* keylist.c (print_capabilities): Secret-parts-missing keys should show

that fact in the capabilities, and only primary signing keys can certify other keys. * packet.h, parse_packet.c (parse_key): Add is_primary flag for public keys (it already exists for secret keys).
2002-10-03 19:20:37 +00:00 · 2002-10-03 19:20:37 +00:00 · fcefffcb00
parent 58972f24c4
commit fcefffcb00
4 changed files with 26 additions and 5 deletions
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,12 @@
+2002-10-03  David Shaw  <dshaw@jabberwocky.com>
+
+	* keylist.c (print_capabilities): Secret-parts-missing keys should
+	show that fact in the capabilities, and only primary signing keys
+	can certify other keys.
+
+	* packet.h, parse_packet.c (parse_key): Add is_primary flag for
+	public keys (it already exists for secret keys).
+
 2002-10-02  David Shaw  <dshaw@jabberwocky.com>

 	* import.c (import_secret_one): Check for an illegal (>110)
--- a/g10/keylist.c
+++ b/g10/keylist.c
@ -305,9 +305,10 @@ print_capabilities (PKT_public_key *pk, PKT_secret_key *sk, KBNODE keyblock)
    if ( use & PUBKEY_USAGE_ENC ) {
        putchar ('e');
    }
-    if ( use & PUBKEY_USAGE_SIG ) {
+    if ( (use & PUBKEY_USAGE_SIG) && !(sk?(sk->protect.s2k.mode==1001):0) ) {
        putchar ('s');
-        putchar ('c');
+	if( pk? pk->is_primary : sk->is_primary )
+	  putchar ('c');
    }
    if ( keyblock ) { /* figure our the usable capabilities */
        KBNODE k;
@ -321,17 +322,26 @@ print_capabilities (PKT_public_key *pk, PKT_secret_key *sk, KBNODE keyblock)
                    if ( pk->pubkey_usage & PUBKEY_USAGE_ENC )
                        enc = 1;
                    if ( pk->pubkey_usage & PUBKEY_USAGE_SIG )
-                        sign = cert = 1;
+		      {
+			sign = 1;
+			if(pk->is_primary)
+			  cert = 1;
+		      }
                }
            }
            else if ( k->pkt->pkttype == PKT_SECRET_KEY 
                      || k->pkt->pkttype == PKT_SECRET_SUBKEY ) {
                sk = k->pkt->pkt.secret_key;
-                if ( sk->is_valid && !sk->is_revoked && !sk->has_expired ) {
+                if ( sk->is_valid && !sk->is_revoked && !sk->has_expired
+		     && sk->protect.s2k.mode!=1001 ) {
                    if ( sk->pubkey_usage & PUBKEY_USAGE_ENC )
                        enc = 1;
                    if ( sk->pubkey_usage & PUBKEY_USAGE_SIG )
-                        sign = cert = 1;
+		      {
+			sign = 1;
+			if(sk->is_primary)
+			  cert = 1;
+		      }
                }
            }
        }
--- a/g10/packet.h
+++ b/g10/packet.h
@ -202,6 +202,7 @@ typedef struct {
    ulong   local_id;	    /* internal use, valid if > 0 */
    u32     main_keyid[2];  /* keyid of the primary key */
    u32     keyid[2];	    /* calculated by keyid_from_pk() */
+    byte    is_primary;
    prefitem_t *prefs;      /* list of preferences (may be NULL) */
    int     mdc_feature;    /* mdc feature set */
    byte    *namehash;	    /* if != NULL: found by this name */
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@ -1523,6 +1523,7 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
 	pk->max_expiredate = max_expiredate;
 	pk->hdrbytes	= hdrlen;
 	pk->version	= version;
+	pk->is_primary = pkttype == PKT_PUBLIC_KEY;
 	pk->pubkey_algo = algorithm;
 	pk->req_usage = 0; 
 	pk->pubkey_usage = 0; /* not yet used */