From 018f35229467942e766d356156ff7934dff932ce Mon Sep 17 00:00:00 2001 From: David Shaw Date: Thu, 11 Apr 2002 04:04:41 +0000 Subject: * misc.c (pct_expando), options.skel: Use %t to indicate type of a photo ID (in this version, it's always "jpeg"). Also tweak string expansion loop to minimize reallocs. * mainproc.c (do_check_sig): Variable type fix. * keyedit.c (menu_set_primary_uid): Differentiate between true user IDs and attribute user IDs when making one of them primary. That is, if we are making a user ID primary, we alter user IDs. If we are making an attribute packet primary, we alter attribute packets. This matches the language in the latest attribute packet draft. * keyedit.c (sign_uids): No need for the empty string hack. * getkey.c (fixup_uidnode): Only accept preferences from the hashed segment of the self-sig. --- g10/ChangeLog | 20 ++++++++++++++++++++ g10/getkey.c | 15 ++++++--------- g10/keyedit.c | 29 ++++++++++++++++++++--------- g10/mainproc.c | 3 ++- g10/misc.c | 20 +++++++++++++++----- g10/options.skel | 3 ++- 6 files changed, 65 insertions(+), 25 deletions(-) diff --git a/g10/ChangeLog b/g10/ChangeLog index 17fcecdfd..d45c5e38a 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,23 @@ +2002-04-10 David Shaw + + * misc.c (pct_expando), options.skel: Use %t to indicate type of a + photo ID (in this version, it's always "jpeg"). Also tweak string + expansion loop to minimize reallocs. + + * mainproc.c (do_check_sig): Variable type fix. + + * keyedit.c (menu_set_primary_uid): Differentiate between true + user IDs and attribute user IDs when making one of them primary. + That is, if we are making a user ID primary, we alter user IDs. + If we are making an attribute packet primary, we alter attribute + packets. This matches the language in the latest attribute packet + draft. + + * keyedit.c (sign_uids): No need for the empty string hack. + + * getkey.c (fixup_uidnode): Only accept preferences from the + hashed segment of the self-sig. + 2002-04-10 Werner Koch * tdbio.c (migrate_from_v2): Fixed the offset to read the old diff --git a/g10/getkey.c b/g10/getkey.c index 901ea9b00..e91e0edb8 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -1109,17 +1109,14 @@ fixup_uidnode ( KBNODE uidnode, KBNODE signode, u32 keycreated ) * For now we only look at the hashed one. */ - /* now build the preferences list. We try to get the preferences - * from the hashed list but if there are no such preferences, we - * try to get them from the unhashed list. There is no risk with - * that, because our implementation comes only with strong - * algorithms and it would be fruitless for an attacker to insert - * an weak algorithm. */ - p = parse_sig_subpkt2 ( sig, SIGSUBPKT_PREF_SYM, &n ); + /* Now build the preferences list. These must come from the + hashed section so nobody can modify the ciphers a key is + willing to accept. */ + p = parse_sig_subpkt ( sig->hashed, SIGSUBPKT_PREF_SYM, &n ); sym = p; nsym = p?n:0; - p = parse_sig_subpkt2 ( sig, SIGSUBPKT_PREF_HASH, &n ); + p = parse_sig_subpkt ( sig->hashed, SIGSUBPKT_PREF_HASH, &n ); hash = p; nhash = p?n:0; - p = parse_sig_subpkt2 ( sig, SIGSUBPKT_PREF_COMPR, &n ); + p = parse_sig_subpkt ( sig->hashed, SIGSUBPKT_PREF_COMPR, &n ); zip = p; nzip = p?n:0; if (uid->prefs) m_free (uid->prefs); diff --git a/g10/keyedit.c b/g10/keyedit.c index c7650e278..c29a385e7 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -371,9 +371,6 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified, /* Fixme: see whether there is a revocation in which * case we should allow to sign it again. */ - /* Note: I kept the %s and the empty string in the - else branch so that not too many translations - get broken. */ if (!node->pkt->pkt.signature->flags.exportable && local) tty_printf(_( "\"%s\" was already locally signed by key %08lX\n"), @@ -381,9 +378,9 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified, (ulong)sk_keyid[1] ); else tty_printf(_( - "\"%s\" was already %ssigned by key %08lX\n"), + "\"%s\" was already signed by key %08lX\n"), uidnode->pkt->pkt.user_id->name, - "",(ulong)sk_keyid[1] ); + (ulong)sk_keyid[1] ); sprintf (buf, "%08lX%08lX", (ulong)sk->keyid[0], (ulong)sk->keyid[1] ); write_status_text (STATUS_ALREADY_SIGNED, buf); @@ -2013,6 +2010,7 @@ menu_set_primary_uid ( KBNODE pub_keyblock, KBNODE sec_keyblock ) KBNODE node; u32 keyid[2]; int selected; + int attribute = 0; int modified = 0; if ( count_selected_uids (pub_keyblock) != 1 ) { @@ -2027,6 +2025,12 @@ menu_set_primary_uid ( KBNODE pub_keyblock, KBNODE sec_keyblock ) main_pk = NULL; uid = NULL; selected = 0; + + /* Is our selected uid an attribute packet? */ + for ( node=pub_keyblock; node; node = node->next ) + if (node->pkt->pkttype == PKT_USER_ID && node->flag & NODFLG_SELUID) + attribute = (node->pkt->pkt.user_id->attrib_data!=NULL); + for ( node=pub_keyblock; node; node = node->next ) { if ( node->pkt->pkttype == PKT_PUBLIC_SUBKEY ) break; /* ready */ @@ -2043,10 +2047,17 @@ menu_set_primary_uid ( KBNODE pub_keyblock, KBNODE sec_keyblock ) PKT_signature *sig = node->pkt->pkt.signature; if ( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] && (uid && (sig->sig_class&~3) == 0x10) - && sig->version >= 4 ) { - /* this is a selfsignature which is to be replaced - * we can just ignore v3 signatures because they are - * not able to carry the primary ID flag */ + && sig->version >= 4 + && attribute == (uid->attrib_data!=NULL)) { + /* This is a selfsignature which is to be replaced. + We can just ignore v3 signatures because they are + not able to carry the primary ID flag. We also + ignore self-sigs on user IDs that are not of the + same type that we are making primary. That is, if + we are making a user ID primary, we alter user IDs. + If we are making an attribute packet primary, we + alter attribute packets. */ + /* FIXME: We must make sure that we only have one self-signature per user ID here (not counting revocations) */ diff --git a/g10/mainproc.c b/g10/mainproc.c index c75b36d82..defd3a47d 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -623,7 +623,8 @@ do_check_sig( CTX c, KBNODE node, int *is_selfsig, int *is_expkey ) { PKT_signature *sig; MD_HANDLE md = NULL, md2 = NULL; - int algo, rc, dummy, dum2; + int algo, rc, dum2; + u32 dummy; if(!is_expkey) is_expkey=&dum2; diff --git a/g10/misc.c b/g10/misc.c index 2f8d28af7..99c6bb7b9 100644 --- a/g10/misc.c +++ b/g10/misc.c @@ -439,8 +439,8 @@ idea_cipher_warn(int show) } } -/* The largest string we have an expando for, times two. */ -#define LARGEST_EXPANDO ((MAX_FINGERPRINT_LEN*2)*2) +/* The largest string we have an expando for. */ +#define LARGEST_EXPANDO (MAX_FINGERPRINT_LEN*2) /* Expand %-strings. Returns a string which must be m_freed. Returns NULL if the string cannot be expanded (too large). */ @@ -454,7 +454,7 @@ pct_expando(const char *string,PKT_public_key *pk) keyid_from_pk(pk,keyid); - maxlen=LARGEST_EXPANDO; + maxlen=LARGEST_EXPANDO*2; ret=m_alloc(maxlen+1); /* one more to leave room for the trailing \0 */ ret[0]='\0'; @@ -464,7 +464,7 @@ pct_expando(const char *string,PKT_public_key *pk) /* 8192 is way bigger than we'll need here */ if(maxlen-idxmaxlen) + goto fail; + + strcpy(&ret[idx],"jpeg"); + idx+=4; + break; + case '%': if(idx+1>maxlen) goto fail; diff --git a/g10/options.skel b/g10/options.skel index 0458ac7b0..14fd533cb 100644 --- a/g10/options.skel +++ b/g10/options.skel @@ -160,6 +160,7 @@ lock-once # %I is the same as %i, but the file isn't deleted afterwards by GnuPG. # %k is expanded to the key ID of the key. # %K is expanded to the long OpenPGP key ID of the key. +# %t is expanded to the type of image (e.g. "jpeg"). # %f is expanded to the fingerprint of the key. # %% is %, of course. # @@ -179,7 +180,7 @@ lock-once # photo-viewer "cat > ~/photoid-for-key-%k.jpg" # # Use your MIME handler to view photos: -# photo-viewer "metamail -q -d -b -c image/jpeg -s 'KeyID 0x%k' -f GnuPG" +# photo-viewer "metamail -q -d -b -c image/%t -s 'KeyID 0x%k' -f GnuPG" # Passphrase agent -- cgit v1.2.3