security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

Add pubkey letters e and E for ECC.

Browse source 
This does not mean we have any kind of ECC support now.  It is merely
to avoid printing a question mark for the algorithm.

Trailing white space changes as usual.
This commit is contained in:
Werner Koch 2011-07-01 10:21:08 +02:00
parent fc1680abdf
commit 04b0b050ff
7 changed files with 216 additions and 199 deletions
Download patch file Download diff file Expand all files Collapse all files

150
g10/getkey.c
View file

@ -195,7 +195,7 @@ get_primary_uid ( KBNODE keyblock, size_t *uidlen )
*uidlen = k->pkt->pkt.user_id->len;
return k->pkt->pkt.user_id->name;
}
}
}
s = user_id_not_found_utf8 ();
*uidlen = strlen (s);
return s;
@ -303,7 +303,7 @@ pk_from_block ( GETKEY_CTX ctx, PKT_public_key *pk, KBNODE keyblock )
assert ( a->pkt->pkttype == PKT_PUBLIC_KEY
|| a->pkt->pkttype == PKT_PUBLIC_SUBKEY );
copy_public_key ( pk, a->pkt->pkt.public_key );
}
@ -315,7 +315,7 @@ sk_from_block ( GETKEY_CTX ctx,
assert ( a->pkt->pkttype == PKT_SECRET_KEY
|| a->pkt->pkttype == PKT_SECRET_SUBKEY );
copy_secret_key( sk, a->pkt->pkt.secret_key);
}
@ -400,7 +400,7 @@ get_pubkey_fast (PKT_public_key *pk, u32 *keyid)
KEYDB_HANDLE hd;
KBNODE keyblock;
u32 pkid[2];
assert (pk);
#if MAX_PK_CACHE_ENTRIES
{ /* Try to get it from the cache */
@ -427,7 +427,7 @@ get_pubkey_fast (PKT_public_key *pk, u32 *keyid)
}
rc = keydb_get_keyblock (hd, &keyblock);
keydb_release (hd);
if (rc)
if (rc)
{
log_error ("keydb_get_keyblock failed: %s\n", g10_errstr(rc));
return G10ERR_NO_PUBKEY;
@ -561,8 +561,8 @@ seckey_available( u32 *keyid )
* must be in the range 0..9), this is considered a fingerprint.
* - If the username starts with a left angle, we assume it is a complete
* email address and look only at this part.
* - If the username starts with a colon we assume it is a unified
* key specfification.
* - If the username starts with a colon we assume it is a unified
* key specfification.
* - If the username starts with a '.', we assume it is the ending
* part of an email address
* - If the username starts with an '@', we assume it is a part of an
@ -583,7 +583,7 @@ classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc )
const char *s;
int hexprefix = 0;
int hexlength;
int mode = 0;
int mode = 0;
KEYDB_SEARCH_DESC dummy_desc;
if (!desc)
@ -642,12 +642,12 @@ classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc )
case '#': /* local user id */
return 0; /* This is now obsolete and van't not be used anymore*/
case ':': /*Unified fingerprint */
{
{
const char *se, *si;
int i;
se = strchr( ++s,':');
if ( !se )
return 0;
@ -657,15 +657,15 @@ classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc )
}
if (i != 32 && i != 40)
return 0; /* invalid length of fpr*/
for (i=0,si=s; si < se; i++, si +=2)
for (i=0,si=s; si < se; i++, si +=2)
desc->u.fpr[i] = hextobyte(si);
for ( ; i < 20; i++)
desc->u.fpr[i]= 0;
s = se + 1;
mode = KEYDB_SEARCH_MODE_FPR;
}
}
break;
default:
if (s[0] == '0' && s[1] == 'x') {
hexprefix = 1;
@ -715,7 +715,7 @@ classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc )
int i;
if (hexlength == 33)
s++;
memset(desc->u.fpr+16, 0, 4);
memset(desc->u.fpr+16, 0, 4);
for (i=0; i < 16; i++, s+=2) {
int c = hextobyte(s);
if (c == -1)
@ -754,11 +754,13 @@ classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc )
static int
skip_unusable(void *dummy,u32 *keyid,PKT_user_id *uid)
skip_unusable(void *dummy, u32 *keyid,PKT_user_id *uid)
{
int unusable=0;
KBNODE keyblock;
(void)dummy;
keyblock=get_pubkeyblock(keyid);
if(!keyblock)
{
@ -815,7 +817,7 @@ key_byname( GETKEY_CTX *retctx, STRLIST namelist,
STRLIST r;
GETKEY_CTX ctx;
KBNODE help_kb = NULL;
if( retctx ) {/* reset the returned context in case of error */
assert (!ret_kdbhd); /* not allowed because the handle is
stored in the context */
@ -844,7 +846,7 @@ key_byname( GETKEY_CTX *retctx, STRLIST namelist,
for(n=0, r=namelist; r; r = r->next, n++ )
{
classify_user_id (r->d, &ctx->items[n]);
if (ctx->items[n].exact)
ctx->exact = 1;
if (!ctx->items[n].mode)
@ -863,7 +865,7 @@ key_byname( GETKEY_CTX *retctx, STRLIST namelist,
}
ctx->kr_handle = keydb_new (secmode);
if ( !ret_kb )
if ( !ret_kb )
ret_kb = &help_kb;
if( secmode ) {
@ -1054,7 +1056,7 @@ get_pubkey_next( GETKEY_CTX ctx, PKT_public_key *pk, KBNODE *ret_keyblock )
rc = lookup( ctx, ret_keyblock, 0 );
if ( !rc && pk && ret_keyblock )
pk_from_block ( ctx, pk, *ret_keyblock );
return rc;
}
@ -1074,7 +1076,7 @@ get_pubkey_end( GETKEY_CTX ctx )
* Search for a key with the given fingerprint.
* FIXME:
* We should replace this with the _byname function. Thiscsan be done
* by creating a userID conforming to the unified fingerprint style.
* by creating a userID conforming to the unified fingerprint style.
*/
int
get_pubkey_byfprint( PKT_public_key *pk,
@ -1120,10 +1122,10 @@ get_pubkey_byfprint_fast (PKT_public_key *pk,
KBNODE keyblock;
byte fprbuf[MAX_FINGERPRINT_LEN];
int i;
for (i=0; i < MAX_FINGERPRINT_LEN && i < fprint_len; i++)
fprbuf[i] = fprint[i];
while (i < MAX_FINGERPRINT_LEN)
while (i < MAX_FINGERPRINT_LEN)
fprbuf[i++] = 0;
hd = keydb_new (0);
@ -1135,12 +1137,12 @@ get_pubkey_byfprint_fast (PKT_public_key *pk,
}
rc = keydb_get_keyblock (hd, &keyblock);
keydb_release (hd);
if (rc)
if (rc)
{
log_error ("keydb_get_keyblock failed: %s\n", g10_errstr(rc));
return G10ERR_NO_PUBKEY;
}
assert ( keyblock->pkt->pkttype == PKT_PUBLIC_KEY
|| keyblock->pkt->pkttype == PKT_PUBLIC_SUBKEY );
if (pk)
@ -1216,7 +1218,7 @@ get_seckey_byname2( GETKEY_CTX *retctx,
return rc;
}
int
int
get_seckey_byname( PKT_secret_key *sk, const char *name, int unlock )
{
return get_seckey_byname2 ( NULL, sk, name, unlock, NULL );
@ -1255,7 +1257,7 @@ get_seckey_end( GETKEY_CTX ctx )
* Search for a key with the given fingerprint.
* FIXME:
* We should replace this with the _byname function. Thiscsan be done
* by creating a userID conforming to the unified fingerprint style.
* by creating a userID conforming to the unified fingerprint style.
*/
int
get_seckey_byfprint( PKT_secret_key *sk,
@ -1295,10 +1297,10 @@ get_seckeyblock_byfprint (KBNODE *ret_keyblock, const byte *fprint,
{
int rc;
struct getkey_ctx_s ctx;
if (fprint_len != 20 && fprint_len == 16)
return G10ERR_GENERAL; /* Oops */
memset (&ctx, 0, sizeof ctx);
ctx.not_allocated = 1;
ctx.kr_handle = keydb_new (1);
@ -1309,7 +1311,7 @@ get_seckeyblock_byfprint (KBNODE *ret_keyblock, const byte *fprint,
memcpy (ctx.items[0].u.fpr, fprint, fprint_len);
rc = lookup (&ctx, ret_keyblock, 1);
get_seckey_end (&ctx);
return rc;
}
@ -1525,7 +1527,7 @@ fixup_uidnode ( KBNODE uidnode, KBNODE signode, u32 keycreated )
/* We could also query this from the unhashed area if it is not in
* the hased area and then later try to decide which is the better
* there should be no security problem with this.
* For now we only look at the hashed one.
* For now we only look at the hashed one.
*/
/* Now build the preferences list. These must come from the
@ -1537,7 +1539,7 @@ fixup_uidnode ( KBNODE uidnode, KBNODE signode, u32 keycreated )
hash = p; nhash = p?n:0;
p = parse_sig_subpkt ( sig->hashed, SIGSUBPKT_PREF_COMPR, &n );
zip = p; nzip = p?n:0;
if (uid->prefs)
if (uid->prefs)
xfree (uid->prefs);
n = nsym + nhash + nzip;
if (!n)
@ -1632,7 +1634,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo)
for(k=keyblock; k && k->pkt->pkttype != PKT_USER_ID; k = k->next ) {
if ( k->pkt->pkttype == PKT_SIGNATURE ) {
PKT_signature *sig = k->pkt->pkt.signature;
if ( sig->keyid[0] == kid[0] && sig->keyid[1]==kid[1] ) {
if ( sig->keyid[0] == kid[0] && sig->keyid[1]==kid[1] ) {
if ( check_key_signature( keyblock, k, NULL ) )
; /* signature did not verify */
else if ( IS_KEY_REV (sig) ){
@ -1642,9 +1644,9 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo)
* here because we have to assume that an attacker can
* generate all kinds of signatures. However due to the
* fact that the key has been revoked it does not harm
* either and by continuing we gather some more info on
* either and by continuing we gather some more info on
* that key.
*/
*/
*r_revoked = 1;
sig_to_revoke_info(sig,rinfo);
}
@ -1732,7 +1734,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo)
key_expire_seen = 1;
}
/* mark that key as valid: one direct key signature should
/* mark that key as valid: one direct key signature should
* render a key as valid */
pk->is_valid = 1;
}
@ -1751,7 +1753,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo)
if(IS_KEY_REV(sig) &&
(sig->keyid[0]!=kid[0] || sig->keyid[1]!=kid[1]))
{
{
int rc=check_revocation_keys(pk,sig);
if(rc==0)
{
@ -1781,7 +1783,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo)
sigdate = 0; /* helper to find the latest signature in one user ID */
for(k=keyblock; k && k->pkt->pkttype != PKT_PUBLIC_SUBKEY; k = k->next ) {
if ( k->pkt->pkttype == PKT_USER_ID ) {
if ( uidnode && signode )
if ( uidnode && signode )
{
fixup_uidnode ( uidnode, signode, keytimestamp );
pk->is_valid=1;
@ -1792,7 +1794,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo)
}
else if ( k->pkt->pkttype == PKT_SIGNATURE && uidnode ) {
PKT_signature *sig = k->pkt->pkt.signature;
if ( sig->keyid[0] == kid[0] && sig->keyid[1]==kid[1] ) {
if ( sig->keyid[0] == kid[0] && sig->keyid[1]==kid[1] ) {
if ( check_key_signature( keyblock, k, NULL ) )
; /* signature did not verify */
else if ( (IS_UID_SIG (sig) || IS_UID_REV (sig))
@ -1887,7 +1889,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo)
/* Now that we had a look at all user IDs we can now get some information
* from those user IDs.
*/
if ( !key_usage ) {
/* find the latest user ID with key flags set */
uiddate = 0; /* helper to find the latest user ID */
@ -1908,17 +1910,17 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo)
else { /* check that the usage matches the usage as given by the algo */
int x = openpgp_pk_algo_usage ( pk->pubkey_algo );
if ( x ) /* mask it down to the actual allowed usage */
key_usage &= x;
key_usage &= x;
}
/* Whatever happens, it's a primary key, so it can certify. */
pk->pubkey_usage = key_usage|PUBKEY_USAGE_CERT;
if ( !key_expire_seen ) {
/* find the latest valid user ID with a key expiration set
/* find the latest valid user ID with a key expiration set
* Note, that this may be a different one from the above because
* some user IDs may have no expiration date set */
uiddate = 0;
uiddate = 0;
for(k=keyblock; k && k->pkt->pkttype != PKT_PUBLIC_SUBKEY;
k = k->next ) {
if ( k->pkt->pkttype == PKT_USER_ID ) {
@ -1989,7 +1991,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo)
if ( k->pkt->pkttype == PKT_USER_ID &&
!k->pkt->pkt.user_id->attrib_data) {
PKT_user_id *uid = k->pkt->pkt.user_id;
if ( k != uidnode )
if ( k != uidnode )
uid->is_primary = 0;
}
}
@ -2093,7 +2095,7 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
k = k->next ) {
if ( k->pkt->pkttype == PKT_SIGNATURE ) {
sig = k->pkt->pkt.signature;
if ( sig->keyid[0] == mainkid[0] && sig->keyid[1]==mainkid[1] ) {
if ( sig->keyid[0] == mainkid[0] && sig->keyid[1]==mainkid[1] ) {
if ( check_key_signature( keyblock, k, NULL ) )
; /* signature did not verify */
else if ( IS_SUBKEY_REV (sig) ) {
@ -2107,7 +2109,7 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
does this the same way. */
subpk->is_revoked = 1;
sig_to_revoke_info(sig,&subpk->revoked);
/* although we could stop now, we continue to
/* although we could stop now, we continue to
* figure out other information like the old expiration
* time */
}
@ -2144,11 +2146,11 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
/* check that the usage matches the usage as given by the algo */
int x = openpgp_pk_algo_usage ( subpk->pubkey_algo );
if ( x ) /* mask it down to the actual allowed usage */
key_usage &= x;
key_usage &= x;
}
subpk->pubkey_usage = key_usage;
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);
if ( p && buffer_to_u32(p) )
key_expire = keytimestamp + buffer_to_u32(p);
@ -2240,7 +2242,7 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
}
/*
/*
* Merge information from the self-signatures with the key, so that
* we can later use them more easy.
* The function works by first applying the self signatures to the
@ -2250,7 +2252,7 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
* We check all self signatures or validity and ignore all invalid signatures.
* All signatures are then ordered by their creation date ....
* For the primary key:
* FIXME the docs
* FIXME the docs
*/
static void
merge_selfsigs( KBNODE keyblock )
@ -2311,7 +2313,7 @@ merge_selfsigs( KBNODE keyblock )
* which user ID the key has been selected.
* fixme: we should keep atoms of commonly used preferences or
* use reference counting to optimize the preference lists storage.
* FIXME: it might be better to use the intersection of
* FIXME: it might be better to use the intersection of
* all preferences.
* Do a similar thing for the MDC feature flag.
*/
@ -2325,7 +2327,7 @@ merge_selfsigs( KBNODE keyblock )
mdc_feature = k->pkt->pkt.user_id->flags.mdc;
break;
}
}
}
for(k=keyblock; k; k = k->next ) {
if ( k->pkt->pkttype == PKT_PUBLIC_KEY
|| k->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
@ -2353,7 +2355,7 @@ merge_public_with_secret ( KBNODE pubblock, KBNODE secblock )
assert ( pubblock->pkt->pkttype == PKT_PUBLIC_KEY );
assert ( secblock->pkt->pkttype == PKT_SECRET_KEY );
for (pub=pubblock; pub; pub = pub->next ) {
if ( pub->pkt->pkttype == PKT_PUBLIC_KEY ) {
PKT_public_key *pk = pub->pkt->pkt.public_key;
@ -2385,7 +2387,7 @@ merge_public_with_secret ( KBNODE pubblock, KBNODE secblock )
}
}
}
if ( !sec )
if ( !sec )
BUG(); /* already checked in premerge */
}
}
@ -2404,7 +2406,7 @@ premerge_public_with_secret ( KBNODE pubblock, KBNODE secblock )
assert ( pubblock->pkt->pkttype == PKT_PUBLIC_KEY );
assert ( secblock->pkt->pkttype == PKT_SECRET_KEY );
for (pub=pubblock,last=NULL; pub; last = pub, pub = pub->next ) {
pub->flag &= ~3; /* reset bits 0 and 1 */
if ( pub->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
@ -2433,14 +2435,14 @@ premerge_public_with_secret ( KBNODE pubblock, KBNODE secblock )
if (opt.verbose)
log_info (_("no secret subkey"
" for public subkey %s - ignoring\n"),
" for public subkey %s - ignoring\n"),
keystr_from_pk (pk));
/* we have to remove the subkey in this case */
assert ( last );
/* find the next subkey */
for (next=pub->next,ll=pub;
next && next->pkt->pkttype != PKT_PUBLIC_SUBKEY;
ll = next, next = next->next )
ll = next, next = next->next )
;
/* make new link */
last->next = next;
@ -2510,7 +2512,7 @@ finish_lookup (GETKEY_CTX ctx)
u32 curtime = make_timestamp ();
assert( keyblock->pkt->pkttype == PKT_PUBLIC_KEY );
ctx->found_key = NULL;
if (ctx->exact) {
@ -2579,7 +2581,7 @@ finish_lookup (GETKEY_CTX ctx)
log_debug( "\tsubkey not yet valid\n");
continue;
}
if ( !((pk->pubkey_usage&USAGE_MASK) & req_usage) ) {
if (DBG_CACHE)
log_debug( "\tusage does not match: want=%x have=%x\n",
@ -2596,7 +2598,7 @@ finish_lookup (GETKEY_CTX ctx)
}
}
/* Okay now try the primary key unless we want an exact
/* Okay now try the primary key unless we want an exact
* key ID match on a subkey */
if ((!latest_key && !(ctx->exact && foundk != keyblock)) || req_prim) {
PKT_public_key *pk;
@ -2628,7 +2630,7 @@ finish_lookup (GETKEY_CTX ctx)
latest_date = pk->timestamp;
}
}
if ( !latest_key ) {
if (DBG_CACHE)
log_debug("\tno suitable key found - giving up\n");
@ -2645,8 +2647,8 @@ finish_lookup (GETKEY_CTX ctx)
if (pk->user_id)
free_user_id (pk->user_id);
pk->user_id = scopy_user_id (foundu);
}
}
ctx->found_key = latest_key;
if (latest_key != keyblock && opt.verbose)
@ -2659,7 +2661,7 @@ finish_lookup (GETKEY_CTX ctx)
}
cache_user_id( keyblock );
return 1; /* found */
}
@ -2670,7 +2672,7 @@ lookup( GETKEY_CTX ctx, KBNODE *ret_keyblock, int secmode )
int rc;
KBNODE secblock = NULL; /* helper */
int no_suitable_key = 0;
rc = 0;
while (!(rc = keydb_search (ctx->kr_handle, ctx->items, ctx->nitems))) {
/* If we are searching for the first key we have to make sure
@ -2685,13 +2687,13 @@ lookup( GETKEY_CTX ctx, KBNODE *ret_keyblock, int secmode )
rc = 0;
goto skip;
}
if ( secmode ) {
/* find the correspondig public key and use this
/* find the correspondig public key and use this
* this one for the selection process */
u32 aki[2];
KBNODE k = ctx->keyblock;
if (k->pkt->pkttype != PKT_SECRET_KEY)
BUG();
@ -2726,7 +2728,7 @@ lookup( GETKEY_CTX ctx, KBNODE *ret_keyblock, int secmode )
}
else
no_suitable_key = 1;
skip:
/* release resources and continue search */
if ( secmode ) {
@ -2765,8 +2767,8 @@ lookup( GETKEY_CTX ctx, KBNODE *ret_keyblock, int secmode )
/****************
* FIXME: Replace by the generic function
* It does not work as it is right now - it is used at
* FIXME: Replace by the generic function
* It does not work as it is right now - it is used at
* 2 places: a) to get the key for an anonyous recipient
* b) to get the ultimately trusted keys.
* The a) usage might have some problems.
@ -2832,7 +2834,7 @@ enum_secret_keys( void **context, PKT_secret_key *sk,
}
release_kbnode (c->keyblock);
c->keyblock = c->node = NULL;
rc = c->first? keydb_search_first (c->hd) : keydb_search_next (c->hd);
c->first = 0;
if (rc) {
@ -2840,7 +2842,7 @@ enum_secret_keys( void **context, PKT_secret_key *sk,
c->eof = 1;
return -1; /* eof */
}
rc = keydb_get_keyblock (c->hd, &c->keyblock);
c->node = c->keyblock;
} while (!rc);
@ -2999,7 +3001,7 @@ parse_auto_key_locate(char *options)
continue;
/* For now we silently ignore the new methods introduced with
2.0.10. */
2.0.10. */
if (!ascii_strcasecmp (tok,"nodefault")
|| !ascii_strcasecmp (tok,"local"))
continue;