diff options
Diffstat (limited to '')
| -rw-r--r-- | g10/ChangeLog | 17 | ||||
| -rw-r--r-- | g10/keygen.c | 28 | ||||
| -rw-r--r-- | g10/parse-packet.c | 26 |
3 files changed, 52 insertions, 19 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index 04bac2be0..c9492c2c4 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,20 @@ +2005-05-11 David Shaw <[email protected]> + + * keygen.c (write_selfsigs): Rename from write_selfsig. Write the + same selfsig into both the pk and sk, so that someone importing + their sk (which will get an autoconvert to the pk) won't end up + with two selfsigs. + (do_generate_keypair): Call it from here. + + * parse-packet.c (can_handle_critical_notation): New. Check for + particular notation tags that we will accept when critical. + Currently, that's only [email protected], since we + know how to handle it (pass it through to a mail program). + (can_handle_critical): Call it from here. + (parse_one_sig_subpkt): Sanity check that notations are + well-formed in that the internal lengths add up to the size of the + subpacket. + 2005-05-07 Werner Koch <[email protected]> * ccid-driver.c (do_close_reader): Don't do a reset before close. diff --git a/g10/keygen.c b/g10/keygen.c index d22dde75f..c4b9dab8f 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -882,8 +882,8 @@ write_direct_sig( KBNODE root, KBNODE pub_root, PKT_secret_key *sk, } static int -write_selfsig( KBNODE root, KBNODE pub_root, PKT_secret_key *sk, - unsigned int use ) +write_selfsigs( KBNODE sec_root, KBNODE pub_root, PKT_secret_key *sk, + unsigned int use ) { PACKET *pkt; PKT_signature *sig; @@ -896,7 +896,7 @@ write_selfsig( KBNODE root, KBNODE pub_root, PKT_secret_key *sk, log_info(_("writing self signature\n")); /* get the uid packet from the list */ - node = find_kbnode( root, PKT_USER_ID ); + node = find_kbnode( pub_root, PKT_USER_ID ); if( !node ) BUG(); /* no user id packet in tree */ uid = node->pkt->pkt.user_id; @@ -921,7 +921,12 @@ write_selfsig( KBNODE root, KBNODE pub_root, PKT_secret_key *sk, pkt = m_alloc_clear( sizeof *pkt ); pkt->pkttype = PKT_SIGNATURE; pkt->pkt.signature = sig; - add_kbnode( root, new_kbnode( pkt ) ); + add_kbnode( sec_root, new_kbnode( pkt ) ); + + pkt = m_alloc_clear( sizeof *pkt ); + pkt->pkttype = PKT_SIGNATURE; + pkt->pkt.signature = copy_signature(NULL,sig); + add_kbnode( pub_root, new_kbnode( pkt ) ); return rc; } @@ -2848,17 +2853,16 @@ do_generate_keypair( struct para_data_s *para, write_direct_sig(sec_root,pub_root,pri_sk,revkey); } - if( !rc && (s=get_parameter_value(para, pUSERID)) ) { + if( !rc && (s=get_parameter_value(para, pUSERID)) ) + { write_uid(pub_root, s ); if( !rc ) - write_uid(sec_root, s ); - if( !rc ) - rc = write_selfsig(pub_root, pub_root, pri_sk, - get_parameter_uint (para, pKEYUSAGE)); + write_uid(sec_root, s ); + if( !rc ) - rc = write_selfsig(sec_root, pub_root, pri_sk, - get_parameter_uint (para, pKEYUSAGE)); - } + rc = write_selfsigs(sec_root, pub_root, pri_sk, + get_parameter_uint (para, pKEYUSAGE)); + } /* Write the auth key to the card before the encryption key. This is a partial workaround for a PGP bug (as of this writing, all diff --git a/g10/parse-packet.c b/g10/parse-packet.c index fde96c476..71d3d2fba 100644 --- a/g10/parse-packet.c +++ b/g10/parse-packet.c @@ -1,6 +1,6 @@ /* parse-packet.c - read packets - * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, - * 2004, 2005 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, + * 2005 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -1016,7 +1016,10 @@ parse_one_sig_subpkt( const byte *buffer, size_t n, int type ) break; return 0; case SIGSUBPKT_NOTATION: - if( n < 8 ) /* minimum length needed */ + /* minimum length needed, and the subpacket must be well-formed + where the name length and value length all fit inside the + packet. */ + if(n<8 || 8+((buffer[4]<<8)|buffer[5])+((buffer[6]<<8)|buffer[7]) != n) break; return 0; case SIGSUBPKT_PRIMARY_UID: @@ -1032,6 +1035,15 @@ parse_one_sig_subpkt( const byte *buffer, size_t n, int type ) return -2; } +/* Not many critical notations we understand yet... */ +static int +can_handle_critical_notation(const byte *name,size_t len) +{ + if(len==32 && memcmp(name,"[email protected]",32)==0) + return 1; + + return 0; +} static int can_handle_critical( const byte *buffer, size_t n, int type ) @@ -1039,10 +1051,10 @@ can_handle_critical( const byte *buffer, size_t n, int type ) switch( type ) { case SIGSUBPKT_NOTATION: - if( n >= 8 && (*buffer & 0x80) ) - return 1; /* human readable is handled */ - return 0; - + if(n>=8) + return can_handle_critical_notation(buffer+8,(buffer[4]<<8)|buffer[5]); + else + return 0; case SIGSUBPKT_SIGNATURE: case SIGSUBPKT_SIG_CREATED: case SIGSUBPKT_SIG_EXPIRE: |