diff --git a/NEWS b/NEWS index 495e4af7..e8272bb0 100644 --- a/NEWS +++ b/NEWS @@ -4,6 +4,9 @@ Noteworthy changes in version 1.15.2 (unreleased) * Interface changes relative to the 1.15.1 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + gpgme_key_sig_t EXTENDED: New field 'trust_depth'. + gpgme_key_sig_t EXTENDED: New field 'trust_value'. + gpgme_key_sig_t EXTENDED: New field 'trust_scope'. GPGME_KEYSIGN_FORCE NEW. qt: CryptoConfig::entry CHANGED: Added overload; deprecated old diff --git a/doc/gpgme.texi b/doc/gpgme.texi index 11147862..ea6693ef 100644 --- a/doc/gpgme.texi +++ b/doc/gpgme.texi @@ -3706,6 +3706,13 @@ This is true if the key signature is invalid. @item unsigned int exportable : 1 This is true if the key signature is exportable. +@item unsigned int trust_depth : 8 +This is the depth of a trust signature, or 0 if the key signature is not +a trust signature. + +@item unsigned int trust_value : 8 +This is the trust amount of a trust signature. + @item gpgme_pubkey_algo_t pubkey_algo This is the public key algorithm used to create the signature. @@ -3721,6 +3728,10 @@ the timestamp is invalid, and 0 if it is not available. This is the expiration timestamp of the key signature, or 0 if the key signature does not expire. +@item char *trust_scope +This is a regular expression that limits the scope of a trust signature. +Users must be prepared to see a @code{NULL} value here. + @item gpgme_error_t status This is the status of the signature and has the same meaning as the member of the same name in a @code{gpgme_signature_t} object. diff --git a/src/gpgme.h.in b/src/gpgme.h.in index 0a90c8d2..6471f0ad 100644 --- a/src/gpgme.h.in +++ b/src/gpgme.h.in @@ -627,7 +627,13 @@ struct _gpgme_key_sig unsigned int exportable : 1; /* Internal to GPGME, do not use. */ - unsigned int _unused : 28; + unsigned int _unused : 12; + + /* The depth of a trust signature, 0 if no trust signature. */ + unsigned int trust_depth : 8; + + /* The trust value of a trust signature, 0 if no trust signature. */ + unsigned int trust_value : 8; /* The public key algorithm used to create the signature. */ gpgme_pubkey_algo_t pubkey_algo; @@ -644,6 +650,9 @@ struct _gpgme_key_sig /* The expiration timestamp, 0 if the subkey does not expire. */ long int expires; + /* The scope of a trust signature. Might be NULL. */ + char *trust_scope; + /* Same as in gpgme_signature_t. */ gpgme_error_t status; diff --git a/src/key.c b/src/key.c index e4b85774..322bd0ac 100644 --- a/src/key.c +++ b/src/key.c @@ -369,6 +369,7 @@ gpgme_key_unref (gpgme_key_t key) notation = next_notation; } + free (keysig->trust_scope); free (keysig); keysig = next_keysig; } diff --git a/src/keylist.c b/src/keylist.c index a4de3ad5..42743f07 100644 --- a/src/keylist.c +++ b/src/keylist.c @@ -967,6 +967,30 @@ keylist_colon_handler (void *priv, char *line) if (fields >= 7) keysig->expires = _gpgme_parse_timestamp (field[6], NULL); + /* Field 8 has the trust depth and the trust value. */ + if (fields >= 8 && *field[7]) + { + const char *trust_depth = field[7]; + char *trust_value = strchr (field[7] + 1, ' '); + if (trust_value) + *(trust_value++) = '\0'; + if (trust_value) + { + int depth = atoi (trust_depth); + int value = atoi (trust_value); + + if (depth >= 1 && depth < 256) + keysig->trust_depth = depth; + if (value >= 1 && value < 256) + keysig->trust_value = value; + } + } + + /* Field 9 has the trust signature scope (a regular expression). */ + if (fields >= 9) + if (_gpgme_decode_c_string (field[8], &keysig->trust_scope, 0)) + return gpg_error (GPG_ERR_ENOMEM); /* FIXME */ + /* Field 11 has the signature class (eg, 0x30 means revoked). */ if (fields >= 11) if (field[10][0] && field[10][1]) diff --git a/tests/run-keylist.c b/tests/run-keylist.c index 23c61108..f0ab74e8 100644 --- a/tests/run-keylist.c +++ b/tests/run-keylist.c @@ -369,6 +369,9 @@ main (int argc, char **argv) printf (" created: %s\n", isotimestr(ks->timestamp)); printf (" expires: %s\n", isotimestr(ks->expires)); printf (" class: %x\n", ks->sig_class); + printf (" trust depth: %u\n", ks->trust_depth); + printf (" trust value: %u\n", ks->trust_value); + printf (" trust scope: %s\n", nonnull (ks->trust_scope)); } }