security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-04-12 22:11:29 +02:00
Code Activity

changes from laptop

Browse Source
This commit is contained in:
Werner Koch 1998-04-25 08:08:35 +00:00
parent a20037b7d4
commit edca7206ca
16 changed files with 153 additions and 201 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
Makefile.in
View File

@ -61,46 +61,25 @@ host_alias = @host_alias@
host_triplet = @host@ host_triplet = @host@
target_alias = @target_alias@ target_alias = @target_alias@
target_triplet = @target@ target_triplet = @target@
CATALOGS = @CATALOGS@
CATOBJEXT = @CATOBJEXT@
CC = @CC@ CC = @CC@
CIPHER_EXTRA_DIST = @CIPHER_EXTRA_DIST@ CIPHER_EXTRA_DIST = @CIPHER_EXTRA_DIST@
CIPHER_EXTRA_OBJS = @CIPHER_EXTRA_OBJS@ CIPHER_EXTRA_OBJS = @CIPHER_EXTRA_OBJS@
CPP = @CPP@ CPP = @CPP@
DATADIRNAME = @DATADIRNAME@
G10_LOCALEDIR = @G10_LOCALEDIR@ G10_LOCALEDIR = @G10_LOCALEDIR@
GENCAT = @GENCAT@
GMOFILES = @GMOFILES@
GMSGFMT = @GMSGFMT@
GT_NO = @GT_NO@
GT_YES = @GT_YES@
INCLUDE_LOCALE_H = @INCLUDE_LOCALE_H@
INSTOBJEXT = @INSTOBJEXT@
INTLDEPS = @INTLDEPS@
INTLLIBS = @INTLLIBS@
INTLOBJS = @INTLOBJS@
MKINSTALLDIRS = @MKINSTALLDIRS@
MPI_EXTRA_ASM_OBJS = @MPI_EXTRA_ASM_OBJS@ MPI_EXTRA_ASM_OBJS = @MPI_EXTRA_ASM_OBJS@
MSGFMT = @MSGFMT@
PACKAGE = @PACKAGE@ PACKAGE = @PACKAGE@
POFILES = @POFILES@
POSUB = @POSUB@
RANLIB = @RANLIB@ RANLIB = @RANLIB@
USE_INCLUDED_LIBINTL = @USE_INCLUDED_LIBINTL@
USE_NLS = @USE_NLS@
VERSION = @VERSION@ VERSION = @VERSION@
ZLIBS = @ZLIBS@ ZLIBS = @ZLIBS@
l = @l@
SUBDIRS = intl po zlib util mpi cipher tools g10 doc checks SUBDIRS = intl po zlib util mpi cipher tools g10 doc checks
EXTRA_DIST = VERSION EXTRA_DIST = VERSION
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
mkinstalldirs = $(SHELL) $(top_srcdir)/scripts/mkinstalldirs mkinstalldirs = $(SHELL) $(top_srcdir)/scripts/mkinstalldirs
CONFIG_HEADER = config.h CONFIG_HEADER = config.h
CONFIG_CLEAN_FILES = CONFIG_CLEAN_FILES =
DIST_COMMON = README ABOUT-NLS AUTHORS COPYING ChangeLog INSTALL \ DIST_COMMON = README ABOUT-NLS AUTHORS COPYING ChangeLog INSTALL \
Makefile.am Makefile.in NEWS THANKS TODO acconfig.h acinclude.m4 \ Makefile.am Makefile.in NEWS THANKS TODO acconfig.h acinclude.m4 \
aclocal.m4 config.h.in configure configure.in stamp-h.in config.h.in configure configure.in stamp-h.in
DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST)

25
TODO
View File

@ -19,16 +19,17 @@
we have a self-signature -> put this stuff into a kind of directory we have a self-signature -> put this stuff into a kind of directory
record, as it does not belong to the pubkey record? record, as it does not belong to the pubkey record?
* add an option to create a new user id and to reorder the sequence of * add an option to create a new user id.
them, so that the preferred emal address comes first. We need to Make it possible to chnage the signature class of the self-signatures,
add some logic, which guarantees, that only one user-id can be signed by which can then be used to chnage the displayed order of user-ids:
others. This prevents extensive growing of the public key certificate Put the user-id with a self-signature of class 0x13 always on top
due to the bad usage of signing every user id. You get no extra of the displayed list (needs changes in the user-id-from-keyid
security by key signatures for every user id. I consider this functions).
behaviour of PGP a bug, introduced, becaus PGP does't require a
self-signature. New user ids will only have your self signature to bind * enhance --sign-key, so that multiple-user-ids can be signed
them to your key and because the user id which is signed by others has (use the new classes 0x14..17)
also be signed by you, all user-ids are bound together.
* support these multi-user-id-sigs in trustdb.
* add an option to re-create a public key from a secret key. Think about * add an option to re-create a public key from a secret key. Think about
a backup system of only the secret part of the secret key. a backup system of only the secret part of the secret key.
@ -44,5 +45,7 @@
* replace getkey.c#enum_secret_keys * replace getkey.c#enum_secret_keys
* add readline support. * add readline support (but how can we allcoate it in secure memory?)
* add multi-user-id-sigs handling to import.c

19
checks/genkey1024.test
View File

@ -2,7 +2,8 @@
. defs.inc || exit 3 . defs.inc || exit 3
info "This expect script does yet work" info "This expect script does not yet work"
info "Please, all those expect gurus, can you help me with it?"
exit 0 exit 0
expect - <<EOF expect - <<EOF
@ -15,14 +16,14 @@ expect -exact "Please select the algorithm to use:\r
Your selection? (1,2) " Your selection? (1,2) "
send -- "1\r" send -- "1\r"
expect -exact "1\r expect -exact "1\r
\r \rAbout to generate a new ElGamal keypair.\r \r \rAbout to generate a new ElGamal keypair.\r
minimum keysize is 768 bits\r minimum keysize is 768 bits\r
default keysize is 1024 bits\r default keysize is 1024 bits\r
highest suggested keysize is 2048 bits\r highest suggested keysize is 2048 bits\r
What keysize do you want? (1024) " What keysize do you want? (1024) "
send -- "\r" send -- "\r"
expect -exact "\r expect -exact "\r
\r \rRequested keysize is 1024 bits\r \r \rRequested keysize is 1024 bits\r
\r \r
You need a User-ID to identify your key; the software constructs the user id\r You need a User-ID to identify your key; the software constructs the user id\r
from Real Name, Comment and Email Address in this form:\r from Real Name, Comment and Email Address in this form:\r
@ -31,19 +32,19 @@ from Real Name, Comment and Email Address in this form:\r
Real name: " Real name: "
send -- "Harry H.\r" send -- "Harry H.\r"
expect -exact "Harry H.\r expect -exact "Harry H.\r
\r \rEmail address: " \r \rEmail address: "
send -- "hh@ddorf.de\r" send -- "hh@ddorf.de\r"
expect -exact "hh@ddorf.de\r expect -exact "hh@ddorf.de\r
\r \rComment: " \r \rComment: "
send -- "a test\r" send -- "a test\r"
expect -exact "a test\r expect -exact "a test\r
\r \rYou selected this USER-ID:\r \r \rYou selected this USER-ID:\r
\"Harry H. (a test) <hh@ddorf.de> (INSECURE!)\"\r \"Harry H. (a test) <hh@ddorf.de> (INSECURE!)\"\r
\r \r
Edit (N)ame, (C)omment, (E)mail or (O)kay? " Edit (N)ame, (C)omment, (E)mail or (O)kay? "
send -- "o\r" send -- "o\r"
expect -exact "o\r expect -exact "o\r
\r \rYou need a Passphrase to protect your secret key.\r \r \rYou need a Passphrase to protect your secret key.\r
\r \r
Enter pass phrase: " Enter pass phrase: "
send -- "abc\r" send -- "abc\r"

20
cipher/Makefile.in
View File

@ -61,36 +61,16 @@ host_alias = @host_alias@
host_triplet = @host@ host_triplet = @host@
target_alias = @target_alias@ target_alias = @target_alias@
target_triplet = @target@ target_triplet = @target@
CATALOGS = @CATALOGS@
CATOBJEXT = @CATOBJEXT@
CC = @CC@ CC = @CC@
CIPHER_EXTRA_DIST = @CIPHER_EXTRA_DIST@ CIPHER_EXTRA_DIST = @CIPHER_EXTRA_DIST@
CIPHER_EXTRA_OBJS = @CIPHER_EXTRA_OBJS@ CIPHER_EXTRA_OBJS = @CIPHER_EXTRA_OBJS@
CPP = @CPP@ CPP = @CPP@
DATADIRNAME = @DATADIRNAME@
G10_LOCALEDIR = @G10_LOCALEDIR@ G10_LOCALEDIR = @G10_LOCALEDIR@
GENCAT = @GENCAT@
GMOFILES = @GMOFILES@
GMSGFMT = @GMSGFMT@
GT_NO = @GT_NO@
GT_YES = @GT_YES@
INCLUDE_LOCALE_H = @INCLUDE_LOCALE_H@
INSTOBJEXT = @INSTOBJEXT@
INTLDEPS = @INTLDEPS@
INTLLIBS = @INTLLIBS@
INTLOBJS = @INTLOBJS@
MKINSTALLDIRS = @MKINSTALLDIRS@
MPI_EXTRA_ASM_OBJS = @MPI_EXTRA_ASM_OBJS@ MPI_EXTRA_ASM_OBJS = @MPI_EXTRA_ASM_OBJS@
MSGFMT = @MSGFMT@
PACKAGE = @PACKAGE@ PACKAGE = @PACKAGE@
POFILES = @POFILES@
POSUB = @POSUB@
RANLIB = @RANLIB@ RANLIB = @RANLIB@
USE_INCLUDED_LIBINTL = @USE_INCLUDED_LIBINTL@
USE_NLS = @USE_NLS@
VERSION = @VERSION@ VERSION = @VERSION@
ZLIBS = @ZLIBS@ ZLIBS = @ZLIBS@
l = @l@
INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/intl -I../intl INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/intl -I../intl
EXTRA_DIST = @CIPHER_EXTRA_DIST@ EXTRA_DIST = @CIPHER_EXTRA_DIST@

14
g10/ChangeLog
View File

@ -1,3 +1,17 @@
Fri Apr 24 17:38:48 1998 Werner Koch,mobil,,, (wk@tobold)
* sig-check.c (check_key_signature): Add sig-class 0x14..0x17
* keyedit.c (sign-key): Some changes to start with support of
the above new sig-classes.
Wed Apr 22 09:01:57 1998 Werner Koch,mobil,,, (wk@tobold)
* getkey.c (compare_name): add email matching
Tue Apr 21 16:17:12 1998 Werner Koch,mobil,,, (wk@tobold)
* armor.c (armor_filter): fixed missing last LF before CSUM.
Thu Apr 9 11:35:22 1998 Werner Koch (wk@isil.d.shuttle.de) Thu Apr 9 11:35:22 1998 Werner Koch (wk@isil.d.shuttle.de)
* seckey-cert.c (do_check): New; combines all the check functions * seckey-cert.c (do_check): New; combines all the check functions

49
g10/Makefile.in
View File

@ -61,36 +61,16 @@ host_alias = @host_alias@
host_triplet = @host@ host_triplet = @host@
target_alias = @target_alias@ target_alias = @target_alias@
target_triplet = @target@ target_triplet = @target@
CATALOGS = @CATALOGS@
CATOBJEXT = @CATOBJEXT@
CC = @CC@ CC = @CC@
CIPHER_EXTRA_DIST = @CIPHER_EXTRA_DIST@ CIPHER_EXTRA_DIST = @CIPHER_EXTRA_DIST@
CIPHER_EXTRA_OBJS = @CIPHER_EXTRA_OBJS@ CIPHER_EXTRA_OBJS = @CIPHER_EXTRA_OBJS@
CPP = @CPP@ CPP = @CPP@
DATADIRNAME = @DATADIRNAME@
G10_LOCALEDIR = @G10_LOCALEDIR@ G10_LOCALEDIR = @G10_LOCALEDIR@
GENCAT = @GENCAT@
GMOFILES = @GMOFILES@
GMSGFMT = @GMSGFMT@
GT_NO = @GT_NO@
GT_YES = @GT_YES@
INCLUDE_LOCALE_H = @INCLUDE_LOCALE_H@
INSTOBJEXT = @INSTOBJEXT@
INTLDEPS = @INTLDEPS@
INTLLIBS = @INTLLIBS@
INTLOBJS = @INTLOBJS@
MKINSTALLDIRS = @MKINSTALLDIRS@
MPI_EXTRA_ASM_OBJS = @MPI_EXTRA_ASM_OBJS@ MPI_EXTRA_ASM_OBJS = @MPI_EXTRA_ASM_OBJS@
MSGFMT = @MSGFMT@
PACKAGE = @PACKAGE@ PACKAGE = @PACKAGE@
POFILES = @POFILES@
POSUB = @POSUB@
RANLIB = @RANLIB@ RANLIB = @RANLIB@
USE_INCLUDED_LIBINTL = @USE_INCLUDED_LIBINTL@
USE_NLS = @USE_NLS@
VERSION = @VERSION@ VERSION = @VERSION@
ZLIBS = @ZLIBS@ ZLIBS = @ZLIBS@
l = @l@
INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/intl -I../intl INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/intl -I../intl
EXTRA_DIST = OPTIONS pubring.asc EXTRA_DIST = OPTIONS pubring.asc
@ -156,6 +136,8 @@ gpgm_SOURCES = dearmor.c \
$(common_source) $(common_source)
gpgd_SOURCES = gpgd.c \ gpgd_SOURCES = gpgd.c \
ks-proto.h \
ks-proto.c \
$(common_source) $(common_source)
LDADD = @INTLLIBS@ $(needed_libs) @ZLIBS@ LDADD = @INTLLIBS@ $(needed_libs) @ZLIBS@
@ -192,13 +174,13 @@ sig-check.o signal.o
gpgm_DEPENDENCIES = g10maint.o ../cipher/libcipher.a ../mpi/libmpi.a \ gpgm_DEPENDENCIES = g10maint.o ../cipher/libcipher.a ../mpi/libmpi.a \
../util/libutil.a ../util/libutil.a
gpgm_LDFLAGS = gpgm_LDFLAGS =
gpgd_OBJECTS = gpgd.o build-packet.o compress.o free-packet.o getkey.o \ gpgd_OBJECTS = gpgd.o ks-proto.o build-packet.o compress.o \
pkclist.o skclist.o ringedit.o kbnode.o mainproc.o armor.o mdfilter.o \ free-packet.o getkey.o pkclist.o skclist.o ringedit.o kbnode.o \
textfilter.o cipher.o elg.o dsa.o rsa.o misc.o openfile.o keyid.o \ mainproc.o armor.o mdfilter.o textfilter.o cipher.o elg.o dsa.o rsa.o \
trustdb.o parse-packet.o passphrase.o pubkey-enc.o seckey-cert.o \ misc.o openfile.o keyid.o trustdb.o parse-packet.o passphrase.o \
seskey.o import.o export.o comment.o status.o sign.o keyedit.o \ pubkey-enc.o seckey-cert.o seskey.o import.o export.o comment.o \
plaintext.o encr-data.o encode.o revoke.o keylist.o sig-check.o \ status.o sign.o keyedit.o plaintext.o encr-data.o encode.o revoke.o \
signal.o keylist.o sig-check.o signal.o
gpgd_LDADD = $(LDADD) gpgd_LDADD = $(LDADD)
gpgd_DEPENDENCIES = ../cipher/libcipher.a ../mpi/libmpi.a \ gpgd_DEPENDENCIES = ../cipher/libcipher.a ../mpi/libmpi.a \
../util/libutil.a ../util/libutil.a
@ -218,12 +200,13 @@ DEP_FILES = .deps/armor.P .deps/build-packet.P .deps/cipher.P \
.deps/dsa.P .deps/elg.P .deps/encode.P .deps/encr-data.P .deps/export.P \ .deps/dsa.P .deps/elg.P .deps/encode.P .deps/encr-data.P .deps/export.P \
.deps/free-packet.P .deps/g10.P .deps/getkey.P .deps/gpgd.P \ .deps/free-packet.P .deps/g10.P .deps/getkey.P .deps/gpgd.P \
.deps/import.P .deps/kbnode.P .deps/keyedit.P .deps/keygen.P \ .deps/import.P .deps/kbnode.P .deps/keyedit.P .deps/keygen.P \
.deps/keyid.P .deps/keylist.P .deps/mainproc.P .deps/mdfilter.P \ .deps/keyid.P .deps/keylist.P .deps/ks-proto.P .deps/mainproc.P \
.deps/misc.P .deps/openfile.P .deps/parse-packet.P .deps/passphrase.P \ .deps/mdfilter.P .deps/misc.P .deps/openfile.P .deps/parse-packet.P \
.deps/pkclist.P .deps/plaintext.P .deps/pubkey-enc.P .deps/revoke.P \ .deps/passphrase.P .deps/pkclist.P .deps/plaintext.P .deps/pubkey-enc.P \
.deps/ringedit.P .deps/rsa.P .deps/seckey-cert.P .deps/seskey.P \ .deps/revoke.P .deps/ringedit.P .deps/rsa.P .deps/seckey-cert.P \
.deps/sig-check.P .deps/sign.P .deps/signal.P .deps/skclist.P \ .deps/seskey.P .deps/sig-check.P .deps/sign.P .deps/signal.P \
.deps/status.P .deps/textfilter.P .deps/trustdb.P .deps/verify.P .deps/skclist.P .deps/status.P .deps/textfilter.P .deps/trustdb.P \
.deps/verify.P
SOURCES = $(gpg_SOURCES) $(gpgm_SOURCES) $(gpgd_SOURCES) SOURCES = $(gpg_SOURCES) $(gpgm_SOURCES) $(gpgd_SOURCES)
OBJECTS = $(gpg_OBJECTS) $(gpgm_OBJECTS) $(gpgd_OBJECTS) OBJECTS = $(gpg_OBJECTS) $(gpgm_OBJECTS) $(gpgd_OBJECTS)

4
g10/armor.c
View File

@ -510,7 +510,7 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
case fhdrTESTSpaces: { case fhdrTESTSpaces: {
/* but must check whether the rest of the line /* but must check whether the rest of the line
* only contains white spaces; this is problematic * only contains white spaces; this is problematic
* since we may have to restore the stuff. simply * since we may have to restore the stuff. simply
* counting spaces is not enough, because it may be a * counting spaces is not enough, because it may be a
* mix of different white space characters */ * mix of different white space characters */
IOBUF b = iobuf_temp(); IOBUF b = iobuf_temp();
@ -1018,7 +1018,7 @@ armor_filter( void *opaque, int control,
++idx2; ++idx2;
} }
/* may need a linefeed */ /* may need a linefeed */
if( idx2 < (72/4) ) if( idx2 <= (72/4) )
iobuf_put(a, '\n'); iobuf_put(a, '\n');
/* write the CRC */ /* write the CRC */
iobuf_put(a, '='); iobuf_put(a, '=');

38
g10/getkey.c
View File

@ -539,6 +539,7 @@ static int
compare_name( const char *uid, size_t uidlen, const char *name, int mode ) compare_name( const char *uid, size_t uidlen, const char *name, int mode )
{ {
int i; int i;
const char *s, *se;
if( mode == 1 ) { /* exact match */ if( mode == 1 ) { /* exact match */
for(i=0; name[i] && uidlen; i++, uidlen-- ) for(i=0; name[i] && uidlen; i++, uidlen-- )
@ -551,20 +552,29 @@ compare_name( const char *uid, size_t uidlen, const char *name, int mode )
if( memistr( uid, uidlen, name ) ) if( memistr( uid, uidlen, name ) )
return 0; return 0;
} }
else if( mode == 3 ) { /* case insensitive email address */ else if( mode >= 3 && mode <= 5 ) { /* look at the email address */
/* FIXME: not yet implemented */ for( i=0, s= uid; i < uidlen && *s != '<'; s++, i++ )
if( memistr( uid, uidlen, name ) ) ;
return 0; if( i < uidlen ) {
} /* skip opening delim and one char and look for the closing one*/
else if( mode == 4 ) { /* email substring */ s++; i++;
/* FIXME: not yet implemented */ for( se=s+1, i++; i < uidlen && *se != '>'; se++, i++ )
if( memistr( uid, uidlen, name ) ) ;
return 0; if( i < uidlen ) {
} i = se - s;
else if( mode == 5 ) { /* email from end */ if( mode == 3 ) { /* exact email address */
/* FIXME: not yet implemented */ if( strlen(name) == i && !memicmp( s, name, i) )
if( memistr( uid, uidlen, name ) ) return 0;
return 0; }
else if( mode == 4 ) { /* email substring */
if( memistr( s, i, name ) )
return 0;
}
else { /* email from end */
/* nyi */
}
}
}
} }
else else
BUG(); BUG();

2
g10/kbnode.c
View File

@ -136,7 +136,7 @@ find_prev_kbnode( KBNODE root, KBNODE node, int pkttype )
} }
/**************** /****************
* Ditto, but find the next package. The behaviour is trivial if * Ditto, but find the next packet. The behaviour is trivial if
* PKTTYPE is 0 but if it is specified, the next node with a packet * PKTTYPE is 0 but if it is specified, the next node with a packet
* of this type is returned. The function has some knowledge about * of this type is returned. The function has some knowledge about
* the valid ordering of packets: e.g. if the next signature packet * the valid ordering of packets: e.g. if the next signature packet

20
g10/keyedit.c
View File

@ -299,25 +299,27 @@ sign_key( const char *username, STRLIST locusr )
} }
} }
/* check whether we have already signed it */ /* check whether we it is possible to sign this key */
for( skc_rover = skc_list; skc_rover; skc_rover = skc_rover->next ) { for( skc_rover = skc_list; skc_rover; skc_rover = skc_rover->next ) {
u32 akeyid[2]; u32 akeyid[2];
keyid_from_skc( skc_rover->skc, akeyid ); keyid_from_skc( skc_rover->skc, akeyid );
for( kbctx=NULL; (node=walk_kbnode( keyblock, &kbctx, 0)) ; ) { for( kbctx=NULL; (node=walk_kbnode( keyblock, &kbctx, 0)) ; ) {
if( node->pkt->pkttype == PKT_SIGNATURE if( node->pkt->pkttype == PKT_USER_ID )
skc_rover->mark = 1;
else if( node->pkt->pkttype == PKT_SIGNATURE
&& (node->pkt->pkt.signature->sig_class&~3) == 0x10 ) { && (node->pkt->pkt.signature->sig_class&~3) == 0x10 ) {
if( akeyid[0] == node->pkt->pkt.signature->keyid[0] if( akeyid[0] == node->pkt->pkt.signature->keyid[0]
&& akeyid[1] == node->pkt->pkt.signature->keyid[1] ) { && akeyid[1] == node->pkt->pkt.signature->keyid[1] ) {
log_info("Already signed by keyid %08lX\n", log_info("Already signed by keyid %08lX\n",
(ulong)akeyid[1] ); (ulong)akeyid[1] );
skc_rover->mark = 1; skc_rover->mark = 0;
} }
} }
} }
} }
for( skc_rover = skc_list; skc_rover; skc_rover = skc_rover->next ) { for( skc_rover = skc_list; skc_rover; skc_rover = skc_rover->next ) {
if( !skc_rover->mark ) if( skc_rover->mark )
break; break;
} }
if( !skc_rover ) { if( !skc_rover ) {
@ -326,8 +328,16 @@ sign_key( const char *username, STRLIST locusr )
} }
/* Loop over all signers and all user ids and sign */ /* Loop over all signers and all user ids and sign */
/* FIXME: we have to change it: Present all user-ids and
* then ask whether all those ids shall be signed if the user
* answers yes, go and make a 0x14 sign class packet and remove
* old one-user-id-only-sigs (user should be noted of this
* condition while presenting the user-ids); if he had answered
* no, present each user-id in turn and ask which one should be signed
* (only one) - if there is already a single-user-sig, do nothing.
* (this is propably already out in the world) */
for( skc_rover = skc_list; skc_rover; skc_rover = skc_rover->next ) { for( skc_rover = skc_list; skc_rover; skc_rover = skc_rover->next ) {
if( skc_rover->mark ) if( !skc_rover->mark )
continue; continue;
for( kbctx=NULL; (node=walk_kbnode( keyblock, &kbctx, 0)) ; ) { for( kbctx=NULL; (node=walk_kbnode( keyblock, &kbctx, 0)) ; ) {
if( node->pkt->pkttype == PKT_USER_ID ) { if( node->pkt->pkttype == PKT_USER_ID ) {

2
g10/mainproc.c
View File

@ -307,7 +307,7 @@ do_check_sig( CTX c, KBNODE node )
else if( (sig->sig_class&~3) == 0x10 else if( (sig->sig_class&~3) == 0x10
|| sig->sig_class == 0x18 || sig->sig_class == 0x18
|| sig->sig_class == 0x20 || sig->sig_class == 0x20
|| sig->sig_class == 0x30 ) { /* classes 0x10..0x13,0x20,0x30 */ || sig->sig_class == 0x30 ) { /* classes 0x10..0x17,0x20,0x30 */
if( c->list->pkt->pkttype == PKT_PUBLIC_CERT if( c->list->pkt->pkttype == PKT_PUBLIC_CERT
|| c->list->pkt->pkttype == PKT_PUBKEY_SUBCERT ) { || c->list->pkt->pkttype == PKT_PUBKEY_SUBCERT ) {
return check_key_signature( c->list, node, NULL ); return check_key_signature( c->list, node, NULL );

76
g10/sig-check.c
View File

@ -37,9 +37,9 @@ static int do_check( PKT_public_cert *pkc, PKT_signature *sig,
/**************** /****************
* Check the signature which is contained in the rsa_integer. * Check the signature which is contained in SIG.
* The md5handle should be currently open, so that this function * The md5handle should be currently open, so that this function
* is able to append some data, before getting the digest. * is able to append some data, before finalizing the digest.
*/ */
int int
signature_check( PKT_signature *sig, MD_HANDLE digest ) signature_check( PKT_signature *sig, MD_HANDLE digest )
@ -234,6 +234,24 @@ do_check( PKT_public_cert *pkc, PKT_signature *sig, MD_HANDLE digest )
} }
static void
hash_uid_node( KBNODE unode, MD_HANDLE md, PKT_signature *sig )
{
PKT_user_id *uid = unode->pkt->pkt.user_id;
assert( unode->pkt->pkttype == PKT_USER_ID );
if( sig->version >=4 ) {
byte buf[5];
buf[0] = 0xb4; /* indicates a userid packet */
buf[1] = uid->len >> 24; /* always use 4 length bytes */
buf[2] = uid->len >> 16;
buf[3] = uid->len >> 8;
buf[4] = uid->len;
md_write( md, buf, 5 );
}
md_write( md, uid->name, uid->len );
}
/**************** /****************
* check the signature pointed to by NODE. This is a key signature. * check the signature pointed to by NODE. This is a key signature.
* If the function detects a self-signature, it uses the PKC from * If the function detects a self-signature, it uses the PKC from
@ -255,15 +273,7 @@ check_key_signature( KBNODE root, KBNODE node, int *is_selfsig )
pkc = root->pkt->pkt.public_cert; pkc = root->pkt->pkt.public_cert;
sig = node->pkt->pkt.signature; sig = node->pkt->pkt.signature;
algo = sig->digest_algo;
if( sig->pubkey_algo == PUBKEY_ALGO_ELGAMAL )
algo = sig->digest_algo;
else if( sig->pubkey_algo == PUBKEY_ALGO_DSA )
algo = sig->digest_algo;
else if(sig->pubkey_algo == PUBKEY_ALGO_RSA )
algo = sig->digest_algo;
else
return G10ERR_PUBKEY_ALGO;
if( (rc=check_digest_algo(algo)) ) if( (rc=check_digest_algo(algo)) )
return rc; return rc;
@ -288,26 +298,48 @@ check_key_signature( KBNODE root, KBNODE node, int *is_selfsig )
rc = G10ERR_SIG_CLASS; rc = G10ERR_SIG_CLASS;
} }
} }
else if( sig->sig_class >= 0x14 && sig->sig_class <= 0x17 ) {
/* a gnupg extension: calculate the signature over all
* preceding userids */
KBNODE unode = find_prev_kbnode( root, node, PKT_USER_ID );
u32 keyid[2];
int any = 0;
keyid_from_pkc( pkc, keyid );
md = md_open( algo, 0 );
hash_public_cert( md, pkc );
for( unode=root->next; unode && unode != node; unode = unode->next ) {
if( unode->pkt->pkttype == PKT_USER_ID ) {
hash_uid_node( unode, md, sig );
any++;
}
}
if( any ) {
if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] ) {
if( is_selfsig )
*is_selfsig = 1;
rc = do_check( pkc, sig, md );
}
else
rc = signature_check( sig, md );
}
else {
log_error("no user id for key signature packet\n");
rc = G10ERR_SIG_CLASS;
}
md_close(md);
}
else { else {
KBNODE unode = find_prev_kbnode( root, node, PKT_USER_ID ); KBNODE unode = find_prev_kbnode( root, node, PKT_USER_ID );
if( unode ) { if( unode ) {
PKT_user_id *uid = unode->pkt->pkt.user_id;
u32 keyid[2]; u32 keyid[2];
keyid_from_pkc( pkc, keyid ); keyid_from_pkc( pkc, keyid );
md = md_open( algo, 0 ); md = md_open( algo, 0 );
hash_public_cert( md, pkc ); hash_public_cert( md, pkc );
if( sig->version >=4 ) { hash_uid_node( unode, md, sig );
byte buf[5];
buf[0] = 0xb4; /* indicates a userid packet */
buf[1] = uid->len >> 24; /* always use 4 length bytes */
buf[2] = uid->len >> 16;
buf[3] = uid->len >> 8;
buf[4] = uid->len;
md_write( md, buf, 5 );
}
md_write( md, uid->name, uid->len );
if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] ) { if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] ) {
if( is_selfsig ) if( is_selfsig )
*is_selfsig = 1; *is_selfsig = 1;

2
include/util.h
View File

@ -116,7 +116,7 @@ void free_strlist( STRLIST sl );
void add_to_strlist( STRLIST *list, const char *string ); void add_to_strlist( STRLIST *list, const char *string );
STRLIST strlist_prev( STRLIST head, STRLIST node ); STRLIST strlist_prev( STRLIST head, STRLIST node );
STRLIST strlist_last( STRLIST node ); STRLIST strlist_last( STRLIST node );
char *memistr( char *buf, size_t buflen, const char *sub ); const char *memistr( const char *buf, size_t buflen, const char *sub );
char *mem2str( char *, const void *, size_t); char *mem2str( char *, const void *, size_t);
char *trim_spaces( char *string ); char *trim_spaces( char *string );
int string_count_chr( const char *string, int c ); int string_count_chr( const char *string, int c );

20
mpi/Makefile.in
View File

@ -61,36 +61,16 @@ host_alias = @host_alias@
host_triplet = @host@ host_triplet = @host@
target_alias = @target_alias@ target_alias = @target_alias@
target_triplet = @target@ target_triplet = @target@
CATALOGS = @CATALOGS@
CATOBJEXT = @CATOBJEXT@
CC = @CC@ CC = @CC@
CIPHER_EXTRA_DIST = @CIPHER_EXTRA_DIST@ CIPHER_EXTRA_DIST = @CIPHER_EXTRA_DIST@
CIPHER_EXTRA_OBJS = @CIPHER_EXTRA_OBJS@ CIPHER_EXTRA_OBJS = @CIPHER_EXTRA_OBJS@
CPP = @CPP@ CPP = @CPP@
DATADIRNAME = @DATADIRNAME@
G10_LOCALEDIR = @G10_LOCALEDIR@ G10_LOCALEDIR = @G10_LOCALEDIR@
GENCAT = @GENCAT@
GMOFILES = @GMOFILES@
GMSGFMT = @GMSGFMT@
GT_NO = @GT_NO@
GT_YES = @GT_YES@
INCLUDE_LOCALE_H = @INCLUDE_LOCALE_H@
INSTOBJEXT = @INSTOBJEXT@
INTLDEPS = @INTLDEPS@
INTLLIBS = @INTLLIBS@
INTLOBJS = @INTLOBJS@
MKINSTALLDIRS = @MKINSTALLDIRS@
MPI_EXTRA_ASM_OBJS = @MPI_EXTRA_ASM_OBJS@ MPI_EXTRA_ASM_OBJS = @MPI_EXTRA_ASM_OBJS@
MSGFMT = @MSGFMT@
PACKAGE = @PACKAGE@ PACKAGE = @PACKAGE@
POFILES = @POFILES@
POSUB = @POSUB@
RANLIB = @RANLIB@ RANLIB = @RANLIB@
USE_INCLUDED_LIBINTL = @USE_INCLUDED_LIBINTL@
USE_NLS = @USE_NLS@
VERSION = @VERSION@ VERSION = @VERSION@
ZLIBS = @ZLIBS@ ZLIBS = @ZLIBS@
l = @l@
INCLUDES = -I$(top_srcdir)/include INCLUDES = -I$(top_srcdir)/include

20
tools/Makefile.in
View File

@ -61,36 +61,16 @@ host_alias = @host_alias@
host_triplet = @host@ host_triplet = @host@
target_alias = @target_alias@ target_alias = @target_alias@
target_triplet = @target@ target_triplet = @target@
CATALOGS = @CATALOGS@
CATOBJEXT = @CATOBJEXT@
CC = @CC@ CC = @CC@
CIPHER_EXTRA_DIST = @CIPHER_EXTRA_DIST@ CIPHER_EXTRA_DIST = @CIPHER_EXTRA_DIST@
CIPHER_EXTRA_OBJS = @CIPHER_EXTRA_OBJS@ CIPHER_EXTRA_OBJS = @CIPHER_EXTRA_OBJS@
CPP = @CPP@ CPP = @CPP@
DATADIRNAME = @DATADIRNAME@
G10_LOCALEDIR = @G10_LOCALEDIR@ G10_LOCALEDIR = @G10_LOCALEDIR@
GENCAT = @GENCAT@
GMOFILES = @GMOFILES@
GMSGFMT = @GMSGFMT@
GT_NO = @GT_NO@
GT_YES = @GT_YES@
INCLUDE_LOCALE_H = @INCLUDE_LOCALE_H@
INSTOBJEXT = @INSTOBJEXT@
INTLDEPS = @INTLDEPS@
INTLLIBS = @INTLLIBS@
INTLOBJS = @INTLOBJS@
MKINSTALLDIRS = @MKINSTALLDIRS@
MPI_EXTRA_ASM_OBJS = @MPI_EXTRA_ASM_OBJS@ MPI_EXTRA_ASM_OBJS = @MPI_EXTRA_ASM_OBJS@
MSGFMT = @MSGFMT@
PACKAGE = @PACKAGE@ PACKAGE = @PACKAGE@
POFILES = @POFILES@
POSUB = @POSUB@
RANLIB = @RANLIB@ RANLIB = @RANLIB@
USE_INCLUDED_LIBINTL = @USE_INCLUDED_LIBINTL@
USE_NLS = @USE_NLS@
VERSION = @VERSION@ VERSION = @VERSION@
ZLIBS = @ZLIBS@ ZLIBS = @ZLIBS@
l = @l@
INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/intl -I../intl INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/intl -I../intl
needed_libs = ../cipher/libcipher.a ../util/libutil.a \ needed_libs = ../cipher/libcipher.a ../util/libutil.a \

20
util/Makefile.in
View File

@ -61,36 +61,16 @@ host_alias = @host_alias@
host_triplet = @host@ host_triplet = @host@
target_alias = @target_alias@ target_alias = @target_alias@
target_triplet = @target@ target_triplet = @target@
CATALOGS = @CATALOGS@
CATOBJEXT = @CATOBJEXT@
CC = @CC@ CC = @CC@
CIPHER_EXTRA_DIST = @CIPHER_EXTRA_DIST@ CIPHER_EXTRA_DIST = @CIPHER_EXTRA_DIST@
CIPHER_EXTRA_OBJS = @CIPHER_EXTRA_OBJS@ CIPHER_EXTRA_OBJS = @CIPHER_EXTRA_OBJS@
CPP = @CPP@ CPP = @CPP@
DATADIRNAME = @DATADIRNAME@
G10_LOCALEDIR = @G10_LOCALEDIR@ G10_LOCALEDIR = @G10_LOCALEDIR@
GENCAT = @GENCAT@
GMOFILES = @GMOFILES@
GMSGFMT = @GMSGFMT@
GT_NO = @GT_NO@
GT_YES = @GT_YES@
INCLUDE_LOCALE_H = @INCLUDE_LOCALE_H@
INSTOBJEXT = @INSTOBJEXT@
INTLDEPS = @INTLDEPS@
INTLLIBS = @INTLLIBS@
INTLOBJS = @INTLOBJS@
MKINSTALLDIRS = @MKINSTALLDIRS@
MPI_EXTRA_ASM_OBJS = @MPI_EXTRA_ASM_OBJS@ MPI_EXTRA_ASM_OBJS = @MPI_EXTRA_ASM_OBJS@
MSGFMT = @MSGFMT@
PACKAGE = @PACKAGE@ PACKAGE = @PACKAGE@
POFILES = @POFILES@
POSUB = @POSUB@
RANLIB = @RANLIB@ RANLIB = @RANLIB@
USE_INCLUDED_LIBINTL = @USE_INCLUDED_LIBINTL@
USE_NLS = @USE_NLS@
VERSION = @VERSION@ VERSION = @VERSION@
ZLIBS = @ZLIBS@ ZLIBS = @ZLIBS@
l = @l@
INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/intl -I../intl INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/intl -I../intl