static void add_subkey_binding_signature(pgp_subkeysig_t* p, pgp_key_t* primarykey, pgp_key_t* subkey, pgp_key_t* seckey) { /*add "0x18: Subkey Binding Signature" packet, PGP_SIG_SUBKEY */ pgp_create_sig_t* sig = NULL; pgp_output_t* sigoutput = NULL; pgp_memory_t* mem_sig = NULL; sig = pgp_create_sig_new(); pgp_sig_start_key_sig(sig, &primarykey->key.pubkey, &subkey->key.pubkey, NULL, PGP_SIG_SUBKEY); pgp_add_creation_time(sig, time(NULL)); pgp_add_key_expiration_time(sig, 0); pgp_add_key_flags(sig, PGP_KEYFLAG_ENC_STORAGE|PGP_KEYFLAG_ENC_COMM); /* NB: algo/hash/compression preferences are not added to subkeys */ pgp_end_hashed_subpkts(sig); pgp_add_issuer_keyid(sig, seckey->pubkeyid); /* the issuer keyid is not hashed by definition */ pgp_setup_memory_write(&sigoutput, &mem_sig, 128); pgp_write_sig(sigoutput, sig, &seckey->key.seckey.pubkey, &seckey->key.seckey); p->subkey = primarykey->subkeyc-1; /* index of subkey in array */ p->packet.length = mem_sig->length; p->packet.raw = mem_sig->buf; mem_sig->buf = NULL; /* move ownership to packet */ copy_sig_info(&p->siginfo, &sig->sig.info); /* not sure, if this is okay, however, siginfo should be set up, otherwise we get "bad info-type" errors */ pgp_create_sig_delete(sig); pgp_output_delete(sigoutput); free(mem_sig); /* do not use pgp_memory_free() as this would also free mem_sig->buf which is owned by the packet */ }
/** \ingroup Core_Keys \brief Add selfsigned User ID to key \param keydata Key to which to add user ID \param userid Self-signed User ID to add \return 1 if OK; else 0 */ unsigned pgp_add_selfsigned_userid(pgp_key_t *key, uint8_t *userid) { pgp_create_sig_t *sig; pgp_subpacket_t sigpacket; pgp_memory_t *mem_userid = NULL; pgp_output_t *useridoutput = NULL; pgp_memory_t *mem_sig = NULL; pgp_output_t *sigoutput = NULL; /* * create signature packet for this userid */ /* create userid pkt */ pgp_setup_memory_write(&useridoutput, &mem_userid, 128); pgp_write_struct_userid(useridoutput, userid); /* create sig for this pkt */ sig = pgp_create_sig_new(); pgp_sig_start_key_sig(sig, &key->key.seckey.pubkey, userid, PGP_CERT_POSITIVE); pgp_add_time(sig, (int64_t)time(NULL), "birth"); pgp_add_issuer_keyid(sig, key->sigid); pgp_add_primary_userid(sig, 1); pgp_end_hashed_subpkts(sig); pgp_setup_memory_write(&sigoutput, &mem_sig, 128); pgp_write_sig(sigoutput, sig, &key->key.seckey.pubkey, &key->key.seckey); /* add this packet to key */ sigpacket.length = pgp_mem_len(mem_sig); sigpacket.raw = pgp_mem_data(mem_sig); /* add userid to key */ (void) pgp_add_userid(key, userid); (void) pgp_add_subpacket(key, &sigpacket); /* cleanup */ pgp_create_sig_delete(sig); pgp_output_delete(useridoutput); pgp_output_delete(sigoutput); pgp_memory_free(mem_userid); pgp_memory_free(mem_sig); return 1; }
static void add_selfsigned_userid(pgp_key_t *skey, pgp_key_t *pkey, const uint8_t *userid, time_t key_expiry) { /* similar to pgp_add_selfsigned_userid() which, however, uses different key flags */ pgp_create_sig_t* sig = NULL; pgp_subpacket_t sigpacket; pgp_memory_t* mem_sig = NULL; pgp_output_t* sigoutput = NULL; /* create sig for this pkt */ sig = pgp_create_sig_new(); pgp_sig_start_key_sig(sig, &skey->key.seckey.pubkey, NULL, userid, PGP_CERT_POSITIVE); pgp_add_creation_time(sig, time(NULL)); pgp_add_key_expiration_time(sig, key_expiry); pgp_add_primary_userid(sig, 1); pgp_add_key_flags(sig, PGP_KEYFLAG_SIGN_DATA|PGP_KEYFLAG_CERT_KEYS); add_key_prefs(sig); pgp_add_key_features(sig); /* will add 0x01 - modification detection */ pgp_end_hashed_subpkts(sig); pgp_add_issuer_keyid(sig, skey->pubkeyid); /* the issuer keyid is not hashed by definition */ pgp_setup_memory_write(&sigoutput, &mem_sig, 128); pgp_write_sig(sigoutput, sig, &skey->key.seckey.pubkey, &skey->key.seckey); /* add this packet to key */ sigpacket.length = pgp_mem_len(mem_sig); sigpacket.raw = pgp_mem_data(mem_sig); /* add user id and signature to key */ pgp_update_userid(skey, userid, &sigpacket, &sig->sig.info); if(pkey) { pgp_update_userid(pkey, userid, &sigpacket, &sig->sig.info); } /* cleanup */ pgp_create_sig_delete(sig); pgp_output_delete(sigoutput); pgp_memory_free(mem_sig); }