diff options
| author | NIIBE Yutaka <[email protected]> | 2015-05-19 01:14:09 +0000 |
|---|---|---|
| committer | NIIBE Yutaka <[email protected]> | 2015-05-19 01:14:09 +0000 |
| commit | b3fd30451a5464b124b0296afbc341cb98b3977c (patch) | |
| tree | c0b2ad18b0c38550c2e4385784f9ab8cfd60bf1b | |
| parent | g10: fix cmp_public_key and cmp_secret_keys. (diff) | |
| download | gnupg-b3fd30451a5464b124b0296afbc341cb98b3977c.tar.gz gnupg-b3fd30451a5464b124b0296afbc341cb98b3977c.zip | |
g10: Improve handling of no corresponding public key.
* g10/getkey.c (get_seckey): Return G10ERR_NO_PUBKEY when it's not
exact match.
--
In the situation of corrupted .gnupg/ where only private subkey is
available but no corresponding public key of the subkey, the code
returned public primary key which caused mysterious error (for a
user). This fix detects an error earlier.
GnuPG-bug-id: 1422
Debian-Bug-Id: #638619
| -rw-r--r-- | g10/getkey.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/g10/getkey.c b/g10/getkey.c index d5d1135d2..fc3c17925 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -498,7 +498,19 @@ get_seckey( PKT_secret_key *sk, u32 *keyid ) ctx.req_usage = sk->req_usage; rc = lookup( &ctx, &kb, 1 ); if ( !rc ) { + u32 skid[2]; + sk_from_block ( &ctx, sk, kb ); + keyid_from_sk ( sk, skid ); + /* + * Make sure it's exact match of keyid. + * If not, it's secret subkey with no public key. + */ + if (!(keyid[0] == skid[0] && keyid[1] == skid[1])) { + log_error (_("key %s: secret key without public key" + " - skipped\n"), keystr(keyid)); + rc = G10ERR_NO_PUBKEY; + } } get_seckey_end( &ctx ); release_kbnode ( kb ); |