diff options
| author | Neal H. Walfield <[email protected]> | 2015-10-18 16:44:05 +0000 |
|---|---|---|
| committer | Neal H. Walfield <[email protected]> | 2015-10-18 16:45:40 +0000 |
| commit | f77913e0ff7be4cd9c6337a70ac715e6f4a43572 (patch) | |
| tree | d54aafd73b9f88111d953413c5e0b90c67a79239 /g10/keylist.c | |
| parent | common: Prefix the mkdir functions with gnupg_. Make args const. (diff) | |
| download | gnupg-f77913e0ff7be4cd9c6337a70ac715e6f4a43572.tar.gz gnupg-f77913e0ff7be4cd9c6337a70ac715e6f4a43572.zip | |
g10: Add TOFU support.
* configure.ac: Check for sqlite3.
(SQLITE3_CFLAGS): AC_SUBST it.
(SQLITE3_LIBS): Likewise.
* g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS).
(gpg2_SOURCES): Add tofu.h and tofu.c.
(gpg2_LDADD): Add $(SQLITE3_LIBS).
* g10/tofu.c: New file.
* g10/tofu.h: New file.
* g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP.
(tofu_db_format): Define.
* g10/packet.h (PKT_signature): Add fields digest and digest_len.
* g10/gpg.c: Include "tofu.h".
(cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy,
oTOFUDBFormat.
(opts): Add them.
(parse_trust_model): Recognize the tofu and tofu+pgp trust models.
(parse_tofu_policy): New function.
(parse_tofu_db_format): New function.
(main): Initialize opt.tofu_default_policy and opt.tofu_db_format.
Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat.
* g10/mainproc.c (do_check_sig): If the signature is good, copy the
hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately.
* g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update
callers.
(tdb_get_validity_core): Add arguments sig and may_ask. Update
callers.
* g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them
to tdb_get_validity_core.
* g10/trustdb.c: Include "tofu.h".
(trust_model_string): Handle TM_TOFU and TM_TOFU_PGP.
(tdb_get_validity_core): Add arguments sig and may_ask. If
OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust
level. Combine it with the computed PGP trust level, if appropriate.
* g10/keyedit.c: Include "tofu.h".
(show_key_with_all_names_colon): If the trust mode is tofu or
tofu+pgp, then show the trust policy.
* g10/keylist.c: Include "tofu.h".
(public_key_list): Also show the PGP stats if the trust model is
TM_TOFU_PGP.
(list_keyblock_colon): If the trust mode is tofu or
tofu+pgp, then show the trust policy.
* g10/pkclist.c: Include "tofu.h".
* g10/gpgv.c (get_validity): Add arguments sig and may_ask.
(enum tofu_policy): Define.
(tofu_get_policy): New stub.
(tofu_policy_str): Likewise.
* g10/test-stubs.c (get_validity): Add arguments sig and may_ask.
(enum tofu_policy): Define.
(tofu_get_policy): New stub.
(tofu_policy_str): Likewise.
* doc/DETAILS: Describe the TOFU Policy field.
* doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu,
--trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format.
* tests/openpgp/Makefile.am (TESTS): Add tofu.test.
(TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc,
tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt.
(CLEANFILES): Add tofu.db.
(clean-local): Add tofu.d.
* tests/openpgp/tofu.test: New file.
* tests/openpgp/tofu-2183839A-1.txt: New file.
* tests/openpgp/tofu-BC15C85A-1.txt: New file.
* tests/openpgp/tofu-EE37CF96-1.txt: New file.
* tests/openpgp/tofu-keys.asc: New file.
* tests/openpgp/tofu-keys-secret.asc: New file.
--
Signed-off-by: Neal H. Walfield <[email protected]>.
Diffstat (limited to 'g10/keylist.c')
| -rw-r--r-- | g10/keylist.c | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/g10/keylist.c b/g10/keylist.c index 3814f1c7c..154169718 100644 --- a/g10/keylist.c +++ b/g10/keylist.c @@ -43,6 +43,7 @@ #include "status.h" #include "call-agent.h" #include "mbox-util.h" +#include "tofu.h" static void list_all (ctrl_t, int, int); @@ -99,7 +100,8 @@ public_key_list (ctrl_t ctrl, strlist_t list, int locate_mode) es_fprintf (es_stdout, "o"); if (trust_model != opt.trust_model) es_fprintf (es_stdout, "t"); - if (opt.trust_model == TM_PGP || opt.trust_model == TM_CLASSIC) + if (opt.trust_model == TM_PGP || opt.trust_model == TM_CLASSIC + || opt.trust_model == TM_TOFU_PGP) { if (marginals != opt.marginals_needed) es_fprintf (es_stdout, "m"); @@ -1067,7 +1069,7 @@ list_keyblock_print (KBNODE keyblock, int secret, int fpr, include, but it looks sort of confusing in the listing... */ if (opt.list_options & LIST_SHOW_VALIDITY) { - int validity = get_validity (pk, NULL); + int validity = get_validity (pk, NULL, NULL, 0); es_fprintf (es_stdout, " [%s]", trust_value_to_string (validity)); } #endif @@ -1438,6 +1440,7 @@ list_keyblock_colon (KBNODE keyblock, int secret, int has_secret, int fpr) xfree (curve); } es_putc (':', es_stdout); /* End of field 17. */ + es_putc (':', es_stdout); /* End of field 18. */ es_putc ('\n', es_stdout); print_revokers (es_stdout, pk); @@ -1495,6 +1498,14 @@ list_keyblock_colon (KBNODE keyblock, int secret, int has_secret, int fpr) es_fprintf (es_stdout, "%u %lu", uid->numattribs, uid->attrib_len); else es_write_sanitized (es_stdout, uid->name, uid->len, ":", NULL); + es_fprintf (es_stdout, "::::::::"); + if (opt.trust_model == TM_TOFU || opt.trust_model == TM_TOFU_PGP) + { + enum tofu_policy policy; + if (! tofu_get_policy (pk, uid, &policy) + && policy != TOFU_POLICY_NONE) + es_fprintf (es_stdout, "%s", tofu_policy_str (policy)); + } es_putc (':', es_stdout); es_putc ('\n', es_stdout); } |