* export.c (do_export_stream): Warn the user when exporting a secret key

if it or any of its secret subkeys are protected with SHA1 while simple_sk_checksum is set. * parse-packet.c (parse_key): Show when the SHA1 protection is used in --list-packets. * options.h, build-packet.c (do_comment), g10.c (main): Rename --no-comment as --sk-comments/--no-sk-comments (--no-comment still works) and make the default be --no-sk-comments.
2025-01-10 13:04:23 +01:00 · 2002-05-07 15:21:57 +00:00 · 2002-05-07 15:21:57 +00:00 · d5d974536e
commit d5d974536e
parent 7d217ecd7a
6 changed files with 67 additions and 26 deletions
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,16 @@
+2002-05-07  David Shaw  <dshaw@jabberwocky.com>
+
+	* export.c (do_export_stream): Warn the user when exporting a
+	secret key if it or any of its secret subkeys are protected with
+	SHA1 while simple_sk_checksum is set.
+
+	* parse-packet.c (parse_key): Show when the SHA1 protection is
+	used in --list-packets.
+
+	* options.h, build-packet.c (do_comment), g10.c (main): Rename
+	--no-comment as --sk-comments/--no-sk-comments (--no-comment still
+	works) and make the default be --no-sk-comments.
+
 2002-05-07  Werner Koch  <wk@gnupg.org>

 	* keygen.c (get_parameter_algo): Never allow generation of the
@ -8,7 +21,7 @@

 2002-05-07  David Shaw  <dshaw@jabberwocky.com>

-	* keyedit.c (sign_uids): If --expert it set, allow re-signing a
+	* keyedit.c (sign_uids): If --expert is set, allow re-signing a
 	uid to promote a v3 self-sig to a v4 one.  This essentially
 	deletes the old v3 self-sig and replaces it with a v4 one.

--- a/g10/build-packet.c
+++ b/g10/build-packet.c
@ -196,7 +196,7 @@ write_fake_data( IOBUF out, MPI a )
 static int
 do_comment( IOBUF out, int ctb, PKT_comment *rem )
 {
-    if( !opt.no_comment ) {
+    if( opt.sk_comments ) {
 	write_header(out, ctb, rem->len);
 	if( iobuf_write( out, rem->data, rem->len ) )
 	    return G10ERR_WRITE_FILE;
--- a/g10/export.c
+++ b/g10/export.c
@ -152,6 +152,9 @@ do_export_stream( IOBUF out, STRLIST users, int secret, int onlyrfc, int *any )


    while (!(rc = keydb_search (kdbhd, desc, ndesc))) {
+        int sha1_warned=0;
+	u32 sk_keyid[2];
+
 	if (!users) 
            desc[0].mode = KEYDB_SEARCH_MODE_NEXT;

@ -172,23 +175,29 @@ do_export_stream( IOBUF out, STRLIST users, int secret, int onlyrfc, int *any )
 	    }
 	}

+	node=find_kbnode( keyblock, PKT_SECRET_KEY );
+	if(node)
+	  {
+	    PKT_secret_key *sk=node->pkt->pkt.secret_key;
+
+	    keyid_from_sk(sk,sk_keyid);
+
 	    /* we can't apply GNU mode 1001 on an unprotected key */
-	if( secret == 2
-	    && (node = find_kbnode( keyblock, PKT_SECRET_KEY ))
-	    && !node->pkt->pkt.secret_key->is_protected )
+	    if( secret == 2 && !sk->is_protected )
 	      {
 		log_info(_("key %08lX: not protected - skipped\n"),
-		  (ulong)keyid_from_sk( node->pkt->pkt.secret_key, NULL) );
+			 (ulong)sk_keyid[1]);
 		continue;
 	      }

 	    /* no v3 keys with GNU mode 1001 */
-	if( secret == 2 && node->pkt->pkt.secret_key->version == 3 )
+	    if( secret == 2 && sk->version == 3 )
 	      {
 		log_info(_("key %08lX: PGP 2.x style key - skipped\n"),
-		  (ulong)keyid_from_sk( node->pkt->pkt.secret_key, NULL) );
+			 (ulong)sk_keyid[1]);
 		continue;
 	      }
+	  }

 	/* and write it */
 	for( kbctx=NULL; (node = walk_kbnode( keyblock, &kbctx, 0 )); ) {
@ -232,6 +241,21 @@ do_export_stream( IOBUF out, STRLIST users, int secret, int onlyrfc, int *any )
 		node->pkt->pkt.secret_key->protect.s2k.mode = save_mode;
 	    }
 	    else {
+	      /* Warn the user if the secret key or any of the secret
+                 subkeys are protected with SHA1 and we have
+                 simple_sk_checksum set. */
+	      if(!sha1_warned && opt.simple_sk_checksum &&
+		 (node->pkt->pkttype==PKT_SECRET_KEY ||
+		  node->pkt->pkttype==PKT_SECRET_SUBKEY) &&
+		 node->pkt->pkt.secret_key->protect.sha1chk)
+		{
+		  /* I hope this warning doesn't confuse people. */
+		  log_info("Warning: secret key %08lX does not have a "
+			   "simple SK checksum\n",(ulong)sk_keyid[1]);
+
+		  sha1_warned=1;
+		}
+
 		rc = build_packet( out, node->pkt );
 	    }

--- a/g10/g10.c
+++ b/g10/g10.c
@ -150,7 +150,8 @@ enum cmd_and_opt_values { aNull = 0,
 #ifdef __riscos__
    oStatusFile,
 #endif /* __riscos__ */
-    oNoComment,
+    oSKComments,
+    oNoSKComments,
    oNoVersion,
    oEmitVersion,
    oCompletesNeeded,
@ -405,7 +406,9 @@ static ARGPARSE_OPTS opts[] = {
 #ifdef __riscos__
    { oStatusFile, "status-file" ,2, N_("|[file]|write status info to file") },
 #endif /* __riscos__ */
-    { oNoComment, "no-comment", 0,   "@"},
+    { oNoSKComments, "no-comment", 0,   "@"},
+    { oNoSKComments, "no-sk-comments", 0,   "@"},
+    { oSKComments, "sk-comments", 0,   "@"},
    { oCompletesNeeded, "completes-needed", 1, "@"},
    { oMarginalsNeeded, "marginals-needed", 1, "@"},
    { oMaxCertDepth,	"max-cert-depth", 1, "@" },
@ -1045,7 +1048,8 @@ main( int argc, char **argv )
 	  case oNoVerbose: g10_opt_verbose = 0;
 			   opt.verbose = 0; opt.list_sigs=0; break;
 	  case oQuickRandom: quick_random_gen(1); break;
-	  case oNoComment: opt.no_comment=1; break;
+	  case oSKComments: opt.sk_comments=1; break;
+	  case oNoSKComments: opt.sk_comments=0; break;
 	  case oNoVersion: opt.no_version=1; break;
 	  case oEmitVersion: opt.no_version=0; break;
 	  case oCompletesNeeded: opt.completes_needed = pargs.r.ret_int; break;
@ -1089,7 +1093,7 @@ main( int argc, char **argv )
 	    opt.rfc1991 = 1;
 	    opt.rfc2440 = 0;
 	    opt.force_v4_certs = 0;
-	    opt.no_comment = 1;
+	    opt.sk_comments = 0;
 	    opt.escape_from = 1;
 	    break;
 	  case oOpenPGP:
@ -1447,7 +1451,7 @@ main( int argc, char **argv )
 		opt.force_mdc = 0;
 		opt.disable_mdc = 1;
 		opt.force_v4_certs = 0;
-		opt.no_comment = 1;
+		opt.sk_comments = 0;
 		opt.escape_from = 1;
 		opt.force_v3_sigs = 1;
 		opt.pgp2_workarounds = 1;
@ -1463,7 +1467,7 @@ main( int argc, char **argv )
 	  {
 	    opt.force_mdc=0;
 	    opt.disable_mdc=1;
-	    opt.no_comment=1;
+	    opt.sk_comments=0;
 	    opt.escape_from=1;
 	    opt.force_v3_sigs=1;
 	    opt.ask_sig_expire=0;
--- a/g10/options.h
+++ b/g10/options.h
@ -69,7 +69,7 @@ struct {
    char *def_recipient;
    int def_recipient_self;
    int def_cert_check_level;
-    int no_comment;
+    int sk_comments;
    int no_version;
    int marginals_needed;
    int completes_needed;
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@ -1561,7 +1561,7 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
 		if( list_mode ) {
 		    printf(", algo: %d,%s hash: %d",
 				     sk->protect.algo,
-                                     sk->protect.sha1chk? ""
+                                     sk->protect.sha1chk?" SHA1 protection,"
                                                        :" simple checksum,",
 				     sk->protect.s2k.hash_algo );
 		    if( sk->protect.s2k.mode == 1