LCOV - code coverage report
Current view: top level - g10 - import.c (source / functions) Hit Total Coverage
Test: coverage.info Lines: 791 1475 53.6 %
Date: 2016-09-12 12:29:17 Functions: 24 38 63.2 %

          Line data    Source code
       1             : /* import.c - import a key into our key storage.
       2             :  * Copyright (C) 1998-2007, 2010-2011 Free Software Foundation, Inc.
       3             :  * Copyright (C) 2014, 2016  Werner Koch
       4             :  *
       5             :  * This file is part of GnuPG.
       6             :  *
       7             :  * GnuPG is free software; you can redistribute it and/or modify
       8             :  * it under the terms of the GNU General Public License as published by
       9             :  * the Free Software Foundation; either version 3 of the License, or
      10             :  * (at your option) any later version.
      11             :  *
      12             :  * GnuPG is distributed in the hope that it will be useful,
      13             :  * but WITHOUT ANY WARRANTY; without even the implied warranty of
      14             :  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      15             :  * GNU General Public License for more details.
      16             :  *
      17             :  * You should have received a copy of the GNU General Public License
      18             :  * along with this program; if not, see <http://www.gnu.org/licenses/>.
      19             :  */
      20             : 
      21             : #include <config.h>
      22             : #include <stdio.h>
      23             : #include <stdlib.h>
      24             : #include <string.h>
      25             : #include <errno.h>
      26             : 
      27             : #include "gpg.h"
      28             : #include "options.h"
      29             : #include "packet.h"
      30             : #include "status.h"
      31             : #include "keydb.h"
      32             : #include "util.h"
      33             : #include "trustdb.h"
      34             : #include "main.h"
      35             : #include "i18n.h"
      36             : #include "ttyio.h"
      37             : #include "status.h"
      38             : #include "recsel.h"
      39             : #include "keyserver-internal.h"
      40             : #include "call-agent.h"
      41             : #include "../common/membuf.h"
      42             : #include "../common/init.h"
      43             : #include "../common/mbox-util.h"
      44             : 
      45             : 
      46             : struct import_stats_s
      47             : {
      48             :   ulong count;
      49             :   ulong no_user_id;
      50             :   ulong imported;
      51             :   ulong n_uids;
      52             :   ulong n_sigs;
      53             :   ulong n_subk;
      54             :   ulong unchanged;
      55             :   ulong n_revoc;
      56             :   ulong secret_read;
      57             :   ulong secret_imported;
      58             :   ulong secret_dups;
      59             :   ulong skipped_new_keys;
      60             :   ulong not_imported;
      61             :   ulong n_sigs_cleaned;
      62             :   ulong n_uids_cleaned;
      63             :   ulong v3keys;   /* Number of V3 keys seen.  */
      64             : };
      65             : 
      66             : 
      67             : /* Node flag to indicate that a user ID or a subkey has a
      68             :  * valid self-signature.  */
      69             : #define NODE_GOOD_SELFSIG  1
      70             : /* Node flag to indicate that a user ID or subkey has
      71             :  * an invalid self-signature.  */
      72             : #define NODE_BAD_SELFSIG   2
      73             : /* Node flag to indicate that the node shall be deleted.  */
      74             : #define NODE_DELETION_MARK 4
      75             : /* A node flag used to temporary mark a node. */
      76             : #define NODE_FLAG_A  8
      77             : 
      78             : 
      79             : /* Global variables to store selector created from
      80             :  * --import-filter keep-uid=EXPR.
      81             :  * --import-filter drop-sig=EXPR.
      82             :  *
      83             :  * FIXME: We should put this into the CTRL object but that requires a
      84             :  * lot more changes right now.
      85             :  */
      86             : static recsel_expr_t import_keep_uid;
      87             : static recsel_expr_t import_drop_sig;
      88             : 
      89             : 
      90             : 
      91             : static int import (ctrl_t ctrl,
      92             :                    IOBUF inp, const char* fname, struct import_stats_s *stats,
      93             :                    unsigned char **fpr, size_t *fpr_len, unsigned int options,
      94             :                    import_screener_t screener, void *screener_arg);
      95             : static int read_block (IOBUF a, PACKET **pending_pkt, kbnode_t *ret_root,
      96             :                        int *r_v3keys);
      97             : static void revocation_present (ctrl_t ctrl, kbnode_t keyblock);
      98             : static int import_one (ctrl_t ctrl,
      99             :                        kbnode_t keyblock,
     100             :                        struct import_stats_s *stats,
     101             :                        unsigned char **fpr, size_t *fpr_len,
     102             :                        unsigned int options, int from_sk, int silent,
     103             :                        import_screener_t screener, void *screener_arg);
     104             : static int import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
     105             :                               struct import_stats_s *stats, int batch,
     106             :                               unsigned int options, int for_migration,
     107             :                               import_screener_t screener, void *screener_arg);
     108             : static int import_revoke_cert (kbnode_t node, struct import_stats_s *stats);
     109             : static int chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self);
     110             : static int delete_inv_parts (kbnode_t keyblock,
     111             :                              u32 *keyid, unsigned int options);
     112             : static int merge_blocks (kbnode_t keyblock_orig,
     113             :                          kbnode_t keyblock, u32 *keyid,
     114             :                          int *n_uids, int *n_sigs, int *n_subk );
     115             : static int append_uid (kbnode_t keyblock, kbnode_t node, int *n_sigs);
     116             : static int append_key (kbnode_t keyblock, kbnode_t node, int *n_sigs);
     117             : static int merge_sigs (kbnode_t dst, kbnode_t src, int *n_sigs);
     118             : static int merge_keysigs (kbnode_t dst, kbnode_t src, int *n_sigs);
     119             : 
     120             : 
     121             : 
     122             : static void
     123           0 : cleanup_import_globals (void)
     124             : {
     125           0 :   recsel_release (import_keep_uid);
     126           0 :   import_keep_uid = NULL;
     127           0 :   recsel_release (import_drop_sig);
     128           0 :   import_drop_sig = NULL;
     129           0 : }
     130             : 
     131             : 
     132             : int
     133           0 : parse_import_options(char *str,unsigned int *options,int noisy)
     134             : {
     135           0 :   struct parse_options import_opts[]=
     136             :     {
     137             :       {"import-local-sigs",IMPORT_LOCAL_SIGS,NULL,
     138             :        N_("import signatures that are marked as local-only")},
     139             : 
     140             :       {"repair-pks-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG,NULL,
     141             :        N_("repair damage from the pks keyserver during import")},
     142             : 
     143             :       {"keep-ownertrust", IMPORT_KEEP_OWNERTTRUST, NULL,
     144             :        N_("do not clear the ownertrust values during import")},
     145             : 
     146             :       {"fast-import",IMPORT_FAST,NULL,
     147             :        N_("do not update the trustdb after import")},
     148             : 
     149             :       {"import-show",IMPORT_SHOW,NULL,
     150             :        N_("show key during import")},
     151             : 
     152             :       {"merge-only",IMPORT_MERGE_ONLY,NULL,
     153             :        N_("only accept updates to existing keys")},
     154             : 
     155             :       {"import-clean",IMPORT_CLEAN,NULL,
     156             :        N_("remove unusable parts from key after import")},
     157             : 
     158             :       {"import-minimal",IMPORT_MINIMAL|IMPORT_CLEAN,NULL,
     159             :        N_("remove as much as possible from key after import")},
     160             : 
     161             :       {"import-export", IMPORT_EXPORT, NULL,
     162             :        N_("run import filters and export key immediately")},
     163             : 
     164             :       /* Aliases for backward compatibility */
     165             :       {"allow-local-sigs",IMPORT_LOCAL_SIGS,NULL,NULL},
     166             :       {"repair-hkp-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG,NULL,NULL},
     167             :       /* dummy */
     168             :       {"import-unusable-sigs",0,NULL,NULL},
     169             :       {"import-clean-sigs",0,NULL,NULL},
     170             :       {"import-clean-uids",0,NULL,NULL},
     171             :       {"convert-sk-to-pk",0, NULL,NULL}, /* Not anymore needed due to
     172             :                                             the new design.  */
     173             :       {NULL,0,NULL,NULL}
     174             :     };
     175             : 
     176           0 :   return parse_options(str,options,import_opts,noisy);
     177             : }
     178             : 
     179             : 
     180             : /* Parse and set an import filter from string.  STRING has the format
     181             :  * "NAME=EXPR" with NAME being the name of the filter.  Spaces before
     182             :  * and after NAME are not allowed.  If this function is all called
     183             :  * several times all expressions for the same NAME are concatenated.
     184             :  * Supported filter names are:
     185             :  *
     186             :  *  - keep-uid :: If the expression evaluates to true for a certain
     187             :  *                user ID packet, that packet and all it dependencies
     188             :  *                will be imported.  The expression may use these
     189             :  *                variables:
     190             :  *
     191             :  *                - uid  :: The entire user ID.
     192             :  *                - mbox :: The mail box part of the user ID.
     193             :  *                - primary :: Evaluate to true for the primary user ID.
     194             :  */
     195             : gpg_error_t
     196           0 : parse_and_set_import_filter (const char *string)
     197             : {
     198             :   gpg_error_t err;
     199             : 
     200             :   /* Auto register the cleanup function.  */
     201           0 :   register_mem_cleanup_func (cleanup_import_globals);
     202             : 
     203           0 :   if (!strncmp (string, "keep-uid=", 9))
     204           0 :     err = recsel_parse_expr (&import_keep_uid, string+9);
     205           0 :   else if (!strncmp (string, "drop-sig=", 9))
     206           0 :     err = recsel_parse_expr (&import_drop_sig, string+9);
     207             :   else
     208           0 :     err = gpg_error (GPG_ERR_INV_NAME);
     209             : 
     210           0 :   return err;
     211             : }
     212             : 
     213             : 
     214             : 
     215             : import_stats_t
     216          27 : import_new_stats_handle (void)
     217             : {
     218          27 :   return xmalloc_clear ( sizeof (struct import_stats_s) );
     219             : }
     220             : 
     221             : 
     222             : void
     223          27 : import_release_stats_handle (import_stats_t p)
     224             : {
     225          27 :   xfree (p);
     226          27 : }
     227             : 
     228             : 
     229             : /* Read a key from a file.  Only the first key in the file is
     230             :  * considered and stored at R_KEYBLOCK.  FNAME is the name of the
     231             :  * file.
     232             :  */
     233             : gpg_error_t
     234           6 : read_key_from_file (ctrl_t ctrl, const char *fname, kbnode_t *r_keyblock)
     235             : {
     236             :   gpg_error_t err;
     237             :   iobuf_t inp;
     238           6 :   PACKET *pending_pkt = NULL;
     239           6 :   kbnode_t keyblock = NULL;
     240             :   u32 keyid[2];
     241             :   int v3keys;   /* Dummy */
     242             :   int non_self; /* Dummy */
     243             : 
     244             :   (void)ctrl;
     245             : 
     246           6 :   *r_keyblock = NULL;
     247             : 
     248           6 :   inp = iobuf_open (fname);
     249           6 :   if (!inp)
     250           0 :     err = gpg_error_from_syserror ();
     251           6 :   else if (is_secured_file (iobuf_get_fd (inp)))
     252             :     {
     253           0 :       iobuf_close (inp);
     254           0 :       inp = NULL;
     255           0 :       err = gpg_error (GPG_ERR_EPERM);
     256             :     }
     257             :   else
     258           6 :     err = 0;
     259           6 :   if (err)
     260             :     {
     261           0 :       log_error (_("can't open '%s': %s\n"),
     262           0 :                  iobuf_is_pipe_filename (fname)? "[stdin]": fname,
     263             :                  gpg_strerror (err));
     264           0 :       if (gpg_err_code (err) == GPG_ERR_ENOENT)
     265           0 :         err = gpg_error (GPG_ERR_NO_PUBKEY);
     266           0 :       goto leave;
     267             :     }
     268             : 
     269             :   /* Push the armor filter.  */
     270             :   {
     271             :     armor_filter_context_t *afx;
     272           6 :     afx = new_armor_context ();
     273           6 :     afx->only_keyblocks = 1;
     274           6 :     push_armor_filter (afx, inp);
     275           6 :     release_armor_context (afx);
     276             :   }
     277             : 
     278             :   /* Read the first non-v3 keyblock.  */
     279          12 :   while (!(err = read_block (inp, &pending_pkt, &keyblock, &v3keys)))
     280             :     {
     281           6 :       if (keyblock->pkt->pkttype == PKT_PUBLIC_KEY)
     282           6 :         break;
     283           0 :       log_info (_("skipping block of type %d\n"), keyblock->pkt->pkttype);
     284           0 :       release_kbnode (keyblock);
     285           0 :       keyblock = NULL;
     286             :     }
     287           6 :   if (err)
     288             :     {
     289           0 :       if (gpg_err_code (err) != GPG_ERR_INV_KEYRING)
     290           0 :         log_error (_("error reading '%s': %s\n"),
     291           0 :                    iobuf_is_pipe_filename (fname)? "[stdin]": fname,
     292             :                    gpg_strerror (err));
     293           0 :       goto leave;
     294             :     }
     295             : 
     296           6 :   keyid_from_pk (keyblock->pkt->pkt.public_key, keyid);
     297             : 
     298           6 :   if (!find_next_kbnode (keyblock, PKT_USER_ID))
     299             :     {
     300           0 :       err = gpg_error (GPG_ERR_NO_USER_ID);
     301           0 :       goto leave;
     302             :     }
     303             : 
     304           6 :   collapse_uids (&keyblock);
     305             : 
     306           6 :   clear_kbnode_flags (keyblock);
     307           6 :   if (chk_self_sigs (keyblock, keyid, &non_self))
     308             :     {
     309           0 :       err = gpg_error (GPG_ERR_INV_KEYRING);
     310           0 :       goto leave;
     311             :     }
     312             : 
     313           6 :   if (!delete_inv_parts (keyblock, keyid, 0) )
     314             :     {
     315           0 :       err = gpg_error (GPG_ERR_NO_USER_ID);
     316           0 :       goto leave;
     317             :     }
     318             : 
     319           6 :   *r_keyblock = keyblock;
     320           6 :   keyblock = NULL;
     321             : 
     322             :  leave:
     323           6 :   if (inp)
     324             :     {
     325           6 :       iobuf_close (inp);
     326             :       /* Must invalidate that ugly cache to actually close the file. */
     327           6 :       iobuf_ioctl (NULL, IOBUF_IOCTL_INVALIDATE_CACHE, 0, (char*)fname);
     328             :     }
     329           6 :   release_kbnode (keyblock);
     330             :   /* FIXME: Do we need to free PENDING_PKT ? */
     331           6 :   return err;
     332             : }
     333             : 
     334             : 
     335             : 
     336             : /*
     337             :  * Import the public keys from the given filename. Input may be armored.
     338             :  * This function rejects all keys which are not validly self signed on at
     339             :  * least one userid. Only user ids which are self signed will be imported.
     340             :  * Other signatures are not checked.
     341             :  *
     342             :  * Actually this function does a merge. It works like this:
     343             :  *
     344             :  *  - get the keyblock
     345             :  *  - check self-signatures and remove all userids and their signatures
     346             :  *    without/invalid self-signatures.
     347             :  *  - reject the keyblock, if we have no valid userid.
     348             :  *  - See whether we have this key already in one of our pubrings.
     349             :  *    If not, simply add it to the default keyring.
     350             :  *  - Compare the key and the self-signatures of the new and the one in
     351             :  *    our keyring.  If they are different something weird is going on;
     352             :  *    ask what to do.
     353             :  *  - See whether we have only non-self-signature on one user id; if not
     354             :  *    ask the user what to do.
     355             :  *  - compare the signatures: If we already have this signature, check
     356             :  *    that they compare okay; if not, issue a warning and ask the user.
     357             :  *    (consider looking at the timestamp and use the newest?)
     358             :  *  - Simply add the signature.  Can't verify here because we may not have
     359             :  *    the signature's public key yet; verification is done when putting it
     360             :  *    into the trustdb, which is done automagically as soon as this pubkey
     361             :  *    is used.
     362             :  *  - Proceed with next signature.
     363             :  *
     364             :  *  Key revocation certificates have special handling.
     365             :  */
     366             : static int
     367          24 : import_keys_internal (ctrl_t ctrl, iobuf_t inp, char **fnames, int nnames,
     368             :                       import_stats_t stats_handle,
     369             :                       unsigned char **fpr, size_t *fpr_len,
     370             :                       unsigned int options,
     371             :                       import_screener_t screener, void *screener_arg)
     372             : {
     373             :   int i;
     374          24 :   int rc = 0;
     375          24 :   struct import_stats_s *stats = stats_handle;
     376             : 
     377          24 :   if (!stats)
     378          24 :     stats = import_new_stats_handle ();
     379             : 
     380          24 :   if (inp)
     381             :     {
     382           0 :       rc = import (ctrl, inp, "[stream]", stats, fpr, fpr_len, options,
     383             :                    screener, screener_arg);
     384             :     }
     385             :   else
     386             :     {
     387          24 :       if (!fnames && !nnames)
     388           1 :         nnames = 1;  /* Ohh what a ugly hack to jump into the loop */
     389             : 
     390          50 :       for (i=0; i < nnames; i++)
     391             :         {
     392          26 :           const char *fname = fnames? fnames[i] : NULL;
     393          26 :           IOBUF inp2 = iobuf_open(fname);
     394             : 
     395          26 :           if (!fname)
     396           1 :             fname = "[stdin]";
     397          26 :           if (inp2 && is_secured_file (iobuf_get_fd (inp2)))
     398             :             {
     399           0 :               iobuf_close (inp2);
     400           0 :               inp2 = NULL;
     401           0 :               gpg_err_set_errno (EPERM);
     402             :             }
     403          26 :           if (!inp2)
     404           0 :             log_error (_("can't open '%s': %s\n"), fname, strerror (errno));
     405             :           else
     406             :             {
     407          26 :               rc = import (ctrl, inp2, fname, stats, fpr, fpr_len, options,
     408             :                            screener, screener_arg);
     409          26 :               iobuf_close (inp2);
     410             :               /* Must invalidate that ugly cache to actually close it. */
     411          26 :               iobuf_ioctl (NULL, IOBUF_IOCTL_INVALIDATE_CACHE, 0, (char*)fname);
     412          26 :               if (rc)
     413           0 :                 log_error ("import from '%s' failed: %s\n",
     414             :                            fname, gpg_strerror (rc) );
     415             :             }
     416          26 :           if (!fname)
     417           0 :             break;
     418             :         }
     419             :     }
     420             : 
     421          24 :   if (!stats_handle)
     422             :     {
     423          24 :       import_print_stats (stats);
     424          24 :       import_release_stats_handle (stats);
     425             :     }
     426             : 
     427             :   /* If no fast import and the trustdb is dirty (i.e. we added a key
     428             :      or userID that had something other than a selfsig, a signature
     429             :      that was other than a selfsig, or any revocation), then
     430             :      update/check the trustdb if the user specified by setting
     431             :      interactive or by not setting no-auto-check-trustdb */
     432             : 
     433          24 :   if (!(options & IMPORT_FAST))
     434          24 :     check_or_update_trustdb (ctrl);
     435             : 
     436          24 :   return rc;
     437             : }
     438             : 
     439             : 
     440             : void
     441          24 : import_keys (ctrl_t ctrl, char **fnames, int nnames,
     442             :              import_stats_t stats_handle, unsigned int options )
     443             : {
     444          24 :   import_keys_internal (ctrl, NULL, fnames, nnames, stats_handle,
     445             :                         NULL, NULL, options, NULL, NULL);
     446          24 : }
     447             : 
     448             : int
     449           0 : import_keys_stream (ctrl_t ctrl, IOBUF inp, import_stats_t stats_handle,
     450             :                     unsigned char **fpr, size_t *fpr_len, unsigned int options)
     451             : {
     452           0 :   return import_keys_internal (ctrl, inp, NULL, 0, stats_handle,
     453             :                                fpr, fpr_len, options, NULL, NULL);
     454             : }
     455             : 
     456             : 
     457             : /* Variant of import_keys_stream reading from an estream_t.  */
     458             : int
     459           0 : import_keys_es_stream (ctrl_t ctrl, estream_t fp,
     460             :                        import_stats_t stats_handle,
     461             :                        unsigned char **fpr, size_t *fpr_len,
     462             :                        unsigned int options,
     463             :                        import_screener_t screener, void *screener_arg)
     464             : {
     465             :   int rc;
     466             :   iobuf_t inp;
     467             : 
     468           0 :   inp = iobuf_esopen (fp, "r", 1);
     469           0 :   if (!inp)
     470             :     {
     471           0 :       rc = gpg_error_from_syserror ();
     472           0 :       log_error ("iobuf_esopen failed: %s\n", gpg_strerror (rc));
     473           0 :       return rc;
     474             :     }
     475             : 
     476           0 :   rc = import_keys_internal (ctrl, inp, NULL, 0, stats_handle,
     477             :                              fpr, fpr_len, options,
     478             :                              screener, screener_arg);
     479             : 
     480           0 :   iobuf_close (inp);
     481           0 :   return rc;
     482             : }
     483             : 
     484             : 
     485             : static int
     486          26 : import (ctrl_t ctrl, IOBUF inp, const char* fname,struct import_stats_s *stats,
     487             :         unsigned char **fpr,size_t *fpr_len, unsigned int options,
     488             :         import_screener_t screener, void *screener_arg)
     489             : {
     490          26 :   PACKET *pending_pkt = NULL;
     491          26 :   kbnode_t keyblock = NULL;  /* Need to initialize because gcc can't
     492             :                                 grasp the return semantics of
     493             :                                 read_block. */
     494          26 :   int rc = 0;
     495             :   int v3keys;
     496             : 
     497          26 :   getkey_disable_caches ();
     498             : 
     499          26 :   if (!opt.no_armor) /* Armored reading is not disabled.  */
     500             :     {
     501             :       armor_filter_context_t *afx;
     502             : 
     503          26 :       afx = new_armor_context ();
     504          26 :       afx->only_keyblocks = 1;
     505          26 :       push_armor_filter (afx, inp);
     506          26 :       release_armor_context (afx);
     507             :     }
     508             : 
     509         146 :   while (!(rc = read_block (inp, &pending_pkt, &keyblock, &v3keys)))
     510             :     {
     511          94 :       stats->v3keys += v3keys;
     512          94 :       if (keyblock->pkt->pkttype == PKT_PUBLIC_KEY)
     513          86 :         rc = import_one (ctrl, keyblock,
     514             :                          stats, fpr, fpr_len, options, 0, 0,
     515             :                          screener, screener_arg);
     516           8 :       else if (keyblock->pkt->pkttype == PKT_SECRET_KEY)
     517           8 :         rc = import_secret_one (ctrl, keyblock, stats,
     518             :                                 opt.batch, options, 0,
     519             :                                 screener, screener_arg);
     520           0 :       else if (keyblock->pkt->pkttype == PKT_SIGNATURE
     521           0 :                && keyblock->pkt->pkt.signature->sig_class == 0x20 )
     522           0 :         rc = import_revoke_cert (keyblock, stats);
     523             :       else
     524             :         {
     525           0 :           log_info (_("skipping block of type %d\n"), keyblock->pkt->pkttype);
     526             :         }
     527          94 :       release_kbnode (keyblock);
     528             : 
     529             :       /* fixme: we should increment the not imported counter but
     530             :          this does only make sense if we keep on going despite of
     531             :          errors.  For now we do this only if the imported key is too
     532             :          large. */
     533          94 :       if (gpg_err_code (rc) == GPG_ERR_TOO_LARGE
     534           0 :             && gpg_err_source (rc) == GPG_ERR_SOURCE_KEYBOX)
     535             :         {
     536           0 :           stats->not_imported++;
     537             :         }
     538          94 :       else if (rc)
     539           0 :         break;
     540             : 
     541          94 :       if (!(++stats->count % 100) && !opt.quiet)
     542           0 :         log_info (_("%lu keys processed so far\n"), stats->count );
     543             :     }
     544          26 :   stats->v3keys += v3keys;
     545          26 :   if (rc == -1)
     546          26 :     rc = 0;
     547           0 :   else if (rc && gpg_err_code (rc) != GPG_ERR_INV_KEYRING)
     548           0 :     log_error (_("error reading '%s': %s\n"), fname, gpg_strerror (rc));
     549             : 
     550          26 :   return rc;
     551             : }
     552             : 
     553             : 
     554             : /* Helper to migrate secring.gpg to GnuPG 2.1.  */
     555             : gpg_error_t
     556           3 : import_old_secring (ctrl_t ctrl, const char *fname)
     557             : {
     558             :   gpg_error_t err;
     559             :   iobuf_t inp;
     560           3 :   PACKET *pending_pkt = NULL;
     561           3 :   kbnode_t keyblock = NULL;  /* Need to initialize because gcc can't
     562             :                                 grasp the return semantics of
     563             :                                 read_block. */
     564             :   struct import_stats_s *stats;
     565             :   int v3keys;
     566             : 
     567           3 :   inp = iobuf_open (fname);
     568           3 :   if (inp && is_secured_file (iobuf_get_fd (inp)))
     569             :     {
     570           0 :       iobuf_close (inp);
     571           0 :       inp = NULL;
     572           0 :       gpg_err_set_errno (EPERM);
     573             :     }
     574           3 :   if (!inp)
     575             :     {
     576           0 :       err = gpg_error_from_syserror ();
     577           0 :       log_error (_("can't open '%s': %s\n"), fname, gpg_strerror (err));
     578           0 :       return err;
     579             :     }
     580             : 
     581           3 :   getkey_disable_caches();
     582           3 :   stats = import_new_stats_handle ();
     583           3 :   while (!(err = read_block (inp, &pending_pkt, &keyblock, &v3keys)))
     584             :     {
     585           9 :       if (keyblock->pkt->pkttype == PKT_SECRET_KEY)
     586           9 :         err = import_secret_one (ctrl, keyblock, stats, 1, 0, 1,
     587             :                                  NULL, NULL);
     588           9 :       release_kbnode (keyblock);
     589           9 :       if (err)
     590           0 :         break;
     591             :     }
     592           3 :   import_release_stats_handle (stats);
     593           3 :   if (err == -1)
     594           3 :     err = 0;
     595           0 :   else if (err && gpg_err_code (err) != GPG_ERR_INV_KEYRING)
     596           0 :     log_error (_("error reading '%s': %s\n"), fname, gpg_strerror (err));
     597           0 :   else if (err)
     598           0 :     log_error ("import from '%s' failed: %s\n", fname, gpg_strerror (err));
     599             : 
     600           3 :   iobuf_close (inp);
     601           3 :   iobuf_ioctl (NULL, IOBUF_IOCTL_INVALIDATE_CACHE, 0, (char*)fname);
     602             : 
     603           3 :   return err;
     604             : }
     605             : 
     606             : 
     607             : void
     608          24 : import_print_stats (import_stats_t stats)
     609             : {
     610          24 :   if (!opt.quiet)
     611             :     {
     612          23 :       log_info(_("Total number processed: %lu\n"),
     613          23 :                stats->count + stats->v3keys);
     614          23 :       if (stats->v3keys)
     615           0 :         log_info(_("    skipped PGP-2 keys: %lu\n"), stats->v3keys);
     616          23 :       if (stats->skipped_new_keys )
     617           0 :         log_info(_("      skipped new keys: %lu\n"),
     618             :                  stats->skipped_new_keys );
     619          23 :       if (stats->no_user_id )
     620           0 :         log_info(_("          w/o user IDs: %lu\n"), stats->no_user_id );
     621          23 :       if (stats->imported)
     622             :         {
     623          18 :           log_info(_("              imported: %lu"), stats->imported );
     624          18 :           log_printf ("\n");
     625             :         }
     626          23 :       if (stats->unchanged )
     627           4 :         log_info(_("             unchanged: %lu\n"), stats->unchanged );
     628          23 :       if (stats->n_uids )
     629           0 :         log_info(_("          new user IDs: %lu\n"), stats->n_uids );
     630          23 :       if (stats->n_subk )
     631           0 :         log_info(_("           new subkeys: %lu\n"), stats->n_subk );
     632          23 :       if (stats->n_sigs )
     633           2 :         log_info(_("        new signatures: %lu\n"), stats->n_sigs );
     634          23 :       if (stats->n_revoc )
     635           0 :         log_info(_("   new key revocations: %lu\n"), stats->n_revoc );
     636          23 :       if (stats->secret_read )
     637           8 :         log_info(_("      secret keys read: %lu\n"), stats->secret_read );
     638          23 :       if (stats->secret_imported )
     639           7 :         log_info(_("  secret keys imported: %lu\n"), stats->secret_imported );
     640          23 :       if (stats->secret_dups )
     641           1 :         log_info(_(" secret keys unchanged: %lu\n"), stats->secret_dups );
     642          23 :       if (stats->not_imported )
     643           0 :         log_info(_("          not imported: %lu\n"), stats->not_imported );
     644          23 :       if (stats->n_sigs_cleaned)
     645           0 :         log_info(_("    signatures cleaned: %lu\n"),stats->n_sigs_cleaned);
     646          23 :       if (stats->n_uids_cleaned)
     647           0 :         log_info(_("      user IDs cleaned: %lu\n"),stats->n_uids_cleaned);
     648             :     }
     649             : 
     650          24 :   if (is_status_enabled ())
     651             :     {
     652             :       char buf[15*20];
     653             : 
     654           2 :       snprintf (buf, sizeof buf,
     655             :                 "%lu %lu %lu 0 %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu",
     656           1 :                 stats->count + stats->v3keys,
     657             :                 stats->no_user_id,
     658             :                 stats->imported,
     659             :                 stats->unchanged,
     660             :                 stats->n_uids,
     661             :                 stats->n_subk,
     662             :                 stats->n_sigs,
     663             :                 stats->n_revoc,
     664             :                 stats->secret_read,
     665             :                 stats->secret_imported,
     666             :                 stats->secret_dups,
     667             :                 stats->skipped_new_keys,
     668             :                 stats->not_imported,
     669             :                 stats->v3keys );
     670           1 :       write_status_text (STATUS_IMPORT_RES, buf);
     671             :     }
     672          24 : }
     673             : 
     674             : 
     675             : /* Return true if PKTTYPE is valid in a keyblock.  */
     676             : static int
     677         699 : valid_keyblock_packet (int pkttype)
     678             : {
     679         699 :   switch (pkttype)
     680             :     {
     681             :     case PKT_PUBLIC_KEY:
     682             :     case PKT_PUBLIC_SUBKEY:
     683             :     case PKT_SECRET_KEY:
     684             :     case PKT_SECRET_SUBKEY:
     685             :     case PKT_SIGNATURE:
     686             :     case PKT_USER_ID:
     687             :     case PKT_ATTRIBUTE:
     688             :     case PKT_RING_TRUST:
     689         699 :       return 1;
     690             :     default:
     691           0 :       return 0;
     692             :     }
     693             : }
     694             : 
     695             : 
     696             : /****************
     697             :  * Read the next keyblock from stream A.
     698             :  * PENDING_PKT should be initialzed to NULL
     699             :  * and not changed by the caller.
     700             :  * Return: 0 = okay, -1 no more blocks or another errorcode.
     701             :  *         The int at at R_V3KEY counts the number of unsupported v3
     702             :  *         keyblocks.
     703             :  */
     704             : static int
     705         138 : read_block( IOBUF a, PACKET **pending_pkt, kbnode_t *ret_root, int *r_v3keys)
     706             : {
     707             :   int rc;
     708             :   PACKET *pkt;
     709         138 :   kbnode_t root = NULL;
     710             :   int in_cert, in_v3key;
     711             : 
     712         138 :   *r_v3keys = 0;
     713             : 
     714         138 :   if (*pending_pkt)
     715             :     {
     716          74 :       root = new_kbnode( *pending_pkt );
     717          74 :       *pending_pkt = NULL;
     718          74 :       in_cert = 1;
     719             :     }
     720             :   else
     721          64 :     in_cert = 0;
     722             : 
     723         138 :   pkt = xmalloc (sizeof *pkt);
     724         138 :   init_packet (pkt);
     725         138 :   in_v3key = 0;
     726         998 :   while ((rc=parse_packet(a, pkt)) != -1)
     727             :     {
     728         796 :       if (rc && (gpg_err_code (rc) == GPG_ERR_LEGACY_KEY
     729           0 :                  && (pkt->pkttype == PKT_PUBLIC_KEY
     730           0 :                      || pkt->pkttype == PKT_SECRET_KEY)))
     731             :         {
     732           0 :           in_v3key = 1;
     733           0 :           ++*r_v3keys;
     734           0 :           free_packet (pkt);
     735           0 :           init_packet (pkt);
     736           0 :           continue;
     737             :         }
     738         796 :       else if (rc ) /* (ignore errors) */
     739             :         {
     740           0 :           if (gpg_err_code (rc) == GPG_ERR_UNKNOWN_PACKET)
     741             :             ; /* Do not show a diagnostic.  */
     742             :           else
     743             :             {
     744           0 :               log_error("read_block: read error: %s\n", gpg_strerror (rc) );
     745           0 :               rc = GPG_ERR_INV_KEYRING;
     746           0 :               goto ready;
     747             :             }
     748           0 :           free_packet( pkt );
     749           0 :           init_packet(pkt);
     750           0 :           continue;
     751             :         }
     752             : 
     753         796 :         if (in_v3key && !(pkt->pkttype == PKT_PUBLIC_KEY
     754           0 :                           || pkt->pkttype == PKT_SECRET_KEY))
     755             :           {
     756           0 :             free_packet( pkt );
     757           0 :             init_packet(pkt);
     758           0 :             continue;
     759             :           }
     760         796 :         in_v3key = 0;
     761             : 
     762         796 :         if (!root && pkt->pkttype == PKT_SIGNATURE
     763           0 :                   && pkt->pkt.signature->sig_class == 0x20 )
     764             :           {
     765             :             /* This is a revocation certificate which is handled in a
     766             :              * special way.  */
     767           0 :             root = new_kbnode( pkt );
     768           0 :             pkt = NULL;
     769           0 :             goto ready;
     770             :           }
     771             : 
     772             :         /* Make a linked list of all packets.  */
     773         796 :         switch (pkt->pkttype)
     774             :           {
     775             :           case PKT_COMPRESSED:
     776           0 :             if (check_compress_algo (pkt->pkt.compressed->algorithm))
     777             :               {
     778           0 :                 rc = GPG_ERR_COMPR_ALGO;
     779           0 :                 goto ready;
     780             :               }
     781             :             else
     782             :               {
     783           0 :                 compress_filter_context_t *cfx = xmalloc_clear( sizeof *cfx );
     784           0 :                 pkt->pkt.compressed->buf = NULL;
     785           0 :                 push_compress_filter2(a,cfx,pkt->pkt.compressed->algorithm,1);
     786             :               }
     787           0 :             free_packet( pkt );
     788           0 :             init_packet(pkt);
     789           0 :             break;
     790             : 
     791             :           case PKT_RING_TRUST:
     792             :             /* Skip those packets.  */
     793          23 :             free_packet( pkt );
     794          23 :             init_packet(pkt);
     795          23 :             break;
     796             : 
     797             :           case PKT_PUBLIC_KEY:
     798             :           case PKT_SECRET_KEY:
     799         109 :             if (in_cert ) /* Store this packet.  */
     800             :               {
     801          74 :                 *pending_pkt = pkt;
     802          74 :                 pkt = NULL;
     803          74 :                 goto ready;
     804             :               }
     805          35 :             in_cert = 1;
     806             :           default:
     807         699 :             if (in_cert && valid_keyblock_packet (pkt->pkttype))
     808             :               {
     809         699 :                 if (!root )
     810          35 :                   root = new_kbnode (pkt);
     811             :                 else
     812         664 :                   add_kbnode (root, new_kbnode (pkt));
     813         699 :                 pkt = xmalloc (sizeof *pkt);
     814             :               }
     815         699 :             init_packet(pkt);
     816         699 :             break;
     817             :           }
     818             :     }
     819             : 
     820             :  ready:
     821         138 :   if (rc == -1 && root )
     822          35 :     rc = 0;
     823             : 
     824         138 :   if (rc )
     825          29 :     release_kbnode( root );
     826             :   else
     827         109 :     *ret_root = root;
     828         138 :   free_packet( pkt );
     829         138 :   xfree( pkt );
     830         138 :   return rc;
     831             : }
     832             : 
     833             : 
     834             : /* Walk through the subkeys on a pk to find if we have the PKS
     835             :    disease: multiple subkeys with their binding sigs stripped, and the
     836             :    sig for the first subkey placed after the last subkey.  That is,
     837             :    instead of "pk uid sig sub1 bind1 sub2 bind2 sub3 bind3" we have
     838             :    "pk uid sig sub1 sub2 sub3 bind1".  We can't do anything about sub2
     839             :    and sub3, as they are already lost, but we can try and rescue sub1
     840             :    by reordering the keyblock so that it reads "pk uid sig sub1 bind1
     841             :    sub2 sub3".  Returns TRUE if the keyblock was modified. */
     842             : static int
     843           0 : fix_pks_corruption (kbnode_t keyblock)
     844             : {
     845           0 :   int changed = 0;
     846           0 :   int keycount = 0;
     847             :   kbnode_t node;
     848           0 :   kbnode_t last = NULL;
     849           0 :   kbnode_t sknode=NULL;
     850             : 
     851             :   /* First determine if we have the problem at all.  Look for 2 or
     852             :      more subkeys in a row, followed by a single binding sig. */
     853           0 :   for (node=keyblock; node; last=node, node=node->next)
     854             :     {
     855           0 :       if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
     856             :         {
     857           0 :           keycount++;
     858           0 :           if(!sknode)
     859           0 :             sknode=node;
     860             :         }
     861           0 :       else if (node->pkt->pkttype == PKT_SIGNATURE
     862           0 :                && node->pkt->pkt.signature->sig_class == 0x18
     863           0 :                && keycount >= 2
     864           0 :                && !node->next)
     865             :         {
     866             :           /* We might have the problem, as this key has two subkeys in
     867             :              a row without any intervening packets. */
     868             : 
     869             :           /* Sanity check */
     870           0 :           if (!last)
     871           0 :             break;
     872             : 
     873             :           /* Temporarily attach node to sknode. */
     874           0 :           node->next = sknode->next;
     875           0 :           sknode->next = node;
     876           0 :           last->next = NULL;
     877             : 
     878             :           /* Note we aren't checking whether this binding sig is a
     879             :              selfsig.  This is not necessary here as the subkey and
     880             :              binding sig will be rejected later if that is the
     881             :              case. */
     882           0 :           if (check_key_signature (keyblock,node,NULL))
     883             :             {
     884             :               /* Not a match, so undo the changes. */
     885           0 :               sknode->next = node->next;
     886           0 :               last->next = node;
     887           0 :               node->next = NULL;
     888           0 :               break;
     889             :             }
     890             :           else
     891             :             {
     892             :               /* Mark it good so we don't need to check it again */
     893           0 :               sknode->flag |= NODE_GOOD_SELFSIG;
     894           0 :               changed = 1;
     895           0 :               break;
     896             :             }
     897             :         }
     898             :       else
     899           0 :         keycount = 0;
     900             :     }
     901             : 
     902           0 :   return changed;
     903             : }
     904             : 
     905             : 
     906             : /* Versions of GnuPG before 1.4.11 and 2.0.16 allowed to import bogus
     907             :    direct key signatures.  A side effect of this was that a later
     908             :    import of the same good direct key signatures was not possible
     909             :    because the cmp_signature check in merge_blocks considered them
     910             :    equal.  Although direct key signatures are now checked during
     911             :    import, there might still be bogus signatures sitting in a keyring.
     912             :    We need to detect and delete them before doing a merge.  This
     913             :    function returns the number of removed sigs.  */
     914             : static int
     915          40 : fix_bad_direct_key_sigs (kbnode_t keyblock, u32 *keyid)
     916             : {
     917             :   gpg_error_t err;
     918             :   kbnode_t node;
     919          40 :   int count = 0;
     920             : 
     921          40 :   for (node = keyblock->next; node; node=node->next)
     922             :     {
     923          40 :       if (node->pkt->pkttype == PKT_USER_ID)
     924          40 :         break;
     925           0 :       if (node->pkt->pkttype == PKT_SIGNATURE
     926           0 :           && IS_KEY_SIG (node->pkt->pkt.signature))
     927             :         {
     928           0 :           err = check_key_signature (keyblock, node, NULL);
     929           0 :           if (err && gpg_err_code (err) != GPG_ERR_PUBKEY_ALGO )
     930             :             {
     931             :               /* If we don't know the error, we can't decide; this is
     932             :                  not a problem because cmp_signature can't compare the
     933             :                  signature either.  */
     934           0 :               log_info ("key %s: invalid direct key signature removed\n",
     935             :                         keystr (keyid));
     936           0 :               delete_kbnode (node);
     937           0 :               count++;
     938             :             }
     939             :         }
     940             :     }
     941             : 
     942          40 :   return count;
     943             : }
     944             : 
     945             : 
     946             : static void
     947           2 : print_import_ok (PKT_public_key *pk, unsigned int reason)
     948             : {
     949             :   byte array[MAX_FINGERPRINT_LEN], *s;
     950             :   char buf[MAX_FINGERPRINT_LEN*2+30], *p;
     951             :   size_t i, n;
     952             : 
     953           2 :   snprintf (buf, sizeof buf, "%u ", reason);
     954           2 :   p = buf + strlen (buf);
     955             : 
     956           2 :   fingerprint_from_pk (pk, array, &n);
     957           2 :   s = array;
     958          42 :   for (i=0; i < n ; i++, s++, p += 2)
     959          40 :     sprintf (p, "%02X", *s);
     960             : 
     961           2 :   write_status_text (STATUS_IMPORT_OK, buf);
     962           2 : }
     963             : 
     964             : 
     965             : static void
     966           0 : print_import_check (PKT_public_key * pk, PKT_user_id * id)
     967             : {
     968             :   char * buf;
     969             :   byte fpr[24];
     970             :   u32 keyid[2];
     971             :   size_t i, n;
     972           0 :   size_t pos = 0;
     973             : 
     974           0 :   buf = xmalloc (17+41+id->len+32);
     975           0 :   keyid_from_pk (pk, keyid);
     976           0 :   sprintf (buf, "%08X%08X ", keyid[0], keyid[1]);
     977           0 :   pos = 17;
     978           0 :   fingerprint_from_pk (pk, fpr, &n);
     979           0 :   for (i = 0; i < n; i++, pos += 2)
     980           0 :     sprintf (buf+pos, "%02X", fpr[i]);
     981           0 :   strcat (buf, " ");
     982           0 :   strcat (buf, id->name);
     983           0 :   write_status_text (STATUS_IMPORT_CHECK, buf);
     984           0 :   xfree (buf);
     985           0 : }
     986             : 
     987             : 
     988             : static void
     989           0 : check_prefs_warning(PKT_public_key *pk)
     990             : {
     991           0 :   log_info(_("WARNING: key %s contains preferences for unavailable\n"
     992             :              "algorithms on these user IDs:\n"), keystr_from_pk(pk));
     993           0 : }
     994             : 
     995             : 
     996             : static void
     997          26 : check_prefs (ctrl_t ctrl, kbnode_t keyblock)
     998             : {
     999             :   kbnode_t node;
    1000             :   PKT_public_key *pk;
    1001          26 :   int problem=0;
    1002             : 
    1003          26 :   merge_keys_and_selfsig(keyblock);
    1004          26 :   pk=keyblock->pkt->pkt.public_key;
    1005             : 
    1006         167 :   for(node=keyblock;node;node=node->next)
    1007             :     {
    1008         141 :       if(node->pkt->pkttype==PKT_USER_ID
    1009          30 :          && node->pkt->pkt.user_id->created
    1010          28 :          && node->pkt->pkt.user_id->prefs)
    1011             :         {
    1012          28 :           PKT_user_id *uid = node->pkt->pkt.user_id;
    1013          28 :           prefitem_t *prefs = uid->prefs;
    1014          28 :           char *user = utf8_to_native(uid->name,strlen(uid->name),0);
    1015             : 
    1016         271 :           for(;prefs->type;prefs++)
    1017             :             {
    1018             :               char num[10]; /* prefs->value is a byte, so we're over
    1019             :                                safe here */
    1020             : 
    1021         243 :               sprintf(num,"%u",prefs->value);
    1022             : 
    1023         243 :               if(prefs->type==PREFTYPE_SYM)
    1024             :                 {
    1025         107 :                   if (openpgp_cipher_test_algo (prefs->value))
    1026             :                     {
    1027           0 :                       const char *algo =
    1028           0 :                         (openpgp_cipher_test_algo (prefs->value)
    1029             :                          ? num
    1030           0 :                          : openpgp_cipher_algo_name (prefs->value));
    1031           0 :                       if(!problem)
    1032           0 :                         check_prefs_warning(pk);
    1033           0 :                       log_info(_("         \"%s\": preference for cipher"
    1034             :                                  " algorithm %s\n"), user, algo);
    1035           0 :                       problem=1;
    1036             :                     }
    1037             :                 }
    1038         136 :               else if(prefs->type==PREFTYPE_HASH)
    1039             :                 {
    1040          77 :                   if(openpgp_md_test_algo(prefs->value))
    1041             :                     {
    1042           0 :                       const char *algo =
    1043           0 :                         (gcry_md_test_algo (prefs->value)
    1044             :                          ? num
    1045           0 :                          : gcry_md_algo_name (prefs->value));
    1046           0 :                       if(!problem)
    1047           0 :                         check_prefs_warning(pk);
    1048           0 :                       log_info(_("         \"%s\": preference for digest"
    1049             :                                  " algorithm %s\n"), user, algo);
    1050           0 :                       problem=1;
    1051             :                     }
    1052             :                 }
    1053          59 :               else if(prefs->type==PREFTYPE_ZIP)
    1054             :                 {
    1055          59 :                   if(check_compress_algo (prefs->value))
    1056             :                     {
    1057           0 :                       const char *algo=compress_algo_to_string(prefs->value);
    1058           0 :                       if(!problem)
    1059           0 :                         check_prefs_warning(pk);
    1060           0 :                       log_info(_("         \"%s\": preference for compression"
    1061             :                                  " algorithm %s\n"),user,algo?algo:num);
    1062           0 :                       problem=1;
    1063             :                     }
    1064             :                 }
    1065             :             }
    1066             : 
    1067          28 :           xfree(user);
    1068             :         }
    1069             :     }
    1070             : 
    1071          26 :   if(problem)
    1072             :     {
    1073           0 :       log_info(_("it is strongly suggested that you update"
    1074             :                  " your preferences and\n"));
    1075           0 :       log_info(_("re-distribute this key to avoid potential algorithm"
    1076             :                  " mismatch problems\n"));
    1077             : 
    1078           0 :       if(!opt.batch)
    1079             :         {
    1080           0 :           strlist_t sl = NULL;
    1081           0 :           strlist_t locusr = NULL;
    1082           0 :           size_t fprlen=0;
    1083             :           byte fpr[MAX_FINGERPRINT_LEN], *p;
    1084             :           char username[(MAX_FINGERPRINT_LEN*2)+1];
    1085             :           unsigned int i;
    1086             : 
    1087           0 :           p = fingerprint_from_pk (pk,fpr,&fprlen);
    1088           0 :           for(i=0;i<fprlen;i++,p++)
    1089           0 :             sprintf(username+2*i,"%02X",*p);
    1090           0 :           add_to_strlist(&locusr,username);
    1091             : 
    1092           0 :           append_to_strlist(&sl,"updpref");
    1093           0 :           append_to_strlist(&sl,"save");
    1094             : 
    1095           0 :           keyedit_menu (ctrl, username, locusr, sl, 1, 1 );
    1096           0 :           free_strlist(sl);
    1097           0 :           free_strlist(locusr);
    1098             :         }
    1099           0 :       else if(!opt.quiet)
    1100           0 :         log_info(_("you can update your preferences with:"
    1101             :                    " gpg --edit-key %s updpref save\n"),keystr_from_pk(pk));
    1102             :     }
    1103          26 : }
    1104             : 
    1105             : 
    1106             : /* Helper for apply_*_filter in im,port.c and export.c.  */
    1107             : const char *
    1108           0 : impex_filter_getval (void *cookie, const char *propname)
    1109             : {
    1110             :   /* FIXME: Malloc our static buffers and access them via the cookie.  */
    1111           0 :   kbnode_t node = cookie;
    1112             :   static char numbuf[20];
    1113             :   const char *result;
    1114             : 
    1115           0 :   if (node->pkt->pkttype == PKT_USER_ID)
    1116             :     {
    1117           0 :       if (!strcmp (propname, "uid"))
    1118           0 :         result = node->pkt->pkt.user_id->name;
    1119           0 :       else if (!strcmp (propname, "mbox"))
    1120             :         {
    1121           0 :           if (!node->pkt->pkt.user_id->mbox)
    1122             :             {
    1123           0 :               node->pkt->pkt.user_id->mbox
    1124           0 :                 = mailbox_from_userid (node->pkt->pkt.user_id->name);
    1125             :             }
    1126           0 :           result = node->pkt->pkt.user_id->mbox;
    1127             :         }
    1128           0 :       else if (!strcmp (propname, "primary"))
    1129           0 :         result = node->pkt->pkt.user_id->is_primary? "1":"0";
    1130             :       else
    1131           0 :         result = NULL;
    1132             :     }
    1133           0 :   else if (node->pkt->pkttype == PKT_SIGNATURE
    1134           0 :            || node->pkt->pkttype == PKT_ATTRIBUTE)
    1135           0 :     {
    1136           0 :       PKT_signature *sig = node->pkt->pkt.signature;
    1137             : 
    1138           0 :       if (!strcmp (propname, "sig_created"))
    1139             :         {
    1140           0 :           snprintf (numbuf, sizeof numbuf, "%lu", (ulong)sig->timestamp);
    1141           0 :           result = numbuf;
    1142             :         }
    1143           0 :       else if (!strcmp (propname, "sig_created_d"))
    1144             :         {
    1145           0 :           result = datestr_from_sig (sig);
    1146             :         }
    1147           0 :       else if (!strcmp (propname, "sig_algo"))
    1148             :         {
    1149           0 :           snprintf (numbuf, sizeof numbuf, "%d", sig->pubkey_algo);
    1150           0 :           result = numbuf;
    1151             :         }
    1152           0 :       else if (!strcmp (propname, "sig_digest_algo"))
    1153             :         {
    1154           0 :           snprintf (numbuf, sizeof numbuf, "%d", sig->digest_algo);
    1155           0 :           result = numbuf;
    1156             :         }
    1157             :       else
    1158           0 :         result = NULL;
    1159             :     }
    1160           0 :   else if (node->pkt->pkttype == PKT_PUBLIC_KEY
    1161           0 :            || node->pkt->pkttype == PKT_SECRET_KEY
    1162           0 :            || node->pkt->pkttype == PKT_PUBLIC_SUBKEY
    1163           0 :            || node->pkt->pkttype == PKT_SECRET_SUBKEY)
    1164           0 :     {
    1165           0 :       PKT_public_key *pk = node->pkt->pkt.public_key;
    1166             : 
    1167           0 :       if (!strcmp (propname, "secret"))
    1168             :         {
    1169           0 :           result = (node->pkt->pkttype == PKT_SECRET_KEY
    1170           0 :                     || node->pkt->pkttype == PKT_SECRET_SUBKEY)? "1":"0";
    1171             :         }
    1172           0 :       else if (!strcmp (propname, "key_algo"))
    1173             :         {
    1174           0 :           snprintf (numbuf, sizeof numbuf, "%d", pk->pubkey_algo);
    1175           0 :           result = numbuf;
    1176             :         }
    1177           0 :       if (!strcmp (propname, "key_created"))
    1178             :         {
    1179           0 :           snprintf (numbuf, sizeof numbuf, "%lu", (ulong)pk->timestamp);
    1180           0 :           result = numbuf;
    1181             :         }
    1182           0 :       else if (!strcmp (propname, "key_created_d"))
    1183             :         {
    1184           0 :           result = datestr_from_pk (pk);
    1185             :         }
    1186             :       else
    1187           0 :         result = NULL;
    1188             :     }
    1189             :   else
    1190           0 :     result = NULL;
    1191             : 
    1192           0 :   return result;
    1193             : }
    1194             : 
    1195             : 
    1196             : /*
    1197             :  * Apply the keep-uid filter to the keyblock.  The deleted nodes are
    1198             :  * marked and thus the caller should call commit_kbnode afterwards.
    1199             :  * KEYBLOCK must not have any blocks marked as deleted.
    1200             :  */
    1201             : static void
    1202           0 : apply_keep_uid_filter (kbnode_t keyblock, recsel_expr_t selector)
    1203             : {
    1204             :   kbnode_t node;
    1205             : 
    1206           0 :   for (node = keyblock->next; node; node = node->next )
    1207             :     {
    1208           0 :       if (node->pkt->pkttype == PKT_USER_ID)
    1209             :         {
    1210           0 :           if (!recsel_select (selector, impex_filter_getval, node))
    1211             :             {
    1212             : 
    1213             :               /* log_debug ("keep-uid: deleting '%s'\n", */
    1214             :               /*            node->pkt->pkt.user_id->name); */
    1215             :               /* The UID packet and all following packets up to the
    1216             :                * next UID or a subkey.  */
    1217           0 :               delete_kbnode (node);
    1218           0 :               for (; node->next
    1219           0 :                      && node->next->pkt->pkttype != PKT_USER_ID
    1220           0 :                      && node->next->pkt->pkttype != PKT_PUBLIC_SUBKEY
    1221           0 :                      && node->next->pkt->pkttype != PKT_SECRET_SUBKEY ;
    1222           0 :                    node = node->next)
    1223           0 :                 delete_kbnode (node->next);
    1224             :             }
    1225             :           /* else */
    1226             :           /*   log_debug ("keep-uid: keeping '%s'\n", */
    1227             :           /*              node->pkt->pkt.user_id->name); */
    1228             :         }
    1229             :     }
    1230           0 : }
    1231             : 
    1232             : 
    1233             : /*
    1234             :  * Apply the drop-sig filter to the keyblock.  The deleted nodes are
    1235             :  * marked and thus the caller should call commit_kbnode afterwards.
    1236             :  * KEYBLOCK must not have any blocks marked as deleted.
    1237             :  */
    1238             : static void
    1239           0 : apply_drop_sig_filter (kbnode_t keyblock, recsel_expr_t selector)
    1240             : {
    1241             :   kbnode_t node;
    1242           0 :   int active = 0;
    1243             :   u32 main_keyid[2];
    1244             :   PKT_signature *sig;
    1245             : 
    1246           0 :   keyid_from_pk (keyblock->pkt->pkt.public_key, main_keyid);
    1247             : 
    1248             :   /* Loop over all signatures for user id and attribute packets which
    1249             :    * are not self signatures.  */
    1250           0 :   for (node = keyblock->next; node; node = node->next )
    1251             :     {
    1252           0 :       if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY
    1253           0 :           || node->pkt->pkttype == PKT_SECRET_SUBKEY)
    1254             :         break; /* ready.  */
    1255           0 :       if (node->pkt->pkttype == PKT_USER_ID)
    1256           0 :         active = 1;
    1257           0 :       if (!active)
    1258           0 :         continue;
    1259           0 :       if (node->pkt->pkttype != PKT_SIGNATURE
    1260           0 :           && node->pkt->pkttype != PKT_ATTRIBUTE)
    1261           0 :         continue;
    1262             : 
    1263           0 :       sig = node->pkt->pkt.signature;
    1264           0 :       if (main_keyid[0] == sig->keyid[0] || main_keyid[1] == sig->keyid[1])
    1265           0 :         continue;  /* Skip self-signatures.  */
    1266             : 
    1267           0 :       if (IS_UID_SIG(sig) || IS_UID_REV(sig))
    1268             :         {
    1269           0 :           if (recsel_select (selector, impex_filter_getval, node))
    1270           0 :             delete_kbnode (node);
    1271             :         }
    1272             :     }
    1273           0 : }
    1274             : 
    1275             : 
    1276             : /*
    1277             :  * Try to import one keyblock. Return an error only in serious cases,
    1278             :  * but never for an invalid keyblock.  It uses log_error to increase
    1279             :  * the internal errorcount, so that invalid input can be detected by
    1280             :  * programs which called gpg.  If SILENT is no messages are printed -
    1281             :  * even most error messages are suppressed.
    1282             :  */
    1283             : static int
    1284         103 : import_one (ctrl_t ctrl,
    1285             :             kbnode_t keyblock, struct import_stats_s *stats,
    1286             :             unsigned char **fpr, size_t *fpr_len, unsigned int options,
    1287             :             int from_sk, int silent,
    1288             :             import_screener_t screener, void *screener_arg)
    1289             : {
    1290             :   PKT_public_key *pk;
    1291         103 :   PKT_public_key *pk_orig = NULL;
    1292             :   kbnode_t node, uidnode;
    1293         103 :   kbnode_t keyblock_orig = NULL;
    1294             :   byte fpr2[MAX_FINGERPRINT_LEN];
    1295             :   size_t fpr2len;
    1296             :   u32 keyid[2];
    1297         103 :   int rc = 0;
    1298         103 :   int new_key = 0;
    1299         103 :   int mod_key = 0;
    1300         103 :   int same_key = 0;
    1301         103 :   int non_self = 0;
    1302             :   size_t an;
    1303             :   char pkstrbuf[PUBKEY_STRING_SIZE];
    1304         103 :   int merge_keys_done = 0;
    1305             : 
    1306             :   /* Get the key and print some info about it. */
    1307         103 :   node = find_kbnode( keyblock, PKT_PUBLIC_KEY );
    1308         103 :   if (!node )
    1309           0 :     BUG();
    1310             : 
    1311         103 :   pk = node->pkt->pkt.public_key;
    1312             : 
    1313         103 :   fingerprint_from_pk (pk, fpr2, &fpr2len);
    1314         103 :   for (an = fpr2len; an < MAX_FINGERPRINT_LEN; an++)
    1315           0 :     fpr2[an] = 0;
    1316         103 :   keyid_from_pk( pk, keyid );
    1317         103 :   uidnode = find_next_kbnode( keyblock, PKT_USER_ID );
    1318             : 
    1319         103 :   if (opt.verbose && !opt.interactive && !silent)
    1320             :     {
    1321           0 :       log_info( "pub  %s/%s %s  ",
    1322             :                 pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
    1323             :                 keystr_from_pk(pk), datestr_from_pk(pk) );
    1324           0 :       if (uidnode)
    1325           0 :         print_utf8_buffer (log_get_stream (),
    1326           0 :                            uidnode->pkt->pkt.user_id->name,
    1327           0 :                            uidnode->pkt->pkt.user_id->len );
    1328           0 :       log_printf ("\n");
    1329             :     }
    1330             : 
    1331             : 
    1332         103 :   if (!uidnode )
    1333             :     {
    1334           0 :       if (!silent)
    1335           0 :         log_error( _("key %s: no user ID\n"), keystr_from_pk(pk));
    1336           0 :       return 0;
    1337             :     }
    1338             : 
    1339         103 :   if (screener && screener (keyblock, screener_arg))
    1340             :     {
    1341           0 :       log_error (_("key %s: %s\n"), keystr_from_pk (pk),
    1342             :                  _("rejected by import screener"));
    1343           0 :       return 0;
    1344             :     }
    1345             : 
    1346         103 :   if (opt.interactive && !silent)
    1347             :     {
    1348           0 :       if (is_status_enabled())
    1349           0 :         print_import_check (pk, uidnode->pkt->pkt.user_id);
    1350           0 :       merge_keys_and_selfsig (keyblock);
    1351           0 :       tty_printf ("\n");
    1352           0 :       show_basic_key_info (keyblock);
    1353           0 :       tty_printf ("\n");
    1354           0 :       if (!cpr_get_answer_is_yes ("import.okay",
    1355             :                                   "Do you want to import this key? (y/N) "))
    1356           0 :         return 0;
    1357             :     }
    1358             : 
    1359         103 :   collapse_uids(&keyblock);
    1360             : 
    1361             :   /* Clean the key that we're about to import, to cut down on things
    1362             :      that we have to clean later.  This has no practical impact on the
    1363             :      end result, but does result in less logging which might confuse
    1364             :      the user. */
    1365         103 :   if (options&IMPORT_CLEAN)
    1366           0 :     clean_key (keyblock,opt.verbose,options&IMPORT_MINIMAL,NULL,NULL);
    1367             : 
    1368         103 :   clear_kbnode_flags( keyblock );
    1369             : 
    1370         103 :   if ((options&IMPORT_REPAIR_PKS_SUBKEY_BUG) && fix_pks_corruption(keyblock)
    1371           0 :       && opt.verbose)
    1372           0 :     log_info (_("key %s: PKS subkey corruption repaired\n"),
    1373             :               keystr_from_pk(pk));
    1374             : 
    1375         103 :   if (chk_self_sigs (keyblock, keyid, &non_self))
    1376           0 :     return 0;  /* Invalid keyblock - error already printed.  */
    1377             : 
    1378             :   /* If we allow such a thing, mark unsigned uids as valid */
    1379         103 :   if (opt.allow_non_selfsigned_uid)
    1380             :     {
    1381          16 :       for (node=keyblock; node; node = node->next )
    1382          12 :         if (node->pkt->pkttype == PKT_USER_ID
    1383           4 :             && !(node->flag & NODE_GOOD_SELFSIG)
    1384           4 :             && !(node->flag & NODE_BAD_SELFSIG) )
    1385             :           {
    1386           4 :             char *user=utf8_to_native(node->pkt->pkt.user_id->name,
    1387           4 :                                       node->pkt->pkt.user_id->len,0);
    1388             :             /* Fake a good signature status for the user id.  */
    1389           4 :             node->flag |= NODE_GOOD_SELFSIG;
    1390           4 :             log_info( _("key %s: accepted non self-signed user ID \"%s\"\n"),
    1391             :                       keystr_from_pk(pk),user);
    1392           4 :             xfree(user);
    1393             :           }
    1394             :     }
    1395             : 
    1396         103 :   if (!delete_inv_parts (keyblock, keyid, options ) )
    1397             :     {
    1398           0 :       if (!silent)
    1399             :         {
    1400           0 :           log_error( _("key %s: no valid user IDs\n"), keystr_from_pk(pk));
    1401           0 :           if (!opt.quiet )
    1402           0 :             log_info(_("this may be caused by a missing self-signature\n"));
    1403             :         }
    1404           0 :       stats->no_user_id++;
    1405           0 :       return 0;
    1406             :     }
    1407             : 
    1408             :   /* Get rid of deleted nodes.  */
    1409         103 :   commit_kbnode (&keyblock);
    1410             : 
    1411             :   /* Apply import filter.  */
    1412         103 :   if (import_keep_uid)
    1413             :     {
    1414           0 :       apply_keep_uid_filter (keyblock, import_keep_uid);
    1415           0 :       commit_kbnode (&keyblock);
    1416             :     }
    1417         103 :   if (import_drop_sig)
    1418             :     {
    1419           0 :       apply_drop_sig_filter (keyblock, import_drop_sig);
    1420           0 :       commit_kbnode (&keyblock);
    1421             :     }
    1422             : 
    1423             : 
    1424             :   /* Show the key in the form it is merged or inserted.  We skip this
    1425             :    * if "import-export" is also active without --armor or the output
    1426             :    * file has explicily been given. */
    1427         103 :   if ((options & IMPORT_SHOW)
    1428           0 :       && !((options & IMPORT_EXPORT) && !opt.armor && !opt.outfile))
    1429             :     {
    1430           0 :       merge_keys_and_selfsig (keyblock);
    1431           0 :       merge_keys_done = 1;
    1432             :       /* Note that we do not want to show the validity because the key
    1433             :        * has not yet imported.  */
    1434           0 :       list_keyblock_direct (ctrl, keyblock, 0, 0, 1, 1);
    1435           0 :       es_fflush (es_stdout);
    1436             :     }
    1437             : 
    1438             :   /* Write the keyblock to the output and do not actually import.  */
    1439         103 :   if ((options & IMPORT_EXPORT))
    1440             :     {
    1441           0 :       if (!merge_keys_done)
    1442             :         {
    1443           0 :           merge_keys_and_selfsig (keyblock);
    1444           0 :           merge_keys_done = 1;
    1445             :         }
    1446           0 :       rc = write_keyblock_to_output (keyblock, opt.armor, opt.export_options);
    1447           0 :       goto leave;
    1448             :     }
    1449             : 
    1450         103 :   if (opt.dry_run)
    1451           0 :     goto leave;
    1452             : 
    1453             :   /* Do we have this key already in one of our pubrings ? */
    1454         103 :   pk_orig = xmalloc_clear( sizeof *pk_orig );
    1455         103 :   rc = get_pubkey_byfprint_fast (pk_orig, fpr2, fpr2len);
    1456         103 :   if (rc && gpg_err_code (rc) != GPG_ERR_NO_PUBKEY
    1457           0 :       && gpg_err_code (rc) != GPG_ERR_UNUSABLE_PUBKEY )
    1458             :     {
    1459           0 :       if (!silent)
    1460           0 :         log_error (_("key %s: public key not found: %s\n"),
    1461             :                    keystr(keyid), gpg_strerror (rc));
    1462             :     }
    1463         103 :   else if ( rc && (opt.import_options&IMPORT_MERGE_ONLY) )
    1464             :     {
    1465           0 :       if (opt.verbose && !silent )
    1466           0 :         log_info( _("key %s: new key - skipped\n"), keystr(keyid));
    1467           0 :       rc = 0;
    1468           0 :       stats->skipped_new_keys++;
    1469             :     }
    1470         103 :   else if (rc )  /* Insert this key. */
    1471             :     {
    1472             :       KEYDB_HANDLE hd;
    1473             : 
    1474          63 :       hd = keydb_new ();
    1475          63 :       if (!hd)
    1476           0 :         return gpg_error_from_syserror ();
    1477             : 
    1478          63 :       rc = keydb_locate_writable (hd);
    1479          63 :       if (rc)
    1480             :         {
    1481           0 :           log_error (_("no writable keyring found: %s\n"), gpg_strerror (rc));
    1482           0 :           keydb_release (hd);
    1483           0 :           return GPG_ERR_GENERAL;
    1484             :         }
    1485          63 :       if (opt.verbose > 1 )
    1486           0 :         log_info (_("writing to '%s'\n"), keydb_get_resource_name (hd) );
    1487             : 
    1488          63 :       rc = keydb_insert_keyblock (hd, keyblock );
    1489          63 :       if (rc)
    1490           0 :         log_error (_("error writing keyring '%s': %s\n"),
    1491             :                    keydb_get_resource_name (hd), gpg_strerror (rc));
    1492          63 :       else if (!(opt.import_options & IMPORT_KEEP_OWNERTTRUST))
    1493             :         {
    1494             :           /* This should not be possible since we delete the
    1495             :              ownertrust when a key is deleted, but it can happen if
    1496             :              the keyring and trustdb are out of sync.  It can also
    1497             :              be made to happen with the trusted-key command and by
    1498             :              importing and locally exported key. */
    1499             : 
    1500          63 :           clear_ownertrusts (pk);
    1501          63 :           if (non_self)
    1502           3 :             revalidation_mark ();
    1503             :         }
    1504          63 :       keydb_release (hd);
    1505             : 
    1506             :       /* We are ready.  */
    1507          63 :       if (!opt.quiet && !silent)
    1508             :         {
    1509          62 :           char *p = get_user_id_byfpr_native (fpr2);
    1510          62 :           log_info (_("key %s: public key \"%s\" imported\n"),
    1511             :                     keystr(keyid), p);
    1512          62 :           xfree(p);
    1513             :         }
    1514          63 :       if (is_status_enabled())
    1515             :         {
    1516           1 :           char *us = get_long_user_id_string( keyid );
    1517           1 :           write_status_text( STATUS_IMPORTED, us );
    1518           1 :           xfree(us);
    1519           1 :           print_import_ok (pk, 1);
    1520             :         }
    1521          63 :       stats->imported++;
    1522          63 :       new_key = 1;
    1523             :     }
    1524             :   else /* merge */
    1525             :     {
    1526             :       KEYDB_HANDLE hd;
    1527             :       int n_uids, n_sigs, n_subk, n_sigs_cleaned, n_uids_cleaned;
    1528             : 
    1529             :       /* Compare the original against the new key; just to be sure nothing
    1530             :        * weird is going on */
    1531          40 :       if (cmp_public_keys( pk_orig, pk ) )
    1532             :         {
    1533           0 :           if (!silent)
    1534           0 :             log_error( _("key %s: doesn't match our copy\n"),keystr(keyid));
    1535           0 :           goto leave;
    1536             :         }
    1537             : 
    1538             :       /* Now read the original keyblock again so that we can use
    1539             :          that handle for updating the keyblock.  */
    1540          40 :       hd = keydb_new ();
    1541          40 :       if (!hd)
    1542             :         {
    1543           0 :           rc = gpg_error_from_syserror ();
    1544           0 :           goto leave;
    1545             :         }
    1546          40 :       keydb_disable_caching (hd);
    1547          40 :       rc = keydb_search_fpr (hd, fpr2);
    1548          40 :       if (rc )
    1549             :         {
    1550           0 :           log_error (_("key %s: can't locate original keyblock: %s\n"),
    1551             :                      keystr(keyid), gpg_strerror (rc));
    1552           0 :           keydb_release (hd);
    1553           0 :           goto leave;
    1554             :         }
    1555          40 :       rc = keydb_get_keyblock (hd, &keyblock_orig);
    1556          40 :       if (rc)
    1557             :         {
    1558           0 :           log_error (_("key %s: can't read original keyblock: %s\n"),
    1559             :                      keystr(keyid), gpg_strerror (rc));
    1560           0 :           keydb_release (hd);
    1561           0 :           goto leave;
    1562             :         }
    1563             : 
    1564             :       /* Make sure the original direct key sigs are all sane.  */
    1565          40 :       n_sigs_cleaned = fix_bad_direct_key_sigs (keyblock_orig, keyid);
    1566          40 :       if (n_sigs_cleaned)
    1567           0 :         commit_kbnode (&keyblock_orig);
    1568             : 
    1569             :       /* and try to merge the block */
    1570          40 :       clear_kbnode_flags( keyblock_orig );
    1571          40 :       clear_kbnode_flags( keyblock );
    1572          40 :       n_uids = n_sigs = n_subk = n_uids_cleaned = 0;
    1573          40 :       rc = merge_blocks (keyblock_orig, keyblock,
    1574             :                          keyid, &n_uids, &n_sigs, &n_subk );
    1575          40 :       if (rc )
    1576             :         {
    1577           0 :           keydb_release (hd);
    1578           0 :           goto leave;
    1579             :         }
    1580             : 
    1581          40 :       if ((options & IMPORT_CLEAN))
    1582           0 :         clean_key (keyblock_orig,opt.verbose,options&IMPORT_MINIMAL,
    1583             :                    &n_uids_cleaned,&n_sigs_cleaned);
    1584             : 
    1585          40 :       if (n_uids || n_sigs || n_subk || n_sigs_cleaned || n_uids_cleaned)
    1586             :         {
    1587           2 :           mod_key = 1;
    1588             :           /* KEYBLOCK_ORIG has been updated; write */
    1589           2 :           rc = keydb_update_keyblock (hd, keyblock_orig);
    1590           2 :           if (rc)
    1591           0 :             log_error (_("error writing keyring '%s': %s\n"),
    1592             :                        keydb_get_resource_name (hd), gpg_strerror (rc) );
    1593           2 :           else if (non_self)
    1594           0 :             revalidation_mark ();
    1595             : 
    1596             :           /* We are ready.  */
    1597           2 :           if (!opt.quiet && !silent)
    1598             :             {
    1599           2 :               char *p = get_user_id_byfpr_native (fpr2);
    1600           2 :               if (n_uids == 1 )
    1601           0 :                 log_info( _("key %s: \"%s\" 1 new user ID\n"),
    1602             :                           keystr(keyid),p);
    1603           2 :               else if (n_uids )
    1604           0 :                 log_info( _("key %s: \"%s\" %d new user IDs\n"),
    1605             :                           keystr(keyid),p,n_uids);
    1606           2 :               if (n_sigs == 1 )
    1607           2 :                 log_info( _("key %s: \"%s\" 1 new signature\n"),
    1608             :                           keystr(keyid), p);
    1609           0 :               else if (n_sigs )
    1610           0 :                 log_info( _("key %s: \"%s\" %d new signatures\n"),
    1611             :                           keystr(keyid), p, n_sigs );
    1612           2 :               if (n_subk == 1 )
    1613           0 :                 log_info( _("key %s: \"%s\" 1 new subkey\n"),
    1614             :                           keystr(keyid), p);
    1615           2 :               else if (n_subk )
    1616           0 :                 log_info( _("key %s: \"%s\" %d new subkeys\n"),
    1617             :                           keystr(keyid), p, n_subk );
    1618           2 :               if (n_sigs_cleaned==1)
    1619           0 :                 log_info(_("key %s: \"%s\" %d signature cleaned\n"),
    1620             :                          keystr(keyid),p,n_sigs_cleaned);
    1621           2 :               else if (n_sigs_cleaned)
    1622           0 :                 log_info(_("key %s: \"%s\" %d signatures cleaned\n"),
    1623             :                          keystr(keyid),p,n_sigs_cleaned);
    1624           2 :               if (n_uids_cleaned==1)
    1625           0 :                 log_info(_("key %s: \"%s\" %d user ID cleaned\n"),
    1626             :                          keystr(keyid),p,n_uids_cleaned);
    1627           2 :               else if (n_uids_cleaned)
    1628           0 :                 log_info(_("key %s: \"%s\" %d user IDs cleaned\n"),
    1629             :                          keystr(keyid),p,n_uids_cleaned);
    1630           2 :               xfree(p);
    1631             :             }
    1632             : 
    1633           2 :           stats->n_uids +=n_uids;
    1634           2 :           stats->n_sigs +=n_sigs;
    1635           2 :           stats->n_subk +=n_subk;
    1636           2 :           stats->n_sigs_cleaned +=n_sigs_cleaned;
    1637           2 :           stats->n_uids_cleaned +=n_uids_cleaned;
    1638             : 
    1639           4 :           if (is_status_enabled () && !silent)
    1640           0 :             print_import_ok (pk, ((n_uids?2:0)|(n_sigs?4:0)|(n_subk?8:0)));
    1641             :         }
    1642             :       else
    1643             :         {
    1644          38 :           same_key = 1;
    1645          38 :           if (is_status_enabled ())
    1646           0 :             print_import_ok (pk, 0);
    1647             : 
    1648          38 :           if (!opt.quiet && !silent)
    1649             :             {
    1650          29 :               char *p = get_user_id_byfpr_native (fpr2);
    1651          29 :               log_info( _("key %s: \"%s\" not changed\n"),keystr(keyid),p);
    1652          29 :               xfree(p);
    1653             :             }
    1654             : 
    1655          38 :           stats->unchanged++;
    1656             :         }
    1657             : 
    1658          40 :       keydb_release (hd); hd = NULL;
    1659             :     }
    1660             : 
    1661             :  leave:
    1662         103 :   if (mod_key || new_key || same_key)
    1663             :     {
    1664             :       /* A little explanation for this: we fill in the fingerprint
    1665             :          when importing keys as it can be useful to know the
    1666             :          fingerprint in certain keyserver-related cases (a keyserver
    1667             :          asked for a particular name, but the key doesn't have that
    1668             :          name).  However, in cases where we're importing more than
    1669             :          one key at a time, we cannot know which key to fingerprint.
    1670             :          In these cases, rather than guessing, we do not
    1671             :          fingerprinting at all, and we must hope the user ID on the
    1672             :          keys are useful.  Note that we need to do this for new
    1673             :          keys, merged keys and even for unchanged keys.  This is
    1674             :          required because for example the --auto-key-locate feature
    1675             :          may import an already imported key and needs to know the
    1676             :          fingerprint of the key in all cases.  */
    1677         103 :       if (fpr)
    1678             :         {
    1679           0 :           xfree (*fpr);
    1680             :           /* Note that we need to compare against 0 here because
    1681             :              COUNT gets only incremented after returning from this
    1682             :              function.  */
    1683           0 :           if (!stats->count)
    1684           0 :             *fpr = fingerprint_from_pk (pk, NULL, fpr_len);
    1685             :           else
    1686           0 :             *fpr = NULL;
    1687             :         }
    1688             :     }
    1689             : 
    1690             :   /* Now that the key is definitely incorporated into the keydb, we
    1691             :      need to check if a designated revocation is present or if the
    1692             :      prefs are not rational so we can warn the user. */
    1693             : 
    1694         103 :   if (mod_key)
    1695             :     {
    1696           2 :       revocation_present (ctrl, keyblock_orig);
    1697           2 :       if (!from_sk && have_secret_key_with_kid (keyid))
    1698           0 :         check_prefs (ctrl, keyblock_orig);
    1699             :     }
    1700         101 :   else if (new_key)
    1701             :     {
    1702          63 :       revocation_present (ctrl, keyblock);
    1703          63 :       if (!from_sk && have_secret_key_with_kid (keyid))
    1704           9 :         check_prefs (ctrl, keyblock);
    1705             :     }
    1706             : 
    1707         103 :   release_kbnode( keyblock_orig );
    1708         103 :   free_public_key( pk_orig );
    1709             : 
    1710         103 :   return rc;
    1711             : }
    1712             : 
    1713             : 
    1714             : /* Transfer all the secret keys in SEC_KEYBLOCK to the gpg-agent.  The
    1715             :    function prints diagnostics and returns an error code.  If BATCH is
    1716             :    true the secret keys are stored by gpg-agent in the transfer format
    1717             :    (i.e. no re-protection and aksing for passphrases). */
    1718             : gpg_error_t
    1719          17 : transfer_secret_keys (ctrl_t ctrl, struct import_stats_s *stats,
    1720             :                       kbnode_t sec_keyblock, int batch, int force)
    1721             : {
    1722          17 :   gpg_error_t err = 0;
    1723          17 :   void *kek = NULL;
    1724             :   size_t keklen;
    1725          17 :   kbnode_t ctx = NULL;
    1726             :   kbnode_t node;
    1727             :   PKT_public_key *main_pk, *pk;
    1728             :   struct seckey_info *ski;
    1729             :   int nskey;
    1730             :   membuf_t mbuf;
    1731             :   int i, j;
    1732             :   void *format_args[2*PUBKEY_MAX_NSKEY];
    1733             :   gcry_sexp_t skey, prot, tmpsexp;
    1734          17 :   gcry_sexp_t curve = NULL;
    1735          17 :   unsigned char *transferkey = NULL;
    1736             :   size_t transferkeylen;
    1737          17 :   gcry_cipher_hd_t cipherhd = NULL;
    1738          17 :   unsigned char *wrappedkey = NULL;
    1739             :   size_t wrappedkeylen;
    1740          17 :   char *cache_nonce = NULL;
    1741          17 :   int stub_key_skipped = 0;
    1742             : 
    1743             :   /* Get the current KEK.  */
    1744          17 :   err = agent_keywrap_key (ctrl, 0, &kek, &keklen);
    1745          17 :   if (err)
    1746             :     {
    1747           0 :       log_error ("error getting the KEK: %s\n", gpg_strerror (err));
    1748           0 :       goto leave;
    1749             :     }
    1750             : 
    1751             :   /* Prepare a cipher context.  */
    1752          17 :   err = gcry_cipher_open (&cipherhd, GCRY_CIPHER_AES128,
    1753             :                           GCRY_CIPHER_MODE_AESWRAP, 0);
    1754          17 :   if (!err)
    1755          17 :     err = gcry_cipher_setkey (cipherhd, kek, keklen);
    1756          17 :   if (err)
    1757           0 :     goto leave;
    1758          17 :   xfree (kek);
    1759          17 :   kek = NULL;
    1760             : 
    1761          17 :   main_pk = NULL;
    1762         112 :   while ((node = walk_kbnode (sec_keyblock, &ctx, 0)))
    1763             :     {
    1764          78 :       if (node->pkt->pkttype != PKT_SECRET_KEY
    1765          61 :           && node->pkt->pkttype != PKT_SECRET_SUBKEY)
    1766          47 :         continue;
    1767          31 :       pk = node->pkt->pkt.public_key;
    1768          31 :       if (!main_pk)
    1769          17 :         main_pk = pk;
    1770             : 
    1771             :       /* Make sure the keyids are available.  */
    1772          31 :       keyid_from_pk (pk, NULL);
    1773          31 :       if (node->pkt->pkttype == PKT_SECRET_KEY)
    1774             :         {
    1775          17 :           pk->main_keyid[0] = pk->keyid[0];
    1776          17 :           pk->main_keyid[1] = pk->keyid[1];
    1777             :         }
    1778             :       else
    1779             :         {
    1780          14 :           pk->main_keyid[0] = main_pk->keyid[0];
    1781          14 :           pk->main_keyid[1] = main_pk->keyid[1];
    1782             :         }
    1783             : 
    1784             : 
    1785          31 :       ski = pk->seckey_info;
    1786          31 :       if (!ski)
    1787           0 :         BUG ();
    1788             : 
    1789          31 :       if (stats)
    1790             :         {
    1791          31 :           stats->count++;
    1792          31 :           stats->secret_read++;
    1793             :         }
    1794             : 
    1795             :       /* We ignore stub keys.  The way we handle them in other parts
    1796             :          of the code is by asking the agent whether any secret key is
    1797             :          available for a given keyblock and then concluding that we
    1798             :          have a secret key; all secret (sub)keys of the keyblock the
    1799             :          agent does not know of are then stub keys.  This works also
    1800             :          for card stub keys.  The learn command or the card-status
    1801             :          command may be used to check with the agent whether a card
    1802             :          has been inserted and a stub key is in turn generated by the
    1803             :          agent.  */
    1804          31 :       if (ski->s2k.mode == 1001 || ski->s2k.mode == 1002)
    1805             :         {
    1806           0 :           stub_key_skipped = 1;
    1807           0 :           continue;
    1808             :         }
    1809             : 
    1810             :       /* Convert our internal secret key object into an S-expression.  */
    1811          31 :       nskey = pubkey_get_nskey (pk->pubkey_algo);
    1812          31 :       if (!nskey || nskey > PUBKEY_MAX_NSKEY)
    1813             :         {
    1814           0 :           err = gpg_error (GPG_ERR_BAD_SECKEY);
    1815           0 :           log_error ("internal error: %s\n", gpg_strerror (err));
    1816           0 :           goto leave;
    1817             :         }
    1818             : 
    1819          31 :       init_membuf (&mbuf, 50);
    1820          31 :       put_membuf_str (&mbuf, "(skey");
    1821          31 :       if (pk->pubkey_algo == PUBKEY_ALGO_ECDSA
    1822          25 :           || pk->pubkey_algo == PUBKEY_ALGO_EDDSA
    1823          25 :           || pk->pubkey_algo == PUBKEY_ALGO_ECDH)
    1824          12 :         {
    1825             :           /* The ECC case.  */
    1826          12 :           char *curvestr = openpgp_oid_to_str (pk->pkey[0]);
    1827          12 :           if (!curvestr)
    1828           0 :             err = gpg_error_from_syserror ();
    1829             :           else
    1830             :             {
    1831          12 :               const char *curvename = openpgp_oid_to_curve (curvestr, 1);
    1832          12 :               gcry_sexp_release (curve);
    1833          12 :               err = gcry_sexp_build (&curve, NULL, "(curve %s)",
    1834             :                                      curvename?curvename:curvestr);
    1835          12 :               xfree (curvestr);
    1836          12 :               if (!err)
    1837             :                 {
    1838          12 :                   j = 0;
    1839             :                   /* Append the public key element Q.  */
    1840          12 :                   put_membuf_str (&mbuf, " _ %m");
    1841          12 :                   format_args[j++] = pk->pkey + 1;
    1842             : 
    1843             :                   /* Append the secret key element D.  For ECDH we
    1844             :                      skip PKEY[2] because this holds the KEK which is
    1845             :                      not needed by gpg-agent.  */
    1846          12 :                   i = pk->pubkey_algo == PUBKEY_ALGO_ECDH? 3 : 2;
    1847          12 :                   if (gcry_mpi_get_flag (pk->pkey[i], GCRYMPI_FLAG_USER1))
    1848          12 :                     put_membuf_str (&mbuf, " e %m");
    1849             :                   else
    1850           0 :                     put_membuf_str (&mbuf, " _ %m");
    1851          12 :                   format_args[j++] = pk->pkey + i;
    1852             :                 }
    1853             :             }
    1854             :         }
    1855             :       else
    1856             :         {
    1857             :           /* Standard case for the old (non-ECC) algorithms.  */
    1858         112 :           for (i=j=0; i < nskey; i++)
    1859             :             {
    1860          93 :               if (!pk->pkey[i])
    1861           9 :                 continue; /* Protected keys only have NPKEY+1 elements.  */
    1862             : 
    1863          84 :               if (gcry_mpi_get_flag (pk->pkey[i], GCRYMPI_FLAG_USER1))
    1864          17 :                 put_membuf_str (&mbuf, " e %m");
    1865             :               else
    1866          67 :                 put_membuf_str (&mbuf, " _ %m");
    1867          84 :               format_args[j++] = pk->pkey + i;
    1868             :             }
    1869             :         }
    1870          31 :       put_membuf_str (&mbuf, ")");
    1871          31 :       put_membuf (&mbuf, "", 1);
    1872          31 :       if (err)
    1873           0 :         xfree (get_membuf (&mbuf, NULL));
    1874             :       else
    1875             :         {
    1876          31 :           char *format = get_membuf (&mbuf, NULL);
    1877          31 :           if (!format)
    1878           0 :             err = gpg_error_from_syserror ();
    1879             :           else
    1880          31 :             err = gcry_sexp_build_array (&skey, NULL, format, format_args);
    1881          31 :           xfree (format);
    1882             :         }
    1883          31 :       if (err)
    1884             :         {
    1885           0 :           log_error ("error building skey array: %s\n", gpg_strerror (err));
    1886           0 :           goto leave;
    1887             :         }
    1888             : 
    1889          31 :       if (ski->is_protected)
    1890             :         {
    1891             :           char countbuf[35];
    1892             : 
    1893             :           /* Note that the IVLEN may be zero if we are working on a
    1894             :              dummy key.  We can't express that in an S-expression and
    1895             :              thus we send dummy data for the IV.  */
    1896          29 :           snprintf (countbuf, sizeof countbuf, "%lu",
    1897          29 :                     (unsigned long)ski->s2k.count);
    1898         174 :           err = gcry_sexp_build
    1899             :             (&prot, NULL,
    1900             :              " (protection %s %s %b %d %s %b %s)\n",
    1901          29 :              ski->sha1chk? "sha1":"sum",
    1902          29 :              openpgp_cipher_algo_name (ski->algo),
    1903          58 :              ski->ivlen? (int)ski->ivlen:1,
    1904          29 :              ski->ivlen? ski->iv: (const unsigned char*)"X",
    1905             :              ski->s2k.mode,
    1906          29 :              openpgp_md_algo_name (ski->s2k.hash_algo),
    1907          29 :              (int)sizeof (ski->s2k.salt), ski->s2k.salt,
    1908             :              countbuf);
    1909             :         }
    1910             :       else
    1911           2 :         err = gcry_sexp_build (&prot, NULL, " (protection none)\n");
    1912             : 
    1913          31 :       tmpsexp = NULL;
    1914          31 :       xfree (transferkey);
    1915          31 :       transferkey = NULL;
    1916          31 :       if (!err)
    1917         124 :         err = gcry_sexp_build (&tmpsexp, NULL,
    1918             :                                "(openpgp-private-key\n"
    1919             :                                " (version %d)\n"
    1920             :                                " (algo %s)\n"
    1921             :                                " %S%S\n"
    1922             :                                " (csum %d)\n"
    1923             :                                " %S)\n",
    1924          31 :                                pk->version,
    1925          31 :                                openpgp_pk_algo_name (pk->pubkey_algo),
    1926             :                                curve, skey,
    1927          31 :                                (int)(unsigned long)ski->csum, prot);
    1928          31 :       gcry_sexp_release (skey);
    1929          31 :       gcry_sexp_release (prot);
    1930          31 :       if (!err)
    1931          31 :         err = make_canon_sexp_pad (tmpsexp, 1, &transferkey, &transferkeylen);
    1932          31 :       gcry_sexp_release (tmpsexp);
    1933          31 :       if (err)
    1934             :         {
    1935           0 :           log_error ("error building transfer key: %s\n", gpg_strerror (err));
    1936           0 :           goto leave;
    1937             :         }
    1938             : 
    1939             :       /* Wrap the key.  */
    1940          31 :       wrappedkeylen = transferkeylen + 8;
    1941          31 :       xfree (wrappedkey);
    1942          31 :       wrappedkey = xtrymalloc (wrappedkeylen);
    1943          31 :       if (!wrappedkey)
    1944           0 :         err = gpg_error_from_syserror ();
    1945             :       else
    1946          31 :         err = gcry_cipher_encrypt (cipherhd, wrappedkey, wrappedkeylen,
    1947             :                                    transferkey, transferkeylen);
    1948          31 :       if (err)
    1949           0 :         goto leave;
    1950          31 :       xfree (transferkey);
    1951          31 :       transferkey = NULL;
    1952             : 
    1953             :       /* Send the wrapped key to the agent.  */
    1954             :       {
    1955          31 :         char *desc = gpg_format_keydesc (pk, FORMAT_KEYDESC_IMPORT, 1);
    1956          31 :         err = agent_import_key (ctrl, desc, &cache_nonce,
    1957             :                                 wrappedkey, wrappedkeylen, batch, force);
    1958          31 :         xfree (desc);
    1959             :       }
    1960          31 :       if (!err)
    1961             :         {
    1962          29 :           if (opt.verbose)
    1963           0 :             log_info (_("key %s: secret key imported\n"),
    1964             :                       keystr_from_pk_with_sub (main_pk, pk));
    1965          29 :           if (stats)
    1966          29 :             stats->secret_imported++;
    1967             :         }
    1968           2 :       else if ( gpg_err_code (err) == GPG_ERR_EEXIST )
    1969             :         {
    1970           2 :           if (opt.verbose)
    1971           0 :             log_info (_("key %s: secret key already exists\n"),
    1972             :                       keystr_from_pk_with_sub (main_pk, pk));
    1973           2 :           err = 0;
    1974           2 :           if (stats)
    1975           2 :             stats->secret_dups++;
    1976             :         }
    1977             :       else
    1978             :         {
    1979           0 :           log_error (_("key %s: error sending to agent: %s\n"),
    1980             :                      keystr_from_pk_with_sub (main_pk, pk),
    1981             :                      gpg_strerror (err));
    1982           0 :           if (gpg_err_code (err) == GPG_ERR_CANCELED
    1983           0 :               || gpg_err_code (err) == GPG_ERR_FULLY_CANCELED)
    1984             :             break; /* Don't try the other subkeys.  */
    1985             :         }
    1986             :     }
    1987             : 
    1988          17 :   if (!err && stub_key_skipped)
    1989             :     /* We need to notify user how to migrate stub keys.  */
    1990           0 :     err = gpg_error (GPG_ERR_NOT_PROCESSED);
    1991             : 
    1992             :  leave:
    1993          17 :   gcry_sexp_release (curve);
    1994          17 :   xfree (cache_nonce);
    1995          17 :   xfree (wrappedkey);
    1996          17 :   xfree (transferkey);
    1997          17 :   gcry_cipher_close (cipherhd);
    1998          17 :   xfree (kek);
    1999          17 :   return err;
    2000             : }
    2001             : 
    2002             : 
    2003             : /* Walk a secret keyblock and produce a public keyblock out of it.
    2004             :    Returns a new node or NULL on error. */
    2005             : static kbnode_t
    2006          17 : sec_to_pub_keyblock (kbnode_t sec_keyblock)
    2007             : {
    2008          17 :   kbnode_t pub_keyblock = NULL;
    2009          17 :   kbnode_t ctx = NULL;
    2010             :   kbnode_t secnode, pubnode;
    2011             : 
    2012         112 :   while ((secnode = walk_kbnode (sec_keyblock, &ctx, 0)))
    2013             :     {
    2014          78 :       if (secnode->pkt->pkttype == PKT_SECRET_KEY
    2015          61 :           || secnode->pkt->pkttype == PKT_SECRET_SUBKEY)
    2016          31 :         {
    2017             :           /* Make a public key.  */
    2018             :           PACKET *pkt;
    2019             :           PKT_public_key *pk;
    2020             : 
    2021          31 :           pkt = xtrycalloc (1, sizeof *pkt);
    2022          31 :           pk = pkt? copy_public_key (NULL, secnode->pkt->pkt.public_key): NULL;
    2023          31 :           if (!pk)
    2024             :             {
    2025           0 :               xfree (pkt);
    2026           0 :               release_kbnode (pub_keyblock);
    2027           0 :               return NULL;
    2028             :             }
    2029          31 :           if (secnode->pkt->pkttype == PKT_SECRET_KEY)
    2030          17 :             pkt->pkttype = PKT_PUBLIC_KEY;
    2031             :           else
    2032          14 :             pkt->pkttype = PKT_PUBLIC_SUBKEY;
    2033          31 :           pkt->pkt.public_key = pk;
    2034             : 
    2035          31 :           pubnode = new_kbnode (pkt);
    2036             :         }
    2037             :       else
    2038             :         {
    2039          47 :           pubnode = clone_kbnode (secnode);
    2040             :         }
    2041             : 
    2042          78 :       if (!pub_keyblock)
    2043          17 :         pub_keyblock = pubnode;
    2044             :       else
    2045          61 :         add_kbnode (pub_keyblock, pubnode);
    2046             :     }
    2047             : 
    2048          17 :   return pub_keyblock;
    2049             : }
    2050             : 
    2051             : /****************
    2052             :  * Ditto for secret keys.  Handling is simpler than for public keys.
    2053             :  * We allow secret key importing only when allow is true, this is so
    2054             :  * that a secret key can not be imported accidentally and thereby tampering
    2055             :  * with the trust calculation.
    2056             :  */
    2057             : static int
    2058          17 : import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
    2059             :                    struct import_stats_s *stats, int batch, unsigned int options,
    2060             :                    int for_migration,
    2061             :                    import_screener_t screener, void *screener_arg)
    2062             : {
    2063             :   PKT_public_key *pk;
    2064             :   struct seckey_info *ski;
    2065             :   kbnode_t node, uidnode;
    2066             :   u32 keyid[2];
    2067          17 :   int rc = 0;
    2068             :   int nr_prev;
    2069             :   kbnode_t pub_keyblock;
    2070             :   char pkstrbuf[PUBKEY_STRING_SIZE];
    2071             : 
    2072             :   /* Get the key and print some info about it */
    2073          17 :   node = find_kbnode (keyblock, PKT_SECRET_KEY);
    2074          17 :   if (!node)
    2075           0 :     BUG ();
    2076             : 
    2077          17 :   pk = node->pkt->pkt.public_key;
    2078             : 
    2079          17 :   keyid_from_pk (pk, keyid);
    2080          17 :   uidnode = find_next_kbnode (keyblock, PKT_USER_ID);
    2081             : 
    2082          17 :   if (screener && screener (keyblock, screener_arg))
    2083             :     {
    2084           0 :       log_error (_("secret key %s: %s\n"), keystr_from_pk (pk),
    2085             :                  _("rejected by import screener"));
    2086           0 :       return 0;
    2087             :   }
    2088             : 
    2089          17 :   if (opt.verbose && !for_migration)
    2090             :     {
    2091           0 :       log_info ("sec  %s/%s %s   ",
    2092             :                 pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
    2093             :                 keystr_from_pk (pk), datestr_from_pk (pk));
    2094           0 :       if (uidnode)
    2095           0 :         print_utf8_buffer (log_get_stream (), uidnode->pkt->pkt.user_id->name,
    2096           0 :                            uidnode->pkt->pkt.user_id->len);
    2097           0 :       log_printf ("\n");
    2098             :     }
    2099          17 :   stats->secret_read++;
    2100             : 
    2101          17 :   if ((options & IMPORT_NO_SECKEY))
    2102             :     {
    2103           0 :       if (!for_migration)
    2104           0 :         log_error (_("importing secret keys not allowed\n"));
    2105           0 :       return 0;
    2106             :     }
    2107             : 
    2108          17 :   if (!uidnode)
    2109             :     {
    2110           0 :       if (!for_migration)
    2111           0 :         log_error( _("key %s: no user ID\n"), keystr_from_pk (pk));
    2112           0 :       return 0;
    2113             :     }
    2114             : 
    2115          17 :   ski = pk->seckey_info;
    2116          17 :   if (!ski)
    2117             :     {
    2118             :       /* Actually an internal error.  */
    2119           0 :       log_error ("key %s: secret key info missing\n", keystr_from_pk (pk));
    2120           0 :       return 0;
    2121             :     }
    2122             : 
    2123             :   /* A quick check to not import keys with an invalid protection
    2124             :      cipher algorithm (only checks the primary key, though).  */
    2125          17 :   if (ski->algo > 110)
    2126             :     {
    2127           0 :       if (!for_migration)
    2128           0 :         log_error (_("key %s: secret key with invalid cipher %d"
    2129           0 :                      " - skipped\n"), keystr_from_pk (pk), ski->algo);
    2130           0 :       return 0;
    2131             :     }
    2132             : 
    2133             : #ifdef ENABLE_SELINUX_HACKS
    2134             :   if (1)
    2135             :     {
    2136             :       /* We don't allow importing secret keys because that may be used
    2137             :          to put a secret key into the keyring and the user might later
    2138             :          be tricked into signing stuff with that key.  */
    2139             :       log_error (_("importing secret keys not allowed\n"));
    2140             :       return 0;
    2141             :     }
    2142             : #endif
    2143             : 
    2144          17 :   clear_kbnode_flags (keyblock);
    2145             : 
    2146          17 :   nr_prev = stats->skipped_new_keys;
    2147             : 
    2148             :   /* Make a public key out of the key. */
    2149          17 :   pub_keyblock = sec_to_pub_keyblock (keyblock);
    2150          17 :   if (!pub_keyblock)
    2151           0 :     log_error ("key %s: failed to create public key from secret key\n",
    2152             :                    keystr_from_pk (pk));
    2153             :   else
    2154             :     {
    2155             :       /* Note that this outputs an IMPORT_OK status message for the
    2156             :          public key block, and below we will output another one for
    2157             :          the secret keys.  FIXME?  */
    2158          17 :       import_one (ctrl, pub_keyblock, stats,
    2159             :                   NULL, NULL, options, 1, for_migration,
    2160             :                   screener, screener_arg);
    2161             : 
    2162             :       /* Fixme: We should check for an invalid keyblock and
    2163             :          cancel the secret key import in this case.  */
    2164          17 :       release_kbnode (pub_keyblock);
    2165             : 
    2166             :       /* At least we cancel the secret key import when the public key
    2167             :          import was skipped due to MERGE_ONLY option and a new
    2168             :          key.  */
    2169          17 :       if (stats->skipped_new_keys <= nr_prev)
    2170             :         {
    2171             :           /* Read the keyblock again to get the effects of a merge.  */
    2172             :           /* Fixme: we should do this based on the fingerprint or
    2173             :              even better let import_one return the merged
    2174             :              keyblock.  */
    2175          17 :           node = get_pubkeyblock (keyid);
    2176          17 :           if (!node)
    2177           0 :             log_error ("key %s: failed to re-lookup public key\n",
    2178             :                        keystr_from_pk (pk));
    2179             :           else
    2180             :             {
    2181             :               gpg_error_t err;
    2182             : 
    2183             :               /* transfer_secret_keys collects subkey stats.  */
    2184          17 :               struct import_stats_s subkey_stats = {0};
    2185             : 
    2186          17 :               err = transfer_secret_keys (ctrl, &subkey_stats, keyblock,
    2187             :                                           batch, 0);
    2188          17 :               if (gpg_err_code (err) == GPG_ERR_NOT_PROCESSED)
    2189             :                 {
    2190             :                   /* TRANSLATORS: For smartcard, each private key on
    2191             :                      host has a reference (stub) to a smartcard and
    2192             :                      actual private key data is stored on the card.  A
    2193             :                      single smartcard can have up to three private key
    2194             :                      data.  Importing private key stub is always
    2195             :                      skipped in 2.1, and it returns
    2196             :                      GPG_ERR_NOT_PROCESSED.  Instead, user should be
    2197             :                      suggested to run 'gpg --card-status', then,
    2198             :                      references to a card will be automatically
    2199             :                      created again.  */
    2200           0 :                   log_info (_("To migrate '%s', with each smartcard, "
    2201             :                               "run: %s\n"), "secring.gpg", "gpg --card-status");
    2202           0 :                   err = 0;
    2203             :                 }
    2204          17 :               if (!err)
    2205             :                 {
    2206          17 :                   int status = 16;
    2207          17 :                   if (!opt.quiet)
    2208          17 :                     log_info (_("key %s: secret key imported\n"),
    2209             :                               keystr_from_pk (pk));
    2210          17 :                   if (subkey_stats.secret_imported)
    2211             :                     {
    2212          16 :                       status |= 1;
    2213          16 :                       stats->secret_imported += 1;
    2214             :                     }
    2215          17 :                   if (subkey_stats.secret_dups)
    2216           1 :                     stats->secret_dups += 1;
    2217             : 
    2218          17 :                   if (is_status_enabled ())
    2219           1 :                     print_import_ok (pk, status);
    2220          17 :                   check_prefs (ctrl, node);
    2221             :                 }
    2222          17 :               release_kbnode (node);
    2223             :             }
    2224             :         }
    2225             :     }
    2226             : 
    2227          17 :   return rc;
    2228             : }
    2229             : 
    2230             : 
    2231             : /****************
    2232             :  * Import a revocation certificate; this is a single signature packet.
    2233             :  */
    2234             : static int
    2235           0 : import_revoke_cert (kbnode_t node, struct import_stats_s *stats)
    2236             : {
    2237           0 :   PKT_public_key *pk = NULL;
    2238             :   kbnode_t onode;
    2239           0 :   kbnode_t keyblock = NULL;
    2240           0 :   KEYDB_HANDLE hd = NULL;
    2241             :   u32 keyid[2];
    2242           0 :   int rc = 0;
    2243             : 
    2244           0 :   log_assert (!node->next );
    2245           0 :   log_assert (node->pkt->pkttype == PKT_SIGNATURE );
    2246           0 :   log_assert (node->pkt->pkt.signature->sig_class == 0x20 );
    2247             : 
    2248           0 :   keyid[0] = node->pkt->pkt.signature->keyid[0];
    2249           0 :   keyid[1] = node->pkt->pkt.signature->keyid[1];
    2250             : 
    2251           0 :   pk = xmalloc_clear( sizeof *pk );
    2252           0 :   rc = get_pubkey( pk, keyid );
    2253           0 :   if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY )
    2254             :     {
    2255           0 :       log_error(_("key %s: no public key -"
    2256             :                   " can't apply revocation certificate\n"), keystr(keyid));
    2257           0 :       rc = 0;
    2258           0 :       goto leave;
    2259             :     }
    2260           0 :   else if (rc )
    2261             :     {
    2262           0 :       log_error(_("key %s: public key not found: %s\n"),
    2263             :                 keystr(keyid), gpg_strerror (rc));
    2264           0 :       goto leave;
    2265             :     }
    2266             : 
    2267             :   /* Read the original keyblock. */
    2268           0 :   hd = keydb_new ();
    2269           0 :   if (!hd)
    2270             :     {
    2271           0 :       rc = gpg_error_from_syserror ();
    2272           0 :       goto leave;
    2273             :     }
    2274             : 
    2275             :   {
    2276             :     byte afp[MAX_FINGERPRINT_LEN];
    2277             :     size_t an;
    2278             : 
    2279           0 :     fingerprint_from_pk (pk, afp, &an);
    2280           0 :     while (an < MAX_FINGERPRINT_LEN)
    2281           0 :       afp[an++] = 0;
    2282           0 :     rc = keydb_search_fpr (hd, afp);
    2283             :   }
    2284           0 :   if (rc)
    2285             :     {
    2286           0 :       log_error (_("key %s: can't locate original keyblock: %s\n"),
    2287             :                  keystr(keyid), gpg_strerror (rc));
    2288           0 :       goto leave;
    2289             :     }
    2290           0 :   rc = keydb_get_keyblock (hd, &keyblock );
    2291           0 :   if (rc)
    2292             :     {
    2293           0 :       log_error (_("key %s: can't read original keyblock: %s\n"),
    2294             :                  keystr(keyid), gpg_strerror (rc));
    2295           0 :       goto leave;
    2296             :     }
    2297             : 
    2298             :   /* it is okay, that node is not in keyblock because
    2299             :    * check_key_signature works fine for sig_class 0x20 in this
    2300             :    * special case. */
    2301           0 :   rc = check_key_signature( keyblock, node, NULL);
    2302           0 :   if (rc )
    2303             :     {
    2304           0 :       log_error( _("key %s: invalid revocation certificate"
    2305             :                    ": %s - rejected\n"), keystr(keyid), gpg_strerror (rc));
    2306           0 :       goto leave;
    2307             :     }
    2308             : 
    2309             :   /* check whether we already have this */
    2310           0 :   for(onode=keyblock->next; onode; onode=onode->next ) {
    2311           0 :     if (onode->pkt->pkttype == PKT_USER_ID )
    2312           0 :       break;
    2313           0 :     else if (onode->pkt->pkttype == PKT_SIGNATURE
    2314           0 :              && !cmp_signatures(node->pkt->pkt.signature,
    2315           0 :                                 onode->pkt->pkt.signature))
    2316             :       {
    2317           0 :         rc = 0;
    2318           0 :         goto leave; /* yes, we already know about it */
    2319             :       }
    2320             :   }
    2321             : 
    2322             :   /* insert it */
    2323           0 :   insert_kbnode( keyblock, clone_kbnode(node), 0 );
    2324             : 
    2325             :   /* and write the keyblock back */
    2326           0 :   rc = keydb_update_keyblock (hd, keyblock );
    2327           0 :   if (rc)
    2328           0 :     log_error (_("error writing keyring '%s': %s\n"),
    2329             :                keydb_get_resource_name (hd), gpg_strerror (rc) );
    2330           0 :   keydb_release (hd);
    2331           0 :   hd = NULL;
    2332             : 
    2333             :   /* we are ready */
    2334           0 :   if (!opt.quiet )
    2335             :     {
    2336           0 :       char *p=get_user_id_native (keyid);
    2337           0 :       log_info( _("key %s: \"%s\" revocation certificate imported\n"),
    2338             :                 keystr(keyid),p);
    2339           0 :       xfree(p);
    2340             :     }
    2341           0 :   stats->n_revoc++;
    2342             : 
    2343             :   /* If the key we just revoked was ultimately trusted, remove its
    2344             :      ultimate trust.  This doesn't stop the user from putting the
    2345             :      ultimate trust back, but is a reasonable solution for now. */
    2346           0 :   if(get_ownertrust(pk)==TRUST_ULTIMATE)
    2347           0 :     clear_ownertrusts(pk);
    2348             : 
    2349           0 :   revalidation_mark ();
    2350             : 
    2351             :  leave:
    2352           0 :   keydb_release (hd);
    2353           0 :   release_kbnode( keyblock );
    2354           0 :   free_public_key( pk );
    2355           0 :   return rc;
    2356             : }
    2357             : 
    2358             : 
    2359             : /* Loop over the keyblock and check all self signatures.  On return
    2360             :  * the following bis in the node flags are set:
    2361             :  *
    2362             :  * - NODE_GOOD_SELFSIG  :: User ID or subkey has a self-signature
    2363             :  * - NODE_BAD_SELFSIG   :: Used ID or subkey has an invalid self-signature
    2364             :  * - NODE_DELETION_MARK :: This node shall be deleted
    2365             :  *
    2366             :  * NON_SELF is set to true if there are any sigs other than self-sigs
    2367             :  * in this keyblock.
    2368             :  *
    2369             :  * Returns 0 on success or -1 (but not an error code) if the keyblock
    2370             :  * is invalid.
    2371             :  */
    2372             : static int
    2373         109 : chk_self_sigs (kbnode_t keyblock, u32 *keyid, int *non_self )
    2374             : {
    2375         109 :   kbnode_t n, knode = NULL;
    2376             :   PKT_signature *sig;
    2377             :   int rc;
    2378         109 :   u32 bsdate=0, rsdate=0;
    2379         109 :   kbnode_t bsnode = NULL, rsnode = NULL;
    2380             : 
    2381         824 :   for (n=keyblock; (n = find_next_kbnode (n, 0)); )
    2382             :     {
    2383         606 :       if (n->pkt->pkttype == PKT_PUBLIC_SUBKEY)
    2384             :         {
    2385         101 :           knode = n;
    2386         101 :           bsdate = 0;
    2387         101 :           rsdate = 0;
    2388         101 :           bsnode = NULL;
    2389         101 :           rsnode = NULL;
    2390         101 :           continue;
    2391             :         }
    2392             : 
    2393         505 :       if ( n->pkt->pkttype != PKT_SIGNATURE )
    2394         131 :         continue;
    2395             : 
    2396         374 :       sig = n->pkt->pkt.signature;
    2397         374 :       if ( keyid[0] != sig->keyid[0] || keyid[1] != sig->keyid[1] )
    2398             :         {
    2399         136 :           *non_self = 1;
    2400         136 :           continue;
    2401             :         }
    2402             : 
    2403             :       /* This just caches the sigs for later use.  That way we
    2404             :          import a fully-cached key which speeds things up. */
    2405         238 :       if (!opt.no_sig_cache)
    2406         238 :         check_key_signature (keyblock, n, NULL);
    2407             : 
    2408         238 :       if ( IS_UID_SIG(sig) || IS_UID_REV(sig) )
    2409         138 :         {
    2410         138 :           kbnode_t unode = find_prev_kbnode( keyblock, n, PKT_USER_ID );
    2411         138 :           if ( !unode )
    2412             :             {
    2413           0 :               log_error( _("key %s: no user ID for signature\n"),
    2414             :                          keystr(keyid));
    2415           0 :               return -1;  /* The complete keyblock is invalid.  */
    2416             :             }
    2417             : 
    2418             :           /* If it hasn't been marked valid yet, keep trying.  */
    2419         138 :           if (!(unode->flag & NODE_GOOD_SELFSIG))
    2420             :             {
    2421         127 :               rc = check_key_signature (keyblock, n, NULL);
    2422         127 :               if ( rc )
    2423             :                 {
    2424           0 :                   if ( opt.verbose )
    2425             :                     {
    2426           0 :                       char *p = utf8_to_native
    2427           0 :                         (unode->pkt->pkt.user_id->name,
    2428           0 :                          strlen (unode->pkt->pkt.user_id->name),0);
    2429           0 :                       log_info (gpg_err_code(rc) == GPG_ERR_PUBKEY_ALGO ?
    2430             :                                 _("key %s: unsupported public key "
    2431             :                                   "algorithm on user ID \"%s\"\n"):
    2432             :                                 _("key %s: invalid self-signature "
    2433             :                                   "on user ID \"%s\"\n"),
    2434             :                                 keystr (keyid),p);
    2435           0 :                       xfree (p);
    2436             :                     }
    2437             :                 }
    2438             :               else
    2439         127 :                 unode->flag |= NODE_GOOD_SELFSIG;
    2440             :             }
    2441             :         }
    2442         100 :       else if (IS_KEY_SIG (sig))
    2443             :         {
    2444           2 :           rc = check_key_signature (keyblock, n, NULL);
    2445           2 :           if ( rc )
    2446             :             {
    2447           1 :               if (opt.verbose)
    2448           0 :                 log_info (gpg_err_code (rc) == GPG_ERR_PUBKEY_ALGO ?
    2449             :                           _("key %s: unsupported public key algorithm\n"):
    2450             :                           _("key %s: invalid direct key signature\n"),
    2451             :                           keystr (keyid));
    2452           1 :               n->flag |= NODE_DELETION_MARK;
    2453             :             }
    2454             :         }
    2455          98 :       else if ( IS_SUBKEY_SIG (sig) )
    2456             :         {
    2457             :           /* Note that this works based solely on the timestamps like
    2458             :              the rest of gpg.  If the standard gets revocation
    2459             :              targets, this may need to be revised.  */
    2460             : 
    2461          98 :           if ( !knode )
    2462             :             {
    2463           0 :               if (opt.verbose)
    2464           0 :                 log_info (_("key %s: no subkey for key binding\n"),
    2465             :                           keystr (keyid));
    2466           0 :               n->flag |= NODE_DELETION_MARK;
    2467             :             }
    2468             :           else
    2469             :             {
    2470          98 :               rc = check_key_signature (keyblock, n, NULL);
    2471          98 :               if ( rc )
    2472             :                 {
    2473           0 :                   if (opt.verbose)
    2474           0 :                     log_info (gpg_err_code (rc) == GPG_ERR_PUBKEY_ALGO ?
    2475             :                               _("key %s: unsupported public key"
    2476             :                                 " algorithm\n"):
    2477             :                               _("key %s: invalid subkey binding\n"),
    2478             :                               keystr (keyid));
    2479           0 :                   n->flag |= NODE_DELETION_MARK;
    2480             :                 }
    2481             :               else
    2482             :                 {
    2483             :                   /* It's valid, so is it newer? */
    2484          98 :                   if (sig->timestamp >= bsdate)
    2485             :                     {
    2486          98 :                       knode->flag |= NODE_GOOD_SELFSIG; /* Subkey is valid.  */
    2487          98 :                       if (bsnode)
    2488             :                         {
    2489             :                           /* Delete the last binding sig since this
    2490             :                              one is newer */
    2491           1 :                           bsnode->flag |= NODE_DELETION_MARK;
    2492           1 :                           if (opt.verbose)
    2493           0 :                             log_info (_("key %s: removed multiple subkey"
    2494             :                                         " binding\n"),keystr(keyid));
    2495             :                         }
    2496             : 
    2497          98 :                       bsnode = n;
    2498          98 :                       bsdate = sig->timestamp;
    2499             :                     }
    2500             :                   else
    2501           0 :                     n->flag |= NODE_DELETION_MARK; /* older */
    2502             :                 }
    2503             :             }
    2504             :         }
    2505           0 :       else if ( IS_SUBKEY_REV (sig) )
    2506             :         {
    2507             :           /* We don't actually mark the subkey as revoked right now,
    2508             :              so just check that the revocation sig is the most recent
    2509             :              valid one.  Note that we don't care if the binding sig is
    2510             :              newer than the revocation sig.  See the comment in
    2511             :              getkey.c:merge_selfsigs_subkey for more.  */
    2512           0 :           if ( !knode )
    2513             :             {
    2514           0 :               if (opt.verbose)
    2515           0 :                 log_info (_("key %s: no subkey for key revocation\n"),
    2516             :                           keystr(keyid));
    2517           0 :               n->flag |= NODE_DELETION_MARK;
    2518             :             }
    2519             :           else
    2520             :             {
    2521           0 :               rc = check_key_signature (keyblock, n, NULL);
    2522           0 :               if ( rc )
    2523             :                 {
    2524           0 :                   if(opt.verbose)
    2525           0 :                     log_info (gpg_err_code (rc) == GPG_ERR_PUBKEY_ALGO ?
    2526             :                               _("key %s: unsupported public"
    2527             :                                 " key algorithm\n"):
    2528             :                               _("key %s: invalid subkey revocation\n"),
    2529             :                               keystr(keyid));
    2530           0 :                   n->flag |= NODE_DELETION_MARK;
    2531             :                 }
    2532             :               else
    2533             :                 {
    2534             :                   /* It's valid, so is it newer? */
    2535           0 :                   if (sig->timestamp >= rsdate)
    2536             :                     {
    2537           0 :                       if (rsnode)
    2538             :                         {
    2539             :                           /* Delete the last revocation sig since
    2540             :                              this one is newer.  */
    2541           0 :                           rsnode->flag |= NODE_DELETION_MARK;
    2542           0 :                           if (opt.verbose)
    2543           0 :                             log_info (_("key %s: removed multiple subkey"
    2544             :                                         " revocation\n"),keystr(keyid));
    2545             :                         }
    2546             : 
    2547           0 :                       rsnode = n;
    2548           0 :                       rsdate = sig->timestamp;
    2549             :                     }
    2550             :                   else
    2551           0 :                     n->flag |= NODE_DELETION_MARK; /* older */
    2552             :                 }
    2553             :             }
    2554             :         }
    2555             :     }
    2556             : 
    2557         109 :   return 0;
    2558             : }
    2559             : 
    2560             : 
    2561             : /* Delete all parts which are invalid and those signatures whose
    2562             :  * public key algorithm is not available in this implemenation; but
    2563             :  * consider RSA as valid, because parse/build_packets knows about it.
    2564             :  *
    2565             :  * Returns: True if at least one valid user-id is left over.
    2566             :  */
    2567             : static int
    2568         109 : delete_inv_parts (kbnode_t keyblock, u32 *keyid, unsigned int options)
    2569             : {
    2570             :   kbnode_t node;
    2571         109 :   int nvalid=0, uid_seen=0, subkey_seen=0;
    2572             : 
    2573         715 :   for (node=keyblock->next; node; node = node->next )
    2574             :     {
    2575         606 :       if (node->pkt->pkttype == PKT_USER_ID)
    2576             :         {
    2577         131 :           uid_seen = 1;
    2578         131 :           if ((node->flag & NODE_BAD_SELFSIG)
    2579         131 :               || !(node->flag & NODE_GOOD_SELFSIG))
    2580             :             {
    2581           0 :               if (opt.verbose )
    2582             :                 {
    2583           0 :                   char *p=utf8_to_native(node->pkt->pkt.user_id->name,
    2584           0 :                                          node->pkt->pkt.user_id->len,0);
    2585           0 :                   log_info( _("key %s: skipped user ID \"%s\"\n"),
    2586             :                             keystr(keyid),p);
    2587           0 :                   xfree(p);
    2588             :                 }
    2589           0 :               delete_kbnode( node ); /* the user-id */
    2590             :               /* and all following packets up to the next user-id */
    2591           0 :               while (node->next
    2592           0 :                      && node->next->pkt->pkttype != PKT_USER_ID
    2593           0 :                      && node->next->pkt->pkttype != PKT_PUBLIC_SUBKEY
    2594           0 :                      && node->next->pkt->pkttype != PKT_SECRET_SUBKEY ){
    2595           0 :                 delete_kbnode( node->next );
    2596           0 :                 node = node->next;
    2597             :               }
    2598             :             }
    2599             :           else
    2600         131 :             nvalid++;
    2601             :         }
    2602         475 :       else if (   node->pkt->pkttype == PKT_PUBLIC_SUBKEY
    2603         374 :                || node->pkt->pkttype == PKT_SECRET_SUBKEY )
    2604             :         {
    2605         206 :           if ((node->flag & NODE_BAD_SELFSIG)
    2606         101 :               || !(node->flag & NODE_GOOD_SELFSIG))
    2607             :             {
    2608           4 :               if (opt.verbose )
    2609           0 :                 log_info( _("key %s: skipped subkey\n"),keystr(keyid));
    2610             : 
    2611           4 :               delete_kbnode( node ); /* the subkey */
    2612             :               /* and all following signature packets */
    2613           8 :               while (node->next
    2614           0 :                      && node->next->pkt->pkttype == PKT_SIGNATURE ) {
    2615           0 :                 delete_kbnode( node->next );
    2616           0 :                 node = node->next;
    2617             :               }
    2618             :             }
    2619             :           else
    2620          97 :             subkey_seen = 1;
    2621             :         }
    2622         374 :       else if (node->pkt->pkttype == PKT_SIGNATURE
    2623         374 :                && openpgp_pk_test_algo (node->pkt->pkt.signature->pubkey_algo)
    2624           0 :                && node->pkt->pkt.signature->pubkey_algo != PUBKEY_ALGO_RSA )
    2625             :         {
    2626           0 :           delete_kbnode( node ); /* build_packet() can't handle this */
    2627             :         }
    2628         374 :       else if (node->pkt->pkttype == PKT_SIGNATURE
    2629         374 :                && !node->pkt->pkt.signature->flags.exportable
    2630           0 :                && !(options&IMPORT_LOCAL_SIGS)
    2631           0 :                && !have_secret_key_with_kid (node->pkt->pkt.signature->keyid))
    2632             :         {
    2633             :           /* here we violate the rfc a bit by still allowing
    2634             :            * to import non-exportable signature when we have the
    2635             :            * the secret key used to create this signature - it
    2636             :            * seems that this makes sense */
    2637           0 :           if(opt.verbose)
    2638           0 :             log_info( _("key %s: non exportable signature"
    2639             :                         " (class 0x%02X) - skipped\n"),
    2640           0 :                       keystr(keyid), node->pkt->pkt.signature->sig_class );
    2641           0 :           delete_kbnode( node );
    2642             :         }
    2643         374 :       else if (node->pkt->pkttype == PKT_SIGNATURE
    2644         374 :                && node->pkt->pkt.signature->sig_class == 0x20)
    2645             :         {
    2646           0 :           if (uid_seen )
    2647             :             {
    2648           0 :               if(opt.verbose)
    2649           0 :                 log_info( _("key %s: revocation certificate"
    2650             :                             " at wrong place - skipped\n"),keystr(keyid));
    2651           0 :               delete_kbnode( node );
    2652             :             }
    2653             :           else
    2654             :             {
    2655             :               /* If the revocation cert is from a different key than
    2656             :                  the one we're working on don't check it - it's
    2657             :                  probably from a revocation key and won't be
    2658             :                  verifiable with this key anyway. */
    2659             : 
    2660           0 :               if(node->pkt->pkt.signature->keyid[0]==keyid[0]
    2661           0 :                  && node->pkt->pkt.signature->keyid[1]==keyid[1])
    2662             :                 {
    2663           0 :                   int rc = check_key_signature( keyblock, node, NULL);
    2664           0 :                   if (rc )
    2665             :                     {
    2666           0 :                       if(opt.verbose)
    2667           0 :                         log_info( _("key %s: invalid revocation"
    2668             :                                     " certificate: %s - skipped\n"),
    2669             :                                   keystr(keyid), gpg_strerror (rc));
    2670           0 :                       delete_kbnode( node );
    2671             :                     }
    2672             :                 }
    2673             :             }
    2674             :         }
    2675         374 :       else if (node->pkt->pkttype == PKT_SIGNATURE
    2676         374 :                && (node->pkt->pkt.signature->sig_class == 0x18
    2677         276 :                    || node->pkt->pkt.signature->sig_class == 0x28)
    2678          98 :                && !subkey_seen )
    2679             :         {
    2680           0 :           if(opt.verbose)
    2681           0 :             log_info( _("key %s: subkey signature"
    2682             :                         " in wrong place - skipped\n"), keystr(keyid));
    2683           0 :           delete_kbnode( node );
    2684             :         }
    2685         374 :       else if (node->pkt->pkttype == PKT_SIGNATURE
    2686         374 :                && !IS_CERT(node->pkt->pkt.signature))
    2687             :         {
    2688           0 :           if(opt.verbose)
    2689           0 :             log_info(_("key %s: unexpected signature class (0x%02X) -"
    2690             :                        " skipped\n"),keystr(keyid),
    2691           0 :                      node->pkt->pkt.signature->sig_class);
    2692           0 :           delete_kbnode(node);
    2693             :           }
    2694         374 :       else if ((node->flag & NODE_DELETION_MARK))
    2695           2 :         delete_kbnode( node );
    2696             :     }
    2697             : 
    2698             :   /* note: because keyblock is the public key, it is never marked
    2699             :    * for deletion and so keyblock cannot change */
    2700         109 :   commit_kbnode( &keyblock );
    2701         109 :   return nvalid;
    2702             : }
    2703             : 
    2704             : 
    2705             : /****************
    2706             :  * It may happen that the imported keyblock has duplicated user IDs.
    2707             :  * We check this here and collapse those user IDs together with their
    2708             :  * sigs into one.
    2709             :  * Returns: True if the keyblock has changed.
    2710             :  */
    2711             : int
    2712         109 : collapse_uids( kbnode_t *keyblock )
    2713             : {
    2714             :   kbnode_t uid1;
    2715         109 :   int any=0;
    2716             : 
    2717         882 :   for(uid1=*keyblock;uid1;uid1=uid1->next)
    2718             :     {
    2719             :       kbnode_t uid2;
    2720             : 
    2721         773 :       if(is_deleted_kbnode(uid1))
    2722          58 :         continue;
    2723             : 
    2724         715 :       if(uid1->pkt->pkttype!=PKT_USER_ID)
    2725         584 :         continue;
    2726             : 
    2727        1085 :       for(uid2=uid1->next;uid2;uid2=uid2->next)
    2728             :         {
    2729         954 :           if(is_deleted_kbnode(uid2))
    2730          54 :             continue;
    2731             : 
    2732         900 :           if(uid2->pkt->pkttype!=PKT_USER_ID)
    2733         856 :             continue;
    2734             : 
    2735          44 :           if(cmp_user_ids(uid1->pkt->pkt.user_id,
    2736          44 :                           uid2->pkt->pkt.user_id)==0)
    2737             :             {
    2738             :               /* We have a duplicated uid */
    2739             :               kbnode_t sig1,last;
    2740             : 
    2741           4 :               any=1;
    2742             : 
    2743             :               /* Now take uid2's signatures, and attach them to
    2744             :                  uid1 */
    2745          56 :               for(last=uid2;last->next;last=last->next)
    2746             :                 {
    2747          56 :                   if(is_deleted_kbnode(last))
    2748           0 :                     continue;
    2749             : 
    2750          56 :                   if(last->next->pkt->pkttype==PKT_USER_ID
    2751          54 :                      || last->next->pkt->pkttype==PKT_PUBLIC_SUBKEY
    2752          52 :                      || last->next->pkt->pkttype==PKT_SECRET_SUBKEY)
    2753             :                     break;
    2754             :                 }
    2755             : 
    2756             :               /* Snip out uid2 */
    2757           4 :               (find_prev_kbnode(*keyblock,uid2,0))->next=last->next;
    2758             : 
    2759             :               /* Now put uid2 in place as part of uid1 */
    2760           4 :               last->next=uid1->next;
    2761           4 :               uid1->next=uid2;
    2762           4 :               delete_kbnode(uid2);
    2763             : 
    2764             :               /* Now dedupe uid1 */
    2765         165 :               for(sig1=uid1->next;sig1;sig1=sig1->next)
    2766             :                 {
    2767             :                   kbnode_t sig2;
    2768             : 
    2769         165 :                   if(is_deleted_kbnode(sig1))
    2770          58 :                     continue;
    2771             : 
    2772         107 :                   if(sig1->pkt->pkttype==PKT_USER_ID
    2773         104 :                      || sig1->pkt->pkttype==PKT_PUBLIC_SUBKEY
    2774         103 :                      || sig1->pkt->pkttype==PKT_SECRET_SUBKEY)
    2775             :                     break;
    2776             : 
    2777         103 :                   if(sig1->pkt->pkttype!=PKT_SIGNATURE)
    2778           0 :                     continue;
    2779             : 
    2780        4161 :                   for(sig2=sig1->next,last=sig1;sig2;last=sig2,sig2=sig2->next)
    2781             :                     {
    2782        4161 :                       if(is_deleted_kbnode(sig2))
    2783        1454 :                         continue;
    2784             : 
    2785        2707 :                       if(sig2->pkt->pkttype==PKT_USER_ID
    2786        2648 :                          || sig2->pkt->pkttype==PKT_PUBLIC_SUBKEY
    2787        2604 :                          || sig2->pkt->pkttype==PKT_SECRET_SUBKEY)
    2788             :                         break;
    2789             : 
    2790        2604 :                       if(sig2->pkt->pkttype!=PKT_SIGNATURE)
    2791           0 :                         continue;
    2792             : 
    2793        2604 :                       if(cmp_signatures(sig1->pkt->pkt.signature,
    2794        2604 :                                         sig2->pkt->pkt.signature)==0)
    2795             :                         {
    2796             :                           /* We have a match, so delete the second
    2797             :                              signature */
    2798          54 :                           delete_kbnode(sig2);
    2799          54 :                           sig2=last;
    2800             :                         }
    2801             :                     }
    2802             :                 }
    2803             :             }
    2804             :         }
    2805             :     }
    2806             : 
    2807         109 :   commit_kbnode(keyblock);
    2808             : 
    2809         109 :   if(any && !opt.quiet)
    2810             :     {
    2811           2 :       const char *key="???";
    2812             : 
    2813           2 :       if ((uid1 = find_kbnode (*keyblock, PKT_PUBLIC_KEY)) )
    2814           2 :         key = keystr_from_pk (uid1->pkt->pkt.public_key);
    2815           0 :       else if ((uid1 = find_kbnode( *keyblock, PKT_SECRET_KEY)) )
    2816           0 :         key = keystr_from_pk (uid1->pkt->pkt.public_key);
    2817             : 
    2818           2 :       log_info (_("key %s: duplicated user ID detected - merged\n"), key);
    2819             :     }
    2820             : 
    2821         109 :   return any;
    2822             : }
    2823             : 
    2824             : 
    2825             : /* Check for a 0x20 revocation from a revocation key that is not
    2826             :    present.  This may be called without the benefit of merge_xxxx so
    2827             :    you can't rely on pk->revkey and friends. */
    2828             : static void
    2829          65 : revocation_present (ctrl_t ctrl, kbnode_t keyblock)
    2830             : {
    2831             :   kbnode_t onode, inode;
    2832          65 :   PKT_public_key *pk = keyblock->pkt->pkt.public_key;
    2833             : 
    2834          66 :   for(onode=keyblock->next;onode;onode=onode->next)
    2835             :     {
    2836             :       /* If we reach user IDs, we're done. */
    2837          66 :       if(onode->pkt->pkttype==PKT_USER_ID)
    2838          65 :         break;
    2839             : 
    2840           2 :       if(onode->pkt->pkttype==PKT_SIGNATURE &&
    2841           2 :          onode->pkt->pkt.signature->sig_class==0x1F &&
    2842           1 :          onode->pkt->pkt.signature->revkey)
    2843             :         {
    2844             :           int idx;
    2845           1 :           PKT_signature *sig=onode->pkt->pkt.signature;
    2846             : 
    2847           2 :           for(idx=0;idx<sig->numrevkeys;idx++)
    2848             :             {
    2849             :               u32 keyid[2];
    2850             : 
    2851           1 :               keyid_from_fingerprint(sig->revkey[idx].fpr,
    2852             :                                      MAX_FINGERPRINT_LEN,keyid);
    2853             : 
    2854           2 :               for(inode=keyblock->next;inode;inode=inode->next)
    2855             :                 {
    2856             :                   /* If we reach user IDs, we're done. */
    2857           2 :                   if(inode->pkt->pkttype==PKT_USER_ID)
    2858           1 :                     break;
    2859             : 
    2860           2 :                   if(inode->pkt->pkttype==PKT_SIGNATURE &&
    2861           1 :                      inode->pkt->pkt.signature->sig_class==0x20 &&
    2862           0 :                      inode->pkt->pkt.signature->keyid[0]==keyid[0] &&
    2863           0 :                      inode->pkt->pkt.signature->keyid[1]==keyid[1])
    2864             :                     {
    2865             :                       /* Okay, we have a revocation key, and a
    2866             :                          revocation issued by it.  Do we have the key
    2867             :                          itself? */
    2868             :                       int rc;
    2869             : 
    2870           0 :                       rc=get_pubkey_byfprint_fast (NULL,sig->revkey[idx].fpr,
    2871             :                                                    MAX_FINGERPRINT_LEN);
    2872           0 :                       if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY
    2873           0 :                           || gpg_err_code (rc) == GPG_ERR_UNUSABLE_PUBKEY)
    2874             :                         {
    2875           0 :                           char *tempkeystr=xstrdup(keystr_from_pk(pk));
    2876             : 
    2877             :                           /* No, so try and get it */
    2878           0 :                           if ((opt.keyserver_options.options
    2879           0 :                                & KEYSERVER_AUTO_KEY_RETRIEVE)
    2880           0 :                               && keyserver_any_configured (ctrl))
    2881             :                             {
    2882           0 :                               log_info(_("WARNING: key %s may be revoked:"
    2883             :                                          " fetching revocation key %s\n"),
    2884             :                                        tempkeystr,keystr(keyid));
    2885           0 :                               keyserver_import_fprint (ctrl,
    2886           0 :                                                        sig->revkey[idx].fpr,
    2887             :                                                        MAX_FINGERPRINT_LEN,
    2888             :                                                        opt.keyserver);
    2889             : 
    2890             :                               /* Do we have it now? */
    2891           0 :                               rc=get_pubkey_byfprint_fast (NULL,
    2892           0 :                                                      sig->revkey[idx].fpr,
    2893             :                                                      MAX_FINGERPRINT_LEN);
    2894             :                             }
    2895             : 
    2896           0 :                           if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY
    2897           0 :                               || gpg_err_code (rc) == GPG_ERR_UNUSABLE_PUBKEY)
    2898           0 :                             log_info(_("WARNING: key %s may be revoked:"
    2899             :                                        " revocation key %s not present.\n"),
    2900             :                                      tempkeystr,keystr(keyid));
    2901             : 
    2902           0 :                           xfree(tempkeystr);
    2903             :                         }
    2904             :                     }
    2905             :                 }
    2906             :             }
    2907             :         }
    2908             :     }
    2909          65 : }
    2910             : 
    2911             : 
    2912             : /*
    2913             :  * compare and merge the blocks
    2914             :  *
    2915             :  * o compare the signatures: If we already have this signature, check
    2916             :  *   that they compare okay; if not, issue a warning and ask the user.
    2917             :  * o Simply add the signature.  Can't verify here because we may not have
    2918             :  *   the signature's public key yet; verification is done when putting it
    2919             :  *   into the trustdb, which is done automagically as soon as this pubkey
    2920             :  *   is used.
    2921             :  * Note: We indicate newly inserted packets with NODE_FLAG_A.
    2922             :  */
    2923             : static int
    2924          40 : merge_blocks (kbnode_t keyblock_orig, kbnode_t keyblock,
    2925             :               u32 *keyid, int *n_uids, int *n_sigs, int *n_subk )
    2926             : {
    2927             :   kbnode_t onode, node;
    2928             :   int rc, found;
    2929             : 
    2930             :   /* 1st: handle revocation certificates */
    2931          41 :   for (node=keyblock->next; node; node=node->next )
    2932             :     {
    2933          41 :       if (node->pkt->pkttype == PKT_USER_ID )
    2934          40 :         break;
    2935           1 :       else if (node->pkt->pkttype == PKT_SIGNATURE
    2936           1 :                && node->pkt->pkt.signature->sig_class == 0x20)
    2937             :         {
    2938             :           /* check whether we already have this */
    2939           0 :           found = 0;
    2940           0 :           for (onode=keyblock_orig->next; onode; onode=onode->next)
    2941             :             {
    2942           0 :               if (onode->pkt->pkttype == PKT_USER_ID )
    2943           0 :                 break;
    2944           0 :               else if (onode->pkt->pkttype == PKT_SIGNATURE
    2945           0 :                        && onode->pkt->pkt.signature->sig_class == 0x20
    2946           0 :                        && !cmp_signatures(onode->pkt->pkt.signature,
    2947           0 :                                           node->pkt->pkt.signature))
    2948             :                 {
    2949           0 :                   found = 1;
    2950           0 :                   break;
    2951             :                 }
    2952             :             }
    2953           0 :           if (!found)
    2954             :             {
    2955           0 :               kbnode_t n2 = clone_kbnode(node);
    2956           0 :               insert_kbnode( keyblock_orig, n2, 0 );
    2957           0 :               n2->flag |= NODE_FLAG_A;
    2958           0 :               ++*n_sigs;
    2959           0 :               if(!opt.quiet)
    2960             :                 {
    2961           0 :                   char *p=get_user_id_native (keyid);
    2962           0 :                   log_info(_("key %s: \"%s\" revocation"
    2963             :                              " certificate added\n"), keystr(keyid),p);
    2964           0 :                   xfree(p);
    2965             :                 }
    2966             :             }
    2967             :         }
    2968             :     }
    2969             : 
    2970             :   /* 2nd: merge in any direct key (0x1F) sigs */
    2971          41 :   for(node=keyblock->next; node; node=node->next)
    2972             :     {
    2973          41 :       if (node->pkt->pkttype == PKT_USER_ID )
    2974          40 :         break;
    2975           1 :       else if (node->pkt->pkttype == PKT_SIGNATURE
    2976           1 :                && node->pkt->pkt.signature->sig_class == 0x1F)
    2977             :         {
    2978             :           /* check whether we already have this */
    2979           1 :           found = 0;
    2980           1 :           for (onode=keyblock_orig->next; onode; onode=onode->next)
    2981             :             {
    2982           1 :               if (onode->pkt->pkttype == PKT_USER_ID)
    2983           1 :                 break;
    2984           0 :               else if (onode->pkt->pkttype == PKT_SIGNATURE
    2985           0 :                        && onode->pkt->pkt.signature->sig_class == 0x1F
    2986           0 :                        && !cmp_signatures(onode->pkt->pkt.signature,
    2987           0 :                                           node->pkt->pkt.signature))
    2988             :                 {
    2989           0 :                   found = 1;
    2990           0 :                   break;
    2991             :                 }
    2992             :             }
    2993           1 :           if (!found )
    2994             :             {
    2995           1 :               kbnode_t n2 = clone_kbnode(node);
    2996           1 :               insert_kbnode( keyblock_orig, n2, 0 );
    2997           1 :               n2->flag |= NODE_FLAG_A;
    2998           1 :               ++*n_sigs;
    2999           1 :               if(!opt.quiet)
    3000           1 :                 log_info( _("key %s: direct key signature added\n"),
    3001             :                           keystr(keyid));
    3002             :             }
    3003             :         }
    3004             :     }
    3005             : 
    3006             :   /* 3rd: try to merge new certificates in */
    3007         213 :   for (onode=keyblock_orig->next; onode; onode=onode->next)
    3008             :     {
    3009         173 :       if (!(onode->flag & NODE_FLAG_A) && onode->pkt->pkttype == PKT_USER_ID)
    3010             :         {
    3011             :           /* find the user id in the imported keyblock */
    3012          71 :           for (node=keyblock->next; node; node=node->next)
    3013          71 :             if (node->pkt->pkttype == PKT_USER_ID
    3014          59 :                 && !cmp_user_ids( onode->pkt->pkt.user_id,
    3015          59 :                                   node->pkt->pkt.user_id ) )
    3016          48 :               break;
    3017          48 :           if (node ) /* found: merge */
    3018             :             {
    3019          48 :               rc = merge_sigs (onode, node, n_sigs);
    3020          48 :               if (rc )
    3021           0 :                 return rc;
    3022             :             }
    3023             :         }
    3024             :     }
    3025             : 
    3026             :   /* 4th: add new user-ids */
    3027         206 :   for (node=keyblock->next; node; node=node->next)
    3028             :     {
    3029         166 :       if (node->pkt->pkttype == PKT_USER_ID)
    3030             :         {
    3031             :           /* do we have this in the original keyblock */
    3032          73 :           for (onode=keyblock_orig->next; onode; onode=onode->next )
    3033          73 :             if (onode->pkt->pkttype == PKT_USER_ID
    3034          59 :                 && !cmp_user_ids( onode->pkt->pkt.user_id,
    3035          59 :                                   node->pkt->pkt.user_id ) )
    3036          48 :               break;
    3037          48 :           if (!onode ) /* this is a new user id: append */
    3038             :             {
    3039           0 :               rc = append_uid (keyblock_orig, node, n_sigs);
    3040           0 :               if (rc )
    3041           0 :                 return rc;
    3042           0 :               ++*n_uids;
    3043             :             }
    3044             :         }
    3045             :     }
    3046             : 
    3047             :   /* 5th: add new subkeys */
    3048         206 :   for (node=keyblock->next; node; node=node->next)
    3049             :     {
    3050         166 :       onode = NULL;
    3051         166 :       if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
    3052             :         {
    3053             :           /* do we have this in the original keyblock? */
    3054         122 :           for(onode=keyblock_orig->next; onode; onode=onode->next)
    3055         122 :             if (onode->pkt->pkttype == PKT_PUBLIC_SUBKEY
    3056          34 :                 && !cmp_public_keys( onode->pkt->pkt.public_key,
    3057          34 :                                      node->pkt->pkt.public_key))
    3058          34 :               break;
    3059          34 :           if (!onode ) /* This is a new subkey: append.  */
    3060             :             {
    3061           0 :               rc = append_key (keyblock_orig, node, n_sigs);
    3062           0 :               if (rc)
    3063           0 :                 return rc;
    3064           0 :               ++*n_subk;
    3065             :             }
    3066             :         }
    3067         132 :       else if (node->pkt->pkttype == PKT_SECRET_SUBKEY)
    3068             :         {
    3069             :           /* do we have this in the original keyblock? */
    3070           0 :           for (onode=keyblock_orig->next; onode; onode=onode->next )
    3071           0 :             if (onode->pkt->pkttype == PKT_SECRET_SUBKEY
    3072           0 :                 && !cmp_public_keys (onode->pkt->pkt.public_key,
    3073           0 :                                      node->pkt->pkt.public_key) )
    3074           0 :               break;
    3075           0 :           if (!onode ) /* This is a new subkey: append.  */
    3076             :             {
    3077           0 :               rc = append_key (keyblock_orig, node, n_sigs);
    3078           0 :               if (rc )
    3079           0 :                 return rc;
    3080           0 :               ++*n_subk;
    3081             :             }
    3082             :         }
    3083             :     }
    3084             : 
    3085             :   /* 6th: merge subkey certificates */
    3086         213 :   for (onode=keyblock_orig->next; onode; onode=onode->next)
    3087             :     {
    3088         173 :       if (!(onode->flag & NODE_FLAG_A)
    3089         171 :           && (onode->pkt->pkttype == PKT_PUBLIC_SUBKEY
    3090         135 :               || onode->pkt->pkttype == PKT_SECRET_SUBKEY))
    3091             :         {
    3092             :           /* find the subkey in the imported keyblock */
    3093         125 :           for(node=keyblock->next; node; node=node->next)
    3094             :             {
    3095         123 :               if ((node->pkt->pkttype == PKT_PUBLIC_SUBKEY
    3096          89 :                    || node->pkt->pkttype == PKT_SECRET_SUBKEY)
    3097          34 :                   && !cmp_public_keys( onode->pkt->pkt.public_key,
    3098          34 :                                        node->pkt->pkt.public_key ) )
    3099          34 :                 break;
    3100             :             }
    3101          36 :           if (node) /* Found: merge.  */
    3102             :             {
    3103          34 :               rc = merge_keysigs( onode, node, n_sigs);
    3104          34 :               if (rc )
    3105           0 :                 return rc;
    3106             :             }
    3107             :         }
    3108             :     }
    3109             : 
    3110          40 :   return 0;
    3111             : }
    3112             : 
    3113             : 
    3114             : /* Helper function for merge_blocks.
    3115             :  * Append the userid starting with NODE and all signatures to KEYBLOCK.
    3116             :  */
    3117             : static int
    3118           0 : append_uid (kbnode_t keyblock, kbnode_t node, int *n_sigs)
    3119             : {
    3120             :   kbnode_t n;
    3121           0 :   kbnode_t n_where = NULL;
    3122             : 
    3123           0 :   log_assert (node->pkt->pkttype == PKT_USER_ID );
    3124             : 
    3125             :   /* find the position */
    3126           0 :   for (n = keyblock; n; n_where = n, n = n->next)
    3127             :     {
    3128           0 :       if (n->pkt->pkttype == PKT_PUBLIC_SUBKEY
    3129           0 :           || n->pkt->pkttype == PKT_SECRET_SUBKEY )
    3130             :         break;
    3131             :     }
    3132           0 :   if (!n)
    3133           0 :     n_where = NULL;
    3134             : 
    3135             :   /* and append/insert */
    3136           0 :   while (node)
    3137             :     {
    3138             :       /* we add a clone to the original keyblock, because this
    3139             :        * one is released first */
    3140           0 :       n = clone_kbnode(node);
    3141           0 :       if (n_where)
    3142             :         {
    3143           0 :           insert_kbnode( n_where, n, 0 );
    3144           0 :           n_where = n;
    3145             :         }
    3146             :       else
    3147           0 :         add_kbnode( keyblock, n );
    3148           0 :       n->flag |= NODE_FLAG_A;
    3149           0 :       node->flag |= NODE_FLAG_A;
    3150           0 :       if (n->pkt->pkttype == PKT_SIGNATURE )
    3151           0 :         ++*n_sigs;
    3152             : 
    3153           0 :       node = node->next;
    3154           0 :       if (node && node->pkt->pkttype != PKT_SIGNATURE )
    3155           0 :         break;
    3156             :     }
    3157             : 
    3158           0 :   return 0;
    3159             : }
    3160             : 
    3161             : 
    3162             : /* Helper function for merge_blocks
    3163             :  * Merge the sigs from SRC onto DST. SRC and DST are both a PKT_USER_ID.
    3164             :  * (how should we handle comment packets here?)
    3165             :  */
    3166             : static int
    3167          48 : merge_sigs (kbnode_t dst, kbnode_t src, int *n_sigs)
    3168             : {
    3169             :   kbnode_t n, n2;
    3170          48 :   int found = 0;
    3171             : 
    3172          48 :   log_assert (dst->pkt->pkttype == PKT_USER_ID);
    3173          48 :   log_assert (src->pkt->pkttype == PKT_USER_ID);
    3174             : 
    3175         165 :   for (n=src->next; n && n->pkt->pkttype != PKT_USER_ID; n = n->next)
    3176             :     {
    3177         117 :       if (n->pkt->pkttype != PKT_SIGNATURE )
    3178          34 :         continue;
    3179          83 :       if (n->pkt->pkt.signature->sig_class == 0x18
    3180          49 :           || n->pkt->pkt.signature->sig_class == 0x28 )
    3181          34 :         continue; /* skip signatures which are only valid on subkeys */
    3182             : 
    3183          49 :       found = 0;
    3184          53 :       for (n2=dst->next; n2 && n2->pkt->pkttype != PKT_USER_ID; n2 = n2->next)
    3185          52 :         if (!cmp_signatures(n->pkt->pkt.signature,n2->pkt->pkt.signature))
    3186             :           {
    3187          48 :             found++;
    3188          48 :             break;
    3189             :           }
    3190          49 :       if (!found )
    3191             :         {
    3192             :           /* This signature is new or newer, append N to DST.
    3193             :            * We add a clone to the original keyblock, because this
    3194             :            * one is released first */
    3195           1 :           n2 = clone_kbnode(n);
    3196           1 :           insert_kbnode( dst, n2, PKT_SIGNATURE );
    3197           1 :           n2->flag |= NODE_FLAG_A;
    3198           1 :           n->flag |= NODE_FLAG_A;
    3199           1 :           ++*n_sigs;
    3200             :         }
    3201             :     }
    3202             : 
    3203          48 :   return 0;
    3204             : }
    3205             : 
    3206             : 
    3207             : /* Helper function for merge_blocks
    3208             :  * Merge the sigs from SRC onto DST. SRC and DST are both a PKT_xxx_SUBKEY.
    3209             :  */
    3210             : static int
    3211          34 : merge_keysigs (kbnode_t dst, kbnode_t src, int *n_sigs)
    3212             : {
    3213             :   kbnode_t n, n2;
    3214          34 :   int found = 0;
    3215             : 
    3216          34 :   log_assert (dst->pkt->pkttype == PKT_PUBLIC_SUBKEY
    3217             :               || dst->pkt->pkttype == PKT_SECRET_SUBKEY);
    3218             : 
    3219          68 :   for (n=src->next; n ; n = n->next)
    3220             :     {
    3221          34 :       if (n->pkt->pkttype == PKT_PUBLIC_SUBKEY
    3222          34 :           || n->pkt->pkttype == PKT_PUBLIC_KEY )
    3223             :         break;
    3224          34 :       if (n->pkt->pkttype != PKT_SIGNATURE )
    3225           0 :         continue;
    3226             : 
    3227          34 :       found = 0;
    3228          34 :       for (n2=dst->next; n2; n2 = n2->next)
    3229             :         {
    3230          34 :           if (n2->pkt->pkttype == PKT_PUBLIC_SUBKEY
    3231          34 :               || n2->pkt->pkttype == PKT_PUBLIC_KEY )
    3232             :             break;
    3233          34 :           if (n2->pkt->pkttype == PKT_SIGNATURE
    3234          68 :               && (n->pkt->pkt.signature->keyid[0]
    3235          34 :                   == n2->pkt->pkt.signature->keyid[0])
    3236          68 :               && (n->pkt->pkt.signature->keyid[1]
    3237          34 :                   == n2->pkt->pkt.signature->keyid[1])
    3238          68 :               && (n->pkt->pkt.signature->timestamp
    3239          34 :                   <= n2->pkt->pkt.signature->timestamp)
    3240          68 :               && (n->pkt->pkt.signature->sig_class
    3241          34 :                   == n2->pkt->pkt.signature->sig_class))
    3242             :             {
    3243          34 :               found++;
    3244          34 :               break;
    3245             :             }
    3246             :         }
    3247          34 :       if (!found )
    3248             :         {
    3249             :           /* This signature is new or newer, append N to DST.
    3250             :            * We add a clone to the original keyblock, because this
    3251             :            * one is released first */
    3252           0 :           n2 = clone_kbnode(n);
    3253           0 :           insert_kbnode( dst, n2, PKT_SIGNATURE );
    3254           0 :           n2->flag |= NODE_FLAG_A;
    3255           0 :           n->flag |= NODE_FLAG_A;
    3256           0 :           ++*n_sigs;
    3257             :         }
    3258             :     }
    3259             : 
    3260          34 :   return 0;
    3261             : }
    3262             : 
    3263             : 
    3264             : /* Helper function for merge_blocks.
    3265             :  * Append the subkey starting with NODE and all signatures to KEYBLOCK.
    3266             :  * Mark all new and copied packets by setting flag bit 0.
    3267             :  */
    3268             : static int
    3269           0 : append_key (kbnode_t keyblock, kbnode_t node, int *n_sigs)
    3270             : {
    3271             :   kbnode_t n;
    3272             : 
    3273           0 :   log_assert (node->pkt->pkttype == PKT_PUBLIC_SUBKEY
    3274             :               || node->pkt->pkttype == PKT_SECRET_SUBKEY);
    3275             : 
    3276           0 :   while (node)
    3277             :     {
    3278             :       /* we add a clone to the original keyblock, because this
    3279             :        * one is released first */
    3280           0 :       n = clone_kbnode(node);
    3281           0 :       add_kbnode( keyblock, n );
    3282           0 :       n->flag |= NODE_FLAG_A;
    3283           0 :       node->flag |= NODE_FLAG_A;
    3284           0 :       if (n->pkt->pkttype == PKT_SIGNATURE )
    3285           0 :         ++*n_sigs;
    3286             : 
    3287           0 :       node = node->next;
    3288           0 :       if (node && node->pkt->pkttype != PKT_SIGNATURE )
    3289           0 :         break;
    3290             :     }
    3291             : 
    3292           0 :   return 0;
    3293             : }

Generated by: LCOV version 1.11