1 /* misc.c - miscellaneous functions
2 * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
3 * 2008, 2009, 2010 Free Software Foundation, Inc.
4 * Copyright (C) 2014 Werner Koch
6 * This file is part of GnuPG.
8 * GnuPG is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
13 * GnuPG is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, see <http://www.gnu.org/licenses/>.
28 #if defined(__linux__) && defined(__alpha__) && __GLIBC__ < 2
29 #include <asm/sysinfo.h>
30 #include <asm/unistd.h>
35 #include <sys/resource.h>
37 #ifdef ENABLE_SELINUX_HACKS
41 #ifdef HAVE_W32_SYSTEM
44 #ifdef HAVE_WINSOCK2_H
45 # include <winsock2.h>
50 #define CSIDL_APPDATA 0x001a
52 #ifndef CSIDL_LOCAL_APPDATA
53 #define CSIDL_LOCAL_APPDATA 0x001c
55 #ifndef CSIDL_FLAG_CREATE
56 #define CSIDL_FLAG_CREATE 0x8000
58 #endif /*HAVE_W32_SYSTEM*/
61 #ifdef HAVE_W32_SYSTEM
63 #endif /*HAVE_W32_SYSTEM*/
68 #include "call-agent.h"
74 string_count_chr (const char *string, int c)
78 for (count=0; *string; string++ )
86 #ifdef ENABLE_SELINUX_HACKS
87 /* A object and a global variable to keep track of files marked as
89 struct secured_file_item
91 struct secured_file_item *next;
95 static struct secured_file_item *secured_files;
96 #endif /*ENABLE_SELINUX_HACKS*/
101 /* For the sake of SELinux we want to restrict access through gpg to
102 certain files we keep under our own control. This function
103 registers such a file and is_secured_file may then be used to
104 check whether a file has ben registered as secured. */
106 register_secured_file (const char *fname)
108 #ifdef ENABLE_SELINUX_HACKS
110 struct secured_file_item *sf;
112 /* Note that we stop immediatley if something goes wrong here. */
113 if (stat (fname, &buf))
114 log_fatal (_("fstat of '%s' failed in %s: %s\n"), fname,
115 "register_secured_file", strerror (errno));
116 /* log_debug ("registering '%s' i=%lu.%lu\n", fname, */
117 /* (unsigned long)buf.st_dev, (unsigned long)buf.st_ino); */
118 for (sf=secured_files; sf; sf = sf->next)
120 if (sf->ino == buf.st_ino && sf->dev == buf.st_dev)
121 return; /* Already registered. */
124 sf = xmalloc (sizeof *sf);
125 sf->ino = buf.st_ino;
126 sf->dev = buf.st_dev;
127 sf->next = secured_files;
129 #else /*!ENABLE_SELINUX_HACKS*/
131 #endif /*!ENABLE_SELINUX_HACKS*/
134 /* Remove a file registered as secure. */
136 unregister_secured_file (const char *fname)
138 #ifdef ENABLE_SELINUX_HACKS
140 struct secured_file_item *sf, *sfprev;
142 if (stat (fname, &buf))
144 log_error (_("fstat of '%s' failed in %s: %s\n"), fname,
145 "unregister_secured_file", strerror (errno));
148 /* log_debug ("unregistering '%s' i=%lu.%lu\n", fname, */
149 /* (unsigned long)buf.st_dev, (unsigned long)buf.st_ino); */
150 for (sfprev=NULL,sf=secured_files; sf; sfprev=sf, sf = sf->next)
152 if (sf->ino == buf.st_ino && sf->dev == buf.st_dev)
155 sfprev->next = sf->next;
157 secured_files = sf->next;
162 #else /*!ENABLE_SELINUX_HACKS*/
164 #endif /*!ENABLE_SELINUX_HACKS*/
167 /* Return true if FD is corresponds to a secured file. Using -1 for
168 FS is allowed and will return false. */
170 is_secured_file (int fd)
172 #ifdef ENABLE_SELINUX_HACKS
174 struct secured_file_item *sf;
177 return 0; /* No file descriptor so it can't be secured either. */
179 /* Note that we print out a error here and claim that a file is
180 secure if something went wrong. */
181 if (fstat (fd, &buf))
183 log_error (_("fstat(%d) failed in %s: %s\n"), fd,
184 "is_secured_file", strerror (errno));
187 /* log_debug ("is_secured_file (%d) i=%lu.%lu\n", fd, */
188 /* (unsigned long)buf.st_dev, (unsigned long)buf.st_ino); */
189 for (sf=secured_files; sf; sf = sf->next)
191 if (sf->ino == buf.st_ino && sf->dev == buf.st_dev)
194 #else /*!ENABLE_SELINUX_HACKS*/
196 #endif /*!ENABLE_SELINUX_HACKS*/
200 /* Return true if FNAME is corresponds to a secured file. Using NULL,
201 "" or "-" for FS is allowed and will return false. This function is
202 used before creating a file, thus it won't fail if the file does
205 is_secured_filename (const char *fname)
207 #ifdef ENABLE_SELINUX_HACKS
209 struct secured_file_item *sf;
211 if (iobuf_is_pipe_filename (fname) || !*fname)
214 /* Note that we print out a error here and claim that a file is
215 secure if something went wrong. */
216 if (stat (fname, &buf))
218 if (errno == ENOENT || errno == EPERM || errno == EACCES)
220 log_error (_("fstat of '%s' failed in %s: %s\n"), fname,
221 "is_secured_filename", strerror (errno));
224 /* log_debug ("is_secured_filename (%s) i=%lu.%lu\n", fname, */
225 /* (unsigned long)buf.st_dev, (unsigned long)buf.st_ino); */
226 for (sf=secured_files; sf; sf = sf->next)
228 if (sf->ino == buf.st_ino && sf->dev == buf.st_dev)
231 #else /*!ENABLE_SELINUX_HACKS*/
233 #endif /*!ENABLE_SELINUX_HACKS*/
240 checksum_u16( unsigned n )
251 checksum( byte *p, unsigned n )
261 checksum_mpi (gcry_mpi_t a)
267 if ( gcry_mpi_print (GCRYMPI_FMT_PGP, NULL, 0, &nbytes, a) )
269 /* Fixme: For numbers not in secure memory we should use a stack
270 * based buffer and only allocate a larger one if mpi_print returns
272 buffer = (gcry_is_secure(a)?
273 gcry_xmalloc_secure (nbytes) : gcry_xmalloc (nbytes));
274 if ( gcry_mpi_print (GCRYMPI_FMT_PGP, buffer, nbytes, NULL, a) )
276 csum = checksum (buffer, nbytes);
282 buffer_to_u32( const byte *buffer )
286 a |= buffer[1] << 16;
293 print_pubkey_algo_note (pubkey_algo_t algo)
295 if(algo >= 100 && algo <= 110)
301 es_fflush (es_stdout);
302 log_info (_("WARNING: using experimental public key algorithm %s\n"),
303 openpgp_pk_algo_name (algo));
306 else if (algo == PUBKEY_ALGO_ELGAMAL)
308 es_fflush (es_stdout);
309 log_info (_("WARNING: Elgamal sign+encrypt keys are deprecated\n"));
314 print_cipher_algo_note (cipher_algo_t algo)
316 if(algo >= 100 && algo <= 110)
322 es_fflush (es_stdout);
323 log_info (_("WARNING: using experimental cipher algorithm %s\n"),
324 openpgp_cipher_algo_name (algo));
330 print_digest_algo_note (digest_algo_t algo)
332 if(algo >= 100 && algo <= 110)
338 es_fflush (es_stdout);
339 log_info (_("WARNING: using experimental digest algorithm %s\n"),
340 gcry_md_algo_name (algo));
343 else if(algo==DIGEST_ALGO_MD5)
345 es_fflush (es_stdout);
346 log_info (_("WARNING: digest algorithm %s is deprecated\n"),
347 gcry_md_algo_name (algo));
353 print_md5_rejected_note (void)
359 es_fflush (es_stdout);
361 (_("Note: signatures using the %s algorithm are rejected\n"),
368 /* Map OpenPGP algo numbers to those used by Libgcrypt. We need to do
369 this for algorithms we implemented in Libgcrypt after they become
371 enum gcry_cipher_algos
372 map_cipher_openpgp_to_gcry (cipher_algo_t algo)
376 case CIPHER_ALGO_NONE: return GCRY_CIPHER_NONE;
379 case CIPHER_ALGO_IDEA: return GCRY_CIPHER_IDEA;
381 case CIPHER_ALGO_IDEA: return 0;
384 case CIPHER_ALGO_3DES: return GCRY_CIPHER_3DES;
387 case CIPHER_ALGO_CAST5: return GCRY_CIPHER_CAST5;
389 case CIPHER_ALGO_CAST5: return 0;
392 #ifdef GPG_USE_BLOWFISH
393 case CIPHER_ALGO_BLOWFISH: return GCRY_CIPHER_BLOWFISH;
395 case CIPHER_ALGO_BLOWFISH: return 0;
398 #ifdef GPG_USE_AES128
399 case CIPHER_ALGO_AES: return GCRY_CIPHER_AES;
401 case CIPHER_ALGO_AES: return 0;
404 #ifdef GPG_USE_AES192
405 case CIPHER_ALGO_AES192: return GCRY_CIPHER_AES192;
407 case CIPHER_ALGO_AES192: return 0;
410 #ifdef GPG_USE_AES256
411 case CIPHER_ALGO_AES256: return GCRY_CIPHER_AES256;
413 case CIPHER_ALGO_AES256: return 0;
416 #ifdef GPG_USE_TWOFISH
417 case CIPHER_ALGO_TWOFISH: return GCRY_CIPHER_TWOFISH;
419 case CIPHER_ALGO_TWOFISH: return 0;
422 #ifdef GPG_USE_CAMELLIA128
423 case CIPHER_ALGO_CAMELLIA128: return GCRY_CIPHER_CAMELLIA128;
425 case CIPHER_ALGO_CAMELLIA128: return 0;
428 #ifdef GPG_USE_CAMELLIA192
429 case CIPHER_ALGO_CAMELLIA192: return GCRY_CIPHER_CAMELLIA192;
431 case CIPHER_ALGO_CAMELLIA192: return 0;
434 #ifdef GPG_USE_CAMELLIA256
435 case CIPHER_ALGO_CAMELLIA256: return GCRY_CIPHER_CAMELLIA256;
437 case CIPHER_ALGO_CAMELLIA256: return 0;
443 /* The inverse function of above. */
445 map_cipher_gcry_to_openpgp (enum gcry_cipher_algos algo)
449 case GCRY_CIPHER_NONE: return CIPHER_ALGO_NONE;
450 case GCRY_CIPHER_IDEA: return CIPHER_ALGO_IDEA;
451 case GCRY_CIPHER_3DES: return CIPHER_ALGO_3DES;
452 case GCRY_CIPHER_CAST5: return CIPHER_ALGO_CAST5;
453 case GCRY_CIPHER_BLOWFISH: return CIPHER_ALGO_BLOWFISH;
454 case GCRY_CIPHER_AES: return CIPHER_ALGO_AES;
455 case GCRY_CIPHER_AES192: return CIPHER_ALGO_AES192;
456 case GCRY_CIPHER_AES256: return CIPHER_ALGO_AES256;
457 case GCRY_CIPHER_TWOFISH: return CIPHER_ALGO_TWOFISH;
458 case GCRY_CIPHER_CAMELLIA128: return CIPHER_ALGO_CAMELLIA128;
459 case GCRY_CIPHER_CAMELLIA192: return CIPHER_ALGO_CAMELLIA192;
460 case GCRY_CIPHER_CAMELLIA256: return CIPHER_ALGO_CAMELLIA256;
465 /* Map Gcrypt public key algorithm numbers to those used by OpenPGP.
466 FIXME: This mapping is used at only two places - we should get rid
469 map_pk_gcry_to_openpgp (enum gcry_pk_algos algo)
473 case GCRY_PK_ECDSA: return PUBKEY_ALGO_ECDSA;
474 case GCRY_PK_ECDH: return PUBKEY_ALGO_ECDH;
475 default: return algo < 110 ? algo : 0;
480 /* Return the block length of an OpenPGP cipher algorithm. */
482 openpgp_cipher_blocklen (cipher_algo_t algo)
484 /* We use the numbers from OpenPGP to be sure that we get the right
485 block length. This is so that the packet parsing code works even
486 for unknown algorithms (for which we assume 8 due to tradition).
488 NOTE: If you change the the returned blocklen above 16, check
489 the callers because they may use a fixed size buffer of that
493 case CIPHER_ALGO_AES:
494 case CIPHER_ALGO_AES192:
495 case CIPHER_ALGO_AES256:
496 case CIPHER_ALGO_TWOFISH:
497 case CIPHER_ALGO_CAMELLIA128:
498 case CIPHER_ALGO_CAMELLIA192:
499 case CIPHER_ALGO_CAMELLIA256:
508 * Wrapper around the libgcrypt function with additonal checks on
509 * the OpenPGP contraints for the algo ID.
512 openpgp_cipher_test_algo (cipher_algo_t algo)
514 enum gcry_cipher_algos ga;
516 ga = map_cipher_openpgp_to_gcry (algo);
518 return gpg_error (GPG_ERR_CIPHER_ALGO);
520 return gcry_cipher_test_algo (ga);
523 /* Map the OpenPGP cipher algorithm whose ID is contained in ALGORITHM to a
524 string representation of the algorithm name. For unknown algorithm
525 IDs this function returns "?". */
527 openpgp_cipher_algo_name (cipher_algo_t algo)
531 case CIPHER_ALGO_NONE: break;
532 case CIPHER_ALGO_IDEA: return "IDEA";
533 case CIPHER_ALGO_3DES: return "3DES";
534 case CIPHER_ALGO_CAST5: return "CAST5";
535 case CIPHER_ALGO_BLOWFISH: return "BLOWFISH";
536 case CIPHER_ALGO_AES: return "AES";
537 case CIPHER_ALGO_AES192: return "AES192";
538 case CIPHER_ALGO_AES256: return "AES256";
539 case CIPHER_ALGO_TWOFISH: return "TWOFISH";
540 case CIPHER_ALGO_CAMELLIA128: return "CAMELLIA128";
541 case CIPHER_ALGO_CAMELLIA192: return "CAMELLIA192";
542 case CIPHER_ALGO_CAMELLIA256: return "CAMELLIA256";
548 /* Return 0 if ALGO is a supported OpenPGP public key algorithm. */
550 openpgp_pk_test_algo (pubkey_algo_t algo)
552 return openpgp_pk_test_algo2 (algo, 0);
556 /* Return 0 if ALGO is a supported OpenPGP public key algorithm and
557 allows the usage USE. */
559 openpgp_pk_test_algo2 (pubkey_algo_t algo, unsigned int use)
561 enum gcry_pk_algos ga = 0;
562 size_t use_buf = use;
567 case PUBKEY_ALGO_RSA: ga = GCRY_PK_RSA; break;
568 case PUBKEY_ALGO_RSA_E: ga = GCRY_PK_RSA_E; break;
569 case PUBKEY_ALGO_RSA_S: ga = GCRY_PK_RSA_S; break;
571 case PUBKEY_ALGO_RSA: break;
572 case PUBKEY_ALGO_RSA_E: break;
573 case PUBKEY_ALGO_RSA_S: break;
576 case PUBKEY_ALGO_ELGAMAL_E: ga = GCRY_PK_ELG; break;
577 case PUBKEY_ALGO_DSA: ga = GCRY_PK_DSA; break;
580 case PUBKEY_ALGO_ECDH: ga = GCRY_PK_ECC; break;
582 case PUBKEY_ALGO_ECDH: break;
586 case PUBKEY_ALGO_ECDSA: ga = GCRY_PK_ECC; break;
588 case PUBKEY_ALGO_ECDSA: break;
592 case PUBKEY_ALGO_EDDSA: ga = GCRY_PK_ECC; break;
594 case PUBKEY_ALGO_EDDSA: break;
597 case PUBKEY_ALGO_ELGAMAL:
598 /* Dont't allow type 20 keys unless in rfc2440 mode. */
604 return gpg_error (GPG_ERR_PUBKEY_ALGO);
606 /* No check whether Libgcrypt has support for the algorithm. */
607 return gcry_pk_algo_info (ga, GCRYCTL_TEST_ALGO, NULL, &use_buf);
612 openpgp_pk_algo_usage ( int algo )
616 /* They are hardwired in gpg 1.0. */
618 case PUBKEY_ALGO_RSA:
619 use = (PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG
620 | PUBKEY_USAGE_ENC | PUBKEY_USAGE_AUTH);
622 case PUBKEY_ALGO_RSA_E:
623 case PUBKEY_ALGO_ECDH:
624 use = PUBKEY_USAGE_ENC;
626 case PUBKEY_ALGO_RSA_S:
627 use = PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG;
629 case PUBKEY_ALGO_ELGAMAL:
631 use = PUBKEY_USAGE_ENC;
633 case PUBKEY_ALGO_ELGAMAL_E:
634 use = PUBKEY_USAGE_ENC;
636 case PUBKEY_ALGO_DSA:
637 use = PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG | PUBKEY_USAGE_AUTH;
639 case PUBKEY_ALGO_ECDSA:
640 case PUBKEY_ALGO_EDDSA:
641 use = PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG | PUBKEY_USAGE_AUTH;
648 /* Map the OpenPGP pubkey algorithm whose ID is contained in ALGO to a
649 string representation of the algorithm name. For unknown algorithm
650 IDs this function returns "?". */
652 openpgp_pk_algo_name (pubkey_algo_t algo)
656 case PUBKEY_ALGO_RSA:
657 case PUBKEY_ALGO_RSA_E:
658 case PUBKEY_ALGO_RSA_S: return "RSA";
659 case PUBKEY_ALGO_ELGAMAL:
660 case PUBKEY_ALGO_ELGAMAL_E: return "ELG";
661 case PUBKEY_ALGO_DSA: return "DSA";
662 case PUBKEY_ALGO_ECDH: return "ECDH";
663 case PUBKEY_ALGO_ECDSA: return "ECDSA";
664 case PUBKEY_ALGO_EDDSA: return "EDDSA";
670 /* Explicit mapping of OpenPGP digest algos to Libgcrypt. */
671 /* FIXME: We do not yes use it everywhere. */
673 map_md_openpgp_to_gcry (digest_algo_t algo)
678 case DIGEST_ALGO_MD5: return GCRY_MD_MD5;
680 case DIGEST_ALGO_MD5: return 0;
683 case DIGEST_ALGO_SHA1: return GCRY_MD_SHA1;
685 #ifdef GPG_USE_RMD160
686 case DIGEST_ALGO_RMD160: return GCRY_MD_RMD160;
688 case DIGEST_ALGO_RMD160: return 0;
691 #ifdef GPG_USE_SHA224
692 case DIGEST_ALGO_SHA224: return GCRY_MD_SHA224;
694 case DIGEST_ALGO_SHA224: return 0;
697 case DIGEST_ALGO_SHA256: return GCRY_MD_SHA256;
699 #ifdef GPG_USE_SHA384
700 case DIGEST_ALGO_SHA384: return GCRY_MD_SHA384;
702 case DIGEST_ALGO_SHA384: return 0;
705 #ifdef GPG_USE_SHA512
706 case DIGEST_ALGO_SHA512: return GCRY_MD_SHA512;
708 case DIGEST_ALGO_SHA512: return 0;
715 /* Return 0 if ALGO is suitable and implemented OpenPGP hash
718 openpgp_md_test_algo (digest_algo_t algo)
720 enum gcry_md_algos ga;
722 ga = map_md_openpgp_to_gcry (algo);
724 return gpg_error (GPG_ERR_DIGEST_ALGO);
726 return gcry_md_test_algo (ga);
730 /* Map the OpenPGP digest algorithm whose ID is contained in ALGO to a
731 string representation of the algorithm name. For unknown algorithm
732 IDs this function returns "?". */
734 openpgp_md_algo_name (int algo)
738 case DIGEST_ALGO_MD5: return "MD5";
739 case DIGEST_ALGO_SHA1: return "SHA1";
740 case DIGEST_ALGO_RMD160: return "RIPEMD160";
741 case DIGEST_ALGO_SHA256: return "SHA256";
742 case DIGEST_ALGO_SHA384: return "SHA384";
743 case DIGEST_ALGO_SHA512: return "SHA512";
744 case DIGEST_ALGO_SHA224: return "SHA224";
751 get_signature_count (PKT_public_key *pk)
753 #ifdef ENABLE_CARD_SUPPORT
754 struct agent_card_info_s info;
757 if (!agent_scd_getattr ("SIG-COUNTER",&info))
758 return info.sig_counter;
767 /* Expand %-strings. Returns a string which must be xfreed. Returns
768 NULL if the string cannot be expanded (too large). */
770 pct_expando(const char *string,struct expando_args *args)
772 const char *ch=string;
773 int idx=0,maxlen=0,done=0;
774 u32 pk_keyid[2]={0,0},sk_keyid[2]={0,0};
778 keyid_from_pk(args->pk,pk_keyid);
781 keyid_from_pk (args->pksk, sk_keyid);
783 /* This is used so that %k works in photoid command strings in
784 --list-secret-keys (which of course has a sk, but no pk). */
785 if(!args->pk && args->pksk)
786 keyid_from_pk (args->pksk, pk_keyid);
792 /* 8192 is way bigger than we'll need here */
797 ret=xrealloc(ret,maxlen);
806 case 's': /* short key id */
809 sprintf(&ret[idx],"%08lX",(ulong)sk_keyid[1]);
815 case 'S': /* long key id */
818 sprintf(&ret[idx],"%08lX%08lX",
819 (ulong)sk_keyid[0],(ulong)sk_keyid[1]);
825 case 'k': /* short key id */
828 sprintf(&ret[idx],"%08lX",(ulong)pk_keyid[1]);
834 case 'K': /* long key id */
837 sprintf(&ret[idx],"%08lX%08lX",
838 (ulong)pk_keyid[0],(ulong)pk_keyid[1]);
844 case 'U': /* z-base-32 encoded user id hash. */
847 char *tmp = zb32_encode (args->namehash, 8*20);
850 if (idx + strlen (tmp) < maxlen)
852 strcpy (ret+idx, tmp);
861 case 'c': /* signature count from card, if any. */
864 sprintf (&ret[idx],"%lu", get_signature_count (args->pksk));
865 idx+=strlen(&ret[idx]);
870 case 'f': /* Fingerprint of key being signed */
871 case 'p': /* Fingerprint of the primary key making the signature. */
872 case 'g': /* Fingerprint of thge key making the signature. */
874 byte array[MAX_FINGERPRINT_LEN];
878 if ((*(ch+1))=='f' && args->pk)
879 fingerprint_from_pk (args->pk, array, &len);
880 else if ((*(ch+1))=='p' && args->pksk)
882 if(args->pksk->flags.primary)
883 fingerprint_from_pk (args->pksk, array, &len);
884 else if (args->pksk->main_keyid[0]
885 || args->pksk->main_keyid[1])
887 /* Not the primary key: Find the fingerprint
888 of the primary key. */
890 xmalloc_clear(sizeof(PKT_public_key));
892 if (!get_pubkey_fast (pk,args->pksk->main_keyid))
893 fingerprint_from_pk (pk, array, &len);
895 memset (array, 0, (len=MAX_FINGERPRINT_LEN));
896 free_public_key (pk);
898 else /* Oops: info about the primary key missing. */
899 memset(array,0,(len=MAX_FINGERPRINT_LEN));
901 else if((*(ch+1))=='g' && args->pksk)
902 fingerprint_from_pk (args->pksk, array, &len);
904 memset(array,0,(len=MAX_FINGERPRINT_LEN));
906 if(idx+(len*2)<maxlen)
910 sprintf(&ret[idx],"%02X",array[i]);
918 case 'v': /* validity letters */
919 if(args->validity_info && idx+1<maxlen)
921 ret[idx++]=args->validity_info;
927 /* The text string types */
932 const char *str=NULL;
936 case 't': /* e.g. "jpg" */
937 str=image_type_to_string(args->imagetype,0);
940 case 'T': /* e.g. "image/jpeg" */
941 str=image_type_to_string(args->imagetype,2);
944 case 'V': /* e.g. "full", "expired", etc. */
945 str=args->validity_string;
949 if(str && idx+strlen(str)<maxlen)
951 strcpy(&ret[idx],str);
967 /* Any unknown %-keys (like %i, %o, %I, and %O) are
968 passed through for later expansion. Note this also
969 handles the case where the last character in the
970 string is a '%' - the terminating \0 will end up here
971 and properly terminate the string. */
1008 deprecated_warning(const char *configname,unsigned int configlineno,
1009 const char *option,const char *repl1,const char *repl2)
1013 if(strncmp("--",option,2)==0)
1016 if(strncmp("--",repl1,2)==0)
1019 log_info(_("%s:%d: deprecated option \"%s\"\n"),
1020 configname,configlineno,option);
1023 log_info(_("WARNING: \"%s\" is a deprecated option\n"),option);
1025 log_info(_("please use \"%s%s\" instead\n"),repl1,repl2);
1030 deprecated_command (const char *name)
1032 log_info(_("WARNING: \"%s\" is a deprecated command - do not use it\n"),
1038 obsolete_option (const char *configname, unsigned int configlineno,
1042 log_info (_("%s:%u: obsolete option \"%s\" - it has no effect\n"),
1043 configname, configlineno, name);
1045 log_info (_("WARNING: \"%s%s\" is an obsolete option - it has no effect\n"),
1051 obsolete_scdaemon_option (const char *configname, unsigned int configlineno,
1055 log_info (_("%s:%u: \"%s\" is obsolete in this file"
1056 " - it only has effect in %s\n"),
1057 configname, configlineno, name, SCDAEMON_NAME EXTSEP_S "conf");
1059 log_info (_("WARNING: \"%s%s\" is an obsolete option"
1060 " - it has no effect except on %s\n"),
1061 "--", name, SCDAEMON_NAME);
1066 * Wrapper around gcry_cipher_map_name to provide a fallback using the
1067 * "Sn" syntax as used by the preference strings.
1070 string_to_cipher_algo (const char *string)
1074 val = map_cipher_gcry_to_openpgp (gcry_cipher_map_name (string));
1075 if (!val && string && (string[0]=='S' || string[0]=='s'))
1080 val = strtol (string, &endptr, 10);
1081 if (!*string || *endptr || openpgp_cipher_test_algo (val))
1089 * Wrapper around gcry_md_map_name to provide a fallback using the
1090 * "Hn" syntax as used by the preference strings.
1093 string_to_digest_algo (const char *string)
1097 /* FIXME: We should make use of our wrapper fucntion and not assume
1098 that there is a 1 to 1 mapping between OpenPGP and Libgcrypt. */
1099 val = gcry_md_map_name (string);
1100 if (!val && string && (string[0]=='H' || string[0]=='h'))
1105 val = strtol (string, &endptr, 10);
1106 if (!*string || *endptr || openpgp_md_test_algo (val))
1116 compress_algo_to_string(int algo)
1122 case COMPRESS_ALGO_NONE:
1123 s=_("Uncompressed");
1126 case COMPRESS_ALGO_ZIP:
1130 case COMPRESS_ALGO_ZLIB:
1135 case COMPRESS_ALGO_BZIP2:
1145 string_to_compress_algo(const char *string)
1147 /* TRANSLATORS: See doc/TRANSLATE about this string. */
1148 if(match_multistr(_("uncompressed|none"),string))
1150 else if(ascii_strcasecmp(string,"uncompressed")==0)
1152 else if(ascii_strcasecmp(string,"none")==0)
1154 else if(ascii_strcasecmp(string,"zip")==0)
1156 else if(ascii_strcasecmp(string,"zlib")==0)
1159 else if(ascii_strcasecmp(string,"bzip2")==0)
1162 else if(ascii_strcasecmp(string,"z0")==0)
1164 else if(ascii_strcasecmp(string,"z1")==0)
1166 else if(ascii_strcasecmp(string,"z2")==0)
1169 else if(ascii_strcasecmp(string,"z3")==0)
1177 check_compress_algo(int algo)
1189 default: return G10ERR_COMPR_ALGO;
1194 default_cipher_algo(void)
1196 if(opt.def_cipher_algo)
1197 return opt.def_cipher_algo;
1198 else if(opt.personal_cipher_prefs)
1199 return opt.personal_cipher_prefs[0].value;
1201 return opt.s2k_cipher_algo;
1204 /* There is no default_digest_algo function, but see
1205 sign.c:hash_for() */
1208 default_compress_algo(void)
1210 if(opt.compress_algo!=-1)
1211 return opt.compress_algo;
1212 else if(opt.personal_compress_prefs)
1213 return opt.personal_compress_prefs[0].value;
1215 return DEFAULT_COMPRESS_ALGO;
1219 compliance_option_string(void)
1223 switch(opt.compliance)
1225 case CO_GNUPG: return "--gnupg";
1226 case CO_RFC4880: return "--openpgp";
1227 case CO_RFC2440: return "--rfc2440";
1228 case CO_PGP6: return "--pgp6";
1229 case CO_PGP7: return "--pgp7";
1230 case CO_PGP8: return "--pgp8";
1237 compliance_failure(void)
1241 switch(opt.compliance)
1252 ver="OpenPGP (older)";
1268 log_info(_("this message may not be usable by %s\n"),ver);
1269 opt.compliance=CO_GNUPG;
1272 /* Break a string into successive option pieces. Accepts single word
1273 options and key=value argument options. */
1275 optsep(char **stringp)
1282 end=strpbrk(tok," ,=");
1288 /* what we need to do now is scan along starting with *end,
1289 If the next character we see (ignoring spaces) is an =
1290 sign, then there is an argument. */
1301 /* There is an argument, so grab that too. At this point,
1302 ptr points to the first character of the argument. */
1305 /* Is it a quoted argument? */
1309 end=strchr(ptr,'"');
1314 end=strpbrk(ptr," ,");
1332 /* Breaks an option value into key and value. Returns NULL if there
1333 is no value. Note that "string" is modified to remove the =value
1336 argsplit(char *string)
1338 char *equals,*arg=NULL;
1340 equals=strchr(string,'=');
1349 quote=strchr(arg,'"');
1354 quote=strchr(arg,'"');
1362 /* Trim leading spaces off of the arg */
1363 spaces=strspn(arg," ");
1367 /* Trim tailing spaces off of the tag */
1368 space=strchr(string,' ');
1376 /* Return the length of the initial token, leaving off any
1379 optlen(const char *s)
1381 char *end=strpbrk(s," =");
1390 parse_options(char *str,unsigned int *options,
1391 struct parse_options *opts,int noisy)
1395 if (str && !strcmp (str, "help"))
1399 /* Figure out the longest option name so we can line these up
1401 for(i=0;opts[i].name;i++)
1402 if(opts[i].help && maxlen<strlen(opts[i].name))
1403 maxlen=strlen(opts[i].name);
1405 for(i=0;opts[i].name;i++)
1407 printf("%s%*s%s\n",opts[i].name,
1408 maxlen+2-(int)strlen(opts[i].name),"",_(opts[i].help));
1413 while((tok=optsep(&str)))
1421 if(ascii_strncasecmp("no-",tok,3)==0)
1427 for(i=0;opts[i].name;i++)
1429 size_t toklen=optlen(tok);
1431 if(ascii_strncasecmp(opts[i].name,tok,toklen)==0)
1433 /* We have a match, but it might be incomplete */
1434 if(toklen!=strlen(opts[i].name))
1438 for(j=i+1;opts[j].name;j++)
1440 if(ascii_strncasecmp(opts[j].name,tok,toklen)==0)
1443 log_info(_("ambiguous option '%s'\n"),otok);
1451 *options&=~opts[i].bit;
1453 *opts[i].value=NULL;
1457 *options|=opts[i].bit;
1459 *opts[i].value=argsplit(tok);
1468 log_info(_("unknown option '%s'\n"),otok);
1477 /* Check whether the string has characters not valid in an RFC-822
1478 address. To cope with OpenPGP we ignore non-ascii characters
1479 so that for example umlauts are legal in an email address. An
1480 OpenPGP user ID must be utf-8 encoded but there is no strict
1481 requirement for RFC-822. Thus to avoid IDNA encoding we put the
1482 address verbatim as utf-8 into the user ID under the assumption
1483 that mail programs handle IDNA at a lower level and take OpenPGP
1484 user IDs as utf-8. Note that we can't do an utf-8 encoding
1485 checking here because in keygen.c this function is called with the
1486 native encoding and native to utf-8 encoding is only done later. */
1488 has_invalid_email_chars (const char *s)
1491 const char *valid_chars=
1492 "01234567890_-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
1497 continue; /* We only care about ASCII. */
1500 else if ( !at_seen && !(strchr (valid_chars, *s)
1501 || strchr ("!#$%&'*+/=?^`{|}~", *s)))
1503 else if ( at_seen && !strchr( valid_chars, *s ) )
1510 /* Check whether NAME represents a valid mailbox according to
1511 RFC822. Returns true if so. */
1513 is_valid_mailbox (const char *name)
1517 || has_invalid_email_chars (name)
1518 || string_count_chr (name,'@') != 1
1520 || name[strlen(name)-1] == '@'
1521 || name[strlen(name)-1] == '.'
1522 || strstr (name, "..") );
1526 /* Check whether UID is a valid standard user id of the form
1527 "Heinrich Heine <heinrichh@duesseldorf.de>"
1528 and return true if this is the case. */
1530 is_valid_user_id (const char *uid)
1540 /* Similar to access(2), but uses PATH to find the file. */
1542 path_access(const char *file,int mode)
1547 envpath=getenv("PATH");
1550 #ifdef HAVE_DRIVE_LETTERS
1551 || (((file[0]>='A' && file[0]<='Z')
1552 || (file[0]>='a' && file[0]<='z'))
1558 return access(file,mode);
1561 /* At least as large as, but most often larger than we need. */
1562 char *buffer=xmalloc(strlen(envpath)+1+strlen(file)+1);
1563 char *split,*item,*path=xstrdup(envpath);
1567 while((item=strsep(&split,PATHSEP_S)))
1569 strcpy(buffer,item);
1571 strcat(buffer,file);
1572 ret=access(buffer,mode);
1586 /* Return the number of public key parameters as used by OpenPGP. */
1588 pubkey_get_npkey (pubkey_algo_t algo)
1592 case PUBKEY_ALGO_RSA:
1593 case PUBKEY_ALGO_RSA_E:
1594 case PUBKEY_ALGO_RSA_S: return 2;
1595 case PUBKEY_ALGO_ELGAMAL_E: return 3;
1596 case PUBKEY_ALGO_DSA: return 4;
1597 case PUBKEY_ALGO_ECDH: return 3;
1598 case PUBKEY_ALGO_ECDSA: return 2;
1599 case PUBKEY_ALGO_ELGAMAL: return 3;
1600 case PUBKEY_ALGO_EDDSA: return 2;
1606 /* Return the number of secret key parameters as used by OpenPGP. */
1608 pubkey_get_nskey (pubkey_algo_t algo)
1612 case PUBKEY_ALGO_RSA:
1613 case PUBKEY_ALGO_RSA_E:
1614 case PUBKEY_ALGO_RSA_S: return 6;
1615 case PUBKEY_ALGO_ELGAMAL_E: return 4;
1616 case PUBKEY_ALGO_DSA: return 5;
1617 case PUBKEY_ALGO_ECDH: return 4;
1618 case PUBKEY_ALGO_ECDSA: return 3;
1619 case PUBKEY_ALGO_ELGAMAL: return 4;
1620 case PUBKEY_ALGO_EDDSA: return 3;
1625 /* Temporary helper. */
1627 pubkey_get_nsig (pubkey_algo_t algo)
1631 case PUBKEY_ALGO_RSA:
1632 case PUBKEY_ALGO_RSA_E:
1633 case PUBKEY_ALGO_RSA_S: return 1;
1634 case PUBKEY_ALGO_ELGAMAL_E: return 0;
1635 case PUBKEY_ALGO_DSA: return 2;
1636 case PUBKEY_ALGO_ECDH: return 0;
1637 case PUBKEY_ALGO_ECDSA: return 2;
1638 case PUBKEY_ALGO_ELGAMAL: return 2;
1639 case PUBKEY_ALGO_EDDSA: return 2;
1645 /* Temporary helper. */
1647 pubkey_get_nenc (pubkey_algo_t algo)
1651 case PUBKEY_ALGO_RSA:
1652 case PUBKEY_ALGO_RSA_E:
1653 case PUBKEY_ALGO_RSA_S: return 1;
1654 case PUBKEY_ALGO_ELGAMAL_E: return 2;
1655 case PUBKEY_ALGO_DSA: return 0;
1656 case PUBKEY_ALGO_ECDH: return 2;
1657 case PUBKEY_ALGO_ECDSA: return 0;
1658 case PUBKEY_ALGO_ELGAMAL: return 2;
1659 case PUBKEY_ALGO_EDDSA: return 0;
1665 /* Temporary helper. */
1667 pubkey_nbits( int algo, gcry_mpi_t *key )
1672 if (algo == PUBKEY_ALGO_DSA
1673 && key[0] && key[1] && key[2] && key[3])
1675 rc = gcry_sexp_build (&sexp, NULL,
1676 "(public-key(dsa(p%m)(q%m)(g%m)(y%m)))",
1677 key[0], key[1], key[2], key[3] );
1679 else if ((algo == PUBKEY_ALGO_ELGAMAL || algo == PUBKEY_ALGO_ELGAMAL_E)
1680 && key[0] && key[1] && key[2])
1682 rc = gcry_sexp_build (&sexp, NULL,
1683 "(public-key(elg(p%m)(g%m)(y%m)))",
1684 key[0], key[1], key[2] );
1686 else if (is_RSA (algo)
1687 && key[0] && key[1])
1689 rc = gcry_sexp_build (&sexp, NULL,
1690 "(public-key(rsa(n%m)(e%m)))",
1693 else if ((algo == PUBKEY_ALGO_ECDSA || algo == PUBKEY_ALGO_ECDH
1694 || algo == PUBKEY_ALGO_EDDSA)
1695 && key[0] && key[1])
1697 char *curve = openpgp_oid_to_str (key[0]);
1699 rc = gpg_error_from_syserror ();
1702 rc = gcry_sexp_build (&sexp, NULL,
1703 "(public-key(ecc(curve%s)(q%m)))",
1714 nbits = gcry_pk_get_nbits (sexp);
1715 gcry_sexp_release (sexp);
1722 mpi_print (estream_t fp, gcry_mpi_t a, int mode)
1727 return es_fprintf (fp, "[MPI_NULL]");
1731 n1 = gcry_mpi_get_nbits(a);
1732 n += es_fprintf (fp, "[%u bits]", n1);
1734 else if (gcry_mpi_get_flag (a, GCRYMPI_FLAG_OPAQUE))
1737 unsigned char *p = gcry_mpi_get_opaque (a, &nbits);
1739 n += es_fprintf (fp, "[invalid opaque value]");
1742 nbits = (nbits + 7)/8;
1743 for (; nbits; nbits--, p++)
1744 n += es_fprintf (fp, "%02X", *p);
1749 unsigned char *buffer;
1751 if (gcry_mpi_aprint (GCRYMPI_FMT_HEX, &buffer, NULL, a))
1753 es_fputs (buffer, fp);
1754 n += strlen (buffer);
1761 /* pkey[1] or skey[1] is Q for ECDSA, which is an uncompressed point,
1764 ecdsa_qbits_from_Q (unsigned int qbits)
1768 log_error (_("ECDSA public key is expected to be in SEC encoding "
1769 "multiple of 8 bits\n"));