1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

gpg: New option --auto-key-import

* g10/gpg.c (opts): New options --auto-key-import,
--no-auto-key-import, and --no-include-key-block.
(gpgconf_list): Add them.
* g10/options.h (opt): Add field flags.auto_key_import.
* g10/mainproc.c (check_sig_and_print): Use flag to enable that
feature.
* tools/gpgconf-comp.c: Give the new options a Basic config level.
--

Note that the --no variants of the options are intended for easy
disabling at the command line.

GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2020-03-14 18:04:47 +01:00
parent 6a4443c842
commit 6b306f45f4
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
5 changed files with 57 additions and 14 deletions

View File

@ -1766,6 +1766,19 @@ Set what trust model GnuPG should follow. The models are:
must be enabled explicitly. must be enabled explicitly.
@end table @end table
@item --include-key-block
@itemx --no-include-key-block
@opindex include-key-block
@opindex no-include-key-block
Include a minimized version of the public parts of the signing key as
a “Key Block subpacket” into data signatures. The Key Block contains
the signing key or subkey as well as an encryption subkey. This
allows the recipient of a signed message to reply encrypted to the
sender without using any online directories to lookup the key. The
default is @option{--no-innclude-key-block}. See also the option
@option{--auto-key-import}.
@item --auto-key-locate @var{mechanisms} @item --auto-key-locate @var{mechanisms}
@itemx --no-auto-key-locate @itemx --no-auto-key-locate
@opindex auto-key-locate @opindex auto-key-locate
@ -1827,6 +1840,20 @@ list. The default is "local,wkd".
@end table @end table
@item --auto-key-import
@itemx --no-auto-key-import
@opindex auto-key-import
@opindex no-auto-key-import
This is an offline mechanism to get a missing key for signature
verification and for later encryption to this key. If this option is
enabled and a signature includes a “Key Block subpacket”, that key is
used to verify the signature and on verification success that key is
imported. The default is @option{--no-auto-key-import}.
On the sender (signing) site the option @option{--include-key-block}
needs to be used to put the public part of the signing key as “Key
Block subpacket” into the signature.
@item --auto-key-retrieve @item --auto-key-retrieve
@itemx --no-auto-key-retrieve @itemx --no-auto-key-retrieve
@opindex auto-key-retrieve @opindex auto-key-retrieve
@ -1837,22 +1864,26 @@ local keyring. The default is @option{--no-auto-key-retrieve}.
The order of methods tried to lookup the key is: The order of methods tried to lookup the key is:
1. If a preferred keyserver is specified in the signature and the 1. If the option @option{--auto-key-import} is set and the signatures
includes a “Key Block subpacket”, that key is used to verify the
signature and on verification success that key is imported.
2. If a preferred keyserver is specified in the signature and the
option @option{honor-keyserver-url} is active (which is not the option @option{honor-keyserver-url} is active (which is not the
default), that keyserver is tried. Note that the creator of the default), that keyserver is tried. Note that the creator of the
signature uses the option @option{--sig-keyserver-url} to specify the signature uses the option @option{--sig-keyserver-url} to specify the
preferred keyserver for data signatures. preferred keyserver for data signatures.
2. If the signature has the Signer's UID set (e.g. using 3. If the signature has the Signer's UID set (e.g. using
@option{--sender} while creating the signature) a Web Key Directory @option{--sender} while creating the signature) a Web Key Directory
(WKD) lookup is done. This is the default configuration but can be (WKD) lookup is done. This is the default configuration but can be
disabled by removing WKD from the auto-key-locate list or by using the disabled by removing WKD from the auto-key-locate list or by using the
option @option{--disable-signer-uid}. option @option{--disable-signer-uid}.
3. If the option @option{honor-pka-record} is active, the legacy PKA 4. If the option @option{honor-pka-record} is active, the legacy PKA
method is used. method is used.
4. If any keyserver is configured and the Issuer Fingerprint is part 5. If any keyserver is configured and the Issuer Fingerprint is part
of the signature (since GnuPG 2.1.16), the configured keyservers are of the signature (since GnuPG 2.1.16), the configured keyservers are
tried. tried.

View File

@ -360,6 +360,8 @@ enum cmd_and_opt_values
oNoRandomSeedFile, oNoRandomSeedFile,
oAutoKeyRetrieve, oAutoKeyRetrieve,
oNoAutoKeyRetrieve, oNoAutoKeyRetrieve,
oAutoKeyImport,
oNoAutoKeyImport,
oUseAgent, oUseAgent,
oNoUseAgent, oNoUseAgent,
oGpgAgentInfo, oGpgAgentInfo,
@ -434,6 +436,7 @@ enum cmd_and_opt_values
oUseOnlyOpenPGPCard, oUseOnlyOpenPGPCard,
oFullTimestrings, oFullTimestrings,
oIncludeKeyBlock, oIncludeKeyBlock,
oNoIncludeKeyBlock,
oNoop oNoop
}; };
@ -750,8 +753,6 @@ static gpgrt_opt_t opts[] = {
ARGPARSE_s_i (oCompressLevel, "compress-level", "@"), ARGPARSE_s_i (oCompressLevel, "compress-level", "@"),
ARGPARSE_s_i (oBZ2CompressLevel, "bzip2-compress-level", "@"), ARGPARSE_s_i (oBZ2CompressLevel, "bzip2-compress-level", "@"),
ARGPARSE_s_n (oDisableSignerUID, "disable-signer-uid", "@"), ARGPARSE_s_n (oDisableSignerUID, "disable-signer-uid", "@"),
ARGPARSE_s_n (oIncludeKeyBlock, "include-key-block",
N_("include the public key in the signature")),
ARGPARSE_header ("ImportExport", ARGPARSE_header ("ImportExport",
N_("Options controlling key import and export")), N_("Options controlling key import and export")),
@ -759,8 +760,14 @@ static gpgrt_opt_t opts[] = {
ARGPARSE_s_s (oAutoKeyLocate, "auto-key-locate", ARGPARSE_s_s (oAutoKeyLocate, "auto-key-locate",
N_("|MECHANISMS|use MECHANISMS to locate keys by mail address")), N_("|MECHANISMS|use MECHANISMS to locate keys by mail address")),
ARGPARSE_s_n (oNoAutoKeyLocate, "no-auto-key-locate", "@"), ARGPARSE_s_n (oNoAutoKeyLocate, "no-auto-key-locate", "@"),
ARGPARSE_s_n (oAutoKeyImport, "auto-key-import",
N_("import missing key from a signature")),
ARGPARSE_s_n (oNoAutoKeyImport, "no-auto-key-import", "@"),
ARGPARSE_s_n (oAutoKeyRetrieve, "auto-key-retrieve", "@"), ARGPARSE_s_n (oAutoKeyRetrieve, "auto-key-retrieve", "@"),
ARGPARSE_s_n (oNoAutoKeyRetrieve, "no-auto-key-retrieve", "@"), ARGPARSE_s_n (oNoAutoKeyRetrieve, "no-auto-key-retrieve", "@"),
ARGPARSE_s_n (oIncludeKeyBlock, "include-key-block",
N_("include the public key in signatures")),
ARGPARSE_s_n (oNoIncludeKeyBlock, "no-include-key-block", "@"),
ARGPARSE_s_n (oDisableDirmngr, "disable-dirmngr", ARGPARSE_s_n (oDisableDirmngr, "disable-dirmngr",
N_("disable all access to the dirmngr")), N_("disable all access to the dirmngr")),
ARGPARSE_s_s (oKeyServer, "keyserver", "@"), /* Deprecated. */ ARGPARSE_s_s (oKeyServer, "keyserver", "@"), /* Deprecated. */
@ -1943,6 +1950,8 @@ gpgconf_list (const char *configfile)
es_printf ("encrypt-to:%lu:\n", GC_OPT_FLAG_NONE); es_printf ("encrypt-to:%lu:\n", GC_OPT_FLAG_NONE);
es_printf ("try-secret-key:%lu:\n", GC_OPT_FLAG_NONE); es_printf ("try-secret-key:%lu:\n", GC_OPT_FLAG_NONE);
es_printf ("auto-key-locate:%lu:\n", GC_OPT_FLAG_NONE); es_printf ("auto-key-locate:%lu:\n", GC_OPT_FLAG_NONE);
es_printf ("auto-key-import:%lu:\n", GC_OPT_FLAG_NONE);
es_printf ("include-key-block:%lu:\n", GC_OPT_FLAG_NONE);
es_printf ("auto-key-retrieve:%lu:\n", GC_OPT_FLAG_NONE); es_printf ("auto-key-retrieve:%lu:\n", GC_OPT_FLAG_NONE);
es_printf ("log-file:%lu:\n", GC_OPT_FLAG_NONE); es_printf ("log-file:%lu:\n", GC_OPT_FLAG_NONE);
es_printf ("debug-level:%lu:\"none:\n", GC_OPT_FLAG_DEFAULT); es_printf ("debug-level:%lu:\"none:\n", GC_OPT_FLAG_DEFAULT);
@ -3035,6 +3044,7 @@ main (int argc, char **argv)
case oDisableSignerUID: opt.flags.disable_signer_uid = 1; break; case oDisableSignerUID: opt.flags.disable_signer_uid = 1; break;
case oIncludeKeyBlock: opt.flags.include_key_block = 1; break; case oIncludeKeyBlock: opt.flags.include_key_block = 1; break;
case oNoIncludeKeyBlock: opt.flags.include_key_block = 0; break;
case oS2KMode: opt.s2k_mode = pargs.r.ret_int; break; case oS2KMode: opt.s2k_mode = pargs.r.ret_int; break;
case oS2KDigest: s2k_digest_string = xstrdup(pargs.r.ret_str); break; case oS2KDigest: s2k_digest_string = xstrdup(pargs.r.ret_str); break;
@ -3420,6 +3430,9 @@ main (int argc, char **argv)
case oIgnoreMDCError: opt.ignore_mdc_error = 1; break; case oIgnoreMDCError: opt.ignore_mdc_error = 1; break;
case oNoRandomSeedFile: use_random_seed = 0; break; case oNoRandomSeedFile: use_random_seed = 0; break;
case oAutoKeyImport: opt.flags.auto_key_import = 1; break;
case oNoAutoKeyImport: opt.flags.auto_key_import = 0; break;
case oAutoKeyRetrieve: case oAutoKeyRetrieve:
opt.keyserver_options.options |= KEYSERVER_AUTO_KEY_RETRIEVE; opt.keyserver_options.options |= KEYSERVER_AUTO_KEY_RETRIEVE;
break; break;

View File

@ -2012,14 +2012,11 @@ check_sig_and_print (CTX c, kbnode_t node)
rc = do_check_sig (c, node, extrahash, extrahashlen, NULL, rc = do_check_sig (c, node, extrahash, extrahashlen, NULL,
NULL, &is_expkey, &is_revkey, &pk); NULL, &is_expkey, &is_revkey, &pk);
/* If the key is not found but the signaure includes a key bnlock we /* If the key is not found but the signature includes a key block we
* import that key block and trry again. We keep this key block * use that key block for verification and on success import it. */
* only if the signature verifies. */
/* FIXME: Shall we add an option to disable it or use it only if
* --auto-key-retriueve is set? */
if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY
&& sig->flags.key_block) && sig->flags.key_block
/* && (opt.keyserver_options.options & KEYSERVER_AUTO_KEY_RETRIEVE)) */ && opt.flags.auto_key_import)
{ {
PKT_public_key *included_pk; PKT_public_key *included_pk;
const byte *kblock; const byte *kblock;

View File

@ -242,6 +242,7 @@ struct
unsigned int large_rsa:1; unsigned int large_rsa:1;
unsigned int disable_signer_uid:1; unsigned int disable_signer_uid:1;
unsigned int include_key_block:1; unsigned int include_key_block:1;
unsigned int auto_key_import:1;
/* Flag to enable experimental features from RFC4880bis. */ /* Flag to enable experimental features from RFC4880bis. */
unsigned int rfc4880bis:1; unsigned int rfc4880bis:1;
/* Hack: --output is not given but OUTFILE was temporary set to "-". */ /* Hack: --output is not given but OUTFILE was temporary set to "-". */

View File

@ -404,8 +404,9 @@ static known_option_t known_options_gpg[] =
{ "log-file", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED, { "log-file", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
GC_ARG_TYPE_FILENAME }, GC_ARG_TYPE_FILENAME },
{ "auto-key-locate", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED }, { "auto-key-locate", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED },
{ "auto-key-import", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC },
{ "auto-key-retrieve", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT }, { "auto-key-retrieve", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT },
{ "no-auto-key-retrieve", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE }, { "include-key-block", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC },
{ "disable-dirmngr", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT }, { "disable-dirmngr", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT },
{ "max-cert-depth", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE }, { "max-cert-depth", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE },
{ "completes-needed", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE }, { "completes-needed", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE },