diff options
Diffstat (limited to 'g10')
| -rw-r--r-- | g10/ChangeLog | 9 | ||||
| -rw-r--r-- | g10/build-packet.c | 34 | ||||
| -rw-r--r-- | g10/import.c | 7 |
3 files changed, 49 insertions, 1 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index 274637a4b..91a45a931 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,12 @@ +Tue Apr 6 19:58:12 CEST 1999 Werner Koch <[email protected]> + + * armor.c: Removed duped include (John Bley) + * mainproc.c: Ditto. + + * build-packet.c (hash_public_key): Fixed hashing of the header. + + * import.c (delete_inv_parts): Allow import of own non-exportable sigs. + Sat Mar 20 13:59:47 CET 1999 Werner Koch <[email protected]> * armor.c (fake_packet): Fix for not not-dash-escaped diff --git a/g10/build-packet.c b/g10/build-packet.c index 810bd0dc2..ca0837f6b 100644 --- a/g10/build-packet.c +++ b/g10/build-packet.c @@ -241,6 +241,8 @@ hash_public_key( MD_HANDLE md, PKT_public_key *pk ) { PACKET pkt; int rc = 0; + int ctb; + ulong pktlen; int c; IOBUF a = iobuf_temp(); #if 0 @@ -256,6 +258,38 @@ hash_public_key( MD_HANDLE md, PKT_public_key *pk ) pkt.pkt.public_key = pk; if( (rc = build_packet( a, &pkt )) ) log_fatal("build public_key for hashing failed: %s\n", g10_errstr(rc)); + /* skip the constructed header */ + ctb = iobuf_get_noeof(a); + pktlen = 0; + if( (ctb & 0x40) ) { + c = iobuf_get_noeof(a); + if( c < 192 ) + pktlen = c; + else if( c < 224 ) { + pktlen = (c - 192) * 256; + c = iobuf_get_noeof(a); + pktlen += c + 192; + } + else if( c == 255 ) { + pktlen = iobuf_get_noeof(a) << 24; + pktlen |= iobuf_get_noeof(a) << 16; + pktlen |= iobuf_get_noeof(a) << 8; + pktlen |= iobuf_get_noeof(a); + } + } + else { + int lenbytes = ((ctb&3)==3)? 0 : (1<<(ctb & 3)); + for( ; lenbytes; lenbytes-- ) { + pktlen <<= 8; + pktlen |= iobuf_get_noeof(a); + } + } + /* hash a header */ + md_putc( md, 0x99 ); + pktlen &= 0xffff; /* can't handle longer packets */ + md_putc( md, pktlen >> 8 ); + md_putc( md, pktlen & 0xff ); + /* hash the packet body (don't use pktlen here!) */ while( (c=iobuf_get(a)) != -1 ) { #if 0 fprintf( fp," %02x", c ); diff --git a/g10/import.c b/g10/import.c index 920aafbea..deab7f4bd 100644 --- a/g10/import.c +++ b/g10/import.c @@ -796,7 +796,12 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid ) else if( node->pkt->pkttype == PKT_SIGNATURE && (p = parse_sig_subpkt2( node->pkt->pkt.signature, SIGSUBPKT_EXPORTABLE, NULL )) - && !*p ) { + && !*p + && seckey_available( node->pkt->pkt.signature->keyid ) ) { + /* here we violate the rfc a bit by still allowing + * to import non-exportable signature when we have the + * the secret key used to create this signature - it + * seems that this makes sense */ log_info_f(fname, _("key %08lX: non exportable signature " "(class %02x) - skipped\n"), (ulong)keyid[1], |