diff options
| author | David Shaw <[email protected]> | 2002-12-11 17:50:38 +0000 |
|---|---|---|
| committer | David Shaw <[email protected]> | 2002-12-11 17:50:38 +0000 |
| commit | eb9607707e5f8e86e732b92b137cb55ff6b26c71 (patch) | |
| tree | 0b6ccb58c2439262252afe98a571aaacc8162907 | |
| parent | * gpg.sgml: Clarify include-revoked and include-disabled so they match (diff) | |
| download | gnupg-eb9607707e5f8e86e732b92b137cb55ff6b26c71.tar.gz gnupg-eb9607707e5f8e86e732b92b137cb55ff6b26c71.zip | |
* tdbio.c (tdbio_read_record, tdbio_write_record): Compact the
RECTYPE_TRUST records a bit.
* g10.c (main): Comment out --list-trust-path until it can be implemented.
* import.c (import_one): Warn when importing an Elgamal primary that this
may take some time (to verify self-sigs). (chk_self_sigs): Try and cache
all self-sigs so the keyblock is written to the keyring with a good rich
cache.
* keygen.c (ask_algo): Make the Elgamal sign+encrypt warning stronger, and
remove the RSA sign+encrypt warning.
| -rw-r--r-- | g10/ChangeLog | 16 | ||||
| -rw-r--r-- | g10/g10.c | 3 | ||||
| -rw-r--r-- | g10/import.c | 10 | ||||
| -rw-r--r-- | g10/keygen.c | 24 | ||||
| -rw-r--r-- | g10/tdbio.c | 8 |
5 files changed, 46 insertions, 15 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index f2da7d80a..d3c64e058 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,19 @@ +2002-12-11 David Shaw <[email protected]> + + * tdbio.c (tdbio_read_record, tdbio_write_record): Compact the + RECTYPE_TRUST records a bit. + + * g10.c (main): Comment out --list-trust-path until it can be + implemented. + + * import.c (import_one): Warn when importing an Elgamal primary + that this may take some time (to verify self-sigs). + (chk_self_sigs): Try and cache all self-sigs so the keyblock is + written to the keyring with a good rich cache. + + * keygen.c (ask_algo): Make the Elgamal sign+encrypt warning + stronger, and remove the RSA sign+encrypt warning. + 2002-12-06 Stefan Bellon <[email protected]> * options.h: Fixed typo (mangle_dos_names instead of @@ -498,7 +498,8 @@ static ARGPARSE_OPTS opts[] = { { aExportOwnerTrust, "list-ownertrust",0 , "@"}, /* alias */ { aPrintMDs, "print-mds" , 256, "@"}, /* old */ { aListTrustDB, "list-trustdb",0 , "@"}, - { aListTrustPath, "list-trust-path",0, "@"}, + /* Not yet used */ + /* { aListTrustPath, "list-trust-path",0, "@"}, */ { aPipeMode, "pipemode", 0, "@" }, { oKOption, NULL, 0, "@"}, { oPasswdFD, "passphrase-fd",1, "@" }, diff --git a/g10/import.c b/g10/import.c index 654310267..eb56ee96b 100644 --- a/g10/import.c +++ b/g10/import.c @@ -583,6 +583,10 @@ import_one( const char *fname, KBNODE keyblock, keyid_from_pk( pk, keyid ); uidnode = find_next_kbnode( keyblock, PKT_USER_ID ); + if(pk->pubkey_algo==PUBKEY_ALGO_ELGAMAL) + log_info(_("NOTE: Elgamal primary key detected - " + "this may take some time to import\n")); + if( opt.verbose ) { log_info( "pub %4u%c/%08lX %s ", nbits_from_pk( pk ), @@ -1113,6 +1117,12 @@ chk_self_sigs( const char *fname, KBNODE keyblock, continue; sig = n->pkt->pkt.signature; if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] ) { + + /* This just caches the sigs for later use. That way we + import a fully-cached key which speeds things up. */ + if(!opt.no_sig_cache) + check_key_signature(keyblock,n,NULL); + if( (sig->sig_class&~3) == 0x10 ) { KBNODE unode = find_prev_kbnode( keyblock, n, PKT_USER_ID ); if( !unode ) { diff --git a/g10/keygen.c b/g10/keygen.c index 24ba95fb9..82d11303f 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -980,12 +980,9 @@ ask_algo (int addmode, unsigned int *r_usage) break; } else if( algo == 7 && opt.expert ) { - if (cpr_get_answer_is_yes ("keygen.algo.rsa_se",_( - "The use of this algorithm is deprecated - create anyway? "))){ - algo = PUBKEY_ALGO_RSA; - *r_usage = PUBKEY_USAGE_ENC | PUBKEY_USAGE_SIG; - break; - } + algo = PUBKEY_ALGO_RSA; + *r_usage = PUBKEY_USAGE_ENC | PUBKEY_USAGE_SIG; + break; } else if( algo == 6 && addmode ) { algo = PUBKEY_ALGO_RSA; @@ -997,12 +994,19 @@ ask_algo (int addmode, unsigned int *r_usage) *r_usage = PUBKEY_USAGE_SIG; break; } - else if( algo == 4 && opt.expert) { - if( cpr_get_answer_is_yes("keygen.algo.elg_se",_( - "The use of this algorithm is deprecated - create anyway? "))){ + else if( algo == 4 && opt.expert) + { + tty_printf(_( +"The use of this algorithm is only supported by GnuPG. You will not be\n" +"able to use this key to communicate with PGP users. This algorithm is also\n" +"very slow, and may not be as secure as the other choices.\n")); + + if( cpr_get_answer_is_yes("keygen.algo.elg_se", + _("Create anyway? "))) + { algo = PUBKEY_ALGO_ELGAMAL; break; - } + } } else if( algo == 3 && addmode ) { algo = PUBKEY_ALGO_ELGAMAL_E; diff --git a/g10/tdbio.c b/g10/tdbio.c index 993cb06f3..8c49fefb9 100644 --- a/g10/tdbio.c +++ b/g10/tdbio.c @@ -1210,9 +1210,9 @@ tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected ) memcpy( rec->r.trust.fingerprint, p, 20); p+=20; rec->r.trust.ownertrust = *p++; rec->r.trust.depth = *p++; - p += 2; - rec->r.trust.validlist = buftoulong(p); p += 4; rec->r.trust.min_ownertrust = *p++; + p++; + rec->r.trust.validlist = buftoulong(p); p += 4; break; case RECTYPE_VALID: memcpy( rec->r.valid.namehash, p, 20); p+=20; @@ -1290,9 +1290,9 @@ tdbio_write_record( TRUSTREC *rec ) memcpy( p, rec->r.trust.fingerprint, 20); p += 20; *p++ = rec->r.trust.ownertrust; *p++ = rec->r.trust.depth; - p += 2; - ulongtobuf( p, rec->r.trust.validlist); p += 4; *p++ = rec->r.trust.min_ownertrust; + p++; + ulongtobuf( p, rec->r.trust.validlist); p += 4; break; case RECTYPE_VALID: |