55
54
ulong skipped_new_keys;
56
55
ulong not_imported;
60
static int import( iobuf_t inp, const char* fname,
61
struct stats_s *stats, unsigned int options );
62
static int read_block( iobuf_t a, PACKET **pending_pkt, KBNODE *ret_root );
61
static int import( IOBUF inp, const char* fname,struct stats_s *stats,
62
unsigned char **fpr,size_t *fpr_len,unsigned int options );
63
static int read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root );
63
64
static void revocation_present(KBNODE keyblock);
64
static int import_one( const char *fname, KBNODE keyblock,
65
struct stats_s *stats, unsigned int options);
65
static int import_one(const char *fname, KBNODE keyblock,struct stats_s *stats,
66
unsigned char **fpr,size_t *fpr_len,
67
unsigned int options,int from_sk);
66
68
static int import_secret_one( const char *fname, KBNODE keyblock,
67
69
struct stats_s *stats, unsigned int options);
68
70
static int import_revoke_cert( const char *fname, KBNODE node,
84
86
const char *fname, u32 *keyid );
87
parse_import_options(char *str,unsigned int *options)
89
parse_import_options(char *str,unsigned int *options,int noisy)
89
91
struct parse_options import_opts[]=
91
{"allow-local-sigs",IMPORT_ALLOW_LOCAL_SIGS},
92
{"repair-hkp-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG},
93
{"repair-pks-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG},
94
{"fast-import",IMPORT_FAST_IMPORT},
95
{"convert-sk-to-pk",IMPORT_SK2PK},
93
{"import-local-sigs",IMPORT_LOCAL_SIGS,NULL,
94
N_("import signatures that are marked as local-only")},
95
{"repair-pks-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG,NULL,
96
N_("repair damage from the pks keyserver during import")},
97
{"fast-import",IMPORT_FAST,NULL,
98
N_("do not update the trustdb after import")},
99
{"convert-sk-to-pk",IMPORT_SK2PK,NULL,
100
N_("create a public key when importing a secret key")},
101
{"merge-only",IMPORT_MERGE_ONLY,NULL,
102
N_("only accept updates to existing keys")},
103
{"import-clean",IMPORT_CLEAN,NULL,
104
N_("remove unusable parts from key after import")},
105
{"import-minimal",IMPORT_MINIMAL|IMPORT_CLEAN,NULL,
106
N_("remove as much as possible from key after import")},
107
/* Aliases for backward compatibility */
108
{"allow-local-sigs",IMPORT_LOCAL_SIGS,NULL,NULL},
109
{"repair-hkp-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG,NULL,NULL},
111
{"import-unusable-sigs",0,NULL,NULL},
112
{"import-clean-sigs",0,NULL,NULL},
113
{"import-clean-uids",0,NULL,NULL},
99
return parse_options(str,options,import_opts);
117
return parse_options(str,options,import_opts,noisy);
103
121
import_new_stats_handle (void)
105
return xcalloc (1, sizeof (struct stats_s) );
123
return xmalloc_clear ( sizeof (struct stats_s) );
203
226
import_keys( char **fnames, int nnames,
204
227
void *stats_handle, unsigned int options )
206
import_keys_internal( NULL, fnames, nnames, stats_handle, options);
229
import_keys_internal(NULL,fnames,nnames,stats_handle,NULL,NULL,options);
210
import_keys_stream( iobuf_t inp, void *stats_handle, unsigned int options )
233
import_keys_stream( IOBUF inp, void *stats_handle,
234
unsigned char **fpr, size_t *fpr_len,unsigned int options )
212
return import_keys_internal( inp, NULL, 0, stats_handle, options);
236
return import_keys_internal(inp,NULL,0,stats_handle,fpr,fpr_len,options);
216
import( iobuf_t inp, const char* fname,
217
struct stats_s *stats, unsigned int options )
240
import( IOBUF inp, const char* fname,struct stats_s *stats,
241
unsigned char **fpr,size_t *fpr_len,unsigned int options )
219
243
PACKET *pending_pkt = NULL;
244
KBNODE keyblock = NULL; /* Need to initialize because gcc can't
245
grasp the return semantics of
223
249
getkey_disable_caches();
225
251
if( !opt.no_armor ) { /* armored reading is not disabled */
226
armor_filter_context_t *afx = xcalloc (1, sizeof *afx );
252
armor_filter_context_t *afx;
254
afx = new_armor_context ();
227
255
afx->only_keyblocks = 1;
228
iobuf_push_filter2( inp, armor_filter, afx, 1 );
256
push_armor_filter (afx, inp);
257
release_armor_context (afx);
231
260
while( !(rc = read_block( inp, &pending_pkt, &keyblock) )) {
232
261
if( keyblock->pkt->pkttype == PKT_PUBLIC_KEY )
233
rc = import_one( fname, keyblock, stats, options );
262
rc = import_one( fname, keyblock, stats, fpr, fpr_len, options, 0);
234
263
else if( keyblock->pkt->pkttype == PKT_SECRET_KEY )
235
264
rc = import_secret_one( fname, keyblock, stats, options );
236
265
else if( keyblock->pkt->pkttype == PKT_SIGNATURE
567
check_prefs_warning(PKT_public_key *pk)
569
log_info(_("WARNING: key %s contains preferences for unavailable\n"
570
"algorithms on these user IDs:\n"), keystr_from_pk(pk));
574
check_prefs(KBNODE keyblock)
580
merge_keys_and_selfsig(keyblock);
581
pk=keyblock->pkt->pkt.public_key;
583
for(node=keyblock;node;node=node->next)
585
if(node->pkt->pkttype==PKT_USER_ID
586
&& node->pkt->pkt.user_id->created
587
&& node->pkt->pkt.user_id->prefs)
589
PKT_user_id *uid=node->pkt->pkt.user_id;
590
prefitem_t *prefs=uid->prefs;
591
char *user=utf8_to_native(uid->name,strlen(uid->name),0);
593
for(;prefs->type;prefs++)
595
char num[10]; /* prefs->value is a byte, so we're over
598
sprintf(num,"%u",prefs->value);
600
if(prefs->type==PREFTYPE_SYM)
602
if (openpgp_cipher_test_algo (prefs->value))
605
(openpgp_cipher_test_algo (prefs->value)
607
: openpgp_cipher_algo_name (prefs->value));
609
check_prefs_warning(pk);
610
log_info(_(" \"%s\": preference for cipher"
611
" algorithm %s\n"), user, algo);
615
else if(prefs->type==PREFTYPE_HASH)
617
if(openpgp_md_test_algo(prefs->value))
620
(gcry_md_test_algo (prefs->value)
622
: gcry_md_algo_name (prefs->value));
624
check_prefs_warning(pk);
625
log_info(_(" \"%s\": preference for digest"
626
" algorithm %s\n"), user, algo);
630
else if(prefs->type==PREFTYPE_ZIP)
632
if(check_compress_algo (prefs->value))
634
const char *algo=compress_algo_to_string(prefs->value);
636
check_prefs_warning(pk);
637
log_info(_(" \"%s\": preference for compression"
638
" algorithm %s\n"),user,algo?algo:num);
650
log_info(_("it is strongly suggested that you update"
651
" your preferences and\n"));
652
log_info(_("re-distribute this key to avoid potential algorithm"
653
" mismatch problems\n"));
657
strlist_t sl=NULL,locusr=NULL;
659
byte fpr[MAX_FINGERPRINT_LEN],*p;
660
char username[(MAX_FINGERPRINT_LEN*2)+1];
663
p=fingerprint_from_pk(pk,fpr,&fprlen);
664
for(i=0;i<fprlen;i++,p++)
665
sprintf(username+2*i,"%02X",*p);
666
add_to_strlist(&locusr,username);
668
append_to_strlist(&sl,"updpref");
669
append_to_strlist(&sl,"save");
671
keyedit_menu( username, locusr, sl, 1, 1 );
673
free_strlist(locusr);
676
log_info(_("you can update your preferences with:"
677
" gpg --edit-key %s updpref save\n"),keystr_from_pk(pk));
533
681
/****************
534
682
* Try to import one keyblock. Return an error only in serious cases, but
535
683
* never for an invalid keyblock. It uses log_error to increase the
558
707
pk = node->pkt->pkt.public_key;
559
709
keyid_from_pk( pk, keyid );
560
710
uidnode = find_next_kbnode( keyblock, PKT_USER_ID );
562
if(pk->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
563
log_info(_("NOTE: Elgamal primary key detected - "
564
"this may take some time to import\n"));
566
if( opt.verbose && !opt.interactive ) {
567
log_info( "pub %4u%c/%08lX %s ",
712
if( opt.verbose && !opt.interactive )
714
log_info( "pub %4u%c/%s %s ",
568
715
nbits_from_pk( pk ),
569
716
pubkey_letter( pk->pubkey_algo ),
570
(ulong)keyid[1], datestr_from_pk(pk) );
717
keystr_from_pk(pk), datestr_from_pk(pk) );
572
print_utf8_string( stderr, uidnode->pkt->pkt.user_id->name,
573
uidnode->pkt->pkt.user_id->len );
577
log_error( _("key %08lX: no user ID\n"), (ulong)keyid[1]);
719
print_utf8_string( stderr, uidnode->pkt->pkt.user_id->name,
720
uidnode->pkt->pkt.user_id->len );
726
log_error( _("key %s: no user ID\n"), keystr_from_pk(pk));
581
730
if (opt.interactive) {
582
731
if(is_status_enabled())
609
767
char *user=utf8_to_native(node->pkt->pkt.user_id->name,
610
768
node->pkt->pkt.user_id->len,0);
612
log_info( _("key %08lX: accepted non self-signed user ID '%s'\n"),
613
(ulong)keyid[1],user);
770
log_info( _("key %s: accepted non self-signed user ID \"%s\"\n"),
771
keystr_from_pk(pk),user);
617
775
if( !delete_inv_parts( fname, keyblock, keyid, options ) ) {
618
log_error ( _("key %08lX: no valid user IDs\n"), (ulong)keyid[1]);
776
log_error( _("key %s: no valid user IDs\n"), keystr_from_pk(pk));
620
log_info(_("this may be caused by a missing self-signature\n"));
778
log_info(_("this may be caused by a missing self-signature\n"));
621
779
stats->no_user_id++;
625
783
/* do we have this key already in one of our pubrings ? */
626
pk_orig = xcalloc (1, sizeof *pk_orig );
784
pk_orig = xmalloc_clear( sizeof *pk_orig );
627
785
rc = get_pubkey_fast ( pk_orig, keyid );
628
if( rc && gpg_err_code (rc) != GPG_ERR_NO_PUBKEY
629
&& gpg_err_code (rc) != GPG_ERR_UNUSABLE_PUBKEY ) {
630
log_error( _("key %08lX: public key not found: %s\n"),
631
(ulong)keyid[1], gpg_strerror (rc));
633
else if ( rc && opt.merge_only ) {
786
if( rc && rc != G10ERR_NO_PUBKEY && rc != G10ERR_UNU_PUBKEY )
788
log_error( _("key %s: public key not found: %s\n"),
789
keystr(keyid), g10_errstr(rc));
791
else if ( rc && (opt.import_options&IMPORT_MERGE_ONLY) )
634
793
if( opt.verbose )
635
log_info( _("key %08lX: new key - skipped\n"), (ulong)keyid[1] );
794
log_info( _("key %s: new key - skipped\n"), keystr(keyid));
637
796
stats->skipped_new_keys++;
639
798
else if( rc ) { /* insert this key */
640
799
KEYDB_HANDLE hd = keydb_new (0);
642
801
rc = keydb_locate_writable (hd, NULL);
644
log_error (_("no writable keyring found: %s\n"), gpg_strerror (rc));
803
log_error (_("no writable keyring found: %s\n"), g10_errstr (rc));
645
804
keydb_release (hd);
646
return GPG_ERR_GENERAL;
805
return G10ERR_GENERAL;
648
807
if( opt.verbose > 1 )
649
808
log_info (_("writing to `%s'\n"), keydb_get_resource_name (hd) );
650
810
rc = keydb_insert_keyblock (hd, keyblock );
652
812
log_error (_("error writing keyring `%s': %s\n"),
653
keydb_get_resource_name (hd), gpg_strerror (rc));
813
keydb_get_resource_name (hd), g10_errstr(rc));
656
816
/* This should not be possible since we delete the
706
868
rc = keydb_search_fpr (hd, afp);
709
log_error (_("key %08lX: can't locate original keyblock: %s\n"),
710
(ulong)keyid[1], gpg_strerror (rc));
872
log_error (_("key %s: can't locate original keyblock: %s\n"),
873
keystr(keyid), g10_errstr(rc));
711
874
keydb_release (hd);
714
877
rc = keydb_get_keyblock (hd, &keyblock_orig );
716
log_error (_("key %08lX: can't read original keyblock: %s\n"),
717
(ulong)keyid[1], gpg_strerror (rc));
880
log_error (_("key %s: can't read original keyblock: %s\n"),
881
keystr(keyid), g10_errstr(rc));
718
882
keydb_release (hd);
722
collapse_uids( &keyblock );
723
886
/* and try to merge the block */
724
887
clear_kbnode_flags( keyblock_orig );
725
888
clear_kbnode_flags( keyblock );
726
n_uids = n_sigs = n_subk = 0;
889
n_uids = n_sigs = n_subk = n_sigs_cleaned = n_uids_cleaned = 0;
727
890
rc = merge_blocks( fname, keyblock_orig, keyblock,
728
keyid, &n_uids, &n_sigs, &n_subk );
891
keyid, &n_uids, &n_sigs, &n_subk );
730
894
keydb_release (hd);
733
if( n_uids || n_sigs || n_subk ) {
898
if(options&IMPORT_CLEAN)
899
clean_key(keyblock_orig,opt.verbose,options&IMPORT_MINIMAL,
900
&n_uids_cleaned,&n_sigs_cleaned);
902
if( n_uids || n_sigs || n_subk || n_sigs_cleaned || n_uids_cleaned) {
735
904
/* keyblock_orig has been updated; write */
736
905
rc = keydb_update_keyblock (hd, keyblock_orig);
738
907
log_error (_("error writing keyring `%s': %s\n"),
739
keydb_get_resource_name (hd), gpg_strerror (rc) );
908
keydb_get_resource_name (hd), g10_errstr(rc) );
740
909
else if(non_self)
741
910
revalidation_mark ();
743
912
/* we are ready */
745
char *p=get_user_id_printable(keyid);
915
char *p=get_user_id_native(keyid);
746
916
if( n_uids == 1 )
747
log_info( _("key %08lX: \"%s\" 1 new user ID\n"),
917
log_info( _("key %s: \"%s\" 1 new user ID\n"),
749
919
else if( n_uids )
750
log_info( _("key %08lX: \"%s\" %d new user IDs\n"),
751
(ulong)keyid[1], p, n_uids );
920
log_info( _("key %s: \"%s\" %d new user IDs\n"),
921
keystr(keyid),p,n_uids);
752
922
if( n_sigs == 1 )
753
log_info( _("key %08lX: \"%s\" 1 new signature\n"),
923
log_info( _("key %s: \"%s\" 1 new signature\n"),
755
925
else if( n_sigs )
756
log_info( _("key %08lX: \"%s\" %d new signatures\n"),
757
(ulong)keyid[1], p, n_sigs );
926
log_info( _("key %s: \"%s\" %d new signatures\n"),
927
keystr(keyid), p, n_sigs );
758
928
if( n_subk == 1 )
759
log_info( _("key %08lX: \"%s\" 1 new subkey\n"),
929
log_info( _("key %s: \"%s\" 1 new subkey\n"),
761
931
else if( n_subk )
762
log_info( _("key %08lX: \"%s\" %d new subkeys\n"),
763
(ulong)keyid[1], p, n_subk );
932
log_info( _("key %s: \"%s\" %d new subkeys\n"),
933
keystr(keyid), p, n_subk );
934
if(n_sigs_cleaned==1)
935
log_info(_("key %s: \"%s\" %d signature cleaned\n"),
936
keystr(keyid),p,n_sigs_cleaned);
937
else if(n_sigs_cleaned)
938
log_info(_("key %s: \"%s\" %d signatures cleaned\n"),
939
keystr(keyid),p,n_sigs_cleaned);
940
if(n_uids_cleaned==1)
941
log_info(_("key %s: \"%s\" %d user ID cleaned\n"),
942
keystr(keyid),p,n_uids_cleaned);
943
else if(n_uids_cleaned)
944
log_info(_("key %s: \"%s\" %d user IDs cleaned\n"),
945
keystr(keyid),p,n_uids_cleaned);
767
949
stats->n_uids +=n_uids;
768
950
stats->n_sigs +=n_sigs;
769
951
stats->n_subk +=n_subk;
952
stats->n_sigs_cleaned +=n_sigs_cleaned;
953
stats->n_uids_cleaned +=n_uids_cleaned;
771
955
if (is_status_enabled ())
772
956
print_import_ok (pk, NULL,
773
957
((n_uids?2:0)|(n_sigs?4:0)|(n_subk?8:0)));
776
if (is_status_enabled ())
777
print_import_ok (pk, NULL, 0);
780
char *p=get_user_id_printable(keyid);
781
log_info( _("key %08lX: \"%s\" not changed\n"),
961
if (is_status_enabled ())
962
print_import_ok (pk, NULL, 0);
966
char *p=get_user_id_native(keyid);
967
log_info( _("key %s: \"%s\" not changed\n"),keystr(keyid),p);
785
971
stats->unchanged++;
787
974
keydb_release (hd); hd = NULL;
979
/* Now that the key is definitely incorporated into the keydb, we
980
need to check if a designated revocation is present or if the
981
prefs are not rational so we can warn the user. */
985
revocation_present(keyblock_orig);
986
if(!from_sk && seckey_available(keyid)==0)
987
check_prefs(keyblock_orig);
991
/* A little explanation for this: we fill in the fingerprint
992
when importing keys as it can be useful to know the
993
fingerprint in certain keyserver-related cases (a keyserver
994
asked for a particular name, but the key doesn't have that
995
name). However, in cases where we're importing more than
996
one key at a time, we cannot know which key to fingerprint.
997
In these cases, rather than guessing, we do not fingerpring
998
at all, and we must hope the user ID on the keys are
1003
if(stats->imported==1)
1004
*fpr=fingerprint_from_pk(pk,NULL,fpr_len);
1009
revocation_present(keyblock);
1010
if(!from_sk && seckey_available(keyid)==0)
1011
check_prefs(keyblock);
791
1014
release_kbnode( keyblock_orig );
792
1015
free_public_key( pk_orig );
794
revocation_present(keyblock);
880
1106
keyid_from_sk( sk, keyid );
881
1107
uidnode = find_next_kbnode( keyblock, PKT_USER_ID );
884
log_info( "sec %4u%c/%08lX %s ",
1111
log_info( "sec %4u%c/%s %s ",
885
1112
nbits_from_sk( sk ),
886
1113
pubkey_letter( sk->pubkey_algo ),
887
(ulong)keyid[1], datestr_from_sk(sk) );
1114
keystr_from_sk(sk), datestr_from_sk(sk) );
889
print_utf8_string( stderr, uidnode->pkt->pkt.user_id->name,
890
uidnode->pkt->pkt.user_id->len );
1116
print_utf8_string( stderr, uidnode->pkt->pkt.user_id->name,
1117
uidnode->pkt->pkt.user_id->len );
893
1120
stats->secret_read++;
896
log_error( _("key %08lX: no user ID\n"), (ulong)keyid[1]);
1124
log_error( _("key %s: no user ID\n"), keystr_from_sk(sk));
900
1128
if(sk->protect.algo>110)
902
log_error(_("key %08lX: secret key with invalid cipher %d "
903
"- skipped\n"),(ulong)keyid[1],sk->protect.algo);
1130
log_error(_("key %s: secret key with invalid cipher %d"
1131
" - skipped\n"),keystr_from_sk(sk),sk->protect.algo);
1135
#ifdef ENABLE_SELINUX_HACKS
1138
/* We don't allow to import secret keys because that may be used
1139
to put a secret key into the keyring and the user might later
1140
be tricked into signing stuff with that key. */
1141
log_error (_("importing secret keys not allowed\n"));
907
1146
clear_kbnode_flags( keyblock );
909
1148
/* do we have this key already in one of our secrings ? */
910
1149
rc = seckey_available( keyid );
911
if( gpg_err_code (rc) == GPG_ERR_NO_SECKEY && !opt.merge_only ) {
912
/* simply insert this key */
1150
if( rc == G10ERR_NO_SECKEY && !(opt.import_options&IMPORT_MERGE_ONLY) )
1152
/* simply insert this key */
913
1153
KEYDB_HANDLE hd = keydb_new (1);
915
1155
/* get default resource */
916
1156
rc = keydb_locate_writable (hd, NULL);
918
log_error (_("no default secret keyring: %s\n"), gpg_strerror (rc));
920
return GPG_ERR_GENERAL;
1158
log_error (_("no default secret keyring: %s\n"), g10_errstr (rc));
1160
return G10ERR_GENERAL;
922
1162
rc = keydb_insert_keyblock (hd, keyblock );
924
log_error (_("error writing keyring `%s': %s\n"),
925
keydb_get_resource_name (hd), gpg_strerror (rc) );
1164
log_error (_("error writing keyring `%s': %s\n"),
1165
keydb_get_resource_name (hd), g10_errstr(rc) );
926
1166
keydb_release (hd);
927
1167
/* we are ready */
928
1168
if( !opt.quiet )
929
log_info( _("key %08lX: secret key imported\n"), (ulong)keyid[1]);
1169
log_info( _("key %s: secret key imported\n"), keystr_from_sk(sk));
930
1170
stats->secret_imported++;
931
1171
if (is_status_enabled ())
932
print_import_ok (NULL, sk, 1|16);
1172
print_import_ok (NULL, sk, 1|16);
934
1174
if(options&IMPORT_SK2PK)
936
1176
/* Try and make a public key out of this. */
938
1178
KBNODE pub_keyblock=sec_to_pub_keyblock(keyblock);
939
import_one(fname,pub_keyblock,stats,opt.import_options);
940
release_kbnode(pub_keyblock);
1181
import_one(fname,pub_keyblock,stats,
1182
NULL,NULL,opt.import_options,1);
1183
release_kbnode(pub_keyblock);
944
else if( !rc ) { /* we can't merge secret keys */
945
log_error( _("key %08lX: already in secret keyring\n"),
1187
/* Now that the key is definitely incorporated into the keydb,
1188
if we have the public part of this key, we need to check if
1189
the prefs are rational. */
1190
node=get_pubkeyblock(keyid);
1194
release_kbnode(node);
1198
{ /* we can't merge secret keys */
1199
log_error( _("key %s: already in secret keyring\n"),
1200
keystr_from_sk(sk));
947
1201
stats->secret_dups++;
948
1202
if (is_status_enabled ())
949
print_import_ok (NULL, sk, 16);
1203
print_import_ok (NULL, sk, 16);
951
1205
/* TODO: if we ever do merge secret keys, make sure to handle
952
1206
the sec_to_pub_keyblock feature as well. */
955
log_error( _("key %08lX: secret key not found: %s\n"),
956
(ulong)keyid[1], gpg_strerror (rc));
1209
log_error( _("key %s: secret key not found: %s\n"),
1210
keystr_from_sk(sk), g10_errstr(rc));
1004
1260
rc = keydb_search_fpr (hd, afp);
1007
log_error (_("key %08lX: can't locate original keyblock: %s\n"),
1008
(ulong)keyid[1], gpg_strerror (rc));
1264
log_error (_("key %s: can't locate original keyblock: %s\n"),
1265
keystr(keyid), g10_errstr(rc));
1011
1268
rc = keydb_get_keyblock (hd, &keyblock );
1013
log_error (_("key %08lX: can't read original keyblock: %s\n"),
1014
(ulong)keyid[1], gpg_strerror (rc));
1271
log_error (_("key %s: can't read original keyblock: %s\n"),
1272
keystr(keyid), g10_errstr(rc));
1019
1276
/* it is okay, that node is not in keyblock because
1020
1277
* check_key_signature works fine for sig_class 0x20 in this
1021
1278
* special case. */
1022
1279
rc = check_key_signature( keyblock, node, NULL);
1024
log_error( _("key %08lX: invalid revocation certificate"
1025
": %s - rejected\n"), (ulong)keyid[1], gpg_strerror (rc));
1282
log_error( _("key %s: invalid revocation certificate"
1283
": %s - rejected\n"), keystr(keyid), g10_errstr(rc));
1030
1287
/* check whether we already have this */
1031
1288
for(onode=keyblock->next; onode; onode=onode->next ) {
1032
1289
if( onode->pkt->pkttype == PKT_USER_ID )
1034
1291
else if( onode->pkt->pkttype == PKT_SIGNATURE
1035
&& !cmp_signatures(node->pkt->pkt.signature,
1036
onode->pkt->pkt.signature))
1039
goto leave; /* yes, we already know about it */
1292
&& !cmp_signatures(node->pkt->pkt.signature,
1293
onode->pkt->pkt.signature))
1296
goto leave; /* yes, we already know about it */
1109
1367
sig = n->pkt->pkt.signature;
1110
1368
if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] ) {
1112
/* This just caches the sigs for later use. That way we
1113
import a fully-cached key which speeds things up. */
1114
if(!opt.no_sig_cache)
1115
check_key_signature(keyblock,n,NULL);
1370
/* This just caches the sigs for later use. That way we
1371
import a fully-cached key which speeds things up. */
1372
if(!opt.no_sig_cache)
1373
check_key_signature(keyblock,n,NULL);
1117
if( (sig->sig_class&~3) == 0x10 ) {
1375
if( IS_UID_SIG(sig) || IS_UID_REV(sig) )
1118
1377
KBNODE unode = find_prev_kbnode( keyblock, n, PKT_USER_ID );
1120
log_error( _("key %08lX: no user ID for signature\n"),
1380
log_error( _("key %s: no user ID for signature\n"),
1122
1382
return -1; /* the complete keyblock is invalid */
1125
1385
/* If it hasn't been marked valid yet, keep trying */
1126
1386
if(!(unode->flag&1)) {
1127
1387
rc = check_key_signature( keyblock, n, NULL);
1132
char *p=utf8_to_native(unode->pkt->pkt.user_id->name,
1133
strlen(unode->pkt->pkt.user_id->name),0);
1134
log_info( gpg_err_code (rc) == GPG_ERR_PUBKEY_ALGO ?
1135
_("key %08lX: unsupported public key "
1136
"algorithm on user id \"%s\"\n"):
1137
_("key %08lX: invalid self-signature "
1138
"on user id \"%s\"\n"),
1392
char *p=utf8_to_native(unode->pkt->pkt.user_id->name,
1393
strlen(unode->pkt->pkt.user_id->name),0);
1394
log_info( rc == G10ERR_PUBKEY_ALGO ?
1395
_("key %s: unsupported public key "
1396
"algorithm on user ID \"%s\"\n"):
1397
_("key %s: invalid self-signature "
1398
"on user ID \"%s\"\n"),
1144
1404
unode->flag |= 1; /* mark that signature checked */
1147
1407
else if( sig->sig_class == 0x18 ) {
1148
1408
/* Note that this works based solely on the timestamps
1149
1409
like the rest of gpg. If the standard gets
1150
1410
revocation targets, this may need to be revised. */
1155
log_info( _("key %08lX: no subkey for subkey "
1156
"binding signature\n"),(ulong)keyid[1]);
1157
n->flag |= 4; /* delete this */
1415
log_info( _("key %s: no subkey for key binding\n"),
1417
n->flag |= 4; /* delete this */
1161
rc = check_key_signature( keyblock, n, NULL);
1165
log_info( gpg_err_code (rc) == GPG_ERR_PUBKEY_ALGO ?
1166
_("key %08lX: unsupported public key algorithm\n"):
1167
_("key %08lX: invalid subkey binding\n"),
1173
/* It's valid, so is it newer? */
1174
if(sig->timestamp>=bsdate)
1176
knode->flag |= 1; /* the subkey is valid */
1179
bsnode->flag|=4; /* Delete the last binding
1180
sig since this one is
1183
log_info(_("key %08lX: removed multiple "
1184
"subkey binding\n"),
1189
bsdate=sig->timestamp;
1192
n->flag|=4; /* older */
1421
rc = check_key_signature( keyblock, n, NULL);
1425
log_info(rc == G10ERR_PUBKEY_ALGO ?
1426
_("key %s: unsupported public key"
1428
_("key %s: invalid subkey binding\n"),
1434
/* It's valid, so is it newer? */
1435
if(sig->timestamp>=bsdate) {
1436
knode->flag |= 1; /* the subkey is valid */
1439
bsnode->flag|=4; /* Delete the last binding
1440
sig since this one is
1443
log_info(_("key %s: removed multiple subkey"
1444
" binding\n"),keystr(keyid));
1448
bsdate=sig->timestamp;
1451
n->flag|=4; /* older */
1196
1455
else if( sig->sig_class == 0x28 ) {
1197
1456
/* We don't actually mark the subkey as revoked right
1200
1459
the binding sig is newer than the revocation sig.
1201
1460
See the comment in getkey.c:merge_selfsigs_subkey for
1205
log_info( _("key %08lX: no subkey for subkey "
1206
"revocation signature\n"),(ulong)keyid[1]);
1207
n->flag |= 4; /* delete this */
1210
rc = check_key_signature( keyblock, n, NULL);
1213
log_info( gpg_err_code (rc) == GPG_ERR_PUBKEY_ALGO ?
1214
_("key %08lX: unsupported public key algorithm\n"):
1215
_("key %08lX: invalid subkey revocation\n"),
1465
log_info( _("key %s: no subkey for key revocation\n"),
1467
n->flag |= 4; /* delete this */
1220
/* It's valid, so is it newer? */
1221
if(sig->timestamp>=rsdate) {
1223
rsnode->flag|=4; /* Delete the last revocation
1224
sig since this one is
1227
log_info(_("key %08lX: removed multiple subkey "
1228
"revocation signatures\n"),
1471
rc = check_key_signature( keyblock, n, NULL);
1475
log_info(rc == G10ERR_PUBKEY_ALGO ?
1476
_("key %s: unsupported public"
1477
" key algorithm\n"):
1478
_("key %s: invalid subkey revocation\n"),
1484
/* It's valid, so is it newer? */
1485
if(sig->timestamp>=rsdate)
1489
rsnode->flag|=4; /* Delete the last revocation
1490
sig since this one is
1493
log_info(_("key %s: removed multiple subkey"
1494
" revocation\n"),keystr(keyid));
1233
rsdate=sig->timestamp;
1236
n->flag|=4; /* older */
1498
rsdate=sig->timestamp;
1501
n->flag|=4; /* older */
1302
1567
subkey_seen = 1;
1304
else if( node->pkt->pkttype == PKT_SIGNATURE
1305
&& openpgp_pk_test_algo( node->pkt->pkt.signature
1307
&& node->pkt->pkt.signature->pubkey_algo != PUBKEY_ALGO_RSA )
1569
else if (node->pkt->pkttype == PKT_SIGNATURE
1570
&& openpgp_pk_test_algo (node->pkt->pkt.signature->pubkey_algo)
1571
&& node->pkt->pkt.signature->pubkey_algo != PUBKEY_ALGO_RSA )
1308
1572
delete_kbnode( node ); /* build_packet() can't handle this */
1309
1573
else if( node->pkt->pkttype == PKT_SIGNATURE &&
1310
1574
!node->pkt->pkt.signature->flags.exportable &&
1311
!(options&IMPORT_ALLOW_LOCAL_SIGS) &&
1312
seckey_available( node->pkt->pkt.signature->keyid ) ) {
1313
/* Here we violate the rfc a bit by still allowing
1575
!(options&IMPORT_LOCAL_SIGS) &&
1576
seckey_available( node->pkt->pkt.signature->keyid ) )
1578
/* here we violate the rfc a bit by still allowing
1314
1579
* to import non-exportable signature when we have the
1315
1580
* the secret key used to create this signature - it
1316
* seems that this makes sense. */
1318
log_info( _("key %08lX: non exportable signature "
1319
"(class %02x) - skipped\n"),
1321
node->pkt->pkt.signature->sig_class );
1322
delete_kbnode( node );
1581
* seems that this makes sense */
1583
log_info( _("key %s: non exportable signature"
1584
" (class 0x%02X) - skipped\n"),
1585
keystr(keyid), node->pkt->pkt.signature->sig_class );
1586
delete_kbnode( node );
1324
1588
else if( node->pkt->pkttype == PKT_SIGNATURE
1325
1589
&& node->pkt->pkt.signature->sig_class == 0x20 ) {
1328
log_error( _("key %08lX: revocation certificate "
1329
"at wrong place - skipped\n"),
1331
delete_kbnode( node );
1593
log_info( _("key %s: revocation certificate"
1594
" at wrong place - skipped\n"),keystr(keyid));
1595
delete_kbnode( node );
1334
1598
/* If the revocation cert is from a different key than
1335
1599
the one we're working on don't check it - it's
1385
1649
* It may happen that the imported keyblock has duplicated user IDs.
1386
1650
* We check this here and collapse those user IDs together with their
1387
1651
* sigs into one.
1388
* Returns: True if the keyblock hash changed.
1652
* Returns: True if the keyblock has changed.
1391
1655
collapse_uids( KBNODE *keyblock )
1399
for( n = *keyblock; n; n = n->next ) {
1400
if( n->pkt->pkttype != PKT_USER_ID )
1402
for( n2 = n->next; n2; n2 = n2->next ) {
1403
if( n2->pkt->pkttype == PKT_USER_ID
1404
&& !cmp_user_ids( n->pkt->pkt.user_id,
1405
n2->pkt->pkt.user_id ) ) {
1406
/* found a duplicate */
1409
|| n2->next->pkt->pkttype == PKT_USER_ID
1410
|| n2->next->pkt->pkttype == PKT_PUBLIC_SUBKEY
1411
|| n2->next->pkt->pkttype == PKT_SECRET_SUBKEY ) {
1412
/* no more signatures: delete the user ID
1414
remove_kbnode( keyblock, n2 );
1417
/* The simple approach: Move one signature and
1418
* then start over to delete the next one :-( */
1419
move_kbnode( keyblock, n2->next, n->next );
1429
/* now we may have duplicate signatures on one user ID: fix this */
1430
for( in_uid = 0, n = *keyblock; n; n = n->next ) {
1431
if( n->pkt->pkttype == PKT_USER_ID )
1433
else if( n->pkt->pkttype == PKT_PUBLIC_SUBKEY
1434
|| n->pkt->pkttype == PKT_SECRET_SUBKEY )
1440
for( ; n2; n2 = n2->next ) {
1441
if( n2->pkt->pkttype == PKT_USER_ID
1442
|| n2->pkt->pkttype == PKT_PUBLIC_SUBKEY
1443
|| n2->pkt->pkttype == PKT_SECRET_SUBKEY )
1660
for(uid1=*keyblock;uid1;uid1=uid1->next)
1664
if(is_deleted_kbnode(uid1))
1667
if(uid1->pkt->pkttype!=PKT_USER_ID)
1670
for(uid2=uid1->next;uid2;uid2=uid2->next)
1672
if(is_deleted_kbnode(uid2))
1675
if(uid2->pkt->pkttype!=PKT_USER_ID)
1678
if(cmp_user_ids(uid1->pkt->pkt.user_id,
1679
uid2->pkt->pkt.user_id)==0)
1681
/* We have a duplicated uid */
1686
/* Now take uid2's signatures, and attach them to
1688
for(last=uid2;last->next;last=last->next)
1690
if(is_deleted_kbnode(last))
1693
if(last->next->pkt->pkttype==PKT_USER_ID
1694
|| last->next->pkt->pkttype==PKT_PUBLIC_SUBKEY
1695
|| last->next->pkt->pkttype==PKT_SECRET_SUBKEY)
1700
(find_prev_kbnode(*keyblock,uid2,0))->next=last->next;
1702
/* Now put uid2 in place as part of uid1 */
1703
last->next=uid1->next;
1705
delete_kbnode(uid2);
1707
/* Now dedupe uid1 */
1708
for(sig1=uid1->next;sig1;sig1=sig1->next)
1712
if(is_deleted_kbnode(sig1))
1715
if(sig1->pkt->pkttype==PKT_USER_ID
1716
|| sig1->pkt->pkttype==PKT_PUBLIC_SUBKEY
1717
|| sig1->pkt->pkttype==PKT_SECRET_SUBKEY)
1720
if(sig1->pkt->pkttype!=PKT_SIGNATURE)
1723
for(sig2=sig1->next,last=sig1;sig2;last=sig2,sig2=sig2->next)
1725
if(is_deleted_kbnode(sig2))
1728
if(sig2->pkt->pkttype==PKT_USER_ID
1729
|| sig2->pkt->pkttype==PKT_PUBLIC_SUBKEY
1730
|| sig2->pkt->pkttype==PKT_SECRET_SUBKEY)
1445
if( n2->pkt->pkttype != PKT_SIGNATURE )
1449
else if( !cmp_signatures( ncmp->pkt->pkt.signature,
1450
n2->pkt->pkt.signature )) {
1451
remove_kbnode( keyblock, n2 );
1733
if(sig2->pkt->pkttype!=PKT_SIGNATURE)
1736
if(cmp_signatures(sig1->pkt->pkt.signature,
1737
sig2->pkt->pkt.signature)==0)
1739
/* We have a match, so delete the second
1741
delete_kbnode(sig2);
1455
n2 = ncmp? ncmp->next : NULL;
1460
if( (n = find_kbnode( *keyblock, PKT_PUBLIC_KEY )) )
1461
kid1 = keyid_from_pk( n->pkt->pkt.public_key, NULL );
1462
else if( (n = find_kbnode( *keyblock, PKT_SECRET_KEY )) )
1463
kid1 = keyid_from_sk( n->pkt->pkt.secret_key, NULL );
1467
log_info (_("key %08lX: duplicated user ID detected - merged\n"),
1750
commit_kbnode(keyblock);
1752
if(any && !opt.quiet)
1754
const char *key="???";
1756
if( (uid1=find_kbnode( *keyblock, PKT_PUBLIC_KEY )) )
1757
key=keystr_from_pk(uid1->pkt->pkt.public_key);
1758
else if( (uid1 = find_kbnode( *keyblock, PKT_SECRET_KEY )) )
1759
key=keystr_from_sk(uid1->pkt->pkt.secret_key);
1761
log_info(_("key %s: duplicated user ID detected - merged\n"),key);
1473
1767
/* Check for a 0x20 revocation from a revocation key that is not
1474
present. This gets called without the benefit of merge_xxxx so you
1475
can't rely on pk->revkey and friends. */
1768
present. This may be called without the benefit of merge_xxxx so
1769
you can't rely on pk->revkey and friends. */
1477
1771
revocation_present(KBNODE keyblock)
1518
1812
rc=get_pubkey_byfprint_fast (NULL,sig->revkey[idx]->fpr,
1519
1813
MAX_FINGERPRINT_LEN);
1520
if ( gpg_err_code (rc) == GPG_ERR_NO_PUBKEY
1521
|| gpg_err_code (rc) == GPG_ERR_UNUSABLE_PUBKEY)
1814
if(rc==G10ERR_NO_PUBKEY || rc==G10ERR_UNU_PUBKEY)
1816
char *tempkeystr=xstrdup(keystr_from_pk(pk));
1523
1818
/* No, so try and get it */
1524
if(opt.keyserver_scheme &&
1525
opt.keyserver_options.auto_key_retrieve)
1820
&& (opt.keyserver_options.options
1821
& KEYSERVER_AUTO_KEY_RETRIEVE))
1527
log_info(_("WARNING: key %08lX may be revoked: "
1528
"fetching revocation key %08lX\n"),
1529
(ulong)keyid_from_pk(pk,NULL),
1823
log_info(_("WARNING: key %s may be revoked:"
1824
" fetching revocation key %s\n"),
1825
tempkeystr,keystr(keyid));
1531
1826
keyserver_import_fprint(sig->revkey[idx]->fpr,
1532
MAX_FINGERPRINT_LEN);
1827
MAX_FINGERPRINT_LEN,
1534
1830
/* Do we have it now? */
1535
1831
rc=get_pubkey_byfprint_fast (NULL,
2205
/* Walk a public keyblock and produce a secret keyblock out of it.
2206
Instead of inserting the secret key parameters (which we don't
2207
have), we insert a stub. */
2209
pub_to_sec_keyblock (KBNODE pub_keyblock)
2211
KBNODE pubnode, secnode;
2212
KBNODE sec_keyblock = NULL;
2213
KBNODE walkctx = NULL;
2215
while((pubnode = walk_kbnode (pub_keyblock,&walkctx,0)))
2217
if (pubnode->pkt->pkttype == PKT_PUBLIC_KEY
2218
|| pubnode->pkt->pkttype == PKT_PUBLIC_SUBKEY)
2220
/* Make a secret key. We only need to convert enough to
2221
write the keyblock out. */
2222
PKT_public_key *pk = pubnode->pkt->pkt.public_key;
2223
PACKET *pkt = xmalloc_clear (sizeof *pkt);
2224
PKT_secret_key *sk = xmalloc_clear (sizeof *sk);
2227
if (pubnode->pkt->pkttype == PKT_PUBLIC_KEY)
2228
pkt->pkttype = PKT_SECRET_KEY;
2230
pkt->pkttype = PKT_SECRET_SUBKEY;
2232
pkt->pkt.secret_key = sk;
2234
copy_public_parts_to_secret_key ( pk, sk );
2235
sk->version = pk->version;
2236
sk->timestamp = pk->timestamp;
2238
n = pubkey_get_npkey (pk->pubkey_algo);
2240
n = 1; /* Unknown number of parameters, however the data
2241
is stored in the first mpi. */
2242
for (i=0; i < n; i++ )
2243
sk->skey[i] = mpi_copy (pk->pkey[i]);
2245
sk->is_protected = 1;
2246
sk->protect.s2k.mode = 1001;
2248
secnode = new_kbnode (pkt);
2252
secnode = clone_kbnode (pubnode);
2256
sec_keyblock = secnode;
2258
add_kbnode (sec_keyblock, secnode);
2261
return sec_keyblock;
2265
/* Walk over the secret keyring SEC_KEYBLOCK and update any simple
2266
stub keys with the serial number SNNUM of the card if one of the
2267
fingerprints FPR1, FPR2 or FPR3 match. Print a note if the key is
2268
a duplicate (may happen in case of backed uped keys).
2270
Returns: True if anything changed.
2273
update_sec_keyblock_with_cardinfo (KBNODE sec_keyblock,
2274
const unsigned char *fpr1,
2275
const unsigned char *fpr2,
2276
const unsigned char *fpr3,
2277
const char *serialnostr)
2280
KBNODE walkctx = NULL;
2282
byte array[MAX_FINGERPRINT_LEN];
2287
while((node = walk_kbnode (sec_keyblock, &walkctx, 0)))
2289
if (node->pkt->pkttype != PKT_SECRET_KEY
2290
&& node->pkt->pkttype != PKT_SECRET_SUBKEY)
2292
sk = node->pkt->pkt.secret_key;
2294
fingerprint_from_sk (sk, array, &n);
2296
continue; /* Can't be a card key. */
2297
if ( !((fpr1 && !memcmp (array, fpr1, 20))
2298
|| (fpr2 && !memcmp (array, fpr2, 20))
2299
|| (fpr3 && !memcmp (array, fpr3, 20))) )
2300
continue; /* No match. */
2302
if (sk->is_protected == 1 && sk->protect.s2k.mode == 1001)
2304
/* Standard case: migrate that stub to a key stub. */
2305
sk->protect.s2k.mode = 1002;
2307
for (sk->protect.ivlen=0; sk->protect.ivlen < 16 && *s && s[1];
2308
sk->protect.ivlen++, s += 2)
2309
sk->protect.iv[sk->protect.ivlen] = xtoi_2 (s);
2312
else if (sk->is_protected == 1 && sk->protect.s2k.mode == 1002)
2315
for (sk->protect.ivlen=0; sk->protect.ivlen < 16 && *s && s[1];
2316
sk->protect.ivlen++, s += 2)
2317
if (sk->protect.iv[sk->protect.ivlen] != xtoi_2 (s))
2319
log_info (_("NOTE: a key's S/N does not "
2320
"match the card's one\n"));
2326
if (node->pkt->pkttype != PKT_SECRET_KEY)
2327
log_info (_("NOTE: primary key is online and stored on card\n"));
2329
log_info (_("NOTE: secondary key is online and stored on card\n"));
2338
/* Check whether a secret key stub exists for the public key PK. If
2339
not create such a stub key and store it into the secring. If it
2340
exists, add appropriate subkey stubs and update the secring.
2341
Return 0 if the key could be created. */
2343
auto_create_card_key_stub ( const char *serialnostr,
2344
const unsigned char *fpr1,
2345
const unsigned char *fpr2,
2346
const unsigned char *fpr3)
2348
KBNODE pub_keyblock;
2349
KBNODE sec_keyblock;
2353
/* We only want to do this for an OpenPGP card. */
2354
if (!serialnostr || strncmp (serialnostr, "D27600012401", 12)
2355
|| strlen (serialnostr) != 32 )
2356
return G10ERR_GENERAL;
2358
/* First get the public keyring from any of the provided fingerprints. */
2359
if ( (fpr1 && !get_keyblock_byfprint (&pub_keyblock, fpr1, 20))
2360
|| (fpr2 && !get_keyblock_byfprint (&pub_keyblock, fpr2, 20))
2361
|| (fpr3 && !get_keyblock_byfprint (&pub_keyblock, fpr3, 20)))
2364
return G10ERR_GENERAL;
2368
/* Now check whether there is a secret keyring. */
2370
PKT_public_key *pk = pub_keyblock->pkt->pkt.public_key;
2371
byte afp[MAX_FINGERPRINT_LEN];
2374
fingerprint_from_pk (pk, afp, &an);
2375
if (an < MAX_FINGERPRINT_LEN)
2376
memset (afp+an, 0, MAX_FINGERPRINT_LEN-an);
2377
rc = keydb_search_fpr (hd, afp);
2382
rc = keydb_get_keyblock (hd, &sec_keyblock);
2385
log_error (_("error reading keyblock: %s\n"), g10_errstr(rc) );
2386
rc = G10ERR_GENERAL;
2390
merge_keys_and_selfsig (sec_keyblock);
2392
/* FIXME: We need to add new subkeys first. */
2393
if (update_sec_keyblock_with_cardinfo (sec_keyblock,
2397
rc = keydb_update_keyblock (hd, sec_keyblock );
2399
log_error (_("error writing keyring `%s': %s\n"),
2400
keydb_get_resource_name (hd), g10_errstr(rc) );
2404
else /* A secret key does not exists - create it. */
2406
sec_keyblock = pub_to_sec_keyblock (pub_keyblock);
2407
update_sec_keyblock_with_cardinfo (sec_keyblock,
2411
rc = keydb_locate_writable (hd, NULL);
2414
log_error (_("no default secret keyring: %s\n"), g10_errstr (rc));
2415
rc = G10ERR_GENERAL;
2419
rc = keydb_insert_keyblock (hd, sec_keyblock );
2421
log_error (_("error writing keyring `%s': %s\n"),
2422
keydb_get_resource_name (hd), g10_errstr(rc) );
2426
release_kbnode (sec_keyblock);
2427
release_kbnode (pub_keyblock);