mirror of git://git.gnupg.org/gnupg.git
Add new option --with-secret.
* g10/gpg.c: Add option --with-secret. * g10/options.h (struct opt): Add field with_secret. * g10/keylist.c (public_key_list): Pass opt.with_secret to list_all and list_one. (list_all, list_one): Add arg mark_secret. (list_keyblock_colon): Add arg has_secret. * sm/gpgsm.c: Add option --with-secret. * sm/server.c (option_handler): Add option "with-secret". * sm/gpgsm.h (server_control_s): Add field with_secret. * sm/keylist.c (list_cert_colon): Take care of with_secret. Also move the token string from the wrong field 14 to 15. -- This option is useful for key managers which need to know whether a key has a secret key. This change allows to collect this information in one pass.
This commit is contained in:
parent
d89dc6917e
commit
be07ed65e1
2
NEWS
2
NEWS
|
@ -24,6 +24,8 @@ Noteworthy changes in version 2.1.0-betaN (unreleased)
|
||||||
|
|
||||||
* New option --enable-pinpad-varlen for scdaemon.
|
* New option --enable-pinpad-varlen for scdaemon.
|
||||||
|
|
||||||
|
* New option --with-secret for GPG and GPGSM.
|
||||||
|
|
||||||
* Rename option --disable-pinpad for scdaemon (was: --disable-keypad).
|
* Rename option --disable-pinpad for scdaemon (was: --disable-keypad).
|
||||||
|
|
||||||
* Better support fo CCID readers. Now, internal CCID driver supports
|
* Better support fo CCID readers. Now, internal CCID driver supports
|
||||||
|
|
|
@ -194,7 +194,8 @@ described here.
|
||||||
|
|
||||||
Used in sec/sbb to print the serial number of a token (internal
|
Used in sec/sbb to print the serial number of a token (internal
|
||||||
protect mode 1002) or a '#' if that key is a simple stub (internal
|
protect mode 1002) or a '#' if that key is a simple stub (internal
|
||||||
protect mode 1001)
|
protect mode 1001). If the option --with-secret is used and a
|
||||||
|
secret key is available for the public key, a '+' indicates this.
|
||||||
|
|
||||||
*** Field 16 - Hash algorithm
|
*** Field 16 - Hash algorithm
|
||||||
|
|
||||||
|
|
|
@ -2127,6 +2127,12 @@ of the output and may be used together with another command.
|
||||||
@item --with-keygrip
|
@item --with-keygrip
|
||||||
@opindex with-keygrip
|
@opindex with-keygrip
|
||||||
Include the keygrip in the key listings.
|
Include the keygrip in the key listings.
|
||||||
|
|
||||||
|
@item --with-secret
|
||||||
|
@opindex with-secret
|
||||||
|
Include info about the presence of a secret key in public key listings
|
||||||
|
done with @code{--with-colons}.
|
||||||
|
|
||||||
@end ifset
|
@end ifset
|
||||||
|
|
||||||
@end table
|
@end table
|
||||||
|
|
|
@ -581,6 +581,13 @@ certificate.
|
||||||
Include the keygrip in standard key listings. Note that the keygrip is
|
Include the keygrip in standard key listings. Note that the keygrip is
|
||||||
always listed in --with-colons mode.
|
always listed in --with-colons mode.
|
||||||
|
|
||||||
|
@ifset gpgtwoone
|
||||||
|
@item --with-secret
|
||||||
|
@opindex with-secret
|
||||||
|
Include info about the presence of a secret key in public key listings
|
||||||
|
done with @code{--with-colons}.
|
||||||
|
@end ifset
|
||||||
|
|
||||||
@end table
|
@end table
|
||||||
|
|
||||||
@c *******************************************
|
@c *******************************************
|
||||||
|
|
|
@ -1475,7 +1475,7 @@ agent_probe_secret_key (ctrl_t ctrl, PKT_public_key *pk)
|
||||||
return err;
|
return err;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Ask the agent whether a secret key is availabale for any of the
|
/* Ask the agent whether a secret key is available for any of the
|
||||||
keys (primary or sub) in KEYBLOCK. Returns 0 if available. */
|
keys (primary or sub) in KEYBLOCK. Returns 0 if available. */
|
||||||
gpg_error_t
|
gpg_error_t
|
||||||
agent_probe_any_secret_key (ctrl_t ctrl, kbnode_t keyblock)
|
agent_probe_any_secret_key (ctrl_t ctrl, kbnode_t keyblock)
|
||||||
|
|
|
@ -176,6 +176,7 @@ enum cmd_and_opt_values
|
||||||
oFingerprint,
|
oFingerprint,
|
||||||
oWithFingerprint,
|
oWithFingerprint,
|
||||||
oWithKeygrip,
|
oWithKeygrip,
|
||||||
|
oWithSecret,
|
||||||
oAnswerYes,
|
oAnswerYes,
|
||||||
oAnswerNo,
|
oAnswerNo,
|
||||||
oKeyring,
|
oKeyring,
|
||||||
|
@ -705,6 +706,7 @@ static ARGPARSE_OPTS opts[] = {
|
||||||
ARGPARSE_s_n (oNoUtf8Strings, "no-utf8-strings", "@"),
|
ARGPARSE_s_n (oNoUtf8Strings, "no-utf8-strings", "@"),
|
||||||
ARGPARSE_s_n (oWithFingerprint, "with-fingerprint", "@"),
|
ARGPARSE_s_n (oWithFingerprint, "with-fingerprint", "@"),
|
||||||
ARGPARSE_s_n (oWithKeygrip, "with-keygrip", "@"),
|
ARGPARSE_s_n (oWithKeygrip, "with-keygrip", "@"),
|
||||||
|
ARGPARSE_s_n (oWithSecret, "with-secret", "@"),
|
||||||
ARGPARSE_s_s (oDisableCipherAlgo, "disable-cipher-algo", "@"),
|
ARGPARSE_s_s (oDisableCipherAlgo, "disable-cipher-algo", "@"),
|
||||||
ARGPARSE_s_s (oDisablePubkeyAlgo, "disable-pubkey-algo", "@"),
|
ARGPARSE_s_s (oDisablePubkeyAlgo, "disable-pubkey-algo", "@"),
|
||||||
ARGPARSE_s_n (oAllowNonSelfsignedUID, "allow-non-selfsigned-uid", "@"),
|
ARGPARSE_s_n (oAllowNonSelfsignedUID, "allow-non-selfsigned-uid", "@"),
|
||||||
|
@ -2386,6 +2388,10 @@ main (int argc, char **argv)
|
||||||
opt.with_keygrip = 1;
|
opt.with_keygrip = 1;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
case oWithSecret:
|
||||||
|
opt.with_secret = 1;
|
||||||
|
break;
|
||||||
|
|
||||||
case oSecretKeyring:
|
case oSecretKeyring:
|
||||||
/* Ignore this old option. */
|
/* Ignore this old option. */
|
||||||
break;
|
break;
|
||||||
|
|
|
@ -3974,7 +3974,7 @@ do_generate_keypair (struct para_data_s *para,
|
||||||
{
|
{
|
||||||
tty_printf (_("public and secret key created and signed.\n") );
|
tty_printf (_("public and secret key created and signed.\n") );
|
||||||
tty_printf ("\n");
|
tty_printf ("\n");
|
||||||
list_keyblock (pub_root, 0, 1, NULL);
|
list_keyblock (pub_root, 0, 1, 1, NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -43,8 +43,8 @@
|
||||||
#include "status.h"
|
#include "status.h"
|
||||||
#include "call-agent.h"
|
#include "call-agent.h"
|
||||||
|
|
||||||
static void list_all (int);
|
static void list_all (int, int);
|
||||||
static void list_one (strlist_t names, int secret);
|
static void list_one (strlist_t names, int secret, int mark_secret);
|
||||||
static void locate_one (ctrl_t ctrl, strlist_t names);
|
static void locate_one (ctrl_t ctrl, strlist_t names);
|
||||||
static void print_card_serialno (const char *serialno);
|
static void print_card_serialno (const char *serialno);
|
||||||
|
|
||||||
|
@ -114,9 +114,9 @@ public_key_list (ctrl_t ctrl, strlist_t list, int locate_mode)
|
||||||
if (locate_mode)
|
if (locate_mode)
|
||||||
locate_one (ctrl, list);
|
locate_one (ctrl, list);
|
||||||
else if (!list)
|
else if (!list)
|
||||||
list_all (0);
|
list_all (0, opt.with_secret);
|
||||||
else
|
else
|
||||||
list_one (list, 0);
|
list_one (list, 0, opt.with_secret);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -128,9 +128,9 @@ secret_key_list (ctrl_t ctrl, strlist_t list)
|
||||||
check_trustdb_stale ();
|
check_trustdb_stale ();
|
||||||
|
|
||||||
if (!list)
|
if (!list)
|
||||||
list_all (1);
|
list_all (1, 0);
|
||||||
else /* List by user id */
|
else /* List by user id */
|
||||||
list_one (list, 1);
|
list_one (list, 1, 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
|
@ -427,12 +427,17 @@ print_signature_stats (struct sig_stats *s)
|
||||||
tty_printf (_("%d signatures not checked due to errors\n"), s->oth_err);
|
tty_printf (_("%d signatures not checked due to errors\n"), s->oth_err);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/* List all keys. If SECRET is true only secret keys are listed. If
|
||||||
|
MARK_SECRET is true secret keys are indicated in a public key
|
||||||
|
listing. */
|
||||||
static void
|
static void
|
||||||
list_all (int secret)
|
list_all (int secret, int mark_secret)
|
||||||
{
|
{
|
||||||
KEYDB_HANDLE hd;
|
KEYDB_HANDLE hd;
|
||||||
KBNODE keyblock = NULL;
|
KBNODE keyblock = NULL;
|
||||||
int rc = 0;
|
int rc = 0;
|
||||||
|
int any_secret;
|
||||||
const char *lastresname, *resname;
|
const char *lastresname, *resname;
|
||||||
struct sig_stats stats;
|
struct sig_stats stats;
|
||||||
|
|
||||||
|
@ -459,7 +464,13 @@ list_all (int secret)
|
||||||
log_error ("keydb_get_keyblock failed: %s\n", g10_errstr (rc));
|
log_error ("keydb_get_keyblock failed: %s\n", g10_errstr (rc));
|
||||||
goto leave;
|
goto leave;
|
||||||
}
|
}
|
||||||
if (secret && agent_probe_any_secret_key (NULL, keyblock))
|
|
||||||
|
if (secret || mark_secret)
|
||||||
|
any_secret = !agent_probe_any_secret_key (NULL, keyblock);
|
||||||
|
else
|
||||||
|
any_secret = 0;
|
||||||
|
|
||||||
|
if (secret && !any_secret)
|
||||||
; /* Secret key listing requested but this isn't one. */
|
; /* Secret key listing requested but this isn't one. */
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
@ -478,7 +489,7 @@ list_all (int secret)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
merge_keys_and_selfsig (keyblock);
|
merge_keys_and_selfsig (keyblock);
|
||||||
list_keyblock (keyblock, secret, opt.fingerprint,
|
list_keyblock (keyblock, secret, any_secret, opt.fingerprint,
|
||||||
opt.check_sigs ? &stats : NULL);
|
opt.check_sigs ? &stats : NULL);
|
||||||
}
|
}
|
||||||
release_kbnode (keyblock);
|
release_kbnode (keyblock);
|
||||||
|
@ -498,7 +509,7 @@ leave:
|
||||||
|
|
||||||
|
|
||||||
static void
|
static void
|
||||||
list_one (strlist_t names, int secret)
|
list_one (strlist_t names, int secret, int mark_secret)
|
||||||
{
|
{
|
||||||
int rc = 0;
|
int rc = 0;
|
||||||
KBNODE keyblock = NULL;
|
KBNODE keyblock = NULL;
|
||||||
|
@ -537,7 +548,7 @@ list_one (strlist_t names, int secret)
|
||||||
es_putc ('-', es_stdout);
|
es_putc ('-', es_stdout);
|
||||||
es_putc ('\n', es_stdout);
|
es_putc ('\n', es_stdout);
|
||||||
}
|
}
|
||||||
list_keyblock (keyblock, secret, opt.fingerprint,
|
list_keyblock (keyblock, secret, mark_secret, opt.fingerprint,
|
||||||
(!secret && opt.check_sigs)? &stats : NULL);
|
(!secret && opt.check_sigs)? &stats : NULL);
|
||||||
release_kbnode (keyblock);
|
release_kbnode (keyblock);
|
||||||
}
|
}
|
||||||
|
@ -572,7 +583,7 @@ locate_one (ctrl_t ctrl, strlist_t names)
|
||||||
{
|
{
|
||||||
do
|
do
|
||||||
{
|
{
|
||||||
list_keyblock (keyblock, 0, opt.fingerprint,
|
list_keyblock (keyblock, 0, 0, opt.fingerprint,
|
||||||
opt.check_sigs ? &stats : NULL);
|
opt.check_sigs ? &stats : NULL);
|
||||||
release_kbnode (keyblock);
|
release_kbnode (keyblock);
|
||||||
}
|
}
|
||||||
|
@ -1128,8 +1139,12 @@ print_revokers (estream_t fp, PKT_public_key * pk)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/* List a key in colon mode. If SECRET is true this is a secret key
|
||||||
|
record (i.e. requested via --list-secret-key). If HAS_SECRET a
|
||||||
|
secret key is available even if SECRET is not set. */
|
||||||
static void
|
static void
|
||||||
list_keyblock_colon (KBNODE keyblock, int secret, int fpr)
|
list_keyblock_colon (KBNODE keyblock, int secret, int has_secret, int fpr)
|
||||||
{
|
{
|
||||||
int rc;
|
int rc;
|
||||||
KBNODE kbctx;
|
KBNODE kbctx;
|
||||||
|
@ -1154,14 +1169,14 @@ list_keyblock_colon (KBNODE keyblock, int secret, int fpr)
|
||||||
}
|
}
|
||||||
|
|
||||||
pk = node->pkt->pkt.public_key;
|
pk = node->pkt->pkt.public_key;
|
||||||
if (secret || opt.with_keygrip || opt.with_key_data)
|
if (secret || has_secret || opt.with_keygrip || opt.with_key_data)
|
||||||
{
|
{
|
||||||
rc = hexkeygrip_from_pk (pk, &hexgrip);
|
rc = hexkeygrip_from_pk (pk, &hexgrip);
|
||||||
if (rc)
|
if (rc)
|
||||||
log_error ("error computing a keygrip: %s\n", gpg_strerror (rc));
|
log_error ("error computing a keygrip: %s\n", gpg_strerror (rc));
|
||||||
}
|
}
|
||||||
stubkey = 0;
|
stubkey = 0;
|
||||||
if (secret && agent_get_keyinfo (NULL, hexgrip, &serialno))
|
if ((secret||has_secret) && agent_get_keyinfo (NULL, hexgrip, &serialno))
|
||||||
stubkey = 1; /* Key not found. */
|
stubkey = 1; /* Key not found. */
|
||||||
|
|
||||||
keyid_from_pk (pk, keyid);
|
keyid_from_pk (pk, keyid);
|
||||||
|
@ -1197,12 +1212,14 @@ list_keyblock_colon (KBNODE keyblock, int secret, int fpr)
|
||||||
print_capabilities (pk, keyblock);
|
print_capabilities (pk, keyblock);
|
||||||
es_putc (':', es_stdout); /* End of field 13. */
|
es_putc (':', es_stdout); /* End of field 13. */
|
||||||
es_putc (':', es_stdout); /* End of field 14. */
|
es_putc (':', es_stdout); /* End of field 14. */
|
||||||
if (secret)
|
if (secret || has_secret)
|
||||||
{
|
{
|
||||||
if (stubkey)
|
if (stubkey)
|
||||||
es_putc ('#', es_stdout);
|
es_putc ('#', es_stdout);
|
||||||
else if (serialno)
|
else if (serialno)
|
||||||
es_fputs (serialno, es_stdout);
|
es_fputs (serialno, es_stdout);
|
||||||
|
else if (has_secret)
|
||||||
|
es_putc ('+', es_stdout);
|
||||||
}
|
}
|
||||||
es_putc (':', es_stdout); /* End of field 15. */
|
es_putc (':', es_stdout); /* End of field 15. */
|
||||||
es_putc (':', es_stdout); /* End of field 16. */
|
es_putc (':', es_stdout); /* End of field 16. */
|
||||||
|
@ -1286,7 +1303,7 @@ list_keyblock_colon (KBNODE keyblock, int secret, int fpr)
|
||||||
pk2 = node->pkt->pkt.public_key;
|
pk2 = node->pkt->pkt.public_key;
|
||||||
xfree (hexgrip); hexgrip = NULL;
|
xfree (hexgrip); hexgrip = NULL;
|
||||||
xfree (serialno); serialno = NULL;
|
xfree (serialno); serialno = NULL;
|
||||||
if (secret || opt.with_keygrip || opt.with_key_data)
|
if (secret || has_secret || opt.with_keygrip || opt.with_key_data)
|
||||||
{
|
{
|
||||||
rc = hexkeygrip_from_pk (pk2, &hexgrip);
|
rc = hexkeygrip_from_pk (pk2, &hexgrip);
|
||||||
if (rc)
|
if (rc)
|
||||||
|
@ -1294,7 +1311,8 @@ list_keyblock_colon (KBNODE keyblock, int secret, int fpr)
|
||||||
gpg_strerror (rc));
|
gpg_strerror (rc));
|
||||||
}
|
}
|
||||||
stubkey = 0;
|
stubkey = 0;
|
||||||
if (secret && agent_get_keyinfo (NULL, hexgrip, &serialno))
|
if ((secret||has_secret)
|
||||||
|
&& agent_get_keyinfo (NULL, hexgrip, &serialno))
|
||||||
stubkey = 1; /* Key not found. */
|
stubkey = 1; /* Key not found. */
|
||||||
|
|
||||||
keyid_from_pk (pk2, keyid2);
|
keyid_from_pk (pk2, keyid2);
|
||||||
|
@ -1323,12 +1341,14 @@ list_keyblock_colon (KBNODE keyblock, int secret, int fpr)
|
||||||
print_capabilities (pk2, NULL);
|
print_capabilities (pk2, NULL);
|
||||||
es_putc (':', es_stdout); /* End of field 13. */
|
es_putc (':', es_stdout); /* End of field 13. */
|
||||||
es_putc (':', es_stdout); /* End of field 14. */
|
es_putc (':', es_stdout); /* End of field 14. */
|
||||||
if (secret)
|
if (secret || has_secret)
|
||||||
{
|
{
|
||||||
if (stubkey)
|
if (stubkey)
|
||||||
es_putc ('#', es_stdout);
|
es_putc ('#', es_stdout);
|
||||||
else if (serialno)
|
else if (serialno)
|
||||||
es_fputs (serialno, es_stdout);
|
es_fputs (serialno, es_stdout);
|
||||||
|
else if (has_secret)
|
||||||
|
es_putc ('+', es_stdout);
|
||||||
}
|
}
|
||||||
es_putc (':', es_stdout); /* End of field 15. */
|
es_putc (':', es_stdout); /* End of field 15. */
|
||||||
es_putc (':', es_stdout); /* End of field 16. */
|
es_putc (':', es_stdout); /* End of field 16. */
|
||||||
|
@ -1529,11 +1549,12 @@ reorder_keyblock (KBNODE keyblock)
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
list_keyblock (KBNODE keyblock, int secret, int fpr, void *opaque)
|
list_keyblock (KBNODE keyblock, int secret, int has_secret, int fpr,
|
||||||
|
void *opaque)
|
||||||
{
|
{
|
||||||
reorder_keyblock (keyblock);
|
reorder_keyblock (keyblock);
|
||||||
if (opt.with_colons)
|
if (opt.with_colons)
|
||||||
list_keyblock_colon (keyblock, secret, fpr);
|
list_keyblock_colon (keyblock, secret, has_secret, fpr);
|
||||||
else
|
else
|
||||||
list_keyblock_print (keyblock, secret, fpr, opaque);
|
list_keyblock_print (keyblock, secret, fpr, opaque);
|
||||||
}
|
}
|
||||||
|
|
|
@ -327,7 +327,8 @@ void public_key_list (ctrl_t ctrl, strlist_t list, int locate_mode );
|
||||||
void secret_key_list (ctrl_t ctrl, strlist_t list );
|
void secret_key_list (ctrl_t ctrl, strlist_t list );
|
||||||
void print_subpackets_colon(PKT_signature *sig);
|
void print_subpackets_colon(PKT_signature *sig);
|
||||||
void reorder_keyblock (KBNODE keyblock);
|
void reorder_keyblock (KBNODE keyblock);
|
||||||
void list_keyblock( KBNODE keyblock, int secret, int fpr, void *opaque );
|
void list_keyblock (kbnode_t keyblock, int secret, int has_secret,
|
||||||
|
int fpr, void *opaque);
|
||||||
void print_fingerprint (estream_t fp, PKT_public_key *pk, int mode);
|
void print_fingerprint (estream_t fp, PKT_public_key *pk, int mode);
|
||||||
void print_revokers (estream_t fp, PKT_public_key *pk);
|
void print_revokers (estream_t fp, PKT_public_key *pk);
|
||||||
void show_policy_url(PKT_signature *sig,int indent,int mode);
|
void show_policy_url(PKT_signature *sig,int indent,int mode);
|
||||||
|
|
|
@ -68,6 +68,7 @@ struct
|
||||||
int with_key_data;
|
int with_key_data;
|
||||||
int with_fingerprint; /* Option --with-fingerprint active. */
|
int with_fingerprint; /* Option --with-fingerprint active. */
|
||||||
int with_keygrip; /* Option --with-keygrip active. */
|
int with_keygrip; /* Option --with-keygrip active. */
|
||||||
|
int with_secret; /* Option --with-secret active. */
|
||||||
int fingerprint; /* list fingerprints */
|
int fingerprint; /* list fingerprints */
|
||||||
int list_sigs; /* list signatures */
|
int list_sigs; /* list signatures */
|
||||||
int no_armor;
|
int no_armor;
|
||||||
|
|
|
@ -148,6 +148,7 @@ enum cmd_and_opt_values {
|
||||||
oWithFingerprint,
|
oWithFingerprint,
|
||||||
oWithMD5Fingerprint,
|
oWithMD5Fingerprint,
|
||||||
oWithKeygrip,
|
oWithKeygrip,
|
||||||
|
oWithSecret,
|
||||||
oAnswerYes,
|
oAnswerYes,
|
||||||
oAnswerNo,
|
oAnswerNo,
|
||||||
oKeyring,
|
oKeyring,
|
||||||
|
@ -383,6 +384,7 @@ static ARGPARSE_OPTS opts[] = {
|
||||||
ARGPARSE_s_n (oSkipVerify, "skip-verify", "@"),
|
ARGPARSE_s_n (oSkipVerify, "skip-verify", "@"),
|
||||||
ARGPARSE_s_n (oWithFingerprint, "with-fingerprint", "@"),
|
ARGPARSE_s_n (oWithFingerprint, "with-fingerprint", "@"),
|
||||||
ARGPARSE_s_n (oWithKeygrip, "with-keygrip", "@"),
|
ARGPARSE_s_n (oWithKeygrip, "with-keygrip", "@"),
|
||||||
|
ARGPARSE_s_n (oWithSecret, "with-secret", "@"),
|
||||||
ARGPARSE_s_s (oDisableCipherAlgo, "disable-cipher-algo", "@"),
|
ARGPARSE_s_s (oDisableCipherAlgo, "disable-cipher-algo", "@"),
|
||||||
ARGPARSE_s_s (oDisablePubkeyAlgo, "disable-pubkey-algo", "@"),
|
ARGPARSE_s_s (oDisablePubkeyAlgo, "disable-pubkey-algo", "@"),
|
||||||
ARGPARSE_s_n (oIgnoreTimeConflict, "ignore-time-conflict", "@"),
|
ARGPARSE_s_n (oIgnoreTimeConflict, "ignore-time-conflict", "@"),
|
||||||
|
@ -1333,6 +1335,7 @@ main ( int argc, char **argv)
|
||||||
|
|
||||||
case oWithKeyData: opt.with_key_data=1; /* fall thru */
|
case oWithKeyData: opt.with_key_data=1; /* fall thru */
|
||||||
case oWithColons: ctrl.with_colons = 1; break;
|
case oWithColons: ctrl.with_colons = 1; break;
|
||||||
|
case oWithSecret: ctrl.with_secret = 1; break;
|
||||||
case oWithValidation: ctrl.with_validation=1; break;
|
case oWithValidation: ctrl.with_validation=1; break;
|
||||||
case oWithEphemeralKeys: ctrl.with_ephemeral_keys=1; break;
|
case oWithEphemeralKeys: ctrl.with_ephemeral_keys=1; break;
|
||||||
|
|
||||||
|
|
|
@ -177,6 +177,7 @@ struct server_control_s
|
||||||
accessed. */
|
accessed. */
|
||||||
|
|
||||||
int with_colons; /* Use column delimited output format */
|
int with_colons; /* Use column delimited output format */
|
||||||
|
int with_secret; /* Mark secret keys in a public key listing. */
|
||||||
int with_chain; /* Include the certifying certs in a listing */
|
int with_chain; /* Include the certifying certs in a listing */
|
||||||
int with_validation;/* Validate each key while listing. */
|
int with_validation;/* Validate each key while listing. */
|
||||||
int with_ephemeral_keys; /* Include ephemeral flagged keys in the
|
int with_ephemeral_keys; /* Include ephemeral flagged keys in the
|
||||||
|
|
14
sm/keylist.c
14
sm/keylist.c
|
@ -457,7 +457,6 @@ list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity,
|
||||||
algo = gpgsm_get_key_algo_info (cert, &nbits);
|
algo = gpgsm_get_key_algo_info (cert, &nbits);
|
||||||
es_fprintf (fp, ":%u:%d:%s:", nbits, algo, fpr+24);
|
es_fprintf (fp, ":%u:%d:%s:", nbits, algo, fpr+24);
|
||||||
|
|
||||||
/* We assume --fixed-list-mode for gpgsm */
|
|
||||||
ksba_cert_get_validity (cert, 0, t);
|
ksba_cert_get_validity (cert, 0, t);
|
||||||
print_time (t, fp);
|
print_time (t, fp);
|
||||||
es_putc (':', fp);
|
es_putc (':', fp);
|
||||||
|
@ -495,19 +494,24 @@ list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity,
|
||||||
es_putc (':', fp);
|
es_putc (':', fp);
|
||||||
/* Field 12, capabilities: */
|
/* Field 12, capabilities: */
|
||||||
print_capabilities (cert, fp);
|
print_capabilities (cert, fp);
|
||||||
|
es_putc (':', fp);
|
||||||
/* Field 13, not used: */
|
/* Field 13, not used: */
|
||||||
es_putc (':', fp);
|
es_putc (':', fp);
|
||||||
if (have_secret)
|
if (have_secret || ctrl->with_secret)
|
||||||
{
|
{
|
||||||
char *cardsn;
|
char *cardsn;
|
||||||
|
|
||||||
p = gpgsm_get_keygrip_hexstring (cert);
|
p = gpgsm_get_keygrip_hexstring (cert);
|
||||||
if (!gpgsm_agent_keyinfo (ctrl, p, &cardsn) && cardsn)
|
if (!gpgsm_agent_keyinfo (ctrl, p, &cardsn)
|
||||||
|
&& (cardsn || ctrl->with_secret))
|
||||||
{
|
{
|
||||||
/* Field 14, not used: */
|
/* Field 14, not used: */
|
||||||
es_putc (':', fp);
|
es_putc (':', fp);
|
||||||
/* Field 15: Token serial number. */
|
/* Field 15: Token serial number or secret key indicator. */
|
||||||
es_fputs (cardsn, fp);
|
if (cardsn)
|
||||||
|
es_fputs (cardsn, fp);
|
||||||
|
else if (ctrl->with_secret)
|
||||||
|
es_putc ('+', fp);
|
||||||
es_putc (':', fp);
|
es_putc (':', fp);
|
||||||
}
|
}
|
||||||
xfree (cardsn);
|
xfree (cardsn);
|
||||||
|
|
|
@ -274,6 +274,11 @@ option_handler (assuan_context_t ctx, const char *key, const char *value)
|
||||||
int i = *value? atoi (value) : 0;
|
int i = *value? atoi (value) : 0;
|
||||||
ctrl->with_validation = i;
|
ctrl->with_validation = i;
|
||||||
}
|
}
|
||||||
|
else if (!strcmp (key, "with-validation"))
|
||||||
|
{
|
||||||
|
int i = *value? atoi (value) : 0;
|
||||||
|
ctrl->with_secret = i;
|
||||||
|
}
|
||||||
else if (!strcmp (key, "validation-model"))
|
else if (!strcmp (key, "validation-model"))
|
||||||
{
|
{
|
||||||
int i = gpgsm_parse_validation_model (value);
|
int i = gpgsm_parse_validation_model (value);
|
||||||
|
|
Loading…
Reference in New Issue