1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-08 12:44:23 +01:00

* keygen.c (write_selfsigs): Rename from write_selfsig. Write the same

selfsig into both the pk and sk, so that someone importing their sk (which
will get an autoconvert to the pk) won't end up with two selfsigs.
(do_generate_keypair): Call it from here.

* parse-packet.c (can_handle_critical_notation): New.  Check for
particular notation tags that we will accept when critical. Currently,
that's only preferred-email-encoding@pgp.com, since we know how to handle
it (pass it through to a mail program). (can_handle_critical): Call it
from here. (parse_one_sig_subpkt): Sanity check that notations are
well-formed in that the internal lengths add up to the size of the
subpacket.
This commit is contained in:
David Shaw 2005-05-11 19:31:53 +00:00
parent 0ab01480ed
commit e81d88b265
3 changed files with 52 additions and 19 deletions

View File

@ -1,3 +1,20 @@
2005-05-11 David Shaw <dshaw@jabberwocky.com>
* keygen.c (write_selfsigs): Rename from write_selfsig. Write the
same selfsig into both the pk and sk, so that someone importing
their sk (which will get an autoconvert to the pk) won't end up
with two selfsigs.
(do_generate_keypair): Call it from here.
* parse-packet.c (can_handle_critical_notation): New. Check for
particular notation tags that we will accept when critical.
Currently, that's only preferred-email-encoding@pgp.com, since we
know how to handle it (pass it through to a mail program).
(can_handle_critical): Call it from here.
(parse_one_sig_subpkt): Sanity check that notations are
well-formed in that the internal lengths add up to the size of the
subpacket.
2005-05-07 Werner Koch <wk@g10code.com>
* ccid-driver.c (do_close_reader): Don't do a reset before close.

View File

@ -882,8 +882,8 @@ write_direct_sig( KBNODE root, KBNODE pub_root, PKT_secret_key *sk,
}
static int
write_selfsig( KBNODE root, KBNODE pub_root, PKT_secret_key *sk,
unsigned int use )
write_selfsigs( KBNODE sec_root, KBNODE pub_root, PKT_secret_key *sk,
unsigned int use )
{
PACKET *pkt;
PKT_signature *sig;
@ -896,7 +896,7 @@ write_selfsig( KBNODE root, KBNODE pub_root, PKT_secret_key *sk,
log_info(_("writing self signature\n"));
/* get the uid packet from the list */
node = find_kbnode( root, PKT_USER_ID );
node = find_kbnode( pub_root, PKT_USER_ID );
if( !node )
BUG(); /* no user id packet in tree */
uid = node->pkt->pkt.user_id;
@ -921,7 +921,12 @@ write_selfsig( KBNODE root, KBNODE pub_root, PKT_secret_key *sk,
pkt = m_alloc_clear( sizeof *pkt );
pkt->pkttype = PKT_SIGNATURE;
pkt->pkt.signature = sig;
add_kbnode( root, new_kbnode( pkt ) );
add_kbnode( sec_root, new_kbnode( pkt ) );
pkt = m_alloc_clear( sizeof *pkt );
pkt->pkttype = PKT_SIGNATURE;
pkt->pkt.signature = copy_signature(NULL,sig);
add_kbnode( pub_root, new_kbnode( pkt ) );
return rc;
}
@ -2848,17 +2853,16 @@ do_generate_keypair( struct para_data_s *para,
write_direct_sig(sec_root,pub_root,pri_sk,revkey);
}
if( !rc && (s=get_parameter_value(para, pUSERID)) ) {
if( !rc && (s=get_parameter_value(para, pUSERID)) )
{
write_uid(pub_root, s );
if( !rc )
write_uid(sec_root, s );
write_uid(sec_root, s );
if( !rc )
rc = write_selfsig(pub_root, pub_root, pri_sk,
get_parameter_uint (para, pKEYUSAGE));
if( !rc )
rc = write_selfsig(sec_root, pub_root, pri_sk,
get_parameter_uint (para, pKEYUSAGE));
}
rc = write_selfsigs(sec_root, pub_root, pri_sk,
get_parameter_uint (para, pKEYUSAGE));
}
/* Write the auth key to the card before the encryption key. This
is a partial workaround for a PGP bug (as of this writing, all

View File

@ -1,6 +1,6 @@
/* parse-packet.c - read packets
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003,
* 2004, 2005 Free Software Foundation, Inc.
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004,
* 2005 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@ -1016,7 +1016,10 @@ parse_one_sig_subpkt( const byte *buffer, size_t n, int type )
break;
return 0;
case SIGSUBPKT_NOTATION:
if( n < 8 ) /* minimum length needed */
/* minimum length needed, and the subpacket must be well-formed
where the name length and value length all fit inside the
packet. */
if(n<8 || 8+((buffer[4]<<8)|buffer[5])+((buffer[6]<<8)|buffer[7]) != n)
break;
return 0;
case SIGSUBPKT_PRIMARY_UID:
@ -1032,6 +1035,15 @@ parse_one_sig_subpkt( const byte *buffer, size_t n, int type )
return -2;
}
/* Not many critical notations we understand yet... */
static int
can_handle_critical_notation(const byte *name,size_t len)
{
if(len==32 && memcmp(name,"preferred-email-encoding@pgp.com",32)==0)
return 1;
return 0;
}
static int
can_handle_critical( const byte *buffer, size_t n, int type )
@ -1039,10 +1051,10 @@ can_handle_critical( const byte *buffer, size_t n, int type )
switch( type )
{
case SIGSUBPKT_NOTATION:
if( n >= 8 && (*buffer & 0x80) )
return 1; /* human readable is handled */
return 0;
if(n>=8)
return can_handle_critical_notation(buffer+8,(buffer[4]<<8)|buffer[5]);
else
return 0;
case SIGSUBPKT_SIGNATURE:
case SIGSUBPKT_SIG_CREATED:
case SIGSUBPKT_SIG_EXPIRE: