commit 2c043e51a06e315bb235ccbe629088a576731248 Author: Angel Yankov Date: Tue Mar 18 10:52:21 2025 +0200 fix combine diff --git a/NEWS b/NEWS index 7ed00a0..c294c41 100644 --- a/NEWS +++ b/NEWS @@ -99,6 +99,8 @@ Noteworthy changes in version 2.4.4 (2024-01-25) * Improve the speedo build system for Unix. [T6710] + * gpg: Fix a verification DoS due to a malicious subkey in the + keyring. [T7527] Release-info: https://dev.gnupg.org/T6578 diff --git a/g10/card-util.c b/g10/card-util.c index a66c2e3..c1a73fd 100644 --- a/g10/card-util.c +++ b/g10/card-util.c @@ -705,7 +705,7 @@ current_card_status (ctrl_t ctrl, estream_t fp, /* If the fingerprint is all 0xff, the key has no associated OpenPGP certificate. */ if ( thefpr && !fpr_is_ff (thefpr, thefprlen) - && !get_pubkey_byfprint (ctrl, pk, &keyblock, thefpr, thefprlen)) + && !get_pubkey_byfpr (ctrl, pk, &keyblock, thefpr, thefprlen)) { print_key_info (ctrl, fp, 0, pk, 0); print_card_key_info (fp, keyblock); @@ -923,8 +923,8 @@ fetch_url (ctrl_t ctrl) } else if (info.fpr1len) { - rc = keyserver_import_fprint (ctrl, info.fpr1, info.fpr1len, - opt.keyserver, 0); + rc = keyserver_import_fpr (ctrl, info.fpr1, info.fpr1len, + opt.keyserver, 0); } } diff --git a/g10/getkey.c b/g10/getkey.c index b959d77..b6ae39e 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -310,27 +310,51 @@ pk_from_block (PKT_public_key *pk, kbnode_t keyblock, kbnode_t found_key) /* Specialized version of get_pubkey which retrieves the key based on * information in SIG. In contrast to get_pubkey PK is required. IF - * FORCED_PK is not NULL, this public key is used and copied to PK. */ + * FORCED_PK is not NULL, this public key is used and copied to PK. + * If R_KEYBLOCK is not NULL the entire keyblock is stored there if + * found and FORCED_PK is not used; if not used or on error NULL is + * stored there. */ + gpg_error_t get_pubkey_for_sig (ctrl_t ctrl, PKT_public_key *pk, PKT_signature *sig, - PKT_public_key *forced_pk) + PKT_public_key *forced_pk, kbnode_t *r_keyblock) { + gpg_error_t err; const byte *fpr; size_t fprlen; + if (r_keyblock) + *r_keyblock = NULL; + if (forced_pk) { copy_public_key (pk, forced_pk); return 0; } + /* Make sure to request only keys cabable of signing. This makes + * sure that a subkey w/o a valid backsig or with bad usage flags + * will be skipped. */ + pk->req_usage = PUBKEY_USAGE_SIG; + /* First try the ISSUER_FPR info. */ fpr = issuer_fpr_raw (sig, &fprlen); - if (fpr && !get_pubkey_byfprint (ctrl, pk, NULL, fpr, fprlen)) + if (fpr && !get_pubkey_byfpr (ctrl, pk, r_keyblock, fpr, fprlen)) return 0; + if (r_keyblock) + { + release_kbnode (*r_keyblock); + *r_keyblock = NULL; + } /* Fallback to use the ISSUER_KEYID. */ - return get_pubkey (ctrl, pk, sig->keyid); + err = get_pubkey_bykid (ctrl, pk, r_keyblock, sig->keyid); + if (err && r_keyblock) + { + release_kbnode (*r_keyblock); + *r_keyblock = NULL; + } + return err; } @@ -348,6 +372,10 @@ get_pubkey_for_sig (ctrl_t ctrl, PKT_public_key *pk, PKT_signature *sig, * usage will be returned. As such, it is essential that * PK->REQ_USAGE be correctly initialized! * + * If R_KEYBLOCK is not NULL, then the first result's keyblock is + * returned in *R_KEYBLOCK. This should be freed using + * release_kbnode(). + * * Returns 0 on success, GPG_ERR_NO_PUBKEY if there is no public key * with the specified key id, or another error code if an error * occurs. @@ -355,24 +383,30 @@ get_pubkey_for_sig (ctrl_t ctrl, PKT_public_key *pk, PKT_signature *sig, * If the data was not read from the cache, then the self-signed data * has definitely been merged into the public key using * merge_selfsigs. */ -int -get_pubkey (ctrl_t ctrl, PKT_public_key * pk, u32 * keyid) +gpg_error_t +get_pubkey_bykid (ctrl_t ctrl, PKT_public_key *pk, kbnode_t *r_keyblock, + u32 *keyid) { int internal = 0; - int rc = 0; + gpg_error_t rc = 0; + + if (r_keyblock) + *r_keyblock = NULL; #if MAX_PK_CACHE_ENTRIES - if (pk) + if (pk && !r_keyblock) { /* Try to get it from the cache. We don't do this when pk is - NULL as it does not guarantee that the user IDs are - cached. */ + * NULL as it does not guarantee that the user IDs are cached. + * The old get_pubkey_function did not check PK->REQ_USAGE when + * reading form the caceh. This is probably a bug. Note that + * the cache is not used when the caller asked to return the + * entire keyblock. This is because the cache does not + * associate the public key wit its primary key. */ pk_cache_entry_t ce; for (ce = pk_cache; ce; ce = ce->next) { if (ce->keyid[0] == keyid[0] && ce->keyid[1] == keyid[1]) - /* XXX: We don't check PK->REQ_USAGE here, but if we don't - read from the cache, we do check it! */ { copy_public_key (pk, ce->pk); return 0; @@ -380,6 +414,7 @@ get_pubkey (ctrl_t ctrl, PKT_public_key * pk, u32 * keyid) } } #endif + /* More init stuff. */ if (!pk) { @@ -425,16 +460,18 @@ get_pubkey (ctrl_t ctrl, PKT_public_key * pk, u32 * keyid) ctx.req_usage = pk->req_usage; rc = lookup (ctrl, &ctx, 0, &kb, &found_key); if (!rc) - { - pk_from_block (pk, kb, found_key); - } + pk_from_block (pk, kb, found_key); getkey_end (ctrl, &ctx); + if (!rc && r_keyblock) + { + *r_keyblock = kb; + kb = NULL; + } release_kbnode (kb); } - if (!rc) - goto leave; - rc = GPG_ERR_NO_PUBKEY; + if (rc) /* Return a more useful error code. */ + rc = gpg_error (GPG_ERR_NO_PUBKEY); leave: if (!rc) @@ -445,6 +482,14 @@ leave: } +/* Wrapper for get_pubkey_bykid w/o keyblock return feature. */ +int +get_pubkey (ctrl_t ctrl, PKT_public_key *pk, u32 *keyid) +{ + return get_pubkey_bykid (ctrl, pk, NULL, keyid); +} + + /* Same as get_pubkey but if the key was not found the function tries * to import it from LDAP. FIXME: We should not need this but swicth * to a fingerprint lookup. */ @@ -557,28 +602,6 @@ get_pubkey_fast (ctrl_t ctrl, PKT_public_key * pk, u32 * keyid) } -/* Return the entire keyblock used to create SIG. This is a - * specialized version of get_pubkeyblock. - * - * FIXME: This is a hack because get_pubkey_for_sig was already called - * and it could have used a cache to hold the key. */ -kbnode_t -get_pubkeyblock_for_sig (ctrl_t ctrl, PKT_signature *sig) -{ - const byte *fpr; - size_t fprlen; - kbnode_t keyblock; - - /* First try the ISSUER_FPR info. */ - fpr = issuer_fpr_raw (sig, &fprlen); - if (fpr && !get_pubkey_byfprint (ctrl, NULL, &keyblock, fpr, fprlen)) - return keyblock; - - /* Fallback to use the ISSUER_KEYID. */ - return get_pubkeyblock (ctrl, sig->keyid); -} - - /* Return the key block for the key with key id KEYID or NULL, if an * error occurs. Use release_kbnode() to release the key block. * @@ -1194,8 +1217,8 @@ get_pubkey_byname (ctrl_t ctrl, enum get_pubkey_modes mode, mechanism_string = "NTDS"; glo_ctrl.in_auto_key_retrieve++; if (is_fpr) - rc = keyserver_import_fprint_ntds (ctrl, - fprbuf.u.fpr, fprbuf.fprlen); + rc = keyserver_import_fpr_ntds (ctrl, + fprbuf.u.fpr, fprbuf.fprlen); else rc = keyserver_import_ntds (ctrl, name, &fpr, &fpr_len); glo_ctrl.in_auto_key_retrieve--; @@ -1212,10 +1235,10 @@ get_pubkey_byname (ctrl_t ctrl, enum get_pubkey_modes mode, glo_ctrl.in_auto_key_retrieve++; if (is_fpr) { - rc = keyserver_import_fprint (ctrl, - fprbuf.u.fpr, fprbuf.fprlen, - opt.keyserver, - KEYSERVER_IMPORT_FLAG_LDAP); + rc = keyserver_import_fpr (ctrl, + fprbuf.u.fpr, fprbuf.fprlen, + opt.keyserver, + KEYSERVER_IMPORT_FLAG_LDAP); /* Map error codes because Dirmngr returns NO * DATA if the keyserver does not have the * requested key. It returns NO KEYSERVER if no @@ -1247,10 +1270,10 @@ get_pubkey_byname (ctrl_t ctrl, enum get_pubkey_modes mode, glo_ctrl.in_auto_key_retrieve++; if (is_fpr) { - rc = keyserver_import_fprint (ctrl, - fprbuf.u.fpr, fprbuf.fprlen, - opt.keyserver, - KEYSERVER_IMPORT_FLAG_LDAP); + rc = keyserver_import_fpr (ctrl, + fprbuf.u.fpr, fprbuf.fprlen, + opt.keyserver, + KEYSERVER_IMPORT_FLAG_LDAP); if (gpg_err_code (rc) == GPG_ERR_NO_DATA || gpg_err_code (rc) == GPG_ERR_NO_KEYSERVER) rc = gpg_error (GPG_ERR_NO_PUBKEY); @@ -1831,8 +1854,8 @@ get_pubkey_from_buffer (ctrl_t ctrl, PKT_public_key *pkbuf, * returned in *R_KEYBLOCK. This should be freed using * release_kbnode(). * - * FPRINT is a byte array whose contents is the fingerprint to use as - * the search term. FPRINT_LEN specifies the length of the + * FPR is a byte array whose contents is the fingerprint to use as + * the search term. FPRLEN specifies the length of the * fingerprint (in bytes). Currently, only 16, 20, and 32-byte * fingerprints are supported. * @@ -1840,15 +1863,15 @@ get_pubkey_from_buffer (ctrl_t ctrl, PKT_public_key *pkbuf, * be done by creating a userID conforming to the unified fingerprint * style. */ int -get_pubkey_byfprint (ctrl_t ctrl, PKT_public_key *pk, kbnode_t *r_keyblock, - const byte * fprint, size_t fprint_len) +get_pubkey_byfpr (ctrl_t ctrl, PKT_public_key *pk, kbnode_t *r_keyblock, + const byte *fpr, size_t fprlen) { int rc; if (r_keyblock) *r_keyblock = NULL; - if (fprint_len == 32 || fprint_len == 20 || fprint_len == 16) + if (fprlen == 32 || fprlen == 20 || fprlen == 16) { struct getkey_ctx_s ctx; KBNODE kb = NULL; @@ -1865,8 +1888,8 @@ get_pubkey_byfprint (ctrl_t ctrl, PKT_public_key *pk, kbnode_t *r_keyblock, ctx.nitems = 1; ctx.items[0].mode = KEYDB_SEARCH_MODE_FPR; - memcpy (ctx.items[0].u.fpr, fprint, fprint_len); - ctx.items[0].fprlen = fprint_len; + memcpy (ctx.items[0].u.fpr, fpr, fprlen); + ctx.items[0].fprlen = fprlen; if (pk) ctx.req_usage = pk->req_usage; rc = lookup (ctrl, &ctx, 0, &kb, &found_key); @@ -1886,7 +1909,7 @@ get_pubkey_byfprint (ctrl_t ctrl, PKT_public_key *pk, kbnode_t *r_keyblock, } -/* This function is similar to get_pubkey_byfprint, but it doesn't +/* This function is similar to get_pubkey_byfpr, but it doesn't * merge the self-signed data into the public key and subkeys or into * the user ids. It also doesn't add the key to the user id cache. * Further, this function ignores PK->REQ_USAGE. @@ -1894,17 +1917,16 @@ get_pubkey_byfprint (ctrl_t ctrl, PKT_public_key *pk, kbnode_t *r_keyblock, * This function is intended to avoid recursion and, as such, should * only be used in very specific situations. * - * Like get_pubkey_byfprint, PK may be NULL. In that case, this + * Like get_pubkey_byfpr, PK may be NULL. In that case, this * function effectively just checks for the existence of the key. */ gpg_error_t -get_pubkey_byfprint_fast (ctrl_t ctrl, PKT_public_key * pk, - const byte * fprint, size_t fprint_len) +get_pubkey_byfpr_fast (ctrl_t ctrl, PKT_public_key * pk, + const byte *fpr, size_t fprlen) { gpg_error_t err; KBNODE keyblock; - err = get_keyblock_byfprint_fast (ctrl, - &keyblock, NULL, fprint, fprint_len, 0); + err = get_keyblock_byfpr_fast (ctrl, &keyblock, NULL, fpr, fprlen, 0); if (!err) { if (pk) @@ -1916,7 +1938,7 @@ get_pubkey_byfprint_fast (ctrl_t ctrl, PKT_public_key * pk, } -/* This function is similar to get_pubkey_byfprint_fast but returns a +/* This function is similar to get_pubkey_byfpr_fast but returns a * keydb handle at R_HD and the keyblock at R_KEYBLOCK. R_KEYBLOCK or * R_HD may be NULL. If LOCK is set the handle has been opend in * locked mode and keydb_disable_caching () has been called. On error @@ -1924,9 +1946,9 @@ get_pubkey_byfprint_fast (ctrl_t ctrl, PKT_public_key * pk, * it may have a value of NULL, though. This allows to do an insert * operation on a locked keydb handle. */ gpg_error_t -get_keyblock_byfprint_fast (ctrl_t ctrl, - kbnode_t *r_keyblock, KEYDB_HANDLE *r_hd, - const byte *fprint, size_t fprint_len, int lock) +get_keyblock_byfpr_fast (ctrl_t ctrl, + kbnode_t *r_keyblock, KEYDB_HANDLE *r_hd, + const byte *fpr, size_t fprlen, int lock) { gpg_error_t err; KEYDB_HANDLE hd; @@ -1939,8 +1961,8 @@ get_keyblock_byfprint_fast (ctrl_t ctrl, if (r_hd) *r_hd = NULL; - for (i = 0; i < MAX_FINGERPRINT_LEN && i < fprint_len; i++) - fprbuf[i] = fprint[i]; + for (i = 0; i < MAX_FINGERPRINT_LEN && i < fprlen; i++) + fprbuf[i] = fpr[i]; hd = keydb_new (ctrl); if (!hd) @@ -1964,7 +1986,7 @@ get_keyblock_byfprint_fast (ctrl_t ctrl, if (r_hd) *r_hd = hd; - err = keydb_search_fpr (hd, fprbuf, fprint_len); + err = keydb_search_fpr (hd, fprbuf, fprlen); if (gpg_err_code (err) == GPG_ERR_NOT_FOUND) { if (!r_hd) @@ -3640,6 +3662,7 @@ finish_lookup (kbnode_t keyblock, unsigned int req_usage, int want_exact, kbnode_t latest_key; PKT_public_key *pk; int req_prim; + int diag_exactfound = 0; u32 curtime = make_timestamp (); if (r_flags) @@ -3667,11 +3690,10 @@ finish_lookup (kbnode_t keyblock, unsigned int req_usage, int want_exact, { if (want_exact) { - if (DBG_LOOKUP) - log_debug ("finish_lookup: exact search requested and found\n"); foundk = k; pk = k->pkt->pkt.public_key; pk->flags.exact = 1; + diag_exactfound = 1; break; } else if ((k->pkt->pkt.public_key->pubkey_usage == PUBKEY_USAGE_RENC)) @@ -3700,10 +3722,14 @@ finish_lookup (kbnode_t keyblock, unsigned int req_usage, int want_exact, log_debug ("finish_lookup: checking key %08lX (%s)(req_usage=%x)\n", (ulong) keyid_from_pk (keyblock->pkt->pkt.public_key, NULL), foundk ? "one" : "all", req_usage); + if (diag_exactfound && DBG_LOOKUP) + log_debug ("\texact search requested and found\n"); if (!req_usage) { latest_key = foundk ? foundk : keyblock; + if (DBG_LOOKUP) + log_debug ("\tno usage requested - accepting key\n"); goto found; } @@ -4064,16 +4090,16 @@ get_seckey_default_or_card (ctrl_t ctrl, PKT_public_key *pk, add_to_strlist (&namelist, def_secret_key); else if (fpr_card) { - err = get_pubkey_byfprint (ctrl, pk, NULL, fpr_card, fpr_len); + err = get_pubkey_byfpr (ctrl, pk, NULL, fpr_card, fpr_len); if (gpg_err_code (err) == GPG_ERR_NO_PUBKEY) { if (opt.debug) log_debug ("using LDAP to find public key for current card\n"); - err = keyserver_import_fprint (ctrl, fpr_card, fpr_len, - opt.keyserver, - KEYSERVER_IMPORT_FLAG_LDAP); + err = keyserver_import_fpr (ctrl, fpr_card, fpr_len, + opt.keyserver, + KEYSERVER_IMPORT_FLAG_LDAP); if (!err) - err = get_pubkey_byfprint (ctrl, pk, NULL, fpr_card, fpr_len); + err = get_pubkey_byfpr (ctrl, pk, NULL, fpr_card, fpr_len); else if (gpg_err_code (err) == GPG_ERR_NO_DATA || gpg_err_code (err) == GPG_ERR_NO_KEYSERVER) { @@ -4256,7 +4282,7 @@ get_user_id_byfpr (ctrl_t ctrl, const byte *fpr, size_t fprlen, size_t *rn) if (!name) { /* Get it so that the cache will be filled. */ - if (!get_pubkey_byfprint (ctrl, NULL, NULL, fpr, fprlen)) + if (!get_pubkey_byfpr (ctrl, NULL, NULL, fpr, fprlen)) name = cache_get_uid_byfpr (fpr, fprlen, rn); } diff --git a/g10/gpg.h b/g10/gpg.h index c51bbbb..0cdcb8b 100644 --- a/g10/gpg.h +++ b/g10/gpg.h @@ -69,7 +69,8 @@ struct dirmngr_local_s; typedef struct dirmngr_local_s *dirmngr_local_t; /* Object used to describe a keyblock node. */ -typedef struct kbnode_struct *KBNODE; /* Deprecated use kbnode_t. */typedef struct kbnode_struct *kbnode_t; +typedef struct kbnode_struct *KBNODE; /* Deprecated use kbnode_t. */ +typedef struct kbnode_struct *kbnode_t; /* The handle for keydb operations. */ typedef struct keydb_handle_s *KEYDB_HANDLE; diff --git a/g10/gpgv.c b/g10/gpgv.c index f289556..66c5c55 100644 --- a/g10/gpgv.c +++ b/g10/gpgv.c @@ -432,8 +432,8 @@ keyserver_import_keyid (u32 *keyid, void *dummy, unsigned int flags) } int -keyserver_import_fprint (ctrl_t ctrl, const byte *fprint,size_t fprint_len, - struct keyserver_spec *keyserver, unsigned int flags) +keyserver_import_fpr (ctrl_t ctrl, const byte *fprint,size_t fprint_len, + struct keyserver_spec *keyserver, unsigned int flags) { (void)ctrl; (void)fprint; @@ -444,8 +444,8 @@ keyserver_import_fprint (ctrl_t ctrl, const byte *fprint,size_t fprint_len, } int -keyserver_import_fprint_ntds (ctrl_t ctrl, - const byte *fprint, size_t fprint_len) +keyserver_import_fpr_ntds (ctrl_t ctrl, + const byte *fprint, size_t fprint_len) { (void)ctrl; (void)fprint; diff --git a/g10/import.c b/g10/import.c index 3fb021f..12794f3 100644 --- a/g10/import.c +++ b/g10/import.c @@ -2165,8 +2165,8 @@ import_one_real (ctrl_t ctrl, goto leave; /* Do we have this key already in one of our pubrings ? */ - err = get_keyblock_byfprint_fast (ctrl, &keyblock_orig, &hd, - fpr2, fpr2len, 1/*locked*/); + err = get_keyblock_byfpr_fast (ctrl, &keyblock_orig, &hd, + fpr2, fpr2len, 1/*locked*/); if ((err && gpg_err_code (err) != GPG_ERR_NO_PUBKEY && gpg_err_code (err) != GPG_ERR_UNUSABLE_PUBKEY) @@ -3043,7 +3043,7 @@ import_matching_seckeys (ctrl_t ctrl, kbnode_t seckeys, /* Get the entire public key block from our keystore and put all its * fingerprints into an array. */ - err = get_pubkey_byfprint (ctrl, NULL, &pub_keyblock, mainfpr, mainfprlen); + err = get_pubkey_byfpr (ctrl, NULL, &pub_keyblock, mainfpr, mainfprlen); if (err) goto leave; log_assert (pub_keyblock && pub_keyblock->pkt->pkttype == PKT_PUBLIC_KEY); @@ -3281,7 +3281,7 @@ import_secret_one (ctrl_t ctrl, kbnode_t keyblock, { /* Read the keyblock again to get the effects of a merge for * the public key. */ - err = get_pubkey_byfprint (ctrl, NULL, &node, fpr, fprlen); + err = get_pubkey_byfpr (ctrl, NULL, &node, fpr, fprlen); if (err || !node) log_error ("key %s: failed to re-lookup public key: %s\n", keystr_from_pk (pk), gpg_strerror (err)); @@ -4376,9 +4376,9 @@ revocation_present (ctrl_t ctrl, kbnode_t keyblock) * itself? */ gpg_error_t err; - err = get_pubkey_byfprint_fast (ctrl, NULL, - sig->revkey[idx].fpr, - sig->revkey[idx].fprlen); + err = get_pubkey_byfpr_fast (ctrl, NULL, + sig->revkey[idx].fpr, + sig->revkey[idx].fprlen); if (gpg_err_code (err) == GPG_ERR_NO_PUBKEY || gpg_err_code (err) == GPG_ERR_UNUSABLE_PUBKEY) { @@ -4392,13 +4392,13 @@ revocation_present (ctrl_t ctrl, kbnode_t keyblock) log_info(_("WARNING: key %s may be revoked:" " fetching revocation key %s\n"), tempkeystr,keystr(keyid)); - keyserver_import_fprint (ctrl, - sig->revkey[idx].fpr, - sig->revkey[idx].fprlen, - opt.keyserver, 0); + keyserver_import_fpr (ctrl, + sig->revkey[idx].fpr, + sig->revkey[idx].fprlen, + opt.keyserver, 0); /* Do we have it now? */ - err = get_pubkey_byfprint_fast (ctrl, NULL, + err = get_pubkey_byfpr_fast (ctrl, NULL, sig->revkey[idx].fpr, sig->revkey[idx].fprlen); } diff --git a/g10/keydb.h b/g10/keydb.h index b18f6e9..9e76daf 100644 --- a/g10/keydb.h +++ b/g10/keydb.h @@ -332,9 +332,15 @@ void getkey_disable_caches(void); /* Return the public key used for signature SIG and store it at PK. */ gpg_error_t get_pubkey_for_sig (ctrl_t ctrl, PKT_public_key *pk, PKT_signature *sig, - PKT_public_key *forced_pk); + PKT_public_key *forced_pk, + kbnode_t *r_keyblock); -/* Return the public key with the key id KEYID and store it at PK. */ +/* Return the public key with the key id KEYID and store it at PK. + * Optionally return the entire keyblock. */ +gpg_error_t get_pubkey_bykid (ctrl_t ctrl, PKT_public_key *pk, + kbnode_t *r_keyblock, u32 *keyid); + +/* Same as get_pubkey_bykid but w/o r_keyblock. */ int get_pubkey (ctrl_t ctrl, PKT_public_key *pk, u32 *keyid); /* Same as get_pubkey but with auto LDAP fetch. */ @@ -404,23 +410,23 @@ gpg_error_t get_pubkey_from_buffer (ctrl_t ctrl, PKT_public_key *pkbuf, gpg_error_t get_seckey (ctrl_t ctrl, PKT_public_key *pk, u32 *keyid); /* Lookup a key with the specified fingerprint. */ -int get_pubkey_byfprint (ctrl_t ctrl, PKT_public_key *pk, kbnode_t *r_keyblock, - const byte *fprint, size_t fprint_len); +int get_pubkey_byfpr (ctrl_t ctrl, PKT_public_key *pk, kbnode_t *r_keyblock, + const byte *fpr, size_t fprlen); + +/* This function is similar to get_pubkey_byfpr, but it doesn't + merge the self-signed data into the public key and subkeys or into + the user ids. */ +gpg_error_t get_pubkey_byfpr_fast (ctrl_t ctrl, PKT_public_key *pk, + const byte *fpr, size_t fprlen); /* This function is similar to get_pubkey_byfprint, but it doesn't merge the self-signed data into the public key and subkeys or into the user ids. */ -gpg_error_t get_pubkey_byfprint_fast (ctrl_t ctrl, PKT_public_key *pk, - const byte *fprint, size_t fprint_len); - -/* This function is similar to get_pubkey_byfprint, but it doesn't - merge the self-signed data into the public key and subkeys or into - the user ids. */ -gpg_error_t get_keyblock_byfprint_fast (ctrl_t ctrl, - kbnode_t *r_keyblock, - KEYDB_HANDLE *r_hd, - const byte *fprint, size_t fprint_len, - int lock); +gpg_error_t get_keyblock_byfpr_fast (ctrl_t ctrl, + kbnode_t *r_keyblock, + KEYDB_HANDLE *r_hd, + const byte *fpr, size_t fprlen, + int lock); /* Returns true if a secret key is available for the public key with diff --git a/g10/keyid.c b/g10/keyid.c index 4a041ce..f780d5c 100644 --- a/g10/keyid.c +++ b/g10/keyid.c @@ -605,25 +605,24 @@ keyid_from_pk (PKT_public_key *pk, u32 *keyid) * keyid is not part of the fingerprint. */ u32 -keyid_from_fingerprint (ctrl_t ctrl, const byte *fprint, - size_t fprint_len, u32 *keyid) +keyid_from_fingerprint (ctrl_t ctrl, const byte *fpr, size_t fprlen, u32 *keyid) { u32 dummy_keyid[2]; if( !keyid ) keyid = dummy_keyid; - if (fprint_len != 20 && fprint_len != 32) + if (fprlen != 20 && fprlen != 32) { /* This is special as we have to lookup the key first. */ PKT_public_key pk; int rc; memset (&pk, 0, sizeof pk); - rc = get_pubkey_byfprint (ctrl, &pk, NULL, fprint, fprint_len); + rc = get_pubkey_byfpr (ctrl, &pk, NULL, fpr, fprlen); if( rc ) { - log_printhex (fprint, fprint_len, + log_printhex (fpr, fprlen, "Oops: keyid_from_fingerprint: no pubkey; fpr:"); keyid[0] = 0; keyid[1] = 0; @@ -633,8 +632,8 @@ keyid_from_fingerprint (ctrl_t ctrl, const byte *fprint, } else { - const byte *dp = fprint; - if (fprint_len == 20) /* v4 key */ + const byte *dp = fpr; + if (fprlen == 20) /* v4 key */ { keyid[0] = buf32_to_u32 (dp+12); keyid[1] = buf32_to_u32 (dp+16); diff --git a/g10/keyserver-internal.h b/g10/keyserver-internal.h index c93ca43..5c27c3a 100644 --- a/g10/keyserver-internal.h +++ b/g10/keyserver-internal.h @@ -37,11 +37,11 @@ struct keyserver_spec *parse_preferred_keyserver(PKT_signature *sig); int keyserver_any_configured (ctrl_t ctrl); int keyserver_export (ctrl_t ctrl, strlist_t users); int keyserver_import (ctrl_t ctrl, strlist_t users); -int keyserver_import_fprint (ctrl_t ctrl, const byte *fprint,size_t fprint_len, - struct keyserver_spec *keyserver, - unsigned int flags); -int keyserver_import_fprint_ntds (ctrl_t ctrl, - const byte *fprint, size_t fprint_len); +int keyserver_import_fpr (ctrl_t ctrl, const byte *fprint,size_t fprint_len, + struct keyserver_spec *keyserver, + unsigned int flags); +int keyserver_import_fpr_ntds (ctrl_t ctrl, + const byte *fprint, size_t fprint_len); int keyserver_import_keyid (ctrl_t ctrl, u32 *keyid, struct keyserver_spec *keyserver, unsigned int flags); diff --git a/g10/keyserver.c b/g10/keyserver.c index 57c7538..83c53a0 100644 --- a/g10/keyserver.c +++ b/g10/keyserver.c @@ -976,34 +976,32 @@ keyserver_import_ntds (ctrl_t ctrl, const char *mbox, int -keyserver_import_fprint (ctrl_t ctrl, const byte *fprint, size_t fprint_len, - struct keyserver_spec *keyserver, - unsigned int flags) +keyserver_import_fpr (ctrl_t ctrl, const byte *fpr, size_t fprlen, + struct keyserver_spec *keyserver, unsigned int flags) { KEYDB_SEARCH_DESC desc; memset (&desc, 0, sizeof(desc)); - if (fprint_len == 16 || fprint_len == 20 || fprint_len == 32) + if (fprlen == 16 || fprlen == 20 || fprlen == 32) desc.mode = KEYDB_SEARCH_MODE_FPR; else return gpg_error (GPG_ERR_INV_ARG); - memcpy (desc.u.fpr, fprint, fprint_len); - desc.fprlen = fprint_len; + memcpy (desc.u.fpr, fpr, fprlen); + desc.fprlen = fprlen; return keyserver_get (ctrl, &desc, 1, keyserver, flags, NULL, NULL); } int -keyserver_import_fprint_ntds (ctrl_t ctrl, - const byte *fprint, size_t fprint_len) +keyserver_import_fpr_ntds (ctrl_t ctrl, const byte *fpr, size_t fprlen) { struct keyserver_spec keyserver = { NULL, "ldap:///" }; - return keyserver_import_fprint (ctrl, fprint, fprint_len, - &keyserver, KEYSERVER_IMPORT_FLAG_LDAP); + return keyserver_import_fpr (ctrl, fpr, fprlen, + &keyserver, KEYSERVER_IMPORT_FLAG_LDAP); } @@ -1779,7 +1777,7 @@ keyserver_import_cert (ctrl_t ctrl, const char *name, int dane_mode, spec = parse_keyserver_uri (url, 1); if(spec) { - err = keyserver_import_fprint (ctrl, *fpr, *fpr_len, spec, 0); + err = keyserver_import_fpr (ctrl, *fpr, *fpr_len, spec, 0); free_keyserver_spec(spec); } } @@ -1788,8 +1786,7 @@ keyserver_import_cert (ctrl_t ctrl, const char *name, int dane_mode, /* If only a fingerprint is provided, try and fetch it from the configured keyserver. */ - err = keyserver_import_fprint (ctrl, - *fpr, *fpr_len, opt.keyserver, 0); + err = keyserver_import_fpr (ctrl, *fpr, *fpr_len, opt.keyserver, 0); } else log_info(_("no keyserver known\n")); diff --git a/g10/mainproc.c b/g10/mainproc.c index 2f233dd..2ffa169 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -1155,12 +1155,15 @@ proc_compressed (CTX c, PACKET *pkt) * used to verify the signature will be stored there, or NULL if not * found. If FORCED_PK is not NULL, this public key is used to verify * _data signatures_ and no key lookup is done. Returns: 0 = valid - * signature or an error code + * signature or an error code. If R_KEYBLOCK is not NULL the keyblock + * carries the used PK is stored there. The caller should always free + * the return value using release_kbnode. */ static int do_check_sig (CTX c, kbnode_t node, const void *extrahash, size_t extrahashlen, PKT_public_key *forced_pk, int *is_selfsig, - int *is_expkey, int *is_revkey, PKT_public_key **r_pk) + int *is_expkey, int *is_revkey, + PKT_public_key **r_pk, kbnode_t *r_keyblock) { PKT_signature *sig; gcry_md_hd_t md = NULL; @@ -1170,6 +1173,8 @@ do_check_sig (CTX c, kbnode_t node, const void *extrahash, size_t extrahashlen, if (r_pk) *r_pk = NULL; + if (r_keyblock) + *r_keyblock = NULL; log_assert (node->pkt->pkttype == PKT_SIGNATURE); if (is_selfsig) @@ -1247,7 +1252,7 @@ do_check_sig (CTX c, kbnode_t node, const void *extrahash, size_t extrahashlen, (0x00) or text document (0x01). */ rc = check_signature2 (c->ctrl, sig, md, extrahash, extrahashlen, forced_pk, - NULL, is_expkey, is_revkey, r_pk); + NULL, is_expkey, is_revkey, r_pk, r_keyblock); if (! rc) md_good = md; else if (gpg_err_code (rc) == GPG_ERR_BAD_SIGNATURE && md2) @@ -1257,7 +1262,7 @@ do_check_sig (CTX c, kbnode_t node, const void *extrahash, size_t extrahashlen, rc = check_signature2 (c->ctrl, sig, md2, extrahash, extrahashlen, forced_pk, NULL, is_expkey, is_revkey, - r_pk? &pk2 : NULL); + r_pk? &pk2 : NULL, r_keyblock); if (!rc) { md_good = md2; @@ -1420,7 +1425,7 @@ list_node (CTX c, kbnode_t node) { fflush (stdout); rc2 = do_check_sig (c, node, NULL, 0, NULL, - &is_selfsig, NULL, NULL, NULL); + &is_selfsig, NULL, NULL, NULL, NULL); switch (gpg_err_code (rc2)) { case 0: sigrc = '!'; break; @@ -1880,7 +1885,7 @@ check_sig_and_print (CTX c, kbnode_t node) PKT_public_key *pk = NULL; /* The public key for the signature or NULL. */ const void *extrahash = NULL; size_t extrahashlen = 0; - kbnode_t included_keyblock = NULL; + kbnode_t keyblock = NULL; if (opt.skip_verify) { @@ -1999,7 +2004,8 @@ check_sig_and_print (CTX c, kbnode_t node) { ambiguous: log_error(_("can't handle this ambiguous signature data\n")); - return 0; + rc = 0; + goto leave; } } /* End checking signature packet composition. */ @@ -2035,7 +2041,7 @@ check_sig_and_print (CTX c, kbnode_t node) log_info (_(" issuer \"%s\"\n"), sig->signers_uid); rc = do_check_sig (c, node, extrahash, extrahashlen, NULL, - NULL, &is_expkey, &is_revkey, &pk); + NULL, &is_expkey, &is_revkey, &pk, &keyblock); /* If the key is not found but the signature includes a key block we * use that key block for verification and on success import it. */ @@ -2043,6 +2049,7 @@ check_sig_and_print (CTX c, kbnode_t node) && sig->flags.key_block && opt.flags.auto_key_import) { + kbnode_t included_keyblock = NULL; PKT_public_key *included_pk; const byte *kblock; size_t kblock_len; @@ -2054,10 +2061,12 @@ check_sig_and_print (CTX c, kbnode_t node) kblock+1, kblock_len-1, sig->keyid, &included_keyblock)) { + /* Note: This is the only place where we use the forced_pk + * arg (ie. included_pk) with do_check_sig. */ rc = do_check_sig (c, node, extrahash, extrahashlen, included_pk, - NULL, &is_expkey, &is_revkey, &pk); + NULL, &is_expkey, &is_revkey, &pk, NULL); if (opt.verbose) - log_debug ("checked signature using included key block: %s\n", + log_info ("checked signature using included key block: %s\n", gpg_strerror (rc)); if (!rc) { @@ -2067,6 +2076,18 @@ check_sig_and_print (CTX c, kbnode_t node) } free_public_key (included_pk); + release_kbnode (included_keyblock); + + /* To make sure that nothing strange happened we check the + * signature again now using our own key store. This also + * returns the keyblock which we use later on. */ + if (!rc) + { + release_kbnode (keyblock); + keyblock = NULL; + rc = do_check_sig (c, node, extrahash, extrahashlen, NULL, + NULL, &is_expkey, &is_revkey, &pk, &keyblock); + } } /* If the key isn't found, check for a preferred keyserver. Note @@ -2113,8 +2134,13 @@ check_sig_and_print (CTX c, kbnode_t node) KEYSERVER_IMPORT_FLAG_QUICK); glo_ctrl.in_auto_key_retrieve--; if (!res) - rc = do_check_sig (c, node, extrahash, extrahashlen, NULL, - NULL, &is_expkey, &is_revkey, &pk); + { + release_kbnode (keyblock); + keyblock = NULL; + rc = do_check_sig (c, node, extrahash, extrahashlen, NULL, + NULL, &is_expkey, &is_revkey, &pk, + &keyblock); + } else if (DBG_LOOKUP) log_debug ("lookup via %s failed: %s\n", "Pref-KS", gpg_strerror (res)); @@ -2155,8 +2181,12 @@ check_sig_and_print (CTX c, kbnode_t node) /* Fixme: If the fingerprint is embedded in the signature, * compare it to the fingerprint of the returned key. */ if (!res) - rc = do_check_sig (c, node, extrahash, extrahashlen, NULL, - NULL, &is_expkey, &is_revkey, &pk); + { + release_kbnode (keyblock); + keyblock = NULL; + rc = do_check_sig (c, node, extrahash, extrahashlen, NULL, + NULL, &is_expkey, &is_revkey, &pk, &keyblock); + } else if (DBG_LOOKUP) log_debug ("lookup via %s failed: %s\n", "WKD", gpg_strerror (res)); } @@ -2182,12 +2212,17 @@ check_sig_and_print (CTX c, kbnode_t node) free_public_key (pk); pk = NULL; glo_ctrl.in_auto_key_retrieve++; - res = keyserver_import_fprint (c->ctrl, p, n, opt.keyserver, - KEYSERVER_IMPORT_FLAG_QUICK); + res = keyserver_import_fpr (c->ctrl, p, n, opt.keyserver, + KEYSERVER_IMPORT_FLAG_QUICK); glo_ctrl.in_auto_key_retrieve--; if (!res) - rc = do_check_sig (c, node, extrahash, extrahashlen, NULL, - NULL, &is_expkey, &is_revkey, &pk); + { + release_kbnode (keyblock); + keyblock = NULL; + rc = do_check_sig (c, node, extrahash, extrahashlen, NULL, + NULL, &is_expkey, &is_revkey, &pk, + &keyblock); + } else if (DBG_LOOKUP) log_debug ("lookup via %s failed: %s\n", "KS", gpg_strerror (res)); } @@ -2198,7 +2233,7 @@ check_sig_and_print (CTX c, kbnode_t node) { /* We have checked the signature and the result is either a good * signature or a bad signature. Further examination follows. */ - kbnode_t un, keyblock; + kbnode_t un; int count = 0; int keyblock_has_pk = 0; /* For failsafe check. */ int statno; @@ -2216,18 +2251,6 @@ check_sig_and_print (CTX c, kbnode_t node) else statno = STATUS_GOODSIG; - /* FIXME: We should have the public key in PK and thus the - * keyblock has already been fetched. Thus we could use the - * fingerprint or PK itself to lookup the entire keyblock. That - * would best be done with a cache. */ - if (included_keyblock) - { - keyblock = included_keyblock; - included_keyblock = NULL; - } - else - keyblock = get_pubkeyblock_for_sig (c->ctrl, sig); - snprintf (keyid_str, sizeof keyid_str, "%08lX%08lX [uncertain] ", (ulong)sig->keyid[0], (ulong)sig->keyid[1]); @@ -2293,10 +2316,10 @@ check_sig_and_print (CTX c, kbnode_t node) * contained in the keyring.*/ } - log_assert (mainpk); - if (!keyblock_has_pk) + if (!mainpk || !keyblock_has_pk) { - log_error ("signature key lost from keyblock\n"); + log_error ("signature key lost from keyblock (%p,%p,%d)\n", + keyblock, mainpk, keyblock_has_pk); rc = gpg_error (GPG_ERR_INTERNAL); } @@ -2567,8 +2590,8 @@ check_sig_and_print (CTX c, kbnode_t node) log_error (_("Can't check signature: %s\n"), gpg_strerror (rc)); } + leave: free_public_key (pk); - release_kbnode (included_keyblock); xfree (issuer_fpr); return rc; } diff --git a/g10/packet.h b/g10/packet.h index 39dab96..5304a12 100644 --- a/g10/packet.h +++ b/g10/packet.h @@ -914,7 +914,7 @@ gpg_error_t check_signature2 (ctrl_t ctrl, const void *extrahash, size_t extrahashlen, PKT_public_key *forced_pk, u32 *r_expiredate, int *r_expired, int *r_revoked, - PKT_public_key **r_pk); + PKT_public_key **r_pk, kbnode_t *r_keyblock); /*-- pubkey-enc.c --*/ diff --git a/g10/pkclist.c b/g10/pkclist.c index 42e124e..b20489f 100644 --- a/g10/pkclist.c +++ b/g10/pkclist.c @@ -129,8 +129,8 @@ show_revocation_reason (ctrl_t ctrl, PKT_public_key *pk, int mode) int rc; /* get the keyblock */ - fingerprint_from_pk( pk, fingerprint, &fingerlen ); - rc = get_pubkey_byfprint (ctrl, NULL, &keyblock, fingerprint, fingerlen); + fingerprint_from_pk (pk, fingerprint, &fingerlen); + rc = get_pubkey_byfpr (ctrl, NULL, &keyblock, fingerprint, fingerlen); if( rc ) { /* that should never happen */ log_debug( "failed to get the keyblock\n"); return; diff --git a/g10/revoke.c b/g10/revoke.c index d6cbf93..2dccc72 100644 --- a/g10/revoke.c +++ b/g10/revoke.c @@ -294,8 +294,8 @@ gen_desig_revoke (ctrl_t ctrl, const char *uname, strlist_t locusr) else { pk2 = xmalloc_clear (sizeof *pk2); - rc = get_pubkey_byfprint (ctrl, pk2, NULL, - pk->revkey[i].fpr, pk->revkey[i].fprlen); + rc = get_pubkey_byfpr (ctrl, pk2, NULL, + pk->revkey[i].fpr, pk->revkey[i].fprlen); } /* We have the revocation key. */ diff --git a/g10/sig-check.c b/g10/sig-check.c index 06329f6..eced87f 100644 --- a/g10/sig-check.c +++ b/g10/sig-check.c @@ -95,7 +95,7 @@ int check_signature (ctrl_t ctrl, PKT_signature *sig, gcry_md_hd_t digest) { return check_signature2 (ctrl, sig, digest, NULL, 0, NULL, - NULL, NULL, NULL, NULL); + NULL, NULL, NULL, NULL, NULL); } @@ -142,6 +142,11 @@ check_signature (ctrl_t ctrl, PKT_signature *sig, gcry_md_hd_t digest) * If R_PK is not NULL, the public key is stored at that address if it * was found; other wise NULL is stored. * + * If R_KEYBLOCK is not NULL, the entire keyblock used to verify the + * signature is stored at that address. If no key was found or on + * some other errors NULL is stored there. The callers needs to + * release the keyblock using release_kbnode (kb). + * * Returns 0 on success. An error code otherwise. */ gpg_error_t check_signature2 (ctrl_t ctrl, @@ -149,7 +154,7 @@ check_signature2 (ctrl_t ctrl, const void *extrahash, size_t extrahashlen, PKT_public_key *forced_pk, u32 *r_expiredate, - int *r_expired, int *r_revoked, PKT_public_key **r_pk) + int *r_expired, int *r_revoked, PKT_public_key **r_pk, kbnode_t *r_keyblock) { int rc=0; PKT_public_key *pk; @@ -162,6 +167,8 @@ check_signature2 (ctrl_t ctrl, *r_revoked = 0; if (r_pk) *r_pk = NULL; + if (r_keyblock) + *r_keyblock = NULL; pk = xtrycalloc (1, sizeof *pk); if (!pk) @@ -192,7 +199,7 @@ check_signature2 (ctrl_t ctrl, log_info(_("WARNING: signature digest conflict in message\n")); rc = gpg_error (GPG_ERR_GENERAL); } - else if (get_pubkey_for_sig (ctrl, pk, sig, forced_pk)) + else if (get_pubkey_for_sig (ctrl, pk, sig, forced_pk, r_keyblock)) rc = gpg_error (GPG_ERR_NO_PUBKEY); else if ((rc = check_key_verify_compliance (pk))) ;/* Compliance failure. */ @@ -791,9 +798,9 @@ check_revocation_keys (ctrl_t ctrl, PKT_public_key *pk, PKT_signature *sig) keyid_from_fingerprint (ctrl, pk->revkey[i].fpr, pk->revkey[i].fprlen, keyid); - if(keyid[0]==sig->keyid[0] && keyid[1]==sig->keyid[1]) - /* The signature was generated by a designated revoker. - Verify the signature. */ + /* If the signature was generated by a designated revoker + * verify the signature. */ + if (keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]) { gcry_md_hd_t md; @@ -1007,7 +1014,7 @@ check_signature_over_key_or_uid (ctrl_t ctrl, PKT_public_key *signer, if (IS_CERT (sig)) signer->req_usage = PUBKEY_USAGE_CERT; - rc = get_pubkey_for_sig (ctrl, signer, sig, NULL); + rc = get_pubkey_for_sig (ctrl, signer, sig, NULL, NULL); if (rc) { xfree (signer); diff --git a/g10/skclist.c b/g10/skclist.c index f9647cc..fe77aae 100644 --- a/g10/skclist.c +++ b/g10/skclist.c @@ -510,7 +510,7 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk) if (opt.debug) log_debug ("using LDAP to find public key" " for current card\n"); - if (!keyserver_import_fprint + if (!keyserver_import_fpr (ctrl, cinfo.fpr2, cinfo.fpr2len, opt.keyserver, KEYSERVER_IMPORT_FLAG_LDAP)) { diff --git a/g10/test-stubs.c b/g10/test-stubs.c index 6ae0f4e..93f88db 100644 --- a/g10/test-stubs.c +++ b/g10/test-stubs.c @@ -190,8 +190,8 @@ keyserver_import_keyid (u32 *keyid, void *dummy, unsigned int flags) } int -keyserver_import_fprint (ctrl_t ctrl, const byte *fprint,size_t fprint_len, - struct keyserver_spec *keyserver, unsigned int flags) +keyserver_import_fpr (ctrl_t ctrl, const byte *fprint,size_t fprint_len, + struct keyserver_spec *keyserver, unsigned int flags) { (void)ctrl; (void)fprint; @@ -202,8 +202,8 @@ keyserver_import_fprint (ctrl_t ctrl, const byte *fprint,size_t fprint_len, } int -keyserver_import_fprint_ntds (ctrl_t ctrl, - const byte *fprint, size_t fprint_len) +keyserver_import_fpr_ntds (ctrl_t ctrl, + const byte *fprint, size_t fprint_len) { (void)ctrl; (void)fprint; diff --git a/g10/tofu.c b/g10/tofu.c index 83786a0..9d64f5f 100644 --- a/g10/tofu.c +++ b/g10/tofu.c @@ -2493,9 +2493,8 @@ get_policy (ctrl_t ctrl, tofu_dbs_t dbs, PKT_public_key *pk, int lookup_err; kbnode_t kb; - lookup_err = get_pubkey_byfprint (ctrl, NULL, &kb, - fingerprint_raw, - fingerprint_raw_len); + lookup_err = get_pubkey_byfpr (ctrl, NULL, &kb, + fingerprint_raw, fingerprint_raw_len); if (lookup_err) { if (DBG_TRUST) diff --git a/g10/trustdb.c b/g10/trustdb.c index e846abe..b19fbc0 100644 --- a/g10/trustdb.c +++ b/g10/trustdb.c @@ -68,7 +68,7 @@ keyid_from_fpr20 (ctrl_t ctrl, const byte *fpr, u32 *keyid) int rc; memset (&pk, 0, sizeof pk); - rc = get_pubkey_byfprint (ctrl, &pk, NULL, fpr, fprlen); + rc = get_pubkey_byfpr (ctrl, &pk, NULL, fpr, fprlen); if (rc) { log_printhex (fpr, fprlen,