security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

* gpgsm.c: New option --with-ephemeral-keys. 

* keylist.c (list_internal_keys): Set it here.
(list_cert_raw): And indicate those keys.  Changed all our callers
to pass the new arg HD through.
This commit is contained in:
Werner Koch 2004-08-06 16:14:10 +00:00
parent 818e9bad58
commit f96ad015d8
5 changed files with 44 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
doc/gpgsm.texi
View File

@ -381,7 +381,7 @@ values include up to @var{n} certificates starting with the signer cert.
@node Esoteric Options
@subsection Doing things one usually don't want todo.
@subsection Doing things one usually don't want to do.
@table @gnupgtabopt
@ -392,6 +392,10 @@ This option is only useful for testing; it sets the system time back or
forth to @var{epoch} which is the number of seconds elapsed since the year
1970.
@item --with-ephemeral-keys
@opindex with-ephemeral-keys
Include ephemeral flagged keys in the output of key listings.
@item --debug-level @var{level}
@opindex debug-level
Select the debug level for investigating problems. @var{level} may be

7
sm/ChangeLog
View File

@ -1,3 +1,10 @@
2004-08-06 Werner Koch <wk@g10code.com>
* gpgsm.c: New option --with-ephemeral-keys.
* keylist.c (list_internal_keys): Set it here.
(list_cert_raw): And indicate those keys. Changed all our callers
to pass the new arg HD through.
2004-07-23 Werner Koch <wk@g10code.de>
* certreqgen.c (proc_parameters): Do not allow key length below

3
sm/gpgsm.c
View File

@ -170,6 +170,7 @@ enum cmd_and_opt_values {
oWithColons,
oWithKeyData,
oWithValidation,
oWithEphemeralKeys,
oSkipVerify,
oCompressKeys,
oCompressSigs,
@ -404,6 +405,7 @@ static ARGPARSE_OPTS opts[] = {
{ oWithKeyData,"with-key-data", 0, "@"},
{ oWithValidation, "with-validation", 0, "@"},
{ oWithMD5Fingerprint, "with-md5-fingerprint", 0, "@"},
{ oWithEphemeralKeys, "with-ephemeral-keys", 0, "@"},
{ aListKeys, "list-key", 0, "@" }, /* alias */
{ aListSigs, "list-sig", 0, "@" }, /* alias */
{ aListSigs, "check-sig",0, "@" }, /* alias */
@ -1078,6 +1080,7 @@ main ( int argc, char **argv)
case oWithKeyData: opt.with_key_data=1; /* fall thru */
case oWithColons: ctrl.with_colons = 1; break;
case oWithValidation: ctrl.with_validation=1; break;
case oWithEphemeralKeys: opt.with_ephemeral_keys=1; break;
case oSkipVerify: opt.skip_verify=1; break;

3
sm/gpgsm.h
View File

@ -65,6 +65,9 @@ struct {
int with_md5_fingerprint; /* Also print an MD5 fingerprint for
standard key listings. */
int with_ephemeral_keys; /* Include ephemeral flagged keys in the
keylisting. */
int armor; /* force base64 armoring (see also ctrl.with_base64) */
int no_armor; /* don't try to figure out whether data is base64 armored*/

34
sm/keylist.c
View File

@ -503,7 +503,8 @@ print_names_raw (FILE *fp, int indent, ksba_name_t name)
the certificate. This one does no beautification and only minimal
output sanitation. It is mainly useful for debugging. */
static void
list_cert_raw (ctrl_t ctrl, ksba_cert_t cert, FILE *fp, int have_secret,
list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd,
ksba_cert_t cert, FILE *fp, int have_secret,
int with_validation)
{
gpg_error_t err;
@ -807,6 +808,18 @@ list_cert_raw (ctrl_t ctrl, ksba_cert_t cert, FILE *fp, int have_secret,
else
fprintf (fp, " [certificate is bad: %s]\n", gpg_strerror (err));
}
if (opt.with_ephemeral_keys && hd)
{
unsigned int blobflags;
err = keydb_get_flags (hd, KEYBOX_FLAG_BLOB, 0, &blobflags);
if (err)
fprintf (fp, " [error getting keyflags: %s]\n", gpg_strerror (err));
else if ((blobflags & 2))
fprintf (fp, " [stored as ephemeral]\n");
}
}
@ -992,13 +1005,14 @@ list_cert_std (ctrl_t ctrl, ksba_cert_t cert, FILE *fp, int have_secret,
/* Same as standard mode mode list all certifying certs too. */
static void
list_cert_chain (ctrl_t ctrl, ksba_cert_t cert, int raw_mode,
list_cert_chain (ctrl_t ctrl, KEYDB_HANDLE hd,
ksba_cert_t cert, int raw_mode,
FILE *fp, int with_validation)
{
ksba_cert_t next = NULL;
if (raw_mode)
list_cert_raw (ctrl, cert, fp, 0, with_validation);
list_cert_raw (ctrl, hd, cert, fp, 0, with_validation);
else
list_cert_std (ctrl, cert, fp, 0, with_validation);
ksba_cert_ref (cert);
@ -1007,7 +1021,7 @@ list_cert_chain (ctrl_t ctrl, ksba_cert_t cert, int raw_mode,
ksba_cert_release (cert);
fputs ("Certified by\n", fp);
if (raw_mode)
list_cert_raw (ctrl, next, fp, 0, with_validation);
list_cert_raw (ctrl, hd, next, fp, 0, with_validation);
else
list_cert_std (ctrl, next, fp, 0, with_validation);
cert = next;
@ -1079,6 +1093,9 @@ list_internal_keys (ctrl_t ctrl, STRLIST names, FILE *fp,
}
if (opt.with_ephemeral_keys)
keydb_set_ephemeral (hd, 1);
/* It would be nice to see which of the given users did actually
match one in the keyring. To implement this we need to have a
found flag for each entry in desc and to set this we must check
@ -1146,11 +1163,12 @@ list_internal_keys (ctrl_t ctrl, STRLIST names, FILE *fp,
if (ctrl->with_colons)
list_cert_colon (ctrl, cert, validity, fp, have_secret);
else if (ctrl->with_chain)
list_cert_chain (ctrl, cert, raw_mode, fp, ctrl->with_validation);
list_cert_chain (ctrl, hd, cert,
raw_mode, fp, ctrl->with_validation);
else
{
if (raw_mode)
list_cert_raw (ctrl, cert, fp, have_secret,
list_cert_raw (ctrl, hd, cert, fp, have_secret,
ctrl->with_validation);
else
list_cert_std (ctrl, cert, fp, have_secret,
@ -1198,11 +1216,11 @@ list_external_cb (void *cb_value, ksba_cert_t cert)
if (parm->with_colons)
list_cert_colon (parm->ctrl, cert, 0, parm->fp, 0);
else if (parm->with_chain)
list_cert_chain (parm->ctrl, cert, parm->raw_mode, parm->fp, 0);
list_cert_chain (parm->ctrl, NULL, cert, parm->raw_mode, parm->fp, 0);
else
{
if (parm->raw_mode)
list_cert_raw (parm->ctrl, cert, parm->fp, 0, 0);
list_cert_raw (parm->ctrl, NULL, cert, parm->fp, 0, 0);
else
list_cert_std (parm->ctrl, cert, parm->fp, 0, 0);
putc ('\n', parm->fp);