diff --git a/kbx/Makefile.am b/kbx/Makefile.am index 48ed31740..42c3c4be8 100644 --- a/kbx/Makefile.am +++ b/kbx/Makefile.am @@ -1,95 +1,96 @@ # Keybox Makefile # Copyright (C) 2001, 2002, 2003 Free Software Foundation, Inc. # # This file is part of GnuPG. # # GnuPG is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 3 of the License, or # (at your option) any later version. # # GnuPG is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, see . ## Process this file with automake to produce Makefile.in EXTRA_DIST = mkerrors keyboxd-w32info.rc AM_CPPFLAGS = include $(top_srcdir)/am/cmacros.am if HAVE_W32_SYSTEM resource_objs += keyboxd-w32info.o endif AM_CFLAGS = $(LIBGCRYPT_CFLAGS) $(KSBA_CFLAGS) noinst_LIBRARIES = libkeybox.a libkeybox509.a bin_PROGRAMS = kbxutil libexec_PROGRAMS = keyboxd if HAVE_W32CE_SYSTEM extra_libs = $(LIBASSUAN_LIBS) else extra_libs = endif common_libs = $(libcommon) commonpth_libs = $(libcommonpth) common_sources = \ keybox.h keybox-defs.h keybox-search-desc.h \ keybox-util.c \ keybox-init.c \ keybox-blob.c \ keybox-file.c \ keybox-search.c \ keybox-update.c \ keybox-openpgp.c \ keybox-dump.c libkeybox_a_SOURCES = $(common_sources) libkeybox509_a_SOURCES = $(common_sources) libkeybox_a_CFLAGS = $(AM_CFLAGS) libkeybox509_a_CFLAGS = $(AM_CFLAGS) -DKEYBOX_WITH_X509=1 # We need W32SOCKLIBS because the init subsystem code in libcommon # requires it - although we don't actually need it. It is easier # to do it this way. kbxutil_SOURCES = kbxutil.c $(common_sources) kbxutil_CFLAGS = $(AM_CFLAGS) -DKEYBOX_WITH_X509=1 kbxutil_LDADD = $(common_libs) \ $(KSBA_LIBS) $(LIBGCRYPT_LIBS) $(extra_libs) \ $(GPG_ERROR_LIBS) $(LIBINTL) $(LIBICONV) $(W32SOCKLIBS) \ $(NETLIBS) keyboxd_SOURCES = \ keyboxd.c keyboxd.h \ kbxserver.c \ frontend.c frontend.h \ backend.h backend-support.c \ + backend-cache.c \ backend-kbx.c \ $(common_sources) keyboxd_CFLAGS = $(AM_CFLAGS) $(LIBASSUAN_CFLAGS) $(NPTH_CFLAGS) \ $(INCICONV) keyboxd_LDADD = $(commonpth_libs) \ $(LIBGCRYPT_LIBS) $(LIBASSUAN_LIBS) $(NPTH_LIBS) \ $(GPG_ERROR_LIBS) $(LIBINTL) $(NETLIBS) $(LIBICONV) \ $(resource_objs) keyboxd_LDFLAGS = $(extra_bin_ldflags) keyboxd_DEPENDENCIES = $(resource_objs) # Make sure that all libs are build before we use them. This is # important for things like make -j2. $(PROGRAMS): $(common_libs) $(commonpth_libs) diff --git a/kbx/backend-cache.c b/kbx/backend-cache.c new file mode 100644 index 000000000..d5b46b50a --- /dev/null +++ b/kbx/backend-cache.c @@ -0,0 +1,1167 @@ +/* backend-cache.c - Cache backend for keyboxd + * Copyright (C) 2019 g10 Code GmbH + * + * This file is part of GnuPG. + * + * GnuPG is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * GnuPG is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + * SPDX-License-Identifier: GPL-3.0-or-later + */ + +/* + * This cache backend is designed to be queried first and to deliver + * cached items (which may also be not-found). A set a maintenance + * functions is used used by the frontend to fill the cache. + * FIXME: Support x.509 + */ + +#include +#include +#include +#include +#include + +#include "keyboxd.h" +#include "../common/i18n.h" +#include "../common/host2net.h" +#include "backend.h" +#include "keybox-defs.h" + + +/* Standard values for the number of buckets and the threshold we use + * to flush items. */ +#define NO_OF_KEY_ITEM_BUCKETS 383 +#define KEY_ITEMS_PER_BUCKET_THRESHOLD 40 +#define NO_OF_BLOB_BUCKETS 383 +#define BLOBS_PER_BUCKET_THRESHOLD 20 + + +/* Our definition of the backend handle. */ +struct backend_handle_s +{ + enum database_types db_type; /* Always DB_TYPE_CACHE. */ + unsigned int backend_id; /* Always the id the backend. */ +}; + + +/* The object holding a blob. */ +typedef struct blob_s +{ + struct blob_s *next; + enum pubkey_types pktype; + unsigned int refcount; + unsigned int usecount; + unsigned int datalen; + unsigned char *data; /* The actual data of length DATALEN. */ + unsigned char ubid[20]; +} *blob_t; + + +static blob_t *blob_table; /* Hash table with the blobs. */ +static size_t blob_table_size; /* Number of allocated buckets. */ +static unsigned int blob_table_threshold; /* Max. # of items per bucket. */ +static unsigned int blob_table_added; /* Number of items added. */ +static unsigned int blob_table_dropped; /* Number of items dropped. */ +static blob_t blob_attic; /* List of freed blobs. */ + + +/* A list item to blob data. This is so that a next operation on a + * cached key item can actually work. Things are complicated because + * we do not want to force caching all object before we get a next + * request from the client. To accomplish this we keep a flag + * indicating that the search needs to continue instead of delivering + * the previous item from the cache. */ +typedef struct bloblist_s +{ + struct bloblist_s *next; + unsigned int final_kid:1; /* The final blob for KID searches. */ + unsigned int final_fpr:1; /* The final blob for FPR searches. */ + unsigned int ubid_valid:1; /* The blobid below is valid. */ + unsigned int subkey:1; /* The entry is for a subkey. */ + unsigned int fprlen:8; /* The length of the fingerprint or 0. */ + char fpr[32]; /* The buffer for the fingerprint. */ + unsigned char ubid[20]; /* The Unique-Blob-ID of the blob. */ +} *bloblist_t; + +static bloblist_t bloblist_attic; /* List of freed items. */ + +/* The cache object. For indexing we could use the fingerprint + * directly as a hash value. However, we use the keyid instead + * because the keyid is used by OpenPGP in encrypted packets and older + * signatures to identify a key. Since v4 OpenPGP keys the keyid is + * anyway a part of the fingerprint so it quickly extracted from a + * fingerprint. Note that v3 keys are not supported by gpg. + * FIXME: Add support for X.509. + */ +typedef struct key_item_s +{ + struct key_item_s *next; + bloblist_t blist; /* List of blobs or NULL for not-found. */ + unsigned int usecount; + unsigned int refcount; /* Reference counter for this item. */ + u32 kid_h; /* Upper 4 bytes of the keyid. */ + u32 kid_l; /* Lower 4 bytes of the keyid. */ +} *key_item_t; + +static key_item_t *key_table; /* Hash table with the keys. */ +static size_t key_table_size; /* Number of allocated buckets. */ +static unsigned int key_table_threshold; /* Max. # of items per bucket. */ +static unsigned int key_table_added; /* Number of items added. */ +static unsigned int key_table_dropped; /* Number of items dropped. */ +static key_item_t key_item_attic; /* List of freed items. */ + + + + +/* The hash function we use for the key_table. Must not call a system + * function. */ +static inline unsigned int +blob_table_hasher (const unsigned char *ubid) +{ + return (ubid[0] << 16 | ubid[1]) % blob_table_size; +} + + +/* Runtime allocation of the key table. This allows us to eventually + * add an option to control the size. */ +static gpg_error_t +blob_table_init (void) +{ + if (blob_table) + return 0; + blob_table_size = NO_OF_BLOB_BUCKETS; + blob_table_threshold = BLOBS_PER_BUCKET_THRESHOLD; + blob_table = xtrycalloc (blob_table_size, sizeof *blob_table); + if (!blob_table) + return gpg_error_from_syserror (); + return 0; +} + +/* Free a blob. This is done by moving it to the attic list. */ +static void +blob_unref (blob_t blob) +{ + void *p; + + if (!blob) + return; + log_assert (blob->refcount); + if (!--blob->refcount) + { + p = blob->data; + blob->data = NULL; + blob->next = blob_attic; + blob_attic = blob; + xfree (p); + } +} + + +/* Given the hash value and the ubid, find the blob in the bucket. + * Returns NULL if not found or the blob item if found. Always + * returns the the number of items searched, which is in the case of a + * not-found the length of the chain. */ +static blob_t +find_blob (unsigned int hash, const unsigned char *ubid, + unsigned int *r_count) +{ + blob_t b; + unsigned int count = 0; + + for (b = blob_table[hash]; b; b = b->next, count++) + if (!memcmp (b->ubid, ubid, 20)) + break; + if (r_count) + *r_count = count; + return b; +} + + +/* Helper for the qsort in key_table_put. */ +static int +compare_blobs (const void *arg_a, const void *arg_b) +{ + const blob_t a = *(const blob_t *)arg_a; + const blob_t b = *(const blob_t *)arg_b; + + /* Reverse sort on the usecount. */ + if (a->usecount > b->usecount) + return -1; + else if (a->usecount == b->usecount) + return 0; + else + return 1; +} + + +/* Put the blob (BLOBDATA, BLOBDATALEN) into the cache using UBID as + * the index. If it is already in the cache nothing happens. */ +static void +blob_table_put (const unsigned char *ubid, + const void *blobdata, unsigned int blobdatalen) +{ + unsigned int hash; + blob_t b; + unsigned int count, n; + void *blobdatacopy = NULL; + + hash = blob_table_hasher (ubid); + find_again: + b = find_blob (hash, ubid, &count); + if (b) + { + xfree (blobdatacopy); + return; /* Already got this blob. */ + } + + /* Create a copy of the blob if not yet done. */ + if (!blobdatacopy) + { + blobdatacopy = xtrymalloc (blobdatalen); + if (!blobdatacopy) + { + log_info ("Note: malloc failed while copying blob to the cache: %s\n", + gpg_strerror (gpg_error_from_syserror ())); + return; /* Out of core - ignore. */ + } + memcpy (blobdatacopy, blobdata, blobdatalen); + } + + /* If the bucket is full remove a couple of items. */ + if (count >= blob_table_threshold) + { + blob_t list_head, *list_tailp, b_next; + blob_t *array; + int narray, idx; + + /* Unlink from the global list so that other threads don't + * disturb us. If another thread adds or removes something only + * one will be the winner. Bad luck for the dropped cache items + * but after all it is just a cache. */ + list_head = blob_table[hash]; + blob_table[hash] = NULL; + + /* Put all items into an array for sorting. */ + array = xtrycalloc (count, sizeof *array); + if (!array) + { + /* That's bad; give up all items of the bucket. */ + log_info ("Note: malloc failed while purging blobs from the " + "cache: %s\n", gpg_strerror (gpg_error_from_syserror ())); + goto leave_drop; + } + narray = 0; + for (b = list_head; b; b = b_next) + { + b_next = b->next; + array[narray++] = b; + b->next = NULL; + } + log_assert (narray == count); + + /* Sort the array and put half of it onto a new list. */ + qsort (array, narray, sizeof *array, compare_blobs); + list_head = NULL; + list_tailp = &list_head; + for (idx=0; idx < narray/2; idx++) + { + *list_tailp = array[idx]; + list_tailp = &array[idx]->next; + } + + /* Put the new list into the bucket. */ + b = blob_table[hash]; + blob_table[hash] = list_head; + list_head = b; + + /* Free the remaining items and the array. */ + for (; idx < narray; idx++) + { + blob_unref (array[idx]); + blob_table_dropped++; + } + xfree (array); + + leave_drop: + /* Free any items added in the meantime by other threads. This + * is also used in case of a malloc problem (which won't update + * the counters, though). */ + for ( ; list_head; list_head = b_next) + { + b_next = list_head->next; + blob_unref (list_head); + } + } + + /* Add an item to the bucket. We allocate a whole block of items + * for cache performance reasons. */ + if (!blob_attic) + { + blob_t b_block; + int b_blocksize = 256; + + b_block = xtrymalloc (b_blocksize * sizeof *b_block); + if (!b_block) + { + log_info ("Note: malloc failed while adding blob to the cache: %s\n", + gpg_strerror (gpg_error_from_syserror ())); + xfree (blobdatacopy); + return; /* Out of core - ignore. */ + } + for (n = 0; n < b_blocksize; n++) + { + b = b_block + n; + b->next = blob_attic; + blob_attic = b; + } + + /* During the malloc another thread might have changed the + * bucket. Thus we need to start over. */ + goto find_again; + } + + /* We now know that there is an item in the attic. Put it into the + * chain. Note that we may not use any system call here. */ + b = blob_attic; + blob_attic = b->next; + b->next = NULL; + b->data = blobdatacopy; + b->datalen = blobdatalen; + memcpy (b->ubid, ubid, 20); + b->usecount = 1; + b->refcount = 1; + b->next = blob_table[hash]; + blob_table[hash] = b; + blob_table_added++; +} + + +/* Given the UBID return a cached blob item. The caller must + * release that item using blob_unref. */ +static blob_t +blob_table_get (const unsigned char *ubid) +{ + unsigned int hash; + blob_t b; + + hash = blob_table_hasher (ubid); + b = find_blob (hash, ubid, NULL); + if (b) + { + b->usecount++; + b->refcount++; + return b; /* Found */ + } + + return NULL; +} + + + +/* The hash function we use for the key_table. Must not call a system + * function. */ +static inline unsigned int +key_table_hasher (u32 kid_l) +{ + return kid_l % key_table_size; +} + + +/* Runtime allocation of the key table. This allows us to eventually + * add an option to control the size. */ +static gpg_error_t +key_table_init (void) +{ + if (key_table) + return 0; + key_table_size = NO_OF_KEY_ITEM_BUCKETS; + key_table_threshold = KEY_ITEMS_PER_BUCKET_THRESHOLD; + key_table = xtrycalloc (key_table_size, sizeof *key_table); + if (!key_table) + return gpg_error_from_syserror (); + return 0; +} + +/* Free a key_item. This is done by moving it to the attic list. */ +static void +key_item_unref (key_item_t ki) +{ + bloblist_t bl, bl2; + + if (!ki) + return; + log_assert (ki->refcount); + if (!--ki->refcount) + { + bl = ki->blist; + ki->blist = NULL; + ki->next = key_item_attic; + key_item_attic = ki; + + if (bl) + { + for (bl2 = bl; bl2->next; bl2 = bl2->next) + ; + bl2->next = bloblist_attic; + bloblist_attic = bl; + } + } +} + + +/* Given the hash value and the search info, find the key item in the + * bucket. Return NULL if not found or the key item if fount. Always + * returns the the number of items searched, which is in the case of a + * not-found the length of the chain. Note that FPR may only be NULL + * if FPRLEN is 0. */ +static key_item_t +find_in_chain (unsigned int hash, u32 kid_h, u32 kid_l, + unsigned int *r_count) +{ + key_item_t ki = key_table[hash]; + unsigned int count = 0; + + for (; ki; ki = ki->next, count++) + if (ki->kid_h == kid_h && ki->kid_l == kid_l) + break; + if (r_count) + *r_count = count; + return ki; +} + + +/* Helper for the qsort in key_table_put. */ +static int +compare_key_items (const void *arg_a, const void *arg_b) +{ + const key_item_t a = *(const key_item_t *)arg_a; + const key_item_t b = *(const key_item_t *)arg_b; + + /* Reverse sort on the usecount. */ + if (a->usecount > b->usecount) + return -1; + else if (a->usecount == b->usecount) + return 0; + else + return 1; +} + + +/* Allocate new key items. They are put to the attic so that the + * caller can take them from there. On allocation failure a note + * is printed and an error returned. */ +static gpg_error_t +alloc_more_key_items (void) +{ + gpg_error_t err; + key_item_t kiblock, ki; + int kiblocksize = 256; + unsigned int n; + + kiblock = xtrymalloc (kiblocksize * sizeof *kiblock); + if (!kiblock) + { + err = gpg_error_from_syserror (); + log_info ("Note: malloc failed while adding to the cache: %s\n", + gpg_strerror (err)); + return err; + } + for (n = 0; n < kiblocksize; n++) + { + ki = kiblock + n; + ki->next = key_item_attic; + key_item_attic = ki; + } + return 0; +} + + +/* Allocate new bloblist items. They are put to the attic so that the + * caller can take them from there. On allocation failure a note is + * printed and an error returned. */ +static gpg_error_t +alloc_more_bloblist_items (void) +{ + gpg_error_t err; + bloblist_t bl; + bloblist_t blistblock; + int blistblocksize = 256; + unsigned int n; + + blistblock = xtrymalloc (blistblocksize * sizeof *blistblock); + if (!blistblock) + { + err = gpg_error_from_syserror (); + log_info ("Note: malloc failed while adding to the cache: %s\n", + gpg_strerror (err)); + return err; + } + for (n = 0; n < blistblocksize; n++) + { + bl = blistblock + n; + bl->next = bloblist_attic; + bloblist_attic = bl; + } + return 0; +} + + +/* Helper for key_table_put. This function assumes that + * bloblist_attaci is not NULL. Returns a new bloblist item. Be + * aware that no system calls may be done - even not log + * functions! */ +static bloblist_t +new_bloblist_item (const unsigned char *fpr, unsigned int fprlen, + const unsigned char *ubid, int subkey) +{ + bloblist_t bl; + + bl = bloblist_attic; + bloblist_attic = bl->next; + bl->next = NULL; + + if (ubid) + memcpy (bl->ubid, ubid, 20); + else + memset (bl->ubid, 0, 20); + bl->ubid_valid = 1; + bl->final_kid = 0; + bl->final_fpr = 0; + bl->subkey = !!subkey; + bl->fprlen = fprlen; + memcpy (bl->fpr, fpr, fprlen); + return bl; +} + + +/* If the list of key item in the bucken HASH is full remove a couple + * of them. On error a diagnostic is printed and an error code + * return. Note that the error code GPG_ERR_TRUE is returned if any + * flush and thus system calls were done. + */ +static gpg_error_t +maybe_flush_some_key_buckets (unsigned int hash, unsigned int count) +{ + gpg_error_t err; + key_item_t ki, list_head, *list_tailp, ki_next; + key_item_t *array; + int narray, idx; + + if (count < key_table_threshold) + return 0; /* Nothing to do. */ + + /* Unlink from the global list so that other threads don't disturb + * us. If another thread adds or removes something only one will be + * the winner. Bad luck for the dropped cache items but after all + * it is just a cache. */ + list_head = key_table[hash]; + key_table[hash] = NULL; + + /* Put all items into an array for sorting. */ + array = xtrycalloc (count, sizeof *array); + if (!array) + { + /* That's bad; give up all items of the bucket. */ + err = gpg_error_from_syserror (); + log_info ("Note: malloc failed while purging from the cache: %s\n", + gpg_strerror (err)); + goto leave; + } + narray = 0; + for (ki = list_head; ki; ki = ki_next) + { + ki_next = ki->next; + array[narray++] = ki; + ki->next = NULL; + } + log_assert (narray == count); + + /* Sort the array and put half of it onto a new list. */ + qsort (array, narray, sizeof *array, compare_key_items); + list_head = NULL; + list_tailp = &list_head; + for (idx=0; idx < narray/2; idx++) + { + *list_tailp = array[idx]; + list_tailp = &array[idx]->next; + } + + /* Put the new list into the bucket. */ + ki = key_table[hash]; + key_table[hash] = list_head; + list_head = ki; + + /* Free the remaining items and the array. */ + for (; idx < narray; idx++) + { + key_item_unref (array[idx]); + key_table_dropped++; + } + xfree (array); + err = gpg_error (GPG_ERR_TRUE); + + leave: + /* Free any items added in the meantime by other threads. This is + * also used in case of a malloc problem (which won't update the + * counters, though). */ + for ( ; list_head; list_head = ki_next) + { + ki_next = list_head->next; + key_item_unref (list_head); + } + return err; +} + + +/* Thsi is the core of + * key_table_put, + * key_table_put_no_fpr, + * key_table_put_no_kid. + */ +static void +do_key_table_put (u32 kid_h, u32 kid_l, + const unsigned char *fpr, unsigned int fprlen, + const unsigned char *ubid, int subkey) +{ + unsigned int hash; + key_item_t ki; + bloblist_t bl, bl_tail; + unsigned int count; + int do_find_again; + int mark_not_found = !fpr; + + hash = key_table_hasher (kid_l); + find_again: + do_find_again = 0; + ki = find_in_chain (hash, kid_h, kid_l, &count); + if (ki) + { + if (mark_not_found) + return; /* Can't put the mark because meanwhile a entry was + * added. */ + + for (bl = ki->blist; bl; bl = bl->next) + if (bl->fprlen + && bl->fprlen == fprlen + && !memcmp (bl->fpr, fpr, fprlen)) + break; + if (bl) + return; /* Already in the bloblist for the keyid */ + + /* Append to the list. */ + if (!bloblist_attic) + { + if (alloc_more_bloblist_items ()) + return; /* Out of core - ignore. */ + goto find_again; /* Need to start over due to the malloc. */ + } + for (bl_tail = NULL, bl = ki->blist; bl; bl_tail = bl, bl = bl->next) + ; + bl = new_bloblist_item (fpr, fprlen, ubid, subkey); + if (bl_tail) + bl_tail->next = bl; + else + ki->blist = bl; + + return; + } + + /* If the bucket is full remove a couple of items. */ + if (maybe_flush_some_key_buckets (hash, count)) + { + /* During the fucntion call another thread might have changed + * the bucket. Thus we need to start over. */ + do_find_again = 1; + } + + if (!key_item_attic) + { + if (alloc_more_key_items ()) + return; /* Out of core - ignore. */ + do_find_again = 1; + } + + if (!bloblist_attic) + { + if (alloc_more_bloblist_items ()) + return; /* Out of core - ignore. */ + do_find_again = 1; + } + + if (do_find_again) + goto find_again; + + /* We now know that there are items in the attics. Put them into + * the chain. Note that we may not use any system call here. */ + ki = key_item_attic; + key_item_attic = ki->next; + ki->next = NULL; + + if (mark_not_found) + ki->blist = NULL; + else + ki->blist = new_bloblist_item (fpr, fprlen, ubid, subkey); + + ki->kid_h = kid_h; + ki->kid_l = kid_l; + ki->usecount = 1; + ki->refcount = 1; + + ki->next = key_table[hash]; + key_table[hash] = ki; + key_table_added++; +} + + +/* Given the fingerprint (FPR,FPRLEN) put the UBID into the cache. + * SUBKEY indicates that the fingerprint is from a subkey. */ +static void +key_table_put (const unsigned char *fpr, unsigned int fprlen, + const unsigned char *ubid, int subkey) +{ + u32 kid_h, kid_l; + + if (fprlen < 20 || fprlen > 32) + return; /* No support for v3 keys or unknown key versions. */ + + if (fprlen == 20) /* v4 key */ + { + kid_h = buf32_to_u32 (fpr+12); + kid_l = buf32_to_u32 (fpr+16); + } + else /* v5 or later key */ + { + kid_h = buf32_to_u32 (fpr); + kid_l = buf32_to_u32 (fpr+4); + } + do_key_table_put (kid_h, kid_l, fpr, fprlen, ubid, subkey); +} + + +/* Given the fingerprint (FPR,FPRLEN) put a flag into the cache that + * this fingerprint was not found. */ +static void +key_table_put_no_fpr (const unsigned char *fpr, unsigned int fprlen) +{ + u32 kid_h, kid_l; + + if (fprlen < 20 || fprlen > 32) + return; /* No support for v3 keys or unknown key versions. */ + + if (fprlen == 20) /* v4 key */ + { + kid_h = buf32_to_u32 (fpr+12); + kid_l = buf32_to_u32 (fpr+16); + } + else /* v5 or later key */ + { + kid_h = buf32_to_u32 (fpr); + kid_l = buf32_to_u32 (fpr+4); + } + /* Note that our not-found chaching is only based on the keyid. */ + do_key_table_put (kid_h, kid_l, NULL, 0, NULL, 0); +} + + +/* Given the keyid (KID_H, KID_L) put a flag into the cache that this + * keyid was not found. */ +static void +key_table_put_no_kid (u32 kid_h, u32 kid_l) +{ + do_key_table_put (kid_h, kid_l, NULL, 0, NULL, 0); +} + + +/* Given the keyid or the fingerprint return the key item from the + * cache. The caller must release the result using key_item_unref. + * NULL is returned if not found. */ +static key_item_t +key_table_get (u32 kid_h, u32 kid_l) +{ + unsigned int hash; + key_item_t ki; + + hash = key_table_hasher (kid_l); + ki = find_in_chain (hash, kid_h, kid_l, NULL); + if (ki) + { + ki->usecount++; + ki->refcount++; + return ki; /* Found */ + } + + return NULL; +} + + +/* Return a key item by searching for the keyid. The caller must use + * key_item_unref on it. */ +static key_item_t +query_by_kid (u32 kid_h, u32 kid_l) +{ + return key_table_get (kid_h, kid_l); +} + + +/* Return a key item by searching for the fingerprint. The caller + * must use key_item_unref on it. Note that the returned key item may + * not actually carry the fingerprint; the caller needs to scan the + * bloblist of the keyitem. We can't do that here because the + * reference counting is done on the keyitem s and thus this needs to + * be returned. */ +static key_item_t +query_by_fpr (const unsigned char *fpr, unsigned int fprlen) +{ + u32 kid_h, kid_l; + + if (fprlen < 20 || fprlen > 32 ) + return NULL; /* No support for v3 keys or unknown key versions. */ + + if (fprlen == 20) /* v4 key */ + { + kid_h = buf32_to_u32 (fpr+12); + kid_l = buf32_to_u32 (fpr+16); + } + else /* v5 or later key */ + { + kid_h = buf32_to_u32 (fpr); + kid_l = buf32_to_u32 (fpr+4); + } + + return key_table_get (kid_h, kid_l); +} + + + + + +/* Install a new resource and return a handle for that backend. */ +gpg_error_t +be_cache_add_resource (ctrl_t ctrl, backend_handle_t *r_hd) +{ + gpg_error_t err; + backend_handle_t hd; + + (void)ctrl; + + *r_hd = NULL; + hd = xtrycalloc (1, sizeof *hd); + if (!hd) + return gpg_error_from_syserror (); + hd->db_type = DB_TYPE_CACHE; + + hd->backend_id = be_new_backend_id (); + + err = blob_table_init (); + if (err) + goto leave; + + err = key_table_init (); + if (err) + goto leave; + + *r_hd = hd; + hd = NULL; + + leave: + xfree (hd); + return err; +} + + +/* Release the backend handle HD and all its resources. HD is not + * valid after a call to this function. */ +void +be_cache_release_resource (ctrl_t ctrl, backend_handle_t hd) +{ + (void)ctrl; + + if (!hd) + return; + hd->db_type = DB_TYPE_NONE; + + /* Fixme: Free the key_table. */ + + xfree (hd); +} + + +/* Search for the keys described by (DESC,NDESC) and return them to + * the caller. BACKEND_HD is the handle for this backend and REQUEST + * is the current database request object. On a cache hit either 0 or + * GPG_ERR_NOT_FOUND is returned. The former returns the item; the + * latter indicates that the cache has known that the item won't be + * found in any databases. On a cache miss GPG_ERR_EOF is + * returned. */ +gpg_error_t +be_cache_search (ctrl_t ctrl, backend_handle_t backend_hd, db_request_t request, + KEYDB_SEARCH_DESC *desc, unsigned int ndesc) +{ + gpg_error_t err; + db_request_part_t reqpart; + unsigned int n; + blob_t b; + key_item_t ki; + bloblist_t bl; + int not_found = 0; + int descidx = 0; + int found_bykid = 0; + + log_assert (backend_hd && backend_hd->db_type == DB_TYPE_CACHE); + log_assert (request); + + err = be_find_request_part (backend_hd, request, &reqpart); + if (err) + goto leave; + + if (!desc) + { + /* Reset operation. */ + request->last_cached_valid = 0; + request->last_cached_final = 0; + reqpart->cache_seqno.fpr = 0; + reqpart->cache_seqno.kid = 0; + reqpart->cache_seqno.grip = 0; + err = 0; + goto leave; + } + + for (ki = NULL, n=0; n < ndesc && !ki; n++) + { + descidx = n; + switch (desc[n].mode) + { + case KEYDB_SEARCH_MODE_LONG_KID: + ki = query_by_kid (desc[n].u.kid[0], desc[n].u.kid[1]); + if (ki && ki->blist) + { + not_found = 0; + /* Note that in a bloblist all keyids are the same. */ + for (n=0, bl = ki->blist; bl; bl = bl->next) + if (n++ == reqpart->cache_seqno.kid) + break; + if (!bl) + { + key_item_unref (ki); + ki = NULL; + } + else + { + found_bykid = 1; + reqpart->cache_seqno.kid++; + } + } + else if (ki) + not_found = 1; + break; + + case KEYDB_SEARCH_MODE_FPR: + ki = query_by_fpr (desc[n].u.fpr, desc[n].fprlen); + if (ki && ki->blist) + { + not_found = 0; + for (n=0, bl = ki->blist; bl; bl = bl->next) + if (bl->fprlen + && bl->fprlen == desc[n].fprlen + && !memcmp (bl->fpr, desc[n].u.fpr, desc[n].fprlen) + && n++ == reqpart->cache_seqno.fpr) + break; + if (!bl) + { + key_item_unref (ki); + ki = NULL; + } + else + reqpart->cache_seqno.fpr++; + } + else if (ki) + not_found = 1; + break; + + /* case KEYDB_SEARCH_MODE_KEYGRIP: */ + /* ki = query_by_grip (desc[n].u.fpr, desc[n].fprlen); */ + /* break; */ + + default: + ki = NULL; + break; + } + } + + if (not_found) + { + err = gpg_error (GPG_ERR_NOT_FOUND); + key_item_unref (ki); + } + else if (ki) + { + if (bl && bl->ubid_valid) + { + memcpy (request->last_cached_ubid, bl->ubid, 20); + request->last_cached_valid = 1; + request->last_cached_fprlen = desc[descidx].fprlen; + memcpy (request->last_cached_fpr, + desc[descidx].u.fpr, desc[descidx].fprlen); + request->last_cached_kid_h = ki->kid_h; + request->last_cached_kid_l = ki->kid_l; + request->last_cached_valid = 1; + if ((bl->final_kid && found_bykid) + || (bl->final_fpr && !found_bykid)) + request->last_cached_final = 1; + else + request->last_cached_final = 0; + + b = blob_table_get (bl->ubid); + if (b) + { + err = be_return_pubkey (ctrl, b->data, b->datalen, + PUBKEY_TYPE_OPGP, bl->ubid); + blob_unref (b); + } + else + { + /* FIXME - return a different code so that the caller + * can lookup using the UBID. */ + err = gpg_error (GPG_ERR_MISSING_VALUE); + } + } + else if (bl) + err = gpg_error (GPG_ERR_MISSING_VALUE); + else + err = gpg_error (GPG_ERR_NOT_FOUND); + key_item_unref (ki); + } + else + err = gpg_error (GPG_ERR_EOF); + + leave: + return err; +} + + +/* Mark the last cached item as the final item. This is called when + * the actual database returned EOF in respond to a restart from the + * last cached UBID. */ +void +be_cache_mark_final (ctrl_t ctrl, db_request_t request) +{ + key_item_t ki; + bloblist_t bl, blfound; + + (void)ctrl; + + log_assert (request); + + if (!request->last_cached_valid) + return; + + if (!request->last_cached_fprlen) /* Was cached via keyid. */ + { + ki = query_by_kid (request->last_cached_kid_h, + request->last_cached_kid_l); + if (ki && (bl = ki->blist)) + { + for (blfound=NULL; bl; bl = bl->next) + blfound = bl; + if (blfound) + blfound->final_kid = 1; + } + key_item_unref (ki); + } + else /* Was cached via fingerprint. */ + { + ki = query_by_fpr (request->last_cached_fpr, + request->last_cached_fprlen); + if (ki && (bl = ki->blist)) + { + for (blfound=NULL; bl; bl = bl->next) + if (bl->fprlen + && bl->fprlen == request->last_cached_fprlen + && !memcmp (bl->fpr, request->last_cached_fpr, + request->last_cached_fprlen)) + blfound = bl; + if (blfound) + blfound->final_fpr = 1; + } + key_item_unref (ki); + } + + request->last_cached_valid = 0; +} + + +/* Put the key (BLOB,BLOBLEN) of PUBKEY_TYPE into the cache. */ +void +be_cache_pubkey (ctrl_t ctrl, const unsigned char *ubid, + const void *blob, unsigned int bloblen, + enum pubkey_types pubkey_type) +{ + gpg_error_t err; + + (void)ctrl; + + if (pubkey_type == PUBKEY_TYPE_OPGP) + { + struct _keybox_openpgp_info info; + struct _keybox_openpgp_key_info *kinfo; + + err = _keybox_parse_openpgp (blob, bloblen, NULL, &info); + if (err) + { + log_info ("cache: error parsing OpenPGP blob: %s\n", + gpg_strerror (err)); + return; + } + + blob_table_put (ubid, blob, bloblen); + + kinfo = &info.primary; + key_table_put (kinfo->fpr, kinfo->fprlen, ubid, 0); + if (info.nsubkeys) + for (kinfo = &info.subkeys; kinfo; kinfo = kinfo->next) + key_table_put (kinfo->fpr, kinfo->fprlen, ubid, 1); + + _keybox_destroy_openpgp_info (&info); + } + +} + + +/* Put the a non-found mark for PUBKEY_TYPE into the cache. The + * indices are taken from the search descriptors (DESC,NDESC). */ +void +be_cache_not_found (ctrl_t ctrl, enum pubkey_types pubkey_type, + KEYDB_SEARCH_DESC *desc, unsigned int ndesc) +{ + unsigned int n; + + (void)ctrl; + (void)pubkey_type; + + for (n=0; n < ndesc; n++) + { + switch (desc->mode) + { + case KEYDB_SEARCH_MODE_LONG_KID: + key_table_put_no_kid (desc[n].u.kid[0], desc[n].u.kid[1]); + break; + + case KEYDB_SEARCH_MODE_FPR: + key_table_put_no_fpr (desc[n].u.fpr, desc[n].fprlen); + break; + + default: + break; + } + } +} diff --git a/kbx/backend-kbx.c b/kbx/backend-kbx.c index b8d39c2ed..e58b74a3b 100644 --- a/kbx/backend-kbx.c +++ b/kbx/backend-kbx.c @@ -1,292 +1,326 @@ /* backend-kbx.c - Keybox format backend for keyboxd * Copyright (C) 2019 g10 Code GmbH * * This file is part of GnuPG. * * GnuPG is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * GnuPG is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, see . * SPDX-License-Identifier: GPL-3.0-or-later */ #include #include #include #include #include #include "keyboxd.h" #include "../common/i18n.h" #include "backend.h" #include "keybox.h" /* Our definition of the backend handle. */ struct backend_handle_s { enum database_types db_type; /* Always DB_TYPE_KBX. */ - unsigned int backend_id; /* Id of this backend. */ + unsigned int backend_id; /* Always the id of the backend. */ void *token; /* Used to create a new KEYBOX_HANDLE. */ char filename[1]; }; /* Check that the file FILENAME is a valid keybox file which can be * used here. Common return codes: * * 0 := Valid keybox file * GPG_ERR_ENOENT := No such file * GPG_ERR_NO_OBJ := File exists with size zero. * GPG_ERR_INV_OBJ:= File exists but is not a keybox file. */ static gpg_error_t check_kbx_file_magic (const char *filename) { gpg_error_t err; u32 magic; unsigned char verbuf[4]; estream_t fp; fp = es_fopen (filename, "rb"); if (!fp) return gpg_error_from_syserror (); err = gpg_error (GPG_ERR_INV_OBJ); if (es_fread (&magic, 4, 1, fp) == 1 ) { if (es_fread (&verbuf, 4, 1, fp) == 1 && verbuf[0] == 1 && es_fread (&magic, 4, 1, fp) == 1 && !memcmp (&magic, "KBXf", 4)) { err = 0; } } else /* Maybe empty: Let's create it. */ err = gpg_error (GPG_ERR_NO_OBJ); es_fclose (fp); return err; } /* Create new keybox file. This can also be used if the keybox * already exists but has a length of zero. Do not use it in any * other cases. */ static gpg_error_t create_keybox (const char *filename) { gpg_error_t err; dotlock_t lockhd = NULL; estream_t fp; /* To avoid races with other temporary instances of keyboxd trying * to create or update the keybox, we do the next stuff in a locked * state. */ lockhd = dotlock_create (filename, 0); if (!lockhd) { err = gpg_error_from_syserror (); /* A reason for this to fail is that the directory is not * writable. However, this whole locking stuff does not make * sense if this is the case. An empty non-writable directory * with no keybox is not really useful at all. */ if (opt.verbose) log_info ("can't allocate lock for '%s': %s\n", filename, gpg_strerror (err)); return err; } if ( dotlock_take (lockhd, -1) ) { err = gpg_error_from_syserror (); /* This is something bad. Probably a stale lockfile. */ log_info ("can't lock '%s': %s\n", filename, gpg_strerror (err)); goto leave; } /* Make sure that at least one record is in a new keybox file, so * that the detection magic will work the next time it is used. * We always set the OpenPGP blobs maybe availabale flag. */ fp = es_fopen (filename, "w+b,mode=-rw-------"); if (!fp) { err = gpg_error_from_syserror (); log_error (_("error creating keybox '%s': %s\n"), filename, gpg_strerror (err)); goto leave; } err = _keybox_write_header_blob (NULL, fp, 1); es_fclose (fp); if (err) { log_error (_("error creating keybox '%s': %s\n"), filename, gpg_strerror (err)); goto leave; } if (!opt.quiet) log_info (_("keybox '%s' created\n"), filename); err = 0; leave: if (lockhd) { dotlock_release (lockhd); dotlock_destroy (lockhd); } return err; } /* Install a new resource and return a handle for that backend. */ gpg_error_t be_kbx_add_resource (ctrl_t ctrl, backend_handle_t *r_hd, const char *filename, int readonly) { gpg_error_t err; backend_handle_t hd; void *token; (void)ctrl; *r_hd = NULL; hd = xtrycalloc (1, sizeof *hd + strlen (filename)); if (!hd) return gpg_error_from_syserror (); hd->db_type = DB_TYPE_KBX; strcpy (hd->filename, filename); err = check_kbx_file_magic (filename); switch (gpg_err_code (err)) { case 0: break; case GPG_ERR_ENOENT: case GPG_ERR_NO_OBJ: if (readonly) { err = gpg_error (GPG_ERR_ENOENT); goto leave; } err = create_keybox (filename); if (err) goto leave; break; default: goto leave; } err = keybox_register_file (filename, 0, &token); if (err) goto leave; hd->backend_id = be_new_backend_id (); hd->token = token; *r_hd = hd; hd = NULL; leave: xfree (hd); return 0; } /* Release the backend handle HD and all its resources. HD is not * valid after a call to this function. */ void be_kbx_release_resource (ctrl_t ctrl, backend_handle_t hd) { (void)ctrl; if (!hd) return; hd->db_type = DB_TYPE_NONE; xfree (hd); } void be_kbx_release_kbx_hd (KEYBOX_HANDLE kbx_hd) { keybox_release (kbx_hd); } +/* Helper for be_find_request_part to initialize a kbx request part. */ +gpg_error_t +be_kbx_init_request_part (backend_handle_t backend_hd, db_request_part_t part) +{ + part->kbx_hd = keybox_new_openpgp (backend_hd->token, 0); + if (!part->kbx_hd) + return gpg_error_from_syserror (); + return 0; +} + + /* Search for the keys described by (DESC,NDESC) and return them to * the caller. BACKEND_HD is the handle for this backend and REQUEST * is the current database request object. */ gpg_error_t be_kbx_search (ctrl_t ctrl, backend_handle_t backend_hd, db_request_t request, KEYDB_SEARCH_DESC *desc, unsigned int ndesc) { gpg_error_t err; db_request_part_t part; size_t descindex; unsigned long skipped_long_blobs; log_assert (backend_hd && backend_hd->db_type == DB_TYPE_KBX); log_assert (request); /* Find the specific request part or allocate it. */ - for (part = request->part; part; part = part->next) - if (part->backend_id == backend_hd->backend_id) - break; - if (!part) - { - part = xtrycalloc (1, sizeof *part); - if (!part) - { - err = gpg_error_from_syserror (); - goto leave; - } - part->backend_id = backend_hd->backend_id; - part->kbx_hd = keybox_new_openpgp (backend_hd->token, 0); - if (!part->kbx_hd) - { - err = gpg_error_from_syserror (); - xfree (part); - goto leave; - } - part->next = request->part; - request->part = part; - } + err = be_find_request_part (backend_hd, request, &part); + if (err) + goto leave; if (!desc) err = keybox_search_reset (part->kbx_hd); else err = keybox_search (part->kbx_hd, desc, ndesc, KEYBOX_BLOBTYPE_PGP, &descindex, &skipped_long_blobs); if (err == -1) err = gpg_error (GPG_ERR_EOF); if (desc && !err) { /* Successful search operation. */ void *buffer; size_t buflen; enum pubkey_types pubkey_type; + unsigned char blobid[20]; err = keybox_get_data (part->kbx_hd, &buffer, &buflen, &pubkey_type); if (err) goto leave; - /* Note: be_return_pubkey always takes ownership of BUFFER. */ - err = be_return_pubkey (ctrl, buffer, buflen, pubkey_type); + gcry_md_hash_buffer (GCRY_MD_SHA1, blobid, buffer, buflen); + err = be_return_pubkey (ctrl, buffer, buflen, pubkey_type, blobid); + if (!err) + be_cache_pubkey (ctrl, blobid, buffer, buflen, pubkey_type); + xfree (buffer); } leave: return err; } + + +/* Seek in the keybox to the given UBID. BACKEND_HD is the handle for + * this backend and REQUEST is the current database request object. + * This does a dummy read so that the next search operation starts + * right after that UBID. */ +gpg_error_t +be_kbx_seek (ctrl_t ctrl, backend_handle_t backend_hd, + db_request_t request, unsigned char *ubid) +{ + gpg_error_t err; + db_request_part_t part; + size_t descindex; + unsigned long skipped_long_blobs; + KEYDB_SEARCH_DESC desc; + + log_assert (backend_hd && backend_hd->db_type == DB_TYPE_KBX); + log_assert (request); + + memset (&desc, 0, sizeof desc); + desc.mode = KEYDB_SEARCH_MODE_UBID; + memcpy (desc.u.ubid, ubid, 20); + + /* Find the specific request part or allocate it. */ + err = be_find_request_part (backend_hd, request, &part); + if (err) + goto leave; + + err = keybox_search_reset (part->kbx_hd); + if (!err) + err = keybox_search (part->kbx_hd, &desc, 1, 0, + &descindex, &skipped_long_blobs); + if (err == -1) + err = gpg_error (GPG_ERR_EOF); + + leave: + return err; +} diff --git a/kbx/backend-support.c b/kbx/backend-support.c index 28b51875c..62551cafa 100644 --- a/kbx/backend-support.c +++ b/kbx/backend-support.c @@ -1,128 +1,171 @@ /* backend-support.c - Supporting functions for the backend. * Copyright (C) 2019 g10 Code GmbH * * This file is part of GnuPG. * * GnuPG is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * GnuPG is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, see . * SPDX-License-Identifier: GPL-3.0+ */ #include #include #include #include #include #include "keyboxd.h" #include "../common/i18n.h" #include "../common/asshelp.h" #include "backend.h" +#include "keybox.h" -/* Common definition part of all backend handle. */ +/* Common definition part of all backend handle. All definitions of + * this structure must start with these fields. */ struct backend_handle_s { enum database_types db_type; + unsigned int backend_id; }; /* Return a string with the name of the database type T. */ const char * strdbtype (enum database_types t) { switch (t) { case DB_TYPE_NONE: return "none"; + case DB_TYPE_CACHE:return "cache"; case DB_TYPE_KBX: return "keybox"; } return "?"; } /* Return a new backend ID. Backend IDs are used to identify backends * without using the actual object. The number of backend resources * is limited because they are specified in the config file. Thus an * overflow check is not required. */ unsigned int be_new_backend_id (void) { static unsigned int last; return ++last; } /* Release the backend described by HD. This is a generic function * which dispatches to the the actual backend. */ void be_generic_release_backend (ctrl_t ctrl, backend_handle_t hd) { if (!hd) return; switch (hd->db_type) { case DB_TYPE_NONE: xfree (hd); break; + case DB_TYPE_CACHE: + be_cache_release_resource (ctrl, hd); + break; case DB_TYPE_KBX: be_kbx_release_resource (ctrl, hd); break; default: log_error ("%s: faulty backend handle of type %d given\n", __func__, hd->db_type); } } /* Release the request object REQ. */ void be_release_request (db_request_t req) { db_request_part_t part, partn; if (!req) return; for (part = req->part; part; part = partn) { partn = part->next; be_kbx_release_kbx_hd (part->kbx_hd); xfree (part); } } +/* Given the backend handle BACKEND_HD and the REQUEST find or + * allocate a request part for that backend and store it at R_PART. + * On error R_PART is set to NULL and an error returned. */ +gpg_error_t +be_find_request_part (backend_handle_t backend_hd, db_request_t request, + db_request_part_t *r_part) +{ + gpg_error_t err; + db_request_part_t part; + + for (part = request->part; part; part = part->next) + if (part->backend_id == backend_hd->backend_id) + break; + if (!part) + { + part = xtrycalloc (1, sizeof *part); + if (!part) + return gpg_error_from_syserror (); + part->backend_id = backend_hd->backend_id; + if (backend_hd->db_type == DB_TYPE_KBX) + { + err = be_kbx_init_request_part (backend_hd, part); + if (err) + { + xfree (part); + return err; + } + } + part->next = request->part; + request->part = part; + } + *r_part = part; + return 0; +} + + /* Return the public key (BUFFER,BUFLEN) which has the type - * PUBVKEY_TYPE to the caller. Owenership of BUFFER is taken by thgis - * function even in the error case. */ + * PUBKEY_TYPE to the caller. */ gpg_error_t -be_return_pubkey (ctrl_t ctrl, void *buffer, size_t buflen, - enum pubkey_types pubkey_type) +be_return_pubkey (ctrl_t ctrl, const void *buffer, size_t buflen, + enum pubkey_types pubkey_type, const unsigned char *ubid) { gpg_error_t err; + char hexubid[41]; - err = status_printf (ctrl, "PUBKEY_TYPE", "%d", pubkey_type); + bin2hex (ubid, 20, hexubid); + err = status_printf (ctrl, "PUBKEY_INFO", "%d %s", pubkey_type, hexubid); if (err) goto leave; if (ctrl->no_data_return) err = 0; else err = kbxd_write_data_line(ctrl, buffer, buflen); leave: - xfree (buffer); return err; } diff --git a/kbx/backend.h b/kbx/backend.h index e96f5023c..8b389d35c 100644 --- a/kbx/backend.h +++ b/kbx/backend.h @@ -1,95 +1,139 @@ /* backend.h - Definitions for keyboxd backends * Copyright (C) 2019 g10 Code GmbH * * This file is part of GnuPG. * * GnuPG is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * GnuPG is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, see . */ #ifndef KBX_BACKEND_H #define KBX_BACKEND_H #include "keybox-search-desc.h" /* Forward declaration of the keybox handle type. */ struct keybox_handle; typedef struct keybox_handle *KEYBOX_HANDLE; /* The types of the backends. */ enum database_types { DB_TYPE_NONE, /* No database at all (unitialized etc.). */ + DB_TYPE_CACHE, /* The cache backend (backend-cache.c). */ DB_TYPE_KBX /* Keybox type database (backend-kbx.c). */ }; /* Declaration of the backend handle. Each backend uses its own * hidden handle structure with the only common thing being that the * first field is the database_type to help with debugging. */ struct backend_handle_s; typedef struct backend_handle_s *backend_handle_t; -/* Object to store backend specific databsde information per database +/* Object to store backend specific database information per database * handle. */ struct db_request_part_s { struct db_request_part_s *next; /* Id of the backend instance this object pertains to. */ unsigned int backend_id; /* The handle used for a KBX backend or NULL. */ KEYBOX_HANDLE kbx_hd; + + /* For the CACHE backend the indices into the bloblist for each + * index type. */ + struct { + unsigned int fpr; + unsigned int kid; + unsigned int grip; + } cache_seqno; }; typedef struct db_request_part_s *db_request_part_t; /* A database request handle. This keeps per session search * information as well as a list of per-backend infos. */ struct db_request_s { unsigned int any_search:1; /* Any search has been done. */ unsigned int any_found:1; /* Any object has been found. */ + unsigned int last_cached_valid:1; /* see below */ + unsigned int last_cached_final:1; /* see below */ + unsigned int last_cached_fprlen:8;/* see below */ db_request_part_t part; /* Counter to track the next to be searched database index. */ unsigned int next_dbidx; + + /* The last UBID found in the cache and the corresponding keyid and, + * if found via fpr, the fingerprint. For the LAST_CACHE_FPRLEN see + * above. The entry here is only valid if LAST_CACHE_VALID is set; + * if LAST_CACHE_FINAL is also set, this indicates that no further + * database searches are required. */ + unsigned char last_cached_ubid[20]; + u32 last_cached_kid_h; + u32 last_cached_kid_l; + unsigned char last_cached_fpr[32]; }; /*-- backend-support.c --*/ const char *strdbtype (enum database_types t); unsigned int be_new_backend_id (void); void be_generic_release_backend (ctrl_t ctrl, backend_handle_t hd); void be_release_request (db_request_t req); -gpg_error_t be_return_pubkey (ctrl_t ctrl, void *buffer, size_t buflen, - enum pubkey_types pubkey_type); +gpg_error_t be_find_request_part (backend_handle_t backend_hd, + db_request_t request, + db_request_part_t *r_part); +gpg_error_t be_return_pubkey (ctrl_t ctrl, const void *buffer, size_t buflen, + enum pubkey_types pubkey_type, + const unsigned char *ubid); + + +/*-- backend-cache.c --*/ +gpg_error_t be_cache_add_resource (ctrl_t ctrl, backend_handle_t *r_hd); +void be_cache_release_resource (ctrl_t ctrl, backend_handle_t hd); +gpg_error_t be_cache_search (ctrl_t ctrl, backend_handle_t backend_hd, + db_request_t request, + KEYDB_SEARCH_DESC *desc, unsigned int ndesc); +void be_cache_mark_final (ctrl_t ctrl, db_request_t request); +void be_cache_pubkey (ctrl_t ctrl, const unsigned char *ubid, + const void *blob, unsigned int bloblen, + enum pubkey_types pubkey_type); +void be_cache_not_found (ctrl_t ctrl, enum pubkey_types pubkey_type, + KEYDB_SEARCH_DESC *desc, unsigned int ndesc); /*-- backend-kbx.c --*/ gpg_error_t be_kbx_add_resource (ctrl_t ctrl, backend_handle_t *r_hd, const char *filename, int readonly); void be_kbx_release_resource (ctrl_t ctrl, backend_handle_t hd); void be_kbx_release_kbx_hd (KEYBOX_HANDLE kbx_hd); +gpg_error_t be_kbx_init_request_part (backend_handle_t backend_hd, + db_request_part_t part); gpg_error_t be_kbx_search (ctrl_t ctrl, backend_handle_t hd, db_request_t request, KEYDB_SEARCH_DESC *desc, unsigned int ndesc); +gpg_error_t be_kbx_seek (ctrl_t ctrl, backend_handle_t backend_hd, + db_request_t request, unsigned char *ubid); #endif /*KBX_BACKEND_H*/ diff --git a/kbx/frontend.c b/kbx/frontend.c index 233cc1e0b..806ff27db 100644 --- a/kbx/frontend.c +++ b/kbx/frontend.c @@ -1,320 +1,381 @@ /* frontend.c - Database fronend code for keyboxd * Copyright (C) 2019 g10 Code GmbH * * This file is part of GnuPG. * * GnuPG is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * GnuPG is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, see . * SPDX-License-Identifier: GPL-3.0+ */ #include #include #include #include #include #include "keyboxd.h" #include #include "../common/i18n.h" #include "../common/userids.h" #include "backend.h" #include "frontend.h" /* An object to describe a single database. */ struct db_desc_s { enum database_types db_type; backend_handle_t backend_handle; }; typedef struct db_desc_s *db_desc_t; /* The table of databases and the size of that table. */ static db_desc_t databases; static unsigned int no_of_databases; /* Take a lock for reading the databases. */ static void take_read_lock (ctrl_t ctrl) { /* FIXME */ (void)ctrl; } /* Take a lock for reading and writing the databases. */ /* static void */ /* take_read_write_lock (ctrl_t ctrl) */ /* { */ /* /\* FIXME *\/ */ /* (void)ctrl; */ /* } */ /* Release a lock. It is valid to call this even if no lock has been - * taken which which case this is a nop. */ + * taken in which case this is a nop. */ static void release_lock (ctrl_t ctrl) { /* FIXME */ (void)ctrl; } /* Add a new resource to the database. Depending on the FILENAME * suffix we decide which one to use. This function must be called at * daemon startup because it employs no locking. If FILENAME has no * directory separator, the file is expected or created below * "$GNUPGHOME/public-keys-v1.d/". In READONLY mode the file must * exists; otherwise it is created. */ gpg_error_t kbxd_add_resource (ctrl_t ctrl, const char *filename_arg, int readonly) { gpg_error_t err; char *filename; - enum database_types db_type; + enum database_types db_type = 0; backend_handle_t handle = NULL; unsigned int n, dbidx; /* Do tilde expansion etc. */ - if (strchr (filename_arg, DIRSEP_C) + if (!strcmp (filename_arg, "[cache]")) + { + filename = xstrdup (filename_arg); + db_type = DB_TYPE_CACHE; + } + else if (strchr (filename_arg, DIRSEP_C) #ifdef HAVE_W32_SYSTEM || strchr (filename_arg, '/') /* Windows also accepts a slash. */ #endif ) filename = make_filename (filename_arg, NULL); else filename = make_filename (gnupg_homedir (), GNUPG_PUBLIC_KEYS_DIR, filename_arg, NULL); + /* If this is the first call to the function and the request is not + * for the cache backend, add the cache backend so that it will + * always be the first to be queried. */ + if (!no_of_databases && !db_type) + { + err = kbxd_add_resource (ctrl, "[cache]", 0); + if (err) + goto leave; + } + n = strlen (filename); - if (n > 4 && !strcmp (filename + n - 4, ".kbx")) + if (db_type) + ; /* We already know it. */ + else if (n > 4 && !strcmp (filename + n - 4, ".kbx")) db_type = DB_TYPE_KBX; else { log_error (_("can't use file '%s': %s\n"), filename, _("unknown suffix")); err = gpg_error (GPG_ERR_NOT_SUPPORTED); goto leave; } err = gpg_error (GPG_ERR_BUG); switch (db_type) { case DB_TYPE_NONE: /* NOTREACHED */ break; + case DB_TYPE_CACHE: + err = be_cache_add_resource (ctrl, &handle); + break; + case DB_TYPE_KBX: err = be_kbx_add_resource (ctrl, &handle, filename, readonly); break; } if (err) goto leave; /* All good, create an entry in the table. */ for (dbidx = 0; dbidx < no_of_databases; dbidx++) if (!databases[dbidx].db_type) break; if (dbidx == no_of_databases) { /* No table yet or table is full. */ if (!databases) { - /* Create first set of data bases. Note that the type for all - * entries is DB_TYPE_NONE. */ + /* Create first set of databases. Note that the initial + * type for all entries is DB_TYPE_NONE. */ dbidx = 4; databases = xtrycalloc (dbidx, sizeof *databases); if (!databases) { err = gpg_error_from_syserror (); goto leave; } no_of_databases = dbidx; dbidx = 0; /* Put into first slot. */ } else { db_desc_t newdb; dbidx = no_of_databases + (no_of_databases == 4? 12 : 16); newdb = xtrycalloc (dbidx, sizeof *databases); if (!databases) { err = gpg_error_from_syserror (); goto leave; } for (n=0; n < no_of_databases; n++) newdb[n] = databases[n]; xfree (databases); databases = newdb; n = no_of_databases; no_of_databases = dbidx; dbidx = n; /* Put into first new slot. */ } } databases[dbidx].db_type = db_type; databases[dbidx].backend_handle = handle; handle = NULL; leave: if (err) be_generic_release_backend (ctrl, handle); xfree (filename); return err; } /* Release all per session objects. */ void kbxd_release_session_info (ctrl_t ctrl) { if (!ctrl) return; be_release_request (ctrl->opgp_req); ctrl->opgp_req = NULL; be_release_request (ctrl->x509_req); ctrl->x509_req = NULL; } /* Search for the keys described by (DESC,NDESC) and return them to * the caller. If RESET is set, the search state is first reset. */ gpg_error_t kbxd_search (ctrl_t ctrl, KEYDB_SEARCH_DESC *desc, unsigned int ndesc, int reset) { gpg_error_t err; int i; unsigned int dbidx; db_desc_t db; db_request_t request; + int start_at_ubid = 0; if (DBG_CLOCK) log_clock ("%s: enter", __func__); if (DBG_LOOKUP) { log_debug ("%s: %u search descriptions:\n", __func__, ndesc); for (i = 0; i < ndesc; i ++) { /* char *t = keydb_search_desc_dump (&desc[i]); */ /* log_debug ("%s %d: %s\n", __func__, i, t); */ /* xfree (t); */ } } take_read_lock (ctrl); /* Allocate a handle object if none exists for this context. */ if (!ctrl->opgp_req) { ctrl->opgp_req = xtrycalloc (1, sizeof *ctrl->opgp_req); if (!ctrl->opgp_req) { err = gpg_error_from_syserror (); goto leave; } } request = ctrl->opgp_req; /* If requested do a reset. Using the reset flag is faster than * letting the caller do a separate call for an intial reset. */ if (!desc || reset) { for (dbidx=0; dbidx < no_of_databases; dbidx++) { db = databases + dbidx; if (!db->db_type) continue; /* Empty slot. */ switch (db->db_type) { case DB_TYPE_NONE: /* NOTREACHED */ break; + case DB_TYPE_CACHE: + err = 0; /* Nothing to do. */ + break; + case DB_TYPE_KBX: err = be_kbx_search (ctrl, db->backend_handle, request, NULL, 0); break; } if (err) { log_error ("error during the %ssearch reset: %s\n", reset? "initial ":"", gpg_strerror (err)); goto leave; } } request->any_search = 0; request->any_found = 0; request->next_dbidx = 0; if (!desc) /* Reset only mode */ { err = 0; goto leave; } } /* Move to the next non-empty slot. */ next_db: for (dbidx=request->next_dbidx; (dbidx < no_of_databases && !databases[dbidx].db_type); dbidx++) ; request->next_dbidx = dbidx; if (!(dbidx < no_of_databases)) { - /* All databases have been searched. */ + /* All databases have been searched. Put the non-found mark + * into the cache for all descriptors. + * FIXME: We need to see which pubkey type we need to insert. */ + be_cache_not_found (ctrl, PUBKEY_TYPE_UNKNOWN, desc, ndesc); err = gpg_error (GPG_ERR_NOT_FOUND); goto leave; } db = databases + dbidx; /* Divert to the backend for the actual search. */ switch (db->db_type) { case DB_TYPE_NONE: /* NOTREACHED */ err = gpg_error (GPG_ERR_INTERNAL); break; + case DB_TYPE_CACHE: + err = be_cache_search (ctrl, db->backend_handle, request, + desc, ndesc); + /* Expected error codes from the cache lookup are: + * 0 - found and returned via the cache + * GPG_ERR_NOT_FOUND - marked in the cache as not available + * GPG_ERR_EOF - cache miss. */ + break; + case DB_TYPE_KBX: + if (start_at_ubid) + { + /* We need to set the startpoint for the search. */ + err = be_kbx_seek (ctrl, db->backend_handle, request, + request->last_cached_ubid); + if (err) + { + log_debug ("%s: seeking %s to an UBID failed: %s\n", + __func__, strdbtype (db->db_type), gpg_strerror (err)); + break; + } + } err = be_kbx_search (ctrl, db->backend_handle, request, desc, ndesc); + if (start_at_ubid && gpg_err_code (err) == GPG_ERR_EOF) + be_cache_mark_final (ctrl, request); break; } if (DBG_LOOKUP) log_debug ("%s: searched %s (db %u of %u) => %s\n", __func__, strdbtype (db->db_type), dbidx, no_of_databases, gpg_strerror (err)); request->any_search = 1; + start_at_ubid = 0; if (!err) - request->any_found = 1; + { + request->any_found = 1; + } else if (gpg_err_code (err) == GPG_ERR_EOF) { + if (db->db_type == DB_TYPE_CACHE && request->last_cached_valid) + { + if (request->last_cached_final) + goto leave; + start_at_ubid = 1; + } request->next_dbidx++; goto next_db; } leave: release_lock (ctrl); if (DBG_CLOCK) log_clock ("%s: leave (%s)", __func__, err? "not found" : "found"); return err; } diff --git a/kbx/kbxserver.c b/kbx/kbxserver.c index c693c7ce2..929ee6116 100644 --- a/kbx/kbxserver.c +++ b/kbx/kbxserver.c @@ -1,775 +1,775 @@ /* kbxserver.c - Handle Assuan commands send to the keyboxd * Copyright (C) 2019 g10 Code GmbH * * This file is part of GnuPG. * * GnuPG is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * GnuPG is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, see . * SPDX-License-Identifier: GPL-3.0+ */ #include #include #include #include #include #include #include #include #include #include #include "keyboxd.h" #include #include "../common/i18n.h" #include "../common/server-help.h" #include "../common/userids.h" #include "../common/asshelp.h" #include "../common/host2net.h" #include "frontend.h" #define PARM_ERROR(t) assuan_set_error (ctx, \ gpg_error (GPG_ERR_ASS_PARAMETER), (t)) #define set_error(e,t) (ctx ? assuan_set_error (ctx, gpg_error (e), (t)) \ /**/: gpg_error (e)) /* Control structure per connection. */ struct server_local_s { /* Data used to associate an Assuan context with local server data */ assuan_context_t assuan_ctx; /* The session id (a counter). */ unsigned int session_id; /* If this flag is set to true this process will be terminated after * the end of this session. */ int stopme; /* If the first both flags are set the assuan logging of data lines * is suppressed. The count variable is used to show the number of * non-logged bytes. */ size_t inhibit_data_logging_count; unsigned int inhibit_data_logging : 1; unsigned int inhibit_data_logging_now : 1; /* This flag is set if the last search command was called with --more. */ unsigned int search_expecting_more : 1; /* This flag is set if the last search command was successful. */ unsigned int search_any_found : 1; /* The first is the current search description as parsed by the * cmd_search. If more than one pattern is required, cmd_search * also allocates and sets multi_search_desc and * multi_search_desc_len. If a search description has ever been * allocated the allocated size is stored at * multi_search_desc_size. */ KEYBOX_SEARCH_DESC search_desc; KEYBOX_SEARCH_DESC *multi_search_desc; unsigned int multi_search_desc_size; unsigned int multi_search_desc_len; /* If not NULL write output to this stream instead of using D lines. */ estream_t outstream; }; /* Return the assuan contxt from the local server info in CTRL. */ static assuan_context_t get_assuan_ctx_from_ctrl (ctrl_t ctrl) { if (!ctrl || !ctrl->server_local) return NULL; return ctrl->server_local->assuan_ctx; } /* If OUTPUT has been used prepare the output FD for use. This needs * to be called by all functions which will in any way use * kbxd_write_data_line later. Whether the output goes to the output * stream is decided by this function. */ static gpg_error_t prepare_outstream (ctrl_t ctrl) { int fd; log_assert (ctrl && ctrl->server_local); if (ctrl->server_local->outstream) return 0; /* Already enabled. */ fd = translate_sys2libc_fd (assuan_get_output_fd (get_assuan_ctx_from_ctrl (ctrl)), 1); if (fd == -1) return 0; /* No Output command active. */ ctrl->server_local->outstream = es_fdopen_nc (fd, "w"); if (!ctrl->server_local->outstream) return gpg_err_code_from_syserror (); return 0; } /* The usual writen function; here with diagnostic output. */ static gpg_error_t kbxd_writen (estream_t fp, const void *buffer, size_t length) { gpg_error_t err; size_t nwritten; if (es_write (fp, buffer, length, &nwritten)) { err = gpg_error_from_syserror (); log_error ("error writing OUTPUT: %s\n", gpg_strerror (err)); } else if (length != nwritten) { err = gpg_error (GPG_ERR_EIO); log_error ("error writing OUTPUT: %s\n", "short write"); } else err = 0; return err; } /* A wrapper around assuan_send_data which makes debugging the output * in verbose mode easier. It also takes CTRL as argument. */ gpg_error_t kbxd_write_data_line (ctrl_t ctrl, const void *buffer_arg, size_t size) { const char *buffer = buffer_arg; assuan_context_t ctx = get_assuan_ctx_from_ctrl (ctrl); gpg_error_t err; if (!ctx) /* Oops - no assuan context. */ return gpg_error (GPG_ERR_NOT_PROCESSED); /* Write toa file descriptor if enabled. */ if (ctrl && ctrl->server_local && ctrl->server_local->outstream) { unsigned char lenbuf[4]; ulongtobuf (lenbuf, size); err = kbxd_writen (ctrl->server_local->outstream, lenbuf, 4); if (!err) err = kbxd_writen (ctrl->server_local->outstream, buffer, size); if (!err && es_fflush (ctrl->server_local->outstream)) { err = gpg_error_from_syserror (); log_error ("error writing OUTPUT: %s\n", gpg_strerror (err)); } goto leave; } /* If we do not want logging, enable it here. */ if (ctrl && ctrl->server_local && ctrl->server_local->inhibit_data_logging) ctrl->server_local->inhibit_data_logging_now = 1; if (0 && opt.verbose && buffer && size) { /* Ease reading of output by limiting the line length. */ size_t n, nbytes; nbytes = size; do { n = nbytes > 64? 64 : nbytes; err = assuan_send_data (ctx, buffer, n); if (err) { gpg_err_set_errno (EIO); goto leave; } buffer += n; nbytes -= n; if (nbytes && (err=assuan_send_data (ctx, NULL, 0))) /* Flush line. */ { gpg_err_set_errno (EIO); goto leave; } } while (nbytes); } else { err = assuan_send_data (ctx, buffer, size); if (err) { gpg_err_set_errno (EIO); /* For use by data_line_cookie_write. */ goto leave; } } leave: if (ctrl && ctrl->server_local && ctrl->server_local->inhibit_data_logging) { ctrl->server_local->inhibit_data_logging_count += size; ctrl->server_local->inhibit_data_logging_now = 0; } return err; } /* Helper to print a message while leaving a command. */ static gpg_error_t leave_cmd (assuan_context_t ctx, gpg_error_t err) { - if (err) + if (err && opt.verbose) { const char *name = assuan_get_command_name (ctx); if (!name) name = "?"; if (gpg_err_source (err) == GPG_ERR_SOURCE_DEFAULT) log_error ("command '%s' failed: %s\n", name, gpg_strerror (err)); else log_error ("command '%s' failed: %s <%s>\n", name, gpg_strerror (err), gpg_strsource (err)); } return err; } /* Handle OPTION commands. */ static gpg_error_t option_handler (assuan_context_t ctx, const char *key, const char *value) { ctrl_t ctrl = assuan_get_pointer (ctx); gpg_error_t err = 0; if (!strcmp (key, "lc-messages")) { if (ctrl->lc_messages) xfree (ctrl->lc_messages); ctrl->lc_messages = xtrystrdup (value); if (!ctrl->lc_messages) return out_of_core (); } else err = gpg_error (GPG_ERR_UNKNOWN_OPTION); return err; } static const char hlp_search[] = "SEARCH [--no-data] [[--more] PATTERN]\n" "\n" "Search for the keys identified by PATTERN. With --more more\n" "patterns to be used for the search are expected with the next\n" "command. With --no-data only the search status is returned but\n" "not the actual data. See also \"NEXT\"."; static gpg_error_t cmd_search (assuan_context_t ctx, char *line) { ctrl_t ctrl = assuan_get_pointer (ctx); int opt_more, opt_no_data; gpg_error_t err; unsigned int n, k; opt_no_data = has_option (line, "--no-data"); opt_more = has_option (line, "--more"); line = skip_options (line); ctrl->server_local->search_any_found = 0; if (!*line) { if (opt_more) { err = set_error (GPG_ERR_INV_ARG, "--more but no pattern"); goto leave; } else if (!*line && ctrl->server_local->search_expecting_more) { /* It would be too surprising to first set a pattern but * finally add no pattern to search the entire DB. */ err = set_error (GPG_ERR_INV_ARG, "--more pending but no pattern"); goto leave; } else /* No pattern - return the first item. */ { memset (&ctrl->server_local->search_desc, 0, sizeof ctrl->server_local->search_desc); ctrl->server_local->search_desc.mode = KEYDB_SEARCH_MODE_FIRST; } } else { err = classify_user_id (line, &ctrl->server_local->search_desc, 0); if (err) goto leave; } if (opt_more || ctrl->server_local->search_expecting_more) { /* More pattern are expected - store the current one and return * success. */ if (!ctrl->server_local->multi_search_desc_size) { n = 10; ctrl->server_local->multi_search_desc = xtrycalloc (n, sizeof *ctrl->server_local->multi_search_desc); if (!ctrl->server_local->multi_search_desc) { err = gpg_error_from_syserror (); goto leave; } ctrl->server_local->multi_search_desc_size = n; } if (ctrl->server_local->multi_search_desc_len == ctrl->server_local->multi_search_desc_size) { KEYBOX_SEARCH_DESC *desc; n = ctrl->server_local->multi_search_desc_size + 10; desc = xtrycalloc (n, sizeof *desc); if (!desc) { err = gpg_error_from_syserror (); goto leave; } for (k=0; k < ctrl->server_local->multi_search_desc_size; k++) desc[k] = ctrl->server_local->multi_search_desc[k]; xfree (ctrl->server_local->multi_search_desc); ctrl->server_local->multi_search_desc = desc; ctrl->server_local->multi_search_desc_size = n; } /* Actually store. */ ctrl->server_local->multi_search_desc [ctrl->server_local->multi_search_desc_len++] = ctrl->server_local->search_desc; if (opt_more) { /* We need to be called aagain with more pattern. */ ctrl->server_local->search_expecting_more = 1; goto leave; } ctrl->server_local->search_expecting_more = 0; /* Continue with the actual search. */ } else ctrl->server_local->multi_search_desc_len = 0; ctrl->server_local->inhibit_data_logging = 1; ctrl->server_local->inhibit_data_logging_now = 0; ctrl->server_local->inhibit_data_logging_count = 0; ctrl->no_data_return = opt_no_data; err = prepare_outstream (ctrl); if (err) ; else if (ctrl->server_local->multi_search_desc_len) err = kbxd_search (ctrl, ctrl->server_local->multi_search_desc, ctrl->server_local->multi_search_desc_len, 1); else err = kbxd_search (ctrl, &ctrl->server_local->search_desc, 1, 1); if (err) goto leave; /* Set a flag for use by NEXT. */ ctrl->server_local->search_any_found = 1; leave: if (err) ctrl->server_local->multi_search_desc_len = 0; ctrl->no_data_return = 0; ctrl->server_local->inhibit_data_logging = 0; return leave_cmd (ctx, err); } static const char hlp_next[] = "NEXT [--no-data]\n" "\n" "Get the next search result from a previus search."; static gpg_error_t cmd_next (assuan_context_t ctx, char *line) { ctrl_t ctrl = assuan_get_pointer (ctx); int opt_no_data; gpg_error_t err; opt_no_data = has_option (line, "--no-data"); line = skip_options (line); if (*line) { err = set_error (GPG_ERR_INV_ARG, "no args expected"); goto leave; } if (!ctrl->server_local->search_any_found) { err = set_error (GPG_ERR_NOTHING_FOUND, "no previous SEARCH"); goto leave; } ctrl->server_local->inhibit_data_logging = 1; ctrl->server_local->inhibit_data_logging_now = 0; ctrl->server_local->inhibit_data_logging_count = 0; ctrl->no_data_return = opt_no_data; err = prepare_outstream (ctrl); if (err) ; else if (ctrl->server_local->multi_search_desc_len) { /* The next condition should never be tru but we better handle * the first/next transition anyway. */ if (ctrl->server_local->multi_search_desc[0].mode == KEYDB_SEARCH_MODE_FIRST) ctrl->server_local->multi_search_desc[0].mode = KEYDB_SEARCH_MODE_NEXT; err = kbxd_search (ctrl, ctrl->server_local->multi_search_desc, ctrl->server_local->multi_search_desc_len, 0); } else { /* We need to do the transition from first to next here. */ if (ctrl->server_local->search_desc.mode == KEYDB_SEARCH_MODE_FIRST) ctrl->server_local->search_desc.mode = KEYDB_SEARCH_MODE_NEXT; err = kbxd_search (ctrl, &ctrl->server_local->search_desc, 1, 0); } if (err) goto leave; leave: ctrl->no_data_return = 0; ctrl->server_local->inhibit_data_logging = 0; return leave_cmd (ctx, err); } static const char hlp_getinfo[] = "GETINFO \n" "\n" "Multi purpose command to return certain information. \n" "Supported values of WHAT are:\n" "\n" "version - Return the version of the program.\n" "pid - Return the process id of the server.\n" "socket_name - Return the name of the socket.\n" "session_id - Return the current session_id.\n" "getenv NAME - Return value of envvar NAME\n"; static gpg_error_t cmd_getinfo (assuan_context_t ctx, char *line) { ctrl_t ctrl = assuan_get_pointer (ctx); gpg_error_t err; char numbuf[50]; if (!strcmp (line, "version")) { const char *s = VERSION; err = assuan_send_data (ctx, s, strlen (s)); } else if (!strcmp (line, "pid")) { snprintf (numbuf, sizeof numbuf, "%lu", (unsigned long)getpid ()); err = assuan_send_data (ctx, numbuf, strlen (numbuf)); } else if (!strcmp (line, "socket_name")) { const char *s = get_kbxd_socket_name (); if (!s) s = "[none]"; err = assuan_send_data (ctx, s, strlen (s)); } else if (!strcmp (line, "session_id")) { snprintf (numbuf, sizeof numbuf, "%u", ctrl->server_local->session_id); err = assuan_send_data (ctx, numbuf, strlen (numbuf)); } else if (!strncmp (line, "getenv", 6) && (line[6] == ' ' || line[6] == '\t' || !line[6])) { line += 6; while (*line == ' ' || *line == '\t') line++; if (!*line) err = gpg_error (GPG_ERR_MISSING_VALUE); else { const char *s = getenv (line); if (!s) err = set_error (GPG_ERR_NOT_FOUND, "No such envvar"); else err = assuan_send_data (ctx, s, strlen (s)); } } else err = set_error (GPG_ERR_ASS_PARAMETER, "unknown value for WHAT"); return leave_cmd (ctx, err); } static const char hlp_killkeyboxd[] = "KILLKEYBOXD\n" "\n" "This command allows a user - given sufficient permissions -\n" "to kill this keyboxd process.\n"; static gpg_error_t cmd_killkeyboxd (assuan_context_t ctx, char *line) { ctrl_t ctrl = assuan_get_pointer (ctx); (void)line; ctrl->server_local->stopme = 1; assuan_set_flag (ctx, ASSUAN_FORCE_CLOSE, 1); return gpg_error (GPG_ERR_EOF); } static const char hlp_reloadkeyboxd[] = "RELOADKEYBOXD\n" "\n" "This command is an alternative to SIGHUP\n" "to reload the configuration."; static gpg_error_t cmd_reloadkeyboxd (assuan_context_t ctx, char *line) { (void)ctx; (void)line; kbxd_sighup_action (); return 0; } static const char hlp_output[] = "OUTPUT FD[=]\n" "\n" "Set the file descriptor to write the output data to N. If N is not\n" "given and the operating system supports file descriptor passing, the\n" "file descriptor currently in flight will be used."; /* Tell the assuan library about our commands. */ static int register_commands (assuan_context_t ctx) { static struct { const char *name; assuan_handler_t handler; const char * const help; } table[] = { { "SEARCH", cmd_search, hlp_search }, { "NEXT", cmd_next, hlp_next }, { "GETINFO", cmd_getinfo, hlp_getinfo }, { "OUTPUT", NULL, hlp_output }, { "KILLKEYBOXD",cmd_killkeyboxd,hlp_killkeyboxd }, { "RELOADKEYBOXD",cmd_reloadkeyboxd,hlp_reloadkeyboxd }, { NULL, NULL } }; int i, j, rc; for (i=j=0; table[i].name; i++) { rc = assuan_register_command (ctx, table[i].name, table[i].handler, table[i].help); if (rc) return rc; } return 0; } /* Note that we do not reset the list of configured keyservers. */ static gpg_error_t reset_notify (assuan_context_t ctx, char *line) { ctrl_t ctrl = assuan_get_pointer (ctx); (void)line; (void)ctrl; return 0; } /* This function is called by our assuan log handler to test whether a * log message shall really be printed. The function must return * false to inhibit the logging of MSG. CAT gives the requested log * category. MSG might be NULL. */ int kbxd_assuan_log_monitor (assuan_context_t ctx, unsigned int cat, const char *msg) { ctrl_t ctrl = assuan_get_pointer (ctx); (void)cat; (void)msg; if (!ctrl || !ctrl->server_local) return 1; /* Can't decide - allow logging. */ if (!ctrl->server_local->inhibit_data_logging) return 1; /* Not requested - allow logging. */ /* Disallow logging if *_now is true. */ return !ctrl->server_local->inhibit_data_logging_now; } /* Startup the server and run the main command loop. With FD = -1, * use stdin/stdout. SESSION_ID is either 0 or a unique number * identifying a session. */ void kbxd_start_command_handler (ctrl_t ctrl, gnupg_fd_t fd, unsigned int session_id) { static const char hello[] = "Keyboxd " VERSION " at your service"; static char *hello_line; int rc; assuan_context_t ctx; ctrl->server_local = xtrycalloc (1, sizeof *ctrl->server_local); if (!ctrl->server_local) { log_error (_("can't allocate control structure: %s\n"), gpg_strerror (gpg_error_from_syserror ())); xfree (ctrl); return; } rc = assuan_new (&ctx); if (rc) { log_error (_("failed to allocate assuan context: %s\n"), gpg_strerror (rc)); kbxd_exit (2); } if (fd == GNUPG_INVALID_FD) { assuan_fd_t filedes[2]; filedes[0] = assuan_fdopen (0); filedes[1] = assuan_fdopen (1); rc = assuan_init_pipe_server (ctx, filedes); } else { rc = assuan_init_socket_server (ctx, fd, (ASSUAN_SOCKET_SERVER_ACCEPTED |ASSUAN_SOCKET_SERVER_FDPASSING)); } if (rc) { assuan_release (ctx); log_error (_("failed to initialize the server: %s\n"), gpg_strerror (rc)); kbxd_exit (2); } rc = register_commands (ctx); if (rc) { log_error (_("failed to the register commands with Assuan: %s\n"), gpg_strerror(rc)); kbxd_exit (2); } if (!hello_line) { hello_line = xtryasprintf ("Home: %s\n" "Config: %s\n" "%s", gnupg_homedir (), /*opt.config_filename? opt.config_filename :*/ "[none]", hello); } ctrl->server_local->assuan_ctx = ctx; assuan_set_pointer (ctx, ctrl); assuan_set_hello_line (ctx, hello_line); assuan_register_option_handler (ctx, option_handler); assuan_register_reset_notify (ctx, reset_notify); ctrl->server_local->session_id = session_id; /* The next call enable the use of status_printf. */ set_assuan_context_func (get_assuan_ctx_from_ctrl); for (;;) { rc = assuan_accept (ctx); if (rc == -1) break; if (rc) { log_info (_("Assuan accept problem: %s\n"), gpg_strerror (rc)); break; } #ifndef HAVE_W32_SYSTEM if (opt.verbose) { assuan_peercred_t peercred; if (!assuan_get_peercred (ctx, &peercred)) log_info ("connection from process %ld (%ld:%ld)\n", (long)peercred->pid, (long)peercred->uid, (long)peercred->gid); } #endif rc = assuan_process (ctx); if (rc) { log_info (_("Assuan processing failed: %s\n"), gpg_strerror (rc)); continue; } } assuan_close_output_fd (ctx); set_assuan_context_func (NULL); ctrl->server_local->assuan_ctx = NULL; assuan_release (ctx); if (ctrl->server_local->stopme) kbxd_exit (0); if (ctrl->refcount) log_error ("oops: connection control structure still referenced (%d)\n", ctrl->refcount); else { xfree (ctrl->server_local->multi_search_desc); xfree (ctrl->server_local); ctrl->server_local = NULL; } } diff --git a/kbx/keybox-search-desc.h b/kbx/keybox-search-desc.h index fdd0bcbf9..7fa97e97b 100644 --- a/kbx/keybox-search-desc.h +++ b/kbx/keybox-search-desc.h @@ -1,94 +1,96 @@ /* keybox-search-desc.h - Keybox serch description * Copyright (C) 2001 Free Software Foundation, Inc. * * This file is part of GnuPG. * * GnuPG is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * GnuPG is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, see . */ /* This file is a temporary kludge until we can come up with solution to share this description between keybox and the application specific keydb */ #ifndef KEYBOX_SEARCH_DESC_H #define KEYBOX_SEARCH_DESC_H 1 typedef enum { KEYDB_SEARCH_MODE_NONE, KEYDB_SEARCH_MODE_EXACT, KEYDB_SEARCH_MODE_SUBSTR, KEYDB_SEARCH_MODE_MAIL, KEYDB_SEARCH_MODE_MAILSUB, KEYDB_SEARCH_MODE_MAILEND, KEYDB_SEARCH_MODE_WORDS, KEYDB_SEARCH_MODE_SHORT_KID, KEYDB_SEARCH_MODE_LONG_KID, KEYDB_SEARCH_MODE_FPR, /* (Length of fpr in .fprlen) */ KEYDB_SEARCH_MODE_ISSUER, KEYDB_SEARCH_MODE_ISSUER_SN, KEYDB_SEARCH_MODE_SN, KEYDB_SEARCH_MODE_SUBJECT, KEYDB_SEARCH_MODE_KEYGRIP, + KEYDB_SEARCH_MODE_UBID, KEYDB_SEARCH_MODE_FIRST, KEYDB_SEARCH_MODE_NEXT } KeydbSearchMode; /* Identifiers for the public key types we use in GnuPG. */ enum pubkey_types { PUBKEY_TYPE_UNKNOWN = 0, PUBKEY_TYPE_OPGP = 1, PUBKEY_TYPE_X509 = 2 }; /* Forward declaration. See g10/packet.h. */ struct gpg_pkt_user_id_s; typedef struct gpg_pkt_user_id_s *gpg_pkt_user_id_t; /* A search descriptor. */ struct keydb_search_desc { KeydbSearchMode mode; /* Callback used to filter results. The first parameter is SKIPFUNCVALUE. The second is the keyid. The third is the 1-based index of the UID packet that matched the search criteria (or 0, if none). Return non-zero if the result should be skipped. */ int (*skipfnc)(void *, u32 *, int); void *skipfncvalue; const unsigned char *sn; int snlen; /* -1 := sn is a hex string */ union { const char *name; unsigned char fpr[32]; u32 kid[2]; /* Note that this is in native endianness. */ unsigned char grip[20]; + unsigned char ubid[20]; } u; byte fprlen; /* Only used with KEYDB_SEARCH_MODE_FPR. */ int exact; /* Use exactly this key ('!' suffix in gpg). */ }; struct keydb_search_desc; typedef struct keydb_search_desc KEYDB_SEARCH_DESC; typedef struct keydb_search_desc KEYBOX_SEARCH_DESC; #endif /*KEYBOX_SEARCH_DESC_H*/ diff --git a/kbx/keybox-search.c b/kbx/keybox-search.c index 971f93745..cb763cf5f 100644 --- a/kbx/keybox-search.c +++ b/kbx/keybox-search.c @@ -1,1406 +1,1430 @@ /* keybox-search.c - Search operations * Copyright (C) 2001, 2002, 2003, 2004, 2012, * 2013 Free Software Foundation, Inc. * * This file is part of GnuPG. * * GnuPG is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * GnuPG is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, see . */ #include #include #include #include #include #include #include "keybox-defs.h" #include #include "../common/host2net.h" #include "../common/mbox-util.h" #define xtoi_1(p) (*(p) <= '9'? (*(p)- '0'): \ *(p) <= 'F'? (*(p)-'A'+10):(*(p)-'a'+10)) #define xtoi_2(p) ((xtoi_1(p) * 16) + xtoi_1((p)+1)) struct sn_array_s { int snlen; unsigned char *sn; }; #define get32(a) buf32_to_ulong ((a)) #define get16(a) buf16_to_ulong ((a)) static inline unsigned int blob_get_blob_flags (KEYBOXBLOB blob) { const unsigned char *buffer; size_t length; buffer = _keybox_get_blob_image (blob, &length); if (length < 8) return 0; /* oops */ return get16 (buffer + 6); } /* Return the first keyid from the blob. Returns true if available. */ static int blob_get_first_keyid (KEYBOXBLOB blob, u32 *kid) { const unsigned char *buffer; size_t length, nkeys, keyinfolen; int fpr32; buffer = _keybox_get_blob_image (blob, &length); if (length < 48) return 0; /* blob too short */ fpr32 = buffer[5] == 2; if (fpr32 && length < 56) return 0; /* blob to short */ nkeys = get16 (buffer + 16); keyinfolen = get16 (buffer + 18); if (!nkeys || keyinfolen < (fpr32?56:28)) return 0; /* invalid blob */ if (fpr32 && (get16 (buffer + 20 + 32) & 0x80)) { /* 32 byte fingerprint. */ kid[0] = get32 (buffer + 20); kid[1] = get32 (buffer + 20 + 4); } else /* 20 byte fingerprint. */ { kid[0] = get32 (buffer + 20 + 12); kid[1] = get32 (buffer + 20 + 16); } return 1; } /* Return information on the flag WHAT within the blob BUFFER,LENGTH. Return the offset and the length (in bytes) of the flag in FLAGOFF,FLAG_SIZE. */ gpg_err_code_t _keybox_get_flag_location (const unsigned char *buffer, size_t length, int what, size_t *flag_off, size_t *flag_size) { size_t pos; size_t nkeys, keyinfolen; size_t nuids, uidinfolen; size_t nserial; size_t nsigs, siginfolen, siginfooff; switch (what) { case KEYBOX_FLAG_BLOB: if (length < 8) return GPG_ERR_INV_OBJ; *flag_off = 6; *flag_size = 2; break; case KEYBOX_FLAG_OWNERTRUST: case KEYBOX_FLAG_VALIDITY: case KEYBOX_FLAG_CREATED_AT: case KEYBOX_FLAG_SIG_INFO: if (length < 20) return GPG_ERR_INV_OBJ; /* Key info. */ nkeys = get16 (buffer + 16); keyinfolen = get16 (buffer + 18 ); if (keyinfolen < 28) return GPG_ERR_INV_OBJ; pos = 20 + keyinfolen*nkeys; if (pos+2 > length) return GPG_ERR_INV_OBJ; /* Out of bounds. */ /* Serial number. */ nserial = get16 (buffer+pos); pos += 2 + nserial; if (pos+4 > length) return GPG_ERR_INV_OBJ; /* Out of bounds. */ /* User IDs. */ nuids = get16 (buffer + pos); pos += 2; uidinfolen = get16 (buffer + pos); pos += 2; if (uidinfolen < 12 ) return GPG_ERR_INV_OBJ; pos += uidinfolen*nuids; if (pos+4 > length) return GPG_ERR_INV_OBJ ; /* Out of bounds. */ /* Signature info. */ siginfooff = pos; nsigs = get16 (buffer + pos); pos += 2; siginfolen = get16 (buffer + pos); pos += 2; if (siginfolen < 4 ) return GPG_ERR_INV_OBJ; pos += siginfolen*nsigs; if (pos+1+1+2+4+4+4+4 > length) return GPG_ERR_INV_OBJ ; /* Out of bounds. */ *flag_size = 1; *flag_off = pos; switch (what) { case KEYBOX_FLAG_VALIDITY: *flag_off += 1; break; case KEYBOX_FLAG_CREATED_AT: *flag_size = 4; *flag_off += 1+2+4+4+4; break; case KEYBOX_FLAG_SIG_INFO: *flag_size = siginfolen * nsigs; *flag_off = siginfooff; break; default: break; } break; default: return GPG_ERR_INV_FLAG; } return 0; } /* Return one of the flags WHAT in VALUE from the blob BUFFER of LENGTH bytes. Return 0 on success or an raw error code. */ static gpg_err_code_t get_flag_from_image (const unsigned char *buffer, size_t length, int what, unsigned int *value) { gpg_err_code_t ec; size_t pos, size; *value = 0; ec = _keybox_get_flag_location (buffer, length, what, &pos, &size); if (!ec) switch (size) { case 1: *value = buffer[pos]; break; case 2: *value = get16 (buffer + pos); break; case 4: *value = get32 (buffer + pos); break; default: ec = GPG_ERR_BUG; break; } return ec; } static int blob_cmp_sn (KEYBOXBLOB blob, const unsigned char *sn, int snlen) { const unsigned char *buffer; size_t length; size_t pos, off; size_t nkeys, keyinfolen; size_t nserial; buffer = _keybox_get_blob_image (blob, &length); if (length < 40) return 0; /* blob too short */ /*keys*/ nkeys = get16 (buffer + 16); keyinfolen = get16 (buffer + 18 ); if (keyinfolen < 28) return 0; /* invalid blob */ pos = 20 + keyinfolen*nkeys; if (pos+2 > length) return 0; /* out of bounds */ /*serial*/ nserial = get16 (buffer+pos); off = pos + 2; if (off+nserial > length) return 0; /* out of bounds */ return nserial == snlen && !memcmp (buffer+off, sn, snlen); } /* Returns 0 if not found or the number of the key which was found. For X.509 this is always 1, for OpenPGP this is 1 for the primary key and 2 and more for the subkeys. */ static int blob_cmp_fpr (KEYBOXBLOB blob, const unsigned char *fpr, unsigned int fprlen) { const unsigned char *buffer; size_t length; size_t pos, off; size_t nkeys, keyinfolen; int idx, fpr32, storedfprlen; buffer = _keybox_get_blob_image (blob, &length); if (length < 40) return 0; /* blob too short */ fpr32 = buffer[5] == 2; /*keys*/ nkeys = get16 (buffer + 16); keyinfolen = get16 (buffer + 18 ); if (keyinfolen < (fpr32?56:28)) return 0; /* invalid blob */ pos = 20; if (pos + (uint64_t)keyinfolen*nkeys > (uint64_t)length) return 0; /* out of bounds */ for (idx=0; idx < nkeys; idx++) { off = pos + idx*keyinfolen; if (fpr32) storedfprlen = (get16 (buffer + off + 32) & 0x80)? 32:20; else storedfprlen = 20; if (storedfprlen == fprlen && !memcmp (buffer + off, fpr, storedfprlen)) return idx+1; /* found */ } return 0; /* not found */ } /* Helper for has_short_kid and has_long_kid. */ static int blob_cmp_fpr_part (KEYBOXBLOB blob, const unsigned char *fpr, int fproff, int fprlen) { const unsigned char *buffer; size_t length; size_t pos, off; size_t nkeys, keyinfolen; int idx, fpr32, storedfprlen; buffer = _keybox_get_blob_image (blob, &length); if (length < 40) return 0; /* blob too short */ fpr32 = buffer[5] == 2; /*keys*/ nkeys = get16 (buffer + 16); keyinfolen = get16 (buffer + 18 ); if (keyinfolen < (fpr32?56:28)) return 0; /* invalid blob */ pos = 20; if (pos + (uint64_t)keyinfolen*nkeys > (uint64_t)length) return 0; /* out of bounds */ if (fpr32) fproff = 0; /* keyid are the high-order bits. */ for (idx=0; idx < nkeys; idx++) { off = pos + idx*keyinfolen; if (fpr32) storedfprlen = (get16 (buffer + off + 32) & 0x80)? 32:20; else storedfprlen = 20; if (storedfprlen == fproff + fprlen && !memcmp (buffer + off + fproff, fpr, fprlen)) return idx+1; /* found */ } return 0; /* not found */ } static int blob_cmp_name (KEYBOXBLOB blob, int idx, const char *name, size_t namelen, int substr, int x509) { const unsigned char *buffer; size_t length; size_t pos, off, len; size_t nkeys, keyinfolen; size_t nuids, uidinfolen; size_t nserial; buffer = _keybox_get_blob_image (blob, &length); if (length < 40) return 0; /* blob too short */ /*keys*/ nkeys = get16 (buffer + 16); keyinfolen = get16 (buffer + 18 ); if (keyinfolen < 28) return 0; /* invalid blob */ pos = 20 + keyinfolen*nkeys; if ((uint64_t)pos+2 > (uint64_t)length) return 0; /* out of bounds */ /*serial*/ nserial = get16 (buffer+pos); pos += 2 + nserial; if (pos+4 > length) return 0; /* out of bounds */ /* user ids*/ nuids = get16 (buffer + pos); pos += 2; uidinfolen = get16 (buffer + pos); pos += 2; if (uidinfolen < 12 /* should add a: || nuidinfolen > MAX_UIDINFOLEN */) return 0; /* invalid blob */ if (pos + uidinfolen*nuids > length) return 0; /* out of bounds */ if (idx < 0) { /* Compare all names. Note that for X.509 we start with index 1 so to skip the issuer at index 0. */ for (idx = !!x509; idx < nuids; idx++) { size_t mypos = pos; mypos += idx*uidinfolen; off = get32 (buffer+mypos); len = get32 (buffer+mypos+4); if ((uint64_t)off+(uint64_t)len > (uint64_t)length) return 0; /* error: better stop here out of bounds */ if (len < 1) continue; /* empty name */ if (substr) { if (ascii_memcasemem (buffer+off, len, name, namelen)) return idx+1; /* found */ } else { if (len == namelen && !memcmp (buffer+off, name, len)) return idx+1; /* found */ } } } else { if (idx > nuids) return 0; /* no user ID with that idx */ pos += idx*uidinfolen; off = get32 (buffer+pos); len = get32 (buffer+pos+4); if (off+len > length) return 0; /* out of bounds */ if (len < 1) return 0; /* empty name */ if (substr) { if (ascii_memcasemem (buffer+off, len, name, namelen)) return idx+1; /* found */ } else { if (len == namelen && !memcmp (buffer+off, name, len)) return idx+1; /* found */ } } return 0; /* not found */ } /* Compare all email addresses of the subject. With SUBSTR given as True a substring search is done in the mail address. The X509 flag indicated whether the search is done on an X.509 blob. */ static int blob_cmp_mail (KEYBOXBLOB blob, const char *name, size_t namelen, int substr, int x509) { const unsigned char *buffer; size_t length; size_t pos, off, len; size_t nkeys, keyinfolen; size_t nuids, uidinfolen; size_t nserial; int idx; /* fixme: this code is common to blob_cmp_mail */ buffer = _keybox_get_blob_image (blob, &length); if (length < 40) return 0; /* blob too short */ /*keys*/ nkeys = get16 (buffer + 16); keyinfolen = get16 (buffer + 18 ); if (keyinfolen < 28) return 0; /* invalid blob */ pos = 20 + keyinfolen*nkeys; if (pos+2 > length) return 0; /* out of bounds */ /*serial*/ nserial = get16 (buffer+pos); pos += 2 + nserial; if (pos+4 > length) return 0; /* out of bounds */ /* user ids*/ nuids = get16 (buffer + pos); pos += 2; uidinfolen = get16 (buffer + pos); pos += 2; if (uidinfolen < 12 /* should add a: || nuidinfolen > MAX_UIDINFOLEN */) return 0; /* invalid blob */ if (pos + uidinfolen*nuids > length) return 0; /* out of bounds */ if (namelen < 1) return 0; /* Note that for X.509 we start at index 1 because index 0 is used for the issuer name. */ for (idx=!!x509 ;idx < nuids; idx++) { size_t mypos = pos; size_t mylen; mypos += idx*uidinfolen; off = get32 (buffer+mypos); len = get32 (buffer+mypos+4); if ((uint64_t)off+(uint64_t)len > (uint64_t)length) return 0; /* error: better stop here - out of bounds */ if (x509) { if (len < 2 || buffer[off] != '<') continue; /* empty name or trailing 0 not stored */ len--; /* one back */ if ( len < 3 || buffer[off+len] != '>') continue; /* not a proper email address */ off++; len--; } else /* OpenPGP. */ { /* We need to forward to the mailbox part. */ mypos = off; mylen = len; for ( ; len && buffer[off] != '<'; len--, off++) ; if (len < 2 || buffer[off] != '<') { /* Mailbox not explicitly given or too short. Restore OFF and LEN and check whether the entire string resembles a mailbox without the angle brackets. */ off = mypos; len = mylen; if (!is_valid_mailbox_mem (buffer+off, len)) continue; /* Not a mail address. */ } else /* Seems to be standard user id with mail address. */ { off++; /* Point to first char of the mail address. */ len--; /* Search closing '>'. */ for (mypos=off; len && buffer[mypos] != '>'; len--, mypos++) ; if (!len || buffer[mypos] != '>' || off == mypos) continue; /* Not a proper mail address. */ len = mypos - off; } } if (substr) { if (ascii_memcasemem (buffer+off, len, name, namelen)) return idx+1; /* found */ } else { if (len == namelen && !ascii_memcasecmp (buffer+off, name, len)) return idx+1; /* found */ } } return 0; /* not found */ } /* Return true if the key in BLOB matches the 20 bytes keygrip GRIP. * We don't have the keygrips as meta data, thus we need to parse the * certificate. Fixme: We might want to return proper error codes * instead of failing a search for invalid certificates etc. */ static int blob_openpgp_has_grip (KEYBOXBLOB blob, const unsigned char *grip) { int rc = 0; const unsigned char *buffer; size_t length; size_t cert_off, cert_len; struct _keybox_openpgp_info info; struct _keybox_openpgp_key_info *k; buffer = _keybox_get_blob_image (blob, &length); if (length < 40) return 0; /* Too short. */ cert_off = get32 (buffer+8); cert_len = get32 (buffer+12); if ((uint64_t)cert_off+(uint64_t)cert_len > (uint64_t)length) return 0; /* Too short. */ if (_keybox_parse_openpgp (buffer + cert_off, cert_len, NULL, &info)) return 0; /* Parse error. */ if (!memcmp (info.primary.grip, grip, 20)) { rc = 1; goto leave; } if (info.nsubkeys) { k = &info.subkeys; do { if (!memcmp (k->grip, grip, 20)) { rc = 1; goto leave; } k = k->next; } while (k); } leave: _keybox_destroy_openpgp_info (&info); return rc; } #ifdef KEYBOX_WITH_X509 /* Return true if the key in BLOB matches the 20 bytes keygrip GRIP. We don't have the keygrips as meta data, thus we need to parse the certificate. Fixme: We might want to return proper error codes instead of failing a search for invalid certificates etc. */ static int blob_x509_has_grip (KEYBOXBLOB blob, const unsigned char *grip) { int rc; const unsigned char *buffer; size_t length; size_t cert_off, cert_len; ksba_reader_t reader = NULL; ksba_cert_t cert = NULL; ksba_sexp_t p = NULL; gcry_sexp_t s_pkey; unsigned char array[20]; unsigned char *rcp; size_t n; buffer = _keybox_get_blob_image (blob, &length); if (length < 40) return 0; /* Too short. */ cert_off = get32 (buffer+8); cert_len = get32 (buffer+12); if ((uint64_t)cert_off+(uint64_t)cert_len > (uint64_t)length) return 0; /* Too short. */ rc = ksba_reader_new (&reader); if (rc) return 0; /* Problem with ksba. */ rc = ksba_reader_set_mem (reader, buffer+cert_off, cert_len); if (rc) goto failed; rc = ksba_cert_new (&cert); if (rc) goto failed; rc = ksba_cert_read_der (cert, reader); if (rc) goto failed; p = ksba_cert_get_public_key (cert); if (!p) goto failed; n = gcry_sexp_canon_len (p, 0, NULL, NULL); if (!n) goto failed; rc = gcry_sexp_sscan (&s_pkey, NULL, (char*)p, n); if (rc) { gcry_sexp_release (s_pkey); goto failed; } rcp = gcry_pk_get_keygrip (s_pkey, array); gcry_sexp_release (s_pkey); if (!rcp) goto failed; /* Can't calculate keygrip. */ xfree (p); ksba_cert_release (cert); ksba_reader_release (reader); return !memcmp (array, grip, 20); failed: xfree (p); ksba_cert_release (cert); ksba_reader_release (reader); return 0; } #endif /*KEYBOX_WITH_X509*/ /* The has_foo functions are used as helpers for search */ static inline int has_short_kid (KEYBOXBLOB blob, u32 lkid) { unsigned char buf[4]; buf[0] = lkid >> 24; buf[1] = lkid >> 16; buf[2] = lkid >> 8; buf[3] = lkid; return blob_cmp_fpr_part (blob, buf, 16, 4); } static inline int has_long_kid (KEYBOXBLOB blob, u32 mkid, u32 lkid) { unsigned char buf[8]; buf[0] = mkid >> 24; buf[1] = mkid >> 16; buf[2] = mkid >> 8; buf[3] = mkid; buf[4] = lkid >> 24; buf[5] = lkid >> 16; buf[6] = lkid >> 8; buf[7] = lkid; return blob_cmp_fpr_part (blob, buf, 12, 8); } static inline int has_fingerprint (KEYBOXBLOB blob, const unsigned char *fpr, unsigned int fprlen) { return blob_cmp_fpr (blob, fpr, fprlen); } static inline int has_keygrip (KEYBOXBLOB blob, const unsigned char *grip) { if (blob_get_type (blob) == KEYBOX_BLOBTYPE_PGP) return blob_openpgp_has_grip (blob, grip); #ifdef KEYBOX_WITH_X509 if (blob_get_type (blob) == KEYBOX_BLOBTYPE_X509) return blob_x509_has_grip (blob, grip); #endif return 0; } +static inline int +has_ubid (KEYBOXBLOB blob, const unsigned char *ubid) +{ + size_t length; + const unsigned char *buffer; + size_t image_off, image_len; + unsigned char ubid_blob[20]; + + buffer = _keybox_get_blob_image (blob, &length); + if (length < 40) + return 0; /*GPG_ERR_TOO_SHORT*/ + image_off = get32 (buffer+8); + image_len = get32 (buffer+12); + if ((uint64_t)image_off+(uint64_t)image_len > (uint64_t)length) + return 0; /*GPG_ERR_TOO_SHORT*/ + + gcry_md_hash_buffer (GCRY_MD_SHA1, ubid_blob, buffer + image_off, image_len); + + return !memcmp (ubid, ubid_blob, 20); +} static inline int has_issuer (KEYBOXBLOB blob, const char *name) { size_t namelen; return_val_if_fail (name, 0); if (blob_get_type (blob) != KEYBOX_BLOBTYPE_X509) return 0; namelen = strlen (name); return blob_cmp_name (blob, 0 /* issuer */, name, namelen, 0, 1); } static inline int has_issuer_sn (KEYBOXBLOB blob, const char *name, const unsigned char *sn, int snlen) { size_t namelen; return_val_if_fail (name, 0); return_val_if_fail (sn, 0); if (blob_get_type (blob) != KEYBOX_BLOBTYPE_X509) return 0; namelen = strlen (name); return (blob_cmp_sn (blob, sn, snlen) && blob_cmp_name (blob, 0 /* issuer */, name, namelen, 0, 1)); } static inline int has_sn (KEYBOXBLOB blob, const unsigned char *sn, int snlen) { return_val_if_fail (sn, 0); if (blob_get_type (blob) != KEYBOX_BLOBTYPE_X509) return 0; return blob_cmp_sn (blob, sn, snlen); } static inline int has_subject (KEYBOXBLOB blob, const char *name) { size_t namelen; return_val_if_fail (name, 0); if (blob_get_type (blob) != KEYBOX_BLOBTYPE_X509) return 0; namelen = strlen (name); return blob_cmp_name (blob, 1 /* subject */, name, namelen, 0, 1); } static inline int has_username (KEYBOXBLOB blob, const char *name, int substr) { size_t namelen; int btype; return_val_if_fail (name, 0); btype = blob_get_type (blob); if (btype != KEYBOX_BLOBTYPE_PGP && btype != KEYBOX_BLOBTYPE_X509) return 0; namelen = strlen (name); return blob_cmp_name (blob, -1 /* all subject/user names */, name, namelen, substr, (btype == KEYBOX_BLOBTYPE_X509)); } static inline int has_mail (KEYBOXBLOB blob, const char *name, int substr) { size_t namelen; int btype; return_val_if_fail (name, 0); btype = blob_get_type (blob); if (btype != KEYBOX_BLOBTYPE_PGP && btype != KEYBOX_BLOBTYPE_X509) return 0; if (btype == KEYBOX_BLOBTYPE_PGP && *name == '<') name++; /* Hack to remove the leading '<' for gpg. */ namelen = strlen (name); if (namelen && name[namelen-1] == '>') namelen--; return blob_cmp_mail (blob, name, namelen, substr, (btype == KEYBOX_BLOBTYPE_X509)); } static void release_sn_array (struct sn_array_s *array, size_t size) { size_t n; for (n=0; n < size; n++) xfree (array[n].sn); xfree (array); } /* Helper to open the file. */ static gpg_error_t open_file (KEYBOX_HANDLE hd) { hd->fp = fopen (hd->kb->fname, "rb"); if (!hd->fp) { hd->error = gpg_error_from_syserror (); return hd->error; } return 0; } /* The search API */ gpg_error_t keybox_search_reset (KEYBOX_HANDLE hd) { if (!hd) return gpg_error (GPG_ERR_INV_VALUE); if (hd->found.blob) { _keybox_release_blob (hd->found.blob); hd->found.blob = NULL; } if (hd->fp) { if (fseeko (hd->fp, 0, SEEK_SET)) { /* Ooops. Seek did not work. Close so that the search will * open the file again. */ fclose (hd->fp); hd->fp = NULL; } } hd->error = 0; hd->eof = 0; return 0; } /* Note: When in ephemeral mode the search function does visit all blobs but in standard mode, blobs flagged as ephemeral are ignored. If WANT_BLOBTYPE is not 0 only blobs of this type are considered. The value at R_SKIPPED is updated by the number of skipped long records (counts PGP and X.509). */ gpg_error_t keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc, keybox_blobtype_t want_blobtype, size_t *r_descindex, unsigned long *r_skipped) { gpg_error_t rc; size_t n; int need_words, any_skip; KEYBOXBLOB blob = NULL; struct sn_array_s *sn_array = NULL; int pk_no, uid_no; off_t lastfoundoff; if (!hd) return gpg_error (GPG_ERR_INV_VALUE); /* Clear last found result but reord the offset of the last found * blob which we may need later. */ if (hd->found.blob) { lastfoundoff = _keybox_get_blob_fileoffset (hd->found.blob); _keybox_release_blob (hd->found.blob); hd->found.blob = NULL; } else lastfoundoff = 0; if (hd->error) return hd->error; /* still in error state */ if (hd->eof) return -1; /* still EOF */ /* figure out what information we need */ need_words = any_skip = 0; for (n=0; n < ndesc; n++) { switch (desc[n].mode) { case KEYDB_SEARCH_MODE_WORDS: need_words = 1; break; case KEYDB_SEARCH_MODE_FIRST: /* always restart the search in this mode */ keybox_search_reset (hd); lastfoundoff = 0; break; default: break; } if (desc[n].skipfnc) any_skip = 1; if (desc[n].snlen == -1 && !sn_array) { sn_array = xtrycalloc (ndesc, sizeof *sn_array); if (!sn_array) return (hd->error = gpg_error_from_syserror ()); } } (void)need_words; /* Not yet implemented. */ if (!hd->fp) { rc = open_file (hd); if (rc) { xfree (sn_array); return rc; } /* log_debug ("%s: re-opened file\n", __func__); */ if (ndesc && desc[0].mode != KEYDB_SEARCH_MODE_FIRST && lastfoundoff) { /* Search mode is not first and the last search operation * returned a blob which also was not the first one. We now * need to skip over that blob and hope that the file has * not changed. */ if (fseeko (hd->fp, lastfoundoff, SEEK_SET)) { rc = gpg_error_from_syserror (); log_debug ("%s: seeking to last found offset failed: %s\n", __func__, gpg_strerror (rc)); xfree (sn_array); return gpg_error (GPG_ERR_NOTHING_FOUND); } /* log_debug ("%s: re-opened file and sought to last offset\n", */ /* __func__); */ rc = _keybox_read_blob (NULL, hd->fp, NULL); if (rc) { log_debug ("%s: skipping last found blob failed: %s\n", __func__, gpg_strerror (rc)); xfree (sn_array); return gpg_error (GPG_ERR_NOTHING_FOUND); } } } /* Kludge: We need to convert an SN given as hexstring to its binary representation - in some cases we are not able to store it in the search descriptor, because due to the way we use it, it is not possible to free allocated memory. */ if (sn_array) { const unsigned char *s; int i, odd; size_t snlen; for (n=0; n < ndesc; n++) { if (!desc[n].sn) ; else if (desc[n].snlen == -1) { unsigned char *sn; s = desc[n].sn; for (i=0; *s && *s != '/'; s++, i++) ; odd = (i & 1); snlen = (i+1)/2; sn_array[n].sn = xtrymalloc (snlen); if (!sn_array[n].sn) { hd->error = gpg_error_from_syserror (); release_sn_array (sn_array, n); return hd->error; } sn_array[n].snlen = snlen; sn = sn_array[n].sn; s = desc[n].sn; if (odd) { *sn++ = xtoi_1 (s); s++; } for (; *s && *s != '/'; s += 2) *sn++ = xtoi_2 (s); } else { const unsigned char *sn; sn = desc[n].sn; snlen = desc[n].snlen; sn_array[n].sn = xtrymalloc (snlen); if (!sn_array[n].sn) { hd->error = gpg_error_from_syserror (); release_sn_array (sn_array, n); return hd->error; } sn_array[n].snlen = snlen; memcpy (sn_array[n].sn, sn, snlen); } } } pk_no = uid_no = 0; for (;;) { unsigned int blobflags; int blobtype; _keybox_release_blob (blob); blob = NULL; rc = _keybox_read_blob (&blob, hd->fp, NULL); if (gpg_err_code (rc) == GPG_ERR_TOO_LARGE && gpg_err_source (rc) == GPG_ERR_SOURCE_KEYBOX) { ++*r_skipped; continue; /* Skip too large records. */ } if (rc) break; blobtype = blob_get_type (blob); if (blobtype == KEYBOX_BLOBTYPE_HEADER) continue; if (want_blobtype && blobtype != want_blobtype) continue; blobflags = blob_get_blob_flags (blob); if (!hd->ephemeral && (blobflags & 2)) continue; /* Not in ephemeral mode but blob is flagged ephemeral. */ for (n=0; n < ndesc; n++) { switch (desc[n].mode) { case KEYDB_SEARCH_MODE_NONE: never_reached (); break; case KEYDB_SEARCH_MODE_EXACT: uid_no = has_username (blob, desc[n].u.name, 0); if (uid_no) goto found; break; case KEYDB_SEARCH_MODE_MAIL: uid_no = has_mail (blob, desc[n].u.name, 0); if (uid_no) goto found; break; case KEYDB_SEARCH_MODE_MAILSUB: uid_no = has_mail (blob, desc[n].u.name, 1); if (uid_no) goto found; break; case KEYDB_SEARCH_MODE_SUBSTR: uid_no = has_username (blob, desc[n].u.name, 1); if (uid_no) goto found; break; case KEYDB_SEARCH_MODE_MAILEND: case KEYDB_SEARCH_MODE_WORDS: /* not yet implemented */ break; case KEYDB_SEARCH_MODE_ISSUER: if (has_issuer (blob, desc[n].u.name)) goto found; break; case KEYDB_SEARCH_MODE_ISSUER_SN: if (has_issuer_sn (blob, desc[n].u.name, sn_array? sn_array[n].sn : desc[n].sn, sn_array? sn_array[n].snlen : desc[n].snlen)) goto found; break; case KEYDB_SEARCH_MODE_SN: if (has_sn (blob, sn_array? sn_array[n].sn : desc[n].sn, sn_array? sn_array[n].snlen : desc[n].snlen)) goto found; break; case KEYDB_SEARCH_MODE_SUBJECT: if (has_subject (blob, desc[n].u.name)) goto found; break; case KEYDB_SEARCH_MODE_SHORT_KID: pk_no = has_short_kid (blob, desc[n].u.kid[1]); if (pk_no) goto found; break; case KEYDB_SEARCH_MODE_LONG_KID: pk_no = has_long_kid (blob, desc[n].u.kid[0], desc[n].u.kid[1]); if (pk_no) goto found; break; case KEYDB_SEARCH_MODE_FPR: pk_no = has_fingerprint (blob, desc[n].u.fpr, desc[n].fprlen); if (pk_no) goto found; break; case KEYDB_SEARCH_MODE_KEYGRIP: if (has_keygrip (blob, desc[n].u.grip)) goto found; break; + case KEYDB_SEARCH_MODE_UBID: + if (has_ubid (blob, desc[n].u.ubid)) + goto found; + break; case KEYDB_SEARCH_MODE_FIRST: goto found; break; case KEYDB_SEARCH_MODE_NEXT: goto found; break; default: rc = gpg_error (GPG_ERR_INV_VALUE); goto found; } } continue; found: /* Record which DESC we matched on. Note this value is only meaningful if this function returns with no errors. */ if(r_descindex) *r_descindex = n; for (n=any_skip?0:ndesc; n < ndesc; n++) { u32 kid[2]; if (desc[n].skipfnc && blob_get_first_keyid (blob, kid) && desc[n].skipfnc (desc[n].skipfncvalue, kid, uid_no)) break; } if (n == ndesc) break; /* got it */ } if (!rc) { hd->found.blob = blob; hd->found.pk_no = pk_no; hd->found.uid_no = uid_no; } else if (rc == -1 || gpg_err_code (rc) == GPG_ERR_EOF) { _keybox_release_blob (blob); hd->eof = 1; } else { _keybox_release_blob (blob); hd->error = rc; } if (sn_array) release_sn_array (sn_array, ndesc); return rc; } /* Functions to return a certificate or a keyblock. To be used after a successful search operation. */ /* Return the raw data from the last found blob. Caller must release * the value stored at R_BUFFER. If called with NULL for R_BUFFER * only the needed length for the buffer and the public key type is * returned. */ gpg_error_t keybox_get_data (KEYBOX_HANDLE hd, void **r_buffer, size_t *r_length, enum pubkey_types *r_pubkey_type) { const unsigned char *buffer; size_t length; size_t image_off, image_len; if (r_buffer) *r_buffer = NULL; if (r_length) *r_length = 0; if (r_pubkey_type) *r_pubkey_type = PUBKEY_TYPE_UNKNOWN; if (!hd) return gpg_error (GPG_ERR_INV_VALUE); if (!hd->found.blob) return gpg_error (GPG_ERR_NOTHING_FOUND); switch (blob_get_type (hd->found.blob)) { case KEYBOX_BLOBTYPE_PGP: if (r_pubkey_type) *r_pubkey_type = PUBKEY_TYPE_OPGP; break; case KEYBOX_BLOBTYPE_X509: if (r_pubkey_type) *r_pubkey_type = PUBKEY_TYPE_X509; break; default: return gpg_error (GPG_ERR_WRONG_BLOB_TYPE); } buffer = _keybox_get_blob_image (hd->found.blob, &length); if (length < 40) return gpg_error (GPG_ERR_TOO_SHORT); image_off = get32 (buffer+8); image_len = get32 (buffer+12); if ((uint64_t)image_off+(uint64_t)image_len > (uint64_t)length) return gpg_error (GPG_ERR_TOO_SHORT); if (r_length) *r_length = image_len; if (r_buffer) { *r_buffer = xtrymalloc (image_len); if (!*r_buffer) return gpg_error_from_syserror (); memcpy (*r_buffer, buffer + image_off, image_len); } return 0; } /* Return the last found keyblock. Returns 0 on success and stores a * new iobuf at R_IOBUF. R_UID_NO and R_PK_NO are used to return the * index of the key or user id which matched the search criteria; if * not known they are set to 0. */ gpg_error_t keybox_get_keyblock (KEYBOX_HANDLE hd, iobuf_t *r_iobuf, int *r_pk_no, int *r_uid_no) { gpg_error_t err; const unsigned char *buffer; size_t length; size_t image_off, image_len; size_t siginfo_off, siginfo_len; *r_iobuf = NULL; if (!hd) return gpg_error (GPG_ERR_INV_VALUE); if (!hd->found.blob) return gpg_error (GPG_ERR_NOTHING_FOUND); if (blob_get_type (hd->found.blob) != KEYBOX_BLOBTYPE_PGP) return gpg_error (GPG_ERR_WRONG_BLOB_TYPE); buffer = _keybox_get_blob_image (hd->found.blob, &length); if (length < 40) return gpg_error (GPG_ERR_TOO_SHORT); image_off = get32 (buffer+8); image_len = get32 (buffer+12); if ((uint64_t)image_off+(uint64_t)image_len > (uint64_t)length) return gpg_error (GPG_ERR_TOO_SHORT); err = _keybox_get_flag_location (buffer, length, KEYBOX_FLAG_SIG_INFO, &siginfo_off, &siginfo_len); if (err) return err; *r_pk_no = hd->found.pk_no; *r_uid_no = hd->found.uid_no; *r_iobuf = iobuf_temp_with_content (buffer+image_off, image_len); return 0; } #ifdef KEYBOX_WITH_X509 /* Return the last found cert. Caller must free it. */ int keybox_get_cert (KEYBOX_HANDLE hd, ksba_cert_t *r_cert) { const unsigned char *buffer; size_t length; size_t cert_off, cert_len; ksba_reader_t reader = NULL; ksba_cert_t cert = NULL; int rc; if (!hd) return gpg_error (GPG_ERR_INV_VALUE); if (!hd->found.blob) return gpg_error (GPG_ERR_NOTHING_FOUND); if (blob_get_type (hd->found.blob) != KEYBOX_BLOBTYPE_X509) return gpg_error (GPG_ERR_WRONG_BLOB_TYPE); buffer = _keybox_get_blob_image (hd->found.blob, &length); if (length < 40) return gpg_error (GPG_ERR_TOO_SHORT); cert_off = get32 (buffer+8); cert_len = get32 (buffer+12); if ((uint64_t)cert_off+(uint64_t)cert_len > (uint64_t)length) return gpg_error (GPG_ERR_TOO_SHORT); rc = ksba_reader_new (&reader); if (rc) return rc; rc = ksba_reader_set_mem (reader, buffer+cert_off, cert_len); if (rc) { ksba_reader_release (reader); /* fixme: need to map the error codes */ return gpg_error (GPG_ERR_GENERAL); } rc = ksba_cert_new (&cert); if (rc) { ksba_reader_release (reader); return rc; } rc = ksba_cert_read_der (cert, reader); if (rc) { ksba_cert_release (cert); ksba_reader_release (reader); /* fixme: need to map the error codes */ return gpg_error (GPG_ERR_GENERAL); } *r_cert = cert; ksba_reader_release (reader); return 0; } #endif /*KEYBOX_WITH_X509*/ /* Return the flags named WHAT at the address of VALUE. IDX is used only for certain flags and should be 0 if not required. */ int keybox_get_flags (KEYBOX_HANDLE hd, int what, int idx, unsigned int *value) { const unsigned char *buffer; size_t length; gpg_err_code_t ec; (void)idx; /* Not yet used. */ if (!hd) return gpg_error (GPG_ERR_INV_VALUE); if (!hd->found.blob) return gpg_error (GPG_ERR_NOTHING_FOUND); buffer = _keybox_get_blob_image (hd->found.blob, &length); ec = get_flag_from_image (buffer, length, what, value); return ec? gpg_error (ec):0; } off_t keybox_offset (KEYBOX_HANDLE hd) { if (!hd->fp) return 0; return ftello (hd->fp); } gpg_error_t keybox_seek (KEYBOX_HANDLE hd, off_t offset) { gpg_error_t err; if (hd->error) return hd->error; /* still in error state */ if (! hd->fp) { if (!offset) { /* No need to open the file. An unopened file is effectively at offset 0. */ return 0; } err = open_file (hd); if (err) return err; } err = fseeko (hd->fp, offset, SEEK_SET); hd->error = gpg_error_from_errno (err); return hd->error; }