summaryrefslogtreecommitdiffstats
path: root/kbx/keybox-search.c
diff options
context:
space:
mode:
authorDamien Goutte-Gattat <dgouttegattat@incenp.org>2015-01-16 16:56:35 +0100
committerWerner Koch <wk@gnupg.org>2015-01-19 14:39:27 +0100
commitc5956592c171e6fe988e74161aa99636b7f12e4b (patch)
tree3f2fab50246b9b931abe80dd422d75d8b369e0a7 /kbx/keybox-search.c
parentRegister DCO for Damien Goutte-Gattat. (diff)
downloadgnupg2-c5956592c171e6fe988e74161aa99636b7f12e4b.tar.xz
gnupg2-c5956592c171e6fe988e74161aa99636b7f12e4b.zip
kbx: Call skipfnc callback to filter out keys
* kbx/keybox-search.c (blob_get_keyid): New. (keybox-search): Call skipfnc callback function. -- This patch (tentatively) fixes GnuPG-bug-id: 1794 The keybox_search function in kbx/keybox-search.c currently ignores the skipfnc callback, but the validate_key_list function in g10/trustdb.c uses such a callback to exclude ultimately trusted keys.
Diffstat (limited to '')
-rw-r--r--kbx/keybox-search.c33
1 files changed, 30 insertions, 3 deletions
diff --git a/kbx/keybox-search.c b/kbx/keybox-search.c
index 6e72d0bf2..2126ecec5 100644
--- a/kbx/keybox-search.c
+++ b/kbx/keybox-search.c
@@ -79,6 +79,30 @@ blob_get_blob_flags (KEYBOXBLOB blob)
}
+static int
+blob_get_keyid (KEYBOXBLOB blob, u32 *kid)
+{
+ const unsigned char *buffer;
+ size_t length, keyinfolen;
+
+ buffer = _keybox_get_blob_image (blob, &length);
+ if (length < 48)
+ return 0; /* blob too short */
+
+ if (buffer[4] != KEYBOX_BLOBTYPE_PGP)
+ return 0; /* don't know what to do with X.509 blobs */
+
+ keyinfolen = get16 (buffer + 18);
+ if (keyinfolen < 28)
+ return 0; /* invalid blob */
+
+ kid[0] = get32 (buffer + 32);
+ kid[1] = get32 (buffer + 36);
+
+ return 1;
+}
+
+
/* Return information on the flag WHAT within the blob BUFFER,LENGTH.
Return the offset and the length (in bytes) of the flag in
FLAGOFF,FLAG_SIZE. */
@@ -967,9 +991,12 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc,
*r_descindex = n;
for (n=any_skip?0:ndesc; n < ndesc; n++)
{
-/* if (desc[n].skipfnc */
-/* && desc[n].skipfnc (desc[n].skipfncvalue, aki, NULL)) */
-/* break; */
+ u32 kid[2];
+
+ if (desc[n].skipfnc
+ && blob_get_keyid (blob, kid)
+ && desc[n].skipfnc (desc[n].skipfncvalue, kid, NULL))
+ break;
}
if (n == ndesc)
break; /* got it */