1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00
Werner Koch 43b23aa82b
gpg: Avoid importing secret keys if the keyblock is not valid.
* g10/keydb.h (struct kbnode_struct): Replace unused field RECNO by
new field TAG.
* g10/kbnode.c (alloc_node): Change accordingly.
* g10/import.c (import_one): Add arg r_valid.
(sec_to_pub_keyblock): Set tags.
(resync_sec_with_pub_keyblock): New.
(import_secret_one): Change return code to gpg_error_t.   Return an
error code if sec_to_pub_keyblock failed.  Resync secret keyblock.
--

When importing an invalid secret key ring for example without key
binding signatures or no UIDs, gpg used to let gpg-agent store the
secret keys anyway.  This is clearly a bug because the diagnostics
before claimed that for example the subkeys have been skipped.
Importing the secret key parameters then anyway is surprising in
particular because a gpg -k does not show the key.  After importing
the public key the secret keys suddenly showed up.

This changes the behaviour of
GnuPG-bug-id: 4392
to me more consistent but is not a solution to the actual bug.

Caution: The ecc.scm test now fails because two of the sample keys
         don't have binding signatures.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit f799e9728bcadb3d4148a47848c78c5647860ea4)
2019-03-18 13:16:35 +01:00
..
2006-05-16 09:54:41 +00:00
2004-02-17 15:07:27 +00:00
2018-01-29 09:34:37 +09:00
2002-01-29 15:46:55 +00:00
2002-01-29 15:46:55 +00:00
2002-01-29 15:46:55 +00:00
2002-01-29 15:46:55 +00:00
2002-01-29 15:46:55 +00:00
2002-01-29 15:46:55 +00:00
2002-01-29 15:46:55 +00:00
2002-01-29 15:46:55 +00:00
2002-04-15 17:15:21 +00:00
2011-02-04 12:57:53 +01:00