1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-23 15:07:03 +01:00

* main.h, import.c (sec_to_pub_keyblock, import_secret_one,

parse_import_options), g10.c (main): New import-option "convert-sk-to-pk"
to convert a secret key into a public key during import.  It is on by
default.
This commit is contained in:
David Shaw 2002-10-23 15:59:45 +00:00
parent fc9aa1ecae
commit 64291d81be
4 changed files with 85 additions and 5 deletions

View File

@ -1,3 +1,10 @@
2002-10-23 David Shaw <dshaw@jabberwocky.com>
* main.h, import.c (sec_to_pub_keyblock, import_secret_one,
parse_import_options), g10.c (main): New import-option
"convert-sk-to-pk" to convert a secret key into a public key
during import. It is on by default.
2002-10-23 Werner Koch <wk@gnupg.org> 2002-10-23 Werner Koch <wk@gnupg.org>
* pubkey-enc.c (get_it): Fix segv, test for revoked only when PK * pubkey-enc.c (get_it): Fix segv, test for revoked only when PK

View File

@ -1128,7 +1128,7 @@ main( int argc, char **argv )
opt.pgp2_workarounds = 1; opt.pgp2_workarounds = 1;
opt.force_v3_sigs = 1; opt.force_v3_sigs = 1;
opt.escape_from = 1; opt.escape_from = 1;
opt.import_options=0; opt.import_options=IMPORT_SK2PK;
opt.export_options= opt.export_options=
EXPORT_INCLUDE_NON_RFC|EXPORT_INCLUDE_ATTRIBUTES; EXPORT_INCLUDE_NON_RFC|EXPORT_INCLUDE_ATTRIBUTES;
opt.keyserver_options.import_options=IMPORT_REPAIR_HKP_SUBKEY_BUG; opt.keyserver_options.import_options=IMPORT_REPAIR_HKP_SUBKEY_BUG;

View File

@ -64,7 +64,7 @@ static void remove_bad_stuff (KBNODE keyblock);
static int import_one( const char *fname, KBNODE keyblock, static int import_one( const char *fname, KBNODE keyblock,
struct stats_s *stats, unsigned int options); struct stats_s *stats, unsigned int options);
static int import_secret_one( const char *fname, KBNODE keyblock, static int import_secret_one( const char *fname, KBNODE keyblock,
struct stats_s *stats ); struct stats_s *stats, unsigned int options);
static int import_revoke_cert( const char *fname, KBNODE node, static int import_revoke_cert( const char *fname, KBNODE node,
struct stats_s *stats); struct stats_s *stats);
static int chk_self_sigs( const char *fname, KBNODE keyblock, static int chk_self_sigs( const char *fname, KBNODE keyblock,
@ -83,7 +83,6 @@ static int merge_sigs( KBNODE dst, KBNODE src, int *n_sigs,
static int merge_keysigs( KBNODE dst, KBNODE src, int *n_sigs, static int merge_keysigs( KBNODE dst, KBNODE src, int *n_sigs,
const char *fname, u32 *keyid ); const char *fname, u32 *keyid );
int int
parse_import_options(char *str,unsigned int *options) parse_import_options(char *str,unsigned int *options)
{ {
@ -98,6 +97,7 @@ parse_import_options(char *str,unsigned int *options)
{"allow-local-sigs",IMPORT_ALLOW_LOCAL_SIGS}, {"allow-local-sigs",IMPORT_ALLOW_LOCAL_SIGS},
{"repair-hkp-subkey-bug",IMPORT_REPAIR_HKP_SUBKEY_BUG}, {"repair-hkp-subkey-bug",IMPORT_REPAIR_HKP_SUBKEY_BUG},
{"fast-import",IMPORT_FAST_IMPORT}, {"fast-import",IMPORT_FAST_IMPORT},
{"convert-sk-to-pk",IMPORT_SK2PK},
{NULL,0} {NULL,0}
}; };
@ -262,7 +262,7 @@ import( IOBUF inp, const char* fname,
if( keyblock->pkt->pkttype == PKT_PUBLIC_KEY ) if( keyblock->pkt->pkttype == PKT_PUBLIC_KEY )
rc = import_one( fname, keyblock, stats, options ); rc = import_one( fname, keyblock, stats, options );
else if( keyblock->pkt->pkttype == PKT_SECRET_KEY ) else if( keyblock->pkt->pkttype == PKT_SECRET_KEY )
rc = import_secret_one( fname, keyblock, stats ); rc = import_secret_one( fname, keyblock, stats, options );
else if( keyblock->pkt->pkttype == PKT_SIGNATURE else if( keyblock->pkt->pkttype == PKT_SIGNATURE
&& keyblock->pkt->pkt.signature->sig_class == 0x20 ) && keyblock->pkt->pkt.signature->sig_class == 0x20 )
rc = import_revoke_cert( fname, keyblock, stats ); rc = import_revoke_cert( fname, keyblock, stats );
@ -808,6 +808,65 @@ import_one( const char *fname, KBNODE keyblock,
return rc; return rc;
} }
/* Walk a secret keyblock and produce a public keyblock out of it. */
static KBNODE
sec_to_pub_keyblock(KBNODE sec_keyblock)
{
KBNODE secnode,pub_keyblock=NULL,ctx=NULL;
while((secnode=walk_kbnode(sec_keyblock,&ctx,0)))
{
KBNODE pubnode;
if(secnode->pkt->pkttype==PKT_SECRET_KEY ||
secnode->pkt->pkttype==PKT_SECRET_SUBKEY)
{
/* Make a public key. We only need to convert enough to
write the keyblock out. */
PKT_secret_key *sk=secnode->pkt->pkt.secret_key;
PACKET *pkt=m_alloc_clear(sizeof(PACKET));
PKT_public_key *pk=m_alloc_clear(sizeof(PKT_public_key));
int n;
if(secnode->pkt->pkttype==PKT_SECRET_KEY)
pkt->pkttype=PKT_PUBLIC_KEY;
else
pkt->pkttype=PKT_PUBLIC_SUBKEY;
pkt->pkt.public_key=pk;
pk->version=sk->version;
pk->timestamp=sk->timestamp;
pk->expiredate=sk->expiredate;
pk->pubkey_algo=sk->pubkey_algo;
n=pubkey_get_npkey(pk->pubkey_algo);
if(n==0)
pk->pkey[0]=mpi_copy(sk->skey[0]);
else
{
int i;
for(i=0;i<n;i++)
pk->pkey[i]=mpi_copy(sk->skey[i]);
}
pubnode=new_kbnode(pkt);
}
else
{
pubnode=clone_kbnode(secnode);
}
if(pub_keyblock==NULL)
pub_keyblock=pubnode;
else
add_kbnode(pub_keyblock,pubnode);
}
return pub_keyblock;
}
/**************** /****************
* Ditto for secret keys. Handling is simpler than for public keys. * Ditto for secret keys. Handling is simpler than for public keys.
@ -817,7 +876,7 @@ import_one( const char *fname, KBNODE keyblock,
*/ */
static int static int
import_secret_one( const char *fname, KBNODE keyblock, import_secret_one( const char *fname, KBNODE keyblock,
struct stats_s *stats) struct stats_s *stats, unsigned int options)
{ {
PKT_secret_key *sk; PKT_secret_key *sk;
KBNODE node, uidnode; KBNODE node, uidnode;
@ -882,6 +941,16 @@ import_secret_one( const char *fname, KBNODE keyblock,
stats->secret_imported++; stats->secret_imported++;
if (is_status_enabled ()) if (is_status_enabled ())
print_import_ok (NULL, sk, 1|16); print_import_ok (NULL, sk, 1|16);
if(options&IMPORT_SK2PK)
{
/* Try and make a public key out of this. */
KBNODE pub_keyblock=sec_to_pub_keyblock(keyblock);
import_one(fname,pub_keyblock,stats,opt.import_options);
release_kbnode(pub_keyblock);
}
} }
else if( !rc ) { /* we can't merge secret keys */ else if( !rc ) { /* we can't merge secret keys */
log_error( _("key %08lX: already in secret keyring\n"), log_error( _("key %08lX: already in secret keyring\n"),
@ -889,6 +958,9 @@ import_secret_one( const char *fname, KBNODE keyblock,
stats->secret_dups++; stats->secret_dups++;
if (is_status_enabled ()) if (is_status_enabled ())
print_import_ok (NULL, sk, 16); print_import_ok (NULL, sk, 16);
/* TODO: if we ever do merge secret keys, make sure to handle
the sec_to_pub_keyblock feature as well. */
} }
else else
log_error( _("key %08lX: secret key not found: %s\n"), log_error( _("key %08lX: secret key not found: %s\n"),

View File

@ -153,6 +153,7 @@ KBNODE make_mpi_comment_node( const char *s, MPI a );
#define IMPORT_ALLOW_LOCAL_SIGS 1 #define IMPORT_ALLOW_LOCAL_SIGS 1
#define IMPORT_REPAIR_HKP_SUBKEY_BUG 2 #define IMPORT_REPAIR_HKP_SUBKEY_BUG 2
#define IMPORT_FAST_IMPORT 4 #define IMPORT_FAST_IMPORT 4
#define IMPORT_SK2PK 8
int parse_import_options(char *str,unsigned int *options); int parse_import_options(char *str,unsigned int *options);
void import_keys( char **fnames, int nnames, void import_keys( char **fnames, int nnames,