diff options
| author | Daniel Kahn Gillmor <[email protected]> | 2018-06-12 06:41:30 +0000 |
|---|---|---|
| committer | Daniel Kahn Gillmor <[email protected]> | 2018-06-12 06:41:30 +0000 |
| commit | ee1fc420fb9741b2cfaea6fa820a00be2923f514 (patch) | |
| tree | 093eba65b95c060a7ea4dacff9343eb02eb7c457 | |
| parent | doc: Mention new command --show-keys in the 2.2.7 NEWS. (diff) | |
| download | gnupg-ee1fc420fb9741b2cfaea6fa820a00be2923f514.tar.gz gnupg-ee1fc420fb9741b2cfaea6fa820a00be2923f514.zip | |
gpg: Print revocation certificate details when showing with-colons.fix-T4018
* g10/import.c (import_revoke_cert): add options argument, and print
colon-delimited output for revocation certificate as requested.
--
I looked into trying to make this work with one of the functions in
g10/keylist.c, but i saw nothing that will accept a revocation
certificate on its own, so i'm replicating the functionality directly
in g10/import.c. This is a bit unfortunate because the code for
describing a revocation cert now exists in two separate places, but
refactoring both list_keyblock_print() and list_keyblock_colon() in
g10/keylist.c seems like a much heavier lift.
GnuPG-Bug-id: 4018
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
| -rw-r--r-- | g10/import.c | 25 |
1 files changed, 22 insertions, 3 deletions
diff --git a/g10/import.c b/g10/import.c index 6d2beaf33..ae329732d 100644 --- a/g10/import.c +++ b/g10/import.c @@ -114,7 +114,8 @@ static int import_secret_one (ctrl_t ctrl, kbnode_t keyblock, unsigned int options, int for_migration, import_screener_t screener, void *screener_arg); static int import_revoke_cert (ctrl_t ctrl, - kbnode_t node, struct import_stats_s *stats); + kbnode_t node, unsigned int options, + struct import_stats_s *stats); static int chk_self_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid, int *non_self); static int delete_inv_parts (ctrl_t ctrl, kbnode_t keyblock, @@ -590,7 +591,7 @@ import (ctrl_t ctrl, IOBUF inp, const char* fname,struct import_stats_s *stats, screener, screener_arg); else if (keyblock->pkt->pkttype == PKT_SIGNATURE && IS_KEY_REV (keyblock->pkt->pkt.signature) ) - rc = import_revoke_cert (ctrl, keyblock, stats); + rc = import_revoke_cert (ctrl, keyblock, options, stats); else { log_info (_("skipping block of type %d\n"), keyblock->pkt->pkttype); @@ -2607,7 +2608,7 @@ import_secret_one (ctrl_t ctrl, kbnode_t keyblock, * Import a revocation certificate; this is a single signature packet. */ static int -import_revoke_cert (ctrl_t ctrl, kbnode_t node, struct import_stats_s *stats) +import_revoke_cert (ctrl_t ctrl, kbnode_t node, unsigned int options, struct import_stats_s *stats) { PKT_public_key *pk = NULL; kbnode_t onode; @@ -2623,6 +2624,24 @@ import_revoke_cert (ctrl_t ctrl, kbnode_t node, struct import_stats_s *stats) keyid[0] = node->pkt->pkt.signature->keyid[0]; keyid[1] = node->pkt->pkt.signature->keyid[1]; + if ((options & IMPORT_SHOW) && + (opt.with_colons)) + { + PKT_signature *sig = node->pkt->pkt.signature; + char *issuer_fpr = issuer_fpr = issuer_fpr_string (sig); + + es_fprintf (es_stdout, "rev::%d:%08lX%08lX:%s:%s:::::::%s:::%d:\n", + sig->pubkey_algo, + (ulong) sig->keyid[0], (ulong) sig->keyid[1], + colon_datestr_from_sig (sig), + colon_expirestr_from_sig (sig), + issuer_fpr ? issuer_fpr : "", + sig->digest_algo); + + xfree (issuer_fpr); + es_fflush (es_stdout); + } + pk = xmalloc_clear( sizeof *pk ); rc = get_pubkey (ctrl, pk, keyid ); if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY ) |