security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00
Code Activity

gpg: For readibility use macro instead of integers in key-clean.

Browse Source 
* g10/key-clean.c (NF_USABLE, NF_CONSIDER): New.
(NF_PROCESSED, NF_REVOC, NF_NOKEY): New.
This commit is contained in:
Werner Koch 2023-01-30 15:59:15 +01:00
parent 851ac88bde
commit d11d3cf85b
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
1 changed files with 42 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
g10/key-clean.c
View File

@ -35,14 +35,19 @@
#include "key-clean.h" #include "key-clean.h"
#define NF_USABLE 8 /* Usable signature and not a revocation. */
#define NF_CONSIDER 9 /* Internal use. */
#define NF_PROCESSED 10 /* Internal use. */
#define NF_REVOC 11 /* Usable revocation. */
#define NF_NOKEY 12 /* Key not available. */
/* /*
* Mark the signature of the given UID which are used to certify it. * Mark the signature of the given UID which are used to certify it.
* To do this, we first remove all signatures which are not valid and * To do this, we first remove all signatures which are not valid and
* from the remaining we look for the latest one. If this is not a * from the remaining we look for the latest one. If this is not a
* certification revocation signature we mark the signature by setting * certification revocation signature we mark the signature by setting
* node flag bit 8. Revocations are marked with flag 11, and sigs * node flag bit NF_USABLE. Revocations are marked with NF_REVOC, and
* from unavailable keys are marked with flag 12. Note that flag bits * sigs from unavailable keys are marked with NF_NOKEY.
* 9 and 10 are used for internal purposes.
*/ */
void void
mark_usable_uid_certs (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode, mark_usable_uid_certs (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode,
@ -57,7 +62,8 @@ mark_usable_uid_certs (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode,
{ {
int rc; int rc;
node->flag &= ~(1<<8 | 1<<9 | 1<<10 | 1<<11 | 1<<12); node->flag &= ~(1<<NF_USABLE | 1<<NF_CONSIDER
| 1<<NF_PROCESSED | 1<<NF_REVOC | 1<<NF_NOKEY);
if (node->pkt->pkttype == PKT_USER_ID if (node->pkt->pkttype == PKT_USER_ID
|| node->pkt->pkttype == PKT_PUBLIC_SUBKEY || node->pkt->pkttype == PKT_PUBLIC_SUBKEY
|| node->pkt->pkttype == PKT_SECRET_SUBKEY) || node->pkt->pkttype == PKT_SECRET_SUBKEY)
@ -81,19 +87,20 @@ mark_usable_uid_certs (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode,
/* we ignore anything that won't verify, but tag the /* we ignore anything that won't verify, but tag the
no_pubkey case */ no_pubkey case */
if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY) if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY)
node->flag |= 1<<12; node->flag |= 1<<NF_NOKEY;
continue; continue;
} }
node->flag |= 1<<9; node->flag |= 1<<NF_CONSIDER;
} }
/* Reset the remaining flags. */ /* Reset the remaining flags. */
for (; node; node = node->next) for (; node; node = node->next)
node->flag &= ~(1<<8 | 1<<9 | 1<<10 | 1<<11 | 1<<12); node->flag &= ~(1<<NF_USABLE | 1<<NF_CONSIDER
| 1<<NF_PROCESSED | 1<<NF_REVOC | 1<<NF_NOKEY);
/* kbnode flag usage: bit 9 is here set for signatures to consider, /* kbnode flag usage: bit NF_CONSIDER is here set for signatures to consider,
* bit 10 will be set by the loop to keep track of keyIDs already * bit NF_PROCESSED will be set by the loop to keep track of keyIDs already
* processed, bit 8 will be set for the usable signatures, and bit * processed, bit NF_USABLE will be set for the usable signatures, and bit
* 11 will be set for usable revocations. */ * NF_REVOC will be set for usable revocations. */
/* For each cert figure out the latest valid one. */ /* For each cert figure out the latest valid one. */
for (node=uidnode->next; node; node = node->next) for (node=uidnode->next; node; node = node->next)
@ -105,11 +112,11 @@ mark_usable_uid_certs (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode,
if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY
|| node->pkt->pkttype == PKT_SECRET_SUBKEY) || node->pkt->pkttype == PKT_SECRET_SUBKEY)
break; break;
if ( !(node->flag & (1<<9)) ) if ( !(node->flag & (1<<NF_CONSIDER)) )
continue; /* not a node to look at */ continue; /* not a node to look at */
if ( (node->flag & (1<<10)) ) if ( (node->flag & (1<<NF_PROCESSED)) )
continue; /* signature with a keyID already processed */ continue; /* signature with a keyID already processed */
node->flag |= (1<<10); /* mark this node as processed */ node->flag |= (1<<NF_PROCESSED); /* mark this node as processed */
sig = node->pkt->pkt.signature; sig = node->pkt->pkt.signature;
signode = node; signode = node;
sigdate = sig->timestamp; sigdate = sig->timestamp;
@ -121,14 +128,14 @@ mark_usable_uid_certs (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode,
if (n->pkt->pkttype == PKT_PUBLIC_SUBKEY if (n->pkt->pkttype == PKT_PUBLIC_SUBKEY
|| n->pkt->pkttype == PKT_SECRET_SUBKEY) || n->pkt->pkttype == PKT_SECRET_SUBKEY)
break; break;
if ( !(n->flag & (1<<9)) ) if ( !(n->flag & (1<<NF_CONSIDER)) )
continue; continue;
if ( (n->flag & (1<<10)) ) if ( (n->flag & (1<<NF_PROCESSED)) )
continue; /* shortcut already processed signatures */ continue; /* shortcut already processed signatures */
sig = n->pkt->pkt.signature; sig = n->pkt->pkt.signature;
if (kid[0] != sig->keyid[0] || kid[1] != sig->keyid[1]) if (kid[0] != sig->keyid[0] || kid[1] != sig->keyid[1])
continue; continue;
n->flag |= (1<<10); /* mark this node as processed */ n->flag |= (1<<NF_PROCESSED); /* mark this node as processed */
/* If signode is nonrevocable and unexpired and n isn't, /* If signode is nonrevocable and unexpired and n isn't,
then take signode (skip). It doesn't matter which is then take signode (skip). It doesn't matter which is
@ -197,13 +204,13 @@ mark_usable_uid_certs (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode,
if (expire==0 || expire > curtime ) if (expire==0 || expire > curtime )
{ {
signode->flag |= (1<<8); /* yeah, found a good cert */ signode->flag |= (1<<NF_USABLE); /* yeah, found a good cert */
if (next_expire && expire && expire < *next_expire) if (next_expire && expire && expire < *next_expire)
*next_expire = expire; *next_expire = expire;
} }
} }
else else
signode->flag |= (1<<11); signode->flag |= (1<<NF_REVOC);
} }
} }
@ -231,12 +238,13 @@ clean_sigs_from_uid (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode,
signatures are out, as are any signatures that aren't the last of signatures are out, as are any signatures that aren't the last of
a series of uid sigs or revocations It breaks down like this: a series of uid sigs or revocations It breaks down like this:
coming out of mark_usable_uid_certs, if a sig is unflagged, it is coming out of mark_usable_uid_certs, if a sig is unflagged, it is
not even a candidate. If a sig has flag 9 or 10, that means it not even a candidate. If a sig has flag NF_CONSIDER or
was selected as a candidate and vetted. If a sig has flag 8 it NF_PROCESSED, that means it was selected as a candidate and
is a usable signature. If a sig has flag 11 it is a usable vetted. If a sig has flag NF_USABLE it is a usable signature.
revocation. If a sig has flag 12 it was issued by an unavailable If a sig has flag NF_REVOC it is a usable revocation. If a sig
key. "Usable" here means the most recent valid has flag NF_NOKEY it was issued by an unavailable key. "Usable"
signature/revocation in a series from a particular signer. here means the most recent valid signature/revocation in a series
from a particular signer.
Delete everything that isn't a usable uid sig (which might be Delete everything that isn't a usable uid sig (which might be
expired), a usable revocation, or a sig from an unavailable expired), a usable revocation, or a sig from an unavailable
@ -252,34 +260,34 @@ clean_sigs_from_uid (ctrl_t ctrl, kbnode_t keyblock, kbnode_t uidnode,
&& node->pkt->pkt.signature->keyid[1] == keyid[1]) : 1; && node->pkt->pkt.signature->keyid[1] == keyid[1]) : 1;
/* Keep usable uid sigs ... */ /* Keep usable uid sigs ... */
if ((node->flag & (1<<8)) && keep) if ((node->flag & (1<<NF_USABLE)) && keep)
continue; continue;
/* ... and usable revocations... */ /* ... and usable revocations... */
if ((node->flag & (1<<11)) && keep) if ((node->flag & (1<<NF_REVOC)) && keep)
continue; continue;
/* ... and sigs from unavailable keys. */ /* ... and sigs from unavailable keys. */
/* disabled for now since more people seem to want sigs from /* disabled for now since more people seem to want sigs from
unavailable keys removed altogether. */ unavailable keys removed altogether. */
/* /*
if(node->flag & (1<<12)) if(node->flag & (1<<NF_NOKEY))
continue; continue;
*/ */
/* Everything else we delete */ /* Everything else we delete */
/* At this point, if 12 is set, the signing key was unavailable. /* At this point, if NF_NOKEY is set, the signing key was
If 9 or 10 is set, it's superseded. Otherwise, it's * unavailable. If NF_CONSIDER or NF_PROCESSED is set, it's
invalid. */ * superseded. Otherwise, it's invalid. */
if (noisy) if (noisy)
log_info ("removing signature from key %s on user ID \"%s\": %s\n", log_info ("removing signature from key %s on user ID \"%s\": %s\n",
keystr (node->pkt->pkt.signature->keyid), keystr (node->pkt->pkt.signature->keyid),
uidnode->pkt->pkt.user_id->name, uidnode->pkt->pkt.user_id->name,
node->flag&(1<<12)? "key unavailable": node->flag&(1<<NF_NOKEY)? "key unavailable":
node->flag&(1<<9)? "signature superseded" node->flag&(1<<NF_CONSIDER)? "signature superseded"
/* */ :"invalid signature" ); /* */ : "invalid signature" );
delete_kbnode (node); delete_kbnode (node);
deleted++; deleted++;