security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-04-17 15:44:34 +02:00
Code Activity

gpg: Improve check for ambiguous keys.

Browse Source 
* g10/gpg.c (check_user_ids): When checking for ambiguous keys, ignore
encryption-only keys when a signing key is needed and vice-versa.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
This commit is contained in:
Neal H. Walfield 2015-12-17 13:15:18 +01:00
parent dc417bf0c5
commit 4103850c2e
1 changed files with 148 additions and 99 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

97
g10/gpg.c
View File

@ -2153,6 +2153,9 @@ check_user_ids (strlist_t *sp,
KBNODE best_kb; KBNODE best_kb;
PKT_public_key *best_pk; PKT_public_key *best_pk;
/* Whether the key is for encryption or signing. */
int encrypt = 1;
/* If the key has been given on the command line and it has not /* If the key has been given on the command line and it has not
been given by one of the encrypt-to options, we skip the been given by one of the encrypt-to options, we skip the
checks. The reason is that the actual key selection code checks. The reason is that the actual key selection code
@ -2168,13 +2171,20 @@ check_user_ids (strlist_t *sp,
option = t->flags >> PK_LIST_SHIFT; option = t->flags >> PK_LIST_SHIFT;
switch (option) switch (option)
{ {
case oDefaultKey: option_str = "--default-key"; break; case oDefaultKey:
option_str = "--default-key";
encrypt = 0;
break;
case oLocalUser:
option_str = "--local-user";
encrypt = 0;
break;
case oEncryptTo: option_str = "--encrypt-to"; break; case oEncryptTo: option_str = "--encrypt-to"; break;
case oHiddenEncryptTo: option_str = "--hidden-encrypt-to"; break; case oHiddenEncryptTo: option_str = "--hidden-encrypt-to"; break;
case oEncryptToDefaultKey: option_str = "--encrypt-to-default-key"; break; case oEncryptToDefaultKey: option_str = "--encrypt-to-default-key"; break;
case oRecipient: option_str = "--recipient"; break; case oRecipient: option_str = "--recipient"; break;
case oHiddenRecipient: option_str = "--hidden-recipient"; break; case oHiddenRecipient: option_str = "--hidden-recipient"; break;
case oLocalUser: option_str = "--local-user"; break;
default: default:
log_bug ("Unsupport option: %d\n", (t->flags >> PK_LIST_SHIFT)); log_bug ("Unsupport option: %d\n", (t->flags >> PK_LIST_SHIFT));
} }
@ -2385,15 +2395,7 @@ check_user_ids (strlist_t *sp,
/* Now we find the best key. */ /* Now we find the best key. */
assert (results); assert (results);
if (! results->next) /* Prune invalid keys. */
/* There is only one key. */
{
best_kb = results->keyblock;
best_pk = best_kb->pkt->pkt.public_key;
}
else
/* We have more than one matching key. Prune invalid
keys. */
{ {
int ambiguous = 0; int ambiguous = 0;
@ -2401,18 +2403,15 @@ check_user_ids (strlist_t *sp,
log_debug ("Pruning bad keys.\n"); log_debug ("Pruning bad keys.\n");
best_pk = NULL; best_pk = NULL;
for (r = results; r; r = r->next)
{
/* Merge in the data from the self sigs so that things
like the revoked status are available. */
merge_keys_and_selfsig (r->keyblock);
r->processed = 0;
}
for (r = results; r; r = r->next) for (r = results; r; r = r->next)
{ {
KBNODE kb = r->keyblock; KBNODE kb = r->keyblock;
PKT_public_key *pk = kb->pkt->pkt.public_key; PKT_public_key *pk = kb->pkt->pkt.public_key;
KBNODE n;
/* Merge in the data from the self sigs so that things
like the revoked status are available. */
merge_keys_and_selfsig (kb);
if (/* Using disabled keys with --encrypt-to is allowed. */ if (/* Using disabled keys with --encrypt-to is allowed. */
! (option == oEncryptTo || option == oHiddenEncryptTo) ! (option == oEncryptTo || option == oHiddenEncryptTo)
@ -2422,7 +2421,6 @@ check_user_ids (strlist_t *sp,
log_debug (" Skipping disabled key: %s\n", log_debug (" Skipping disabled key: %s\n",
hexfingerprint (pk, fingerprint, hexfingerprint (pk, fingerprint,
sizeof fingerprint)); sizeof fingerprint));
r->processed = 1;
continue; continue;
} }
if (pk->flags.revoked) if (pk->flags.revoked)
@ -2431,7 +2429,6 @@ check_user_ids (strlist_t *sp,
log_debug (" Skipping revoked key: %s\n", log_debug (" Skipping revoked key: %s\n",
hexfingerprint (pk, fingerprint, hexfingerprint (pk, fingerprint,
sizeof fingerprint)); sizeof fingerprint));
r->processed = 1;
continue; continue;
} }
if (pk->has_expired) if (pk->has_expired)
@ -2440,15 +2437,55 @@ check_user_ids (strlist_t *sp,
log_debug (" Skipping expired key: %s\n", log_debug (" Skipping expired key: %s\n",
hexfingerprint (pk, fingerprint, hexfingerprint (pk, fingerprint,
sizeof fingerprint)); sizeof fingerprint));
r->processed = 1;
continue; continue;
} }
/* Check for the required encryption or signing
capability. */
n = kb;
do
{
PKT_public_key *key = n->pkt->pkt.public_key;
if ((/* Using disabled keys with --encrypt-to is allowed. */
pk_is_disabled (key)
&& ! (option == oEncryptTo
|| option == oHiddenEncryptTo))
|| key->flags.revoked
|| key->has_expired)
/* Invalid. */
continue;
if (encrypt && ! (key->pubkey_usage & PUBKEY_USAGE_ENC))
continue;
if (! encrypt && ! (key->pubkey_usage & PUBKEY_USAGE_SIG))
continue;
/* Key passes basic tests. */
break;
}
while ((n = find_next_kbnode (n, PKT_PUBLIC_SUBKEY)));
if (! n)
{
if (DBG_LOOKUP)
log_debug (" Skipping %s, which does not have %s capability.\n",
hexfingerprint (r->keyblock->pkt->pkt.public_key,
fingerprint, sizeof fingerprint),
encrypt ? "encrypt" : "sign");
continue;
}
else if (DBG_LOOKUP)
log_debug (" %s is valid and has %s capability.\n",
hexfingerprint (r->keyblock->pkt->pkt.public_key,
fingerprint, sizeof fingerprint),
encrypt ? "encrypt" : "sign");
if (! best_pk) if (! best_pk)
{ {
best_pk = pk; best_pk = pk;
best_kb = kb; best_kb = kb;
r->processed = 1;
continue; continue;
} }
@ -2466,6 +2503,19 @@ check_user_ids (strlist_t *sp,
best_pk = pk; best_pk = pk;
} }
if (! results)
{
if (encrypt)
log_error (_("%s: no matching keys are valid encryption keys"),
t->d);
else
log_error (_("%s: no matching keys are valid signing keys"),
t->d);
if (!opt.quiet)
log_info (_("(check argument of option '%s')\n"), option_str);
continue;
}
if (ambiguous) if (ambiguous)
{ {
/* TRANSLATORS: The %s prints a key specification which /* TRANSLATORS: The %s prints a key specification which
@ -2481,7 +2531,6 @@ check_user_ids (strlist_t *sp,
log_info (_("'%s' matches at least:\n"), t->d); log_info (_("'%s' matches at least:\n"), t->d);
for (r = results; r; r = r->next) for (r = results; r; r = r->next)
if (! r->processed)
log_info (" %s\n", log_info (" %s\n",
format_hexfingerprint format_hexfingerprint
(hexfingerprint (r->keyblock->pkt->pkt.public_key, (hexfingerprint (r->keyblock->pkt->pkt.public_key,