gpg: New option --sender

* g10/options.h (struct opt): Add field 'sender_list'. * g10/gpg.c: Include mbox-util.h. (oSender): New. (opts): Add option "--sender". (main): Parse option. -- This option will eventually be used for more advanced purposes. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-18 10:08:34 +02:00 · 2016-08-18 10:08:34 +02:00 · de6e3217cd
parent b5d63e81d5
commit de6e3217cd
4 changed files with 44 additions and 0 deletions
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@ -2087,6 +2087,15 @@ Remove all entries from the @option{--group} list.
 Use @var{name} as the key to sign with. Note that this option overrides
@option{--default-key}.

+@item --sender @var{mbox}
+@opindex sender
+This option has two purposes.  @var{mbox} must either be a complete
+user id with a proper mail address or just a mail address.  When
+creating a signature this option tells gpg the user id of a key used
+to make a signature if the key was not directly specified by a user
+id.  When verifying a signature the @var{mbox} is used to restrict the
+information printed by the TOFU code to matching user ids.
+
@item --try-secret-key @var{name}
@opindex try-secret-key
 For hidden recipients GPG needs to know the keys to use for trial
--- a/g10/gpg.c
+++ b/g10/gpg.c
@ -60,6 +60,7 @@
 #include "call-dirmngr.h"
 #include "tofu.h"
 #include "../common/init.h"
+#include "../common/mbox-util.h"
 #include "../common/shareddefs.h"

 #if defined(HAVE_DOSISH_SYSTEM) || defined(__CYGWIN__)
@ -406,6 +407,7 @@ enum cmd_and_opt_values
    oUnwrap,
    oOnlySignTextIDs,
    oDisableSignerUID,
+    oSender,

    oNoop
  };
@ -525,6 +527,7 @@ static ARGPARSE_OPTS opts[] = {
  ARGPARSE_s_n (oEncryptToDefaultKey, "encrypt-to-default-key", "@"),
  ARGPARSE_s_s (oLocalUser, "local-user",
                N_("|USER-ID|use USER-ID to sign or decrypt")),
+  ARGPARSE_s_s (oSender, "sender", "@"),

  ARGPARSE_s_s (oTrySecretKey, "try-secret-key", "@"),

@ -2907,6 +2910,19 @@ main (int argc, char **argv)
            if (configfp)
              sl->flags |= PK_LIST_CONFIG;
 	    break;
+	  case oSender:
+            {
+              char *mbox = mailbox_from_userid (pargs.r.ret_str);
+              if (!mbox)
+                log_error (_("\"%s\" is not a proper mail address\n"),
+                           pargs.r.ret_str);
+              else
+                {
+                  add_to_strlist (&opt.sender_list, mbox);
+                  xfree (mbox);
+                }
+            }
+	    break;
 	  case oCompress:
 	    /* this is the -z command line option */
 	    opt.compress_level = opt.bz2_compress_level = pargs.r.ret_int;
--- a/g10/options.h
+++ b/g10/options.h
@ -101,6 +101,10 @@ struct
  int def_recipient_self;
  strlist_t secret_keys_to_try;

+  /* A list of mail addresses (addr-spec) provided by the user with
+   * the option --sender.  */
+  strlist_t sender_list;
+
  int def_cert_level;
  int min_cert_level;
  int ask_cert_level;
--- a/g10/sign.c
+++ b/g10/sign.c
@ -158,6 +158,21 @@ mk_notation_policy_etc (PKT_signature *sig,
          build_sig_subpkt (sig, SIGSUBPKT_SIGNERS_UID, mbox, strlen (mbox));
          xfree (mbox);
        }
+      else if (opt.sender_list)
+        {
+          /* If a list of --sender was given we scan that list and use
+           * the first one matching a user id of the current key.  */
+
+          /* FIXME: We need to get the list of user ids for the PKSK
+           * packet.  That requires either a function to look it up
+           * again or we need to extend the key packet struct to link
+           * to the primary key which in turn could link to the user
+           * ids.  Too much of a change right now.  Let's take just
+           * one from the supplied list and hope that the caller
+           * passed a matching one.  */
+          build_sig_subpkt (sig, SIGSUBPKT_SIGNERS_UID,
+                            opt.sender_list->d, strlen (opt.sender_list->d));
+        }
    }
 }