diff --git a/lang/cpp/src/gpgsignkeyeditinteractor.cpp b/lang/cpp/src/gpgsignkeyeditinteractor.cpp index 33ffbcfc..4b5d2749 100644 --- a/lang/cpp/src/gpgsignkeyeditinteractor.cpp +++ b/lang/cpp/src/gpgsignkeyeditinteractor.cpp @@ -1,362 +1,392 @@ /* gpgsignkeyeditinteractor.cpp - Edit Interactor to change the expiry time of an OpenPGP key Copyright (C) 2007 Klarälvdalens Datakonsult AB 2016 Bundesamt für Sicherheit in der Informationstechnik Software engineering by Intevation GmbH This file is part of GPGME++. GPGME++ is free software; you can redistribute it and/or modify it under the terms of the GNU Library General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. GPGME++ is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public License for more details. You should have received a copy of the GNU Library General Public License along with GPGME++; see the file COPYING.LIB. If not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ #ifdef HAVE_CONFIG_H #include "config.h" #endif #include "gpgsignkeyeditinteractor.h" #include "error.h" #include "key.h" #include #include #include #include #include #include using std::strcmp; // avoid conflict (msvc) #ifdef ERROR # undef ERROR #endif #ifdef _MSC_VER #undef snprintf #define snprintf _snprintf #endif using namespace GpgME; class GpgSignKeyEditInteractor::Private { public: Private(); std::string scratch; bool started; int options; std::vector userIDs; std::vector::const_iterator currentId, nextId; unsigned int checkLevel; bool dupeOk; Key key; + struct { + TrustSignatureTrust trust; + std::string depth; + std::string scope; + } trustSignature; const char *command() const { const bool local = (options & Exportable) == 0; const bool nonRevoc = options & NonRevocable; const bool trust = options & Trust; //TODO: check if all combinations are valid if (local && nonRevoc && trust) { return "ltnrsign"; } if (local && nonRevoc) { return "lnrsign"; } if (local && trust) { return "ltsign"; } if (local) { return "lsign"; } if (nonRevoc && trust) { return "tnrsign"; } if (nonRevoc) { return "nrsign"; } if (trust) { return "tsign"; } return "sign"; } bool signAll() const { return userIDs.empty(); } unsigned int nextUserID() { assert(nextId != userIDs.end()); currentId = nextId++; return currentUserID(); } bool allUserIDsListed() const { return nextId == userIDs.end(); } unsigned int currentUserID() const { assert(currentId != userIDs.end()); return *currentId + 1; } }; GpgSignKeyEditInteractor::Private::Private() : started(false), options(0), userIDs(), currentId(), nextId(), checkLevel(0), - dupeOk(false) + dupeOk(false), + trustSignature{TrustSignatureTrust::None, "0", {}} { } GpgSignKeyEditInteractor::GpgSignKeyEditInteractor() : EditInteractor(), d(new Private) { } GpgSignKeyEditInteractor::~GpgSignKeyEditInteractor() { delete d; } // work around --enable-final namespace GpgSignKeyEditInteractor_Private { enum SignKeyState { START = EditInteractor::StartState, COMMAND, UIDS_ANSWER_SIGN_ALL, UIDS_LIST_SEPARATELY, // all these free slots belong to UIDS_LIST_SEPARATELY, too // (we increase state() by one for each UID, so that action() is called) UIDS_LIST_SEPARATELY_DONE = 1000000, SET_EXPIRE, SET_CHECK_LEVEL, SET_TRUST_VALUE, SET_TRUST_DEPTH, SET_TRUST_REGEXP, CONFIRM, CONFIRM2, DUPE_OK, DUPE_OK2, QUIT, SAVE, ERROR = EditInteractor::ErrorState }; typedef std::map, SignKeyState> TransitionMap; } static const char *answer(bool b) { return b ? "Y" : "N"; } static GpgSignKeyEditInteractor_Private::TransitionMap makeTable() { using namespace GpgSignKeyEditInteractor_Private; TransitionMap tab; const unsigned int GET_BOOL = GPGME_STATUS_GET_BOOL; const unsigned int GET_LINE = GPGME_STATUS_GET_LINE; #define addEntry( s1, status, str, s2 ) tab[std::make_tuple( s1, status, str)] = s2 addEntry(START, GET_LINE, "keyedit.prompt", COMMAND); addEntry(COMMAND, GET_BOOL, "keyedit.sign_all.okay", UIDS_ANSWER_SIGN_ALL); addEntry(COMMAND, GET_BOOL, "sign_uid.okay", CONFIRM); addEntry(COMMAND, GET_BOOL, "sign_uid.local_promote_okay", CONFIRM2); addEntry(COMMAND, GET_BOOL, "sign_uid.dupe_okay", DUPE_OK); + addEntry(COMMAND, GET_LINE, "trustsig_prompt.trust_value", SET_TRUST_VALUE); addEntry(UIDS_ANSWER_SIGN_ALL, GET_BOOL, "sign_uid.okay", CONFIRM); + addEntry(UIDS_ANSWER_SIGN_ALL, GET_BOOL, "sign_uid.dupe_okay", DUPE_OK); addEntry(UIDS_ANSWER_SIGN_ALL, GET_LINE, "sign_uid.expire", SET_EXPIRE); addEntry(UIDS_ANSWER_SIGN_ALL, GET_LINE, "sign_uid.class", SET_CHECK_LEVEL); - addEntry(SET_TRUST_VALUE, GET_LINE, "trustsign_prompt.trust_depth", SET_TRUST_DEPTH); - addEntry(SET_TRUST_DEPTH, GET_LINE, "trustsign_prompt.trust_regexp", SET_TRUST_REGEXP); - addEntry(SET_TRUST_REGEXP, GET_LINE, "sign_uid.okay", CONFIRM); + addEntry(UIDS_ANSWER_SIGN_ALL, GET_LINE, "trustsig_prompt.trust_value", SET_TRUST_VALUE); + addEntry(SET_TRUST_VALUE, GET_LINE, "trustsig_prompt.trust_depth", SET_TRUST_DEPTH); + addEntry(SET_TRUST_DEPTH, GET_LINE, "trustsig_prompt.trust_regexp", SET_TRUST_REGEXP); + addEntry(SET_TRUST_REGEXP, GET_BOOL, "sign_uid.okay", CONFIRM); addEntry(SET_CHECK_LEVEL, GET_BOOL, "sign_uid.okay", CONFIRM); addEntry(SET_EXPIRE, GET_BOOL, "sign_uid.class", SET_CHECK_LEVEL); addEntry(CONFIRM, GET_BOOL, "sign_uid.local_promote_okay", CONFIRM); addEntry(DUPE_OK, GET_BOOL, "sign_uid.okay", CONFIRM); addEntry(DUPE_OK2, GET_BOOL, "sign_uid.okay", CONFIRM); + addEntry(DUPE_OK, GET_LINE, "trustsig_prompt.trust_value", SET_TRUST_VALUE); + addEntry(DUPE_OK2, GET_LINE, "trustsig_prompt.trust_value", SET_TRUST_VALUE); addEntry(CONFIRM, GET_BOOL, "sign_uid.okay", CONFIRM); addEntry(CONFIRM2, GET_BOOL, "sign_uid.okay", CONFIRM); addEntry(CONFIRM, GET_LINE, "keyedit.prompt", COMMAND); - addEntry(CONFIRM, GET_LINE, "trustsign_prompt.trust_value", SET_TRUST_VALUE); + addEntry(CONFIRM, GET_LINE, "trustsig_prompt.trust_value", SET_TRUST_VALUE); addEntry(CONFIRM, GET_LINE, "sign_uid.expire", SET_EXPIRE); addEntry(CONFIRM, GET_LINE, "sign_uid.class", SET_CHECK_LEVEL); addEntry(UIDS_LIST_SEPARATELY_DONE, GET_BOOL, "sign_uid.local_promote_okay", CONFIRM); addEntry(UIDS_LIST_SEPARATELY_DONE, GET_LINE, "keyedit.prompt", COMMAND); - addEntry(UIDS_LIST_SEPARATELY_DONE, GET_LINE, "trustsign_prompt.trust_value", SET_TRUST_VALUE); + addEntry(UIDS_LIST_SEPARATELY_DONE, GET_LINE, "trustsig_prompt.trust_value", SET_TRUST_VALUE); addEntry(UIDS_LIST_SEPARATELY_DONE, GET_LINE, "sign_uid.expire", SET_EXPIRE); addEntry(UIDS_LIST_SEPARATELY_DONE, GET_LINE, "sign_uid.class", SET_CHECK_LEVEL); addEntry(UIDS_LIST_SEPARATELY_DONE, GET_BOOL, "sign_uid.okay", CONFIRM); addEntry(UIDS_LIST_SEPARATELY_DONE, GET_BOOL, "sign_uid.dupe_okay", DUPE_OK); addEntry(DUPE_OK, GET_BOOL, "sign_uid.dupe_okay", DUPE_OK2); addEntry(DUPE_OK2, GET_BOOL, "sign_uid.dupe_okay", DUPE_OK); addEntry(CONFIRM, GET_LINE, "keyedit.prompt", QUIT); addEntry(ERROR, GET_LINE, "keyedit.prompt", QUIT); addEntry(QUIT, GET_BOOL, "keyedit.save.okay", SAVE); #undef addEntry return tab; } const char *GpgSignKeyEditInteractor::action(Error &err) const { static const char check_level_strings[][2] = { "0", "1", "2", "3" }; using namespace GpgSignKeyEditInteractor_Private; using namespace std; switch (const unsigned int st = state()) { case COMMAND: return d->command(); case UIDS_ANSWER_SIGN_ALL: return answer(d->signAll()); case UIDS_LIST_SEPARATELY_DONE: return d->command(); case SET_EXPIRE: return answer(true); case SET_TRUST_VALUE: - // TODO + return d->trustSignature.trust == TrustSignatureTrust::Partial ? "1" : "2"; case SET_TRUST_DEPTH: - //TODO + return d->trustSignature.depth.c_str(); case SET_TRUST_REGEXP: - //TODO - return nullptr; + return d->trustSignature.scope.c_str(); case SET_CHECK_LEVEL: return check_level_strings[d->checkLevel]; case DUPE_OK: case DUPE_OK2: return answer(d->dupeOk); case CONFIRM2: case CONFIRM: return answer(true); case QUIT: return "quit"; case SAVE: return answer(true); default: if (st >= UIDS_LIST_SEPARATELY && st < UIDS_LIST_SEPARATELY_DONE) { std::stringstream ss; auto nextID = d->nextUserID(); const char *hash; assert (nextID); if (!d->key.isNull() && (hash = d->key.userID(nextID - 1).uidhash())) { /* Prefer uidhash if it is available as it might happen * that uidattrs break the ordering of the uids in the * edit-key interface */ ss << "uid " << hash; } else { ss << nextID; } d->scratch = ss.str(); return d->scratch.c_str(); } // fall through case ERROR: err = Error::fromCode(GPG_ERR_GENERAL); return nullptr; } } unsigned int GpgSignKeyEditInteractor::nextState(unsigned int status, const char *args, Error &err) const { d->started = true; using namespace GpgSignKeyEditInteractor_Private; static const Error GENERAL_ERROR = Error::fromCode(GPG_ERR_GENERAL); //static const Error INV_TIME_ERROR = Error::fromCode( GPG_ERR_INV_TIME ); static const TransitionMap table(makeTable()); if (needsNoResponse(status)) { return state(); } using namespace GpgSignKeyEditInteractor_Private; //lookup transition in map const TransitionMap::const_iterator it = table.find(std::make_tuple(static_cast(state()), status, std::string(args))); if (it != table.end()) { return it->second; } //handle cases that cannot be handled via the map switch (const unsigned int st = state()) { case UIDS_ANSWER_SIGN_ALL: if (status == GPGME_STATUS_GET_LINE && strcmp(args, "keyedit.prompt") == 0) { if (!d->signAll()) { return UIDS_LIST_SEPARATELY; } err = Error::fromCode(GPG_ERR_UNUSABLE_PUBKEY); return ERROR; } break; default: if (st >= UIDS_LIST_SEPARATELY && st < UIDS_LIST_SEPARATELY_DONE) { if (status == GPGME_STATUS_GET_LINE && strcmp(args, "keyedit.prompt") == 0) { return d->allUserIDsListed() ? UIDS_LIST_SEPARATELY_DONE : st + 1 ; } } break; case CONFIRM: case ERROR: err = lastError(); return ERROR; } err = GENERAL_ERROR; return ERROR; } void GpgSignKeyEditInteractor::setKey(const Key &key) { d->key = key; } void GpgSignKeyEditInteractor::setCheckLevel(unsigned int checkLevel) { assert(!d->started); assert(checkLevel <= 3); d->checkLevel = checkLevel; } void GpgSignKeyEditInteractor::setUserIDsToSign(const std::vector &userIDsToSign) { assert(!d->started); d->userIDs = userIDsToSign; d->nextId = d->userIDs.begin(); d->currentId = d->userIDs.end(); } void GpgSignKeyEditInteractor::setSigningOptions(int options) { assert(!d->started); d->options = options; } void GpgSignKeyEditInteractor::setDupeOk(bool value) { assert(!d->started); d->dupeOk = value; } + +void GpgSignKeyEditInteractor::setTrustSignatureTrust(GpgME::TrustSignatureTrust trust) +{ + assert(!d->started); + assert(trust != TrustSignatureTrust::None); + d->trustSignature.trust = trust; +} + +void GpgSignKeyEditInteractor::setTrustSignatureDepth(unsigned short depth) +{ + assert(!d->started); + assert(depth <= 255); + d->trustSignature.depth = std::to_string(depth); +} + +void GpgSignKeyEditInteractor::setTrustSignatureScope(const std::string &scope) +{ + assert(!d->started); + d->trustSignature.scope = scope; +} diff --git a/lang/cpp/src/gpgsignkeyeditinteractor.h b/lang/cpp/src/gpgsignkeyeditinteractor.h index d4596876..889ed567 100644 --- a/lang/cpp/src/gpgsignkeyeditinteractor.h +++ b/lang/cpp/src/gpgsignkeyeditinteractor.h @@ -1,72 +1,77 @@ /* gpgsignkeyeditinteractor.h - Edit Interactor to change the owner trust of an OpenPGP key Copyright (C) 2008 Klarälvdalens Datakonsult AB 2016 Bundesamt für Sicherheit in der Informationstechnik Software engineering by Intevation GmbH This file is part of GPGME++. GPGME++ is free software; you can redistribute it and/or modify it under the terms of the GNU Library General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. GPGME++ is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public License for more details. You should have received a copy of the GNU Library General Public License along with GPGME++; see the file COPYING.LIB. If not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ #ifndef __GPGMEPP_GPGSIGNKEYEDITINTERACTOR_H__ #define __GPGMEPP_GPGSIGNKEYEDITINTERACTOR_H__ #include #include #include namespace GpgME { class Key; class UserID; +enum class TrustSignatureTrust : char; class GPGMEPP_EXPORT GpgSignKeyEditInteractor : public EditInteractor { public: enum SignOption { Exportable = 0x1, NonRevocable = 0x2, Trust = 0x4 }; GpgSignKeyEditInteractor(); ~GpgSignKeyEditInteractor(); void setCheckLevel(unsigned int checkLevel); void setUserIDsToSign(const std::vector &userIDsToSign); void setKey(const Key &key); void setSigningOptions(int options); /* Set this if it is ok to overwrite an existing signature. In that * case the context has to have the flag "extended-edit" set to 1 through * Context::setFlag before calling edit.*/ void setDupeOk(bool value); + void setTrustSignatureTrust(TrustSignatureTrust trust); + void setTrustSignatureDepth(unsigned short depth); + void setTrustSignatureScope(const std::string &scope); + private: const char *action(Error &err) const override; unsigned int nextState(unsigned int statusCode, const char *args, Error &err) const override; private: class Private; Private *const d; }; } // namespace GpgME #endif // __GPGMEPP_GPGSIGNKEYEDITINTERACTOR_H__