Changeset Navigation

← Previous Changeset
Next Changeset →

Changeset 60

Timestamp:

04/21/05 12:57:39

Author:

rachel

Message:

Signature sub-packet types: primary user id and revocation key added
Also, packet-parse.c run through indent (in GNU style) for Ben to
look at

Files:

openpgpsdk/trunk/src/Makefile (modified) (2 diffs)
openpgpsdk/trunk/src/packet-dump.c (modified) (3 diffs)
openpgpsdk/trunk/src/packet-parse.c (modified) (19 diffs)
openpgpsdk/trunk/src/packet.h (modified) (3 diffs)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

openpgpsdk/trunk/src/Makefile

r57	r60
1	1	# $Id$
2	2
3		DM_FLAGS=-DDMALLOC -I/usr/local/include
4		#DM_FLAGS= -I/usr/local/include
5		DM_LIB=/usr/local/lib/libdmalloc.a
	3	#DM_FLAGS=-DDMALLOC -I/usr/local/include
	4	DM_FLAGS= -I/usr/local/include
	5	#DM_LIB=/usr/local/lib/libdmalloc.a
	6	DM_LIB=
6	7
7	8	CFLAGS=-Wall -Werror -g $(DM_FLAGS)
8	9	LDFLAGS=-g
9	10	LIBS=-lz $(DM_LIB)
10		~~#LIBS=-lz~~
11	11	#LIBS=/home/ben/software/unpacked/zlib-1.2.2/libz.a $(DM_LIB)
12	12
…	…
36	36	.depend: *.[ch]
37	37	$(CC) -E -MM *.[ch] > .depend
	38
	39	include .depend

openpgpsdk/trunk/src/packet-dump.c

r59	r60
131	131	break;
132	132
	133	case OPS_PTAG_SS_REVOCATION_KEY:
	134	/* not yet tested */
	135	printf (" revocation key: class=%x, algid=%x, fingerprint=%s\n",
	136	content->ss_revocation_key.class,
	137	content->ss_revocation_key.algid,
	138	content->ss_revocation_key.fingerprint);
	139	hexdump(content->ss_revocation_key.fingerprint,20);
	140	printf("\n");
	141	break;
	142
133	143	case OPS_PTAG_SS_ISSUER_KEY_ID:
134	144	fputs(" issuer key id id=",stdout);
…	…
139	149
140	150	case OPS_PTAG_SS_PREFERRED_SKA:
141		printf(" ~~preferred symmetric algorithms=~~");
	151	printf(" Preferred Symmetric Algorithms: ");
142	152	for (i=0; i<content->ss_preferred_ska.len; i++) {
143	153	switch (content->ss_preferred_ska.data[i]) {
…	…
175	185	printf ("\n");
176	186	break;
177
	187
	188	case OPS_PTAG_SS_PRIMARY_USER_ID:
	189	printf(" Primary User ID: ");
	190	if (content->ss_primary_user_id.primary_user_id)
	191	{
	192	printf("YES\n");
	193	}
	194	else
	195	{
	196	printf("NO\n");
	197	}
	198	break;
	199
178	200	default:
179	201	fprintf(stderr,"unknown tag=%d\n",content_->tag);

openpgpsdk/trunk/src/packet-parse.c

r59	r60
17	17	# include <dmalloc.h>
18	18	#endif
19
20		static void init_subregion(ops_region_t subregion,ops_region_t region)
21		{
22		memset(subregion,'\0',sizeof *subregion);
23		subregion->parent=region;
24		}
	19
	20	static void
	21	init_subregion (ops_region_t * subregion, ops_region_t * region)
	22	{
	23	memset (subregion, '\0', sizeof *subregion);
	24	subregion->parent = region;
	25	}
25	26
26	27	#define CB(t,pc) do { (pc)->tag=(t); if(opt->cb(pc,opt->cb_arg) == OPS_RELEASE_MEMORY) ops_parser_content_free(pc); } while(0)
…	…
36	37	/* Note that this makes the parser non-reentrant, in a limited way */
37	38	/* It is the caller's responsibility to avoid overflow in the buffer */
38		static void format_error(ops_parser_content_t *content,
39		const char * const fmt,...)
40		{
41		va_list va;
42		static char buf[8192];
43
44		va_start(va,fmt);
45		vsprintf(buf,fmt,va);
46		va_end(va);
47		content->content.error.error=buf;
48		}
49
50		static ops_reader_ret_t base_read(unsigned char dest,unsigned plength,
51		ops_reader_flags_t flags,
52		ops_parse_options_t *opt)
53		{
54		ops_reader_ret_t ret=opt->reader(dest,plength,flags,opt->reader_arg);
55		if(ret != OPS_R_OK
56		&& !(ret == OPS_R_EOF && !(flags&OPS_RETURN_LENGTH)))
57		return ret;
58
59		if(opt->accumulate)
	39	static void
	40	format_error (ops_parser_content_t * content, const char *const fmt, ...)
	41	{
	42	va_list va;
	43	static char buf[8192];
	44
	45	va_start (va, fmt);
	46	vsprintf (buf, fmt, va);
	47	va_end (va);
	48	content->content.error.error = buf;
	49	}
	50
	51	static ops_reader_ret_t
	52	base_read (unsigned char dest, unsigned plength,
	53	ops_reader_flags_t flags, ops_parse_options_t * opt)
	54	{
	55	ops_reader_ret_t ret = opt->reader (dest, plength, flags, opt->reader_arg);
	56	if (ret != OPS_R_OK && !(ret == OPS_R_EOF && !(flags & OPS_RETURN_LENGTH)))
	57	return ret;
	58
	59	if (opt->accumulate)
	60	{
	61	assert (opt->asize >= opt->alength);
	62	if (opt->alength + *plength > opt->asize)
60	63	{
61		assert(opt->asize >= opt->alength);
62		if(opt->alength+*plength > opt->asize)
63		{
64		opt->asize=opt->asize2+plength;
65		opt->accumulated=realloc(opt->accumulated,opt->asize);
66		}
67		assert(opt->asize >= opt->alength+*plength);
68		memcpy(opt->accumulated+opt->alength,dest,*plength);
	64	opt->asize = opt->asize * 2 + *plength;
	65	opt->accumulated = realloc (opt->accumulated, opt->asize);
69	66	}
70		// we track length anyway, because it is used for packet offsets
71		opt->alength+=*plength;
72
73		return ret;
74		}
	67	assert (opt->asize >= opt->alength + *plength);
	68	memcpy (opt->accumulated + opt->alength, dest, *plength);
	69	}
	70	// we track length anyway, because it is used for packet offsets
	71	opt->alength += *plength;
	72
	73	return ret;
	74	}
75	75
76	76	/** Read a scalar value of selected length from reader.
…	…
86	86	*
87	87	*/
88		static ops_reader_ret_t ~~read_scalar(unsigned *result,unsigned length,~~
89		ops_parse_options_t *opt)
90		{
91		~~unsigned t=~~0;
92		ops_reader_ret_t ret;
93
94		~~assert (length <= sizeof~~(*result));
95
96		~~while~~(length--)
97		{
98		unsigned char c[1];
99		~~unsigned one=~~1;
100
101		~~ret=base_read(c,&one,0,~~opt);
102		if(ret != OPS_R_OK)
103		return ret;
104		~~t=(t << 8)+~~c[0];
105		}
106		*result=t;
107		return OPS_R_OK;
108		}
	88	static ops_reader_ret_t
	89	read_scalar (unsigned result, unsigned length, ops_parse_options_t opt)
	90	{
	91	unsigned t = 0;
	92	ops_reader_ret_t ret;
	93
	94	assert (length <= sizeof (*result));
	95
	96	while (length--)
	97	{
	98	unsigned char c[1];
	99	unsigned one = 1;
	100
	101	ret = base_read (c, &one, 0, opt);
	102	if (ret != OPS_R_OK)
	103	return ret;
	104	t = (t << 8) + c[0];
	105	}
	106	*result = t;
	107	return OPS_R_OK;
	108	}
109	109
110	110	/** Read bytes from reader.
…	…
125	125	* \return 1 on success, 0 on error
126	126	*/
127		int ops_limited_read(unsigned char *dest,unsigned length,
128		ops_region_t region,ops_parse_options_t opt)
129		{
130		ops_parser_content_t content;
131
132		if(region->length_read+length > region->length)
133		ERR("Not enough data left");
134
135		if(base_read(dest,&length,region->indeterminate ? OPS_RETURN_LENGTH: 0,opt)
136		!= OPS_R_OK)
137		ERR("Read failed");
138
139		region->last_read=length;
140		do
141		{
142		region->length_read+=length;
143		assert(!region->parent \|\| region->length <= region->parent->length);
144		}
145		while((region=region->parent));
146
147		return 1;
148		}
	127	int
	128	ops_limited_read (unsigned char *dest, unsigned length,
	129	ops_region_t * region, ops_parse_options_t * opt)
	130	{
	131	ops_parser_content_t content;
	132
	133	if (region->length_read + length > region->length)
	134	ERR ("Not enough data left");
	135
	136	if (base_read
	137	(dest, &length, region->indeterminate ? OPS_RETURN_LENGTH : 0,
	138	opt) != OPS_R_OK)
	139	ERR ("Read failed");
	140
	141	region->last_read = length;
	142	do
	143	{
	144	region->length_read += length;
	145	assert (!region->parent \|\| region->length <= region->parent->length);
	146	}
	147	while ((region = region->parent));
	148
	149	return 1;
	150	}
149	151
150	152	/** Skip over length bytes of this packet.
…	…
160	162	* \return 1 on success, 0 on error (calls the cb with #OPS_PARSER_ERROR in #limited_read).
161	163	*/
162		static int limited_skip(unsigned length,ops_region_t *region,
163		ops_parse_options_t *opt)
164		{
165		unsigned char buf[8192];
166
167		while(length)
168		{
169		int n=length%8192;
170		if(!ops_limited_read(buf,n,region,opt))
171		return 0;
172		length-=n;
173		}
174		return 1;
175		}
	164	static int
	165	limited_skip (unsigned length, ops_region_t * region,
	166	ops_parse_options_t * opt)
	167	{
	168	unsigned char buf[8192];
	169
	170	while (length)
	171	{
	172	int n = length % 8192;
	173	if (!ops_limited_read (buf, n, region, opt))
	174	return 0;
	175	length -= n;
	176	}
	177	return 1;
	178	}
176	179
177	180	/** Read a scalar.
…	…
191	194	* \see RFC2440bis-12 3.1
192	195	*/
193		static int ~~limited_read_scalar(unsigned *dest,unsigned length,~~
194		~~ops_region_t *region~~,
195		ops_parse_options_t *opt)
196		{
197		unsigned char c[4];
198		unsigned t;
199		int n;
200
201		~~if(!ops_limited_read(c,length,region,~~opt))
202		return 0;
203
204		~~for(t=0,n=0 ; n < length~~ ; ++n)
205		~~t=(t << 8)+~~c[n];
206		*dest=t;
207
208		return 1;
209		}
	196	static int
	197	limited_read_scalar (unsigned *dest, unsigned length,
	198	ops_region_t * region, ops_parse_options_t * opt)
	199	{
	200	unsigned char c[4];
	201	unsigned t;
	202	int n;
	203
	204	if (!ops_limited_read (c, length, region, opt))
	205	return 0;
	206
	207	for (t = 0, n = 0; n < length; ++n)
	208	t = (t << 8) + c[n];
	209	*dest = t;
	210
	211	return 1;
	212	}
210	213
211	214	/** Read a timestamp.
…	…
226	229	* \see RFC2440bis-12 3.5
227	230	*/
228		static int limited_read_time(time_t dest,ops_region_t region,
229		ops_parse_options_t *opt)
230		{
231		return limited_read_scalar((unsigned *)dest,4,region,opt);
232		}
	231	static int
	232	limited_read_time (time_t * dest, ops_region_t * region,
	233	ops_parse_options_t * opt)
	234	{
	235	return limited_read_scalar ((unsigned *) dest, 4, region, opt);
	236	}
233	237
234	238	/** Read a multiprecision integer.
…	…
254	258	* \see RFC2440bis-12 3.2
255	259	*/
256		static int limited_read_mpi(BIGNUM *pbn,ops_region_t region,
257		ops_parse_options_t *opt)
258		{
259		unsigned length;
260		unsigned nonzero;
261		unsigned char buf[8192]; /* an MPI has a 2 byte length part. Length
262		is given in bits, so the largest we should
263		ever need for the buffer is 8192 bytes. */
264		ops_parser_content_t content;
265
266		if(!limited_read_scalar(&length,2,region,opt))
267		return 0;
268
269		nonzero=length&7; /* there should be this many zero bits in the MS byte */
270		if(!nonzero)
271		nonzero=8;
272		length=(length+7)/8;
273
274		assert(length <= 8192);
275		if(!ops_limited_read(buf,length,region,opt))
276		return 0;
277
278		if((buf[0] >> nonzero) != 0 \|\| !(buf[0]&(1 << (nonzero-1))))
279		ERR("MPI format error"); /* XXX: Ben, one part of this constraint does not apply to encrypted MPIs the draft says. -- peter */
280
281		*pbn=BN_bin2bn(buf,length,NULL);
282		return 1;
283		}
	260	static int
	261	limited_read_mpi (BIGNUM ** pbn, ops_region_t * region,
	262	ops_parse_options_t * opt)
	263	{
	264	unsigned length;
	265	unsigned nonzero;
	266	unsigned char buf[8192]; /* an MPI has a 2 byte length part. Length
	267	is given in bits, so the largest we should
	268	ever need for the buffer is 8192 bytes. */
	269	ops_parser_content_t content;
	270
	271	if (!limited_read_scalar (&length, 2, region, opt))
	272	return 0;
	273
	274	nonzero = length & 7; /* there should be this many zero bits in the MS byte */
	275	if (!nonzero)
	276	nonzero = 8;
	277	length = (length + 7) / 8;
	278
	279	assert (length <= 8192);
	280	if (!ops_limited_read (buf, length, region, opt))
	281	return 0;
	282
	283	if ((buf[0] >> nonzero) != 0 \|\| !(buf[0] & (1 << (nonzero - 1))))
	284	ERR ("MPI format error"); /* XXX: Ben, one part of this constraint does not apply to encrypted MPIs the draft says. -- peter */
	285
	286	*pbn = BN_bin2bn (buf, length, NULL);
	287	return 1;
	288	}
284	289
285	290	/** Read the length information for a new format Packet Tag.
…	…
300	305	* \see ops_ptag_t
301	306	*/
302		static int limited_read_new_length(unsigned length,ops_region_t region,
303		ops_parse_options_t *opt)
304		{
305		unsigned char c[1];
306
307		if(!ops_limited_read(c,1,region,opt))
308		return 0;
309		if(c[0] < 192)
310		{
311		*length=c[0];
312		return 1;
313		}
314		if(c[0] < 255)
315		{
316		unsigned t=(c[0]-192) << 8;
317
318		if(!ops_limited_read(c,1,region,opt))
319		return 0;
320		*length=t+c[1]+192;
321		return 1;
322		}
323		return limited_read_scalar(length,4,region,opt);
324		}
325
326		void ops_packet_free(ops_packet_t *packet)
327		{
328		free(packet->raw);
329		packet->raw=NULL;
330		}
331
332		void ops_parser_content_free(ops_parser_content_t *c)
333		{
334		switch(c->tag)
335		{
	307	static int
	308	limited_read_new_length (unsigned length, ops_region_t region,
	309	ops_parse_options_t * opt)
	310	{
	311	unsigned char c[1];
	312
	313	if (!ops_limited_read (c, 1, region, opt))
	314	return 0;
	315	if (c[0] < 192)
	316	{
	317	*length = c[0];
	318	return 1;
	319	}
	320	if (c[0] < 255)
	321	{
	322	unsigned t = (c[0] - 192) << 8;
	323
	324	if (!ops_limited_read (c, 1, region, opt))
	325	return 0;
	326	*length = t + c[1] + 192;
	327	return 1;
	328	}
	329	return limited_read_scalar (length, 4, region, opt);
	330	}
	331
	332	void
	333	ops_packet_free (ops_packet_t * packet)
	334	{
	335	free (packet->raw);
	336	packet->raw = NULL;
	337	}
	338
	339	void
	340	ops_parser_content_free (ops_parser_content_t * c)
	341	{
	342	switch (c->tag)
	343	{
336	344	case OPS_PARSER_PTAG:
337	345	case OPS_PTAG_CT_COMPRESSED:
…	…
339	347	case OPS_PTAG_SS_TRUST:
340	348	case OPS_PTAG_SS_ISSUER_KEY_ID:
341		break;
	349	break;
342	350
343	351	case OPS_PTAG_CT_SIGNATURE:
344		~~ops_signature_free~~(&c->content.signature);
345		break;
	352	ops_signature_free (&c->content.signature);
	353	break;
346	354
347	355	case OPS_PTAG_CT_PUBLIC_KEY:
348	356	case OPS_PTAG_CT_PUBLIC_SUBKEY:
349		~~ops_public_key_free~~(&c->content.public_key);
350		break;
	357	ops_public_key_free (&c->content.public_key);
	358	break;
351	359
352	360	case OPS_PTAG_CT_USER_ID:
353		~~ops_user_id_free~~(&c->content.user_id);
354		break;
	361	ops_user_id_free (&c->content.user_id);
	362	break;
355	363
356	364	case OPS_PARSER_PACKET_END:
357		~~ops_packet_free~~(&c->content.packet);
358		break;
	365	ops_packet_free (&c->content.packet);
	366	break;
359	367
360	368	case OPS_PARSER_ERROR:
361		break;
	369	break;
362	370
363	371	default:
364		fprintf(stderr,"Can't free %d (0x%x)\n",c->tag,c->tag);
365		assert(0);
366		}
367		}
368
369		static void free_BN(BIGNUM **pp)
370		{
371		BN_free(*pp);
372		*pp=NULL;
373		}
374
375		void ops_public_key_free(ops_public_key_t *p)
376		{
377		switch(p->algorithm)
378		{
	372	fprintf (stderr, "Can't free %d (0x%x)\n", c->tag, c->tag);
	373	assert (0);
	374	}
	375	}
	376
	377	static void
	378	free_BN (BIGNUM ** pp)
	379	{
	380	BN_free (*pp);
	381	*pp = NULL;
	382	}
	383
	384	void
	385	ops_public_key_free (ops_public_key_t * p)
	386	{
	387	switch (p->algorithm)
	388	{
379	389	case OPS_PKA_RSA:
380	390	case OPS_PKA_RSA_ENCRYPT_ONLY:
381	391	case OPS_PKA_RSA_SIGN_ONLY:
382		~~free_BN~~(&p->key.rsa.n);
383		~~free_BN~~(&p->key.rsa.e);
384		break;
	392	free_BN (&p->key.rsa.n);
	393	free_BN (&p->key.rsa.e);
	394	break;
385	395
386	396	case OPS_PKA_DSA:
387		~~free_BN~~(&p->key.dsa.p);
388		~~free_BN~~(&p->key.dsa.q);
389		~~free_BN~~(&p->key.dsa.g);
390		~~free_BN~~(&p->key.dsa.y);
391		break;
	397	free_BN (&p->key.dsa.p);
	398	free_BN (&p->key.dsa.q);
	399	free_BN (&p->key.dsa.g);
	400	free_BN (&p->key.dsa.y);
	401	break;
392	402
393	403	case OPS_PKA_ELGAMAL:
394		~~free_BN~~(&p->key.elgamal.p);
395		~~free_BN~~(&p->key.elgamal.g);
396		~~free_BN~~(&p->key.elgamal.y);
397		break;
	404	free_BN (&p->key.elgamal.p);
	405	free_BN (&p->key.elgamal.g);
	406	free_BN (&p->key.elgamal.y);
	407	break;
398	408
399	409	default:
400		~~assert~~(0);
401		}
402		}
	410	assert (0);
	411	}
	412	}
403	413
404	414	/** Parse a public key packet.
…	…
415	425	* \see RFC2440bis-12 5.5.2
416	426	*/
417		static int parse_public_key(ops_content_tag_t tag,ops_region_t *region,
418		ops_parse_options_t *opt)
419		{
420		ops_parser_content_t content;
421		unsigned char c[1];
422
423		assert (region->length_read == 0); /* We should not have read anything so far */
424
425		if(!ops_limited_read(c,1,region,opt))
426		return 0;
427		C.public_key.version=c[0];
428		if(C.public_key.version < 2 \|\| C.public_key.version > 4)
429		ERR1("Bad public key version (0x%02x)",C.public_key.version);
430
431		if(!limited_read_time(&C.public_key.creation_time,region,opt))
432		return 0;
433
434		C.public_key.days_valid=0;
435		if((C.public_key.version == 2 \|\| C.public_key.version == 3)
436		&& !limited_read_scalar(&C.public_key.days_valid,2,region,opt))
437		return 0;
438
439		if(!ops_limited_read(c,1,region,opt))
440		return 0;
441
442		C.public_key.algorithm=c[0];
443
444		switch(C.public_key.algorithm)
445		{
	427	static int
	428	parse_public_key (ops_content_tag_t tag, ops_region_t * region,
	429	ops_parse_options_t * opt)
	430	{
	431	ops_parser_content_t content;
	432	unsigned char c[1];
	433
	434	assert (region->length_read == 0); /* We should not have read anything so far */
	435
	436	if (!ops_limited_read (c, 1, region, opt))
	437	return 0;
	438	C.public_key.version = c[0];
	439	if (C.public_key.version < 2 \|\| C.public_key.version > 4)
	440	ERR1 ("Bad public key version (0x%02x)", C.public_key.version);
	441
	442	if (!limited_read_time (&C.public_key.creation_time, region, opt))
	443	return 0;
	444
	445	C.public_key.days_valid = 0;
	446	if ((C.public_key.version == 2 \|\| C.public_key.version == 3)
	447	&& !limited_read_scalar (&C.public_key.days_valid, 2, region, opt))
	448	return 0;
	449
	450	if (!ops_limited_read (c, 1, region, opt))
	451	return 0;
	452
	453	C.public_key.algorithm = c[0];
	454
	455	switch (C.public_key.algorithm)
	456	{
446	457	case OPS_PKA_DSA:
447		~~if(!limited_read_mpi(&C.public_key.key.dsa.p,region,~~opt)
448		~~\|\| !limited_read_mpi(&C.public_key.key.dsa.q,region,~~opt)
449		~~\|\| !limited_read_mpi(&C.public_key.key.dsa.g,region,~~opt)
450		~~\|\| !limited_read_mpi(&C.public_key.key.dsa.y,region,~~opt))
451		return 0;
452		break;
	458	if (!limited_read_mpi (&C.public_key.key.dsa.p, region, opt)
	459	\|\| !limited_read_mpi (&C.public_key.key.dsa.q, region, opt)
	460	\|\| !limited_read_mpi (&C.public_key.key.dsa.g, region, opt)
	461	\|\| !limited_read_mpi (&C.public_key.key.dsa.y, region, opt))
	462	return 0;
	463	break;
453	464
454	465	case OPS_PKA_RSA:
455	466	case OPS_PKA_RSA_ENCRYPT_ONLY:
456	467	case OPS_PKA_RSA_SIGN_ONLY:
457		~~if(!limited_read_mpi(&C.public_key.key.rsa.n,region,~~opt)
458		~~\|\| !limited_read_mpi(&C.public_key.key.rsa.e,region,~~opt))
459		return 0;
460		break;
	468	if (!limited_read_mpi (&C.public_key.key.rsa.n, region, opt)
	469	\|\| !limited_read_mpi (&C.public_key.key.rsa.e, region, opt))
	470	return 0;
	471	break;
461	472
462	473	case OPS_PKA_ELGAMAL:
463		~~if(!limited_read_mpi(&C.public_key.key.elgamal.p,region,~~opt)
464		~~\|\| !limited_read_mpi(&C.public_key.key.elgamal.g,region,~~opt)
465		~~\|\| !limited_read_mpi(&C.public_key.key.elgamal.y,region,~~opt))
466		return 0;
467		break;
	474	if (!limited_read_mpi (&C.public_key.key.elgamal.p, region, opt)
	475	\|\| !limited_read_mpi (&C.public_key.key.elgamal.g, region, opt)
	476	\|\| !limited_read_mpi (&C.public_key.key.elgamal.y, region, opt))
	477	return 0;
	478	break;
468	479
469	480	default:
470		ERR1("Unknown public key algorithm (%d)",C.public_key.algorithm);
471		}
472
473		if(region->length_read != region->length)
474		ERR1("Unconsumed data (%d)", region->length-region->length_read);
475
476		CB(tag,&content);
477
478		return 1;
479		}
480
481		void ops_user_id_free(ops_user_id_t *id)
482		{
483		free(id->user_id);
484		id->user_id=NULL;
485		}
	481	ERR1 ("Unknown public key algorithm (%d)", C.public_key.algorithm);
	482	}
	483
	484	if (region->length_read != region->length)
	485	ERR1 ("Unconsumed data (%d)", region->length - region->length_read);
	486
	487	CB (tag, &content);
	488
	489	return 1;
	490	}
	491
	492	void
	493	ops_user_id_free (ops_user_id_t * id)
	494	{
	495	free (id->user_id);
	496	id->user_id = NULL;
	497	}
486	498
487	499	/** Parse a user id.
…	…
502	514	* \see RFC2440bis-12 5.11
503	515	*/
504		static int parse_user_id(ops_region_t region,ops_parse_options_t opt)
505		{
506		ops_parser_content_t content;
507
508		assert (region->length_read == 0); /* We should not have read anything so far */
509
510		assert(region->length);
511		C.user_id.user_id=malloc(region->length+1); /* XXX should we not like check malloc's return value? */
512		if(!ops_limited_read(C.user_id.user_id,region->length,region,opt))
513		return 0;
514		C.user_id.user_id[region->length] = 0; /* terminate the string */
515
516		CB(OPS_PTAG_CT_USER_ID,&content);
517
518		return 1;
519		}
520
521		void ops_signature_free(ops_signature_t *sig)
522		{
523		switch(sig->key_algorithm)
524		{
	516	static int
	517	parse_user_id (ops_region_t * region, ops_parse_options_t * opt)
	518	{
	519	ops_parser_content_t content;
	520
	521	assert (region->length_read == 0); /* We should not have read anything so far */
	522
	523	assert (region->length);
	524	C.user_id.user_id = malloc (region->length + 1); /* XXX should we not like check malloc's return value? */
	525	if (!ops_limited_read (C.user_id.user_id, region->length, region, opt))
	526	return 0;
	527	C.user_id.user_id[region->length] = 0; /* terminate the string */
	528
	529	CB (OPS_PTAG_CT_USER_ID, &content);
	530
	531	return 1;
	532	}
	533
	534	void
	535	ops_signature_free (ops_signature_t * sig)
	536	{
	537	switch (sig->key_algorithm)
	538	{
525	539	case OPS_PKA_RSA:
526		~~free_BN~~(&sig->signature.rsa.sig);
527		break;
	540	free_BN (&sig->signature.rsa.sig);
	541	break;
528	542
529	543	case OPS_PKA_DSA:
530		~~free_BN~~(&sig->signature.dsa.r);
531		~~free_BN~~(&sig->signature.dsa.s);
532		break;
	544	free_BN (&sig->signature.dsa.r);
	545	free_BN (&sig->signature.dsa.s);
	546	break;
533	547
534	548	default:
535		~~assert~~(0);
536		}
537		}
	549	assert (0);
	550	}
	551	}
538	552
539	553	/** Parse a version 3 signature.
…	…
550	564	* \see RFC2440bis-12 5.2.2
551	565	*/
552		static int parse_v3_signature(ops_region_t region,ops_parse_options_t opt)
553		{
554		unsigned char c[1];
555		ops_parser_content_t content;
556
557		C.signature.version=OPS_SIG_V3;
558
559		/* hash info length */
560		if(!ops_limited_read(c,1,region,opt))
561		return 0;
562		if(c[0] != 5)
563		ERR("bad hash info length");
564
565		if(!ops_limited_read(c,1,region,opt))
566		return 0;
567		C.signature.type=c[0];
568		/* XXX: check signature type */
569
570		if(!limited_read_time(&C.signature.creation_time,region,opt))
571		return 0;
572
573		if(!ops_limited_read(C.signature.signer_id,8,region,opt))
574		return 0;
575
576		if(!ops_limited_read(c,1,region,opt))
577		return 0;
578		C.signature.key_algorithm=c[0];
579		/* XXX: check algorithm */
580
581		if(!ops_limited_read(c,1,region,opt))
582		return 0;
583		C.signature.hash_algorithm=c[0];
584		/* XXX: check algorithm */
585
586		if(!ops_limited_read(C.signature.hash2,2,region,opt))
587		return 0;
588
589		switch(C.signature.key_algorithm)
590		{
	566	static int
	567	parse_v3_signature (ops_region_t * region, ops_parse_options_t * opt)
	568	{
	569	unsigned char c[1];
	570	ops_parser_content_t content;
	571
	572	C.signature.version = OPS_SIG_V3;
	573
	574	/* hash info length */
	575	if (!ops_limited_read (c, 1, region, opt))
	576	return 0;
	577	if (c[0] != 5)
	578	ERR ("bad hash info length");
	579
	580	if (!ops_limited_read (c, 1, region, opt))
	581	return 0;
	582	C.signature.type = c[0];
	583	/* XXX: check signature type */
	584
	585	if (!limited_read_time (&C.signature.creation_time, region, opt))
	586	return 0;
	587
	588	if (!ops_limited_read (C.signature.signer_id, 8, region, opt))
	589	return 0;
	590
	591	if (!ops_limited_read (c, 1, region, opt))
	592	return 0;
	593	C.signature.key_algorithm = c[0];
	594	/* XXX: check algorithm */
	595
	596	if (!ops_limited_read (c, 1, region, opt))
	597	return 0;
	598	C.signature.hash_algorithm = c[0];
	599	/* XXX: check algorithm */
	600
	601	if (!ops_limited_read (C.signature.hash2, 2, region, opt))
	602	return 0;
	603
	604	switch (C.signature.key_algorithm)
	605	{
591	606	case OPS_PKA_RSA:
592		~~if(!limited_read_mpi(&C.signature.signature.rsa.sig,region,~~opt))
593		return 0;
594		break;
	607	if (!limited_read_mpi (&C.signature.signature.rsa.sig, region, opt))
	608	return 0;
	609	break;
595	610
596	611	case OPS_PKA_DSA:
597		~~if(!limited_read_mpi(&C.signature.signature.dsa.r,region,~~opt)
598		~~\|\| !limited_read_mpi(&C.signature.signature.dsa.s,region,~~opt))
599		return 0;
600		break;
	612	if (!limited_read_mpi (&C.signature.signature.dsa.r, region, opt)
	613	\|\| !limited_read_mpi (&C.signature.signature.dsa.s, region, opt))
	614	return 0;
	615	break;
601	616
602	617	default:
603		~~ERR1("Bad signature key algorithm (%d)",~~C.signature.key_algorithm);
604		}
605
606		if(region->length_read != region->length)
607		~~ERR1("Unconsumed data (%d)",region->length-~~region->length_read);
608
609		~~CB(OPS_PTAG_CT_SIGNATURE,~~&content);
610
611		return 1;
612		}
	618	ERR1 ("Bad signature key algorithm (%d)", C.signature.key_algorithm);
	619	}
	620
	621	if (region->length_read != region->length)
	622	ERR1 ("Unconsumed data (%d)", region->length - region->length_read);
	623
	624	CB (OPS_PTAG_CT_SIGNATURE, &content);
	625
	626	return 1;
	627	}
613	628
614	629	/** Parse one signature sub-packet.
…	…
628	643	* \see RFC2440bis-12 5.2.3
629	644	*/
630		static int parse_one_signature_subpacket(ops_signature_t *sig,
631		ops_region_t *region,
632		ops_parse_options_t *opt)
633		{
634		ops_region_t subregion;
635		char c[1];
636		ops_parser_content_t content;
637		unsigned t8,t7;
638		ops_boolean_t read=ops_true;
639
640		init_subregion(&subregion,region);
641		if(!limited_read_new_length(&subregion.length,region,opt))
642		return 0;
643
644		if(!ops_limited_read(c,1,&subregion,opt))
645		return 0;
646
647		t8=(c[0]&0x7f)/8;
648		t7=1 << (c[0]&7);
649
650		content.critical=c[0] >> 7;
651		content.tag=OPS_PTAG_SIGNATURE_SUBPACKET_BASE+(c[0]&0x7f);
652
653		/* Application wants it delivered raw */
654		if(opt->ss_raw[t8]&t7)
655		{
656		C.ss_raw.tag=content.tag;
657		C.ss_raw.length=subregion.length-1;
658		C.ss_raw.raw=malloc(C.ss_raw.length);
659		if(!ops_limited_read(C.ss_raw.raw,C.ss_raw.length,&subregion,opt))
660		return 0;
661		CB(OPS_PTAG_RAW_SS,&content);
662		return 1;
663		}
664
665		switch(content.tag)
666		{
	645	static int
	646	parse_one_signature_subpacket (ops_signature_t * sig,
	647	ops_region_t * region,
	648	ops_parse_options_t * opt)
	649	{
	650	ops_region_t subregion;
	651	char c[1];
	652	unsigned char bool;
	653	ops_parser_content_t content;
	654	unsigned t8, t7;
	655	ops_boolean_t read = ops_true;
	656
	657	init_subregion (&subregion, region);
	658	if (!limited_read_new_length (&subregion.length, region, opt))
	659	return 0;
	660
	661	if (!ops_limited_read (c, 1, &subregion, opt))
	662	return 0;
	663
	664	t8 = (c[0] & 0x7f) / 8;
	665	t7 = 1 << (c[0] & 7);
	666
	667	content.critical = c[0] >> 7;
	668	content.tag = OPS_PTAG_SIGNATURE_SUBPACKET_BASE + (c[0] & 0x7f);
	669
	670	/* Application wants it delivered raw */
	671	if (opt->ss_raw[t8] & t7)
	672	{
	673	C.ss_raw.tag = content.tag;
	674	C.ss_raw.length = subregion.length - 1;
	675	C.ss_raw.raw = malloc (C.ss_raw.length);
	676	if (!ops_limited_read (C.ss_raw.raw, C.ss_raw.length, &subregion, opt))
	677	return 0;
	678	CB (OPS_PTAG_RAW_SS, &content);
	679	return 1;
	680	}
	681
	682	switch (content.tag)
	683	{
667	684	case OPS_PTAG_SS_CREATION_TIME:
668	685	case OPS_PTAG_SS_EXPIRATION_TIME:
669		~~if(!limited_read_time(&C.ss_time.time,&subregion,~~opt))
670		return 0;
671		break;
	686	if (!limited_read_time (&C.ss_time.time, &subregion, opt))
	687	return 0;
	688	break;
672	689
673	690	case OPS_PTAG_SS_TRUST:
674		~~if(!ops_limited_read(&C.ss_trust.level,1,&subregion,~~opt)
675		~~\|\| !ops_limited_read(&C.ss_trust.level,1,&subregion,~~opt))
676		return 0;
677		break;
	691	if (!ops_limited_read (&C.ss_trust.level, 1, &subregion, opt)
	692	\|\| !ops_limited_read (&C.ss_trust.level, 1, &subregion, opt))
	693	return 0;
	694	break;
678	695
679	696	case OPS_PTAG_SS_ISSUER_KEY_ID:
680		~~if(!ops_limited_read(C.ss_issuer_key_id.key_id,~~OPS_KEY_ID_SIZE,
681		~~&subregion,~~opt))
682		return 0;
683		~~memcpy(sig->signer_id,C.ss_issuer_key_id.key_id,~~OPS_KEY_ID_SIZE);
684		break;
	697	if (!ops_limited_read (C.ss_issuer_key_id.key_id, OPS_KEY_ID_SIZE,
	698	&subregion, opt))
	699	return 0;
	700	memcpy (sig->signer_id, C.ss_issuer_key_id.key_id, OPS_KEY_ID_SIZE);
	701	break;
685	702
686	703	case OPS_PTAG_SS_PREFERRED_SKA:
687		/* should this be malloc-ed? or done as fixed array?
688		* use fixed arraysize for now. Ben? - Rachel */
689
690		C.ss_preferred_ska.len = subregion.length - subregion.length_read;
691		if (!ops_limited_read(C.ss_preferred_ska.data,
692		C.ss_preferred_ska.len, &subregion, opt))
693		return 0;
694		break;
695
	704	/* should this be malloc-ed? or done as fixed array?
	705	* use fixed arraysize for now. Ben? - Rachel */
	706
	707	C.ss_preferred_ska.len = subregion.length - subregion.length_read;
	708	/* Do sanity check on length */
	709	if (C.ss_preferred_ska.len > MAX_PREFERRED_SKA)
	710	{
	711	ERR1
	712	("Warning: Truncated Preferred Symmetric Algorithm - subpacket %d octets",
	713	C.ss_preferred_ska.len);
	714	C.ss_preferred_ska.len = MAX_PREFERRED_SKA;
	715	}
	716	if (!ops_limited_read (C.ss_preferred_ska.data,
	717	C.ss_preferred_ska.len, &subregion, opt))
	718	return 0;
	719	break;
	720
	721	case OPS_PTAG_SS_PRIMARY_USER_ID:
	722	if (!ops_limited_read (&bool, 1, &subregion, opt))
	723	return 0;
	724	C.ss_primary_user_id.primary_user_id = !!bool;
	725	break;
	726
	727	case OPS_PTAG_SS_REVOCATION_KEY:
	728	printf ("Sizeof struct is %d\n", sizeof (ops_ss_revocation_key_t));
	729
	730	/* octet 0 = class. Bit 0x80 must be set */
	731	if (!ops_limited_read (&C.ss_revocation_key.class, 1, &subregion, opt))
	732	return 0;
	733	if (!(C.ss_revocation_key.class & 0x80))
	734	{
	735	printf
	736	("Warning: OPS_PTAG_SS_REVOCATION_KEY class: Bit 0x80 should be set\n");
	737	return 0;
	738	}
	739
	740	/* octet 1 = algid */
	741	if (!ops_limited_read (&C.ss_revocation_key.algid, 1, &subregion, opt))
	742	return 0;
	743
	744	/* octets 2-21 = fingerprint */
	745	if (!ops_limited_read
	746	((unsigned char *) &C.ss_revocation_key.fingerprint, 20, &subregion,
	747	opt))
	748	return 0;
	749	break;
	750
696	751	default:
697		~~if(opt->ss_parsed[t8]&~~t7)
698		~~ERR1("Unknown signature subpacket type (%d)",c[0]&~~0x7f);
699		~~read=~~ops_false;
700		break;
701		}
702
703		/* Application doesn't want it delivered parsed */
704		~~if(!(opt->ss_parsed[t8]&~~t7))
705		{
706		if(content.critical)
707		~~ERR1("Critical signature subpacket ignored (%d)",c[0]&~~0x7f);
708		~~if(!read && !limited_skip(subregion.length-1,&subregion,~~opt))
709		return 0;
710		// printf("skipped %d length %d\n",c[0]&0x7f,subregion.length);
711		if(read)
712		~~ops_parser_content_free~~(&content);
713		return 1;
714		}
715
716		if(read && subregion.length_read != subregion.length)
717		~~ERR1("Unconsumed data (%d)", subregion.length-~~subregion.length_read);
718
719		~~opt->cb(&content,~~opt->cb_arg);
720
721		return 1;
722		}
	752	if (opt->ss_parsed[t8] & t7)
	753	ERR1 ("Unknown signature subpacket type (%d)", c[0] & 0x7f);
	754	read = ops_false;
	755	break;
	756	}
	757
	758	/* Application doesn't want it delivered parsed */
	759	if (!(opt->ss_parsed[t8] & t7))
	760	{
	761	if (content.critical)
	762	ERR1 ("Critical signature subpacket ignored (%d)", c[0] & 0x7f);
	763	if (!read && !limited_skip (subregion.length - 1, &subregion, opt))
	764	return 0;
	765	// printf("skipped %d length %d\n",c[0]&0x7f,subregion.length);
	766	if (read)
	767	ops_parser_content_free (&content);
	768	return 1;
	769	}
	770
	771	if (read && subregion.length_read != subregion.length)
	772	ERR1 ("Unconsumed data (%d)", subregion.length - subregion.length_read);
	773
	774	opt->cb (&content, opt->cb_arg);
	775
	776	return 1;
	777	}
723	778
724	779	/** Parse several signature subpackets.
…	…
737	792	* \see RFC2440bis-12 5.2.3
738	793	*/
739		static int ~~parse_signature_subpackets(ops_signature_t *sig,~~
740		~~ops_region_t *region~~,
741		ops_parse_options_t *opt)
742		{
743		ops_region_t subregion;
744
745		~~init_subregion(&subregion,~~region);
746		~~if(!limited_read_scalar(&subregion.length,2,region,~~opt))
747		return 0;
748
749		~~while~~(subregion.length_read < subregion.length)
750		~~if(!parse_one_signature_subpacket(sig,&subregion,~~opt))
751		return 0;
752
753		~~assert(subregion.length_read == subregion.length);~~ /* XXX: this should not be an assert but a parse error. It's not
754		our fault if the packet is inconsistent with itself. */
755
756		return 1;
757		}
	794	static int
	795	parse_signature_subpackets (ops_signature_t * sig,
	796	ops_region_t * region, ops_parse_options_t * opt)
	797	{
	798	ops_region_t subregion;
	799
	800	init_subregion (&subregion, region);
	801	if (!limited_read_scalar (&subregion.length, 2, region, opt))
	802	return 0;
	803
	804	while (subregion.length_read < subregion.length)
	805	if (!parse_one_signature_subpacket (sig, &subregion, opt))
	806	return 0;
	807
	808	assert (subregion.length_read == subregion.length); /* XXX: this should not be an assert but a parse error. It's not
	809	our fault if the packet is inconsistent with itself. */
	810
	811	return 1;
	812	}
758	813
759	814	/** Parse a version 4 signature.
…	…
770	825	* \see RFC2440bis-12 5.2.3
771	826	*/
772		static int parse_v4_signature(ops_region_t region,ops_parse_options_t opt,
773		size_t v4_hashed_data_start)
774		{
775		unsigned char c[1];
776		ops_parser_content_t content;
777
778		C.signature.version=OPS_SIG_V4;
779		C.signature.v4_hashed_data_start=v4_hashed_data_start;
780
781		if(!ops_limited_read(c,1,region,opt))
782		return 0;
783		C.signature.type=c[0];
784		/* XXX: check signature type */
785
786		if(!ops_limited_read(c,1,region,opt))
787		return 0;
788		C.signature.key_algorithm=c[0];
789		/* XXX: check algorithm */
790
791		if(!ops_limited_read(c,1,region,opt))
792		return 0;
793		C.signature.hash_algorithm=c[0];
794		/* XXX: check algorithm */
795
796		if(!parse_signature_subpackets(&C.signature,region,opt))
797		return 0;
798		C.signature.v4_hashed_data_length=opt->alength
799		-C.signature.v4_hashed_data_start;
800
801		if(!parse_signature_subpackets(&C.signature,region,opt))
802		return 0;
803
804		if(!ops_limited_read(C.signature.hash2,2,region,opt))
805		return 0;
806
807		switch(C.signature.key_algorithm)
808		{
	827	static int
	828	parse_v4_signature (ops_region_t * region, ops_parse_options_t * opt,
	829	size_t v4_hashed_data_start)
	830	{
	831	unsigned char c[1];
	832	ops_parser_content_t content;
	833
	834	C.signature.version = OPS_SIG_V4;
	835	C.signature.v4_hashed_data_start = v4_hashed_data_start;
	836
	837	if (!ops_limited_read (c, 1, region, opt))
	838	return 0;
	839	C.signature.type = c[0];
	840	/* XXX: check signature type */
	841
	842	if (!ops_limited_read (c, 1, region, opt))
	843	return 0;
	844	C.signature.key_algorithm = c[0];
	845	/* XXX: check algorithm */
	846
	847	if (!ops_limited_read (c, 1, region, opt))
	848	return 0;
	849	C.signature.hash_algorithm = c[0];
	850	/* XXX: check algorithm */
	851
	852	if (!parse_signature_subpackets (&C.signature, region, opt))
	853	return 0;
	854	C.signature.v4_hashed_data_length = opt->alength
	855	- C.signature.v4_hashed_data_start;
	856
	857	if (!parse_signature_subpackets (&C.signature, region, opt))
	858	return 0;
	859
	860	if (!ops_limited_read (C.signature.hash2, 2, region, opt))
	861	return 0;
	862
	863	switch (C.signature.key_algorithm)
	864	{
809	865	case OPS_PKA_RSA:
810		~~if(!limited_read_mpi(&C.signature.signature.rsa.sig,region,~~opt))
811		return 0;
812		break;
	866	if (!limited_read_mpi (&C.signature.signature.rsa.sig, region, opt))
	867	return 0;
	868	break;
813	869
814	870	case OPS_PKA_DSA:
815		~~if(!limited_read_mpi(&C.signature.signature.dsa.r,region,~~opt)
816		~~\|\| !limited_read_mpi(&C.signature.signature.dsa.s,region,~~opt))
817		return 0;
818		break;
	871	if (!limited_read_mpi (&C.signature.signature.dsa.r, region, opt)
	872	\|\| !limited_read_mpi (&C.signature.signature.dsa.s, region, opt))
	873	return 0;
	874	break;
819	875
820	876	default:
821		~~ERR1("Bad signature key algorithm (%d)",~~C.signature.key_algorithm);
822		}
823
824		if(region->length_read != region->length)
825		~~ERR1("Unconsumed data (%d)",region->length-~~region->length_read);
826
827		~~CB(OPS_PTAG_CT_SIGNATURE,~~&content);
828
829		return 1;
830		}
	877	ERR1 ("Bad signature key algorithm (%d)", C.signature.key_algorithm);
	878	}
	879
	880	if (region->length_read != region->length)
	881	ERR1 ("Unconsumed data (%d)", region->length - region->length_read);
	882
	883	CB (OPS_PTAG_CT_SIGNATURE, &content);
	884
	885	return 1;
	886	}
831	887
832	888	/** Parse a signature subpacket.
…	…
841	897	* \return 1 on success, 0 on error
842	898	*/
843		static int parse_signature(ops_region_t region,ops_parse_options_t opt)
844		{
845		unsigned char c[1];
846		ops_parser_content_t content;
847		size_t v4_hashed_data_start;
848
849		assert(region->length_read == 0); /* We should not have read anything so far */
850
851		memset(&content,'\0',sizeof content);
852
853		v4_hashed_data_start=opt->alength;
854		if(!ops_limited_read(c,1,region,opt))
855		return 0;
856
857		/* XXX: More V2 issues! - Ben*/
858		/* XXX: are there v2 signatures? - Peter */
859		if(c[0] == 2 \|\| c[0] == 3)
860		return parse_v3_signature(region,opt);
861		else if(c[0] == 4)
862		return parse_v4_signature(region,opt,v4_hashed_data_start);
863		ERR1("Bad signature version (%d)",c[0]);
864		}
865
866		static int parse_compressed(ops_region_t region,ops_parse_options_t opt)
867		{
868		unsigned char c[1];
869		ops_parser_content_t content;
870
871		if(!ops_limited_read(c,1,region,opt))
872		return 0;
873
874		C.compressed.type=c[0];
875
876		CB(OPS_PTAG_CT_COMPRESSED,&content);
877
878		/* The content of a compressed data packet is more OpenPGP packets
879		once decmppressed, so recursively handle them */
880
881		return ops_decompress(region,opt);
882		}
883
884		static int parse_one_pass(ops_region_t region,ops_parse_options_t opt)
885		{
886		unsigned char c[1];
887		ops_parser_content_t content;
888
889		if(!ops_limited_read(&C.one_pass_signature.version,1,region,opt))
890		return 0;
891		if(C.one_pass_signature.version != 3)
892		ERR1("Bad one-pass signature version (%d)",
893		C.one_pass_signature.version);
894
895		if(!ops_limited_read(c,1,region,opt))
896		return 0;
897		C.one_pass_signature.sig_type=c[0];
898
899		if(!ops_limited_read(c,1,region,opt))
900		return 0;
901		C.one_pass_signature.hash_algorithm=c[0];
902
903		if(!ops_limited_read(c,1,region,opt))
904		return 0;
905		C.one_pass_signature.key_algorithm=c[0];
906
907		if(!ops_limited_read(&C.one_pass_signature.keyid,8,region,opt))
908		return 0;
909
910		if(!ops_limited_read(c,1,region,opt))
911		return 0;
912		C.one_pass_signature.nested=!!c[0];
913
914		CB(OPS_PTAG_CT_ONE_PASS_SIGNATURE,&content);
915
916		return 1;
917		}
	899	static int
	900	parse_signature (ops_region_t * region, ops_parse_options_t * opt)
	901	{
	902	unsigned char c[1];
	903	ops_parser_content_t content;
	904	size_t v4_hashed_data_start;
	905
	906	assert (region->length_read == 0); /* We should not have read anything so far */
	907
	908	memset (&content, '\0', sizeof content);
	909
	910	v4_hashed_data_start = opt->alength;
	911	if (!ops_limited_read (c, 1, region, opt))
	912	return 0;
	913
	914	/* XXX: More V2 issues! - Ben */
	915	/* XXX: are there v2 signatures? - Peter */
	916	if (c[0] == 2 \|\| c[0] == 3)
	917	return parse_v3_signature (region, opt);
	918	else if (c[0] == 4)
	919	return parse_v4_signature (region, opt, v4_hashed_data_start);
	920	ERR1 ("Bad signature version (%d)", c[0]);
	921	}
	922
	923	static int
	924	parse_compressed (ops_region_t * region, ops_parse_options_t * opt)
	925	{
	926	unsigned char c[1];
	927	ops_parser_content_t content;
	928
	929	if (!ops_limited_read (c, 1, region, opt))
	930	return 0;
	931
	932	C.compressed.type = c[0];
	933
	934	CB (OPS_PTAG_CT_COMPRESSED, &content);
	935
	936	/* The content of a compressed data packet is more OpenPGP packets
	937	once decmppressed, so recursively handle them */
	938
	939	return ops_decompress (region, opt);
	940	}
	941
	942	static int
	943	parse_one_pass (ops_region_t * region, ops_parse_options_t * opt)
	944	{
	945	unsigned char c[1];
	946	ops_parser_content_t content;
	947
	948	if (!ops_limited_read (&C.one_pass_signature.version, 1, region, opt))
	949	return 0;
	950	if (C.one_pass_signature.version != 3)
	951	ERR1 ("Bad one-pass signature version (%d)",
	952	C.one_pass_signature.version);
	953
	954	if (!ops_limited_read (c, 1, region, opt))
	955	return 0;
	956	C.one_pass_signature.sig_type = c[0];
	957
	958	if (!ops_limited_read (c, 1, region, opt))
	959	return 0;
	960	C.one_pass_signature.hash_algorithm = c[0];
	961
	962	if (!ops_limited_read (c, 1, region, opt))
	963	return 0;
	964	C.one_pass_signature.key_algorithm = c[0];
	965
	966	if (!ops_limited_read (&C.one_pass_signature.keyid, 8, region, opt))
	967	return 0;
	968
	969	if (!ops_limited_read (c, 1, region, opt))
	970	return 0;
	971	C.one_pass_signature.nested = !!c[0];
	972
	973	CB (OPS_PTAG_CT_ONE_PASS_SIGNATURE, &content);
	974
	975	return 1;
	976	}
918	977
919	978	/** Parse one packet.
…	…
927	986	* \return 1 on success, 0 on error
928	987	*/
929		static int ops_parse_one_packet(ops_parse_options_t *opt)
930		{
931		char ptag[1];
932		ops_reader_ret_t ret;
933		ops_parser_content_t content;
934		int r;
935		ops_region_t region;
936		unsigned one=1;
937		ops_boolean_t indeterminate=ops_false;
938
939		ret=base_read(ptag,&one,0,opt);
940		if(ret == OPS_R_EOF)
941		return 0;
942
943		assert(ret == OPS_R_OK);
944		if(!(*ptag&OPS_PTAG_ALWAYS_SET))
	988	static int
	989	ops_parse_one_packet (ops_parse_options_t * opt)
	990	{
	991	char ptag[1];
	992	ops_reader_ret_t ret;
	993	ops_parser_content_t content;
	994	int r;
	995	ops_region_t region;
	996	unsigned one = 1;
	997	ops_boolean_t indeterminate = ops_false;
	998
	999	ret = base_read (ptag, &one, 0, opt);
	1000	if (ret == OPS_R_EOF)
	1001	return 0;
	1002
	1003	assert (ret == OPS_R_OK);
	1004	if (!(*ptag & OPS_PTAG_ALWAYS_SET))
	1005	{
	1006	C.error.error = "Format error (ptag bit not set)";
	1007	CB (OPS_PARSER_ERROR, &content);
	1008	return 0;
	1009	}
	1010	C.ptag.new_format = !!(*ptag & OPS_PTAG_NEW_FORMAT);
	1011	if (C.ptag.new_format)
	1012	{
	1013	C.ptag.content_tag = *ptag & OPS_PTAG_NF_CONTENT_TAG_MASK;
	1014	C.ptag.length_type = 0;
	1015	}
	1016	else
	1017	{
	1018	C.ptag.content_tag = (*ptag & OPS_PTAG_OF_CONTENT_TAG_MASK)
	1019	>> OPS_PTAG_OF_CONTENT_TAG_SHIFT;
	1020	C.ptag.length_type = *ptag & OPS_PTAG_OF_LENGTH_TYPE_MASK;
	1021	switch (C.ptag.length_type)
945	1022	{
946		C.error.error="Format error (ptag bit not set)";
947		CB(OPS_PARSER_ERROR,&content);
948		return 0;
	1023	case OPS_PTAG_OF_LT_ONE_BYTE:
	1024	ret = read_scalar (&C.ptag.length, 1, opt);
	1025	assert (ret == OPS_R_OK);
	1026	break;
	1027
	1028	case OPS_PTAG_OF_LT_TWO_BYTE:
	1029	ret = read_scalar (&C.ptag.length, 2, opt);
	1030	assert (ret == OPS_R_OK);
	1031	break;
	1032
	1033	case OPS_PTAG_OF_LT_FOUR_BYTE:
	1034	ret = read_scalar (&C.ptag.length, 4, opt);
	1035	assert (ret == OPS_R_OK);
	1036	break;
	1037
	1038	case OPS_PTAG_OF_LT_INDETERMINATE:
	1039	C.ptag.length = 0;
	1040	indeterminate = ops_true;
	1041	break;
949	1042	}
950		C.ptag.new_format=!!(*ptag&OPS_PTAG_NEW_FORMAT);
951		if(C.ptag.new_format)
952		{
953		C.ptag.content_tag=*ptag&OPS_PTAG_NF_CONTENT_TAG_MASK;
954		C.ptag.length_type=0;
955		}
956		else
957		{
958		C.ptag.content_tag=(*ptag&OPS_PTAG_OF_CONTENT_TAG_MASK)
959		>> OPS_PTAG_OF_CONTENT_TAG_SHIFT;
960		C.ptag.length_type=*ptag&OPS_PTAG_OF_LENGTH_TYPE_MASK;
961		switch(C.ptag.length_type)
962		{
963		case OPS_PTAG_OF_LT_ONE_BYTE:
964		ret=read_scalar(&C.ptag.length,1,opt);
965		assert(ret == OPS_R_OK);
966		break;
967
968		case OPS_PTAG_OF_LT_TWO_BYTE:
969		ret=read_scalar(&C.ptag.length,2,opt);
970		assert(ret == OPS_R_OK);
971		break;
972
973		case OPS_PTAG_OF_LT_FOUR_BYTE:
974		ret=read_scalar(&C.ptag.length,4,opt);
975		assert(ret == OPS_R_OK);
976		break;
977
978		case OPS_PTAG_OF_LT_INDETERMINATE:
979		C.ptag.length=0;
980		indeterminate=ops_true;
981		break;
982		}
983		}
984
985		CB(OPS_PARSER_PTAG,&content);
986
987		init_subregion(&region,NULL);
988		region.length=C.ptag.length;
989		region.indeterminate=indeterminate;
990		switch(C.ptag.content_tag)
991		{
	1043	}
	1044
	1045	CB (OPS_PARSER_PTAG, &content);
	1046
	1047	init_subregion (&region, NULL);
	1048	region.length = C.ptag.length;
	1049	region.indeterminate = indeterminate;
	1050	switch (C.ptag.content_tag)
	1051	{
992	1052	case OPS_PTAG_CT_SIGNATURE:
993		~~r=parse_signature(&region,~~opt);
994		break;
	1053	r = parse_signature (&region, opt);
	1054	break;
995	1055
996	1056	case OPS_PTAG_CT_PUBLIC_KEY:
997	1057	case OPS_PTAG_CT_PUBLIC_SUBKEY:
998		~~r=parse_public_key(C.ptag.content_tag,&region,~~opt);
999		break;
	1058	r = parse_public_key (C.ptag.content_tag, &region, opt);
	1059	break;
1000	1060
1001	1061	case OPS_PTAG_CT_USER_ID:
1002		~~r=parse_user_id(&region,~~opt);
1003		break;
	1062	r = parse_user_id (&region, opt);
	1063	break;
1004	1064
1005	1065	case OPS_PTAG_CT_COMPRESSED:
1006		~~r=parse_compressed(&region,~~opt);
1007		break;
	1066	r = parse_compressed (&region, opt);
	1067	break;
1008	1068
1009	1069	case OPS_PTAG_CT_ONE_PASS_SIGNATURE:
1010		~~r=parse_one_pass(&region,~~opt);
1011		break;
	1070	r = parse_one_pass (&region, opt);
	1071	break;
1012	1072
1013	1073	default:
1014		~~format_error(&content,~~"Format error (unknown content tag %d)",
1015		C.ptag.content_tag);
1016		~~CB(OPS_PARSER_ERROR,~~&content);
1017		r=0;
1018		}
1019		if(opt->accumulate)
1020		{
1021		~~C.packet.length=~~opt->alength;
1022		~~C.packet.raw=~~opt->accumulated;
1023		~~opt->accumulated=~~NULL;
1024		~~opt->asize=~~0;
1025		~~CB(OPS_PARSER_PACKET_END,~~&content);
1026		}
1027		~~opt->alength=~~0;
1028
1029		return r ? 1 : -1;
1030		}
	1074	format_error (&content, "Format error (unknown content tag %d)",
	1075	C.ptag.content_tag);
	1076	CB (OPS_PARSER_ERROR, &content);
	1077	r = 0;
	1078	}
	1079	if (opt->accumulate)
	1080	{
	1081	C.packet.length = opt->alength;
	1082	C.packet.raw = opt->accumulated;
	1083	opt->accumulated = NULL;
	1084	opt->asize = 0;
	1085	CB (OPS_PARSER_PACKET_END, &content);
	1086	}
	1087	opt->alength = 0;
	1088
	1089	return r ? 1 : -1;
	1090	}
1031	1091
1032	1092	/** Parse packets.
…	…
1039	1099	* \return 1 on success, 0 on error
1040	1100	*/
1041		int ops_parse(ops_parse_options_t *opt)
1042		{
1043		int r;
1044
1045		while((r=ops_parse_one_packet(opt)) > 0)
1046		;
1047
1048		return r == 0;
1049		}
	1101	int
	1102	ops_parse (ops_parse_options_t * opt)
	1103	{
	1104	int r;
	1105
	1106	while ((r = ops_parse_one_packet (opt)) > 0)
	1107	;
	1108
	1109	return r == 0;
	1110	}
1050	1111
1051	1112	/* XXX: Make all packet types optional, not just subpackets */
1052		void ops_parse_options(ops_parse_options_t *opt,
1053		ops_content_tag_t tag,
1054		ops_parse_type_t type)
1055		{
1056		int t8,t7;
1057
1058		if(tag == OPS_PTAG_SS_ALL)
1059		{
1060		int n;
1061
1062		for(n=0 ; n < 256 ; ++n)
1063		ops_parse_options(opt,OPS_PTAG_SIGNATURE_SUBPACKET_BASE+n,
1064		type);
1065		return;
1066		}
1067
1068		assert(tag >= OPS_PTAG_SIGNATURE_SUBPACKET_BASE
1069		&& tag <= OPS_PTAG_SIGNATURE_SUBPACKET_BASE+255);
1070		t8=(tag-OPS_PTAG_SIGNATURE_SUBPACKET_BASE)/8;
1071		t7=1 << ((tag-OPS_PTAG_SIGNATURE_SUBPACKET_BASE)&7);
1072		switch(type)
1073		{
	1113	void
	1114	ops_parse_options (ops_parse_options_t * opt,
	1115	ops_content_tag_t tag, ops_parse_type_t type)
	1116	{
	1117	int t8, t7;
	1118
	1119	if (tag == OPS_PTAG_SS_ALL)
	1120	{
	1121	int n;
	1122
	1123	for (n = 0; n < 256; ++n)
	1124	ops_parse_options (opt, OPS_PTAG_SIGNATURE_SUBPACKET_BASE + n, type);
	1125	return;
	1126	}
	1127
	1128	assert (tag >= OPS_PTAG_SIGNATURE_SUBPACKET_BASE
	1129	&& tag <= OPS_PTAG_SIGNATURE_SUBPACKET_BASE + 255);
	1130	t8 = (tag - OPS_PTAG_SIGNATURE_SUBPACKET_BASE) / 8;
	1131	t7 = 1 << ((tag - OPS_PTAG_SIGNATURE_SUBPACKET_BASE) & 7);
	1132	switch (type)
	1133	{
1074	1134	case OPS_PARSE_RAW:
1075		opt->ss_raw[t8] \|= t7;
1076		opt->ss_parsed[t8] &= ~t7;
1077		break;
	1135	opt->ss_raw[t8] \|= t7;
	1136	opt->ss_parsed[t8] &= ~t7;
	1137	break;
1078	1138
1079	1139	case OPS_PARSE_PARSED:
1080		opt->ss_raw[t8] &= ~t7;
1081		opt->ss_parsed[t8] \|= t7;
1082		break;
	1140	opt->ss_raw[t8] &= ~t7;
	1141	opt->ss_parsed[t8] \|= t7;
	1142	break;
1083	1143
1084	1144	case OPS_PARSE_IGNORE:
1085		opt->ss_raw[t8] &= ~t7;
1086		opt->ss_parsed[t8] &= ~t7;
1087		break;
1088		}
1089		}
	1145	opt->ss_raw[t8] &= ~t7;
	1146	opt->ss_parsed[t8] &= ~t7;
	1147	break;
	1148	}
	1149	}
1090	1150
1091	1151

openpgpsdk/trunk/src/packet.h

r59	r60
145	145	OPS_PTAG_SS_TRUST =0x200+5, /!< trust signature /
146	146	OPS_PTAG_SS_PREFERRED_SKA = 0x200+11, /!< preferred symmetric algorithms /
147		OPS_PTAG_SS_ISSUER_KEY_ID =0x200+16,
	147	OPS_PTAG_SS_REVOCATION_KEY = 0x200+12, /!< revocation key /
	148	OPS_PTAG_SS_ISSUER_KEY_ID =0x200+16, /!< issuer key ID /
	149	OPS_PTAG_SS_PRIMARY_USER_ID = 0x200+25, /!< primary User ID /
148	150	};
149	151
…	…
444	446	} ops_one_pass_signature_t;
445	447
	448	typedef struct
	449	{
	450	ops_boolean_t primary_user_id;
	451	} ops_ss_primary_user_id_t;
	452
	453	typedef struct
	454	{
	455	unsigned char class;
	456	unsigned char algid;
	457	unsigned char fingerprint[20];
	458	} ops_ss_revocation_key_t;
	459
446	460	typedef union
447	461	{
…	…
459	473	ops_one_pass_signature_t one_pass_signature;
460	474	ops_ss_preferred_ska_t ss_preferred_ska;
	475	ops_ss_primary_user_id_t ss_primary_user_id;
	476	ops_ss_revocation_key_t ss_revocation_key;
461	477	} ops_parser_content_union_t;
462	478

Download in other formats: