* getkey.c (parse_key_usage): New function to parse out key usage flags.

Set PUBKEY_USAGE_UNKNOWN to handle flags (i.e. authentication) that we
don't understand in this branch. (fixup_uidnode, merge_selfsigs_main,
merge_selfsigs_subkey): Call it from here to remove duplicate code.  This
is bug 378.

g10/ChangeLog

@@ -1,3 +1,11 @@
+2004-11-29  David Shaw  <dshaw@jabberwocky.com>
+
+	* getkey.c (parse_key_usage): New function to parse out key usage
+	flags.  Set PUBKEY_USAGE_UNKNOWN to handle flags
+	(i.e. authentication) that we don't understand in this branch.
+	(fixup_uidnode, merge_selfsigs_main, merge_selfsigs_subkey): Call
+	it from here to remove duplicate code.  This is bug 378.
+
 2004-09-13  David Shaw  <dshaw@jabberwocky.com>
 
 	* getkey.c (premerge_public_with_secret): Fix subkey<->binding sig
@@ -14,9 +22,10 @@
 	* hkp.c (dehtmlize): Understand the quote character
 	(i.e. "&quot;") in HTML responses.
 
-	* keydb.h, getkey.c (get_user_id_printable): Rename to
-	get_user_id_native and remove the printable stuff since we're
-	print-ifying valid utf8 characters.  Change all callers in
+	* keydb.h, getkey.c (get_user_id_printable,
+	get_user_id_string_printable): Rename to get_user_id_native and
+	get_user_id_string_native and remove the printable stuff since
+	we're print-ifying valid utf8 characters.  Change all callers in
 	import.c, sign.c, and encode.c.
 
 2004-08-19  David Shaw  <dshaw@jabberwocky.com>

g10/getkey.c

@@ -1248,6 +1248,45 @@ merge_keys_and_selfsig( KBNODE keyblock )
     }
 }
 
+static int
+parse_key_usage(PKT_signature *sig)
+{
+  int key_usage=0;
+  const byte *p;
+  size_t n;
+  byte flags;
+
+  p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_KEY_FLAGS,&n);
+  if(p && n)
+    {
+      /* first octet of the keyflags */
+      flags=*p;
+
+      if(flags & 3)
+	{
+	  key_usage |= PUBKEY_USAGE_SIG;
+	  flags&=~3;
+	}
+
+      if(flags & 12)
+	{
+	  key_usage |= PUBKEY_USAGE_ENC;
+	  flags&=~12;
+	}
+
+      if(flags)
+	key_usage |= PUBKEY_USAGE_UNKNOWN;
+    }
+
+  /* We set PUBKEY_USAGE_UNKNOWN to indicate that this key has a
+     capability that we do not handle.  This serves to distinguish
+     between a zero key usage which we handle as the default
+     capabilities for that algorithm, and a usage that we do not
+     handle. */
+
+  return key_usage;
+}
+
 /*
  * Apply information from SIGNODE (which is the valid self-signature
  * associated with that UID) to the UIDNODE:
@@ -1280,17 +1319,7 @@ fixup_uidnode ( KBNODE uidnode, KBNODE signode, u32 keycreated )
     uid->expiredate = sig->expiredate;
 
     /* store the key flags in the helper variable for later processing */
-    uid->help_key_usage = 0;
-    p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_FLAGS, &n );
-    if ( p && n ) {
-        /* first octet of the keyflags */   
-        if ( (*p & 3) )
-            uid->help_key_usage |= PUBKEY_USAGE_SIG;
-        if ( (*p & 12) )    
-            uid->help_key_usage |= PUBKEY_USAGE_ENC;
-        /* Note: we do not set the CERT flag here because it can be assumed
-         * that thre is no real policy to set it. */
-    }
+    uid->help_key_usage=parse_key_usage(sig);
 
     /* ditto or the key expiration */
     uid->help_key_expire = 0;
@@ -1480,25 +1509,19 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked )
 			       pk->numrevkeys*sizeof(struct revocation_key));
       }
 
-    if ( signode ) {
+    if ( signode )
+      {
         /* some information from a direct key signature take precedence
          * over the same information given in UID sigs.
          */
         PKT_signature *sig = signode->pkt->pkt.signature;
         const byte *p;
-        size_t n;
 
-        p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_FLAGS, &n );
-        if ( p && n ) {
-            /* first octet of the keyflags */   
-            if ( (*p & 3) )
-                key_usage |= PUBKEY_USAGE_SIG;
-            if ( (*p & 12) )    
-                key_usage |= PUBKEY_USAGE_ENC;
-        }
+	key_usage=parse_key_usage(sig);
 
 	p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);
-	if ( p ) {
+	if ( p )
+	  {
 	    key_expire = keytimestamp + buffer_to_u32(p);
 	    key_expire_seen = 1;
 	  }
@@ -1831,7 +1854,6 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
     u32 keytimestamp = 0;
     u32 key_expire = 0;
     const byte *p;
-    size_t n;
 
     if ( subnode->pkt->pkttype != PKT_PUBLIC_SUBKEY )
         BUG ();
@@ -1890,18 +1912,15 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
     sig = signode->pkt->pkt.signature;
     sig->flags.chosen_selfsig=1; /* so we know which selfsig we chose later */
 
-    p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_FLAGS, &n );
-    if ( p && n ) {
-        /* first octet of the keyflags */   
-        if ( (*p & 3) )
-            key_usage |= PUBKEY_USAGE_SIG;
-        if ( (*p & 12) )    
-            key_usage |= PUBKEY_USAGE_ENC;
-    }
-    if ( !key_usage ) { /* no key flags at all: get it from the algo */
+    key_usage=parse_key_usage(sig);
+    if ( !key_usage )
+      {
+	/* no key flags at all: get it from the algo */
         key_usage = openpgp_pk_algo_usage ( subpk->pubkey_algo );
       }
-    else { /* check that the usage matches the usage as given by the algo */
+    else
+      {
+	/* check that the usage matches the usage as given by the algo */
         int x = openpgp_pk_algo_usage ( subpk->pubkey_algo );
         if ( x ) /* mask it down to the actual allowed usage */
 	  key_usage &= x;