gpg: New option --sender

* g10/options.h (struct opt): Add field 'sender_list'.
* g10/gpg.c: Include mbox-util.h.
(oSender): New.
(opts): Add option "--sender".
(main): Parse option.
--

This option will eventually be used for more advanced purposes.

Signed-off-by: Werner Koch <wk@gnupg.org>

doc/gpg.texi

@@ -2087,6 +2087,15 @@ Remove all entries from the @option{--group} list.
 Use @var{name} as the key to sign with. Note that this option overrides
 @option{--default-key}.
 
+@item --sender @var{mbox}
+@opindex sender
+This option has two purposes.  @var{mbox} must either be a complete
+user id with a proper mail address or just a mail address.  When
+creating a signature this option tells gpg the user id of a key used
+to make a signature if the key was not directly specified by a user
+id.  When verifying a signature the @var{mbox} is used to restrict the
+information printed by the TOFU code to matching user ids.
+
 @item --try-secret-key @var{name}
 @opindex try-secret-key
 For hidden recipients GPG needs to know the keys to use for trial

g10/gpg.c

@@ -60,6 +60,7 @@
 #include "call-dirmngr.h"
 #include "tofu.h"
 #include "../common/init.h"
+#include "../common/mbox-util.h"
 #include "../common/shareddefs.h"
 
 #if defined(HAVE_DOSISH_SYSTEM) || defined(__CYGWIN__)
@@ -406,6 +407,7 @@ enum cmd_and_opt_values
     oUnwrap,
     oOnlySignTextIDs,
     oDisableSignerUID,
+    oSender,
 
     oNoop
   };
@@ -525,6 +527,7 @@ static ARGPARSE_OPTS opts[] = {
   ARGPARSE_s_n (oEncryptToDefaultKey, "encrypt-to-default-key", "@"),
   ARGPARSE_s_s (oLocalUser, "local-user",
                 N_("|USER-ID|use USER-ID to sign or decrypt")),
+  ARGPARSE_s_s (oSender, "sender", "@"),
 
   ARGPARSE_s_s (oTrySecretKey, "try-secret-key", "@"),
 
@@ -2907,6 +2910,19 @@ main (int argc, char **argv)
             if (configfp)
               sl->flags |= PK_LIST_CONFIG;
 	    break;
+	  case oSender:
+            {
+              char *mbox = mailbox_from_userid (pargs.r.ret_str);
+              if (!mbox)
+                log_error (_("\"%s\" is not a proper mail address\n"),
+                           pargs.r.ret_str);
+              else
+                {
+                  add_to_strlist (&opt.sender_list, mbox);
+                  xfree (mbox);
+                }
+            }
+	    break;
 	  case oCompress:
 	    /* this is the -z command line option */
 	    opt.compress_level = opt.bz2_compress_level = pargs.r.ret_int;

g10/options.h

@@ -101,6 +101,10 @@ struct
   int def_recipient_self;
   strlist_t secret_keys_to_try;
 
+  /* A list of mail addresses (addr-spec) provided by the user with
+   * the option --sender.  */
+  strlist_t sender_list;
+
   int def_cert_level;
   int min_cert_level;
   int ask_cert_level;

g10/sign.c

@@ -158,6 +158,21 @@ mk_notation_policy_etc (PKT_signature *sig,
           build_sig_subpkt (sig, SIGSUBPKT_SIGNERS_UID, mbox, strlen (mbox));
           xfree (mbox);
         }
+      else if (opt.sender_list)
+        {
+          /* If a list of --sender was given we scan that list and use
+           * the first one matching a user id of the current key.  */
+
+          /* FIXME: We need to get the list of user ids for the PKSK
+           * packet.  That requires either a function to look it up
+           * again or we need to extend the key packet struct to link
+           * to the primary key which in turn could link to the user
+           * ids.  Too much of a change right now.  Let's take just
+           * one from the supplied list and hope that the caller
+           * passed a matching one.  */
+          build_sig_subpkt (sig, SIGSUBPKT_SIGNERS_UID,
+                            opt.sender_list->d, strlen (opt.sender_list->d));
+        }
     }
 }