security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

gpg: Fix printing of pubkey algo in --verbose signature verify.

Browse source 
* g10/sig-check.c (check_signature2): Replace arg PK by R_PK and
change the semantics.  Also clear the other R_ args on function entry,
use gpg_error() and change retturn type to gpg_error_t.
* g10/mainproc.c (do_check_sig): Add arg R_PK.
(list_node): Pass NULL for new arg.
(check_sig_and_print): Rework to make use of the returned PK.
--

The output

gpg: textmode signature, digest algorithm SHA256, key algorithm rsa2048

showed the pubkey algo of the primary key which was surprising.
Changed to print the algo of the subkey used for verification.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2016-09-01 16:00:06 +02:00
parent 44690befad
commit 37e3c89725
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
3 changed files with 111 additions and 91 deletions
Download patch file Download diff file Expand all files Collapse all files

58
g10/sig-check.c
View file

@ -84,23 +84,29 @@ check_signature (PKT_signature *sig, gcry_md_hd_t digest)
* revoked (0 otherwise). Note: PK being revoked does not cause this
* function to fail.
*
* If PK is not NULL, the public key is saved in *PK on success.
* If R_PK is not NULL, the public key is stored at that address if it
* was found; other wise NULL is stored.
*
* Returns 0 on success. An error code otherwise. */
int
gpg_error_t
check_signature2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
int *r_expired, int *r_revoked, PKT_public_key *pk )
int *r_expired, int *r_revoked, PKT_public_key **r_pk)
{
int rc=0;
int pk_internal;
PKT_public_key *pk;
if (pk)
pk_internal = 0;
else
{
pk_internal = 1;
pk = xmalloc_clear( sizeof *pk );
}
if (r_expiredate)
*r_expiredate = 0;
if (r_expired)
*r_expired = 0;
if (r_revoked)
*r_revoked = 0;
if (r_pk)
*r_pk = NULL;
pk = xtrycalloc (1, sizeof *pk);
if (!pk)
return gpg_error_from_syserror ();
if ( (rc=openpgp_md_test_algo(sig->digest_algo)) )
; /* We don't have this digest. */
@ -114,14 +120,14 @@ check_signature2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
header is missing or does not match the actual sig. */
log_info(_("WARNING: signature digest conflict in message\n"));
rc = GPG_ERR_GENERAL;
rc = gpg_error (GPG_ERR_GENERAL);
}
else if( get_pubkey( pk, sig->keyid ) )
rc = GPG_ERR_NO_PUBKEY;
rc = gpg_error (GPG_ERR_NO_PUBKEY);
else if(!pk->flags.valid)
{
/* You cannot have a good sig from an invalid key. */
rc = GPG_ERR_BAD_PUBKEY;
rc = gpg_error (GPG_ERR_BAD_PUBKEY);
}
else
{
@ -136,7 +142,7 @@ check_signature2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
them as their own. The attacker couldn't actually use the
subkey, but they could try and claim ownership of any
signatures issued by it. */
if(rc==0 && !pk->flags.primary && pk->flags.backsig < 2)
if (!rc && !pk->flags.primary && pk->flags.backsig < 2)
{
if (!pk->flags.backsig)
{
@ -148,27 +154,17 @@ check_signature2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
error. TODO: change the default to require this
after more keys have backsigs. */
if(opt.flags.require_cross_cert)
rc = GPG_ERR_GENERAL;
rc = gpg_error (GPG_ERR_GENERAL);
}
else if(pk->flags.backsig == 1)
{
log_info(_("WARNING: signing subkey %s has an invalid"
" cross-certification\n"),keystr_from_pk(pk));
rc = GPG_ERR_GENERAL;
rc = gpg_error (GPG_ERR_GENERAL);
}
}
}
if (pk_internal || rc)
{
release_public_key_parts (pk);
if (pk_internal)
xfree (pk);
else
/* Be very sure that the caller doesn't try to use *PK. */
memset (pk, 0, sizeof (*pk));
}
if( !rc && sig->sig_class < 2 && is_status_enabled() ) {
/* This signature id works best with DLP algorithms because
* they use a random parameter for every signature. Instead of
@ -235,6 +231,14 @@ check_signature2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
xfree (buffer);
}
if (r_pk)
*r_pk = pk;
else
{
release_public_key_parts (pk);
xfree (pk);
}
return rc;
}