- added key copy methods to OpenPGP-SDK

- added encrypted key storage and retrieval to own keyring after generation
- improved test program



git-svn-id: http://svn.code.sf.net/p/retroshare/code/branches/v0.5-OpenPGP@5070 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
csoler 2012-04-01 12:52:15 +00:00
parent 648555711c
commit 1888b21998
14 changed files with 406 additions and 85 deletions

View File

@ -18,7 +18,7 @@ Compilation
Project Project
02 [1] determine what's missing in OpenPGP-SDK 02 [1] determine what's missing in OpenPGP-SDK
03 [ ] make a separate layer in RS to handle PGP. AuthPGP is too close to libretroshare. 03 [1] make a separate layer in RS to handle PGP. AuthPGP is too close to libretroshare.
Notes Notes
===== =====

View File

@ -70,24 +70,49 @@ uint64_t PGPIdType::toUInt64() const
return res ; return res ;
} }
PGPHandler::PGPHandler(const std::string& pubring, const std::string& secring) ops_keyring_t *PGPHandler::allocateOPSKeyring()
: pgphandlerMtx(std::string("PGPHandler")), _pubring_path(pubring),_secring_path(secring) {
ops_keyring_t *kr = (ops_keyring_t*)malloc(sizeof(ops_keyring_t)) ;
kr->nkeys = 0 ;
kr->nkeys_allocated = 0 ;
kr->keys = 0 ;
return kr ;
}
PGPHandler::PGPHandler(const std::string& pubring, const std::string& secring,PassphraseCallback cb)
: pgphandlerMtx(std::string("PGPHandler")), _pubring_path(pubring),_secring_path(secring),_passphrase_callback(cb)
{ {
// Allocate public and secret keyrings. // Allocate public and secret keyrings.
// //
_pubring = (ops_keyring_t*)malloc(sizeof(ops_keyring_t)) ; _pubring = allocateOPSKeyring() ;
_secring = (ops_keyring_t*)malloc(sizeof(ops_keyring_t)) ; _secring = allocateOPSKeyring() ;
// Read public and secret keyrings from supplied files. // Read public and secret keyrings from supplied files.
// //
if(ops_false == ops_keyring_read_from_file(_pubring, false, pubring.c_str())) if(ops_false == ops_keyring_read_from_file(_pubring, false, pubring.c_str()))
throw std::runtime_error("PGPHandler::readKeyRing(): cannot read pubring.") ; throw std::runtime_error("PGPHandler::readKeyRing(): cannot read pubring.") ;
const ops_keydata_t *keydata ;
int i=0 ;
while( (keydata = ops_keyring_get_key_by_index(_pubring,i)) != NULL )
{
_public_keyring_map[ PGPIdType(keydata->key_id).toUInt64() ] = i ;
++i ;
}
std::cerr << "Pubring read successfully." << std::endl; std::cerr << "Pubring read successfully." << std::endl;
if(ops_false == ops_keyring_read_from_file(_secring, false, secring.c_str())) if(ops_false == ops_keyring_read_from_file(_secring, false, secring.c_str()))
throw std::runtime_error("PGPHandler::readKeyRing(): cannot read secring.") ; throw std::runtime_error("PGPHandler::readKeyRing(): cannot read secring.") ;
i=0 ;
while( (keydata = ops_keyring_get_key_by_index(_secring,i)) != NULL )
{
_secret_keyring_map[ PGPIdType(keydata->key_id).toUInt64() ] = i ;
++i ;
}
std::cerr << "Secring read successfully." << std::endl; std::cerr << "Secring read successfully." << std::endl;
} }
@ -95,6 +120,8 @@ PGPHandler::~PGPHandler()
{ {
std::cerr << "Freeing PGPHandler. Deleting keyrings." << std::endl; std::cerr << "Freeing PGPHandler. Deleting keyrings." << std::endl;
// no need to free the the _map_ elements. They will be freed by the following calls:
//
ops_keyring_free(_pubring) ; ops_keyring_free(_pubring) ;
ops_keyring_free(_secring) ; ops_keyring_free(_secring) ;
@ -130,28 +157,28 @@ bool PGPHandler::availableGPGCertificatesWithPrivateKeys(std::list<PGPIdType>& i
return true ; return true ;
} }
static ops_parse_cb_return_t cb_get_passphrase(const ops_parser_content_t *content_,ops_parse_cb_info_t *cbinfo __attribute__((unused))) // static ops_parse_cb_return_t cb_get_passphrase(const ops_parser_content_t *content_,ops_parse_cb_info_t *cbinfo __attribute__((unused)))
{ // {
const ops_parser_content_union_t *content=&content_->content; // const ops_parser_content_union_t *content=&content_->content;
// validate_key_cb_arg_t *arg=ops_parse_cb_get_arg(cbinfo); // // validate_key_cb_arg_t *arg=ops_parse_cb_get_arg(cbinfo);
// ops_error_t **errors=ops_parse_cb_get_errors(cbinfo); // // ops_error_t **errors=ops_parse_cb_get_errors(cbinfo);
//
switch(content_->tag) // switch(content_->tag)
{ // {
case OPS_PARSER_CMD_GET_SK_PASSPHRASE: // case OPS_PARSER_CMD_GET_SK_PASSPHRASE:
/* // /*
Doing this so the test can be automated. // Doing this so the test can be automated.
*/ // */
*(content->secret_key_passphrase.passphrase)=ops_malloc_passphrase("hello"); // *(content->secret_key_passphrase.passphrase)=ops_malloc_passphrase("hello");
return OPS_KEEP_MEMORY; // return OPS_KEEP_MEMORY;
break; // break;
//
default: // default:
break; // break;
} // }
//
return OPS_RELEASE_MEMORY; // return OPS_RELEASE_MEMORY;
} // }
bool PGPHandler::GeneratePGPCertificate(const std::string& name, const std::string& email, const std::string& passwd, PGPIdType& pgpId, std::string& errString) bool PGPHandler::GeneratePGPCertificate(const std::string& name, const std::string& email, const std::string& passwd, PGPIdType& pgpId, std::string& errString)
{ {
@ -167,15 +194,40 @@ bool PGPHandler::GeneratePGPCertificate(const std::string& name, const std::stri
if(!key) if(!key)
return false ; return false ;
pgpId = PGPIdType(key->key_id) ; // 1 - get a passphrase for encrypting.
std::string passphrase = _passphrase_callback("Please enter passwd for encrypting your key : ") ;
// Now output the pubkey to a string. // 2 - save the private key encrypted to a temporary memory buffer
//
std::string akey = makeRadixEncodedPGPKey(key) ;
std::cerr << "key: " << std::endl; ops_create_info_t *cinfo = NULL ;
std::cerr << akey << std::endl; ops_memory_t *buf = NULL ;
ops_keydata_free(key) ; ops_setup_memory_write(&cinfo, &buf, 0);
ops_write_transferable_secret_key(key,(unsigned char *)passphrase.c_str(),passphrase.length(),ops_false,cinfo);
// 3 - read the file into a keyring
ops_keyring_t *tmp_keyring = allocateOPSKeyring() ;
if(! ops_keyring_read_from_mem(tmp_keyring, ops_false, buf))
{
std::cerr << "Cannot re-read key from memory!!" << std::endl;
return false ;
}
ops_teardown_memory_write(cinfo,buf); // cleanup memory
// 4 - copy the private key to the private keyring
pgpId = PGPIdType(tmp_keyring->keys[0].key_id) ;
addNewKeyToOPSKeyring(_secring,tmp_keyring->keys[0]) ;
_secret_keyring_map[ pgpId.toUInt64() ] = _secring->nkeys-1 ;
std::cerr << "Added new secret key with id " << pgpId.toStdString() << " to secret keyring." << std::endl;
// We should store it in the keyring.
ops_keyring_free(tmp_keyring) ;
free(tmp_keyring) ;
return true ; return true ;
} }
@ -183,10 +235,9 @@ bool PGPHandler::GeneratePGPCertificate(const std::string& name, const std::stri
std::string PGPHandler::makeRadixEncodedPGPKey(const ops_keydata_t *key) std::string PGPHandler::makeRadixEncodedPGPKey(const ops_keydata_t *key)
{ {
ops_boolean_t armoured=ops_true; ops_boolean_t armoured=ops_true;
ops_boolean_t overwrite=ops_true;
ops_create_info_t* cinfo; ops_create_info_t* cinfo;
ops_memory_t *buf = NULL ;//(ops_memory_t*)ops_mallocz(1000) ; ops_memory_t *buf = NULL ;
ops_setup_memory_write(&cinfo, &buf, 0); ops_setup_memory_write(&cinfo, &buf, 0);
ops_write_transferable_public_key(key,armoured,cinfo); ops_write_transferable_public_key(key,armoured,cinfo);
@ -199,9 +250,28 @@ std::string PGPHandler::makeRadixEncodedPGPKey(const ops_keydata_t *key)
return akey ; return akey ;
} }
const ops_keydata_t *PGPHandler::getSecretKey(const PGPIdType& id) const
{
std::map<uint64_t,uint32_t>::const_iterator res = _secret_keyring_map.find(id.toUInt64()) ;
if(res == _secret_keyring_map.end())
return NULL ;
else
return ops_keyring_get_key_by_index(_secring,res->second) ;
}
const ops_keydata_t *PGPHandler::getPublicKey(const PGPIdType& id) const
{
std::map<uint64_t,uint32_t>::const_iterator res = _public_keyring_map.find(id.toUInt64()) ;
if(res == _public_keyring_map.end())
return NULL ;
else
return ops_keyring_get_key_by_index(_pubring,res->second) ;
}
std::string PGPHandler::SaveCertificateToString(const PGPIdType& id,bool include_signatures) std::string PGPHandler::SaveCertificateToString(const PGPIdType& id,bool include_signatures)
{ {
const ops_keydata_t *key = ops_keyring_find_key_by_id(_pubring,id.toByteArray()); const ops_keydata_t *key = getPublicKey(id) ;
if(key == NULL) if(key == NULL)
{ {
@ -212,3 +282,86 @@ std::string PGPHandler::SaveCertificateToString(const PGPIdType& id,bool include
return makeRadixEncodedPGPKey(key) ; return makeRadixEncodedPGPKey(key) ;
} }
void PGPHandler::addNewKeyToOPSKeyring(ops_keyring_t *kr,const ops_keydata_t& key)
{
kr->keys = (ops_keydata_t*)realloc(kr->keys,(kr->nkeys+1)*sizeof(ops_keydata_t)) ;
memset(&kr->keys[kr->nkeys],0,sizeof(ops_keydata_t)) ;
ops_keydata_copy(&kr->keys[kr->nkeys],&key) ;
kr->nkeys++ ;
}
bool PGPHandler::LoadCertificateFromString(const std::string& pgp_cert,PGPIdType& id,std::string& error_string)
{
ops_keyring_t *tmp_keyring = allocateOPSKeyring();
ops_memory_t *mem = ops_memory_new() ;
ops_memory_add(mem,(unsigned char *)pgp_cert.c_str(),pgp_cert.length()) ;
if(!ops_keyring_read_from_mem(tmp_keyring,ops_true,mem))
{
ops_keyring_free(tmp_keyring) ;
ops_memory_release(mem) ;
std::cerr << "Could not read key. Format error?" << std::endl;
error_string = std::string("Could not read key. Format error?") ;
return false ;
}
ops_memory_release(mem) ;
error_string.clear() ;
std::cerr << "Key read correctly: " << std::endl;
ops_keyring_list(tmp_keyring) ;
const ops_keydata_t *keydata = NULL ;
int i=0 ;
while( (keydata = ops_keyring_get_key_by_index(tmp_keyring,i++)) != NULL )
{
id = PGPIdType(keydata->key_id) ;
addNewKeyToOPSKeyring(_pubring,*keydata) ;
_public_keyring_map[id.toUInt64()] = _pubring->nkeys-1 ;
}
std::cerr << "Added the key in the main public keyring." << std::endl;
ops_keyring_free(tmp_keyring) ;
return true ;
}
bool PGPHandler::SignDataBin(const PGPIdType& id,const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen)
{
// need to find the key and to decrypt it.
const ops_keydata_t *key = getSecretKey(id) ;
if(!key)
{
std::cerr << "Cannot sign: no secret key with id " << id.toStdString() << std::endl;
return false ;
}
std::string passphrase = _passphrase_callback("Please enter passwd:") ;
ops_secret_key_t *secret_key = ops_decrypt_secret_key_from_data(key,passphrase.c_str()) ;
if(!secret_key)
{
std::cerr << "Key decryption went wrong. Wrong passwd?" << std::endl;
return false ;
}
// then do the signature.
ops_memory_t *memres = ops_sign_buf(data,len,(ops_sig_type_t)0x10,secret_key,ops_false) ;
if(!memres)
return false ;
uint32_t tlen = std::min(*signlen,(uint32_t)ops_memory_get_length(memres)) ;
memcpy(sign,ops_memory_get_data(memres),tlen) ;
*signlen = tlen ;
return true ;
}

View File

@ -3,6 +3,7 @@
#include <stdint.h> #include <stdint.h>
#include <string> #include <string>
#include <list> #include <list>
#include <map>
#include <util/rsthreads.h> #include <util/rsthreads.h>
extern "C" { extern "C" {
@ -11,6 +12,8 @@ extern "C" {
#include <openpgpsdk/keyring_local.h> #include <openpgpsdk/keyring_local.h>
} }
typedef std::string (*PassphraseCallback)(const std::string& display_msg) ;
class PGPIdType class PGPIdType
{ {
public: public:
@ -31,7 +34,7 @@ class PGPIdType
class PGPHandler class PGPHandler
{ {
public: public:
PGPHandler(const std::string& path_to_public_keyring, const std::string& path_to_secret_keyring) ; PGPHandler(const std::string& path_to_public_keyring, const std::string& path_to_secret_keyring,PassphraseCallback cb) ;
virtual ~PGPHandler() ; virtual ~PGPHandler() ;
@ -47,20 +50,31 @@ class PGPHandler
bool TrustCertificate(const PGPIdType& id, int trustlvl); bool TrustCertificate(const PGPIdType& id, int trustlvl);
virtual bool SignDataBin(const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen) { return false ; } bool SignDataBin(const PGPIdType& id,const void *data, const uint32_t len, unsigned char *sign, unsigned int *signlen) ;
virtual bool VerifySignBin(const void*, uint32_t, unsigned char*, unsigned int, const std::string &withfingerprint) { return false ; } bool VerifySignBin(const void*, uint32_t, unsigned char*, unsigned int, const std::string &withfingerprint) { return false ; }
// Debug stuff. // Debug stuff.
virtual void printKeys() const ; virtual void printKeys() const ;
private: private:
static std::string makeRadixEncodedPGPKey(const ops_keydata_t *key) ; static std::string makeRadixEncodedPGPKey(const ops_keydata_t *key) ;
static ops_keyring_t *allocateOPSKeyring() ;
static void addNewKeyToOPSKeyring(ops_keyring_t*, const ops_keydata_t&) ;
const ops_keydata_t *getPublicKey(const PGPIdType&) const ;
const ops_keydata_t *getSecretKey(const PGPIdType&) const ;
RsMutex pgphandlerMtx ; RsMutex pgphandlerMtx ;
ops_keyring_t *_pubring ; ops_keyring_t *_pubring ;
ops_keyring_t *_secring ; ops_keyring_t *_secring ;
std::map<uint64_t,uint32_t> _public_keyring_map ; // used for fast access to keys. Gives the index in the keyring.
std::map<uint64_t,uint32_t> _secret_keyring_map ;
const std::string _pubring_path ; const std::string _pubring_path ;
const std::string _secring_path ; const std::string _secring_path ;
PassphraseCallback _passphrase_callback ;
}; };

View File

@ -3,6 +3,11 @@
#include <iostream> #include <iostream>
#include "pgphandler.h" #include "pgphandler.h"
static std::string passphrase_callback(const std::string& what)
{
return std::string(getpass(what.c_str())) ;
}
int main(int argc,char *argv[]) int main(int argc,char *argv[])
{ {
// test pgp ids. // test pgp ids.
@ -19,7 +24,7 @@ int main(int argc,char *argv[])
static const std::string pubring = "pubring.gpg" ; static const std::string pubring = "pubring.gpg" ;
static const std::string secring = "secring.gpg" ; static const std::string secring = "secring.gpg" ;
PGPHandler pgph(pubring,secring) ; PGPHandler pgph(pubring,secring,&passphrase_callback) ;
pgph.printKeys() ; pgph.printKeys() ;
std::cerr << std::endl ; std::cerr << std::endl ;
@ -50,11 +55,36 @@ int main(int argc,char *argv[])
else else
std::cerr << "Certificate generation success. New id = " << newid.toStdString() << std::endl; std::cerr << "Certificate generation success. New id = " << newid.toStdString() << std::endl;
PGPIdType id2(std::string("EFD19E9DC737CA98")) ; PGPIdType id2(std::string("618E54CF7670FF5E")) ;
std::cerr << "Now extracting key " << id2.toStdString() << " from keyring:" << std::endl ; std::cerr << "Now extracting key " << id2.toStdString() << " from keyring:" << std::endl ;
std::string cert = pgph.SaveCertificateToString(id2,false) ; std::string cert = pgph.SaveCertificateToString(id2,false) ;
std::cerr << "Now, trying to re-read this cert from the string:" << std::endl;
PGPIdType id3 ;
std::string error_string ;
pgph.LoadCertificateFromString(cert,id3,error_string) ;
std::cerr << "Loaded cert id: " << id3.toStdString() << ", Error string=\"" << error_string << "\"" << std::endl;
std::cerr << cert << std::endl; std::cerr << cert << std::endl;
std::cerr << "Testing password callback: " << std::endl;
std::string pass = passphrase_callback("Please enter password: ") ;
std::cerr << "Password = \"" << pass << "\"" << std::endl;
std::cerr << "Testing signature with keypair " << newid.toStdString() << std::endl;
char test_bin[14] = "34f4fhuif3489" ;
unsigned char sign[100] ;
uint32_t signlen = 100 ;
if(!pgph.SignDataBin(newid,test_bin,13,sign,&signlen))
std::cerr << "Signature error." << std::endl;
else
std::cerr << "Signature success." << std::endl;
return 0 ; return 0 ;
} }

View File

@ -48,6 +48,7 @@ const ops_keydata_t *
ops_keyring_find_key_by_userid(const ops_keyring_t *keyring, ops_keyring_find_key_by_userid(const ops_keyring_t *keyring,
const char* userid); const char* userid);
void ops_keydata_free(ops_keydata_t *key); void ops_keydata_free(ops_keydata_t *key);
void ops_keydata_copy(ops_keydata_t *dst,const ops_keydata_t *src);
void ops_keyring_free(ops_keyring_t *keyring); void ops_keyring_free(ops_keyring_t *keyring);
void ops_dump_keyring(const ops_keyring_t *keyring); void ops_dump_keyring(const ops_keyring_t *keyring);
const ops_public_key_t * const ops_public_key_t *

View File

@ -912,6 +912,7 @@ void ops_keyid(unsigned char keyid[OPS_KEY_ID_SIZE],
const ops_public_key_t *key); const ops_public_key_t *key);
void ops_fingerprint(ops_fingerprint_t *fp,const ops_public_key_t *key); void ops_fingerprint(ops_fingerprint_t *fp,const ops_public_key_t *key);
void ops_public_key_free(ops_public_key_t *key); void ops_public_key_free(ops_public_key_t *key);
void ops_public_key_copy(ops_public_key_t *dst,const ops_public_key_t *src);
void ops_user_id_free(ops_user_id_t *id); void ops_user_id_free(ops_user_id_t *id);
void ops_user_attribute_free(ops_user_attribute_t *att); void ops_user_attribute_free(ops_user_attribute_t *att);
void ops_signature_free(ops_signature_t *sig); void ops_signature_free(ops_signature_t *sig);
@ -935,6 +936,7 @@ void ops_ss_embedded_signature_free(ops_ss_embedded_signature_t *ss_embedded_sig
void ops_packet_free(ops_packet_t *packet); void ops_packet_free(ops_packet_t *packet);
void ops_parser_content_free(ops_parser_content_t *c); void ops_parser_content_free(ops_parser_content_t *c);
void ops_secret_key_free(ops_secret_key_t *key); void ops_secret_key_free(ops_secret_key_t *key);
void ops_secret_key_copy(ops_secret_key_t *dst,const ops_secret_key_t *src);
void ops_pk_session_key_free(ops_pk_session_key_t *sk); void ops_pk_session_key_free(ops_pk_session_key_t *sk);
/* vim:set textwidth=120: */ /* vim:set textwidth=120: */

View File

@ -55,6 +55,10 @@ typedef unsigned ops_boolean_t;
* \see RFC4880 5.2.3.1 * \see RFC4880 5.2.3.1
*/ */
#ifndef __cplusplus
typedef enum ops_content_tag_t ops_content_tag_t ;
#endif
enum ops_content_tag_t enum ops_content_tag_t
{ {
OPS_PTAG_CT_RESERVED = 0, /*!< Reserved - a packet tag must not have this value */ OPS_PTAG_CT_RESERVED = 0, /*!< Reserved - a packet tag must not have this value */

View File

@ -26,7 +26,7 @@
#include <openpgpsdk/packet-parse.h> #include <openpgpsdk/packet-parse.h>
#include <openpgpsdk/util.h> #include <openpgpsdk/util.h>
#include <openpgpsdk/accumulate.h> #include <openpgpsdk/accumulate.h>
#include "keyring_local.h" #include <openpgpsdk/keyring_local.h>
#include "parse_local.h" #include "parse_local.h"
#include <openpgpsdk/signature.h> #include <openpgpsdk/signature.h>
#include <assert.h> #include <assert.h>

View File

@ -127,6 +127,7 @@ static unsigned public_key_length(const ops_public_key_t *key)
return mpi_length(key->key.rsa.n)+mpi_length(key->key.rsa.e); return mpi_length(key->key.rsa.n)+mpi_length(key->key.rsa.e);
default: default:
fprintf(stderr,"Bad algorithm type in key: %d\n",key->algorithm) ;
assert(!"unknown key algorithm"); assert(!"unknown key algorithm");
} }
/* not reached */ /* not reached */

View File

@ -94,6 +94,98 @@ void ops_keydata_free(ops_keydata_t *keydata)
free(keydata); free(keydata);
} }
// \todo check where userid pointers are copied
/**
\ingroup Core_Keys
\brief Copy user id, including contents
\param dst Destination User ID
\param src Source User ID
\note If dst already has a user_id, it will be freed.
*/
void ops_copy_userid(ops_user_id_t* dst, const ops_user_id_t* src)
{
int len=strlen((char *)src->user_id);
if (dst->user_id)
free(dst->user_id);
dst->user_id=ops_mallocz(len+1);
memcpy(dst->user_id, src->user_id, len);
}
// \todo check where pkt pointers are copied
/**
\ingroup Core_Keys
\brief Copy packet, including contents
\param dst Destination packet
\param src Source packet
\note If dst already has a packet, it will be freed.
*/
void ops_copy_packet(ops_packet_t* dst, const ops_packet_t* src)
{
if (dst->raw)
free(dst->raw);
dst->raw=ops_mallocz(src->length);
dst->length=src->length;
memcpy(dst->raw, src->raw, src->length);
}
/**
\ingroup Core_Keys
\brief Copies entire key data
\param dst Destination key where to copy
\param src Source key to copy
*/
void ops_keydata_copy(ops_keydata_t *dst,const ops_keydata_t *src)
{
unsigned n;
memset(dst,0,sizeof(ops_keydata_t)) ;
dst->uids = (ops_user_id_t*)ops_mallocz(src->nuids * sizeof(ops_user_id_t)) ;
dst->nuids = src->nuids ;
for(n=0 ; n < src->nuids ; ++n)
ops_copy_userid(&dst->uids[n],&src->uids[n]) ;
dst->packets = (ops_packet_t*)ops_mallocz(src->npackets * sizeof(ops_packet_t)) ;
dst->npackets = src->npackets ;
for(n=0 ; n < src->npackets ; ++n)
ops_copy_packet(&(dst->packets[n]),&(src->packets[n]));
dst->nsigs = src->nsigs ;
dst->sigs = (sigpacket_t*)ops_mallocz(src->nsigs * sizeof(sigpacket_t)) ;
for(n=0 ; n < src->nsigs ; ++n)
{
dst->sigs[n].userid = (ops_user_id_t*)ops_mallocz(sizeof(ops_user_id_t)) ;
dst->sigs[n].packet = (ops_packet_t*)ops_mallocz(sizeof(ops_packet_t)) ;
ops_copy_userid(dst->sigs[n].userid,src->sigs[n].userid) ;
ops_copy_packet(dst->sigs[n].packet,src->sigs[n].packet) ;
}
dst->key_id[0] = src->key_id[0] ;
dst->key_id[1] = src->key_id[1] ;
dst->key_id[2] = src->key_id[2] ;
dst->key_id[3] = src->key_id[3] ;
dst->key_id[4] = src->key_id[4] ;
dst->key_id[5] = src->key_id[5] ;
dst->key_id[6] = src->key_id[6] ;
dst->key_id[7] = src->key_id[7] ;
dst->type = src->type ;
dst->key = src->key ;
dst->fingerprint = src->fingerprint ;
if(src->type == OPS_PTAG_CT_PUBLIC_KEY)
ops_public_key_copy(&dst->key.pkey,&src->key.pkey);
else
ops_secret_key_copy(&dst->key.skey,&src->key.skey);
}
/** /**
\ingroup HighLevel_KeyGeneral \ingroup HighLevel_KeyGeneral
@ -361,42 +453,6 @@ const ops_keydata_t* ops_keyring_get_key_by_index(const ops_keyring_t *keyring,
return &keyring->keys[index]; return &keyring->keys[index];
} }
// \todo check where userid pointers are copied
/**
\ingroup Core_Keys
\brief Copy user id, including contents
\param dst Destination User ID
\param src Source User ID
\note If dst already has a user_id, it will be freed.
*/
void ops_copy_userid(ops_user_id_t* dst, const ops_user_id_t* src)
{
int len=strlen((char *)src->user_id);
if (dst->user_id)
free(dst->user_id);
dst->user_id=ops_mallocz(len+1);
memcpy(dst->user_id, src->user_id, len);
}
// \todo check where pkt pointers are copied
/**
\ingroup Core_Keys
\brief Copy packet, including contents
\param dst Destination packet
\param src Source packet
\note If dst already has a packet, it will be freed.
*/
void ops_copy_packet(ops_packet_t* dst, const ops_packet_t* src)
{
if (dst->raw)
free(dst->raw);
dst->raw=ops_mallocz(src->length);
dst->length=src->length;
memcpy(dst->raw, src->raw, src->length);
}
/** /**
\ingroup Core_Keys \ingroup Core_Keys
\brief Add User ID to keydata \brief Add User ID to keydata

View File

@ -999,6 +999,41 @@ void ops_public_key_free(ops_public_key_t *p)
} }
} }
void ops_public_key_copy(ops_public_key_t *dst,const ops_public_key_t *src)
{
*dst = *src ;
switch(src->algorithm)
{
case OPS_PKA_RSA:
case OPS_PKA_RSA_ENCRYPT_ONLY:
case OPS_PKA_RSA_SIGN_ONLY:
dst->key.rsa.n = BN_dup(src->key.rsa.n);
dst->key.rsa.e = BN_dup(src->key.rsa.e);
break;
case OPS_PKA_DSA:
dst->key.dsa.p = BN_dup(src->key.dsa.p);
dst->key.dsa.q = BN_dup(src->key.dsa.q);
dst->key.dsa.g = BN_dup(src->key.dsa.g);
dst->key.dsa.y = BN_dup(src->key.dsa.y);
break;
case OPS_PKA_ELGAMAL:
case OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN:
dst->key.elgamal.p = BN_dup(src->key.elgamal.p);
dst->key.elgamal.g = BN_dup(src->key.elgamal.g);
dst->key.elgamal.y = BN_dup(src->key.elgamal.y);
break;
//case 0:
// nothing to free
// break;
default:
assert(0);
}
}
/** /**
\ingroup Core_ReadPackets \ingroup Core_ReadPackets
*/ */
@ -1573,9 +1608,9 @@ static int parse_one_signature_subpacket(ops_signature_t *sig,
case OPS_PTAG_SS_REVOCATION_KEY: case OPS_PTAG_SS_REVOCATION_KEY:
/* octet 0 = class. Bit 0x80 must be set */ /* octet 0 = class. Bit 0x80 must be set */
if(!limited_read (&C.ss_revocation_key.class,1,&subregion,pinfo)) if(!limited_read (&C.ss_revocation_key.cclass,1,&subregion,pinfo))
return 0; return 0;
if(!(C.ss_revocation_key.class&0x80)) if(!(C.ss_revocation_key.cclass&0x80))
{ {
printf("Warning: OPS_PTAG_SS_REVOCATION_KEY class: " printf("Warning: OPS_PTAG_SS_REVOCATION_KEY class: "
"Bit 0x80 should be set\n"); "Bit 0x80 should be set\n");
@ -2124,6 +2159,31 @@ void ops_secret_key_free(ops_secret_key_t *key)
ops_public_key_free(&key->public_key); ops_public_key_free(&key->public_key);
} }
void ops_secret_key_copy(ops_secret_key_t *dst,const ops_secret_key_t *src)
{
*dst = *src ;
ops_public_key_copy(&dst->public_key,&src->public_key);
switch(src->public_key.algorithm)
{
case OPS_PKA_RSA:
case OPS_PKA_RSA_ENCRYPT_ONLY:
case OPS_PKA_RSA_SIGN_ONLY:
dst->key.rsa.d = BN_dup(src->key.rsa.d) ;
dst->key.rsa.p = BN_dup(src->key.rsa.p) ;
dst->key.rsa.q = BN_dup(src->key.rsa.q) ;
dst->key.rsa.u = BN_dup(src->key.rsa.u) ;
break;
case OPS_PKA_DSA:
dst->key.dsa.x = BN_dup(src->key.dsa.x) ;
break;
default:
fprintf(stderr,"ops_secret_key_copy: Unknown algorithm: %d (%s)\n",src->public_key.algorithm, ops_show_pka(src->public_key.algorithm));
//assert(0);
}
}
static int consume_packet(ops_region_t *region,ops_parse_info_t *pinfo, static int consume_packet(ops_region_t *region,ops_parse_info_t *pinfo,
ops_boolean_t warn) ops_boolean_t warn)
{ {

View File

@ -849,8 +849,8 @@ int ops_print_packet(const ops_parser_content_t *content_)
start_subpacket(content_->tag); start_subpacket(content_->tag);
/* not yet tested */ /* not yet tested */
printf (" revocation key: class=0x%x", printf (" revocation key: class=0x%x",
content->ss_revocation_key.class); content->ss_revocation_key.cclass);
if (content->ss_revocation_key.class&0x40) if (content->ss_revocation_key.cclass&0x40)
printf (" (sensitive)"); printf (" (sensitive)");
printf (", algid=0x%x", printf (", algid=0x%x",
content->ss_revocation_key.algid); content->ss_revocation_key.algid);

View File

@ -1,5 +1,5 @@
TEMPLATE = lib TEMPLATE = lib
CONFIG = staticlib CONFIG = staticlib debug
DEFINES *= OPENSSL_NO_IDEA DEFINES *= OPENSSL_NO_IDEA

View File

@ -261,7 +261,7 @@ typedef struct
unsigned pos; unsigned pos;
} linebreak_arg_t; } linebreak_arg_t;
#define BREAKPOS 76 #define BREAKPOS 64
static ops_boolean_t linebreak_writer(const unsigned char *src, static ops_boolean_t linebreak_writer(const unsigned char *src,
unsigned length, unsigned length,