security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-06-14 18:31:03 +02:00
Code Activity

* sign.c (write_signature_packets, sign_file, clearsign_file,

Browse Source 
sign_symencrypt_file): Make a v4 signature if a policy URL or notation is
set, unless v3 sigs are forced via rfc1991 or force-v3-sigs.  Also remove
some doubled code and clarify an error message (we don't sign in PGP2
mode - just detach-sign).

* parse-packet.c (parse_one_sig_subpkt): Add KS_FLAGS to the "any size"
section.
This commit is contained in:
David Shaw 2002-05-30 22:58:19 +00:00
parent da3f17990c
commit 5f5c43ab26
3 changed files with 36 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
g10/ChangeLog
View File

@ -1,3 +1,14 @@
2002-05-30 David Shaw <dshaw@jabberwocky.com>
* sign.c (write_signature_packets, sign_file, clearsign_file,
sign_symencrypt_file): Make a v4 signature if a policy URL or
notation is set, unless v3 sigs are forced via rfc1991 or
force-v3-sigs. Also remove some doubled code and clarify an error
message (we don't sign in PGP2 mode - just detach-sign).
* parse-packet.c (parse_one_sig_subpkt): Add KS_FLAGS to the "any
size" section.
2002-05-29 David Shaw <dshaw@jabberwocky.com> 2002-05-29 David Shaw <dshaw@jabberwocky.com>
* keygen.c (keygen_set_std_prefs, add_feature_mdc): Use "mdc" and * keygen.c (keygen_set_std_prefs, add_feature_mdc): Use "mdc" and

24
g10/parse-packet.c
View File

@ -908,6 +908,10 @@ int
parse_one_sig_subpkt( const byte *buffer, size_t n, int type ) parse_one_sig_subpkt( const byte *buffer, size_t n, int type )
{ {
switch( type ) { switch( type ) {
case SIGSUBPKT_REV_KEY:
if(n < 22)
break;
return 0;
case SIGSUBPKT_SIG_CREATED: case SIGSUBPKT_SIG_CREATED:
case SIGSUBPKT_SIG_EXPIRE: case SIGSUBPKT_SIG_EXPIRE:
case SIGSUBPKT_KEY_EXPIRE: case SIGSUBPKT_KEY_EXPIRE:
@ -915,13 +919,19 @@ parse_one_sig_subpkt( const byte *buffer, size_t n, int type )
break; break;
return 0; return 0;
case SIGSUBPKT_KEY_FLAGS: case SIGSUBPKT_KEY_FLAGS:
return 0; case SIGSUBPKT_KS_FLAGS:
case SIGSUBPKT_PREF_SYM:
case SIGSUBPKT_PREF_HASH:
case SIGSUBPKT_PREF_COMPR:
case SIGSUBPKT_POLICY:
case SIGSUBPKT_FEATURES:
return 0;
case SIGSUBPKT_EXPORTABLE: case SIGSUBPKT_EXPORTABLE:
case SIGSUBPKT_REVOCABLE: case SIGSUBPKT_REVOCABLE:
if( !n ) if( !n )
break; break;
return 0; return 0;
case SIGSUBPKT_ISSUER:/* issuer key ID */ case SIGSUBPKT_ISSUER: /* issuer key ID */
if( n < 8 ) if( n < 8 )
break; break;
return 0; return 0;
@ -929,20 +939,10 @@ parse_one_sig_subpkt( const byte *buffer, size_t n, int type )
if( n < 8 ) /* minimum length needed */ if( n < 8 ) /* minimum length needed */
break; break;
return 0; return 0;
case SIGSUBPKT_REV_KEY:
if(n < 22)
break;
return 0;
case SIGSUBPKT_REVOC_REASON: case SIGSUBPKT_REVOC_REASON:
if( !n ) if( !n )
break; break;
return 0; return 0;
case SIGSUBPKT_PREF_SYM:
case SIGSUBPKT_PREF_HASH:
case SIGSUBPKT_PREF_COMPR:
case SIGSUBPKT_POLICY:
case SIGSUBPKT_FEATURES:
return 0;
case SIGSUBPKT_PRIMARY_UID: case SIGSUBPKT_PRIMARY_UID:
if ( n != 1 ) if ( n != 1 )
break; break;

35
g10/sign.c
View File

@ -514,7 +514,7 @@ write_plaintext_packet (IOBUF out, IOBUF inp, const char *fname, int ptmode)
static int static int
write_signature_packets (SK_LIST sk_list, IOBUF out, MD_HANDLE hash, write_signature_packets (SK_LIST sk_list, IOBUF out, MD_HANDLE hash,
int sigclass, u32 timestamp, u32 duration, int sigclass, u32 timestamp, u32 duration,
int old_style, int status_letter) int status_letter)
{ {
SK_LIST sk_rover; SK_LIST sk_rover;
@ -529,9 +529,9 @@ write_signature_packets (SK_LIST sk_list, IOBUF out, MD_HANDLE hash,
/* build the signature packet */ /* build the signature packet */
sig = m_alloc_clear (sizeof *sig); sig = m_alloc_clear (sizeof *sig);
if(old_style || opt.force_v3_sigs) if(opt.force_v3_sigs || opt.rfc1991)
sig->version=3; sig->version=3;
else if(duration) else if(duration || opt.sig_policy_url || opt.sig_notation_data)
sig->version=4; sig->version=4;
else else
sig->version=sk->version; sig->version=sk->version;
@ -609,7 +609,6 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
SK_LIST sk_list = NULL; SK_LIST sk_list = NULL;
SK_LIST sk_rover = NULL; SK_LIST sk_rover = NULL;
int multifile = 0; int multifile = 0;
int old_style = opt.rfc1991;
u32 timestamp=0,duration=0; u32 timestamp=0,duration=0;
memset( &afx, 0, sizeof afx); memset( &afx, 0, sizeof afx);
@ -629,18 +628,15 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
if( fname && filenames->next && (!detached || encryptflag) ) if( fname && filenames->next && (!detached || encryptflag) )
log_bug("multiple files can only be detached signed"); log_bug("multiple files can only be detached signed");
if(opt.ask_sig_expire && !opt.pgp2 && !opt.batch && if(opt.ask_sig_expire && !opt.force_v3_sigs && !opt.batch && !opt.rfc1991)
!opt.force_v3_sigs && !old_style)
duration=ask_expire_interval(1); duration=ask_expire_interval(1);
if( (rc=build_sk_list( locusr, &sk_list, 1, PUBKEY_USAGE_SIG )) ) if( (rc=build_sk_list( locusr, &sk_list, 1, PUBKEY_USAGE_SIG )) )
goto leave; goto leave;
if( (!old_style && !duration) || opt.pgp2 )
old_style = only_old_style( sk_list );
if(!old_style && opt.pgp2) if(opt.pgp2 && !only_old_style(sk_list))
{ {
log_info(_("you can only sign with PGP 2.x style keys " log_info(_("you can only detach-sign with PGP 2.x style keys "
"while in --pgp2 mode\n")); "while in --pgp2 mode\n"));
log_info(_("this message may not be usable by PGP 2.x\n")); log_info(_("this message may not be usable by PGP 2.x\n"));
opt.pgp2=0; opt.pgp2=0;
@ -774,8 +770,7 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
/* write the signatures */ /* write the signatures */
rc = write_signature_packets (sk_list, out, mfx.md, rc = write_signature_packets (sk_list, out, mfx.md,
opt.textmode && !outfile? 0x01 : 0x00, opt.textmode && !outfile? 0x01 : 0x00,
timestamp, duration, timestamp, duration, detached ? 'D':'S');
old_style, detached ? 'D':'S');
if( rc ) if( rc )
goto leave; goto leave;
@ -817,13 +812,13 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
memset( &afx, 0, sizeof afx); memset( &afx, 0, sizeof afx);
init_packet( &pkt ); init_packet( &pkt );
if(opt.ask_sig_expire && !opt.pgp2 && !opt.batch && if(opt.ask_sig_expire && !opt.force_v3_sigs && !opt.batch && !opt.rfc1991)
!opt.force_v3_sigs && !old_style)
duration=ask_expire_interval(1); duration=ask_expire_interval(1);
if( (rc=build_sk_list( locusr, &sk_list, 1, PUBKEY_USAGE_SIG )) ) if( (rc=build_sk_list( locusr, &sk_list, 1, PUBKEY_USAGE_SIG )) )
goto leave; goto leave;
if( (!old_style && !duration) || opt.pgp2 )
if( !old_style && !duration )
old_style = only_old_style( sk_list ); old_style = only_old_style( sk_list );
if(!old_style && opt.pgp2) if(!old_style && opt.pgp2)
@ -914,7 +909,7 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
/* write the signatures */ /* write the signatures */
rc = write_signature_packets (sk_list, out, textmd, 0x01, rc = write_signature_packets (sk_list, out, textmd, 0x01,
timestamp, duration, old_style, 'C'); timestamp, duration, 'C');
if( rc ) if( rc )
goto leave; goto leave;
@ -947,7 +942,6 @@ sign_symencrypt_file (const char *fname, STRLIST locusr)
int rc = 0; int rc = 0;
SK_LIST sk_list = NULL; SK_LIST sk_list = NULL;
SK_LIST sk_rover = NULL; SK_LIST sk_rover = NULL;
int old_style = opt.rfc1991;
int algo; int algo;
u32 timestamp=0,duration=0; u32 timestamp=0,duration=0;
@ -958,14 +952,12 @@ sign_symencrypt_file (const char *fname, STRLIST locusr)
memset( &cfx, 0, sizeof cfx); memset( &cfx, 0, sizeof cfx);
init_packet( &pkt ); init_packet( &pkt );
if(opt.ask_sig_expire && !opt.batch && !opt.force_v3_sigs && !old_style) if(opt.ask_sig_expire && !opt.force_v3_sigs && !opt.batch && !opt.rfc1991)
duration=ask_expire_interval(1); duration=ask_expire_interval(1);
rc = build_sk_list (locusr, &sk_list, 1, PUBKEY_USAGE_SIG); rc = build_sk_list (locusr, &sk_list, 1, PUBKEY_USAGE_SIG);
if (rc) if (rc)
goto leave; goto leave;
if( !old_style && !duration )
old_style = only_old_style( sk_list );
/* prepare iobufs */ /* prepare iobufs */
inp = iobuf_open(fname); inp = iobuf_open(fname);
@ -1067,8 +1059,7 @@ sign_symencrypt_file (const char *fname, STRLIST locusr)
/*(current filters: zip - encrypt - armor)*/ /*(current filters: zip - encrypt - armor)*/
rc = write_signature_packets (sk_list, out, mfx.md, rc = write_signature_packets (sk_list, out, mfx.md,
opt.textmode? 0x01 : 0x00, opt.textmode? 0x01 : 0x00,
timestamp, duration, timestamp, duration, 'S');
old_style, 'S');
if( rc ) if( rc )
goto leave; goto leave;