[PATCH 2/2] with-fingerprint is automatic, and none is default keyid-format
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Thu Jan 28 00:07:02 CET 2016
---
doc/DETAILS | 4 ++--
doc/gpg.texi | 16 +++++++++-------
g10/gpg.c | 3 +--
g10/keyid.c | 4 ++--
g10/options.h | 1 -
g10/pkclist.c | 12 ++++--------
6 files changed, 18 insertions(+), 22 deletions(-)
diff --git a/doc/DETAILS b/doc/DETAILS
index 7d5a5a8..7bab5cd 100644
--- a/doc/DETAILS
+++ b/doc/DETAILS
@@ -20,7 +20,7 @@ parts of the external API for GPG and GPGSM.
example:
#+begin_example
$ gpg --with-colons --list-keys \
- --with-fingerprint --with-fingerprint wk at gnupg.org
+ --with-fingerprint wk at gnupg.org
pub:f:1024:17:6C7EE1B8621CC013:899817715:1055898235::m:::scESC:
fpr:::::::::ECAF7590EB3443B5C7CF3ACB6C7EE1B8621CC013:
uid:f::::::::Werner Koch <wk at g10code.com>:
@@ -31,7 +31,7 @@ sub:r:1536:20:5CE086B5B5A18FF4:899817788:1025961788:::::esc:
fpr:::::::::AB059359A3B81F410FCFF97F5CE086B5B5A18FF4:
#+end_example
-The double =--with-fingerprint= prints the fingerprint for the subkeys
+The =--with-fingerprint= prints the fingerprint for the subkeys
too. Old versions of gpg used a slightly different format and required
the use of the option =--fixed-list-mode= to conform to the format
described here.
diff --git a/doc/gpg.texi b/doc/gpg.texi
index 40eb8db..8fbb778 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -309,12 +309,11 @@ be used to locate a key. Only public keys are listed.
@item --fingerprint
@opindex fingerprint
-List all keys (or the specified ones) along with their
-fingerprints. This is the same output as @option{--list-keys} but with
-the additional output of a line with the fingerprint. May also be
-combined with @option{--list-sigs} or @option{--check-sigs}. If this
-command is given twice, the fingerprints of all secondary keys are
-listed too.
+List all keys (or the specified ones) along with the fingerprints of
+their subkeys. This is the same output as @option{--list-keys} but
+with the additional output of a line with the fingerprint for each
+subkey. May also be combined with @option{--list-sigs} or
+ at option{--check-sigs}.
@item --list-packets
@opindex list-packets
@@ -1602,7 +1601,10 @@ Select how to display key IDs. "short" is the traditional 8-character
key ID. "long" is the more accurate (but less convenient)
16-character key ID. Add an "0x" to either to include an "0x" at the
beginning of the key ID, as in 0x99242560. Note that this option is
-ignored if the option --with-colons is used.
+ignored if the option --with-colons is used. The default is "none"
+because key IDs are rarely the best choice. For cryptographically
+strong unique identifiers, use the fingerprint. For human-memorable
+identifiers, use the User ID.
@item --keyserver @code{name}
@opindex keyserver
diff --git a/g10/gpg.c b/g10/gpg.c
index d660d47..699075b 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -2238,7 +2238,7 @@ main (int argc, char **argv)
opt.mangle_dos_filenames = 0;
opt.min_cert_level = 2;
set_screen_dimensions ();
- opt.keyid_format = KF_SHORT;
+ opt.fingerprint = 1;
opt.def_sig_expire = "0";
opt.def_cert_expire = "0";
set_homedir (default_homedir ());
@@ -2554,7 +2554,6 @@ main (int argc, char **argv)
break;
case oWithFingerprint:
- opt.with_fingerprint = 1;
opt.fingerprint++;
break;
case oWithICAOSpelling:
diff --git a/g10/keyid.c b/g10/keyid.c
index 0bbd05d..b02f046 100644
--- a/g10/keyid.c
+++ b/g10/keyid.c
@@ -284,7 +284,7 @@ format_keyid (u32 *keyid, int format, char *buffer, int len)
if (format == KF_DEFAULT)
format = opt.keyid_format;
if (format == KF_DEFAULT)
- format = KF_SHORT;
+ format = KF_NONE;
switch (format)
{
@@ -331,7 +331,7 @@ keystrlen(void)
{
int format = opt.keyid_format;
if (format == KF_DEFAULT)
- format = KF_SHORT;
+ format = KF_NONE;
switch(format)
{
diff --git a/g10/options.h b/g10/options.h
index f8550d1..774e15e 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -70,7 +70,6 @@ struct
int with_colons;
int with_key_data;
int with_icao_spelling; /* Print ICAO spelling with fingerprints. */
- int with_fingerprint; /* Option --with-fingerprint active. */
int with_keygrip; /* Option --with-keygrip active. */
int with_secret; /* Option --with-secret active. */
int fingerprint; /* list fingerprints */
diff --git a/g10/pkclist.c b/g10/pkclist.c
index d9ada59..21fdacb 100644
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@@ -529,8 +529,7 @@ check_signatures_trust( PKT_signature *sig )
{
if( !opt.quiet )
log_info(_("WARNING: Using untrusted key!\n"));
- if (opt.with_fingerprint)
- print_fingerprint (NULL, pk, 1);
+ print_fingerprint (NULL, pk, 1);
goto leave;
}
@@ -640,8 +639,7 @@ check_signatures_trust( PKT_signature *sig )
write_status( STATUS_TRUST_NEVER );
log_info(_("WARNING: We do NOT trust this key!\n"));
log_info(_(" The signature is probably a FORGERY.\n"));
- if (opt.with_fingerprint)
- print_fingerprint (NULL, pk, 1);
+ print_fingerprint (NULL, pk, 1);
rc = gpg_error (GPG_ERR_BAD_SIGNATURE);
break;
@@ -656,14 +654,12 @@ check_signatures_trust( PKT_signature *sig )
case TRUST_FULLY:
write_status( STATUS_TRUST_FULLY );
- if (opt.with_fingerprint)
- print_fingerprint (NULL, pk, 1);
+ print_fingerprint (NULL, pk, 1);
break;
case TRUST_ULTIMATE:
write_status( STATUS_TRUST_ULTIMATE );
- if (opt.with_fingerprint)
- print_fingerprint (NULL, pk, 1);
+ print_fingerprint (NULL, pk, 1);
break;
}
--
2.7.0.rc3
More information about the Gnupg-devel
mailing list