1
/* import.c - Import OpenPGP key material
2
* Copyright (C) 1998, 1999, 2000, 2001, 2002,
3
* 2003 Free Software Foundation, Inc.
5
* This file is part of GnuPG.
7
* GnuPG is free software; you can redistribute it and/or modify
8
* it under the terms of the GNU General Public License as published by
9
* the Free Software Foundation; either version 2 of the License, or
10
* (at your option) any later version.
12
* GnuPG is distributed in the hope that it will be useful,
13
* but WITHOUT ANY WARRANTY; without even the implied warranty of
14
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15
* GNU General Public License for more details.
17
* You should have received a copy of the GNU General Public License
18
* along with this program; if not, write to the Free Software
19
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
40
#include "keyserver-internal.h"
53
ulong secret_imported;
55
ulong skipped_new_keys;
60
static int import( iobuf_t inp, const char* fname,
61
struct stats_s *stats, unsigned int options );
62
static int read_block( iobuf_t a, PACKET **pending_pkt, KBNODE *ret_root );
63
static void revocation_present(KBNODE keyblock);
64
static int import_one( const char *fname, KBNODE keyblock,
65
struct stats_s *stats, unsigned int options);
66
static int import_secret_one( const char *fname, KBNODE keyblock,
67
struct stats_s *stats, unsigned int options);
68
static int import_revoke_cert( const char *fname, KBNODE node,
69
struct stats_s *stats);
70
static int chk_self_sigs( const char *fname, KBNODE keyblock,
71
PKT_public_key *pk, u32 *keyid, int *non_self );
72
static int delete_inv_parts( const char *fname, KBNODE keyblock,
73
u32 *keyid, unsigned int options );
74
static int merge_blocks( const char *fname, KBNODE keyblock_orig,
75
KBNODE keyblock, u32 *keyid,
76
int *n_uids, int *n_sigs, int *n_subk );
77
static int append_uid( KBNODE keyblock, KBNODE node, int *n_sigs,
78
const char *fname, u32 *keyid );
79
static int append_key( KBNODE keyblock, KBNODE node, int *n_sigs,
80
const char *fname, u32 *keyid );
81
static int merge_sigs( KBNODE dst, KBNODE src, int *n_sigs,
82
const char *fname, u32 *keyid );
83
static int merge_keysigs( KBNODE dst, KBNODE src, int *n_sigs,
84
const char *fname, u32 *keyid );
87
parse_import_options(char *str,unsigned int *options)
89
struct parse_options import_opts[]=
91
{"allow-local-sigs",IMPORT_ALLOW_LOCAL_SIGS},
92
{"repair-hkp-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG},
93
{"repair-pks-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG},
94
{"fast-import",IMPORT_FAST_IMPORT},
95
{"convert-sk-to-pk",IMPORT_SK2PK},
99
return parse_options(str,options,import_opts);
103
import_new_stats_handle (void)
105
return xcalloc (1, sizeof (struct stats_s) );
109
import_release_stats_handle (void *p)
115
* Import the public keys from the given filename. Input may be armored.
116
* This function rejects all keys which are not validly self signed on at
117
* least one userid. Only user ids which are self signed will be imported.
118
* Other signatures are not checked.
120
* Actually this function does a merge. It works like this:
123
* - check self-signatures and remove all userids and their signatures
124
* without/invalid self-signatures.
125
* - reject the keyblock, if we have no valid userid.
126
* - See whether we have this key already in one of our pubrings.
127
* If not, simply add it to the default keyring.
128
* - Compare the key and the self-signatures of the new and the one in
129
* our keyring. If they are different something weird is going on;
131
* - See whether we have only non-self-signature on one user id; if not
132
* ask the user what to do.
133
* - compare the signatures: If we already have this signature, check
134
* that they compare okay; if not, issue a warning and ask the user.
135
* (consider looking at the timestamp and use the newest?)
136
* - Simply add the signature. Can't verify here because we may not have
137
* the signature's public key yet; verification is done when putting it
138
* into the trustdb, which is done automagically as soon as this pubkey
140
* - Proceed with next signature.
142
* Key revocation certificates have special handling.
146
import_keys_internal( iobuf_t inp, char **fnames, int nnames,
147
void *stats_handle, unsigned int options )
150
struct stats_s *stats = stats_handle;
153
stats = import_new_stats_handle ();
156
rc = import( inp, "[stream]", stats, options);
159
if( !fnames && !nnames )
160
nnames = 1; /* Ohh what a ugly hack to jump into the loop */
162
for(i=0; i < nnames; i++ ) {
163
const char *fname = fnames? fnames[i] : NULL;
164
iobuf_t inp2 = iobuf_open(fname);
168
log_error(_("can't open `%s': %s\n"), fname, strerror(errno) );
170
rc = import( inp2, fname, stats, options );
172
/* Must invalidate that ugly cache to actually close it. */
173
iobuf_ioctl (NULL, 2, 0, (char*)fname);
175
log_error("import from `%s' failed: %s\n", fname,
183
import_print_stats (stats);
184
import_release_stats_handle (stats);
186
/* If no fast import and the trustdb is dirty (i.e. we added a key
187
or userID that had something other than a selfsig, a signature
188
that was other than a selfsig, or any revocation), then
189
update/check the trustdb if the user specified by setting
190
interactive or by not setting no-auto-check-trustdb */
191
if (!(options&IMPORT_FAST_IMPORT) && trustdb_pending_check())
195
else if (!opt.no_auto_check_trustdb)
203
import_keys( char **fnames, int nnames,
204
void *stats_handle, unsigned int options )
206
import_keys_internal( NULL, fnames, nnames, stats_handle, options);
210
import_keys_stream( iobuf_t inp, void *stats_handle, unsigned int options )
212
return import_keys_internal( inp, NULL, 0, stats_handle, options);
216
import( iobuf_t inp, const char* fname,
217
struct stats_s *stats, unsigned int options )
219
PACKET *pending_pkt = NULL;
223
getkey_disable_caches();
225
if( !opt.no_armor ) { /* armored reading is not disabled */
226
armor_filter_context_t *afx = xcalloc (1, sizeof *afx );
227
afx->only_keyblocks = 1;
228
iobuf_push_filter2( inp, armor_filter, afx, 1 );
231
while( !(rc = read_block( inp, &pending_pkt, &keyblock) )) {
232
if( keyblock->pkt->pkttype == PKT_PUBLIC_KEY )
233
rc = import_one( fname, keyblock, stats, options );
234
else if( keyblock->pkt->pkttype == PKT_SECRET_KEY )
235
rc = import_secret_one( fname, keyblock, stats, options );
236
else if( keyblock->pkt->pkttype == PKT_SIGNATURE
237
&& keyblock->pkt->pkt.signature->sig_class == 0x20 )
238
rc = import_revoke_cert( fname, keyblock, stats );
240
log_info( _("skipping block of type %d\n"),
241
keyblock->pkt->pkttype );
243
release_kbnode(keyblock);
244
/* fixme: we should increment the not imported counter but this
245
does only make sense if we keep on going despite of errors. */
248
if( !(++stats->count % 100) && !opt.quiet )
249
log_info(_("%lu keys processed so far\n"), stats->count );
253
else if( rc && rc != GPG_ERR_INV_KEYRING )
254
log_error( _("error reading `%s': %s\n"), fname, gpg_strerror (rc));
261
import_print_stats (void *hd)
263
struct stats_s *stats = hd;
266
log_info(_("Total number processed: %lu\n"), stats->count );
267
if( stats->skipped_new_keys )
268
log_info(_(" skipped new keys: %lu\n"),
269
stats->skipped_new_keys );
270
if( stats->no_user_id )
271
log_info(_(" w/o user IDs: %lu\n"), stats->no_user_id );
272
if( stats->imported || stats->imported_rsa ) {
273
log_info(_(" imported: %lu"), stats->imported );
274
if( stats->imported_rsa )
275
fprintf(stderr, " (RSA: %lu)", stats->imported_rsa );
278
if( stats->unchanged )
279
log_info(_(" unchanged: %lu\n"), stats->unchanged );
281
log_info(_(" new user IDs: %lu\n"), stats->n_uids );
283
log_info(_(" new subkeys: %lu\n"), stats->n_subk );
285
log_info(_(" new signatures: %lu\n"), stats->n_sigs );
287
log_info(_(" new key revocations: %lu\n"), stats->n_revoc );
288
if( stats->secret_read )
289
log_info(_(" secret keys read: %lu\n"), stats->secret_read );
290
if( stats->secret_imported )
291
log_info(_(" secret keys imported: %lu\n"), stats->secret_imported );
292
if( stats->secret_dups )
293
log_info(_(" secret keys unchanged: %lu\n"), stats->secret_dups );
294
if( stats->not_imported )
295
log_info(_(" not imported: %lu\n"), stats->not_imported );
298
if( is_status_enabled() ) {
300
sprintf(buf, "%lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu",
311
stats->secret_imported,
313
stats->skipped_new_keys,
314
stats->not_imported );
315
write_status_text( STATUS_IMPORT_RES, buf );
321
* Read the next keyblock from stream A.
322
* PENDING_PKT should be initialzed to NULL
323
* and not chnaged form the caller.
324
* Retunr: 0 = okay, -1 no more blocks or another errorcode.
327
read_block( iobuf_t a, PACKET **pending_pkt, KBNODE *ret_root )
335
root = new_kbnode( *pending_pkt );
341
pkt = xmalloc ( sizeof *pkt );
343
while( (rc=parse_packet(a, pkt)) != -1 ) {
344
if( rc ) { /* ignore errors */
345
if( rc != GPG_ERR_UNKNOWN_PACKET ) {
346
log_error("read_block: read error: %s\n", gpg_strerror (rc) );
347
rc = GPG_ERR_INV_KEYRING;
355
if( !root && pkt->pkttype == PKT_SIGNATURE
356
&& pkt->pkt.signature->sig_class == 0x20 ) {
357
/* this is a revocation certificate which is handled
358
* in a special way */
359
root = new_kbnode( pkt );
364
/* make a linked list of all packets */
365
switch( pkt->pkttype ) {
367
if( pkt->pkt.compressed->algorithm < 1
368
|| pkt->pkt.compressed->algorithm > 2 ) {
369
rc = GPG_ERR_COMPR_ALGO;
373
compress_filter_context_t *cfx = xcalloc (1, sizeof *cfx );
374
cfx->algo = pkt->pkt.compressed->algorithm;
375
pkt->pkt.compressed->buf = NULL;
376
iobuf_push_filter2( a, compress_filter, cfx, 1 );
383
/* skip those packets */
390
if( in_cert ) { /* store this packet */
399
root = new_kbnode( pkt );
401
add_kbnode( root, new_kbnode( pkt ) );
402
pkt = xmalloc ( sizeof *pkt );
409
if( rc == -1 && root )
413
release_kbnode( root );
421
/* Walk through the subkeys on a pk to find if we have the PKS
422
disease: multiple subkeys with their binding sigs stripped, and the
423
sig for the first subkey placed after the last subkey. That is,
424
instead of "pk uid sig sub1 bind1 sub2 bind2 sub3 bind3" we have
425
"pk uid sig sub1 sub2 sub3 bind1". We can't do anything about sub2
426
and sub3, as they are already lost, but we can try and rescue sub1
427
by reordering the keyblock so that it reads "pk uid sig sub1 bind1
428
sub2 sub3". Returns TRUE if the keyblock was modified. */
431
fix_pks_corruption(KBNODE keyblock)
433
int changed=0,keycount=0;
434
KBNODE node,last=NULL,sknode=NULL;
436
/* First determine if we have the problem at all. Look for 2 or
437
more subkeys in a row, followed by a single binding sig. */
438
for(node=keyblock;node;last=node,node=node->next)
440
if(node->pkt->pkttype==PKT_PUBLIC_SUBKEY)
446
else if(node->pkt->pkttype==PKT_SIGNATURE &&
447
node->pkt->pkt.signature->sig_class==0x18 &&
448
keycount>=2 && node->next==NULL)
450
/* We might have the problem, as this key has two subkeys in
451
a row without any intervening packets. */
457
/* Temporarily attach node to sknode. */
458
node->next=sknode->next;
462
/* Note we aren't checking whether this binding sig is a
463
selfsig. This is not necessary here as the subkey and
464
binding sig will be rejected later if that is the
466
if(check_key_signature(keyblock,node,NULL))
468
/* Not a match, so undo the changes. */
469
sknode->next=node->next;
476
sknode->flag |= 1; /* Mark it good so we don't need to
491
print_import_ok (PKT_public_key *pk, PKT_secret_key *sk, unsigned int reason)
493
byte array[MAX_FINGERPRINT_LEN], *s;
494
char buf[MAX_FINGERPRINT_LEN*2+30], *p;
497
sprintf (buf, "%u ", reason);
498
p = buf + strlen (buf);
501
fingerprint_from_pk (pk, array, &n);
503
fingerprint_from_sk (sk, array, &n);
505
for (i=0; i < n ; i++, s++, p += 2)
506
sprintf (p, "%02X", *s);
508
write_status_text (STATUS_IMPORT_OK, buf);
512
print_import_check (PKT_public_key * pk, PKT_user_id * id)
517
size_t i, pos = 0, n;
519
buf = xmalloc (17+41+id->len+32);
520
keyid_from_pk (pk, keyid);
521
sprintf (buf, "%08X%08X ", keyid[0], keyid[1]);
523
fingerprint_from_pk (pk, fpr, &n);
524
for (i = 0; i < n; i++, pos += 2)
525
sprintf (buf+pos, "%02X", fpr[i]);
528
strcat (buf, id->name);
529
write_status_text (STATUS_IMPORT_CHECK, buf);
534
* Try to import one keyblock. Return an error only in serious cases, but
535
* never for an invalid keyblock. It uses log_error to increase the
536
* internal errorcount, so that invalid input can be detected by programs
540
import_one( const char *fname, KBNODE keyblock,
541
struct stats_s *stats, unsigned int options )
544
PKT_public_key *pk_orig;
545
KBNODE node, uidnode;
546
KBNODE keyblock_orig = NULL;
553
/* get the key and print some info about it */
554
node = find_kbnode( keyblock, PKT_PUBLIC_KEY );
558
pk = node->pkt->pkt.public_key;
559
keyid_from_pk( pk, keyid );
560
uidnode = find_next_kbnode( keyblock, PKT_USER_ID );
562
if(pk->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
563
log_info(_("NOTE: Elgamal primary key detected - "
564
"this may take some time to import\n"));
566
if( opt.verbose && !opt.interactive ) {
567
log_info( "pub %4u%c/%08lX %s ",
569
pubkey_letter( pk->pubkey_algo ),
570
(ulong)keyid[1], datestr_from_pk(pk) );
572
print_utf8_string( stderr, uidnode->pkt->pkt.user_id->name,
573
uidnode->pkt->pkt.user_id->len );
577
log_error( _("key %08lX: no user ID\n"), (ulong)keyid[1]);
581
if (opt.interactive) {
582
if(is_status_enabled())
583
print_import_check (pk, uidnode->pkt->pkt.user_id);
584
merge_keys_and_selfsig (keyblock);
586
show_basic_key_info (keyblock);
588
if (!cpr_get_answer_is_yes ("import.okay",
589
"Do you want to import this key? (y/N) "))
593
clear_kbnode_flags( keyblock );
595
if((options&IMPORT_REPAIR_PKS_SUBKEY_BUG) && fix_pks_corruption(keyblock)
597
log_info(_("key %08lX: PKS subkey corruption repaired\n"),
600
rc = chk_self_sigs( fname, keyblock , pk, keyid, &non_self );
602
return rc== -1? 0:rc;
604
/* If we allow such a thing, mark unsigned uids as valid */
605
if( opt.allow_non_selfsigned_uid )
606
for( node=keyblock; node; node = node->next )
607
if( node->pkt->pkttype == PKT_USER_ID && !(node->flag & 1) )
609
char *user=utf8_to_native(node->pkt->pkt.user_id->name,
610
node->pkt->pkt.user_id->len,0);
612
log_info( _("key %08lX: accepted non self-signed user ID '%s'\n"),
613
(ulong)keyid[1],user);
617
if( !delete_inv_parts( fname, keyblock, keyid, options ) ) {
618
log_error ( _("key %08lX: no valid user IDs\n"), (ulong)keyid[1]);
620
log_info(_("this may be caused by a missing self-signature\n"));
625
/* do we have this key already in one of our pubrings ? */
626
pk_orig = xcalloc (1, sizeof *pk_orig );
627
rc = get_pubkey_fast ( pk_orig, keyid );
628
if( rc && gpg_err_code (rc) != GPG_ERR_NO_PUBKEY
629
&& gpg_err_code (rc) != GPG_ERR_UNUSABLE_PUBKEY ) {
630
log_error( _("key %08lX: public key not found: %s\n"),
631
(ulong)keyid[1], gpg_strerror (rc));
633
else if ( rc && opt.merge_only ) {
635
log_info( _("key %08lX: new key - skipped\n"), (ulong)keyid[1] );
637
stats->skipped_new_keys++;
639
else if( rc ) { /* insert this key */
640
KEYDB_HANDLE hd = keydb_new (0);
642
rc = keydb_locate_writable (hd, NULL);
644
log_error (_("no writable keyring found: %s\n"), gpg_strerror (rc));
646
return GPG_ERR_GENERAL;
648
if( opt.verbose > 1 )
649
log_info (_("writing to `%s'\n"), keydb_get_resource_name (hd) );
650
rc = keydb_insert_keyblock (hd, keyblock );
652
log_error (_("error writing keyring `%s': %s\n"),
653
keydb_get_resource_name (hd), gpg_strerror (rc));
656
/* This should not be possible since we delete the
657
ownertrust when a key is deleted, but it can happen if
658
the keyring and trustdb are out of sync. It can also
659
be made to happen with the trusted-key command. */
661
clear_ownertrusts (pk);
663
revalidation_mark ();
669
char *p=get_user_id_printable (keyid);
670
log_info( _("key %08lX: public key \"%s\" imported\n"),
674
if( is_status_enabled() ) {
675
char *us = get_long_user_id_string( keyid );
676
write_status_text( STATUS_IMPORTED, us );
678
print_import_ok (pk,NULL, 1);
681
if( is_RSA( pk->pubkey_algo ) )
682
stats->imported_rsa++;
687
int n_uids, n_sigs, n_subk;
689
/* Compare the original against the new key; just to be sure nothing
690
* weird is going on */
691
if( cmp_public_keys( pk_orig, pk ) ) {
692
log_error( _("key %08lX: doesn't match our copy\n"),
697
/* now read the original keyblock */
700
byte afp[MAX_FINGERPRINT_LEN];
703
fingerprint_from_pk (pk_orig, afp, &an);
704
while (an < MAX_FINGERPRINT_LEN)
706
rc = keydb_search_fpr (hd, afp);
709
log_error (_("key %08lX: can't locate original keyblock: %s\n"),
710
(ulong)keyid[1], gpg_strerror (rc));
714
rc = keydb_get_keyblock (hd, &keyblock_orig );
716
log_error (_("key %08lX: can't read original keyblock: %s\n"),
717
(ulong)keyid[1], gpg_strerror (rc));
722
collapse_uids( &keyblock );
723
/* and try to merge the block */
724
clear_kbnode_flags( keyblock_orig );
725
clear_kbnode_flags( keyblock );
726
n_uids = n_sigs = n_subk = 0;
727
rc = merge_blocks( fname, keyblock_orig, keyblock,
728
keyid, &n_uids, &n_sigs, &n_subk );
733
if( n_uids || n_sigs || n_subk ) {
735
/* keyblock_orig has been updated; write */
736
rc = keydb_update_keyblock (hd, keyblock_orig);
738
log_error (_("error writing keyring `%s': %s\n"),
739
keydb_get_resource_name (hd), gpg_strerror (rc) );
741
revalidation_mark ();
745
char *p=get_user_id_printable(keyid);
747
log_info( _("key %08lX: \"%s\" 1 new user ID\n"),
750
log_info( _("key %08lX: \"%s\" %d new user IDs\n"),
751
(ulong)keyid[1], p, n_uids );
753
log_info( _("key %08lX: \"%s\" 1 new signature\n"),
756
log_info( _("key %08lX: \"%s\" %d new signatures\n"),
757
(ulong)keyid[1], p, n_sigs );
759
log_info( _("key %08lX: \"%s\" 1 new subkey\n"),
762
log_info( _("key %08lX: \"%s\" %d new subkeys\n"),
763
(ulong)keyid[1], p, n_subk );
767
stats->n_uids +=n_uids;
768
stats->n_sigs +=n_sigs;
769
stats->n_subk +=n_subk;
771
if (is_status_enabled ())
772
print_import_ok (pk, NULL,
773
((n_uids?2:0)|(n_sigs?4:0)|(n_subk?8:0)));
776
if (is_status_enabled ())
777
print_import_ok (pk, NULL, 0);
780
char *p=get_user_id_printable(keyid);
781
log_info( _("key %08lX: \"%s\" not changed\n"),
787
keydb_release (hd); hd = NULL;
791
release_kbnode( keyblock_orig );
792
free_public_key( pk_orig );
794
revocation_present(keyblock);
799
/* Walk a secret keyblock and produce a public keyblock out of it. */
801
sec_to_pub_keyblock(KBNODE sec_keyblock)
803
KBNODE secnode,pub_keyblock=NULL,ctx=NULL;
805
while((secnode=walk_kbnode(sec_keyblock,&ctx,0)))
809
if(secnode->pkt->pkttype==PKT_SECRET_KEY ||
810
secnode->pkt->pkttype==PKT_SECRET_SUBKEY)
812
/* Make a public key. We only need to convert enough to
813
write the keyblock out. */
815
PKT_secret_key *sk=secnode->pkt->pkt.secret_key;
816
PACKET *pkt=xcalloc (1,sizeof(PACKET));
817
PKT_public_key *pk=xcalloc (1,sizeof(PKT_public_key));
820
if(secnode->pkt->pkttype==PKT_SECRET_KEY)
821
pkt->pkttype=PKT_PUBLIC_KEY;
823
pkt->pkttype=PKT_PUBLIC_SUBKEY;
825
pkt->pkt.public_key=pk;
827
pk->version=sk->version;
828
pk->timestamp=sk->timestamp;
829
pk->expiredate=sk->expiredate;
830
pk->pubkey_algo=sk->pubkey_algo;
832
n=pubkey_get_npkey(pk->pubkey_algo);
834
pk->pkey[0]=mpi_copy(sk->skey[0]);
840
pk->pkey[i]=mpi_copy(sk->skey[i]);
843
pubnode=new_kbnode(pkt);
847
pubnode=clone_kbnode(secnode);
850
if(pub_keyblock==NULL)
851
pub_keyblock=pubnode;
853
add_kbnode(pub_keyblock,pubnode);
860
* Ditto for secret keys. Handling is simpler than for public keys.
861
* We allow secret key importing only when allow is true, this is so
862
* that a secret key can not be imported accidently and thereby tampering
863
* with the trust calculation.
866
import_secret_one( const char *fname, KBNODE keyblock,
867
struct stats_s *stats, unsigned int options)
870
KBNODE node, uidnode;
874
/* get the key and print some info about it */
875
node = find_kbnode( keyblock, PKT_SECRET_KEY );
879
sk = node->pkt->pkt.secret_key;
880
keyid_from_sk( sk, keyid );
881
uidnode = find_next_kbnode( keyblock, PKT_USER_ID );
884
log_info( "sec %4u%c/%08lX %s ",
886
pubkey_letter( sk->pubkey_algo ),
887
(ulong)keyid[1], datestr_from_sk(sk) );
889
print_utf8_string( stderr, uidnode->pkt->pkt.user_id->name,
890
uidnode->pkt->pkt.user_id->len );
893
stats->secret_read++;
896
log_error( _("key %08lX: no user ID\n"), (ulong)keyid[1]);
900
if(sk->protect.algo>110)
902
log_error(_("key %08lX: secret key with invalid cipher %d "
903
"- skipped\n"),(ulong)keyid[1],sk->protect.algo);
907
clear_kbnode_flags( keyblock );
909
/* do we have this key already in one of our secrings ? */
910
rc = seckey_available( keyid );
911
if( gpg_err_code (rc) == GPG_ERR_NO_SECKEY && !opt.merge_only ) {
912
/* simply insert this key */
913
KEYDB_HANDLE hd = keydb_new (1);
915
/* get default resource */
916
rc = keydb_locate_writable (hd, NULL);
918
log_error (_("no default secret keyring: %s\n"), gpg_strerror (rc));
920
return GPG_ERR_GENERAL;
922
rc = keydb_insert_keyblock (hd, keyblock );
924
log_error (_("error writing keyring `%s': %s\n"),
925
keydb_get_resource_name (hd), gpg_strerror (rc) );
929
log_info( _("key %08lX: secret key imported\n"), (ulong)keyid[1]);
930
stats->secret_imported++;
931
if (is_status_enabled ())
932
print_import_ok (NULL, sk, 1|16);
934
if(options&IMPORT_SK2PK)
936
/* Try and make a public key out of this. */
938
KBNODE pub_keyblock=sec_to_pub_keyblock(keyblock);
939
import_one(fname,pub_keyblock,stats,opt.import_options);
940
release_kbnode(pub_keyblock);
944
else if( !rc ) { /* we can't merge secret keys */
945
log_error( _("key %08lX: already in secret keyring\n"),
947
stats->secret_dups++;
948
if (is_status_enabled ())
949
print_import_ok (NULL, sk, 16);
951
/* TODO: if we ever do merge secret keys, make sure to handle
952
the sec_to_pub_keyblock feature as well. */
955
log_error( _("key %08lX: secret key not found: %s\n"),
956
(ulong)keyid[1], gpg_strerror (rc));
963
* Import a revocation certificate; this is a single signature packet.
966
import_revoke_cert( const char *fname, KBNODE node, struct stats_s *stats )
968
PKT_public_key *pk=NULL;
969
KBNODE onode, keyblock = NULL;
970
KEYDB_HANDLE hd = NULL;
974
assert( !node->next );
975
assert( node->pkt->pkttype == PKT_SIGNATURE );
976
assert( node->pkt->pkt.signature->sig_class == 0x20 );
978
keyid[0] = node->pkt->pkt.signature->keyid[0];
979
keyid[1] = node->pkt->pkt.signature->keyid[1];
981
pk = xcalloc (1, sizeof *pk );
982
rc = get_pubkey( pk, keyid );
983
if( gpg_err_code (rc) == GPG_ERR_NO_PUBKEY ) {
984
log_error ( _("key %08lX: no public key - "
985
"can't apply revocation certificate\n"), (ulong)keyid[1]);
990
log_error( _("key %08lX: public key not found: %s\n"),
991
(ulong)keyid[1], gpg_strerror (rc));
995
/* read the original keyblock */
998
byte afp[MAX_FINGERPRINT_LEN];
1001
fingerprint_from_pk (pk, afp, &an);
1002
while (an < MAX_FINGERPRINT_LEN)
1004
rc = keydb_search_fpr (hd, afp);
1007
log_error (_("key %08lX: can't locate original keyblock: %s\n"),
1008
(ulong)keyid[1], gpg_strerror (rc));
1011
rc = keydb_get_keyblock (hd, &keyblock );
1013
log_error (_("key %08lX: can't read original keyblock: %s\n"),
1014
(ulong)keyid[1], gpg_strerror (rc));
1019
/* it is okay, that node is not in keyblock because
1020
* check_key_signature works fine for sig_class 0x20 in this
1022
rc = check_key_signature( keyblock, node, NULL);
1024
log_error( _("key %08lX: invalid revocation certificate"
1025
": %s - rejected\n"), (ulong)keyid[1], gpg_strerror (rc));
1030
/* check whether we already have this */
1031
for(onode=keyblock->next; onode; onode=onode->next ) {
1032
if( onode->pkt->pkttype == PKT_USER_ID )
1034
else if( onode->pkt->pkttype == PKT_SIGNATURE
1035
&& !cmp_signatures(node->pkt->pkt.signature,
1036
onode->pkt->pkt.signature))
1039
goto leave; /* yes, we already know about it */
1045
insert_kbnode( keyblock, clone_kbnode(node), 0 );
1047
/* and write the keyblock back */
1048
rc = keydb_update_keyblock (hd, keyblock );
1050
log_error (_("error writing keyring `%s': %s\n"),
1051
keydb_get_resource_name (hd), gpg_strerror (rc) );
1052
keydb_release (hd); hd = NULL;
1055
char *p=get_user_id_printable (keyid);
1056
log_info( _("key %08lX: \"%s\" revocation certificate imported\n"),
1062
/* If the key we just revoked was ultimately trusted, remove its
1063
ultimate trust. This doesn't stop the user from putting the
1064
ultimate trust back, but is a reasonable solution for now. */
1065
if(get_ownertrust(pk)==TRUST_ULTIMATE)
1066
clear_ownertrusts(pk);
1068
revalidation_mark ();
1072
release_kbnode( keyblock );
1073
free_public_key( pk );
1079
* loop over the keyblock and check all self signatures.
1080
* Mark all user-ids with a self-signature by setting flag bit 0.
1081
* Mark all user-ids with an invalid self-signature by setting bit 1.
1082
* This works also for subkeys, here the subkey is marked. Invalid or
1083
* extra subkey sigs (binding or revocation) are marked for deletion.
1084
* non_self is set to true if there are any sigs other than self-sigs
1088
chk_self_sigs( const char *fname, KBNODE keyblock,
1089
PKT_public_key *pk, u32 *keyid, int *non_self )
1091
KBNODE n,knode=NULL;
1094
u32 bsdate=0,rsdate=0;
1095
KBNODE bsnode=NULL,rsnode=NULL;
1097
for( n=keyblock; (n = find_next_kbnode(n, 0)); ) {
1098
if(n->pkt->pkttype==PKT_PUBLIC_SUBKEY)
1107
else if( n->pkt->pkttype != PKT_SIGNATURE )
1109
sig = n->pkt->pkt.signature;
1110
if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] ) {
1112
/* This just caches the sigs for later use. That way we
1113
import a fully-cached key which speeds things up. */
1114
if(!opt.no_sig_cache)
1115
check_key_signature(keyblock,n,NULL);
1117
if( (sig->sig_class&~3) == 0x10 ) {
1118
KBNODE unode = find_prev_kbnode( keyblock, n, PKT_USER_ID );
1120
log_error( _("key %08lX: no user ID for signature\n"),
1122
return -1; /* the complete keyblock is invalid */
1125
/* If it hasn't been marked valid yet, keep trying */
1126
if(!(unode->flag&1)) {
1127
rc = check_key_signature( keyblock, n, NULL);
1132
char *p=utf8_to_native(unode->pkt->pkt.user_id->name,
1133
strlen(unode->pkt->pkt.user_id->name),0);
1134
log_info( gpg_err_code (rc) == GPG_ERR_PUBKEY_ALGO ?
1135
_("key %08lX: unsupported public key "
1136
"algorithm on user id \"%s\"\n"):
1137
_("key %08lX: invalid self-signature "
1138
"on user id \"%s\"\n"),
1144
unode->flag |= 1; /* mark that signature checked */
1147
else if( sig->sig_class == 0x18 ) {
1148
/* Note that this works based solely on the timestamps
1149
like the rest of gpg. If the standard gets
1150
revocation targets, this may need to be revised. */
1155
log_info( _("key %08lX: no subkey for subkey "
1156
"binding signature\n"),(ulong)keyid[1]);
1157
n->flag |= 4; /* delete this */
1161
rc = check_key_signature( keyblock, n, NULL);
1165
log_info( gpg_err_code (rc) == GPG_ERR_PUBKEY_ALGO ?
1166
_("key %08lX: unsupported public key algorithm\n"):
1167
_("key %08lX: invalid subkey binding\n"),
1173
/* It's valid, so is it newer? */
1174
if(sig->timestamp>=bsdate)
1176
knode->flag |= 1; /* the subkey is valid */
1179
bsnode->flag|=4; /* Delete the last binding
1180
sig since this one is
1183
log_info(_("key %08lX: removed multiple "
1184
"subkey binding\n"),
1189
bsdate=sig->timestamp;
1192
n->flag|=4; /* older */
1196
else if( sig->sig_class == 0x28 ) {
1197
/* We don't actually mark the subkey as revoked right
1198
now, so just check that the revocation sig is the
1199
most recent valid one. Note that we don't care if
1200
the binding sig is newer than the revocation sig.
1201
See the comment in getkey.c:merge_selfsigs_subkey for
1205
log_info( _("key %08lX: no subkey for subkey "
1206
"revocation signature\n"),(ulong)keyid[1]);
1207
n->flag |= 4; /* delete this */
1210
rc = check_key_signature( keyblock, n, NULL);
1213
log_info( gpg_err_code (rc) == GPG_ERR_PUBKEY_ALGO ?
1214
_("key %08lX: unsupported public key algorithm\n"):
1215
_("key %08lX: invalid subkey revocation\n"),
1220
/* It's valid, so is it newer? */
1221
if(sig->timestamp>=rsdate) {
1223
rsnode->flag|=4; /* Delete the last revocation
1224
sig since this one is
1227
log_info(_("key %08lX: removed multiple subkey "
1228
"revocation signatures\n"),
1233
rsdate=sig->timestamp;
1236
n->flag|=4; /* older */
1249
* delete all parts which are invalid and those signatures whose
1250
* public key algorithm is not available in this implemenation;
1251
* but consider RSA as valid, because parse/build_packets knows
1253
* returns: true if at least one valid user-id is left over.
1256
delete_inv_parts( const char *fname, KBNODE keyblock,
1257
u32 *keyid, unsigned int options)
1260
int nvalid=0, uid_seen=0, subkey_seen=0;
1262
for(node=keyblock->next; node; node = node->next ) {
1263
if( node->pkt->pkttype == PKT_USER_ID ) {
1265
if( (node->flag & 2) || !(node->flag & 1) ) {
1267
log_info( _("key %08lX: skipped user ID '"),
1269
print_utf8_string( stderr, node->pkt->pkt.user_id->name,
1270
node->pkt->pkt.user_id->len );
1271
fputs("'\n", stderr );
1273
delete_kbnode( node ); /* the user-id */
1274
/* and all following packets up to the next user-id */
1276
&& node->next->pkt->pkttype != PKT_USER_ID
1277
&& node->next->pkt->pkttype != PKT_PUBLIC_SUBKEY
1278
&& node->next->pkt->pkttype != PKT_SECRET_SUBKEY ){
1279
delete_kbnode( node->next );
1286
else if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY
1287
|| node->pkt->pkttype == PKT_SECRET_SUBKEY ) {
1288
if( (node->flag & 2) || !(node->flag & 1) ) {
1290
log_info( _("key %08lX: skipped subkey\n"),
1293
delete_kbnode( node ); /* the subkey */
1294
/* and all following signature packets */
1296
&& node->next->pkt->pkttype == PKT_SIGNATURE ) {
1297
delete_kbnode( node->next );
1304
else if( node->pkt->pkttype == PKT_SIGNATURE
1305
&& openpgp_pk_test_algo( node->pkt->pkt.signature
1307
&& node->pkt->pkt.signature->pubkey_algo != PUBKEY_ALGO_RSA )
1308
delete_kbnode( node ); /* build_packet() can't handle this */
1309
else if( node->pkt->pkttype == PKT_SIGNATURE &&
1310
!node->pkt->pkt.signature->flags.exportable &&
1311
!(options&IMPORT_ALLOW_LOCAL_SIGS) &&
1312
seckey_available( node->pkt->pkt.signature->keyid ) ) {
1313
/* Here we violate the rfc a bit by still allowing
1314
* to import non-exportable signature when we have the
1315
* the secret key used to create this signature - it
1316
* seems that this makes sense. */
1318
log_info( _("key %08lX: non exportable signature "
1319
"(class %02x) - skipped\n"),
1321
node->pkt->pkt.signature->sig_class );
1322
delete_kbnode( node );
1324
else if( node->pkt->pkttype == PKT_SIGNATURE
1325
&& node->pkt->pkt.signature->sig_class == 0x20 ) {
1328
log_error( _("key %08lX: revocation certificate "
1329
"at wrong place - skipped\n"),
1331
delete_kbnode( node );
1334
/* If the revocation cert is from a different key than
1335
the one we're working on don't check it - it's
1336
probably from a revocation key and won't be
1337
verifiable with this key anyway. */
1339
if(node->pkt->pkt.signature->keyid[0]==keyid[0] &&
1340
node->pkt->pkt.signature->keyid[1]==keyid[1])
1342
int rc = check_key_signature( keyblock, node, NULL);
1346
log_info ( _("key %08lX: invalid revocation "
1347
"certificate: %s - skipped\n"),
1348
(ulong)keyid[1], gpg_strerror (rc));
1349
delete_kbnode( node );
1354
else if( node->pkt->pkttype == PKT_SIGNATURE &&
1355
(node->pkt->pkt.signature->sig_class == 0x18 ||
1356
node->pkt->pkt.signature->sig_class == 0x28) &&
1359
log_info ( _("key %08lX: subkey signature "
1360
"in wrong place - skipped\n"),
1362
delete_kbnode( node );
1364
else if( node->pkt->pkttype == PKT_SIGNATURE
1365
&& !IS_CERT(node->pkt->pkt.signature))
1368
log_info (_("key %08lX: unexpected signature class (0x%02X) -"
1369
" skipped\n"),(ulong)keyid[1],
1370
node->pkt->pkt.signature->sig_class);
1371
delete_kbnode(node);
1373
else if( (node->flag & 4) ) /* marked for deletion */
1374
delete_kbnode( node );
1377
/* note: because keyblock is the public key, it is never marked
1378
* for deletion and so keyblock cannot change */
1379
commit_kbnode( &keyblock );
1385
* It may happen that the imported keyblock has duplicated user IDs.
1386
* We check this here and collapse those user IDs together with their
1388
* Returns: True if the keyblock hash changed.
1391
collapse_uids( KBNODE *keyblock )
1399
for( n = *keyblock; n; n = n->next ) {
1400
if( n->pkt->pkttype != PKT_USER_ID )
1402
for( n2 = n->next; n2; n2 = n2->next ) {
1403
if( n2->pkt->pkttype == PKT_USER_ID
1404
&& !cmp_user_ids( n->pkt->pkt.user_id,
1405
n2->pkt->pkt.user_id ) ) {
1406
/* found a duplicate */
1409
|| n2->next->pkt->pkttype == PKT_USER_ID
1410
|| n2->next->pkt->pkttype == PKT_PUBLIC_SUBKEY
1411
|| n2->next->pkt->pkttype == PKT_SECRET_SUBKEY ) {
1412
/* no more signatures: delete the user ID
1414
remove_kbnode( keyblock, n2 );
1417
/* The simple approach: Move one signature and
1418
* then start over to delete the next one :-( */
1419
move_kbnode( keyblock, n2->next, n->next );
1429
/* now we may have duplicate signatures on one user ID: fix this */
1430
for( in_uid = 0, n = *keyblock; n; n = n->next ) {
1431
if( n->pkt->pkttype == PKT_USER_ID )
1433
else if( n->pkt->pkttype == PKT_PUBLIC_SUBKEY
1434
|| n->pkt->pkttype == PKT_SECRET_SUBKEY )
1440
for( ; n2; n2 = n2->next ) {
1441
if( n2->pkt->pkttype == PKT_USER_ID
1442
|| n2->pkt->pkttype == PKT_PUBLIC_SUBKEY
1443
|| n2->pkt->pkttype == PKT_SECRET_SUBKEY )
1445
if( n2->pkt->pkttype != PKT_SIGNATURE )
1449
else if( !cmp_signatures( ncmp->pkt->pkt.signature,
1450
n2->pkt->pkt.signature )) {
1451
remove_kbnode( keyblock, n2 );
1455
n2 = ncmp? ncmp->next : NULL;
1460
if( (n = find_kbnode( *keyblock, PKT_PUBLIC_KEY )) )
1461
kid1 = keyid_from_pk( n->pkt->pkt.public_key, NULL );
1462
else if( (n = find_kbnode( *keyblock, PKT_SECRET_KEY )) )
1463
kid1 = keyid_from_sk( n->pkt->pkt.secret_key, NULL );
1467
log_info (_("key %08lX: duplicated user ID detected - merged\n"),
1473
/* Check for a 0x20 revocation from a revocation key that is not
1474
present. This gets called without the benefit of merge_xxxx so you
1475
can't rely on pk->revkey and friends. */
1477
revocation_present(KBNODE keyblock)
1480
PKT_public_key *pk=keyblock->pkt->pkt.public_key;
1482
for(onode=keyblock->next;onode;onode=onode->next)
1484
/* If we reach user IDs, we're done. */
1485
if(onode->pkt->pkttype==PKT_USER_ID)
1488
if(onode->pkt->pkttype==PKT_SIGNATURE &&
1489
onode->pkt->pkt.signature->sig_class==0x1F &&
1490
onode->pkt->pkt.signature->revkey)
1493
PKT_signature *sig=onode->pkt->pkt.signature;
1495
for(idx=0;idx<sig->numrevkeys;idx++)
1499
keyid_from_fingerprint(sig->revkey[idx]->fpr,
1500
MAX_FINGERPRINT_LEN,keyid);
1502
for(inode=keyblock->next;inode;inode=inode->next)
1504
/* If we reach user IDs, we're done. */
1505
if(inode->pkt->pkttype==PKT_USER_ID)
1508
if(inode->pkt->pkttype==PKT_SIGNATURE &&
1509
inode->pkt->pkt.signature->sig_class==0x20 &&
1510
inode->pkt->pkt.signature->keyid[0]==keyid[0] &&
1511
inode->pkt->pkt.signature->keyid[1]==keyid[1])
1513
/* Okay, we have a revocation key, and a
1514
revocation issued by it. Do we have the key
1518
rc=get_pubkey_byfprint_fast (NULL,sig->revkey[idx]->fpr,
1519
MAX_FINGERPRINT_LEN);
1520
if ( gpg_err_code (rc) == GPG_ERR_NO_PUBKEY
1521
|| gpg_err_code (rc) == GPG_ERR_UNUSABLE_PUBKEY)
1523
/* No, so try and get it */
1524
if(opt.keyserver_scheme &&
1525
opt.keyserver_options.auto_key_retrieve)
1527
log_info(_("WARNING: key %08lX may be revoked: "
1528
"fetching revocation key %08lX\n"),
1529
(ulong)keyid_from_pk(pk,NULL),
1531
keyserver_import_fprint(sig->revkey[idx]->fpr,
1532
MAX_FINGERPRINT_LEN);
1534
/* Do we have it now? */
1535
rc=get_pubkey_byfprint_fast (NULL,
1536
sig->revkey[idx]->fpr,
1537
MAX_FINGERPRINT_LEN);
1540
if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY
1541
|| gpg_err_code (rc) == GPG_ERR_UNUSABLE_PUBKEY)
1542
log_info(_("WARNING: key %08lX may be revoked: "
1543
"revocation key %08lX not present.\n"),
1544
(ulong)keyid_from_pk(pk,NULL),
1555
* compare and merge the blocks
1557
* o compare the signatures: If we already have this signature, check
1558
* that they compare okay; if not, issue a warning and ask the user.
1559
* o Simply add the signature. Can't verify here because we may not have
1560
* the signature's public key yet; verification is done when putting it
1561
* into the trustdb, which is done automagically as soon as this pubkey
1563
* Note: We indicate newly inserted packets with flag bit 0
1566
merge_blocks( const char *fname, KBNODE keyblock_orig, KBNODE keyblock,
1567
u32 *keyid, int *n_uids, int *n_sigs, int *n_subk )
1572
/* 1st: handle revocation certificates */
1573
for(node=keyblock->next; node; node=node->next ) {
1574
if( node->pkt->pkttype == PKT_USER_ID )
1576
else if( node->pkt->pkttype == PKT_SIGNATURE
1577
&& node->pkt->pkt.signature->sig_class == 0x20 ) {
1578
/* check whether we already have this */
1580
for(onode=keyblock_orig->next; onode; onode=onode->next ) {
1581
if( onode->pkt->pkttype == PKT_USER_ID )
1583
else if( onode->pkt->pkttype == PKT_SIGNATURE
1584
&& onode->pkt->pkt.signature->sig_class == 0x20
1585
&& !cmp_signatures(onode->pkt->pkt.signature,
1586
node->pkt->pkt.signature))
1593
KBNODE n2 = clone_kbnode(node);
1594
insert_kbnode( keyblock_orig, n2, 0 );
1600
char *p=get_user_id_printable (keyid);
1601
log_info(_("key %08lX: \"%s\" "
1602
"revocation certificate added\n"),
1610
/* 2nd: merge in any direct key (0x1F) sigs */
1611
for(node=keyblock->next; node; node=node->next ) {
1612
if( node->pkt->pkttype == PKT_USER_ID )
1614
else if( node->pkt->pkttype == PKT_SIGNATURE
1615
&& node->pkt->pkt.signature->sig_class == 0x1F ) {
1616
/* check whether we already have this */
1618
for(onode=keyblock_orig->next; onode; onode=onode->next ) {
1619
if( onode->pkt->pkttype == PKT_USER_ID )
1621
else if( onode->pkt->pkttype == PKT_SIGNATURE
1622
&& onode->pkt->pkt.signature->sig_class == 0x1F
1623
&& !cmp_signatures(onode->pkt->pkt.signature,
1624
node->pkt->pkt.signature)) {
1630
KBNODE n2 = clone_kbnode(node);
1631
insert_kbnode( keyblock_orig, n2, 0 );
1635
log_info( _("key %08lX: direct key signature added\n"),
1641
/* 3rd: try to merge new certificates in */
1642
for(onode=keyblock_orig->next; onode; onode=onode->next ) {
1643
if( !(onode->flag & 1) && onode->pkt->pkttype == PKT_USER_ID) {
1644
/* find the user id in the imported keyblock */
1645
for(node=keyblock->next; node; node=node->next )
1646
if( node->pkt->pkttype == PKT_USER_ID
1647
&& !cmp_user_ids( onode->pkt->pkt.user_id,
1648
node->pkt->pkt.user_id ) )
1650
if( node ) { /* found: merge */
1651
rc = merge_sigs( onode, node, n_sigs, fname, keyid );
1658
/* 4th: add new user-ids */
1659
for(node=keyblock->next; node; node=node->next ) {
1660
if( node->pkt->pkttype == PKT_USER_ID) {
1661
/* do we have this in the original keyblock */
1662
for(onode=keyblock_orig->next; onode; onode=onode->next )
1663
if( onode->pkt->pkttype == PKT_USER_ID
1664
&& !cmp_user_ids( onode->pkt->pkt.user_id,
1665
node->pkt->pkt.user_id ) )
1667
if( !onode ) { /* this is a new user id: append */
1668
rc = append_uid( keyblock_orig, node, n_sigs, fname, keyid);
1676
/* 5th: add new subkeys */
1677
for(node=keyblock->next; node; node=node->next ) {
1679
if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
1680
/* do we have this in the original keyblock? */
1681
for(onode=keyblock_orig->next; onode; onode=onode->next )
1682
if( onode->pkt->pkttype == PKT_PUBLIC_SUBKEY
1683
&& !cmp_public_keys( onode->pkt->pkt.public_key,
1684
node->pkt->pkt.public_key ) )
1686
if( !onode ) { /* this is a new subkey: append */
1687
rc = append_key( keyblock_orig, node, n_sigs, fname, keyid);
1693
else if( node->pkt->pkttype == PKT_SECRET_SUBKEY ) {
1694
/* do we have this in the original keyblock? */
1695
for(onode=keyblock_orig->next; onode; onode=onode->next )
1696
if( onode->pkt->pkttype == PKT_SECRET_SUBKEY
1697
&& !cmp_secret_keys( onode->pkt->pkt.secret_key,
1698
node->pkt->pkt.secret_key ) )
1700
if( !onode ) { /* this is a new subkey: append */
1701
rc = append_key( keyblock_orig, node, n_sigs, fname, keyid);
1709
/* 6th: merge subkey certificates */
1710
for(onode=keyblock_orig->next; onode; onode=onode->next ) {
1711
if( !(onode->flag & 1)
1712
&& ( onode->pkt->pkttype == PKT_PUBLIC_SUBKEY
1713
|| onode->pkt->pkttype == PKT_SECRET_SUBKEY) ) {
1714
/* find the subkey in the imported keyblock */
1715
for(node=keyblock->next; node; node=node->next ) {
1716
if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY
1717
&& !cmp_public_keys( onode->pkt->pkt.public_key,
1718
node->pkt->pkt.public_key ) )
1720
else if( node->pkt->pkttype == PKT_SECRET_SUBKEY
1721
&& !cmp_secret_keys( onode->pkt->pkt.secret_key,
1722
node->pkt->pkt.secret_key ) )
1725
if( node ) { /* found: merge */
1726
rc = merge_keysigs( onode, node, n_sigs, fname, keyid );
1739
* append the userid starting with NODE and all signatures to KEYBLOCK.
1742
append_uid( KBNODE keyblock, KBNODE node, int *n_sigs,
1743
const char *fname, u32 *keyid )
1745
KBNODE n, n_where=NULL;
1747
assert(node->pkt->pkttype == PKT_USER_ID );
1749
/* find the position */
1750
for( n = keyblock; n; n_where = n, n = n->next ) {
1751
if( n->pkt->pkttype == PKT_PUBLIC_SUBKEY
1752
|| n->pkt->pkttype == PKT_SECRET_SUBKEY )
1758
/* and append/insert */
1760
/* we add a clone to the original keyblock, because this
1761
* one is released first */
1762
n = clone_kbnode(node);
1764
insert_kbnode( n_where, n, 0 );
1768
add_kbnode( keyblock, n );
1771
if( n->pkt->pkttype == PKT_SIGNATURE )
1775
if( node && node->pkt->pkttype != PKT_SIGNATURE )
1784
* Merge the sigs from SRC onto DST. SRC and DST are both a PKT_USER_ID.
1785
* (how should we handle comment packets here?)
1788
merge_sigs( KBNODE dst, KBNODE src, int *n_sigs,
1789
const char *fname, u32 *keyid )
1794
assert(dst->pkt->pkttype == PKT_USER_ID );
1795
assert(src->pkt->pkttype == PKT_USER_ID );
1797
for(n=src->next; n && n->pkt->pkttype != PKT_USER_ID; n = n->next ) {
1798
if( n->pkt->pkttype != PKT_SIGNATURE )
1800
if( n->pkt->pkt.signature->sig_class == 0x18
1801
|| n->pkt->pkt.signature->sig_class == 0x28 )
1802
continue; /* skip signatures which are only valid on subkeys */
1804
for(n2=dst->next; n2 && n2->pkt->pkttype != PKT_USER_ID; n2 = n2->next)
1805
if(!cmp_signatures(n->pkt->pkt.signature,n2->pkt->pkt.signature))
1811
/* This signature is new or newer, append N to DST.
1812
* We add a clone to the original keyblock, because this
1813
* one is released first */
1814
n2 = clone_kbnode(n);
1815
insert_kbnode( dst, n2, PKT_SIGNATURE );
1826
* Merge the sigs from SRC onto DST. SRC and DST are both a PKT_xxx_SUBKEY.
1829
merge_keysigs( KBNODE dst, KBNODE src, int *n_sigs,
1830
const char *fname, u32 *keyid )
1835
assert( dst->pkt->pkttype == PKT_PUBLIC_SUBKEY
1836
|| dst->pkt->pkttype == PKT_SECRET_SUBKEY );
1838
for(n=src->next; n ; n = n->next ) {
1839
if( n->pkt->pkttype == PKT_PUBLIC_SUBKEY
1840
|| n->pkt->pkttype == PKT_PUBLIC_KEY )
1842
if( n->pkt->pkttype != PKT_SIGNATURE )
1845
for(n2=dst->next; n2; n2 = n2->next){
1846
if( n2->pkt->pkttype == PKT_PUBLIC_SUBKEY
1847
|| n2->pkt->pkttype == PKT_PUBLIC_KEY )
1849
if( n2->pkt->pkttype == PKT_SIGNATURE
1850
&& n->pkt->pkt.signature->keyid[0]
1851
== n2->pkt->pkt.signature->keyid[0]
1852
&& n->pkt->pkt.signature->keyid[1]
1853
== n2->pkt->pkt.signature->keyid[1]
1854
&& n->pkt->pkt.signature->timestamp
1855
<= n2->pkt->pkt.signature->timestamp
1856
&& n->pkt->pkt.signature->sig_class
1857
== n2->pkt->pkt.signature->sig_class ) {
1863
/* This signature is new or newer, append N to DST.
1864
* We add a clone to the original keyblock, because this
1865
* one is released first */
1866
n2 = clone_kbnode(n);
1867
insert_kbnode( dst, n2, PKT_SIGNATURE );
1878
* append the subkey starting with NODE and all signatures to KEYBLOCK.
1879
* Mark all new and copied packets by setting flag bit 0.
1882
append_key( KBNODE keyblock, KBNODE node, int *n_sigs,
1883
const char *fname, u32 *keyid )
1887
assert( node->pkt->pkttype == PKT_PUBLIC_SUBKEY
1888
|| node->pkt->pkttype == PKT_SECRET_SUBKEY );
1891
/* we add a clone to the original keyblock, because this
1892
* one is released first */
1893
n = clone_kbnode(node);
1894
add_kbnode( keyblock, n );
1897
if( n->pkt->pkttype == PKT_SIGNATURE )
1901
if( node && node->pkt->pkttype != PKT_SIGNATURE )