trunk/Src/wptGPGUtil.cpp

/* wptGPGUtil.cpp - GPG util functions
 *      Copyright (C) 2005, 2006 Timo Schulz
 *      Copyright (C) 2005 g10 Code GmbH
 *
 * This file is part of WinPT.
 *
 * WinPT is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 * 
 * WinPT is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with WinPT; if not, write to the Free Software Foundation, 
 * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
 */

#ifdef HAVE_CONFIG_H
#include <config.h>
#endif

#include <windows.h>
#include <sys/stat.h>
#include <string.h>
#include <errno.h>

#include "gpgme.h"
#include "wptTypes.h"
#include "wptErrors.h"
#include "wptW32API.h"
#include "wptGPG.h"
#include "openpgp.h"


/* safe wrapper around calloc. */
static void*
xcalloc (size_t n, size_t m)
{
    void *p = calloc (n, m);
    if (!p)
        BUG (0);
    return p;
}


#define NROFHEXDIGITS 2  
/* Convert two hexadecimal digits from STR to the value they
   represent.  Returns -1 if one of the characters is not a
   hexadecimal digit.  */
static int
hextobyte (const unsigned char *str)
{
    int val = 0;  
    int i;

    for (i = 0; i < NROFHEXDIGITS; i++) {
        if (*str >= '0' && *str <= '9')
            val += *str - '0';
        else if (*str >= 'A' && *str <= 'F')
            val += 10 + *str - 'A';
        else if (*str >= 'a' && *str <= 'f')
            val += 10 + *str - 'a';
        else
            return -1;
        if (i < NROFHEXDIGITS - 1)
            val *= 16;
        str++;
    }
    return val;
}

/* Decode the C formatted string @src and store the result in the
   buffer @destp which is @len bytes long.  If @len is zero, then a
   large enough buffer is allocated with malloc and @destp is set to
   the result.  Currently, @len is only used to specify if allocation
   is desired or not, the caller is expected to make sure that @destp
   is large enough if @len is not zero.  */
gpgme_error_t
gpg_decode_c_string (const char *src, char **destp, size_t len)
{
  char *dest;

  /* Set up the destination buffer.  */
  if (len) {
      if (len < strlen (src) + 1)
          return gpg_error (GPG_ERR_TOO_SHORT);
      dest = *destp;
  }
  else {      
  /* The converted string will never be larger than the original string.  */
      dest = (char*)xcalloc (1,strlen (src) + 1);
      *destp = dest;
  }

  /* Convert the string.  */
  while (*src) {    
      if (*src != '\\') {
          *(dest++) = *(src++);
          continue;
      }

      switch (src[1]) {
#define DECODE_ONE(match,result)        \
      case match:                       \
          src += 2;                     \
          *(dest++) = result;           \
          break;

          DECODE_ONE ('\'', '\'');
          DECODE_ONE ('\"', '\"');
          DECODE_ONE ('\?', '\?');
          DECODE_ONE ('\\', '\\');
          DECODE_ONE ('a', '\a');
          DECODE_ONE ('b', '\b');
          DECODE_ONE ('f', '\f');
          DECODE_ONE ('n', '\n');
          DECODE_ONE ('r', '\r');
          DECODE_ONE ('t', '\t');
          DECODE_ONE ('v', '\v');

      case 'x': {
            int val = hextobyte ((unsigned char*)&src[2]);
            if (val == -1) { /* Should not happen.  */
                *(dest++) = *(src++);
                *(dest++) = *(src++);
                if (*src)
                  *(dest++) = *(src++);
                if (*src)
                  *(dest++) = *(src++);
            }
            else {
                if (!val) {
                    /* A binary zero is not representable in a C string.  */
                    *(dest++) = '\\';
                    *(dest++) = '0'; 
                }
                else 
                    *((unsigned char *) dest++) = val;
                src += 4;
            }
        }

        default: /* Should not happen.  */
          {
            *(dest++) = *(src++);
            *(dest++) = *(src++);
          }
        } 
  }
  *(dest++) = 0;
  return 0;
}


/* Replace %foo% entries with its real values.
   Return value: expanded path or NULL on error. */
static char *
expand_path (const char *path)
{
    DWORD len;
    char *p;

    len = ExpandEnvironmentStrings (path, NULL, 0);
    if (!len)
        return NULL;
    len += 1;
    p = (char*)xcalloc (1, len+1);
    len = ExpandEnvironmentStrings (path, p, len);
    if (!len) {
        safe_free (p);
        return NULL;
    }
    return p; 
}


/* Read a string from the W32 registry. The directory is given
   in @dir and the name of the value in @name, */
static char *
read_w32_registry (HKEY root_key, const char *dir, const char *name)
{
    HKEY key_handle;
    DWORD n1, nbytes;
    DWORD type;
    char *result = NULL;
    
    if (RegOpenKeyEx (root_key, dir, 0, KEY_READ, &key_handle)) {
        log_debug ("read_w32_registry (%s, %s) failed.\r\n", dir, name);
        return NULL; /* no need for a RegClose, so return direct */
    }
    
    nbytes = 1;
    if (RegQueryValueEx (key_handle, name, 0, NULL, NULL, &nbytes))
        goto leave;
    result = (char*)xcalloc (1, (n1=nbytes+1));    
    if (RegQueryValueEx (key_handle, name, 0, &type, (BYTE*)result, &n1)) {
        safe_free (result); 
        result = NULL;
        goto leave;
    }
    if (type == REG_EXPAND_SZ && strchr (result, '%')) {
        char *p = expand_path (result);
        safe_free (result);
        result = p;
    }
    
leave:
    RegCloseKey (key_handle);
    return result;
}


static char*
read_gpg_program (void)
{
    return read_w32_registry (HKEY_CURRENT_USER, 
                              "Software\\GNU\\GnuPG", "gpgProgram");
}


/* Create a temp file based on the name of @name.
   Return value: handle to the file in case of success. */
static HANDLE
create_tmpfile (const char *name)
{    
    HANDLE out;
    SECURITY_ATTRIBUTES sec_attr;
    char tmp[MAX_PATH+64];

    memset (&sec_attr, 0, sizeof sec_attr);
    sec_attr.bInheritHandle = TRUE;
    sec_attr.lpSecurityDescriptor = NULL;
    sec_attr.nLength = sizeof sec_attr;

    get_temp_name (tmp, DIM (tmp)-1, name);
    out = CreateFile (tmp, GENERIC_READ|GENERIC_WRITE, 
                      FILE_SHARE_WRITE, &sec_attr,
                      OPEN_ALWAYS, FILE_FLAG_DELETE_ON_CLOSE, NULL);
    if (out == INVALID_HANDLE_VALUE)
        log_debug ("create_tmpfile: CreateFile failed ec=%d\r\n",
                   (int)GetLastError ());
    return out;
}


/* Create a pipe with a readable remote end and
   write the data from @dat to the local end.
   Return value: read handle on success. */
static HANDLE
create_in_pipe (const char *dat)
{
    HANDLE r, w;
    SECURITY_ATTRIBUTES sec_attr;
    DWORD n;

    memset (&sec_attr, 0, sizeof sec_attr);
    sec_attr.bInheritHandle = TRUE;
    sec_attr.nLength = sizeof sec_attr;

    if (!CreatePipe (&r, &w, &sec_attr, 4096)) {
        log_debug ("create_in_pipe: CreatePipeFailed ec=%d\r\n", 
                   (int)GetLastError ());
        return NULL;
    }

    WriteFile (w, dat, strlen (dat), &n, NULL);
    CloseHandle (w);

    return r;
}


/* Map the contents of the file handle @out to
   a buffer and return it. */
static char*
map_tmpfile (HANDLE out, DWORD *nread)
{
    DWORD n;
    char *p;

    FlushFileBuffers (out);
    SetFilePointer (out, 0, NULL, FILE_BEGIN);
    n = GetFileSize (out, NULL);
    p = (char*)xcalloc (1, n+1);
    ReadFile (out, p, n, &n, NULL);
    p[n] = 0;
    if (nread)
        *nread = n;
    return p;
}


/* Create a process from the command line in @cmd.
   If @out is != NULL, the output of the process will
   be redirected to @out. If @in is != NULL the input
   will be read from @in.
   Return value: 0 on success. */
static int
create_process (const char *cmd, HANDLE in, HANDLE out, HANDLE err)
{
    STARTUPINFO si;
    PROCESS_INFORMATION pi;

    memset (&si, 0, sizeof (si));
    si.cb = sizeof si;
    if (in || out || err)
        si.dwFlags = STARTF_USESTDHANDLES;
    if (out)
        si.hStdOutput = out;
    if (in)
        si.hStdInput = in;
    if (err)
        si.hStdError = err;
    si.dwFlags |= STARTF_USESHOWWINDOW;
    si.wShowWindow = SW_HIDE;
    if (!CreateProcess (NULL, (char*)cmd, NULL, NULL, TRUE, 0, 
                        NULL, NULL, &si, &pi)) {
        log_debug ("create_process: CreateProcess failed ec=%d\r\n", 
                   (int)GetLastError ());
        return -1;
    }
    WaitForSingleObject (pi.hProcess, INFINITE);
    CloseHandle (pi.hProcess);
    return 0;
}


/* Export a GPG secret key given by @keyid into the file @outfile.
   Return value: 0 on success. */
gpgme_error_t
gpg_export_seckey (const char *keyid, const char *outfile)
{
    gpgme_error_t err = gpg_error (GPG_ERR_NO_ERROR);
    struct stat st;
    const char *fmt;
    char *p;
    char *cmd;

    p = read_gpg_program ();
    if (!p)
        return gpg_error (GPG_ERR_INV_ARG);
    fmt = "%s --armor --yes --output \"%s\" --export-secret-key %s";
    cmd = (char*)xcalloc (1, strlen (p) + strlen (keyid) 
                            + strlen (outfile) + strlen (fmt) + 2);
    sprintf (cmd, fmt, p, outfile, keyid);
    if (create_process (cmd, NULL, NULL, NULL))
        err = gpg_error (GPG_ERR_INTERNAL);

    if (stat (outfile, &st) == -1 || st.st_size == 0)
        err = gpg_error (GPG_ERR_NO_DATA);

    safe_free (p);
    safe_free (cmd);
    return err;
}


/* If @export is 1, export the ownertrust data to the
   buffer @data. Otherwise import the ownertrust data from @data.
   Return value: 0 on success. */
gpgme_error_t
gpg_manage_ownertrust (char **data, int do_export)
{
    gpgme_error_t err = gpg_error (GPG_ERR_NO_ERROR);
    HANDLE out = NULL, in = NULL;
    char *p;
    char *cmd;

    p = read_gpg_program ();
    if (!p)
        return gpg_error (GPG_ERR_INV_ARG);

    cmd = (char*)xcalloc (1, strlen (p) + 64 + 1);
    sprintf (cmd, "%s %s", p,
             do_export? "--export-ownertrust" : "--import-ownertrust");

    if (do_export)
        out = create_tmpfile ("gpg_ot_out");
    else {
        DWORD nw;
        in = create_tmpfile ("gpg_ot_in");
        WriteFile (in, *data, strlen (*data), &nw, NULL);
        FlushFileBuffers (in);
    }
    if (create_process (cmd, in, out, NULL))
        err = gpg_error (GPG_ERR_INTERNAL);

    safe_free (p);
    safe_free (cmd);

    if (in)
        CloseHandle (in);
    if (out) {
        *data = map_tmpfile (out, NULL);
        CloseHandle (out);
    }

    return err;
}


/* Call gpg --rebuild-keydb-caches to speed up signature listings. */
gpgme_error_t
gpg_rebuild_cache (char **r_inf)
{
    gpgme_error_t err = gpg_error (GPG_ERR_NO_ERROR);
    HANDLE out = NULL;
    const char *fmt;
    char *p;
    char *cmd;

    p = read_gpg_program ();
    if (!p)
        return gpg_error (GPG_ERR_INV_ARG);
    fmt = "%s --logger-fd=1 --batch --rebuild-keydb-caches";
    cmd = (char*)xcalloc (1, strlen (p) + strlen (fmt) + 32);
    sprintf (cmd, fmt, p);

    if (r_inf)
        out = create_tmpfile ("gpg_rebuild_cache");

    if (create_process (cmd, NULL, out, NULL))
        err = gpg_error (GPG_ERR_INTERNAL);

    if (r_inf)
        *r_inf = map_tmpfile (out, NULL);
    if (out)
        CloseHandle (out);
    safe_free (p);
    safe_free (cmd);
    return err;
}


/* Call gpg --version to retrieve the 'about' information. */
gpgme_error_t
gpg_get_version (char **r_inf)
{
    gpgme_error_t err= gpg_error (GPG_ERR_NO_ERROR);
    HANDLE out;    
    char *p, *cmd;

    p = read_gpg_program ();
    if (!p)
        return gpg_error (GPG_ERR_INV_ARG);
    cmd = (char*)xcalloc (1, strlen (p) + 32);
    sprintf (cmd, "%s --version", p);

    out = create_tmpfile ("gpg_out");
    if (create_process (cmd, NULL, out, NULL))
        err = gpg_error (GPG_ERR_INTERNAL);

    safe_free (p);
    safe_free (cmd);

    *r_inf = map_tmpfile (out, NULL);
    CloseHandle (out);    
    return err;
}


/* Return the colon file output of the given file @fname in @r_out.
   Return value: 0 on success. */ 
gpgme_error_t
gpg_import_key_list (const char *fname, char **r_out)
{
    gpgme_error_t err = gpg_error (GPG_ERR_NO_ERROR);
    const char *fmt;
    char *cmd, *p;
    HANDLE out;

    p = read_gpg_program ();
    if (!p)
        return gpg_error (GPG_ERR_INV_ARG);

    fmt = "%s --fixed-list-mode --with-colons \"%s\"";
    cmd = (char*)xcalloc (1, strlen (p) + strlen (fname) + strlen (fmt) + 2);
    sprintf (cmd, fmt, p, fname);

    out = create_tmpfile ("gpg_keys");
    if (create_process (cmd, NULL, out, NULL))
        err = gpg_error (GPG_ERR_INTERNAL);

    safe_free (p);
    safe_free (cmd);

    *r_out = map_tmpfile (out, NULL);
    CloseHandle (out);
    return err;
}


/* Generate a revocation certificate for the key with the keyid @keyid.
   @inp_data contains all needed data to answer the questions of the
   command handler. Each separate with a '\n'.
   @r_revcert contains the revocation cert on success.
   if @desig_revoke is 1, the designated revoker mode is used.
   Return value: 0 on success. */
gpgme_error_t
gpg_revoke_cert (int desig_revoke, const char *inp_data, 
                 const char *keyid, char **r_revcert)
{
    gpgme_error_t err = gpg_error (GPG_ERR_NO_ERROR);
    const char *fmt, *revcmd;
    char *rcrt;
    char *cmd, *p;
    HANDLE in, out;
    
    p = read_gpg_program ();
    if (!p)
        return gpg_error (GPG_ERR_INV_ARG);

    revcmd = desig_revoke? "--desig-revoke" : "--gen-revoke";
    fmt = "%s --pgp7 --command-fd=0 --status-fd=2 %s %s";
    cmd = (char*)xcalloc (1, strlen (p) + strlen (revcmd) + 
                             strlen (keyid) + strlen (fmt) + 2);
    sprintf (cmd, fmt, p, revcmd, keyid);

    in = create_in_pipe (inp_data);
    out = create_tmpfile ("gpg_revcert");
    if (create_process (cmd, in, out, NULL)) {
        *r_revcert = NULL;
        err = gpg_error (GPG_ERR_INTERNAL);
    }
    else {
        rcrt = map_tmpfile (out, NULL);
        *r_revcert = rcrt;
        if (rcrt && strlen (rcrt) == 0)
            err = gpg_error (GPG_ERR_BAD_PASSPHRASE);
    }

    safe_free (p);
    safe_free (cmd);

    CloseHandle (in);
    CloseHandle (out);
    return err;
}


/* Return the raw photo-id data combined with the status-fd
   entry in @r_data. If @keyid is set, only the data for this 
   key will be returned.
   Return value: 0 on success. */
gpgme_error_t
gpg_get_photoid_data (const char *keyid, char **r_status_data,
                      unsigned char **r_data, unsigned long *ndata)
{
    gpgme_error_t err = gpg_error (GPG_ERR_NO_ERROR);
    HANDLE herr, hdat;
    const char *fmt;
    char *p, *cmd;
    DWORD n;

    if (ndata)
        *ndata = 0;
    p = read_gpg_program ();
    if (!p)
        return gpg_error (GPG_ERR_INV_ARG);
    fmt = "%s --attribute-fd=%d --status-fd=2 --list-keys %s";
    n = strlen (p) + strlen (fmt) + 1;
    if (keyid)
        n += strlen (keyid) + 1;
    cmd = (char*)xcalloc (1, n+1);
    /* XXX: add --list-options show-unsuable-uid to display
            revoked attribute IDs */
    hdat = create_tmpfile ("gpg_uat_data");
    herr = create_tmpfile ("gpg_uat_status");
    sprintf (cmd, fmt, p, (int)hdat, keyid? keyid : "");
    if (create_process (cmd, NULL, NULL, herr))
        err = gpg_error (GPG_ERR_INTERNAL);

    safe_free (p);
    safe_free (cmd);

    *r_data = (BYTE*)map_tmpfile (hdat, ndata);
    *r_status_data = map_tmpfile (herr, NULL);
    CloseHandle (hdat);
    CloseHandle (herr);

    return err;
}


/* Extract one or more keys from the key file @keyfile.
   The keys to extract are give in @keys and the size of it is @nkeys.
   @new_keyfile is a file with the extract keys.
   Return value: 0 on success. */
gpgme_error_t
gpg_extract_keys (const char *keyfile, const char **keys, DWORD nkeys,
                  char **new_keyfile)
{
    gpgme_error_t err = gpg_error (GPG_ERR_NO_ERROR);
    const char *fmt;
    char *p, *cmd;
    char tmpnam[MAX_PATH], tmpdir[MAX_PATH];
    int i, n;

    /* copy key file to temp dir. */
    GetTempPath (MAX_PATH-1, tmpdir);
    get_temp_name (tmpnam, MAX_PATH-1, NULL);
    CopyFile (keyfile, tmpnam, FALSE);

    /* create temp file for output. */
    *new_keyfile = new char[MAX_PATH];
    if (!*new_keyfile)
        BUG (NULL);
    get_temp_name (*new_keyfile, MAX_PATH-1, "sel_keys");

    p = read_gpg_program ();
    if (!p)
        return gpg_error (GPG_ERR_INV_ARG);

    /* Use the temp key file as a keyring and export the selected
       keys from it. */
    fmt = "%s --yes --output %s --no-options --homedir %s --keyring %s --export ";
    n = strlen (fmt) + strlen (p)+1 + strlen (tmpdir)+1 + strlen (tmpnam) + 1;
    n += strlen (*new_keyfile)+1;
    for (i=0; i < (int)nkeys; i++)
        n += strlen (keys[i])+1+2;
    cmd = (char*)xcalloc (1, n+1);
    sprintf (cmd, fmt, p, *new_keyfile, tmpdir, tmpnam);
    for (i=0; i < (int)nkeys; i++) {
        strcat (cmd, keys[i]);
        strcat (cmd, " " );
    }

    if (create_process (cmd, NULL, NULL, NULL))
        err = gpgme_error (GPG_ERR_INTERNAL);

    DeleteFile (tmpnam);
    safe_free (cmd);
    safe_free (p);
    return err;
}


/* Return the validity of the user attribute, informerly known 
   as photo-ID. If no uat was found, return 0 for unknown. */
gpgme_error_t
get_uat_validity (const char *keyid, gpgme_validity_t *r_valid)
{
    gpgme_error_t err = gpg_error (GPG_ERR_NO_ERROR);
    HANDLE out;
    const char *fmt;
    char *p, *cmd;
    char *uat;

    *r_valid = GPGME_VALIDITY_UNKNOWN;
    p = read_gpg_program ();
    if (!p)
        return gpg_error (GPG_ERR_INV_ARG);

    fmt = "%s --with-colons --fixed-list-mode --list-keys \"%s\"";
    cmd = (char*)xcalloc (1, strlen (p) + strlen (keyid) + strlen (fmt) + 2);
    sprintf (cmd, fmt, p, keyid);

    out = create_tmpfile ("gpg_keys");
    if (create_process (cmd, NULL, out, NULL))
        err = gpg_error (GPG_ERR_INTERNAL);

    safe_free (p);
    safe_free (cmd);
    
    p = map_tmpfile (out, NULL);
    if ((uat = strstr (p, "uat:"))) {
        switch (*(uat+4)) {
        case 'm': *r_valid = GPGME_VALIDITY_MARGINAL; break;
        case 'f':
        case 'u': *r_valid = GPGME_VALIDITY_FULL; break;
        default : *r_valid = GPGME_VALIDITY_UNDEFINED; break;
        }
    }

    safe_free (p);
    CloseHandle (out);
    return err;
}


static gpgme_error_t
clip_store_data (char *tmp_outname, DWORD outlen)
{
    gpgme_data_t in;
    gpgme_error_t err;

    get_temp_name (tmp_outname, outlen-1, NULL);
    err = gpg_data_new_from_clipboard (&in, 0);
    if (err)
        return err;
    err = gpg_data_release_and_set_file (in, tmp_outname);
    return err;
}


/* Extract all recipients from the file @file.
   Return value: 0 on success. */
static gpgme_error_t
file_extract_recipient (const char *file, gpgme_recipient_t *r_list)
{    
    PACKET *pkt;
    PKT_pubkey_enc *enc;
    gpg_iobuf_t inp = NULL;
    armor_filter_context_t afx;
    gpgme_recipient_t l;
    int rc = 0, quit=0;

    if (!file || !r_list) {
        log_debug ("do_list_packets: !r_list || !file");
        return gpgme_error (GPG_ERR_INV_ARG);
    }

    *r_list = NULL;
    inp = gpg_iobuf_open (file);
    if (!inp)
        return gpgme_err_code_from_errno (errno);
    gpg_iobuf_ioctl (inp, 3, 1, NULL); /* disable cache */
    if (gpg_use_armor_filter (inp)) {
        memset (&afx, 0, sizeof (afx));
        gpg_iobuf_push_filter (inp, gpg_armor_filter, &afx);
    }
    pkt = (PACKET *)xcalloc(1, sizeof *pkt);
    gpg_init_packet (pkt);
    while (!quit && (rc = gpg_parse_packet (inp, pkt)) != -1) {
        switch (pkt->pkttype) {
        case PKT_PUBKEY_ENC:
            enc = pkt->pkt.pubkey_enc;
            if (!enc)
                break;
            l = (gpgme_recipient_t)xcalloc (1, sizeof *l);
            l->keyid = (char*)xcalloc (1, 16+1);
            _snprintf (l->keyid, 16, "%08lX%08lX", 
                       enc->keyid[0], enc->keyid[1]);
            l->pubkey_algo = (gpgme_pubkey_algo_t)enc->pubkey_algo;
            l->status = 0;
            l->next = (*r_list);
            *r_list = l;
            break;

        case PKT_ENCRYPTED:     
        case PKT_ENCRYPTED_MDC:
        case PKT_PLAINTEXT:
        case PKT_COMPRESSED:
        case PKT_PUBLIC_KEY:
        case PKT_SECRET_KEY:
            quit = 1;
            break;

        default:
            break;
        }
        gpg_free_packet (pkt);
        gpg_init_packet (pkt);
    }
    gpg_iobuf_close (inp);
    safe_free (pkt);
    return 0;
}


/* Either extract the list of recipients from the file @file or
   if the string is NULL, try to extract them from the clipboard.
   Return value: 0 on success. */
gpgme_error_t
gpg_get_recipients (const char *file, gpgme_recipient_t *r_list)
{
    gpgme_error_t err;
    char tmp[MAX_PATH+1];

    if (!file) {
        clip_store_data (tmp, DIM (tmp)-2);
        err = file_extract_recipient (tmp, r_list);
        DeleteFile (tmp);
    }
    else
        err = file_extract_recipient (file, r_list);
    return err;
}


/* Try to find a subpacket with the given id @subpktid
   inside the key @key.
   Return value: 0 on success. */
gpgme_error_t
gpg_find_key_subpacket (const char *key, int subpktid, char **value)
{
    gpgme_error_t err = gpg_error (GPG_ERR_NO_ERROR);
    const char *fmt;
    const char *spk;
    char *p, *cmd;
    HANDLE out;

    *value = NULL;
    p = read_gpg_program ();
    fmt = "%s --with-colons --no-options --list-options show-sig-subpackets=%d --list-sigs %s";
    cmd = (char*)xcalloc (1, strlen (fmt) + strlen (p) + strlen (key) + 32 + 1);
    sprintf (cmd, fmt, p, subpktid, key);

    out = create_tmpfile ("gpg_subpackets");
    if (create_process (cmd, NULL, out, NULL))
        err = gpg_error (GPG_ERR_INTERNAL);

    safe_free (p);
    safe_free (cmd);

    p = map_tmpfile (out, NULL);
    if (p && (spk=strstr (p, "spk"))) {
        char *end = strstr (spk, "\n");
        
        if (end) {
            *value = (char*)xcalloc (1, (end-spk)+1);
            memcpy (*value, spk, (end-spk)-1);
        }
    }

    safe_free (p);
    CloseHandle (out);
    return err;
}