + curuid = &(*curuid)->next; + } + } + + return dropped; +} + /** * cleankeys - Apply all available cleaning options on a list of keys. * @policies: The cleaning policies to apply. @@ -189,25 +255,40 @@ int clean_key_sighashes(struct openpgp_publickey *key) * made, otherwise the number of keys cleaned. Note that some options * may result in keys being removed entirely from the list. */ -int cleankeys(struct openpgp_publickey **keys, uint64_t policies) +int cleankeys(struct onak_dbctx *dbctx, struct openpgp_publickey **keys, + uint64_t policies) { - struct openpgp_publickey *curkey; - int changed = 0, count; + struct openpgp_publickey **curkey, *tmp; + int changed = 0, count = 0; if (keys == NULL) return 0; - curkey = *keys; - while (curkey != NULL) { - count = dedupuids(curkey); - count += dedupsubkeys(curkey); + curkey = keys; + while (*curkey != NULL) { + if (policies & ONAK_CLEAN_DROP_V3_KEYS) { + if ((*curkey)->publickey->data[0] < 4) { + /* Remove the key from the list */ + tmp = *curkey; + *curkey = tmp->next; + tmp->next = NULL; + free_publickey(tmp); + changed++; + continue; + } + } + if (policies & ONAK_CLEAN_LARGE_PACKETS) { + count += clean_large_packets(*curkey); + } + count += dedupuids(*curkey); + count += dedupsubkeys(*curkey); if (policies & ONAK_CLEAN_CHECK_SIGHASH) { - count += clean_key_sighashes(curkey); + count += clean_key_sighashes(*curkey); } if (count > 0) { changed++; } - curkey = curkey->next; + curkey = &(*curkey)->next; } return changed;