Home GnuPG
Diffusion GnuPG d57209553da7

sm: Lookup missing issuers first using authorityInfoAccess.

Description

sm: Lookup missing issuers first using authorityInfoAccess.

* sm/call-dirmngr.c (gpgsm_dirmngr_lookup): Add optional arg URL and
adjust all callers.
* sm/certchain.c (oidstr_caIssuers): New.
(struct find_up_store_certs_s): Add additional fields.
(find_up_store_certs_cb): Store the fingerprint.
(find_up_via_auth_info_access): New.
(find_up): Try the AIA URI first.

Note that --auto-issuer-key-retrieve is required to use that.

  • GnuPG-bug-id: T4898
  • Signed-off-by: Werner Koch <wk@gnupg.org>

Details

Provenance
wernerAuthored on Apr 16 2020, 6:01 PM
Parents
rG3b27c26241ee: dirmngr: Allow http URLs with "LOOKUP --url"
Branches
Unknown
Tags
Unknown
Tasks
T4898: auto import CA certs with authInfo.caIssuers