diff options
| author | Werner Koch <[email protected]> | 2019-09-05 19:27:13 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2019-09-05 19:27:13 +0000 |
| commit | 209caaff66fbe96df144e6b1474435992e087fa4 (patch) | |
| tree | cd48db5a2e3feb4b4f377bbdc8a985bdf25754af /g10/keydb.h | |
| parent | gpg: Rework the signature subpacket iteration function. (diff) | |
| download | gnupg-209caaff66fbe96df144e6b1474435992e087fa4.tar.gz gnupg-209caaff66fbe96df144e6b1474435992e087fa4.zip | |
gpg: Prepare parser for the new attestation certificates.
* common/openpgpdefs.h (SIGSUBPKT_ATTST_SIGS): New.
* g10/keydb.h (IS_ATTST_SIGS): New.
(IS_CERT): Include the new one.
* g10/sign.c (mk_notation_policy_etc): Do not put notations into
attestation key signatures.
* g10/parse-packet.c (dump_sig_subpkt): Add new arg digest_algo.
Print the attestation sigs.
(parse_one_sig_subpkt): Support SIGSUBPKT_ATTST_SIGS.
(can_handle_critical): Ditto.
(enum_sig_subpkt): Pass digest algo to dump_sig_subpkt.
--
This change allows to list the new subpacket with --list-packets.
Example output:
:signature packet: algo 22, keyid C694723A1370EAB1
version 4, created 1567097576, md5len 0, sigclass 0x16
digest algo 8, begin of digest ff 0c
hashed subpkt 2 len 4 (sig created 2019-08-29)
hashed subpkt 37 len 32 (attst-sigs: 1
A794C6E9CCFE2F34C67E07[...])
hashed subpkt 33 len 21 (issuer fpr v4 156A3872[...])
subpkt 16 len 8 (issuer key ID C694723A1370EAB1)
data: [256 bits]
data: [256 bits]
GnuPG-bug-id: 4694
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to 'g10/keydb.h')
| -rw-r--r-- | g10/keydb.h | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/g10/keydb.h b/g10/keydb.h index 6b719ad44..72ba98d04 100644 --- a/g10/keydb.h +++ b/g10/keydb.h @@ -29,11 +29,17 @@ /* What qualifies as a certification (key-signature in contrast to a * data signature)? Note that a back signature is special and can be * made by key and data signatures capable subkeys.) */ -#define IS_CERT(s) (IS_KEY_SIG(s) || IS_UID_SIG(s) || IS_SUBKEY_SIG(s) \ - || IS_KEY_REV(s) || IS_UID_REV(s) || IS_SUBKEY_REV(s)) +#define IS_CERT(s) (IS_KEY_SIG(s) \ + || IS_UID_SIG(s) \ + || IS_SUBKEY_SIG(s) \ + || IS_KEY_REV(s) \ + || IS_UID_REV(s) \ + || IS_SUBKEY_REV(s) \ + || IS_ATTST_SIGS(s) ) #define IS_SIG(s) (!IS_CERT(s)) #define IS_KEY_SIG(s) ((s)->sig_class == 0x1f) #define IS_UID_SIG(s) (((s)->sig_class & ~3) == 0x10) +#define IS_ATTST_SIGS(s) ((s)->sig_class == 0x16) #define IS_SUBKEY_SIG(s) ((s)->sig_class == 0x18) #define IS_BACK_SIG(s) ((s)->sig_class == 0x19) #define IS_KEY_REV(s) ((s)->sig_class == 0x20) |