gnupg/g10 (ChangeLog keygen.c parse-packet.c)

cvs user dshaw cvs at cvs.gnupg.org
Wed May 11 21:12:54 CEST 2005 

    Date: Wednesday, May 11, 2005 @ 21:31:53
  Author: dshaw
    Path: /cvs/gnupg/gnupg/g10

Modified: ChangeLog keygen.c parse-packet.c

* keygen.c (write_selfsigs): Rename from write_selfsig.  Write the same
selfsig into both the pk and sk, so that someone importing their sk (which
will get an autoconvert to the pk) won't end up with two selfsigs.
(do_generate_keypair): Call it from here.

* parse-packet.c (can_handle_critical_notation): New.  Check for
particular notation tags that we will accept when critical. Currently,
that's only preferred-email-encoding at pgp.com, since we know how to handle
it (pass it through to a mail program). (can_handle_critical): Call it
from here. (parse_one_sig_subpkt): Sanity check that notations are
well-formed in that the internal lengths add up to the size of the
subpacket.


----------------+
 ChangeLog      |   17 +++++++++++++++++
 keygen.c       |   28 ++++++++++++++++------------
 parse-packet.c |   26 +++++++++++++++++++-------
 3 files changed, 52 insertions(+), 19 deletions(-)


Index: gnupg/g10/ChangeLog
diff -u gnupg/g10/ChangeLog:1.734 gnupg/g10/ChangeLog:1.735
--- gnupg/g10/ChangeLog:1.734	Sat May  7 17:22:01 2005
+++ gnupg/g10/ChangeLog	Wed May 11 21:31:53 2005
@@ -1,3 +1,20 @@
+2005-05-11  David Shaw  <dshaw at jabberwocky.com>
+
+	* keygen.c (write_selfsigs): Rename from write_selfsig.  Write the
+	same selfsig into both the pk and sk, so that someone importing
+	their sk (which will get an autoconvert to the pk) won't end up
+	with two selfsigs.
+	(do_generate_keypair): Call it from here.
+
+	* parse-packet.c (can_handle_critical_notation): New.  Check for
+	particular notation tags that we will accept when critical.
+	Currently, that's only preferred-email-encoding at pgp.com, since we
+	know how to handle it (pass it through to a mail program).
+	(can_handle_critical): Call it from here.
+	(parse_one_sig_subpkt): Sanity check that notations are
+	well-formed in that the internal lengths add up to the size of the
+	subpacket.
+
 2005-05-07  Werner Koch  <wk at g10code.com>
 
 	* ccid-driver.c (do_close_reader): Don't do a reset before close.
Index: gnupg/g10/keygen.c
diff -u gnupg/g10/keygen.c:1.152 gnupg/g10/keygen.c:1.153
--- gnupg/g10/keygen.c:1.152	Fri May  6 21:25:19 2005
+++ gnupg/g10/keygen.c	Wed May 11 21:31:53 2005
@@ -882,8 +882,8 @@
 }
 
 static int
-write_selfsig( KBNODE root, KBNODE pub_root, PKT_secret_key *sk,
-               unsigned int use )
+write_selfsigs( KBNODE sec_root, KBNODE pub_root, PKT_secret_key *sk,
+		unsigned int use )
 {
     PACKET *pkt;
     PKT_signature *sig;
@@ -896,7 +896,7 @@
 	log_info(_("writing self signature\n"));
 
     /* get the uid packet from the list */
-    node = find_kbnode( root, PKT_USER_ID );
+    node = find_kbnode( pub_root, PKT_USER_ID );
     if( !node )
 	BUG(); /* no user id packet in tree */
     uid = node->pkt->pkt.user_id;
@@ -921,7 +921,12 @@
     pkt = m_alloc_clear( sizeof *pkt );
     pkt->pkttype = PKT_SIGNATURE;
     pkt->pkt.signature = sig;
-    add_kbnode( root, new_kbnode( pkt ) );
+    add_kbnode( sec_root, new_kbnode( pkt ) );
+
+    pkt = m_alloc_clear( sizeof *pkt );
+    pkt->pkttype = PKT_SIGNATURE;
+    pkt->pkt.signature = copy_signature(NULL,sig);
+    add_kbnode( pub_root, new_kbnode( pkt ) );
     return rc;
 }
 
@@ -2848,17 +2853,16 @@
 	  write_direct_sig(sec_root,pub_root,pri_sk,revkey);
       }
 
-    if( !rc && (s=get_parameter_value(para, pUSERID)) ) {
+    if( !rc && (s=get_parameter_value(para, pUSERID)) )
+      {
 	write_uid(pub_root, s );
 	if( !rc )
-	    write_uid(sec_root, s );
-	if( !rc )
-	    rc = write_selfsig(pub_root, pub_root, pri_sk,
-                               get_parameter_uint (para, pKEYUSAGE));
+	  write_uid(sec_root, s );
+
 	if( !rc )
-	    rc = write_selfsig(sec_root, pub_root, pri_sk,
-                               get_parameter_uint (para, pKEYUSAGE));
-    }
+	  rc = write_selfsigs(sec_root, pub_root, pri_sk,
+			      get_parameter_uint (para, pKEYUSAGE));
+      }
 
     /* Write the auth key to the card before the encryption key.  This
        is a partial workaround for a PGP bug (as of this writing, all
Index: gnupg/g10/parse-packet.c
diff -u gnupg/g10/parse-packet.c:1.115 gnupg/g10/parse-packet.c:1.116
--- gnupg/g10/parse-packet.c:1.115	Thu Feb  3 10:32:53 2005
+++ gnupg/g10/parse-packet.c	Wed May 11 21:31:53 2005
@@ -1,6 +1,6 @@
 /* parse-packet.c  - read packets
- * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003,
- *               2004, 2005 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004,
+ *               2005 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -1016,7 +1016,10 @@
 	break;
       return 0;
     case SIGSUBPKT_NOTATION:
-      if( n < 8 ) /* minimum length needed */
+      /* minimum length needed, and the subpacket must be well-formed
+	 where the name length and value length all fit inside the
+	 packet. */
+      if(n<8 || 8+((buffer[4]<<8)|buffer[5])+((buffer[6]<<8)|buffer[7]) != n)
 	break;
       return 0;
     case SIGSUBPKT_PRIMARY_UID:
@@ -1032,6 +1035,15 @@
   return -2;
 }
 
+/* Not many critical notations we understand yet... */
+static int
+can_handle_critical_notation(const byte *name,size_t len)
+{
+  if(len==32 && memcmp(name,"preferred-email-encoding at pgp.com",32)==0)
+    return 1;
+
+  return 0;
+}
 
 static int
 can_handle_critical( const byte *buffer, size_t n, int type )
@@ -1039,10 +1051,10 @@
   switch( type )
     {
     case SIGSUBPKT_NOTATION:
-      if( n >= 8 && (*buffer & 0x80) )
-	return 1; /* human readable is handled */
-      return 0;
-
+      if(n>=8)
+	return can_handle_critical_notation(buffer+8,(buffer[4]<<8)|buffer[5]);
+      else
+	return 0;
     case SIGSUBPKT_SIGNATURE:
     case SIGSUBPKT_SIG_CREATED:
     case SIGSUBPKT_SIG_EXPIRE:

More information about the Gnupg-commits mailing list