security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-03 22:56:33 +02:00
Code Activity

Snapshot release 0.4.2

Browse source
This commit is contained in:
Werner Koch 1998-10-18 15:21:22 +00:00
parent 1f460046d5
commit 6e16296864
32 changed files with 2438 additions and 1521 deletions
Download patch file Download diff file Expand all files Collapse all files

12
g10/ChangeLog
View file

@ -1,3 +1,15 @@
Sun Oct 18 11:49:03 1998 Werner Koch (wk@isil.d.shuttle.de)
* sign.c (only_old_style): Add option force_v3_sigs
(sign_file): Fixed a bug in sig->version
(clearsign_file): Ditto.
* parse-packet.c (dump_sig_subpkt): New
* keyedit.c (menu_expire): New.
* free-packet.c (cmp_signatures): New
Sat Oct 17 10:22:39 1998 Werner Koch (wk@isil.d.shuttle.de)
* armor.c: changed output line length from 72 to 64.

6
g10/OPTIONS
View file

@ -51,10 +51,4 @@ run-as-shm-coprocess [request-locked-shm-size]
# You will have to use "--status-fd" too
# Note: This option dioes only work if given on the command line.
set-filename <name>
# Set <name> as the filename into the plaintext packet
comment <string>
# Add <string> as comment to the output

2
g10/build-packet.c
View file

@ -215,7 +215,7 @@ do_public_key( IOBUF out, int ctb, PKT_public_key *pk )
ndays = (u16)((pk->expiredate - pk->timestamp) / 86400L);
else
ndays = 0;
write_16(a, 0 );
write_16(a, ndays );
}
iobuf_put(a, pk->pubkey_algo );
n = pubkey_get_npkey( pk->pubkey_algo );

24
g10/free-packet.c
View file

@ -395,6 +395,30 @@ cmp_public_secret_key( PKT_public_key *pk, PKT_secret_key *sk )
return 0;
}
int
cmp_signatures( PKT_signature *a, PKT_signature *b )
{
int n, i;
if( a->keyid[0] != b->keyid[0] )
return -1;
if( a->keyid[1] != b->keyid[1] )
return -1;
if( a->pubkey_algo != b->pubkey_algo )
return -1;
n = pubkey_get_nsig( a->pubkey_algo );
if( !n )
return -1; /* can't compare due to unknown algorithm */
for(i=0; i < n; i++ ) {
if( mpi_cmp( a->data[i] , b->data[i] ) )
return -1;
}
return 0;
}
int
cmp_user_ids( PKT_user_id *a, PKT_user_id *b )
{

3
g10/g10.c
View file

@ -137,6 +137,7 @@ enum cmd_and_opt_values { aNull = 0,
oSetFilename,
oComment,
oThrowKeyid,
oForceV3Sigs,
oS2KMode,
oS2KDigest,
oS2KCipher,
@ -205,6 +206,7 @@ static ARGPARSE_OPTS opts[] = {
#endif
{ oOutput, "output", 2, N_("use as output file")},
{ oVerbose, "verbose", 0, N_("verbose") },
{ oForceV3Sigs, "force-v3-sigs", 0, N_("force v3 signatures") },
/* { oDryRun, "dry-run", 0, N_("do not make any changes") }, */
{ oBatch, "batch", 0, N_("batch mode: never ask")},
{ oAnswerYes, "yes", 0, N_("assume yes on most questions")},
@ -714,6 +716,7 @@ main( int argc, char **argv )
case oSetFilename: opt.set_filename = pargs.r.ret_str; break;
case oComment: opt.comment_string = pargs.r.ret_str; break;
case oThrowKeyid: opt.throw_keyid = 1; break;
case oForceV3Sigs: opt.force_v3_sigs = 1; break;
case oS2KMode: opt.s2k_mode = pargs.r.ret_int; break;
case oS2KDigest: s2k_digest_string = m_strdup(pargs.r.ret_str); break;
case oS2KCipher: s2k_cipher_string = m_strdup(pargs.r.ret_str); break;

4
g10/getkey.c
View file

@ -610,7 +610,7 @@ merge_one_pk_and_selfsig( KBNODE keyblock, KBNODE knode )
for(k=keyblock; k; k = k->next ) {
if( k->pkt->pkttype == PKT_SIGNATURE
&& (sig=k->pkt->pkt.signature)->sig_class >= 0x10
&& sig->sig_class <= 0x13
&& sig->sig_class <= 0x30
&& sig->keyid[0] == kid[0]
&& sig->keyid[1] == kid[1]
&& sig->version > 3 ) {
@ -660,7 +660,7 @@ merge_keys_and_selfsig( KBNODE keyblock )
}
else if( (pk || sk ) && k->pkt->pkttype == PKT_SIGNATURE
&& (sig=k->pkt->pkt.signature)->sig_class >= 0x10
&& sig->sig_class <= 0x13 && sig->version > 3
&& sig->sig_class <= 0x30 && sig->version > 3
&& sig->keyid[0] == kid[0] && sig->keyid[1] == kid[1] ) {
/* okay this is (the first) self-signature which can be used
* FIXME: We should only use this if the signature is valid

125
g10/keyedit.c
View file

@ -48,6 +48,7 @@ static void show_fingerprint( PKT_public_key *pk );
static int menu_adduid( KBNODE keyblock, KBNODE sec_keyblock );
static void menu_deluid( KBNODE pub_keyblock, KBNODE sec_keyblock );
static void menu_delkey( KBNODE pub_keyblock, KBNODE sec_keyblock );
static int menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock );
static int menu_select_uid( KBNODE keyblock, int index );
static int menu_select_key( KBNODE keyblock, int index );
static int count_uids( KBNODE keyblock );
@ -478,7 +479,7 @@ keyedit_menu( const char *username, STRLIST locusr )
enum cmdids { cmdNONE = 0,
cmdQUIT, cmdHELP, cmdFPR, cmdLIST, cmdSELUID, cmdCHECK, cmdSIGN,
cmdDEBUG, cmdSAVE, cmdADDUID, cmdDELUID, cmdADDKEY, cmdDELKEY,
cmdTOGGLE, cmdSELKEY, cmdPASSWD, cmdTRUST, cmdPREF,
cmdTOGGLE, cmdSELKEY, cmdPASSWD, cmdTRUST, cmdPREF, cmdEXPIRE,
cmdNOP };
static struct { const char *name;
enum cmdids id;
@ -504,6 +505,7 @@ keyedit_menu( const char *username, STRLIST locusr )
{ N_("deluid") , cmdDELUID , 0, N_("delete user id") },
{ N_("addkey") , cmdADDKEY , 1, N_("add a secondary key") },
{ N_("delkey") , cmdDELKEY , 0, N_("delete a secondary key") },
{ N_("expire") , cmdEXPIRE , 1, N_("change the expire date") },
{ N_("toggle") , cmdTOGGLE , 1, N_("toggle between secret "
"and public key listing") },
{ N_("t" ) , cmdTOGGLE , 1, NULL },
@ -761,6 +763,16 @@ keyedit_menu( const char *username, STRLIST locusr )
}
break;
case cmdEXPIRE:
if( menu_expire( keyblock, sec_keyblock ) ) {
merge_keys_and_selfsig( sec_keyblock );
merge_keys_and_selfsig( keyblock );
sec_modified = 1;
modified = 1;
redisplay = 1;
}
break;
case cmdPASSWD:
if( change_passphrase( sec_keyblock ) )
sec_modified = 1;
@ -1149,6 +1161,117 @@ menu_delkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
}
static int
menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock )
{
int n1, rc;
u32 expiredate;
int mainkey=0;
PKT_secret_key *sk; /* copy of the main sk */
PKT_public_key *main_pk, *sub_pk;
PKT_user_id *uid;
KBNODE node;
u32 keyid[2];
if( count_selected_keys( sec_keyblock ) ) {
tty_printf(_("Please remove selections from the secret keys.\n"));
return 0;
}
n1 = count_selected_keys( pub_keyblock );
if( n1 > 1 ) {
tty_printf(_("Please select at most one secondary key.\n"));
return 0;
}
else if( n1 )
tty_printf(_("Changing exiration time for a secondary key.\n"));
else {
tty_printf(_("Changing exiration time for the primary key.\n"));
mainkey=1;
}
expiredate = ask_expiredate();
/* fixme: check that expiredate is > key creation date */
/* get the secret key , make a copy and set the expiration time into
* that key (because keygen_add-key-expire expects it there)
*/
node = find_kbnode( sec_keyblock, PKT_SECRET_KEY );
sk = copy_secret_key( NULL, node->pkt->pkt.secret_key);
sk->expiredate = expiredate;
/* Now we can actually change the self signature(s) */
main_pk = sub_pk = NULL;
uid = NULL;
for( node=pub_keyblock; node; node = node->next ) {
if( node->pkt->pkttype == PKT_PUBLIC_KEY ) {
main_pk = node->pkt->pkt.public_key;
keyid_from_pk( main_pk, keyid );
}
else if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY
&& (node->flag & NODFLG_SELKEY ) )
sub_pk = node->pkt->pkt.public_key;
else if( node->pkt->pkttype == PKT_USER_ID )
uid = node->pkt->pkt.user_id;
else if( main_pk && node->pkt->pkttype == PKT_SIGNATURE ) {
PKT_signature *sig = node->pkt->pkt.signature;
if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
&& ( (mainkey && uid && (sig->sig_class&~3) == 0x10)
|| (!mainkey && sig->sig_class == 0x18) ) ) {
/* this is a selfsignature which should be replaced */
PKT_signature *newsig;
PACKET *newpkt;
KBNODE sn;
/* find the corresponding secret self-signature */
for( sn=sec_keyblock; sn; sn = sn->next ) {
if( sn->pkt->pkttype == PKT_SIGNATURE
&& !cmp_signatures( sn->pkt->pkt.signature, sig ) )
break;
}
if( !sn )
log_info(_("No corresponding signature in secret ring\n"));
/* create new self signature */
if( mainkey )
rc = make_keysig_packet( &newsig, main_pk, uid, NULL,
sk, 0x13, 0,
keygen_add_std_prefs, sk );
else
rc = make_keysig_packet( &newsig, main_pk, NULL, sub_pk,
sk, 0x18, 0,
keygen_add_key_expire, sk );
if( rc ) {
log_error("make_keysig_packet failed: %s\n",
g10_errstr(rc));
free_secret_key( sk );
return 0;
}
/* replace the packet */
newpkt = m_alloc_clear( sizeof *newpkt );
newpkt->pkttype = PKT_SIGNATURE;
newpkt->pkt.signature = newsig;
free_packet( node->pkt );
m_free( node->pkt );
node->pkt = newpkt;
if( sn ) {
newpkt = m_alloc_clear( sizeof *newpkt );
newpkt->pkttype = PKT_SIGNATURE;
newpkt->pkt.signature = copy_signature( NULL, newsig );
free_packet( sn->pkt );
m_free( sn->pkt );
sn->pkt = newpkt;
}
}
}
}
free_secret_key( sk );
return 1;
}
/****************
* Select one user id or remove all selection if index is 0.
* Returns: True if the selection changed;

12
g10/keygen.c
View file

@ -51,8 +51,8 @@ write_uid( KBNODE root, const char *s )
static int
add_key_expire( PKT_signature *sig, void *opaque )
int
keygen_add_key_expire( PKT_signature *sig, void *opaque )
{
PKT_secret_key *sk = opaque;
byte buf[8];
@ -80,7 +80,7 @@ keygen_add_std_prefs( PKT_signature *sig, void *opaque )
{
byte buf[8];
add_key_expire( sig, opaque );
keygen_add_key_expire( sig, opaque );
buf[0] = CIPHER_ALGO_BLOWFISH;
buf[1] = CIPHER_ALGO_CAST5;
@ -176,7 +176,7 @@ write_keybinding( KBNODE root, KBNODE pub_root, PKT_secret_key *sk )
/* and make the signature */
rc = make_keysig_packet( &sig, pk, NULL, subpk, sk, 0x18, 0,
add_key_expire, sk );
keygen_add_key_expire, sk );
if( rc ) {
log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );
return rc;
@ -481,7 +481,7 @@ ask_keysize( int algo )
}
static u32
u32
ask_expiredate()
{
char *answer;
@ -495,7 +495,7 @@ ask_expiredate()
" <n>m = key expires in n months\n"
" <n>y = key expires in n years\n"));
/* Note: The elgamal subkey for DSA has no exiration date because
* is must be signed with the DSA key and this one has the expiration
* it must be signed with the DSA key and this one has the expiration
* date */
answer = NULL;

2
g10/main.h
View file

@ -78,7 +78,9 @@ int delete_key( const char *username, int secure );
void keyedit_menu( const char *username, STRLIST locusr );
/*-- keygen.c --*/
u32 ask_expiredate(void);
void generate_keypair(void);
int keygen_add_key_expire( PKT_signature *sig, void *opaque );
int keygen_add_std_prefs( PKT_signature *sig, void *opaque );
int generate_subkeypair( KBNODE pub_keyblock, KBNODE sec_keyblock );

2
g10/options.h
View file

@ -41,7 +41,7 @@ struct {
int no_armor;
int list_packets; /* list-packets mode */
int def_cipher_algo;
int reserved1;
int force_v3_sigs;
int def_digest_algo;
int def_compress_algo;
const char *def_secret_key;

1
g10/packet.h
View file

@ -273,6 +273,7 @@ PKT_secret_key *copy_secret_key( PKT_secret_key *d, PKT_secret_key *s );
PKT_signature *copy_signature( PKT_signature *d, PKT_signature *s );
PKT_user_id *copy_user_id( PKT_user_id *d, PKT_user_id *s );
int cmp_public_keys( PKT_public_key *d, PKT_public_key *s );
int cmp_signatures( PKT_signature *a, PKT_signature *b );
int cmp_public_secret_key( PKT_public_key *pk, PKT_secret_key *sk );
int cmp_user_ids( PKT_user_id *a, PKT_user_id *b );

120
g10/parse-packet.c
View file

@ -608,6 +608,97 @@ parse_pubkeyenc( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
}
static void
dump_sig_subpkt( int hashed, int type, int critical,
const char * buffer, size_t buflen, size_t length )
{
const char *p=NULL;
printf("\t%s%ssubpkt %d len %u (", /*)*/
critical ? "critical ":"",
hashed ? "hashed ":"", type, (unsigned)length );
buffer++;
length--;
if( length > buflen ) {
printf("too short: buffer is only %u)\n", (unsigned)buflen );
return;
}
switch( type ) {
case SIGSUBPKT_SIG_CREATED:
if( length >= 4 )
printf("sig created %s", strtimestamp( buffer_to_u32(buffer) ) );
break;
case SIGSUBPKT_SIG_EXPIRE:
if( length >= 4 )
printf("sig expires %s", strtimestamp( buffer_to_u32(buffer) ) );
break;
case SIGSUBPKT_EXPORTABLE:
p = "exportable";
break;
case SIGSUBPKT_TRUST:
p = "trust signature";
break;
case SIGSUBPKT_REGEXP:
p = "regular expression";
break;
case SIGSUBPKT_REVOCABLE:
p = "revocable";
break;
case SIGSUBPKT_KEY_EXPIRE:
if( length >= 4 )
printf("key expires %s", strtimestamp( buffer_to_u32(buffer) ) );
break;
case SIGSUBPKT_ARR:
p = "additional recipient request";
break;
case SIGSUBPKT_PREF_SYM:
p = "preferred symmetric algorithms";
break;
case SIGSUBPKT_REV_KEY:
p = "revocation key";
break;
case SIGSUBPKT_ISSUER:
if( length >= 8 )
printf("issuer key ID %08lX%08lX",
(ulong)buffer_to_u32(buffer),
(ulong)buffer_to_u32(buffer+4) );
break;
case SIGSUBPKT_NOTATION:
p = "notation data";
break;
case SIGSUBPKT_PREF_HASH:
p = "preferred hash algorithms";
break;
case SIGSUBPKT_PREF_COMPR:
p = "preferred compression algorithms";
break;
case SIGSUBPKT_KS_FLAGS:
p = "key server preferences";
break;
case SIGSUBPKT_PREF_KS:
p = "preferred key server";
break;
case SIGSUBPKT_PRIMARY_UID:
p = "primary user id";
break;
case SIGSUBPKT_POLICY:
p = "policy URL";
break;
case SIGSUBPKT_KEY_FLAGS:
p = "key flags";
break;
case SIGSUBPKT_SIGNERS_UID:
p = "signer's user id";
break;
case SIGSUBPKT_PRIV_ADD_SIG:
p = "signs additional user id";
break;
default: p = "?"; break;
}
printf("%s)\n", p? p: "");
}
const byte *
parse_sig_subpkt( const byte *buffer, sigsubpkttype_t reqtype, size_t *ret_n )
{
@ -648,32 +739,9 @@ parse_sig_subpkt( const byte *buffer, sigsubpkttype_t reqtype, size_t *ret_n )
}
else
critical = 0;
if( reqtype < 0 ) { /* list packets */
printf("\t%ssubpacket %d of length %u (%s)\n",
reqtype == SIGSUBPKT_LIST_HASHED ? "hashed ":"", type, (unsigned)n,
type == SIGSUBPKT_SIG_CREATED ? "signature creation time"
: type == SIGSUBPKT_SIG_EXPIRE ? "signature expiration time"
: type == SIGSUBPKT_EXPORTABLE ? "exportable"
: type == SIGSUBPKT_TRUST ? "trust signature"
: type == SIGSUBPKT_REGEXP ? "regular expression"
: type == SIGSUBPKT_REVOCABLE ? "revocable"
: type == SIGSUBPKT_KEY_EXPIRE ? "key expiration time"
: type == SIGSUBPKT_ARR ? "additional recipient request"
: type == SIGSUBPKT_PREF_SYM ? "preferred symmetric algorithms"
: type == SIGSUBPKT_REV_KEY ? "revocation key"
: type == SIGSUBPKT_ISSUER ? "issuer key ID"
: type == SIGSUBPKT_NOTATION ? "notation data"
: type == SIGSUBPKT_PREF_HASH ? "preferred hash algorithms"
: type == SIGSUBPKT_PREF_COMPR ? "preferred compression algorithms"
: type == SIGSUBPKT_KS_FLAGS ? "key server preferences"
: type == SIGSUBPKT_PREF_KS ? "preferred key server"
: type == SIGSUBPKT_PRIMARY_UID ? "primary user id"
: type == SIGSUBPKT_POLICY ? "policy URL"
: type == SIGSUBPKT_KEY_FLAGS ? "key flags"
: type == SIGSUBPKT_SIGNERS_UID ? "signer's user id"
: type == SIGSUBPKT_PRIV_ADD_SIG? "signs additional user id"
: "?");
}
if( reqtype < 0 ) /* list packets */
dump_sig_subpkt( reqtype == SIGSUBPKT_LIST_HASHED,
type, critical, buffer, buflen, n );
else if( type == reqtype )
break; /* found */
buffer += n; buflen -=n;

3
g10/ringedit.c
View file

@ -62,6 +62,8 @@
#include "options.h"
#include "i18n.h"
#undef HAVE_LIBGDBM /* <--- not ready */
struct resource_table_struct {
int used;
int secret; /* this is a secret keyring */
@ -275,6 +277,7 @@ get_keyblock_handle( const char *filename, int secret, KBPOS *kbpos )
if( !filename || !strcmp( resource_table[i].fname, filename ) ) {
memset( kbpos, 0, sizeof *kbpos );
kbpos->resno = i;
kbpos->rt = resource_table[i].rt;
return 0;
}
}

7
g10/sign.c
View file

@ -108,6 +108,9 @@ only_old_style( SK_LIST sk_list )
SK_LIST sk_rover = NULL;
int old_style = 0;
if( opt.force_v3_sigs )
return 1;
/* if there are only old style capable key we use the old sytle */
for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
PKT_secret_key *sk = sk_rover->sk;
@ -369,7 +372,7 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
/* build the signature packet */
/* fixme: this code is partly duplicated in make_keysig_packet */
sig = m_alloc_clear( sizeof *sig );
sig->version = sk->version;
sig->version = old_style? 3 : sk->version;
keyid_from_sk( sk, sig->keyid );
sig->digest_algo = hash_for(sk->pubkey_algo);
sig->pubkey_algo = sk->pubkey_algo;
@ -605,7 +608,7 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
/* build the signature packet */
/* fixme: this code is duplicated above */
sig = m_alloc_clear( sizeof *sig );
sig->version = sk->version;
sig->version = old_style? 3 : sk->version;
keyid_from_sk( sk, sig->keyid );
sig->digest_algo = hash_for(sk->pubkey_algo);
sig->pubkey_algo = sk->pubkey_algo;

5
g10/tdbio.c
View file

@ -962,7 +962,7 @@ tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected )
rc = G10ERR_TRUSTDB;
}
break;
case RECTYPE_CACH: /* cache record (FIXME)*/
case RECTYPE_CACH: /* cache record */
rec->r.cache.lid = buftoulong(p); p += 4;
memcpy(rec->r.cache.blockhash, p, 20); p += 20;
rec->r.cache.trustlevel = *p++;
@ -990,7 +990,6 @@ tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected )
/****************
* Write the record at RECNUM
* FIXME: create/update keyhash record.
*/
int
tdbio_write_record( TRUSTREC *rec )
@ -1081,7 +1080,7 @@ tdbio_write_record( TRUSTREC *rec )
ulongtobuf( p, rec->r.sdir.hintlist );
break;
case RECTYPE_CACH: /* FIXME*/
case RECTYPE_CACH:
ulongtobuf(p, rec->r.cache.lid); p += 4;
memcpy(p, rec->r.cache.blockhash, 20); p += 20;
*p++ = rec->r.cache.trustlevel;

3
g10/tdbio.h
View file

@ -55,7 +55,8 @@
but we mark it to avoid duplicate checks */
#define DIRF_REVOKED 8 /* the complete key has been revoked */
#define KEYF_REVOKED 8 /* this key has been revoked (only useful on subkeys)*/
#define KEYF_EXPIRED 4 /* this key is expired */
#define KEYF_REVOKED 8 /* this key has been revoked */
#define UIDF_CHECKED 1 /* user id has been checked - other bits are valid */
#define UIDF_VALID 2 /* this is a valid user id */

49
g10/trustdb.c
View file

@ -2054,7 +2054,7 @@ upd_pref_record( PKT_signature *sig, TRUSTREC *drec,
/****************
* Note: A signature made with a secondayr key is not considered a
* Note: A signature made with a secondary key is not considered a
* self-signature.
*/
static void
@ -2067,11 +2067,21 @@ upd_sig_record( PKT_signature *sig, TRUSTREC *drec,
ulong lid = drec->recnum;
if( !*uidrecno ) {
/* fixme: handle direct key signatures */
log_error("key %08lX: signature without user id\n", (ulong)keyid[1] );
return;
switch( sig->sig_class ) {
case 0x20:
case 0x28: /* We do not need uids for [sub]key revications */
case 0x18: /* or subkey binding */
memset( &urec, 0, sizeof urec ); /* to catch errors */
break;
default:
log_error("key %08lX: signature (class %02x) without user id\n",
(ulong)keyid[1], sig->sig_class );
return;
}
}
read_record( *uidrecno, &urec, RECTYPE_UID );
else
read_record( *uidrecno, &urec, RECTYPE_UID );
if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] ) {
if( (sig->sig_class&~3) == 0x10 ) {
@ -2099,12 +2109,19 @@ upd_sig_record( PKT_signature *sig, TRUSTREC *drec,
urec.dirty = 1;
}
}
else {/* is revocation sig etc */
else if( sig->sig_class == 0x18 ) { /* key binding */
/* FIXME */
}
else if( sig->sig_class == 0x20 ) { /* key revocation */
/* FIXME */
}
else if( sig->sig_class == 0x28 ) { /* subkey revocation */
/* FIXME */
}
else if( sig->sig_class == 0x30 ) { /* cert revocation */
/* FIXME */
}
}
else if( !*uidrecno )
; /* skip record with direct key signatures here */
else if( (sig->sig_class&~3) == 0x10 ) {
/* We simply insert the signature into the sig records but
* avoid duplicate ones. We do not check them here because
@ -2365,8 +2382,20 @@ upd_sig_record( PKT_signature *sig, TRUSTREC *drec,
}
}
else {
/* handle other sig classes */
else if( sig->sig_class == 0x18 ) { /* key binding */
log_info(_("key %08lX: bogus key binding by %08lX\n"),
(ulong)keyid[1], (ulong)sig->keyid[1] );
}
else if( sig->sig_class == 0x20 ) { /* key revocation */
log_info(_("key %08lX: bogus key revocation by %08lX\n"),
(ulong)keyid[1], (ulong)sig->keyid[1] );
}
else if( sig->sig_class == 0x28 ) { /* subkey revocation */
log_info(_("key %08lX: bogus subkey revocation by %08lX\n"),
(ulong)keyid[1], (ulong)sig->keyid[1] );
}
else if( sig->sig_class == 0x30 ) { /* cert revocation */
/* FIXME: a signator wants to revoke his certification signature */
}
leave: