diff options
| author | Werner Koch <wk@gnupg.org> | 2020-03-13 13:28:35 +0100 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2020-03-13 13:34:49 +0100 |
| commit | 865d485180240369a20d3be14d0c6499783df2b5 (patch) | |
| tree | a5f3a95e9d714517dabbc66987ee1f01cb65d55f /common/openpgpdefs.h | |
| parent | gpg: Add property "fpr" for use by --export-filter. (diff) | |
| download | gnupg2-865d485180240369a20d3be14d0c6499783df2b5.tar.xz gnupg2-865d485180240369a20d3be14d0c6499783df2b5.zip | |
gpg: New option --include-key-block.
* common/openpgpdefs.h (SIGSUBPKT_KEY_BLOCK): New.
* g10/gpg.c (oIncludeKeyBlock): New.
(opts): New option --include-key-block.
(main): Implement.
* g10/options.h (opt): New flag include_key_block.
* g10/parse-packet.c (dump_sig_subpkt): Support SIGSUBPKT_KEY_BLOCK.
(parse_one_sig_subpkt): Ditto.
(can_handle_critical): Ditto.
* g10/sign.c (mk_sig_subpkt_key_block): New.
(write_signature_packets): Call it for data signatures.
--
This patch adds support for a to be proposed OpenPGP ferature:
Introduce the Key Block subpacket to align OpenPGP with CMS.
This new subpacket may be used similar to the CertificateSet of
CMS (RFC-5652) and thus allows to start encrypted communication
after having received a signed message. In practice a stripped down
version of the key should be including having only the key material
and the self-signatures which are really useful and shall be used by
the recipient to reply encrypted.
#### Key Block
(1 octet with value 0, N octets of key data)
This subpacket MAY be used to convey key data along with a signature
of class 0x00, 0x01, or 0x02. It MUST contain the key used to create
the signature; either as the primary key or as a subkey. The key
SHOULD contain a primary or subkey capable of encryption and the
entire key must be a valid OpenPGP key including at least one User ID
packet and the corresponding self-signatures.
Implementations MUST ignore this subpacket if the first octet does not
have a value of zero or if the key data does not represent a valid
transferable public key.
GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'common/openpgpdefs.h')
| -rw-r--r-- | common/openpgpdefs.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/common/openpgpdefs.h b/common/openpgpdefs.h index 2962fe2d4..5ab45debd 100644 --- a/common/openpgpdefs.h +++ b/common/openpgpdefs.h @@ -120,6 +120,7 @@ typedef enum SIGSUBPKT_PREF_AEAD = 34, /* Preferred AEAD algorithms. */ SIGSUBPKT_ATTST_SIGS = 37, /* Attested Certifications. */ + SIGSUBPKT_KEY_BLOCK = 38, /* Entire key used. */ SIGSUBPKT_FLAG_CRITICAL = 128 } |