security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00
Code Activity

gpg: Print revocation certificate details when showing with-colons.

Browse Source 
* g10/import.c (import_revoke_cert): add options argument, and print
colon-delimited output for revocation certificate as requested.
--

I looked into trying to make this work with one of the functions in
g10/keylist.c, but i saw nothing that will accept a revocation
certificate on its own, so i'm replicating the functionality directly
in g10/import.c.  This is a bit unfortunate because the code for
describing a revocation cert now exists in two separate places, but
refactoring both list_keyblock_print() and list_keyblock_colon() in
g10/keylist.c seems like a much heavier lift.

GnuPG-Bug-id: 4018
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
This commit is contained in:
Daniel Kahn Gillmor 2018-06-12 02:41:30 -04:00
parent dc96fd8835
commit ee1fc420fb
1 changed files with 22 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
g10/import.c
View File

@ -114,7 +114,8 @@ static int import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
unsigned int options, int for_migration, unsigned int options, int for_migration,
import_screener_t screener, void *screener_arg); import_screener_t screener, void *screener_arg);
static int import_revoke_cert (ctrl_t ctrl, static int import_revoke_cert (ctrl_t ctrl,
kbnode_t node, struct import_stats_s *stats); kbnode_t node, unsigned int options,
struct import_stats_s *stats);
static int chk_self_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid, static int chk_self_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid,
int *non_self); int *non_self);
static int delete_inv_parts (ctrl_t ctrl, kbnode_t keyblock, static int delete_inv_parts (ctrl_t ctrl, kbnode_t keyblock,
@ -590,7 +591,7 @@ import (ctrl_t ctrl, IOBUF inp, const char* fname,struct import_stats_s *stats,
screener, screener_arg); screener, screener_arg);
else if (keyblock->pkt->pkttype == PKT_SIGNATURE else if (keyblock->pkt->pkttype == PKT_SIGNATURE
&& IS_KEY_REV (keyblock->pkt->pkt.signature) ) && IS_KEY_REV (keyblock->pkt->pkt.signature) )
rc = import_revoke_cert (ctrl, keyblock, stats); rc = import_revoke_cert (ctrl, keyblock, options, stats);
else else
{ {
log_info (_("skipping block of type %d\n"), keyblock->pkt->pkttype); log_info (_("skipping block of type %d\n"), keyblock->pkt->pkttype);
@ -2607,7 +2608,7 @@ import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
* Import a revocation certificate; this is a single signature packet. * Import a revocation certificate; this is a single signature packet.
*/ */
static int static int
import_revoke_cert (ctrl_t ctrl, kbnode_t node, struct import_stats_s *stats) import_revoke_cert (ctrl_t ctrl, kbnode_t node, unsigned int options, struct import_stats_s *stats)
{ {
PKT_public_key *pk = NULL; PKT_public_key *pk = NULL;
kbnode_t onode; kbnode_t onode;
@ -2623,6 +2624,24 @@ import_revoke_cert (ctrl_t ctrl, kbnode_t node, struct import_stats_s *stats)
keyid[0] = node->pkt->pkt.signature->keyid[0]; keyid[0] = node->pkt->pkt.signature->keyid[0];
keyid[1] = node->pkt->pkt.signature->keyid[1]; keyid[1] = node->pkt->pkt.signature->keyid[1];
if ((options & IMPORT_SHOW) &&
(opt.with_colons))
{
PKT_signature *sig = node->pkt->pkt.signature;
char *issuer_fpr = issuer_fpr = issuer_fpr_string (sig);
es_fprintf (es_stdout, "rev::%d:%08lX%08lX:%s:%s:::::::%s:::%d:\n",
sig->pubkey_algo,
(ulong) sig->keyid[0], (ulong) sig->keyid[1],
colon_datestr_from_sig (sig),
colon_expirestr_from_sig (sig),
issuer_fpr ? issuer_fpr : "",
sig->digest_algo);
xfree (issuer_fpr);
es_fflush (es_stdout);
}
pk = xmalloc_clear( sizeof *pk ); pk = xmalloc_clear( sizeof *pk );
rc = get_pubkey (ctrl, pk, keyid ); rc = get_pubkey (ctrl, pk, keyid );
if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY ) if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY )