gpgsm: Set validity flag in keylisting to n for untrusted root cert.

* sm/keylist.c (list_cert_colon): Map not_trusted to 'n' for non-root certs like we do for root certs. -- GnuPG-bug-id: 6841
author: Werner Koch <wk@gnupg.org> 2023-11-27 12:34:38 +0100
committer: Werner Koch <wk@gnupg.org> 2023-11-27 13:39:45 +0100
commit: 73aa6dc6e41f16fd0b4fdd52c4a01a9f29ab9fea (patch)
tree: d20ed214fa22ce8ac1ea23f630735c79fac1860e /sm
parent: scd:openpgp: Fallback to default ECDH params in writekey. (diff)
download: gnupg2-73aa6dc6e41f16fd0b4fdd52c4a01a9f29ab9fea.tar.xz
gnupg2-73aa6dc6e41f16fd0b4fdd52c4a01a9f29ab9fea.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/sm/keylist.c b/sm/keylist.c
index ed1b74729..47fe69f30 100644
--- a/sm/keylist.c
+++ b/sm/keylist.c
@@ -532,6 +532,8 @@ list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity,
         {
           if (gpgsm_cert_has_well_known_private_key (cert))
             *truststring = 'w';  /* Well, this is dummy CA.  */
+          else if (gpg_err_code (valerr) == GPG_ERR_NOT_TRUSTED)
+            *truststring = 'n';  /* Likely the root cert is not trusted.  */
           else
             *truststring = 'i';
         }
author	Werner Koch <wk@gnupg.org>	2023-11-27 12:34:38 +0100
committer	Werner Koch <wk@gnupg.org>	2023-11-27 13:39:45 +0100
commit	73aa6dc6e41f16fd0b4fdd52c4a01a9f29ab9fea (patch)
tree	d20ed214fa22ce8ac1ea23f630735c79fac1860e /sm
parent	scd:openpgp: Fallback to default ECDH params in writekey. (diff)
download	gnupg2-73aa6dc6e41f16fd0b4fdd52c4a01a9f29ab9fea.tar.xz gnupg2-73aa6dc6e41f16fd0b4fdd52c4a01a9f29ab9fea.zip