diff options
Diffstat (limited to 'sm')
| -rw-r--r-- | sm/call-agent.c | 2 | ||||
| -rw-r--r-- | sm/certchain.c | 20 | ||||
| -rw-r--r-- | sm/gpgsm.c | 7 | ||||
| -rw-r--r-- | sm/gpgsm.h | 4 | ||||
| -rw-r--r-- | sm/qualified.c | 2 | ||||
| -rw-r--r-- | sm/sign.c | 7 | ||||
| -rw-r--r-- | sm/verify.c | 2 |
7 files changed, 34 insertions, 10 deletions
diff --git a/sm/call-agent.c b/sm/call-agent.c index c2875626b..16fb10901 100644 --- a/sm/call-agent.c +++ b/sm/call-agent.c @@ -970,6 +970,8 @@ istrusted_status_cb (void *opaque, const char *line) parm->flags.chain_model = 1; else if (has_leading_keyword (line, "qual")) parm->flags.qualified = 1; + else if (has_leading_keyword (line, "noconsent")) + parm->flags.noconsent = 1; else if (has_leading_keyword (line, "de-vs")) parm->flags.de_vs = 1; diff --git a/sm/certchain.c b/sm/certchain.c index e5272b983..a285ce32c 100644 --- a/sm/certchain.c +++ b/sm/certchain.c @@ -1630,7 +1630,7 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg, int any_no_policy_match = 0; int is_qualified = -1; /* Indicates whether the certificate stems from a qualified root certificate. - -1 = unknown, 0 = no, 1 = yes. */ + -1 = unknown, 0 = no, 1 = yes, 2 = yes,noconsent */ chain_item_t chain = NULL; /* A list of all certificates in the chain. */ @@ -1816,7 +1816,10 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg, { /* We already checked this for this certificate, thus we simply take it from the user data. */ - is_qualified = !!*buf; + if (*buf == 2) + is_qualified = 2; + else + is_qualified = !!*buf; } else { @@ -1828,7 +1831,8 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg, else err = gpgsm_is_in_qualified_list (ctrl, subject_cert, NULL); if (!err) - is_qualified = 1; + is_qualified = (rootca_flags->qualified + && rootca_flags->noconsent)? 2 : 1; else if ( gpg_err_code (err) == GPG_ERR_NOT_FOUND) is_qualified = 0; else @@ -1839,7 +1843,10 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg, { /* Cache the result but don't care too much about an error. */ - buf[0] = !!is_qualified; + if (is_qualified == 2) + buf[0] = 2; + else + buf[0] = !!is_qualified; err = ksba_cert_set_user_data (subject_cert, "is_qualified", buf, 1); if (err) @@ -2222,7 +2229,10 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg, chain_item_t ci; char buf[1]; - buf[0] = !!is_qualified; + if (is_qualified == 2) + buf[0] = 2; + else + buf[0] = !!is_qualified; for (ci = chain; ci; ci = ci->next) { diff --git a/sm/gpgsm.c b/sm/gpgsm.c index 319002b07..57148d03e 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -220,6 +220,7 @@ enum cmd_and_opt_values { oAlwaysTrust, oNoAutostart, oAssertSigner, + oNoQESNote, oNoop }; @@ -324,7 +325,7 @@ static gpgrt_opt_t opts[] = { ARGPARSE_s_s (oKeyboxdProgram, "keyboxd-program", "@"), ARGPARSE_s_s (oDirmngrProgram, "dirmngr-program", "@"), ARGPARSE_s_s (oProtectToolProgram, "protect-tool-program", "@"), - + ARGPARSE_s_n (oNoQESNote, "no-qes-note", "@"), ARGPARSE_header ("Input", N_("Options controlling the input")), @@ -1540,6 +1541,8 @@ main ( int argc, char **argv) add_to_strlist (&opt.assert_signer_list, pargs.r.ret_str); break; + case oNoQESNote: opt.no_qes_note = 1; break; + case oNoop: break; default: @@ -1640,7 +1643,7 @@ main ( int argc, char **argv) assuan_control (ASSUAN_CONTROL_REINIT_SYSCALL_CLAMP, NULL); -/* if (opt.qualsig_approval && !opt.quiet) */ +/* if (opt.qualsig_approval && !opt.quiet && !opt.no_qes_note) */ /* log_info (_("This software has officially been approved to " */ /* "create and verify\n" */ /* "qualified signatures according to German law.\n")); */ diff --git a/sm/gpgsm.h b/sm/gpgsm.h index d23223ea9..cc049d05b 100644 --- a/sm/gpgsm.h +++ b/sm/gpgsm.h @@ -141,6 +141,9 @@ struct runtime option in case we want to check the integrity of the software at runtime. */ + int no_qes_note; /* Do not print a note that the software + * has not been approved for creating or + * verifying qualified signatures. */ unsigned int min_rsa_length; /* Used for compliance checks. */ @@ -341,6 +344,7 @@ struct rootca_flags_s unsigned int relax:1; /* Relax checking of root certificates. */ unsigned int chain_model:1; /* Root requires the use of the chain model. */ unsigned int qualified:1; /* Root CA used for qualified signatures. */ + unsigned int noconsent:1; /* Consent is not required "qualified". */ unsigned int de_vs:1; /* Root CA is de-vs compliant. */ }; diff --git a/sm/qualified.c b/sm/qualified.c index 4d8dfccab..b35f4458b 100644 --- a/sm/qualified.c +++ b/sm/qualified.c @@ -209,7 +209,7 @@ gpgsm_qualified_consent (ctrl_t ctrl, ksba_cert_t cert) "equated to a handwritten signature.\n\n%s%s" "Are you really sure that you want to do this?"), subject? subject:"?", - opt.qualsig_approval? + (opt.qualsig_approval || opt.no_qes_note)? "": _("Note, that this software is not officially approved " "to create or verify such signatures.\n"), @@ -891,7 +891,12 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist, goto leave; } if (*buffer) - err = gpgsm_qualified_consent (ctrl, cl->cert); + { + if (*buffer == 2) + err = 0; /* No consent required. */ + else + err = gpgsm_qualified_consent (ctrl, cl->cert); + } else err = gpgsm_not_qualified_warning (ctrl, cl->cert); if (err) diff --git a/sm/verify.c b/sm/verify.c index 3c22ee0cc..2aaab30cd 100644 --- a/sm/verify.c +++ b/sm/verify.c @@ -703,7 +703,7 @@ gpgsm_verify (ctrl_t ctrl, estream_t in_fp, estream_t data_fp, if (*qualbuffer) { log_info (_("This is a qualified signature\n")); - if (!opt.qualsig_approval) + if (!opt.qualsig_approval && !opt.no_qes_note) log_info (_("Note, that this software is not officially approved " "to create or verify such signatures.\n")); |