From 33e571a74a7d6153ba65aeecc72539a10f1f0ae4 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Wed, 11 Sep 2024 14:24:58 +0200
Subject: gpgsm: New option --assert-signer

* sm/gpgsm.c (oAssertSigner, oNoop): New.
(opts): Add option --assert-signer.
(assert_signer_true): New var.
(main): Set new option.
(gpgsm_exit): Handle assert_signer_true.
* sm/gpgsm.h (opt): Add field assert_signer_list.
* sm/verify.c (is_x509_fingerprint): New.
(check_assert_signer_list): New.
(gpgsm_verify): Handle option.
--

GnuPG-bug-id: 7286
---
 sm/gpgsm.c | 25 +++++++++++++++++++++++--
 1 file changed, 23 insertions(+), 2 deletions(-)

(limited to 'sm/gpgsm.c')

diff --git a/sm/gpgsm.c b/sm/gpgsm.c
index 70463e734..400479b1b 100644
--- a/sm/gpgsm.c
+++ b/sm/gpgsm.c
@@ -217,7 +217,10 @@ enum cmd_and_opt_values {
   oCompatibilityFlags,
   oKbxBufferSize,
   oAlwaysTrust,
-  oNoAutostart
+  oNoAutostart,
+  oAssertSigner,
+
+  oNoop
  };
 
 
@@ -311,6 +314,7 @@ static gpgrt_opt_t opts[] = {
                 N_("|FILE|take policy information from FILE")),
   ARGPARSE_s_s (oCompliance, "compliance",   "@"),
   ARGPARSE_p_u (oMinRSALength, "min-rsa-length", "@"),
+  ARGPARSE_s_s (oAssertSigner, "assert-signer", "@"),
   ARGPARSE_s_n (oNoCommonCertsImport, "no-common-certs-import", "@"),
   ARGPARSE_s_s (oIgnoreCertExtension, "ignore-cert-extension", "@"),
   ARGPARSE_s_s (oIgnoreCertWithOID, "ignore-cert-with-oid", "@"),
@@ -502,6 +506,9 @@ static struct compatibility_flags_s compatibility_flags [] =
 
 /* Global variable to keep an error count. */
 int gpgsm_errors_seen = 0;
+/* If opt.assert_signer_list is used and this variable is not true
+ * gpg will be forced to return EXIT_FAILURE.  */
+int assert_signer_true = 0;
 
 /* It is possible that we are currentlu running under setuid permissions */
 static int maybe_setuid = 1;
@@ -1518,6 +1525,12 @@ main ( int argc, char **argv)
           keybox_set_buffersize (pargs.r.ret_ulong, 0);
           break;
 
+        case oAssertSigner:
+          add_to_strlist (&opt.assert_signer_list, pargs.r.ret_str);
+          break;
+
+        case oNoop: break;
+
         default:
           if (configname)
             pargs.err = ARGPARSE_PRINT_WARNING;
@@ -2329,6 +2342,15 @@ emergency_cleanup (void)
 void
 gpgsm_exit (int rc)
 {
+  if (rc)
+    ;
+  else if (log_get_errorcount(0))
+    rc = 2;
+  else if (gpgsm_errors_seen)
+    rc = 1;
+  else if (opt.assert_signer_list && !assert_signer_true)
+    rc = 1;
+
   gcry_control (GCRYCTL_UPDATE_RANDOM_SEED_FILE);
   if (opt.debug & DBG_MEMSTAT_VALUE)
     {
@@ -2338,7 +2360,6 @@ gpgsm_exit (int rc)
   if (opt.debug)
     gcry_control (GCRYCTL_DUMP_SECMEM_STATS );
   emergency_cleanup ();
-  rc = rc? rc : log_get_errorcount(0)? 2 : gpgsm_errors_seen? 1 : 0;
   exit (rc);
 }
 
-- 
cgit v1.2.3