diff --git a/kbx/Makefile.am b/kbx/Makefile.am
index 48ed31740..42c3c4be8 100644
--- a/kbx/Makefile.am
+++ b/kbx/Makefile.am
@@ -1,95 +1,96 @@
# Keybox Makefile
# Copyright (C) 2001, 2002, 2003 Free Software Foundation, Inc.
#
# This file is part of GnuPG.
#
# GnuPG is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# GnuPG is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, see .
## Process this file with automake to produce Makefile.in
EXTRA_DIST = mkerrors keyboxd-w32info.rc
AM_CPPFLAGS =
include $(top_srcdir)/am/cmacros.am
if HAVE_W32_SYSTEM
resource_objs += keyboxd-w32info.o
endif
AM_CFLAGS = $(LIBGCRYPT_CFLAGS) $(KSBA_CFLAGS)
noinst_LIBRARIES = libkeybox.a libkeybox509.a
bin_PROGRAMS = kbxutil
libexec_PROGRAMS = keyboxd
if HAVE_W32CE_SYSTEM
extra_libs = $(LIBASSUAN_LIBS)
else
extra_libs =
endif
common_libs = $(libcommon)
commonpth_libs = $(libcommonpth)
common_sources = \
keybox.h keybox-defs.h keybox-search-desc.h \
keybox-util.c \
keybox-init.c \
keybox-blob.c \
keybox-file.c \
keybox-search.c \
keybox-update.c \
keybox-openpgp.c \
keybox-dump.c
libkeybox_a_SOURCES = $(common_sources)
libkeybox509_a_SOURCES = $(common_sources)
libkeybox_a_CFLAGS = $(AM_CFLAGS)
libkeybox509_a_CFLAGS = $(AM_CFLAGS) -DKEYBOX_WITH_X509=1
# We need W32SOCKLIBS because the init subsystem code in libcommon
# requires it - although we don't actually need it. It is easier
# to do it this way.
kbxutil_SOURCES = kbxutil.c $(common_sources)
kbxutil_CFLAGS = $(AM_CFLAGS) -DKEYBOX_WITH_X509=1
kbxutil_LDADD = $(common_libs) \
$(KSBA_LIBS) $(LIBGCRYPT_LIBS) $(extra_libs) \
$(GPG_ERROR_LIBS) $(LIBINTL) $(LIBICONV) $(W32SOCKLIBS) \
$(NETLIBS)
keyboxd_SOURCES = \
keyboxd.c keyboxd.h \
kbxserver.c \
frontend.c frontend.h \
backend.h backend-support.c \
+ backend-cache.c \
backend-kbx.c \
$(common_sources)
keyboxd_CFLAGS = $(AM_CFLAGS) $(LIBASSUAN_CFLAGS) $(NPTH_CFLAGS) \
$(INCICONV)
keyboxd_LDADD = $(commonpth_libs) \
$(LIBGCRYPT_LIBS) $(LIBASSUAN_LIBS) $(NPTH_LIBS) \
$(GPG_ERROR_LIBS) $(LIBINTL) $(NETLIBS) $(LIBICONV) \
$(resource_objs)
keyboxd_LDFLAGS = $(extra_bin_ldflags)
keyboxd_DEPENDENCIES = $(resource_objs)
# Make sure that all libs are build before we use them. This is
# important for things like make -j2.
$(PROGRAMS): $(common_libs) $(commonpth_libs)
diff --git a/kbx/backend-cache.c b/kbx/backend-cache.c
new file mode 100644
index 000000000..d5b46b50a
--- /dev/null
+++ b/kbx/backend-cache.c
@@ -0,0 +1,1167 @@
+/* backend-cache.c - Cache backend for keyboxd
+ * Copyright (C) 2019 g10 Code GmbH
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see .
+ * SPDX-License-Identifier: GPL-3.0-or-later
+ */
+
+/*
+ * This cache backend is designed to be queried first and to deliver
+ * cached items (which may also be not-found). A set a maintenance
+ * functions is used used by the frontend to fill the cache.
+ * FIXME: Support x.509
+ */
+
+#include
+#include
+#include
+#include
+#include
+
+#include "keyboxd.h"
+#include "../common/i18n.h"
+#include "../common/host2net.h"
+#include "backend.h"
+#include "keybox-defs.h"
+
+
+/* Standard values for the number of buckets and the threshold we use
+ * to flush items. */
+#define NO_OF_KEY_ITEM_BUCKETS 383
+#define KEY_ITEMS_PER_BUCKET_THRESHOLD 40
+#define NO_OF_BLOB_BUCKETS 383
+#define BLOBS_PER_BUCKET_THRESHOLD 20
+
+
+/* Our definition of the backend handle. */
+struct backend_handle_s
+{
+ enum database_types db_type; /* Always DB_TYPE_CACHE. */
+ unsigned int backend_id; /* Always the id the backend. */
+};
+
+
+/* The object holding a blob. */
+typedef struct blob_s
+{
+ struct blob_s *next;
+ enum pubkey_types pktype;
+ unsigned int refcount;
+ unsigned int usecount;
+ unsigned int datalen;
+ unsigned char *data; /* The actual data of length DATALEN. */
+ unsigned char ubid[20];
+} *blob_t;
+
+
+static blob_t *blob_table; /* Hash table with the blobs. */
+static size_t blob_table_size; /* Number of allocated buckets. */
+static unsigned int blob_table_threshold; /* Max. # of items per bucket. */
+static unsigned int blob_table_added; /* Number of items added. */
+static unsigned int blob_table_dropped; /* Number of items dropped. */
+static blob_t blob_attic; /* List of freed blobs. */
+
+
+/* A list item to blob data. This is so that a next operation on a
+ * cached key item can actually work. Things are complicated because
+ * we do not want to force caching all object before we get a next
+ * request from the client. To accomplish this we keep a flag
+ * indicating that the search needs to continue instead of delivering
+ * the previous item from the cache. */
+typedef struct bloblist_s
+{
+ struct bloblist_s *next;
+ unsigned int final_kid:1; /* The final blob for KID searches. */
+ unsigned int final_fpr:1; /* The final blob for FPR searches. */
+ unsigned int ubid_valid:1; /* The blobid below is valid. */
+ unsigned int subkey:1; /* The entry is for a subkey. */
+ unsigned int fprlen:8; /* The length of the fingerprint or 0. */
+ char fpr[32]; /* The buffer for the fingerprint. */
+ unsigned char ubid[20]; /* The Unique-Blob-ID of the blob. */
+} *bloblist_t;
+
+static bloblist_t bloblist_attic; /* List of freed items. */
+
+/* The cache object. For indexing we could use the fingerprint
+ * directly as a hash value. However, we use the keyid instead
+ * because the keyid is used by OpenPGP in encrypted packets and older
+ * signatures to identify a key. Since v4 OpenPGP keys the keyid is
+ * anyway a part of the fingerprint so it quickly extracted from a
+ * fingerprint. Note that v3 keys are not supported by gpg.
+ * FIXME: Add support for X.509.
+ */
+typedef struct key_item_s
+{
+ struct key_item_s *next;
+ bloblist_t blist; /* List of blobs or NULL for not-found. */
+ unsigned int usecount;
+ unsigned int refcount; /* Reference counter for this item. */
+ u32 kid_h; /* Upper 4 bytes of the keyid. */
+ u32 kid_l; /* Lower 4 bytes of the keyid. */
+} *key_item_t;
+
+static key_item_t *key_table; /* Hash table with the keys. */
+static size_t key_table_size; /* Number of allocated buckets. */
+static unsigned int key_table_threshold; /* Max. # of items per bucket. */
+static unsigned int key_table_added; /* Number of items added. */
+static unsigned int key_table_dropped; /* Number of items dropped. */
+static key_item_t key_item_attic; /* List of freed items. */
+
+
+
+
+/* The hash function we use for the key_table. Must not call a system
+ * function. */
+static inline unsigned int
+blob_table_hasher (const unsigned char *ubid)
+{
+ return (ubid[0] << 16 | ubid[1]) % blob_table_size;
+}
+
+
+/* Runtime allocation of the key table. This allows us to eventually
+ * add an option to control the size. */
+static gpg_error_t
+blob_table_init (void)
+{
+ if (blob_table)
+ return 0;
+ blob_table_size = NO_OF_BLOB_BUCKETS;
+ blob_table_threshold = BLOBS_PER_BUCKET_THRESHOLD;
+ blob_table = xtrycalloc (blob_table_size, sizeof *blob_table);
+ if (!blob_table)
+ return gpg_error_from_syserror ();
+ return 0;
+}
+
+/* Free a blob. This is done by moving it to the attic list. */
+static void
+blob_unref (blob_t blob)
+{
+ void *p;
+
+ if (!blob)
+ return;
+ log_assert (blob->refcount);
+ if (!--blob->refcount)
+ {
+ p = blob->data;
+ blob->data = NULL;
+ blob->next = blob_attic;
+ blob_attic = blob;
+ xfree (p);
+ }
+}
+
+
+/* Given the hash value and the ubid, find the blob in the bucket.
+ * Returns NULL if not found or the blob item if found. Always
+ * returns the the number of items searched, which is in the case of a
+ * not-found the length of the chain. */
+static blob_t
+find_blob (unsigned int hash, const unsigned char *ubid,
+ unsigned int *r_count)
+{
+ blob_t b;
+ unsigned int count = 0;
+
+ for (b = blob_table[hash]; b; b = b->next, count++)
+ if (!memcmp (b->ubid, ubid, 20))
+ break;
+ if (r_count)
+ *r_count = count;
+ return b;
+}
+
+
+/* Helper for the qsort in key_table_put. */
+static int
+compare_blobs (const void *arg_a, const void *arg_b)
+{
+ const blob_t a = *(const blob_t *)arg_a;
+ const blob_t b = *(const blob_t *)arg_b;
+
+ /* Reverse sort on the usecount. */
+ if (a->usecount > b->usecount)
+ return -1;
+ else if (a->usecount == b->usecount)
+ return 0;
+ else
+ return 1;
+}
+
+
+/* Put the blob (BLOBDATA, BLOBDATALEN) into the cache using UBID as
+ * the index. If it is already in the cache nothing happens. */
+static void
+blob_table_put (const unsigned char *ubid,
+ const void *blobdata, unsigned int blobdatalen)
+{
+ unsigned int hash;
+ blob_t b;
+ unsigned int count, n;
+ void *blobdatacopy = NULL;
+
+ hash = blob_table_hasher (ubid);
+ find_again:
+ b = find_blob (hash, ubid, &count);
+ if (b)
+ {
+ xfree (blobdatacopy);
+ return; /* Already got this blob. */
+ }
+
+ /* Create a copy of the blob if not yet done. */
+ if (!blobdatacopy)
+ {
+ blobdatacopy = xtrymalloc (blobdatalen);
+ if (!blobdatacopy)
+ {
+ log_info ("Note: malloc failed while copying blob to the cache: %s\n",
+ gpg_strerror (gpg_error_from_syserror ()));
+ return; /* Out of core - ignore. */
+ }
+ memcpy (blobdatacopy, blobdata, blobdatalen);
+ }
+
+ /* If the bucket is full remove a couple of items. */
+ if (count >= blob_table_threshold)
+ {
+ blob_t list_head, *list_tailp, b_next;
+ blob_t *array;
+ int narray, idx;
+
+ /* Unlink from the global list so that other threads don't
+ * disturb us. If another thread adds or removes something only
+ * one will be the winner. Bad luck for the dropped cache items
+ * but after all it is just a cache. */
+ list_head = blob_table[hash];
+ blob_table[hash] = NULL;
+
+ /* Put all items into an array for sorting. */
+ array = xtrycalloc (count, sizeof *array);
+ if (!array)
+ {
+ /* That's bad; give up all items of the bucket. */
+ log_info ("Note: malloc failed while purging blobs from the "
+ "cache: %s\n", gpg_strerror (gpg_error_from_syserror ()));
+ goto leave_drop;
+ }
+ narray = 0;
+ for (b = list_head; b; b = b_next)
+ {
+ b_next = b->next;
+ array[narray++] = b;
+ b->next = NULL;
+ }
+ log_assert (narray == count);
+
+ /* Sort the array and put half of it onto a new list. */
+ qsort (array, narray, sizeof *array, compare_blobs);
+ list_head = NULL;
+ list_tailp = &list_head;
+ for (idx=0; idx < narray/2; idx++)
+ {
+ *list_tailp = array[idx];
+ list_tailp = &array[idx]->next;
+ }
+
+ /* Put the new list into the bucket. */
+ b = blob_table[hash];
+ blob_table[hash] = list_head;
+ list_head = b;
+
+ /* Free the remaining items and the array. */
+ for (; idx < narray; idx++)
+ {
+ blob_unref (array[idx]);
+ blob_table_dropped++;
+ }
+ xfree (array);
+
+ leave_drop:
+ /* Free any items added in the meantime by other threads. This
+ * is also used in case of a malloc problem (which won't update
+ * the counters, though). */
+ for ( ; list_head; list_head = b_next)
+ {
+ b_next = list_head->next;
+ blob_unref (list_head);
+ }
+ }
+
+ /* Add an item to the bucket. We allocate a whole block of items
+ * for cache performance reasons. */
+ if (!blob_attic)
+ {
+ blob_t b_block;
+ int b_blocksize = 256;
+
+ b_block = xtrymalloc (b_blocksize * sizeof *b_block);
+ if (!b_block)
+ {
+ log_info ("Note: malloc failed while adding blob to the cache: %s\n",
+ gpg_strerror (gpg_error_from_syserror ()));
+ xfree (blobdatacopy);
+ return; /* Out of core - ignore. */
+ }
+ for (n = 0; n < b_blocksize; n++)
+ {
+ b = b_block + n;
+ b->next = blob_attic;
+ blob_attic = b;
+ }
+
+ /* During the malloc another thread might have changed the
+ * bucket. Thus we need to start over. */
+ goto find_again;
+ }
+
+ /* We now know that there is an item in the attic. Put it into the
+ * chain. Note that we may not use any system call here. */
+ b = blob_attic;
+ blob_attic = b->next;
+ b->next = NULL;
+ b->data = blobdatacopy;
+ b->datalen = blobdatalen;
+ memcpy (b->ubid, ubid, 20);
+ b->usecount = 1;
+ b->refcount = 1;
+ b->next = blob_table[hash];
+ blob_table[hash] = b;
+ blob_table_added++;
+}
+
+
+/* Given the UBID return a cached blob item. The caller must
+ * release that item using blob_unref. */
+static blob_t
+blob_table_get (const unsigned char *ubid)
+{
+ unsigned int hash;
+ blob_t b;
+
+ hash = blob_table_hasher (ubid);
+ b = find_blob (hash, ubid, NULL);
+ if (b)
+ {
+ b->usecount++;
+ b->refcount++;
+ return b; /* Found */
+ }
+
+ return NULL;
+}
+
+
+
+/* The hash function we use for the key_table. Must not call a system
+ * function. */
+static inline unsigned int
+key_table_hasher (u32 kid_l)
+{
+ return kid_l % key_table_size;
+}
+
+
+/* Runtime allocation of the key table. This allows us to eventually
+ * add an option to control the size. */
+static gpg_error_t
+key_table_init (void)
+{
+ if (key_table)
+ return 0;
+ key_table_size = NO_OF_KEY_ITEM_BUCKETS;
+ key_table_threshold = KEY_ITEMS_PER_BUCKET_THRESHOLD;
+ key_table = xtrycalloc (key_table_size, sizeof *key_table);
+ if (!key_table)
+ return gpg_error_from_syserror ();
+ return 0;
+}
+
+/* Free a key_item. This is done by moving it to the attic list. */
+static void
+key_item_unref (key_item_t ki)
+{
+ bloblist_t bl, bl2;
+
+ if (!ki)
+ return;
+ log_assert (ki->refcount);
+ if (!--ki->refcount)
+ {
+ bl = ki->blist;
+ ki->blist = NULL;
+ ki->next = key_item_attic;
+ key_item_attic = ki;
+
+ if (bl)
+ {
+ for (bl2 = bl; bl2->next; bl2 = bl2->next)
+ ;
+ bl2->next = bloblist_attic;
+ bloblist_attic = bl;
+ }
+ }
+}
+
+
+/* Given the hash value and the search info, find the key item in the
+ * bucket. Return NULL if not found or the key item if fount. Always
+ * returns the the number of items searched, which is in the case of a
+ * not-found the length of the chain. Note that FPR may only be NULL
+ * if FPRLEN is 0. */
+static key_item_t
+find_in_chain (unsigned int hash, u32 kid_h, u32 kid_l,
+ unsigned int *r_count)
+{
+ key_item_t ki = key_table[hash];
+ unsigned int count = 0;
+
+ for (; ki; ki = ki->next, count++)
+ if (ki->kid_h == kid_h && ki->kid_l == kid_l)
+ break;
+ if (r_count)
+ *r_count = count;
+ return ki;
+}
+
+
+/* Helper for the qsort in key_table_put. */
+static int
+compare_key_items (const void *arg_a, const void *arg_b)
+{
+ const key_item_t a = *(const key_item_t *)arg_a;
+ const key_item_t b = *(const key_item_t *)arg_b;
+
+ /* Reverse sort on the usecount. */
+ if (a->usecount > b->usecount)
+ return -1;
+ else if (a->usecount == b->usecount)
+ return 0;
+ else
+ return 1;
+}
+
+
+/* Allocate new key items. They are put to the attic so that the
+ * caller can take them from there. On allocation failure a note
+ * is printed and an error returned. */
+static gpg_error_t
+alloc_more_key_items (void)
+{
+ gpg_error_t err;
+ key_item_t kiblock, ki;
+ int kiblocksize = 256;
+ unsigned int n;
+
+ kiblock = xtrymalloc (kiblocksize * sizeof *kiblock);
+ if (!kiblock)
+ {
+ err = gpg_error_from_syserror ();
+ log_info ("Note: malloc failed while adding to the cache: %s\n",
+ gpg_strerror (err));
+ return err;
+ }
+ for (n = 0; n < kiblocksize; n++)
+ {
+ ki = kiblock + n;
+ ki->next = key_item_attic;
+ key_item_attic = ki;
+ }
+ return 0;
+}
+
+
+/* Allocate new bloblist items. They are put to the attic so that the
+ * caller can take them from there. On allocation failure a note is
+ * printed and an error returned. */
+static gpg_error_t
+alloc_more_bloblist_items (void)
+{
+ gpg_error_t err;
+ bloblist_t bl;
+ bloblist_t blistblock;
+ int blistblocksize = 256;
+ unsigned int n;
+
+ blistblock = xtrymalloc (blistblocksize * sizeof *blistblock);
+ if (!blistblock)
+ {
+ err = gpg_error_from_syserror ();
+ log_info ("Note: malloc failed while adding to the cache: %s\n",
+ gpg_strerror (err));
+ return err;
+ }
+ for (n = 0; n < blistblocksize; n++)
+ {
+ bl = blistblock + n;
+ bl->next = bloblist_attic;
+ bloblist_attic = bl;
+ }
+ return 0;
+}
+
+
+/* Helper for key_table_put. This function assumes that
+ * bloblist_attaci is not NULL. Returns a new bloblist item. Be
+ * aware that no system calls may be done - even not log
+ * functions! */
+static bloblist_t
+new_bloblist_item (const unsigned char *fpr, unsigned int fprlen,
+ const unsigned char *ubid, int subkey)
+{
+ bloblist_t bl;
+
+ bl = bloblist_attic;
+ bloblist_attic = bl->next;
+ bl->next = NULL;
+
+ if (ubid)
+ memcpy (bl->ubid, ubid, 20);
+ else
+ memset (bl->ubid, 0, 20);
+ bl->ubid_valid = 1;
+ bl->final_kid = 0;
+ bl->final_fpr = 0;
+ bl->subkey = !!subkey;
+ bl->fprlen = fprlen;
+ memcpy (bl->fpr, fpr, fprlen);
+ return bl;
+}
+
+
+/* If the list of key item in the bucken HASH is full remove a couple
+ * of them. On error a diagnostic is printed and an error code
+ * return. Note that the error code GPG_ERR_TRUE is returned if any
+ * flush and thus system calls were done.
+ */
+static gpg_error_t
+maybe_flush_some_key_buckets (unsigned int hash, unsigned int count)
+{
+ gpg_error_t err;
+ key_item_t ki, list_head, *list_tailp, ki_next;
+ key_item_t *array;
+ int narray, idx;
+
+ if (count < key_table_threshold)
+ return 0; /* Nothing to do. */
+
+ /* Unlink from the global list so that other threads don't disturb
+ * us. If another thread adds or removes something only one will be
+ * the winner. Bad luck for the dropped cache items but after all
+ * it is just a cache. */
+ list_head = key_table[hash];
+ key_table[hash] = NULL;
+
+ /* Put all items into an array for sorting. */
+ array = xtrycalloc (count, sizeof *array);
+ if (!array)
+ {
+ /* That's bad; give up all items of the bucket. */
+ err = gpg_error_from_syserror ();
+ log_info ("Note: malloc failed while purging from the cache: %s\n",
+ gpg_strerror (err));
+ goto leave;
+ }
+ narray = 0;
+ for (ki = list_head; ki; ki = ki_next)
+ {
+ ki_next = ki->next;
+ array[narray++] = ki;
+ ki->next = NULL;
+ }
+ log_assert (narray == count);
+
+ /* Sort the array and put half of it onto a new list. */
+ qsort (array, narray, sizeof *array, compare_key_items);
+ list_head = NULL;
+ list_tailp = &list_head;
+ for (idx=0; idx < narray/2; idx++)
+ {
+ *list_tailp = array[idx];
+ list_tailp = &array[idx]->next;
+ }
+
+ /* Put the new list into the bucket. */
+ ki = key_table[hash];
+ key_table[hash] = list_head;
+ list_head = ki;
+
+ /* Free the remaining items and the array. */
+ for (; idx < narray; idx++)
+ {
+ key_item_unref (array[idx]);
+ key_table_dropped++;
+ }
+ xfree (array);
+ err = gpg_error (GPG_ERR_TRUE);
+
+ leave:
+ /* Free any items added in the meantime by other threads. This is
+ * also used in case of a malloc problem (which won't update the
+ * counters, though). */
+ for ( ; list_head; list_head = ki_next)
+ {
+ ki_next = list_head->next;
+ key_item_unref (list_head);
+ }
+ return err;
+}
+
+
+/* Thsi is the core of
+ * key_table_put,
+ * key_table_put_no_fpr,
+ * key_table_put_no_kid.
+ */
+static void
+do_key_table_put (u32 kid_h, u32 kid_l,
+ const unsigned char *fpr, unsigned int fprlen,
+ const unsigned char *ubid, int subkey)
+{
+ unsigned int hash;
+ key_item_t ki;
+ bloblist_t bl, bl_tail;
+ unsigned int count;
+ int do_find_again;
+ int mark_not_found = !fpr;
+
+ hash = key_table_hasher (kid_l);
+ find_again:
+ do_find_again = 0;
+ ki = find_in_chain (hash, kid_h, kid_l, &count);
+ if (ki)
+ {
+ if (mark_not_found)
+ return; /* Can't put the mark because meanwhile a entry was
+ * added. */
+
+ for (bl = ki->blist; bl; bl = bl->next)
+ if (bl->fprlen
+ && bl->fprlen == fprlen
+ && !memcmp (bl->fpr, fpr, fprlen))
+ break;
+ if (bl)
+ return; /* Already in the bloblist for the keyid */
+
+ /* Append to the list. */
+ if (!bloblist_attic)
+ {
+ if (alloc_more_bloblist_items ())
+ return; /* Out of core - ignore. */
+ goto find_again; /* Need to start over due to the malloc. */
+ }
+ for (bl_tail = NULL, bl = ki->blist; bl; bl_tail = bl, bl = bl->next)
+ ;
+ bl = new_bloblist_item (fpr, fprlen, ubid, subkey);
+ if (bl_tail)
+ bl_tail->next = bl;
+ else
+ ki->blist = bl;
+
+ return;
+ }
+
+ /* If the bucket is full remove a couple of items. */
+ if (maybe_flush_some_key_buckets (hash, count))
+ {
+ /* During the fucntion call another thread might have changed
+ * the bucket. Thus we need to start over. */
+ do_find_again = 1;
+ }
+
+ if (!key_item_attic)
+ {
+ if (alloc_more_key_items ())
+ return; /* Out of core - ignore. */
+ do_find_again = 1;
+ }
+
+ if (!bloblist_attic)
+ {
+ if (alloc_more_bloblist_items ())
+ return; /* Out of core - ignore. */
+ do_find_again = 1;
+ }
+
+ if (do_find_again)
+ goto find_again;
+
+ /* We now know that there are items in the attics. Put them into
+ * the chain. Note that we may not use any system call here. */
+ ki = key_item_attic;
+ key_item_attic = ki->next;
+ ki->next = NULL;
+
+ if (mark_not_found)
+ ki->blist = NULL;
+ else
+ ki->blist = new_bloblist_item (fpr, fprlen, ubid, subkey);
+
+ ki->kid_h = kid_h;
+ ki->kid_l = kid_l;
+ ki->usecount = 1;
+ ki->refcount = 1;
+
+ ki->next = key_table[hash];
+ key_table[hash] = ki;
+ key_table_added++;
+}
+
+
+/* Given the fingerprint (FPR,FPRLEN) put the UBID into the cache.
+ * SUBKEY indicates that the fingerprint is from a subkey. */
+static void
+key_table_put (const unsigned char *fpr, unsigned int fprlen,
+ const unsigned char *ubid, int subkey)
+{
+ u32 kid_h, kid_l;
+
+ if (fprlen < 20 || fprlen > 32)
+ return; /* No support for v3 keys or unknown key versions. */
+
+ if (fprlen == 20) /* v4 key */
+ {
+ kid_h = buf32_to_u32 (fpr+12);
+ kid_l = buf32_to_u32 (fpr+16);
+ }
+ else /* v5 or later key */
+ {
+ kid_h = buf32_to_u32 (fpr);
+ kid_l = buf32_to_u32 (fpr+4);
+ }
+ do_key_table_put (kid_h, kid_l, fpr, fprlen, ubid, subkey);
+}
+
+
+/* Given the fingerprint (FPR,FPRLEN) put a flag into the cache that
+ * this fingerprint was not found. */
+static void
+key_table_put_no_fpr (const unsigned char *fpr, unsigned int fprlen)
+{
+ u32 kid_h, kid_l;
+
+ if (fprlen < 20 || fprlen > 32)
+ return; /* No support for v3 keys or unknown key versions. */
+
+ if (fprlen == 20) /* v4 key */
+ {
+ kid_h = buf32_to_u32 (fpr+12);
+ kid_l = buf32_to_u32 (fpr+16);
+ }
+ else /* v5 or later key */
+ {
+ kid_h = buf32_to_u32 (fpr);
+ kid_l = buf32_to_u32 (fpr+4);
+ }
+ /* Note that our not-found chaching is only based on the keyid. */
+ do_key_table_put (kid_h, kid_l, NULL, 0, NULL, 0);
+}
+
+
+/* Given the keyid (KID_H, KID_L) put a flag into the cache that this
+ * keyid was not found. */
+static void
+key_table_put_no_kid (u32 kid_h, u32 kid_l)
+{
+ do_key_table_put (kid_h, kid_l, NULL, 0, NULL, 0);
+}
+
+
+/* Given the keyid or the fingerprint return the key item from the
+ * cache. The caller must release the result using key_item_unref.
+ * NULL is returned if not found. */
+static key_item_t
+key_table_get (u32 kid_h, u32 kid_l)
+{
+ unsigned int hash;
+ key_item_t ki;
+
+ hash = key_table_hasher (kid_l);
+ ki = find_in_chain (hash, kid_h, kid_l, NULL);
+ if (ki)
+ {
+ ki->usecount++;
+ ki->refcount++;
+ return ki; /* Found */
+ }
+
+ return NULL;
+}
+
+
+/* Return a key item by searching for the keyid. The caller must use
+ * key_item_unref on it. */
+static key_item_t
+query_by_kid (u32 kid_h, u32 kid_l)
+{
+ return key_table_get (kid_h, kid_l);
+}
+
+
+/* Return a key item by searching for the fingerprint. The caller
+ * must use key_item_unref on it. Note that the returned key item may
+ * not actually carry the fingerprint; the caller needs to scan the
+ * bloblist of the keyitem. We can't do that here because the
+ * reference counting is done on the keyitem s and thus this needs to
+ * be returned. */
+static key_item_t
+query_by_fpr (const unsigned char *fpr, unsigned int fprlen)
+{
+ u32 kid_h, kid_l;
+
+ if (fprlen < 20 || fprlen > 32 )
+ return NULL; /* No support for v3 keys or unknown key versions. */
+
+ if (fprlen == 20) /* v4 key */
+ {
+ kid_h = buf32_to_u32 (fpr+12);
+ kid_l = buf32_to_u32 (fpr+16);
+ }
+ else /* v5 or later key */
+ {
+ kid_h = buf32_to_u32 (fpr);
+ kid_l = buf32_to_u32 (fpr+4);
+ }
+
+ return key_table_get (kid_h, kid_l);
+}
+
+
+
+
+
+/* Install a new resource and return a handle for that backend. */
+gpg_error_t
+be_cache_add_resource (ctrl_t ctrl, backend_handle_t *r_hd)
+{
+ gpg_error_t err;
+ backend_handle_t hd;
+
+ (void)ctrl;
+
+ *r_hd = NULL;
+ hd = xtrycalloc (1, sizeof *hd);
+ if (!hd)
+ return gpg_error_from_syserror ();
+ hd->db_type = DB_TYPE_CACHE;
+
+ hd->backend_id = be_new_backend_id ();
+
+ err = blob_table_init ();
+ if (err)
+ goto leave;
+
+ err = key_table_init ();
+ if (err)
+ goto leave;
+
+ *r_hd = hd;
+ hd = NULL;
+
+ leave:
+ xfree (hd);
+ return err;
+}
+
+
+/* Release the backend handle HD and all its resources. HD is not
+ * valid after a call to this function. */
+void
+be_cache_release_resource (ctrl_t ctrl, backend_handle_t hd)
+{
+ (void)ctrl;
+
+ if (!hd)
+ return;
+ hd->db_type = DB_TYPE_NONE;
+
+ /* Fixme: Free the key_table. */
+
+ xfree (hd);
+}
+
+
+/* Search for the keys described by (DESC,NDESC) and return them to
+ * the caller. BACKEND_HD is the handle for this backend and REQUEST
+ * is the current database request object. On a cache hit either 0 or
+ * GPG_ERR_NOT_FOUND is returned. The former returns the item; the
+ * latter indicates that the cache has known that the item won't be
+ * found in any databases. On a cache miss GPG_ERR_EOF is
+ * returned. */
+gpg_error_t
+be_cache_search (ctrl_t ctrl, backend_handle_t backend_hd, db_request_t request,
+ KEYDB_SEARCH_DESC *desc, unsigned int ndesc)
+{
+ gpg_error_t err;
+ db_request_part_t reqpart;
+ unsigned int n;
+ blob_t b;
+ key_item_t ki;
+ bloblist_t bl;
+ int not_found = 0;
+ int descidx = 0;
+ int found_bykid = 0;
+
+ log_assert (backend_hd && backend_hd->db_type == DB_TYPE_CACHE);
+ log_assert (request);
+
+ err = be_find_request_part (backend_hd, request, &reqpart);
+ if (err)
+ goto leave;
+
+ if (!desc)
+ {
+ /* Reset operation. */
+ request->last_cached_valid = 0;
+ request->last_cached_final = 0;
+ reqpart->cache_seqno.fpr = 0;
+ reqpart->cache_seqno.kid = 0;
+ reqpart->cache_seqno.grip = 0;
+ err = 0;
+ goto leave;
+ }
+
+ for (ki = NULL, n=0; n < ndesc && !ki; n++)
+ {
+ descidx = n;
+ switch (desc[n].mode)
+ {
+ case KEYDB_SEARCH_MODE_LONG_KID:
+ ki = query_by_kid (desc[n].u.kid[0], desc[n].u.kid[1]);
+ if (ki && ki->blist)
+ {
+ not_found = 0;
+ /* Note that in a bloblist all keyids are the same. */
+ for (n=0, bl = ki->blist; bl; bl = bl->next)
+ if (n++ == reqpart->cache_seqno.kid)
+ break;
+ if (!bl)
+ {
+ key_item_unref (ki);
+ ki = NULL;
+ }
+ else
+ {
+ found_bykid = 1;
+ reqpart->cache_seqno.kid++;
+ }
+ }
+ else if (ki)
+ not_found = 1;
+ break;
+
+ case KEYDB_SEARCH_MODE_FPR:
+ ki = query_by_fpr (desc[n].u.fpr, desc[n].fprlen);
+ if (ki && ki->blist)
+ {
+ not_found = 0;
+ for (n=0, bl = ki->blist; bl; bl = bl->next)
+ if (bl->fprlen
+ && bl->fprlen == desc[n].fprlen
+ && !memcmp (bl->fpr, desc[n].u.fpr, desc[n].fprlen)
+ && n++ == reqpart->cache_seqno.fpr)
+ break;
+ if (!bl)
+ {
+ key_item_unref (ki);
+ ki = NULL;
+ }
+ else
+ reqpart->cache_seqno.fpr++;
+ }
+ else if (ki)
+ not_found = 1;
+ break;
+
+ /* case KEYDB_SEARCH_MODE_KEYGRIP: */
+ /* ki = query_by_grip (desc[n].u.fpr, desc[n].fprlen); */
+ /* break; */
+
+ default:
+ ki = NULL;
+ break;
+ }
+ }
+
+ if (not_found)
+ {
+ err = gpg_error (GPG_ERR_NOT_FOUND);
+ key_item_unref (ki);
+ }
+ else if (ki)
+ {
+ if (bl && bl->ubid_valid)
+ {
+ memcpy (request->last_cached_ubid, bl->ubid, 20);
+ request->last_cached_valid = 1;
+ request->last_cached_fprlen = desc[descidx].fprlen;
+ memcpy (request->last_cached_fpr,
+ desc[descidx].u.fpr, desc[descidx].fprlen);
+ request->last_cached_kid_h = ki->kid_h;
+ request->last_cached_kid_l = ki->kid_l;
+ request->last_cached_valid = 1;
+ if ((bl->final_kid && found_bykid)
+ || (bl->final_fpr && !found_bykid))
+ request->last_cached_final = 1;
+ else
+ request->last_cached_final = 0;
+
+ b = blob_table_get (bl->ubid);
+ if (b)
+ {
+ err = be_return_pubkey (ctrl, b->data, b->datalen,
+ PUBKEY_TYPE_OPGP, bl->ubid);
+ blob_unref (b);
+ }
+ else
+ {
+ /* FIXME - return a different code so that the caller
+ * can lookup using the UBID. */
+ err = gpg_error (GPG_ERR_MISSING_VALUE);
+ }
+ }
+ else if (bl)
+ err = gpg_error (GPG_ERR_MISSING_VALUE);
+ else
+ err = gpg_error (GPG_ERR_NOT_FOUND);
+ key_item_unref (ki);
+ }
+ else
+ err = gpg_error (GPG_ERR_EOF);
+
+ leave:
+ return err;
+}
+
+
+/* Mark the last cached item as the final item. This is called when
+ * the actual database returned EOF in respond to a restart from the
+ * last cached UBID. */
+void
+be_cache_mark_final (ctrl_t ctrl, db_request_t request)
+{
+ key_item_t ki;
+ bloblist_t bl, blfound;
+
+ (void)ctrl;
+
+ log_assert (request);
+
+ if (!request->last_cached_valid)
+ return;
+
+ if (!request->last_cached_fprlen) /* Was cached via keyid. */
+ {
+ ki = query_by_kid (request->last_cached_kid_h,
+ request->last_cached_kid_l);
+ if (ki && (bl = ki->blist))
+ {
+ for (blfound=NULL; bl; bl = bl->next)
+ blfound = bl;
+ if (blfound)
+ blfound->final_kid = 1;
+ }
+ key_item_unref (ki);
+ }
+ else /* Was cached via fingerprint. */
+ {
+ ki = query_by_fpr (request->last_cached_fpr,
+ request->last_cached_fprlen);
+ if (ki && (bl = ki->blist))
+ {
+ for (blfound=NULL; bl; bl = bl->next)
+ if (bl->fprlen
+ && bl->fprlen == request->last_cached_fprlen
+ && !memcmp (bl->fpr, request->last_cached_fpr,
+ request->last_cached_fprlen))
+ blfound = bl;
+ if (blfound)
+ blfound->final_fpr = 1;
+ }
+ key_item_unref (ki);
+ }
+
+ request->last_cached_valid = 0;
+}
+
+
+/* Put the key (BLOB,BLOBLEN) of PUBKEY_TYPE into the cache. */
+void
+be_cache_pubkey (ctrl_t ctrl, const unsigned char *ubid,
+ const void *blob, unsigned int bloblen,
+ enum pubkey_types pubkey_type)
+{
+ gpg_error_t err;
+
+ (void)ctrl;
+
+ if (pubkey_type == PUBKEY_TYPE_OPGP)
+ {
+ struct _keybox_openpgp_info info;
+ struct _keybox_openpgp_key_info *kinfo;
+
+ err = _keybox_parse_openpgp (blob, bloblen, NULL, &info);
+ if (err)
+ {
+ log_info ("cache: error parsing OpenPGP blob: %s\n",
+ gpg_strerror (err));
+ return;
+ }
+
+ blob_table_put (ubid, blob, bloblen);
+
+ kinfo = &info.primary;
+ key_table_put (kinfo->fpr, kinfo->fprlen, ubid, 0);
+ if (info.nsubkeys)
+ for (kinfo = &info.subkeys; kinfo; kinfo = kinfo->next)
+ key_table_put (kinfo->fpr, kinfo->fprlen, ubid, 1);
+
+ _keybox_destroy_openpgp_info (&info);
+ }
+
+}
+
+
+/* Put the a non-found mark for PUBKEY_TYPE into the cache. The
+ * indices are taken from the search descriptors (DESC,NDESC). */
+void
+be_cache_not_found (ctrl_t ctrl, enum pubkey_types pubkey_type,
+ KEYDB_SEARCH_DESC *desc, unsigned int ndesc)
+{
+ unsigned int n;
+
+ (void)ctrl;
+ (void)pubkey_type;
+
+ for (n=0; n < ndesc; n++)
+ {
+ switch (desc->mode)
+ {
+ case KEYDB_SEARCH_MODE_LONG_KID:
+ key_table_put_no_kid (desc[n].u.kid[0], desc[n].u.kid[1]);
+ break;
+
+ case KEYDB_SEARCH_MODE_FPR:
+ key_table_put_no_fpr (desc[n].u.fpr, desc[n].fprlen);
+ break;
+
+ default:
+ break;
+ }
+ }
+}
diff --git a/kbx/backend-kbx.c b/kbx/backend-kbx.c
index b8d39c2ed..e58b74a3b 100644
--- a/kbx/backend-kbx.c
+++ b/kbx/backend-kbx.c
@@ -1,292 +1,326 @@
/* backend-kbx.c - Keybox format backend for keyboxd
* Copyright (C) 2019 g10 Code GmbH
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see .
* SPDX-License-Identifier: GPL-3.0-or-later
*/
#include
#include
#include
#include
#include
#include "keyboxd.h"
#include "../common/i18n.h"
#include "backend.h"
#include "keybox.h"
/* Our definition of the backend handle. */
struct backend_handle_s
{
enum database_types db_type; /* Always DB_TYPE_KBX. */
- unsigned int backend_id; /* Id of this backend. */
+ unsigned int backend_id; /* Always the id of the backend. */
void *token; /* Used to create a new KEYBOX_HANDLE. */
char filename[1];
};
/* Check that the file FILENAME is a valid keybox file which can be
* used here. Common return codes:
*
* 0 := Valid keybox file
* GPG_ERR_ENOENT := No such file
* GPG_ERR_NO_OBJ := File exists with size zero.
* GPG_ERR_INV_OBJ:= File exists but is not a keybox file.
*/
static gpg_error_t
check_kbx_file_magic (const char *filename)
{
gpg_error_t err;
u32 magic;
unsigned char verbuf[4];
estream_t fp;
fp = es_fopen (filename, "rb");
if (!fp)
return gpg_error_from_syserror ();
err = gpg_error (GPG_ERR_INV_OBJ);
if (es_fread (&magic, 4, 1, fp) == 1 )
{
if (es_fread (&verbuf, 4, 1, fp) == 1
&& verbuf[0] == 1
&& es_fread (&magic, 4, 1, fp) == 1
&& !memcmp (&magic, "KBXf", 4))
{
err = 0;
}
}
else /* Maybe empty: Let's create it. */
err = gpg_error (GPG_ERR_NO_OBJ);
es_fclose (fp);
return err;
}
/* Create new keybox file. This can also be used if the keybox
* already exists but has a length of zero. Do not use it in any
* other cases. */
static gpg_error_t
create_keybox (const char *filename)
{
gpg_error_t err;
dotlock_t lockhd = NULL;
estream_t fp;
/* To avoid races with other temporary instances of keyboxd trying
* to create or update the keybox, we do the next stuff in a locked
* state. */
lockhd = dotlock_create (filename, 0);
if (!lockhd)
{
err = gpg_error_from_syserror ();
/* A reason for this to fail is that the directory is not
* writable. However, this whole locking stuff does not make
* sense if this is the case. An empty non-writable directory
* with no keybox is not really useful at all. */
if (opt.verbose)
log_info ("can't allocate lock for '%s': %s\n",
filename, gpg_strerror (err));
return err;
}
if ( dotlock_take (lockhd, -1) )
{
err = gpg_error_from_syserror ();
/* This is something bad. Probably a stale lockfile. */
log_info ("can't lock '%s': %s\n", filename, gpg_strerror (err));
goto leave;
}
/* Make sure that at least one record is in a new keybox file, so
* that the detection magic will work the next time it is used.
* We always set the OpenPGP blobs maybe availabale flag. */
fp = es_fopen (filename, "w+b,mode=-rw-------");
if (!fp)
{
err = gpg_error_from_syserror ();
log_error (_("error creating keybox '%s': %s\n"),
filename, gpg_strerror (err));
goto leave;
}
err = _keybox_write_header_blob (NULL, fp, 1);
es_fclose (fp);
if (err)
{
log_error (_("error creating keybox '%s': %s\n"),
filename, gpg_strerror (err));
goto leave;
}
if (!opt.quiet)
log_info (_("keybox '%s' created\n"), filename);
err = 0;
leave:
if (lockhd)
{
dotlock_release (lockhd);
dotlock_destroy (lockhd);
}
return err;
}
/* Install a new resource and return a handle for that backend. */
gpg_error_t
be_kbx_add_resource (ctrl_t ctrl, backend_handle_t *r_hd,
const char *filename, int readonly)
{
gpg_error_t err;
backend_handle_t hd;
void *token;
(void)ctrl;
*r_hd = NULL;
hd = xtrycalloc (1, sizeof *hd + strlen (filename));
if (!hd)
return gpg_error_from_syserror ();
hd->db_type = DB_TYPE_KBX;
strcpy (hd->filename, filename);
err = check_kbx_file_magic (filename);
switch (gpg_err_code (err))
{
case 0:
break;
case GPG_ERR_ENOENT:
case GPG_ERR_NO_OBJ:
if (readonly)
{
err = gpg_error (GPG_ERR_ENOENT);
goto leave;
}
err = create_keybox (filename);
if (err)
goto leave;
break;
default:
goto leave;
}
err = keybox_register_file (filename, 0, &token);
if (err)
goto leave;
hd->backend_id = be_new_backend_id ();
hd->token = token;
*r_hd = hd;
hd = NULL;
leave:
xfree (hd);
return 0;
}
/* Release the backend handle HD and all its resources. HD is not
* valid after a call to this function. */
void
be_kbx_release_resource (ctrl_t ctrl, backend_handle_t hd)
{
(void)ctrl;
if (!hd)
return;
hd->db_type = DB_TYPE_NONE;
xfree (hd);
}
void
be_kbx_release_kbx_hd (KEYBOX_HANDLE kbx_hd)
{
keybox_release (kbx_hd);
}
+/* Helper for be_find_request_part to initialize a kbx request part. */
+gpg_error_t
+be_kbx_init_request_part (backend_handle_t backend_hd, db_request_part_t part)
+{
+ part->kbx_hd = keybox_new_openpgp (backend_hd->token, 0);
+ if (!part->kbx_hd)
+ return gpg_error_from_syserror ();
+ return 0;
+}
+
+
/* Search for the keys described by (DESC,NDESC) and return them to
* the caller. BACKEND_HD is the handle for this backend and REQUEST
* is the current database request object. */
gpg_error_t
be_kbx_search (ctrl_t ctrl, backend_handle_t backend_hd, db_request_t request,
KEYDB_SEARCH_DESC *desc, unsigned int ndesc)
{
gpg_error_t err;
db_request_part_t part;
size_t descindex;
unsigned long skipped_long_blobs;
log_assert (backend_hd && backend_hd->db_type == DB_TYPE_KBX);
log_assert (request);
/* Find the specific request part or allocate it. */
- for (part = request->part; part; part = part->next)
- if (part->backend_id == backend_hd->backend_id)
- break;
- if (!part)
- {
- part = xtrycalloc (1, sizeof *part);
- if (!part)
- {
- err = gpg_error_from_syserror ();
- goto leave;
- }
- part->backend_id = backend_hd->backend_id;
- part->kbx_hd = keybox_new_openpgp (backend_hd->token, 0);
- if (!part->kbx_hd)
- {
- err = gpg_error_from_syserror ();
- xfree (part);
- goto leave;
- }
- part->next = request->part;
- request->part = part;
- }
+ err = be_find_request_part (backend_hd, request, &part);
+ if (err)
+ goto leave;
if (!desc)
err = keybox_search_reset (part->kbx_hd);
else
err = keybox_search (part->kbx_hd, desc, ndesc, KEYBOX_BLOBTYPE_PGP,
&descindex, &skipped_long_blobs);
if (err == -1)
err = gpg_error (GPG_ERR_EOF);
if (desc && !err)
{
/* Successful search operation. */
void *buffer;
size_t buflen;
enum pubkey_types pubkey_type;
+ unsigned char blobid[20];
err = keybox_get_data (part->kbx_hd, &buffer, &buflen, &pubkey_type);
if (err)
goto leave;
- /* Note: be_return_pubkey always takes ownership of BUFFER. */
- err = be_return_pubkey (ctrl, buffer, buflen, pubkey_type);
+ gcry_md_hash_buffer (GCRY_MD_SHA1, blobid, buffer, buflen);
+ err = be_return_pubkey (ctrl, buffer, buflen, pubkey_type, blobid);
+ if (!err)
+ be_cache_pubkey (ctrl, blobid, buffer, buflen, pubkey_type);
+ xfree (buffer);
}
leave:
return err;
}
+
+
+/* Seek in the keybox to the given UBID. BACKEND_HD is the handle for
+ * this backend and REQUEST is the current database request object.
+ * This does a dummy read so that the next search operation starts
+ * right after that UBID. */
+gpg_error_t
+be_kbx_seek (ctrl_t ctrl, backend_handle_t backend_hd,
+ db_request_t request, unsigned char *ubid)
+{
+ gpg_error_t err;
+ db_request_part_t part;
+ size_t descindex;
+ unsigned long skipped_long_blobs;
+ KEYDB_SEARCH_DESC desc;
+
+ log_assert (backend_hd && backend_hd->db_type == DB_TYPE_KBX);
+ log_assert (request);
+
+ memset (&desc, 0, sizeof desc);
+ desc.mode = KEYDB_SEARCH_MODE_UBID;
+ memcpy (desc.u.ubid, ubid, 20);
+
+ /* Find the specific request part or allocate it. */
+ err = be_find_request_part (backend_hd, request, &part);
+ if (err)
+ goto leave;
+
+ err = keybox_search_reset (part->kbx_hd);
+ if (!err)
+ err = keybox_search (part->kbx_hd, &desc, 1, 0,
+ &descindex, &skipped_long_blobs);
+ if (err == -1)
+ err = gpg_error (GPG_ERR_EOF);
+
+ leave:
+ return err;
+}
diff --git a/kbx/backend-support.c b/kbx/backend-support.c
index 28b51875c..62551cafa 100644
--- a/kbx/backend-support.c
+++ b/kbx/backend-support.c
@@ -1,128 +1,171 @@
/* backend-support.c - Supporting functions for the backend.
* Copyright (C) 2019 g10 Code GmbH
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see .
* SPDX-License-Identifier: GPL-3.0+
*/
#include
#include
#include
#include
#include
#include "keyboxd.h"
#include "../common/i18n.h"
#include "../common/asshelp.h"
#include "backend.h"
+#include "keybox.h"
-/* Common definition part of all backend handle. */
+/* Common definition part of all backend handle. All definitions of
+ * this structure must start with these fields. */
struct backend_handle_s
{
enum database_types db_type;
+ unsigned int backend_id;
};
/* Return a string with the name of the database type T. */
const char *
strdbtype (enum database_types t)
{
switch (t)
{
case DB_TYPE_NONE: return "none";
+ case DB_TYPE_CACHE:return "cache";
case DB_TYPE_KBX: return "keybox";
}
return "?";
}
/* Return a new backend ID. Backend IDs are used to identify backends
* without using the actual object. The number of backend resources
* is limited because they are specified in the config file. Thus an
* overflow check is not required. */
unsigned int
be_new_backend_id (void)
{
static unsigned int last;
return ++last;
}
/* Release the backend described by HD. This is a generic function
* which dispatches to the the actual backend. */
void
be_generic_release_backend (ctrl_t ctrl, backend_handle_t hd)
{
if (!hd)
return;
switch (hd->db_type)
{
case DB_TYPE_NONE:
xfree (hd);
break;
+ case DB_TYPE_CACHE:
+ be_cache_release_resource (ctrl, hd);
+ break;
case DB_TYPE_KBX:
be_kbx_release_resource (ctrl, hd);
break;
default:
log_error ("%s: faulty backend handle of type %d given\n",
__func__, hd->db_type);
}
}
/* Release the request object REQ. */
void
be_release_request (db_request_t req)
{
db_request_part_t part, partn;
if (!req)
return;
for (part = req->part; part; part = partn)
{
partn = part->next;
be_kbx_release_kbx_hd (part->kbx_hd);
xfree (part);
}
}
+/* Given the backend handle BACKEND_HD and the REQUEST find or
+ * allocate a request part for that backend and store it at R_PART.
+ * On error R_PART is set to NULL and an error returned. */
+gpg_error_t
+be_find_request_part (backend_handle_t backend_hd, db_request_t request,
+ db_request_part_t *r_part)
+{
+ gpg_error_t err;
+ db_request_part_t part;
+
+ for (part = request->part; part; part = part->next)
+ if (part->backend_id == backend_hd->backend_id)
+ break;
+ if (!part)
+ {
+ part = xtrycalloc (1, sizeof *part);
+ if (!part)
+ return gpg_error_from_syserror ();
+ part->backend_id = backend_hd->backend_id;
+ if (backend_hd->db_type == DB_TYPE_KBX)
+ {
+ err = be_kbx_init_request_part (backend_hd, part);
+ if (err)
+ {
+ xfree (part);
+ return err;
+ }
+ }
+ part->next = request->part;
+ request->part = part;
+ }
+ *r_part = part;
+ return 0;
+}
+
+
/* Return the public key (BUFFER,BUFLEN) which has the type
- * PUBVKEY_TYPE to the caller. Owenership of BUFFER is taken by thgis
- * function even in the error case. */
+ * PUBKEY_TYPE to the caller. */
gpg_error_t
-be_return_pubkey (ctrl_t ctrl, void *buffer, size_t buflen,
- enum pubkey_types pubkey_type)
+be_return_pubkey (ctrl_t ctrl, const void *buffer, size_t buflen,
+ enum pubkey_types pubkey_type, const unsigned char *ubid)
{
gpg_error_t err;
+ char hexubid[41];
- err = status_printf (ctrl, "PUBKEY_TYPE", "%d", pubkey_type);
+ bin2hex (ubid, 20, hexubid);
+ err = status_printf (ctrl, "PUBKEY_INFO", "%d %s", pubkey_type, hexubid);
if (err)
goto leave;
if (ctrl->no_data_return)
err = 0;
else
err = kbxd_write_data_line(ctrl, buffer, buflen);
leave:
- xfree (buffer);
return err;
}
diff --git a/kbx/backend.h b/kbx/backend.h
index e96f5023c..8b389d35c 100644
--- a/kbx/backend.h
+++ b/kbx/backend.h
@@ -1,95 +1,139 @@
/* backend.h - Definitions for keyboxd backends
* Copyright (C) 2019 g10 Code GmbH
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see .
*/
#ifndef KBX_BACKEND_H
#define KBX_BACKEND_H
#include "keybox-search-desc.h"
/* Forward declaration of the keybox handle type. */
struct keybox_handle;
typedef struct keybox_handle *KEYBOX_HANDLE;
/* The types of the backends. */
enum database_types
{
DB_TYPE_NONE, /* No database at all (unitialized etc.). */
+ DB_TYPE_CACHE, /* The cache backend (backend-cache.c). */
DB_TYPE_KBX /* Keybox type database (backend-kbx.c). */
};
/* Declaration of the backend handle. Each backend uses its own
* hidden handle structure with the only common thing being that the
* first field is the database_type to help with debugging. */
struct backend_handle_s;
typedef struct backend_handle_s *backend_handle_t;
-/* Object to store backend specific databsde information per database
+/* Object to store backend specific database information per database
* handle. */
struct db_request_part_s
{
struct db_request_part_s *next;
/* Id of the backend instance this object pertains to. */
unsigned int backend_id;
/* The handle used for a KBX backend or NULL. */
KEYBOX_HANDLE kbx_hd;
+
+ /* For the CACHE backend the indices into the bloblist for each
+ * index type. */
+ struct {
+ unsigned int fpr;
+ unsigned int kid;
+ unsigned int grip;
+ } cache_seqno;
};
typedef struct db_request_part_s *db_request_part_t;
/* A database request handle. This keeps per session search
* information as well as a list of per-backend infos. */
struct db_request_s
{
unsigned int any_search:1; /* Any search has been done. */
unsigned int any_found:1; /* Any object has been found. */
+ unsigned int last_cached_valid:1; /* see below */
+ unsigned int last_cached_final:1; /* see below */
+ unsigned int last_cached_fprlen:8;/* see below */
db_request_part_t part;
/* Counter to track the next to be searched database index. */
unsigned int next_dbidx;
+
+ /* The last UBID found in the cache and the corresponding keyid and,
+ * if found via fpr, the fingerprint. For the LAST_CACHE_FPRLEN see
+ * above. The entry here is only valid if LAST_CACHE_VALID is set;
+ * if LAST_CACHE_FINAL is also set, this indicates that no further
+ * database searches are required. */
+ unsigned char last_cached_ubid[20];
+ u32 last_cached_kid_h;
+ u32 last_cached_kid_l;
+ unsigned char last_cached_fpr[32];
};
/*-- backend-support.c --*/
const char *strdbtype (enum database_types t);
unsigned int be_new_backend_id (void);
void be_generic_release_backend (ctrl_t ctrl, backend_handle_t hd);
void be_release_request (db_request_t req);
-gpg_error_t be_return_pubkey (ctrl_t ctrl, void *buffer, size_t buflen,
- enum pubkey_types pubkey_type);
+gpg_error_t be_find_request_part (backend_handle_t backend_hd,
+ db_request_t request,
+ db_request_part_t *r_part);
+gpg_error_t be_return_pubkey (ctrl_t ctrl, const void *buffer, size_t buflen,
+ enum pubkey_types pubkey_type,
+ const unsigned char *ubid);
+
+
+/*-- backend-cache.c --*/
+gpg_error_t be_cache_add_resource (ctrl_t ctrl, backend_handle_t *r_hd);
+void be_cache_release_resource (ctrl_t ctrl, backend_handle_t hd);
+gpg_error_t be_cache_search (ctrl_t ctrl, backend_handle_t backend_hd,
+ db_request_t request,
+ KEYDB_SEARCH_DESC *desc, unsigned int ndesc);
+void be_cache_mark_final (ctrl_t ctrl, db_request_t request);
+void be_cache_pubkey (ctrl_t ctrl, const unsigned char *ubid,
+ const void *blob, unsigned int bloblen,
+ enum pubkey_types pubkey_type);
+void be_cache_not_found (ctrl_t ctrl, enum pubkey_types pubkey_type,
+ KEYDB_SEARCH_DESC *desc, unsigned int ndesc);
/*-- backend-kbx.c --*/
gpg_error_t be_kbx_add_resource (ctrl_t ctrl, backend_handle_t *r_hd,
const char *filename, int readonly);
void be_kbx_release_resource (ctrl_t ctrl, backend_handle_t hd);
void be_kbx_release_kbx_hd (KEYBOX_HANDLE kbx_hd);
+gpg_error_t be_kbx_init_request_part (backend_handle_t backend_hd,
+ db_request_part_t part);
gpg_error_t be_kbx_search (ctrl_t ctrl, backend_handle_t hd,
db_request_t request,
KEYDB_SEARCH_DESC *desc, unsigned int ndesc);
+gpg_error_t be_kbx_seek (ctrl_t ctrl, backend_handle_t backend_hd,
+ db_request_t request, unsigned char *ubid);
#endif /*KBX_BACKEND_H*/
diff --git a/kbx/frontend.c b/kbx/frontend.c
index 233cc1e0b..806ff27db 100644
--- a/kbx/frontend.c
+++ b/kbx/frontend.c
@@ -1,320 +1,381 @@
/* frontend.c - Database fronend code for keyboxd
* Copyright (C) 2019 g10 Code GmbH
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see .
* SPDX-License-Identifier: GPL-3.0+
*/
#include
#include
#include
#include
#include
#include "keyboxd.h"
#include
#include "../common/i18n.h"
#include "../common/userids.h"
#include "backend.h"
#include "frontend.h"
/* An object to describe a single database. */
struct db_desc_s
{
enum database_types db_type;
backend_handle_t backend_handle;
};
typedef struct db_desc_s *db_desc_t;
/* The table of databases and the size of that table. */
static db_desc_t databases;
static unsigned int no_of_databases;
/* Take a lock for reading the databases. */
static void
take_read_lock (ctrl_t ctrl)
{
/* FIXME */
(void)ctrl;
}
/* Take a lock for reading and writing the databases. */
/* static void */
/* take_read_write_lock (ctrl_t ctrl) */
/* { */
/* /\* FIXME *\/ */
/* (void)ctrl; */
/* } */
/* Release a lock. It is valid to call this even if no lock has been
- * taken which which case this is a nop. */
+ * taken in which case this is a nop. */
static void
release_lock (ctrl_t ctrl)
{
/* FIXME */
(void)ctrl;
}
/* Add a new resource to the database. Depending on the FILENAME
* suffix we decide which one to use. This function must be called at
* daemon startup because it employs no locking. If FILENAME has no
* directory separator, the file is expected or created below
* "$GNUPGHOME/public-keys-v1.d/". In READONLY mode the file must
* exists; otherwise it is created. */
gpg_error_t
kbxd_add_resource (ctrl_t ctrl, const char *filename_arg, int readonly)
{
gpg_error_t err;
char *filename;
- enum database_types db_type;
+ enum database_types db_type = 0;
backend_handle_t handle = NULL;
unsigned int n, dbidx;
/* Do tilde expansion etc. */
- if (strchr (filename_arg, DIRSEP_C)
+ if (!strcmp (filename_arg, "[cache]"))
+ {
+ filename = xstrdup (filename_arg);
+ db_type = DB_TYPE_CACHE;
+ }
+ else if (strchr (filename_arg, DIRSEP_C)
#ifdef HAVE_W32_SYSTEM
|| strchr (filename_arg, '/') /* Windows also accepts a slash. */
#endif
)
filename = make_filename (filename_arg, NULL);
else
filename = make_filename (gnupg_homedir (), GNUPG_PUBLIC_KEYS_DIR,
filename_arg, NULL);
+ /* If this is the first call to the function and the request is not
+ * for the cache backend, add the cache backend so that it will
+ * always be the first to be queried. */
+ if (!no_of_databases && !db_type)
+ {
+ err = kbxd_add_resource (ctrl, "[cache]", 0);
+ if (err)
+ goto leave;
+ }
+
n = strlen (filename);
- if (n > 4 && !strcmp (filename + n - 4, ".kbx"))
+ if (db_type)
+ ; /* We already know it. */
+ else if (n > 4 && !strcmp (filename + n - 4, ".kbx"))
db_type = DB_TYPE_KBX;
else
{
log_error (_("can't use file '%s': %s\n"), filename, _("unknown suffix"));
err = gpg_error (GPG_ERR_NOT_SUPPORTED);
goto leave;
}
err = gpg_error (GPG_ERR_BUG);
switch (db_type)
{
case DB_TYPE_NONE: /* NOTREACHED */
break;
+ case DB_TYPE_CACHE:
+ err = be_cache_add_resource (ctrl, &handle);
+ break;
+
case DB_TYPE_KBX:
err = be_kbx_add_resource (ctrl, &handle, filename, readonly);
break;
}
if (err)
goto leave;
/* All good, create an entry in the table. */
for (dbidx = 0; dbidx < no_of_databases; dbidx++)
if (!databases[dbidx].db_type)
break;
if (dbidx == no_of_databases)
{
/* No table yet or table is full. */
if (!databases)
{
- /* Create first set of data bases. Note that the type for all
- * entries is DB_TYPE_NONE. */
+ /* Create first set of databases. Note that the initial
+ * type for all entries is DB_TYPE_NONE. */
dbidx = 4;
databases = xtrycalloc (dbidx, sizeof *databases);
if (!databases)
{
err = gpg_error_from_syserror ();
goto leave;
}
no_of_databases = dbidx;
dbidx = 0; /* Put into first slot. */
}
else
{
db_desc_t newdb;
dbidx = no_of_databases + (no_of_databases == 4? 12 : 16);
newdb = xtrycalloc (dbidx, sizeof *databases);
if (!databases)
{
err = gpg_error_from_syserror ();
goto leave;
}
for (n=0; n < no_of_databases; n++)
newdb[n] = databases[n];
xfree (databases);
databases = newdb;
n = no_of_databases;
no_of_databases = dbidx;
dbidx = n; /* Put into first new slot. */
}
}
databases[dbidx].db_type = db_type;
databases[dbidx].backend_handle = handle;
handle = NULL;
leave:
if (err)
be_generic_release_backend (ctrl, handle);
xfree (filename);
return err;
}
/* Release all per session objects. */
void
kbxd_release_session_info (ctrl_t ctrl)
{
if (!ctrl)
return;
be_release_request (ctrl->opgp_req);
ctrl->opgp_req = NULL;
be_release_request (ctrl->x509_req);
ctrl->x509_req = NULL;
}
/* Search for the keys described by (DESC,NDESC) and return them to
* the caller. If RESET is set, the search state is first reset. */
gpg_error_t
kbxd_search (ctrl_t ctrl, KEYDB_SEARCH_DESC *desc, unsigned int ndesc,
int reset)
{
gpg_error_t err;
int i;
unsigned int dbidx;
db_desc_t db;
db_request_t request;
+ int start_at_ubid = 0;
if (DBG_CLOCK)
log_clock ("%s: enter", __func__);
if (DBG_LOOKUP)
{
log_debug ("%s: %u search descriptions:\n", __func__, ndesc);
for (i = 0; i < ndesc; i ++)
{
/* char *t = keydb_search_desc_dump (&desc[i]); */
/* log_debug ("%s %d: %s\n", __func__, i, t); */
/* xfree (t); */
}
}
take_read_lock (ctrl);
/* Allocate a handle object if none exists for this context. */
if (!ctrl->opgp_req)
{
ctrl->opgp_req = xtrycalloc (1, sizeof *ctrl->opgp_req);
if (!ctrl->opgp_req)
{
err = gpg_error_from_syserror ();
goto leave;
}
}
request = ctrl->opgp_req;
/* If requested do a reset. Using the reset flag is faster than
* letting the caller do a separate call for an intial reset. */
if (!desc || reset)
{
for (dbidx=0; dbidx < no_of_databases; dbidx++)
{
db = databases + dbidx;
if (!db->db_type)
continue; /* Empty slot. */
switch (db->db_type)
{
case DB_TYPE_NONE: /* NOTREACHED */
break;
+ case DB_TYPE_CACHE:
+ err = 0; /* Nothing to do. */
+ break;
+
case DB_TYPE_KBX:
err = be_kbx_search (ctrl, db->backend_handle, request, NULL, 0);
break;
}
if (err)
{
log_error ("error during the %ssearch reset: %s\n",
reset? "initial ":"", gpg_strerror (err));
goto leave;
}
}
request->any_search = 0;
request->any_found = 0;
request->next_dbidx = 0;
if (!desc) /* Reset only mode */
{
err = 0;
goto leave;
}
}
/* Move to the next non-empty slot. */
next_db:
for (dbidx=request->next_dbidx; (dbidx < no_of_databases
&& !databases[dbidx].db_type); dbidx++)
;
request->next_dbidx = dbidx;
if (!(dbidx < no_of_databases))
{
- /* All databases have been searched. */
+ /* All databases have been searched. Put the non-found mark
+ * into the cache for all descriptors.
+ * FIXME: We need to see which pubkey type we need to insert. */
+ be_cache_not_found (ctrl, PUBKEY_TYPE_UNKNOWN, desc, ndesc);
err = gpg_error (GPG_ERR_NOT_FOUND);
goto leave;
}
db = databases + dbidx;
/* Divert to the backend for the actual search. */
switch (db->db_type)
{
case DB_TYPE_NONE:
/* NOTREACHED */
err = gpg_error (GPG_ERR_INTERNAL);
break;
+ case DB_TYPE_CACHE:
+ err = be_cache_search (ctrl, db->backend_handle, request,
+ desc, ndesc);
+ /* Expected error codes from the cache lookup are:
+ * 0 - found and returned via the cache
+ * GPG_ERR_NOT_FOUND - marked in the cache as not available
+ * GPG_ERR_EOF - cache miss. */
+ break;
+
case DB_TYPE_KBX:
+ if (start_at_ubid)
+ {
+ /* We need to set the startpoint for the search. */
+ err = be_kbx_seek (ctrl, db->backend_handle, request,
+ request->last_cached_ubid);
+ if (err)
+ {
+ log_debug ("%s: seeking %s to an UBID failed: %s\n",
+ __func__, strdbtype (db->db_type), gpg_strerror (err));
+ break;
+ }
+ }
err = be_kbx_search (ctrl, db->backend_handle, request,
desc, ndesc);
+ if (start_at_ubid && gpg_err_code (err) == GPG_ERR_EOF)
+ be_cache_mark_final (ctrl, request);
break;
}
if (DBG_LOOKUP)
log_debug ("%s: searched %s (db %u of %u) => %s\n",
__func__, strdbtype (db->db_type), dbidx, no_of_databases,
gpg_strerror (err));
request->any_search = 1;
+ start_at_ubid = 0;
if (!err)
- request->any_found = 1;
+ {
+ request->any_found = 1;
+ }
else if (gpg_err_code (err) == GPG_ERR_EOF)
{
+ if (db->db_type == DB_TYPE_CACHE && request->last_cached_valid)
+ {
+ if (request->last_cached_final)
+ goto leave;
+ start_at_ubid = 1;
+ }
request->next_dbidx++;
goto next_db;
}
leave:
release_lock (ctrl);
if (DBG_CLOCK)
log_clock ("%s: leave (%s)", __func__, err? "not found" : "found");
return err;
}
diff --git a/kbx/kbxserver.c b/kbx/kbxserver.c
index c693c7ce2..929ee6116 100644
--- a/kbx/kbxserver.c
+++ b/kbx/kbxserver.c
@@ -1,775 +1,775 @@
/* kbxserver.c - Handle Assuan commands send to the keyboxd
* Copyright (C) 2019 g10 Code GmbH
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see .
* SPDX-License-Identifier: GPL-3.0+
*/
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include "keyboxd.h"
#include
#include "../common/i18n.h"
#include "../common/server-help.h"
#include "../common/userids.h"
#include "../common/asshelp.h"
#include "../common/host2net.h"
#include "frontend.h"
#define PARM_ERROR(t) assuan_set_error (ctx, \
gpg_error (GPG_ERR_ASS_PARAMETER), (t))
#define set_error(e,t) (ctx ? assuan_set_error (ctx, gpg_error (e), (t)) \
/**/: gpg_error (e))
/* Control structure per connection. */
struct server_local_s
{
/* Data used to associate an Assuan context with local server data */
assuan_context_t assuan_ctx;
/* The session id (a counter). */
unsigned int session_id;
/* If this flag is set to true this process will be terminated after
* the end of this session. */
int stopme;
/* If the first both flags are set the assuan logging of data lines
* is suppressed. The count variable is used to show the number of
* non-logged bytes. */
size_t inhibit_data_logging_count;
unsigned int inhibit_data_logging : 1;
unsigned int inhibit_data_logging_now : 1;
/* This flag is set if the last search command was called with --more. */
unsigned int search_expecting_more : 1;
/* This flag is set if the last search command was successful. */
unsigned int search_any_found : 1;
/* The first is the current search description as parsed by the
* cmd_search. If more than one pattern is required, cmd_search
* also allocates and sets multi_search_desc and
* multi_search_desc_len. If a search description has ever been
* allocated the allocated size is stored at
* multi_search_desc_size. */
KEYBOX_SEARCH_DESC search_desc;
KEYBOX_SEARCH_DESC *multi_search_desc;
unsigned int multi_search_desc_size;
unsigned int multi_search_desc_len;
/* If not NULL write output to this stream instead of using D lines. */
estream_t outstream;
};
/* Return the assuan contxt from the local server info in CTRL. */
static assuan_context_t
get_assuan_ctx_from_ctrl (ctrl_t ctrl)
{
if (!ctrl || !ctrl->server_local)
return NULL;
return ctrl->server_local->assuan_ctx;
}
/* If OUTPUT has been used prepare the output FD for use. This needs
* to be called by all functions which will in any way use
* kbxd_write_data_line later. Whether the output goes to the output
* stream is decided by this function. */
static gpg_error_t
prepare_outstream (ctrl_t ctrl)
{
int fd;
log_assert (ctrl && ctrl->server_local);
if (ctrl->server_local->outstream)
return 0; /* Already enabled. */
fd = translate_sys2libc_fd
(assuan_get_output_fd (get_assuan_ctx_from_ctrl (ctrl)), 1);
if (fd == -1)
return 0; /* No Output command active. */
ctrl->server_local->outstream = es_fdopen_nc (fd, "w");
if (!ctrl->server_local->outstream)
return gpg_err_code_from_syserror ();
return 0;
}
/* The usual writen function; here with diagnostic output. */
static gpg_error_t
kbxd_writen (estream_t fp, const void *buffer, size_t length)
{
gpg_error_t err;
size_t nwritten;
if (es_write (fp, buffer, length, &nwritten))
{
err = gpg_error_from_syserror ();
log_error ("error writing OUTPUT: %s\n", gpg_strerror (err));
}
else if (length != nwritten)
{
err = gpg_error (GPG_ERR_EIO);
log_error ("error writing OUTPUT: %s\n", "short write");
}
else
err = 0;
return err;
}
/* A wrapper around assuan_send_data which makes debugging the output
* in verbose mode easier. It also takes CTRL as argument. */
gpg_error_t
kbxd_write_data_line (ctrl_t ctrl, const void *buffer_arg, size_t size)
{
const char *buffer = buffer_arg;
assuan_context_t ctx = get_assuan_ctx_from_ctrl (ctrl);
gpg_error_t err;
if (!ctx) /* Oops - no assuan context. */
return gpg_error (GPG_ERR_NOT_PROCESSED);
/* Write toa file descriptor if enabled. */
if (ctrl && ctrl->server_local && ctrl->server_local->outstream)
{
unsigned char lenbuf[4];
ulongtobuf (lenbuf, size);
err = kbxd_writen (ctrl->server_local->outstream, lenbuf, 4);
if (!err)
err = kbxd_writen (ctrl->server_local->outstream, buffer, size);
if (!err && es_fflush (ctrl->server_local->outstream))
{
err = gpg_error_from_syserror ();
log_error ("error writing OUTPUT: %s\n", gpg_strerror (err));
}
goto leave;
}
/* If we do not want logging, enable it here. */
if (ctrl && ctrl->server_local && ctrl->server_local->inhibit_data_logging)
ctrl->server_local->inhibit_data_logging_now = 1;
if (0 && opt.verbose && buffer && size)
{
/* Ease reading of output by limiting the line length. */
size_t n, nbytes;
nbytes = size;
do
{
n = nbytes > 64? 64 : nbytes;
err = assuan_send_data (ctx, buffer, n);
if (err)
{
gpg_err_set_errno (EIO);
goto leave;
}
buffer += n;
nbytes -= n;
if (nbytes && (err=assuan_send_data (ctx, NULL, 0))) /* Flush line. */
{
gpg_err_set_errno (EIO);
goto leave;
}
}
while (nbytes);
}
else
{
err = assuan_send_data (ctx, buffer, size);
if (err)
{
gpg_err_set_errno (EIO); /* For use by data_line_cookie_write. */
goto leave;
}
}
leave:
if (ctrl && ctrl->server_local && ctrl->server_local->inhibit_data_logging)
{
ctrl->server_local->inhibit_data_logging_count += size;
ctrl->server_local->inhibit_data_logging_now = 0;
}
return err;
}
/* Helper to print a message while leaving a command. */
static gpg_error_t
leave_cmd (assuan_context_t ctx, gpg_error_t err)
{
- if (err)
+ if (err && opt.verbose)
{
const char *name = assuan_get_command_name (ctx);
if (!name)
name = "?";
if (gpg_err_source (err) == GPG_ERR_SOURCE_DEFAULT)
log_error ("command '%s' failed: %s\n", name,
gpg_strerror (err));
else
log_error ("command '%s' failed: %s <%s>\n", name,
gpg_strerror (err), gpg_strsource (err));
}
return err;
}
/* Handle OPTION commands. */
static gpg_error_t
option_handler (assuan_context_t ctx, const char *key, const char *value)
{
ctrl_t ctrl = assuan_get_pointer (ctx);
gpg_error_t err = 0;
if (!strcmp (key, "lc-messages"))
{
if (ctrl->lc_messages)
xfree (ctrl->lc_messages);
ctrl->lc_messages = xtrystrdup (value);
if (!ctrl->lc_messages)
return out_of_core ();
}
else
err = gpg_error (GPG_ERR_UNKNOWN_OPTION);
return err;
}
static const char hlp_search[] =
"SEARCH [--no-data] [[--more] PATTERN]\n"
"\n"
"Search for the keys identified by PATTERN. With --more more\n"
"patterns to be used for the search are expected with the next\n"
"command. With --no-data only the search status is returned but\n"
"not the actual data. See also \"NEXT\".";
static gpg_error_t
cmd_search (assuan_context_t ctx, char *line)
{
ctrl_t ctrl = assuan_get_pointer (ctx);
int opt_more, opt_no_data;
gpg_error_t err;
unsigned int n, k;
opt_no_data = has_option (line, "--no-data");
opt_more = has_option (line, "--more");
line = skip_options (line);
ctrl->server_local->search_any_found = 0;
if (!*line)
{
if (opt_more)
{
err = set_error (GPG_ERR_INV_ARG, "--more but no pattern");
goto leave;
}
else if (!*line && ctrl->server_local->search_expecting_more)
{
/* It would be too surprising to first set a pattern but
* finally add no pattern to search the entire DB. */
err = set_error (GPG_ERR_INV_ARG, "--more pending but no pattern");
goto leave;
}
else /* No pattern - return the first item. */
{
memset (&ctrl->server_local->search_desc, 0,
sizeof ctrl->server_local->search_desc);
ctrl->server_local->search_desc.mode = KEYDB_SEARCH_MODE_FIRST;
}
}
else
{
err = classify_user_id (line, &ctrl->server_local->search_desc, 0);
if (err)
goto leave;
}
if (opt_more || ctrl->server_local->search_expecting_more)
{
/* More pattern are expected - store the current one and return
* success. */
if (!ctrl->server_local->multi_search_desc_size)
{
n = 10;
ctrl->server_local->multi_search_desc
= xtrycalloc (n, sizeof *ctrl->server_local->multi_search_desc);
if (!ctrl->server_local->multi_search_desc)
{
err = gpg_error_from_syserror ();
goto leave;
}
ctrl->server_local->multi_search_desc_size = n;
}
if (ctrl->server_local->multi_search_desc_len
== ctrl->server_local->multi_search_desc_size)
{
KEYBOX_SEARCH_DESC *desc;
n = ctrl->server_local->multi_search_desc_size + 10;
desc = xtrycalloc (n, sizeof *desc);
if (!desc)
{
err = gpg_error_from_syserror ();
goto leave;
}
for (k=0; k < ctrl->server_local->multi_search_desc_size; k++)
desc[k] = ctrl->server_local->multi_search_desc[k];
xfree (ctrl->server_local->multi_search_desc);
ctrl->server_local->multi_search_desc = desc;
ctrl->server_local->multi_search_desc_size = n;
}
/* Actually store. */
ctrl->server_local->multi_search_desc
[ctrl->server_local->multi_search_desc_len++]
= ctrl->server_local->search_desc;
if (opt_more)
{
/* We need to be called aagain with more pattern. */
ctrl->server_local->search_expecting_more = 1;
goto leave;
}
ctrl->server_local->search_expecting_more = 0;
/* Continue with the actual search. */
}
else
ctrl->server_local->multi_search_desc_len = 0;
ctrl->server_local->inhibit_data_logging = 1;
ctrl->server_local->inhibit_data_logging_now = 0;
ctrl->server_local->inhibit_data_logging_count = 0;
ctrl->no_data_return = opt_no_data;
err = prepare_outstream (ctrl);
if (err)
;
else if (ctrl->server_local->multi_search_desc_len)
err = kbxd_search (ctrl, ctrl->server_local->multi_search_desc,
ctrl->server_local->multi_search_desc_len, 1);
else
err = kbxd_search (ctrl, &ctrl->server_local->search_desc, 1, 1);
if (err)
goto leave;
/* Set a flag for use by NEXT. */
ctrl->server_local->search_any_found = 1;
leave:
if (err)
ctrl->server_local->multi_search_desc_len = 0;
ctrl->no_data_return = 0;
ctrl->server_local->inhibit_data_logging = 0;
return leave_cmd (ctx, err);
}
static const char hlp_next[] =
"NEXT [--no-data]\n"
"\n"
"Get the next search result from a previus search.";
static gpg_error_t
cmd_next (assuan_context_t ctx, char *line)
{
ctrl_t ctrl = assuan_get_pointer (ctx);
int opt_no_data;
gpg_error_t err;
opt_no_data = has_option (line, "--no-data");
line = skip_options (line);
if (*line)
{
err = set_error (GPG_ERR_INV_ARG, "no args expected");
goto leave;
}
if (!ctrl->server_local->search_any_found)
{
err = set_error (GPG_ERR_NOTHING_FOUND, "no previous SEARCH");
goto leave;
}
ctrl->server_local->inhibit_data_logging = 1;
ctrl->server_local->inhibit_data_logging_now = 0;
ctrl->server_local->inhibit_data_logging_count = 0;
ctrl->no_data_return = opt_no_data;
err = prepare_outstream (ctrl);
if (err)
;
else if (ctrl->server_local->multi_search_desc_len)
{
/* The next condition should never be tru but we better handle
* the first/next transition anyway. */
if (ctrl->server_local->multi_search_desc[0].mode
== KEYDB_SEARCH_MODE_FIRST)
ctrl->server_local->multi_search_desc[0].mode = KEYDB_SEARCH_MODE_NEXT;
err = kbxd_search (ctrl, ctrl->server_local->multi_search_desc,
ctrl->server_local->multi_search_desc_len, 0);
}
else
{
/* We need to do the transition from first to next here. */
if (ctrl->server_local->search_desc.mode == KEYDB_SEARCH_MODE_FIRST)
ctrl->server_local->search_desc.mode = KEYDB_SEARCH_MODE_NEXT;
err = kbxd_search (ctrl, &ctrl->server_local->search_desc, 1, 0);
}
if (err)
goto leave;
leave:
ctrl->no_data_return = 0;
ctrl->server_local->inhibit_data_logging = 0;
return leave_cmd (ctx, err);
}
static const char hlp_getinfo[] =
"GETINFO \n"
"\n"
"Multi purpose command to return certain information. \n"
"Supported values of WHAT are:\n"
"\n"
"version - Return the version of the program.\n"
"pid - Return the process id of the server.\n"
"socket_name - Return the name of the socket.\n"
"session_id - Return the current session_id.\n"
"getenv NAME - Return value of envvar NAME\n";
static gpg_error_t
cmd_getinfo (assuan_context_t ctx, char *line)
{
ctrl_t ctrl = assuan_get_pointer (ctx);
gpg_error_t err;
char numbuf[50];
if (!strcmp (line, "version"))
{
const char *s = VERSION;
err = assuan_send_data (ctx, s, strlen (s));
}
else if (!strcmp (line, "pid"))
{
snprintf (numbuf, sizeof numbuf, "%lu", (unsigned long)getpid ());
err = assuan_send_data (ctx, numbuf, strlen (numbuf));
}
else if (!strcmp (line, "socket_name"))
{
const char *s = get_kbxd_socket_name ();
if (!s)
s = "[none]";
err = assuan_send_data (ctx, s, strlen (s));
}
else if (!strcmp (line, "session_id"))
{
snprintf (numbuf, sizeof numbuf, "%u", ctrl->server_local->session_id);
err = assuan_send_data (ctx, numbuf, strlen (numbuf));
}
else if (!strncmp (line, "getenv", 6)
&& (line[6] == ' ' || line[6] == '\t' || !line[6]))
{
line += 6;
while (*line == ' ' || *line == '\t')
line++;
if (!*line)
err = gpg_error (GPG_ERR_MISSING_VALUE);
else
{
const char *s = getenv (line);
if (!s)
err = set_error (GPG_ERR_NOT_FOUND, "No such envvar");
else
err = assuan_send_data (ctx, s, strlen (s));
}
}
else
err = set_error (GPG_ERR_ASS_PARAMETER, "unknown value for WHAT");
return leave_cmd (ctx, err);
}
static const char hlp_killkeyboxd[] =
"KILLKEYBOXD\n"
"\n"
"This command allows a user - given sufficient permissions -\n"
"to kill this keyboxd process.\n";
static gpg_error_t
cmd_killkeyboxd (assuan_context_t ctx, char *line)
{
ctrl_t ctrl = assuan_get_pointer (ctx);
(void)line;
ctrl->server_local->stopme = 1;
assuan_set_flag (ctx, ASSUAN_FORCE_CLOSE, 1);
return gpg_error (GPG_ERR_EOF);
}
static const char hlp_reloadkeyboxd[] =
"RELOADKEYBOXD\n"
"\n"
"This command is an alternative to SIGHUP\n"
"to reload the configuration.";
static gpg_error_t
cmd_reloadkeyboxd (assuan_context_t ctx, char *line)
{
(void)ctx;
(void)line;
kbxd_sighup_action ();
return 0;
}
static const char hlp_output[] =
"OUTPUT FD[=]\n"
"\n"
"Set the file descriptor to write the output data to N. If N is not\n"
"given and the operating system supports file descriptor passing, the\n"
"file descriptor currently in flight will be used.";
/* Tell the assuan library about our commands. */
static int
register_commands (assuan_context_t ctx)
{
static struct {
const char *name;
assuan_handler_t handler;
const char * const help;
} table[] = {
{ "SEARCH", cmd_search, hlp_search },
{ "NEXT", cmd_next, hlp_next },
{ "GETINFO", cmd_getinfo, hlp_getinfo },
{ "OUTPUT", NULL, hlp_output },
{ "KILLKEYBOXD",cmd_killkeyboxd,hlp_killkeyboxd },
{ "RELOADKEYBOXD",cmd_reloadkeyboxd,hlp_reloadkeyboxd },
{ NULL, NULL }
};
int i, j, rc;
for (i=j=0; table[i].name; i++)
{
rc = assuan_register_command (ctx, table[i].name, table[i].handler,
table[i].help);
if (rc)
return rc;
}
return 0;
}
/* Note that we do not reset the list of configured keyservers. */
static gpg_error_t
reset_notify (assuan_context_t ctx, char *line)
{
ctrl_t ctrl = assuan_get_pointer (ctx);
(void)line;
(void)ctrl;
return 0;
}
/* This function is called by our assuan log handler to test whether a
* log message shall really be printed. The function must return
* false to inhibit the logging of MSG. CAT gives the requested log
* category. MSG might be NULL. */
int
kbxd_assuan_log_monitor (assuan_context_t ctx, unsigned int cat,
const char *msg)
{
ctrl_t ctrl = assuan_get_pointer (ctx);
(void)cat;
(void)msg;
if (!ctrl || !ctrl->server_local)
return 1; /* Can't decide - allow logging. */
if (!ctrl->server_local->inhibit_data_logging)
return 1; /* Not requested - allow logging. */
/* Disallow logging if *_now is true. */
return !ctrl->server_local->inhibit_data_logging_now;
}
/* Startup the server and run the main command loop. With FD = -1,
* use stdin/stdout. SESSION_ID is either 0 or a unique number
* identifying a session. */
void
kbxd_start_command_handler (ctrl_t ctrl, gnupg_fd_t fd, unsigned int session_id)
{
static const char hello[] = "Keyboxd " VERSION " at your service";
static char *hello_line;
int rc;
assuan_context_t ctx;
ctrl->server_local = xtrycalloc (1, sizeof *ctrl->server_local);
if (!ctrl->server_local)
{
log_error (_("can't allocate control structure: %s\n"),
gpg_strerror (gpg_error_from_syserror ()));
xfree (ctrl);
return;
}
rc = assuan_new (&ctx);
if (rc)
{
log_error (_("failed to allocate assuan context: %s\n"),
gpg_strerror (rc));
kbxd_exit (2);
}
if (fd == GNUPG_INVALID_FD)
{
assuan_fd_t filedes[2];
filedes[0] = assuan_fdopen (0);
filedes[1] = assuan_fdopen (1);
rc = assuan_init_pipe_server (ctx, filedes);
}
else
{
rc = assuan_init_socket_server (ctx, fd,
(ASSUAN_SOCKET_SERVER_ACCEPTED
|ASSUAN_SOCKET_SERVER_FDPASSING));
}
if (rc)
{
assuan_release (ctx);
log_error (_("failed to initialize the server: %s\n"),
gpg_strerror (rc));
kbxd_exit (2);
}
rc = register_commands (ctx);
if (rc)
{
log_error (_("failed to the register commands with Assuan: %s\n"),
gpg_strerror(rc));
kbxd_exit (2);
}
if (!hello_line)
{
hello_line = xtryasprintf
("Home: %s\n"
"Config: %s\n"
"%s",
gnupg_homedir (),
/*opt.config_filename? opt.config_filename :*/ "[none]",
hello);
}
ctrl->server_local->assuan_ctx = ctx;
assuan_set_pointer (ctx, ctrl);
assuan_set_hello_line (ctx, hello_line);
assuan_register_option_handler (ctx, option_handler);
assuan_register_reset_notify (ctx, reset_notify);
ctrl->server_local->session_id = session_id;
/* The next call enable the use of status_printf. */
set_assuan_context_func (get_assuan_ctx_from_ctrl);
for (;;)
{
rc = assuan_accept (ctx);
if (rc == -1)
break;
if (rc)
{
log_info (_("Assuan accept problem: %s\n"), gpg_strerror (rc));
break;
}
#ifndef HAVE_W32_SYSTEM
if (opt.verbose)
{
assuan_peercred_t peercred;
if (!assuan_get_peercred (ctx, &peercred))
log_info ("connection from process %ld (%ld:%ld)\n",
(long)peercred->pid, (long)peercred->uid,
(long)peercred->gid);
}
#endif
rc = assuan_process (ctx);
if (rc)
{
log_info (_("Assuan processing failed: %s\n"), gpg_strerror (rc));
continue;
}
}
assuan_close_output_fd (ctx);
set_assuan_context_func (NULL);
ctrl->server_local->assuan_ctx = NULL;
assuan_release (ctx);
if (ctrl->server_local->stopme)
kbxd_exit (0);
if (ctrl->refcount)
log_error ("oops: connection control structure still referenced (%d)\n",
ctrl->refcount);
else
{
xfree (ctrl->server_local->multi_search_desc);
xfree (ctrl->server_local);
ctrl->server_local = NULL;
}
}
diff --git a/kbx/keybox-search-desc.h b/kbx/keybox-search-desc.h
index fdd0bcbf9..7fa97e97b 100644
--- a/kbx/keybox-search-desc.h
+++ b/kbx/keybox-search-desc.h
@@ -1,94 +1,96 @@
/* keybox-search-desc.h - Keybox serch description
* Copyright (C) 2001 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see .
*/
/*
This file is a temporary kludge until we can come up with solution
to share this description between keybox and the application
specific keydb
*/
#ifndef KEYBOX_SEARCH_DESC_H
#define KEYBOX_SEARCH_DESC_H 1
typedef enum {
KEYDB_SEARCH_MODE_NONE,
KEYDB_SEARCH_MODE_EXACT,
KEYDB_SEARCH_MODE_SUBSTR,
KEYDB_SEARCH_MODE_MAIL,
KEYDB_SEARCH_MODE_MAILSUB,
KEYDB_SEARCH_MODE_MAILEND,
KEYDB_SEARCH_MODE_WORDS,
KEYDB_SEARCH_MODE_SHORT_KID,
KEYDB_SEARCH_MODE_LONG_KID,
KEYDB_SEARCH_MODE_FPR, /* (Length of fpr in .fprlen) */
KEYDB_SEARCH_MODE_ISSUER,
KEYDB_SEARCH_MODE_ISSUER_SN,
KEYDB_SEARCH_MODE_SN,
KEYDB_SEARCH_MODE_SUBJECT,
KEYDB_SEARCH_MODE_KEYGRIP,
+ KEYDB_SEARCH_MODE_UBID,
KEYDB_SEARCH_MODE_FIRST,
KEYDB_SEARCH_MODE_NEXT
} KeydbSearchMode;
/* Identifiers for the public key types we use in GnuPG. */
enum pubkey_types
{
PUBKEY_TYPE_UNKNOWN = 0,
PUBKEY_TYPE_OPGP = 1,
PUBKEY_TYPE_X509 = 2
};
/* Forward declaration. See g10/packet.h. */
struct gpg_pkt_user_id_s;
typedef struct gpg_pkt_user_id_s *gpg_pkt_user_id_t;
/* A search descriptor. */
struct keydb_search_desc
{
KeydbSearchMode mode;
/* Callback used to filter results. The first parameter is
SKIPFUNCVALUE. The second is the keyid. The third is the
1-based index of the UID packet that matched the search criteria
(or 0, if none).
Return non-zero if the result should be skipped. */
int (*skipfnc)(void *, u32 *, int);
void *skipfncvalue;
const unsigned char *sn;
int snlen; /* -1 := sn is a hex string */
union {
const char *name;
unsigned char fpr[32];
u32 kid[2]; /* Note that this is in native endianness. */
unsigned char grip[20];
+ unsigned char ubid[20];
} u;
byte fprlen; /* Only used with KEYDB_SEARCH_MODE_FPR. */
int exact; /* Use exactly this key ('!' suffix in gpg). */
};
struct keydb_search_desc;
typedef struct keydb_search_desc KEYDB_SEARCH_DESC;
typedef struct keydb_search_desc KEYBOX_SEARCH_DESC;
#endif /*KEYBOX_SEARCH_DESC_H*/
diff --git a/kbx/keybox-search.c b/kbx/keybox-search.c
index 971f93745..cb763cf5f 100644
--- a/kbx/keybox-search.c
+++ b/kbx/keybox-search.c
@@ -1,1406 +1,1430 @@
/* keybox-search.c - Search operations
* Copyright (C) 2001, 2002, 2003, 2004, 2012,
* 2013 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see .
*/
#include
#include
#include
#include
#include
#include
#include "keybox-defs.h"
#include
#include "../common/host2net.h"
#include "../common/mbox-util.h"
#define xtoi_1(p) (*(p) <= '9'? (*(p)- '0'): \
*(p) <= 'F'? (*(p)-'A'+10):(*(p)-'a'+10))
#define xtoi_2(p) ((xtoi_1(p) * 16) + xtoi_1((p)+1))
struct sn_array_s {
int snlen;
unsigned char *sn;
};
#define get32(a) buf32_to_ulong ((a))
#define get16(a) buf16_to_ulong ((a))
static inline unsigned int
blob_get_blob_flags (KEYBOXBLOB blob)
{
const unsigned char *buffer;
size_t length;
buffer = _keybox_get_blob_image (blob, &length);
if (length < 8)
return 0; /* oops */
return get16 (buffer + 6);
}
/* Return the first keyid from the blob. Returns true if
available. */
static int
blob_get_first_keyid (KEYBOXBLOB blob, u32 *kid)
{
const unsigned char *buffer;
size_t length, nkeys, keyinfolen;
int fpr32;
buffer = _keybox_get_blob_image (blob, &length);
if (length < 48)
return 0; /* blob too short */
fpr32 = buffer[5] == 2;
if (fpr32 && length < 56)
return 0; /* blob to short */
nkeys = get16 (buffer + 16);
keyinfolen = get16 (buffer + 18);
if (!nkeys || keyinfolen < (fpr32?56:28))
return 0; /* invalid blob */
if (fpr32 && (get16 (buffer + 20 + 32) & 0x80))
{
/* 32 byte fingerprint. */
kid[0] = get32 (buffer + 20);
kid[1] = get32 (buffer + 20 + 4);
}
else /* 20 byte fingerprint. */
{
kid[0] = get32 (buffer + 20 + 12);
kid[1] = get32 (buffer + 20 + 16);
}
return 1;
}
/* Return information on the flag WHAT within the blob BUFFER,LENGTH.
Return the offset and the length (in bytes) of the flag in
FLAGOFF,FLAG_SIZE. */
gpg_err_code_t
_keybox_get_flag_location (const unsigned char *buffer, size_t length,
int what, size_t *flag_off, size_t *flag_size)
{
size_t pos;
size_t nkeys, keyinfolen;
size_t nuids, uidinfolen;
size_t nserial;
size_t nsigs, siginfolen, siginfooff;
switch (what)
{
case KEYBOX_FLAG_BLOB:
if (length < 8)
return GPG_ERR_INV_OBJ;
*flag_off = 6;
*flag_size = 2;
break;
case KEYBOX_FLAG_OWNERTRUST:
case KEYBOX_FLAG_VALIDITY:
case KEYBOX_FLAG_CREATED_AT:
case KEYBOX_FLAG_SIG_INFO:
if (length < 20)
return GPG_ERR_INV_OBJ;
/* Key info. */
nkeys = get16 (buffer + 16);
keyinfolen = get16 (buffer + 18 );
if (keyinfolen < 28)
return GPG_ERR_INV_OBJ;
pos = 20 + keyinfolen*nkeys;
if (pos+2 > length)
return GPG_ERR_INV_OBJ; /* Out of bounds. */
/* Serial number. */
nserial = get16 (buffer+pos);
pos += 2 + nserial;
if (pos+4 > length)
return GPG_ERR_INV_OBJ; /* Out of bounds. */
/* User IDs. */
nuids = get16 (buffer + pos); pos += 2;
uidinfolen = get16 (buffer + pos); pos += 2;
if (uidinfolen < 12 )
return GPG_ERR_INV_OBJ;
pos += uidinfolen*nuids;
if (pos+4 > length)
return GPG_ERR_INV_OBJ ; /* Out of bounds. */
/* Signature info. */
siginfooff = pos;
nsigs = get16 (buffer + pos); pos += 2;
siginfolen = get16 (buffer + pos); pos += 2;
if (siginfolen < 4 )
return GPG_ERR_INV_OBJ;
pos += siginfolen*nsigs;
if (pos+1+1+2+4+4+4+4 > length)
return GPG_ERR_INV_OBJ ; /* Out of bounds. */
*flag_size = 1;
*flag_off = pos;
switch (what)
{
case KEYBOX_FLAG_VALIDITY:
*flag_off += 1;
break;
case KEYBOX_FLAG_CREATED_AT:
*flag_size = 4;
*flag_off += 1+2+4+4+4;
break;
case KEYBOX_FLAG_SIG_INFO:
*flag_size = siginfolen * nsigs;
*flag_off = siginfooff;
break;
default:
break;
}
break;
default:
return GPG_ERR_INV_FLAG;
}
return 0;
}
/* Return one of the flags WHAT in VALUE from the blob BUFFER of
LENGTH bytes. Return 0 on success or an raw error code. */
static gpg_err_code_t
get_flag_from_image (const unsigned char *buffer, size_t length,
int what, unsigned int *value)
{
gpg_err_code_t ec;
size_t pos, size;
*value = 0;
ec = _keybox_get_flag_location (buffer, length, what, &pos, &size);
if (!ec)
switch (size)
{
case 1: *value = buffer[pos]; break;
case 2: *value = get16 (buffer + pos); break;
case 4: *value = get32 (buffer + pos); break;
default: ec = GPG_ERR_BUG; break;
}
return ec;
}
static int
blob_cmp_sn (KEYBOXBLOB blob, const unsigned char *sn, int snlen)
{
const unsigned char *buffer;
size_t length;
size_t pos, off;
size_t nkeys, keyinfolen;
size_t nserial;
buffer = _keybox_get_blob_image (blob, &length);
if (length < 40)
return 0; /* blob too short */
/*keys*/
nkeys = get16 (buffer + 16);
keyinfolen = get16 (buffer + 18 );
if (keyinfolen < 28)
return 0; /* invalid blob */
pos = 20 + keyinfolen*nkeys;
if (pos+2 > length)
return 0; /* out of bounds */
/*serial*/
nserial = get16 (buffer+pos);
off = pos + 2;
if (off+nserial > length)
return 0; /* out of bounds */
return nserial == snlen && !memcmp (buffer+off, sn, snlen);
}
/* Returns 0 if not found or the number of the key which was found.
For X.509 this is always 1, for OpenPGP this is 1 for the primary
key and 2 and more for the subkeys. */
static int
blob_cmp_fpr (KEYBOXBLOB blob, const unsigned char *fpr, unsigned int fprlen)
{
const unsigned char *buffer;
size_t length;
size_t pos, off;
size_t nkeys, keyinfolen;
int idx, fpr32, storedfprlen;
buffer = _keybox_get_blob_image (blob, &length);
if (length < 40)
return 0; /* blob too short */
fpr32 = buffer[5] == 2;
/*keys*/
nkeys = get16 (buffer + 16);
keyinfolen = get16 (buffer + 18 );
if (keyinfolen < (fpr32?56:28))
return 0; /* invalid blob */
pos = 20;
if (pos + (uint64_t)keyinfolen*nkeys > (uint64_t)length)
return 0; /* out of bounds */
for (idx=0; idx < nkeys; idx++)
{
off = pos + idx*keyinfolen;
if (fpr32)
storedfprlen = (get16 (buffer + off + 32) & 0x80)? 32:20;
else
storedfprlen = 20;
if (storedfprlen == fprlen
&& !memcmp (buffer + off, fpr, storedfprlen))
return idx+1; /* found */
}
return 0; /* not found */
}
/* Helper for has_short_kid and has_long_kid. */
static int
blob_cmp_fpr_part (KEYBOXBLOB blob, const unsigned char *fpr,
int fproff, int fprlen)
{
const unsigned char *buffer;
size_t length;
size_t pos, off;
size_t nkeys, keyinfolen;
int idx, fpr32, storedfprlen;
buffer = _keybox_get_blob_image (blob, &length);
if (length < 40)
return 0; /* blob too short */
fpr32 = buffer[5] == 2;
/*keys*/
nkeys = get16 (buffer + 16);
keyinfolen = get16 (buffer + 18 );
if (keyinfolen < (fpr32?56:28))
return 0; /* invalid blob */
pos = 20;
if (pos + (uint64_t)keyinfolen*nkeys > (uint64_t)length)
return 0; /* out of bounds */
if (fpr32)
fproff = 0; /* keyid are the high-order bits. */
for (idx=0; idx < nkeys; idx++)
{
off = pos + idx*keyinfolen;
if (fpr32)
storedfprlen = (get16 (buffer + off + 32) & 0x80)? 32:20;
else
storedfprlen = 20;
if (storedfprlen == fproff + fprlen
&& !memcmp (buffer + off + fproff, fpr, fprlen))
return idx+1; /* found */
}
return 0; /* not found */
}
static int
blob_cmp_name (KEYBOXBLOB blob, int idx,
const char *name, size_t namelen, int substr, int x509)
{
const unsigned char *buffer;
size_t length;
size_t pos, off, len;
size_t nkeys, keyinfolen;
size_t nuids, uidinfolen;
size_t nserial;
buffer = _keybox_get_blob_image (blob, &length);
if (length < 40)
return 0; /* blob too short */
/*keys*/
nkeys = get16 (buffer + 16);
keyinfolen = get16 (buffer + 18 );
if (keyinfolen < 28)
return 0; /* invalid blob */
pos = 20 + keyinfolen*nkeys;
if ((uint64_t)pos+2 > (uint64_t)length)
return 0; /* out of bounds */
/*serial*/
nserial = get16 (buffer+pos);
pos += 2 + nserial;
if (pos+4 > length)
return 0; /* out of bounds */
/* user ids*/
nuids = get16 (buffer + pos); pos += 2;
uidinfolen = get16 (buffer + pos); pos += 2;
if (uidinfolen < 12 /* should add a: || nuidinfolen > MAX_UIDINFOLEN */)
return 0; /* invalid blob */
if (pos + uidinfolen*nuids > length)
return 0; /* out of bounds */
if (idx < 0)
{ /* Compare all names. Note that for X.509 we start with index 1
so to skip the issuer at index 0. */
for (idx = !!x509; idx < nuids; idx++)
{
size_t mypos = pos;
mypos += idx*uidinfolen;
off = get32 (buffer+mypos);
len = get32 (buffer+mypos+4);
if ((uint64_t)off+(uint64_t)len > (uint64_t)length)
return 0; /* error: better stop here out of bounds */
if (len < 1)
continue; /* empty name */
if (substr)
{
if (ascii_memcasemem (buffer+off, len, name, namelen))
return idx+1; /* found */
}
else
{
if (len == namelen && !memcmp (buffer+off, name, len))
return idx+1; /* found */
}
}
}
else
{
if (idx > nuids)
return 0; /* no user ID with that idx */
pos += idx*uidinfolen;
off = get32 (buffer+pos);
len = get32 (buffer+pos+4);
if (off+len > length)
return 0; /* out of bounds */
if (len < 1)
return 0; /* empty name */
if (substr)
{
if (ascii_memcasemem (buffer+off, len, name, namelen))
return idx+1; /* found */
}
else
{
if (len == namelen && !memcmp (buffer+off, name, len))
return idx+1; /* found */
}
}
return 0; /* not found */
}
/* Compare all email addresses of the subject. With SUBSTR given as
True a substring search is done in the mail address. The X509 flag
indicated whether the search is done on an X.509 blob. */
static int
blob_cmp_mail (KEYBOXBLOB blob, const char *name, size_t namelen, int substr,
int x509)
{
const unsigned char *buffer;
size_t length;
size_t pos, off, len;
size_t nkeys, keyinfolen;
size_t nuids, uidinfolen;
size_t nserial;
int idx;
/* fixme: this code is common to blob_cmp_mail */
buffer = _keybox_get_blob_image (blob, &length);
if (length < 40)
return 0; /* blob too short */
/*keys*/
nkeys = get16 (buffer + 16);
keyinfolen = get16 (buffer + 18 );
if (keyinfolen < 28)
return 0; /* invalid blob */
pos = 20 + keyinfolen*nkeys;
if (pos+2 > length)
return 0; /* out of bounds */
/*serial*/
nserial = get16 (buffer+pos);
pos += 2 + nserial;
if (pos+4 > length)
return 0; /* out of bounds */
/* user ids*/
nuids = get16 (buffer + pos); pos += 2;
uidinfolen = get16 (buffer + pos); pos += 2;
if (uidinfolen < 12 /* should add a: || nuidinfolen > MAX_UIDINFOLEN */)
return 0; /* invalid blob */
if (pos + uidinfolen*nuids > length)
return 0; /* out of bounds */
if (namelen < 1)
return 0;
/* Note that for X.509 we start at index 1 because index 0 is used
for the issuer name. */
for (idx=!!x509 ;idx < nuids; idx++)
{
size_t mypos = pos;
size_t mylen;
mypos += idx*uidinfolen;
off = get32 (buffer+mypos);
len = get32 (buffer+mypos+4);
if ((uint64_t)off+(uint64_t)len > (uint64_t)length)
return 0; /* error: better stop here - out of bounds */
if (x509)
{
if (len < 2 || buffer[off] != '<')
continue; /* empty name or trailing 0 not stored */
len--; /* one back */
if ( len < 3 || buffer[off+len] != '>')
continue; /* not a proper email address */
off++;
len--;
}
else /* OpenPGP. */
{
/* We need to forward to the mailbox part. */
mypos = off;
mylen = len;
for ( ; len && buffer[off] != '<'; len--, off++)
;
if (len < 2 || buffer[off] != '<')
{
/* Mailbox not explicitly given or too short. Restore
OFF and LEN and check whether the entire string
resembles a mailbox without the angle brackets. */
off = mypos;
len = mylen;
if (!is_valid_mailbox_mem (buffer+off, len))
continue; /* Not a mail address. */
}
else /* Seems to be standard user id with mail address. */
{
off++; /* Point to first char of the mail address. */
len--;
/* Search closing '>'. */
for (mypos=off; len && buffer[mypos] != '>'; len--, mypos++)
;
if (!len || buffer[mypos] != '>' || off == mypos)
continue; /* Not a proper mail address. */
len = mypos - off;
}
}
if (substr)
{
if (ascii_memcasemem (buffer+off, len, name, namelen))
return idx+1; /* found */
}
else
{
if (len == namelen && !ascii_memcasecmp (buffer+off, name, len))
return idx+1; /* found */
}
}
return 0; /* not found */
}
/* Return true if the key in BLOB matches the 20 bytes keygrip GRIP.
* We don't have the keygrips as meta data, thus we need to parse the
* certificate. Fixme: We might want to return proper error codes
* instead of failing a search for invalid certificates etc. */
static int
blob_openpgp_has_grip (KEYBOXBLOB blob, const unsigned char *grip)
{
int rc = 0;
const unsigned char *buffer;
size_t length;
size_t cert_off, cert_len;
struct _keybox_openpgp_info info;
struct _keybox_openpgp_key_info *k;
buffer = _keybox_get_blob_image (blob, &length);
if (length < 40)
return 0; /* Too short. */
cert_off = get32 (buffer+8);
cert_len = get32 (buffer+12);
if ((uint64_t)cert_off+(uint64_t)cert_len > (uint64_t)length)
return 0; /* Too short. */
if (_keybox_parse_openpgp (buffer + cert_off, cert_len, NULL, &info))
return 0; /* Parse error. */
if (!memcmp (info.primary.grip, grip, 20))
{
rc = 1;
goto leave;
}
if (info.nsubkeys)
{
k = &info.subkeys;
do
{
if (!memcmp (k->grip, grip, 20))
{
rc = 1;
goto leave;
}
k = k->next;
}
while (k);
}
leave:
_keybox_destroy_openpgp_info (&info);
return rc;
}
#ifdef KEYBOX_WITH_X509
/* Return true if the key in BLOB matches the 20 bytes keygrip GRIP.
We don't have the keygrips as meta data, thus we need to parse the
certificate. Fixme: We might want to return proper error codes
instead of failing a search for invalid certificates etc. */
static int
blob_x509_has_grip (KEYBOXBLOB blob, const unsigned char *grip)
{
int rc;
const unsigned char *buffer;
size_t length;
size_t cert_off, cert_len;
ksba_reader_t reader = NULL;
ksba_cert_t cert = NULL;
ksba_sexp_t p = NULL;
gcry_sexp_t s_pkey;
unsigned char array[20];
unsigned char *rcp;
size_t n;
buffer = _keybox_get_blob_image (blob, &length);
if (length < 40)
return 0; /* Too short. */
cert_off = get32 (buffer+8);
cert_len = get32 (buffer+12);
if ((uint64_t)cert_off+(uint64_t)cert_len > (uint64_t)length)
return 0; /* Too short. */
rc = ksba_reader_new (&reader);
if (rc)
return 0; /* Problem with ksba. */
rc = ksba_reader_set_mem (reader, buffer+cert_off, cert_len);
if (rc)
goto failed;
rc = ksba_cert_new (&cert);
if (rc)
goto failed;
rc = ksba_cert_read_der (cert, reader);
if (rc)
goto failed;
p = ksba_cert_get_public_key (cert);
if (!p)
goto failed;
n = gcry_sexp_canon_len (p, 0, NULL, NULL);
if (!n)
goto failed;
rc = gcry_sexp_sscan (&s_pkey, NULL, (char*)p, n);
if (rc)
{
gcry_sexp_release (s_pkey);
goto failed;
}
rcp = gcry_pk_get_keygrip (s_pkey, array);
gcry_sexp_release (s_pkey);
if (!rcp)
goto failed; /* Can't calculate keygrip. */
xfree (p);
ksba_cert_release (cert);
ksba_reader_release (reader);
return !memcmp (array, grip, 20);
failed:
xfree (p);
ksba_cert_release (cert);
ksba_reader_release (reader);
return 0;
}
#endif /*KEYBOX_WITH_X509*/
/*
The has_foo functions are used as helpers for search
*/
static inline int
has_short_kid (KEYBOXBLOB blob, u32 lkid)
{
unsigned char buf[4];
buf[0] = lkid >> 24;
buf[1] = lkid >> 16;
buf[2] = lkid >> 8;
buf[3] = lkid;
return blob_cmp_fpr_part (blob, buf, 16, 4);
}
static inline int
has_long_kid (KEYBOXBLOB blob, u32 mkid, u32 lkid)
{
unsigned char buf[8];
buf[0] = mkid >> 24;
buf[1] = mkid >> 16;
buf[2] = mkid >> 8;
buf[3] = mkid;
buf[4] = lkid >> 24;
buf[5] = lkid >> 16;
buf[6] = lkid >> 8;
buf[7] = lkid;
return blob_cmp_fpr_part (blob, buf, 12, 8);
}
static inline int
has_fingerprint (KEYBOXBLOB blob, const unsigned char *fpr, unsigned int fprlen)
{
return blob_cmp_fpr (blob, fpr, fprlen);
}
static inline int
has_keygrip (KEYBOXBLOB blob, const unsigned char *grip)
{
if (blob_get_type (blob) == KEYBOX_BLOBTYPE_PGP)
return blob_openpgp_has_grip (blob, grip);
#ifdef KEYBOX_WITH_X509
if (blob_get_type (blob) == KEYBOX_BLOBTYPE_X509)
return blob_x509_has_grip (blob, grip);
#endif
return 0;
}
+static inline int
+has_ubid (KEYBOXBLOB blob, const unsigned char *ubid)
+{
+ size_t length;
+ const unsigned char *buffer;
+ size_t image_off, image_len;
+ unsigned char ubid_blob[20];
+
+ buffer = _keybox_get_blob_image (blob, &length);
+ if (length < 40)
+ return 0; /*GPG_ERR_TOO_SHORT*/
+ image_off = get32 (buffer+8);
+ image_len = get32 (buffer+12);
+ if ((uint64_t)image_off+(uint64_t)image_len > (uint64_t)length)
+ return 0; /*GPG_ERR_TOO_SHORT*/
+
+ gcry_md_hash_buffer (GCRY_MD_SHA1, ubid_blob, buffer + image_off, image_len);
+
+ return !memcmp (ubid, ubid_blob, 20);
+}
static inline int
has_issuer (KEYBOXBLOB blob, const char *name)
{
size_t namelen;
return_val_if_fail (name, 0);
if (blob_get_type (blob) != KEYBOX_BLOBTYPE_X509)
return 0;
namelen = strlen (name);
return blob_cmp_name (blob, 0 /* issuer */, name, namelen, 0, 1);
}
static inline int
has_issuer_sn (KEYBOXBLOB blob, const char *name,
const unsigned char *sn, int snlen)
{
size_t namelen;
return_val_if_fail (name, 0);
return_val_if_fail (sn, 0);
if (blob_get_type (blob) != KEYBOX_BLOBTYPE_X509)
return 0;
namelen = strlen (name);
return (blob_cmp_sn (blob, sn, snlen)
&& blob_cmp_name (blob, 0 /* issuer */, name, namelen, 0, 1));
}
static inline int
has_sn (KEYBOXBLOB blob, const unsigned char *sn, int snlen)
{
return_val_if_fail (sn, 0);
if (blob_get_type (blob) != KEYBOX_BLOBTYPE_X509)
return 0;
return blob_cmp_sn (blob, sn, snlen);
}
static inline int
has_subject (KEYBOXBLOB blob, const char *name)
{
size_t namelen;
return_val_if_fail (name, 0);
if (blob_get_type (blob) != KEYBOX_BLOBTYPE_X509)
return 0;
namelen = strlen (name);
return blob_cmp_name (blob, 1 /* subject */, name, namelen, 0, 1);
}
static inline int
has_username (KEYBOXBLOB blob, const char *name, int substr)
{
size_t namelen;
int btype;
return_val_if_fail (name, 0);
btype = blob_get_type (blob);
if (btype != KEYBOX_BLOBTYPE_PGP && btype != KEYBOX_BLOBTYPE_X509)
return 0;
namelen = strlen (name);
return blob_cmp_name (blob, -1 /* all subject/user names */, name,
namelen, substr, (btype == KEYBOX_BLOBTYPE_X509));
}
static inline int
has_mail (KEYBOXBLOB blob, const char *name, int substr)
{
size_t namelen;
int btype;
return_val_if_fail (name, 0);
btype = blob_get_type (blob);
if (btype != KEYBOX_BLOBTYPE_PGP && btype != KEYBOX_BLOBTYPE_X509)
return 0;
if (btype == KEYBOX_BLOBTYPE_PGP && *name == '<')
name++; /* Hack to remove the leading '<' for gpg. */
namelen = strlen (name);
if (namelen && name[namelen-1] == '>')
namelen--;
return blob_cmp_mail (blob, name, namelen, substr,
(btype == KEYBOX_BLOBTYPE_X509));
}
static void
release_sn_array (struct sn_array_s *array, size_t size)
{
size_t n;
for (n=0; n < size; n++)
xfree (array[n].sn);
xfree (array);
}
/* Helper to open the file. */
static gpg_error_t
open_file (KEYBOX_HANDLE hd)
{
hd->fp = fopen (hd->kb->fname, "rb");
if (!hd->fp)
{
hd->error = gpg_error_from_syserror ();
return hd->error;
}
return 0;
}
/*
The search API
*/
gpg_error_t
keybox_search_reset (KEYBOX_HANDLE hd)
{
if (!hd)
return gpg_error (GPG_ERR_INV_VALUE);
if (hd->found.blob)
{
_keybox_release_blob (hd->found.blob);
hd->found.blob = NULL;
}
if (hd->fp)
{
if (fseeko (hd->fp, 0, SEEK_SET))
{
/* Ooops. Seek did not work. Close so that the search will
* open the file again. */
fclose (hd->fp);
hd->fp = NULL;
}
}
hd->error = 0;
hd->eof = 0;
return 0;
}
/* Note: When in ephemeral mode the search function does visit all
blobs but in standard mode, blobs flagged as ephemeral are ignored.
If WANT_BLOBTYPE is not 0 only blobs of this type are considered.
The value at R_SKIPPED is updated by the number of skipped long
records (counts PGP and X.509). */
gpg_error_t
keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc,
keybox_blobtype_t want_blobtype,
size_t *r_descindex, unsigned long *r_skipped)
{
gpg_error_t rc;
size_t n;
int need_words, any_skip;
KEYBOXBLOB blob = NULL;
struct sn_array_s *sn_array = NULL;
int pk_no, uid_no;
off_t lastfoundoff;
if (!hd)
return gpg_error (GPG_ERR_INV_VALUE);
/* Clear last found result but reord the offset of the last found
* blob which we may need later. */
if (hd->found.blob)
{
lastfoundoff = _keybox_get_blob_fileoffset (hd->found.blob);
_keybox_release_blob (hd->found.blob);
hd->found.blob = NULL;
}
else
lastfoundoff = 0;
if (hd->error)
return hd->error; /* still in error state */
if (hd->eof)
return -1; /* still EOF */
/* figure out what information we need */
need_words = any_skip = 0;
for (n=0; n < ndesc; n++)
{
switch (desc[n].mode)
{
case KEYDB_SEARCH_MODE_WORDS:
need_words = 1;
break;
case KEYDB_SEARCH_MODE_FIRST:
/* always restart the search in this mode */
keybox_search_reset (hd);
lastfoundoff = 0;
break;
default:
break;
}
if (desc[n].skipfnc)
any_skip = 1;
if (desc[n].snlen == -1 && !sn_array)
{
sn_array = xtrycalloc (ndesc, sizeof *sn_array);
if (!sn_array)
return (hd->error = gpg_error_from_syserror ());
}
}
(void)need_words; /* Not yet implemented. */
if (!hd->fp)
{
rc = open_file (hd);
if (rc)
{
xfree (sn_array);
return rc;
}
/* log_debug ("%s: re-opened file\n", __func__); */
if (ndesc && desc[0].mode != KEYDB_SEARCH_MODE_FIRST && lastfoundoff)
{
/* Search mode is not first and the last search operation
* returned a blob which also was not the first one. We now
* need to skip over that blob and hope that the file has
* not changed. */
if (fseeko (hd->fp, lastfoundoff, SEEK_SET))
{
rc = gpg_error_from_syserror ();
log_debug ("%s: seeking to last found offset failed: %s\n",
__func__, gpg_strerror (rc));
xfree (sn_array);
return gpg_error (GPG_ERR_NOTHING_FOUND);
}
/* log_debug ("%s: re-opened file and sought to last offset\n", */
/* __func__); */
rc = _keybox_read_blob (NULL, hd->fp, NULL);
if (rc)
{
log_debug ("%s: skipping last found blob failed: %s\n",
__func__, gpg_strerror (rc));
xfree (sn_array);
return gpg_error (GPG_ERR_NOTHING_FOUND);
}
}
}
/* Kludge: We need to convert an SN given as hexstring to its binary
representation - in some cases we are not able to store it in the
search descriptor, because due to the way we use it, it is not
possible to free allocated memory. */
if (sn_array)
{
const unsigned char *s;
int i, odd;
size_t snlen;
for (n=0; n < ndesc; n++)
{
if (!desc[n].sn)
;
else if (desc[n].snlen == -1)
{
unsigned char *sn;
s = desc[n].sn;
for (i=0; *s && *s != '/'; s++, i++)
;
odd = (i & 1);
snlen = (i+1)/2;
sn_array[n].sn = xtrymalloc (snlen);
if (!sn_array[n].sn)
{
hd->error = gpg_error_from_syserror ();
release_sn_array (sn_array, n);
return hd->error;
}
sn_array[n].snlen = snlen;
sn = sn_array[n].sn;
s = desc[n].sn;
if (odd)
{
*sn++ = xtoi_1 (s);
s++;
}
for (; *s && *s != '/'; s += 2)
*sn++ = xtoi_2 (s);
}
else
{
const unsigned char *sn;
sn = desc[n].sn;
snlen = desc[n].snlen;
sn_array[n].sn = xtrymalloc (snlen);
if (!sn_array[n].sn)
{
hd->error = gpg_error_from_syserror ();
release_sn_array (sn_array, n);
return hd->error;
}
sn_array[n].snlen = snlen;
memcpy (sn_array[n].sn, sn, snlen);
}
}
}
pk_no = uid_no = 0;
for (;;)
{
unsigned int blobflags;
int blobtype;
_keybox_release_blob (blob); blob = NULL;
rc = _keybox_read_blob (&blob, hd->fp, NULL);
if (gpg_err_code (rc) == GPG_ERR_TOO_LARGE
&& gpg_err_source (rc) == GPG_ERR_SOURCE_KEYBOX)
{
++*r_skipped;
continue; /* Skip too large records. */
}
if (rc)
break;
blobtype = blob_get_type (blob);
if (blobtype == KEYBOX_BLOBTYPE_HEADER)
continue;
if (want_blobtype && blobtype != want_blobtype)
continue;
blobflags = blob_get_blob_flags (blob);
if (!hd->ephemeral && (blobflags & 2))
continue; /* Not in ephemeral mode but blob is flagged ephemeral. */
for (n=0; n < ndesc; n++)
{
switch (desc[n].mode)
{
case KEYDB_SEARCH_MODE_NONE:
never_reached ();
break;
case KEYDB_SEARCH_MODE_EXACT:
uid_no = has_username (blob, desc[n].u.name, 0);
if (uid_no)
goto found;
break;
case KEYDB_SEARCH_MODE_MAIL:
uid_no = has_mail (blob, desc[n].u.name, 0);
if (uid_no)
goto found;
break;
case KEYDB_SEARCH_MODE_MAILSUB:
uid_no = has_mail (blob, desc[n].u.name, 1);
if (uid_no)
goto found;
break;
case KEYDB_SEARCH_MODE_SUBSTR:
uid_no = has_username (blob, desc[n].u.name, 1);
if (uid_no)
goto found;
break;
case KEYDB_SEARCH_MODE_MAILEND:
case KEYDB_SEARCH_MODE_WORDS:
/* not yet implemented */
break;
case KEYDB_SEARCH_MODE_ISSUER:
if (has_issuer (blob, desc[n].u.name))
goto found;
break;
case KEYDB_SEARCH_MODE_ISSUER_SN:
if (has_issuer_sn (blob, desc[n].u.name,
sn_array? sn_array[n].sn : desc[n].sn,
sn_array? sn_array[n].snlen : desc[n].snlen))
goto found;
break;
case KEYDB_SEARCH_MODE_SN:
if (has_sn (blob, sn_array? sn_array[n].sn : desc[n].sn,
sn_array? sn_array[n].snlen : desc[n].snlen))
goto found;
break;
case KEYDB_SEARCH_MODE_SUBJECT:
if (has_subject (blob, desc[n].u.name))
goto found;
break;
case KEYDB_SEARCH_MODE_SHORT_KID:
pk_no = has_short_kid (blob, desc[n].u.kid[1]);
if (pk_no)
goto found;
break;
case KEYDB_SEARCH_MODE_LONG_KID:
pk_no = has_long_kid (blob, desc[n].u.kid[0], desc[n].u.kid[1]);
if (pk_no)
goto found;
break;
case KEYDB_SEARCH_MODE_FPR:
pk_no = has_fingerprint (blob, desc[n].u.fpr, desc[n].fprlen);
if (pk_no)
goto found;
break;
case KEYDB_SEARCH_MODE_KEYGRIP:
if (has_keygrip (blob, desc[n].u.grip))
goto found;
break;
+ case KEYDB_SEARCH_MODE_UBID:
+ if (has_ubid (blob, desc[n].u.ubid))
+ goto found;
+ break;
case KEYDB_SEARCH_MODE_FIRST:
goto found;
break;
case KEYDB_SEARCH_MODE_NEXT:
goto found;
break;
default:
rc = gpg_error (GPG_ERR_INV_VALUE);
goto found;
}
}
continue;
found:
/* Record which DESC we matched on. Note this value is only
meaningful if this function returns with no errors. */
if(r_descindex)
*r_descindex = n;
for (n=any_skip?0:ndesc; n < ndesc; n++)
{
u32 kid[2];
if (desc[n].skipfnc
&& blob_get_first_keyid (blob, kid)
&& desc[n].skipfnc (desc[n].skipfncvalue, kid, uid_no))
break;
}
if (n == ndesc)
break; /* got it */
}
if (!rc)
{
hd->found.blob = blob;
hd->found.pk_no = pk_no;
hd->found.uid_no = uid_no;
}
else if (rc == -1 || gpg_err_code (rc) == GPG_ERR_EOF)
{
_keybox_release_blob (blob);
hd->eof = 1;
}
else
{
_keybox_release_blob (blob);
hd->error = rc;
}
if (sn_array)
release_sn_array (sn_array, ndesc);
return rc;
}
/*
Functions to return a certificate or a keyblock. To be used after
a successful search operation.
*/
/* Return the raw data from the last found blob. Caller must release
* the value stored at R_BUFFER. If called with NULL for R_BUFFER
* only the needed length for the buffer and the public key type is
* returned. */
gpg_error_t
keybox_get_data (KEYBOX_HANDLE hd, void **r_buffer, size_t *r_length,
enum pubkey_types *r_pubkey_type)
{
const unsigned char *buffer;
size_t length;
size_t image_off, image_len;
if (r_buffer)
*r_buffer = NULL;
if (r_length)
*r_length = 0;
if (r_pubkey_type)
*r_pubkey_type = PUBKEY_TYPE_UNKNOWN;
if (!hd)
return gpg_error (GPG_ERR_INV_VALUE);
if (!hd->found.blob)
return gpg_error (GPG_ERR_NOTHING_FOUND);
switch (blob_get_type (hd->found.blob))
{
case KEYBOX_BLOBTYPE_PGP:
if (r_pubkey_type)
*r_pubkey_type = PUBKEY_TYPE_OPGP;
break;
case KEYBOX_BLOBTYPE_X509:
if (r_pubkey_type)
*r_pubkey_type = PUBKEY_TYPE_X509;
break;
default:
return gpg_error (GPG_ERR_WRONG_BLOB_TYPE);
}
buffer = _keybox_get_blob_image (hd->found.blob, &length);
if (length < 40)
return gpg_error (GPG_ERR_TOO_SHORT);
image_off = get32 (buffer+8);
image_len = get32 (buffer+12);
if ((uint64_t)image_off+(uint64_t)image_len > (uint64_t)length)
return gpg_error (GPG_ERR_TOO_SHORT);
if (r_length)
*r_length = image_len;
if (r_buffer)
{
*r_buffer = xtrymalloc (image_len);
if (!*r_buffer)
return gpg_error_from_syserror ();
memcpy (*r_buffer, buffer + image_off, image_len);
}
return 0;
}
/* Return the last found keyblock. Returns 0 on success and stores a
* new iobuf at R_IOBUF. R_UID_NO and R_PK_NO are used to return the
* index of the key or user id which matched the search criteria; if
* not known they are set to 0. */
gpg_error_t
keybox_get_keyblock (KEYBOX_HANDLE hd, iobuf_t *r_iobuf,
int *r_pk_no, int *r_uid_no)
{
gpg_error_t err;
const unsigned char *buffer;
size_t length;
size_t image_off, image_len;
size_t siginfo_off, siginfo_len;
*r_iobuf = NULL;
if (!hd)
return gpg_error (GPG_ERR_INV_VALUE);
if (!hd->found.blob)
return gpg_error (GPG_ERR_NOTHING_FOUND);
if (blob_get_type (hd->found.blob) != KEYBOX_BLOBTYPE_PGP)
return gpg_error (GPG_ERR_WRONG_BLOB_TYPE);
buffer = _keybox_get_blob_image (hd->found.blob, &length);
if (length < 40)
return gpg_error (GPG_ERR_TOO_SHORT);
image_off = get32 (buffer+8);
image_len = get32 (buffer+12);
if ((uint64_t)image_off+(uint64_t)image_len > (uint64_t)length)
return gpg_error (GPG_ERR_TOO_SHORT);
err = _keybox_get_flag_location (buffer, length, KEYBOX_FLAG_SIG_INFO,
&siginfo_off, &siginfo_len);
if (err)
return err;
*r_pk_no = hd->found.pk_no;
*r_uid_no = hd->found.uid_no;
*r_iobuf = iobuf_temp_with_content (buffer+image_off, image_len);
return 0;
}
#ifdef KEYBOX_WITH_X509
/*
Return the last found cert. Caller must free it.
*/
int
keybox_get_cert (KEYBOX_HANDLE hd, ksba_cert_t *r_cert)
{
const unsigned char *buffer;
size_t length;
size_t cert_off, cert_len;
ksba_reader_t reader = NULL;
ksba_cert_t cert = NULL;
int rc;
if (!hd)
return gpg_error (GPG_ERR_INV_VALUE);
if (!hd->found.blob)
return gpg_error (GPG_ERR_NOTHING_FOUND);
if (blob_get_type (hd->found.blob) != KEYBOX_BLOBTYPE_X509)
return gpg_error (GPG_ERR_WRONG_BLOB_TYPE);
buffer = _keybox_get_blob_image (hd->found.blob, &length);
if (length < 40)
return gpg_error (GPG_ERR_TOO_SHORT);
cert_off = get32 (buffer+8);
cert_len = get32 (buffer+12);
if ((uint64_t)cert_off+(uint64_t)cert_len > (uint64_t)length)
return gpg_error (GPG_ERR_TOO_SHORT);
rc = ksba_reader_new (&reader);
if (rc)
return rc;
rc = ksba_reader_set_mem (reader, buffer+cert_off, cert_len);
if (rc)
{
ksba_reader_release (reader);
/* fixme: need to map the error codes */
return gpg_error (GPG_ERR_GENERAL);
}
rc = ksba_cert_new (&cert);
if (rc)
{
ksba_reader_release (reader);
return rc;
}
rc = ksba_cert_read_der (cert, reader);
if (rc)
{
ksba_cert_release (cert);
ksba_reader_release (reader);
/* fixme: need to map the error codes */
return gpg_error (GPG_ERR_GENERAL);
}
*r_cert = cert;
ksba_reader_release (reader);
return 0;
}
#endif /*KEYBOX_WITH_X509*/
/* Return the flags named WHAT at the address of VALUE. IDX is used
only for certain flags and should be 0 if not required. */
int
keybox_get_flags (KEYBOX_HANDLE hd, int what, int idx, unsigned int *value)
{
const unsigned char *buffer;
size_t length;
gpg_err_code_t ec;
(void)idx; /* Not yet used. */
if (!hd)
return gpg_error (GPG_ERR_INV_VALUE);
if (!hd->found.blob)
return gpg_error (GPG_ERR_NOTHING_FOUND);
buffer = _keybox_get_blob_image (hd->found.blob, &length);
ec = get_flag_from_image (buffer, length, what, value);
return ec? gpg_error (ec):0;
}
off_t
keybox_offset (KEYBOX_HANDLE hd)
{
if (!hd->fp)
return 0;
return ftello (hd->fp);
}
gpg_error_t
keybox_seek (KEYBOX_HANDLE hd, off_t offset)
{
gpg_error_t err;
if (hd->error)
return hd->error; /* still in error state */
if (! hd->fp)
{
if (!offset)
{
/* No need to open the file. An unopened file is effectively at
offset 0. */
return 0;
}
err = open_file (hd);
if (err)
return err;
}
err = fseeko (hd->fp, offset, SEEK_SET);
hd->error = gpg_error_from_errno (err);
return hd->error;
}