From 08ff55bd44aea6cd8b25384ee7d127576866ec71 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Mon, 8 May 2023 09:16:35 +0200
Subject: kbx: Use custom estream buffering

* kbx/keybox-init.c (ll_buffer_size): New var intialized to 128k
(stream_buffers): New var.
(keybox_set_buffersize): New.
(_keybox_ll_open, _keybox_ll_close): Implement buffering.

* sm/gpgsm.c (oKbxBufferSize): New.
(opts): Add option --kbx-buffer-size.
(main): Call keybox_set_buffersize.

* g10/gpg.c: Include keybox.h.
* (oKbxBufferSize): New.
(opts): Add option --kbx-buffer-size.
(main): Call keybox_set_buffersize.
--

Running a test on Windows using a pubring.kbx with
Total number of blobs:     2098
              openpgp:     1294
                 x509:      803
and a size of 42MiB with

gpgsm -k --with-validation --disable-dirmngr --kbx-buffer-size N >nul

gives these performance figures using procmon

| N(k) | file events | time(s) |
|------+-------------+---------|
|    0 |     4900000 |      86 |
|   16 |     2456000 |      58 |
|   32 |     1233000 |      43 |
|   64 |      622000 |      37 |
|  128 |      317000 |      32 |
|  256 |      164000 |      31 |
|  512 |       88000 |      30 |

Using _open instead of CreateFile give the same number of file events
but increased the time slight by one second for the measured buffer
size of 64k and 128k.   Benchmarks for gpg have not been conducted.
---
 g10/gpg.c | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'g10')

diff --git a/g10/gpg.c b/g10/gpg.c
index b759cc1cf..737753a40 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -68,6 +68,7 @@
 #include "../common/shareddefs.h"
 #include "../common/compliance.h"
 #include "../common/comopt.h"
+#include "../kbx/keybox.h"
 
 #if defined(HAVE_DOSISH_SYSTEM) || defined(__CYGWIN__)
 #define MY_O_BINARY  O_BINARY
@@ -447,6 +448,7 @@ enum cmd_and_opt_values
     oCompatibilityFlags,
     oAddDesigRevoker,
     oAssertSigner,
+    oKbxBufferSize,
 
     oNoop
   };
@@ -926,6 +928,7 @@ static gpgrt_opt_t opts[] = {
   /* Esoteric compatibility options.  */
   ARGPARSE_s_n (oRFC2440Text,      "rfc2440-text", "@"),
   ARGPARSE_s_n (oNoRFC2440Text, "no-rfc2440-text", "@"),
+  ARGPARSE_p_u (oKbxBufferSize,  "kbx-buffer-size", "@"),
 
   ARGPARSE_header (NULL, ""),  /* Stop the header group.  */
 
@@ -3743,6 +3746,9 @@ main (int argc, char **argv)
             add_to_strlist (&opt.assert_signer_list, pargs.r.ret_str);
 	    break;
 
+          case oKbxBufferSize:
+            keybox_set_buffersize (pargs.r.ret_ulong, 0);
+            break;
 
 	  case oNoop: break;
 
-- 
cgit v1.2.3


From ef2c3d50fa8cbc2413645a56d9d060c0ec31e62f Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Mon, 8 May 2023 13:10:47 +0200
Subject: gpg: Print a warning if no more encryption subkey was left over.

* g10/keyedit.c (no_usable_encr_subkeys_warning): New.
(keyedit_menu): Call it after running an expire command.
* g10/import.c (import_one_real): Call it in the show_key case.
--
---
 g10/import.c  |  1 +
 g10/keyedit.c | 35 +++++++++++++++++++++++++++++++++++
 g10/keyedit.h |  1 +
 3 files changed, 37 insertions(+)

(limited to 'g10')

diff --git a/g10/import.c b/g10/import.c
index 5e44942e7..987fef3cd 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -2136,6 +2136,7 @@ import_one_real (ctrl_t ctrl,
       list_keyblock_direct (ctrl, keyblock, from_sk, 0,
                             opt.fingerprint || opt.with_fingerprint, 1);
       es_fflush (es_stdout);
+      no_usable_encr_subkeys_warning (keyblock);
     }
 
   /* Write the keyblock to the output and do not actually import.  */
diff --git a/g10/keyedit.c b/g10/keyedit.c
index a91cc4447..4b767aed6 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -1501,6 +1501,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
           run_subkey_warnings = 0;
           if (!count_selected_keys (keyblock))
             subkey_expire_warning (keyblock);
+          no_usable_encr_subkeys_warning (keyblock);
         }
 
       if (delseckey_list_warn)
@@ -4258,6 +4259,40 @@ subkey_expire_warning (kbnode_t keyblock)
 }
 
 
+/* Print a warning if all encryption (sub|primary)keys are expired.
+ * The warning is not printed if there is no encryption
+ * (sub|primary)key at all.  This function is called after the expire
+ * data of the primary key has been changed.  */
+void
+no_usable_encr_subkeys_warning (kbnode_t keyblock)
+{
+  kbnode_t node;
+  PKT_public_key *pk;
+  int any_encr_key = 0;
+
+  for (node = keyblock; node; node = node->next)
+    {
+      if (node->pkt->pkttype == PKT_PUBLIC_KEY
+          || node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
+        {
+          pk = node->pkt->pkt.public_key;
+          if ((pk->pubkey_usage & PUBKEY_USAGE_ENC))
+            {
+              any_encr_key = 1;
+              if (pk->flags.valid && !pk->has_expired && !pk->flags.revoked
+                  && !pk->flags.disabled)
+                {
+                  return; /* Key is usable for encryption  */
+                }
+            }
+        }
+    }
+
+  if (any_encr_key && !opt.quiet)
+    log_info (_("WARNING: No valid encryption subkey left over.\n"));
+}
+
+
 /*
  * Ask for a new user id, add the self-signature, and update the
  * keyblock.  If UIDSTRING is not NULL the user ID is generated
diff --git a/g10/keyedit.h b/g10/keyedit.h
index 3ed0d0fea..abf7314af 100644
--- a/g10/keyedit.h
+++ b/g10/keyedit.h
@@ -63,5 +63,6 @@ int keyedit_print_one_sig (ctrl_t ctrl, estream_t fp,
 			   kbnode_t node, int *inv_sigs, int *no_key,
 			   int *oth_err, int is_selfsig,
 			   int print_without_key, int extended);
+void no_usable_encr_subkeys_warning (kbnode_t keyblock);
 
 #endif	/* GNUPG_G10_KEYEDIT_H */
-- 
cgit v1.2.3


From c30d5829c9ab076e9fd39c223273b065cdb58a0d Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Tue, 9 May 2023 08:17:30 +0200
Subject: gpg: New option --debug-ignore-expiration to help with testing.

* g10/gpg.c (oDebugIgnoreExpiration): New.
(opts): Add option.
(main): Set flag.
* g10/options.h (opt): Add field ignore_expiration.
* g10/pkclist.c (do_we_trust): Handle the option.
* g10/getkey.c (skip_unusable): Ditto.
(finish_lookup): Ditto.
--

GnuPG-bug-id: 2703
---
 g10/getkey.c  | 7 ++++---
 g10/gpg.c     | 8 +++++++-
 g10/options.h | 1 +
 g10/pkclist.c | 6 +++++-
 4 files changed, 17 insertions(+), 5 deletions(-)

(limited to 'g10')

diff --git a/g10/getkey.c b/g10/getkey.c
index 1b37c597d..15905dc63 100644
--- a/g10/getkey.c
+++ b/g10/getkey.c
@@ -685,7 +685,7 @@ skip_unusable (void *opaque, u32 * keyid, int uid_no)
   pk = keyblock->pkt->pkt.public_key;
 
   /* Is the key revoked or expired?  */
-  if (pk->flags.revoked || pk->has_expired)
+  if (pk->flags.revoked || (pk->has_expired && !opt.ignore_expiration))
     unusable = 1;
 
   /* Is the user ID in question revoked or expired? */
@@ -704,7 +704,8 @@ skip_unusable (void *opaque, u32 * keyid, int uid_no)
 	      if (uids_seen != uid_no)
 		continue;
 
-	      if (user_id->flags.revoked || user_id->flags.expired)
+	      if (user_id->flags.revoked
+                  || (user_id->flags.expired && !opt.ignore_expiration))
 		unusable = 1;
 
 	      break;
@@ -3736,7 +3737,7 @@ finish_lookup (kbnode_t keyblock, unsigned int req_usage, int want_exact,
               n_revoked_or_expired++;
 	      continue;
 	    }
-	  if (pk->has_expired)
+	  if (pk->has_expired && !opt.ignore_expiration)
 	    {
 	      if (DBG_LOOKUP)
 		log_debug ("\tsubkey has expired\n");
diff --git a/g10/gpg.c b/g10/gpg.c
index 737753a40..6e54aa763 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -234,6 +234,7 @@ enum cmd_and_opt_values
     oDebugIOLBF,
     oDebugSetIobufSize,
     oDebugAllowLargeChunks,
+    oDebugIgnoreExpiration,
     oStatusFD,
     oStatusFile,
     oAttributeFD,
@@ -607,7 +608,6 @@ static gpgrt_opt_t opts[] = {
                 N_("|FILE|write server mode logs to FILE")),
   ARGPARSE_s_s (oLoggerFile, "logger-file", "@"),  /* 1.4 compatibility.  */
   ARGPARSE_s_n (oLogTime, "log-time", "@"),
-  ARGPARSE_s_n (oQuickRandom, "debug-quick-random", "@"),
 
 
   ARGPARSE_header ("Configuration",
@@ -929,6 +929,8 @@ static gpgrt_opt_t opts[] = {
   ARGPARSE_s_n (oRFC2440Text,      "rfc2440-text", "@"),
   ARGPARSE_s_n (oNoRFC2440Text, "no-rfc2440-text", "@"),
   ARGPARSE_p_u (oKbxBufferSize,  "kbx-buffer-size", "@"),
+  ARGPARSE_s_n (oQuickRandom, "debug-quick-random", "@"),
+  ARGPARSE_s_n (oDebugIgnoreExpiration,  "debug-ignore-expiration", "@"),
 
   ARGPARSE_header (NULL, ""),  /* Stop the header group.  */
 
@@ -2851,6 +2853,10 @@ main (int argc, char **argv)
             allow_large_chunks = 1;
             break;
 
+          case oDebugIgnoreExpiration:
+            opt.ignore_expiration = 1;
+            break;
+
           case oCompatibilityFlags:
             if (parse_compatibility_flags (pargs.r.ret_str, &opt.compat_flags,
                                            compatibility_flags))
diff --git a/g10/options.h b/g10/options.h
index 9015e321f..914c24849 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -208,6 +208,7 @@ struct
   int ignore_valid_from;
   int ignore_crc_error;
   int ignore_mdc_error;
+  int ignore_expiration;
   int command_fd;
   const char *override_session_key;
   int show_session_key;
diff --git a/g10/pkclist.c b/g10/pkclist.c
index 2e8932b9c..42e124e9e 100644
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@@ -417,7 +417,11 @@ do_we_trust( PKT_public_key *pk, unsigned int trustlevel )
   if(trustlevel & TRUST_FLAG_REVOKED
      || trustlevel & TRUST_FLAG_SUB_REVOKED
      || (trustlevel & TRUST_MASK) == TRUST_EXPIRED)
-    BUG();
+    {
+      if (opt.ignore_expiration)
+        return 0;
+      BUG ();
+    }
 
   if( opt.trust_model==TM_ALWAYS )
     {
-- 
cgit v1.2.3