1 /* import.c - Import OpenPGP key material
2 * Copyright (C) 1998, 1999, 2000, 2001, 2002,
3 * 2003 Free Software Foundation, Inc.
5 * This file is part of GnuPG.
7 * GnuPG is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
12 * GnuPG is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
40 #include "keyserver-internal.h"
53 ulong secret_imported;
55 ulong skipped_new_keys;
60 static int import( iobuf_t inp, const char* fname,
61 struct stats_s *stats, unsigned int options );
62 static int read_block( iobuf_t a, PACKET **pending_pkt, KBNODE *ret_root );
63 static void revocation_present(KBNODE keyblock);
64 static int import_one( const char *fname, KBNODE keyblock,
65 struct stats_s *stats, unsigned int options);
66 static int import_secret_one( const char *fname, KBNODE keyblock,
67 struct stats_s *stats, unsigned int options);
68 static int import_revoke_cert( const char *fname, KBNODE node,
69 struct stats_s *stats);
70 static int chk_self_sigs( const char *fname, KBNODE keyblock,
71 PKT_public_key *pk, u32 *keyid, int *non_self );
72 static int delete_inv_parts( const char *fname, KBNODE keyblock,
73 u32 *keyid, unsigned int options );
74 static int merge_blocks( const char *fname, KBNODE keyblock_orig,
75 KBNODE keyblock, u32 *keyid,
76 int *n_uids, int *n_sigs, int *n_subk );
77 static int append_uid( KBNODE keyblock, KBNODE node, int *n_sigs,
78 const char *fname, u32 *keyid );
79 static int append_key( KBNODE keyblock, KBNODE node, int *n_sigs,
80 const char *fname, u32 *keyid );
81 static int merge_sigs( KBNODE dst, KBNODE src, int *n_sigs,
82 const char *fname, u32 *keyid );
83 static int merge_keysigs( KBNODE dst, KBNODE src, int *n_sigs,
84 const char *fname, u32 *keyid );
87 parse_import_options(char *str,unsigned int *options)
89 struct parse_options import_opts[]=
91 {"allow-local-sigs",IMPORT_ALLOW_LOCAL_SIGS},
92 {"repair-hkp-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG},
93 {"repair-pks-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG},
94 {"fast-import",IMPORT_FAST_IMPORT},
95 {"convert-sk-to-pk",IMPORT_SK2PK},
99 return parse_options(str,options,import_opts);
103 import_new_stats_handle (void)
105 return xcalloc (1, sizeof (struct stats_s) );
109 import_release_stats_handle (void *p)
115 * Import the public keys from the given filename. Input may be armored.
116 * This function rejects all keys which are not validly self signed on at
117 * least one userid. Only user ids which are self signed will be imported.
118 * Other signatures are not checked.
120 * Actually this function does a merge. It works like this:
123 * - check self-signatures and remove all userids and their signatures
124 * without/invalid self-signatures.
125 * - reject the keyblock, if we have no valid userid.
126 * - See whether we have this key already in one of our pubrings.
127 * If not, simply add it to the default keyring.
128 * - Compare the key and the self-signatures of the new and the one in
129 * our keyring. If they are different something weird is going on;
131 * - See whether we have only non-self-signature on one user id; if not
132 * ask the user what to do.
133 * - compare the signatures: If we already have this signature, check
134 * that they compare okay; if not, issue a warning and ask the user.
135 * (consider looking at the timestamp and use the newest?)
136 * - Simply add the signature. Can't verify here because we may not have
137 * the signature's public key yet; verification is done when putting it
138 * into the trustdb, which is done automagically as soon as this pubkey
140 * - Proceed with next signature.
142 * Key revocation certificates have special handling.
146 import_keys_internal( iobuf_t inp, char **fnames, int nnames,
147 void *stats_handle, unsigned int options )
150 struct stats_s *stats = stats_handle;
153 stats = import_new_stats_handle ();
156 rc = import( inp, "[stream]", stats, options);
159 if( !fnames && !nnames )
160 nnames = 1; /* Ohh what a ugly hack to jump into the loop */
162 for(i=0; i < nnames; i++ ) {
163 const char *fname = fnames? fnames[i] : NULL;
164 iobuf_t inp2 = iobuf_open(fname);
168 log_error(_("can't open `%s': %s\n"), fname, strerror(errno) );
170 rc = import( inp2, fname, stats, options );
172 /* Must invalidate that ugly cache to actually close it. */
173 iobuf_ioctl (NULL, 2, 0, (char*)fname);
175 log_error("import from `%s' failed: %s\n", fname,
183 import_print_stats (stats);
184 import_release_stats_handle (stats);
186 /* If no fast import and the trustdb is dirty (i.e. we added a key
187 or userID that had something other than a selfsig, a signature
188 that was other than a selfsig, or any revocation), then
189 update/check the trustdb if the user specified by setting
190 interactive or by not setting no-auto-check-trustdb */
191 if (!(options&IMPORT_FAST_IMPORT) && trustdb_pending_check())
195 else if (!opt.no_auto_check_trustdb)
203 import_keys( char **fnames, int nnames,
204 void *stats_handle, unsigned int options )
206 import_keys_internal( NULL, fnames, nnames, stats_handle, options);
210 import_keys_stream( iobuf_t inp, void *stats_handle, unsigned int options )
212 return import_keys_internal( inp, NULL, 0, stats_handle, options);
216 import( iobuf_t inp, const char* fname,
217 struct stats_s *stats, unsigned int options )
219 PACKET *pending_pkt = NULL;
223 getkey_disable_caches();
225 if( !opt.no_armor ) { /* armored reading is not disabled */
226 armor_filter_context_t *afx = xcalloc (1, sizeof *afx );
227 afx->only_keyblocks = 1;
228 iobuf_push_filter2( inp, armor_filter, afx, 1 );
231 while( !(rc = read_block( inp, &pending_pkt, &keyblock) )) {
232 if( keyblock->pkt->pkttype == PKT_PUBLIC_KEY )
233 rc = import_one( fname, keyblock, stats, options );
234 else if( keyblock->pkt->pkttype == PKT_SECRET_KEY )
235 rc = import_secret_one( fname, keyblock, stats, options );
236 else if( keyblock->pkt->pkttype == PKT_SIGNATURE
237 && keyblock->pkt->pkt.signature->sig_class == 0x20 )
238 rc = import_revoke_cert( fname, keyblock, stats );
240 log_info( _("skipping block of type %d\n"),
241 keyblock->pkt->pkttype );
243 release_kbnode(keyblock);
244 /* fixme: we should increment the not imported counter but this
245 does only make sense if we keep on going despite of errors. */
248 if( !(++stats->count % 100) && !opt.quiet )
249 log_info(_("%lu keys processed so far\n"), stats->count );
253 else if( rc && rc != GPG_ERR_INV_KEYRING )
254 log_error( _("error reading `%s': %s\n"), fname, gpg_strerror (rc));
261 import_print_stats (void *hd)
263 struct stats_s *stats = hd;
266 log_info(_("Total number processed: %lu\n"), stats->count );
267 if( stats->skipped_new_keys )
268 log_info(_(" skipped new keys: %lu\n"),
269 stats->skipped_new_keys );
270 if( stats->no_user_id )
271 log_info(_(" w/o user IDs: %lu\n"), stats->no_user_id );
272 if( stats->imported || stats->imported_rsa ) {
273 log_info(_(" imported: %lu"), stats->imported );
274 if( stats->imported_rsa )
275 fprintf(stderr, " (RSA: %lu)", stats->imported_rsa );
278 if( stats->unchanged )
279 log_info(_(" unchanged: %lu\n"), stats->unchanged );
281 log_info(_(" new user IDs: %lu\n"), stats->n_uids );
283 log_info(_(" new subkeys: %lu\n"), stats->n_subk );
285 log_info(_(" new signatures: %lu\n"), stats->n_sigs );
287 log_info(_(" new key revocations: %lu\n"), stats->n_revoc );
288 if( stats->secret_read )
289 log_info(_(" secret keys read: %lu\n"), stats->secret_read );
290 if( stats->secret_imported )
291 log_info(_(" secret keys imported: %lu\n"), stats->secret_imported );
292 if( stats->secret_dups )
293 log_info(_(" secret keys unchanged: %lu\n"), stats->secret_dups );
294 if( stats->not_imported )
295 log_info(_(" not imported: %lu\n"), stats->not_imported );
298 if( is_status_enabled() ) {
300 sprintf(buf, "%lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu",
311 stats->secret_imported,
313 stats->skipped_new_keys,
314 stats->not_imported );
315 write_status_text( STATUS_IMPORT_RES, buf );
321 * Read the next keyblock from stream A.
322 * PENDING_PKT should be initialzed to NULL
323 * and not chnaged form the caller.
324 * Retunr: 0 = okay, -1 no more blocks or another errorcode.
327 read_block( iobuf_t a, PACKET **pending_pkt, KBNODE *ret_root )
335 root = new_kbnode( *pending_pkt );
341 pkt = xmalloc ( sizeof *pkt );
343 while( (rc=parse_packet(a, pkt)) != -1 ) {
344 if( rc ) { /* ignore errors */
345 if( rc != GPG_ERR_UNKNOWN_PACKET ) {
346 log_error("read_block: read error: %s\n", gpg_strerror (rc) );
347 rc = GPG_ERR_INV_KEYRING;
355 if( !root && pkt->pkttype == PKT_SIGNATURE
356 && pkt->pkt.signature->sig_class == 0x20 ) {
357 /* this is a revocation certificate which is handled
358 * in a special way */
359 root = new_kbnode( pkt );
364 /* make a linked list of all packets */
365 switch( pkt->pkttype ) {
367 if( pkt->pkt.compressed->algorithm < 1
368 || pkt->pkt.compressed->algorithm > 2 ) {
369 rc = GPG_ERR_COMPR_ALGO;
373 compress_filter_context_t *cfx = xcalloc (1, sizeof *cfx );
374 cfx->algo = pkt->pkt.compressed->algorithm;
375 pkt->pkt.compressed->buf = NULL;
376 iobuf_push_filter2( a, compress_filter, cfx, 1 );
383 /* skip those packets */
390 if( in_cert ) { /* store this packet */
399 root = new_kbnode( pkt );
401 add_kbnode( root, new_kbnode( pkt ) );
402 pkt = xmalloc ( sizeof *pkt );
409 if( rc == -1 && root )
413 release_kbnode( root );
421 /* Walk through the subkeys on a pk to find if we have the PKS
422 disease: multiple subkeys with their binding sigs stripped, and the
423 sig for the first subkey placed after the last subkey. That is,
424 instead of "pk uid sig sub1 bind1 sub2 bind2 sub3 bind3" we have
425 "pk uid sig sub1 sub2 sub3 bind1". We can't do anything about sub2
426 and sub3, as they are already lost, but we can try and rescue sub1
427 by reordering the keyblock so that it reads "pk uid sig sub1 bind1
428 sub2 sub3". Returns TRUE if the keyblock was modified. */
431 fix_pks_corruption(KBNODE keyblock)
433 int changed=0,keycount=0;
434 KBNODE node,last=NULL,sknode=NULL;
436 /* First determine if we have the problem at all. Look for 2 or
437 more subkeys in a row, followed by a single binding sig. */
438 for(node=keyblock;node;last=node,node=node->next)
440 if(node->pkt->pkttype==PKT_PUBLIC_SUBKEY)
446 else if(node->pkt->pkttype==PKT_SIGNATURE &&
447 node->pkt->pkt.signature->sig_class==0x18 &&
448 keycount>=2 && node->next==NULL)
450 /* We might have the problem, as this key has two subkeys in
451 a row without any intervening packets. */
457 /* Temporarily attach node to sknode. */
458 node->next=sknode->next;
462 /* Note we aren't checking whether this binding sig is a
463 selfsig. This is not necessary here as the subkey and
464 binding sig will be rejected later if that is the
466 if(check_key_signature(keyblock,node,NULL))
468 /* Not a match, so undo the changes. */
469 sknode->next=node->next;
476 sknode->flag |= 1; /* Mark it good so we don't need to
491 print_import_ok (PKT_public_key *pk, PKT_secret_key *sk, unsigned int reason)
493 byte array[MAX_FINGERPRINT_LEN], *s;
494 char buf[MAX_FINGERPRINT_LEN*2+30], *p;
497 sprintf (buf, "%u ", reason);
498 p = buf + strlen (buf);
501 fingerprint_from_pk (pk, array, &n);
503 fingerprint_from_sk (sk, array, &n);
505 for (i=0; i < n ; i++, s++, p += 2)
506 sprintf (p, "%02X", *s);
508 write_status_text (STATUS_IMPORT_OK, buf);
512 print_import_check (PKT_public_key * pk, PKT_user_id * id)
517 size_t i, pos = 0, n;
519 buf = xmalloc (17+41+id->len+32);
520 keyid_from_pk (pk, keyid);
521 sprintf (buf, "%08X%08X ", keyid[0], keyid[1]);
523 fingerprint_from_pk (pk, fpr, &n);
524 for (i = 0; i < n; i++, pos += 2)
525 sprintf (buf+pos, "%02X", fpr[i]);
528 strcat (buf, id->name);
529 write_status_text (STATUS_IMPORT_CHECK, buf);
534 * Try to import one keyblock. Return an error only in serious cases, but
535 * never for an invalid keyblock. It uses log_error to increase the
536 * internal errorcount, so that invalid input can be detected by programs
540 import_one( const char *fname, KBNODE keyblock,
541 struct stats_s *stats, unsigned int options )
544 PKT_public_key *pk_orig;
545 KBNODE node, uidnode;
546 KBNODE keyblock_orig = NULL;
553 /* get the key and print some info about it */
554 node = find_kbnode( keyblock, PKT_PUBLIC_KEY );
558 pk = node->pkt->pkt.public_key;
559 keyid_from_pk( pk, keyid );
560 uidnode = find_next_kbnode( keyblock, PKT_USER_ID );
562 if(pk->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
563 log_info(_("NOTE: Elgamal primary key detected - "
564 "this may take some time to import\n"));
566 if( opt.verbose && !opt.interactive ) {
567 log_info( "pub %4u%c/%08lX %s ",
569 pubkey_letter( pk->pubkey_algo ),
570 (ulong)keyid[1], datestr_from_pk(pk) );
572 print_utf8_string( stderr, uidnode->pkt->pkt.user_id->name,
573 uidnode->pkt->pkt.user_id->len );
577 log_error( _("key %08lX: no user ID\n"), (ulong)keyid[1]);
581 if (opt.interactive) {
582 if(is_status_enabled())
583 print_import_check (pk, uidnode->pkt->pkt.user_id);
584 merge_keys_and_selfsig (keyblock);
586 show_basic_key_info (keyblock);
588 if (!cpr_get_answer_is_yes ("import.okay",
589 "Do you want to import this key? (y/N) "))
593 clear_kbnode_flags( keyblock );
595 if((options&IMPORT_REPAIR_PKS_SUBKEY_BUG) && fix_pks_corruption(keyblock)
597 log_info(_("key %08lX: PKS subkey corruption repaired\n"),
600 rc = chk_self_sigs( fname, keyblock , pk, keyid, &non_self );
602 return rc== -1? 0:rc;
604 /* If we allow such a thing, mark unsigned uids as valid */
605 if( opt.allow_non_selfsigned_uid )
606 for( node=keyblock; node; node = node->next )
607 if( node->pkt->pkttype == PKT_USER_ID && !(node->flag & 1) )
609 char *user=utf8_to_native(node->pkt->pkt.user_id->name,
610 node->pkt->pkt.user_id->len,0);
612 log_info( _("key %08lX: accepted non self-signed user ID '%s'\n"),
613 (ulong)keyid[1],user);
617 if( !delete_inv_parts( fname, keyblock, keyid, options ) ) {
618 log_error ( _("key %08lX: no valid user IDs\n"), (ulong)keyid[1]);
620 log_info(_("this may be caused by a missing self-signature\n"));
625 /* do we have this key already in one of our pubrings ? */
626 pk_orig = xcalloc (1, sizeof *pk_orig );
627 rc = get_pubkey_fast ( pk_orig, keyid );
628 if( rc && gpg_err_code (rc) != GPG_ERR_NO_PUBKEY
629 && gpg_err_code (rc) != GPG_ERR_UNUSABLE_PUBKEY ) {
630 log_error( _("key %08lX: public key not found: %s\n"),
631 (ulong)keyid[1], gpg_strerror (rc));
633 else if ( rc && opt.merge_only ) {
635 log_info( _("key %08lX: new key - skipped\n"), (ulong)keyid[1] );
637 stats->skipped_new_keys++;
639 else if( rc ) { /* insert this key */
640 KEYDB_HANDLE hd = keydb_new (0);
642 rc = keydb_locate_writable (hd, NULL);
644 log_error (_("no writable keyring found: %s\n"), gpg_strerror (rc));
646 return GPG_ERR_GENERAL;
648 if( opt.verbose > 1 )
649 log_info (_("writing to `%s'\n"), keydb_get_resource_name (hd) );
650 rc = keydb_insert_keyblock (hd, keyblock );
652 log_error (_("error writing keyring `%s': %s\n"),
653 keydb_get_resource_name (hd), gpg_strerror (rc));
656 /* This should not be possible since we delete the
657 ownertrust when a key is deleted, but it can happen if
658 the keyring and trustdb are out of sync. It can also
659 be made to happen with the trusted-key command. */
661 clear_ownertrusts (pk);
663 revalidation_mark ();
669 char *p=get_user_id_printable (keyid);
670 log_info( _("key %08lX: public key \"%s\" imported\n"),
674 if( is_status_enabled() ) {
675 char *us = get_long_user_id_string( keyid );
676 write_status_text( STATUS_IMPORTED, us );
678 print_import_ok (pk,NULL, 1);
681 if( is_RSA( pk->pubkey_algo ) )
682 stats->imported_rsa++;
687 int n_uids, n_sigs, n_subk;
689 /* Compare the original against the new key; just to be sure nothing
690 * weird is going on */
691 if( cmp_public_keys( pk_orig, pk ) ) {
692 log_error( _("key %08lX: doesn't match our copy\n"),
697 /* now read the original keyblock */
700 byte afp[MAX_FINGERPRINT_LEN];
703 fingerprint_from_pk (pk_orig, afp, &an);
704 while (an < MAX_FINGERPRINT_LEN)
706 rc = keydb_search_fpr (hd, afp);
709 log_error (_("key %08lX: can't locate original keyblock: %s\n"),
710 (ulong)keyid[1], gpg_strerror (rc));
714 rc = keydb_get_keyblock (hd, &keyblock_orig );
716 log_error (_("key %08lX: can't read original keyblock: %s\n"),
717 (ulong)keyid[1], gpg_strerror (rc));
722 collapse_uids( &keyblock );
723 /* and try to merge the block */
724 clear_kbnode_flags( keyblock_orig );
725 clear_kbnode_flags( keyblock );
726 n_uids = n_sigs = n_subk = 0;
727 rc = merge_blocks( fname, keyblock_orig, keyblock,
728 keyid, &n_uids, &n_sigs, &n_subk );
733 if( n_uids || n_sigs || n_subk ) {
735 /* keyblock_orig has been updated; write */
736 rc = keydb_update_keyblock (hd, keyblock_orig);
738 log_error (_("error writing keyring `%s': %s\n"),
739 keydb_get_resource_name (hd), gpg_strerror (rc) );
741 revalidation_mark ();
745 char *p=get_user_id_printable(keyid);
747 log_info( _("key %08lX: \"%s\" 1 new user ID\n"),
750 log_info( _("key %08lX: \"%s\" %d new user IDs\n"),
751 (ulong)keyid[1], p, n_uids );
753 log_info( _("key %08lX: \"%s\" 1 new signature\n"),
756 log_info( _("key %08lX: \"%s\" %d new signatures\n"),
757 (ulong)keyid[1], p, n_sigs );
759 log_info( _("key %08lX: \"%s\" 1 new subkey\n"),
762 log_info( _("key %08lX: \"%s\" %d new subkeys\n"),
763 (ulong)keyid[1], p, n_subk );
767 stats->n_uids +=n_uids;
768 stats->n_sigs +=n_sigs;
769 stats->n_subk +=n_subk;
771 if (is_status_enabled ())
772 print_import_ok (pk, NULL,
773 ((n_uids?2:0)|(n_sigs?4:0)|(n_subk?8:0)));
776 if (is_status_enabled ())
777 print_import_ok (pk, NULL, 0);
780 char *p=get_user_id_printable(keyid);
781 log_info( _("key %08lX: \"%s\" not changed\n"),
787 keydb_release (hd); hd = NULL;
791 release_kbnode( keyblock_orig );
792 free_public_key( pk_orig );
794 revocation_present(keyblock);
799 /* Walk a secret keyblock and produce a public keyblock out of it. */
801 sec_to_pub_keyblock(KBNODE sec_keyblock)
803 KBNODE secnode,pub_keyblock=NULL,ctx=NULL;
805 while((secnode=walk_kbnode(sec_keyblock,&ctx,0)))
809 if(secnode->pkt->pkttype==PKT_SECRET_KEY ||
810 secnode->pkt->pkttype==PKT_SECRET_SUBKEY)
812 /* Make a public key. We only need to convert enough to
813 write the keyblock out. */
815 PKT_secret_key *sk=secnode->pkt->pkt.secret_key;
816 PACKET *pkt=xcalloc (1,sizeof(PACKET));
817 PKT_public_key *pk=xcalloc (1,sizeof(PKT_public_key));
820 if(secnode->pkt->pkttype==PKT_SECRET_KEY)
821 pkt->pkttype=PKT_PUBLIC_KEY;
823 pkt->pkttype=PKT_PUBLIC_SUBKEY;
825 pkt->pkt.public_key=pk;
827 pk->version=sk->version;
828 pk->timestamp=sk->timestamp;
829 pk->expiredate=sk->expiredate;
830 pk->pubkey_algo=sk->pubkey_algo;
832 n=pubkey_get_npkey(pk->pubkey_algo);
834 pk->pkey[0]=mpi_copy(sk->skey[0]);
840 pk->pkey[i]=mpi_copy(sk->skey[i]);
843 pubnode=new_kbnode(pkt);
847 pubnode=clone_kbnode(secnode);
850 if(pub_keyblock==NULL)
851 pub_keyblock=pubnode;
853 add_kbnode(pub_keyblock,pubnode);
860 * Ditto for secret keys. Handling is simpler than for public keys.
861 * We allow secret key importing only when allow is true, this is so
862 * that a secret key can not be imported accidently and thereby tampering
863 * with the trust calculation.
866 import_secret_one( const char *fname, KBNODE keyblock,
867 struct stats_s *stats, unsigned int options)
870 KBNODE node, uidnode;
874 /* get the key and print some info about it */
875 node = find_kbnode( keyblock, PKT_SECRET_KEY );
879 sk = node->pkt->pkt.secret_key;
880 keyid_from_sk( sk, keyid );
881 uidnode = find_next_kbnode( keyblock, PKT_USER_ID );
884 log_info( "sec %4u%c/%08lX %s ",
886 pubkey_letter( sk->pubkey_algo ),
887 (ulong)keyid[1], datestr_from_sk(sk) );
889 print_utf8_string( stderr, uidnode->pkt->pkt.user_id->name,
890 uidnode->pkt->pkt.user_id->len );
893 stats->secret_read++;
896 log_error( _("key %08lX: no user ID\n"), (ulong)keyid[1]);
900 if(sk->protect.algo>110)
902 log_error(_("key %08lX: secret key with invalid cipher %d "
903 "- skipped\n"),(ulong)keyid[1],sk->protect.algo);
907 clear_kbnode_flags( keyblock );
909 /* do we have this key already in one of our secrings ? */
910 rc = seckey_available( keyid );
911 if( gpg_err_code (rc) == GPG_ERR_NO_SECKEY && !opt.merge_only ) {
912 /* simply insert this key */
913 KEYDB_HANDLE hd = keydb_new (1);
915 /* get default resource */
916 rc = keydb_locate_writable (hd, NULL);
918 log_error (_("no default secret keyring: %s\n"), gpg_strerror (rc));
920 return GPG_ERR_GENERAL;
922 rc = keydb_insert_keyblock (hd, keyblock );
924 log_error (_("error writing keyring `%s': %s\n"),
925 keydb_get_resource_name (hd), gpg_strerror (rc) );
929 log_info( _("key %08lX: secret key imported\n"), (ulong)keyid[1]);
930 stats->secret_imported++;
931 if (is_status_enabled ())
932 print_import_ok (NULL, sk, 1|16);
934 if(options&IMPORT_SK2PK)
936 /* Try and make a public key out of this. */
938 KBNODE pub_keyblock=sec_to_pub_keyblock(keyblock);
939 import_one(fname,pub_keyblock,stats,opt.import_options);
940 release_kbnode(pub_keyblock);
944 else if( !rc ) { /* we can't merge secret keys */
945 log_error( _("key %08lX: already in secret keyring\n"),
947 stats->secret_dups++;
948 if (is_status_enabled ())
949 print_import_ok (NULL, sk, 16);
951 /* TODO: if we ever do merge secret keys, make sure to handle
952 the sec_to_pub_keyblock feature as well. */
955 log_error( _("key %08lX: secret key not found: %s\n"),
956 (ulong)keyid[1], gpg_strerror (rc));
963 * Import a revocation certificate; this is a single signature packet.
966 import_revoke_cert( const char *fname, KBNODE node, struct stats_s *stats )
968 PKT_public_key *pk=NULL;
969 KBNODE onode, keyblock = NULL;
970 KEYDB_HANDLE hd = NULL;
974 assert( !node->next );
975 assert( node->pkt->pkttype == PKT_SIGNATURE );
976 assert( node->pkt->pkt.signature->sig_class == 0x20 );
978 keyid[0] = node->pkt->pkt.signature->keyid[0];
979 keyid[1] = node->pkt->pkt.signature->keyid[1];
981 pk = xcalloc (1, sizeof *pk );
982 rc = get_pubkey( pk, keyid );
983 if( gpg_err_code (rc) == GPG_ERR_NO_PUBKEY ) {
984 log_error ( _("key %08lX: no public key - "
985 "can't apply revocation certificate\n"), (ulong)keyid[1]);
990 log_error( _("key %08lX: public key not found: %s\n"),
991 (ulong)keyid[1], gpg_strerror (rc));
995 /* read the original keyblock */
998 byte afp[MAX_FINGERPRINT_LEN];
1001 fingerprint_from_pk (pk, afp, &an);
1002 while (an < MAX_FINGERPRINT_LEN)
1004 rc = keydb_search_fpr (hd, afp);
1007 log_error (_("key %08lX: can't locate original keyblock: %s\n"),
1008 (ulong)keyid[1], gpg_strerror (rc));
1011 rc = keydb_get_keyblock (hd, &keyblock );
1013 log_error (_("key %08lX: can't read original keyblock: %s\n"),
1014 (ulong)keyid[1], gpg_strerror (rc));
1019 /* it is okay, that node is not in keyblock because
1020 * check_key_signature works fine for sig_class 0x20 in this
1022 rc = check_key_signature( keyblock, node, NULL);
1024 log_error( _("key %08lX: invalid revocation certificate"
1025 ": %s - rejected\n"), (ulong)keyid[1], gpg_strerror (rc));
1030 /* check whether we already have this */
1031 for(onode=keyblock->next; onode; onode=onode->next ) {
1032 if( onode->pkt->pkttype == PKT_USER_ID )
1034 else if( onode->pkt->pkttype == PKT_SIGNATURE
1035 && !cmp_signatures(node->pkt->pkt.signature,
1036 onode->pkt->pkt.signature))
1039 goto leave; /* yes, we already know about it */
1045 insert_kbnode( keyblock, clone_kbnode(node), 0 );
1047 /* and write the keyblock back */
1048 rc = keydb_update_keyblock (hd, keyblock );
1050 log_error (_("error writing keyring `%s': %s\n"),
1051 keydb_get_resource_name (hd), gpg_strerror (rc) );
1052 keydb_release (hd); hd = NULL;
1055 char *p=get_user_id_printable (keyid);
1056 log_info( _("key %08lX: \"%s\" revocation certificate imported\n"),
1062 /* If the key we just revoked was ultimately trusted, remove its
1063 ultimate trust. This doesn't stop the user from putting the
1064 ultimate trust back, but is a reasonable solution for now. */
1065 if(get_ownertrust(pk)==TRUST_ULTIMATE)
1066 clear_ownertrusts(pk);
1068 revalidation_mark ();
1072 release_kbnode( keyblock );
1073 free_public_key( pk );
1079 * loop over the keyblock and check all self signatures.
1080 * Mark all user-ids with a self-signature by setting flag bit 0.
1081 * Mark all user-ids with an invalid self-signature by setting bit 1.
1082 * This works also for subkeys, here the subkey is marked. Invalid or
1083 * extra subkey sigs (binding or revocation) are marked for deletion.
1084 * non_self is set to true if there are any sigs other than self-sigs
1088 chk_self_sigs( const char *fname, KBNODE keyblock,
1089 PKT_public_key *pk, u32 *keyid, int *non_self )
1091 KBNODE n,knode=NULL;
1094 u32 bsdate=0,rsdate=0;
1095 KBNODE bsnode=NULL,rsnode=NULL;
1097 for( n=keyblock; (n = find_next_kbnode(n, 0)); ) {
1098 if(n->pkt->pkttype==PKT_PUBLIC_SUBKEY)
1107 else if( n->pkt->pkttype != PKT_SIGNATURE )
1109 sig = n->pkt->pkt.signature;
1110 if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] ) {
1112 /* This just caches the sigs for later use. That way we
1113 import a fully-cached key which speeds things up. */
1114 if(!opt.no_sig_cache)
1115 check_key_signature(keyblock,n,NULL);
1117 if( (sig->sig_class&~3) == 0x10 ) {
1118 KBNODE unode = find_prev_kbnode( keyblock, n, PKT_USER_ID );
1120 log_error( _("key %08lX: no user ID for signature\n"),
1122 return -1; /* the complete keyblock is invalid */
1125 /* If it hasn't been marked valid yet, keep trying */
1126 if(!(unode->flag&1)) {
1127 rc = check_key_signature( keyblock, n, NULL);
1132 char *p=utf8_to_native(unode->pkt->pkt.user_id->name,
1133 strlen(unode->pkt->pkt.user_id->name),0);
1134 log_info( gpg_err_code (rc) == GPG_ERR_PUBKEY_ALGO ?
1135 _("key %08lX: unsupported public key "
1136 "algorithm on user id \"%s\"\n"):
1137 _("key %08lX: invalid self-signature "
1138 "on user id \"%s\"\n"),
1144 unode->flag |= 1; /* mark that signature checked */
1147 else if( sig->sig_class == 0x18 ) {
1148 /* Note that this works based solely on the timestamps
1149 like the rest of gpg. If the standard gets
1150 revocation targets, this may need to be revised. */
1155 log_info( _("key %08lX: no subkey for subkey "
1156 "binding signature\n"),(ulong)keyid[1]);
1157 n->flag |= 4; /* delete this */
1161 rc = check_key_signature( keyblock, n, NULL);
1165 log_info( gpg_err_code (rc) == GPG_ERR_PUBKEY_ALGO ?
1166 _("key %08lX: unsupported public key algorithm\n"):
1167 _("key %08lX: invalid subkey binding\n"),
1173 /* It's valid, so is it newer? */
1174 if(sig->timestamp>=bsdate)
1176 knode->flag |= 1; /* the subkey is valid */
1179 bsnode->flag|=4; /* Delete the last binding
1180 sig since this one is
1183 log_info(_("key %08lX: removed multiple "
1184 "subkey binding\n"),
1189 bsdate=sig->timestamp;
1192 n->flag|=4; /* older */
1196 else if( sig->sig_class == 0x28 ) {
1197 /* We don't actually mark the subkey as revoked right
1198 now, so just check that the revocation sig is the
1199 most recent valid one. Note that we don't care if
1200 the binding sig is newer than the revocation sig.
1201 See the comment in getkey.c:merge_selfsigs_subkey for
1205 log_info( _("key %08lX: no subkey for subkey "
1206 "revocation signature\n"),(ulong)keyid[1]);
1207 n->flag |= 4; /* delete this */
1210 rc = check_key_signature( keyblock, n, NULL);
1213 log_info( gpg_err_code (rc) == GPG_ERR_PUBKEY_ALGO ?
1214 _("key %08lX: unsupported public key algorithm\n"):
1215 _("key %08lX: invalid subkey revocation\n"),
1220 /* It's valid, so is it newer? */
1221 if(sig->timestamp>=rsdate) {
1223 rsnode->flag|=4; /* Delete the last revocation
1224 sig since this one is
1227 log_info(_("key %08lX: removed multiple subkey "
1228 "revocation signatures\n"),
1233 rsdate=sig->timestamp;
1236 n->flag|=4; /* older */
1249 * delete all parts which are invalid and those signatures whose
1250 * public key algorithm is not available in this implemenation;
1251 * but consider RSA as valid, because parse/build_packets knows
1253 * returns: true if at least one valid user-id is left over.
1256 delete_inv_parts( const char *fname, KBNODE keyblock,
1257 u32 *keyid, unsigned int options)
1260 int nvalid=0, uid_seen=0, subkey_seen=0;
1262 for(node=keyblock->next; node; node = node->next ) {
1263 if( node->pkt->pkttype == PKT_USER_ID ) {
1265 if( (node->flag & 2) || !(node->flag & 1) ) {
1267 log_info( _("key %08lX: skipped user ID '"),
1269 print_utf8_string( stderr, node->pkt->pkt.user_id->name,
1270 node->pkt->pkt.user_id->len );
1271 fputs("'\n", stderr );
1273 delete_kbnode( node ); /* the user-id */
1274 /* and all following packets up to the next user-id */
1276 && node->next->pkt->pkttype != PKT_USER_ID
1277 && node->next->pkt->pkttype != PKT_PUBLIC_SUBKEY
1278 && node->next->pkt->pkttype != PKT_SECRET_SUBKEY ){
1279 delete_kbnode( node->next );
1286 else if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY
1287 || node->pkt->pkttype == PKT_SECRET_SUBKEY ) {
1288 if( (node->flag & 2) || !(node->flag & 1) ) {
1290 log_info( _("key %08lX: skipped subkey\n"),
1293 delete_kbnode( node ); /* the subkey */
1294 /* and all following signature packets */
1296 && node->next->pkt->pkttype == PKT_SIGNATURE ) {
1297 delete_kbnode( node->next );
1304 else if( node->pkt->pkttype == PKT_SIGNATURE
1305 && openpgp_pk_test_algo( node->pkt->pkt.signature
1307 && node->pkt->pkt.signature->pubkey_algo != PUBKEY_ALGO_RSA )
1308 delete_kbnode( node ); /* build_packet() can't handle this */
1309 else if( node->pkt->pkttype == PKT_SIGNATURE &&
1310 !node->pkt->pkt.signature->flags.exportable &&
1311 !(options&IMPORT_ALLOW_LOCAL_SIGS) &&
1312 seckey_available( node->pkt->pkt.signature->keyid ) ) {
1313 /* Here we violate the rfc a bit by still allowing
1314 * to import non-exportable signature when we have the
1315 * the secret key used to create this signature - it
1316 * seems that this makes sense. */
1318 log_info( _("key %08lX: non exportable signature "
1319 "(class %02x) - skipped\n"),
1321 node->pkt->pkt.signature->sig_class );
1322 delete_kbnode( node );
1324 else if( node->pkt->pkttype == PKT_SIGNATURE
1325 && node->pkt->pkt.signature->sig_class == 0x20 ) {
1328 log_error( _("key %08lX: revocation certificate "
1329 "at wrong place - skipped\n"),
1331 delete_kbnode( node );
1334 /* If the revocation cert is from a different key than
1335 the one we're working on don't check it - it's
1336 probably from a revocation key and won't be
1337 verifiable with this key anyway. */
1339 if(node->pkt->pkt.signature->keyid[0]==keyid[0] &&
1340 node->pkt->pkt.signature->keyid[1]==keyid[1])
1342 int rc = check_key_signature( keyblock, node, NULL);
1346 log_info ( _("key %08lX: invalid revocation "
1347 "certificate: %s - skipped\n"),
1348 (ulong)keyid[1], gpg_strerror (rc));
1349 delete_kbnode( node );
1354 else if( node->pkt->pkttype == PKT_SIGNATURE &&
1355 (node->pkt->pkt.signature->sig_class == 0x18 ||
1356 node->pkt->pkt.signature->sig_class == 0x28) &&
1359 log_info ( _("key %08lX: subkey signature "
1360 "in wrong place - skipped\n"),
1362 delete_kbnode( node );
1364 else if( node->pkt->pkttype == PKT_SIGNATURE
1365 && !IS_CERT(node->pkt->pkt.signature))
1368 log_info (_("key %08lX: unexpected signature class (0x%02X) -"
1369 " skipped\n"),(ulong)keyid[1],
1370 node->pkt->pkt.signature->sig_class);
1371 delete_kbnode(node);
1373 else if( (node->flag & 4) ) /* marked for deletion */
1374 delete_kbnode( node );
1377 /* note: because keyblock is the public key, it is never marked
1378 * for deletion and so keyblock cannot change */
1379 commit_kbnode( &keyblock );
1385 * It may happen that the imported keyblock has duplicated user IDs.
1386 * We check this here and collapse those user IDs together with their
1388 * Returns: True if the keyblock hash changed.
1391 collapse_uids( KBNODE *keyblock )
1399 for( n = *keyblock; n; n = n->next ) {
1400 if( n->pkt->pkttype != PKT_USER_ID )
1402 for( n2 = n->next; n2; n2 = n2->next ) {
1403 if( n2->pkt->pkttype == PKT_USER_ID
1404 && !cmp_user_ids( n->pkt->pkt.user_id,
1405 n2->pkt->pkt.user_id ) ) {
1406 /* found a duplicate */
1409 || n2->next->pkt->pkttype == PKT_USER_ID
1410 || n2->next->pkt->pkttype == PKT_PUBLIC_SUBKEY
1411 || n2->next->pkt->pkttype == PKT_SECRET_SUBKEY ) {
1412 /* no more signatures: delete the user ID
1414 remove_kbnode( keyblock, n2 );
1417 /* The simple approach: Move one signature and
1418 * then start over to delete the next one :-( */
1419 move_kbnode( keyblock, n2->next, n->next );
1429 /* now we may have duplicate signatures on one user ID: fix this */
1430 for( in_uid = 0, n = *keyblock; n; n = n->next ) {
1431 if( n->pkt->pkttype == PKT_USER_ID )
1433 else if( n->pkt->pkttype == PKT_PUBLIC_SUBKEY
1434 || n->pkt->pkttype == PKT_SECRET_SUBKEY )
1440 for( ; n2; n2 = n2->next ) {
1441 if( n2->pkt->pkttype == PKT_USER_ID
1442 || n2->pkt->pkttype == PKT_PUBLIC_SUBKEY
1443 || n2->pkt->pkttype == PKT_SECRET_SUBKEY )
1445 if( n2->pkt->pkttype != PKT_SIGNATURE )
1449 else if( !cmp_signatures( ncmp->pkt->pkt.signature,
1450 n2->pkt->pkt.signature )) {
1451 remove_kbnode( keyblock, n2 );
1455 n2 = ncmp? ncmp->next : NULL;
1460 if( (n = find_kbnode( *keyblock, PKT_PUBLIC_KEY )) )
1461 kid1 = keyid_from_pk( n->pkt->pkt.public_key, NULL );
1462 else if( (n = find_kbnode( *keyblock, PKT_SECRET_KEY )) )
1463 kid1 = keyid_from_sk( n->pkt->pkt.secret_key, NULL );
1467 log_info (_("key %08lX: duplicated user ID detected - merged\n"),
1473 /* Check for a 0x20 revocation from a revocation key that is not
1474 present. This gets called without the benefit of merge_xxxx so you
1475 can't rely on pk->revkey and friends. */
1477 revocation_present(KBNODE keyblock)
1480 PKT_public_key *pk=keyblock->pkt->pkt.public_key;
1482 for(onode=keyblock->next;onode;onode=onode->next)
1484 /* If we reach user IDs, we're done. */
1485 if(onode->pkt->pkttype==PKT_USER_ID)
1488 if(onode->pkt->pkttype==PKT_SIGNATURE &&
1489 onode->pkt->pkt.signature->sig_class==0x1F &&
1490 onode->pkt->pkt.signature->revkey)
1493 PKT_signature *sig=onode->pkt->pkt.signature;
1495 for(idx=0;idx<sig->numrevkeys;idx++)
1499 keyid_from_fingerprint(sig->revkey[idx]->fpr,
1500 MAX_FINGERPRINT_LEN,keyid);
1502 for(inode=keyblock->next;inode;inode=inode->next)
1504 /* If we reach user IDs, we're done. */
1505 if(inode->pkt->pkttype==PKT_USER_ID)
1508 if(inode->pkt->pkttype==PKT_SIGNATURE &&
1509 inode->pkt->pkt.signature->sig_class==0x20 &&
1510 inode->pkt->pkt.signature->keyid[0]==keyid[0] &&
1511 inode->pkt->pkt.signature->keyid[1]==keyid[1])
1513 /* Okay, we have a revocation key, and a
1514 revocation issued by it. Do we have the key
1518 rc=get_pubkey_byfprint_fast (NULL,sig->revkey[idx]->fpr,
1519 MAX_FINGERPRINT_LEN);
1520 if ( gpg_err_code (rc) == GPG_ERR_NO_PUBKEY
1521 || gpg_err_code (rc) == GPG_ERR_UNUSABLE_PUBKEY)
1523 /* No, so try and get it */
1524 if(opt.keyserver_scheme &&
1525 opt.keyserver_options.auto_key_retrieve)
1527 log_info(_("WARNING: key %08lX may be revoked: "
1528 "fetching revocation key %08lX\n"),
1529 (ulong)keyid_from_pk(pk,NULL),
1531 keyserver_import_fprint(sig->revkey[idx]->fpr,
1532 MAX_FINGERPRINT_LEN);
1534 /* Do we have it now? */
1535 rc=get_pubkey_byfprint_fast (NULL,
1536 sig->revkey[idx]->fpr,
1537 MAX_FINGERPRINT_LEN);
1540 if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY
1541 || gpg_err_code (rc) == GPG_ERR_UNUSABLE_PUBKEY)
1542 log_info(_("WARNING: key %08lX may be revoked: "
1543 "revocation key %08lX not present.\n"),
1544 (ulong)keyid_from_pk(pk,NULL),
1555 * compare and merge the blocks
1557 * o compare the signatures: If we already have this signature, check
1558 * that they compare okay; if not, issue a warning and ask the user.
1559 * o Simply add the signature. Can't verify here because we may not have
1560 * the signature's public key yet; verification is done when putting it
1561 * into the trustdb, which is done automagically as soon as this pubkey
1563 * Note: We indicate newly inserted packets with flag bit 0
1566 merge_blocks( const char *fname, KBNODE keyblock_orig, KBNODE keyblock,
1567 u32 *keyid, int *n_uids, int *n_sigs, int *n_subk )
1572 /* 1st: handle revocation certificates */
1573 for(node=keyblock->next; node; node=node->next ) {
1574 if( node->pkt->pkttype == PKT_USER_ID )
1576 else if( node->pkt->pkttype == PKT_SIGNATURE
1577 && node->pkt->pkt.signature->sig_class == 0x20 ) {
1578 /* check whether we already have this */
1580 for(onode=keyblock_orig->next; onode; onode=onode->next ) {
1581 if( onode->pkt->pkttype == PKT_USER_ID )
1583 else if( onode->pkt->pkttype == PKT_SIGNATURE
1584 && onode->pkt->pkt.signature->sig_class == 0x20
1585 && !cmp_signatures(onode->pkt->pkt.signature,
1586 node->pkt->pkt.signature))
1593 KBNODE n2 = clone_kbnode(node);
1594 insert_kbnode( keyblock_orig, n2, 0 );
1600 char *p=get_user_id_printable (keyid);
1601 log_info(_("key %08lX: \"%s\" "
1602 "revocation certificate added\n"),
1610 /* 2nd: merge in any direct key (0x1F) sigs */
1611 for(node=keyblock->next; node; node=node->next ) {
1612 if( node->pkt->pkttype == PKT_USER_ID )
1614 else if( node->pkt->pkttype == PKT_SIGNATURE
1615 && node->pkt->pkt.signature->sig_class == 0x1F ) {
1616 /* check whether we already have this */
1618 for(onode=keyblock_orig->next; onode; onode=onode->next ) {
1619 if( onode->pkt->pkttype == PKT_USER_ID )
1621 else if( onode->pkt->pkttype == PKT_SIGNATURE
1622 && onode->pkt->pkt.signature->sig_class == 0x1F
1623 && !cmp_signatures(onode->pkt->pkt.signature,
1624 node->pkt->pkt.signature)) {
1630 KBNODE n2 = clone_kbnode(node);
1631 insert_kbnode( keyblock_orig, n2, 0 );
1635 log_info( _("key %08lX: direct key signature added\n"),
1641 /* 3rd: try to merge new certificates in */
1642 for(onode=keyblock_orig->next; onode; onode=onode->next ) {
1643 if( !(onode->flag & 1) && onode->pkt->pkttype == PKT_USER_ID) {
1644 /* find the user id in the imported keyblock */
1645 for(node=keyblock->next; node; node=node->next )
1646 if( node->pkt->pkttype == PKT_USER_ID
1647 && !cmp_user_ids( onode->pkt->pkt.user_id,
1648 node->pkt->pkt.user_id ) )
1650 if( node ) { /* found: merge */
1651 rc = merge_sigs( onode, node, n_sigs, fname, keyid );
1658 /* 4th: add new user-ids */
1659 for(node=keyblock->next; node; node=node->next ) {
1660 if( node->pkt->pkttype == PKT_USER_ID) {
1661 /* do we have this in the original keyblock */
1662 for(onode=keyblock_orig->next; onode; onode=onode->next )
1663 if( onode->pkt->pkttype == PKT_USER_ID
1664 && !cmp_user_ids( onode->pkt->pkt.user_id,
1665 node->pkt->pkt.user_id ) )
1667 if( !onode ) { /* this is a new user id: append */
1668 rc = append_uid( keyblock_orig, node, n_sigs, fname, keyid);
1676 /* 5th: add new subkeys */
1677 for(node=keyblock->next; node; node=node->next ) {
1679 if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
1680 /* do we have this in the original keyblock? */
1681 for(onode=keyblock_orig->next; onode; onode=onode->next )
1682 if( onode->pkt->pkttype == PKT_PUBLIC_SUBKEY
1683 && !cmp_public_keys( onode->pkt->pkt.public_key,
1684 node->pkt->pkt.public_key ) )
1686 if( !onode ) { /* this is a new subkey: append */
1687 rc = append_key( keyblock_orig, node, n_sigs, fname, keyid);
1693 else if( node->pkt->pkttype == PKT_SECRET_SUBKEY ) {
1694 /* do we have this in the original keyblock? */
1695 for(onode=keyblock_orig->next; onode; onode=onode->next )
1696 if( onode->pkt->pkttype == PKT_SECRET_SUBKEY
1697 && !cmp_secret_keys( onode->pkt->pkt.secret_key,
1698 node->pkt->pkt.secret_key ) )
1700 if( !onode ) { /* this is a new subkey: append */
1701 rc = append_key( keyblock_orig, node, n_sigs, fname, keyid);
1709 /* 6th: merge subkey certificates */
1710 for(onode=keyblock_orig->next; onode; onode=onode->next ) {
1711 if( !(onode->flag & 1)
1712 && ( onode->pkt->pkttype == PKT_PUBLIC_SUBKEY
1713 || onode->pkt->pkttype == PKT_SECRET_SUBKEY) ) {
1714 /* find the subkey in the imported keyblock */
1715 for(node=keyblock->next; node; node=node->next ) {
1716 if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY
1717 && !cmp_public_keys( onode->pkt->pkt.public_key,
1718 node->pkt->pkt.public_key ) )
1720 else if( node->pkt->pkttype == PKT_SECRET_SUBKEY
1721 && !cmp_secret_keys( onode->pkt->pkt.secret_key,
1722 node->pkt->pkt.secret_key ) )
1725 if( node ) { /* found: merge */
1726 rc = merge_keysigs( onode, node, n_sigs, fname, keyid );
1739 * append the userid starting with NODE and all signatures to KEYBLOCK.
1742 append_uid( KBNODE keyblock, KBNODE node, int *n_sigs,
1743 const char *fname, u32 *keyid )
1745 KBNODE n, n_where=NULL;
1747 assert(node->pkt->pkttype == PKT_USER_ID );
1749 /* find the position */
1750 for( n = keyblock; n; n_where = n, n = n->next ) {
1751 if( n->pkt->pkttype == PKT_PUBLIC_SUBKEY
1752 || n->pkt->pkttype == PKT_SECRET_SUBKEY )
1758 /* and append/insert */
1760 /* we add a clone to the original keyblock, because this
1761 * one is released first */
1762 n = clone_kbnode(node);
1764 insert_kbnode( n_where, n, 0 );
1768 add_kbnode( keyblock, n );
1771 if( n->pkt->pkttype == PKT_SIGNATURE )
1775 if( node && node->pkt->pkttype != PKT_SIGNATURE )
1784 * Merge the sigs from SRC onto DST. SRC and DST are both a PKT_USER_ID.
1785 * (how should we handle comment packets here?)
1788 merge_sigs( KBNODE dst, KBNODE src, int *n_sigs,
1789 const char *fname, u32 *keyid )
1794 assert(dst->pkt->pkttype == PKT_USER_ID );
1795 assert(src->pkt->pkttype == PKT_USER_ID );
1797 for(n=src->next; n && n->pkt->pkttype != PKT_USER_ID; n = n->next ) {
1798 if( n->pkt->pkttype != PKT_SIGNATURE )
1800 if( n->pkt->pkt.signature->sig_class == 0x18
1801 || n->pkt->pkt.signature->sig_class == 0x28 )
1802 continue; /* skip signatures which are only valid on subkeys */
1804 for(n2=dst->next; n2 && n2->pkt->pkttype != PKT_USER_ID; n2 = n2->next)
1805 if(!cmp_signatures(n->pkt->pkt.signature,n2->pkt->pkt.signature))
1811 /* This signature is new or newer, append N to DST.
1812 * We add a clone to the original keyblock, because this
1813 * one is released first */
1814 n2 = clone_kbnode(n);
1815 insert_kbnode( dst, n2, PKT_SIGNATURE );
1826 * Merge the sigs from SRC onto DST. SRC and DST are both a PKT_xxx_SUBKEY.
1829 merge_keysigs( KBNODE dst, KBNODE src, int *n_sigs,
1830 const char *fname, u32 *keyid )
1835 assert( dst->pkt->pkttype == PKT_PUBLIC_SUBKEY
1836 || dst->pkt->pkttype == PKT_SECRET_SUBKEY );
1838 for(n=src->next; n ; n = n->next ) {
1839 if( n->pkt->pkttype == PKT_PUBLIC_SUBKEY
1840 || n->pkt->pkttype == PKT_PUBLIC_KEY )
1842 if( n->pkt->pkttype != PKT_SIGNATURE )
1845 for(n2=dst->next; n2; n2 = n2->next){
1846 if( n2->pkt->pkttype == PKT_PUBLIC_SUBKEY
1847 || n2->pkt->pkttype == PKT_PUBLIC_KEY )
1849 if( n2->pkt->pkttype == PKT_SIGNATURE
1850 && n->pkt->pkt.signature->keyid[0]
1851 == n2->pkt->pkt.signature->keyid[0]
1852 && n->pkt->pkt.signature->keyid[1]
1853 == n2->pkt->pkt.signature->keyid[1]
1854 && n->pkt->pkt.signature->timestamp
1855 <= n2->pkt->pkt.signature->timestamp
1856 && n->pkt->pkt.signature->sig_class
1857 == n2->pkt->pkt.signature->sig_class ) {
1863 /* This signature is new or newer, append N to DST.
1864 * We add a clone to the original keyblock, because this
1865 * one is released first */
1866 n2 = clone_kbnode(n);
1867 insert_kbnode( dst, n2, PKT_SIGNATURE );
1878 * append the subkey starting with NODE and all signatures to KEYBLOCK.
1879 * Mark all new and copied packets by setting flag bit 0.
1882 append_key( KBNODE keyblock, KBNODE node, int *n_sigs,
1883 const char *fname, u32 *keyid )
1887 assert( node->pkt->pkttype == PKT_PUBLIC_SUBKEY
1888 || node->pkt->pkttype == PKT_SECRET_SUBKEY );
1891 /* we add a clone to the original keyblock, because this
1892 * one is released first */
1893 n = clone_kbnode(node);
1894 add_kbnode( keyblock, n );
1897 if( n->pkt->pkttype == PKT_SIGNATURE )
1901 if( node && node->pkt->pkttype != PKT_SIGNATURE )
projects / gnupg.git / blob