mirror of
https://git.postgresql.org/git/postgresql.git
synced 2024-11-27 07:21:09 +08:00
17cc133f01
The additional pain from level 4 is excessive for the gain. Also revert all the source annotation changes to their original wordings, to avoid back-patching pain. Discussion: https://postgr.es/m/31166.1589378554@sss.pgh.pa.us
236 lines
4.8 KiB
C
236 lines
4.8 KiB
C
/*
|
|
* pgp-info.c
|
|
* Provide info about PGP data.
|
|
*
|
|
* Copyright (c) 2005 Marko Kreen
|
|
* All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
* SUCH DAMAGE.
|
|
*
|
|
* contrib/pgcrypto/pgp-info.c
|
|
*/
|
|
#include "postgres.h"
|
|
|
|
#include "mbuf.h"
|
|
#include "pgp.h"
|
|
#include "px.h"
|
|
|
|
static int
|
|
read_pubkey_keyid(PullFilter *pkt, uint8 *keyid_buf)
|
|
{
|
|
int res;
|
|
PGP_PubKey *pk = NULL;
|
|
|
|
res = _pgp_read_public_key(pkt, &pk);
|
|
if (res < 0)
|
|
goto err;
|
|
|
|
/* skip secret key part, if it exists */
|
|
res = pgp_skip_packet(pkt);
|
|
if (res < 0)
|
|
goto err;
|
|
|
|
/* is it encryption key */
|
|
switch (pk->algo)
|
|
{
|
|
case PGP_PUB_ELG_ENCRYPT:
|
|
case PGP_PUB_RSA_ENCRYPT:
|
|
case PGP_PUB_RSA_ENCRYPT_SIGN:
|
|
memcpy(keyid_buf, pk->key_id, 8);
|
|
res = 1;
|
|
break;
|
|
default:
|
|
res = 0;
|
|
}
|
|
|
|
err:
|
|
pgp_key_free(pk);
|
|
return res;
|
|
}
|
|
|
|
static int
|
|
read_pubenc_keyid(PullFilter *pkt, uint8 *keyid_buf)
|
|
{
|
|
uint8 ver;
|
|
int res;
|
|
|
|
GETBYTE(pkt, ver);
|
|
if (ver != 3)
|
|
return -1;
|
|
|
|
res = pullf_read_fixed(pkt, 8, keyid_buf);
|
|
if (res < 0)
|
|
return res;
|
|
|
|
return pgp_skip_packet(pkt);
|
|
}
|
|
|
|
static const char hextbl[] = "0123456789ABCDEF";
|
|
|
|
static int
|
|
print_key(uint8 *keyid, char *dst)
|
|
{
|
|
int i;
|
|
unsigned c;
|
|
|
|
for (i = 0; i < 8; i++)
|
|
{
|
|
c = keyid[i];
|
|
*dst++ = hextbl[(c >> 4) & 0x0F];
|
|
*dst++ = hextbl[c & 0x0F];
|
|
}
|
|
*dst = 0;
|
|
return 8 * 2;
|
|
}
|
|
|
|
static const uint8 any_key[] =
|
|
{0, 0, 0, 0, 0, 0, 0, 0};
|
|
|
|
/*
|
|
* dst should have room for 17 bytes
|
|
*/
|
|
int
|
|
pgp_get_keyid(MBuf *pgp_data, char *dst)
|
|
{
|
|
int res;
|
|
PullFilter *src;
|
|
PullFilter *pkt = NULL;
|
|
int len;
|
|
uint8 tag;
|
|
int got_pub_key = 0,
|
|
got_symenc_key = 0,
|
|
got_pubenc_key = 0;
|
|
int got_data = 0;
|
|
uint8 keyid_buf[8];
|
|
int got_main_key = 0;
|
|
|
|
|
|
res = pullf_create_mbuf_reader(&src, pgp_data);
|
|
if (res < 0)
|
|
return res;
|
|
|
|
while (1)
|
|
{
|
|
res = pgp_parse_pkt_hdr(src, &tag, &len, 0);
|
|
if (res <= 0)
|
|
break;
|
|
res = pgp_create_pkt_reader(&pkt, src, len, res, NULL);
|
|
if (res < 0)
|
|
break;
|
|
|
|
switch (tag)
|
|
{
|
|
case PGP_PKT_SECRET_KEY:
|
|
case PGP_PKT_PUBLIC_KEY:
|
|
/* main key is for signing, so ignore it */
|
|
if (!got_main_key)
|
|
{
|
|
got_main_key = 1;
|
|
res = pgp_skip_packet(pkt);
|
|
}
|
|
else
|
|
res = PXE_PGP_MULTIPLE_KEYS;
|
|
break;
|
|
case PGP_PKT_SECRET_SUBKEY:
|
|
case PGP_PKT_PUBLIC_SUBKEY:
|
|
res = read_pubkey_keyid(pkt, keyid_buf);
|
|
if (res < 0)
|
|
break;
|
|
if (res > 0)
|
|
got_pub_key++;
|
|
break;
|
|
case PGP_PKT_PUBENCRYPTED_SESSKEY:
|
|
got_pubenc_key++;
|
|
res = read_pubenc_keyid(pkt, keyid_buf);
|
|
break;
|
|
case PGP_PKT_SYMENCRYPTED_DATA:
|
|
case PGP_PKT_SYMENCRYPTED_DATA_MDC:
|
|
/* don't skip it, just stop */
|
|
got_data = 1;
|
|
break;
|
|
case PGP_PKT_SYMENCRYPTED_SESSKEY:
|
|
got_symenc_key++;
|
|
/* fall through */
|
|
case PGP_PKT_SIGNATURE:
|
|
case PGP_PKT_MARKER:
|
|
case PGP_PKT_TRUST:
|
|
case PGP_PKT_USER_ID:
|
|
case PGP_PKT_USER_ATTR:
|
|
case PGP_PKT_PRIV_61:
|
|
res = pgp_skip_packet(pkt);
|
|
break;
|
|
default:
|
|
res = PXE_PGP_CORRUPT_DATA;
|
|
}
|
|
|
|
if (pkt)
|
|
pullf_free(pkt);
|
|
pkt = NULL;
|
|
|
|
if (res < 0 || got_data)
|
|
break;
|
|
}
|
|
|
|
pullf_free(src);
|
|
if (pkt)
|
|
pullf_free(pkt);
|
|
|
|
if (res < 0)
|
|
return res;
|
|
|
|
/* now check sanity */
|
|
if (got_pub_key && got_pubenc_key)
|
|
res = PXE_PGP_CORRUPT_DATA;
|
|
|
|
if (got_pub_key > 1)
|
|
res = PXE_PGP_MULTIPLE_KEYS;
|
|
|
|
if (got_pubenc_key > 1)
|
|
res = PXE_PGP_MULTIPLE_KEYS;
|
|
|
|
/*
|
|
* if still ok, look what we got
|
|
*/
|
|
if (res >= 0)
|
|
{
|
|
if (got_pubenc_key || got_pub_key)
|
|
{
|
|
if (memcmp(keyid_buf, any_key, 8) == 0)
|
|
{
|
|
memcpy(dst, "ANYKEY", 7);
|
|
res = 6;
|
|
}
|
|
else
|
|
res = print_key(keyid_buf, dst);
|
|
}
|
|
else if (got_symenc_key)
|
|
{
|
|
memcpy(dst, "SYMKEY", 7);
|
|
res = 6;
|
|
}
|
|
else
|
|
res = PXE_PGP_NO_USABLE_KEY;
|
|
}
|
|
|
|
return res;
|
|
}
|