diff options
| author | Simon Josefsson <simon@josefsson.org> | 2008-04-03 09:47:57 +0200 |
|---|---|---|
| committer | Simon Josefsson <simon@josefsson.org> | 2008-04-03 09:47:57 +0200 |
| commit | 33aad4c7525dff15eda2b4a2fab4b1556b5ad3b9 (patch) | |
| tree | c33104eb92e02e352daf1a79b18a2b1d5cc15a47 /lib | |
| parent | 117152d4c91e1c01055eedada1412ec763e5196b (diff) | |
| parent | 4639e07432cd8a2aee7fac6661a5d0191e7848e5 (diff) | |
| download | gnutls-33aad4c7525dff15eda2b4a2fab4b1556b5ad3b9.tar.gz | |
Merge branch 'master' of ssh://jas@git.sv.gnu.org/srv/git/gnutls
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/gnutls_errors.c | 3 | ||||
| -rw-r--r-- | lib/openpgp/openpgp_int.h | 2 | ||||
| -rw-r--r-- | lib/openpgp/output.c | 20 | ||||
| -rw-r--r-- | lib/openpgp/pgp.c | 28 | ||||
| -rw-r--r-- | lib/openpgp/privkey.c | 20 |
5 files changed, 44 insertions, 29 deletions
diff --git a/lib/gnutls_errors.c b/lib/gnutls_errors.c index a0c1546876..707fc00e1b 100644 --- a/lib/gnutls_errors.c +++ b/lib/gnutls_errors.c @@ -200,7 +200,8 @@ static const gnutls_error_entry error_algorithms[] = { ERROR_ENTRY (N_("The tasn1 library version is too old."), GNUTLS_E_INCOMPATIBLE_LIBTASN1_LIBRARY, 1), - + ERROR_ENTRY (N_("The OpenPGP User ID is revoked."), + GNUTLS_E_OPENPGP_UID_REVOKED, 1), ERROR_ENTRY (N_("Error loading the keyring."), GNUTLS_E_OPENPGP_KEYRING_ERROR, 1), ERROR_ENTRY (N_("The initialization of LZO has failed."), diff --git a/lib/openpgp/openpgp_int.h b/lib/openpgp/openpgp_int.h index 2030d38371..6175743718 100644 --- a/lib/openpgp/openpgp_int.h +++ b/lib/openpgp/openpgp_int.h @@ -40,7 +40,7 @@ int _gnutls_map_cdk_rc (int rc); int _gnutls_openpgp_export (cdk_kbnode_t node, gnutls_openpgp_crt_fmt_t format, - void *output_data, size_t * output_data_size); + void *output_data, size_t * output_data_size, int private); int _gnutls_openpgp_crt_to_gcert (gnutls_cert * gcert, gnutls_openpgp_crt_t cert); diff --git a/lib/openpgp/output.c b/lib/openpgp/output.c index 0dc7759d99..c9ce42e1f0 100644 --- a/lib/openpgp/output.c +++ b/lib/openpgp/output.c @@ -162,7 +162,9 @@ print_key_revoked (gnutls_string * str, gnutls_openpgp_crt_t cert, int idx) err = gnutls_openpgp_crt_get_subkey_revoked_status( cert, idx); if (err != 0) - addf (str, "Revoked: True"); + addf (str, "\tRevoked: True\n"); + else + addf (str, "\tRevoked: False\n"); } static void @@ -293,7 +295,9 @@ print_cert (gnutls_string * str, gnutls_openpgp_crt_t cert, unsigned int format) int i, subkeys; int err; char dn[1024]; -size_t dn_size = sizeof (dn); +size_t dn_size; + + print_key_revoked( str, cert, -1); /* Version. */ { @@ -312,16 +316,19 @@ size_t dn_size = sizeof (dn); /* Names. */ i = 0; do { - + dn_size = sizeof(dn); err = gnutls_openpgp_crt_get_name (cert, i++, dn, &dn_size); - if (err < 0 && err != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) { - addf (str, "error: get_name: %s\n", gnutls_strerror (err)); + if (err < 0 && err != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE && err != GNUTLS_E_OPENPGP_UID_REVOKED) { + addf (str, "error: get_name: %s %d\n", gnutls_strerror (err), err); break; } if (err >= 0) addf (str, _("\tName[%d]: %s\n"), i-1, dn); + else if (err == GNUTLS_E_OPENPGP_UID_REVOKED) { + addf (str, _("\tRevoked Name[%d]: %s\n"), i-1, dn); + } } while( err >= 0); @@ -329,7 +336,6 @@ size_t dn_size = sizeof (dn); print_key_info( str, cert, -1); print_key_usage( str, cert, -1); - print_key_revoked( str, cert, -1); subkeys = gnutls_openpgp_crt_get_subkey_count( cert); if (subkeys < 0) @@ -338,11 +344,11 @@ size_t dn_size = sizeof (dn); for (i=0;i<subkeys;i++) { addf( str, _("\n\tSubkey[%d]:\n"), i); + print_key_revoked( str, cert, i); print_key_id( str, cert, i); print_key_times( str, cert, i); print_key_info( str, cert, i); print_key_usage( str, cert, i); - print_key_revoked( str, cert, i); } } diff --git a/lib/openpgp/pgp.c b/lib/openpgp/pgp.c index 8520d3ce6b..2646d0fe8a 100644 --- a/lib/openpgp/pgp.c +++ b/lib/openpgp/pgp.c @@ -123,7 +123,7 @@ gnutls_openpgp_crt_import (gnutls_openpgp_crt_t key, */ int _gnutls_openpgp_export (cdk_kbnode_t node, gnutls_openpgp_crt_fmt_t format, - void *output_data, size_t * output_data_size) + void *output_data, size_t * output_data_size, int private) { size_t input_data_size = *output_data_size; size_t calc_size; @@ -153,7 +153,7 @@ int _gnutls_openpgp_export (cdk_kbnode_t node, /* Calculate the size of the encoded data and check if the provided buffer is large enough. */ rc = cdk_armor_encode_buffer (in, *output_data_size, - NULL, 0, &calc_size, CDK_ARMOR_PUBKEY); + NULL, 0, &calc_size, private?CDK_ARMOR_SECKEY:CDK_ARMOR_PUBKEY); if (rc || calc_size > input_data_size) { cdk_free (in); @@ -164,7 +164,7 @@ int _gnutls_openpgp_export (cdk_kbnode_t node, rc = cdk_armor_encode_buffer (in, *output_data_size, output_data, input_data_size, &calc_size, - CDK_ARMOR_PUBKEY); + private?CDK_ARMOR_SECKEY:CDK_ARMOR_PUBKEY); cdk_free (in); *output_data_size = calc_size; } @@ -192,7 +192,7 @@ gnutls_openpgp_crt_export (gnutls_openpgp_crt_t key, gnutls_openpgp_crt_fmt_t format, void *output_data, size_t * output_data_size) { - return _gnutls_openpgp_export( key->knode, format, output_data, output_data_size); + return _gnutls_openpgp_export( key->knode, format, output_data, output_data_size, 0); } @@ -356,8 +356,11 @@ gnutls_openpgp_crt_get_pk_algorithm (gnutls_openpgp_crt_t key, int algo; if (!key) - return GNUTLS_PK_UNKNOWN; - + { + gnutls_assert(); + return GNUTLS_PK_UNKNOWN; + } + algo = 0; pkt = cdk_kbnode_find_packet (key->knode, CDK_PKT_PUBLIC_KEY); if (pkt) @@ -788,7 +791,10 @@ gnutls_openpgp_crt_get_subkey_pk_algorithm (gnutls_openpgp_crt_t key, int algo; if (!key) - return GNUTLS_PK_UNKNOWN; + { + gnutls_assert(); + return GNUTLS_PK_UNKNOWN; + } pkt = _get_public_subkey( key, idx); @@ -797,13 +803,7 @@ gnutls_openpgp_crt_get_subkey_pk_algorithm (gnutls_openpgp_crt_t key, { if (bits) *bits = cdk_pk_get_nbits (pkt->pkt.public_key); - algo = pkt->pkt.public_key->pubkey_algo; - if (is_RSA (algo)) - algo = GNUTLS_PK_RSA; - else if (is_DSA (algo)) - algo = GNUTLS_PK_DSA; - else - algo = GNUTLS_E_UNKNOWN_PK_ALGORITHM; + algo = _gnutls_openpgp_get_algo(pkt->pkt.public_key->pubkey_algo); } return algo; diff --git a/lib/openpgp/privkey.c b/lib/openpgp/privkey.c index fa5c8fd5ba..aa9c82be04 100644 --- a/lib/openpgp/privkey.c +++ b/lib/openpgp/privkey.c @@ -146,7 +146,7 @@ gnutls_openpgp_privkey_export (gnutls_openpgp_privkey_t key, void *output_data, size_t * output_data_size) { /* FIXME for now we do not export encrypted keys */ - return _gnutls_openpgp_export( key->knode, format, output_data, output_data_size); + return _gnutls_openpgp_export( key->knode, format, output_data, output_data_size, 1); } @@ -174,7 +174,10 @@ gnutls_openpgp_privkey_get_pk_algorithm (gnutls_openpgp_privkey_t key, int algo; if (!key) - return GNUTLS_PK_UNKNOWN; + { + gnutls_assert(); + return GNUTLS_PK_UNKNOWN; + } algo = 0; pkt = cdk_kbnode_find_packet (key->knode, CDK_PKT_SECRET_KEY); @@ -196,8 +199,10 @@ int algo; algo = GNUTLS_PK_RSA; else if (is_DSA (cdk_algo)) algo = GNUTLS_PK_DSA; - else + else { + _gnutls_x509_log("Unknown OpenPGP algorithm %d\n", cdk_algo); algo = GNUTLS_PK_UNKNOWN; + } return algo; } @@ -416,7 +421,10 @@ gnutls_openpgp_privkey_get_subkey_pk_algorithm (gnutls_openpgp_privkey_t key, int algo; if (!key) - return GNUTLS_PK_UNKNOWN; + { + gnutls_assert(); + return GNUTLS_PK_UNKNOWN; + } pkt = _get_secret_subkey( key, idx); @@ -759,8 +767,8 @@ int _get_sk_dsa_raw(gnutls_openpgp_privkey_t pkey, gnutls_openpgp_keyid_t keyid, } KEYID_IMPORT(kid32, keyid); - - pkt = _gnutls_openpgp_find_key( pkey->knode, kid32, 0); + + pkt = _gnutls_openpgp_find_key( pkey->knode, kid32, 1); if (pkt == NULL) { gnutls_assert(); |