static int keydb_idx_parse( cdk_stream_t inp, key_idx_t * r_idx ) { key_idx_t idx; byte buf[4]; int i; if( !inp || !r_idx ) return CDK_Inv_Value; idx = cdk_calloc( 1, sizeof * idx ); if( !idx ) return CDK_Out_Of_Core; while( !cdk_stream_eof( inp ) ) { i = cdk_stream_read( inp, buf, 4 ); if( i == CDK_EOF ) break; idx->offset = _cdk_buftou32( buf ); cdk_stream_read( inp, buf, 4 ); idx->keyid[0] = _cdk_buftou32( buf ); cdk_stream_read( inp, buf, 4 ); idx->keyid[1] = _cdk_buftou32( buf ); cdk_stream_read( inp, idx->fpr, 20 ); #if 0 _cdk_log_debug( "%08lu: keyid=%08lX fpr=", idx->offset,idx->keyid[1] ); for( i = 0; i < 20; i++ ) _cdk_log_debug( "%02X", idx->fpr[i] ); _cdk_log_debug( "\n" ); #endif break; } *r_idx = idx; return cdk_stream_eof( inp )? CDK_EOF : 0; }
/** * cdk_stream_kick_off: * @inp: the input stream * @out: the output stream. * * Passes the entire data from @inp into the output stream @out * with all the activated filters. */ cdk_error_t cdk_stream_kick_off (cdk_stream_t inp, cdk_stream_t out) { byte buf[BUFSIZE]; int nread, nwritten; cdk_error_t rc; if (!inp || !out) { gnutls_assert (); return CDK_Inv_Value; } rc = CDK_Success; while (!cdk_stream_eof (inp)) { nread = cdk_stream_read (inp, buf, DIM (buf)); if (!nread || nread == EOF) break; nwritten = cdk_stream_write (out, buf, nread); if (!nwritten || nwritten == EOF) { /* In case of errors, we leave the loop. */ rc = inp->error; break; } } wipemem (buf, sizeof (buf)); return rc; }
/* This functions builds an index of the keyring into a separate file with the name keyring.ext.idx. It contains the offset of all public- and public subkeys. The format of the file is: -------- 4 octets offset of the packet 8 octets keyid 20 octets fingerprint -------- We store the keyid and the fingerprint due to the fact we can't get the keyid from a v3 fingerprint directly. */ static int keydb_idx_build( const char * file ) { cdk_packet_t pkt; cdk_stream_t inp, out = NULL; byte buf[8], fpr[20]; char * fname; u32 keyid[2]; int rc, pos; if( !file ) return CDK_Inv_Value; pkt = cdk_calloc( 1, sizeof * pkt ); if( !pkt ) return CDK_Out_Of_Core; fname = keydb_idx_mkname( file ); if( !fname ) { rc = CDK_Out_Of_Core; goto leave; } rc = cdk_stream_open( file, &inp ); if( !rc ) rc = cdk_stream_create( fname, &out ); if( rc ) goto leave; while( !cdk_stream_eof( inp ) ) { pos = cdk_stream_tell( inp ); rc = cdk_pkt_read( inp, pkt ); if( rc ) break; if( pkt->pkttype == CDK_PKT_PUBLIC_KEY || pkt->pkttype == CDK_PKT_PUBLIC_SUBKEY ) { _cdk_u32tobuf( pos, buf ); cdk_stream_write( out, buf, 4 ); cdk_pk_get_keyid( pkt->pkt.public_key, keyid ); _cdk_u32tobuf( keyid[0], buf ); _cdk_u32tobuf( keyid[1], buf + 4 ); cdk_stream_write( out, buf, 8 ); cdk_pk_get_fingerprint( pkt->pkt.public_key, fpr ); cdk_stream_write( out, fpr, 20 ); } cdk_pkt_free( pkt ); cdk_pkt_init( pkt ); } cdk_stream_close( out ); leave: cdk_stream_close( inp ); cdk_free( fname ); cdk_free( pkt ); return rc; }
static cdk_error_t write_literal (cdk_stream_t out, cdk_pkt_literal_t pt, int old_ctb) { byte buf[BUFSIZE]; size_t size; cdk_error_t rc; assert (out); assert (pt); /* We consider a packet without a body as an invalid packet. At least one octet must be present. */ if (!pt->len) return CDK_Inv_Packet; if (DEBUG_PKT) _cdk_log_debug ("write_literal:\n"); size = 6 + pt->namelen + pt->len; rc = pkt_write_head (out, old_ctb, size, CDK_PKT_LITERAL); if (rc) return rc; rc = stream_putc (out, pt->mode); if (rc) return rc; rc = stream_putc (out, pt->namelen); if (rc) return rc; if (pt->namelen > 0) rc = stream_write (out, pt->name, pt->namelen); if (!rc) rc = write_32 (out, pt->timestamp); if (rc) return rc; while (!cdk_stream_eof (pt->buf) && !rc) { rc = stream_read (pt->buf, buf, DIM (buf), &size); if (!rc) rc = stream_write (out, buf, size); } wipemem (buf, sizeof (buf)); return rc; }
int _cdk_stream_gets( cdk_stream_t s, char * buf, size_t count ) { int c, i = 0; if( !s ) return CDK_Inv_Value; while( !cdk_stream_eof( s ) && count > 0 ) { c = cdk_stream_getc( s ); if( c == EOF || c == '\r' || c == '\n' ) { buf[i++] = '\0'; break; } buf[i++] = c; count--; } return i; }
static cdk_error_t read_literal (cdk_stream_t inp, size_t pktlen, cdk_pkt_literal_t * ret_pt, int is_partial) { cdk_pkt_literal_t pt = *ret_pt; size_t nread; cdk_error_t rc; if (!inp || !pt) return CDK_Inv_Value; if (DEBUG_PKT) _cdk_log_debug ("read_literal: %d octets\n", pktlen); pt->mode = cdk_stream_getc (inp); if (pt->mode != 0x62 && pt->mode != 0x74 && pt->mode != 0x75) return CDK_Inv_Packet; if (cdk_stream_eof (inp)) return CDK_Inv_Packet; pt->namelen = cdk_stream_getc (inp); if (pt->namelen > 0) { *ret_pt = pt = cdk_realloc (pt, sizeof *pt + pt->namelen + 2); if (!pt) return CDK_Out_Of_Core; pt->name = (char*)pt + sizeof(*pt); rc = stream_read (inp, pt->name, pt->namelen, &nread); if (rc) return rc; if ((int) nread != pt->namelen) return CDK_Inv_Packet; pt->name[pt->namelen] = '\0'; } pt->timestamp = read_32 (inp); pktlen = pktlen - 6 - pt->namelen; if (is_partial) _cdk_stream_set_blockmode (inp, pktlen); pt->buf = inp; pt->len = pktlen; return 0; }
cdk_error_t cdk_stream_kick_off( cdk_stream_t inp, cdk_stream_t out ) { byte buf[8192]; int nread, nwritten; int rc = 0; if( !inp || !out ) return CDK_Inv_Value; while( !cdk_stream_eof( inp ) ) { nread = cdk_stream_read( inp, buf, sizeof buf-1 ); if( nread == EOF ) break; nwritten = cdk_stream_write( out, buf, nread ); if( nwritten == EOF ) rc = CDK_File_Error; } wipemem( buf, sizeof buf ); return rc; }
/** * cdk_pkt_read: * @inp: the input stream * @pkt: allocated packet handle to store the packet * * Parse the next packet on the @inp stream and return its contents in @pkt. **/ cdk_error_t cdk_pkt_read (cdk_stream_t inp, cdk_packet_t pkt) { int ctb, is_newctb; int pkttype; size_t pktlen = 0, pktsize = 0, is_partial = 0; cdk_error_t rc; if (!inp || !pkt) return CDK_Inv_Value; ctb = cdk_stream_getc (inp); if (cdk_stream_eof (inp) || ctb == EOF) return CDK_EOF; else if (!ctb) return CDK_Inv_Packet; pktsize++; if (!(ctb & 0x80)) { _cdk_log_info ("cdk_pkt_read: no openpgp data found. " "(ctb=%02X; fpos=%02X)\n", ctb, cdk_stream_tell (inp)); return CDK_Inv_Packet; } if (ctb & 0x40) /* RFC2440 packet format. */ { pkttype = ctb & 0x3f; is_newctb = 1; } else /* the old RFC1991 packet format. */ { pkttype = ctb & 0x3f; pkttype >>= 2; is_newctb = 0; } if (pkttype > 63) { _cdk_log_info ("cdk_pkt_read: unknown type %d\n", pkttype); return CDK_Inv_Packet; } if (is_newctb) read_new_length (inp, &pktlen, &pktsize, &is_partial); else read_old_length (inp, ctb, &pktlen, &pktsize); pkt->pkttype = pkttype; pkt->pktlen = pktlen; pkt->pktsize = pktsize + pktlen; pkt->old_ctb = is_newctb ? 0 : 1; rc = 0; switch (pkt->pkttype) { case CDK_PKT_ATTRIBUTE: pkt->pkt.user_id = cdk_calloc (1, sizeof *pkt->pkt.user_id + pkt->pktlen + 16 + 1); if (!pkt->pkt.user_id) return CDK_Out_Of_Core; pkt->pkt.user_id->name = (char*)pkt->pkt.user_id + sizeof(*pkt->pkt.user_id); rc = read_attribute (inp, pktlen, pkt->pkt.user_id); pkt->pkttype = CDK_PKT_ATTRIBUTE; break; case CDK_PKT_USER_ID: pkt->pkt.user_id = cdk_calloc (1, sizeof *pkt->pkt.user_id + pkt->pktlen + 1); if (!pkt->pkt.user_id) return CDK_Out_Of_Core; pkt->pkt.user_id->name = (char*)pkt->pkt.user_id + sizeof(*pkt->pkt.user_id); rc = read_user_id (inp, pktlen, pkt->pkt.user_id); break; case CDK_PKT_PUBLIC_KEY: pkt->pkt.public_key = cdk_calloc (1, sizeof *pkt->pkt.public_key); if (!pkt->pkt.public_key) return CDK_Out_Of_Core; rc = read_public_key (inp, pktlen, pkt->pkt.public_key); break; case CDK_PKT_PUBLIC_SUBKEY: pkt->pkt.public_key = cdk_calloc (1, sizeof *pkt->pkt.public_key); if (!pkt->pkt.public_key) return CDK_Out_Of_Core; rc = read_public_subkey (inp, pktlen, pkt->pkt.public_key); break; case CDK_PKT_SECRET_KEY: pkt->pkt.secret_key = cdk_calloc (1, sizeof *pkt->pkt.secret_key); if (!pkt->pkt.secret_key) return CDK_Out_Of_Core; pkt->pkt.secret_key->pk = cdk_calloc (1, sizeof *pkt->pkt.secret_key->pk); if (!pkt->pkt.secret_key->pk) return CDK_Out_Of_Core; rc = read_secret_key (inp, pktlen, pkt->pkt.secret_key); break; case CDK_PKT_SECRET_SUBKEY: pkt->pkt.secret_key = cdk_calloc (1, sizeof *pkt->pkt.secret_key); if (!pkt->pkt.secret_key) return CDK_Out_Of_Core; pkt->pkt.secret_key->pk = cdk_calloc (1, sizeof *pkt->pkt.secret_key->pk); if (!pkt->pkt.secret_key->pk) return CDK_Out_Of_Core; rc = read_secret_subkey (inp, pktlen, pkt->pkt.secret_key); break; case CDK_PKT_LITERAL: pkt->pkt.literal = cdk_calloc (1, sizeof *pkt->pkt.literal); if (!pkt->pkt.literal) return CDK_Out_Of_Core; rc = read_literal (inp, pktlen, &pkt->pkt.literal, is_partial); break; case CDK_PKT_ONEPASS_SIG: pkt->pkt.onepass_sig = cdk_calloc (1, sizeof *pkt->pkt.onepass_sig); if (!pkt->pkt.onepass_sig) return CDK_Out_Of_Core; rc = read_onepass_sig (inp, pktlen, pkt->pkt.onepass_sig); break; case CDK_PKT_SIGNATURE: pkt->pkt.signature = cdk_calloc (1, sizeof *pkt->pkt.signature); if (!pkt->pkt.signature) return CDK_Out_Of_Core; rc = read_signature (inp, pktlen, pkt->pkt.signature); break; case CDK_PKT_PUBKEY_ENC: pkt->pkt.pubkey_enc = cdk_calloc (1, sizeof *pkt->pkt.pubkey_enc); if (!pkt->pkt.pubkey_enc) return CDK_Out_Of_Core; rc = read_pubkey_enc (inp, pktlen, pkt->pkt.pubkey_enc); break; case CDK_PKT_COMPRESSED: pkt->pkt.compressed = cdk_calloc (1, sizeof *pkt->pkt.compressed); if (!pkt->pkt.compressed) return CDK_Out_Of_Core; rc = read_compressed (inp, pktlen, pkt->pkt.compressed); break; case CDK_PKT_MDC: pkt->pkt.mdc = cdk_calloc (1, sizeof *pkt->pkt.mdc); if (!pkt->pkt.mdc) return CDK_Out_Of_Core; rc = read_mdc (inp, pkt->pkt.mdc); break; default: /* Skip all packets we don't understand */ skip_packet (inp, pktlen); break; } return rc; }
static cdk_error_t file_verify_clearsign (cdk_ctx_t hd, const char *file, const char *output) { cdk_stream_t inp = NULL, out = NULL, tmp = NULL; digest_hd_st md; char buf[512], chk[512]; const char *s; int i, is_signed = 0, nbytes; int digest_algo = 0; int err; cdk_error_t rc; memset(&md, 0, sizeof(md)); if (output) { rc = cdk_stream_create (output, &out); if (rc) return rc; } rc = cdk_stream_open (file, &inp); if (rc) { if (output) cdk_stream_close (out); return rc; } s = "-----BEGIN PGP SIGNED MESSAGE-----"; while (!cdk_stream_eof (inp)) { nbytes = _cdk_stream_gets (inp, buf, DIM (buf) - 1); if (!nbytes || nbytes == -1) break; if (!strncmp (buf, s, strlen (s))) { is_signed = 1; break; } } if (cdk_stream_eof (inp) && !is_signed) { rc = CDK_Armor_Error; goto leave; } while (!cdk_stream_eof (inp)) { nbytes = _cdk_stream_gets (inp, buf, DIM (buf) - 1); if (!nbytes || nbytes == -1) break; if (nbytes == 1) /* Empty line */ break; else if (!strncmp (buf, "Hash: ", 6)) { for (i = 0; digest_table[i].name; i++) { if (!strcmp (buf + 6, digest_table[i].name)) { digest_algo = digest_table[i].algo; break; } } } } if (digest_algo && _gnutls_hash_get_algo_len (digest_algo) <= 0) { rc = CDK_Inv_Algo; goto leave; } if (!digest_algo) digest_algo = GNUTLS_DIG_MD5; err = _gnutls_hash_init (&md, digest_algo); if (err < 0) { rc = map_gnutls_error (err); goto leave; } s = "-----BEGIN PGP SIGNATURE-----"; while (!cdk_stream_eof (inp)) { nbytes = _cdk_stream_gets (inp, buf, DIM (buf) - 1); if (!nbytes || nbytes == -1) break; if (!strncmp (buf, s, strlen (s))) break; else { cdk_stream_peek (inp, (byte *) chk, DIM (chk) - 1); i = strncmp (chk, s, strlen (s)); if (strlen (buf) == 0 && i == 0) continue; /* skip last '\n' */ _cdk_trim_string (buf, i == 0 ? 0 : 1); _gnutls_hash (&md, buf, strlen (buf)); } if (!strncmp (buf, "- ", 2)) /* FIXME: handle it recursive. */ memmove (buf, buf + 2, nbytes - 2); if (out) { if (strstr (buf, "\r\n")) buf[strlen (buf) - 2] = '\0'; cdk_stream_write (out, buf, strlen (buf)); _cdk_stream_puts (out, _cdk_armor_get_lineend ()); } } /* We create a temporary stream object to store the signature data in there. */ rc = cdk_stream_tmp_new (&tmp); if (rc) goto leave; s = "-----BEGIN PGP SIGNATURE-----\n"; _cdk_stream_puts (tmp, s); while (!cdk_stream_eof (inp)) { nbytes = _cdk_stream_gets (inp, buf, DIM (buf) - 1); if (!nbytes || nbytes == -1) break; if (nbytes < (int) (DIM (buf) - 3)) { buf[nbytes - 1] = '\n'; buf[nbytes] = '\0'; } cdk_stream_write (tmp, buf, nbytes); } /* FIXME: This code is not very elegant. */ cdk_stream_tmp_set_mode (tmp, STREAMCTL_READ); cdk_stream_seek (tmp, 0); cdk_stream_set_armor_flag (tmp, 0); cdk_stream_read (tmp, NULL, 0); /* the digest handle will be closed there. */ rc = _cdk_proc_packets (hd, tmp, NULL, NULL, NULL, &md); leave: _gnutls_hash_deinit (&md, NULL); cdk_stream_close (out); cdk_stream_close (tmp); cdk_stream_close (inp); return rc; }