From: Werner Koch Date: Tue, 6 Dec 2005 16:30:21 +0000 (+0000) Subject: * Fixed a bug in that the fingerprints of subkeys are not available. X-Git-Tag: gpgme-1-1-1~18 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=a1e484f9eac9dfc8e29fdd4955bf8b422ae52061;p=gpgme.git * Fixed a bug in that the fingerprints of subkeys are not available. * Clarified usage of the SECRET flag in key listings. It is now reset for stub keys. --- diff --git a/NEWS b/NEWS index aaf55b1..0aa38c3 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,11 @@ Noteworthy changes in version 1.1.1 (unreleased) ------------------------------------------------ + * Fixed a bug in that the fingerprints of subkeys are not available. + + * Clarified usage of the SECRET flag in key listings. It is now + reset for stub keys. + * Reading signature notations and policy URLs on key signatures is supported. They can be found in the new field notations of the gpgme_key_sig_t structure. This has to be enabled with the keylist diff --git a/doc/ChangeLog b/doc/ChangeLog index acc5ada..4d5239f 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,3 +1,8 @@ +2005-12-06 Werner Koch + + * gpgme.texi (Key Management): Updated to match the fixes for + subkey fingerprints and theg secret flag. + 2005-10-06 Marcus Brinkmann * gpgme.texi (Destroying Data Buffers): Document gpgme_free. diff --git a/doc/gpgme.texi b/doc/gpgme.texi index 2bb436c..351f1dc 100644 --- a/doc/gpgme.texi +++ b/doc/gpgme.texi @@ -2385,7 +2385,9 @@ This is true if the subkey can be used for qualified signatures according to local government regulations. @item unsigned int secret : 1 -This is true if the subkey is a secret key. +This is true if the subkey is a secret key. Note that it will be false +if the key is actually a stub key; i.e. a secret key operation is +currently not possible (offline-key). @item gpgme_pubkey_algo_t pubkey_algo This is the public key algorithm supported by this subkey. @@ -2398,7 +2400,7 @@ This is the key ID of the subkey in hexadecimal digits. @item char *fpr This is the fingerprint of the subkey in hexadecimal digits, if -available. This is usually only available for the primary key. +available. @item long int timestamp This is the creation timestamp of the subkey. This is -1 if the @@ -2566,7 +2568,9 @@ This is true if the key can be used for qualified signatures according to local government regulations. @item unsigned int secret : 1 -This is true if the key is a secret key. +This is true if the key is a secret key. Note, that this will always be +true even if the corresponding subkey flag may be false (offline/stub +keys). @item gpgme_protocol_t protocol This is the protocol supported by this key. diff --git a/gpgme/ChangeLog b/gpgme/ChangeLog index 1f71762..3e4308a 100644 --- a/gpgme/ChangeLog +++ b/gpgme/ChangeLog @@ -1,3 +1,9 @@ +2005-12-06 Werner Koch + + * keylist.c (keylist_colon_handler): Store fingerprints of the + subkeys. Reset the secret flag of subkeys for stub secret keys. + (NR_FIELDS): Bumped up to 16 + 2005-11-27 Marcus Brinkmann * engine.c (_gpgme_set_engine_info): Use new_file_name in diff --git a/gpgme/keylist.c b/gpgme/keylist.c index e05a4e3..5020177 100644 --- a/gpgme/keylist.c +++ b/gpgme/keylist.c @@ -375,7 +375,7 @@ keylist_colon_handler (void *priv, char *line) RT_SSB, RT_SEC, RT_CRT, RT_CRS, RT_REV, RT_SPK } rectype = RT_NONE; -#define NR_FIELDS 13 +#define NR_FIELDS 16 char *field[NR_FIELDS]; int fields = 0; void *hook; @@ -466,7 +466,7 @@ keylist_colon_handler (void *priv, char *line) } if (rectype == RT_SEC || rectype == RT_CRS) - key->secret = 1; + key->secret = subkey->secret = 1; if (rectype == RT_CRT || rectype == RT_CRS) key->protocol = GPGME_PROTOCOL_CMS; finish_key (ctx, opd); @@ -528,6 +528,13 @@ keylist_colon_handler (void *priv, char *line) /* Field 12 has the capabilities. */ if (fields >= 12) set_mainkey_capability (key, field[11]); + + /* Field 15 carries special flags of a secret key. We reset the + SECRET flag of a subkey here if the key is actually only a + stub. The SECRET flag of the key will be true even then. */ + if (fields >= 15 && key->secret) + if (*field[14] == '#') + subkey->secret = 0; break; case RT_SUB: @@ -582,6 +589,11 @@ keylist_colon_handler (void *priv, char *line) /* Field 12 has the capabilities. */ if (fields >= 12) set_subkey_capability (subkey, field[11]); + + /* Field 15 carries special flags of a secret key. */ + if (fields >= 15 && key->secret) + if (*field[14] == '#') + subkey->secret = 0; break; case RT_UID: @@ -601,11 +613,17 @@ keylist_colon_handler (void *priv, char *line) case RT_FPR: /* Field 10 has the fingerprint (take only the first one). */ - if (fields >= 10 && !key->subkeys->fpr && field[9] && *field[9]) + if (fields >= 10 && field[9] && *field[9]) { - key->subkeys->fpr = strdup (field[9]); - if (!key->subkeys->fpr) - return gpg_error_from_errno (errno); + /* Need to apply it to the last subkey because all subkeys + do have fingerprints. */ + subkey = key->_last_subkey; + if (!subkey->fpr) + { + subkey->fpr = strdup (field[9]); + if (!subkey->fpr) + return gpg_error_from_errno (errno); + } } /* Field 13 has the gpgsm chain ID (take only the first one). */ diff --git a/tests/ChangeLog b/tests/ChangeLog index 4ef2f8c..a25e82b 100644 --- a/tests/ChangeLog +++ b/tests/ChangeLog @@ -1,3 +1,10 @@ +2005-12-06 Werner Koch + + * gpg/t-keylist.c (main): Changed for that secondary keys now have + a fingerprint. + * gpg/t-keylist-sig.c (main): Ditto. + * gpgsm/t-keylist.c (main): Ditto. The test used to be wrong. + 2005-10-18 Werner Koch * gpg/pubdemo.asc, gpg/secdemo.asc: Add 2 expired subkeys to diff --git a/tests/gpg/t-keylist-sig.c b/tests/gpg/t-keylist-sig.c index e3e577b..b89ba33 100644 --- a/tests/gpg/t-keylist-sig.c +++ b/tests/gpg/t-keylist-sig.c @@ -310,10 +310,9 @@ main (int argc, char **argv) key->subkeys->next->keyid); exit (1); } - if (key->subkeys->next->fpr) + if (!key->subkeys->next->fpr) { - fprintf (stderr, "Secondary key has unexpectedly a fingerprint: %s\n", - key->subkeys->next->fpr); + fprintf (stderr, "Secondary key has unexpectedly no fingerprint\n"); exit (1); } if (key->subkeys->next->expires) @@ -467,7 +466,7 @@ main (int argc, char **argv) after importing the secret key. We disable this test for now. */ #ifdef __GNUC__ -#warning test disabled due to problems with gpg 1.3.4 +#warning test disabled due to problems with gpg 1.3.4 generated key #endif if (key->uids && (!key->uids->next->signatures /*|| key->uids->next->signatures->next*/)) { diff --git a/tests/gpg/t-keylist.c b/tests/gpg/t-keylist.c index b735490..c8c71d0 100644 --- a/tests/gpg/t-keylist.c +++ b/tests/gpg/t-keylist.c @@ -361,10 +361,9 @@ main (int argc, char **argv) key->subkeys->next->keyid, keys[i].sec_keyid ); exit (1); } - if (key->subkeys->next->fpr) + if (!key->subkeys->next->fpr) { - fprintf (stderr, "Secondary key has unexpectedly a fingerprint: %s\n", - key->subkeys->next->fpr); + fprintf (stderr, "Secondary key has unexpectedly no fingerprint\n"); exit (1); } if (key->subkeys->next->expires) diff --git a/tests/gpgsm/t-keylist.c b/tests/gpgsm/t-keylist.c index e06082c..cd01aff 100644 --- a/tests/gpgsm/t-keylist.c +++ b/tests/gpgsm/t-keylist.c @@ -245,9 +245,10 @@ main (int argc, char **argv) fprintf (stderr, "Primary key unexpectedly unusable for certifications\n"); exit (1); } - if (key->subkeys->secret) + if (key->subkeys->secret != keys[i].secret) { - fprintf (stderr, "Primary key unexpectedly secret\n"); + fprintf (stderr, "Primary Key unexpectedly%s secret\n", + key->secret ? "" : " not"); exit (1); } if (key->subkeys->pubkey_algo != GPGME_PK_RSA)