security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

gpg: Change format for the key size in --list-key and --edit-key. 

* g10/gpg.c (oLegacyListMode, opts, main): Add --legacy-list-mode.
* g10/options.h (struct opt): Add field legacy_list_mode.
* g10/keydb.h (PUBKEY_STRING_SIZE): New.
* g10/keyid.c (pubkey_string): New.
* g10/import.c (import_one, import_secret_one): Use pubkey_string.
* g10/keylist.c (print_seckey_info): Ditto.
(print_pubkey_info, print_card_key_info): Ditto.
(list_keyblock_print): Ditto.
* g10/mainproc.c (list_node): Ditto.
* g10/pkclist.c (do_edit_ownertrust, build_pk_list): Ditto.
* g10/keyedit.c (show_key_with_all_names): Ditto.  Also change the
format.
(show_basic_key_info): Ditto.
* common/openpgp-oid.c (openpgp_curve_to_oid): Also allow "ed25519".
(openpgp_oid_to_curve): Downcase "ed25519"
--

For ECC it seems to be better to show the name of the curve and not
just the size of the prime field.  The curve name does not anymore fit
into the "<size><letter>" descriptor (e.g. "2048R") and a fixed length
format does not work either.  Thus the new format uses

   "rsa2048"    - RSA with 2048 bit
   "elg1024"    - Elgamal with 1024 bit
   "ed25519"    - ECC using the curve Ed25519.
   "E_1.2.3.4"  - ECC using the unsupported curve with OID "1.2.3.4".

unless --legacy-list-mode is given.  In does not anymore line up
nicely in columns thus I expect further changes to this new format.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2014-02-05 10:37:59 +01:00
parent 2ba818de1a
commit 2c814806d7
11 changed files with 153 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
common/openpgp-oid.c
View File

@ -275,7 +275,7 @@ openpgp_curve_to_oid (const char *name, unsigned int *r_nbits)
if (!name)
oidstr = NULL;
else if (!strcmp (name, "Ed25519"))
else if (!strcmp (name, "Ed25519") || !strcmp (name, "ed25519"))
{
oidstr = "1.3.6.1.4.1.11591.15.1";
nbits = 255;
@ -324,8 +324,7 @@ openpgp_curve_to_oid (const char *name, unsigned int *r_nbits)
}
/* Map an OpenPGP OID to the Libgcrypt curve NAME. If R_NBITS is not
NULL store the bit size of the curve there. Returns "?" for
/* Map an OpenPGP OID to the Libgcrypt curve NAME. Returns "?" for
unknown curve names. */
const char *
openpgp_oid_to_curve (const char *oid)
@ -335,7 +334,7 @@ openpgp_oid_to_curve (const char *oid)
if (!oid)
name = "";
else if (!strcmp (oid, "1.3.6.1.4.1.11591.15.1"))
name = "Ed25519";
name = "ed25519";
else if (!strcmp (oid, "1.2.840.10045.3.1.7"))
name = "nistp256";
else if (!strcmp (oid, "1.3.132.0.10"))

9
doc/gpg.texi
View File

@ -2053,6 +2053,15 @@ Since GnuPG 2.0.10, this mode is always used and thus this option is
obsolete; it does not harm to use it though.
@end ifclear
@ifset gpgtwoone
@item --legacy-list-mode
@opindex legacy-list-mode
Revert to the pre-2.1 public key list mode. This only affects the
human readable output and not the machine interface
(i.e. @code{--with-colons}). Note that the legacy format does not
allow to convey suitable information for elliptic curves.
@end ifset
@item --with-fingerprint
@opindex with-fingerprint
Same as the command @option{--fingerprint} but changes only the format

3
g10/gpg.c
View File

@ -331,6 +331,7 @@ enum cmd_and_opt_values
oTrustedKey,
oNoExpensiveTrustChecks,
oFixedListMode,
oLegacyListMode,
oNoSigCache,
oNoSigCreateCheck,
oAutoCheckTrustDB,
@ -690,6 +691,7 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_n (oHonorHttpProxy, "honor-http-proxy", "@"),
ARGPARSE_s_n (oFastListMode, "fast-list-mode", "@"),
ARGPARSE_s_n (oFixedListMode, "fixed-list-mode", "@"),
ARGPARSE_s_n (oLegacyListMode, "legacy-list-mode", "@"),
ARGPARSE_s_n (oListOnly, "list-only", "@"),
ARGPARSE_s_n (oIgnoreTimeConflict, "ignore-time-conflict", "@"),
ARGPARSE_s_n (oIgnoreValidFrom, "ignore-valid-from", "@"),
@ -2876,6 +2878,7 @@ main (int argc, char **argv)
break;
case oFastListMode: opt.fast_list_mode = 1; break;
case oFixedListMode: /* Dummy */ break;
case oLegacyListMode: opt.legacy_list_mode = 1; break;
case oListOnly: opt.list_only=1; break;
case oIgnoreTimeConflict: opt.ignore_time_conflict = 1; break;
case oIgnoreValidFrom: opt.ignore_valid_from = 1; break;

12
g10/import.c
View File

@ -792,6 +792,7 @@ import_one (ctrl_t ctrl,
int mod_key = 0;
int same_key = 0;
int non_self = 0;
char pkstrbuf[PUBKEY_STRING_SIZE];
/* get the key and print some info about it */
node = find_kbnode( keyblock, PKT_PUBLIC_KEY );
@ -805,9 +806,8 @@ import_one (ctrl_t ctrl,
if( opt.verbose && !opt.interactive )
{
log_info( "pub %4u%c/%s %s ",
nbits_from_pk( pk ),
pubkey_letter( pk->pubkey_algo ),
log_info( "pub %s/%s %s ",
pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
keystr_from_pk(pk), datestr_from_pk(pk) );
if (uidnode)
print_utf8_buffer (log_get_stream (),
@ -1539,6 +1539,7 @@ import_secret_one (ctrl_t ctrl, const char *fname, KBNODE keyblock,
int rc = 0;
int nr_prev;
kbnode_t pub_keyblock;
char pkstrbuf[PUBKEY_STRING_SIZE];
/* Get the key and print some info about it */
node = find_kbnode (keyblock, PKT_SECRET_KEY);
@ -1552,9 +1553,8 @@ import_secret_one (ctrl_t ctrl, const char *fname, KBNODE keyblock,
if (opt.verbose)
{
log_info ("sec %4u%c/%s %s ",
nbits_from_pk (pk),
pubkey_letter (pk->pubkey_algo),
log_info ("sec %s/%s %s ",
pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
keystr_from_pk (pk), datestr_from_pk (pk));
if (uidnode)
print_utf8_buffer (log_get_stream (), uidnode->pkt->pkt.user_id->name,

2
g10/keydb.h
View File

@ -256,6 +256,8 @@ int parse_auto_key_locate(char *options);
/*-- keyid.c --*/
int pubkey_letter( int algo );
char *pubkey_string (PKT_public_key *pk, char *buffer, size_t bufsize);
#define PUBKEY_STRING_SIZE 32
u32 v3_keyid (gcry_mpi_t a, u32 *ki);
void hash_public_key( gcry_md_hd_t md, PKT_public_key *pk );
size_t keystrlen(void);

38
g10/keyedit.c
View File

@ -2683,6 +2683,7 @@ show_key_with_all_names (KBNODE keyblock, int only_marked, int with_revoker,
int i;
int do_warn = 0;
PKT_public_key *primary = NULL;
char pkstrbuf[PUBKEY_STRING_SIZE];
if (opt.with_colons)
{
@ -2761,15 +2762,20 @@ show_key_with_all_names (KBNODE keyblock, int only_marked, int with_revoker,
}
keyid_from_pk (pk, NULL);
tty_printf ("%s%c %4u%c/%s ",
tty_printf ("%s%c %s/%s",
node->pkt->pkttype == PKT_PUBLIC_KEY ? "pub" :
node->pkt->pkttype == PKT_PUBLIC_SUBKEY ? "sub" :
node->pkt->pkttype == PKT_SECRET_KEY ? "sec" : "ssb",
(node->flag & NODFLG_SELKEY) ? '*' : ' ',
nbits_from_pk (pk),
pubkey_letter (pk->pubkey_algo), keystr (pk->keyid));
pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
keystr (pk->keyid));
tty_printf (_("created: %s"), datestr_from_pk (pk));
if (opt.legacy_list_mode)
tty_printf (" ");
else
tty_printf ("\n ");
tty_printf (_("created: %s"), datestr_from_pk (pk));
tty_printf (" ");
if (pk->flags.revoked)
tty_printf (_("revoked: %s"), revokestr_from_pk (pk));
@ -2785,8 +2791,8 @@ show_key_with_all_names (KBNODE keyblock, int only_marked, int with_revoker,
&& pk->seckey_info->is_protected
&& pk->seckey_info->s2k.mode == 1002)
{
tty_printf (" ");
tty_printf (_("card-no: "));
tty_printf ("%*s%s", opt.legacy_list_mode? 21:5, "",
_("card-no: "));
if (pk->seckey_info->ivlen == 16
&& !memcmp (pk->seckey_info->iv,
"\xD2\x76\x00\x01\x24\x01", 6))
@ -2813,7 +2819,9 @@ show_key_with_all_names (KBNODE keyblock, int only_marked, int with_revoker,
{
if (opt.trust_model != TM_ALWAYS)
{
tty_printf ("%*s", (int) keystrlen () + 13, "");
tty_printf ("%*s",
opt.legacy_list_mode?
((int) keystrlen () + 13):5, "");
/* Ownertrust is only meaningful for the PGP or
classic trust models */
if (opt.trust_model == TM_PGP
@ -2865,6 +2873,7 @@ show_basic_key_info (KBNODE keyblock)
{
KBNODE node;
int i;
char pkstrbuf[PUBKEY_STRING_SIZE];
/* The primary key */
for (node = keyblock; node; node = node->next)
@ -2876,12 +2885,12 @@ show_basic_key_info (KBNODE keyblock)
/* Note, we use the same format string as in other show
functions to make the translation job easier. */
tty_printf ("%s %4u%c/%s ",
tty_printf ("%s %s/%s ",
node->pkt->pkttype == PKT_PUBLIC_KEY ? "pub" :
node->pkt->pkttype == PKT_PUBLIC_SUBKEY ? "sub" :
node->pkt->pkttype == PKT_SECRET_KEY ? "sec" :"ssb",
nbits_from_pk (pk),
pubkey_letter (pk->pubkey_algo), keystr_from_pk (pk));
pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
keystr_from_pk (pk));
tty_printf (_("created: %s"), datestr_from_pk (pk));
tty_printf (" ");
tty_printf (_("expires: %s"), expirestr_from_pk (pk));
@ -2915,16 +2924,17 @@ show_key_and_fingerprint (KBNODE keyblock)
{
KBNODE node;
PKT_public_key *pk = NULL;
char pkstrbuf[PUBKEY_STRING_SIZE];
for (node = keyblock; node; node = node->next)
{
if (node->pkt->pkttype == PKT_PUBLIC_KEY)
{
pk = node->pkt->pkt.public_key;
tty_printf ("pub %4u%c/%s %s ",
nbits_from_pk (pk),
pubkey_letter (pk->pubkey_algo),
keystr_from_pk (pk), datestr_from_pk (pk));
tty_printf ("pub %s/%s %s ",
pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
keystr_from_pk(pk),
datestr_from_pk (pk));
}
else if (node->pkt->pkttype == PKT_USER_ID)
{

73
g10/keyid.c
View File

@ -1,6 +1,7 @@
/* keyid.c - key ID and fingerprint handling
* Copyright (C) 1998, 1999, 2000, 2001, 2003,
* 2004, 2006, 2010 Free Software Foundation, Inc.
* Copyright (C) 2014 Werner Koch
*
* This file is part of GnuPG.
*
@ -57,13 +58,81 @@ pubkey_letter( int algo )
case PUBKEY_ALGO_ELGAMAL_E: return 'g' ;
case PUBKEY_ALGO_ELGAMAL: return 'G' ;
case PUBKEY_ALGO_DSA: return 'D' ;
case PUBKEY_ALGO_EDDSA: return 'E' ; /* ECC EdDSA (sign only) */
case PUBKEY_ALGO_ECDSA: return 'E' ; /* ECC DSA (sign only) */
case PUBKEY_ALGO_ECDH: return 'e' ; /* ECC DH (encrypt only) */
case PUBKEY_ALGO_ECDSA: return 'E' ; /* ECC DSA (sign only) */
case PUBKEY_ALGO_EDDSA: return 'E' ; /* ECC EdDSA (sign only) */
default: return '?';
}
}
/* Return a string describing the public key algorithm and the
keysize. For elliptic curves the functions prints the name of the
curve because the keysize is a property of the curve. The string
is copied to the supplied buffer up a length of BUFSIZE-1.
Examples for the output are:
"rsa2048" - RSA with 2048 bit
"elg1024" - Elgamal with 1024 bit
"ed25519" - ECC using the curve Ed25519.
"E_1.2.3.4" - ECC using the unsupported curve with OID "1.2.3.4".
"E_1.3.6.1.4.1.11591.2.12242973" ECC with a bogus OID.
"unknown_N" - Unknown OpenPGP algorithm N.
If the option --legacy-list-mode is active, the output use the
legacy format:
"2048R" - RSA with 2048 bit
"1024g" - Elgamal with 1024 bit
"256E" - ECDSA using a curve with 256 bit
The macro PUBKEY_STRING_SIZE may be used to allocate a buffer with
a suitable size.*/
char *
pubkey_string (PKT_public_key *pk, char *buffer, size_t bufsize)
{
const char *prefix = NULL;
if (opt.legacy_list_mode)
{
snprintf (buffer, bufsize, "%4u%c",
nbits_from_pk (pk), pubkey_letter (pk->pubkey_algo));
return buffer;
}
switch (pk->pubkey_algo)
{
case PUBKEY_ALGO_RSA:
case PUBKEY_ALGO_RSA_E:
case PUBKEY_ALGO_RSA_S: prefix = "rsa"; break;
case PUBKEY_ALGO_ELGAMAL_E: prefix = "elg"; break;
case PUBKEY_ALGO_DSA: prefix = "dsa"; break;
case PUBKEY_ALGO_ELGAMAL: prefix = "xxx"; break;
case PUBKEY_ALGO_ECDH:
case PUBKEY_ALGO_ECDSA:
case PUBKEY_ALGO_EDDSA: prefix = ""; break;
}
if (prefix && *prefix)
snprintf (buffer, bufsize, "%s%u", prefix, nbits_from_pk (pk));
else if (prefix)
{
char *curve = openpgp_oid_to_str (pk->pkey[0]);
const char *name = openpgp_oid_to_curve (curve);
if (*name && *name != '?')
snprintf (buffer, bufsize, "%s", name);
else if (curve)
snprintf (buffer, bufsize, "E_%s", curve);
else
snprintf (buffer, bufsize, "E_error");
xfree (curve);
}
else
snprintf (buffer, bufsize, "unknown_%u", (unsigned int)pk->pubkey_algo);
return buffer;
}
/* Hash a public key. This function is useful for v4 fingerprints and
for v3 or v4 key signing. */

36
g10/keylist.c
View File

@ -136,13 +136,13 @@ print_seckey_info (PKT_public_key *pk)
{
u32 keyid[2];
char *p;
char pkstrbuf[PUBKEY_STRING_SIZE];
keyid_from_pk (pk, keyid);
p = get_user_id_native (keyid);
tty_printf ("\nsec %4u%c/%s %s %s\n",
nbits_from_pk (pk),
pubkey_letter (pk->pubkey_algo),
tty_printf ("\nsec %s/%s %s %s\n",
pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
keystr (keyid), datestr_from_pk (pk), p);
xfree (p);
@ -156,6 +156,7 @@ print_pubkey_info (estream_t fp, PKT_public_key * pk)
{
u32 keyid[2];
char *p;
char pkstrbuf[PUBKEY_STRING_SIZE];
keyid_from_pk (pk, keyid);
@ -168,9 +169,8 @@ print_pubkey_info (estream_t fp, PKT_public_key * pk)
if (fp)
tty_printf ("\n");
tty_fprintf (fp, "pub %4u%c/%s %s %s\n",
nbits_from_pk (pk),
pubkey_letter (pk->pubkey_algo),
tty_fprintf (fp, "pub %s/%s %s %s\n",
pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
keystr (keyid), datestr_from_pk (pk), p);
xfree (p);
}
@ -186,6 +186,7 @@ print_card_key_info (estream_t fp, kbnode_t keyblock)
char *hexgrip;
char *serialno;
int s2k_char;
char pkstrbuf[PUBKEY_STRING_SIZE];
for (node = keyblock; node; node = node->next)
{
@ -207,10 +208,11 @@ print_card_key_info (estream_t fp, kbnode_t keyblock)
else
s2k_char = '#'; /* Key not found. */
tty_fprintf (fp, "%s%c %4u%c/%s ",
tty_fprintf (fp, "%s%c %s/%s ",
node->pkt->pkttype == PKT_PUBLIC_KEY ? "sec" : "ssb",
s2k_char, nbits_from_pk (pk),
pubkey_letter (pk->pubkey_algo), keystr_from_pk (pk));
s2k_char,
pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
keystr_from_pk (pk));
tty_fprintf (fp, _("created: %s"), datestr_from_pk (pk));
tty_fprintf (fp, " ");
tty_fprintf (fp, _("expires: %s"), expirestr_from_pk (pk));
@ -780,6 +782,7 @@ list_keyblock_print (KBNODE keyblock, int secret, int fpr, void *opaque)
int s2k_char;
char *hexgrip = NULL;
char *serialno = NULL;
char pkstrbuf[PUBKEY_STRING_SIZE];
/* Get the keyid from the keyblock. */
node = find_kbnode (keyblock, PKT_PUBLIC_KEY);
@ -811,11 +814,12 @@ list_keyblock_print (KBNODE keyblock, int secret, int fpr, void *opaque)
check_trustdb_stale ();
es_fprintf (es_stdout, "%s%c %4u%c/%s %s",
secret? "sec":"pub",
s2k_char,
nbits_from_pk (pk), pubkey_letter (pk->pubkey_algo),
keystr_from_pk (pk), datestr_from_pk (pk));
es_fprintf (es_stdout, "%s%c %s/%s %s",
secret? "sec":"pub",
s2k_char,
pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
keystr_from_pk (pk), datestr_from_pk (pk));
if (pk->pubkey_algo == PUBKEY_ALGO_ECDSA
|| pk->pubkey_algo == PUBKEY_ALGO_EDDSA
@ -947,10 +951,10 @@ list_keyblock_print (KBNODE keyblock, int secret, int fpr, void *opaque)
else
s2k_char = ' ';
es_fprintf (es_stdout, "%s%c %4u%c/%s %s",
es_fprintf (es_stdout, "%s%c %s/%s %s",
secret? "ssb":"sub",
s2k_char,
nbits_from_pk (pk2), pubkey_letter (pk2->pubkey_algo),
pubkey_string (pk2, pkstrbuf, sizeof pkstrbuf),
keystr_from_pk (pk2), datestr_from_pk (pk2));
if (pk2->pubkey_algo == PUBKEY_ALGO_ECDSA

8
g10/mainproc.c
View File

@ -923,6 +923,7 @@ list_node( CTX c, KBNODE node )
{
int any=0;
int mainkey;
char pkstrbuf[PUBKEY_STRING_SIZE];
if( !node )
;
@ -958,9 +959,10 @@ list_node( CTX c, KBNODE node )
}
}
else
printf("%s %4u%c/%s %s%s",
mainkey? "pub":"sub", nbits_from_pk( pk ),
pubkey_letter( pk->pubkey_algo ), keystr_from_pk( pk ),
printf("%s %s/%s %s%s",
mainkey? "pub":"sub",
pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
keystr_from_pk( pk ),
datestr_from_pk( pk ), mainkey?" ":"");
if( mainkey ) {

1
g10/options.h
View File

@ -177,6 +177,7 @@ struct
int no_literal;
ulong set_filesize;
int fast_list_mode;
int legacy_list_mode;
int ignore_time_conflict;
int ignore_valid_from;
int ignore_crc_error;

16
g10/pkclist.c
View File

@ -188,6 +188,7 @@ do_edit_ownertrust (PKT_public_key *pk, int mode,
int min_num;
int did_help=defer_help;
unsigned int minimum=get_min_ownertrust(pk);
char pkstrbuf[PUBKEY_STRING_SIZE];
switch(minimum)
{
@ -221,8 +222,8 @@ do_edit_ownertrust (PKT_public_key *pk, int mode,
KBNODE keyblock, un;
tty_printf(_("No trust value assigned to:\n"));
tty_printf("%4u%c/%s %s\n",nbits_from_pk( pk ),
pubkey_letter( pk->pubkey_algo ),
tty_printf("%s/%s %s\n",
pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
keystr(keyid), datestr_from_pk( pk ) );
p=get_user_id_native(keyid);
tty_printf(_(" \"%s\"\n"),p);
@ -893,6 +894,7 @@ build_pk_list (ctrl_t ctrl,
int any_recipients=0;
strlist_t rov,remusr;
char *def_rec = NULL;
char pkstrbuf[PUBKEY_STRING_SIZE];
/* Try to expand groups if any have been defined. */
if (opt.grouplist)
@ -1027,11 +1029,11 @@ build_pk_list (ctrl_t ctrl,
u32 keyid[2];
keyid_from_pk(iter->pk,keyid);
tty_printf("%4u%c/%s %s \"",
nbits_from_pk(iter->pk),
pubkey_letter(iter->pk->pubkey_algo),
keystr(keyid),
datestr_from_pk(iter->pk));
tty_printf ("%s/%s %s \"",
pubkey_string (iter->pk,
pkstrbuf, sizeof pkstrbuf),
keystr(keyid),
datestr_from_pk (iter->pk));
if (iter->pk->user_id)
tty_print_utf8_string(iter->pk->user_id->name,