GnuPG is currently not able to create a non-exportable self-sig. If you try to do this, it gives an error:
WARNING: the signature will not be marked as non-exportable.
But: some people might never want their keys to be published to the public
keyservers, or have some User IDs that they keep locally that they do
not want to be transmitted via the keyserver network.
AIUI, keyservers should reject keys that do not have a self-signature.
Keyservers should also honor the "non-exportable" marker by rejecting
OpenPGP certification packets that have the "exportable" subpacket
included and set to 0.
So the sensible thing for a keyholder who wants their key to stay off
the keyservers would be to issue a non-exportable self-signature.
The attached patch (against the 1.4.x branch, since that's what i'm in a
good position to test) allows a user comfortable with --expert mode to
add a non-exportable self-sig.
so the creation of such a key is possible with:
--gen-key
--expert --edit-key
uid 1 # select uids that you do not want distributed
lsign
delsig # remove all signatures not marked non-exportable
this obviously isn't a great workflow, but with this patch it is at
least possible.
--dkg
commit 28de238a44205cb7ede822da2aac509f472386b5
Author: Daniel Kahn Gillmor <d...@fifthhorseman.net>
Date: Thu Sep 12 18:29:52 2013 -0400
enable the creation of non-exportable self-sigs
This supports (only via --expert mode at the moment) the use case of
someone who does not want a particular User ID (or an entire key) to
be shared on the public keyservers.
Note that this change modifies the expected parameter that is passed
to keygen_add_std_prefs. This was modified everywhere it is used.
diff --git a/g10/keyedit.c b/g10/keyedit.c
index c47fd0f..031f7b3 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -98,13 +98,6 @@ static int update_trust=0;
#define NODFLG_SELKEY (1<<9) /* indicate the selected key */
#define NODFLG_SELSIG (1<<10) /* indicate a selected signature */
-struct sign_attrib {
- int non_exportable,non_revocable;
- struct revocation_reason_info *reason;
- byte trust_depth,trust_value;
- char *trust_regexp;
-};
-
#ifdef ENABLE_CARD_SUPPORT
/* Given a node SEC_NODE with a secret key or subkey, locate the
@@ -959,8 +952,7 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
{
tty_printf("\n");
tty_printf(
- _("WARNING: the signature will not be marked "
- "as non-exportable.\n"));
+ _("The signature will be marked as non-exportable.\n"));
}
if( nonrevocable )
@@ -1025,6 +1017,7 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
PACKET *pkt;
PKT_signature *sig;
struct sign_attrib attrib;
+ struct std_prefs_data data;
assert( primary_pk );
memset( &attrib, 0, sizeof attrib );
@@ -1040,14 +1033,16 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
* subpacket with v3 keys and the signature becomes
* exportable */
- if(selfsig)
+ if(selfsig) {
+ data.pk = primary_pk;
+ data.attrib = &attrib;
rc = make_keysig_packet( &sig, primary_pk,
node->pkt->pkt.user_id,
NULL,
sk,
0x13, 0, force_v4?4:0, 0, 0,
- keygen_add_std_prefs, primary_pk);
- else
+ keygen_add_std_prefs, &data);
+ } else
rc = make_keysig_packet( &sig, primary_pk,
node->pkt->pkt.user_id,
NULL,
@@ -2965,6 +2960,7 @@ menu_adduid( KBNODE pub_keyblock, KBNODE sec_keyblock,
KBNODE node;
KBNODE pub_where=NULL, sec_where=NULL;
int rc;
+ struct std_prefs_data data;
for( node = pub_keyblock; node; pub_where = node, node = node->next ) {
if( node->pkt->pkttype == PKT_PUBLIC_KEY )
@@ -3027,8 +3023,10 @@ menu_adduid( KBNODE pub_keyblock, KBNODE sec_keyblock,
if( !uid )
return 0;
+ data.pk = pk;
+ data.attrib = NULL;
rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x13, 0, 0, 0, 0,
- keygen_add_std_prefs, pk );
+ keygen_add_std_prefs, &data );
free_secret_key( sk );
if( rc ) {
log_error("signing failed: %s\n", g10_errstr(rc) );
diff --git a/g10/keygen.c b/g10/keygen.c
index 8353f36..7df8442 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -688,13 +688,24 @@ keygen_upd_std_prefs( PKT_signature *sig, void *opaque )
int
keygen_add_std_prefs( PKT_signature *sig, void *opaque )
{
- PKT_public_key *pk = opaque;
+ struct std_prefs_data *data = opaque;
+ PKT_public_key *pk = data->pk;
+ byte buf[1];
do_add_key_flags (sig, pk->pubkey_usage);
keygen_add_key_expire( sig, opaque );
keygen_upd_std_prefs (sig, opaque);
keygen_add_keyserver_url(sig,NULL);
+ /* we only support the non_exportable attribute at the moment. If
+ there are other attributes we'd like to support, they should be
+ added here.
+ */
+ if( data->attrib && data->attrib->non_exportable ) {
+ buf[0] = 0; /* not exportable */
+ build_sig_subpkt( sig, SIGSUBPKT_EXPORTABLE, buf, 1 );
+ }
+
return 0;
}
@@ -928,6 +939,7 @@ write_selfsigs (KBNODE sec_root, KBNODE pub_root, PKT_secret_key *sk,
int rc=0;
KBNODE node;
PKT_public_key *pk;
+ struct std_prefs_data data;
if( opt.verbose )
log_info(_("writing self signature\n"));
@@ -948,9 +960,11 @@ write_selfsigs (KBNODE sec_root, KBNODE pub_root, PKT_secret_key *sk,
cache_public_key (pk);
/* and make the signature */
+ data.pk = pk;
+ data.attrib = NULL;
rc = make_keysig_packet (&sig, pk, uid, NULL, sk, 0x13,
0, 0, timestamp, 0,
- keygen_add_std_prefs, pk);
+ keygen_add_std_prefs, &data);
if( rc ) {
log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );
return rc;
diff --git a/g10/main.h b/g10/main.h
index 784ade0..ac1443f 100644
--- a/g10/main.h
+++ b/g10/main.h
@@ -53,6 +53,19 @@ struct groupitem
struct groupitem *next;
};
+struct sign_attrib {
+ int non_exportable,non_revocable;
+ struct revocation_reason_info *reason;
+ byte trust_depth,trust_value;
+ char *trust_regexp;
+};
+
+struct std_prefs_data
+{
+ PKT_public_key *pk;
+ struct sign_attrib *attrib;
+};
+
/*-- gpg.c --*/
extern int g10_errors_seen;
pgpcR4n4boQb_.pgp
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
