[Winpt-commits] r286 - in trunk: . Src

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Fri Mar 9 20:34:18 CET 2007 

Author: twoaday
Date: 2007-03-09 20:34:17 +0100 (Fri, 09 Mar 2007)
New Revision: 286

Modified:
   trunk/NEWS
   trunk/Src/ChangeLog
   trunk/Src/wptClipDecryptDlg.cpp
   trunk/Src/wptClipImportDlg.cpp
   trunk/Src/wptKeyserverDlg.cpp
   trunk/Src/wptVerifyList.cpp
Log:
First part of the patch to fix the v3 verify problem.



Modified: trunk/NEWS
===================================================================
--- trunk/NEWS	2007-03-09 12:01:21 UTC (rev 285)
+++ trunk/NEWS	2007-03-09 19:34:17 UTC (rev 286)
@@ -983,3 +983,7 @@
   
 * Replace most of the printf code with a generic, dynamic string buffer
   code which avoids memory leaks and possible buffer overflows.
+
+* Correct verify code in case that an old (version 3) RSA key has
+  been used because the shown key ID was wrong.
+  
\ No newline at end of file

Modified: trunk/Src/ChangeLog
===================================================================
--- trunk/Src/ChangeLog	2007-03-09 12:01:21 UTC (rev 285)
+++ trunk/Src/ChangeLog	2007-03-09 19:34:17 UTC (rev 286)
@@ -1,3 +1,13 @@
+2007-03-09  Timo Schulz  <twoaday at gmx.net>
+
+	* wptClipImportDlg.cpp (print_import_status): Use the fingerprint
+	instead of the key ID to avoid problems with v3 keys.
+	* wptClipDecryptDlg.cpp (verify_get_clip_info): Use key ID
+	in case of v3 keys. Noted by Raphael
+	(verify_show_signature_state): Likewise.
+	* wptVerifyList.cpp (verlist_add_sig_log): Likewise.
+	(verlist_add_sig): Likewise.
+	   
 2006-12-30  Timo Schulz  <twoaday at freakmail.de>
 
         * StringBuffer.cpp (StringBuffer): New.

Modified: trunk/Src/wptClipDecryptDlg.cpp
===================================================================
--- trunk/Src/wptClipDecryptDlg.cpp	2007-03-09 12:01:21 UTC (rev 285)
+++ trunk/Src/wptClipDecryptDlg.cpp	2007-03-09 19:34:17 UTC (rev 286)
@@ -1,5 +1,5 @@
 /* wptClipDecryptDlg.cpp - Clipboard decryption
- *	Copyright (C) 2000-2006 Timo Schulz
+ *	Copyright (C) 2000-2007 Timo Schulz
  *	Copyright (C) 2005 g10 Code GmbH
  *
  * This file is part of WinPT.
@@ -130,7 +130,7 @@
 		         "*** Signer: %s (0x%s)\r\n"
 		         "*** BEGIN PGP DECRYPTED TEXT ***\r\n");
     const char *foot = _("\r\n*** END PGP DECRYPTED TEXT ***");
-    const char *stat, *ot, *uid;    
+    const char *stat, *ot, *uid, *keyid;
     char made[128], ver[128];
     char *p;
 
@@ -153,7 +153,15 @@
 		 strlen (uid) + 1];
     if (!p)
 	BUG (0);
-    sprintf (p, head, made, ver, ot, stat, uid, get_keyid_from_fpr (sig->fpr));
+    if (strlen (sig->fpr) == 32) { /* RSA:MD5 */
+	if (pk.ext != NULL)
+	    keyid = pk.ext->key->subkeys->keyid+8;
+	else
+	    keyid = sig->fpr; /* show the fingerprint in case of problems. */
+    }
+    else
+	keyid = get_keyid_from_fpr (sig->fpr);
+    sprintf (p, head, made, ver, ot, stat, uid, keyid);
     *r_header = p;
     *r_footer = m_strdup (foot);
 }
@@ -171,9 +179,8 @@
 
     assert (sig->fpr != NULL);
 	
-    keyid = get_keyid_from_fpr (sig->fpr);
     memset (&key, 0, sizeof (key));
-    if (!winpt_get_pubkey (keyid, &key)) {
+    if (!winpt_get_pubkey (sig->fpr, &key)) {
 	s = verify_get_key_ownertrust (key.ctx->owner_trust, &novalid);
 	uid = key.ext->uids->uid;	
     }
@@ -185,6 +192,15 @@
     if (!get_locale_timedate (sig->timestamp, timebuf, DIM (timebuf)-1))
 	_snprintf (timebuf, DIM (timebuf)-1, "'unknown time'");
 
+    if (strlen (sig->fpr) == 32) {
+	if (key.ctx != NULL)
+	    keyid = key.ctx->subkeys->keyid+8;
+	else
+	    keyid = sig->fpr; /* in case of problems show the fingerprint. */
+    }	
+    else
+	keyid = get_keyid_from_fpr (sig->fpr);
+    
     pka_info = get_pka_status (sig);
     log_box (_("Decrypt Verify"), novalid? MB_WARN : MB_OK, 
 	     _("%s\n"

Modified: trunk/Src/wptClipImportDlg.cpp
===================================================================
--- trunk/Src/wptClipImportDlg.cpp	2007-03-09 12:01:21 UTC (rev 285)
+++ trunk/Src/wptClipImportDlg.cpp	2007-03-09 19:34:17 UTC (rev 286)
@@ -1,5 +1,5 @@
 /* wptClipImportDlg.cpp - WinPT key import dialog
- *	Copyright (C) 2001-2006 Timo Schulz
+ *	Copyright (C) 2001-2007 Timo Schulz
  *	Copyright (C) 2005 g10 Code GmbH
  *
  * This file is part of WinPT.
@@ -13,10 +13,6 @@
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with WinPT; if not, write to the Free Software Foundation, 
- * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 #ifdef HAVE_CONFIG_H
 #include <config.h>
@@ -45,7 +41,6 @@
 print_import_status (gpgme_import_result_t res)
 {
     gpgme_import_status_t st;
-    const char *keyid;
     int new_keys = res->considered - res->unchanged;
 
     dialog_box_param (glob_hinst, (LPCSTR)IDD_WINPT_IMPORT_STAT, glob_hwnd,
@@ -55,8 +50,7 @@
 	for (st=res->imports; st; st=st->next) {
 	    if (st->status == 0) /* nothing changed */
 		continue;
-	    keyid = get_keyid_from_fpr (st->fpr);
-	    keycache_update (0, keyid);
+	    keycache_update (0, st->fpr);
 	}
     }
     return !(res->unchanged == res->considered);

Modified: trunk/Src/wptKeyserverDlg.cpp
===================================================================
--- trunk/Src/wptKeyserverDlg.cpp	2007-03-09 12:01:21 UTC (rev 285)
+++ trunk/Src/wptKeyserverDlg.cpp	2007-03-09 19:34:17 UTC (rev 286)
@@ -270,7 +270,8 @@
     const char *keyid;
     char timebuf[128];
     int id;
-
+    
+    // XXX: we have a problem with v3 keys here
     if (!sig->fpr)
 	return FALSE;
     if (!get_locale_timedate (sig->timestamp, timebuf, DIM (timebuf)-1))
@@ -295,6 +296,7 @@
     return -1;
 }
 
+
 /* Check if the given pattern are either a valid 
    email address, a {long, short} keyid or a fingerprint. 
    Return 0 on success. */

Modified: trunk/Src/wptVerifyList.cpp
===================================================================
--- trunk/Src/wptVerifyList.cpp	2007-03-09 12:01:21 UTC (rev 285)
+++ trunk/Src/wptVerifyList.cpp	2007-03-09 19:34:17 UTC (rev 286)
@@ -182,6 +182,26 @@
 }
 
 
+/* Handy function to extract the real key ID from a signature. */
+const char *
+sig_get_real_keyid (gpgme_signature_t sig, winpt_key_t key)
+{
+    const char *keyid;
+    
+     /* We still need an extra check for RSA:MD5 keys because we
+        cannot derrive the keyid directly from the fingerprint. */
+    if (strlen (sig->fpr) == 32) {
+	if (key->ext != NULL)
+	    keyid = key->ext->key->subkeys->keyid+8;
+	else /* show the fingerprint if the key is not in the keyring. */
+	    keyid = sig->fpr;
+    }
+    else
+	keyid = get_keyid_from_fpr (sig->fpr);
+    return keyid;
+}
+
+    
 /* Add the given signature in @sig to the verify control @lv.
    Return value: 0 on success. */
 int
@@ -222,7 +242,7 @@
     }
     listview_add_sub_item (lv, 0, VER_COL_TRUST, (char *)attr);
     
-    attr = get_keyid_from_fpr (sig->fpr);	
+    attr = sig_get_real_keyid (sig, &key);
     _snprintf (keyid, DIM (keyid) -1, "0x%s", attr);
     listview_add_sub_item (lv, 0, VER_COL_KEYID, keyid);
     
@@ -285,7 +305,8 @@
 	attr = _("Unknown");
     listview_add_sub_item (lv, 0, VER_COL_TRUST, attr);
 
-    attr = get_keyid_from_fpr (sig->fpr);
+
+    attr = sig_get_real_keyid (sig, &key);
     _snprintf (t, DIM (t)-1, "0x%s", attr);
     listview_add_sub_item (lv, 0, VER_COL_KEYID, t);
     listview_add_sub_item (lv, 0, VER_COL_UID,

More information about the Winpt-commits mailing list