See ChangeLog: Fri Jul 14 19:38:23 CEST 2000 Werner Koch

2025-07-03 22:56:33 +02:00 · 2000-07-14 17:34:53 +00:00 · 2000-07-14 17:34:53 +00:00 · 92cd255508
commit 92cd255508
parent d1648b4d7a
104 changed files with 5871 additions and 1540 deletions
--- a/g10/pubkey-enc.c
+++ b/g10/pubkey-enc.c
@ -1,5 +1,5 @@
 /* pubkey-enc.c -  public key encoded packet handling
- *	Copyright (C) 1998 Free Software Foundation, Inc.
+ *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
 *
 * This file is part of GnuPG.
 *
@ -23,14 +23,15 @@
 #include <stdlib.h>
 #include <string.h>
 #include <assert.h>
-#include "util.h"
+
 #include <gcrypt.h>
+#include "util.h"
 #include "packet.h"
-#include "main.h"
 #include "keydb.h"
 #include "trustdb.h"
 #include "status.h"
 #include "options.h"
+#include "main.h"
 #include "i18n.h"

 static int get_it( PKT_pubkey_enc *k,
@ -103,7 +104,6 @@ pk_decrypt( int algo, MPI *result, MPI *data, MPI *skey )
 }


-
 /****************
 * Get the session key from a pubkey enc paket and return
 * it in DEK, which should have been allocated in secure memory.
@ -169,7 +169,7 @@ get_it( PKT_pubkey_enc *k, DEK *dek, PKT_secret_key *sk, u32 *keyid )
    int rc;
    MPI plain_dek  = NULL;
    byte *frame = NULL;
-    unsigned n;
+    unsigned int n;
    size_t nframe;
    u16 csum, csum2;

@ -199,7 +199,7 @@ get_it( PKT_pubkey_enc *k, DEK *dek, PKT_secret_key *sk, u32 *keyid )
     * DEK is the encryption key (session key) with length k
     * CSUM
     */
-    if( (opt.debug & DBG_CIPHER_VALUE)	)
+    if( DBG_CIPHER )
 	log_hexdump("DEK frame:", frame, nframe );
    n=0;
    if( n + 7 > nframe )
@ -219,10 +219,14 @@ get_it( PKT_pubkey_enc *k, DEK *dek, PKT_secret_key *sk, u32 *keyid )

    dek->keylen = nframe - (n+1) - 2;
    dek->algo = frame[n++];
-    if( dek->algo == GCRY_CIPHER_IDEA )
+    if( dek->algo ==  GCRY_CIPHER_IDEA )
 	write_status(STATUS_RSA_OR_IDEA);
    rc = openpgp_cipher_test_algo( dek->algo );
    if( rc ) {
+	if( !opt.quiet && rc == GPGERR_CIPHER_ALGO ) {
+	    log_info(_("cipher algorithm %d is unknown or disabled\n"),
+							    dek->algo);
+	}
 	dek->algo = 0;
 	goto leave;
    }
@ -241,9 +245,9 @@ get_it( PKT_pubkey_enc *k, DEK *dek, PKT_secret_key *sk, u32 *keyid )
 	rc = GPGERR_WRONG_SECKEY;
 	goto leave;
    }
-    if( (opt.debug & DBG_CIPHER_VALUE)	)
+    if( DBG_CIPHER )
 	log_hexdump("DEK is:", dek->key, dek->keylen );
-    /* check that the algo is in the preferences */
+    /* check that the algo is in the preferences and whether it has expired */
    {
 	PKT_public_key *pk = gcry_xcalloc( 1, sizeof *pk );
 	if( (rc = get_pubkey( pk, keyid )) )
@ -262,10 +266,25 @@ get_it( PKT_pubkey_enc *k, DEK *dek, PKT_secret_key *sk, u32 *keyid )
 		    "NOTE: cipher algorithm %d not found in preferences\n"),
 								 dek->algo );
 	}
+
+
+	if( !rc && pk->expiredate && pk->expiredate <= make_timestamp() ) {
+	    log_info(_("NOTE: secret key %08lX expired at %s\n"),
+			   (ulong)keyid[1], asctimestamp( pk->expiredate) );
+	}
+
+	/* FIXME: check wheter the key has been revoked and display
+	 * the revocation reason.  Actually the user should know this himself,
+	 * but the sender might not know already and therefor the user
+	 * should get a notice that an revoked key has been used to decode
+	 * the message.  The user can than watch out for snakes send by
+	 * one of those Eves outside his paradise :-)
+	 */
 	free_public_key( pk );
 	rc = 0;
    }

+
  leave:
    mpi_release(plain_dek);
    gcry_free(frame);