diff --git a/g10/ChangeLog b/g10/ChangeLog
index 344a2ac0e..7de4dc6a8 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,20 @@
+2003-07-27 David Shaw <dshaw@jabberwocky.com>
+
+ * packet.h, sig-check.c (signature_check2, do_check,
+ do_check_messages): Provide a signing-key-is-revoked flag. Change
+ all callers.
+
+ * status.h, status.c (get_status_string): New REVKEYSIG status
+ tag for a good signature from a revoked key.
+
+ * mainproc.c (do_check_sig, check_sig_and_print): Use it here.
+
+ * import.c (import_revoke_cert, merge_blocks, merge_sigs): Compare
+ actual signatures on import rather than using keyid or class
+ matching. This does not change actual behavior with a key, but
+ does mean that all sigs are imported whether they will be used or
+ not.
+
2003-07-21 David Shaw <dshaw@jabberwocky.com>
* trustdb.h, trustdb.c (read_trust_options): New. Returns items
diff --git a/g10/import.c b/g10/import.c
index 4052d0ce5..e136fd3be 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -1,5 +1,6 @@
/* import.c
- * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003
+ * Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -948,12 +949,12 @@ import_revoke_cert( const char *fname, KBNODE node, struct stats_s *stats )
if( onode->pkt->pkttype == PKT_USER_ID )
break;
else if( onode->pkt->pkttype == PKT_SIGNATURE
- && onode->pkt->pkt.signature->sig_class == 0x20
- && keyid[0] == onode->pkt->pkt.signature->keyid[0]
- && keyid[1] == onode->pkt->pkt.signature->keyid[1] ) {
+ && !cmp_signatures(node->pkt->pkt.signature,
+ onode->pkt->pkt.signature))
+ {
rc = 0;
goto leave; /* yes, we already know about it */
- }
+ }
}
@@ -1469,13 +1470,12 @@ merge_blocks( const char *fname, KBNODE keyblock_orig, KBNODE keyblock,
break;
else if( onode->pkt->pkttype == PKT_SIGNATURE
&& onode->pkt->pkt.signature->sig_class == 0x20
- && node->pkt->pkt.signature->keyid[0]
- == onode->pkt->pkt.signature->keyid[0]
- && node->pkt->pkt.signature->keyid[1]
- == onode->pkt->pkt.signature->keyid[1] ) {
+ && !cmp_signatures(onode->pkt->pkt.signature,
+ node->pkt->pkt.signature))
+ {
found = 1;
break;
- }
+ }
}
if( !found ) {
char *p=get_user_id_printable (keyid);
@@ -1683,20 +1683,12 @@ merge_sigs( KBNODE dst, KBNODE src, int *n_sigs,
|| n->pkt->pkt.signature->sig_class == 0x28 )
continue; /* skip signatures which are only valid on subkeys */
found = 0;
- for(n2=dst->next; n2 && n2->pkt->pkttype != PKT_USER_ID; n2 = n2->next){
- if( n2->pkt->pkttype == PKT_SIGNATURE
- && n->pkt->pkt.signature->keyid[0]
- == n2->pkt->pkt.signature->keyid[0]
- && n->pkt->pkt.signature->keyid[1]
- == n2->pkt->pkt.signature->keyid[1]
- && n->pkt->pkt.signature->timestamp
- <= n2->pkt->pkt.signature->timestamp
- && n->pkt->pkt.signature->sig_class
- == n2->pkt->pkt.signature->sig_class ) {
- found++;
- break;
+ for(n2=dst->next; n2 && n2->pkt->pkttype != PKT_USER_ID; n2 = n2->next)
+ if(!cmp_signatures(n->pkt->pkt.signature,n2->pkt->pkt.signature))
+ {
+ found++;
+ break;
}
- }
if( !found ) {
/* This signature is new or newer, append N to DST.
* We add a clone to the original keyblock, because this
diff --git a/g10/mainproc.c b/g10/mainproc.c
index 67ec159b6..7bc9a9993 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -660,14 +660,12 @@ proc_compressed( CTX c, PACKET *pkt )
* Returns: 0 = valid signature or an error code
*/
static int
-do_check_sig( CTX c, KBNODE node, int *is_selfsig, int *is_expkey )
+do_check_sig( CTX c, KBNODE node, int *is_selfsig,
+ int *is_expkey, int *is_revkey )
{
PKT_signature *sig;
MD_HANDLE md = NULL, md2 = NULL;
- int algo, rc, dum2;
-
- if(!is_expkey)
- is_expkey=&dum2;
+ int algo, rc;
assert( node->pkt->pkttype == PKT_SIGNATURE );
if( is_selfsig )
@@ -721,9 +719,9 @@ do_check_sig( CTX c, KBNODE node, int *is_selfsig, int *is_expkey )
}
else
return G10ERR_SIG_CLASS;
- rc = signature_check2( sig, md, NULL, is_expkey );
+ rc = signature_check2( sig, md, NULL, is_expkey, is_revkey );
if( rc == G10ERR_BAD_SIGN && md2 )
- rc = signature_check2( sig, md2, NULL, is_expkey );
+ rc = signature_check2( sig, md2, NULL, is_expkey, is_revkey );
md_close(md);
md_close(md2);
@@ -992,7 +990,7 @@ list_node( CTX c, KBNODE node )
fputs("sig", stdout);
if( opt.check_sigs ) {
fflush(stdout);
- switch( (rc2=do_check_sig( c, node, &is_selfsig, NULL )) ) {
+ switch( (rc2=do_check_sig( c, node, &is_selfsig, NULL, NULL )) ) {
case 0: sigrc = '!'; break;
case G10ERR_BAD_SIGN: sigrc = '-'; break;
case G10ERR_NO_PUBKEY:
@@ -1241,7 +1239,7 @@ check_sig_and_print( CTX c, KBNODE node )
{
PKT_signature *sig = node->pkt->pkt.signature;
const char *astr, *tstr;
- int rc, is_expkey=0;
+ int rc, is_expkey=0, is_revkey=0;
if( opt.skip_verify ) {
log_info(_("signature verification suppressed\n"));
@@ -1308,10 +1306,10 @@ check_sig_and_print( CTX c, KBNODE node )
log_info(_("Signature made %.*s using %s key ID %08lX\n"),
(int)strlen(tstr), tstr, astr? astr: "?", (ulong)sig->keyid[1] );
- rc = do_check_sig(c, node, NULL, &is_expkey );
+ rc = do_check_sig(c, node, NULL, &is_expkey, &is_revkey );
if( rc == G10ERR_NO_PUBKEY && opt.keyserver_scheme && opt.keyserver_options.auto_key_retrieve) {
if( keyserver_import_keyid ( sig->keyid )==0 )
- rc = do_check_sig(c, node, NULL, &is_expkey );
+ rc = do_check_sig(c, node, NULL, &is_expkey, &is_revkey );
}
/* If the key still isn't found, try to inform the user where it
@@ -1345,6 +1343,8 @@ check_sig_and_print( CTX c, KBNODE node )
statno=STATUS_EXPSIG;
else if(is_expkey)
statno=STATUS_EXPKEYSIG;
+ else if(is_revkey)
+ statno=STATUS_REVKEYSIG;
else
statno=STATUS_GOODSIG;
diff --git a/g10/packet.h b/g10/packet.h
index 0a37dc023..12319fdb4 100644
--- a/g10/packet.h
+++ b/g10/packet.h
@@ -451,7 +451,7 @@ int cmp_user_ids( PKT_user_id *a, PKT_user_id *b );
/*-- sig-check.c --*/
int signature_check( PKT_signature *sig, MD_HANDLE digest );
int signature_check2( PKT_signature *sig, MD_HANDLE digest,
- u32 *r_expiredate, int *r_expired );
+ u32 *r_expiredate, int *r_expired, int *r_revoked );
/*-- seckey-cert.c --*/
int is_secret_key_protected( PKT_secret_key *sk );
diff --git a/g10/sig-check.c b/g10/sig-check.c
index 0af51a826..3fcb521f0 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -1,5 +1,6 @@
/* sig-check.c - Check a signature
- * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003
+ * Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -40,7 +41,7 @@ struct cmp_help_context_s {
};
static int do_check( PKT_public_key *pk, PKT_signature *sig,
- MD_HANDLE digest, int *r_expired );
+ MD_HANDLE digest, int *r_expired, int *r_revoked );
/****************
* Check the signature which is contained in SIG.
@@ -50,12 +51,12 @@ static int do_check( PKT_public_key *pk, PKT_signature *sig,
int
signature_check( PKT_signature *sig, MD_HANDLE digest )
{
- return signature_check2( sig, digest, NULL, NULL );
+ return signature_check2( sig, digest, NULL, NULL, NULL );
}
int
signature_check2( PKT_signature *sig, MD_HANDLE digest,
- u32 *r_expiredate, int *r_expired )
+ u32 *r_expiredate, int *r_expired, int *r_revoked )
{
PKT_public_key *pk = m_alloc_clear( sizeof *pk );
int rc=0;
@@ -77,7 +78,7 @@ signature_check2( PKT_signature *sig, MD_HANDLE digest,
else {
if(r_expiredate)
*r_expiredate = pk->expiredate;
- rc = do_check( pk, sig, digest, r_expired );
+ rc = do_check( pk, sig, digest, r_expired, r_revoked );
}
free_public_key( pk );
@@ -201,12 +202,15 @@ cmp_help( void *opaque, MPI result )
}
static int
-do_check_messages( PKT_public_key *pk, PKT_signature *sig, int *r_expired )
+do_check_messages( PKT_public_key *pk, PKT_signature *sig,
+ int *r_expired, int *r_revoked )
{
u32 cur_time;
if(r_expired)
*r_expired = 0;
+ if(r_revoked)
+ *r_revoked = 0;
if( pk->version == 4 && pk->pubkey_algo == PUBKEY_ALGO_ELGAMAL_E ) {
log_info(_("key %08lX: this is a PGP generated "
"ElGamal key which is NOT secure for signatures!\n"),
@@ -253,19 +257,22 @@ do_check_messages( PKT_public_key *pk, PKT_signature *sig, int *r_expired )
*r_expired = 1;
}
+ if(pk->is_revoked && r_revoked)
+ *r_revoked=1;
+
return 0;
}
static int
do_check( PKT_public_key *pk, PKT_signature *sig, MD_HANDLE digest,
- int *r_expired )
+ int *r_expired, int *r_revoked )
{
MPI result = NULL;
int rc=0;
struct cmp_help_context_s ctx;
- if( (rc=do_check_messages(pk,sig,r_expired)) )
+ if( (rc=do_check_messages(pk,sig,r_expired,r_revoked)) )
return rc;
if( (rc=check_digest_algo(sig->digest_algo)) )
return rc;
@@ -477,6 +484,8 @@ check_key_signature( KBNODE root, KBNODE node, int *is_selfsig )
/* If check_pk is set, then use it to check the signature in node
rather than getting it from root or the keydb. */
+/* TODO: add r_revoked here as well. It has the same problems as
+ r_expiredate and r_expired and the cache. */
int
check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
int *is_selfsig, u32 *r_expiredate, int *r_expired )
@@ -510,8 +519,9 @@ check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] )
*is_selfsig = 1;
}
- /* TODO: should set r_expiredate here as well */
- if((rc=do_check_messages(pk,sig,r_expired)))
+ /* BUG: This is wrong for non-self-sigs.. needs to be the
+ actual pk */
+ if((rc=do_check_messages(pk,sig,r_expired,NULL)))
return rc;
return sig->flags.valid? 0 : G10ERR_BAD_SIGN;
}
@@ -531,7 +541,7 @@ check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
{
md = md_open( algo, 0 );
hash_public_key( md, pk );
- rc = do_check( pk, sig, md, r_expired );
+ rc = do_check( pk, sig, md, r_expired, NULL );
cache_sig_result ( sig, rc );
md_close(md);
}
@@ -543,7 +553,7 @@ check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
md = md_open( algo, 0 );
hash_public_key( md, pk );
hash_public_key( md, snode->pkt->pkt.public_key );
- rc = do_check( pk, sig, md, r_expired );
+ rc = do_check( pk, sig, md, r_expired, NULL );
cache_sig_result ( sig, rc );
md_close(md);
}
@@ -569,7 +579,7 @@ check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
md = md_open( algo, 0 );
hash_public_key( md, pk );
hash_public_key( md, snode->pkt->pkt.public_key );
- rc = do_check( pk, sig, md, r_expired );
+ rc = do_check( pk, sig, md, r_expired, NULL );
cache_sig_result ( sig, rc );
md_close(md);
}
@@ -584,7 +594,7 @@ check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
else if( sig->sig_class == 0x1f ) { /* direct key signature */
md = md_open( algo, 0 );
hash_public_key( md, pk );
- rc = do_check( pk, sig, md, r_expired );
+ rc = do_check( pk, sig, md, r_expired, NULL );
cache_sig_result ( sig, rc );
md_close(md);
}
@@ -602,12 +612,12 @@ check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
{
if( is_selfsig )
*is_selfsig = 1;
- rc = do_check( pk, sig, md, r_expired );
+ rc = do_check( pk, sig, md, r_expired, NULL );
}
else if (check_pk)
- rc=do_check(check_pk,sig,md,r_expired);
+ rc=do_check(check_pk,sig,md,r_expired,NULL);
else
- rc = signature_check2( sig, md, r_expiredate, r_expired );
+ rc = signature_check2( sig, md, r_expiredate, r_expired, NULL );
cache_sig_result ( sig, rc );
md_close(md);
diff --git a/g10/status.c b/g10/status.c
index cc30db79b..cde0c8d77 100644
--- a/g10/status.c
+++ b/g10/status.c
@@ -148,6 +148,7 @@ get_status_string ( int no )
case STATUS_SIGEXPIRED : s = "SIGEXPIRED deprecated-use-keyexpired-instead"; break;
case STATUS_EXPSIG : s = "EXPSIG"; break;
case STATUS_EXPKEYSIG : s = "EXPKEYSIG"; break;
+ case STATUS_REVKEYSIG : s = "REVKEYSIG"; break;
case STATUS_ATTRIBUTE : s = "ATTRIBUTE"; break;
default: s = "?"; break;
}
diff --git a/g10/status.h b/g10/status.h
index 44a7d6d32..68da60d28 100644
--- a/g10/status.h
+++ b/g10/status.h
@@ -99,6 +99,7 @@
#define STATUS_ATTRIBUTE 67
#define STATUS_IMPORT_OK 68
#define STATUS_IMPORT_CHECK 69
+#define STATUS_REVKEYSIG 70
/*-- status.c --*/
void set_status_fd ( int fd );