X-Git-Url: https://git.distorted.org.uk/u/mdw/catacomb/blobdiff_plain/3563e36580c7dad68cd6d3f7eb82eef570fc0c76..92c494cebdce7068e6c9c0fe4363467719c8ed67:/keyutil.c

diff --git a/keyutil.c b/keyutil.c
index 4bd42fe..13b8784 100644
--- a/keyutil.c
+++ b/keyutil.c
@@ -1,6 +1,6 @@
 /* -*-c-*-
  *
- * $Id: keyutil.c,v 1.19 2004/04/03 03:31:01 mdw Exp $
+ * $Id: keyutil.c,v 1.25 2004/04/21 00:38:22 mdw Exp $
  *
  * Simple key manager program
  *
@@ -27,78 +27,6 @@
  * MA 02111-1307, USA.
  */
 
-/*----- Revision history --------------------------------------------------* 
- *
- * $Log: keyutil.c,v $
- * Revision 1.19  2004/04/03 03:31:01  mdw
- * Allow explicit group parameters for DH groups.
- *
- * Revision 1.18  2004/04/01 12:50:09  mdw
- * Add cyclic group abstraction, with test code.  Separate off exponentation
- * functions for better static linking.  Fix a buttload of bugs on the way.
- * Generally ensure that negative exponents do inversion correctly.  Add
- * table of standard prime-field subgroups.  (Binary field subgroups are
- * currently unimplemented but easy to add if anyone ever finds a good one.)
- *
- * Revision 1.17  2004/03/28 01:58:47  mdw
- * Generate, store and retreive elliptic curve keys.
- *
- * Revision 1.16  2003/10/15 09:31:45  mdw
- * Fix help message.
- *
- * Revision 1.15  2003/05/15 23:23:24  mdw
- * Fix behaviour with bogus trailing attributes.
- *
- * Revision 1.14  2001/02/23 09:03:27  mdw
- * Simplify usage message by removing nonexistant options.
- *
- * Revision 1.13  2001/02/21 20:04:27  mdw
- * Provide help on individual commands (some need it desparately).  Allow
- * atomic retagging of keys.
- *
- * Revision 1.12  2001/02/03 11:58:22  mdw
- * Store the correct seed information and count for DSA keys now that it's
- * available.
- *
- * Revision 1.11  2000/12/06 20:33:27  mdw
- * Make flags be macros rather than enumerations, to ensure that they're
- * unsigned.
- *
- * Revision 1.10  2000/10/08 12:02:21  mdw
- * Use @MP_EQ@ instead of @MP_CMP@.
- *
- * Revision 1.9  2000/08/15 21:40:49  mdw
- * Minor formatting change in listing attributes.
- *
- * Revision 1.8  2000/07/29 09:59:13  mdw
- * Support Lim-Lee primes in Diffie-Hellman parameter generation.
- *
- * Revision 1.7  2000/07/01 11:18:51  mdw
- * Use new interfaces for key manipulation.
- *
- * Revision 1.6  2000/06/17 11:28:22  mdw
- * Use secure memory interface from MP library.  `rand_getgood' is
- * deprecated.
- *
- * Revision 1.5  2000/02/12 18:21:03  mdw
- * Overhaul of key management (again).
- *
- * Revision 1.4  1999/12/22 15:48:10  mdw
- * Track new key-management changes.  Support new key generation
- * algorithms.
- *
- * Revision 1.3  1999/11/02 15:23:24  mdw
- * Fix newlines in keyring list.
- *
- * Revision 1.2  1999/10/15 21:05:28  mdw
- * In `key list', show timezone for local times, and support `-u' option
- * for UTC output.
- *
- * Revision 1.1  1999/09/03 08:41:12  mdw
- * Initial import.
- *
- */
-
 /*----- Header files ------------------------------------------------------*/
 
 #include "config.h"
@@ -320,6 +248,8 @@ static void mpkey(key_data *kd, const char *tag, mp *m, unsigned f)
 static int copyparam(keyopts *k, const char **pp)
 {
   key_filter kf;
+  key_attriter i;
+  const char *n, *v;
 
   /* --- Quick check if no parameters supplied --- */
 
@@ -343,6 +273,14 @@ static int copyparam(keyopts *k, const char **pp)
   kf.m = KF_CATMASK;
   if (!key_copy(&k->k->k, &k->p->k, &kf))
     die(EXIT_FAILURE, "unexpected failure while copying parameters");
+
+  /* --- Copy over attributes --- */
+
+  for (key_mkattriter(&i, k->p); key_nextattr(&i, &n, &v); )
+    key_putattr(k->kf, k->k, n, v);
+
+  /* --- Done --- */
+
   return (1);
 }
 
@@ -908,7 +846,8 @@ static int cmd_add(int argc, char *argv[])
       { "subgroup",	0,		0,	'S' },
       { 0,		0,		0,	0 }
     };
-    int i = mdwopt(argc, argv, "+a:b:B:p:e:c:t:R:C:A:s:n:lqrLS", opt, 0, 0, 0);
+    int i = mdwopt(argc, argv, "+a:b:B:p:e:c:t:R:C:A:s:n:lqrLS",
+		   opt, 0, 0, 0);
     if (i < 0)
       break;
 
@@ -1271,9 +1210,13 @@ static void showkeydata(key_data *k, int ind, listopts *o, dstr *d)
     /* --- Elliptic curve points --- */
 
     case KENC_EC:
-      fputs(" 0x", stdout); mp_writefile(k->u.e.x, stdout, 16);
-      fputs(", 0x", stdout); mp_writefile(k->u.e.y, stdout, 16);
-      putchar('\n');
+      if (EC_ATINF(&k->u.e))
+	fputs(" inf\n", stdout);
+      else {
+	fputs(" 0x", stdout); mp_writefile(k->u.e.x, stdout, 16);
+	fputs(", 0x", stdout); mp_writefile(k->u.e.y, stdout, 16);
+	putchar('\n');
+      }
       break;      
 
     /* --- Structured keys --- *
@@ -1561,42 +1504,42 @@ static int cmd_setattr(int argc, char *argv[])
 
 /* --- @cmd_finger@ --- */
 
-static void fingerprint(key *k, const key_filter *kf)
+static void fingerprint(key *k, const gchash *ch, const key_filter *kf)
 {
-  rmd160_ctx r;
-  octet hash[RMD160_HASHSZ];
+  ghash *h;
   dstr d = DSTR_INIT;
-  int i;
+  const octet *p;
+  size_t i;
 
-  if (!key_encode(&k->k, &d, kf))
-    return;
-  rmd160_init(&r);
-  rmd160_hash(&r, d.buf, d.len);
-  rmd160_done(&r, hash);
-
-  DRESET(&d);
-  key_fulltag(k, &d);
-  for (i = 0; i < sizeof(hash); i++) {
-    if (i && i % 4 == 0)
-      putchar('-');
-    printf("%02x", hash[i]);
+  h = GH_INIT(ch);
+  if (key_fingerprint(k, h, kf)) {
+    p = GH_DONE(h, 0);
+    key_fulltag(k, &d);
+    for (i = 0; i < ch->hashsz; i++) {
+      if (i && i % 4 == 0)
+	putchar('-');
+      printf("%02x", p[i]);
+    }
+    printf(" %s\n", d.buf);
   }
-  printf(" %s\n", d.buf);
   dstr_destroy(&d);
+  GH_DESTROY(h);
 }
 
 static int cmd_finger(int argc, char *argv[])
 {
   key_file f;
   int rc = 0;
+  const gchash *ch = &rmd160;
   key_filter kf = { KF_NONSECRET, KF_NONSECRET };
 
   for (;;) {
     static struct option opt[] = {
       { "filter",	OPTF_ARGREQ,	0,	'f' },
+      { "algorithm",	OPTF_ARGREQ,	0,	'a' },
       { 0,		0,		0,	0 }
     };
-    int i = mdwopt(argc, argv, "+f:", opt, 0, 0, 0);
+    int i = mdwopt(argc, argv, "+f:a:", opt, 0, 0, 0);
     if (i < 0)
       break;
     switch (i) {
@@ -1606,6 +1549,10 @@ static int cmd_finger(int argc, char *argv[])
 	if (err || *p)
 	  die(EXIT_FAILURE, "bad filter string `%s'", optarg);
       } break;
+      case 'a':
+	if ((ch = ghash_byname(optarg)) == 0)
+	  die(EXIT_FAILURE, "unknown hash algorithm `%s'", optarg);
+	break;
       default:
 	rc = 1;
 	break;
@@ -1623,7 +1570,7 @@ static int cmd_finger(int argc, char *argv[])
     for (i = 0; i < argc; i++) {
       key *k = key_bytag(&f, argv[i]);
       if (k)
-	fingerprint(k, &kf);
+	fingerprint(k, ch, &kf);
       else {
 	rc = 1;
 	moan("key `%s' not found", argv[i]);
@@ -1633,7 +1580,7 @@ static int cmd_finger(int argc, char *argv[])
     key_iter i;
     key *k;
     for (key_mkiter(&i, &f); (k = key_next(&i)) != 0; )
-      fingerprint(k, &kf);
+      fingerprint(k, ch, &kf);
   }
   return (rc);
 }
@@ -1897,6 +1844,7 @@ Options:\n\
 Options:\n\
 \n\
 -f, --filter=FILT	Only hash key components matching FILT.\n\
+-a, --algorithm=HASH	Use the named HASH algorithm.\n\
 " },
   { "tidy", cmd_tidy, "tidy" },
   { "extract", cmd_extract, "extract [-f filter] file [tag...]", "\