Commit 670728a2 authored by Ingo Klöcker's avatar Ingo Klöcker
Browse files

Share generally useful helpers

Those helpers are not specific for revoking user IDs.

GnuPG-bug-id: 4087
parent 2cf60956
Pipeline #166806 passed with stage
in 3 minutes and 35 seconds
......@@ -97,6 +97,7 @@ set(_kleopatra_SRCS
utils/writecertassuantransaction.cpp
utils/keyparameters.cpp
utils/userinfo.cpp
utils/keys.cpp
selftest/selftest.cpp
selftest/enginecheck.cpp
......
......@@ -30,6 +30,7 @@
#include "commands/detailscommand.h"
#include "commands/dumpcertificatecommand.h"
#include "utils/keys.h"
#include "utils/tags.h"
#include <Libkleo/Formatting>
......@@ -655,22 +656,6 @@ void CertificateDetailsWidget::Private::publishCertificate()
namespace
{
bool isSelfSignature(const GpgME::UserID::Signature &signature)
{
return !qstrcmp(signature.parent().parent().keyID(), signature.signerKeyID());
}
bool isRevokedOrExpired(const GpgME::UserID &userId)
{
const auto sigs = userId.signatures();
std::vector<GpgME::UserID::Signature> selfSigs;
std::copy_if(std::begin(sigs), std::end(sigs), std::back_inserter(selfSigs), &isSelfSignature);
std::sort(std::begin(selfSigs), std::end(selfSigs));
// check the most recent signature
const auto sig = !selfSigs.empty() ? selfSigs.back() : GpgME::UserID::Signature{};
return !sig.isNull() && (sig.isRevokation() || sig.isExpired());
}
bool isLastValidUserID(const GpgME::UserID &userId)
{
if (isRevokedOrExpired(userId)) {
......@@ -684,14 +669,6 @@ bool isLastValidUserID(const GpgME::UserID &userId)
return numberOfValidUserIds == 1;
}
bool canCreateCertifications(const GpgME::Key &key)
{
// Note: Key::hasSecret() is also true for offline keys (i.e. keys with a secret key stub that are not stored on a card),
// but those keys cannot be used for certifications; therefore, we check whether the primary subkey has a proper secret key
// or whether its secret key is stored on a card, so that gpg can ask for the card.
return key.canCertify() && (key.subkey(0).isSecret() || key.subkey(0).isCardKey());
}
bool canRevokeUserID(const GpgME::UserID &userId)
{
const auto key = userId.parent();
......
/* -*- mode: c++; c-basic-offset:4 -*-
utils/keys.cpp
This file is part of Kleopatra, the KDE keymanager
SPDX-FileCopyrightText: 2022 g10 Code GmbH
SPDX-FileContributor: Ingo Klöcker <dev@ingo-kloecker.de>
SPDX-License-Identifier: GPL-2.0-or-later
*/
#include "keys.h"
#include <QByteArray>
#include <algorithm>
#include <iterator>
bool Kleo::isSelfSignature(const GpgME::UserID::Signature &signature)
{
return !qstrcmp(signature.parent().parent().keyID(), signature.signerKeyID());
}
bool Kleo::isRevokedOrExpired(const GpgME::UserID &userId)
{
const auto sigs = userId.signatures();
std::vector<GpgME::UserID::Signature> selfSigs;
std::copy_if(std::begin(sigs), std::end(sigs), std::back_inserter(selfSigs), &Kleo::isSelfSignature);
std::sort(std::begin(selfSigs), std::end(selfSigs));
// check the most recent signature
const auto sig = !selfSigs.empty() ? selfSigs.back() : GpgME::UserID::Signature{};
return !sig.isNull() && (sig.isRevokation() || sig.isExpired());
}
bool Kleo::canCreateCertifications(const GpgME::Key &key)
{
// Key::hasSecret() is also true for offline keys (i.e. keys with a secret key stub that are not stored on a card),
// but those keys cannot be used for certifications; therefore, we check whether the primary subkey has a proper secret key
// or whether its secret key is stored on a card, so that gpg can ask for the card.
return key.canCertify() && (key.subkey(0).isSecret() || key.subkey(0).isCardKey());
}
/* -*- mode: c++; c-basic-offset:4 -*-
utils/keys.h
This file is part of Kleopatra, the KDE keymanager
SPDX-FileCopyrightText: 2022 g10 Code GmbH
SPDX-FileContributor: Ingo Klöcker <dev@ingo-kloecker.de>
SPDX-License-Identifier: GPL-2.0-or-later
*/
#pragma once
#include <gpgme++/key.h>
namespace Kleo
{
/** Returns true if \p signature is a self-signature. */
bool isSelfSignature(const GpgME::UserID::Signature &signature);
/**
* Returns true if the most recent self-signature of \p userId is a revocation
* signature or if it has expired.
*/
bool isRevokedOrExpired(const GpgME::UserID &userId);
/**
* Returns true if \p key can be used to certify user IDs, i.e. if the key
* has the required capability and if the secret key of the (primary)
* certification subkey is available in the keyring or on a smart card.
*
* \note Key::hasSecret() also returns true if a secret key stub, e.g. of an
* offline key, is available in the keyring.
*/
bool canCreateCertifications(const GpgME::Key &key);
}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment