diff options
author | Repo Admin <nobody@gnupg.org> | 2002-10-19 09:55:27 +0200 |
---|---|---|
committer | Repo Admin <nobody@gnupg.org> | 2002-10-19 09:55:27 +0200 |
commit | 82a17c9fb3d64ccdd474c3bedf564368f77e84a4 (patch) | |
tree | 0c01ee8cea5f6f77e830955c6b97024752740a2b /kbx | |
parent | Bumped version number for cvs version (diff) | |
download | gnupg2-82a17c9fb3d64ccdd474c3bedf564368f77e84a4.tar.xz gnupg2-82a17c9fb3d64ccdd474c3bedf564368f77e84a4.zip |
This commit was manufactured by cvs2svn to create branch
'GNUPG-1-9-BRANCH'.
Diffstat (limited to 'kbx')
-rw-r--r-- | kbx/ChangeLog | 102 | ||||
-rw-r--r-- | kbx/Makefile.am | 53 | ||||
-rw-r--r-- | kbx/kbxutil.c | 338 | ||||
-rw-r--r-- | kbx/keybox-blob.c | 1007 | ||||
-rw-r--r-- | kbx/keybox-defs.h | 179 | ||||
-rw-r--r-- | kbx/keybox-dump.c | 346 | ||||
-rw-r--r-- | kbx/keybox-file.c | 102 | ||||
-rw-r--r-- | kbx/keybox-init.c | 127 | ||||
-rw-r--r-- | kbx/keybox-search.c | 810 | ||||
-rw-r--r-- | kbx/keybox-update.c | 433 | ||||
-rw-r--r-- | kbx/keybox.h | 125 |
11 files changed, 0 insertions, 3622 deletions
diff --git a/kbx/ChangeLog b/kbx/ChangeLog deleted file mode 100644 index 351ec5d13..000000000 --- a/kbx/ChangeLog +++ /dev/null @@ -1,102 +0,0 @@ -2002-08-10 Werner Koch <wk@gnupg.org> - - * keybox-search.c (blob_cmp_fpr_part): New. - (has_short_kid, has_long_kid): Implemented. - -2002-07-22 Werner Koch <wk@gnupg.org> - - * keybox-defs.h: New BLOBTYPTE_EMPTY. - * keybox-dump.c (_keybox_dump_blob): Handle new type. - * keybox-file.c (_keybox_read_blob): Skip over empty blobs. Store - the file offset. - * keybox-blob.c (_keybox_new_blob): Add new arg OFF. - (_keybox_get_blob_fileoffset): New. - * keybox-update.c (keybox_delete): Implemented. - -2002-06-19 Werner Koch <wk@gnupg.org> - - * keybox-init.c (keybox_set_ephemeral): New. - * keybox-blob.c (create_blob_header): Store epheermal flag. - (_keybox_create_x509_blob): Pass epheermal flag on. - * keybox-update.c (keybox_insert_cert): Ditto. - * keybox-search.c (blob_get_blob_flags): New. - (keybox_search): Ignore ephemeral blobs when not in ephemeral mode. - - * keybox-dump.c (_keybox_dump_blob): Print blob flags as strings. - -2002-02-25 Werner Koch <wk@gnupg.org> - - * keybox-search.c (blob_cmp_mail): Use case-insensitive compare - because mail addresses are in general case insensitive (well - RFC2822 allows for case sensitive mailbox parts, but this is in - general considired a Bad Thing). Add additional substr parameter - to allow for substring matches within the mail address. Change - all callers to pass this along. - (blob_cmp_name): Likewise but do the case-insensitive search only - in sub string mode. - (keybox_search): Implement MAILSUB and SUBSTR mode. - -2002-01-21 Werner Koch <wk@gnupg.org> - - * keybox-search.c (keybox_search): Allow KEYDB_SEARCH_MODE_FPR20. - -2002-01-15 Werner Koch <wk@gnupg.org> - - * keybox-search.c (blob_cmp_fpr): New. - (has_fingerprint): Implemented; - -2001-12-20 Werner Koch <wk@gnupg.org> - - * keybox-blob.c (_keybox_create_x509_blob): Skip the leading - parenthesis of the serial number's S-exp. - (_keybox_create_x509_blob): And fixed length calculation. - (create_blob_header): Don't add an offset when writing the serial. - -2001-12-18 Werner Koch <wk@gnupg.org> - - * Makefile.am (AM_CPPFLAGS): Add flags for libksba - - * keybox-blob.c (_keybox_create_x509_blob): Use - gcry_sexp_canon_len to get the length of the serial number. - (_keybox_release_blob): Need to use a new serialbuf to free the memory. - -2001-12-17 Werner Koch <wk@gnupg.org> - - * keybox-search.c: Changed the way the serial number is - represented. - -2001-12-15 Werner Koch <wk@gnupg.org> - - * keybox-search.c (blob_cmp_name): There is no terminating 0 stored - for the uid; fixed length compare. - -2001-12-14 Werner Koch <wk@gnupg.org> - - * keybox-blob.c (x509_email_kludge): New. - (_keybox_create_x509_blob): Insert an extra email address if the - subject's DN has an email part. - * keybox-defs.h: Added the xtoi_2 and digitp macros. - -2001-12-13 Werner Koch <wk@gnupg.org> - - * keybox-search.c (blob_cmp_name): Kludge to allow searching for - more than one name. - (has_subject_or_alt): New. - (blob_cmp_mail): New. - (has_mail): New. - (keybox_search): Implemented exact search and exact mail search. - - * kbx/keybox-blob.c (_keybox_create_x509_blob): Insert alternate - names. - - - Copyright 2001 g10 Code GmbH - - This file is free software; as a special exception the author gives - unlimited permission to copy and/or distribute it, with or without - modifications, as long as this notice is preserved. - - This file is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY, to the extent permitted by law; without even the - implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. -
\ No newline at end of file diff --git a/kbx/Makefile.am b/kbx/Makefile.am deleted file mode 100644 index 4e7170379..000000000 --- a/kbx/Makefile.am +++ /dev/null @@ -1,53 +0,0 @@ -# Keybox Makefile -# Copyright (C) 2001 Free Software Foundation, Inc. -# -# This file is part of GnuPG. -# -# GnuPG is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# GnuPG is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA - -## Process this file with automake to produce Makefile.in - -localedir = $(datadir)/locale -INCLUDES = -I../intl -DLOCALEDIR=\"$(localedir)\" - -EXTRA_DIST = mkerrors -AM_CPPFLAGS = $(KSBA_CFLAGS) $(LIBGCRYPT_CLFAGS) -BUILT_SOURCES = keybox-errors.c - -noinst_LIBRARIES = libkeybox.a -bin_PROGRAMS = kbxutil - -common_sources = \ - keybox.h keybox-defs.h keybox-search-desc.h \ - keybox-util.c \ - keybox-errors.c \ - keybox-init.c \ - keybox-blob.c \ - keybox-file.c \ - keybox-search.c \ - keybox-update.c \ - keybox-dump.c - - -libkeybox_a_SOURCES = $(common_sources) - -kbxutil_SOURCES = kbxutil.c $(common_sources) -kbxutil_LDADD = ../jnlib/libjnlib.a $(KSBA_LIBS) $(LIBGCRYPT_LIBS) - -keybox-errors.c : keybox.h mkerrors - $(srcdir)/mkerrors < $(srcdir)/keybox.h > keybox-errors.c - - - diff --git a/kbx/kbxutil.c b/kbx/kbxutil.c deleted file mode 100644 index b733b81c8..000000000 --- a/kbx/kbxutil.c +++ /dev/null @@ -1,338 +0,0 @@ -/* kbxutil.c - The Keybox utility - * Copyright (C) 2000, 2001 Free Software Foundation, Inc. - * - * This file is part of GnuPG. - * - * GnuPG is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * GnuPG is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA - */ - -#include <config.h> -#include <errno.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <ctype.h> -#include <unistd.h> - -#include <gcrypt.h> - -#include "../jnlib/logging.h" -#include "../jnlib/argparse.h" -#include "../jnlib/stringhelp.h" -#include "../common/i18n.h" -#include "keybox-defs.h" - -enum cmd_and_opt_values { - aNull = 0, - oArmor = 'a', - oDryRun = 'n', - oOutput = 'o', - oQuiet = 'q', - oVerbose = 'v', - - aNoSuchCmd = 500, /* force other values not to be a letter */ - aFindByFpr, - aFindByKid, - aFindByUid, - - oDebug, - oDebugAll, - - oNoArmor, - - - aTest -}; - - -static ARGPARSE_OPTS opts[] = { - { 300, NULL, 0, N_("@Commands:\n ") }, - - { aFindByFpr, "find-by-fpr", 0, "|FPR| find key using it's fingerprnt" }, - { aFindByKid, "find-by-kid", 0, "|KID| find key using it's keyid" }, - { aFindByUid, "find-by-uid", 0, "|NAME| find key by user name" }, - - { 301, NULL, 0, N_("@\nOptions:\n ") }, - - { oArmor, "armor", 0, N_("create ascii armored output")}, - { oArmor, "armour", 0, "@" }, - { oOutput, "output", 2, N_("use as output file")}, - { oVerbose, "verbose", 0, N_("verbose") }, - { oQuiet, "quiet", 0, N_("be somewhat more quiet") }, - { oDryRun, "dry-run", 0, N_("do not make any changes") }, - - { oDebug, "debug" ,4|16, N_("set debugging flags")}, - { oDebugAll, "debug-all" ,0, N_("enable full debugging")}, - - {0} /* end of list */ -}; - - -void myexit (int rc); - -int keybox_errors_seen = 0; - - -static const char * -my_strusage( int level ) -{ - const char *p; - switch( level ) { - case 11: p = "kbxutil (GnuPG)"; - break; - case 13: p = VERSION; break; - case 17: p = PRINTABLE_OS_NAME; break; - case 19: p = - _("Please report bugs to " PACKAGE_BUGREPORT ".\n"); - break; - case 1: - case 40: p = - _("Usage: kbxutil [options] [files] (-h for help)"); - break; - case 41: p = - _("Syntax: kbxutil [options] [files]\n" - "list, export, import Keybox data\n"); - break; - - - default: p = NULL; - } - return p; -} - - -static void -i18n_init(void) -{ - #ifdef USE_SIMPLE_GETTEXT - set_gettext_file( PACKAGE ); - #else - #ifdef ENABLE_NLS - #ifdef HAVE_LC_MESSAGES - setlocale( LC_TIME, "" ); - setlocale( LC_MESSAGES, "" ); - #else - setlocale( LC_ALL, "" ); - #endif - bindtextdomain( PACKAGE, LOCALEDIR ); - textdomain( PACKAGE ); - #endif - #endif -} - - -/* static void */ -/* wrong_args( const char *text ) */ -/* { */ -/* log_error("usage: kbxutil %s\n", text); */ -/* myexit ( 1 ); */ -/* } */ - - -#if 0 -static int -hextobyte( const byte *s ) -{ - int c; - - if( *s >= '0' && *s <= '9' ) - c = 16 * (*s - '0'); - else if( *s >= 'A' && *s <= 'F' ) - c = 16 * (10 + *s - 'A'); - else if( *s >= 'a' && *s <= 'f' ) - c = 16 * (10 + *s - 'a'); - else - return -1; - s++; - if( *s >= '0' && *s <= '9' ) - c += *s - '0'; - else if( *s >= 'A' && *s <= 'F' ) - c += 10 + *s - 'A'; - else if( *s >= 'a' && *s <= 'f' ) - c += 10 + *s - 'a'; - else - return -1; - return c; -} -#endif - -#if 0 -static char * -format_fingerprint ( const char *s ) -{ - int i, c; - byte fpr[20]; - - for (i=0; i < 20 && *s; ) { - if ( *s == ' ' || *s == '\t' ) { - s++; - continue; - } - c = hextobyte(s); - if (c == -1) { - return NULL; - } - fpr[i++] = c; - s += 2; - } - return gcry_xstrdup ( fpr ); -} -#endif - -#if 0 -static int -format_keyid ( const char *s, u32 *kid ) -{ - char helpbuf[9]; - switch ( strlen ( s ) ) { - case 8: - kid[0] = 0; - kid[1] = strtoul( s, NULL, 16 ); - return 10; - - case 16: - mem2str( helpbuf, s, 9 ); - kid[0] = strtoul( helpbuf, NULL, 16 ); - kid[1] = strtoul( s+8, NULL, 16 ); - return 11; - } - return 0; /* error */ -} -#endif - - -int -main( int argc, char **argv ) -{ - ARGPARSE_ARGS pargs; - enum cmd_and_opt_values cmd = 0; - - set_strusage( my_strusage ); - /*log_set_name("kbxutil"); fixme */ -#if 0 - /* check that the libraries are suitable. Do it here because - * the option parse may need services of the library */ - if ( !gcry_check_version ( "1.1.4" ) ) - { - log_fatal(_("libgcrypt is too old (need %s, have %s)\n"), - "1.1.4", gcry_check_version(NULL) ); - } -#endif - - /*create_dotlock(NULL); register locking cleanup */ - i18n_init(); - - /* We need to use the gcry malloc function because jnlib does use them */ - keybox_set_malloc_hooks (gcry_malloc, gcry_realloc, gcry_free); - ksba_set_malloc_hooks (gcry_malloc, gcry_realloc, gcry_free ); - - - pargs.argc = &argc; - pargs.argv = &argv; - pargs.flags= 1; /* do not remove the args */ - while (arg_parse( &pargs, opts) ) - { - switch (pargs.r_opt) - { - case oVerbose: - /*opt.verbose++;*/ - /*gcry_control( GCRYCTL_SET_VERBOSITY, (int)opt.verbose );*/ - break; - case oDebug: - /*opt.debug |= pargs.r.ret_ulong; */ - break; - case oDebugAll: - /*opt.debug = ~0;*/ - break; - - case aFindByFpr: - case aFindByKid: - case aFindByUid: - cmd = pargs.r_opt; - break; - - default: - pargs.err = 2; - break; - } - } - if (log_get_errorcount(0) ) - myexit(2); - - if (!cmd) - { /* default is to list a KBX file */ - if (!argc) - _keybox_dump_file (NULL, stdout); - else - { - for (; argc; argc--, argv++) - _keybox_dump_file (*argv, stdout); - } - } -#if 0 - else if ( cmd == aFindByFpr ) { - char *fpr; - if ( argc != 2 ) - wrong_args ("kbxfile foingerprint"); - fpr = format_fingerprint ( argv[1] ); - if ( !fpr ) - log_error ("invalid formatted fingerprint\n"); - else { - kbxfile_search_by_fpr ( argv[0], fpr ); - gcry_free ( fpr ); - } - } - else if ( cmd == aFindByKid ) { - u32 kid[2]; - int mode; - - if ( argc != 2 ) - wrong_args ("kbxfile short-or-long-keyid"); - mode = format_keyid ( argv[1], kid ); - if ( !mode ) - log_error ("invalid formatted keyID\n"); - else { - kbxfile_search_by_kid ( argv[0], kid, mode ); - } - } - else if ( cmd == aFindByUid ) { - if ( argc != 2 ) - wrong_args ("kbxfile userID"); - kbxfile_search_by_uid ( argv[0], argv[1] ); - } -#endif - else - log_error ("unsupported action\n"); - - myexit(0); - return 8; /*NEVER REACHED*/ -} - - -void -myexit( int rc ) -{ - /* if( opt.debug & DBG_MEMSTAT_VALUE ) {*/ -/* gcry_control( GCRYCTL_DUMP_MEMORY_STATS ); */ -/* gcry_control( GCRYCTL_DUMP_RANDOM_STATS ); */ - /* }*/ -/* if( opt.debug ) */ -/* gcry_control( GCRYCTL_DUMP_SECMEM_STATS ); */ - rc = rc? rc : log_get_errorcount(0)? 2 : - keybox_errors_seen? 1 : 0; - exit(rc ); -} - - diff --git a/kbx/keybox-blob.c b/kbx/keybox-blob.c deleted file mode 100644 index 48e2b5b87..000000000 --- a/kbx/keybox-blob.c +++ /dev/null @@ -1,1007 +0,0 @@ -/* keybox-blob.c - KBX Blob handling - * Copyright (C) 2000, 2001, 2002 Free Software Foundation, Inc. - * - * This file is part of GnuPG. - * - * GnuPG is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * GnuPG is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA - */ - - -/* The keybox data formats - -The KeyBox uses an augmented OpenPGP/X.509 key format. This makes -random access to a keyblock/Certificate easier and also gives the -opportunity to store additional information (e.g. the fingerprint) -along with the key. All integers are stored in network byte order, -offsets are counted from the beginning of the Blob. - -The first record of a plain KBX file has a special format: - - u32 length of the first record - byte Blob type (1) - byte version number (1) - byte reserved - byte reserved - u32 magic 'KBXf' - byte pgp_marginals used for validity calculation of this file - byte pgp_completes ditto. - byte pgp_cert_depth ditto. - -The OpenPGP and X.509 blob are verry similiar, things which are -X.509 specific are noted like [X.509: xxx] - - u32 length of this blob (including these 4 bytes) - byte Blob type (2) [X509: 3] - byte version number of this blob type (1) - u16 Blob flags - bit 0 = contains secret key material - bit 1 = ephemeral blob (e.g. used while quering external resources) - - u32 offset to the OpenPGP keyblock or X509 DER encoded certificate - u32 and its length - u16 number of keys (at least 1!) [X509: always 1] - u16 size of additional key information - n times: - b20 The keys fingerprint - (fingerprints are always 20 bytes, MD5 left padded with zeroes) - u32 offset to the n-th key's keyID (a keyID is always 8 byte) - or 0 if not known which is the case opnly for X509. - u16 special key flags - bit 0 = - u16 reserved - u16 size of serialnumber(may be zero) - n u16 (see above) bytes of serial number - u16 number of user IDs - u16 size of additional user ID information - n times: - u32 offset to the n-th user ID - u32 length of this user ID. - u16 special user ID flags. - bit 0 = - byte validity - byte reserved - [For X509, the first user ID is the ISsuer, the second the subject - and the others are subjectAltNames] - u16 number of signatures - u16 size of signature information (4) - u32 expiration time of signature with some special values: - 0x00000000 = not checked - 0x00000001 = missing key - 0x00000002 = bad signature - 0x10000000 = valid and expires at some date in 1978. - 0xffffffff = valid and does not expire - u8 assigned ownertrust [X509: no used] - u8 all_validity [X509: no used] - u16 reserved - u32 recheck_after - u32 Newest timestamp in the keyblock (useful for KS syncronsiation?) - u32 Blob created at - u32 size of reserved space (not including this field) - reserved space - - Here we might want to put other data - - Here comes the keyblock - - maybe we put a signature here later. - - b16 MD5 checksum (useful for KS syncronisation), we might also want to use - a mac here. - b4 resevered - -*/ - - -#include <config.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <errno.h> -#include <assert.h> -#include <gcrypt.h> - -#ifdef KEYBOX_WITH_OPENPGP -/* include stuff to parse the packets */ -#endif -#ifdef KEYBOX_WITH_X509 -#include <ksba.h> -#endif - -#include "keybox-defs.h" - - -/* special values of the signature status */ -#define SF_NONE(a) ( !(a) ) -#define SF_NOKEY(a) ((a) & (1<<0)) -#define SF_BAD(a) ((a) & (1<<1)) -#define SF_VALID(a) ((a) & (1<<29)) - - -struct membuf { - size_t len; - size_t size; - char *buf; - int out_of_core; -}; - - -/* #if MAX_FINGERPRINT_LEN < 20 */ -/* #error fingerprints are 20 bytes */ -/* #endif */ - -struct keyboxblob_key { - char fpr[20]; - u32 off_kid; - ulong off_kid_addr; - u16 flags; -}; -struct keyboxblob_uid { - ulong off_addr; - char *name; /* used only with x509 */ - u32 len; - u16 flags; - byte validity; -}; - -struct keyid_list { - struct keyid_list *next; - int seqno; - byte kid[8]; -}; - -struct fixup_list { - struct fixup_list *next; - u32 off; - u32 val; -}; - - -struct keyboxblob { - byte *blob; - size_t bloblen; - off_t fileoffset; - - /* stuff used only by keybox_create_blob */ - unsigned char *serialbuf; - const unsigned char *serial; - size_t seriallen; - int nkeys; - struct keyboxblob_key *keys; - int nuids; - struct keyboxblob_uid *uids; - int nsigs; - u32 *sigs; - struct fixup_list *fixups; - int fixup_out_of_core; - - struct keyid_list *temp_kids; - struct membuf bufbuf; /* temporary store for the blob */ - struct membuf *buf; -}; - - - -/* A simple implemnation of a dynamic buffer. Use init_membuf() to - create a buffer, put_membuf to append bytes and get_membuf to - release and return the buffer. Allocation errors are detected but - only returned at the final get_membuf(), this helps not to clutter - the code with out of core checks. */ - -static void -init_membuf (struct membuf *mb, int initiallen) -{ - mb->len = 0; - mb->size = initiallen; - mb->out_of_core = 0; - mb->buf = xtrymalloc (initiallen); - if (!mb->buf) - mb->out_of_core = 1; -} - -static void -put_membuf (struct membuf *mb, const void *buf, size_t len) -{ - if (mb->out_of_core) - return; - - if (mb->len + len >= mb->size) - { - char *p; - - mb->size += len + 1024; - p = xtryrealloc (mb->buf, mb->size); - if (!p) - { - mb->out_of_core = 1; - return; - } - mb->buf = p; - } - memcpy (mb->buf + mb->len, buf, len); - mb->len += len; -} - -static void * -get_membuf (struct membuf *mb, size_t *len) -{ - char *p; - - if (mb->out_of_core) - { - xfree (mb->buf); - mb->buf = NULL; - return NULL; - } - - p = mb->buf; - *len = mb->len; - mb->buf = NULL; - mb->out_of_core = 1; /* don't allow a reuse */ - return p; -} - - -static void -put8 (struct membuf *mb, byte a ) -{ - put_membuf (mb, &a, 1); -} - -static void -put16 (struct membuf *mb, u16 a ) -{ - unsigned char tmp[2]; - tmp[0] = a>>8; - tmp[1] = a; - put_membuf (mb, tmp, 2); -} - -static void -put32 (struct membuf *mb, u32 a ) -{ - unsigned char tmp[4]; - tmp[0] = a>>24; - tmp[1] = a>>16; - tmp[2] = a>>8; - tmp[3] = a; - put_membuf (mb, tmp, 4); -} - - -/* Store a value in the fixup list */ -static void -add_fixup (KEYBOXBLOB blob, u32 off, u32 val) -{ - struct fixup_list *fl; - - if (blob->fixup_out_of_core) - return; - - fl = xtrycalloc(1, sizeof *fl); - if (!fl) - blob->fixup_out_of_core = 1; - else - { - fl->off = off; - fl->val = val; - fl->next = blob->fixups; - blob->fixups = fl; - } -} - - -/* - Some wrappers -*/ - -static u32 -make_timestamp (void) -{ - return time(NULL); -} - - - -#ifdef KEYBOX_WITH_OPENPGP -/* - OpenPGP specific stuff -*/ - - -/* - We must store the keyid at some place because we can't calculate the - offset yet. This is only used for v3 keyIDs. Function returns an - index value for later fixup or -1 for out of core. The value must be - a non-zero value */ -static int -pgp_temp_store_kid (KEYBOXBLOB blob, PKT_public_key *pk) -{ - struct keyid_list *k, *r; - - k = xtrymalloc (sizeof *k); - if (!k) - return -1; - k->kid[0] = pk->keyid[0] >> 24 ; - k->kid[1] = pk->keyid[0] >> 16 ; - k->kid[2] = pk->keyid[0] >> 8 ; - k->kid[3] = pk->keyid[0] ; - k->kid[4] = pk->keyid[0] >> 24 ; - k->kid[5] = pk->keyid[0] >> 16 ; - k->kid[6] = pk->keyid[0] >> 8 ; - k->kid[7] = pk->keyid[0] ; - k->seqno = 0; - k->next = blob->temp_kids; - blob->temp_kids = k; - for (r=k; r; r = r->next) - k->seqno++; - - return k->seqno; -} - -static int -pgp_create_key_part (KEYBOXBLOB blob, KBNODE keyblock) -{ - KBNODE node; - size_t fprlen; - int n; - - for (n=0, node = keyblock; node; node = node->next) - { - if ( node->pkt->pkttype == PKT_PUBLIC_KEY - || node->pkt->pkttype == PKT_PUBLIC_SUBKEY ) - { - PKT_public_key *pk = node->pkt->pkt.public_key; - char tmp[20]; - - fingerprint_from_pk (pk, tmp , &fprlen); - memcpy (blob->keys[n].fpr, tmp, 20); - if ( fprlen != 20 ) /*v3 fpr - shift right and fill with zeroes*/ - { - assert (fprlen == 16); - memmove (blob->keys[n].fpr+4, blob->keys[n].fpr, 16); - memset (blob->keys[n].fpr, 0, 4); - blob->keys[n].off_kid = pgp_temp_store_kid (blob, pk); - } - else - { - blob->keys[n].off_kid = 0; /* will be fixed up later */ - } - blob->keys[n].flags = 0; - n++; - } - else if ( node->pkt->pkttype == PKT_SECRET_KEY - || node->pkt->pkttype == PKT_SECRET_SUBKEY ) - { - never_reached (); /* actually not yet implemented */ - } - } - assert (n == blob->nkeys); - return 0; -} - -static int -pgp_create_uid_part (KEYBOXBLOB blob, KBNODE keyblock) -{ - KBNODE node; - int n; - - for (n=0, node = keyblock; node; node = node->next) - { - if (node->pkt->pkttype == PKT_USER_ID) - { - PKT_user_id *u = node->pkt->pkt.user_id; - - blob->uids[n].len = u->len; - blob->uids[n].flags = 0; - blob->uids[n].validity = 0; - n++; - } - } - assert (n == blob->nuids); - return 0; -} - -static int -pgp_create_sig_part (KEYBOXBLOB blob, KBNODE keyblock) -{ - KBNODE node; - int n; - - for (n=0, node = keyblock; node; node = node->next) - { - if (node->pkt->pkttype == PKT_SIGNATURE) - { - PKT_signature *sig = node->pkt->pkt.signature; - - blob->sigs[n] = 0; /* FIXME: check the signature here */ - n++; - } - } - assert( n == blob->nsigs ); - return 0; -} - -static int -pgp_create_blob_keyblock (KEYBOXBLOB blob, KBNODE keyblock) -{ - struct membuf *a = blob->buf; - KBNODE node; - int rc; - int n; - u32 kbstart = a->len; - - add_fixup (blob, kbstart); - - for (n = 0, node = keyblock; node; node = node->next) - { - rc = build_packet ( a, node->pkt ); - if ( rc ) { - gpg_log_error ("build_packet(%d) for keyboxblob failed: %s\n", - node->pkt->pkttype, gpg_errstr(rc) ); - return GPGERR_WRITE_FILE; - } - if ( node->pkt->pkttype == PKT_USER_ID ) - { - PKT_user_id *u = node->pkt->pkt.user_id; - /* build_packet has set the offset of the name into u ; - * now we can do the fixup */ - add_fixup (blob, blob->uids[n].off_addr, u->stored_at); - n++; - } - } - assert (n == blob->nuids); - - add_fixup (blob, a->len - kbstart); - return 0; -} - -#endif /*KEYBOX_WITH_OPENPGP*/ - - -#ifdef KEYBOX_WITH_X509 -/* - X.509 specific stuff - */ - -/* Write the raw certificate out */ -static int -x509_create_blob_cert (KEYBOXBLOB blob, KsbaCert cert) -{ - struct membuf *a = blob->buf; - const unsigned char *image; - size_t length; - u32 kbstart = a->len; - - /* Store our offset for later fixup */ - add_fixup (blob, 8, kbstart); - - image = ksba_cert_get_image (cert, &length); - if (!image) - return KEYBOX_General_Error; - put_membuf (a, image, length); - - add_fixup (blob, 12, a->len - kbstart); - return 0; -} - -#endif /*KEYBOX_WITH_X509*/ - -/* Write a stored keyID out to the buffer */ -static void -write_stored_kid (KEYBOXBLOB blob, int seqno) -{ - struct keyid_list *r; - - for ( r = blob->temp_kids; r; r = r->next ) - { - if (r->seqno == seqno ) - { - put_membuf (blob->buf, r->kid, 8); - return; - } - } - never_reached (); -} - -/* Release a list of key IDs */ -static void -release_kid_list (struct keyid_list *kl) -{ - struct keyid_list *r, *r2; - - for ( r = kl; r; r = r2 ) - { - r2 = r->next; - xfree (r); - } -} - - - -static int -create_blob_header (KEYBOXBLOB blob, int blobtype, int as_ephemeral) -{ - struct membuf *a = blob->buf; - int i; - - put32 ( a, 0 ); /* blob length, needs fixup */ - put8 ( a, blobtype); - put8 ( a, 1 ); /* blob type version */ - put16 ( a, as_ephemeral? 2:0 ); /* blob flags */ - - put32 ( a, 0 ); /* offset to the raw data, needs fixup */ - put32 ( a, 0 ); /* length of the raw data, needs fixup */ - - put16 ( a, blob->nkeys ); - put16 ( a, 20 + 4 + 2 + 2 ); /* size of key info */ - for ( i=0; i < blob->nkeys; i++ ) - { - put_membuf (a, blob->keys[i].fpr, 20); - blob->keys[i].off_kid_addr = a->len; - put32 ( a, 0 ); /* offset to keyid, fixed up later */ - put16 ( a, blob->keys[i].flags ); - put16 ( a, 0 ); /* reserved */ - } - - put16 (a, blob->seriallen); /*fixme: check that it fits into 16 bits*/ - if (blob->serial) - put_membuf (a, blob->serial, blob->seriallen); - - put16 ( a, blob->nuids ); - put16 ( a, 4 + 4 + 2 + 1 + 1 ); /* size of uid info */ - for (i=0; i < blob->nuids; i++) - { - blob->uids[i].off_addr = a->len; - put32 ( a, 0 ); /* offset to userid, fixed up later */ - put32 ( a, blob->uids[i].len ); - put16 ( a, blob->uids[i].flags ); - put8 ( a, 0 ); /* validity */ - put8 ( a, 0 ); /* reserved */ - } - - put16 ( a, blob->nsigs ); - put16 ( a, 4 ); /* size of sig info */ - for (i=0; i < blob->nsigs; i++) - { - put32 ( a, blob->sigs[i]); - } - - put8 ( a, 0 ); /* assigned ownertrust */ - put8 ( a, 0 ); /* validity of all user IDs */ - put16 ( a, 0 ); /* reserved */ - put32 ( a, 0 ); /* time of next recheck */ - put32 ( a, 0 ); /* newest timestamp (none) */ - put32 ( a, make_timestamp() ); /* creation time */ - put32 ( a, 0 ); /* size of reserved space */ - /* reserved space (which is currently of size 0) */ - - /* space where we write keyIDs and and other stuff so that the - pointers can actually point to somewhere */ - if (blobtype == BLOBTYPE_PGP) - { - /* We need to store the keyids for all pgp v3 keys because those key - IDs are not part of the fingerprint. While we are doing that, we - fixup all the keyID offsets */ - for (i=0; i < blob->nkeys; i++ ) - { - if (blob->keys[i].off_kid) - { /* this is a v3 one */ - add_fixup (blob, blob->keys[i].off_kid_addr, a->len); - write_stored_kid (blob, blob->keys[i].off_kid); - } - else - { /* the better v4 key IDs - just store an offset 8 bytes back */ - add_fixup (blob, blob->keys[i].off_kid_addr, - blob->keys[i].off_kid_addr - 8); - } - } - } - - if (blobtype == BLOBTYPE_X509) - { - /* We don't want to point to ASN.1 encoded UserIDs (DNs) but to - the utf-8 string represenation of them */ - for (i=0; i < blob->nuids; i++ ) - { - if (blob->uids[i].name) - { /* this is a v3 one */ - add_fixup (blob, blob->uids[i].off_addr, a->len); - put_membuf (blob->buf, blob->uids[i].name, blob->uids[i].len); - } - } - } - - return 0; -} - - - -static int -create_blob_trailer (KEYBOXBLOB blob) -{ - return 0; -} - - -static int -create_blob_finish (KEYBOXBLOB blob) -{ - struct membuf *a = blob->buf; - byte *p; - char *pp; - int i; - size_t n; - - /* write a placeholder for the checksum */ - for (i = 0; i < 16; i++ ) - put32 (a, 0); /* Hmmm: why put32() ?? */ - - /* get the memory area */ - p = get_membuf (a, &n); - if (!p) - return KEYBOX_Out_Of_Core; - assert (n >= 20); - - /* fixup the length */ - add_fixup (blob, 0, n); - - /* do the fixups */ - if (blob->fixup_out_of_core) - return KEYBOX_Out_Of_Core; - - { - struct fixup_list *fl; - for (fl = blob->fixups; fl; fl = fl->next) - { - assert (fl->off+4 <= n); - p[fl->off+0] = fl->val >> 24; - p[fl->off+1] = fl->val >> 16; - p[fl->off+2] = fl->val >> 8; - p[fl->off+3] = fl->val; - } - } - - /* calculate and store the MD5 checksum */ - gcry_md_hash_buffer (GCRY_MD_MD5, p + n - 16, p, n - 16); - - pp = xtrymalloc (n); - if ( !pp ) - return KEYBOX_Out_Of_Core; - memcpy (pp , p, n); - blob->blob = pp; - blob->bloblen = n; - - return 0; -} - - -#ifdef KEYBOX_WITH_OPENPGP - -int -_keybox_create_pgp_blob (KEYBOXBLOB *r_blob, KBNODE keyblock, int as_ephemeral) -{ - int rc = 0; - KBNODE node; - KEYBOXBLOB blob; - - *r_blob = NULL; - blob = xtrycalloc (1, sizeof *blob); - if( !blob ) - return KEYBOX_Out_Of_Core; - - /* fixme: Do some sanity checks on the keyblock */ - - /* count userids and keys so that we can allocate the arrays */ - for (node = keyblock; node; node = node->next) - { - switch (node->pkt->pkttype) - { - case PKT_PUBLIC_KEY: - case PKT_SECRET_KEY: - case PKT_PUBLIC_SUBKEY: - case PKT_SECRET_SUBKEY: blob->nkeys++; break; - case PKT_USER_ID: blob->nuids++; break; - case PKT_SIGNATURE: blob->nsigs++; break; - default: break; - } - } - - blob->keys = xtrycalloc (blob->nkeys, sizeof *blob->keys ); - blob->uids = xtrycalloc (blob->nuids, sizeof *blob->uids ); - blob->sigs = xtrycalloc (blob->nsigs, sizeof *blob->sigs ); - if (!blob->keys || !blob->uids || !blob->sigs) - { - rc = KEYBOX_Out_Of_Core; - goto leave; - } - - rc = pgp_create_key_part ( blob, keyblock ); - if (rc) - goto leave; - rc = pgp_create_uid_part ( blob, keyblock ); - if (rc) - goto leave; - rc = pgp_create_sig_part ( blob, keyblock ); - if (rc) - goto leave; - - init_membuf (&blob->bufbuf, 1024); - blob->buf = &blob->bufbuf; - rc = create_blob_header (blob, BLOBTYPE_OPENPGP, as_ephemeral); - if (rc) - goto leave; - rc = pgp_create_blob_keyblock (blob, keyblock); - if (rc) - goto leave; - rc = create_blob_trailer (blob); - if (rc) - goto leave; - rc = create_blob_finish ( blob ); - if (rc) - goto leave; - - - leave: - release_kid_list (blob->temp_kids); - blob->temp_kids = NULL; - if (rc) - { - keybox_release_blob (blob); - *r_blob = NULL; - } - else - { - *r_blob = blob; - } - return rc; -} -#endif /*KEYBOX_WITH_OPENPGP*/ - -#ifdef KEYBOX_WITH_X509 - -/* return an allocated string with the email address extracted from a - DN */ -static char * -x509_email_kludge (const char *name) -{ - const unsigned char *p; - unsigned char *buf; - int n; - - if (strncmp (name, "1.2.840.113549.1.9.1=#", 22)) - return NULL; - /* This looks pretty much like an email address in the subject's DN - we use this to add an additional user ID entry. This way, - openSSL generated keys get a nicer and usable listing */ - name += 22; - for (n=0, p=name; hexdigitp (p) && hexdigitp (p+1); p +=2, n++) - ; - if (*p != '#' || !n) - return NULL; - buf = xtrymalloc (n+3); - if (!buf) - return NULL; /* oops, out of core */ - *buf = '<'; - for (n=1, p=name; *p != '#'; p +=2, n++) - buf[n] = xtoi_2 (p); - buf[n++] = '>'; - buf[n] = 0; - return buf; -} - - - -/* Note: We should move calculation of the digest into libksba and - remove that parameter */ -int -_keybox_create_x509_blob (KEYBOXBLOB *r_blob, KsbaCert cert, - unsigned char *sha1_digest, int as_ephemeral) -{ - int i, rc = 0; - KEYBOXBLOB blob; - unsigned char *p; - unsigned char **names = NULL; - size_t max_names; - - *r_blob = NULL; - blob = xtrycalloc (1, sizeof *blob); - if( !blob ) - return KEYBOX_Out_Of_Core; - - p = ksba_cert_get_serial (cert); - if (p) - { - size_t n, len; - n = gcry_sexp_canon_len (p, 0, NULL, NULL); - if (n < 2) - { - xfree (p); - return KEYBOX_General_Error; - } - blob->serialbuf = p; - p++; n--; /* skip '(' */ - for (len=0; n && *p && *p != ':' && digitp (p); n--, p++) - len = len*10 + atoi_1 (p); - if (*p != ':') - { - xfree (blob->serialbuf); - blob->serialbuf = NULL; - return KEYBOX_General_Error; - } - p++; - blob->serial = p; - blob->seriallen = len; - } - - blob->nkeys = 1; - - /* create list of names */ - blob->nuids = 0; - max_names = 100; - names = xtrymalloc (max_names * sizeof *names); - if (!names) - { - rc = KEYBOX_Out_Of_Core; - goto leave; - } - p = ksba_cert_get_issuer (cert, 0); - if (!p) - { - rc = KEYBOX_Missing_Value; - goto leave; - } - names[blob->nuids++] = p; - for (i=0; (p = ksba_cert_get_subject (cert, i)); i++) - { - - if (blob->nuids >= max_names) - { - unsigned char **tmp; - - max_names += 100; - tmp = xtryrealloc (names, max_names * sizeof *names); - if (!tmp) - { - rc = KEYBOX_Out_Of_Core; - goto leave; - } - } - names[blob->nuids++] = p; - if (!i && (p=x509_email_kludge (p))) - names[blob->nuids++] = p; /* due to !i we don't need to check bounds*/ - } - - /* space for signature information */ - blob->nsigs = 1; - - blob->keys = xtrycalloc (blob->nkeys, sizeof *blob->keys ); - blob->uids = xtrycalloc (blob->nuids, sizeof *blob->uids ); - blob->sigs = xtrycalloc (blob->nsigs, sizeof *blob->sigs ); - if (!blob->keys || !blob->uids || !blob->sigs) - { - rc = KEYBOX_Out_Of_Core; - goto leave; - } - - memcpy (blob->keys[0].fpr, sha1_digest, 20); - blob->keys[0].off_kid = 0; /* We don't have keyids */ - blob->keys[0].flags = 0; - - /* issuer and subject names */ - for (i=0; i < blob->nuids; i++) - { - blob->uids[i].name = names[i]; - blob->uids[i].len = strlen(names[i]); - names[i] = NULL; - blob->uids[i].flags = 0; - blob->uids[i].validity = 0; - } - xfree (names); - names = NULL; - - /* signatures */ - blob->sigs[0] = 0; /* not yet checked */ - - /* Create a temporary buffer for further processing */ - init_membuf (&blob->bufbuf, 1024); - blob->buf = &blob->bufbuf; - /* write out what we already have */ - rc = create_blob_header (blob, BLOBTYPE_X509, as_ephemeral); - if (rc) - goto leave; - rc = x509_create_blob_cert (blob, cert); - if (rc) - goto leave; - rc = create_blob_trailer (blob); - if (rc) - goto leave; - rc = create_blob_finish ( blob ); - if (rc) - goto leave; - - - leave: - release_kid_list (blob->temp_kids); - blob->temp_kids = NULL; - if (blob && names) - { - for (i=0; i < blob->nuids; i++) - xfree (names[i]); - } - xfree (names); - if (rc) - { - _keybox_release_blob (blob); - *r_blob = NULL; - } - else - { - *r_blob = blob; - } - return rc; -} -#endif /*KEYBOX_WITH_X509*/ - - - -int -_keybox_new_blob (KEYBOXBLOB *r_blob, char *image, size_t imagelen, off_t off) -{ - KEYBOXBLOB blob; - - *r_blob = NULL; - blob = xtrycalloc (1, sizeof *blob); - if (!blob) - return KEYBOX_Out_Of_Core; - - blob->blob = image; - blob->bloblen = imagelen; - blob->fileoffset = off; - *r_blob = blob; - return 0; -} - -void -_keybox_release_blob (KEYBOXBLOB blob) -{ - int i; - if (!blob) - return; - /* hmmm: release membuf here?*/ - xfree (blob->keys ); - xfree (blob->serialbuf); - for (i=0; i < blob->nuids; i++) - xfree (blob->uids[i].name); - xfree (blob->uids ); - xfree (blob->sigs ); - xfree (blob->blob ); - xfree (blob ); -} - - - -const char * -_keybox_get_blob_image ( KEYBOXBLOB blob, size_t *n ) -{ - *n = blob->bloblen; - return blob->blob; -} - -off_t -_keybox_get_blob_fileoffset (KEYBOXBLOB blob) -{ - return blob->fileoffset; -} - diff --git a/kbx/keybox-defs.h b/kbx/keybox-defs.h deleted file mode 100644 index 1c66020f7..000000000 --- a/kbx/keybox-defs.h +++ /dev/null @@ -1,179 +0,0 @@ -/* keybox-defs.h - interal Keybox defintions - * Copyright (C) 2001 Free Software Foundation, Inc. - * - * This file is part of GnuPG. - * - * GnuPG is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * GnuPG is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA - */ - -#ifndef KEYBOX_DEFS_H -#define KEYBOX_DEFS_H 1 - -#include <sys/types.h> /* off_t */ -#include "keybox.h" - -#ifndef HAVE_BYTE_TYPEDEF -typedef unsigned char byte; /* fixme */ -#endif -#ifndef HAVE_U16_TYPEDEF -typedef unsigned short u16; /* fixme */ -#endif -#ifndef HAVE_U32_TYPEDEF -typedef unsigned int u32; /* fixme */ -#endif - -enum { - BLOBTYPE_EMPTY = 0, - BLOBTYPE_HEADER = 1, - BLOBTYPE_PGP = 2, - BLOBTYPE_X509 = 3 -}; - - -typedef struct keyboxblob *KEYBOXBLOB; - - -typedef struct keybox_name *KB_NAME; -typedef struct keybox_name const * CONST_KB_NAME; -struct keybox_name { - struct keybox_name *next; - int secret; - /*DOTLOCK lockhd;*/ - int is_locked; - int did_full_scan; - char fname[1]; -}; - - - -struct keybox_handle { - CONST_KB_NAME kb; - int secret; /* this is for a secret keybox */ - FILE *fp; - int eof; - int error; - int ephemeral; - struct { - KEYBOXBLOB blob; - off_t offset; - size_t pk_no; - size_t uid_no; - unsigned int n_packets; /*used for delete and update*/ - } found; - struct { - char *name; - char *pattern; - } word_match; -}; - - -/* Don't know whether this is needed: */ -/* static struct { */ -/* const char *homedir; */ -/* int dry_run; */ -/* int quiet; */ -/* int verbose; */ -/* int preserve_permissions; */ -/* } keybox_opt; */ - - -/*-- keybox-blob.c --*/ -#ifdef KEYBOX_WITH_OPENPGP - /* fixme */ -#endif /*KEYBOX_WITH_OPENPGP*/ -#ifdef KEYBOX_WITH_X509 -int _keybox_create_x509_blob (KEYBOXBLOB *r_blob, KsbaCert cert, - unsigned char *sha1_digest, int as_ephemeral); -#endif /*KEYBOX_WITH_X509*/ - -int _keybox_new_blob (KEYBOXBLOB *r_blob, char *image, size_t imagelen, - off_t off); -void _keybox_release_blob (KEYBOXBLOB blob); -const char *_keybox_get_blob_image (KEYBOXBLOB blob, size_t *n); -off_t _keybox_get_blob_fileoffset (KEYBOXBLOB blob); - -/*-- keybox-file.c --*/ -int _keybox_read_blob (KEYBOXBLOB *r_blob, FILE *fp); -int _keybox_write_blob (KEYBOXBLOB blob, FILE *fp); - -/*-- keybox-dump.c --*/ -int _keybox_dump_blob (KEYBOXBLOB blob, FILE *fp); -int _keybox_dump_file (const char *filename, FILE *outfp); - - -/*-- keybox-util.c --*/ -void *_keybox_malloc (size_t n); -void *_keybox_calloc (size_t n, size_t m); -void *_keybox_realloc (void *p, size_t n); -void _keybox_free (void *p); - -#define xtrymalloc(a) _keybox_malloc ((a)) -#define xtrycalloc(a,b) _keybox_calloc ((a),(b)) -#define xtryrealloc(a,b) _keybox_realloc((a),(b)) -#define xfree(a) _keybox_free ((a)) - - -#define DIM(v) (sizeof(v)/sizeof((v)[0])) -#define DIMof(type,member) DIM(((type *)0)->member) -#ifndef STR - #define STR(v) #v -#endif -#define STR2(v) STR(v) - -/* - a couple of handy macros -*/ - -#define return_if_fail(expr) do { \ - if (!(expr)) { \ - fprintf (stderr, "%s:%d: assertion `%s' failed\n", \ - __FILE__, __LINE__, #expr ); \ - return; \ - } } while (0) -#define return_null_if_fail(expr) do { \ - if (!(expr)) { \ - fprintf (stderr, "%s:%d: assertion `%s' failed\n", \ - __FILE__, __LINE__, #expr ); \ - return NULL; \ - } } while (0) -#define return_val_if_fail(expr,val) do { \ - if (!(expr)) { \ - fprintf (stderr, "%s:%d: assertion `%s' failed\n", \ - __FILE__, __LINE__, #expr ); \ - return (val); \ - } } while (0) -#define never_reached() do { \ - fprintf (stderr, "%s:%d: oops; should never get here\n", \ - __FILE__, __LINE__ ); \ - } while (0) - - -/* some macros to replace ctype ones and avoid locale problems */ -#define digitp(p) (*(p) >= '0' && *(p) <= '9') -#define hexdigitp(a) (digitp (a) \ - || (*(a) >= 'A' && *(a) <= 'F') \ - || (*(a) >= 'a' && *(a) <= 'f')) -/* the atoi macros assume that the buffer has only valid digits */ -#define atoi_1(p) (*(p) - '0' ) -#define atoi_2(p) ((atoi_1(p) * 10) + atoi_1((p)+1)) -#define atoi_4(p) ((atoi_2(p) * 100) + atoi_2((p)+2)) -#define xtoi_1(p) (*(p) <= '9'? (*(p)- '0'): \ - *(p) <= 'F'? (*(p)-'A'+10):(*(p)-'a'+10)) -#define xtoi_2(p) ((xtoi_1(p) * 16) + xtoi_1((p)+1)) - - -#endif /*KEYBOX_DEFS_H*/ - - diff --git a/kbx/keybox-dump.c b/kbx/keybox-dump.c deleted file mode 100644 index 4fb3a4eb2..000000000 --- a/kbx/keybox-dump.c +++ /dev/null @@ -1,346 +0,0 @@ -/* keybox-dump.c - Debug helpers - * Copyright (C) 2001 Free Software Foundation, Inc. - * - * This file is part of GnuPG. - * - * GnuPG is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * GnuPG is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA - */ - -#include <config.h> -#include <stdlib.h> -#include <stdio.h> -#include <string.h> -#include <errno.h> - -#include "keybox-defs.h" - -static ulong -get32 (const byte *buffer) -{ - ulong a; - a = *buffer << 24; - a |= buffer[1] << 16; - a |= buffer[2] << 8; - a |= buffer[3]; - return a; -} - -static ulong -get16 (const byte *buffer) -{ - ulong a; - a = *buffer << 8; - a |= buffer[1]; - return a; -} - -void -print_string (FILE *fp, const byte *p, size_t n, int delim) -{ - for ( ; n; n--, p++ ) - { - if (*p < 0x20 || (*p >= 0x7f && *p < 0xa0) || *p == delim) - { - putc('\\', fp); - if( *p == '\n' ) - putc('n', fp); - else if( *p == '\r' ) - putc('r', fp); - else if( *p == '\f' ) - putc('f', fp); - else if( *p == '\v' ) - putc('v', fp); - else if( *p == '\b' ) - putc('b', fp); - else if( !*p ) - putc('0', fp); - else - fprintf(fp, "x%02x", *p ); - } - else - putc(*p, fp); - } -} - - -static int -dump_header_blob (const byte *buffer, size_t length, FILE *fp) -{ - fprintf (fp, "Version: %d\n", buffer[5]); - if ( memcmp (buffer+8, "KBXf", 4)) - fprintf (fp, "[Error: invalid magic number]\n"); - return 0; -} - - -/* Dump one block to FP */ -int -_keybox_dump_blob (KEYBOXBLOB blob, FILE *fp) -{ - const byte *buffer; - size_t length; - int type; - ulong n, nkeys, keyinfolen; - ulong nuids, uidinfolen; - ulong nsigs, siginfolen; - ulong rawdata_off, rawdata_len; - ulong nserial; - const byte *p; - - buffer = _keybox_get_blob_image (blob, &length); - - if (length < 40) - { - fprintf (fp, "[blob too short]\n"); - return -1; - } - - n = get32( buffer ); - if (n > length) - fprintf (fp, "[blob larger than length - output truncated]\n"); - else - length = n; /* ignore the rest */ - - fprintf (fp, "Length: %lu\n", n ); - type = buffer[4]; - switch (type) - { - case BLOBTYPE_EMPTY: - fprintf (fp, "Type: Empty\n"); - return 0; - - case BLOBTYPE_HEADER: - fprintf (fp, "Type: Header\n"); - return dump_header_blob (buffer, length, fp); - case BLOBTYPE_PGP: - fprintf (fp, "Type: OpenPGP\n"); - break; - case BLOBTYPE_X509: - fprintf (fp, "Type: X.509\n"); - break; - default: - fprintf (fp, "Type: %d\n", type); - fprintf (fp, "[can't dump this blob type]\n"); - return 0; - } - fprintf (fp, "Version: %d\n", buffer[5]); - - n = get16 (buffer + 6); - fprintf( fp, "Blob-Flags: %04lX", n); - if (n) - { - int any = 0; - - fputs (" (", fp); - if ((n & 1)) - { - fputs ("secret", fp); - any++; - } - if ((n & 2)) - { - if (any) - putc (',', fp); - fputs ("ephemeral", fp); - any++; - } - putc (')', fp); - } - putc ('\n', fp); - - rawdata_off = get32 (buffer + 8); - rawdata_len = get32 (buffer + 12); - - fprintf( fp, "Data-Offset: %lu\n", rawdata_off ); - fprintf( fp, "Data-Length: %lu\n", rawdata_len ); - - nkeys = get16 (buffer + 16); - fprintf (fp, "Key-Count: %lu\n", nkeys ); - if (!nkeys) - fprintf (fp, "[Error: no keys]\n"); - if (nkeys > 1 && type == BLOBTYPE_X509) - fprintf (fp, "[Error: only one key allowed for X509]\n"); - - keyinfolen = get16 (buffer + 18 ); - fprintf (fp, "Key-Info-Length: %lu\n", keyinfolen); - /* fixme: check bounds */ - p = buffer + 20; - for (n=0; n < nkeys; n++, p += keyinfolen) - { - int i; - ulong kidoff, kflags; - - fprintf (fp, "Key-Fpr[%lu]: ", n ); - for (i=0; i < 20; i++ ) - fprintf (fp, "%02X", p[i]); - kidoff = get32 (p + 20); - fprintf (fp, "\nKey-Kid-Off[%lu]: %lu\n", n, kidoff ); - fprintf (fp, "Key-Kid[%lu]: ", n ); - /* fixme: check bounds */ - for (i=0; i < 8; i++ ) - fprintf (fp, "%02X", buffer[kidoff+i] ); - kflags = get16 (p + 24 ); - fprintf( fp, "\nKey-Flags[%lu]: %04lX\n", n, kflags); - } - - /* serial number */ - fputs ("Serial-No: ", fp); - nserial = get16 (p); - p += 2; - if (!nserial) - fputs ("none", fp); - else - { - for (; nserial; nserial--, p++) - fprintf (fp, "%02X", *p); - } - putc ('\n', fp); - - /* user IDs */ - nuids = get16 (p); - fprintf (fp, "Uid-Count: %lu\n", nuids ); - uidinfolen = get16 (p + 2); - fprintf (fp, "Uid-Info-Length: %lu\n", uidinfolen); - /* fixme: check bounds */ - p += 4; - for (n=0; n < nuids; n++, p += uidinfolen) - { - ulong uidoff, uidlen, uflags; - - uidoff = get32( p ); - uidlen = get32( p+4 ); - if (type == BLOBTYPE_X509 && !n) - { - fprintf (fp, "Issuer-Off: %lu\n", uidoff ); - fprintf (fp, "Issuer-Len: %lu\n", uidlen ); - fprintf (fp, "Issuer: \""); - } - else if (type == BLOBTYPE_X509 && n == 1) - { - fprintf (fp, "Subject-Off: %lu\n", uidoff ); - fprintf (fp, "Subject-Len: %lu\n", uidlen ); - fprintf (fp, "Subject: \""); - } - else - { - fprintf (fp, "Uid-Off[%lu]: %lu\n", n, uidoff ); - fprintf (fp, "Uid-Len[%lu]: %lu\n", n, uidlen ); - fprintf (fp, "Uid[%lu]: \"", n ); - } - print_string (fp, buffer+uidoff, uidlen, '\"'); - fputs ("\"\n", fp); - uflags = get16 (p + 8); - if (type == BLOBTYPE_X509 && !n) - { - fprintf (fp, "Issuer-Flags: %04lX\n", uflags ); - fprintf (fp, "Issuer-Validity: %d\n", p[10] ); - } - else if (type == BLOBTYPE_X509 && n == 1) - { - fprintf (fp, "Subject-Flags: %04lX\n", uflags ); - fprintf (fp, "Subject-Validity: %d\n", p[10] ); - } - else - { - fprintf (fp, "Uid-Flags[%lu]: %04lX\n", n, uflags ); - fprintf (fp, "Uid-Validity[%lu]: %d\n", n, p[10] ); - } - } - - nsigs = get16 (p); - fprintf (fp, "Sig-Count: %lu\n", nsigs ); - siginfolen = get16 (p + 2); - fprintf (fp, "Sig-Info-Length: %lu\n", siginfolen ); - /* fixme: check bounds */ - p += 4; - for (n=0; n < nsigs; n++, p += siginfolen) - { - ulong sflags; - - sflags = get32 (p); - fprintf (fp, "Sig-Expire[%lu]: ", n ); - if (!sflags) - fputs ("[not checked]", fp); - else if (sflags == 1 ) - fputs ("[missing key]", fp); - else if (sflags == 2 ) - fputs ("[bad signature]", fp); - else if (sflags < 0x10000000) - fprintf (fp, "[bad flag %0lx]", sflags); - else if (sflags == 0xffffffff) - fputs ("0", fp ); - else - fputs ("a time"/*strtimestamp( sflags )*/, fp ); - putc ('\n', fp ); - } - - fprintf (fp, "Ownertrust: %d\n", p[0] ); - fprintf (fp, "All-Validity: %d\n", p[1] ); - p += 4; - n = get32 (p); p += 4; - fprintf (fp, "Recheck-After: %s\n", /*n? strtimestamp(n) :*/ "0" ); - n = get32 (p ); p += 4; - fprintf( fp, "Latest-Timestamp: %s\n", "0"/*strtimestamp(n)*/ ); - n = get32 (p ); p += 4; - fprintf (fp, "Created-At: %s\n", "0"/*strtimestamp(n)*/ ); - n = get32 (p ); p += 4; - fprintf (fp, "Reserved-Space: %lu\n", n ); - - /* check that the keyblock is at the correct offset and other bounds */ - /*fprintf (fp, "Blob-Checksum: [MD5-hash]\n");*/ - return 0; -} - - - -int -_keybox_dump_file (const char *filename, FILE *outfp) -{ - FILE *fp; - KEYBOXBLOB blob; - int rc; - unsigned long count = 0; - - if (!filename) - { - filename = "-"; - fp = stdin; - } - else - fp = fopen (filename, "rb"); - if (!fp) - { - fprintf (outfp, "can't open `%s': %s\n", filename, strerror(errno)); - return KEYBOX_File_Error; - } - - while ( !(rc = _keybox_read_blob (&blob, fp)) ) - { - fprintf (outfp, "BEGIN-RECORD: %lu\n", count ); - _keybox_dump_blob (blob, outfp); - _keybox_release_blob (blob); - fprintf (outfp, "END-RECORD\n"); - count++; - } - if (rc == -1) - rc = 0; - if (rc) - fprintf (outfp, "error reading `%s': %s\n", filename, - rc == KEYBOX_Read_Error? keybox_strerror(rc):strerror (errno)); - - if (fp != stdin) - fclose (fp); - return rc; -} diff --git a/kbx/keybox-file.c b/kbx/keybox-file.c deleted file mode 100644 index bbbf78e3c..000000000 --- a/kbx/keybox-file.c +++ /dev/null @@ -1,102 +0,0 @@ -/* keybox-file.c - file oeprations - * Copyright (C) 2001 Free Software Foundation, Inc. - * - * This file is part of GnuPG. - * - * GnuPG is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * GnuPG is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA - */ - -#include <config.h> -#include <stdlib.h> -#include <stdio.h> -#include <string.h> - -#include "keybox-defs.h" - -/* Read a block at the current postion and return it in r_blob. - r_blob may be NULL to simply skip the current block */ -int -_keybox_read_blob (KEYBOXBLOB *r_blob, FILE *fp) -{ - char *image; - size_t imagelen = 0; - int c1, c2, c3, c4, type; - int rc; - off_t off; - - again: - *r_blob = NULL; - off = ftello (fp); - if (off == (off_t)-1) - return KEYBOX_Read_Error; - - if ((c1 = getc (fp)) == EOF - || (c2 = getc (fp)) == EOF - || (c3 = getc (fp)) == EOF - || (c4 = getc (fp)) == EOF - || (type = getc (fp)) == EOF) - { - if ( c1 == EOF && !ferror (fp) ) - return -1; /* eof */ - return KEYBOX_Read_Error; - } - - imagelen = (c1 << 24) | (c2 << 16) | (c3 << 8 ) | c4; - if (imagelen > 500000) /* sanity check */ - return KEYBOX_Blob_Too_Large; - - if (imagelen < 5) - return KEYBOX_Blob_Too_Short; - - if (!type) - { - /* special treatment for empty blobs. */ - if (fseek (fp, imagelen-5, SEEK_CUR)) - return KEYBOX_Read_Error; - goto again; - } - - image = xtrymalloc (imagelen); - if (!image) - return KEYBOX_Out_Of_Core; - - image[0] = c1; image[1] = c2; image[2] = c3; image[3] = c4; image[4] = type; - if (fread (image+5, imagelen-5, 1, fp) != 1) - { - xfree (image); - return KEYBOX_Read_Error; - } - - rc = r_blob? _keybox_new_blob (r_blob, image, imagelen, off) : 0; - if (rc || !r_blob) - xfree (image); - return rc; -} - - -/* Write the block to the current file position */ -int -_keybox_write_blob (KEYBOXBLOB blob, FILE *fp) -{ - const char *image; - size_t length; - - image = _keybox_get_blob_image (blob, &length); - if (fwrite (image, length, 1, fp) != 1) - { - return KEYBOX_Write_Error; - } - return 0; -} diff --git a/kbx/keybox-init.c b/kbx/keybox-init.c deleted file mode 100644 index b1d279999..000000000 --- a/kbx/keybox-init.c +++ /dev/null @@ -1,127 +0,0 @@ -/* keybox-init.c - Initalization of the library - * Copyright (C) 2001 Free Software Foundation, Inc. - * - * This file is part of GnuPG. - * - * GnuPG is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * GnuPG is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA - */ - -#include <config.h> -#include <stdlib.h> -#include <stdio.h> -#include <string.h> -#include <unistd.h> -#include <assert.h> - -#include "keybox-defs.h" - -#define compare_filenames strcmp - -static KB_NAME kb_names; - - -/* - Register a filename for plain keybox files. Returns a pointer to be - used to create a handles etc or NULL to indicate that it has already - been registered */ -void * -keybox_register_file (const char *fname, int secret) -{ - KB_NAME kr; - - for (kr=kb_names; kr; kr = kr->next) - { - if ( !compare_filenames (kr->fname, fname) ) - return NULL; /* already registered */ - } - - kr = xtrymalloc (sizeof *kr + strlen (fname)); - if (!kr) - return NULL; - strcpy (kr->fname, fname); - kr->secret = !!secret; - /* kr->lockhd = NULL;*/ - kr->is_locked = 0; - kr->did_full_scan = 0; - /* keep a list of all issued pointers */ - kr->next = kb_names; - kb_names = kr; - - /* create the offset table the first time a function here is used */ -/* if (!kb_offtbl) */ -/* kb_offtbl = new_offset_hash_table (); */ - - return kr; -} - -int -keybox_is_writable (void *token) -{ - KB_NAME r = token; - - return r? !access (r->fname, W_OK) : 0; -} - - - -/* Create a new handle for the resource associated with TOKEN. SECRET - is just a cross-check. - - The returned handle must be released using keybox_release (). */ -KEYBOX_HANDLE -keybox_new (void *token, int secret) -{ - KEYBOX_HANDLE hd; - KB_NAME resource = token; - - assert (resource && !resource->secret == !secret); - hd = xtrycalloc (1, sizeof *hd); - if (hd) - { - hd->kb = resource; - hd->secret = !!secret; - } - return hd; -} - -void -keybox_release (KEYBOX_HANDLE hd) -{ - if (!hd) - return; - _keybox_release_blob (hd->found.blob); - xfree (hd->word_match.name); - xfree (hd->word_match.pattern); - xfree (hd); -} - - -const char * -keybox_get_resource_name (KEYBOX_HANDLE hd) -{ - if (!hd || !hd->kb) - return NULL; - return hd->kb->fname; -} - -int -keybox_set_ephemeral (KEYBOX_HANDLE hd, int yes) -{ - if (!hd) - return KEYBOX_Invalid_Handle; - hd->ephemeral = yes; - return 0; -} - diff --git a/kbx/keybox-search.c b/kbx/keybox-search.c deleted file mode 100644 index 126364f5b..000000000 --- a/kbx/keybox-search.c +++ /dev/null @@ -1,810 +0,0 @@ -/* keybox-search.c - Search operations - * Copyright (C) 2001, 2002 Free Software Foundation, Inc. - * - * This file is part of GnuPG. - * - * GnuPG is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * GnuPG is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA - */ - -#include <config.h> -#include <stdlib.h> -#include <stdio.h> -#include <string.h> -#include <assert.h> - -#include "../jnlib/stringhelp.h" /* ascii_xxxx() */ -#include "keybox-defs.h" - -#define xtoi_1(p) (*(p) <= '9'? (*(p)- '0'): \ - *(p) <= 'F'? (*(p)-'A'+10):(*(p)-'a'+10)) -#define xtoi_2(p) ((xtoi_1(p) * 16) + xtoi_1((p)+1)) - -struct sn_array_s { - int snlen; - unsigned char *sn; -}; - - - -static ulong -get32 (const byte *buffer) -{ - ulong a; - a = *buffer << 24; - a |= buffer[1] << 16; - a |= buffer[2] << 8; - a |= buffer[3]; - return a; -} - -static ulong -get16 (const byte *buffer) -{ - ulong a; - a = *buffer << 8; - a |= buffer[1]; - return a; -} - - - -static int -blob_get_type (KEYBOXBLOB blob) -{ - const unsigned char *buffer; - size_t length; - - buffer = _keybox_get_blob_image (blob, &length); - if (length < 40) - return -1; /* blob too short */ - - return buffer[4]; -} - -static unsigned int -blob_get_blob_flags (KEYBOXBLOB blob) -{ - const unsigned char *buffer; - size_t length; - - buffer = _keybox_get_blob_image (blob, &length); - if (length < 8) - return 0; /* oops */ - - return get16 (buffer + 6); -} - - -static int -blob_cmp_sn (KEYBOXBLOB blob, const unsigned char *sn, int snlen) -{ - const unsigned char *buffer; - size_t length; - size_t pos, off; - size_t nkeys, keyinfolen; - size_t nserial; - - buffer = _keybox_get_blob_image (blob, &length); - if (length < 40) - return 0; /* blob too short */ - - /*keys*/ - nkeys = get16 (buffer + 16); - keyinfolen = get16 (buffer + 18 ); - if (keyinfolen < 28) - return 0; /* invalid blob */ - pos = 20 + keyinfolen*nkeys; - if (pos+2 > length) - return 0; /* out of bounds */ - - /*serial*/ - nserial = get16 (buffer+pos); - off = pos + 2; - if (off+nserial > length) - return 0; /* out of bounds */ - - return nserial == snlen && !memcmp (buffer+off, sn, snlen); -} - - -static int -blob_cmp_fpr (KEYBOXBLOB blob, const unsigned char *fpr) -{ - const unsigned char *buffer; - size_t length; - size_t pos, off; - size_t nkeys, keyinfolen; - int idx; - - buffer = _keybox_get_blob_image (blob, &length); - if (length < 40) - return 0; /* blob too short */ - - /*keys*/ - nkeys = get16 (buffer + 16); - keyinfolen = get16 (buffer + 18 ); - if (keyinfolen < 28) - return 0; /* invalid blob */ - pos = 20; - if (pos + keyinfolen*nkeys > length) - return 0; /* out of bounds */ - - for (idx=0; idx < nkeys; idx++) - { - off = pos + idx*keyinfolen; - if (!memcmp (buffer + off, fpr, 20)) - return 1; /* found */ - } - return 0; /* not found */ -} - -static int -blob_cmp_fpr_part (KEYBOXBLOB blob, const unsigned char *fpr, - int fproff, int fprlen) -{ - const unsigned char *buffer; - size_t length; - size_t pos, off; - size_t nkeys, keyinfolen; - int idx; - - buffer = _keybox_get_blob_image (blob, &length); - if (length < 40) - return 0; /* blob too short */ - - /*keys*/ - nkeys = get16 (buffer + 16); - keyinfolen = get16 (buffer + 18 ); - if (keyinfolen < 28) - return 0; /* invalid blob */ - pos = 20; - if (pos + keyinfolen*nkeys > length) - return 0; /* out of bounds */ - - for (idx=0; idx < nkeys; idx++) - { - off = pos + idx*keyinfolen; - if (!memcmp (buffer + off + fproff, fpr, fprlen)) - return 1; /* found */ - } - return 0; /* not found */ -} - - -static int -blob_cmp_name (KEYBOXBLOB blob, int idx, - const char *name, size_t namelen, int substr) -{ - const unsigned char *buffer; - size_t length; - size_t pos, off, len; - size_t nkeys, keyinfolen; - size_t nuids, uidinfolen; - size_t nserial; - - buffer = _keybox_get_blob_image (blob, &length); - if (length < 40) - return 0; /* blob too short */ - - /*keys*/ - nkeys = get16 (buffer + 16); - keyinfolen = get16 (buffer + 18 ); - if (keyinfolen < 28) - return 0; /* invalid blob */ - pos = 20 + keyinfolen*nkeys; - if (pos+2 > length) - return 0; /* out of bounds */ - - /*serial*/ - nserial = get16 (buffer+pos); - pos += 2 + nserial; - if (pos+4 > length) - return 0; /* out of bounds */ - - /* user ids*/ - nuids = get16 (buffer + pos); pos += 2; - uidinfolen = get16 (buffer + pos); pos += 2; - if (uidinfolen < 12 /* should add a: || nuidinfolen > MAX_UIDINFOLEN */) - return 0; /* invalid blob */ - if (pos + uidinfolen*nuids > length) - return 0; /* out of bounds */ - - if (idx < 0) - { /* compare all names starting with that (negated) index */ - idx = -idx; - - for ( ;idx < nuids; idx++) - { - size_t mypos = pos; - - mypos += idx*uidinfolen; - off = get32 (buffer+mypos); - len = get32 (buffer+mypos+4); - if (off+len > length) - return 0; /* error: better stop here out of bounds */ - if (len < 2) - continue; /* empty name or 0 not stored */ - len--; - if (substr) - { - if (ascii_memcasemem (buffer+off, len, name, namelen)) - return 1; /* found */ - } - else - { - if (len == namelen && !memcmp (buffer+off, name, len)) - return 1; /* found */ - } - } - return 0; /* not found */ - } - else - { - if (idx > nuids) - return 0; /* no user ID with that idx */ - pos += idx*uidinfolen; - off = get32 (buffer+pos); - len = get32 (buffer+pos+4); - if (off+len > length) - return 0; /* out of bounds */ - if (len < 1) - return 0; /* empty name */ - - if (substr) - { - return !!ascii_memcasemem (buffer+off, len, name, namelen); - } - else - { - return len == namelen && !memcmp (buffer+off, name, len); - } - } -} - - -/* compare all email addresses of the subject. With SUBSTR given as - True a substring search is done in the mail address */ -static int -blob_cmp_mail (KEYBOXBLOB blob, const char *name, size_t namelen, int substr) -{ - const unsigned char *buffer; - size_t length; - size_t pos, off, len; - size_t nkeys, keyinfolen; - size_t nuids, uidinfolen; - size_t nserial; - int idx; - - /* fixme: this code is common to blob_cmp_mail */ - buffer = _keybox_get_blob_image (blob, &length); - if (length < 40) - return 0; /* blob too short */ - - /*keys*/ - nkeys = get16 (buffer + 16); - keyinfolen = get16 (buffer + 18 ); - if (keyinfolen < 28) - return 0; /* invalid blob */ - pos = 20 + keyinfolen*nkeys; - if (pos+2 > length) - return 0; /* out of bounds */ - - /*serial*/ - nserial = get16 (buffer+pos); - pos += 2 + nserial; - if (pos+4 > length) - return 0; /* out of bounds */ - - /* user ids*/ - nuids = get16 (buffer + pos); pos += 2; - uidinfolen = get16 (buffer + pos); pos += 2; - if (uidinfolen < 12 /* should add a: || nuidinfolen > MAX_UIDINFOLEN */) - return 0; /* invalid blob */ - if (pos + uidinfolen*nuids > length) - return 0; /* out of bounds */ - - if (namelen < 1) - return 0; - - for (idx=1 ;idx < nuids; idx++) - { - size_t mypos = pos; - - mypos += idx*uidinfolen; - off = get32 (buffer+mypos); - len = get32 (buffer+mypos+4); - if (off+len > length) - return 0; /* error: better stop here out of bounds */ - if (len < 2 || buffer[off] != '<') - continue; /* empty name or trailing 0 not stored */ - len--; /* one back */ - if ( len < 3 || buffer[off+len] != '>') - continue; /* not a proper email address */ - len--; - if (substr) - { - if (ascii_memcasemem (buffer+off+1, len, name, namelen)) - return 1; /* found */ - } - else - { - if (len == namelen && !ascii_memcasecmp (buffer+off+1, name, len)) - return 1; /* found */ - } - } - return 0; /* not found */ -} - - - - -/* - The has_foo functions are used as helpers for search -*/ -static int -has_short_kid (KEYBOXBLOB blob, const unsigned char *kid) -{ - return blob_cmp_fpr_part (blob, kid+4, 16, 4); -} - -static int -has_long_kid (KEYBOXBLOB blob, const unsigned char *kid) -{ - return blob_cmp_fpr_part (blob, kid, 12, 8); -} - -static int -has_fingerprint (KEYBOXBLOB blob, const unsigned char *fpr) -{ - return blob_cmp_fpr (blob, fpr); -} - - -static int -has_issuer (KEYBOXBLOB blob, const char *name) -{ - size_t namelen; - - return_val_if_fail (name, 0); - - if (blob_get_type (blob) != BLOBTYPE_X509) - return 0; - - namelen = strlen (name); - return blob_cmp_name (blob, 0 /* issuer */, name, namelen, 0); -} - -static int -has_issuer_sn (KEYBOXBLOB blob, const char *name, - const unsigned char *sn, int snlen) -{ - size_t namelen; - - return_val_if_fail (name, 0); - return_val_if_fail (sn, 0); - - if (blob_get_type (blob) != BLOBTYPE_X509) - return 0; - - namelen = strlen (name); - - return (blob_cmp_sn (blob, sn, snlen) - && blob_cmp_name (blob, 0 /* issuer */, name, namelen, 0)); -} - -static int -has_sn (KEYBOXBLOB blob, const unsigned char *sn, int snlen) -{ - return_val_if_fail (sn, 0); - - if (blob_get_type (blob) != BLOBTYPE_X509) - return 0; - return blob_cmp_sn (blob, sn, snlen); -} - -static int -has_subject (KEYBOXBLOB blob, const char *name) -{ - size_t namelen; - - return_val_if_fail (name, 0); - - if (blob_get_type (blob) != BLOBTYPE_X509) - return 0; - - namelen = strlen (name); - return blob_cmp_name (blob, 1 /* subject */, name, namelen, 0); -} - -static int -has_subject_or_alt (KEYBOXBLOB blob, const char *name, int substr) -{ - size_t namelen; - - return_val_if_fail (name, 0); - - if (blob_get_type (blob) != BLOBTYPE_X509) - return 0; - - namelen = strlen (name); - return blob_cmp_name (blob, -1 /* all subject names*/, name, - namelen, substr); -} - - -static int -has_mail (KEYBOXBLOB blob, const char *name, int substr) -{ - size_t namelen; - - return_val_if_fail (name, 0); - - if (blob_get_type (blob) != BLOBTYPE_X509) - return 0; - - namelen = strlen (name); - if (namelen && name[namelen-1] == '>') - namelen--; - return blob_cmp_mail (blob, name, namelen, substr); -} - - -static void -release_sn_array (struct sn_array_s *array, size_t size) -{ - size_t n; - - for (n=0; n < size; n++) - xfree (array[n].sn); - xfree (array); -} - - -/* - - The search API - -*/ - -int -keybox_search_reset (KEYBOX_HANDLE hd) -{ - if (!hd) - return KEYBOX_Invalid_Value; - - if (hd->found.blob) - { - _keybox_release_blob (hd->found.blob); - hd->found.blob = NULL; - } - - if (hd->fp) - { - fclose (hd->fp); - hd->fp = NULL; - } - hd->error = 0; - hd->eof = 0; - return 0; -} - - -/* Note: When in ephemeral mode the search function does visit all - blobs but in standard mode, blobs flagged as ephemeral are ignored. */ -int -keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc) -{ - int rc; - size_t n; - int need_words, any_skip; - KEYBOXBLOB blob = NULL; - struct sn_array_s *sn_array = NULL; - - if (!hd) - return KEYBOX_Invalid_Value; - - /* clear last found result */ - if (hd->found.blob) - { - _keybox_release_blob (hd->found.blob); - hd->found.blob = NULL; - } - - if (hd->error) - return hd->error; /* still in error state */ - if (hd->eof) - return -1; /* still EOF */ - - /* figure out what information we need */ - need_words = any_skip = 0; - for (n=0; n < ndesc; n++) - { - switch (desc[n].mode) - { - case KEYDB_SEARCH_MODE_WORDS: - need_words = 1; - break; - case KEYDB_SEARCH_MODE_FIRST: - /* always restart the search in this mode */ - keybox_search_reset (hd); - break; - default: - break; - } - if (desc[n].skipfnc) - any_skip = 1; - if (desc[n].snlen == -1 && !sn_array) - { - sn_array = xtrycalloc (ndesc, sizeof *sn_array); - if (!sn_array) - return (hd->error = KEYBOX_Out_Of_Core); - } - } - - if (!hd->fp) - { - hd->fp = fopen (hd->kb->fname, "rb"); - if (!hd->fp) - { - xfree (sn_array); - return (hd->error = KEYBOX_File_Open_Error); - } - } - - /* kludge: we need to convert an SN given as hexstring to it's - binary representation - in some cases we are not able to store it - in the search descriptor, because due to its usgae it is not - possible to free allocated memory */ - if (sn_array) - { - const unsigned char *s; - int i, odd; - size_t snlen; - - for (n=0; n < ndesc; n++) - { - if (!desc[n].sn) - ; - else if (desc[n].snlen == -1) - { - unsigned char *sn; - - s = desc[n].sn; - for (i=0; *s && *s != '/'; s++, i++) - ; - odd = (i & 1); - snlen = (i+1)/2; - sn_array[n].sn = xtrymalloc (snlen); - if (!sn_array[n].sn) - { - release_sn_array (sn_array, n); - return (hd->error = KEYBOX_Out_Of_Core); - } - sn_array[n].snlen = snlen; - sn = sn_array[n].sn; - s = desc[n].sn; - if (odd) - { - *sn++ = xtoi_1 (s); - s++; - } - for (; *s && *s != '/'; s += 2) - *sn++ = xtoi_2 (s); - } - else - { - const unsigned char *sn; - - sn = desc[n].sn; - snlen = desc[n].snlen; - sn_array[n].sn = xtrymalloc (snlen); - if (!sn_array[n].sn) - { - release_sn_array (sn_array, n); - return (hd->error = KEYBOX_Out_Of_Core); - } - sn_array[n].snlen = snlen; - memcpy (sn_array[n].sn, sn, snlen); - } - } - } - - - for (;;) - { - unsigned int blobflags; - - _keybox_release_blob (blob); blob = NULL; - rc = _keybox_read_blob (&blob, hd->fp); - if (rc) - break; - - blobflags = blob_get_blob_flags (blob); - if (!hd->ephemeral && (blobflags & 2)) - continue; /* not in ephemeral mode but blob is flagged ephemeral */ - - for (n=0; n < ndesc; n++) - { - switch (desc[n].mode) - { - case KEYDB_SEARCH_MODE_NONE: - never_reached (); - break; - case KEYDB_SEARCH_MODE_EXACT: - if (has_subject_or_alt (blob, desc[n].u.name, 0)) - goto found; - break; - case KEYDB_SEARCH_MODE_MAIL: - if (has_mail (blob, desc[n].u.name, 0)) - goto found; - break; - case KEYDB_SEARCH_MODE_MAILSUB: - if (has_mail (blob, desc[n].u.name, 1)) - goto found; - break; - case KEYDB_SEARCH_MODE_SUBSTR: - if (has_subject_or_alt (blob, desc[n].u.name, 1)) - goto found; - break; - case KEYDB_SEARCH_MODE_MAILEND: - case KEYDB_SEARCH_MODE_WORDS: - never_reached (); /* not yet implemented */ - break; - case KEYDB_SEARCH_MODE_ISSUER: - if (has_issuer (blob, desc[n].u.name)) - goto found; - break; - case KEYDB_SEARCH_MODE_ISSUER_SN: - if (has_issuer_sn (blob, desc[n].u.name, - sn_array? sn_array[n].sn : desc[n].sn, - sn_array? sn_array[n].snlen : desc[n].snlen)) - goto found; - break; - case KEYDB_SEARCH_MODE_SN: - if (has_sn (blob, sn_array? sn_array[n].sn : desc[n].sn, - sn_array? sn_array[n].snlen : desc[n].snlen)) - goto found; - break; - case KEYDB_SEARCH_MODE_SUBJECT: - if (has_subject (blob, desc[n].u.name)) - goto found; - break; - case KEYDB_SEARCH_MODE_SHORT_KID: - if (has_short_kid (blob, desc[n].u.kid)) - goto found; - break; - case KEYDB_SEARCH_MODE_LONG_KID: - if (has_long_kid (blob, desc[n].u.kid)) - goto found; - break; - case KEYDB_SEARCH_MODE_FPR: - case KEYDB_SEARCH_MODE_FPR20: - if (has_fingerprint (blob, desc[n].u.fpr)) - goto found; - break; - case KEYDB_SEARCH_MODE_FIRST: - goto found; - break; - case KEYDB_SEARCH_MODE_NEXT: - goto found; - break; - default: - rc = KEYBOX_Invalid_Value; - goto found; - } - } - continue; - found: - for (n=any_skip?0:ndesc; n < ndesc; n++) - { -/* if (desc[n].skipfnc */ -/* && desc[n].skipfnc (desc[n].skipfncvalue, aki)) */ -/* break; */ - } - if (n == ndesc) - break; /* got it */ - } - - if (!rc) - { - hd->found.blob = blob; - } - else if (rc == -1) - { - _keybox_release_blob (blob); - hd->eof = 1; - } - else - { - _keybox_release_blob (blob); - hd->error = rc; - } - - if (sn_array) - release_sn_array (sn_array, ndesc); - - return rc; -} - - - - -/* - Functions to return a certificate or a keyblock. To be used after - a successful search operation. -*/ -#ifdef KEYBOX_WITH_X509 -/* - Return the last found cert. Caller must free it. - */ -int -keybox_get_cert (KEYBOX_HANDLE hd, KsbaCert *r_cert) -{ - const unsigned char *buffer; - size_t length; - size_t cert_off, cert_len; - KsbaReader reader = NULL; - KsbaCert cert = NULL; - int rc; - - if (!hd) - return KEYBOX_Invalid_Value; - if (!hd->found.blob) - return KEYBOX_Nothing_Found; - - if (blob_get_type (hd->found.blob) != BLOBTYPE_X509) - return KEYBOX_Wrong_Blob_Type; - - buffer = _keybox_get_blob_image (hd->found.blob, &length); - if (length < 40) - return KEYBOX_Blob_Too_Short; - cert_off = get32 (buffer+8); - cert_len = get32 (buffer+12); - if (cert_off+cert_len > length) - return KEYBOX_Blob_Too_Short; - - reader = ksba_reader_new (); - if (!reader) - return KEYBOX_Out_Of_Core; - rc = ksba_reader_set_mem (reader, buffer+cert_off, cert_len); - if (rc) - { - ksba_reader_release (reader); - /* fixme: need to map the error codes */ - return KEYBOX_General_Error; - } - - cert = ksba_cert_new (); - if (!cert) - { - ksba_reader_release (reader); - return KEYBOX_Out_Of_Core; - } - - rc = ksba_cert_read_der (cert, reader); - if (rc) - { - ksba_cert_release (cert); - ksba_reader_release (reader); - /* fixme: need to map the error codes */ - return KEYBOX_General_Error; - } - - *r_cert = cert; - ksba_reader_release (reader); - return 0; -} - -#endif /*KEYBOX_WITH_X509*/ diff --git a/kbx/keybox-update.c b/kbx/keybox-update.c deleted file mode 100644 index 8b189bbed..000000000 --- a/kbx/keybox-update.c +++ /dev/null @@ -1,433 +0,0 @@ -/* keybox-update.c - keybox update operations - * Copyright (C) 2001 Free Software Foundation, Inc. - * - * This file is part of GnuPG. - * - * GnuPG is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * GnuPG is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA - */ - -#include <config.h> -#include <stdlib.h> -#include <stdio.h> -#include <string.h> -#include <errno.h> -#include <unistd.h> - -#include "keybox-defs.h" - -#define EXTSEP_S "." - - -static int -create_tmp_file (const char *template, - char **r_bakfname, char **r_tmpfname, FILE **r_fp) -{ - char *bakfname, *tmpfname; - - *r_bakfname = NULL; - *r_tmpfname = NULL; - -# ifdef USE_ONLY_8DOT3 - /* Here is another Windoze bug?: - * you cant rename("pubring.kbx.tmp", "pubring.kbx"); - * but rename("pubring.kbx.tmp", "pubring.aaa"); - * works. So we replace .kbx by .bak or .tmp - */ - if (strlen (template) > 4 - && !strcmp (template+strlen(template)-4, EXTSEP_S "kbx") ) - { - bakfname = xtrymalloc (strlen (template) + 1); - if (!bakfname) - return KEYBOX_Out_Of_Core; - strcpy (bakfname, template); - strcpy (bakfname+strlen(template)-4, EXTSEP_S "bak"); - - tmpfname = xtrymalloc (strlen (template) + 1); - if (!tmpfname) - { - xfree (bakfname); - return KEYBOX_Out_Of_Core; - } - strcpy (tmpfname,template); - strcpy (tmpfname + strlen (template)-4, EXTSEP_S "tmp"); - } - else - { /* file does not end with kbx; hmmm */ - bakfname = xtrymalloc ( strlen (template) + 5); - if (!bakfname) - return KEYBOX_Out_Of_Core; - strcpy (stpcpy (bakfname, template), EXTSEP_S "bak"); - - tmpfname = xtrymalloc ( strlen (template) + 5); - if (!tmpfname) - { - xfree (bakfname); - return KEYBOX_Out_Of_Core; - } - strcpy (stpcpy (tmpfname, template), EXTSEP_S "tmp"); - } -# else /* Posix file names */ - bakfname = xtrymalloc (strlen (template) + 2); - if (!bakfname) - return KEYBOX_Out_Of_Core; - strcpy (stpcpy (bakfname,template),"~"); - - tmpfname = xtrymalloc ( strlen (template) + 5); - if (!tmpfname) - { - xfree (bakfname); - return KEYBOX_Out_Of_Core; - } - strcpy (stpcpy (tmpfname,template), EXTSEP_S "tmp"); -# endif /* Posix filename */ - - *r_fp = fopen (tmpfname, "wb"); - if (!*r_fp) - { - xfree (tmpfname); - xfree (bakfname); - return KEYBOX_File_Create_Error; - } - - *r_bakfname = bakfname; - *r_tmpfname = tmpfname; - return 0; -} - - -static int -rename_tmp_file (const char *bakfname, const char *tmpfname, - const char *fname, int secret ) -{ - int rc=0; - - /* restrict the permissions for secret keyboxs */ -#ifndef HAVE_DOSISH_SYSTEM -/* if (secret && !opt.preserve_permissions) */ -/* { */ -/* if (chmod (tmpfname, S_IRUSR | S_IWUSR) ) */ -/* { */ -/* log_debug ("chmod of `%s' failed: %s\n", */ -/* tmpfname, strerror(errno) ); */ -/* return KEYBOX_Write_File; */ -/* } */ -/* } */ -#endif - - /* fixme: invalidate close caches (not used with stdio)*/ -/* iobuf_ioctl (NULL, 2, 0, (char*)tmpfname ); */ -/* iobuf_ioctl (NULL, 2, 0, (char*)bakfname ); */ -/* iobuf_ioctl (NULL, 2, 0, (char*)fname ); */ - - /* first make a backup file except for secret keyboxs */ - if (!secret) - { -#if defined(HAVE_DOSISH_SYSTEM) || defined(__riscos__) - remove (bakfname); -#endif - if (rename (fname, bakfname) ) - { - return KEYBOX_File_Error; - } - } - - /* then rename the file */ -#if defined(HAVE_DOSISH_SYSTEM) || defined(__riscos__) - remove (fname); -#endif - if (rename (tmpfname, fname) ) - { - rc = KEYBOX_File_Error; - if (secret) - { -/* log_info ("WARNING: 2 files with confidential" */ -/* " information exists.\n"); */ -/* log_info ("%s is the unchanged one\n", fname ); */ -/* log_info ("%s is the new one\n", tmpfname ); */ -/* log_info ("Please fix this possible security flaw\n"); */ - } - return rc; - } - - return 0; -} - - - -/* Perform insert/delete/update operation. - mode 1 = insert - 2 = delete - 3 = update -*/ -static int -blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob, - int secret, off_t start_offset, unsigned int n_packets ) -{ - FILE *fp, *newfp; - int rc=0; - char *bakfname = NULL; - char *tmpfname = NULL; - char buffer[4096]; - int nread, nbytes; - - /* Open the source file. Because we do a rename, we have to check the - permissions of the file */ - if (access (fname, W_OK)) - return KEYBOX_Write_Error; - - fp = fopen (fname, "rb"); - if (mode == 1 && !fp && errno == ENOENT) - { /* insert mode but file does not exist: create a new keybox file */ - newfp = fopen (fname, "wb"); - if (!newfp ) - { - return KEYBOX_File_Create_Error; - } - - rc = _keybox_write_blob (blob, newfp); - if (rc) - { - return rc; - } - if ( fclose (newfp) ) - { - return KEYBOX_File_Create_Error; - } - -/* if (chmod( fname, S_IRUSR | S_IWUSR )) */ -/* { */ -/* log_debug ("%s: chmod failed: %s\n", fname, strerror(errno) ); */ -/* return KEYBOX_File_Error; */ -/* } */ - return 0; /* ready */ - } - - if (!fp) - { - rc = KEYBOX_File_Open_Error; - goto leave; - } - - /* create the new file */ - rc = create_tmp_file (fname, &bakfname, &tmpfname, &newfp); - if (rc) - { - fclose(fp); - goto leave; - } - - /* prepare for insert */ - if (mode == 1) - { - /* copy everything to the new file */ - while ( (nread = fread (buffer, 1, DIM(buffer), fp)) > 0 ) - { - if (fwrite (buffer, nread, 1, newfp) != 1) - { - rc = KEYBOX_Write_Error; - goto leave; - } - } - if (ferror (fp)) - { - rc = KEYBOX_Read_Error; - goto leave; - } - } - - /* prepare for delete or update */ - if ( mode == 2 || mode == 3 ) - { - off_t current = 0; - - /* copy first part to the new file */ - while ( current < start_offset ) - { - nbytes = DIM(buffer); - if (current + nbytes > start_offset) - nbytes = start_offset - current; - nread = fread (buffer, 1, nbytes, fp); - if (!fread) - break; - current += nread; - - if (fwrite (buffer, nread, 1, newfp) != 1) - { - rc = KEYBOX_Write_Error; - goto leave; - } - } - if (ferror (fp)) - { - rc = KEYBOX_Read_Error; - goto leave; - } - - /* skip this blob */ - rc = _keybox_read_blob (NULL, fp); - if (rc) - return rc; - } - - /* Do an insert or update */ - if ( mode == 1 || mode == 3 ) - { - rc = _keybox_write_blob (blob, newfp); - if (rc) - return rc; - } - - /* copy the rest of the packet for an delete or update */ - if (mode == 2 || mode == 3) - { - while ( (nread = fread (buffer, 1, DIM(buffer), fp)) > 0 ) - { - if (fwrite (buffer, nread, 1, newfp) != 1) - { - rc = KEYBOX_Write_Error; - goto leave; - } - } - if (ferror (fp)) - { - rc = KEYBOX_Read_Error; - goto leave; - } - } - - /* close both files */ - if (fclose(fp)) - { - rc = KEYBOX_File_Close_Error; - fclose (newfp); - goto leave; - } - if (fclose(newfp)) - { - rc = KEYBOX_File_Close_Error; - goto leave; - } - - rc = rename_tmp_file (bakfname, tmpfname, fname, secret); - - leave: - xfree(bakfname); - xfree(tmpfname); - return rc; -} - - - - -#ifdef KEYBOX_WITH_X509 -int -keybox_insert_cert (KEYBOX_HANDLE hd, KsbaCert cert, - unsigned char *sha1_digest) -{ - int rc; - const char *fname; - KEYBOXBLOB blob; - - if (!hd) - return KEYBOX_Invalid_Handle; - if (!hd->kb) - return KEYBOX_Invalid_Handle; - fname = hd->kb->fname; - if (!fname) - return KEYBOX_Invalid_Handle; - - /* close this one otherwise we will mess up the position for a next - search. Fixme: it would be better to adjust the position after - the write opertions. */ - if (hd->fp) - { - fclose (hd->fp); - hd->fp = NULL; - } - - rc = _keybox_create_x509_blob (&blob, cert, sha1_digest, hd->ephemeral); - if (!rc) - { - rc = blob_filecopy (1, fname, blob, hd->secret, 0, 0 ); - _keybox_release_blob (blob); - /* if (!rc && !hd->secret && kb_offtbl) */ - /* { */ - /* update_offset_hash_table_from_kb (kb_offtbl, kb, 0); */ - /* } */ - } - return rc; -} - -int -keybox_update_cert (KEYBOX_HANDLE hd, KsbaCert cert, - unsigned char *sha1_digest) -{ - return -1; -} - - -#endif /*KEYBOX_WITH_X509*/ - - -int -keybox_delete (KEYBOX_HANDLE hd) -{ - off_t off; - const char *fname; - FILE *fp; - int rc; - - if (!hd) - return KEYBOX_Invalid_Value; - if (!hd->found.blob) - return KEYBOX_Nothing_Found; - if (!hd->kb) - return KEYBOX_Invalid_Handle; - fname = hd->kb->fname; - if (!fname) - return KEYBOX_Invalid_Handle; - - off = _keybox_get_blob_fileoffset (hd->found.blob); - if (off == (off_t)-1) - return KEYBOX_General_Error; - off += 4; - - if (hd->fp) - { - fclose (hd->fp); - hd->fp = NULL; - } - - fp = fopen (hd->kb->fname, "r+b"); - if (!fp) - return KEYBOX_File_Open_Error; - - if (fseeko (fp, off, SEEK_SET)) - rc = KEYBOX_Write_Error; - else if (putc (0, fp) == EOF) - rc = KEYBOX_Write_Error; - else - rc = 0; - - if (fclose (fp)) - { - if (!rc) - rc = KEYBOX_File_Close_Error; - } - - return rc; -} - - diff --git a/kbx/keybox.h b/kbx/keybox.h deleted file mode 100644 index a763ec837..000000000 --- a/kbx/keybox.h +++ /dev/null @@ -1,125 +0,0 @@ -/* keybox.h - Keybox operations - * Copyright (C) 2001 Free Software Foundation, Inc. - * - * This file is part of GnuPG. - * - * GnuPG is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * GnuPG is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA - */ - -#ifndef KEYBOX_H -#define KEYBOX_H 1 -#ifdef __cplusplus -extern "C" { -#if 0 - } -#endif -#endif - -#include "keybox-search-desc.h" - -#define KEYBOX_WITH_OPENPGP 1 -#define KEYBOX_WITH_X509 1 - - -#ifdef KEYBOX_WITH_OPENPGP -# undef KEYBOX_WITH_OPENPGP -/*#include <lib-to-handle-gpg-data-structs.h>*/ -#endif - -#ifdef KEYBOX_WITH_X509 -# include <ksba.h> -#endif - - -typedef enum { - KEYBOX_No_Error = 0, - KEYBOX_General_Error = 1, - KEYBOX_Out_Of_Core = 2, - KEYBOX_Invalid_Value = 3, - KEYBOX_Timeout = 4, - KEYBOX_Read_Error = 5, - KEYBOX_Write_Error = 6, - KEYBOX_File_Error = 7, - KEYBOX_Blob_Too_Short = 8, - KEYBOX_Blob_Too_Large = 9, - KEYBOX_Invalid_Handle = 10, - KEYBOX_File_Create_Error = 11, - KEYBOX_File_Open_Error = 12, - KEYBOX_File_Close_Error = 13, - KEYBOX_Nothing_Found = 14, - KEYBOX_Wrong_Blob_Type = 15, - KEYBOX_Missing_Value = 16, -} KeyboxError; - - - -typedef struct keybox_handle *KEYBOX_HANDLE; - - -/*-- keybox-init.c --*/ -void *keybox_register_file (const char *fname, int secret); -int keybox_is_writable (void *token); - -KEYBOX_HANDLE keybox_new (void *token, int secret); -void keybox_release (KEYBOX_HANDLE hd); -const char *keybox_get_resource_name (KEYBOX_HANDLE hd); -int keybox_set_ephemeral (KEYBOX_HANDLE hd, int yes); - - -/*-- keybox-search.c --*/ -#ifdef KEYBOX_WITH_X509 -int keybox_get_cert (KEYBOX_HANDLE hd, KsbaCert *ret_cert); -#endif /*KEYBOX_WITH_X509*/ - -int keybox_search_reset (KEYBOX_HANDLE hd); -int keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc); - - -/*-- keybox-update.c --*/ -#ifdef KEYBOX_WITH_X509 -int keybox_insert_cert (KEYBOX_HANDLE hd, KsbaCert cert, - unsigned char *sha1_digest); -int keybox_update_cert (KEYBOX_HANDLE hd, KsbaCert cert, - unsigned char *sha1_digest); -#endif /*KEYBOX_WITH_X509*/ - -int keybox_delete (KEYBOX_HANDLE hd); - - -/*-- --*/ - -#if 0 -int keybox_lock (KEYBOX_HANDLE hd, int yes); -int keybox_get_keyblock (KEYBOX_HANDLE hd, KBNODE *ret_kb); -int keybox_locate_writable (KEYBOX_HANDLE hd); -int keybox_search_reset (KEYBOX_HANDLE hd); -int keybox_search (KEYBOX_HANDLE hd, KEYDB_SEARCH_DESC *desc, size_t ndesc); -int keybox_rebuild_cache (void *); -#endif - - -/*-- keybox-util.c --*/ -void keybox_set_malloc_hooks ( void *(*new_alloc_func)(size_t n), - void *(*new_realloc_func)(void *p, size_t n), - void (*new_free_func)(void*) ); - -/*-- keybox-errors.c (built) --*/ -const char *keybox_strerror (KeyboxError err); - - -#ifdef __cplusplus -} -#endif -#endif /*KEYBOX_H*/ |