From f9fffa826c252c5cb5c44a8e98ce03c2f67e47e5 Mon Sep 17 00:00:00 2001 From: David Shaw Date: Fri, 5 Dec 2003 04:13:47 +0000 Subject: [PATCH] * getkey.c (merge_selfsigs_main, merge_selfsigs_subkey, get_seckey_byname2): Disallow use of encrypt-only v3 Elgamal keys for anything except revocations. * sign.c (do_sign): Add Elgamal encrypt-only keys to the signature catchall. * trustdb.c (mark_usable_uid_certs): Disallow signatures to and from Elgamal encrypt-only keys in the trustdb. Granted, this sounds strange, but there are historical keys that fit this description. --- g10/ChangeLog | 14 ++++++++++++++ g10/getkey.c | 16 ++++++++++------ g10/sign.c | 2 +- g10/trustdb.c | 4 ++-- 4 files changed, 27 insertions(+), 9 deletions(-) diff --git a/g10/ChangeLog b/g10/ChangeLog index 5d4246e13..8580977d9 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,17 @@ +2003-12-04 David Shaw + + * getkey.c (merge_selfsigs_main, merge_selfsigs_subkey, + get_seckey_byname2): Disallow use of encrypt-only v3 Elgamal keys + for anything except revocations. + + * sign.c (do_sign): Add Elgamal encrypt-only keys to the signature + catchall. + + * trustdb.c (mark_usable_uid_certs): Disallow signatures to and + from Elgamal encrypt-only keys in the trustdb. Granted, this + sounds strange, but there are historical keys that fit this + description. + 2003-12-03 Werner Koch * mainproc.c (check_sig_and_print): Removed the "0x" again. diff --git a/g10/getkey.c b/g10/getkey.c index ecd3b2d02..684e617d4 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -1051,7 +1051,8 @@ get_seckey_byname2( GETKEY_CTX *retctx, if (!rc && sk ) { sk_from_block ( &ctx, sk, kb ); - if(sk->pubkey_algo==PUBKEY_ALGO_ELGAMAL) + if(sk->pubkey_algo==PUBKEY_ALGO_ELGAMAL + || (sk->pubkey_algo==PUBKEY_ALGO_ELGAMAL_E && sk->version<4)) rc=G10ERR_UNU_SECKEY; } release_kbnode ( kb ); @@ -1660,8 +1661,10 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked ) key_usage &= x; } - /* Type 20 Elgamal keys are not usable. */ - if(pk->pubkey_algo==PUBKEY_ALGO_ELGAMAL) + /* Type 20 Elgamal keys and the old v3 Elgamal keys are not + usable. */ + if(pk->pubkey_algo==PUBKEY_ALGO_ELGAMAL + || (pk->pubkey_algo==PUBKEY_ALGO_ELGAMAL_E && pk->version<4)) key_usage=0; pk->pubkey_usage = key_usage; @@ -1879,10 +1882,11 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode ) key_usage &= x; } - /* Type 20 Elgamal subkeys or any subkey on a type 20 primary are - not usable. */ + /* Type 20 Elgamal subkeys, any subkey on a type 20 primary, or + any subkey on an old v3 Elgamal(e) primary are not usable. */ if(mainpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL - || subpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL) + || subpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL + || (mainpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL_E && mainpk->version<4)) key_usage=0; subpk->pubkey_usage = key_usage; diff --git a/g10/sign.c b/g10/sign.c index 9c9b92440..f3343e387 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -270,7 +270,7 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig, sign+encrypt keys. Note that this allows for Elgamal designated revocations as well, but that's arguably a good thing. */ - if(sk->pubkey_algo==PUBKEY_ALGO_ELGAMAL && sig->sig_class!=0x20) + if(is_ELGAMAL(sk->pubkey_algo) && sig->sig_class!=0x20) return G10ERR_UNU_SECKEY; print_pubkey_algo_note(sk->pubkey_algo); diff --git a/g10/trustdb.c b/g10/trustdb.c index 04ae07171..f24b13bea 100644 --- a/g10/trustdb.c +++ b/g10/trustdb.c @@ -1194,7 +1194,7 @@ mark_usable_uid_certs (KBNODE keyblock, KBNODE uidnode, continue; /* we only look at these signature classes */ if (!is_in_klist (klist, sig)) continue; /* no need to check it then */ - if(sig->pubkey_algo==PUBKEY_ALGO_ELGAMAL) + if(is_ELGAMAL(sig->pubkey_algo)) { if(opt.verbose) log_info(_("signature from Elgamal signing key %08lX " @@ -1202,7 +1202,7 @@ mark_usable_uid_certs (KBNODE keyblock, KBNODE uidnode, (ulong)sig->keyid[1],(ulong)main_kid[1]); continue; } - if(keyblock->pkt->pkt.public_key->pubkey_algo==PUBKEY_ALGO_ELGAMAL) + if(is_ELGAMAL(keyblock->pkt->pkt.public_key->pubkey_algo)) { if(opt.verbose) log_info(_("signature from %08lX to Elgamal signing key "