GpgFrontend/gpgme
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

core: Extend gpgme_key_sig_t with trust signature members.

Browse Source 
* src/gpgme.h.in (struct _gpgme_key_sig): Add fields 'trust_depth',
'trust_value', and 'trust_scope'.
* src/key.c (gpgme_key_unref): Free trust_scope.
* src/keylist.c (keylist_colon_handler): Set the fields.
* tests/run-keylist.c (main): Print the fields.
--

The trust signature values are part of gpg's output since the year 2003.
This now adds support to gpgme.

GnuPG-bug-id: 5245, 5419
This commit is contained in:
Ingo Klöcker 2021-05-04 18:35:29 +02:00
parent 3ffd7bd403
commit 276187f6b6
6 changed files with 52 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
NEWS
View File

@ -4,6 +4,9 @@ Noteworthy changes in version 1.15.2 (unreleased)
* Interface changes relative to the 1.15.1 release: * Interface changes relative to the 1.15.1 release:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gpgme_key_sig_t EXTENDED: New field 'trust_depth'.
gpgme_key_sig_t EXTENDED: New field 'trust_value'.
gpgme_key_sig_t EXTENDED: New field 'trust_scope'.
GPGME_KEYSIGN_FORCE NEW. GPGME_KEYSIGN_FORCE NEW.
qt: CryptoConfig::entry CHANGED: Added overload; deprecated old qt: CryptoConfig::entry CHANGED: Added overload; deprecated old

11
doc/gpgme.texi
View File

@ -3706,6 +3706,13 @@ This is true if the key signature is invalid.
@item unsigned int exportable : 1 @item unsigned int exportable : 1
This is true if the key signature is exportable. This is true if the key signature is exportable.
@item unsigned int trust_depth : 8
This is the depth of a trust signature, or 0 if the key signature is not
a trust signature.
@item unsigned int trust_value : 8
This is the trust amount of a trust signature.
@item gpgme_pubkey_algo_t pubkey_algo @item gpgme_pubkey_algo_t pubkey_algo
This is the public key algorithm used to create the signature. This is the public key algorithm used to create the signature.
@ -3721,6 +3728,10 @@ the timestamp is invalid, and 0 if it is not available.
This is the expiration timestamp of the key signature, or 0 if the key This is the expiration timestamp of the key signature, or 0 if the key
signature does not expire. signature does not expire.
@item char *trust_scope
This is a regular expression that limits the scope of a trust signature.
Users must be prepared to see a @code{NULL} value here.
@item gpgme_error_t status @item gpgme_error_t status
This is the status of the signature and has the same meaning as the This is the status of the signature and has the same meaning as the
member of the same name in a @code{gpgme_signature_t} object. member of the same name in a @code{gpgme_signature_t} object.

11
src/gpgme.h.in
View File

@ -627,7 +627,13 @@ struct _gpgme_key_sig
unsigned int exportable : 1; unsigned int exportable : 1;
/* Internal to GPGME, do not use. */ /* Internal to GPGME, do not use. */
unsigned int _unused : 28; unsigned int _unused : 12;
/* The depth of a trust signature, 0 if no trust signature. */
unsigned int trust_depth : 8;
/* The trust value of a trust signature, 0 if no trust signature. */
unsigned int trust_value : 8;
/* The public key algorithm used to create the signature. */ /* The public key algorithm used to create the signature. */
gpgme_pubkey_algo_t pubkey_algo; gpgme_pubkey_algo_t pubkey_algo;
@ -644,6 +650,9 @@ struct _gpgme_key_sig
/* The expiration timestamp, 0 if the subkey does not expire. */ /* The expiration timestamp, 0 if the subkey does not expire. */
long int expires; long int expires;
/* The scope of a trust signature. Might be NULL. */
char *trust_scope;
/* Same as in gpgme_signature_t. */ /* Same as in gpgme_signature_t. */
gpgme_error_t status; gpgme_error_t status;

1
src/key.c
View File

@ -369,6 +369,7 @@ gpgme_key_unref (gpgme_key_t key)
notation = next_notation; notation = next_notation;
} }
free (keysig->trust_scope);
free (keysig); free (keysig);
keysig = next_keysig; keysig = next_keysig;
} }

24
src/keylist.c
View File

@ -967,6 +967,30 @@ keylist_colon_handler (void *priv, char *line)
if (fields >= 7) if (fields >= 7)
keysig->expires = _gpgme_parse_timestamp (field[6], NULL); keysig->expires = _gpgme_parse_timestamp (field[6], NULL);
/* Field 8 has the trust depth and the trust value. */
if (fields >= 8 && *field[7])
{
const char *trust_depth = field[7];
char *trust_value = strchr (field[7] + 1, ' ');
if (trust_value)
*(trust_value++) = '\0';
if (trust_value)
{
int depth = atoi (trust_depth);
int value = atoi (trust_value);
if (depth >= 1 && depth < 256)
keysig->trust_depth = depth;
if (value >= 1 && value < 256)
keysig->trust_value = value;
}
}
/* Field 9 has the trust signature scope (a regular expression). */
if (fields >= 9)
if (_gpgme_decode_c_string (field[8], &keysig->trust_scope, 0))
return gpg_error (GPG_ERR_ENOMEM); /* FIXME */
/* Field 11 has the signature class (eg, 0x30 means revoked). */ /* Field 11 has the signature class (eg, 0x30 means revoked). */
if (fields >= 11) if (fields >= 11)
if (field[10][0] && field[10][1]) if (field[10][0] && field[10][1])

3
tests/run-keylist.c
View File

@ -369,6 +369,9 @@ main (int argc, char **argv)
printf (" created: %s\n", isotimestr(ks->timestamp)); printf (" created: %s\n", isotimestr(ks->timestamp));
printf (" expires: %s\n", isotimestr(ks->expires)); printf (" expires: %s\n", isotimestr(ks->expires));
printf (" class: %x\n", ks->sig_class); printf (" class: %x\n", ks->sig_class);
printf (" trust depth: %u\n", ks->trust_depth);
printf (" trust value: %u\n", ks->trust_value);
printf (" trust scope: %s\n", nonnull (ks->trust_scope));
} }
} }