* keygen.c (make_backsig): If DO_BACKSIGS is not defined, do not create

backsigs. * getkey.c (merge_selfsigs_subkey): Find 0x19 backsigs on subkey selfsigs and verify they are valid. If DO_BACKSIGS is not defined, fake this as always valid. * packet.h, parse-packet.c (parse_signature): Make parse_signature non-static so we can parse 0x19s in self-sigs. * main.h, sig-check.c (check_backsig): Check a 0x19 signature. (signature_check2): Give a backsig warning if there is no or a bad 0x19 with signatures from a subkey.
2025-07-02 22:46:30 +02:00 · 2004-04-23 03:01:53 +00:00 · 2004-04-23 03:01:53 +00:00 · 4a07655935
commit 4a07655935
parent 8030362eae
7 changed files with 123 additions and 7 deletions
--- a/g10/main.h
+++ b/g10/main.h
@ -1,5 +1,6 @@
 /* main.h
- * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003,
+ *               2004 Free Software Foundation, Inc.
 *
 * This file is part of GnuPG.
 *
@ -119,6 +120,8 @@ int sign_symencrypt_file (const char *fname, STRLIST locusr);

 /*-- sig-check.c --*/
 int check_revocation_keys (PKT_public_key *pk, PKT_signature *sig);
+int check_backsig(PKT_public_key *main_pk,PKT_public_key *sub_pk,
+		  PKT_signature *backsig);
 int check_key_signature( KBNODE root, KBNODE node, int *is_selfsig );
 int check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
 			  int *is_selfsig, u32 *r_expiredate, int *r_expired );