security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Activity

gpg: Change calling convention for a function in getkey.c 

* g10/getkey.c (merge_selfsigs): Remove arg CTX.  Add args REQ_USAGE
and WANT_EXACT.
(finish_lookup): Adjust caller.  Set LOOKUP_NOT_SELECTED here...
(lookup): and not here.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2016-07-06 08:53:49 +02:00
parent 5d1a9c4dc8
commit 9385dfeb9d
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
1 changed files with 40 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

77
g10/getkey.c
View File

@ -3053,31 +3053,33 @@ merge_selfsigs (KBNODE keyblock)
/* See whether the key satisfies any additional requirements specified
* in CTX. If so, return 1 and set CTX->FOUND_KEY to an appropriate
* key or subkey. Otherwise, return 0 if there was no appropriate
* key.
* in CTX. If so, return the node of an appropriate key or subkey.
* Otherwise, return NULL if there was no appropriate key.
*
* In case the primary key is not required, select a suitable subkey.
* We need the primary key if PUBKEY_USAGE_CERT is set in
* CTX->REQ_USAGE or we are in PGP6 or PGP7 mode and PUBKEY_USAGE_SIG
* is set in CTX->REQ_USAGE.
* We need the primary key if PUBKEY_USAGE_CERT is set in REQ_USAGE or
* we are in PGP6 or PGP7 mode and PUBKEY_USAGE_SIG is set in
* REQ_USAGE.
*
* If any of PUBKEY_USAGE_SIG, PUBKEY_USAGE_ENC and PUBKEY_USAGE_CERT
* are set in CTX->REQ_USAGE, we filter by the key's function.
* Concretely, if PUBKEY_USAGE_SIG and PUBKEY_USAGE_CERT are set, then
* we only return a key if it is (at least) either a signing or a
* are set in REQ_USAGE, we filter by the key's function. Concretely,
* if PUBKEY_USAGE_SIG and PUBKEY_USAGE_CERT are set, then we only
* return a key if it is (at least) either a signing or a
* certification key.
*
* If CTX->REQ_USAGE is set, then we reject any keys that are not good
* If REQ_USAGE is set, then we reject any keys that are not good
* (i.e., valid, not revoked, not expired, etc.). This allows the
* getkey functions to be used for plain key listings.
*
* Sets the matched key's user id field (pk->user_id) to the user id
* that matched the low-level search criteria or NULL. If R_FLAGS is
* not NULL set certain flags for more detailed error reporting. Used
* flags are:
* that matched the low-level search criteria or NULL.
*
* If R_FLAGS is not NULL set certain flags for more detailed error
* reporting. Used flags are:
*
* - LOOKUP_ALL_SUBKEYS_EXPIRED :: All Subkeys are expired or have
* been revoked.
* - LOOKUP_NOT_SELECTED :: No suitable key found
*
* This function needs to handle several different cases:
*
@ -3094,40 +3096,41 @@ merge_selfsigs (KBNODE keyblock)
*
*/
static kbnode_t
finish_lookup (getkey_ctx_t ctx, kbnode_t keyblock, unsigned int *r_flags)
finish_lookup (kbnode_t keyblock, unsigned int req_usage, int want_exact,
unsigned int *r_flags)
{
kbnode_t k;
/* If CTX->EXACT is set, the key or subkey that actually matched the
/* If WANT_EXACT is set, the key or subkey that actually matched the
low-level search criteria. */
kbnode_t foundk = NULL;
/* The user id (if any) that matched the low-level search criteria. */
PKT_user_id *foundu = NULL;
#define USAGE_MASK (PUBKEY_USAGE_SIG|PUBKEY_USAGE_ENC|PUBKEY_USAGE_CERT)
unsigned int req_usage = (ctx->req_usage & USAGE_MASK);
/* Request the primary if we're certifying another key, and also
if signing data while --pgp6 or --pgp7 is on since pgp 6 and 7
do not understand signatures made by a signing subkey. PGP 8
does. */
int req_prim = ((ctx->req_usage & PUBKEY_USAGE_CERT)
|| ((PGP6 || PGP7) && (ctx->req_usage & PUBKEY_USAGE_SIG)));
u32 curtime = make_timestamp ();
u32 latest_date;
kbnode_t latest_key;
PKT_public_key *pk;
log_assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY);
int req_prim;
u32 curtime = make_timestamp ();
if (r_flags)
*r_flags = 0;
#define USAGE_MASK (PUBKEY_USAGE_SIG|PUBKEY_USAGE_ENC|PUBKEY_USAGE_CERT)
req_usage &= USAGE_MASK;
/* Request the primary if we're certifying another key, and also if
* signing data while --pgp6 or --pgp7 is on since pgp 6 and 7 do
* not understand signatures made by a signing subkey. PGP 8 does. */
req_prim = ((req_usage & PUBKEY_USAGE_CERT)
|| ((PGP6 || PGP7) && (req_usage & PUBKEY_USAGE_SIG)));
log_assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY);
/* For an exact match mark the primary or subkey that matched the
low-level search criteria. */
if (ctx->exact)
if (want_exact)
{
for (k = keyblock; k; k = k->next)
{
@ -3262,7 +3265,7 @@ finish_lookup (getkey_ctx_t ctx, kbnode_t keyblock, unsigned int *r_flags)
* primary key, or,
*
* - we're just considering the primary key. */
if ((!latest_key && !ctx->exact) || foundk == keyblock || req_prim)
if ((!latest_key && !want_exact) || foundk == keyblock || req_prim)
{
if (DBG_LOOKUP && !foundk && !req_prim)
log_debug ("\tno suitable subkeys found - trying primary\n");
@ -3300,10 +3303,12 @@ finish_lookup (getkey_ctx_t ctx, kbnode_t keyblock, unsigned int *r_flags)
{
if (DBG_LOOKUP)
log_debug ("\tno suitable key found - giving up\n");
if (r_flags)
*r_flags |= LOOKUP_NOT_SELECTED;
return NULL; /* Not found. */
}
found:
found:
if (DBG_LOOKUP)
log_debug ("\tusing key %08lX\n",
(ulong) keyid_from_pk (latest_key->pkt->pkt.public_key, NULL));
@ -3408,12 +3413,10 @@ lookup (getkey_ctx_t ctx, kbnode_t *ret_keyblock, kbnode_t *ret_found_key,
goto skip; /* No secret key available. */
/* Warning: node flag bits 0 and 1 should be preserved by
* merge_selfsigs. For secret keys, premerge transferred the
* keys to the keyblock. */
* merge_selfsigs. */
merge_selfsigs (keyblock);
found_key = finish_lookup (ctx, keyblock, &infoflags);
if (!found_key)
infoflags |= LOOKUP_NOT_SELECTED;
found_key = finish_lookup (keyblock, ctx->req_usage, ctx->exact,
&infoflags);
print_status_key_considered (keyblock, infoflags);
if (found_key)
{