[git] GnuPG - branch, master, updated. gnupg-2.1.0beta3-172-gc4dbd1b

by Werner Koch cvs at cvs.gnupg.org
Tue Mar 19 17:43:18 CET 2013


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  c4dbd1b2de8ae3847a040444e86500848868bcf4 (commit)
       via  b693ec02c467696bf9d7324dd081e279f9965151 (commit)
       via  4bde12206c5bf199dc6e12a74af8da4558ba41bf (commit)
      from  76dc5c08dc2686eef32e1bd221c60fe91201246f (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit c4dbd1b2de8ae3847a040444e86500848868bcf4
Author: Werner Koch <wk at gnupg.org>
Date:   Tue Mar 19 17:23:56 2013 +0100

    gpg: Print indicator for unknown key capability.
    
    * g10/keylist.c (print_capabilities): Print '?' for unknown usage.

diff --git a/doc/DETAILS b/doc/DETAILS
index a52979f..d5c5cea 100644
--- a/doc/DETAILS
+++ b/doc/DETAILS
@@ -161,6 +161,7 @@ described here.
     - s :: Sign
     - c :: Certify
     - a :: Authentication
+    - ? :: Unknown capability
 
     A key may have any combination of them in any order.  In addition
     to these letters, the primary key has uppercase versions of the
diff --git a/g10/keylist.c b/g10/keylist.c
index 87f3a4b..d45aed6 100644
--- a/g10/keylist.c
+++ b/g10/keylist.c
@@ -627,6 +627,9 @@ print_capabilities (PKT_public_key *pk, KBNODE keyblock)
   if ((use & PUBKEY_USAGE_AUTH))
     es_putc ('a', es_stdout);
 
+  if ((use & PUBKEY_USAGE_UNKNOWN))
+    es_putc ('?', es_stdout);
+
   if (keyblock)
     {
       /* Figure out the usable capabilities.  */

commit b693ec02c467696bf9d7324dd081e279f9965151
Author: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
Date:   Tue Mar 19 11:25:25 2013 -0400

    gpg: Allow setting of all zero key flags
    
    * g10/keygen.c (do_add_key_flags): Do not check for empty key flags.

diff --git a/g10/keygen.c b/g10/keygen.c
index fc985ee..2017662 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -216,9 +216,6 @@ do_add_key_flags (PKT_signature *sig, unsigned int use)
     if (use & PUBKEY_USAGE_AUTH)
         buf[0] |= 0x20;
 
-    if (!buf[0])
-        return;
-
     build_sig_subpkt (sig, SIGSUBPKT_KEY_FLAGS, buf, 1);
 }
 

commit 4bde12206c5bf199dc6e12a74af8da4558ba41bf
Author: Werner Koch <wk at gnupg.org>
Date:   Fri Mar 15 15:46:03 2013 +0100

    gpg: Distinguish between missing and cleared key flags.
    
    * include/cipher.h (PUBKEY_USAGE_NONE): New.
    * g10/getkey.c (parse_key_usage): Set new flag.
    --
    
    We do not want to use the default capabilities (derived from the
    algorithm) if any key flags are given in a signature.  Thus if key
    flags are used in any way, the default key capabilities are never
    used.
    
    This allows to create a key with key flags set to all zero so it can't
    be used.  This better reflects common sense.

diff --git a/g10/getkey.c b/g10/getkey.c
index 9294273..8cc5601 100644
--- a/g10/getkey.c
+++ b/g10/getkey.c
@@ -1276,13 +1276,19 @@ parse_key_usage (PKT_signature * sig)
 
       if (flags)
 	key_usage |= PUBKEY_USAGE_UNKNOWN;
+
+      if (!key_usage)
+	key_usage |= PUBKEY_USAGE_NONE;
     }
+  else if (p) /* Key flags of length zero.  */
+    key_usage |= PUBKEY_USAGE_NONE;
 
   /* We set PUBKEY_USAGE_UNKNOWN to indicate that this key has a
      capability that we do not handle.  This serves to distinguish
      between a zero key usage which we handle as the default
      capabilities for that algorithm, and a usage that we do not
-     handle. */
+     handle.  Likewise we use PUBKEY_USAGE_NONE to indicate that
+     key_flags have been given but they do not specify any usage.  */
 
   return key_usage;
 }
diff --git a/include/cipher.h b/include/cipher.h
index 191e197..557ab70 100644
--- a/include/cipher.h
+++ b/include/cipher.h
@@ -54,9 +54,14 @@
 
 #define PUBKEY_USAGE_SIG     GCRY_PK_USAGE_SIGN  /* Good for signatures. */
 #define PUBKEY_USAGE_ENC     GCRY_PK_USAGE_ENCR  /* Good for encryption. */
-#define PUBKEY_USAGE_CERT    GCRY_PK_USAGE_CERT  /* Also good to certify keys. */
+#define PUBKEY_USAGE_CERT    GCRY_PK_USAGE_CERT  /* Also good to certify keys.*/
 #define PUBKEY_USAGE_AUTH    GCRY_PK_USAGE_AUTH  /* Good for authentication. */
 #define PUBKEY_USAGE_UNKNOWN GCRY_PK_USAGE_UNKN  /* Unknown usage flag. */
+#define PUBKEY_USAGE_NONE    256                 /* No usage given. */
+#if  (GCRY_PK_USAGE_SIGN | GCRY_PK_USAGE_ENCR | GCRY_PK_USAGE_CERT \
+      | GCRY_PK_USAGE_AUTH | GCRY_PK_USAGE_UNKN) >= 256
+# error Please choose another value for PUBKEY_USAGE_NONE
+#endif
 
 #define DIGEST_ALGO_MD5       /*  1 */ GCRY_MD_MD5
 #define DIGEST_ALGO_SHA1      /*  2 */ GCRY_MD_SHA1

-----------------------------------------------------------------------

Summary of changes:
 doc/DETAILS      |    1 +
 g10/getkey.c     |    8 +++++++-
 g10/keygen.c     |    3 ---
 g10/keylist.c    |    3 +++
 include/cipher.h |    7 ++++++-
 5 files changed, 17 insertions(+), 5 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org




More information about the Gnupg-commits mailing list