From 522e6f798db9f3f3a9e0123fdc389a86ac69dedf Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Mon, 12 Dec 2016 09:55:48 +0100
Subject: [PATCH] gpg: Fix algo string parsing of --quick-addkey.

* g10/keygen.c (parse_key_parameter_string): Fix handling of PART==1.
(parse_key_parameter_part): Use default key size if only "rsa", "dsa",
or "elg" is given.
--

The first change is the actual fix.  The second change avoids the
error "Invalid Curve" when only "rsa" instead of RSA2048 is given.

Fixes-commit: ce29272e24e7b718b8fca9b84bc728e65f3dea24
Signed-off-by: Werner Koch <wk@gnupg.org>
---
 g10/keygen.c       | 27 ++++++++++++++++++---------
 g10/parse-packet.c |  2 +-
 2 files changed, 19 insertions(+), 10 deletions(-)

diff --git a/g10/keygen.c b/g10/keygen.c
index ebb2d7027..80ad0ba4e 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -2871,7 +2871,7 @@ parse_key_parameter_part (char *string, int for_subkey,
                           char const **r_curve)
 {
   char *flags;
-  int algo = 0;
+  int algo;
   char *endp;
   const char *curve = NULL;
   int ecdh_or_ecdsa = 0;
@@ -2887,7 +2887,8 @@ parse_key_parameter_part (char *string, int for_subkey,
   if (flags)
     *flags++ = 0;
 
-  if (strlen (string) > 3 && digitp (string+3))
+  algo = 0;
+  if (strlen (string) >= 3 && (digitp (string+3) || !string[3]))
     {
       if (!ascii_memcasecmp (string, "rsa", 3))
         algo = PUBKEY_ALGO_RSA;
@@ -2898,9 +2899,14 @@ parse_key_parameter_part (char *string, int for_subkey,
     }
   if (algo)
     {
-      size = strtoul (string+3, &endp, 10);
-      if (size < 512 || size > 16384 || *endp)
-        return gpg_error (GPG_ERR_INV_VALUE);
+      if (!string[3])
+        size = get_keysize_range (algo, NULL, NULL);
+      else
+        {
+          size = strtoul (string+3, &endp, 10);
+          if (size < 512 || size > 16384 || *endp)
+            return gpg_error (GPG_ERR_INV_VALUE);
+        }
     }
   else if ((curve = openpgp_is_curve_supported (string, &algo, &size)))
     {
@@ -3080,8 +3086,9 @@ parse_key_parameter_part (char *string, int for_subkey,
  * used:
  *   -1 := Both parts
  *    0 := Only the part of the primary key
- *    1 := Only the part of the secondary key is parsed but returned
- *         in the args for the primary key (R_ALGO,....)
+ *    1 := If there is one part parse that one, if there are
+ *         two parts parse the second part.  Always return
+ *         in the args for the primary key (R_ALGO,....).
  *
  */
 gpg_error_t
@@ -3133,8 +3140,10 @@ parse_key_parameter_string (const char *string, int part,
     }
   else if (part == 1)
     {
-      err = parse_key_parameter_part (secondary, 1, r_algo, r_size,
-                                      r_keyuse, r_curve);
+      /* If we have SECONDARY, use that part.  If there is only one
+       * part consider this to be the subkey algo.  */
+      err = parse_key_parameter_part (secondary? secondary : primary, 1,
+                                      r_algo, r_size, r_keyuse, r_curve);
     }
 
   xfree (primary);
diff --git a/g10/parse-packet.c b/g10/parse-packet.c
index 31e2a92d8..7f44ce532 100644
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@@ -3050,7 +3050,7 @@ parse_mdc (IOBUF inp, int pkttype, unsigned long pktlen,
 
 
 /*
- * This packet is internally generated by us (ibn armor.c) to transfer
+ * This packet is internally generated by us (in armor.c) to transfer
  * some information to the lower layer.  To make sure that this packet
  * is really a GPG faked one and not one coming from outside, we
  * first check that there is a unique tag in it.