2 * Copyright (C) 1998 Free Software Foundation, Inc.
4 * This file is part of GnuPG.
6 * GnuPG is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * GnuPG is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
43 do_sign( PKT_secret_key *sk, PKT_signature *sig,
44 MD_HANDLE md, int digest_algo )
50 print_pubkey_algo_note(sk->pubkey_algo);
53 digest_algo = md_get_algo(md);
55 print_digest_algo_note( digest_algo );
56 dp = md_read( md, digest_algo );
57 sig->digest_algo = digest_algo;
58 sig->digest_start[0] = dp[0];
59 sig->digest_start[1] = dp[1];
60 frame = encode_md_value( sk->pubkey_algo, md,
61 digest_algo, mpi_get_nbits(sk->skey[0]));
62 rc = pubkey_sign( sk->pubkey_algo, sig->data, frame, sk->skey );
65 log_error(_("signing failed: %s\n"), g10_errstr(rc) );
68 char *ustr = get_user_id_string( sig->keyid );
69 log_info(_("%s signature from: %s\n"),
70 pubkey_algo_to_string(sk->pubkey_algo), ustr );
80 complete_sig( PKT_signature *sig, PKT_secret_key *sk, MD_HANDLE md )
84 if( !(rc=check_secret_key( sk, 0 )) )
85 rc = do_sign( sk, sig, md, 0 );
87 /* fixme: should we check whether the signature is okay?
88 * maybe by using an option */
94 hash_for(int pubkey_algo )
96 if( opt.def_digest_algo )
97 return opt.def_digest_algo;
98 if( pubkey_algo == PUBKEY_ALGO_DSA )
99 return DIGEST_ALGO_SHA1;
100 if( pubkey_algo == PUBKEY_ALGO_RSA )
101 return DIGEST_ALGO_MD5;
102 return DEFAULT_DIGEST_ALGO;
106 only_old_style( SK_LIST sk_list )
108 SK_LIST sk_rover = NULL;
111 /* if there are only old style capable key we use the old sytle */
112 for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
113 PKT_secret_key *sk = sk_rover->sk;
114 if( sk->pubkey_algo == PUBKEY_ALGO_RSA && sk->version < 4 )
125 * Sign the files whose names are in FILENAME.
126 * If DETACHED has the value true,
127 * make a detached signature. If FILENAMES->d is NULL read from stdin
128 * and ignore the detached mode. Sign the file with all secret keys
129 * which can be taken from LOCUSR, if this is NULL, use the default one
130 * If ENCRYPT is true, use REMUSER (or ask if it is NULL) to encrypt the
131 * signed data for these users.
132 * If OUTFILE is not NULL; this file is used for output and the function
133 * does not ask for overwrite permission; output is then always
134 * uncompressed, non-armored and in binary mode.
137 sign_file( STRLIST filenames, int detached, STRLIST locusr,
138 int encrypt, STRLIST remusr, const char *outfile )
141 armor_filter_context_t afx;
142 compress_filter_context_t zfx;
143 md_filter_context_t mfx;
144 text_filter_context_t tfx;
145 encrypt_filter_context_t efx;
146 IOBUF inp = NULL, out = NULL;
148 PKT_plaintext *pt = NULL;
151 PK_LIST pk_list = NULL;
152 SK_LIST sk_list = NULL;
153 SK_LIST sk_rover = NULL;
155 int old_style = opt.rfc1991;
156 int compr_algo = -1; /* unknown */
159 memset( &afx, 0, sizeof afx);
160 memset( &zfx, 0, sizeof zfx);
161 memset( &mfx, 0, sizeof mfx);
162 memset( &tfx, 0, sizeof tfx);
163 memset( &efx, 0, sizeof efx);
167 fname = filenames->d;
168 multifile = !!filenames->next;
173 if( fname && filenames->next && (!detached || encrypt) )
174 log_bug("multiple files can only be detached signed");
176 if( (rc=build_sk_list( locusr, &sk_list, 1, PUBKEY_USAGE_SIG )) )
179 old_style = only_old_style( sk_list );
182 if( (rc=build_pk_list( remusr, &pk_list, PUBKEY_USAGE_ENC )) )
185 compr_algo = select_algo_from_prefs( pk_list, PREFTYPE_COMPR );
189 if( multifile ) /* have list of filenames */
190 inp = NULL; /* we do it later */
191 else if( !(inp = iobuf_open(fname)) ) {
192 log_error("can't open %s: %s\n", fname? fname: "[stdin]",
194 rc = G10ERR_OPEN_FILE;
199 if( !(out = iobuf_create( outfile )) ) {
200 log_error(_("can't create %s: %s\n"), outfile, strerror(errno) );
201 rc = G10ERR_CREATE_FILE;
204 else if( opt.verbose )
205 log_info(_("writing to '%s'\n"), outfile );
207 else if( (rc = open_outfile( fname, opt.armor? 1: detached? 2:0, &out )))
210 /* prepare to calculate the MD over the input */
211 if( opt.textmode && !outfile )
212 iobuf_push_filter( inp, text_filter, &tfx );
213 mfx.md = md_open(0, 0);
215 for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
216 PKT_secret_key *sk = sk_rover->sk;
217 md_enable(mfx.md, hash_for(sk->pubkey_algo));
221 iobuf_push_filter( inp, md_filter, &mfx );
223 if( detached && !encrypt && !opt.rfc1991 )
226 if( opt.armor && !outfile )
227 iobuf_push_filter( out, armor_filter, &afx );
228 #ifdef ENABLE_COMMENT_PACKETS
230 write_comment( out, "#created by GNUPG v" VERSION " ("
231 PRINTABLE_OS_NAME ")");
232 if( opt.comment_string )
233 write_comment( out, opt.comment_string );
237 efx.pk_list = pk_list;
238 /* fixme: set efx.cfx.datalen if known */
239 iobuf_push_filter( out, encrypt_filter, &efx );
242 if( opt.compress && !outfile && ( !detached || opt.compress_sigs) ) {
244 ; /* don't use compression */
246 if( old_style || compr_algo == 1 )
248 iobuf_push_filter( out, compress_filter, &zfx );
252 if( !detached && !old_style ) {
254 /* loop over the secret certificates and build headers
255 * The specs now say that the data should be bracket by
256 * the onepass-sig and signature-packet; so we must build it
257 * here in reverse order */
258 for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next )
260 for( ; skcount; skcount-- ) {
262 PKT_onepass_sig *ops;
265 for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next )
270 ops = m_alloc_clear( sizeof *ops );
271 ops->sig_class = opt.textmode && !outfile ? 0x01 : 0x00;
272 ops->digest_algo = hash_for(sk->pubkey_algo);
273 ops->pubkey_algo = sk->pubkey_algo;
274 keyid_from_sk( sk, ops->keyid );
275 ops->last = skcount == 1;
278 pkt.pkttype = PKT_ONEPASS_SIG;
279 pkt.pkt.onepass_sig = ops;
280 rc = build_packet( out, &pkt );
283 log_error("build onepass_sig packet failed: %s\n",
290 /* setup the inner packet */
296 log_info(_("signing:") );
297 /* must walk reverse trough this list */
298 for( sl = strlist_last(filenames); sl;
299 sl = strlist_prev( filenames, sl ) ) {
300 if( !(inp = iobuf_open(sl->d)) ) {
301 log_error(_("can't open %s: %s\n"),
302 sl->d, strerror(errno) );
303 rc = G10ERR_OPEN_FILE;
307 fprintf(stderr, " '%s'", sl->d );
308 iobuf_push_filter( inp, md_filter, &mfx );
309 while( iobuf_get(inp) != -1 )
311 iobuf_close(inp); inp = NULL;
314 putc( '\n', stderr );
317 /* read, so that the filter can calculate the digest */
318 while( iobuf_get(inp) != -1 )
323 if( fname || opt.set_filename ) {
324 char *s = make_basename( opt.set_filename ? opt.set_filename : fname );
325 pt = m_alloc( sizeof *pt + strlen(s) - 1 );
326 pt->namelen = strlen(s);
327 memcpy(pt->name, s, pt->namelen );
330 else { /* no filename */
331 pt = m_alloc( sizeof *pt - 1 );
335 if( !(filesize = iobuf_get_filelength(inp)) )
336 log_info(_("WARNING: '%s' is an empty file\n"), fname );
338 /* because the text_filter modifies the length of the
339 * data, it is not possible to know the used length
340 * without a double read of the file - to avoid that
341 * we simple use partial length packets.
342 * FIXME: We have to do the double read when opt.rfc1991
345 if( opt.textmode && !outfile )
349 filesize = 0; /* stdin */
350 pt->timestamp = make_timestamp();
351 pt->mode = opt.textmode && !outfile ? 't':'b';
353 pt->new_ctb = !pt->len && !opt.rfc1991;
355 pkt.pkttype = PKT_PLAINTEXT;
356 pkt.pkt.plaintext = pt;
357 /*cfx.datalen = filesize? calc_packet_length( &pkt ) : 0;*/
358 if( (rc = build_packet( out, &pkt )) )
359 log_error("build_packet(PLAINTEXT) failed: %s\n", g10_errstr(rc) );
363 /* loop over the secret certificates */
364 for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
371 /* build the signature packet */
372 /* fixme: this code is partly duplicated in make_keysig_packet */
373 sig = m_alloc_clear( sizeof *sig );
374 sig->version = old_style || opt.force_v3_sigs ? 3 : sk->version;
375 keyid_from_sk( sk, sig->keyid );
376 sig->digest_algo = hash_for(sk->pubkey_algo);
377 sig->pubkey_algo = sk->pubkey_algo;
378 sig->timestamp = make_timestamp();
379 sig->sig_class = opt.textmode && !outfile? 0x01 : 0x00;
381 md = md_copy( mfx.md );
383 if( sig->version >= 4 ) {
384 build_sig_subpkt_from_sig( sig );
385 md_putc( md, sig->version );
387 md_putc( md, sig->sig_class );
388 if( sig->version < 4 ) {
389 u32 a = sig->timestamp;
390 md_putc( md, (a >> 24) & 0xff );
391 md_putc( md, (a >> 16) & 0xff );
392 md_putc( md, (a >> 8) & 0xff );
393 md_putc( md, a & 0xff );
399 md_putc( md, sig->pubkey_algo );
400 md_putc( md, sig->digest_algo );
401 if( sig->hashed_data ) {
402 n = (sig->hashed_data[0] << 8) | sig->hashed_data[1];
403 md_write( md, sig->hashed_data, n+2 );
409 buf[0] = sig->version;
411 buf[2] = n >> 24; /* hmmm, n is only 16 bit, so this is always 0 */
415 md_write( md, buf, 6 );
420 rc = do_sign( sk, sig, md, hash_for(sig->pubkey_algo) );
423 if( !rc ) { /* and write it */
425 pkt.pkttype = PKT_SIGNATURE;
426 pkt.pkt.signature = sig;
427 rc = build_packet( out, &pkt );
430 log_error("build signature packet failed: %s\n", g10_errstr(rc) );
444 release_sk_list( sk_list );
445 release_pk_list( pk_list );
452 * Note: We do not calculate the hash over the last CR,LF
455 write_dash_escaped( IOBUF inp, IOBUF out, MD_HANDLE md )
461 if( opt.not_dash_escaped ) {
463 while( (c = iobuf_get(inp)) != -1 ) {
468 if( lastlf != '\n' ) {
469 /* add a missing trailing LF */
471 iobuf_put( out, '\n' );
477 while( (c = iobuf_get(inp)) != -1 ) {
481 iobuf_put( out, ' ' );
483 else if( c == 'F' && opt.escape_from ) {
492 for( i=1; i < 5 && (c = iobuf_get(inp)) != -1; i++ ) {
493 if( "From "[i] != c )
497 iobuf_write( out, "From", i );
498 md_write( md, "From", i );
503 iobuf_writestr( out, "- From" );
504 md_write( md, "From", 4 );
538 else if( state == 2 ) { /* file ended with a new line */
541 iobuf_put( out, '\n');
545 iobuf_put( out, '\n' );
547 return 0; /* fixme: add error handling */
552 * make a clear signature. note that opt.armor is not needed
555 clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
557 armor_filter_context_t afx;
558 text_filter_context_t tfx;
559 MD_HANDLE textmd = NULL;
560 IOBUF inp = NULL, out = NULL;
563 SK_LIST sk_list = NULL;
564 SK_LIST sk_rover = NULL;
565 int old_style = opt.rfc1991;
568 memset( &afx, 0, sizeof afx);
569 memset( &tfx, 0, sizeof tfx);
572 if( (rc=build_sk_list( locusr, &sk_list, 1, PUBKEY_USAGE_SIG )) )
575 old_style = only_old_style( sk_list );
578 if( !(inp = iobuf_open(fname)) ) {
579 log_error("can't open %s: %s\n", fname? fname: "[stdin]",
581 rc = G10ERR_OPEN_FILE;
586 if( !(out = iobuf_create( outfile )) ) {
587 log_error(_("can't create %s: %s\n"), outfile, strerror(errno) );
588 rc = G10ERR_CREATE_FILE;
591 else if( opt.verbose )
592 log_info(_("writing to '%s'\n"), outfile );
594 else if( (rc = open_outfile( fname, 1, &out )) )
597 iobuf_writestr(out, "-----BEGIN PGP SIGNED MESSAGE-----\n" );
599 for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
600 PKT_secret_key *sk = sk_rover->sk;
601 if( hash_for(sk->pubkey_algo) == DIGEST_ALGO_MD5 )
609 if( old_style || only_md5 )
610 iobuf_writestr(out, "\n" );
615 iobuf_writestr(out, "Hash: " );
616 for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
617 PKT_secret_key *sk = sk_rover->sk;
618 s = digest_algo_to_string( hash_for(sk->pubkey_algo) );
621 iobuf_put(out, ',' );
622 iobuf_writestr(out, s );
627 iobuf_writestr(out, "\n" );
628 if( opt.not_dash_escaped )
630 "NotDashEscaped: You need GnuPG to verify this message\n" );
631 iobuf_writestr(out, "\n" );
635 textmd = md_open(0, 0);
636 for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
637 PKT_secret_key *sk = sk_rover->sk;
638 md_enable(textmd, hash_for(sk->pubkey_algo));
640 /*md_start_debug( textmd, "create" );*/
641 if( !opt.not_dash_escaped )
642 iobuf_push_filter( inp, text_filter, &tfx );
643 rc = write_dash_escaped( inp, out, textmd );
648 iobuf_push_filter( out, armor_filter, &afx );
650 /* loop over the secret certificates */
651 for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
658 /* build the signature packet */
659 /* fixme: this code is duplicated above */
660 sig = m_alloc_clear( sizeof *sig );
661 sig->version = old_style || opt.force_v3_sigs ? 3 : sk->version;
662 keyid_from_sk( sk, sig->keyid );
663 sig->digest_algo = hash_for(sk->pubkey_algo);
664 sig->pubkey_algo = sk->pubkey_algo;
665 sig->timestamp = make_timestamp();
666 sig->sig_class = 0x01;
668 md = md_copy( textmd );
669 if( sig->version >= 4 ) {
670 build_sig_subpkt_from_sig( sig );
671 md_putc( md, sig->version );
673 md_putc( md, sig->sig_class );
674 if( sig->version < 4 ) {
675 u32 a = sig->timestamp;
676 md_putc( md, (a >> 24) & 0xff );
677 md_putc( md, (a >> 16) & 0xff );
678 md_putc( md, (a >> 8) & 0xff );
679 md_putc( md, a & 0xff );
685 md_putc( md, sig->pubkey_algo );
686 md_putc( md, sig->digest_algo );
687 if( sig->hashed_data ) {
688 n = (sig->hashed_data[0] << 8) | sig->hashed_data[1];
689 md_write( md, sig->hashed_data, n+2 );
695 buf[0] = sig->version;
697 buf[2] = n >> 24; /* hmmm, n is only 16 bit, so this is always 0 */
701 md_write( md, buf, 6 );
706 rc = do_sign( sk, sig, md, hash_for(sig->pubkey_algo) );
709 if( !rc ) { /* and write it */
711 pkt.pkttype = PKT_SIGNATURE;
712 pkt.pkt.signature = sig;
713 rc = build_packet( out, &pkt );
716 log_error("build signature packet failed: %s\n", g10_errstr(rc) );
730 release_sk_list( sk_list );
736 * Create a signature packet for the given public key certificate
737 * and the user id and return it in ret_sig. User signature class SIGCLASS
738 * user-id is not used (and may be NULL if sigclass is 0x20)
739 * If digest_algo is 0 the function selects an appropriate one.
742 make_keysig_packet( PKT_signature **ret_sig, PKT_public_key *pk,
743 PKT_user_id *uid, PKT_public_key *subpk,
745 int sigclass, int digest_algo,
746 int (*mksubpkt)(PKT_signature *, void *), void *opaque
753 assert( (sigclass >= 0x10 && sigclass <= 0x13)
754 || sigclass == 0x20 || sigclass == 0x18 );
756 switch( sk->pubkey_algo ) {
757 case PUBKEY_ALGO_DSA: digest_algo = DIGEST_ALGO_SHA1; break;
758 case PUBKEY_ALGO_RSA_S:
759 case PUBKEY_ALGO_RSA: digest_algo = DIGEST_ALGO_MD5; break;
760 default: digest_algo = DIGEST_ALGO_RMD160; break;
763 md = md_open( digest_algo, 0 );
765 /* hash the public key certificate and the user id */
766 hash_public_key( md, pk );
767 if( sigclass == 0x18 ) { /* subkey binding */
768 hash_public_key( md, subpk );
770 else if( sigclass != 0x20 ) {
771 if( sk->version >=4 ) {
773 buf[0] = 0xb4; /* indicates a userid packet */
774 buf[1] = uid->len >> 24; /* always use 4 length bytes */
775 buf[2] = uid->len >> 16;
776 buf[3] = uid->len >> 8;
778 md_write( md, buf, 5 );
780 md_write( md, uid->name, uid->len );
782 /* and make the signature packet */
783 sig = m_alloc_clear( sizeof *sig );
784 sig->version = sk->version;
785 keyid_from_sk( sk, sig->keyid );
786 sig->pubkey_algo = sk->pubkey_algo;
787 sig->digest_algo = digest_algo;
788 sig->timestamp = make_timestamp();
789 sig->sig_class = sigclass;
790 if( sig->version >= 4 )
791 build_sig_subpkt_from_sig( sig );
793 if( sig->version >= 4 && mksubpkt )
794 rc = (*mksubpkt)( sig, opaque );
797 if( sig->version >= 4 )
798 md_putc( md, sig->version );
799 md_putc( md, sig->sig_class );
800 if( sig->version < 4 ) {
801 u32 a = sig->timestamp;
802 md_putc( md, (a >> 24) & 0xff );
803 md_putc( md, (a >> 16) & 0xff );
804 md_putc( md, (a >> 8) & 0xff );
805 md_putc( md, a & 0xff );
811 md_putc( md, sig->pubkey_algo );
812 md_putc( md, sig->digest_algo );
813 if( sig->hashed_data ) {
814 n = (sig->hashed_data[0] << 8) | sig->hashed_data[1];
815 md_write( md, sig->hashed_data, n+2 );
821 buf[0] = sig->version;
823 buf[2] = n >> 24; /* hmmm, n is only 16 bit, so this is always 0 */
827 md_write( md, buf, 6 );
832 rc = complete_sig( sig, sk, md );
837 free_seckey_enc( sig );
projects / gnupg.git / blob