Reject subkeys with no key flags and no primary key binding certificate

Closes #899
This commit is contained in:
Vincent Breitmoser 2014-09-28 03:34:25 +02:00
parent 1a2ec1eb32
commit 1c3d0a58ea

View File

@ -616,16 +616,26 @@ public class UncachedKeyRing {
continue;
}
boolean needsPrimaryBinding = false;
// if this certificate says it allows signing for the key
if (zert.getHashedSubPackets() != null &&
zert.getHashedSubPackets().hasSubpacket(SignatureSubpacketTags.KEY_FLAGS)) {
int flags = ((KeyFlags) zert.getHashedSubPackets()
.getSubpacket(SignatureSubpacketTags.KEY_FLAGS)).getFlags();
if ((flags & PGPKeyFlags.CAN_SIGN) == PGPKeyFlags.CAN_SIGN) {
needsPrimaryBinding = true;
}
} else {
// If there are no key flags, we STILL require this because the key can sign!
needsPrimaryBinding = true;
}
// If this key can sign, it MUST have a primary key binding certificate
if (needsPrimaryBinding) {
boolean ok = false;
// it MUST have an embedded primary key binding signature
try {
if (zert.getUnhashedSubPackets() != null) try {
// Check all embedded signatures, if any of them fits
PGPSignatureList list = zert.getUnhashedSubPackets().getEmbeddedSignatures();
for (int i = 0; i < list.size(); i++) {
WrappedSignature subsig = new WrappedSignature(list.get(i));
@ -653,8 +663,6 @@ public class UncachedKeyRing {
}
}
}
// if we already have a cert, and this one is older: skip it
if (selfCert != null && cert.getCreationTime().before(selfCert.getCreationTime())) {
log.add(LogType.MSG_KC_SUB_DUP, indent);