diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 16:14:06 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 16:14:06 +0000 |
commit | eee068778cb28ecf3c14e1bf843a95547d72c42d (patch) | |
tree | 0e07b30ddc5ea579d682d5dbe57998200d1c9ab7 /g10/trustdb.h | |
parent | Initial commit. (diff) | |
download | gnupg2-eee068778cb28ecf3c14e1bf843a95547d72c42d.tar.xz gnupg2-eee068778cb28ecf3c14e1bf843a95547d72c42d.zip |
Adding upstream version 2.2.40.upstream/2.2.40
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r-- | g10/trustdb.h | 135 |
1 files changed, 135 insertions, 0 deletions
diff --git a/g10/trustdb.h b/g10/trustdb.h new file mode 100644 index 0000000..595f8b2 --- /dev/null +++ b/g10/trustdb.h @@ -0,0 +1,135 @@ +/* trustdb.h - Trust database + * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, + * 2005, 2012 Free Software Foundation, Inc. + * + * This file is part of GnuPG. + * + * GnuPG is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * GnuPG is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see <https://www.gnu.org/licenses/>. + */ + +#ifndef G10_TRUSTDB_H +#define G10_TRUSTDB_H + +/* Trust values must be sorted in ascending order! */ +#define TRUST_MASK 15 +#define TRUST_UNKNOWN 0 /* o: not yet calculated/assigned */ +#define TRUST_EXPIRED 1 /* e: calculation may be invalid */ +#define TRUST_UNDEFINED 2 /* q: not enough information for calculation */ +#define TRUST_NEVER 3 /* n: never trust this pubkey */ +#define TRUST_MARGINAL 4 /* m: marginally trusted */ +#define TRUST_FULLY 5 /* f: fully trusted */ +#define TRUST_ULTIMATE 6 /* u: ultimately trusted */ +/* Trust values not covered by the mask. */ +#define TRUST_FLAG_REVOKED 32 /* r: revoked */ +#define TRUST_FLAG_SUB_REVOKED 64 /* r: revoked but for subkeys */ +#define TRUST_FLAG_DISABLED 128 /* d: key/uid disabled */ +#define TRUST_FLAG_PENDING_CHECK 256 /* a check-trustdb is pending */ +#define TRUST_FLAG_TOFU_BASED 512 /* The trust value is based on + * the TOFU information. */ + +/* Private value used in tofu.c - must be different from the trust + values. */ +#define _tofu_GET_TRUST_ERROR 100 + +/* Length of the hash used to select UIDs in keyedit.c. */ +#define NAMEHASH_LEN 20 + + +/*-- trust.c --*/ +int cache_disabled_value (ctrl_t ctrl, PKT_public_key *pk); +void register_trusted_keyid (u32 *keyid); +void register_trusted_key (const char *string); + +const char *trust_value_to_string (unsigned int value); +int string_to_trust_value (const char *str); +const char *uid_trust_string_fixed (ctrl_t ctrl, + PKT_public_key *key, PKT_user_id *uid); + +unsigned int get_ownertrust (ctrl_t ctrl, PKT_public_key *pk); +void update_ownertrust (ctrl_t ctrl, + PKT_public_key *pk, unsigned int new_trust); +int clear_ownertrusts (ctrl_t ctrl, PKT_public_key *pk); + +void revalidation_mark (ctrl_t ctrl); +void check_trustdb_stale (ctrl_t ctrl); +void check_or_update_trustdb (ctrl_t ctrl); + +unsigned int get_validity (ctrl_t ctrl, kbnode_t kb, PKT_public_key *pk, + PKT_user_id *uid, + PKT_signature *sig, int may_ask); +int get_validity_info (ctrl_t ctrl, kbnode_t kb, PKT_public_key *pk, + PKT_user_id *uid); +const char *get_validity_string (ctrl_t ctrl, + PKT_public_key *pk, PKT_user_id *uid); + + +/*-- trustdb.c --*/ +void tdb_register_trusted_key (const char *string); +/* Returns whether KID is on the list of ultimately trusted keys. */ +int tdb_keyid_is_utk (u32 *kid); +/* Return the list of ultimately trusted keys. The caller must not + * modify this list nor must it free the list. */ +struct key_item *tdb_utks (void); +void tdb_update_utk (u32 *kid, int add); +void check_trustdb (ctrl_t ctrl); +void update_trustdb (ctrl_t ctrl); +int setup_trustdb( int level, const char *dbname ); +void how_to_fix_the_trustdb (void); +const char *trust_model_string (int model); +gpg_error_t init_trustdb (ctrl_t ctrl, int no_create); +int have_trustdb (ctrl_t ctrl); +void tdb_check_trustdb_stale (ctrl_t ctrl); +void tdb_revalidation_mark (ctrl_t ctrl); +int trustdb_pending_check(void); +void tdb_check_or_update (ctrl_t ctrl); + +int tdb_cache_disabled_value (ctrl_t ctrl, PKT_public_key *pk); + +unsigned int tdb_get_validity_core (ctrl_t ctrl, kbnode_t kb, + PKT_public_key *pk, PKT_user_id *uid, + PKT_public_key *main_pk, + PKT_signature *sig, int may_ask); + +void list_trust_path( const char *username ); +int enum_cert_paths( void **context, ulong *lid, + unsigned *ownertrust, unsigned *validity ); +void enum_cert_paths_print( void **context, FILE *fp, + int refresh, ulong selected_lid ); + +void read_trust_options (ctrl_t ctrl, byte *trust_model, + ulong *created, ulong *nextcheck, + byte *marginals, byte *completes, byte *cert_depth, + byte *min_cert_level); + +unsigned int tdb_get_ownertrust (ctrl_t ctrl, PKT_public_key *pk, + int no_create); +unsigned int tdb_get_min_ownertrust (ctrl_t ctrl, PKT_public_key *pk, + int no_create); +int get_ownertrust_info (ctrl_t ctrl, PKT_public_key *pk, int no_create); +const char *get_ownertrust_string (ctrl_t ctrl, + PKT_public_key *pk, int no_create); + +void tdb_update_ownertrust (ctrl_t ctrl, PKT_public_key *pk, + unsigned int new_trust, int as_trusted_key); +int tdb_clear_ownertrusts (ctrl_t ctrl, PKT_public_key *pk); + +/*-- tdbdump.c --*/ +void list_trustdb (ctrl_t ctrl, estream_t fp, const char *username); +void export_ownertrust (ctrl_t ctrl); +void import_ownertrust (ctrl_t ctrl, const char *fname); + +/*-- pkclist.c --*/ +int edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode); + +#endif /*G10_TRUSTDB_H*/ |