chiark / gitweb /
key/key-io.c: Mark `exptime' function `static'.
[catacomb] / key / key-misc.c
CommitLineData
d11a0bf7 1/* -*-c-*-
d11a0bf7 2 *
3 * Simple key management
4 *
5 * (c) 1999 Straylight/Edgeware
6 */
7
45c0fd36 8/*----- Licensing notice --------------------------------------------------*
d11a0bf7 9 *
10 * This file is part of Catacomb.
11 *
12 * Catacomb is free software; you can redistribute it and/or modify
13 * it under the terms of the GNU Library General Public License as
14 * published by the Free Software Foundation; either version 2 of the
15 * License, or (at your option) any later version.
45c0fd36 16 *
d11a0bf7 17 * Catacomb is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU Library General Public License for more details.
45c0fd36 21 *
d11a0bf7 22 * You should have received a copy of the GNU Library General Public
23 * License along with Catacomb; if not, write to the Free
24 * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
25 * MA 02111-1307, USA.
26 */
27
d11a0bf7 28/*----- Header files ------------------------------------------------------*/
29
30#include <stdio.h>
31#include <stdlib.h>
32#include <string.h>
33#include <time.h>
34
d11a0bf7 35#include <mLib/bits.h>
36#include <mLib/hash.h>
37#include <mLib/sub.h>
38#include <mLib/sym.h>
39
40#include "key.h"
41
42/*----- Useful macros -----------------------------------------------------*/
43
44#define KEY_WRITE(f) do { \
b119a5eb 45 if (!((f)->f & KF_WRITE)) \
d11a0bf7 46 return (KERR_READONLY); \
47 } while (0)
48
49#define KEY_MODIFY(f) do { (f)->f |= KF_MODIFIED; } while (0)
50
51#define KEY_LOAD(n) ((n) * 2)
52
d11a0bf7 53/*----- Iteration and iterators -------------------------------------------*/
54
55/* --- @key_mkiter@ --- *
56 *
57 * Arguments: @key_iter *i@ = pointer to iterator object
58 * @key_file *f@ = pointer to file structure
59 *
60 * Returns: ---
61 *
62 * Use: Initializes a key iterator. The keys are returned by
63 * @key_next@.
64 */
65
66void key_mkiter(key_iter *i, key_file *f)
67{
68 HASH_MKITER(&i->i, &f->byid);
69 i->t = time(0);
70}
71
72/* --- @key_next@ --- *
73 *
74 * Arguments: @key_iter *i@ = pointer to iterator object
75 *
76 * Returns: Pointer to next key, or null.
77 *
78 * Use: Returns the next key in some arbitrary sequence.
79 */
80
81key *key_next(key_iter *i)
82{
83 hash_base *b;
84 key *k;
85 do {
86 HASH_NEXT(&i->i, b);
87 k = (key *)b;
88 } while (k && KEY_EXPIRED(i->t, k->exp) && KEY_EXPIRED(i->t, k->del));
89 return (k);
90}
91
92/*----- Lookup ------------------------------------------------------------*/
93
94/* --- @key_bytype@ --- *
95 *
96 * Arguments: @key_file *f@ = key file we want a key from
97 * @const char *type@ = type string for desired key
98 *
99 * Returns: Pointer to the best key to use, or null.
100 *
101 * Use: Looks up a key by its type. Returns the key with the latest
102 * expiry time. This function will not return an expired key.
103 */
104
105key *key_bytype(key_file *f, const char *type)
106{
107 time_t now = time(0);
108 key *k;
109 key_ref *kr;
110
111 if ((kr = sym_find(&f->bytype, type, -1, 0, 0)) == 0)
112 return (0);
113 for (k = kr->k; k && KEY_EXPIRED(now, k->exp); k = k->next)
114 ;
115 return (k);
116}
117
118/* --- @key_byid@ --- *
119 *
120 * Arguments: @key_file *f@ = key file to find a key from
121 * @uint32 id@ = id to look for
122 *
123 * Returns: Key with matching id.
124 *
125 * Use: Returns a key given its id. This function will return an
126 * expired key, but not a deleted one.
127 */
128
129key *key_byid(key_file *f, uint32 id)
130{
131 time_t t = time(0);
132 hash_base **bin, *b;
133
134 bin = HASH_BIN(&f->byid, id);
135 for (b = *bin; b; b = b->next) {
136 if (b->hash == id) {
137 key *k = (key *)b;
138 if (KEY_EXPIRED(t, k->exp) && KEY_EXPIRED(t, k->del))
139 return (0);
140 return (k);
141 }
142 }
143 return (0);
144}
145
146/* --- @key_bytag@ --- *
147 *
148 * Arguments: @key_file *f@ = key file to find a key from
149 * @const char *tag@ = pointer to tag string
150 *
151 * Returns: Key with matching id or tag.
152 *
153 * Use: Returns a key given its tag or id. This function will return
154 * an expired key, but not a deleted one.
155 */
156
157key *key_bytag(key_file *f, const char *tag)
158{
159 time_t t = time(0);
160 char *p;
161 uint32 id;
162 key_ref *kr = sym_find(&f->bytag, tag, -1, 0, 0);
163
cdb7e56a 164 if (kr && !(KEY_EXPIRED(t, kr->k->exp) && KEY_EXPIRED(t, kr->k->del)))
d11a0bf7 165 return (kr->k);
166 id = strtoul(tag, &p, 16);
167 if (!*p)
168 return (key_byid(f, id));
169 return (key_bytype(f, tag));
170}
171
172/* --- @key_qtag@ --- *
173 *
174 * Arguments: @key_file *f@ = key file to find a key from
175 * @const char *tag@ = pointer to tag string
176 * @dstr *d@ = pointer to string for full tag name
177 * @key **k@ = where to store the key pointer
ef13e9a4 178 * @key_data ***kd@ = where to store the key data pointer
d11a0bf7 179 *
180 * Returns: Zero if OK, nonzero if it failed.
181 *
182 * Use: Performs a full lookup on a qualified tag name. The tag is
183 * qualified by the names of subkeys, separated by dots. Hence,
184 * a qualified tag is ID|TAG[.TAG...]. The various result
185 * pointers can be null to indicate that the result isn't
ef13e9a4 186 * interesting.
d11a0bf7 187 */
188
ef13e9a4 189int key_qtag(key_file *f, const char *tag, dstr *d, key **k, key_data ***kd)
d11a0bf7 190{
191 dstr dd = DSTR_INIT;
192 const char *q;
193 key *kk;
ef13e9a4 194 key_data **kkd;
d11a0bf7 195
196 /* --- Find the end of the base tag --- */
197
198 if ((q = strchr(tag, '.')) == 0)
199 DPUTS(&dd, tag);
200 else {
201 DPUTM(&dd, tag, q - tag);
202 DPUTZ(&dd);
203 q++;
204 }
205
206 /* --- Look up the key tag --- */
207
208 if ((kk = key_bytag(f, dd.buf)) == 0) {
209 dstr_destroy(&dd);
210 return (-1);
211 }
212
213 /* --- Set the various initial bits of result up --- */
214
215 if (d)
216 key_fulltag(kk, d);
217 if (k)
218 *k = kk;
219 kkd = &kk->k;
220
221 /* --- Now dig through the rest of the tag --- */
222
ef13e9a4 223 if (q) {
224 while (*q) {
225 key_struct *ks;
226
227 /* --- Stick on the next bit of the fullqtag --- */
228
229 DRESET(&dd);
230 while (*q && *q != '.') {
231 DPUTC(&dd, *q);
232 q++;
233 }
234 DPUTZ(&dd);
235 if (d) {
236 DPUTC(d, '.');
237 DPUTD(d, &dd);
238 }
239
240 /* --- Look up the subkey --- */
241
242 if ((*kkd)->e != KENC_STRUCT) {
243 kkd = 0;
244 break;
245 }
246 if ((ks = sym_find(&(*kkd)->u.s, dd.buf, -1, 0, 0)) == 0) {
247 kkd = 0;
248 break;
249 }
250 kkd = &ks->k;
d11a0bf7 251 }
d11a0bf7 252 }
253
254 /* --- Return the results --- */
255
ef13e9a4 256 dstr_destroy(&dd);
d11a0bf7 257 if (!kkd)
258 return (-1);
d11a0bf7 259 if (kd)
260 *kd = kkd;
261 return (0);
262}
263
264/*----- Miscellaneous functions -------------------------------------------*/
265
266/* --- @key_delete@ --- *
267 *
268 * Arguments: @key_file *f@ = pointer to file block
269 * @key *k@ = key to delete
270 *
271 * Returns: Error code (one of the @KERR@ constants).
272 *
273 * Use: Removes the given key from the list. The key file must be
274 * writable. (Due to the horridness of the data structures,
275 * deleted keys aren't actually removed, just marked so that
276 * they can't be looked up or iterated over. One upshot of
277 * this is that they don't get written back to the file when
278 * it's closed.)
279 */
280
281int key_delete(key_file *f, key *k)
282{
283 KEY_WRITE(f);
284 k->exp = KEXP_EXPIRE;
285 k->del = KEXP_EXPIRE;
286 KEY_MODIFY(f);
287 return (0);
288}
289
cdb7e56a 290/* --- @key_expired@ --- *
291 *
292 * Arguments: @key *k@ = pointer to key block
293 *
294 * Returns: Zero if the key is OK, nonzero if it's expired.
295 */
296
297int key_expired(key *k)
298{
299 time_t now = time(0);
300 return (KEY_EXPIRED(now, k->exp) || KEY_EXPIRED(now, k->del));
301}
302
d11a0bf7 303/* --- @key_expire@ --- *
304 *
305 * Arguments: @key_file *f@ = pointer to file block
306 * @key *k@ = pointer to key block
307 *
308 * Returns: Error code (one of the @KERR@ constants).
309 *
310 * Use: Immediately marks the key as expired. It may be removed
311 * immediately, if it is no longer required, and will be removed
312 * by a tidy operation when it is no longer required. The key
313 * file must be writable.
314 */
315
316int key_expire(key_file *f, key *k)
317{
318 KEY_WRITE(f);
319 k->exp = KEXP_EXPIRE;
320 if (k->del == KEXP_FOREVER)
321 k->del = KEXP_EXPIRE;
322 KEY_MODIFY(f);
323 return (0);
324}
325
326/* --- @key_used@ --- *
327 *
328 * Arguments: @key_file *f@ = pointer to key file
329 * @key *k@ = pointer to key block
330 * @time_t t@ = when key can be removed
331 *
332 * Returns: Zero if OK, nonzero on failure.
333 *
334 * Use: Marks a key as being required until a given time. Even
335 * though the key may expire before then (and won't be returned
336 * by type after that time), it will still be available when
337 * requested explicitly by id. The key file must be writable.
338 *
339 * The only (current) reason for failure is attempting to use
340 * a key which can expire for something which can't.
341 */
342
343int key_used(key_file *f, key *k, time_t t)
344{
345 KEY_WRITE(f);
346 if (t == KEXP_FOREVER) {
347 if (k->exp != KEXP_FOREVER)
348 return (KERR_WILLEXPIRE);
349 } else if (k->del >= t)
350 return (0);
351
352 k->del = t;
353 KEY_MODIFY(f);
354 return (0);
355}
356
981bf127 357/* --- @key_fingerprint@ --- *
358 *
359 * Arguments: @key *k@ = the key to fingerprint
360 * @ghash *h@ = the hash to use
361 * @const key_filter *kf@ = filter to apply
362 *
363 * Returns: Nonzero if the key slightly matched the filter.
364 *
365 * Use: Updates the hash context with the key contents.
366 */
367
368static int abyname(const void *a, const void *b) {
369 key_attr *const *x = a, *const *y = b;
370 return (strcmp(SYM_NAME(*x), SYM_NAME(*y)));
371}
372
373int key_fingerprint(key *k, ghash *h, const key_filter *kf)
374{
375 dstr d = DSTR_INIT;
376 int rc = 0;
377 key_attr *a, **v;
78660a58 378 size_t n, i;
981bf127 379 sym_iter ai;
380
ef13e9a4 381 if (!key_encode(k->k, &d, kf))
981bf127 382 goto done;
383 rc = 1;
78660a58 384 GH_HASHSTR(h, "catacomb-key-fingerprint:");
385 GH_HASHU32(h, k->id);
386 GH_HASHSTR8(h, k->type);
981bf127 387 GH_HASH(h, d.buf, d.len);
388 for (n = 0, sym_mkiter(&ai, &k->a); (a = sym_next(&ai)) != 0; n++);
389 if (n) {
390 v = xmalloc(n * sizeof(*v));
391 for (i = 0, sym_mkiter(&ai, &k->a); (a = sym_next(&ai)) != 0; i++)
392 v[i] = a;
393 qsort(v, n, sizeof(*v), abyname);
981bf127 394 for (i = 0; i < n; i++) {
78660a58 395 GH_HASHSTR8(h, SYM_NAME(v[i]));
396 GH_HASHSTR16(h, v[i]->p);
981bf127 397 }
398 xfree(v);
45c0fd36 399 }
981bf127 400done:
401 dstr_destroy(&d);
402 return (rc);
403}
404
d11a0bf7 405/*----- That's all, folks -------------------------------------------------*/