gpg: Allow adding of Additional Decryption Subkeys.

* g10/free-packet.c (copy_public_key): Factor some code out to ... (copy_public_key_basics): new. * g10/build-packet.c (build_sig_subpkt_from_sig): New arg signhints. * g10/packet.h (PUBKEY_USAGE_RENC): Fix value. (SIGNHINT_KEYSIG, SIGNHINT_SELFSIG): Moved from sign.c. (SIGNHINT_ADSK): New. (PKT_public_key): Change pubkey_usage from byte to u16. (PKT_user_id): Cosmetic fix: change help_key_usage from int to u16. * g10/getkey.c (parse_key_usage): Make public. * g10/misc.c (openpgp_pk_algo_usage): Take PUBKEY_USAGE_RENC in account. * g10/sign.c (update_keysig_packet): Set SIGNHINT_ADSK. (make_keysig_packet): Ditto. (do_sign): No time warp check in ADSK mode. * g10/sig-check.c (check_signature_metadata_validity): Ditto. * g10/keygen.c (struct opaque_data_usage_and_pk): Remove. (write_keybinding): Do not use the removed struct. (do_add_key_flags): Support PUBKEY_USAGE_RENC and others. (keygen_add_key_flags_and_expire): Rewrite and make public. * g10/keyedit.c (enum cmdids): Add cmdADDADSK. (keyedit_menu): Add command "addadsk". (menu_addadsk): New. -- This makes use of a new encryption flag: The "restricted encryption key" (2nd,0x04) does not take part in any automatic selection of encryption keys. It is only found on a subkey signature (type 0x18), one that refers to the key the flag applies to. Followup patches will add encryption support and a --quick command. GnuPG-bug-id: 6395
2025-07-03 22:56:33 +02:00 · 2023-03-01 17:22:20 +01:00 · 2023-03-01 17:22:20 +01:00 · 3a18378a92
commit 3a18378a92
parent 1aaadede76
13 changed files with 278 additions and 76 deletions
--- a/g10/free-packet.c
+++ b/g10/free-packet.c
@ -211,10 +211,10 @@ copy_prefs (const prefitem_t *prefs)


 /* Copy the public key S to D.  If D is NULL allocate a new public key
-   structure.  If S has seckret key infos, only the public stuff is
-   copied.  */
+ * structure.  Only the basic stuff is copied; not any ancillary
+ * data.  */
 PKT_public_key *
-copy_public_key (PKT_public_key *d, PKT_public_key *s)
+copy_public_key_basics (PKT_public_key *d, PKT_public_key *s)
 {
  int n, i;

@ -222,8 +222,8 @@ copy_public_key (PKT_public_key *d, PKT_public_key *s)
    d = xmalloc (sizeof *d);
  memcpy (d, s, sizeof *d);
  d->seckey_info = NULL;
-  d->user_id = scopy_user_id (s->user_id);
-  d->prefs = copy_prefs (s->prefs);
+  d->user_id = NULL;
+  d->prefs = NULL;

  n = pubkey_get_npkey (s->pubkey_algo);
  i = 0;
@ -237,6 +237,24 @@ copy_public_key (PKT_public_key *d, PKT_public_key *s)
  for (; i < PUBKEY_MAX_NSKEY; i++)
    d->pkey[i] = NULL;

+  d->revkey = NULL;
+  d->serialno = NULL;
+  d->updateurl = NULL;
+
+  return d;
+}
+
+
+/* Copy the public key S to D.  If D is NULL allocate a new public key
+   structure.  If S has seckret key infos, only the public stuff is
+   copied.  */
+PKT_public_key *
+copy_public_key (PKT_public_key *d, PKT_public_key *s)
+{
+  d = copy_public_key_basics (d, s);
+  d->user_id = scopy_user_id (s->user_id);
+  d->prefs = copy_prefs (s->prefs);
+
  if (!s->revkey && s->numrevkeys)
    BUG();
  if (s->numrevkeys)
@ -244,8 +262,6 @@ copy_public_key (PKT_public_key *d, PKT_public_key *s)
      d->revkey = xmalloc(sizeof(struct revocation_key)*s->numrevkeys);
      memcpy(d->revkey,s->revkey,sizeof(struct revocation_key)*s->numrevkeys);
    }
-  else
-    d->revkey = NULL;

  if (s->serialno)
    d->serialno = xstrdup (s->serialno);