mirror of
git://git.gnupg.org/gnupg.git
synced 2025-07-02 22:46:30 +02:00
gpg: Distinguish between missing and cleared key flags.
* include/cipher.h (PUBKEY_USAGE_NONE): New. * g10/getkey.c (parse_key_usage): Set new flag. -- We do not want to use the default capabilities (derived from the algorithm) if any key flags are given in a signature. Thus if key flags are used in any way, the default key capabilities are never used. This allows to create a key with key flags set to all zero so it can't be used. This better reflects common sense.
This commit is contained in:
Werner Koch
parent
76dc5c08dc
commit
4bde12206c
2 changed files with 13 additions and 2 deletions
|
|
@ -1276,13 +1276,19 @@ parse_key_usage (PKT_signature * sig)
|
|||
|
||||
if (flags)
|
||||
key_usage |= PUBKEY_USAGE_UNKNOWN;
|
||||
|
||||
if (!key_usage)
|
||||
key_usage |= PUBKEY_USAGE_NONE;
|
||||
}
|
||||
else if (p) /* Key flags of length zero. */
|
||||
key_usage |= PUBKEY_USAGE_NONE;
|
||||
|
||||
/* We set PUBKEY_USAGE_UNKNOWN to indicate that this key has a
|
||||
capability that we do not handle. This serves to distinguish
|
||||
between a zero key usage which we handle as the default
|
||||
capabilities for that algorithm, and a usage that we do not
|
||||
handle. */
|
||||
handle. Likewise we use PUBKEY_USAGE_NONE to indicate that
|
||||
key_flags have been given but they do not specify any usage. */
|
||||
|
||||
return key_usage;
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue