From f16113d6d2dd7f6bccc4bf10a4f87af1615acea1 Mon Sep 17 00:00:00 2001
From: "Neal H. Walfield" <neal@gnu.org>
Date: Tue, 8 Jun 2021 13:42:59 +0200
Subject: [PATCH 1/2] Show information about a PGP key only if we have a strong
 match.

  - OpenPGP is a packet-based format with little information at fixed
    offsets.

  - Currently, we print out interesting fields as we encounter them.
    Unfortunately, the certificate type (public or secret) is the
    first field.  Thus, we've matched less than a byte of data before
    we print something, which results in false positives.

  - Delay printing this information until we've matched on the
    packet's type, sanity checked its size, its version field, and its
    creation time.

  - Note: because we use functions ('use' and 'name') we are not able
    to access the first byte of the file, and thus can no longer
    indicate whether the key is a public or a private key.

  - See: https://bugs.astron.com/view.php?id=266
---
 magic/Magdir/pgp-binary-keys | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/magic/Magdir/pgp-binary-keys b/magic/Magdir/pgp-binary-keys
index 1ce76d90..20e10aaa 100644
--- a/magic/Magdir/pgp-binary-keys
+++ b/magic/Magdir/pgp-binary-keys
@@ -160,16 +160,16 @@
 # The first packet has to be a public key or a secret key.
 #
 # New-Style Public Key
-0	ubyte			=0xC6	OpenPGP Public Key
+0	ubyte			=0xC6
 >&0	use			primary_key_length_new
 # New-Style Secret Key
-0	ubyte			=0xC5	OpenPGP Secret Key
+0	ubyte			=0xC5
 >&0	use			primary_key_length_new
 # Old-Style Public Key
-0	ubyte&0xFC		=0x98	OpenPGP Public Key
+0	ubyte&0xFC		=0x98
 >&-1	use			primary_key_length_old
 # Old-Style Secret Key
-0	ubyte&0xFC		=0x94	OpenPGP Secret Key
+0	ubyte&0xFC		=0x94
 >&-1	use			primary_key_length_old
 
 # Parse the length, check the packet's body and finally advance to the
@@ -228,10 +228,12 @@
 # key format in a decade or so :D.
 >&0		ubyte		>1
 >>&-1		ubyte		<8
->>>&-1		byte		x		Version %d
 # Check that keys were created after 1990.
 # (1990 - 1970) * 365.2524 * 24 * 60 * 60 = 631156147
->>>&0		bedate		>631156147      \b, Created %s
+>>>&0		bedate		>631156147
+>>>>0		ubyte		x	OpenPGP Key
+>>>>&-5		byte		x	Version %d
+>>>>&-4		bedate		x	\b, Created %s
 >>>>&-5		ubyte		>3
 >>>>>&4		use		pgp_binary_key_algo
 >>>>&-5		ubyte		<4
-- 
2.20.1