security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-06-05 23:07:49 +02:00
Code Activity

* options.h, g10.c (main), mainproc.c (check_sig_and_print): Add

Browse Source 
verify-options "show-validity" and "show-long-keyid" to show trustdb
validity and long keyids during (file) signature verification.
This commit is contained in:
David Shaw 2003-07-20 02:09:06 +00:00
parent 06442ab0da
commit 726b36b647
4 changed files with 58 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
g10/ChangeLog
View File

@ -1,5 +1,10 @@
2003-07-19 David Shaw <dshaw@jabberwocky.com> 2003-07-19 David Shaw <dshaw@jabberwocky.com>
* options.h, g10.c (main), mainproc.c (check_sig_and_print): Add
verify-options "show-validity" and "show-long-keyid" to show
trustdb validity and long keyids during (file) signature
verification.
* packet.h, main.h, sig-check.c (signature_check2, * packet.h, main.h, sig-check.c (signature_check2,
check_key_signature2, do_check): If ret_pk is set, fill in the pk check_key_signature2, do_check): If ret_pk is set, fill in the pk
used to verify the signature. Change all callers in getkey.c, used to verify the signature. Change all callers in getkey.c,

4
g10/g10.c
View File

@ -1757,9 +1757,9 @@ main( int argc, char **argv )
{"show-photos",LIST_SHOW_PHOTOS}, {"show-photos",LIST_SHOW_PHOTOS},
{"show-policy-url",LIST_SHOW_POLICY}, {"show-policy-url",LIST_SHOW_POLICY},
{"show-notation",LIST_SHOW_NOTATION}, {"show-notation",LIST_SHOW_NOTATION},
{"show-keyring",LIST_SHOW_KEYRING},
{"show-validity",LIST_SHOW_VALIDITY}, {"show-validity",LIST_SHOW_VALIDITY},
{"show-long-keyid",LIST_SHOW_LONG_KEYID}, {"show-long-keyid",LIST_SHOW_LONG_KEYID},
{"show-keyring",LIST_SHOW_KEYRING},
{NULL,0} {NULL,0}
}; };
@ -1781,6 +1781,8 @@ main( int argc, char **argv )
{"show-policy-url",VERIFY_SHOW_POLICY}, {"show-policy-url",VERIFY_SHOW_POLICY},
{"show-notation",VERIFY_SHOW_NOTATION}, {"show-notation",VERIFY_SHOW_NOTATION},
{"show-preferred-keyserver",VERIFY_SHOW_KEYSERVER}, {"show-preferred-keyserver",VERIFY_SHOW_KEYSERVER},
{"show-validity",VERIFY_SHOW_VALIDITY},
{"show-long-keyid",VERIFY_SHOW_LONG_KEYID},
{NULL,0} {NULL,0}
}; };

63
g10/mainproc.c
View File

@ -1270,8 +1270,16 @@ check_sig_and_print( CTX c, KBNODE node )
tstr = asctimestamp(sig->timestamp); tstr = asctimestamp(sig->timestamp);
astr = pubkey_algo_to_string( sig->pubkey_algo ); astr = pubkey_algo_to_string( sig->pubkey_algo );
log_info(_("Signature made %.*s using %s key ID %08lX\n"), if(opt.verify_options&VERIFY_SHOW_LONG_KEYID)
(int)strlen(tstr), tstr, astr? astr: "?", (ulong)sig->keyid[1] ); {
log_info(_("Signature made %.*s\n"),(int)strlen(tstr), tstr);
log_info(_(" using %s key %08lX%08lX\n"),
astr? astr: "?",(ulong)sig->keyid[0],(ulong)sig->keyid[1] );
}
else
log_info(_("Signature made %.*s using %s key ID %08lX\n"),
(int)strlen(tstr), tstr, astr? astr: "?",
(ulong)sig->keyid[1] );
rc = do_check_sig(c, node, NULL, &is_expkey ); rc = do_check_sig(c, node, NULL, &is_expkey );
if( rc == G10ERR_NO_PUBKEY && opt.keyserver_scheme && opt.keyserver_options.auto_key_retrieve) { if( rc == G10ERR_NO_PUBKEY && opt.keyserver_scheme && opt.keyserver_options.auto_key_retrieve) {
@ -1304,6 +1312,7 @@ check_sig_and_print( CTX c, KBNODE node )
KBNODE un, keyblock; KBNODE un, keyblock;
int count=0, statno; int count=0, statno;
char keyid_str[50]; char keyid_str[50];
PKT_public_key *pk=NULL;
if(rc) if(rc)
statno=STATUS_BADSIG; statno=STATUS_BADSIG;
@ -1321,6 +1330,11 @@ check_sig_and_print( CTX c, KBNODE node )
/* find and print the primary user ID */ /* find and print the primary user ID */
for( un=keyblock; un; un = un->next ) { for( un=keyblock; un; un = un->next ) {
if(un->pkt->pkttype==PKT_PUBLIC_KEY)
{
pk=un->pkt->pkt.public_key;
continue;
}
if( un->pkt->pkttype != PKT_USER_ID ) if( un->pkt->pkttype != PKT_USER_ID )
continue; continue;
if ( !un->pkt->pkt.user_id->created ) if ( !un->pkt->pkt.user_id->created )
@ -1334,7 +1348,9 @@ check_sig_and_print( CTX c, KBNODE node )
/* We want the textual user ID here */ /* We want the textual user ID here */
if ( un->pkt->pkt.user_id->attrib_data ) if ( un->pkt->pkt.user_id->attrib_data )
continue; continue;
assert(pk);
keyid_str[17] = 0; /* cut off the "[uncertain]" part */ keyid_str[17] = 0; /* cut off the "[uncertain]" part */
write_status_text_and_buffer (statno, keyid_str, write_status_text_and_buffer (statno, keyid_str,
un->pkt->pkt.user_id->name, un->pkt->pkt.user_id->name,
@ -1346,7 +1362,12 @@ check_sig_and_print( CTX c, KBNODE node )
: _("Good signature from \"")); : _("Good signature from \""));
print_utf8_string( log_stream(), un->pkt->pkt.user_id->name, print_utf8_string( log_stream(), un->pkt->pkt.user_id->name,
un->pkt->pkt.user_id->len ); un->pkt->pkt.user_id->len );
fputs("\"\n", log_stream() ); if(opt.verify_options&VERIFY_SHOW_VALIDITY)
fprintf(log_stream(),"\" [%s]\n",
trust_value_to_string(get_validity(pk,
un->pkt->pkt.user_id)));
else
fputs("\"\n", log_stream() );
count++; count++;
} }
if( !count ) { /* just in case that we have no valid textual if( !count ) { /* just in case that we have no valid textual
@ -1390,10 +1411,7 @@ check_sig_and_print( CTX c, KBNODE node )
/* If we have a good signature and already printed /* If we have a good signature and already printed
* the primary user ID, print all the other user IDs */ * the primary user ID, print all the other user IDs */
if ( count && !rc ) { if ( count && !rc ) {
PKT_public_key *pk=NULL;
for( un=keyblock; un; un = un->next ) { for( un=keyblock; un; un = un->next ) {
if(un->pkt->pkttype==PKT_PUBLIC_KEY)
pk=un->pkt->pkt.public_key;
if( un->pkt->pkttype != PKT_USER_ID ) if( un->pkt->pkttype != PKT_USER_ID )
continue; continue;
if ( un->pkt->pkt.user_id->is_revoked ) if ( un->pkt->pkt.user_id->is_revoked )
@ -1417,7 +1435,14 @@ check_sig_and_print( CTX c, KBNODE node )
log_info( _(" aka \"")); log_info( _(" aka \""));
print_utf8_string( log_stream(), un->pkt->pkt.user_id->name, print_utf8_string( log_stream(), un->pkt->pkt.user_id->name,
un->pkt->pkt.user_id->len ); un->pkt->pkt.user_id->len );
fputs("\"\n", log_stream() );
if(opt.verify_options&VERIFY_SHOW_VALIDITY)
fprintf(log_stream(),"\" [%s]\n",
trust_value_to_string(get_validity(pk,
un->pkt->
pkt.user_id)));
else
fputs("\"\n", log_stream() );
} }
} }
release_kbnode( keyblock ); release_kbnode( keyblock );
@ -1437,15 +1462,15 @@ check_sig_and_print( CTX c, KBNODE node )
if( !rc && is_status_enabled() ) { if( !rc && is_status_enabled() ) {
/* print a status response with the fingerprint */ /* print a status response with the fingerprint */
PKT_public_key *pk = m_alloc_clear( sizeof *pk ); PKT_public_key *vpk = m_alloc_clear( sizeof *vpk );
if( !get_pubkey( pk, sig->keyid ) ) { if( !get_pubkey( vpk, sig->keyid ) ) {
byte array[MAX_FINGERPRINT_LEN], *p; byte array[MAX_FINGERPRINT_LEN], *p;
char buf[MAX_FINGERPRINT_LEN*4+90], *bufp; char buf[MAX_FINGERPRINT_LEN*4+90], *bufp;
size_t i, n; size_t i, n;
bufp = buf; bufp = buf;
fingerprint_from_pk( pk, array, &n ); fingerprint_from_pk( vpk, array, &n );
p = array; p = array;
for(i=0; i < n ; i++, p++, bufp += 2) for(i=0; i < n ; i++, p++, bufp += 2)
sprintf(bufp, "%02X", *p ); sprintf(bufp, "%02X", *p );
@ -1459,27 +1484,27 @@ check_sig_and_print( CTX c, KBNODE node )
sig->version,sig->pubkey_algo,sig->digest_algo, sig->version,sig->pubkey_algo,sig->digest_algo,
sig->sig_class); sig->sig_class);
bufp = bufp + strlen (bufp); bufp = bufp + strlen (bufp);
if (!pk->is_primary) { if (!vpk->is_primary) {
u32 akid[2]; u32 akid[2];
akid[0] = pk->main_keyid[0]; akid[0] = vpk->main_keyid[0];
akid[1] = pk->main_keyid[1]; akid[1] = vpk->main_keyid[1];
free_public_key (pk); free_public_key (vpk);
pk = m_alloc_clear( sizeof *pk ); vpk = m_alloc_clear( sizeof *vpk );
if (get_pubkey (pk, akid)) { if (get_pubkey (vpk, akid)) {
/* impossible error, we simply return a zeroed out fpr */ /* impossible error, we simply return a zeroed out fpr */
n = MAX_FINGERPRINT_LEN < 20? MAX_FINGERPRINT_LEN : 20; n = MAX_FINGERPRINT_LEN < 20? MAX_FINGERPRINT_LEN : 20;
memset (array, 0, n); memset (array, 0, n);
} }
else else
fingerprint_from_pk( pk, array, &n ); fingerprint_from_pk( vpk, array, &n );
} }
p = array; p = array;
for(i=0; i < n ; i++, p++, bufp += 2) for(i=0; i < n ; i++, p++, bufp += 2)
sprintf(bufp, "%02X", *p ); sprintf(bufp, "%02X", *p );
write_status_text( STATUS_VALIDSIG, buf ); write_status_text( STATUS_VALIDSIG, buf );
} }
free_public_key( pk ); free_public_key( vpk );
} }
if( !rc ) if( !rc )

10
g10/options.h
View File

@ -234,9 +234,11 @@ struct {
#define LIST_SHOW_VALIDITY 16 #define LIST_SHOW_VALIDITY 16
#define LIST_SHOW_LONG_KEYID 32 #define LIST_SHOW_LONG_KEYID 32
#define VERIFY_SHOW_PHOTOS 1 #define VERIFY_SHOW_PHOTOS 1
#define VERIFY_SHOW_POLICY 2 #define VERIFY_SHOW_POLICY 2
#define VERIFY_SHOW_NOTATION 4 #define VERIFY_SHOW_NOTATION 4
#define VERIFY_SHOW_KEYSERVER 8 #define VERIFY_SHOW_KEYSERVER 8
#define VERIFY_SHOW_VALIDITY 16
#define VERIFY_SHOW_LONG_KEYID 32
#endif /*G10_OPTIONS_H*/ #endif /*G10_OPTIONS_H*/