Line | Count | Source |
1 | | /* keyedit.c - Edit properties of a key |
2 | | * Copyright (C) 1998-2010 Free Software Foundation, Inc. |
3 | | * Copyright (C) 1998-2017 Werner Koch |
4 | | * Copyright (C) 2015, 2016, 2022-2023 g10 Code GmbH |
5 | | * |
6 | | * This file is part of GnuPG. |
7 | | * |
8 | | * GnuPG is free software; you can redistribute it and/or modify |
9 | | * it under the terms of the GNU General Public License as published by |
10 | | * the Free Software Foundation; either version 3 of the License, or |
11 | | * (at your option) any later version. |
12 | | * |
13 | | * GnuPG is distributed in the hope that it will be useful, |
14 | | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
15 | | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16 | | * GNU General Public License for more details. |
17 | | * |
18 | | * You should have received a copy of the GNU General Public License |
19 | | * along with this program; if not, see <https://www.gnu.org/licenses/>. |
20 | | */ |
21 | | |
22 | | #include <config.h> |
23 | | #include <stdio.h> |
24 | | #include <stdlib.h> |
25 | | #include <string.h> |
26 | | #include <errno.h> |
27 | | #include <ctype.h> |
28 | | #ifdef HAVE_LIBREADLINE |
29 | | # define GNUPG_LIBREADLINE_H_INCLUDED |
30 | | # include <readline/readline.h> |
31 | | #endif |
32 | | |
33 | | #include "gpg.h" |
34 | | #include "options.h" |
35 | | #include "packet.h" |
36 | | #include "../common/status.h" |
37 | | #include "../common/iobuf.h" |
38 | | #include "keydb.h" |
39 | | #include "photoid.h" |
40 | | #include "../common/util.h" |
41 | | #include "main.h" |
42 | | #include "trustdb.h" |
43 | | #include "filter.h" |
44 | | #include "../common/ttyio.h" |
45 | | #include "../common/status.h" |
46 | | #include "../common/i18n.h" |
47 | | #include "../common/mbox-util.h" |
48 | | #include "keyserver-internal.h" |
49 | | #include "call-agent.h" |
50 | | #include "../common/host2net.h" |
51 | | #include "tofu.h" |
52 | | #include "key-check.h" |
53 | | #include "key-clean.h" |
54 | | #include "keyedit.h" |
55 | | |
56 | | static void maybe_upload_key (ctrl_t ctrl, kbnode_t keyblock); |
57 | | static void show_prefs (PKT_user_id * uid, PKT_signature * selfsig, |
58 | | int verbose); |
59 | | static void show_names (ctrl_t ctrl, estream_t fp, |
60 | | kbnode_t keyblock, PKT_public_key * pk, |
61 | | unsigned int flag, int with_prefs); |
62 | | static void show_key_with_all_names (ctrl_t ctrl, estream_t fp, |
63 | | KBNODE keyblock, int only_marked, |
64 | | int with_revoker, int with_fpr, |
65 | | int with_subkeys, int with_prefs, |
66 | | int nowarn); |
67 | | static void show_key_and_fingerprint (ctrl_t ctrl, |
68 | | kbnode_t keyblock, int with_subkeys); |
69 | | static void show_key_and_grip (kbnode_t keyblock); |
70 | | static void subkey_expire_warning (kbnode_t keyblock); |
71 | | static int menu_adduid (ctrl_t ctrl, kbnode_t keyblock, |
72 | | int photo, const char *photo_name, const char *uidstr); |
73 | | static void menu_deluid (KBNODE pub_keyblock); |
74 | | static int menu_delsig (ctrl_t ctrl, kbnode_t pub_keyblock); |
75 | | static int menu_clean (ctrl_t ctrl, kbnode_t keyblock, unsigned int options); |
76 | | static void menu_delkey (KBNODE pub_keyblock); |
77 | | static int menu_addrevoker (ctrl_t ctrl, kbnode_t pub_keyblock, int sensitive); |
78 | | static int menu_addadsk (ctrl_t ctrl, kbnode_t pub_keyblock, |
79 | | const char *adskfpr); |
80 | | static gpg_error_t menu_expire (ctrl_t ctrl, kbnode_t pub_keyblock, |
81 | | int unattended, u32 newexpiration); |
82 | | static int menu_changeusage (ctrl_t ctrl, kbnode_t keyblock); |
83 | | static int menu_backsign (ctrl_t ctrl, kbnode_t pub_keyblock); |
84 | | static int menu_set_primary_uid (ctrl_t ctrl, kbnode_t pub_keyblock); |
85 | | static int menu_set_preferences (ctrl_t ctrl, kbnode_t pub_keyblock, |
86 | | int unattended); |
87 | | static int menu_set_keyserver_url (ctrl_t ctrl, |
88 | | const char *url, kbnode_t pub_keyblock); |
89 | | static int menu_set_notation (ctrl_t ctrl, |
90 | | const char *string, kbnode_t pub_keyblock); |
91 | | static int menu_select_uid (KBNODE keyblock, int idx); |
92 | | static int menu_select_uid_namehash (KBNODE keyblock, const char *namehash); |
93 | | static int menu_select_key (KBNODE keyblock, int idx, char *p); |
94 | | static int count_uids (KBNODE keyblock); |
95 | | static int count_uids_with_flag (KBNODE keyblock, unsigned flag); |
96 | | static int count_keys_with_flag (KBNODE keyblock, unsigned flag); |
97 | | static int count_selected_uids (KBNODE keyblock); |
98 | | static int real_uids_left (KBNODE keyblock); |
99 | | static int count_selected_keys (KBNODE keyblock); |
100 | | static int menu_revsig (ctrl_t ctrl, kbnode_t keyblock); |
101 | | static int menu_revuid (ctrl_t ctrl, kbnode_t keyblock); |
102 | | static int core_revuid (ctrl_t ctrl, kbnode_t keyblock, KBNODE node, |
103 | | const struct revocation_reason_info *reason, |
104 | | int *modified); |
105 | | static int menu_revkey (ctrl_t ctrl, kbnode_t pub_keyblock); |
106 | | static int menu_revsubkey (ctrl_t ctrl, kbnode_t pub_keyblock); |
107 | | #ifndef NO_TRUST_MODELS |
108 | | static int enable_disable_key (ctrl_t ctrl, kbnode_t keyblock, int disable); |
109 | | #endif /*!NO_TRUST_MODELS*/ |
110 | | static void menu_showphoto (ctrl_t ctrl, kbnode_t keyblock); |
111 | | |
112 | | static int update_trust = 0; |
113 | | |
114 | 0 | #define CONTROL_D ('D' - 'A' + 1) |
115 | | |
116 | | /* Flags values used by sign_uids(). */ |
117 | 0 | #define SIGN_UIDS_LOCAL 1 /* Create non-exportable sig. */ |
118 | 0 | #define SIGN_UIDS_NONREVOCABLE 2 /* Create non-revocable sig. */ |
119 | 0 | #define SIGN_UIDS_TRUSTSIG 4 /* Create trust signature. */ |
120 | 0 | #define SIGN_UIDS_INTERACTIVE 8 /* Change the way of prompting. */ |
121 | 0 | #define SIGN_UIDS_QUICK 16 /* Called by a --quick command. */ |
122 | | |
123 | | struct sign_attrib |
124 | | { |
125 | | int non_exportable, non_revocable; |
126 | | struct revocation_reason_info *reason; |
127 | | byte trust_depth, trust_value; |
128 | | char *trust_regexp; |
129 | | }; |
130 | | |
131 | | |
132 | | |
133 | | /* TODO: Fix duplicated code between here and the check-sigs/list-sigs |
134 | | code in keylist.c. */ |
135 | | static int |
136 | | print_and_check_one_sig_colon (ctrl_t ctrl, kbnode_t keyblock, kbnode_t node, |
137 | | int *inv_sigs, int *no_key, int *oth_err, |
138 | | int *is_selfsig, int print_without_key) |
139 | 0 | { |
140 | 0 | PKT_signature *sig = node->pkt->pkt.signature; |
141 | 0 | int rc, sigrc; |
142 | | |
143 | | /* TODO: Make sure a cached sig record here still has the pk that |
144 | | issued it. See also keylist.c:list_keyblock_print */ |
145 | |
|
146 | 0 | rc = check_key_signature (ctrl, keyblock, node, is_selfsig); |
147 | 0 | switch (gpg_err_code (rc)) |
148 | 0 | { |
149 | 0 | case 0: |
150 | 0 | node->flag &= ~(NODFLG_BADSIG | NODFLG_NOKEY | NODFLG_SIGERR); |
151 | 0 | sigrc = '!'; |
152 | 0 | break; |
153 | 0 | case GPG_ERR_BAD_SIGNATURE: |
154 | 0 | node->flag = NODFLG_BADSIG; |
155 | 0 | sigrc = '-'; |
156 | 0 | if (inv_sigs) |
157 | 0 | ++ * inv_sigs; |
158 | 0 | break; |
159 | 0 | case GPG_ERR_NO_PUBKEY: |
160 | 0 | case GPG_ERR_UNUSABLE_PUBKEY: |
161 | 0 | node->flag = NODFLG_NOKEY; |
162 | 0 | sigrc = '?'; |
163 | 0 | if (no_key) |
164 | 0 | ++ * no_key; |
165 | 0 | break; |
166 | 0 | default: |
167 | 0 | node->flag = NODFLG_SIGERR; |
168 | 0 | sigrc = '%'; |
169 | 0 | if (oth_err) |
170 | 0 | ++ * oth_err; |
171 | 0 | break; |
172 | 0 | } |
173 | | |
174 | 0 | if (sigrc != '?' || print_without_key) |
175 | 0 | { |
176 | 0 | es_printf ("sig:%c::%d:%08lX%08lX:%lu:%lu:", |
177 | 0 | sigrc, sig->pubkey_algo, (ulong) sig->keyid[0], |
178 | 0 | (ulong) sig->keyid[1], (ulong) sig->timestamp, |
179 | 0 | (ulong) sig->expiredate); |
180 | |
|
181 | 0 | if (sig->trust_depth || sig->trust_value) |
182 | 0 | es_printf ("%d %d", sig->trust_depth, sig->trust_value); |
183 | |
|
184 | 0 | es_printf (":"); |
185 | |
|
186 | 0 | if (sig->trust_regexp) |
187 | 0 | es_write_sanitized (es_stdout, |
188 | 0 | sig->trust_regexp, strlen (sig->trust_regexp), |
189 | 0 | ":", NULL); |
190 | |
|
191 | 0 | es_printf ("::%02x%c\n", sig->sig_class, |
192 | 0 | sig->flags.exportable ? 'x' : 'l'); |
193 | |
|
194 | 0 | if (opt.show_subpackets) |
195 | 0 | print_subpackets_colon (sig); |
196 | 0 | } |
197 | |
|
198 | 0 | return (sigrc == '!'); |
199 | 0 | } |
200 | | |
201 | | |
202 | | /* |
203 | | * Print information about a signature (rc is its status), check it |
204 | | * and return true if the signature is okay. NODE must be a signature |
205 | | * packet. With EXTENDED set all possible signature list options will |
206 | | * always be printed. |
207 | | */ |
208 | | int |
209 | | keyedit_print_one_sig (ctrl_t ctrl, estream_t fp, |
210 | | int rc, kbnode_t keyblock, kbnode_t node, |
211 | | int *inv_sigs, int *no_key, int *oth_err, |
212 | | int is_selfsig, int print_without_key, int extended) |
213 | 0 | { |
214 | 0 | PKT_signature *sig = node->pkt->pkt.signature; |
215 | 0 | int sigrc; |
216 | 0 | int is_rev = sig->sig_class == 0x30; |
217 | | |
218 | | /* TODO: Make sure a cached sig record here still has the pk that |
219 | | issued it. See also keylist.c:list_keyblock_print */ |
220 | |
|
221 | 0 | switch (gpg_err_code (rc)) |
222 | 0 | { |
223 | 0 | case 0: |
224 | 0 | node->flag &= ~(NODFLG_BADSIG | NODFLG_NOKEY | NODFLG_SIGERR); |
225 | 0 | sigrc = '!'; |
226 | 0 | break; |
227 | 0 | case GPG_ERR_BAD_SIGNATURE: |
228 | 0 | node->flag = NODFLG_BADSIG; |
229 | 0 | sigrc = '-'; |
230 | 0 | if (inv_sigs) |
231 | 0 | ++ * inv_sigs; |
232 | 0 | break; |
233 | 0 | case GPG_ERR_NO_PUBKEY: |
234 | 0 | case GPG_ERR_UNUSABLE_PUBKEY: |
235 | 0 | node->flag = NODFLG_NOKEY; |
236 | 0 | sigrc = '?'; |
237 | 0 | if (no_key) |
238 | 0 | ++ * no_key; |
239 | 0 | break; |
240 | 0 | default: |
241 | 0 | node->flag = NODFLG_SIGERR; |
242 | 0 | sigrc = '%'; |
243 | 0 | if (oth_err) |
244 | 0 | ++ * oth_err; |
245 | 0 | break; |
246 | 0 | } |
247 | 0 | if (sigrc != '?' || print_without_key) |
248 | 0 | { |
249 | 0 | tty_fprintf (fp, "%s%c%c %c%c%c%c%c%c %s %s", |
250 | 0 | is_rev ? "rev" : "sig", sigrc, |
251 | 0 | (sig->sig_class - 0x10 > 0 && |
252 | 0 | sig->sig_class - 0x10 < |
253 | 0 | 4) ? '0' + sig->sig_class - 0x10 : ' ', |
254 | 0 | sig->flags.exportable ? ' ' : 'L', |
255 | 0 | sig->flags.revocable ? ' ' : 'R', |
256 | 0 | sig->flags.policy_url ? 'P' : ' ', |
257 | 0 | sig->flags.notation ? 'N' : ' ', |
258 | 0 | sig->flags.expired ? 'X' : ' ', |
259 | 0 | (sig->trust_depth > 9) ? 'T' : (sig->trust_depth > |
260 | 0 | 0) ? '0' + |
261 | 0 | sig->trust_depth : ' ', |
262 | 0 | keystr (sig->keyid), |
263 | 0 | datestr_from_sig (sig)); |
264 | 0 | if ((opt.list_options & LIST_SHOW_SIG_EXPIRE) || extended ) |
265 | 0 | tty_fprintf (fp, " %s", expirestr_from_sig (sig)); |
266 | 0 | tty_fprintf (fp, " "); |
267 | 0 | if (sigrc == '%') |
268 | 0 | tty_fprintf (fp, "[%s] ", gpg_strerror (rc)); |
269 | 0 | else if (sigrc == '?') |
270 | 0 | ; |
271 | 0 | else if (is_selfsig) |
272 | 0 | { |
273 | 0 | tty_fprintf (fp, is_rev ? _("[revocation]") : _("[self-signature]")); |
274 | 0 | if (extended && sig->flags.chosen_selfsig) |
275 | 0 | tty_fprintf (fp, "*"); |
276 | 0 | } |
277 | 0 | else |
278 | 0 | { |
279 | 0 | size_t n; |
280 | 0 | char *p = get_user_id (ctrl, sig->keyid, &n, NULL); |
281 | 0 | tty_print_utf8_string2 (fp, p, n, |
282 | 0 | opt.screen_columns - keystrlen () - 26 - |
283 | 0 | ((opt. |
284 | 0 | list_options & LIST_SHOW_SIG_EXPIRE) ? 11 |
285 | 0 | : 0)); |
286 | 0 | xfree (p); |
287 | 0 | } |
288 | 0 | if (fp == log_get_stream ()) |
289 | 0 | log_printf ("\n"); |
290 | 0 | else |
291 | 0 | tty_fprintf (fp, "\n"); |
292 | |
|
293 | 0 | if (sig->flags.policy_url |
294 | 0 | && ((opt.list_options & LIST_SHOW_POLICY_URLS) || extended)) |
295 | 0 | show_policy_url (sig, 3, (!fp? -1 : fp == log_get_stream ()? 1 : 0)); |
296 | |
|
297 | 0 | if (sig->flags.notation |
298 | 0 | && ((opt.list_options & LIST_SHOW_NOTATIONS) || extended)) |
299 | 0 | show_notation (sig, 3, (!fp? -1 : fp == log_get_stream ()? 1 : 0), |
300 | 0 | ((opt. |
301 | 0 | list_options & LIST_SHOW_STD_NOTATIONS) ? 1 : 0) + |
302 | 0 | ((opt. |
303 | 0 | list_options & LIST_SHOW_USER_NOTATIONS) ? 2 : 0) + |
304 | 0 | ((opt. |
305 | 0 | list_options & LIST_SHOW_HIDDEN_NOTATIONS) ? 4:0)); |
306 | |
|
307 | 0 | if (sig->flags.pref_ks |
308 | 0 | && ((opt.list_options & LIST_SHOW_KEYSERVER_URLS) || extended)) |
309 | 0 | show_keyserver_url (sig, 3, (!fp? -1 : fp == log_get_stream ()? 1 : 0)); |
310 | |
|
311 | 0 | if (extended) |
312 | 0 | { |
313 | 0 | PKT_public_key *pk = keyblock->pkt->pkt.public_key; |
314 | 0 | const unsigned char *s; |
315 | |
|
316 | 0 | s = parse_sig_subpkt (sig, 1, SIGSUBPKT_PRIMARY_UID, NULL); |
317 | 0 | if (s && *s) |
318 | 0 | tty_fprintf (fp, " [primary]\n"); |
319 | |
|
320 | 0 | s = parse_sig_subpkt (sig, 1, SIGSUBPKT_KEY_EXPIRE, NULL); |
321 | 0 | if (s && buf32_to_u32 (s)) |
322 | 0 | tty_fprintf (fp, " [expires: %s]\n", |
323 | 0 | isotimestamp (pk->timestamp + buf32_to_u32 (s))); |
324 | 0 | } |
325 | 0 | } |
326 | |
|
327 | 0 | return (sigrc == '!'); |
328 | 0 | } |
329 | | |
330 | | |
331 | | static int |
332 | | print_and_check_one_sig (ctrl_t ctrl, kbnode_t keyblock, kbnode_t node, |
333 | | int *inv_sigs, int *no_key, int *oth_err, |
334 | | int *is_selfsig, int print_without_key, int extended) |
335 | 0 | { |
336 | 0 | int rc; |
337 | |
|
338 | 0 | rc = check_key_signature (ctrl, keyblock, node, is_selfsig); |
339 | 0 | return keyedit_print_one_sig (ctrl, NULL, rc, |
340 | 0 | keyblock, node, inv_sigs, no_key, oth_err, |
341 | 0 | *is_selfsig, print_without_key, extended); |
342 | 0 | } |
343 | | |
344 | | |
345 | | static int |
346 | | sign_mk_attrib (PKT_signature * sig, void *opaque) |
347 | 0 | { |
348 | 0 | struct sign_attrib *attrib = opaque; |
349 | 0 | byte buf[8]; |
350 | |
|
351 | 0 | if (attrib->non_exportable) |
352 | 0 | { |
353 | 0 | buf[0] = 0; /* not exportable */ |
354 | 0 | build_sig_subpkt (sig, SIGSUBPKT_EXPORTABLE, buf, 1); |
355 | 0 | } |
356 | |
|
357 | 0 | if (attrib->non_revocable) |
358 | 0 | { |
359 | 0 | buf[0] = 0; /* not revocable */ |
360 | 0 | build_sig_subpkt (sig, SIGSUBPKT_REVOCABLE, buf, 1); |
361 | 0 | } |
362 | |
|
363 | 0 | if (attrib->reason) |
364 | 0 | revocation_reason_build_cb (sig, attrib->reason); |
365 | |
|
366 | 0 | if (attrib->trust_depth) |
367 | 0 | { |
368 | | /* Not critical. If someone doesn't understand trust sigs, |
369 | | this can still be a valid regular signature. */ |
370 | 0 | buf[0] = attrib->trust_depth; |
371 | 0 | buf[1] = attrib->trust_value; |
372 | 0 | build_sig_subpkt (sig, SIGSUBPKT_TRUST, buf, 2); |
373 | | |
374 | | /* Critical. If someone doesn't understands regexps, this |
375 | | whole sig should be invalid. Note the +1 for the length - |
376 | | regexps are null terminated. */ |
377 | 0 | if (attrib->trust_regexp) |
378 | 0 | build_sig_subpkt (sig, SIGSUBPKT_FLAG_CRITICAL | SIGSUBPKT_REGEXP, |
379 | 0 | attrib->trust_regexp, |
380 | 0 | strlen (attrib->trust_regexp) + 1); |
381 | 0 | } |
382 | |
|
383 | 0 | return 0; |
384 | 0 | } |
385 | | |
386 | | |
387 | | /* Parse a trust signature specification string into the 3 return |
388 | | * args. Returns 0 on success or an errorcode. Format for the string |
389 | | * is |
390 | | * ['T=']<depth>,<value>[,<domain>] |
391 | | * The optional prefix is just to allow c+p from the --check-sigs |
392 | | * output. The domain is optional, <depth> must be a value in the |
393 | | * range 0 to 255, value may either be value in the same range or - |
394 | | * preferred - 'm' or 'f'. |
395 | | */ |
396 | | static gpg_error_t |
397 | | parse_trustsig_string (const char *string, |
398 | | byte *trust_value, byte *trust_depth, char **regexp) |
399 | 0 | { |
400 | 0 | gpg_error_t err = 0; |
401 | 0 | char **fields; |
402 | 0 | int nfields; |
403 | 0 | int along; |
404 | 0 | char *endp; |
405 | |
|
406 | 0 | *trust_value = 0; |
407 | 0 | *trust_depth = 0; |
408 | 0 | *regexp = NULL; |
409 | |
|
410 | 0 | if (!string) |
411 | 0 | return gpg_error (GPG_ERR_INV_ARG); |
412 | | |
413 | 0 | if (*string == 'T' && string[1] == '=') |
414 | 0 | string += 2; |
415 | |
|
416 | 0 | fields = strtokenize (string, ","); |
417 | 0 | if (!fields) |
418 | 0 | return gpg_error_from_syserror (); |
419 | | |
420 | 0 | for (nfields=0; fields[nfields]; nfields++) |
421 | 0 | ; |
422 | 0 | if (nfields < 2 || nfields > 3) |
423 | 0 | { |
424 | 0 | err = gpg_error (GPG_ERR_SYNTAX); |
425 | 0 | goto leave; |
426 | 0 | } |
427 | 0 | along = strtol (fields[0], &endp, 10); |
428 | 0 | if (along < 0 || along > 255 || fields[0] == endp || *endp) |
429 | 0 | { |
430 | 0 | err = gpg_error (GPG_ERR_ERANGE); |
431 | 0 | goto leave; |
432 | 0 | } |
433 | 0 | *trust_depth = along; |
434 | 0 | if (!strcmp (fields[1], "m")|| !strcmp (fields[1], "marginal")) |
435 | 0 | along = 60; |
436 | 0 | else if (!strcmp (fields[1], "f")|| !strcmp (fields[1], "full")) |
437 | 0 | along = 120; |
438 | 0 | else |
439 | 0 | { |
440 | 0 | along = strtol (fields[1], &endp, 10); |
441 | 0 | if (along < 0 || along > 255 || fields[1] == endp || *endp) |
442 | 0 | { |
443 | 0 | err = gpg_error (GPG_ERR_ERANGE); |
444 | 0 | goto leave; |
445 | 0 | } |
446 | 0 | } |
447 | 0 | *trust_value = along; |
448 | |
|
449 | 0 | if (nfields == 3) |
450 | 0 | { |
451 | 0 | if (!is_valid_domain_name (fields[2])) |
452 | 0 | err = gpg_error (GPG_ERR_NO_NAME); |
453 | 0 | else |
454 | 0 | { |
455 | 0 | *regexp = strconcat ("<[^>]+[@.]", fields[2], ">$", NULL); |
456 | 0 | if (!*regexp) |
457 | 0 | err = gpg_error_from_syserror (); |
458 | 0 | } |
459 | 0 | } |
460 | |
|
461 | 0 | leave: |
462 | 0 | xfree (fields); |
463 | 0 | if (err && *regexp) |
464 | 0 | { |
465 | 0 | xfree (*regexp); |
466 | 0 | *regexp = NULL; |
467 | 0 | } |
468 | 0 | return err; |
469 | 0 | } |
470 | | |
471 | | |
472 | | /* Interactive version of parse_trustsig_string. */ |
473 | | static void |
474 | | trustsig_prompt (byte * trust_value, byte * trust_depth, char **regexp) |
475 | 0 | { |
476 | 0 | char *p; |
477 | |
|
478 | 0 | *trust_value = 0; |
479 | 0 | *trust_depth = 0; |
480 | 0 | *regexp = NULL; |
481 | | |
482 | | /* Same string as pkclist.c:do_edit_ownertrust */ |
483 | 0 | tty_printf (_ |
484 | 0 | ("Please decide how far you trust this user to correctly verify" |
485 | 0 | " other users' keys\n(by looking at passports, checking" |
486 | 0 | " fingerprints from different sources, etc.)\n")); |
487 | 0 | tty_printf ("\n"); |
488 | 0 | tty_printf (_(" %d = I trust marginally\n"), 1); |
489 | 0 | tty_printf (_(" %d = I trust fully\n"), 2); |
490 | 0 | tty_printf ("\n"); |
491 | |
|
492 | 0 | while (*trust_value == 0) |
493 | 0 | { |
494 | 0 | p = cpr_get ("trustsig_prompt.trust_value", _("Your selection? ")); |
495 | 0 | trim_spaces (p); |
496 | 0 | cpr_kill_prompt (); |
497 | | /* 60 and 120 are as per RFC2440 */ |
498 | 0 | if (p[0] == '1' && !p[1]) |
499 | 0 | *trust_value = 60; |
500 | 0 | else if (p[0] == '2' && !p[1]) |
501 | 0 | *trust_value = 120; |
502 | 0 | xfree (p); |
503 | 0 | } |
504 | |
|
505 | 0 | tty_printf ("\n"); |
506 | |
|
507 | 0 | tty_printf (_("Please enter the depth of this trust signature.\n" |
508 | 0 | "A depth greater than 1 allows the key you are" |
509 | 0 | " signing to make\n" |
510 | 0 | "trust signatures on your behalf.\n")); |
511 | 0 | tty_printf ("\n"); |
512 | |
|
513 | 0 | while (*trust_depth == 0) |
514 | 0 | { |
515 | 0 | p = cpr_get ("trustsig_prompt.trust_depth", _("Your selection? ")); |
516 | 0 | trim_spaces (p); |
517 | 0 | cpr_kill_prompt (); |
518 | 0 | *trust_depth = atoi (p); |
519 | 0 | xfree (p); |
520 | 0 | } |
521 | |
|
522 | 0 | tty_printf ("\n"); |
523 | |
|
524 | 0 | tty_printf (_("Please enter a domain to restrict this signature, " |
525 | 0 | "or enter for none.\n")); |
526 | |
|
527 | 0 | tty_printf ("\n"); |
528 | |
|
529 | 0 | p = cpr_get ("trustsig_prompt.trust_regexp", _("Your selection? ")); |
530 | 0 | trim_spaces (p); |
531 | 0 | cpr_kill_prompt (); |
532 | |
|
533 | 0 | if (strlen (p) > 0) |
534 | 0 | { |
535 | 0 | char *q = p; |
536 | 0 | int regexplen = 100, ind; |
537 | |
|
538 | 0 | *regexp = xmalloc (regexplen); |
539 | | |
540 | | /* Now mangle the domain the user entered into a regexp. To do |
541 | | this, \-escape everything that isn't alphanumeric, and attach |
542 | | "<[^>]+[@.]" to the front, and ">$" to the end. */ |
543 | |
|
544 | 0 | strcpy (*regexp, "<[^>]+[@.]"); |
545 | 0 | ind = strlen (*regexp); |
546 | |
|
547 | 0 | while (*q) |
548 | 0 | { |
549 | 0 | if (!((*q >= 'A' && *q <= 'Z') |
550 | 0 | || (*q >= 'a' && *q <= 'z') || (*q >= '0' && *q <= '9'))) |
551 | 0 | (*regexp)[ind++] = '\\'; |
552 | |
|
553 | 0 | (*regexp)[ind++] = *q; |
554 | |
|
555 | 0 | if ((regexplen - ind) < 3) |
556 | 0 | { |
557 | 0 | regexplen += 100; |
558 | 0 | *regexp = xrealloc (*regexp, regexplen); |
559 | 0 | } |
560 | |
|
561 | 0 | q++; |
562 | 0 | } |
563 | |
|
564 | 0 | (*regexp)[ind] = '\0'; |
565 | 0 | strcat (*regexp, ">$"); |
566 | 0 | } |
567 | |
|
568 | 0 | xfree (p); |
569 | 0 | tty_printf ("\n"); |
570 | 0 | } |
571 | | |
572 | | |
573 | | /* |
574 | | * Loop over all LOCUSR and sign the uids after asking. If no user id |
575 | | * is marked, all user ids will be signed; if some user_ids are marked |
576 | | * only those will be signed. FLAGS are the SIGN_UIDS_* constants. |
577 | | * For example with SIGN_UIDS_QUICK the function won't ask the user |
578 | | * and use sensible defaults. TRUSTSIGSTR is only used if also |
579 | | * SIGN_UIDS_TRUSTSIG is set. |
580 | | */ |
581 | | static int |
582 | | sign_uids (ctrl_t ctrl, estream_t fp, |
583 | | kbnode_t keyblock, strlist_t locusr, unsigned int flags, |
584 | | const char *trustsigstr, int *ret_modified) |
585 | 0 | { |
586 | 0 | int rc = 0; |
587 | 0 | SK_LIST sk_list = NULL; |
588 | 0 | SK_LIST sk_rover = NULL; |
589 | 0 | PKT_public_key *pk = NULL; |
590 | 0 | KBNODE node, uidnode; |
591 | 0 | PKT_public_key *primary_pk = NULL; |
592 | 0 | char *trust_regexp = NULL; |
593 | 0 | int select_all = (!count_selected_uids (keyblock) |
594 | 0 | || (flags & SIGN_UIDS_INTERACTIVE)); |
595 | | |
596 | | |
597 | | /* Build a list of all signators. |
598 | | * |
599 | | * We use the CERT flag to request the primary which must always |
600 | | * be one which is capable of signing keys. I can't see a reason |
601 | | * why to sign keys using a subkey. Implementation of USAGE_CERT |
602 | | * is just a hack in getkey.c and does not mean that a subkey |
603 | | * marked as certification capable will be used. */ |
604 | 0 | rc = build_sk_list (ctrl, locusr, &sk_list, PUBKEY_USAGE_CERT); |
605 | 0 | if (rc) |
606 | 0 | goto leave; |
607 | | |
608 | | /* Loop over all signators. */ |
609 | 0 | for (sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next) |
610 | 0 | { |
611 | 0 | u32 sk_keyid[2], pk_keyid[2]; |
612 | 0 | char *p; |
613 | 0 | int class = 0, selfsig = 0; |
614 | 0 | u32 duration = 0, timestamp = 0; |
615 | 0 | byte trust_depth = 0, trust_value = 0; |
616 | |
|
617 | 0 | pk = sk_rover->pk; |
618 | 0 | keyid_from_pk (pk, sk_keyid); |
619 | | |
620 | | /* Set mark A for all selected user ids. */ |
621 | 0 | for (node = keyblock; node; node = node->next) |
622 | 0 | { |
623 | 0 | if (select_all || (node->flag & NODFLG_SELUID)) |
624 | 0 | node->flag |= NODFLG_MARK_A; |
625 | 0 | else |
626 | 0 | node->flag &= ~NODFLG_MARK_A; |
627 | 0 | } |
628 | | |
629 | | /* Reset mark for uids which are already signed. */ |
630 | 0 | uidnode = NULL; |
631 | 0 | for (node = keyblock; node; node = node->next) |
632 | 0 | { |
633 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_KEY) |
634 | 0 | { |
635 | 0 | primary_pk = node->pkt->pkt.public_key; |
636 | 0 | keyid_from_pk (primary_pk, pk_keyid); |
637 | | |
638 | | /* Is this a self-sig? */ |
639 | 0 | if (pk_keyid[0] == sk_keyid[0] && pk_keyid[1] == sk_keyid[1]) |
640 | 0 | selfsig = 1; |
641 | 0 | } |
642 | 0 | else if (node->pkt->pkttype == PKT_USER_ID) |
643 | 0 | { |
644 | 0 | uidnode = (node->flag & NODFLG_MARK_A) ? node : NULL; |
645 | 0 | if (uidnode) |
646 | 0 | { |
647 | 0 | int yesreally = 0; |
648 | 0 | char *user; |
649 | |
|
650 | 0 | user = utf8_to_native (uidnode->pkt->pkt.user_id->name, |
651 | 0 | uidnode->pkt->pkt.user_id->len, 0); |
652 | |
|
653 | 0 | if (opt.only_sign_text_ids |
654 | 0 | && uidnode->pkt->pkt.user_id->attribs) |
655 | 0 | { |
656 | 0 | tty_fprintf (fp, _("Skipping user ID \"%s\"," |
657 | 0 | " which is not a text ID.\n"), |
658 | 0 | user); |
659 | 0 | uidnode->flag &= ~NODFLG_MARK_A; |
660 | 0 | uidnode = NULL; |
661 | 0 | } |
662 | 0 | else if (uidnode->pkt->pkt.user_id->flags.revoked) |
663 | 0 | { |
664 | 0 | tty_fprintf (fp, _("User ID \"%s\" is revoked."), user); |
665 | |
|
666 | 0 | if (selfsig) |
667 | 0 | tty_fprintf (fp, "\n"); |
668 | 0 | else if (opt.expert && !(flags & SIGN_UIDS_QUICK)) |
669 | 0 | { |
670 | 0 | tty_fprintf (fp, "\n"); |
671 | | /* No, so remove the mark and continue */ |
672 | 0 | if (!cpr_get_answer_is_yes ("sign_uid.revoke_okay", |
673 | 0 | _("Are you sure you " |
674 | 0 | "still want to sign " |
675 | 0 | "it? (y/N) "))) |
676 | 0 | { |
677 | 0 | uidnode->flag &= ~NODFLG_MARK_A; |
678 | 0 | uidnode = NULL; |
679 | 0 | } |
680 | 0 | else if ((flags & SIGN_UIDS_INTERACTIVE)) |
681 | 0 | yesreally = 1; |
682 | 0 | } |
683 | 0 | else |
684 | 0 | { |
685 | 0 | uidnode->flag &= ~NODFLG_MARK_A; |
686 | 0 | uidnode = NULL; |
687 | 0 | tty_fprintf (fp, _(" Unable to sign.\n")); |
688 | 0 | } |
689 | 0 | } |
690 | 0 | else if (uidnode->pkt->pkt.user_id->flags.expired) |
691 | 0 | { |
692 | 0 | tty_fprintf (fp, _("User ID \"%s\" is expired."), user); |
693 | |
|
694 | 0 | if (selfsig) |
695 | 0 | tty_fprintf (fp, "\n"); |
696 | 0 | else if (opt.expert && !(flags & SIGN_UIDS_QUICK)) |
697 | 0 | { |
698 | 0 | tty_fprintf (fp, "\n"); |
699 | | /* No, so remove the mark and continue */ |
700 | 0 | if (!cpr_get_answer_is_yes ("sign_uid.expire_okay", |
701 | 0 | _("Are you sure you " |
702 | 0 | "still want to sign " |
703 | 0 | "it? (y/N) "))) |
704 | 0 | { |
705 | 0 | uidnode->flag &= ~NODFLG_MARK_A; |
706 | 0 | uidnode = NULL; |
707 | 0 | } |
708 | 0 | else if ((flags & SIGN_UIDS_INTERACTIVE)) |
709 | 0 | yesreally = 1; |
710 | 0 | } |
711 | 0 | else |
712 | 0 | { |
713 | 0 | uidnode->flag &= ~NODFLG_MARK_A; |
714 | 0 | uidnode = NULL; |
715 | 0 | tty_fprintf (fp, _(" Unable to sign.\n")); |
716 | 0 | } |
717 | 0 | } |
718 | 0 | else if (!uidnode->pkt->pkt.user_id->created && !selfsig) |
719 | 0 | { |
720 | 0 | tty_fprintf (fp, _("User ID \"%s\" is not self-signed."), |
721 | 0 | user); |
722 | |
|
723 | 0 | if (opt.expert && !(flags & SIGN_UIDS_QUICK)) |
724 | 0 | { |
725 | 0 | tty_fprintf (fp, "\n"); |
726 | | /* No, so remove the mark and continue */ |
727 | 0 | if (!cpr_get_answer_is_yes ("sign_uid.nosig_okay", |
728 | 0 | _("Are you sure you " |
729 | 0 | "still want to sign " |
730 | 0 | "it? (y/N) "))) |
731 | 0 | { |
732 | 0 | uidnode->flag &= ~NODFLG_MARK_A; |
733 | 0 | uidnode = NULL; |
734 | 0 | } |
735 | 0 | else if ((flags & SIGN_UIDS_INTERACTIVE)) |
736 | 0 | yesreally = 1; |
737 | 0 | } |
738 | 0 | else |
739 | 0 | { |
740 | 0 | uidnode->flag &= ~NODFLG_MARK_A; |
741 | 0 | uidnode = NULL; |
742 | 0 | tty_fprintf (fp, _(" Unable to sign.\n")); |
743 | 0 | } |
744 | 0 | } |
745 | |
|
746 | 0 | if (uidnode && (flags & SIGN_UIDS_INTERACTIVE) |
747 | 0 | && !yesreally && !(flags & SIGN_UIDS_QUICK)) |
748 | 0 | { |
749 | 0 | tty_fprintf (fp, |
750 | 0 | _("User ID \"%s\" is signable. "), user); |
751 | 0 | if (!cpr_get_answer_is_yes ("sign_uid.sign_okay", |
752 | 0 | _("Sign it? (y/N) "))) |
753 | 0 | { |
754 | 0 | uidnode->flag &= ~NODFLG_MARK_A; |
755 | 0 | uidnode = NULL; |
756 | 0 | } |
757 | 0 | } |
758 | |
|
759 | 0 | xfree (user); |
760 | 0 | } |
761 | 0 | } |
762 | 0 | else if (uidnode && node->pkt->pkttype == PKT_SIGNATURE |
763 | 0 | && (node->pkt->pkt.signature->sig_class & ~3) == 0x10) |
764 | 0 | { |
765 | 0 | if (sk_keyid[0] == node->pkt->pkt.signature->keyid[0] |
766 | 0 | && sk_keyid[1] == node->pkt->pkt.signature->keyid[1]) |
767 | 0 | { |
768 | 0 | char buf[50]; |
769 | 0 | char *user; |
770 | |
|
771 | 0 | user = utf8_to_native (uidnode->pkt->pkt.user_id->name, |
772 | 0 | uidnode->pkt->pkt.user_id->len, 0); |
773 | | |
774 | | /* It's a v3 self-sig. Make it into a v4 self-sig? */ |
775 | 0 | if (node->pkt->pkt.signature->version < 4 |
776 | 0 | && selfsig && !(flags & SIGN_UIDS_QUICK)) |
777 | 0 | { |
778 | 0 | tty_fprintf (fp, |
779 | 0 | _("The self-signature on \"%s\"\n" |
780 | 0 | "is a PGP 2.x-style signature.\n"), user); |
781 | | |
782 | | /* Note that the regular PGP2 warning below |
783 | | still applies if there are no v4 sigs on |
784 | | this key at all. */ |
785 | |
|
786 | 0 | if (opt.expert) |
787 | 0 | if (cpr_get_answer_is_yes ("sign_uid.v4_promote_okay", |
788 | 0 | _("Do you want to promote " |
789 | 0 | "it to an OpenPGP self-" |
790 | 0 | "signature? (y/N) "))) |
791 | 0 | { |
792 | 0 | node->flag |= NODFLG_DELSIG; |
793 | 0 | xfree (user); |
794 | 0 | continue; |
795 | 0 | } |
796 | 0 | } |
797 | | |
798 | | /* Is the current signature expired? */ |
799 | 0 | if (node->pkt->pkt.signature->flags.expired) |
800 | 0 | { |
801 | 0 | tty_fprintf (fp, _("Your current signature on \"%s\"\n" |
802 | 0 | "has expired.\n"), user); |
803 | |
|
804 | 0 | if ((flags & SIGN_UIDS_QUICK) || cpr_get_answer_is_yes |
805 | 0 | ("sign_uid.replace_expired_okay", |
806 | 0 | _("Do you want to issue a " |
807 | 0 | "new signature to replace " |
808 | 0 | "the expired one? (y/N) "))) |
809 | 0 | { |
810 | | /* Mark these for later deletion. We |
811 | | don't want to delete them here, just in |
812 | | case the replacement signature doesn't |
813 | | happen for some reason. We only delete |
814 | | these after the replacement is already |
815 | | in place. */ |
816 | |
|
817 | 0 | node->flag |= NODFLG_DELSIG; |
818 | 0 | xfree (user); |
819 | 0 | continue; |
820 | 0 | } |
821 | 0 | } |
822 | | |
823 | 0 | if (!node->pkt->pkt.signature->flags.exportable |
824 | 0 | && !(flags & SIGN_UIDS_LOCAL)) |
825 | 0 | { |
826 | | /* It's a local sig, and we want to make a |
827 | | exportable sig. */ |
828 | 0 | tty_fprintf (fp, _("Your current signature on \"%s\"\n" |
829 | 0 | "is a local signature.\n"), user); |
830 | |
|
831 | 0 | if ((flags & SIGN_UIDS_QUICK) || cpr_get_answer_is_yes |
832 | 0 | ("sign_uid.local_promote_okay", |
833 | 0 | _("Do you want to promote " |
834 | 0 | "it to a full exportable " "signature? (y/N) "))) |
835 | 0 | { |
836 | | /* Mark these for later deletion. We |
837 | | don't want to delete them here, just in |
838 | | case the replacement signature doesn't |
839 | | happen for some reason. We only delete |
840 | | these after the replacement is already |
841 | | in place. */ |
842 | |
|
843 | 0 | node->flag |= NODFLG_DELSIG; |
844 | 0 | xfree (user); |
845 | 0 | continue; |
846 | 0 | } |
847 | 0 | } |
848 | | |
849 | | /* Fixme: see whether there is a revocation in which |
850 | | * case we should allow signing it again. */ |
851 | 0 | if (!node->pkt->pkt.signature->flags.exportable |
852 | 0 | && (flags & SIGN_UIDS_LOCAL)) |
853 | 0 | tty_fprintf ( fp, |
854 | 0 | _("\"%s\" was already locally signed by key %s\n"), |
855 | 0 | user, keystr_from_pk (pk)); |
856 | 0 | else |
857 | 0 | tty_fprintf (fp, |
858 | 0 | _("\"%s\" was already signed by key %s\n"), |
859 | 0 | user, keystr_from_pk (pk)); |
860 | |
|
861 | 0 | if (node->pkt->pkt.signature->digest_algo |
862 | 0 | == DIGEST_ALGO_SHA1 |
863 | 0 | && !opt.flags.allow_weak_key_signatures) |
864 | 0 | { |
865 | | /* Allow updating a signature to a stronger |
866 | | * digest algorithm without an extra option. */ |
867 | 0 | xfree (user); |
868 | 0 | continue; |
869 | 0 | } |
870 | 0 | else if (opt.flags.force_sign_key |
871 | 0 | || (opt.expert && !(flags & SIGN_UIDS_QUICK) |
872 | 0 | && cpr_get_answer_is_yes ("sign_uid.dupe_okay", |
873 | 0 | _("Do you want to sign it " |
874 | 0 | "again anyway? (y/N) ")))) |
875 | 0 | { |
876 | | /* Don't delete the old sig here since this is |
877 | | an --expert thing. */ |
878 | 0 | xfree (user); |
879 | 0 | continue; |
880 | 0 | } |
881 | | |
882 | 0 | snprintf (buf, sizeof buf, "%08lX%08lX", |
883 | 0 | (ulong) pk->keyid[0], (ulong) pk->keyid[1]); |
884 | 0 | write_status_text (STATUS_ALREADY_SIGNED, buf); |
885 | 0 | uidnode->flag &= ~NODFLG_MARK_A; /* remove mark */ |
886 | |
|
887 | 0 | xfree (user); |
888 | 0 | } |
889 | 0 | } |
890 | 0 | } |
891 | | |
892 | | /* Check whether any uids are left for signing. */ |
893 | 0 | if (!count_uids_with_flag (keyblock, NODFLG_MARK_A)) |
894 | 0 | { |
895 | 0 | tty_fprintf (fp, _("Nothing to sign with key %s\n"), |
896 | 0 | keystr_from_pk (pk)); |
897 | 0 | continue; |
898 | 0 | } |
899 | | |
900 | | /* Ask whether we really should sign these user id(s). */ |
901 | 0 | tty_fprintf (fp, "\n"); |
902 | 0 | show_key_with_all_names (ctrl, fp, keyblock, 1, 0, 1, 0, 0, 0); |
903 | 0 | tty_fprintf (fp, "\n"); |
904 | |
|
905 | 0 | if (primary_pk->expiredate && !selfsig) |
906 | 0 | { |
907 | | /* Static analyzer note: A claim that PRIMARY_PK might be |
908 | | NULL is not correct because it set from the public key |
909 | | packet which is always the first packet in a keyblock and |
910 | | parsed in the above loop over the keyblock. In case the |
911 | | keyblock has no packets at all and thus the loop was not |
912 | | entered the above count_uids_with_flag would have |
913 | | detected this case. */ |
914 | |
|
915 | 0 | u32 now = make_timestamp (); |
916 | |
|
917 | 0 | if (primary_pk->expiredate <= now) |
918 | 0 | { |
919 | 0 | tty_fprintf (fp, _("This key has expired!")); |
920 | |
|
921 | 0 | if (opt.expert && !(flags & SIGN_UIDS_QUICK)) |
922 | 0 | { |
923 | 0 | tty_fprintf (fp, " "); |
924 | 0 | if (!cpr_get_answer_is_yes ("sign_uid.expired_okay", |
925 | 0 | _("Are you sure you still " |
926 | 0 | "want to sign it? (y/N) "))) |
927 | 0 | continue; |
928 | 0 | } |
929 | 0 | else |
930 | 0 | { |
931 | 0 | tty_fprintf (fp, _(" Unable to sign.\n")); |
932 | 0 | continue; |
933 | 0 | } |
934 | 0 | } |
935 | 0 | else |
936 | 0 | { |
937 | 0 | tty_fprintf (fp, _("This key is due to expire on %s.\n"), |
938 | 0 | expirestr_from_pk (primary_pk)); |
939 | |
|
940 | 0 | if (opt.ask_cert_expire && !(flags & SIGN_UIDS_QUICK)) |
941 | 0 | { |
942 | 0 | char *answer = cpr_get ("sign_uid.expire", |
943 | 0 | _("Do you want your signature to " |
944 | 0 | "expire at the same time? (Y/n) ")); |
945 | 0 | if (answer_is_yes_no_default (answer, 1)) |
946 | 0 | { |
947 | | /* This fixes the signature timestamp we're |
948 | | going to make as now. This is so the |
949 | | expiration date is exactly correct, and not |
950 | | a few seconds off (due to the time it takes |
951 | | to answer the questions, enter the |
952 | | passphrase, etc). */ |
953 | 0 | timestamp = now; |
954 | 0 | duration = primary_pk->expiredate - now; |
955 | 0 | } |
956 | |
|
957 | 0 | cpr_kill_prompt (); |
958 | 0 | xfree (answer); |
959 | 0 | } |
960 | 0 | } |
961 | 0 | } |
962 | | |
963 | | /* Only ask for duration if we haven't already set it to match |
964 | | the expiration of the pk */ |
965 | 0 | if (!duration && !selfsig) |
966 | 0 | { |
967 | 0 | if (opt.ask_cert_expire && !(flags & SIGN_UIDS_QUICK)) |
968 | 0 | duration = ask_expire_interval (1, opt.def_cert_expire); |
969 | 0 | else |
970 | 0 | duration = parse_expire_string (opt.def_cert_expire); |
971 | 0 | } |
972 | |
|
973 | 0 | if (selfsig) |
974 | 0 | ; |
975 | 0 | else |
976 | 0 | { |
977 | 0 | if (opt.batch || !opt.ask_cert_level || (flags & SIGN_UIDS_QUICK)) |
978 | 0 | class = 0x10 + opt.def_cert_level; |
979 | 0 | else |
980 | 0 | { |
981 | 0 | char *answer; |
982 | |
|
983 | 0 | tty_fprintf (fp, |
984 | 0 | _("How carefully have you verified the key you are " |
985 | 0 | "about to sign actually belongs\nto the person " |
986 | 0 | "named above? If you don't know what to " |
987 | 0 | "answer, enter \"0\".\n")); |
988 | 0 | tty_fprintf (fp, "\n"); |
989 | 0 | tty_fprintf (fp, _(" (0) I will not answer.%s\n"), |
990 | 0 | opt.def_cert_level == 0 ? " (default)" : ""); |
991 | 0 | tty_fprintf (fp, _(" (1) I have not checked at all.%s\n"), |
992 | 0 | opt.def_cert_level == 1 ? " (default)" : ""); |
993 | 0 | tty_fprintf (fp, _(" (2) I have done casual checking.%s\n"), |
994 | 0 | opt.def_cert_level == 2 ? " (default)" : ""); |
995 | 0 | tty_fprintf (fp, |
996 | 0 | _(" (3) I have done very careful checking.%s\n"), |
997 | 0 | opt.def_cert_level == 3 ? " (default)" : ""); |
998 | 0 | tty_fprintf (fp, "\n"); |
999 | |
|
1000 | 0 | while (class == 0) |
1001 | 0 | { |
1002 | 0 | answer = cpr_get ("sign_uid.class", |
1003 | 0 | _("Your selection? " |
1004 | 0 | "(enter '?' for more information): ")); |
1005 | 0 | if (answer[0] == '\0') |
1006 | 0 | class = 0x10 + opt.def_cert_level; /* Default */ |
1007 | 0 | else if (ascii_strcasecmp (answer, "0") == 0) |
1008 | 0 | class = 0x10; /* Generic */ |
1009 | 0 | else if (ascii_strcasecmp (answer, "1") == 0) |
1010 | 0 | class = 0x11; /* Persona */ |
1011 | 0 | else if (ascii_strcasecmp (answer, "2") == 0) |
1012 | 0 | class = 0x12; /* Casual */ |
1013 | 0 | else if (ascii_strcasecmp (answer, "3") == 0) |
1014 | 0 | class = 0x13; /* Positive */ |
1015 | 0 | else |
1016 | 0 | tty_fprintf (fp, _("Invalid selection.\n")); |
1017 | |
|
1018 | 0 | xfree (answer); |
1019 | 0 | } |
1020 | 0 | } |
1021 | |
|
1022 | 0 | if ((flags & SIGN_UIDS_TRUSTSIG)) |
1023 | 0 | { |
1024 | 0 | xfree (trust_regexp); |
1025 | 0 | trust_regexp = NULL; |
1026 | 0 | if ((flags & SIGN_UIDS_QUICK)) |
1027 | 0 | { |
1028 | 0 | rc = parse_trustsig_string (trustsigstr, &trust_value, |
1029 | 0 | &trust_depth, &trust_regexp); |
1030 | 0 | if (rc) |
1031 | 0 | goto leave; |
1032 | 0 | } |
1033 | 0 | else |
1034 | 0 | trustsig_prompt (&trust_value, &trust_depth, &trust_regexp); |
1035 | 0 | } |
1036 | 0 | } |
1037 | | |
1038 | 0 | if (!(flags & SIGN_UIDS_QUICK)) |
1039 | 0 | { |
1040 | 0 | p = get_user_id_native (ctrl, sk_keyid); |
1041 | 0 | tty_fprintf (fp, |
1042 | 0 | _("Are you sure that you want to sign this key with your\n" |
1043 | 0 | "key \"%s\" (%s)\n"), p, keystr_from_pk (pk)); |
1044 | 0 | xfree (p); |
1045 | 0 | } |
1046 | |
|
1047 | 0 | if (selfsig) |
1048 | 0 | { |
1049 | 0 | tty_fprintf (fp, "\n"); |
1050 | 0 | tty_fprintf (fp, _("This will be a self-signature.\n")); |
1051 | |
|
1052 | 0 | if ((flags & SIGN_UIDS_LOCAL)) |
1053 | 0 | { |
1054 | 0 | tty_fprintf (fp, "\n"); |
1055 | 0 | tty_fprintf (fp, _("WARNING: the signature will not be marked " |
1056 | 0 | "as non-exportable.\n")); |
1057 | 0 | } |
1058 | |
|
1059 | 0 | if ((flags & SIGN_UIDS_NONREVOCABLE)) |
1060 | 0 | { |
1061 | 0 | tty_fprintf (fp, "\n"); |
1062 | 0 | tty_fprintf (fp, _("WARNING: the signature will not be marked " |
1063 | 0 | "as non-revocable.\n")); |
1064 | 0 | } |
1065 | 0 | } |
1066 | 0 | else |
1067 | 0 | { |
1068 | 0 | if ((flags & SIGN_UIDS_LOCAL)) |
1069 | 0 | { |
1070 | 0 | tty_fprintf (fp, "\n"); |
1071 | 0 | tty_fprintf (fp, |
1072 | 0 | _("The signature will be marked as non-exportable.\n")); |
1073 | 0 | } |
1074 | |
|
1075 | 0 | if ((flags & SIGN_UIDS_NONREVOCABLE)) |
1076 | 0 | { |
1077 | 0 | tty_fprintf (fp, "\n"); |
1078 | 0 | tty_fprintf (fp, |
1079 | 0 | _("The signature will be marked as non-revocable.\n")); |
1080 | 0 | } |
1081 | |
|
1082 | 0 | switch (class) |
1083 | 0 | { |
1084 | 0 | case 0x11: |
1085 | 0 | tty_fprintf (fp, "\n"); |
1086 | 0 | tty_fprintf (fp, _("I have not checked this key at all.\n")); |
1087 | 0 | break; |
1088 | | |
1089 | 0 | case 0x12: |
1090 | 0 | tty_fprintf (fp, "\n"); |
1091 | 0 | tty_fprintf (fp, _("I have checked this key casually.\n")); |
1092 | 0 | break; |
1093 | | |
1094 | 0 | case 0x13: |
1095 | 0 | tty_fprintf (fp, "\n"); |
1096 | 0 | tty_fprintf (fp, _("I have checked this key very carefully.\n")); |
1097 | 0 | break; |
1098 | 0 | } |
1099 | 0 | } |
1100 | | |
1101 | 0 | tty_fprintf (fp, "\n"); |
1102 | |
|
1103 | 0 | if (opt.batch && opt.answer_yes) |
1104 | 0 | ; |
1105 | 0 | else if ((flags & SIGN_UIDS_QUICK)) |
1106 | 0 | ; |
1107 | 0 | else if (!cpr_get_answer_is_yes ("sign_uid.okay", |
1108 | 0 | _("Really sign? (y/N) "))) |
1109 | 0 | continue; |
1110 | | |
1111 | | /* Now we can sign the user ids. */ |
1112 | 0 | reloop: /* (Must use this, because we are modifying the list.) */ |
1113 | 0 | primary_pk = NULL; |
1114 | 0 | for (node = keyblock; node; node = node->next) |
1115 | 0 | { |
1116 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_KEY) |
1117 | 0 | primary_pk = node->pkt->pkt.public_key; |
1118 | 0 | else if (node->pkt->pkttype == PKT_USER_ID |
1119 | 0 | && (node->flag & NODFLG_MARK_A)) |
1120 | 0 | { |
1121 | 0 | PACKET *pkt; |
1122 | 0 | PKT_signature *sig; |
1123 | 0 | struct sign_attrib attrib; |
1124 | |
|
1125 | 0 | log_assert (primary_pk); |
1126 | 0 | memset (&attrib, 0, sizeof attrib); |
1127 | 0 | attrib.non_exportable = !!(flags & SIGN_UIDS_LOCAL); |
1128 | 0 | attrib.non_revocable = !!(flags & SIGN_UIDS_NONREVOCABLE); |
1129 | 0 | attrib.trust_depth = trust_depth; |
1130 | 0 | attrib.trust_value = trust_value; |
1131 | 0 | attrib.trust_regexp = trust_regexp; |
1132 | 0 | node->flag &= ~NODFLG_MARK_A; |
1133 | | |
1134 | | /* We force creation of a v4 signature for local |
1135 | | * signatures, otherwise we would not generate the |
1136 | | * subpacket with v3 keys and the signature becomes |
1137 | | * exportable. */ |
1138 | |
|
1139 | 0 | if (selfsig) |
1140 | 0 | rc = make_keysig_packet (ctrl, &sig, primary_pk, |
1141 | 0 | node->pkt->pkt.user_id, |
1142 | 0 | NULL, |
1143 | 0 | pk, |
1144 | 0 | 0x13, |
1145 | 0 | 0, 0, |
1146 | 0 | keygen_add_std_prefs, primary_pk, |
1147 | 0 | NULL); |
1148 | 0 | else |
1149 | 0 | rc = make_keysig_packet (ctrl, &sig, primary_pk, |
1150 | 0 | node->pkt->pkt.user_id, |
1151 | 0 | NULL, |
1152 | 0 | pk, |
1153 | 0 | class, |
1154 | 0 | timestamp, duration, |
1155 | 0 | sign_mk_attrib, &attrib, |
1156 | 0 | NULL); |
1157 | 0 | if (rc) |
1158 | 0 | { |
1159 | 0 | write_status_error ("keysig", rc); |
1160 | 0 | log_error (_("signing failed: %s\n"), gpg_strerror (rc)); |
1161 | 0 | goto leave; |
1162 | 0 | } |
1163 | | |
1164 | 0 | *ret_modified = 1; /* We changed the keyblock. */ |
1165 | 0 | update_trust = 1; |
1166 | |
|
1167 | 0 | pkt = xmalloc_clear (sizeof *pkt); |
1168 | 0 | pkt->pkttype = PKT_SIGNATURE; |
1169 | 0 | pkt->pkt.signature = sig; |
1170 | 0 | insert_kbnode (node, new_kbnode (pkt), PKT_SIGNATURE); |
1171 | 0 | goto reloop; |
1172 | 0 | } |
1173 | 0 | } |
1174 | | |
1175 | | /* Delete any sigs that got promoted */ |
1176 | 0 | for (node = keyblock; node; node = node->next) |
1177 | 0 | if (node->flag & NODFLG_DELSIG) |
1178 | 0 | delete_kbnode (node); |
1179 | 0 | } /* End loop over signators. */ |
1180 | | |
1181 | 0 | leave: |
1182 | 0 | xfree (trust_regexp); |
1183 | 0 | trust_regexp = NULL; |
1184 | 0 | release_sk_list (sk_list); |
1185 | 0 | return rc; |
1186 | 0 | } |
1187 | | |
1188 | | |
1189 | | /* |
1190 | | * Change the passphrase of the primary and all secondary keys. Note |
1191 | | * that it is common to use only one passphrase for the primary and |
1192 | | * all subkeys. However, this is now (since GnuPG 2.1) all up to the |
1193 | | * gpg-agent. Returns 0 on success or an error code. |
1194 | | */ |
1195 | | static gpg_error_t |
1196 | | change_passphrase (ctrl_t ctrl, kbnode_t keyblock) |
1197 | 0 | { |
1198 | 0 | gpg_error_t err; |
1199 | 0 | kbnode_t node; |
1200 | 0 | PKT_public_key *pk; |
1201 | 0 | int any; |
1202 | 0 | u32 keyid[2], subid[2]; |
1203 | 0 | char *hexgrip = NULL; |
1204 | 0 | const char *hexgrip2; |
1205 | 0 | char *cache_nonce = NULL; |
1206 | 0 | char *passwd_nonce = NULL; |
1207 | |
|
1208 | 0 | node = find_kbnode (keyblock, PKT_PUBLIC_KEY); |
1209 | 0 | if (!node) |
1210 | 0 | { |
1211 | 0 | log_error ("Oops; public key missing!\n"); |
1212 | 0 | err = gpg_error (GPG_ERR_INTERNAL); |
1213 | 0 | goto leave; |
1214 | 0 | } |
1215 | 0 | pk = node->pkt->pkt.public_key; |
1216 | 0 | keyid_from_pk (pk, keyid); |
1217 | | |
1218 | | /* Check whether it is likely that we will be able to change the |
1219 | | passphrase for any subkey. */ |
1220 | 0 | for (any = 0, node = keyblock; node; node = node->next) |
1221 | 0 | { |
1222 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_KEY |
1223 | 0 | || node->pkt->pkttype == PKT_PUBLIC_SUBKEY) |
1224 | 0 | { |
1225 | 0 | char *serialno; |
1226 | |
|
1227 | 0 | pk = node->pkt->pkt.public_key; |
1228 | 0 | keyid_from_pk (pk, subid); |
1229 | |
|
1230 | 0 | xfree (hexgrip); |
1231 | 0 | err = hexkeygrip_from_pk (pk, &hexgrip); |
1232 | 0 | if (err) |
1233 | 0 | goto leave; |
1234 | 0 | err = agent_get_keyinfo (ctrl, hexgrip, &serialno, NULL); |
1235 | 0 | if (!err && serialno) |
1236 | 0 | ; /* Key on card. */ |
1237 | 0 | else if (gpg_err_code (err) == GPG_ERR_NOT_FOUND) |
1238 | 0 | ; /* Maybe stub key. */ |
1239 | 0 | else if (!err) |
1240 | 0 | any = 1; /* Key is known. */ |
1241 | 0 | else |
1242 | 0 | log_error ("key %s: error getting keyinfo from agent: %s\n", |
1243 | 0 | keystr_with_sub (keyid, subid), gpg_strerror (err)); |
1244 | 0 | xfree (serialno); |
1245 | 0 | } |
1246 | 0 | } |
1247 | 0 | err = 0; |
1248 | 0 | if (!any) |
1249 | 0 | { |
1250 | 0 | tty_printf (_("Key has only stub or on-card key items - " |
1251 | 0 | "no passphrase to change.\n")); |
1252 | 0 | goto leave; |
1253 | 0 | } |
1254 | | |
1255 | | /* Change the passphrase for all keys. */ |
1256 | 0 | for (node = keyblock; node; node = node->next) |
1257 | 0 | { |
1258 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_KEY |
1259 | 0 | || node->pkt->pkttype == PKT_PUBLIC_SUBKEY) |
1260 | 0 | { |
1261 | 0 | char *desc, *p; |
1262 | |
|
1263 | 0 | pk = node->pkt->pkt.public_key; |
1264 | 0 | keyid_from_pk (pk, subid); |
1265 | |
|
1266 | 0 | xfree (hexgrip); |
1267 | 0 | err = hexkeygrip_from_pk (pk, &hexgrip); |
1268 | 0 | if (err) |
1269 | 0 | goto leave; |
1270 | 0 | if ((p=strchr (hexgrip, ','))) |
1271 | 0 | { |
1272 | 0 | *p++ = 0; |
1273 | 0 | hexgrip2 = p; |
1274 | 0 | } |
1275 | 0 | else |
1276 | 0 | hexgrip2 = NULL; |
1277 | | |
1278 | | /* Note that when using --dry-run we don't change the |
1279 | | * passphrase but merely verify the current passphrase. */ |
1280 | 0 | desc = gpg_format_keydesc (ctrl, pk, FORMAT_KEYDESC_NORMAL, 1); |
1281 | 0 | err = agent_passwd (ctrl, hexgrip, desc, !!opt.dry_run, |
1282 | 0 | &cache_nonce, &passwd_nonce); |
1283 | 0 | if (!err && hexgrip2) |
1284 | 0 | err = agent_passwd (ctrl, hexgrip2, desc, !!opt.dry_run, |
1285 | 0 | &cache_nonce, &passwd_nonce); |
1286 | 0 | xfree (desc); |
1287 | |
|
1288 | 0 | if (err) |
1289 | 0 | log_log ((gpg_err_code (err) == GPG_ERR_CANCELED |
1290 | 0 | || gpg_err_code (err) == GPG_ERR_FULLY_CANCELED) |
1291 | 0 | ? GPGRT_LOGLVL_INFO : GPGRT_LOGLVL_ERROR, |
1292 | 0 | _("key %s: error changing passphrase: %s\n"), |
1293 | 0 | keystr_with_sub (keyid, subid), |
1294 | 0 | gpg_strerror (err)); |
1295 | 0 | if (gpg_err_code (err) == GPG_ERR_FULLY_CANCELED) |
1296 | 0 | break; |
1297 | 0 | } |
1298 | 0 | } |
1299 | | |
1300 | 0 | leave: |
1301 | 0 | xfree (hexgrip); |
1302 | 0 | xfree (cache_nonce); |
1303 | 0 | xfree (passwd_nonce); |
1304 | 0 | return err; |
1305 | 0 | } |
1306 | | |
1307 | | |
1308 | | � |
1309 | | /* Fix various problems in the keyblock. Returns true if the keyblock |
1310 | | was changed. Note that a pointer to the keyblock must be given and |
1311 | | the function may change it (i.e. replacing the first node). */ |
1312 | | static int |
1313 | | fix_keyblock (ctrl_t ctrl, kbnode_t *keyblockp) |
1314 | 0 | { |
1315 | 0 | int changed = 0; |
1316 | |
|
1317 | 0 | if (collapse_uids (keyblockp)) |
1318 | 0 | changed++; |
1319 | 0 | if (collapse_subkeys (keyblockp)) |
1320 | 0 | changed++; |
1321 | 0 | if (key_check_all_keysigs (ctrl, 1, *keyblockp, 0, 1)) |
1322 | 0 | changed++; |
1323 | 0 | reorder_keyblock (*keyblockp); |
1324 | | /* If we modified the keyblock, make sure the flags are right. */ |
1325 | 0 | if (changed) |
1326 | 0 | merge_keys_and_selfsig (ctrl, *keyblockp); |
1327 | |
|
1328 | 0 | return changed; |
1329 | 0 | } |
1330 | | |
1331 | | |
1332 | | /* Helper to parse the prefix of the sign command STR and set the |
1333 | | * respective bits in R_FLAGS. Returns false on error. */ |
1334 | | static int |
1335 | | parse_sign_type (const char *str, unsigned int *r_flags) |
1336 | 0 | { |
1337 | 0 | const char *p = str; |
1338 | |
|
1339 | 0 | while (*p) |
1340 | 0 | { |
1341 | 0 | if (ascii_strncasecmp (p, "l", 1) == 0) |
1342 | 0 | { |
1343 | 0 | *r_flags |= SIGN_UIDS_LOCAL; |
1344 | 0 | p++; |
1345 | 0 | } |
1346 | 0 | else if (ascii_strncasecmp (p, "nr", 2) == 0) |
1347 | 0 | { |
1348 | 0 | *r_flags |= SIGN_UIDS_NONREVOCABLE; |
1349 | 0 | p += 2; |
1350 | 0 | } |
1351 | 0 | else if (ascii_strncasecmp (p, "t", 1) == 0) |
1352 | 0 | { |
1353 | 0 | *r_flags |= SIGN_UIDS_TRUSTSIG; |
1354 | 0 | p++; |
1355 | 0 | } |
1356 | 0 | else |
1357 | 0 | return 0; |
1358 | 0 | } |
1359 | | |
1360 | 0 | return 1; |
1361 | 0 | } |
1362 | | |
1363 | | |
1364 | | � |
1365 | | /* |
1366 | | * Menu driven key editor. If seckey_check is true, then a secret key |
1367 | | * that matches username will be looked for. If it is false, not all |
1368 | | * commands will be available. |
1369 | | * |
1370 | | * Note: to keep track of certain selections we use node->mark MARKBIT_xxxx. |
1371 | | */ |
1372 | | |
1373 | | /* Need an SK for this command */ |
1374 | 0 | #define KEYEDIT_NEED_SK 1 |
1375 | | /* Need an SUB KEY for this command */ |
1376 | 0 | #define KEYEDIT_NEED_SUBSK 2 |
1377 | | /* Match the tail of the string */ |
1378 | 0 | #define KEYEDIT_TAIL_MATCH 8 |
1379 | | |
1380 | | enum cmdids |
1381 | | { |
1382 | | cmdNONE = 0, |
1383 | | cmdQUIT, cmdHELP, cmdFPR, cmdLIST, cmdSELUID, cmdCHECK, cmdSIGN, |
1384 | | cmdREVSIG, cmdREVKEY, cmdREVUID, cmdDELSIG, cmdPRIMARY, cmdDEBUG, |
1385 | | cmdSAVE, cmdADDUID, cmdADDPHOTO, cmdDELUID, cmdADDKEY, cmdDELKEY, |
1386 | | cmdADDREVOKER, cmdTOGGLE, cmdSELKEY, cmdPASSWD, cmdTRUST, cmdPREF, |
1387 | | cmdEXPIRE, cmdCHANGEUSAGE, cmdBACKSIGN, cmdADDADSK, |
1388 | | #ifndef NO_TRUST_MODELS |
1389 | | cmdENABLEKEY, cmdDISABLEKEY, |
1390 | | #endif /*!NO_TRUST_MODELS*/ |
1391 | | cmdSHOWPREF, |
1392 | | cmdSETPREF, cmdPREFKS, cmdNOTATION, cmdINVCMD, cmdSHOWPHOTO, cmdUPDTRUST, |
1393 | | cmdCHKTRUST, cmdADDCARDKEY, cmdKEYTOCARD, cmdKEYTOTPM, cmdBKUPTOCARD, |
1394 | | cmdCLEAN, cmdMINIMIZE, cmdGRIP, cmdNOP |
1395 | | }; |
1396 | | |
1397 | | static struct |
1398 | | { |
1399 | | const char *name; |
1400 | | enum cmdids id; |
1401 | | int flags; |
1402 | | const char *desc; |
1403 | | } cmds[] = |
1404 | | { |
1405 | | { "quit", cmdQUIT, 0, N_("quit this menu")}, |
1406 | | { "q", cmdQUIT, 0, NULL}, |
1407 | | { "save", cmdSAVE, 0, N_("save and quit")}, |
1408 | | { "help", cmdHELP, 0, N_("show this help")}, |
1409 | | { "?", cmdHELP, 0, NULL}, |
1410 | | { "fpr", cmdFPR, 0, N_("show key fingerprint")}, |
1411 | | { "grip", cmdGRIP, 0, N_("show the keygrip")}, |
1412 | | { "list", cmdLIST, 0, N_("list key and user IDs")}, |
1413 | | { "l", cmdLIST, 0, NULL}, |
1414 | | { "uid", cmdSELUID, 0, N_("select user ID N")}, |
1415 | | { "key", cmdSELKEY, 0, N_("select subkey N")}, |
1416 | | { "check", cmdCHECK, 0, N_("check signatures")}, |
1417 | | { "c", cmdCHECK, 0, NULL}, |
1418 | | { "change-usage", cmdCHANGEUSAGE, KEYEDIT_NEED_SK, NULL}, |
1419 | | { "cross-certify", cmdBACKSIGN, KEYEDIT_NEED_SK, NULL}, |
1420 | | { "backsign", cmdBACKSIGN, KEYEDIT_NEED_SK, NULL}, |
1421 | | { "sign", cmdSIGN, KEYEDIT_TAIL_MATCH, |
1422 | | N_("sign selected user IDs [* see below for related commands]")}, |
1423 | | { "s", cmdSIGN, 0, NULL}, |
1424 | | /* "lsign" and friends will never match since "sign" comes first |
1425 | | and it is a tail match. They are just here so they show up in |
1426 | | the help menu. */ |
1427 | | { "lsign", cmdNOP, 0, N_("sign selected user IDs locally")}, |
1428 | | { "tsign", cmdNOP, 0, N_("sign selected user IDs with a trust signature")}, |
1429 | | { "nrsign", cmdNOP, 0, |
1430 | | N_("sign selected user IDs with a non-revocable signature")}, |
1431 | | { "debug", cmdDEBUG, 0, NULL}, |
1432 | | { "adduid", cmdADDUID, KEYEDIT_NEED_SK, N_("add a user ID")}, |
1433 | | { "addphoto", cmdADDPHOTO, KEYEDIT_NEED_SK, |
1434 | | N_("add a photo ID")}, |
1435 | | { "deluid", cmdDELUID, 0, N_("delete selected user IDs")}, |
1436 | | /* delphoto is really deluid in disguise */ |
1437 | | { "delphoto", cmdDELUID, 0, NULL}, |
1438 | | { "addkey", cmdADDKEY, KEYEDIT_NEED_SK, N_("add a subkey")}, |
1439 | | #ifdef ENABLE_CARD_SUPPORT |
1440 | | { "addcardkey", cmdADDCARDKEY, KEYEDIT_NEED_SK, |
1441 | | N_("add a key to a smartcard")}, |
1442 | | { "keytocard", cmdKEYTOCARD, KEYEDIT_NEED_SK | KEYEDIT_NEED_SUBSK, |
1443 | | N_("move a key to a smartcard")}, |
1444 | | { "keytotpm", cmdKEYTOTPM, KEYEDIT_NEED_SK | KEYEDIT_NEED_SUBSK, |
1445 | | N_("convert a key to TPM form using the local TPM")}, |
1446 | | { "bkuptocard", cmdBKUPTOCARD, KEYEDIT_NEED_SK | KEYEDIT_NEED_SUBSK, |
1447 | | N_("move a backup key to a smartcard")}, |
1448 | | #endif /*ENABLE_CARD_SUPPORT */ |
1449 | | { "delkey", cmdDELKEY, 0, N_("delete selected subkeys")}, |
1450 | | { "addrevoker", cmdADDREVOKER, KEYEDIT_NEED_SK, |
1451 | | N_("add a revocation key")}, |
1452 | | { "addadsk", cmdADDADSK, KEYEDIT_NEED_SK, |
1453 | | N_("add an additional decryption subkey")}, |
1454 | | { "delsig", cmdDELSIG, 0, |
1455 | | N_("delete signatures from the selected user IDs")}, |
1456 | | { "expire", cmdEXPIRE, KEYEDIT_NEED_SK | KEYEDIT_NEED_SUBSK, |
1457 | | N_("change the expiration date for the key or selected subkeys")}, |
1458 | | { "primary", cmdPRIMARY, KEYEDIT_NEED_SK, |
1459 | | N_("flag the selected user ID as primary")}, |
1460 | | { "toggle", cmdTOGGLE, KEYEDIT_NEED_SK, NULL}, /* Dummy command. */ |
1461 | | { "t", cmdTOGGLE, KEYEDIT_NEED_SK, NULL}, |
1462 | | { "pref", cmdPREF, 0, N_("list preferences (expert)")}, |
1463 | | { "showpref", cmdSHOWPREF, 0, N_("list preferences (verbose)")}, |
1464 | | { "setpref", cmdSETPREF, KEYEDIT_NEED_SK, |
1465 | | N_("set preference list for the selected user IDs")}, |
1466 | | { "updpref", cmdSETPREF, KEYEDIT_NEED_SK, NULL}, |
1467 | | { "keyserver", cmdPREFKS, KEYEDIT_NEED_SK, |
1468 | | N_("set the preferred keyserver URL for the selected user IDs")}, |
1469 | | { "notation", cmdNOTATION, KEYEDIT_NEED_SK, |
1470 | | N_("set a notation for the selected user IDs")}, |
1471 | | { "passwd", cmdPASSWD, KEYEDIT_NEED_SK | KEYEDIT_NEED_SUBSK, |
1472 | | N_("change the passphrase")}, |
1473 | | { "password", cmdPASSWD, KEYEDIT_NEED_SK | KEYEDIT_NEED_SUBSK, NULL}, |
1474 | | #ifndef NO_TRUST_MODELS |
1475 | | { "trust", cmdTRUST, 0, N_("change the ownertrust")}, |
1476 | | #endif /*!NO_TRUST_MODELS*/ |
1477 | | { "revsig", cmdREVSIG, 0, |
1478 | | N_("revoke signatures on the selected user IDs")}, |
1479 | | { "revuid", cmdREVUID, KEYEDIT_NEED_SK, |
1480 | | N_("revoke selected user IDs")}, |
1481 | | { "revphoto", cmdREVUID, KEYEDIT_NEED_SK, NULL}, |
1482 | | { "revkey", cmdREVKEY, KEYEDIT_NEED_SK, |
1483 | | N_("revoke key or selected subkeys")}, |
1484 | | #ifndef NO_TRUST_MODELS |
1485 | | { "enable", cmdENABLEKEY, 0, N_("enable key")}, |
1486 | | { "disable", cmdDISABLEKEY, 0, N_("disable key")}, |
1487 | | #endif /*!NO_TRUST_MODELS*/ |
1488 | | { "showphoto", cmdSHOWPHOTO, 0, N_("show selected photo IDs")}, |
1489 | | { "clean", cmdCLEAN, 0, |
1490 | | N_("compact unusable user IDs and remove unusable signatures from key")}, |
1491 | | { "minimize", cmdMINIMIZE, 0, |
1492 | | N_("compact unusable user IDs and remove all signatures from key")}, |
1493 | | |
1494 | | { NULL, cmdNONE, 0, NULL} |
1495 | | }; |
1496 | | |
1497 | | |
1498 | | � |
1499 | | #ifdef HAVE_LIBREADLINE |
1500 | | |
1501 | | /* |
1502 | | These two functions are used by readline for command completion. |
1503 | | */ |
1504 | | |
1505 | | static char * |
1506 | | command_generator (const char *text, int state) |
1507 | | { |
1508 | | static int list_index, len; |
1509 | | const char *name; |
1510 | | |
1511 | | /* If this is a new word to complete, initialize now. This includes |
1512 | | saving the length of TEXT for efficiency, and initializing the |
1513 | | index variable to 0. */ |
1514 | | if (!state) |
1515 | | { |
1516 | | list_index = 0; |
1517 | | len = strlen (text); |
1518 | | } |
1519 | | |
1520 | | /* Return the next partial match */ |
1521 | | while ((name = cmds[list_index].name)) |
1522 | | { |
1523 | | /* Only complete commands that have help text */ |
1524 | | if (cmds[list_index++].desc && strncmp (name, text, len) == 0) |
1525 | | return strdup (name); |
1526 | | } |
1527 | | |
1528 | | return NULL; |
1529 | | } |
1530 | | |
1531 | | static char ** |
1532 | | keyedit_completion (const char *text, int start, int end) |
1533 | | { |
1534 | | /* If we are at the start of a line, we try and command-complete. |
1535 | | If not, just do nothing for now. */ |
1536 | | |
1537 | | (void) end; |
1538 | | |
1539 | | if (start == 0) |
1540 | | return rl_completion_matches (text, command_generator); |
1541 | | |
1542 | | rl_attempted_completion_over = 1; |
1543 | | |
1544 | | return NULL; |
1545 | | } |
1546 | | #endif /* HAVE_LIBREADLINE */ |
1547 | | |
1548 | | |
1549 | | � |
1550 | | /* Main function of the menu driven key editor. */ |
1551 | | void |
1552 | | keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, |
1553 | | strlist_t commands, int quiet, int seckey_check) |
1554 | 0 | { |
1555 | 0 | enum cmdids cmd = 0; |
1556 | 0 | gpg_error_t err = 0; |
1557 | 0 | KBNODE keyblock = NULL; |
1558 | 0 | KEYDB_HANDLE kdbhd = NULL; |
1559 | 0 | int have_seckey = 0; |
1560 | 0 | int have_anyseckey = 0; |
1561 | 0 | char *answer = NULL; |
1562 | 0 | int redisplay = 1; |
1563 | 0 | int modified = 0; |
1564 | 0 | int upload = 0; /* Set if the key maybe be uploaded. */ |
1565 | 0 | int sec_shadowing = 0; |
1566 | 0 | int run_subkey_warnings = 0; |
1567 | 0 | int have_commands = !!commands; |
1568 | 0 | strlist_t delseckey_list = NULL; |
1569 | 0 | int delseckey_list_warn = 0; |
1570 | |
|
1571 | 0 | if (opt.command_fd != -1) |
1572 | 0 | ; |
1573 | 0 | else if (opt.batch && !have_commands) |
1574 | 0 | { |
1575 | 0 | log_error (_("can't do this in batch mode\n")); |
1576 | 0 | goto leave; |
1577 | 0 | } |
1578 | | |
1579 | | #ifdef HAVE_W32_SYSTEM |
1580 | | /* Due to Windows peculiarities we need to make sure that the |
1581 | | trustdb stale check is done before we open another file |
1582 | | (i.e. by searching for a key). In theory we could make sure |
1583 | | that the files are closed after use but the open/close caches |
1584 | | inhibits that and flushing the cache right before the stale |
1585 | | check is not easy to implement. Thus we take the easy way out |
1586 | | and run the stale check as early as possible. Note, that for |
1587 | | non- W32 platforms it is run indirectly through a call to |
1588 | | get_validity (). */ |
1589 | | check_trustdb_stale (ctrl); |
1590 | | #endif |
1591 | | |
1592 | | /* Get the public key */ |
1593 | 0 | err = get_pubkey_byname (ctrl, GET_PUBKEY_NO_AKL, |
1594 | 0 | NULL, NULL, username, &keyblock, &kdbhd, 1); |
1595 | 0 | if (err) |
1596 | 0 | { |
1597 | 0 | log_error (_("key \"%s\" not found: %s\n"), username, gpg_strerror (err)); |
1598 | 0 | goto leave; |
1599 | 0 | } |
1600 | | |
1601 | 0 | if (fix_keyblock (ctrl, &keyblock)) |
1602 | 0 | modified++; |
1603 | | |
1604 | | /* See whether we have a matching secret key. */ |
1605 | 0 | if (seckey_check) |
1606 | 0 | { |
1607 | 0 | have_anyseckey = !agent_probe_any_secret_key (ctrl, keyblock); |
1608 | 0 | if (have_anyseckey |
1609 | 0 | && agent_probe_secret_key (ctrl, keyblock->pkt->pkt.public_key)) |
1610 | 0 | { |
1611 | | /* The primary key is also available. */ |
1612 | 0 | have_seckey = 1; |
1613 | 0 | } |
1614 | |
|
1615 | 0 | if (have_seckey && !quiet) |
1616 | 0 | tty_printf (_("Secret key is available.\n")); |
1617 | 0 | else if (have_anyseckey && !quiet) |
1618 | 0 | tty_printf (_("Secret subkeys are available.\n")); |
1619 | 0 | } |
1620 | | |
1621 | | /* Main command loop. */ |
1622 | 0 | for (;;) |
1623 | 0 | { |
1624 | 0 | int i, arg_number, photo; |
1625 | 0 | const char *arg_string = ""; |
1626 | 0 | char *p; |
1627 | 0 | PKT_public_key *pk = keyblock->pkt->pkt.public_key; |
1628 | |
|
1629 | 0 | tty_printf ("\n"); |
1630 | |
|
1631 | 0 | if (redisplay && !quiet) |
1632 | 0 | { |
1633 | | /* Show using flags: with_revoker, with_subkeys. */ |
1634 | 0 | show_key_with_all_names (ctrl, NULL, keyblock, 0, 1, 0, 1, 0, 0); |
1635 | 0 | tty_printf ("\n"); |
1636 | 0 | redisplay = 0; |
1637 | 0 | } |
1638 | |
|
1639 | 0 | if (run_subkey_warnings) |
1640 | 0 | { |
1641 | 0 | run_subkey_warnings = 0; |
1642 | 0 | if (!count_selected_keys (keyblock)) |
1643 | 0 | subkey_expire_warning (keyblock); |
1644 | 0 | no_usable_encr_subkeys_warning (keyblock); |
1645 | 0 | } |
1646 | |
|
1647 | 0 | if (delseckey_list_warn) |
1648 | 0 | { |
1649 | 0 | delseckey_list_warn = 0; |
1650 | 0 | tty_printf |
1651 | 0 | (_("Note: the local copy of the secret key" |
1652 | 0 | " will only be deleted with \"save\".\n")); |
1653 | 0 | } |
1654 | |
|
1655 | 0 | do |
1656 | 0 | { |
1657 | 0 | xfree (answer); |
1658 | 0 | if (have_commands) |
1659 | 0 | { |
1660 | 0 | if (commands) |
1661 | 0 | { |
1662 | 0 | answer = xstrdup (commands->d); |
1663 | 0 | commands = commands->next; |
1664 | 0 | } |
1665 | 0 | else if (opt.batch) |
1666 | 0 | { |
1667 | 0 | answer = xstrdup ("quit"); |
1668 | 0 | } |
1669 | 0 | else |
1670 | 0 | have_commands = 0; |
1671 | 0 | } |
1672 | 0 | if (!have_commands) |
1673 | 0 | { |
1674 | | #ifdef HAVE_LIBREADLINE |
1675 | | tty_enable_completion (keyedit_completion); |
1676 | | #endif |
1677 | 0 | answer = cpr_get_no_help ("keyedit.prompt", GPG_NAME "> "); |
1678 | 0 | cpr_kill_prompt (); |
1679 | 0 | tty_disable_completion (); |
1680 | 0 | } |
1681 | 0 | trim_spaces (answer); |
1682 | 0 | } |
1683 | 0 | while (*answer == '#'); |
1684 | |
|
1685 | 0 | arg_number = 0; /* Here is the init which egcc complains about. */ |
1686 | 0 | photo = 0; /* Same here. */ |
1687 | 0 | if (!*answer) |
1688 | 0 | cmd = cmdLIST; |
1689 | 0 | else if (*answer == CONTROL_D) |
1690 | 0 | cmd = cmdQUIT; |
1691 | 0 | else if (digitp (answer)) |
1692 | 0 | { |
1693 | 0 | cmd = cmdSELUID; |
1694 | 0 | arg_number = atoi (answer); |
1695 | 0 | } |
1696 | 0 | else |
1697 | 0 | { |
1698 | 0 | if ((p = strchr (answer, ' '))) |
1699 | 0 | { |
1700 | 0 | *p++ = 0; |
1701 | 0 | trim_spaces (answer); |
1702 | 0 | trim_spaces (p); |
1703 | 0 | arg_number = atoi (p); |
1704 | 0 | arg_string = p; |
1705 | 0 | } |
1706 | |
|
1707 | 0 | for (i = 0; cmds[i].name; i++) |
1708 | 0 | { |
1709 | 0 | if (cmds[i].flags & KEYEDIT_TAIL_MATCH) |
1710 | 0 | { |
1711 | 0 | size_t l = strlen (cmds[i].name); |
1712 | 0 | size_t a = strlen (answer); |
1713 | 0 | if (a >= l) |
1714 | 0 | { |
1715 | 0 | if (!ascii_strcasecmp (&answer[a - l], cmds[i].name)) |
1716 | 0 | { |
1717 | 0 | answer[a - l] = '\0'; |
1718 | 0 | break; |
1719 | 0 | } |
1720 | 0 | } |
1721 | 0 | } |
1722 | 0 | else if (!ascii_strcasecmp (answer, cmds[i].name)) |
1723 | 0 | break; |
1724 | 0 | } |
1725 | 0 | if ((cmds[i].flags & (KEYEDIT_NEED_SK|KEYEDIT_NEED_SUBSK)) |
1726 | 0 | && !(((cmds[i].flags & KEYEDIT_NEED_SK) && have_seckey) |
1727 | 0 | || ((cmds[i].flags & KEYEDIT_NEED_SUBSK) && have_anyseckey))) |
1728 | 0 | { |
1729 | 0 | tty_printf (_("Need the secret key to do this.\n")); |
1730 | 0 | cmd = cmdNOP; |
1731 | 0 | } |
1732 | 0 | else |
1733 | 0 | cmd = cmds[i].id; |
1734 | 0 | } |
1735 | | |
1736 | | /* Dispatch the command. */ |
1737 | 0 | switch (cmd) |
1738 | 0 | { |
1739 | 0 | case cmdHELP: |
1740 | 0 | for (i = 0; cmds[i].name; i++) |
1741 | 0 | { |
1742 | 0 | if ((cmds[i].flags & (KEYEDIT_NEED_SK|KEYEDIT_NEED_SUBSK)) |
1743 | 0 | && !(((cmds[i].flags & KEYEDIT_NEED_SK) && have_seckey) |
1744 | 0 | ||((cmds[i].flags&KEYEDIT_NEED_SUBSK)&&have_anyseckey))) |
1745 | 0 | ; /* Skip those item if we do not have the secret key. */ |
1746 | 0 | else if (cmds[i].desc) |
1747 | 0 | tty_printf ("%-11s %s\n", cmds[i].name, _(cmds[i].desc)); |
1748 | 0 | } |
1749 | |
|
1750 | 0 | tty_printf ("\n"); |
1751 | 0 | tty_printf |
1752 | 0 | (_("* The 'sign' command may be prefixed with an 'l' for local " |
1753 | 0 | "signatures (lsign),\n" |
1754 | 0 | " a 't' for trust signatures (tsign), an 'nr' for " |
1755 | 0 | "non-revocable signatures\n" |
1756 | 0 | " (nrsign), or any combination thereof (ltsign, " |
1757 | 0 | "tnrsign, etc.).\n")); |
1758 | 0 | break; |
1759 | | |
1760 | 0 | case cmdLIST: |
1761 | 0 | redisplay = 1; |
1762 | 0 | break; |
1763 | | |
1764 | 0 | case cmdFPR: |
1765 | 0 | show_key_and_fingerprint |
1766 | 0 | (ctrl, |
1767 | 0 | keyblock, (*arg_string == '*' |
1768 | 0 | && (!arg_string[1] || spacep (arg_string + 1)))); |
1769 | 0 | break; |
1770 | | |
1771 | 0 | case cmdGRIP: |
1772 | 0 | show_key_and_grip (keyblock); |
1773 | 0 | break; |
1774 | | |
1775 | 0 | case cmdSELUID: |
1776 | 0 | if (strlen (arg_string) == NAMEHASH_LEN * 2) |
1777 | 0 | redisplay = menu_select_uid_namehash (keyblock, arg_string); |
1778 | 0 | else |
1779 | 0 | { |
1780 | 0 | if (*arg_string == '*' |
1781 | 0 | && (!arg_string[1] || spacep (arg_string + 1))) |
1782 | 0 | arg_number = -1; /* Select all. */ |
1783 | 0 | redisplay = menu_select_uid (keyblock, arg_number); |
1784 | 0 | } |
1785 | 0 | break; |
1786 | | |
1787 | 0 | case cmdSELKEY: |
1788 | 0 | { |
1789 | 0 | if (*arg_string == '*' |
1790 | 0 | && (!arg_string[1] || spacep (arg_string + 1))) |
1791 | 0 | arg_number = -1; /* Select all. */ |
1792 | 0 | if (menu_select_key (keyblock, arg_number, p)) |
1793 | 0 | redisplay = 1; |
1794 | 0 | } |
1795 | 0 | break; |
1796 | | |
1797 | 0 | case cmdCHECK: |
1798 | 0 | if (key_check_all_keysigs (ctrl, -1, keyblock, |
1799 | 0 | count_selected_uids (keyblock), |
1800 | 0 | !strcmp (arg_string, "selfsig"))) |
1801 | 0 | modified = 1; |
1802 | 0 | break; |
1803 | | |
1804 | 0 | case cmdSIGN: |
1805 | 0 | { |
1806 | 0 | unsigned int myflags = 0; |
1807 | 0 | int my_modified = 0; |
1808 | |
|
1809 | 0 | if (pk->flags.revoked) |
1810 | 0 | { |
1811 | 0 | tty_printf (_("Key is revoked.")); |
1812 | |
|
1813 | 0 | if (opt.expert) |
1814 | 0 | { |
1815 | 0 | tty_printf (" "); |
1816 | 0 | if (!cpr_get_answer_is_yes |
1817 | 0 | ("keyedit.sign_revoked.okay", |
1818 | 0 | _("Are you sure you still want to sign it? (y/N) "))) |
1819 | 0 | break; |
1820 | 0 | } |
1821 | 0 | else |
1822 | 0 | { |
1823 | 0 | tty_printf (_(" Unable to sign.\n")); |
1824 | 0 | break; |
1825 | 0 | } |
1826 | 0 | } |
1827 | | |
1828 | 0 | if (count_uids (keyblock) > 1 && !count_selected_uids (keyblock)) |
1829 | 0 | { |
1830 | 0 | int result; |
1831 | 0 | if (opt.only_sign_text_ids) |
1832 | 0 | result = cpr_get_answer_is_yes |
1833 | 0 | ("keyedit.sign_all.okay", |
1834 | 0 | _("Really sign all text user IDs? (y/N) ")); |
1835 | 0 | else |
1836 | 0 | result = cpr_get_answer_is_yes |
1837 | 0 | ("keyedit.sign_all.okay", |
1838 | 0 | _("Really sign all user IDs? (y/N) ")); |
1839 | |
|
1840 | 0 | if (! result) |
1841 | 0 | { |
1842 | 0 | if (opt.interactive) |
1843 | 0 | myflags |= SIGN_UIDS_INTERACTIVE; |
1844 | 0 | else |
1845 | 0 | { |
1846 | 0 | tty_printf (_("Hint: Select the user IDs to sign\n")); |
1847 | 0 | have_commands = 0; |
1848 | 0 | break; |
1849 | 0 | } |
1850 | |
|
1851 | 0 | } |
1852 | 0 | } |
1853 | | |
1854 | | /* What sort of signing are we doing? */ |
1855 | 0 | if (!parse_sign_type (answer, &myflags)) |
1856 | 0 | { |
1857 | 0 | tty_printf (_("Unknown signature type '%s'\n"), answer); |
1858 | 0 | break; |
1859 | 0 | } |
1860 | | |
1861 | 0 | sign_uids (ctrl, NULL, keyblock, locusr, myflags, |
1862 | 0 | NULL, &my_modified); |
1863 | 0 | if (my_modified) /* sign_uids modified the keyblock */ |
1864 | 0 | modified = 1; /* thus set the general modified flag. */ |
1865 | 0 | if (my_modified && !(myflags & SIGN_UIDS_LOCAL)) |
1866 | 0 | upload = 1; /* exportable signature -> mark uploadable. */ |
1867 | 0 | } |
1868 | 0 | break; |
1869 | | |
1870 | 0 | case cmdDEBUG: |
1871 | 0 | dump_kbnode (keyblock); |
1872 | 0 | break; |
1873 | | |
1874 | 0 | case cmdTOGGLE: |
1875 | | /* The toggle command is a leftover from old gpg versions |
1876 | | where we worked with a secret and a public keyring. It |
1877 | | is not necessary anymore but we keep this command for the |
1878 | | sake of scripts using it. */ |
1879 | 0 | redisplay = 1; |
1880 | 0 | break; |
1881 | | |
1882 | 0 | case cmdADDPHOTO: |
1883 | 0 | if (RFC2440) |
1884 | 0 | { |
1885 | 0 | tty_printf (_("This command is not allowed while in %s mode.\n"), |
1886 | 0 | gnupg_compliance_option_string (opt.compliance)); |
1887 | 0 | break; |
1888 | 0 | } |
1889 | 0 | photo = 1; |
1890 | | /* fall through */ |
1891 | 0 | case cmdADDUID: |
1892 | 0 | if (menu_adduid (ctrl, keyblock, photo, arg_string, NULL)) |
1893 | 0 | { |
1894 | 0 | update_trust = 1; |
1895 | 0 | redisplay = 1; |
1896 | 0 | modified = 1; |
1897 | 0 | upload = 1; |
1898 | 0 | merge_keys_and_selfsig (ctrl, keyblock); |
1899 | 0 | } |
1900 | 0 | break; |
1901 | | |
1902 | 0 | case cmdDELUID: |
1903 | 0 | { |
1904 | 0 | int n1; |
1905 | |
|
1906 | 0 | if (!(n1 = count_selected_uids (keyblock))) |
1907 | 0 | { |
1908 | 0 | tty_printf (_("You must select at least one user ID.\n")); |
1909 | 0 | if (!opt.expert) |
1910 | 0 | tty_printf (_("(Use the '%s' command.)\n"), "uid"); |
1911 | 0 | } |
1912 | 0 | else if (real_uids_left (keyblock) < 1) |
1913 | 0 | tty_printf (_("You can't delete the last user ID!\n")); |
1914 | 0 | else if (cpr_get_answer_is_yes |
1915 | 0 | ("keyedit.remove.uid.okay", |
1916 | 0 | n1 > 1 ? _("Really remove all selected user IDs? (y/N) ") |
1917 | 0 | : _("Really remove this user ID? (y/N) "))) |
1918 | 0 | { |
1919 | 0 | menu_deluid (keyblock); |
1920 | 0 | redisplay = 1; |
1921 | 0 | modified = 1; |
1922 | | /* upload does not make sense here. Eventually we may |
1923 | | * decide to delete a key from the keyserver.*/ |
1924 | 0 | } |
1925 | 0 | } |
1926 | 0 | break; |
1927 | | |
1928 | 0 | case cmdDELSIG: |
1929 | 0 | { |
1930 | 0 | int n1; |
1931 | |
|
1932 | 0 | if (!(n1 = count_selected_uids (keyblock))) |
1933 | 0 | { |
1934 | 0 | tty_printf (_("You must select at least one user ID.\n")); |
1935 | 0 | if (!opt.expert) |
1936 | 0 | tty_printf (_("(Use the '%s' command.)\n"), "uid"); |
1937 | 0 | } |
1938 | 0 | else if (menu_delsig (ctrl, keyblock)) |
1939 | 0 | { |
1940 | | /* No redisplay here, because it may scroll away some |
1941 | | * of the status output of this command. */ |
1942 | 0 | modified = 1; |
1943 | 0 | } |
1944 | 0 | } |
1945 | 0 | break; |
1946 | | |
1947 | 0 | case cmdADDKEY: |
1948 | 0 | if (!generate_subkeypair (ctrl, keyblock, NULL, NULL, NULL)) |
1949 | 0 | { |
1950 | 0 | redisplay = 1; |
1951 | 0 | modified = 1; |
1952 | 0 | upload = 1; |
1953 | 0 | merge_keys_and_selfsig (ctrl, keyblock); |
1954 | 0 | } |
1955 | 0 | break; |
1956 | | |
1957 | | #ifdef ENABLE_CARD_SUPPORT |
1958 | | case cmdADDCARDKEY: |
1959 | | if (!card_generate_subkey (ctrl, keyblock)) |
1960 | | { |
1961 | | redisplay = 1; |
1962 | | modified = 1; |
1963 | | upload = 1; |
1964 | | merge_keys_and_selfsig (ctrl, keyblock); |
1965 | | } |
1966 | | break; |
1967 | | |
1968 | | case cmdKEYTOTPM: |
1969 | | /* FIXME need to store the key and not commit until later */ |
1970 | | { |
1971 | | kbnode_t node = NULL; |
1972 | | switch (count_selected_keys (keyblock)) |
1973 | | { |
1974 | | case 0: |
1975 | | if (cpr_get_answer_is_yes |
1976 | | ("keyedit.keytocard.use_primary", |
1977 | | /* TRANSLATORS: Please take care: This is about |
1978 | | moving the key and not about removing it. */ |
1979 | | _("Really move the primary key? (y/N) "))) |
1980 | | node = keyblock; |
1981 | | break; |
1982 | | case 1: |
1983 | | for (node = keyblock; node; node = node->next) |
1984 | | { |
1985 | | if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY |
1986 | | && node->flag & NODFLG_SELKEY) |
1987 | | break; |
1988 | | } |
1989 | | break; |
1990 | | default: |
1991 | | tty_printf (_("You must select exactly one key.\n")); |
1992 | | break; |
1993 | | } |
1994 | | if (node) |
1995 | | { |
1996 | | PKT_public_key *xxpk = node->pkt->pkt.public_key; |
1997 | | char *hexgrip; |
1998 | | |
1999 | | hexkeygrip_from_pk (xxpk, &hexgrip); |
2000 | | if (!agent_keytotpm (ctrl, hexgrip)) |
2001 | | { |
2002 | | redisplay = 1; |
2003 | | } |
2004 | | xfree (hexgrip); |
2005 | | } |
2006 | | } |
2007 | | break; |
2008 | | |
2009 | | case cmdKEYTOCARD: |
2010 | | { |
2011 | | KBNODE node = NULL; |
2012 | | switch (count_selected_keys (keyblock)) |
2013 | | { |
2014 | | case 0: |
2015 | | if (cpr_get_answer_is_yes |
2016 | | ("keyedit.keytocard.use_primary", |
2017 | | /* TRANSLATORS: Please take care: This is about |
2018 | | moving the key and not about removing it. */ |
2019 | | _("Really move the primary key? (y/N) "))) |
2020 | | node = keyblock; |
2021 | | break; |
2022 | | case 1: |
2023 | | for (node = keyblock; node; node = node->next) |
2024 | | { |
2025 | | if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY |
2026 | | && node->flag & NODFLG_SELKEY) |
2027 | | break; |
2028 | | } |
2029 | | break; |
2030 | | default: |
2031 | | tty_printf (_("You must select exactly one key.\n")); |
2032 | | break; |
2033 | | } |
2034 | | if (node) |
2035 | | { |
2036 | | PKT_public_key *xxpk = node->pkt->pkt.public_key; |
2037 | | if (card_store_subkey (node, xxpk ? xxpk->pubkey_usage : 0, |
2038 | | &delseckey_list)) |
2039 | | { |
2040 | | redisplay = 1; |
2041 | | sec_shadowing = 1; |
2042 | | delseckey_list_warn = 1; |
2043 | | } |
2044 | | } |
2045 | | } |
2046 | | break; |
2047 | | |
2048 | | case cmdBKUPTOCARD: |
2049 | | { |
2050 | | /* Ask for a filename, check whether this is really a |
2051 | | backup key as generated by the card generation, parse |
2052 | | that key and store it on card. */ |
2053 | | KBNODE node; |
2054 | | char *fname; |
2055 | | PACKET *pkt; |
2056 | | IOBUF a; |
2057 | | struct parse_packet_ctx_s parsectx; |
2058 | | int lastmode; |
2059 | | |
2060 | | if (!*arg_string) |
2061 | | { |
2062 | | tty_printf (_("Command expects a filename argument\n")); |
2063 | | break; |
2064 | | } |
2065 | | |
2066 | | if (*arg_string == DIRSEP_C) |
2067 | | fname = xstrdup (arg_string); |
2068 | | else if (*arg_string == '~') |
2069 | | fname = make_filename (arg_string, NULL); |
2070 | | else |
2071 | | fname = make_filename (gnupg_homedir (), arg_string, NULL); |
2072 | | |
2073 | | /* Open that file. */ |
2074 | | a = iobuf_open (fname); |
2075 | | if (a && is_secured_file (iobuf_get_fd (a))) |
2076 | | { |
2077 | | iobuf_close (a); |
2078 | | a = NULL; |
2079 | | gpg_err_set_errno (EPERM); |
2080 | | } |
2081 | | if (!a) |
2082 | | { |
2083 | | tty_printf (_("Can't open '%s': %s\n"), |
2084 | | fname, strerror (errno)); |
2085 | | xfree (fname); |
2086 | | break; |
2087 | | } |
2088 | | |
2089 | | /* Parse and check that file. */ |
2090 | | pkt = xmalloc (sizeof *pkt); |
2091 | | init_packet (pkt); |
2092 | | init_parse_packet (&parsectx, a); |
2093 | | err = parse_packet (&parsectx, pkt); |
2094 | | deinit_parse_packet (&parsectx); |
2095 | | iobuf_close (a); |
2096 | | iobuf_ioctl (NULL, IOBUF_IOCTL_INVALIDATE_CACHE, 0, (char *) fname); |
2097 | | if (!err && pkt->pkttype != PKT_SECRET_KEY |
2098 | | && pkt->pkttype != PKT_SECRET_SUBKEY) |
2099 | | err = GPG_ERR_NO_SECKEY; |
2100 | | if (err) |
2101 | | { |
2102 | | tty_printf (_("Error reading backup key from '%s': %s\n"), |
2103 | | fname, gpg_strerror (err)); |
2104 | | xfree (fname); |
2105 | | free_packet (pkt, NULL); |
2106 | | xfree (pkt); |
2107 | | break; |
2108 | | } |
2109 | | |
2110 | | xfree (fname); |
2111 | | node = new_kbnode (pkt); |
2112 | | |
2113 | | err = agent_set_ephemeral_mode (ctrl, 1, &lastmode); |
2114 | | if (err) |
2115 | | log_error ("error switching to ephemeral mode: %s\n", |
2116 | | gpg_strerror (err)); |
2117 | | else |
2118 | | { |
2119 | | /* Transfer it to gpg-agent which handles secret keys. */ |
2120 | | err = transfer_secret_keys (ctrl, NULL, node, 1, 1, 0); |
2121 | | if (!err) |
2122 | | { |
2123 | | /* Treat the pkt as a public key. */ |
2124 | | pkt->pkttype = PKT_PUBLIC_KEY; |
2125 | | |
2126 | | /* Ask gpg-agent to store the secret key to card. */ |
2127 | | if (card_store_subkey (node, 0, NULL)) |
2128 | | { |
2129 | | redisplay = 1; |
2130 | | sec_shadowing = 1; |
2131 | | } |
2132 | | } |
2133 | | if (!lastmode && agent_set_ephemeral_mode (ctrl, 0, NULL)) |
2134 | | log_error ("error clearing the ephemeral mode\n"); |
2135 | | } |
2136 | | release_kbnode (node); |
2137 | | } |
2138 | | break; |
2139 | | |
2140 | | #endif /* ENABLE_CARD_SUPPORT */ |
2141 | | |
2142 | 0 | case cmdDELKEY: |
2143 | 0 | { |
2144 | 0 | int n1; |
2145 | |
|
2146 | 0 | if (!(n1 = count_selected_keys (keyblock))) |
2147 | 0 | { |
2148 | 0 | tty_printf (_("You must select at least one key.\n")); |
2149 | 0 | if (!opt.expert) |
2150 | 0 | tty_printf (_("(Use the '%s' command.)\n"), "key"); |
2151 | 0 | } |
2152 | 0 | else if (!cpr_get_answer_is_yes |
2153 | 0 | ("keyedit.remove.subkey.okay", |
2154 | 0 | n1 > 1 ? _("Do you really want to delete the " |
2155 | 0 | "selected keys? (y/N) ") |
2156 | 0 | : _("Do you really want to delete this key? (y/N) "))) |
2157 | 0 | ; |
2158 | 0 | else |
2159 | 0 | { |
2160 | 0 | menu_delkey (keyblock); |
2161 | 0 | redisplay = 1; |
2162 | 0 | modified = 1; |
2163 | | /* upload does not make sense. */ |
2164 | 0 | } |
2165 | 0 | } |
2166 | 0 | break; |
2167 | | |
2168 | 0 | case cmdADDREVOKER: |
2169 | 0 | { |
2170 | 0 | int sensitive = 0; |
2171 | |
|
2172 | 0 | if (ascii_strcasecmp (arg_string, "sensitive") == 0) |
2173 | 0 | sensitive = 1; |
2174 | 0 | if (menu_addrevoker (ctrl, keyblock, sensitive)) |
2175 | 0 | { |
2176 | 0 | redisplay = 1; |
2177 | 0 | modified = 1; |
2178 | 0 | upload = 1; |
2179 | 0 | merge_keys_and_selfsig (ctrl, keyblock); |
2180 | 0 | } |
2181 | 0 | } |
2182 | 0 | break; |
2183 | | |
2184 | 0 | case cmdADDADSK: |
2185 | 0 | if (menu_addadsk (ctrl, keyblock, NULL)) |
2186 | 0 | { |
2187 | 0 | redisplay = 1; |
2188 | 0 | modified = 1; |
2189 | 0 | upload = 1; |
2190 | 0 | merge_keys_and_selfsig (ctrl, keyblock); |
2191 | 0 | } |
2192 | 0 | break; |
2193 | | |
2194 | 0 | case cmdREVUID: |
2195 | 0 | { |
2196 | 0 | int n1; |
2197 | |
|
2198 | 0 | if (!(n1 = count_selected_uids (keyblock))) |
2199 | 0 | { |
2200 | 0 | tty_printf (_("You must select at least one user ID.\n")); |
2201 | 0 | if (!opt.expert) |
2202 | 0 | tty_printf (_("(Use the '%s' command.)\n"), "uid"); |
2203 | 0 | } |
2204 | 0 | else if (cpr_get_answer_is_yes |
2205 | 0 | ("keyedit.revoke.uid.okay", |
2206 | 0 | n1 > 1 ? _("Really revoke all selected user IDs? (y/N) ") |
2207 | 0 | : _("Really revoke this user ID? (y/N) "))) |
2208 | 0 | { |
2209 | 0 | if (menu_revuid (ctrl, keyblock)) |
2210 | 0 | { |
2211 | 0 | modified = 1; |
2212 | 0 | redisplay = 1; |
2213 | 0 | upload = 1; |
2214 | 0 | } |
2215 | 0 | } |
2216 | 0 | } |
2217 | 0 | break; |
2218 | | |
2219 | 0 | case cmdREVKEY: |
2220 | 0 | { |
2221 | 0 | int n1; |
2222 | |
|
2223 | 0 | if (!(n1 = count_selected_keys (keyblock))) |
2224 | 0 | { |
2225 | 0 | if (cpr_get_answer_is_yes ("keyedit.revoke.subkey.okay", |
2226 | 0 | _("Do you really want to revoke" |
2227 | 0 | " the entire key? (y/N) "))) |
2228 | 0 | { |
2229 | 0 | if (menu_revkey (ctrl, keyblock)) |
2230 | 0 | { |
2231 | 0 | modified = 1; |
2232 | 0 | upload = 1; |
2233 | 0 | } |
2234 | |
|
2235 | 0 | redisplay = 1; |
2236 | 0 | } |
2237 | 0 | } |
2238 | 0 | else if (cpr_get_answer_is_yes ("keyedit.revoke.subkey.okay", |
2239 | 0 | n1 > 1 ? |
2240 | 0 | _("Do you really want to revoke" |
2241 | 0 | " the selected subkeys? (y/N) ") |
2242 | 0 | : _("Do you really want to revoke" |
2243 | 0 | " this subkey? (y/N) "))) |
2244 | 0 | { |
2245 | 0 | if (menu_revsubkey (ctrl, keyblock)) |
2246 | 0 | { |
2247 | 0 | modified = 1; |
2248 | 0 | upload = 1; |
2249 | 0 | } |
2250 | |
|
2251 | 0 | redisplay = 1; |
2252 | 0 | } |
2253 | |
|
2254 | 0 | if (modified) |
2255 | 0 | merge_keys_and_selfsig (ctrl, keyblock); |
2256 | 0 | } |
2257 | 0 | break; |
2258 | | |
2259 | 0 | case cmdEXPIRE: |
2260 | 0 | if (gpg_err_code (menu_expire (ctrl, keyblock, 0, 0)) == GPG_ERR_TRUE) |
2261 | 0 | { |
2262 | 0 | merge_keys_and_selfsig (ctrl, keyblock); |
2263 | 0 | run_subkey_warnings = 1; |
2264 | 0 | modified = 1; |
2265 | 0 | upload = 1; |
2266 | 0 | redisplay = 1; |
2267 | 0 | } |
2268 | 0 | break; |
2269 | | |
2270 | 0 | case cmdCHANGEUSAGE: |
2271 | 0 | if (menu_changeusage (ctrl, keyblock)) |
2272 | 0 | { |
2273 | 0 | merge_keys_and_selfsig (ctrl, keyblock); |
2274 | 0 | modified = 1; |
2275 | 0 | upload = 1; |
2276 | 0 | redisplay = 1; |
2277 | 0 | } |
2278 | 0 | break; |
2279 | | |
2280 | 0 | case cmdBACKSIGN: |
2281 | 0 | if (menu_backsign (ctrl, keyblock)) |
2282 | 0 | { |
2283 | 0 | modified = 1; |
2284 | 0 | upload = 1; |
2285 | 0 | redisplay = 1; |
2286 | 0 | } |
2287 | 0 | break; |
2288 | | |
2289 | 0 | case cmdPRIMARY: |
2290 | 0 | if (menu_set_primary_uid (ctrl, keyblock)) |
2291 | 0 | { |
2292 | 0 | merge_keys_and_selfsig (ctrl, keyblock); |
2293 | 0 | modified = 1; |
2294 | 0 | upload = 1; |
2295 | 0 | redisplay = 1; |
2296 | 0 | } |
2297 | 0 | break; |
2298 | | |
2299 | 0 | case cmdPASSWD: |
2300 | 0 | change_passphrase (ctrl, keyblock); |
2301 | 0 | break; |
2302 | | |
2303 | 0 | #ifndef NO_TRUST_MODELS |
2304 | 0 | case cmdTRUST: |
2305 | 0 | if (opt.trust_model == TM_EXTERNAL) |
2306 | 0 | { |
2307 | 0 | tty_printf (_("Owner trust may not be set while " |
2308 | 0 | "using a user provided trust database\n")); |
2309 | 0 | break; |
2310 | 0 | } |
2311 | | |
2312 | 0 | show_key_with_all_names (ctrl, NULL, keyblock, 0, 0, 0, 1, 0, 0); |
2313 | 0 | tty_printf ("\n"); |
2314 | 0 | if (edit_ownertrust (ctrl, find_kbnode (keyblock, |
2315 | 0 | PKT_PUBLIC_KEY)->pkt->pkt. |
2316 | 0 | public_key, 1)) |
2317 | 0 | { |
2318 | 0 | redisplay = 1; |
2319 | | /* No real need to set update_trust here as |
2320 | | edit_ownertrust() calls revalidation_mark() |
2321 | | anyway. */ |
2322 | 0 | update_trust = 1; |
2323 | 0 | } |
2324 | 0 | break; |
2325 | 0 | #endif /*!NO_TRUST_MODELS*/ |
2326 | | |
2327 | 0 | case cmdPREF: |
2328 | 0 | { |
2329 | 0 | int count = count_selected_uids (keyblock); |
2330 | 0 | log_assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY); |
2331 | 0 | show_names (ctrl, NULL, keyblock, keyblock->pkt->pkt.public_key, |
2332 | 0 | count ? NODFLG_SELUID : 0, 1); |
2333 | 0 | } |
2334 | 0 | break; |
2335 | | |
2336 | 0 | case cmdSHOWPREF: |
2337 | 0 | { |
2338 | 0 | int count = count_selected_uids (keyblock); |
2339 | 0 | log_assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY); |
2340 | 0 | show_names (ctrl, NULL, keyblock, keyblock->pkt->pkt.public_key, |
2341 | 0 | count ? NODFLG_SELUID : 0, 2); |
2342 | 0 | } |
2343 | 0 | break; |
2344 | | |
2345 | 0 | case cmdSETPREF: |
2346 | 0 | { |
2347 | 0 | PKT_user_id *tempuid; |
2348 | |
|
2349 | 0 | keygen_set_std_prefs (!*arg_string ? "default" : arg_string, 0); |
2350 | |
|
2351 | 0 | tempuid = keygen_get_std_prefs (); |
2352 | 0 | tty_printf (_("Set preference list to:\n")); |
2353 | 0 | show_prefs (tempuid, NULL, 1); |
2354 | 0 | free_user_id (tempuid); |
2355 | |
|
2356 | 0 | if (cpr_get_answer_is_yes |
2357 | 0 | ("keyedit.setpref.okay", |
2358 | 0 | count_selected_uids (keyblock) ? |
2359 | 0 | _("Really update the preferences" |
2360 | 0 | " for the selected user IDs? (y/N) ") |
2361 | 0 | : _("Really update the preferences? (y/N) "))) |
2362 | 0 | { |
2363 | 0 | if (menu_set_preferences (ctrl, keyblock, 0)) |
2364 | 0 | { |
2365 | 0 | merge_keys_and_selfsig (ctrl, keyblock); |
2366 | 0 | modified = 1; |
2367 | 0 | upload = 1; |
2368 | 0 | redisplay = 1; |
2369 | 0 | } |
2370 | 0 | } |
2371 | 0 | } |
2372 | 0 | break; |
2373 | | |
2374 | 0 | case cmdPREFKS: |
2375 | 0 | if (menu_set_keyserver_url (ctrl, *arg_string ? arg_string : NULL, |
2376 | 0 | keyblock)) |
2377 | 0 | { |
2378 | 0 | merge_keys_and_selfsig (ctrl, keyblock); |
2379 | 0 | modified = 1; |
2380 | 0 | upload = 1; |
2381 | 0 | redisplay = 1; |
2382 | 0 | } |
2383 | 0 | break; |
2384 | | |
2385 | 0 | case cmdNOTATION: |
2386 | 0 | if (menu_set_notation (ctrl, *arg_string ? arg_string : NULL, |
2387 | 0 | keyblock)) |
2388 | 0 | { |
2389 | 0 | merge_keys_and_selfsig (ctrl, keyblock); |
2390 | 0 | modified = 1; |
2391 | 0 | upload = 1; |
2392 | 0 | redisplay = 1; |
2393 | 0 | } |
2394 | 0 | break; |
2395 | | |
2396 | 0 | case cmdNOP: |
2397 | 0 | break; |
2398 | | |
2399 | 0 | case cmdREVSIG: |
2400 | 0 | if (menu_revsig (ctrl, keyblock)) |
2401 | 0 | { |
2402 | 0 | redisplay = 1; |
2403 | 0 | modified = 1; |
2404 | 0 | upload = 1; |
2405 | 0 | } |
2406 | 0 | break; |
2407 | | |
2408 | 0 | #ifndef NO_TRUST_MODELS |
2409 | 0 | case cmdENABLEKEY: |
2410 | 0 | case cmdDISABLEKEY: |
2411 | 0 | if (enable_disable_key (ctrl, keyblock, cmd == cmdDISABLEKEY)) |
2412 | 0 | { |
2413 | 0 | redisplay = 1; |
2414 | 0 | modified = 1; |
2415 | 0 | } |
2416 | 0 | break; |
2417 | 0 | #endif /*!NO_TRUST_MODELS*/ |
2418 | | |
2419 | 0 | case cmdSHOWPHOTO: |
2420 | 0 | menu_showphoto (ctrl, keyblock); |
2421 | 0 | break; |
2422 | | |
2423 | 0 | case cmdCLEAN: |
2424 | 0 | if (menu_clean (ctrl, keyblock, 0)) |
2425 | 0 | redisplay = modified = 1; |
2426 | 0 | break; |
2427 | | |
2428 | 0 | case cmdMINIMIZE: |
2429 | 0 | if (menu_clean (ctrl, keyblock, EXPORT_MINIMAL)) |
2430 | 0 | redisplay = modified = 1; |
2431 | 0 | break; |
2432 | | |
2433 | 0 | case cmdQUIT: |
2434 | 0 | if (have_commands) |
2435 | 0 | goto leave; |
2436 | 0 | if (!modified && !sec_shadowing) |
2437 | 0 | goto leave; |
2438 | 0 | if (!cpr_get_answer_is_yes ("keyedit.save.okay", |
2439 | 0 | _("Save changes? (y/N) "))) |
2440 | 0 | { |
2441 | 0 | if (cpr_enabled () |
2442 | 0 | || cpr_get_answer_is_yes ("keyedit.cancel.okay", |
2443 | 0 | _("Quit without saving? (y/N) "))) |
2444 | 0 | goto leave; |
2445 | 0 | break; |
2446 | 0 | } |
2447 | | /* fall through */ |
2448 | 0 | case cmdSAVE: |
2449 | 0 | if (modified) |
2450 | 0 | { |
2451 | 0 | err = keydb_update_keyblock (ctrl, kdbhd, keyblock); |
2452 | 0 | if (err) |
2453 | 0 | { |
2454 | 0 | log_error (_("update failed: %s\n"), gpg_strerror (err)); |
2455 | 0 | break; |
2456 | 0 | } |
2457 | 0 | if (upload) |
2458 | 0 | { |
2459 | 0 | maybe_upload_key (ctrl, keyblock); |
2460 | 0 | upload = 0; |
2461 | 0 | } |
2462 | 0 | } |
2463 | | |
2464 | 0 | if (delseckey_list) |
2465 | 0 | { |
2466 | 0 | strlist_t sl; |
2467 | 0 | for (err = 0, sl = delseckey_list; sl; sl = sl->next) |
2468 | 0 | { |
2469 | 0 | if (*sl->d) |
2470 | 0 | { |
2471 | 0 | err = agent_delete_key (ctrl, sl->d, NULL, 1/*force*/); |
2472 | 0 | if (err) |
2473 | 0 | break; |
2474 | 0 | *sl->d = 0; /* Mark deleted. */ |
2475 | 0 | } |
2476 | 0 | } |
2477 | 0 | if (err) |
2478 | 0 | { |
2479 | 0 | log_error (_("deleting copy of secret key failed: %s\n"), |
2480 | 0 | gpg_strerror (err)); |
2481 | 0 | break; /* the "save". */ |
2482 | 0 | } |
2483 | 0 | } |
2484 | | |
2485 | 0 | if (sec_shadowing) |
2486 | 0 | { |
2487 | 0 | err = agent_scd_learn (NULL, 1); |
2488 | 0 | if (err) |
2489 | 0 | { |
2490 | 0 | log_error (_("update failed: %s\n"), gpg_strerror (err)); |
2491 | 0 | break; |
2492 | 0 | } |
2493 | 0 | } |
2494 | | |
2495 | 0 | if (!modified && !sec_shadowing) |
2496 | 0 | tty_printf (_("Key not changed so no update needed.\n")); |
2497 | |
|
2498 | 0 | if (update_trust) |
2499 | 0 | { |
2500 | 0 | revalidation_mark (ctrl); |
2501 | 0 | update_trust = 0; |
2502 | 0 | } |
2503 | 0 | goto leave; |
2504 | | |
2505 | 0 | case cmdINVCMD: |
2506 | 0 | default: |
2507 | 0 | tty_printf ("\n"); |
2508 | 0 | tty_printf (_("Invalid command (try \"help\")\n")); |
2509 | 0 | break; |
2510 | 0 | } |
2511 | 0 | } /* End of the main command loop. */ |
2512 | | |
2513 | 0 | leave: |
2514 | 0 | free_strlist (delseckey_list); |
2515 | 0 | release_kbnode (keyblock); |
2516 | 0 | keydb_release (kdbhd); |
2517 | 0 | xfree (answer); |
2518 | 0 | } |
2519 | | |
2520 | | |
2521 | | /* Helper to upload a key to an LDAP server if configured. */ |
2522 | | static void |
2523 | | maybe_upload_key (ctrl_t ctrl, kbnode_t keyblock) |
2524 | 0 | { |
2525 | 0 | unsigned int saved_options; |
2526 | |
|
2527 | 0 | if (!opt.flags.auto_key_upload) |
2528 | 0 | return; |
2529 | | |
2530 | 0 | saved_options = opt.keyserver_options.options; |
2531 | 0 | opt.keyserver_options.options |= KEYSERVER_LDAP_ONLY; |
2532 | 0 | opt.keyserver_options.options |= KEYSERVER_WARN_ONLY; |
2533 | 0 | keyserver_export_pubkey (ctrl, keyblock->pkt->pkt.public_key, 0); |
2534 | 0 | opt.keyserver_options.options = saved_options; |
2535 | 0 | } |
2536 | | |
2537 | | |
2538 | | /* Change the passphrase of the secret key identified by USERNAME. */ |
2539 | | void |
2540 | | keyedit_passwd (ctrl_t ctrl, const char *username) |
2541 | 0 | { |
2542 | 0 | gpg_error_t err; |
2543 | 0 | PKT_public_key *pk; |
2544 | 0 | kbnode_t keyblock = NULL; |
2545 | |
|
2546 | 0 | pk = xtrycalloc (1, sizeof *pk); |
2547 | 0 | if (!pk) |
2548 | 0 | { |
2549 | 0 | err = gpg_error_from_syserror (); |
2550 | 0 | goto leave; |
2551 | 0 | } |
2552 | 0 | err = getkey_byname (ctrl, NULL, pk, username, 1, &keyblock); |
2553 | 0 | if (err) |
2554 | 0 | goto leave; |
2555 | | |
2556 | 0 | err = change_passphrase (ctrl, keyblock); |
2557 | |
|
2558 | 0 | leave: |
2559 | 0 | release_kbnode (keyblock); |
2560 | 0 | free_public_key (pk); |
2561 | 0 | if (err) |
2562 | 0 | { |
2563 | 0 | log_info ("error changing the passphrase for '%s': %s\n", |
2564 | 0 | username, gpg_strerror (err)); |
2565 | 0 | write_status_error ("keyedit.passwd", err); |
2566 | 0 | } |
2567 | 0 | else |
2568 | 0 | write_status_text (STATUS_SUCCESS, "keyedit.passwd"); |
2569 | 0 | } |
2570 | | |
2571 | | |
2572 | | /* Helper for quick commands to find the keyblock for USERNAME. |
2573 | | * Returns on success the key database handle at R_KDBHD and the |
2574 | | * keyblock at R_KEYBLOCK. */ |
2575 | | static gpg_error_t |
2576 | | quick_find_keyblock (ctrl_t ctrl, const char *username, int want_secret, |
2577 | | KEYDB_HANDLE *r_kdbhd, kbnode_t *r_keyblock) |
2578 | 0 | { |
2579 | 0 | gpg_error_t err; |
2580 | 0 | KEYDB_HANDLE kdbhd = NULL; |
2581 | 0 | kbnode_t keyblock = NULL; |
2582 | 0 | KEYDB_SEARCH_DESC desc; |
2583 | 0 | kbnode_t node; |
2584 | |
|
2585 | 0 | *r_kdbhd = NULL; |
2586 | 0 | *r_keyblock = NULL; |
2587 | | |
2588 | | /* Search the key; we don't want the whole getkey stuff here. */ |
2589 | 0 | kdbhd = keydb_new (ctrl); |
2590 | 0 | if (!kdbhd) |
2591 | 0 | { |
2592 | | /* Note that keydb_new has already used log_error. */ |
2593 | 0 | err = gpg_error_from_syserror (); |
2594 | 0 | goto leave; |
2595 | 0 | } |
2596 | 0 | err = keydb_lock (kdbhd); |
2597 | 0 | if (err) |
2598 | 0 | goto leave; |
2599 | | |
2600 | 0 | err = classify_user_id (username, &desc, 1); |
2601 | 0 | if (!err) |
2602 | 0 | err = keydb_search (kdbhd, &desc, 1, NULL); |
2603 | 0 | if (!err) |
2604 | 0 | { |
2605 | 0 | err = keydb_get_keyblock (kdbhd, &keyblock); |
2606 | 0 | if (err) |
2607 | 0 | { |
2608 | 0 | log_error (_("error reading keyblock: %s\n"), gpg_strerror (err)); |
2609 | 0 | goto leave; |
2610 | 0 | } |
2611 | | /* Now with the keyblock retrieved, search again to detect an |
2612 | | ambiguous specification. We need to save the found state so |
2613 | | that we can do an update later. */ |
2614 | 0 | keydb_push_found_state (kdbhd); |
2615 | 0 | err = keydb_search (kdbhd, &desc, 1, NULL); |
2616 | 0 | if (!err) |
2617 | 0 | err = gpg_error (GPG_ERR_AMBIGUOUS_NAME); |
2618 | 0 | else if (gpg_err_code (err) == GPG_ERR_NOT_FOUND) |
2619 | 0 | err = 0; |
2620 | 0 | keydb_pop_found_state (kdbhd); |
2621 | |
|
2622 | 0 | if (!err && want_secret) |
2623 | 0 | { |
2624 | | /* We require the secret primary key to set the primary UID. */ |
2625 | 0 | node = find_kbnode (keyblock, PKT_PUBLIC_KEY); |
2626 | 0 | log_assert (node); |
2627 | 0 | if (!agent_probe_secret_key (ctrl, node->pkt->pkt.public_key)) |
2628 | 0 | err = gpg_error (GPG_ERR_NO_SECKEY); |
2629 | 0 | } |
2630 | 0 | } |
2631 | 0 | else if (gpg_err_code (err) == GPG_ERR_NOT_FOUND) |
2632 | 0 | err = gpg_error (GPG_ERR_NO_PUBKEY); |
2633 | | |
2634 | 0 | if (err) |
2635 | 0 | { |
2636 | 0 | log_error (_("key \"%s\" not found: %s\n"), |
2637 | 0 | username, gpg_strerror (err)); |
2638 | 0 | goto leave; |
2639 | 0 | } |
2640 | | |
2641 | 0 | fix_keyblock (ctrl, &keyblock); |
2642 | 0 | merge_keys_and_selfsig (ctrl, keyblock); |
2643 | |
|
2644 | 0 | *r_keyblock = keyblock; |
2645 | 0 | keyblock = NULL; |
2646 | 0 | *r_kdbhd = kdbhd; |
2647 | 0 | kdbhd = NULL; |
2648 | |
|
2649 | 0 | leave: |
2650 | 0 | release_kbnode (keyblock); |
2651 | 0 | keydb_release (kdbhd); |
2652 | 0 | return err; |
2653 | 0 | } |
2654 | | |
2655 | | |
2656 | | /* Unattended adding of a new keyid. USERNAME specifies the |
2657 | | key. NEWUID is the new user id to add to the key. */ |
2658 | | void |
2659 | | keyedit_quick_adduid (ctrl_t ctrl, const char *username, const char *newuid) |
2660 | 0 | { |
2661 | 0 | gpg_error_t err; |
2662 | 0 | KEYDB_HANDLE kdbhd = NULL; |
2663 | 0 | kbnode_t keyblock = NULL; |
2664 | 0 | char *uidstring = NULL; |
2665 | |
|
2666 | 0 | uidstring = xstrdup (newuid); |
2667 | 0 | trim_spaces (uidstring); |
2668 | 0 | if (!*uidstring) |
2669 | 0 | { |
2670 | 0 | log_error ("%s\n", gpg_strerror (GPG_ERR_INV_USER_ID)); |
2671 | 0 | goto leave; |
2672 | 0 | } |
2673 | | |
2674 | | #ifdef HAVE_W32_SYSTEM |
2675 | | /* See keyedit_menu for why we need this. */ |
2676 | | check_trustdb_stale (ctrl); |
2677 | | #endif |
2678 | | |
2679 | | /* Search the key; we don't want the whole getkey stuff here. */ |
2680 | 0 | err = quick_find_keyblock (ctrl, username, 1, &kdbhd, &keyblock); |
2681 | 0 | if (err) |
2682 | 0 | goto leave; |
2683 | | |
2684 | 0 | if (menu_adduid (ctrl, keyblock, 0, NULL, uidstring)) |
2685 | 0 | { |
2686 | 0 | err = keydb_update_keyblock (ctrl, kdbhd, keyblock); |
2687 | 0 | if (err) |
2688 | 0 | { |
2689 | 0 | log_error (_("update failed: %s\n"), gpg_strerror (err)); |
2690 | 0 | goto leave; |
2691 | 0 | } |
2692 | 0 | maybe_upload_key (ctrl, keyblock); |
2693 | 0 | if (update_trust) |
2694 | 0 | revalidation_mark (ctrl); |
2695 | 0 | } |
2696 | | |
2697 | 0 | leave: |
2698 | 0 | xfree (uidstring); |
2699 | 0 | release_kbnode (keyblock); |
2700 | 0 | keydb_release (kdbhd); |
2701 | 0 | } |
2702 | | |
2703 | | |
2704 | | /* Helper to find the UID node for namehash. On success, returns the UID node. |
2705 | | Otherwise, return NULL. */ |
2706 | | kbnode_t |
2707 | | find_userid_by_namehash (kbnode_t keyblock, const char *namehash, int want_valid) |
2708 | 0 | { |
2709 | 0 | byte hash[NAMEHASH_LEN]; |
2710 | 0 | kbnode_t node = NULL; |
2711 | |
|
2712 | 0 | if (!namehash) |
2713 | 0 | goto leave; |
2714 | | |
2715 | 0 | if (strlen (namehash) != NAMEHASH_LEN * 2) |
2716 | 0 | goto leave; |
2717 | | |
2718 | 0 | if (hex2bin (namehash, hash, NAMEHASH_LEN) < 0) |
2719 | 0 | goto leave; |
2720 | | |
2721 | 0 | for (node = keyblock; node; node = node->next) |
2722 | 0 | { |
2723 | 0 | if (node->pkt->pkttype == PKT_USER_ID |
2724 | 0 | && (!want_valid || (!node->pkt->pkt.user_id->flags.revoked |
2725 | 0 | && !node->pkt->pkt.user_id->flags.expired))) |
2726 | 0 | { |
2727 | 0 | namehash_from_uid (node->pkt->pkt.user_id); |
2728 | 0 | if (!memcmp (node->pkt->pkt.user_id->namehash, hash, NAMEHASH_LEN)) |
2729 | 0 | break; |
2730 | 0 | } |
2731 | 0 | } |
2732 | |
|
2733 | 0 | leave: |
2734 | 0 | return node; |
2735 | 0 | } |
2736 | | |
2737 | | |
2738 | | /* Helper to find the UID node for uid. On success, returns the UID node. |
2739 | | Otherwise, return NULL. */ |
2740 | | kbnode_t |
2741 | | find_userid (kbnode_t keyblock, const char *uid, int want_valid) |
2742 | 0 | { |
2743 | 0 | kbnode_t node = NULL; |
2744 | 0 | size_t uidlen; |
2745 | |
|
2746 | 0 | if (!keyblock || !uid) |
2747 | 0 | goto leave; |
2748 | | |
2749 | | /* First try to find UID by namehash. */ |
2750 | 0 | node = find_userid_by_namehash (keyblock, uid, want_valid); |
2751 | 0 | if (node) |
2752 | 0 | goto leave; |
2753 | | |
2754 | 0 | uidlen = strlen (uid); |
2755 | 0 | for (node = keyblock; node; node = node->next) |
2756 | 0 | { |
2757 | 0 | if (node->pkt->pkttype == PKT_USER_ID |
2758 | 0 | && (!want_valid || (!node->pkt->pkt.user_id->flags.revoked |
2759 | 0 | && !node->pkt->pkt.user_id->flags.expired)) |
2760 | 0 | && uidlen == node->pkt->pkt.user_id->len |
2761 | 0 | && !memcmp (node->pkt->pkt.user_id->name, uid, uidlen)) |
2762 | 0 | break; |
2763 | 0 | } |
2764 | |
|
2765 | 0 | leave: |
2766 | 0 | return node; |
2767 | 0 | } |
2768 | | |
2769 | | |
2770 | | /* Unattended revocation of a keyid. USERNAME specifies the |
2771 | | key. UIDTOREV is the user id revoke from the key. */ |
2772 | | void |
2773 | | keyedit_quick_revuid (ctrl_t ctrl, const char *username, const char *uidtorev) |
2774 | 0 | { |
2775 | 0 | gpg_error_t err; |
2776 | 0 | KEYDB_HANDLE kdbhd = NULL; |
2777 | 0 | kbnode_t keyblock = NULL; |
2778 | 0 | kbnode_t node; |
2779 | 0 | int modified = 0; |
2780 | 0 | size_t valid_uids; |
2781 | |
|
2782 | | #ifdef HAVE_W32_SYSTEM |
2783 | | /* See keyedit_menu for why we need this. */ |
2784 | | check_trustdb_stale (ctrl); |
2785 | | #endif |
2786 | | |
2787 | | /* Search the key; we don't want the whole getkey stuff here. */ |
2788 | 0 | err = quick_find_keyblock (ctrl, username, 1, &kdbhd, &keyblock); |
2789 | 0 | if (err) |
2790 | 0 | goto leave; |
2791 | | |
2792 | | /* To make sure that we do not revoke the last valid UID, we first |
2793 | | count how many valid UIDs there are. */ |
2794 | 0 | valid_uids = 0; |
2795 | 0 | for (node = keyblock; node; node = node->next) |
2796 | 0 | valid_uids += (node->pkt->pkttype == PKT_USER_ID |
2797 | 0 | && !node->pkt->pkt.user_id->flags.revoked |
2798 | 0 | && !node->pkt->pkt.user_id->flags.expired); |
2799 | | |
2800 | | /* Find the right UID. */ |
2801 | 0 | node = find_userid (keyblock, uidtorev, 0); |
2802 | 0 | if (node) |
2803 | 0 | { |
2804 | 0 | struct revocation_reason_info *reason; |
2805 | | |
2806 | | /* Make sure that we do not revoke the last valid UID. */ |
2807 | 0 | if (valid_uids == 1 |
2808 | 0 | && ! node->pkt->pkt.user_id->flags.revoked |
2809 | 0 | && ! node->pkt->pkt.user_id->flags.expired) |
2810 | 0 | { |
2811 | 0 | log_error (_("cannot revoke the last valid user ID.\n")); |
2812 | 0 | err = gpg_error (GPG_ERR_INV_USER_ID); |
2813 | 0 | goto leave; |
2814 | 0 | } |
2815 | | |
2816 | 0 | reason = get_default_uid_revocation_reason (); |
2817 | 0 | err = core_revuid (ctrl, keyblock, node, reason, &modified); |
2818 | 0 | release_revocation_reason_info (reason); |
2819 | 0 | if (err) |
2820 | 0 | goto leave; |
2821 | 0 | err = keydb_update_keyblock (ctrl, kdbhd, keyblock); |
2822 | 0 | if (err) |
2823 | 0 | { |
2824 | 0 | log_error (_("update failed: %s\n"), gpg_strerror (err)); |
2825 | 0 | goto leave; |
2826 | 0 | } |
2827 | 0 | maybe_upload_key (ctrl, keyblock); |
2828 | 0 | revalidation_mark (ctrl); |
2829 | 0 | goto leave; |
2830 | 0 | } |
2831 | 0 | err = gpg_error (GPG_ERR_NO_USER_ID); |
2832 | | |
2833 | |
|
2834 | 0 | leave: |
2835 | 0 | if (err) |
2836 | 0 | { |
2837 | 0 | log_error (_("revoking the user ID failed: %s\n"), gpg_strerror (err)); |
2838 | 0 | write_status_error ("keyedit.revoke.uid", err); |
2839 | 0 | } |
2840 | 0 | release_kbnode (keyblock); |
2841 | 0 | keydb_release (kdbhd); |
2842 | 0 | } |
2843 | | |
2844 | | |
2845 | | /* Unattended setting of the primary uid. USERNAME specifies the key. |
2846 | | PRIMARYUID is the user id which shall be primary. */ |
2847 | | void |
2848 | | keyedit_quick_set_primary (ctrl_t ctrl, const char *username, |
2849 | | const char *primaryuid) |
2850 | 0 | { |
2851 | 0 | gpg_error_t err; |
2852 | 0 | KEYDB_HANDLE kdbhd = NULL; |
2853 | 0 | kbnode_t keyblock = NULL; |
2854 | 0 | kbnode_t primarynode; |
2855 | 0 | kbnode_t node; |
2856 | |
|
2857 | | #ifdef HAVE_W32_SYSTEM |
2858 | | /* See keyedit_menu for why we need this. */ |
2859 | | check_trustdb_stale (ctrl); |
2860 | | #endif |
2861 | |
|
2862 | 0 | err = quick_find_keyblock (ctrl, username, 1, &kdbhd, &keyblock); |
2863 | 0 | if (err) |
2864 | 0 | { |
2865 | 0 | write_status_error ("keyedit.primary", err); |
2866 | 0 | goto leave; |
2867 | 0 | } |
2868 | | |
2869 | | /* Find the first matching UID that is valid */ |
2870 | 0 | primarynode = find_userid (keyblock, primaryuid, 1); |
2871 | | |
2872 | | /* and mark it. */ |
2873 | 0 | if (primarynode) |
2874 | 0 | for (node = keyblock; node; node = node->next) |
2875 | 0 | { |
2876 | 0 | if (node == primarynode) |
2877 | 0 | node->flag |= NODFLG_SELUID; |
2878 | 0 | else |
2879 | 0 | node->flag &= ~NODFLG_SELUID; |
2880 | 0 | } |
2881 | |
|
2882 | 0 | if (!primarynode) |
2883 | 0 | err = gpg_error (GPG_ERR_NO_USER_ID); |
2884 | 0 | else if (menu_set_primary_uid (ctrl, keyblock)) |
2885 | 0 | { |
2886 | 0 | merge_keys_and_selfsig (ctrl, keyblock); |
2887 | 0 | err = keydb_update_keyblock (ctrl, kdbhd, keyblock); |
2888 | 0 | if (err) |
2889 | 0 | { |
2890 | 0 | log_error (_("update failed: %s\n"), gpg_strerror (err)); |
2891 | 0 | goto leave; |
2892 | 0 | } |
2893 | 0 | maybe_upload_key (ctrl, keyblock); |
2894 | 0 | revalidation_mark (ctrl); |
2895 | 0 | } |
2896 | 0 | else |
2897 | 0 | err = gpg_error (GPG_ERR_GENERAL); |
2898 | | |
2899 | 0 | if (err) |
2900 | 0 | { |
2901 | 0 | log_error (_("setting the primary user ID failed: %s\n"), |
2902 | 0 | gpg_strerror (err)); |
2903 | 0 | write_status_error ("keyedit.primary", err); |
2904 | 0 | } |
2905 | |
|
2906 | 0 | leave: |
2907 | 0 | release_kbnode (keyblock); |
2908 | 0 | keydb_release (kdbhd); |
2909 | 0 | } |
2910 | | |
2911 | | |
2912 | | /* Unattended updating of the preference tro the standard preferences. |
2913 | | * USERNAME specifies the key. This is basically the same as |
2914 | | * gpg --edit-key <<userif> updpref save |
2915 | | */ |
2916 | | void |
2917 | | keyedit_quick_update_pref (ctrl_t ctrl, const char *username) |
2918 | 0 | { |
2919 | 0 | gpg_error_t err; |
2920 | 0 | KEYDB_HANDLE kdbhd = NULL; |
2921 | 0 | kbnode_t keyblock = NULL; |
2922 | |
|
2923 | | #ifdef HAVE_W32_SYSTEM |
2924 | | /* See keyedit_menu for why we need this. */ |
2925 | | check_trustdb_stale (ctrl); |
2926 | | #endif |
2927 | |
|
2928 | 0 | err = quick_find_keyblock (ctrl, username, 1, &kdbhd, &keyblock); |
2929 | 0 | if (err) |
2930 | 0 | goto leave; |
2931 | | |
2932 | 0 | if (menu_set_preferences (ctrl, keyblock, 1)) |
2933 | 0 | { |
2934 | 0 | merge_keys_and_selfsig (ctrl, keyblock); |
2935 | 0 | err = keydb_update_keyblock (ctrl, kdbhd, keyblock); |
2936 | 0 | if (err) |
2937 | 0 | { |
2938 | 0 | log_error (_("update failed: %s\n"), gpg_strerror (err)); |
2939 | 0 | goto leave; |
2940 | 0 | } |
2941 | 0 | maybe_upload_key (ctrl, keyblock); |
2942 | 0 | } |
2943 | | |
2944 | 0 | leave: |
2945 | 0 | if (err) |
2946 | 0 | write_status_error ("keyedit.updpref", err); |
2947 | 0 | release_kbnode (keyblock); |
2948 | 0 | keydb_release (kdbhd); |
2949 | 0 | } |
2950 | | |
2951 | | |
2952 | | /* Unattended updating of the ownertrust or disable/enable state of a key |
2953 | | * USERNAME specifies the key. This is somewhat similar to |
2954 | | * gpg --edit-key <userid> trust save |
2955 | | * gpg --edit-key <userid> disable save |
2956 | | * |
2957 | | * VALUE is the new trust value which is one of: |
2958 | | * "undefined" - Ownertrust is set to undefined |
2959 | | * "never" - Ownertrust is set to never trust |
2960 | | * "marginal" - Ownertrust is set to marginal trust |
2961 | | * "full" - Ownertrust is set to full trust |
2962 | | * "ultimate" - Ownertrust is set to ultimate trust |
2963 | | * "enable" - The key is re-enabled. |
2964 | | * "disable" - The key is disabled. |
2965 | | * Trust settings do not change the ebable/disable state. |
2966 | | */ |
2967 | | void |
2968 | | keyedit_quick_set_ownertrust (ctrl_t ctrl, const char *username, |
2969 | | const char *value) |
2970 | 0 | { |
2971 | 0 | gpg_error_t err; |
2972 | 0 | KEYDB_HANDLE kdbhd = NULL; |
2973 | 0 | kbnode_t keyblock = NULL; |
2974 | 0 | PKT_public_key *pk; |
2975 | 0 | unsigned int trust, newtrust; |
2976 | 0 | int x; |
2977 | 0 | int maybe_update_trust = 0; |
2978 | |
|
2979 | | #ifdef HAVE_W32_SYSTEM |
2980 | | /* See keyedit_menu for why we need this. */ |
2981 | | check_trustdb_stale (ctrl); |
2982 | | #endif |
2983 | | |
2984 | | /* Search the key; we don't want the whole getkey stuff here. Note |
2985 | | * that we are looking for the public key here. */ |
2986 | 0 | err = quick_find_keyblock (ctrl, username, 0, &kdbhd, &keyblock); |
2987 | 0 | if (err) |
2988 | 0 | goto leave; |
2989 | 0 | log_assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY |
2990 | 0 | || keyblock->pkt->pkttype == PKT_SECRET_KEY); |
2991 | 0 | pk = keyblock->pkt->pkt.public_key; |
2992 | |
|
2993 | 0 | trust = newtrust = get_ownertrust (ctrl, pk); |
2994 | |
|
2995 | 0 | if (!ascii_strcasecmp (value, "enable")) |
2996 | 0 | newtrust &= ~TRUST_FLAG_DISABLED; |
2997 | 0 | else if (!ascii_strcasecmp (value, "disable")) |
2998 | 0 | newtrust |= TRUST_FLAG_DISABLED; |
2999 | 0 | else if ((x = string_to_trust_value (value)) >= 0) |
3000 | 0 | { |
3001 | 0 | newtrust = x; |
3002 | 0 | newtrust &= TRUST_MASK; |
3003 | 0 | newtrust |= (trust & ~TRUST_MASK); |
3004 | 0 | maybe_update_trust = 1; |
3005 | 0 | } |
3006 | 0 | else |
3007 | 0 | { |
3008 | 0 | err = gpg_error (GPG_ERR_INV_ARG); |
3009 | 0 | goto leave; |
3010 | 0 | } |
3011 | | |
3012 | 0 | if (trust != newtrust) |
3013 | 0 | { |
3014 | 0 | update_ownertrust (ctrl, pk, newtrust); |
3015 | 0 | if (maybe_update_trust) |
3016 | 0 | revalidation_mark (ctrl); |
3017 | 0 | } |
3018 | 0 | else if (opt.verbose) |
3019 | 0 | log_info (_("Key not changed so no update needed.\n")); |
3020 | |
|
3021 | 0 | leave: |
3022 | 0 | if (err) |
3023 | 0 | { |
3024 | 0 | log_error (_("setting the ownertrust to '%s' failed: %s\n"), |
3025 | 0 | value, gpg_strerror (err)); |
3026 | 0 | write_status_error ("keyedit.setownertrust", err); |
3027 | 0 | } |
3028 | 0 | release_kbnode (keyblock); |
3029 | 0 | keydb_release (kdbhd); |
3030 | 0 | } |
3031 | | |
3032 | | |
3033 | | /* Find a keyblock by fingerprint because only this uniquely |
3034 | | * identifies a key and may thus be used to select a key for |
3035 | | * unattended subkey creation os key signing. */ |
3036 | | static gpg_error_t |
3037 | | find_by_primary_fpr (ctrl_t ctrl, const char *fpr, |
3038 | | kbnode_t *r_keyblock, KEYDB_HANDLE *r_kdbhd) |
3039 | 0 | { |
3040 | 0 | gpg_error_t err; |
3041 | 0 | kbnode_t keyblock = NULL; |
3042 | 0 | KEYDB_HANDLE kdbhd = NULL; |
3043 | 0 | KEYDB_SEARCH_DESC desc; |
3044 | 0 | byte fprbin[MAX_FINGERPRINT_LEN]; |
3045 | 0 | size_t fprlen; |
3046 | |
|
3047 | 0 | *r_keyblock = NULL; |
3048 | 0 | *r_kdbhd = NULL; |
3049 | |
|
3050 | 0 | if (classify_user_id (fpr, &desc, 1) |
3051 | 0 | || desc.mode != KEYDB_SEARCH_MODE_FPR) |
3052 | 0 | { |
3053 | 0 | log_error (_("\"%s\" is not a fingerprint\n"), fpr); |
3054 | 0 | err = gpg_error (GPG_ERR_INV_NAME); |
3055 | 0 | goto leave; |
3056 | 0 | } |
3057 | 0 | err = get_pubkey_byname (ctrl, GET_PUBKEY_NO_AKL, |
3058 | 0 | NULL, NULL, fpr, &keyblock, &kdbhd, 1); |
3059 | 0 | if (err) |
3060 | 0 | { |
3061 | 0 | log_error (_("key \"%s\" not found: %s\n"), fpr, gpg_strerror (err)); |
3062 | 0 | goto leave; |
3063 | 0 | } |
3064 | | |
3065 | | /* Check that the primary fingerprint has been given. */ |
3066 | 0 | fingerprint_from_pk (keyblock->pkt->pkt.public_key, fprbin, &fprlen); |
3067 | 0 | if (desc.mode == KEYDB_SEARCH_MODE_FPR |
3068 | 0 | && fprlen == desc.fprlen |
3069 | 0 | && !memcmp (fprbin, desc.u.fpr, fprlen)) |
3070 | 0 | ; |
3071 | 0 | else |
3072 | 0 | { |
3073 | 0 | log_error (_("\"%s\" is not the primary fingerprint\n"), fpr); |
3074 | 0 | err = gpg_error (GPG_ERR_INV_NAME); |
3075 | 0 | goto leave; |
3076 | 0 | } |
3077 | | |
3078 | 0 | *r_keyblock = keyblock; |
3079 | 0 | keyblock = NULL; |
3080 | 0 | *r_kdbhd = kdbhd; |
3081 | 0 | kdbhd = NULL; |
3082 | 0 | err = 0; |
3083 | |
|
3084 | 0 | leave: |
3085 | 0 | release_kbnode (keyblock); |
3086 | 0 | keydb_release (kdbhd); |
3087 | 0 | return err; |
3088 | 0 | } |
3089 | | |
3090 | | |
3091 | | /* Unattended key signing function. If the key specified by FPR is |
3092 | | available and FPR is the primary fingerprint all user ids of the |
3093 | | key are signed using the default signing key. If UIDS is an empty |
3094 | | list all usable UIDs are signed, if it is not empty, only those |
3095 | | user ids matching one of the entries of the list are signed. With |
3096 | | LOCAL being true the signatures are marked as non-exportable. If |
3097 | | TRUSTSIG is given a trust signature is created; see |
3098 | | parse_trustsig_string(). */ |
3099 | | void |
3100 | | keyedit_quick_sign (ctrl_t ctrl, const char *fpr, strlist_t uids, |
3101 | | strlist_t locusr, const char *trustsig, int local) |
3102 | 0 | { |
3103 | 0 | gpg_error_t err = 0; |
3104 | 0 | kbnode_t keyblock = NULL; |
3105 | 0 | KEYDB_HANDLE kdbhd = NULL; |
3106 | 0 | int modified = 0; |
3107 | 0 | PKT_public_key *pk; |
3108 | 0 | kbnode_t node; |
3109 | 0 | strlist_t sl; |
3110 | 0 | int any; |
3111 | |
|
3112 | | #ifdef HAVE_W32_SYSTEM |
3113 | | /* See keyedit_menu for why we need this. */ |
3114 | | check_trustdb_stale (ctrl); |
3115 | | #endif |
3116 | | |
3117 | | /* Do an early check on an arg for an immediate error message. */ |
3118 | 0 | if (trustsig) |
3119 | 0 | { |
3120 | 0 | byte trust_depth, trust_value; |
3121 | 0 | char *trust_regexp; |
3122 | 0 | err = parse_trustsig_string (trustsig, &trust_value, |
3123 | 0 | &trust_depth, &trust_regexp); |
3124 | 0 | xfree (trust_regexp); |
3125 | 0 | (void)trust_depth; |
3126 | 0 | (void)trust_value; |
3127 | 0 | if (err) |
3128 | 0 | goto leave; |
3129 | 0 | } |
3130 | | |
3131 | | /* We require a fingerprint because only this uniquely identifies a |
3132 | | key and may thus be used to select a key for unattended key |
3133 | | signing. */ |
3134 | 0 | if (find_by_primary_fpr (ctrl, fpr, &keyblock, &kdbhd)) |
3135 | 0 | goto leave; |
3136 | | |
3137 | 0 | if (fix_keyblock (ctrl, &keyblock)) |
3138 | 0 | modified++; |
3139 | | |
3140 | | /* Give some info in verbose. */ |
3141 | 0 | if (opt.verbose) |
3142 | 0 | { |
3143 | 0 | show_key_with_all_names (ctrl, es_stdout, keyblock, 0, |
3144 | 0 | 1/*with_revoker*/, 1/*with_fingerprint*/, |
3145 | 0 | 0, 0, 1); |
3146 | 0 | es_fflush (es_stdout); |
3147 | 0 | } |
3148 | |
|
3149 | 0 | pk = keyblock->pkt->pkt.public_key; |
3150 | 0 | if (pk->flags.revoked) |
3151 | 0 | { |
3152 | 0 | if (!opt.verbose) |
3153 | 0 | show_key_with_all_names (ctrl, es_stdout, keyblock, 0, 0, 0, 0, 0, 1); |
3154 | 0 | log_error ("%s%s", _("Key is revoked."), _(" Unable to sign.\n")); |
3155 | 0 | err = gpg_error (GPG_ERR_CERT_REVOKED); |
3156 | 0 | goto leave; |
3157 | 0 | } |
3158 | | |
3159 | | /* Set the flags according to the UIDS list. Fixme: We may want to |
3160 | | use classify_user_id along with dedicated compare functions so |
3161 | | that we match the same way as in the key lookup. */ |
3162 | 0 | any = 0; |
3163 | 0 | menu_select_uid (keyblock, 0); /* Better clear the flags first. */ |
3164 | 0 | for (sl=uids; sl; sl = sl->next) |
3165 | 0 | { |
3166 | 0 | const char *name = sl->d; |
3167 | 0 | int count = 0; |
3168 | |
|
3169 | 0 | sl->flags &= ~(1|2); /* Clear flags used for error reporting. */ |
3170 | |
|
3171 | 0 | for (node = keyblock; node; node = node->next) |
3172 | 0 | { |
3173 | 0 | if (node->pkt->pkttype == PKT_USER_ID) |
3174 | 0 | { |
3175 | 0 | PKT_user_id *uid = node->pkt->pkt.user_id; |
3176 | |
|
3177 | 0 | if (uid->attrib_data) |
3178 | 0 | ; |
3179 | 0 | else if (*name == '=' |
3180 | 0 | && strlen (name+1) == uid->len |
3181 | 0 | && !memcmp (uid->name, name + 1, uid->len)) |
3182 | 0 | { /* Exact match - we don't do a check for ambiguity |
3183 | | * in this case. */ |
3184 | 0 | node->flag |= NODFLG_SELUID; |
3185 | 0 | if (any != -1) |
3186 | 0 | { |
3187 | 0 | sl->flags |= 1; /* Report as found. */ |
3188 | 0 | any = 1; |
3189 | 0 | } |
3190 | 0 | } |
3191 | 0 | else if (ascii_memistr (uid->name, uid->len, |
3192 | 0 | *name == '*'? name+1:name)) |
3193 | 0 | { |
3194 | 0 | node->flag |= NODFLG_SELUID; |
3195 | 0 | if (any != -1) |
3196 | 0 | { |
3197 | 0 | sl->flags |= 1; /* Report as found. */ |
3198 | 0 | any = 1; |
3199 | 0 | } |
3200 | 0 | count++; |
3201 | 0 | } |
3202 | 0 | } |
3203 | 0 | } |
3204 | |
|
3205 | 0 | if (count > 1) |
3206 | 0 | { |
3207 | 0 | any = -1; /* Force failure at end. */ |
3208 | 0 | sl->flags |= 2; /* Report as ambiguous. */ |
3209 | 0 | } |
3210 | 0 | } |
3211 | | |
3212 | | /* Check whether all given user ids were found. */ |
3213 | 0 | for (sl=uids; sl; sl = sl->next) |
3214 | 0 | if (!(sl->flags & 1)) |
3215 | 0 | any = -1; /* That user id was not found. */ |
3216 | | |
3217 | | /* Print an error if there was a problem with the user ids. */ |
3218 | 0 | if (uids && any < 1) |
3219 | 0 | { |
3220 | 0 | if (!opt.verbose) |
3221 | 0 | show_key_with_all_names (ctrl, es_stdout, keyblock, 0, 0, 0, 0, 0, 1); |
3222 | 0 | es_fflush (es_stdout); |
3223 | 0 | for (sl=uids; sl; sl = sl->next) |
3224 | 0 | { |
3225 | 0 | if ((sl->flags & 2)) |
3226 | 0 | log_info (_("Invalid user ID '%s': %s\n"), |
3227 | 0 | sl->d, gpg_strerror (GPG_ERR_AMBIGUOUS_NAME)); |
3228 | 0 | else if (!(sl->flags & 1)) |
3229 | 0 | log_info (_("Invalid user ID '%s': %s\n"), |
3230 | 0 | sl->d, gpg_strerror (GPG_ERR_NOT_FOUND)); |
3231 | 0 | } |
3232 | 0 | log_error ("%s %s", _("No matching user IDs."), _("Nothing to sign.\n")); |
3233 | 0 | err = gpg_error (GPG_ERR_NO_USER_ID); |
3234 | 0 | goto leave; |
3235 | 0 | } |
3236 | | |
3237 | | /* Sign. */ |
3238 | 0 | err = sign_uids (ctrl, es_stdout, keyblock, locusr, |
3239 | 0 | (SIGN_UIDS_QUICK |
3240 | 0 | | (local? SIGN_UIDS_LOCAL : 0) |
3241 | 0 | | (trustsig? SIGN_UIDS_TRUSTSIG : 0)), |
3242 | 0 | trustsig, &modified); |
3243 | 0 | es_fflush (es_stdout); |
3244 | 0 | if (err) |
3245 | 0 | goto leave; |
3246 | | |
3247 | 0 | if (modified) |
3248 | 0 | { |
3249 | 0 | err = keydb_update_keyblock (ctrl, kdbhd, keyblock); |
3250 | 0 | if (err) |
3251 | 0 | { |
3252 | 0 | log_error (_("update failed: %s\n"), gpg_strerror (err)); |
3253 | 0 | goto leave; |
3254 | 0 | } |
3255 | 0 | if (!local) /* No need to upload new non-expotable sigs. */ |
3256 | 0 | maybe_upload_key (ctrl, keyblock); |
3257 | 0 | } |
3258 | 0 | else |
3259 | 0 | log_info (_("Key not changed so no update needed.\n")); |
3260 | | |
3261 | 0 | if (update_trust) |
3262 | 0 | revalidation_mark (ctrl); |
3263 | |
|
3264 | 0 | leave: |
3265 | 0 | if (err) |
3266 | 0 | { |
3267 | 0 | log_error (_("creating key signature failed: %s\n"), gpg_strerror (err)); |
3268 | 0 | write_status_error ("keyedit.sign-key", err); |
3269 | 0 | } |
3270 | 0 | release_kbnode (keyblock); |
3271 | 0 | keydb_release (kdbhd); |
3272 | 0 | } |
3273 | | |
3274 | | |
3275 | | /* Unattended revocation of a key signatures. USERNAME specifies the |
3276 | | * key; this should best be a fingerprint. SIGTOREV is the user-id of |
3277 | | * the key for which the key signature shall be removed. Only |
3278 | | * non-self-signatures can be removed with this functions. If |
3279 | | * AFFECTED_UIDS is not NULL only the key signatures on these user-ids |
3280 | | * are revoked. */ |
3281 | | void |
3282 | | keyedit_quick_revsig (ctrl_t ctrl, const char *username, const char *sigtorev, |
3283 | | strlist_t affected_uids) |
3284 | 0 | { |
3285 | 0 | gpg_error_t err = 0; |
3286 | 0 | int no_signing_key = 0; |
3287 | 0 | KEYDB_HANDLE kdbhd = NULL; |
3288 | 0 | kbnode_t keyblock = NULL; |
3289 | 0 | PKT_public_key *primarypk; /* Points into KEYBLOCK. */ |
3290 | 0 | u32 *primarykid; |
3291 | 0 | PKT_public_key *pksigtorev = NULL; |
3292 | 0 | u32 *pksigtorevkid; |
3293 | 0 | kbnode_t node, n; |
3294 | 0 | int skip_remaining; |
3295 | 0 | int consider_sig; |
3296 | 0 | strlist_t sl; |
3297 | 0 | struct sign_attrib attrib = { 0 }; |
3298 | |
|
3299 | | #ifdef HAVE_W32_SYSTEM |
3300 | | /* See keyedit_menu for why we need this. */ |
3301 | | check_trustdb_stale (ctrl); |
3302 | | #endif |
3303 | | |
3304 | | /* Search the key; we don't want the whole getkey stuff here. Note |
3305 | | * that we are looking for the public key here. */ |
3306 | 0 | err = quick_find_keyblock (ctrl, username, 0, &kdbhd, &keyblock); |
3307 | 0 | if (err) |
3308 | 0 | goto leave; |
3309 | 0 | log_assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY |
3310 | 0 | || keyblock->pkt->pkttype == PKT_SECRET_KEY); |
3311 | 0 | primarypk = keyblock->pkt->pkt.public_key; |
3312 | 0 | primarykid = pk_keyid (primarypk); |
3313 | | |
3314 | | /* Get the signing key we want to revoke. This must be one of our |
3315 | | * signing keys. We will compare only the keyid because we don't |
3316 | | * assume that we have duplicated keyids on our own secret keys. If |
3317 | | * a there is a duplicated one we will notice this when creating the |
3318 | | * revocation. */ |
3319 | 0 | pksigtorev = xtrycalloc (1, sizeof *pksigtorev); |
3320 | 0 | if (!pksigtorev) |
3321 | 0 | { |
3322 | 0 | err = gpg_error_from_syserror (); |
3323 | 0 | goto leave; |
3324 | 0 | } |
3325 | 0 | pksigtorev->req_usage = PUBKEY_USAGE_CERT; |
3326 | 0 | err = getkey_byname (ctrl, NULL, pksigtorev, sigtorev, 1, NULL); |
3327 | 0 | if (err) |
3328 | 0 | { |
3329 | 0 | no_signing_key = 1; |
3330 | 0 | goto leave; |
3331 | 0 | } |
3332 | 0 | pksigtorevkid = pk_keyid (pksigtorev); |
3333 | | |
3334 | | /* Find the signatures we want to revoke and set a mark. */ |
3335 | 0 | skip_remaining = consider_sig = 0; |
3336 | 0 | for (node = keyblock; node; node = node->next) |
3337 | 0 | { |
3338 | 0 | node->flag &= ~NODFLG_MARK_A; |
3339 | 0 | if (skip_remaining) |
3340 | 0 | ; |
3341 | 0 | else if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY) |
3342 | 0 | skip_remaining = 1; |
3343 | 0 | else if (node->pkt->pkttype == PKT_USER_ID) |
3344 | 0 | { |
3345 | 0 | PKT_user_id *uid = node->pkt->pkt.user_id; |
3346 | |
|
3347 | 0 | consider_sig = !affected_uids; |
3348 | 0 | for (sl = affected_uids; !consider_sig && sl; sl = sl->next) |
3349 | 0 | { |
3350 | 0 | const char *name = sl->d; |
3351 | |
|
3352 | 0 | if (uid->attrib_data) |
3353 | 0 | ; |
3354 | 0 | else if (*name == '=' |
3355 | 0 | && strlen (name+1) == uid->len |
3356 | 0 | && !memcmp (uid->name, name + 1, uid->len)) |
3357 | 0 | { /* Exact match. */ |
3358 | 0 | consider_sig = 1; |
3359 | 0 | } |
3360 | 0 | else if (ascii_memistr (uid->name, uid->len, |
3361 | 0 | *name == '*'? name+1:name)) |
3362 | 0 | { /* Case-insensitive substring match. */ |
3363 | 0 | consider_sig = 1; |
3364 | 0 | } |
3365 | 0 | } |
3366 | 0 | } |
3367 | 0 | else if (node->pkt->pkttype == PKT_SIGNATURE) |
3368 | 0 | { |
3369 | | /* We need to sort the signatures so that we can figure out |
3370 | | * whether the key signature has been revoked or the |
3371 | | * revocation has been superseded by a new key |
3372 | | * signature. */ |
3373 | 0 | PKT_signature *sig; |
3374 | 0 | unsigned int sigcount = 0; |
3375 | 0 | kbnode_t *sigarray; |
3376 | | |
3377 | | /* Allocate an array large enough for all signatures. */ |
3378 | 0 | for (n=node; n && n->pkt->pkttype == PKT_SIGNATURE; n = n->next) |
3379 | 0 | sigcount++; |
3380 | 0 | sigarray = xtrycalloc (sigcount, sizeof *sigarray); |
3381 | 0 | if (!sigarray) |
3382 | 0 | { |
3383 | 0 | err = gpg_error_from_syserror (); |
3384 | 0 | goto leave; |
3385 | 0 | } |
3386 | | |
3387 | | /* Now fill the array with signatures we are interested in. |
3388 | | * We also move NODE forward to the end. */ |
3389 | 0 | sigcount = 0; |
3390 | 0 | for (n=node; n && n->pkt->pkttype == PKT_SIGNATURE; node=n, n=n->next) |
3391 | 0 | { |
3392 | 0 | sig = n->pkt->pkt.signature; |
3393 | 0 | if (!keyid_cmp (primarykid, sig->keyid)) |
3394 | 0 | continue; /* Ignore self-signatures. */ |
3395 | | |
3396 | 0 | if (keyid_cmp (pksigtorevkid, sig->keyid)) |
3397 | 0 | continue; /* Ignore non-matching signatures. */ |
3398 | | |
3399 | 0 | n->flag &= ~NODFLG_MARK_B; /* Clear flag used by cm_signode. */ |
3400 | 0 | sigarray[sigcount++] = n; |
3401 | 0 | } |
3402 | |
|
3403 | 0 | if (sigcount) |
3404 | 0 | { |
3405 | 0 | qsort (sigarray, sigcount, sizeof *sigarray, cmp_signodes); |
3406 | | |
3407 | | /* log_debug ("Sorted signatures:\n"); */ |
3408 | | /* for (idx=0; idx < sigcount; idx++) */ |
3409 | | /* { */ |
3410 | | /* sig = sigarray[idx]->pkt->pkt.signature; */ |
3411 | | /* log_debug ("%s 0x%02x %s\n", keystr (sig->keyid), */ |
3412 | | /* sig->sig_class, datestr_from_sig (sig)); */ |
3413 | | /* } */ |
3414 | 0 | sig = sigarray[sigcount-1]->pkt->pkt.signature; |
3415 | 0 | if ((consider_sig || !affected_uids) && IS_UID_REV (sig)) |
3416 | 0 | { |
3417 | 0 | if (!opt.quiet) |
3418 | 0 | log_info ("sig by %s already revoked at %s\n", |
3419 | 0 | keystr (sig->keyid), datestr_from_sig (sig)); |
3420 | 0 | } |
3421 | 0 | else if ((consider_sig && IS_UID_SIG (sig)) |
3422 | 0 | || (!affected_uids && IS_KEY_SIG (sig))) |
3423 | 0 | node->flag |= NODFLG_MARK_A; /* Select signature. */ |
3424 | 0 | } |
3425 | |
|
3426 | 0 | xfree (sigarray); |
3427 | 0 | } |
3428 | 0 | } |
3429 | | |
3430 | | /* Check whether any signatures were done by the given key. We do |
3431 | | * not return an error if none were found. */ |
3432 | 0 | for (node = keyblock; node; node = node->next) |
3433 | 0 | if ((node->flag & NODFLG_MARK_A)) |
3434 | 0 | break; |
3435 | 0 | if (!node) |
3436 | 0 | { |
3437 | 0 | if (opt.verbose) |
3438 | 0 | log_info (_("Not signed by you.\n")); |
3439 | 0 | err = 0; |
3440 | 0 | goto leave; |
3441 | 0 | } |
3442 | | |
3443 | | /* Revoke all marked signatures. */ |
3444 | 0 | attrib.reason = get_default_sig_revocation_reason (); |
3445 | |
|
3446 | 0 | reloop: /* (we must repeat because we are modifying the list) */ |
3447 | 0 | for (node = keyblock; node; node = node->next) |
3448 | 0 | { |
3449 | 0 | kbnode_t unode; |
3450 | 0 | PKT_signature *sig; |
3451 | 0 | PACKET *pkt; |
3452 | |
|
3453 | 0 | if (!(node->flag & NODFLG_MARK_A)) |
3454 | 0 | continue; |
3455 | 0 | node->flag &= ~NODFLG_MARK_A; |
3456 | |
|
3457 | 0 | if (IS_KEY_SIG (node->pkt->pkt.signature)) |
3458 | 0 | unode = NULL; |
3459 | 0 | else |
3460 | 0 | { |
3461 | 0 | unode = find_prev_kbnode (keyblock, node, PKT_USER_ID); |
3462 | 0 | log_assert (unode); |
3463 | 0 | } |
3464 | | |
3465 | 0 | attrib.non_exportable = !node->pkt->pkt.signature->flags.exportable; |
3466 | |
|
3467 | 0 | err = make_keysig_packet (ctrl, &sig, primarypk, |
3468 | 0 | unode? unode->pkt->pkt.user_id : NULL, |
3469 | 0 | NULL, pksigtorev, 0x30, 0, 0, |
3470 | 0 | sign_mk_attrib, &attrib, NULL); |
3471 | 0 | if (err) |
3472 | 0 | { |
3473 | 0 | log_error ("signing failed: %s\n", gpg_strerror (err)); |
3474 | 0 | goto leave; |
3475 | 0 | } |
3476 | | |
3477 | 0 | pkt = xmalloc_clear (sizeof *pkt); |
3478 | 0 | pkt->pkttype = PKT_SIGNATURE; |
3479 | 0 | pkt->pkt.signature = sig; |
3480 | 0 | if (unode) |
3481 | 0 | insert_kbnode (unode, new_kbnode (pkt), 0); |
3482 | 0 | goto reloop; |
3483 | 0 | } |
3484 | | |
3485 | 0 | err = keydb_update_keyblock (ctrl, kdbhd, keyblock); |
3486 | 0 | if (err) |
3487 | 0 | { |
3488 | 0 | log_error (_("update failed: %s\n"), gpg_strerror (err)); |
3489 | 0 | goto leave; |
3490 | 0 | } |
3491 | 0 | maybe_upload_key (ctrl, keyblock); |
3492 | 0 | revalidation_mark (ctrl); |
3493 | |
|
3494 | 0 | leave: |
3495 | 0 | if (err) |
3496 | 0 | { |
3497 | 0 | log_error (_("revoking the key signature failed: %s\n"), |
3498 | 0 | gpg_strerror (err)); |
3499 | 0 | if (no_signing_key) |
3500 | 0 | print_further_info ("error getting key used to make the key signature"); |
3501 | 0 | write_status_error ("keyedit.revoke.sig", err); |
3502 | 0 | } |
3503 | 0 | release_revocation_reason_info (attrib.reason); |
3504 | 0 | free_public_key (pksigtorev); |
3505 | 0 | release_kbnode (keyblock); |
3506 | 0 | keydb_release (kdbhd); |
3507 | 0 | } |
3508 | | |
3509 | | |
3510 | | /* Unattended subkey creation function. |
3511 | | * |
3512 | | */ |
3513 | | void |
3514 | | keyedit_quick_addkey (ctrl_t ctrl, const char *fpr, const char *algostr, |
3515 | | const char *usagestr, const char *expirestr) |
3516 | 0 | { |
3517 | 0 | gpg_error_t err; |
3518 | 0 | kbnode_t keyblock; |
3519 | 0 | KEYDB_HANDLE kdbhd; |
3520 | 0 | int modified = 0; |
3521 | 0 | PKT_public_key *pk; |
3522 | |
|
3523 | | #ifdef HAVE_W32_SYSTEM |
3524 | | /* See keyedit_menu for why we need this. */ |
3525 | | check_trustdb_stale (ctrl); |
3526 | | #endif |
3527 | | |
3528 | | /* We require a fingerprint because only this uniquely identifies a |
3529 | | * key and may thus be used to select a key for unattended subkey |
3530 | | * creation. */ |
3531 | 0 | if ((err=find_by_primary_fpr (ctrl, fpr, &keyblock, &kdbhd))) |
3532 | 0 | goto leave; |
3533 | | |
3534 | 0 | if (fix_keyblock (ctrl, &keyblock)) |
3535 | 0 | modified++; |
3536 | |
|
3537 | 0 | pk = keyblock->pkt->pkt.public_key; |
3538 | 0 | if (pk->flags.revoked) |
3539 | 0 | { |
3540 | 0 | if (!opt.verbose) |
3541 | 0 | show_key_with_all_names (ctrl, es_stdout, keyblock, 0, 0, 0, 0, 0, 1); |
3542 | 0 | log_error ("%s%s", _("Key is revoked."), "\n"); |
3543 | 0 | err = gpg_error (GPG_ERR_CERT_REVOKED); |
3544 | 0 | goto leave; |
3545 | 0 | } |
3546 | | |
3547 | | /* Create the subkey. Note that the called function already prints |
3548 | | * an error message. */ |
3549 | 0 | if (!generate_subkeypair (ctrl, keyblock, algostr, usagestr, expirestr)) |
3550 | 0 | modified = 1; |
3551 | 0 | es_fflush (es_stdout); |
3552 | | |
3553 | | /* Store. */ |
3554 | 0 | if (modified) |
3555 | 0 | { |
3556 | 0 | err = keydb_update_keyblock (ctrl, kdbhd, keyblock); |
3557 | 0 | if (err) |
3558 | 0 | { |
3559 | 0 | log_error (_("update failed: %s\n"), gpg_strerror (err)); |
3560 | 0 | goto leave; |
3561 | 0 | } |
3562 | 0 | maybe_upload_key (ctrl, keyblock); |
3563 | 0 | } |
3564 | 0 | else |
3565 | 0 | log_info (_("Key not changed so no update needed.\n")); |
3566 | | |
3567 | 0 | leave: |
3568 | 0 | if (err) |
3569 | 0 | write_status_error ("keyedit.addkey", err); |
3570 | 0 | release_kbnode (keyblock); |
3571 | 0 | keydb_release (kdbhd); |
3572 | 0 | } |
3573 | | |
3574 | | |
3575 | | /* Unattended ADSK setup function. |
3576 | | * |
3577 | | * FPR is the fingerprint of our key. ADSKFPR is the fingerprint of |
3578 | | * another subkey which we want to add as ADSK to our key. |
3579 | | */ |
3580 | | void |
3581 | | keyedit_quick_addadsk (ctrl_t ctrl, const char *fpr, const char *adskfpr) |
3582 | 0 | { |
3583 | 0 | gpg_error_t err; |
3584 | 0 | kbnode_t keyblock; |
3585 | 0 | KEYDB_HANDLE kdbhd; |
3586 | 0 | int modified = 0; |
3587 | 0 | PKT_public_key *pk; |
3588 | |
|
3589 | | #ifdef HAVE_W32_SYSTEM |
3590 | | /* See keyedit_menu for why we need this. */ |
3591 | | check_trustdb_stale (ctrl); |
3592 | | #endif |
3593 | | |
3594 | | /* We require a fingerprint because only this uniquely identifies a |
3595 | | * key and may thus be used to select a key for unattended adsk |
3596 | | * adding. */ |
3597 | 0 | if ((err = find_by_primary_fpr (ctrl, fpr, &keyblock, &kdbhd))) |
3598 | 0 | goto leave; |
3599 | | |
3600 | 0 | if (fix_keyblock (ctrl, &keyblock)) |
3601 | 0 | modified++; |
3602 | |
|
3603 | 0 | pk = keyblock->pkt->pkt.public_key; |
3604 | 0 | if (pk->flags.revoked) |
3605 | 0 | { |
3606 | 0 | if (!opt.verbose) |
3607 | 0 | show_key_with_all_names (ctrl, es_stdout, keyblock, 0, 0, 0, 0, 0, 1); |
3608 | 0 | log_error ("%s%s", _("Key is revoked."), "\n"); |
3609 | 0 | err = gpg_error (GPG_ERR_CERT_REVOKED); |
3610 | 0 | goto leave; |
3611 | 0 | } |
3612 | | |
3613 | | /* Locate and add the ADSK. Note that the called function already |
3614 | | * prints error messages. */ |
3615 | 0 | if (adskfpr && !ascii_strcasecmp (adskfpr, "default")) |
3616 | 0 | { |
3617 | 0 | err = append_all_default_adsks (ctrl, keyblock); |
3618 | 0 | if (!err) |
3619 | 0 | modified = 1; |
3620 | 0 | else if (gpg_err_code (err) == GPG_ERR_FALSE) |
3621 | 0 | err = 0; |
3622 | 0 | } |
3623 | 0 | else if (menu_addadsk (ctrl, keyblock, adskfpr)) |
3624 | 0 | modified = 1; |
3625 | 0 | else |
3626 | 0 | log_inc_errorcount (); /* (We use log_info in menu_adsk) */ |
3627 | |
|
3628 | 0 | es_fflush (es_stdout); |
3629 | | |
3630 | | /* Store. */ |
3631 | 0 | if (modified) |
3632 | 0 | { |
3633 | 0 | err = keydb_update_keyblock (ctrl, kdbhd, keyblock); |
3634 | 0 | if (err) |
3635 | 0 | { |
3636 | 0 | log_error (_("update failed: %s\n"), gpg_strerror (err)); |
3637 | 0 | goto leave; |
3638 | 0 | } |
3639 | 0 | maybe_upload_key (ctrl, keyblock); |
3640 | 0 | } |
3641 | | |
3642 | 0 | leave: |
3643 | 0 | if (err) |
3644 | 0 | write_status_error ("keyedit.addadsk", err); |
3645 | 0 | release_kbnode (keyblock); |
3646 | 0 | keydb_release (kdbhd); |
3647 | 0 | } |
3648 | | |
3649 | | |
3650 | | /* Unattended expiration setting function for the main key. If |
3651 | | * SUBKEYFPRS is not NULL and SUBKEYSFPRS[0] is neither NULL, it is |
3652 | | * expected to be an array of fingerprints for subkeys to change. It |
3653 | | * may also be an array with only the item "*" to indicate that all |
3654 | | * keys shall be set to that expiration date. |
3655 | | */ |
3656 | | void |
3657 | | keyedit_quick_set_expire (ctrl_t ctrl, const char *fpr, const char *expirestr, |
3658 | | char **subkeyfprs) |
3659 | 0 | { |
3660 | 0 | gpg_error_t err; |
3661 | 0 | kbnode_t keyblock, node; |
3662 | 0 | KEYDB_HANDLE kdbhd; |
3663 | 0 | int modified = 0; |
3664 | 0 | PKT_public_key *pk; |
3665 | 0 | u32 expire; |
3666 | 0 | int primary_only = 0; |
3667 | 0 | int idx; |
3668 | |
|
3669 | | #ifdef HAVE_W32_SYSTEM |
3670 | | /* See keyedit_menu for why we need this. */ |
3671 | | check_trustdb_stale (ctrl); |
3672 | | #endif |
3673 | | |
3674 | | /* We require a fingerprint because only this uniquely identifies a |
3675 | | * key and may thus be used to select a key for unattended |
3676 | | * expiration setting. */ |
3677 | 0 | err = find_by_primary_fpr (ctrl, fpr, &keyblock, &kdbhd); |
3678 | 0 | if (err) |
3679 | 0 | goto leave; |
3680 | | |
3681 | 0 | if (fix_keyblock (ctrl, &keyblock)) |
3682 | 0 | modified++; |
3683 | |
|
3684 | 0 | pk = keyblock->pkt->pkt.public_key; |
3685 | 0 | if (pk->flags.revoked) |
3686 | 0 | { |
3687 | 0 | if (!opt.verbose) |
3688 | 0 | show_key_with_all_names (ctrl, es_stdout, keyblock, 0, 0, 0, 0, 0, 1); |
3689 | 0 | log_error ("%s%s", _("Key is revoked."), "\n"); |
3690 | 0 | err = gpg_error (GPG_ERR_CERT_REVOKED); |
3691 | 0 | goto leave; |
3692 | 0 | } |
3693 | | |
3694 | 0 | expire = parse_expire_string (expirestr); |
3695 | 0 | if (expire == (u32)-1 ) |
3696 | 0 | { |
3697 | 0 | log_error (_("'%s' is not a valid expiration time\n"), expirestr); |
3698 | 0 | err = gpg_error (GPG_ERR_INV_VALUE); |
3699 | 0 | goto leave; |
3700 | 0 | } |
3701 | 0 | if (expire) |
3702 | 0 | expire += make_timestamp (); |
3703 | | |
3704 | | /* Check whether a subkey's expiration time shall be changed or the |
3705 | | * expiration time of all keys. */ |
3706 | 0 | if (!subkeyfprs || !subkeyfprs[0]) |
3707 | 0 | primary_only = 1; |
3708 | 0 | else if ( !strcmp (subkeyfprs[0], "*") && !subkeyfprs[1]) |
3709 | 0 | { |
3710 | | /* Change all subkeys keys which have not been revoked and are |
3711 | | * not yet expired. */ |
3712 | 0 | merge_keys_and_selfsig (ctrl, keyblock); |
3713 | 0 | for (node = keyblock; node; node = node->next) |
3714 | 0 | { |
3715 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY |
3716 | 0 | && (pk = node->pkt->pkt.public_key) |
3717 | 0 | && !pk->flags.revoked |
3718 | 0 | && !pk->has_expired) |
3719 | 0 | node->flag |= NODFLG_SELKEY; |
3720 | 0 | } |
3721 | 0 | } |
3722 | 0 | else |
3723 | 0 | { |
3724 | | /* Change specified subkeys. */ |
3725 | 0 | KEYDB_SEARCH_DESC desc; |
3726 | 0 | byte fprbin[MAX_FINGERPRINT_LEN]; |
3727 | 0 | size_t fprlen; |
3728 | |
|
3729 | 0 | err = 0; |
3730 | 0 | merge_keys_and_selfsig (ctrl, keyblock); |
3731 | 0 | for (idx=0; subkeyfprs[idx]; idx++) |
3732 | 0 | { |
3733 | 0 | int any = 0; |
3734 | | |
3735 | | /* Parse the fingerprint. */ |
3736 | 0 | if (classify_user_id (subkeyfprs[idx], &desc, 1) |
3737 | 0 | || desc.mode != KEYDB_SEARCH_MODE_FPR) |
3738 | 0 | { |
3739 | 0 | log_error (_("\"%s\" is not a proper fingerprint\n"), |
3740 | 0 | subkeyfprs[idx] ); |
3741 | 0 | if (!err) |
3742 | 0 | err = gpg_error (GPG_ERR_INV_NAME); |
3743 | 0 | continue; |
3744 | 0 | } |
3745 | | |
3746 | | /* Set the flag for the matching non revoked subkey. */ |
3747 | 0 | for (node = keyblock; node; node = node->next) |
3748 | 0 | { |
3749 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY |
3750 | 0 | && (pk = node->pkt->pkt.public_key) |
3751 | 0 | && !pk->flags.revoked ) |
3752 | 0 | { |
3753 | 0 | fingerprint_from_pk (pk, fprbin, &fprlen); |
3754 | 0 | if (fprlen == desc.fprlen && !memcmp (fprbin, desc.u.fpr, fprlen)) |
3755 | 0 | { |
3756 | 0 | node->flag |= NODFLG_SELKEY; |
3757 | 0 | any = 1; |
3758 | 0 | } |
3759 | 0 | } |
3760 | 0 | } |
3761 | 0 | if (!any) |
3762 | 0 | { |
3763 | 0 | log_error (_("subkey \"%s\" not found\n"), subkeyfprs[idx]); |
3764 | 0 | if (!err) |
3765 | 0 | err = gpg_error (GPG_ERR_NOT_FOUND); |
3766 | 0 | } |
3767 | 0 | } |
3768 | |
|
3769 | 0 | if (err) |
3770 | 0 | goto leave; |
3771 | 0 | } |
3772 | | |
3773 | | /* Set the new expiration date. */ |
3774 | 0 | err = menu_expire (ctrl, keyblock, primary_only? 1 : 2, expire); |
3775 | 0 | if (gpg_err_code (err) == GPG_ERR_TRUE) |
3776 | 0 | modified = 1; |
3777 | 0 | else if (err) |
3778 | 0 | goto leave; |
3779 | 0 | es_fflush (es_stdout); |
3780 | | |
3781 | | /* Store. */ |
3782 | 0 | if (modified) |
3783 | 0 | { |
3784 | 0 | err = keydb_update_keyblock (ctrl, kdbhd, keyblock); |
3785 | 0 | if (err) |
3786 | 0 | { |
3787 | 0 | log_error (_("update failed: %s\n"), gpg_strerror (err)); |
3788 | 0 | goto leave; |
3789 | 0 | } |
3790 | 0 | maybe_upload_key (ctrl, keyblock); |
3791 | 0 | if (update_trust) |
3792 | 0 | revalidation_mark (ctrl); |
3793 | 0 | } |
3794 | 0 | else |
3795 | 0 | log_info (_("Key not changed so no update needed.\n")); |
3796 | | |
3797 | 0 | leave: |
3798 | 0 | release_kbnode (keyblock); |
3799 | 0 | keydb_release (kdbhd); |
3800 | 0 | if (err) |
3801 | 0 | write_status_error ("set_expire", err); |
3802 | 0 | } |
3803 | | |
3804 | | |
3805 | | � |
3806 | | static void |
3807 | | tty_print_notations (int indent, PKT_signature * sig) |
3808 | 0 | { |
3809 | 0 | int first = 1; |
3810 | 0 | struct notation *notation, *nd; |
3811 | |
|
3812 | 0 | if (indent < 0) |
3813 | 0 | { |
3814 | 0 | first = 0; |
3815 | 0 | indent = -indent; |
3816 | 0 | } |
3817 | |
|
3818 | 0 | notation = sig_to_notation (sig); |
3819 | |
|
3820 | 0 | for (nd = notation; nd; nd = nd->next) |
3821 | 0 | { |
3822 | 0 | if (!first) |
3823 | 0 | tty_printf ("%*s", indent, ""); |
3824 | 0 | else |
3825 | 0 | first = 0; |
3826 | |
|
3827 | 0 | tty_print_utf8_string (nd->name, strlen (nd->name)); |
3828 | 0 | tty_printf ("="); |
3829 | 0 | tty_print_utf8_string (nd->value, strlen (nd->value)); |
3830 | 0 | tty_printf ("\n"); |
3831 | 0 | } |
3832 | |
|
3833 | 0 | free_notation (notation); |
3834 | 0 | } |
3835 | | |
3836 | | |
3837 | | /* |
3838 | | * Show preferences of a public keyblock. |
3839 | | */ |
3840 | | static void |
3841 | | show_prefs (PKT_user_id * uid, PKT_signature * selfsig, int verbose) |
3842 | 0 | { |
3843 | 0 | if (!uid) |
3844 | 0 | return; |
3845 | | |
3846 | 0 | if (verbose) |
3847 | 0 | { |
3848 | 0 | show_preferences (uid, 4, -1, 1); |
3849 | |
|
3850 | 0 | if (selfsig) |
3851 | 0 | { |
3852 | 0 | const byte *pref_ks; |
3853 | 0 | size_t pref_ks_len; |
3854 | |
|
3855 | 0 | pref_ks = parse_sig_subpkt (selfsig, 1, |
3856 | 0 | SIGSUBPKT_PREF_KS, &pref_ks_len); |
3857 | 0 | if (pref_ks && pref_ks_len) |
3858 | 0 | { |
3859 | 0 | tty_printf (" "); |
3860 | 0 | tty_printf (_("Preferred keyserver: ")); |
3861 | 0 | tty_print_utf8_string (pref_ks, pref_ks_len); |
3862 | 0 | tty_printf ("\n"); |
3863 | 0 | } |
3864 | |
|
3865 | 0 | if (selfsig->flags.notation) |
3866 | 0 | { |
3867 | 0 | tty_printf (" "); |
3868 | 0 | tty_printf (_("Notations: ")); |
3869 | 0 | tty_print_notations (5 + strlen (_("Notations: ")), selfsig); |
3870 | 0 | } |
3871 | 0 | } |
3872 | 0 | } |
3873 | 0 | else |
3874 | 0 | { |
3875 | 0 | show_preferences (uid, 4, -1, 0); |
3876 | 0 | } |
3877 | 0 | } |
3878 | | |
3879 | | |
3880 | | /* This is the version of show_key_with_all_names used when |
3881 | | opt.with_colons is used. It prints all available data in a easy to |
3882 | | parse format and does not translate utf8 */ |
3883 | | static void |
3884 | | show_key_with_all_names_colon (ctrl_t ctrl, estream_t fp, kbnode_t keyblock) |
3885 | 0 | { |
3886 | 0 | KBNODE node; |
3887 | 0 | int i, j, ulti_hack = 0; |
3888 | 0 | byte pk_version = 0; |
3889 | 0 | PKT_public_key *primary = NULL; |
3890 | 0 | int have_seckey; |
3891 | |
|
3892 | 0 | if (!fp) |
3893 | 0 | fp = es_stdout; |
3894 | | |
3895 | | /* the keys */ |
3896 | 0 | for (node = keyblock; node; node = node->next) |
3897 | 0 | { |
3898 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_KEY |
3899 | 0 | || (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)) |
3900 | 0 | { |
3901 | 0 | PKT_public_key *pk = node->pkt->pkt.public_key; |
3902 | 0 | u32 keyid[2]; |
3903 | |
|
3904 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_KEY) |
3905 | 0 | { |
3906 | 0 | pk_version = pk->version; |
3907 | 0 | primary = pk; |
3908 | 0 | } |
3909 | |
|
3910 | 0 | keyid_from_pk (pk, keyid); |
3911 | 0 | have_seckey = agent_probe_secret_key (ctrl, pk); |
3912 | |
|
3913 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_KEY) |
3914 | 0 | es_fputs (have_seckey? "sec:" : "pub:", fp); |
3915 | 0 | else |
3916 | 0 | es_fputs (have_seckey? "ssb:" : "sub:", fp); |
3917 | |
|
3918 | 0 | if (!pk->flags.valid) |
3919 | 0 | es_putc ('i', fp); |
3920 | 0 | else if (pk->flags.revoked) |
3921 | 0 | es_putc ('r', fp); |
3922 | 0 | else if (pk->has_expired) |
3923 | 0 | es_putc ('e', fp); |
3924 | 0 | else if (!(opt.fast_list_mode || opt.no_expensive_trust_checks)) |
3925 | 0 | { |
3926 | 0 | int trust = get_validity_info (ctrl, keyblock, pk, NULL); |
3927 | 0 | if (trust == 'u') |
3928 | 0 | ulti_hack = 1; |
3929 | 0 | es_putc (trust, fp); |
3930 | 0 | } |
3931 | |
|
3932 | 0 | es_fprintf (fp, ":%u:%d:%08lX%08lX:%lu:%lu::", |
3933 | 0 | nbits_from_pk (pk), |
3934 | 0 | pk->pubkey_algo, |
3935 | 0 | (ulong) keyid[0], (ulong) keyid[1], |
3936 | 0 | (ulong) pk->timestamp, (ulong) pk->expiredate); |
3937 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_KEY |
3938 | 0 | && !(opt.fast_list_mode || opt.no_expensive_trust_checks)) |
3939 | 0 | es_putc (get_ownertrust_info (ctrl, pk, 0), fp); |
3940 | 0 | es_putc (':', fp); |
3941 | 0 | es_putc (':', fp); |
3942 | 0 | es_putc (':', fp); |
3943 | | /* Print capabilities. */ |
3944 | 0 | if ((pk->pubkey_usage & PUBKEY_USAGE_ENC)) |
3945 | 0 | es_putc ('e', fp); |
3946 | 0 | if ((pk->pubkey_usage & PUBKEY_USAGE_SIG)) |
3947 | 0 | es_putc ('s', fp); |
3948 | 0 | if ((pk->pubkey_usage & PUBKEY_USAGE_CERT)) |
3949 | 0 | es_putc ('c', fp); |
3950 | 0 | if ((pk->pubkey_usage & PUBKEY_USAGE_AUTH)) |
3951 | 0 | es_putc ('a', fp); |
3952 | 0 | if ((pk->pubkey_usage & PUBKEY_USAGE_RENC)) |
3953 | 0 | es_putc ('r', fp); |
3954 | 0 | if ((pk->pubkey_usage & PUBKEY_USAGE_TIME)) |
3955 | 0 | es_putc ('t', fp); |
3956 | 0 | if ((pk->pubkey_usage & PUBKEY_USAGE_GROUP)) |
3957 | 0 | es_putc ('g', fp); |
3958 | 0 | es_putc ('\n', fp); |
3959 | |
|
3960 | 0 | print_fingerprint (ctrl, fp, pk, 0); |
3961 | 0 | print_revokers (fp, 1, pk); |
3962 | 0 | } |
3963 | 0 | } |
3964 | | |
3965 | | /* the user ids */ |
3966 | 0 | i = 0; |
3967 | 0 | for (node = keyblock; node; node = node->next) |
3968 | 0 | { |
3969 | 0 | if (node->pkt->pkttype == PKT_USER_ID) |
3970 | 0 | { |
3971 | 0 | PKT_user_id *uid = node->pkt->pkt.user_id; |
3972 | |
|
3973 | 0 | ++i; |
3974 | |
|
3975 | 0 | if (uid->attrib_data) |
3976 | 0 | es_fputs ("uat:", fp); |
3977 | 0 | else |
3978 | 0 | es_fputs ("uid:", fp); |
3979 | |
|
3980 | 0 | if (uid->flags.revoked) |
3981 | 0 | es_fputs ("r::::::::", fp); |
3982 | 0 | else if (uid->flags.expired) |
3983 | 0 | es_fputs ("e::::::::", fp); |
3984 | 0 | else if (opt.fast_list_mode || opt.no_expensive_trust_checks) |
3985 | 0 | es_fputs ("::::::::", fp); |
3986 | 0 | else |
3987 | 0 | { |
3988 | 0 | int uid_validity; |
3989 | |
|
3990 | 0 | if (primary && !ulti_hack) |
3991 | 0 | uid_validity = get_validity_info (ctrl, keyblock, primary, uid); |
3992 | 0 | else |
3993 | 0 | uid_validity = 'u'; |
3994 | 0 | es_fprintf (fp, "%c::::::::", uid_validity); |
3995 | 0 | } |
3996 | |
|
3997 | 0 | if (uid->attrib_data) |
3998 | 0 | es_fprintf (fp, "%u %lu", uid->numattribs, uid->attrib_len); |
3999 | 0 | else |
4000 | 0 | es_write_sanitized (fp, uid->name, uid->len, ":", NULL); |
4001 | |
|
4002 | 0 | es_putc (':', fp); |
4003 | | /* signature class */ |
4004 | 0 | es_putc (':', fp); |
4005 | | /* capabilities */ |
4006 | 0 | es_putc (':', fp); |
4007 | | /* preferences */ |
4008 | 0 | if (pk_version > 3 || uid->selfsigversion > 3) |
4009 | 0 | { |
4010 | 0 | const prefitem_t *prefs = uid->prefs; |
4011 | |
|
4012 | 0 | for (j = 0; prefs && prefs[j].type; j++) |
4013 | 0 | { |
4014 | 0 | if (j) |
4015 | 0 | es_putc (' ', fp); |
4016 | 0 | es_fprintf (fp, |
4017 | 0 | "%c%d", prefs[j].type == PREFTYPE_SYM ? 'S' : |
4018 | 0 | prefs[j].type == PREFTYPE_HASH ? 'H' : |
4019 | 0 | prefs[j].type == PREFTYPE_ZIP ? 'Z' : '?', |
4020 | 0 | prefs[j].value); |
4021 | 0 | } |
4022 | 0 | if (uid->flags.mdc) |
4023 | 0 | es_fputs (",mdc", fp); |
4024 | 0 | if (uid->flags.aead) |
4025 | 0 | es_fputs (",aead", fp); |
4026 | 0 | if (!uid->flags.ks_modify) |
4027 | 0 | es_fputs (",no-ks-modify", fp); |
4028 | 0 | } |
4029 | 0 | es_putc (':', fp); |
4030 | | /* flags */ |
4031 | 0 | es_fprintf (fp, "%d,", i); |
4032 | 0 | if (uid->flags.primary) |
4033 | 0 | es_putc ('p', fp); |
4034 | 0 | if (uid->flags.revoked) |
4035 | 0 | es_putc ('r', fp); |
4036 | 0 | if (uid->flags.expired) |
4037 | 0 | es_putc ('e', fp); |
4038 | 0 | if ((node->flag & NODFLG_SELUID)) |
4039 | 0 | es_putc ('s', fp); |
4040 | 0 | if ((node->flag & NODFLG_MARK_A)) |
4041 | 0 | es_putc ('m', fp); |
4042 | 0 | es_putc (':', fp); |
4043 | 0 | if (opt.trust_model == TM_TOFU || opt.trust_model == TM_TOFU_PGP) |
4044 | 0 | { |
4045 | | #ifdef USE_TOFU |
4046 | | enum tofu_policy policy; |
4047 | | if (! tofu_get_policy (ctrl, primary, uid, &policy) |
4048 | | && policy != TOFU_POLICY_NONE) |
4049 | | es_fprintf (fp, "%s", tofu_policy_str (policy)); |
4050 | | #endif /*USE_TOFU*/ |
4051 | 0 | } |
4052 | 0 | es_putc (':', fp); |
4053 | 0 | es_putc ('\n', fp); |
4054 | 0 | } |
4055 | 0 | } |
4056 | 0 | } |
4057 | | |
4058 | | |
4059 | | static void |
4060 | | show_names (ctrl_t ctrl, estream_t fp, |
4061 | | kbnode_t keyblock, PKT_public_key * pk, unsigned int flag, |
4062 | | int with_prefs) |
4063 | 0 | { |
4064 | 0 | KBNODE node; |
4065 | 0 | int i = 0; |
4066 | |
|
4067 | 0 | for (node = keyblock; node; node = node->next) |
4068 | 0 | { |
4069 | 0 | if (node->pkt->pkttype == PKT_USER_ID && !is_deleted_kbnode (node)) |
4070 | 0 | { |
4071 | 0 | PKT_user_id *uid = node->pkt->pkt.user_id; |
4072 | 0 | ++i; |
4073 | 0 | if (!flag || (flag && (node->flag & flag))) |
4074 | 0 | { |
4075 | 0 | if (!(flag & NODFLG_MARK_A) && pk) |
4076 | 0 | tty_fprintf (fp, "%s ", uid_trust_string_fixed (ctrl, pk, uid)); |
4077 | |
|
4078 | 0 | if (flag & NODFLG_MARK_A) |
4079 | 0 | tty_fprintf (fp, " "); |
4080 | 0 | else if (node->flag & NODFLG_SELUID) |
4081 | 0 | tty_fprintf (fp, "(%d)* ", i); |
4082 | 0 | else if (uid->flags.primary) |
4083 | 0 | tty_fprintf (fp, "(%d). ", i); |
4084 | 0 | else |
4085 | 0 | tty_fprintf (fp, "(%d) ", i); |
4086 | 0 | tty_print_utf8_string2 (fp, uid->name, uid->len, 0); |
4087 | 0 | tty_fprintf (fp, "\n"); |
4088 | 0 | if (with_prefs && pk) |
4089 | 0 | { |
4090 | 0 | if (pk->version > 3 || uid->selfsigversion > 3) |
4091 | 0 | { |
4092 | 0 | PKT_signature *selfsig = NULL; |
4093 | 0 | KBNODE signode; |
4094 | |
|
4095 | 0 | for (signode = node->next; |
4096 | 0 | signode && signode->pkt->pkttype == PKT_SIGNATURE; |
4097 | 0 | signode = signode->next) |
4098 | 0 | { |
4099 | 0 | if (signode->pkt->pkt.signature-> |
4100 | 0 | flags.chosen_selfsig) |
4101 | 0 | { |
4102 | 0 | selfsig = signode->pkt->pkt.signature; |
4103 | 0 | break; |
4104 | 0 | } |
4105 | 0 | } |
4106 | |
|
4107 | 0 | show_prefs (uid, selfsig, with_prefs == 2); |
4108 | 0 | } |
4109 | 0 | else |
4110 | 0 | tty_fprintf (fp, _("There are no preferences on a" |
4111 | 0 | " PGP 2.x-style user ID.\n")); |
4112 | 0 | } |
4113 | 0 | } |
4114 | 0 | } |
4115 | 0 | } |
4116 | 0 | } |
4117 | | |
4118 | | |
4119 | | /* |
4120 | | * Display the key a the user ids, if only_marked is true, do only so |
4121 | | * for user ids with mark A flag set and do not display the index |
4122 | | * number. If FP is not NULL print to the given stream and not to the |
4123 | | * tty (ignored in with-colons mode). |
4124 | | */ |
4125 | | static void |
4126 | | show_key_with_all_names (ctrl_t ctrl, estream_t fp, |
4127 | | KBNODE keyblock, int only_marked, int with_revoker, |
4128 | | int with_fpr, int with_subkeys, int with_prefs, |
4129 | | int nowarn) |
4130 | 0 | { |
4131 | 0 | gpg_error_t err; |
4132 | 0 | kbnode_t node; |
4133 | 0 | int i; |
4134 | 0 | int do_warn = 0; |
4135 | 0 | int have_seckey = 0; |
4136 | 0 | char *serialno = NULL; |
4137 | 0 | PKT_public_key *primary = NULL; |
4138 | 0 | char pkstrbuf[PUBKEY_STRING_SIZE]; |
4139 | |
|
4140 | 0 | if (opt.with_colons) |
4141 | 0 | { |
4142 | 0 | show_key_with_all_names_colon (ctrl, fp, keyblock); |
4143 | 0 | return; |
4144 | 0 | } |
4145 | | |
4146 | | /* the keys */ |
4147 | 0 | for (node = keyblock; node; node = node->next) |
4148 | 0 | { |
4149 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_KEY |
4150 | 0 | || (with_subkeys && node->pkt->pkttype == PKT_PUBLIC_SUBKEY |
4151 | 0 | && !is_deleted_kbnode (node))) |
4152 | 0 | { |
4153 | 0 | PKT_public_key *pk = node->pkt->pkt.public_key; |
4154 | 0 | const char *otrust = "err"; |
4155 | 0 | const char *trust = "err"; |
4156 | |
|
4157 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_KEY) |
4158 | 0 | { |
4159 | | /* do it here, so that debug messages don't clutter the |
4160 | | * output */ |
4161 | 0 | static int did_warn = 0; |
4162 | |
|
4163 | 0 | trust = get_validity_string (ctrl, pk, NULL); |
4164 | 0 | otrust = get_ownertrust_string (ctrl, pk, 0); |
4165 | | |
4166 | | /* Show a warning once */ |
4167 | 0 | if (!did_warn |
4168 | 0 | && (get_validity (ctrl, keyblock, pk, NULL, NULL, 0) |
4169 | 0 | & TRUST_FLAG_PENDING_CHECK)) |
4170 | 0 | { |
4171 | 0 | did_warn = 1; |
4172 | 0 | do_warn = 1; |
4173 | 0 | } |
4174 | |
|
4175 | 0 | primary = pk; |
4176 | 0 | } |
4177 | |
|
4178 | 0 | if (pk->flags.revoked) |
4179 | 0 | { |
4180 | 0 | char *user = get_user_id_string_native (ctrl, pk->revoked.keyid); |
4181 | 0 | tty_fprintf (fp, |
4182 | 0 | _("The following key was revoked on" |
4183 | 0 | " %s by %s key %s\n"), |
4184 | 0 | revokestr_from_pk (pk), |
4185 | 0 | openpgp_pk_algo_name (pk->revoked.algo), user); |
4186 | 0 | xfree (user); |
4187 | 0 | } |
4188 | |
|
4189 | 0 | if (with_revoker) |
4190 | 0 | { |
4191 | 0 | if (!pk->revkey && pk->numrevkeys) |
4192 | 0 | BUG (); |
4193 | 0 | else |
4194 | 0 | for (i = 0; i < pk->numrevkeys; i++) |
4195 | 0 | { |
4196 | 0 | u32 r_keyid[2]; |
4197 | 0 | char *user; |
4198 | 0 | const char *algo; |
4199 | |
|
4200 | 0 | algo = openpgp_pk_algo_name (pk->revkey[i].algid); |
4201 | 0 | keyid_from_fingerprint (ctrl, pk->revkey[i].fpr, |
4202 | 0 | pk->revkey[i].fprlen, r_keyid); |
4203 | |
|
4204 | 0 | user = get_user_id_string_native (ctrl, r_keyid); |
4205 | 0 | tty_fprintf (fp, |
4206 | 0 | _("This key may be revoked by %s key %s"), |
4207 | 0 | algo, user); |
4208 | |
|
4209 | 0 | if (pk->revkey[i].class & 0x40) |
4210 | 0 | { |
4211 | 0 | tty_fprintf (fp, " "); |
4212 | 0 | tty_fprintf (fp, _("(sensitive)")); |
4213 | 0 | } |
4214 | |
|
4215 | 0 | tty_fprintf (fp, "\n"); |
4216 | 0 | xfree (user); |
4217 | 0 | } |
4218 | 0 | } |
4219 | | |
4220 | 0 | keyid_from_pk (pk, NULL); |
4221 | |
|
4222 | 0 | xfree (serialno); |
4223 | 0 | serialno = NULL; |
4224 | 0 | { |
4225 | 0 | char *hexgrip; |
4226 | |
|
4227 | 0 | err = hexkeygrip_from_pk (pk, &hexgrip); |
4228 | 0 | if (err) |
4229 | 0 | { |
4230 | 0 | log_error ("error computing a keygrip: %s\n", |
4231 | 0 | gpg_strerror (err)); |
4232 | 0 | have_seckey = 0; |
4233 | 0 | } |
4234 | 0 | else |
4235 | 0 | have_seckey = !agent_get_keyinfo (ctrl, hexgrip, &serialno, NULL); |
4236 | 0 | xfree (hexgrip); |
4237 | 0 | } |
4238 | |
|
4239 | 0 | tty_fprintf |
4240 | 0 | (fp, "%s%c %s/%s", |
4241 | 0 | node->pkt->pkttype == PKT_PUBLIC_KEY && have_seckey? "sec" : |
4242 | 0 | node->pkt->pkttype == PKT_PUBLIC_KEY ? "pub" : |
4243 | 0 | have_seckey ? "ssb" : |
4244 | 0 | "sub", |
4245 | 0 | (node->flag & NODFLG_SELKEY) ? '*' : ' ', |
4246 | 0 | pubkey_string (pk, pkstrbuf, sizeof pkstrbuf), |
4247 | 0 | keystr (pk->keyid)); |
4248 | |
|
4249 | 0 | if (opt.legacy_list_mode) |
4250 | 0 | tty_fprintf (fp, " "); |
4251 | 0 | else |
4252 | 0 | tty_fprintf (fp, "\n "); |
4253 | |
|
4254 | 0 | tty_fprintf (fp, _("created: %s"), datestr_from_pk (pk)); |
4255 | 0 | tty_fprintf (fp, " "); |
4256 | 0 | if (pk->flags.revoked) |
4257 | 0 | tty_fprintf (fp, _("revoked: %s"), revokestr_from_pk (pk)); |
4258 | 0 | else if (pk->has_expired) |
4259 | 0 | tty_fprintf (fp, _("expired: %s"), expirestr_from_pk (pk)); |
4260 | 0 | else |
4261 | 0 | tty_fprintf (fp, _("expires: %s"), expirestr_from_pk (pk)); |
4262 | 0 | tty_fprintf (fp, " "); |
4263 | 0 | tty_fprintf (fp, _("usage: %s"), usagestr_from_pk (pk, 1)); |
4264 | 0 | tty_fprintf (fp, "\n"); |
4265 | |
|
4266 | 0 | if (serialno) |
4267 | 0 | { |
4268 | | /* The agent told us that a secret key is available and |
4269 | | that it has been stored on a card. */ |
4270 | 0 | tty_fprintf (fp, "%*s%s", opt.legacy_list_mode? 21:5, "", |
4271 | 0 | _("card-no: ")); |
4272 | 0 | if (strlen (serialno) == 32 |
4273 | 0 | && !strncmp (serialno, "D27600012401", 12)) |
4274 | 0 | { |
4275 | | /* This is an OpenPGP card. Print the relevant part. */ |
4276 | | /* Example: D2760001240101010001000003470000 */ |
4277 | | /* xxxxyyyyyyyy */ |
4278 | 0 | tty_fprintf (fp, "%.*s %.*s\n", |
4279 | 0 | 4, serialno+16, 8, serialno+20); |
4280 | 0 | } |
4281 | 0 | else |
4282 | 0 | tty_fprintf (fp, "%s\n", serialno); |
4283 | |
|
4284 | 0 | } |
4285 | 0 | else if (pk->seckey_info |
4286 | 0 | && pk->seckey_info->is_protected |
4287 | 0 | && pk->seckey_info->s2k.mode == 1002) |
4288 | 0 | { |
4289 | | /* FIXME: Check whether this code path is still used. */ |
4290 | 0 | tty_fprintf (fp, "%*s%s", opt.legacy_list_mode? 21:5, "", |
4291 | 0 | _("card-no: ")); |
4292 | 0 | if (pk->seckey_info->ivlen == 16 |
4293 | 0 | && !memcmp (pk->seckey_info->iv, |
4294 | 0 | "\xD2\x76\x00\x01\x24\x01", 6)) |
4295 | 0 | { |
4296 | | /* This is an OpenPGP card. */ |
4297 | 0 | for (i = 8; i < 14; i++) |
4298 | 0 | { |
4299 | 0 | if (i == 10) |
4300 | 0 | tty_fprintf (fp, " "); |
4301 | 0 | tty_fprintf (fp, "%02X", pk->seckey_info->iv[i]); |
4302 | 0 | } |
4303 | 0 | } |
4304 | 0 | else |
4305 | 0 | { |
4306 | | /* Unknown card: Print all. */ |
4307 | 0 | for (i = 0; i < pk->seckey_info->ivlen; i++) |
4308 | 0 | tty_fprintf (fp, "%02X", pk->seckey_info->iv[i]); |
4309 | 0 | } |
4310 | 0 | tty_fprintf (fp, "\n"); |
4311 | 0 | } |
4312 | |
|
4313 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_KEY |
4314 | 0 | || node->pkt->pkttype == PKT_SECRET_KEY) |
4315 | 0 | { |
4316 | 0 | if (opt.trust_model != TM_ALWAYS) |
4317 | 0 | { |
4318 | 0 | tty_fprintf (fp, "%*s", |
4319 | 0 | opt.legacy_list_mode? |
4320 | 0 | ((int) keystrlen () + 13):5, ""); |
4321 | | /* Ownertrust is only meaningful for the PGP or |
4322 | | classic trust models, or PGP combined with TOFU */ |
4323 | 0 | if (opt.trust_model == TM_PGP |
4324 | 0 | || opt.trust_model == TM_CLASSIC |
4325 | 0 | || opt.trust_model == TM_TOFU_PGP) |
4326 | 0 | { |
4327 | 0 | int width = 14 - strlen (otrust); |
4328 | 0 | if (width <= 0) |
4329 | 0 | width = 1; |
4330 | 0 | tty_fprintf (fp, _("trust: %s"), otrust); |
4331 | 0 | tty_fprintf (fp, "%*s", width, ""); |
4332 | 0 | } |
4333 | |
|
4334 | 0 | tty_fprintf (fp, _("validity: %s"), trust); |
4335 | 0 | tty_fprintf (fp, "\n"); |
4336 | 0 | } |
4337 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_KEY |
4338 | 0 | && (get_ownertrust (ctrl, pk) & TRUST_FLAG_DISABLED)) |
4339 | 0 | { |
4340 | 0 | tty_fprintf (fp, "*** "); |
4341 | 0 | tty_fprintf (fp, _("This key has been disabled")); |
4342 | 0 | tty_fprintf (fp, "\n"); |
4343 | 0 | } |
4344 | 0 | } |
4345 | |
|
4346 | 0 | if ((node->pkt->pkttype == PKT_PUBLIC_KEY |
4347 | 0 | || node->pkt->pkttype == PKT_SECRET_KEY) && with_fpr) |
4348 | 0 | { |
4349 | 0 | print_fingerprint (ctrl, fp, pk, 2); |
4350 | 0 | tty_fprintf (fp, "\n"); |
4351 | 0 | } |
4352 | 0 | } |
4353 | 0 | } |
4354 | | |
4355 | 0 | show_names (ctrl, fp, |
4356 | 0 | keyblock, primary, only_marked ? NODFLG_MARK_A : 0, with_prefs); |
4357 | |
|
4358 | 0 | if (do_warn && !nowarn) |
4359 | 0 | tty_fprintf (fp, _("Please note that the shown key validity" |
4360 | 0 | " is not necessarily correct\n" |
4361 | 0 | "unless you restart the program.\n")); |
4362 | |
|
4363 | 0 | xfree (serialno); |
4364 | 0 | } |
4365 | | |
4366 | | |
4367 | | /* Display basic key information. This function is suitable to show |
4368 | | * information on the key without any dependencies on the trustdb or |
4369 | | * any other internal GnuPG stuff. KEYBLOCK may either be a public or |
4370 | | * a secret key. This function may be called with KEYBLOCK containing |
4371 | | * secret keys and thus the printing of "pub" vs. "sec" does only |
4372 | | * depend on the packet type and not by checking with gpg-agent. If |
4373 | | * PRINT_SEC is set "sec" is printed instead of "pub". */ |
4374 | | void |
4375 | | show_basic_key_info (ctrl_t ctrl, kbnode_t keyblock, int print_sec) |
4376 | 0 | { |
4377 | 0 | KBNODE node; |
4378 | 0 | int i; |
4379 | 0 | char pkstrbuf[PUBKEY_STRING_SIZE]; |
4380 | | |
4381 | | /* The primary key */ |
4382 | 0 | for (node = keyblock; node; node = node->next) |
4383 | 0 | { |
4384 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_KEY |
4385 | 0 | || node->pkt->pkttype == PKT_SECRET_KEY) |
4386 | 0 | { |
4387 | 0 | PKT_public_key *pk = node->pkt->pkt.public_key; |
4388 | 0 | const char *tag; |
4389 | |
|
4390 | 0 | if (node->pkt->pkttype == PKT_SECRET_KEY || print_sec) |
4391 | 0 | tag = "sec"; |
4392 | 0 | else |
4393 | 0 | tag = "pub"; |
4394 | | |
4395 | | /* Note, we use the same format string as in other show |
4396 | | functions to make the translation job easier. */ |
4397 | 0 | tty_printf ("%s %s/%s ", |
4398 | 0 | tag, |
4399 | 0 | pubkey_string (pk, pkstrbuf, sizeof pkstrbuf), |
4400 | 0 | keystr_from_pk (pk)); |
4401 | 0 | tty_printf (_("created: %s"), datestr_from_pk (pk)); |
4402 | 0 | tty_printf (" "); |
4403 | 0 | tty_printf (_("expires: %s"), expirestr_from_pk (pk)); |
4404 | 0 | tty_printf ("\n"); |
4405 | 0 | print_fingerprint (ctrl, NULL, pk, 3); |
4406 | 0 | tty_printf ("\n"); |
4407 | 0 | } |
4408 | 0 | } |
4409 | | |
4410 | | /* The user IDs. */ |
4411 | 0 | (void)i; /* Counting User IDs */ |
4412 | 0 | for (i = 0, node = keyblock; node; node = node->next) |
4413 | 0 | { |
4414 | 0 | if (node->pkt->pkttype == PKT_USER_ID) |
4415 | 0 | { |
4416 | 0 | PKT_user_id *uid = node->pkt->pkt.user_id; |
4417 | 0 | ++i; |
4418 | |
|
4419 | 0 | tty_printf (" "); |
4420 | 0 | if (uid->flags.revoked) |
4421 | 0 | tty_printf ("[%s] ", _("revoked")); |
4422 | 0 | else if (uid->flags.expired) |
4423 | 0 | tty_printf ("[%s] ", _("expired")); |
4424 | 0 | tty_print_utf8_string (uid->name, uid->len); |
4425 | 0 | tty_printf ("\n"); |
4426 | 0 | } |
4427 | 0 | } |
4428 | 0 | } |
4429 | | |
4430 | | |
4431 | | static void |
4432 | | show_key_and_fingerprint (ctrl_t ctrl, kbnode_t keyblock, int with_subkeys) |
4433 | 0 | { |
4434 | 0 | kbnode_t node; |
4435 | 0 | PKT_public_key *pk = NULL; |
4436 | 0 | char pkstrbuf[PUBKEY_STRING_SIZE]; |
4437 | |
|
4438 | 0 | for (node = keyblock; node; node = node->next) |
4439 | 0 | { |
4440 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_KEY) |
4441 | 0 | { |
4442 | 0 | pk = node->pkt->pkt.public_key; |
4443 | 0 | tty_printf ("pub %s/%s %s ", |
4444 | 0 | pubkey_string (pk, pkstrbuf, sizeof pkstrbuf), |
4445 | 0 | keystr_from_pk(pk), |
4446 | 0 | datestr_from_pk (pk)); |
4447 | 0 | } |
4448 | 0 | else if (node->pkt->pkttype == PKT_USER_ID) |
4449 | 0 | { |
4450 | 0 | PKT_user_id *uid = node->pkt->pkt.user_id; |
4451 | 0 | tty_print_utf8_string (uid->name, uid->len); |
4452 | 0 | break; |
4453 | 0 | } |
4454 | 0 | } |
4455 | 0 | tty_printf ("\n"); |
4456 | 0 | if (pk) |
4457 | 0 | print_fingerprint (ctrl, NULL, pk, 2); |
4458 | 0 | if (with_subkeys) |
4459 | 0 | { |
4460 | 0 | for (node = keyblock; node; node = node->next) |
4461 | 0 | { |
4462 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY) |
4463 | 0 | { |
4464 | 0 | pk = node->pkt->pkt.public_key; |
4465 | 0 | tty_printf ("sub %s/%s %s [%s]\n", |
4466 | 0 | pubkey_string (pk, pkstrbuf, sizeof pkstrbuf), |
4467 | 0 | keystr_from_pk(pk), |
4468 | 0 | datestr_from_pk (pk), |
4469 | 0 | usagestr_from_pk (pk, 0)); |
4470 | |
|
4471 | 0 | print_fingerprint (ctrl, NULL, pk, 4); |
4472 | 0 | } |
4473 | 0 | } |
4474 | 0 | } |
4475 | 0 | } |
4476 | | |
4477 | | |
4478 | | /* Show a listing of the primary and its subkeys along with their |
4479 | | keygrips. */ |
4480 | | static void |
4481 | | show_key_and_grip (kbnode_t keyblock) |
4482 | 0 | { |
4483 | 0 | kbnode_t node; |
4484 | 0 | PKT_public_key *pk = NULL; |
4485 | 0 | char pkstrbuf[PUBKEY_STRING_SIZE]; |
4486 | 0 | char *hexgrip; |
4487 | |
|
4488 | 0 | for (node = keyblock; node; node = node->next) |
4489 | 0 | { |
4490 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_KEY |
4491 | 0 | || node->pkt->pkttype == PKT_PUBLIC_SUBKEY) |
4492 | 0 | { |
4493 | 0 | pk = node->pkt->pkt.public_key; |
4494 | 0 | tty_printf ("%s %s/%s %s [%s]\n", |
4495 | 0 | node->pkt->pkttype == PKT_PUBLIC_KEY? "pub":"sub", |
4496 | 0 | pubkey_string (pk, pkstrbuf, sizeof pkstrbuf), |
4497 | 0 | keystr_from_pk(pk), |
4498 | 0 | datestr_from_pk (pk), |
4499 | 0 | usagestr_from_pk (pk, 0)); |
4500 | |
|
4501 | 0 | if (!hexkeygrip_from_pk (pk, &hexgrip)) |
4502 | 0 | { |
4503 | 0 | tty_printf (" Keygrip: %s\n", hexgrip); |
4504 | 0 | xfree (hexgrip); |
4505 | 0 | } |
4506 | 0 | } |
4507 | 0 | } |
4508 | 0 | } |
4509 | | |
4510 | | |
4511 | | /* Show a warning if no uids on the key have the primary uid flag |
4512 | | set. */ |
4513 | | static void |
4514 | | no_primary_warning (KBNODE keyblock) |
4515 | 0 | { |
4516 | 0 | KBNODE node; |
4517 | 0 | int have_primary = 0, uid_count = 0; |
4518 | | |
4519 | | /* TODO: if we ever start behaving differently with a primary or |
4520 | | non-primary attribute ID, we will need to check for attributes |
4521 | | here as well. */ |
4522 | |
|
4523 | 0 | for (node = keyblock; node; node = node->next) |
4524 | 0 | { |
4525 | 0 | if (node->pkt->pkttype == PKT_USER_ID |
4526 | 0 | && node->pkt->pkt.user_id->attrib_data == NULL) |
4527 | 0 | { |
4528 | 0 | uid_count++; |
4529 | |
|
4530 | 0 | if (node->pkt->pkt.user_id->flags.primary == 2) |
4531 | 0 | { |
4532 | 0 | have_primary = 1; |
4533 | 0 | break; |
4534 | 0 | } |
4535 | 0 | } |
4536 | 0 | } |
4537 | |
|
4538 | 0 | if (uid_count > 1 && !have_primary) |
4539 | 0 | log_info (_ |
4540 | 0 | ("WARNING: no user ID has been marked as primary. This command" |
4541 | 0 | " may\n cause a different user ID to become" |
4542 | 0 | " the assumed primary.\n")); |
4543 | 0 | } |
4544 | | |
4545 | | |
4546 | | /* Print a warning if the latest encryption subkey expires soon. This |
4547 | | function is called after the expire data of the primary key has |
4548 | | been changed. */ |
4549 | | static void |
4550 | | subkey_expire_warning (kbnode_t keyblock) |
4551 | 0 | { |
4552 | 0 | u32 curtime = make_timestamp (); |
4553 | 0 | kbnode_t node; |
4554 | 0 | PKT_public_key *pk; |
4555 | | /* u32 mainexpire = 0; */ |
4556 | 0 | u32 subexpire = 0; |
4557 | 0 | u32 latest_date = 0; |
4558 | |
|
4559 | 0 | for (node = keyblock; node; node = node->next) |
4560 | 0 | { |
4561 | | /* if (node->pkt->pkttype == PKT_PUBLIC_KEY) */ |
4562 | | /* { */ |
4563 | | /* pk = node->pkt->pkt.public_key; */ |
4564 | | /* mainexpire = pk->expiredate; */ |
4565 | | /* } */ |
4566 | |
|
4567 | 0 | if (node->pkt->pkttype != PKT_PUBLIC_SUBKEY) |
4568 | 0 | continue; |
4569 | 0 | pk = node->pkt->pkt.public_key; |
4570 | |
|
4571 | 0 | if (!pk->flags.valid) |
4572 | 0 | continue; |
4573 | 0 | if (pk->flags.revoked) |
4574 | 0 | continue; |
4575 | 0 | if (pk->timestamp > curtime) |
4576 | 0 | continue; /* Ignore future keys. */ |
4577 | 0 | if (!(pk->pubkey_usage & PUBKEY_USAGE_ENC)) |
4578 | 0 | continue; /* Not an encryption key. */ |
4579 | | |
4580 | 0 | if (pk->timestamp > latest_date || (!pk->timestamp && !latest_date)) |
4581 | 0 | { |
4582 | 0 | latest_date = pk->timestamp; |
4583 | 0 | subexpire = pk->expiredate; |
4584 | 0 | } |
4585 | 0 | } |
4586 | |
|
4587 | 0 | if (!subexpire) |
4588 | 0 | return; /* No valid subkey with an expiration time. */ |
4589 | | |
4590 | 0 | if (curtime + (10*86400) > subexpire) |
4591 | 0 | { |
4592 | 0 | log_info (_("WARNING: Your encryption subkey expires soon.\n")); |
4593 | 0 | log_info (_("You may want to change its expiration date too.\n")); |
4594 | 0 | } |
4595 | 0 | } |
4596 | | |
4597 | | |
4598 | | /* Print a warning if all encryption (sub|primary)keys are expired. |
4599 | | * The warning is not printed if there is no encryption |
4600 | | * (sub|primary)key at all. This function is called after the expire |
4601 | | * data of the primary key has been changed. */ |
4602 | | void |
4603 | | no_usable_encr_subkeys_warning (kbnode_t keyblock) |
4604 | 0 | { |
4605 | 0 | kbnode_t node; |
4606 | 0 | PKT_public_key *pk; |
4607 | 0 | int any_encr_key = 0; |
4608 | |
|
4609 | 0 | for (node = keyblock; node; node = node->next) |
4610 | 0 | { |
4611 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_KEY |
4612 | 0 | || node->pkt->pkttype == PKT_PUBLIC_SUBKEY) |
4613 | 0 | { |
4614 | 0 | pk = node->pkt->pkt.public_key; |
4615 | 0 | if ((pk->pubkey_usage & PUBKEY_USAGE_ENC)) |
4616 | 0 | { |
4617 | 0 | any_encr_key = 1; |
4618 | 0 | if (pk->flags.valid && !pk->has_expired && !pk->flags.revoked |
4619 | 0 | && !pk->flags.disabled) |
4620 | 0 | { |
4621 | 0 | return; /* Key is usable for encryption */ |
4622 | 0 | } |
4623 | 0 | } |
4624 | 0 | } |
4625 | 0 | } |
4626 | | |
4627 | 0 | if (any_encr_key && !opt.quiet) |
4628 | 0 | log_info (_("WARNING: No valid encryption subkey left over.\n")); |
4629 | 0 | } |
4630 | | |
4631 | | |
4632 | | /* |
4633 | | * Ask for a new user id, add the self-signature, and update the |
4634 | | * keyblock. If UIDSTRING is not NULL the user ID is generated |
4635 | | * unattended using that string. UIDSTRING is expected to be utf-8 |
4636 | | * encoded and white space trimmed. Returns true if there is a new |
4637 | | * user id. |
4638 | | */ |
4639 | | static int |
4640 | | menu_adduid (ctrl_t ctrl, kbnode_t pub_keyblock, |
4641 | | int photo, const char *photo_name, const char *uidstring) |
4642 | 0 | { |
4643 | 0 | PKT_user_id *uid; |
4644 | 0 | PKT_public_key *pk = NULL; |
4645 | 0 | PKT_signature *sig = NULL; |
4646 | 0 | PACKET *pkt; |
4647 | 0 | KBNODE node; |
4648 | 0 | KBNODE pub_where = NULL; |
4649 | 0 | gpg_error_t err; |
4650 | |
|
4651 | 0 | if (photo && uidstring) |
4652 | 0 | return 0; /* Not allowed. */ |
4653 | | |
4654 | 0 | for (node = pub_keyblock; node; pub_where = node, node = node->next) |
4655 | 0 | { |
4656 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_KEY) |
4657 | 0 | pk = node->pkt->pkt.public_key; |
4658 | 0 | else if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY) |
4659 | 0 | break; |
4660 | 0 | } |
4661 | 0 | if (!node) /* No subkey. */ |
4662 | 0 | pub_where = NULL; |
4663 | 0 | log_assert (pk); |
4664 | | |
4665 | 0 | if (photo) |
4666 | 0 | { |
4667 | 0 | int hasattrib = 0; |
4668 | |
|
4669 | 0 | for (node = pub_keyblock; node; node = node->next) |
4670 | 0 | if (node->pkt->pkttype == PKT_USER_ID && |
4671 | 0 | node->pkt->pkt.user_id->attrib_data != NULL) |
4672 | 0 | { |
4673 | 0 | hasattrib = 1; |
4674 | 0 | break; |
4675 | 0 | } |
4676 | | |
4677 | | /* It is legal but bad for compatibility to add a photo ID to a |
4678 | | v3 key as it means that PGP2 will not be able to use that key |
4679 | | anymore. Also, PGP may not expect a photo on a v3 key. |
4680 | | Don't bother to ask this if the key already has a photo - any |
4681 | | damage has already been done at that point. -dms */ |
4682 | 0 | if (pk->version == 3 && !hasattrib) |
4683 | 0 | { |
4684 | 0 | if (opt.expert) |
4685 | 0 | { |
4686 | 0 | tty_printf (_("WARNING: This is a PGP2-style key. " |
4687 | 0 | "Adding a photo ID may cause some versions\n" |
4688 | 0 | " of PGP to reject this key.\n")); |
4689 | |
|
4690 | 0 | if (!cpr_get_answer_is_yes ("keyedit.v3_photo.okay", |
4691 | 0 | _("Are you sure you still want " |
4692 | 0 | "to add it? (y/N) "))) |
4693 | 0 | return 0; |
4694 | 0 | } |
4695 | 0 | else |
4696 | 0 | { |
4697 | 0 | tty_printf (_("You may not add a photo ID to " |
4698 | 0 | "a PGP2-style key.\n")); |
4699 | 0 | return 0; |
4700 | 0 | } |
4701 | 0 | } |
4702 | | |
4703 | 0 | uid = generate_photo_id (ctrl, pk, photo_name); |
4704 | 0 | } |
4705 | 0 | else |
4706 | 0 | uid = generate_user_id (pub_keyblock, uidstring); |
4707 | 0 | if (!uid) |
4708 | 0 | { |
4709 | 0 | if (uidstring) |
4710 | 0 | { |
4711 | 0 | write_status_error ("adduid", gpg_error (304)); |
4712 | 0 | log_error ("%s\n", _("Such a user ID already exists on this key!")); |
4713 | 0 | } |
4714 | 0 | return 0; |
4715 | 0 | } |
4716 | | |
4717 | 0 | err = make_keysig_packet (ctrl, &sig, pk, uid, NULL, pk, 0x13, 0, 0, |
4718 | 0 | keygen_add_std_prefs, pk, NULL); |
4719 | 0 | if (err) |
4720 | 0 | { |
4721 | 0 | write_status_error ("keysig", err); |
4722 | 0 | log_error ("signing failed: %s\n", gpg_strerror (err)); |
4723 | 0 | free_user_id (uid); |
4724 | 0 | return 0; |
4725 | 0 | } |
4726 | | |
4727 | | /* Insert/append to public keyblock */ |
4728 | 0 | pkt = xmalloc_clear (sizeof *pkt); |
4729 | 0 | pkt->pkttype = PKT_USER_ID; |
4730 | 0 | pkt->pkt.user_id = uid; |
4731 | 0 | node = new_kbnode (pkt); |
4732 | 0 | if (pub_where) |
4733 | 0 | insert_kbnode (pub_where, node, 0); |
4734 | 0 | else |
4735 | 0 | add_kbnode (pub_keyblock, node); |
4736 | 0 | pkt = xmalloc_clear (sizeof *pkt); |
4737 | 0 | pkt->pkttype = PKT_SIGNATURE; |
4738 | 0 | pkt->pkt.signature = sig; |
4739 | 0 | if (pub_where) |
4740 | 0 | insert_kbnode (node, new_kbnode (pkt), 0); |
4741 | 0 | else |
4742 | 0 | add_kbnode (pub_keyblock, new_kbnode (pkt)); |
4743 | 0 | return 1; |
4744 | 0 | } |
4745 | | |
4746 | | |
4747 | | /* |
4748 | | * Remove all selected userids from the keyring |
4749 | | */ |
4750 | | static void |
4751 | | menu_deluid (KBNODE pub_keyblock) |
4752 | 0 | { |
4753 | 0 | KBNODE node; |
4754 | 0 | int selected = 0; |
4755 | |
|
4756 | 0 | for (node = pub_keyblock; node; node = node->next) |
4757 | 0 | { |
4758 | 0 | if (node->pkt->pkttype == PKT_USER_ID) |
4759 | 0 | { |
4760 | 0 | selected = node->flag & NODFLG_SELUID; |
4761 | 0 | if (selected) |
4762 | 0 | { |
4763 | | /* Only cause a trust update if we delete a |
4764 | | non-revoked user id */ |
4765 | 0 | if (!node->pkt->pkt.user_id->flags.revoked) |
4766 | 0 | update_trust = 1; |
4767 | 0 | delete_kbnode (node); |
4768 | 0 | } |
4769 | 0 | } |
4770 | 0 | else if (selected && node->pkt->pkttype == PKT_SIGNATURE) |
4771 | 0 | delete_kbnode (node); |
4772 | 0 | else if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY) |
4773 | 0 | selected = 0; |
4774 | 0 | } |
4775 | 0 | commit_kbnode (&pub_keyblock); |
4776 | 0 | } |
4777 | | |
4778 | | |
4779 | | static int |
4780 | | menu_delsig (ctrl_t ctrl, kbnode_t pub_keyblock) |
4781 | 0 | { |
4782 | 0 | KBNODE node; |
4783 | 0 | PKT_user_id *uid = NULL; |
4784 | 0 | int changed = 0; |
4785 | |
|
4786 | 0 | for (node = pub_keyblock; node; node = node->next) |
4787 | 0 | { |
4788 | 0 | if (node->pkt->pkttype == PKT_USER_ID) |
4789 | 0 | { |
4790 | 0 | uid = (node->flag & NODFLG_SELUID) ? node->pkt->pkt.user_id : NULL; |
4791 | 0 | } |
4792 | 0 | else if (uid && node->pkt->pkttype == PKT_SIGNATURE) |
4793 | 0 | { |
4794 | 0 | int okay, valid, selfsig, inv_sig, no_key, other_err; |
4795 | |
|
4796 | 0 | tty_printf ("uid "); |
4797 | 0 | tty_print_utf8_string (uid->name, uid->len); |
4798 | 0 | tty_printf ("\n"); |
4799 | |
|
4800 | 0 | okay = inv_sig = no_key = other_err = 0; |
4801 | 0 | if (opt.with_colons) |
4802 | 0 | valid = print_and_check_one_sig_colon (ctrl, pub_keyblock, node, |
4803 | 0 | &inv_sig, &no_key, |
4804 | 0 | &other_err, &selfsig, 1); |
4805 | 0 | else |
4806 | 0 | valid = print_and_check_one_sig (ctrl, pub_keyblock, node, |
4807 | 0 | &inv_sig, &no_key, &other_err, |
4808 | 0 | &selfsig, 1, 0); |
4809 | |
|
4810 | 0 | if (valid) |
4811 | 0 | { |
4812 | 0 | okay = cpr_get_answer_yes_no_quit |
4813 | 0 | ("keyedit.delsig.valid", |
4814 | 0 | _("Delete this good signature? (y/N/q)")); |
4815 | | |
4816 | | /* Only update trust if we delete a good signature. |
4817 | | The other two cases do not affect trust. */ |
4818 | 0 | if (okay) |
4819 | 0 | update_trust = 1; |
4820 | 0 | } |
4821 | 0 | else if (inv_sig || other_err) |
4822 | 0 | okay = cpr_get_answer_yes_no_quit |
4823 | 0 | ("keyedit.delsig.invalid", |
4824 | 0 | _("Delete this invalid signature? (y/N/q)")); |
4825 | 0 | else if (no_key) |
4826 | 0 | okay = cpr_get_answer_yes_no_quit |
4827 | 0 | ("keyedit.delsig.unknown", |
4828 | 0 | _("Delete this unknown signature? (y/N/q)")); |
4829 | |
|
4830 | 0 | if (okay == -1) |
4831 | 0 | break; |
4832 | 0 | if (okay && selfsig |
4833 | 0 | && !cpr_get_answer_is_yes |
4834 | 0 | ("keyedit.delsig.selfsig", |
4835 | 0 | _("Really delete this self-signature? (y/N)"))) |
4836 | 0 | okay = 0; |
4837 | 0 | if (okay) |
4838 | 0 | { |
4839 | 0 | delete_kbnode (node); |
4840 | 0 | changed++; |
4841 | 0 | } |
4842 | |
|
4843 | 0 | } |
4844 | 0 | else if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY) |
4845 | 0 | uid = NULL; |
4846 | 0 | } |
4847 | |
|
4848 | 0 | if (changed) |
4849 | 0 | { |
4850 | 0 | commit_kbnode (&pub_keyblock); |
4851 | 0 | tty_printf (ngettext("Deleted %d signature.\n", |
4852 | 0 | "Deleted %d signatures.\n", changed), changed); |
4853 | 0 | } |
4854 | 0 | else |
4855 | 0 | tty_printf (_("Nothing deleted.\n")); |
4856 | |
|
4857 | 0 | return changed; |
4858 | 0 | } |
4859 | | |
4860 | | |
4861 | | /* Note: OPTIONS are from the EXPORT_* set. */ |
4862 | | static int |
4863 | | menu_clean (ctrl_t ctrl, kbnode_t keyblock, unsigned int options) |
4864 | 0 | { |
4865 | 0 | KBNODE uidnode; |
4866 | 0 | int modified = 0; |
4867 | 0 | int select_all = !count_selected_uids (keyblock); |
4868 | |
|
4869 | 0 | for (uidnode = keyblock->next; |
4870 | 0 | uidnode && uidnode->pkt->pkttype != PKT_PUBLIC_SUBKEY; |
4871 | 0 | uidnode = uidnode->next) |
4872 | 0 | { |
4873 | 0 | if (uidnode->pkt->pkttype == PKT_USER_ID |
4874 | 0 | && (uidnode->flag & NODFLG_SELUID || select_all)) |
4875 | 0 | { |
4876 | 0 | int uids = 0, sigs = 0; |
4877 | 0 | char *user = utf8_to_native (uidnode->pkt->pkt.user_id->name, |
4878 | 0 | uidnode->pkt->pkt.user_id->len, |
4879 | 0 | 0); |
4880 | |
|
4881 | 0 | clean_one_uid (ctrl, keyblock, uidnode, opt.verbose, options, |
4882 | 0 | &uids, &sigs); |
4883 | 0 | if (uids) |
4884 | 0 | { |
4885 | 0 | const char *reason; |
4886 | |
|
4887 | 0 | if (uidnode->pkt->pkt.user_id->flags.revoked) |
4888 | 0 | reason = _("revoked"); |
4889 | 0 | else if (uidnode->pkt->pkt.user_id->flags.expired) |
4890 | 0 | reason = _("expired"); |
4891 | 0 | else |
4892 | 0 | reason = _("invalid"); |
4893 | |
|
4894 | 0 | tty_printf (_("User ID \"%s\" compacted: %s\n"), user, reason); |
4895 | |
|
4896 | 0 | modified = 1; |
4897 | 0 | } |
4898 | 0 | else if (sigs) |
4899 | 0 | { |
4900 | 0 | tty_printf (ngettext("User ID \"%s\": %d signature removed\n", |
4901 | 0 | "User ID \"%s\": %d signatures removed\n", |
4902 | 0 | sigs), user, sigs); |
4903 | 0 | modified = 1; |
4904 | 0 | } |
4905 | 0 | else |
4906 | 0 | { |
4907 | 0 | tty_printf ((options & EXPORT_MINIMAL)? |
4908 | 0 | _("User ID \"%s\": already minimized\n") : |
4909 | 0 | _("User ID \"%s\": already clean\n"), user); |
4910 | 0 | } |
4911 | |
|
4912 | 0 | xfree (user); |
4913 | 0 | } |
4914 | 0 | } |
4915 | |
|
4916 | 0 | return modified; |
4917 | 0 | } |
4918 | | |
4919 | | |
4920 | | /* |
4921 | | * Remove some of the secondary keys |
4922 | | */ |
4923 | | static void |
4924 | | menu_delkey (KBNODE pub_keyblock) |
4925 | 0 | { |
4926 | 0 | KBNODE node; |
4927 | 0 | int selected = 0; |
4928 | |
|
4929 | 0 | for (node = pub_keyblock; node; node = node->next) |
4930 | 0 | { |
4931 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY) |
4932 | 0 | { |
4933 | 0 | selected = node->flag & NODFLG_SELKEY; |
4934 | 0 | if (selected) |
4935 | 0 | delete_kbnode (node); |
4936 | 0 | } |
4937 | 0 | else if (selected && node->pkt->pkttype == PKT_SIGNATURE) |
4938 | 0 | delete_kbnode (node); |
4939 | 0 | else |
4940 | 0 | selected = 0; |
4941 | 0 | } |
4942 | 0 | commit_kbnode (&pub_keyblock); |
4943 | | |
4944 | | /* No need to set update_trust here since signing keys are no |
4945 | | longer used to certify other keys, so there is no change in |
4946 | | trust when revoking/removing them. */ |
4947 | 0 | } |
4948 | | |
4949 | | |
4950 | | /* |
4951 | | * Ask for a new revoker, create the self-signature and put it into |
4952 | | * the keyblock. Returns true if there is a new revoker. |
4953 | | */ |
4954 | | static int |
4955 | | menu_addrevoker (ctrl_t ctrl, kbnode_t pub_keyblock, int sensitive) |
4956 | 0 | { |
4957 | 0 | PKT_public_key *pk = NULL; |
4958 | 0 | PKT_public_key *revoker_pk = NULL; |
4959 | 0 | PKT_signature *sig = NULL; |
4960 | 0 | PACKET *pkt; |
4961 | 0 | struct revocation_key revkey; |
4962 | 0 | size_t fprlen; |
4963 | 0 | int rc; |
4964 | |
|
4965 | 0 | log_assert (pub_keyblock->pkt->pkttype == PKT_PUBLIC_KEY); |
4966 | | |
4967 | 0 | pk = pub_keyblock->pkt->pkt.public_key; |
4968 | |
|
4969 | 0 | if (pk->numrevkeys == 0 && pk->version == 3) |
4970 | 0 | { |
4971 | | /* It is legal but bad for compatibility to add a revoker to a |
4972 | | v3 key as it means that PGP2 will not be able to use that key |
4973 | | anymore. Also, PGP may not expect a revoker on a v3 key. |
4974 | | Don't bother to ask this if the key already has a revoker - |
4975 | | any damage has already been done at that point. -dms */ |
4976 | 0 | if (opt.expert) |
4977 | 0 | { |
4978 | 0 | tty_printf (_("WARNING: This is a PGP 2.x-style key. " |
4979 | 0 | "Adding a designated revoker may cause\n" |
4980 | 0 | " some versions of PGP to reject this key.\n")); |
4981 | |
|
4982 | 0 | if (!cpr_get_answer_is_yes ("keyedit.v3_revoker.okay", |
4983 | 0 | _("Are you sure you still want " |
4984 | 0 | "to add it? (y/N) "))) |
4985 | 0 | return 0; |
4986 | 0 | } |
4987 | 0 | else |
4988 | 0 | { |
4989 | 0 | tty_printf (_("You may not add a designated revoker to " |
4990 | 0 | "a PGP 2.x-style key.\n")); |
4991 | 0 | return 0; |
4992 | 0 | } |
4993 | 0 | } |
4994 | | |
4995 | 0 | for (;;) |
4996 | 0 | { |
4997 | 0 | char *answer; |
4998 | |
|
4999 | 0 | free_public_key (revoker_pk); |
5000 | 0 | revoker_pk = xmalloc_clear (sizeof (*revoker_pk)); |
5001 | |
|
5002 | 0 | tty_printf ("\n"); |
5003 | |
|
5004 | 0 | answer = cpr_get_utf8 |
5005 | 0 | ("keyedit.add_revoker", |
5006 | 0 | _("Enter the user ID of the designated revoker: ")); |
5007 | 0 | if (answer[0] == '\0' || answer[0] == CONTROL_D) |
5008 | 0 | { |
5009 | 0 | xfree (answer); |
5010 | 0 | goto fail; |
5011 | 0 | } |
5012 | | |
5013 | | /* Note that I'm requesting CERT here, which usually implies |
5014 | | primary keys only, but some casual testing shows that PGP and |
5015 | | GnuPG both can handle a designated revocation from a subkey. */ |
5016 | 0 | revoker_pk->req_usage = PUBKEY_USAGE_CERT; |
5017 | 0 | rc = get_pubkey_byname (ctrl, GET_PUBKEY_NO_AKL, |
5018 | 0 | NULL, revoker_pk, answer, NULL, NULL, 1); |
5019 | 0 | if (rc) |
5020 | 0 | { |
5021 | 0 | log_error (_("key \"%s\" not found: %s\n"), answer, |
5022 | 0 | gpg_strerror (rc)); |
5023 | 0 | xfree (answer); |
5024 | 0 | continue; |
5025 | 0 | } |
5026 | | |
5027 | 0 | xfree (answer); |
5028 | |
|
5029 | 0 | fingerprint_from_pk (revoker_pk, revkey.fpr, &fprlen); |
5030 | 0 | if (fprlen != 20 && fprlen != 32) |
5031 | 0 | { |
5032 | 0 | log_error (_("cannot appoint a PGP 2.x style key as a " |
5033 | 0 | "designated revoker\n")); |
5034 | 0 | continue; |
5035 | 0 | } |
5036 | | |
5037 | 0 | revkey.fprlen = fprlen; |
5038 | 0 | revkey.class = 0x80; |
5039 | 0 | if (sensitive) |
5040 | 0 | revkey.class |= 0x40; |
5041 | 0 | revkey.algid = revoker_pk->pubkey_algo; |
5042 | |
|
5043 | 0 | if (cmp_public_keys (revoker_pk, pk) == 0) |
5044 | 0 | { |
5045 | | /* This actually causes no harm (after all, a key that |
5046 | | designates itself as a revoker is the same as a |
5047 | | regular key), but it's easy enough to check. */ |
5048 | 0 | log_error (_("you cannot appoint a key as its own " |
5049 | 0 | "designated revoker\n")); |
5050 | |
|
5051 | 0 | continue; |
5052 | 0 | } |
5053 | | |
5054 | 0 | keyid_from_pk (pk, NULL); |
5055 | | |
5056 | | /* Does this revkey already exist? */ |
5057 | 0 | if (!pk->revkey && pk->numrevkeys) |
5058 | 0 | BUG (); |
5059 | 0 | else |
5060 | 0 | { |
5061 | 0 | int i; |
5062 | |
|
5063 | 0 | for (i = 0; i < pk->numrevkeys; i++) |
5064 | 0 | { |
5065 | 0 | if (memcmp (&pk->revkey[i], &revkey, |
5066 | 0 | sizeof (struct revocation_key)) == 0) |
5067 | 0 | { |
5068 | 0 | char buf[50]; |
5069 | |
|
5070 | 0 | log_error (_("this key has already been designated " |
5071 | 0 | "as a revoker\n")); |
5072 | |
|
5073 | 0 | format_keyid (pk_keyid (pk), KF_LONG, buf, sizeof (buf)); |
5074 | 0 | write_status_text (STATUS_ALREADY_SIGNED, buf); |
5075 | |
|
5076 | 0 | break; |
5077 | 0 | } |
5078 | 0 | } |
5079 | |
|
5080 | 0 | if (i < pk->numrevkeys) |
5081 | 0 | continue; |
5082 | 0 | } |
5083 | | |
5084 | 0 | print_key_info (ctrl, NULL, 0, revoker_pk, 0); |
5085 | 0 | print_fingerprint (ctrl, NULL, revoker_pk, 2); |
5086 | 0 | tty_printf ("\n"); |
5087 | |
|
5088 | 0 | tty_printf (_("WARNING: appointing a key as a designated revoker " |
5089 | 0 | "cannot be undone!\n")); |
5090 | |
|
5091 | 0 | tty_printf ("\n"); |
5092 | |
|
5093 | 0 | if (!cpr_get_answer_is_yes ("keyedit.add_revoker.okay", |
5094 | 0 | _("Are you sure you want to appoint this " |
5095 | 0 | "key as a designated revoker? (y/N) "))) |
5096 | 0 | continue; |
5097 | | |
5098 | 0 | free_public_key (revoker_pk); |
5099 | 0 | revoker_pk = NULL; |
5100 | 0 | break; |
5101 | 0 | } |
5102 | | |
5103 | 0 | rc = make_keysig_packet (ctrl, &sig, pk, NULL, NULL, pk, 0x1F, 0, 0, |
5104 | 0 | keygen_add_revkey, &revkey, NULL); |
5105 | 0 | if (rc) |
5106 | 0 | { |
5107 | 0 | write_status_error ("keysig", rc); |
5108 | 0 | log_error ("signing failed: %s\n", gpg_strerror (rc)); |
5109 | 0 | goto fail; |
5110 | 0 | } |
5111 | | |
5112 | | /* Insert into public keyblock. */ |
5113 | 0 | pkt = xmalloc_clear (sizeof *pkt); |
5114 | 0 | pkt->pkttype = PKT_SIGNATURE; |
5115 | 0 | pkt->pkt.signature = sig; |
5116 | 0 | insert_kbnode (pub_keyblock, new_kbnode (pkt), PKT_SIGNATURE); |
5117 | |
|
5118 | 0 | return 1; |
5119 | | |
5120 | 0 | fail: |
5121 | 0 | if (sig) |
5122 | 0 | free_seckey_enc (sig); |
5123 | 0 | free_public_key (revoker_pk); |
5124 | |
|
5125 | 0 | return 0; |
5126 | 0 | } |
5127 | | |
5128 | | |
5129 | | /* Core function to add an ADSK to the KEYBLOCK. Returns 0 on success |
5130 | | * or an error code. If SIGTIMESTAMP is not 0 it is used for the key |
5131 | | * binding signature creation time; if not given the current time is |
5132 | | * used. CACHE_NONCE can be used to avoid a second Pinetry pop-up for |
5133 | | * appending the ADSK. */ |
5134 | | gpg_error_t |
5135 | | append_adsk_to_key (ctrl_t ctrl, kbnode_t keyblock, PKT_public_key *adsk, |
5136 | | u32 sigtimestamp, const char *cache_nonce) |
5137 | 0 | { |
5138 | 0 | gpg_error_t err; |
5139 | 0 | PKT_public_key *main_pk; /* The primary key. */ |
5140 | 0 | PKT_signature *sig = NULL; |
5141 | 0 | kbnode_t adsknode = NULL; |
5142 | 0 | PACKET *pkt; /* (temp. use; will be put into a kbnode_t) */ |
5143 | | |
5144 | | /* First get a copy. */ |
5145 | 0 | adsk = copy_public_key_basics (NULL, adsk); |
5146 | | |
5147 | | /* Check compliance. */ |
5148 | 0 | if (!gnupg_pk_is_compliant (opt.compliance, adsk->pubkey_algo, 0, |
5149 | 0 | adsk->pkey, nbits_from_pk (adsk), NULL)) |
5150 | 0 | { |
5151 | 0 | char pkhex[MAX_FINGERPRINT_LEN*2+1]; |
5152 | |
|
5153 | 0 | hexfingerprint (adsk, pkhex, sizeof pkhex); |
5154 | 0 | log_error (_("WARNING: key %s is not suitable for encryption" |
5155 | 0 | " in %s mode\n"), |
5156 | 0 | pkhex, gnupg_compliance_option_string (opt.compliance)); |
5157 | 0 | err = gpg_error (GPG_ERR_FORBIDDEN); |
5158 | 0 | goto leave; |
5159 | 0 | } |
5160 | | |
5161 | | /* Get the primary key. */ |
5162 | 0 | log_assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY); |
5163 | 0 | main_pk = keyblock->pkt->pkt.public_key; |
5164 | | |
5165 | | /* Prepare and append the adsk. */ |
5166 | 0 | keyid_from_pk (main_pk, adsk->main_keyid); /* Fixup main keyid. */ |
5167 | 0 | log_assert ((adsk->pubkey_usage & PUBKEY_USAGE_XENC_MASK)); |
5168 | 0 | adsk->pubkey_usage = PUBKEY_USAGE_RENC; /* 'e' or 'r' -> 'r' */ |
5169 | 0 | pkt = xtrycalloc (1, sizeof *pkt); |
5170 | 0 | if (!pkt) |
5171 | 0 | { |
5172 | 0 | err = gpg_error_from_syserror (); |
5173 | 0 | goto leave; |
5174 | 0 | } |
5175 | 0 | pkt->pkttype = PKT_PUBLIC_SUBKEY; /* Make sure it is a subkey. */ |
5176 | 0 | pkt->pkt.public_key = adsk; |
5177 | 0 | adsknode = new_kbnode (pkt); |
5178 | | |
5179 | | /* Make the signature. */ |
5180 | 0 | err = make_keysig_packet (ctrl, &sig, main_pk, NULL, adsk, main_pk, 0x18, |
5181 | 0 | sigtimestamp, 0, |
5182 | 0 | keygen_add_key_flags_and_expire, adsk, cache_nonce); |
5183 | 0 | adsk = NULL; /* (owned by adsknode - avoid double free.) */ |
5184 | 0 | if (err) |
5185 | 0 | { |
5186 | 0 | write_status_error ("keysig", err); |
5187 | 0 | log_error ("creating key binding failed: %s\n", gpg_strerror (err)); |
5188 | 0 | goto leave; |
5189 | 0 | } |
5190 | | |
5191 | | /* Append the subkey packet and the binding signature. */ |
5192 | 0 | add_kbnode (keyblock, adsknode); |
5193 | 0 | adsknode = NULL; |
5194 | 0 | pkt = xtrycalloc (1, sizeof *pkt); |
5195 | 0 | if (!pkt) |
5196 | 0 | { |
5197 | 0 | err = gpg_error_from_syserror (); |
5198 | 0 | goto leave; |
5199 | 0 | } |
5200 | 0 | pkt->pkttype = PKT_SIGNATURE; |
5201 | 0 | pkt->pkt.signature = sig; |
5202 | 0 | add_kbnode (keyblock, new_kbnode (pkt)); |
5203 | |
|
5204 | 0 | leave: |
5205 | 0 | release_kbnode (adsknode); |
5206 | 0 | free_public_key (adsk); /* Release our copy. */ |
5207 | 0 | return err; |
5208 | 0 | } |
5209 | | |
5210 | | |
5211 | | /* |
5212 | | * Ask for a new additional decryption subkey and add it to the key |
5213 | | * block. Returns true if the keyblock was changed and false |
5214 | | * otherwise. If ADSKFPR is not NULL, this function has been called |
5215 | | * by quick_addadsk and gives the fingerprint of the to be added key. |
5216 | | */ |
5217 | | static int |
5218 | | menu_addadsk (ctrl_t ctrl, kbnode_t pub_keyblock, const char *adskfpr) |
5219 | 0 | { |
5220 | 0 | PKT_public_key *pk; |
5221 | 0 | PKT_public_key *adsk_pk = NULL; |
5222 | 0 | kbnode_t adsk_keyblock = NULL; |
5223 | 0 | char *answer = NULL; |
5224 | 0 | gpg_error_t err; |
5225 | 0 | KEYDB_SEARCH_DESC desc; |
5226 | 0 | byte fpr[MAX_FINGERPRINT_LEN]; |
5227 | 0 | size_t fprlen; |
5228 | 0 | kbnode_t node; |
5229 | 0 | u32 sigtimestamp = make_timestamp (); |
5230 | |
|
5231 | 0 | log_assert (pub_keyblock->pkt->pkttype == PKT_PUBLIC_KEY); |
5232 | | |
5233 | 0 | for (;;) |
5234 | 0 | { |
5235 | 0 | xfree (answer); |
5236 | 0 | if (adskfpr) |
5237 | 0 | answer = xstrdup (adskfpr); |
5238 | 0 | else |
5239 | 0 | { |
5240 | 0 | answer = cpr_get_utf8 |
5241 | 0 | ("keyedit.addadsk", |
5242 | 0 | _("Enter the fingerprint of the additional decryption subkey: ")); |
5243 | 0 | if (answer[0] == '\0' || answer[0] == CONTROL_D) |
5244 | 0 | { |
5245 | 0 | err = gpg_error (GPG_ERR_CANCELED); |
5246 | 0 | goto leave; |
5247 | 0 | } |
5248 | 0 | } |
5249 | 0 | if (classify_user_id (answer, &desc, 1) |
5250 | 0 | || desc.mode != KEYDB_SEARCH_MODE_FPR) |
5251 | 0 | { |
5252 | 0 | log_info (_("\"%s\" is not a fingerprint\n"), answer); |
5253 | 0 | err = gpg_error (GPG_ERR_INV_USER_ID); |
5254 | 0 | if (adskfpr) |
5255 | 0 | goto leave; |
5256 | 0 | continue; |
5257 | 0 | } |
5258 | | |
5259 | | /* Force searching for that exact fingerprint and for any key |
5260 | | * which has a key with that fingerprint. */ |
5261 | 0 | if (!strchr (answer, '!')) |
5262 | 0 | { |
5263 | 0 | char *tmpstr = xstrconcat (answer, "!", NULL); |
5264 | 0 | xfree (answer); |
5265 | 0 | answer = tmpstr; |
5266 | 0 | } |
5267 | |
|
5268 | 0 | free_public_key (adsk_pk); |
5269 | 0 | adsk_pk = xcalloc (1, sizeof *adsk_pk); |
5270 | 0 | adsk_pk->req_usage = PUBKEY_USAGE_ENC; |
5271 | 0 | release_kbnode (adsk_keyblock); |
5272 | 0 | adsk_keyblock = NULL; |
5273 | 0 | err = get_pubkey_byname (ctrl, GET_PUBKEY_NO_AKL, |
5274 | 0 | NULL, adsk_pk, answer, &adsk_keyblock, NULL, 1); |
5275 | 0 | if (err) |
5276 | 0 | { |
5277 | 0 | write_status_error ("add_adsk", err); |
5278 | 0 | log_info (_("key \"%s\" not found: %s\n"), answer, |
5279 | 0 | gpg_strerror (err)); |
5280 | 0 | if ((!opt.batch || adskfpr) && !opt.quiet |
5281 | 0 | && gpg_err_code (err) == GPG_ERR_UNUSABLE_PUBKEY) |
5282 | 0 | log_info (_("Did you specify the fingerprint of a subkey?\n")); |
5283 | 0 | if (adskfpr) |
5284 | 0 | goto leave; |
5285 | 0 | continue; |
5286 | 0 | } |
5287 | | |
5288 | 0 | for (node = adsk_keyblock; node; node = node->next) |
5289 | 0 | { |
5290 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_KEY |
5291 | 0 | || node->pkt->pkttype == PKT_PUBLIC_SUBKEY) |
5292 | 0 | { |
5293 | 0 | pk = node->pkt->pkt.public_key; |
5294 | 0 | fingerprint_from_pk (pk, fpr, &fprlen); |
5295 | 0 | if (fprlen == desc.fprlen |
5296 | 0 | && !memcmp (fpr, desc.u.fpr, fprlen) |
5297 | 0 | && (pk->pubkey_usage & PUBKEY_USAGE_ENC)) |
5298 | 0 | break; |
5299 | 0 | } |
5300 | 0 | } |
5301 | 0 | if (!node) |
5302 | 0 | { |
5303 | 0 | write_status_error ("add_adsk", err); |
5304 | 0 | err = gpg_error (GPG_ERR_WRONG_KEY_USAGE); |
5305 | 0 | log_info (_("key \"%s\" not found: %s\n"), answer, |
5306 | 0 | gpg_strerror (err)); |
5307 | 0 | if ((!opt.batch || adskfpr) && !opt.quiet) |
5308 | 0 | log_info (_("Did you specify the fingerprint of a subkey?\n")); |
5309 | 0 | if (adskfpr) |
5310 | 0 | goto leave; |
5311 | 0 | continue; |
5312 | 0 | } |
5313 | | |
5314 | | /* Check that the selected subkey is not yet on our keyblock. */ |
5315 | 0 | err = has_key_with_fingerprint (pub_keyblock, desc.u.fpr, desc.fprlen); |
5316 | 0 | if (err) |
5317 | 0 | { |
5318 | 0 | log_info (_("key \"%s\" is already on this keyblock\n"), answer); |
5319 | 0 | if (adskfpr) |
5320 | 0 | goto leave; |
5321 | 0 | continue; |
5322 | 0 | } |
5323 | | |
5324 | 0 | break; |
5325 | 0 | } |
5326 | | |
5327 | | /* Append the subkey. */ |
5328 | 0 | log_assert (node->pkt->pkttype == PKT_PUBLIC_KEY |
5329 | 0 | || node->pkt->pkttype == PKT_PUBLIC_SUBKEY); |
5330 | 0 | err = append_adsk_to_key (ctrl, pub_keyblock, node->pkt->pkt.public_key, |
5331 | 0 | sigtimestamp, NULL); |
5332 | | |
5333 | |
|
5334 | 0 | leave: |
5335 | 0 | xfree (answer); |
5336 | 0 | free_public_key (adsk_pk); |
5337 | 0 | release_kbnode (adsk_keyblock); |
5338 | 0 | if (!err) |
5339 | 0 | return 1; /* The keyblock was modified. */ |
5340 | 0 | else |
5341 | 0 | return 0; /* Not modified. */ |
5342 | |
|
5343 | 0 | } |
5344 | | |
5345 | | |
5346 | | /* With FORCE_MAINKEY cleared this function handles the interactive |
5347 | | * menu option "expire". With UNATTENDED set to 1 this function only |
5348 | | * sets the expiration date of the primary key to NEWEXPIRATION and |
5349 | | * avoid all interactivity; with a value of 2 only the flagged subkeys |
5350 | | * are set to NEWEXPIRATION. Returns 0 if nothing was done, |
5351 | | * GPG_ERR_TRUE if the key was modified, or any other error code. */ |
5352 | | static gpg_error_t |
5353 | | menu_expire (ctrl_t ctrl, kbnode_t pub_keyblock, |
5354 | | int unattended, u32 newexpiration) |
5355 | 0 | { |
5356 | 0 | int signumber, rc; |
5357 | 0 | u32 expiredate; |
5358 | 0 | int only_mainkey; /* Set if only the mainkey is to be updated. */ |
5359 | 0 | PKT_public_key *main_pk, *sub_pk; |
5360 | 0 | PKT_user_id *uid; |
5361 | 0 | kbnode_t node; |
5362 | 0 | u32 keyid[2]; |
5363 | |
|
5364 | 0 | (void)signumber; |
5365 | 0 | if (unattended) |
5366 | 0 | { |
5367 | 0 | only_mainkey = (unattended == 1); |
5368 | 0 | expiredate = newexpiration; |
5369 | 0 | } |
5370 | 0 | else |
5371 | 0 | { |
5372 | 0 | int n1; |
5373 | |
|
5374 | 0 | only_mainkey = 0; |
5375 | 0 | n1 = count_selected_keys (pub_keyblock); |
5376 | 0 | if (n1 > 1) |
5377 | 0 | { |
5378 | 0 | if (!cpr_get_answer_is_yes |
5379 | 0 | ("keyedit.expire_multiple_subkeys.okay", |
5380 | 0 | _("Are you sure you want to change the" |
5381 | 0 | " expiration time for multiple subkeys? (y/N) "))) |
5382 | 0 | return gpg_error (GPG_ERR_CANCELED);; |
5383 | 0 | } |
5384 | 0 | else if (n1) |
5385 | 0 | tty_printf (_("Changing expiration time for a subkey.\n")); |
5386 | 0 | else |
5387 | 0 | { |
5388 | 0 | tty_printf (_("Changing expiration time for the primary key.\n")); |
5389 | 0 | only_mainkey = 1; |
5390 | 0 | no_primary_warning (pub_keyblock); |
5391 | 0 | } |
5392 | | |
5393 | 0 | expiredate = ask_expiredate (); |
5394 | 0 | } |
5395 | | |
5396 | | |
5397 | | /* Now we can actually change the self-signature(s) */ |
5398 | 0 | main_pk = sub_pk = NULL; |
5399 | 0 | uid = NULL; |
5400 | 0 | signumber = 0; |
5401 | 0 | for (node = pub_keyblock; node; node = node->next) |
5402 | 0 | { |
5403 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_KEY) |
5404 | 0 | { |
5405 | 0 | main_pk = node->pkt->pkt.public_key; |
5406 | 0 | keyid_from_pk (main_pk, keyid); |
5407 | 0 | main_pk->expiredate = expiredate; |
5408 | 0 | } |
5409 | 0 | else if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY) |
5410 | 0 | { |
5411 | 0 | if ((node->flag & NODFLG_SELKEY) && unattended != 1) |
5412 | 0 | { |
5413 | | /* The flag is set and we do not want to set the |
5414 | | * expiration date only for the main key. */ |
5415 | 0 | sub_pk = node->pkt->pkt.public_key; |
5416 | 0 | sub_pk->expiredate = expiredate; |
5417 | 0 | } |
5418 | 0 | else |
5419 | 0 | sub_pk = NULL; |
5420 | 0 | } |
5421 | 0 | else if (node->pkt->pkttype == PKT_USER_ID) |
5422 | 0 | uid = node->pkt->pkt.user_id; |
5423 | 0 | else if (main_pk && node->pkt->pkttype == PKT_SIGNATURE |
5424 | 0 | && (only_mainkey || sub_pk)) |
5425 | 0 | { |
5426 | 0 | PKT_signature *sig = node->pkt->pkt.signature; |
5427 | |
|
5428 | 0 | if (keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] |
5429 | 0 | && ((only_mainkey && uid |
5430 | 0 | && uid->created && (sig->sig_class & ~3) == 0x10) |
5431 | 0 | || (!only_mainkey && sig->sig_class == 0x18)) |
5432 | 0 | && sig->flags.chosen_selfsig) |
5433 | 0 | { |
5434 | | /* This is a self-signature which is to be replaced. */ |
5435 | 0 | PKT_signature *newsig; |
5436 | 0 | PACKET *newpkt; |
5437 | |
|
5438 | 0 | signumber++; |
5439 | |
|
5440 | 0 | if ((only_mainkey && main_pk->version < 4) |
5441 | 0 | || (!only_mainkey && sub_pk->version < 4)) |
5442 | 0 | { |
5443 | 0 | log_info |
5444 | 0 | (_("You can't change the expiration date of a v3 key\n")); |
5445 | 0 | return gpg_error (GPG_ERR_LEGACY_KEY); |
5446 | 0 | } |
5447 | | |
5448 | 0 | if (only_mainkey) |
5449 | 0 | rc = update_keysig_packet (ctrl, |
5450 | 0 | &newsig, sig, main_pk, uid, NULL, |
5451 | 0 | main_pk, keygen_add_key_expire, |
5452 | 0 | main_pk); |
5453 | 0 | else |
5454 | 0 | rc = |
5455 | 0 | update_keysig_packet (ctrl, |
5456 | 0 | &newsig, sig, main_pk, NULL, sub_pk, |
5457 | 0 | main_pk, keygen_add_key_expire, sub_pk); |
5458 | 0 | if (rc) |
5459 | 0 | { |
5460 | 0 | log_error ("make_keysig_packet failed: %s\n", |
5461 | 0 | gpg_strerror (rc)); |
5462 | 0 | if (gpg_err_code (rc) == GPG_ERR_TRUE) |
5463 | 0 | rc = GPG_ERR_GENERAL; |
5464 | 0 | return rc; |
5465 | 0 | } |
5466 | | |
5467 | | /* Replace the packet. */ |
5468 | 0 | newpkt = xmalloc_clear (sizeof *newpkt); |
5469 | 0 | newpkt->pkttype = PKT_SIGNATURE; |
5470 | 0 | newpkt->pkt.signature = newsig; |
5471 | 0 | free_packet (node->pkt, NULL); |
5472 | 0 | xfree (node->pkt); |
5473 | 0 | node->pkt = newpkt; |
5474 | 0 | sub_pk = NULL; |
5475 | 0 | } |
5476 | 0 | } |
5477 | 0 | } |
5478 | | |
5479 | 0 | update_trust = 1; |
5480 | 0 | return gpg_error (GPG_ERR_TRUE); |
5481 | 0 | } |
5482 | | |
5483 | | |
5484 | | /* Change the capability of a selected key. This command should only |
5485 | | * be used to rectify badly created keys and as such is not suggested |
5486 | | * for general use. */ |
5487 | | static int |
5488 | | menu_changeusage (ctrl_t ctrl, kbnode_t keyblock) |
5489 | 0 | { |
5490 | 0 | int n1, rc; |
5491 | 0 | int mainkey = 0; |
5492 | 0 | PKT_public_key *main_pk, *sub_pk; |
5493 | 0 | PKT_user_id *uid; |
5494 | 0 | kbnode_t node; |
5495 | 0 | u32 keyid[2]; |
5496 | |
|
5497 | 0 | n1 = count_selected_keys (keyblock); |
5498 | 0 | if (n1 > 1) |
5499 | 0 | { |
5500 | 0 | tty_printf (_("You must select exactly one key.\n")); |
5501 | 0 | return 0; |
5502 | 0 | } |
5503 | 0 | else if (n1) |
5504 | 0 | tty_printf (_("Changing usage of a subkey.\n")); |
5505 | 0 | else |
5506 | 0 | { |
5507 | 0 | tty_printf (_("Changing usage of the primary key.\n")); |
5508 | 0 | mainkey = 1; |
5509 | 0 | } |
5510 | | |
5511 | | /* Now we can actually change the self-signature(s) */ |
5512 | 0 | main_pk = sub_pk = NULL; |
5513 | 0 | uid = NULL; |
5514 | 0 | for (node = keyblock; node; node = node->next) |
5515 | 0 | { |
5516 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_KEY) |
5517 | 0 | { |
5518 | 0 | main_pk = node->pkt->pkt.public_key; |
5519 | 0 | keyid_from_pk (main_pk, keyid); |
5520 | 0 | } |
5521 | 0 | else if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY) |
5522 | 0 | { |
5523 | 0 | if (node->flag & NODFLG_SELKEY) |
5524 | 0 | sub_pk = node->pkt->pkt.public_key; |
5525 | 0 | else |
5526 | 0 | sub_pk = NULL; |
5527 | 0 | } |
5528 | 0 | else if (node->pkt->pkttype == PKT_USER_ID) |
5529 | 0 | uid = node->pkt->pkt.user_id; |
5530 | 0 | else if (main_pk && node->pkt->pkttype == PKT_SIGNATURE |
5531 | 0 | && (mainkey || sub_pk)) |
5532 | 0 | { |
5533 | 0 | PKT_signature *sig = node->pkt->pkt.signature; |
5534 | 0 | if (keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] |
5535 | 0 | && ((mainkey && uid |
5536 | 0 | && uid->created && (sig->sig_class & ~3) == 0x10) |
5537 | 0 | || (!mainkey && sig->sig_class == 0x18)) |
5538 | 0 | && sig->flags.chosen_selfsig) |
5539 | 0 | { |
5540 | | /* This is the self-signature which is to be replaced. */ |
5541 | 0 | PKT_signature *newsig; |
5542 | 0 | PACKET *newpkt; |
5543 | |
|
5544 | 0 | if ((mainkey && main_pk->version < 4) |
5545 | 0 | || (!mainkey && sub_pk->version < 4)) |
5546 | 0 | { |
5547 | | /* Note: This won't happen because we don't support |
5548 | | * v3 keys anymore. */ |
5549 | 0 | log_info ("You can't change the capabilities of a v3 key\n"); |
5550 | 0 | return 0; |
5551 | 0 | } |
5552 | | |
5553 | 0 | if (mainkey) |
5554 | 0 | main_pk->pubkey_usage = ask_key_flags (main_pk->pubkey_algo, 0, |
5555 | 0 | main_pk->pubkey_usage); |
5556 | 0 | else |
5557 | 0 | sub_pk->pubkey_usage = ask_key_flags (sub_pk->pubkey_algo, 1, |
5558 | 0 | sub_pk->pubkey_usage); |
5559 | |
|
5560 | 0 | if (mainkey) |
5561 | 0 | rc = update_keysig_packet (ctrl, |
5562 | 0 | &newsig, sig, main_pk, uid, NULL, |
5563 | 0 | main_pk, keygen_add_key_flags, |
5564 | 0 | main_pk); |
5565 | 0 | else |
5566 | 0 | rc = |
5567 | 0 | update_keysig_packet (ctrl, |
5568 | 0 | &newsig, sig, main_pk, NULL, sub_pk, |
5569 | 0 | main_pk, keygen_add_key_flags, sub_pk); |
5570 | 0 | if (rc) |
5571 | 0 | { |
5572 | 0 | log_error ("make_keysig_packet failed: %s\n", |
5573 | 0 | gpg_strerror (rc)); |
5574 | 0 | return 0; |
5575 | 0 | } |
5576 | | |
5577 | | /* Replace the packet. */ |
5578 | 0 | newpkt = xmalloc_clear (sizeof *newpkt); |
5579 | 0 | newpkt->pkttype = PKT_SIGNATURE; |
5580 | 0 | newpkt->pkt.signature = newsig; |
5581 | 0 | free_packet (node->pkt, NULL); |
5582 | 0 | xfree (node->pkt); |
5583 | 0 | node->pkt = newpkt; |
5584 | 0 | sub_pk = NULL; |
5585 | 0 | break; |
5586 | 0 | } |
5587 | 0 | } |
5588 | 0 | } |
5589 | | |
5590 | 0 | return 1; |
5591 | 0 | } |
5592 | | |
5593 | | |
5594 | | static int |
5595 | | menu_backsign (ctrl_t ctrl, kbnode_t pub_keyblock) |
5596 | 0 | { |
5597 | 0 | int rc, modified = 0; |
5598 | 0 | PKT_public_key *main_pk; |
5599 | 0 | KBNODE node; |
5600 | 0 | u32 timestamp; |
5601 | |
|
5602 | 0 | log_assert (pub_keyblock->pkt->pkttype == PKT_PUBLIC_KEY); |
5603 | | |
5604 | 0 | merge_keys_and_selfsig (ctrl, pub_keyblock); |
5605 | 0 | main_pk = pub_keyblock->pkt->pkt.public_key; |
5606 | 0 | keyid_from_pk (main_pk, NULL); |
5607 | | |
5608 | | /* We use the same timestamp for all backsigs so that we don't |
5609 | | reveal information about the used machine. */ |
5610 | 0 | timestamp = make_timestamp (); |
5611 | |
|
5612 | 0 | for (node = pub_keyblock; node; node = node->next) |
5613 | 0 | { |
5614 | 0 | PKT_public_key *sub_pk = NULL; |
5615 | 0 | KBNODE node2, sig_pk = NULL /*,sig_sk = NULL*/; |
5616 | | /* char *passphrase; */ |
5617 | | |
5618 | | /* Find a signing subkey with no backsig */ |
5619 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY) |
5620 | 0 | { |
5621 | 0 | if (node->pkt->pkt.public_key->pubkey_usage & PUBKEY_USAGE_SIG) |
5622 | 0 | { |
5623 | 0 | if (node->pkt->pkt.public_key->flags.backsig) |
5624 | 0 | tty_printf (_ |
5625 | 0 | ("signing subkey %s is already cross-certified\n"), |
5626 | 0 | keystr_from_pk (node->pkt->pkt.public_key)); |
5627 | 0 | else |
5628 | 0 | sub_pk = node->pkt->pkt.public_key; |
5629 | 0 | } |
5630 | 0 | else |
5631 | 0 | tty_printf (_("subkey %s does not sign and so does" |
5632 | 0 | " not need to be cross-certified\n"), |
5633 | 0 | keystr_from_pk (node->pkt->pkt.public_key)); |
5634 | 0 | } |
5635 | |
|
5636 | 0 | if (!sub_pk) |
5637 | 0 | continue; |
5638 | | |
5639 | | /* Find the selected selfsig on this subkey */ |
5640 | 0 | for (node2 = node->next; |
5641 | 0 | node2 && node2->pkt->pkttype == PKT_SIGNATURE; node2 = node2->next) |
5642 | 0 | if (node2->pkt->pkt.signature->version >= 4 |
5643 | 0 | && node2->pkt->pkt.signature->flags.chosen_selfsig) |
5644 | 0 | { |
5645 | 0 | sig_pk = node2; |
5646 | 0 | break; |
5647 | 0 | } |
5648 | |
|
5649 | 0 | if (!sig_pk) |
5650 | 0 | continue; |
5651 | | |
5652 | | /* Find the secret subkey that matches the public subkey */ |
5653 | 0 | log_debug ("FIXME: Check whether a secret subkey is available.\n"); |
5654 | | /* if (!sub_sk) */ |
5655 | | /* { */ |
5656 | | /* tty_printf (_("no secret subkey for public subkey %s - ignoring\n"), */ |
5657 | | /* keystr_from_pk (sub_pk)); */ |
5658 | | /* continue; */ |
5659 | | /* } */ |
5660 | | |
5661 | | |
5662 | | /* Now we can get to work. */ |
5663 | |
|
5664 | 0 | rc = make_backsig (ctrl, |
5665 | 0 | sig_pk->pkt->pkt.signature, main_pk, sub_pk, sub_pk, |
5666 | 0 | timestamp, NULL); |
5667 | 0 | if (!rc) |
5668 | 0 | { |
5669 | 0 | PKT_signature *newsig; |
5670 | 0 | PACKET *newpkt; |
5671 | |
|
5672 | 0 | rc = update_keysig_packet (ctrl, |
5673 | 0 | &newsig, sig_pk->pkt->pkt.signature, |
5674 | 0 | main_pk, NULL, sub_pk, main_pk, |
5675 | 0 | NULL, NULL); |
5676 | 0 | if (!rc) |
5677 | 0 | { |
5678 | | /* Put the new sig into place on the pubkey */ |
5679 | 0 | newpkt = xmalloc_clear (sizeof (*newpkt)); |
5680 | 0 | newpkt->pkttype = PKT_SIGNATURE; |
5681 | 0 | newpkt->pkt.signature = newsig; |
5682 | 0 | free_packet (sig_pk->pkt, NULL); |
5683 | 0 | xfree (sig_pk->pkt); |
5684 | 0 | sig_pk->pkt = newpkt; |
5685 | |
|
5686 | 0 | modified = 1; |
5687 | 0 | } |
5688 | 0 | else |
5689 | 0 | { |
5690 | 0 | log_error ("update_keysig_packet failed: %s\n", |
5691 | 0 | gpg_strerror (rc)); |
5692 | 0 | break; |
5693 | 0 | } |
5694 | 0 | } |
5695 | 0 | else |
5696 | 0 | { |
5697 | 0 | log_error ("make_backsig failed: %s\n", gpg_strerror (rc)); |
5698 | 0 | break; |
5699 | 0 | } |
5700 | 0 | } |
5701 | |
|
5702 | 0 | return modified; |
5703 | 0 | } |
5704 | | |
5705 | | |
5706 | | static int |
5707 | | change_primary_uid_cb (PKT_signature * sig, void *opaque) |
5708 | 0 | { |
5709 | 0 | byte buf[1]; |
5710 | | |
5711 | | /* first clear all primary uid flags so that we are sure none are |
5712 | | * lingering around */ |
5713 | 0 | delete_sig_subpkt (sig->hashed, SIGSUBPKT_PRIMARY_UID); |
5714 | 0 | delete_sig_subpkt (sig->unhashed, SIGSUBPKT_PRIMARY_UID); |
5715 | | |
5716 | | /* if opaque is set,we want to set the primary id */ |
5717 | 0 | if (opaque) |
5718 | 0 | { |
5719 | 0 | buf[0] = 1; |
5720 | 0 | build_sig_subpkt (sig, SIGSUBPKT_PRIMARY_UID, buf, 1); |
5721 | 0 | } |
5722 | |
|
5723 | 0 | return 0; |
5724 | 0 | } |
5725 | | |
5726 | | |
5727 | | /* |
5728 | | * Set the primary uid flag for the selected UID. We will also reset |
5729 | | * all other primary uid flags. For this to work we have to update |
5730 | | * all the signature timestamps. If we would do this with the current |
5731 | | * time, we lose quite a lot of information, so we use a kludge to |
5732 | | * do this: Just increment the timestamp by one second which is |
5733 | | * sufficient to updated a signature during import. |
5734 | | */ |
5735 | | static int |
5736 | | menu_set_primary_uid (ctrl_t ctrl, kbnode_t pub_keyblock) |
5737 | 0 | { |
5738 | 0 | PKT_public_key *main_pk; |
5739 | 0 | PKT_user_id *uid; |
5740 | 0 | KBNODE node; |
5741 | 0 | u32 keyid[2]; |
5742 | 0 | int selected; |
5743 | 0 | int attribute = 0; |
5744 | 0 | int modified = 0; |
5745 | |
|
5746 | 0 | if (count_selected_uids (pub_keyblock) != 1) |
5747 | 0 | { |
5748 | 0 | tty_printf (_("Please select exactly one user ID.\n")); |
5749 | 0 | return 0; |
5750 | 0 | } |
5751 | | |
5752 | 0 | main_pk = NULL; |
5753 | 0 | uid = NULL; |
5754 | 0 | selected = 0; |
5755 | | |
5756 | | /* Is our selected uid an attribute packet? */ |
5757 | 0 | for (node = pub_keyblock; node; node = node->next) |
5758 | 0 | if (node->pkt->pkttype == PKT_USER_ID && node->flag & NODFLG_SELUID) |
5759 | 0 | attribute = (node->pkt->pkt.user_id->attrib_data != NULL); |
5760 | |
|
5761 | 0 | for (node = pub_keyblock; node; node = node->next) |
5762 | 0 | { |
5763 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY) |
5764 | 0 | break; /* No more user ids expected - ready. */ |
5765 | | |
5766 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_KEY) |
5767 | 0 | { |
5768 | 0 | main_pk = node->pkt->pkt.public_key; |
5769 | 0 | keyid_from_pk (main_pk, keyid); |
5770 | 0 | } |
5771 | 0 | else if (node->pkt->pkttype == PKT_USER_ID) |
5772 | 0 | { |
5773 | 0 | uid = node->pkt->pkt.user_id; |
5774 | 0 | selected = node->flag & NODFLG_SELUID; |
5775 | 0 | } |
5776 | 0 | else if (main_pk && uid && node->pkt->pkttype == PKT_SIGNATURE) |
5777 | 0 | { |
5778 | 0 | PKT_signature *sig = node->pkt->pkt.signature; |
5779 | 0 | if (keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] |
5780 | 0 | && (uid && (sig->sig_class & ~3) == 0x10) |
5781 | 0 | && attribute == (uid->attrib_data != NULL) |
5782 | 0 | && sig->flags.chosen_selfsig) |
5783 | 0 | { |
5784 | 0 | if (sig->version < 4) |
5785 | 0 | { |
5786 | 0 | char *user = |
5787 | 0 | utf8_to_native (uid->name, strlen (uid->name), 0); |
5788 | |
|
5789 | 0 | log_info (_("skipping v3 self-signature on user ID \"%s\"\n"), |
5790 | 0 | user); |
5791 | 0 | xfree (user); |
5792 | 0 | } |
5793 | 0 | else |
5794 | 0 | { |
5795 | | /* This is a selfsignature which is to be replaced. |
5796 | | We can just ignore v3 signatures because they are |
5797 | | not able to carry the primary ID flag. We also |
5798 | | ignore self-sigs on user IDs that are not of the |
5799 | | same type that we are making primary. That is, if |
5800 | | we are making a user ID primary, we alter user IDs. |
5801 | | If we are making an attribute packet primary, we |
5802 | | alter attribute packets. */ |
5803 | | |
5804 | | /* FIXME: We must make sure that we only have one |
5805 | | self-signature per user ID here (not counting |
5806 | | revocations) */ |
5807 | 0 | PKT_signature *newsig; |
5808 | 0 | PACKET *newpkt; |
5809 | 0 | const byte *p; |
5810 | 0 | int action; |
5811 | | |
5812 | | /* See whether this signature has the primary UID flag. */ |
5813 | 0 | p = parse_sig_subpkt (sig, 1, |
5814 | 0 | SIGSUBPKT_PRIMARY_UID, NULL); |
5815 | 0 | if (!p) |
5816 | 0 | p = parse_sig_subpkt (sig, 0, |
5817 | 0 | SIGSUBPKT_PRIMARY_UID, NULL); |
5818 | 0 | if (p && *p) /* yes */ |
5819 | 0 | action = selected ? 0 : -1; |
5820 | 0 | else /* no */ |
5821 | 0 | action = selected ? 1 : 0; |
5822 | |
|
5823 | 0 | if (action) |
5824 | 0 | { |
5825 | 0 | int rc = update_keysig_packet (ctrl, &newsig, sig, |
5826 | 0 | main_pk, uid, NULL, |
5827 | 0 | main_pk, |
5828 | 0 | change_primary_uid_cb, |
5829 | 0 | action > 0 ? "x" : NULL); |
5830 | 0 | if (rc) |
5831 | 0 | { |
5832 | 0 | log_error ("update_keysig_packet failed: %s\n", |
5833 | 0 | gpg_strerror (rc)); |
5834 | 0 | return 0; |
5835 | 0 | } |
5836 | | /* replace the packet */ |
5837 | 0 | newpkt = xmalloc_clear (sizeof *newpkt); |
5838 | 0 | newpkt->pkttype = PKT_SIGNATURE; |
5839 | 0 | newpkt->pkt.signature = newsig; |
5840 | 0 | free_packet (node->pkt, NULL); |
5841 | 0 | xfree (node->pkt); |
5842 | 0 | node->pkt = newpkt; |
5843 | 0 | modified = 1; |
5844 | 0 | } |
5845 | 0 | } |
5846 | 0 | } |
5847 | 0 | } |
5848 | 0 | } |
5849 | | |
5850 | 0 | return modified; |
5851 | 0 | } |
5852 | | |
5853 | | |
5854 | | /* |
5855 | | * Set preferences to new values for the selected user IDs. |
5856 | | * --quick-update-pred calls this with UNATTENDED set. |
5857 | | */ |
5858 | | static int |
5859 | | menu_set_preferences (ctrl_t ctrl, kbnode_t pub_keyblock, int unattended) |
5860 | 0 | { |
5861 | 0 | PKT_public_key *main_pk; |
5862 | 0 | PKT_user_id *uid; |
5863 | 0 | KBNODE node; |
5864 | 0 | u32 keyid[2]; |
5865 | 0 | int selected, select_all; |
5866 | 0 | int modified = 0; |
5867 | |
|
5868 | 0 | if (!unattended) |
5869 | 0 | no_primary_warning (pub_keyblock); |
5870 | |
|
5871 | 0 | select_all = unattended? 1 : !count_selected_uids (pub_keyblock); |
5872 | | |
5873 | | /* Now we can actually change the self signature(s) */ |
5874 | 0 | main_pk = NULL; |
5875 | 0 | uid = NULL; |
5876 | 0 | selected = 0; |
5877 | 0 | for (node = pub_keyblock; node; node = node->next) |
5878 | 0 | { |
5879 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY) |
5880 | 0 | break; /* No more user-ids expected - ready. */ |
5881 | | |
5882 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_KEY) |
5883 | 0 | { |
5884 | 0 | main_pk = node->pkt->pkt.public_key; |
5885 | 0 | keyid_from_pk (main_pk, keyid); |
5886 | 0 | } |
5887 | 0 | else if (node->pkt->pkttype == PKT_USER_ID) |
5888 | 0 | { |
5889 | 0 | uid = node->pkt->pkt.user_id; |
5890 | 0 | selected = select_all || (node->flag & NODFLG_SELUID); |
5891 | 0 | } |
5892 | 0 | else if (main_pk && uid && selected |
5893 | 0 | && node->pkt->pkttype == PKT_SIGNATURE) |
5894 | 0 | { |
5895 | 0 | PKT_signature *sig = node->pkt->pkt.signature; |
5896 | 0 | if (keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] |
5897 | 0 | && (uid && (sig->sig_class & ~3) == 0x10) |
5898 | 0 | && sig->flags.chosen_selfsig) |
5899 | 0 | { |
5900 | 0 | if (sig->version < 4) |
5901 | 0 | { |
5902 | 0 | char *user = |
5903 | 0 | utf8_to_native (uid->name, strlen (uid->name), 0); |
5904 | |
|
5905 | 0 | log_info (_("skipping v3 self-signature on user ID \"%s\"\n"), |
5906 | 0 | user); |
5907 | 0 | xfree (user); |
5908 | 0 | } |
5909 | 0 | else |
5910 | 0 | { |
5911 | | /* This is a selfsignature which is to be replaced |
5912 | | * We have to ignore v3 signatures because they are |
5913 | | * not able to carry the preferences. */ |
5914 | 0 | PKT_signature *newsig; |
5915 | 0 | PACKET *newpkt; |
5916 | 0 | int rc; |
5917 | |
|
5918 | 0 | rc = update_keysig_packet (ctrl, &newsig, sig, |
5919 | 0 | main_pk, uid, NULL, main_pk, |
5920 | 0 | keygen_upd_std_prefs, NULL); |
5921 | 0 | if (rc) |
5922 | 0 | { |
5923 | 0 | log_error ("update_keysig_packet failed: %s\n", |
5924 | 0 | gpg_strerror (rc)); |
5925 | 0 | return 0; |
5926 | 0 | } |
5927 | | /* replace the packet */ |
5928 | 0 | newpkt = xmalloc_clear (sizeof *newpkt); |
5929 | 0 | newpkt->pkttype = PKT_SIGNATURE; |
5930 | 0 | newpkt->pkt.signature = newsig; |
5931 | 0 | free_packet (node->pkt, NULL); |
5932 | 0 | xfree (node->pkt); |
5933 | 0 | node->pkt = newpkt; |
5934 | 0 | modified = 1; |
5935 | 0 | } |
5936 | 0 | } |
5937 | 0 | } |
5938 | 0 | } |
5939 | | |
5940 | 0 | return modified; |
5941 | 0 | } |
5942 | | |
5943 | | |
5944 | | static int |
5945 | | menu_set_keyserver_url (ctrl_t ctrl, const char *url, kbnode_t pub_keyblock) |
5946 | 0 | { |
5947 | 0 | PKT_public_key *main_pk; |
5948 | 0 | PKT_user_id *uid; |
5949 | 0 | KBNODE node; |
5950 | 0 | u32 keyid[2]; |
5951 | 0 | int selected, select_all; |
5952 | 0 | int modified = 0; |
5953 | 0 | char *answer, *uri; |
5954 | |
|
5955 | 0 | no_primary_warning (pub_keyblock); |
5956 | |
|
5957 | 0 | if (url) |
5958 | 0 | answer = xstrdup (url); |
5959 | 0 | else |
5960 | 0 | { |
5961 | 0 | answer = cpr_get_utf8 ("keyedit.add_keyserver", |
5962 | 0 | _("Enter your preferred keyserver URL: ")); |
5963 | 0 | if (answer[0] == '\0' || answer[0] == CONTROL_D) |
5964 | 0 | { |
5965 | 0 | xfree (answer); |
5966 | 0 | return 0; |
5967 | 0 | } |
5968 | 0 | } |
5969 | | |
5970 | 0 | if (!ascii_strcasecmp (answer, "none")) |
5971 | 0 | { |
5972 | 0 | xfree (answer); |
5973 | 0 | uri = NULL; |
5974 | 0 | } |
5975 | 0 | else |
5976 | 0 | { |
5977 | 0 | struct keyserver_spec *keyserver = NULL; |
5978 | | /* Sanity check the format */ |
5979 | 0 | keyserver = parse_keyserver_uri (answer, 1); |
5980 | 0 | xfree (answer); |
5981 | 0 | if (!keyserver) |
5982 | 0 | { |
5983 | 0 | log_info (_("could not parse keyserver URL\n")); |
5984 | 0 | return 0; |
5985 | 0 | } |
5986 | 0 | uri = xstrdup (keyserver->uri); |
5987 | 0 | free_keyserver_spec (keyserver); |
5988 | 0 | } |
5989 | | |
5990 | 0 | select_all = !count_selected_uids (pub_keyblock); |
5991 | | |
5992 | | /* Now we can actually change the self signature(s) */ |
5993 | 0 | main_pk = NULL; |
5994 | 0 | uid = NULL; |
5995 | 0 | selected = 0; |
5996 | 0 | for (node = pub_keyblock; node; node = node->next) |
5997 | 0 | { |
5998 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY) |
5999 | 0 | break; /* ready */ |
6000 | | |
6001 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_KEY) |
6002 | 0 | { |
6003 | 0 | main_pk = node->pkt->pkt.public_key; |
6004 | 0 | keyid_from_pk (main_pk, keyid); |
6005 | 0 | } |
6006 | 0 | else if (node->pkt->pkttype == PKT_USER_ID) |
6007 | 0 | { |
6008 | 0 | uid = node->pkt->pkt.user_id; |
6009 | 0 | selected = select_all || (node->flag & NODFLG_SELUID); |
6010 | 0 | } |
6011 | 0 | else if (main_pk && uid && selected |
6012 | 0 | && node->pkt->pkttype == PKT_SIGNATURE) |
6013 | 0 | { |
6014 | 0 | PKT_signature *sig = node->pkt->pkt.signature; |
6015 | 0 | if (keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] |
6016 | 0 | && (uid && (sig->sig_class & ~3) == 0x10) |
6017 | 0 | && sig->flags.chosen_selfsig) |
6018 | 0 | { |
6019 | 0 | char *user = utf8_to_native (uid->name, strlen (uid->name), 0); |
6020 | 0 | if (sig->version < 4) |
6021 | 0 | log_info (_("skipping v3 self-signature on user ID \"%s\"\n"), |
6022 | 0 | user); |
6023 | 0 | else |
6024 | 0 | { |
6025 | | /* This is a selfsignature which is to be replaced |
6026 | | * We have to ignore v3 signatures because they are |
6027 | | * not able to carry the subpacket. */ |
6028 | 0 | PKT_signature *newsig; |
6029 | 0 | PACKET *newpkt; |
6030 | 0 | int rc; |
6031 | 0 | const byte *p; |
6032 | 0 | size_t plen; |
6033 | |
|
6034 | 0 | p = parse_sig_subpkt (sig, 1, SIGSUBPKT_PREF_KS, &plen); |
6035 | 0 | if (p && plen) |
6036 | 0 | { |
6037 | 0 | tty_printf ("Current preferred keyserver for user" |
6038 | 0 | " ID \"%s\": ", user); |
6039 | 0 | tty_print_utf8_string (p, plen); |
6040 | 0 | tty_printf ("\n"); |
6041 | 0 | if (!cpr_get_answer_is_yes |
6042 | 0 | ("keyedit.confirm_keyserver", |
6043 | 0 | uri |
6044 | 0 | ? _("Are you sure you want to replace it? (y/N) ") |
6045 | 0 | : _("Are you sure you want to delete it? (y/N) "))) |
6046 | 0 | { |
6047 | 0 | xfree (user); |
6048 | 0 | continue; |
6049 | 0 | } |
6050 | 0 | } |
6051 | 0 | else if (uri == NULL) |
6052 | 0 | { |
6053 | | /* There is no current keyserver URL, so there |
6054 | | is no point in trying to un-set it. */ |
6055 | 0 | xfree (user); |
6056 | 0 | continue; |
6057 | 0 | } |
6058 | | |
6059 | 0 | rc = update_keysig_packet (ctrl, &newsig, sig, |
6060 | 0 | main_pk, uid, NULL, |
6061 | 0 | main_pk, |
6062 | 0 | keygen_add_keyserver_url, uri); |
6063 | 0 | if (rc) |
6064 | 0 | { |
6065 | 0 | log_error ("update_keysig_packet failed: %s\n", |
6066 | 0 | gpg_strerror (rc)); |
6067 | 0 | xfree (uri); |
6068 | 0 | xfree (user); |
6069 | 0 | return 0; |
6070 | 0 | } |
6071 | | /* replace the packet */ |
6072 | 0 | newpkt = xmalloc_clear (sizeof *newpkt); |
6073 | 0 | newpkt->pkttype = PKT_SIGNATURE; |
6074 | 0 | newpkt->pkt.signature = newsig; |
6075 | 0 | free_packet (node->pkt, NULL); |
6076 | 0 | xfree (node->pkt); |
6077 | 0 | node->pkt = newpkt; |
6078 | 0 | modified = 1; |
6079 | 0 | } |
6080 | | |
6081 | 0 | xfree (user); |
6082 | 0 | } |
6083 | 0 | } |
6084 | 0 | } |
6085 | | |
6086 | 0 | xfree (uri); |
6087 | 0 | return modified; |
6088 | 0 | } |
6089 | | |
6090 | | |
6091 | | static int |
6092 | | menu_set_notation (ctrl_t ctrl, const char *string, KBNODE pub_keyblock) |
6093 | 0 | { |
6094 | 0 | PKT_public_key *main_pk; |
6095 | 0 | PKT_user_id *uid; |
6096 | 0 | KBNODE node; |
6097 | 0 | u32 keyid[2]; |
6098 | 0 | int selected, select_all; |
6099 | 0 | int modified = 0; |
6100 | 0 | char *answer; |
6101 | 0 | struct notation *notation; |
6102 | |
|
6103 | 0 | no_primary_warning (pub_keyblock); |
6104 | |
|
6105 | 0 | if (string) |
6106 | 0 | answer = xstrdup (string); |
6107 | 0 | else |
6108 | 0 | { |
6109 | 0 | answer = cpr_get_utf8 ("keyedit.add_notation", |
6110 | 0 | _("Enter the notation: ")); |
6111 | 0 | if (answer[0] == '\0' || answer[0] == CONTROL_D) |
6112 | 0 | { |
6113 | 0 | xfree (answer); |
6114 | 0 | return 0; |
6115 | 0 | } |
6116 | 0 | } |
6117 | | |
6118 | 0 | if (!ascii_strcasecmp (answer, "none") |
6119 | 0 | || !ascii_strcasecmp (answer, "-")) |
6120 | 0 | notation = NULL; /* Delete them all. */ |
6121 | 0 | else |
6122 | 0 | { |
6123 | 0 | notation = string_to_notation (answer, 0); |
6124 | 0 | if (!notation) |
6125 | 0 | { |
6126 | 0 | xfree (answer); |
6127 | 0 | return 0; |
6128 | 0 | } |
6129 | 0 | } |
6130 | | |
6131 | 0 | xfree (answer); |
6132 | |
|
6133 | 0 | select_all = !count_selected_uids (pub_keyblock); |
6134 | | |
6135 | | /* Now we can actually change the self signature(s) */ |
6136 | 0 | main_pk = NULL; |
6137 | 0 | uid = NULL; |
6138 | 0 | selected = 0; |
6139 | 0 | for (node = pub_keyblock; node; node = node->next) |
6140 | 0 | { |
6141 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY) |
6142 | 0 | break; /* ready */ |
6143 | | |
6144 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_KEY) |
6145 | 0 | { |
6146 | 0 | main_pk = node->pkt->pkt.public_key; |
6147 | 0 | keyid_from_pk (main_pk, keyid); |
6148 | 0 | } |
6149 | 0 | else if (node->pkt->pkttype == PKT_USER_ID) |
6150 | 0 | { |
6151 | 0 | uid = node->pkt->pkt.user_id; |
6152 | 0 | selected = select_all || (node->flag & NODFLG_SELUID); |
6153 | 0 | } |
6154 | 0 | else if (main_pk && uid && selected |
6155 | 0 | && node->pkt->pkttype == PKT_SIGNATURE) |
6156 | 0 | { |
6157 | 0 | PKT_signature *sig = node->pkt->pkt.signature; |
6158 | 0 | if (keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] |
6159 | 0 | && (uid && (sig->sig_class & ~3) == 0x10) |
6160 | 0 | && sig->flags.chosen_selfsig) |
6161 | 0 | { |
6162 | 0 | char *user = utf8_to_native (uid->name, strlen (uid->name), 0); |
6163 | 0 | if (sig->version < 4) |
6164 | 0 | log_info (_("skipping v3 self-signature on user ID \"%s\"\n"), |
6165 | 0 | user); |
6166 | 0 | else |
6167 | 0 | { |
6168 | 0 | PKT_signature *newsig; |
6169 | 0 | PACKET *newpkt; |
6170 | 0 | int rc, skip = 0, addonly = 1; |
6171 | |
|
6172 | 0 | if (sig->flags.notation) |
6173 | 0 | { |
6174 | 0 | tty_printf ("Current notations for user ID \"%s\":\n", |
6175 | 0 | user); |
6176 | 0 | tty_print_notations (-9, sig); |
6177 | 0 | } |
6178 | 0 | else |
6179 | 0 | { |
6180 | 0 | tty_printf ("No notations on user ID \"%s\"\n", user); |
6181 | 0 | if (notation == NULL) |
6182 | 0 | { |
6183 | | /* There are no current notations, so there |
6184 | | is no point in trying to un-set them. */ |
6185 | 0 | continue; |
6186 | 0 | } |
6187 | 0 | } |
6188 | | |
6189 | 0 | if (notation) |
6190 | 0 | { |
6191 | 0 | struct notation *n; |
6192 | 0 | int deleting = 0; |
6193 | |
|
6194 | 0 | notation->next = sig_to_notation (sig); |
6195 | |
|
6196 | 0 | for (n = notation->next; n; n = n->next) |
6197 | 0 | if (strcmp (n->name, notation->name) == 0) |
6198 | 0 | { |
6199 | 0 | if (notation->value) |
6200 | 0 | { |
6201 | 0 | if (strcmp (n->value, notation->value) == 0) |
6202 | 0 | { |
6203 | 0 | if (notation->flags.ignore) |
6204 | 0 | { |
6205 | | /* Value match with a delete |
6206 | | flag. */ |
6207 | 0 | n->flags.ignore = 1; |
6208 | 0 | deleting = 1; |
6209 | 0 | } |
6210 | 0 | else |
6211 | 0 | { |
6212 | | /* Adding the same notation |
6213 | | twice, so don't add it at |
6214 | | all. */ |
6215 | 0 | skip = 1; |
6216 | 0 | tty_printf ("Skipping notation:" |
6217 | 0 | " %s=%s\n", |
6218 | 0 | notation->name, |
6219 | 0 | notation->value); |
6220 | 0 | break; |
6221 | 0 | } |
6222 | 0 | } |
6223 | 0 | } |
6224 | 0 | else |
6225 | 0 | { |
6226 | | /* No value, so it means delete. */ |
6227 | 0 | n->flags.ignore = 1; |
6228 | 0 | deleting = 1; |
6229 | 0 | } |
6230 | | |
6231 | 0 | if (n->flags.ignore) |
6232 | 0 | { |
6233 | 0 | tty_printf ("Removing notation: %s=%s\n", |
6234 | 0 | n->name, n->value); |
6235 | 0 | addonly = 0; |
6236 | 0 | } |
6237 | 0 | } |
6238 | |
|
6239 | 0 | if (!notation->flags.ignore && !skip) |
6240 | 0 | tty_printf ("Adding notation: %s=%s\n", |
6241 | 0 | notation->name, notation->value); |
6242 | | |
6243 | | /* We tried to delete, but had no matches. */ |
6244 | 0 | if (notation->flags.ignore && !deleting) |
6245 | 0 | continue; |
6246 | 0 | } |
6247 | 0 | else |
6248 | 0 | { |
6249 | 0 | tty_printf ("Removing all notations\n"); |
6250 | 0 | addonly = 0; |
6251 | 0 | } |
6252 | | |
6253 | 0 | if (skip |
6254 | 0 | || (!addonly |
6255 | 0 | && |
6256 | 0 | !cpr_get_answer_is_yes ("keyedit.confirm_notation", |
6257 | 0 | _("Proceed? (y/N) ")))) |
6258 | 0 | continue; |
6259 | | |
6260 | 0 | rc = update_keysig_packet (ctrl, &newsig, sig, |
6261 | 0 | main_pk, uid, NULL, |
6262 | 0 | main_pk, |
6263 | 0 | keygen_add_notations, notation); |
6264 | 0 | if (rc) |
6265 | 0 | { |
6266 | 0 | log_error ("update_keysig_packet failed: %s\n", |
6267 | 0 | gpg_strerror (rc)); |
6268 | 0 | free_notation (notation); |
6269 | 0 | xfree (user); |
6270 | 0 | return 0; |
6271 | 0 | } |
6272 | | |
6273 | | /* replace the packet */ |
6274 | 0 | newpkt = xmalloc_clear (sizeof *newpkt); |
6275 | 0 | newpkt->pkttype = PKT_SIGNATURE; |
6276 | 0 | newpkt->pkt.signature = newsig; |
6277 | 0 | free_packet (node->pkt, NULL); |
6278 | 0 | xfree (node->pkt); |
6279 | 0 | node->pkt = newpkt; |
6280 | 0 | modified = 1; |
6281 | |
|
6282 | 0 | if (notation) |
6283 | 0 | { |
6284 | | /* Snip off the notation list from the sig */ |
6285 | 0 | free_notation (notation->next); |
6286 | 0 | notation->next = NULL; |
6287 | 0 | } |
6288 | |
|
6289 | 0 | xfree (user); |
6290 | 0 | } |
6291 | 0 | } |
6292 | 0 | } |
6293 | 0 | } |
6294 | | |
6295 | 0 | free_notation (notation); |
6296 | 0 | return modified; |
6297 | 0 | } |
6298 | | |
6299 | | |
6300 | | /* |
6301 | | * Select one user id or remove all selection if IDX is 0 or select |
6302 | | * all if IDX is -1. Returns: True if the selection changed. |
6303 | | */ |
6304 | | static int |
6305 | | menu_select_uid (KBNODE keyblock, int idx) |
6306 | 0 | { |
6307 | 0 | KBNODE node; |
6308 | 0 | int i; |
6309 | |
|
6310 | 0 | if (idx == -1) /* Select all. */ |
6311 | 0 | { |
6312 | 0 | for (node = keyblock; node; node = node->next) |
6313 | 0 | if (node->pkt->pkttype == PKT_USER_ID) |
6314 | 0 | node->flag |= NODFLG_SELUID; |
6315 | 0 | return 1; |
6316 | 0 | } |
6317 | 0 | else if (idx) /* Toggle. */ |
6318 | 0 | { |
6319 | 0 | for (i = 0, node = keyblock; node; node = node->next) |
6320 | 0 | { |
6321 | 0 | if (node->pkt->pkttype == PKT_USER_ID) |
6322 | 0 | if (++i == idx) |
6323 | 0 | break; |
6324 | 0 | } |
6325 | 0 | if (!node) |
6326 | 0 | { |
6327 | 0 | tty_printf (_("No user ID with index %d\n"), idx); |
6328 | 0 | return 0; |
6329 | 0 | } |
6330 | | |
6331 | 0 | for (i = 0, node = keyblock; node; node = node->next) |
6332 | 0 | { |
6333 | 0 | if (node->pkt->pkttype == PKT_USER_ID) |
6334 | 0 | { |
6335 | 0 | if (++i == idx) |
6336 | 0 | { |
6337 | 0 | if ((node->flag & NODFLG_SELUID)) |
6338 | 0 | node->flag &= ~NODFLG_SELUID; |
6339 | 0 | else |
6340 | 0 | node->flag |= NODFLG_SELUID; |
6341 | 0 | } |
6342 | 0 | } |
6343 | 0 | } |
6344 | 0 | } |
6345 | 0 | else /* Unselect all */ |
6346 | 0 | { |
6347 | 0 | for (node = keyblock; node; node = node->next) |
6348 | 0 | if (node->pkt->pkttype == PKT_USER_ID) |
6349 | 0 | node->flag &= ~NODFLG_SELUID; |
6350 | 0 | } |
6351 | | |
6352 | 0 | return 1; |
6353 | 0 | } |
6354 | | |
6355 | | |
6356 | | /* Search in the keyblock for a uid that matches namehash */ |
6357 | | static int |
6358 | | menu_select_uid_namehash (KBNODE keyblock, const char *namehash) |
6359 | 0 | { |
6360 | 0 | byte hash[NAMEHASH_LEN]; |
6361 | 0 | KBNODE node; |
6362 | 0 | int i; |
6363 | |
|
6364 | 0 | log_assert (strlen (namehash) == NAMEHASH_LEN * 2); |
6365 | | |
6366 | 0 | for (i = 0; i < NAMEHASH_LEN; i++) |
6367 | 0 | hash[i] = hextobyte (&namehash[i * 2]); |
6368 | |
|
6369 | 0 | for (node = keyblock->next; node; node = node->next) |
6370 | 0 | { |
6371 | 0 | if (node->pkt->pkttype == PKT_USER_ID) |
6372 | 0 | { |
6373 | 0 | namehash_from_uid (node->pkt->pkt.user_id); |
6374 | 0 | if (memcmp (node->pkt->pkt.user_id->namehash, hash, NAMEHASH_LEN) == |
6375 | 0 | 0) |
6376 | 0 | { |
6377 | 0 | if (node->flag & NODFLG_SELUID) |
6378 | 0 | node->flag &= ~NODFLG_SELUID; |
6379 | 0 | else |
6380 | 0 | node->flag |= NODFLG_SELUID; |
6381 | |
|
6382 | 0 | break; |
6383 | 0 | } |
6384 | 0 | } |
6385 | 0 | } |
6386 | |
|
6387 | 0 | if (!node) |
6388 | 0 | { |
6389 | 0 | tty_printf (_("No user ID with hash %s\n"), namehash); |
6390 | 0 | return 0; |
6391 | 0 | } |
6392 | | |
6393 | 0 | return 1; |
6394 | 0 | } |
6395 | | |
6396 | | |
6397 | | /* |
6398 | | * Select secondary keys |
6399 | | * Returns: True if the selection changed. |
6400 | | */ |
6401 | | static int |
6402 | | menu_select_key (KBNODE keyblock, int idx, char *p) |
6403 | 0 | { |
6404 | 0 | KBNODE node; |
6405 | 0 | int i, j; |
6406 | 0 | int is_hex_digits; |
6407 | |
|
6408 | 0 | is_hex_digits = p && strlen (p) >= 8; |
6409 | 0 | if (is_hex_digits) |
6410 | 0 | { |
6411 | | /* Skip initial spaces. */ |
6412 | 0 | while (spacep (p)) |
6413 | 0 | p ++; |
6414 | | /* If the id starts with 0x accept and ignore it. */ |
6415 | 0 | if (p[0] == '0' && p[1] == 'x') |
6416 | 0 | p += 2; |
6417 | |
|
6418 | 0 | for (i = 0, j = 0; p[i]; i ++) |
6419 | 0 | if (hexdigitp (&p[i])) |
6420 | 0 | { |
6421 | 0 | p[j] = toupper (p[i]); |
6422 | 0 | j ++; |
6423 | 0 | } |
6424 | 0 | else if (spacep (&p[i])) |
6425 | | /* Skip spaces. */ |
6426 | 0 | { |
6427 | 0 | } |
6428 | 0 | else |
6429 | 0 | { |
6430 | 0 | is_hex_digits = 0; |
6431 | 0 | break; |
6432 | 0 | } |
6433 | 0 | if (is_hex_digits) |
6434 | | /* In case we skipped some spaces, add a new NUL terminator. */ |
6435 | 0 | { |
6436 | 0 | p[j] = 0; |
6437 | | /* If we skipped some spaces, make sure that we still have |
6438 | | at least 8 characters. */ |
6439 | 0 | is_hex_digits = (/* Short keyid. */ |
6440 | 0 | strlen (p) == 8 |
6441 | | /* Long keyid. */ |
6442 | 0 | || strlen (p) == 16 |
6443 | | /* Fingerprints are (currently) 32 or 40 |
6444 | | characters. */ |
6445 | 0 | || strlen (p) >= 32); |
6446 | 0 | } |
6447 | 0 | } |
6448 | |
|
6449 | 0 | if (is_hex_digits) |
6450 | 0 | { |
6451 | 0 | int found_one = 0; |
6452 | 0 | for (node = keyblock; node; node = node->next) |
6453 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY |
6454 | 0 | || node->pkt->pkttype == PKT_SECRET_SUBKEY) |
6455 | 0 | { |
6456 | 0 | int match = 0; |
6457 | 0 | if (strlen (p) == 8 || strlen (p) == 16) |
6458 | 0 | { |
6459 | 0 | u32 kid[2]; |
6460 | 0 | char kid_str[17]; |
6461 | 0 | keyid_from_pk (node->pkt->pkt.public_key, kid); |
6462 | 0 | format_keyid (kid, strlen (p) == 8 ? KF_SHORT : KF_LONG, |
6463 | 0 | kid_str, sizeof (kid_str)); |
6464 | |
|
6465 | 0 | if (strcmp (p, kid_str) == 0) |
6466 | 0 | match = 1; |
6467 | 0 | } |
6468 | 0 | else |
6469 | 0 | { |
6470 | 0 | char fp[2*MAX_FINGERPRINT_LEN + 1]; |
6471 | 0 | hexfingerprint (node->pkt->pkt.public_key, fp, sizeof (fp)); |
6472 | 0 | if (strcmp (fp, p) == 0) |
6473 | 0 | match = 1; |
6474 | 0 | } |
6475 | |
|
6476 | 0 | if (match) |
6477 | 0 | { |
6478 | 0 | if ((node->flag & NODFLG_SELKEY)) |
6479 | 0 | node->flag &= ~NODFLG_SELKEY; |
6480 | 0 | else |
6481 | 0 | node->flag |= NODFLG_SELKEY; |
6482 | |
|
6483 | 0 | found_one = 1; |
6484 | 0 | } |
6485 | 0 | } |
6486 | |
|
6487 | 0 | if (found_one) |
6488 | 0 | return 1; |
6489 | | |
6490 | 0 | tty_printf (_("No subkey with key ID '%s'.\n"), p); |
6491 | 0 | return 0; |
6492 | 0 | } |
6493 | | |
6494 | 0 | if (idx == -1) /* Select all. */ |
6495 | 0 | { |
6496 | 0 | for (node = keyblock; node; node = node->next) |
6497 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY |
6498 | 0 | || node->pkt->pkttype == PKT_SECRET_SUBKEY) |
6499 | 0 | node->flag |= NODFLG_SELKEY; |
6500 | 0 | } |
6501 | 0 | else if (idx) /* Toggle selection. */ |
6502 | 0 | { |
6503 | 0 | for (i = 0, node = keyblock; node; node = node->next) |
6504 | 0 | { |
6505 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY |
6506 | 0 | || node->pkt->pkttype == PKT_SECRET_SUBKEY) |
6507 | 0 | if (++i == idx) |
6508 | 0 | break; |
6509 | 0 | } |
6510 | 0 | if (!node) |
6511 | 0 | { |
6512 | 0 | tty_printf (_("No subkey with index %d\n"), idx); |
6513 | 0 | return 0; |
6514 | 0 | } |
6515 | | |
6516 | 0 | for (i = 0, node = keyblock; node; node = node->next) |
6517 | 0 | { |
6518 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY |
6519 | 0 | || node->pkt->pkttype == PKT_SECRET_SUBKEY) |
6520 | 0 | if (++i == idx) |
6521 | 0 | { |
6522 | 0 | if ((node->flag & NODFLG_SELKEY)) |
6523 | 0 | node->flag &= ~NODFLG_SELKEY; |
6524 | 0 | else |
6525 | 0 | node->flag |= NODFLG_SELKEY; |
6526 | 0 | } |
6527 | 0 | } |
6528 | 0 | } |
6529 | 0 | else /* Unselect all. */ |
6530 | 0 | { |
6531 | 0 | for (node = keyblock; node; node = node->next) |
6532 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY |
6533 | 0 | || node->pkt->pkttype == PKT_SECRET_SUBKEY) |
6534 | 0 | node->flag &= ~NODFLG_SELKEY; |
6535 | 0 | } |
6536 | | |
6537 | 0 | return 1; |
6538 | 0 | } |
6539 | | |
6540 | | |
6541 | | static int |
6542 | | count_uids_with_flag (KBNODE keyblock, unsigned flag) |
6543 | 0 | { |
6544 | 0 | KBNODE node; |
6545 | 0 | int i = 0; |
6546 | |
|
6547 | 0 | for (node = keyblock; node; node = node->next) |
6548 | 0 | if (node->pkt->pkttype == PKT_USER_ID && (node->flag & flag)) |
6549 | 0 | i++; |
6550 | 0 | return i; |
6551 | 0 | } |
6552 | | |
6553 | | |
6554 | | static int |
6555 | | count_keys_with_flag (KBNODE keyblock, unsigned flag) |
6556 | 0 | { |
6557 | 0 | KBNODE node; |
6558 | 0 | int i = 0; |
6559 | |
|
6560 | 0 | for (node = keyblock; node; node = node->next) |
6561 | 0 | if ((node->pkt->pkttype == PKT_PUBLIC_SUBKEY |
6562 | 0 | || node->pkt->pkttype == PKT_SECRET_SUBKEY) && (node->flag & flag)) |
6563 | 0 | i++; |
6564 | 0 | return i; |
6565 | 0 | } |
6566 | | |
6567 | | |
6568 | | static int |
6569 | | count_uids (KBNODE keyblock) |
6570 | 0 | { |
6571 | 0 | KBNODE node; |
6572 | 0 | int i = 0; |
6573 | |
|
6574 | 0 | for (node = keyblock; node; node = node->next) |
6575 | 0 | if (node->pkt->pkttype == PKT_USER_ID) |
6576 | 0 | i++; |
6577 | 0 | return i; |
6578 | 0 | } |
6579 | | |
6580 | | |
6581 | | /* |
6582 | | * Returns true if there is at least one selected user id |
6583 | | */ |
6584 | | static int |
6585 | | count_selected_uids (KBNODE keyblock) |
6586 | 0 | { |
6587 | 0 | return count_uids_with_flag (keyblock, NODFLG_SELUID); |
6588 | 0 | } |
6589 | | |
6590 | | |
6591 | | static int |
6592 | | count_selected_keys (KBNODE keyblock) |
6593 | 0 | { |
6594 | 0 | return count_keys_with_flag (keyblock, NODFLG_SELKEY); |
6595 | 0 | } |
6596 | | |
6597 | | |
6598 | | /* Returns how many real (i.e. not attribute) uids are unmarked. */ |
6599 | | static int |
6600 | | real_uids_left (KBNODE keyblock) |
6601 | 0 | { |
6602 | 0 | KBNODE node; |
6603 | 0 | int real = 0; |
6604 | |
|
6605 | 0 | for (node = keyblock; node; node = node->next) |
6606 | 0 | if (node->pkt->pkttype == PKT_USER_ID && !(node->flag & NODFLG_SELUID) && |
6607 | 0 | !node->pkt->pkt.user_id->attrib_data) |
6608 | 0 | real++; |
6609 | |
|
6610 | 0 | return real; |
6611 | 0 | } |
6612 | | |
6613 | | |
6614 | | /* |
6615 | | * Ask whether the signature should be revoked. If the user commits this, |
6616 | | * flag bit MARK_A is set on the signature and the user ID. |
6617 | | */ |
6618 | | static void |
6619 | | ask_revoke_sig (ctrl_t ctrl, kbnode_t keyblock, kbnode_t node) |
6620 | 0 | { |
6621 | 0 | int doit = 0; |
6622 | 0 | PKT_user_id *uid; |
6623 | 0 | PKT_signature *sig = node->pkt->pkt.signature; |
6624 | 0 | KBNODE unode = find_prev_kbnode (keyblock, node, PKT_USER_ID); |
6625 | |
|
6626 | 0 | if (!unode) |
6627 | 0 | { |
6628 | 0 | log_error ("Oops: no user ID for signature\n"); |
6629 | 0 | return; |
6630 | 0 | } |
6631 | | |
6632 | 0 | uid = unode->pkt->pkt.user_id; |
6633 | |
|
6634 | 0 | if (opt.with_colons) |
6635 | 0 | { |
6636 | 0 | if (uid->attrib_data) |
6637 | 0 | printf ("uat:::::::::%u %lu", uid->numattribs, uid->attrib_len); |
6638 | 0 | else |
6639 | 0 | { |
6640 | 0 | es_printf ("uid:::::::::"); |
6641 | 0 | es_write_sanitized (es_stdout, uid->name, uid->len, ":", NULL); |
6642 | 0 | } |
6643 | |
|
6644 | 0 | es_printf ("\n"); |
6645 | |
|
6646 | 0 | print_and_check_one_sig_colon (ctrl, keyblock, node, |
6647 | 0 | NULL, NULL, NULL, NULL, 1); |
6648 | 0 | } |
6649 | 0 | else |
6650 | 0 | { |
6651 | 0 | char *p = utf8_to_native (unode->pkt->pkt.user_id->name, |
6652 | 0 | unode->pkt->pkt.user_id->len, 0); |
6653 | 0 | tty_printf (_("user ID: \"%s\"\n"), p); |
6654 | 0 | xfree (p); |
6655 | |
|
6656 | 0 | tty_printf (_("signed by your key %s on %s%s%s\n"), |
6657 | 0 | keystr (sig->keyid), datestr_from_sig (sig), |
6658 | 0 | sig->flags.exportable ? "" : _(" (non-exportable)"), ""); |
6659 | 0 | } |
6660 | 0 | if (sig->flags.expired) |
6661 | 0 | { |
6662 | 0 | tty_printf (_("This signature expired on %s.\n"), |
6663 | 0 | expirestr_from_sig (sig)); |
6664 | | /* Use a different question so we can have different help text */ |
6665 | 0 | doit = cpr_get_answer_is_yes |
6666 | 0 | ("ask_revoke_sig.expired", |
6667 | 0 | _("Are you sure you still want to revoke it? (y/N) ")); |
6668 | 0 | } |
6669 | 0 | else |
6670 | 0 | doit = cpr_get_answer_is_yes |
6671 | 0 | ("ask_revoke_sig.one", |
6672 | 0 | _("Create a revocation certificate for this signature? (y/N) ")); |
6673 | |
|
6674 | 0 | if (doit) |
6675 | 0 | { |
6676 | 0 | node->flag |= NODFLG_MARK_A; |
6677 | 0 | unode->flag |= NODFLG_MARK_A; |
6678 | 0 | } |
6679 | 0 | } |
6680 | | |
6681 | | |
6682 | | /* |
6683 | | * Display all user ids of the current public key together with signatures |
6684 | | * done by one of our keys. Then walk over all this sigs and ask the user |
6685 | | * whether he wants to revoke this signature. |
6686 | | * Return: True when the keyblock has changed. |
6687 | | */ |
6688 | | static int |
6689 | | menu_revsig (ctrl_t ctrl, kbnode_t keyblock) |
6690 | 0 | { |
6691 | 0 | PKT_signature *sig; |
6692 | 0 | PKT_public_key *primary_pk; |
6693 | 0 | KBNODE node; |
6694 | 0 | int changed = 0; |
6695 | 0 | int rc, any, skip = 1, all = !count_selected_uids (keyblock); |
6696 | 0 | struct revocation_reason_info *reason = NULL; |
6697 | |
|
6698 | 0 | log_assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY); |
6699 | | |
6700 | | /* First check whether we have any signatures at all. */ |
6701 | 0 | any = 0; |
6702 | 0 | for (node = keyblock; node; node = node->next) |
6703 | 0 | { |
6704 | 0 | node->flag &= ~(NODFLG_SELSIG | NODFLG_MARK_A); |
6705 | 0 | if (node->pkt->pkttype == PKT_USER_ID) |
6706 | 0 | { |
6707 | 0 | if (node->flag & NODFLG_SELUID || all) |
6708 | 0 | skip = 0; |
6709 | 0 | else |
6710 | 0 | skip = 1; |
6711 | 0 | } |
6712 | 0 | else if (!skip && node->pkt->pkttype == PKT_SIGNATURE |
6713 | 0 | && ((sig = node->pkt->pkt.signature), |
6714 | 0 | have_secret_key_with_kid (ctrl, sig->keyid))) |
6715 | 0 | { |
6716 | 0 | if ((sig->sig_class & ~3) == 0x10) |
6717 | 0 | { |
6718 | 0 | any = 1; |
6719 | 0 | break; |
6720 | 0 | } |
6721 | 0 | } |
6722 | 0 | } |
6723 | |
|
6724 | 0 | if (!any) |
6725 | 0 | { |
6726 | 0 | tty_printf (_("Not signed by you.\n")); |
6727 | 0 | return 0; |
6728 | 0 | } |
6729 | | |
6730 | | |
6731 | | /* FIXME: detect duplicates here */ |
6732 | 0 | tty_printf (_("You have signed these user IDs on key %s:\n"), |
6733 | 0 | keystr_from_pk (keyblock->pkt->pkt.public_key)); |
6734 | 0 | for (node = keyblock; node; node = node->next) |
6735 | 0 | { |
6736 | 0 | node->flag &= ~(NODFLG_SELSIG | NODFLG_MARK_A); |
6737 | 0 | if (node->pkt->pkttype == PKT_USER_ID) |
6738 | 0 | { |
6739 | 0 | if (node->flag & NODFLG_SELUID || all) |
6740 | 0 | { |
6741 | 0 | PKT_user_id *uid = node->pkt->pkt.user_id; |
6742 | | /* Hmmm: Should we show only UIDs with a signature? */ |
6743 | 0 | tty_printf (" "); |
6744 | 0 | tty_print_utf8_string (uid->name, uid->len); |
6745 | 0 | tty_printf ("\n"); |
6746 | 0 | skip = 0; |
6747 | 0 | } |
6748 | 0 | else |
6749 | 0 | skip = 1; |
6750 | 0 | } |
6751 | 0 | else if (!skip && node->pkt->pkttype == PKT_SIGNATURE |
6752 | 0 | && ((sig = node->pkt->pkt.signature), |
6753 | 0 | have_secret_key_with_kid (ctrl, sig->keyid))) |
6754 | 0 | { |
6755 | 0 | if ((sig->sig_class & ~3) == 0x10) |
6756 | 0 | { |
6757 | 0 | tty_printf (" "); |
6758 | 0 | tty_printf (_("signed by your key %s on %s%s%s\n"), |
6759 | 0 | keystr (sig->keyid), datestr_from_sig (sig), |
6760 | 0 | sig->flags.exportable ? "" : _(" (non-exportable)"), |
6761 | 0 | sig->flags.revocable ? "" : _(" (non-revocable)")); |
6762 | 0 | if (sig->flags.revocable) |
6763 | 0 | node->flag |= NODFLG_SELSIG; |
6764 | 0 | } |
6765 | 0 | else if (sig->sig_class == 0x30) |
6766 | 0 | { |
6767 | 0 | tty_printf (" "); |
6768 | 0 | tty_printf (_("revoked by your key %s on %s\n"), |
6769 | 0 | keystr (sig->keyid), datestr_from_sig (sig)); |
6770 | 0 | } |
6771 | 0 | } |
6772 | 0 | } |
6773 | |
|
6774 | 0 | tty_printf ("\n"); |
6775 | | |
6776 | | /* ask */ |
6777 | 0 | for (node = keyblock; node; node = node->next) |
6778 | 0 | { |
6779 | 0 | if (!(node->flag & NODFLG_SELSIG)) |
6780 | 0 | continue; |
6781 | 0 | ask_revoke_sig (ctrl, keyblock, node); |
6782 | 0 | } |
6783 | | |
6784 | | /* present selected */ |
6785 | 0 | any = 0; |
6786 | 0 | for (node = keyblock; node; node = node->next) |
6787 | 0 | { |
6788 | 0 | if (!(node->flag & NODFLG_MARK_A)) |
6789 | 0 | continue; |
6790 | 0 | if (!any) |
6791 | 0 | { |
6792 | 0 | any = 1; |
6793 | 0 | tty_printf (_("You are about to revoke these signatures:\n")); |
6794 | 0 | } |
6795 | 0 | if (node->pkt->pkttype == PKT_USER_ID) |
6796 | 0 | { |
6797 | 0 | PKT_user_id *uid = node->pkt->pkt.user_id; |
6798 | 0 | tty_printf (" "); |
6799 | 0 | tty_print_utf8_string (uid->name, uid->len); |
6800 | 0 | tty_printf ("\n"); |
6801 | 0 | } |
6802 | 0 | else if (node->pkt->pkttype == PKT_SIGNATURE) |
6803 | 0 | { |
6804 | 0 | sig = node->pkt->pkt.signature; |
6805 | 0 | tty_printf (" "); |
6806 | 0 | tty_printf (_("signed by your key %s on %s%s%s\n"), |
6807 | 0 | keystr (sig->keyid), datestr_from_sig (sig), "", |
6808 | 0 | sig->flags.exportable ? "" : _(" (non-exportable)")); |
6809 | 0 | } |
6810 | 0 | } |
6811 | 0 | if (!any) |
6812 | 0 | return 0; /* none selected */ |
6813 | | |
6814 | 0 | if (!cpr_get_answer_is_yes |
6815 | 0 | ("ask_revoke_sig.okay", |
6816 | 0 | _("Really create the revocation certificates? (y/N) "))) |
6817 | 0 | return 0; /* forget it */ |
6818 | | |
6819 | 0 | reason = ask_revocation_reason (0, 1, 0); |
6820 | 0 | if (!reason) |
6821 | 0 | { /* user decided to cancel */ |
6822 | 0 | return 0; |
6823 | 0 | } |
6824 | | |
6825 | | /* now we can sign the user ids */ |
6826 | 0 | reloop: /* (must use this, because we are modifying the list) */ |
6827 | 0 | primary_pk = keyblock->pkt->pkt.public_key; |
6828 | 0 | for (node = keyblock; node; node = node->next) |
6829 | 0 | { |
6830 | 0 | KBNODE unode; |
6831 | 0 | PACKET *pkt; |
6832 | 0 | struct sign_attrib attrib; |
6833 | 0 | PKT_public_key *signerkey; |
6834 | |
|
6835 | 0 | if (!(node->flag & NODFLG_MARK_A) |
6836 | 0 | || node->pkt->pkttype != PKT_SIGNATURE) |
6837 | 0 | continue; |
6838 | 0 | unode = find_prev_kbnode (keyblock, node, PKT_USER_ID); |
6839 | 0 | log_assert (unode); /* we already checked this */ |
6840 | | |
6841 | 0 | memset (&attrib, 0, sizeof attrib); |
6842 | 0 | attrib.reason = reason; |
6843 | 0 | attrib.non_exportable = !node->pkt->pkt.signature->flags.exportable; |
6844 | |
|
6845 | 0 | node->flag &= ~NODFLG_MARK_A; |
6846 | 0 | signerkey = xmalloc_secure_clear (sizeof *signerkey); |
6847 | 0 | if (get_seckey (ctrl, signerkey, node->pkt->pkt.signature->keyid)) |
6848 | 0 | { |
6849 | 0 | log_info (_("no secret key\n")); |
6850 | 0 | free_public_key (signerkey); |
6851 | 0 | continue; |
6852 | 0 | } |
6853 | 0 | rc = make_keysig_packet (ctrl, &sig, primary_pk, |
6854 | 0 | unode->pkt->pkt.user_id, |
6855 | 0 | NULL, signerkey, 0x30, 0, 0, |
6856 | 0 | sign_mk_attrib, &attrib, NULL); |
6857 | 0 | free_public_key (signerkey); |
6858 | 0 | if (rc) |
6859 | 0 | { |
6860 | 0 | write_status_error ("keysig", rc); |
6861 | 0 | log_error (_("signing failed: %s\n"), gpg_strerror (rc)); |
6862 | 0 | release_revocation_reason_info (reason); |
6863 | 0 | return changed; |
6864 | 0 | } |
6865 | 0 | changed = 1; /* we changed the keyblock */ |
6866 | 0 | update_trust = 1; |
6867 | | /* Are we revoking our own uid? */ |
6868 | 0 | if (primary_pk->keyid[0] == sig->keyid[0] && |
6869 | 0 | primary_pk->keyid[1] == sig->keyid[1]) |
6870 | 0 | unode->pkt->pkt.user_id->flags.revoked = 1; |
6871 | 0 | pkt = xmalloc_clear (sizeof *pkt); |
6872 | 0 | pkt->pkttype = PKT_SIGNATURE; |
6873 | 0 | pkt->pkt.signature = sig; |
6874 | 0 | insert_kbnode (unode, new_kbnode (pkt), 0); |
6875 | 0 | goto reloop; |
6876 | 0 | } |
6877 | | |
6878 | 0 | release_revocation_reason_info (reason); |
6879 | 0 | return changed; |
6880 | 0 | } |
6881 | | |
6882 | | |
6883 | | /* return 0 if revocation of NODE (which must be a User ID) was |
6884 | | successful, non-zero if there was an error. *modified will be set |
6885 | | to 1 if a change was made. */ |
6886 | | static int |
6887 | | core_revuid (ctrl_t ctrl, kbnode_t keyblock, KBNODE node, |
6888 | | const struct revocation_reason_info *reason, int *modified) |
6889 | 0 | { |
6890 | 0 | PKT_public_key *pk = keyblock->pkt->pkt.public_key; |
6891 | 0 | gpg_error_t rc; |
6892 | |
|
6893 | 0 | if (node->pkt->pkttype != PKT_USER_ID) |
6894 | 0 | { |
6895 | 0 | rc = gpg_error (GPG_ERR_NO_USER_ID); |
6896 | 0 | write_status_error ("keysig", rc); |
6897 | 0 | log_error (_("tried to revoke a non-user ID: %s\n"), gpg_strerror (rc)); |
6898 | 0 | return 1; |
6899 | 0 | } |
6900 | 0 | else |
6901 | 0 | { |
6902 | 0 | PKT_user_id *uid = node->pkt->pkt.user_id; |
6903 | |
|
6904 | 0 | if (uid->flags.revoked) |
6905 | 0 | { |
6906 | 0 | char *user = utf8_to_native (uid->name, uid->len, 0); |
6907 | 0 | log_info (_("user ID \"%s\" is already revoked\n"), user); |
6908 | 0 | xfree (user); |
6909 | 0 | } |
6910 | 0 | else |
6911 | 0 | { |
6912 | 0 | PACKET *pkt; |
6913 | 0 | PKT_signature *sig; |
6914 | 0 | struct sign_attrib attrib; |
6915 | 0 | u32 timestamp = make_timestamp (); |
6916 | |
|
6917 | 0 | if (uid->created >= timestamp) |
6918 | 0 | { |
6919 | | /* Okay, this is a problem. The user ID selfsig was |
6920 | | created in the future, so we need to warn the user and |
6921 | | set our revocation timestamp one second after that so |
6922 | | everything comes out clean. */ |
6923 | |
|
6924 | 0 | log_info (_("WARNING: a user ID signature is dated %d" |
6925 | 0 | " seconds in the future\n"), |
6926 | 0 | uid->created - timestamp); |
6927 | |
|
6928 | 0 | timestamp = uid->created + 1; |
6929 | 0 | } |
6930 | |
|
6931 | 0 | memset (&attrib, 0, sizeof attrib); |
6932 | | /* should not need to cast away const here; but |
6933 | | revocation_reason_build_cb needs to take a non-const |
6934 | | void* in order to meet the function signature for the |
6935 | | mksubpkt argument to make_keysig_packet */ |
6936 | 0 | attrib.reason = (struct revocation_reason_info *)reason; |
6937 | |
|
6938 | 0 | rc = make_keysig_packet (ctrl, &sig, pk, uid, NULL, pk, 0x30, |
6939 | 0 | timestamp, 0, |
6940 | 0 | sign_mk_attrib, &attrib, NULL); |
6941 | 0 | if (rc) |
6942 | 0 | { |
6943 | 0 | write_status_error ("keysig", rc); |
6944 | 0 | log_error (_("signing failed: %s\n"), gpg_strerror (rc)); |
6945 | 0 | return 1; |
6946 | 0 | } |
6947 | 0 | else |
6948 | 0 | { |
6949 | 0 | pkt = xmalloc_clear (sizeof *pkt); |
6950 | 0 | pkt->pkttype = PKT_SIGNATURE; |
6951 | 0 | pkt->pkt.signature = sig; |
6952 | 0 | insert_kbnode (node, new_kbnode (pkt), 0); |
6953 | |
|
6954 | 0 | #ifndef NO_TRUST_MODELS |
6955 | | /* If the trustdb has an entry for this key+uid then the |
6956 | | trustdb needs an update. */ |
6957 | 0 | if (!update_trust |
6958 | 0 | && ((get_validity (ctrl, keyblock, pk, uid, NULL, 0) |
6959 | 0 | & TRUST_MASK) |
6960 | 0 | >= TRUST_UNDEFINED)) |
6961 | 0 | update_trust = 1; |
6962 | 0 | #endif /*!NO_TRUST_MODELS*/ |
6963 | |
|
6964 | 0 | node->pkt->pkt.user_id->flags.revoked = 1; |
6965 | 0 | if (modified) |
6966 | 0 | *modified = 1; |
6967 | 0 | } |
6968 | 0 | } |
6969 | 0 | return 0; |
6970 | 0 | } |
6971 | 0 | } |
6972 | | |
6973 | | /* Revoke a user ID (i.e. revoke a user ID selfsig). Return true if |
6974 | | keyblock changed. */ |
6975 | | static int |
6976 | | menu_revuid (ctrl_t ctrl, kbnode_t pub_keyblock) |
6977 | 0 | { |
6978 | 0 | PKT_public_key *pk = pub_keyblock->pkt->pkt.public_key; |
6979 | 0 | KBNODE node; |
6980 | 0 | int changed = 0; |
6981 | 0 | int rc; |
6982 | 0 | struct revocation_reason_info *reason = NULL; |
6983 | 0 | size_t valid_uids; |
6984 | | |
6985 | | /* Note that this is correct as per the RFCs, but nevertheless |
6986 | | somewhat meaningless in the real world. 1991 did define the 0x30 |
6987 | | sig class, but PGP 2.x did not actually implement it, so it would |
6988 | | probably be safe to use v4 revocations everywhere. -ds */ |
6989 | |
|
6990 | 0 | for (node = pub_keyblock; node; node = node->next) |
6991 | 0 | if (pk->version > 3 || (node->pkt->pkttype == PKT_USER_ID && |
6992 | 0 | node->pkt->pkt.user_id->selfsigversion > 3)) |
6993 | 0 | { |
6994 | 0 | if ((reason = ask_revocation_reason (0, 1, 4))) |
6995 | 0 | break; |
6996 | 0 | else |
6997 | 0 | goto leave; |
6998 | 0 | } |
6999 | | |
7000 | | /* Too make sure that we do not revoke the last valid UID, we first |
7001 | | count how many valid UIDs there are. */ |
7002 | 0 | valid_uids = 0; |
7003 | 0 | for (node = pub_keyblock; node; node = node->next) |
7004 | 0 | valid_uids += |
7005 | 0 | node->pkt->pkttype == PKT_USER_ID |
7006 | 0 | && ! node->pkt->pkt.user_id->flags.revoked |
7007 | 0 | && ! node->pkt->pkt.user_id->flags.expired; |
7008 | |
|
7009 | 0 | reloop: /* (better this way because we are modifying the keyring) */ |
7010 | 0 | for (node = pub_keyblock; node; node = node->next) |
7011 | 0 | if (node->pkt->pkttype == PKT_USER_ID && (node->flag & NODFLG_SELUID)) |
7012 | 0 | { |
7013 | 0 | int modified = 0; |
7014 | | |
7015 | | /* Make sure that we do not revoke the last valid UID. */ |
7016 | 0 | if (valid_uids == 1 |
7017 | 0 | && ! node->pkt->pkt.user_id->flags.revoked |
7018 | 0 | && ! node->pkt->pkt.user_id->flags.expired) |
7019 | 0 | { |
7020 | 0 | log_error (_("Cannot revoke the last valid user ID.\n")); |
7021 | 0 | goto leave; |
7022 | 0 | } |
7023 | | |
7024 | 0 | rc = core_revuid (ctrl, pub_keyblock, node, reason, &modified); |
7025 | 0 | if (rc) |
7026 | 0 | goto leave; |
7027 | 0 | if (modified) |
7028 | 0 | { |
7029 | 0 | node->flag &= ~NODFLG_SELUID; |
7030 | 0 | changed = 1; |
7031 | 0 | goto reloop; |
7032 | 0 | } |
7033 | 0 | } |
7034 | | |
7035 | 0 | if (changed) |
7036 | 0 | commit_kbnode (&pub_keyblock); |
7037 | |
|
7038 | 0 | leave: |
7039 | 0 | release_revocation_reason_info (reason); |
7040 | 0 | return changed; |
7041 | 0 | } |
7042 | | |
7043 | | |
7044 | | /* |
7045 | | * Revoke the whole key. |
7046 | | */ |
7047 | | static int |
7048 | | menu_revkey (ctrl_t ctrl, kbnode_t pub_keyblock) |
7049 | 0 | { |
7050 | 0 | PKT_public_key *pk = pub_keyblock->pkt->pkt.public_key; |
7051 | 0 | int rc, changed = 0; |
7052 | 0 | struct revocation_reason_info *reason; |
7053 | 0 | PACKET *pkt; |
7054 | 0 | PKT_signature *sig; |
7055 | |
|
7056 | 0 | if (pk->flags.revoked) |
7057 | 0 | { |
7058 | 0 | tty_printf (_("Key %s is already revoked.\n"), keystr_from_pk (pk)); |
7059 | 0 | return 0; |
7060 | 0 | } |
7061 | | |
7062 | 0 | reason = ask_revocation_reason (1, 0, 0); |
7063 | | /* user decided to cancel */ |
7064 | 0 | if (!reason) |
7065 | 0 | return 0; |
7066 | | |
7067 | 0 | rc = make_keysig_packet (ctrl, &sig, pk, NULL, NULL, pk, |
7068 | 0 | 0x20, 0, 0, |
7069 | 0 | revocation_reason_build_cb, reason, NULL); |
7070 | 0 | if (rc) |
7071 | 0 | { |
7072 | 0 | write_status_error ("keysig", rc); |
7073 | 0 | log_error (_("signing failed: %s\n"), gpg_strerror (rc)); |
7074 | 0 | goto scram; |
7075 | 0 | } |
7076 | | |
7077 | 0 | changed = 1; /* we changed the keyblock */ |
7078 | |
|
7079 | 0 | pkt = xmalloc_clear (sizeof *pkt); |
7080 | 0 | pkt->pkttype = PKT_SIGNATURE; |
7081 | 0 | pkt->pkt.signature = sig; |
7082 | 0 | insert_kbnode (pub_keyblock, new_kbnode (pkt), 0); |
7083 | 0 | commit_kbnode (&pub_keyblock); |
7084 | |
|
7085 | 0 | update_trust = 1; |
7086 | |
|
7087 | 0 | scram: |
7088 | 0 | release_revocation_reason_info (reason); |
7089 | 0 | return changed; |
7090 | 0 | } |
7091 | | |
7092 | | |
7093 | | static int |
7094 | | menu_revsubkey (ctrl_t ctrl, kbnode_t pub_keyblock) |
7095 | 0 | { |
7096 | 0 | PKT_public_key *mainpk; |
7097 | 0 | KBNODE node; |
7098 | 0 | int changed = 0; |
7099 | 0 | int rc; |
7100 | 0 | struct revocation_reason_info *reason = NULL; |
7101 | |
|
7102 | 0 | reason = ask_revocation_reason (1, 0, 0); |
7103 | 0 | if (!reason) |
7104 | 0 | return 0; /* User decided to cancel. */ |
7105 | | |
7106 | 0 | reloop: /* (better this way because we are modifying the keyring) */ |
7107 | 0 | mainpk = pub_keyblock->pkt->pkt.public_key; |
7108 | 0 | for (node = pub_keyblock; node; node = node->next) |
7109 | 0 | { |
7110 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY |
7111 | 0 | && (node->flag & NODFLG_SELKEY)) |
7112 | 0 | { |
7113 | 0 | PACKET *pkt; |
7114 | 0 | PKT_signature *sig; |
7115 | 0 | PKT_public_key *subpk = node->pkt->pkt.public_key; |
7116 | 0 | struct sign_attrib attrib; |
7117 | |
|
7118 | 0 | if (subpk->flags.revoked) |
7119 | 0 | { |
7120 | 0 | tty_printf (_("Subkey %s is already revoked.\n"), |
7121 | 0 | keystr_from_pk (subpk)); |
7122 | 0 | continue; |
7123 | 0 | } |
7124 | | |
7125 | 0 | memset (&attrib, 0, sizeof attrib); |
7126 | 0 | attrib.reason = reason; |
7127 | |
|
7128 | 0 | node->flag &= ~NODFLG_SELKEY; |
7129 | 0 | rc = make_keysig_packet (ctrl, &sig, mainpk, NULL, subpk, mainpk, |
7130 | 0 | 0x28, 0, 0, sign_mk_attrib, &attrib, |
7131 | 0 | NULL); |
7132 | 0 | if (rc) |
7133 | 0 | { |
7134 | 0 | write_status_error ("keysig", rc); |
7135 | 0 | log_error (_("signing failed: %s\n"), gpg_strerror (rc)); |
7136 | 0 | release_revocation_reason_info (reason); |
7137 | 0 | return changed; |
7138 | 0 | } |
7139 | 0 | changed = 1; /* we changed the keyblock */ |
7140 | |
|
7141 | 0 | pkt = xmalloc_clear (sizeof *pkt); |
7142 | 0 | pkt->pkttype = PKT_SIGNATURE; |
7143 | 0 | pkt->pkt.signature = sig; |
7144 | 0 | insert_kbnode (node, new_kbnode (pkt), 0); |
7145 | 0 | goto reloop; |
7146 | 0 | } |
7147 | 0 | } |
7148 | 0 | commit_kbnode (&pub_keyblock); |
7149 | | |
7150 | | /* No need to set update_trust here since signing keys no longer |
7151 | | are used to certify other keys, so there is no change in trust |
7152 | | when revoking/removing them */ |
7153 | |
|
7154 | 0 | release_revocation_reason_info (reason); |
7155 | 0 | return changed; |
7156 | 0 | } |
7157 | | |
7158 | | |
7159 | | /* Note that update_ownertrust is going to mark the trustdb dirty when |
7160 | | enabling or disabling a key. This is arguably sub-optimal as |
7161 | | disabled keys are still counted in the web of trust, but perhaps |
7162 | | not worth adding extra complexity to change. -ds */ |
7163 | | #ifndef NO_TRUST_MODELS |
7164 | | static int |
7165 | | enable_disable_key (ctrl_t ctrl, kbnode_t keyblock, int disable) |
7166 | 0 | { |
7167 | 0 | PKT_public_key *pk = |
7168 | 0 | find_kbnode (keyblock, PKT_PUBLIC_KEY)->pkt->pkt.public_key; |
7169 | 0 | unsigned int trust, newtrust; |
7170 | |
|
7171 | 0 | trust = newtrust = get_ownertrust (ctrl, pk); |
7172 | 0 | newtrust &= ~TRUST_FLAG_DISABLED; |
7173 | 0 | if (disable) |
7174 | 0 | newtrust |= TRUST_FLAG_DISABLED; |
7175 | 0 | if (trust == newtrust) |
7176 | 0 | return 0; /* already in that state */ |
7177 | 0 | update_ownertrust (ctrl, pk, newtrust); |
7178 | 0 | return 0; |
7179 | 0 | } |
7180 | | #endif /*!NO_TRUST_MODELS*/ |
7181 | | |
7182 | | |
7183 | | static void |
7184 | | menu_showphoto (ctrl_t ctrl, kbnode_t keyblock) |
7185 | 0 | { |
7186 | 0 | KBNODE node; |
7187 | 0 | int select_all = !count_selected_uids (keyblock); |
7188 | 0 | int count = 0; |
7189 | 0 | PKT_public_key *pk = NULL; |
7190 | | |
7191 | | /* Look for the public key first. We have to be really, really, |
7192 | | explicit as to which photo this is, and what key it is a UID on |
7193 | | since people may want to sign it. */ |
7194 | |
|
7195 | 0 | for (node = keyblock; node; node = node->next) |
7196 | 0 | { |
7197 | 0 | if (node->pkt->pkttype == PKT_PUBLIC_KEY) |
7198 | 0 | pk = node->pkt->pkt.public_key; |
7199 | 0 | else if (node->pkt->pkttype == PKT_USER_ID) |
7200 | 0 | { |
7201 | 0 | PKT_user_id *uid = node->pkt->pkt.user_id; |
7202 | 0 | count++; |
7203 | |
|
7204 | 0 | if ((select_all || (node->flag & NODFLG_SELUID)) && |
7205 | 0 | uid->attribs != NULL) |
7206 | 0 | { |
7207 | 0 | int i; |
7208 | |
|
7209 | 0 | for (i = 0; i < uid->numattribs; i++) |
7210 | 0 | { |
7211 | 0 | byte type; |
7212 | 0 | u32 size; |
7213 | |
|
7214 | 0 | if (uid->attribs[i].type == ATTRIB_IMAGE && |
7215 | 0 | parse_image_header (&uid->attribs[i], &type, &size)) |
7216 | 0 | { |
7217 | 0 | tty_printf (_("Displaying %s photo ID of size %ld for " |
7218 | 0 | "key %s (uid %d)\n"), |
7219 | 0 | image_type_to_string (type, 1), |
7220 | 0 | (ulong) size, keystr_from_pk (pk), count); |
7221 | 0 | show_photos (ctrl, &uid->attribs[i], 1, pk, uid); |
7222 | 0 | } |
7223 | 0 | } |
7224 | 0 | } |
7225 | 0 | } |
7226 | 0 | } |
7227 | 0 | } |