security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-06-19 00:52:46 +02:00
Code Activity
cedd754fcb
gnupg/g10
History
Werner Koch cedd754fcb
gpg: Fix import's repair-key duplicate signature detection. 
* g10/packet.h (PKG_siganture): Add field 'help_counter'.
* g10/key-check.c (sig_comparison): Take care of HELP_COUNTER.
(key_check_all_keysigs): De-duplicate on a per-block base.
--

The key_check_all_keysigs first does a detection of duplicate
signature.  This is done over all signatures at once.  The problem
here is for example:

   key
   uid_1
     sig_uid_1.1
     sig_uid_1.2
   subkey_1
     sig_sub_1.1
   subkey_2
     sig_sub_2.1
     sig_sub_2.2  (duplicate of sig_sub_1.1)

Now the de-duplication deletes the first signature and keeps the
second.  That works in most cases for foreign signature on userids but
in the above constellation the code simply removes sig_sub_1.1 so that
subkey_1 has no binding signature anymore.  In a later step during
import the missing binding is detected and subkey_1 is removed because
it is not anymore valid.  The sig_sub_2.2 will also be removed later
because it does not check out for subkey_2 (that is as expected).

The fix is to let the de-duplication work only on blocks (ie. within
the signatures of a user id or a subkey).  This will not detect all
duplicates but that does not harm because later steps will detect and
remove them.

In the above case (with this patch applied) the second phase of
key_check_all_keysigs will reorder key signatures and move the
duplicate sig_sub_2.2 directly after sig_sub_1.1.  This duplicates the
signature and for cleanness we should kick the de-duplication process
again.  This will be done with a followup patch.

GnuPG-bug-id: 3994
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 26bce2f01d)
2018-06-07 18:43:04 +02:00
..
all-tests.scm tests: Make it possible to run all tests using our infrastructure. 2017-05-11 18:12:37 +02:00
armor.c g10, sm, dirmngr, common: Add comment for fall through. 2017-05-10 11:13:12 +09:00
build-packet.c doc: Comment fixes and one trailing comma fix. 2017-07-20 18:13:40 +02:00
call-agent.c gpg,sm: New option --request-origin. 2018-03-23 09:06:20 +01:00
call-agent.h g10: Change ask_curve so that it can be used outside. 2018-03-28 18:44:45 +09:00
call-dirmngr.c gpg: Add option '--disable-dirmngr'. 2017-08-08 11:43:22 +02:00
call-dirmngr.h gpg: Store key origin info for new DANE and WKD retrieved keys. 2017-07-24 20:09:52 +02:00
card-util.c g10: Fix printing the keygrip with --card-status. 2018-04-25 09:37:21 +09:00
ChangeLog-2011 Spelling: correct spelling of "passphrase". 2016-11-02 12:53:58 +01:00
cipher.c gpg: Remove MDC options 2018-05-31 12:08:22 +02:00
compress-bz2.c g10,tools: Fix bzlib.h include order. 2017-04-11 13:52:19 +09:00
compress.c gpg: Fix minor memory leak in the compress filter. 2018-05-02 20:15:10 +02:00
cpr.c gpg: Emit FAILURE stati now in almost all cases. 2018-04-06 17:32:25 +02:00
dearmor.c Revert "g10: Always save standard revocation certificate in file." 2017-08-01 19:08:16 +02:00
decrypt-data.c gpg,sm: String changes for compliance diagnostics. 2017-07-28 17:46:43 +02:00
decrypt.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
dek.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
delkey.c gpg: Pass CTRL to many more functions. 2017-03-31 20:07:20 +02:00
distsigkey.gpg build: Update distsigkey.gpg 2017-11-22 20:54:47 +01:00
ecdh.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
encrypt.c gpg: Remove MDC options 2018-05-31 12:08:22 +02:00
exec.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
exec.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
export.c gpg: Return an error from hexfingerprint on malloc error. 2017-12-13 10:52:34 +01:00
filter.h gpg: Fix minor memory leak in the compress filter. 2018-05-02 20:15:10 +02:00
free-packet.c gpg: Fix possible double free of the card serialno. 2017-07-21 17:49:10 +02:00
getkey.c gpg: Extend the "sig" record in --list-mode. 2018-04-12 17:53:17 +02:00
gpg-w32info.rc w32: Add manifest to gpg. 2015-02-04 09:15:34 +01:00
gpg.c gpg: New command --show-keys. 2018-06-06 11:59:06 +02:00
gpg.h gpg: Fix build on Windows. 2018-03-08 14:08:51 +09:00
gpg.w32-manifest.in w32: Add manifest to gpg. 2015-02-04 09:15:34 +01:00
gpgcompose.c gpg: Avoid output to the tty during import. 2017-07-27 11:38:57 +02:00
gpgsql.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
gpgsql.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
gpgv.c gpgv: Initialize compliance checker. 2017-09-13 09:18:15 +02:00
helptext.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
import.c gpg: Improve verbose output during import. 2018-06-07 18:42:32 +02:00
kbnode.c gpg: Extend free_packet to handle a packet parser context. 2017-03-29 12:08:31 +02:00
key-check.c gpg: Fix import's repair-key duplicate signature detection. 2018-06-07 18:43:04 +02:00
key-check.h gpg: Avoid output to the tty during import. 2017-07-27 11:38:57 +02:00
keydb.c gpg: Don't let gpg return failure on an invalid packet in a keyblock. 2018-02-22 14:23:01 +01:00
keydb.h gpg: Extend the "sig" record in --list-mode. 2018-04-12 17:53:17 +02:00
keyedit.c gpg: Extend the "sig" record in --list-mode. 2018-04-12 17:53:17 +02:00
keyedit.h gpg: Avoid output to the tty during import. 2017-07-27 11:38:57 +02:00
keygen.c g10: Support key attribute change at --card-edit/generate. 2018-03-29 11:56:02 +09:00
keyid.c gpg: Return an error from hexfingerprint on malloc error. 2017-12-13 10:52:34 +01:00
keylist.c gpg: Extend the "sig" record in --list-mode. 2018-04-12 17:53:17 +02:00
keyring.c gpg: Don't let gpg return failure on an invalid packet in a keyblock. 2018-02-22 14:23:01 +01:00
keyring.h gpg: Pass CTRL to many more functions. 2017-03-31 20:07:20 +02:00
keyserver-internal.h gpg: Pass key origin values to import functions. 2017-07-13 18:29:01 +02:00
keyserver.c gpg: Extend --key-origin to take an optional URL arg. 2017-07-24 21:10:58 +02:00
main.h g10: Support key attribute change at --card-edit/generate. 2018-03-29 11:56:02 +09:00
mainproc.c gpg: Also detect a plaintext packet before an encrypted packet. 2018-06-06 15:49:00 +02:00
Makefile.am tofu: Compare squares instead of square roots. 2017-07-10 18:09:42 +02:00
mdfilter.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
migrate.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
misc.c gpg: Fix build on Windows. 2018-03-08 14:08:51 +09:00
openfile.c Revert "g10: Always save standard revocation certificate in file." 2017-08-01 19:08:16 +02:00
options.h gpg: Remove MDC options 2018-05-31 12:08:22 +02:00
packet.h gpg: Fix import's repair-key duplicate signature detection. 2018-06-07 18:43:04 +02:00
parse-packet.c doc: Typo fix in comment. 2018-03-21 19:45:31 +01:00
passphrase.c gpg: Extend the "sig" record in --list-mode. 2018-04-12 17:53:17 +02:00
photoid.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
photoid.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
pkclist.c gpg: Extend the "sig" record in --list-mode. 2018-04-12 17:53:17 +02:00
pkglue.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
pkglue.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
plaintext.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
progress.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
pubkey-enc.c gpg,sm: Error out on compliance mismatch while decrypting. 2017-08-01 08:41:47 +02:00
pubring.asc Update copyright notices for 2017. 2017-01-23 19:16:55 +01:00
revoke.c gpg: Extend the "sig" record in --list-mode. 2018-04-12 17:53:17 +02:00
rmd160.c Clean up word replication. 2017-02-21 13:11:46 -05:00
rmd160.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
seckey-cert.c More change for common. 2017-03-07 20:32:09 +09:00
server.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
seskey.c Spelling fixes in docs and comments. 2017-04-28 10:06:33 +09:00
sig-check.c gpg: Check that a key may do certifications. 2018-04-06 17:32:27 +02:00
sign.c Revert "g10: Always save standard revocation certificate in file." 2017-08-01 19:08:16 +02:00
skclist.c g10: Fix default-key selection for signing, possibly by card. 2017-05-22 09:27:36 +09:00
t-keydb-get-keyblock.c gpg: Fix actual leak and possible leaks in the packet parser. 2017-03-30 16:01:52 +02:00
t-keydb-get-keyblock.gpg gpg: Correctly handle keyblocks followed by legacy keys. 2015-11-17 14:53:03 +01:00
t-keydb-keyring.kbx g10: Add test for keydb as well as new testing infrastructure. 2015-09-02 15:08:57 +02:00
t-keydb.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-rmd160.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-stutter-data.asc gpg: Add a new test. 2016-03-08 14:08:49 +01:00
t-stutter.c g10: Stop compiler warning for t-stutter. 2017-05-10 11:13:03 +09:00
tdbdump.c gpg: Pass CTRL arg to get_trusthashrec. 2018-03-26 18:06:43 +02:00
tdbio.c gpg: Auto-fix a broken trustdb with just the version record. 2018-03-26 18:20:16 +02:00
tdbio.h gpg: Pass CTRL arg to get_trusthashrec. 2018-03-26 18:06:43 +02:00
test-stubs.c gpg: Pass CTRL to many more functions. 2017-03-31 20:07:20 +02:00
test.c tests: Locate resources and scripts relative to top source dir. 2017-04-24 14:14:05 +02:00
textfilter.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
tofu.c gpg: Return an error from hexfingerprint on malloc error. 2017-12-13 10:52:34 +01:00
tofu.h g10: Remove dead code. 2016-12-06 12:16:56 +01:00
trust.c gpg: Workaround for junk after --trusted-key. 2017-09-28 14:10:12 +02:00
trustdb.c gpg: Pass CTRL arg to get_trusthashrec. 2018-03-26 18:06:43 +02:00
trustdb.h gpg: Pass CTRL to many more functions. 2017-03-31 20:07:20 +02:00
verify.c Spelling fixes in docs and comments. 2017-04-28 10:06:33 +09:00
zlib-riscos.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00