aboutsummaryrefslogtreecommitdiffstats
path: root/g10/parse-packet.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* gpg: Do not allow creation of user ids larger than our parser allows.Werner Koch2019-05-211-6/+0
| | | | | | | | | | | | | | | | | | * g10/parse-packet.c: Move max packet lengths constants to ... * g10/packet.h: ... here. * g10/build-packet.c (do_user_id): Return an error if too data is too large. * g10/keygen.c (write_uid): Return an error for too large data. -- This can lead to keyring corruption becuase we expect that our parser is abale to parse packts created by us. Test case is gpg --batch --passphrase 'abc' -v \ --quick-gen-key $(yes 'a'| head -4000|tr -d '\n') GnuPG-bug-id: 4532 Signed-off-by: Werner Koch <[email protected]>
* gpg: Use just the addrspec from the Signer's UID.Werner Koch2019-05-031-0/+9
| | | | | | | | | | | | | * g10/parse-packet.c (parse_signature): Take only the addrspec from a Signer's UID subpacket. -- This is to address a problem in the currentr OpenKeychain which put the entire UID into the subpacket. For example our Tofu code can only use the addrspec and not the entire UID. Reported-by: Wiktor Kwapisiewicz <[email protected]> Signed-off-by: Werner Koch <[email protected]>
* gpg: Do not bail out on v5 keys in the local keyring.Werner Koch2019-03-181-1/+1
| | | | | | | | | | | | | | | | | | | | * g10/parse-packet.c (parse_key): Return GPG_ERR_UNKNOWN_VERSION instead of invalid packet. * g10/keydb.c (parse_keyblock_image): Do not map the unknown version error to invalid keyring. (keydb_search): Skip unknown version errors simlar to legacy keys. * g10/keyring.c (keyring_rebuild_cache): Skip keys with unknown versions. * g10/import.c (read_block): Handle unknown version. -- When using gpg 2.3 the local keyring may contain v5 keys. This patch allows the use of such a keyring also with a 2.2 version which does not support v5 keys. We will probably need some more tweaking here but this covers the most common cases of listing keys and also importing v5 keys. Signed-off-by: Werner Koch <[email protected]>
* gpg: New option --known-notation.Werner Koch2018-08-291-7/+51
| | | | | | | | | | | | | | | * g10/gpg.c (oKnownNotation): New const. (opts): Add option --known-notation. (main): Set option. * g10/parse-packet.c (known_notations_list): New local var. (register_known_notation): New. (can_handle_critical_notation): Rewrite to handle the new feature. Also print the name of unknown notations in verbose mode. -- GnuPG-bug-id: 4060 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 3da835713fb6220112d988e1953f3d84beabbf6a)
* g10: Fix undefined behavior when EOF in parsing packet for S2K.NIIBE Yutaka2018-08-101-2/+2
| | | | | | | | | | | | | | | | | | * g10/parse-packet.c (parse_symkeyenc): Use iobuf_get_noeof. (parse_key): Likewise. -- Cherry picked from master commit: 1b309d9f6199a91caa0ca0b97b92d599e00b736e When EOF comes at parsing s2k.count, it is possible the value will be (unsigned long)-1. Then, the result of S2K_DECODE_COUNT will be undefined. This patch fixes undefined behavior. Reported-by: Philippe Antoine GnuPG-bug-id: 4093 Signed-off-by: NIIBE Yutaka <[email protected]>
* doc: Typo fix in comment.Werner Koch2018-03-211-4/+4
| | | | --
* gpg: Fix out-of-bound read in subpacket enumerationWerner Koch2018-03-211-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/parse-packet.c (enum_sig_subpkt): Check buflen before reading the type octet. Print diagnostic. -- If the final subpacket has only a length header evaluating to zero and missing the type octet, a read could happen right behind the buffer. Valgrind detected this. Fix is obvious. Note that the further parsing of the subpacket is still okay because it always checks the length. Note further that --list-packets uses a different code path and already reported an error. Reported-by: Philippe Antoine He provided a test file copied below. Running "gpg -v --verify" on it triggered the bug. -----BEGIN PGP ARMORED FILE----- Comment: Use "gpg --dearmor" for unpacking kA0DAAoBov87N383R0QBrQJhYgZsb2wucHlaqTVWYnl0ZXMgPSBbMHg1LCAweDY0 LCAweDRjLCAweGM0LCAweDMsIDB4MCwgMHg0LCAweDAsIDB4YWMsIDB4YSwgMHhj MSwgMHhjMSwgMHgyLCAweDEsIDB4MiwgMHg3LCAweDQwLCAweDIsIDB4MiwgMHgy LCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDJkLCAweGRkLCAweDIs IDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4 MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4NzcsIDB4ODcsIDB4MiwgMHgy LCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAw eDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHg3NywgMHg4NywgMHgyLCAweDIsIDB4 MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4Miwg MHgyLCAweDIsIDB4MiwgMHgyLCAweDc3LCAweDg3LCAweDIsIDB4MiwgMHgyLCAw eDIsIDB4MiwgMHgyLCAweDIsIDB4MCwgMHhhZF0KCmZvciBpIGluIHJhbmdlKGxl bihieXRlcykpOgogICAgaWYgaSUxNiA9PSAwOgogICAgICAgIHByaW50CiAgICAg ICAgcHJpbnQgIiUwNngiICUgaSwKICAgIHByaW50ICIlMDJ4ICIgJSBieXRlc1tp XSwKiQJNBAABCgAeFiEEU+Y3aLjDLA3x+9Epov87N383R0QFAlqpNVYAAAoJEKL/ Ozd/N0dElccP/jBAcFHyeMl7kop71Q7/5NPu3DNULmdUzOZPle8PVjNURT4PSELF qpJ8bd9PAsO4ZkUGwssY4Kfb1iG5cR/a8ADknNd0Cj9/QA2KMVNmgYtReuttAjvn hQRm2VY0tvDCVAPI/z8OnV/NpOcbk8kSwE+shLsP7EwqL5MJNMXKqzm1uRxGNYxr 8TNuECo3DO64O2NZLkMDXqq6lg+lSxvDtXKxzKXgVC+GMtOE56lDwxWLqr39f9Ae Pn0q2fVBKhJfpUODeEbYSYUp2hhmMUIJL/ths9MvyRZ9Z/bHCseFPT58Pgx6g+MP q+iHnVZEIVb38XG+rTYW9hvctkRZP/azhpa7eO8JAZuFNeBGr4IGapwzFPvQSF4B wBXBu0+PPrV9VJVe98P4nw2xcuJmkn6mgZhRVYSqDIhY64bSTgQxb/pdtGwrTjtL WoUKVI+joLRPnDmwexH9+QJCB+uA6RsN/LqsQfDseyr40Z6dHJRqWGgP3ll6iZgw WF768uiIDJD8d4fegVnkpcH98Hm0I/dKsMR1MGV/sBxYC8mAOcOWwSPNGDqPlwwR eWPdr1O6CoYEWwiZMicSe0b5TsjB5nkAWMy7c9RyhtMJzCQ/hFpycpj0A0Zs+OGa eJQMZZV0s8AQZ04JzoX0zRpe0RcTyJn3Tr6QGbVi9tr+QdKHFuDMUqoX =qYZP -----END PGP ARMORED FILE----- Signed-off-by: Werner Koch <[email protected]>
* gpg: Do not read from uninitialized memory with --list-packets.Werner Koch2017-11-261-0/+6
| | | | | | | | | | | | | | | | | | * g10/parse-packet.c (parse_plaintext): Fill up the allocated NAME. -- This actually does not harm because we merely display a buffer allocated by ourselves. However, we better tell Valgrind about it so that we don't need to track this thing down ever again. Test using a corrupted literal data packet: echo cb 0a 75 ff 59 ae 90 d5 74 65 73 74 | \ undump |\ valgrind gpg --list-packets >/dev/null Reported-by: Sebastian Schinzel Signed-off-by: Werner Koch <[email protected]>
* gpg: New option --key-origin.Werner Koch2017-07-131-4/+4
| | | | | | | | | | | | | | | * g10/keydb.h (KEYORG_): Rename to KEYORG_. * g10/packet.h (PKT_user_id): Rename field keysrc to keyorg. Adjust users. (PKT_public_key): Ditto. (PKT_ring_trust): Ditto. * g10/options.h (struct opt): Add field key_origin. * g10/getkey.c (parse_key_origin): New. * g10/gpg.c (oKeyOrigin): New. (opts): Add "keys-origin". (main): Set option. Signed-off-by: Werner Koch <[email protected]>
* gpg: Properly account for ring trust packets.Justus Winter2017-05-081-0/+3
| | | | | | | | | | | | | | | | | | | | | | | * g10/keyring.c (keyring_get_keyblock): Use the parser's packet count instead of counting ourself. * g10/packet.h (struct parse_packet_ctx_s): New field 'n_parsed_packets'. (init_parse_packet): Initialize new field. * g10/parse-packet.c (parse): Count packets. -- The 'keyring' keystore depends on the number of packets for delete and update operations. With the rework of the ring trust packets, the trust packets were no longer properly accounted for leading to keyring corruptions. The 'keybox' store was not affected. GnuPG-bug-id: 3123 GnuPG-bug-id: 3135 GnuPG-bug-id: 3144 Fixes-commit: a8895c99a7d0750132477d80cd66caaf3a709113 Signed-off-by: Justus Winter <[email protected]>
* g10: Fix parse_ring_trust.NIIBE Yutaka2017-04-171-1/+1
| | | | | | * g10/parse-packet.c (parse_ring_trust): Fix condition. Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Handle critical marked 'Reason for Revocation'.Werner Koch2017-04-031-0/+1
| | | | | | | | | | | | | * g10/parse-packet.c (can_handle_critical): Add SIGSUBPKT_REVOC_REASON. -- Some software seems to mark that subpacket as criticial. Although gpg has no special treatment for a revocation reasons (except for --list-packets) we can accept a criticial marked anyway. There are no mandatary rules specified on how to handle a revocation reason. Signed-off-by: Werner Koch <[email protected]>
* gpg: Consistent use of preprocessor conditionals.Justus Winter2017-03-301-8/+8
| | | | | | | | * g10/parse-packet.c: Use '#if' instead of '#ifdef' when checking DEBUG_PARSE_PACKET. This fixes the build with '#define DEBUG_PARSE_PACKET 0'. Signed-off-by: Justus Winter <[email protected]>
* gpg: Fix actual leak and possible leaks in the packet parser.Werner Koch2017-03-301-12/+13
| | | | | | | | | | | | | | | * g10/packet.h (struct parse_packet_ctx_s): Change LAST_PKT deom a pointer to its struct. (init_parse_packet): Adjust for LAST_PKT not being a pointer. * g10/parse-packet.c (parse): Ditto. Free the last packet before storing a new one in case of a deep link. (parse_ring_trust): Adjust for LAST_PKT not being a pointer. * g10/free-packet.c (free_packet): Ditto. * g10/t-keydb-get-keyblock.c (do_test): Release keyblock. -- Fixes-commit: afa86809087909a8ba2f9356588bf90cc923529c Signed-off-by: Werner Koch <[email protected]>
* gpg: Revamp reading and writing of ring trust packets.Werner Koch2017-03-301-29/+155
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/parse-packet.c (parse_trust): Rename to ... (parse_ring_trust): this. Change args and implement new ring trust packet format. (parse): Add special ring trust packet handling. * g10/packet.h (PKT_user_id): New fields KEYUPDATE, UPDATEURL, and KEYSRC. (PKT_public_key): Ditto. (RING_TRUST_SIG, RING_TRUST_KEY, RING_TRUST_UID): New consts. (PKT_ring_trust): New. (struct packet_struct): Remove member RING_TRUST. (strcu parse_packet_ctx_s): Add field SKIP_META. (init_parse_packet): Init SKIPT_META. * g10/free-packet.c (release_public_key_parts): Free UDPATEURL. (free_user_id): Ditto. * g10/mainproc.c (list_node): Remove printing of non-documented "rtv" lines. * g10/build-packet.c (build_packet_and_meta): New. (do_ring_trust): New. * g10/export.c (write_keyblock_to_output): Use build_packet_and_meta in backup mode. (do_export_one_keyblock): Ditto. * g10/import.c (read_block): Add arg WITH_META. Skip ring trust packets if that ism not set. (import): Call read_block WITH_META in restore mode. * g10/keydb.h (KEYSRC_UNKNOWN, KEYSRC_FILE, KEYSRC_KS, KEYSRC_PREF_KS) (KEYSRC_WKD, KEYSRC_WKD_SD, KEYSRC_DANE): New constants. They are not yet used, though. * g10/keydb.c (parse_keyblock_image): Allow ring trust packets. (build_keyblock_image): Ditto. Use build_packet_and_meta. * g10/keyring.c (keyring_get_keyblock): Remove specila treatment of ring trust packets. (write_keyblock): Use build_packet_and_meta. Remove special treatment of ring trust packets and initialization of the signature caches. -- This patch introduced the framework to store meta data for keys and user ids in the keyrings/keyboxes. Ring trust packets are implementation defined and have always been used in gpg to cache the signature verification status. Ring trust packets are only exported with the export option "backup" and only imported with the import option "restore". The new code uses a cleaner way to handle the ring trust packets: When the parser reads a ring trust packet and the previously read packet matches the type of that ring trust packet, the information is stored in that previously read packet (signature, user id, or primary key) and the next packet is read immediately. Thus only the parser sees the ring trust packets. Ring trust packets are written by using the new function build_packet_and_meta instead of build_packet. That function writes a ring trust packet when the needed information is available. As a side-effect of this patch the signature status cache works again and "gpg --check-sigs" is thus much faster. Signed-off-by: Werner Koch <[email protected]>
* gpg: Extend free_packet to handle a packet parser context.Werner Koch2017-03-291-2/+36
| | | | | | | | | | | | | | | * g10/packet.h (struct parse_packet_ctx_s): Add fields LAST_PKT and FREE_LAST_PKT. (init_parse_packet): Clear them. (deinit_parse_packet): New macro. Change all users if init_parse_packet to also call this macro. * g10/free-packet.c (free_packet): Add arg PARSECTX and handle shallow packet copies in the context. Change all callers. * g10/parse-packet.c (parse): Store certain packets in the parse context. -- Signed-off-by: Werner Koch <[email protected]>
* gpg: Change parse_packet to take a context.Werner Koch2017-03-291-31/+63
| | | | | | | | | | | | | | | | | | * g10/packet.h (struct parse_packet_ctx_s): New. (parse_packet_ctx_t): New type. (init_parse_packet): New macro. * g10/parse-packet.c (parse_packet, dbg_parse_packet): Change to take a parse context. Change all callers to provide a context instead of directly supplying the input stream. (search_packet, dbg_search_packet): Ditto. (copy_all_packets, dbg_copy_all_packets): Init an use a parse context. (copy_some_packets, dbg_copy_some_packets): Ditto. (skip_some_packets, dbg_skip_some_packets): Ditto. -- We will need this change to handle ring packets inside the parser. Signed-off-by: Werner Koch <[email protected]>
* Remove -I option to common.NIIBE Yutaka2017-03-071-4/+4
| | | | | | | | | | | | | * dirmngr/Makefile.am (AM_CPPFLAGS): Remove -I$(top_srcdir)/common. * g10/Makefile.am (AM_CPPFLAGS): Ditto. * g13/Makefile.am (AM_CPPFLAGS): Ditto. * kbx/Makefile.am (AM_CPPFLAGS): Ditto. * scd/Makefile.am (AM_CPPFLAGS): Ditto. * sm/Makefile.am (AM_CPPFLAGS): Ditto. * tools/Makefile.am (AM_CPPFLAGS): Ditto. * Throughout: Follow the change. Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Fix algo string parsing of --quick-addkey.Werner Koch2016-12-121-1/+1
| | | | | | | | | | | | | * g10/keygen.c (parse_key_parameter_string): Fix handling of PART==1. (parse_key_parameter_part): Use default key size if only "rsa", "dsa", or "elg" is given. -- The first change is the actual fix. The second change avoids the error "Invalid Curve" when only "rsa" instead of RSA2048 is given. Fixes-commit: ce29272e24e7b718b8fca9b84bc728e65f3dea24 Signed-off-by: Werner Koch <[email protected]>
* Improve some comments.Neal H. Walfield2016-11-291-2/+2
|
* Change all http://www.gnu.org in license notices to https://Werner Koch2016-11-051-1/+1
| | | | --
* gpg: Put extra parens around bit tests.Werner Koch2016-10-071-1/+1
| | | | | | | | * g10/options.h (DBG_MPI): New. * g10/gpg.c (set_debug): Use macro or extra parens for binary operator. * g10/parse-packet.c (set_packet_list_mode): Use dbg macro. Signed-off-by: Werner Koch <[email protected]>
* g10: Fix testing for debug flag.Justus Winter2016-10-061-1/+1
| | | | | | | * g10/parse-packet.c (set_packet_list_mode): Fix testing for debug flag. Signed-off-by: Justus Winter <[email protected]>
* gpg: Print the signer's UID during verification.Werner Koch2016-08-101-4/+1
| | | | | | | | | | | * g10/parse-packet.c (parse_signature): Sanitize the value stored in SIGNERS_UID. * g10/mainproc.c (issuer_fpr_string): New. (check_sig_and_print): Print the signers' UID. Print the issuer fingerprint in --rfc4880bis mode. -- Signed-off-by: Werner Koch <[email protected]>
* g10: Fix --list-packets.NIIBE Yutaka2016-06-281-1/+1
| | | | | | | | | | | | | | * g10/gpg.c (main): Call set_packet_list_mode after assignment of opt.list_packets. * g10/mainproc.c (do_proc_packets): Don't stop processing with --list-packets as the comment says. * g10/options.h (list_packets): Fix the comment. * g10/parse-packet.c: Fix the condition for opt.list_packets. -- Debian-bug-id: 828109 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Add experimental support for an issuer fpr.Werner Koch2016-06-201-0/+18
| | | | | | | | | | | | | | | | | | | | | * common/openpgpdefs.h (SIGSUBPKT_ISSUER_FPR): New. * g10/build-packet.c (build_sig_subpkt_from_sig): Add arg PKSK and insert the issuer fpr if needed. * g10/sign.c (write_signature_packets): Pass signing key. (make_keysig_packet): Ditto. (update_keysig_packet): Ditto. * g10/parse-packet.c (dump_sig_subpkt): Print issuer fpr. (parse_one_sig_subpkt): Detect issuer fpr. (can_handle_critical): Add issuer fpr. * g10/mainproc.c (check_sig_and_print): Try to get key via fingerprint. * g10/gpgv.c (keyserver_import_fprint): New stub. * g10/test-stubs.c (keyserver_import_fprint): New stub. -- This support is enabled with the --rfc4880bis option and intended to test to recently proposed issuer fpr. Signed-off-by: Werner Koch <[email protected]>
* doc: Consistently use 'keyserver'.Werner Koch2016-06-141-2/+2
| | | | | | | -- GnuPG-bug-id: 2383 Signed-off-by: Werner Koch <[email protected]>
* gpg: Try Signer's User ID sub-packet with --auto-key-retrieve.Werner Koch2016-06-131-0/+14
| | | | | | | | | | | | | | * g10/packet.h (PKT_signature): Add field 'signers_uid'. * g10/parse-packet.c (parse_signature): Set this field. * g10/free-packet.c (free_seckey_enc): Free field. (copy_signature): Copy field. * g10/mainproc.c (akl_has_wkd_method): New. (check_sig_and_print): Extend NEWSIG status. If WKD is enabled try to locate a missing key via the signature's Signer's User ID sub-packet. Do this right before trying a keyserver lookup. -- Signed-off-by: Werner Koch <[email protected]>
* gpg: Remove all assert.h and s/assert/log_assert/.Werner Koch2016-04-291-5/+4
| | | | Signed-off-by: Werner Koch <[email protected]>
* gpg: Improve documentation and comments related to OpenPGP packets.Neal H. Walfield2016-02-251-1/+1
| | | | | -- Signed-off-by: Neal H. Walfield <[email protected]>
* common: More accurately name function.Neal H. Walfield2016-02-231-1/+1
| | | | | | | | * common/iobuf.c (iobuf_set_partial_block_mode): Rename from this... (iobuf_set_partial_body_length_mode): ... to this. Update callers. -- Signed-off-by: Neal H. Walfield <[email protected]>
* gpg: Avoid using an uninitialized SALT on premature EOF.Werner Koch2016-01-061-0/+5
| | | | | | | | | | * g10/parse-packet.c (parse_key): Check for premature end of salt. -- This has no security implications because an arbitrary salt could have also been inset by an attacker. Signed-off-by: Werner Koch <[email protected]>
* gpg: Silence warnings found by static analyzer.Werner Koch2016-01-061-2/+1
| | | | | | | | | | * g10/keyedit.c (change_passphrase): Remove useless init of ANY. (keyedit_quick_adduid): Remove useless setting of ERR. * g10/parse-packet.c (parse_key): Remove PKTLEN from condition because it has been checked before the loop. (parse_plaintext): Remove useless init of PKTLEN. Signed-off-by: Werner Koch <[email protected]>
* gpg: Comment on false positives by static analyzers.Werner Koch2016-01-061-0/+1
| | | | --
* Fix typos found using codespell.Justus Winter2015-11-171-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * agent/cache.c: Fix typos. * agent/call-pinentry.c: Likewise. * agent/call-scd.c: Likewise. * agent/command-ssh.c: Likewise. * agent/command.c: Likewise. * agent/divert-scd.c: Likewise. * agent/findkey.c: Likewise. * agent/gpg-agent.c: Likewise. * agent/w32main.c: Likewise. * common/argparse.c: Likewise. * common/audit.c: Likewise. * common/audit.h: Likewise. * common/convert.c: Likewise. * common/dotlock.c: Likewise. * common/exechelp-posix.c: Likewise. * common/exechelp-w32.c: Likewise. * common/exechelp-w32ce.c: Likewise. * common/exechelp.h: Likewise. * common/helpfile.c: Likewise. * common/i18n.h: Likewise. * common/iobuf.c: Likewise. * common/iobuf.h: Likewise. * common/localename.c: Likewise. * common/logging.c: Likewise. * common/openpgp-oid.c: Likewise. * common/session-env.c: Likewise. * common/sexputil.c: Likewise. * common/sysutils.c: Likewise. * common/t-sexputil.c: Likewise. * common/ttyio.c: Likewise. * common/util.h: Likewise. * dirmngr/cdblib.c: Likewise. * dirmngr/certcache.c: Likewise. * dirmngr/crlcache.c: Likewise. * dirmngr/dirmngr-client.c: Likewise. * dirmngr/dirmngr.c: Likewise. * dirmngr/dirmngr_ldap.c: Likewise. * dirmngr/dns-stuff.c: Likewise. * dirmngr/http.c: Likewise. * dirmngr/ks-engine-hkp.c: Likewise. * dirmngr/ks-engine-ldap.c: Likewise. * dirmngr/ldap-wrapper.c: Likewise. * dirmngr/ldap.c: Likewise. * dirmngr/misc.c: Likewise. * dirmngr/ocsp.c: Likewise. * dirmngr/validate.c: Likewise. * g10/encrypt.c: Likewise. * g10/getkey.c: Likewise. * g10/gpg.c: Likewise. * g10/gpgv.c: Likewise. * g10/import.c: Likewise. * g10/keydb.c: Likewise. * g10/keydb.h: Likewise. * g10/keygen.c: Likewise. * g10/keyid.c: Likewise. * g10/keylist.c: Likewise. * g10/keyring.c: Likewise. * g10/mainproc.c: Likewise. * g10/misc.c: Likewise. * g10/options.h: Likewise. * g10/packet.h: Likewise. * g10/parse-packet.c: Likewise. * g10/pkclist.c: Likewise. * g10/pkglue.c: Likewise. * g10/plaintext.c: Likewise. * g10/server.c: Likewise. * g10/sig-check.c: Likewise. * g10/sqlite.c: Likewise. * g10/tdbio.c: Likewise. * g10/test-stubs.c: Likewise. * g10/tofu.c: Likewise. * g10/trust.c: Likewise. * g10/trustdb.c: Likewise. * g13/create.c: Likewise. * g13/mountinfo.c: Likewise. * kbx/keybox-blob.c: Likewise. * kbx/keybox-file.c: Likewise. * kbx/keybox-init.c: Likewise. * kbx/keybox-search-desc.h: Likewise. * kbx/keybox-search.c: Likewise. * kbx/keybox-update.c: Likewise. * scd/apdu.c: Likewise. * scd/app-openpgp.c: Likewise. * scd/app-p15.c: Likewise. * scd/app.c: Likewise. * scd/ccid-driver.c: Likewise. * scd/command.c: Likewise. * scd/iso7816.c: Likewise. * sm/base64.c: Likewise. * sm/call-agent.c: Likewise. * sm/call-dirmngr.c: Likewise. * sm/certchain.c: Likewise. * sm/gpgsm.c: Likewise. * sm/import.c: Likewise. * sm/keydb.c: Likewise. * sm/minip12.c: Likewise. * sm/qualified.c: Likewise. * sm/server.c: Likewise. * tools/gpg-check-pattern.c: Likewise. * tools/gpgconf-comp.c: Likewise. * tools/gpgkey2ssh.c: Likewise. * tools/gpgparsemail.c: Likewise. * tools/gpgtar.c: Likewise. * tools/rfc822parse.c: Likewise. * tools/symcryptrun.c: Likewise. Signed-off-by: Justus Winter <[email protected]>
* gpg: Fix regression in packet parser from Aug 19.Werner Koch2015-08-231-15/+8
| | | | | | | | | * g10/parse-packet.c (parse): Use an int to compare to -1. Use buf32_to_ulong. -- Regression-due-to: 0add91ae1ca3718e8140af09294c595f47c958d3 Signed-off-by: Werner Koch <[email protected]>
* common: Don't incorrectly reject 4 GB - 1 sized packets.Neal H. Walfield2015-08-211-1/+8
| | | | | | | | | | | | | * g10/parse-packet.c (parse): Don't reject 4 GB - 1 sized packets. Add the constraint that the type must be 63. * kbx/keybox-openpgp.c (next_packet): Likewise. * tests/openpgp/4gb-packet.asc: New file. * tests/openpgp/4gb-packet.test: New file. * tests/openpgp/Makefile.am (TESTS): Add 4gb-packet.test. (TEST_FILES): Add 4gb-packet.asc. -- Signed-off-by: Neal H. Walfield <[email protected]>.
* common: Don't assume on-disk layout matches in-memory layout.Neal H. Walfield2015-08-211-9/+15
| | | | | | | | | | | * g10/packet.h (PKT_signature): Change revkey's type from a struct revocation_key ** to a struct revocation_key *. Update users. -- revkey was a pointer into the raw data. But, C doesn't guarantee that there is no padding. Thus, we copy the data. Signed-off-by: Neal H. Walfield <[email protected]>.
* common: Don't incorrectly copy packets with partial lengths.Neal H. Walfield2015-08-211-0/+11
| | | | | | | | | * g10/parse-packet.c (parse): We don't handle copying packets with a partial body length to an output stream. If this occurs, log an error and abort. -- Signed-off-by: Neal H. Walfield <[email protected]>.
* common: Check parameters more rigorously.Neal H. Walfield2015-08-211-0/+8
| | | | | | | | | * g10/parse-packet.c (dbg_copy_all_packets): Check that OUT is not NULL. (copy_all_packets): Likewise. -- Signed-off-by: Neal H. Walfield <[email protected]>.
* common: Don't continuing processing on error.Neal H. Walfield2015-08-211-4/+4
| | | | | | | | | | | * g10/parse-packet.c (dbg_parse_packet): Also return if parse returns an error. (parse_packet): Likewise. (dbg_search_packet): Likewise. (search_packet): Likewise. -- Signed-off-by: Neal H. Walfield <[email protected]>.
* common: Better respect the packet's length when reading it.Neal H. Walfield2015-08-211-9/+27
| | | | | | | | | * g10/parse-packet.c (parse_signature): Make sure PKTLEN doesn't underflow. Be more careful that a read doesn't read more data than PKTLEN says is available. -- Signed-off-by: Neal H. Walfield <[email protected]>.
* g10/parse-packet.c:parse: Try harder to not ignore an EOF.Neal H. Walfield2015-08-201-6/+25
| | | | | | | | * g10/parse-packet.c (parse): Be more robust: make sure to process any EOF. -- Signed-off-by: Neal H. Walfield <[email protected]>.
* g10/parse-packet.c: Replace literal with symbolic expression.Neal H. Walfield2015-08-201-3/+3
| | | | | | | | * g10/parse-packet.c (dump_hex_line): Use sizeof rather than the buffer's size. -- Signed-off-by: Neal H. Walfield <[email protected]>.
* Add documentation for g10/parse-packet.c.Neal H. Walfield2015-08-201-17/+90
| | | | | | | | | * g10/packet.h: Add documentation for functions defined in parse-packet.c. * g10/parse-packet.c: Improve comments for many functions. -- Signed-off-by: Neal H. Walfield <[email protected]>.
* g10/packet.h: Remove unused argument from enum_sig_subpkt.Neal H. Walfield2015-08-201-6/+5
| | | | | | | | | | | | | * g10/packet.h (enum_sig_subpkt): Remove argument RET_N. Update callers. * g10/parse-packet.c (enum_sig_subpkt): Remove argument RET_N. -- Remove the RET_N argument, because it is unused and because it is meaningless: it's not clear whether it is an offset into SIG->HASHED or SIG->UNHASHED. Signed-off-by: Neal H. Walfield <[email protected]>.
* g10/parse-packet.c:mpi_read: Detect EOF and correct boundary conditions.Neal H. Walfield2015-08-201-8/+21
| | | | | | | | | * g10/parse-packet.c (mpi_read): Improve documentation. Correctly handle an EOF. On overflow, correctly return the number of bytes read from the pipeline. -- Signed-off-by: Neal H. Walfield <[email protected]>.
* common: extend API of openpgp_oid_to_curve for canonical name.NIIBE Yutaka2015-08-061-1/+1
| | | | | | | | | | | | | | | * common/openpgp-oid.c (openpgp_oid_to_curve): Add CANON argument. * common/util.h: Update. * g10/import.c (transfer_secret_keys): Follow the change. * g10/keyid.c (pubkey_string): Likewise. * g10/keylist.c (list_keyblock_print, list_keyblock_colon): Likewise. * parse-packet.c (parse_key): Likewise. * scd/app-openpgp.c (send_key_attr, get_public_key): Likewise. -- Change the function so that caller can select canonical name of curve or name for printing. Suggested by wk.
* g10: Use canonical name for curve.NIIBE Yutaka2015-07-081-2/+2
| | | | | | | | * g10/import.c (transfer_secret_keys): Use canonical name. * common/openpgp-oid.c (openpgp_curve_to_oid): Return NULL on error. * g10/keyid.c (pubkey_string): Follow change of openpgp_curve_to_oid. * g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto. * g10/parse-packet.c (parse_key): Ditto.
* Improve the description of old packets with an indeterminate length.Neal H. Walfield2015-06-291-1/+1
| | | | | | | | | * g10/parse-packet.c (parse): Make the description more accurate when listing packets: old format packets don't support partial lengths, only indeterminate lengths (RFC 4880, Section 4.2). -- Signed-off-by: Neal H. Walfield <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-28 16:35:43 +0000