Exemple #1
0
/****************
 * Create notations and other stuff.  It is assumed that the stings in
 * STRLIST are already checked to contain only printable data and have
 * a valid NAME=VALUE format.
 */
static void
mk_notation_policy_etc( PKT_signature *sig,
			PKT_public_key *pk, PKT_secret_key *sk )
{
    const char *string;
    char *s=NULL;
    STRLIST pu=NULL;
    struct notation *nd=NULL;
    struct expando_args args;

    assert(sig->version>=4);

    memset(&args,0,sizeof(args));
    args.pk=pk;
    args.sk=sk;

    /* notation data */
    if(IS_SIG(sig) && opt.sig_notations)
      nd=opt.sig_notations;
    else if( IS_CERT(sig) && opt.cert_notations )
      nd=opt.cert_notations;

    if(nd)
      {
	struct notation *i;

	for(i=nd;i;i=i->next)
	  {
	    i->altvalue=pct_expando(i->value,&args);
	    if(!i->altvalue)
	      log_error(_("WARNING: unable to %%-expand notation "
			  "(too large).  Using unexpanded.\n"));
	  }

	keygen_add_notations(sig,nd);

	for(i=nd;i;i=i->next)
	  {
	    xfree(i->altvalue);
	    i->altvalue=NULL;
	  }
      }

    /* set policy URL */
    if( IS_SIG(sig) && opt.sig_policy_url )
      pu=opt.sig_policy_url;
    else if( IS_CERT(sig) && opt.cert_policy_url )
      pu=opt.cert_policy_url;

    for(;pu;pu=pu->next)
      {
        string = pu->d;

	s=pct_expando(string,&args);
	if(!s)
	  {
	    log_error(_("WARNING: unable to %%-expand policy URL "
			"(too large).  Using unexpanded.\n"));
	    s=xstrdup(string);
	  }

	build_sig_subpkt(sig,SIGSUBPKT_POLICY|
			 ((pu->flags & 1)?SIGSUBPKT_FLAG_CRITICAL:0),
			 s,strlen(s));

	xfree(s);
      }

    /* preferred keyserver URL */
    if( IS_SIG(sig) && opt.sig_keyserver_url )
      pu=opt.sig_keyserver_url;

    for(;pu;pu=pu->next)
      {
        string = pu->d;

	s=pct_expando(string,&args);
	if(!s)
	  {
	    log_error(_("WARNING: unable to %%-expand preferred keyserver URL"
			" (too large).  Using unexpanded.\n"));
	    s=xstrdup(string);
	  }

	build_sig_subpkt(sig,SIGSUBPKT_PREF_KS|
			 ((pu->flags & 1)?SIGSUBPKT_FLAG_CRITICAL:0),
			 s,strlen(s));

	xfree(s);
      }
}
Exemple #2
0
/****************
 * Create notations and other stuff.  It is assumed that the stings in
 * STRLIST are already checked to contain only printable data and have
 * a valid NAME=VALUE format.
 */
static void
mk_notation_policy_etc (PKT_signature *sig,
			PKT_public_key *pk, PKT_public_key *pksk)
{
  const char *string;
  char *p = NULL;
  strlist_t pu = NULL;
  struct notation *nd = NULL;
  struct expando_args args;

  log_assert (sig->version >= 4);

  memset (&args, 0, sizeof(args));
  args.pk = pk;
  args.pksk = pksk;

  /* Notation data. */
  if (IS_SIG(sig) && opt.sig_notations)
    nd = opt.sig_notations;
  else if (IS_CERT(sig) && opt.cert_notations)
    nd = opt.cert_notations;

  if (nd)
    {
      struct notation *item;

      for (item = nd; item; item = item->next)
        {
          item->altvalue = pct_expando (item->value,&args);
          if (!item->altvalue)
            log_error (_("WARNING: unable to %%-expand notation "
                         "(too large).  Using unexpanded.\n"));
        }

      keygen_add_notations (sig, nd);

      for (item = nd; item; item = item->next)
        {
          xfree (item->altvalue);
          item->altvalue = NULL;
        }
    }

  /* Set policy URL. */
  if (IS_SIG(sig) && opt.sig_policy_url)
    pu = opt.sig_policy_url;
  else if (IS_CERT(sig) && opt.cert_policy_url)
    pu = opt.cert_policy_url;

  for (; pu; pu = pu->next)
    {
      string = pu->d;

      p = pct_expando (string, &args);
      if (!p)
        {
          log_error(_("WARNING: unable to %%-expand policy URL "
                      "(too large).  Using unexpanded.\n"));
          p = xstrdup(string);
        }

      build_sig_subpkt (sig, (SIGSUBPKT_POLICY
                              | ((pu->flags & 1)?SIGSUBPKT_FLAG_CRITICAL:0)),
                        p, strlen (p));

      xfree (p);
    }

  /* Preferred keyserver URL. */
  if (IS_SIG(sig) && opt.sig_keyserver_url)
    pu = opt.sig_keyserver_url;

  for (; pu; pu = pu->next)
    {
      string = pu->d;

      p = pct_expando (string, &args);
      if (!p)
        {
          log_error (_("WARNING: unable to %%-expand preferred keyserver URL"
                       " (too large).  Using unexpanded.\n"));
          p = xstrdup (string);
        }

      build_sig_subpkt (sig, (SIGSUBPKT_PREF_KS
                              | ((pu->flags & 1)?SIGSUBPKT_FLAG_CRITICAL:0)),
                        p, strlen (p));
      xfree (p);
    }

  /* Set signer's user id.  */
  if (IS_SIG (sig) && !opt.flags.disable_signer_uid)
    {
      char *mbox;

      /* For now we use the uid which was used to locate the key.  */
      if (pksk->user_id && (mbox = mailbox_from_userid (pksk->user_id->name)))
        {
          if (DBG_LOOKUP)
            log_debug ("setting Signer's UID to '%s'\n", mbox);
          build_sig_subpkt (sig, SIGSUBPKT_SIGNERS_UID, mbox, strlen (mbox));
          xfree (mbox);
        }
      else if (opt.sender_list)
        {
          /* If a list of --sender was given we scan that list and use
           * the first one matching a user id of the current key.  */

          /* FIXME: We need to get the list of user ids for the PKSK
           * packet.  That requires either a function to look it up
           * again or we need to extend the key packet struct to link
           * to the primary key which in turn could link to the user
           * ids.  Too much of a change right now.  Let's take just
           * one from the supplied list and hope that the caller
           * passed a matching one.  */
          build_sig_subpkt (sig, SIGSUBPKT_SIGNERS_UID,
                            opt.sender_list->d, strlen (opt.sender_list->d));
        }
    }
}
Exemple #3
0
/****************
 * Create a notation.  It is assumed that the stings in STRLIST
 * are already checked to contain only printable data and have a valid
 * NAME=VALUE format.
 */
static void
mk_notation_and_policy( PKT_signature *sig,
			PKT_public_key *pk, PKT_secret_key *sk )
{
    const char *string;
    char *s=NULL;
    byte *buf;
    unsigned n1, n2;
    STRLIST nd=NULL,pu=NULL;
    struct expando_args args;

    memset(&args,0,sizeof(args));
    args.pk=pk;
    args.sk=sk;

    /* notation data */
    if(IS_SIG(sig) && opt.sig_notation_data)
      {
	if(sig->version<4)
	  log_info("can't put notation data into v3 signatures\n");
	else
	  nd=opt.sig_notation_data;
      }
    else if( IS_CERT(sig) && opt.cert_notation_data )
      {
	if(sig->version<4)
	  log_info("can't put notation data into v3 key signatures\n");
	else
	  nd=opt.cert_notation_data;
      }

    for( ; nd; nd = nd->next ) {
        char *expanded;

        string = nd->d;
	s = strchr( string, '=' );
	if( !s )
	  BUG(); /* we have already parsed this */
	n1 = s - string;
	s++;

	expanded=pct_expando(s,&args);
	if(!expanded)
	  {
	    log_error(_("WARNING: unable to %%-expand notation "
			"(too large).  Using unexpanded.\n"));
	    expanded=m_strdup(s);
	  }

	n2 = strlen(expanded);
	buf = m_alloc( 8 + n1 + n2 );
	buf[0] = 0x80; /* human readable */
	buf[1] = buf[2] = buf[3] = 0;
	buf[4] = n1 >> 8;
	buf[5] = n1;
	buf[6] = n2 >> 8;
	buf[7] = n2;
	memcpy(buf+8, string, n1 );
	memcpy(buf+8+n1, expanded, n2 );
	build_sig_subpkt( sig, SIGSUBPKT_NOTATION
			  | ((nd->flags & 1)? SIGSUBPKT_FLAG_CRITICAL:0),
			  buf, 8+n1+n2 );
	m_free(expanded);
	m_free(buf);
    }

    if(opt.show_notation)
      show_notation(sig,0);

    /* set policy URL */
    if( IS_SIG(sig) && opt.sig_policy_url )
      {
	if(sig->version<4)
	  log_info("can't put a policy URL into v3 signatures\n");
	else
	  pu=opt.sig_policy_url;
      }
    else if( IS_CERT(sig) && opt.cert_policy_url )
      {
	if(sig->version<4)
	  log_info("can't put a policy URL into v3 key signatures\n");
	else
	  pu=opt.cert_policy_url;
      }

    for(;pu;pu=pu->next)
      {
        string = pu->d;

	s=pct_expando(string,&args);
	if(!s)
	  {
	    log_error(_("WARNING: unable to %%-expand policy url "
			"(too large).  Using unexpanded.\n"));
	    s=m_strdup(string);
	  }

	build_sig_subpkt(sig,SIGSUBPKT_POLICY|
			 ((pu->flags & 1)?SIGSUBPKT_FLAG_CRITICAL:0),
			 s,strlen(s));

	m_free(s);
      }

    if(opt.show_policy_url)
      show_policy_url(sig,0);
}