security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

See ChangeLog: Thu Jul 22 20:03:03 CEST 1999 Werner Koch

Browse source
This commit is contained in:
Werner Koch 1999-07-22 18:11:55 +00:00
parent a316550579
commit 541bb017d2
14 changed files with 230 additions and 123 deletions
Download patch file Download diff file Expand all files Collapse all files

22
g10/ChangeLog
View file

@ -1,11 +1,24 @@
Thu Jul 15 10:15:35 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
Thu Jul 22 20:03:03 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* ringedit.c (enum_keyblocks): Removed annoying error message in cases
when we have no keyring at all to enum.
* getkey.c (classify_user_id): Rewrote to relax the recognition of
keyIDs and fingerprints (Michael).
* mainproc.c (check_sig_and_print): Print status NO_PUBKEY.
(print_failed_pkenc): Print status NO_SECKEY.
* import.c (mark_non_selfsigned_uids_valid): New.
* g10.c: New option --allow-non-selfsigned-uid.
Thu Jul 15 10:15:35 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* g10.c: New options --disable-{cipher,pubkey}-algo.
Wed Jul 14 19:42:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* status.h (STATUS_IMPORTED): New.
* import.c (import): Print some status information (Holger Schurig).
@ -14,7 +27,6 @@ Wed Jul 14 19:42:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
Tue Jul 13 17:39:25 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* pkclist.c (do_edit_ownertrust): Changed the way help works.
(build_pk_list): Implemented default recipient stuff.
* g10.c: New options --default-recipient[-self]
@ -27,13 +39,11 @@ Tue Jul 13 17:39:25 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
Mon Jul 12 18:45:57 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* keyedit.c (keyedit_menu): Add arg sign_mode and changed callers
* g10.c (main): New command --lsign-key.
Mon Jul 12 14:55:34 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* mainproc.c (kidlist_item): New.
(release_list): Release failed pk-enc-list.
(print_failed_pkenc): New
@ -62,7 +72,6 @@ Thu Jul 8 16:21:27 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
Wed Jul 7 13:08:40 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* Makefile.am: Support for libtool.
* keygen.c (ask_expire_interval): Hack to allow for an expire date.
@ -79,7 +88,6 @@ Wed Jul 7 13:08:40 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
Fri Jul 2 11:45:54 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* g10.c (g10_exit): Dump random stats.
* sig-check.c (check_key_signature,check_key_signature2): Enhanced

5
g10/g10.c
View file

@ -174,6 +174,7 @@ enum cmd_and_opt_values { aNull = 0,
oNoUtf8Strings,
oDisableCipherAlgo,
oDisablePubkeyAlgo,
oAllowNonSelfsignedUID,
aTest };
@ -332,6 +333,7 @@ static ARGPARSE_OPTS opts[] = {
{ oWithFingerprint, "with-fingerprint", 0, "@" },
{ oDisableCipherAlgo, "disable-cipher-algo", 2, "@" },
{ oDisablePubkeyAlgo, "disable-pubkey-algo", 2, "@" },
{ oAllowNonSelfsignedUID, "allow-non-selfsigned-uid", 0, "@" },
{0} };
@ -843,6 +845,9 @@ main( int argc, char **argv )
case oDisablePubkeyAlgo:
disable_pubkey_algo( string_to_pubkey_algo(pargs.r.ret_str) );
break;
case oAllowNonSelfsignedUID:
opt.allow_non_selfsigned_uid = 1;
break;
default : pargs.err = configfp? 1:2; break;
}

204
g10/getkey.c
View file

@ -539,104 +539,134 @@ int
classify_user_id( const char *name, u32 *keyid, byte *fprint,
const char **retstr, size_t *retlen )
{
const char *s;
int mode = 0;
const char * s;
int mode = 0;
int hexprefix = 0;
int hexlength;
/* check what kind of name it is */
/* skip leading spaces. FIXME: what is with leading spaces? */
for(s = name; *s && isspace(*s); s++ )
;
if( isdigit( *s ) ) { /* a keyid or a fingerprint */
int i, j;
char buf[9];
if( *s == '0' && s[1] == 'x' && isxdigit(s[2]) )
s += 2; /*kludge to allow 0x034343434 */
for(i=0; isxdigit(s[i]); i++ )
;
if( s[i] && !isspace(s[i]) ) /* not terminated by EOS or blank*/
switch (*s) {
case 0: /* empty string is an error */
return 0;
else if( i == 8 || (i == 9 && *s == '0') ) { /* short keyid */
if( i==9 )
s++;
if( keyid ) {
keyid[0] = 0;
keyid[1] = strtoul( s, NULL, 16 );
case '.': /* an email address, compare from end */
mode = 5;
s++;
break;
case '<': /* an email address */
mode = 3;
break;
case '@': /* part of an email address */
mode = 4;
s++;
break;
case '=': /* exact compare */
mode = 1;
s++;
break;
case '*': /* case insensitive substring search */
mode = 2;
s++;
break;
case '+': /* compare individual words */
mode = 6;
s++;
break;
case '#': /* local user id */
mode = 12;
s++;
if (keyid) {
if (keyid_from_lid(strtoul(s, NULL, 10), keyid))
keyid[0] = keyid[1] = 0;
}
mode = 10;
}
else if( i == 16 || (i == 17 && *s == '0') ) { /* complete keyid */
if( i==17 )
s++;
mem2str(buf, s, 9 );
keyid[0] = strtoul( buf, NULL, 16 );
keyid[1] = strtoul( s+8, NULL, 16 );
mode = 11;
}
else if( i == 32 || ( i == 33 && *s == '0' ) ) { /* md5 fingerprint */
if( i==33 )
s++;
if( fprint ) {
memset(fprint+16, 4, 0);
for(j=0; j < 16; j++, s+=2 ) {
int c = hextobyte( s );
if( c == -1 )
return 0;
fprint[j] = c;
break;
default:
if (s[0] == '0' && s[1] == 'x') {
hexprefix = 1;
s += 2;
}
hexlength = strspn(s, "0123456789abcdefABCDEF");
/* check if a hexadecimal number is terminated by EOS or blank */
if (hexlength && s[hexlength] && !isspace(s[hexlength])) {
if (hexprefix) /* a "0x" prefix without correct */
return 0; /* termination is an error */
else /* The first chars looked like */
hexlength = 0; /* a hex number, but really were not. */
}
if (hexlength == 8 || (!hexprefix && hexlength == 9 && *s == '0')){
/* short keyid */
if (hexlength == 9)
s++;
if (keyid) {
keyid[0] = 0;
keyid[1] = strtoul( s, NULL, 16 );
}
mode = 10;
}
mode = 16;
}
else if( i == 40 || ( i == 41 && *s == '0' ) ) { /* sha1/rmd160 fprint*/
if( i==33 )
s++;
if( fprint ) {
for(j=0; j < 20; j++, s+=2 ) {
int c = hextobyte( s );
if( c == -1 )
return 0;
fprint[j] = c;
else if (hexlength == 16 || (!hexprefix && hexlength == 17
&& *s == '0')) {
/* complete keyid */
char buf[9];
if (hexlength == 17)
s++;
mem2str(buf, s, 9 );
keyid[0] = strtoul( buf, NULL, 16 );
keyid[1] = strtoul( s+8, NULL, 16 );
mode = 11;
}
else if (hexlength == 32 || (!hexprefix && hexlength == 33
&& *s == '0')) {
/* md5 fingerprint */
int i;
if (hexlength == 33)
s++;
if (fprint) {
memset(fprint+16, 4, 0);
for (i=0; i < 16; i++, s+=2) {
int c = hextobyte(s);
if (c == -1)
return 0;
fprint[i] = c;
}
}
mode = 16;
}
else if (hexlength == 40 || (!hexprefix && hexlength == 41
&& *s == '0')) {
/* sha1/rmd160 fingerprint */
int i;
if (hexlength == 41)
s++;
if (fprint) {
for (i=0; i < 20; i++, s+=2) {
int c = hextobyte(s);
if (c == -1)
return 0;
fprint[i] = c;
}
}
mode = 20;
}
else {
if (hexprefix) /* This was a hex number with a prefix */
return 0; /* and a wrong length */
mode = 2; /* Default is case insensitive substring search */
}
mode = 20;
}
else
return 0;
}
else if( *s == '=' ) { /* exact search */
mode = 1;
s++;
}
else if( *s == '*' ) { /* substring search */
mode = 2;
s++;
}
else if( *s == '<' ) { /* an email address */
mode = 3;
}
else if( *s == '@' ) { /* a part of an email address */
mode = 4;
s++;
}
else if( *s == '.' ) { /* an email address, compare from end */
mode = 5;
s++;
}
else if( *s == '+' ) { /* word match mode */
mode = 6;
s++;
}
else if( *s == '#' ) { /* use local id */
mode = 12;
s++;
if( keyid ) {
if( keyid_from_lid( strtoul( s, NULL, 10), keyid ) )
keyid[0] = keyid[1] = 0;
}
}
else if( !*s ) /* empty string */
return 0;
else
mode = 2;
if( retstr )
*retstr = s;

31
g10/import.c
View file

@ -59,6 +59,7 @@ static int import_secret_one( const char *fname, KBNODE keyblock );
static int import_revoke_cert( const char *fname, KBNODE node );
static int chk_self_sigs( const char *fname, KBNODE keyblock,
PKT_public_key *pk, u32 *keyid );
static void mark_non_selfsigned_uids_valid( KBNODE keyblock, u32 *kid );
static int delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid );
static int merge_blocks( const char *fname, KBNODE keyblock_orig,
KBNODE keyblock, u32 *keyid,
@ -367,6 +368,9 @@ import_one( const char *fname, KBNODE keyblock, int fast )
if( rc )
return rc== -1? 0:rc;
if( opt.allow_non_selfsigned_uid )
mark_non_selfsigned_uids_valid( keyblock, keyid );
if( !delete_inv_parts( fname, keyblock, keyid ) ) {
if( !opt.quiet ) {
log_info( _("key %08lX: no valid user ids\n"),
@ -686,7 +690,7 @@ import_revoke_cert( const char *fname, KBNODE node )
* loop over the keyblock and check all self signatures.
* Mark all user-ids with a self-signature by setting flag bit 0.
* Mark all user-ids with an invalid self-signature by setting bit 1.
* This works allso for subkeys, here the subkey is marked.
* This works also for subkeys, here the subkey is marked.
*/
static int
chk_self_sigs( const char *fname, KBNODE keyblock,
@ -726,7 +730,7 @@ chk_self_sigs( const char *fname, KBNODE keyblock,
knode = find_prev_kbnode( keyblock,
n, PKT_SECRET_SUBKEY );
if( !knode ) {
if( !knode ) {
log_error( _("key %08lX: no subkey for key binding\n"),
(ulong)keyid[1]);
n->flag |= 4; /* delete this */
@ -749,6 +753,29 @@ chk_self_sigs( const char *fname, KBNODE keyblock,
return 0;
}
/****************
* If a user ID has at least one signature, mark it as valid
*/
static void
mark_non_selfsigned_uids_valid( KBNODE keyblock, u32 *kid )
{
KBNODE node;
for(node=keyblock->next; node; node = node->next ) {
if( node->pkt->pkttype == PKT_USER_ID && !(node->flag & 1) ) {
if( node->next && node->next->pkt->pkttype == PKT_SIGNATURE ) {
node->flag |= 1;
log_info( _("key %08lX: accepted non self-signed userid '"),
(ulong)kid[1]);
print_string( log_stream(), node->pkt->pkt.user_id->name,
node->pkt->pkt.user_id->len, 0 );
fputs("'\n", log_stream() );
}
}
}
}
/****************
* delete all parts which are invalid and those signatures whose
* public key algorithm is not available in this implemenation;

13
g10/mainproc.c
View file

@ -287,8 +287,15 @@ print_failed_pkenc( struct kidlist_item *list )
}
free_public_key( pk );
if( list->reason == G10ERR_NO_SECKEY )
if( list->reason == G10ERR_NO_SECKEY ) {
log_info(_("no secret key for decryption available\n"));
if( is_status_enabled() ) {
char buf[20];
sprintf(buf,"%08lX%08lX", (ulong)list->kid[0],
(ulong)list->kid[1] );
write_status_text( STATUS_NO_SECKEY, buf );
}
}
else
log_error(_("public key decryption failed: %s\n"),
g10_errstr(list->reason));
@ -1101,6 +1108,10 @@ check_sig_and_print( CTX c, KBNODE node )
sig->pubkey_algo, sig->digest_algo,
sig->sig_class, (ulong)sig->timestamp, rc );
write_status_text( STATUS_ERRSIG, buf );
if( rc == G10ERR_NO_PUBKEY ) {
buf[16] = 0;
write_status_text( STATUS_NO_PUBKEY, buf );
}
log_error(_("Can't check signature: %s\n"), g10_errstr(rc) );
}
return rc;

1
g10/options.h
View file

@ -80,6 +80,7 @@ struct {
STRLIST notation_data;
const char *set_policy_url;
int use_embedded_filename;
int allow_non_selfsigned_uid;
} opt;

6
g10/options.skel
View file

@ -20,15 +20,15 @@ $Id$
# If you have more than 1 secret key in your keyring, you may want
# to uncomment the following option and set your preffered keyid
# default-key 621CC013
#default-key 621CC013
# If you do not pass a recipient to gpg, it will ask for one.
# Using this option you can encrypt to a default key. key validation
# will not be done in this case.
# The second form uses the default key as default recipient.
# default-recipient some-user-id
# default-recipient-self
#default-recipient some-user-id
#default-recipient-self
# The next option is enabled because this one is needed for interoperation

8
g10/ringedit.c
View file

@ -816,10 +816,12 @@ enum_keyblocks( int mode, KBPOS *kbpos, KBNODE *ret_root )
break;
case rt_GDBM:
break;
default:
log_error("OOPS in close enum_keyblocks - ignored\n");
case rt_UNKNOWN:
/* this happens when we have no keyring at all */
return rc;
break;
default:
BUG();
}
/* release pending packet */
free_packet( kbpos->pkt );