mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-03 12:11:33 +01:00
gpg: Print the signer's UID during verification.
* g10/parse-packet.c (parse_signature): Sanitize the value stored in SIGNERS_UID. * g10/mainproc.c (issuer_fpr_string): New. (check_sig_and_print): Print the signers' UID. Print the issuer fingerprint in --rfc4880bis mode. -- Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
parent
f2ea7e539c
commit
ed5c1b0b8a
@ -1552,6 +1552,21 @@ akl_has_wkd_method (void)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/* Return the ISSUER fingerprint string in human readbale format if
|
||||||
|
* available. Caller must release the string. */
|
||||||
|
static char *
|
||||||
|
issuer_fpr_string (PKT_signature *sig)
|
||||||
|
{
|
||||||
|
const byte *p;
|
||||||
|
size_t n;
|
||||||
|
|
||||||
|
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_ISSUER_FPR, &n);
|
||||||
|
if (p && n == 21 && p[0] == 4)
|
||||||
|
return bin2hex (p+1, n-1, NULL);
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
static void
|
static void
|
||||||
print_good_bad_signature (int statno, const char *keyid_str, kbnode_t un,
|
print_good_bad_signature (int statno, const char *keyid_str, kbnode_t un,
|
||||||
PKT_signature *sig, int rc)
|
PKT_signature *sig, int rc)
|
||||||
@ -1589,6 +1604,7 @@ check_sig_and_print (CTX c, kbnode_t node)
|
|||||||
int is_expkey = 0;
|
int is_expkey = 0;
|
||||||
int is_revkey = 0;
|
int is_revkey = 0;
|
||||||
char pkstrbuf[PUBKEY_STRING_SIZE];
|
char pkstrbuf[PUBKEY_STRING_SIZE];
|
||||||
|
char *issuer_fpr;
|
||||||
|
|
||||||
*pkstrbuf = 0;
|
*pkstrbuf = 0;
|
||||||
|
|
||||||
@ -1715,17 +1731,29 @@ check_sig_and_print (CTX c, kbnode_t node)
|
|||||||
write_status_text (STATUS_NEWSIG, NULL);
|
write_status_text (STATUS_NEWSIG, NULL);
|
||||||
|
|
||||||
astr = openpgp_pk_algo_name ( sig->pubkey_algo );
|
astr = openpgp_pk_algo_name ( sig->pubkey_algo );
|
||||||
if (keystrlen () > 8)
|
if (opt.flags.rfc4880bis && (issuer_fpr = issuer_fpr_string (sig)))
|
||||||
|
{
|
||||||
|
log_info (_("Signature made %s\n"), asctimestamp(sig->timestamp));
|
||||||
|
log_info (_(" using %s key %s\n"),
|
||||||
|
astr? astr: "?", issuer_fpr);
|
||||||
|
|
||||||
|
xfree (issuer_fpr);
|
||||||
|
}
|
||||||
|
else if (!keystrlen () || keystrlen () > 8)
|
||||||
{
|
{
|
||||||
log_info (_("Signature made %s\n"), asctimestamp(sig->timestamp));
|
log_info (_("Signature made %s\n"), asctimestamp(sig->timestamp));
|
||||||
log_info (_(" using %s key %s\n"),
|
log_info (_(" using %s key %s\n"),
|
||||||
astr? astr: "?", keystr(sig->keyid));
|
astr? astr: "?", keystr(sig->keyid));
|
||||||
}
|
}
|
||||||
else
|
else /* Legacy format. */
|
||||||
log_info (_("Signature made %s using %s key ID %s\n"),
|
log_info (_("Signature made %s using %s key ID %s\n"),
|
||||||
asctimestamp(sig->timestamp), astr? astr: "?",
|
asctimestamp(sig->timestamp), astr? astr: "?",
|
||||||
keystr(sig->keyid));
|
keystr(sig->keyid));
|
||||||
|
|
||||||
|
/* In verbose mode print the signers UID. */
|
||||||
|
if (sig->signers_uid)
|
||||||
|
log_info (_(" issuer \"%s\"\n"), sig->signers_uid);
|
||||||
|
|
||||||
rc = do_check_sig (c, node, NULL, &is_expkey, &is_revkey );
|
rc = do_check_sig (c, node, NULL, &is_expkey, &is_revkey );
|
||||||
|
|
||||||
/* If the key isn't found, check for a preferred keyserver. */
|
/* If the key isn't found, check for a preferred keyserver. */
|
||||||
|
@ -231,7 +231,8 @@ typedef struct
|
|||||||
pka_info_t *pka_info; /* Malloced PKA data or NULL if not
|
pka_info_t *pka_info; /* Malloced PKA data or NULL if not
|
||||||
available. See also flags.pka_tried. */
|
available. See also flags.pka_tried. */
|
||||||
char *signers_uid; /* Malloced value of the SIGNERS_UID
|
char *signers_uid; /* Malloced value of the SIGNERS_UID
|
||||||
* subpacket. */
|
* subpacket or NULL. This string has
|
||||||
|
* already been sanitized. */
|
||||||
subpktarea_t *hashed; /* All subpackets with hashed data (v4 only). */
|
subpktarea_t *hashed; /* All subpackets with hashed data (v4 only). */
|
||||||
subpktarea_t *unhashed; /* Ditto for unhashed data. */
|
subpktarea_t *unhashed; /* Ditto for unhashed data. */
|
||||||
/* First 2 bytes of the digest. (Serialized. Note: this is not
|
/* First 2 bytes of the digest. (Serialized. Note: this is not
|
||||||
|
@ -1936,15 +1936,12 @@ parse_signature (IOBUF inp, int pkttype, unsigned long pktlen,
|
|||||||
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_SIGNERS_UID, &len);
|
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_SIGNERS_UID, &len);
|
||||||
if (p && len)
|
if (p && len)
|
||||||
{
|
{
|
||||||
sig->signers_uid = xtrymalloc (len+1);
|
sig->signers_uid = try_make_printable_string (p, len, 0);
|
||||||
if (!sig->signers_uid)
|
if (!sig->signers_uid)
|
||||||
{
|
{
|
||||||
rc = gpg_error_from_syserror ();
|
rc = gpg_error_from_syserror ();
|
||||||
goto leave;
|
goto leave;
|
||||||
}
|
}
|
||||||
/* Note that we don't care about binary zeroes in the value. */
|
|
||||||
memcpy (sig->signers_uid, p, len);
|
|
||||||
sig->signers_uid[len] = 0;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_NOTATION, NULL);
|
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_NOTATION, NULL);
|
||||||
|
Loading…
x
Reference in New Issue
Block a user