See ChangeLog: Thu May 6 14:18:17 CEST 1999 Werner Koch

2025-07-03 22:56:33 +02:00 · 1999-05-06 12:26:10 +00:00 · 1999-05-06 12:26:10 +00:00 · 7cb8838061
commit 7cb8838061
parent e5a79b2da8
27 changed files with 4036 additions and 3151 deletions
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,15 @@
+Thu May  6 14:18:17 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+	* trustdb.c (check_trust): Check for revoked subkeys.
+	* pkclist.c (do_we_trust): Handled revoked subkeys.
+	(do_we_trust_pre): Ditto.
+	(check_signatures_trust): Ditto.
+
+	* build-packet.c (hash_public_key): Fix for ancient g10 keys.
+
+	* mainproc.c (do_proc_packets): Return EOF if no data has been read.
+	* g10.c (main): Catch errors for default operation.
+
 Thu Apr 29 12:29:22 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>

 	* sign.c (sign_file): Fixed hashing in case of no subpackets.
--- a/g10/build-packet.c
+++ b/g10/build-packet.c
@ -258,38 +258,42 @@ hash_public_key( MD_HANDLE md, PKT_public_key *pk )
    pkt.pkt.public_key = pk;
    if( (rc = build_packet( a, &pkt )) )
 	log_fatal("build public_key for hashing failed: %s\n", g10_errstr(rc));
-    /* skip the constructed header */
-    ctb = iobuf_get_noeof(a);
-    pktlen = 0;
-    if( (ctb & 0x40) ) {
-	c = iobuf_get_noeof(a);
-	if( c < 192 )
-	    pktlen = c;
-	else if( c < 224 ) {
-	    pktlen = (c - 192) * 256;
+
+    if( !(pk->version == 3 && pk->pubkey_algo == 16) ) {
+	/* skip the constructed header but don't do this for our very old
+	 * v3 ElG keys */
+	ctb = iobuf_get_noeof(a);
+	pktlen = 0;
+	if( (ctb & 0x40) ) {
 	    c = iobuf_get_noeof(a);
-	    pktlen += c + 192;
+	    if( c < 192 )
+		pktlen = c;
+	    else if( c < 224 ) {
+		pktlen = (c - 192) * 256;
+		c = iobuf_get_noeof(a);
+		pktlen += c + 192;
+	    }
+	    else if( c == 255 ) {
+		pktlen	= iobuf_get_noeof(a) << 24;
+		pktlen |= iobuf_get_noeof(a) << 16;
+		pktlen |= iobuf_get_noeof(a) << 8;
+		pktlen |= iobuf_get_noeof(a);
+	    }
 	}
-	else if( c == 255 ) {
-	    pktlen  = iobuf_get_noeof(a) << 24;
-	    pktlen |= iobuf_get_noeof(a) << 16;
-	    pktlen |= iobuf_get_noeof(a) << 8;
-	    pktlen |= iobuf_get_noeof(a);
+	else {
+	    int lenbytes = ((ctb&3)==3)? 0 : (1<<(ctb & 3));
+	    for( ; lenbytes; lenbytes-- ) {
+		pktlen <<= 8;
+		pktlen |= iobuf_get_noeof(a);
+	    }
 	}
+	/* hash a header */
+	md_putc( md, 0x99 );
+	pktlen &= 0xffff; /* can't handle longer packets */
+	md_putc( md, pktlen >> 8 );
+	md_putc( md, pktlen & 0xff );
    }
-    else {
-	int lenbytes = ((ctb&3)==3)? 0 : (1<<(ctb & 3));
-	for( ; lenbytes; lenbytes-- ) {
-	    pktlen <<= 8;
-	    pktlen |= iobuf_get_noeof(a);
-	}
-    }
-    /* hash a header */
-    md_putc( md, 0x99 );
-    pktlen &= 0xffff; /* can't handle longer packets */
-    md_putc( md, pktlen >> 8 );
-    md_putc( md, pktlen & 0xff );
-    /* hash the packet body (don't use pktlen here!) */
+    /* hash the packet body */
    while( (c=iobuf_get(a)) != -1 ) {
      #if 0
 	fprintf( fp," %02x", c );
--- a/g10/g10.c
+++ b/g10/g10.c
@ -1243,7 +1243,9 @@ main( int argc, char **argv )
 		set_packet_list_mode(1);
 		opt.list_packets=1;
 	    }
-	    proc_packets(NULL, a );
+	    rc = proc_packets(NULL, a );
+	    if( rc )
+		log_error("processing message failed: %s\n", g10_errstr(rc) );
 	    iobuf_close(a);
 	}
 	break;
--- a/g10/getkey.c
+++ b/g10/getkey.c
@ -1438,7 +1438,8 @@ find_by_fpr( KBNODE keyblock, PKT_public_key *pk, const char *name, int mode )
 		keyid_from_pk( k->pkt->pkt.public_key, aki );
 		log_debug("         aki=%08lx%08lx algo=%d mode=%d an=%u\n",
 				(ulong)aki[0], (ulong)aki[1],
-			k->pkt->pkt.public_key->pubkey_algo, mode, an );
+			k->pkt->pkt.public_key->pubkey_algo, mode,
+							    (unsigned)an );
 	    }

 	    if( an == mode
@ -1470,7 +1471,8 @@ find_by_fpr_sk( KBNODE keyblock, PKT_secret_key *sk,
 		keyid_from_sk( k->pkt->pkt.secret_key, aki );
 		log_debug("         aki=%08lx%08lx algo=%d mode=%d an=%u\n",
 				(ulong)aki[0], (ulong)aki[1],
-			k->pkt->pkt.secret_key->pubkey_algo, mode, an );
+			k->pkt->pkt.secret_key->pubkey_algo, mode,
+							(unsigned)an );
 	    }

 	    if( an == mode
--- a/g10/kbnode.c
+++ b/g10/kbnode.c
@ -302,7 +302,8 @@ dump_kbnode( KBNODE node )
 	    fputs("\"\n", stderr);
 	}
 	else if( node->pkt->pkttype == PKT_SIGNATURE ) {
-	    fprintf(stderr, "  keyid=%08lX\n",
+	    fprintf(stderr, "  class=%02x keyid=%08lX\n",
+		   node->pkt->pkt.signature->sig_class,
 		   (ulong)node->pkt->pkt.signature->keyid[1] );
 	}
 	else if( node->pkt->pkttype == PKT_PUBLIC_KEY
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@ -122,8 +122,6 @@ check_all_keysigs( KBNODE keyblock, int only_selected )
    int anyuid = 0;

    for( kbctx=NULL; (node=walk_kbnode( keyblock, &kbctx, 0)) ; ) {
-	int is_rev = 0;
-
 	if( node->pkt->pkttype == PKT_USER_ID ) {
 	    PKT_user_id *uid = node->pkt->pkt.user_id;

@ -140,10 +138,11 @@ check_all_keysigs( KBNODE keyblock, int only_selected )
 	    }
 	}
 	else if( selected && node->pkt->pkttype == PKT_SIGNATURE
-		 && (node->pkt->pkt.signature->sig_class&~3) == 0x10
-		 && (is_rev = node->pkt->pkt.signature->sig_class == 0x30) ) {
+		 && ( (node->pkt->pkt.signature->sig_class&~3) == 0x10
+		     || node->pkt->pkt.signature->sig_class == 0x30 )  ) {
 	    PKT_signature *sig = node->pkt->pkt.signature;
 	    int sigrc, selfsig;
+	    int is_rev = sig->sig_class == 0x30;

 	    switch( (rc = check_key_signature( keyblock, node, &selfsig)) ) {
 	      case 0:
@ -956,7 +955,7 @@ show_key_with_all_names( KBNODE keyblock, int only_marked,
 			 int with_fpr, int with_subkeys, int with_prefs )
 {
    KBNODE node;
-    int i;
+    int i, rc;

    /* the keys */
    for( node = keyblock; node; node = node->next ) {
@ -1001,6 +1000,20 @@ show_key_with_all_names( KBNODE keyblock, int only_marked,
 			  datestr_from_sk(sk),
 			  expirestr_from_sk(sk) );
 	}
+	else if( with_subkeys && node->pkt->pkttype == PKT_SIGNATURE
+		 && node->pkt->pkt.signature->sig_class == 0x28       ) {
+	    PKT_signature *sig = node->pkt->pkt.signature;
+
+	    rc = check_key_signature( keyblock, node, NULL );
+	    if( !rc )
+		tty_printf( "rev! subkey has been revoked: %s\n",
+			    datestr_from_sig( sig ) );
+	    else if( rc == G10ERR_BAD_SIGN )
+		tty_printf( "rev- faked revocation found\n" );
+	    else if( rc )
+		tty_printf( "rev? problem checking revocation: %s\n",
+							 g10_errstr(rc) );
+	}
    }
    /* the user ids */
    i = 0;
@ -1677,7 +1690,7 @@ menu_revsig( KBNODE keyblock )
 	pkt = m_alloc_clear( sizeof *pkt );
 	pkt->pkttype = PKT_SIGNATURE;
 	pkt->pkt.signature = sig;
-	insert_kbnode( unode, new_kbnode(pkt), PKT_SIGNATURE );
+	insert_kbnode( unode, new_kbnode(pkt), 0 );
 	goto reloop;
    }

@ -1701,7 +1714,7 @@ menu_revkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
    int upd_trust = 0;
    int rc;

-  reloop: /* (better this way becuase we are modifing the keyring) */
+  reloop: /* (better this way because we are modifing the keyring) */
    mainpk = pub_keyblock->pkt->pkt.public_key;
    for( node = pub_keyblock; node; node = node->next ) {
 	if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY
@ -1726,7 +1739,7 @@ menu_revkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
 	    pkt = m_alloc_clear( sizeof *pkt );
 	    pkt->pkttype = PKT_SIGNATURE;
 	    pkt->pkt.signature = sig;
-	    insert_kbnode( node, new_kbnode(pkt), PKT_SIGNATURE );
+	    insert_kbnode( node, new_kbnode(pkt), 0 );
 	    goto reloop;
 	}
    }
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@ -215,7 +215,7 @@ proc_pubkey_enc( CTX c, PACKET *pkt )
    else {
 	/* fixme: defer this message until we have parsed all packets of
 	 * this type - do this by building a list of keys with their stati
-	 * and store it with the conetxt.  do_proc_packets can then use
+	 * and store it with the context.  do_proc_packets can then use
 	 * this list to display some information */
 	log_error(_("public key decryption failed: %s\n"), g10_errstr(result));
    }
@ -307,7 +307,7 @@ proc_plaintext( CTX c, PACKET *pkt )
 	md_enable( c->mfx.md, DIGEST_ALGO_SHA1 );
 	md_enable( c->mfx.md, DIGEST_ALGO_MD5 );
    }
-  #if 1
+  #if 0
    #warning md_start_debug is enabled
    md_start_debug( c->mfx.md, "verify" );
  #endif
@ -753,12 +753,13 @@ do_proc_packets( CTX c, IOBUF a )
 {
    PACKET *pkt = m_alloc( sizeof *pkt );
    int rc=0;
+    int any_data=0;
    int newpkt;

    c->iobuf = a;
    init_packet(pkt);
    while( (rc=parse_packet(a, pkt)) != -1 ) {
-
+	any_data = 1;
 	if( rc ) {
 	    free_packet(pkt);
 	    if( rc == G10ERR_INVALID_PACKET )
@ -844,7 +845,13 @@ do_proc_packets( CTX c, IOBUF a )
 	else
 	    free_packet(pkt);
    }
-    rc = 0;
+    if( rc == G10ERR_INVALID_PACKET )
+	write_status_text( STATUS_NODATA, "3" );
+    if( any_data )
+	rc = 0;
+    else if( rc == -1 )
+	write_status_text( STATUS_NODATA, "2" );
+

  leave:
    release_list( c );
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@ -287,6 +287,16 @@ do_we_trust( PKT_public_key *pk, int trustlevel )
 				    _("Use this key anyway? ")) )
 	    return 0;
    }
+    else if( (trustlevel & TRUST_FLAG_SUB_REVOKED) ) {
+	log_info(_("key %08lX: subkey has been revoked!\n"),
+					(ulong)keyid_from_pk( pk, NULL) );
+	if( opt.batch )
+	    return 0;
+
+	if( !cpr_get_answer_is_yes("revoked_key.override",
+				    _("Use this key anyway? ")) )
+	    return 0;
+    }


    switch( (trustlevel & TRUST_MASK) ) {
@ -368,6 +378,8 @@ do_we_trust_pre( PKT_public_key *pk, int trustlevel )

    if( (trustlevel & TRUST_FLAG_REVOKED) && !rc )
 	return 0;
+    if( (trustlevel & TRUST_FLAG_SUB_REVOKED) && !rc )
+	return 0;
    else if( !opt.batch && !rc ) {
 	char *p;
 	u32 keyid[2];
@ -435,6 +447,10 @@ check_signatures_trust( PKT_signature *sig )
 	log_info(_("WARNING: This key has been revoked by its owner!\n"));
 	log_info(_("         This could mean that the signature is forgery.\n"));
    }
+    else if( (trustlevel & TRUST_FLAG_SUB_REVOKED) ) {
+	write_status( STATUS_KEYREVOKED );
+	log_info(_("WARNING: This subkey has been revoked by its owner!\n"));
+    }


    switch( (trustlevel & TRUST_MASK) ) {
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@ -2780,6 +2780,36 @@ check_trust( PKT_public_key *pk, unsigned *r_trustlevel,
 	}
    }

+    /* is a subkey has been requested, we have to check its keyflags */
+    if( !rc ) {
+	TRUSTREC krec;
+	byte fpr[MAX_FINGERPRINT_LEN] = {0}; /* to avoid compiler warnings */
+	size_t fprlen = 0;
+	ulong recno;
+	int kcount=0;
+
+	for( recno = rec.r.dir.keylist; recno; recno = krec.r.key.next ) {
+	    read_record( recno, &krec, RECTYPE_KEY );
+	    if( ++kcount == 1 )
+		continue; /* skip the primary key */
+	    if( kcount == 2 ) /* now we need the fingerprint */
+		fingerprint_from_pk( pk, fpr, &fprlen );
+
+	    if( krec.r.key.fingerprint_len == fprlen
+		&& !memcmp( krec.r.key.fingerprint, fpr, fprlen ) ) {
+		/* found the subkey */
+		if( (krec.r.key.keyflags & KEYF_REVOKED) )
+		    trustlevel |= TRUST_FLAG_SUB_REVOKED;
+		/* should we check for keybinding here??? */
+		/* Hmmm: Maybe this whole checking stuff should not go
+		 * into the trustdb, but be done direct from the keyblock.
+		 * Chnage this all when we add an abstarction layer around
+		 * the way certificates are handled by different standards */
+		break;
+	    }
+	}
+    }
+

  leave:
    if( DBG_TRUST )
--- a/g10/trustdb.h
+++ b/g10/trustdb.h
@ -33,6 +33,7 @@
 #define TRUST_ULTIMATE	  6  /* u: ultimately trusted */
 /* trust values not covered by the mask */
 #define TRUST_FLAG_REVOKED 32 /* r: revoked */
+#define TRUST_FLAG_SUB_REVOKED 64


 #define PREFTYPE_SYM	  1