mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-23 10:29:58 +01:00
* import.c (import_secret_one): Check for an illegal (>110) protection
cipher when importing a secret key. * keylist.c (list_keyblock_print): Show a '#' for a secret-parts-missing key. * parse_packet.c (parse_key): Some comments. * revoke.c (gen_revoke): Remove some debugging code. * trustdb.c (verify_own_keys): Make trusted-key a non-deprecated option again.
This commit is contained in:
parent
b8e23f7cb2
commit
27d526298b
@ -1,3 +1,18 @@
|
|||||||
|
2002-10-02 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
|
* import.c (import_secret_one): Check for an illegal (>110)
|
||||||
|
protection cipher when importing a secret key.
|
||||||
|
|
||||||
|
* keylist.c (list_keyblock_print): Show a '#' for a
|
||||||
|
secret-parts-missing key.
|
||||||
|
|
||||||
|
* parse_packet.c (parse_key): Some comments.
|
||||||
|
|
||||||
|
* revoke.c (gen_revoke): Remove some debugging code.
|
||||||
|
|
||||||
|
* trustdb.c (verify_own_keys): Make trusted-key a non-deprecated
|
||||||
|
option again.
|
||||||
|
|
||||||
2002-10-01 David Shaw <dshaw@jabberwocky.com>
|
2002-10-01 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
* seckey-cert.c (do_check): Don't give the IDEA warning unless the
|
* seckey-cert.c (do_check): Don't give the IDEA warning unless the
|
||||||
|
@ -839,6 +839,13 @@ import_secret_one( const char *fname, KBNODE keyblock,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if(sk->protect.algo>110)
|
||||||
|
{
|
||||||
|
log_error(_("key %08lX: secret key with invalid cipher %d "
|
||||||
|
"- skipped\n"),(ulong)keyid[1],sk->protect.algo);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
clear_kbnode_flags( keyblock );
|
clear_kbnode_flags( keyblock );
|
||||||
|
|
||||||
/* do we have this key already in one of our secrings ? */
|
/* do we have this key already in one of our secrings ? */
|
||||||
|
@ -409,7 +409,8 @@ list_keyblock_print ( KBNODE keyblock, int secret, int fpr, void *opaque )
|
|||||||
pk = NULL;
|
pk = NULL;
|
||||||
sk = node->pkt->pkt.secret_key;
|
sk = node->pkt->pkt.secret_key;
|
||||||
keyid_from_sk( sk, keyid );
|
keyid_from_sk( sk, keyid );
|
||||||
printf("sec %4u%c/%08lX %s ", nbits_from_sk( sk ),
|
printf("sec%c %4u%c/%08lX %s ", (sk->protect.s2k.mode==1001)?'#':' ',
|
||||||
|
nbits_from_sk( sk ),
|
||||||
pubkey_letter( sk->pubkey_algo ),
|
pubkey_letter( sk->pubkey_algo ),
|
||||||
(ulong)keyid[1],
|
(ulong)keyid[1],
|
||||||
datestr_from_sk( sk ) );
|
datestr_from_sk( sk ) );
|
||||||
|
@ -1574,6 +1574,9 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
|
|||||||
}
|
}
|
||||||
sk->protect.sha1chk = (sk->protect.algo == 254);
|
sk->protect.sha1chk = (sk->protect.algo == 254);
|
||||||
sk->protect.algo = iobuf_get_noeof(inp); pktlen--;
|
sk->protect.algo = iobuf_get_noeof(inp); pktlen--;
|
||||||
|
/* Note that a sk->protect.algo > 110 is illegal, but
|
||||||
|
I'm not erroring on it here as otherwise there
|
||||||
|
would be no way to delete such a key. */
|
||||||
sk->protect.s2k.mode = iobuf_get_noeof(inp); pktlen--;
|
sk->protect.s2k.mode = iobuf_get_noeof(inp); pktlen--;
|
||||||
sk->protect.s2k.hash_algo = iobuf_get_noeof(inp); pktlen--;
|
sk->protect.s2k.hash_algo = iobuf_get_noeof(inp); pktlen--;
|
||||||
/* check for the special GNU extension */
|
/* check for the special GNU extension */
|
||||||
@ -1647,6 +1650,9 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
|
|||||||
(ulong)sk->protect.s2k.count);
|
(ulong)sk->protect.s2k.count);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
/* Note that a sk->protect.algo > 110 is illegal, but I'm
|
||||||
|
not erroring on it here as otherwise there would be no
|
||||||
|
way to delete such a key. */
|
||||||
else { /* old version; no S2K, so we set mode to 0, hash MD5 */
|
else { /* old version; no S2K, so we set mode to 0, hash MD5 */
|
||||||
sk->protect.s2k.mode = 0;
|
sk->protect.s2k.mode = 0;
|
||||||
sk->protect.s2k.hash_algo = DIGEST_ALGO_MD5;
|
sk->protect.s2k.hash_algo = DIGEST_ALGO_MD5;
|
||||||
|
@ -551,7 +551,9 @@ gen_revoke( const char *uname )
|
|||||||
|
|
||||||
if(opt.pgp2 || opt.pgp6 || opt.pgp7)
|
if(opt.pgp2 || opt.pgp6 || opt.pgp7)
|
||||||
{
|
{
|
||||||
rc=export_minimal_pk(out,NULL /*pub_keyblock*/,sig,NULL);
|
/* Use a minimal pk for PGPx mode, since PGP can't import bare
|
||||||
|
revocation certificates. */
|
||||||
|
rc=export_minimal_pk(out,pub_keyblock,sig,NULL);
|
||||||
if(rc)
|
if(rc)
|
||||||
goto leave;
|
goto leave;
|
||||||
}
|
}
|
||||||
|
@ -247,7 +247,6 @@ verify_own_keys(void)
|
|||||||
ulong recnum;
|
ulong recnum;
|
||||||
int rc;
|
int rc;
|
||||||
struct key_item *k;
|
struct key_item *k;
|
||||||
int hint_shown = 0;
|
|
||||||
|
|
||||||
if (utk_list)
|
if (utk_list)
|
||||||
return;
|
return;
|
||||||
@ -296,14 +295,7 @@ verify_own_keys(void)
|
|||||||
| TRUST_ULTIMATE ));
|
| TRUST_ULTIMATE ));
|
||||||
release_public_key_parts (&pk);
|
release_public_key_parts (&pk);
|
||||||
}
|
}
|
||||||
if (!hint_shown)
|
log_info (_("key %08lX marked as ultimately trusted\n"),
|
||||||
{
|
|
||||||
log_info ("the --trusted-key option is now obsolete; "
|
|
||||||
"use the --edit command instead.\n");
|
|
||||||
log_info ("given keys will be marked as trusted\n");
|
|
||||||
hint_shown = 1;
|
|
||||||
}
|
|
||||||
log_info ("key %08lX marked as ultimately trusted\n",
|
|
||||||
(ulong)k->kid[1]);
|
(ulong)k->kid[1]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user