diff options
| author | Werner Koch <wk@gnupg.org> | 2023-03-01 17:22:20 +0100 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2023-03-01 17:22:20 +0100 |
| commit | 3a18378a92af63f5bccbe78efa546acb04e8a0f8 (patch) | |
| tree | a373fb90df2102fd82f9a265353cf3afb8ef0b6c /g10/sign.c | |
| parent | agent: Show "no secret key" instead of "card removed". (diff) | |
| download | gnupg2-3a18378a92af63f5bccbe78efa546acb04e8a0f8.tar.xz gnupg2-3a18378a92af63f5bccbe78efa546acb04e8a0f8.zip | |
gpg: Allow adding of Additional Decryption Subkeys.
* g10/free-packet.c (copy_public_key): Factor some code out to ...
(copy_public_key_basics): new.
* g10/build-packet.c (build_sig_subpkt_from_sig): New arg signhints.
* g10/packet.h (PUBKEY_USAGE_RENC): Fix value.
(SIGNHINT_KEYSIG, SIGNHINT_SELFSIG): Moved from sign.c.
(SIGNHINT_ADSK): New.
(PKT_public_key): Change pubkey_usage from byte to u16.
(PKT_user_id): Cosmetic fix: change help_key_usage from int to u16.
* g10/getkey.c (parse_key_usage): Make public.
* g10/misc.c (openpgp_pk_algo_usage): Take PUBKEY_USAGE_RENC in
account.
* g10/sign.c (update_keysig_packet): Set SIGNHINT_ADSK.
(make_keysig_packet): Ditto.
(do_sign): No time warp check in ADSK mode.
* g10/sig-check.c (check_signature_metadata_validity): Ditto.
* g10/keygen.c (struct opaque_data_usage_and_pk): Remove.
(write_keybinding): Do not use the removed struct.
(do_add_key_flags): Support PUBKEY_USAGE_RENC and others.
(keygen_add_key_flags_and_expire): Rewrite and make public.
* g10/keyedit.c (enum cmdids): Add cmdADDADSK.
(keyedit_menu): Add command "addadsk".
(menu_addadsk): New.
--
This makes use of a new encryption flag:
The "restricted encryption key" (2nd,0x04) does not take part in any
automatic selection of encryption keys. It is only found on a
subkey signature (type 0x18), one that refers to the key the flag
applies to.
Followup patches will add encryption support and a --quick command.
GnuPG-bug-id: 6395
Diffstat (limited to '')
| -rw-r--r-- | g10/sign.c | 30 |
1 files changed, 18 insertions, 12 deletions
diff --git a/g10/sign.c b/g10/sign.c index a66410ebd..b5e9d422d 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -50,11 +50,6 @@ #endif -/* Bitflags to convey hints on what kind of signayire is created. */ -#define SIGNHINT_KEYSIG 1 -#define SIGNHINT_SELFSIG 2 - - /* Hack */ static int recipient_digest_algo; @@ -416,7 +411,10 @@ do_sign (ctrl_t ctrl, PKT_public_key *pksk, PKT_signature *sig, byte *dp; char *hexgrip; - if (pksk->timestamp > sig->timestamp ) + /* An ADSK key commonly has a creation date older than the primary + * key. For example because the ADSK is used as an archive key for + * a group of users. */ + if (pksk->timestamp > sig->timestamp && !(signhints & SIGNHINT_ADSK)) { ulong d = pksk->timestamp - sig->timestamp; log_info (ngettext("key %s was created %lu second" @@ -964,7 +962,7 @@ write_signature_packets (ctrl_t ctrl, if (gcry_md_copy (&md, hash)) BUG (); - build_sig_subpkt_from_sig (sig, pk); + build_sig_subpkt_from_sig (sig, pk, 0); mk_notation_policy_etc (ctrl, sig, NULL, pk); if (opt.flags.include_key_block && IS_SIG (sig)) err = mk_sig_subpkt_key_block (ctrl, sig, pk); @@ -1758,14 +1756,14 @@ sign_symencrypt_file (ctrl_t ctrl, const char *fname, strlist_t locusr) * * SIGCLASS is the type of signature to create. * - * DIGEST_ALGO is the digest algorithm. If it is 0 the function - * selects an appropriate one. - * * TIMESTAMP is the timestamp to use for the signature. 0 means "now" * * DURATION is the amount of time (in seconds) until the signature * expires. * + * If CACHED_NONCE is not NULL the agent may use it to avoid + * additional pinnetry popups for the same keyblock. + * * This function creates the following subpackets: issuer, created, * and expire (if duration is not 0). Additional subpackets can be * added using MKSUBPKT, which is called after these subpackets are @@ -1833,6 +1831,8 @@ make_keysig_packet (ctrl_t ctrl, { /* Hash the subkey binding/backsig/revocation. */ hash_public_key (md, subpk); + if ((subpk->pubkey_usage & PUBKEY_USAGE_RENC)) + signhints |= SIGNHINT_ADSK; } else if (sigclass != 0x1F && sigclass != 0x20) { @@ -1852,7 +1852,7 @@ make_keysig_packet (ctrl_t ctrl, sig->expiredate = sig->timestamp + duration; sig->sig_class = sigclass; - build_sig_subpkt_from_sig (sig, pksk); + build_sig_subpkt_from_sig (sig, pksk, signhints); mk_notation_policy_etc (ctrl, sig, pk, pksk); /* Crucial that the call to mksubpkt comes LAST before the calls @@ -1976,6 +1976,12 @@ update_keysig_packet (ctrl_t ctrl, } } + /* Detect an ADSK key binding signature. */ + if ((sig->sig_class == 0x18 + || sig->sig_class == 0x19 || sig->sig_class == 0x28) + && (pk->pubkey_usage & PUBKEY_USAGE_RENC)) + signhints |= SIGNHINT_ADSK; + /* Note that already expired sigs will remain expired (with a * duration of 1) since build-packet.c:build_sig_subpkt_from_sig * detects this case. */ @@ -1984,7 +1990,7 @@ update_keysig_packet (ctrl_t ctrl, * automagically lower any sig expiration dates to correctly * correspond to the differences in the timestamps (i.e. the * duration will shrink). */ - build_sig_subpkt_from_sig (sig, pksk); + build_sig_subpkt_from_sig (sig, pksk, signhints); if (mksubpkt) rc = (*mksubpkt)(sig, opaque); |