More fixes. Work in progress. Key export still broken (incl saving rings)

8 years ago · 68575d89f5
parent 0b52dfca5f
commit 68575d89f5
5 changed files with 35 additions and 39 deletions
--- a/dist/src/lib/keyring.c
+++ b/dist/src/lib/keyring.c
@ -325,7 +325,7 @@ pgp_key_find_key_conds(
                key, NULL, NULL, sigcond, &youngest, 
                checkrevoke, checkexpiry);

-        /* if matching uid sig, then primary is machin key */
+        /* if matching uid sig, then primary is matching key */
        if(uidres != -1){ 
            res = -1;
        }
@ -938,7 +938,8 @@ deletekey( pgp_keyring_t *keyring, pgp_key_t *key, unsigned from)
 	return 1;
 }

-unsigned key_id_match(const pgp_pubkey_t *key, const uint8_t *keyid, void *refidarg){
+unsigned key_id_match(const pgp_pubkey_t *key, const uint8_t *keyid, void *refidarg)
+{
    uint8_t *refid = refidarg;
    return (memcmp(keyid, refid, PGP_KEY_ID_SIZE) == 0);
 }
@ -1437,10 +1438,6 @@ unsigned pgp_update_subkey(
                  &subkey->pubkey:
                  &subkey->seckey.pubkey, PGP_HASH_SHA1);

-        printf("SUBKEY\n");
-        hexdump(stdout, "subkey ID", subkeyid,
-                    sizeof(subkeyid));
-
        /* Try to find identical subkey ID */
 		subkeyp = key->subkeys;
 		for (idx = 0 ; idx < key->subkeyc; idx++, subkeyp++) {
@ -1451,6 +1448,13 @@ unsigned pgp_update_subkey(
 		}
        /* Add a new one if none found */
        if(idx==key->subkeyc){
+            if(subkeytype == PGP_PTAG_CT_PUBLIC_KEY &&
+               key->type != PGP_PTAG_CT_PUBLIC_KEY){
+                /* cannot create secret subkey from public */
+                /* and may not insert public subkey in seckey */
+                return 1;
+            }
+
            EXPAND_ARRAY(key, subkey);
            subkeyp = &key->subkeys[key->subkeyc++];
            /* copy subkey material */
--- a/dist/src/lib/netpgp.c
+++ b/dist/src/lib/netpgp.c
@ -225,12 +225,12 @@ readkeyring(netpgp_t *netpgp,
            pgp_keyring_t *secring)
 {
 	const unsigned	 noarmor = 0;
-	char		 f[MAXPATHLEN];
 	char		*filename;
-	char		*homedir;
+    char		 f[MAXPATHLEN];

-	homedir = netpgp_getvar(netpgp, "homedir");
 	if ((filename = netpgp_getvar(netpgp, name)) == NULL) {
+	    char		*homedir;
+	    homedir = netpgp_getvar(netpgp, "homedir");
 		(void) snprintf(f, sizeof(f), "%s/%s.gpg", homedir, name);
 		filename = f;
 	}
@ -847,7 +847,7 @@ netpgp_init(netpgp_t *netpgp)
                        netpgp->pubring, 
                        netpgp->secring)) {
 			(void) fprintf(io->errs, "Can't read pub keyring\n");
-			return 0;
+			// return 0;
 		}
 		/* if a userid has been given, we'll use it */
 		if ((userid = netpgp_getvar(netpgp, "userid")) == NULL) {
@ -866,7 +866,7 @@ netpgp_init(netpgp_t *netpgp)
                            netpgp->pubring, 
                            netpgp->secring)) {
 				(void) fprintf(io->errs, "Can't read sec keyring\n");
-				return 0;
+				// return 0;
 			}
 			/* now, if we don't have a valid user, use the first in secring */
 			if (!userid && netpgp_getvar(netpgp, "need userid") != NULL) {
@ -1165,15 +1165,16 @@ netpgp_save_ring(netpgp_t           *netpgp,
    char            *ringfile;
    int              cur;
    time_t           curtime;
+    char		 f[MAXPATHLEN];

    io = netpgp->io;

    /* file names */
    if ((ringfile = netpgp_getvar(netpgp, name)) == NULL) {
-        /* only save if already loaded by readkeyring(name) */
-        (void) fprintf(io->errs, 
-                "netpgp_save_%s : No ring file defined\n", name);
-        return 0;
+	    char		*homedir;
+	    homedir = netpgp_getvar(netpgp, "homedir");
+		(void) snprintf(f, sizeof(f), "%s/%s.gpg", homedir, name);
+        ringfile = f;
    }
    curtime = time(NULL);
    if (snprintf(swpfile, sizeof(swpfile),
@ -1197,7 +1198,7 @@ netpgp_save_ring(netpgp_t           *netpgp,
    }

    for (n = 0, key = keyring->keys; n < keyring->keyc; ++n, ++key) {
-        pgp_write_xfer_key(output, key, 1);
+        pgp_write_xfer_key(output, key, 0);
    }

    pgp_teardown_file_write(output, fd);
@ -1215,6 +1216,8 @@ netpgp_save_ring(netpgp_t           *netpgp,
    /* replace ring file with swap file */
    rename(swpfile, ringfile);

+	netpgp_setvar(netpgp, name, ringfile);
+
    return 1;
 }

--- a/dist/src/lib/reader.c
+++ b/dist/src/lib/reader.c
@ -1068,6 +1068,12 @@ armoured_data_reader(pgp_stream_t *stream, void *dest_, size_t length, pgp_error
 	int		 saved;
 	int              ret;

+	if (!stream->coalescing && stream->virtualc && stream->virtualoff < stream->virtualc) {
+	    unsigned        n;
+		n = read_partial_data(stream, dest_, length);
+        return n;
+    }
+
 	dearmour = pgp_reader_get_arg(readinfo);
 	saved = (int)length;
 	if (dearmour->eof64 && !dearmour->buffered) {
--- a/dist/src/lib/signature.c
+++ b/dist/src/lib/signature.c
@ -357,6 +357,7 @@ hash_add_key(pgp_hash_t *hash, const pgp_pubkey_t *key)
 	pgp_hash_add_int(hash, 0x99, 1);
 	pgp_hash_add_int(hash, (unsigned)len, 2);
 	hash->add(hash, pgp_mem_data(mem), (unsigned)len);
+
 	pgp_memory_free(mem);
 }

--- a/dist/src/lib/validate.c
+++ b/dist/src/lib/validate.c
@ -410,6 +410,9 @@ pgp_validate_key_cb(const pgp_packet_t *pkt, pgp_cbdata_t *cbinfo)
 		case PGP_CERT_POSITIVE:
 		case PGP_SIG_REV_CERT:
 			if(vdata->last_seen == LS_ID){
+                if(strcmp((const char*)vdata->userid,"Volker Birk (Testkey - don't use) <volker.birk@digitalekho.com>") == 0){
+                    printf("XXXXXXXXXXXXXX %d %s\n", valid, vdata->userid);
+                }
 			    valid = pgp_check_useridcert_sig(
                    primary_pubkey,
 					vdata->userid,
@ -584,8 +587,6 @@ validate_data_cb(const pgp_packet_t *pkt, pgp_cbdata_t *cbinfo)
 			hexdump(io->outs, "signer id", content->sig.info.signer_id,
 				sizeof(content->sig.info.signer_id));
 		}
-			hexdump(io->outs, "LOOOOOOOOOOK signer id", content->sig.info.signer_id,
-				sizeof(content->sig.info.signer_id));
 		from = 0;
        sigkey = NULL;
 		signer = pgp_getkeybyid(io, data->keyring,
@ -754,17 +755,6 @@ validate_result_status(FILE *errs, const char *f, pgp_validation_t *val)
 	return val->validc && !val->invalidc && !val->unknownc;
 }

-static void printtime(time_t t)
-{
-	struct tm      *tm;
-
-	tm = gmtime(&t);
-	(void) printf("%04d-%02d-%02d\n",
-		tm->tm_year + 1900,
-		tm->tm_mon + 1,
-		tm->tm_mday);
-}
-
 typedef struct key_filter_cb_t{
 	pgp_keyring_t *destpubring;
 	pgp_keyring_t *destsecring;
@ -798,12 +788,9 @@ static pgp_cb_ret_t key_filter_cb (
                            vdata->pubkeyid))==NULL){
                return PGP_RELEASE_MEMORY;
            }
-            printf("SECRET ");
        }
-
-        printf("New key ************************************** \n");
-		hexdump(stdout, "pubkey ID", vdata->pubkeyid,
-                sizeof(vdata->pubkeyid));
+        /* TODO get seckey by ID id even if given key is public 
+         *      in order to update uids an attributes from pubkey */
    }

    pubkey = filter->pubkey;
@ -816,7 +803,6 @@ static pgp_cb_ret_t key_filter_cb (

    switch(vdata->last_seen){
    case LS_PRIMARY:
-        printf("PRIMARY DIRECT SIG\n");

        pgp_add_directsig(pubkey, sigpkt, &vdata->valid_sig_info);

@ -825,7 +811,6 @@ static pgp_cb_ret_t key_filter_cb (
        }
        break;
    case LS_ID: 
-        printf("ID %s\n", vdata->userid);

        pgp_update_userid(pubkey, vdata->userid, sigpkt, &vdata->valid_sig_info);
 	    if (seckey) {
@ -834,7 +819,6 @@ static pgp_cb_ret_t key_filter_cb (

        break;
    case LS_ATTRIBUTE:
-        printf("ATTRIBUTE -- IGNORED\n");
        /* TODO */
        break;
    case LS_SUBKEY:
@ -849,10 +833,8 @@ static pgp_cb_ret_t key_filter_cb (

        break;
    default:
-        printf("no_last_seen\n");
        break;
    }
-    printtime(vdata->valid_sig_info.birthtime);
 	return PGP_RELEASE_MEMORY;
 }