summaryrefslogtreecommitdiffstats
path: root/g10/gpg.c
diff options
context:
space:
mode:
Diffstat (limited to 'g10/gpg.c')
-rw-r--r--g10/gpg.c140
1 files changed, 140 insertions, 0 deletions
diff --git a/g10/gpg.c b/g10/gpg.c
index 39cc2e5bf..ada913c0a 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -59,6 +59,7 @@
#include "gc-opt-flags.h"
#include "asshelp.h"
#include "call-dirmngr.h"
+#include "tofu.h"
#include "../common/init.h"
#include "../common/shareddefs.h"
@@ -162,6 +163,7 @@ enum cmd_and_opt_values
aChangePIN,
aPasswd,
aServer,
+ aTOFUPolicy,
oTextmode,
oNoTextmode,
@@ -385,6 +387,8 @@ enum cmd_and_opt_values
oNoAutostart,
oPrintPKARecords,
oPrintDANERecords,
+ oTOFUDefaultPolicy,
+ oTOFUDBFormat,
oNoop
};
@@ -475,6 +479,8 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_c (aPrimegen, "gen-prime", "@" ),
ARGPARSE_c (aGenRandom,"gen-random", "@" ),
ARGPARSE_c (aServer, "server", N_("run in server mode")),
+ ARGPARSE_c (aTOFUPolicy, "tofu-policy",
+ N_("|VALUE|set the TOFU policy for a key (good, unknown, bad, ask, auto)")),
ARGPARSE_group (301, N_("@\nOptions:\n ")),
@@ -670,6 +676,8 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_i (oDefCertLevel, "default-cert-check-level", "@"), /* old */
ARGPARSE_s_n (oAlwaysTrust, "always-trust", "@"),
ARGPARSE_s_s (oTrustModel, "trust-model", "@"),
+ ARGPARSE_s_s (oTOFUDefaultPolicy, "tofu-default-policy", "@"),
+ ARGPARSE_s_s (oTOFUDBFormat, "tofu-db-format", "@"),
ARGPARSE_s_s (oSetFilename, "set-filename", "@"),
ARGPARSE_s_n (oForYourEyesOnly, "for-your-eyes-only", "@"),
ARGPARSE_s_n (oNoForYourEyesOnly, "no-for-your-eyes-only", "@"),
@@ -1939,6 +1947,10 @@ parse_trust_model(const char *model)
opt.trust_model=TM_ALWAYS;
else if(ascii_strcasecmp(model,"direct")==0)
opt.trust_model=TM_DIRECT;
+ else if(ascii_strcasecmp(model,"tofu")==0)
+ opt.trust_model=TM_TOFU;
+ else if(ascii_strcasecmp(model,"tofu+pgp")==0)
+ opt.trust_model=TM_TOFU_PGP;
else if(ascii_strcasecmp(model,"auto")==0)
opt.trust_model=TM_AUTO;
else
@@ -1946,6 +1958,41 @@ parse_trust_model(const char *model)
}
#endif /*NO_TRUST_MODELS*/
+static int
+parse_tofu_policy (const char *policy)
+{
+ if (ascii_strcasecmp (policy, "auto") == 0)
+ return TOFU_POLICY_AUTO;
+ else if (ascii_strcasecmp (policy, "good") == 0)
+ return TOFU_POLICY_GOOD;
+ else if (ascii_strcasecmp (policy, "unknown") == 0)
+ return TOFU_POLICY_UNKNOWN;
+ else if (ascii_strcasecmp (policy, "bad") == 0)
+ return TOFU_POLICY_BAD;
+ else if (ascii_strcasecmp (policy, "ask") == 0)
+ return TOFU_POLICY_ASK;
+ else
+ {
+ log_error (_("unknown TOFU policy '%s'\n"), policy);
+ g10_exit (1);
+ }
+}
+
+static int
+parse_tofu_db_format (const char *db_format)
+{
+ if (ascii_strcasecmp (db_format, "auto") == 0)
+ return TOFU_DB_AUTO;
+ else if (ascii_strcasecmp (db_format, "split") == 0)
+ return TOFU_DB_SPLIT;
+ else if (ascii_strcasecmp (db_format, "flat") == 0)
+ return TOFU_DB_FLAT;
+ else
+ {
+ log_error (_("unknown TOFU DB format '%s'\n"), db_format);
+ g10_exit (1);
+ }
+}
/* This fucntion called to initialized a new control object. It is
assumed that this object has been zeroed out before calling this
@@ -2150,6 +2197,8 @@ main (int argc, char **argv)
#else
opt.trust_model = TM_AUTO;
#endif
+ opt.tofu_default_policy = TOFU_POLICY_AUTO;
+ opt.tofu_db_format = TOFU_DB_AUTO;
opt.mangle_dos_filenames = 0;
opt.min_cert_level = 2;
set_screen_dimensions ();
@@ -2372,6 +2421,10 @@ main (int argc, char **argv)
opt.batch = 1;
break;
+ case aTOFUPolicy:
+ set_cmd (&cmd, pargs.r_opt);
+ break;
+
case oArmor: opt.armor = 1; opt.no_armor=0; break;
case oOutput: opt.outfile = pargs.r.ret_str; break;
case oMaxOutput: opt.max_output = pargs.r.ret_ulong; break;
@@ -2553,6 +2606,12 @@ main (int argc, char **argv)
parse_trust_model(pargs.r.ret_str);
break;
#endif /*!NO_TRUST_MODELS*/
+ case oTOFUDefaultPolicy:
+ opt.tofu_default_policy = parse_tofu_policy (pargs.r.ret_str);
+ break;
+ case oTOFUDBFormat:
+ opt.tofu_db_format = parse_tofu_db_format (pargs.r.ret_str);
+ break;
case oForceOwnertrust:
log_info(_("Note: %s is not for normal use!\n"),
@@ -4351,6 +4410,87 @@ main (int argc, char **argv)
gcry_control (GCRYCTL_PRINT_CONFIG, stdout);
break;
+ case aTOFUPolicy:
+ {
+ int policy;
+ int i;
+ KEYDB_HANDLE hd;
+
+ if (argc < 2)
+ wrong_args("--tofu-policy POLICY KEYID [KEYID...]");
+
+ policy = parse_tofu_policy (argv[0]);
+
+ hd = keydb_new ();
+ if (! hd)
+ {
+ log_error (_("Failed to open the keyring DB.\n"));
+ g10_exit (1);
+ }
+
+ for (i = 1; i < argc; i ++)
+ {
+ KEYDB_SEARCH_DESC desc;
+ kbnode_t kb;
+
+ rc = classify_user_id (argv[i], &desc, 0);
+ if (rc)
+ {
+ log_error (_("Failed to parse '%s'.\n"), argv[i]);
+ g10_exit (1);
+ }
+
+ if (! (desc.mode == KEYDB_SEARCH_MODE_SHORT_KID
+ || desc.mode == KEYDB_SEARCH_MODE_LONG_KID
+ || desc.mode == KEYDB_SEARCH_MODE_FPR16
+ || desc.mode == KEYDB_SEARCH_MODE_FPR20
+ || desc.mode == KEYDB_SEARCH_MODE_FPR
+ || desc.mode == KEYDB_SEARCH_MODE_KEYGRIP))
+ {
+ log_error (_("'%s' does not appear to be a valid"
+ " key id, fingerprint or key grip.\n"),
+ argv[i]);
+ g10_exit (1);
+ }
+
+ rc = keydb_search_reset (hd);
+ if (rc)
+ {
+ log_error (_("Failed to reset keyring handle.\n"));
+ g10_exit (1);
+ }
+
+ rc = keydb_search (hd, &desc, 1, NULL);
+ if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY)
+ {
+ log_error (_("Key '%s' is not available\n"), argv[i]);
+ g10_exit (1);
+ }
+ else if (rc)
+ {
+ log_error (_("Failed to find key '%s'\n"), argv[i]);
+ g10_exit (1);
+ }
+
+ rc = keydb_get_keyblock (hd, &kb);
+ if (rc)
+ {
+ log_error (_("Failed to read key '%s' from the keyring\n"),
+ argv[i]);
+ g10_exit (1);
+ }
+
+ merge_keys_and_selfsig (kb);
+
+ if (tofu_set_policy (kb, policy))
+ g10_exit (1);
+ }
+
+ keydb_release (hd);
+
+ }
+ break;
+
case aListPackets:
opt.list_packets=2;
default: