[svn] GnuPG - r4412 - branches/STABLE-BRANCH-1-4/g10

svn author dshaw cvs at cvs.gnupg.org
Tue Jan 30 22:19:47 CET 2007 

Author: dshaw
Date: 2007-01-30 22:19:45 +0100 (Tue, 30 Jan 2007)
New Revision: 4412

Modified:
   branches/STABLE-BRANCH-1-4/g10/ChangeLog
   branches/STABLE-BRANCH-1-4/g10/keygen.c
Log:
* keygen.c (make_backsig, write_direct_sig, write_selfsigs)
(write_keybinding): Have the various selfsigs created during key
generation use the timestamp of their parent key.  This helps avoid
leaking information about the performance of the machine where the
keys were generated.  Noted by Christian Danner.


Modified: branches/STABLE-BRANCH-1-4/g10/ChangeLog
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/ChangeLog	2007-01-30 20:16:28 UTC (rev 4411)
+++ branches/STABLE-BRANCH-1-4/g10/ChangeLog	2007-01-30 21:19:45 UTC (rev 4412)
@@ -1,3 +1,11 @@
+2007-01-30  David Shaw  <dshaw at jabberwocky.com>
+
+	* keygen.c (make_backsig, write_direct_sig, write_selfsigs)
+	(write_keybinding): Have the various selfsigs created during key
+	generation use the timestamp of their parent key.  This helps
+	avoid leaking information about the performance of the machine
+	where the keys were generated.  Noted by Christian Danner.
+
 2007-01-15  Werner Koch  <wk at g10code.com>
 
 	* parse-packet.c (read_protected_v3_mpi): Make sure to stop

Modified: branches/STABLE-BRANCH-1-4/g10/keygen.c
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/keygen.c	2007-01-30 20:16:28 UTC (rev 4411)
+++ branches/STABLE-BRANCH-1-4/g10/keygen.c	2007-01-30 21:19:45 UTC (rev 4412)
@@ -1,6 +1,6 @@
 /* keygen.c - generate a key pair
- * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
- *               2006 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006,
+ *               2007 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -777,7 +777,8 @@
 
   cache_public_key(sub_pk);
 
-  rc=make_keysig_packet(&backsig,pk,NULL,sub_pk,sub_sk,0x19,0,0,0,0,NULL,NULL);
+  rc=make_keysig_packet(&backsig,pk,NULL,sub_pk,sub_sk,0x19,0,0,
+			sub_pk->timestamp,0,NULL,NULL);
   if(rc)
     log_error("make_keysig_packet failed for backsig: %s\n",g10_errstr(rc));
   else
@@ -882,7 +883,7 @@
     cache_public_key (pk);
 
     /* and make the signature */
-    rc = make_keysig_packet(&sig,pk,NULL,NULL,sk,0x1F,0,0,0,0,
+    rc = make_keysig_packet(&sig,pk,NULL,NULL,sk,0x1F,0,0,pk->timestamp,0,
 			    keygen_add_revkey,revkey);
     if( rc ) {
 	log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );
@@ -926,8 +927,8 @@
     cache_public_key (pk);
 
     /* and make the signature */
-    rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x13, 0, 0, 0, 0,
-        		     keygen_add_std_prefs, pk );
+    rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x13, 0, 0,
+			     pk->timestamp, 0, keygen_add_std_prefs, pk );
     if( rc ) {
 	log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );
 	return rc;
@@ -981,7 +982,8 @@
     /* and make the signature */
     oduap.usage = use;
     oduap.pk = sub_pk;
-    rc=make_keysig_packet(&sig, pri_pk, NULL, sub_pk, pri_sk, 0x18, 0, 0, 0, 0,
+    rc=make_keysig_packet(&sig, pri_pk, NULL, sub_pk, pri_sk, 0x18, 0, 0,
+			  sub_pk->timestamp, 0,
 			  keygen_add_key_flags_and_expire, &oduap );
     if( rc ) {
 	log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );

More information about the Gnupg-commits mailing list