From 6956f33f4b594804b48511229971fae3421c9642 Mon Sep 17 00:00:00 2001
From: defanor <defanor@uberspace.net>
Date: Wed, 10 Mar 2021 02:30:15 +0300
Subject: Allow to choose which OpenPGP keys to use for signing

---
 emacs/xml_interface.c |  3 ++-
 src/rexmpp_console.c  |  6 +++---
 src/rexmpp_openpgp.c  | 19 ++++++++++++++++++-
 src/rexmpp_openpgp.h  |  4 ++++
 4 files changed, 27 insertions(+), 5 deletions(-)

diff --git a/emacs/xml_interface.c b/emacs/xml_interface.c
index 36b1742..2541281 100644
--- a/emacs/xml_interface.c
+++ b/emacs/xml_interface.c
@@ -131,7 +131,8 @@ void req_process (rexmpp_t *s,
       }
     }
     recipients[recipients_num] = NULL;
-    char *payload_str = rexmpp_openpgp_payload(s, xmlCopyNode(payload_xml, 1), recipients, mode);
+    char *payload_str =
+      rexmpp_openpgp_payload(s, xmlCopyNode(payload_xml, 1), recipients, NULL, mode);
     for (recipients_num = 0; recipients[recipients_num] != NULL; recipients_num++) {
       free(recipients[recipients_num]);
     }
diff --git a/src/rexmpp_console.c b/src/rexmpp_console.c
index ecc1338..5476f0b 100644
--- a/src/rexmpp_console.c
+++ b/src/rexmpp_console.c
@@ -338,11 +338,11 @@ void rexmpp_console_feed (rexmpp_t *s, char *str, ssize_t str_len) {
     rcpt[1] = NULL;
     char *b64 = NULL;
     if (strcmp(word, "signcrypt") == 0) {
-      b64 = rexmpp_openpgp_payload(s, body, rcpt, REXMPP_OX_SIGNCRYPT);
+      b64 = rexmpp_openpgp_payload(s, body, rcpt, NULL, REXMPP_OX_SIGNCRYPT);
     } else if (strcmp(word, "sign") == 0) {
-      b64 = rexmpp_openpgp_payload(s, body, rcpt, REXMPP_OX_SIGN);
+      b64 = rexmpp_openpgp_payload(s, body, rcpt, NULL, REXMPP_OX_SIGN);
     } else if (strcmp(word, "crypt") == 0) {
-      b64 = rexmpp_openpgp_payload(s, body, rcpt, REXMPP_OX_CRYPT);
+      b64 = rexmpp_openpgp_payload(s, body, rcpt, NULL, REXMPP_OX_CRYPT);
     }
     xmlNodePtr openpgp = xmlNewNode(NULL, "openpgp");
     openpgp->ns = xmlNewNs(openpgp, "urn:xmpp:openpgp:0", NULL);
diff --git a/src/rexmpp_openpgp.c b/src/rexmpp_openpgp.c
index d0fd506..2ec975d 100644
--- a/src/rexmpp_openpgp.c
+++ b/src/rexmpp_openpgp.c
@@ -664,6 +664,7 @@ void rexmpp_openpgp_set_signers (rexmpp_t *s) {
 char *rexmpp_openpgp_payload (rexmpp_t *s,
                               xmlNodePtr payload,
                               const char **recipients,
+                              const char **signers,
                               enum rexmpp_ox_mode mode)
 {
   gpgme_error_t err;
@@ -684,7 +685,23 @@ char *rexmpp_openpgp_payload (rexmpp_t *s,
   xmlNewNs(elem, "urn:xmpp:openpgp:0", NULL);
 
   if (mode == REXMPP_OX_SIGN || mode == REXMPP_OX_SIGNCRYPT) {
-    rexmpp_openpgp_set_signers(s);
+    if (signers == NULL) {
+      rexmpp_openpgp_set_signers(s);
+    } else {
+      gpgme_signers_clear(s->pgp_ctx);
+      int signer;
+      gpgme_key_t sec_key;
+      for (signer = 0; signers[signer] != NULL; signer++) {
+        err = gpgme_get_key(s->pgp_ctx, signers[signer], &sec_key, 1);
+        if (gpg_err_code(err) == GPG_ERR_NO_ERROR) {
+          gpgme_signers_add(s->pgp_ctx, sec_key);
+          gpgme_key_unref(sec_key);
+        } else {
+          rexmpp_log(s, LOG_ERR, "Failed to read key %s: %s",
+                     signers[signer], gpgme_strerror(err));
+        }
+      }
+    }
 
     /* Add all the recipients. */
     for (i = 0; recipients[i] != NULL; i++) {
diff --git a/src/rexmpp_openpgp.h b/src/rexmpp_openpgp.h
index bed46b3..7470347 100644
--- a/src/rexmpp_openpgp.h
+++ b/src/rexmpp_openpgp.h
@@ -76,12 +76,16 @@ rexmpp_openpgp_decrypt_verify_message (rexmpp_t *s,
    @param[in] s ::rexmpp
    @param[in] payload XML payload.
    @param[in] recipients A NULL-terminated list of recipient JIDs.
+   @param[in] signers A NULL-terminated list of fingerprints of the
+   keys to sign with. Can be NULL to sign with all the available
+   published keys.
    @param[in] mode ::rexmpp_ox_mode
    @returns An encoded <openpgp> payload.
 */
 char *rexmpp_openpgp_payload (rexmpp_t *s,
                               xmlNodePtr payload,
                               const char **recipients,
+                              const char **signers,
                               enum rexmpp_ox_mode mode);
 
 
-- 
cgit v1.2.3