mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-21 14:47:03 +01:00
* keygen.c (make_backsig, write_direct_sig, write_selfsigs)
(write_keybinding): Have the various selfsigs created during key generation use the timestamp of their parent key. This helps avoid leaking information about the performance of the machine where the keys were generated. Noted by Christian Danner.
This commit is contained in:
parent
b8bd7b6186
commit
e2fdff56fc
@ -1,3 +1,11 @@
|
|||||||
|
2007-01-30 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
|
* keygen.c (make_backsig, write_direct_sig, write_selfsigs)
|
||||||
|
(write_keybinding): Have the various selfsigs created during key
|
||||||
|
generation use the timestamp of their parent key. This helps
|
||||||
|
avoid leaking information about the performance of the machine
|
||||||
|
where the keys were generated. Noted by Christian Danner.
|
||||||
|
|
||||||
2007-01-15 Werner Koch <wk@g10code.com>
|
2007-01-15 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
* parse-packet.c (read_protected_v3_mpi): Make sure to stop
|
* parse-packet.c (read_protected_v3_mpi): Make sure to stop
|
||||||
|
16
g10/keygen.c
16
g10/keygen.c
@ -1,6 +1,6 @@
|
|||||||
/* keygen.c - generate a key pair
|
/* keygen.c - generate a key pair
|
||||||
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
|
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006,
|
||||||
* 2006 Free Software Foundation, Inc.
|
* 2007 Free Software Foundation, Inc.
|
||||||
*
|
*
|
||||||
* This file is part of GnuPG.
|
* This file is part of GnuPG.
|
||||||
*
|
*
|
||||||
@ -777,7 +777,8 @@ make_backsig(PKT_signature *sig,PKT_public_key *pk,
|
|||||||
|
|
||||||
cache_public_key(sub_pk);
|
cache_public_key(sub_pk);
|
||||||
|
|
||||||
rc=make_keysig_packet(&backsig,pk,NULL,sub_pk,sub_sk,0x19,0,0,0,0,NULL,NULL);
|
rc=make_keysig_packet(&backsig,pk,NULL,sub_pk,sub_sk,0x19,0,0,
|
||||||
|
sub_pk->timestamp,0,NULL,NULL);
|
||||||
if(rc)
|
if(rc)
|
||||||
log_error("make_keysig_packet failed for backsig: %s\n",g10_errstr(rc));
|
log_error("make_keysig_packet failed for backsig: %s\n",g10_errstr(rc));
|
||||||
else
|
else
|
||||||
@ -882,7 +883,7 @@ write_direct_sig( KBNODE root, KBNODE pub_root, PKT_secret_key *sk,
|
|||||||
cache_public_key (pk);
|
cache_public_key (pk);
|
||||||
|
|
||||||
/* and make the signature */
|
/* and make the signature */
|
||||||
rc = make_keysig_packet(&sig,pk,NULL,NULL,sk,0x1F,0,0,0,0,
|
rc = make_keysig_packet(&sig,pk,NULL,NULL,sk,0x1F,0,0,pk->timestamp,0,
|
||||||
keygen_add_revkey,revkey);
|
keygen_add_revkey,revkey);
|
||||||
if( rc ) {
|
if( rc ) {
|
||||||
log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );
|
log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );
|
||||||
@ -926,8 +927,8 @@ write_selfsigs( KBNODE sec_root, KBNODE pub_root, PKT_secret_key *sk,
|
|||||||
cache_public_key (pk);
|
cache_public_key (pk);
|
||||||
|
|
||||||
/* and make the signature */
|
/* and make the signature */
|
||||||
rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x13, 0, 0, 0, 0,
|
rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x13, 0, 0,
|
||||||
keygen_add_std_prefs, pk );
|
pk->timestamp, 0, keygen_add_std_prefs, pk );
|
||||||
if( rc ) {
|
if( rc ) {
|
||||||
log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );
|
log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );
|
||||||
return rc;
|
return rc;
|
||||||
@ -981,7 +982,8 @@ write_keybinding( KBNODE root, KBNODE pub_root,
|
|||||||
/* and make the signature */
|
/* and make the signature */
|
||||||
oduap.usage = use;
|
oduap.usage = use;
|
||||||
oduap.pk = sub_pk;
|
oduap.pk = sub_pk;
|
||||||
rc=make_keysig_packet(&sig, pri_pk, NULL, sub_pk, pri_sk, 0x18, 0, 0, 0, 0,
|
rc=make_keysig_packet(&sig, pri_pk, NULL, sub_pk, pri_sk, 0x18, 0, 0,
|
||||||
|
sub_pk->timestamp, 0,
|
||||||
keygen_add_key_flags_and_expire, &oduap );
|
keygen_add_key_flags_and_expire, &oduap );
|
||||||
if( rc ) {
|
if( rc ) {
|
||||||
log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );
|
log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );
|
||||||
|
Loading…
x
Reference in New Issue
Block a user