From d367d40e47f7431832fd9cd4978b6cb22fc9b309 Mon Sep 17 00:00:00 2001 From: David Shaw Date: Wed, 10 Apr 2002 04:21:26 +0000 Subject: [PATCH] Add KEYEXPIRED, EXPSIG, and EXPKEYSIG. Add "deprecated-use-keyexpired-instead" to SIGEXPIRED. Start transition from SIGEXPIRED to KEYEXPIRED, since the actual event is signature verification by an expired key and not an expired signature. Rename do_signature_check as signature_check2, make public, and change all callers. Use status EXPSIG for an expired, but good, signature. Add the expiration time (or 0) to the VALIDSIG status line. Use status KEYEXPSIG for a good signature from an expired key. Remove checks for no arguments now that argparse does it. --- g10/ChangeLog | 23 ++++++++++++++++++++++- g10/g10.c | 24 +++++++++++------------- g10/mainproc.c | 43 +++++++++++++++++++++++++++---------------- g10/packet.h | 2 ++ g10/sig-check.c | 20 ++++++++++---------- g10/status.c | 5 ++++- g10/status.h | 6 ++++-- 7 files changed, 80 insertions(+), 43 deletions(-) diff --git a/g10/ChangeLog b/g10/ChangeLog index bb197982b..c13c6acc2 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,23 @@ +2002-04-08 David Shaw + + * status.h, status.c (get_status_string): Add KEYEXPIRED, EXPSIG, + and EXPKEYSIG. Add "deprecated-use-keyexpired-instead" to + SIGEXPIRED. + + * sig-check.c (do_check): Start transition from SIGEXPIRED to + KEYEXPIRED, since the actual event is signature verification by an + expired key and not an expired signature. (do_signature_check, + packet.h): Rename as signature_check2, make public, and change all + callers. + + * mainproc.c (check_sig_and_print, do_check_sig): Use status + EXPSIG for an expired, but good, signature. Add the expiration + time (or 0) to the VALIDSIG status line. Use status KEYEXPSIG for + a good signature from an expired key. + + * g10.c (main): remove checks for no arguments now that argparse + does it. + 2002-04-06 Werner Koch * keyring.c (keyring_get_keyblock): Disable the keylist mode here. @@ -1644,7 +1664,8 @@ * sign.c (make_keysig_packet): Added new sigversion argument to allow the caller to force generation of required signature - version. Changed all callers. Suggested by Thomas Roessler. + version. Changed all callers. Suggested by Thomas Roessler. + * keyedit.c (sign_uids): Force v4 signature generation for local sigs. Removed the check for local signature and pre-v4 keys. diff --git a/g10/g10.c b/g10/g10.c index 6732d0e30..23273a19c 100644 --- a/g10/g10.c +++ b/g10/g10.c @@ -1191,25 +1191,23 @@ main( int argc, char **argv ) #endif /* __riscos__ */ break; case oKeyServer: - if(pargs.r.ret_str==NULL || parse_keyserver_uri(pargs.r.ret_str)) + if(parse_keyserver_uri(pargs.r.ret_str)) log_error(_("could not parse keyserver URI\n")); break; case oKeyServerOptions: - if(pargs.r.ret_str) - parse_keyserver_options(pargs.r.ret_str); + parse_keyserver_options(pargs.r.ret_str); break; case oTempDir: opt.temp_dir=pargs.r.ret_str; break; case oExecPath: - if(pargs.r.ret_str) - { - /* Notice that path is never freed. That is - intentional due to the way putenv() works. */ - char *path=m_alloc(5+strlen(pargs.r.ret_str)+1); - strcpy(path,"PATH="); - strcat(path,pargs.r.ret_str); - if(putenv(path)!=0) - log_error(_("unable to set exec-path to %s\n"),path); - } + { + /* Notice that path is never freed. That is + intentional due to the way putenv() works. */ + char *path=m_alloc(5+strlen(pargs.r.ret_str)+1); + strcpy(path,"PATH="); + strcat(path,pargs.r.ret_str); + if(putenv(path)!=0) + log_error(_("unable to set exec-path to %s\n"),path); + } break; case oNotation: add_notation_data( pargs.r.ret_str ); break; case oShowNotation: opt.show_notation=1; break; diff --git a/g10/mainproc.c b/g10/mainproc.c index e86037d80..c75b36d82 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -619,11 +619,14 @@ proc_compressed( CTX c, PACKET *pkt ) * Returns: 0 = valid signature or an error code */ static int -do_check_sig( CTX c, KBNODE node, int *is_selfsig ) +do_check_sig( CTX c, KBNODE node, int *is_selfsig, int *is_expkey ) { PKT_signature *sig; MD_HANDLE md = NULL, md2 = NULL; - int algo, rc; + int algo, rc, dummy, dum2; + + if(!is_expkey) + is_expkey=&dum2; assert( node->pkt->pkttype == PKT_SIGNATURE ); if( is_selfsig ) @@ -677,9 +680,9 @@ do_check_sig( CTX c, KBNODE node, int *is_selfsig ) } else return G10ERR_SIG_CLASS; - rc = signature_check( sig, md ); + rc = signature_check2( sig, md, &dummy, is_expkey ); if( rc == G10ERR_BAD_SIGN && md2 ) - rc = signature_check( sig, md2 ); + rc = signature_check2( sig, md2, &dummy, is_expkey ); md_close(md); md_close(md2); @@ -939,7 +942,7 @@ list_node( CTX c, KBNODE node ) fputs("sig", stdout); if( opt.check_sigs ) { fflush(stdout); - switch( (rc2=do_check_sig( c, node, &is_selfsig )) ) { + switch( (rc2=do_check_sig( c, node, &is_selfsig, NULL )) ) { case 0: sigrc = '!'; break; case G10ERR_BAD_SIGN: sigrc = '-'; break; case G10ERR_NO_PUBKEY: @@ -1188,7 +1191,7 @@ check_sig_and_print( CTX c, KBNODE node ) { PKT_signature *sig = node->pkt->pkt.signature; const char *astr, *tstr; - int rc; + int rc, is_expkey=0; if( opt.skip_verify ) { log_info(_("signature verification suppressed\n")); @@ -1257,16 +1260,25 @@ check_sig_and_print( CTX c, KBNODE node ) log_info(_("Signature made %.*s using %s key ID %08lX\n"), (int)strlen(tstr), tstr, astr? astr: "?", (ulong)sig->keyid[1] ); - rc = do_check_sig(c, node, NULL ); + rc = do_check_sig(c, node, NULL, &is_expkey ); if( rc == G10ERR_NO_PUBKEY && opt.keyserver_scheme && opt.keyserver_options.auto_key_retrieve) { if( keyserver_import_keyid ( sig->keyid )==0 ) - rc = do_check_sig(c, node, NULL ); + rc = do_check_sig(c, node, NULL, &is_expkey ); } if( !rc || rc == G10ERR_BAD_SIGN ) { KBNODE un, keyblock; - int count=0; + int count=0, statno; char keyid_str[50]; + if(rc) + statno=STATUS_BADSIG; + else if(sig->flags.expired) + statno=STATUS_EXPSIG; + else if(is_expkey) + statno=STATUS_EXPKEYSIG; + else + statno=STATUS_GOODSIG; + keyblock = get_pubkeyblock( sig->keyid ); sprintf (keyid_str, "%08lX%08lX [uncertain] ", @@ -1284,8 +1296,7 @@ check_sig_and_print( CTX c, KBNODE node ) continue; keyid_str[17] = 0; /* cut off the "[uncertain]" part */ - write_status_text_and_buffer (rc? STATUS_BADSIG:STATUS_GOODSIG, - keyid_str, + write_status_text_and_buffer (statno, keyid_str, un->pkt->pkt.user_id->name, un->pkt->pkt.user_id->len, -1 ); @@ -1307,8 +1318,7 @@ check_sig_and_print( CTX c, KBNODE node ) if (opt.always_trust || !un) keyid_str[17] = 0; /* cut off the "[uncertain]" part */ - write_status_text_and_buffer (rc? STATUS_BADSIG:STATUS_GOODSIG, - keyid_str, + write_status_text_and_buffer (statno, keyid_str, un? un->pkt->pkt.user_id->name:"[?]", un? un->pkt->pkt.user_id->len:3, -1 ); @@ -1354,16 +1364,17 @@ check_sig_and_print( CTX c, KBNODE node ) if( !get_pubkey( pk, sig->keyid ) ) { byte array[MAX_FINGERPRINT_LEN], *p; - char buf[MAX_FINGERPRINT_LEN*2+61]; + char buf[MAX_FINGERPRINT_LEN*2+72]; size_t i, n; fingerprint_from_pk( pk, array, &n ); p = array; for(i=0; i < n ; i++, p++ ) sprintf(buf+2*i, "%02X", *p ); - sprintf(buf+strlen(buf), " %s %lu", + sprintf(buf+strlen(buf), " %s %lu %lu", strtimestamp( sig->timestamp ), - (ulong)sig->timestamp ); + (ulong)sig->timestamp, + (ulong)sig->expiredate ); write_status_text( STATUS_VALIDSIG, buf ); } free_public_key( pk ); diff --git a/g10/packet.h b/g10/packet.h index e27a2c531..b4efabb43 100644 --- a/g10/packet.h +++ b/g10/packet.h @@ -439,6 +439,8 @@ int cmp_user_ids( PKT_user_id *a, PKT_user_id *b ); /*-- sig-check.c --*/ int signature_check( PKT_signature *sig, MD_HANDLE digest ); +int signature_check2( PKT_signature *sig, MD_HANDLE digest, + u32 *r_expiredate, int *r_expired ); /*-- seckey-cert.c --*/ int is_secret_key_protected( PKT_secret_key *sk ); diff --git a/g10/sig-check.c b/g10/sig-check.c index 6946eecf2..fd7cb379e 100644 --- a/g10/sig-check.c +++ b/g10/sig-check.c @@ -39,13 +39,9 @@ struct cmp_help_context_s { MD_HANDLE md; }; - -static int do_signature_check( PKT_signature *sig, MD_HANDLE digest, - u32 *r_expiredate, int *r_expired ); static int do_check( PKT_public_key *pk, PKT_signature *sig, MD_HANDLE digest, int *r_expired ); - /**************** * Check the signature which is contained in SIG. * The MD_HANDLE should be currently open, so that this function @@ -56,12 +52,12 @@ signature_check( PKT_signature *sig, MD_HANDLE digest ) { u32 dummy; int dum2; - return do_signature_check( sig, digest, &dummy, &dum2 ); + return signature_check2( sig, digest, &dummy, &dum2 ); } -static int -do_signature_check( PKT_signature *sig, MD_HANDLE digest, - u32 *r_expiredate, int *r_expired ) +int +signature_check2( PKT_signature *sig, MD_HANDLE digest, + u32 *r_expiredate, int *r_expired ) { PKT_public_key *pk = m_alloc_clear( sizeof *pk ); int rc=0; @@ -82,7 +78,7 @@ do_signature_check( PKT_signature *sig, MD_HANDLE digest, * this sig-id we could have also used the hash of the document * and the timestamp, but the drawback of this is, that it is * not possible to sign more than one identical document within - * one second. Some remote bacth processing applications might + * one second. Some remote batch processing applications might * like this feature here */ MD_HANDLE md; u32 a = sig->timestamp; @@ -233,6 +229,7 @@ do_check( PKT_public_key *pk, PKT_signature *sig, MD_HANDLE digest, } if( pk->expiredate && pk->expiredate < cur_time ) { + char buf[11]; if (opt.verbose) { u32 tmp_kid[2]; @@ -240,6 +237,9 @@ do_check( PKT_public_key *pk, PKT_signature *sig, MD_HANDLE digest, log_info(_("NOTE: signature key %08lX expired %s\n"), (ulong)tmp_kid[1], asctimestamp( pk->expiredate ) ); } + /* SIGEXPIRED is deprecated. Use KEYEXPIRED. */ + sprintf(buf,"%lu",(ulong)pk->expiredate); + write_status_text(STATUS_KEYEXPIRED,buf); write_status(STATUS_SIGEXPIRED); *r_expired = 1; } @@ -490,7 +490,7 @@ check_key_signature2( KBNODE root, KBNODE node, int *is_selfsig, rc = do_check( pk, sig, md, r_expired ); } else { - rc = do_signature_check( sig, md, r_expiredate, r_expired ); + rc = signature_check2( sig, md, r_expiredate, r_expired ); } cache_sig_result ( sig, rc ); md_close(md); diff --git a/g10/status.c b/g10/status.c index 415484743..80459fa4d 100644 --- a/g10/status.c +++ b/g10/status.c @@ -84,7 +84,7 @@ get_status_string ( int no ) case STATUS_LEAVE : s = "LEAVE"; break; case STATUS_ABORT : s = "ABORT"; break; case STATUS_GOODSIG: s = "GOODSIG"; break; - case STATUS_SIGEXPIRED: s = "SIGEXPIRED"; break; + case STATUS_KEYEXPIRED: s = "KEYEXPIRED"; break; case STATUS_KEYREVOKED: s = "KEYREVOKED"; break; case STATUS_BADSIG : s = "BADSIG"; break; case STATUS_ERRSIG : s = "ERRSIG"; break; @@ -143,6 +143,9 @@ get_status_string ( int no ) case STATUS_INV_RECP : s = "INV_RECP"; break; case STATUS_NO_RECP : s = "NO_RECP"; break; case STATUS_ALREADY_SIGNED : s = "ALREADY_SIGNED"; break; + case STATUS_SIGEXPIRED : s = "SIGEXPIRED deprecated-use-keyexpired-instead"; break; + case STATUS_EXPSIG : s = "EXPSIG"; break; + case STATUS_EXPKEYSIG : s = "EXPKEYSIG"; break; default: s = "?"; break; } return s; diff --git a/g10/status.h b/g10/status.h index 9706e3fd7..9886a76de 100644 --- a/g10/status.h +++ b/g10/status.h @@ -33,7 +33,7 @@ #define STATUS_BADARMOR 7 #define STATUS_RSA_OR_IDEA 8 -#define STATUS_SIGEXPIRED 9 +#define STATUS_KEYEXPIRED 9 #define STATUS_KEYREVOKED 10 #define STATUS_TRUST_UNDEFINED 11 @@ -93,7 +93,9 @@ #define STATUS_INV_RECP 61 #define STATUS_NO_RECP 62 #define STATUS_ALREADY_SIGNED 63 - +#define STATUS_SIGEXPIRED 64 +#define STATUS_EXPSIG 65 +#define STATUS_EXPKEYSIG 66 /*-- status.c --*/ void set_status_fd ( int fd );