security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00
Code Activity

gpg: Print designated revokers also in a standard listing.

Browse Source 
* g10/keylist.c (print_revokers): Add arg with_colon, adjust callers,
add human printable format.
(list_keyblock_print): Call print_revokers.
--

Designated revokers were only printed in --with-colons mode.  For
quick inspection of a key it is useful to see them right away.

(cherry picked from commit 9d618d1273120ca2cca97028730352768b0c1897)
This commit is contained in:
Werner Koch 2024-06-05 09:10:47 +02:00
parent 330354972a
commit 222045d850
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
4 changed files with 67 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
g10/keyedit.c
View File

@ -3724,7 +3724,7 @@ show_key_with_all_names_colon (ctrl_t ctrl, estream_t fp, kbnode_t keyblock)
es_putc ('\n', fp); es_putc ('\n', fp);
print_fingerprint (ctrl, fp, pk, 0); print_fingerprint (ctrl, fp, pk, 0);
print_revokers (fp, pk); print_revokers (fp, 1, pk);
} }
} }

45
g10/keygen.c
View File

@ -1112,6 +1112,35 @@ make_backsig (ctrl_t ctrl, PKT_signature *sig, PKT_public_key *pk,
} }
/* This function should be called to make sure that
* opt.def_new_key_adsks has no duplicates and that tehre is no '!'
* suffix. We don't do this during normal option processing because
* this list is only needed for a very few operations. Callingit
* twice does not harm. Users of the option list should skip empty
* items. */
void
keygen_prepare_new_key_adsks (void)
{
strlist_t sl, slr;
char *p;
for (sl = opt.def_new_key_adsks; sl; sl = sl->next)
{
if (!*sl->d)
continue;
p = strchr (sl->d, '!');
if (p)
*p = 0;
for (slr = opt.def_new_key_adsks; slr != sl; slr = slr->next)
if (!ascii_strcasecmp (sl->d, slr->d))
{
*sl->d = 0; /* clear fpr to mark this as a duplicate. */
break;
}
}
}
/* Write a direct key signature to the first key in ROOT using the key /* Write a direct key signature to the first key in ROOT using the key
PSK. REVKEY is describes the direct key signature and TIMESTAMP is PSK. REVKEY is describes the direct key signature and TIMESTAMP is
the timestamp to set on the signature. */ the timestamp to set on the signature. */
@ -4167,7 +4196,7 @@ prepare_desig_revoker (ctrl_t ctrl, const char *name)
} }
/* Parse asn ADSK specified by NAME, check that the public key exists /* Parse an ADSK specified by NAME, check that the public key exists
* and return a parameter with the adsk information. On error print a * and return a parameter with the adsk information. On error print a
* diagnostic and return NULL. */ * diagnostic and return NULL. */
static struct para_data_s * static struct para_data_s *
@ -4333,7 +4362,7 @@ proc_parameter_file (ctrl_t ctrl, struct para_data_s *para, const char *fname,
const char *s1, *s2, *s3; const char *s1, *s2, *s3;
size_t n; size_t n;
char *p; char *p;
strlist_t sl, slr; strlist_t sl;
int is_default = 0; int is_default = 0;
int have_user_id = 0; int have_user_id = 0;
int err, algo; int err, algo;
@ -4500,21 +4529,11 @@ proc_parameter_file (ctrl_t ctrl, struct para_data_s *para, const char *fname,
* also check for duplicate specifications. In addition we remove * also check for duplicate specifications. In addition we remove
* an optional '!' suffix for easier comparing; the suffix is anyway * an optional '!' suffix for easier comparing; the suffix is anyway
* re-added later. */ * re-added later. */
keygen_prepare_new_key_adsks ();
for (sl = opt.def_new_key_adsks; sl; sl = sl->next) for (sl = opt.def_new_key_adsks; sl; sl = sl->next)
{ {
if (!*sl->d) if (!*sl->d)
continue; continue;
p = strchr (sl->d, '!');
if (p)
*p = 0;
for (slr = opt.def_new_key_adsks; slr != sl; slr = slr->next)
if (!ascii_strcasecmp (sl->d, slr->d))
{
*sl->d = 0; /* clear fpr to mark this as a duplicate. */
break;
}
if (!*sl->d)
continue;
r = prepare_adsk (ctrl, sl->d); r = prepare_adsk (ctrl, sl->d);
if (!r) if (!r)

49
g10/keylist.c
View File

@ -1462,6 +1462,8 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr,
es_putc ('\n', es_stdout); es_putc ('\n', es_stdout);
} }
print_revokers (es_stdout, 0, pk);
for (node = keyblock; node; node = node->next) for (node = keyblock; node; node = node->next)
{ {
if (is_deleted_kbnode (node)) if (is_deleted_kbnode (node))
@ -1687,28 +1689,43 @@ list_keyblock_simple (ctrl_t ctrl, kbnode_t keyblock)
} }
/* Print the revoker records. */
void void
print_revokers (estream_t fp, PKT_public_key * pk) print_revokers (estream_t fp, int colon_mode, PKT_public_key * pk)
{ {
/* print the revoker record */ int i, j;
const byte *p;
if (!pk->revkey && pk->numrevkeys) if (!pk->revkey && pk->numrevkeys)
BUG (); BUG ();
else
for (i = 0; i < pk->numrevkeys; i++)
{ {
int i, j; if (colon_mode)
{
for (i = 0; i < pk->numrevkeys; i++) es_fprintf (fp, "rvk:::%d::::::", pk->revkey[i].algid);
{ p = pk->revkey[i].fpr;
byte *p; for (j = 0; j < pk->revkey[i].fprlen; j++, p++)
es_fprintf (fp, "%02X", *p);
es_fprintf (fp, "rvk:::%d::::::", pk->revkey[i].algid); es_fprintf (fp, ":%02x%s:\n",
p = pk->revkey[i].fpr;
for (j = 0; j < pk->revkey[i].fprlen; j++, p++)
es_fprintf (fp, "%02X", *p);
es_fprintf (fp, ":%02x%s:\n",
pk->revkey[i].class, pk->revkey[i].class,
(pk->revkey[i].class & 0x40) ? "s" : ""); (pk->revkey[i].class & 0x40) ? "s" : "");
} }
else
{
es_fprintf (fp, "%*s%s", 6, "", _("Revocable by: "));
p = pk->revkey[i].fpr;
es_write_hexstring (fp, pk->revkey[i].fpr, pk->revkey[i].fprlen,
0, NULL);
if ((pk->revkey[i].class & 0x40))
es_fprintf (fp, " %s", _("(sensitive)"));
/* Class bit 7 must always be set, bit 6 indicates sensitive
* and all others bits are reserved. */
if (!(pk->revkey[i].class & ~0x40)
|| (pk->revkey[i].class & ~(0x40|0x80)))
es_fprintf (fp, " (unknown class %02x)", pk->revkey[i].class);
es_fprintf (fp, "\n");
}
} }
} }
@ -1870,7 +1887,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
es_putc (':', es_stdout); /* End of field 20 (origin). */ es_putc (':', es_stdout); /* End of field 20 (origin). */
es_putc ('\n', es_stdout); es_putc ('\n', es_stdout);
print_revokers (es_stdout, pk); print_revokers (es_stdout, 1, pk);
print_fingerprint (ctrl, NULL, pk, 0); print_fingerprint (ctrl, NULL, pk, 0);
if (hexgrip) if (hexgrip)
es_fprintf (es_stdout, "grp:::::::::%s:\n", hexgrip); es_fprintf (es_stdout, "grp:::::::::%s:\n", hexgrip);

2
g10/main.h
View File

@ -476,7 +476,7 @@ void list_keyblock_direct (ctrl_t ctrl, kbnode_t keyblock, int secret,
int cmp_signodes (const void *av, const void *bv); int cmp_signodes (const void *av, const void *bv);
void print_fingerprint (ctrl_t ctrl, estream_t fp, void print_fingerprint (ctrl_t ctrl, estream_t fp,
PKT_public_key *pk, int mode); PKT_public_key *pk, int mode);
void print_revokers (estream_t fp, PKT_public_key *pk); void print_revokers (estream_t fp, int colon_mode, PKT_public_key *pk);
void show_preferences (PKT_user_id *uid, int indent, int mode, int verbose); void show_preferences (PKT_user_id *uid, int indent, int mode, int verbose);
void show_policy_url(PKT_signature *sig,int indent,int mode); void show_policy_url(PKT_signature *sig,int indent,int mode);
void show_keyserver_url(PKT_signature *sig,int indent,int mode); void show_keyserver_url(PKT_signature *sig,int indent,int mode);