* options.h, g10.c (main), mainproc.c (check_sig_and_print): Add
authorDavid Shaw <dshaw@jabberwocky.com>
Sun, 20 Jul 2003 02:09:06 +0000 (02:09 +0000)
committerDavid Shaw <dshaw@jabberwocky.com>
Sun, 20 Jul 2003 02:09:06 +0000 (02:09 +0000)
verify-options "show-validity" and "show-long-keyid" to show trustdb
validity and long keyids during (file) signature verification.

g10/ChangeLog
g10/g10.c
g10/mainproc.c
g10/options.h

index 7c532dd..cc66927 100644 (file)
@@ -1,5 +1,10 @@
 2003-07-19  David Shaw  <dshaw@jabberwocky.com>
 
+       * options.h, g10.c (main), mainproc.c (check_sig_and_print): Add
+       verify-options "show-validity" and "show-long-keyid" to show
+       trustdb validity and long keyids during (file) signature
+       verification.
+
        * packet.h, main.h, sig-check.c (signature_check2,
        check_key_signature2, do_check): If ret_pk is set, fill in the pk
        used to verify the signature.  Change all callers in getkey.c,
index 27a000c..c2dab50 100644 (file)
--- a/g10/g10.c
+++ b/g10/g10.c
@@ -1757,9 +1757,9 @@ main( int argc, char **argv )
                  {"show-photos",LIST_SHOW_PHOTOS},
                  {"show-policy-url",LIST_SHOW_POLICY},
                  {"show-notation",LIST_SHOW_NOTATION},
-                 {"show-keyring",LIST_SHOW_KEYRING},
                  {"show-validity",LIST_SHOW_VALIDITY},
                  {"show-long-keyid",LIST_SHOW_LONG_KEYID},
+                 {"show-keyring",LIST_SHOW_KEYRING},
                  {NULL,0}
                };
 
@@ -1781,6 +1781,8 @@ main( int argc, char **argv )
                  {"show-policy-url",VERIFY_SHOW_POLICY},
                  {"show-notation",VERIFY_SHOW_NOTATION},
                  {"show-preferred-keyserver",VERIFY_SHOW_KEYSERVER},
+                 {"show-validity",VERIFY_SHOW_VALIDITY},
+                 {"show-long-keyid",VERIFY_SHOW_LONG_KEYID},
                  {NULL,0}
                };
 
index 0bd1a56..ea3b82d 100644 (file)
@@ -1270,8 +1270,16 @@ check_sig_and_print( CTX c, KBNODE node )
 
     tstr = asctimestamp(sig->timestamp);
     astr = pubkey_algo_to_string( sig->pubkey_algo );
-    log_info(_("Signature made %.*s using %s key ID %08lX\n"),
-           (int)strlen(tstr), tstr, astr? astr: "?", (ulong)sig->keyid[1] );
+    if(opt.verify_options&VERIFY_SHOW_LONG_KEYID)
+      {
+       log_info(_("Signature made %.*s\n"),(int)strlen(tstr), tstr);
+       log_info(_("               using %s key %08lX%08lX\n"),
+                astr? astr: "?",(ulong)sig->keyid[0],(ulong)sig->keyid[1] );
+      }
+    else
+      log_info(_("Signature made %.*s using %s key ID %08lX\n"),
+              (int)strlen(tstr), tstr, astr? astr: "?",
+              (ulong)sig->keyid[1] );
 
     rc = do_check_sig(c, node, NULL, &is_expkey );
     if( rc == G10ERR_NO_PUBKEY && opt.keyserver_scheme && opt.keyserver_options.auto_key_retrieve) {
@@ -1304,6 +1312,7 @@ check_sig_and_print( CTX c, KBNODE node )
        KBNODE un, keyblock;
        int count=0, statno;
         char keyid_str[50];
+       PKT_public_key *pk=NULL;
 
        if(rc)
          statno=STATUS_BADSIG;
@@ -1321,6 +1330,11 @@ check_sig_and_print( CTX c, KBNODE node )
 
         /* find and print the primary user ID */
        for( un=keyblock; un; un = un->next ) {
+           if(un->pkt->pkttype==PKT_PUBLIC_KEY)
+             {
+               pk=un->pkt->pkt.public_key;
+               continue;
+             }
            if( un->pkt->pkttype != PKT_USER_ID )
                continue;
            if ( !un->pkt->pkt.user_id->created )
@@ -1334,7 +1348,9 @@ check_sig_and_print( CTX c, KBNODE node )
            /* We want the textual user ID here */
            if ( un->pkt->pkt.user_id->attrib_data )
                continue;
-            
+
+           assert(pk);
+
             keyid_str[17] = 0; /* cut off the "[uncertain]" part */
             write_status_text_and_buffer (statno, keyid_str,
                                           un->pkt->pkt.user_id->name,
@@ -1346,7 +1362,12 @@ check_sig_and_print( CTX c, KBNODE node )
                       : _("Good signature from \""));
            print_utf8_string( log_stream(), un->pkt->pkt.user_id->name,
                                             un->pkt->pkt.user_id->len );
-           fputs("\"\n", log_stream() );
+           if(opt.verify_options&VERIFY_SHOW_VALIDITY)
+             fprintf(log_stream(),"\" [%s]\n",
+                     trust_value_to_string(get_validity(pk,
+                                                      un->pkt->pkt.user_id)));
+           else
+             fputs("\"\n", log_stream() );
             count++;
        }
        if( !count ) {  /* just in case that we have no valid textual
@@ -1390,10 +1411,7 @@ check_sig_and_print( CTX c, KBNODE node )
         /* If we have a good signature and already printed 
          * the primary user ID, print all the other user IDs */
         if ( count && !rc ) {
-           PKT_public_key *pk=NULL;
             for( un=keyblock; un; un = un->next ) {
-               if(un->pkt->pkttype==PKT_PUBLIC_KEY)
-                   pk=un->pkt->pkt.public_key;
                 if( un->pkt->pkttype != PKT_USER_ID )
                     continue;
                 if ( un->pkt->pkt.user_id->is_revoked )
@@ -1417,7 +1435,14 @@ check_sig_and_print( CTX c, KBNODE node )
                log_info(    _("                aka \""));
                 print_utf8_string( log_stream(), un->pkt->pkt.user_id->name,
                                                  un->pkt->pkt.user_id->len );
-                fputs("\"\n", log_stream() );
+
+               if(opt.verify_options&VERIFY_SHOW_VALIDITY)
+                 fprintf(log_stream(),"\" [%s]\n",
+                         trust_value_to_string(get_validity(pk,
+                                                            un->pkt->
+                                                            pkt.user_id)));
+               else
+                 fputs("\"\n", log_stream() );
             }
        }
        release_kbnode( keyblock );
@@ -1437,15 +1462,15 @@ check_sig_and_print( CTX c, KBNODE node )
 
        if( !rc && is_status_enabled() ) {
            /* print a status response with the fingerprint */
-           PKT_public_key *pk = m_alloc_clear( sizeof *pk );
+           PKT_public_key *vpk = m_alloc_clear( sizeof *vpk );
 
-           if( !get_pubkey( pk, sig->keyid ) ) {
+           if( !get_pubkey( vpk, sig->keyid ) ) {
                byte array[MAX_FINGERPRINT_LEN], *p;
                char buf[MAX_FINGERPRINT_LEN*4+90], *bufp;
                size_t i, n;
 
                 bufp = buf;
-               fingerprint_from_pk( pk, array, &n );
+               fingerprint_from_pk( vpk, array, &n );
                p = array;
                for(i=0; i < n ; i++, p++, bufp += 2)
                     sprintf(bufp, "%02X", *p );
@@ -1459,27 +1484,27 @@ check_sig_and_print( CTX c, KBNODE node )
                        sig->version,sig->pubkey_algo,sig->digest_algo,
                        sig->sig_class);
                 bufp = bufp + strlen (bufp);
-                if (!pk->is_primary) {
+                if (!vpk->is_primary) {
                    u32 akid[2];
  
-                   akid[0] = pk->main_keyid[0];
-                   akid[1] = pk->main_keyid[1];
-                   free_public_key (pk);
-                   pk = m_alloc_clear( sizeof *pk );
-                   if (get_pubkey (pk, akid)) {
+                   akid[0] = vpk->main_keyid[0];
+                   akid[1] = vpk->main_keyid[1];
+                   free_public_key (vpk);
+                   vpk = m_alloc_clear( sizeof *vpk );
+                   if (get_pubkey (vpk, akid)) {
                      /* impossible error, we simply return a zeroed out fpr */
                      n = MAX_FINGERPRINT_LEN < 20? MAX_FINGERPRINT_LEN : 20;
                      memset (array, 0, n);
                    }
                    else
-                     fingerprint_from_pk( pk, array, &n );
+                     fingerprint_from_pk( vpk, array, &n );
                 }
                p = array;
                for(i=0; i < n ; i++, p++, bufp += 2)
                     sprintf(bufp, "%02X", *p );
                write_status_text( STATUS_VALIDSIG, buf );
            }
-           free_public_key( pk );
+           free_public_key( vpk );
        }
 
        if( !rc )
index 7413ffb..b45525c 100644 (file)
@@ -234,9 +234,11 @@ struct {
 #define LIST_SHOW_VALIDITY   16
 #define LIST_SHOW_LONG_KEYID 32
 
-#define VERIFY_SHOW_PHOTOS    1
-#define VERIFY_SHOW_POLICY    2
-#define VERIFY_SHOW_NOTATION  4
-#define VERIFY_SHOW_KEYSERVER 8
+#define VERIFY_SHOW_PHOTOS      1
+#define VERIFY_SHOW_POLICY      2
+#define VERIFY_SHOW_NOTATION    4
+#define VERIFY_SHOW_KEYSERVER   8
+#define VERIFY_SHOW_VALIDITY   16
+#define VERIFY_SHOW_LONG_KEYID 32
 
 #endif /*G10_OPTIONS_H*/