/* sig-notation.c - Signature notation data support.
* Copyright (C) 2005 g10 Code GmbH
*
* This file is part of GPGME.
*
* GPGME is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as
* published by the Free Software Foundation; either version 2.1 of
* the License, or (at your option) any later version.
*
* GPGME is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this program; if not, see <https://gnu.org/licenses/>.
* SPDX-License-Identifier: LGPL-2.1-or-later
*/
#if HAVE_CONFIG_H
#include <config.h>
#endif
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <assert.h>
#include "gpgme.h"
#include "util.h"
#include "context.h"
#include "ops.h"
#include "debug.h"
�
/* Free the signature notation object and all associated resources.
The object must already be removed from any linked list as the next
pointer is ignored. */
void
_gpgme_sig_notation_free (gpgme_sig_notation_t notation)
{
if (notation->name)
free (notation->name);
if (notation->value)
free (notation->value);
free (notation);
}
�
/* Set the flags of NOTATION to FLAGS. */
static void
sig_notation_set_flags (gpgme_sig_notation_t notation,
gpgme_sig_notation_flags_t flags)
{
/* We copy the flags into individual bits to make them easier
accessible individually for the user. */
notation->human_readable = flags & GPGME_SIG_NOTATION_HUMAN_READABLE ? 1 : 0;
notation->critical = flags & GPGME_SIG_NOTATION_CRITICAL ? 1 : 0;
notation->flags = flags;
}
/* Create a new, empty signature notation data object. */
gpgme_error_t
_gpgme_sig_notation_create (gpgme_sig_notation_t *notationp,
const char *name, int name_len,
const char *value, int value_len,
gpgme_sig_notation_flags_t flags)
{
gpgme_error_t err = 0;
gpgme_sig_notation_t notation;
/* Currently, we require all notations to be human-readable. */
if (name && !(flags & GPGME_SIG_NOTATION_HUMAN_READABLE))
return gpg_error (GPG_ERR_INV_VALUE);
notation = calloc (1, sizeof (*notation));
if (!notation)
return gpg_error_from_syserror ();
/* This is critical. We want to reliably identify policy URLs by
using a NULL pointer for NAME. So all notations must have a NAME
string, even if it is empty. */
if (name)
{
/* We add a trailing '\0' for stringification in the good
case. */
notation->name = malloc (name_len + 1);
if (!notation->name)
{
err = gpg_error_from_syserror ();
goto err;
}
memcpy (notation->name, name, name_len);
notation->name[name_len] = '\0';
notation->name_len = name_len;
}
if (value)
{
/* We add a trailing '\0' for stringification in the good
case. */
notation->value = malloc (value_len + 1);
if (!notation->value)
{
err = gpg_error_from_syserror ();
goto err;
}
memcpy (notation->value, value, value_len);
notation->value[value_len] = '\0';
notation->value_len = value_len;
}
sig_notation_set_flags (notation, flags);
*notationp = notation;
return 0;
err:
_gpgme_sig_notation_free (notation);
return err;
}
�
/* GnuPG subpacket flags. */
/* This subpacket data is part of the hashed data. */
#define GNUPG_SPK_HASHED 0x01
/* This subpacket is marked critical. */
#define GNUPG_SPK_CRITICAL 0x02
/* Parse a notation or policy URL subpacket. If the packet type is
not known, return no error but NULL in NOTATION. */
gpgme_error_t
_gpgme_parse_notation (gpgme_sig_notation_t *notationp,
int type, int pkflags, int len, char *data)
{
gpgme_error_t err;
char *name = NULL;
int name_len = 0;
char *value = NULL;
int value_len = 0;
gpgme_sig_notation_flags_t flags = 0;
char *decoded_data;
unsigned char *bdata;
/* Type 20: Notation data. */
/* Type 26: Policy URL. */
if (type != 20 && type != 26)
{
*notationp = NULL;
return 0;
}
/* A few simple sanity checks. */
if (len > strlen (data))
return trace_gpg_error (GPG_ERR_INV_ENGINE);
/* See below for the format of a notation subpacket. It has at
least four octets of flags and two times two octets of length
information. */
if (type == 20 && len < 4 + 2 + 2)
return trace_gpg_error (GPG_ERR_INV_ENGINE);
err = _gpgme_decode_percent_string (data, &decoded_data, 0, 1);
if (err)
return err;
bdata = (unsigned char *) decoded_data;
/* Flags common to notation data and policy URL. */
if (pkflags & GNUPG_SPK_CRITICAL)
flags |= GPGME_SIG_NOTATION_CRITICAL;
/* This information is relevant in parsing multi-octet numbers below:
3.1. Scalar numbers
Scalar numbers are unsigned, and are always stored in big-endian
format. Using n[k] to refer to the kth octet being interpreted,
the value of a two-octet scalar is ((n[0] << 8) + n[1]). The
value of a four-octet scalar is ((n[0] << 24) + (n[1] << 16) +
(n[2] << 8) + n[3]).
From RFC2440: OpenPGP Message Format. Copyright (C) The Internet
Society (1998). All Rights Reserved. */
#define RFC2440_GET_WORD(chr) ((((int)((unsigned char *)(chr))[0]) << 8) \
+ ((int)((unsigned char *)(chr))[1]))
if (type == 20)
{
/* 5.2.3.15. Notation Data
(4 octets of flags, 2 octets of name length (M),
2 octets of value length (N), M octets of name data,
N octets of value data)
[...] The "flags" field holds four octets of flags.
All undefined flags MUST be zero. Defined flags are:
First octet: 0x80 = human-readable. [...]
Other octets: none.
From RFC2440: OpenPGP Message Format. Copyright (C) The
Internet Society (1998). All Rights Reserved. */
int chr;
/* First octet of flags. */
#define RFC2440_SPK20_FLAG1_HUMAN_READABLE 0x80
chr = *bdata;
bdata++;
if (chr & RFC2440_SPK20_FLAG1_HUMAN_READABLE)
flags |= GPGME_SIG_NOTATION_HUMAN_READABLE;
/* The second, third and four octet of flags are unused. */
bdata++;
bdata++;
bdata++;
name_len = RFC2440_GET_WORD (bdata);
bdata += 2;
value_len = RFC2440_GET_WORD (bdata);
bdata += 2;
/* Small sanity check. */
if (4 + 2 + 2 + name_len + value_len > len)
{
free (decoded_data);
return trace_gpg_error (GPG_ERR_INV_ENGINE);
}
name = (char *) bdata;
bdata += name_len;
value = (char *) bdata;
}
else
{
/* Type is 26. */
/* NAME is NULL, name_len is 0. */
value = (char *) bdata;
value_len = strlen (value);
}
err = _gpgme_sig_notation_create (notationp, name, name_len,
value, value_len, flags);
free (decoded_data);
return err;
}