core: Add key capability flags has_encrypt etc.
* src/gpgme.h.in (struct _gpgme_key): Add flags has_encrypt, has_certify, has_sign, and has_authenticate. * src/keylist.c (finish_key): Set these flags. * tests/run-keylist.c (main): Print them. -- GnuPG-bug-id: 6748
This commit is contained in:
parent
349a69b5ea
commit
b63d203d3b
6
NEWS
6
NEWS
@ -5,11 +5,17 @@ Noteworthy changes in version 1.23.0 (unreleased)
|
|||||||
|
|
||||||
* New keylist mode GPGME_KEYLIST_MODE_WITH_V5FPR. [T6705]
|
* New keylist mode GPGME_KEYLIST_MODE_WITH_V5FPR. [T6705]
|
||||||
|
|
||||||
|
* New key capability flags has_*. [T6748]
|
||||||
|
|
||||||
* qt: Support refreshing keys via WKD. [T6672]
|
* qt: Support refreshing keys via WKD. [T6672]
|
||||||
|
|
||||||
* Interface changes relative to the 1.22.0 release:
|
* Interface changes relative to the 1.22.0 release:
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
GPGME_KEYLIST_MODE_WITH_V5FPR NEW.
|
GPGME_KEYLIST_MODE_WITH_V5FPR NEW.
|
||||||
|
gpgme_key_t EXTENDED: New field has_encrypt.
|
||||||
|
gpgme_key_t EXTENDED: New field has_sign.
|
||||||
|
gpgme_key_t EXTENDED: New field has_certify.
|
||||||
|
gpgme_key_t EXTENDED: New field has_authenticate.
|
||||||
qt: Protocol::wkdRefreshJob NEW.
|
qt: Protocol::wkdRefreshJob NEW.
|
||||||
qt: WKDRefreshJob NEW.
|
qt: WKDRefreshJob NEW.
|
||||||
|
|
||||||
|
@ -3461,22 +3461,47 @@ listings if the key could not be validated due to missing
|
|||||||
certificates or unmatched policies.
|
certificates or unmatched policies.
|
||||||
|
|
||||||
@item unsigned int can_encrypt : 1
|
@item unsigned int can_encrypt : 1
|
||||||
This is true if the key (ie one of its subkeys) can be used for
|
This is true if the key or one of its subkeys can be used for
|
||||||
encryption.
|
encryption and the encryption will likely succeed.
|
||||||
|
|
||||||
@item unsigned int can_sign : 1
|
@item unsigned int can_sign : 1
|
||||||
This is true if the key (ie one of its subkeys) can be used to create
|
This is true if the key or one of its subkeys can be used to create
|
||||||
data signatures.
|
data signatures and the signing will likely succeed.
|
||||||
|
|
||||||
@item unsigned int can_certify : 1
|
@item unsigned int can_certify : 1
|
||||||
This is true if the key (ie one of its subkeys) can be used to create
|
This is true if the key or one of its subkeys can be used to create
|
||||||
key certificates.
|
key certificates.
|
||||||
|
|
||||||
@item unsigned int can_authenticate : 1
|
@item unsigned int can_authenticate : 1
|
||||||
@since{0.4.5}
|
@since{0.4.5}
|
||||||
|
|
||||||
This is true if the key (ie one of its subkeys) can be used for
|
This is true if the key (ie one of its subkeys) can be used for
|
||||||
authentication.
|
authentication and the authentication will likely succeed.
|
||||||
|
|
||||||
|
@item unsigned int has_encrypt : 1
|
||||||
|
@since{1.23.0}
|
||||||
|
|
||||||
|
This is true if the key or one of its subkeys is capable of encryption.
|
||||||
|
Note that this flag is set even if the key is expired.
|
||||||
|
|
||||||
|
@item unsigned int has_sign : 1
|
||||||
|
@since{1.23.0}
|
||||||
|
|
||||||
|
This is true if the key or one of its subkeys is capable of signing.
|
||||||
|
Note that this flag is set even if the key is expired.
|
||||||
|
|
||||||
|
@item unsigned int has_certify : 1
|
||||||
|
@since{1.23.0}
|
||||||
|
|
||||||
|
This is true if the key or one of its subkeys is capable of signing.
|
||||||
|
Note that this flag is set even if the key is expired.
|
||||||
|
|
||||||
|
@item unsigned int has_authenticate : 1
|
||||||
|
@since{1.23.0}
|
||||||
|
|
||||||
|
This is true if the key or one of its subkeys is capable of
|
||||||
|
authentication. Note that this flag is set even if the key is
|
||||||
|
expired.
|
||||||
|
|
||||||
@item unsigned int is_qualified : 1
|
@item unsigned int is_qualified : 1
|
||||||
@since{1.1.0}
|
@since{1.1.0}
|
||||||
|
@ -800,8 +800,20 @@ struct _gpgme_key
|
|||||||
/* True if subkey is qualified for signatures according to German law. */
|
/* True if subkey is qualified for signatures according to German law. */
|
||||||
unsigned int is_qualified : 1;
|
unsigned int is_qualified : 1;
|
||||||
|
|
||||||
|
/* True if key has at least one encryption subkey. */
|
||||||
|
unsigned int has_encrypt : 1;
|
||||||
|
|
||||||
|
/* True if key has at least one signing subkey. */
|
||||||
|
unsigned int has_sign : 1;
|
||||||
|
|
||||||
|
/* True if key has a certification capability. */
|
||||||
|
unsigned int has_certify : 1;
|
||||||
|
|
||||||
|
/* True if key has at least one authentication subkey. */
|
||||||
|
unsigned int has_authenticate : 1;
|
||||||
|
|
||||||
/* Internal to GPGME, do not use. */
|
/* Internal to GPGME, do not use. */
|
||||||
unsigned int _unused : 17;
|
unsigned int _unused : 13;
|
||||||
|
|
||||||
/* Origin of this key. */
|
/* Origin of this key. */
|
||||||
unsigned int origin : 5;
|
unsigned int origin : 5;
|
||||||
|
@ -563,6 +563,26 @@ static void
|
|||||||
finish_key (gpgme_ctx_t ctx, op_data_t opd)
|
finish_key (gpgme_ctx_t ctx, op_data_t opd)
|
||||||
{
|
{
|
||||||
gpgme_key_t key = opd->tmp_key;
|
gpgme_key_t key = opd->tmp_key;
|
||||||
|
gpgme_subkey_t subkey;
|
||||||
|
|
||||||
|
/* Set the has_foo flags from the subkey capabilities. */
|
||||||
|
if (key)
|
||||||
|
{
|
||||||
|
/* Note that we could have set has_certify always for OpenPGP
|
||||||
|
* but for X.509 a key is often not allowed to certify and thus
|
||||||
|
* we better take it from the subkey capabilities. */
|
||||||
|
for (subkey = key->subkeys; subkey; subkey = subkey->next)
|
||||||
|
{
|
||||||
|
if (subkey->can_encrypt)
|
||||||
|
key->has_encrypt = 1;
|
||||||
|
if (subkey->can_sign)
|
||||||
|
key->has_sign = 1;
|
||||||
|
if (subkey->can_certify)
|
||||||
|
key->has_certify = 1;
|
||||||
|
if (subkey->can_authenticate)
|
||||||
|
key->has_authenticate = 1;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
opd->tmp_key = NULL;
|
opd->tmp_key = NULL;
|
||||||
opd->tmp_uid = NULL;
|
opd->tmp_uid = NULL;
|
||||||
|
@ -291,11 +291,16 @@ main (int argc, char **argv)
|
|||||||
int nsigs;
|
int nsigs;
|
||||||
|
|
||||||
printf ("keyid : %s\n", key->subkeys?nonnull (key->subkeys->keyid):"?");
|
printf ("keyid : %s\n", key->subkeys?nonnull (key->subkeys->keyid):"?");
|
||||||
printf ("caps : %s%s%s%s\n",
|
printf ("can_cap : %s%s%s%s\n",
|
||||||
key->can_encrypt? "e":"",
|
key->can_encrypt? "e":"",
|
||||||
key->can_sign? "s":"",
|
key->can_sign? "s":"",
|
||||||
key->can_certify? "c":"",
|
key->can_certify? "c":"",
|
||||||
key->can_authenticate? "a":"");
|
key->can_authenticate? "a":"");
|
||||||
|
printf ("has_cap : %s%s%s%s\n",
|
||||||
|
key->has_encrypt? "e":"",
|
||||||
|
key->has_sign? "s":"",
|
||||||
|
key->has_certify? "c":"",
|
||||||
|
key->has_authenticate? "a":"");
|
||||||
printf ("flags :%s%s%s%s%s%s%s%s\n",
|
printf ("flags :%s%s%s%s%s%s%s%s\n",
|
||||||
key->secret? " secret":"",
|
key->secret? " secret":"",
|
||||||
key->revoked? " revoked":"",
|
key->revoked? " revoked":"",
|
||||||
|
Loading…
Reference in New Issue
Block a user