security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

See ChangeLog: Tue Feb 16 14:10:02 CET 1999 Werner Koch

Browse source
This commit is contained in:
Werner Koch 1999-02-16 13:16:33 +00:00
parent 6e5bc13878
commit e1a1b3fc90
53 changed files with 359 additions and 279 deletions
Download patch file Download diff file Expand all files Collapse all files

12
g10/ChangeLog
View file

@ -1,3 +1,15 @@
Tue Feb 16 14:10:02 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* g10.c (main): New option --encrypt-to
* pkclist.c (build_pk_list): Implemented encrypt-to.
* parse-packet.c (parse_user_id): Removed the hack to work with
utf-8 strings.
* g10.c (main): Install lockfile cleanup handler.
* tdbio.c (cleanup): Removed: this is now handled by dotlock.
Sat Feb 13 14:13:04 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* tdbio.c (tdbio_set_dbname): Init lockhandle for a new trustdb

15
g10/armor.c
View file

@ -608,15 +608,16 @@ radix64_read( armor_filter_context_t *afx, IOBUF a, size_t *retn,
/* some mailers leave quoted-printable encoded characters
* so we try to workaround this */
if( afx->buffer_pos+2 < afx->buffer_len ) {
int c1, c2, c3;
c1 = afx->buffer[afx->buffer_pos];
c2 = afx->buffer[afx->buffer_pos+1];
c3 = afx->buffer[afx->buffer_pos+2];
if( isxdigit(c1) && isxdigit(c2) && strchr( "=\n\r\t ", c3 )) {
int cc1, cc2, cc3;
cc1 = afx->buffer[afx->buffer_pos];
cc2 = afx->buffer[afx->buffer_pos+1];
cc3 = afx->buffer[afx->buffer_pos+2];
if( isxdigit(cc1) && isxdigit(cc2)
&& strchr( "=\n\r\t ", cc3 )) {
/* well it seems to be the case - adjust */
c = isdigit(c1)? (c1 - '0'): (toupper(c1)-'A'+10);
c = isdigit(cc1)? (cc1 - '0'): (toupper(cc1)-'A'+10);
c <<= 4;
c |= isdigit(c2)? (c2 - '0'): (toupper(c2)-'A'+10);
c |= isdigit(cc2)? (cc2 - '0'): (toupper(cc2)-'A'+10);
afx->buffer_pos += 2;
afx->qp_detected = 1;
goto again;

22
g10/build-packet.c
View file

@ -677,20 +677,20 @@ do_signature( IOBUF out, int ctb, PKT_signature *sig )
iobuf_put(a, sig->pubkey_algo );
iobuf_put(a, sig->digest_algo );
if( sig->version >= 4 ) {
size_t n;
size_t nn;
/* timestamp and keyid must have been packed into the
* subpackets prior to the call of this function, because
* these subpackets are hashed */
n = sig->hashed_data?((sig->hashed_data[0]<<8)
|sig->hashed_data[1]) :0;
write_16(a, n);
if( n )
iobuf_write( a, sig->hashed_data+2, n );
n = sig->unhashed_data?((sig->unhashed_data[0]<<8)
|sig->unhashed_data[1]) :0;
write_16(a, n);
if( n )
iobuf_write( a, sig->unhashed_data+2, n );
nn = sig->hashed_data?((sig->hashed_data[0]<<8)
|sig->hashed_data[1]) :0;
write_16(a, nn);
if( nn )
iobuf_write( a, sig->hashed_data+2, nn );
nn = sig->unhashed_data?((sig->unhashed_data[0]<<8)
|sig->unhashed_data[1]) :0;
write_16(a, nn);
if( nn )
iobuf_write( a, sig->unhashed_data+2, nn );
}
iobuf_put(a, sig->digest_start[0] );
iobuf_put(a, sig->digest_start[1] );

10
g10/g10.c
View file

@ -156,6 +156,7 @@ enum cmd_and_opt_values { aNull = 0,
oEscapeFrom,
oLockOnce,
oKeyServer,
oEncryptTo,
aTest };
@ -218,6 +219,7 @@ static ARGPARSE_OPTS opts[] = {
{ oArmor, "armor", 0, N_("create ascii armored output")},
{ oRecipient, "recipient", 2, N_("|NAME|encrypt for NAME")},
{ oRecipient, "remote-user", 2, "@"}, /* old option name */
{ oEncryptTo, "encrypt-to", 2, "@" },
#ifdef IS_G10
{ oUser, "local-user",2, N_("use this user-id to sign or decrypt")},
{ oCompress, NULL, 1, N_("|N|set compress level N (0 disables)") },
@ -541,6 +543,7 @@ main( int argc, char **argv )
disable_core_dumps();
#endif
init_signals();
create_dotlock(NULL); /* register locking cleanup */
i18n_init();
opt.compress = -1; /* defaults to standard compress level */
/* fixme: set the next two to zero and decide where used */
@ -761,6 +764,13 @@ main( int argc, char **argv )
case oS2KDigest: s2k_digest_string = m_strdup(pargs.r.ret_str); break;
case oS2KCipher: s2k_cipher_string = m_strdup(pargs.r.ret_str); break;
case oEncryptTo: /* store the recipient in the second list */
sl = m_alloc( sizeof *sl + strlen(pargs.r.ret_str));
strcpy(sl->d, pargs.r.ret_str);
sl->flags = 1;
sl->next = remusr;
remusr = sl;
break;
#ifdef IS_G10
case oRecipient: /* store the recipient */
sl = m_alloc( sizeof *sl + strlen(pargs.r.ret_str));

4
g10/keydb.h
View file

@ -111,13 +111,13 @@ struct pubkey_find_info {
/*-- pkclist.c --*/
int check_signatures_trust( PKT_signature *sig );
void release_pk_list( PK_LIST pk_list );
int build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned usage );
int build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned use );
int select_algo_from_prefs( PK_LIST pk_list, int preftype );
/*-- skclist.c --*/
void release_sk_list( SK_LIST sk_list );
int build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list,
int unlock, unsigned usage );
int unlock, unsigned use );
/*-- passphrase.h --*/
int have_static_passphrase(void);

24
g10/keyedit.c
View file

@ -49,8 +49,8 @@ static int menu_adduid( KBNODE keyblock, KBNODE sec_keyblock );
static void menu_deluid( KBNODE pub_keyblock, KBNODE sec_keyblock );
static void menu_delkey( KBNODE pub_keyblock, KBNODE sec_keyblock );
static int menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock );
static int menu_select_uid( KBNODE keyblock, int index );
static int menu_select_key( KBNODE keyblock, int index );
static int menu_select_uid( KBNODE keyblock, int idx );
static int menu_select_key( KBNODE keyblock, int idx );
static int count_uids( KBNODE keyblock );
static int count_uids_with_flag( KBNODE keyblock, unsigned flag );
static int count_keys_with_flag( KBNODE keyblock, unsigned flag );
@ -1309,21 +1309,21 @@ menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock )
* Returns: True if the selection changed;
*/
static int
menu_select_uid( KBNODE keyblock, int index )
menu_select_uid( KBNODE keyblock, int idx )
{
KBNODE node;
int i;
/* first check that the index is valid */
if( index ) {
if( idx ) {
for( i=0, node = keyblock; node; node = node->next ) {
if( node->pkt->pkttype == PKT_USER_ID ) {
if( ++i == index )
if( ++i == idx )
break;
}
}
if( !node ) {
tty_printf(_("No user id with index %d\n"), index );
tty_printf(_("No user id with index %d\n"), idx );
return 0;
}
}
@ -1337,7 +1337,7 @@ menu_select_uid( KBNODE keyblock, int index )
/* and toggle the new index */
for( i=0, node = keyblock; node; node = node->next ) {
if( node->pkt->pkttype == PKT_USER_ID ) {
if( ++i == index )
if( ++i == idx )
if( (node->flag & NODFLG_SELUID) )
node->flag &= ~NODFLG_SELUID;
else
@ -1353,22 +1353,22 @@ menu_select_uid( KBNODE keyblock, int index )
* Returns: True if the selection changed;
*/
static int
menu_select_key( KBNODE keyblock, int index )
menu_select_key( KBNODE keyblock, int idx )
{
KBNODE node;
int i;
/* first check that the index is valid */
if( index ) {
if( idx ) {
for( i=0, node = keyblock; node; node = node->next ) {
if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY
|| node->pkt->pkttype == PKT_SECRET_SUBKEY ) {
if( ++i == index )
if( ++i == idx )
break;
}
}
if( !node ) {
tty_printf(_("No secondary key with index %d\n"), index );
tty_printf(_("No secondary key with index %d\n"), idx );
return 0;
}
}
@ -1384,7 +1384,7 @@ menu_select_key( KBNODE keyblock, int index )
for( i=0, node = keyblock; node; node = node->next ) {
if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY
|| node->pkt->pkttype == PKT_SECRET_SUBKEY ) {
if( ++i == index )
if( ++i == idx )
if( (node->flag & NODFLG_SELKEY) )
node->flag &= ~NODFLG_SELKEY;
else

2
g10/keygen.c
View file

@ -488,7 +488,7 @@ ask_keysize( int algo )
static u32
ask_expire_interval()
ask_expire_interval(void)
{
char *answer;
int valid_days=0;

2
g10/main.h
View file

@ -72,7 +72,7 @@ int encrypt_filter( void *opaque, int control,
/*-- sign.c --*/
int complete_sig( PKT_signature *sig, PKT_secret_key *sk, MD_HANDLE md );
int sign_file( STRLIST filenames, int detached, STRLIST locusr,
int encrypt, STRLIST remusr, const char *outfile );
int do_encrypt, STRLIST remusr, const char *outfile );
int clearsign_file( const char *fname, STRLIST locusr, const char *outfile );
/*-- sig-check.c --*/

13
g10/parse-packet.c
View file

@ -1400,19 +1400,8 @@ parse_user_id( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
packet->pkt.user_id = m_alloc(sizeof *packet->pkt.user_id + pktlen);
packet->pkt.user_id->len = pktlen;
p = packet->pkt.user_id->name;
for( ; pktlen; pktlen--, p++ ) {
for( ; pktlen; pktlen--, p++ )
*p = iobuf_get_noeof(inp);
/* 0xff is not a valid utf-8 encoding so we can use it to replace
* Nulls. This has the advantage that we can work with regular
* C strings. When exporting it, we change it back to Null
* the utf-8 functions know about this special convention.
* The advantage of this single character is that we can
* simple replace it. Problem is that we can't handle the 0xff
* character which may have been used by pref rfc2440 implementations
* I hope we can live with this. */
if( !*p )
*p = 0xff;
}
*p = 0;
if( list_mode ) {

47
g10/pkclist.c
View file

@ -511,13 +511,43 @@ release_pk_list( PK_LIST pk_list )
}
int
build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned usage )
build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned use )
{
PK_LIST pk_list = NULL;
PKT_public_key *pk=NULL;
int rc=0;
int any_recipients=0;
STRLIST rov;
if( !remusr && !opt.batch ) { /* ask */
/* check whether there are any recipients in the list and build the
* list of the encrypt-to ones (we always trust them) */
for( rov = remusr; rov; rov = rov->next ) {
if( !(rov->flags & 1) )
any_recipients = 1;
else if( (use & PUBKEY_USAGE_ENC) ) {
pk = m_alloc_clear( sizeof *pk );
pk->pubkey_usage = use;
if( (rc = get_pubkey_byname( NULL, pk, rov->d, NULL )) ) {
free_public_key( pk ); pk = NULL;
log_error(_("%s: skipped: %s\n"), rov->d, g10_errstr(rc) );
}
else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use )) ) {
PK_LIST r;
r = m_alloc( sizeof *r );
r->pk = pk; pk = NULL;
r->next = pk_list;
r->mark = 0;
pk_list = r;
}
else {
free_public_key( pk ); pk = NULL;
log_error(_("%s: skipped: %s\n"), rov->d, g10_errstr(rc) );
}
}
}
if( !any_recipients && !opt.batch ) { /* ask */
char *answer=NULL;
tty_printf(_(
@ -534,11 +564,11 @@ build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned usage )
if( pk )
free_public_key( pk );
pk = m_alloc_clear( sizeof *pk );
pk->pubkey_usage = usage;
pk->pubkey_usage = use;
rc = get_pubkey_byname( NULL, pk, answer, NULL );
if( rc )
tty_printf(_("No such user ID.\n"));
else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, usage)) ) {
else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use)) ) {
int trustlevel;
rc = check_trust( pk, &trustlevel );
@ -554,6 +584,7 @@ build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned usage )
r->next = pk_list;
r->mark = 0;
pk_list = r;
any_recipients = 1;
break;
}
}
@ -568,12 +599,12 @@ build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned usage )
for(; remusr; remusr = remusr->next ) {
pk = m_alloc_clear( sizeof *pk );
pk->pubkey_usage = usage;
pk->pubkey_usage = use;
if( (rc = get_pubkey_byname( NULL, pk, remusr->d, NULL )) ) {
free_public_key( pk ); pk = NULL;
log_error(_("%s: skipped: %s\n"), remusr->d, g10_errstr(rc) );
}
else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, usage )) ) {
else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use )) ) {
int trustlevel;
rc = check_trust( pk, &trustlevel );
@ -591,6 +622,7 @@ build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned usage )
r->next = pk_list;
r->mark = 0;
pk_list = r;
any_recipients = 1;
}
else { /* we don't trust this pk */
free_public_key( pk ); pk = NULL;
@ -603,8 +635,7 @@ build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned usage )
}
}
if( !rc && !pk_list ) {
if( !rc && !any_recipients ) {
log_error(_("no valid addressees\n"));
rc = G10ERR_NO_USER_ID;
}

18
g10/seckey-cert.c
View file

@ -226,8 +226,8 @@ protect_secret_key( PKT_secret_key *sk, DEK *dek )
cipher_encrypt( cipher_hd, sk->protect.iv, sk->protect.iv, 8 );
if( sk->version >= 4 ) {
#define NMPIS (PUBKEY_MAX_NSKEY - PUBKEY_MAX_NPKEY)
byte *buffer[NMPIS];
unsigned nbytes[NMPIS];
byte *bufarr[NMPIS];
unsigned narr[NMPIS];
unsigned nbits[NMPIS];
int ndata=0;
byte *p, *data;
@ -235,23 +235,23 @@ protect_secret_key( PKT_secret_key *sk, DEK *dek )
for(j=0, i = pubkey_get_npkey(sk->pubkey_algo);
i < pubkey_get_nskey(sk->pubkey_algo); i++, j++ ) {
assert( !mpi_is_opaque( sk->skey[i] ) );
buffer[j] = mpi_get_buffer( sk->skey[i], &nbytes[j], NULL );
bufarr[j] = mpi_get_buffer( sk->skey[i], &narr[j], NULL );
nbits[j] = mpi_get_nbits( sk->skey[i] );
ndata += nbytes[j] + 2;
ndata += narr[j] + 2;
}
for( ; j < NMPIS; j++ )
buffer[j] = NULL;
bufarr[j] = NULL;
ndata += 2; /* for checksum */
data = m_alloc_secure( ndata );
p = data;
for(j=0; j < NMPIS && buffer[j]; j++ ) {
for(j=0; j < NMPIS && bufarr[j]; j++ ) {
p[0] = nbits[j] >> 8 ;
p[1] = nbits[j];
p += 2;
memcpy(p, buffer[j], nbytes[j] );
p += nbytes[j];
m_free(buffer[j]);
memcpy(p, bufarr[j], narr[j] );
p += narr[j];
m_free(bufarr[j]);
}
#undef NMPIS
csum = checksum( data, ndata-2);

14
g10/skclist.c
View file

@ -62,7 +62,7 @@ is_insecure( PKT_secret_key *sk )
int
build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list, int unlock,
unsigned usage )
unsigned use )
{
SK_LIST sk_list = NULL;
int rc;
@ -71,14 +71,14 @@ build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list, int unlock,
PKT_secret_key *sk;
sk = m_alloc_clear( sizeof *sk );
sk->pubkey_usage = usage;
sk->pubkey_usage = use;
if( (rc = get_seckey_byname( sk, NULL, unlock )) ) {
free_secret_key( sk ); sk = NULL;
log_error("no default secret key: %s\n", g10_errstr(rc) );
}
else if( !(rc=check_pubkey_algo2(sk->pubkey_algo, usage)) ) {
else if( !(rc=check_pubkey_algo2(sk->pubkey_algo, use)) ) {
SK_LIST r;
if( sk->version == 4 && (usage & PUBKEY_USAGE_SIG)
if( sk->version == 4 && (use & PUBKEY_USAGE_SIG)
&& sk->pubkey_algo == PUBKEY_ALGO_ELGAMAL_E ) {
log_info("this is a PGP generated "
"ElGamal key which is NOT secure for signatures!\n");
@ -107,14 +107,14 @@ build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list, int unlock,
PKT_secret_key *sk;
sk = m_alloc_clear( sizeof *sk );
sk->pubkey_usage = usage;
sk->pubkey_usage = use;
if( (rc = get_seckey_byname( sk, locusr->d, unlock )) ) {
free_secret_key( sk ); sk = NULL;
log_error(_("skipped `%s': %s\n"), locusr->d, g10_errstr(rc) );
}
else if( !(rc=check_pubkey_algo2(sk->pubkey_algo, usage)) ) {
else if( !(rc=check_pubkey_algo2(sk->pubkey_algo, use)) ) {
SK_LIST r;
if( sk->version == 4 && (usage & PUBKEY_USAGE_SIG)
if( sk->version == 4 && (use & PUBKEY_USAGE_SIG)
&& sk->pubkey_algo == PUBKEY_ALGO_ELGAMAL_E ) {
log_info(_("skipped `%s': this is a PGP generated "
"ElGamal key which is not secure for signatures!\n"),

7
g10/tdbio.c
View file

@ -514,7 +514,8 @@ open_db()
TRUSTREC rec;
assert( db_fd == -1 );
lockhandle = create_dotlock( db_name );
if( !lockhandle )
lockhandle = create_dotlock( db_name );
if( !lockhandle )
log_fatal( _("%s: can't create lock\n"), db_name );
#ifdef HAVE_DOSISH_SYSTEM
@ -611,7 +612,7 @@ tdbio_db_matches_options()
* Return the record number of the keyhash tbl or create a new one.
*/
static ulong
get_keyhashrec()
get_keyhashrec(void)
{
static ulong keyhashtbl; /* record number of the key hashtable */
@ -636,7 +637,7 @@ get_keyhashrec()
* or create a new one.
*/
static ulong
get_sdirhashrec()
get_sdirhashrec(void)
{
static ulong sdirhashtbl; /* record number of the hashtable */

62
g10/trustdb.c
View file

@ -115,7 +115,7 @@ static int get_dir_record( PKT_public_key *pk, TRUSTREC *rec );
static void upd_pref_record( TRUSTREC *urec, u32 *keyid, PKT_signature *sig );
static void upd_cert_record( KBNODE keyblock, KBNODE signode, u32 *keyid,
TRUSTREC *drec, RECNO_LIST *recno_list, int recheck,
TRUSTREC *urec, const byte *uidhash, int revoke );
TRUSTREC *urec, const byte *uidhash, int revoked );
static struct keyid_list *trusted_key_list;
@ -138,7 +138,7 @@ static struct local_id_item *unused_lid_items;
**********************************************/
static void
die_invalid_db()
die_invalid_db(void)
{
log_error(_(
"The trustdb is corrupted; please run \"gpgm --fix-trustdb\".\n") );
@ -192,7 +192,7 @@ delete_record( ulong recno )
* sync the db
*/
static void
do_sync( )
do_sync(void)
{
int rc = tdbio_sync();
if( !rc )
@ -480,7 +480,7 @@ register_trusted_key( const char *string )
* Verify that all our public keys are in the trustdb.
*/
static int
verify_own_keys()
verify_own_keys(void)
{
int rc;
void *enum_context = NULL;
@ -2111,7 +2111,7 @@ check_hint_sig( ulong lid, KBNODE keyblock, u32 *keyid, byte *uidrec_hash,
PKT_signature *sigpkt = NULL;
TRUSTREC tmp;
u32 sigkid[2];
int revoke = 0;
int revoked = 0;
if( sigrec->r.sig.sig[sigidx].flag & SIGF_CHECKED )
log_info(_("NOTE: sig rec %lu[%d] in hintlist "
@ -2156,7 +2156,7 @@ check_hint_sig( ulong lid, KBNODE keyblock, u32 *keyid, byte *uidrec_hash,
if( sigpkt->keyid[0] == sigkid[0]
&& sigpkt->keyid[1] == sigkid[1]
&& ( (sigpkt->sig_class&~3) == 0x10
|| ( revoke = (sigpkt->sig_class == 0x30)) ) ) {
|| ( revoked = (sigpkt->sig_class == 0x30)) ) ) {
state = 2;
break; /* found */
}
@ -2186,10 +2186,10 @@ check_hint_sig( ulong lid, KBNODE keyblock, u32 *keyid, byte *uidrec_hash,
log_info("sig %08lX.%lu/%02X%02X/%08lX: %s\n",
(ulong)keyid[1], lid, uhash[18], uhash[19],
(ulong)sigpkt->keyid[1],
revoke? _("Valid certificate revocation")
: _("Good certificate") );
revoked? _("Valid certificate revocation")
: _("Good certificate") );
sigrec->r.sig.sig[sigidx].flag = SIGF_CHECKED | SIGF_VALID;
if( revoke )
if( revoked )
sigrec->r.sig.sig[sigidx].flag |= SIGF_REVOKED;
}
else if( rc == G10ERR_NO_PUBKEY ) {
@ -2779,9 +2779,9 @@ upd_pref_record( TRUSTREC *urec, u32 *keyid, PKT_signature *sig )
else { /* need more than one pref record */
TRUSTREC tmp;
ulong nextrn;
int n = n_prefs_sig;
byte *pp = prefs_sig;
n = n_prefs_sig;
memcpy( prec.r.pref.data, pp, ITEMS_PER_PREF_RECORD );
n -= ITEMS_PER_PREF_RECORD;
pp += ITEMS_PER_PREF_RECORD;
@ -2814,7 +2814,7 @@ upd_pref_record( TRUSTREC *urec, u32 *keyid, PKT_signature *sig )
static void
upd_cert_record( KBNODE keyblock, KBNODE signode, u32 *keyid,
TRUSTREC *drec, RECNO_LIST *recno_list, int recheck,
TRUSTREC *urec, const byte *uidhash, int revoke )
TRUSTREC *urec, const byte *uidhash, int revoked )
{
/* We simply insert the signature into the sig records but
* avoid duplicate ones. We do not check them here because
@ -2893,7 +2893,7 @@ upd_cert_record( KBNODE keyblock, KBNODE signode, u32 *keyid,
#endif
found_sig = 1;
}
if( !recheck && !revoke && (rec.r.sig.sig[i].flag & SIGF_CHECKED) )
if( !recheck && !revoked && (rec.r.sig.sig[i].flag & SIGF_CHECKED) )
continue; /* we already checked this signature */
if( !recheck && (rec.r.sig.sig[i].flag & SIGF_NOPUBKEY) )
continue; /* we do not have the public key */
@ -2907,10 +2907,10 @@ upd_cert_record( KBNODE keyblock, KBNODE signode, u32 *keyid,
log_info("sig %08lX.%lu/%02X%02X/%08lX: %s\n",
(ulong)keyid[1], lid, uidhash[18],
uidhash[19], (ulong)sig->keyid[1],
revoke? _("Valid certificate revocation")
: _("Good certificate") );
revoked? _("Valid certificate revocation")
: _("Good certificate") );
rec.r.sig.sig[i].flag = SIGF_CHECKED | SIGF_VALID;
if( revoke )
if( revoked )
rec.r.sig.sig[i].flag |= SIGF_REVOKED;
}
else if( rc == G10ERR_NO_PUBKEY ) {
@ -2922,18 +2922,18 @@ upd_cert_record( KBNODE keyblock, KBNODE signode, u32 *keyid,
_("Hmmm, public key lost?") );
#endif
rec.r.sig.sig[i].flag = SIGF_NOPUBKEY;
if( revoke )
if( revoked )
rec.r.sig.sig[i].flag |= SIGF_REVOKED;
}
else {
log_info("sig %08lX.%lu/%02X%02X/%08lX: %s: %s\n",
(ulong)keyid[1], lid, uidhash[18],
uidhash[19], (ulong)sig->keyid[1],
revoke? _("Invalid certificate revocation")
: _("Invalid certificate"),
revoked? _("Invalid certificate revocation")
: _("Invalid certificate"),
g10_errstr(rc));
rec.r.sig.sig[i].flag = SIGF_CHECKED;
if( revoke )
if( revoked )
rec.r.sig.sig[i].flag |= SIGF_REVOKED;
}
rec.dirty = 1;
@ -2950,7 +2950,7 @@ upd_cert_record( KBNODE keyblock, KBNODE signode, u32 *keyid,
(ulong)keyid[1], lid,
uidhash[18], uidhash[19], tmp.recnum );
rec.r.sig.sig[i].flag = SIGF_NOPUBKEY;
if( revoke )
if( revoked )
rec.r.sig.sig[i].flag |= SIGF_REVOKED;
rec.dirty = 1;
/* fixme: should we verify that the record is
@ -2991,11 +2991,11 @@ upd_cert_record( KBNODE keyblock, KBNODE signode, u32 *keyid,
log_info("sig %08lX.%lu/%02X%02X/%08lX: %s\n",
(ulong)keyid[1], lid, uidhash[18],
uidhash[19], (ulong)sig->keyid[1],
revoke? _("Valid certificate revocation")
: _("Good certificate") );
revoked? _("Valid certificate revocation")
: _("Good certificate") );
newlid = pk_lid; /* this is the pk of the signature */
newflag = SIGF_CHECKED | SIGF_VALID;
if( revoke )
if( revoked )
newflag |= SIGF_REVOKED;
}
else if( rc == G10ERR_NO_PUBKEY ) {
@ -3005,19 +3005,19 @@ upd_cert_record( KBNODE keyblock, KBNODE signode, u32 *keyid,
uidhash[19], (ulong)sig->keyid[1], g10_errstr(rc) );
newlid = create_shadow_dir( sig, lid );
newflag = SIGF_NOPUBKEY;
if( revoke )
if( revoked )
newflag |= SIGF_REVOKED;
}
else {
log_info( "sig %08lX.%lu/%02X%02X/%08lX: %s: %s\n",
(ulong)keyid[1], lid, uidhash[18], uidhash[19],
(ulong)sig->keyid[1],
revoke? _("Invalid certificate revocation")
: _("Invalid certificate"),
revoked? _("Invalid certificate revocation")
: _("Invalid certificate"),
g10_errstr(rc));
newlid = create_shadow_dir( sig, lid );
newflag = SIGF_CHECKED;
if( revoke )
if( revoked )
newflag |= SIGF_REVOKED;
}
@ -3264,12 +3264,12 @@ insert_trust_record( PKT_public_key *pk )
for( node=keyblock; node; node = node->next ) {
if( node->pkt->pkttype == PKT_PUBLIC_KEY
|| node->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
PKT_public_key *pk = node->pkt->pkt.public_key;
pk->local_id = dirrec.r.dir.lid;
PKT_public_key *a_pk = node->pkt->pkt.public_key;
a_pk->local_id = dirrec.r.dir.lid;
}
else if( node->pkt->pkttype == PKT_SIGNATURE ) {
PKT_signature *sig = node->pkt->pkt.signature;
sig->local_id = dirrec.r.dir.lid;
PKT_signature *a_sig = node->pkt->pkt.signature;
a_sig->local_id = dirrec.r.dir.lid;
}
}