Line data Source code
1 : /* pkclist.c - create a list of public keys
2 : * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
3 : * 2008, 2009, 2010 Free Software Foundation, Inc.
4 : *
5 : * This file is part of GnuPG.
6 : *
7 : * GnuPG is free software; you can redistribute it and/or modify
8 : * it under the terms of the GNU General Public License as published by
9 : * the Free Software Foundation; either version 3 of the License, or
10 : * (at your option) any later version.
11 : *
12 : * GnuPG is distributed in the hope that it will be useful,
13 : * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 : * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 : * GNU General Public License for more details.
16 : *
17 : * You should have received a copy of the GNU General Public License
18 : * along with this program; if not, see <http://www.gnu.org/licenses/>.
19 : */
20 :
21 : #include <config.h>
22 : #include <stdio.h>
23 : #include <stdlib.h>
24 : #include <string.h>
25 : #include <errno.h>
26 : #include <assert.h>
27 :
28 : #include "gpg.h"
29 : #include "options.h"
30 : #include "packet.h"
31 : #include "status.h"
32 : #include "keydb.h"
33 : #include "util.h"
34 : #include "main.h"
35 : #include "trustdb.h"
36 : #include "ttyio.h"
37 : #include "status.h"
38 : #include "photoid.h"
39 : #include "i18n.h"
40 : #include "tofu.h"
41 :
42 : #define CONTROL_D ('D' - 'A' + 1)
43 :
44 : static void
45 0 : send_status_inv_recp (int reason, const char *name)
46 : {
47 : char buf[40];
48 :
49 0 : snprintf (buf, sizeof buf, "%d ", reason);
50 0 : write_status_text_and_buffer (STATUS_INV_RECP, buf,
51 : name, strlen (name),
52 : -1);
53 0 : }
54 :
55 :
56 : /****************
57 : * Show the revocation reason as it is stored with the given signature
58 : */
59 : static void
60 0 : do_show_revocation_reason( PKT_signature *sig )
61 : {
62 : size_t n, nn;
63 : const byte *p, *pp;
64 0 : int seq = 0;
65 : const char *text;
66 :
67 0 : while( (p = enum_sig_subpkt (sig->hashed, SIGSUBPKT_REVOC_REASON,
68 : &n, &seq, NULL )) ) {
69 0 : if( !n )
70 0 : continue; /* invalid - just skip it */
71 :
72 0 : if( *p == 0 )
73 0 : text = _("No reason specified");
74 0 : else if( *p == 0x01 )
75 0 : text = _("Key is superseded");
76 0 : else if( *p == 0x02 )
77 0 : text = _("Key has been compromised");
78 0 : else if( *p == 0x03 )
79 0 : text = _("Key is no longer used");
80 0 : else if( *p == 0x20 )
81 0 : text = _("User ID is no longer valid");
82 : else
83 0 : text = NULL;
84 :
85 0 : log_info ( _("reason for revocation: "));
86 0 : if (text)
87 0 : log_printf ("%s\n", text);
88 : else
89 0 : log_printf ("code=%02x\n", *p );
90 0 : n--; p++;
91 0 : pp = NULL;
92 : do {
93 : /* We don't want any empty lines, so skip them */
94 0 : while( n && *p == '\n' ) {
95 0 : p++;
96 0 : n--;
97 : }
98 0 : if( n ) {
99 0 : pp = memchr( p, '\n', n );
100 0 : nn = pp? pp - p : n;
101 0 : log_info ( _("revocation comment: ") );
102 0 : es_write_sanitized (log_get_stream(), p, nn, NULL, NULL);
103 0 : log_printf ("\n");
104 0 : p += nn; n -= nn;
105 : }
106 0 : } while( pp );
107 : }
108 0 : }
109 :
110 : /* Mode 0: try and find the revocation based on the pk (i.e. check
111 : subkeys, etc.) Mode 1: use only the revocation on the main pk */
112 :
113 : void
114 0 : show_revocation_reason( PKT_public_key *pk, int mode )
115 : {
116 : /* Hmmm, this is not so easy becuase we have to duplicate the code
117 : * used in the trustbd to calculate the keyflags. We need to find
118 : * a clean way to check revocation certificates on keys and
119 : * signatures. And there should be no duplicate code. Because we
120 : * enter this function only when the trustdb told us that we have
121 : * a revoked key, we could simply look for a revocation cert and
122 : * display this one, when there is only one. Let's try to do this
123 : * until we have a better solution. */
124 0 : KBNODE node, keyblock = NULL;
125 : byte fingerprint[MAX_FINGERPRINT_LEN];
126 : size_t fingerlen;
127 : int rc;
128 :
129 : /* get the keyblock */
130 0 : fingerprint_from_pk( pk, fingerprint, &fingerlen );
131 0 : rc = get_pubkey_byfprint(NULL, &keyblock, fingerprint, fingerlen);
132 0 : if( rc ) { /* that should never happen */
133 0 : log_debug( "failed to get the keyblock\n");
134 0 : return;
135 : }
136 :
137 0 : for( node=keyblock; node; node = node->next ) {
138 0 : if( (mode && node->pkt->pkttype == PKT_PUBLIC_KEY) ||
139 0 : ( ( node->pkt->pkttype == PKT_PUBLIC_KEY
140 0 : || node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
141 0 : && !cmp_public_keys( node->pkt->pkt.public_key, pk ) ) )
142 : break;
143 : }
144 0 : if( !node ) {
145 0 : log_debug("Oops, PK not in keyblock\n");
146 0 : release_kbnode( keyblock );
147 0 : return;
148 : }
149 : /* now find the revocation certificate */
150 0 : for( node = node->next; node ; node = node->next ) {
151 0 : if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
152 0 : break;
153 0 : if( node->pkt->pkttype == PKT_SIGNATURE
154 0 : && (node->pkt->pkt.signature->sig_class == 0x20
155 0 : || node->pkt->pkt.signature->sig_class == 0x28 ) ) {
156 : /* FIXME: we should check the signature here */
157 0 : do_show_revocation_reason ( node->pkt->pkt.signature );
158 0 : break;
159 : }
160 : }
161 :
162 : /* We didn't find it, so check if the whole key is revoked */
163 0 : if(!node && !mode)
164 0 : show_revocation_reason(pk,1);
165 :
166 0 : release_kbnode( keyblock );
167 : }
168 :
169 :
170 : /****************
171 : * mode: 0 = standard
172 : * 1 = Without key info and additional menu option 'm'
173 : * this does also add an option to set the key to ultimately trusted.
174 : * Returns:
175 : * -2 = nothing changed - caller should show some additional info
176 : * -1 = quit operation
177 : * 0 = nothing changed
178 : * 1 = new ownertrust now in new_trust
179 : */
180 : #ifndef NO_TRUST_MODELS
181 : static int
182 0 : do_edit_ownertrust (PKT_public_key *pk, int mode,
183 : unsigned *new_trust, int defer_help )
184 : {
185 : char *p;
186 : u32 keyid[2];
187 0 : int changed=0;
188 0 : int quit=0;
189 0 : int show=0;
190 : int min_num;
191 0 : int did_help=defer_help;
192 0 : unsigned int minimum = tdb_get_min_ownertrust (pk);
193 : char pkstrbuf[PUBKEY_STRING_SIZE];
194 :
195 0 : switch(minimum)
196 : {
197 : default:
198 0 : case TRUST_UNDEFINED: min_num=1; break;
199 0 : case TRUST_NEVER: min_num=2; break;
200 0 : case TRUST_MARGINAL: min_num=3; break;
201 0 : case TRUST_FULLY: min_num=4; break;
202 : }
203 :
204 0 : keyid_from_pk (pk, keyid);
205 : for(;;) {
206 : /* A string with valid answers.
207 :
208 : TRANSLATORS: These are the allowed answers in lower and
209 : uppercase. Below you will find the matching strings which
210 : should be translated accordingly and the letter changed to
211 : match the one in the answer string.
212 :
213 : i = please show me more information
214 : m = back to the main menu
215 : s = skip this key
216 : q = quit
217 : */
218 0 : const char *ans = _("iImMqQsS");
219 :
220 0 : if( !did_help )
221 : {
222 0 : if( !mode )
223 : {
224 : KBNODE keyblock, un;
225 :
226 0 : tty_printf(_("No trust value assigned to:\n"));
227 0 : tty_printf("%s/%s %s\n",
228 : pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
229 : keystr(keyid), datestr_from_pk( pk ) );
230 0 : p=get_user_id_native(keyid);
231 0 : tty_printf(_(" \"%s\"\n"),p);
232 0 : xfree(p);
233 :
234 0 : keyblock = get_pubkeyblock (keyid);
235 0 : if (!keyblock)
236 0 : BUG ();
237 0 : for (un=keyblock; un; un = un->next)
238 : {
239 0 : if (un->pkt->pkttype != PKT_USER_ID )
240 0 : continue;
241 0 : if (un->pkt->pkt.user_id->is_revoked )
242 0 : continue;
243 0 : if (un->pkt->pkt.user_id->is_expired )
244 0 : continue;
245 : /* Only skip textual primaries */
246 0 : if (un->pkt->pkt.user_id->is_primary
247 0 : && !un->pkt->pkt.user_id->attrib_data )
248 0 : continue;
249 :
250 0 : if((opt.verify_options&VERIFY_SHOW_PHOTOS)
251 0 : && un->pkt->pkt.user_id->attrib_data)
252 0 : show_photos (un->pkt->pkt.user_id->attribs,
253 0 : un->pkt->pkt.user_id->numattribs, pk,
254 0 : un->pkt->pkt.user_id);
255 :
256 0 : p=utf8_to_native(un->pkt->pkt.user_id->name,
257 0 : un->pkt->pkt.user_id->len,0);
258 :
259 0 : tty_printf(_(" aka \"%s\"\n"),p);
260 : }
261 :
262 0 : print_fingerprint (NULL, pk, 2);
263 0 : tty_printf("\n");
264 0 : release_kbnode (keyblock);
265 : }
266 :
267 0 : if(opt.trust_model==TM_DIRECT)
268 : {
269 0 : tty_printf(_("How much do you trust that this key actually "
270 : "belongs to the named user?\n"));
271 0 : tty_printf("\n");
272 : }
273 : else
274 : {
275 : /* This string also used in keyedit.c:trustsig_prompt */
276 0 : tty_printf(_("Please decide how far you trust this user to"
277 : " correctly verify other users' keys\n"
278 : "(by looking at passports, checking fingerprints from"
279 : " different sources, etc.)\n"));
280 0 : tty_printf("\n");
281 : }
282 :
283 0 : if(min_num<=1)
284 0 : tty_printf (_(" %d = I don't know or won't say\n"), 1);
285 0 : if(min_num<=2)
286 0 : tty_printf (_(" %d = I do NOT trust\n"), 2);
287 0 : if(min_num<=3)
288 0 : tty_printf (_(" %d = I trust marginally\n"), 3);
289 0 : if(min_num<=4)
290 0 : tty_printf (_(" %d = I trust fully\n"), 4);
291 0 : if (mode)
292 0 : tty_printf (_(" %d = I trust ultimately\n"), 5);
293 : #if 0
294 : /* not yet implemented */
295 : tty_printf (" i = please show me more information\n");
296 : #endif
297 0 : if( mode )
298 0 : tty_printf(_(" m = back to the main menu\n"));
299 : else
300 : {
301 0 : tty_printf(_(" s = skip this key\n"));
302 0 : tty_printf(_(" q = quit\n"));
303 : }
304 0 : tty_printf("\n");
305 0 : if(minimum)
306 0 : tty_printf(_("The minimum trust level for this key is: %s\n\n"),
307 : trust_value_to_string(minimum));
308 0 : did_help = 1;
309 : }
310 0 : if( strlen(ans) != 8 )
311 0 : BUG();
312 0 : p = cpr_get("edit_ownertrust.value",_("Your decision? "));
313 0 : trim_spaces(p);
314 0 : cpr_kill_prompt();
315 0 : if( !*p )
316 0 : did_help = 0;
317 0 : else if( *p && p[1] )
318 : ;
319 0 : else if( !p[1] && ((*p >= '0'+min_num) && *p <= (mode?'5':'4')) )
320 0 : {
321 : unsigned int trust;
322 0 : switch( *p )
323 : {
324 0 : case '1': trust = TRUST_UNDEFINED; break;
325 0 : case '2': trust = TRUST_NEVER ; break;
326 0 : case '3': trust = TRUST_MARGINAL ; break;
327 0 : case '4': trust = TRUST_FULLY ; break;
328 0 : case '5': trust = TRUST_ULTIMATE ; break;
329 0 : default: BUG();
330 : }
331 0 : if (trust == TRUST_ULTIMATE
332 0 : && !cpr_get_answer_is_yes ("edit_ownertrust.set_ultimate.okay",
333 0 : _("Do you really want to set this key"
334 : " to ultimate trust? (y/N) ")))
335 : ; /* no */
336 : else
337 : {
338 0 : *new_trust = trust;
339 0 : changed = 1;
340 0 : break;
341 : }
342 : }
343 : #if 0
344 : /* not yet implemented */
345 : else if( *p == ans[0] || *p == ans[1] )
346 : {
347 : tty_printf(_("Certificates leading to an ultimately trusted key:\n"));
348 : show = 1;
349 : break;
350 : }
351 : #endif
352 0 : else if( mode && (*p == ans[2] || *p == ans[3] || *p == CONTROL_D ) )
353 : {
354 : break ; /* back to the menu */
355 : }
356 0 : else if( !mode && (*p == ans[6] || *p == ans[7] ) )
357 : {
358 : break; /* skip */
359 : }
360 0 : else if( !mode && (*p == ans[4] || *p == ans[5] ) )
361 : {
362 0 : quit = 1;
363 0 : break ; /* back to the menu */
364 : }
365 0 : xfree(p); p = NULL;
366 0 : }
367 0 : xfree(p);
368 0 : return show? -2: quit? -1 : changed;
369 : }
370 : #endif /*!NO_TRUST_MODELS*/
371 :
372 :
373 : /*
374 : * Display a menu to change the ownertrust of the key PK (which should
375 : * be a primary key).
376 : * For mode values see do_edit_ownertrust ()
377 : */
378 : #ifndef NO_TRUST_MODELS
379 : int
380 0 : edit_ownertrust (PKT_public_key *pk, int mode )
381 : {
382 0 : unsigned int trust = 0;
383 0 : int no_help = 0;
384 :
385 : for(;;)
386 : {
387 0 : switch ( do_edit_ownertrust (pk, mode, &trust, no_help ) )
388 : {
389 : case -1: /* quit */
390 0 : return -1;
391 : case -2: /* show info */
392 0 : no_help = 1;
393 0 : break;
394 : case 1: /* trust value set */
395 0 : trust &= ~TRUST_FLAG_DISABLED;
396 0 : trust |= get_ownertrust (pk) & TRUST_FLAG_DISABLED;
397 0 : update_ownertrust (pk, trust );
398 0 : return 1;
399 : default:
400 0 : return 0;
401 : }
402 0 : }
403 : }
404 : #endif /*!NO_TRUST_MODELS*/
405 :
406 :
407 : /****************
408 : * Check whether we can trust this pk which has a trustlevel of TRUSTLEVEL
409 : * Returns: true if we trust.
410 : */
411 : static int
412 236 : do_we_trust( PKT_public_key *pk, unsigned int trustlevel )
413 : {
414 : /* We should not be able to get here with a revoked or expired
415 : key */
416 236 : if(trustlevel & TRUST_FLAG_REVOKED
417 236 : || trustlevel & TRUST_FLAG_SUB_REVOKED
418 236 : || (trustlevel & TRUST_MASK) == TRUST_EXPIRED)
419 0 : BUG();
420 :
421 236 : if( opt.trust_model==TM_ALWAYS )
422 : {
423 236 : if( opt.verbose )
424 0 : log_info("No trust check due to '--trust-model always' option\n");
425 236 : return 1;
426 : }
427 :
428 0 : switch(trustlevel & TRUST_MASK)
429 : {
430 : default:
431 0 : log_error ("invalid trustlevel %u returned from validation layer\n",
432 : trustlevel);
433 : /* fall thru */
434 : case TRUST_UNKNOWN:
435 : case TRUST_UNDEFINED:
436 0 : log_info(_("%s: There is no assurance this key belongs"
437 : " to the named user\n"),keystr_from_pk(pk));
438 0 : return 0; /* no */
439 :
440 : case TRUST_MARGINAL:
441 0 : log_info(_("%s: There is limited assurance this key belongs"
442 : " to the named user\n"),keystr_from_pk(pk));
443 0 : return 1; /* yes */
444 :
445 : case TRUST_FULLY:
446 0 : if( opt.verbose )
447 0 : log_info(_("This key probably belongs to the named user\n"));
448 0 : return 1; /* yes */
449 :
450 : case TRUST_ULTIMATE:
451 0 : if( opt.verbose )
452 0 : log_info(_("This key belongs to us\n"));
453 0 : return 1; /* yes */
454 : }
455 :
456 : return 1; /*NOTREACHED*/
457 : }
458 :
459 :
460 : /****************
461 : * wrapper around do_we_trust, so we can ask whether to use the
462 : * key anyway.
463 : */
464 : static int
465 236 : do_we_trust_pre( PKT_public_key *pk, unsigned int trustlevel )
466 : {
467 : int rc;
468 :
469 236 : rc = do_we_trust( pk, trustlevel );
470 :
471 236 : if( !opt.batch && !rc )
472 : {
473 0 : print_pubkey_info(NULL,pk);
474 0 : print_fingerprint (NULL, pk, 2);
475 0 : tty_printf("\n");
476 :
477 0 : tty_printf(
478 0 : _("It is NOT certain that the key belongs to the person named\n"
479 : "in the user ID. If you *really* know what you are doing,\n"
480 : "you may answer the next question with yes.\n"));
481 :
482 0 : tty_printf("\n");
483 :
484 :
485 0 : if (is_status_enabled ())
486 : {
487 : u32 kid[2];
488 : char *hint_str;
489 :
490 0 : keyid_from_pk (pk, kid);
491 0 : hint_str = get_long_user_id_string ( kid );
492 0 : write_status_text ( STATUS_USERID_HINT, hint_str );
493 0 : xfree (hint_str);
494 : }
495 :
496 0 : if( cpr_get_answer_is_yes("untrusted_key.override",
497 0 : _("Use this key anyway? (y/N) ")) )
498 0 : rc = 1;
499 :
500 : /* Hmmm: Should we set a flag to tell the user about
501 : * his decision the next time he encrypts for this recipient?
502 : */
503 : }
504 :
505 236 : return rc;
506 : }
507 :
508 :
509 : /****************
510 : * Check whether we can trust this signature.
511 : * Returns an error code if we should not trust this signature.
512 : */
513 : int
514 143 : check_signatures_trust( PKT_signature *sig )
515 : {
516 143 : PKT_public_key *pk = xmalloc_clear( sizeof *pk );
517 143 : unsigned int trustlevel = TRUST_UNKNOWN;
518 143 : int rc=0;
519 :
520 143 : rc = get_pubkey( pk, sig->keyid );
521 143 : if (rc)
522 : { /* this should not happen */
523 0 : log_error("Ooops; the key vanished - can't check the trust\n");
524 0 : rc = GPG_ERR_NO_PUBKEY;
525 0 : goto leave;
526 : }
527 :
528 143 : if ( opt.trust_model==TM_ALWAYS )
529 : {
530 0 : if( !opt.quiet )
531 0 : log_info(_("WARNING: Using untrusted key!\n"));
532 0 : if (opt.with_fingerprint)
533 0 : print_fingerprint (NULL, pk, 1);
534 0 : goto leave;
535 : }
536 :
537 143 : if(pk->flags.maybe_revoked && !pk->flags.revoked)
538 0 : log_info(_("WARNING: this key might be revoked (revocation key"
539 : " not present)\n"));
540 :
541 143 : trustlevel = get_validity (pk, NULL, sig, 1);
542 :
543 143 : if ( (trustlevel & TRUST_FLAG_REVOKED) )
544 : {
545 0 : write_status( STATUS_KEYREVOKED );
546 0 : if(pk->flags.revoked == 2)
547 0 : log_info(_("WARNING: This key has been revoked by its"
548 : " designated revoker!\n"));
549 : else
550 0 : log_info(_("WARNING: This key has been revoked by its owner!\n"));
551 0 : log_info(_(" This could mean that the signature is forged.\n"));
552 0 : show_revocation_reason( pk, 0 );
553 : }
554 143 : else if ((trustlevel & TRUST_FLAG_SUB_REVOKED) )
555 : {
556 0 : write_status( STATUS_KEYREVOKED );
557 0 : log_info(_("WARNING: This subkey has been revoked by its owner!\n"));
558 0 : show_revocation_reason( pk, 0 );
559 : }
560 :
561 143 : if ((trustlevel & TRUST_FLAG_DISABLED))
562 0 : log_info (_("Note: This key has been disabled.\n"));
563 :
564 : /* If we have PKA information adjust the trustlevel. */
565 143 : if (sig->pka_info && sig->pka_info->valid)
566 : {
567 : unsigned char fpr[MAX_FINGERPRINT_LEN];
568 : PKT_public_key *primary_pk;
569 : size_t fprlen;
570 : int okay;
571 :
572 :
573 0 : primary_pk = xmalloc_clear (sizeof *primary_pk);
574 0 : get_pubkey (primary_pk, pk->main_keyid);
575 0 : fingerprint_from_pk (primary_pk, fpr, &fprlen);
576 0 : free_public_key (primary_pk);
577 :
578 0 : if ( fprlen == 20 && !memcmp (sig->pka_info->fpr, fpr, 20) )
579 : {
580 0 : okay = 1;
581 0 : write_status_text (STATUS_PKA_TRUST_GOOD, sig->pka_info->email);
582 0 : log_info (_("Note: Verified signer's address is '%s'\n"),
583 0 : sig->pka_info->email);
584 : }
585 : else
586 : {
587 0 : okay = 0;
588 0 : write_status_text (STATUS_PKA_TRUST_BAD, sig->pka_info->email);
589 0 : log_info (_("Note: Signer's address '%s' "
590 0 : "does not match DNS entry\n"), sig->pka_info->email);
591 : }
592 :
593 0 : switch ( (trustlevel & TRUST_MASK) )
594 : {
595 : case TRUST_UNKNOWN:
596 : case TRUST_UNDEFINED:
597 : case TRUST_MARGINAL:
598 0 : if (okay && opt.verify_options&VERIFY_PKA_TRUST_INCREASE)
599 : {
600 0 : trustlevel = ((trustlevel & ~TRUST_MASK) | TRUST_FULLY);
601 0 : log_info (_("trustlevel adjusted to FULL"
602 : " due to valid PKA info\n"));
603 : }
604 : /* (fall through) */
605 : case TRUST_FULLY:
606 0 : if (!okay)
607 : {
608 0 : trustlevel = ((trustlevel & ~TRUST_MASK) | TRUST_NEVER);
609 0 : log_info (_("trustlevel adjusted to NEVER"
610 : " due to bad PKA info\n"));
611 : }
612 0 : break;
613 : }
614 : }
615 :
616 : /* Now let the user know what up with the trustlevel. */
617 143 : switch ( (trustlevel & TRUST_MASK) )
618 : {
619 : case TRUST_EXPIRED:
620 0 : log_info(_("Note: This key has expired!\n"));
621 0 : print_fingerprint (NULL, pk, 1);
622 0 : break;
623 :
624 : default:
625 0 : log_error ("invalid trustlevel %u returned from validation layer\n",
626 : trustlevel);
627 : /* fall thru */
628 : case TRUST_UNKNOWN:
629 : case TRUST_UNDEFINED:
630 141 : write_status( STATUS_TRUST_UNDEFINED );
631 141 : log_info(_("WARNING: This key is not certified with"
632 : " a trusted signature!\n"));
633 141 : log_info(_(" There is no indication that the "
634 : "signature belongs to the owner.\n" ));
635 141 : print_fingerprint (NULL, pk, 1);
636 141 : break;
637 :
638 : case TRUST_NEVER:
639 : /* currently we won't get that status */
640 0 : write_status( STATUS_TRUST_NEVER );
641 0 : log_info(_("WARNING: We do NOT trust this key!\n"));
642 0 : log_info(_(" The signature is probably a FORGERY.\n"));
643 0 : if (opt.with_fingerprint)
644 0 : print_fingerprint (NULL, pk, 1);
645 0 : rc = gpg_error (GPG_ERR_BAD_SIGNATURE);
646 0 : break;
647 :
648 : case TRUST_MARGINAL:
649 2 : write_status( STATUS_TRUST_MARGINAL );
650 2 : log_info(_("WARNING: This key is not certified with"
651 : " sufficiently trusted signatures!\n"));
652 2 : log_info(_(" It is not certain that the"
653 : " signature belongs to the owner.\n" ));
654 2 : print_fingerprint (NULL, pk, 1);
655 2 : break;
656 :
657 : case TRUST_FULLY:
658 0 : write_status( STATUS_TRUST_FULLY );
659 0 : if (opt.with_fingerprint)
660 0 : print_fingerprint (NULL, pk, 1);
661 0 : break;
662 :
663 : case TRUST_ULTIMATE:
664 0 : write_status( STATUS_TRUST_ULTIMATE );
665 0 : if (opt.with_fingerprint)
666 0 : print_fingerprint (NULL, pk, 1);
667 0 : break;
668 : }
669 :
670 : leave:
671 143 : free_public_key( pk );
672 143 : return rc;
673 : }
674 :
675 :
676 : void
677 308 : release_pk_list (pk_list_t pk_list)
678 : {
679 : PK_LIST pk_rover;
680 :
681 544 : for ( ; pk_list; pk_list = pk_rover)
682 : {
683 236 : pk_rover = pk_list->next;
684 236 : free_public_key ( pk_list->pk );
685 236 : xfree ( pk_list );
686 : }
687 308 : }
688 :
689 :
690 : static int
691 236 : key_present_in_pk_list(PK_LIST pk_list, PKT_public_key *pk)
692 : {
693 236 : for( ; pk_list; pk_list = pk_list->next)
694 0 : if (cmp_public_keys(pk_list->pk, pk) == 0)
695 0 : return 0;
696 :
697 236 : return -1;
698 : }
699 :
700 :
701 : /****************
702 : * Return a malloced string with a default recipient if there is any
703 : */
704 : static char *
705 0 : default_recipient(ctrl_t ctrl)
706 : {
707 : PKT_public_key *pk;
708 : byte fpr[MAX_FINGERPRINT_LEN+1];
709 : size_t n;
710 : char *p;
711 : int i;
712 :
713 0 : if( opt.def_recipient )
714 0 : return xstrdup( opt.def_recipient );
715 0 : if( !opt.def_recipient_self )
716 0 : return NULL;
717 0 : pk = xmalloc_clear( sizeof *pk );
718 0 : i = get_seckey_default (ctrl, pk);
719 0 : if( i ) {
720 0 : free_public_key( pk );
721 0 : return NULL;
722 : }
723 0 : n = MAX_FINGERPRINT_LEN;
724 0 : fingerprint_from_pk( pk, fpr, &n );
725 0 : free_public_key( pk );
726 0 : p = xmalloc( 2*n+3 );
727 0 : *p++ = '0';
728 0 : *p++ = 'x';
729 0 : for(i=0; i < n; i++ )
730 0 : sprintf( p+2*i, "%02X", fpr[i] );
731 0 : p -= 2;
732 0 : return p;
733 : }
734 :
735 : static int
736 0 : expand_id(const char *id,strlist_t *into,unsigned int flags)
737 : {
738 : struct groupitem *groups;
739 0 : int count=0;
740 :
741 0 : for(groups=opt.grouplist;groups;groups=groups->next)
742 : {
743 : /* need strcasecmp() here, as this should be localized */
744 0 : if(strcasecmp(groups->name,id)==0)
745 : {
746 : strlist_t each,sl;
747 :
748 : /* this maintains the current utf8-ness */
749 0 : for(each=groups->values;each;each=each->next)
750 : {
751 0 : sl=add_to_strlist(into,each->d);
752 0 : sl->flags=flags;
753 0 : count++;
754 : }
755 :
756 0 : break;
757 : }
758 : }
759 :
760 0 : return count;
761 : }
762 :
763 : /* For simplicity, and to avoid potential loops, we only expand once -
764 : you can't make an alias that points to an alias. */
765 : static strlist_t
766 0 : expand_group(strlist_t input)
767 : {
768 0 : strlist_t sl,output=NULL,rover;
769 :
770 0 : for(rover=input;rover;rover=rover->next)
771 0 : if(expand_id(rover->d,&output,rover->flags)==0)
772 : {
773 : /* Didn't find any groups, so use the existing string */
774 0 : sl=add_to_strlist(&output,rover->d);
775 0 : sl->flags=rover->flags;
776 : }
777 :
778 0 : return output;
779 : }
780 :
781 :
782 : /* Helper for build_pk_list to find and check one key. This helper is
783 : also used directly in server mode by the RECIPIENTS command. On
784 : success the new key is added to PK_LIST_ADDR. NAME is the user id
785 : of the key. USE the requested usage and a set MARK_HIDDEN will mark
786 : the key in the updated list as a hidden recipient. */
787 : gpg_error_t
788 236 : find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use,
789 : int mark_hidden, pk_list_t *pk_list_addr)
790 : {
791 : int rc;
792 : PKT_public_key *pk;
793 : int trustlevel;
794 :
795 236 : if (!name || !*name)
796 0 : return gpg_error (GPG_ERR_INV_USER_ID);
797 :
798 236 : pk = xtrycalloc (1, sizeof *pk);
799 236 : if (!pk)
800 0 : return gpg_error_from_syserror ();
801 236 : pk->req_usage = use;
802 :
803 236 : rc = get_pubkey_byname (ctrl, NULL, pk, name, NULL, NULL, 0, 0);
804 236 : if (rc)
805 : {
806 : int code;
807 :
808 : /* Key not found or other error. */
809 0 : log_error (_("%s: skipped: %s\n"), name, gpg_strerror (rc) );
810 0 : switch (gpg_err_code (rc))
811 : {
812 : case GPG_ERR_NO_SECKEY:
813 0 : case GPG_ERR_NO_PUBKEY: code = 1; break;
814 0 : case GPG_ERR_INV_USER_ID: code = 14; break;
815 0 : default: code = 0; break;
816 : }
817 0 : send_status_inv_recp (code, name);
818 0 : free_public_key (pk);
819 0 : return rc;
820 : }
821 :
822 236 : rc = openpgp_pk_test_algo2 (pk->pubkey_algo, use);
823 236 : if (rc)
824 : {
825 : /* Key found but not usable for us (e.g. sign-only key). */
826 0 : send_status_inv_recp (3, name); /* Wrong key usage */
827 0 : log_error (_("%s: skipped: %s\n"), name, gpg_strerror (rc) );
828 0 : free_public_key (pk);
829 0 : return rc;
830 : }
831 :
832 : /* Key found and usable. Check validity. */
833 236 : trustlevel = get_validity (pk, pk->user_id, NULL, 1);
834 236 : if ( (trustlevel & TRUST_FLAG_DISABLED) )
835 : {
836 : /* Key has been disabled. */
837 0 : send_status_inv_recp (13, name);
838 0 : log_info (_("%s: skipped: public key is disabled\n"), name);
839 0 : free_public_key (pk);
840 0 : return GPG_ERR_UNUSABLE_PUBKEY;
841 : }
842 :
843 236 : if ( !do_we_trust_pre (pk, trustlevel) )
844 : {
845 : /* We don't trust this key. */
846 0 : send_status_inv_recp (10, name);
847 0 : free_public_key (pk);
848 0 : return GPG_ERR_UNUSABLE_PUBKEY;
849 : }
850 : /* Note: do_we_trust may have changed the trustlevel. */
851 :
852 : /* Skip the actual key if the key is already present in the
853 : list. */
854 236 : if (!key_present_in_pk_list (*pk_list_addr, pk))
855 : {
856 0 : if (!opt.quiet)
857 0 : log_info (_("%s: skipped: public key already present\n"), name);
858 0 : free_public_key (pk);
859 : }
860 : else
861 : {
862 : pk_list_t r;
863 :
864 236 : r = xtrymalloc (sizeof *r);
865 236 : if (!r)
866 : {
867 0 : rc = gpg_error_from_syserror ();
868 0 : free_public_key (pk);
869 0 : return rc;
870 : }
871 236 : r->pk = pk;
872 236 : r->next = *pk_list_addr;
873 236 : r->flags = mark_hidden? 1:0;
874 236 : *pk_list_addr = r;
875 : }
876 :
877 236 : return 0;
878 : }
879 :
880 :
881 :
882 : /* This is the central function to collect the keys for recipients.
883 : It is thus used to prepare a public key encryption. encrypt-to
884 : keys, default keys and the keys for the actual recipients are all
885 : collected here. When not in batch mode and no recipient has been
886 : passed on the commandline, the function will also ask for
887 : recipients.
888 :
889 : RCPTS is a string list with the recipients; NULL is an allowed
890 : value but not very useful. Group expansion is done on these names;
891 : they may be in any of the user Id formats we can handle. The flags
892 : bits for each string in the string list are used for:
893 : Bit 0: This is an encrypt-to recipient.
894 : Bit 1: This is a hidden recipient.
895 :
896 : USE is the desired use for the key - usually PUBKEY_USAGE_ENC.
897 :
898 : On success a list of keys is stored at the address RET_PK_LIST; the
899 : caller must free this list. On error the value at this address is
900 : not changed.
901 : */
902 : int
903 236 : build_pk_list (ctrl_t ctrl,
904 : strlist_t rcpts, PK_LIST *ret_pk_list, unsigned int use )
905 : {
906 236 : PK_LIST pk_list = NULL;
907 236 : PKT_public_key *pk=NULL;
908 236 : int rc=0;
909 236 : int any_recipients=0;
910 : strlist_t rov,remusr;
911 236 : char *def_rec = NULL;
912 : char pkstrbuf[PUBKEY_STRING_SIZE];
913 :
914 : /* Try to expand groups if any have been defined. */
915 236 : if (opt.grouplist)
916 0 : remusr = expand_group (rcpts);
917 : else
918 236 : remusr = rcpts;
919 :
920 : /* Check whether there are any recipients in the list and build the
921 : * list of the encrypt-to ones (we always trust them). */
922 472 : for ( rov = remusr; rov; rov = rov->next )
923 : {
924 236 : if ( !(rov->flags & 1) )
925 : {
926 : /* This is a regular recipient; i.e. not an encrypt-to
927 : one. */
928 236 : any_recipients = 1;
929 :
930 : /* Hidden recipients are not allowed while in PGP mode,
931 : issue a warning and switch into GnuPG mode. */
932 236 : if ((rov->flags&2) && (PGP6 || PGP7 || PGP8))
933 : {
934 0 : log_info(_("you may not use %s while in %s mode\n"),
935 : "--hidden-recipient",
936 : compliance_option_string());
937 :
938 0 : compliance_failure();
939 : }
940 : }
941 0 : else if ( (use & PUBKEY_USAGE_ENC) && !opt.no_encrypt_to )
942 : {
943 : /* Encryption has been requested and --encrypt-to has not
944 : been disabled. Check this encrypt-to key. */
945 0 : pk = xmalloc_clear( sizeof *pk );
946 0 : pk->req_usage = use;
947 :
948 : /* We explicitly allow encrypt-to to an disabled key; thus
949 : we pass 1 for the second last argument and 1 as the last
950 : argument to disable AKL. */
951 0 : if ( (rc = get_pubkey_byname (ctrl,
952 0 : NULL, pk, rov->d, NULL, NULL, 1, 1)) )
953 : {
954 0 : free_public_key ( pk ); pk = NULL;
955 0 : log_error (_("%s: skipped: %s\n"), rov->d, gpg_strerror (rc) );
956 0 : send_status_inv_recp (0, rov->d);
957 0 : goto fail;
958 : }
959 0 : else if ( !(rc=openpgp_pk_test_algo2 (pk->pubkey_algo, use)) )
960 : {
961 : /* Skip the actual key if the key is already present
962 : * in the list. Add it to our list if not. */
963 0 : if (key_present_in_pk_list(pk_list, pk) == 0)
964 : {
965 0 : free_public_key (pk); pk = NULL;
966 0 : if (!opt.quiet)
967 0 : log_info (_("%s: skipped: public key already present\n"),
968 0 : rov->d);
969 : }
970 : else
971 : {
972 : PK_LIST r;
973 0 : r = xmalloc( sizeof *r );
974 0 : r->pk = pk; pk = NULL;
975 0 : r->next = pk_list;
976 0 : r->flags = (rov->flags&2)?1:0;
977 0 : pk_list = r;
978 :
979 : /* Hidden encrypt-to recipients are not allowed while
980 : in PGP mode, issue a warning and switch into
981 : GnuPG mode. */
982 0 : if ((r->flags&1) && (PGP6 || PGP7 || PGP8))
983 : {
984 0 : log_info(_("you may not use %s while in %s mode\n"),
985 : "--hidden-encrypt-to",
986 : compliance_option_string());
987 :
988 0 : compliance_failure();
989 : }
990 : }
991 : }
992 : else
993 : {
994 : /* The public key is not usable for encryption. */
995 0 : free_public_key( pk ); pk = NULL;
996 0 : log_error(_("%s: skipped: %s\n"), rov->d, gpg_strerror (rc) );
997 0 : send_status_inv_recp (3, rov->d); /* Wrong key usage */
998 0 : goto fail;
999 : }
1000 : }
1001 : }
1002 :
1003 : /* If we don't have any recipients yet and we are not in batch mode
1004 : drop into interactive selection mode. */
1005 236 : if ( !any_recipients && !opt.batch )
1006 0 : {
1007 : int have_def_rec;
1008 0 : char *answer = NULL;
1009 0 : strlist_t backlog = NULL;
1010 :
1011 0 : if (pk_list)
1012 0 : any_recipients = 1;
1013 0 : def_rec = default_recipient(ctrl);
1014 0 : have_def_rec = !!def_rec;
1015 0 : if ( !have_def_rec )
1016 0 : tty_printf(_("You did not specify a user ID. (you may use \"-r\")\n"));
1017 :
1018 : for (;;)
1019 : {
1020 0 : rc = 0;
1021 0 : xfree(answer);
1022 0 : if ( have_def_rec )
1023 : {
1024 : /* A default recipient is taken as the first entry. */
1025 0 : answer = def_rec;
1026 0 : def_rec = NULL;
1027 : }
1028 0 : else if (backlog)
1029 : {
1030 : /* This is part of our trick to expand and display groups. */
1031 0 : answer = strlist_pop (&backlog);
1032 : }
1033 : else
1034 : {
1035 : /* Show the list of already collected recipients and ask
1036 : for more. */
1037 : PK_LIST iter;
1038 :
1039 0 : tty_printf("\n");
1040 0 : tty_printf(_("Current recipients:\n"));
1041 0 : for (iter=pk_list;iter;iter=iter->next)
1042 : {
1043 : u32 keyid[2];
1044 :
1045 0 : keyid_from_pk(iter->pk,keyid);
1046 0 : tty_printf ("%s/%s %s \"",
1047 : pubkey_string (iter->pk,
1048 : pkstrbuf, sizeof pkstrbuf),
1049 : keystr(keyid),
1050 : datestr_from_pk (iter->pk));
1051 :
1052 0 : if (iter->pk->user_id)
1053 0 : tty_print_utf8_string(iter->pk->user_id->name,
1054 0 : iter->pk->user_id->len);
1055 : else
1056 : {
1057 : size_t n;
1058 0 : char *p = get_user_id( keyid, &n );
1059 0 : tty_print_utf8_string( p, n );
1060 0 : xfree(p);
1061 : }
1062 0 : tty_printf("\"\n");
1063 : }
1064 :
1065 0 : answer = cpr_get_utf8("pklist.user_id.enter",
1066 0 : _("\nEnter the user ID. "
1067 : "End with an empty line: "));
1068 0 : trim_spaces(answer);
1069 0 : cpr_kill_prompt();
1070 : }
1071 :
1072 0 : if ( !answer || !*answer )
1073 : {
1074 0 : xfree(answer);
1075 0 : break; /* No more recipients entered - get out of loop. */
1076 : }
1077 :
1078 : /* Do group expand here too. The trick here is to continue
1079 : the loop if any expansion occured. The code above will
1080 : then list all expanded keys. */
1081 0 : if (expand_id(answer,&backlog,0))
1082 0 : continue;
1083 :
1084 : /* Get and check key for the current name. */
1085 0 : free_public_key (pk);
1086 0 : pk = xmalloc_clear( sizeof *pk );
1087 0 : pk->req_usage = use;
1088 0 : rc = get_pubkey_byname (ctrl, NULL, pk, answer, NULL, NULL, 0, 0 );
1089 0 : if (rc)
1090 0 : tty_printf(_("No such user ID.\n"));
1091 0 : else if ( !(rc=openpgp_pk_test_algo2 (pk->pubkey_algo, use)) )
1092 : {
1093 0 : if ( have_def_rec )
1094 : {
1095 : /* No validation for a default recipient. */
1096 0 : if (!key_present_in_pk_list(pk_list, pk))
1097 : {
1098 0 : free_public_key (pk);
1099 0 : pk = NULL;
1100 0 : log_info (_("skipped: public key "
1101 : "already set as default recipient\n") );
1102 : }
1103 : else
1104 : {
1105 0 : PK_LIST r = xmalloc (sizeof *r);
1106 0 : r->pk = pk; pk = NULL;
1107 0 : r->next = pk_list;
1108 0 : r->flags = 0; /* No throwing default ids. */
1109 0 : pk_list = r;
1110 : }
1111 0 : any_recipients = 1;
1112 0 : continue;
1113 : }
1114 : else
1115 : { /* Check validity of this key. */
1116 : int trustlevel;
1117 :
1118 0 : trustlevel = get_validity (pk, pk->user_id, NULL, 1);
1119 0 : if ( (trustlevel & TRUST_FLAG_DISABLED) )
1120 : {
1121 0 : tty_printf (_("Public key is disabled.\n") );
1122 : }
1123 0 : else if ( do_we_trust_pre (pk, trustlevel) )
1124 : {
1125 : /* Skip the actual key if the key is already
1126 : * present in the list */
1127 0 : if (!key_present_in_pk_list(pk_list, pk))
1128 : {
1129 0 : free_public_key (pk);
1130 0 : pk = NULL;
1131 0 : log_info(_("skipped: public key already set\n") );
1132 : }
1133 : else
1134 : {
1135 : PK_LIST r;
1136 0 : r = xmalloc( sizeof *r );
1137 0 : r->pk = pk; pk = NULL;
1138 0 : r->next = pk_list;
1139 0 : r->flags = 0; /* No throwing interactive ids. */
1140 0 : pk_list = r;
1141 : }
1142 0 : any_recipients = 1;
1143 0 : continue;
1144 : }
1145 : }
1146 : }
1147 0 : xfree(def_rec); def_rec = NULL;
1148 0 : have_def_rec = 0;
1149 0 : }
1150 0 : if ( pk )
1151 : {
1152 0 : free_public_key( pk );
1153 0 : pk = NULL;
1154 : }
1155 : }
1156 236 : else if ( !any_recipients && (def_rec = default_recipient(ctrl)) )
1157 : {
1158 : /* We are in batch mode and have only a default recipient. */
1159 0 : pk = xmalloc_clear( sizeof *pk );
1160 0 : pk->req_usage = use;
1161 :
1162 : /* The default recipient is allowed to be disabled; thus pass 1
1163 : as second last argument. We also don't want an AKL. */
1164 0 : rc = get_pubkey_byname (ctrl, NULL, pk, def_rec, NULL, NULL, 1, 1);
1165 0 : if (rc)
1166 0 : log_error(_("unknown default recipient \"%s\"\n"), def_rec );
1167 0 : else if ( !(rc=openpgp_pk_test_algo2(pk->pubkey_algo, use)) )
1168 : {
1169 : /* Mark any_recipients here since the default recipient
1170 : would have been used if it wasn't already there. It
1171 : doesn't really matter if we got this key from the default
1172 : recipient or an encrypt-to. */
1173 0 : any_recipients = 1;
1174 0 : if (!key_present_in_pk_list(pk_list, pk))
1175 0 : log_info (_("skipped: public key already set "
1176 : "as default recipient\n"));
1177 : else
1178 : {
1179 0 : PK_LIST r = xmalloc( sizeof *r );
1180 0 : r->pk = pk; pk = NULL;
1181 0 : r->next = pk_list;
1182 0 : r->flags = 0; /* No throwing default ids. */
1183 0 : pk_list = r;
1184 : }
1185 : }
1186 0 : if ( pk )
1187 : {
1188 0 : free_public_key( pk );
1189 0 : pk = NULL;
1190 : }
1191 0 : xfree(def_rec); def_rec = NULL;
1192 : }
1193 : else
1194 : {
1195 : /* General case: Check all keys. */
1196 236 : any_recipients = 0;
1197 472 : for (; remusr; remusr = remusr->next )
1198 : {
1199 236 : if ( (remusr->flags & 1) )
1200 0 : continue; /* encrypt-to keys are already handled. */
1201 :
1202 236 : rc = find_and_check_key (ctrl, remusr->d, use, !!(remusr->flags&2),
1203 : &pk_list);
1204 236 : if (rc)
1205 0 : goto fail;
1206 236 : any_recipients = 1;
1207 : }
1208 : }
1209 :
1210 236 : if ( !rc && !any_recipients )
1211 : {
1212 0 : log_error(_("no valid addressees\n"));
1213 0 : write_status_text (STATUS_NO_RECP, "0");
1214 0 : rc = GPG_ERR_NO_USER_ID;
1215 : }
1216 :
1217 : fail:
1218 :
1219 236 : if ( rc )
1220 0 : release_pk_list( pk_list );
1221 : else
1222 236 : *ret_pk_list = pk_list;
1223 236 : if (opt.grouplist)
1224 0 : free_strlist(remusr);
1225 236 : return rc;
1226 : }
1227 :
1228 :
1229 : /* In pgp6 mode, disallow all ciphers except IDEA (1), 3DES (2), and
1230 : CAST5 (3), all hashes except MD5 (1), SHA1 (2), and RIPEMD160 (3),
1231 : and all compressions except none (0) and ZIP (1). pgp7 and pgp8
1232 : mode expands the cipher list to include AES128 (7), AES192 (8),
1233 : AES256 (9), and TWOFISH (10). pgp8 adds the SHA-256 hash (8). For
1234 : a true PGP key all of this is unneeded as they are the only items
1235 : present in the preferences subpacket, but checking here covers the
1236 : weird case of encrypting to a key that had preferences from a
1237 : different implementation which was then used with PGP. I am not
1238 : completely comfortable with this as the right thing to do, as it
1239 : slightly alters the list of what the user is supposedly requesting.
1240 : It is not against the RFC however, as the preference chosen will
1241 : never be one that the user didn't specify somewhere ("The
1242 : implementation may use any mechanism to pick an algorithm in the
1243 : intersection"), and PGP has no mechanism to fix such a broken
1244 : preference list, so I'm including it. -dms */
1245 :
1246 : int
1247 2149 : algo_available( preftype_t preftype, int algo, const union pref_hint *hint)
1248 : {
1249 2149 : if( preftype == PREFTYPE_SYM )
1250 : {
1251 1522 : if(PGP6 && (algo != CIPHER_ALGO_IDEA
1252 0 : && algo != CIPHER_ALGO_3DES
1253 0 : && algo != CIPHER_ALGO_CAST5))
1254 0 : return 0;
1255 :
1256 1522 : if(PGP7 && (algo != CIPHER_ALGO_IDEA
1257 0 : && algo != CIPHER_ALGO_3DES
1258 0 : && algo != CIPHER_ALGO_CAST5
1259 0 : && algo != CIPHER_ALGO_AES
1260 0 : && algo != CIPHER_ALGO_AES192
1261 0 : && algo != CIPHER_ALGO_AES256
1262 0 : && algo != CIPHER_ALGO_TWOFISH))
1263 0 : return 0;
1264 :
1265 : /* PGP8 supports all the ciphers we do.. */
1266 :
1267 1522 : return algo && !openpgp_cipher_test_algo ( algo );
1268 : }
1269 627 : else if( preftype == PREFTYPE_HASH )
1270 : {
1271 26 : if (hint && hint->digest_length)
1272 : {
1273 24 : if (hint->digest_length!=20 || opt.flags.dsa2)
1274 : {
1275 : /* If --enable-dsa2 is set or the hash isn't 160 bits
1276 : (which implies DSA2), then we'll accept a hash that
1277 : is larger than we need. Otherwise we won't accept
1278 : any hash that isn't exactly the right size. */
1279 0 : if (hint->digest_length > gcry_md_get_algo_dlen (algo))
1280 0 : return 0;
1281 : }
1282 24 : else if (hint->digest_length != gcry_md_get_algo_dlen (algo))
1283 0 : return 0;
1284 : }
1285 :
1286 26 : if((PGP6 || PGP7) && (algo != DIGEST_ALGO_MD5
1287 0 : && algo != DIGEST_ALGO_SHA1
1288 0 : && algo != DIGEST_ALGO_RMD160))
1289 0 : return 0;
1290 :
1291 :
1292 26 : if(PGP8 && (algo != DIGEST_ALGO_MD5
1293 0 : && algo != DIGEST_ALGO_SHA1
1294 0 : && algo != DIGEST_ALGO_RMD160
1295 0 : && algo != DIGEST_ALGO_SHA256))
1296 0 : return 0;
1297 :
1298 26 : return algo && !openpgp_md_test_algo (algo);
1299 : }
1300 601 : else if( preftype == PREFTYPE_ZIP )
1301 : {
1302 601 : if((PGP6 || PGP7) && (algo != COMPRESS_ALGO_NONE
1303 0 : && algo != COMPRESS_ALGO_ZIP))
1304 0 : return 0;
1305 :
1306 : /* PGP8 supports all the compression algos we do */
1307 :
1308 601 : return !check_compress_algo( algo );
1309 : }
1310 : else
1311 0 : return 0;
1312 : }
1313 :
1314 : /****************
1315 : * Return -1 if we could not find an algorithm.
1316 : */
1317 : int
1318 1050 : select_algo_from_prefs(PK_LIST pk_list, int preftype,
1319 : int request, const union pref_hint *hint)
1320 : {
1321 : PK_LIST pkr;
1322 : u32 bits[8];
1323 : const prefitem_t *prefs;
1324 1050 : int result=-1,i;
1325 : u16 scores[256];
1326 :
1327 1050 : if( !pk_list )
1328 180 : return -1;
1329 :
1330 870 : memset(bits,0xFF,sizeof(bits));
1331 870 : memset(scores,0,sizeof(scores));
1332 :
1333 1740 : for( pkr = pk_list; pkr; pkr = pkr->next )
1334 : {
1335 : u32 mask[8];
1336 870 : int rank=1,implicit=-1;
1337 :
1338 870 : memset(mask,0,sizeof(mask));
1339 :
1340 870 : switch(preftype)
1341 : {
1342 : case PREFTYPE_SYM:
1343 : /* IDEA is implicitly there for v3 keys with v3 selfsigs if
1344 : --pgp2 mode is on. This was a 2440 thing that was
1345 : dropped from 4880 but is still relevant to GPG's 1991
1346 : support. All this doesn't mean IDEA is actually
1347 : available, of course. */
1348 608 : implicit=CIPHER_ALGO_3DES;
1349 :
1350 608 : break;
1351 :
1352 : case PREFTYPE_HASH:
1353 : /* While I am including this code for completeness, note
1354 : that currently --pgp2 mode locks the hash at MD5, so this
1355 : code will never even be called. Even if the hash wasn't
1356 : locked at MD5, we don't support sign+encrypt in --pgp2
1357 : mode, and that's the only time PREFTYPE_HASH is used
1358 : anyway. -dms */
1359 :
1360 26 : implicit=DIGEST_ALGO_SHA1;
1361 :
1362 26 : break;
1363 :
1364 : case PREFTYPE_ZIP:
1365 : /* Uncompressed is always an option. */
1366 236 : implicit=COMPRESS_ALGO_NONE;
1367 : }
1368 :
1369 870 : if (pkr->pk->user_id) /* selected by user ID */
1370 261 : prefs = pkr->pk->user_id->prefs;
1371 : else
1372 609 : prefs = pkr->pk->prefs;
1373 :
1374 870 : if( prefs )
1375 : {
1376 5559 : for (i=0; prefs[i].type; i++ )
1377 : {
1378 4689 : if( prefs[i].type == preftype )
1379 : {
1380 : /* Make sure all scores don't add up past 0xFFFF
1381 : (and roll around) */
1382 2517 : if(rank+scores[prefs[i].value]<=0xFFFF)
1383 2517 : scores[prefs[i].value]+=rank;
1384 : else
1385 0 : scores[prefs[i].value]=0xFFFF;
1386 :
1387 2517 : mask[prefs[i].value/32] |= 1<<(prefs[i].value%32);
1388 :
1389 2517 : rank++;
1390 :
1391 : /* We saw the implicit algorithm, so we don't need
1392 : tack it on the end ourselves. */
1393 2517 : if(implicit==prefs[i].value)
1394 611 : implicit=-1;
1395 : }
1396 : }
1397 : }
1398 :
1399 870 : if(rank==1 && preftype==PREFTYPE_ZIP)
1400 : {
1401 : /* If the compression preferences are not present, they are
1402 : assumed to be ZIP, Uncompressed (RFC4880:13.3.1) */
1403 93 : scores[1]=1; /* ZIP is first choice */
1404 93 : scores[0]=2; /* Uncompressed is second choice */
1405 93 : mask[0]|=3;
1406 : }
1407 :
1408 : /* If the key didn't have the implicit algorithm listed
1409 : explicitly, add it here at the tail of the list. */
1410 870 : if(implicit>-1)
1411 : {
1412 259 : scores[implicit]+=rank;
1413 259 : mask[implicit/32] |= 1<<(implicit%32);
1414 : }
1415 :
1416 7830 : for(i=0;i<8;i++)
1417 6960 : bits[i]&=mask[i];
1418 : }
1419 :
1420 : /* We've now scored all of the algorithms, and the usable ones have
1421 : bits set. Let's pick the winner. */
1422 :
1423 : /* The caller passed us a request. Can we use it? */
1424 934 : if(request>-1 && (bits[request/32] & (1<<(request%32))) &&
1425 64 : algo_available(preftype,request,hint))
1426 64 : result=request;
1427 :
1428 870 : if(result==-1)
1429 : {
1430 : /* If we have personal prefs set, use them. */
1431 806 : prefs=NULL;
1432 806 : if(preftype==PREFTYPE_SYM && opt.personal_cipher_prefs)
1433 0 : prefs=opt.personal_cipher_prefs;
1434 806 : else if(preftype==PREFTYPE_HASH && opt.personal_digest_prefs)
1435 0 : prefs=opt.personal_digest_prefs;
1436 806 : else if(preftype==PREFTYPE_ZIP && opt.personal_compress_prefs)
1437 0 : prefs=opt.personal_compress_prefs;
1438 :
1439 806 : if( prefs )
1440 0 : for(i=0; prefs[i].type; i++ )
1441 : {
1442 0 : if(bits[prefs[i].value/32] & (1<<(prefs[i].value%32))
1443 0 : && algo_available( preftype, prefs[i].value, hint))
1444 : {
1445 0 : result = prefs[i].value;
1446 0 : break;
1447 : }
1448 : }
1449 : }
1450 :
1451 870 : if(result==-1)
1452 : {
1453 806 : unsigned int best=-1;
1454 :
1455 : /* At this point, we have not selected an algorithm due to a
1456 : special request or via personal prefs. Pick the highest
1457 : ranked algorithm (i.e. the one with the lowest score). */
1458 :
1459 806 : if(preftype==PREFTYPE_HASH && scores[DIGEST_ALGO_MD5])
1460 : {
1461 : /* "If you are building an authentication system, the recipient
1462 : may specify a preferred signing algorithm. However, the
1463 : signer would be foolish to use a weak algorithm simply
1464 : because the recipient requests it." (RFC4880:14). If any
1465 : other hash algorithm is available, pretend that MD5 isn't.
1466 : Note that if the user intentionally chose MD5 by putting it
1467 : in their personal prefs, then we do what the user said (as we
1468 : never reach this code). */
1469 :
1470 0 : for(i=DIGEST_ALGO_MD5+1;i<256;i++)
1471 0 : if(scores[i])
1472 : {
1473 0 : scores[DIGEST_ALGO_MD5]=0;
1474 0 : break;
1475 : }
1476 : }
1477 :
1478 207142 : for(i=0;i<256;i++)
1479 : {
1480 : /* Note the '<' here. This means in case of a tie, we will
1481 : favor the lower algorithm number. We have a choice
1482 : between the lower number (probably an older algorithm
1483 : with more time in use), or the higher number (probably a
1484 : newer algorithm with less time in use). Older is
1485 : probably safer here, even though the newer algorithms
1486 : tend to be "stronger". */
1487 206336 : if(scores[i] && scores[i]<best
1488 2085 : && (bits[i/32] & (1<<(i%32)))
1489 2085 : && algo_available(preftype,i,hint))
1490 : {
1491 2085 : best=scores[i];
1492 2085 : result=i;
1493 : }
1494 : }
1495 : }
1496 :
1497 870 : return result;
1498 : }
1499 :
1500 : /*
1501 : * Select the MDC flag from the pk_list. We can only use MDC if all
1502 : * recipients support this feature.
1503 : */
1504 : int
1505 267 : select_mdc_from_pklist (PK_LIST pk_list)
1506 : {
1507 : PK_LIST pkr;
1508 :
1509 267 : if ( !pk_list )
1510 31 : return 0;
1511 :
1512 379 : for (pkr = pk_list; pkr; pkr = pkr->next)
1513 : {
1514 : int mdc;
1515 :
1516 236 : if (pkr->pk->user_id) /* selected by user ID */
1517 122 : mdc = pkr->pk->user_id->flags.mdc;
1518 : else
1519 114 : mdc = pkr->pk->flags.mdc;
1520 236 : if (!mdc)
1521 93 : return 0; /* At least one recipient does not support it. */
1522 : }
1523 143 : return 1; /* Can be used. */
1524 : }
1525 :
1526 :
1527 : /* Print a warning for all keys in PK_LIST missing the MDC feature. */
1528 : void
1529 0 : warn_missing_mdc_from_pklist (PK_LIST pk_list)
1530 : {
1531 : PK_LIST pkr;
1532 :
1533 0 : for (pkr = pk_list; pkr; pkr = pkr->next)
1534 : {
1535 : int mdc;
1536 :
1537 0 : if (pkr->pk->user_id) /* selected by user ID */
1538 0 : mdc = pkr->pk->user_id->flags.mdc;
1539 : else
1540 0 : mdc = pkr->pk->flags.mdc;
1541 0 : if (!mdc)
1542 0 : log_info (_("Note: key %s has no %s feature\n"),
1543 : keystr_from_pk (pkr->pk), "MDC");
1544 : }
1545 0 : }
1546 :
1547 : void
1548 0 : warn_missing_aes_from_pklist (PK_LIST pk_list)
1549 : {
1550 : PK_LIST pkr;
1551 :
1552 0 : for (pkr = pk_list; pkr; pkr = pkr->next)
1553 : {
1554 : const prefitem_t *prefs;
1555 : int i;
1556 0 : int gotit = 0;
1557 :
1558 0 : prefs = pkr->pk->user_id? pkr->pk->user_id->prefs : pkr->pk->prefs;
1559 0 : if (prefs)
1560 : {
1561 0 : for (i=0; !gotit && prefs[i].type; i++ )
1562 0 : if (prefs[i].type == PREFTYPE_SYM
1563 0 : && prefs[i].value == CIPHER_ALGO_AES)
1564 0 : gotit++;
1565 : }
1566 0 : if (!gotit)
1567 0 : log_info (_("Note: key %s has no preference for %s\n"),
1568 : keystr_from_pk (pkr->pk), "AES");
1569 : }
1570 0 : }
|
