security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Activity
gnupg/sm
History
Werner Koch c9343bec83
sm: Detect circular chains in --list-chain. 
* sm/keylist.c (list_cert_chain): Break loop for a too long chain.
--

This avoids endless loops in case of circular chain definitions.  We
use such a limit at other palces as well.  Example for such a chain is

# ------------------------ >8 ------------------------
           ID: 0xBE231B05
          S/N: 51260A931CE27F9CC3A55F79E072AE82
        (dec): 107864989418777835411218143713715990146
       Issuer: CN=UTN - DATACorp SGC,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
      Subject: CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE
     sha2_fpr: 92:5E:4B:37:2B:A3:2E:5E:87:30:22:84:B2:D7:C9:DF:BF:82:00:FF:CB:A0:D1:66:03:A1:A0:6F:F7:6C:D3:53
     sha1_fpr: 31:93:78:6A:48:BD:F2:D4:D2:0B:8F:C6:50:1F:4D:E8:BE:23:1B:05
      md5_fpr: AC:F3:10:0D:1A:96:A9:2E:B8:8B:9B:F8:7E:09:FA:E6
      pgp_fpr: E8D2CA1449A80D784FB1532C06B1611DB06A1678
       certid: 610C27E9D37835A8962EA5B8368D3FBED1A8A15D.51260A931CE27F9CC3A55F79E072AE82
      keygrip: CFCA58448222ECAAF77EEF8CC45F0D6DB4E412C9
    notBefore: 2005-06-07 08:09:10
     notAfter: 2019-06-24 19:06:30
     hashAlgo: 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
      keyType: rsa2048
    subjKeyId: ADBD987A34B426F7FAC42654EF03BDE024CB541A
    authKeyId: [none]
 authKeyId.ki: 5332D1B3CF7FFAE0F1A05D854E92D29E451DB44F
[...]

Certified by
           ID: 0xCE2E4C63
          S/N: 46EAF096054CC5E3FA65EA6E9F42C664
        (dec): 94265836834010752231943569188608722532
       Issuer: CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE
      Subject: CN=UTN - DATACorp SGC,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
     sha2_fpr: 21:3F:AD:03:B1:C5:23:47:E9:A8:0F:29:9A:F0:89:9B:CA:FF:3F:62:B3:4E:B0:60:66:F4:D7:EE:A5:EE:1A:73
     sha1_fpr: 9E:99:81:7D:12:28:0C:96:77:67:44:30:49:2E:DA:1D:CE:2E:4C:63
      md5_fpr: 55:07:0F:1F:9A:E5:EA:21:61:F3:72:2B:8B:41:7F:27
      pgp_fpr: 922A6D0A1C0027E75038F8A1503DA72CF2C53840
       certid: 14673DA5792E145E9FA1425F9EF3BFC1C4B4957C.46EAF096054CC5E3FA65EA6E9F42C664
      keygrip: 10678FB5A458D99B7692851E49849F507688B847
    notBefore: 2005-06-07 08:09:10
     notAfter: 2020-05-30 10:48:38
     hashAlgo: 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
      keyType: rsa2048
    subjKeyId: 5332D1B3CF7FFAE0F1A05D854E92D29E451DB44F
    authKeyId: [none]
 authKeyId.ki: ADBD987A34B426F7FAC42654EF03BDE024CB541A
     keyUsage: certSign crlSign
[...]

Which has a circular dependency on subKeyId/authkeyId.ki.
 		2021-11-15 17:54:08 +01:00
..
ChangeLog-2011 Generate the ChangeLog from commit logs. 2011-12-01 11:09:02 +01:00
Makefile.am w32: Add manifest files to most binaries 2020-10-02 17:04:12 +02:00
call-agent.c gpg,gpgsm: Record the creation time of a private key. 2020-08-23 12:31:18 +02:00
call-dirmngr.c gpg,sm: Simplify keyserver spec parsing. 2021-05-26 14:30:17 +02:00
certchain.c Replace most of the remaining stdio calls by estream calls. 2020-10-21 21:09:38 +02:00
certcheck.c Assorted memory leak fixes on the error code paths. 2021-05-20 14:51:42 +02:00
certdump.c sm: Fix a bug in the rfc2253 parser 2020-08-28 09:09:34 +02:00
certlist.c sm: Avoid confusing diagnostic for the default key. 2019-05-27 15:48:41 +02:00
certreqgen-ui.c sm: Show the usage flags when generating a key from a card. 2019-08-21 13:59:17 +02:00
certreqgen.c sm: Fix possible NULL deref in error messages of --gen-key. 2020-03-30 17:32:42 +02:00
decrypt.c sm: Support AES-GCM decryption. 2021-06-02 19:11:42 +02:00
delete.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
encrypt.c Assorted memory leak fixes on the error code paths. 2021-05-20 14:51:42 +02:00
export.c sm: Ask for the password for password based decryption (pwri) 2021-05-17 19:29:06 +02:00
fingerprint.c sm: Exclude rsaPSS from de-vs compliance mode. 2020-07-03 17:08:58 +02:00
gpgsm-w32info.rc w32: Add manifest files to most binaries 2020-10-02 17:04:12 +02:00
gpgsm.c sm: New option --ldapserver as an alias for --keyserver. 2021-06-09 10:34:14 +02:00
gpgsm.h gpg,sm: Simplify keyserver spec parsing. 2021-05-26 14:30:17 +02:00
gpgsm.w32-manifest.in w32: Add manifest files to most binaries 2020-10-02 17:04:12 +02:00
import.c sm: Ask for the password for password based decryption (pwri) 2021-05-17 19:29:06 +02:00
keydb.c sm: Do away with the locked flag in keydb.c 2021-03-02 19:16:28 +01:00
keydb.h sm: On Windows close the kbx files at several places. 2021-03-02 19:01:07 +01:00
keylist.c sm: Detect circular chains in --list-chain. 2021-11-15 17:54:08 +01:00
minip12.c sm: Silence some other pkcs#12 import prattle 2021-03-01 09:46:59 +01:00
minip12.h sm: Silence some output on --quiet 2021-02-24 08:38:13 +01:00
misc.c sm: Exclude rsaPSS from de-vs compliance mode. 2020-07-03 17:08:58 +02:00
passphrase.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
passphrase.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
qualified.c Replace most of the remaining stdio calls by estream calls. 2020-10-21 21:09:38 +02:00
server.c Assorted memory leak fixes on the error code paths. 2021-05-20 14:51:42 +02:00
sign.c sm: Exclude rsaPSS from de-vs compliance mode. 2020-07-03 17:08:58 +02:00
verify.c Include the library version in the compliance checks. 2021-01-28 16:01:53 +01:00