* keyedit.c (sign_uids): Properly handle remaking a self-sig on revoked or

expired user IDs. Also, once we've established that a given uid cannot or will not be signed, don't continue to ask about each sig. * mainproc.c (proc_symkey_enc), seckey-cert.c (do_check): Check the S2K hash algorithm before we try to generate a passphrase using it. This prevents hitting BUG() when generating a passphrase using a hash that we don't have. * sign.c (sign_symencrypt_file): Allow using --force-mdc in --sign --symmetric messages.
2025-02-01 16:33:02 +01:00 · 2004-07-15 21:16:54 +00:00 · 2004-07-15 21:16:54 +00:00 · 673894ef48
commit 673894ef48
parent 2cba999f22
5 changed files with 54 additions and 5 deletions
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,5 +1,18 @@
 2004-07-15  David Shaw  <dshaw@jabberwocky.com>

+	* keyedit.c (sign_uids): Properly handle remaking a self-sig on
+	revoked or expired user IDs.  Also, once we've established that a
+	given uid cannot or will not be signed, don't continue to ask
+	about each sig.
+
+	* mainproc.c (proc_symkey_enc), seckey-cert.c (do_check): Check
+	the S2K hash algorithm before we try to generate a passphrase
+	using it.  This prevents hitting BUG() when generating a
+	passphrase using a hash that we don't have.
+
+	* sign.c (sign_symencrypt_file): Allow using --force-mdc in --sign
+	--symmetric messages.
+
 	* g10.c (main): Alias --charset as --display-charset to help avoid
 	the continuing confusion and make room for possible changes in
 	devel.
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@ -492,7 +492,9 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
 		      {
 			tty_printf(_("User ID \"%s\" is revoked."),user);

-			if(opt.expert)
+			if(selfsig)
+			  tty_printf("\n");
+			else if(opt.expert)
 			  {
 			    tty_printf("\n");
 			    /* No, so remove the mark and continue */
@ -500,11 +502,15 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
 						      _("Are you sure you "
 							"still want to sign "
 							"it? (y/N) ")))
-			      uidnode->flag &= ~NODFLG_MARK_A;
+			      {
+				uidnode->flag &= ~NODFLG_MARK_A;
+				uidnode=NULL;
+			      }
 			  }
 			else
 			  {
 			    uidnode->flag &= ~NODFLG_MARK_A;
+			    uidnode=NULL;
 			    tty_printf(_("  Unable to sign.\n"));
 			  }
 		      }
@ -512,7 +518,9 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
 		      {
 			tty_printf(_("User ID \"%s\" is expired."),user);

-			if(opt.expert)
+			if(selfsig)
+			  tty_printf("\n");
+			else if(opt.expert)
 			  {
 			    tty_printf("\n");
 			    /* No, so remove the mark and continue */
@ -520,11 +528,15 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
 						      _("Are you sure you "
 							"still want to sign "
 							"it? (y/N) ")))
-			      uidnode->flag &= ~NODFLG_MARK_A;
+			      {
+				uidnode->flag &= ~NODFLG_MARK_A;
+				uidnode=NULL;
+			      }
 			  }
 			else
 			  {
 			    uidnode->flag &= ~NODFLG_MARK_A;
+			    uidnode=NULL;
 			    tty_printf(_("  Unable to sign.\n"));
 			  }
 		      }
@ -541,11 +553,15 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
 						      _("Are you sure you "
 							"still want to sign "
 							"it? (y/N) ")))
-			      uidnode->flag &= ~NODFLG_MARK_A;
+			      {
+				uidnode->flag &= ~NODFLG_MARK_A;
+				uidnode=NULL;
+			      }
 			  }
 			else
 			  {
 			    uidnode->flag &= ~NODFLG_MARK_A;
+			    uidnode=NULL;
 			    tty_printf(_("  Unable to sign.\n"));
 			  }
 		      }
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@ -304,6 +304,13 @@ proc_symkey_enc( CTX c, PACKET *pkt )
 	else
 	  log_error(_("encrypted with unknown algorithm %d\n"), algo );

+	if(check_digest_algo(enc->s2k.hash_algo))
+	  {
+	    log_error(_("passphrase generated with unknown digest"
+			" algorithm %d\n"),enc->s2k.hash_algo);
+	    s=NULL;
+	  }
+
 	c->last_was_session_key = 2;
 	if(!s || opt.list_only)
 	  goto leave;
--- a/g10/seckey-cert.c
+++ b/g10/seckey-cert.c
@ -66,6 +66,12 @@ do_check( PKT_secret_key *sk, const char *tryagain_text, int mode,
              }
 	    return G10ERR_CIPHER_ALGO;
 	}
+	if(check_digest_algo(sk->protect.s2k.hash_algo))
+	  {
+	    log_info(_("protection digest %d is not supported\n"),
+		     sk->protect.s2k.hash_algo);
+	    return G10ERR_DIGEST_ALGO;
+	  }
 	keyid_from_sk( sk, keyid );
 	keyid[2] = keyid[3] = 0;
 	if( !sk->is_primary ) {
--- a/g10/sign.c
+++ b/g10/sign.c
@ -1145,6 +1145,13 @@ sign_symencrypt_file (const char *fname, STRLIST locusr)
        goto leave;
    }

+    /* We have no way to tell if the recipient can handle messages
+       with an MDC, so this defaults to no.  Perhaps in a few years,
+       this can be defaulted to yes.  Note that like regular
+       encrypting, --force-mdc overrides --disable-mdc. */
+    if(opt.force_mdc)
+      cfx.dek->use_mdc=1;
+
    /* now create the outfile */
    rc = open_outfile (fname, opt.armor? 1:0, &out);
    if (rc)