* parse-packet.c (dump_sig_subpkt, parse_signature), build-packet.c

(build_sig_subpkt_from_sig), getkey.c (fixup_uidnode, merge_selfsigs_main, merge_selfsigs_subkey), keygen.c (keygen_add_key_expire): Fix meaning of key expiration and sig expiration subpackets - zero means "never expire" according to 2440, not "expire instantly".
2024-11-10 21:38:50 +01:00 · 2006-05-23 03:58:53 +00:00 · 2006-05-23 03:58:53 +00:00 · 197c7a3e47
commit 197c7a3e47
parent 3bee120e15
6 changed files with 34 additions and 19 deletions
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,7 +1,11 @@
 2006-05-22  David Shaw  <dshaw@jabberwocky.com>

-	* import.c (import_one): Fix bug when importing a new key from a
-	file.
+	* parse-packet.c (dump_sig_subpkt, parse_signature),
+	build-packet.c (build_sig_subpkt_from_sig), getkey.c
+	(fixup_uidnode, merge_selfsigs_main, merge_selfsigs_subkey),
+	keygen.c (keygen_add_key_expire): Fix meaning of key expiration
+	and sig expiration subpackets - zero means "never expire"
+	according to 2440, not "expire instantly".

 	* getkey.c (get_pubkey_byname), import.c (import_one): Fix key
 	selection problem when auto-key-locate returns a list of keys, not
--- a/g10/build-packet.c
+++ b/g10/build-packet.c
@ -824,7 +824,8 @@ build_sig_subpkt_from_sig( PKT_signature *sig )
 	if(sig->expiredate>sig->timestamp)
 	  u=sig->expiredate-sig->timestamp;
 	else
-	  u=0;
+	  u=1; /* A 1-second expiration time is the shortest one
+		  OpenPGP has */

 	buf[0] = (u >> 24) & 0xff;
 	buf[1] = (u >> 16) & 0xff;
--- a/g10/getkey.c
+++ b/g10/getkey.c
@ -1506,12 +1506,12 @@ fixup_uidnode ( KBNODE uidnode, KBNODE signode, u32 keycreated )
    /* store the key flags in the helper variable for later processing */
    uid->help_key_usage=parse_key_usage(sig);

-    /* ditto or the key expiration */
-    uid->help_key_expire = 0;
+    /* ditto for the key expiration */
    p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);
-    if ( p ) { 
+    if( p && buffer_to_u32(p) )
      uid->help_key_expire = keycreated + buffer_to_u32(p);
-    }
+    else
+      uid->help_key_expire = 0;

    /* Set the primary user ID flag - we will later wipe out some
     * of them to only have one in our keyblock */
@ -1723,7 +1723,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo)
 	key_usage=parse_key_usage(sig);

 	p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);
-	if ( p )
+	if( p && buffer_to_u32(p) )
 	  {
 	    key_expire = keytimestamp + buffer_to_u32(p);
 	    key_expire_seen = 1;
@ -2127,7 +2127,7 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
    subpk->pubkey_usage = key_usage;
    
    p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);
-    if ( p ) 
+    if ( p && buffer_to_u32(p) )
        key_expire = keytimestamp + buffer_to_u32(p);
    else
        key_expire = 0;
--- a/g10/keygen.c
+++ b/g10/keygen.c
@ -221,7 +221,7 @@ keygen_add_key_expire( PKT_signature *sig, void *opaque )
        if(pk->expiredate > pk->timestamp)
 	  u= pk->expiredate - pk->timestamp;
 	else
-	  u= 0;
+	  u= 1;

 	buf[0] = (u >> 24) & 0xff;
 	buf[1] = (u >> 16) & 0xff;
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@ -1,6 +1,6 @@
 /* parse-packet.c  - read packets
- * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004,
- *               2005 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
+ *               2006 Free Software Foundation, Inc.
 *
 * This file is part of GnuPG.
 *
@ -822,8 +822,13 @@ dump_sig_subpkt( int hashed, int type, int critical,
 	break;
      case SIGSUBPKT_SIG_EXPIRE:
 	if( length >= 4 )
+	  {
+	    if(buffer_to_u32(buffer))
 	      fprintf (listfp, "sig expires after %s",
 		       strtimevalue( buffer_to_u32(buffer) ) );
+	    else
+	      fprintf (listfp, "sig does not expire");
+	  }
 	break;
      case SIGSUBPKT_EXPORTABLE:
 	if( length )
@ -847,8 +852,13 @@ dump_sig_subpkt( int hashed, int type, int critical,
 	break;
      case SIGSUBPKT_KEY_EXPIRE:
 	if( length >= 4 )
+	  {
+	    if(buffer_to_u32(buffer))
 	      fprintf (listfp, "key expires after %s",
 		       strtimevalue( buffer_to_u32(buffer) ) );
+	    else
+	      fprintf (listfp, "key does not expire");
+	  }
 	break;
      case SIGSUBPKT_PREF_SYM:
 	fputs("pref-sym-algos:", listfp );
@ -1353,7 +1363,7 @@ parse_signature( IOBUF inp, int pkttype, unsigned long pktlen,
 	  log_info ("signature packet without keyid\n");

 	p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_SIG_EXPIRE,NULL);
-	if(p)
+	if(p && buffer_to_u32(p))
 	  sig->expiredate=sig->timestamp+buffer_to_u32(p);
 	if(sig->expiredate && sig->expiredate<=make_timestamp())
 	  sig->flags.expired=1;
--- a/g10/sign.c
+++ b/g10/sign.c
@ -1544,7 +1544,7 @@ update_keysig_packet( PKT_signature **ret_sig,
      }

    /* Note that already expired sigs will remain expired (with a
-       duration of 0) since build-packet.c:build_sig_subpkt_from_sig
+       duration of 1) since build-packet.c:build_sig_subpkt_from_sig
       detects this case. */

    if( sig->version >= 4 )