[Pkg-gnupg-commit] [gnupg2] 41/205: gpg: Split the function check_signature_end.

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed May 11 08:38:13 UTC 2016 

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch experimental
in repository gnupg2.

commit ac5aea95455372145f3f06df2b4c1584d759d660
Author: Neal H. Walfield <neal at g10code.com>
Date:   Fri Feb 19 14:10:09 2016 +0100

    gpg: Split the function check_signature_end.
    
    * g10/sig-check.c (check_signature_end): Break the basic signature
    check into...
    (check_signature_end_simple): ... this new function.
    
    --
    Signed-off-by: Neal H. Walfield <neal at g10code.com>
---
 g10/sig-check.c | 28 +++++++++++++++++++++++-----
 1 file changed, 23 insertions(+), 5 deletions(-)

diff --git a/g10/sig-check.c b/g10/sig-check.c
index 292adb9..262afed 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -40,6 +40,9 @@ static int check_signature_end (PKT_public_key *pk, PKT_signature *sig,
 				int *r_expired, int *r_revoked,
 				PKT_public_key *ret_pk);
 
+static int check_signature_end_simple (PKT_public_key *pk, PKT_signature *sig,
+                                       gcry_md_hd_t digest);
+
 /* Check a signature.  This is shorthand for check_signature2 with
    the unnamed arguments passed as NULL.  */
 int
@@ -376,14 +379,32 @@ check_signature_end (PKT_public_key *pk, PKT_signature *sig,
 		     gcry_md_hd_t digest,
 		     int *r_expired, int *r_revoked, PKT_public_key *ret_pk)
 {
-    gcry_mpi_t result = NULL;
     int rc = 0;
-    const struct weakhash *weak;
 
     if ((rc = check_signature_metadata_validity (pk, sig,
 						 r_expired, r_revoked)))
         return rc;
 
+    if ((rc = check_signature_end_simple (pk, sig, digest)))
+      return rc;
+
+    if(!rc && ret_pk)
+      copy_public_key(ret_pk,pk);
+
+    return rc;
+}
+
+/* This function is similar to check_signature_end, but it only checks
+   whether the signature was generated by PK.  It does not check
+   expiration, revocation, etc.  */
+static int
+check_signature_end_simple (PKT_public_key *pk, PKT_signature *sig,
+                            gcry_md_hd_t digest)
+{
+    gcry_mpi_t result = NULL;
+    int rc = 0;
+    const struct weakhash *weak;
+
     if (!opt.flags.allow_weak_digest_algos)
       for (weak = opt.weak_digests; weak; weak = weak->next)
         if (sig->digest_algo == weak->algo)
@@ -453,9 +474,6 @@ check_signature_end (PKT_public_key *pk, PKT_signature *sig,
 	rc = GPG_ERR_BAD_SIGNATURE;
       }
 
-    if(!rc && ret_pk)
-      copy_public_key(ret_pk,pk);
-
     return rc;
 }
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git

More information about the Pkg-gnupg-commit mailing list