security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-06-16 00:29:50 +02:00
Code Activity

gpg: Fix the use of future-default with --quick-add-key.

Browse Source 
* g10/keygen.c (parse_key_parameter_part): Add arg clear_cert.
(parse_key_parameter_string): Add arg suggested_use and implement
fallback.  Change callers to pass 0 for new arg.
(parse_algo_usage_expire): Pass the parsed USAGESTR to
parse_key_parameter_string so that it can use it in case a subkey is
to be created.
--

The problem here was that future-default gives the primary and subkey
algorithm.  However, when using future-default for adding a key, the
second part was always used which is for encryption.  If the caller
now wanted to create a signing subkey using the future-default
parameters this did not worked.

  gpg --batch --passphrase "" --quick-add-key FPR future-default encr

aready worked as did

  gpg --batch --passphrase "" --quick-add-key FPR ed25519 sign

but

  gpg --batch --passphrase "" --quick-add-key FPR future-default sign

does only work with this fix.

GnuPG-bug-id: 3747
Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2018-01-18 13:38:23 +01:00
parent 6fb5713f4a
commit e1e35db510
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
1 changed files with 34 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
g10/keygen.c
View File

@ -2895,9 +2895,11 @@ generate_user_id (KBNODE keyblock, const char *uidstr)
* success is returned. On error an error code is returned. Note * success is returned. On error an error code is returned. Note
* that STRING may be modified by this function. NULL may be passed * that STRING may be modified by this function. NULL may be passed
* for any parameter. FOR_SUBKEY shall be true if this is used as a * for any parameter. FOR_SUBKEY shall be true if this is used as a
* subkey. If CLEAR_CERT is set a default CERT usage will be cleared;
* this is useful if for example the default algorithm is used for a
* subkey. */ * subkey. */
static gpg_error_t static gpg_error_t
parse_key_parameter_part (char *string, int for_subkey, parse_key_parameter_part (char *string, int for_subkey, int clear_cert,
int *r_algo, unsigned int *r_size, int *r_algo, unsigned int *r_size,
unsigned int *r_keyuse, unsigned int *r_keyuse,
char const **r_curve) char const **r_curve)
@ -3048,6 +3050,10 @@ parse_key_parameter_part (char *string, int for_subkey,
if (!for_subkey) if (!for_subkey)
keyuse |= PUBKEY_USAGE_CERT; keyuse |= PUBKEY_USAGE_CERT;
/* But if requested remove th cert usage. */
if (clear_cert)
keyuse &= ~PUBKEY_USAGE_CERT;
/* Check that usage is actually possible. */ /* Check that usage is actually possible. */
if (/**/((keyuse & (PUBKEY_USAGE_SIG|PUBKEY_USAGE_AUTH|PUBKEY_USAGE_CERT)) if (/**/((keyuse & (PUBKEY_USAGE_SIG|PUBKEY_USAGE_AUTH|PUBKEY_USAGE_CERT))
&& !pubkey_get_nsig (algo)) && !pubkey_get_nsig (algo))
@ -3119,14 +3125,16 @@ parse_key_parameter_part (char *string, int for_subkey,
* -1 := Both parts * -1 := Both parts
* 0 := Only the part of the primary key * 0 := Only the part of the primary key
* 1 := If there is one part parse that one, if there are * 1 := If there is one part parse that one, if there are
* two parts parse the second part. Always return * two parts parse the part which best matches the
* in the args for the primary key (R_ALGO,....). * SUGGESTED_USE or in case that can't be evaluated the second part.
* Always return using the args for the primary key (R_ALGO,....).
* *
*/ */
gpg_error_t gpg_error_t
parse_key_parameter_string (const char *string, int part, parse_key_parameter_string (const char *string, int part,
unsigned int suggested_use,
int *r_algo, unsigned int *r_size, int *r_algo, unsigned int *r_size,
unsigned *r_keyuse, unsigned int *r_keyuse,
char const **r_curve, char const **r_curve,
int *r_subalgo, unsigned int *r_subsize, int *r_subalgo, unsigned int *r_subsize,
unsigned *r_subkeyuse, unsigned *r_subkeyuse,
@ -3165,18 +3173,31 @@ parse_key_parameter_string (const char *string, int part,
*secondary++ = 0; *secondary++ = 0;
if (part == -1 || part == 0) if (part == -1 || part == 0)
{ {
err = parse_key_parameter_part (primary, 0, r_algo, r_size, err = parse_key_parameter_part (primary, 0, 0, r_algo, r_size,
r_keyuse, r_curve); r_keyuse, r_curve);
if (!err && part == -1) if (!err && part == -1)
err = parse_key_parameter_part (secondary, 1, r_subalgo, r_subsize, err = parse_key_parameter_part (secondary, 1, 0, r_subalgo, r_subsize,
r_subkeyuse, r_subcurve); r_subkeyuse, r_subcurve);
} }
else if (part == 1) else if (part == 1)
{ {
/* If we have SECONDARY, use that part. If there is only one /* If we have SECONDARY, use that part. If there is only one
* part consider this to be the subkey algo. */ * part consider this to be the subkey algo. In case a
err = parse_key_parameter_part (secondary? secondary : primary, 1, * SUGGESTED_USE has been given and the usage of the secondary
r_algo, r_size, r_keyuse, r_curve); * part does not match SUGGESTED_USE try again using the primary
* part. Noet thar when falling back to the primary key we need
* to force clearing the cert usage. */
if (secondary)
{
err = parse_key_parameter_part (secondary, 1, 0,
r_algo, r_size, r_keyuse, r_curve);
if (!err && suggested_use && r_keyuse && !(suggested_use & *r_keyuse))
err = parse_key_parameter_part (primary, 1, 1 /*(clear cert)*/,
r_algo, r_size, r_keyuse, r_curve);
}
else
err = parse_key_parameter_part (primary, 1, 0,
r_algo, r_size, r_keyuse, r_curve);
} }
xfree (primary); xfree (primary);
@ -3263,7 +3284,7 @@ get_parameter_algo( struct para_data_s *para, enum para_name key,
* for the curve etc. That is a ugly but demanded for backward * for the curve etc. That is a ugly but demanded for backward
* compatibility with the batch key generation. It would be * compatibility with the batch key generation. It would be
* better to make full use of parse_key_parameter_string. */ * better to make full use of parse_key_parameter_string. */
parse_key_parameter_string (NULL, 0, parse_key_parameter_string (NULL, 0, 0,
&i, NULL, NULL, NULL, &i, NULL, NULL, NULL,
NULL, NULL, NULL, NULL); NULL, NULL, NULL, NULL);
@ -3997,7 +4018,7 @@ quick_generate_keypair (ctrl_t ctrl, const char *uid, const char *algostr,
unsigned int keyuse, subkeyuse; unsigned int keyuse, subkeyuse;
const char *curve, *subcurve; const char *curve, *subcurve;
err = parse_key_parameter_string (algostr, -1, err = parse_key_parameter_string (algostr, -1, 0,
&algo, &size, &keyuse, &curve, &algo, &size, &keyuse, &curve,
&subalgo, &subsize, &subkeyuse, &subalgo, &subsize, &subkeyuse,
&subcurve); &subcurve);
@ -4376,7 +4397,7 @@ generate_keypair (ctrl_t ctrl, int full, const char *fname,
#endif #endif
, "--full-generate-key" ); , "--full-generate-key" );
err = parse_key_parameter_string (NULL, -1, err = parse_key_parameter_string (NULL, -1, 0,
&algo, &size, &keyuse, &curve, &algo, &size, &keyuse, &curve,
&subalgo, &subsize, &subalgo, &subsize,
&subkeyuse, &subcurve); &subkeyuse, &subcurve);
@ -4923,6 +4944,7 @@ parse_algo_usage_expire (ctrl_t ctrl, int for_subkey,
} }
err = parse_key_parameter_string (algostr, for_subkey? 1 : 0, err = parse_key_parameter_string (algostr, for_subkey? 1 : 0,
usagestr? parse_usagestr (usagestr):0,
&algo, &nbits, &use, &curve, &algo, &nbits, &use, &curve,
NULL, NULL, NULL, NULL); NULL, NULL, NULL, NULL);
if (err) if (err)