security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

gpg: New option --forbid-gen-key. 

* g10/gpg.c (oForbidGenKey, opts): New option.
(mopt): New local struct
(gen_key_forbidden): New.
(main): Set and handle the option.
--

In large system installation it is sometimes useful to make it a bit
harder for users to generate their own keys.  An example is a policy
to not use on-disk keys.
This commit is contained in:
Werner Koch 2021-11-22 20:59:22 +01:00
parent 40d2c93165
commit 985fb25c46
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
2 changed files with 44 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
doc/gpg.texi
View File

@ -3515,6 +3515,12 @@ This option modifies the behaviour of the commands
sub-commands of @option{--edit-key} by forcing the creation of a key
signature, even if one already exists.
@item --forbid-gen-key
@opindex forbid-gen-key
This option is intended for use in the global config file to disallow
the use of generate key commands. Those commands will then fail with
the error code for Not Enabled.
@item --allow-secret-key-import
@opindex allow-secret-key-import
This is an obsolete option and is not used anywhere.

47
g10/gpg.c
View File

@ -429,6 +429,7 @@ enum cmd_and_opt_values
oIncludeKeyBlock,
oNoIncludeKeyBlock,
oForceSignKey,
oForbidGenKey,
oNoop
};
@ -880,6 +881,7 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_n (oAllowWeakDigestAlgos, "allow-weak-digest-algos", "@"),
ARGPARSE_s_s (oDefaultNewKeyAlgo, "default-new-key-algo", "@"),
ARGPARSE_s_n (oForbidGenKey, "forbid-gen-key", "@"),
/* These two are aliases to help users of the PGP command line
product use gpg with minimal pain. Many commands are common
@ -983,6 +985,12 @@ static int utf8_strings =
;
static int maybe_setuid = 1;
/* Collection of options used only in this module. */
static struct {
unsigned int forbid_gen_key;
} mopt;
static char *build_list( const char *text, char letter,
const char *(*mapf)(int), int (*chkf)(int) );
static void set_cmd( enum cmd_and_opt_values *ret_cmd,
@ -2220,8 +2228,13 @@ set_compliance_option (enum cmd_and_opt_values option)
}
static void
gen_key_forbidden (void)
{
write_status_failure ("gen-key", gpg_error (GPG_ERR_NOT_ENABLED));
log_error (_("This command is not allowed while in %s mode.\n"),
"forbid-gen-key");
}
/* This function called to initialized a new control object. It is
@ -3587,6 +3600,10 @@ main (int argc, char **argv)
opt.flags.use_only_openpgp_card = 1;
break;
case oForbidGenKey:
mopt.forbid_gen_key = 1;
break;
case oNoop: break;
default:
@ -4509,18 +4526,25 @@ main (int argc, char **argv)
}
}
}
quick_generate_keypair (ctrl, username, x_algo, x_usage, x_expire);
if (mopt.forbid_gen_key)
gen_key_forbidden ();
else
quick_generate_keypair (ctrl, username, x_algo, x_usage, x_expire);
xfree (username);
}
break;
case aKeygen: /* generate a key */
if( opt.batch ) {
if (mopt.forbid_gen_key)
gen_key_forbidden ();
else if( opt.batch )
{
if( argc > 1 )
wrong_args("--generate-key [parameterfile]");
generate_keypair (ctrl, 0, argc? *argv : NULL, NULL, 0);
}
else {
}
else
{
if (opt.command_fd != -1 && argc)
{
if( argc > 1 )
@ -4533,11 +4557,13 @@ main (int argc, char **argv)
wrong_args ("--generate-key");
else
generate_keypair (ctrl, 0, NULL, NULL, 0);
}
}
break;
case aFullKeygen: /* Generate a key with all options. */
if (opt.batch)
if (mopt.forbid_gen_key)
gen_key_forbidden ();
else if (opt.batch)
{
if (argc > 1)
wrong_args ("--full-generate-key [parameterfile]");
@ -4585,7 +4611,10 @@ main (int argc, char **argv)
}
}
}
keyedit_quick_addkey (ctrl, x_fpr, x_algo, x_usage, x_expire);
if (mopt.forbid_gen_key)
gen_key_forbidden ();
else
keyedit_quick_addkey (ctrl, x_fpr, x_algo, x_usage, x_expire);
}
break;