int pgp_set_pubkey(PGP_Context *ctx, MBuf *keypkt, const uint8 *key, int key_len, int pubtype) { int res; PullFilter *src; PGP_PubKey *pk = NULL; res = pullf_create_mbuf_reader(&src, keypkt); if (res < 0) return res; res = internal_read_key(src, &pk, key, key_len, pubtype); pullf_free(src); if (res >= 0) ctx->pub_key = pk; return res < 0 ? res : 0; }
/* * dst should have room for 17 bytes */ int pgp_get_keyid(MBuf *pgp_data, char *dst) { int res; PullFilter *src; PullFilter *pkt = NULL; int len; uint8 tag; int got_pub_key = 0, got_symenc_key = 0, got_pubenc_key = 0; int got_data = 0; uint8 keyid_buf[8]; int got_main_key = 0; res = pullf_create_mbuf_reader(&src, pgp_data); if (res < 0) return res; while (1) { res = pgp_parse_pkt_hdr(src, &tag, &len, 0); if (res <= 0) break; res = pgp_create_pkt_reader(&pkt, src, len, res, NULL); if (res < 0) break; switch (tag) { case PGP_PKT_SECRET_KEY: case PGP_PKT_PUBLIC_KEY: /* main key is for signing, so ignore it */ if (!got_main_key) { got_main_key = 1; res = pgp_skip_packet(pkt); } else res = PXE_PGP_MULTIPLE_KEYS; break; case PGP_PKT_SECRET_SUBKEY: case PGP_PKT_PUBLIC_SUBKEY: res = read_pubkey_keyid(pkt, keyid_buf); if (res < 0) break; if (res > 0) got_pub_key++; break; case PGP_PKT_PUBENCRYPTED_SESSKEY: got_pubenc_key++; res = read_pubenc_keyid(pkt, keyid_buf); break; case PGP_PKT_SYMENCRYPTED_DATA: case PGP_PKT_SYMENCRYPTED_DATA_MDC: /* don't skip it, just stop */ got_data = 1; break; case PGP_PKT_SYMENCRYPTED_SESSKEY: got_symenc_key++; /* fallthru */ case PGP_PKT_SIGNATURE: case PGP_PKT_MARKER: case PGP_PKT_TRUST: case PGP_PKT_USER_ID: case PGP_PKT_USER_ATTR: case PGP_PKT_PRIV_61: res = pgp_skip_packet(pkt); break; default: res = PXE_PGP_CORRUPT_DATA; } if (pkt) pullf_free(pkt); pkt = NULL; if (res < 0 || got_data) break; } pullf_free(src); if (pkt) pullf_free(pkt); if (res < 0) return res; /* now check sanity */ if (got_pub_key && got_pubenc_key) res = PXE_PGP_CORRUPT_DATA; if (got_pub_key > 1) res = PXE_PGP_MULTIPLE_KEYS; if (got_pubenc_key > 1) res = PXE_PGP_MULTIPLE_KEYS; /* * if still ok, look what we got */ if (res >= 0) { if (got_pubenc_key || got_pub_key) { if (memcmp(keyid_buf, any_key, 8) == 0) { memcpy(dst, "ANYKEY", 7); res = 6; } else res = print_key(keyid_buf, dst); } else if (got_symenc_key) { memcpy(dst, "SYMKEY", 7); res = 6; } else res = PXE_PGP_NO_USABLE_KEY; } return res; }