dvn
/
pEpEngine
forked from pEp.foundation/pEpEngine
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
dvn/ci-parallel
dvn/ci-testsuite
Release_2.1
dvn/ci-faster
CI-CD
master
ENGINE-822
ENGINE-847
ENGINE-864
doxygen_doc
mime-integrate
ENGINE-877
tracing_for_thomas
trustsync
tunneling
test-huss-hypothesis-42
test_diphoton
thomas_timing_tests
sync_and_key_reset
sync_test_refactor
test-README.md
sync
sync-test-dev
signature_test
spinlock_remove
strl-imp
sequoia
sequoia_windows
short_term_is_own_key_branch
sender-fpr-and-friends
sender-fpr-checks
reduce
remove_gpg
rok-mac
roker-linux
preview_rating
ratings
pEpMIME_windows
peg-mime
postrelease
outlook_mime_support
pEpMIME
notifyHandshake
nuanced_return_codes
null_size_attachment
neal-sequoia-update-staging
neal/tpk-cache
merge_ll_sign_only
message-2.0
mistrust_fixes
make-cleanup
local_cmocka
local_cpptest
maintain
krista_temp
krista_tmp_sequoia_upgrade
krista-temp
krista_local_windows
krista-local-7-Jan-2020
krista-netpgp-sync
keysync
keysync-windows
install_headers
key-manipulation-tests
key_reset_get_revocations
import_own_key
import_priv_keys_fix
grind_and_cleanup
group_key_reset
import_key_2.1
google-ENGINE-325-testing
googletest
gpgme-1.9.0
gpgme_passphrase_cb
gen_sample
generate_api
gnupg-2.1
fdik_sync
fixing_revoke
fpr-format-check
enigmail-color-tests
enigmail_tests_pre_revision_2535
extra_keys_add
elevated_attachments
email_comparison
doc_update_sequoia
doxygen-key-id
el_presidente
default-3
delete_key
diphoton_M1
debian_default_test
default-1
default-2
b0rken_crypto
beacon_test
changeset_add
database_change_branch
async_key_management
audit_branch
Xcode-sync-session
Xcode11
add_key_notification
android-stuff
Release_1_branch_deprecated
Release_2.1.0
JNI-21
JNI-26
KeySyncWaitForAccept
NETPGP-18
IOSAD-161
IOSAD-163
IOSAD-182
IOSAD-186
JIRA_smart_commit_test_branch
IOSAD-101
IOSAD-103
IOSAD-111
IOSAD-120
IOS-2414
IOS-506
IOS-BUILD_NDEBUG_FIX
IOS-1484
IOS-1576
IOS-1784
IOS-1942
IOS-2327
ENGINE_314
GroupMerge
IOS-1351
IOS-1482
ENGINE-9-1
ENGINE-92
ENGINE-95
ENGINE-96
ENGINE-98
ENGINE-864_old
ENGINE-870
ENGINE-871
ENGINE-872
ENGINE-9
ENGINE-835
ENGINE-84
ENGINE-812
ENGINE-822-sql-refactor
ENGINE-781
ENGINE-79
ENGINE-746
ENGINE-750
ENGINE-751
ENGINE-757
ENGINE-764
ENGINE-767
ENGINE-780
ENGINE-780-take2
ENGINE-74
ENGINE-720
ENGINE-73
ENGINE-736
ENGINE-647
ENGINE-649
ENGINE-654
ENGINE-655
ENGINE-659-gpg
ENGINE-681
ENGINE-703
ENGINE-633
ENGINE-638
ENGINE-639
ENGINE-641
ENGINE-600
ENGINE-602
ENGINE-614
ENGINE-630
ENGINE-553
ENGINE-559
ENGINE-571
ENGINE-581
ENGINE-596
ENGINE-531
ENGINE-536
ENGINE-540
ENGINE-544
ENGINE-550
ENGINE-551
ENGINE-552
ENGINE-507
ENGINE-510
ENGINE-514
ENGINE-524
ENGINE-472
ENGINE-473
ENGINE-474
ENGINE-479
ENGINE-479_low_level
ENGINE-487
ENGINE-451
ENGINE-454
ENGINE-455
ENGINE-459
ENGINE-463
ENGINE-466
ENGINE-467
ENGINE-434
ENGINE-440
ENGINE-442
ENGINE-448
ENGINE-450
ENGINE-450-MARK-II
ENGINE-420
ENGINE-422
ENGINE-423
ENGINE-425
ENGINE-427
ENGINE-430
ENGINE-400
ENGINE-402
ENGINE-407
ENGINE-329
ENGINE-332
ENGINE-339
ENGINE-352
ENGINE-358
ENGINE-398
ENGINE-40
ENGINE-321
ENGINE-322
ENGINE-325
ENGINE-3
ENGINE-305
ENGINE-308
ENGINE-320
ENGINE-320-lr1
ENGINE-286
ENGINE-287
ENGINE-288
ENGINE-289
ENGINE-290
ENGINE-293
ENGINE-294
ENGINE-298
ENGINE-265
ENGINE-27
ENGINE-275
ENGINE-282
ENGINE-237
ENGINE-238
ENGINE-247
ENGINE-250
ENGINE-251
ENGINE-254
ENGINE-255
ENGINE-259
ENGINE-261
ENGINE-262
ENGINE-214
ENGINE-215
ENGINE-217
ENGINE-226
ENGINE-228
ENGINE-229
ENGINE-233
ENGINE-187
ENGINE-188
ENGINE-189
ENGINE-198
ENGINE-199
ENGINE-204
ENGINE-207
ENGINE-207-1
ENGINE-209
ENGINE-171
ENGINE-172
ENGINE-173
ENGINE-174
ENGINE-178
ENGINE-179
ENGINE-180
ENGINE-183
ENGINE-140_exclude_identity_from_sync
ENGINE-142
ENGINE-152
ENGINE-155
ENGINE-157
ENGINE-168
ENGINE-135
ENGINE-137
ENGINE-139
ENGINE-140
ENGINE-140-reloaded
ENGINE-107
ENGINE-109
ENGINE-112
ENGINE-118
ENGINE-128
ENGINE-129
ENGINE-133
633-up-id-refactor
AllGroupDevicesShowHandshake
ENGINE-1
ENGINE-105
2.0.5_p4a_log_test
2028_fix
Release_3.2.0-RC7
undo-the-incompatible-change-in-ENGINE-959
decrypt_message_2
after-incompatible-change-in-ENGINE-959
before-incompatible-change-in-ENGINE-959
Release_3.2.0-RC6
Release_3.2.0-RC5
Release_2.1.50
Release_3.2.0-RC4
Release_3.2.0-RC3
Release_3.2.0-RC2
Release_3.2.0-RC1
Release_2.1.49
Release_2.1.48
Release_2.1.47
Release_2.1.46
Release_2.1.45
Release_3.1.3
Release_2.1.44
Release_2.1.43
Release_3.1.2
Release_3.1.1
Release_2.1.42
Release_3.1.0
Release_2.1.41
Release_2.1.40
archive/ENGINE-633
Release_2.1.39
Release_2.1.38
Release_2.1.37
0.7
0.7.0
0.8.0
0.9.0_release
1.3.0-RC-default
1.3.0-RC-sync
2.0.0-RC
2.0.1_target
2.1.0_target
ENGINE-323_fixed
ENGINE-864
Last_commit_in_old_default_branch_-_branch_now_moves_to_Release_1_branch_deprecated._Goal_is_to_move_postrelease_to_default_and_continue_with_new_release/branching_rules_
M1.0_current
Patch_release_1.0.442
Release_0.0.1
Release_1.0.441
Release_1.1.0
Release_1.1.1
Release_1.1.2
Release_1.2.0
Release_2.0.0
Release_2.0.1
Release_2.0.2
Release_2.0.3
Release_2.0.4
Release_2.0.5
Release_2.0.6
Release_2.1.0
Release_2.1.0-RC0
Release_2.1.0-RC1
Release_2.1.0-RC10
Release_2.1.0-RC11
Release_2.1.0-RC12
Release_2.1.0-RC13
Release_2.1.0-RC14
Release_2.1.0-RC15
Release_2.1.0-RC16
Release_2.1.0-RC17
Release_2.1.0-RC18
Release_2.1.0-RC19
Release_2.1.0-RC2
Release_2.1.0-RC20
Release_2.1.0-RC21
Release_2.1.0-RC22
Release_2.1.0-RC23
Release_2.1.0-RC24
Release_2.1.0-RC25
Release_2.1.0-RC26
Release_2.1.0-RC27
Release_2.1.0-RC28
Release_2.1.0-RC29
Release_2.1.0-RC3
Release_2.1.0-RC30
Release_2.1.0-RC31
Release_2.1.0-RC32
Release_2.1.0-RC33
Release_2.1.0-RC34
Release_2.1.0-RC35
Release_2.1.0-RC36
Release_2.1.0-RC37
Release_2.1.0-RC38
Release_2.1.0-RC39
Release_2.1.0-RC4
Release_2.1.0-RC5
Release_2.1.0-RC6
Release_2.1.0-RC7
Release_2.1.0-RC8
Release_2.1.0-RC9
Release_2.1.0-final
Release_2.1.1
Release_2.1.10
Release_2.1.11
Release_2.1.12
Release_2.1.13
Release_2.1.14
Release_2.1.15
Release_2.1.16
Release_2.1.17
Release_2.1.18
Release_2.1.19
Release_2.1.2
Release_2.1.20
Release_2.1.21
Release_2.1.22
Release_2.1.23
Release_2.1.24
Release_2.1.25
Release_2.1.26
Release_2.1.27
Release_2.1.28
Release_2.1.29
Release_2.1.3
Release_2.1.30
Release_2.1.31
Release_2.1.32
Release_2.1.33
Release_2.1.34
Release_2.1.35
Release_2.1.36
Release_2.1.4
Release_2.1.5
Release_2.1.6
Release_2.1.7
Release_2.1.8
Release_2.1.9
Release_2.2.0-RC0
Release_3.1.4
Release_zOS_0.1
Restarting_default_from_postrelease
Revived_default_branch._Close_postrelease_and_work_here._sync_is_2.0_branch_
TEST_ENGINE-814_1
add
archive/2.0.5_p4a_log_test
archive/2028_fix
archive/633-up-id-refactor
archive/AllGroupDevicesShowHandshake
archive/ENGINE-1
archive/ENGINE-105
archive/ENGINE-107
archive/ENGINE-109
archive/ENGINE-112
archive/ENGINE-118
archive/ENGINE-128
archive/ENGINE-129
archive/ENGINE-133
archive/ENGINE-135
archive/ENGINE-137
archive/ENGINE-139
archive/ENGINE-140
archive/ENGINE-140-reloaded
archive/ENGINE-140_exclude_identity_from_sync
archive/ENGINE-142
archive/ENGINE-152
archive/ENGINE-155
archive/ENGINE-157
archive/ENGINE-168
archive/ENGINE-171
archive/ENGINE-172
archive/ENGINE-173
archive/ENGINE-174
archive/ENGINE-178
archive/ENGINE-179
archive/ENGINE-180
archive/ENGINE-183
archive/ENGINE-187
archive/ENGINE-188
archive/ENGINE-189
archive/ENGINE-198
archive/ENGINE-199
archive/ENGINE-204
archive/ENGINE-207
archive/ENGINE-207-1
archive/ENGINE-209
archive/ENGINE-214
archive/ENGINE-215
archive/ENGINE-217
archive/ENGINE-226
archive/ENGINE-228
archive/ENGINE-229
archive/ENGINE-233
archive/ENGINE-237
archive/ENGINE-238
archive/ENGINE-247
archive/ENGINE-250
archive/ENGINE-251
archive/ENGINE-254
archive/ENGINE-255
archive/ENGINE-259
archive/ENGINE-261
archive/ENGINE-262
archive/ENGINE-265
archive/ENGINE-27
archive/ENGINE-275
archive/ENGINE-282
archive/ENGINE-286
archive/ENGINE-287
archive/ENGINE-288
archive/ENGINE-289
archive/ENGINE-290
archive/ENGINE-293
archive/ENGINE-294
archive/ENGINE-298
archive/ENGINE-3
archive/ENGINE-305
archive/ENGINE-308
archive/ENGINE-320
archive/ENGINE-320-lr1
archive/ENGINE-321
archive/ENGINE-322
archive/ENGINE-325
archive/ENGINE-329
archive/ENGINE-332
archive/ENGINE-339
archive/ENGINE-352
archive/ENGINE-358
archive/ENGINE-398
archive/ENGINE-40
archive/ENGINE-400
archive/ENGINE-402
archive/ENGINE-407
archive/ENGINE-420
archive/ENGINE-422
archive/ENGINE-423
archive/ENGINE-425
archive/ENGINE-427
archive/ENGINE-430
archive/ENGINE-434
archive/ENGINE-440
archive/ENGINE-442
archive/ENGINE-448
archive/ENGINE-450
archive/ENGINE-450-MARK-II
archive/ENGINE-451
archive/ENGINE-454
archive/ENGINE-455
archive/ENGINE-459
archive/ENGINE-463
archive/ENGINE-466
archive/ENGINE-467
archive/ENGINE-472
archive/ENGINE-473
archive/ENGINE-474
archive/ENGINE-479
archive/ENGINE-479_low_level
archive/ENGINE-487
archive/ENGINE-507
archive/ENGINE-510
archive/ENGINE-514
archive/ENGINE-524
archive/ENGINE-531
archive/ENGINE-536
archive/ENGINE-540
archive/ENGINE-544
archive/ENGINE-550
archive/ENGINE-551
archive/ENGINE-552
archive/ENGINE-553
archive/ENGINE-559
archive/ENGINE-571
archive/ENGINE-581
archive/ENGINE-596
archive/ENGINE-600
archive/ENGINE-602
archive/ENGINE-614
archive/ENGINE-630
archive/ENGINE-638
archive/ENGINE-639
archive/ENGINE-647
archive/ENGINE-649
archive/ENGINE-654
archive/ENGINE-655
archive/ENGINE-659-gpg
archive/ENGINE-681
archive/ENGINE-703
archive/ENGINE-720
archive/ENGINE-73
archive/ENGINE-736
archive/ENGINE-74
archive/ENGINE-746
archive/ENGINE-750
archive/ENGINE-751
archive/ENGINE-757
archive/ENGINE-764
archive/ENGINE-767
archive/ENGINE-780
archive/ENGINE-780-take2
archive/ENGINE-781
archive/ENGINE-79
archive/ENGINE-812
archive/ENGINE-822-sql-refactor
archive/ENGINE-835
archive/ENGINE-84
archive/ENGINE-864_old
archive/ENGINE-870
archive/ENGINE-877
archive/ENGINE-9
archive/ENGINE-9-1
archive/ENGINE-92
archive/ENGINE-95
archive/ENGINE-96
archive/ENGINE-98
archive/ENGINE_314
archive/GroupMerge
archive/IOS-1351
archive/IOS-1482
archive/IOS-1484
archive/IOS-1576
archive/IOS-1784
archive/IOS-1942
archive/IOS-2327
archive/IOS-2414
archive/IOS-506
archive/IOS-BUILD_NDEBUG_FIX
archive/IOSAD-101
archive/IOSAD-103
archive/IOSAD-111
archive/IOSAD-120
archive/IOSAD-161
archive/IOSAD-163
archive/IOSAD-182
archive/IOSAD-186
archive/JIRA_smart_commit_test_branch
archive/JNI-21
archive/JNI-26
archive/KeySyncWaitForAccept
archive/NETPGP-18
archive/Release_1_branch_deprecated
archive/Release_2.1.0
archive/Xcode-sync-session
archive/Xcode11
archive/android-stuff
archive/async_key_management
archive/beacon_test
archive/changeset_add
archive/database_change_branch
archive/debian_default_test
archive/default-1
archive/default-2
archive/default-3
archive/delete_key
archive/diphoton_M1
archive/el_presidente
archive/email_comparison
archive/enigmail-color-tests
archive/enigmail_tests_pre_revision_2535
archive/fdik_sync
archive/fixing_revoke
archive/gen_sample
archive/gnupg-2.1
archive/google-ENGINE-325-testing
archive/googletest
archive/gpgme-1.9.0
archive/gpgme_passphrase_cb
archive/grind_and_cleanup
archive/group_key_reset
archive/import_key_2.1
archive/import_own_key
archive/import_priv_keys_fix
archive/install_headers
archive/key_reset_get_revocations
archive/keysync
archive/keysync-windows
archive/krista-local-7-Jan-2020
archive/krista-netpgp-sync
archive/krista-temp
archive/krista_local_windows
archive/krista_temp
archive/krista_tmp_sequoia_upgrade
archive/local_cmocka
archive/local_cpptest
archive/maintain
archive/make-cleanup
archive/merge_ll_sign_only
archive/message-2.0
archive/mistrust_fixes
archive/neal-sequoia-update-staging
archive/neal/tpk-cache
archive/notifyHandshake
archive/null_size_attachment
archive/outlook_mime_support
archive/peg-mime
archive/postrelease
archive/preview_rating
archive/ratings
archive/reduce
archive/remove_gpg
archive/rok-mac
archive/roker-linux
archive/sender-fpr-and-friends
archive/sender-fpr-checks
archive/sequoia
archive/sequoia_windows
archive/short_term_is_own_key_branch
archive/signature_test
archive/spinlock_remove
archive/strl-imp
archive/sync-test-dev
archive/sync_and_key_reset
archive/sync_test_refactor
archive/test-huss-hypothesis-42
archive/test_diphoton
archive/thomas_timing_tests
archive/tracing_for_thomas
archive/tunneling
audit_update_from_sync
decode-encode-API-change
for_Outlook-1.1.10
last-old-mime-api-version
last_usable_message_format_commit
list
no_support_provided_from_message_2.0_on_this_branch._Please_use_branch_diphoton_M1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '065b5463b8'
${ noResults }
pEpEngine/src/pgp_sequoia.c

3620 lines
123 KiB
C
Raw Blame History

// This file is under GNU General Public License 3.0
// see LICENSE.txt
#pragma clang diagnostic ignored "-Wgnu-zero-variadic-macro-arguments"
#define _GNU_SOURCE 1
#include "platform.h"
#include "pEp_internal.h"
#include "pgp_sequoia.h"
#include <limits.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <stdlib.h>
#include "wrappers.h"
#define TRACING 0
#ifndef TRACING
# ifndef NDEBUG
# define TRACING 0
# else
# define TRACING 1
# endif
#endif
// enable tracing if in debugging mode
#if TRACING
#include "status_to_string.h"
# ifdef ANDROID
# include <android/log.h>
# define _T(...) do { \
__android_log_print(ANDROID_LOG_DEBUG, "pEpEngine-sequoia", \
##__VA_ARGS__); \
} while (0)
# elif _WIN32
# define _T(...) do { \
char str[256]; \
snprintf(str, 256, ##__VA_ARGS__); \
OutputDebugStringA(str); \
fprintf(stderr, ##__VA_ARGS__); \
} while (0)
# else
# define _T(...) do { \
fprintf(stderr, ##__VA_ARGS__); \
} while (0)
# endif
#else
# define _T(...) do { } while (0)
#endif
// Show the start of a tracepoint (i.e., don't print a newline).
#define TC(...) do { \
_T("%s: ", __func__); \
_T(__VA_ARGS__); \
} while (0)
// Show a trace point.
# define T(...) do { \
TC(__VA_ARGS__); \
_T("\n"); \
} while(0)
// Verbosely displays errors.
# define DUMP_STATUS(__de_sq_status, __de_pep_status, ...) do { \
TC(__VA_ARGS__); \
_T(": "); \
if (__de_sq_status) { \
_T("Sequoia: %s => ", pgp_status_to_string(__de_sq_status)); \
} \
_T("%s\n", pEp_status_to_string(__de_pep_status)); \
} while(0)
# define DUMP_ERR(__de_err, __de_status, ...) do { \
TC(__VA_ARGS__); \
_T(": "); \
if (__de_err) { \
_T("Sequoia: %s => ", pgp_error_to_string(__de_err)); \
pgp_error_free(__de_err); \
} \
_T("%s\n", pEp_status_to_string(__de_status)); \
} while(0)
// If __ec_status is an error, then dump the error, set 'status' to
// it, and jump to 'out'.
#define ERROR_OUT(__e_err, __ec_status, ...) do { \
PEP_STATUS ___ec_status = (__ec_status); \
if ((___ec_status) != PEP_STATUS_OK) { \
DUMP_ERR((__e_err), (___ec_status), ##__VA_ARGS__); \
status = (___ec_status); \
goto out; \
} \
} while(0)
#ifdef _PEP_SQLITE_DEBUG
int sq_sql_trace_callback (unsigned trace_constant,
void* context_ptr,
void* P,
void* X) {
switch (trace_constant) {
case SQLITE_TRACE_STMT:
fprintf(stderr, "SEQUOIA_SQL_DEBUG: STMT - ");
const char* X_str = (const char*) X;
if (!EMPTYSTR(X_str) && X_str[0] == '-' && X_str[1] == '-')
fprintf(stderr, "%s\n", X_str);
else
fprintf(stderr, "%s\n", sqlite3_expanded_sql((sqlite3_stmt*)P));
break;
case SQLITE_TRACE_ROW:
fprintf(stderr, "SEQUOIA_SQL_DEBUG: ROW - ");
fprintf(stderr, "%s\n", sqlite3_expanded_sql((sqlite3_stmt*)P));
break;
case SQLITE_TRACE_CLOSE:
fprintf(stderr, "SEQUOIA_SQL_DEBUG: CLOSE - ");
break;
default:
break;
}
return 0;
}
#endif
/* This is reallocarray taken from OpenBSD. See README.md for licensing. */
/* Symbols are renamed for clashes, not to hide source. */
/*
* This is sqrt(SIZE_MAX+1), as s1*s2 <= SIZE_MAX
* if both s1 < MUL_NO_OVERFLOW and s2 < MUL_NO_OVERFLOW
*/
#define PEP_MUL_NO_OVERFLOW ((size_t)1 << (sizeof(size_t) * 4))
static void* _pEp_reallocarray(void *optr, size_t nmemb, size_t size)
{
if ((nmemb >= PEP_MUL_NO_OVERFLOW || size >= PEP_MUL_NO_OVERFLOW) &&
nmemb > 0 && SIZE_MAX / nmemb < size) {
errno = ENOMEM;
return NULL;
}
return realloc(optr, size * nmemb);
}
PEP_STATUS pgp_config_cipher_suite(PEP_SESSION session,
PEP_CIPHER_SUITE suite)
{
switch (suite) {
// supported cipher suites
case PEP_CIPHER_SUITE_RSA2K:
case PEP_CIPHER_SUITE_RSA3K:
case PEP_CIPHER_SUITE_CV25519:
case PEP_CIPHER_SUITE_P256:
case PEP_CIPHER_SUITE_P384:
case PEP_CIPHER_SUITE_P521:
session->cipher_suite = suite;
return PEP_STATUS_OK;
case PEP_CIPHER_SUITE_DEFAULT:
session->cipher_suite = PEP_CIPHER_SUITE_RSA2K;
return PEP_STATUS_OK;
// unsupported cipher suites
default:
session->cipher_suite = PEP_CIPHER_SUITE_RSA2K;
return PEP_CANNOT_CONFIG;
}
}
static pgp_cert_cipher_suite_t cipher_suite(PEP_CIPHER_SUITE suite)
{
switch (suite) {
// supported cipher suites
case PEP_CIPHER_SUITE_RSA2K:
return PGP_CERT_CIPHER_SUITE_RSA2K;
case PEP_CIPHER_SUITE_RSA3K:
return PGP_CERT_CIPHER_SUITE_RSA3K;
case PEP_CIPHER_SUITE_CV25519:
return PGP_CERT_CIPHER_SUITE_CV25519;
case PEP_CIPHER_SUITE_P256:
return PGP_CERT_CIPHER_SUITE_P256;
case PEP_CIPHER_SUITE_P384:
return PGP_CERT_CIPHER_SUITE_P384;
case PEP_CIPHER_SUITE_P521:
return PGP_CERT_CIPHER_SUITE_P521;
default:
return PGP_CERT_CIPHER_SUITE_RSA2K;
}
}
int email_cmp(void *cookie, int a_len, const void *a, int b_len, const void *b)
{
pgp_packet_t a_userid = pgp_user_id_from_raw (a, a_len);
pgp_packet_t b_userid = pgp_user_id_from_raw (b, b_len);
char *a_email = NULL;
pgp_user_id_email_normalized(NULL, a_userid, &a_email);
if (!a_email)
pgp_user_id_uri(NULL, a_userid, &a_email);
char *b_email = NULL;
pgp_user_id_email_normalized(NULL, b_userid, &b_email);
if (!b_email)
pgp_user_id_uri(NULL, b_userid, &b_email);
pgp_packet_free(a_userid);
pgp_packet_free(b_userid);
// return an integer that is negative, zero, or positive if the
// first string is less than, equal to, or greater than the
// second, respectively.
int result;
if (!a_email && !b_email)
result = 0;
else if (!a_email)
result = -1;
else if (!b_email)
result = 1;
else
result = strcmp(a_email, b_email);
if (true) {
T("'%s' %s '%s'",
a_email,
result == 0 ? "==" : result < 0 ? "<" : ">",
b_email);
}
free(a_email);
free(b_email);
return result;
}
static PEP_STATUS _pgp_get_decrypted_key(PEP_SESSION session,
pgp_cert_valid_key_iter_t iter,
pgp_key_t* decrypted_key) {
if (!iter)
return PEP_UNKNOWN_ERROR; // ???
if (!decrypted_key)
return PEP_ILLEGAL_VALUE;
PEP_STATUS status = PEP_STATUS_OK;
pgp_error_t err = NULL;
bool bad_pass = false;
bool missing_pass = false;
pgp_key_t key = NULL;
*decrypted_key = NULL;
pgp_valid_key_amalgamation_t ka = pgp_cert_valid_key_iter_next (iter, NULL, NULL);
// FIXME: better error!!!
if (! ka)
ERROR_OUT (err, PEP_UNKNOWN_ERROR,
"%s has no capable key", fpr);
// pgp_key_into_key_pair needs to own the key, but here we
// only get a reference (which we still need to free).
for ( ; ka ; (ka = pgp_cert_valid_key_iter_next(iter, NULL, NULL))) {
// pgp_key_into_key_pair needs to own the key, but here we
// only get a reference (which we still need to free).
key = pgp_valid_key_amalgamation_key (ka);
if (pgp_key_has_unencrypted_secret(key))
break;
else {
const char* pass = session->curr_passphrase;
if (pass && pass[0]) {
pgp_key_t decrypted_key = NULL;
decrypted_key = pgp_key_decrypt_secret(&err, pgp_key_clone(key), (uint8_t*)session->curr_passphrase,
strlen(session->curr_passphrase));
pgp_key_free(key);
key = NULL;
if (!decrypted_key) {
bad_pass = true;
continue;
}
else {
key = decrypted_key;
break;
}
}
else {
pgp_key_free(key);
key = NULL;
missing_pass = true;
continue;
}
}
}
if (!key) {
if (bad_pass)
ERROR_OUT(err, PEP_WRONG_PASSPHRASE, "pgp_key_decrypt_secret");
else if (missing_pass)
ERROR_OUT(err, PEP_PASSPHRASE_REQUIRED, "pgp_key_decrypt_secret");
else
ERROR_OUT(err, PEP_UNKNOWN_ERROR, "pgp_valid_key_amalgamation_key");
}
out:
pgp_valid_key_amalgamation_free (ka);
*decrypted_key = key;
T("(%s)-> %s", fpr, pEp_status_to_string(status));
return status;
}
PEP_STATUS pgp_init(PEP_SESSION session, bool in_first)
{
PEP_STATUS status = PEP_STATUS_OK;
#ifdef _WIN32
int sqlite_result;
sqlite_result = sqlite3_open_v2(KEYS_DB,
&session->key_db,
SQLITE_OPEN_READWRITE
| SQLITE_OPEN_CREATE
| SQLITE_OPEN_FULLMUTEX
| SQLITE_OPEN_PRIVATECACHE,
NULL);
#else
// Create the home directory.
char *home_env = NULL;
#ifndef NDEBUG
home_env = getenv("PEP_HOME");
#endif
#define PEP_KEYS_PATH "/.pEp/keys.db"
if (!home_env)
home_env = getenv("HOME");
if (!home_env)
ERROR_OUT(NULL, PEP_INIT_CRYPTO_LIB_INIT_FAILED, "HOME unset");
// Create the DB and initialize it.
size_t path_size = strlen(home_env) + sizeof(PEP_KEYS_PATH);
char *path = (char *) calloc(path_size, 1);
assert(path);
if (!path)
ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "out of memory");
int r = snprintf(path, path_size, "%s" PEP_KEYS_PATH, home_env);
assert(r >= 0 && r < path_size);
if (r < 0) {
free(path);
ERROR_OUT(NULL, PEP_UNKNOWN_ERROR, "snprintf");
}
int sqlite_result;
sqlite_result = sqlite3_open_v2(path,
&session->key_db,
SQLITE_OPEN_READWRITE
| SQLITE_OPEN_CREATE
| SQLITE_OPEN_FULLMUTEX
| SQLITE_OPEN_PRIVATECACHE,
NULL);
free(path);
#endif
#ifdef _PEP_SQLITE_DEBUG
sqlite3_trace_v2(session->key_db,
SQLITE_TRACE_STMT | SQLITE_TRACE_ROW | SQLITE_TRACE_CLOSE,
sq_sql_trace_callback,
NULL);
#endif
if (sqlite_result != SQLITE_OK)
ERROR_OUT(NULL, PEP_INIT_CANNOT_OPEN_DB,
"opening keys DB: %s", sqlite3_errmsg(session->key_db));
sqlite_result = sqlite3_exec(session->key_db,
"PRAGMA secure_delete=true;\n"
"PRAGMA foreign_keys=true;\n"
"PRAGMA locking_mode=NORMAL;\n"
"PRAGMA journal_mode=WAL;\n",
NULL, NULL, NULL);
if (sqlite_result != SQLITE_OK)
ERROR_OUT(NULL, PEP_INIT_CANNOT_OPEN_DB,
"setting pragmas: %s", sqlite3_errmsg(session->key_db));
sqlite3_busy_timeout(session->key_db, BUSY_WAIT_TIME);
sqlite_result =
sqlite3_create_collation(session->key_db,
"EMAIL",
SQLITE_UTF8,
/* pArg (cookie) */ NULL,
email_cmp);
if (sqlite_result != SQLITE_OK)
ERROR_OUT(NULL, PEP_INIT_CANNOT_OPEN_DB,
"registering EMAIL collation function: %s",
sqlite3_errmsg(session->key_db));
sqlite_result = sqlite3_exec(session->key_db,
"CREATE TABLE IF NOT EXISTS keys (\n"
" primary_key TEXT UNIQUE PRIMARY KEY,\n"
" secret BOOLEAN,\n"
" tpk BLOB\n"
");\n"
"CREATE INDEX IF NOT EXISTS keys_index\n"
" ON keys (primary_key, secret)\n",
NULL, NULL, NULL);
if (sqlite_result != SQLITE_OK)
ERROR_OUT(NULL, PEP_INIT_CANNOT_OPEN_DB,
"creating keys table: %s",
sqlite3_errmsg(session->key_db));
sqlite_result = sqlite3_exec(session->key_db,
"CREATE TABLE IF NOT EXISTS subkeys (\n"
" subkey TEXT NOT NULL,\n"
" primary_key TEXT NOT NULL,\n"
" UNIQUE(subkey, primary_key),\n"
" FOREIGN KEY (primary_key)\n"
" REFERENCES keys(primary_key)\n"
" ON DELETE CASCADE\n"
");\n"
"CREATE INDEX IF NOT EXISTS subkeys_index\n"
" ON subkeys (subkey, primary_key)\n",
NULL, NULL, NULL);
if (sqlite_result != SQLITE_OK)
ERROR_OUT(NULL, PEP_INIT_CANNOT_OPEN_DB,
"creating subkeys table: %s",
sqlite3_errmsg(session->key_db));
sqlite_result = sqlite3_exec(session->key_db,
"CREATE TABLE IF NOT EXISTS userids (\n"
" userid TEXT NOT NULL COLLATE EMAIL,\n"
" primary_key TEXT NOT NULL,\n"
" UNIQUE(userid, primary_key),\n"
" FOREIGN KEY (primary_key)\n"
" REFERENCES keys(primary_key)\n"
" ON DELETE CASCADE\n"
");\n"
"CREATE INDEX IF NOT EXISTS userids_index\n"
" ON userids (userid COLLATE EMAIL, primary_key)\n",
NULL, NULL, NULL);
if (sqlite_result != SQLITE_OK)
ERROR_OUT(NULL, PEP_INIT_CANNOT_OPEN_DB,
"creating userids table: %s",
sqlite3_errmsg(session->key_db));
sqlite_result
= sqlite3_prepare_v2(session->key_db, "begin transaction",
-1, &session->sq_sql.begin_transaction, NULL);
assert(sqlite_result == SQLITE_OK);
sqlite_result
= sqlite3_prepare_v2(session->key_db, "commit transaction",
-1, &session->sq_sql.commit_transaction, NULL);
assert(sqlite_result == SQLITE_OK);
sqlite_result
= sqlite3_prepare_v2(session->key_db, "rollback transaction",
-1, &session->sq_sql.rollback_transaction, NULL);
assert(sqlite_result == SQLITE_OK);
sqlite_result
= sqlite3_prepare_v2(session->key_db,
"SELECT tpk, secret FROM keys"
" WHERE primary_key == ?",
-1, &session->sq_sql.cert_find, NULL);
assert(sqlite_result == SQLITE_OK);
sqlite_result
= sqlite3_prepare_v2(session->key_db,
"SELECT tpk, secret FROM keys"
" WHERE primary_key == ? and secret == 1",
-1, &session->sq_sql.tsk_find, NULL);
assert(sqlite_result == SQLITE_OK);
sqlite_result
= sqlite3_prepare_v2(session->key_db,
"SELECT tpk, secret FROM subkeys"
" LEFT JOIN keys"
" ON subkeys.primary_key == keys.primary_key"
" WHERE subkey == ?",
-1, &session->sq_sql.cert_find_by_keyid, NULL);
assert(sqlite_result == SQLITE_OK);
sqlite_result
= sqlite3_prepare_v2(session->key_db,
"SELECT tpk, secret FROM subkeys"
" LEFT JOIN keys"
" ON subkeys.primary_key == keys.primary_key"
" WHERE subkey == ?",
-1, &session->sq_sql.cert_find_by_keyid, NULL);
assert(sqlite_result == SQLITE_OK);
sqlite_result
= sqlite3_prepare_v2(session->key_db,
"SELECT tpk, secret FROM subkeys"
" LEFT JOIN keys"
" ON subkeys.primary_key == keys.primary_key"
" WHERE subkey == ? and keys.secret == 1",
-1, &session->sq_sql.tsk_find_by_keyid, NULL);
assert(sqlite_result == SQLITE_OK);
sqlite_result
= sqlite3_prepare_v2(session->key_db,
"SELECT tpk, secret FROM userids"
" LEFT JOIN keys"
" ON userids.primary_key == keys.primary_key"
" WHERE userid == ?",
-1, &session->sq_sql.cert_find_by_email, NULL);
assert(sqlite_result == SQLITE_OK);
sqlite_result
= sqlite3_prepare_v2(session->key_db,
"SELECT tpk, secret FROM userids"
" LEFT JOIN keys"
" ON userids.primary_key == keys.primary_key"
" WHERE userid == ? and keys.secret == 1",
-1, &session->sq_sql.tsk_find_by_email, NULL);
assert(sqlite_result == SQLITE_OK);
sqlite_result
= sqlite3_prepare_v2(session->key_db,
"select tpk, secret from keys",
-1, &session->sq_sql.cert_all, NULL);
assert(sqlite_result == SQLITE_OK);
sqlite_result
= sqlite3_prepare_v2(session->key_db,
"select tpk, secret from keys where secret = 1",
-1, &session->sq_sql.tsk_all, NULL);
assert(sqlite_result == SQLITE_OK);
sqlite_result
= sqlite3_prepare_v2(session->key_db,
"INSERT OR REPLACE INTO keys"
" (primary_key, secret, tpk)"
" VALUES (?, ?, ?)",
-1, &session->sq_sql.cert_save_insert_primary, NULL);
assert(sqlite_result == SQLITE_OK);
sqlite_result
= sqlite3_prepare_v2(session->key_db,
"INSERT OR REPLACE INTO subkeys"
" (subkey, primary_key)"
" VALUES (?, ?)",
-1, &session->sq_sql.cert_save_insert_subkeys, NULL);
assert(sqlite_result == SQLITE_OK);
sqlite_result
= sqlite3_prepare_v2(session->key_db,
"INSERT OR REPLACE INTO userids"
" (userid, primary_key)"
" VALUES (?, ?)",
-1, &session->sq_sql.cert_save_insert_userids, NULL);
assert(sqlite_result == SQLITE_OK);
sqlite_result
= sqlite3_prepare_v2(session->key_db,
"DELETE FROM keys WHERE primary_key = ?",
-1, &session->sq_sql.delete_keypair, NULL);
assert(sqlite_result == SQLITE_OK);
session->policy = pgp_null_policy ();
if (! session->policy)
ERROR_OUT(NULL, PEP_OUT_OF_MEMORY,
"initializing openpgp policy");
out:
if (status != PEP_STATUS_OK)
pgp_release(session, in_first);
return status;
}
void pgp_release(PEP_SESSION session, bool out_last)
{
pgp_policy_free (session->policy);
session->policy = NULL;
sqlite3_stmt **stmts = (sqlite3_stmt **) &session->sq_sql;
for (int i = 0; i < sizeof(session->sq_sql) / sizeof(*stmts); i ++)
if (stmts[i]) {
sqlite3_finalize(stmts[i]);
stmts[i] = NULL;
}
if (session->key_db) {
int result = sqlite3_close_v2(session->key_db);
if (result != 0)
DUMP_ERR(NULL, PEP_UNKNOWN_ERROR,
"Closing key DB: sqlite3_close_v2: %s",
sqlite3_errstr(result));
session->key_db = NULL;
}
}
// Ensures that a fingerprint is in canonical form. A canonical
// fingerprint doesn't contain any white space.
//
// This function does *not* consume fpr.
static char *pgp_fingerprint_canonicalize(const char *) __attribute__((nonnull));
static char *pgp_fingerprint_canonicalize(const char *fpr)
{
pgp_fingerprint_t pgp_fpr = pgp_fingerprint_from_hex(fpr);
char *fpr_canonicalized = pgp_fingerprint_to_hex(pgp_fpr);
pgp_fingerprint_free(pgp_fpr);
return fpr_canonicalized;
}
// step statement and load the certificate and secret.
static PEP_STATUS key_load(PEP_SESSION, sqlite3_stmt *, pgp_cert_t *, int *)
__attribute__((nonnull(1, 2)));
static PEP_STATUS key_load(PEP_SESSION session, sqlite3_stmt *stmt,
pgp_cert_t *certp, int *secretp)
{
PEP_STATUS status = PEP_STATUS_OK;
int sqlite_result = sqlite3_step(stmt);
switch (sqlite_result) {
case SQLITE_ROW:
if (certp) {
int data_len = sqlite3_column_bytes(stmt, 0);
const void *data = sqlite3_column_blob(stmt, 0);
pgp_error_t err = NULL;
*certp = pgp_cert_from_bytes(&err, data, data_len);
if (!*certp)
ERROR_OUT(err, PEP_GET_KEY_FAILED, "parsing certificate");
}
if (secretp)
*secretp = sqlite3_column_int(stmt, 1);
break;
case SQLITE_DONE:
// Got nothing.
status = PEP_KEY_NOT_FOUND;
break;
default:
ERROR_OUT(NULL, PEP_UNKNOWN_ERROR,
"stepping: %s", sqlite3_errmsg(session->key_db));
}
out:
T(" -> %s", pEp_status_to_string(status));
return status;
}
// step statement until exhausted and load the certificates.
static PEP_STATUS key_loadn(PEP_SESSION, sqlite3_stmt *, pgp_cert_t **, int *)
__attribute__((nonnull));
static PEP_STATUS key_loadn(PEP_SESSION session, sqlite3_stmt *stmt,
pgp_cert_t **certsp, int *certs_countp)
{
PEP_STATUS status = PEP_STATUS_OK;
int certs_count = 0;
int certs_capacity = 8;
pgp_cert_t *certs = calloc(certs_capacity, sizeof(pgp_cert_t));
if (!certs)
ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "out of memory");
for (;;) {
pgp_cert_t cert = NULL;
status = key_load(session, stmt, &cert, NULL);
if (status == PEP_KEY_NOT_FOUND) {
status = PEP_STATUS_OK;
break;
}
ERROR_OUT(NULL, status, "loading certificate");
if (certs_count == certs_capacity) {
certs_capacity *= 2;
certs = realloc(certs, sizeof(certs[0]) * certs_capacity);
if (!certs)
ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "certs");
}
certs[certs_count ++] = cert;
}
out:
if (status != PEP_STATUS_OK) {
for (int i = 0; i < certs_count; i ++)
pgp_cert_free(certs[i]);
free(certs);
} else {
*certsp = certs;
*certs_countp = certs_count;
}
T(" -> %s (%d certs)", pEp_status_to_string(status), *certs_countp);
return status;
}
// Returns the certificate identified by the provided fingerprint.
//
// This function only matches on the primary key!
static PEP_STATUS cert_find(PEP_SESSION, pgp_fingerprint_t, int, pgp_cert_t *, int *)
__attribute__((nonnull(1, 2)));
static PEP_STATUS cert_find(PEP_SESSION session,
pgp_fingerprint_t fpr, int private_only,
pgp_cert_t *cert, int *secret)
{
PEP_STATUS status = PEP_STATUS_OK;
char *fpr_str = pgp_fingerprint_to_hex(fpr);
T("(%s, %d)", fpr_str, private_only);
sqlite3_stmt *stmt
= private_only ? session->sq_sql.tsk_find : session->sq_sql.cert_find;
sqlite3_bind_text(stmt, 1, fpr_str, -1, SQLITE_STATIC);
status = key_load(session, stmt, cert, secret);
ERROR_OUT(NULL, status, "Looking up %s", fpr_str);
out:
sqlite3_reset(stmt);
T("(%s, %d) -> %s", fpr_str, private_only, pEp_status_to_string(status));
free(fpr_str);
return status;
}
// Returns the certificate identified by the provided keyid.
//
// This function matches on both primary keys and subkeys!
//
// Note: There can be multiple certificates for a given keyid. This can
// occur, because an encryption subkey can be bound to multiple certificates.
// Also, it is possible to collide key ids. If there are multiple key
// ids for a given key, this just returns one of them.
//
// If private_only is set, this will only consider certificates with some
// secret key material.
static PEP_STATUS cert_find_by_keyid_hex(PEP_SESSION, const char *, int, pgp_cert_t *, int *)
__attribute__((nonnull(1, 2)));
static PEP_STATUS cert_find_by_keyid_hex(
PEP_SESSION session, const char *keyid_hex, int private_only,
pgp_cert_t *certp, int *secretp)
{
PEP_STATUS status = PEP_STATUS_OK;
T("(%s, %d)", keyid_hex, private_only);
sqlite3_stmt *stmt
= private_only ? session->sq_sql.tsk_find_by_keyid : session->sq_sql.cert_find_by_keyid;
sqlite3_bind_text(stmt, 1, keyid_hex, -1, SQLITE_STATIC);
status = key_load(session, stmt, certp, secretp);
ERROR_OUT(NULL, status, "Looking up %s", keyid_hex);
out:
sqlite3_reset(stmt);
T("(%s, %d) -> %s", keyid_hex, private_only, pEp_status_to_string(status));
return status;
}
// See cert_find_by_keyid_hex.
PEP_STATUS cert_find_by_keyid(PEP_SESSION, pgp_keyid_t, int, pgp_cert_t *, int *)
__attribute__((nonnull(1, 2)));
PEP_STATUS cert_find_by_keyid(PEP_SESSION session,
pgp_keyid_t keyid, int private_only,
pgp_cert_t *certp, int *secretp)
{
char *keyid_hex = pgp_keyid_to_hex(keyid);
if (! keyid_hex)
return PEP_OUT_OF_MEMORY;
PEP_STATUS status
= cert_find_by_keyid_hex(session, keyid_hex, private_only, certp, secretp);
free(keyid_hex);
return status;
}
// See cert_find_by_keyid_hex.
static PEP_STATUS cert_find_by_fpr(PEP_SESSION, pgp_fingerprint_t, int,
pgp_cert_t *, int *)
__attribute__((nonnull(1, 2)));
static PEP_STATUS cert_find_by_fpr(
PEP_SESSION session, pgp_fingerprint_t fpr, int private_only,
pgp_cert_t *certp, int *secretp)
{
pgp_keyid_t keyid = pgp_fingerprint_to_keyid(fpr);
if (! keyid)
return PEP_OUT_OF_MEMORY;
PEP_STATUS status
= cert_find_by_keyid(session, keyid, private_only, certp, secretp);
pgp_keyid_free(keyid);
return status;
}
// See cert_find_by_keyid_hex.
static PEP_STATUS cert_find_by_fpr_hex(PEP_SESSION, const char *, int, pgp_cert_t *, int *secret)
__attribute__((nonnull(1, 2)));
static PEP_STATUS cert_find_by_fpr_hex(
PEP_SESSION session, const char *fpr, int private_only,
pgp_cert_t *certp, int *secretp)
{
pgp_fingerprint_t pgp_fpr = pgp_fingerprint_from_hex(fpr);
if (! pgp_fpr)
return PEP_OUT_OF_MEMORY;
PEP_STATUS status
= cert_find_by_fpr(session, pgp_fpr, private_only, certp, secretp);
pgp_fingerprint_free(pgp_fpr);
return status;
}
// Returns all known certificates.
static PEP_STATUS cert_all(PEP_SESSION, int, pgp_cert_t **, int *) __attribute__((nonnull));
static PEP_STATUS cert_all(PEP_SESSION session, int private_only,
pgp_cert_t **certsp, int *certs_countp) {
PEP_STATUS status = PEP_STATUS_OK;
sqlite3_stmt *stmt = private_only ? session->sq_sql.tsk_all : session->sq_sql.cert_all;
status = key_loadn(session, stmt, certsp, certs_countp);
ERROR_OUT(NULL, status, "loading certificates");
out:
sqlite3_reset(stmt);
return status;
}
// Returns keys that have a user id that matches the specified pattern.
//
// The keys returned must be freed using pgp_cert_free.
static PEP_STATUS cert_find_by_email(PEP_SESSION, const char *, int, pgp_cert_t **, int *)
__attribute__((nonnull));
static PEP_STATUS cert_find_by_email(PEP_SESSION session,
const char *pattern, int private_only,
pgp_cert_t **certsp, int *countp)
{
PEP_STATUS status = PEP_STATUS_OK;
T("(%s)", pattern);
sqlite3_stmt *stmt
= private_only ? session->sq_sql.tsk_find_by_email : session->sq_sql.cert_find_by_email;
sqlite3_bind_text(stmt, 1, pattern, -1, SQLITE_STATIC);
status = key_loadn(session, stmt, certsp, countp);
ERROR_OUT(NULL, status, "Searching for '%s'", pattern);
out:
sqlite3_reset(stmt);
T("(%s) -> %s (%d results)", pattern, pEp_status_to_string(status), *countp);
return status;
}
// end detect possibly changed key stuff
static PEP_STATUS serialize_cert(PEP_SESSION session, pgp_cert_t cert,
void** buffer_ptr, size_t* buffer_size_ptr) {
if (!session || !cert || !buffer_ptr || !buffer_size_ptr)
return PEP_ILLEGAL_VALUE;
PEP_STATUS status = PEP_STATUS_OK;
void* curr_buffer = NULL;
size_t curr_buffer_len = 0;
pgp_status_t pgp_status;
pgp_tsk_t tsk = NULL;
pgp_error_t err = NULL;
pgp_writer_t writer = pgp_writer_alloc(&curr_buffer, &curr_buffer_len);
if (!writer)
ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "out of memory");
tsk = pgp_cert_as_tsk(cert);
pgp_status = pgp_tsk_serialize(&err, tsk, writer);
if (pgp_status != 0)
ERROR_OUT(err, PEP_UNKNOWN_ERROR, "Serializing certificates");
out:
pgp_tsk_free(tsk);
pgp_writer_free(writer);
if (status == PEP_STATUS_OK) {
*buffer_ptr = curr_buffer;
*buffer_size_ptr = curr_buffer_len;
}
else
free(buffer_ptr);
T(" -> %s", pEp_status_to_string(status));
return status;
}
// Saves the specified certificates.
//
// This function takes ownership of CERT.
static PEP_STATUS cert_save(PEP_SESSION, pgp_cert_t, identity_list **, bool* changed_ptr)
__attribute__((nonnull(1, 2)));
static PEP_STATUS cert_save(PEP_SESSION session, pgp_cert_t cert,
identity_list **private_idents, bool* changed_ptr)
{
PEP_STATUS status = PEP_STATUS_OK;
pgp_error_t err = NULL;
pgp_fingerprint_t pgp_fpr = NULL;
char *fpr = NULL;
void *tsk_buffer = NULL;
size_t tsk_buffer_len = 0;
void *curr_buffer = NULL;
size_t curr_buffer_len = 0;
int tried_commit = 0;
pgp_cert_key_iter_t key_iter = NULL;
pgp_cert_valid_user_id_iter_t ua_iter = NULL;
pgp_valid_user_id_amalgamation_t ua = NULL;
pgp_packet_t user_id = NULL;
char *email = NULL;
char *name = NULL;
bool _changed = false;
sqlite3_stmt *stmt = session->sq_sql.begin_transaction;
int sqlite_result = sqlite3_step(stmt);
sqlite3_reset(stmt);
if (sqlite_result != SQLITE_DONE)
ERROR_OUT(NULL, PEP_UNKNOWN_ERROR,
"begin transaction failed: %s",
sqlite3_errmsg(session->key_db));
pgp_fpr = pgp_cert_fingerprint(cert);
fpr = pgp_fingerprint_to_hex(pgp_fpr);
T("(%s, private_idents: %s)", fpr, private_idents ? "yes" : "no");
// Merge any existing data into certificate.
pgp_cert_t current = NULL;
status = cert_find(session, pgp_fpr, false, &current, NULL);
if (status == PEP_KEY_NOT_FOUND)
status = PEP_STATUS_OK;
else
ERROR_OUT(NULL, status, "Looking up %s", fpr);
if (current) {
if (changed_ptr) {
// Serialize current for comparison (ugh).
status = serialize_cert(session, current, &curr_buffer, &curr_buffer_len);
if (status != PEP_STATUS_OK)
ERROR_OUT(NULL, status, "Could not serialize existing cert for change check");
}
cert = pgp_cert_merge(&err, cert, current);
if (! cert)
ERROR_OUT(err, PEP_UNKNOWN_ERROR, "Merging certificates");
}
else if (changed_ptr)
_changed = true;
int is_tsk = pgp_cert_is_tsk(cert);
// Serialize it.
// NOTE: Just because it's called tsk in tsk_buffer does NOT mean it necessarily
// has secret key material; it is just that is could. is_tsk is the
// part that asks whether or not it contains such.
status = serialize_cert(session, cert, &tsk_buffer, &tsk_buffer_len);
if (status != PEP_STATUS_OK)
ERROR_OUT(NULL, status, "Could not serialize tsk cert for saving");
// Before we do anything else, if we need to know if things MAY have changed,
// we check the key blob (this is not comprehensive and can generate false
// positives)
//
if (changed_ptr) {
if (!current || !curr_buffer || (curr_buffer_len != tsk_buffer_len))
_changed = true;
else if (memcmp(curr_buffer, tsk_buffer, tsk_buffer_len) != 0)
_changed = true;
}
// Insert the TSK into the DB.
stmt = session->sq_sql.cert_save_insert_primary;
sqlite3_bind_text(stmt, 1, fpr, -1, SQLITE_STATIC);
sqlite3_bind_int(stmt, 2, is_tsk);
sqlite3_bind_blob(stmt, 3, tsk_buffer, tsk_buffer_len, SQLITE_STATIC);
sqlite_result = sqlite3_step(stmt);
sqlite3_reset(stmt);
if (sqlite_result != SQLITE_DONE)
ERROR_OUT(NULL, PEP_UNKNOWN_ERROR,
"Saving certificate: %s", sqlite3_errmsg(session->key_db));
// Insert the "subkeys" (the primary key and the subkeys).
stmt = session->sq_sql.cert_save_insert_subkeys;
// This inserts all of the keys in the certificate, i.e.,
// including revoked and expired keys, which is what we want.
key_iter = pgp_cert_key_iter(cert);
pgp_key_amalgamation_t ka;
while ((ka = pgp_cert_key_iter_next(key_iter))) {
pgp_key_t key = pgp_key_amalgamation_key (ka);
pgp_keyid_t keyid = pgp_key_keyid(key);
char *keyid_hex = pgp_keyid_to_hex(keyid);
sqlite3_bind_text(stmt, 1, keyid_hex, -1, SQLITE_STATIC);
sqlite3_bind_text(stmt, 2, fpr, -1, SQLITE_STATIC);
pgp_key_free (key);
pgp_key_amalgamation_free (ka);
sqlite_result = sqlite3_step(stmt);
sqlite3_reset(stmt);
free(keyid_hex);
pgp_keyid_free(keyid);
if (sqlite_result != SQLITE_DONE) {
pgp_cert_key_iter_free(key_iter);
ERROR_OUT(NULL, PEP_UNKNOWN_ERROR,
"Updating subkeys: %s", sqlite3_errmsg(session->key_db));
}
}
pgp_cert_key_iter_free(key_iter);
key_iter = NULL;
// Insert the "userids".
stmt = session->sq_sql.cert_save_insert_userids;
ua_iter = pgp_cert_valid_user_id_iter(cert, session->policy, 0);
int first = 1;
while ((ua = pgp_cert_valid_user_id_iter_next(ua_iter))) {
user_id = pgp_valid_user_id_amalgamation_user_id(ua);
const uint8_t *user_id_value = pgp_user_id_value(user_id, NULL);
if (!user_id_value || !*user_id_value) {
pgp_packet_free (user_id);
user_id = NULL;
pgp_valid_user_id_amalgamation_free(ua);
ua = NULL;
continue;
}
free(name);
name = NULL;
free(email);
email = NULL;
pgp_user_id_name(NULL, user_id, &name);
// Try to get the normalized address.
pgp_user_id_email_normalized(NULL, user_id, &email);
if (! email)
// Ok, it's not a proper RFC 2822 name-addr. Perhaps it
// is a URI.
pgp_user_id_uri(NULL, user_id, &email);
if (email) {
T(" userid: %s", email);
sqlite3_bind_text(stmt, 1, email, -1, SQLITE_STATIC);
sqlite3_bind_text(stmt, 2, fpr, -1, SQLITE_STATIC);
sqlite_result = sqlite3_step(stmt);
sqlite3_reset(stmt);
if (sqlite_result != SQLITE_DONE) {
ERROR_OUT(NULL, PEP_UNKNOWN_ERROR,
"Updating userids: %s", sqlite3_errmsg(session->key_db));
}
}
if (first && private_idents && is_tsk) {
first = 0;
// Create an identity for the primary user id.
pEp_identity *ident = new_identity(email, fpr, NULL, name);
if (ident == NULL)
ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "new_identity");
*private_idents = identity_list_add(*private_idents, ident);
if (*private_idents == NULL)
ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "identity_list_add");
}
pgp_packet_free (user_id);
user_id = NULL;
pgp_valid_user_id_amalgamation_free(ua);
ua = NULL;
}
out:
// Prevent ERROR_OUT from causing an infinite loop.
if (! tried_commit) {
tried_commit = 1;
stmt = status == PEP_STATUS_OK
? session->sq_sql.commit_transaction
: session->sq_sql.rollback_transaction;
int sqlite_result = sqlite3_step(stmt);
sqlite3_reset(stmt);
if (sqlite_result != SQLITE_DONE)
ERROR_OUT(NULL, PEP_UNKNOWN_ERROR,
status == PEP_STATUS_OK
? "commit failed: %s" : "rollback failed: %s",
sqlite3_errmsg(session->key_db));
}
T("(%s) -> %s", fpr, pEp_status_to_string(status));
if (changed_ptr)
*changed_ptr = _changed;
free(email);
free(name);
pgp_packet_free(user_id);
pgp_valid_user_id_amalgamation_free(ua);
pgp_cert_valid_user_id_iter_free(ua_iter);
pgp_cert_key_iter_free(key_iter);
if (stmt)
sqlite3_reset(stmt);
free(tsk_buffer);
free(curr_buffer);
pgp_cert_free(cert);
free(fpr);
pgp_fingerprint_free(pgp_fpr);
return status;
}
struct decrypt_cookie {
PEP_SESSION session;
int get_secret_keys_called;
stringlist_t *recipient_keylist;
stringlist_t *signer_keylist;
int good_checksums;
int malformed_signature;
int missing_keys;
int unbound_key;
int revoked_key;
int expired_key;
int bad_key;
int bad_checksums;
// Whether we decrypted anything.
int decrypted;
int missing_passphrase;
int bad_passphrase;
// The filename stored in the literal data packet. Note: this is
// *not* protected by the signature and should not be trusted!!!
char *filename;
};
static pgp_status_t
get_public_keys_cb(void *cookie_raw,
pgp_keyid_t *keyids, size_t keyids_len,
pgp_cert_t **certs, size_t *certs_len,
void (**our_free)(void *))
{
struct decrypt_cookie *cookie = cookie_raw;
PEP_SESSION session = cookie->session;
*certs = calloc(keyids_len, sizeof(*certs));
if (!*certs)
return PGP_STATUS_UNKNOWN_ERROR;
*our_free = free;
size_t i;
int j = 0;
for (i = 0; i < keyids_len; i ++) {
pgp_cert_t cert = NULL;
PEP_STATUS status
= cert_find_by_keyid(session, keyids[i], false, &cert, NULL);
if (status == PEP_STATUS_OK)
(*certs)[j ++] = cert;
}
*certs_len = j;
return PGP_STATUS_SUCCESS;
}
static pgp_status_t
decrypt_cb(void *cookie_opaque,
pgp_pkesk_t *pkesks, size_t pkesk_count,
pgp_skesk_t *skesks, size_t skesk_count,
uint8_t symmetric_algo,
pgp_decryptor_do_decrypt_cb_t *decrypt,
void *decrypt_cookie,
pgp_fingerprint_t *identity_out)
{
pgp_error_t err = NULL;
struct decrypt_cookie *cookie = cookie_opaque;
PEP_SESSION session = cookie->session;
pgp_cert_t *tsks = NULL;
int tsks_count = 0;
int wildcards = 0;
if (cookie->get_secret_keys_called)
// Prevent iterations, which isn't needed since we don't
// support SKESKs.
return PGP_STATUS_UNKNOWN_ERROR;
cookie->get_secret_keys_called = 1;
T("%zd PKESKs", pkesk_count);
for (size_t i = 0; i < pkesk_count; i ++) {
pgp_pkesk_t pkesk = pkesks[i];
pgp_keyid_t keyid = pgp_pkesk_recipient(pkesk); /* Reference. */
char *keyid_str = pgp_keyid_to_hex(keyid);
pgp_cert_key_iter_t key_iter = NULL;
pgp_key_amalgamation_t ka = NULL;
pgp_key_t key = NULL;
pgp_session_key_t sk = NULL;
pgp_cert_t cert = NULL;
T("Considering PKESK for %s", keyid_str);
if (strcmp(keyid_str, "0000000000000000") == 0) {
// Initially ignore wildcards.
wildcards = 1;
goto eol;
}
// Collect the recipients. Note: we must return the primary
// key's fingerprint.
int is_tsk = 0;
if (cert_find_by_keyid(session, keyid, false, &cert, &is_tsk) != PEP_STATUS_OK)
goto eol;
pgp_fingerprint_t fp = pgp_cert_fingerprint(cert);
char *fp_string = pgp_fingerprint_to_hex(fp);
stringlist_add_unique(cookie->recipient_keylist, fp_string);
free(fp_string);
pgp_fingerprint_free(fp);
if (cookie->decrypted)
goto eol;
// See if we have the secret key.
assert(is_tsk == pgp_cert_is_tsk(cert));
if (! is_tsk)
goto eol;
key_iter = pgp_cert_key_iter(cert);
while (key = NULL, (ka = pgp_cert_key_iter_next(key_iter))) {
key = pgp_key_amalgamation_key (ka);
pgp_keyid_t this_keyid = pgp_key_keyid(key);
char *this_keyid_hex = pgp_keyid_to_hex(this_keyid);
pgp_keyid_free(this_keyid);
int match = strcmp(keyid_str, this_keyid_hex) == 0;
free(this_keyid_hex);
if (match)
break;
pgp_key_free (key);
pgp_key_amalgamation_free (ka);
}
if (key == NULL) {
assert(!"Inconsistent DB: key doesn't contain a subkey with keyid!");
goto eol;
}
if (!pgp_key_has_unencrypted_secret(key)) {
const char* pass = session->curr_passphrase;
if (pass && pass[0]) {
pgp_key_t decrypted_key = NULL;
decrypted_key = pgp_key_decrypt_secret(&err, pgp_key_clone(key), (uint8_t*)session->curr_passphrase,
strlen(session->curr_passphrase));
if (!decrypted_key) {
DUMP_ERR(err, PEP_WRONG_PASSPHRASE, "pgp_key_decrypt_secret");
cookie->bad_passphrase = 1;
goto eol;
}
else {
pgp_key_free(key);
key = decrypted_key;
}
}
else {
DUMP_ERR(err, PEP_PASSPHRASE_REQUIRED, "pgp_key_decrypt_secret");
cookie->missing_passphrase = 1;
goto eol;
}
}
uint8_t algo;
uint8_t session_key[1024];
size_t session_key_len = sizeof(session_key);
if (pgp_pkesk_decrypt(&err, pkesk, key, &algo,
session_key, &session_key_len) != 0) {
DUMP_ERR(err, PEP_UNKNOWN_ERROR, "pgp_pkesk_decrypt");
goto eol;
}
sk = pgp_session_key_from_bytes (session_key, session_key_len);
if (! decrypt (decrypt_cookie, algo, sk)) {
DUMP_STATUS(PGP_STATUS_UNKNOWN_ERROR, PEP_CANNOT_DECRYPT_UNKNOWN, "decrypt_cb");
goto eol;
}
T("Decrypted PKESK for %s", keyid_str);
*identity_out = pgp_cert_fingerprint(cert);
cookie->decrypted = 1;
eol:
pgp_session_key_free (sk);
free(keyid_str);
pgp_key_free (key);
pgp_key_amalgamation_free (ka);
pgp_cert_key_iter_free(key_iter);
pgp_cert_free(cert);
}
// Consider wildcard recipients.
if (wildcards) for (size_t i = 0; i < pkesk_count && !cookie->decrypted; i ++) {
pgp_pkesk_t pkesk = pkesks[i];
pgp_keyid_t keyid = pgp_pkesk_recipient(pkesk); /* Reference. */
char *keyid_str = pgp_keyid_to_hex(keyid);
pgp_cert_key_iter_t key_iter = NULL;
pgp_key_amalgamation_t ka = NULL;
pgp_key_t key = NULL;
pgp_session_key_t sk = NULL;
if (strcmp(keyid_str, "0000000000000000") != 0)
goto eol2;
if (!tsks) {
if (cert_all(session, true, &tsks, &tsks_count) != PEP_STATUS_OK) {
DUMP_ERR(NULL, PEP_UNKNOWN_ERROR, "Getting all tsks");
}
}
for (int j = 0; j < tsks_count; j ++) {
pgp_cert_t tsk = tsks[j];
key_iter = pgp_cert_key_iter(tsk);
while (key = NULL, (ka = pgp_cert_key_iter_next(key_iter))) {
key = pgp_key_amalgamation_key (ka);
if (!pgp_key_has_unencrypted_secret(key)) {
const char* pass = session->curr_passphrase;
if (pass && pass[0]) {
pgp_key_t decrypted_key = NULL;
decrypted_key = pgp_key_decrypt_secret(&err, pgp_key_clone(key), (uint8_t*)session->curr_passphrase,
strlen(session->curr_passphrase));
if (!decrypted_key) {
DUMP_ERR(err, PEP_WRONG_PASSPHRASE, "pgp_key_decrypt_secret");
cookie->bad_passphrase = 1;
continue;
}
else {
pgp_key_free(key);
key = decrypted_key;
}
}
else {
DUMP_ERR(err, PEP_PASSPHRASE_REQUIRED, "pgp_key_decrypt_secret");
cookie->missing_passphrase = 1;
continue;
}
}
// Note: for decryption to appear to succeed, we must
// get a valid algorithm (8 of 256 values) and a
// 16-bit checksum must match. Thus, we have about a
// 1 in 2**21 chance of having a false positive here.
uint8_t algo;
uint8_t session_key[1024];
size_t session_key_len = sizeof(session_key);
if (pgp_pkesk_decrypt(&err, pkesk, key,
&algo, session_key, &session_key_len)) {
pgp_error_free(err);
err = NULL;
pgp_key_free (key);
pgp_key_amalgamation_free (ka);
continue;
}
// Add it to the recipient list.
pgp_fingerprint_t fp = pgp_cert_fingerprint(tsk);
char *fp_string = pgp_fingerprint_to_hex(fp);
T("wildcard recipient appears to be %s", fp_string);
stringlist_add_unique(cookie->recipient_keylist, fp_string);
free(fp_string);
pgp_fingerprint_free(fp);
pgp_session_key_t sk = pgp_session_key_from_bytes (session_key,
session_key_len);
if (! decrypt (decrypt_cookie, algo, sk)) {
DUMP_STATUS(PGP_STATUS_UNKNOWN_ERROR, PEP_CANNOT_DECRYPT_UNKNOWN, "decrypt_cb");
goto eol2;
}
*identity_out = pgp_cert_fingerprint(tsk);
cookie->decrypted = 1;
break;
}
pgp_key_free (key);
key = NULL;
pgp_key_amalgamation_free (ka);
ka = NULL;
pgp_cert_key_iter_free(key_iter);
key_iter = NULL;
}
eol2:
pgp_session_key_free (sk);
free(keyid_str);
pgp_key_free (key);
pgp_key_amalgamation_free (ka);
pgp_cert_key_iter_free(key_iter);
}
if (tsks) {
for (int i = 0; i < tsks_count; i ++)
pgp_cert_free(tsks[i]);
free(tsks);
}
return cookie->decrypted ? PGP_STATUS_SUCCESS : PGP_STATUS_UNKNOWN_ERROR;
}
static pgp_status_t
check_signatures_cb(void *cookie_opaque, pgp_message_structure_t structure)
{
struct decrypt_cookie *cookie = cookie_opaque;
pgp_message_structure_iter_t iter
= pgp_message_structure_into_iter (structure);
for (pgp_message_layer_t layer = pgp_message_structure_iter_next (iter);
layer;
layer = pgp_message_structure_iter_next (iter)) {
pgp_verification_result_iter_t results;
switch (pgp_message_layer_variant (layer)) {
case PGP_MESSAGE_LAYER_COMPRESSION:
case PGP_MESSAGE_LAYER_ENCRYPTION:
break;
case PGP_MESSAGE_LAYER_SIGNATURE_GROUP:
pgp_message_layer_signature_group(layer, &results);
pgp_verification_result_t result;
while ((result = pgp_verification_result_iter_next (results))) {
pgp_signature_t sig = NULL;
pgp_keyid_t keyid = NULL;
char *keyid_str = NULL;
pgp_error_t error = NULL;
char *error_str = NULL;
switch (pgp_verification_result_variant (result)) {
case PGP_VERIFICATION_RESULT_GOOD_CHECKSUM: {
// We need to add the fingerprint of the primary
// key to cookie->signer_keylist.
pgp_cert_t cert = NULL;
pgp_verification_result_good_checksum (result, &sig,
&cert,
NULL, // key
NULL, // binding
NULL); // revocation
// We need the primary key's fingerprint.
pgp_fingerprint_t primary_fpr
= pgp_cert_fingerprint(cert);
char *primary_fpr_str
= pgp_fingerprint_to_hex(primary_fpr);
stringlist_add_unique(cookie->signer_keylist,
primary_fpr_str);
T("Good signature from %s", primary_fpr_str);
free (primary_fpr_str);
pgp_fingerprint_free (primary_fpr);
pgp_cert_free (cert);
cookie->good_checksums ++;
break;
}
case PGP_VERIFICATION_RESULT_MALFORMED_SIGNATURE:
if (TRACING) {
pgp_verification_result_malformed_signature (result,
&sig,
&error);
error_str = pgp_error_to_string(error);
keyid = pgp_signature_issuer (sig);
keyid_str = pgp_keyid_to_string (keyid);
T("Malformed signature from %s: %s",
keyid_str, error_str);
}
cookie->malformed_signature ++;
break;
case PGP_VERIFICATION_RESULT_MISSING_KEY:
if (TRACING) {
pgp_verification_result_missing_key (result, &sig);
keyid = pgp_signature_issuer (sig);
keyid_str = pgp_keyid_to_string (keyid);
T("No key to check signature from %s", keyid_str);
}
cookie->missing_keys ++;
break;
case PGP_VERIFICATION_RESULT_UNBOUND_KEY:
// This happens if the key doesn't have a binding
// signature.
if (TRACING) {
pgp_verification_result_unbound_key (result,
&sig,
NULL,
&error);
error_str = pgp_error_to_string(error);
keyid = pgp_signature_issuer (sig);
keyid_str = pgp_keyid_to_string (keyid);
T("key %s has no valid self-signature: %s",
keyid_str ? keyid_str : "(missing issuer)",
error_str);
}
cookie->unbound_key ++;
break;
case PGP_VERIFICATION_RESULT_BAD_KEY: {
// This happens if the certificate is not alive or
// revoked, if the key is not alive or revoked, of
// if the key is not signing capable.
pgp_cert_t cert = NULL;
pgp_key_t key = NULL;
pgp_signature_t selfsig = NULL;
pgp_revocation_status_t rs = NULL;
pgp_verification_result_bad_key (result,
&sig,
&cert, // cert
&key, // key
&selfsig, // binding
&rs, // key revocation
&error);
if (TRACING) {
error_str = pgp_error_to_string(error);
keyid = pgp_signature_issuer (sig);
keyid_str = pgp_keyid_to_string (keyid);
T("key %s is bad: %s",
keyid_str ? keyid_str : "(missing issuer)",
error_str);
}
// Check if the key or certificate is revoked.
if (pgp_revocation_status_variant(rs)
== PGP_REVOCATION_STATUS_REVOKED) {
// Key is revoked.
cookie->revoked_key ++;
} else {
pgp_revocation_status_free (rs);
rs = pgp_cert_revocation_status (cert, cookie->session->policy, 0);
if (pgp_revocation_status_variant(rs)
== PGP_REVOCATION_STATUS_REVOKED) {
// Cert is revoked.
cookie->revoked_key ++;
}
// Check if the key or certificate is expired.
else if (pgp_cert_alive(NULL, cert,
cookie->session->policy, 0)
!= PGP_STATUS_SUCCESS) {
// Certificate is expired.
cookie->expired_key ++;
goto out;
} else if (pgp_signature_key_alive (NULL, selfsig, key, 0)
!= PGP_STATUS_SUCCESS) {
// Key is expired.
cookie->expired_key ++;
goto out;
}
// Wrong key flags or something similar.
else {
cookie->bad_key ++;
}
}
out:
pgp_revocation_status_free (rs);
pgp_signature_free (selfsig);
pgp_key_free (key);
pgp_cert_free (cert);
break;
}
case PGP_VERIFICATION_RESULT_BAD_SIGNATURE:
if (TRACING) {
pgp_verification_result_bad_signature
(result, &sig, NULL, NULL, NULL, NULL, &error);
error_str = pgp_error_to_string(error);
keyid = pgp_signature_issuer (sig);
if (keyid) {
keyid_str = pgp_keyid_to_string (keyid);
T("Bad signature from %s: %s",
keyid_str, error_str);
} else {
T("Bad signature without issuer information: %s",
error_str);
}
}
cookie->bad_checksums ++;
break;
default:
assert (! "reachable");
}
free (keyid_str);
pgp_signature_free (sig);
free (error_str);
pgp_error_free (error);
pgp_verification_result_free (result);
}
pgp_verification_result_iter_free (results);
break;
default:
assert (! "reachable");
}
pgp_message_layer_free (layer);
}
pgp_message_structure_iter_free (iter);
return PGP_STATUS_SUCCESS;
}
static pgp_status_t inspect_cb(
void *cookie_opaque, pgp_packet_parser_t pp)
{
struct decrypt_cookie *cookie = cookie_opaque;
pgp_packet_t packet = pgp_packet_parser_packet(pp);
assert(packet);
pgp_tag_t tag = pgp_packet_tag(packet);
T("%s", pgp_tag_to_string(tag));
if (tag == PGP_TAG_LITERAL) {
pgp_literal_t literal = pgp_packet_ref_literal(packet);
cookie->filename = pgp_literal_filename(literal);
pgp_literal_free(literal);
}
pgp_packet_free(packet);
return 0;
}
PEP_STATUS pgp_decrypt_and_verify(
PEP_SESSION session, const char *ctext, size_t csize,
const char *dsigtext, size_t dsigsize,
char **ptext, size_t *psize, stringlist_t **keylist,
char** filename_ptr)
{
PEP_STATUS status = PEP_STATUS_OK;
struct decrypt_cookie cookie = { session, 0, NULL, NULL, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, NULL };
pgp_reader_t reader = NULL;
pgp_writer_t writer = NULL;
pgp_reader_t decryptor = NULL;
*ptext = NULL;
*psize = 0;
// XXX: We don't yet handle detached signatures over encrypted
// messages.
assert(!dsigtext);
cookie.recipient_keylist = new_stringlist(NULL);
if (!cookie.recipient_keylist)
ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "recipient_keylist");
cookie.signer_keylist = new_stringlist(NULL);
if (!cookie.signer_keylist)
ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "signer_keylist");
reader = pgp_reader_from_bytes((const uint8_t *) ctext, csize);
if (! reader)
ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "Creating reader");
writer = pgp_writer_alloc((void **) ptext, psize);
if (! writer)
ERROR_OUT(NULL, PEP_UNKNOWN_ERROR, "Creating writer");
pgp_error_t err = NULL;
decryptor = pgp_decryptor_new(&err, session->policy, reader,
get_public_keys_cb, decrypt_cb,
check_signatures_cb, inspect_cb,
&cookie, 0);
if (! decryptor) {
if (cookie.bad_passphrase)
status = PEP_WRONG_PASSPHRASE;
else if (cookie.missing_passphrase)
status = PEP_PASSPHRASE_REQUIRED;
else
status = PEP_DECRYPT_NO_KEY;
ERROR_OUT(err, status, "pgp_decryptor_new");
}
// Copy 128 MB at a time.
ssize_t nread;
while ((nread = pgp_reader_copy (&err, decryptor, writer,
128 * 1024 * 1024) > 0))
;
if (nread < 0)
ERROR_OUT(err, PEP_UNKNOWN_ERROR, "pgp_reader_read");
// Add a terminating NUL for naive users
pgp_writer_write(&err, writer, (const uint8_t *) &""[0], 1);
if (! cookie.decrypted)
ERROR_OUT(err, PEP_DECRYPT_NO_KEY, "Decryption failed");
if (! cookie.signer_keylist) {
cookie.signer_keylist = new_stringlist("");
if (! cookie.signer_keylist)
ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "cookie.signer_keylist");
}
if (!cookie.signer_keylist->value)
stringlist_add(cookie.signer_keylist, "");
*keylist = cookie.signer_keylist;
stringlist_append(*keylist, cookie.recipient_keylist);
if (filename_ptr)
*filename_ptr = cookie.filename;
out:
if (status == PEP_STATUS_OK) {
// **********************************
// Sync changes with pgp_verify_text.
// **********************************
if (cookie.good_checksums) {
// If there is at least one signature that we can verify,
// succeed.
status = PEP_DECRYPTED_AND_VERIFIED;
} else if (cookie.revoked_key) {
// If there are any signatures from revoked keys, fail.
status = PEP_VERIFY_SIGNER_KEY_REVOKED;
} else if (cookie.expired_key) {
// If there are any signatures from expired keys, fail.
status = PEP_DECRYPTED;
} else if (cookie.bad_key) {
// If there are any signatures from invalid keys (keys
// that are not signing capable), fail.
status = PEP_DECRYPTED;
} else if (cookie.bad_checksums) {
// If there are any bad signatures, fail.
status = PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH;
} else {
// We couldn't verify any signatures (possibly because we
// don't have the keys).
status = PEP_DECRYPTED;
}
} else {
free_stringlist(cookie.recipient_keylist);
free_stringlist(cookie.signer_keylist);
free(cookie.filename);
free(*ptext);
}
pgp_reader_free(reader);
pgp_reader_free(decryptor);
pgp_writer_free(writer);
T("-> %s", pEp_status_to_string(status));
return status;
}
PEP_STATUS pgp_verify_text(
PEP_SESSION session, const char *text, size_t size,
const char *signature, size_t sig_size, stringlist_t **keylist)
{
PEP_STATUS status = PEP_STATUS_OK;
pgp_error_t err = NULL;
struct decrypt_cookie cookie = { session, 0, NULL, NULL, 0, 0, 0, };
pgp_reader_t reader = NULL;
pgp_reader_t dsig_reader = NULL;
if (size == 0 || sig_size == 0)
return PEP_DECRYPT_WRONG_FORMAT;
#if TRACING > 0
{
int cr = 0;
int crlf = 0;
int lf = 0;
for (int i = 0; i < size; i ++) {
// CR
if (text[i] == '\r') {
cr ++;
}
// LF
if (text[i] == '\n') {
if (i > 0 && text[i - 1] == '\r') {
cr --;
crlf ++;
} else {
lf ++;
}
}
}
T("Text to verify: %zd bytes with %d crlfs, %d bare crs and %d bare lfs",
size, crlf, cr, lf);
}
#endif
cookie.recipient_keylist = new_stringlist(NULL);
if (!cookie.recipient_keylist)
ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "out of memory");
cookie.signer_keylist = new_stringlist(NULL);
if (!cookie.signer_keylist)
ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "out of memory");
reader = pgp_reader_from_bytes((const uint8_t *) text, size);
if (! reader)
ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "Creating reader");
dsig_reader = NULL;
if (signature) {
dsig_reader = pgp_reader_from_bytes((uint8_t *) signature, sig_size);
if (! dsig_reader)
ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "Creating signature reader");
}
if (dsig_reader) {
pgp_detached_verifier_t verifier
= pgp_detached_verifier_new(&err, session->policy,
dsig_reader,
get_public_keys_cb,
check_signatures_cb,
NULL,
&cookie, 0);
if (! verifier)
ERROR_OUT(err, PEP_UNKNOWN_ERROR, "Creating verifier");
pgp_status_t pgp_status = pgp_detached_verifier_verify (&err, verifier, reader);
pgp_detached_verifier_free (verifier);
if (pgp_status)
ERROR_OUT(err, PEP_UNKNOWN_ERROR, "Verifying data");
} else {
pgp_reader_t verifier = NULL;
verifier = pgp_verifier_new(&err, session->policy, reader,
get_public_keys_cb,
check_signatures_cb,
NULL,
&cookie, 0);
if (! verifier)
ERROR_OUT(err, PEP_UNKNOWN_ERROR, "Creating verifier");
pgp_status_t pgp_status = pgp_reader_discard(&err, verifier);
pgp_reader_free(verifier);
if (pgp_status)
ERROR_OUT(err, PEP_UNKNOWN_ERROR, "verifier");
}
if (! cookie.signer_keylist) {
cookie.signer_keylist = new_stringlist("");
if (! cookie.signer_keylist)
ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "cookie.signer_keylist");
}
if (!cookie.signer_keylist->value)
stringlist_add(cookie.signer_keylist, "");
*keylist = cookie.signer_keylist;
stringlist_append(*keylist, cookie.recipient_keylist);
out:
if (status == PEP_STATUS_OK) {
// *****************************************
// Sync changes with pgp_decrypt_and_verify.
// *****************************************
if (cookie.good_checksums) {
// If there is at least one signature that we can verify,
// succeed.
status = PEP_VERIFIED;
} else if (cookie.revoked_key) {
// If there are any signatures from revoked keys, fail.
status = PEP_VERIFY_SIGNER_KEY_REVOKED;
} else if (cookie.expired_key) {
// If there are any signatures from expired keys, fail.
status = PEP_DECRYPTED;
} else if (cookie.bad_key) {
// If there are any signatures from invalid keys (keys
// that are not signing capable), fail.
status = PEP_DECRYPTED;
} else if (cookie.bad_checksums) {
// If there are any bad signatures, fail.
status = PEP_DECRYPT_SIGNATURE_DOES_NOT_MATCH;
} else {
// We couldn't verify any signatures (possibly because we
// don't have the keys).
status = PEP_UNENCRYPTED;
}
} else {
free_stringlist(cookie.recipient_keylist);
free_stringlist(cookie.signer_keylist);
}
pgp_reader_free(reader);
pgp_reader_free(dsig_reader);
T("-> %s", pEp_status_to_string(status));
return status;
}
PEP_STATUS pgp_sign_only(
PEP_SESSION session, const char* fpr, const char *ptext,
size_t psize, char **stext, size_t *ssize)
{
assert(session);
assert(fpr && fpr[0]);
assert(ptext);
assert(psize);
assert(stext);
assert(ssize);
*stext = NULL;
*ssize = 0;
PEP_STATUS status = PEP_STATUS_OK;
pgp_error_t err = NULL;
pgp_cert_t signer_cert = NULL;
pgp_cert_valid_key_iter_t iter = NULL;
pgp_valid_key_amalgamation_t ka = NULL;
pgp_key_pair_t signing_keypair = NULL;
pgp_signer_t signer = NULL;
pgp_writer_stack_t ws = NULL;
status = cert_find_by_fpr_hex(session, fpr, true, &signer_cert, NULL);
ERROR_OUT(NULL, status, "Looking up key '%s'", fpr);
iter = pgp_cert_valid_key_iter(signer_cert, session->policy, 0);
pgp_cert_valid_key_iter_alive(iter);
pgp_cert_valid_key_iter_revoked(iter, false);
pgp_cert_valid_key_iter_for_signing (iter);
pgp_key_t key = NULL;
status = _pgp_get_decrypted_key(session, iter, &key);
if (!key || status != PEP_STATUS_OK) {
ERROR_OUT (err, status,
"%s has no signing capable key", fpr);
}
signing_keypair = pgp_key_into_key_pair (NULL, pgp_key_clone (key));
pgp_key_free (key);
if (! signing_keypair)
ERROR_OUT (err, PEP_UNKNOWN_ERROR, "Creating a keypair");
signer = pgp_key_pair_as_signer (signing_keypair);
if (! signer)
ERROR_OUT (err, PEP_UNKNOWN_ERROR, "Creating a signer");
pgp_writer_t writer = pgp_writer_alloc((void **) stext, ssize);
writer = pgp_armor_writer_new(&err, writer,
PGP_ARMOR_KIND_MESSAGE, NULL, 0);
if (!writer)
ERROR_OUT(err, PEP_UNKNOWN_ERROR, "Setting up armor writer");
ws = pgp_writer_stack_message(writer);
ws = pgp_signer_new_detached(&err, ws, &signer, 1, 0);
if (!ws)
ERROR_OUT(err, PEP_UNKNOWN_ERROR, "Setting up signer");
// pgp_signer_new_detached consumes signer.
signer = NULL;
pgp_status_t write_status =
pgp_writer_stack_write_all (&err, ws,
(uint8_t *) ptext, psize);
if (write_status != 0)
ERROR_OUT(err, PEP_UNKNOWN_ERROR, "Encrypting message");
pgp_status_t pgp_status = pgp_writer_stack_finalize (&err, ws);
ws = NULL;
if (pgp_status != 0)
ERROR_OUT(err, PEP_UNKNOWN_ERROR, "Flushing writer");
pgp_status = pgp_armor_writer_finalize (&err, writer);
if (pgp_status != 0)
ERROR_OUT(err, PEP_UNKNOWN_ERROR, "Flushing armor writer");
// Add a terminating NUL for naive users
void *t = realloc(*stext, *ssize + 1);
if (! t)
ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "out of memory");
*stext = t;
(*stext)[*ssize] = 0;
out:
pgp_signer_free (signer);
// XXX: pgp_key_pair_as_signer is only supposed to reference
// signing_keypair, but it consumes it. If this is fixed, this
// will become a leak.
//
//pgp_key_pair_free (signing_keypair);
pgp_valid_key_amalgamation_free (ka);
pgp_cert_valid_key_iter_free (iter);
pgp_cert_free(signer_cert);
T("(%s)-> %s", fpr, pEp_status_to_string(status));
return status;
}
static PEP_STATUS pgp_encrypt_sign_optional(
PEP_SESSION session, const stringlist_t *keylist, const char *ptext,
size_t psize, char **ctext, size_t *csize, bool sign)
{
PEP_STATUS status = PEP_STATUS_OK;
pgp_error_t err = NULL;
int recipient_cert_count = 0;
pgp_cert_t *recipient_certs = NULL;
int recipient_count = 0;
int recipient_alloc = 0;
pgp_recipient_t *recipients = NULL;
int recipient_keys_count = 0;
pgp_key_t *recipient_keys = NULL;
pgp_cert_t signer_cert = NULL;
pgp_writer_stack_t ws = NULL;
pgp_cert_valid_key_iter_t iter = NULL;
pgp_valid_key_amalgamation_t ka = NULL;
pgp_key_pair_t signing_keypair = NULL;
pgp_signer_t signer = NULL;
assert(session);
assert(keylist);
assert(ptext);
assert(psize);
assert(ctext);
assert(csize);
*ctext = NULL;
*csize = 0;
int keylist_len = stringlist_length(keylist);
// We don't need to worry about extending recipient_certs, because
// there will be at most KEYLIST_LEN certs, which we allocate up
// front.
recipient_certs = calloc(keylist_len, sizeof(*recipient_certs));
if (recipient_certs == NULL)
ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "out of memory");
// Because there may be multiple encryption keys per certificate, we may
// need to extend recipient_keys and recipients.
recipient_alloc = keylist_len;
recipient_keys = calloc(recipient_alloc, sizeof(*recipient_keys));
if (recipient_keys == NULL)
ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "out of memory");
recipients = calloc(recipient_alloc, sizeof(*recipients));
if (recipients == NULL)
ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "out of memory");
// Get the keys for the recipients.
const stringlist_t *_keylist;
for (_keylist = keylist; _keylist != NULL; _keylist = _keylist->next) {
assert(_keylist->value);
pgp_cert_t cert;
status = cert_find_by_fpr_hex(session, _keylist->value,
false, &cert, NULL);
// We couldn't find a key for this recipient.
ERROR_OUT(NULL, status,
"Looking up key for recipient '%s'", _keylist->value);
recipient_certs[recipient_cert_count ++] = cert;
// Collect all of the keys that have the encryption for
// transport capability.
iter = pgp_cert_valid_key_iter(cert, session->policy, 0);
if (! iter)
ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "out of memory");
pgp_cert_valid_key_iter_alive(iter);
pgp_cert_valid_key_iter_revoked(iter, false);
pgp_cert_valid_key_iter_for_transport_encryption(iter);
while ((ka = pgp_cert_valid_key_iter_next (iter, NULL, NULL))) {
assert(recipient_count == recipient_keys_count);
if (recipient_count == recipient_alloc) {
assert(recipient_alloc > 0);
recipient_alloc *= 2;
void *t = _pEp_reallocarray(recipient_keys, recipient_alloc,
sizeof(*recipient_keys));
if (! t)
ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "out of memory");
recipient_keys = t;
t = _pEp_reallocarray(recipients, recipient_alloc,
sizeof(*recipients));
if (! t)
ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "out of memory");
recipients = t;
}
// pgp_valid_key_amalgamation_key returns a reference to
// ka. We need to keep it around after this iteration.
// So, we clone it. Unfortunately, although
// pgp_recipient_new consumes the passed key id, it only
// references the key. So, we need to remember to free it
// at the end.
pgp_key_t key = pgp_valid_key_amalgamation_key (ka);
recipient_keys[recipient_keys_count ++] = pgp_key_clone (key);
pgp_key_free (key);
pgp_keyid_t keyid = pgp_key_keyid(recipient_keys[recipient_keys_count - 1]);
if (! keyid)
ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "out of memory");
recipients[recipient_count++] = pgp_recipient_new(keyid, recipient_keys[recipient_keys_count - 1]);
pgp_valid_key_amalgamation_free (ka);
}
pgp_cert_valid_key_iter_free(iter);
iter = NULL;
}
if (sign) {
// The first key in the keylist is the signer.
status = cert_find_by_fpr_hex(session, keylist->value, true, &signer_cert, NULL);
ERROR_OUT(NULL, status, "Looking up key for signing '%s'", keylist->value);
}
pgp_writer_t writer_alloc = pgp_writer_alloc((void **) ctext, csize);
pgp_writer_t writer = pgp_armor_writer_new(&err, writer_alloc,
PGP_ARMOR_KIND_MESSAGE, NULL, 0);
if (!writer)
ERROR_OUT(err, PEP_UNKNOWN_ERROR, "Setting up armor writer");
ws = pgp_writer_stack_message(writer);
ws = pgp_encryptor_new (&err, ws,
NULL, 0, recipients, recipient_count,
0, 0);
if (!ws)
ERROR_OUT(err, PEP_UNKNOWN_ERROR, "Setting up encryptor");
// pgp_encrypt_new consumes the recipients (but not the keys).
recipient_count = 0;
if (sign) {
iter = pgp_cert_valid_key_iter(signer_cert, session->policy, 0);
pgp_cert_valid_key_iter_alive(iter);
pgp_cert_valid_key_iter_revoked(iter, false);
pgp_cert_valid_key_iter_for_signing (iter);
pgp_key_t key = NULL;
status = _pgp_get_decrypted_key(session, iter, &key);
if (!key || status != PEP_STATUS_OK) {
ERROR_OUT (err, status,
"%s has no signing capable key", fpr);
}
signing_keypair = pgp_key_into_key_pair (NULL, pgp_key_clone (key));
pgp_key_free (key);
if (! signing_keypair)
ERROR_OUT (err, PEP_UNKNOWN_ERROR, "Creating a keypair");
signer = pgp_key_pair_as_signer (signing_keypair);
if (! signer)
ERROR_OUT (err, PEP_UNKNOWN_ERROR, "Creating a signer");
ws = pgp_signer_new(&err, ws, &signer, 1, 0);
if (!ws)
ERROR_OUT(err, PEP_UNKNOWN_ERROR, "Setting up signer");
// pgp_signer_new consumes signer.
signer = NULL;
}
ws = pgp_literal_writer_new (&err, ws);
if (!ws)
ERROR_OUT(err, PEP_UNKNOWN_ERROR, "Setting up literal writer");
pgp_status_t write_status =
pgp_writer_stack_write_all (&err, ws,
(uint8_t *) ptext, psize);
if (write_status != 0)
ERROR_OUT(err, PEP_UNKNOWN_ERROR, "Encrypting message");
pgp_status_t pgp_status = pgp_writer_stack_finalize (&err, ws);
ws = NULL;
if (pgp_status != 0)
ERROR_OUT(err, PEP_UNKNOWN_ERROR, "Flushing writer");
pgp_status = pgp_armor_writer_finalize (&err, writer);
if (pgp_status != 0)
ERROR_OUT(err, PEP_UNKNOWN_ERROR, "Flushing armor writer");
pgp_writer_free (writer_alloc);
// Add a terminating NUL for naive users
void *t = realloc(*ctext, *csize + 1);
if (! t) {
free(*ctext);
*ctext = NULL;
ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "out of memory");
}
*ctext = t;
(*ctext)[*csize] = 0;
out:
pgp_signer_free (signer);
// XXX: pgp_key_pair_as_signer is only supposed to reference
// signing_keypair, but it consumes it. If this is fixed, this
// will become a leak.
//
// pgp_key_pair_free (signing_keypair);
pgp_valid_key_amalgamation_free (ka);
pgp_cert_valid_key_iter_free (iter);
pgp_cert_free(signer_cert);
for (int i = 0; i < recipient_count; i ++)
pgp_recipient_free(recipients[i]);
free(recipients);
for (int i = 0; i < recipient_keys_count; i ++)
pgp_key_free(recipient_keys[i]);
free(recipient_keys);
for (int i = 0; i < recipient_cert_count; i ++)
pgp_cert_free(recipient_certs[i]);
free(recipient_certs);
T("-> %s", pEp_status_to_string(status));
return status;
}
PEP_STATUS pgp_encrypt_only(
PEP_SESSION session, const stringlist_t *keylist, const char *ptext,
size_t psize, char **ctext, size_t *csize)
{
return pgp_encrypt_sign_optional(session, keylist, ptext,
psize, ctext, csize, false);
}
PEP_STATUS pgp_encrypt_and_sign(
PEP_SESSION session, const stringlist_t *keylist, const char *ptext,
size_t psize, char **ctext, size_t *csize)
{
return pgp_encrypt_sign_optional(session, keylist, ptext,
psize, ctext, csize, true);
}
static char* _filter_parentheses(const char* input) {
if (!input)
return NULL;
int input_len = strlen(input) + 1;
char* retval = calloc(input_len, 1);
strlcpy(retval, input, input_len);
char* curr_c;
for (curr_c = retval; curr_c && *curr_c != '\0'; curr_c++) {
switch(*curr_c) {
case '(':
*curr_c = '[';
break;
case ')':
*curr_c = ']';
break;
default:
break;
}
}
return retval;
}
static char* _flatten_to_alphanum(const char* input) {
if (!input)
return NULL;
int input_len = strlen(input) + 1;
char* retval = calloc(input_len, 1);
strlcpy(retval, input, input_len);
char* curr_c;
for (curr_c = retval; curr_c && *curr_c != '\0'; curr_c++) {
char c = *curr_c;
if (c == ' ' || (c >= 'A' && c <= 'Z') ||
(c >= 'a' && c <= 'z') ||
(c >= '0' && c <= '9'))
continue;
*curr_c = '_';
}
return retval;
}
PEP_STATUS _pgp_generate_keypair(PEP_SESSION session, pEp_identity *identity, time_t when)
{
PEP_STATUS status = PEP_STATUS_OK;
pgp_error_t err = NULL;
pgp_packet_t userid_packet = NULL;
char *userid = NULL;
pgp_cert_t cert = NULL;
pgp_fingerprint_t pgp_fpr = NULL;
char *fpr = NULL;
assert(session);
assert(identity);
assert(identity->address);
assert(identity->fpr == NULL || identity->fpr[0] == 0);
// assert(identity->username);
const char* passphrase = session->generation_passphrase;
if (session->new_key_pass_enable && (!passphrase || passphrase[0] == '\0'))
return PEP_PASSPHRASE_FOR_NEW_KEYS_REQUIRED;
char* cached_username = identity->username;
if (identity->username && strcmp(identity->address, identity->username) == 0) {
cached_username = identity->username;
identity->username = NULL;
}
userid_packet = pgp_user_id_from_unchecked_address(&err,
identity->username, NULL,
identity->address);
if (!userid_packet) {
char* tmpname = _filter_parentheses(identity->username);
userid_packet = pgp_user_id_from_unchecked_address(&err,
tmpname, NULL,
identity->address);
free(tmpname);
}
if (!userid_packet) {
char* tmpname = _flatten_to_alphanum(identity->username);
userid_packet = pgp_user_id_from_unchecked_address(&err,
tmpname, NULL,
identity->address);
free(tmpname);
}
identity->username = cached_username;
if (!userid_packet)
ERROR_OUT(err, PEP_UNKNOWN_ERROR, "pgp_user_id_from_unchecked_address");
size_t userid_len = 0;
const uint8_t *raw = pgp_user_id_value(userid_packet, &userid_len);
// NUL terminate it.
userid = malloc(userid_len + 1);
if (!userid)
ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "out of memory");
memcpy(userid, raw, userid_len);
userid[userid_len] = 0;
T("(%s)", userid);
// Generate a key.
pgp_cert_builder_t certb = pgp_cert_builder_general_purpose(
cipher_suite(session->cipher_suite), userid);
if (session->new_key_pass_enable)
pgp_cert_builder_set_password(&certb, (uint8_t*)passphrase, strlen(passphrase));
pgp_cert_builder_set_creation_time(&certb, when);
pgp_signature_t rev;
if (pgp_cert_builder_generate(&err, certb, &cert, &rev))
ERROR_OUT(err, PEP_CANNOT_CREATE_KEY, "Generating a key pair");
// XXX: We should return this.
pgp_signature_free(rev);
// Get the fingerprint.
pgp_fpr = pgp_cert_fingerprint(cert);
fpr = pgp_fingerprint_to_hex(pgp_fpr);
status = cert_save(session, cert, NULL, NULL);
cert = NULL;
if (status != 0)
ERROR_OUT(NULL, PEP_CANNOT_CREATE_KEY, "saving TSK");
free(identity->fpr);
identity->fpr = fpr;
fpr = NULL;
out:
pgp_fingerprint_free(pgp_fpr);
free(fpr);
pgp_cert_free(cert);
free(userid);
pgp_packet_free(userid_packet);
T("-> %s", pEp_status_to_string(status));
return status;
}
PEP_STATUS pgp_generate_keypair(PEP_SESSION session, pEp_identity *identity)
{
return _pgp_generate_keypair(session, identity, 0);
}
PEP_STATUS pgp_delete_keypair(PEP_SESSION session, const char *fpr_raw)
{
PEP_STATUS status = PEP_STATUS_OK;
assert(session && fpr_raw && fpr_raw[0]);
if (!(session && fpr_raw && fpr_raw[0]))
ERROR_OUT(NULL, PEP_ILLEGAL_VALUE, "invalid arguments");
char *fpr = pgp_fingerprint_canonicalize(fpr_raw);
if (! fpr)
ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "out of memory");
T("Deleting %s", fpr);
sqlite3_stmt *stmt = session->sq_sql.delete_keypair;
sqlite3_bind_text(stmt, 1, fpr, -1, free);
int sqlite_result = sqlite3_step(stmt);
sqlite3_reset(stmt);
if (sqlite_result != SQLITE_DONE)
ERROR_OUT(NULL, PEP_CANNOT_DELETE_KEY,
"deletion failed: %s", sqlite3_errmsg(session->key_db));
sqlite_result = sqlite3_changes(session->key_db);
assert(sqlite_result >= 0 && sqlite_result < 2);
if (sqlite_result < 1)
ERROR_OUT(NULL, PEP_KEY_NOT_FOUND,
"attempt to delete non-existent key: %s", fpr_raw);
out:
return status;
}
static unsigned int count_keydata_parts(const char* key_data, size_t size) {
unsigned int retval = 0;
const char* pgp_begin = "-----BEGIN PGP";
size_t prefix_len = strlen(pgp_begin);
size_t size_remaining = size;
while (key_data) {
if (size_remaining <= prefix_len || key_data[0] == '\0')
break;
key_data = strnstr(key_data, pgp_begin, size_remaining);
if (key_data) {
retval++;
key_data += prefix_len;
size_remaining -= prefix_len;
}
}
return retval;
}
// This is for single keys, which is why we're using a boolean here.
PEP_STATUS _pgp_import_keydata(PEP_SESSION session, const char *key_data,
size_t size, identity_list **private_idents,
stringlist_t** imported_keys,
uint64_t* changed_bitvec)
{
PEP_STATUS status = PEP_NO_KEY_IMPORTED;
pgp_error_t err;
pgp_cert_parser_t parser = NULL;
char* issuer_fpr_hex = NULL;
char* cert_fpr_hex = NULL;
if (changed_bitvec && !imported_keys)
return PEP_ILLEGAL_VALUE;
if (private_idents)
*private_idents = NULL;
stringlist_t* _import_keylist = imported_keys ? *imported_keys : NULL;
int _import_keylist_len = stringlist_length(_import_keylist);
T("parsing %zd bytes", size);
pgp_packet_parser_result_t ppr
= pgp_packet_parser_from_bytes(&err, (uint8_t *) key_data, size);
if (! ppr)
ERROR_OUT(err, PEP_UNKNOWN_ERROR, "Creating packet parser");
pgp_tag_t tag = pgp_packet_parser_result_tag(ppr);
switch (tag) {
case PGP_TAG_SIGNATURE: {
// The following asserts can't fail, because
// pgp_packet_parser_result_tag succeeded and the tag is
// right.
pgp_packet_parser_t pp = pgp_packet_parser_result_packet_parser (ppr);
assert(pp);
pgp_packet_t packet = NULL;
if (pgp_packet_parser_next(&err, pp, &packet, &ppr))
ERROR_OUT(err, PEP_UNKNOWN_ERROR, "Getting signature packet");
pgp_signature_t sig = pgp_packet_ref_signature (packet