1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

* free-packet.c (copy_secret_key): Copy secret key into secure memory

since we may unprotect it.

* main.h, g10.c (main), revoke.c (gen_desig_revoke): Add local user
support so users can use -u with --desig-revoke.  This bypasses the
interactive walk over the revocation keys.
This commit is contained in:
David Shaw 2005-11-19 05:55:45 +00:00
parent 092bae80a9
commit f7c138d9e7
5 changed files with 56 additions and 8 deletions

View File

@ -1,3 +1,12 @@
2005-11-19 David Shaw <dshaw@jabberwocky.com>
* free-packet.c (copy_secret_key): Copy secret key into secure
memory since we may unprotect it.
* main.h, g10.c (main), revoke.c (gen_desig_revoke): Add local
user support so users can use -u with --desig-revoke. This
bypasses the interactive walk over the revocation keys.
2005-11-17 David Shaw <dshaw@jabberwocky.com>
* keyedit.c (keyedit_menu, menu_clean): Simplify clean options to
@ -16,7 +25,8 @@
* armor.c (parse_header_line): A fussy bit of 2440: header lines
are delimited with a colon-space pair. Therefore a line such as
"Comment: " is actually legal, albeit not particularly useful.
"Comment: " (with a trailing space) is actually legal, albeit not
particularly useful.
2005-11-11 David Shaw <dshaw@jabberwocky.com>

View File

@ -285,7 +285,7 @@ copy_secret_key( PKT_secret_key *d, PKT_secret_key *s )
int n, i;
if( !d )
d = xmalloc(sizeof *d);
d = xmalloc_secure(sizeof *d);
else
release_secret_key_parts (d);
memcpy( d, s, sizeof *d );

View File

@ -3417,7 +3417,7 @@ main (int argc, char **argv )
if( argc != 1 )
wrong_args("--desig-revoke user-id");
username = make_username(*argv);
gen_desig_revoke( username );
gen_desig_revoke( username, locusr );
xfree( username );
break;

View File

@ -237,7 +237,7 @@ int enarmor_file( const char *fname );
/*-- revoke.c --*/
struct revocation_reason_info;
int gen_revoke( const char *uname );
int gen_desig_revoke( const char *uname );
int gen_desig_revoke( const char *uname, STRLIST locusr);
int revocation_reason_build_cb( PKT_signature *sig, void *opaque );
struct revocation_reason_info *
ask_revocation_reason( int key_rev, int cert_rev, int hint );

View File

@ -197,7 +197,7 @@ export_minimal_pk(IOBUF out,KBNODE keyblock,
* Generate a revocation certificate for UNAME via a designated revoker
*/
int
gen_desig_revoke( const char *uname )
gen_desig_revoke( const char *uname, STRLIST locusr )
{
int rc = 0;
armor_filter_context_t afx;
@ -211,6 +211,7 @@ gen_desig_revoke( const char *uname )
KBNODE keyblock=NULL,node;
u32 keyid[2];
int i,any=0;
SK_LIST sk_list=NULL;
if( opt.batch )
{
@ -246,6 +247,13 @@ gen_desig_revoke( const char *uname )
keyid_from_pk(pk,keyid);
if(locusr)
{
rc=build_sk_list(locusr,&sk_list,0,PUBKEY_USAGE_CERT);
if(rc)
goto leave;
}
/* Are we a designated revoker for this key? */
if(!pk->revkey && pk->numrevkeys)
@ -253,12 +261,39 @@ gen_desig_revoke( const char *uname )
for(i=0;i<pk->numrevkeys;i++)
{
SK_LIST list;
if(sk)
free_secret_key(sk);
sk=xmalloc_clear(sizeof(*sk));
if(sk_list)
{
for(list=sk_list;list;list=list->next)
{
byte fpr[MAX_FINGERPRINT_LEN];
size_t fprlen;
rc=get_seckey_byfprint(sk,pk->revkey[i].fpr,MAX_FINGERPRINT_LEN);
fingerprint_from_sk(list->sk,fpr,&fprlen);
/* Don't get involved with keys that don't have 160
bit fingerprints */
if(fprlen!=20)
continue;
if(memcmp(fpr,pk->revkey[i].fpr,20)==0)
break;
}
if(list)
sk=copy_secret_key(NULL,list->sk);
else
continue;
}
else
{
sk=xmalloc_secure_clear(sizeof(*sk));
rc=get_seckey_byfprint(sk,pk->revkey[i].fpr,MAX_FINGERPRINT_LEN);
}
/* We have the revocation key */
if(!rc)
@ -297,7 +332,8 @@ gen_desig_revoke( const char *uname )
goto leave;
afx.what = 1;
afx.hdrlines = "Comment: A designated revocation certificate should follow\n";
afx.hdrlines = "Comment: A designated revocation certificate"
" should follow\n";
iobuf_push_filter( out, armor_filter, &afx );
/* create it */
@ -384,6 +420,8 @@ gen_desig_revoke( const char *uname )
if( sig )
free_seckey_enc( sig );
release_sk_list(sk_list);
if( rc )
iobuf_cancel(out);
else