g10: Improve handling of no corresponding public key.

* g10/getkey.c (get_seckey): Return G10ERR_NO_PUBKEY when it's not exact match. -- (ported from 1.4 commit b3fd30451a) In the situation of corrupted .gnupg/ where only private subkey is available but no corresponding public key of the subkey, the code returned public primary key which caused mysterious error (for a user). This fix detects an error earlier. GnuPG-bug-id: 1422 Debian-Bug-Id: #638619
2024-06-09 23:39:51 +02:00 · 2015-05-19 10:14:09 +09:00 · 2015-05-19 10:14:09 +09:00 · 76e2aa739c
commit 76e2aa739c
parent be13627345
1 changed files with 12 additions and 0 deletions
--- a/g10/getkey.c
+++ b/g10/getkey.c
@ -500,7 +500,19 @@ get_seckey( PKT_secret_key *sk, u32 *keyid )
    ctx.req_usage = sk->req_usage;
    rc = lookup( &ctx, &kb, 1 );
    if ( !rc ) {
+        u32 skid[2];
+
        sk_from_block ( &ctx, sk, kb );
+        keyid_from_sk ( sk, skid );
+        /*
+         * Make sure it's exact match of keyid.
+         * If not, it's secret subkey with no public key.
+         */
+        if (!(keyid[0] == skid[0] && keyid[1] == skid[1])) {
+          log_error (_("key %s: secret key without public key"
+                       " - skipped\n"), keystr(keyid));
+          rc = G10ERR_NO_PUBKEY;
+        }
    }
    get_seckey_end( &ctx );
    release_kbnode ( kb );