From 6da0dd817eb6153eaf4404147c2332f1298ddba0 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Tue, 20 Dec 2005 20:22:19 +0000 Subject: [PATCH] Basic PKA support. --- trunk/NEWS | 8 ++++++++ trunk/doc/ChangeLog | 4 ++++ trunk/doc/gpgme.texi | 16 ++++++++++++++++ trunk/gpgme/ChangeLog | 7 +++++++ trunk/gpgme/gpgme.h | 7 ++++++- trunk/gpgme/verify.c | 9 +++++++++ trunk/tests/gpgsm/t-keylist.c | 7 +++++++ 7 files changed, 57 insertions(+), 1 deletion(-) diff --git a/trunk/NEWS b/trunk/NEWS index 0aa38c3..670166f 100644 --- a/trunk/NEWS +++ b/trunk/NEWS @@ -19,11 +19,19 @@ Noteworthy changes in version 1.1.1 (unreleased) compatibility is provided. In other words: If free() worked for you before, it will keep working. + * New status codes GPGME_PKA_TRUST_GOOD and GPGME_PKA_TRUST_BAD. + They are analyzed by the verify handlers and made available in the + new PKA_TRUST field of the signature result structure. + + * Interface changes relative to the 1.1.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gpgme_key_sig_t EXTENDED: New field notations. GPGME_KEYLIST_MODE_SIG_NOTATIONS NEW gpgme_free NEW +GPGME_STATUS_PKA_TRUST_BAD NEW +GPGME_STATUS_PKA_TRUST_GOOD NEW +gpgme_signature_t EXTENDED: New field pka_trust. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/trunk/doc/ChangeLog b/trunk/doc/ChangeLog index 4d5239f..394ca8f 100644 --- a/trunk/doc/ChangeLog +++ b/trunk/doc/ChangeLog @@ -1,3 +1,7 @@ +2005-12-20 Werner Koch + + * gpgme.texi (Verify): Document pka_trust. + 2005-12-06 Werner Koch * gpgme.texi (Key Management): Updated to match the fixes for diff --git a/trunk/doc/gpgme.texi b/trunk/doc/gpgme.texi index 351f1dc..1fc4849 100644 --- a/trunk/doc/gpgme.texi +++ b/trunk/doc/gpgme.texi @@ -3985,6 +3985,22 @@ not expire. @item unsigned int wrong_key_usage : 1 This is true if the key was not used according to its policy. +@item unsigned int pka_trust : 2 +This is set to the trust information gained by means of the PKA system. +Values are: + @table @code + @item 0 + No PKA information available or verification not possible. + @item 1 + PKA verification failed. + @item 2 + PKA verification succeeded. + @item 3 + Reserved for future use. + @end table +Depending on the configuration of the engine, this metric may also be +reflected by the validity of the signature. + @item gpgme_validity_t validity The validity of the signature. diff --git a/trunk/gpgme/ChangeLog b/trunk/gpgme/ChangeLog index 3e4308a..3f6e99c 100644 --- a/trunk/gpgme/ChangeLog +++ b/trunk/gpgme/ChangeLog @@ -1,3 +1,10 @@ +2005-12-20 Werner Koch + + * gpgme.h (gpgme_status_code_t): Added GPGME_STATUS_PKA_TRUST_BAD + and GPGME_STATUS_PKA_TRUST_GOOD. + (gpgme_signature_t): New field pka_trust. + * verify.c (_gpgme_verify_status_handler): Set pka_trust. + 2005-12-06 Werner Koch * keylist.c (keylist_colon_handler): Store fingerprints of the diff --git a/trunk/gpgme/gpgme.h b/trunk/gpgme/gpgme.h index 1fafd16..4fb4154 100644 --- a/trunk/gpgme/gpgme.h +++ b/trunk/gpgme/gpgme.h @@ -445,6 +445,8 @@ typedef enum GPGME_STATUS_SC_OP_SUCCESS, GPGME_STATUS_CARDCTRL, GPGME_STATUS_BACKUP_KEY_CREATED, + GPGME_STATUS_PKA_TRUST_BAD, + GPGME_STATUS_PKA_TRUST_GOOD, GPGME_STATUS_PLAINTEXT } @@ -1318,8 +1320,11 @@ struct _gpgme_signature /* Key should not have been used for signing. */ unsigned int wrong_key_usage : 1; + /* PKA status: 0 = not available, 1 = bad, 2 = okay, 3 = RFU. */ + unsigned int pka_trust : 2; + /* Internal to GPGME, do not use. */ - int _unused : 31; + int _unused : 29; gpgme_validity_t validity; gpgme_error_t validity_reason; diff --git a/trunk/gpgme/verify.c b/trunk/gpgme/verify.c index bfce4c8..7792f35 100644 --- a/trunk/gpgme/verify.c +++ b/trunk/gpgme/verify.c @@ -651,6 +651,15 @@ _gpgme_verify_status_handler (void *priv, gpgme_status_code_t code, char *args) return sig ? parse_trust (sig, code, args) : gpg_error (GPG_ERR_INV_ENGINE); + case GPGME_STATUS_PKA_TRUST_BAD: + case GPGME_STATUS_PKA_TRUST_GOOD: + opd->only_newsig_seen = 0; + if (sig && !sig->pka_trust) + sig->pka_trust = code == GPGME_STATUS_PKA_TRUST_GOOD? 2 : 1; + /* FIXME: We should set the mailbox which is the argument to + these status codes into a new field. */ + break; + case GPGME_STATUS_ERROR: opd->only_newsig_seen = 0; /* The error status is informational, so we don't return an diff --git a/trunk/tests/gpgsm/t-keylist.c b/trunk/tests/gpgsm/t-keylist.c index cd01aff..79a61ea 100644 --- a/trunk/tests/gpgsm/t-keylist.c +++ b/trunk/tests/gpgsm/t-keylist.c @@ -345,6 +345,13 @@ main (int argc, char **argv) key->uids->next->uid); exit (1); } + if (key->uids->next && strcmp (key->uids->next->uid, keys[i].email)) + { + fprintf (stderr, "Unexpected email in user ID: %s\n", + key->uids->next->uid); + exit (1); + } + gpgme_key_unref (key); -- 2.26.2