gpg: New option --disable-signer-uid, create Signer's UID sub-packet.

* g10/gpg.c (oDisableSignerUID): New.
(opts): New option '--disable-signer-uid'.
(main): Set option.
* g10/options.h (opt): Add field flags.disable_signer_uid.
* g10/sign.c: Include mbox-util.h.
(mk_notation_policy_etc): Embed the signer's uid.
* g10/mainproc.c (check_sig_and_print): Do not use WKD for auto key
retrieval if --disable-signer-uid is used.
--

Signed-off-by: Werner Koch <wk@gnupg.org>

5 files changed, 41 insertions, 7 deletions

diff --git a/doc/gpg.texi b/doc/gpg.texi
index f092b270d..182abb105 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -1740,13 +1740,17 @@ are available for all keyserver types, some common options are:
   @item auto-key-retrieve
   This option enables the automatic retrieving of keys from a keyserver
   when verifying signatures made by keys that are not on the local
-  keyring.
+  keyring.  If the method "wkd" is included in the list of methods
+  given to @option{auto-key-locate}, the Signer's User ID is part of
+  the signature, and the option @option{--disable-signer-uid} is not used,
+  the "wkd" method may also be used to retrieve a key.
 
   Note that this option makes a "web bug" like behavior possible.
-  Keyserver operators can see which keys you request, so by sending you
-  a message signed by a brand new key (which you naturally will not have
-  on your local keyring), the operator can tell both your IP address and
-  the time when you verified the signature.
+  Keyserver or Web Key Directory operators can see which keys you
+  request, so by sending you a message signed by a brand new key (which
+  you naturally will not have on your local keyring), the operator can
+  tell both your IP address and the time when you verified the
+  signature.
 
   @item honor-keyserver-url
   When using @option{--refresh-keys}, if the key in question has a preferred
@@ -2344,6 +2348,14 @@ Disable the use of the modification detection code. Note that by
 using this option, the encrypted message becomes vulnerable to a
 message modification attack.
 
+@item --disable-signer-uid
+@opindex disable-signer-uid
+By default the user ID of the signing key is embedded in the data
+signature.  As of now this is only done if the signing key has been
+specified with @option{local-user} using a mail address.  This
+information can be helpful for verifier to locate the key; see
+@option{--auto-key-retrieve}.
+
 @item --personal-cipher-preferences @code{string}
 @opindex personal-cipher-preferences
 Set the list of personal cipher preferences to @code{string}.  Use
diff --git a/g10/gpg.c b/g10/gpg.c
index 87d06afef..f6088f061 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -396,6 +396,7 @@ enum cmd_and_opt_values
     oWeakDigest,
     oUnwrap,
     oOnlySignTextIDs,
+    oDisableSignerUID,
 
     oNoop
   };
@@ -550,6 +551,8 @@ static ARGPARSE_OPTS opts[] = {
   ARGPARSE_s_n (oDisableMDC, "disable-mdc", "@"),
   ARGPARSE_s_n (oNoDisableMDC, "no-disable-mdc", "@"),
 
+  ARGPARSE_s_n (oDisableSignerUID, "disable-signer-uid", "@"),
+
   ARGPARSE_s_n (oDryRun, "dry-run", N_("do not make any changes")),
   ARGPARSE_s_n (oInteractive, "interactive", N_("prompt before overwriting")),
 
@@ -2799,6 +2802,9 @@ main (int argc, char **argv)
 	  case oNoForceMDC: opt.force_mdc = 0; break;
 	  case oDisableMDC: opt.disable_mdc = 1; break;
 	  case oNoDisableMDC: opt.disable_mdc = 0; break;
+
+          case oDisableSignerUID: opt.flags.disable_signer_uid = 1; break;
+
 	  case oS2KMode:   opt.s2k_mode = pargs.r.ret_int; break;
 	  case oS2KDigest: s2k_digest_string = xstrdup(pargs.r.ret_str); break;
 	  case oS2KCipher: s2k_cipher_string = xstrdup(pargs.r.ret_str); break;
diff --git a/g10/mainproc.c b/g10/mainproc.c
index 7033de7dd..453d1b07b 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -1823,6 +1823,7 @@ check_sig_and_print (CTX c, kbnode_t node)
    * key from the WKD. */
   if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY
       && (opt.keyserver_options.options & KEYSERVER_AUTO_KEY_RETRIEVE)
+      && !opt.flags.disable_signer_uid
       && akl_has_wkd_method ()
       && sig->signers_uid)
     {
diff --git a/g10/options.h b/g10/options.h
index bf5831d6c..0a87b9011 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -234,6 +234,7 @@ struct
     unsigned int allow_multiple_messages:1;
     unsigned int allow_weak_digest_algos:1;
     unsigned int large_rsa:1;
+    unsigned int disable_signer_uid:1;
   } flags;
 
   /* Linked list of ways to find a key if the key isn't on the local
@@ -290,7 +291,7 @@ struct {
 #define DBG_IPC_VALUE     1024  /* debug assuan communication */
 #define DBG_CARD_IO_VALUE 2048  /* debug smart card I/O.  */
 #define DBG_CLOCK_VALUE   4096
-#define DBG_LOOKUP_VALUE  8192	/* debug the kety lookup */
+#define DBG_LOOKUP_VALUE  8192	/* debug the key lookup */
 #define DBG_EXTPROG_VALUE 16384 /* debug external program calls */
 
 /* Tests for the debugging flags.  */
diff --git a/g10/sign.c b/g10/sign.c
index 833b6ef06..a4974be85 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -40,7 +40,7 @@
 #include "pkglue.h"
 #include "sysutils.h"
 #include "call-agent.h"
-
+#include "mbox-util.h"
 
 #ifdef HAVE_DOSISH_SYSTEM
 #define LF "\r\n"
@@ -144,6 +144,20 @@ mk_notation_policy_etc (PKT_signature *sig,
                         p, strlen (p));
       xfree (p);
     }
+
+  /* Set signer's user id.  */
+  if (IS_SIG (sig) && !opt.flags.disable_signer_uid)
+    {
+      char *mbox;
+
+      /* For now we use the uid which was used to locate the key.  */
+      if (pksk->user_id && (mbox = mailbox_from_userid (pksk->user_id->name)))
+        {
+          if (DBG_LOOKUP)
+            log_debug ("setting Signer's UID to '%s'\n", mbox);
+          build_sig_subpkt (sig, SIGSUBPKT_SIGNERS_UID, mbox, strlen (mbox));
+        }
+    }
 }