From 58972f24c406ab1619efac2b3ff91e13923efe5f Mon Sep 17 00:00:00 2001 From: David Shaw Date: Wed, 2 Oct 2002 22:01:29 +0000 Subject: [PATCH] * import.c (import_secret_one): Check for an illegal (>110) protection cipher when importing a secret key. * keylist.c (list_keyblock_print): Show a '#' for a secret-parts-missing key. * parse_packet.c (parse_key): Some comments. * revoke.c (gen_revoke): Remove some debugging code. * trustdb.c (verify_own_keys): Make trusted-key a non-deprecated option again. * seckey-cert.c (do_check): Don't give the IDEA warning unless the cipher in question is in fact IDEA. --- g10/ChangeLog | 18 ++++++++++++++++++ g10/import.c | 7 +++++++ g10/keylist.c | 9 +++++---- g10/parse-packet.c | 6 ++++++ g10/revoke.c | 4 +++- g10/seckey-cert.c | 3 ++- g10/trustdb.c | 10 +--------- 7 files changed, 42 insertions(+), 15 deletions(-) diff --git a/g10/ChangeLog b/g10/ChangeLog index 53e4c8130..40049fe1c 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,21 @@ +2002-10-02 David Shaw + + * import.c (import_secret_one): Check for an illegal (>110) + protection cipher when importing a secret key. + + * keylist.c (list_keyblock_print): Show a '#' for a + secret-parts-missing key. + + * parse_packet.c (parse_key): Some comments. + + * revoke.c (gen_revoke): Remove some debugging code. + + * trustdb.c (verify_own_keys): Make trusted-key a non-deprecated + option again. + + * seckey-cert.c (do_check): Don't give the IDEA warning unless the + cipher in question is in fact IDEA. + 2002-10-01 David Shaw * import.c (import_one): Make sure that a newly imported key diff --git a/g10/import.c b/g10/import.c index f54f8d850..9f6b8936e 100644 --- a/g10/import.c +++ b/g10/import.c @@ -850,6 +850,13 @@ import_secret_one( const char *fname, KBNODE keyblock, return 0; } + if(sk->protect.algo>110) + { + log_error(_("key %08lX: secret key with invalid cipher %d " + "- skipped\n"),(ulong)keyid[1],sk->protect.algo); + return 0; + } + clear_kbnode_flags( keyblock ); /* do we have this key already in one of our secrings ? */ diff --git a/g10/keylist.c b/g10/keylist.c index 829b81249..1cea96a7a 100644 --- a/g10/keylist.c +++ b/g10/keylist.c @@ -409,10 +409,11 @@ list_keyblock_print ( KBNODE keyblock, int secret, int fpr, void *opaque ) pk = NULL; sk = node->pkt->pkt.secret_key; keyid_from_sk( sk, keyid ); - printf("sec %4u%c/%08lX %s ", nbits_from_sk( sk ), - pubkey_letter( sk->pubkey_algo ), - (ulong)keyid[1], - datestr_from_sk( sk ) ); + printf("sec%c %4u%c/%08lX %s ", (sk->protect.s2k.mode==1001)?'#':' ', + nbits_from_sk( sk ), + pubkey_letter( sk->pubkey_algo ), + (ulong)keyid[1], + datestr_from_sk( sk ) ); } else { pk = node->pkt->pkt.public_key; diff --git a/g10/parse-packet.c b/g10/parse-packet.c index a3b39505d..c50c8a2e8 100644 --- a/g10/parse-packet.c +++ b/g10/parse-packet.c @@ -1574,6 +1574,9 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen, } sk->protect.sha1chk = (sk->protect.algo == 254); sk->protect.algo = iobuf_get_noeof(inp); pktlen--; + /* Note that a sk->protect.algo > 110 is illegal, but + I'm not erroring on it here as otherwise there + would be no way to delete such a key. */ sk->protect.s2k.mode = iobuf_get_noeof(inp); pktlen--; sk->protect.s2k.hash_algo = iobuf_get_noeof(inp); pktlen--; /* check for the special GNU extension */ @@ -1647,6 +1650,9 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen, (ulong)sk->protect.s2k.count); } } + /* Note that a sk->protect.algo > 110 is illegal, but I'm + not erroring on it here as otherwise there would be no + way to delete such a key. */ else { /* old version; no S2K, so we set mode to 0, hash MD5 */ sk->protect.s2k.mode = 0; sk->protect.s2k.hash_algo = DIGEST_ALGO_MD5; diff --git a/g10/revoke.c b/g10/revoke.c index d90bcb581..b6e9e6398 100644 --- a/g10/revoke.c +++ b/g10/revoke.c @@ -551,7 +551,9 @@ gen_revoke( const char *uname ) if(opt.pgp2 || opt.pgp6 || opt.pgp7) { - rc=export_minimal_pk(out,NULL /*pub_keyblock*/,sig,NULL); + /* Use a minimal pk for PGPx mode, since PGP can't import bare + revocation certificates. */ + rc=export_minimal_pk(out,pub_keyblock,sig,NULL); if(rc) goto leave; } diff --git a/g10/seckey-cert.c b/g10/seckey-cert.c index d2d39dacf..d19ac683a 100644 --- a/g10/seckey-cert.c +++ b/g10/seckey-cert.c @@ -58,7 +58,8 @@ do_check( PKT_secret_key *sk, const char *tryagain_text ) if( check_cipher_algo( sk->protect.algo ) ) { log_info(_("protection algorithm %d%s is not supported\n"), sk->protect.algo,sk->protect.algo==1?" (IDEA)":"" ); - idea_cipher_warn(0); + if(sk->protect.algo==CIPHER_ALGO_IDEA) + idea_cipher_warn(0); return G10ERR_CIPHER_ALGO; } keyid_from_sk( sk, keyid ); diff --git a/g10/trustdb.c b/g10/trustdb.c index 85b7dbcb9..fe2ad34e3 100644 --- a/g10/trustdb.c +++ b/g10/trustdb.c @@ -247,7 +247,6 @@ verify_own_keys(void) ulong recnum; int rc; struct key_item *k; - int hint_shown = 0; if (utk_list) return; @@ -296,14 +295,7 @@ verify_own_keys(void) | TRUST_ULTIMATE )); release_public_key_parts (&pk); } - if (!hint_shown) - { - log_info ("the --trusted-key option is now obsolete; " - "use the --edit command instead.\n"); - log_info ("given keys will be marked as trusted\n"); - hint_shown = 1; - } - log_info ("key %08lX marked as ultimately trusted\n", + log_info (_("key %08lX marked as ultimately trusted\n"), (ulong)k->kid[1]); } }