security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

Made --fixed-list-mode obsolete.

Browse source
This commit is contained in:
Werner Koch 2008-06-11 08:07:54 +00:00
parent 5a788b9e00
commit 035c838f71
8 changed files with 343 additions and 380 deletions
Download patch file Download diff file Expand all files Collapse all files

641
g10/keylist.c
View file

@ -1,6 +1,6 @@
/* keylist.c - print keys
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003,
* 2004, 2005 Free Software Foundation, Inc.
* 2004, 2005, 2008 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@ -1062,366 +1062,323 @@ print_revokers(PKT_public_key *pk)
static void
list_keyblock_colon( KBNODE keyblock, int secret, int fpr )
{
int rc = 0;
KBNODE kbctx;
KBNODE node;
PKT_public_key *pk;
PKT_secret_key *sk;
u32 keyid[2];
int any=0;
int trustletter = 0;
int ulti_hack = 0;
int i;
int rc = 0;
KBNODE kbctx;
KBNODE node;
PKT_public_key *pk;
PKT_secret_key *sk;
u32 keyid[2];
int trustletter = 0;
int ulti_hack = 0;
int i;
/* get the keyid from the keyblock */
node = find_kbnode( keyblock, secret? PKT_SECRET_KEY : PKT_PUBLIC_KEY );
if( !node ) {
log_error("Oops; key lost!\n");
dump_kbnode( keyblock );
return;
/* get the keyid from the keyblock */
node = find_kbnode( keyblock, secret? PKT_SECRET_KEY : PKT_PUBLIC_KEY );
if ( !node )
{
log_error("Oops; key lost!\n");
dump_kbnode( keyblock );
return;
}
if( secret ) {
pk = NULL;
sk = node->pkt->pkt.secret_key;
keyid_from_sk( sk, keyid );
printf("sec::%u:%d:%08lX%08lX:%s:%s:::",
nbits_from_sk( sk ),
sk->pubkey_algo,
(ulong)keyid[0],(ulong)keyid[1],
colon_datestr_from_sk( sk ),
colon_strtime (sk->expiredate)
/* fixme: add LID here */ );
if ( secret )
{
pk = NULL;
sk = node->pkt->pkt.secret_key;
keyid_from_sk ( sk, keyid );
printf ("sec::%u:%d:%08lX%08lX:%s:%s:::",
nbits_from_sk( sk ),
sk->pubkey_algo,
(ulong)keyid[0],(ulong)keyid[1],
colon_datestr_from_sk( sk ),
colon_strtime (sk->expiredate)
/* fixme: add LID here */ );
}
else {
pk = node->pkt->pkt.public_key;
sk = NULL;
keyid_from_pk( pk, keyid );
fputs( "pub:", stdout );
if ( !pk->is_valid )
putchar ('i');
else if ( pk->is_revoked )
putchar ('r');
else if ( pk->has_expired )
putchar ('e');
else if ( opt.fast_list_mode || opt.no_expensive_trust_checks )
;
else {
trustletter = get_validity_info ( pk, NULL );
if( trustletter == 'u' )
ulti_hack = 1;
putchar(trustletter);
else
{
pk = node->pkt->pkt.public_key;
sk = NULL;
keyid_from_pk( pk, keyid );
fputs( "pub:", stdout );
if ( !pk->is_valid )
putchar ('i');
else if ( pk->is_revoked )
putchar ('r');
else if ( pk->has_expired )
putchar ('e');
else if ( opt.fast_list_mode || opt.no_expensive_trust_checks )
;
else
{
trustletter = get_validity_info ( pk, NULL );
if ( trustletter == 'u' )
ulti_hack = 1;
putchar(trustletter);
}
printf(":%u:%d:%08lX%08lX:%s:%s::",
nbits_from_pk( pk ),
pk->pubkey_algo,
(ulong)keyid[0],(ulong)keyid[1],
colon_datestr_from_pk( pk ),
colon_strtime (pk->expiredate) );
if( !opt.fast_list_mode && !opt.no_expensive_trust_checks )
putchar( get_ownertrust_info(pk) );
putchar(':');
printf (":%u:%d:%08lX%08lX:%s:%s::",
nbits_from_pk( pk ),
pk->pubkey_algo,
(ulong)keyid[0],(ulong)keyid[1],
colon_datestr_from_pk( pk ),
colon_strtime (pk->expiredate) );
if ( !opt.fast_list_mode && !opt.no_expensive_trust_checks )
putchar( get_ownertrust_info(pk) );
putchar(':');
}
if (opt.fixed_list_mode) {
/* do not merge the first uid with the primary key */
putchar(':');
putchar(':');
print_capabilities (pk, sk, keyblock);
if (secret) {
putchar (':');
putchar (':');
print_capabilities (pk, sk, keyblock);
if (secret)
{
putchar (':'); /* End of field 13. */
putchar (':'); /* End of field 14. */
if (sk->protect.s2k.mode == 1001)
putchar ('#'); /* Key is just a stub. */
else if (sk->protect.s2k.mode == 1002)
{
/* Key is stored on an external token (card) or handled by
the gpg-agent. Print the serial number of that token
here. */
for (i=0; i < sk->protect.ivlen; i++)
printf ("%02X", sk->protect.iv[i]);
}
putchar (':'); /* End of field 15. */
}
putchar('\n');
if (pk)
print_revokers (pk);
if (fpr)
print_fingerprint (pk, sk, 0);
if (opt.with_key_data)
print_key_data (pk);
for ( kbctx=NULL; (node=walk_kbnode( keyblock, &kbctx, 0)) ; )
{
if ( node->pkt->pkttype == PKT_USER_ID && !opt.fast_list_mode )
{
char *str;
PKT_user_id *uid=node->pkt->pkt.user_id;
if (attrib_fp && node->pkt->pkt.user_id->attrib_data != NULL)
dump_attribs (node->pkt->pkt.user_id,pk,sk);
/*
* Fixme: We need a is_valid flag here too
*/
str = uid->attrib_data? "uat":"uid";
/* If we're listing a secret key, leave out the validity
values for now. This is handled better in 1.9. */
if (sk)
printf ("%s:::::",str);
else if ( uid->is_revoked )
printf ("%s:r::::",str);
else if ( uid->is_expired )
printf ("%s:e::::",str);
else if ( opt.no_expensive_trust_checks )
printf ("%s:::::",str);
else
{
int uid_validity;
if ( pk && !ulti_hack )
uid_validity=get_validity_info (pk, uid);
else
uid_validity = 'u';
printf ("%s:%c::::",str,uid_validity);
}
printf ("%s:", colon_strtime (uid->created));
printf ("%s:", colon_strtime (uid->expiredate));
namehash_from_uid (uid);
for (i=0; i < 20; i++ )
printf ("%02X",uid->namehash[i]);
printf ("::");
if (uid->attrib_data)
printf ("%u %lu",uid->numattribs,uid->attrib_len);
else
print_string (stdout,uid->name,uid->len, ':' );
putchar (':');
putchar ('\n');
}
else if ( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
{
u32 keyid2[2];
PKT_public_key *pk2 = node->pkt->pkt.public_key;
keyid_from_pk ( pk2, keyid2 );
fputs ("sub:", stdout );
if ( !pk2->is_valid )
putchar ('i');
else if ( pk2->is_revoked )
putchar ('r');
else if ( pk2->has_expired )
putchar ('e');
else if ( opt.fast_list_mode || opt.no_expensive_trust_checks )
;
else
{
/* TRUSTLETTER should always be defined here. */
if (trustletter)
printf ("%c", trustletter );
}
printf(":%u:%d:%08lX%08lX:%s:%s:::::",
nbits_from_pk( pk2 ),
pk2->pubkey_algo,
(ulong)keyid2[0],(ulong)keyid2[1],
colon_datestr_from_pk( pk2 ),
colon_strtime (pk2->expiredate)
/* fixme: add LID and ownertrust here */
);
print_capabilities (pk2, NULL, NULL);
putchar ('\n');
if ( fpr > 1 )
print_fingerprint ( pk2, NULL, 0 );
if ( opt.with_key_data )
print_key_data( pk2 );
}
else if( node->pkt->pkttype == PKT_SECRET_SUBKEY )
{
u32 keyid2[2];
PKT_secret_key *sk2 = node->pkt->pkt.secret_key;
keyid_from_sk ( sk2, keyid2 );
printf ("ssb::%u:%d:%08lX%08lX:%s:%s:::::",
nbits_from_sk( sk2 ),
sk2->pubkey_algo,
(ulong)keyid2[0],(ulong)keyid2[1],
colon_datestr_from_sk( sk2 ),
colon_strtime (sk2->expiredate)
/* fixme: add LID */ );
print_capabilities (NULL, sk2, NULL);
putchar(':'); /* End of field 13. */
putchar(':'); /* End of field 14. */
if (sk->protect.s2k.mode == 1001)
putchar('#'); /* Key is just a stub. */
else if (sk->protect.s2k.mode == 1002) {
/* Key is stored on an external token (card) or handled by
the gpg-agent. Print the serial number of that token
here. */
for (i=0; i < sk->protect.ivlen; i++)
printf ("%02X", sk->protect.iv[i]);
}
if (sk2->protect.s2k.mode == 1001)
putchar ('#'); /* Key is just a stub. */
else if (sk2->protect.s2k.mode == 1002)
{
/* Key is stored on an external token (card) or handled by
the gpg-agent. Print the serial number of that token
here. */
for (i=0; i < sk2->protect.ivlen; i++)
printf ("%02X", sk2->protect.iv[i]);
}
putchar(':'); /* End of field 15. */
putchar ('\n');
if ( fpr > 1 )
print_fingerprint ( NULL, sk2, 0 );
}
putchar('\n');
if(pk)
print_revokers(pk);
if( fpr )
print_fingerprint( pk, sk, 0 );
if( opt.with_key_data )
print_key_data( pk );
any = 1;
}
else if ( opt.list_sigs && node->pkt->pkttype == PKT_SIGNATURE )
{
PKT_signature *sig = node->pkt->pkt.signature;
int sigrc,fprokay=0;
char *sigstr;
size_t fplen;
byte fparray[MAX_FINGERPRINT_LEN];
if ( sig->sig_class == 0x20 || sig->sig_class == 0x28
|| sig->sig_class == 0x30 )
sigstr = "rev";
else if ( (sig->sig_class&~3) == 0x10 )
sigstr = "sig";
else if ( sig->sig_class == 0x18 )
sigstr = "sig";
else if ( sig->sig_class == 0x1F )
sigstr = "sig";
else
{
printf ("sig::::::::::%02x%c:\n",
sig->sig_class, sig->flags.exportable?'x':'l');
continue;
}
for( kbctx=NULL; (node=walk_kbnode( keyblock, &kbctx, 0)) ; ) {
if( node->pkt->pkttype == PKT_USER_ID && !opt.fast_list_mode ) {
PKT_user_id *uid=node->pkt->pkt.user_id;
if(attrib_fp && node->pkt->pkt.user_id->attrib_data!=NULL)
dump_attribs(node->pkt->pkt.user_id,pk,sk);
/*
* Fixme: We need a is_valid flag here too
*/
if( any ) {
char *str=uid->attrib_data?"uat":"uid";
/* If we're listing a secret key, leave out the
validity values for now. This is handled better in
1.9. */
if ( sk )
printf("%s:::::",str);
else if ( uid->is_revoked )
printf("%s:r::::",str);
else if ( uid->is_expired )
printf("%s:e::::",str);
else if ( opt.no_expensive_trust_checks )
printf("%s:::::",str);
else {
int uid_validity;
if( pk && !ulti_hack )
uid_validity=get_validity_info (pk, uid);
else
uid_validity = 'u';
printf("%s:%c::::",str,uid_validity);
if ( opt.check_sigs )
{
PKT_public_key *signer_pk=NULL;
fflush (stdout);
if (opt.no_sig_cache)
signer_pk = xmalloc_clear (sizeof(PKT_public_key));
rc = check_key_signature2 ( keyblock, node, NULL, signer_pk,
NULL, NULL, NULL );
switch ( gpg_err_code (rc) )
{
case 0: sigrc = '!'; break;
case GPG_ERR_BAD_SIGNATURE: sigrc = '-'; break;
case GPG_ERR_NO_PUBKEY:
case GPG_ERR_UNUSABLE_PUBKEY: sigrc = '?'; break;
default: sigrc = '%'; break;
}
printf("%s:",colon_strtime(uid->created));
printf("%s:",colon_strtime(uid->expiredate));
namehash_from_uid(uid);
for(i=0; i < 20; i++ )
printf("%02X",uid->namehash[i]);
printf("::");
}
if(uid->attrib_data)
printf("%u %lu",uid->numattribs,uid->attrib_len);
else
print_string(stdout,uid->name,uid->len, ':' );
putchar(':');
if (any)
putchar('\n');
else {
putchar(':');
print_capabilities (pk, sk, keyblock);
putchar('\n');
if( fpr )
print_fingerprint( pk, sk, 0 );
if( opt.with_key_data )
print_key_data( pk );
any = 1;
}
}
else if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
u32 keyid2[2];
PKT_public_key *pk2 = node->pkt->pkt.public_key;
if( !any ) {
putchar(':');
putchar(':');
print_capabilities (pk, sk, keyblock);
putchar('\n');
if( fpr )
print_fingerprint( pk, sk, 0 ); /* of the main key */
any = 1;
}
keyid_from_pk( pk2, keyid2 );
fputs ("sub:", stdout );
if ( !pk2->is_valid )
putchar ('i');
else if ( pk2->is_revoked )
putchar ('r');
else if ( pk2->has_expired )
putchar ('e');
else if ( opt.fast_list_mode || opt.no_expensive_trust_checks )
;
else {
/* trustletter should always be defined here */
if(trustletter)
printf("%c", trustletter );
if (opt.no_sig_cache)
{
if (!rc)
{
fingerprint_from_pk (signer_pk, fparray, &fplen);
fprokay = 1;
}
free_public_key(signer_pk);
}
}
printf(":%u:%d:%08lX%08lX:%s:%s:::::",
nbits_from_pk( pk2 ),
pk2->pubkey_algo,
(ulong)keyid2[0],(ulong)keyid2[1],
colon_datestr_from_pk( pk2 ),
colon_strtime (pk2->expiredate)
/* fixme: add LID and ownertrust here */
);
print_capabilities (pk2, NULL, NULL);
putchar('\n');
if( fpr > 1 )
print_fingerprint( pk2, NULL, 0 );
if( opt.with_key_data )
print_key_data( pk2 );
}
else if( node->pkt->pkttype == PKT_SECRET_SUBKEY ) {
u32 keyid2[2];
PKT_secret_key *sk2 = node->pkt->pkt.secret_key;
if( !any ) {
putchar(':');
putchar(':');
print_capabilities (pk, sk, keyblock);
putchar('\n');
if( fpr )
print_fingerprint( pk, sk, 0 ); /* of the main key */
any = 1;
}
keyid_from_sk( sk2, keyid2 );
printf("ssb::%u:%d:%08lX%08lX:%s:%s:::::",
nbits_from_sk( sk2 ),
sk2->pubkey_algo,
(ulong)keyid2[0],(ulong)keyid2[1],
colon_datestr_from_sk( sk2 ),
colon_strtime (sk2->expiredate)
/* fixme: add LID */ );
print_capabilities (NULL, sk2, NULL);
if (opt.fixed_list_mode) {
/* We print the serial number only in fixed list mode
for the primary key so, so avoid questions we print
it for subkeys also only in this mode. There is no
technical reason, though. */
putchar(':'); /* End of field 13. */
putchar(':'); /* End of field 14. */
if (sk2->protect.s2k.mode == 1001)
putchar('#'); /* Key is just a stub. */
else if (sk2->protect.s2k.mode == 1002) {
/* Key is stored on an external token (card) or handled by
the gpg-agent. Print the serial number of that token
here. */
for (i=0; i < sk2->protect.ivlen; i++)
printf ("%02X", sk2->protect.iv[i]);
}
putchar(':'); /* End of field 15. */
else
{
rc = 0;
sigrc = ' ';
}
putchar ('\n');
if( fpr > 1 )
print_fingerprint( NULL, sk2, 0 );
}
else if( opt.list_sigs && node->pkt->pkttype == PKT_SIGNATURE ) {
PKT_signature *sig = node->pkt->pkt.signature;
int sigrc,fprokay=0;
char *sigstr;
size_t fplen;
byte fparray[MAX_FINGERPRINT_LEN];
fputs ( sigstr, stdout );
putchar (':');
if ( sigrc != ' ' )
putchar (sigrc);
printf ("::%d:%08lX%08lX:%s:%s:", sig->pubkey_algo,
(ulong)sig->keyid[0], (ulong)sig->keyid[1],
colon_datestr_from_sig(sig),
colon_expirestr_from_sig(sig));
if( !any ) { /* no user id, (maybe a revocation follows)*/
if( sig->sig_class == 0x20 )
fputs("[revoked]:", stdout);
else if( sig->sig_class == 0x18 )
fputs("[key binding]:", stdout);
else if( sig->sig_class == 0x28 )
fputs("[subkey revoked]:", stdout);
else
putchar (':');
putchar(':');
print_capabilities (pk, sk, keyblock);
putchar('\n');
if( fpr )
print_fingerprint( pk, sk, 0 );
any=1;
}
if (sig->trust_depth || sig->trust_value)
printf("%d %d",sig->trust_depth,sig->trust_value);
printf (":");
if( sig->sig_class == 0x20 || sig->sig_class == 0x28
|| sig->sig_class == 0x30 )
sigstr = "rev";
else if( (sig->sig_class&~3) == 0x10 )
sigstr = "sig";
else if( sig->sig_class == 0x18 )
sigstr = "sig";
else if( sig->sig_class == 0x1F )
sigstr = "sig";
else {
printf ("sig::::::::::%02x%c:\n",
sig->sig_class, sig->flags.exportable?'x':'l');
continue;
}
if( opt.check_sigs ) {
PKT_public_key *signer_pk=NULL;
if (sig->trust_regexp)
print_string (stdout,sig->trust_regexp,
strlen(sig->trust_regexp),':');
printf(":");
if ( sigrc == '%' )
printf("[%s] ", g10_errstr(rc) );
else if ( sigrc == '?' )
;
else if ( !opt.fast_list_mode )
{
size_t n;
char *p = get_user_id( sig->keyid, &n );
print_string( stdout, p, n, ':' );
xfree(p);
}
printf (":%02x%c:", sig->sig_class,sig->flags.exportable?'x':'l');
if (opt.no_sig_cache && opt.check_sigs && fprokay)
{
putchar (':');
for (i=0; i < fplen ; i++ )
printf ("%02X", fparray[i] );
putchar (':');
}
fflush(stdout);
if(opt.no_sig_cache)
signer_pk=xmalloc_clear(sizeof(PKT_public_key));
rc = check_key_signature2( keyblock, node, NULL, signer_pk,
NULL, NULL, NULL );
switch ( gpg_err_code (rc) ) {
case 0: sigrc = '!'; break;
case GPG_ERR_BAD_SIGNATURE: sigrc = '-'; break;
case GPG_ERR_NO_PUBKEY:
case GPG_ERR_UNUSABLE_PUBKEY: sigrc = '?'; break;
default: sigrc = '%'; break;
}
if(opt.no_sig_cache)
{
if(rc==0)
{
fingerprint_from_pk (signer_pk, fparray, &fplen);
fprokay=1;
}
free_public_key(signer_pk);
}
}
else {
rc = 0;
sigrc = ' ';
}
fputs( sigstr, stdout );
putchar(':');
if( sigrc != ' ' )
putchar(sigrc);
printf("::%d:%08lX%08lX:%s:%s:", sig->pubkey_algo,
(ulong)sig->keyid[0], (ulong)sig->keyid[1],
colon_datestr_from_sig(sig),
colon_expirestr_from_sig(sig));
if(sig->trust_depth || sig->trust_value)
printf("%d %d",sig->trust_depth,sig->trust_value);
printf(":");
if(sig->trust_regexp)
print_string(stdout,sig->trust_regexp,
strlen(sig->trust_regexp),':');
printf(":");
if( sigrc == '%' )
printf("[%s] ", g10_errstr(rc) );
else if( sigrc == '?' )
;
else if ( !opt.fast_list_mode ) {
size_t n;
char *p = get_user_id( sig->keyid, &n );
print_string( stdout, p, n, ':' );
xfree(p);
}
printf(":%02x%c:", sig->sig_class,sig->flags.exportable?'x':'l');
if(opt.no_sig_cache && opt.check_sigs && fprokay)
{
printf(":");
for (i=0; i < fplen ; i++ )
printf ("%02X", fparray[i] );
printf(":");
}
printf("\n");
if(opt.show_subpackets)
print_subpackets_colon(sig);
/* fixme: check or list other sigs here */
}
}
if( !any ) {/* oops, no user id */
putchar(':');
putchar(':');
print_capabilities (pk, sk, keyblock);
putchar('\n');
printf ("\n");
if (opt.show_subpackets)
print_subpackets_colon (sig);
/* fixme: check or list other sigs here */
}
}
}