From d1738ac243f4e8095316cf9a337f12b18545cc31 Mon Sep 17 00:00:00 2001 From: David Shaw Date: Fri, 4 Oct 2002 22:09:18 +0000 Subject: [PATCH] * getkey.c (get_pubkey_direct): Don't cache keys retrieved via this function as they may not have all their fields filled in. * sig-check.c (signature_check2): Use new is_primary flag to check rather than comparing main_keyid with keyid as this still works in the case of a not fully filled in pk. --- g10/ChangeLog | 11 ++++++++++- g10/getkey.c | 5 ++++- g10/sig-check.c | 4 +--- 3 files changed, 15 insertions(+), 5 deletions(-) diff --git a/g10/ChangeLog b/g10/ChangeLog index 0662a412a..cd25cdca6 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,12 @@ +2002-10-04 David Shaw + + * getkey.c (get_pubkey_direct): Don't cache keys retrieved via + this function as they may not have all their fields filled in. + + * sig-check.c (signature_check2): Use new is_primary flag to check + rather than comparing main_keyid with keyid as this still works in + the case of a not fully filled in pk. + 2002-10-04 Werner Koch * passphrase.c (agent_get_passphrase): Fixed signed/unsigned char @@ -8,7 +17,7 @@ * keylist.c (print_capabilities): Secret-parts-missing keys should show that fact in the capabilities. - * packet.h, parse_packet (parse_key): Add is_primary flag for + * packet.h, parse_packet.c (parse_key): Add is_primary flag for public keys (it already exists for secret keys). * keylist.c (print_capabilities): Only primary signing keys can diff --git a/g10/getkey.c b/g10/getkey.c index a149f779b..e8f64c457 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -419,7 +419,10 @@ get_pubkey_direct (PKT_public_key *pk, u32 *keyid) || keyblock->pkt->pkttype == PKT_PUBLIC_SUBKEY ); copy_public_key (pk, keyblock->pkt->pkt.public_key ); release_kbnode (keyblock); - cache_public_key (pk); + + /* Not caching key here since it won't have all of the fields + properly set. */ + return 0; } diff --git a/g10/sig-check.c b/g10/sig-check.c index 718cf0e43..c254b4897 100644 --- a/g10/sig-check.c +++ b/g10/sig-check.c @@ -75,9 +75,7 @@ signature_check2( PKT_signature *sig, MD_HANDLE digest, } else if( get_pubkey( pk, sig->keyid ) ) rc = G10ERR_NO_PUBKEY; - else if(!pk->is_valid && - (pk->main_keyid[0]!=pk->keyid[0] || - pk->main_keyid[1]!=pk->keyid[1])) + else if(!pk->is_valid && !pk->is_primary) rc=G10ERR_BAD_PUBKEY; /* you cannot have a good sig from an invalid subkey */ else {