You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
70 lines
2.5 KiB
70 lines
2.5 KiB
From 4bde12206c5bf199dc6e12a74af8da4558ba41bf Mon Sep 17 00:00:00 2001
|
|
From: Werner Koch <wk@gnupg.org>
|
|
Date: Fri, 15 Mar 2013 15:46:03 +0100
|
|
Subject: [PATCH] gpg: Distinguish between missing and cleared key flags.
|
|
|
|
* include/cipher.h (PUBKEY_USAGE_NONE): New.
|
|
* g10/getkey.c (parse_key_usage): Set new flag.
|
|
--
|
|
|
|
We do not want to use the default capabilities (derived from the
|
|
algorithm) if any key flags are given in a signature. Thus if key
|
|
flags are used in any way, the default key capabilities are never
|
|
used.
|
|
|
|
This allows to create a key with key flags set to all zero so it can't
|
|
be used. This better reflects common sense.
|
|
---
|
|
g10/getkey.c | 8 +++++++-
|
|
include/cipher.h | 7 ++++++-
|
|
2 files changed, 13 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/g10/getkey.c b/g10/getkey.c
|
|
index 9294273..8cc5601 100644
|
|
--- a/g10/getkey.c
|
|
+++ b/g10/getkey.c
|
|
@@ -1276,13 +1276,19 @@ parse_key_usage (PKT_signature * sig)
|
|
|
|
if (flags)
|
|
key_usage |= PUBKEY_USAGE_UNKNOWN;
|
|
+
|
|
+ if (!key_usage)
|
|
+ key_usage |= PUBKEY_USAGE_NONE;
|
|
}
|
|
+ else if (p) /* Key flags of length zero. */
|
|
+ key_usage |= PUBKEY_USAGE_NONE;
|
|
|
|
/* We set PUBKEY_USAGE_UNKNOWN to indicate that this key has a
|
|
capability that we do not handle. This serves to distinguish
|
|
between a zero key usage which we handle as the default
|
|
capabilities for that algorithm, and a usage that we do not
|
|
- handle. */
|
|
+ handle. Likewise we use PUBKEY_USAGE_NONE to indicate that
|
|
+ key_flags have been given but they do not specify any usage. */
|
|
|
|
return key_usage;
|
|
}
|
|
diff --git a/include/cipher.h b/include/cipher.h
|
|
index 191e197..557ab70 100644
|
|
--- a/include/cipher.h
|
|
+++ b/include/cipher.h
|
|
@@ -54,9 +54,14 @@
|
|
|
|
#define PUBKEY_USAGE_SIG GCRY_PK_USAGE_SIGN /* Good for signatures. */
|
|
#define PUBKEY_USAGE_ENC GCRY_PK_USAGE_ENCR /* Good for encryption. */
|
|
-#define PUBKEY_USAGE_CERT GCRY_PK_USAGE_CERT /* Also good to certify keys. */
|
|
+#define PUBKEY_USAGE_CERT GCRY_PK_USAGE_CERT /* Also good to certify keys.*/
|
|
#define PUBKEY_USAGE_AUTH GCRY_PK_USAGE_AUTH /* Good for authentication. */
|
|
#define PUBKEY_USAGE_UNKNOWN GCRY_PK_USAGE_UNKN /* Unknown usage flag. */
|
|
+#define PUBKEY_USAGE_NONE 256 /* No usage given. */
|
|
+#if (GCRY_PK_USAGE_SIGN | GCRY_PK_USAGE_ENCR | GCRY_PK_USAGE_CERT \
|
|
+ | GCRY_PK_USAGE_AUTH | GCRY_PK_USAGE_UNKN) >= 256
|
|
+# error Please choose another value for PUBKEY_USAGE_NONE
|
|
+#endif
|
|
|
|
#define DIGEST_ALGO_MD5 /* 1 */ GCRY_MD_MD5
|
|
#define DIGEST_ALGO_SHA1 /* 2 */ GCRY_MD_SHA1
|
|
--
|
|
1.7.2.5
|
|
|