gpg: Add option --assert-pubkey_algo.

* g10/keyid.c (parse_one_algo_string): New.
(compare_pubkey_string_part): New.
(compare_pubkey_string): New.
* g10/verify.c (check_assert_signer_list): New.
* g10/mainproc.c (check_sig_and_print): Call check_assert_pubkey_algo.
* g10/options.h (opt): Add field assert_pubkey_algos.
* g10/gpg.c (oAssertPubkeyAlgo): New.
(opts): Add "--assert-pubkey_algo".
(assert_pubkey_algo_false): New.
(main): Parse option.
(g10_exit): Reorder RC modifications.  Check assert_pubkey_algo_false.
* common/status.h (ASSERT_PUBKEY_ALGOS): new.
* common/t-support.h (LEAN_T_SUPPORT): Use a simplified version if
this macro is set.

* g10/gpgv.c (oAssertPubkeyAlgo): New.
(opts): Add "--assert-pubkey_algo".
(assert_pubkey_algo_false): New.
(main): Parse option.
(g10_exit): Check assert_pubkey_algo_false.

* g10/t-keyid.c: New.
* g10/Makefile.am: Add t-keyid.
* g10/test-stubs.c: Add assert_pubkey_algos and assert_signer_list and
remove from other tests.
(check_assert_signer_list): Ditto.
(check_assert_pubkey_algo): Ditto.
--

GnuPG-bug-id: 6946

1 files changed, 6 insertions, 0 deletions

diff --git a/doc/DETAILS b/doc/DETAILS
index fd95e511c..29e39708b 100644
--- a/doc/DETAILS
+++ b/doc/DETAILS
@@ -527,6 +527,12 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
     --assert-signer is used.  The fingerprint is printed with
     uppercase hex digits.
 
+*** ASSERT_PUBKEY_ALGO <fingerprint> <state> <algostr>
+    This is emitted when option --assert-pubkey-algo is used and the
+    signing algorithms is accepted according to that list if state is
+    1 or denied if state is 0.  The fingerprint is printed with
+    uppercase hex digits.
+
 *** SIG_ID  <radix64_string>  <sig_creation_date>  <sig-timestamp>
     This is emitted only for signatures of class 0 or 1 which have
     been verified okay.  The string is a signature id and may be used