1 /* misc.c - miscellaneous functions
2 * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
3 * 2008, 2009, 2010 Free Software Foundation, Inc.
4 * Copyright (C) 2014 Werner Koch
6 * This file is part of GnuPG.
8 * GnuPG is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
13 * GnuPG is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, see <http://www.gnu.org/licenses/>.
28 #if defined(__linux__) && defined(__alpha__) && __GLIBC__ < 2
29 #include <asm/sysinfo.h>
30 #include <asm/unistd.h>
35 #include <sys/resource.h>
37 #ifdef ENABLE_SELINUX_HACKS
41 #ifdef HAVE_W32_SYSTEM
44 #ifdef HAVE_WINSOCK2_H
45 # include <winsock2.h>
50 #define CSIDL_APPDATA 0x001a
52 #ifndef CSIDL_LOCAL_APPDATA
53 #define CSIDL_LOCAL_APPDATA 0x001c
55 #ifndef CSIDL_FLAG_CREATE
56 #define CSIDL_FLAG_CREATE 0x8000
58 #endif /*HAVE_W32_SYSTEM*/
61 #ifdef HAVE_W32_SYSTEM
63 #endif /*HAVE_W32_SYSTEM*/
68 #include "call-agent.h"
74 string_count_chr (const char *string, int c)
78 for (count=0; *string; string++ )
86 #ifdef ENABLE_SELINUX_HACKS
87 /* A object and a global variable to keep track of files marked as
89 struct secured_file_item
91 struct secured_file_item *next;
95 static struct secured_file_item *secured_files;
96 #endif /*ENABLE_SELINUX_HACKS*/
101 /* For the sake of SELinux we want to restrict access through gpg to
102 certain files we keep under our own control. This function
103 registers such a file and is_secured_file may then be used to
104 check whether a file has ben registered as secured. */
106 register_secured_file (const char *fname)
108 #ifdef ENABLE_SELINUX_HACKS
110 struct secured_file_item *sf;
112 /* Note that we stop immediatley if something goes wrong here. */
113 if (stat (fname, &buf))
114 log_fatal (_("fstat of '%s' failed in %s: %s\n"), fname,
115 "register_secured_file", strerror (errno));
116 /* log_debug ("registering '%s' i=%lu.%lu\n", fname, */
117 /* (unsigned long)buf.st_dev, (unsigned long)buf.st_ino); */
118 for (sf=secured_files; sf; sf = sf->next)
120 if (sf->ino == buf.st_ino && sf->dev == buf.st_dev)
121 return; /* Already registered. */
124 sf = xmalloc (sizeof *sf);
125 sf->ino = buf.st_ino;
126 sf->dev = buf.st_dev;
127 sf->next = secured_files;
129 #else /*!ENABLE_SELINUX_HACKS*/
131 #endif /*!ENABLE_SELINUX_HACKS*/
134 /* Remove a file registered as secure. */
136 unregister_secured_file (const char *fname)
138 #ifdef ENABLE_SELINUX_HACKS
140 struct secured_file_item *sf, *sfprev;
142 if (stat (fname, &buf))
144 log_error (_("fstat of '%s' failed in %s: %s\n"), fname,
145 "unregister_secured_file", strerror (errno));
148 /* log_debug ("unregistering '%s' i=%lu.%lu\n", fname, */
149 /* (unsigned long)buf.st_dev, (unsigned long)buf.st_ino); */
150 for (sfprev=NULL,sf=secured_files; sf; sfprev=sf, sf = sf->next)
152 if (sf->ino == buf.st_ino && sf->dev == buf.st_dev)
155 sfprev->next = sf->next;
157 secured_files = sf->next;
162 #else /*!ENABLE_SELINUX_HACKS*/
164 #endif /*!ENABLE_SELINUX_HACKS*/
167 /* Return true if FD is corresponds to a secured file. Using -1 for
168 FS is allowed and will return false. */
170 is_secured_file (int fd)
172 #ifdef ENABLE_SELINUX_HACKS
174 struct secured_file_item *sf;
177 return 0; /* No file descriptor so it can't be secured either. */
179 /* Note that we print out a error here and claim that a file is
180 secure if something went wrong. */
181 if (fstat (fd, &buf))
183 log_error (_("fstat(%d) failed in %s: %s\n"), fd,
184 "is_secured_file", strerror (errno));
187 /* log_debug ("is_secured_file (%d) i=%lu.%lu\n", fd, */
188 /* (unsigned long)buf.st_dev, (unsigned long)buf.st_ino); */
189 for (sf=secured_files; sf; sf = sf->next)
191 if (sf->ino == buf.st_ino && sf->dev == buf.st_dev)
194 #else /*!ENABLE_SELINUX_HACKS*/
196 #endif /*!ENABLE_SELINUX_HACKS*/
200 /* Return true if FNAME is corresponds to a secured file. Using NULL,
201 "" or "-" for FS is allowed and will return false. This function is
202 used before creating a file, thus it won't fail if the file does
205 is_secured_filename (const char *fname)
207 #ifdef ENABLE_SELINUX_HACKS
209 struct secured_file_item *sf;
211 if (iobuf_is_pipe_filename (fname) || !*fname)
214 /* Note that we print out a error here and claim that a file is
215 secure if something went wrong. */
216 if (stat (fname, &buf))
218 if (errno == ENOENT || errno == EPERM || errno == EACCES)
220 log_error (_("fstat of '%s' failed in %s: %s\n"), fname,
221 "is_secured_filename", strerror (errno));
224 /* log_debug ("is_secured_filename (%s) i=%lu.%lu\n", fname, */
225 /* (unsigned long)buf.st_dev, (unsigned long)buf.st_ino); */
226 for (sf=secured_files; sf; sf = sf->next)
228 if (sf->ino == buf.st_ino && sf->dev == buf.st_dev)
231 #else /*!ENABLE_SELINUX_HACKS*/
233 #endif /*!ENABLE_SELINUX_HACKS*/
240 checksum_u16( unsigned n )
251 checksum( byte *p, unsigned n )
261 checksum_mpi (gcry_mpi_t a)
267 if ( gcry_mpi_print (GCRYMPI_FMT_PGP, NULL, 0, &nbytes, a) )
269 /* Fixme: For numbers not in secure memory we should use a stack
270 * based buffer and only allocate a larger one if mpi_print returns
272 buffer = (gcry_is_secure(a)?
273 gcry_xmalloc_secure (nbytes) : gcry_xmalloc (nbytes));
274 if ( gcry_mpi_print (GCRYMPI_FMT_PGP, buffer, nbytes, NULL, a) )
276 csum = checksum (buffer, nbytes);
283 print_pubkey_algo_note (pubkey_algo_t algo)
285 if(algo >= 100 && algo <= 110)
291 es_fflush (es_stdout);
292 log_info (_("WARNING: using experimental public key algorithm %s\n"),
293 openpgp_pk_algo_name (algo));
296 else if (algo == PUBKEY_ALGO_ELGAMAL)
298 es_fflush (es_stdout);
299 log_info (_("WARNING: Elgamal sign+encrypt keys are deprecated\n"));
304 print_cipher_algo_note (cipher_algo_t algo)
306 if(algo >= 100 && algo <= 110)
312 es_fflush (es_stdout);
313 log_info (_("WARNING: using experimental cipher algorithm %s\n"),
314 openpgp_cipher_algo_name (algo));
320 print_digest_algo_note (digest_algo_t algo)
322 if(algo >= 100 && algo <= 110)
328 es_fflush (es_stdout);
329 log_info (_("WARNING: using experimental digest algorithm %s\n"),
330 gcry_md_algo_name (algo));
333 else if(algo==DIGEST_ALGO_MD5)
335 es_fflush (es_stdout);
336 log_info (_("WARNING: digest algorithm %s is deprecated\n"),
337 gcry_md_algo_name (algo));
343 print_md5_rejected_note (void)
349 es_fflush (es_stdout);
351 (_("Note: signatures using the %s algorithm are rejected\n"),
358 /* Map OpenPGP algo numbers to those used by Libgcrypt. We need to do
359 this for algorithms we implemented in Libgcrypt after they become
361 enum gcry_cipher_algos
362 map_cipher_openpgp_to_gcry (cipher_algo_t algo)
366 case CIPHER_ALGO_NONE: return GCRY_CIPHER_NONE;
369 case CIPHER_ALGO_IDEA: return GCRY_CIPHER_IDEA;
371 case CIPHER_ALGO_IDEA: return 0;
374 case CIPHER_ALGO_3DES: return GCRY_CIPHER_3DES;
377 case CIPHER_ALGO_CAST5: return GCRY_CIPHER_CAST5;
379 case CIPHER_ALGO_CAST5: return 0;
382 #ifdef GPG_USE_BLOWFISH
383 case CIPHER_ALGO_BLOWFISH: return GCRY_CIPHER_BLOWFISH;
385 case CIPHER_ALGO_BLOWFISH: return 0;
388 #ifdef GPG_USE_AES128
389 case CIPHER_ALGO_AES: return GCRY_CIPHER_AES;
391 case CIPHER_ALGO_AES: return 0;
394 #ifdef GPG_USE_AES192
395 case CIPHER_ALGO_AES192: return GCRY_CIPHER_AES192;
397 case CIPHER_ALGO_AES192: return 0;
400 #ifdef GPG_USE_AES256
401 case CIPHER_ALGO_AES256: return GCRY_CIPHER_AES256;
403 case CIPHER_ALGO_AES256: return 0;
406 #ifdef GPG_USE_TWOFISH
407 case CIPHER_ALGO_TWOFISH: return GCRY_CIPHER_TWOFISH;
409 case CIPHER_ALGO_TWOFISH: return 0;
412 #ifdef GPG_USE_CAMELLIA128
413 case CIPHER_ALGO_CAMELLIA128: return GCRY_CIPHER_CAMELLIA128;
415 case CIPHER_ALGO_CAMELLIA128: return 0;
418 #ifdef GPG_USE_CAMELLIA192
419 case CIPHER_ALGO_CAMELLIA192: return GCRY_CIPHER_CAMELLIA192;
421 case CIPHER_ALGO_CAMELLIA192: return 0;
424 #ifdef GPG_USE_CAMELLIA256
425 case CIPHER_ALGO_CAMELLIA256: return GCRY_CIPHER_CAMELLIA256;
427 case CIPHER_ALGO_CAMELLIA256: return 0;
433 /* The inverse function of above. */
435 map_cipher_gcry_to_openpgp (enum gcry_cipher_algos algo)
439 case GCRY_CIPHER_NONE: return CIPHER_ALGO_NONE;
440 case GCRY_CIPHER_IDEA: return CIPHER_ALGO_IDEA;
441 case GCRY_CIPHER_3DES: return CIPHER_ALGO_3DES;
442 case GCRY_CIPHER_CAST5: return CIPHER_ALGO_CAST5;
443 case GCRY_CIPHER_BLOWFISH: return CIPHER_ALGO_BLOWFISH;
444 case GCRY_CIPHER_AES: return CIPHER_ALGO_AES;
445 case GCRY_CIPHER_AES192: return CIPHER_ALGO_AES192;
446 case GCRY_CIPHER_AES256: return CIPHER_ALGO_AES256;
447 case GCRY_CIPHER_TWOFISH: return CIPHER_ALGO_TWOFISH;
448 case GCRY_CIPHER_CAMELLIA128: return CIPHER_ALGO_CAMELLIA128;
449 case GCRY_CIPHER_CAMELLIA192: return CIPHER_ALGO_CAMELLIA192;
450 case GCRY_CIPHER_CAMELLIA256: return CIPHER_ALGO_CAMELLIA256;
455 /* Map Gcrypt public key algorithm numbers to those used by OpenPGP.
456 FIXME: This mapping is used at only two places - we should get rid
459 map_pk_gcry_to_openpgp (enum gcry_pk_algos algo)
463 case GCRY_PK_ECDSA: return PUBKEY_ALGO_ECDSA;
464 case GCRY_PK_ECDH: return PUBKEY_ALGO_ECDH;
465 default: return algo < 110 ? algo : 0;
470 /* Return the block length of an OpenPGP cipher algorithm. */
472 openpgp_cipher_blocklen (cipher_algo_t algo)
474 /* We use the numbers from OpenPGP to be sure that we get the right
475 block length. This is so that the packet parsing code works even
476 for unknown algorithms (for which we assume 8 due to tradition).
478 NOTE: If you change the the returned blocklen above 16, check
479 the callers because they may use a fixed size buffer of that
483 case CIPHER_ALGO_AES:
484 case CIPHER_ALGO_AES192:
485 case CIPHER_ALGO_AES256:
486 case CIPHER_ALGO_TWOFISH:
487 case CIPHER_ALGO_CAMELLIA128:
488 case CIPHER_ALGO_CAMELLIA192:
489 case CIPHER_ALGO_CAMELLIA256:
498 * Wrapper around the libgcrypt function with additonal checks on
499 * the OpenPGP contraints for the algo ID.
502 openpgp_cipher_test_algo (cipher_algo_t algo)
504 enum gcry_cipher_algos ga;
506 ga = map_cipher_openpgp_to_gcry (algo);
508 return gpg_error (GPG_ERR_CIPHER_ALGO);
510 return gcry_cipher_test_algo (ga);
513 /* Map the OpenPGP cipher algorithm whose ID is contained in ALGORITHM to a
514 string representation of the algorithm name. For unknown algorithm
515 IDs this function returns "?". */
517 openpgp_cipher_algo_name (cipher_algo_t algo)
521 case CIPHER_ALGO_NONE: break;
522 case CIPHER_ALGO_IDEA: return "IDEA";
523 case CIPHER_ALGO_3DES: return "3DES";
524 case CIPHER_ALGO_CAST5: return "CAST5";
525 case CIPHER_ALGO_BLOWFISH: return "BLOWFISH";
526 case CIPHER_ALGO_AES: return "AES";
527 case CIPHER_ALGO_AES192: return "AES192";
528 case CIPHER_ALGO_AES256: return "AES256";
529 case CIPHER_ALGO_TWOFISH: return "TWOFISH";
530 case CIPHER_ALGO_CAMELLIA128: return "CAMELLIA128";
531 case CIPHER_ALGO_CAMELLIA192: return "CAMELLIA192";
532 case CIPHER_ALGO_CAMELLIA256: return "CAMELLIA256";
538 /* Return 0 if ALGO is a supported OpenPGP public key algorithm. */
540 openpgp_pk_test_algo (pubkey_algo_t algo)
542 return openpgp_pk_test_algo2 (algo, 0);
546 /* Return 0 if ALGO is a supported OpenPGP public key algorithm and
547 allows the usage USE. */
549 openpgp_pk_test_algo2 (pubkey_algo_t algo, unsigned int use)
551 enum gcry_pk_algos ga = 0;
552 size_t use_buf = use;
557 case PUBKEY_ALGO_RSA: ga = GCRY_PK_RSA; break;
558 case PUBKEY_ALGO_RSA_E: ga = GCRY_PK_RSA_E; break;
559 case PUBKEY_ALGO_RSA_S: ga = GCRY_PK_RSA_S; break;
561 case PUBKEY_ALGO_RSA: break;
562 case PUBKEY_ALGO_RSA_E: break;
563 case PUBKEY_ALGO_RSA_S: break;
566 case PUBKEY_ALGO_ELGAMAL_E: ga = GCRY_PK_ELG; break;
567 case PUBKEY_ALGO_DSA: ga = GCRY_PK_DSA; break;
570 case PUBKEY_ALGO_ECDH: ga = GCRY_PK_ECC; break;
572 case PUBKEY_ALGO_ECDH: break;
576 case PUBKEY_ALGO_ECDSA: ga = GCRY_PK_ECC; break;
578 case PUBKEY_ALGO_ECDSA: break;
582 case PUBKEY_ALGO_EDDSA: ga = GCRY_PK_ECC; break;
584 case PUBKEY_ALGO_EDDSA: break;
587 case PUBKEY_ALGO_ELGAMAL:
588 /* Dont't allow type 20 keys unless in rfc2440 mode. */
594 return gpg_error (GPG_ERR_PUBKEY_ALGO);
596 /* No check whether Libgcrypt has support for the algorithm. */
597 return gcry_pk_algo_info (ga, GCRYCTL_TEST_ALGO, NULL, &use_buf);
602 openpgp_pk_algo_usage ( int algo )
606 /* They are hardwired in gpg 1.0. */
608 case PUBKEY_ALGO_RSA:
609 use = (PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG
610 | PUBKEY_USAGE_ENC | PUBKEY_USAGE_AUTH);
612 case PUBKEY_ALGO_RSA_E:
613 case PUBKEY_ALGO_ECDH:
614 use = PUBKEY_USAGE_ENC;
616 case PUBKEY_ALGO_RSA_S:
617 use = PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG;
619 case PUBKEY_ALGO_ELGAMAL:
621 use = PUBKEY_USAGE_ENC;
623 case PUBKEY_ALGO_ELGAMAL_E:
624 use = PUBKEY_USAGE_ENC;
626 case PUBKEY_ALGO_DSA:
627 use = PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG | PUBKEY_USAGE_AUTH;
629 case PUBKEY_ALGO_ECDSA:
630 case PUBKEY_ALGO_EDDSA:
631 use = PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG | PUBKEY_USAGE_AUTH;
638 /* Map the OpenPGP pubkey algorithm whose ID is contained in ALGO to a
639 string representation of the algorithm name. For unknown algorithm
640 IDs this function returns "?". */
642 openpgp_pk_algo_name (pubkey_algo_t algo)
646 case PUBKEY_ALGO_RSA:
647 case PUBKEY_ALGO_RSA_E:
648 case PUBKEY_ALGO_RSA_S: return "RSA";
649 case PUBKEY_ALGO_ELGAMAL:
650 case PUBKEY_ALGO_ELGAMAL_E: return "ELG";
651 case PUBKEY_ALGO_DSA: return "DSA";
652 case PUBKEY_ALGO_ECDH: return "ECDH";
653 case PUBKEY_ALGO_ECDSA: return "ECDSA";
654 case PUBKEY_ALGO_EDDSA: return "EDDSA";
660 /* Explicit mapping of OpenPGP digest algos to Libgcrypt. */
661 /* FIXME: We do not yes use it everywhere. */
663 map_md_openpgp_to_gcry (digest_algo_t algo)
668 case DIGEST_ALGO_MD5: return GCRY_MD_MD5;
670 case DIGEST_ALGO_MD5: return 0;
673 case DIGEST_ALGO_SHA1: return GCRY_MD_SHA1;
675 #ifdef GPG_USE_RMD160
676 case DIGEST_ALGO_RMD160: return GCRY_MD_RMD160;
678 case DIGEST_ALGO_RMD160: return 0;
681 #ifdef GPG_USE_SHA224
682 case DIGEST_ALGO_SHA224: return GCRY_MD_SHA224;
684 case DIGEST_ALGO_SHA224: return 0;
687 case DIGEST_ALGO_SHA256: return GCRY_MD_SHA256;
689 #ifdef GPG_USE_SHA384
690 case DIGEST_ALGO_SHA384: return GCRY_MD_SHA384;
692 case DIGEST_ALGO_SHA384: return 0;
695 #ifdef GPG_USE_SHA512
696 case DIGEST_ALGO_SHA512: return GCRY_MD_SHA512;
698 case DIGEST_ALGO_SHA512: return 0;
705 /* Return 0 if ALGO is suitable and implemented OpenPGP hash
708 openpgp_md_test_algo (digest_algo_t algo)
710 enum gcry_md_algos ga;
712 ga = map_md_openpgp_to_gcry (algo);
714 return gpg_error (GPG_ERR_DIGEST_ALGO);
716 return gcry_md_test_algo (ga);
720 /* Map the OpenPGP digest algorithm whose ID is contained in ALGO to a
721 string representation of the algorithm name. For unknown algorithm
722 IDs this function returns "?". */
724 openpgp_md_algo_name (int algo)
728 case DIGEST_ALGO_MD5: return "MD5";
729 case DIGEST_ALGO_SHA1: return "SHA1";
730 case DIGEST_ALGO_RMD160: return "RIPEMD160";
731 case DIGEST_ALGO_SHA256: return "SHA256";
732 case DIGEST_ALGO_SHA384: return "SHA384";
733 case DIGEST_ALGO_SHA512: return "SHA512";
734 case DIGEST_ALGO_SHA224: return "SHA224";
741 get_signature_count (PKT_public_key *pk)
743 #ifdef ENABLE_CARD_SUPPORT
744 struct agent_card_info_s info;
747 if (!agent_scd_getattr ("SIG-COUNTER",&info))
748 return info.sig_counter;
757 /* Expand %-strings. Returns a string which must be xfreed. Returns
758 NULL if the string cannot be expanded (too large). */
760 pct_expando(const char *string,struct expando_args *args)
762 const char *ch=string;
763 int idx=0,maxlen=0,done=0;
764 u32 pk_keyid[2]={0,0},sk_keyid[2]={0,0};
768 keyid_from_pk(args->pk,pk_keyid);
771 keyid_from_pk (args->pksk, sk_keyid);
773 /* This is used so that %k works in photoid command strings in
774 --list-secret-keys (which of course has a sk, but no pk). */
775 if(!args->pk && args->pksk)
776 keyid_from_pk (args->pksk, pk_keyid);
782 /* 8192 is way bigger than we'll need here */
787 ret=xrealloc(ret,maxlen);
796 case 's': /* short key id */
799 sprintf(&ret[idx],"%08lX",(ulong)sk_keyid[1]);
805 case 'S': /* long key id */
808 sprintf(&ret[idx],"%08lX%08lX",
809 (ulong)sk_keyid[0],(ulong)sk_keyid[1]);
815 case 'k': /* short key id */
818 sprintf(&ret[idx],"%08lX",(ulong)pk_keyid[1]);
824 case 'K': /* long key id */
827 sprintf(&ret[idx],"%08lX%08lX",
828 (ulong)pk_keyid[0],(ulong)pk_keyid[1]);
834 case 'U': /* z-base-32 encoded user id hash. */
837 char *tmp = zb32_encode (args->namehash, 8*20);
840 if (idx + strlen (tmp) < maxlen)
842 strcpy (ret+idx, tmp);
851 case 'c': /* signature count from card, if any. */
854 sprintf (&ret[idx],"%lu", get_signature_count (args->pksk));
855 idx+=strlen(&ret[idx]);
860 case 'f': /* Fingerprint of key being signed */
861 case 'p': /* Fingerprint of the primary key making the signature. */
862 case 'g': /* Fingerprint of thge key making the signature. */
864 byte array[MAX_FINGERPRINT_LEN];
868 if ((*(ch+1))=='f' && args->pk)
869 fingerprint_from_pk (args->pk, array, &len);
870 else if ((*(ch+1))=='p' && args->pksk)
872 if(args->pksk->flags.primary)
873 fingerprint_from_pk (args->pksk, array, &len);
874 else if (args->pksk->main_keyid[0]
875 || args->pksk->main_keyid[1])
877 /* Not the primary key: Find the fingerprint
878 of the primary key. */
880 xmalloc_clear(sizeof(PKT_public_key));
882 if (!get_pubkey_fast (pk,args->pksk->main_keyid))
883 fingerprint_from_pk (pk, array, &len);
885 memset (array, 0, (len=MAX_FINGERPRINT_LEN));
886 free_public_key (pk);
888 else /* Oops: info about the primary key missing. */
889 memset(array,0,(len=MAX_FINGERPRINT_LEN));
891 else if((*(ch+1))=='g' && args->pksk)
892 fingerprint_from_pk (args->pksk, array, &len);
894 memset(array,0,(len=MAX_FINGERPRINT_LEN));
896 if(idx+(len*2)<maxlen)
900 sprintf(&ret[idx],"%02X",array[i]);
908 case 'v': /* validity letters */
909 if(args->validity_info && idx+1<maxlen)
911 ret[idx++]=args->validity_info;
917 /* The text string types */
922 const char *str=NULL;
926 case 't': /* e.g. "jpg" */
927 str=image_type_to_string(args->imagetype,0);
930 case 'T': /* e.g. "image/jpeg" */
931 str=image_type_to_string(args->imagetype,2);
934 case 'V': /* e.g. "full", "expired", etc. */
935 str=args->validity_string;
939 if(str && idx+strlen(str)<maxlen)
941 strcpy(&ret[idx],str);
957 /* Any unknown %-keys (like %i, %o, %I, and %O) are
958 passed through for later expansion. Note this also
959 handles the case where the last character in the
960 string is a '%' - the terminating \0 will end up here
961 and properly terminate the string. */
998 deprecated_warning(const char *configname,unsigned int configlineno,
999 const char *option,const char *repl1,const char *repl2)
1003 if(strncmp("--",option,2)==0)
1006 if(strncmp("--",repl1,2)==0)
1009 log_info(_("%s:%d: deprecated option \"%s\"\n"),
1010 configname,configlineno,option);
1013 log_info(_("WARNING: \"%s\" is a deprecated option\n"),option);
1015 log_info(_("please use \"%s%s\" instead\n"),repl1,repl2);
1020 deprecated_command (const char *name)
1022 log_info(_("WARNING: \"%s\" is a deprecated command - do not use it\n"),
1028 obsolete_option (const char *configname, unsigned int configlineno,
1032 log_info (_("%s:%u: obsolete option \"%s\" - it has no effect\n"),
1033 configname, configlineno, name);
1035 log_info (_("WARNING: \"%s%s\" is an obsolete option - it has no effect\n"),
1041 obsolete_scdaemon_option (const char *configname, unsigned int configlineno,
1045 log_info (_("%s:%u: \"%s\" is obsolete in this file"
1046 " - it only has effect in %s\n"),
1047 configname, configlineno, name, SCDAEMON_NAME EXTSEP_S "conf");
1049 log_info (_("WARNING: \"%s%s\" is an obsolete option"
1050 " - it has no effect except on %s\n"),
1051 "--", name, SCDAEMON_NAME);
1056 * Wrapper around gcry_cipher_map_name to provide a fallback using the
1057 * "Sn" syntax as used by the preference strings.
1060 string_to_cipher_algo (const char *string)
1064 val = map_cipher_gcry_to_openpgp (gcry_cipher_map_name (string));
1065 if (!val && string && (string[0]=='S' || string[0]=='s'))
1070 val = strtol (string, &endptr, 10);
1071 if (!*string || *endptr || openpgp_cipher_test_algo (val))
1079 * Wrapper around gcry_md_map_name to provide a fallback using the
1080 * "Hn" syntax as used by the preference strings.
1083 string_to_digest_algo (const char *string)
1087 /* FIXME: We should make use of our wrapper fucntion and not assume
1088 that there is a 1 to 1 mapping between OpenPGP and Libgcrypt. */
1089 val = gcry_md_map_name (string);
1090 if (!val && string && (string[0]=='H' || string[0]=='h'))
1095 val = strtol (string, &endptr, 10);
1096 if (!*string || *endptr || openpgp_md_test_algo (val))
1106 compress_algo_to_string(int algo)
1112 case COMPRESS_ALGO_NONE:
1113 s=_("Uncompressed");
1116 case COMPRESS_ALGO_ZIP:
1120 case COMPRESS_ALGO_ZLIB:
1125 case COMPRESS_ALGO_BZIP2:
1135 string_to_compress_algo(const char *string)
1137 /* TRANSLATORS: See doc/TRANSLATE about this string. */
1138 if(match_multistr(_("uncompressed|none"),string))
1140 else if(ascii_strcasecmp(string,"uncompressed")==0)
1142 else if(ascii_strcasecmp(string,"none")==0)
1144 else if(ascii_strcasecmp(string,"zip")==0)
1146 else if(ascii_strcasecmp(string,"zlib")==0)
1149 else if(ascii_strcasecmp(string,"bzip2")==0)
1152 else if(ascii_strcasecmp(string,"z0")==0)
1154 else if(ascii_strcasecmp(string,"z1")==0)
1156 else if(ascii_strcasecmp(string,"z2")==0)
1159 else if(ascii_strcasecmp(string,"z3")==0)
1167 check_compress_algo(int algo)
1179 default: return GPG_ERR_COMPR_ALGO;
1184 default_cipher_algo(void)
1186 if(opt.def_cipher_algo)
1187 return opt.def_cipher_algo;
1188 else if(opt.personal_cipher_prefs)
1189 return opt.personal_cipher_prefs[0].value;
1191 return opt.s2k_cipher_algo;
1194 /* There is no default_digest_algo function, but see
1195 sign.c:hash_for() */
1198 default_compress_algo(void)
1200 if(opt.compress_algo!=-1)
1201 return opt.compress_algo;
1202 else if(opt.personal_compress_prefs)
1203 return opt.personal_compress_prefs[0].value;
1205 return DEFAULT_COMPRESS_ALGO;
1209 compliance_option_string(void)
1213 switch(opt.compliance)
1215 case CO_GNUPG: return "--gnupg";
1216 case CO_RFC4880: return "--openpgp";
1217 case CO_RFC2440: return "--rfc2440";
1218 case CO_PGP6: return "--pgp6";
1219 case CO_PGP7: return "--pgp7";
1220 case CO_PGP8: return "--pgp8";
1227 compliance_failure(void)
1231 switch(opt.compliance)
1242 ver="OpenPGP (older)";
1258 log_info(_("this message may not be usable by %s\n"),ver);
1259 opt.compliance=CO_GNUPG;
1262 /* Break a string into successive option pieces. Accepts single word
1263 options and key=value argument options. */
1265 optsep(char **stringp)
1272 end=strpbrk(tok," ,=");
1278 /* what we need to do now is scan along starting with *end,
1279 If the next character we see (ignoring spaces) is an =
1280 sign, then there is an argument. */
1291 /* There is an argument, so grab that too. At this point,
1292 ptr points to the first character of the argument. */
1295 /* Is it a quoted argument? */
1299 end=strchr(ptr,'"');
1304 end=strpbrk(ptr," ,");
1322 /* Breaks an option value into key and value. Returns NULL if there
1323 is no value. Note that "string" is modified to remove the =value
1326 argsplit(char *string)
1328 char *equals,*arg=NULL;
1330 equals=strchr(string,'=');
1339 quote=strchr(arg,'"');
1344 quote=strchr(arg,'"');
1352 /* Trim leading spaces off of the arg */
1353 spaces=strspn(arg," ");
1357 /* Trim tailing spaces off of the tag */
1358 space=strchr(string,' ');
1366 /* Return the length of the initial token, leaving off any
1369 optlen(const char *s)
1371 char *end=strpbrk(s," =");
1380 parse_options(char *str,unsigned int *options,
1381 struct parse_options *opts,int noisy)
1385 if (str && !strcmp (str, "help"))
1389 /* Figure out the longest option name so we can line these up
1391 for(i=0;opts[i].name;i++)
1392 if(opts[i].help && maxlen<strlen(opts[i].name))
1393 maxlen=strlen(opts[i].name);
1395 for(i=0;opts[i].name;i++)
1397 printf("%s%*s%s\n",opts[i].name,
1398 maxlen+2-(int)strlen(opts[i].name),"",_(opts[i].help));
1403 while((tok=optsep(&str)))
1411 if(ascii_strncasecmp("no-",tok,3)==0)
1417 for(i=0;opts[i].name;i++)
1419 size_t toklen=optlen(tok);
1421 if(ascii_strncasecmp(opts[i].name,tok,toklen)==0)
1423 /* We have a match, but it might be incomplete */
1424 if(toklen!=strlen(opts[i].name))
1428 for(j=i+1;opts[j].name;j++)
1430 if(ascii_strncasecmp(opts[j].name,tok,toklen)==0)
1433 log_info(_("ambiguous option '%s'\n"),otok);
1441 *options&=~opts[i].bit;
1443 *opts[i].value=NULL;
1447 *options|=opts[i].bit;
1449 *opts[i].value=argsplit(tok);
1458 log_info(_("unknown option '%s'\n"),otok);
1467 /* Check whether the string has characters not valid in an RFC-822
1468 address. To cope with OpenPGP we ignore non-ascii characters
1469 so that for example umlauts are legal in an email address. An
1470 OpenPGP user ID must be utf-8 encoded but there is no strict
1471 requirement for RFC-822. Thus to avoid IDNA encoding we put the
1472 address verbatim as utf-8 into the user ID under the assumption
1473 that mail programs handle IDNA at a lower level and take OpenPGP
1474 user IDs as utf-8. Note that we can't do an utf-8 encoding
1475 checking here because in keygen.c this function is called with the
1476 native encoding and native to utf-8 encoding is only done later. */
1478 has_invalid_email_chars (const char *s)
1481 const char *valid_chars=
1482 "01234567890_-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
1487 continue; /* We only care about ASCII. */
1490 else if ( !at_seen && !(strchr (valid_chars, *s)
1491 || strchr ("!#$%&'*+/=?^`{|}~", *s)))
1493 else if ( at_seen && !strchr( valid_chars, *s ) )
1500 /* Check whether NAME represents a valid mailbox according to
1501 RFC822. Returns true if so. */
1503 is_valid_mailbox (const char *name)
1507 || has_invalid_email_chars (name)
1508 || string_count_chr (name,'@') != 1
1510 || name[strlen(name)-1] == '@'
1511 || name[strlen(name)-1] == '.'
1512 || strstr (name, "..") );
1516 /* Check whether UID is a valid standard user id of the form
1517 "Heinrich Heine <heinrichh@duesseldorf.de>"
1518 and return true if this is the case. */
1520 is_valid_user_id (const char *uid)
1530 /* Similar to access(2), but uses PATH to find the file. */
1532 path_access(const char *file,int mode)
1537 envpath=getenv("PATH");
1540 #ifdef HAVE_DRIVE_LETTERS
1541 || (((file[0]>='A' && file[0]<='Z')
1542 || (file[0]>='a' && file[0]<='z'))
1548 return access(file,mode);
1551 /* At least as large as, but most often larger than we need. */
1552 char *buffer=xmalloc(strlen(envpath)+1+strlen(file)+1);
1553 char *split,*item,*path=xstrdup(envpath);
1557 while((item=strsep(&split,PATHSEP_S)))
1559 strcpy(buffer,item);
1561 strcat(buffer,file);
1562 ret=access(buffer,mode);
1576 /* Return the number of public key parameters as used by OpenPGP. */
1578 pubkey_get_npkey (pubkey_algo_t algo)
1582 case PUBKEY_ALGO_RSA:
1583 case PUBKEY_ALGO_RSA_E:
1584 case PUBKEY_ALGO_RSA_S: return 2;
1585 case PUBKEY_ALGO_ELGAMAL_E: return 3;
1586 case PUBKEY_ALGO_DSA: return 4;
1587 case PUBKEY_ALGO_ECDH: return 3;
1588 case PUBKEY_ALGO_ECDSA: return 2;
1589 case PUBKEY_ALGO_ELGAMAL: return 3;
1590 case PUBKEY_ALGO_EDDSA: return 2;
1596 /* Return the number of secret key parameters as used by OpenPGP. */
1598 pubkey_get_nskey (pubkey_algo_t algo)
1602 case PUBKEY_ALGO_RSA:
1603 case PUBKEY_ALGO_RSA_E:
1604 case PUBKEY_ALGO_RSA_S: return 6;
1605 case PUBKEY_ALGO_ELGAMAL_E: return 4;
1606 case PUBKEY_ALGO_DSA: return 5;
1607 case PUBKEY_ALGO_ECDH: return 4;
1608 case PUBKEY_ALGO_ECDSA: return 3;
1609 case PUBKEY_ALGO_ELGAMAL: return 4;
1610 case PUBKEY_ALGO_EDDSA: return 3;
1615 /* Temporary helper. */
1617 pubkey_get_nsig (pubkey_algo_t algo)
1621 case PUBKEY_ALGO_RSA:
1622 case PUBKEY_ALGO_RSA_E:
1623 case PUBKEY_ALGO_RSA_S: return 1;
1624 case PUBKEY_ALGO_ELGAMAL_E: return 0;
1625 case PUBKEY_ALGO_DSA: return 2;
1626 case PUBKEY_ALGO_ECDH: return 0;
1627 case PUBKEY_ALGO_ECDSA: return 2;
1628 case PUBKEY_ALGO_ELGAMAL: return 2;
1629 case PUBKEY_ALGO_EDDSA: return 2;
1635 /* Temporary helper. */
1637 pubkey_get_nenc (pubkey_algo_t algo)
1641 case PUBKEY_ALGO_RSA:
1642 case PUBKEY_ALGO_RSA_E:
1643 case PUBKEY_ALGO_RSA_S: return 1;
1644 case PUBKEY_ALGO_ELGAMAL_E: return 2;
1645 case PUBKEY_ALGO_DSA: return 0;
1646 case PUBKEY_ALGO_ECDH: return 2;
1647 case PUBKEY_ALGO_ECDSA: return 0;
1648 case PUBKEY_ALGO_ELGAMAL: return 2;
1649 case PUBKEY_ALGO_EDDSA: return 0;
1655 /* Temporary helper. */
1657 pubkey_nbits( int algo, gcry_mpi_t *key )
1662 if (algo == PUBKEY_ALGO_DSA
1663 && key[0] && key[1] && key[2] && key[3])
1665 rc = gcry_sexp_build (&sexp, NULL,
1666 "(public-key(dsa(p%m)(q%m)(g%m)(y%m)))",
1667 key[0], key[1], key[2], key[3] );
1669 else if ((algo == PUBKEY_ALGO_ELGAMAL || algo == PUBKEY_ALGO_ELGAMAL_E)
1670 && key[0] && key[1] && key[2])
1672 rc = gcry_sexp_build (&sexp, NULL,
1673 "(public-key(elg(p%m)(g%m)(y%m)))",
1674 key[0], key[1], key[2] );
1676 else if (is_RSA (algo)
1677 && key[0] && key[1])
1679 rc = gcry_sexp_build (&sexp, NULL,
1680 "(public-key(rsa(n%m)(e%m)))",
1683 else if ((algo == PUBKEY_ALGO_ECDSA || algo == PUBKEY_ALGO_ECDH
1684 || algo == PUBKEY_ALGO_EDDSA)
1685 && key[0] && key[1])
1687 char *curve = openpgp_oid_to_str (key[0]);
1689 rc = gpg_error_from_syserror ();
1692 rc = gcry_sexp_build (&sexp, NULL,
1693 "(public-key(ecc(curve%s)(q%m)))",
1704 nbits = gcry_pk_get_nbits (sexp);
1705 gcry_sexp_release (sexp);
1712 mpi_print (estream_t fp, gcry_mpi_t a, int mode)
1717 return es_fprintf (fp, "[MPI_NULL]");
1721 n1 = gcry_mpi_get_nbits(a);
1722 n += es_fprintf (fp, "[%u bits]", n1);
1724 else if (gcry_mpi_get_flag (a, GCRYMPI_FLAG_OPAQUE))
1727 unsigned char *p = gcry_mpi_get_opaque (a, &nbits);
1729 n += es_fprintf (fp, "[invalid opaque value]");
1732 nbits = (nbits + 7)/8;
1733 for (; nbits; nbits--, p++)
1734 n += es_fprintf (fp, "%02X", *p);
1739 unsigned char *buffer;
1741 if (gcry_mpi_aprint (GCRYMPI_FMT_HEX, &buffer, NULL, a))
1743 es_fputs (buffer, fp);
1744 n += strlen (buffer);
1751 /* pkey[1] or skey[1] is Q for ECDSA, which is an uncompressed point,
1754 ecdsa_qbits_from_Q (unsigned int qbits)
1758 log_error (_("ECDSA public key is expected to be in SEC encoding "
1759 "multiple of 8 bits\n"));