From 04b0b050ffb5862dc312a4806b65085d417afaf1 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Fri, 1 Jul 2011 10:21:08 +0200 Subject: [PATCH] Add pubkey letters e and E for ECC. This does not mean we have any kind of ECC support now. It is merely to avoid printing a question mark for the algorithm. Trailing white space changes as usual. --- g10/build-packet.c | 22 ++++--- g10/getkey.c | 150 +++++++++++++++++++++++---------------------- g10/gpg.c | 80 ++++++++++++------------ g10/keydb.c | 88 +++++++++++++------------- g10/keyid.c | 8 ++- g10/mainproc.c | 62 ++++++++++--------- include/cipher.h | 5 +- 7 files changed, 216 insertions(+), 199 deletions(-) diff --git a/g10/build-packet.c b/g10/build-packet.c index 7eceda0e7..abe018115 100644 --- a/g10/build-packet.c +++ b/g10/build-packet.c @@ -313,7 +313,7 @@ do_secret_key( IOBUF out, int ctb, PKT_secret_key *sk ) private/experimental extension (this is not specified in rfc2440 but the same scheme is used for all other algorithm identifiers) */ - iobuf_put(a, 101 ); + iobuf_put(a, 101 ); iobuf_put(a, sk->protect.s2k.hash_algo ); iobuf_write(a, "GNU", 3 ); iobuf_put(a, sk->protect.s2k.mode - 1000 ); @@ -326,10 +326,10 @@ do_secret_key( IOBUF out, int ctb, PKT_secret_key *sk ) || sk->protect.s2k.mode == 3 ) iobuf_write(a, sk->protect.s2k.salt, 8 ); if( sk->protect.s2k.mode == 3 ) - iobuf_put(a, sk->protect.s2k.count ); + iobuf_put(a, sk->protect.s2k.count ); /* For out special modes 1001, 1002 we do not need an IV */ - if( sk->protect.s2k.mode != 1001 + if( sk->protect.s2k.mode != 1001 && sk->protect.s2k.mode != 1002 ) iobuf_write(a, sk->protect.iv, sk->protect.ivlen ); } @@ -338,9 +338,9 @@ do_secret_key( IOBUF out, int ctb, PKT_secret_key *sk ) iobuf_put(a, 0 ); if( sk->protect.s2k.mode == 1001 ) - ; /* GnuPG extension - don't write a secret key at all */ + ; /* GnuPG extension - don't write a secret key at all */ else if( sk->protect.s2k.mode == 1002 ) - { /* GnuPG extension - divert to OpenPGP smartcard. */ + { /* GnuPG extension - divert to OpenPGP smartcard. */ iobuf_put(a, sk->protect.ivlen ); /* length of the serial number or 0 for no serial number. */ @@ -599,7 +599,7 @@ delete_sig_subpkt (subpktarea_t *area, sigsubpkttype_t reqtype ) } if( buflen < n ) break; - + type = *buffer & 0x7f; if( type == reqtype ) { buffer++; @@ -633,7 +633,7 @@ delete_sig_subpkt (subpktarea_t *area, sigsubpkttype_t reqtype ) * Note: All pointers into sig->[un]hashed (e.g. returned by * parse_sig_subpkt) are not valid after a call to this function. The * data to put into the subpaket should be in a buffer with a length - * of buflen. + * of buflen. */ void build_sig_subpkt (PKT_signature *sig, sigsubpkttype_t type, @@ -736,7 +736,7 @@ build_sig_subpkt (PKT_signature *sig, sigsubpkttype_t type, case SIGSUBPKT_SIGNATURE: hashed = 0; break; - default: + default: hashed = 1; break; } @@ -787,7 +787,7 @@ build_sig_subpkt (PKT_signature *sig, sigsubpkttype_t type, memcpy (p, buffer, buflen); } - if (hashed) + if (hashed) sig->hashed = newarea; else sig->unhashed = newarea; @@ -1196,6 +1196,8 @@ write_header( IOBUF out, int ctb, u32 len ) static int write_sign_packet_header( IOBUF out, int ctb, u32 len ) { + (void)ctb; + /* work around a bug in the pgp read function for signature packets, * which are not correctly coded and silently assume at some * point 2 byte length headers.*/ @@ -1305,6 +1307,8 @@ write_new_header( IOBUF out, int ctb, u32 len, int hdrlen ) static int write_version( IOBUF out, int ctb ) { + (void)ctb; + if( iobuf_put( out, 3 ) ) return -1; return 0; diff --git a/g10/getkey.c b/g10/getkey.c index 4506c7c92..9cb5b9504 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -195,7 +195,7 @@ get_primary_uid ( KBNODE keyblock, size_t *uidlen ) *uidlen = k->pkt->pkt.user_id->len; return k->pkt->pkt.user_id->name; } - } + } s = user_id_not_found_utf8 (); *uidlen = strlen (s); return s; @@ -303,7 +303,7 @@ pk_from_block ( GETKEY_CTX ctx, PKT_public_key *pk, KBNODE keyblock ) assert ( a->pkt->pkttype == PKT_PUBLIC_KEY || a->pkt->pkttype == PKT_PUBLIC_SUBKEY ); - + copy_public_key ( pk, a->pkt->pkt.public_key ); } @@ -315,7 +315,7 @@ sk_from_block ( GETKEY_CTX ctx, assert ( a->pkt->pkttype == PKT_SECRET_KEY || a->pkt->pkttype == PKT_SECRET_SUBKEY ); - + copy_secret_key( sk, a->pkt->pkt.secret_key); } @@ -400,7 +400,7 @@ get_pubkey_fast (PKT_public_key *pk, u32 *keyid) KEYDB_HANDLE hd; KBNODE keyblock; u32 pkid[2]; - + assert (pk); #if MAX_PK_CACHE_ENTRIES { /* Try to get it from the cache */ @@ -427,7 +427,7 @@ get_pubkey_fast (PKT_public_key *pk, u32 *keyid) } rc = keydb_get_keyblock (hd, &keyblock); keydb_release (hd); - if (rc) + if (rc) { log_error ("keydb_get_keyblock failed: %s\n", g10_errstr(rc)); return G10ERR_NO_PUBKEY; @@ -561,8 +561,8 @@ seckey_available( u32 *keyid ) * must be in the range 0..9), this is considered a fingerprint. * - If the username starts with a left angle, we assume it is a complete * email address and look only at this part. - * - If the username starts with a colon we assume it is a unified - * key specfification. + * - If the username starts with a colon we assume it is a unified + * key specfification. * - If the username starts with a '.', we assume it is the ending * part of an email address * - If the username starts with an '@', we assume it is a part of an @@ -583,7 +583,7 @@ classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc ) const char *s; int hexprefix = 0; int hexlength; - int mode = 0; + int mode = 0; KEYDB_SEARCH_DESC dummy_desc; if (!desc) @@ -642,12 +642,12 @@ classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc ) case '#': /* local user id */ return 0; /* This is now obsolete and van't not be used anymore*/ - + case ':': /*Unified fingerprint */ - { + { const char *se, *si; int i; - + se = strchr( ++s,':'); if ( !se ) return 0; @@ -657,15 +657,15 @@ classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc ) } if (i != 32 && i != 40) return 0; /* invalid length of fpr*/ - for (i=0,si=s; si < se; i++, si +=2) + for (i=0,si=s; si < se; i++, si +=2) desc->u.fpr[i] = hextobyte(si); for ( ; i < 20; i++) desc->u.fpr[i]= 0; s = se + 1; mode = KEYDB_SEARCH_MODE_FPR; - } + } break; - + default: if (s[0] == '0' && s[1] == 'x') { hexprefix = 1; @@ -715,7 +715,7 @@ classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc ) int i; if (hexlength == 33) s++; - memset(desc->u.fpr+16, 0, 4); + memset(desc->u.fpr+16, 0, 4); for (i=0; i < 16; i++, s+=2) { int c = hextobyte(s); if (c == -1) @@ -754,11 +754,13 @@ classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc ) static int -skip_unusable(void *dummy,u32 *keyid,PKT_user_id *uid) +skip_unusable(void *dummy, u32 *keyid,PKT_user_id *uid) { int unusable=0; KBNODE keyblock; + (void)dummy; + keyblock=get_pubkeyblock(keyid); if(!keyblock) { @@ -815,7 +817,7 @@ key_byname( GETKEY_CTX *retctx, STRLIST namelist, STRLIST r; GETKEY_CTX ctx; KBNODE help_kb = NULL; - + if( retctx ) {/* reset the returned context in case of error */ assert (!ret_kdbhd); /* not allowed because the handle is stored in the context */ @@ -844,7 +846,7 @@ key_byname( GETKEY_CTX *retctx, STRLIST namelist, for(n=0, r=namelist; r; r = r->next, n++ ) { classify_user_id (r->d, &ctx->items[n]); - + if (ctx->items[n].exact) ctx->exact = 1; if (!ctx->items[n].mode) @@ -863,7 +865,7 @@ key_byname( GETKEY_CTX *retctx, STRLIST namelist, } ctx->kr_handle = keydb_new (secmode); - if ( !ret_kb ) + if ( !ret_kb ) ret_kb = &help_kb; if( secmode ) { @@ -1054,7 +1056,7 @@ get_pubkey_next( GETKEY_CTX ctx, PKT_public_key *pk, KBNODE *ret_keyblock ) rc = lookup( ctx, ret_keyblock, 0 ); if ( !rc && pk && ret_keyblock ) pk_from_block ( ctx, pk, *ret_keyblock ); - + return rc; } @@ -1074,7 +1076,7 @@ get_pubkey_end( GETKEY_CTX ctx ) * Search for a key with the given fingerprint. * FIXME: * We should replace this with the _byname function. Thiscsan be done - * by creating a userID conforming to the unified fingerprint style. + * by creating a userID conforming to the unified fingerprint style. */ int get_pubkey_byfprint( PKT_public_key *pk, @@ -1120,10 +1122,10 @@ get_pubkey_byfprint_fast (PKT_public_key *pk, KBNODE keyblock; byte fprbuf[MAX_FINGERPRINT_LEN]; int i; - + for (i=0; i < MAX_FINGERPRINT_LEN && i < fprint_len; i++) fprbuf[i] = fprint[i]; - while (i < MAX_FINGERPRINT_LEN) + while (i < MAX_FINGERPRINT_LEN) fprbuf[i++] = 0; hd = keydb_new (0); @@ -1135,12 +1137,12 @@ get_pubkey_byfprint_fast (PKT_public_key *pk, } rc = keydb_get_keyblock (hd, &keyblock); keydb_release (hd); - if (rc) + if (rc) { log_error ("keydb_get_keyblock failed: %s\n", g10_errstr(rc)); return G10ERR_NO_PUBKEY; } - + assert ( keyblock->pkt->pkttype == PKT_PUBLIC_KEY || keyblock->pkt->pkttype == PKT_PUBLIC_SUBKEY ); if (pk) @@ -1216,7 +1218,7 @@ get_seckey_byname2( GETKEY_CTX *retctx, return rc; } -int +int get_seckey_byname( PKT_secret_key *sk, const char *name, int unlock ) { return get_seckey_byname2 ( NULL, sk, name, unlock, NULL ); @@ -1255,7 +1257,7 @@ get_seckey_end( GETKEY_CTX ctx ) * Search for a key with the given fingerprint. * FIXME: * We should replace this with the _byname function. Thiscsan be done - * by creating a userID conforming to the unified fingerprint style. + * by creating a userID conforming to the unified fingerprint style. */ int get_seckey_byfprint( PKT_secret_key *sk, @@ -1295,10 +1297,10 @@ get_seckeyblock_byfprint (KBNODE *ret_keyblock, const byte *fprint, { int rc; struct getkey_ctx_s ctx; - + if (fprint_len != 20 && fprint_len == 16) return G10ERR_GENERAL; /* Oops */ - + memset (&ctx, 0, sizeof ctx); ctx.not_allocated = 1; ctx.kr_handle = keydb_new (1); @@ -1309,7 +1311,7 @@ get_seckeyblock_byfprint (KBNODE *ret_keyblock, const byte *fprint, memcpy (ctx.items[0].u.fpr, fprint, fprint_len); rc = lookup (&ctx, ret_keyblock, 1); get_seckey_end (&ctx); - + return rc; } @@ -1525,7 +1527,7 @@ fixup_uidnode ( KBNODE uidnode, KBNODE signode, u32 keycreated ) /* We could also query this from the unhashed area if it is not in * the hased area and then later try to decide which is the better * there should be no security problem with this. - * For now we only look at the hashed one. + * For now we only look at the hashed one. */ /* Now build the preferences list. These must come from the @@ -1537,7 +1539,7 @@ fixup_uidnode ( KBNODE uidnode, KBNODE signode, u32 keycreated ) hash = p; nhash = p?n:0; p = parse_sig_subpkt ( sig->hashed, SIGSUBPKT_PREF_COMPR, &n ); zip = p; nzip = p?n:0; - if (uid->prefs) + if (uid->prefs) xfree (uid->prefs); n = nsym + nhash + nzip; if (!n) @@ -1632,7 +1634,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo) for(k=keyblock; k && k->pkt->pkttype != PKT_USER_ID; k = k->next ) { if ( k->pkt->pkttype == PKT_SIGNATURE ) { PKT_signature *sig = k->pkt->pkt.signature; - if ( sig->keyid[0] == kid[0] && sig->keyid[1]==kid[1] ) { + if ( sig->keyid[0] == kid[0] && sig->keyid[1]==kid[1] ) { if ( check_key_signature( keyblock, k, NULL ) ) ; /* signature did not verify */ else if ( IS_KEY_REV (sig) ){ @@ -1642,9 +1644,9 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo) * here because we have to assume that an attacker can * generate all kinds of signatures. However due to the * fact that the key has been revoked it does not harm - * either and by continuing we gather some more info on + * either and by continuing we gather some more info on * that key. - */ + */ *r_revoked = 1; sig_to_revoke_info(sig,rinfo); } @@ -1732,7 +1734,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo) key_expire_seen = 1; } - /* mark that key as valid: one direct key signature should + /* mark that key as valid: one direct key signature should * render a key as valid */ pk->is_valid = 1; } @@ -1751,7 +1753,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo) if(IS_KEY_REV(sig) && (sig->keyid[0]!=kid[0] || sig->keyid[1]!=kid[1])) - { + { int rc=check_revocation_keys(pk,sig); if(rc==0) { @@ -1781,7 +1783,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo) sigdate = 0; /* helper to find the latest signature in one user ID */ for(k=keyblock; k && k->pkt->pkttype != PKT_PUBLIC_SUBKEY; k = k->next ) { if ( k->pkt->pkttype == PKT_USER_ID ) { - if ( uidnode && signode ) + if ( uidnode && signode ) { fixup_uidnode ( uidnode, signode, keytimestamp ); pk->is_valid=1; @@ -1792,7 +1794,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo) } else if ( k->pkt->pkttype == PKT_SIGNATURE && uidnode ) { PKT_signature *sig = k->pkt->pkt.signature; - if ( sig->keyid[0] == kid[0] && sig->keyid[1]==kid[1] ) { + if ( sig->keyid[0] == kid[0] && sig->keyid[1]==kid[1] ) { if ( check_key_signature( keyblock, k, NULL ) ) ; /* signature did not verify */ else if ( (IS_UID_SIG (sig) || IS_UID_REV (sig)) @@ -1887,7 +1889,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo) /* Now that we had a look at all user IDs we can now get some information * from those user IDs. */ - + if ( !key_usage ) { /* find the latest user ID with key flags set */ uiddate = 0; /* helper to find the latest user ID */ @@ -1908,17 +1910,17 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo) else { /* check that the usage matches the usage as given by the algo */ int x = openpgp_pk_algo_usage ( pk->pubkey_algo ); if ( x ) /* mask it down to the actual allowed usage */ - key_usage &= x; + key_usage &= x; } /* Whatever happens, it's a primary key, so it can certify. */ pk->pubkey_usage = key_usage|PUBKEY_USAGE_CERT; if ( !key_expire_seen ) { - /* find the latest valid user ID with a key expiration set + /* find the latest valid user ID with a key expiration set * Note, that this may be a different one from the above because * some user IDs may have no expiration date set */ - uiddate = 0; + uiddate = 0; for(k=keyblock; k && k->pkt->pkttype != PKT_PUBLIC_SUBKEY; k = k->next ) { if ( k->pkt->pkttype == PKT_USER_ID ) { @@ -1989,7 +1991,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo) if ( k->pkt->pkttype == PKT_USER_ID && !k->pkt->pkt.user_id->attrib_data) { PKT_user_id *uid = k->pkt->pkt.user_id; - if ( k != uidnode ) + if ( k != uidnode ) uid->is_primary = 0; } } @@ -2093,7 +2095,7 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode ) k = k->next ) { if ( k->pkt->pkttype == PKT_SIGNATURE ) { sig = k->pkt->pkt.signature; - if ( sig->keyid[0] == mainkid[0] && sig->keyid[1]==mainkid[1] ) { + if ( sig->keyid[0] == mainkid[0] && sig->keyid[1]==mainkid[1] ) { if ( check_key_signature( keyblock, k, NULL ) ) ; /* signature did not verify */ else if ( IS_SUBKEY_REV (sig) ) { @@ -2107,7 +2109,7 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode ) does this the same way. */ subpk->is_revoked = 1; sig_to_revoke_info(sig,&subpk->revoked); - /* although we could stop now, we continue to + /* although we could stop now, we continue to * figure out other information like the old expiration * time */ } @@ -2144,11 +2146,11 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode ) /* check that the usage matches the usage as given by the algo */ int x = openpgp_pk_algo_usage ( subpk->pubkey_algo ); if ( x ) /* mask it down to the actual allowed usage */ - key_usage &= x; + key_usage &= x; } subpk->pubkey_usage = key_usage; - + p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL); if ( p && buffer_to_u32(p) ) key_expire = keytimestamp + buffer_to_u32(p); @@ -2240,7 +2242,7 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode ) } -/* +/* * Merge information from the self-signatures with the key, so that * we can later use them more easy. * The function works by first applying the self signatures to the @@ -2250,7 +2252,7 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode ) * We check all self signatures or validity and ignore all invalid signatures. * All signatures are then ordered by their creation date .... * For the primary key: - * FIXME the docs + * FIXME the docs */ static void merge_selfsigs( KBNODE keyblock ) @@ -2311,7 +2313,7 @@ merge_selfsigs( KBNODE keyblock ) * which user ID the key has been selected. * fixme: we should keep atoms of commonly used preferences or * use reference counting to optimize the preference lists storage. - * FIXME: it might be better to use the intersection of + * FIXME: it might be better to use the intersection of * all preferences. * Do a similar thing for the MDC feature flag. */ @@ -2325,7 +2327,7 @@ merge_selfsigs( KBNODE keyblock ) mdc_feature = k->pkt->pkt.user_id->flags.mdc; break; } - } + } for(k=keyblock; k; k = k->next ) { if ( k->pkt->pkttype == PKT_PUBLIC_KEY || k->pkt->pkttype == PKT_PUBLIC_SUBKEY ) { @@ -2353,7 +2355,7 @@ merge_public_with_secret ( KBNODE pubblock, KBNODE secblock ) assert ( pubblock->pkt->pkttype == PKT_PUBLIC_KEY ); assert ( secblock->pkt->pkttype == PKT_SECRET_KEY ); - + for (pub=pubblock; pub; pub = pub->next ) { if ( pub->pkt->pkttype == PKT_PUBLIC_KEY ) { PKT_public_key *pk = pub->pkt->pkt.public_key; @@ -2385,7 +2387,7 @@ merge_public_with_secret ( KBNODE pubblock, KBNODE secblock ) } } } - if ( !sec ) + if ( !sec ) BUG(); /* already checked in premerge */ } } @@ -2404,7 +2406,7 @@ premerge_public_with_secret ( KBNODE pubblock, KBNODE secblock ) assert ( pubblock->pkt->pkttype == PKT_PUBLIC_KEY ); assert ( secblock->pkt->pkttype == PKT_SECRET_KEY ); - + for (pub=pubblock,last=NULL; pub; last = pub, pub = pub->next ) { pub->flag &= ~3; /* reset bits 0 and 1 */ if ( pub->pkt->pkttype == PKT_PUBLIC_SUBKEY ) { @@ -2433,14 +2435,14 @@ premerge_public_with_secret ( KBNODE pubblock, KBNODE secblock ) if (opt.verbose) log_info (_("no secret subkey" - " for public subkey %s - ignoring\n"), + " for public subkey %s - ignoring\n"), keystr_from_pk (pk)); /* we have to remove the subkey in this case */ assert ( last ); /* find the next subkey */ for (next=pub->next,ll=pub; next && next->pkt->pkttype != PKT_PUBLIC_SUBKEY; - ll = next, next = next->next ) + ll = next, next = next->next ) ; /* make new link */ last->next = next; @@ -2510,7 +2512,7 @@ finish_lookup (GETKEY_CTX ctx) u32 curtime = make_timestamp (); assert( keyblock->pkt->pkttype == PKT_PUBLIC_KEY ); - + ctx->found_key = NULL; if (ctx->exact) { @@ -2579,7 +2581,7 @@ finish_lookup (GETKEY_CTX ctx) log_debug( "\tsubkey not yet valid\n"); continue; } - + if ( !((pk->pubkey_usage&USAGE_MASK) & req_usage) ) { if (DBG_CACHE) log_debug( "\tusage does not match: want=%x have=%x\n", @@ -2596,7 +2598,7 @@ finish_lookup (GETKEY_CTX ctx) } } - /* Okay now try the primary key unless we want an exact + /* Okay now try the primary key unless we want an exact * key ID match on a subkey */ if ((!latest_key && !(ctx->exact && foundk != keyblock)) || req_prim) { PKT_public_key *pk; @@ -2628,7 +2630,7 @@ finish_lookup (GETKEY_CTX ctx) latest_date = pk->timestamp; } } - + if ( !latest_key ) { if (DBG_CACHE) log_debug("\tno suitable key found - giving up\n"); @@ -2645,8 +2647,8 @@ finish_lookup (GETKEY_CTX ctx) if (pk->user_id) free_user_id (pk->user_id); pk->user_id = scopy_user_id (foundu); - } - + } + ctx->found_key = latest_key; if (latest_key != keyblock && opt.verbose) @@ -2659,7 +2661,7 @@ finish_lookup (GETKEY_CTX ctx) } cache_user_id( keyblock ); - + return 1; /* found */ } @@ -2670,7 +2672,7 @@ lookup( GETKEY_CTX ctx, KBNODE *ret_keyblock, int secmode ) int rc; KBNODE secblock = NULL; /* helper */ int no_suitable_key = 0; - + rc = 0; while (!(rc = keydb_search (ctx->kr_handle, ctx->items, ctx->nitems))) { /* If we are searching for the first key we have to make sure @@ -2685,13 +2687,13 @@ lookup( GETKEY_CTX ctx, KBNODE *ret_keyblock, int secmode ) rc = 0; goto skip; } - + if ( secmode ) { - /* find the correspondig public key and use this + /* find the correspondig public key and use this * this one for the selection process */ u32 aki[2]; KBNODE k = ctx->keyblock; - + if (k->pkt->pkttype != PKT_SECRET_KEY) BUG(); @@ -2726,7 +2728,7 @@ lookup( GETKEY_CTX ctx, KBNODE *ret_keyblock, int secmode ) } else no_suitable_key = 1; - + skip: /* release resources and continue search */ if ( secmode ) { @@ -2765,8 +2767,8 @@ lookup( GETKEY_CTX ctx, KBNODE *ret_keyblock, int secmode ) /**************** - * FIXME: Replace by the generic function - * It does not work as it is right now - it is used at + * FIXME: Replace by the generic function + * It does not work as it is right now - it is used at * 2 places: a) to get the key for an anonyous recipient * b) to get the ultimately trusted keys. * The a) usage might have some problems. @@ -2832,7 +2834,7 @@ enum_secret_keys( void **context, PKT_secret_key *sk, } release_kbnode (c->keyblock); c->keyblock = c->node = NULL; - + rc = c->first? keydb_search_first (c->hd) : keydb_search_next (c->hd); c->first = 0; if (rc) { @@ -2840,7 +2842,7 @@ enum_secret_keys( void **context, PKT_secret_key *sk, c->eof = 1; return -1; /* eof */ } - + rc = keydb_get_keyblock (c->hd, &c->keyblock); c->node = c->keyblock; } while (!rc); @@ -2999,7 +3001,7 @@ parse_auto_key_locate(char *options) continue; /* For now we silently ignore the new methods introduced with - 2.0.10. */ + 2.0.10. */ if (!ascii_strcasecmp (tok,"nodefault") || !ascii_strcasecmp (tok,"local")) continue; diff --git a/g10/gpg.c b/g10/gpg.c index cf2f51b68..28841c0aa 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -279,7 +279,7 @@ enum cmd_and_opt_values oS2KDigest, oS2KCipher, oS2KCount, - oSimpleSKChecksum, + oSimpleSKChecksum, oDisplayCharset, oNotDashEscaped, oEscapeFrom, @@ -308,7 +308,7 @@ enum cmd_and_opt_values oNoAllowNonSelfsignedUID, oAllowFreeformUID, oNoAllowFreeformUID, - oAllowSecretKeyImport, + oAllowSecretKeyImport, oEnableSpecialFilenames, oNoLiteral, oSetFilesize, @@ -992,7 +992,7 @@ open_info_file (const char *fname, int for_write) sensitive information may be retrieved by means of error messages. */ return -1; -#else +#else int fd; /* if (is_secured_filename (fname)) */ @@ -1015,7 +1015,7 @@ open_info_file (const char *fname, int for_write) if ( fd == -1) log_error ( for_write? _("can't create `%s': %s\n") : _("can't open `%s': %s\n"), fname, strerror(errno)); - + return fd; #endif } @@ -1678,7 +1678,7 @@ parse_trust_model(const char *model) /* Must be called before we open any files. */ static void reopen_std(void) -{ +{ #if defined(HAVE_STAT) && !defined(HAVE_W32_SYSTEM) struct stat statbuf; int did_stdin=0,did_stdout=0,did_stderr=0; @@ -1775,7 +1775,7 @@ get_default_configname (void) if (configname) { char *tok; - + xfree (configname); configname = NULL; @@ -1786,13 +1786,13 @@ get_default_configname (void) else break; } - + configname = make_filename (opt.homedir, name, NULL); } while (access (configname, R_OK)); xfree(name); - + if (! configname) configname = make_filename (opt.homedir, "gpg" EXTSEP_S "conf", NULL); if (! access (configname, R_OK)) @@ -1930,9 +1930,9 @@ main (int argc, char **argv ) #elif defined(__APPLE__) opt.pcsc_driver = "/System/Library/Frameworks/PCSC.framework/PCSC"; #elif defined(__GLIBC__) - opt.pcsc_driver = "libpcsclite.so.1"; + opt.pcsc_driver = "libpcsclite.so.1"; #else - opt.pcsc_driver = "libpcsclite.so"; + opt.pcsc_driver = "libpcsclite.so"; #endif opt.disable_keypad = 1; /* No keypad support; use gpg2 instead. */ #endif /*ENABLE_CARD_SUPPORT*/ @@ -2079,19 +2079,19 @@ main (int argc, char **argv ) { switch( pargs.r_opt ) { - case aCheckKeys: + case aCheckKeys: case aListConfig: case aGPGConfList: case aGPGConfTest: case aListPackets: - case aImport: - case aFastImport: - case aSendKeys: - case aRecvKeys: + case aImport: + case aFastImport: + case aSendKeys: + case aRecvKeys: case aSearchKeys: case aRefreshKeys: case aFetchKeys: - case aExport: + case aExport: set_cmd (&cmd, pargs.r_opt); break; case aListKeys: set_cmd( &cmd, aListKeys); break; @@ -2104,7 +2104,7 @@ main (int argc, char **argv ) break; case aDeleteSecretAndPublicKeys: set_cmd( &cmd, aDeleteSecretAndPublicKeys); - greeting=1; + greeting=1; break; case aDeleteKeys: set_cmd( &cmd, aDeleteKeys); greeting=1; break; @@ -2205,7 +2205,7 @@ main (int argc, char **argv ) case oDebug: opt.debug |= pargs.r.ret_ulong; break; case oDebugAll: opt.debug = ~0; break; case oDebugLevel: break; /* Not supported. */ - case oDebugCCIDDriver: + case oDebugCCIDDriver: #if defined(ENABLE_CARD_SUPPORT) && defined(HAVE_LIBUSB) ccid_set_debug_level (ccid_set_debug_level (1)+1); #endif @@ -2549,7 +2549,7 @@ main (int argc, char **argv ) case oCommandFile: opt.command_fd = open_info_file (pargs.r.ret_str, 0); break; - case oCipherAlgo: + case oCipherAlgo: def_cipher_string = xstrdup(pargs.r.ret_str); break; case oDigestAlgo: @@ -2855,8 +2855,8 @@ main (int argc, char **argv ) opt.exit_on_status_write_error = 1; break; - case oLimitCardInsertTries: - opt.limit_card_insert_tries = pargs.r.ret_int; + case oLimitCardInsertTries: + opt.limit_card_insert_tries = pargs.r.ret_int; break; case oRequireCrossCert: opt.flags.require_cross_cert=1; break; @@ -2967,7 +2967,7 @@ main (int argc, char **argv ) "--no-literal" ); } -#ifndef ENABLE_AGENT_SUPPORT +#ifndef ENABLE_AGENT_SUPPORT if (opt.use_agent) { log_info(_("NOTE: %s is not available in this version\n"), "--use-agent"); @@ -3088,7 +3088,9 @@ main (int argc, char **argv ) if(opt.def_cipher_algo==0 && (ascii_strcasecmp(def_cipher_string,"idea")==0 || ascii_strcasecmp(def_cipher_string,"s1")==0)) - idea_cipher_warn(1); + { + idea_cipher_warn(1); + } xfree(def_cipher_string); def_cipher_string = NULL; if( check_cipher_algo(opt.def_cipher_algo) ) log_error(_("selected cipher algorithm is invalid\n")); @@ -3305,13 +3307,13 @@ main (int argc, char **argv ) case of "-kvv userid keyring". Also avoid adding the secret keyring for a couple of commands to avoid unneeded access in case the secrings are stored on a floppy. - + We always need to add the keyrings if we are running under SELinux, this is so that the rings are added to the list of secured files. */ - if( ALWAYS_ADD_KEYRINGS + if( ALWAYS_ADD_KEYRINGS || (cmd != aDeArmor && cmd != aEnArmor - && !(cmd == aKMode && argc == 2 )) ) + && !(cmd == aKMode && argc == 2 )) ) { if (ALWAYS_ADD_KEYRINGS || (cmd != aCheckKeys && cmd != aListSigs && cmd != aListKeys @@ -3358,11 +3360,11 @@ main (int argc, char **argv ) switch (cmd) { - case aStore: - case aSym: - case aSign: - case aSignSym: - case aClearsign: + case aStore: + case aSym: + case aSign: + case aSignSym: + case aClearsign: if (!opt.quiet && any_explicit_recipient) log_info (_("WARNING: recipients (-r) given " "without using public key encryption\n")); @@ -3522,7 +3524,7 @@ main (int argc, char **argv ) log_error("decrypt_message failed: %s\n", g10_errstr(rc) ); } break; - + case aSignKey: if( argc != 1 ) wrong_args(_("--sign-key user-id")); @@ -3901,7 +3903,7 @@ main (int argc, char **argv ) wrong_args("--import-ownertrust [file]"); import_ownertrust( argc? *argv:NULL ); break; - + case aPipeMode: if ( argc ) wrong_args ("--pipemode"); @@ -4106,12 +4108,12 @@ print_hashline( MD_HANDLE md, int algo, const char *fname ) { int i, n; const byte *p; - + if ( fname ) { for (p = fname; *p; p++ ) { if ( *p <= 32 || *p > 127 || *p == ':' || *p == '%' ) printf("%%%02X", *p ); - else + else putchar( *p ); } } @@ -4119,7 +4121,7 @@ print_hashline( MD_HANDLE md, int algo, const char *fname ) printf("%d:", algo ); p = md_read( md, algo ); n = md_digest_length(algo); - for(i=0; i < n ; i++, p++ ) + for(i=0; i < n ; i++, p++ ) printf("%02X", *p ); putchar(':'); putchar('\n'); @@ -4177,7 +4179,7 @@ print_mds( const char *fname, int algo ) else { md_final(md); if ( opt.with_colons ) { - if ( algo ) + if ( algo ) print_hashline( md, algo, fname ); else { print_hashline( md, DIGEST_ALGO_MD5, fname ); @@ -4274,7 +4276,7 @@ add_policy_url( const char *string, int which ) sl=add_to_strlist( &opt.sig_policy_url, string ); if(critical) - sl->flags |= 1; + sl->flags |= 1; } static void @@ -4307,5 +4309,5 @@ add_keyserver_url( const char *string, int which ) sl=add_to_strlist( &opt.sig_keyserver_url, string ); if(critical) - sl->flags |= 1; + sl->flags |= 1; } diff --git a/g10/keydb.c b/g10/keydb.c index a0c0e5747..5a62f18c0 100644 --- a/g10/keydb.c +++ b/g10/keydb.c @@ -32,7 +32,7 @@ #include "main.h" /*try_make_homedir ()*/ #include "packet.h" #include "keyring.h" -#include "keydb.h" +#include "keydb.h" #include "i18n.h" static int active_handles; @@ -88,7 +88,7 @@ maybe_create_keyring (char *filename, int force) /* If we don't want to create a new file at all, there is no need to go any further - bail out right here. */ - if (!force) + if (!force) return G10ERR_OPEN_FILE; /* First of all we try to create the home directory. Note, that we @@ -99,9 +99,9 @@ maybe_create_keyring (char *filename, int force) last_slash_in_filename = strrchr (filename, DIRSEP_C); *last_slash_in_filename = 0; if (access(filename, F_OK)) - { + { static int tried; - + if (!tried) { tried = 1; @@ -130,8 +130,8 @@ maybe_create_keyring (char *filename, int force) if (opt.verbose) log_info ("can't allocate lock for `%s'\n", filename ); - if (!force) - return G10ERR_OPEN_FILE; + if (!force) + return G10ERR_OPEN_FILE; else return G10ERR_GENERAL; } @@ -161,7 +161,7 @@ maybe_create_keyring (char *filename, int force) else iobuf = iobuf_create (filename); umask (oldmask); - if (!iobuf) + if (!iobuf) { log_error ( _("error creating keyring `%s': %s\n"), filename, strerror(errno)); @@ -279,7 +279,7 @@ keydb_add_resource (const char *url, int flags, int secret) { if (used_resources >= MAX_KEYDB_RESOURCES) rc = G10ERR_RESOURCE_LIMIT; - else + else { if(flags&2) primary_keyring=token; @@ -338,10 +338,10 @@ keydb_new (int secret) { KEYDB_HANDLE hd; int i, j; - + hd = xmalloc_clear (sizeof *hd); hd->found = -1; - + assert (used_resources <= MAX_KEYDB_RESOURCES); for (i=j=0; i < used_resources; i++) { @@ -365,12 +365,12 @@ keydb_new (int secret) } } hd->used = j; - + active_handles++; return hd; } -void +void keydb_release (KEYDB_HANDLE hd) { int i; @@ -409,19 +409,19 @@ keydb_get_resource_name (KEYDB_HANDLE hd) int idx; const char *s = NULL; - if (!hd) + if (!hd) return NULL; - if ( hd->found >= 0 && hd->found < hd->used) + if ( hd->found >= 0 && hd->found < hd->used) idx = hd->found; - else if ( hd->current >= 0 && hd->current < hd->used) + else if ( hd->current >= 0 && hd->current < hd->used) idx = hd->current; else idx = 0; switch (hd->active[idx].type) { case KEYDB_RESOURCE_TYPE_NONE: - s = NULL; + s = NULL; break; case KEYDB_RESOURCE_TYPE_KEYRING: s = keyring_get_resource_name (hd->active[idx].u.kr); @@ -433,7 +433,7 @@ keydb_get_resource_name (KEYDB_HANDLE hd) -static int +static int lock_all (KEYDB_HANDLE hd) { int i, rc = 0; @@ -490,7 +490,7 @@ unlock_all (KEYDB_HANDLE hd) /* * Return the last found keyring. Caller must free it. * The returned keyblock has the kbode flag bit 0 set for the node with - * the public key used to locate the keyblock or flag bit 1 set for + * the public key used to locate the keyblock or flag bit 1 set for * the user ID node. */ int @@ -501,7 +501,7 @@ keydb_get_keyblock (KEYDB_HANDLE hd, KBNODE *ret_kb) if (!hd) return G10ERR_INV_ARG; - if ( hd->found < 0 || hd->found >= hd->used) + if ( hd->found < 0 || hd->found >= hd->used) return -1; /* nothing found */ switch (hd->active[hd->found].type) { @@ -516,7 +516,7 @@ keydb_get_keyblock (KEYDB_HANDLE hd, KBNODE *ret_kb) return rc; } -/* +/* * update the current keyblock with KB */ int @@ -527,7 +527,7 @@ keydb_update_keyblock (KEYDB_HANDLE hd, KBNODE kb) if (!hd) return G10ERR_INV_ARG; - if ( hd->found < 0 || hd->found >= hd->used) + if ( hd->found < 0 || hd->found >= hd->used) return -1; /* nothing found */ if( opt.dry_run ) @@ -551,8 +551,8 @@ keydb_update_keyblock (KEYDB_HANDLE hd, KBNODE kb) } -/* - * Insert a new KB into one of the resources. +/* + * Insert a new KB into one of the resources. */ int keydb_insert_keyblock (KEYDB_HANDLE hd, KBNODE kb) @@ -560,15 +560,15 @@ keydb_insert_keyblock (KEYDB_HANDLE hd, KBNODE kb) int rc = -1; int idx; - if (!hd) + if (!hd) return G10ERR_INV_ARG; if( opt.dry_run ) return 0; - if ( hd->found >= 0 && hd->found < hd->used) + if ( hd->found >= 0 && hd->found < hd->used) idx = hd->found; - else if ( hd->current >= 0 && hd->current < hd->used) + else if ( hd->current >= 0 && hd->current < hd->used) idx = hd->current; else return G10ERR_GENERAL; @@ -591,7 +591,7 @@ keydb_insert_keyblock (KEYDB_HANDLE hd, KBNODE kb) } -/* +/* * The current keyblock will be deleted. */ int @@ -602,7 +602,7 @@ keydb_delete_keyblock (KEYDB_HANDLE hd) if (!hd) return G10ERR_INV_ARG; - if ( hd->found < 0 || hd->found >= hd->used) + if ( hd->found < 0 || hd->found >= hd->used) return -1; /* nothing found */ if( opt.dry_run ) @@ -629,16 +629,18 @@ keydb_delete_keyblock (KEYDB_HANDLE hd) /* * Locate the default writable key resource, so that the next * operation (which is only relevant for inserts) will be done on this - * resource. + * resource. */ int keydb_locate_writable (KEYDB_HANDLE hd, const char *reserved) { int rc; - + + (void)reserved; + if (!hd) return G10ERR_INV_ARG; - + rc = keydb_search_reset (hd); /* this does reset hd->current */ if (rc) return rc; @@ -662,9 +664,9 @@ keydb_locate_writable (KEYDB_HANDLE hd, const char *reserved) return rc; } - for ( ; hd->current >= 0 && hd->current < hd->used; hd->current++) + for ( ; hd->current >= 0 && hd->current < hd->used; hd->current++) { - switch (hd->active[hd->current].type) + switch (hd->active[hd->current].type) { case KEYDB_RESOURCE_TYPE_NONE: BUG(); @@ -675,7 +677,7 @@ keydb_locate_writable (KEYDB_HANDLE hd, const char *reserved) break; } } - + return -1; } @@ -686,7 +688,7 @@ void keydb_rebuild_caches (int noisy) { int i, rc; - + for (i=0; i < used_resources; i++) { if (all_resources[i].secret) @@ -707,10 +709,10 @@ keydb_rebuild_caches (int noisy) -/* +/* * Start the next search on this handle right at the beginning */ -int +int keydb_search_reset (KEYDB_HANDLE hd) { int i, rc = 0; @@ -718,7 +720,7 @@ keydb_search_reset (KEYDB_HANDLE hd) if (!hd) return G10ERR_INV_ARG; - hd->current = 0; + hd->current = 0; hd->found = -1; /* and reset all resources */ for (i=0; !rc && i < hd->used; i++) { @@ -730,15 +732,15 @@ keydb_search_reset (KEYDB_HANDLE hd) break; } } - return rc; + return rc; } -/* +/* * Search through all keydb resources, starting at the current position, * for a keyblock which contains one of the keys described in the DESC array. */ -int +int keydb_search2 (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc, size_t ndesc, size_t *descindex) { @@ -758,12 +760,12 @@ keydb_search2 (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc, break; } if (rc == -1) /* EOF -> switch to next resource */ - hd->current++; + hd->current++; else if (!rc) hd->found = hd->current; } - return rc; + return rc; } int diff --git a/g10/keyid.c b/g10/keyid.c index 57e9fc8e9..f04bea635 100644 --- a/g10/keyid.c +++ b/g10/keyid.c @@ -35,7 +35,7 @@ #ifdef HAVE_UNSIGNED_TIME_T # define INVALID_TIME_CHECK(a) ((a) == (time_t)(-1)) -#else +#else /* Error or 32 bit time_t and value after 2038-01-19. */ # define INVALID_TIME_CHECK(a) ((a) < 0) #endif @@ -51,6 +51,8 @@ pubkey_letter( int algo ) case PUBKEY_ALGO_ELGAMAL_E: return 'g'; case PUBKEY_ALGO_ELGAMAL: return 'G' ; case PUBKEY_ALGO_DSA: return 'D' ; + case PUBKEY_ALGO_ECDSA: return 'E' ; /* ECC DSA (sign only) */ + case PUBKEY_ALGO_ECDH: return 'e' ; /* ECC DH (encrypt only) */ default: return '?'; } } @@ -100,7 +102,7 @@ hash_public_key( MD_HANDLE md, PKT_public_key *pk ) u16 days=0; if(pk->expiredate) days=(u16)((pk->expiredate - pk->timestamp) / 86400L); - + md_putc( md, days >> 8 ); md_putc( md, days ); } @@ -175,7 +177,7 @@ keystrlen(void) const char * keystr(u32 *keyid) -{ +{ static char keyid_str[19]; switch(opt.keyid_format) diff --git a/g10/mainproc.c b/g10/mainproc.c index f46895d54..3ffb049bc 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -72,7 +72,7 @@ struct mainproc_context int trustletter; /* Temporary usage in list_node. */ ulong symkeys; struct kidlist_item *pkenc_list; /* List of encryption packets. */ - struct + struct { int op; int stop_now; @@ -135,10 +135,10 @@ add_gpg_control( CTX c, PACKET *pkt ) /* New clear text signature. * Process the last one and reset everything */ release_list(c); - } + } else if ( pkt->pkt.gpg_control->control == CTRLPKT_PIPEMODE ) { /* Pipemode control packet */ - if ( pkt->pkt.gpg_control->datalen < 2 ) + if ( pkt->pkt.gpg_control->datalen < 2 ) log_fatal ("invalid pipemode control packet length\n"); if (pkt->pkt.gpg_control->data[0] == 1) { /* start the whole thing */ @@ -156,10 +156,10 @@ add_gpg_control( CTX c, PACKET *pkt ) /* and tell the outer loop to terminate */ c->pipemode.stop_now = 1; } - else + else log_fatal ("invalid pipemode control packet code\n"); return 0; /* no need to store the packet */ - } + } if( c->list ) /* add another packet */ add_kbnode( c->list, new_kbnode( pkt )); @@ -264,14 +264,16 @@ symkey_decrypt_seskey( DEK *dek, byte *seskey, size_t slen ) resulted in a garbage algorithm byte, but it's close enough since a bogus byte here will fail later. */ if(dek->algo==CIPHER_ALGO_IDEA) - idea_cipher_warn(0); + { + idea_cipher_warn(0); + } memcpy(dek->key, seskey + 1, dek->keylen); /*log_hexdump( "thekey", dek->key, dek->keylen );*/ return 0; -} +} static void proc_symkey_enc( CTX c, PACKET *pkt ) @@ -403,7 +405,7 @@ proc_pubkey_enc( CTX c, PACKET *pkt ) } else if( is_ELGAMAL(enc->pubkey_algo) || enc->pubkey_algo == PUBKEY_ALGO_DSA - || is_RSA(enc->pubkey_algo) + || is_RSA(enc->pubkey_algo) || (RFC2440 && enc->pubkey_algo == PUBKEY_ALGO_ELGAMAL)) { /* Note that we also allow type 20 Elgamal keys for decryption. There are still a couple of those keys in active use as a @@ -464,7 +466,7 @@ print_pkenc_list( struct kidlist_item *list, int failed ) for( ; list; list = list->next ) { PKT_public_key *pk; const char *algstr; - + if ( failed && !list->reason ) continue; if ( !failed && list->reason ) @@ -680,7 +682,7 @@ proc_plaintext( CTX c, PACKET *pkt ) /* check that we have at least the sigclass and one hash */ if ( datalen < 2 ) - log_fatal("invalid control packet CTRLPKT_CLEARSIGN_START\n"); + log_fatal("invalid control packet CTRLPKT_CLEARSIGN_START\n"); /* Note that we don't set the clearsig flag for not-dash-escaped * documents */ clearsig = (*data == 0x01); @@ -764,7 +766,7 @@ proc_plaintext( CTX c, PACKET *pkt ) n = new_kbnode (create_gpg_control (CTRLPKT_PLAINTEXT_MARK, NULL, 0)); if (c->list) add_kbnode (c->list, n); - else + else c->list = n; } @@ -849,7 +851,7 @@ do_check_sig( CTX c, KBNODE node, int *is_selfsig, || sig->sig_class == 0x1f || sig->sig_class == 0x20 || sig->sig_class == 0x28 - || sig->sig_class == 0x30 ) { + || sig->sig_class == 0x30 ) { if( c->list->pkt->pkttype == PKT_PUBLIC_KEY || c->list->pkt->pkttype == PKT_PUBLIC_SUBKEY ) { return check_key_signature( c->list, node, is_selfsig ); @@ -1102,7 +1104,7 @@ list_node( CTX c, KBNODE node ) switch( (rc2=do_check_sig( c, node, &is_selfsig, NULL, NULL )) ) { case 0: sigrc = '!'; break; case G10ERR_BAD_SIGN: sigrc = '-'; break; - case G10ERR_NO_PUBKEY: + case G10ERR_NO_PUBKEY: case G10ERR_UNU_PUBKEY: sigrc = '?'; break; default: sigrc = '%'; break; } @@ -1199,7 +1201,7 @@ proc_signature_packets( void *anchor, IOBUF a, messages, send a NODATA status back and return an error code. Using log_error is required because verify_files does not check error codes for each file but we want to terminate the process - with an error. */ + with an error. */ if (!rc && !c->any_sig_seen) { write_status_text (STATUS_NODATA, "4"); @@ -1334,7 +1336,7 @@ do_proc_packets( CTX c, IOBUF a ) * packet and not to reuse the current one ... It works right * when there is a compression packet inbetween which adds just * an extra layer. - * Hmmm: Rewrite this whole module here?? + * Hmmm: Rewrite this whole module here?? */ if( pkt->pkttype != PKT_SIGNATURE && pkt->pkttype != PKT_MDC ) c->have_data = pkt->pkttype == PKT_PLAINTEXT; @@ -1348,8 +1350,8 @@ do_proc_packets( CTX c, IOBUF a ) else free_packet(pkt); if ( c->pipemode.stop_now ) { - /* we won't get an EOF in pipemode, so we have to - * break the loop here */ + /* we won't get an EOF in pipemode, so we have to + * break the loop here */ rc = -1; break; } @@ -1459,7 +1461,7 @@ check_sig_and_print( CTX c, KBNODE node ) O{1,n} P S{1,n} -- standard OpenPGP signature. C P S{1,n} -- cleartext signature. - + O = One-Pass Signature packet. S = Signature packet. P = OpenPGP Message packet (Encrypted | Compressed | Literal) @@ -1471,7 +1473,7 @@ check_sig_and_print( CTX c, KBNODE node ) C = Marker packet for cleartext signatures. We reject all other messages. - + Actually we are calling this too often, i.e. for verification of each message but better have some duplicate work than to silently introduce a bug here. @@ -1485,7 +1487,7 @@ check_sig_and_print( CTX c, KBNODE node ) n = c->list; assert (n); - if ( n->pkt->pkttype == PKT_SIGNATURE ) + if ( n->pkt->pkttype == PKT_SIGNATURE ) { /* This is either "S{1,n}" case (detached signature) or "S{1,n} P" (old style PGP2 signature). */ @@ -1504,7 +1506,7 @@ check_sig_and_print( CTX c, KBNODE node ) else goto ambiguous; } - else if (n->pkt->pkttype == PKT_ONEPASS_SIG) + else if (n->pkt->pkttype == PKT_ONEPASS_SIG) { /* This is the "O{1,n} P S{1,n}" case (standard signature). */ for (n_onepass=1, n = n->next; @@ -1552,7 +1554,7 @@ check_sig_and_print( CTX c, KBNODE node ) if (n || !n_sig) goto ambiguous; } - else + else { ambiguous: log_error(_("can't handle this ambiguous signature data\n")); @@ -1621,19 +1623,19 @@ check_sig_and_print( CTX c, KBNODE node ) /* If the preferred keyserver thing above didn't work, our second try is to use the URI from a DNS PKA record. */ - if ( rc == G10ERR_NO_PUBKEY + if ( rc == G10ERR_NO_PUBKEY && opt.keyserver_options.options&KEYSERVER_AUTO_KEY_RETRIEVE && opt.keyserver_options.options&KEYSERVER_HONOR_PKA_RECORD) { const char *uri = pka_uri_from_sig (sig); - + if (uri) { /* FIXME: We might want to locate the key using the fingerprint instead of the keyid. */ int res; struct keyserver_spec *spec; - + spec = parse_keyserver_uri (uri, 1, NULL, 0); if (spec) { @@ -1717,7 +1719,7 @@ check_sig_and_print( CTX c, KBNODE node ) keyid_str[17] = 0; /* cut off the "[uncertain]" part */ write_status_text_and_buffer (statno, keyid_str, un->pkt->pkt.user_id->name, - un->pkt->pkt.user_id->len, + un->pkt->pkt.user_id->len, -1 ); p=utf8_to_native(un->pkt->pkt.user_id->name, @@ -1762,7 +1764,7 @@ check_sig_and_print( CTX c, KBNODE node ) write_status_text_and_buffer (statno, keyid_str, un? un->pkt->pkt.user_id->name:"[?]", - un? un->pkt->pkt.user_id->len:3, + un? un->pkt->pkt.user_id->len:3, -1 ); if(un) @@ -1785,7 +1787,7 @@ check_sig_and_print( CTX c, KBNODE node ) fputs("\n", log_stream() ); } - /* If we have a good signature and already printed + /* If we have a good signature and already printed * the primary user ID, print all the other user IDs */ if ( count && !rc && !(opt.verify_options&VERIFY_SHOW_PRIMARY_UID_ONLY) ) { @@ -1882,7 +1884,7 @@ check_sig_and_print( CTX c, KBNODE node ) bufp = bufp + strlen (bufp); if (!vpk->is_primary) { u32 akid[2]; - + akid[0] = vpk->main_keyid[0]; akid[1] = vpk->main_keyid[1]; free_public_key (vpk); @@ -2030,7 +2032,7 @@ proc_tree( CTX c, KBNODE node ) log_error (_("not a detached signature\n") ); return; } - + for( n1 = node; (n1 = find_next_kbnode(n1, PKT_SIGNATURE )); ) check_sig_and_print( c, n1 ); } diff --git a/include/cipher.h b/include/cipher.h index 2bc57d6e1..9c25605a8 100644 --- a/include/cipher.h +++ b/include/cipher.h @@ -47,8 +47,11 @@ #define PUBKEY_ALGO_RSA_S 3 /* RSA sign only */ #define PUBKEY_ALGO_ELGAMAL_E 16 /* encrypt only ElGamal (but not for v3)*/ #define PUBKEY_ALGO_DSA 17 +#define PUBKEY_ALGO_ECDH 18 +#define PUBKEY_ALGO_ECDSA 19 #define PUBKEY_ALGO_ELGAMAL 20 /* sign and encrypt elgamal */ + #define PUBKEY_USAGE_SIG 1 /* key is good for signatures */ #define PUBKEY_USAGE_ENC 2 /* key is good for encryption */ #define PUBKEY_USAGE_CERT 4 /* key is also good to certify other keys*/ @@ -113,7 +116,7 @@ typedef struct gcry_md_context *MD_HANDLE; #if defined (__riscos__) && !defined (INCLUDED_BY_MAIN_MODULE) #define EXTERN_UNLESS_MAIN_MODULE extern #else -#define EXTERN_UNLESS_MAIN_MODULE +#define EXTERN_UNLESS_MAIN_MODULE #endif #endif EXTERN_UNLESS_MAIN_MODULE int g10c_debug_mode;