* keyedit.c (menu_expire): Don't lose key flags when changing the

expiration date of a subkey. This is not the most optimal solution, but it is minimal change on the stable branch. * main.h, keygen.c (do_copy_key_flags): New function to copy key flags, if any, from one sig to another. (do_add_key_expire): New function to add key expiration to a sig. (keygen_copy_flags_add_expire): New version of keygen_add_key_expire that also copies key flags. (keygen_add_key_flags_and_expire): Use do_add_key_expire. * import.c (fix_hkp_corruption): Comment.
2024-05-27 21:41:23 +02:00 · 2002-12-01 20:59:04 +00:00 · 2002-12-01 20:59:04 +00:00 · db9195c10b
commit db9195c10b
parent 98708e1770
5 changed files with 72 additions and 21 deletions
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,18 @@
+2002-12-01  David Shaw  <dshaw@jabberwocky.com>
+
+	* keyedit.c (menu_expire): Don't lose key flags when changing the
+	expiration date of a subkey.  This is not the most optimal
+	solution, but it is minimal change on the stable branch.
+
+	* main.h, keygen.c (do_copy_key_flags): New function to copy key
+	flags, if any, from one sig to another.
+	(do_add_key_expire): New function to add key expiration to a sig.
+	(keygen_copy_flags_add_expire): New version of
+	keygen_add_key_expire that also copies key flags.
+	(keygen_add_key_flags_and_expire): Use do_add_key_expire.
+
+	* import.c (fix_hkp_corruption): Comment.
+
 2002-11-25  Stefan Bellon  <sbellon@sbellon.de>

 	* plaintext.c (handle_plaintext) [__riscos__]: If nooutput is set,
--- a/g10/import.c
+++ b/g10/import.c
@ -505,6 +505,10 @@ fix_hkp_corruption(KBNODE keyblock)
 	  sknode->next=node;
 	  last->next=NULL;

+	  /* Note we aren't checking whether this binding sig is a
+	     selfsig.  This is not necessary here as the subkey and
+	     binding sig will be rejected later if that is the
+	     case. */
 	  if(check_key_signature(keyblock,node,NULL))
 	    {
 	      /* Not a match, so undo the changes. */
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@ -2699,9 +2699,14 @@ menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock )
 					     sk, 0x13, 0, 0, 0, 0,
 					     keygen_add_std_prefs, main_pk );
 		else
+		  {
+		    struct flags_expire fe;
+		    fe.pk=sub_pk;
+		    fe.sig=sig;
 		    rc = make_keysig_packet( &newsig, main_pk, NULL, sub_pk,
 					     sk, 0x18, 0, 0, 0, 0,
-					     keygen_add_key_expire, sub_pk );
+					     keygen_copy_flags_add_expire,&fe);
+		  }
 		if( rc ) {
 		    log_error("make_keysig_packet failed: %s\n",
 						    g10_errstr(rc));
--- a/g10/keygen.c
+++ b/g10/keygen.c
@ -143,34 +143,56 @@ do_add_key_flags (PKT_signature *sig, unsigned int use)
    build_sig_subpkt (sig, SIGSUBPKT_KEY_FLAGS, buf, 1);
 }

+static void
+do_copy_key_flags (PKT_signature *sig, PKT_signature *oldsig)
+{
+  const byte *f;
+  size_t n;
+ 
+  /* Note that this will make any key flags in the unhashed area
+     disappear.  This may be good or bad, depending on your point of
+     view. */
+  f=parse_sig_subpkt(oldsig->hashed,SIGSUBPKT_KEY_FLAGS,&n);
+  if(f)
+    build_sig_subpkt(sig,SIGSUBPKT_KEY_FLAGS,f,n);
+}
+
+static void
+do_add_key_expire( PKT_signature *sig, PKT_public_key *pk )
+{
+  if( pk->expiredate )
+    {
+      byte buf[4];
+      u32 u;
+
+      u = pk->expiredate > pk->timestamp? pk->expiredate - pk->timestamp
+	: pk->timestamp;
+      buf[0] = (u >> 24) & 0xff;
+      buf[1] = (u >> 16) & 0xff;
+      buf[2] = (u >>  8) & 0xff;
+      buf[3] = u & 0xff;
+      build_sig_subpkt( sig, SIGSUBPKT_KEY_EXPIRE, buf, 4 );
+    }
+}

 int
-keygen_add_key_expire( PKT_signature *sig, void *opaque )
+keygen_copy_flags_add_expire( PKT_signature *sig, void *opaque )
 {
-    PKT_public_key *pk = opaque;
-    byte buf[8];
-    u32  u;
+  struct flags_expire *fe=opaque;
+  do_add_key_expire(sig,fe->pk);
+  do_copy_key_flags(sig,fe->sig);

-    if( pk->expiredate ) {
-	u = pk->expiredate > pk->timestamp? pk->expiredate - pk->timestamp
-					  : pk->timestamp;
-	buf[0] = (u >> 24) & 0xff;
-	buf[1] = (u >> 16) & 0xff;
-	buf[2] = (u >>	8) & 0xff;
-	buf[3] = u & 0xff;
-	build_sig_subpkt( sig, SIGSUBPKT_KEY_EXPIRE, buf, 4 );
-    }
-
-    return 0;
+  return 0;
 }

 static int
 keygen_add_key_flags_and_expire (PKT_signature *sig, void *opaque)
 {
-    struct opaque_data_usage_and_pk *oduap = opaque;
+  struct opaque_data_usage_and_pk *oduap = opaque;

-    do_add_key_flags (sig, oduap->usage);
-    return keygen_add_key_expire (sig, oduap->pk);
+  do_add_key_flags (sig, oduap->usage);
+  do_add_key_expire(sig,oduap->pk);
+  return 0;
 }

 static int
@ -489,7 +511,7 @@ keygen_add_std_prefs( PKT_signature *sig, void *opaque )
    byte buf[8];

    do_add_key_flags (sig, pk->pubkey_usage);
-    keygen_add_key_expire( sig, opaque );
+    do_add_key_expire (sig, pk);
    keygen_upd_std_prefs (sig, opaque);

    buf[0] = 0x80; /* no modify - It is reasonable that a key holder
--- a/g10/main.h
+++ b/g10/main.h
@ -130,7 +130,12 @@ u32 ask_expiredate(void);
 void generate_keypair( const char *fname );
 int keygen_set_std_prefs (const char *string,int personal);
 PKT_user_id *keygen_get_std_prefs (void);
-int keygen_add_key_expire( PKT_signature *sig, void *opaque );
+struct flags_expire
+{
+  PKT_public_key *pk;
+  PKT_signature *sig;
+};
+int keygen_copy_flags_add_expire( PKT_signature *sig, void *opaque );
 int keygen_add_std_prefs( PKT_signature *sig, void *opaque );
 int keygen_upd_std_prefs( PKT_signature *sig, void *opaque );
 int keygen_add_revkey(PKT_signature *sig, void *opaque);