/**
* gnutls_openpgp_privkey_get_subkey_id:
* @key: the structure that contains the OpenPGP secret key.
* @idx: the subkey index
* @keyid: the buffer to save the keyid.
*
* Get the key-id for the subkey.
*
* Returns: the 64-bit keyID of the OpenPGP key.
*
* Since: 2.4.0
**/
int
gnutls_openpgp_privkey_get_subkey_id(gnutls_openpgp_privkey_t key,
unsigned int idx,
gnutls_openpgp_keyid_t keyid)
{
cdk_packet_t pkt;
uint32_t kid[2];
if (!key || !keyid) {
gnutls_assert();
return GNUTLS_E_INVALID_REQUEST;
}
if (idx == GNUTLS_OPENPGP_MASTER_KEYID_IDX)
return gnutls_openpgp_privkey_get_key_id(key, keyid);
pkt = _get_secret_subkey(key, idx);
if (!pkt)
return GNUTLS_E_OPENPGP_GETKEY_FAILED;
cdk_sk_get_keyid(pkt->pkt.secret_key, kid);
_gnutls_write_uint32(kid[0], keyid);
_gnutls_write_uint32(kid[1], keyid + 4);
return 0;
}
/* Return the key ID from the given packet.
If this is not possible, 0 is returned */
u32
_cdk_pkt_get_keyid (cdk_packet_t pkt, u32 * keyid)
{
u32 lowbits;
if (!pkt)
return 0;
switch (pkt->pkttype)
{
case CDK_PKT_PUBLIC_KEY:
case CDK_PKT_PUBLIC_SUBKEY:
lowbits = cdk_pk_get_keyid (pkt->pkt.public_key, keyid);
break;
case CDK_PKT_SECRET_KEY:
case CDK_PKT_SECRET_SUBKEY:
lowbits = cdk_sk_get_keyid (pkt->pkt.secret_key, keyid);
break;
case CDK_PKT_SIGNATURE:
lowbits = cdk_sig_get_keyid (pkt->pkt.signature, keyid);
break;
default:
lowbits = 0;
break;
}
return lowbits;
}
/**
* cdk_sklist_write_onepass:
* @skl: secret keylist
* @outp: the stream to write in the data
* @sigclass: the class of the sig to create
* @mdalgo: the message digest algorithm
*
* Write a one-pass signature for each key in the list into @outp.
**/
cdk_error_t
cdk_sklist_write_onepass( cdk_keylist_t skl, cdk_stream_t outp,
int sigclass, int mdalgo )
{
cdk_pkt_onepass_sig_t ops;
cdk_keylist_t r;
cdk_packet_t pkt;
int i, skcount = 0;
int rc = 0;
if( !skl || !outp )
return CDK_Inv_Value;
if( skl->type != CDK_PKT_SECRET_KEY )
return CDK_Inv_Mode;
pkt = cdk_calloc( 1, sizeof * pkt );
if( !pkt )
return CDK_Out_Of_Core;
for( skcount = 0, r = skl; r; r = r->next )
skcount++;
for( ; skcount; skcount-- ) {
for( i = 0, r = skl; r; r = r->next ) {
if( ++i == skcount )
break;
}
ops = cdk_calloc( 1, sizeof *ops );
if( !ops )
return CDK_Out_Of_Core;
ops->version = 3;
cdk_sk_get_keyid( r->key.sk, ops->keyid );
ops->sig_class = sigclass;
if( !mdalgo )
mdalgo = _cdk_sig_hash_for( r->key.sk->pubkey_algo,
r->key.sk->version );
ops->digest_algo = mdalgo;
ops->pubkey_algo = r->key.sk->pubkey_algo;
ops->last = (skcount == 1);
cdk_pkt_init( pkt );
pkt->pkttype = CDK_PKT_ONEPASS_SIG;
pkt->pkt.onepass_sig = ops;
rc = cdk_pkt_write( outp, pkt );
cdk_pkt_free( pkt );
if( rc )
break;
}
cdk_free( pkt );
return rc;
}
/**
* gnutls_openpgp_privkey_get_key_id:
* @key: the structure that contains the OpenPGP secret key.
* @keyid: the buffer to save the keyid.
*
* Get key-id.
*
* Returns: the 64-bit keyID of the OpenPGP key.
*
* Since: 2.4.0
**/
int
gnutls_openpgp_privkey_get_key_id(gnutls_openpgp_privkey_t key,
gnutls_openpgp_keyid_t keyid)
{
cdk_packet_t pkt;
uint32_t kid[2];
if (!key || !keyid) {
gnutls_assert();
return GNUTLS_E_INVALID_REQUEST;
}
pkt = cdk_kbnode_find_packet(key->knode, CDK_PKT_SECRET_KEY);
if (!pkt)
return GNUTLS_E_OPENPGP_GETKEY_FAILED;
cdk_sk_get_keyid(pkt->pkt.secret_key, kid);
_gnutls_write_uint32(kid[0], keyid);
_gnutls_write_uint32(kid[1], keyid + 4);
return 0;
}
int
cdk_keydb_check_sk( cdk_keydb_hd_t hd, u32 * keyid )
{
cdk_stream_t db;
cdk_packet_t pkt;
u32 kid[2];
int rc;
if( !hd || !keyid )
return CDK_Inv_Value;
if( !hd->secret )
return CDK_Inv_Mode;
pkt = cdk_calloc( 1, sizeof * pkt );
if( !pkt )
return CDK_Out_Of_Core;
rc = cdk_keydb_open( hd, &db );
if( rc )
return rc;
cdk_pkt_init( pkt );
while( !cdk_pkt_read( db, pkt ) ) {
if( pkt->pkttype != CDK_PKT_SECRET_KEY
&& pkt->pkttype != CDK_PKT_SECRET_SUBKEY )
goto next;
cdk_sk_get_keyid( pkt->pkt.secret_key, kid );
if( KEYID_CMP( kid, keyid ) ) {
cdk_pkt_free( pkt );
cdk_free( pkt );
return 0;
}
next:
cdk_pkt_free( pkt );
cdk_pkt_init( pkt );
}
cdk_free( pkt );
return CDK_Error_No_Key;
}
