From 7ae15f002712c7d07f9d835b81b0ca8da096e49b Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Mon, 20 Jul 2009 11:02:20 +0000 Subject: [PATCH] Fix bug 1091. Doc fixes. Replace assert by error message. --- g10/ChangeLog | 10 ++++++++++ g10/keygen.c | 17 ++++++++++------- g10/keyring.c | 15 ++++++++++++++- g10/misc.c | 2 +- 4 files changed, 35 insertions(+), 9 deletions(-) diff --git a/g10/ChangeLog b/g10/ChangeLog index 185cac303..0d472ac63 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,13 @@ +2009-07-20 Werner Koch + + * keygen.c (generate_keypair): Allow Elgamal > 3072 in BOTH mode. + Reported by Jeroen Schot. Fixes bug#1091. + +2009-07-17 Werner Koch + + * keyring.c (keyring_rebuild_cache): Replace the assert by a + proper error message and allow to delete a bad keyblock. + 2009-07-13 Werner Koch * exec.c: Fix function name indentation. diff --git a/g10/keygen.c b/g10/keygen.c index 17fff28b9..91c990c08 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -3123,7 +3123,7 @@ generate_keypair (const char *fname, const char *card_serialno, nbits = 0; } - nbits = ask_keysize (algo, nbits); + nbits = ask_keysize (both? subkey_algo : algo, nbits); r = xmalloc_clear( sizeof *r + 20 ); r->key = both? pSUBKEYLENGTH : pKEYLENGTH; sprintf( r->u.value, "%u", nbits); @@ -3400,6 +3400,15 @@ do_generate_keypair (struct para_data_s *para, if (!timestamp) timestamp = make_timestamp (); + /* Note that, depending on the backend (i.e. the used scdaemon + version), the card key generation may update TIMESTAMP for each + key. Thus we need to pass TIMESTAMP to all signing function to + make sure that the binding signature is done using the timestamp + of the corresponding (sub)key and not that of the primary key. + An alternative implementation could tell the signing function the + node of the subkey but that is more work than just to pass the + current timestamp. */ + if (!card) { rc = do_create (get_parameter_algo( para, pKEYTYPE ), @@ -3413,8 +3422,6 @@ do_generate_keypair (struct para_data_s *para, } else { - /* Note, that depending on the backend, the card key generation - may update TIMESTAMP. */ rc = gen_card_key (PUBKEY_ALGO_RSA, 1, 1, pub_root, sec_root, NULL, ×tamp, get_parameter_u32 (para, pKEYEXPIRE), para); @@ -3450,8 +3457,6 @@ do_generate_keypair (struct para_data_s *para, if (!rc && card && get_parameter (para, pAUTHKEYTYPE)) { - /* Note, that depending on the backend, the card key generation - may update TIMESTAMP. */ rc = gen_card_key (PUBKEY_ALGO_RSA, 3, 0, pub_root, sec_root, NULL, ×tamp, get_parameter_u32 (para, pKEYEXPIRE), para); @@ -3493,8 +3498,6 @@ do_generate_keypair (struct para_data_s *para, } else { - /* Note, that depending on the backend, the card key - generation may update TIMESTAMP. */ rc = gen_card_key (PUBKEY_ALGO_RSA, 2, 0, pub_root, sec_root, NULL, ×tamp, diff --git a/g10/keyring.c b/g10/keyring.c index 6b3c48987..7482724ad 100644 --- a/g10/keyring.c +++ b/g10/keyring.c @@ -1440,7 +1440,20 @@ keyring_rebuild_cache (void *token,int noisy) log_error ("keyring_get_keyblock failed: %s\n", g10_errstr(rc)); goto leave; } - assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY); + if ( keyblock->pkt->pkttype != PKT_PUBLIC_KEY) + { + /* We had a few reports about corrupted keyrings; if we have + been called directly from the command line we delete such + a keyblock instead of bailing out. */ + log_error ("unexpected keyblock found (pkttype=%d)%s\n", + keyblock->pkt->pkttype, noisy? " - deleted":""); + if (noisy) + continue; + log_info ("Hint: backup your keys and try running `%s'\n", + "gpg --rebuild-keydb-caches"); + rc = gpg_error (GPG_ERR_INV_KEYRING); + goto leave; + } /* check all signature to set the signature's cache flags */ for (node=keyblock; node; node=node->next) diff --git a/g10/misc.c b/g10/misc.c index 5b9e652ab..8cc63ba34 100644 --- a/g10/misc.c +++ b/g10/misc.c @@ -1207,7 +1207,7 @@ parse_options(char *str,unsigned int *options, /* Check whether the string has characters not valid in an RFC-822 - address. To cope with OpenPGP we ignore allow non-ascii characters + address. To cope with OpenPGP we ignore non-ascii characters so that for example umlauts are legal in an email address. An OpenPGP user ID must be utf-8 encoded but there is no strict requirement for RFC-822. Thus to avoid IDNA encoding we put the