1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-10 13:04:23 +01:00

* getkey.c (parse_key_usage): New function to parse out key usage flags.

Set PUBKEY_USAGE_UNKNOWN to handle flags that we don't understand.
(fixup_uidnode, merge_selfsigs_main, merge_selfsigs_subkey): Call it from
here to remove duplicate code.
This commit is contained in:
David Shaw 2004-11-29 21:21:52 +00:00
parent 0f8db18dc1
commit 5dcc3dc353
2 changed files with 80 additions and 51 deletions

View File

@ -1,3 +1,11 @@
2004-11-29 David Shaw <dshaw@jabberwocky.com>
* getkey.c (parse_key_usage): New function to parse out key usage
flags. Set PUBKEY_USAGE_UNKNOWN to handle flags that we don't
understand.
(fixup_uidnode, merge_selfsigs_main, merge_selfsigs_subkey): Call
it from here to remove duplicate code.
2004-11-26 David Shaw <dshaw@jabberwocky.com> 2004-11-26 David Shaw <dshaw@jabberwocky.com>
* export.c (do_export_stream): Allow export-minimal to work with * export.c (do_export_stream): Allow export-minimal to work with
@ -782,9 +790,10 @@
(keystr_from_desc): Handle short keyids and warn on v3 (keystr_from_desc): Handle short keyids and warn on v3
fingerprints. fingerprints.
* keydb.h, getkey.c (get_user_id_printable): Rename to * keydb.h, getkey.c (get_user_id_printable,
get_user_id_native and remove the printable stuff since we're get_user_id_string_printable): Rename to get_user_id_native and
print-ifying valid utf8 characters. Change all callers in get_user_id_string_native and remove the printable stuff since
we're print-ifying valid utf8 characters. Change all callers in
import.c, sign.c, keylist.c, and encode.c. import.c, sign.c, keylist.c, and encode.c.
* keyserver.c (keyserver_search_prompt): Make sure the search * keyserver.c (keyserver_search_prompt): Make sure the search

View File

@ -1242,6 +1242,51 @@ merge_keys_and_selfsig( KBNODE keyblock )
} }
} }
static int
parse_key_usage(PKT_signature *sig)
{
int key_usage=0;
const byte *p;
size_t n;
byte flags;
p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_KEY_FLAGS,&n);
if(p && n)
{
/* first octet of the keyflags */
flags=*p;
if(flags & 3)
{
key_usage |= PUBKEY_USAGE_SIG;
flags&=~3;
}
if(flags & 12)
{
key_usage |= PUBKEY_USAGE_ENC;
flags&=~12;
}
if(flags & 0x20)
{
key_usage |= PUBKEY_USAGE_AUTH;
flags&=~0x20;
}
if(flags)
key_usage |= PUBKEY_USAGE_UNKNOWN;
}
/* We set PUBKEY_USAGE_UNKNOWN to indicate that this key has a
capability that we do not handle. This serves to distinguish
between a zero key usage which we handle as the default
capabilities for that algorithm, and a usage that we do not
handle. */
return key_usage;
}
/* /*
* Apply information from SIGNODE (which is the valid self-signature * Apply information from SIGNODE (which is the valid self-signature
* associated with that UID) to the UIDNODE: * associated with that UID) to the UIDNODE:
@ -1274,19 +1319,7 @@ fixup_uidnode ( KBNODE uidnode, KBNODE signode, u32 keycreated )
uid->expiredate = sig->expiredate; uid->expiredate = sig->expiredate;
/* store the key flags in the helper variable for later processing */ /* store the key flags in the helper variable for later processing */
uid->help_key_usage = 0; uid->help_key_usage=parse_key_usage(sig);
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_FLAGS, &n );
if ( p && n ) {
/* first octet of the keyflags */
if ( (*p & 3) )
uid->help_key_usage |= PUBKEY_USAGE_SIG;
if ( (*p & 12) )
uid->help_key_usage |= PUBKEY_USAGE_ENC;
/* Note: we do not set the CERT flag here because it can be assumed
* that thre is no real policy to set it. */
if ( (*p & 0x20) )
uid->help_key_usage |= PUBKEY_USAGE_AUTH;
}
/* ditto or the key expiration */ /* ditto or the key expiration */
uid->help_key_expire = 0; uid->help_key_expire = 0;
@ -1484,27 +1517,19 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked, u32 *r_revokedate )
pk->numrevkeys*sizeof(struct revocation_key)); pk->numrevkeys*sizeof(struct revocation_key));
} }
if ( signode ) { if ( signode )
{
/* some information from a direct key signature take precedence /* some information from a direct key signature take precedence
* over the same information given in UID sigs. * over the same information given in UID sigs.
*/ */
PKT_signature *sig = signode->pkt->pkt.signature; PKT_signature *sig = signode->pkt->pkt.signature;
const byte *p; const byte *p;
size_t n;
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_FLAGS, &n ); key_usage=parse_key_usage(sig);
if ( p && n ) {
/* first octet of the keyflags */
if ( (*p & 3) )
key_usage |= PUBKEY_USAGE_SIG;
if ( (*p & 12) )
key_usage |= PUBKEY_USAGE_ENC;
if ( (*p & 0x20) )
key_usage |= PUBKEY_USAGE_AUTH;
}
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL); p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);
if ( p ) { if ( p )
{
key_expire = keytimestamp + buffer_to_u32(p); key_expire = keytimestamp + buffer_to_u32(p);
key_expire_seen = 1; key_expire_seen = 1;
} }
@ -1835,7 +1860,6 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
u32 keytimestamp = 0; u32 keytimestamp = 0;
u32 key_expire = 0; u32 key_expire = 0;
const byte *p; const byte *p;
size_t n;
if ( subnode->pkt->pkttype != PKT_PUBLIC_SUBKEY ) if ( subnode->pkt->pkttype != PKT_PUBLIC_SUBKEY )
BUG (); BUG ();
@ -1894,24 +1918,20 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
sig = signode->pkt->pkt.signature; sig = signode->pkt->pkt.signature;
sig->flags.chosen_selfsig=1; /* so we know which selfsig we chose later */ sig->flags.chosen_selfsig=1; /* so we know which selfsig we chose later */
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_FLAGS, &n ); key_usage=parse_key_usage(sig);
if ( p && n ) { if ( !key_usage )
/* first octet of the keyflags */ {
if ( (*p & 3) ) /* no key flags at all: get it from the algo */
key_usage |= PUBKEY_USAGE_SIG;
if ( (*p & 12) )
key_usage |= PUBKEY_USAGE_ENC;
if ( (*p & 0x20) )
key_usage |= PUBKEY_USAGE_AUTH;
}
if ( !key_usage ) { /* no key flags at all: get it from the algo */
key_usage = openpgp_pk_algo_usage ( subpk->pubkey_algo ); key_usage = openpgp_pk_algo_usage ( subpk->pubkey_algo );
} }
else { /* check that the usage matches the usage as given by the algo */ else
{
/* check that the usage matches the usage as given by the algo */
int x = openpgp_pk_algo_usage ( subpk->pubkey_algo ); int x = openpgp_pk_algo_usage ( subpk->pubkey_algo );
if ( x ) /* mask it down to the actual allowed usage */ if ( x ) /* mask it down to the actual allowed usage */
key_usage &= x; key_usage &= x;
} }
subpk->pubkey_usage = key_usage; subpk->pubkey_usage = key_usage;
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL); p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);