Browse Source

pgg_key_revoke takes both secure public key as parameters, and add revocation signature to both of them. Fixed pgp_filter_keys_fileread, which wasn't initializing cbinfo->io, segfaulting when trying to print an error

master
Edouard Tisserant 7 years ago
parent
commit
dd43fa3a92
6 changed files with 24 additions and 29 deletions
  1. +8
    -6
      dist/src/lib/keyring.c
  2. +2
    -2
      dist/src/lib/keyring.h
  3. +4
    -3
      dist/src/lib/netpgp.c
  4. +0
    -2
      dist/src/lib/openssl_crypto.c
  5. +9
    -15
      dist/src/lib/validate.c
  6. +1
    -1
      dist/src/lib/validate.h

+ 8
- 6
dist/src/lib/keyring.c View File

@ -863,7 +863,7 @@ pgp_add_selfsigned_userid(pgp_key_t *key, uint8_t *userid)
}
unsigned
pgp_key_revoke(pgp_key_t *key, uint8_t code, const char *reason)
pgp_key_revoke(pgp_key_t *skey, pgp_key_t *pkey, uint8_t code, const char *reason)
{
pgp_create_sig_t *sig;
pgp_subpacket_t sigpacket;
@ -872,21 +872,22 @@ pgp_key_revoke(pgp_key_t *key, uint8_t code, const char *reason)
sig = pgp_create_sig_new();
pgp_sig_start_key_rev(
sig, &key->key.seckey.pubkey,
sig, &skey->key.seckey.pubkey,
PGP_SIG_REV_KEY);
pgp_add_time(sig, (int64_t)time(NULL), "birth");
pgp_add_issuer_keyid(sig, key->pubkeyid);
pgp_add_issuer_keyid(sig, skey->pubkeyid);
pgp_add_revocation_reason(sig, code, reason);
pgp_end_hashed_subpkts(sig);
pgp_setup_memory_write(&sigoutput, &mem_sig, 128);
pgp_write_sig(sigoutput, sig, &key->key.seckey.pubkey, &key->key.seckey);
pgp_write_sig(sigoutput, sig, &skey->key.seckey.pubkey, &skey->key.seckey);
sigpacket.length = pgp_mem_len(mem_sig);
sigpacket.raw = pgp_mem_data(mem_sig);
pgp_add_directsig(key, &sigpacket, &sig->sig.info);
pgp_add_directsig(skey, &sigpacket, &sig->sig.info);
pgp_add_directsig(pkey, &sigpacket, &sig->sig.info);
/* cleanup */
pgp_create_sig_delete(sig);
@ -942,13 +943,14 @@ pgp_keydata_init(pgp_key_t *keydata, const pgp_content_enum type)
*/
unsigned
pgp_keyring_fileread(
pgp_keyring_fileread(pgp_io_t *io,
pgp_keyring_t *pubring,
pgp_keyring_t *secring,
const unsigned armour,
const char *filename)
{
return pgp_filter_keys_fileread(
io,
pubring,
secring,
NULL /*certring -> self cert */,


+ 2
- 2
dist/src/lib/keyring.h View File

@ -112,7 +112,7 @@ pgp_seckey_t *pgp_get_writable_seckey(pgp_key_t *);
// pgp_seckey_t *pgp_decrypt_seckey(const pgp_key_t *, void *);
unsigned
pgp_keyring_fileread(
pgp_keyring_fileread(pgp_io_t *io,
pgp_keyring_t *pubring,
pgp_keyring_t *secring,
const unsigned armour,
@ -222,6 +222,6 @@ pgp_key_find_uid_cond(
const pgp_key_rating_t pgp_key_get_rating(const pgp_key_t *key);
unsigned
pgp_key_revoke(pgp_key_t *key, uint8_t code, const char *reason);
pgp_key_revoke(pgp_key_t *skey, pgp_key_t *pkey, uint8_t code, const char *reason);
#endif /* KEYRING_H_ */

+ 4
- 3
dist/src/lib/netpgp.c View File

@ -234,7 +234,7 @@ readkeyring(netpgp_t *netpgp,
(void) snprintf(f, sizeof(f), "%s/%s.gpg", homedir, name);
filename = f;
}
if (!pgp_keyring_fileread(pubring, secring, noarmor, filename)) {
if (!pgp_keyring_fileread(netpgp->io, pubring, secring, noarmor, filename)) {
(void) fprintf(stderr, "Can't read %s %s\n", name, filename);
return 0;
}
@ -1246,6 +1246,7 @@ netpgp_import_key(netpgp_t *netpgp, char *f)
io = netpgp->io;
realarmor = isarmoured(io, f, NULL, IMPORT_ARMOR_HEAD);
done = pgp_keyring_fileread(
io,
netpgp->pubring,
netpgp->secring,
realarmor, f);
@ -1840,7 +1841,7 @@ netpgp_list_packets(netpgp_t *netpgp, char *f, int armor, char *pubringname)
(void) fprintf(io->errs, "netpgp_list_packets: bad alloc\n");
return 0;
}
if (!pgp_keyring_fileread(keyring, NULL, noarmor, pubringname)) {
if (!pgp_keyring_fileread(io, keyring, NULL, noarmor, pubringname)) {
free(keyring);
(void) fprintf(io->errs, "Cannot read pub keyring %s\n",
pubringname);
@ -2031,7 +2032,7 @@ netpgp_write_sshkey(netpgp_t *netpgp, char *s, const char *userid, char *out, si
(void) fprintf(stderr, "netpgp_save_sshpub: bad alloc 2\n");
goto done;
}
if (!pgp_keyring_fileread(netpgp->pubring = keyring, NULL, 1, f)) {
if (!pgp_keyring_fileread(io, netpgp->pubring = keyring, NULL, 1, f)) {
(void) fprintf(stderr, "can't import key\n");
goto done;
}


+ 0
- 2
dist/src/lib/openssl_crypto.c View File

@ -712,9 +712,7 @@ pgp_rsa_generate_keypair(pgp_key_t *keydata,
seckey->pubkey.alg = PGP_PKA_RSA;
seckey->pubkey.key.rsa.n = BN_dup(rsa->n);
printf("RSA N %p %d\n", seckey->pubkey.key.rsa.n, BN_num_bits(seckey->pubkey.key.rsa.n));
seckey->pubkey.key.rsa.e = BN_dup(rsa->e);
printf("RSA E %p %d\n", seckey->pubkey.key.rsa.e, BN_num_bits(seckey->pubkey.key.rsa.e));
/* seckey->s2k_usage = PGP_S2KU_ENCRYPTED_AND_HASHED; */
seckey->s2k_usage = PGP_S2KU_NONE;


+ 9
- 15
dist/src/lib/validate.c View File

@ -837,6 +837,7 @@ static pgp_cb_ret_t key_filter_cb (
unsigned
pgp_filter_keys_fileread(
pgp_io_t *io,
pgp_keyring_t *destpubring,
pgp_keyring_t *destsecring,
pgp_keyring_t *certring,
@ -857,27 +858,19 @@ pgp_filter_keys_fileread(
filter.destpubring = destpubring;
filter.destsecring = destsecring;
stream = pgp_new(sizeof(*stream));
pgp_parse_options(stream, PGP_PTAG_SS_ALL, PGP_PARSE_PARSED);
fd = pgp_setup_file_read(io,
&stream,filename,
&vdata,
pgp_validate_key_cb,
1);
#ifdef O_BINARY
fd = open(filename, O_RDONLY | O_BINARY);
#else
fd = open(filename, O_RDONLY);
#endif
if (fd < 0) {
pgp_stream_delete(stream);
perror(filename);
return 0;
}
#ifdef USE_MMAP_FOR_FILES
pgp_reader_set_mmap(stream, fd);
#else
pgp_reader_set_fd(stream, fd);
#endif
pgp_set_callback(stream, pgp_validate_key_cb, &vdata);
stream->readinfo.accumulate = 1;
pgp_parse_options(stream, PGP_PTAG_SS_ALL, PGP_PARSE_PARSED);
if (armour) {
pgp_reader_push_dearmour(stream);
@ -904,7 +897,8 @@ pgp_filter_keys_fileread(
}
unsigned
pgp_filter_keys_from_mem(pgp_io_t *io,
pgp_filter_keys_from_mem(
pgp_io_t *io,
pgp_keyring_t *destpubring,
pgp_keyring_t *destsecring,
pgp_keyring_t *certring,


+ 1
- 1
dist/src/lib/validate.h View File

@ -131,7 +131,7 @@ pgp_cb_ret_t validate_data_cb(const pgp_packet_t *, pgp_cbdata_t *);
void pgp_free_sig_info(pgp_sig_info_t *);
unsigned
pgp_filter_keys_fileread(
pgp_filter_keys_fileread(pgp_io_t *io,
pgp_keyring_t *destpubring,
pgp_keyring_t *destsecring,
pgp_keyring_t *certring,


Loading…
Cancel
Save