diff options
author | DongHun Kwak <dh0128.kwak@samsung.com> | 2021-02-09 16:00:41 +0900 |
---|---|---|
committer | DongHun Kwak <dh0128.kwak@samsung.com> | 2021-02-09 16:00:41 +0900 |
commit | 0b02a3fcea1ca6f54c1148c08e983b0de24af8bf (patch) | |
tree | 649661be9166cd92b13298ba2aece8a7d99721eb /g10 | |
parent | d91af91dcdf2dd7a0198747a2b4aa864ff288851 (diff) | |
download | gpg2-0b02a3fcea1ca6f54c1148c08e983b0de24af8bf.tar.gz gpg2-0b02a3fcea1ca6f54c1148c08e983b0de24af8bf.tar.bz2 gpg2-0b02a3fcea1ca6f54c1148c08e983b0de24af8bf.zip |
Imported Upstream version 2.2.12upstream/2.2.12
Diffstat (limited to 'g10')
-rw-r--r-- | g10/call-agent.c | 4 | ||||
-rw-r--r-- | g10/call-agent.h | 5 | ||||
-rw-r--r-- | g10/card-util.c | 16 | ||||
-rw-r--r-- | g10/gpg.c | 4 | ||||
-rw-r--r-- | g10/keyid.c | 7 | ||||
-rw-r--r-- | g10/keylist.c | 61 | ||||
-rw-r--r-- | g10/keyserver.c | 4 | ||||
-rw-r--r-- | g10/mainproc.c | 11 | ||||
-rw-r--r-- | g10/options.h | 1 |
9 files changed, 99 insertions, 14 deletions
diff --git a/g10/call-agent.c b/g10/call-agent.c index 6ee82a5..4630506 100644 --- a/g10/call-agent.c +++ b/g10/call-agent.c @@ -704,6 +704,10 @@ learn_status_cb (void *opaque, const char *line) xfree (parm->private_do[no]); parm->private_do[no] = unescape_status_string (line); } + else if (keywordlen == 3 && !memcmp (keyword, "KDF", 3)) + { + parm->kdf_do_enabled = 1; + } return 0; } diff --git a/g10/call-agent.h b/g10/call-agent.h index 7314ae8..d7f102c 100644 --- a/g10/call-agent.h +++ b/g10/call-agent.h @@ -71,6 +71,7 @@ struct agent_card_info_s unsigned int kdf:1; /* KDF object to support PIN hashing available. */ } extcap; unsigned int status_indicator; + int kdf_do_enabled; /* Card has a KDF object */ }; @@ -192,14 +193,14 @@ gpg_error_t agent_keywrap_key (ctrl_t ctrl, int forexport, gpg_error_t agent_import_key (ctrl_t ctrl, const char *desc, char **cache_nonce_addr, const void *key, size_t keylen, int unattended, int force, - u32 *keyid, u32 *mainkeyid, int pubkey_algo); + u32 *keyid, u32 *mainkeyid, int pubkey_algo); /* Receive a key from the agent. */ gpg_error_t agent_export_key (ctrl_t ctrl, const char *keygrip, const char *desc, int openpgp_protected, char **cache_nonce_addr, unsigned char **r_result, size_t *r_resultlen, - u32 *keyid, u32 *mainkeyid, int pubkey_algo); + u32 *keyid, u32 *mainkeyid, int pubkey_algo); /* Delete a key from the agent. */ gpg_error_t agent_delete_key (ctrl_t ctrl, const char *hexkeygrip, diff --git a/g10/card-util.c b/g10/card-util.c index 52a09b5..13c2445 100644 --- a/g10/card-util.c +++ b/g10/card-util.c @@ -509,6 +509,10 @@ current_card_status (ctrl_t ctrl, estream_t fp, es_fprintf (fp, "pinretry:%d:%d:%d:\n", info.chvretry[0], info.chvretry[1], info.chvretry[2]); es_fprintf (fp, "sigcount:%lu:::\n", info.sig_counter); + if (info.extcap.kdf) + { + es_fprintf (fp, "kdf:%s:\n", info.kdf_do_enabled ? "on" : "off"); + } for (i=0; i < 4; i++) { @@ -612,6 +616,11 @@ current_card_status (ctrl_t ctrl, estream_t fp, tty_fprintf (fp, "PIN retry counter : %d %d %d\n", info.chvretry[0], info.chvretry[1], info.chvretry[2]); tty_fprintf (fp, "Signature counter : %lu\n", info.sig_counter); + if (info.extcap.kdf) + { + tty_fprintf (fp, "KDF setting ......: %s\n", + info.kdf_do_enabled ? "on" : "off"); + } tty_fprintf (fp, "Signature key ....:"); print_sha1_fpr (fp, info.fpr1valid? info.fpr1:NULL); if (info.fpr1valid && info.fpr1time) @@ -667,7 +676,7 @@ card_status (ctrl_t ctrl, estream_t fp, const char *serialno) { int err; strlist_t card_list, sl; - char *serialno0; + char *serialno0, *serialno1; int all_cards = 0; if (serialno == NULL) @@ -693,8 +702,6 @@ card_status (ctrl_t ctrl, estream_t fp, const char *serialno) for (sl = card_list; sl; sl = sl->next) { - char *serialno1; - if (!all_cards && strcmp (serialno, sl->d)) continue; @@ -715,7 +722,8 @@ card_status (ctrl_t ctrl, estream_t fp, const char *serialno) } /* Select the original card again. */ - err = agent_scd_serialno (&serialno0, serialno0); + err = agent_scd_serialno (&serialno1, serialno0); + xfree (serialno1); leave: xfree (serialno0); @@ -1972,6 +1972,8 @@ parse_list_options(char *str) N_("show expiration dates during signature listings")}, {"show-sig-subpackets",LIST_SHOW_SIG_SUBPACKETS,NULL, NULL}, + {"show-only-fpr-mbox",LIST_SHOW_ONLY_FPR_MBOX, NULL, + NULL}, {NULL,0,NULL,NULL} }; @@ -3487,7 +3489,7 @@ main (int argc, char **argv) case oAutoKeyLocate: if (default_akl) { - /* This is the first time --aito-key-locate is seen. + /* This is the first time --auto-key-locate is seen. * We need to reset the default akl. */ default_akl = 0; release_akl(); diff --git a/g10/keyid.c b/g10/keyid.c index ba35ec2..5b868cd 100644 --- a/g10/keyid.c +++ b/g10/keyid.c @@ -941,7 +941,12 @@ keygrip_from_pk (PKT_public_key *pk, unsigned char *array) if (!gcry_pk_get_keygrip (s_pkey, array)) { - log_info ("error computing keygrip\n"); + char *hexfpr; + + hexfpr = hexfingerprint (pk, NULL, 0); + log_info ("error computing keygrip (fpr=%s)\n", hexfpr); + xfree (hexfpr); + memset (array, 0, 20); err = gpg_error (GPG_ERR_GENERAL); } diff --git a/g10/keylist.c b/g10/keylist.c index 7942558..66b03bb 100644 --- a/g10/keylist.c +++ b/g10/keylist.c @@ -211,7 +211,7 @@ print_pubkey_info (ctrl_t ctrl, estream_t fp, PKT_public_key *pk) else p = get_user_id_native (ctrl, keyid); - if (fp) + if (!fp) tty_printf ("\n"); tty_fprintf (fp, "%s %s/%s %s %s\n", pk->flags.primary? "pub":"sub", @@ -540,7 +540,7 @@ list_all (ctrl_t ctrl, int secret, int mark_secret) ; /* Secret key listing requested but this isn't one. */ else { - if (!opt.with_colons) + if (!opt.with_colons && !(opt.list_options & LIST_SHOW_ONLY_FPR_MBOX)) { resname = keydb_get_resource_name (hd); if (lastresname != resname) @@ -1217,6 +1217,57 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr, xfree (hexgrip); } + +/* Do a simple key listing printing only the fingerprint and the mail + * address of valid keys. */ +static void +list_keyblock_simple (ctrl_t ctrl, kbnode_t keyblock) +{ + gpg_err_code_t ec; + kbnode_t kbctx; + kbnode_t node; + char hexfpr[2*MAX_FINGERPRINT_LEN+1]; + char *mbox; + + (void)ctrl; + + node = find_kbnode (keyblock, PKT_PUBLIC_KEY); + if (!node) + { + log_error ("Oops; key lost!\n"); + dump_kbnode (keyblock); + return; + } + hexfingerprint (node->pkt->pkt.public_key, hexfpr, sizeof hexfpr); + + for (kbctx = NULL; (node = walk_kbnode (keyblock, &kbctx, 0));) + { + if (node->pkt->pkttype == PKT_USER_ID) + { + PKT_user_id *uid = node->pkt->pkt.user_id; + + if (uid->attrib_data) + continue; + + if (uid->flags.expired || uid->flags.revoked) + continue; + + mbox = mailbox_from_userid (uid->name); + if (!mbox) + { + ec = gpg_err_code_from_syserror (); + if (ec != GPG_ERR_EINVAL) + log_error ("error getting mailbox from user-id: %s\n", + gpg_strerror (ec)); + continue; + } + es_fprintf (es_stdout, "%s %s\n", hexfpr, mbox); + xfree (mbox); + } + } +} + + void print_revokers (estream_t fp, PKT_public_key * pk) { @@ -1767,6 +1818,12 @@ list_keyblock (ctrl_t ctrl, if (opt.with_colons) list_keyblock_colon (ctrl, keyblock, secret, has_secret); + else if ((opt.list_options & LIST_SHOW_ONLY_FPR_MBOX)) + { + if (!listctx->no_validity) + check_trustdb_stale (ctrl); + list_keyblock_simple (ctrl, keyblock); + } else list_keyblock_print (ctrl, keyblock, secret, fpr, listctx); diff --git a/g10/keyserver.c b/g10/keyserver.c index a8c222d..8509d83 100644 --- a/g10/keyserver.c +++ b/g10/keyserver.c @@ -1528,7 +1528,7 @@ keyserver_search (ctrl_t ctrl, strlist_t tokens) err = gpg_dirmngr_ks_search (ctrl, searchstr, search_line_handler, &parm); - if (parm.not_found) + if (parm.not_found || gpg_err_code (err) == GPG_ERR_NO_DATA) { if (parm.searchstr_disp) log_info (_("key \"%s\" not found on keyserver\n"), @@ -1539,6 +1539,8 @@ keyserver_search (ctrl_t ctrl, strlist_t tokens) if (gpg_err_code (err) == GPG_ERR_NO_KEYSERVER) log_error (_("no keyserver known (use option --keyserver)\n")); + else if (gpg_err_code (err) == GPG_ERR_NO_DATA) + err = gpg_error (GPG_ERR_NOT_FOUND); else if (err) log_error ("error searching keyserver: %s\n", gpg_strerror (err)); diff --git a/g10/mainproc.c b/g10/mainproc.c index f4e3db6..a0ec2e9 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -799,7 +799,10 @@ proc_plaintext( CTX c, PACKET *pkt ) /* The onepass signature case. */ if (n->pkt->pkt.onepass_sig->digest_algo) { - gcry_md_enable (c->mfx.md, n->pkt->pkt.onepass_sig->digest_algo); + if (!opt.skip_verify) + gcry_md_enable (c->mfx.md, + n->pkt->pkt.onepass_sig->digest_algo); + any = 1; } } @@ -817,7 +820,8 @@ proc_plaintext( CTX c, PACKET *pkt ) * documents. */ clearsig = (*data == 0x01); for (data++, datalen--; datalen; datalen--, data++) - gcry_md_enable (c->mfx.md, *data); + if (!opt.skip_verify) + gcry_md_enable (c->mfx.md, *data); any = 1; break; /* Stop here as one-pass signature packets are not expected. */ @@ -825,7 +829,8 @@ proc_plaintext( CTX c, PACKET *pkt ) else if (n->pkt->pkttype == PKT_SIGNATURE) { /* The SIG+LITERAL case that PGP used to use. */ - gcry_md_enable ( c->mfx.md, n->pkt->pkt.signature->digest_algo ); + if (!opt.skip_verify) + gcry_md_enable (c->mfx.md, n->pkt->pkt.signature->digest_algo); any = 1; } } diff --git a/g10/options.h b/g10/options.h index 6c67265..782c0cb 100644 --- a/g10/options.h +++ b/g10/options.h @@ -378,6 +378,7 @@ EXTERN_UNLESS_MAIN_MODULE int memory_stat_debug_mode; #define LIST_SHOW_SIG_EXPIRE (1<<9) #define LIST_SHOW_SIG_SUBPACKETS (1<<10) #define LIST_SHOW_USAGE (1<<11) +#define LIST_SHOW_ONLY_FPR_MBOX (1<<12) #define VERIFY_SHOW_PHOTOS (1<<0) #define VERIFY_SHOW_POLICY_URLS (1<<1) |