Fixes pertaining to revocation creation with subkey-only exported card keys

2024-09-21 15:01:41 +02:00 · 2005-08-04 09:53:21 +00:00 · 2005-08-04 09:53:21 +00:00 · cd4c621017
commit cd4c621017
parent 1990aacce0
6 changed files with 44 additions and 7 deletions
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,17 @@
+2005-08-04  Werner Koch  <wk@g10code.com>
+
+	* export.c (do_export_stream): Skip on-card keys when only subkeys
+	are to be exported.  It does not make sense to replace the on-card
+	key stub by a no-key stub.
+
+	* revoke.c (gen_revoke): Check for non-online keys.
+
+	* seckey-cert.c (is_secret_key_protected): Return -3 for
+	non-online key stubs.  The old code assumes that a protection
+	algorithm is still set but in some cases this one is 0 and thus it
+	won't be possible to decide whether it is unprotected or
+	protected.
+
 2005-07-28  Werner Koch  <wk@g10code.com>

 	* Makefile.am (other_libs): Add SRVLIBS.
--- a/g10/cardglue.c
+++ b/g10/cardglue.c
@ -533,7 +533,7 @@ check_card_serialno (app_t app, const char *serialno)
  const char *s;
  int ask = 0;
  int n;
-  
+
  for (s = serialno, n=0; *s != '/' && hexdigitp (s); s++, n++)
    ;
  if (n != 32)
--- a/g10/export.c
+++ b/g10/export.c
@ -230,6 +230,17 @@ do_export_stream( IOBUF out, STRLIST users, int secret,
 			 keystr(sk_keyid));
 		continue;
 	      }
+
+            /* It does not make sense to export a key with a primary
+               key on card using a non-key stub.  We simply skip those
+               keys when used with --export-secret-subkeys. */
+            if (secret == 2 && sk->is_protected
+                && sk->protect.s2k.mode == 1002 ) 
+              {
+		log_info(_("key %s: key material on-card - skipped\n"),
+			 keystr(sk_keyid));
+		continue;
+              }
 	  }
 	else
 	  {
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@ -540,7 +540,6 @@ check_signatures_trust( PKT_signature *sig )
      size_t fprlen;
      int okay;

-      log_info (_("Note: Verified address is `%s'\n"), sig->pka_info->email);

      primary_pk = xmalloc_clear (sizeof *primary_pk);
      get_pubkey (primary_pk, pk->main_keyid);
@ -548,9 +547,17 @@ check_signatures_trust( PKT_signature *sig )
      free_public_key (primary_pk);

      if ( fprlen == 20 && !memcmp (sig->pka_info->fpr, fpr, 20) )
-        okay = 1;
+        {
+          okay = 1;
+          log_info (_("Note: Verified signer's address is `%s'\n"),
+                    sig->pka_info->email);
+        }
      else
-        okay = 0;
+        {
+          okay = 0;
+          log_info (_("Note: Signer's address `%s' "
+                      "does not match DNS entry\n"), sig->pka_info->email);
+        }

      switch ( (trustlevel & TRUST_MASK) ) 
        {
--- a/g10/revoke.c
+++ b/g10/revoke.c
@ -497,11 +497,15 @@ gen_revoke( const char *uname )
 	log_error(_("unknown protection algorithm\n"));
 	rc = G10ERR_PUBKEY_ALGO;
 	break;
+      case -3:
+	tty_printf (_("Secret parts of primary key are not available.\n"));
+        rc = G10ERR_NO_SECKEY;
+        break;
      case 0:
 	tty_printf(_("NOTE: This key is not protected!\n"));
 	break;
      default:
-	rc = check_secret_key( sk, 0 );
+        rc = check_secret_key( sk, 0 );
 	break;
    }
    if( rc )
--- a/g10/seckey-cert.c
+++ b/g10/seckey-cert.c
@ -289,13 +289,14 @@ check_secret_key( PKT_secret_key *sk, int n )
 * check whether the secret key is protected.
 * Returns: 0 not protected, -1 on error or the protection algorithm
 *                           -2 indicates a card stub.
+ *                           -3 indicates a not-online stub.
 */
 int
 is_secret_key_protected( PKT_secret_key *sk )
 {
    return sk->is_protected?
-               sk->protect.s2k.mode == 1002? -2
-                                           : sk->protect.algo : 0;
+               sk->protect.s2k.mode == 1002? -2 :
+               sk->protect.s2k.mode == 1001? -3 : sk->protect.algo : 0;
 }