security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-26 15:37:03 +01:00
Code Activity

* sig-check.c (signature_check2): Signatures made by invalid subkeys

Browse Source 
(bad/missing binding sig) are also invalid.

* keylist.c (print_fingerprint): Show the primary as well as the secondary
key fingerprint in modes 1 & 2.
This commit is contained in:
David Shaw 2002-07-23 18:42:18 +00:00
parent d83e64968f
commit 4623605645
3 changed files with 62 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
g10/ChangeLog
View File

@ -1,3 +1,11 @@
2002-07-23 David Shaw <dshaw@jabberwocky.com>
* sig-check.c (signature_check2): Signatures made by invalid
subkeys (bad/missing binding sig) are also invalid.
* keylist.c (print_fingerprint): Show the primary as well as the
secondary key fingerprint in modes 1 & 2.
2002-07-22 David Shaw <dshaw@jabberwocky.com> 2002-07-22 David Shaw <dshaw@jabberwocky.com>
* options.h, main.h, g10.c (main), import.c * options.h, main.h, g10.c (main), import.c

52
g10/keylist.c
View File

@ -938,6 +938,7 @@ list_keyblock( KBNODE keyblock, int secret, int fpr, void *opaque )
* mode 0: as used in key listings, opt.with_colons is honored * mode 0: as used in key listings, opt.with_colons is honored
* 1: print using log_info () * 1: print using log_info ()
* 2: direct use of tty * 2: direct use of tty
* modes 1 and 2 will try and print both subkey and primary key fingerprints
*/ */
void void
print_fingerprint (PKT_public_key *pk, PKT_secret_key *sk, int mode ) print_fingerprint (PKT_public_key *pk, PKT_secret_key *sk, int mode )
@ -946,20 +947,65 @@ print_fingerprint (PKT_public_key *pk, PKT_secret_key *sk, int mode )
size_t i, n; size_t i, n;
FILE *fp; FILE *fp;
const char *text; const char *text;
int primary=0;
if(sk)
{
if(sk->main_keyid[0]==sk->keyid[0] && sk->main_keyid[1]==sk->keyid[1])
primary=1;
}
else
{
if(pk->main_keyid[0]==pk->keyid[0] && pk->main_keyid[1]==pk->keyid[1])
primary=1;
}
/* Just to be safe */
if(mode&0x80 && !primary)
{
log_error("primary key is not really primary!\n");
return;
}
mode&=~0x80;
if(!primary && (mode==1 || mode==2))
{
if(sk)
{
PKT_secret_key *primary_sk=m_alloc_clear(sizeof(*primary_sk));
get_seckey(primary_sk,sk->main_keyid);
print_fingerprint(NULL,primary_sk,mode|0x80);
free_secret_key(primary_sk);
}
else
{
PKT_public_key *primary_pk=m_alloc_clear(sizeof(*primary_pk));
get_pubkey(primary_pk,pk->main_keyid);
print_fingerprint(primary_pk,NULL,mode|0x80);
free_public_key(primary_pk);
}
}
if (mode == 1) { if (mode == 1) {
fp = log_stream (); fp = log_stream ();
text = _("Fingerprint:"); if(primary)
text = _("Primary key fingerprint:");
else
text = _(" Subkey fingerprint:");
} }
else if (mode == 2) { else if (mode == 2) {
fp = NULL; /* use tty */ fp = NULL; /* use tty */
/* Translators: this should fit into 24 bytes to that the fingerprint /* Translators: this should fit into 24 bytes to that the fingerprint
* data is properly aligned with the user ID */ * data is properly aligned with the user ID */
text = _(" Fingerprint:"); if(primary)
text = _(" Primary key fingerprint:");
else
text = _(" Subkey fingerprint:");
} }
else { else {
fp = stdout; fp = stdout;
text = _(" Key fingerprint ="); text = _(" Key fingerprint =");
} }
if (sk) if (sk)

5
g10/sig-check.c
View File

@ -65,6 +65,11 @@ signature_check2( PKT_signature *sig, MD_HANDLE digest,
*r_expiredate = 0; *r_expiredate = 0;
if( get_pubkey( pk, sig->keyid ) ) if( get_pubkey( pk, sig->keyid ) )
rc = G10ERR_NO_PUBKEY; rc = G10ERR_NO_PUBKEY;
else if(!pk->is_valid &&
(pk->main_keyid[0]!=pk->keyid[0] ||
pk->main_keyid[1]!=pk->keyid[1]))
rc=G10ERR_BAD_PUBKEY; /* you cannot have a good sig from an
invalid subkey */
else { else {
*r_expiredate = pk->expiredate; *r_expiredate = pk->expiredate;
rc = do_check( pk, sig, digest, r_expired ); rc = do_check( pk, sig, digest, r_expired );