Add new option --with-secret.

* g10/gpg.c: Add option --with-secret.
* g10/options.h (struct opt): Add field with_secret.
* g10/keylist.c (public_key_list): Pass opt.with_secret to list_all
and list_one.
(list_all, list_one): Add arg mark_secret.
(list_keyblock_colon): Add arg has_secret.
* sm/gpgsm.c: Add option --with-secret.
* sm/server.c (option_handler): Add option "with-secret".
* sm/gpgsm.h (server_control_s): Add field with_secret.
* sm/keylist.c (list_cert_colon): Take care of with_secret.  Also move
the token string from the wrong field 14 to 15.
--

This option is useful for key managers which need to know whether a
key has a secret key.  This change allows to collect this information
in one pass.

4 files changed, 18 insertions, 5 deletions

diff --git a/sm/gpgsm.c b/sm/gpgsm.c
index 01f33e3ae..c813336ae 100644
--- a/sm/gpgsm.c
+++ b/sm/gpgsm.c
@@ -148,6 +148,7 @@ enum cmd_and_opt_values {
   oWithFingerprint,
   oWithMD5Fingerprint,
   oWithKeygrip,
+  oWithSecret,
   oAnswerYes,
   oAnswerNo,
   oKeyring,
@@ -383,6 +384,7 @@ static ARGPARSE_OPTS opts[] = {
   ARGPARSE_s_n (oSkipVerify, "skip-verify", "@"),
   ARGPARSE_s_n (oWithFingerprint, "with-fingerprint", "@"),
   ARGPARSE_s_n (oWithKeygrip,     "with-keygrip", "@"),
+  ARGPARSE_s_n (oWithSecret,      "with-secret", "@"),
   ARGPARSE_s_s (oDisableCipherAlgo,  "disable-cipher-algo", "@"),
   ARGPARSE_s_s (oDisablePubkeyAlgo,  "disable-pubkey-algo", "@"),
   ARGPARSE_s_n (oIgnoreTimeConflict, "ignore-time-conflict", "@"),
@@ -1333,6 +1335,7 @@ main ( int argc, char **argv)
 
         case oWithKeyData: opt.with_key_data=1; /* fall thru */
         case oWithColons: ctrl.with_colons = 1; break;
+        case oWithSecret: ctrl.with_secret = 1; break;
         case oWithValidation: ctrl.with_validation=1; break;
         case oWithEphemeralKeys: ctrl.with_ephemeral_keys=1; break;
 
diff --git a/sm/gpgsm.h b/sm/gpgsm.h
index 7c7ca7a20..83918cc9a 100644
--- a/sm/gpgsm.h
+++ b/sm/gpgsm.h
@@ -177,6 +177,7 @@ struct server_control_s
                          accessed.  */
 
   int with_colons;    /* Use column delimited output format */
+  int with_secret;    /* Mark secret keys in a public key listing.  */
   int with_chain;     /* Include the certifying certs in a listing */
   int with_validation;/* Validate each key while listing. */
   int with_ephemeral_keys;  /* Include ephemeral flagged keys in the
diff --git a/sm/keylist.c b/sm/keylist.c
index f96c03f07..dab1295d0 100644
--- a/sm/keylist.c
+++ b/sm/keylist.c
@@ -457,7 +457,6 @@ list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity,
   algo = gpgsm_get_key_algo_info (cert, &nbits);
   es_fprintf (fp, ":%u:%d:%s:", nbits, algo, fpr+24);
 
-  /* We assume --fixed-list-mode for gpgsm */
   ksba_cert_get_validity (cert, 0, t);
   print_time (t, fp);
   es_putc (':', fp);
@@ -495,19 +494,24 @@ list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity,
   es_putc (':', fp);
   /* Field 12, capabilities: */
   print_capabilities (cert, fp);
+  es_putc (':', fp);
   /* Field 13, not used: */
   es_putc (':', fp);
-  if (have_secret)
+  if (have_secret || ctrl->with_secret)
     {
       char *cardsn;
 
       p = gpgsm_get_keygrip_hexstring (cert);
-      if (!gpgsm_agent_keyinfo (ctrl, p, &cardsn) && cardsn)
+      if (!gpgsm_agent_keyinfo (ctrl, p, &cardsn)
+          && (cardsn || ctrl->with_secret))
         {
           /* Field 14, not used: */
           es_putc (':', fp);
-          /* Field 15:  Token serial number.  */
-          es_fputs (cardsn, fp);
+          /* Field 15:  Token serial number or secret key indicator.  */
+          if (cardsn)
+            es_fputs (cardsn, fp);
+          else if (ctrl->with_secret)
+            es_putc ('+', fp);
           es_putc (':', fp);
         }
       xfree (cardsn);
diff --git a/sm/server.c b/sm/server.c
index 201a34b3e..f399c8ec1 100644
--- a/sm/server.c
+++ b/sm/server.c
@@ -274,6 +274,11 @@ option_handler (assuan_context_t ctx, const char *key, const char *value)
       int i = *value? atoi (value) : 0;
       ctrl->with_validation = i;
     }
+  else if (!strcmp (key, "with-validation"))
+    {
+      int i = *value? atoi (value) : 0;
+      ctrl->with_secret = i;
+    }
   else if (!strcmp (key, "validation-model"))
     {
       int i = gpgsm_parse_validation_model (value);