Page Menu
Home
GnuPG
Search
Configure Global Search
Log In
Files
F34134364
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Size
38 KB
Subscribers
None
View Options
diff --git a/kbx/keybox-openpgp.c b/kbx/keybox-openpgp.c
index a5f602b7b..a0e4ab9f7 100644
--- a/kbx/keybox-openpgp.c
+++ b/kbx/keybox-openpgp.c
@@ -1,523 +1,522 @@
/* keybox-openpgp.c - OpenPGP key parsing
* Copyright (C) 2001, 2003, 2011 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
/* This is a simple OpenPGP parser suitable for all OpenPGP key
material. It just provides the functionality required to build and
parse an KBX OpenPGP key blob. Thus it is not a complete parser.
However it is self-contained and optimized for fast in-memory
parsing. Note that we don't support old ElGamal v3 keys
anymore. */
#include <config.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <errno.h>
#include <assert.h>
#include "keybox-defs.h"
#include <gcrypt.h>
#include "../common/openpgpdefs.h"
#include "host2net.h"
/* Assume a valid OpenPGP packet at the address pointed to by BUFBTR
which has a maximum length as stored at BUFLEN. Return the header
information of that packet and advance the pointer stored at BUFPTR
to the next packet; also adjust the length stored at BUFLEN to
match the remaining bytes. If there are no more packets, store NULL
at BUFPTR. Return an non-zero error code on failure or the
following data on success:
R_DATAPKT = Pointer to the begin of the packet data.
R_DATALEN = Length of this data. This has already been checked to fit
into the buffer.
R_PKTTYPE = The packet type.
R_NTOTAL = The total number of bytes of this packet
Note that these values are only updated on success.
*/
static gpg_error_t
next_packet (unsigned char const **bufptr, size_t *buflen,
unsigned char const **r_data, size_t *r_datalen, int *r_pkttype,
size_t *r_ntotal)
{
const unsigned char *buf = *bufptr;
size_t len = *buflen;
int c, ctb, pkttype;
unsigned long pktlen;
if (!len)
return gpg_error (GPG_ERR_NO_DATA);
ctb = *buf++; len--;
if ( !(ctb & 0x80) )
return gpg_error (GPG_ERR_INV_PACKET); /* Invalid CTB. */
- pktlen = 0;
if ((ctb & 0x40)) /* New style (OpenPGP) CTB. */
{
pkttype = (ctb & 0x3f);
if (!len)
return gpg_error (GPG_ERR_INV_PACKET); /* No 1st length byte. */
c = *buf++; len--;
if (pkttype == PKT_COMPRESSED)
return gpg_error (GPG_ERR_UNEXPECTED); /* ... packet in a keyblock. */
if ( c < 192 )
pktlen = c;
else if ( c < 224 )
{
pktlen = (c - 192) * 256;
if (!len)
return gpg_error (GPG_ERR_INV_PACKET); /* No 2nd length byte. */
c = *buf++; len--;
pktlen += c + 192;
}
else if (c == 255)
{
if (len <4 )
return gpg_error (GPG_ERR_INV_PACKET); /* No length bytes. */
pktlen = buf32_to_ulong (buf);
buf += 4;
len -= 4;
}
else /* Partial length encoding is not allowed for key packets. */
return gpg_error (GPG_ERR_UNEXPECTED);
}
else /* Old style CTB. */
{
int lenbytes;
pktlen = 0;
pkttype = (ctb>>2)&0xf;
lenbytes = ((ctb&3)==3)? 0 : (1<<(ctb & 3));
if (!lenbytes) /* Not allowed in key packets. */
return gpg_error (GPG_ERR_UNEXPECTED);
if (len < lenbytes)
return gpg_error (GPG_ERR_INV_PACKET); /* Not enough length bytes. */
for (; lenbytes; lenbytes--)
{
pktlen <<= 8;
pktlen |= *buf++; len--;
}
}
/* Do some basic sanity check. */
switch (pkttype)
{
case PKT_SIGNATURE:
case PKT_SECRET_KEY:
case PKT_PUBLIC_KEY:
case PKT_SECRET_SUBKEY:
case PKT_MARKER:
case PKT_RING_TRUST:
case PKT_USER_ID:
case PKT_PUBLIC_SUBKEY:
case PKT_OLD_COMMENT:
case PKT_ATTRIBUTE:
case PKT_COMMENT:
case PKT_GPG_CONTROL:
break; /* Okay these are allowed packets. */
default:
return gpg_error (GPG_ERR_UNEXPECTED);
}
if (pkttype == 63 && pktlen == 0xFFFFFFFF)
/* Sometimes the decompressing layer enters an error state in
which it simply outputs 0xff for every byte read. If we have a
stream of 0xff bytes, then it will be detected as a new format
packet with type 63 and a 4-byte encoded length that is 4G-1.
Since packets with type 63 are private and we use them as a
control packet, which won't be 4 GB, we reject such packets as
invalid. */
return gpg_error (GPG_ERR_INV_PACKET);
if (pktlen > len)
return gpg_error (GPG_ERR_INV_PACKET); /* Packet length header too long. */
*r_data = buf;
*r_datalen = pktlen;
*r_pkttype = pkttype;
*r_ntotal = (buf - *bufptr) + pktlen;
*bufptr = buf + pktlen;
*buflen = len - pktlen;
if (!*buflen)
*bufptr = NULL;
return 0;
}
/* Parse a key packet and store the information in KI. */
static gpg_error_t
parse_key (const unsigned char *data, size_t datalen,
struct _keybox_openpgp_key_info *ki)
{
gpg_error_t err;
const unsigned char *data_start = data;
int i, version, algorithm;
size_t n;
int npkey;
unsigned char hashbuffer[768];
const unsigned char *mpi_n = NULL;
size_t mpi_n_len = 0, mpi_e_len = 0;
gcry_md_hd_t md;
int is_ecc = 0;
if (datalen < 5)
return gpg_error (GPG_ERR_INV_PACKET);
version = *data++; datalen--;
if (version < 2 || version > 4 )
return gpg_error (GPG_ERR_INV_PACKET); /* Invalid version. */
/*timestamp = ((data[0]<<24)|(data[1]<<16)|(data[2]<<8)|(data[3]));*/
data +=4; datalen -=4;
if (version < 4)
{
if (datalen < 2)
return gpg_error (GPG_ERR_INV_PACKET);
data +=2; datalen -= 2;
}
if (!datalen)
return gpg_error (GPG_ERR_INV_PACKET);
algorithm = *data++; datalen--;
switch (algorithm)
{
case PUBKEY_ALGO_RSA:
case PUBKEY_ALGO_RSA_E:
case PUBKEY_ALGO_RSA_S:
npkey = 2;
break;
case PUBKEY_ALGO_ELGAMAL_E:
case PUBKEY_ALGO_ELGAMAL:
npkey = 3;
break;
case PUBKEY_ALGO_DSA:
npkey = 4;
break;
case PUBKEY_ALGO_ECDH:
npkey = 3;
is_ecc = 1;
break;
case PUBKEY_ALGO_ECDSA:
case PUBKEY_ALGO_EDDSA:
npkey = 2;
is_ecc = 1;
break;
default: /* Unknown algorithm. */
return gpg_error (GPG_ERR_UNKNOWN_ALGORITHM);
}
ki->algo = algorithm;
for (i=0; i < npkey; i++ )
{
unsigned int nbits, nbytes;
if (datalen < 2)
return gpg_error (GPG_ERR_INV_PACKET);
if (is_ecc && (i == 0 || i == 2))
{
nbytes = data[0];
if (nbytes < 2 || nbytes > 254)
return gpg_error (GPG_ERR_INV_PACKET);
nbytes++; /* The size byte itself. */
if (datalen < nbytes)
return gpg_error (GPG_ERR_INV_PACKET);
}
else
{
nbits = ((data[0]<<8)|(data[1]));
data += 2;
datalen -= 2;
nbytes = (nbits+7) / 8;
if (datalen < nbytes)
return gpg_error (GPG_ERR_INV_PACKET);
/* For use by v3 fingerprint calculation we need to know the RSA
modulus and exponent. */
if (i==0)
{
mpi_n = data;
mpi_n_len = nbytes;
}
else if (i==1)
mpi_e_len = nbytes;
}
data += nbytes; datalen -= nbytes;
}
n = data - data_start;
if (version < 4)
{
/* We do not support any other algorithm than RSA in v3
packets. */
if (algorithm < 1 || algorithm > 3)
return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
err = gcry_md_open (&md, GCRY_MD_MD5, 0);
if (err)
return err; /* Oops */
gcry_md_write (md, mpi_n, mpi_n_len);
gcry_md_write (md, mpi_n+mpi_n_len+2, mpi_e_len);
memcpy (ki->fpr, gcry_md_read (md, 0), 16);
gcry_md_close (md);
ki->fprlen = 16;
if (mpi_n_len < 8)
{
/* Moduli less than 64 bit are out of the specs scope. Zero
them out because this is what gpg does too. */
memset (ki->keyid, 0, 8);
}
else
memcpy (ki->keyid, mpi_n + mpi_n_len - 8, 8);
}
else
{
/* Its a pitty that we need to prefix the buffer with the tag
and a length header: We can't simply pass it to the fast
hashing function for that reason. It might be a good idea to
have a scatter-gather enabled hash function. What we do here
is to use a static buffer if this one is large enough and
only use the regular hash functions if this buffer is not
large enough. */
if ( 3 + n < sizeof hashbuffer )
{
hashbuffer[0] = 0x99; /* CTB */
hashbuffer[1] = (n >> 8); /* 2 byte length header. */
hashbuffer[2] = n;
memcpy (hashbuffer + 3, data_start, n);
gcry_md_hash_buffer (GCRY_MD_SHA1, ki->fpr, hashbuffer, 3 + n);
}
else
{
err = gcry_md_open (&md, GCRY_MD_SHA1, 0);
if (err)
return err; /* Oops */
gcry_md_putc (md, 0x99 ); /* CTB */
gcry_md_putc (md, (n >> 8) ); /* 2 byte length header. */
gcry_md_putc (md, n );
gcry_md_write (md, data_start, n);
memcpy (ki->fpr, gcry_md_read (md, 0), 20);
gcry_md_close (md);
}
ki->fprlen = 20;
memcpy (ki->keyid, ki->fpr+12, 8);
}
return 0;
}
/* The caller must pass the address of an INFO structure which will
get filled on success with information pertaining to the OpenPGP
keyblock IMAGE of length IMAGELEN. Note that a caller does only
need to release this INFO structure if the function returns
success. If NPARSED is not NULL the actual number of bytes parsed
will be stored at this address. */
gpg_error_t
_keybox_parse_openpgp (const unsigned char *image, size_t imagelen,
size_t *nparsed, keybox_openpgp_info_t info)
{
gpg_error_t err = 0;
const unsigned char *image_start, *data;
size_t n, datalen;
int pkttype;
int first = 1;
int read_error = 0;
struct _keybox_openpgp_key_info *k, **ktail = NULL;
struct _keybox_openpgp_uid_info *u, **utail = NULL;
memset (info, 0, sizeof *info);
if (nparsed)
*nparsed = 0;
image_start = image;
while (image)
{
err = next_packet (&image, &imagelen, &data, &datalen, &pkttype, &n);
if (err)
{
read_error = 1;
break;
}
if (first)
{
if (pkttype == PKT_PUBLIC_KEY)
;
else if (pkttype == PKT_SECRET_KEY)
info->is_secret = 1;
else
{
err = gpg_error (GPG_ERR_UNEXPECTED);
if (nparsed)
*nparsed += n;
break;
}
first = 0;
}
else if (pkttype == PKT_PUBLIC_KEY || pkttype == PKT_SECRET_KEY)
break; /* Next keyblock encountered - ready. */
if (nparsed)
*nparsed += n;
if (pkttype == PKT_SIGNATURE)
{
/* For now we only count the total number of signatures. */
info->nsigs++;
}
else if (pkttype == PKT_USER_ID)
{
info->nuids++;
if (info->nuids == 1)
{
info->uids.off = data - image_start;
info->uids.len = datalen;
utail = &info->uids.next;
}
else
{
u = xtrycalloc (1, sizeof *u);
if (!u)
{
err = gpg_error_from_syserror ();
break;
}
u->off = data - image_start;
u->len = datalen;
*utail = u;
utail = &u->next;
}
}
else if (pkttype == PKT_PUBLIC_KEY || pkttype == PKT_SECRET_KEY)
{
err = parse_key (data, datalen, &info->primary);
if (err)
break;
}
else if( pkttype == PKT_PUBLIC_SUBKEY && datalen && *data == '#' )
{
/* Early versions of GnuPG used old PGP comment packets;
* luckily all those comments are prefixed by a hash
* sign - ignore these packets. */
}
else if (pkttype == PKT_PUBLIC_SUBKEY || pkttype == PKT_SECRET_SUBKEY)
{
info->nsubkeys++;
if (info->nsubkeys == 1)
{
err = parse_key (data, datalen, &info->subkeys);
if (err)
{
info->nsubkeys--;
/* We ignore subkeys with unknown algorithms. */
if (gpg_err_code (err) == GPG_ERR_UNKNOWN_ALGORITHM
|| gpg_err_code (err) == GPG_ERR_UNSUPPORTED_ALGORITHM)
err = 0;
if (err)
break;
}
else
ktail = &info->subkeys.next;
}
else
{
k = xtrycalloc (1, sizeof *k);
if (!k)
{
err = gpg_error_from_syserror ();
break;
}
err = parse_key (data, datalen, k);
if (err)
{
xfree (k);
info->nsubkeys--;
/* We ignore subkeys with unknown algorithms. */
if (gpg_err_code (err) == GPG_ERR_UNKNOWN_ALGORITHM
|| gpg_err_code (err) == GPG_ERR_UNSUPPORTED_ALGORITHM)
err = 0;
if (err)
break;
}
else
{
*ktail = k;
ktail = &k->next;
}
}
}
}
if (err)
{
_keybox_destroy_openpgp_info (info);
if (!read_error)
{
/* Packet parsing worked, thus we should be able to skip the
rest of the keyblock. */
while (image)
{
if (next_packet (&image, &imagelen,
&data, &datalen, &pkttype, &n) )
break; /* Another error - stop here. */
if (pkttype == PKT_PUBLIC_KEY || pkttype == PKT_SECRET_KEY)
break; /* Next keyblock encountered - ready. */
if (nparsed)
*nparsed += n;
}
}
}
return err;
}
/* Release any malloced data in INFO but not INFO itself! */
void
_keybox_destroy_openpgp_info (keybox_openpgp_info_t info)
{
struct _keybox_openpgp_key_info *k, *k2;
struct _keybox_openpgp_uid_info *u, *u2;
assert (!info->primary.next);
for (k=info->subkeys.next; k; k = k2)
{
k2 = k->next;
xfree (k);
}
for (u=info->uids.next; u; u = u2)
{
u2 = u->next;
xfree (u);
}
}
diff --git a/kbx/keybox-update.c b/kbx/keybox-update.c
index ef3e33009..aa8086550 100644
--- a/kbx/keybox-update.c
+++ b/kbx/keybox-update.c
@@ -1,859 +1,858 @@
/* keybox-update.c - keybox update operations
* Copyright (C) 2001, 2003, 2004, 2012 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
#include <config.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <errno.h>
#include <time.h>
#include <unistd.h>
#include <assert.h>
#include "keybox-defs.h"
#include "../common/sysutils.h"
#include "../common/host2net.h"
#define EXTSEP_S "."
#define FILECOPY_INSERT 1
#define FILECOPY_DELETE 2
#define FILECOPY_UPDATE 3
#if !defined(HAVE_FSEEKO) && !defined(fseeko)
#ifdef HAVE_LIMITS_H
# include <limits.h>
#endif
#ifndef LONG_MAX
# define LONG_MAX ((long) ((unsigned long) -1 >> 1))
#endif
#ifndef LONG_MIN
# define LONG_MIN (-1 - LONG_MAX)
#endif
/****************
* A substitute for fseeko, for hosts that don't have it.
*/
static int
fseeko (FILE * stream, off_t newpos, int whence)
{
while (newpos != (long) newpos)
{
long pos = newpos < 0 ? LONG_MIN : LONG_MAX;
if (fseek (stream, pos, whence) != 0)
return -1;
newpos -= pos;
whence = SEEK_CUR;
}
return fseek (stream, (long) newpos, whence);
}
#endif /* !defined(HAVE_FSEEKO) && !defined(fseeko) */
static int
create_tmp_file (const char *template,
char **r_bakfname, char **r_tmpfname, FILE **r_fp)
{
char *bakfname, *tmpfname;
*r_bakfname = NULL;
*r_tmpfname = NULL;
# ifdef USE_ONLY_8DOT3
/* Here is another Windoze bug?:
* you can't rename("pubring.kbx.tmp", "pubring.kbx");
* but rename("pubring.kbx.tmp", "pubring.aaa");
* works. So we replace ".kbx" by ".kb_" or ".k__". Note that we
* can't use ".bak" and ".tmp", because these suffixes are used by
* gpg and would lead to a sharing violation or data corruption.
*/
if (strlen (template) > 4
&& !strcmp (template+strlen(template)-4, EXTSEP_S "kbx") )
{
bakfname = xtrymalloc (strlen (template) + 1);
if (!bakfname)
return gpg_error_from_syserror ();
strcpy (bakfname, template);
strcpy (bakfname+strlen(template)-4, EXTSEP_S "kb_");
tmpfname = xtrymalloc (strlen (template) + 1);
if (!tmpfname)
{
gpg_error_t tmperr = gpg_error_from_syserror ();
xfree (bakfname);
return tmperr;
}
strcpy (tmpfname,template);
strcpy (tmpfname + strlen (template)-4, EXTSEP_S "k__");
}
else
{ /* File does not end with kbx, thus we hope we are working on a
modern file system and appending a suffix works. */
bakfname = xtrymalloc ( strlen (template) + 5);
if (!bakfname)
return gpg_error_from_syserror ();
strcpy (stpcpy (bakfname, template), EXTSEP_S "kb_");
tmpfname = xtrymalloc ( strlen (template) + 5);
if (!tmpfname)
{
gpg_error_t tmperr = gpg_error_from_syserror ();
xfree (bakfname);
return tmperr;
}
strcpy (stpcpy (tmpfname, template), EXTSEP_S "k__");
}
# else /* Posix file names */
bakfname = xtrymalloc (strlen (template) + 2);
if (!bakfname)
return gpg_error_from_syserror ();
strcpy (stpcpy (bakfname,template),"~");
tmpfname = xtrymalloc ( strlen (template) + 5);
if (!tmpfname)
{
gpg_error_t tmperr = gpg_error_from_syserror ();
xfree (bakfname);
return tmperr;
}
strcpy (stpcpy (tmpfname,template), EXTSEP_S "tmp");
# endif /* Posix filename */
*r_fp = fopen (tmpfname, "wb");
if (!*r_fp)
{
gpg_error_t tmperr = gpg_error_from_syserror ();
xfree (tmpfname);
xfree (bakfname);
return tmperr;
}
*r_bakfname = bakfname;
*r_tmpfname = tmpfname;
return 0;
}
static int
rename_tmp_file (const char *bakfname, const char *tmpfname,
const char *fname, int secret )
{
int rc=0;
/* restrict the permissions for secret keyboxs */
#ifndef HAVE_DOSISH_SYSTEM
/* if (secret && !opt.preserve_permissions) */
/* { */
/* if (chmod (tmpfname, S_IRUSR | S_IWUSR) ) */
/* { */
/* log_debug ("chmod of '%s' failed: %s\n", */
/* tmpfname, strerror(errno) ); */
/* return KEYBOX_Write_File; */
/* } */
/* } */
#endif
/* fixme: invalidate close caches (not used with stdio)*/
/* iobuf_ioctl (NULL, IOBUF_IOCTL_INVALIDATE_CACHE, 0, (char*)tmpfname ); */
/* iobuf_ioctl (NULL, IOBUF_IOCTL_INVALIDATE_CACHE, 0, (char*)bakfname ); */
/* iobuf_ioctl (NULL, IOBUF_IOCTL_INVALIDATE_CACHE, 0, (char*)fname ); */
/* First make a backup file except for secret keyboxes. */
if (!secret)
{
#if defined(HAVE_DOSISH_SYSTEM) || defined(__riscos__)
gnupg_remove (bakfname);
#endif
if (rename (fname, bakfname) )
{
return gpg_error_from_syserror ();
}
}
/* Then rename the file. */
#if defined(HAVE_DOSISH_SYSTEM) || defined(__riscos__)
gnupg_remove (fname);
#endif
if (rename (tmpfname, fname) )
{
rc = gpg_error_from_syserror ();
if (secret)
{
/* log_info ("WARNING: 2 files with confidential" */
/* " information exists.\n"); */
/* log_info ("%s is the unchanged one\n", fname ); */
/* log_info ("%s is the new one\n", tmpfname ); */
/* log_info ("Please fix this possible security flaw\n"); */
}
return rc;
}
return 0;
}
/* Perform insert/delete/update operation. MODE is one of
FILECOPY_INSERT, FILECOPY_DELETE, FILECOPY_UPDATE. FOR_OPENPGP
indicates that this is called due to an OpenPGP keyblock change. */
static int
blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob,
int secret, int for_openpgp, off_t start_offset)
{
FILE *fp, *newfp;
int rc=0;
char *bakfname = NULL;
char *tmpfname = NULL;
char buffer[4096]; /* (Must be at least 32 bytes) */
int nread, nbytes;
/* Open the source file. Because we do a rename, we have to check the
permissions of the file */
if (access (fname, W_OK))
return gpg_error_from_syserror ();
fp = fopen (fname, "rb");
if (mode == FILECOPY_INSERT && !fp && errno == ENOENT)
{
/* Insert mode but file does not exist:
Create a new keybox file. */
newfp = fopen (fname, "wb");
if (!newfp )
return gpg_error_from_syserror ();
rc = _keybox_write_header_blob (newfp, for_openpgp);
if (rc)
{
fclose (newfp);
return rc;
}
rc = _keybox_write_blob (blob, newfp);
if (rc)
{
fclose (newfp);
return rc;
}
if ( fclose (newfp) )
return gpg_error_from_syserror ();
/* if (chmod( fname, S_IRUSR | S_IWUSR )) */
/* { */
/* log_debug ("%s: chmod failed: %s\n", fname, strerror(errno) ); */
/* return KEYBOX_File_Error; */
/* } */
return 0; /* Ready. */
}
if (!fp)
{
rc = gpg_error_from_syserror ();
goto leave;
}
- /* Create the new file. */
+ /* Create the new file. On success NEWFP is initialized. */
rc = create_tmp_file (fname, &bakfname, &tmpfname, &newfp);
if (rc)
{
fclose (fp);
- fclose (newfp);
goto leave;
}
/* prepare for insert */
if (mode == FILECOPY_INSERT)
{
int first_record = 1;
/* Copy everything to the new file. If this is for OpenPGP, we
make sure that the openpgp flag is set in the header. (We
failsafe the blob type.) */
while ( (nread = fread (buffer, 1, DIM(buffer), fp)) > 0 )
{
if (first_record && for_openpgp
&& buffer[4] == KEYBOX_BLOBTYPE_HEADER)
{
first_record = 0;
buffer[7] |= 0x02; /* OpenPGP data may be available. */
}
if (fwrite (buffer, nread, 1, newfp) != 1)
{
rc = gpg_error_from_syserror ();
fclose (fp);
fclose (newfp);
goto leave;
}
}
if (ferror (fp))
{
rc = gpg_error_from_syserror ();
fclose (fp);
fclose (newfp);
goto leave;
}
}
/* Prepare for delete or update. */
if ( mode == FILECOPY_DELETE || mode == FILECOPY_UPDATE )
{
off_t current = 0;
/* Copy first part to the new file. */
while ( current < start_offset )
{
nbytes = DIM(buffer);
if (current + nbytes > start_offset)
nbytes = start_offset - current;
nread = fread (buffer, 1, nbytes, fp);
if (!nread)
break;
current += nread;
if (fwrite (buffer, nread, 1, newfp) != 1)
{
rc = gpg_error_from_syserror ();
fclose (fp);
fclose (newfp);
goto leave;
}
}
if (ferror (fp))
{
rc = gpg_error_from_syserror ();
fclose (fp);
fclose (newfp);
goto leave;
}
/* Skip this blob. */
rc = _keybox_read_blob (NULL, fp);
if (rc)
{
fclose (fp);
fclose (newfp);
return rc;
}
}
/* Do an insert or update. */
if ( mode == FILECOPY_INSERT || mode == FILECOPY_UPDATE )
{
rc = _keybox_write_blob (blob, newfp);
if (rc)
{
fclose (fp);
fclose (newfp);
return rc;
}
}
/* Copy the rest of the packet for an delete or update. */
if (mode == FILECOPY_DELETE || mode == FILECOPY_UPDATE)
{
while ( (nread = fread (buffer, 1, DIM(buffer), fp)) > 0 )
{
if (fwrite (buffer, nread, 1, newfp) != 1)
{
rc = gpg_error_from_syserror ();
fclose (fp);
fclose (newfp);
goto leave;
}
}
if (ferror (fp))
{
rc = gpg_error_from_syserror ();
fclose (fp);
fclose (newfp);
goto leave;
}
}
/* Close both files. */
if (fclose(fp))
{
rc = gpg_error_from_syserror ();
fclose (newfp);
goto leave;
}
if (fclose(newfp))
{
rc = gpg_error_from_syserror ();
goto leave;
}
rc = rename_tmp_file (bakfname, tmpfname, fname, secret);
leave:
xfree(bakfname);
xfree(tmpfname);
return rc;
}
/* Insert the OpenPGP keyblock {IMAGE,IMAGELEN} into HD. SIGSTATUS is
a vector describing the status of the signatures; its first element
gives the number of following elements. */
gpg_error_t
keybox_insert_keyblock (KEYBOX_HANDLE hd, const void *image, size_t imagelen,
u32 *sigstatus)
{
gpg_error_t err;
const char *fname;
KEYBOXBLOB blob;
size_t nparsed;
struct _keybox_openpgp_info info;
if (!hd)
return gpg_error (GPG_ERR_INV_HANDLE);
if (!hd->kb)
return gpg_error (GPG_ERR_INV_HANDLE);
fname = hd->kb->fname;
if (!fname)
return gpg_error (GPG_ERR_INV_HANDLE);
/* Close this one otherwise we will mess up the position for a next
search. Fixme: it would be better to adjust the position after
the write operation. */
_keybox_close_file (hd);
err = _keybox_parse_openpgp (image, imagelen, &nparsed, &info);
if (err)
return err;
assert (nparsed <= imagelen);
err = _keybox_create_openpgp_blob (&blob, &info, image, imagelen,
sigstatus, hd->ephemeral);
_keybox_destroy_openpgp_info (&info);
if (!err)
{
err = blob_filecopy (FILECOPY_INSERT, fname, blob, hd->secret, 1, 0);
_keybox_release_blob (blob);
/* if (!rc && !hd->secret && kb_offtbl) */
/* { */
/* update_offset_hash_table_from_kb (kb_offtbl, kb, 0); */
/* } */
}
return err;
}
/* Update the current key at HD with the given OpenPGP keyblock in
{IMAGE,IMAGELEN}. */
gpg_error_t
keybox_update_keyblock (KEYBOX_HANDLE hd, const void *image, size_t imagelen)
{
gpg_error_t err;
const char *fname;
off_t off;
KEYBOXBLOB blob;
size_t nparsed;
struct _keybox_openpgp_info info;
if (!hd || !image || !imagelen)
return gpg_error (GPG_ERR_INV_VALUE);
if (!hd->found.blob)
return gpg_error (GPG_ERR_NOTHING_FOUND);
if (blob_get_type (hd->found.blob) != KEYBOX_BLOBTYPE_PGP)
return gpg_error (GPG_ERR_WRONG_BLOB_TYPE);
fname = hd->kb->fname;
if (!fname)
return gpg_error (GPG_ERR_INV_HANDLE);
off = _keybox_get_blob_fileoffset (hd->found.blob);
if (off == (off_t)-1)
return gpg_error (GPG_ERR_GENERAL);
/* Close this the file so that we do no mess up the position for a
next search. */
_keybox_close_file (hd);
/* Build a new blob. */
err = _keybox_parse_openpgp (image, imagelen, &nparsed, &info);
if (err)
return err;
assert (nparsed <= imagelen);
err = _keybox_create_openpgp_blob (&blob, &info, image, imagelen,
NULL, hd->ephemeral);
_keybox_destroy_openpgp_info (&info);
/* Update the keyblock. */
if (!err)
{
err = blob_filecopy (FILECOPY_UPDATE, fname, blob, hd->secret, 1, off);
_keybox_release_blob (blob);
}
return err;
}
#ifdef KEYBOX_WITH_X509
int
keybox_insert_cert (KEYBOX_HANDLE hd, ksba_cert_t cert,
unsigned char *sha1_digest)
{
int rc;
const char *fname;
KEYBOXBLOB blob;
if (!hd)
return gpg_error (GPG_ERR_INV_HANDLE);
if (!hd->kb)
return gpg_error (GPG_ERR_INV_HANDLE);
fname = hd->kb->fname;
if (!fname)
return gpg_error (GPG_ERR_INV_HANDLE);
/* Close this one otherwise we will mess up the position for a next
search. Fixme: it would be better to adjust the position after
the write operation. */
_keybox_close_file (hd);
rc = _keybox_create_x509_blob (&blob, cert, sha1_digest, hd->ephemeral);
if (!rc)
{
rc = blob_filecopy (FILECOPY_INSERT, fname, blob, hd->secret, 0, 0);
_keybox_release_blob (blob);
/* if (!rc && !hd->secret && kb_offtbl) */
/* { */
/* update_offset_hash_table_from_kb (kb_offtbl, kb, 0); */
/* } */
}
return rc;
}
int
keybox_update_cert (KEYBOX_HANDLE hd, ksba_cert_t cert,
unsigned char *sha1_digest)
{
(void)hd;
(void)cert;
(void)sha1_digest;
return -1;
}
#endif /*KEYBOX_WITH_X509*/
/* Note: We assume that the keybox has been locked before the current
search was executed. This is needed so that we can depend on the
offset information of the flags. */
int
keybox_set_flags (KEYBOX_HANDLE hd, int what, int idx, unsigned int value)
{
off_t off;
const char *fname;
FILE *fp;
gpg_err_code_t ec;
size_t flag_pos, flag_size;
const unsigned char *buffer;
size_t length;
(void)idx; /* Not yet used. */
if (!hd)
return gpg_error (GPG_ERR_INV_VALUE);
if (!hd->found.blob)
return gpg_error (GPG_ERR_NOTHING_FOUND);
if (!hd->kb)
return gpg_error (GPG_ERR_INV_HANDLE);
if (!hd->found.blob)
return gpg_error (GPG_ERR_NOTHING_FOUND);
fname = hd->kb->fname;
if (!fname)
return gpg_error (GPG_ERR_INV_HANDLE);
off = _keybox_get_blob_fileoffset (hd->found.blob);
if (off == (off_t)-1)
return gpg_error (GPG_ERR_GENERAL);
buffer = _keybox_get_blob_image (hd->found.blob, &length);
ec = _keybox_get_flag_location (buffer, length, what, &flag_pos, &flag_size);
if (ec)
return gpg_error (ec);
off += flag_pos;
_keybox_close_file (hd);
fp = fopen (hd->kb->fname, "r+b");
if (!fp)
return gpg_error_from_syserror ();
ec = 0;
if (fseeko (fp, off, SEEK_SET))
ec = gpg_err_code_from_syserror ();
else
{
unsigned char tmp[4];
tmp[0] = value >> 24;
tmp[1] = value >> 16;
tmp[2] = value >> 8;
tmp[3] = value;
switch (flag_size)
{
case 1:
case 2:
case 4:
if (fwrite (tmp+4-flag_size, flag_size, 1, fp) != 1)
ec = gpg_err_code_from_syserror ();
break;
default:
ec = GPG_ERR_BUG;
break;
}
}
if (fclose (fp))
{
if (!ec)
ec = gpg_err_code_from_syserror ();
}
return gpg_error (ec);
}
int
keybox_delete (KEYBOX_HANDLE hd)
{
off_t off;
const char *fname;
FILE *fp;
int rc;
if (!hd)
return gpg_error (GPG_ERR_INV_VALUE);
if (!hd->found.blob)
return gpg_error (GPG_ERR_NOTHING_FOUND);
if (!hd->kb)
return gpg_error (GPG_ERR_INV_HANDLE);
fname = hd->kb->fname;
if (!fname)
return gpg_error (GPG_ERR_INV_HANDLE);
off = _keybox_get_blob_fileoffset (hd->found.blob);
if (off == (off_t)-1)
return gpg_error (GPG_ERR_GENERAL);
off += 4;
_keybox_close_file (hd);
fp = fopen (hd->kb->fname, "r+b");
if (!fp)
return gpg_error_from_syserror ();
if (fseeko (fp, off, SEEK_SET))
rc = gpg_error_from_syserror ();
else if (putc (0, fp) == EOF)
rc = gpg_error_from_syserror ();
else
rc = 0;
if (fclose (fp))
{
if (!rc)
rc = gpg_error_from_syserror ();
}
return rc;
}
/* Compress the keybox file. This should be run with the file
locked. */
int
keybox_compress (KEYBOX_HANDLE hd)
{
int read_rc, rc;
const char *fname;
FILE *fp, *newfp;
char *bakfname = NULL;
char *tmpfname = NULL;
int first_blob;
KEYBOXBLOB blob = NULL;
u32 cut_time;
int any_changes = 0;
int skipped_deleted;
if (!hd)
return gpg_error (GPG_ERR_INV_HANDLE);
if (!hd->kb)
return gpg_error (GPG_ERR_INV_HANDLE);
if (hd->secret)
return gpg_error (GPG_ERR_NOT_IMPLEMENTED);
fname = hd->kb->fname;
if (!fname)
return gpg_error (GPG_ERR_INV_HANDLE);
_keybox_close_file (hd);
/* Open the source file. Because we do a rename, we have to check the
permissions of the file */
if (access (fname, W_OK))
return gpg_error_from_syserror ();
fp = fopen (fname, "rb");
if (!fp && errno == ENOENT)
return 0; /* Ready. File has been deleted right after the access above. */
if (!fp)
{
rc = gpg_error_from_syserror ();
return rc;
}
/* A quick test to see if we need to compress the file at all. We
schedule a compress run after 3 hours. */
if ( !_keybox_read_blob (&blob, fp) )
{
const unsigned char *buffer;
size_t length;
buffer = _keybox_get_blob_image (blob, &length);
if (length > 4 && buffer[4] == KEYBOX_BLOBTYPE_HEADER)
{
u32 last_maint = buf32_to_u32 (buffer+20);
if ( (last_maint + 3*3600) > time (NULL) )
{
fclose (fp);
_keybox_release_blob (blob);
return 0; /* Compress run not yet needed. */
}
}
_keybox_release_blob (blob);
fseek (fp, 0, SEEK_SET);
clearerr (fp);
}
/* Create the new file. */
rc = create_tmp_file (fname, &bakfname, &tmpfname, &newfp);
if (rc)
{
fclose (fp);
return rc;;
}
/* Processing loop. By reading using _keybox_read_blob we
automagically skip any blobs flagged as deleted. Thus what we
only have to do is to check all ephemeral flagged blocks whether
their time has come and write out all other blobs. */
cut_time = time(NULL) - 86400;
first_blob = 1;
skipped_deleted = 0;
for (rc=0; !(read_rc = _keybox_read_blob2 (&blob, fp, &skipped_deleted));
_keybox_release_blob (blob), blob = NULL )
{
unsigned int blobflags;
const unsigned char *buffer;
size_t length, pos, size;
u32 created_at;
if (skipped_deleted)
any_changes = 1;
buffer = _keybox_get_blob_image (blob, &length);
if (first_blob)
{
first_blob = 0;
if (length > 4 && buffer[4] == KEYBOX_BLOBTYPE_HEADER)
{
/* Write out the blob with an updated maintenance time
stamp and if needed (ie. used by gpg) set the openpgp
flag. */
_keybox_update_header_blob (blob, hd->for_openpgp);
rc = _keybox_write_blob (blob, newfp);
if (rc)
break;
continue;
}
/* The header blob is missing. Insert it. */
rc = _keybox_write_header_blob (newfp, hd->for_openpgp);
if (rc)
break;
any_changes = 1;
}
else if (length > 4 && buffer[4] == KEYBOX_BLOBTYPE_HEADER)
{
/* Oops: There is another header record - remove it. */
any_changes = 1;
continue;
}
if (_keybox_get_flag_location (buffer, length,
KEYBOX_FLAG_BLOB, &pos, &size)
|| size != 2)
{
rc = gpg_error (GPG_ERR_BUG);
break;
}
blobflags = buf16_to_uint (buffer+pos);
if ((blobflags & KEYBOX_FLAG_BLOB_EPHEMERAL))
{
/* This is an ephemeral blob. */
if (_keybox_get_flag_location (buffer, length,
KEYBOX_FLAG_CREATED_AT, &pos, &size)
|| size != 4)
created_at = 0; /* oops. */
else
created_at = buf32_to_u32 (buffer+pos);
if (created_at && created_at < cut_time)
{
any_changes = 1;
continue; /* Skip this blob. */
}
}
rc = _keybox_write_blob (blob, newfp);
if (rc)
break;
}
if (skipped_deleted)
any_changes = 1;
_keybox_release_blob (blob); blob = NULL;
if (!rc && read_rc == -1)
rc = 0;
else if (!rc)
rc = read_rc;
/* Close both files. */
if (fclose(fp) && !rc)
rc = gpg_error_from_syserror ();
if (fclose(newfp) && !rc)
rc = gpg_error_from_syserror ();
/* Rename or remove the temporary file. */
if (rc || !any_changes)
gnupg_remove (tmpfname);
else
rc = rename_tmp_file (bakfname, tmpfname, fname, hd->secret);
xfree(bakfname);
xfree(tmpfname);
return rc;
}
File Metadata
Details
Attached
Mime Type
text/x-diff
Expires
Mon, Dec 8, 7:18 AM (5 h, 48 m)
Storage Engine
local-disk
Storage Format
Raw Data
Storage Handle
1d/6a/b27b67e1fa212d210e25adf23339
Attached To
rG GnuPG
Event Timeline
Log In to Comment