LCOV - code coverage report
Current view: top level - g10 - import.c (source / functions) Hit Total Coverage
Test: coverage.info Lines: 704 1290 54.6 %
Date: 2015-11-05 17:10:59 Functions: 21 32 65.6 %

          Line data    Source code
       1             : /* import.c - import a key into our key storage.
       2             :  * Copyright (C) 1998-2007, 2010-2011 Free Software Foundation, Inc.
       3             :  * Copyright (C) 2014  Werner Koch
       4             :  *
       5             :  * This file is part of GnuPG.
       6             :  *
       7             :  * GnuPG is free software; you can redistribute it and/or modify
       8             :  * it under the terms of the GNU General Public License as published by
       9             :  * the Free Software Foundation; either version 3 of the License, or
      10             :  * (at your option) any later version.
      11             :  *
      12             :  * GnuPG is distributed in the hope that it will be useful,
      13             :  * but WITHOUT ANY WARRANTY; without even the implied warranty of
      14             :  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      15             :  * GNU General Public License for more details.
      16             :  *
      17             :  * You should have received a copy of the GNU General Public License
      18             :  * along with this program; if not, see <http://www.gnu.org/licenses/>.
      19             :  */
      20             : 
      21             : #include <config.h>
      22             : #include <stdio.h>
      23             : #include <stdlib.h>
      24             : #include <string.h>
      25             : #include <errno.h>
      26             : #include <assert.h>
      27             : 
      28             : #include "gpg.h"
      29             : #include "options.h"
      30             : #include "packet.h"
      31             : #include "status.h"
      32             : #include "keydb.h"
      33             : #include "util.h"
      34             : #include "trustdb.h"
      35             : #include "main.h"
      36             : #include "i18n.h"
      37             : #include "ttyio.h"
      38             : #include "status.h"
      39             : #include "keyserver-internal.h"
      40             : #include "call-agent.h"
      41             : #include "../common/membuf.h"
      42             : 
      43             : struct stats_s
      44             : {
      45             :   ulong count;
      46             :   ulong no_user_id;
      47             :   ulong imported;
      48             :   ulong n_uids;
      49             :   ulong n_sigs;
      50             :   ulong n_subk;
      51             :   ulong unchanged;
      52             :   ulong n_revoc;
      53             :   ulong secret_read;
      54             :   ulong secret_imported;
      55             :   ulong secret_dups;
      56             :   ulong skipped_new_keys;
      57             :   ulong not_imported;
      58             :   ulong n_sigs_cleaned;
      59             :   ulong n_uids_cleaned;
      60             :   ulong v3keys;   /* Number of V3 keys seen.  */
      61             : };
      62             : 
      63             : 
      64             : static int import (ctrl_t ctrl,
      65             :                    IOBUF inp, const char* fname, struct stats_s *stats,
      66             :                    unsigned char **fpr, size_t *fpr_len, unsigned int options,
      67             :                    import_screener_t screener, void *screener_arg);
      68             : static int read_block (IOBUF a, PACKET **pending_pkt, kbnode_t *ret_root,
      69             :                        int *r_v3keys);
      70             : static void revocation_present (ctrl_t ctrl, kbnode_t keyblock);
      71             : static int import_one (ctrl_t ctrl,
      72             :                        const char *fname, kbnode_t keyblock,struct stats_s *stats,
      73             :                        unsigned char **fpr, size_t *fpr_len,
      74             :                        unsigned int options, int from_sk, int silent,
      75             :                        import_screener_t screener, void *screener_arg);
      76             : static int import_secret_one (ctrl_t ctrl, const char *fname, kbnode_t keyblock,
      77             :                               struct stats_s *stats, int batch,
      78             :                               unsigned int options, int for_migration,
      79             :                               import_screener_t screener, void *screener_arg);
      80             : static int import_revoke_cert( const char *fname, kbnode_t node,
      81             :                                struct stats_s *stats);
      82             : static int chk_self_sigs (const char *fname, kbnode_t keyblock,
      83             :                           PKT_public_key *pk, u32 *keyid, int *non_self );
      84             : static int delete_inv_parts (const char *fname, kbnode_t keyblock,
      85             :                              u32 *keyid, unsigned int options );
      86             : static int merge_blocks (const char *fname, kbnode_t keyblock_orig,
      87             :                          kbnode_t keyblock, u32 *keyid,
      88             :                          int *n_uids, int *n_sigs, int *n_subk );
      89             : static int append_uid (kbnode_t keyblock, kbnode_t node, int *n_sigs,
      90             :                              const char *fname, u32 *keyid );
      91             : static int append_key (kbnode_t keyblock, kbnode_t node, int *n_sigs,
      92             :                              const char *fname, u32 *keyid );
      93             : static int merge_sigs (kbnode_t dst, kbnode_t src, int *n_sigs,
      94             :                              const char *fname, u32 *keyid );
      95             : static int merge_keysigs (kbnode_t dst, kbnode_t src, int *n_sigs,
      96             :                              const char *fname, u32 *keyid );
      97             : 
      98             : int
      99           0 : parse_import_options(char *str,unsigned int *options,int noisy)
     100             : {
     101           0 :   struct parse_options import_opts[]=
     102             :     {
     103             :       {"import-local-sigs",IMPORT_LOCAL_SIGS,NULL,
     104             :        N_("import signatures that are marked as local-only")},
     105             : 
     106             :       {"repair-pks-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG,NULL,
     107             :        N_("repair damage from the pks keyserver during import")},
     108             : 
     109             :       {"keep-ownertrust", IMPORT_KEEP_OWNERTTRUST, NULL,
     110             :        N_("do not clear the ownertrust values during import")},
     111             : 
     112             :       {"fast-import",IMPORT_FAST,NULL,
     113             :        N_("do not update the trustdb after import")},
     114             : 
     115             :       {"merge-only",IMPORT_MERGE_ONLY,NULL,
     116             :        N_("only accept updates to existing keys")},
     117             : 
     118             :       {"import-clean",IMPORT_CLEAN,NULL,
     119             :        N_("remove unusable parts from key after import")},
     120             : 
     121             :       {"import-minimal",IMPORT_MINIMAL|IMPORT_CLEAN,NULL,
     122             :        N_("remove as much as possible from key after import")},
     123             : 
     124             :       /* Aliases for backward compatibility */
     125             :       {"allow-local-sigs",IMPORT_LOCAL_SIGS,NULL,NULL},
     126             :       {"repair-hkp-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG,NULL,NULL},
     127             :       /* dummy */
     128             :       {"import-unusable-sigs",0,NULL,NULL},
     129             :       {"import-clean-sigs",0,NULL,NULL},
     130             :       {"import-clean-uids",0,NULL,NULL},
     131             :       {"convert-sk-to-pk",0, NULL,NULL}, /* Not anymore needed due to
     132             :                                             the new design.  */
     133             :       {NULL,0,NULL,NULL}
     134             :     };
     135             : 
     136           0 :   return parse_options(str,options,import_opts,noisy);
     137             : }
     138             : 
     139             : 
     140             : void *
     141          19 : import_new_stats_handle (void)
     142             : {
     143          19 :   return xmalloc_clear ( sizeof (struct stats_s) );
     144             : }
     145             : 
     146             : 
     147             : void
     148          19 : import_release_stats_handle (void *p)
     149             : {
     150          19 :   xfree (p);
     151          19 : }
     152             : 
     153             : 
     154             : /*
     155             :  * Import the public keys from the given filename. Input may be armored.
     156             :  * This function rejects all keys which are not validly self signed on at
     157             :  * least one userid. Only user ids which are self signed will be imported.
     158             :  * Other signatures are not checked.
     159             :  *
     160             :  * Actually this function does a merge. It works like this:
     161             :  *
     162             :  *  - get the keyblock
     163             :  *  - check self-signatures and remove all userids and their signatures
     164             :  *    without/invalid self-signatures.
     165             :  *  - reject the keyblock, if we have no valid userid.
     166             :  *  - See whether we have this key already in one of our pubrings.
     167             :  *    If not, simply add it to the default keyring.
     168             :  *  - Compare the key and the self-signatures of the new and the one in
     169             :  *    our keyring.  If they are different something weird is going on;
     170             :  *    ask what to do.
     171             :  *  - See whether we have only non-self-signature on one user id; if not
     172             :  *    ask the user what to do.
     173             :  *  - compare the signatures: If we already have this signature, check
     174             :  *    that they compare okay; if not, issue a warning and ask the user.
     175             :  *    (consider looking at the timestamp and use the newest?)
     176             :  *  - Simply add the signature.  Can't verify here because we may not have
     177             :  *    the signature's public key yet; verification is done when putting it
     178             :  *    into the trustdb, which is done automagically as soon as this pubkey
     179             :  *    is used.
     180             :  *  - Proceed with next signature.
     181             :  *
     182             :  *  Key revocation certificates have special handling.
     183             :  */
     184             : static int
     185          19 : import_keys_internal (ctrl_t ctrl, iobuf_t inp, char **fnames, int nnames,
     186             :                       void *stats_handle, unsigned char **fpr, size_t *fpr_len,
     187             :                       unsigned int options,
     188             :                       import_screener_t screener, void *screener_arg)
     189             : {
     190             :   int i;
     191          19 :   int rc = 0;
     192          19 :   struct stats_s *stats = stats_handle;
     193             : 
     194          19 :   if (!stats)
     195          19 :     stats = import_new_stats_handle ();
     196             : 
     197          19 :   if (inp)
     198             :     {
     199           0 :       rc = import (ctrl, inp, "[stream]", stats, fpr, fpr_len, options,
     200             :                    screener, screener_arg);
     201             :     }
     202             :   else
     203             :     {
     204          19 :       if (!fnames && !nnames)
     205           1 :         nnames = 1;  /* Ohh what a ugly hack to jump into the loop */
     206             : 
     207          39 :       for (i=0; i < nnames; i++)
     208             :         {
     209          20 :           const char *fname = fnames? fnames[i] : NULL;
     210          20 :           IOBUF inp2 = iobuf_open(fname);
     211             : 
     212          20 :           if (!fname)
     213           1 :             fname = "[stdin]";
     214          20 :           if (inp2 && is_secured_file (iobuf_get_fd (inp2)))
     215             :             {
     216           0 :               iobuf_close (inp2);
     217           0 :               inp2 = NULL;
     218           0 :               gpg_err_set_errno (EPERM);
     219             :             }
     220          20 :           if (!inp2)
     221           0 :             log_error (_("can't open '%s': %s\n"), fname, strerror (errno));
     222             :           else
     223             :             {
     224          20 :               rc = import (ctrl, inp2, fname, stats, fpr, fpr_len, options,
     225             :                            screener, screener_arg);
     226          20 :               iobuf_close (inp2);
     227             :               /* Must invalidate that ugly cache to actually close it. */
     228          20 :               iobuf_ioctl (NULL, IOBUF_IOCTL_INVALIDATE_CACHE, 0, (char*)fname);
     229          20 :               if (rc)
     230           0 :                 log_error ("import from '%s' failed: %s\n",
     231             :                            fname, gpg_strerror (rc) );
     232             :             }
     233          20 :           if (!fname)
     234           0 :             break;
     235             :         }
     236             :     }
     237             : 
     238          19 :   if (!stats_handle)
     239             :     {
     240          19 :       import_print_stats (stats);
     241          19 :       import_release_stats_handle (stats);
     242             :     }
     243             : 
     244             :   /* If no fast import and the trustdb is dirty (i.e. we added a key
     245             :      or userID that had something other than a selfsig, a signature
     246             :      that was other than a selfsig, or any revocation), then
     247             :      update/check the trustdb if the user specified by setting
     248             :      interactive or by not setting no-auto-check-trustdb */
     249             : 
     250          19 :   if (!(options & IMPORT_FAST))
     251          19 :     check_or_update_trustdb ();
     252             : 
     253          19 :   return rc;
     254             : }
     255             : 
     256             : 
     257             : void
     258          19 : import_keys (ctrl_t ctrl, char **fnames, int nnames,
     259             :              void *stats_handle, unsigned int options )
     260             : {
     261          19 :   import_keys_internal (ctrl, NULL, fnames, nnames, stats_handle,
     262             :                         NULL, NULL, options, NULL, NULL);
     263          19 : }
     264             : 
     265             : int
     266           0 : import_keys_stream (ctrl_t ctrl, IOBUF inp, void *stats_handle,
     267             :                     unsigned char **fpr, size_t *fpr_len, unsigned int options)
     268             : {
     269           0 :   return import_keys_internal (ctrl, inp, NULL, 0, stats_handle,
     270             :                                fpr, fpr_len, options, NULL, NULL);
     271             : }
     272             : 
     273             : 
     274             : /* Variant of import_keys_stream reading from an estream_t.  */
     275             : int
     276           0 : import_keys_es_stream (ctrl_t ctrl, estream_t fp, void *stats_handle,
     277             :                        unsigned char **fpr, size_t *fpr_len,
     278             :                        unsigned int options,
     279             :                        import_screener_t screener, void *screener_arg)
     280             : {
     281             :   int rc;
     282             :   iobuf_t inp;
     283             : 
     284           0 :   inp = iobuf_esopen (fp, "r", 1);
     285           0 :   if (!inp)
     286             :     {
     287           0 :       rc = gpg_error_from_syserror ();
     288           0 :       log_error ("iobuf_esopen failed: %s\n", gpg_strerror (rc));
     289           0 :       return rc;
     290             :     }
     291             : 
     292           0 :   rc = import_keys_internal (ctrl, inp, NULL, 0, stats_handle,
     293             :                              fpr, fpr_len, options,
     294             :                              screener, screener_arg);
     295             : 
     296           0 :   iobuf_close (inp);
     297           0 :   return rc;
     298             : }
     299             : 
     300             : 
     301             : static int
     302          20 : import (ctrl_t ctrl, IOBUF inp, const char* fname,struct stats_s *stats,
     303             :         unsigned char **fpr,size_t *fpr_len, unsigned int options,
     304             :         import_screener_t screener, void *screener_arg)
     305             : {
     306          20 :   PACKET *pending_pkt = NULL;
     307          20 :   kbnode_t keyblock = NULL;  /* Need to initialize because gcc can't
     308             :                                 grasp the return semantics of
     309             :                                 read_block. */
     310          20 :   int rc = 0;
     311             :   int v3keys;
     312             : 
     313          20 :   getkey_disable_caches ();
     314             : 
     315          20 :   if (!opt.no_armor) /* Armored reading is not disabled.  */
     316             :     {
     317             :       armor_filter_context_t *afx;
     318             : 
     319          20 :       afx = new_armor_context ();
     320          20 :       afx->only_keyblocks = 1;
     321          20 :       push_armor_filter (afx, inp);
     322          20 :       release_armor_context (afx);
     323             :     }
     324             : 
     325         128 :   while (!(rc = read_block (inp, &pending_pkt, &keyblock, &v3keys)))
     326             :     {
     327          88 :       stats->v3keys += v3keys;
     328          88 :       if (keyblock->pkt->pkttype == PKT_PUBLIC_KEY)
     329          81 :         rc = import_one (ctrl, fname, keyblock,
     330             :                          stats, fpr, fpr_len, options, 0, 0,
     331             :                          screener, screener_arg);
     332           7 :       else if (keyblock->pkt->pkttype == PKT_SECRET_KEY)
     333           7 :         rc = import_secret_one (ctrl, fname, keyblock, stats,
     334             :                                 opt.batch, options, 0,
     335             :                                 screener, screener_arg);
     336           0 :       else if (keyblock->pkt->pkttype == PKT_SIGNATURE
     337           0 :                && keyblock->pkt->pkt.signature->sig_class == 0x20 )
     338           0 :         rc = import_revoke_cert( fname, keyblock, stats );
     339             :       else
     340             :         {
     341           0 :           log_info (_("skipping block of type %d\n"), keyblock->pkt->pkttype);
     342             :         }
     343          88 :       release_kbnode (keyblock);
     344             : 
     345             :       /* fixme: we should increment the not imported counter but
     346             :          this does only make sense if we keep on going despite of
     347             :          errors.  For now we do this only if the imported key is too
     348             :          large. */
     349          88 :       if (gpg_err_code (rc) == GPG_ERR_TOO_LARGE
     350           0 :             && gpg_err_source (rc) == GPG_ERR_SOURCE_KEYBOX)
     351             :         {
     352           0 :           stats->not_imported++;
     353           0 :           rc = 0;
     354             :         }
     355          88 :       else if (rc)
     356           0 :         break;
     357             : 
     358          88 :       if (!(++stats->count % 100) && !opt.quiet)
     359           0 :         log_info (_("%lu keys processed so far\n"), stats->count );
     360             :     }
     361          20 :   stats->v3keys += v3keys;
     362          20 :   if (rc == -1)
     363          20 :     rc = 0;
     364           0 :   else if (rc && gpg_err_code (rc) != GPG_ERR_INV_KEYRING)
     365           0 :     log_error (_("error reading '%s': %s\n"), fname, gpg_strerror (rc));
     366             : 
     367          20 :   return rc;
     368             : }
     369             : 
     370             : 
     371             : /* Helper to migrate secring.gpg to GnuPG 2.1.  */
     372             : gpg_error_t
     373           0 : import_old_secring (ctrl_t ctrl, const char *fname)
     374             : {
     375             :   gpg_error_t err;
     376             :   iobuf_t inp;
     377           0 :   PACKET *pending_pkt = NULL;
     378           0 :   kbnode_t keyblock = NULL;  /* Need to initialize because gcc can't
     379             :                                 grasp the return semantics of
     380             :                                 read_block. */
     381             :   struct stats_s *stats;
     382             :   int v3keys;
     383             : 
     384           0 :   inp = iobuf_open (fname);
     385           0 :   if (inp && is_secured_file (iobuf_get_fd (inp)))
     386             :     {
     387           0 :       iobuf_close (inp);
     388           0 :       inp = NULL;
     389           0 :       gpg_err_set_errno (EPERM);
     390             :     }
     391           0 :   if (!inp)
     392             :     {
     393           0 :       err = gpg_error_from_syserror ();
     394           0 :       log_error (_("can't open '%s': %s\n"), fname, gpg_strerror (err));
     395           0 :       return err;
     396             :     }
     397             : 
     398           0 :   getkey_disable_caches();
     399           0 :   stats = import_new_stats_handle ();
     400           0 :   while (!(err = read_block (inp, &pending_pkt, &keyblock, &v3keys)))
     401             :     {
     402           0 :       if (keyblock->pkt->pkttype == PKT_SECRET_KEY)
     403           0 :         err = import_secret_one (ctrl, fname, keyblock, stats, 1, 0, 1,
     404             :                                  NULL, NULL);
     405           0 :       release_kbnode (keyblock);
     406           0 :       if (err)
     407           0 :         break;
     408             :     }
     409           0 :   import_release_stats_handle (stats);
     410           0 :   if (err == -1)
     411           0 :     err = 0;
     412           0 :   else if (err && gpg_err_code (err) != GPG_ERR_INV_KEYRING)
     413           0 :     log_error (_("error reading '%s': %s\n"), fname, gpg_strerror (err));
     414           0 :   else if (err)
     415           0 :     log_error ("import from '%s' failed: %s\n", fname, gpg_strerror (err));
     416             : 
     417           0 :   iobuf_close (inp);
     418           0 :   iobuf_ioctl (NULL, IOBUF_IOCTL_INVALIDATE_CACHE, 0, (char*)fname);
     419             : 
     420           0 :   return err;
     421             : }
     422             : 
     423             : 
     424             : void
     425          19 : import_print_stats (void *hd)
     426             : {
     427          19 :   struct stats_s *stats = hd;
     428             : 
     429          19 :   if (!opt.quiet)
     430             :     {
     431          19 :       log_info(_("Total number processed: %lu\n"),
     432          19 :                stats->count + stats->v3keys);
     433          19 :       if (stats->v3keys)
     434           0 :         log_info(_("    skipped PGP-2 keys: %lu\n"), stats->v3keys);
     435          19 :       if (stats->skipped_new_keys )
     436           0 :         log_info(_("      skipped new keys: %lu\n"),
     437             :                  stats->skipped_new_keys );
     438          19 :       if (stats->no_user_id )
     439           0 :         log_info(_("          w/o user IDs: %lu\n"), stats->no_user_id );
     440          19 :       if (stats->imported)
     441             :         {
     442          14 :           log_info(_("              imported: %lu"), stats->imported );
     443          14 :           log_printf ("\n");
     444             :         }
     445          19 :       if (stats->unchanged )
     446           4 :         log_info(_("             unchanged: %lu\n"), stats->unchanged );
     447          19 :       if (stats->n_uids )
     448           0 :         log_info(_("          new user IDs: %lu\n"), stats->n_uids );
     449          19 :       if (stats->n_subk )
     450           0 :         log_info(_("           new subkeys: %lu\n"), stats->n_subk );
     451          19 :       if (stats->n_sigs )
     452           2 :         log_info(_("        new signatures: %lu\n"), stats->n_sigs );
     453          19 :       if (stats->n_revoc )
     454           0 :         log_info(_("   new key revocations: %lu\n"), stats->n_revoc );
     455          19 :       if (stats->secret_read )
     456           7 :         log_info(_("      secret keys read: %lu\n"), stats->secret_read );
     457          19 :       if (stats->secret_imported )
     458           6 :         log_info(_("  secret keys imported: %lu\n"), stats->secret_imported );
     459          19 :       if (stats->secret_dups )
     460           1 :         log_info(_(" secret keys unchanged: %lu\n"), stats->secret_dups );
     461          19 :       if (stats->not_imported )
     462           0 :         log_info(_("          not imported: %lu\n"), stats->not_imported );
     463          19 :       if (stats->n_sigs_cleaned)
     464           0 :         log_info(_("    signatures cleaned: %lu\n"),stats->n_sigs_cleaned);
     465          19 :       if (stats->n_uids_cleaned)
     466           0 :         log_info(_("      user IDs cleaned: %lu\n"),stats->n_uids_cleaned);
     467             :     }
     468             : 
     469          19 :   if (is_status_enabled ())
     470             :     {
     471             :       char buf[15*20];
     472             : 
     473           0 :       snprintf (buf, sizeof buf,
     474             :                 "%lu %lu %lu 0 %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu",
     475           0 :                 stats->count + stats->v3keys,
     476             :                 stats->no_user_id,
     477             :                 stats->imported,
     478             :                 stats->unchanged,
     479             :                 stats->n_uids,
     480             :                 stats->n_subk,
     481             :                 stats->n_sigs,
     482             :                 stats->n_revoc,
     483             :                 stats->secret_read,
     484             :                 stats->secret_imported,
     485             :                 stats->secret_dups,
     486             :                 stats->skipped_new_keys,
     487             :                 stats->not_imported,
     488             :                 stats->v3keys );
     489           0 :       write_status_text (STATUS_IMPORT_RES, buf);
     490             :     }
     491          19 : }
     492             : 
     493             : 
     494             : /* Return true if PKTTYPE is valid in a keyblock.  */
     495             : static int
     496         587 : valid_keyblock_packet (int pkttype)
     497             : {
     498         587 :   switch (pkttype)
     499             :     {
     500             :     case PKT_PUBLIC_KEY:
     501             :     case PKT_PUBLIC_SUBKEY:
     502             :     case PKT_SECRET_KEY:
     503             :     case PKT_SECRET_SUBKEY:
     504             :     case PKT_SIGNATURE:
     505             :     case PKT_USER_ID:
     506             :     case PKT_ATTRIBUTE:
     507             :     case PKT_RING_TRUST:
     508         587 :       return 1;
     509             :     default:
     510           0 :       return 0;
     511             :     }
     512             : }
     513             : 
     514             : 
     515             : /****************
     516             :  * Read the next keyblock from stream A.
     517             :  * PENDING_PKT should be initialzed to NULL
     518             :  * and not changed by the caller.
     519             :  * Return: 0 = okay, -1 no more blocks or another errorcode.
     520             :  *         The int at at R_V3KEY counts the number of unsupported v3
     521             :  *         keyblocks.
     522             :  */
     523             : static int
     524         108 : read_block( IOBUF a, PACKET **pending_pkt, kbnode_t *ret_root, int *r_v3keys)
     525             : {
     526             :   int rc;
     527             :   PACKET *pkt;
     528         108 :   kbnode_t root = NULL;
     529             :   int in_cert, in_v3key;
     530             : 
     531         108 :   *r_v3keys = 0;
     532             : 
     533         108 :   if (*pending_pkt)
     534             :     {
     535          68 :       root = new_kbnode( *pending_pkt );
     536          68 :       *pending_pkt = NULL;
     537          68 :       in_cert = 1;
     538             :     }
     539             :   else
     540          40 :     in_cert = 0;
     541             : 
     542         108 :   pkt = xmalloc (sizeof *pkt);
     543         108 :   init_packet (pkt);
     544         108 :   in_v3key = 0;
     545         808 :   while ((rc=parse_packet(a, pkt)) != -1)
     546             :     {
     547         660 :       if (rc && (gpg_err_code (rc) == GPG_ERR_LEGACY_KEY
     548           0 :                  && (pkt->pkttype == PKT_PUBLIC_KEY
     549           0 :                      || pkt->pkttype == PKT_SECRET_KEY)))
     550             :         {
     551           0 :           in_v3key = 1;
     552           0 :           ++*r_v3keys;
     553           0 :           free_packet (pkt);
     554           0 :           init_packet (pkt);
     555           0 :           continue;
     556             :         }
     557         660 :       else if (rc ) /* (ignore errors) */
     558             :         {
     559           0 :           if (gpg_err_code (rc) == GPG_ERR_UNKNOWN_PACKET)
     560             :             ; /* Do not show a diagnostic.  */
     561             :           else
     562             :             {
     563           0 :               log_error("read_block: read error: %s\n", gpg_strerror (rc) );
     564           0 :               rc = GPG_ERR_INV_KEYRING;
     565           0 :               goto ready;
     566             :             }
     567           0 :           free_packet( pkt );
     568           0 :           init_packet(pkt);
     569           0 :           continue;
     570             :         }
     571             : 
     572         660 :         if (in_v3key && !(pkt->pkttype == PKT_PUBLIC_KEY
     573           0 :                           || pkt->pkttype == PKT_SECRET_KEY))
     574             :           {
     575           0 :             free_packet( pkt );
     576           0 :             init_packet(pkt);
     577           0 :             continue;
     578             :           }
     579         660 :         in_v3key = 0;
     580             : 
     581         660 :         if (!root && pkt->pkttype == PKT_SIGNATURE
     582           0 :                   && pkt->pkt.signature->sig_class == 0x20 )
     583             :           {
     584             :             /* This is a revocation certificate which is handled in a
     585             :              * special way.  */
     586           0 :             root = new_kbnode( pkt );
     587           0 :             pkt = NULL;
     588           0 :             goto ready;
     589             :           }
     590             : 
     591             :         /* Make a linked list of all packets.  */
     592         660 :         switch (pkt->pkttype)
     593             :           {
     594             :           case PKT_COMPRESSED:
     595           0 :             if (check_compress_algo (pkt->pkt.compressed->algorithm))
     596             :               {
     597           0 :                 rc = GPG_ERR_COMPR_ALGO;
     598           0 :                 goto ready;
     599             :               }
     600             :             else
     601             :               {
     602           0 :                 compress_filter_context_t *cfx = xmalloc_clear( sizeof *cfx );
     603           0 :                 pkt->pkt.compressed->buf = NULL;
     604           0 :                 push_compress_filter2(a,cfx,pkt->pkt.compressed->algorithm,1);
     605             :               }
     606           0 :             free_packet( pkt );
     607           0 :             init_packet(pkt);
     608           0 :             break;
     609             : 
     610             :           case PKT_RING_TRUST:
     611             :             /* Skip those packets.  */
     612           5 :             free_packet( pkt );
     613           5 :             init_packet(pkt);
     614           5 :             break;
     615             : 
     616             :           case PKT_PUBLIC_KEY:
     617             :           case PKT_SECRET_KEY:
     618          88 :             if (in_cert ) /* Store this packet.  */
     619             :               {
     620          68 :                 *pending_pkt = pkt;
     621          68 :                 pkt = NULL;
     622          68 :                 goto ready;
     623             :               }
     624          20 :             in_cert = 1;
     625             :           default:
     626         587 :             if (in_cert && valid_keyblock_packet (pkt->pkttype))
     627             :               {
     628         587 :                 if (!root )
     629          20 :                   root = new_kbnode (pkt);
     630             :                 else
     631         567 :                   add_kbnode (root, new_kbnode (pkt));
     632         587 :                 pkt = xmalloc (sizeof *pkt);
     633             :               }
     634         587 :             init_packet(pkt);
     635         587 :             break;
     636             :           }
     637             :     }
     638             : 
     639             :  ready:
     640         108 :   if (rc == -1 && root )
     641          20 :     rc = 0;
     642             : 
     643         108 :   if (rc )
     644          20 :     release_kbnode( root );
     645             :   else
     646          88 :     *ret_root = root;
     647         108 :   free_packet( pkt );
     648         108 :   xfree( pkt );
     649         108 :   return rc;
     650             : }
     651             : 
     652             : 
     653             : /* Walk through the subkeys on a pk to find if we have the PKS
     654             :    disease: multiple subkeys with their binding sigs stripped, and the
     655             :    sig for the first subkey placed after the last subkey.  That is,
     656             :    instead of "pk uid sig sub1 bind1 sub2 bind2 sub3 bind3" we have
     657             :    "pk uid sig sub1 sub2 sub3 bind1".  We can't do anything about sub2
     658             :    and sub3, as they are already lost, but we can try and rescue sub1
     659             :    by reordering the keyblock so that it reads "pk uid sig sub1 bind1
     660             :    sub2 sub3".  Returns TRUE if the keyblock was modified. */
     661             : static int
     662           0 : fix_pks_corruption (kbnode_t keyblock)
     663             : {
     664           0 :   int changed = 0;
     665           0 :   int keycount = 0;
     666             :   kbnode_t node;
     667           0 :   kbnode_t last = NULL;
     668           0 :   kbnode_t sknode=NULL;
     669             : 
     670             :   /* First determine if we have the problem at all.  Look for 2 or
     671             :      more subkeys in a row, followed by a single binding sig. */
     672           0 :   for (node=keyblock; node; last=node, node=node->next)
     673             :     {
     674           0 :       if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
     675             :         {
     676           0 :           keycount++;
     677           0 :           if(!sknode)
     678           0 :             sknode=node;
     679             :         }
     680           0 :       else if (node->pkt->pkttype == PKT_SIGNATURE
     681           0 :                && node->pkt->pkt.signature->sig_class == 0x18
     682           0 :                && keycount >= 2
     683           0 :                && !node->next)
     684             :         {
     685             :           /* We might have the problem, as this key has two subkeys in
     686             :              a row without any intervening packets. */
     687             : 
     688             :           /* Sanity check */
     689           0 :           if (!last)
     690           0 :             break;
     691             : 
     692             :           /* Temporarily attach node to sknode. */
     693           0 :           node->next = sknode->next;
     694           0 :           sknode->next = node;
     695           0 :           last->next = NULL;
     696             : 
     697             :           /* Note we aren't checking whether this binding sig is a
     698             :              selfsig.  This is not necessary here as the subkey and
     699             :              binding sig will be rejected later if that is the
     700             :              case. */
     701           0 :           if (check_key_signature (keyblock,node,NULL))
     702             :             {
     703             :               /* Not a match, so undo the changes. */
     704           0 :               sknode->next = node->next;
     705           0 :               last->next = node;
     706           0 :               node->next = NULL;
     707           0 :               break;
     708             :             }
     709             :           else
     710             :             {
     711           0 :               sknode->flag |= 1; /* Mark it good so we don't need to
     712             :                                     check it again */
     713           0 :               changed = 1;
     714           0 :               break;
     715             :             }
     716             :         }
     717             :       else
     718           0 :         keycount = 0;
     719             :     }
     720             : 
     721           0 :   return changed;
     722             : }
     723             : 
     724             : 
     725             : /* Versions of GnuPG before 1.4.11 and 2.0.16 allowed to import bogus
     726             :    direct key signatures.  A side effect of this was that a later
     727             :    import of the same good direct key signatures was not possible
     728             :    because the cmp_signature check in merge_blocks considered them
     729             :    equal.  Although direct key signatures are now checked during
     730             :    import, there might still be bogus signatures sitting in a keyring.
     731             :    We need to detect and delete them before doing a merge.  This
     732             :    function returns the number of removed sigs.  */
     733             : static int
     734          31 : fix_bad_direct_key_sigs (kbnode_t keyblock, u32 *keyid)
     735             : {
     736             :   gpg_error_t err;
     737             :   kbnode_t node;
     738          31 :   int count = 0;
     739             : 
     740          31 :   for (node = keyblock->next; node; node=node->next)
     741             :     {
     742          31 :       if (node->pkt->pkttype == PKT_USER_ID)
     743          31 :         break;
     744           0 :       if (node->pkt->pkttype == PKT_SIGNATURE
     745           0 :           && IS_KEY_SIG (node->pkt->pkt.signature))
     746             :         {
     747           0 :           err = check_key_signature (keyblock, node, NULL);
     748           0 :           if (err && gpg_err_code (err) != GPG_ERR_PUBKEY_ALGO )
     749             :             {
     750             :               /* If we don't know the error, we can't decide; this is
     751             :                  not a problem because cmp_signature can't compare the
     752             :                  signature either.  */
     753           0 :               log_info ("key %s: invalid direct key signature removed\n",
     754             :                         keystr (keyid));
     755           0 :               delete_kbnode (node);
     756           0 :               count++;
     757             :             }
     758             :         }
     759             :     }
     760             : 
     761          31 :   return count;
     762             : }
     763             : 
     764             : 
     765             : static void
     766           0 : print_import_ok (PKT_public_key *pk, unsigned int reason)
     767             : {
     768             :   byte array[MAX_FINGERPRINT_LEN], *s;
     769             :   char buf[MAX_FINGERPRINT_LEN*2+30], *p;
     770             :   size_t i, n;
     771             : 
     772           0 :   snprintf (buf, sizeof buf, "%u ", reason);
     773           0 :   p = buf + strlen (buf);
     774             : 
     775           0 :   fingerprint_from_pk (pk, array, &n);
     776           0 :   s = array;
     777           0 :   for (i=0; i < n ; i++, s++, p += 2)
     778           0 :     sprintf (p, "%02X", *s);
     779             : 
     780           0 :   write_status_text (STATUS_IMPORT_OK, buf);
     781           0 : }
     782             : 
     783             : 
     784             : static void
     785           0 : print_import_check (PKT_public_key * pk, PKT_user_id * id)
     786             : {
     787             :   char * buf;
     788             :   byte fpr[24];
     789             :   u32 keyid[2];
     790             :   size_t i, n;
     791           0 :   size_t pos = 0;
     792             : 
     793           0 :   buf = xmalloc (17+41+id->len+32);
     794           0 :   keyid_from_pk (pk, keyid);
     795           0 :   sprintf (buf, "%08X%08X ", keyid[0], keyid[1]);
     796           0 :   pos = 17;
     797           0 :   fingerprint_from_pk (pk, fpr, &n);
     798           0 :   for (i = 0; i < n; i++, pos += 2)
     799           0 :     sprintf (buf+pos, "%02X", fpr[i]);
     800           0 :   strcat (buf, " ");
     801           0 :   pos += 1;
     802           0 :   strcat (buf, id->name);
     803           0 :   write_status_text (STATUS_IMPORT_CHECK, buf);
     804           0 :   xfree (buf);
     805           0 : }
     806             : 
     807             : 
     808             : static void
     809           0 : check_prefs_warning(PKT_public_key *pk)
     810             : {
     811           0 :   log_info(_("WARNING: key %s contains preferences for unavailable\n"
     812             :              "algorithms on these user IDs:\n"), keystr_from_pk(pk));
     813           0 : }
     814             : 
     815             : 
     816             : static void
     817          12 : check_prefs (ctrl_t ctrl, kbnode_t keyblock)
     818             : {
     819             :   kbnode_t node;
     820             :   PKT_public_key *pk;
     821          12 :   int problem=0;
     822             : 
     823          12 :   merge_keys_and_selfsig(keyblock);
     824          12 :   pk=keyblock->pkt->pkt.public_key;
     825             : 
     826          74 :   for(node=keyblock;node;node=node->next)
     827             :     {
     828          62 :       if(node->pkt->pkttype==PKT_USER_ID
     829          16 :          && node->pkt->pkt.user_id->created
     830          14 :          && node->pkt->pkt.user_id->prefs)
     831             :         {
     832          14 :           PKT_user_id *uid = node->pkt->pkt.user_id;
     833          14 :           prefitem_t *prefs = uid->prefs;
     834          14 :           char *user = utf8_to_native(uid->name,strlen(uid->name),0);
     835             : 
     836         118 :           for(;prefs->type;prefs++)
     837             :             {
     838             :               char num[10]; /* prefs->value is a byte, so we're over
     839             :                                safe here */
     840             : 
     841         104 :               sprintf(num,"%u",prefs->value);
     842             : 
     843         104 :               if(prefs->type==PREFTYPE_SYM)
     844             :                 {
     845          44 :                   if (openpgp_cipher_test_algo (prefs->value))
     846             :                     {
     847           0 :                       const char *algo =
     848           0 :                         (openpgp_cipher_test_algo (prefs->value)
     849             :                          ? num
     850           0 :                          : openpgp_cipher_algo_name (prefs->value));
     851           0 :                       if(!problem)
     852           0 :                         check_prefs_warning(pk);
     853           0 :                       log_info(_("         \"%s\": preference for cipher"
     854             :                                  " algorithm %s\n"), user, algo);
     855           0 :                       problem=1;
     856             :                     }
     857             :                 }
     858          60 :               else if(prefs->type==PREFTYPE_HASH)
     859             :                 {
     860          34 :                   if(openpgp_md_test_algo(prefs->value))
     861             :                     {
     862           0 :                       const char *algo =
     863           0 :                         (gcry_md_test_algo (prefs->value)
     864             :                          ? num
     865           0 :                          : gcry_md_algo_name (prefs->value));
     866           0 :                       if(!problem)
     867           0 :                         check_prefs_warning(pk);
     868           0 :                       log_info(_("         \"%s\": preference for digest"
     869             :                                  " algorithm %s\n"), user, algo);
     870           0 :                       problem=1;
     871             :                     }
     872             :                 }
     873          26 :               else if(prefs->type==PREFTYPE_ZIP)
     874             :                 {
     875          26 :                   if(check_compress_algo (prefs->value))
     876             :                     {
     877           0 :                       const char *algo=compress_algo_to_string(prefs->value);
     878           0 :                       if(!problem)
     879           0 :                         check_prefs_warning(pk);
     880           0 :                       log_info(_("         \"%s\": preference for compression"
     881             :                                  " algorithm %s\n"),user,algo?algo:num);
     882           0 :                       problem=1;
     883             :                     }
     884             :                 }
     885             :             }
     886             : 
     887          14 :           xfree(user);
     888             :         }
     889             :     }
     890             : 
     891          12 :   if(problem)
     892             :     {
     893           0 :       log_info(_("it is strongly suggested that you update"
     894             :                  " your preferences and\n"));
     895           0 :       log_info(_("re-distribute this key to avoid potential algorithm"
     896             :                  " mismatch problems\n"));
     897             : 
     898           0 :       if(!opt.batch)
     899             :         {
     900           0 :           strlist_t sl = NULL;
     901           0 :           strlist_t locusr = NULL;
     902           0 :           size_t fprlen=0;
     903             :           byte fpr[MAX_FINGERPRINT_LEN], *p;
     904             :           char username[(MAX_FINGERPRINT_LEN*2)+1];
     905             :           unsigned int i;
     906             : 
     907           0 :           p = fingerprint_from_pk (pk,fpr,&fprlen);
     908           0 :           for(i=0;i<fprlen;i++,p++)
     909           0 :             sprintf(username+2*i,"%02X",*p);
     910           0 :           add_to_strlist(&locusr,username);
     911             : 
     912           0 :           append_to_strlist(&sl,"updpref");
     913           0 :           append_to_strlist(&sl,"save");
     914             : 
     915           0 :           keyedit_menu (ctrl, username, locusr, sl, 1, 1 );
     916           0 :           free_strlist(sl);
     917           0 :           free_strlist(locusr);
     918             :         }
     919           0 :       else if(!opt.quiet)
     920           0 :         log_info(_("you can update your preferences with:"
     921             :                    " gpg --edit-key %s updpref save\n"),keystr_from_pk(pk));
     922             :     }
     923          12 : }
     924             : 
     925             : 
     926             : /*
     927             :  * Try to import one keyblock. Return an error only in serious cases,
     928             :  * but never for an invalid keyblock.  It uses log_error to increase
     929             :  * the internal errorcount, so that invalid input can be detected by
     930             :  * programs which called gpg.  If SILENT is no messages are printed -
     931             :  * even most error messages are suppressed.
     932             :  */
     933             : static int
     934          88 : import_one (ctrl_t ctrl,
     935             :             const char *fname, kbnode_t keyblock, struct stats_s *stats,
     936             :             unsigned char **fpr, size_t *fpr_len, unsigned int options,
     937             :             int from_sk, int silent,
     938             :             import_screener_t screener, void *screener_arg)
     939             : {
     940             :   PKT_public_key *pk;
     941             :   PKT_public_key *pk_orig;
     942             :   kbnode_t node, uidnode;
     943          88 :   kbnode_t keyblock_orig = NULL;
     944             :   byte fpr2[MAX_FINGERPRINT_LEN];
     945             :   size_t fpr2len;
     946             :   u32 keyid[2];
     947          88 :   int rc = 0;
     948          88 :   int new_key = 0;
     949          88 :   int mod_key = 0;
     950          88 :   int same_key = 0;
     951          88 :   int non_self = 0;
     952             :   size_t an;
     953             :   char pkstrbuf[PUBKEY_STRING_SIZE];
     954             : 
     955             :   /* Get the key and print some info about it. */
     956          88 :   node = find_kbnode( keyblock, PKT_PUBLIC_KEY );
     957          88 :   if (!node )
     958           0 :     BUG();
     959             : 
     960          88 :   pk = node->pkt->pkt.public_key;
     961             : 
     962          88 :   fingerprint_from_pk (pk, fpr2, &fpr2len);
     963          88 :   for (an = fpr2len; an < MAX_FINGERPRINT_LEN; an++)
     964           0 :     fpr2[an] = 0;
     965          88 :   keyid_from_pk( pk, keyid );
     966          88 :   uidnode = find_next_kbnode( keyblock, PKT_USER_ID );
     967             : 
     968          88 :   if (opt.verbose && !opt.interactive && !silent)
     969             :     {
     970           0 :       log_info( "pub  %s/%s %s  ",
     971             :                 pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
     972             :                 keystr_from_pk(pk), datestr_from_pk(pk) );
     973           0 :       if (uidnode)
     974           0 :         print_utf8_buffer (log_get_stream (),
     975           0 :                            uidnode->pkt->pkt.user_id->name,
     976           0 :                            uidnode->pkt->pkt.user_id->len );
     977           0 :       log_printf ("\n");
     978             :     }
     979             : 
     980             : 
     981          88 :   if (!uidnode )
     982             :     {
     983           0 :       if (!silent)
     984           0 :         log_error( _("key %s: no user ID\n"), keystr_from_pk(pk));
     985           0 :       return 0;
     986             :     }
     987             : 
     988          88 :   if (screener && screener (keyblock, screener_arg))
     989             :     {
     990           0 :       log_error (_("key %s: %s\n"), keystr_from_pk (pk),
     991             :                  _("rejected by import screener"));
     992           0 :       return 0;
     993             :     }
     994             : 
     995          88 :   if (opt.interactive && !silent)
     996             :     {
     997           0 :       if (is_status_enabled())
     998           0 :         print_import_check (pk, uidnode->pkt->pkt.user_id);
     999           0 :       merge_keys_and_selfsig (keyblock);
    1000           0 :       tty_printf ("\n");
    1001           0 :       show_basic_key_info (keyblock);
    1002           0 :       tty_printf ("\n");
    1003           0 :       if (!cpr_get_answer_is_yes ("import.okay",
    1004             :                                   "Do you want to import this key? (y/N) "))
    1005           0 :         return 0;
    1006             :     }
    1007             : 
    1008          88 :   collapse_uids(&keyblock);
    1009             : 
    1010             :   /* Clean the key that we're about to import, to cut down on things
    1011             :      that we have to clean later.  This has no practical impact on the
    1012             :      end result, but does result in less logging which might confuse
    1013             :      the user. */
    1014          88 :   if (options&IMPORT_CLEAN)
    1015           0 :     clean_key (keyblock,opt.verbose,options&IMPORT_MINIMAL,NULL,NULL);
    1016             : 
    1017          88 :   clear_kbnode_flags( keyblock );
    1018             : 
    1019          88 :   if ((options&IMPORT_REPAIR_PKS_SUBKEY_BUG) && fix_pks_corruption(keyblock)
    1020           0 :       && opt.verbose)
    1021           0 :     log_info (_("key %s: PKS subkey corruption repaired\n"),
    1022             :               keystr_from_pk(pk));
    1023             : 
    1024          88 :   rc = chk_self_sigs( fname, keyblock , pk, keyid, &non_self );
    1025          88 :   if (rc )
    1026           0 :     return rc== -1? 0:rc;
    1027             : 
    1028             :   /* If we allow such a thing, mark unsigned uids as valid */
    1029          88 :   if (opt.allow_non_selfsigned_uid)
    1030             :     {
    1031          16 :       for (node=keyblock; node; node = node->next )
    1032          12 :         if (node->pkt->pkttype == PKT_USER_ID && !(node->flag & 1) )
    1033             :           {
    1034           4 :             char *user=utf8_to_native(node->pkt->pkt.user_id->name,
    1035           4 :                                       node->pkt->pkt.user_id->len,0);
    1036           4 :             node->flag |= 1;
    1037           4 :             log_info( _("key %s: accepted non self-signed user ID \"%s\"\n"),
    1038             :                       keystr_from_pk(pk),user);
    1039           4 :             xfree(user);
    1040             :           }
    1041             :     }
    1042             : 
    1043          88 :   if (!delete_inv_parts( fname, keyblock, keyid, options ) )
    1044             :     {
    1045           0 :       if (!silent)
    1046             :         {
    1047           0 :           log_error( _("key %s: no valid user IDs\n"), keystr_from_pk(pk));
    1048           0 :           if (!opt.quiet )
    1049           0 :             log_info(_("this may be caused by a missing self-signature\n"));
    1050             :         }
    1051           0 :       stats->no_user_id++;
    1052           0 :       return 0;
    1053             :     }
    1054             : 
    1055             :   /* Do we have this key already in one of our pubrings ? */
    1056          88 :   pk_orig = xmalloc_clear( sizeof *pk_orig );
    1057          88 :   rc = get_pubkey_byfprint_fast (pk_orig, fpr2, fpr2len);
    1058          88 :   if (rc && gpg_err_code (rc) != GPG_ERR_NO_PUBKEY
    1059           0 :       && gpg_err_code (rc) != GPG_ERR_UNUSABLE_PUBKEY )
    1060             :     {
    1061           0 :       if (!silent)
    1062           0 :         log_error (_("key %s: public key not found: %s\n"),
    1063             :                    keystr(keyid), gpg_strerror (rc));
    1064             :     }
    1065          88 :   else if ( rc && (opt.import_options&IMPORT_MERGE_ONLY) )
    1066             :     {
    1067           0 :       if (opt.verbose && !silent )
    1068           0 :         log_info( _("key %s: new key - skipped\n"), keystr(keyid));
    1069           0 :       rc = 0;
    1070           0 :       stats->skipped_new_keys++;
    1071             :     }
    1072          88 :   else if (rc )  /* Insert this key. */
    1073             :     {
    1074          57 :       KEYDB_HANDLE hd = keydb_new ();
    1075             : 
    1076          57 :       rc = keydb_locate_writable (hd);
    1077          57 :       if (rc)
    1078             :         {
    1079           0 :           log_error (_("no writable keyring found: %s\n"), gpg_strerror (rc));
    1080           0 :           keydb_release (hd);
    1081           0 :           return GPG_ERR_GENERAL;
    1082             :         }
    1083          57 :       if (opt.verbose > 1 )
    1084           0 :         log_info (_("writing to '%s'\n"), keydb_get_resource_name (hd) );
    1085             : 
    1086          57 :       rc = keydb_insert_keyblock (hd, keyblock );
    1087          57 :       if (rc)
    1088           0 :         log_error (_("error writing keyring '%s': %s\n"),
    1089             :                    keydb_get_resource_name (hd), gpg_strerror (rc));
    1090          57 :       else if (!(opt.import_options & IMPORT_KEEP_OWNERTTRUST))
    1091             :         {
    1092             :           /* This should not be possible since we delete the
    1093             :              ownertrust when a key is deleted, but it can happen if
    1094             :              the keyring and trustdb are out of sync.  It can also
    1095             :              be made to happen with the trusted-key command and by
    1096             :              importing and locally exported key. */
    1097             : 
    1098          57 :           clear_ownertrusts (pk);
    1099          57 :           if (non_self)
    1100           3 :             revalidation_mark ();
    1101             :         }
    1102          57 :       keydb_release (hd);
    1103             : 
    1104             :       /* We are ready.  */
    1105          57 :       if (!opt.quiet && !silent)
    1106             :         {
    1107          57 :           char *p = get_user_id_byfpr_native (fpr2);
    1108          57 :           log_info (_("key %s: public key \"%s\" imported\n"),
    1109             :                     keystr(keyid), p);
    1110          57 :           xfree(p);
    1111             :         }
    1112          57 :       if (is_status_enabled())
    1113             :         {
    1114           0 :           char *us = get_long_user_id_string( keyid );
    1115           0 :           write_status_text( STATUS_IMPORTED, us );
    1116           0 :           xfree(us);
    1117           0 :           print_import_ok (pk, 1);
    1118             :         }
    1119          57 :       stats->imported++;
    1120          57 :       new_key = 1;
    1121             :     }
    1122             :   else /* merge */
    1123             :     {
    1124             :       KEYDB_HANDLE hd;
    1125             :       int n_uids, n_sigs, n_subk, n_sigs_cleaned, n_uids_cleaned;
    1126             : 
    1127             :       /* Compare the original against the new key; just to be sure nothing
    1128             :        * weird is going on */
    1129          31 :       if (cmp_public_keys( pk_orig, pk ) )
    1130             :         {
    1131           0 :           if (!silent)
    1132           0 :             log_error( _("key %s: doesn't match our copy\n"),keystr(keyid));
    1133           0 :           goto leave;
    1134             :         }
    1135             : 
    1136             :       /* Now read the original keyblock again so that we can use
    1137             :          that handle for updating the keyblock.  */
    1138          31 :       hd = keydb_new ();
    1139          31 :       keydb_disable_caching (hd);
    1140          31 :       rc = keydb_search_fpr (hd, fpr2);
    1141          31 :       if (rc )
    1142             :         {
    1143           0 :           log_error (_("key %s: can't locate original keyblock: %s\n"),
    1144             :                      keystr(keyid), gpg_strerror (rc));
    1145           0 :           keydb_release (hd);
    1146           0 :           goto leave;
    1147             :         }
    1148          31 :       rc = keydb_get_keyblock (hd, &keyblock_orig);
    1149          31 :       if (rc)
    1150             :         {
    1151           0 :           log_error (_("key %s: can't read original keyblock: %s\n"),
    1152             :                      keystr(keyid), gpg_strerror (rc));
    1153           0 :           keydb_release (hd);
    1154           0 :           goto leave;
    1155             :         }
    1156             : 
    1157             :       /* Make sure the original direct key sigs are all sane.  */
    1158          31 :       n_sigs_cleaned = fix_bad_direct_key_sigs (keyblock_orig, keyid);
    1159          31 :       if (n_sigs_cleaned)
    1160           0 :         commit_kbnode (&keyblock_orig);
    1161             : 
    1162             :       /* and try to merge the block */
    1163          31 :       clear_kbnode_flags( keyblock_orig );
    1164          31 :       clear_kbnode_flags( keyblock );
    1165          31 :       n_uids = n_sigs = n_subk = n_uids_cleaned = 0;
    1166          31 :       rc = merge_blocks( fname, keyblock_orig, keyblock,
    1167             :                          keyid, &n_uids, &n_sigs, &n_subk );
    1168          31 :       if (rc )
    1169             :         {
    1170           0 :           keydb_release (hd);
    1171           0 :           goto leave;
    1172             :         }
    1173             : 
    1174          31 :       if ((options & IMPORT_CLEAN))
    1175           0 :         clean_key (keyblock_orig,opt.verbose,options&IMPORT_MINIMAL,
    1176             :                    &n_uids_cleaned,&n_sigs_cleaned);
    1177             : 
    1178          31 :       if (n_uids || n_sigs || n_subk || n_sigs_cleaned || n_uids_cleaned)
    1179             :         {
    1180           2 :           mod_key = 1;
    1181             :           /* KEYBLOCK_ORIG has been updated; write */
    1182           2 :           rc = keydb_update_keyblock (hd, keyblock_orig);
    1183           2 :           if (rc)
    1184           0 :             log_error (_("error writing keyring '%s': %s\n"),
    1185             :                        keydb_get_resource_name (hd), gpg_strerror (rc) );
    1186           2 :           else if (non_self)
    1187           0 :             revalidation_mark ();
    1188             : 
    1189             :           /* We are ready.  */
    1190           2 :           if (!opt.quiet && !silent)
    1191             :             {
    1192           2 :               char *p = get_user_id_byfpr_native (fpr2);
    1193           2 :               if (n_uids == 1 )
    1194           0 :                 log_info( _("key %s: \"%s\" 1 new user ID\n"),
    1195             :                           keystr(keyid),p);
    1196           2 :               else if (n_uids )
    1197           0 :                 log_info( _("key %s: \"%s\" %d new user IDs\n"),
    1198             :                           keystr(keyid),p,n_uids);
    1199           2 :               if (n_sigs == 1 )
    1200           2 :                 log_info( _("key %s: \"%s\" 1 new signature\n"),
    1201             :                           keystr(keyid), p);
    1202           0 :               else if (n_sigs )
    1203           0 :                 log_info( _("key %s: \"%s\" %d new signatures\n"),
    1204             :                           keystr(keyid), p, n_sigs );
    1205           2 :               if (n_subk == 1 )
    1206           0 :                 log_info( _("key %s: \"%s\" 1 new subkey\n"),
    1207             :                           keystr(keyid), p);
    1208           2 :               else if (n_subk )
    1209           0 :                 log_info( _("key %s: \"%s\" %d new subkeys\n"),
    1210             :                           keystr(keyid), p, n_subk );
    1211           2 :               if (n_sigs_cleaned==1)
    1212           0 :                 log_info(_("key %s: \"%s\" %d signature cleaned\n"),
    1213             :                          keystr(keyid),p,n_sigs_cleaned);
    1214           2 :               else if (n_sigs_cleaned)
    1215           0 :                 log_info(_("key %s: \"%s\" %d signatures cleaned\n"),
    1216             :                          keystr(keyid),p,n_sigs_cleaned);
    1217           2 :               if (n_uids_cleaned==1)
    1218           0 :                 log_info(_("key %s: \"%s\" %d user ID cleaned\n"),
    1219             :                          keystr(keyid),p,n_uids_cleaned);
    1220           2 :               else if (n_uids_cleaned)
    1221           0 :                 log_info(_("key %s: \"%s\" %d user IDs cleaned\n"),
    1222             :                          keystr(keyid),p,n_uids_cleaned);
    1223           2 :               xfree(p);
    1224             :             }
    1225             : 
    1226           2 :           stats->n_uids +=n_uids;
    1227           2 :           stats->n_sigs +=n_sigs;
    1228           2 :           stats->n_subk +=n_subk;
    1229           2 :           stats->n_sigs_cleaned +=n_sigs_cleaned;
    1230           2 :           stats->n_uids_cleaned +=n_uids_cleaned;
    1231             : 
    1232           4 :           if (is_status_enabled () && !silent)
    1233           0 :             print_import_ok (pk, ((n_uids?2:0)|(n_sigs?4:0)|(n_subk?8:0)));
    1234             :         }
    1235             :       else
    1236             :         {
    1237          29 :           same_key = 1;
    1238          29 :           if (is_status_enabled ())
    1239           0 :             print_import_ok (pk, 0);
    1240             : 
    1241          29 :           if (!opt.quiet && !silent)
    1242             :             {
    1243          29 :               char *p = get_user_id_byfpr_native (fpr2);
    1244          29 :               log_info( _("key %s: \"%s\" not changed\n"),keystr(keyid),p);
    1245          29 :               xfree(p);
    1246             :             }
    1247             : 
    1248          29 :           stats->unchanged++;
    1249             :         }
    1250             : 
    1251          31 :       keydb_release (hd); hd = NULL;
    1252             :     }
    1253             : 
    1254             :   leave:
    1255          88 :   if (mod_key || new_key || same_key)
    1256             :     {
    1257             :       /* A little explanation for this: we fill in the fingerprint
    1258             :          when importing keys as it can be useful to know the
    1259             :          fingerprint in certain keyserver-related cases (a keyserver
    1260             :          asked for a particular name, but the key doesn't have that
    1261             :          name).  However, in cases where we're importing more than
    1262             :          one key at a time, we cannot know which key to fingerprint.
    1263             :          In these cases, rather than guessing, we do not
    1264             :          fingerprinting at all, and we must hope the user ID on the
    1265             :          keys are useful.  Note that we need to do this for new
    1266             :          keys, merged keys and even for unchanged keys.  This is
    1267             :          required because for example the --auto-key-locate feature
    1268             :          may import an already imported key and needs to know the
    1269             :          fingerprint of the key in all cases.  */
    1270          88 :       if (fpr)
    1271             :         {
    1272           0 :           xfree (*fpr);
    1273             :           /* Note that we need to compare against 0 here because
    1274             :              COUNT gets only incremented after returning form this
    1275             :              function.  */
    1276           0 :           if (!stats->count)
    1277           0 :             *fpr = fingerprint_from_pk (pk, NULL, fpr_len);
    1278             :           else
    1279           0 :             *fpr = NULL;
    1280             :         }
    1281             :     }
    1282             : 
    1283             :   /* Now that the key is definitely incorporated into the keydb, we
    1284             :      need to check if a designated revocation is present or if the
    1285             :      prefs are not rational so we can warn the user. */
    1286             : 
    1287          88 :   if (mod_key)
    1288             :     {
    1289           2 :       revocation_present (ctrl, keyblock_orig);
    1290           2 :       if (!from_sk && have_secret_key_with_kid (keyid))
    1291           0 :         check_prefs (ctrl, keyblock_orig);
    1292             :     }
    1293          86 :   else if (new_key)
    1294             :     {
    1295          57 :       revocation_present (ctrl, keyblock);
    1296          57 :       if (!from_sk && have_secret_key_with_kid (keyid))
    1297           5 :         check_prefs (ctrl, keyblock);
    1298             :     }
    1299             : 
    1300          88 :   release_kbnode( keyblock_orig );
    1301          88 :   free_public_key( pk_orig );
    1302             : 
    1303          88 :   return rc;
    1304             : }
    1305             : 
    1306             : 
    1307             : /* Transfer all the secret keys in SEC_KEYBLOCK to the gpg-agent.  The
    1308             :    function prints diagnostics and returns an error code.  If BATCH is
    1309             :    true the secret keys are stored by gpg-agent in the transfer format
    1310             :    (i.e. no re-protection and aksing for passphrases). */
    1311             : static gpg_error_t
    1312           7 : transfer_secret_keys (ctrl_t ctrl, struct stats_s *stats, kbnode_t sec_keyblock,
    1313             :                       int batch)
    1314             : {
    1315           7 :   gpg_error_t err = 0;
    1316           7 :   void *kek = NULL;
    1317             :   size_t keklen;
    1318           7 :   kbnode_t ctx = NULL;
    1319             :   kbnode_t node;
    1320             :   PKT_public_key *main_pk, *pk;
    1321             :   struct seckey_info *ski;
    1322             :   int nskey;
    1323             :   membuf_t mbuf;
    1324             :   int i, j;
    1325             :   void *format_args[2*PUBKEY_MAX_NSKEY];
    1326             :   gcry_sexp_t skey, prot, tmpsexp;
    1327           7 :   gcry_sexp_t curve = NULL;
    1328           7 :   unsigned char *transferkey = NULL;
    1329             :   size_t transferkeylen;
    1330           7 :   gcry_cipher_hd_t cipherhd = NULL;
    1331           7 :   unsigned char *wrappedkey = NULL;
    1332             :   size_t wrappedkeylen;
    1333           7 :   char *cache_nonce = NULL;
    1334           7 :   int stub_key_skipped = 0;
    1335             : 
    1336             :   /* Get the current KEK.  */
    1337           7 :   err = agent_keywrap_key (ctrl, 0, &kek, &keklen);
    1338           7 :   if (err)
    1339             :     {
    1340           0 :       log_error ("error getting the KEK: %s\n", gpg_strerror (err));
    1341           0 :       goto leave;
    1342             :     }
    1343             : 
    1344             :   /* Prepare a cipher context.  */
    1345           7 :   err = gcry_cipher_open (&cipherhd, GCRY_CIPHER_AES128,
    1346             :                           GCRY_CIPHER_MODE_AESWRAP, 0);
    1347           7 :   if (!err)
    1348           7 :     err = gcry_cipher_setkey (cipherhd, kek, keklen);
    1349           7 :   if (err)
    1350           0 :     goto leave;
    1351           7 :   xfree (kek);
    1352           7 :   kek = NULL;
    1353             : 
    1354           7 :   main_pk = NULL;
    1355          45 :   while ((node = walk_kbnode (sec_keyblock, &ctx, 0)))
    1356             :     {
    1357          31 :       if (node->pkt->pkttype != PKT_SECRET_KEY
    1358          24 :           && node->pkt->pkttype != PKT_SECRET_SUBKEY)
    1359          17 :         continue;
    1360          14 :       pk = node->pkt->pkt.public_key;
    1361          14 :       if (!main_pk)
    1362           7 :         main_pk = pk;
    1363             : 
    1364             :       /* Make sure the keyids are available.  */
    1365          14 :       keyid_from_pk (pk, NULL);
    1366          14 :       if (node->pkt->pkttype == PKT_SECRET_KEY)
    1367             :         {
    1368           7 :           pk->main_keyid[0] = pk->keyid[0];
    1369           7 :           pk->main_keyid[1] = pk->keyid[1];
    1370             :         }
    1371             :       else
    1372             :         {
    1373           7 :           pk->main_keyid[0] = main_pk->keyid[0];
    1374           7 :           pk->main_keyid[1] = main_pk->keyid[1];
    1375             :         }
    1376             : 
    1377             : 
    1378          14 :       ski = pk->seckey_info;
    1379          14 :       if (!ski)
    1380           0 :         BUG ();
    1381             : 
    1382          14 :       stats->count++;
    1383          14 :       stats->secret_read++;
    1384             : 
    1385             :       /* We ignore stub keys.  The way we handle them in other parts
    1386             :          of the code is by asking the agent whether any secret key is
    1387             :          available for a given keyblock and then concluding that we
    1388             :          have a secret key; all secret (sub)keys of the keyblock the
    1389             :          agent does not know of are then stub keys.  This works also
    1390             :          for card stub keys.  The learn command or the card-status
    1391             :          command may be used to check with the agent whether a card
    1392             :          has been inserted and a stub key is in turn generated by the
    1393             :          agent.  */
    1394          14 :       if (ski->s2k.mode == 1001 || ski->s2k.mode == 1002)
    1395             :         {
    1396           0 :           stub_key_skipped = 1;
    1397           0 :           continue;
    1398             :         }
    1399             : 
    1400             :       /* Convert our internal secret key object into an S-expression.  */
    1401          14 :       nskey = pubkey_get_nskey (pk->pubkey_algo);
    1402          14 :       if (!nskey || nskey > PUBKEY_MAX_NSKEY)
    1403             :         {
    1404           0 :           err = gpg_error (GPG_ERR_BAD_SECKEY);
    1405           0 :           log_error ("internal error: %s\n", gpg_strerror (err));
    1406           0 :           goto leave;
    1407             :         }
    1408             : 
    1409          14 :       init_membuf (&mbuf, 50);
    1410          14 :       put_membuf_str (&mbuf, "(skey");
    1411          14 :       if (pk->pubkey_algo == PUBKEY_ALGO_ECDSA
    1412           8 :           || pk->pubkey_algo == PUBKEY_ALGO_EDDSA
    1413           8 :           || pk->pubkey_algo == PUBKEY_ALGO_ECDH)
    1414          12 :         {
    1415             :           /* The ECC case.  */
    1416          12 :           char *curvestr = openpgp_oid_to_str (pk->pkey[0]);
    1417          12 :           if (!curvestr)
    1418           0 :             err = gpg_error_from_syserror ();
    1419             :           else
    1420             :             {
    1421          12 :               const char *curvename = openpgp_oid_to_curve (curvestr, 1);
    1422          12 :               err = gcry_sexp_build (&curve, NULL, "(curve %s)",
    1423             :                                      curvename?curvename:curvestr);
    1424          12 :               xfree (curvestr);
    1425          12 :               if (!err)
    1426             :                 {
    1427          12 :                   j = 0;
    1428             :                   /* Append the public key element Q.  */
    1429          12 :                   put_membuf_str (&mbuf, " _ %m");
    1430          12 :                   format_args[j++] = pk->pkey + 1;
    1431             : 
    1432             :                   /* Append the secret key element D.  For ECDH we
    1433             :                      skip PKEY[2] because this holds the KEK which is
    1434             :                      not needed by gpg-agent.  */
    1435          12 :                   i = pk->pubkey_algo == PUBKEY_ALGO_ECDH? 3 : 2;
    1436          12 :                   if (gcry_mpi_get_flag (pk->pkey[i], GCRYMPI_FLAG_USER1))
    1437          12 :                     put_membuf_str (&mbuf, " e %m");
    1438             :                   else
    1439           0 :                     put_membuf_str (&mbuf, " _ %m");
    1440          12 :                   format_args[j++] = pk->pkey + i;
    1441             :                 }
    1442             :             }
    1443             :         }
    1444             :       else
    1445             :         {
    1446             :           /* Standard case for the old (non-ECC) algorithms.  */
    1447          11 :           for (i=j=0; i < nskey; i++)
    1448             :             {
    1449           9 :               if (!pk->pkey[i])
    1450           0 :                 continue; /* Protected keys only have NPKEY+1 elements.  */
    1451             : 
    1452           9 :               if (gcry_mpi_get_flag (pk->pkey[i], GCRYMPI_FLAG_USER1))
    1453           2 :                 put_membuf_str (&mbuf, " e %m");
    1454             :               else
    1455           7 :                 put_membuf_str (&mbuf, " _ %m");
    1456           9 :               format_args[j++] = pk->pkey + i;
    1457             :             }
    1458             :         }
    1459          14 :       put_membuf_str (&mbuf, ")");
    1460          14 :       put_membuf (&mbuf, "", 1);
    1461          14 :       if (err)
    1462           0 :         xfree (get_membuf (&mbuf, NULL));
    1463             :       else
    1464             :         {
    1465          14 :           char *format = get_membuf (&mbuf, NULL);
    1466          14 :           if (!format)
    1467           0 :             err = gpg_error_from_syserror ();
    1468             :           else
    1469          14 :             err = gcry_sexp_build_array (&skey, NULL, format, format_args);
    1470          14 :           xfree (format);
    1471             :         }
    1472          14 :       if (err)
    1473             :         {
    1474           0 :           log_error ("error building skey array: %s\n", gpg_strerror (err));
    1475           0 :           goto leave;
    1476             :         }
    1477             : 
    1478          14 :       if (ski->is_protected)
    1479             :         {
    1480             :           char countbuf[35];
    1481             : 
    1482             :           /* Note that the IVLEN may be zero if we are working on a
    1483             :              dummy key.  We can't express that in an S-expression and
    1484             :              thus we send dummy data for the IV.  */
    1485          14 :           snprintf (countbuf, sizeof countbuf, "%lu",
    1486          14 :                     (unsigned long)ski->s2k.count);
    1487          84 :           err = gcry_sexp_build
    1488             :             (&prot, NULL,
    1489             :              " (protection %s %s %b %d %s %b %s)\n",
    1490          14 :              ski->sha1chk? "sha1":"sum",
    1491          14 :              openpgp_cipher_algo_name (ski->algo),
    1492          28 :              ski->ivlen? (int)ski->ivlen:1,
    1493          14 :              ski->ivlen? ski->iv: (const unsigned char*)"X",
    1494             :              ski->s2k.mode,
    1495          14 :              openpgp_md_algo_name (ski->s2k.hash_algo),
    1496          14 :              (int)sizeof (ski->s2k.salt), ski->s2k.salt,
    1497             :              countbuf);
    1498             :         }
    1499             :       else
    1500           0 :         err = gcry_sexp_build (&prot, NULL, " (protection none)\n");
    1501             : 
    1502          14 :       tmpsexp = NULL;
    1503          14 :       xfree (transferkey);
    1504          14 :       transferkey = NULL;
    1505          14 :       if (!err)
    1506          56 :         err = gcry_sexp_build (&tmpsexp, NULL,
    1507             :                                "(openpgp-private-key\n"
    1508             :                                " (version %d)\n"
    1509             :                                " (algo %s)\n"
    1510             :                                " %S%S\n"
    1511             :                                " (csum %d)\n"
    1512             :                                " %S)\n",
    1513          14 :                                pk->version,
    1514          14 :                                openpgp_pk_algo_name (pk->pubkey_algo),
    1515             :                                curve, skey,
    1516          14 :                                (int)(unsigned long)ski->csum, prot);
    1517          14 :       gcry_sexp_release (skey);
    1518          14 :       gcry_sexp_release (prot);
    1519          14 :       if (!err)
    1520          14 :         err = make_canon_sexp_pad (tmpsexp, 1, &transferkey, &transferkeylen);
    1521          14 :       gcry_sexp_release (tmpsexp);
    1522          14 :       if (err)
    1523             :         {
    1524           0 :           log_error ("error building transfer key: %s\n", gpg_strerror (err));
    1525           0 :           goto leave;
    1526             :         }
    1527             : 
    1528             :       /* Wrap the key.  */
    1529          14 :       wrappedkeylen = transferkeylen + 8;
    1530          14 :       xfree (wrappedkey);
    1531          14 :       wrappedkey = xtrymalloc (wrappedkeylen);
    1532          14 :       if (!wrappedkey)
    1533           0 :         err = gpg_error_from_syserror ();
    1534             :       else
    1535          14 :         err = gcry_cipher_encrypt (cipherhd, wrappedkey, wrappedkeylen,
    1536             :                                    transferkey, transferkeylen);
    1537          14 :       if (err)
    1538           0 :         goto leave;
    1539          14 :       xfree (transferkey);
    1540          14 :       transferkey = NULL;
    1541             : 
    1542             :       /* Send the wrapped key to the agent.  */
    1543             :       {
    1544          14 :         char *desc = gpg_format_keydesc (pk, FORMAT_KEYDESC_IMPORT, 1);
    1545          14 :         err = agent_import_key (ctrl, desc, &cache_nonce,
    1546             :                                 wrappedkey, wrappedkeylen, batch);
    1547          14 :         xfree (desc);
    1548             :       }
    1549          14 :       if (!err)
    1550             :         {
    1551          12 :           if (opt.verbose)
    1552           0 :             log_info (_("key %s: secret key imported\n"),
    1553             :                       keystr_from_pk_with_sub (main_pk, pk));
    1554          12 :           stats->secret_imported++;
    1555             :         }
    1556           2 :       else if ( gpg_err_code (err) == GPG_ERR_EEXIST )
    1557             :         {
    1558           2 :           if (opt.verbose)
    1559           0 :             log_info (_("key %s: secret key already exists\n"),
    1560             :                       keystr_from_pk_with_sub (main_pk, pk));
    1561           2 :           err = 0;
    1562           2 :           stats->secret_dups++;
    1563             :         }
    1564             :       else
    1565             :         {
    1566           0 :           log_error (_("key %s: error sending to agent: %s\n"),
    1567             :                      keystr_from_pk_with_sub (main_pk, pk),
    1568             :                      gpg_strerror (err));
    1569           0 :           if (gpg_err_code (err) == GPG_ERR_CANCELED
    1570           0 :               || gpg_err_code (err) == GPG_ERR_FULLY_CANCELED)
    1571             :             break; /* Don't try the other subkeys.  */
    1572             :         }
    1573             :     }
    1574             : 
    1575           7 :   if (!err && stub_key_skipped)
    1576             :     /* We need to notify user how to migrate stub keys.  */
    1577           0 :     err = gpg_error (GPG_ERR_NOT_PROCESSED);
    1578             : 
    1579             :  leave:
    1580           7 :   gcry_sexp_release (curve);
    1581           7 :   xfree (cache_nonce);
    1582           7 :   xfree (wrappedkey);
    1583           7 :   xfree (transferkey);
    1584           7 :   gcry_cipher_close (cipherhd);
    1585           7 :   xfree (kek);
    1586           7 :   return err;
    1587             : }
    1588             : 
    1589             : 
    1590             : /* Walk a secret keyblock and produce a public keyblock out of it.
    1591             :    Returns a new node or NULL on error. */
    1592             : static kbnode_t
    1593           7 : sec_to_pub_keyblock (kbnode_t sec_keyblock)
    1594             : {
    1595           7 :   kbnode_t pub_keyblock = NULL;
    1596           7 :   kbnode_t ctx = NULL;
    1597             :   kbnode_t secnode, pubnode;
    1598             : 
    1599          45 :   while ((secnode = walk_kbnode (sec_keyblock, &ctx, 0)))
    1600             :     {
    1601          31 :       if (secnode->pkt->pkttype == PKT_SECRET_KEY
    1602          24 :           || secnode->pkt->pkttype == PKT_SECRET_SUBKEY)
    1603          14 :         {
    1604             :           /* Make a public key.  */
    1605             :           PACKET *pkt;
    1606             :           PKT_public_key *pk;
    1607             : 
    1608          14 :           pkt = xtrycalloc (1, sizeof *pkt);
    1609          14 :           pk = pkt? copy_public_key (NULL, secnode->pkt->pkt.public_key): NULL;
    1610          14 :           if (!pk)
    1611             :             {
    1612           0 :               xfree (pkt);
    1613           0 :               release_kbnode (pub_keyblock);
    1614           0 :               return NULL;
    1615             :             }
    1616          14 :           if (secnode->pkt->pkttype == PKT_SECRET_KEY)
    1617           7 :             pkt->pkttype = PKT_PUBLIC_KEY;
    1618             :           else
    1619           7 :             pkt->pkttype = PKT_PUBLIC_SUBKEY;
    1620          14 :           pkt->pkt.public_key = pk;
    1621             : 
    1622          14 :           pubnode = new_kbnode (pkt);
    1623             :         }
    1624             :       else
    1625             :         {
    1626          17 :           pubnode = clone_kbnode (secnode);
    1627             :         }
    1628             : 
    1629          31 :       if (!pub_keyblock)
    1630           7 :         pub_keyblock = pubnode;
    1631             :       else
    1632          24 :         add_kbnode (pub_keyblock, pubnode);
    1633             :     }
    1634             : 
    1635           7 :   return pub_keyblock;
    1636             : }
    1637             : 
    1638             : /****************
    1639             :  * Ditto for secret keys.  Handling is simpler than for public keys.
    1640             :  * We allow secret key importing only when allow is true, this is so
    1641             :  * that a secret key can not be imported accidently and thereby tampering
    1642             :  * with the trust calculation.
    1643             :  */
    1644             : static int
    1645           7 : import_secret_one (ctrl_t ctrl, const char *fname, kbnode_t keyblock,
    1646             :                    struct stats_s *stats, int batch, unsigned int options,
    1647             :                    int for_migration,
    1648             :                    import_screener_t screener, void *screener_arg)
    1649             : {
    1650             :   PKT_public_key *pk;
    1651             :   struct seckey_info *ski;
    1652             :   kbnode_t node, uidnode;
    1653             :   u32 keyid[2];
    1654           7 :   int rc = 0;
    1655             :   int nr_prev;
    1656             :   kbnode_t pub_keyblock;
    1657             :   char pkstrbuf[PUBKEY_STRING_SIZE];
    1658             : 
    1659             :   /* Get the key and print some info about it */
    1660           7 :   node = find_kbnode (keyblock, PKT_SECRET_KEY);
    1661           7 :   if (!node)
    1662           0 :     BUG ();
    1663             : 
    1664           7 :   pk = node->pkt->pkt.public_key;
    1665             : 
    1666           7 :   keyid_from_pk (pk, keyid);
    1667           7 :   uidnode = find_next_kbnode (keyblock, PKT_USER_ID);
    1668             : 
    1669           7 :   if (screener && screener (keyblock, screener_arg))
    1670             :     {
    1671           0 :       log_error (_("secret key %s: %s\n"), keystr_from_pk (pk),
    1672             :                  _("rejected by import screener"));
    1673           0 :       return 0;
    1674             :   }
    1675             : 
    1676           7 :   if (opt.verbose && !for_migration)
    1677             :     {
    1678           0 :       log_info ("sec  %s/%s %s   ",
    1679             :                 pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
    1680             :                 keystr_from_pk (pk), datestr_from_pk (pk));
    1681           0 :       if (uidnode)
    1682           0 :         print_utf8_buffer (log_get_stream (), uidnode->pkt->pkt.user_id->name,
    1683           0 :                            uidnode->pkt->pkt.user_id->len);
    1684           0 :       log_printf ("\n");
    1685             :     }
    1686           7 :   stats->secret_read++;
    1687             : 
    1688           7 :   if ((options & IMPORT_NO_SECKEY))
    1689             :     {
    1690           0 :       if (!for_migration)
    1691           0 :         log_error (_("importing secret keys not allowed\n"));
    1692           0 :       return 0;
    1693             :     }
    1694             : 
    1695           7 :   if (!uidnode)
    1696             :     {
    1697           0 :       if (!for_migration)
    1698           0 :         log_error( _("key %s: no user ID\n"), keystr_from_pk (pk));
    1699           0 :       return 0;
    1700             :     }
    1701             : 
    1702           7 :   ski = pk->seckey_info;
    1703           7 :   if (!ski)
    1704             :     {
    1705             :       /* Actually an internal error.  */
    1706           0 :       log_error ("key %s: secret key info missing\n", keystr_from_pk (pk));
    1707           0 :       return 0;
    1708             :     }
    1709             : 
    1710             :   /* A quick check to not import keys with an invalid protection
    1711             :      cipher algorithm (only checks the primary key, though).  */
    1712           7 :   if (ski->algo > 110)
    1713             :     {
    1714           0 :       if (!for_migration)
    1715           0 :         log_error (_("key %s: secret key with invalid cipher %d"
    1716           0 :                      " - skipped\n"), keystr_from_pk (pk), ski->algo);
    1717           0 :       return 0;
    1718             :     }
    1719             : 
    1720             : #ifdef ENABLE_SELINUX_HACKS
    1721             :   if (1)
    1722             :     {
    1723             :       /* We don't allow to import secret keys because that may be used
    1724             :          to put a secret key into the keyring and the user might later
    1725             :          be tricked into signing stuff with that key.  */
    1726             :       log_error (_("importing secret keys not allowed\n"));
    1727             :       return 0;
    1728             :     }
    1729             : #endif
    1730             : 
    1731           7 :   clear_kbnode_flags (keyblock);
    1732             : 
    1733           7 :   nr_prev = stats->skipped_new_keys;
    1734             : 
    1735             :   /* Make a public key out of the key. */
    1736           7 :   pub_keyblock = sec_to_pub_keyblock (keyblock);
    1737           7 :   if (!pub_keyblock)
    1738           0 :     log_error ("key %s: failed to create public key from secret key\n",
    1739             :                    keystr_from_pk (pk));
    1740             :   else
    1741             :     {
    1742             :       /* Note that this outputs an IMPORT_OK status message for the
    1743             :          public key block, and below we will output another one for
    1744             :          the secret keys.  FIXME?  */
    1745           7 :       import_one (ctrl, fname, pub_keyblock, stats,
    1746             :                   NULL, NULL, options, 1, for_migration,
    1747             :                   screener, screener_arg);
    1748             : 
    1749             :       /* Fixme: We should check for an invalid keyblock and
    1750             :          cancel the secret key import in this case.  */
    1751           7 :       release_kbnode (pub_keyblock);
    1752             : 
    1753             :       /* At least we cancel the secret key import when the public key
    1754             :          import was skipped due to MERGE_ONLY option and a new
    1755             :          key.  */
    1756           7 :       if (stats->skipped_new_keys <= nr_prev)
    1757             :         {
    1758             :           /* Read the keyblock again to get the effects of a merge.  */
    1759             :           /* Fixme: we should do this based on the fingerprint or
    1760             :              even better let import_one return the merged
    1761             :              keyblock.  */
    1762           7 :           node = get_pubkeyblock (keyid);
    1763           7 :           if (!node)
    1764           0 :             log_error ("key %s: failed to re-lookup public key\n",
    1765             :                        keystr_from_pk (pk));
    1766             :           else
    1767             :             {
    1768             :               gpg_error_t err;
    1769             : 
    1770           7 :               nr_prev = stats->secret_imported;
    1771           7 :               err = transfer_secret_keys (ctrl, stats, keyblock, batch);
    1772           7 :               if (gpg_err_code (err) == GPG_ERR_NOT_PROCESSED)
    1773             :                 {
    1774             :                   /* TRANSLATORS: For smartcard, each private key on
    1775             :                      host has a reference (stub) to a smartcard and
    1776             :                      actual private key data is stored on the card.  A
    1777             :                      single smartcard can have up to three private key
    1778             :                      data.  Importing private key stub is always
    1779             :                      skipped in 2.1, and it returns
    1780             :                      GPG_ERR_NOT_PROCESSED.  Instead, user should be
    1781             :                      suggested to run 'gpg --card-status', then,
    1782             :                      references to a card will be automatically
    1783             :                      created again.  */
    1784           0 :                   log_info (_("To migrate '%s', with each smartcard, "
    1785             :                               "run: %s\n"), "secring.gpg", "gpg --card-status");
    1786           0 :                   err = 0;
    1787             :                 }
    1788           7 :               if (!err)
    1789             :                 {
    1790           7 :                   int status = 16;
    1791           7 :                   if (!opt.quiet)
    1792           7 :                     log_info (_("key %s: secret key imported\n"),
    1793             :                               keystr_from_pk (pk));
    1794           7 :                   if (stats->secret_imported > nr_prev)
    1795           6 :                     status |= 1;
    1796           7 :                   if (is_status_enabled ())
    1797           0 :                     print_import_ok (pk, status);
    1798           7 :                   check_prefs (ctrl, node);
    1799             :                 }
    1800           7 :               release_kbnode (node);
    1801             :             }
    1802             :         }
    1803             :     }
    1804             : 
    1805           7 :   return rc;
    1806             : }
    1807             : 
    1808             : 
    1809             : /****************
    1810             :  * Import a revocation certificate; this is a single signature packet.
    1811             :  */
    1812             : static int
    1813           0 : import_revoke_cert( const char *fname, kbnode_t node, struct stats_s *stats )
    1814             : {
    1815           0 :   PKT_public_key *pk = NULL;
    1816             :   kbnode_t onode;
    1817           0 :   kbnode_t keyblock = NULL;
    1818           0 :   KEYDB_HANDLE hd = NULL;
    1819             :   u32 keyid[2];
    1820           0 :   int rc = 0;
    1821             : 
    1822             :   (void)fname;
    1823             : 
    1824           0 :   assert( !node->next );
    1825           0 :   assert( node->pkt->pkttype == PKT_SIGNATURE );
    1826           0 :   assert( node->pkt->pkt.signature->sig_class == 0x20 );
    1827             : 
    1828           0 :   keyid[0] = node->pkt->pkt.signature->keyid[0];
    1829           0 :   keyid[1] = node->pkt->pkt.signature->keyid[1];
    1830             : 
    1831           0 :   pk = xmalloc_clear( sizeof *pk );
    1832           0 :   rc = get_pubkey( pk, keyid );
    1833           0 :   if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY )
    1834             :     {
    1835           0 :       log_error(_("key %s: no public key -"
    1836             :                   " can't apply revocation certificate\n"), keystr(keyid));
    1837           0 :       rc = 0;
    1838           0 :       goto leave;
    1839             :     }
    1840           0 :   else if (rc )
    1841             :     {
    1842           0 :       log_error(_("key %s: public key not found: %s\n"),
    1843             :                 keystr(keyid), gpg_strerror (rc));
    1844           0 :       goto leave;
    1845             :     }
    1846             : 
    1847             :   /* Read the original keyblock. */
    1848           0 :   hd = keydb_new ();
    1849             :   {
    1850             :     byte afp[MAX_FINGERPRINT_LEN];
    1851             :     size_t an;
    1852             : 
    1853           0 :     fingerprint_from_pk (pk, afp, &an);
    1854           0 :     while (an < MAX_FINGERPRINT_LEN)
    1855           0 :       afp[an++] = 0;
    1856           0 :     rc = keydb_search_fpr (hd, afp);
    1857             :   }
    1858           0 :   if (rc)
    1859             :     {
    1860           0 :       log_error (_("key %s: can't locate original keyblock: %s\n"),
    1861             :                  keystr(keyid), gpg_strerror (rc));
    1862           0 :       goto leave;
    1863             :     }
    1864           0 :   rc = keydb_get_keyblock (hd, &keyblock );
    1865           0 :   if (rc)
    1866             :     {
    1867           0 :       log_error (_("key %s: can't read original keyblock: %s\n"),
    1868             :                  keystr(keyid), gpg_strerror (rc));
    1869           0 :       goto leave;
    1870             :     }
    1871             : 
    1872             :   /* it is okay, that node is not in keyblock because
    1873             :    * check_key_signature works fine for sig_class 0x20 in this
    1874             :    * special case. */
    1875           0 :   rc = check_key_signature( keyblock, node, NULL);
    1876           0 :   if (rc )
    1877             :     {
    1878           0 :       log_error( _("key %s: invalid revocation certificate"
    1879             :                    ": %s - rejected\n"), keystr(keyid), gpg_strerror (rc));
    1880           0 :       goto leave;
    1881             :     }
    1882             : 
    1883             :   /* check whether we already have this */
    1884           0 :   for(onode=keyblock->next; onode; onode=onode->next ) {
    1885           0 :     if (onode->pkt->pkttype == PKT_USER_ID )
    1886           0 :       break;
    1887           0 :     else if (onode->pkt->pkttype == PKT_SIGNATURE
    1888           0 :              && !cmp_signatures(node->pkt->pkt.signature,
    1889           0 :                                 onode->pkt->pkt.signature))
    1890             :       {
    1891           0 :         rc = 0;
    1892           0 :         goto leave; /* yes, we already know about it */
    1893             :       }
    1894             :   }
    1895             : 
    1896             :   /* insert it */
    1897           0 :   insert_kbnode( keyblock, clone_kbnode(node), 0 );
    1898             : 
    1899             :   /* and write the keyblock back */
    1900           0 :   rc = keydb_update_keyblock (hd, keyblock );
    1901           0 :   if (rc)
    1902           0 :     log_error (_("error writing keyring '%s': %s\n"),
    1903             :                keydb_get_resource_name (hd), gpg_strerror (rc) );
    1904           0 :   keydb_release (hd);
    1905           0 :   hd = NULL;
    1906             : 
    1907             :   /* we are ready */
    1908           0 :   if (!opt.quiet )
    1909             :     {
    1910           0 :       char *p=get_user_id_native (keyid);
    1911           0 :       log_info( _("key %s: \"%s\" revocation certificate imported\n"),
    1912             :                 keystr(keyid),p);
    1913           0 :       xfree(p);
    1914             :     }
    1915           0 :   stats->n_revoc++;
    1916             : 
    1917             :   /* If the key we just revoked was ultimately trusted, remove its
    1918             :      ultimate trust.  This doesn't stop the user from putting the
    1919             :      ultimate trust back, but is a reasonable solution for now. */
    1920           0 :   if(get_ownertrust(pk)==TRUST_ULTIMATE)
    1921           0 :     clear_ownertrusts(pk);
    1922             : 
    1923           0 :   revalidation_mark ();
    1924             : 
    1925             :  leave:
    1926           0 :   keydb_release (hd);
    1927           0 :   release_kbnode( keyblock );
    1928           0 :   free_public_key( pk );
    1929           0 :   return rc;
    1930             : }
    1931             : 
    1932             : 
    1933             : /*
    1934             :  * Loop over the keyblock and check all self signatures.
    1935             :  * Mark all user-ids with a self-signature by setting flag bit 0.
    1936             :  * Mark all user-ids with an invalid self-signature by setting bit 1.
    1937             :  * This works also for subkeys, here the subkey is marked.  Invalid or
    1938             :  * extra subkey sigs (binding or revocation) are marked for deletion.
    1939             :  * non_self is set to true if there are any sigs other than self-sigs
    1940             :  * in this keyblock.
    1941             :  */
    1942             : static int
    1943          88 : chk_self_sigs (const char *fname, kbnode_t keyblock,
    1944             :                PKT_public_key *pk, u32 *keyid, int *non_self )
    1945             : {
    1946          88 :   kbnode_t n, knode = NULL;
    1947             :   PKT_signature *sig;
    1948             :   int rc;
    1949          88 :   u32 bsdate=0, rsdate=0;
    1950          88 :   kbnode_t bsnode = NULL, rsnode = NULL;
    1951             : 
    1952             :   (void)fname;
    1953             :   (void)pk;
    1954             : 
    1955         685 :   for (n=keyblock; (n = find_next_kbnode (n, 0)); )
    1956             :     {
    1957         509 :       if (n->pkt->pkttype == PKT_PUBLIC_SUBKEY)
    1958             :         {
    1959          77 :           knode = n;
    1960          77 :           bsdate = 0;
    1961          77 :           rsdate = 0;
    1962          77 :           bsnode = NULL;
    1963          77 :           rsnode = NULL;
    1964          77 :           continue;
    1965             :         }
    1966             : 
    1967         432 :       if ( n->pkt->pkttype != PKT_SIGNATURE )
    1968         108 :         continue;
    1969             : 
    1970         324 :       sig = n->pkt->pkt.signature;
    1971         324 :       if ( keyid[0] != sig->keyid[0] || keyid[1] != sig->keyid[1] )
    1972             :         {
    1973         136 :           *non_self = 1;
    1974         136 :           continue;
    1975             :         }
    1976             : 
    1977             :       /* This just caches the sigs for later use.  That way we
    1978             :          import a fully-cached key which speeds things up. */
    1979         188 :       if (!opt.no_sig_cache)
    1980         188 :         check_key_signature (keyblock, n, NULL);
    1981             : 
    1982         188 :       if ( IS_UID_SIG(sig) || IS_UID_REV(sig) )
    1983         112 :         {
    1984         112 :           kbnode_t unode = find_prev_kbnode( keyblock, n, PKT_USER_ID );
    1985         112 :           if ( !unode )
    1986             :             {
    1987           0 :               log_error( _("key %s: no user ID for signature\n"),
    1988             :                          keystr(keyid));
    1989           0 :               return -1;  /* The complete keyblock is invalid.  */
    1990             :             }
    1991             : 
    1992             :           /* If it hasn't been marked valid yet, keep trying.  */
    1993         112 :           if (!(unode->flag&1))
    1994             :             {
    1995         104 :               rc = check_key_signature (keyblock, n, NULL);
    1996         104 :               if ( rc )
    1997             :                 {
    1998           0 :                   if ( opt.verbose )
    1999             :                     {
    2000           0 :                       char *p = utf8_to_native
    2001           0 :                         (unode->pkt->pkt.user_id->name,
    2002           0 :                          strlen (unode->pkt->pkt.user_id->name),0);
    2003           0 :                       log_info (gpg_err_code(rc) == GPG_ERR_PUBKEY_ALGO ?
    2004             :                                 _("key %s: unsupported public key "
    2005             :                                   "algorithm on user ID \"%s\"\n"):
    2006             :                                 _("key %s: invalid self-signature "
    2007             :                                   "on user ID \"%s\"\n"),
    2008             :                                 keystr (keyid),p);
    2009           0 :                       xfree (p);
    2010             :                     }
    2011             :                 }
    2012             :               else
    2013         104 :                 unode->flag |= 1; /* Mark that signature checked. */
    2014             :             }
    2015             :         }
    2016          76 :       else if (IS_KEY_SIG (sig))
    2017             :         {
    2018           2 :           rc = check_key_signature (keyblock, n, NULL);
    2019           2 :           if ( rc )
    2020             :             {
    2021           1 :               if (opt.verbose)
    2022           0 :                 log_info (gpg_err_code (rc) == GPG_ERR_PUBKEY_ALGO ?
    2023             :                           _("key %s: unsupported public key algorithm\n"):
    2024             :                           _("key %s: invalid direct key signature\n"),
    2025             :                           keystr (keyid));
    2026           1 :               n->flag |= 4;
    2027             :             }
    2028             :         }
    2029          74 :       else if ( IS_SUBKEY_SIG (sig) )
    2030             :         {
    2031             :           /* Note that this works based solely on the timestamps like
    2032             :              the rest of gpg.  If the standard gets revocation
    2033             :              targets, this may need to be revised.  */
    2034             : 
    2035          74 :           if ( !knode )
    2036             :             {
    2037           0 :               if (opt.verbose)
    2038           0 :                 log_info (_("key %s: no subkey for key binding\n"),
    2039             :                           keystr (keyid));
    2040           0 :               n->flag |= 4; /* delete this */
    2041             :             }
    2042             :           else
    2043             :             {
    2044          74 :               rc = check_key_signature (keyblock, n, NULL);
    2045          74 :               if ( rc )
    2046             :                 {
    2047           0 :                   if (opt.verbose)
    2048           0 :                     log_info (gpg_err_code (rc) == GPG_ERR_PUBKEY_ALGO ?
    2049             :                               _("key %s: unsupported public key"
    2050             :                                 " algorithm\n"):
    2051             :                               _("key %s: invalid subkey binding\n"),
    2052             :                               keystr (keyid));
    2053           0 :                   n->flag |= 4;
    2054             :                 }
    2055             :               else
    2056             :                 {
    2057             :                   /* It's valid, so is it newer? */
    2058          74 :                   if (sig->timestamp >= bsdate)
    2059             :                     {
    2060          74 :                       knode->flag |= 1;  /* The subkey is valid.  */
    2061          74 :                       if (bsnode)
    2062             :                         {
    2063             :                           /* Delete the last binding sig since this
    2064             :                              one is newer */
    2065           1 :                           bsnode->flag |= 4;
    2066           1 :                           if (opt.verbose)
    2067           0 :                             log_info (_("key %s: removed multiple subkey"
    2068             :                                         " binding\n"),keystr(keyid));
    2069             :                         }
    2070             : 
    2071          74 :                       bsnode = n;
    2072          74 :                       bsdate = sig->timestamp;
    2073             :                     }
    2074             :                   else
    2075           0 :                     n->flag |= 4; /* older */
    2076             :                 }
    2077             :             }
    2078             :         }
    2079           0 :       else if ( IS_SUBKEY_REV (sig) )
    2080             :         {
    2081             :           /* We don't actually mark the subkey as revoked right now,
    2082             :              so just check that the revocation sig is the most recent
    2083             :              valid one.  Note that we don't care if the binding sig is
    2084             :              newer than the revocation sig.  See the comment in
    2085             :              getkey.c:merge_selfsigs_subkey for more.  */
    2086           0 :           if ( !knode )
    2087             :             {
    2088           0 :               if (opt.verbose)
    2089           0 :                 log_info (_("key %s: no subkey for key revocation\n"),
    2090             :                           keystr(keyid));
    2091           0 :               n->flag |= 4; /* delete this */
    2092             :             }
    2093             :           else
    2094             :             {
    2095           0 :               rc = check_key_signature (keyblock, n, NULL);
    2096           0 :               if ( rc )
    2097             :                 {
    2098           0 :                   if(opt.verbose)
    2099           0 :                     log_info (gpg_err_code (rc) == GPG_ERR_PUBKEY_ALGO ?
    2100             :                               _("key %s: unsupported public"
    2101             :                                 " key algorithm\n"):
    2102             :                               _("key %s: invalid subkey revocation\n"),
    2103             :                               keystr(keyid));
    2104           0 :                   n->flag |= 4;
    2105             :                 }
    2106             :               else
    2107             :                 {
    2108             :                   /* It's valid, so is it newer? */
    2109           0 :                   if (sig->timestamp >= rsdate)
    2110             :                     {
    2111           0 :                       if (rsnode)
    2112             :                         {
    2113             :                           /* Delete the last revocation sig since
    2114             :                              this one is newer.  */
    2115           0 :                           rsnode->flag |= 4;
    2116           0 :                           if (opt.verbose)
    2117           0 :                             log_info (_("key %s: removed multiple subkey"
    2118             :                                         " revocation\n"),keystr(keyid));
    2119             :                         }
    2120             : 
    2121           0 :                       rsnode = n;
    2122           0 :                       rsdate = sig->timestamp;
    2123             :                     }
    2124             :                   else
    2125           0 :                     n->flag |= 4; /* older */
    2126             :                 }
    2127             :             }
    2128             :         }
    2129             :     }
    2130             : 
    2131          88 :   return 0;
    2132             : }
    2133             : 
    2134             : 
    2135             : /****************
    2136             :  * delete all parts which are invalid and those signatures whose
    2137             :  * public key algorithm is not available in this implemenation;
    2138             :  * but consider RSA as valid, because parse/build_packets knows
    2139             :  * about it.
    2140             :  * returns: true if at least one valid user-id is left over.
    2141             :  */
    2142             : static int
    2143          88 : delete_inv_parts( const char *fname, kbnode_t keyblock,
    2144             :                   u32 *keyid, unsigned int options)
    2145             : {
    2146             :   kbnode_t node;
    2147          88 :   int nvalid=0, uid_seen=0, subkey_seen=0;
    2148             : 
    2149             :   (void)fname;
    2150             : 
    2151         597 :   for (node=keyblock->next; node; node = node->next )
    2152             :     {
    2153         509 :       if (node->pkt->pkttype == PKT_USER_ID)
    2154             :         {
    2155         108 :           uid_seen = 1;
    2156         108 :           if ((node->flag & 2) || !(node->flag & 1) )
    2157             :             {
    2158           0 :               if (opt.verbose )
    2159             :                 {
    2160           0 :                   char *p=utf8_to_native(node->pkt->pkt.user_id->name,
    2161           0 :                                          node->pkt->pkt.user_id->len,0);
    2162           0 :                   log_info( _("key %s: skipped user ID \"%s\"\n"),
    2163             :                             keystr(keyid),p);
    2164           0 :                   xfree(p);
    2165             :                 }
    2166           0 :               delete_kbnode( node ); /* the user-id */
    2167             :               /* and all following packets up to the next user-id */
    2168           0 :               while (node->next
    2169           0 :                      && node->next->pkt->pkttype != PKT_USER_ID
    2170           0 :                      && node->next->pkt->pkttype != PKT_PUBLIC_SUBKEY
    2171           0 :                      && node->next->pkt->pkttype != PKT_SECRET_SUBKEY ){
    2172           0 :                 delete_kbnode( node->next );
    2173           0 :                 node = node->next;
    2174             :               }
    2175             :             }
    2176             :           else
    2177         108 :             nvalid++;
    2178             :         }
    2179         401 :       else if (   node->pkt->pkttype == PKT_PUBLIC_SUBKEY
    2180         324 :                || node->pkt->pkttype == PKT_SECRET_SUBKEY )
    2181             :         {
    2182         158 :           if ((node->flag & 2) || !(node->flag & 1) )
    2183             :             {
    2184           4 :               if (opt.verbose )
    2185           0 :                 log_info( _("key %s: skipped subkey\n"),keystr(keyid));
    2186             : 
    2187           4 :               delete_kbnode( node ); /* the subkey */
    2188             :               /* and all following signature packets */
    2189           8 :               while (node->next
    2190           0 :                      && node->next->pkt->pkttype == PKT_SIGNATURE ) {
    2191           0 :                 delete_kbnode( node->next );
    2192           0 :                 node = node->next;
    2193             :               }
    2194             :             }
    2195             :           else
    2196          73 :             subkey_seen = 1;
    2197             :         }
    2198         324 :       else if (node->pkt->pkttype == PKT_SIGNATURE
    2199         324 :                && openpgp_pk_test_algo (node->pkt->pkt.signature->pubkey_algo)
    2200           0 :                && node->pkt->pkt.signature->pubkey_algo != PUBKEY_ALGO_RSA )
    2201             :         {
    2202           0 :           delete_kbnode( node ); /* build_packet() can't handle this */
    2203             :         }
    2204         324 :       else if (node->pkt->pkttype == PKT_SIGNATURE
    2205         324 :                && !node->pkt->pkt.signature->flags.exportable
    2206           0 :                && !(options&IMPORT_LOCAL_SIGS)
    2207           0 :                && !have_secret_key_with_kid (node->pkt->pkt.signature->keyid))
    2208             :         {
    2209             :           /* here we violate the rfc a bit by still allowing
    2210             :            * to import non-exportable signature when we have the
    2211             :            * the secret key used to create this signature - it
    2212             :            * seems that this makes sense */
    2213           0 :           if(opt.verbose)
    2214           0 :             log_info( _("key %s: non exportable signature"
    2215             :                         " (class 0x%02X) - skipped\n"),
    2216           0 :                       keystr(keyid), node->pkt->pkt.signature->sig_class );
    2217           0 :           delete_kbnode( node );
    2218             :         }
    2219         324 :       else if (node->pkt->pkttype == PKT_SIGNATURE
    2220         324 :                && node->pkt->pkt.signature->sig_class == 0x20)
    2221             :         {
    2222           0 :           if (uid_seen )
    2223             :             {
    2224           0 :               if(opt.verbose)
    2225           0 :                 log_info( _("key %s: revocation certificate"
    2226             :                             " at wrong place - skipped\n"),keystr(keyid));
    2227           0 :               delete_kbnode( node );
    2228             :             }
    2229             :           else
    2230             :             {
    2231             :               /* If the revocation cert is from a different key than
    2232             :                  the one we're working on don't check it - it's
    2233             :                  probably from a revocation key and won't be
    2234             :                  verifiable with this key anyway. */
    2235             : 
    2236           0 :               if(node->pkt->pkt.signature->keyid[0]==keyid[0]
    2237           0 :                  && node->pkt->pkt.signature->keyid[1]==keyid[1])
    2238             :                 {
    2239           0 :                   int rc = check_key_signature( keyblock, node, NULL);
    2240           0 :                   if (rc )
    2241             :                     {
    2242           0 :                       if(opt.verbose)
    2243           0 :                         log_info( _("key %s: invalid revocation"
    2244             :                                     " certificate: %s - skipped\n"),
    2245             :                                   keystr(keyid), gpg_strerror (rc));
    2246           0 :                       delete_kbnode( node );
    2247             :                     }
    2248             :                 }
    2249             :             }
    2250             :         }
    2251         324 :       else if (node->pkt->pkttype == PKT_SIGNATURE
    2252         324 :                && (node->pkt->pkt.signature->sig_class == 0x18
    2253         250 :                    || node->pkt->pkt.signature->sig_class == 0x28)
    2254          74 :                && !subkey_seen )
    2255             :         {
    2256           0 :           if(opt.verbose)
    2257           0 :             log_info( _("key %s: subkey signature"
    2258             :                         " in wrong place - skipped\n"), keystr(keyid));
    2259           0 :           delete_kbnode( node );
    2260             :         }
    2261         324 :       else if (node->pkt->pkttype == PKT_SIGNATURE
    2262         324 :                && !IS_CERT(node->pkt->pkt.signature))
    2263             :         {
    2264           0 :           if(opt.verbose)
    2265           0 :             log_info(_("key %s: unexpected signature class (0x%02X) -"
    2266             :                        " skipped\n"),keystr(keyid),
    2267           0 :                      node->pkt->pkt.signature->sig_class);
    2268           0 :           delete_kbnode(node);
    2269             :           }
    2270         324 :       else if ((node->flag & 4) ) /* marked for deletion */
    2271           2 :         delete_kbnode( node );
    2272             :     }
    2273             : 
    2274             :   /* note: because keyblock is the public key, it is never marked
    2275             :    * for deletion and so keyblock cannot change */
    2276          88 :   commit_kbnode( &keyblock );
    2277          88 :   return nvalid;
    2278             : }
    2279             : 
    2280             : 
    2281             : /****************
    2282             :  * It may happen that the imported keyblock has duplicated user IDs.
    2283             :  * We check this here and collapse those user IDs together with their
    2284             :  * sigs into one.
    2285             :  * Returns: True if the keyblock has changed.
    2286             :  */
    2287             : int
    2288          88 : collapse_uids( kbnode_t *keyblock )
    2289             : {
    2290             :   kbnode_t uid1;
    2291          88 :   int any=0;
    2292             : 
    2293         743 :   for(uid1=*keyblock;uid1;uid1=uid1->next)
    2294             :     {
    2295             :       kbnode_t uid2;
    2296             : 
    2297         655 :       if(is_deleted_kbnode(uid1))
    2298          58 :         continue;
    2299             : 
    2300         597 :       if(uid1->pkt->pkttype!=PKT_USER_ID)
    2301         489 :         continue;
    2302             : 
    2303         978 :       for(uid2=uid1->next;uid2;uid2=uid2->next)
    2304             :         {
    2305         870 :           if(is_deleted_kbnode(uid2))
    2306          54 :             continue;
    2307             : 
    2308         816 :           if(uid2->pkt->pkttype!=PKT_USER_ID)
    2309         775 :             continue;
    2310             : 
    2311          41 :           if(cmp_user_ids(uid1->pkt->pkt.user_id,
    2312          41 :                           uid2->pkt->pkt.user_id)==0)
    2313             :             {
    2314             :               /* We have a duplicated uid */
    2315             :               kbnode_t sig1,last;
    2316             : 
    2317           4 :               any=1;
    2318             : 
    2319             :               /* Now take uid2's signatures, and attach them to
    2320             :                  uid1 */
    2321          56 :               for(last=uid2;last->next;last=last->next)
    2322             :                 {
    2323          56 :                   if(is_deleted_kbnode(last))
    2324           0 :                     continue;
    2325             : 
    2326          56 :                   if(last->next->pkt->pkttype==PKT_USER_ID
    2327          54 :                      || last->next->pkt->pkttype==PKT_PUBLIC_SUBKEY
    2328          52 :                      || last->next->pkt->pkttype==PKT_SECRET_SUBKEY)
    2329             :                     break;
    2330             :                 }
    2331             : 
    2332             :               /* Snip out uid2 */
    2333           4 :               (find_prev_kbnode(*keyblock,uid2,0))->next=last->next;
    2334             : 
    2335             :               /* Now put uid2 in place as part of uid1 */
    2336           4 :               last->next=uid1->next;
    2337           4 :               uid1->next=uid2;
    2338           4 :               delete_kbnode(uid2);
    2339             : 
    2340             :               /* Now dedupe uid1 */
    2341         165 :               for(sig1=uid1->next;sig1;sig1=sig1->next)
    2342             :                 {
    2343             :                   kbnode_t sig2;
    2344             : 
    2345         165 :                   if(is_deleted_kbnode(sig1))
    2346          58 :                     continue;
    2347             : 
    2348         107 :                   if(sig1->pkt->pkttype==PKT_USER_ID
    2349         104 :                      || sig1->pkt->pkttype==PKT_PUBLIC_SUBKEY
    2350         103 :                      || sig1->pkt->pkttype==PKT_SECRET_SUBKEY)
    2351             :                     break;
    2352             : 
    2353         103 :                   if(sig1->pkt->pkttype!=PKT_SIGNATURE)
    2354           0 :                     continue;
    2355             : 
    2356        4161 :                   for(sig2=sig1->next,last=sig1;sig2;last=sig2,sig2=sig2->next)
    2357             :                     {
    2358        4161 :                       if(is_deleted_kbnode(sig2))
    2359        1454 :                         continue;
    2360             : 
    2361        2707 :                       if(sig2->pkt->pkttype==PKT_USER_ID
    2362        2648 :                          || sig2->pkt->pkttype==PKT_PUBLIC_SUBKEY
    2363        2604 :                          || sig2->pkt->pkttype==PKT_SECRET_SUBKEY)
    2364             :                         break;
    2365             : 
    2366        2604 :                       if(sig2->pkt->pkttype!=PKT_SIGNATURE)
    2367           0 :                         continue;
    2368             : 
    2369        2604 :                       if(cmp_signatures(sig1->pkt->pkt.signature,
    2370        2604 :                                         sig2->pkt->pkt.signature)==0)
    2371             :                         {
    2372             :                           /* We have a match, so delete the second
    2373             :                              signature */
    2374          54 :                           delete_kbnode(sig2);
    2375          54 :                           sig2=last;
    2376             :                         }
    2377             :                     }
    2378             :                 }
    2379             :             }
    2380             :         }
    2381             :     }
    2382             : 
    2383          88 :   commit_kbnode(keyblock);
    2384             : 
    2385          88 :   if(any && !opt.quiet)
    2386             :     {
    2387           2 :       const char *key="???";
    2388             : 
    2389           2 :       if ((uid1 = find_kbnode (*keyblock, PKT_PUBLIC_KEY)) )
    2390           2 :         key = keystr_from_pk (uid1->pkt->pkt.public_key);
    2391           0 :       else if ((uid1 = find_kbnode( *keyblock, PKT_SECRET_KEY)) )
    2392           0 :         key = keystr_from_pk (uid1->pkt->pkt.public_key);
    2393             : 
    2394           2 :       log_info (_("key %s: duplicated user ID detected - merged\n"), key);
    2395             :     }
    2396             : 
    2397          88 :   return any;
    2398             : }
    2399             : 
    2400             : 
    2401             : /* Check for a 0x20 revocation from a revocation key that is not
    2402             :    present.  This may be called without the benefit of merge_xxxx so
    2403             :    you can't rely on pk->revkey and friends. */
    2404             : static void
    2405          59 : revocation_present (ctrl_t ctrl, kbnode_t keyblock)
    2406             : {
    2407             :   kbnode_t onode, inode;
    2408          59 :   PKT_public_key *pk = keyblock->pkt->pkt.public_key;
    2409             : 
    2410          60 :   for(onode=keyblock->next;onode;onode=onode->next)
    2411             :     {
    2412             :       /* If we reach user IDs, we're done. */
    2413          60 :       if(onode->pkt->pkttype==PKT_USER_ID)
    2414          59 :         break;
    2415             : 
    2416           2 :       if(onode->pkt->pkttype==PKT_SIGNATURE &&
    2417           2 :          onode->pkt->pkt.signature->sig_class==0x1F &&
    2418           1 :          onode->pkt->pkt.signature->revkey)
    2419             :         {
    2420             :           int idx;
    2421           1 :           PKT_signature *sig=onode->pkt->pkt.signature;
    2422             : 
    2423           2 :           for(idx=0;idx<sig->numrevkeys;idx++)
    2424             :             {
    2425             :               u32 keyid[2];
    2426             : 
    2427           1 :               keyid_from_fingerprint(sig->revkey[idx].fpr,
    2428             :                                      MAX_FINGERPRINT_LEN,keyid);
    2429             : 
    2430           2 :               for(inode=keyblock->next;inode;inode=inode->next)
    2431             :                 {
    2432             :                   /* If we reach user IDs, we're done. */
    2433           2 :                   if(inode->pkt->pkttype==PKT_USER_ID)
    2434           1 :                     break;
    2435             : 
    2436           2 :                   if(inode->pkt->pkttype==PKT_SIGNATURE &&
    2437           1 :                      inode->pkt->pkt.signature->sig_class==0x20 &&
    2438           0 :                      inode->pkt->pkt.signature->keyid[0]==keyid[0] &&
    2439           0 :                      inode->pkt->pkt.signature->keyid[1]==keyid[1])
    2440             :                     {
    2441             :                       /* Okay, we have a revocation key, and a
    2442             :                          revocation issued by it.  Do we have the key
    2443             :                          itself? */
    2444             :                       int rc;
    2445             : 
    2446           0 :                       rc=get_pubkey_byfprint_fast (NULL,sig->revkey[idx].fpr,
    2447             :                                                    MAX_FINGERPRINT_LEN);
    2448           0 :                       if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY
    2449           0 :                           || gpg_err_code (rc) == GPG_ERR_UNUSABLE_PUBKEY)
    2450             :                         {
    2451           0 :                           char *tempkeystr=xstrdup(keystr_from_pk(pk));
    2452             : 
    2453             :                           /* No, so try and get it */
    2454           0 :                           if(opt.keyserver
    2455           0 :                              && (opt.keyserver_options.options
    2456           0 :                                  & KEYSERVER_AUTO_KEY_RETRIEVE))
    2457             :                             {
    2458           0 :                               log_info(_("WARNING: key %s may be revoked:"
    2459             :                                          " fetching revocation key %s\n"),
    2460             :                                        tempkeystr,keystr(keyid));
    2461           0 :                               keyserver_import_fprint (ctrl,
    2462           0 :                                                        sig->revkey[idx].fpr,
    2463             :                                                        MAX_FINGERPRINT_LEN,
    2464             :                                                        opt.keyserver);
    2465             : 
    2466             :                               /* Do we have it now? */
    2467           0 :                               rc=get_pubkey_byfprint_fast (NULL,
    2468           0 :                                                      sig->revkey[idx].fpr,
    2469             :                                                      MAX_FINGERPRINT_LEN);
    2470             :                             }
    2471             : 
    2472           0 :                           if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY
    2473           0 :                               || gpg_err_code (rc) == GPG_ERR_UNUSABLE_PUBKEY)
    2474           0 :                             log_info(_("WARNING: key %s may be revoked:"
    2475             :                                        " revocation key %s not present.\n"),
    2476             :                                      tempkeystr,keystr(keyid));
    2477             : 
    2478           0 :                           xfree(tempkeystr);
    2479             :                         }
    2480             :                     }
    2481             :                 }
    2482             :             }
    2483             :         }
    2484             :     }
    2485          59 : }
    2486             : 
    2487             : 
    2488             : /*
    2489             :  * compare and merge the blocks
    2490             :  *
    2491             :  * o compare the signatures: If we already have this signature, check
    2492             :  *   that they compare okay; if not, issue a warning and ask the user.
    2493             :  * o Simply add the signature.  Can't verify here because we may not have
    2494             :  *   the signature's public key yet; verification is done when putting it
    2495             :  *   into the trustdb, which is done automagically as soon as this pubkey
    2496             :  *   is used.
    2497             :  * Note: We indicate newly inserted packets with flag bit 0
    2498             :  */
    2499             : static int
    2500          31 : merge_blocks (const char *fname, kbnode_t keyblock_orig, kbnode_t keyblock,
    2501             :               u32 *keyid, int *n_uids, int *n_sigs, int *n_subk )
    2502             : {
    2503             :   kbnode_t onode, node;
    2504             :   int rc, found;
    2505             : 
    2506             :   /* 1st: handle revocation certificates */
    2507          32 :   for (node=keyblock->next; node; node=node->next )
    2508             :     {
    2509          32 :       if (node->pkt->pkttype == PKT_USER_ID )
    2510          31 :         break;
    2511           1 :       else if (node->pkt->pkttype == PKT_SIGNATURE
    2512           1 :                && node->pkt->pkt.signature->sig_class == 0x20)
    2513             :         {
    2514             :           /* check whether we already have this */
    2515           0 :           found = 0;
    2516           0 :           for (onode=keyblock_orig->next; onode; onode=onode->next)
    2517             :             {
    2518           0 :               if (onode->pkt->pkttype == PKT_USER_ID )
    2519           0 :                 break;
    2520           0 :               else if (onode->pkt->pkttype == PKT_SIGNATURE
    2521           0 :                        && onode->pkt->pkt.signature->sig_class == 0x20
    2522           0 :                        && !cmp_signatures(onode->pkt->pkt.signature,
    2523           0 :                                           node->pkt->pkt.signature))
    2524             :                 {
    2525           0 :                   found = 1;
    2526           0 :                   break;
    2527             :                 }
    2528             :             }
    2529           0 :           if (!found)
    2530             :             {
    2531           0 :               kbnode_t n2 = clone_kbnode(node);
    2532           0 :               insert_kbnode( keyblock_orig, n2, 0 );
    2533           0 :               n2->flag |= 1;
    2534           0 :               ++*n_sigs;
    2535           0 :               if(!opt.quiet)
    2536             :                 {
    2537           0 :                   char *p=get_user_id_native (keyid);
    2538           0 :                   log_info(_("key %s: \"%s\" revocation"
    2539             :                              " certificate added\n"), keystr(keyid),p);
    2540           0 :                   xfree(p);
    2541             :                 }
    2542             :             }
    2543             :         }
    2544             :     }
    2545             : 
    2546             :   /* 2nd: merge in any direct key (0x1F) sigs */
    2547          32 :   for(node=keyblock->next; node; node=node->next)
    2548             :     {
    2549          32 :       if (node->pkt->pkttype == PKT_USER_ID )
    2550          31 :         break;
    2551           1 :       else if (node->pkt->pkttype == PKT_SIGNATURE
    2552           1 :                && node->pkt->pkt.signature->sig_class == 0x1F)
    2553             :         {
    2554             :           /* check whether we already have this */
    2555           1 :           found = 0;
    2556           1 :           for (onode=keyblock_orig->next; onode; onode=onode->next)
    2557             :             {
    2558           1 :               if (onode->pkt->pkttype == PKT_USER_ID)
    2559           1 :                 break;
    2560           0 :               else if (onode->pkt->pkttype == PKT_SIGNATURE
    2561           0 :                        && onode->pkt->pkt.signature->sig_class == 0x1F
    2562           0 :                        && !cmp_signatures(onode->pkt->pkt.signature,
    2563           0 :                                           node->pkt->pkt.signature))
    2564             :                 {
    2565           0 :                   found = 1;
    2566           0 :                   break;
    2567             :                 }
    2568             :             }
    2569           1 :           if (!found )
    2570             :             {
    2571           1 :               kbnode_t n2 = clone_kbnode(node);
    2572           1 :               insert_kbnode( keyblock_orig, n2, 0 );
    2573           1 :               n2->flag |= 1;
    2574           1 :               ++*n_sigs;
    2575           1 :               if(!opt.quiet)
    2576           1 :                 log_info( _("key %s: direct key signature added\n"),
    2577             :                           keystr(keyid));
    2578             :             }
    2579             :         }
    2580             :     }
    2581             : 
    2582             :   /* 3rd: try to merge new certificates in */
    2583         171 :   for (onode=keyblock_orig->next; onode; onode=onode->next)
    2584             :     {
    2585         140 :       if (!(onode->flag & 1) && onode->pkt->pkttype == PKT_USER_ID)
    2586             :         {
    2587             :           /* find the user id in the imported keyblock */
    2588          62 :           for (node=keyblock->next; node; node=node->next)
    2589          62 :             if (node->pkt->pkttype == PKT_USER_ID
    2590          50 :                 && !cmp_user_ids( onode->pkt->pkt.user_id,
    2591          50 :                                   node->pkt->pkt.user_id ) )
    2592          39 :               break;
    2593          39 :           if (node ) /* found: merge */
    2594             :             {
    2595          39 :               rc = merge_sigs( onode, node, n_sigs, fname, keyid );
    2596          39 :               if (rc )
    2597           0 :                 return rc;
    2598             :             }
    2599             :         }
    2600             :     }
    2601             : 
    2602             :   /* 4th: add new user-ids */
    2603         164 :   for (node=keyblock->next; node; node=node->next)
    2604             :     {
    2605         133 :       if (node->pkt->pkttype == PKT_USER_ID)
    2606             :         {
    2607             :           /* do we have this in the original keyblock */
    2608          64 :           for (onode=keyblock_orig->next; onode; onode=onode->next )
    2609          64 :             if (onode->pkt->pkttype == PKT_USER_ID
    2610          50 :                 && !cmp_user_ids( onode->pkt->pkt.user_id,
    2611          50 :                                   node->pkt->pkt.user_id ) )
    2612          39 :               break;
    2613          39 :           if (!onode ) /* this is a new user id: append */
    2614             :             {
    2615           0 :               rc = append_uid( keyblock_orig, node, n_sigs, fname, keyid);
    2616           0 :               if (rc )
    2617           0 :                 return rc;
    2618           0 :               ++*n_uids;
    2619             :             }
    2620             :         }
    2621             :     }
    2622             : 
    2623             :   /* 5th: add new subkeys */
    2624         164 :   for (node=keyblock->next; node; node=node->next)
    2625             :     {
    2626         133 :       onode = NULL;
    2627         133 :       if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
    2628             :         {
    2629             :           /* do we have this in the original keyblock? */
    2630         101 :           for(onode=keyblock_orig->next; onode; onode=onode->next)
    2631         101 :             if (onode->pkt->pkttype == PKT_PUBLIC_SUBKEY
    2632          28 :                 && !cmp_public_keys( onode->pkt->pkt.public_key,
    2633          28 :                                      node->pkt->pkt.public_key))
    2634          28 :               break;
    2635          28 :           if (!onode ) /* This is a new subkey: append.  */
    2636             :             {
    2637           0 :               rc = append_key (keyblock_orig, node, n_sigs, fname, keyid);
    2638           0 :               if (rc)
    2639           0 :                 return rc;
    2640           0 :               ++*n_subk;
    2641             :             }
    2642             :         }
    2643         105 :       else if (node->pkt->pkttype == PKT_SECRET_SUBKEY)
    2644             :         {
    2645             :           /* do we have this in the original keyblock? */
    2646           0 :           for (onode=keyblock_orig->next; onode; onode=onode->next )
    2647           0 :             if (onode->pkt->pkttype == PKT_SECRET_SUBKEY
    2648           0 :                 && !cmp_public_keys (onode->pkt->pkt.public_key,
    2649           0 :                                      node->pkt->pkt.public_key) )
    2650           0 :               break;
    2651           0 :           if (!onode ) /* This is a new subkey: append.  */
    2652             :             {
    2653           0 :               rc = append_key (keyblock_orig, node, n_sigs, fname, keyid);
    2654           0 :               if (rc )
    2655           0 :                 return rc;
    2656           0 :               ++*n_subk;
    2657             :             }
    2658             :         }
    2659             :     }
    2660             : 
    2661             :   /* 6th: merge subkey certificates */
    2662         171 :   for (onode=keyblock_orig->next; onode; onode=onode->next)
    2663             :     {
    2664         140 :       if (!(onode->flag & 1)
    2665         138 :           && (onode->pkt->pkttype == PKT_PUBLIC_SUBKEY
    2666         108 :               || onode->pkt->pkttype == PKT_SECRET_SUBKEY))
    2667             :         {
    2668             :           /* find the subkey in the imported keyblock */
    2669         104 :           for(node=keyblock->next; node; node=node->next)
    2670             :             {
    2671         102 :               if ((node->pkt->pkttype == PKT_PUBLIC_SUBKEY
    2672          74 :                    || node->pkt->pkttype == PKT_SECRET_SUBKEY)
    2673          28 :                   && !cmp_public_keys( onode->pkt->pkt.public_key,
    2674          28 :                                        node->pkt->pkt.public_key ) )
    2675          28 :                 break;
    2676             :             }
    2677          30 :           if (node) /* Found: merge.  */
    2678             :             {
    2679          28 :               rc = merge_keysigs( onode, node, n_sigs, fname, keyid );
    2680          28 :               if (rc )
    2681           0 :                 return rc;
    2682             :             }
    2683             :         }
    2684             :     }
    2685             : 
    2686          31 :   return 0;
    2687             : }
    2688             : 
    2689             : 
    2690             : /*
    2691             :  * Append the userid starting with NODE and all signatures to KEYBLOCK.
    2692             :  */
    2693             : static int
    2694           0 : append_uid (kbnode_t keyblock, kbnode_t node, int *n_sigs,
    2695             :             const char *fname, u32 *keyid )
    2696             : {
    2697             :   kbnode_t n;
    2698           0 :   kbnode_t n_where = NULL;
    2699             : 
    2700             :   (void)fname;
    2701             :   (void)keyid;
    2702             : 
    2703           0 :   assert(node->pkt->pkttype == PKT_USER_ID );
    2704             : 
    2705             :   /* find the position */
    2706           0 :   for (n = keyblock; n; n_where = n, n = n->next)
    2707             :     {
    2708           0 :       if (n->pkt->pkttype == PKT_PUBLIC_SUBKEY
    2709           0 :           || n->pkt->pkttype == PKT_SECRET_SUBKEY )
    2710             :         break;
    2711             :     }
    2712           0 :   if (!n)
    2713           0 :     n_where = NULL;
    2714             : 
    2715             :   /* and append/insert */
    2716           0 :   while (node)
    2717             :     {
    2718             :       /* we add a clone to the original keyblock, because this
    2719             :        * one is released first */
    2720           0 :       n = clone_kbnode(node);
    2721           0 :       if (n_where)
    2722             :         {
    2723           0 :           insert_kbnode( n_where, n, 0 );
    2724           0 :           n_where = n;
    2725             :         }
    2726             :       else
    2727           0 :         add_kbnode( keyblock, n );
    2728           0 :       n->flag |= 1;
    2729           0 :       node->flag |= 1;
    2730           0 :       if (n->pkt->pkttype == PKT_SIGNATURE )
    2731           0 :         ++*n_sigs;
    2732             : 
    2733           0 :       node = node->next;
    2734           0 :       if (node && node->pkt->pkttype != PKT_SIGNATURE )
    2735           0 :         break;
    2736             :     }
    2737             : 
    2738           0 :   return 0;
    2739             : }
    2740             : 
    2741             : 
    2742             : /*
    2743             :  * Merge the sigs from SRC onto DST. SRC and DST are both a PKT_USER_ID.
    2744             :  * (how should we handle comment packets here?)
    2745             :  */
    2746             : static int
    2747          39 : merge_sigs (kbnode_t dst, kbnode_t src, int *n_sigs,
    2748             :             const char *fname, u32 *keyid)
    2749             : {
    2750             :   kbnode_t n, n2;
    2751          39 :   int found = 0;
    2752             : 
    2753             :   (void)fname;
    2754             :   (void)keyid;
    2755             : 
    2756          39 :   assert(dst->pkt->pkttype == PKT_USER_ID );
    2757          39 :   assert(src->pkt->pkttype == PKT_USER_ID );
    2758             : 
    2759         132 :   for (n=src->next; n && n->pkt->pkttype != PKT_USER_ID; n = n->next)
    2760             :     {
    2761          93 :       if (n->pkt->pkttype != PKT_SIGNATURE )
    2762          28 :         continue;
    2763          65 :       if (n->pkt->pkt.signature->sig_class == 0x18
    2764          37 :           || n->pkt->pkt.signature->sig_class == 0x28 )
    2765          28 :         continue; /* skip signatures which are only valid on subkeys */
    2766             : 
    2767          37 :       found = 0;
    2768          38 :       for (n2=dst->next; n2 && n2->pkt->pkttype != PKT_USER_ID; n2 = n2->next)
    2769          37 :         if (!cmp_signatures(n->pkt->pkt.signature,n2->pkt->pkt.signature))
    2770             :           {
    2771          36 :             found++;
    2772          36 :             break;
    2773             :           }
    2774          37 :       if (!found )
    2775             :         {
    2776             :           /* This signature is new or newer, append N to DST.
    2777             :            * We add a clone to the original keyblock, because this
    2778             :            * one is released first */
    2779           1 :           n2 = clone_kbnode(n);
    2780           1 :           insert_kbnode( dst, n2, PKT_SIGNATURE );
    2781           1 :           n2->flag |= 1;
    2782           1 :           n->flag |= 1;
    2783           1 :           ++*n_sigs;
    2784             :         }
    2785             :     }
    2786             : 
    2787          39 :   return 0;
    2788             : }
    2789             : 
    2790             : 
    2791             : /*
    2792             :  * Merge the sigs from SRC onto DST. SRC and DST are both a PKT_xxx_SUBKEY.
    2793             :  */
    2794             : static int
    2795          28 : merge_keysigs (kbnode_t dst, kbnode_t src, int *n_sigs,
    2796             :                const char *fname, u32 *keyid)
    2797             : {
    2798             :   kbnode_t n, n2;
    2799          28 :   int found = 0;
    2800             : 
    2801             :   (void)fname;
    2802             :   (void)keyid;
    2803             : 
    2804          28 :   assert (dst->pkt->pkttype == PKT_PUBLIC_SUBKEY
    2805             :           || dst->pkt->pkttype == PKT_SECRET_SUBKEY);
    2806             : 
    2807          56 :   for (n=src->next; n ; n = n->next)
    2808             :     {
    2809          28 :       if (n->pkt->pkttype == PKT_PUBLIC_SUBKEY
    2810          28 :           || n->pkt->pkttype == PKT_PUBLIC_KEY )
    2811             :         break;
    2812          28 :       if (n->pkt->pkttype != PKT_SIGNATURE )
    2813           0 :         continue;
    2814             : 
    2815          28 :       found = 0;
    2816          28 :       for (n2=dst->next; n2; n2 = n2->next)
    2817             :         {
    2818          28 :           if (n2->pkt->pkttype == PKT_PUBLIC_SUBKEY
    2819          28 :               || n2->pkt->pkttype == PKT_PUBLIC_KEY )
    2820             :             break;
    2821          28 :           if (n2->pkt->pkttype == PKT_SIGNATURE
    2822          56 :               && (n->pkt->pkt.signature->keyid[0]
    2823          28 :                   == n2->pkt->pkt.signature->keyid[0])
    2824          56 :               && (n->pkt->pkt.signature->keyid[1]
    2825          28 :                   == n2->pkt->pkt.signature->keyid[1])
    2826          56 :               && (n->pkt->pkt.signature->timestamp
    2827          28 :                   <= n2->pkt->pkt.signature->timestamp)
    2828          56 :               && (n->pkt->pkt.signature->sig_class
    2829          28 :                   == n2->pkt->pkt.signature->sig_class))
    2830             :             {
    2831          28 :               found++;
    2832          28 :               break;
    2833             :             }
    2834             :         }
    2835          28 :       if (!found )
    2836             :         {
    2837             :           /* This signature is new or newer, append N to DST.
    2838             :            * We add a clone to the original keyblock, because this
    2839             :            * one is released first */
    2840           0 :           n2 = clone_kbnode(n);
    2841           0 :           insert_kbnode( dst, n2, PKT_SIGNATURE );
    2842           0 :           n2->flag |= 1;
    2843           0 :           n->flag |= 1;
    2844           0 :           ++*n_sigs;
    2845             :         }
    2846             :     }
    2847             : 
    2848          28 :   return 0;
    2849             : }
    2850             : 
    2851             : 
    2852             : /*
    2853             :  * Append the subkey starting with NODE and all signatures to KEYBLOCK.
    2854             :  * Mark all new and copied packets by setting flag bit 0.
    2855             :  */
    2856             : static int
    2857           0 : append_key (kbnode_t keyblock, kbnode_t node, int *n_sigs,
    2858             :             const char *fname, u32 *keyid)
    2859             : {
    2860             :   kbnode_t n;
    2861             : 
    2862             :   (void)fname;
    2863             :   (void)keyid;
    2864             : 
    2865           0 :   assert( node->pkt->pkttype == PKT_PUBLIC_SUBKEY
    2866             :           || node->pkt->pkttype == PKT_SECRET_SUBKEY );
    2867             : 
    2868           0 :   while (node)
    2869             :     {
    2870             :       /* we add a clone to the original keyblock, because this
    2871             :        * one is released first */
    2872           0 :       n = clone_kbnode(node);
    2873           0 :       add_kbnode( keyblock, n );
    2874           0 :       n->flag |= 1;
    2875           0 :       node->flag |= 1;
    2876           0 :       if (n->pkt->pkttype == PKT_SIGNATURE )
    2877           0 :         ++*n_sigs;
    2878             : 
    2879           0 :       node = node->next;
    2880           0 :       if (node && node->pkt->pkttype != PKT_SIGNATURE )
    2881           0 :         break;
    2882             :     }
    2883             : 
    2884           0 :   return 0;
    2885             : }

Generated by: LCOV version 1.11