Add self-signature verification caching

2025-07-03 22:56:33 +02:00 · 2001-03-05 13:59:16 +00:00 · 2001-03-05 13:59:16 +00:00 · 0bd4fc7359
commit 0bd4fc7359
parent fbbcb797c5
11 changed files with 205 additions and 17 deletions
--- a/g10/import.c
+++ b/g10/import.c
@ -57,6 +57,7 @@ static struct {
 static int import( IOBUF inp, int fast, const char* fname, int allow_secret );
 static void print_stats(void);
 static int read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root );
+static void remove_bad_stuff (KBNODE keyblock);
 static int import_one( const char *fname, KBNODE keyblock, int fast );
 static int import_secret_one( const char *fname, KBNODE keyblock, int allow );
 static int import_revoke_cert( const char *fname, KBNODE node );
@ -171,6 +172,7 @@ import( IOBUF inp, int fast, const char* fname, int allow_secret )
    }

    while( !(rc = read_block( inp, &pending_pkt, &keyblock) )) {
+        remove_bad_stuff (keyblock);
 	if( keyblock->pkt->pkttype == PKT_PUBLIC_KEY )
 	    rc = import_one( fname, keyblock, fast );
 	else if( keyblock->pkt->pkttype == PKT_SECRET_KEY ) 
@ -349,6 +351,21 @@ read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root )
 }


+static void
+remove_bad_stuff (KBNODE keyblock)
+{
+    KBNODE node;
+
+    for (node=keyblock; node; node = node->next ) {
+        if( node->pkt->pkttype == PKT_SIGNATURE ) {
+            /* delete the subpackets we use for the verification cache */
+            delete_sig_subpkt (node->pkt->pkt.signature->unhashed_data,
+                               SIGSUBPKT_PRIV_VERIFY_CACHE);
+        }
+    }
+}
+
+
 /****************
 * Try to import one keyblock.	Return an error only in serious cases, but
 * never for an invalid keyblock.  It uses log_error to increase the