* revoke.c (gen_desig_revoke): Specify in the comment when a designated

revocation is generated. * getkey.c (merge_selfsigs_main, merge_selfsigs_subkey, get_seckey_byname2): Disallow use of sign+encrypt Elgamal keys for anything except revocations. * sign.c (do_sign): Catchall for any Elgamal signatures except revocations.
2025-01-03 12:11:33 +01:00 · 2003-11-29 22:44:05 +00:00 · 2003-11-29 22:44:05 +00:00 · 74e3c5ac7d
commit 74e3c5ac7d
parent dfd8b9d8d3
4 changed files with 35 additions and 3 deletions
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,9 +1,19 @@
 2003-11-29  David Shaw  <dshaw@jabberwocky.com>

+	* revoke.c (gen_desig_revoke): Specify in the comment when a
+	designated revocation is generated.
+
+	* getkey.c (merge_selfsigs_main, merge_selfsigs_subkey,
+	get_seckey_byname2): Disallow use of sign+encrypt Elgamal keys for
+	anything except revocations.
+
+	* sign.c (do_sign): Catchall for any Elgamal signatures except
+	revocations.
+
 	* trustdb.c (validate_keys): Reset the trustdb before checking if
 	we have any ultimately trusted keys.  This ensures that if we
 	lose all our ultimately trusted keys, we don't leave behind the
-	old validity calculations.
+	old validity calculations.  Noted by Peter Palfrader.

 2003-11-20  David Shaw  <dshaw@jabberwocky.com>

--- a/g10/getkey.c
+++ b/g10/getkey.c
@ -1049,7 +1049,11 @@ get_seckey_byname2( GETKEY_CTX *retctx,
 	ctx.items[0].mode = KEYDB_SEARCH_MODE_FIRST;
 	rc = lookup( &ctx, &kb, 1 );
        if (!rc && sk )
-            sk_from_block ( &ctx, sk, kb );
+	  {
+	    sk_from_block ( &ctx, sk, kb );
+	    if(sk->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
+	      rc=G10ERR_UNU_SECKEY;
+	  }
        release_kbnode ( kb );
 	get_seckey_end( &ctx );
    }
@ -1655,6 +1659,11 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked )
        if ( x ) /* mask it down to the actual allowed usage */
            key_usage &= x; 
    }
+
+    /* Type 20 Elgamal keys are not usable. */
+    if(pk->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
+      key_usage=0;
+
    pk->pubkey_usage = key_usage;

    if ( !key_expire_seen ) {
@ -1869,6 +1878,13 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
        if ( x ) /* mask it down to the actual allowed usage */
            key_usage &= x; 
    }
+
+    /* Type 20 Elgamal subkeys or any subkey on a type 20 primary are
+       not usable. */
+    if(mainpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL
+       || subpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
+      key_usage=0;
+
    subpk->pubkey_usage = key_usage;
    
    p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);
--- a/g10/revoke.c
+++ b/g10/revoke.c
@ -313,7 +313,7 @@ gen_desig_revoke( const char *uname )
 	      goto leave;

 	    afx.what = 1;
-	    afx.hdrlines = "Comment: A revocation certificate should follow\n";
+	    afx.hdrlines = "Comment: A designated revocation certificate should follow\n";
 	    iobuf_push_filter( out, armor_filter, &afx );

 	    /* create it */
--- a/g10/sign.c
+++ b/g10/sign.c
@ -266,6 +266,12 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig,
 	    return G10ERR_TIME_CONFLICT;
    }

+    /* For safety, only allow revocation sigs from Elgamal
+       sign+encrypt keys.  Note that this allows for Elgamal
+       designated revocations as well, but that's arguably a good
+       thing. */
+    if(sk->pubkey_algo==PUBKEY_ALGO_ELGAMAL && sig->sig_class!=0x20)
+      return G10ERR_UNU_SECKEY;

    print_pubkey_algo_note(sk->pubkey_algo);