gpg: New option --forbid-gen-key.

* g10/gpg.c (oForbidGenKey, opts): New option. (mopt): New local struct (gen_key_forbidden): New. (main): Set and handle the option. -- In large system installation it is sometimes useful to make it a bit harder for users to generate their own keys. An example is a policy to not use on-disk keys.
2025-01-03 12:11:33 +01:00 · 2021-11-22 20:59:22 +01:00 · 2021-11-22 20:59:22 +01:00 · c397ba3ac0
commit c397ba3ac0
parent b091a250d1
2 changed files with 46 additions and 9 deletions
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@ -3635,6 +3635,12 @@ This option modifies the behaviour of the commands
 sub-commands of @option{--edit-key} by forcing the creation of a key
 signature, even if one already exists.

+@item --forbid-gen-key
+@opindex forbid-gen-key
+This option is intended for use in the global config file to disallow
+the use of generate key commands.  Those commands will then fail with
+the error code for Not Enabled.
+
@item --allow-secret-key-import
@opindex allow-secret-key-import
 This is an obsolete option and is not used anywhere.
--- a/g10/gpg.c
+++ b/g10/gpg.c
@ -440,6 +440,7 @@ enum cmd_and_opt_values
    oNoIncludeKeyBlock,
    oChUid,
    oForceSignKey,
+    oForbidGenKey,

    oNoop
  };
@ -907,6 +908,7 @@ static gpgrt_opt_t opts[] = {
  ARGPARSE_s_s (oChUid,      "chuid",      "@"),
  ARGPARSE_s_n (oNoAutostart, "no-autostart", "@"),
  ARGPARSE_s_n (oUseKeyboxd,    "use-keyboxd", "@"),
+  ARGPARSE_s_n (oForbidGenKey,  "forbid-gen-key", "@"),
  /* Options which can be used in special circumstances. They are not
   * published and we hope they are never required.  */
  ARGPARSE_s_n (oUseOnlyOpenPGPCard, "use-only-openpgp-card", "@"),
@ -1025,6 +1027,12 @@ static int maybe_setuid = 1;
 static unsigned int opt_set_iobuf_size;
 static unsigned int opt_set_iobuf_size_used;

+/* Collection of options used only in this module.  */
+static struct {
+  unsigned int forbid_gen_key;
+} mopt;
+
+
 static char *build_list( const char *text, char letter,
 			 const char *(*mapf)(int), int (*chkf)(int) );
 static void set_cmd( enum cmd_and_opt_values *ret_cmd,
@ -1036,6 +1044,8 @@ static void add_keyserver_url( const char *string, int which );
 static void emergency_cleanup (void);
 static void read_sessionkey_from_fd (int fd);

+
+
 /* NPth wrapper function definitions. */
 ASSUAN_SYSTEM_NPTH_IMPL;

@ -2292,8 +2302,13 @@ set_compliance_option (enum cmd_and_opt_values option)
 }


-
-
+static void
+gen_key_forbidden (void)
+{
+  write_status_failure ("gen-key", gpg_error (GPG_ERR_NOT_ENABLED));
+  log_error (_("This command is not allowed while in %s mode.\n"),
+             "forbid-gen-key");
+}


 /* This function called to initialized a new control object.  It is
@ -3703,6 +3718,10 @@ main (int argc, char **argv)
            opt.flags.full_timestrings = 1;
            break;

+          case oForbidGenKey:
+            mopt.forbid_gen_key = 1;
+            break;
+
 	  case oNoop: break;

 	  default:
@ -4683,18 +4702,25 @@ main (int argc, char **argv)
                    }
                }
            }
-          quick_generate_keypair (ctrl, username, x_algo, x_usage, x_expire);
+          if (mopt.forbid_gen_key)
+            gen_key_forbidden ();
+          else
+            quick_generate_keypair (ctrl, username, x_algo, x_usage, x_expire);
          xfree (username);
        }
        break;

      case aKeygen: /* generate a key */
-	if( opt.batch ) {
+        if (mopt.forbid_gen_key)
+          gen_key_forbidden ();
+	else if( opt.batch )
+          {
 	    if( argc > 1 )
 		wrong_args("--generate-key [parameterfile]");
 	    generate_keypair (ctrl, 0, argc? *argv : NULL, NULL, 0);
-	}
-	else {
+          }
+	else
+          {
            if (opt.command_fd != -1 && argc)
              {
                if( argc > 1 )
@ -4707,11 +4733,13 @@ main (int argc, char **argv)
              wrong_args ("--generate-key");
            else
              generate_keypair (ctrl, 0, NULL, NULL, 0);
-	}
+          }
 	break;

      case aFullKeygen: /* Generate a key with all options. */
-	if (opt.batch)
+        if (mopt.forbid_gen_key)
+          gen_key_forbidden ();
+	else if (opt.batch)
          {
 	    if (argc > 1)
              wrong_args ("--full-generate-key [parameterfile]");
@ -4759,7 +4787,10 @@ main (int argc, char **argv)
                   }
                }
            }
-          keyedit_quick_addkey (ctrl, x_fpr, x_algo, x_usage, x_expire);
+          if (mopt.forbid_gen_key)
+            gen_key_forbidden ();
+          else
+            keyedit_quick_addkey (ctrl, x_fpr, x_algo, x_usage, x_expire);
        }
 	break;