1 /* misc.c - miscellaneous functions
2 * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
3 * 2008, 2009, 2010 Free Software Foundation, Inc.
4 * Copyright (C) 2014 Werner Koch
6 * This file is part of GnuPG.
8 * GnuPG is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
13 * GnuPG is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, see <https://www.gnu.org/licenses/>.
28 #if defined(__linux__) && defined(__alpha__) && __GLIBC__ < 2
29 #include <asm/sysinfo.h>
30 #include <asm/unistd.h>
35 #include <sys/resource.h>
37 #ifdef ENABLE_SELINUX_HACKS
41 #ifdef HAVE_W32_SYSTEM
44 #ifdef HAVE_WINSOCK2_H
45 # include <winsock2.h>
50 #define CSIDL_APPDATA 0x001a
52 #ifndef CSIDL_LOCAL_APPDATA
53 #define CSIDL_LOCAL_APPDATA 0x001c
55 #ifndef CSIDL_FLAG_CREATE
56 #define CSIDL_FLAG_CREATE 0x8000
58 #endif /*HAVE_W32_SYSTEM*/
61 #ifdef HAVE_W32_SYSTEM
63 #endif /*HAVE_W32_SYSTEM*/
68 #include "call-agent.h"
73 #ifdef ENABLE_SELINUX_HACKS
74 /* A object and a global variable to keep track of files marked as
76 struct secured_file_item
78 struct secured_file_item *next;
82 static struct secured_file_item *secured_files;
83 #endif /*ENABLE_SELINUX_HACKS*/
88 /* For the sake of SELinux we want to restrict access through gpg to
89 certain files we keep under our own control. This function
90 registers such a file and is_secured_file may then be used to
91 check whether a file has ben registered as secured. */
93 register_secured_file (const char *fname)
95 #ifdef ENABLE_SELINUX_HACKS
97 struct secured_file_item *sf;
99 /* Note that we stop immediately if something goes wrong here. */
100 if (stat (fname, &buf))
101 log_fatal (_("fstat of '%s' failed in %s: %s\n"), fname,
102 "register_secured_file", strerror (errno));
103 /* log_debug ("registering '%s' i=%lu.%lu\n", fname, */
104 /* (unsigned long)buf.st_dev, (unsigned long)buf.st_ino); */
105 for (sf=secured_files; sf; sf = sf->next)
107 if (sf->ino == buf.st_ino && sf->dev == buf.st_dev)
108 return; /* Already registered. */
111 sf = xmalloc (sizeof *sf);
112 sf->ino = buf.st_ino;
113 sf->dev = buf.st_dev;
114 sf->next = secured_files;
116 #else /*!ENABLE_SELINUX_HACKS*/
118 #endif /*!ENABLE_SELINUX_HACKS*/
121 /* Remove a file registered as secure. */
123 unregister_secured_file (const char *fname)
125 #ifdef ENABLE_SELINUX_HACKS
127 struct secured_file_item *sf, *sfprev;
129 if (stat (fname, &buf))
131 log_error (_("fstat of '%s' failed in %s: %s\n"), fname,
132 "unregister_secured_file", strerror (errno));
135 /* log_debug ("unregistering '%s' i=%lu.%lu\n", fname, */
136 /* (unsigned long)buf.st_dev, (unsigned long)buf.st_ino); */
137 for (sfprev=NULL,sf=secured_files; sf; sfprev=sf, sf = sf->next)
139 if (sf->ino == buf.st_ino && sf->dev == buf.st_dev)
142 sfprev->next = sf->next;
144 secured_files = sf->next;
149 #else /*!ENABLE_SELINUX_HACKS*/
151 #endif /*!ENABLE_SELINUX_HACKS*/
154 /* Return true if FD is corresponds to a secured file. Using -1 for
155 FS is allowed and will return false. */
157 is_secured_file (int fd)
159 #ifdef ENABLE_SELINUX_HACKS
161 struct secured_file_item *sf;
164 return 0; /* No file descriptor so it can't be secured either. */
166 /* Note that we print out a error here and claim that a file is
167 secure if something went wrong. */
168 if (fstat (fd, &buf))
170 log_error (_("fstat(%d) failed in %s: %s\n"), fd,
171 "is_secured_file", strerror (errno));
174 /* log_debug ("is_secured_file (%d) i=%lu.%lu\n", fd, */
175 /* (unsigned long)buf.st_dev, (unsigned long)buf.st_ino); */
176 for (sf=secured_files; sf; sf = sf->next)
178 if (sf->ino == buf.st_ino && sf->dev == buf.st_dev)
181 #else /*!ENABLE_SELINUX_HACKS*/
183 #endif /*!ENABLE_SELINUX_HACKS*/
187 /* Return true if FNAME is corresponds to a secured file. Using NULL,
188 "" or "-" for FS is allowed and will return false. This function is
189 used before creating a file, thus it won't fail if the file does
192 is_secured_filename (const char *fname)
194 #ifdef ENABLE_SELINUX_HACKS
196 struct secured_file_item *sf;
198 if (iobuf_is_pipe_filename (fname) || !*fname)
201 /* Note that we print out a error here and claim that a file is
202 secure if something went wrong. */
203 if (stat (fname, &buf))
205 if (errno == ENOENT || errno == EPERM || errno == EACCES)
207 log_error (_("fstat of '%s' failed in %s: %s\n"), fname,
208 "is_secured_filename", strerror (errno));
211 /* log_debug ("is_secured_filename (%s) i=%lu.%lu\n", fname, */
212 /* (unsigned long)buf.st_dev, (unsigned long)buf.st_ino); */
213 for (sf=secured_files; sf; sf = sf->next)
215 if (sf->ino == buf.st_ino && sf->dev == buf.st_dev)
218 #else /*!ENABLE_SELINUX_HACKS*/
220 #endif /*!ENABLE_SELINUX_HACKS*/
227 checksum_u16( unsigned n )
238 checksum( byte *p, unsigned n )
248 checksum_mpi (gcry_mpi_t a)
254 if ( gcry_mpi_print (GCRYMPI_FMT_PGP, NULL, 0, &nbytes, a) )
256 /* Fixme: For numbers not in secure memory we should use a stack
257 * based buffer and only allocate a larger one if mpi_print returns
259 buffer = (gcry_is_secure(a)?
260 gcry_xmalloc_secure (nbytes) : gcry_xmalloc (nbytes));
261 if ( gcry_mpi_print (GCRYMPI_FMT_PGP, buffer, nbytes, NULL, a) )
263 csum = checksum (buffer, nbytes);
270 print_pubkey_algo_note (pubkey_algo_t algo)
272 if(algo >= 100 && algo <= 110)
278 es_fflush (es_stdout);
279 log_info (_("WARNING: using experimental public key algorithm %s\n"),
280 openpgp_pk_algo_name (algo));
283 else if (algo == PUBKEY_ALGO_ELGAMAL)
285 es_fflush (es_stdout);
286 log_info (_("WARNING: Elgamal sign+encrypt keys are deprecated\n"));
291 print_cipher_algo_note (cipher_algo_t algo)
293 if(algo >= 100 && algo <= 110)
299 es_fflush (es_stdout);
300 log_info (_("WARNING: using experimental cipher algorithm %s\n"),
301 openpgp_cipher_algo_name (algo));
307 print_digest_algo_note (digest_algo_t algo)
309 const enum gcry_md_algos galgo = map_md_openpgp_to_gcry (algo);
310 const struct weakhash *weak;
312 if(algo >= 100 && algo <= 110)
318 es_fflush (es_stdout);
319 log_info (_("WARNING: using experimental digest algorithm %s\n"),
320 gcry_md_algo_name (galgo));
324 for (weak = opt.weak_digests; weak != NULL; weak = weak->next)
325 if (weak->algo == galgo)
327 es_fflush (es_stdout);
328 log_info (_("WARNING: digest algorithm %s is deprecated\n"),
329 gcry_md_algo_name (galgo));
335 print_digest_rejected_note (enum gcry_md_algos algo)
337 struct weakhash* weak;
339 for (weak = opt.weak_digests; weak; weak = weak->next)
340 if (weak->algo == algo)
342 if (weak->rejection_shown)
345 weak->rejection_shown = 1;
351 es_fflush (es_stdout);
353 (_("Note: signatures using the %s algorithm are rejected\n"),
354 gcry_md_algo_name(algo));
360 * "(reported error: %s)\n
361 * in verbose mode to further explain an error. If the error code has
362 * the value IGNORE_EC no message is printed. A message is also not
363 * printed if ERR is 0. */
365 print_reported_error (gpg_error_t err, gpg_err_code_t ignore_ec)
370 if (!gpg_err_code (err))
372 else if (gpg_err_code (err) == ignore_ec)
374 else if (gpg_err_source (err) == GPG_ERR_SOURCE_DEFAULT)
375 log_info (_("(reported error: %s)\n"),
378 log_info (_("(reported error: %s <%s>)\n"),
379 gpg_strerror (err), gpg_strsource (err));
385 * "(further info: %s)\n
386 * in verbose mode to further explain an error. That message is
387 * intended to help debug a problem and should not be translated.
390 print_further_info (const char *format, ...)
397 log_info (_("(further info: "));
398 va_start (arg_ptr, format);
399 log_logv (GPGRT_LOG_CONT, format, arg_ptr);
405 /* Map OpenPGP algo numbers to those used by Libgcrypt. We need to do
406 this for algorithms we implemented in Libgcrypt after they become
408 enum gcry_cipher_algos
409 map_cipher_openpgp_to_gcry (cipher_algo_t algo)
413 case CIPHER_ALGO_NONE: return GCRY_CIPHER_NONE;
416 case CIPHER_ALGO_IDEA: return GCRY_CIPHER_IDEA;
418 case CIPHER_ALGO_IDEA: return 0;
421 case CIPHER_ALGO_3DES: return GCRY_CIPHER_3DES;
424 case CIPHER_ALGO_CAST5: return GCRY_CIPHER_CAST5;
426 case CIPHER_ALGO_CAST5: return 0;
429 #ifdef GPG_USE_BLOWFISH
430 case CIPHER_ALGO_BLOWFISH: return GCRY_CIPHER_BLOWFISH;
432 case CIPHER_ALGO_BLOWFISH: return 0;
435 #ifdef GPG_USE_AES128
436 case CIPHER_ALGO_AES: return GCRY_CIPHER_AES;
438 case CIPHER_ALGO_AES: return 0;
441 #ifdef GPG_USE_AES192
442 case CIPHER_ALGO_AES192: return GCRY_CIPHER_AES192;
444 case CIPHER_ALGO_AES192: return 0;
447 #ifdef GPG_USE_AES256
448 case CIPHER_ALGO_AES256: return GCRY_CIPHER_AES256;
450 case CIPHER_ALGO_AES256: return 0;
453 #ifdef GPG_USE_TWOFISH
454 case CIPHER_ALGO_TWOFISH: return GCRY_CIPHER_TWOFISH;
456 case CIPHER_ALGO_TWOFISH: return 0;
459 #ifdef GPG_USE_CAMELLIA128
460 case CIPHER_ALGO_CAMELLIA128: return GCRY_CIPHER_CAMELLIA128;
462 case CIPHER_ALGO_CAMELLIA128: return 0;
465 #ifdef GPG_USE_CAMELLIA192
466 case CIPHER_ALGO_CAMELLIA192: return GCRY_CIPHER_CAMELLIA192;
468 case CIPHER_ALGO_CAMELLIA192: return 0;
471 #ifdef GPG_USE_CAMELLIA256
472 case CIPHER_ALGO_CAMELLIA256: return GCRY_CIPHER_CAMELLIA256;
474 case CIPHER_ALGO_CAMELLIA256: return 0;
480 /* The inverse function of above. */
482 map_cipher_gcry_to_openpgp (enum gcry_cipher_algos algo)
486 case GCRY_CIPHER_NONE: return CIPHER_ALGO_NONE;
487 case GCRY_CIPHER_IDEA: return CIPHER_ALGO_IDEA;
488 case GCRY_CIPHER_3DES: return CIPHER_ALGO_3DES;
489 case GCRY_CIPHER_CAST5: return CIPHER_ALGO_CAST5;
490 case GCRY_CIPHER_BLOWFISH: return CIPHER_ALGO_BLOWFISH;
491 case GCRY_CIPHER_AES: return CIPHER_ALGO_AES;
492 case GCRY_CIPHER_AES192: return CIPHER_ALGO_AES192;
493 case GCRY_CIPHER_AES256: return CIPHER_ALGO_AES256;
494 case GCRY_CIPHER_TWOFISH: return CIPHER_ALGO_TWOFISH;
495 case GCRY_CIPHER_CAMELLIA128: return CIPHER_ALGO_CAMELLIA128;
496 case GCRY_CIPHER_CAMELLIA192: return CIPHER_ALGO_CAMELLIA192;
497 case GCRY_CIPHER_CAMELLIA256: return CIPHER_ALGO_CAMELLIA256;
502 /* Map Gcrypt public key algorithm numbers to those used by OpenPGP.
503 FIXME: This mapping is used at only two places - we should get rid
506 map_pk_gcry_to_openpgp (enum gcry_pk_algos algo)
510 case GCRY_PK_ECDSA: return PUBKEY_ALGO_ECDSA;
511 case GCRY_PK_ECDH: return PUBKEY_ALGO_ECDH;
512 default: return algo < 110 ? algo : 0;
517 /* Return the block length of an OpenPGP cipher algorithm. */
519 openpgp_cipher_blocklen (cipher_algo_t algo)
521 /* We use the numbers from OpenPGP to be sure that we get the right
522 block length. This is so that the packet parsing code works even
523 for unknown algorithms (for which we assume 8 due to tradition).
525 NOTE: If you change the the returned blocklen above 16, check
526 the callers because they may use a fixed size buffer of that
530 case CIPHER_ALGO_AES:
531 case CIPHER_ALGO_AES192:
532 case CIPHER_ALGO_AES256:
533 case CIPHER_ALGO_TWOFISH:
534 case CIPHER_ALGO_CAMELLIA128:
535 case CIPHER_ALGO_CAMELLIA192:
536 case CIPHER_ALGO_CAMELLIA256:
545 * Wrapper around the libgcrypt function with additional checks on
546 * the OpenPGP contraints for the algo ID.
549 openpgp_cipher_test_algo (cipher_algo_t algo)
551 enum gcry_cipher_algos ga;
553 ga = map_cipher_openpgp_to_gcry (algo);
555 return gpg_error (GPG_ERR_CIPHER_ALGO);
557 return gcry_cipher_test_algo (ga);
560 /* Map the OpenPGP cipher algorithm whose ID is contained in ALGORITHM to a
561 string representation of the algorithm name. For unknown algorithm
562 IDs this function returns "?". */
564 openpgp_cipher_algo_name (cipher_algo_t algo)
568 case CIPHER_ALGO_NONE: break;
569 case CIPHER_ALGO_IDEA: return "IDEA";
570 case CIPHER_ALGO_3DES: return "3DES";
571 case CIPHER_ALGO_CAST5: return "CAST5";
572 case CIPHER_ALGO_BLOWFISH: return "BLOWFISH";
573 case CIPHER_ALGO_AES: return "AES";
574 case CIPHER_ALGO_AES192: return "AES192";
575 case CIPHER_ALGO_AES256: return "AES256";
576 case CIPHER_ALGO_TWOFISH: return "TWOFISH";
577 case CIPHER_ALGO_CAMELLIA128: return "CAMELLIA128";
578 case CIPHER_ALGO_CAMELLIA192: return "CAMELLIA192";
579 case CIPHER_ALGO_CAMELLIA256: return "CAMELLIA256";
585 /* Return 0 if ALGO is a supported OpenPGP public key algorithm. */
587 openpgp_pk_test_algo (pubkey_algo_t algo)
589 return openpgp_pk_test_algo2 (algo, 0);
593 /* Return 0 if ALGO is a supported OpenPGP public key algorithm and
594 allows the usage USE. */
596 openpgp_pk_test_algo2 (pubkey_algo_t algo, unsigned int use)
598 enum gcry_pk_algos ga = 0;
599 size_t use_buf = use;
604 case PUBKEY_ALGO_RSA: ga = GCRY_PK_RSA; break;
605 case PUBKEY_ALGO_RSA_E: ga = GCRY_PK_RSA_E; break;
606 case PUBKEY_ALGO_RSA_S: ga = GCRY_PK_RSA_S; break;
608 case PUBKEY_ALGO_RSA: break;
609 case PUBKEY_ALGO_RSA_E: break;
610 case PUBKEY_ALGO_RSA_S: break;
613 case PUBKEY_ALGO_ELGAMAL_E: ga = GCRY_PK_ELG; break;
614 case PUBKEY_ALGO_DSA: ga = GCRY_PK_DSA; break;
617 case PUBKEY_ALGO_ECDH: ga = GCRY_PK_ECC; break;
619 case PUBKEY_ALGO_ECDH: break;
623 case PUBKEY_ALGO_ECDSA: ga = GCRY_PK_ECC; break;
625 case PUBKEY_ALGO_ECDSA: break;
629 case PUBKEY_ALGO_EDDSA: ga = GCRY_PK_ECC; break;
631 case PUBKEY_ALGO_EDDSA: break;
634 case PUBKEY_ALGO_ELGAMAL:
635 /* Dont't allow type 20 keys unless in rfc2440 mode. */
641 return gpg_error (GPG_ERR_PUBKEY_ALGO);
643 /* No check whether Libgcrypt has support for the algorithm. */
644 return gcry_pk_algo_info (ga, GCRYCTL_TEST_ALGO, NULL, &use_buf);
649 openpgp_pk_algo_usage ( int algo )
653 /* They are hardwired in gpg 1.0. */
655 case PUBKEY_ALGO_RSA:
656 use = (PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG
657 | PUBKEY_USAGE_ENC | PUBKEY_USAGE_AUTH);
659 case PUBKEY_ALGO_RSA_E:
660 case PUBKEY_ALGO_ECDH:
661 use = PUBKEY_USAGE_ENC;
663 case PUBKEY_ALGO_RSA_S:
664 use = PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG;
666 case PUBKEY_ALGO_ELGAMAL:
668 use = PUBKEY_USAGE_ENC;
670 case PUBKEY_ALGO_ELGAMAL_E:
671 use = PUBKEY_USAGE_ENC;
673 case PUBKEY_ALGO_DSA:
674 use = PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG | PUBKEY_USAGE_AUTH;
676 case PUBKEY_ALGO_ECDSA:
677 case PUBKEY_ALGO_EDDSA:
678 use = PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG | PUBKEY_USAGE_AUTH;
685 /* Map the OpenPGP pubkey algorithm whose ID is contained in ALGO to a
686 string representation of the algorithm name. For unknown algorithm
687 IDs this function returns "?". */
689 openpgp_pk_algo_name (pubkey_algo_t algo)
693 case PUBKEY_ALGO_RSA:
694 case PUBKEY_ALGO_RSA_E:
695 case PUBKEY_ALGO_RSA_S: return "RSA";
696 case PUBKEY_ALGO_ELGAMAL:
697 case PUBKEY_ALGO_ELGAMAL_E: return "ELG";
698 case PUBKEY_ALGO_DSA: return "DSA";
699 case PUBKEY_ALGO_ECDH: return "ECDH";
700 case PUBKEY_ALGO_ECDSA: return "ECDSA";
701 case PUBKEY_ALGO_EDDSA: return "EDDSA";
707 /* Explicit mapping of OpenPGP digest algos to Libgcrypt. */
708 /* FIXME: We do not yes use it everywhere. */
710 map_md_openpgp_to_gcry (digest_algo_t algo)
715 case DIGEST_ALGO_MD5: return GCRY_MD_MD5;
717 case DIGEST_ALGO_MD5: return 0;
720 case DIGEST_ALGO_SHA1: return GCRY_MD_SHA1;
722 #ifdef GPG_USE_RMD160
723 case DIGEST_ALGO_RMD160: return GCRY_MD_RMD160;
725 case DIGEST_ALGO_RMD160: return 0;
728 #ifdef GPG_USE_SHA224
729 case DIGEST_ALGO_SHA224: return GCRY_MD_SHA224;
731 case DIGEST_ALGO_SHA224: return 0;
734 case DIGEST_ALGO_SHA256: return GCRY_MD_SHA256;
736 #ifdef GPG_USE_SHA384
737 case DIGEST_ALGO_SHA384: return GCRY_MD_SHA384;
739 case DIGEST_ALGO_SHA384: return 0;
742 #ifdef GPG_USE_SHA512
743 case DIGEST_ALGO_SHA512: return GCRY_MD_SHA512;
745 case DIGEST_ALGO_SHA512: return 0;
752 /* Return 0 if ALGO is suitable and implemented OpenPGP hash
755 openpgp_md_test_algo (digest_algo_t algo)
757 enum gcry_md_algos ga;
759 ga = map_md_openpgp_to_gcry (algo);
761 return gpg_error (GPG_ERR_DIGEST_ALGO);
763 return gcry_md_test_algo (ga);
767 /* Map the OpenPGP digest algorithm whose ID is contained in ALGO to a
768 string representation of the algorithm name. For unknown algorithm
769 IDs this function returns "?". */
771 openpgp_md_algo_name (int algo)
775 case DIGEST_ALGO_MD5: return "MD5";
776 case DIGEST_ALGO_SHA1: return "SHA1";
777 case DIGEST_ALGO_RMD160: return "RIPEMD160";
778 case DIGEST_ALGO_SHA256: return "SHA256";
779 case DIGEST_ALGO_SHA384: return "SHA384";
780 case DIGEST_ALGO_SHA512: return "SHA512";
781 case DIGEST_ALGO_SHA224: return "SHA224";
788 get_signature_count (PKT_public_key *pk)
790 #ifdef ENABLE_CARD_SUPPORT
791 struct agent_card_info_s info;
794 if (!agent_scd_getattr ("SIG-COUNTER",&info))
795 return info.sig_counter;
804 /* Expand %-strings. Returns a string which must be xfreed. Returns
805 NULL if the string cannot be expanded (too large). */
807 pct_expando(const char *string,struct expando_args *args)
809 const char *ch=string;
810 int idx=0,maxlen=0,done=0;
811 u32 pk_keyid[2]={0,0},sk_keyid[2]={0,0};
815 keyid_from_pk(args->pk,pk_keyid);
818 keyid_from_pk (args->pksk, sk_keyid);
820 /* This is used so that %k works in photoid command strings in
821 --list-secret-keys (which of course has a sk, but no pk). */
822 if(!args->pk && args->pksk)
823 keyid_from_pk (args->pksk, pk_keyid);
829 /* 8192 is way bigger than we'll need here */
834 ret=xrealloc(ret,maxlen);
843 case 's': /* short key id */
846 sprintf(&ret[idx],"%08lX",(ulong)sk_keyid[1]);
852 case 'S': /* long key id */
855 sprintf(&ret[idx],"%08lX%08lX",
856 (ulong)sk_keyid[0],(ulong)sk_keyid[1]);
862 case 'k': /* short key id */
865 sprintf(&ret[idx],"%08lX",(ulong)pk_keyid[1]);
871 case 'K': /* long key id */
874 sprintf(&ret[idx],"%08lX%08lX",
875 (ulong)pk_keyid[0],(ulong)pk_keyid[1]);
881 case 'U': /* z-base-32 encoded user id hash. */
884 char *tmp = zb32_encode (args->namehash, 8*20);
887 if (idx + strlen (tmp) < maxlen)
889 strcpy (ret+idx, tmp);
898 case 'c': /* signature count from card, if any. */
901 sprintf (&ret[idx],"%lu", get_signature_count (args->pksk));
902 idx+=strlen(&ret[idx]);
907 case 'f': /* Fingerprint of key being signed */
908 case 'p': /* Fingerprint of the primary key making the signature. */
909 case 'g': /* Fingerprint of the key making the signature. */
911 byte array[MAX_FINGERPRINT_LEN];
915 if ((*(ch+1))=='f' && args->pk)
916 fingerprint_from_pk (args->pk, array, &len);
917 else if ((*(ch+1))=='p' && args->pksk)
919 if(args->pksk->flags.primary)
920 fingerprint_from_pk (args->pksk, array, &len);
921 else if (args->pksk->main_keyid[0]
922 || args->pksk->main_keyid[1])
924 /* Not the primary key: Find the fingerprint
925 of the primary key. */
927 xmalloc_clear(sizeof(PKT_public_key));
929 if (!get_pubkey_fast (pk,args->pksk->main_keyid))
930 fingerprint_from_pk (pk, array, &len);
932 memset (array, 0, (len=MAX_FINGERPRINT_LEN));
933 free_public_key (pk);
935 else /* Oops: info about the primary key missing. */
936 memset(array,0,(len=MAX_FINGERPRINT_LEN));
938 else if((*(ch+1))=='g' && args->pksk)
939 fingerprint_from_pk (args->pksk, array, &len);
941 memset(array,0,(len=MAX_FINGERPRINT_LEN));
943 if(idx+(len*2)<maxlen)
947 sprintf(&ret[idx],"%02X",array[i]);
955 case 'v': /* validity letters */
956 if(args->validity_info && idx+1<maxlen)
958 ret[idx++]=args->validity_info;
964 /* The text string types */
969 const char *str=NULL;
973 case 't': /* e.g. "jpg" */
974 str=image_type_to_string(args->imagetype,0);
977 case 'T': /* e.g. "image/jpeg" */
978 str=image_type_to_string(args->imagetype,2);
981 case 'V': /* e.g. "full", "expired", etc. */
982 str=args->validity_string;
986 if(str && idx+strlen(str)<maxlen)
988 strcpy(&ret[idx],str);
1004 /* Any unknown %-keys (like %i, %o, %I, and %O) are
1005 passed through for later expansion. Note this also
1006 handles the case where the last character in the
1007 string is a '%' - the terminating \0 will end up here
1008 and properly terminate the string. */
1045 deprecated_warning(const char *configname,unsigned int configlineno,
1046 const char *option,const char *repl1,const char *repl2)
1050 if(strncmp("--",option,2)==0)
1053 if(strncmp("--",repl1,2)==0)
1056 log_info(_("%s:%d: deprecated option \"%s\"\n"),
1057 configname,configlineno,option);
1060 log_info(_("WARNING: \"%s\" is a deprecated option\n"),option);
1062 log_info(_("please use \"%s%s\" instead\n"),repl1,repl2);
1067 deprecated_command (const char *name)
1069 log_info(_("WARNING: \"%s\" is a deprecated command - do not use it\n"),
1075 obsolete_scdaemon_option (const char *configname, unsigned int configlineno,
1079 log_info (_("%s:%u: \"%s\" is obsolete in this file"
1080 " - it only has effect in %s\n"),
1081 configname, configlineno, name, SCDAEMON_NAME EXTSEP_S "conf");
1083 log_info (_("WARNING: \"%s%s\" is an obsolete option"
1084 " - it has no effect except on %s\n"),
1085 "--", name, SCDAEMON_NAME);
1090 * Wrapper around gcry_cipher_map_name to provide a fallback using the
1091 * "Sn" syntax as used by the preference strings.
1094 string_to_cipher_algo (const char *string)
1098 val = map_cipher_gcry_to_openpgp (gcry_cipher_map_name (string));
1099 if (!val && string && (string[0]=='S' || string[0]=='s'))
1104 val = strtol (string, &endptr, 10);
1105 if (!*string || *endptr || openpgp_cipher_test_algo (val))
1113 * Wrapper around gcry_md_map_name to provide a fallback using the
1114 * "Hn" syntax as used by the preference strings.
1117 string_to_digest_algo (const char *string)
1121 /* FIXME: We should make use of our wrapper function and not assume
1122 that there is a 1 to 1 mapping between OpenPGP and Libgcrypt. */
1123 val = gcry_md_map_name (string);
1124 if (!val && string && (string[0]=='H' || string[0]=='h'))
1129 val = strtol (string, &endptr, 10);
1130 if (!*string || *endptr || openpgp_md_test_algo (val))
1140 compress_algo_to_string(int algo)
1146 case COMPRESS_ALGO_NONE:
1147 s=_("Uncompressed");
1150 case COMPRESS_ALGO_ZIP:
1154 case COMPRESS_ALGO_ZLIB:
1159 case COMPRESS_ALGO_BZIP2:
1169 string_to_compress_algo(const char *string)
1171 /* TRANSLATORS: See doc/TRANSLATE about this string. */
1172 if(match_multistr(_("uncompressed|none"),string))
1174 else if(ascii_strcasecmp(string,"uncompressed")==0)
1176 else if(ascii_strcasecmp(string,"none")==0)
1178 else if(ascii_strcasecmp(string,"zip")==0)
1180 else if(ascii_strcasecmp(string,"zlib")==0)
1183 else if(ascii_strcasecmp(string,"bzip2")==0)
1186 else if(ascii_strcasecmp(string,"z0")==0)
1188 else if(ascii_strcasecmp(string,"z1")==0)
1190 else if(ascii_strcasecmp(string,"z2")==0)
1193 else if(ascii_strcasecmp(string,"z3")==0)
1201 check_compress_algo(int algo)
1213 default: return GPG_ERR_COMPR_ALGO;
1218 default_cipher_algo(void)
1220 if(opt.def_cipher_algo)
1221 return opt.def_cipher_algo;
1222 else if(opt.personal_cipher_prefs)
1223 return opt.personal_cipher_prefs[0].value;
1225 return opt.s2k_cipher_algo;
1228 /* There is no default_digest_algo function, but see
1229 sign.c:hash_for() */
1232 default_compress_algo(void)
1234 if(opt.compress_algo!=-1)
1235 return opt.compress_algo;
1236 else if(opt.personal_compress_prefs)
1237 return opt.personal_compress_prefs[0].value;
1239 return DEFAULT_COMPRESS_ALGO;
1243 compliance_option_string(void)
1247 switch(opt.compliance)
1249 case CO_GNUPG: return "--gnupg";
1250 case CO_RFC4880: return "--openpgp";
1251 case CO_RFC2440: return "--rfc2440";
1252 case CO_PGP6: return "--pgp6";
1253 case CO_PGP7: return "--pgp7";
1254 case CO_PGP8: return "--pgp8";
1255 case CO_DE_VS: return "--compliance=de-vs";
1262 compliance_failure(void)
1266 switch(opt.compliance)
1277 ver="OpenPGP (older)";
1293 ver="DE-VS applications";
1297 log_info(_("this message may not be usable by %s\n"),ver);
1298 opt.compliance=CO_GNUPG;
1301 /* Break a string into successive option pieces. Accepts single word
1302 options and key=value argument options. */
1304 optsep(char **stringp)
1311 end=strpbrk(tok," ,=");
1317 /* what we need to do now is scan along starting with *end,
1318 If the next character we see (ignoring spaces) is an =
1319 sign, then there is an argument. */
1330 /* There is an argument, so grab that too. At this point,
1331 ptr points to the first character of the argument. */
1334 /* Is it a quoted argument? */
1338 end=strchr(ptr,'"');
1343 end=strpbrk(ptr," ,");
1361 /* Breaks an option value into key and value. Returns NULL if there
1362 is no value. Note that "string" is modified to remove the =value
1365 argsplit(char *string)
1367 char *equals,*arg=NULL;
1369 equals=strchr(string,'=');
1378 quote=strchr(arg,'"');
1383 quote=strchr(arg,'"');
1391 /* Trim leading spaces off of the arg */
1392 spaces=strspn(arg," ");
1396 /* Trim tailing spaces off of the tag */
1397 space=strchr(string,' ');
1405 /* Return the length of the initial token, leaving off any
1408 optlen(const char *s)
1410 char *end=strpbrk(s," =");
1419 parse_options(char *str,unsigned int *options,
1420 struct parse_options *opts,int noisy)
1424 if (str && !strcmp (str, "help"))
1428 /* Figure out the longest option name so we can line these up
1430 for(i=0;opts[i].name;i++)
1431 if(opts[i].help && maxlen<strlen(opts[i].name))
1432 maxlen=strlen(opts[i].name);
1434 for(i=0;opts[i].name;i++)
1436 es_printf("%s%*s%s\n",opts[i].name,
1437 maxlen+2-(int)strlen(opts[i].name),"",_(opts[i].help));
1442 while((tok=optsep(&str)))
1450 if(ascii_strncasecmp("no-",tok,3)==0)
1456 for(i=0;opts[i].name;i++)
1458 size_t toklen=optlen(tok);
1460 if(ascii_strncasecmp(opts[i].name,tok,toklen)==0)
1462 /* We have a match, but it might be incomplete */
1463 if(toklen!=strlen(opts[i].name))
1467 for(j=i+1;opts[j].name;j++)
1469 if(ascii_strncasecmp(opts[j].name,tok,toklen)==0)
1472 log_info(_("ambiguous option '%s'\n"),otok);
1480 *options&=~opts[i].bit;
1482 *opts[i].value=NULL;
1486 *options|=opts[i].bit;
1488 *opts[i].value=argsplit(tok);
1497 log_info(_("unknown option '%s'\n"),otok);
1506 /* Similar to access(2), but uses PATH to find the file. */
1508 path_access(const char *file,int mode)
1513 envpath=getenv("PATH");
1516 #ifdef HAVE_DRIVE_LETTERS
1517 || (((file[0]>='A' && file[0]<='Z')
1518 || (file[0]>='a' && file[0]<='z'))
1524 return access(file,mode);
1527 /* At least as large as, but most often larger than we need. */
1528 char *buffer=xmalloc(strlen(envpath)+1+strlen(file)+1);
1529 char *split,*item,*path=xstrdup(envpath);
1533 while((item=strsep(&split,PATHSEP_S)))
1535 strcpy(buffer,item);
1537 strcat(buffer,file);
1538 ret=access(buffer,mode);
1552 /* Return the number of public key parameters as used by OpenPGP. */
1554 pubkey_get_npkey (pubkey_algo_t algo)
1558 case PUBKEY_ALGO_RSA:
1559 case PUBKEY_ALGO_RSA_E:
1560 case PUBKEY_ALGO_RSA_S: return 2;
1561 case PUBKEY_ALGO_ELGAMAL_E: return 3;
1562 case PUBKEY_ALGO_DSA: return 4;
1563 case PUBKEY_ALGO_ECDH: return 3;
1564 case PUBKEY_ALGO_ECDSA: return 2;
1565 case PUBKEY_ALGO_ELGAMAL: return 3;
1566 case PUBKEY_ALGO_EDDSA: return 2;
1572 /* Return the number of secret key parameters as used by OpenPGP. */
1574 pubkey_get_nskey (pubkey_algo_t algo)
1578 case PUBKEY_ALGO_RSA:
1579 case PUBKEY_ALGO_RSA_E:
1580 case PUBKEY_ALGO_RSA_S: return 6;
1581 case PUBKEY_ALGO_ELGAMAL_E: return 4;
1582 case PUBKEY_ALGO_DSA: return 5;
1583 case PUBKEY_ALGO_ECDH: return 4;
1584 case PUBKEY_ALGO_ECDSA: return 3;
1585 case PUBKEY_ALGO_ELGAMAL: return 4;
1586 case PUBKEY_ALGO_EDDSA: return 3;
1591 /* Temporary helper. */
1593 pubkey_get_nsig (pubkey_algo_t algo)
1597 case PUBKEY_ALGO_RSA:
1598 case PUBKEY_ALGO_RSA_E:
1599 case PUBKEY_ALGO_RSA_S: return 1;
1600 case PUBKEY_ALGO_ELGAMAL_E: return 0;
1601 case PUBKEY_ALGO_DSA: return 2;
1602 case PUBKEY_ALGO_ECDH: return 0;
1603 case PUBKEY_ALGO_ECDSA: return 2;
1604 case PUBKEY_ALGO_ELGAMAL: return 2;
1605 case PUBKEY_ALGO_EDDSA: return 2;
1611 /* Temporary helper. */
1613 pubkey_get_nenc (pubkey_algo_t algo)
1617 case PUBKEY_ALGO_RSA:
1618 case PUBKEY_ALGO_RSA_E:
1619 case PUBKEY_ALGO_RSA_S: return 1;
1620 case PUBKEY_ALGO_ELGAMAL_E: return 2;
1621 case PUBKEY_ALGO_DSA: return 0;
1622 case PUBKEY_ALGO_ECDH: return 2;
1623 case PUBKEY_ALGO_ECDSA: return 0;
1624 case PUBKEY_ALGO_ELGAMAL: return 2;
1625 case PUBKEY_ALGO_EDDSA: return 0;
1631 /* Temporary helper. */
1633 pubkey_nbits( int algo, gcry_mpi_t *key )
1638 if (algo == PUBKEY_ALGO_DSA
1639 && key[0] && key[1] && key[2] && key[3])
1641 rc = gcry_sexp_build (&sexp, NULL,
1642 "(public-key(dsa(p%m)(q%m)(g%m)(y%m)))",
1643 key[0], key[1], key[2], key[3] );
1645 else if ((algo == PUBKEY_ALGO_ELGAMAL || algo == PUBKEY_ALGO_ELGAMAL_E)
1646 && key[0] && key[1] && key[2])
1648 rc = gcry_sexp_build (&sexp, NULL,
1649 "(public-key(elg(p%m)(g%m)(y%m)))",
1650 key[0], key[1], key[2] );
1652 else if (is_RSA (algo)
1653 && key[0] && key[1])
1655 rc = gcry_sexp_build (&sexp, NULL,
1656 "(public-key(rsa(n%m)(e%m)))",
1659 else if ((algo == PUBKEY_ALGO_ECDSA || algo == PUBKEY_ALGO_ECDH
1660 || algo == PUBKEY_ALGO_EDDSA)
1661 && key[0] && key[1])
1663 char *curve = openpgp_oid_to_str (key[0]);
1665 rc = gpg_error_from_syserror ();
1668 rc = gcry_sexp_build (&sexp, NULL,
1669 "(public-key(ecc(curve%s)(q%m)))",
1680 nbits = gcry_pk_get_nbits (sexp);
1681 gcry_sexp_release (sexp);
1688 mpi_print (estream_t fp, gcry_mpi_t a, int mode)
1694 return es_fprintf (fp, "[MPI_NULL]");
1698 n1 = gcry_mpi_get_nbits(a);
1699 n += es_fprintf (fp, "[%u bits]", n1);
1701 else if (gcry_mpi_get_flag (a, GCRYMPI_FLAG_OPAQUE))
1704 unsigned char *p = gcry_mpi_get_opaque (a, &nbits);
1706 n += es_fprintf (fp, "[invalid opaque value]");
1709 if (!es_write_hexstring (fp, p, (nbits + 7)/8, 0, &nwritten))
1715 unsigned char *buffer;
1718 if (gcry_mpi_aprint (GCRYMPI_FMT_USG, &buffer, &buflen, a))
1720 if (!es_write_hexstring (fp, buffer, buflen, 0, &nwritten))
1728 /* pkey[1] or skey[1] is Q for ECDSA, which is an uncompressed point,
1731 ecdsa_qbits_from_Q (unsigned int qbits)
1735 log_error (_("ECDSA public key is expected to be in SEC encoding "
1736 "multiple of 8 bits\n"));
1745 /* Ignore signatures and certifications made over certain digest
1746 * algorithms by default, MD5 is considered weak. This allows users
1747 * to deprecate support for other algorithms as well.
1750 additional_weak_digest (const char* digestname)
1752 struct weakhash *weak = NULL;
1753 const enum gcry_md_algos algo = string_to_digest_algo(digestname);
1755 if (algo == GCRY_MD_NONE)
1757 log_error (_("unknown weak digest '%s'\n"), digestname);
1761 /* Check to ensure it's not already present. */
1762 for (weak = opt.weak_digests; weak; weak = weak->next)
1763 if (algo == weak->algo)
1766 /* Add it to the head of the list. */
1767 weak = xmalloc(sizeof(*weak));
1769 weak->rejection_shown = 0;
1770 weak->next = opt.weak_digests;
1771 opt.weak_digests = weak;