core: Extend gpgme_key_sig_t with trust signature members.

* src/gpgme.h.in (struct _gpgme_key_sig): Add fields 'trust_depth', 'trust_value', and 'trust_scope'. * src/key.c (gpgme_key_unref): Free trust_scope. * src/keylist.c (keylist_colon_handler): Set the fields. * tests/run-keylist.c (main): Print the fields. -- The trust signature values are part of gpg's output since the year 2003. This now adds support to gpgme. GnuPG-bug-id: 5245, 5419
2021-05-04 18:35:29 +02:00 · 2021-05-04 18:35:29 +02:00 · 276187f6b6
commit 276187f6b6
parent 3ffd7bd403
6 changed files with 52 additions and 1 deletions
--- a/3
+++ b/3
@ -4,6 +4,9 @@ Noteworthy changes in version 1.15.2 (unreleased)

 * Interface changes relative to the 1.15.1 release:
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ gpgme_key_sig_t                       EXTENDED: New field 'trust_depth'.
+ gpgme_key_sig_t                       EXTENDED: New field 'trust_value'.
+ gpgme_key_sig_t                       EXTENDED: New field 'trust_scope'.
 GPGME_KEYSIGN_FORCE                   NEW.
 qt: CryptoConfig::entry               CHANGED: Added overload; deprecated old

--- a/doc/gpgme.texi
+++ b/doc/gpgme.texi
@ -3706,6 +3706,13 @@ This is true if the key signature is invalid.
@item unsigned int exportable : 1
 This is true if the key signature is exportable.

+@item unsigned int trust_depth : 8
+This is the depth of a trust signature, or 0 if the key signature is not
+a trust signature.
+
+@item unsigned int trust_value : 8
+This is the trust amount of a trust signature.
+
@item gpgme_pubkey_algo_t pubkey_algo
 This is the public key algorithm used to create the signature.

@ -3721,6 +3728,10 @@ the timestamp is invalid, and 0 if it is not available.
 This is the expiration timestamp of the key signature, or 0 if the key
 signature does not expire.

+@item char *trust_scope
+This is a regular expression that limits the scope of a trust signature.
+Users must be prepared to see a @code{NULL} value here.
+
@item gpgme_error_t status
 This is the status of the signature and has the same meaning as the
 member of the same name in a @code{gpgme_signature_t} object.
--- a/src/gpgme.h.in
+++ b/src/gpgme.h.in
@ -627,7 +627,13 @@ struct _gpgme_key_sig
  unsigned int exportable : 1;

  /* Internal to GPGME, do not use.  */
-  unsigned int _unused : 28;
+  unsigned int _unused : 12;
+
+  /* The depth of a trust signature, 0 if no trust signature.  */
+  unsigned int trust_depth : 8;
+
+  /* The trust value of a trust signature, 0 if no trust signature.  */
+  unsigned int trust_value : 8;

  /* The public key algorithm used to create the signature.  */
  gpgme_pubkey_algo_t pubkey_algo;
@ -644,6 +650,9 @@ struct _gpgme_key_sig
  /* The expiration timestamp, 0 if the subkey does not expire.  */
  long int expires;

+  /* The scope of a trust signature.  Might be NULL.  */
+  char *trust_scope;
+
  /* Same as in gpgme_signature_t.  */
  gpgme_error_t status;

--- a/src/key.c
+++ b/src/key.c
@ -369,6 +369,7 @@ gpgme_key_unref (gpgme_key_t key)
 	      notation = next_notation;
 	    }

+	  free (keysig->trust_scope);
          free (keysig);
 	  keysig = next_keysig;
        }
--- a/src/keylist.c
+++ b/src/keylist.c
@ -967,6 +967,30 @@ keylist_colon_handler (void *priv, char *line)
      if (fields >= 7)
 	keysig->expires = _gpgme_parse_timestamp (field[6], NULL);

+      /* Field 8 has the trust depth and the trust value.  */
+      if (fields >= 8 && *field[7])
+        {
+          const char *trust_depth = field[7];
+          char *trust_value = strchr (field[7] + 1, ' ');
+          if (trust_value)
+            *(trust_value++) = '\0';
+          if (trust_value)
+            {
+              int depth = atoi (trust_depth);
+              int value = atoi (trust_value);
+
+              if (depth >= 1 && depth < 256)
+                keysig->trust_depth = depth;
+              if (value >= 1 && value < 256)
+                keysig->trust_value = value;
+            }
+        }
+
+      /* Field 9 has the trust signature scope (a regular expression).  */
+      if (fields >= 9)
+	if (_gpgme_decode_c_string (field[8], &keysig->trust_scope, 0))
+	  return gpg_error (GPG_ERR_ENOMEM);	/* FIXME */
+
      /* Field 11 has the signature class (eg, 0x30 means revoked).  */
      if (fields >= 11)
 	if (field[10][0] && field[10][1])
--- a/tests/run-keylist.c
+++ b/tests/run-keylist.c
@ -369,6 +369,9 @@ main (int argc, char **argv)
              printf ("     created: %s\n", isotimestr(ks->timestamp));
              printf ("     expires: %s\n", isotimestr(ks->expires));
              printf ("       class: %x\n", ks->sig_class);
+              printf (" trust depth: %u\n", ks->trust_depth);
+              printf (" trust value: %u\n", ks->trust_value);
+              printf (" trust scope: %s\n", nonnull (ks->trust_scope));
            }
        }