2 * Copyright (C) 1998 Free Software Foundation, Inc.
4 * This file is part of GNUPG.
6 * GNUPG is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * GNUPG is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
43 do_sign( PKT_secret_key *sk, PKT_signature *sig,
44 MD_HANDLE md, int digest_algo )
50 if( is_RSA(sk->pubkey_algo) )
54 digest_algo = md_get_algo(md);
56 dp = md_read( md, digest_algo );
57 sig->digest_algo = digest_algo;
58 sig->digest_start[0] = dp[0];
59 sig->digest_start[1] = dp[1];
60 frame = encode_md_value( sk->pubkey_algo, md,
61 digest_algo, mpi_get_nbits(sk->skey[0]));
62 rc = pubkey_sign( sk->pubkey_algo, sig->data, frame, sk->skey );
65 log_error(_("signing failed: %s\n"), g10_errstr(rc) );
68 char *ustr = get_user_id_string( sig->keyid );
69 log_info(_("%s signature from: %s\n"),
70 pubkey_algo_to_string(sk->pubkey_algo), ustr );
80 complete_sig( PKT_signature *sig, PKT_secret_key *sk, MD_HANDLE md )
84 if( !(rc=check_secret_key( sk, 0 )) )
85 rc = do_sign( sk, sig, md, 0 );
87 /* fixme: should we check whether the signature is okay?
88 * maybe by using an option */
94 hash_for(int pubkey_algo )
96 if( opt.def_digest_algo )
97 return opt.def_digest_algo;
98 if( pubkey_algo == PUBKEY_ALGO_DSA )
99 return DIGEST_ALGO_SHA1;
100 if( pubkey_algo == PUBKEY_ALGO_RSA )
101 return DIGEST_ALGO_MD5;
102 return DEFAULT_DIGEST_ALGO;
106 only_old_style( SK_LIST sk_list )
108 SK_LIST sk_rover = NULL;
111 /* if there are only old style capable key we use the old sytle */
112 for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
113 PKT_secret_key *sk = sk_rover->sk;
114 if( sk->pubkey_algo == PUBKEY_ALGO_RSA && sk->version < 4 )
125 * Sign the files whose names are in FILENAME.
126 * If DETACHED has the value true,
127 * make a detached signature. If FILENAMES->d is NULL read from stdin
128 * and ignore the detached mode. Sign the file with all secret keys
129 * which can be taken from LOCUSR, if this is NULL, use the default one
130 * If ENCRYPT is true, use REMUSER (or ask if it is NULL) to encrypt the
131 * signed data for these users.
132 * If OUTFILE is not NULL; this file is used for output and the function
133 * does not ask for overwrite permission; output is then always
134 * uncompressed, non-armored and in binary mode.
137 sign_file( STRLIST filenames, int detached, STRLIST locusr,
138 int encrypt, STRLIST remusr, const char *outfile )
141 armor_filter_context_t afx;
142 compress_filter_context_t zfx;
143 md_filter_context_t mfx;
144 text_filter_context_t tfx;
145 encrypt_filter_context_t efx;
146 IOBUF inp = NULL, out = NULL;
148 PKT_plaintext *pt = NULL;
151 PK_LIST pk_list = NULL;
152 SK_LIST sk_list = NULL;
153 SK_LIST sk_rover = NULL;
155 int old_style = opt.rfc1991;
156 int compr_algo = -1; /* unknown */
159 memset( &afx, 0, sizeof afx);
160 memset( &zfx, 0, sizeof zfx);
161 memset( &mfx, 0, sizeof mfx);
162 memset( &tfx, 0, sizeof tfx);
163 memset( &efx, 0, sizeof efx);
167 fname = filenames->d;
168 multifile = !!filenames->next;
173 if( fname && filenames->next && (!detached || encrypt) )
174 log_bug("multiple files can only be detached signed");
176 if( (rc=build_sk_list( locusr, &sk_list, 1, PUBKEY_USAGE_SIG )) )
179 old_style = only_old_style( sk_list );
182 if( (rc=build_pk_list( remusr, &pk_list, PUBKEY_USAGE_ENC )) )
185 compr_algo = select_algo_from_prefs( pk_list, PREFTYPE_COMPR );
189 if( multifile ) /* have list of filenames */
190 inp = NULL; /* we do it later */
191 else if( !(inp = iobuf_open(fname)) ) {
192 log_error("can't open %s: %s\n", fname? fname: "[stdin]",
194 rc = G10ERR_OPEN_FILE;
199 if( !(out = iobuf_create( outfile )) ) {
200 log_error(_("can't create %s: %s\n"), outfile, strerror(errno) );
201 rc = G10ERR_CREATE_FILE;
204 else if( opt.verbose )
205 log_info(_("writing to '%s'\n"), outfile );
207 else if( (rc = open_outfile( fname, opt.armor? 1: detached? 2:0, &out )))
210 /* prepare to calculate the MD over the input */
211 if( opt.textmode && !outfile )
212 iobuf_push_filter( inp, text_filter, &tfx );
213 mfx.md = md_open(0, 0);
215 for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
216 PKT_secret_key *sk = sk_rover->sk;
217 md_enable(mfx.md, hash_for(sk->pubkey_algo));
221 iobuf_push_filter( inp, md_filter, &mfx );
223 if( detached && !encrypt && !opt.rfc1991 )
226 if( opt.armor && !outfile )
227 iobuf_push_filter( out, armor_filter, &afx );
228 #ifdef ENABLE_COMMENT_PACKETS
230 write_comment( out, "#created by GNUPG v" VERSION " ("
231 PRINTABLE_OS_NAME ")");
232 if( opt.comment_string )
233 write_comment( out, opt.comment_string );
237 efx.pk_list = pk_list;
238 /* fixme: set efx.cfx.datalen if known */
239 iobuf_push_filter( out, encrypt_filter, &efx );
242 if( opt.compress && !outfile && ( !detached || opt.compress_sigs) ) {
244 ; /* don't use compression */
246 if( old_style || compr_algo == 1 )
248 iobuf_push_filter( out, compress_filter, &zfx );
252 if( !detached && !old_style ) {
254 /* loop over the secret certificates and build headers
255 * The specs now say that the data should be bracket by
256 * the onepass-sig and signature-packet; so we must build it
257 * here in reverse order */
258 for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next )
260 for( ; skcount; skcount-- ) {
262 PKT_onepass_sig *ops;
265 for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next )
270 ops = m_alloc_clear( sizeof *ops );
271 ops->sig_class = opt.textmode && !outfile ? 0x01 : 0x00;
272 ops->digest_algo = hash_for(sk->pubkey_algo);
273 ops->pubkey_algo = sk->pubkey_algo;
274 keyid_from_sk( sk, ops->keyid );
275 ops->last = skcount == 1;
278 pkt.pkttype = PKT_ONEPASS_SIG;
279 pkt.pkt.onepass_sig = ops;
280 rc = build_packet( out, &pkt );
283 log_error("build onepass_sig packet failed: %s\n",
290 /* setup the inner packet */
296 log_info(_("signing:") );
297 /* must walk reverse trough this list */
298 for( sl = strlist_last(filenames); sl;
299 sl = strlist_prev( filenames, sl ) ) {
300 if( !(inp = iobuf_open(sl->d)) ) {
301 log_error(_("can't open %s: %s\n"),
302 sl->d, strerror(errno) );
303 rc = G10ERR_OPEN_FILE;
307 fprintf(stderr, " '%s'", sl->d );
308 iobuf_push_filter( inp, md_filter, &mfx );
309 while( iobuf_get(inp) != -1 )
311 iobuf_close(inp); inp = NULL;
314 putc( '\n', stderr );
317 /* read, so that the filter can calculate the digest */
318 while( iobuf_get(inp) != -1 )
323 if( fname || opt.set_filename ) {
324 char *s = make_basename( opt.set_filename ? opt.set_filename : fname );
325 pt = m_alloc( sizeof *pt + strlen(s) - 1 );
326 pt->namelen = strlen(s);
327 memcpy(pt->name, s, pt->namelen );
330 else { /* no filename */
331 pt = m_alloc( sizeof *pt - 1 );
335 if( !(filesize = iobuf_get_filelength(inp)) )
336 log_info(_("WARNING: '%s' is an empty file\n"), fname );
338 /* because the text_filter modifies the length of the
339 * data, it is not possible to know the used length
340 * without a double read of the file - to avoid that
341 * we simple use partial length packets.
342 * FIXME: We have to do the double read when opt.rfc1991
345 if( opt.textmode && !outfile )
349 filesize = 0; /* stdin */
350 pt->timestamp = make_timestamp();
351 pt->mode = opt.textmode && !outfile ? 't':'b';
353 pt->new_ctb = !pt->len && !opt.rfc1991;
355 pkt.pkttype = PKT_PLAINTEXT;
356 pkt.pkt.plaintext = pt;
357 /*cfx.datalen = filesize? calc_packet_length( &pkt ) : 0;*/
358 if( (rc = build_packet( out, &pkt )) )
359 log_error("build_packet(PLAINTEXT) failed: %s\n", g10_errstr(rc) );
363 /* loop over the secret certificates */
364 for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
371 /* build the signature packet */
372 /* fixme: this code is partly duplicated in make_keysig_packet */
373 sig = m_alloc_clear( sizeof *sig );
374 sig->version = old_style || opt.force_v3_sigs ? 3 : sk->version;
375 keyid_from_sk( sk, sig->keyid );
376 sig->digest_algo = hash_for(sk->pubkey_algo);
377 sig->pubkey_algo = sk->pubkey_algo;
378 sig->timestamp = make_timestamp();
379 sig->sig_class = opt.textmode && !outfile? 0x01 : 0x00;
381 md = md_copy( mfx.md );
383 if( sig->version >= 4 ) {
384 build_sig_subpkt_from_sig( sig );
385 md_putc( md, sig->version );
387 md_putc( md, sig->sig_class );
388 if( sig->version < 4 ) {
389 u32 a = sig->timestamp;
390 md_putc( md, (a >> 24) & 0xff );
391 md_putc( md, (a >> 16) & 0xff );
392 md_putc( md, (a >> 8) & 0xff );
393 md_putc( md, a & 0xff );
399 md_putc( md, sig->pubkey_algo );
400 md_putc( md, sig->digest_algo );
401 if( sig->hashed_data ) {
402 n = (sig->hashed_data[0] << 8) | sig->hashed_data[1];
403 md_write( md, sig->hashed_data, n+2 );
409 buf[0] = sig->version;
411 buf[2] = n >> 24; /* hmmm, n is only 16 bit, so this is always 0 */
415 md_write( md, buf, 6 );
420 rc = do_sign( sk, sig, md, hash_for(sig->pubkey_algo) );
423 if( !rc ) { /* and write it */
425 pkt.pkttype = PKT_SIGNATURE;
426 pkt.pkt.signature = sig;
427 rc = build_packet( out, &pkt );
430 log_error("build signature packet failed: %s\n", g10_errstr(rc) );
444 release_sk_list( sk_list );
445 release_pk_list( pk_list );
452 * Note: We do not calculate the hash over the last CR,LF
455 write_dash_escaped( IOBUF inp, IOBUF out, MD_HANDLE md )
461 if( opt.not_dash_escaped ) {
463 while( (c = iobuf_get(inp)) != -1 ) {
468 if( lastlf != '\n' ) {
469 /* add a missing trailing LF */
471 iobuf_put( out, '\n' );
477 while( (c = iobuf_get(inp)) != -1 ) {
478 /* Note: We don't escape "From " because the MUA should cope with it */
482 iobuf_put( out, ' ' );
516 iobuf_put( out, '\n' );
518 return 0; /* fixme: add error handling */
523 * make a clear signature. note that opt.armor is not needed
526 clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
528 armor_filter_context_t afx;
529 text_filter_context_t tfx;
530 MD_HANDLE textmd = NULL;
531 IOBUF inp = NULL, out = NULL;
534 SK_LIST sk_list = NULL;
535 SK_LIST sk_rover = NULL;
536 int old_style = opt.rfc1991;
539 memset( &afx, 0, sizeof afx);
540 memset( &tfx, 0, sizeof tfx);
543 if( (rc=build_sk_list( locusr, &sk_list, 1, PUBKEY_USAGE_SIG )) )
546 old_style = only_old_style( sk_list );
549 if( !(inp = iobuf_open(fname)) ) {
550 log_error("can't open %s: %s\n", fname? fname: "[stdin]",
552 rc = G10ERR_OPEN_FILE;
557 if( !(out = iobuf_create( outfile )) ) {
558 log_error(_("can't create %s: %s\n"), outfile, strerror(errno) );
559 rc = G10ERR_CREATE_FILE;
562 else if( opt.verbose )
563 log_info(_("writing to '%s'\n"), outfile );
565 else if( (rc = open_outfile( fname, 1, &out )) )
568 iobuf_writestr(out, "-----BEGIN PGP SIGNED MESSAGE-----\n" );
570 for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
571 PKT_secret_key *sk = sk_rover->sk;
572 if( hash_for(sk->pubkey_algo) == DIGEST_ALGO_MD5 )
580 if( old_style || only_md5 )
581 iobuf_writestr(out, "\n" );
586 iobuf_writestr(out, "Hash: " );
587 for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
588 PKT_secret_key *sk = sk_rover->sk;
589 s = digest_algo_to_string( hash_for(sk->pubkey_algo) );
592 iobuf_put(out, ',' );
593 iobuf_writestr(out, s );
598 iobuf_writestr(out, "\n" );
599 if( opt.not_dash_escaped )
601 "NotDashEscaped: You need GnuPG to verify this message\n" );
602 iobuf_writestr(out, "\n" );
606 textmd = md_open(0, 0);
607 for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
608 PKT_secret_key *sk = sk_rover->sk;
609 md_enable(textmd, hash_for(sk->pubkey_algo));
611 if( !opt.not_dash_escaped )
612 iobuf_push_filter( inp, text_filter, &tfx );
613 rc = write_dash_escaped( inp, out, textmd );
618 iobuf_push_filter( out, armor_filter, &afx );
620 /* loop over the secret certificates */
621 for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
628 /* build the signature packet */
629 /* fixme: this code is duplicated above */
630 sig = m_alloc_clear( sizeof *sig );
631 sig->version = old_style || opt.force_v3_sigs ? 3 : sk->version;
632 keyid_from_sk( sk, sig->keyid );
633 sig->digest_algo = hash_for(sk->pubkey_algo);
634 sig->pubkey_algo = sk->pubkey_algo;
635 sig->timestamp = make_timestamp();
636 sig->sig_class = 0x01;
638 md = md_copy( textmd );
639 if( sig->version >= 4 ) {
640 build_sig_subpkt_from_sig( sig );
641 md_putc( md, sig->version );
643 md_putc( md, sig->sig_class );
644 if( sig->version < 4 ) {
645 u32 a = sig->timestamp;
646 md_putc( md, (a >> 24) & 0xff );
647 md_putc( md, (a >> 16) & 0xff );
648 md_putc( md, (a >> 8) & 0xff );
649 md_putc( md, a & 0xff );
655 md_putc( md, sig->pubkey_algo );
656 md_putc( md, sig->digest_algo );
657 if( sig->hashed_data ) {
658 n = (sig->hashed_data[0] << 8) | sig->hashed_data[1];
659 md_write( md, sig->hashed_data, n+2 );
665 buf[0] = sig->version;
667 buf[2] = n >> 24; /* hmmm, n is only 16 bit, so this is always 0 */
671 md_write( md, buf, 6 );
676 rc = do_sign( sk, sig, md, hash_for(sig->pubkey_algo) );
679 if( !rc ) { /* and write it */
681 pkt.pkttype = PKT_SIGNATURE;
682 pkt.pkt.signature = sig;
683 rc = build_packet( out, &pkt );
686 log_error("build signature packet failed: %s\n", g10_errstr(rc) );
700 release_sk_list( sk_list );
706 * Create a signature packet for the given public key certificate
707 * and the user id and return it in ret_sig. User signature class SIGCLASS
708 * user-id is not used (and may be NULL if sigclass is 0x20)
709 * If digest_algo is 0 the function selects an appropriate one.
712 make_keysig_packet( PKT_signature **ret_sig, PKT_public_key *pk,
713 PKT_user_id *uid, PKT_public_key *subpk,
715 int sigclass, int digest_algo,
716 int (*mksubpkt)(PKT_signature *, void *), void *opaque
723 assert( (sigclass >= 0x10 && sigclass <= 0x13)
724 || sigclass == 0x20 || sigclass == 0x18 );
726 switch( sk->pubkey_algo ) {
727 case PUBKEY_ALGO_DSA: digest_algo = DIGEST_ALGO_SHA1; break;
728 case PUBKEY_ALGO_RSA_S:
729 case PUBKEY_ALGO_RSA: digest_algo = DIGEST_ALGO_MD5; break;
730 default: digest_algo = DIGEST_ALGO_RMD160; break;
733 md = md_open( digest_algo, 0 );
735 /* hash the public key certificate and the user id */
736 hash_public_key( md, pk );
737 if( sigclass == 0x18 ) { /* subkey binding */
738 hash_public_key( md, subpk );
740 else if( sigclass != 0x20 ) {
741 if( sk->version >=4 ) {
743 buf[0] = 0xb4; /* indicates a userid packet */
744 buf[1] = uid->len >> 24; /* always use 4 length bytes */
745 buf[2] = uid->len >> 16;
746 buf[3] = uid->len >> 8;
748 md_write( md, buf, 5 );
750 md_write( md, uid->name, uid->len );
752 /* and make the signature packet */
753 sig = m_alloc_clear( sizeof *sig );
754 sig->version = sk->version;
755 keyid_from_sk( sk, sig->keyid );
756 sig->pubkey_algo = sk->pubkey_algo;
757 sig->digest_algo = digest_algo;
758 sig->timestamp = make_timestamp();
759 sig->sig_class = sigclass;
760 if( sig->version >= 4 )
761 build_sig_subpkt_from_sig( sig );
763 if( sig->version >= 4 && mksubpkt )
764 rc = (*mksubpkt)( sig, opaque );
767 if( sig->version >= 4 )
768 md_putc( md, sig->version );
769 md_putc( md, sig->sig_class );
770 if( sig->version < 4 ) {
771 u32 a = sig->timestamp;
772 md_putc( md, (a >> 24) & 0xff );
773 md_putc( md, (a >> 16) & 0xff );
774 md_putc( md, (a >> 8) & 0xff );
775 md_putc( md, a & 0xff );
781 md_putc( md, sig->pubkey_algo );
782 md_putc( md, sig->digest_algo );
783 if( sig->hashed_data ) {
784 n = (sig->hashed_data[0] << 8) | sig->hashed_data[1];
785 md_write( md, sig->hashed_data, n+2 );
791 buf[0] = sig->version;
793 buf[2] = n >> 24; /* hmmm, n is only 16 bit, so this is always 0 */
797 md_write( md, buf, 6 );
802 rc = complete_sig( sig, sk, md );
807 free_seckey_enc( sig );
projects / gnupg.git / blob