diff options
| author | Werner Koch <[email protected]> | 2025-09-26 12:43:39 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2025-09-26 12:46:14 +0000 |
| commit | 600df5259db0b7be25a2e2b06c0c2d13265eceea (patch) | |
| tree | a019d82c85e29353a3988fb761ea1b8ce4bb2467 /g10/mainproc.c | |
| parent | w32: Fix gnupg_isatty. (diff) | |
| download | gnupg-600df5259db0b7be25a2e2b06c0c2d13265eceea.tar.gz gnupg-600df5259db0b7be25a2e2b06c0c2d13265eceea.zip | |
gpg: Detect duplicate keys with --add-recipients.
* g10/packet.h (struct pubkey_enc_list): Change to use a union to also
store symkey_enc data. Adjust all users accordingly.
(struct pubkey_enc_info_item): New.
* g10/free-packet.c (free_pubkey_enc_list): New.
* g10/mainproc.c (release_list): Use it here.
* g10/decrypt.c (decrypt_message): and here.
* g10/encrypt.c (reencrypt_to_new_recipients): Record the used
pubkey_enc packets and pass them to write_pubkey_enc_from_list.
(write_pubkey_enc_from_list): Add arg restrict_pk_list and use it to
skip recipients already used.
--
GnuPG-bug-id: 1825
Note that we here already prepare to better handle symkey_enc packets.
Diffstat (limited to 'g10/mainproc.c')
| -rw-r--r-- | g10/mainproc.c | 35 |
1 files changed, 17 insertions, 18 deletions
diff --git a/g10/mainproc.c b/g10/mainproc.c index 3b921b15d..fc7bee32b 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -137,14 +137,7 @@ release_list( CTX c ) { proc_tree (c, c->list); release_kbnode (c->list); - while (c->pkenc_list) - { - struct pubkey_enc_list *tmp = c->pkenc_list->next; - - release_pubkey_enc_parts (&c->pkenc_list->d); - xfree (c->pkenc_list); - c->pkenc_list = tmp; - } + free_pubkey_enc_list (c->pkenc_list); c->pkenc_list = NULL; while (c->symenc_list) { @@ -526,7 +519,7 @@ proc_pubkey_enc (CTX c, PACKET *pkt) { struct pubkey_enc_list *x = xcalloc (1, sizeof *x); - copy_pubkey_enc_parts (&x->d, enc); + copy_pubkey_enc_parts (&x->u.pub, enc); x->result = -1; x->next = c->pkenc_list; c->pkenc_list = x; @@ -549,24 +542,27 @@ print_pkenc_list (ctrl_t ctrl, struct pubkey_enc_list *list) char pkstrbuf[PUBKEY_STRING_SIZE]; char *p; + if (list->u_sym) + continue; + pk = xmalloc_clear (sizeof *pk); - pk->pubkey_algo = list->d.pubkey_algo; - if (!get_pubkey (ctrl, pk, list->d.keyid)) + pk->pubkey_algo = list->u.pub.pubkey_algo; + if (!get_pubkey (ctrl, pk, list->u.pub.keyid)) { pubkey_string (pk, pkstrbuf, sizeof pkstrbuf); log_info (_("encrypted with %s key, ID %s, created %s\n"), pkstrbuf, keystr_from_pk (pk), strtimestamp (pk->timestamp)); - p = get_user_id_native (ctrl, list->d.keyid); + p = get_user_id_native (ctrl, list->u.pub.keyid); log_printf (_(" \"%s\"\n"), p); xfree (p); } else log_info (_("encrypted with %s key, ID %s\n"), - openpgp_pk_algo_name (list->d.pubkey_algo), - keystr (list->d.keyid)); + openpgp_pk_algo_name (list->u.pub.pubkey_algo), + keystr (list->u.pub.keyid)); if (opt.flags.require_pqc_encryption && pk->pubkey_algo != PUBKEY_ALGO_KYBER) @@ -637,11 +633,12 @@ proc_encrypted (CTX c, PACKET *pkt) struct pubkey_enc_list *list; for (list = c->pkenc_list; list; list = list->next) - if (list->result) + if (list->result && !list->u_sym) { /* Key was not tried or it caused an error. */ char buf[20]; snprintf (buf, sizeof buf, "%08lX%08lX", - (ulong)list->d.keyid[0], (ulong)list->d.keyid[1]); + (ulong)list->u.pub.keyid[0], + (ulong)list->u.pub.keyid[1]); write_status_text (STATUS_NO_SECKEY, buf); } } @@ -792,9 +789,11 @@ proc_encrypted (CTX c, PACKET *pkt) * is compliant. */ for (i = c->pkenc_list; i && compliant; i = i->next) { + if (i->u_sym) + continue; memset (pk, 0, sizeof *pk); - pk->pubkey_algo = i->d.pubkey_algo; - if (!get_pubkey (c->ctrl, pk, i->d.keyid) + pk->pubkey_algo = i->u.pub.pubkey_algo; + if (!get_pubkey (c->ctrl, pk, i->u.pub.keyid) && !gnupg_pk_is_compliant (CO_DE_VS, pk->pubkey_algo, 0, pk->pkey, nbits_from_pk (pk), NULL)) compliant = 0; |