Ensure GPG key is trusted. See #340

2024-06-19 02:22:42 +00:00 · 2019-06-27 19:58:58 +01:00 · 2019-06-27 19:58:58 +01:00 · 6b4bd69dbc
commit 6b4bd69dbc
parent 0e9fe51b50
2 changed files with 13 additions and 1 deletions
--- a/extras/test/20_recipients.sh
+++ b/extras/test/20_recipients.sh
@ -48,4 +48,10 @@ test_expect_success 'Testing tomb with GnuPG keys and shared tomb' '
    tt_close
    '

+test_export "untrusted"
+test_expect_success 'Testing tomb creation with untrusted GnuPG keys' '
+    tt_dig -s 20 &&
+    test_must_fail tt_forge -g -r $KEY_UNTRUSTED
+    '
+
 test_done
--- a/8
+++ b/8
@ -953,16 +953,22 @@ _ensure_dependencies() {
 is_valid_recipients() {
 	typeset -a recipients
 	recipients=($@)
+	trusted=(m f u w s)

 	_verbose "is_valid_recipients"

 	# All the keys ID must be valid (the public keys must be present in the database)
 	for gpg_id in ${recipients[@]}; do
-		gpg --with-colons --batch --list-keys "$gpg_id" &> /dev/null
+		trust="$(gpg --with-colons --batch --list-keys "$gpg_id" 2> /dev/null |
+				 	awk 'BEGIN { FS=":" } /^pub/ { print $2; exit}')"
 		[[ $? != 0 ]] && {
 			_warning "Not a valid GPG key ID: ::1 gpgid:: " $gpg_id
 			return 1
 		}
+		[[ ${trusted[(r)$trust]} != $trust ]] && {
+			_warning "The key ::1 gpgid:: is not trusted enough" $gpg_id
+			return 1
+		}
 	done

 	# At least one private key must be present