gpg: Add option --assert-pubkey_algo.

* g10/keyid.c (parse_one_algo_string): New.
(compare_pubkey_string_part): New.
(compare_pubkey_string): New.
* g10/verify.c (check_assert_signer_list): New.
* g10/mainproc.c (check_sig_and_print): Call check_assert_pubkey_algo.
* g10/options.h (opt): Add field assert_pubkey_algos.
* g10/gpg.c (oAssertPubkeyAlgo): New.
(opts): Add "--assert-pubkey_algo".
(assert_pubkey_algo_false): New.
(main): Parse option.
(g10_exit): Reorder RC modifications.  Check assert_pubkey_algo_false.
* common/status.h (ASSERT_PUBKEY_ALGOS): new.
* common/t-support.h (LEAN_T_SUPPORT): Use a simplified version if
this macro is set.

* g10/gpgv.c (oAssertPubkeyAlgo): New.
(opts): Add "--assert-pubkey_algo".
(assert_pubkey_algo_false): New.
(main): Parse option.
(g10_exit): Check assert_pubkey_algo_false.

* g10/t-keyid.c: New.
* g10/Makefile.am: Add t-keyid.
* g10/test-stubs.c: Add assert_pubkey_algos and assert_signer_list and
remove from other tests.
(check_assert_signer_list): Ditto.
(check_assert_pubkey_algo): Ditto.
--

GnuPG-bug-id: 6946

1 files changed, 28 insertions, 4 deletions

diff --git a/g10/gpgv.c b/g10/gpgv.c
index f2895563e..c3b09f752 100644
--- a/g10/gpgv.c
+++ b/g10/gpgv.c
@@ -68,6 +68,7 @@ enum cmd_and_opt_values {
   oWeakDigest,
   oEnableSpecialFilenames,
   oDebug,
+  oAssertPubkeyAlgo,
   aTest
 };
 
@@ -91,6 +92,7 @@ static gpgrt_opt_t opts[] = {
                 N_("|ALGO|reject signatures made with ALGO")),
   ARGPARSE_s_n (oEnableSpecialFilenames, "enable-special-filenames", "@"),
   ARGPARSE_s_s (oDebug, "debug", "@"),
+  ARGPARSE_s_s (oAssertPubkeyAlgo,"assert-pubkey-algo", "@"),
 
   ARGPARSE_end ()
 };
@@ -119,6 +121,7 @@ static struct debug_flags_s debug_flags [] =
 
 int g10_errors_seen = 0;
 int assert_signer_true = 0;
+int assert_pubkey_algo_false = 0;
 
 static char *
 make_libversion (const char *libname, const char *(*getfnc)(const char*))
@@ -251,6 +254,19 @@ main( int argc, char **argv )
         case oEnableSpecialFilenames:
           enable_special_filenames ();
           break;
+
+        case oAssertPubkeyAlgo:
+          if (!opt.assert_pubkey_algos)
+            opt.assert_pubkey_algos = xstrdup (pargs.r.ret_str);
+          else
+            {
+              char *tmp = opt.assert_pubkey_algos;
+              opt.assert_pubkey_algos = xstrconcat (tmp, ",",
+                                                    pargs.r.ret_str, NULL);
+              xfree (tmp);
+            }
+          break;
+
         default : pargs.err = ARGPARSE_PRINT_ERROR; break;
 	}
     }
@@ -288,10 +304,18 @@ main( int argc, char **argv )
 
 
 void
-g10_exit( int rc )
-{
-  rc = rc? rc : log_get_errorcount(0)? 2 : g10_errors_seen? 1 : 0;
-  exit(rc );
+g10_exit (int rc)
+{
+  if (rc)
+    ;
+  else if (log_get_errorcount(0))
+    rc = 2;
+  else if (g10_errors_seen)
+    rc = 1;
+  else if (opt.assert_pubkey_algos && assert_pubkey_algo_false)
+    rc = 1;
+
+  exit (rc);
 }