* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
- * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ * along with this program; if not, see <https://www.gnu.org/licenses/>.
*/
#include <config.h>
#ifdef HAVE_W32_SYSTEM
#include <time.h>
#include <process.h>
+#ifdef HAVE_WINSOCK2_H
+# include <winsock2.h>
+#endif
#include <windows.h>
#include <shlobj.h>
#ifndef CSIDL_APPDATA
#include "options.h"
#include "call-agent.h"
#include "i18n.h"
-
-#include <assert.h>
-
-static int
-string_count_chr (const char *string, int c)
-{
- int count;
-
- for (count=0; *string; string++ )
- if ( *string == c )
- count++;
- return count;
-}
-
+#include "zb32.h"
#ifdef ENABLE_SELINUX_HACKS
struct stat buf;
struct secured_file_item *sf;
- /* Note that we stop immediatley if something goes wrong here. */
+ /* Note that we stop immediately if something goes wrong here. */
if (stat (fname, &buf))
log_fatal (_("fstat of '%s' failed in %s: %s\n"), fname,
"register_secured_file", strerror (errno));
return csum;
}
-u32
-buffer_to_u32( const byte *buffer )
-{
- unsigned long a;
- a = *buffer << 24;
- a |= buffer[1] << 16;
- a |= buffer[2] << 8;
- a |= buffer[3];
- return a;
-}
void
print_pubkey_algo_note (pubkey_algo_t algo)
if(!warn)
{
warn=1;
+ es_fflush (es_stdout);
log_info (_("WARNING: using experimental public key algorithm %s\n"),
- openpgp_cipher_algo_name (algo));
+ openpgp_pk_algo_name (algo));
}
}
- else if (algo == 20)
+ else if (algo == PUBKEY_ALGO_ELGAMAL)
{
+ es_fflush (es_stdout);
log_info (_("WARNING: Elgamal sign+encrypt keys are deprecated\n"));
}
}
if(!warn)
{
warn=1;
+ es_fflush (es_stdout);
log_info (_("WARNING: using experimental cipher algorithm %s\n"),
openpgp_cipher_algo_name (algo));
}
void
print_digest_algo_note (digest_algo_t algo)
{
+ const enum gcry_md_algos galgo = map_md_openpgp_to_gcry (algo);
+ const struct weakhash *weak;
+
if(algo >= 100 && algo <= 110)
{
static int warn=0;
if(!warn)
{
warn=1;
+ es_fflush (es_stdout);
log_info (_("WARNING: using experimental digest algorithm %s\n"),
- gcry_md_algo_name (algo));
+ gcry_md_algo_name (galgo));
}
}
- else if(algo==DIGEST_ALGO_MD5)
- log_info (_("WARNING: digest algorithm %s is deprecated\n"),
- gcry_md_algo_name (algo));
+ else
+ for (weak = opt.weak_digests; weak != NULL; weak = weak->next)
+ if (weak->algo == galgo)
+ {
+ es_fflush (es_stdout);
+ log_info (_("WARNING: digest algorithm %s is deprecated\n"),
+ gcry_md_algo_name (galgo));
+ }
+}
+
+
+void
+print_digest_rejected_note (enum gcry_md_algos algo)
+{
+ struct weakhash* weak;
+ int show = 1;
+ for (weak = opt.weak_digests; weak; weak = weak->next)
+ if (weak->algo == algo)
+ {
+ if (weak->rejection_shown)
+ show = 0;
+ else
+ weak->rejection_shown = 1;
+ break;
+ }
+
+ if (show)
+ {
+ es_fflush (es_stdout);
+ log_info
+ (_("Note: signatures using the %s algorithm are rejected\n"),
+ gcry_md_algo_name(algo));
+ }
+}
+
+
+/* Print a message
+ * "(reported error: %s)\n
+ * in verbose mode to further explain an error. If the error code has
+ * the value IGNORE_EC no message is printed. A message is also not
+ * printed if ERR is 0. */
+void
+print_reported_error (gpg_error_t err, gpg_err_code_t ignore_ec)
+{
+ if (!opt.verbose)
+ return;
+
+ if (!gpg_err_code (err))
+ ;
+ else if (gpg_err_code (err) == ignore_ec)
+ ;
+ else if (gpg_err_source (err) == GPG_ERR_SOURCE_DEFAULT)
+ log_info (_("(reported error: %s)\n"),
+ gpg_strerror (err));
+ else
+ log_info (_("(reported error: %s <%s>)\n"),
+ gpg_strerror (err), gpg_strsource (err));
+
+}
+
+
+/* Print a message
+ * "(further info: %s)\n
+ * in verbose mode to further explain an error. That message is
+ * intended to help debug a problem and should not be translated.
+ */
+void
+print_further_info (const char *format, ...)
+{
+ va_list arg_ptr;
+
+ if (!opt.verbose)
+ return;
+
+ log_info (_("(further info: "));
+ va_start (arg_ptr, format);
+ log_logv (GPGRT_LOG_CONT, format, arg_ptr);
+ va_end (arg_ptr);
+ log_printf (")\n");
}
switch (algo)
{
case CIPHER_ALGO_NONE: return GCRY_CIPHER_NONE;
+
+#ifdef GPG_USE_IDEA
case CIPHER_ALGO_IDEA: return GCRY_CIPHER_IDEA;
+#else
+ case CIPHER_ALGO_IDEA: return 0;
+#endif
+
case CIPHER_ALGO_3DES: return GCRY_CIPHER_3DES;
+
+#ifdef GPG_USE_CAST5
case CIPHER_ALGO_CAST5: return GCRY_CIPHER_CAST5;
+#else
+ case CIPHER_ALGO_CAST5: return 0;
+#endif
+
+#ifdef GPG_USE_BLOWFISH
case CIPHER_ALGO_BLOWFISH: return GCRY_CIPHER_BLOWFISH;
+#else
+ case CIPHER_ALGO_BLOWFISH: return 0;
+#endif
+
+#ifdef GPG_USE_AES128
case CIPHER_ALGO_AES: return GCRY_CIPHER_AES;
+#else
+ case CIPHER_ALGO_AES: return 0;
+#endif
+
+#ifdef GPG_USE_AES192
case CIPHER_ALGO_AES192: return GCRY_CIPHER_AES192;
+#else
+ case CIPHER_ALGO_AES192: return 0;
+#endif
+
+#ifdef GPG_USE_AES256
case CIPHER_ALGO_AES256: return GCRY_CIPHER_AES256;
+#else
+ case CIPHER_ALGO_AES256: return 0;
+#endif
+
+#ifdef GPG_USE_TWOFISH
case CIPHER_ALGO_TWOFISH: return GCRY_CIPHER_TWOFISH;
+#else
+ case CIPHER_ALGO_TWOFISH: return 0;
+#endif
+
+#ifdef GPG_USE_CAMELLIA128
case CIPHER_ALGO_CAMELLIA128: return GCRY_CIPHER_CAMELLIA128;
+#else
+ case CIPHER_ALGO_CAMELLIA128: return 0;
+#endif
+
+#ifdef GPG_USE_CAMELLIA192
case CIPHER_ALGO_CAMELLIA192: return GCRY_CIPHER_CAMELLIA192;
+#else
+ case CIPHER_ALGO_CAMELLIA192: return 0;
+#endif
+
+#ifdef GPG_USE_CAMELLIA256
case CIPHER_ALGO_CAMELLIA256: return GCRY_CIPHER_CAMELLIA256;
+#else
+ case CIPHER_ALGO_CAMELLIA256: return 0;
+#endif
}
return 0;
}
}
/****************
- * Wrapper around the libgcrypt function with additonal checks on
+ * Wrapper around the libgcrypt function with additional checks on
* the OpenPGP contraints for the algo ID.
*/
int
enum gcry_cipher_algos ga;
ga = map_cipher_openpgp_to_gcry (algo);
-
- /* Use this explicit list to disable certain algorithms. */
- switch (algo)
- {
- /* case CIPHER_ALGO_IDEA: */
- /* ga = 0; */
- /* break; */
- default:
- break;
- }
-
if (!ga)
return gpg_error (GPG_ERR_CIPHER_ALGO);
switch (algo)
{
+#ifdef GPG_USE_RSA
case PUBKEY_ALGO_RSA: ga = GCRY_PK_RSA; break;
case PUBKEY_ALGO_RSA_E: ga = GCRY_PK_RSA_E; break;
case PUBKEY_ALGO_RSA_S: ga = GCRY_PK_RSA_S; break;
+#else
+ case PUBKEY_ALGO_RSA: break;
+ case PUBKEY_ALGO_RSA_E: break;
+ case PUBKEY_ALGO_RSA_S: break;
+#endif
+
case PUBKEY_ALGO_ELGAMAL_E: ga = GCRY_PK_ELG; break;
case PUBKEY_ALGO_DSA: ga = GCRY_PK_DSA; break;
- case PUBKEY_ALGO_ECDH:
- case PUBKEY_ALGO_ECDSA:
+#ifdef GPG_USE_ECDH
+ case PUBKEY_ALGO_ECDH: ga = GCRY_PK_ECC; break;
+#else
+ case PUBKEY_ALGO_ECDH: break;
+#endif
+
+#ifdef GPG_USE_ECDSA
+ case PUBKEY_ALGO_ECDSA: ga = GCRY_PK_ECC; break;
+#else
+ case PUBKEY_ALGO_ECDSA: break;
+#endif
+
+#ifdef GPG_USE_EDDSA
case PUBKEY_ALGO_EDDSA: ga = GCRY_PK_ECC; break;
+#else
+ case PUBKEY_ALGO_EDDSA: break;
+#endif
case PUBKEY_ALGO_ELGAMAL:
/* Dont't allow type 20 keys unless in rfc2440 mode. */
case PUBKEY_ALGO_ELGAMAL:
case PUBKEY_ALGO_ELGAMAL_E: return "ELG";
case PUBKEY_ALGO_DSA: return "DSA";
- case PUBKEY_ALGO_ECDH:
- case PUBKEY_ALGO_ECDSA:
- case PUBKEY_ALGO_EDDSA: return "ECC";
+ case PUBKEY_ALGO_ECDH: return "ECDH";
+ case PUBKEY_ALGO_ECDSA: return "ECDSA";
+ case PUBKEY_ALGO_EDDSA: return "EDDSA";
}
return "?";
}
{
switch (algo)
{
+#ifdef GPG_USE_MD5
case DIGEST_ALGO_MD5: return GCRY_MD_MD5;
+#else
+ case DIGEST_ALGO_MD5: return 0;
+#endif
+
case DIGEST_ALGO_SHA1: return GCRY_MD_SHA1;
+
+#ifdef GPG_USE_RMD160
case DIGEST_ALGO_RMD160: return GCRY_MD_RMD160;
+#else
+ case DIGEST_ALGO_RMD160: return 0;
+#endif
+
+#ifdef GPG_USE_SHA224
case DIGEST_ALGO_SHA224: return GCRY_MD_SHA224;
+#else
+ case DIGEST_ALGO_SHA224: return 0;
+#endif
+
case DIGEST_ALGO_SHA256: return GCRY_MD_SHA256;
+
+#ifdef GPG_USE_SHA384
case DIGEST_ALGO_SHA384: return GCRY_MD_SHA384;
+#else
+ case DIGEST_ALGO_SHA384: return 0;
+#endif
+
+#ifdef GPG_USE_SHA512
case DIGEST_ALGO_SHA512: return GCRY_MD_SHA512;
+#else
+ case DIGEST_ALGO_SHA512: return 0;
+#endif
}
return 0;
}
/* Return 0 if ALGO is suitable and implemented OpenPGP hash
- algorithm. Note: To only test for a valid OpenPGP hash algorithm,
- it is better to use map_md_openpgp_to_gcry. */
+ algorithm. */
int
openpgp_md_test_algo (digest_algo_t algo)
{
enum gcry_md_algos ga;
ga = map_md_openpgp_to_gcry (algo);
- switch (algo)
- {
- default:
- break;
- }
if (!ga)
return gpg_error (GPG_ERR_DIGEST_ALGO);
}
break;
+ case 'U': /* z-base-32 encoded user id hash. */
+ if (args->namehash)
+ {
+ char *tmp = zb32_encode (args->namehash, 8*20);
+ if (tmp)
+ {
+ if (idx + strlen (tmp) < maxlen)
+ {
+ strcpy (ret+idx, tmp);
+ idx += strlen (tmp);
+ }
+ xfree (tmp);
+ done = 1;
+ }
+ }
+ break;
+
case 'c': /* signature count from card, if any. */
if(idx+10<maxlen)
{
}
break;
- case 'p': /* primary pk fingerprint of a sk */
- case 'f': /* pk fingerprint */
- case 'g': /* sk fingerprint */
+ case 'f': /* Fingerprint of key being signed */
+ case 'p': /* Fingerprint of the primary key making the signature. */
+ case 'g': /* Fingerprint of the key making the signature. */
{
byte array[MAX_FINGERPRINT_LEN];
size_t len;
int i;
- if((*(ch+1))=='p' && args->pksk)
+ if ((*(ch+1))=='f' && args->pk)
+ fingerprint_from_pk (args->pk, array, &len);
+ else if ((*(ch+1))=='p' && args->pksk)
{
if(args->pksk->flags.primary)
fingerprint_from_pk (args->pksk, array, &len);
else if (args->pksk->main_keyid[0]
|| args->pksk->main_keyid[1])
{
- /* FIXME: Document teh code and check whether
- it is still needed. */
+ /* Not the primary key: Find the fingerprint
+ of the primary key. */
PKT_public_key *pk=
xmalloc_clear(sizeof(PKT_public_key));
memset (array, 0, (len=MAX_FINGERPRINT_LEN));
free_public_key (pk);
}
- else
+ else /* Oops: info about the primary key missing. */
memset(array,0,(len=MAX_FINGERPRINT_LEN));
}
- else if((*(ch+1))=='f' && args->pk)
- fingerprint_from_pk (args->pk, array, &len);
else if((*(ch+1))=='g' && args->pksk)
fingerprint_from_pk (args->pksk, array, &len);
else
void
-obsolete_option (const char *configname, unsigned int configlineno,
- const char *name)
+obsolete_scdaemon_option (const char *configname, unsigned int configlineno,
+ const char *name)
{
- if(configname)
- log_info (_("%s:%u: obsolete option \"%s\" - it has no effect\n"),
- configname, configlineno, name);
+ if (configname)
+ log_info (_("%s:%u: \"%s\" is obsolete in this file"
+ " - it only has effect in %s\n"),
+ configname, configlineno, name, SCDAEMON_NAME EXTSEP_S "conf");
else
- log_info (_("WARNING: \"%s\" is an obsolete option - it has no effect\n"),
- name);
+ log_info (_("WARNING: \"%s%s\" is an obsolete option"
+ " - it has no effect except on %s\n"),
+ "--", name, SCDAEMON_NAME);
}
{
int val;
- /* FIXME: We should make use of our wrapper fucntion and not assume
+ /* FIXME: We should make use of our wrapper function and not assume
that there is a 1 to 1 mapping between OpenPGP and Libgcrypt. */
val = gcry_md_map_name (string);
if (!val && string && (string[0]=='H' || string[0]=='h'))
#ifdef HAVE_BZIP2
case 3: return 0;
#endif
- default: return G10ERR_COMPR_ALGO;
+ default: return GPG_ERR_COMPR_ALGO;
}
}
case CO_GNUPG: return "--gnupg";
case CO_RFC4880: return "--openpgp";
case CO_RFC2440: return "--rfc2440";
- case CO_RFC1991: return "--rfc1991";
- case CO_PGP2: return "--pgp2";
case CO_PGP6: return "--pgp6";
case CO_PGP7: return "--pgp7";
case CO_PGP8: return "--pgp8";
+ case CO_DE_VS: return "--compliance=de-vs";
}
return ver;
ver="OpenPGP (older)";
break;
- case CO_RFC1991:
- ver="old PGP";
- break;
-
- case CO_PGP2:
- ver="PGP 2.x";
- break;
-
case CO_PGP6:
ver="PGP 6.x";
break;
case CO_PGP8:
ver="PGP 8.x";
break;
+
+ case CO_DE_VS:
+ ver="DE-VS applications";
+ break;
}
log_info(_("this message may not be usable by %s\n"),ver);
for(i=0;opts[i].name;i++)
if(opts[i].help)
- printf("%s%*s%s\n",opts[i].name,
- maxlen+2-(int)strlen(opts[i].name),"",_(opts[i].help));
+ es_printf("%s%*s%s\n",opts[i].name,
+ maxlen+2-(int)strlen(opts[i].name),"",_(opts[i].help));
g10_exit(0);
}
}
-/* Check whether the string has characters not valid in an RFC-822
- address. To cope with OpenPGP we ignore non-ascii characters
- so that for example umlauts are legal in an email address. An
- OpenPGP user ID must be utf-8 encoded but there is no strict
- requirement for RFC-822. Thus to avoid IDNA encoding we put the
- address verbatim as utf-8 into the user ID under the assumption
- that mail programs handle IDNA at a lower level and take OpenPGP
- user IDs as utf-8. Note that we can't do an utf-8 encoding
- checking here because in keygen.c this function is called with the
- native encoding and native to utf-8 encoding is only done later. */
-int
-has_invalid_email_chars (const char *s)
-{
- int at_seen=0;
- const char *valid_chars=
- "01234567890_-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
-
- for ( ; *s; s++ )
- {
- if ( (*s & 0x80) )
- continue; /* We only care about ASCII. */
- if ( *s == '@' )
- at_seen=1;
- else if ( !at_seen && !(strchr (valid_chars, *s)
- || strchr ("!#$%&'*+/=?^`{|}~", *s)))
- return 1;
- else if ( at_seen && !strchr( valid_chars, *s ) )
- return 1;
- }
- return 0;
-}
-
-
-/* Check whether NAME represents a valid mailbox according to
- RFC822. Returns true if so. */
-int
-is_valid_mailbox (const char *name)
-{
- return !( !name
- || !*name
- || has_invalid_email_chars (name)
- || string_count_chr (name,'@') != 1
- || *name == '@'
- || name[strlen(name)-1] == '@'
- || name[strlen(name)-1] == '.'
- || strstr (name, "..") );
-}
-
-
/* Similar to access(2), but uses PATH to find the file. */
int
path_access(const char *file,int mode)
unsigned int
pubkey_nbits( int algo, gcry_mpi_t *key )
{
- int rc, nbits;
- gcry_sexp_t sexp;
+ int rc, nbits;
+ gcry_sexp_t sexp;
- if( algo == PUBKEY_ALGO_DSA ) {
- rc = gcry_sexp_build ( &sexp, NULL,
- "(public-key(dsa(p%m)(q%m)(g%m)(y%m)))",
- key[0], key[1], key[2], key[3] );
+ if (algo == PUBKEY_ALGO_DSA
+ && key[0] && key[1] && key[2] && key[3])
+ {
+ rc = gcry_sexp_build (&sexp, NULL,
+ "(public-key(dsa(p%m)(q%m)(g%m)(y%m)))",
+ key[0], key[1], key[2], key[3] );
}
- else if( algo == PUBKEY_ALGO_ELGAMAL || algo == PUBKEY_ALGO_ELGAMAL_E ) {
- rc = gcry_sexp_build ( &sexp, NULL,
- "(public-key(elg(p%m)(g%m)(y%m)))",
- key[0], key[1], key[2] );
+ else if ((algo == PUBKEY_ALGO_ELGAMAL || algo == PUBKEY_ALGO_ELGAMAL_E)
+ && key[0] && key[1] && key[2])
+ {
+ rc = gcry_sexp_build (&sexp, NULL,
+ "(public-key(elg(p%m)(g%m)(y%m)))",
+ key[0], key[1], key[2] );
}
- else if( is_RSA (algo) ) {
- rc = gcry_sexp_build ( &sexp, NULL,
- "(public-key(rsa(n%m)(e%m)))",
- key[0], key[1] );
+ else if (is_RSA (algo)
+ && key[0] && key[1])
+ {
+ rc = gcry_sexp_build (&sexp, NULL,
+ "(public-key(rsa(n%m)(e%m)))",
+ key[0], key[1] );
}
- else if (algo == PUBKEY_ALGO_ECDSA || algo == PUBKEY_ALGO_ECDH
- || algo == PUBKEY_ALGO_EDDSA) {
- char *curve = openpgp_oid_to_str (key[0]);
- if (!curve)
- rc = gpg_error_from_syserror ();
- else
- {
- rc = gcry_sexp_build (&sexp, NULL,
- "(public-key(ecc(curve%s)(q%m)))",
- curve, key[1]);
- xfree (curve);
- }
+ else if ((algo == PUBKEY_ALGO_ECDSA || algo == PUBKEY_ALGO_ECDH
+ || algo == PUBKEY_ALGO_EDDSA)
+ && key[0] && key[1])
+ {
+ char *curve = openpgp_oid_to_str (key[0]);
+ if (!curve)
+ rc = gpg_error_from_syserror ();
+ else
+ {
+ rc = gcry_sexp_build (&sexp, NULL,
+ "(public-key(ecc(curve%s)(q%m)))",
+ curve, key[1]);
+ xfree (curve);
+ }
}
- else
- return 0;
+ else
+ return 0;
- if ( rc )
- BUG ();
+ if (rc)
+ BUG ();
- nbits = gcry_pk_get_nbits( sexp );
- gcry_sexp_release( sexp );
- return nbits;
+ nbits = gcry_pk_get_nbits (sexp);
+ gcry_sexp_release (sexp);
+ return nbits;
}
int
mpi_print (estream_t fp, gcry_mpi_t a, int mode)
{
- int n=0;
+ int n = 0;
+ size_t nwritten;
if (!a)
return es_fprintf (fp, "[MPI_NULL]");
n += es_fprintf (fp, "[invalid opaque value]");
else
{
- nbits = (nbits + 7)/8;
- for (; nbits; nbits--, p++)
- n += es_fprintf (fp, "%02X", *p);
+ if (!es_write_hexstring (fp, p, (nbits + 7)/8, 0, &nwritten))
+ n += nwritten;
}
}
else
{
unsigned char *buffer;
+ size_t buflen;
- if (gcry_mpi_aprint (GCRYMPI_FMT_HEX, &buffer, NULL, a))
+ if (gcry_mpi_aprint (GCRYMPI_FMT_USG, &buffer, &buflen, a))
BUG ();
- es_fputs (buffer, fp);
- n += strlen (buffer);
+ if (!es_write_hexstring (fp, buffer, buflen, 0, &nwritten))
+ n += nwritten;
gcry_free (buffer);
}
return n;
qbits /= 2;
return qbits;
}
+
+
+/* Ignore signatures and certifications made over certain digest
+ * algorithms by default, MD5 is considered weak. This allows users
+ * to deprecate support for other algorithms as well.
+ */
+void
+additional_weak_digest (const char* digestname)
+{
+ struct weakhash *weak = NULL;
+ const enum gcry_md_algos algo = string_to_digest_algo(digestname);
+
+ if (algo == GCRY_MD_NONE)
+ {
+ log_error (_("unknown weak digest '%s'\n"), digestname);
+ return;
+ }
+
+ /* Check to ensure it's not already present. */
+ for (weak = opt.weak_digests; weak; weak = weak->next)
+ if (algo == weak->algo)
+ return;
+
+ /* Add it to the head of the list. */
+ weak = xmalloc(sizeof(*weak));
+ weak->algo = algo;
+ weak->rejection_shown = 0;
+ weak->next = opt.weak_digests;
+ opt.weak_digests = weak;
+}
projects / gnupg.git / blobdiff