From 046276db3a04f1907ddcf77c3771832613918226 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Fri, 6 Jul 2018 11:48:38 +0200 Subject: [PATCH] gpg: Split key cleaning function for clarity. * g10/key-clean.c (clean_key): Rename to clean_all_uids and split subkey cleaning into ... (clean_all_subkeys): new. Call that always after the former clean_key invocations. -- Note that the clean_all_subkeys function will later be extended. Signed-off-by: Werner Koch (cherry picked from commit 6c3567196f7e72552f326ce07dccbcce31926e5d) --- g10/export.c | 8 ++++++-- g10/import.c | 27 ++++++++++++++++++++------- g10/key-clean.c | 29 ++++++++++++++++++++++++----- g10/key-clean.h | 6 ++++-- 4 files changed, 54 insertions(+), 16 deletions(-) diff --git a/g10/export.c b/g10/export.c index 44cf075b0..21ff23c8d 100644 --- a/g10/export.c +++ b/g10/export.c @@ -2007,8 +2007,12 @@ do_export_stream (ctrl_t ctrl, iobuf_t out, strlist_t users, int secret, * UID sigs (0x10, 0x11, 0x12, and 0x13). A designated * revocation is never stripped, even with export-minimal set. */ if ((options & EXPORT_CLEAN)) - clean_key (ctrl, keyblock, opt.verbose, - (options&EXPORT_MINIMAL), NULL, NULL); + { + merge_keys_and_selfsig (ctrl, keyblock); + clean_all_uids (ctrl, keyblock, opt.verbose, + (options&EXPORT_MINIMAL), NULL, NULL); + clean_all_subkeys (ctrl, keyblock, opt.verbose, NULL, NULL); + } if (export_keep_uid) { diff --git a/g10/import.c b/g10/import.c index fa7fc1fbd..6b6411c24 100644 --- a/g10/import.c +++ b/g10/import.c @@ -1741,9 +1741,13 @@ import_one (ctrl_t ctrl, that we have to clean later. This has no practical impact on the end result, but does result in less logging which might confuse the user. */ - if (options&IMPORT_CLEAN) - clean_key (ctrl, keyblock, - opt.verbose, (options&IMPORT_MINIMAL), NULL, NULL); + if ((options & IMPORT_CLEAN)) + { + merge_keys_and_selfsig (ctrl, keyblock); + clean_all_uids (ctrl, keyblock, + opt.verbose, (options&IMPORT_MINIMAL), NULL, NULL); + clean_all_subkeys (ctrl, keyblock, opt.verbose, NULL, NULL); + } clear_kbnode_flags( keyblock ); @@ -1884,8 +1888,12 @@ import_one (ctrl_t ctrl, log_info (_("writing to '%s'\n"), keydb_get_resource_name (hd) ); if ((options & IMPORT_CLEAN)) - clean_key (ctrl, keyblock, opt.verbose, (options&IMPORT_MINIMAL), - &n_uids_cleaned,&n_sigs_cleaned); + { + merge_keys_and_selfsig (ctrl, keyblock); + clean_all_uids (ctrl, keyblock, opt.verbose, (options&IMPORT_MINIMAL), + &n_uids_cleaned,&n_sigs_cleaned); + clean_all_subkeys (ctrl, keyblock, opt.verbose, NULL, NULL); + } /* Unless we are in restore mode apply meta data to the * keyblock. Note that this will never change the first packet @@ -1970,8 +1978,13 @@ import_one (ctrl_t ctrl, goto leave; if ((options & IMPORT_CLEAN)) - clean_key (ctrl, keyblock_orig, opt.verbose, (options&IMPORT_MINIMAL), - &n_uids_cleaned,&n_sigs_cleaned); + { + merge_keys_and_selfsig (ctrl, keyblock_orig); + clean_all_uids (ctrl, keyblock_orig, opt.verbose, + (options&IMPORT_MINIMAL), + &n_uids_cleaned,&n_sigs_cleaned); + clean_all_subkeys (ctrl, keyblock_orig, opt.verbose, NULL, NULL); + } if (n_uids || n_sigs || n_subk || n_sigs_cleaned || n_uids_cleaned) { diff --git a/g10/key-clean.c b/g10/key-clean.c index d022ff44d..10478a46e 100644 --- a/g10/key-clean.c +++ b/g10/key-clean.c @@ -383,15 +383,14 @@ clean_one_uid (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode, /* NB: This function marks the deleted nodes only and the caller is - * responsible to skip or remove them. */ + * responsible to skip or remove them. Needs to be called after a + * merge_keys_and_selfsig(). */ void -clean_key (ctrl_t ctrl, kbnode_t keyblock, int noisy, int self_only, - int *uids_cleaned, int *sigs_cleaned) +clean_all_uids (ctrl_t ctrl, kbnode_t keyblock, int noisy, int self_only, + int *uids_cleaned, int *sigs_cleaned) { kbnode_t node; - merge_keys_and_selfsig (ctrl, keyblock); - for (node = keyblock->next; node && !(node->pkt->pkttype == PKT_PUBLIC_SUBKEY || node->pkt->pkttype == PKT_SECRET_SUBKEY); @@ -406,6 +405,26 @@ clean_key (ctrl_t ctrl, kbnode_t keyblock, int noisy, int self_only, * allowed are of class 0x18 and 0x28. */ log_assert (!node || (node->pkt->pkttype == PKT_PUBLIC_SUBKEY || node->pkt->pkttype == PKT_SECRET_SUBKEY)); +} + + +/* This function only marks the deleted nodes and the caller is + * responsible to skip or remove them. Needs to be called after a + * merge_keys_and_selfsig. */ +void +clean_all_subkeys (ctrl_t ctrl, kbnode_t keyblock, int noisy, + int *subkeys_cleaned, int *sigs_cleaned) +{ + kbnode_t node; + + for (node = keyblock->next; node; node = node->next) + if (!is_deleted_kbnode (node) + && (node->pkt->pkttype == PKT_PUBLIC_SUBKEY + || node->pkt->pkttype == PKT_SECRET_SUBKEY)) + break; + + /* Remove bogus subkey binding signatures: The only signatures + * allowed are of class 0x18 and 0x28. */ for (; node; node = node->next) { if (is_deleted_kbnode (node)) diff --git a/g10/key-clean.h b/g10/key-clean.h index 4dfd9509c..693843064 100644 --- a/g10/key-clean.h +++ b/g10/key-clean.h @@ -30,8 +30,10 @@ void mark_usable_uid_certs (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode, void clean_one_uid (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode, int noisy, int self_only, int *uids_cleaned, int *sigs_cleaned); -void clean_key (ctrl_t ctrl, kbnode_t keyblock, int noisy, int self_only, - int *uids_cleaned,int *sigs_cleaned); +void clean_all_uids (ctrl_t ctrl, kbnode_t keyblock, int noisy, int self_only, + int *uids_cleaned,int *sigs_cleaned); +void clean_all_subkeys (ctrl_t ctrl, kbnode_t keyblock, int noisy, + int *subkeys_cleaned, int *sigs_cleaned); #endif /*GNUPG_G10_KEY_CLEAN_H*/