From 1383aa475059e212fcd61c85046bfc80fcb8e708 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Wed, 12 Oct 2022 10:19:14 +0200
Subject: agent: Introduce attribute "Remote-list" to KEYINFO.

* agent/command.c (do_one_keyinfo): Add arg list_mode.  Check
attribute Remote-list.
(cmd_keyinfo): Change semantics to return nothing in restricted list
mode.
---
 agent/command.c     | 43 +++++++++++++++++++++----------------------
 agent/keyformat.txt |  6 ++++++
 2 files changed, 27 insertions(+), 22 deletions(-)

diff --git a/agent/command.c b/agent/command.c
index e25c6dfda..b820a5528 100644
--- a/agent/command.c
+++ b/agent/command.c
@@ -1479,7 +1479,7 @@ static gpg_error_t
 do_one_keyinfo (ctrl_t ctrl, const unsigned char *grip, assuan_context_t ctx,
                 int data, int with_ssh_fpr, int in_ssh,
                 int ttl, int disabled, int confirm, int on_card,
-                const char *need_attr)
+                const char *need_attr, int list_mode)
 {
   gpg_error_t err;
   char hexgrip[40+1];
@@ -1507,11 +1507,12 @@ do_one_keyinfo (ctrl_t ctrl, const unsigned char *grip, assuan_context_t ctx,
         goto leave;
     }
 
-  if (need_attr)
+  if (need_attr || (ctrl->restricted && list_mode))
     {
       gcry_sexp_t s_key = NULL;
       nvc_t keymeta = NULL;
-      int istrue;
+      int istrue, has_rl;
+
 
       if (missing_key)
         goto leave; /* No attribute available.  */
@@ -1521,7 +1522,14 @@ do_one_keyinfo (ctrl_t ctrl, const unsigned char *grip, assuan_context_t ctx,
         istrue = 0;
       else
         {
-          istrue = nvc_get_boolean (keymeta, need_attr);
+          has_rl = 0;
+          if (ctrl->restricted && list_mode
+              && !(has_rl = nvc_get_boolean (keymeta, "Remote-list:")))
+            istrue = 0;
+          else if (need_attr)
+            istrue = nvc_get_boolean (keymeta, need_attr);
+          else
+            istrue = has_rl;
           nvc_release (keymeta);
         }
       gcry_sexp_release (s_key);
@@ -1532,7 +1540,6 @@ do_one_keyinfo (ctrl_t ctrl, const unsigned char *grip, assuan_context_t ctx,
         }
     }
 
-
   /* Reformat the grip so that we use uppercase as good style. */
   bin2hex (grip, 20, hexgrip);
 
@@ -1722,12 +1729,6 @@ cmd_keyinfo (assuan_context_t ctx, char *line)
 
   if (list_mode == 2)
     {
-      if (ctrl->restricted)
-        {
-          err = leave_cmd (ctx, gpg_error (GPG_ERR_FORBIDDEN));
-          goto leave;;
-        }
-
       if (cf)
         {
           while (!ssh_read_control_file (cf, hexgrip,
@@ -1742,8 +1743,10 @@ cmd_keyinfo (assuan_context_t ctx, char *line)
                   on_card = 1;
 
               err = do_one_keyinfo (ctrl, grip, ctx, opt_data, opt_ssh_fpr, 1,
-                                    ttl, disabled, confirm, on_card, need_attr);
-              if (need_attr && gpg_err_code (err) == GPG_ERR_NOT_FOUND)
+                                    ttl, disabled, confirm, on_card, need_attr,
+                                    list_mode);
+              if ((need_attr || ctrl->restricted)
+                  && gpg_err_code (err) == GPG_ERR_NOT_FOUND)
                 ;
               else if (err)
                 goto leave;
@@ -1756,12 +1759,6 @@ cmd_keyinfo (assuan_context_t ctx, char *line)
       char *dirname;
       gnupg_dirent_t dir_entry;
 
-      if (ctrl->restricted)
-        {
-          err = leave_cmd (ctx, gpg_error (GPG_ERR_FORBIDDEN));
-          goto leave;
-        }
-
       dirname = make_filename_try (gnupg_homedir (),
                                    GNUPG_PRIVATE_KEYS_DIR, NULL);
       if (!dirname)
@@ -1806,8 +1803,10 @@ cmd_keyinfo (assuan_context_t ctx, char *line)
               on_card = 1;
 
           err = do_one_keyinfo (ctrl, grip, ctx, opt_data, opt_ssh_fpr, is_ssh,
-                                ttl, disabled, confirm, on_card, need_attr);
-          if (need_attr && gpg_err_code (err) == GPG_ERR_NOT_FOUND)
+                                ttl, disabled, confirm, on_card, need_attr,
+                                list_mode);
+          if ((need_attr || ctrl->restricted)
+              && gpg_err_code (err) == GPG_ERR_NOT_FOUND)
             ;
           else if (err)
             goto leave;
@@ -1836,7 +1835,7 @@ cmd_keyinfo (assuan_context_t ctx, char *line)
           on_card = 1;
 
       err = do_one_keyinfo (ctrl, grip, ctx, opt_data, opt_ssh_fpr, is_ssh,
-                            ttl, disabled, confirm, on_card, need_attr);
+                            ttl, disabled, confirm, on_card, need_attr, 0);
     }
 
  leave:
diff --git a/agent/keyformat.txt b/agent/keyformat.txt
index 97e2f795f..42e6d215e 100644
--- a/agent/keyformat.txt
+++ b/agent/keyformat.txt
@@ -129,6 +129,12 @@ If given and the value is "yes" or "1" the key is allowed for use by
 GnuPG's PKCS#11 interface (Scute).  Note that Scute needs to be
 configured to use this optimization.
 
+*** Remote-list
+Allow to list the key with the KEYINFO command from a remote machine
+via the extra socket.  A boolean value is expected; the default is
+"no".  Note that KEYINFO will anyway provide information if the
+keygrip is specified.
+
 *** Confirm
 If given and the value is "yes", a user will be asked confirmation by
 a dialog window when the key is about to be used for
-- 
cgit v1.2.3