From 0d63a076b046755e4ff0070fb660966fe6aab1c6 Mon Sep 17 00:00:00 2001
From: David Shaw <dshaw@jabberwocky.com>
Date: Thu, 2 May 2002 13:25:59 +0000
Subject: [PATCH] Allow multiple policy URLs on a given signature.

Split "--notation-data" into "--cert-notation" and "--sig-notation" so the
user can set different policies for key and data signing.  For backwards
compatibility, "--notation-data" sets both, as before.
---
 g10/ChangeLog      |  11 +++++
 g10/build-packet.c |   1 +
 g10/g10.c          |  93 ++++++++++++++++++++++++-------------
 g10/keyedit.c      |   2 +-
 g10/options.h      |   7 +--
 g10/sign.c         | 113 +++++++++++++++++++++++++--------------------
 6 files changed, 141 insertions(+), 86 deletions(-)

diff --git a/g10/ChangeLog b/g10/ChangeLog
index 9d07c0a32..16d114af8 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,14 @@
+2002-05-02  David Shaw  <dshaw@jabberwocky.com>
+
+	* build-packet.c (build_sig_subpkt), keyedit.c (sign_uids),
+	options.h, sign.c (mk_notation_and_policy), g10.c (main,
+	add_notation_data, add_policy_url (new), check_policy_url
+	(removed)): Allow multiple policy URLs on a given signature.
+	Split "--notation-data" into "--cert-notation" and
+	"--sig-notation" so the user can set different policies for key
+	and data signing.  For backwards compatibility, "--notation-data"
+	sets both, as before.
+
 2002-05-02  Werner Koch  <wk@gnupg.org>
 
 	* options.skel: Removed the comment on trusted-keys because this
diff --git a/g10/build-packet.c b/g10/build-packet.c
index e6bd9237b..d6d8b4c6c 100644
--- a/g10/build-packet.c
+++ b/g10/build-packet.c
@@ -709,6 +709,7 @@ build_sig_subpkt (PKT_signature *sig, sigsubpkttype_t type,
     switch(type)
       {
       case SIGSUBPKT_NOTATION:
+      case SIGSUBPKT_POLICY:
 	/* we do allow multiple subpackets */
 	break;
 
diff --git a/g10/g10.c b/g10/g10.c
index e5f8d7abb..ab88c1840 100644
--- a/g10/g10.c
+++ b/g10/g10.c
@@ -69,9 +69,11 @@ enum cmd_and_opt_values { aNull = 0,
     oVerbose	  = 'v',
     oCompress	  = 'z',
     oNotation	  = 'N',
+    oBatch	  = 500,
+    oSigNotation,
+    oCertNotation,
     oShowNotation,
     oNoShowNotation,
-    oBatch	  = 500,
     aDecryptFiles,                          
     aClearsign,
     aStore,
@@ -428,7 +430,9 @@ static ARGPARSE_OPTS opts[] = {
     { oShowPhotos,   "show-photos", 0, N_("Show Photo IDs")},
     { oNoShowPhotos, "no-show-photos", 0, N_("Don't show Photo IDs")},
     { oPhotoViewer,  "photo-viewer", 2, N_("Set command line to view Photo IDs")},
-    { oNotation,   "notation-data", 2, N_("|NAME=VALUE|use this notation data")},
+    { oNotation,   "notation-data", 2, "@" },
+    { oSigNotation,   "sig-notation", 2, "@" },
+    { oCertNotation,  "cert-notation", 2, "@" },
 
     { 302, NULL, 0, N_(
   "@\n(See the man page for a complete listing of all commands and options)\n"
@@ -562,8 +566,8 @@ static void set_cmd( enum cmd_and_opt_values *ret_cmd,
 			enum cmd_and_opt_values new_cmd );
 static void print_hex( byte *p, size_t n );
 static void print_mds( const char *fname, int algo );
-static void add_notation_data( const char *string );
-static int  check_policy_url( const char *s );
+static void add_notation_data( const char *string, int which );
+static void add_policy_url( const char *string, int which );
 
 const char *
 strusage( int level )
@@ -1127,9 +1131,12 @@ main( int argc, char **argv )
 	  case oSetFilename: opt.set_filename = pargs.r.ret_str; break;
 	  case oForYourEyesOnly: eyes_only = 1; break;
 	  case oNoForYourEyesOnly: eyes_only = 0; break;
-	  case oSetPolicyURL: opt.sig_policy_url = opt.cert_policy_url = pargs.r.ret_str; break;
-	  case oSigPolicyURL: opt.sig_policy_url = pargs.r.ret_str; break;
-	  case oCertPolicyURL: opt.cert_policy_url = pargs.r.ret_str; break;
+	  case oSetPolicyURL:
+	    add_policy_url(pargs.r.ret_str,0);
+	    add_policy_url(pargs.r.ret_str,1);
+	    break;
+	  case oSigPolicyURL: add_policy_url(pargs.r.ret_str,0); break;
+	  case oCertPolicyURL: add_policy_url(pargs.r.ret_str,1); break;
           case oShowPolicyURL: opt.show_policy_url=1; break;
     	  case oNoShowPolicyURL: opt.show_policy_url=0; break;
 	  case oUseEmbeddedFilename: opt.use_embedded_filename = 1; break;
@@ -1228,7 +1235,12 @@ main( int argc, char **argv )
 		log_error(_("unable to set exec-path to %s\n"),path);
 	    }
 	    break;
-	  case oNotation: add_notation_data( pargs.r.ret_str ); break;
+	  case oNotation:
+	    add_notation_data( pargs.r.ret_str, 0 );
+	    add_notation_data( pargs.r.ret_str, 1 );
+	    break;
+	  case oSigNotation: add_notation_data( pargs.r.ret_str, 0 ); break;
+	  case oCertNotation: add_notation_data( pargs.r.ret_str, 1 ); break;
 	  case oShowNotation: opt.show_notation=1; break;
 	  case oNoShowNotation: opt.show_notation=0; break;
 	  case oUtf8Strings: utf8_strings = 1; break;
@@ -1487,14 +1499,6 @@ main( int argc, char **argv )
 	if( check_digest_algo(opt.s2k_digest_algo) )
 	    log_error(_("selected digest algorithm is invalid\n"));
     }
-    if( opt.sig_policy_url ) {
-	if( check_policy_url( opt.sig_policy_url ) )
-	    log_error(_("the given signature policy URL is invalid\n"));
-    }
-    if( opt.cert_policy_url ) {
-	if( check_policy_url( opt.cert_policy_url ) )
-	    log_error(_("the given certification policy URL is invalid\n"));
-    }
     if( opt.def_compress_algo < 0 || opt.def_compress_algo > 2 )
 	log_error(_("compress algorithm must be in range %d..%d\n"), 0, 2);
     if( opt.completes_needed < 1 )
@@ -2292,17 +2296,23 @@ print_mds( const char *fname, int algo )
 
 /****************
  * Check the supplied name,value string and add it to the notation
- * data to be used for signatures.
- */
+ * data to be used for signatures.  which==0 for sig notations, and 1
+ * for cert notations.
+*/
 static void
-add_notation_data( const char *string )
+add_notation_data( const char *string, int which )
 {
     const char *s;
     const char *s2;
-    STRLIST sl;
+    STRLIST sl,*notation_data;
     int critical=0;
     int highbit=0;
 
+    if(which)
+      notation_data=&opt.cert_notation_data;
+    else
+      notation_data=&opt.sig_notation_data;
+
     if( *string == '!' ) {
 	critical = 1;
 	string++;
@@ -2339,25 +2349,44 @@ add_notation_data( const char *string )
     }
 
     if( highbit )   /* must use UTF8 encoding */
-	sl = add_to_strlist2( &opt.notation_data, string, utf8_strings );
+	sl = add_to_strlist2( notation_data, string, utf8_strings );
     else
-	sl = add_to_strlist( &opt.notation_data, string );
+	sl = add_to_strlist( notation_data, string );
 
     if( critical )
 	sl->flags |= 1;
 }
 
 
-static int
-check_policy_url( const char *s )
+static void
+add_policy_url( const char *string, int which )
 {
-    if( *s == '!' )
-	s++;
-    if( !*s )
-	return -1;
-    for(; *s ; s++ ) {
-	if( (*s & 0x80) || iscntrl(*s) )
-	    return -1;
+  int i,critical=0;
+  STRLIST sl;
+
+  if(*string=='!')
+    {
+      string++;
+      critical=1;
     }
-    return 0;
+
+  for(i=0;i<strlen(string);i++)
+    if(string[i]&0x80 || iscntrl(string[i]))
+      break;
+
+  if(i==0 || i<strlen(string))
+    {
+      if(which)
+	log_error(_("the given certification policy URL is invalid\n"));
+      else
+	log_error(_("the given signature policy URL is invalid\n"));
+    }
+
+  if(which)
+    sl=add_to_strlist( &opt.cert_policy_url, string );
+  else
+    sl=add_to_strlist( &opt.sig_policy_url, string );
+
+  if(critical)
+    sl->flags |= 1;    
 }
diff --git a/g10/keyedit.c b/g10/keyedit.c
index 94a90ea97..858344ceb 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -285,7 +285,7 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
 	   node->pkt->pkt.signature->version>3)
 	  all_v3=0;
 
-    if(local || opt.cert_policy_url || opt.notation_data)
+    if(local || opt.cert_policy_url || opt.cert_notation_data)
       force_v4=1;
 
     /* build a list of all signators.
diff --git a/g10/options.h b/g10/options.h
index 8d98b462f..8236d29dd 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -125,10 +125,11 @@ struct {
     char *temp_dir;
     int no_encrypt_to;
     int interactive;
-    STRLIST notation_data;
+    STRLIST sig_notation_data;
+    STRLIST cert_notation_data;
     int show_notation;
-    const char *sig_policy_url;
-    const char *cert_policy_url;
+    STRLIST sig_policy_url;
+    STRLIST cert_policy_url;
     int show_policy_url;
     int use_embedded_filename;
     int allow_non_selfsigned_uid;
diff --git a/g10/sign.c b/g10/sign.c
index e143694e2..29359bda6 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -61,78 +61,91 @@ mk_notation_and_policy( PKT_signature *sig, PKT_public_key *pk )
     char *s=NULL;
     byte *buf;
     unsigned n1, n2;
+    STRLIST nd=NULL,pu=NULL;
 
     /* notation data */
-    if( opt.notation_data && sig->version < 4 )
-	log_info("can't put notation data into v3 signatures\n");
-    else if( opt.notation_data ) {
-	STRLIST nd = opt.notation_data;
+    if(IS_SIG(sig) && opt.sig_notation_data)
+      {
+	if(sig->version<4)
+	  log_info("can't put notation data into v3 signatures\n");
+	else
+	  nd=opt.sig_notation_data;
+      }
+    else if( IS_CERT(sig) && opt.cert_notation_data )
+      {
+	if(sig->version<4)
+	  log_info("can't put notation data into v3 key signatures\n");
+	else
+	  nd=opt.cert_notation_data;
+      }
 
-	for( ; nd; nd = nd->next )  {
-	    string = nd->d;
-	    s = strchr( string, '=' );
-	    if( !s )
-		BUG(); /* we have already parsed this */
-	    n1 = s - string;
-	    s++;
-	    n2 = strlen(s);
-	    buf = m_alloc( 8 + n1 + n2 );
-	    buf[0] = 0x80; /* human readable */
-	    buf[1] = buf[2] = buf[3] = 0;
-	    buf[4] = n1 >> 8;
-	    buf[5] = n1;
-	    buf[6] = n2 >> 8;
-	    buf[7] = n2;
-	    memcpy(buf+8, string, n1 );
-	    memcpy(buf+8+n1, s, n2 );
-	    build_sig_subpkt( sig, SIGSUBPKT_NOTATION
-			      | ((nd->flags & 1)? SIGSUBPKT_FLAG_CRITICAL:0),
-			      buf, 8+n1+n2 );
-
-	    if(opt.show_notation)
-	      show_notation(sig,0);
-	}
+    for( ; nd; nd = nd->next ) {
+        string = nd->d;
+	s = strchr( string, '=' );
+	if( !s )
+	  BUG(); /* we have already parsed this */
+	n1 = s - string;
+	s++;
+	n2 = strlen(s);
+	buf = m_alloc( 8 + n1 + n2 );
+	buf[0] = 0x80; /* human readable */
+	buf[1] = buf[2] = buf[3] = 0;
+	buf[4] = n1 >> 8;
+	buf[5] = n1;
+	buf[6] = n2 >> 8;
+	buf[7] = n2;
+	memcpy(buf+8, string, n1 );
+	memcpy(buf+8+n1, s, n2 );
+	build_sig_subpkt( sig, SIGSUBPKT_NOTATION
+			  | ((nd->flags & 1)? SIGSUBPKT_FLAG_CRITICAL:0),
+			  buf, 8+n1+n2 );
     }
 
+    if(opt.show_notation)
+      show_notation(sig,0);
+
     /* set policy URL */
     if( IS_SIG(sig) && opt.sig_policy_url )
       {
 	if(sig->version<4)
 	  log_info("can't put a policy URL into v3 signatures\n");
 	else
-	  s=m_strdup(opt.sig_policy_url);
+	  pu=opt.sig_policy_url;
       }
     else if( IS_CERT(sig) && opt.cert_policy_url )
       {
 	if(sig->version<4)
 	  log_info("can't put a policy URL into v3 key signatures\n");
 	else
-	  if(pk)
-	    {
-	      s=pct_expando(opt.cert_policy_url,pk);
-	      if(!s)
-		{
-		  log_error(_("WARNING: unable to %%-expand policy url "
-			      "(too large).  Using unexpanded.\n"));
-		  s=m_strdup(opt.cert_policy_url);
-		}
-	    }
-	  else
-	    s=m_strdup(opt.cert_policy_url);
+	  pu=opt.cert_policy_url;
       }
 
-    if( s ) {
-	if( *s == '!' )
-	    build_sig_subpkt( sig, SIGSUBPKT_POLICY | SIGSUBPKT_FLAG_CRITICAL,
-			      s+1, strlen(s+1) );
+    for(;pu;pu=pu->next)
+      {
+        string = pu->d;
+
+	if(pk)
+	  {
+	    s=pct_expando(string,pk);
+	    if(!s)
+	      {
+		log_error(_("WARNING: unable to %%-expand policy url "
+			    "(too large).  Using unexpanded.\n"));
+		s=m_strdup(string);
+	      }
+	  }
 	else
-	    build_sig_subpkt( sig, SIGSUBPKT_POLICY, s, strlen(s) );
+	  s=m_strdup(string);
 
-	if(opt.show_policy_url)
-	  show_policy_url(sig,0);
-    }
+	build_sig_subpkt(sig,SIGSUBPKT_POLICY|
+			 ((pu->flags & 1)?SIGSUBPKT_FLAG_CRITICAL:0),
+			 s,strlen(s));
 
-    m_free(s);
+	m_free(s);
+      }
+
+    if(opt.show_policy_url)
+      show_policy_url(sig,0);
 }