* Fixed a bug in that the fingerprints of subkeys are not available.

* Clarified usage of the SECRET flag in key listings. It is now reset for stub keys.
2005-12-06 16:30:21 +00:00 · 2005-12-06 16:30:21 +00:00 · a1e484f9ea
commit a1e484f9ea
parent bca775102e
9 changed files with 62 additions and 18 deletions
--- a/5
+++ b/5
@ -1,6 +1,11 @@
 Noteworthy changes in version 1.1.1 (unreleased)
 ------------------------------------------------

+ * Fixed a bug in that the fingerprints of subkeys are not available.
+
+ * Clarified usage of the SECRET flag in key listings.  It is now
+   reset for stub keys.
+
 * Reading signature notations and policy URLs on key signatures is
   supported.  They can be found in the new field notations of the
   gpgme_key_sig_t structure.  This has to be enabled with the keylist
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@ -1,3 +1,8 @@
+2005-12-06  Werner Koch  <wk@g10code.com>
+
+	* gpgme.texi (Key Management): Updated to match the fixes for
+	subkey fingerprints and theg secret flag.
+
 2005-10-06  Marcus Brinkmann  <marcus@g10code.de>

 	* gpgme.texi (Destroying Data Buffers): Document gpgme_free.
--- a/doc/gpgme.texi
+++ b/doc/gpgme.texi
@ -2385,7 +2385,9 @@ This is true if the subkey can be used for qualified signatures
 according to local government regulations.

@item unsigned int secret : 1
-This is true if the subkey is a secret key.
+This is true if the subkey is a secret key.  Note that it will be false
+if the key is actually a stub key; i.e. a secret key operation is
+currently not possible (offline-key).

@item gpgme_pubkey_algo_t pubkey_algo
 This is the public key algorithm supported by this subkey.
@ -2398,7 +2400,7 @@ This is the key ID of the subkey in hexadecimal digits.

@item char *fpr
 This is the fingerprint of the subkey in hexadecimal digits, if
-available.  This is usually only available for the primary key.
+available.

@item long int timestamp
 This is the creation timestamp of the subkey.  This is -1 if the
@ -2566,7 +2568,9 @@ This is true if the key can be used for qualified signatures according
 to local government regulations.

@item unsigned int secret : 1
-This is true if the key is a secret key.
+This is true if the key is a secret key.  Note, that this will always be
+true even if the corresponding subkey flag may be false (offline/stub
+keys).

@item gpgme_protocol_t protocol
 This is the protocol supported by this key.
--- a/gpgme/ChangeLog
+++ b/gpgme/ChangeLog
@ -1,3 +1,9 @@
+2005-12-06  Werner Koch  <wk@g10code.com>
+
+	* keylist.c (keylist_colon_handler): Store fingerprints of the
+	subkeys.  Reset the secret flag of subkeys for stub secret keys.
+	(NR_FIELDS): Bumped up to 16
+
 2005-11-27  Marcus Brinkmann  <marcus@g10code.de>

 	* engine.c (_gpgme_set_engine_info): Use new_file_name in
--- a/gpgme/keylist.c
+++ b/gpgme/keylist.c
@ -375,7 +375,7 @@ keylist_colon_handler (void *priv, char *line)
      RT_SSB, RT_SEC, RT_CRT, RT_CRS, RT_REV, RT_SPK
    }
  rectype = RT_NONE;
-#define NR_FIELDS 13
+#define NR_FIELDS 16
  char *field[NR_FIELDS];
  int fields = 0;
  void *hook;
@ -466,7 +466,7 @@ keylist_colon_handler (void *priv, char *line)
 	}

      if (rectype == RT_SEC || rectype == RT_CRS)
-	key->secret = 1;
+	key->secret = subkey->secret = 1;
      if (rectype == RT_CRT || rectype == RT_CRS)
 	key->protocol = GPGME_PROTOCOL_CMS;
      finish_key (ctx, opd);
@ -528,6 +528,13 @@ keylist_colon_handler (void *priv, char *line)
      /* Field 12 has the capabilities.  */
      if (fields >= 12)
 	set_mainkey_capability (key, field[11]);
+
+      /* Field 15 carries special flags of a secret key.  We reset the
+         SECRET flag of a subkey here if the key is actually only a
+         stub. The SECRET flag of the key will be true even then. */
+      if (fields >= 15 && key->secret)
+        if (*field[14] == '#')
+          subkey->secret = 0;
      break;

    case RT_SUB:
@ -582,6 +589,11 @@ keylist_colon_handler (void *priv, char *line)
      /* Field 12 has the capabilities.  */
      if (fields >= 12)
 	set_subkey_capability (subkey, field[11]);
+
+      /* Field 15 carries special flags of a secret key. */
+      if (fields >= 15 && key->secret)
+        if (*field[14] == '#')
+          subkey->secret = 0;
      break;

    case RT_UID:
@ -601,11 +613,17 @@ keylist_colon_handler (void *priv, char *line)

    case RT_FPR:
      /* Field 10 has the fingerprint (take only the first one).  */
-      if (fields >= 10 && !key->subkeys->fpr && field[9] && *field[9])
+      if (fields >= 10 && field[9] && *field[9])
 	{
-	  key->subkeys->fpr = strdup (field[9]);
-	  if (!key->subkeys->fpr)
-	    return gpg_error_from_errno (errno);
+          /* Need to apply it to the last subkey because all subkeys
+             do have fingerprints. */
+          subkey = key->_last_subkey;
+          if (!subkey->fpr)
+            {
+              subkey->fpr = strdup (field[9]);
+              if (!subkey->fpr)
+                return gpg_error_from_errno (errno);
+            }
 	}

      /* Field 13 has the gpgsm chain ID (take only the first one).  */
--- a/tests/ChangeLog
+++ b/tests/ChangeLog
@ -1,3 +1,10 @@
+2005-12-06  Werner Koch  <wk@g10code.com>
+
+	* gpg/t-keylist.c (main): Changed for that secondary keys now have
+	a fingerprint.
+	* gpg/t-keylist-sig.c (main): Ditto.
+	* gpgsm/t-keylist.c (main): Ditto.  The test used to be wrong.
+
 2005-10-18  Werner Koch  <wk@g10code.com>

 	* gpg/pubdemo.asc, gpg/secdemo.asc: Add 2 expired subkeys to
--- a/tests/gpg/t-keylist-sig.c
+++ b/tests/gpg/t-keylist-sig.c
@ -310,10 +310,9 @@ main (int argc, char **argv)
 		   key->subkeys->next->keyid);
 	  exit (1);
 	}
-      if (key->subkeys->next->fpr)
+      if (!key->subkeys->next->fpr)
 	{
-	  fprintf (stderr, "Secondary key has unexpectedly a fingerprint: %s\n",
-		   key->subkeys->next->fpr);
+	  fprintf (stderr, "Secondary key has unexpectedly no fingerprint\n");
 	  exit (1);
 	}
      if (key->subkeys->next->expires)
@ -467,7 +466,7 @@ main (int argc, char **argv)
        after importing the secret key.  We disable this test for
        now. */
 #ifdef __GNUC__
-#warning test disabled due to problems with gpg 1.3.4
+#warning test disabled due to problems with gpg 1.3.4 generated key
 #endif
      if (key->uids && (!key->uids->next->signatures /*|| key->uids->next->signatures->next*/))
 	{
--- a/tests/gpg/t-keylist.c
+++ b/tests/gpg/t-keylist.c
@ -361,10 +361,9 @@ main (int argc, char **argv)
                   key->subkeys->next->keyid, keys[i].sec_keyid );
 	  exit (1);
 	}
-      if (key->subkeys->next->fpr)
+      if (!key->subkeys->next->fpr)
 	{
-	  fprintf (stderr, "Secondary key has unexpectedly a fingerprint: %s\n",
-		   key->subkeys->next->fpr);
+	  fprintf (stderr, "Secondary key has unexpectedly no fingerprint\n");
 	  exit (1);
 	}
      if (key->subkeys->next->expires)
--- a/tests/gpgsm/t-keylist.c
+++ b/tests/gpgsm/t-keylist.c
@ -245,9 +245,10 @@ main (int argc, char **argv)
 	  fprintf (stderr, "Primary key unexpectedly unusable for certifications\n");
 	  exit (1);
 	}
-      if (key->subkeys->secret)
+      if (key->subkeys->secret != keys[i].secret)
 	{
-	  fprintf (stderr, "Primary key unexpectedly secret\n");
+	  fprintf (stderr, "Primary Key unexpectedly%s secret\n",
+		   key->secret ? "" : " not");
 	  exit (1);
 	}
      if (key->subkeys->pubkey_algo != GPGME_PK_RSA)