1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

gpg: Print the signer's UID during verification.

* g10/parse-packet.c (parse_signature): Sanitize the value stored in
SIGNERS_UID.
* g10/mainproc.c (issuer_fpr_string): New.
(check_sig_and_print): Print the signers' UID.  Print the issuer
fingerprint in --rfc4880bis mode.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2016-08-10 19:51:54 +02:00
parent f2ea7e539c
commit ed5c1b0b8a
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
3 changed files with 33 additions and 7 deletions

View File

@ -1552,6 +1552,21 @@ akl_has_wkd_method (void)
}
/* Return the ISSUER fingerprint string in human readbale format if
* available. Caller must release the string. */
static char *
issuer_fpr_string (PKT_signature *sig)
{
const byte *p;
size_t n;
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_ISSUER_FPR, &n);
if (p && n == 21 && p[0] == 4)
return bin2hex (p+1, n-1, NULL);
return NULL;
}
static void
print_good_bad_signature (int statno, const char *keyid_str, kbnode_t un,
PKT_signature *sig, int rc)
@ -1589,6 +1604,7 @@ check_sig_and_print (CTX c, kbnode_t node)
int is_expkey = 0;
int is_revkey = 0;
char pkstrbuf[PUBKEY_STRING_SIZE];
char *issuer_fpr;
*pkstrbuf = 0;
@ -1715,17 +1731,29 @@ check_sig_and_print (CTX c, kbnode_t node)
write_status_text (STATUS_NEWSIG, NULL);
astr = openpgp_pk_algo_name ( sig->pubkey_algo );
if (keystrlen () > 8)
if (opt.flags.rfc4880bis && (issuer_fpr = issuer_fpr_string (sig)))
{
log_info (_("Signature made %s\n"), asctimestamp(sig->timestamp));
log_info (_(" using %s key %s\n"),
astr? astr: "?", issuer_fpr);
xfree (issuer_fpr);
}
else if (!keystrlen () || keystrlen () > 8)
{
log_info (_("Signature made %s\n"), asctimestamp(sig->timestamp));
log_info (_(" using %s key %s\n"),
astr? astr: "?", keystr(sig->keyid));
}
else
else /* Legacy format. */
log_info (_("Signature made %s using %s key ID %s\n"),
asctimestamp(sig->timestamp), astr? astr: "?",
keystr(sig->keyid));
/* In verbose mode print the signers UID. */
if (sig->signers_uid)
log_info (_(" issuer \"%s\"\n"), sig->signers_uid);
rc = do_check_sig (c, node, NULL, &is_expkey, &is_revkey );
/* If the key isn't found, check for a preferred keyserver. */

View File

@ -231,7 +231,8 @@ typedef struct
pka_info_t *pka_info; /* Malloced PKA data or NULL if not
available. See also flags.pka_tried. */
char *signers_uid; /* Malloced value of the SIGNERS_UID
* subpacket. */
* subpacket or NULL. This string has
* already been sanitized. */
subpktarea_t *hashed; /* All subpackets with hashed data (v4 only). */
subpktarea_t *unhashed; /* Ditto for unhashed data. */
/* First 2 bytes of the digest. (Serialized. Note: this is not

View File

@ -1936,15 +1936,12 @@ parse_signature (IOBUF inp, int pkttype, unsigned long pktlen,
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_SIGNERS_UID, &len);
if (p && len)
{
sig->signers_uid = xtrymalloc (len+1);
sig->signers_uid = try_make_printable_string (p, len, 0);
if (!sig->signers_uid)
{
rc = gpg_error_from_syserror ();
goto leave;
}
/* Note that we don't care about binary zeroes in the value. */
memcpy (sig->signers_uid, p, len);
sig->signers_uid[len] = 0;
}
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_NOTATION, NULL);