diff options
| author | Daniel Kahn Gillmor <[email protected]> | 2020-02-26 17:53:22 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2020-03-18 13:01:17 +0000 |
| commit | b6d89d1944c55f302fb797cce0e007f59aabaf54 (patch) | |
| tree | 256e923096ec899e4b173ba995bd79d37472a8b0 | |
| parent | gpg: Fix key expiration and usage for keys created at the Epoch. (diff) | |
| download | gnupg-b6d89d1944c55f302fb797cce0e007f59aabaf54.tar.gz gnupg-b6d89d1944c55f302fb797cce0e007f59aabaf54.zip | |
gpg: Update --trusted-key to accept fingerprint as well as long key id.
* g10/trustdb.c (tdb_register_trusted_key): accept fingerprint as well
as long key ID.
* doc/gpg.texi: document that --trusted-key can accept a fingerprint.
--
GnuPG-bug-id: 4855
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
Fixed uses or return and kept the old string to avoid breaking
translations.
Signed-off-by: Werner Koch <[email protected]>
(cherry picked from commit 810ea2cc684480c6aadceb2a10dd00f3fa67f2fb)
Remove the test for FPRLEN which we do not have in 2.2
Signed-off-by: Werner Koch <[email protected]>
| -rw-r--r-- | doc/gpg.texi | 4 | ||||
| -rw-r--r-- | g10/trustdb.c | 24 |
2 files changed, 20 insertions, 8 deletions
diff --git a/doc/gpg.texi b/doc/gpg.texi index 7a135cdc8..4870441d4 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -1642,10 +1642,10 @@ certification level below this as invalid. Defaults to 2, which disregards level 1 signatures. Note that level 0 "no particular claim" signatures are always accepted. -@item --trusted-key @var{long key ID} +@item --trusted-key @var{long key ID or fingerprint} @opindex trusted-key Assume that the specified key (which must be given -as a full 8 byte key ID) is as trustworthy as one of +as a full 8 byte key ID or 20 byte fingerprint) is as trustworthy as one of your own secret keys. This option is useful if you don't want to keep your secret keys (or one of them) online but still want to be able to check the validity of a given diff --git a/g10/trustdb.c b/g10/trustdb.c index e7d254cfa..b8f9e82c2 100644 --- a/g10/trustdb.c +++ b/g10/trustdb.c @@ -205,22 +205,34 @@ tdb_register_trusted_keyid (u32 *keyid) user_utk_list = k; } + void -tdb_register_trusted_key( const char *string ) +tdb_register_trusted_key (const char *string) { gpg_error_t err; KEYDB_SEARCH_DESC desc; + u32 kid[2]; err = classify_user_id (string, &desc, 1); - if (err || desc.mode != KEYDB_SEARCH_MODE_LONG_KID ) + if (!err) { - log_error(_("'%s' is not a valid long keyID\n"), string ); - return; + if (desc.mode == KEYDB_SEARCH_MODE_LONG_KID) + { + register_trusted_keyid (desc.u.kid); + return; + } + if (desc.mode == KEYDB_SEARCH_MODE_FPR) + { + kid[0] = buf32_to_u32 (desc.u.fpr+12); + kid[1] = buf32_to_u32 (desc.u.fpr+16); + register_trusted_keyid (kid); + return; + } } - - register_trusted_keyid(desc.u.kid); + log_error (_("'%s' is not a valid long keyID\n"), string ); } + /* * Helper to add a key to the global list of ultimately trusted keys. * Returns: true = inserted, false = already in list. |