1 /* 2 * Copyright (c) 2005-2008 Nominet UK (www.nic.uk) 3 * All rights reserved. 4 * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted 5 * their moral rights under the UK Copyright Design and Patents Act 1988 to 6 * be recorded as the authors of this copyright work. 7 * 8 * Licensed under the Apache License, Version 2.0 (the "License"); you may not 9 * use this file except in compliance with the License. 10 * 11 * You may obtain a copy of the License at 12 * http://www.apache.org/licenses/LICENSE-2.0 13 * 14 * Unless required by applicable law or agreed to in writing, software 15 * distributed under the License is distributed on an "AS IS" BASIS, 16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 17 * 18 * See the License for the specific language governing permissions and 19 * limitations under the License. 20 */ 21 22 /** \file 23 * \brief Parser for OpenPGP packets 24 */ 25 #include "config.h" 26 27 #ifdef HAVE_OPENSSL_CAST_H 28 #include <openssl/cast.h> 29 #endif 30 31 #include "packet.h" 32 #include "packet-parse.h" 33 #include "keyring.h" 34 #include "errors.h" 35 #include "packet-show.h" 36 #include "create.h" 37 38 #include "readerwriter.h" 39 #include "netpgpdefs.h" 40 #include "parse_local.h" 41 42 #ifdef HAVE_ASSERT_H 43 #include <assert.h> 44 #endif 45 46 #include <stdarg.h> 47 #include <stdlib.h> 48 #include <string.h> 49 50 #ifdef HAVE_UNISTD_H 51 #include <unistd.h> 52 #endif 53 54 #include <errno.h> 55 56 #ifdef HAVE_LIMITS_H 57 #include <limits.h> 58 #endif 59 60 #define ERRP(cbinfo, cont, err) do { \ 61 cont.u.error.error = err; \ 62 CALLBACK(cbinfo, OPS_PARSER_ERROR, &cont); \ 63 return false; \ 64 /*NOTREACHED*/ \ 65 } while(/*CONSTCOND*/0) 66 67 /** 68 * limited_read_data reads the specified amount of the subregion's data 69 * into a data_t structure 70 * 71 * \param data Empty structure which will be filled with data 72 * \param len Number of octets to read 73 * \param subregion 74 * \param pinfo How to parse 75 * 76 * \return 1 on success, 0 on failure 77 */ 78 static int 79 limited_read_data(__ops_data_t * data, unsigned int len, 80 __ops_region_t * subregion, __ops_parse_info_t * pinfo) 81 { 82 data->len = len; 83 84 assert(subregion->length - subregion->length_read >= len); 85 86 data->contents = calloc(1, data->len); 87 if (!data->contents) 88 return 0; 89 90 if (!__ops_limited_read(data->contents, data->len, subregion, &pinfo->errors, 91 &pinfo->rinfo, &pinfo->cbinfo)) 92 return 0; 93 94 return 1; 95 } 96 97 /** 98 * read_data reads the remainder of the subregion's data 99 * into a data_t structure 100 * 101 * \param data 102 * \param subregion 103 * \param pinfo 104 * 105 * \return 1 on success, 0 on failure 106 */ 107 static int 108 read_data(__ops_data_t * data, __ops_region_t * subregion, 109 __ops_parse_info_t * pinfo) 110 { 111 int len; 112 113 len = subregion->length - subregion->length_read; 114 115 if (len >= 0) { 116 return (limited_read_data(data, (unsigned)len, subregion, pinfo)); 117 } 118 return 0; 119 } 120 121 /** 122 * Reads the remainder of the subregion as a string. 123 * It is the user's responsibility to free the memory allocated here. 124 */ 125 126 static int 127 read_unsigned_string(unsigned char **str, __ops_region_t * subregion, 128 __ops_parse_info_t * pinfo) 129 { 130 size_t len = 0; 131 132 len = subregion->length - subregion->length_read; 133 134 *str = calloc(1, len + 1); 135 if (!(*str)) 136 return 0; 137 138 if (len && !__ops_limited_read(*str, len, subregion, &pinfo->errors, 139 &pinfo->rinfo, &pinfo->cbinfo)) 140 return 0; 141 142 /* ! ensure the string is NULL-terminated */ 143 144 (*str)[len] = '\0'; 145 146 return 1; 147 } 148 149 static int 150 read_string(char **str, __ops_region_t * subregion, __ops_parse_info_t * pinfo) 151 { 152 return (read_unsigned_string((unsigned char **) str, subregion, pinfo)); 153 } 154 155 void 156 __ops_init_subregion(__ops_region_t * subregion, __ops_region_t * region) 157 { 158 (void) memset(subregion, 0x0, sizeof(*subregion)); 159 subregion->parent = region; 160 } 161 162 /* 163 * XXX: replace __ops_ptag_t with something more appropriate for limiting reads 164 */ 165 166 /** 167 * low-level function to read data from reader function 168 * 169 * Use this function, rather than calling the reader directly. 170 * 171 * If the accumulate flag is set in *pinfo, the function 172 * adds the read data to the accumulated data, and updates 173 * the accumulated length. This is useful if, for example, 174 * the application wants access to the raw data as well as the 175 * parsed data. 176 * 177 * This function will also try to read the entire amount asked for, but not 178 * if it is over INT_MAX. Obviously many callers will know that they 179 * never ask for that much and so can avoid the extra complexity of 180 * dealing with return codes and filled-in lengths. 181 * 182 * \param *dest 183 * \param *plength 184 * \param flags 185 * \param *pinfo 186 * 187 * \return OPS_R_OK 188 * \return OPS_R_PARTIAL_READ 189 * \return OPS_R_EOF 190 * \return OPS_R_EARLY_EOF 191 * 192 * \sa #__ops_reader_ret_t for details of return codes 193 */ 194 195 static int 196 sub_base_read(void *dest, size_t length, __ops_error_t ** errors, 197 __ops_reader_info_t * rinfo, __ops_parse_cb_info_t * cbinfo) 198 { 199 size_t n; 200 201 /* reading more than this would look like an error */ 202 if (length > INT_MAX) 203 length = INT_MAX; 204 205 for (n = 0; n < length;) { 206 int r = rinfo->reader((char *) dest + n, length - n, errors, rinfo, cbinfo); 207 208 assert(r <= (int) (length - n)); 209 210 /* 211 * XXX: should we save the error and return what was read so 212 * far? 213 */ 214 if (r < 0) 215 return r; 216 217 if (r == 0) 218 break; 219 220 n += r; 221 } 222 223 if (n == 0) 224 return 0; 225 226 if (rinfo->accumulate) { 227 assert(rinfo->asize >= rinfo->alength); 228 if (rinfo->alength + n > rinfo->asize) { 229 rinfo->asize = rinfo->asize * 2 + n; 230 rinfo->accumulated = realloc(rinfo->accumulated, rinfo->asize); 231 } 232 assert(rinfo->asize >= rinfo->alength + n); 233 (void) memcpy(rinfo->accumulated + rinfo->alength, dest, n); 234 } 235 /* we track length anyway, because it is used for packet offsets */ 236 rinfo->alength += n; 237 /* and also the position */ 238 rinfo->position += n; 239 240 return n; 241 } 242 243 int 244 __ops_stacked_read(void *dest, size_t length, __ops_error_t ** errors, 245 __ops_reader_info_t * rinfo, __ops_parse_cb_info_t * cbinfo) 246 { 247 return sub_base_read(dest, length, errors, rinfo->next, cbinfo); 248 } 249 250 /* This will do a full read so long as length < MAX_INT */ 251 static int 252 base_read(unsigned char *dest, size_t length, 253 __ops_parse_info_t * pinfo) 254 { 255 return sub_base_read(dest, length, &pinfo->errors, &pinfo->rinfo, 256 &pinfo->cbinfo); 257 } 258 259 /* 260 * Read a full size_t's worth. If the return is < than length, then 261 * *last_read tells you why - < 0 for an error, == 0 for EOF 262 */ 263 264 static size_t 265 full_read(unsigned char *dest, size_t length, int *last_read, 266 __ops_error_t ** errors, __ops_reader_info_t * rinfo, 267 __ops_parse_cb_info_t * cbinfo) 268 { 269 size_t t; 270 int r = 0; /* preset in case some loon calls with length 271 * == 0 */ 272 273 for (t = 0; t < length;) { 274 r = sub_base_read(dest + t, length - t, errors, rinfo, cbinfo); 275 276 if (r <= 0) { 277 *last_read = r; 278 return t; 279 } 280 t += r; 281 } 282 283 *last_read = r; 284 285 return t; 286 } 287 288 289 290 /** Read a scalar value of selected length from reader. 291 * 292 * Read an unsigned scalar value from reader in Big Endian representation. 293 * 294 * This function does not know or care about packet boundaries. It 295 * also assumes that an EOF is an error. 296 * 297 * \param *result The scalar value is stored here 298 * \param *reader Our reader 299 * \param length How many bytes to read 300 * \return true on success, false on failure 301 */ 302 static bool 303 _read_scalar(unsigned *result, unsigned length, 304 __ops_parse_info_t * pinfo) 305 { 306 unsigned t = 0; 307 308 assert(length <= sizeof(*result)); 309 310 while (length--) { 311 unsigned char c[1]; 312 int r; 313 314 r = base_read(c, 1, pinfo); 315 if (r != 1) 316 return false; 317 t = (t << 8) + c[0]; 318 } 319 320 *result = t; 321 return true; 322 } 323 324 /** 325 * \ingroup Core_ReadPackets 326 * \brief Read bytes from a region within the packet. 327 * 328 * Read length bytes into the buffer pointed to by *dest. 329 * Make sure we do not read over the packet boundary. 330 * Updates the Packet Tag's __ops_ptag_t::length_read. 331 * 332 * If length would make us read over the packet boundary, or if 333 * reading fails, we call the callback with an error. 334 * 335 * Note that if the region is indeterminate, this can return a short 336 * read - check region->last_read for the length. EOF is indicated by 337 * a success return and region->last_read == 0 in this case (for a 338 * region of known length, EOF is an error). 339 * 340 * This function makes sure to respect packet boundaries. 341 * 342 * \param dest The destination buffer 343 * \param length How many bytes to read 344 * \param region Pointer to packet region 345 * \param errors Error stack 346 * \param rinfo Reader info 347 * \param cbinfo Callback info 348 * \return true on success, false on error 349 */ 350 bool 351 __ops_limited_read(unsigned char *dest, size_t length, 352 __ops_region_t * region, __ops_error_t ** errors, 353 __ops_reader_info_t * rinfo, 354 __ops_parse_cb_info_t * cbinfo) 355 { 356 size_t r; 357 int lr; 358 359 if (!region->indeterminate && region->length_read + length > region->length) { 360 OPS_ERROR(errors, OPS_E_P_NOT_ENOUGH_DATA, "Not enough data"); 361 return false; 362 } 363 r = full_read(dest, length, &lr, errors, rinfo, cbinfo); 364 365 if (lr < 0) { 366 OPS_ERROR(errors, OPS_E_R_READ_FAILED, "Read failed"); 367 return false; 368 } 369 if (!region->indeterminate && r != length) { 370 OPS_ERROR(errors, OPS_E_R_READ_FAILED, "Read failed"); 371 return false; 372 } 373 region->last_read = r; 374 do { 375 region->length_read += r; 376 assert(!region->parent || region->length <= region->parent->length); 377 } while ((region = region->parent) != NULL); 378 return true; 379 } 380 381 /** 382 \ingroup Core_ReadPackets 383 \brief Call __ops_limited_read on next in stack 384 */ 385 bool 386 __ops_stacked_limited_read(unsigned char *dest, unsigned length, 387 __ops_region_t * region, 388 __ops_error_t ** errors, 389 __ops_reader_info_t * rinfo, 390 __ops_parse_cb_info_t * cbinfo) 391 { 392 return __ops_limited_read(dest, length, region, errors, rinfo->next, cbinfo); 393 } 394 395 static bool 396 limited_read(unsigned char *dest, unsigned length, 397 __ops_region_t * region, __ops_parse_info_t * info) 398 { 399 return __ops_limited_read(dest, length, region, &info->errors, 400 &info->rinfo, &info->cbinfo); 401 } 402 403 static bool 404 exact_limited_read(unsigned char *dest, unsigned length, 405 __ops_region_t * region, 406 __ops_parse_info_t * pinfo) 407 { 408 bool ret; 409 410 pinfo->exact_read = true; 411 ret = limited_read(dest, length, region, pinfo); 412 pinfo->exact_read = false; 413 414 return ret; 415 } 416 417 /** Skip over length bytes of this packet. 418 * 419 * Calls limited_read() to skip over some data. 420 * 421 * This function makes sure to respect packet boundaries. 422 * 423 * \param length How many bytes to skip 424 * \param *region Pointer to packet region 425 * \param *pinfo How to parse 426 * \return 1 on success, 0 on error (calls the cb with OPS_PARSER_ERROR in limited_read()). 427 */ 428 static int 429 limited_skip(unsigned length, __ops_region_t * region, 430 __ops_parse_info_t * pinfo) 431 { 432 unsigned char buf[NETPGP_BUFSIZ]; 433 434 while (length) { 435 unsigned n = length % NETPGP_BUFSIZ; 436 437 if (!limited_read(buf, n, region, pinfo)) 438 return 0; 439 length -= n; 440 } 441 return 1; 442 } 443 444 /** Read a scalar. 445 * 446 * Read a big-endian scalar of length bytes, respecting packet 447 * boundaries (by calling limited_read() to read the raw data). 448 * 449 * This function makes sure to respect packet boundaries. 450 * 451 * \param *dest The scalar value is stored here 452 * \param length How many bytes make up this scalar (at most 4) 453 * \param *region Pointer to current packet region 454 * \param *pinfo How to parse 455 * \param *cb The callback 456 * \return 1 on success, 0 on error (calls the cb with OPS_PARSER_ERROR in limited_read()). 457 * 458 * \see RFC4880 3.1 459 */ 460 static int 461 limited_read_scalar(unsigned *dest, unsigned length, 462 __ops_region_t * region, 463 __ops_parse_info_t * pinfo) 464 { 465 unsigned char c[4] = ""; 466 unsigned t; 467 unsigned n; 468 469 assert(length <= 4); 470 assert(/*CONSTCOND*/sizeof(*dest) >= 4); 471 if (!limited_read(c, length, region, pinfo)) 472 return 0; 473 474 for (t = 0, n = 0; n < length; ++n) 475 t = (t << 8) + c[n]; 476 *dest = t; 477 478 return 1; 479 } 480 481 /** Read a scalar. 482 * 483 * Read a big-endian scalar of length bytes, respecting packet 484 * boundaries (by calling limited_read() to read the raw data). 485 * 486 * The value read is stored in a size_t, which is a different size 487 * from an unsigned on some platforms. 488 * 489 * This function makes sure to respect packet boundaries. 490 * 491 * \param *dest The scalar value is stored here 492 * \param length How many bytes make up this scalar (at most 4) 493 * \param *region Pointer to current packet region 494 * \param *pinfo How to parse 495 * \param *cb The callback 496 * \return 1 on success, 0 on error (calls the cb with OPS_PARSER_ERROR in limited_read()). 497 * 498 * \see RFC4880 3.1 499 */ 500 static int 501 limited_read_size_t_scalar(size_t * dest, unsigned length, 502 __ops_region_t * region, 503 __ops_parse_info_t * pinfo) 504 { 505 unsigned tmp; 506 507 /* 508 * Note that because the scalar is at most 4 bytes, we don't care if 509 * size_t is bigger than usigned 510 */ 511 if (!limited_read_scalar(&tmp, length, region, pinfo)) 512 return 0; 513 514 *dest = tmp; 515 return 1; 516 } 517 518 /** Read a timestamp. 519 * 520 * Timestamps in OpenPGP are unix time, i.e. seconds since The Epoch (1.1.1970). They are stored in an unsigned scalar 521 * of 4 bytes. 522 * 523 * This function reads the timestamp using limited_read_scalar(). 524 * 525 * This function makes sure to respect packet boundaries. 526 * 527 * \param *dest The timestamp is stored here 528 * \param *ptag Pointer to current packet's Packet Tag. 529 * \param *reader Our reader 530 * \param *cb The callback 531 * \return see limited_read_scalar() 532 * 533 * \see RFC4880 3.5 534 */ 535 static int 536 limited_read_time(time_t *dest, __ops_region_t * region, 537 __ops_parse_info_t * pinfo) 538 { 539 unsigned char c[1]; 540 time_t mytime = 0; 541 int i = 0; 542 543 /* 544 * Cannot assume that time_t is 4 octets long - 545 * SunOS 5.10 and NetBSD both have 64-bit time_ts. 546 */ 547 if (/* CONSTCOND */sizeof(time_t) == 4) { 548 return limited_read_scalar((unsigned *)(void *)dest, 4, region, pinfo); 549 } 550 for (i = 0; i < 4; i++) { 551 if (!limited_read(c, 1, region, pinfo)) 552 return 0; 553 mytime = (mytime << 8) + c[0]; 554 } 555 *dest = mytime; 556 return 1; 557 } 558 559 /** 560 * \ingroup Core_MPI 561 * Read a multiprecision integer. 562 * 563 * Large numbers (multiprecision integers, MPI) are stored in OpenPGP in two parts. First there is a 2 byte scalar 564 * indicating the length of the following MPI in Bits. Then follow the bits that make up the actual number, most 565 * significant bits first (Big Endian). The most significant bit in the MPI is supposed to be 1 (unless the MPI is 566 * encrypted - then it may be different as the bit count refers to the plain text but the bits are encrypted). 567 * 568 * Unused bits (i.e. those filling up the most significant byte from the left to the first bits that counts) are 569 * supposed to be cleared - I guess. XXX - does anything actually say so? 570 * 571 * This function makes sure to respect packet boundaries. 572 * 573 * \param **pgn return the integer there - the BIGNUM is created by BN_bin2bn() and probably needs to be freed 574 * by the caller XXX right ben? 575 * \param *ptag Pointer to current packet's Packet Tag. 576 * \param *reader Our reader 577 * \param *cb The callback 578 * \return 1 on success, 0 on error (by limited_read_scalar() or limited_read() or if the MPI is not properly formed (XXX 579 * see comment below - the callback is called with a OPS_PARSER_ERROR in case of an error) 580 * 581 * \see RFC4880 3.2 582 */ 583 static int 584 limited_read_mpi(BIGNUM ** pbn, __ops_region_t * region, 585 __ops_parse_info_t * pinfo) 586 { 587 unsigned char buf[NETPGP_BUFSIZ] = ""; 588 /* an MPI has a 2 byte length part. 589 * Length is given in bits, so the 590 * largest we should ever need for 591 * the buffer is NETPGP_BUFSIZ bytes. */ 592 unsigned length; 593 unsigned nonzero; 594 bool ret; 595 596 pinfo->reading_mpi_length = true; 597 ret = limited_read_scalar(&length, 2, region, pinfo); 598 599 pinfo->reading_mpi_length = false; 600 if (!ret) 601 return 0; 602 603 nonzero = length & 7; /* there should be this many zero bits in the 604 * MS byte */ 605 if (!nonzero) 606 nonzero = 8; 607 length = (length + 7) / 8; 608 609 if (length == 0) { 610 /* if we try to read a length of 0, then fail */ 611 if (__ops_get_debug_level(__FILE__)) { 612 (void) fprintf(stderr, "limited_read_mpi: 0 length\n"); 613 } 614 return 0; 615 } 616 assert(length <= NETPGP_BUFSIZ); 617 if (!limited_read(buf, length, region, pinfo)) 618 return 0; 619 620 if (((unsigned)buf[0] >> nonzero) != 0 || 621 !((unsigned)buf[0] & (1U << (nonzero - 1U)))) { 622 OPS_ERROR(&pinfo->errors, OPS_E_P_MPI_FORMAT_ERROR, "MPI Format error"); 623 /* XXX: Ben, one part of 624 * this constraint does 625 * not apply to 626 * encrypted MPIs the 627 * draft says. -- peter */ 628 return 0; 629 } 630 *pbn = BN_bin2bn(buf, (int)length, NULL); 631 return 1; 632 } 633 634 /** Read some data with a New-Format length from reader. 635 * 636 * \sa Internet-Draft RFC4880.txt Section 4.2.2 637 * 638 * \param *length Where the decoded length will be put 639 * \param *pinfo How to parse 640 * \return true if OK, else false 641 * 642 */ 643 644 static bool 645 read_new_length(unsigned *length, __ops_parse_info_t * pinfo) 646 { 647 unsigned char c[1]; 648 649 if (base_read(c, 1, pinfo) != 1) 650 return false; 651 if (c[0] < 192) { 652 /* 1. One-octet packet */ 653 *length = c[0]; 654 return true; 655 } else if (c[0] >= 192 && c[0] <= 223) { 656 /* 2. Two-octet packet */ 657 unsigned t = (c[0] - 192) << 8; 658 659 if (base_read(c, 1, pinfo) != 1) 660 return false; 661 *length = t + c[0] + 192; 662 return true; 663 } else if (c[0] == 255) { 664 /* 3. Five-Octet packet */ 665 return _read_scalar(length, 4, pinfo); 666 } else if (c[0] >= 224 && c[0] < 255) { 667 /* 4. Partial Body Length */ 668 /* XXX - agc - gpg multi-recipient encryption uses this */ 669 OPS_ERROR(&pinfo->errors, OPS_E_UNIMPLEMENTED, 670 "New format Partial Body Length fields not yet implemented"); 671 return false; 672 } 673 return false; 674 } 675 676 /** Read the length information for a new format Packet Tag. 677 * 678 * New style Packet Tags encode the length in one to five octets. This function reads the right amount of bytes and 679 * decodes it to the proper length information. 680 * 681 * This function makes sure to respect packet boundaries. 682 * 683 * \param *length return the length here 684 * \param *ptag Pointer to current packet's Packet Tag. 685 * \param *reader Our reader 686 * \param *cb The callback 687 * \return 1 on success, 0 on error (by limited_read_scalar() or limited_read() or if the MPI is not properly formed (XXX 688 * see comment below) 689 * 690 * \see RFC4880 4.2.2 691 * \see __ops_ptag_t 692 */ 693 static int 694 limited_read_new_length(unsigned *length, __ops_region_t * region, 695 __ops_parse_info_t * pinfo) 696 { 697 unsigned char c[1] = ""; 698 699 if (!limited_read(c, 1, region, pinfo)) 700 return 0; 701 if (c[0] < 192) { 702 *length = c[0]; 703 return 1; 704 } 705 if (c[0] < 255) { 706 unsigned t = (c[0] - 192) << 8; 707 708 if (!limited_read(c, 1, region, pinfo)) 709 return 0; 710 *length = t + c[0] + 192; 711 return 1; 712 } 713 return limited_read_scalar(length, 4, region, pinfo); 714 } 715 716 /** 717 \ingroup Core_Create 718 \brief Free allocated memory 719 */ 720 static void 721 data_free(__ops_data_t * data) 722 { 723 free(data->contents); 724 data->contents = NULL; 725 data->len = 0; 726 } 727 728 /** 729 \ingroup Core_Create 730 \brief Free allocated memory 731 */ 732 static void 733 string_free(char **str) 734 { 735 free(*str); 736 *str = NULL; 737 } 738 739 /** 740 \ingroup Core_Create 741 \brief Free allocated memory 742 */ 743 /* ! Free packet memory, set pointer to NULL */ 744 void 745 __ops_packet_free(__ops_packet_t * packet) 746 { 747 free(packet->raw); 748 packet->raw = NULL; 749 } 750 751 /** 752 \ingroup Core_Create 753 \brief Free allocated memory 754 */ 755 static void 756 __ops_headers_free(__ops_headers_t * headers) 757 { 758 unsigned n; 759 760 for (n = 0; n < headers->nheaders; ++n) { 761 free(headers->headers[n].key); 762 free(headers->headers[n].value); 763 } 764 free(headers->headers); 765 headers->headers = NULL; 766 } 767 768 /** 769 \ingroup Core_Create 770 \brief Free allocated memory 771 */ 772 static void 773 signed_cleartext_trailer_free(__ops_signed_cleartext_trailer_t * trailer) 774 { 775 free(trailer->hash); 776 trailer->hash = NULL; 777 } 778 779 /** 780 \ingroup Core_Create 781 \brief Free allocated memory 782 */ 783 static void 784 __ops_cmd_get_passphrase_free(__ops_secret_key_passphrase_t * skp) 785 { 786 if (skp->passphrase && *skp->passphrase) { 787 free(*skp->passphrase); 788 *skp->passphrase = NULL; 789 } 790 } 791 792 /** 793 \ingroup Core_Create 794 \brief Free the memory used when parsing this signature sub-packet type 795 */ 796 static void 797 ss_userdefined_free(__ops_ss_userdefined_t * ss_userdefined) 798 { 799 data_free(&ss_userdefined->data); 800 } 801 802 /** 803 \ingroup Core_Create 804 \brief Free the memory used when parsing this signature sub-packet type 805 */ 806 static void 807 ss_reserved_free(__ops_ss_unknown_t * ss_unknown) 808 { 809 data_free(&ss_unknown->data); 810 } 811 812 /** 813 \ingroup Core_Create 814 \brief Free the memory used when parsing this packet type 815 */ 816 static void 817 trust_free(__ops_trust_t * trust) 818 { 819 data_free(&trust->data); 820 } 821 822 /** 823 * \ingroup Core_Create 824 * \brief Free the memory used when parsing a private/experimental PKA signature 825 * \param unknown_sig 826 */ 827 static void 828 free_unknown_sig_pka(__ops_unknown_signature_t * unknown_sig) 829 { 830 data_free(&unknown_sig->data); 831 } 832 833 /** 834 \ingroup Core_Create 835 \brief Free allocated memory 836 */ 837 static void 838 free_BN(BIGNUM ** pp) 839 { 840 BN_free(*pp); 841 *pp = NULL; 842 } 843 844 /** 845 * \ingroup Core_Create 846 * \brief Free the memory used when parsing a signature 847 * \param sig 848 */ 849 static void 850 signature_free(__ops_signature_t * sig) 851 { 852 switch (sig->info.key_algorithm) { 853 case OPS_PKA_RSA: 854 case OPS_PKA_RSA_SIGN_ONLY: 855 free_BN(&sig->info.signature.rsa.sig); 856 break; 857 858 case OPS_PKA_DSA: 859 free_BN(&sig->info.signature.dsa.r); 860 free_BN(&sig->info.signature.dsa.s); 861 break; 862 863 case OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN: 864 free_BN(&sig->info.signature.elgamal.r); 865 free_BN(&sig->info.signature.elgamal.s); 866 break; 867 868 case OPS_PKA_PRIVATE00: 869 case OPS_PKA_PRIVATE01: 870 case OPS_PKA_PRIVATE02: 871 case OPS_PKA_PRIVATE03: 872 case OPS_PKA_PRIVATE04: 873 case OPS_PKA_PRIVATE05: 874 case OPS_PKA_PRIVATE06: 875 case OPS_PKA_PRIVATE07: 876 case OPS_PKA_PRIVATE08: 877 case OPS_PKA_PRIVATE09: 878 case OPS_PKA_PRIVATE10: 879 free_unknown_sig_pka(&sig->info.signature.unknown); 880 break; 881 882 default: 883 assert( /* CONSTCOND */ 0); 884 } 885 } 886 887 /** 888 \ingroup Core_Create 889 \brief Free the memory used when parsing this signature sub-packet type 890 \param ss_preferred_ska 891 */ 892 static void 893 ss_preferred_ska_free(__ops_ss_preferred_ska_t *ss_preferred_ska) 894 { 895 data_free(&ss_preferred_ska->data); 896 } 897 898 /** 899 \ingroup Core_Create 900 \brief Free the memory used when parsing this signature sub-packet type 901 \param ss_preferred_hash 902 */ 903 static void 904 ss_preferred_hash_free(__ops_ss_preferred_hash_t *ss_preferred_hash) 905 { 906 data_free(&ss_preferred_hash->data); 907 } 908 909 /** 910 \ingroup Core_Create 911 \brief Free the memory used when parsing this signature sub-packet type 912 */ 913 static void 914 ss_preferred_compression_free(__ops_ss_preferred_compression_t *ss_preferred_compression) 915 { 916 data_free(&ss_preferred_compression->data); 917 } 918 919 /** 920 \ingroup Core_Create 921 \brief Free the memory used when parsing this signature sub-packet type 922 */ 923 static void 924 ss_key_flags_free(__ops_ss_key_flags_t *ss_key_flags) 925 { 926 data_free(&ss_key_flags->data); 927 } 928 929 /** 930 \ingroup Core_Create 931 \brief Free the memory used when parsing this signature sub-packet type 932 */ 933 static void 934 ss_key_server_prefs_free(__ops_ss_key_server_prefs_t *ss_key_server_prefs) 935 { 936 data_free(&ss_key_server_prefs->data); 937 } 938 939 /** 940 \ingroup Core_Create 941 \brief Free the memory used when parsing this signature sub-packet type 942 */ 943 static void 944 ss_features_free(__ops_ss_features_t *ss_features) 945 { 946 data_free(&ss_features->data); 947 } 948 949 /** 950 \ingroup Core_Create 951 \brief Free the memory used when parsing this signature sub-packet type 952 */ 953 static void 954 ss_notation_data_free(__ops_ss_notation_data_t *ss_notation_data) 955 { 956 data_free(&ss_notation_data->name); 957 data_free(&ss_notation_data->value); 958 } 959 960 /** 961 \ingroup Core_Create 962 \brief Free allocated memory 963 */ 964 /* ! Free the memory used when parsing this signature sub-packet type */ 965 static void 966 ss_regexp_free(__ops_ss_regexp_t *regexp) 967 { 968 string_free(®exp->text); 969 } 970 971 /** 972 \ingroup Core_Create 973 \brief Free allocated memory 974 */ 975 /* ! Free the memory used when parsing this signature sub-packet type */ 976 static void 977 ss_policy_url_free(__ops_ss_policy_url_t *policy_url) 978 { 979 string_free(&policy_url->text); 980 } 981 982 /** 983 \ingroup Core_Create 984 \brief Free allocated memory 985 */ 986 /* ! Free the memory used when parsing this signature sub-packet type */ 987 static void 988 ss_preferred_key_server_free(__ops_ss_preferred_key_server_t *preferred_key_server) 989 { 990 string_free(&preferred_key_server->text); 991 } 992 993 /** 994 \ingroup Core_Create 995 \brief Free the memory used when parsing this signature sub-packet type 996 */ 997 static void 998 ss_revocation_reason_free(__ops_ss_revocation_reason_t *ss_revocation_reason) 999 { 1000 string_free(&ss_revocation_reason->text); 1001 } 1002 1003 static void 1004 ss_embedded_signature_free(__ops_ss_embedded_signature_t *ss_embedded_signature) 1005 { 1006 data_free(&ss_embedded_signature->sig); 1007 } 1008 1009 /** 1010 \ingroup Core_Create 1011 \brief Free allocated memory 1012 */ 1013 /* ! Free any memory allocated when parsing the packet content */ 1014 void 1015 __ops_parser_content_free(__ops_parser_content_t * c) 1016 { 1017 switch (c->tag) { 1018 case OPS_PARSER_PTAG: 1019 case OPS_PTAG_CT_COMPRESSED: 1020 case OPS_PTAG_SS_CREATION_TIME: 1021 case OPS_PTAG_SS_EXPIRATION_TIME: 1022 case OPS_PTAG_SS_KEY_EXPIRATION_TIME: 1023 case OPS_PTAG_SS_TRUST: 1024 case OPS_PTAG_SS_ISSUER_KEY_ID: 1025 case OPS_PTAG_CT_ONE_PASS_SIGNATURE: 1026 case OPS_PTAG_SS_PRIMARY_USER_ID: 1027 case OPS_PTAG_SS_REVOCABLE: 1028 case OPS_PTAG_SS_REVOCATION_KEY: 1029 case OPS_PTAG_CT_LITERAL_DATA_HEADER: 1030 case OPS_PTAG_CT_LITERAL_DATA_BODY: 1031 case OPS_PTAG_CT_SIGNED_CLEARTEXT_BODY: 1032 case OPS_PTAG_CT_UNARMOURED_TEXT: 1033 case OPS_PTAG_CT_ARMOUR_TRAILER: 1034 case OPS_PTAG_CT_SIGNATURE_HEADER: 1035 case OPS_PTAG_CT_SE_DATA_HEADER: 1036 case OPS_PTAG_CT_SE_IP_DATA_HEADER: 1037 case OPS_PTAG_CT_SE_IP_DATA_BODY: 1038 case OPS_PTAG_CT_MDC: 1039 case OPS_PARSER_CMD_GET_SECRET_KEY: 1040 break; 1041 1042 case OPS_PTAG_CT_SIGNED_CLEARTEXT_HEADER: 1043 __ops_headers_free(&c->u.signed_cleartext_header.headers); 1044 break; 1045 1046 case OPS_PTAG_CT_ARMOUR_HEADER: 1047 __ops_headers_free(&c->u.armour_header.headers); 1048 break; 1049 1050 case OPS_PTAG_CT_SIGNED_CLEARTEXT_TRAILER: 1051 signed_cleartext_trailer_free(&c->u.signed_cleartext_trailer); 1052 break; 1053 1054 case OPS_PTAG_CT_TRUST: 1055 trust_free(&c->u.trust); 1056 break; 1057 1058 case OPS_PTAG_CT_SIGNATURE: 1059 case OPS_PTAG_CT_SIGNATURE_FOOTER: 1060 signature_free(&c->u.signature); 1061 break; 1062 1063 case OPS_PTAG_CT_PUBLIC_KEY: 1064 case OPS_PTAG_CT_PUBLIC_SUBKEY: 1065 __ops_public_key_free(&c->u.public_key); 1066 break; 1067 1068 case OPS_PTAG_CT_USER_ID: 1069 __ops_user_id_free(&c->u.user_id); 1070 break; 1071 1072 case OPS_PTAG_SS_SIGNERS_USER_ID: 1073 __ops_user_id_free(&c->u.ss_signers_user_id); 1074 break; 1075 1076 case OPS_PTAG_CT_USER_ATTRIBUTE: 1077 __ops_user_attribute_free(&c->u.user_attribute); 1078 break; 1079 1080 case OPS_PTAG_SS_PREFERRED_SKA: 1081 ss_preferred_ska_free(&c->u.ss_preferred_ska); 1082 break; 1083 1084 case OPS_PTAG_SS_PREFERRED_HASH: 1085 ss_preferred_hash_free(&c->u.ss_preferred_hash); 1086 break; 1087 1088 case OPS_PTAG_SS_PREFERRED_COMPRESSION: 1089 ss_preferred_compression_free(&c->u.ss_preferred_compression); 1090 break; 1091 1092 case OPS_PTAG_SS_KEY_FLAGS: 1093 ss_key_flags_free(&c->u.ss_key_flags); 1094 break; 1095 1096 case OPS_PTAG_SS_KEY_SERVER_PREFS: 1097 ss_key_server_prefs_free(&c->u.ss_key_server_prefs); 1098 break; 1099 1100 case OPS_PTAG_SS_FEATURES: 1101 ss_features_free(&c->u.ss_features); 1102 break; 1103 1104 case OPS_PTAG_SS_NOTATION_DATA: 1105 ss_notation_data_free(&c->u.ss_notation_data); 1106 break; 1107 1108 case OPS_PTAG_SS_REGEXP: 1109 ss_regexp_free(&c->u.ss_regexp); 1110 break; 1111 1112 case OPS_PTAG_SS_POLICY_URI: 1113 ss_policy_url_free(&c->u.ss_policy_url); 1114 break; 1115 1116 case OPS_PTAG_SS_PREFERRED_KEY_SERVER: 1117 ss_preferred_key_server_free(&c->u.ss_preferred_key_server); 1118 break; 1119 1120 case OPS_PTAG_SS_USERDEFINED00: 1121 case OPS_PTAG_SS_USERDEFINED01: 1122 case OPS_PTAG_SS_USERDEFINED02: 1123 case OPS_PTAG_SS_USERDEFINED03: 1124 case OPS_PTAG_SS_USERDEFINED04: 1125 case OPS_PTAG_SS_USERDEFINED05: 1126 case OPS_PTAG_SS_USERDEFINED06: 1127 case OPS_PTAG_SS_USERDEFINED07: 1128 case OPS_PTAG_SS_USERDEFINED08: 1129 case OPS_PTAG_SS_USERDEFINED09: 1130 case OPS_PTAG_SS_USERDEFINED10: 1131 ss_userdefined_free(&c->u.ss_userdefined); 1132 break; 1133 1134 case OPS_PTAG_SS_RESERVED: 1135 ss_reserved_free(&c->u.ss_unknown); 1136 break; 1137 1138 case OPS_PTAG_SS_REVOCATION_REASON: 1139 ss_revocation_reason_free(&c->u.ss_revocation_reason); 1140 break; 1141 1142 case OPS_PTAG_SS_EMBEDDED_SIGNATURE: 1143 ss_embedded_signature_free(&c->u.ss_embedded_signature); 1144 break; 1145 1146 case OPS_PARSER_PACKET_END: 1147 __ops_packet_free(&c->u.packet); 1148 break; 1149 1150 case OPS_PARSER_ERROR: 1151 case OPS_PARSER_ERRCODE: 1152 break; 1153 1154 case OPS_PTAG_CT_SECRET_KEY: 1155 case OPS_PTAG_CT_ENCRYPTED_SECRET_KEY: 1156 __ops_secret_key_free(&c->u.secret_key); 1157 break; 1158 1159 case OPS_PTAG_CT_PK_SESSION_KEY: 1160 case OPS_PTAG_CT_ENCRYPTED_PK_SESSION_KEY: 1161 __ops_pk_session_key_free(&c->u.pk_session_key); 1162 break; 1163 1164 case OPS_PARSER_CMD_GET_SK_PASSPHRASE: 1165 __ops_cmd_get_passphrase_free(&c->u.secret_key_passphrase); 1166 break; 1167 1168 default: 1169 fprintf(stderr, "Can't free %d (0x%x)\n", c->tag, c->tag); 1170 assert( /* CONSTCOND */ 0); 1171 } 1172 } 1173 1174 /** 1175 \ingroup Core_Create 1176 \brief Free allocated memory 1177 */ 1178 void 1179 __ops_pk_session_key_free(__ops_pk_session_key_t * sk) 1180 { 1181 switch (sk->algorithm) { 1182 case OPS_PKA_RSA: 1183 free_BN(&sk->parameters.rsa.encrypted_m); 1184 break; 1185 1186 case OPS_PKA_ELGAMAL: 1187 free_BN(&sk->parameters.elgamal.g_to_k); 1188 free_BN(&sk->parameters.elgamal.encrypted_m); 1189 break; 1190 1191 default: 1192 assert( /* CONSTCOND */ 0); 1193 } 1194 } 1195 1196 /** 1197 \ingroup Core_Create 1198 \brief Free allocated memory 1199 */ 1200 /* ! Free the memory used when parsing a public key */ 1201 void 1202 __ops_public_key_free(__ops_public_key_t * p) 1203 { 1204 switch (p->algorithm) { 1205 case OPS_PKA_RSA: 1206 case OPS_PKA_RSA_ENCRYPT_ONLY: 1207 case OPS_PKA_RSA_SIGN_ONLY: 1208 free_BN(&p->key.rsa.n); 1209 free_BN(&p->key.rsa.e); 1210 break; 1211 1212 case OPS_PKA_DSA: 1213 free_BN(&p->key.dsa.p); 1214 free_BN(&p->key.dsa.q); 1215 free_BN(&p->key.dsa.g); 1216 free_BN(&p->key.dsa.y); 1217 break; 1218 1219 case OPS_PKA_ELGAMAL: 1220 case OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN: 1221 free_BN(&p->key.elgamal.p); 1222 free_BN(&p->key.elgamal.g); 1223 free_BN(&p->key.elgamal.y); 1224 break; 1225 1226 case 0: 1227 /* nothing to free */ 1228 break; 1229 1230 default: 1231 assert( /* CONSTCOND */ 0); 1232 } 1233 } 1234 1235 /** 1236 \ingroup Core_ReadPackets 1237 */ 1238 static int 1239 parse_public_key_data(__ops_public_key_t * key, __ops_region_t * region, 1240 __ops_parse_info_t * pinfo) 1241 { 1242 unsigned char c[1] = ""; 1243 1244 assert(region->length_read == 0); /* We should not have read 1245 * anything so far */ 1246 1247 if (!limited_read(c, 1, region, pinfo)) 1248 return 0; 1249 key->version = c[0]; 1250 if (key->version < 2 || key->version > 4) { 1251 OPS_ERROR_1(&pinfo->errors, OPS_E_PROTO_BAD_PUBLIC_KEY_VRSN, 1252 "Bad public key version (0x%02x)", key->version); 1253 return 0; 1254 } 1255 if (!limited_read_time(&key->creation_time, region, pinfo)) 1256 return 0; 1257 1258 key->days_valid = 0; 1259 if ((key->version == 2 || key->version == 3) 1260 && !limited_read_scalar(&key->days_valid, 2, region, pinfo)) 1261 return 0; 1262 1263 if (!limited_read(c, 1, region, pinfo)) 1264 return 0; 1265 1266 key->algorithm = c[0]; 1267 1268 switch (key->algorithm) { 1269 case OPS_PKA_DSA: 1270 if (!limited_read_mpi(&key->key.dsa.p, region, pinfo) 1271 || !limited_read_mpi(&key->key.dsa.q, region, pinfo) 1272 || !limited_read_mpi(&key->key.dsa.g, region, pinfo) 1273 || !limited_read_mpi(&key->key.dsa.y, region, pinfo)) 1274 return 0; 1275 break; 1276 1277 case OPS_PKA_RSA: 1278 case OPS_PKA_RSA_ENCRYPT_ONLY: 1279 case OPS_PKA_RSA_SIGN_ONLY: 1280 if (!limited_read_mpi(&key->key.rsa.n, region, pinfo) 1281 || !limited_read_mpi(&key->key.rsa.e, region, pinfo)) 1282 return 0; 1283 break; 1284 1285 case OPS_PKA_ELGAMAL: 1286 case OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN: 1287 if (!limited_read_mpi(&key->key.elgamal.p, region, pinfo) 1288 || !limited_read_mpi(&key->key.elgamal.g, region, pinfo) 1289 || !limited_read_mpi(&key->key.elgamal.y, region, pinfo)) 1290 return 0; 1291 break; 1292 1293 default: 1294 OPS_ERROR_1(&pinfo->errors, OPS_E_ALG_UNSUPPORTED_PUBLIC_KEY_ALG, "Unsupported Public Key algorithm (%s)", __ops_show_pka(key->algorithm)); 1295 return 0; 1296 } 1297 1298 return 1; 1299 } 1300 1301 1302 /** 1303 * \ingroup Core_ReadPackets 1304 * \brief Parse a public key packet. 1305 * 1306 * This function parses an entire v3 (== v2) or v4 public key packet for RSA, ElGamal, and DSA keys. 1307 * 1308 * Once the key has been parsed successfully, it is passed to the callback. 1309 * 1310 * \param *ptag Pointer to the current Packet Tag. This function should consume the entire packet. 1311 * \param *reader Our reader 1312 * \param *cb The callback 1313 * \return 1 on success, 0 on error 1314 * 1315 * \see RFC4880 5.5.2 1316 */ 1317 static int 1318 parse_public_key(__ops_content_tag_t tag, __ops_region_t * region, 1319 __ops_parse_info_t * pinfo) 1320 { 1321 __ops_parser_content_t content; 1322 1323 if (!parse_public_key_data(&content.u.public_key, region, pinfo)) 1324 return 0; 1325 1326 /* XXX: this test should be done for all packets, surely? */ 1327 if (region->length_read != region->length) { 1328 OPS_ERROR_1(&pinfo->errors, OPS_E_R_UNCONSUMED_DATA, 1329 "Unconsumed data (%d)", region->length - region->length_read); 1330 return 0; 1331 } 1332 CALLBACK(&pinfo->cbinfo, tag, &content); 1333 1334 return 1; 1335 } 1336 1337 1338 /** 1339 \ingroup Core_Create 1340 \brief Free allocated memory 1341 */ 1342 /* ! Free the memory used when parsing this packet type */ 1343 void 1344 __ops_user_attribute_free(__ops_user_attribute_t * user_att) 1345 { 1346 data_free(&user_att->data); 1347 } 1348 1349 /** 1350 * \ingroup Core_ReadPackets 1351 * \brief Parse one user attribute packet. 1352 * 1353 * User attribute packets contain one or more attribute subpackets. 1354 * For now, handle the whole packet as raw data. 1355 */ 1356 1357 static int 1358 parse_user_attribute(__ops_region_t * region, __ops_parse_info_t * pinfo) 1359 { 1360 1361 __ops_parser_content_t content; 1362 1363 /* 1364 * xxx- treat as raw data for now. Could break down further into 1365 * attribute sub-packets later - rachel 1366 */ 1367 1368 assert(region->length_read == 0); /* We should not have read 1369 * anything so far */ 1370 1371 if (!read_data(&content.u.user_attribute.data, region, pinfo)) 1372 return 0; 1373 1374 CALLBACK(&pinfo->cbinfo, OPS_PTAG_CT_USER_ATTRIBUTE, &content); 1375 1376 return 1; 1377 } 1378 1379 /** 1380 \ingroup Core_Create 1381 \brief Free allocated memory 1382 */ 1383 /* ! Free the memory used when parsing this packet type */ 1384 void 1385 __ops_user_id_free(__ops_user_id_t * id) 1386 { 1387 free(id->user_id); 1388 id->user_id = NULL; 1389 } 1390 1391 /** 1392 * \ingroup Core_ReadPackets 1393 * \brief Parse a user id. 1394 * 1395 * This function parses an user id packet, which is basically just a char array the size of the packet. 1396 * 1397 * The char array is to be treated as an UTF-8 string. 1398 * 1399 * The userid gets null terminated by this function. Freeing it is the responsibility of the caller. 1400 * 1401 * Once the userid has been parsed successfully, it is passed to the callback. 1402 * 1403 * \param *ptag Pointer to the Packet Tag. This function should consume the entire packet. 1404 * \param *reader Our reader 1405 * \param *cb The callback 1406 * \return 1 on success, 0 on error 1407 * 1408 * \see RFC4880 5.11 1409 */ 1410 static int 1411 parse_user_id(__ops_region_t * region, __ops_parse_info_t * pinfo) 1412 { 1413 __ops_parser_content_t content; 1414 1415 assert(region->length_read == 0); /* We should not have read 1416 * anything so far */ 1417 1418 content.u.user_id.user_id = calloc(1, region->length + 1); /* XXX should we not 1419 * like check malloc's 1420 * return value? */ 1421 1422 if (region->length && !limited_read(content.u.user_id.user_id, region->length, region, 1423 pinfo)) 1424 return 0; 1425 1426 content.u.user_id.user_id[region->length] = '\0'; /* terminate the string */ 1427 1428 CALLBACK(&pinfo->cbinfo, OPS_PTAG_CT_USER_ID, &content); 1429 1430 return 1; 1431 } 1432 1433 static __ops_hash_t * 1434 parse_hash_find(__ops_parse_info_t * pinfo, 1435 const unsigned char keyid[OPS_KEY_ID_SIZE]) 1436 { 1437 size_t n; 1438 1439 for (n = 0; n < pinfo->nhashes; ++n) { 1440 if (memcmp(pinfo->hashes[n].keyid, keyid, OPS_KEY_ID_SIZE) == 0) { 1441 return &pinfo->hashes[n].hash; 1442 } 1443 } 1444 return NULL; 1445 } 1446 1447 /** 1448 * \ingroup Core_Parse 1449 * \brief Parse a version 3 signature. 1450 * 1451 * This function parses an version 3 signature packet, handling RSA and DSA signatures. 1452 * 1453 * Once the signature has been parsed successfully, it is passed to the callback. 1454 * 1455 * \param *ptag Pointer to the Packet Tag. This function should consume the entire packet. 1456 * \param *reader Our reader 1457 * \param *cb The callback 1458 * \return 1 on success, 0 on error 1459 * 1460 * \see RFC4880 5.2.2 1461 */ 1462 static int 1463 parse_v3_signature(__ops_region_t * region, 1464 __ops_parse_info_t * pinfo) 1465 { 1466 unsigned char c[1] = ""; 1467 __ops_parser_content_t content; 1468 1469 /* clear signature */ 1470 (void) memset(&content.u.signature, 0x0, sizeof(content.u.signature)); 1471 1472 content.u.signature.info.version = OPS_V3; 1473 1474 /* hash info length */ 1475 if (!limited_read(c, 1, region, pinfo)) 1476 return 0; 1477 if (c[0] != 5) { 1478 ERRP(&pinfo->cbinfo, content, "bad hash info length"); 1479 } 1480 1481 if (!limited_read(c, 1, region, pinfo)) 1482 return 0; 1483 content.u.signature.info.type = c[0]; 1484 /* XXX: check signature type */ 1485 1486 if (!limited_read_time(&content.u.signature.info.creation_time, region, pinfo)) 1487 return 0; 1488 content.u.signature.info.creation_time_set = true; 1489 1490 if (!limited_read(content.u.signature.info.signer_id, OPS_KEY_ID_SIZE, region, pinfo)) 1491 return 0; 1492 content.u.signature.info.signer_id_set = true; 1493 1494 if (!limited_read(c, 1, region, pinfo)) 1495 return 0; 1496 content.u.signature.info.key_algorithm = c[0]; 1497 /* XXX: check algorithm */ 1498 1499 if (!limited_read(c, 1, region, pinfo)) 1500 return 0; 1501 content.u.signature.info.hash_algorithm = c[0]; 1502 /* XXX: check algorithm */ 1503 1504 if (!limited_read(content.u.signature.hash2, 2, region, pinfo)) 1505 return 0; 1506 1507 switch (content.u.signature.info.key_algorithm) { 1508 case OPS_PKA_RSA: 1509 case OPS_PKA_RSA_SIGN_ONLY: 1510 if (!limited_read_mpi(&content.u.signature.info.signature.rsa.sig, region, pinfo)) 1511 return 0; 1512 break; 1513 1514 case OPS_PKA_DSA: 1515 if (!limited_read_mpi(&content.u.signature.info.signature.dsa.r, region, pinfo) 1516 || !limited_read_mpi(&content.u.signature.info.signature.dsa.s, region, pinfo)) 1517 return 0; 1518 break; 1519 1520 case OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN: 1521 if (!limited_read_mpi(&content.u.signature.info.signature.elgamal.r, region, pinfo) 1522 || !limited_read_mpi(&content.u.signature.info.signature.elgamal.s, region, pinfo)) 1523 return 0; 1524 break; 1525 1526 default: 1527 OPS_ERROR_1(&pinfo->errors, OPS_E_ALG_UNSUPPORTED_SIGNATURE_ALG, 1528 "Unsupported signature key algorithm (%s)", 1529 __ops_show_pka(content.u.signature.info.key_algorithm)); 1530 return 0; 1531 } 1532 1533 if (region->length_read != region->length) { 1534 OPS_ERROR_1(&pinfo->errors, OPS_E_R_UNCONSUMED_DATA, "Unconsumed data (%d)", region->length - region->length_read); 1535 return 0; 1536 } 1537 if (content.u.signature.info.signer_id_set) 1538 content.u.signature.hash = parse_hash_find(pinfo, content.u.signature.info.signer_id); 1539 1540 CALLBACK(&pinfo->cbinfo, OPS_PTAG_CT_SIGNATURE, &content); 1541 1542 return 1; 1543 } 1544 1545 /** 1546 * \ingroup Core_ReadPackets 1547 * \brief Parse one signature sub-packet. 1548 * 1549 * Version 4 signatures can have an arbitrary amount of (hashed and unhashed) subpackets. Subpackets are used to hold 1550 * optional attributes of subpackets. 1551 * 1552 * This function parses one such signature subpacket. 1553 * 1554 * Once the subpacket has been parsed successfully, it is passed to the callback. 1555 * 1556 * \param *ptag Pointer to the Packet Tag. This function should consume the entire subpacket. 1557 * \param *reader Our reader 1558 * \param *cb The callback 1559 * \return 1 on success, 0 on error 1560 * 1561 * \see RFC4880 5.2.3 1562 */ 1563 static int 1564 parse_one_signature_subpacket(__ops_signature_t * sig, 1565 __ops_region_t * region, 1566 __ops_parse_info_t * pinfo) 1567 { 1568 __ops_region_t subregion; 1569 unsigned char c[1] = ""; 1570 __ops_parser_content_t content; 1571 unsigned t8, t7; 1572 bool doread = true; 1573 unsigned char bools[1] = ""; 1574 1575 __ops_init_subregion(&subregion, region); 1576 if (!limited_read_new_length(&subregion.length, region, pinfo)) 1577 return 0; 1578 1579 if (subregion.length > region->length) 1580 ERRP(&pinfo->cbinfo, content, "Subpacket too long"); 1581 1582 if (!limited_read(c, 1, &subregion, pinfo)) 1583 return 0; 1584 1585 t8 = (c[0] & 0x7f) / 8; 1586 t7 = 1 << (c[0] & 7); 1587 1588 content.critical = (unsigned)c[0] >> 7; 1589 content.tag = OPS_PTAG_SIGNATURE_SUBPACKET_BASE + (c[0] & 0x7f); 1590 1591 /* Application wants it delivered raw */ 1592 if (pinfo->ss_raw[t8] & t7) { 1593 content.u.ss_raw.tag = content.tag; 1594 content.u.ss_raw.length = subregion.length - 1; 1595 content.u.ss_raw.raw = calloc(1, content.u.ss_raw.length); 1596 if (!limited_read(content.u.ss_raw.raw, content.u.ss_raw.length, &subregion, pinfo)) 1597 return 0; 1598 CALLBACK(&pinfo->cbinfo, OPS_PTAG_RAW_SS, &content); 1599 return 1; 1600 } 1601 switch (content.tag) { 1602 case OPS_PTAG_SS_CREATION_TIME: 1603 case OPS_PTAG_SS_EXPIRATION_TIME: 1604 case OPS_PTAG_SS_KEY_EXPIRATION_TIME: 1605 if (!limited_read_time(&content.u.ss_time.time, &subregion, pinfo)) 1606 return 0; 1607 if (content.tag == OPS_PTAG_SS_CREATION_TIME) { 1608 sig->info.creation_time = content.u.ss_time.time; 1609 sig->info.creation_time_set = true; 1610 } 1611 break; 1612 1613 case OPS_PTAG_SS_TRUST: 1614 if (!limited_read(&content.u.ss_trust.level, 1, &subregion, pinfo) 1615 || !limited_read(&content.u.ss_trust.amount, 1, &subregion, pinfo)) 1616 return 0; 1617 break; 1618 1619 case OPS_PTAG_SS_REVOCABLE: 1620 if (!limited_read(bools, 1, &subregion, pinfo)) 1621 return 0; 1622 content.u.ss_revocable.revocable = !!bools[0]; 1623 break; 1624 1625 case OPS_PTAG_SS_ISSUER_KEY_ID: 1626 if (!limited_read(content.u.ss_issuer_key_id.key_id, OPS_KEY_ID_SIZE, 1627 &subregion, pinfo)) 1628 return 0; 1629 (void) memcpy(sig->info.signer_id, content.u.ss_issuer_key_id.key_id, OPS_KEY_ID_SIZE); 1630 sig->info.signer_id_set = true; 1631 break; 1632 1633 case OPS_PTAG_SS_PREFERRED_SKA: 1634 if (!read_data(&content.u.ss_preferred_ska.data, &subregion, pinfo)) 1635 return 0; 1636 break; 1637 1638 case OPS_PTAG_SS_PREFERRED_HASH: 1639 if (!read_data(&content.u.ss_preferred_hash.data, &subregion, pinfo)) 1640 return 0; 1641 break; 1642 1643 case OPS_PTAG_SS_PREFERRED_COMPRESSION: 1644 if (!read_data(&content.u.ss_preferred_compression.data, &subregion, pinfo)) 1645 return 0; 1646 break; 1647 1648 case OPS_PTAG_SS_PRIMARY_USER_ID: 1649 if (!limited_read(bools, 1, &subregion, pinfo)) 1650 return 0; 1651 content.u.ss_primary_user_id.primary_user_id = !!bools[0]; 1652 break; 1653 1654 case OPS_PTAG_SS_KEY_FLAGS: 1655 if (!read_data(&content.u.ss_key_flags.data, &subregion, pinfo)) 1656 return 0; 1657 break; 1658 1659 case OPS_PTAG_SS_KEY_SERVER_PREFS: 1660 if (!read_data(&content.u.ss_key_server_prefs.data, &subregion, pinfo)) 1661 return 0; 1662 break; 1663 1664 case OPS_PTAG_SS_FEATURES: 1665 if (!read_data(&content.u.ss_features.data, &subregion, pinfo)) 1666 return 0; 1667 break; 1668 1669 case OPS_PTAG_SS_SIGNERS_USER_ID: 1670 if (!read_unsigned_string(&content.u.ss_signers_user_id.user_id, &subregion, pinfo)) 1671 return 0; 1672 break; 1673 1674 case OPS_PTAG_SS_EMBEDDED_SIGNATURE: 1675 /* \todo should do something with this sig? */ 1676 if (!read_data(&content.u.ss_embedded_signature.sig, &subregion, pinfo)) 1677 return 0; 1678 break; 1679 1680 case OPS_PTAG_SS_NOTATION_DATA: 1681 if (!limited_read_data(&content.u.ss_notation_data.flags, 4, &subregion, pinfo)) 1682 return 0; 1683 if (!limited_read_size_t_scalar(&content.u.ss_notation_data.name.len, 2, 1684 &subregion, pinfo)) 1685 return 0; 1686 if (!limited_read_size_t_scalar(&content.u.ss_notation_data.value.len, 2, 1687 &subregion, pinfo)) 1688 return 0; 1689 if (!limited_read_data(&content.u.ss_notation_data.name, 1690 content.u.ss_notation_data.name.len, &subregion, pinfo)) 1691 return 0; 1692 if (!limited_read_data(&content.u.ss_notation_data.value, 1693 content.u.ss_notation_data.value.len, &subregion, pinfo)) 1694 return 0; 1695 break; 1696 1697 case OPS_PTAG_SS_POLICY_URI: 1698 if (!read_string(&content.u.ss_policy_url.text, &subregion, pinfo)) 1699 return 0; 1700 break; 1701 1702 case OPS_PTAG_SS_REGEXP: 1703 if (!read_string(&content.u.ss_regexp.text, &subregion, pinfo)) 1704 return 0; 1705 break; 1706 1707 case OPS_PTAG_SS_PREFERRED_KEY_SERVER: 1708 if (!read_string(&content.u.ss_preferred_key_server.text, &subregion, pinfo)) 1709 return 0; 1710 break; 1711 1712 case OPS_PTAG_SS_USERDEFINED00: 1713 case OPS_PTAG_SS_USERDEFINED01: 1714 case OPS_PTAG_SS_USERDEFINED02: 1715 case OPS_PTAG_SS_USERDEFINED03: 1716 case OPS_PTAG_SS_USERDEFINED04: 1717 case OPS_PTAG_SS_USERDEFINED05: 1718 case OPS_PTAG_SS_USERDEFINED06: 1719 case OPS_PTAG_SS_USERDEFINED07: 1720 case OPS_PTAG_SS_USERDEFINED08: 1721 case OPS_PTAG_SS_USERDEFINED09: 1722 case OPS_PTAG_SS_USERDEFINED10: 1723 if (!read_data(&content.u.ss_userdefined.data, &subregion, pinfo)) 1724 return 0; 1725 break; 1726 1727 case OPS_PTAG_SS_RESERVED: 1728 if (!read_data(&content.u.ss_unknown.data, &subregion, pinfo)) 1729 return 0; 1730 break; 1731 1732 case OPS_PTAG_SS_REVOCATION_REASON: 1733 /* first byte is the machine-readable code */ 1734 if (!limited_read(&content.u.ss_revocation_reason.code, 1, &subregion, pinfo)) 1735 return 0; 1736 1737 /* the rest is a human-readable UTF-8 string */ 1738 if (!read_string(&content.u.ss_revocation_reason.text, &subregion, pinfo)) 1739 return 0; 1740 break; 1741 1742 case OPS_PTAG_SS_REVOCATION_KEY: 1743 /* octet 0 = class. Bit 0x80 must be set */ 1744 if (!limited_read(&content.u.ss_revocation_key.class, 1, &subregion, pinfo)) 1745 return 0; 1746 if (!(content.u.ss_revocation_key.class & 0x80)) { 1747 printf("Warning: OPS_PTAG_SS_REVOCATION_KEY class: " 1748 "Bit 0x80 should be set\n"); 1749 return 0; 1750 } 1751 /* octet 1 = algid */ 1752 if (!limited_read(&content.u.ss_revocation_key.algid, 1, &subregion, pinfo)) 1753 return 0; 1754 1755 /* octets 2-21 = fingerprint */ 1756 if (!limited_read(&content.u.ss_revocation_key.fingerprint[0], 20, &subregion, 1757 pinfo)) 1758 return 0; 1759 break; 1760 1761 default: 1762 if (pinfo->ss_parsed[t8] & t7) 1763 OPS_ERROR_1(&pinfo->errors, OPS_E_PROTO_UNKNOWN_SS, 1764 "Unknown signature subpacket type (%d)", c[0] & 0x7f); 1765 doread = false; 1766 break; 1767 } 1768 1769 /* Application doesn't want it delivered parsed */ 1770 if (!(pinfo->ss_parsed[t8] & t7)) { 1771 if (content.critical) 1772 OPS_ERROR_1(&pinfo->errors, OPS_E_PROTO_CRITICAL_SS_IGNORED, 1773 "Critical signature subpacket ignored (%d)", 1774 c[0] & 0x7f); 1775 if (!doread && !limited_skip(subregion.length - 1, &subregion, pinfo)) 1776 return 0; 1777 /* 1778 * printf("skipped %d length 1779 * %d\n",c[0]&0x7f,subregion.length); 1780 */ 1781 if (doread) 1782 __ops_parser_content_free(&content); 1783 return 1; 1784 } 1785 if (doread && subregion.length_read != subregion.length) { 1786 OPS_ERROR_1(&pinfo->errors, OPS_E_R_UNCONSUMED_DATA, 1787 "Unconsumed data (%d)", 1788 subregion.length - subregion.length_read); 1789 return 0; 1790 } 1791 CALLBACK(&pinfo->cbinfo, content.tag, &content); 1792 1793 return 1; 1794 } 1795 1796 /** 1797 * \ingroup Core_ReadPackets 1798 * \brief Parse several signature subpackets. 1799 * 1800 * Hashed and unhashed subpacket sets are preceded by an octet count that specifies the length of the complete set. 1801 * This function parses this length and then calls parse_one_signature_subpacket() for each subpacket until the 1802 * entire set is consumed. 1803 * 1804 * This function does not call the callback directly, parse_one_signature_subpacket() does for each subpacket. 1805 * 1806 * \param *ptag Pointer to the Packet Tag. 1807 * \param *reader Our reader 1808 * \param *cb The callback 1809 * \return 1 on success, 0 on error 1810 * 1811 * \see RFC4880 5.2.3 1812 */ 1813 static int 1814 parse_signature_subpackets(__ops_signature_t * sig, 1815 __ops_region_t * region, 1816 __ops_parse_info_t * pinfo) 1817 { 1818 __ops_region_t subregion; 1819 __ops_parser_content_t content; 1820 1821 __ops_init_subregion(&subregion, region); 1822 if (!limited_read_scalar(&subregion.length, 2, region, pinfo)) 1823 return 0; 1824 1825 if (subregion.length > region->length) 1826 ERRP(&pinfo->cbinfo, content, "Subpacket set too long"); 1827 1828 while (subregion.length_read < subregion.length) 1829 if (!parse_one_signature_subpacket(sig, &subregion, pinfo)) 1830 return 0; 1831 1832 if (subregion.length_read != subregion.length) { 1833 if (!limited_skip(subregion.length - subregion.length_read, &subregion, 1834 pinfo)) 1835 ERRP(&pinfo->cbinfo, content, "Read failed while recovering from subpacket length mismatch"); 1836 ERRP(&pinfo->cbinfo, content, "Subpacket length mismatch"); 1837 } 1838 return 1; 1839 } 1840 1841 /** 1842 * \ingroup Core_ReadPackets 1843 * \brief Parse a version 4 signature. 1844 * 1845 * This function parses a version 4 signature including all its hashed and unhashed subpackets. 1846 * 1847 * Once the signature packet has been parsed successfully, it is passed to the callback. 1848 * 1849 * \param *ptag Pointer to the Packet Tag. 1850 * \param *reader Our reader 1851 * \param *cb The callback 1852 * \return 1 on success, 0 on error 1853 * 1854 * \see RFC4880 5.2.3 1855 */ 1856 static int 1857 parse_v4_signature(__ops_region_t * region, __ops_parse_info_t * pinfo) 1858 { 1859 unsigned char c[1] = ""; 1860 __ops_parser_content_t content; 1861 1862 /* debug=1; */ 1863 if (__ops_get_debug_level(__FILE__)) { 1864 fprintf(stderr, "\nparse_v4_signature\n"); 1865 } 1866 /* clear signature */ 1867 (void) memset(&content.u.signature, 0x0, sizeof(content.u.signature)); 1868 1869 /* 1870 * We need to hash the packet data from version through the hashed 1871 * subpacket data 1872 */ 1873 1874 content.u.signature.v4_hashed_data_start = pinfo->rinfo.alength - 1; 1875 1876 /* Set version,type,algorithms */ 1877 1878 content.u.signature.info.version = OPS_V4; 1879 1880 if (!limited_read(c, 1, region, pinfo)) 1881 return 0; 1882 content.u.signature.info.type = c[0]; 1883 if (__ops_get_debug_level(__FILE__)) { 1884 fprintf(stderr, "signature type=%d (%s)\n", 1885 content.u.signature.info.type, 1886 __ops_show_sig_type(content.u.signature.info.type)); 1887 } 1888 /* XXX: check signature type */ 1889 1890 if (!limited_read(c, 1, region, pinfo)) 1891 return 0; 1892 content.u.signature.info.key_algorithm = c[0]; 1893 /* XXX: check algorithm */ 1894 if (__ops_get_debug_level(__FILE__)) { 1895 fprintf(stderr, "key_algorithm=%d (%s)\n", 1896 content.u.signature.info.key_algorithm, 1897 __ops_show_pka(content.u.signature.info.key_algorithm)); 1898 } 1899 if (!limited_read(c, 1, region, pinfo)) 1900 return 0; 1901 content.u.signature.info.hash_algorithm = c[0]; 1902 /* XXX: check algorithm */ 1903 if (__ops_get_debug_level(__FILE__)) { 1904 fprintf(stderr, "hash_algorithm=%d %s\n", 1905 content.u.signature.info.hash_algorithm, 1906 __ops_show_hash_algorithm(content.u.signature.info.hash_algorithm)); 1907 } 1908 CALLBACK(&pinfo->cbinfo, OPS_PTAG_CT_SIGNATURE_HEADER, &content); 1909 1910 1911 if (!parse_signature_subpackets(&content.u.signature, region, pinfo)) 1912 return 0; 1913 1914 content.u.signature.info.v4_hashed_data_length = pinfo->rinfo.alength 1915 - content.u.signature.v4_hashed_data_start; 1916 1917 /* copy hashed subpackets */ 1918 if (content.u.signature.info.v4_hashed_data) 1919 free(content.u.signature.info.v4_hashed_data); 1920 content.u.signature.info.v4_hashed_data = calloc(1, content.u.signature.info.v4_hashed_data_length); 1921 1922 if (!pinfo->rinfo.accumulate) { 1923 /* We must accumulate, else we can't check the signature */ 1924 fprintf(stderr, "*** ERROR: must set accumulate to true\n"); 1925 assert( /* CONSTCOND */ 0); 1926 } 1927 (void) memcpy(content.u.signature.info.v4_hashed_data, 1928 pinfo->rinfo.accumulated + content.u.signature.v4_hashed_data_start, 1929 content.u.signature.info.v4_hashed_data_length); 1930 1931 if (!parse_signature_subpackets(&content.u.signature, region, pinfo)) 1932 return 0; 1933 1934 if (!limited_read(content.u.signature.hash2, 2, region, pinfo)) 1935 return 0; 1936 1937 switch (content.u.signature.info.key_algorithm) { 1938 case OPS_PKA_RSA: 1939 if (!limited_read_mpi(&content.u.signature.info.signature.rsa.sig, region, pinfo)) 1940 return 0; 1941 break; 1942 1943 case OPS_PKA_DSA: 1944 if (!limited_read_mpi(&content.u.signature.info.signature.dsa.r, region, pinfo)) { 1945 /* 1946 * usually if this fails, it just means we've reached 1947 * the end of the keyring 1948 */ 1949 if (__ops_get_debug_level(__FILE__)) { 1950 (void) fprintf(stderr, "Error reading DSA r field in signature"); 1951 } 1952 return 0; 1953 } 1954 if (!limited_read_mpi(&content.u.signature.info.signature.dsa.s, region, pinfo)) 1955 ERRP(&pinfo->cbinfo, content, "Error reading DSA s field in signature"); 1956 break; 1957 1958 case OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN: 1959 if (!limited_read_mpi(&content.u.signature.info.signature.elgamal.r, region, pinfo) 1960 || !limited_read_mpi(&content.u.signature.info.signature.elgamal.s, region, pinfo)) 1961 return 0; 1962 break; 1963 1964 case OPS_PKA_PRIVATE00: 1965 case OPS_PKA_PRIVATE01: 1966 case OPS_PKA_PRIVATE02: 1967 case OPS_PKA_PRIVATE03: 1968 case OPS_PKA_PRIVATE04: 1969 case OPS_PKA_PRIVATE05: 1970 case OPS_PKA_PRIVATE06: 1971 case OPS_PKA_PRIVATE07: 1972 case OPS_PKA_PRIVATE08: 1973 case OPS_PKA_PRIVATE09: 1974 case OPS_PKA_PRIVATE10: 1975 if (!read_data(&content.u.signature.info.signature.unknown.data, region, pinfo)) 1976 return 0; 1977 break; 1978 1979 default: 1980 OPS_ERROR_1(&pinfo->errors, OPS_E_ALG_UNSUPPORTED_SIGNATURE_ALG, 1981 "Bad v4 signature key algorithm (%s)", 1982 __ops_show_pka(content.u.signature.info.key_algorithm)); 1983 return 0; 1984 } 1985 1986 if (region->length_read != region->length) { 1987 OPS_ERROR_1(&pinfo->errors, OPS_E_R_UNCONSUMED_DATA, 1988 "Unconsumed data (%d)", 1989 region->length - region->length_read); 1990 return 0; 1991 } 1992 CALLBACK(&pinfo->cbinfo, OPS_PTAG_CT_SIGNATURE_FOOTER, &content); 1993 1994 return 1; 1995 } 1996 1997 /** 1998 * \ingroup Core_ReadPackets 1999 * \brief Parse a signature subpacket. 2000 * 2001 * This function calls the appropriate function to handle v3 or v4 signatures. 2002 * 2003 * Once the signature packet has been parsed successfully, it is passed to the callback. 2004 * 2005 * \param *ptag Pointer to the Packet Tag. 2006 * \param *reader Our reader 2007 * \param *cb The callback 2008 * \return 1 on success, 0 on error 2009 */ 2010 static int 2011 parse_signature(__ops_region_t * region, __ops_parse_info_t * pinfo) 2012 { 2013 unsigned char c[1] = ""; 2014 __ops_parser_content_t content; 2015 2016 assert(region->length_read == 0); /* We should not have read 2017 * anything so far */ 2018 2019 (void) memset(&content, 0x0, sizeof(content)); 2020 2021 if (!limited_read(c, 1, region, pinfo)) 2022 return 0; 2023 2024 if (c[0] == 2 || c[0] == 3) 2025 return parse_v3_signature(region, pinfo); 2026 else if (c[0] == 4) 2027 return parse_v4_signature(region, pinfo); 2028 2029 OPS_ERROR_1(&pinfo->errors, OPS_E_PROTO_BAD_SIGNATURE_VRSN, 2030 "Bad signature version (%d)", c[0]); 2031 return 0; 2032 } 2033 2034 /** 2035 \ingroup Core_ReadPackets 2036 \brief Parse Compressed packet 2037 */ 2038 static int 2039 parse_compressed(__ops_region_t * region, __ops_parse_info_t * pinfo) 2040 { 2041 unsigned char c[1] = ""; 2042 __ops_parser_content_t content; 2043 2044 if (!limited_read(c, 1, region, pinfo)) 2045 return 0; 2046 2047 content.u.compressed.type = c[0]; 2048 2049 CALLBACK(&pinfo->cbinfo, OPS_PTAG_CT_COMPRESSED, &content); 2050 2051 /* 2052 * The content of a compressed data packet is more OpenPGP packets 2053 * once decompressed, so recursively handle them 2054 */ 2055 2056 return __ops_decompress(region, pinfo, content.u.compressed.type); 2057 } 2058 2059 /* XXX: this could be improved by sharing all hashes that are the */ 2060 /* same, then duping them just before checking the signature. */ 2061 static void 2062 parse_hash_init(__ops_parse_info_t * pinfo, __ops_hash_algorithm_t type, 2063 const unsigned char *keyid) 2064 { 2065 __ops_parse_hash_info_t *hash; 2066 2067 pinfo->hashes = realloc(pinfo->hashes, 2068 (pinfo->nhashes + 1) * sizeof(*pinfo->hashes)); 2069 hash = &pinfo->hashes[pinfo->nhashes++]; 2070 2071 __ops_hash_any(&hash->hash, type); 2072 hash->hash.init(&hash->hash); 2073 (void) memcpy(hash->keyid, keyid, sizeof(hash->keyid)); 2074 } 2075 2076 /** 2077 \ingroup Core_ReadPackets 2078 \brief Parse a One Pass Signature packet 2079 */ 2080 static int 2081 parse_one_pass(__ops_region_t * region, __ops_parse_info_t * pinfo) 2082 { 2083 unsigned char c[1] = ""; 2084 __ops_parser_content_t content; 2085 2086 if (!limited_read(&content.u.one_pass_signature.version, 1, region, pinfo)) 2087 return 0; 2088 if (content.u.one_pass_signature.version != 3) { 2089 OPS_ERROR_1(&pinfo->errors, OPS_E_PROTO_BAD_ONE_PASS_SIG_VRSN, 2090 "Bad one-pass signature version (%d)", 2091 content.u.one_pass_signature.version); 2092 return 0; 2093 } 2094 if (!limited_read(c, 1, region, pinfo)) 2095 return 0; 2096 content.u.one_pass_signature.sig_type = c[0]; 2097 2098 if (!limited_read(c, 1, region, pinfo)) 2099 return 0; 2100 content.u.one_pass_signature.hash_algorithm = c[0]; 2101 2102 if (!limited_read(c, 1, region, pinfo)) 2103 return 0; 2104 content.u.one_pass_signature.key_algorithm = c[0]; 2105 2106 if (!limited_read(content.u.one_pass_signature.keyid, 2107 sizeof(content.u.one_pass_signature.keyid), region, pinfo)) 2108 return 0; 2109 2110 if (!limited_read(c, 1, region, pinfo)) 2111 return 0; 2112 content.u.one_pass_signature.nested = !!c[0]; 2113 2114 CALLBACK(&pinfo->cbinfo, OPS_PTAG_CT_ONE_PASS_SIGNATURE, &content); 2115 2116 /* XXX: we should, perhaps, let the app choose whether to hash or not */ 2117 parse_hash_init(pinfo, content.u.one_pass_signature.hash_algorithm, 2118 content.u.one_pass_signature.keyid); 2119 2120 return 1; 2121 } 2122 2123 /** 2124 \ingroup Core_ReadPackets 2125 \brief Parse a Trust packet 2126 */ 2127 static int 2128 parse_trust(__ops_region_t * region, __ops_parse_info_t * pinfo) 2129 { 2130 __ops_parser_content_t content; 2131 2132 if (!read_data(&content.u.trust.data, region, pinfo)) 2133 return 0; 2134 2135 CALLBACK(&pinfo->cbinfo, OPS_PTAG_CT_TRUST, &content); 2136 2137 return 1; 2138 } 2139 2140 static void 2141 parse_hash_data(__ops_parse_info_t * pinfo, const void *data, 2142 size_t length) 2143 { 2144 size_t n; 2145 2146 for (n = 0; n < pinfo->nhashes; ++n) { 2147 pinfo->hashes[n].hash.add(&pinfo->hashes[n].hash, data, length); 2148 } 2149 } 2150 2151 /** 2152 \ingroup Core_ReadPackets 2153 \brief Parse a Literal Data packet 2154 */ 2155 static int 2156 parse_literal_data(__ops_region_t * region, __ops_parse_info_t * pinfo) 2157 { 2158 __ops_parser_content_t content; 2159 __ops_memory_t *mem; 2160 unsigned char c[1] = ""; 2161 2162 if (!limited_read(c, 1, region, pinfo)) 2163 return 0; 2164 content.u.literal_data_header.format = c[0]; 2165 2166 if (!limited_read(c, 1, region, pinfo)) 2167 return 0; 2168 if (!limited_read((unsigned char *) content.u.literal_data_header.filename, 2169 (unsigned)c[0], region, pinfo)) 2170 return 0; 2171 content.u.literal_data_header.filename[c[0]] = '\0'; 2172 2173 if (!limited_read_time(&content.u.literal_data_header.modification_time, region, pinfo)) 2174 return 0; 2175 2176 CALLBACK(&pinfo->cbinfo, OPS_PTAG_CT_LITERAL_DATA_HEADER, &content); 2177 2178 mem = content.u.literal_data_body.mem = __ops_memory_new(); 2179 __ops_memory_init(content.u.literal_data_body.mem, (unsigned)(region->length * 1.01) + 12); 2180 content.u.literal_data_body.data = mem->buf; 2181 2182 while (region->length_read < region->length) { 2183 unsigned readc = region->length - region->length_read; 2184 2185 if (!limited_read(mem->buf, readc, region, pinfo)) { 2186 return 0; 2187 } 2188 content.u.literal_data_body.length = readc; 2189 parse_hash_data(pinfo, content.u.literal_data_body.data, region->length); 2190 CALLBACK(&pinfo->cbinfo, OPS_PTAG_CT_LITERAL_DATA_BODY, &content); 2191 } 2192 2193 /* XXX - get rid of mem here? */ 2194 2195 return 1; 2196 } 2197 2198 /** 2199 * \ingroup Core_Create 2200 * 2201 * __ops_secret_key_free() frees the memory associated with "key". Note that 2202 * the key itself is not freed. 2203 * 2204 * \param key 2205 */ 2206 2207 void 2208 __ops_secret_key_free(__ops_secret_key_t * key) 2209 { 2210 switch (key->public_key.algorithm) { 2211 case OPS_PKA_RSA: 2212 case OPS_PKA_RSA_ENCRYPT_ONLY: 2213 case OPS_PKA_RSA_SIGN_ONLY: 2214 free_BN(&key->key.rsa.d); 2215 free_BN(&key->key.rsa.p); 2216 free_BN(&key->key.rsa.q); 2217 free_BN(&key->key.rsa.u); 2218 break; 2219 2220 case OPS_PKA_DSA: 2221 free_BN(&key->key.dsa.x); 2222 break; 2223 2224 default: 2225 fprintf(stderr, "__ops_secret_key_free: Unknown algorithm: %d (%s)\n", key->public_key.algorithm, __ops_show_pka(key->public_key.algorithm)); 2226 /* assert(0); */ 2227 } 2228 2229 __ops_public_key_free(&key->public_key); 2230 } 2231 2232 static int 2233 consume_packet(__ops_region_t * region, __ops_parse_info_t * pinfo, 2234 bool warn) 2235 { 2236 __ops_data_t remainder; 2237 __ops_parser_content_t content; 2238 2239 if (region->indeterminate) 2240 ERRP(&pinfo->cbinfo, content, "Can't consume indeterminate packets"); 2241 2242 if (read_data(&remainder, region, pinfo)) { 2243 /* now throw it away */ 2244 data_free(&remainder); 2245 if (warn) 2246 OPS_ERROR(&pinfo->errors, OPS_E_P_PACKET_CONSUMED, "Warning: packet consumer"); 2247 } else if (warn) 2248 OPS_ERROR(&pinfo->errors, OPS_E_P_PACKET_NOT_CONSUMED, "Warning: Packet was not consumed"); 2249 else { 2250 OPS_ERROR(&pinfo->errors, OPS_E_P_PACKET_NOT_CONSUMED, "Packet was not consumed"); 2251 return 0; 2252 } 2253 2254 return 1; 2255 } 2256 2257 /** 2258 * \ingroup Core_ReadPackets 2259 * \brief Parse a secret key 2260 */ 2261 static int 2262 parse_secret_key(__ops_region_t * region, __ops_parse_info_t * pinfo) 2263 { 2264 __ops_parser_content_t content; 2265 __ops_region_t encregion; 2266 __ops_region_t *saved_region = NULL; 2267 unsigned char c[1] = ""; 2268 __ops_crypt_t decrypt; 2269 __ops_hash_t checkhash; 2270 unsigned blocksize; 2271 #if 0 2272 size_t checksum_length = 2; 2273 #endif 2274 bool crypted; 2275 int ret = 1; 2276 2277 if (__ops_get_debug_level(__FILE__)) { 2278 fprintf(stderr, "\n---------\nparse_secret_key:\n"); 2279 fprintf(stderr, "region length=%d, length_read=%d, remainder=%d\n", region->length, region->length_read, region->length - region->length_read); 2280 } 2281 (void) memset(&content, 0x0, sizeof(content)); 2282 if (!parse_public_key_data(&content.u.secret_key.public_key, region, pinfo)) 2283 return 0; 2284 2285 if (__ops_get_debug_level(__FILE__)) { 2286 fprintf(stderr, "parse_secret_key: public key parsed\n"); 2287 __ops_print_public_key(&content.u.secret_key.public_key); 2288 } 2289 pinfo->reading_v3_secret = content.u.secret_key.public_key.version != OPS_V4; 2290 2291 if (!limited_read(c, 1, region, pinfo)) 2292 return 0; 2293 content.u.secret_key.s2k_usage = c[0]; 2294 #if 0 2295 if (content.u.secret_key.s2k_usage == OPS_S2KU_ENCRYPTED_AND_HASHED) 2296 checksum_length = 20; 2297 #endif 2298 2299 if (content.u.secret_key.s2k_usage == OPS_S2KU_ENCRYPTED 2300 || content.u.secret_key.s2k_usage == OPS_S2KU_ENCRYPTED_AND_HASHED) { 2301 if (!limited_read(c, 1, region, pinfo)) 2302 return 0; 2303 content.u.secret_key.algorithm = c[0]; 2304 2305 if (!limited_read(c, 1, region, pinfo)) 2306 return 0; 2307 content.u.secret_key.s2k_specifier = c[0]; 2308 2309 assert(content.u.secret_key.s2k_specifier == OPS_S2KS_SIMPLE 2310 || content.u.secret_key.s2k_specifier == OPS_S2KS_SALTED 2311 || content.u.secret_key.s2k_specifier == OPS_S2KS_ITERATED_AND_SALTED); 2312 2313 if (!limited_read(c, 1, region, pinfo)) 2314 return 0; 2315 content.u.secret_key.hash_algorithm = c[0]; 2316 2317 if (content.u.secret_key.s2k_specifier != OPS_S2KS_SIMPLE 2318 && !limited_read(content.u.secret_key.salt, 8, region, pinfo)) { 2319 return 0; 2320 } 2321 if (content.u.secret_key.s2k_specifier == OPS_S2KS_ITERATED_AND_SALTED) { 2322 if (!limited_read(c, 1, region, pinfo)) 2323 return 0; 2324 content.u.secret_key.octet_count = (16 + ((unsigned)c[0] & 15)) << (((unsigned)c[0] >> 4) + 6); 2325 } 2326 } else if (content.u.secret_key.s2k_usage != OPS_S2KU_NONE) { 2327 /* this is V3 style, looks just like a V4 simple hash */ 2328 #if 0 2329 content.u.secret_key.algorithm = content.u.secret_key.s2k_usage; 2330 #else 2331 /* XXX - if we get problems, this may be the source - agc */ 2332 content.u.secret_key.algorithm = c[0]; 2333 #endif 2334 content.u.secret_key.s2k_usage = OPS_S2KU_ENCRYPTED; 2335 content.u.secret_key.s2k_specifier = OPS_S2KS_SIMPLE; 2336 content.u.secret_key.hash_algorithm = OPS_HASH_MD5; 2337 } 2338 crypted = content.u.secret_key.s2k_usage == OPS_S2KU_ENCRYPTED 2339 || content.u.secret_key.s2k_usage == OPS_S2KU_ENCRYPTED_AND_HASHED; 2340 2341 if (crypted) { 2342 int n; 2343 __ops_parser_content_t seckey; 2344 char *passphrase; 2345 unsigned char key[OPS_MAX_KEY_SIZE + OPS_MAX_HASH_SIZE]; 2346 __ops_hash_t hashes[(OPS_MAX_KEY_SIZE + OPS_MIN_HASH_SIZE - 1) / OPS_MIN_HASH_SIZE]; 2347 int keysize; 2348 int hashsize; 2349 size_t len; 2350 2351 blocksize = __ops_block_size(content.u.secret_key.algorithm); 2352 assert(blocksize > 0 && blocksize <= OPS_MAX_BLOCK_SIZE); 2353 2354 if (!limited_read(content.u.secret_key.iv, blocksize, region, pinfo)) 2355 return 0; 2356 2357 (void) memset(&seckey, 0x0, sizeof(seckey)); 2358 passphrase = NULL; 2359 seckey.u.secret_key_passphrase.passphrase = &passphrase; 2360 seckey.u.secret_key_passphrase.secret_key = &content.u.secret_key; 2361 CALLBACK(&pinfo->cbinfo, OPS_PARSER_CMD_GET_SK_PASSPHRASE, &seckey); 2362 if (!passphrase) { 2363 if (__ops_get_debug_level(__FILE__)) { 2364 /* \todo make into proper error */ 2365 fprintf(stderr, "parse_secret_key: can't get passphrase\n"); 2366 } 2367 if (!consume_packet(region, pinfo, false)) 2368 return 0; 2369 2370 CALLBACK(&pinfo->cbinfo, OPS_PTAG_CT_ENCRYPTED_SECRET_KEY, &content); 2371 2372 return 1; 2373 } 2374 keysize = __ops_key_size(content.u.secret_key.algorithm); 2375 assert(keysize > 0 && keysize <= OPS_MAX_KEY_SIZE); 2376 2377 hashsize = __ops_hash_size(content.u.secret_key.hash_algorithm); 2378 assert(hashsize > 0 && hashsize <= OPS_MAX_HASH_SIZE); 2379 2380 for (n = 0; n * hashsize < keysize; ++n) { 2381 int i; 2382 2383 __ops_hash_any(&hashes[n], content.u.secret_key.hash_algorithm); 2384 hashes[n].init(&hashes[n]); 2385 /* preload hashes with zeroes... */ 2386 for (i = 0; i < n; ++i) 2387 hashes[n].add(&hashes[n], (const unsigned char *) "", 1); 2388 } 2389 2390 len = strlen(passphrase); 2391 2392 for (n = 0; n * hashsize < keysize; ++n) { 2393 unsigned i; 2394 2395 switch (content.u.secret_key.s2k_specifier) { 2396 case OPS_S2KS_SALTED: 2397 hashes[n].add(&hashes[n], content.u.secret_key.salt, OPS_SALT_SIZE); 2398 /* FALLTHROUGH */ 2399 case OPS_S2KS_SIMPLE: 2400 hashes[n].add(&hashes[n], (unsigned char *) passphrase, len); 2401 break; 2402 2403 case OPS_S2KS_ITERATED_AND_SALTED: 2404 for (i = 0; i < content.u.secret_key.octet_count; i += len + OPS_SALT_SIZE) { 2405 unsigned j = len + OPS_SALT_SIZE; 2406 2407 if (i + j > content.u.secret_key.octet_count && i != 0) 2408 j = content.u.secret_key.octet_count - i; 2409 2410 hashes[n].add(&hashes[n], 2411 content.u.secret_key.salt, 2412 (unsigned)(j > OPS_SALT_SIZE) ? 2413 OPS_SALT_SIZE : j); 2414 if (j > OPS_SALT_SIZE) 2415 hashes[n].add(&hashes[n], (unsigned char *) passphrase, j - OPS_SALT_SIZE); 2416 } 2417 2418 } 2419 } 2420 2421 for (n = 0; n * hashsize < keysize; ++n) { 2422 int r = hashes[n].finish(&hashes[n], key + n * hashsize); 2423 assert(r == hashsize); 2424 } 2425 2426 free(passphrase); 2427 2428 __ops_crypt_any(&decrypt, content.u.secret_key.algorithm); 2429 if (__ops_get_debug_level(__FILE__)) { 2430 unsigned int i = 0; 2431 fprintf(stderr, "\nREADING:\niv="); 2432 for (i = 0; i < __ops_block_size(content.u.secret_key.algorithm); i++) { 2433 fprintf(stderr, "%02x ", content.u.secret_key.iv[i]); 2434 } 2435 fprintf(stderr, "\n"); 2436 fprintf(stderr, "key="); 2437 for (i = 0; i < CAST_KEY_LENGTH; i++) { 2438 fprintf(stderr, "%02x ", key[i]); 2439 } 2440 fprintf(stderr, "\n"); 2441 } 2442 decrypt.set_iv(&decrypt, content.u.secret_key.iv); 2443 decrypt.set_key(&decrypt, key); 2444 2445 /* now read encrypted data */ 2446 2447 __ops_reader_push_decrypt(pinfo, &decrypt, region); 2448 2449 /* 2450 * Since all known encryption for PGP doesn't compress, we 2451 * can limit to the same length as the current region (for 2452 * now). 2453 */ 2454 __ops_init_subregion(&encregion, NULL); 2455 encregion.length = region->length - region->length_read; 2456 if (content.u.secret_key.public_key.version != OPS_V4) { 2457 encregion.length -= 2; 2458 } 2459 saved_region = region; 2460 region = &encregion; 2461 } 2462 if (content.u.secret_key.s2k_usage == OPS_S2KU_ENCRYPTED_AND_HASHED) { 2463 __ops_hash_sha1(&checkhash); 2464 __ops_reader_push_hash(pinfo, &checkhash); 2465 } else { 2466 __ops_reader_push_sum16(pinfo); 2467 } 2468 2469 switch (content.u.secret_key.public_key.algorithm) { 2470 case OPS_PKA_RSA: 2471 case OPS_PKA_RSA_ENCRYPT_ONLY: 2472 case OPS_PKA_RSA_SIGN_ONLY: 2473 if (!limited_read_mpi(&content.u.secret_key.key.rsa.d, region, pinfo) 2474 || !limited_read_mpi(&content.u.secret_key.key.rsa.p, region, pinfo) 2475 || !limited_read_mpi(&content.u.secret_key.key.rsa.q, region, pinfo) 2476 || !limited_read_mpi(&content.u.secret_key.key.rsa.u, region, pinfo)) 2477 ret = 0; 2478 2479 break; 2480 2481 case OPS_PKA_DSA: 2482 2483 if (!limited_read_mpi(&content.u.secret_key.key.dsa.x, region, pinfo)) 2484 ret = 0; 2485 break; 2486 2487 default: 2488 OPS_ERROR_2(&pinfo->errors, OPS_E_ALG_UNSUPPORTED_PUBLIC_KEY_ALG, "Unsupported Public Key algorithm %d (%s)", content.u.secret_key.public_key.algorithm, __ops_show_pka(content.u.secret_key.public_key.algorithm)); 2489 ret = 0; 2490 /* assert(0); */ 2491 } 2492 2493 if (__ops_get_debug_level(__FILE__)) { 2494 fprintf(stderr, "4 MPIs read\n"); 2495 /* 2496 * __ops_print_secret_key_verbose(OPS_PTAG_CT_SECRET_KEY, 2497 * &content.u.secret_key); 2498 */ 2499 } 2500 pinfo->reading_v3_secret = false; 2501 2502 if (content.u.secret_key.s2k_usage == OPS_S2KU_ENCRYPTED_AND_HASHED) { 2503 unsigned char hash[20]; 2504 2505 __ops_reader_pop_hash(pinfo); 2506 checkhash.finish(&checkhash, hash); 2507 2508 if (crypted && content.u.secret_key.public_key.version != OPS_V4) { 2509 __ops_reader_pop_decrypt(pinfo); 2510 region = saved_region; 2511 } 2512 if (ret) { 2513 if (!limited_read(content.u.secret_key.checkhash, 20, region, pinfo)) 2514 return 0; 2515 2516 if (memcmp(hash, content.u.secret_key.checkhash, 20)) 2517 ERRP(&pinfo->cbinfo, content, "Hash mismatch in secret key"); 2518 } 2519 } else { 2520 unsigned short sum; 2521 2522 sum = __ops_reader_pop_sum16(pinfo); 2523 2524 if (crypted && content.u.secret_key.public_key.version != OPS_V4) { 2525 __ops_reader_pop_decrypt(pinfo); 2526 region = saved_region; 2527 } 2528 if (ret) { 2529 if (!limited_read_scalar(&content.u.secret_key.checksum, 2, region, 2530 pinfo)) 2531 return 0; 2532 2533 if (sum != content.u.secret_key.checksum) 2534 ERRP(&pinfo->cbinfo, content, "Checksum mismatch in secret key"); 2535 } 2536 } 2537 2538 if (crypted && content.u.secret_key.public_key.version == OPS_V4) { 2539 __ops_reader_pop_decrypt(pinfo); 2540 } 2541 assert(!ret || region->length_read == region->length); 2542 2543 if (!ret) 2544 return 0; 2545 2546 CALLBACK(&pinfo->cbinfo, OPS_PTAG_CT_SECRET_KEY, &content); 2547 2548 if (__ops_get_debug_level(__FILE__)) { 2549 fprintf(stderr, "--- end of parse_secret_key\n\n"); 2550 } 2551 return 1; 2552 } 2553 2554 /** 2555 \ingroup Core_ReadPackets 2556 \brief Parse a Public Key Session Key packet 2557 */ 2558 static int 2559 parse_pk_session_key(__ops_region_t * region, 2560 __ops_parse_info_t * pinfo) 2561 { 2562 unsigned char c[1] = ""; 2563 __ops_parser_content_t content; 2564 __ops_parser_content_t sesskey; 2565 2566 int n; 2567 BIGNUM *enc_m; 2568 unsigned k; 2569 const __ops_secret_key_t *secret; 2570 unsigned char cs[2]; 2571 unsigned char *iv; 2572 2573 /* Can't rely on it being CAST5 */ 2574 /* \todo FIXME RW */ 2575 /* const size_t sz_unencoded_m_buf=CAST_KEY_LENGTH+1+2; */ 2576 unsigned char unencoded_m_buf[1024]; 2577 2578 if (!limited_read(c, 1, region, pinfo)) 2579 return 0; 2580 content.u.pk_session_key.version = c[0]; 2581 if (content.u.pk_session_key.version != OPS_PKSK_V3) { 2582 OPS_ERROR_1(&pinfo->errors, OPS_E_PROTO_BAD_PKSK_VRSN, 2583 "Bad public-key encrypted session key version (%d)", 2584 content.u.pk_session_key.version); 2585 return 0; 2586 } 2587 if (!limited_read(content.u.pk_session_key.key_id, 2588 sizeof(content.u.pk_session_key.key_id), region, pinfo)) { 2589 return 0; 2590 } 2591 if (__ops_get_debug_level(__FILE__)) { 2592 int i; 2593 int x = sizeof(content.u.pk_session_key.key_id); 2594 printf("session key: public key id: x=%d\n", x); 2595 for (i = 0; i < x; i++) 2596 printf("%2x ", content.u.pk_session_key.key_id[i]); 2597 printf("\n"); 2598 } 2599 if (!limited_read(c, 1, region, pinfo)) 2600 return 0; 2601 content.u.pk_session_key.algorithm = c[0]; 2602 switch (content.u.pk_session_key.algorithm) { 2603 case OPS_PKA_RSA: 2604 if (!limited_read_mpi(&content.u.pk_session_key.parameters.rsa.encrypted_m, 2605 region, pinfo)) { 2606 return 0; 2607 } 2608 enc_m = content.u.pk_session_key.parameters.rsa.encrypted_m; 2609 break; 2610 2611 case OPS_PKA_ELGAMAL: 2612 if (!limited_read_mpi(&content.u.pk_session_key.parameters.elgamal.g_to_k, 2613 region, pinfo) 2614 || !limited_read_mpi(&content.u.pk_session_key.parameters.elgamal.encrypted_m, 2615 region, pinfo)) { 2616 return 0; 2617 } 2618 enc_m = content.u.pk_session_key.parameters.elgamal.encrypted_m; 2619 break; 2620 2621 default: 2622 OPS_ERROR_1(&pinfo->errors, OPS_E_ALG_UNSUPPORTED_PUBLIC_KEY_ALG, 2623 "Unknown public key algorithm in session key (%s)", 2624 __ops_show_pka(content.u.pk_session_key.algorithm)); 2625 return 0; 2626 } 2627 2628 (void) memset(&sesskey, 0x0, sizeof(sesskey)); 2629 secret = NULL; 2630 sesskey.u.get_secret_key.secret_key = &secret; 2631 sesskey.u.get_secret_key.pk_session_key = &content.u.pk_session_key; 2632 2633 CALLBACK(&pinfo->cbinfo, OPS_PARSER_CMD_GET_SECRET_KEY, &sesskey); 2634 2635 if (!secret) { 2636 CALLBACK(&pinfo->cbinfo, OPS_PTAG_CT_ENCRYPTED_PK_SESSION_KEY, &content); 2637 2638 return 1; 2639 } 2640 /* n=__ops_decrypt_mpi(buf,sizeof(buf),enc_m,secret); */ 2641 n = __ops_decrypt_and_unencode_mpi(unencoded_m_buf, 2642 sizeof(unencoded_m_buf), enc_m, secret); 2643 2644 if (n < 1) { 2645 ERRP(&pinfo->cbinfo, content, "decrypted message too short"); 2646 return 0; 2647 } 2648 /* PKA */ 2649 content.u.pk_session_key.symmetric_algorithm = unencoded_m_buf[0]; 2650 2651 if (!__ops_is_sa_supported(content.u.pk_session_key.symmetric_algorithm)) { 2652 /* ERR1P */ 2653 OPS_ERROR_1(&pinfo->errors, OPS_E_ALG_UNSUPPORTED_SYMMETRIC_ALG, 2654 "Symmetric algorithm %s not supported", 2655 __ops_show_symmetric_algorithm(content.u.pk_session_key.symmetric_algorithm)); 2656 return 0; 2657 } 2658 k = __ops_key_size(content.u.pk_session_key.symmetric_algorithm); 2659 2660 if ((unsigned) n != k + 3) { 2661 OPS_ERROR_2(&pinfo->errors, OPS_E_PROTO_DECRYPTED_MSG_WRONG_LEN, 2662 "decrypted message wrong length (got %d expected %d)", 2663 n, k + 3); 2664 return 0; 2665 } 2666 assert(k <= sizeof(content.u.pk_session_key.key)); 2667 2668 (void) memcpy(content.u.pk_session_key.key, unencoded_m_buf + 1, k); 2669 2670 if (__ops_get_debug_level(__FILE__)) { 2671 unsigned int j; 2672 printf("session key recovered (len=%d):\n", k); 2673 for (j = 0; j < k; j++) 2674 printf("%2x ", content.u.pk_session_key.key[j]); 2675 printf("\n"); 2676 } 2677 content.u.pk_session_key.checksum = unencoded_m_buf[k + 1] + (unencoded_m_buf[k + 2] << 8); 2678 if (__ops_get_debug_level(__FILE__)) { 2679 printf("session key checksum: %2x %2x\n", unencoded_m_buf[k + 1], unencoded_m_buf[k + 2]); 2680 } 2681 /* Check checksum */ 2682 2683 __ops_calc_session_key_checksum(&content.u.pk_session_key, &cs[0]); 2684 if (unencoded_m_buf[k + 1] != cs[0] || unencoded_m_buf[k + 2] != cs[1]) { 2685 OPS_ERROR_4(&pinfo->errors, OPS_E_PROTO_BAD_SK_CHECKSUM, 2686 "Session key checksum wrong: expected %2x %2x, got %2x %2x", 2687 cs[0], cs[1], unencoded_m_buf[k + 1], unencoded_m_buf[k + 2]); 2688 return 0; 2689 } 2690 /* all is well */ 2691 CALLBACK(&pinfo->cbinfo, OPS_PTAG_CT_PK_SESSION_KEY, &content); 2692 2693 __ops_crypt_any(&pinfo->decrypt, content.u.pk_session_key.symmetric_algorithm); 2694 iv = calloc(1, pinfo->decrypt.blocksize); 2695 pinfo->decrypt.set_iv(&pinfo->decrypt, iv); 2696 pinfo->decrypt.set_key(&pinfo->decrypt, content.u.pk_session_key.key); 2697 __ops_encrypt_init(&pinfo->decrypt); 2698 (void) free(iv); 2699 return 1; 2700 } 2701 2702 static int 2703 __ops_decrypt_se_data(__ops_content_tag_t tag, __ops_region_t * region, 2704 __ops_parse_info_t * pinfo) 2705 { 2706 int r = 1; 2707 __ops_crypt_t *decrypt = __ops_parse_get_decrypt(pinfo); 2708 2709 if (decrypt) { 2710 unsigned char buf[OPS_MAX_BLOCK_SIZE + 2] = ""; 2711 size_t b = decrypt->blocksize; 2712 /* __ops_parser_content_t content; */ 2713 __ops_region_t encregion; 2714 2715 2716 __ops_reader_push_decrypt(pinfo, decrypt, region); 2717 2718 __ops_init_subregion(&encregion, NULL); 2719 encregion.length = b + 2; 2720 2721 if (!exact_limited_read(buf, b + 2, &encregion, pinfo)) 2722 return 0; 2723 2724 if (buf[b - 2] != buf[b] || buf[b - 1] != buf[b + 1]) { 2725 __ops_reader_pop_decrypt(pinfo); 2726 OPS_ERROR_4(&pinfo->errors, OPS_E_PROTO_BAD_SYMMETRIC_DECRYPT, 2727 "Bad symmetric decrypt (%02x%02x vs %02x%02x)", 2728 buf[b - 2], buf[b - 1], buf[b], buf[b + 1]); 2729 return 0; 2730 } 2731 if (tag == OPS_PTAG_CT_SE_DATA_BODY) { 2732 decrypt->decrypt_resync(decrypt); 2733 decrypt->block_encrypt(decrypt, decrypt->civ, decrypt->civ); 2734 } 2735 r = __ops_parse(pinfo); 2736 2737 __ops_reader_pop_decrypt(pinfo); 2738 } else { 2739 __ops_parser_content_t content; 2740 2741 while (region->length_read < region->length) { 2742 unsigned len = region->length - region->length_read; 2743 2744 if (len > sizeof(content.u.se_data_body.data)) 2745 len = sizeof(content.u.se_data_body.data); 2746 2747 if (!limited_read(content.u.se_data_body.data, len, region, pinfo)) 2748 return 0; 2749 2750 content.u.se_data_body.length = len; 2751 2752 CALLBACK(&pinfo->cbinfo, tag, &content); 2753 } 2754 } 2755 2756 return r; 2757 } 2758 2759 static int 2760 __ops_decrypt_se_ip_data(__ops_content_tag_t tag, __ops_region_t * region, 2761 __ops_parse_info_t * pinfo) 2762 { 2763 int r = 1; 2764 __ops_crypt_t *decrypt = __ops_parse_get_decrypt(pinfo); 2765 2766 if (decrypt) { 2767 __ops_reader_push_decrypt(pinfo, decrypt, region); 2768 __ops_reader_push_se_ip_data(pinfo, decrypt, region); 2769 2770 r = __ops_parse(pinfo); 2771 2772 /* assert(0); */ 2773 __ops_reader_pop_se_ip_data(pinfo); 2774 __ops_reader_pop_decrypt(pinfo); 2775 } else { 2776 __ops_parser_content_t content; 2777 2778 while (region->length_read < region->length) { 2779 unsigned len = region->length - region->length_read; 2780 2781 if (len > sizeof(content.u.se_data_body.data)) 2782 len = sizeof(content.u.se_data_body.data); 2783 2784 if (!limited_read(content.u.se_data_body.data, len, region, pinfo)) 2785 return 0; 2786 2787 content.u.se_data_body.length = len; 2788 2789 CALLBACK(&pinfo->cbinfo, tag, &content); 2790 } 2791 } 2792 2793 return r; 2794 } 2795 2796 /** 2797 \ingroup Core_ReadPackets 2798 \brief Read a Symmetrically Encrypted packet 2799 */ 2800 static int 2801 parse_se_data(__ops_region_t * region, __ops_parse_info_t * pinfo) 2802 { 2803 __ops_parser_content_t content; 2804 2805 /* there's no info to go with this, so just announce it */ 2806 CALLBACK(&pinfo->cbinfo, OPS_PTAG_CT_SE_DATA_HEADER, &content); 2807 2808 /* 2809 * The content of an encrypted data packet is more OpenPGP packets 2810 * once decrypted, so recursively handle them 2811 */ 2812 return __ops_decrypt_se_data(OPS_PTAG_CT_SE_DATA_BODY, region, pinfo); 2813 } 2814 2815 /** 2816 \ingroup Core_ReadPackets 2817 \brief Read a Symmetrically Encrypted Integrity Protected packet 2818 */ 2819 static int 2820 parse_se_ip_data(__ops_region_t * region, __ops_parse_info_t * pinfo) 2821 { 2822 unsigned char c[1] = ""; 2823 __ops_parser_content_t content; 2824 2825 if (!limited_read(c, 1, region, pinfo)) 2826 return 0; 2827 content.u.se_ip_data_header.version = c[0]; 2828 assert(content.u.se_ip_data_header.version == OPS_SE_IP_V1); 2829 2830 /* 2831 * The content of an encrypted data packet is more OpenPGP packets 2832 * once decrypted, so recursively handle them 2833 */ 2834 return __ops_decrypt_se_ip_data(OPS_PTAG_CT_SE_IP_DATA_BODY, region, pinfo); 2835 } 2836 2837 /** 2838 \ingroup Core_ReadPackets 2839 \brief Read a MDC packet 2840 */ 2841 static int 2842 parse_mdc(__ops_region_t * region, __ops_parse_info_t * pinfo) 2843 { 2844 __ops_parser_content_t content; 2845 2846 if (!limited_read((unsigned char *)(void *)&content.u.mdc, 2847 OPS_SHA1_HASH_SIZE, region, pinfo)) 2848 return 0; 2849 2850 CALLBACK(&pinfo->cbinfo, OPS_PTAG_CT_MDC, &content); 2851 2852 return 1; 2853 } 2854 2855 /** 2856 * \ingroup Core_ReadPackets 2857 * \brief Parse one packet. 2858 * 2859 * This function parses the packet tag. It computes the value of the 2860 * content tag and then calls the appropriate function to handle the 2861 * content. 2862 * 2863 * \param *pinfo How to parse 2864 * \param *pktlen On return, will contain number of bytes in packet 2865 * \return 1 on success, 0 on error, -1 on EOF */ 2866 static int 2867 __ops_parse_packet(__ops_parse_info_t * pinfo, unsigned long *pktlen) 2868 { 2869 __ops_parser_content_t content; 2870 unsigned char ptag[1]; 2871 __ops_region_t region; 2872 bool indeterminate = false; 2873 int ret; 2874 2875 content.u.ptag.position = pinfo->rinfo.position; 2876 2877 ret = base_read(ptag, 1, pinfo); 2878 2879 if (__ops_get_debug_level(__FILE__)) { 2880 (void) fprintf(stderr, "__ops_parse_packet: base_read returned %d\n", 2881 ret); 2882 } 2883 2884 /* errors in the base read are effectively EOF. */ 2885 if (ret <= 0) { 2886 return -1; 2887 } 2888 2889 *pktlen = 0; 2890 2891 if (!(*ptag & OPS_PTAG_ALWAYS_SET)) { 2892 content.u.error.error = "Format error (ptag bit not set)"; 2893 CALLBACK(&pinfo->cbinfo, OPS_PARSER_ERROR, &content); 2894 return 0; 2895 } 2896 content.u.ptag.new_format = !!(*ptag & OPS_PTAG_NEW_FORMAT); 2897 if (content.u.ptag.new_format) { 2898 content.u.ptag.content_tag = *ptag & OPS_PTAG_NF_CONTENT_TAG_MASK; 2899 content.u.ptag.length_type = 0; 2900 if (!read_new_length(&content.u.ptag.length, pinfo)) { 2901 return 0; 2902 } 2903 2904 } else { 2905 bool rb; 2906 2907 rb = false; 2908 content.u.ptag.content_tag = ((unsigned)*ptag & 2909 OPS_PTAG_OF_CONTENT_TAG_MASK) 2910 >> OPS_PTAG_OF_CONTENT_TAG_SHIFT; 2911 content.u.ptag.length_type = *ptag & OPS_PTAG_OF_LENGTH_TYPE_MASK; 2912 switch (content.u.ptag.length_type) { 2913 case OPS_PTAG_OLD_LEN_1: 2914 rb = _read_scalar(&content.u.ptag.length, 1, pinfo); 2915 break; 2916 2917 case OPS_PTAG_OLD_LEN_2: 2918 rb = _read_scalar(&content.u.ptag.length, 2, pinfo); 2919 break; 2920 2921 case OPS_PTAG_OLD_LEN_4: 2922 rb = _read_scalar(&content.u.ptag.length, 4, pinfo); 2923 break; 2924 2925 case OPS_PTAG_OLD_LEN_INDETERMINATE: 2926 content.u.ptag.length = 0; 2927 indeterminate = true; 2928 rb = true; 2929 break; 2930 } 2931 if (!rb) { 2932 return 0; 2933 } 2934 } 2935 2936 CALLBACK(&pinfo->cbinfo, OPS_PARSER_PTAG, &content); 2937 2938 __ops_init_subregion(®ion, NULL); 2939 region.length = content.u.ptag.length; 2940 region.indeterminate = indeterminate; 2941 if (__ops_get_debug_level(__FILE__)) { 2942 (void) fprintf(stderr, "__ops_parse_packet: content_tag %d\n", 2943 content.u.ptag.content_tag); 2944 } 2945 switch (content.u.ptag.content_tag) { 2946 case OPS_PTAG_CT_SIGNATURE: 2947 ret = parse_signature(®ion, pinfo); 2948 break; 2949 2950 case OPS_PTAG_CT_PUBLIC_KEY: 2951 case OPS_PTAG_CT_PUBLIC_SUBKEY: 2952 ret = parse_public_key(content.u.ptag.content_tag, ®ion, pinfo); 2953 break; 2954 2955 case OPS_PTAG_CT_TRUST: 2956 ret = parse_trust(®ion, pinfo); 2957 break; 2958 2959 case OPS_PTAG_CT_USER_ID: 2960 ret = parse_user_id(®ion, pinfo); 2961 break; 2962 2963 case OPS_PTAG_CT_COMPRESSED: 2964 ret = parse_compressed(®ion, pinfo); 2965 break; 2966 2967 case OPS_PTAG_CT_ONE_PASS_SIGNATURE: 2968 ret = parse_one_pass(®ion, pinfo); 2969 break; 2970 2971 case OPS_PTAG_CT_LITERAL_DATA: 2972 ret = parse_literal_data(®ion, pinfo); 2973 break; 2974 2975 case OPS_PTAG_CT_USER_ATTRIBUTE: 2976 ret = parse_user_attribute(®ion, pinfo); 2977 break; 2978 2979 case OPS_PTAG_CT_SECRET_KEY: 2980 ret = parse_secret_key(®ion, pinfo); 2981 break; 2982 2983 case OPS_PTAG_CT_SECRET_SUBKEY: 2984 ret = parse_secret_key(®ion, pinfo); 2985 break; 2986 2987 case OPS_PTAG_CT_PK_SESSION_KEY: 2988 ret = parse_pk_session_key(®ion, pinfo); 2989 break; 2990 2991 case OPS_PTAG_CT_SE_DATA: 2992 ret = parse_se_data(®ion, pinfo); 2993 break; 2994 2995 case OPS_PTAG_CT_SE_IP_DATA: 2996 ret = parse_se_ip_data(®ion, pinfo); 2997 break; 2998 2999 case OPS_PTAG_CT_MDC: 3000 ret = parse_mdc(®ion, pinfo); 3001 break; 3002 3003 default: 3004 OPS_ERROR_1(&pinfo->errors, OPS_E_P_UNKNOWN_TAG, 3005 "Unknown content tag 0x%x", content.u.ptag.content_tag); 3006 ret = 0; 3007 } 3008 3009 /* Ensure that the entire packet has been consumed */ 3010 3011 if (region.length != region.length_read && !region.indeterminate) 3012 if (!consume_packet(®ion, pinfo, false)) 3013 ret = -1; 3014 3015 /* also consume it if there's been an error? */ 3016 /* \todo decide what to do about an error on an */ 3017 /* indeterminate packet */ 3018 if (ret == 0) { 3019 if (!consume_packet(®ion, pinfo, false)) 3020 ret = -1; 3021 } 3022 /* set pktlen */ 3023 3024 *pktlen = pinfo->rinfo.alength; 3025 3026 /* do callback on entire packet, if desired and there was no error */ 3027 3028 if (ret > 0 && pinfo->rinfo.accumulate) { 3029 content.u.packet.length = pinfo->rinfo.alength; 3030 content.u.packet.raw = pinfo->rinfo.accumulated; 3031 pinfo->rinfo.accumulated = NULL; 3032 pinfo->rinfo.asize = 0; 3033 CALLBACK(&pinfo->cbinfo, OPS_PARSER_PACKET_END, &content); 3034 } 3035 pinfo->rinfo.alength = 0; 3036 3037 if (ret < 0) { 3038 return -1; 3039 } 3040 3041 return (ret) ? 1 : 0; 3042 } 3043 3044 /** 3045 * \ingroup Core_ReadPackets 3046 * 3047 * \brief Parse packets from an input stream until EOF or error. 3048 * 3049 * \details Setup the necessary parsing configuration in "pinfo" before calling __ops_parse(). 3050 * 3051 * That information includes : 3052 * 3053 * - a "reader" function to be used to get the data to be parsed 3054 * 3055 * - a "callback" function to be called when this library has identified 3056 * a parseable object within the data 3057 * 3058 * - whether the calling function wants the signature subpackets returned raw, parsed or not at all. 3059 * 3060 * After returning, pinfo->errors holds any errors encountered while parsing. 3061 * 3062 * \param pinfo Parsing configuration 3063 * \return 1 on success in all packets, 0 on error in any packet 3064 * 3065 * \sa CoreAPI Overview 3066 * 3067 * \sa __ops_print_errors(), __ops_parse_and_print_errors() 3068 * 3069 * Example code 3070 * \code 3071 __ops_parse_cb_t* example_callback(); 3072 void example() 3073 { 3074 int fd=0; 3075 __ops_parse_info_t *pinfo=NULL; 3076 char *filename="pubring.gpg"; 3077 3078 // setup pinfo to read from file with example callback 3079 fd=__ops_setup_file_read(&pinfo, filename, NULL, example_callback, false); 3080 3081 // specify how we handle signature subpackets 3082 __ops_parse_options(pinfo, OPS_PTAG_SS_ALL, OPS_PARSE_PARSED); 3083 3084 if (!__ops_parse(pinfo)) 3085 __ops_print_errors(pinfo->errors); 3086 3087 __ops_teardown_file_read(pinfo,fd); 3088 } 3089 * \endcode 3090 */ 3091 3092 int 3093 __ops_parse(__ops_parse_info_t * pinfo) 3094 { 3095 int r; 3096 unsigned long pktlen; 3097 3098 do { 3099 r = __ops_parse_packet(pinfo, &pktlen); 3100 } while (r != -1); 3101 3102 return pinfo->errors ? 0 : 1; 3103 } 3104 3105 /** 3106 \ingroup Core_ReadPackets 3107 \brief Parse packets and print any errors 3108 * \param pinfo Parsing configuration 3109 * \return 1 on success in all packets, 0 on error in any packet 3110 * \sa CoreAPI Overview 3111 * \sa __ops_parse() 3112 */ 3113 3114 int 3115 __ops_parse_and_print_errors(__ops_parse_info_t * pinfo) 3116 { 3117 __ops_parse(pinfo); 3118 __ops_print_errors(pinfo->errors); 3119 return (pinfo->errors == NULL); 3120 } 3121 3122 /** 3123 * \ingroup Core_ReadPackets 3124 * 3125 * \brief Specifies whether one or more signature 3126 * subpacket types should be returned parsed; or raw; or ignored. 3127 * 3128 * \param pinfo Pointer to previously allocated structure 3129 * \param tag Packet tag. OPS_PTAG_SS_ALL for all SS tags; or one individual signature subpacket tag 3130 * \param type Parse type 3131 * \todo Make all packet types optional, not just subpackets */ 3132 void 3133 __ops_parse_options(__ops_parse_info_t * pinfo, 3134 __ops_content_tag_t tag, 3135 __ops_parse_type_t type) 3136 { 3137 int t8, t7; 3138 3139 if (tag == OPS_PTAG_SS_ALL) { 3140 int n; 3141 3142 for (n = 0; n < 256; ++n) 3143 __ops_parse_options(pinfo, OPS_PTAG_SIGNATURE_SUBPACKET_BASE + n, 3144 type); 3145 return; 3146 } 3147 assert(tag >= OPS_PTAG_SIGNATURE_SUBPACKET_BASE 3148 && tag <= OPS_PTAG_SIGNATURE_SUBPACKET_BASE + NTAGS - 1); 3149 t8 = (tag - OPS_PTAG_SIGNATURE_SUBPACKET_BASE) / 8; 3150 t7 = 1 << ((tag - OPS_PTAG_SIGNATURE_SUBPACKET_BASE) & 7); 3151 switch (type) { 3152 case OPS_PARSE_RAW: 3153 pinfo->ss_raw[t8] |= t7; 3154 pinfo->ss_parsed[t8] &= ~t7; 3155 break; 3156 3157 case OPS_PARSE_PARSED: 3158 pinfo->ss_raw[t8] &= ~t7; 3159 pinfo->ss_parsed[t8] |= t7; 3160 break; 3161 3162 case OPS_PARSE_IGNORE: 3163 pinfo->ss_raw[t8] &= ~t7; 3164 pinfo->ss_parsed[t8] &= ~t7; 3165 break; 3166 } 3167 } 3168 3169 /** 3170 \ingroup Core_ReadPackets 3171 \brief Creates a new zero-ed __ops_parse_info_t struct 3172 \sa __ops_parse_info_delete() 3173 */ 3174 __ops_parse_info_t * 3175 __ops_parse_info_new(void) 3176 { 3177 return calloc(1, sizeof(__ops_parse_info_t)); 3178 } 3179 3180 /** 3181 \ingroup Core_ReadPackets 3182 \brief Free __ops_parse_info_t struct and its contents 3183 \sa __ops_parse_info_new() 3184 */ 3185 void 3186 __ops_parse_info_delete(__ops_parse_info_t * pinfo) 3187 { 3188 __ops_parse_cb_info_t *cbinfo, *next; 3189 3190 for (cbinfo = pinfo->cbinfo.next; cbinfo; cbinfo = next) { 3191 next = cbinfo->next; 3192 free(cbinfo); 3193 } 3194 if (pinfo->rinfo.destroyer) 3195 pinfo->rinfo.destroyer(&pinfo->rinfo); 3196 __ops_free_errors(pinfo->errors); 3197 if (pinfo->rinfo.accumulated) 3198 free(pinfo->rinfo.accumulated); 3199 free(pinfo); 3200 } 3201 3202 /** 3203 \ingroup Core_ReadPackets 3204 \brief Returns the parse_info's reader_info 3205 \return Pointer to the reader_info inside the parse_info 3206 */ 3207 __ops_reader_info_t * 3208 __ops_parse_get_rinfo(__ops_parse_info_t * pinfo) 3209 { 3210 return &pinfo->rinfo; 3211 } 3212 3213 /** 3214 \ingroup Core_ReadPackets 3215 \brief Sets the parse_info's callback 3216 This is used when adding the first callback in a stack of callbacks. 3217 \sa __ops_parse_cb_push() 3218 */ 3219 3220 void 3221 __ops_parse_cb_set(__ops_parse_info_t * pinfo, __ops_parse_cb_t * cb, void *arg) 3222 { 3223 pinfo->cbinfo.cb = cb; 3224 pinfo->cbinfo.arg = arg; 3225 pinfo->cbinfo.errors = &pinfo->errors; 3226 } 3227 3228 /** 3229 \ingroup Core_ReadPackets 3230 \brief Adds a further callback to a stack of callbacks 3231 \sa __ops_parse_cb_set() 3232 */ 3233 void 3234 __ops_parse_cb_push(__ops_parse_info_t * pinfo, __ops_parse_cb_t * cb, void *arg) 3235 { 3236 __ops_parse_cb_info_t *cbinfo = calloc(1, sizeof(*cbinfo)); 3237 3238 *cbinfo = pinfo->cbinfo; 3239 pinfo->cbinfo.next = cbinfo; 3240 __ops_parse_cb_set(pinfo, cb, arg); 3241 } 3242 3243 /** 3244 \ingroup Core_ReadPackets 3245 \brief Returns callback's arg 3246 */ 3247 void * 3248 __ops_parse_cb_get_arg(__ops_parse_cb_info_t * cbinfo) 3249 { 3250 return cbinfo->arg; 3251 } 3252 3253 /** 3254 \ingroup Core_ReadPackets 3255 \brief Returns callback's errors 3256 */ 3257 void * 3258 __ops_parse_cb_get_errors(__ops_parse_cb_info_t * cbinfo) 3259 { 3260 return cbinfo->errors; 3261 } 3262 3263 /** 3264 \ingroup Core_ReadPackets 3265 \brief Calls the parse_cb_info's callback if present 3266 \return Return value from callback, if present; else OPS_FINISHED 3267 */ 3268 __ops_parse_cb_return_t 3269 __ops_parse_cb(const __ops_parser_content_t * content, 3270 __ops_parse_cb_info_t * cbinfo) 3271 { 3272 if (cbinfo->cb) 3273 return cbinfo->cb(content, cbinfo); 3274 else 3275 return OPS_FINISHED; 3276 } 3277 3278 /** 3279 \ingroup Core_ReadPackets 3280 \brief Calls the next callback in the stack 3281 \return Return value from callback 3282 */ 3283 __ops_parse_cb_return_t 3284 __ops_parse_stacked_cb(const __ops_parser_content_t * content, 3285 __ops_parse_cb_info_t * cbinfo) 3286 { 3287 return __ops_parse_cb(content, cbinfo->next); 3288 } 3289 3290 /** 3291 \ingroup Core_ReadPackets 3292 \brief Returns the parse_info's errors 3293 \return parse_info's errors 3294 */ 3295 __ops_error_t * 3296 __ops_parse_info_get_errors(__ops_parse_info_t * pinfo) 3297 { 3298 return pinfo->errors; 3299 } 3300 3301 __ops_crypt_t * 3302 __ops_parse_get_decrypt(__ops_parse_info_t * pinfo) 3303 { 3304 if (pinfo->decrypt.algorithm) 3305 return &pinfo->decrypt; 3306 return NULL; 3307 } 3308