GpgFrontend/gpgme
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

core: New context flags "include-key-block" and "auto-key-import".

Browse Source 
* src/gpgme.c (gpgme_set_ctx_flag): Add flags "include-key-block" and
"auto-key-import".
(gpgme_get_ctx_flag): Ditto.
* src/context.h (struct gpgme_context): Add flags include_key_block
and auto_key_import.
* src/engine-gpg.c (struct engine_gpg): Likewise.
(gpg_set_engine_flags): Set the flags for gpg versions >= 2.2.20.
(gpg_decrypt): Set option according to the new flags.
(gpg_encrypt): Ditto.
(gpg_encrypt_sign): Ditto.
(gpg_sign): Ditto.
(gpg_verify): Ditto.

tests/run-verify: Add option --auto-key-import.
tests/run-sign: add option --include-key-block.
--

GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2020-03-17 17:22:51 +01:00
parent 11edc073a3
commit 3afa534645
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
6 changed files with 92 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
doc/gpgme.texi
View File

@ -3105,6 +3105,14 @@ a message signed by a brand new key (which you naturally will not have
on your local keyring), the operator can tell both your IP address and on your local keyring), the operator can tell both your IP address and
the time when you verified the signature. the time when you verified the signature.
@item "auto-key-import"
Setting the @var{value} to "1" forces the GPG backend to automatically
import a missing key for signature verification from the signature.
@item "include-key-block"
Setting the @var{value} to "1" forces the GPG backend to embed the
signing key as well as an encryption subkey into the the signature.
@item "request-origin" @item "request-origin"
The string given in @var{value} is passed to the GnuPG engines to The string given in @var{value} is passed to the GnuPG engines to
request restrictions based on the origin of the request. Valid values request restrictions based on the origin of the request. Valid values
@ -3496,7 +3504,7 @@ available.
@since{1.7.0} @since{1.7.0}
The keygrip of the subkey in hex digit form or @code{NULL} if not The keygrip of the subkey in hex digit form or @code{NULL} if not
availabale. available.
@item long int timestamp @item long int timestamp
This is the creation timestamp of the subkey. This is -1 if the This is the creation timestamp of the subkey. This is -1 if the

6
src/context.h
View File

@ -118,6 +118,12 @@ struct gpgme_context
* flag is cleared with each operation. */ * flag is cleared with each operation. */
unsigned int redraw_suggested : 1; unsigned int redraw_suggested : 1;
/* True if the option --include-key-block shall be passed to gpg. */
unsigned int include_key_block : 1;
/* True if the option --auto-key-import shall be passed to gpg. */
unsigned int auto_key_import : 1;
/* True if the option --auto-key-retrieve shall be passed to gpg. */ /* True if the option --auto-key-retrieve shall be passed to gpg. */
unsigned int auto_key_retrieve : 1; unsigned int auto_key_retrieve : 1;

22
src/engine-gpg.c
View File

@ -148,6 +148,8 @@ struct engine_gpg
unsigned int no_symkey_cache : 1; unsigned int no_symkey_cache : 1;
unsigned int offline : 1; unsigned int offline : 1;
unsigned int ignore_mdc_error : 1; unsigned int ignore_mdc_error : 1;
unsigned int include_key_block : 1;
unsigned int auto_key_import : 1;
} flags; } flags;
/* NULL or the data object fed to --override_session_key-fd. */ /* NULL or the data object fed to --override_session_key-fd. */
@ -686,6 +688,13 @@ gpg_set_engine_flags (void *engine, const gpgme_ctx_t ctx)
gpg->flags.ignore_mdc_error = !!ctx->ignore_mdc_error; gpg->flags.ignore_mdc_error = !!ctx->ignore_mdc_error;
if (have_gpg_version (gpg, "2.2.20"))
{
if (ctx->auto_key_import)
gpg->flags.auto_key_import = 1;
if (ctx->include_key_block)
gpg->flags.include_key_block = 1;
}
} }
@ -1703,6 +1712,9 @@ gpg_decrypt (void *engine,
if (!err && auto_key_retrieve) if (!err && auto_key_retrieve)
err = add_arg (gpg, "--auto-key-retrieve"); err = add_arg (gpg, "--auto-key-retrieve");
if (!err && gpg->flags.auto_key_import)
err = add_arg (gpg, "--auto-key-import");
if (!err && override_session_key && *override_session_key) if (!err && override_session_key && *override_session_key)
{ {
if (have_gpg_version (gpg, "2.1.16")) if (have_gpg_version (gpg, "2.1.16"))
@ -2176,6 +2188,9 @@ gpg_encrypt (void *engine, gpgme_key_t recp[], const char *recpstring,
&& have_gpg_version (gpg, "2.1.14")) && have_gpg_version (gpg, "2.1.14"))
err = add_arg (gpg, "--mimemode"); err = add_arg (gpg, "--mimemode");
if (!err && gpg->flags.include_key_block)
err = add_arg (gpg, "--include-key-block");
if (recp || recpstring) if (recp || recpstring)
{ {
/* If we know that all recipients are valid (full or ultimate trust) /* If we know that all recipients are valid (full or ultimate trust)
@ -2251,6 +2266,9 @@ gpg_encrypt_sign (void *engine, gpgme_key_t recp[],
&& have_gpg_version (gpg, "2.1.14")) && have_gpg_version (gpg, "2.1.14"))
err = add_arg (gpg, "--mimemode"); err = add_arg (gpg, "--mimemode");
if (!err && gpg->flags.include_key_block)
err = add_arg (gpg, "--include-key-block");
if (recp || recpstring) if (recp || recpstring)
{ {
/* If we know that all recipients are valid (full or ultimate trust) /* If we know that all recipients are valid (full or ultimate trust)
@ -3243,6 +3261,8 @@ gpg_sign (void *engine, gpgme_data_t in, gpgme_data_t out,
} }
} }
if (!err && gpg->flags.include_key_block)
err = add_arg (gpg, "--include-key-block");
if (!err) if (!err)
err = append_args_from_signers (gpg, ctx); err = append_args_from_signers (gpg, ctx);
if (!err) if (!err)
@ -3305,6 +3325,8 @@ gpg_verify (void *engine, gpgme_data_t sig, gpgme_data_t signed_text,
gpgme_error_t err; gpgme_error_t err;
err = append_args_from_sender (gpg, ctx); err = append_args_from_sender (gpg, ctx);
if (!err && gpg->flags.auto_key_import)
err = add_arg (gpg, "--auto-key-import");
if (!err && ctx->auto_key_retrieve) if (!err && ctx->auto_key_retrieve)
err = add_arg (gpg, "--auto-key-retrieve"); err = add_arg (gpg, "--auto-key-retrieve");

16
src/gpgme.c
View File

@ -533,6 +533,14 @@ gpgme_set_ctx_flag (gpgme_ctx_t ctx, const char *name, const char *value)
if (!ctx->override_session_key) if (!ctx->override_session_key)
err = gpg_error_from_syserror (); err = gpg_error_from_syserror ();
} }
else if (!strcmp (name, "include-key-block"))
{
ctx->include_key_block = abool;
}
else if (!strcmp (name, "auto-key-import"))
{
ctx->auto_key_import = abool;
}
else if (!strcmp (name, "auto-key-retrieve")) else if (!strcmp (name, "auto-key-retrieve"))
{ {
ctx->auto_key_retrieve = abool; ctx->auto_key_retrieve = abool;
@ -607,6 +615,14 @@ gpgme_get_ctx_flag (gpgme_ctx_t ctx, const char *name)
{ {
return ctx->override_session_key? ctx->override_session_key : ""; return ctx->override_session_key? ctx->override_session_key : "";
} }
else if (!strcmp (name, "include-key-block"))
{
return ctx->include_key_block? "1":"";
}
else if (!strcmp (name, "auto-key-import"))
{
return ctx->auto_key_import? "1":"";
}
else if (!strcmp (name, "auto-key-retrieve")) else if (!strcmp (name, "auto-key-retrieve"))
{ {
return ctx->auto_key_retrieve? "1":""; return ctx->auto_key_retrieve? "1":"";

20
tests/run-sign.c
View File

@ -85,6 +85,7 @@ show_usage (int ex)
" --loopback use a loopback pinentry\n" " --loopback use a loopback pinentry\n"
" --key NAME use key NAME for signing\n" " --key NAME use key NAME for signing\n"
" --sender MBOX use MBOX as sender address\n" " --sender MBOX use MBOX as sender address\n"
" --include-key-block use this option with gpg\n"
, stderr); , stderr);
exit (ex); exit (ex);
} }
@ -103,6 +104,7 @@ main (int argc, char **argv)
gpgme_sign_result_t result; gpgme_sign_result_t result;
int print_status = 0; int print_status = 0;
int use_loopback = 0; int use_loopback = 0;
int include_key_block = 0;
const char *sender = NULL; const char *sender = NULL;
const char *s; const char *s;
@ -165,6 +167,11 @@ main (int argc, char **argv)
use_loopback = 1; use_loopback = 1;
argc--; argv++; argc--; argv++;
} }
else if (!strcmp (*argv, "--include-key-block"))
{
include_key_block = 1;
argc--; argv++;
}
else if (!strncmp (*argv, "--", 2)) else if (!strncmp (*argv, "--", 2))
show_usage (1); show_usage (1);
@ -197,6 +204,8 @@ main (int argc, char **argv)
err = gpgme_get_key (ctx, key_string, &akey, 1); err = gpgme_get_key (ctx, key_string, &akey, 1);
if (err) if (err)
{ {
fprintf (stderr, PGM ": get key '%s' failed: %s\n",
key_string, gpg_strerror (err));
exit (1); exit (1);
} }
err = gpgme_signers_add (ctx, akey); err = gpgme_signers_add (ctx, akey);
@ -210,6 +219,17 @@ main (int argc, char **argv)
fail_if_err (err); fail_if_err (err);
} }
if (include_key_block)
{
err = gpgme_set_ctx_flag (ctx, "include-key-block", "1");
if (err)
{
fprintf (stderr, PGM ": error setting include-key-block: %s\n",
gpgme_strerror (err));
exit (1);
}
}
err = gpgme_data_new_from_file (&in, *argv, 1); err = gpgme_data_new_from_file (&in, *argv, 1);
if (err) if (err)
{ {

20
tests/run-verify.c
View File

@ -234,6 +234,7 @@ show_usage (int ex)
" --sender MBOX use MBOX as sender address\n" " --sender MBOX use MBOX as sender address\n"
" --repeat N repeat the operation N times\n" " --repeat N repeat the operation N times\n"
" --auto-key-retrieve\n" " --auto-key-retrieve\n"
" --auto-key-import\n"
, stderr); , stderr);
exit (ex); exit (ex);
} }
@ -248,6 +249,7 @@ main (int argc, char **argv)
int print_status = 0; int print_status = 0;
const char *sender = NULL; const char *sender = NULL;
int auto_key_retrieve = 0; int auto_key_retrieve = 0;
int auto_key_import = 0;
int repeats = 1; int repeats = 1;
if (argc) if (argc)
@ -304,7 +306,11 @@ main (int argc, char **argv)
auto_key_retrieve = 1; auto_key_retrieve = 1;
argc--; argv++; argc--; argv++;
} }
else if (!strcmp (*argv, "--auto-key-import"))
{
auto_key_import = 1;
argc--; argv++;
}
else if (!strncmp (*argv, "--", 2)) else if (!strncmp (*argv, "--", 2))
show_usage (1); show_usage (1);
@ -372,6 +378,18 @@ main (int argc, char **argv)
} }
} }
if (auto_key_import)
{
gpgme_set_ctx_flag (ctx, "auto-key-import", "1");
s = gpgme_get_ctx_flag (ctx, "auto-key-import");
if (!s || strcmp (s, "1"))
{
fprintf (stderr, PGM ": gpgme_get_ctx_flag failed for '%s'\n",
"auto-key-import");
exit (1);
}
}
if (sender) if (sender)
{ {
err = gpgme_set_sender (ctx, sender); err = gpgme_set_sender (ctx, sender);