g10: Be more careful when checking if a binding is signed by a UTK.

* g10/tofu.c (signed_by_utk): When checking if a key is signed by an ultimately trusted key, only consider the signatures on the specified user id. * tests/openpgp/tofu.scm: Add test for the above. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>
2025-07-02 22:46:30 +02:00 · 2016-10-13 20:54:06 +02:00 · 2016-10-13 20:54:06 +02:00 · 95d0f3e5ee
commit 95d0f3e5ee
parent d2d936fbe8
2 changed files with 108 additions and 3 deletions
--- a/g10/tofu.c
+++ b/g10/tofu.c
@ -1308,14 +1308,37 @@ cross_sigs (const char *email, kbnode_t a, kbnode_t b)

 /* Return whether the key was signed by an ultimately trusted key.  */
 static int
-signed_by_utk (kbnode_t a)
+signed_by_utk (const char *email, kbnode_t a)
 {
  kbnode_t n;
+  int saw_email = 0;

  for (n = a; n; n = n->next)
    {
      PKT_signature *sig;

+      if (n->pkt->pkttype == PKT_USER_ID)
+        {
+          if (saw_email)
+            /* We're done: we've processed all signatures on the
+               user id.  */
+            break;
+          else
+            {
+              /* See if this is the matching user id.  */
+              PKT_user_id *user_id = n->pkt->pkt.user_id;
+              char *email2 = email_from_user_id (user_id->name);
+
+              if (strcmp (email, email2) == 0)
+                saw_email = 1;
+
+              xfree (email2);
+            }
+        }
+
+      if (! saw_email)
+        continue;
+
      if (n->pkt->pkttype != PKT_SIGNATURE)
        continue;

@ -2221,7 +2244,7 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk,
          }
        else
          {
-            is_signed_by_utk = signed_by_utk (kb);
+            is_signed_by_utk = signed_by_utk (email, kb);
            release_kbnode (kb);
          }
      }