[git] GnuPG - branch, STABLE-BRANCH-1-4, updated. gnupg-1.4.11-15-g04b0b05
by Werner Koch
cvs at cvs.gnupg.org
Fri Jul 1 10:59:43 CEST 2011
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, STABLE-BRANCH-1-4 has been updated
via 04b0b050ffb5862dc312a4806b65085d417afaf1 (commit)
from fc1680abdfb02f332cfec33e9ca78a4872d9be2a (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 04b0b050ffb5862dc312a4806b65085d417afaf1
Author: Werner Koch <wk at gnupg.org>
Date: Fri Jul 1 10:21:08 2011 +0200
Add pubkey letters e and E for ECC.
This does not mean we have any kind of ECC support now. It is merely
to avoid printing a question mark for the algorithm.
Trailing white space changes as usual.
diff --git a/g10/build-packet.c b/g10/build-packet.c
index 7eceda0..abe0181 100644
--- a/g10/build-packet.c
+++ b/g10/build-packet.c
@@ -313,7 +313,7 @@ do_secret_key( IOBUF out, int ctb, PKT_secret_key *sk )
private/experimental extension (this is not
specified in rfc2440 but the same scheme is used
for all other algorithm identifiers) */
- iobuf_put(a, 101 );
+ iobuf_put(a, 101 );
iobuf_put(a, sk->protect.s2k.hash_algo );
iobuf_write(a, "GNU", 3 );
iobuf_put(a, sk->protect.s2k.mode - 1000 );
@@ -326,10 +326,10 @@ do_secret_key( IOBUF out, int ctb, PKT_secret_key *sk )
|| sk->protect.s2k.mode == 3 )
iobuf_write(a, sk->protect.s2k.salt, 8 );
if( sk->protect.s2k.mode == 3 )
- iobuf_put(a, sk->protect.s2k.count );
+ iobuf_put(a, sk->protect.s2k.count );
/* For out special modes 1001, 1002 we do not need an IV */
- if( sk->protect.s2k.mode != 1001
+ if( sk->protect.s2k.mode != 1001
&& sk->protect.s2k.mode != 1002 )
iobuf_write(a, sk->protect.iv, sk->protect.ivlen );
}
@@ -338,9 +338,9 @@ do_secret_key( IOBUF out, int ctb, PKT_secret_key *sk )
iobuf_put(a, 0 );
if( sk->protect.s2k.mode == 1001 )
- ; /* GnuPG extension - don't write a secret key at all */
+ ; /* GnuPG extension - don't write a secret key at all */
else if( sk->protect.s2k.mode == 1002 )
- { /* GnuPG extension - divert to OpenPGP smartcard. */
+ { /* GnuPG extension - divert to OpenPGP smartcard. */
iobuf_put(a, sk->protect.ivlen ); /* length of the serial
number or 0 for no serial
number. */
@@ -599,7 +599,7 @@ delete_sig_subpkt (subpktarea_t *area, sigsubpkttype_t reqtype )
}
if( buflen < n )
break;
-
+
type = *buffer & 0x7f;
if( type == reqtype ) {
buffer++;
@@ -633,7 +633,7 @@ delete_sig_subpkt (subpktarea_t *area, sigsubpkttype_t reqtype )
* Note: All pointers into sig->[un]hashed (e.g. returned by
* parse_sig_subpkt) are not valid after a call to this function. The
* data to put into the subpaket should be in a buffer with a length
- * of buflen.
+ * of buflen.
*/
void
build_sig_subpkt (PKT_signature *sig, sigsubpkttype_t type,
@@ -736,7 +736,7 @@ build_sig_subpkt (PKT_signature *sig, sigsubpkttype_t type,
case SIGSUBPKT_SIGNATURE:
hashed = 0;
break;
- default:
+ default:
hashed = 1;
break;
}
@@ -787,7 +787,7 @@ build_sig_subpkt (PKT_signature *sig, sigsubpkttype_t type,
memcpy (p, buffer, buflen);
}
- if (hashed)
+ if (hashed)
sig->hashed = newarea;
else
sig->unhashed = newarea;
@@ -1196,6 +1196,8 @@ write_header( IOBUF out, int ctb, u32 len )
static int
write_sign_packet_header( IOBUF out, int ctb, u32 len )
{
+ (void)ctb;
+
/* work around a bug in the pgp read function for signature packets,
* which are not correctly coded and silently assume at some
* point 2 byte length headers.*/
@@ -1305,6 +1307,8 @@ write_new_header( IOBUF out, int ctb, u32 len, int hdrlen )
static int
write_version( IOBUF out, int ctb )
{
+ (void)ctb;
+
if( iobuf_put( out, 3 ) )
return -1;
return 0;
diff --git a/g10/getkey.c b/g10/getkey.c
index 4506c7c..9cb5b95 100644
--- a/g10/getkey.c
+++ b/g10/getkey.c
@@ -195,7 +195,7 @@ get_primary_uid ( KBNODE keyblock, size_t *uidlen )
*uidlen = k->pkt->pkt.user_id->len;
return k->pkt->pkt.user_id->name;
}
- }
+ }
s = user_id_not_found_utf8 ();
*uidlen = strlen (s);
return s;
@@ -303,7 +303,7 @@ pk_from_block ( GETKEY_CTX ctx, PKT_public_key *pk, KBNODE keyblock )
assert ( a->pkt->pkttype == PKT_PUBLIC_KEY
|| a->pkt->pkttype == PKT_PUBLIC_SUBKEY );
-
+
copy_public_key ( pk, a->pkt->pkt.public_key );
}
@@ -315,7 +315,7 @@ sk_from_block ( GETKEY_CTX ctx,
assert ( a->pkt->pkttype == PKT_SECRET_KEY
|| a->pkt->pkttype == PKT_SECRET_SUBKEY );
-
+
copy_secret_key( sk, a->pkt->pkt.secret_key);
}
@@ -400,7 +400,7 @@ get_pubkey_fast (PKT_public_key *pk, u32 *keyid)
KEYDB_HANDLE hd;
KBNODE keyblock;
u32 pkid[2];
-
+
assert (pk);
#if MAX_PK_CACHE_ENTRIES
{ /* Try to get it from the cache */
@@ -427,7 +427,7 @@ get_pubkey_fast (PKT_public_key *pk, u32 *keyid)
}
rc = keydb_get_keyblock (hd, &keyblock);
keydb_release (hd);
- if (rc)
+ if (rc)
{
log_error ("keydb_get_keyblock failed: %s\n", g10_errstr(rc));
return G10ERR_NO_PUBKEY;
@@ -561,8 +561,8 @@ seckey_available( u32 *keyid )
* must be in the range 0..9), this is considered a fingerprint.
* - If the username starts with a left angle, we assume it is a complete
* email address and look only at this part.
- * - If the username starts with a colon we assume it is a unified
- * key specfification.
+ * - If the username starts with a colon we assume it is a unified
+ * key specfification.
* - If the username starts with a '.', we assume it is the ending
* part of an email address
* - If the username starts with an '@', we assume it is a part of an
@@ -583,7 +583,7 @@ classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc )
const char *s;
int hexprefix = 0;
int hexlength;
- int mode = 0;
+ int mode = 0;
KEYDB_SEARCH_DESC dummy_desc;
if (!desc)
@@ -642,12 +642,12 @@ classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc )
case '#': /* local user id */
return 0; /* This is now obsolete and van't not be used anymore*/
-
+
case ':': /*Unified fingerprint */
- {
+ {
const char *se, *si;
int i;
-
+
se = strchr( ++s,':');
if ( !se )
return 0;
@@ -657,15 +657,15 @@ classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc )
}
if (i != 32 && i != 40)
return 0; /* invalid length of fpr*/
- for (i=0,si=s; si < se; i++, si +=2)
+ for (i=0,si=s; si < se; i++, si +=2)
desc->u.fpr[i] = hextobyte(si);
for ( ; i < 20; i++)
desc->u.fpr[i]= 0;
s = se + 1;
mode = KEYDB_SEARCH_MODE_FPR;
- }
+ }
break;
-
+
default:
if (s[0] == '0' && s[1] == 'x') {
hexprefix = 1;
@@ -715,7 +715,7 @@ classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc )
int i;
if (hexlength == 33)
s++;
- memset(desc->u.fpr+16, 0, 4);
+ memset(desc->u.fpr+16, 0, 4);
for (i=0; i < 16; i++, s+=2) {
int c = hextobyte(s);
if (c == -1)
@@ -754,11 +754,13 @@ classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc )
static int
-skip_unusable(void *dummy,u32 *keyid,PKT_user_id *uid)
+skip_unusable(void *dummy, u32 *keyid,PKT_user_id *uid)
{
int unusable=0;
KBNODE keyblock;
+ (void)dummy;
+
keyblock=get_pubkeyblock(keyid);
if(!keyblock)
{
@@ -815,7 +817,7 @@ key_byname( GETKEY_CTX *retctx, STRLIST namelist,
STRLIST r;
GETKEY_CTX ctx;
KBNODE help_kb = NULL;
-
+
if( retctx ) {/* reset the returned context in case of error */
assert (!ret_kdbhd); /* not allowed because the handle is
stored in the context */
@@ -844,7 +846,7 @@ key_byname( GETKEY_CTX *retctx, STRLIST namelist,
for(n=0, r=namelist; r; r = r->next, n++ )
{
classify_user_id (r->d, &ctx->items[n]);
-
+
if (ctx->items[n].exact)
ctx->exact = 1;
if (!ctx->items[n].mode)
@@ -863,7 +865,7 @@ key_byname( GETKEY_CTX *retctx, STRLIST namelist,
}
ctx->kr_handle = keydb_new (secmode);
- if ( !ret_kb )
+ if ( !ret_kb )
ret_kb = &help_kb;
if( secmode ) {
@@ -1054,7 +1056,7 @@ get_pubkey_next( GETKEY_CTX ctx, PKT_public_key *pk, KBNODE *ret_keyblock )
rc = lookup( ctx, ret_keyblock, 0 );
if ( !rc && pk && ret_keyblock )
pk_from_block ( ctx, pk, *ret_keyblock );
-
+
return rc;
}
@@ -1074,7 +1076,7 @@ get_pubkey_end( GETKEY_CTX ctx )
* Search for a key with the given fingerprint.
* FIXME:
* We should replace this with the _byname function. Thiscsan be done
- * by creating a userID conforming to the unified fingerprint style.
+ * by creating a userID conforming to the unified fingerprint style.
*/
int
get_pubkey_byfprint( PKT_public_key *pk,
@@ -1120,10 +1122,10 @@ get_pubkey_byfprint_fast (PKT_public_key *pk,
KBNODE keyblock;
byte fprbuf[MAX_FINGERPRINT_LEN];
int i;
-
+
for (i=0; i < MAX_FINGERPRINT_LEN && i < fprint_len; i++)
fprbuf[i] = fprint[i];
- while (i < MAX_FINGERPRINT_LEN)
+ while (i < MAX_FINGERPRINT_LEN)
fprbuf[i++] = 0;
hd = keydb_new (0);
@@ -1135,12 +1137,12 @@ get_pubkey_byfprint_fast (PKT_public_key *pk,
}
rc = keydb_get_keyblock (hd, &keyblock);
keydb_release (hd);
- if (rc)
+ if (rc)
{
log_error ("keydb_get_keyblock failed: %s\n", g10_errstr(rc));
return G10ERR_NO_PUBKEY;
}
-
+
assert ( keyblock->pkt->pkttype == PKT_PUBLIC_KEY
|| keyblock->pkt->pkttype == PKT_PUBLIC_SUBKEY );
if (pk)
@@ -1216,7 +1218,7 @@ get_seckey_byname2( GETKEY_CTX *retctx,
return rc;
}
-int
+int
get_seckey_byname( PKT_secret_key *sk, const char *name, int unlock )
{
return get_seckey_byname2 ( NULL, sk, name, unlock, NULL );
@@ -1255,7 +1257,7 @@ get_seckey_end( GETKEY_CTX ctx )
* Search for a key with the given fingerprint.
* FIXME:
* We should replace this with the _byname function. Thiscsan be done
- * by creating a userID conforming to the unified fingerprint style.
+ * by creating a userID conforming to the unified fingerprint style.
*/
int
get_seckey_byfprint( PKT_secret_key *sk,
@@ -1295,10 +1297,10 @@ get_seckeyblock_byfprint (KBNODE *ret_keyblock, const byte *fprint,
{
int rc;
struct getkey_ctx_s ctx;
-
+
if (fprint_len != 20 && fprint_len == 16)
return G10ERR_GENERAL; /* Oops */
-
+
memset (&ctx, 0, sizeof ctx);
ctx.not_allocated = 1;
ctx.kr_handle = keydb_new (1);
@@ -1309,7 +1311,7 @@ get_seckeyblock_byfprint (KBNODE *ret_keyblock, const byte *fprint,
memcpy (ctx.items[0].u.fpr, fprint, fprint_len);
rc = lookup (&ctx, ret_keyblock, 1);
get_seckey_end (&ctx);
-
+
return rc;
}
@@ -1525,7 +1527,7 @@ fixup_uidnode ( KBNODE uidnode, KBNODE signode, u32 keycreated )
/* We could also query this from the unhashed area if it is not in
* the hased area and then later try to decide which is the better
* there should be no security problem with this.
- * For now we only look at the hashed one.
+ * For now we only look at the hashed one.
*/
/* Now build the preferences list. These must come from the
@@ -1537,7 +1539,7 @@ fixup_uidnode ( KBNODE uidnode, KBNODE signode, u32 keycreated )
hash = p; nhash = p?n:0;
p = parse_sig_subpkt ( sig->hashed, SIGSUBPKT_PREF_COMPR, &n );
zip = p; nzip = p?n:0;
- if (uid->prefs)
+ if (uid->prefs)
xfree (uid->prefs);
n = nsym + nhash + nzip;
if (!n)
@@ -1632,7 +1634,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo)
for(k=keyblock; k && k->pkt->pkttype != PKT_USER_ID; k = k->next ) {
if ( k->pkt->pkttype == PKT_SIGNATURE ) {
PKT_signature *sig = k->pkt->pkt.signature;
- if ( sig->keyid[0] == kid[0] && sig->keyid[1]==kid[1] ) {
+ if ( sig->keyid[0] == kid[0] && sig->keyid[1]==kid[1] ) {
if ( check_key_signature( keyblock, k, NULL ) )
; /* signature did not verify */
else if ( IS_KEY_REV (sig) ){
@@ -1642,9 +1644,9 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo)
* here because we have to assume that an attacker can
* generate all kinds of signatures. However due to the
* fact that the key has been revoked it does not harm
- * either and by continuing we gather some more info on
+ * either and by continuing we gather some more info on
* that key.
- */
+ */
*r_revoked = 1;
sig_to_revoke_info(sig,rinfo);
}
@@ -1732,7 +1734,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo)
key_expire_seen = 1;
}
- /* mark that key as valid: one direct key signature should
+ /* mark that key as valid: one direct key signature should
* render a key as valid */
pk->is_valid = 1;
}
@@ -1751,7 +1753,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo)
if(IS_KEY_REV(sig) &&
(sig->keyid[0]!=kid[0] || sig->keyid[1]!=kid[1]))
- {
+ {
int rc=check_revocation_keys(pk,sig);
if(rc==0)
{
@@ -1781,7 +1783,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo)
sigdate = 0; /* helper to find the latest signature in one user ID */
for(k=keyblock; k && k->pkt->pkttype != PKT_PUBLIC_SUBKEY; k = k->next ) {
if ( k->pkt->pkttype == PKT_USER_ID ) {
- if ( uidnode && signode )
+ if ( uidnode && signode )
{
fixup_uidnode ( uidnode, signode, keytimestamp );
pk->is_valid=1;
@@ -1792,7 +1794,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo)
}
else if ( k->pkt->pkttype == PKT_SIGNATURE && uidnode ) {
PKT_signature *sig = k->pkt->pkt.signature;
- if ( sig->keyid[0] == kid[0] && sig->keyid[1]==kid[1] ) {
+ if ( sig->keyid[0] == kid[0] && sig->keyid[1]==kid[1] ) {
if ( check_key_signature( keyblock, k, NULL ) )
; /* signature did not verify */
else if ( (IS_UID_SIG (sig) || IS_UID_REV (sig))
@@ -1887,7 +1889,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo)
/* Now that we had a look at all user IDs we can now get some information
* from those user IDs.
*/
-
+
if ( !key_usage ) {
/* find the latest user ID with key flags set */
uiddate = 0; /* helper to find the latest user ID */
@@ -1908,17 +1910,17 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo)
else { /* check that the usage matches the usage as given by the algo */
int x = openpgp_pk_algo_usage ( pk->pubkey_algo );
if ( x ) /* mask it down to the actual allowed usage */
- key_usage &= x;
+ key_usage &= x;
}
/* Whatever happens, it's a primary key, so it can certify. */
pk->pubkey_usage = key_usage|PUBKEY_USAGE_CERT;
if ( !key_expire_seen ) {
- /* find the latest valid user ID with a key expiration set
+ /* find the latest valid user ID with a key expiration set
* Note, that this may be a different one from the above because
* some user IDs may have no expiration date set */
- uiddate = 0;
+ uiddate = 0;
for(k=keyblock; k && k->pkt->pkttype != PKT_PUBLIC_SUBKEY;
k = k->next ) {
if ( k->pkt->pkttype == PKT_USER_ID ) {
@@ -1989,7 +1991,7 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo)
if ( k->pkt->pkttype == PKT_USER_ID &&
!k->pkt->pkt.user_id->attrib_data) {
PKT_user_id *uid = k->pkt->pkt.user_id;
- if ( k != uidnode )
+ if ( k != uidnode )
uid->is_primary = 0;
}
}
@@ -2093,7 +2095,7 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
k = k->next ) {
if ( k->pkt->pkttype == PKT_SIGNATURE ) {
sig = k->pkt->pkt.signature;
- if ( sig->keyid[0] == mainkid[0] && sig->keyid[1]==mainkid[1] ) {
+ if ( sig->keyid[0] == mainkid[0] && sig->keyid[1]==mainkid[1] ) {
if ( check_key_signature( keyblock, k, NULL ) )
; /* signature did not verify */
else if ( IS_SUBKEY_REV (sig) ) {
@@ -2107,7 +2109,7 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
does this the same way. */
subpk->is_revoked = 1;
sig_to_revoke_info(sig,&subpk->revoked);
- /* although we could stop now, we continue to
+ /* although we could stop now, we continue to
* figure out other information like the old expiration
* time */
}
@@ -2144,11 +2146,11 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
/* check that the usage matches the usage as given by the algo */
int x = openpgp_pk_algo_usage ( subpk->pubkey_algo );
if ( x ) /* mask it down to the actual allowed usage */
- key_usage &= x;
+ key_usage &= x;
}
subpk->pubkey_usage = key_usage;
-
+
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);
if ( p && buffer_to_u32(p) )
key_expire = keytimestamp + buffer_to_u32(p);
@@ -2240,7 +2242,7 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
}
-/*
+/*
* Merge information from the self-signatures with the key, so that
* we can later use them more easy.
* The function works by first applying the self signatures to the
@@ -2250,7 +2252,7 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
* We check all self signatures or validity and ignore all invalid signatures.
* All signatures are then ordered by their creation date ....
* For the primary key:
- * FIXME the docs
+ * FIXME the docs
*/
static void
merge_selfsigs( KBNODE keyblock )
@@ -2311,7 +2313,7 @@ merge_selfsigs( KBNODE keyblock )
* which user ID the key has been selected.
* fixme: we should keep atoms of commonly used preferences or
* use reference counting to optimize the preference lists storage.
- * FIXME: it might be better to use the intersection of
+ * FIXME: it might be better to use the intersection of
* all preferences.
* Do a similar thing for the MDC feature flag.
*/
@@ -2325,7 +2327,7 @@ merge_selfsigs( KBNODE keyblock )
mdc_feature = k->pkt->pkt.user_id->flags.mdc;
break;
}
- }
+ }
for(k=keyblock; k; k = k->next ) {
if ( k->pkt->pkttype == PKT_PUBLIC_KEY
|| k->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
@@ -2353,7 +2355,7 @@ merge_public_with_secret ( KBNODE pubblock, KBNODE secblock )
assert ( pubblock->pkt->pkttype == PKT_PUBLIC_KEY );
assert ( secblock->pkt->pkttype == PKT_SECRET_KEY );
-
+
for (pub=pubblock; pub; pub = pub->next ) {
if ( pub->pkt->pkttype == PKT_PUBLIC_KEY ) {
PKT_public_key *pk = pub->pkt->pkt.public_key;
@@ -2385,7 +2387,7 @@ merge_public_with_secret ( KBNODE pubblock, KBNODE secblock )
}
}
}
- if ( !sec )
+ if ( !sec )
BUG(); /* already checked in premerge */
}
}
@@ -2404,7 +2406,7 @@ premerge_public_with_secret ( KBNODE pubblock, KBNODE secblock )
assert ( pubblock->pkt->pkttype == PKT_PUBLIC_KEY );
assert ( secblock->pkt->pkttype == PKT_SECRET_KEY );
-
+
for (pub=pubblock,last=NULL; pub; last = pub, pub = pub->next ) {
pub->flag &= ~3; /* reset bits 0 and 1 */
if ( pub->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
@@ -2433,14 +2435,14 @@ premerge_public_with_secret ( KBNODE pubblock, KBNODE secblock )
if (opt.verbose)
log_info (_("no secret subkey"
- " for public subkey %s - ignoring\n"),
+ " for public subkey %s - ignoring\n"),
keystr_from_pk (pk));
/* we have to remove the subkey in this case */
assert ( last );
/* find the next subkey */
for (next=pub->next,ll=pub;
next && next->pkt->pkttype != PKT_PUBLIC_SUBKEY;
- ll = next, next = next->next )
+ ll = next, next = next->next )
;
/* make new link */
last->next = next;
@@ -2510,7 +2512,7 @@ finish_lookup (GETKEY_CTX ctx)
u32 curtime = make_timestamp ();
assert( keyblock->pkt->pkttype == PKT_PUBLIC_KEY );
-
+
ctx->found_key = NULL;
if (ctx->exact) {
@@ -2579,7 +2581,7 @@ finish_lookup (GETKEY_CTX ctx)
log_debug( "\tsubkey not yet valid\n");
continue;
}
-
+
if ( !((pk->pubkey_usage&USAGE_MASK) & req_usage) ) {
if (DBG_CACHE)
log_debug( "\tusage does not match: want=%x have=%x\n",
@@ -2596,7 +2598,7 @@ finish_lookup (GETKEY_CTX ctx)
}
}
- /* Okay now try the primary key unless we want an exact
+ /* Okay now try the primary key unless we want an exact
* key ID match on a subkey */
if ((!latest_key && !(ctx->exact && foundk != keyblock)) || req_prim) {
PKT_public_key *pk;
@@ -2628,7 +2630,7 @@ finish_lookup (GETKEY_CTX ctx)
latest_date = pk->timestamp;
}
}
-
+
if ( !latest_key ) {
if (DBG_CACHE)
log_debug("\tno suitable key found - giving up\n");
@@ -2645,8 +2647,8 @@ finish_lookup (GETKEY_CTX ctx)
if (pk->user_id)
free_user_id (pk->user_id);
pk->user_id = scopy_user_id (foundu);
- }
-
+ }
+
ctx->found_key = latest_key;
if (latest_key != keyblock && opt.verbose)
@@ -2659,7 +2661,7 @@ finish_lookup (GETKEY_CTX ctx)
}
cache_user_id( keyblock );
-
+
return 1; /* found */
}
@@ -2670,7 +2672,7 @@ lookup( GETKEY_CTX ctx, KBNODE *ret_keyblock, int secmode )
int rc;
KBNODE secblock = NULL; /* helper */
int no_suitable_key = 0;
-
+
rc = 0;
while (!(rc = keydb_search (ctx->kr_handle, ctx->items, ctx->nitems))) {
/* If we are searching for the first key we have to make sure
@@ -2685,13 +2687,13 @@ lookup( GETKEY_CTX ctx, KBNODE *ret_keyblock, int secmode )
rc = 0;
goto skip;
}
-
+
if ( secmode ) {
- /* find the correspondig public key and use this
+ /* find the correspondig public key and use this
* this one for the selection process */
u32 aki[2];
KBNODE k = ctx->keyblock;
-
+
if (k->pkt->pkttype != PKT_SECRET_KEY)
BUG();
@@ -2726,7 +2728,7 @@ lookup( GETKEY_CTX ctx, KBNODE *ret_keyblock, int secmode )
}
else
no_suitable_key = 1;
-
+
skip:
/* release resources and continue search */
if ( secmode ) {
@@ -2765,8 +2767,8 @@ lookup( GETKEY_CTX ctx, KBNODE *ret_keyblock, int secmode )
/****************
- * FIXME: Replace by the generic function
- * It does not work as it is right now - it is used at
+ * FIXME: Replace by the generic function
+ * It does not work as it is right now - it is used at
* 2 places: a) to get the key for an anonyous recipient
* b) to get the ultimately trusted keys.
* The a) usage might have some problems.
@@ -2832,7 +2834,7 @@ enum_secret_keys( void **context, PKT_secret_key *sk,
}
release_kbnode (c->keyblock);
c->keyblock = c->node = NULL;
-
+
rc = c->first? keydb_search_first (c->hd) : keydb_search_next (c->hd);
c->first = 0;
if (rc) {
@@ -2840,7 +2842,7 @@ enum_secret_keys( void **context, PKT_secret_key *sk,
c->eof = 1;
return -1; /* eof */
}
-
+
rc = keydb_get_keyblock (c->hd, &c->keyblock);
c->node = c->keyblock;
} while (!rc);
@@ -2999,7 +3001,7 @@ parse_auto_key_locate(char *options)
continue;
/* For now we silently ignore the new methods introduced with
- 2.0.10. */
+ 2.0.10. */
if (!ascii_strcasecmp (tok,"nodefault")
|| !ascii_strcasecmp (tok,"local"))
continue;
diff --git a/g10/gpg.c b/g10/gpg.c
index cf2f51b..28841c0 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -279,7 +279,7 @@ enum cmd_and_opt_values
oS2KDigest,
oS2KCipher,
oS2KCount,
- oSimpleSKChecksum,
+ oSimpleSKChecksum,
oDisplayCharset,
oNotDashEscaped,
oEscapeFrom,
@@ -308,7 +308,7 @@ enum cmd_and_opt_values
oNoAllowNonSelfsignedUID,
oAllowFreeformUID,
oNoAllowFreeformUID,
- oAllowSecretKeyImport,
+ oAllowSecretKeyImport,
oEnableSpecialFilenames,
oNoLiteral,
oSetFilesize,
@@ -992,7 +992,7 @@ open_info_file (const char *fname, int for_write)
sensitive information may be retrieved by means of error
messages. */
return -1;
-#else
+#else
int fd;
/* if (is_secured_filename (fname)) */
@@ -1015,7 +1015,7 @@ open_info_file (const char *fname, int for_write)
if ( fd == -1)
log_error ( for_write? _("can't create `%s': %s\n")
: _("can't open `%s': %s\n"), fname, strerror(errno));
-
+
return fd;
#endif
}
@@ -1678,7 +1678,7 @@ parse_trust_model(const char *model)
/* Must be called before we open any files. */
static void
reopen_std(void)
-{
+{
#if defined(HAVE_STAT) && !defined(HAVE_W32_SYSTEM)
struct stat statbuf;
int did_stdin=0,did_stdout=0,did_stderr=0;
@@ -1775,7 +1775,7 @@ get_default_configname (void)
if (configname)
{
char *tok;
-
+
xfree (configname);
configname = NULL;
@@ -1786,13 +1786,13 @@ get_default_configname (void)
else
break;
}
-
+
configname = make_filename (opt.homedir, name, NULL);
}
while (access (configname, R_OK));
xfree(name);
-
+
if (! configname)
configname = make_filename (opt.homedir, "gpg" EXTSEP_S "conf", NULL);
if (! access (configname, R_OK))
@@ -1930,9 +1930,9 @@ main (int argc, char **argv )
#elif defined(__APPLE__)
opt.pcsc_driver = "/System/Library/Frameworks/PCSC.framework/PCSC";
#elif defined(__GLIBC__)
- opt.pcsc_driver = "libpcsclite.so.1";
+ opt.pcsc_driver = "libpcsclite.so.1";
#else
- opt.pcsc_driver = "libpcsclite.so";
+ opt.pcsc_driver = "libpcsclite.so";
#endif
opt.disable_keypad = 1; /* No keypad support; use gpg2 instead. */
#endif /*ENABLE_CARD_SUPPORT*/
@@ -2079,19 +2079,19 @@ main (int argc, char **argv )
{
switch( pargs.r_opt )
{
- case aCheckKeys:
+ case aCheckKeys:
case aListConfig:
case aGPGConfList:
case aGPGConfTest:
case aListPackets:
- case aImport:
- case aFastImport:
- case aSendKeys:
- case aRecvKeys:
+ case aImport:
+ case aFastImport:
+ case aSendKeys:
+ case aRecvKeys:
case aSearchKeys:
case aRefreshKeys:
case aFetchKeys:
- case aExport:
+ case aExport:
set_cmd (&cmd, pargs.r_opt);
break;
case aListKeys: set_cmd( &cmd, aListKeys); break;
@@ -2104,7 +2104,7 @@ main (int argc, char **argv )
break;
case aDeleteSecretAndPublicKeys:
set_cmd( &cmd, aDeleteSecretAndPublicKeys);
- greeting=1;
+ greeting=1;
break;
case aDeleteKeys: set_cmd( &cmd, aDeleteKeys); greeting=1; break;
@@ -2205,7 +2205,7 @@ main (int argc, char **argv )
case oDebug: opt.debug |= pargs.r.ret_ulong; break;
case oDebugAll: opt.debug = ~0; break;
case oDebugLevel: break; /* Not supported. */
- case oDebugCCIDDriver:
+ case oDebugCCIDDriver:
#if defined(ENABLE_CARD_SUPPORT) && defined(HAVE_LIBUSB)
ccid_set_debug_level (ccid_set_debug_level (1)+1);
#endif
@@ -2549,7 +2549,7 @@ main (int argc, char **argv )
case oCommandFile:
opt.command_fd = open_info_file (pargs.r.ret_str, 0);
break;
- case oCipherAlgo:
+ case oCipherAlgo:
def_cipher_string = xstrdup(pargs.r.ret_str);
break;
case oDigestAlgo:
@@ -2855,8 +2855,8 @@ main (int argc, char **argv )
opt.exit_on_status_write_error = 1;
break;
- case oLimitCardInsertTries:
- opt.limit_card_insert_tries = pargs.r.ret_int;
+ case oLimitCardInsertTries:
+ opt.limit_card_insert_tries = pargs.r.ret_int;
break;
case oRequireCrossCert: opt.flags.require_cross_cert=1; break;
@@ -2967,7 +2967,7 @@ main (int argc, char **argv )
"--no-literal" );
}
-#ifndef ENABLE_AGENT_SUPPORT
+#ifndef ENABLE_AGENT_SUPPORT
if (opt.use_agent) {
log_info(_("NOTE: %s is not available in this version\n"),
"--use-agent");
@@ -3088,7 +3088,9 @@ main (int argc, char **argv )
if(opt.def_cipher_algo==0 &&
(ascii_strcasecmp(def_cipher_string,"idea")==0
|| ascii_strcasecmp(def_cipher_string,"s1")==0))
- idea_cipher_warn(1);
+ {
+ idea_cipher_warn(1);
+ }
xfree(def_cipher_string); def_cipher_string = NULL;
if( check_cipher_algo(opt.def_cipher_algo) )
log_error(_("selected cipher algorithm is invalid\n"));
@@ -3305,13 +3307,13 @@ main (int argc, char **argv )
case of "-kvv userid keyring". Also avoid adding the secret
keyring for a couple of commands to avoid unneeded access in
case the secrings are stored on a floppy.
-
+
We always need to add the keyrings if we are running under
SELinux, this is so that the rings are added to the list of
secured files. */
- if( ALWAYS_ADD_KEYRINGS
+ if( ALWAYS_ADD_KEYRINGS
|| (cmd != aDeArmor && cmd != aEnArmor
- && !(cmd == aKMode && argc == 2 )) )
+ && !(cmd == aKMode && argc == 2 )) )
{
if (ALWAYS_ADD_KEYRINGS
|| (cmd != aCheckKeys && cmd != aListSigs && cmd != aListKeys
@@ -3358,11 +3360,11 @@ main (int argc, char **argv )
switch (cmd)
{
- case aStore:
- case aSym:
- case aSign:
- case aSignSym:
- case aClearsign:
+ case aStore:
+ case aSym:
+ case aSign:
+ case aSignSym:
+ case aClearsign:
if (!opt.quiet && any_explicit_recipient)
log_info (_("WARNING: recipients (-r) given "
"without using public key encryption\n"));
@@ -3522,7 +3524,7 @@ main (int argc, char **argv )
log_error("decrypt_message failed: %s\n", g10_errstr(rc) );
}
break;
-
+
case aSignKey:
if( argc != 1 )
wrong_args(_("--sign-key user-id"));
@@ -3901,7 +3903,7 @@ main (int argc, char **argv )
wrong_args("--import-ownertrust [file]");
import_ownertrust( argc? *argv:NULL );
break;
-
+
case aPipeMode:
if ( argc )
wrong_args ("--pipemode");
@@ -4106,12 +4108,12 @@ print_hashline( MD_HANDLE md, int algo, const char *fname )
{
int i, n;
const byte *p;
-
+
if ( fname ) {
for (p = fname; *p; p++ ) {
if ( *p <= 32 || *p > 127 || *p == ':' || *p == '%' )
printf("%%%02X", *p );
- else
+ else
putchar( *p );
}
}
@@ -4119,7 +4121,7 @@ print_hashline( MD_HANDLE md, int algo, const char *fname )
printf("%d:", algo );
p = md_read( md, algo );
n = md_digest_length(algo);
- for(i=0; i < n ; i++, p++ )
+ for(i=0; i < n ; i++, p++ )
printf("%02X", *p );
putchar(':');
putchar('\n');
@@ -4177,7 +4179,7 @@ print_mds( const char *fname, int algo )
else {
md_final(md);
if ( opt.with_colons ) {
- if ( algo )
+ if ( algo )
print_hashline( md, algo, fname );
else {
print_hashline( md, DIGEST_ALGO_MD5, fname );
@@ -4274,7 +4276,7 @@ add_policy_url( const char *string, int which )
sl=add_to_strlist( &opt.sig_policy_url, string );
if(critical)
- sl->flags |= 1;
+ sl->flags |= 1;
}
static void
@@ -4307,5 +4309,5 @@ add_keyserver_url( const char *string, int which )
sl=add_to_strlist( &opt.sig_keyserver_url, string );
if(critical)
- sl->flags |= 1;
+ sl->flags |= 1;
}
diff --git a/g10/keydb.c b/g10/keydb.c
index a0c0e57..5a62f18 100644
--- a/g10/keydb.c
+++ b/g10/keydb.c
@@ -32,7 +32,7 @@
#include "main.h" /*try_make_homedir ()*/
#include "packet.h"
#include "keyring.h"
-#include "keydb.h"
+#include "keydb.h"
#include "i18n.h"
static int active_handles;
@@ -88,7 +88,7 @@ maybe_create_keyring (char *filename, int force)
/* If we don't want to create a new file at all, there is no need to
go any further - bail out right here. */
- if (!force)
+ if (!force)
return G10ERR_OPEN_FILE;
/* First of all we try to create the home directory. Note, that we
@@ -99,9 +99,9 @@ maybe_create_keyring (char *filename, int force)
last_slash_in_filename = strrchr (filename, DIRSEP_C);
*last_slash_in_filename = 0;
if (access(filename, F_OK))
- {
+ {
static int tried;
-
+
if (!tried)
{
tried = 1;
@@ -130,8 +130,8 @@ maybe_create_keyring (char *filename, int force)
if (opt.verbose)
log_info ("can't allocate lock for `%s'\n", filename );
- if (!force)
- return G10ERR_OPEN_FILE;
+ if (!force)
+ return G10ERR_OPEN_FILE;
else
return G10ERR_GENERAL;
}
@@ -161,7 +161,7 @@ maybe_create_keyring (char *filename, int force)
else
iobuf = iobuf_create (filename);
umask (oldmask);
- if (!iobuf)
+ if (!iobuf)
{
log_error ( _("error creating keyring `%s': %s\n"),
filename, strerror(errno));
@@ -279,7 +279,7 @@ keydb_add_resource (const char *url, int flags, int secret)
{
if (used_resources >= MAX_KEYDB_RESOURCES)
rc = G10ERR_RESOURCE_LIMIT;
- else
+ else
{
if(flags&2)
primary_keyring=token;
@@ -338,10 +338,10 @@ keydb_new (int secret)
{
KEYDB_HANDLE hd;
int i, j;
-
+
hd = xmalloc_clear (sizeof *hd);
hd->found = -1;
-
+
assert (used_resources <= MAX_KEYDB_RESOURCES);
for (i=j=0; i < used_resources; i++)
{
@@ -365,12 +365,12 @@ keydb_new (int secret)
}
}
hd->used = j;
-
+
active_handles++;
return hd;
}
-void
+void
keydb_release (KEYDB_HANDLE hd)
{
int i;
@@ -409,19 +409,19 @@ keydb_get_resource_name (KEYDB_HANDLE hd)
int idx;
const char *s = NULL;
- if (!hd)
+ if (!hd)
return NULL;
- if ( hd->found >= 0 && hd->found < hd->used)
+ if ( hd->found >= 0 && hd->found < hd->used)
idx = hd->found;
- else if ( hd->current >= 0 && hd->current < hd->used)
+ else if ( hd->current >= 0 && hd->current < hd->used)
idx = hd->current;
else
idx = 0;
switch (hd->active[idx].type) {
case KEYDB_RESOURCE_TYPE_NONE:
- s = NULL;
+ s = NULL;
break;
case KEYDB_RESOURCE_TYPE_KEYRING:
s = keyring_get_resource_name (hd->active[idx].u.kr);
@@ -433,7 +433,7 @@ keydb_get_resource_name (KEYDB_HANDLE hd)
-static int
+static int
lock_all (KEYDB_HANDLE hd)
{
int i, rc = 0;
@@ -490,7 +490,7 @@ unlock_all (KEYDB_HANDLE hd)
/*
* Return the last found keyring. Caller must free it.
* The returned keyblock has the kbode flag bit 0 set for the node with
- * the public key used to locate the keyblock or flag bit 1 set for
+ * the public key used to locate the keyblock or flag bit 1 set for
* the user ID node.
*/
int
@@ -501,7 +501,7 @@ keydb_get_keyblock (KEYDB_HANDLE hd, KBNODE *ret_kb)
if (!hd)
return G10ERR_INV_ARG;
- if ( hd->found < 0 || hd->found >= hd->used)
+ if ( hd->found < 0 || hd->found >= hd->used)
return -1; /* nothing found */
switch (hd->active[hd->found].type) {
@@ -516,7 +516,7 @@ keydb_get_keyblock (KEYDB_HANDLE hd, KBNODE *ret_kb)
return rc;
}
-/*
+/*
* update the current keyblock with KB
*/
int
@@ -527,7 +527,7 @@ keydb_update_keyblock (KEYDB_HANDLE hd, KBNODE kb)
if (!hd)
return G10ERR_INV_ARG;
- if ( hd->found < 0 || hd->found >= hd->used)
+ if ( hd->found < 0 || hd->found >= hd->used)
return -1; /* nothing found */
if( opt.dry_run )
@@ -551,8 +551,8 @@ keydb_update_keyblock (KEYDB_HANDLE hd, KBNODE kb)
}
-/*
- * Insert a new KB into one of the resources.
+/*
+ * Insert a new KB into one of the resources.
*/
int
keydb_insert_keyblock (KEYDB_HANDLE hd, KBNODE kb)
@@ -560,15 +560,15 @@ keydb_insert_keyblock (KEYDB_HANDLE hd, KBNODE kb)
int rc = -1;
int idx;
- if (!hd)
+ if (!hd)
return G10ERR_INV_ARG;
if( opt.dry_run )
return 0;
- if ( hd->found >= 0 && hd->found < hd->used)
+ if ( hd->found >= 0 && hd->found < hd->used)
idx = hd->found;
- else if ( hd->current >= 0 && hd->current < hd->used)
+ else if ( hd->current >= 0 && hd->current < hd->used)
idx = hd->current;
else
return G10ERR_GENERAL;
@@ -591,7 +591,7 @@ keydb_insert_keyblock (KEYDB_HANDLE hd, KBNODE kb)
}
-/*
+/*
* The current keyblock will be deleted.
*/
int
@@ -602,7 +602,7 @@ keydb_delete_keyblock (KEYDB_HANDLE hd)
if (!hd)
return G10ERR_INV_ARG;
- if ( hd->found < 0 || hd->found >= hd->used)
+ if ( hd->found < 0 || hd->found >= hd->used)
return -1; /* nothing found */
if( opt.dry_run )
@@ -629,16 +629,18 @@ keydb_delete_keyblock (KEYDB_HANDLE hd)
/*
* Locate the default writable key resource, so that the next
* operation (which is only relevant for inserts) will be done on this
- * resource.
+ * resource.
*/
int
keydb_locate_writable (KEYDB_HANDLE hd, const char *reserved)
{
int rc;
-
+
+ (void)reserved;
+
if (!hd)
return G10ERR_INV_ARG;
-
+
rc = keydb_search_reset (hd); /* this does reset hd->current */
if (rc)
return rc;
@@ -662,9 +664,9 @@ keydb_locate_writable (KEYDB_HANDLE hd, const char *reserved)
return rc;
}
- for ( ; hd->current >= 0 && hd->current < hd->used; hd->current++)
+ for ( ; hd->current >= 0 && hd->current < hd->used; hd->current++)
{
- switch (hd->active[hd->current].type)
+ switch (hd->active[hd->current].type)
{
case KEYDB_RESOURCE_TYPE_NONE:
BUG();
@@ -675,7 +677,7 @@ keydb_locate_writable (KEYDB_HANDLE hd, const char *reserved)
break;
}
}
-
+
return -1;
}
@@ -686,7 +688,7 @@ void
keydb_rebuild_caches (int noisy)
{
int i, rc;
-
+
for (i=0; i < used_resources; i++)
{
if (all_resources[i].secret)
@@ -707,10 +709,10 @@ keydb_rebuild_caches (int noisy)
-/*
+/*
* Start the next search on this handle right at the beginning
*/
-int
+int
keydb_search_reset (KEYDB_HANDLE hd)
{
int i, rc = 0;
@@ -718,7 +720,7 @@ keydb_search_reset (KEYDB_HANDLE hd)
if (!hd)
return G10ERR_INV_ARG;
- hd->current = 0;
+ hd->current = 0;
hd->found = -1;
/* and reset all resources */
for (i=0; !rc && i < hd->used; i++) {
@@ -730,15 +732,15 @@ keydb_search_reset (KEYDB_HANDLE hd)
break;
}
}
- return rc;
+ return rc;
}
-/*
+/*
* Search through all keydb resources, starting at the current position,
* for a keyblock which contains one of the keys described in the DESC array.
*/
-int
+int
keydb_search2 (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc,
size_t ndesc, size_t *descindex)
{
@@ -758,12 +760,12 @@ keydb_search2 (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc,
break;
}
if (rc == -1) /* EOF -> switch to next resource */
- hd->current++;
+ hd->current++;
else if (!rc)
hd->found = hd->current;
}
- return rc;
+ return rc;
}
int
diff --git a/g10/keyid.c b/g10/keyid.c
index 57e9fc8..f04bea6 100644
--- a/g10/keyid.c
+++ b/g10/keyid.c
@@ -35,7 +35,7 @@
#ifdef HAVE_UNSIGNED_TIME_T
# define INVALID_TIME_CHECK(a) ((a) == (time_t)(-1))
-#else
+#else
/* Error or 32 bit time_t and value after 2038-01-19. */
# define INVALID_TIME_CHECK(a) ((a) < 0)
#endif
@@ -51,6 +51,8 @@ pubkey_letter( int algo )
case PUBKEY_ALGO_ELGAMAL_E: return 'g';
case PUBKEY_ALGO_ELGAMAL: return 'G' ;
case PUBKEY_ALGO_DSA: return 'D' ;
+ case PUBKEY_ALGO_ECDSA: return 'E' ; /* ECC DSA (sign only) */
+ case PUBKEY_ALGO_ECDH: return 'e' ; /* ECC DH (encrypt only) */
default: return '?';
}
}
@@ -100,7 +102,7 @@ hash_public_key( MD_HANDLE md, PKT_public_key *pk )
u16 days=0;
if(pk->expiredate)
days=(u16)((pk->expiredate - pk->timestamp) / 86400L);
-
+
md_putc( md, days >> 8 );
md_putc( md, days );
}
@@ -175,7 +177,7 @@ keystrlen(void)
const char *
keystr(u32 *keyid)
-{
+{
static char keyid_str[19];
switch(opt.keyid_format)
diff --git a/g10/mainproc.c b/g10/mainproc.c
index f46895d..3ffb049 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -72,7 +72,7 @@ struct mainproc_context
int trustletter; /* Temporary usage in list_node. */
ulong symkeys;
struct kidlist_item *pkenc_list; /* List of encryption packets. */
- struct
+ struct
{
int op;
int stop_now;
@@ -135,10 +135,10 @@ add_gpg_control( CTX c, PACKET *pkt )
/* New clear text signature.
* Process the last one and reset everything */
release_list(c);
- }
+ }
else if ( pkt->pkt.gpg_control->control == CTRLPKT_PIPEMODE ) {
/* Pipemode control packet */
- if ( pkt->pkt.gpg_control->datalen < 2 )
+ if ( pkt->pkt.gpg_control->datalen < 2 )
log_fatal ("invalid pipemode control packet length\n");
if (pkt->pkt.gpg_control->data[0] == 1) {
/* start the whole thing */
@@ -156,10 +156,10 @@ add_gpg_control( CTX c, PACKET *pkt )
/* and tell the outer loop to terminate */
c->pipemode.stop_now = 1;
}
- else
+ else
log_fatal ("invalid pipemode control packet code\n");
return 0; /* no need to store the packet */
- }
+ }
if( c->list ) /* add another packet */
add_kbnode( c->list, new_kbnode( pkt ));
@@ -264,14 +264,16 @@ symkey_decrypt_seskey( DEK *dek, byte *seskey, size_t slen )
resulted in a garbage algorithm byte, but it's close enough since
a bogus byte here will fail later. */
if(dek->algo==CIPHER_ALGO_IDEA)
- idea_cipher_warn(0);
+ {
+ idea_cipher_warn(0);
+ }
memcpy(dek->key, seskey + 1, dek->keylen);
/*log_hexdump( "thekey", dek->key, dek->keylen );*/
return 0;
-}
+}
static void
proc_symkey_enc( CTX c, PACKET *pkt )
@@ -403,7 +405,7 @@ proc_pubkey_enc( CTX c, PACKET *pkt )
}
else if( is_ELGAMAL(enc->pubkey_algo)
|| enc->pubkey_algo == PUBKEY_ALGO_DSA
- || is_RSA(enc->pubkey_algo)
+ || is_RSA(enc->pubkey_algo)
|| (RFC2440 && enc->pubkey_algo == PUBKEY_ALGO_ELGAMAL)) {
/* Note that we also allow type 20 Elgamal keys for decryption.
There are still a couple of those keys in active use as a
@@ -464,7 +466,7 @@ print_pkenc_list( struct kidlist_item *list, int failed )
for( ; list; list = list->next ) {
PKT_public_key *pk;
const char *algstr;
-
+
if ( failed && !list->reason )
continue;
if ( !failed && list->reason )
@@ -680,7 +682,7 @@ proc_plaintext( CTX c, PACKET *pkt )
/* check that we have at least the sigclass and one hash */
if ( datalen < 2 )
- log_fatal("invalid control packet CTRLPKT_CLEARSIGN_START\n");
+ log_fatal("invalid control packet CTRLPKT_CLEARSIGN_START\n");
/* Note that we don't set the clearsig flag for not-dash-escaped
* documents */
clearsig = (*data == 0x01);
@@ -764,7 +766,7 @@ proc_plaintext( CTX c, PACKET *pkt )
n = new_kbnode (create_gpg_control (CTRLPKT_PLAINTEXT_MARK, NULL, 0));
if (c->list)
add_kbnode (c->list, n);
- else
+ else
c->list = n;
}
@@ -849,7 +851,7 @@ do_check_sig( CTX c, KBNODE node, int *is_selfsig,
|| sig->sig_class == 0x1f
|| sig->sig_class == 0x20
|| sig->sig_class == 0x28
- || sig->sig_class == 0x30 ) {
+ || sig->sig_class == 0x30 ) {
if( c->list->pkt->pkttype == PKT_PUBLIC_KEY
|| c->list->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
return check_key_signature( c->list, node, is_selfsig );
@@ -1102,7 +1104,7 @@ list_node( CTX c, KBNODE node )
switch( (rc2=do_check_sig( c, node, &is_selfsig, NULL, NULL )) ) {
case 0: sigrc = '!'; break;
case G10ERR_BAD_SIGN: sigrc = '-'; break;
- case G10ERR_NO_PUBKEY:
+ case G10ERR_NO_PUBKEY:
case G10ERR_UNU_PUBKEY: sigrc = '?'; break;
default: sigrc = '%'; break;
}
@@ -1199,7 +1201,7 @@ proc_signature_packets( void *anchor, IOBUF a,
messages, send a NODATA status back and return an error code.
Using log_error is required because verify_files does not check
error codes for each file but we want to terminate the process
- with an error. */
+ with an error. */
if (!rc && !c->any_sig_seen)
{
write_status_text (STATUS_NODATA, "4");
@@ -1334,7 +1336,7 @@ do_proc_packets( CTX c, IOBUF a )
* packet and not to reuse the current one ... It works right
* when there is a compression packet inbetween which adds just
* an extra layer.
- * Hmmm: Rewrite this whole module here??
+ * Hmmm: Rewrite this whole module here??
*/
if( pkt->pkttype != PKT_SIGNATURE && pkt->pkttype != PKT_MDC )
c->have_data = pkt->pkttype == PKT_PLAINTEXT;
@@ -1348,8 +1350,8 @@ do_proc_packets( CTX c, IOBUF a )
else
free_packet(pkt);
if ( c->pipemode.stop_now ) {
- /* we won't get an EOF in pipemode, so we have to
- * break the loop here */
+ /* we won't get an EOF in pipemode, so we have to
+ * break the loop here */
rc = -1;
break;
}
@@ -1459,7 +1461,7 @@ check_sig_and_print( CTX c, KBNODE node )
O{1,n} P S{1,n} -- standard OpenPGP signature.
C P S{1,n} -- cleartext signature.
-
+
O = One-Pass Signature packet.
S = Signature packet.
P = OpenPGP Message packet (Encrypted | Compressed | Literal)
@@ -1471,7 +1473,7 @@ check_sig_and_print( CTX c, KBNODE node )
C = Marker packet for cleartext signatures.
We reject all other messages.
-
+
Actually we are calling this too often, i.e. for verification of
each message but better have some duplicate work than to silently
introduce a bug here.
@@ -1485,7 +1487,7 @@ check_sig_and_print( CTX c, KBNODE node )
n = c->list;
assert (n);
- if ( n->pkt->pkttype == PKT_SIGNATURE )
+ if ( n->pkt->pkttype == PKT_SIGNATURE )
{
/* This is either "S{1,n}" case (detached signature) or
"S{1,n} P" (old style PGP2 signature). */
@@ -1504,7 +1506,7 @@ check_sig_and_print( CTX c, KBNODE node )
else
goto ambiguous;
}
- else if (n->pkt->pkttype == PKT_ONEPASS_SIG)
+ else if (n->pkt->pkttype == PKT_ONEPASS_SIG)
{
/* This is the "O{1,n} P S{1,n}" case (standard signature). */
for (n_onepass=1, n = n->next;
@@ -1552,7 +1554,7 @@ check_sig_and_print( CTX c, KBNODE node )
if (n || !n_sig)
goto ambiguous;
}
- else
+ else
{
ambiguous:
log_error(_("can't handle this ambiguous signature data\n"));
@@ -1621,19 +1623,19 @@ check_sig_and_print( CTX c, KBNODE node )
/* If the preferred keyserver thing above didn't work, our second
try is to use the URI from a DNS PKA record. */
- if ( rc == G10ERR_NO_PUBKEY
+ if ( rc == G10ERR_NO_PUBKEY
&& opt.keyserver_options.options&KEYSERVER_AUTO_KEY_RETRIEVE
&& opt.keyserver_options.options&KEYSERVER_HONOR_PKA_RECORD)
{
const char *uri = pka_uri_from_sig (sig);
-
+
if (uri)
{
/* FIXME: We might want to locate the key using the
fingerprint instead of the keyid. */
int res;
struct keyserver_spec *spec;
-
+
spec = parse_keyserver_uri (uri, 1, NULL, 0);
if (spec)
{
@@ -1717,7 +1719,7 @@ check_sig_and_print( CTX c, KBNODE node )
keyid_str[17] = 0; /* cut off the "[uncertain]" part */
write_status_text_and_buffer (statno, keyid_str,
un->pkt->pkt.user_id->name,
- un->pkt->pkt.user_id->len,
+ un->pkt->pkt.user_id->len,
-1 );
p=utf8_to_native(un->pkt->pkt.user_id->name,
@@ -1762,7 +1764,7 @@ check_sig_and_print( CTX c, KBNODE node )
write_status_text_and_buffer (statno, keyid_str,
un? un->pkt->pkt.user_id->name:"[?]",
- un? un->pkt->pkt.user_id->len:3,
+ un? un->pkt->pkt.user_id->len:3,
-1 );
if(un)
@@ -1785,7 +1787,7 @@ check_sig_and_print( CTX c, KBNODE node )
fputs("\n", log_stream() );
}
- /* If we have a good signature and already printed
+ /* If we have a good signature and already printed
* the primary user ID, print all the other user IDs */
if ( count && !rc
&& !(opt.verify_options&VERIFY_SHOW_PRIMARY_UID_ONLY) ) {
@@ -1882,7 +1884,7 @@ check_sig_and_print( CTX c, KBNODE node )
bufp = bufp + strlen (bufp);
if (!vpk->is_primary) {
u32 akid[2];
-
+
akid[0] = vpk->main_keyid[0];
akid[1] = vpk->main_keyid[1];
free_public_key (vpk);
@@ -2030,7 +2032,7 @@ proc_tree( CTX c, KBNODE node )
log_error (_("not a detached signature\n") );
return;
}
-
+
for( n1 = node; (n1 = find_next_kbnode(n1, PKT_SIGNATURE )); )
check_sig_and_print( c, n1 );
}
diff --git a/include/cipher.h b/include/cipher.h
index 2bc57d6..9c25605 100644
--- a/include/cipher.h
+++ b/include/cipher.h
@@ -47,8 +47,11 @@
#define PUBKEY_ALGO_RSA_S 3 /* RSA sign only */
#define PUBKEY_ALGO_ELGAMAL_E 16 /* encrypt only ElGamal (but not for v3)*/
#define PUBKEY_ALGO_DSA 17
+#define PUBKEY_ALGO_ECDH 18
+#define PUBKEY_ALGO_ECDSA 19
#define PUBKEY_ALGO_ELGAMAL 20 /* sign and encrypt elgamal */
+
#define PUBKEY_USAGE_SIG 1 /* key is good for signatures */
#define PUBKEY_USAGE_ENC 2 /* key is good for encryption */
#define PUBKEY_USAGE_CERT 4 /* key is also good to certify other keys*/
@@ -113,7 +116,7 @@ typedef struct gcry_md_context *MD_HANDLE;
#if defined (__riscos__) && !defined (INCLUDED_BY_MAIN_MODULE)
#define EXTERN_UNLESS_MAIN_MODULE extern
#else
-#define EXTERN_UNLESS_MAIN_MODULE
+#define EXTERN_UNLESS_MAIN_MODULE
#endif
#endif
EXTERN_UNLESS_MAIN_MODULE int g10c_debug_mode;
-----------------------------------------------------------------------
Summary of changes:
g10/build-packet.c | 22 +++++---
g10/getkey.c | 150 ++++++++++++++++++++++++++-------------------------
g10/gpg.c | 80 ++++++++++++++--------------
g10/keydb.c | 88 ++++++++++++++++---------------
g10/keyid.c | 8 ++-
g10/mainproc.c | 62 +++++++++++----------
include/cipher.h | 5 ++-
7 files changed, 216 insertions(+), 199 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list