Coverage Report

Created: 2026-07-16 06:13

next uncovered line (L), next uncovered region (R), next uncovered branch (B)
/src/gnupg/g10/keyedit.c
Line
Count
Source
1
/* keyedit.c - Edit properties of a key
2
 * Copyright (C) 1998-2010 Free Software Foundation, Inc.
3
 * Copyright (C) 1998-2017 Werner Koch
4
 * Copyright (C) 2015, 2016, 2022-2023 g10 Code GmbH
5
 *
6
 * This file is part of GnuPG.
7
 *
8
 * GnuPG is free software; you can redistribute it and/or modify
9
 * it under the terms of the GNU General Public License as published by
10
 * the Free Software Foundation; either version 3 of the License, or
11
 * (at your option) any later version.
12
 *
13
 * GnuPG is distributed in the hope that it will be useful,
14
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16
 * GNU General Public License for more details.
17
 *
18
 * You should have received a copy of the GNU General Public License
19
 * along with this program; if not, see <https://www.gnu.org/licenses/>.
20
 */
21
22
#include <config.h>
23
#include <stdio.h>
24
#include <stdlib.h>
25
#include <string.h>
26
#include <errno.h>
27
#include <ctype.h>
28
#ifdef HAVE_LIBREADLINE
29
# define GNUPG_LIBREADLINE_H_INCLUDED
30
# include <readline/readline.h>
31
#endif
32
33
#include "gpg.h"
34
#include "options.h"
35
#include "packet.h"
36
#include "../common/status.h"
37
#include "../common/iobuf.h"
38
#include "keydb.h"
39
#include "photoid.h"
40
#include "../common/util.h"
41
#include "main.h"
42
#include "trustdb.h"
43
#include "filter.h"
44
#include "../common/ttyio.h"
45
#include "../common/status.h"
46
#include "../common/i18n.h"
47
#include "../common/mbox-util.h"
48
#include "keyserver-internal.h"
49
#include "call-agent.h"
50
#include "../common/host2net.h"
51
#include "tofu.h"
52
#include "key-check.h"
53
#include "key-clean.h"
54
#include "keyedit.h"
55
56
static void maybe_upload_key (ctrl_t ctrl, kbnode_t keyblock);
57
static void show_prefs (PKT_user_id * uid, PKT_signature * selfsig,
58
      int verbose);
59
static void show_names (ctrl_t ctrl, estream_t fp,
60
                        kbnode_t keyblock, PKT_public_key * pk,
61
      unsigned int flag, int with_prefs);
62
static void show_key_with_all_names (ctrl_t ctrl, estream_t fp,
63
                                     KBNODE keyblock, int only_marked,
64
             int with_revoker, int with_fpr,
65
             int with_subkeys, int with_prefs,
66
                                     int nowarn);
67
static void show_key_and_fingerprint (ctrl_t ctrl,
68
                                      kbnode_t keyblock, int with_subkeys);
69
static void show_key_and_grip (kbnode_t keyblock);
70
static void subkey_expire_warning (kbnode_t keyblock);
71
static int menu_adduid (ctrl_t ctrl, kbnode_t keyblock,
72
                        int photo, const char *photo_name, const char *uidstr);
73
static void menu_deluid (KBNODE pub_keyblock);
74
static int menu_delsig (ctrl_t ctrl, kbnode_t pub_keyblock);
75
static int menu_clean (ctrl_t ctrl, kbnode_t keyblock, unsigned int options);
76
static void menu_delkey (KBNODE pub_keyblock);
77
static int menu_addrevoker (ctrl_t ctrl, kbnode_t pub_keyblock, int sensitive);
78
static int menu_addadsk (ctrl_t ctrl, kbnode_t pub_keyblock,
79
                         const char *adskfpr);
80
static gpg_error_t menu_expire (ctrl_t ctrl, kbnode_t pub_keyblock,
81
                                int unattended, u32 newexpiration);
82
static int menu_changeusage (ctrl_t ctrl, kbnode_t keyblock);
83
static int menu_backsign (ctrl_t ctrl, kbnode_t pub_keyblock);
84
static int menu_set_primary_uid (ctrl_t ctrl, kbnode_t pub_keyblock);
85
static int menu_set_preferences (ctrl_t ctrl, kbnode_t pub_keyblock,
86
                                 int unattended);
87
static int menu_set_keyserver_url (ctrl_t ctrl,
88
                                   const char *url, kbnode_t pub_keyblock);
89
static int menu_set_notation (ctrl_t ctrl,
90
                              const char *string, kbnode_t pub_keyblock);
91
static int menu_select_uid (KBNODE keyblock, int idx);
92
static int menu_select_uid_namehash (KBNODE keyblock, const char *namehash);
93
static int menu_select_key (KBNODE keyblock, int idx, char *p);
94
static int count_uids (KBNODE keyblock);
95
static int count_uids_with_flag (KBNODE keyblock, unsigned flag);
96
static int count_keys_with_flag (KBNODE keyblock, unsigned flag);
97
static int count_selected_uids (KBNODE keyblock);
98
static int real_uids_left (KBNODE keyblock);
99
static int count_selected_keys (KBNODE keyblock);
100
static int menu_revsig (ctrl_t ctrl, kbnode_t keyblock);
101
static int menu_revuid (ctrl_t ctrl, kbnode_t keyblock);
102
static int core_revuid (ctrl_t ctrl, kbnode_t keyblock, KBNODE node,
103
                        const struct revocation_reason_info *reason,
104
                        int *modified);
105
static int menu_revkey (ctrl_t ctrl, kbnode_t pub_keyblock);
106
static int menu_revsubkey (ctrl_t ctrl, kbnode_t pub_keyblock);
107
#ifndef NO_TRUST_MODELS
108
static int enable_disable_key (ctrl_t ctrl, kbnode_t keyblock, int disable);
109
#endif /*!NO_TRUST_MODELS*/
110
static void menu_showphoto (ctrl_t ctrl, kbnode_t keyblock);
111
112
static int update_trust = 0;
113
114
0
#define CONTROL_D ('D' - 'A' + 1)
115
116
/* Flags values used by sign_uids().  */
117
0
#define SIGN_UIDS_LOCAL         1  /* Create non-exportable sig.    */
118
0
#define SIGN_UIDS_NONREVOCABLE  2  /* Create non-revocable sig.     */
119
0
#define SIGN_UIDS_TRUSTSIG      4  /* Create trust signature.       */
120
0
#define SIGN_UIDS_INTERACTIVE   8  /* Change the way of prompting.  */
121
0
#define SIGN_UIDS_QUICK        16  /* Called by a --quick command.  */
122
123
struct sign_attrib
124
{
125
  int non_exportable, non_revocable;
126
  struct revocation_reason_info *reason;
127
  byte trust_depth, trust_value;
128
  char *trust_regexp;
129
};
130
131
132
133
/* TODO: Fix duplicated code between here and the check-sigs/list-sigs
134
   code in keylist.c. */
135
static int
136
print_and_check_one_sig_colon (ctrl_t ctrl, kbnode_t keyblock, kbnode_t node,
137
             int *inv_sigs, int *no_key, int *oth_err,
138
             int *is_selfsig, int print_without_key)
139
0
{
140
0
  PKT_signature *sig = node->pkt->pkt.signature;
141
0
  int rc, sigrc;
142
143
  /* TODO: Make sure a cached sig record here still has the pk that
144
     issued it.  See also keylist.c:list_keyblock_print */
145
146
0
  rc = check_key_signature (ctrl, keyblock, node, is_selfsig);
147
0
  switch (gpg_err_code (rc))
148
0
    {
149
0
    case 0:
150
0
      node->flag &= ~(NODFLG_BADSIG | NODFLG_NOKEY | NODFLG_SIGERR);
151
0
      sigrc = '!';
152
0
      break;
153
0
    case GPG_ERR_BAD_SIGNATURE:
154
0
      node->flag = NODFLG_BADSIG;
155
0
      sigrc = '-';
156
0
      if (inv_sigs)
157
0
  ++ * inv_sigs;
158
0
      break;
159
0
    case GPG_ERR_NO_PUBKEY:
160
0
    case GPG_ERR_UNUSABLE_PUBKEY:
161
0
      node->flag = NODFLG_NOKEY;
162
0
      sigrc = '?';
163
0
      if (no_key)
164
0
  ++ * no_key;
165
0
      break;
166
0
    default:
167
0
      node->flag = NODFLG_SIGERR;
168
0
      sigrc = '%';
169
0
      if (oth_err)
170
0
  ++ * oth_err;
171
0
      break;
172
0
    }
173
174
0
  if (sigrc != '?' || print_without_key)
175
0
    {
176
0
      es_printf ("sig:%c::%d:%08lX%08lX:%lu:%lu:",
177
0
                 sigrc, sig->pubkey_algo, (ulong) sig->keyid[0],
178
0
                 (ulong) sig->keyid[1], (ulong) sig->timestamp,
179
0
                 (ulong) sig->expiredate);
180
181
0
      if (sig->trust_depth || sig->trust_value)
182
0
  es_printf ("%d %d", sig->trust_depth, sig->trust_value);
183
184
0
      es_printf (":");
185
186
0
      if (sig->trust_regexp)
187
0
  es_write_sanitized (es_stdout,
188
0
          sig->trust_regexp, strlen (sig->trust_regexp),
189
0
          ":", NULL);
190
191
0
      es_printf ("::%02x%c\n", sig->sig_class,
192
0
                 sig->flags.exportable ? 'x' : 'l');
193
194
0
      if (opt.show_subpackets)
195
0
  print_subpackets_colon (sig);
196
0
    }
197
198
0
  return (sigrc == '!');
199
0
}
200
201
202
/*
203
 * Print information about a signature (rc is its status), check it
204
 * and return true if the signature is okay.  NODE must be a signature
205
 * packet.  With EXTENDED set all possible signature list options will
206
 * always be printed.
207
 */
208
int
209
keyedit_print_one_sig (ctrl_t ctrl, estream_t fp,
210
                       int rc, kbnode_t keyblock, kbnode_t node,
211
           int *inv_sigs, int *no_key, int *oth_err,
212
           int is_selfsig, int print_without_key, int extended)
213
0
{
214
0
  PKT_signature *sig = node->pkt->pkt.signature;
215
0
  int sigrc;
216
0
  int is_rev = sig->sig_class == 0x30;
217
218
  /* TODO: Make sure a cached sig record here still has the pk that
219
     issued it.  See also keylist.c:list_keyblock_print */
220
221
0
  switch (gpg_err_code (rc))
222
0
    {
223
0
    case 0:
224
0
      node->flag &= ~(NODFLG_BADSIG | NODFLG_NOKEY | NODFLG_SIGERR);
225
0
      sigrc = '!';
226
0
      break;
227
0
    case GPG_ERR_BAD_SIGNATURE:
228
0
      node->flag = NODFLG_BADSIG;
229
0
      sigrc = '-';
230
0
      if (inv_sigs)
231
0
  ++ * inv_sigs;
232
0
      break;
233
0
    case GPG_ERR_NO_PUBKEY:
234
0
    case GPG_ERR_UNUSABLE_PUBKEY:
235
0
      node->flag = NODFLG_NOKEY;
236
0
      sigrc = '?';
237
0
      if (no_key)
238
0
  ++ * no_key;
239
0
      break;
240
0
    default:
241
0
      node->flag = NODFLG_SIGERR;
242
0
      sigrc = '%';
243
0
      if (oth_err)
244
0
  ++ * oth_err;
245
0
      break;
246
0
    }
247
0
  if (sigrc != '?' || print_without_key)
248
0
    {
249
0
      tty_fprintf (fp, "%s%c%c %c%c%c%c%c%c %s %s",
250
0
      is_rev ? "rev" : "sig", sigrc,
251
0
      (sig->sig_class - 0x10 > 0 &&
252
0
       sig->sig_class - 0x10 <
253
0
       4) ? '0' + sig->sig_class - 0x10 : ' ',
254
0
      sig->flags.exportable ? ' ' : 'L',
255
0
      sig->flags.revocable ? ' ' : 'R',
256
0
      sig->flags.policy_url ? 'P' : ' ',
257
0
      sig->flags.notation ? 'N' : ' ',
258
0
      sig->flags.expired ? 'X' : ' ',
259
0
      (sig->trust_depth > 9) ? 'T' : (sig->trust_depth >
260
0
              0) ? '0' +
261
0
      sig->trust_depth : ' ',
262
0
                  keystr (sig->keyid),
263
0
      datestr_from_sig (sig));
264
0
      if ((opt.list_options & LIST_SHOW_SIG_EXPIRE) || extended )
265
0
  tty_fprintf (fp, " %s", expirestr_from_sig (sig));
266
0
      tty_fprintf (fp, "  ");
267
0
      if (sigrc == '%')
268
0
  tty_fprintf (fp, "[%s] ", gpg_strerror (rc));
269
0
      else if (sigrc == '?')
270
0
  ;
271
0
      else if (is_selfsig)
272
0
  {
273
0
    tty_fprintf (fp, is_rev ? _("[revocation]") : _("[self-signature]"));
274
0
          if (extended && sig->flags.chosen_selfsig)
275
0
            tty_fprintf (fp, "*");
276
0
  }
277
0
      else
278
0
  {
279
0
    size_t n;
280
0
    char *p = get_user_id (ctrl, sig->keyid, &n, NULL);
281
0
    tty_print_utf8_string2 (fp, p, n,
282
0
          opt.screen_columns - keystrlen () - 26 -
283
0
          ((opt.
284
0
            list_options & LIST_SHOW_SIG_EXPIRE) ? 11
285
0
           : 0));
286
0
    xfree (p);
287
0
  }
288
0
      if (fp == log_get_stream ())
289
0
        log_printf ("\n");
290
0
      else
291
0
        tty_fprintf (fp, "\n");
292
293
0
      if (sig->flags.policy_url
294
0
          && ((opt.list_options & LIST_SHOW_POLICY_URLS) || extended))
295
0
  show_policy_url (sig, 3, (!fp? -1 : fp == log_get_stream ()? 1 : 0));
296
297
0
      if (sig->flags.notation
298
0
          && ((opt.list_options & LIST_SHOW_NOTATIONS) || extended))
299
0
  show_notation (sig, 3, (!fp? -1 : fp == log_get_stream ()? 1 : 0),
300
0
           ((opt.
301
0
       list_options & LIST_SHOW_STD_NOTATIONS) ? 1 : 0) +
302
0
           ((opt.
303
0
       list_options & LIST_SHOW_USER_NOTATIONS) ? 2 : 0) +
304
0
                       ((opt.
305
0
                         list_options & LIST_SHOW_HIDDEN_NOTATIONS) ? 4:0));
306
307
0
      if (sig->flags.pref_ks
308
0
          && ((opt.list_options & LIST_SHOW_KEYSERVER_URLS) || extended))
309
0
  show_keyserver_url (sig, 3, (!fp? -1 : fp == log_get_stream ()? 1 : 0));
310
311
0
      if (extended)
312
0
        {
313
0
          PKT_public_key *pk = keyblock->pkt->pkt.public_key;
314
0
          const unsigned char *s;
315
316
0
          s = parse_sig_subpkt (sig, 1, SIGSUBPKT_PRIMARY_UID, NULL);
317
0
          if (s && *s)
318
0
            tty_fprintf (fp, "             [primary]\n");
319
320
0
          s = parse_sig_subpkt (sig, 1, SIGSUBPKT_KEY_EXPIRE, NULL);
321
0
          if (s && buf32_to_u32 (s))
322
0
            tty_fprintf (fp, "             [expires: %s]\n",
323
0
                         isotimestamp (pk->timestamp + buf32_to_u32 (s)));
324
0
        }
325
0
    }
326
327
0
  return (sigrc == '!');
328
0
}
329
330
331
static int
332
print_and_check_one_sig (ctrl_t ctrl, kbnode_t keyblock, kbnode_t node,
333
       int *inv_sigs, int *no_key, int *oth_err,
334
       int *is_selfsig, int print_without_key, int extended)
335
0
{
336
0
  int rc;
337
338
0
  rc = check_key_signature (ctrl, keyblock, node, is_selfsig);
339
0
  return keyedit_print_one_sig (ctrl, NULL, rc,
340
0
        keyblock, node, inv_sigs, no_key, oth_err,
341
0
        *is_selfsig, print_without_key, extended);
342
0
}
343
344
345
static int
346
sign_mk_attrib (PKT_signature * sig, void *opaque)
347
0
{
348
0
  struct sign_attrib *attrib = opaque;
349
0
  byte buf[8];
350
351
0
  if (attrib->non_exportable)
352
0
    {
353
0
      buf[0] = 0;   /* not exportable */
354
0
      build_sig_subpkt (sig, SIGSUBPKT_EXPORTABLE, buf, 1);
355
0
    }
356
357
0
  if (attrib->non_revocable)
358
0
    {
359
0
      buf[0] = 0;   /* not revocable */
360
0
      build_sig_subpkt (sig, SIGSUBPKT_REVOCABLE, buf, 1);
361
0
    }
362
363
0
  if (attrib->reason)
364
0
    revocation_reason_build_cb (sig, attrib->reason);
365
366
0
  if (attrib->trust_depth)
367
0
    {
368
      /* Not critical.  If someone doesn't understand trust sigs,
369
         this can still be a valid regular signature. */
370
0
      buf[0] = attrib->trust_depth;
371
0
      buf[1] = attrib->trust_value;
372
0
      build_sig_subpkt (sig, SIGSUBPKT_TRUST, buf, 2);
373
374
      /* Critical.  If someone doesn't understands regexps, this
375
         whole sig should be invalid.  Note the +1 for the length -
376
         regexps are null terminated. */
377
0
      if (attrib->trust_regexp)
378
0
  build_sig_subpkt (sig, SIGSUBPKT_FLAG_CRITICAL | SIGSUBPKT_REGEXP,
379
0
        attrib->trust_regexp,
380
0
        strlen (attrib->trust_regexp) + 1);
381
0
    }
382
383
0
  return 0;
384
0
}
385
386
387
/* Parse a trust signature specification string into the 3 return
388
 * args.  Returns 0 on success or an errorcode.  Format for the string
389
 * is
390
 *  ['T=']<depth>,<value>[,<domain>]
391
 * The optional prefix is just to allow c+p from the --check-sigs
392
 * output.  The domain is optional, <depth> must be a value in the
393
 * range 0 to 255, value may either be value in the same range or -
394
 * preferred - 'm' or 'f'.
395
 */
396
static gpg_error_t
397
parse_trustsig_string (const char *string,
398
                       byte *trust_value, byte *trust_depth, char **regexp)
399
0
{
400
0
  gpg_error_t err = 0;
401
0
  char **fields;
402
0
  int nfields;
403
0
  int along;
404
0
  char *endp;
405
406
0
  *trust_value = 0;
407
0
  *trust_depth = 0;
408
0
  *regexp = NULL;
409
410
0
  if (!string)
411
0
    return gpg_error (GPG_ERR_INV_ARG);
412
413
0
  if (*string == 'T' && string[1] == '=')
414
0
    string += 2;
415
416
0
  fields = strtokenize (string, ",");
417
0
  if (!fields)
418
0
      return gpg_error_from_syserror ();
419
420
0
  for (nfields=0; fields[nfields]; nfields++)
421
0
    ;
422
0
  if (nfields < 2 || nfields > 3)
423
0
    {
424
0
      err = gpg_error (GPG_ERR_SYNTAX);
425
0
      goto leave;
426
0
    }
427
0
  along = strtol (fields[0], &endp, 10);
428
0
  if (along < 0 || along > 255 || fields[0] == endp || *endp)
429
0
    {
430
0
      err = gpg_error (GPG_ERR_ERANGE);
431
0
      goto leave;
432
0
    }
433
0
  *trust_depth = along;
434
0
  if (!strcmp (fields[1], "m")|| !strcmp (fields[1], "marginal"))
435
0
    along = 60;
436
0
  else if (!strcmp (fields[1], "f")|| !strcmp (fields[1], "full"))
437
0
    along = 120;
438
0
  else
439
0
    {
440
0
      along = strtol (fields[1], &endp, 10);
441
0
      if (along < 0 || along > 255 || fields[1] == endp || *endp)
442
0
        {
443
0
          err = gpg_error (GPG_ERR_ERANGE);
444
0
          goto leave;
445
0
        }
446
0
    }
447
0
  *trust_value = along;
448
449
0
  if (nfields == 3)
450
0
    {
451
0
      if (!is_valid_domain_name (fields[2]))
452
0
        err = gpg_error (GPG_ERR_NO_NAME);
453
0
      else
454
0
        {
455
0
          *regexp = strconcat ("<[^>]+[@.]", fields[2], ">$", NULL);
456
0
          if (!*regexp)
457
0
            err = gpg_error_from_syserror ();
458
0
        }
459
0
    }
460
461
0
 leave:
462
0
  xfree (fields);
463
0
  if (err && *regexp)
464
0
    {
465
0
      xfree (*regexp);
466
0
      *regexp = NULL;
467
0
    }
468
0
  return err;
469
0
}
470
471
472
/* Interactive version of parse_trustsig_string.  */
473
static void
474
trustsig_prompt (byte * trust_value, byte * trust_depth, char **regexp)
475
0
{
476
0
  char *p;
477
478
0
  *trust_value = 0;
479
0
  *trust_depth = 0;
480
0
  *regexp = NULL;
481
482
  /* Same string as pkclist.c:do_edit_ownertrust */
483
0
  tty_printf (_
484
0
        ("Please decide how far you trust this user to correctly verify"
485
0
         " other users' keys\n(by looking at passports, checking"
486
0
         " fingerprints from different sources, etc.)\n"));
487
0
  tty_printf ("\n");
488
0
  tty_printf (_("  %d = I trust marginally\n"), 1);
489
0
  tty_printf (_("  %d = I trust fully\n"), 2);
490
0
  tty_printf ("\n");
491
492
0
  while (*trust_value == 0)
493
0
    {
494
0
      p = cpr_get ("trustsig_prompt.trust_value", _("Your selection? "));
495
0
      trim_spaces (p);
496
0
      cpr_kill_prompt ();
497
      /* 60 and 120 are as per RFC2440 */
498
0
      if (p[0] == '1' && !p[1])
499
0
  *trust_value = 60;
500
0
      else if (p[0] == '2' && !p[1])
501
0
  *trust_value = 120;
502
0
      xfree (p);
503
0
    }
504
505
0
  tty_printf ("\n");
506
507
0
  tty_printf (_("Please enter the depth of this trust signature.\n"
508
0
    "A depth greater than 1 allows the key you are"
509
0
                " signing to make\n"
510
0
    "trust signatures on your behalf.\n"));
511
0
  tty_printf ("\n");
512
513
0
  while (*trust_depth == 0)
514
0
    {
515
0
      p = cpr_get ("trustsig_prompt.trust_depth", _("Your selection? "));
516
0
      trim_spaces (p);
517
0
      cpr_kill_prompt ();
518
0
      *trust_depth = atoi (p);
519
0
      xfree (p);
520
0
    }
521
522
0
  tty_printf ("\n");
523
524
0
  tty_printf (_("Please enter a domain to restrict this signature, "
525
0
    "or enter for none.\n"));
526
527
0
  tty_printf ("\n");
528
529
0
  p = cpr_get ("trustsig_prompt.trust_regexp", _("Your selection? "));
530
0
  trim_spaces (p);
531
0
  cpr_kill_prompt ();
532
533
0
  if (strlen (p) > 0)
534
0
    {
535
0
      char *q = p;
536
0
      int regexplen = 100, ind;
537
538
0
      *regexp = xmalloc (regexplen);
539
540
      /* Now mangle the domain the user entered into a regexp.  To do
541
         this, \-escape everything that isn't alphanumeric, and attach
542
         "<[^>]+[@.]" to the front, and ">$" to the end. */
543
544
0
      strcpy (*regexp, "<[^>]+[@.]");
545
0
      ind = strlen (*regexp);
546
547
0
      while (*q)
548
0
  {
549
0
    if (!((*q >= 'A' && *q <= 'Z')
550
0
    || (*q >= 'a' && *q <= 'z') || (*q >= '0' && *q <= '9')))
551
0
      (*regexp)[ind++] = '\\';
552
553
0
    (*regexp)[ind++] = *q;
554
555
0
    if ((regexplen - ind) < 3)
556
0
      {
557
0
        regexplen += 100;
558
0
        *regexp = xrealloc (*regexp, regexplen);
559
0
      }
560
561
0
    q++;
562
0
  }
563
564
0
      (*regexp)[ind] = '\0';
565
0
      strcat (*regexp, ">$");
566
0
    }
567
568
0
  xfree (p);
569
0
  tty_printf ("\n");
570
0
}
571
572
573
/*
574
 * Loop over all LOCUSR and sign the uids after asking.  If no user id
575
 * is marked, all user ids will be signed; if some user_ids are marked
576
 * only those will be signed.  FLAGS are the SIGN_UIDS_* constants.
577
 * For example with SIGN_UIDS_QUICK the function won't ask the user
578
 * and use sensible defaults.  TRUSTSIGSTR is only used if also
579
 * SIGN_UIDS_TRUSTSIG is set.
580
 */
581
static int
582
sign_uids (ctrl_t ctrl, estream_t fp,
583
           kbnode_t keyblock, strlist_t locusr, unsigned int flags,
584
           const char *trustsigstr, int *ret_modified)
585
0
{
586
0
  int rc = 0;
587
0
  SK_LIST sk_list = NULL;
588
0
  SK_LIST sk_rover = NULL;
589
0
  PKT_public_key *pk = NULL;
590
0
  KBNODE node, uidnode;
591
0
  PKT_public_key *primary_pk = NULL;
592
0
  char *trust_regexp = NULL;
593
0
  int select_all = (!count_selected_uids (keyblock)
594
0
                    || (flags & SIGN_UIDS_INTERACTIVE));
595
596
597
  /* Build a list of all signators.
598
   *
599
   * We use the CERT flag to request the primary which must always
600
   * be one which is capable of signing keys.  I can't see a reason
601
   * why to sign keys using a subkey.  Implementation of USAGE_CERT
602
   * is just a hack in getkey.c and does not mean that a subkey
603
   * marked as certification capable will be used. */
604
0
  rc = build_sk_list (ctrl, locusr, &sk_list, PUBKEY_USAGE_CERT);
605
0
  if (rc)
606
0
    goto leave;
607
608
  /* Loop over all signators.  */
609
0
  for (sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next)
610
0
    {
611
0
      u32 sk_keyid[2], pk_keyid[2];
612
0
      char *p;
613
0
      int class = 0, selfsig = 0;
614
0
      u32 duration = 0, timestamp = 0;
615
0
      byte trust_depth = 0, trust_value = 0;
616
617
0
      pk = sk_rover->pk;
618
0
      keyid_from_pk (pk, sk_keyid);
619
620
      /* Set mark A for all selected user ids.  */
621
0
      for (node = keyblock; node; node = node->next)
622
0
  {
623
0
    if (select_all || (node->flag & NODFLG_SELUID))
624
0
      node->flag |= NODFLG_MARK_A;
625
0
    else
626
0
      node->flag &= ~NODFLG_MARK_A;
627
0
  }
628
629
      /* Reset mark for uids which are already signed.  */
630
0
      uidnode = NULL;
631
0
      for (node = keyblock; node; node = node->next)
632
0
  {
633
0
    if (node->pkt->pkttype == PKT_PUBLIC_KEY)
634
0
      {
635
0
        primary_pk = node->pkt->pkt.public_key;
636
0
        keyid_from_pk (primary_pk, pk_keyid);
637
638
        /* Is this a self-sig? */
639
0
        if (pk_keyid[0] == sk_keyid[0] && pk_keyid[1] == sk_keyid[1])
640
0
                selfsig = 1;
641
0
      }
642
0
    else if (node->pkt->pkttype == PKT_USER_ID)
643
0
      {
644
0
        uidnode = (node->flag & NODFLG_MARK_A) ? node : NULL;
645
0
        if (uidnode)
646
0
    {
647
0
      int yesreally = 0;
648
0
      char *user;
649
650
0
                  user = utf8_to_native (uidnode->pkt->pkt.user_id->name,
651
0
                                         uidnode->pkt->pkt.user_id->len, 0);
652
653
0
                  if (opt.only_sign_text_ids
654
0
                      && uidnode->pkt->pkt.user_id->attribs)
655
0
                    {
656
0
                      tty_fprintf (fp, _("Skipping user ID \"%s\","
657
0
                                         " which is not a text ID.\n"),
658
0
                                   user);
659
0
                      uidnode->flag &= ~NODFLG_MARK_A;
660
0
                      uidnode = NULL;
661
0
                    }
662
0
      else if (uidnode->pkt->pkt.user_id->flags.revoked)
663
0
        {
664
0
          tty_fprintf (fp, _("User ID \"%s\" is revoked."), user);
665
666
0
          if (selfsig)
667
0
      tty_fprintf (fp, "\n");
668
0
          else if (opt.expert && !(flags & SIGN_UIDS_QUICK))
669
0
      {
670
0
        tty_fprintf (fp, "\n");
671
        /* No, so remove the mark and continue */
672
0
        if (!cpr_get_answer_is_yes ("sign_uid.revoke_okay",
673
0
                  _("Are you sure you "
674
0
              "still want to sign "
675
0
              "it? (y/N) ")))
676
0
          {
677
0
            uidnode->flag &= ~NODFLG_MARK_A;
678
0
            uidnode = NULL;
679
0
          }
680
0
        else if ((flags & SIGN_UIDS_INTERACTIVE))
681
0
          yesreally = 1;
682
0
      }
683
0
          else
684
0
      {
685
0
        uidnode->flag &= ~NODFLG_MARK_A;
686
0
        uidnode = NULL;
687
0
        tty_fprintf (fp, _("  Unable to sign.\n"));
688
0
      }
689
0
        }
690
0
      else if (uidnode->pkt->pkt.user_id->flags.expired)
691
0
        {
692
0
          tty_fprintf (fp, _("User ID \"%s\" is expired."), user);
693
694
0
          if (selfsig)
695
0
      tty_fprintf (fp, "\n");
696
0
          else if (opt.expert && !(flags & SIGN_UIDS_QUICK))
697
0
      {
698
0
        tty_fprintf (fp, "\n");
699
        /* No, so remove the mark and continue */
700
0
        if (!cpr_get_answer_is_yes ("sign_uid.expire_okay",
701
0
                  _("Are you sure you "
702
0
              "still want to sign "
703
0
              "it? (y/N) ")))
704
0
          {
705
0
            uidnode->flag &= ~NODFLG_MARK_A;
706
0
            uidnode = NULL;
707
0
          }
708
0
        else if ((flags & SIGN_UIDS_INTERACTIVE))
709
0
          yesreally = 1;
710
0
      }
711
0
          else
712
0
      {
713
0
        uidnode->flag &= ~NODFLG_MARK_A;
714
0
        uidnode = NULL;
715
0
        tty_fprintf (fp, _("  Unable to sign.\n"));
716
0
      }
717
0
        }
718
0
      else if (!uidnode->pkt->pkt.user_id->created && !selfsig)
719
0
        {
720
0
          tty_fprintf (fp, _("User ID \"%s\" is not self-signed."),
721
0
                                   user);
722
723
0
          if (opt.expert && !(flags & SIGN_UIDS_QUICK))
724
0
      {
725
0
        tty_fprintf (fp, "\n");
726
        /* No, so remove the mark and continue */
727
0
        if (!cpr_get_answer_is_yes ("sign_uid.nosig_okay",
728
0
                  _("Are you sure you "
729
0
              "still want to sign "
730
0
              "it? (y/N) ")))
731
0
          {
732
0
            uidnode->flag &= ~NODFLG_MARK_A;
733
0
            uidnode = NULL;
734
0
          }
735
0
        else if ((flags & SIGN_UIDS_INTERACTIVE))
736
0
          yesreally = 1;
737
0
      }
738
0
          else
739
0
      {
740
0
        uidnode->flag &= ~NODFLG_MARK_A;
741
0
        uidnode = NULL;
742
0
        tty_fprintf (fp, _("  Unable to sign.\n"));
743
0
      }
744
0
        }
745
746
0
      if (uidnode && (flags & SIGN_UIDS_INTERACTIVE)
747
0
                      && !yesreally && !(flags & SIGN_UIDS_QUICK))
748
0
        {
749
0
          tty_fprintf (fp,
750
0
                                   _("User ID \"%s\" is signable.  "), user);
751
0
          if (!cpr_get_answer_is_yes ("sign_uid.sign_okay",
752
0
              _("Sign it? (y/N) ")))
753
0
      {
754
0
        uidnode->flag &= ~NODFLG_MARK_A;
755
0
        uidnode = NULL;
756
0
      }
757
0
        }
758
759
0
      xfree (user);
760
0
    }
761
0
      }
762
0
    else if (uidnode && node->pkt->pkttype == PKT_SIGNATURE
763
0
       && (node->pkt->pkt.signature->sig_class & ~3) == 0x10)
764
0
      {
765
0
        if (sk_keyid[0] == node->pkt->pkt.signature->keyid[0]
766
0
      && sk_keyid[1] == node->pkt->pkt.signature->keyid[1])
767
0
    {
768
0
      char buf[50];
769
0
      char *user;
770
771
0
                  user = utf8_to_native (uidnode->pkt->pkt.user_id->name,
772
0
                                         uidnode->pkt->pkt.user_id->len, 0);
773
774
      /* It's a v3 self-sig.  Make it into a v4 self-sig? */
775
0
      if (node->pkt->pkt.signature->version < 4
776
0
                      && selfsig && !(flags & SIGN_UIDS_QUICK))
777
0
        {
778
0
          tty_fprintf (fp,
779
0
                                   _("The self-signature on \"%s\"\n"
780
0
                                     "is a PGP 2.x-style signature.\n"), user);
781
782
          /* Note that the regular PGP2 warning below
783
             still applies if there are no v4 sigs on
784
             this key at all. */
785
786
0
          if (opt.expert)
787
0
      if (cpr_get_answer_is_yes ("sign_uid.v4_promote_okay",
788
0
               _("Do you want to promote "
789
0
                 "it to an OpenPGP self-"
790
0
                 "signature? (y/N) ")))
791
0
        {
792
0
          node->flag |= NODFLG_DELSIG;
793
0
          xfree (user);
794
0
          continue;
795
0
        }
796
0
        }
797
798
      /* Is the current signature expired? */
799
0
      if (node->pkt->pkt.signature->flags.expired)
800
0
        {
801
0
          tty_fprintf (fp, _("Your current signature on \"%s\"\n"
802
0
                                         "has expired.\n"), user);
803
804
0
          if ((flags & SIGN_UIDS_QUICK) || cpr_get_answer_is_yes
805
0
        ("sign_uid.replace_expired_okay",
806
0
         _("Do you want to issue a "
807
0
           "new signature to replace "
808
0
           "the expired one? (y/N) ")))
809
0
      {
810
        /* Mark these for later deletion.  We
811
           don't want to delete them here, just in
812
           case the replacement signature doesn't
813
           happen for some reason.  We only delete
814
           these after the replacement is already
815
           in place. */
816
817
0
        node->flag |= NODFLG_DELSIG;
818
0
        xfree (user);
819
0
        continue;
820
0
      }
821
0
        }
822
823
0
      if (!node->pkt->pkt.signature->flags.exportable
824
0
                      && !(flags & SIGN_UIDS_LOCAL))
825
0
        {
826
          /* It's a local sig, and we want to make a
827
             exportable sig. */
828
0
          tty_fprintf (fp, _("Your current signature on \"%s\"\n"
829
0
                                         "is a local signature.\n"), user);
830
831
0
          if ((flags & SIGN_UIDS_QUICK) || cpr_get_answer_is_yes
832
0
        ("sign_uid.local_promote_okay",
833
0
         _("Do you want to promote "
834
0
           "it to a full exportable " "signature? (y/N) ")))
835
0
      {
836
        /* Mark these for later deletion.  We
837
           don't want to delete them here, just in
838
           case the replacement signature doesn't
839
           happen for some reason.  We only delete
840
           these after the replacement is already
841
           in place. */
842
843
0
        node->flag |= NODFLG_DELSIG;
844
0
        xfree (user);
845
0
        continue;
846
0
      }
847
0
        }
848
849
      /* Fixme: see whether there is a revocation in which
850
       * case we should allow signing it again. */
851
0
      if (!node->pkt->pkt.signature->flags.exportable
852
0
                      && (flags & SIGN_UIDS_LOCAL))
853
0
        tty_fprintf ( fp,
854
0
                       _("\"%s\" was already locally signed by key %s\n"),
855
0
                       user, keystr_from_pk (pk));
856
0
      else
857
0
        tty_fprintf (fp,
858
0
                                _("\"%s\" was already signed by key %s\n"),
859
0
        user, keystr_from_pk (pk));
860
861
0
                  if (node->pkt->pkt.signature->digest_algo
862
0
                      == DIGEST_ALGO_SHA1
863
0
                      && !opt.flags.allow_weak_key_signatures)
864
0
                    {
865
                      /* Allow updating a signature to a stronger
866
                       * digest algorithm without an extra option.  */
867
0
          xfree (user);
868
0
          continue;
869
0
                    }
870
0
      else if (opt.flags.force_sign_key
871
0
                      || (opt.expert && !(flags & SIGN_UIDS_QUICK)
872
0
                          && cpr_get_answer_is_yes ("sign_uid.dupe_okay",
873
0
                                                    _("Do you want to sign it "
874
0
                                                      "again anyway? (y/N) "))))
875
0
        {
876
          /* Don't delete the old sig here since this is
877
             an --expert thing. */
878
0
          xfree (user);
879
0
          continue;
880
0
        }
881
882
0
      snprintf (buf, sizeof buf, "%08lX%08lX",
883
0
          (ulong) pk->keyid[0], (ulong) pk->keyid[1]);
884
0
      write_status_text (STATUS_ALREADY_SIGNED, buf);
885
0
      uidnode->flag &= ~NODFLG_MARK_A; /* remove mark */
886
887
0
      xfree (user);
888
0
    }
889
0
      }
890
0
  }
891
892
      /* Check whether any uids are left for signing.  */
893
0
      if (!count_uids_with_flag (keyblock, NODFLG_MARK_A))
894
0
  {
895
0
    tty_fprintf (fp, _("Nothing to sign with key %s\n"),
896
0
          keystr_from_pk (pk));
897
0
    continue;
898
0
  }
899
900
      /* Ask whether we really should sign these user id(s). */
901
0
      tty_fprintf (fp, "\n");
902
0
      show_key_with_all_names (ctrl, fp, keyblock, 1, 0, 1, 0, 0, 0);
903
0
      tty_fprintf (fp, "\n");
904
905
0
      if (primary_pk->expiredate && !selfsig)
906
0
  {
907
          /* Static analyzer note: A claim that PRIMARY_PK might be
908
             NULL is not correct because it set from the public key
909
             packet which is always the first packet in a keyblock and
910
             parsed in the above loop over the keyblock.  In case the
911
             keyblock has no packets at all and thus the loop was not
912
             entered the above count_uids_with_flag would have
913
             detected this case.  */
914
915
0
    u32 now = make_timestamp ();
916
917
0
    if (primary_pk->expiredate <= now)
918
0
      {
919
0
        tty_fprintf (fp, _("This key has expired!"));
920
921
0
        if (opt.expert && !(flags & SIGN_UIDS_QUICK))
922
0
    {
923
0
      tty_fprintf (fp, "  ");
924
0
      if (!cpr_get_answer_is_yes ("sign_uid.expired_okay",
925
0
                _("Are you sure you still "
926
0
            "want to sign it? (y/N) ")))
927
0
        continue;
928
0
    }
929
0
        else
930
0
    {
931
0
      tty_fprintf (fp, _("  Unable to sign.\n"));
932
0
      continue;
933
0
    }
934
0
      }
935
0
    else
936
0
      {
937
0
        tty_fprintf (fp, _("This key is due to expire on %s.\n"),
938
0
                           expirestr_from_pk (primary_pk));
939
940
0
        if (opt.ask_cert_expire && !(flags & SIGN_UIDS_QUICK))
941
0
    {
942
0
      char *answer = cpr_get ("sign_uid.expire",
943
0
            _("Do you want your signature to "
944
0
              "expire at the same time? (Y/n) "));
945
0
      if (answer_is_yes_no_default (answer, 1))
946
0
        {
947
          /* This fixes the signature timestamp we're
948
             going to make as now.  This is so the
949
             expiration date is exactly correct, and not
950
             a few seconds off (due to the time it takes
951
             to answer the questions, enter the
952
             passphrase, etc). */
953
0
          timestamp = now;
954
0
          duration = primary_pk->expiredate - now;
955
0
        }
956
957
0
      cpr_kill_prompt ();
958
0
      xfree (answer);
959
0
    }
960
0
      }
961
0
  }
962
963
      /* Only ask for duration if we haven't already set it to match
964
         the expiration of the pk */
965
0
      if (!duration && !selfsig)
966
0
  {
967
0
    if (opt.ask_cert_expire && !(flags & SIGN_UIDS_QUICK))
968
0
      duration = ask_expire_interval (1, opt.def_cert_expire);
969
0
    else
970
0
      duration = parse_expire_string (opt.def_cert_expire);
971
0
  }
972
973
0
      if (selfsig)
974
0
  ;
975
0
      else
976
0
  {
977
0
    if (opt.batch || !opt.ask_cert_level || (flags & SIGN_UIDS_QUICK))
978
0
      class = 0x10 + opt.def_cert_level;
979
0
    else
980
0
      {
981
0
        char *answer;
982
983
0
        tty_fprintf (fp,
984
0
                           _("How carefully have you verified the key you are "
985
0
          "about to sign actually belongs\nto the person "
986
0
          "named above?  If you don't know what to "
987
0
          "answer, enter \"0\".\n"));
988
0
        tty_fprintf (fp, "\n");
989
0
        tty_fprintf (fp, _("   (0) I will not answer.%s\n"),
990
0
        opt.def_cert_level == 0 ? " (default)" : "");
991
0
        tty_fprintf (fp, _("   (1) I have not checked at all.%s\n"),
992
0
        opt.def_cert_level == 1 ? " (default)" : "");
993
0
        tty_fprintf (fp, _("   (2) I have done casual checking.%s\n"),
994
0
        opt.def_cert_level == 2 ? " (default)" : "");
995
0
        tty_fprintf (fp,
996
0
                           _("   (3) I have done very careful checking.%s\n"),
997
0
        opt.def_cert_level == 3 ? " (default)" : "");
998
0
        tty_fprintf (fp, "\n");
999
1000
0
        while (class == 0)
1001
0
    {
1002
0
      answer = cpr_get ("sign_uid.class",
1003
0
                                    _("Your selection? "
1004
0
                                      "(enter '?' for more information): "));
1005
0
      if (answer[0] == '\0')
1006
0
        class = 0x10 + opt.def_cert_level; /* Default */
1007
0
      else if (ascii_strcasecmp (answer, "0") == 0)
1008
0
        class = 0x10; /* Generic */
1009
0
      else if (ascii_strcasecmp (answer, "1") == 0)
1010
0
        class = 0x11; /* Persona */
1011
0
      else if (ascii_strcasecmp (answer, "2") == 0)
1012
0
        class = 0x12; /* Casual */
1013
0
      else if (ascii_strcasecmp (answer, "3") == 0)
1014
0
        class = 0x13; /* Positive */
1015
0
      else
1016
0
        tty_fprintf (fp, _("Invalid selection.\n"));
1017
1018
0
      xfree (answer);
1019
0
    }
1020
0
      }
1021
1022
0
    if ((flags & SIGN_UIDS_TRUSTSIG))
1023
0
            {
1024
0
              xfree (trust_regexp);
1025
0
              trust_regexp = NULL;
1026
0
              if ((flags & SIGN_UIDS_QUICK))
1027
0
                {
1028
0
                  rc = parse_trustsig_string (trustsigstr, &trust_value,
1029
0
                                              &trust_depth, &trust_regexp);
1030
0
                  if (rc)
1031
0
                    goto leave;
1032
0
                }
1033
0
              else
1034
0
                trustsig_prompt (&trust_value, &trust_depth, &trust_regexp);
1035
0
            }
1036
0
        }
1037
1038
0
      if (!(flags & SIGN_UIDS_QUICK))
1039
0
        {
1040
0
          p = get_user_id_native (ctrl, sk_keyid);
1041
0
          tty_fprintf (fp,
1042
0
                   _("Are you sure that you want to sign this key with your\n"
1043
0
                     "key \"%s\" (%s)\n"), p, keystr_from_pk (pk));
1044
0
          xfree (p);
1045
0
        }
1046
1047
0
      if (selfsig)
1048
0
  {
1049
0
    tty_fprintf (fp, "\n");
1050
0
    tty_fprintf (fp, _("This will be a self-signature.\n"));
1051
1052
0
    if ((flags & SIGN_UIDS_LOCAL))
1053
0
      {
1054
0
        tty_fprintf (fp, "\n");
1055
0
        tty_fprintf (fp, _("WARNING: the signature will not be marked "
1056
0
                                 "as non-exportable.\n"));
1057
0
      }
1058
1059
0
    if ((flags & SIGN_UIDS_NONREVOCABLE))
1060
0
      {
1061
0
        tty_fprintf (fp, "\n");
1062
0
        tty_fprintf (fp, _("WARNING: the signature will not be marked "
1063
0
                                 "as non-revocable.\n"));
1064
0
      }
1065
0
  }
1066
0
      else
1067
0
  {
1068
0
    if ((flags & SIGN_UIDS_LOCAL))
1069
0
      {
1070
0
        tty_fprintf (fp, "\n");
1071
0
        tty_fprintf (fp,
1072
0
                 _("The signature will be marked as non-exportable.\n"));
1073
0
      }
1074
1075
0
    if ((flags & SIGN_UIDS_NONREVOCABLE))
1076
0
      {
1077
0
        tty_fprintf (fp, "\n");
1078
0
        tty_fprintf (fp,
1079
0
                 _("The signature will be marked as non-revocable.\n"));
1080
0
      }
1081
1082
0
    switch (class)
1083
0
      {
1084
0
      case 0x11:
1085
0
        tty_fprintf (fp, "\n");
1086
0
        tty_fprintf (fp, _("I have not checked this key at all.\n"));
1087
0
        break;
1088
1089
0
      case 0x12:
1090
0
        tty_fprintf (fp, "\n");
1091
0
        tty_fprintf (fp, _("I have checked this key casually.\n"));
1092
0
        break;
1093
1094
0
      case 0x13:
1095
0
        tty_fprintf (fp, "\n");
1096
0
        tty_fprintf (fp, _("I have checked this key very carefully.\n"));
1097
0
        break;
1098
0
      }
1099
0
  }
1100
1101
0
      tty_fprintf (fp, "\n");
1102
1103
0
      if (opt.batch && opt.answer_yes)
1104
0
  ;
1105
0
      else if ((flags & SIGN_UIDS_QUICK))
1106
0
        ;
1107
0
      else if (!cpr_get_answer_is_yes ("sign_uid.okay",
1108
0
               _("Really sign? (y/N) ")))
1109
0
  continue;
1110
1111
      /* Now we can sign the user ids.  */
1112
0
    reloop:  /* (Must use this, because we are modifying the list.)  */
1113
0
      primary_pk = NULL;
1114
0
      for (node = keyblock; node; node = node->next)
1115
0
  {
1116
0
    if (node->pkt->pkttype == PKT_PUBLIC_KEY)
1117
0
      primary_pk = node->pkt->pkt.public_key;
1118
0
    else if (node->pkt->pkttype == PKT_USER_ID
1119
0
       && (node->flag & NODFLG_MARK_A))
1120
0
      {
1121
0
        PACKET *pkt;
1122
0
        PKT_signature *sig;
1123
0
        struct sign_attrib attrib;
1124
1125
0
        log_assert (primary_pk);
1126
0
        memset (&attrib, 0, sizeof attrib);
1127
0
        attrib.non_exportable = !!(flags & SIGN_UIDS_LOCAL);
1128
0
        attrib.non_revocable = !!(flags & SIGN_UIDS_NONREVOCABLE);
1129
0
        attrib.trust_depth = trust_depth;
1130
0
        attrib.trust_value = trust_value;
1131
0
        attrib.trust_regexp = trust_regexp;
1132
0
        node->flag &= ~NODFLG_MARK_A;
1133
1134
        /* We force creation of a v4 signature for local
1135
         * signatures, otherwise we would not generate the
1136
         * subpacket with v3 keys and the signature becomes
1137
         * exportable.  */
1138
1139
0
        if (selfsig)
1140
0
    rc = make_keysig_packet (ctrl, &sig, primary_pk,
1141
0
           node->pkt->pkt.user_id,
1142
0
           NULL,
1143
0
           pk,
1144
0
           0x13,
1145
0
                                         0, 0,
1146
0
           keygen_add_std_prefs, primary_pk,
1147
0
                                         NULL);
1148
0
        else
1149
0
    rc = make_keysig_packet (ctrl, &sig, primary_pk,
1150
0
           node->pkt->pkt.user_id,
1151
0
           NULL,
1152
0
           pk,
1153
0
           class,
1154
0
           timestamp, duration,
1155
0
           sign_mk_attrib, &attrib,
1156
0
                                         NULL);
1157
0
        if (rc)
1158
0
    {
1159
0
                  write_status_error ("keysig", rc);
1160
0
      log_error (_("signing failed: %s\n"), gpg_strerror (rc));
1161
0
      goto leave;
1162
0
    }
1163
1164
0
        *ret_modified = 1;  /* We changed the keyblock. */
1165
0
        update_trust = 1;
1166
1167
0
        pkt = xmalloc_clear (sizeof *pkt);
1168
0
        pkt->pkttype = PKT_SIGNATURE;
1169
0
        pkt->pkt.signature = sig;
1170
0
        insert_kbnode (node, new_kbnode (pkt), PKT_SIGNATURE);
1171
0
        goto reloop;
1172
0
      }
1173
0
  }
1174
1175
      /* Delete any sigs that got promoted */
1176
0
      for (node = keyblock; node; node = node->next)
1177
0
  if (node->flag & NODFLG_DELSIG)
1178
0
    delete_kbnode (node);
1179
0
    } /* End loop over signators.  */
1180
1181
0
 leave:
1182
0
  xfree (trust_regexp);
1183
0
  trust_regexp = NULL;
1184
0
  release_sk_list (sk_list);
1185
0
  return rc;
1186
0
}
1187
1188
1189
/*
1190
 * Change the passphrase of the primary and all secondary keys.  Note
1191
 * that it is common to use only one passphrase for the primary and
1192
 * all subkeys.  However, this is now (since GnuPG 2.1) all up to the
1193
 * gpg-agent.  Returns 0 on success or an error code.
1194
 */
1195
static gpg_error_t
1196
change_passphrase (ctrl_t ctrl, kbnode_t keyblock)
1197
0
{
1198
0
  gpg_error_t err;
1199
0
  kbnode_t node;
1200
0
  PKT_public_key *pk;
1201
0
  int any;
1202
0
  u32 keyid[2], subid[2];
1203
0
  char *hexgrip = NULL;
1204
0
  const char *hexgrip2;
1205
0
  char *cache_nonce = NULL;
1206
0
  char *passwd_nonce = NULL;
1207
1208
0
  node = find_kbnode (keyblock, PKT_PUBLIC_KEY);
1209
0
  if (!node)
1210
0
    {
1211
0
      log_error ("Oops; public key missing!\n");
1212
0
      err = gpg_error (GPG_ERR_INTERNAL);
1213
0
      goto leave;
1214
0
    }
1215
0
  pk = node->pkt->pkt.public_key;
1216
0
  keyid_from_pk (pk, keyid);
1217
1218
  /* Check whether it is likely that we will be able to change the
1219
     passphrase for any subkey.  */
1220
0
  for (any = 0, node = keyblock; node; node = node->next)
1221
0
    {
1222
0
      if (node->pkt->pkttype == PKT_PUBLIC_KEY
1223
0
    || node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
1224
0
  {
1225
0
          char *serialno;
1226
1227
0
          pk = node->pkt->pkt.public_key;
1228
0
          keyid_from_pk (pk, subid);
1229
1230
0
          xfree (hexgrip);
1231
0
          err = hexkeygrip_from_pk (pk, &hexgrip);
1232
0
          if (err)
1233
0
            goto leave;
1234
0
          err = agent_get_keyinfo (ctrl, hexgrip, &serialno, NULL);
1235
0
          if (!err && serialno)
1236
0
            ; /* Key on card.  */
1237
0
          else if (gpg_err_code (err) == GPG_ERR_NOT_FOUND)
1238
0
            ; /* Maybe stub key. */
1239
0
          else if (!err)
1240
0
            any = 1; /* Key is known.  */
1241
0
          else
1242
0
            log_error ("key %s: error getting keyinfo from agent: %s\n",
1243
0
                       keystr_with_sub (keyid, subid), gpg_strerror (err));
1244
0
          xfree (serialno);
1245
0
  }
1246
0
    }
1247
0
  err = 0;
1248
0
  if (!any)
1249
0
    {
1250
0
      tty_printf (_("Key has only stub or on-card key items - "
1251
0
        "no passphrase to change.\n"));
1252
0
      goto leave;
1253
0
    }
1254
1255
  /* Change the passphrase for all keys.  */
1256
0
  for (node = keyblock; node; node = node->next)
1257
0
    {
1258
0
      if (node->pkt->pkttype == PKT_PUBLIC_KEY
1259
0
    || node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
1260
0
        {
1261
0
          char *desc, *p;
1262
1263
0
          pk = node->pkt->pkt.public_key;
1264
0
          keyid_from_pk (pk, subid);
1265
1266
0
          xfree (hexgrip);
1267
0
          err = hexkeygrip_from_pk (pk, &hexgrip);
1268
0
          if (err)
1269
0
            goto leave;
1270
0
          if ((p=strchr (hexgrip, ',')))
1271
0
            {
1272
0
              *p++ = 0;
1273
0
              hexgrip2 = p;
1274
0
            }
1275
0
          else
1276
0
            hexgrip2 = NULL;
1277
1278
          /* Note that when using --dry-run we don't change the
1279
           * passphrase but merely verify the current passphrase.  */
1280
0
          desc = gpg_format_keydesc (ctrl, pk, FORMAT_KEYDESC_NORMAL, 1);
1281
0
          err = agent_passwd (ctrl, hexgrip, desc, !!opt.dry_run,
1282
0
                              &cache_nonce, &passwd_nonce);
1283
0
          if (!err && hexgrip2)
1284
0
            err = agent_passwd (ctrl, hexgrip2, desc, !!opt.dry_run,
1285
0
                                &cache_nonce, &passwd_nonce);
1286
0
          xfree (desc);
1287
1288
0
          if (err)
1289
0
            log_log ((gpg_err_code (err) == GPG_ERR_CANCELED
1290
0
                      || gpg_err_code (err) == GPG_ERR_FULLY_CANCELED)
1291
0
                     ? GPGRT_LOGLVL_INFO : GPGRT_LOGLVL_ERROR,
1292
0
                     _("key %s: error changing passphrase: %s\n"),
1293
0
                       keystr_with_sub (keyid, subid),
1294
0
                       gpg_strerror (err));
1295
0
          if (gpg_err_code (err) == GPG_ERR_FULLY_CANCELED)
1296
0
            break;
1297
0
        }
1298
0
    }
1299
1300
0
 leave:
1301
0
  xfree (hexgrip);
1302
0
  xfree (cache_nonce);
1303
0
  xfree (passwd_nonce);
1304
0
  return err;
1305
0
}
1306
1307
1308

1309
/* Fix various problems in the keyblock.  Returns true if the keyblock
1310
   was changed.  Note that a pointer to the keyblock must be given and
1311
   the function may change it (i.e. replacing the first node).  */
1312
static int
1313
fix_keyblock (ctrl_t ctrl, kbnode_t *keyblockp)
1314
0
{
1315
0
  int changed = 0;
1316
1317
0
  if (collapse_uids (keyblockp))
1318
0
    changed++;
1319
0
  if (collapse_subkeys (keyblockp))
1320
0
    changed++;
1321
0
  if (key_check_all_keysigs (ctrl, 1, *keyblockp, 0, 1))
1322
0
    changed++;
1323
0
  reorder_keyblock (*keyblockp);
1324
  /* If we modified the keyblock, make sure the flags are right. */
1325
0
  if (changed)
1326
0
    merge_keys_and_selfsig (ctrl, *keyblockp);
1327
1328
0
  return changed;
1329
0
}
1330
1331
1332
/* Helper to parse the prefix of the sign command STR and set the
1333
 * respective bits in R_FLAGS.  Returns false on error.  */
1334
static int
1335
parse_sign_type (const char *str, unsigned int *r_flags)
1336
0
{
1337
0
  const char *p = str;
1338
1339
0
  while (*p)
1340
0
    {
1341
0
      if (ascii_strncasecmp (p, "l", 1) == 0)
1342
0
  {
1343
0
    *r_flags |= SIGN_UIDS_LOCAL;
1344
0
    p++;
1345
0
  }
1346
0
      else if (ascii_strncasecmp (p, "nr", 2) == 0)
1347
0
  {
1348
0
    *r_flags |= SIGN_UIDS_NONREVOCABLE;
1349
0
    p += 2;
1350
0
  }
1351
0
      else if (ascii_strncasecmp (p, "t", 1) == 0)
1352
0
  {
1353
0
    *r_flags |= SIGN_UIDS_TRUSTSIG;
1354
0
    p++;
1355
0
  }
1356
0
      else
1357
0
  return 0;
1358
0
    }
1359
1360
0
  return 1;
1361
0
}
1362
1363
1364

1365
/*
1366
 * Menu driven key editor.  If seckey_check is true, then a secret key
1367
 * that matches username will be looked for.  If it is false, not all
1368
 * commands will be available.
1369
 *
1370
 * Note: to keep track of certain selections we use node->mark MARKBIT_xxxx.
1371
 */
1372
1373
/* Need an SK for this command */
1374
0
#define KEYEDIT_NEED_SK 1
1375
/* Need an SUB KEY for this command */
1376
0
#define KEYEDIT_NEED_SUBSK 2
1377
/* Match the tail of the string */
1378
0
#define KEYEDIT_TAIL_MATCH 8
1379
1380
enum cmdids
1381
{
1382
  cmdNONE = 0,
1383
  cmdQUIT, cmdHELP, cmdFPR, cmdLIST, cmdSELUID, cmdCHECK, cmdSIGN,
1384
  cmdREVSIG, cmdREVKEY, cmdREVUID, cmdDELSIG, cmdPRIMARY, cmdDEBUG,
1385
  cmdSAVE, cmdADDUID, cmdADDPHOTO, cmdDELUID, cmdADDKEY, cmdDELKEY,
1386
  cmdADDREVOKER, cmdTOGGLE, cmdSELKEY, cmdPASSWD, cmdTRUST, cmdPREF,
1387
  cmdEXPIRE, cmdCHANGEUSAGE, cmdBACKSIGN, cmdADDADSK,
1388
#ifndef NO_TRUST_MODELS
1389
  cmdENABLEKEY, cmdDISABLEKEY,
1390
#endif /*!NO_TRUST_MODELS*/
1391
  cmdSHOWPREF,
1392
  cmdSETPREF, cmdPREFKS, cmdNOTATION, cmdINVCMD, cmdSHOWPHOTO, cmdUPDTRUST,
1393
  cmdCHKTRUST, cmdADDCARDKEY, cmdKEYTOCARD, cmdKEYTOTPM, cmdBKUPTOCARD,
1394
  cmdCLEAN, cmdMINIMIZE, cmdGRIP, cmdNOP
1395
};
1396
1397
static struct
1398
{
1399
  const char *name;
1400
  enum cmdids id;
1401
  int flags;
1402
  const char *desc;
1403
} cmds[] =
1404
{
1405
  { "quit", cmdQUIT, 0, N_("quit this menu")},
1406
  { "q", cmdQUIT, 0, NULL},
1407
  { "save", cmdSAVE, 0, N_("save and quit")},
1408
  { "help", cmdHELP, 0, N_("show this help")},
1409
  { "?", cmdHELP, 0, NULL},
1410
  { "fpr", cmdFPR, 0, N_("show key fingerprint")},
1411
  { "grip", cmdGRIP, 0, N_("show the keygrip")},
1412
  { "list", cmdLIST, 0, N_("list key and user IDs")},
1413
  { "l", cmdLIST, 0, NULL},
1414
  { "uid", cmdSELUID, 0, N_("select user ID N")},
1415
  { "key", cmdSELKEY, 0, N_("select subkey N")},
1416
  { "check", cmdCHECK, 0, N_("check signatures")},
1417
  { "c", cmdCHECK, 0, NULL},
1418
  { "change-usage", cmdCHANGEUSAGE, KEYEDIT_NEED_SK, NULL},
1419
  { "cross-certify", cmdBACKSIGN, KEYEDIT_NEED_SK, NULL},
1420
  { "backsign", cmdBACKSIGN,  KEYEDIT_NEED_SK, NULL},
1421
  { "sign", cmdSIGN,  KEYEDIT_TAIL_MATCH,
1422
    N_("sign selected user IDs [* see below for related commands]")},
1423
  { "s", cmdSIGN, 0, NULL},
1424
    /* "lsign" and friends will never match since "sign" comes first
1425
       and it is a tail match.  They are just here so they show up in
1426
       the help menu. */
1427
  { "lsign", cmdNOP, 0, N_("sign selected user IDs locally")},
1428
  { "tsign", cmdNOP, 0, N_("sign selected user IDs with a trust signature")},
1429
  { "nrsign", cmdNOP, 0,
1430
    N_("sign selected user IDs with a non-revocable signature")},
1431
  { "debug", cmdDEBUG, 0, NULL},
1432
  { "adduid", cmdADDUID,  KEYEDIT_NEED_SK, N_("add a user ID")},
1433
  { "addphoto", cmdADDPHOTO,  KEYEDIT_NEED_SK,
1434
    N_("add a photo ID")},
1435
  { "deluid", cmdDELUID, 0, N_("delete selected user IDs")},
1436
    /* delphoto is really deluid in disguise */
1437
  { "delphoto", cmdDELUID, 0, NULL},
1438
  { "addkey", cmdADDKEY,  KEYEDIT_NEED_SK, N_("add a subkey")},
1439
#ifdef ENABLE_CARD_SUPPORT
1440
  { "addcardkey", cmdADDCARDKEY,  KEYEDIT_NEED_SK,
1441
    N_("add a key to a smartcard")},
1442
  { "keytocard", cmdKEYTOCARD, KEYEDIT_NEED_SK | KEYEDIT_NEED_SUBSK,
1443
    N_("move a key to a smartcard")},
1444
  { "keytotpm", cmdKEYTOTPM, KEYEDIT_NEED_SK | KEYEDIT_NEED_SUBSK,
1445
    N_("convert a key to TPM form using the local TPM")},
1446
  { "bkuptocard", cmdBKUPTOCARD, KEYEDIT_NEED_SK | KEYEDIT_NEED_SUBSK,
1447
    N_("move a backup key to a smartcard")},
1448
#endif /*ENABLE_CARD_SUPPORT */
1449
  { "delkey", cmdDELKEY, 0, N_("delete selected subkeys")},
1450
  { "addrevoker", cmdADDREVOKER,  KEYEDIT_NEED_SK,
1451
    N_("add a revocation key")},
1452
  { "addadsk", cmdADDADSK,  KEYEDIT_NEED_SK,
1453
    N_("add an additional decryption subkey")},
1454
  { "delsig", cmdDELSIG, 0,
1455
    N_("delete signatures from the selected user IDs")},
1456
  { "expire", cmdEXPIRE,  KEYEDIT_NEED_SK | KEYEDIT_NEED_SUBSK,
1457
    N_("change the expiration date for the key or selected subkeys")},
1458
  { "primary", cmdPRIMARY,  KEYEDIT_NEED_SK,
1459
    N_("flag the selected user ID as primary")},
1460
  { "toggle", cmdTOGGLE, KEYEDIT_NEED_SK, NULL},  /* Dummy command.  */
1461
  { "t", cmdTOGGLE, KEYEDIT_NEED_SK, NULL},
1462
  { "pref", cmdPREF, 0, N_("list preferences (expert)")},
1463
  { "showpref", cmdSHOWPREF, 0, N_("list preferences (verbose)")},
1464
  { "setpref", cmdSETPREF,  KEYEDIT_NEED_SK,
1465
    N_("set preference list for the selected user IDs")},
1466
  { "updpref", cmdSETPREF,  KEYEDIT_NEED_SK, NULL},
1467
  { "keyserver", cmdPREFKS,  KEYEDIT_NEED_SK,
1468
    N_("set the preferred keyserver URL for the selected user IDs")},
1469
  { "notation", cmdNOTATION,  KEYEDIT_NEED_SK,
1470
    N_("set a notation for the selected user IDs")},
1471
  { "passwd", cmdPASSWD,  KEYEDIT_NEED_SK | KEYEDIT_NEED_SUBSK,
1472
    N_("change the passphrase")},
1473
  { "password", cmdPASSWD,  KEYEDIT_NEED_SK | KEYEDIT_NEED_SUBSK, NULL},
1474
#ifndef NO_TRUST_MODELS
1475
  { "trust", cmdTRUST, 0, N_("change the ownertrust")},
1476
#endif /*!NO_TRUST_MODELS*/
1477
  { "revsig", cmdREVSIG, 0,
1478
    N_("revoke signatures on the selected user IDs")},
1479
  { "revuid", cmdREVUID,  KEYEDIT_NEED_SK,
1480
    N_("revoke selected user IDs")},
1481
  { "revphoto", cmdREVUID,  KEYEDIT_NEED_SK, NULL},
1482
  { "revkey", cmdREVKEY,  KEYEDIT_NEED_SK,
1483
    N_("revoke key or selected subkeys")},
1484
#ifndef NO_TRUST_MODELS
1485
  { "enable", cmdENABLEKEY, 0, N_("enable key")},
1486
  { "disable", cmdDISABLEKEY, 0, N_("disable key")},
1487
#endif /*!NO_TRUST_MODELS*/
1488
  { "showphoto", cmdSHOWPHOTO, 0, N_("show selected photo IDs")},
1489
  { "clean", cmdCLEAN, 0,
1490
    N_("compact unusable user IDs and remove unusable signatures from key")},
1491
  { "minimize", cmdMINIMIZE, 0,
1492
    N_("compact unusable user IDs and remove all signatures from key")},
1493
1494
  { NULL, cmdNONE, 0, NULL}
1495
};
1496
1497
1498

1499
#ifdef HAVE_LIBREADLINE
1500
1501
/*
1502
   These two functions are used by readline for command completion.
1503
 */
1504
1505
static char *
1506
command_generator (const char *text, int state)
1507
{
1508
  static int list_index, len;
1509
  const char *name;
1510
1511
  /* If this is a new word to complete, initialize now.  This includes
1512
     saving the length of TEXT for efficiency, and initializing the
1513
     index variable to 0. */
1514
  if (!state)
1515
    {
1516
      list_index = 0;
1517
      len = strlen (text);
1518
    }
1519
1520
  /* Return the next partial match */
1521
  while ((name = cmds[list_index].name))
1522
    {
1523
      /* Only complete commands that have help text */
1524
      if (cmds[list_index++].desc && strncmp (name, text, len) == 0)
1525
  return strdup (name);
1526
    }
1527
1528
  return NULL;
1529
}
1530
1531
static char **
1532
keyedit_completion (const char *text, int start, int end)
1533
{
1534
  /* If we are at the start of a line, we try and command-complete.
1535
     If not, just do nothing for now. */
1536
1537
  (void) end;
1538
1539
  if (start == 0)
1540
    return rl_completion_matches (text, command_generator);
1541
1542
  rl_attempted_completion_over = 1;
1543
1544
  return NULL;
1545
}
1546
#endif /* HAVE_LIBREADLINE */
1547
1548
1549

1550
/* Main function of the menu driven key editor.  */
1551
void
1552
keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
1553
        strlist_t commands, int quiet, int seckey_check)
1554
0
{
1555
0
  enum cmdids cmd = 0;
1556
0
  gpg_error_t err = 0;
1557
0
  KBNODE keyblock = NULL;
1558
0
  KEYDB_HANDLE kdbhd = NULL;
1559
0
  int have_seckey = 0;
1560
0
  int have_anyseckey = 0;
1561
0
  char *answer = NULL;
1562
0
  int redisplay = 1;
1563
0
  int modified = 0;
1564
0
  int upload = 0;  /* Set if the key maybe be uploaded.  */
1565
0
  int sec_shadowing = 0;
1566
0
  int run_subkey_warnings = 0;
1567
0
  int have_commands = !!commands;
1568
0
  strlist_t delseckey_list = NULL;
1569
0
  int delseckey_list_warn = 0;
1570
1571
0
  if (opt.command_fd != -1)
1572
0
    ;
1573
0
  else if (opt.batch && !have_commands)
1574
0
    {
1575
0
      log_error (_("can't do this in batch mode\n"));
1576
0
      goto leave;
1577
0
    }
1578
1579
#ifdef HAVE_W32_SYSTEM
1580
  /* Due to Windows peculiarities we need to make sure that the
1581
     trustdb stale check is done before we open another file
1582
     (i.e. by searching for a key).  In theory we could make sure
1583
     that the files are closed after use but the open/close caches
1584
     inhibits that and flushing the cache right before the stale
1585
     check is not easy to implement.  Thus we take the easy way out
1586
     and run the stale check as early as possible.  Note, that for
1587
     non- W32 platforms it is run indirectly through a call to
1588
     get_validity ().  */
1589
  check_trustdb_stale (ctrl);
1590
#endif
1591
1592
  /* Get the public key */
1593
0
  err = get_pubkey_byname (ctrl, GET_PUBKEY_NO_AKL,
1594
0
                           NULL, NULL, username, &keyblock, &kdbhd, 1);
1595
0
  if (err)
1596
0
    {
1597
0
      log_error (_("key \"%s\" not found: %s\n"), username, gpg_strerror (err));
1598
0
      goto leave;
1599
0
    }
1600
1601
0
  if (fix_keyblock (ctrl, &keyblock))
1602
0
    modified++;
1603
1604
  /* See whether we have a matching secret key.  */
1605
0
  if (seckey_check)
1606
0
    {
1607
0
      have_anyseckey = !agent_probe_any_secret_key (ctrl, keyblock);
1608
0
      if (have_anyseckey
1609
0
          && agent_probe_secret_key (ctrl, keyblock->pkt->pkt.public_key))
1610
0
        {
1611
          /* The primary key is also available.   */
1612
0
          have_seckey = 1;
1613
0
        }
1614
1615
0
      if (have_seckey && !quiet)
1616
0
        tty_printf (_("Secret key is available.\n"));
1617
0
      else if (have_anyseckey && !quiet)
1618
0
        tty_printf (_("Secret subkeys are available.\n"));
1619
0
    }
1620
1621
  /* Main command loop.  */
1622
0
  for (;;)
1623
0
    {
1624
0
      int i, arg_number, photo;
1625
0
      const char *arg_string = "";
1626
0
      char *p;
1627
0
      PKT_public_key *pk = keyblock->pkt->pkt.public_key;
1628
1629
0
      tty_printf ("\n");
1630
1631
0
      if (redisplay && !quiet)
1632
0
  {
1633
          /* Show using flags: with_revoker, with_subkeys.  */
1634
0
    show_key_with_all_names (ctrl, NULL, keyblock, 0, 1, 0, 1, 0, 0);
1635
0
    tty_printf ("\n");
1636
0
    redisplay = 0;
1637
0
  }
1638
1639
0
      if (run_subkey_warnings)
1640
0
        {
1641
0
          run_subkey_warnings = 0;
1642
0
          if (!count_selected_keys (keyblock))
1643
0
            subkey_expire_warning (keyblock);
1644
0
          no_usable_encr_subkeys_warning (keyblock);
1645
0
        }
1646
1647
0
      if (delseckey_list_warn)
1648
0
        {
1649
0
          delseckey_list_warn = 0;
1650
0
          tty_printf
1651
0
            (_("Note: the local copy of the secret key"
1652
0
               " will only be deleted with \"save\".\n"));
1653
0
        }
1654
1655
0
      do
1656
0
  {
1657
0
    xfree (answer);
1658
0
    if (have_commands)
1659
0
      {
1660
0
        if (commands)
1661
0
    {
1662
0
      answer = xstrdup (commands->d);
1663
0
      commands = commands->next;
1664
0
    }
1665
0
        else if (opt.batch)
1666
0
    {
1667
0
      answer = xstrdup ("quit");
1668
0
    }
1669
0
        else
1670
0
    have_commands = 0;
1671
0
      }
1672
0
    if (!have_commands)
1673
0
      {
1674
#ifdef HAVE_LIBREADLINE
1675
        tty_enable_completion (keyedit_completion);
1676
#endif
1677
0
        answer = cpr_get_no_help ("keyedit.prompt", GPG_NAME "> ");
1678
0
        cpr_kill_prompt ();
1679
0
        tty_disable_completion ();
1680
0
      }
1681
0
    trim_spaces (answer);
1682
0
  }
1683
0
      while (*answer == '#');
1684
1685
0
      arg_number = 0; /* Here is the init which egcc complains about.  */
1686
0
      photo = 0;      /* Same here. */
1687
0
      if (!*answer)
1688
0
  cmd = cmdLIST;
1689
0
      else if (*answer == CONTROL_D)
1690
0
  cmd = cmdQUIT;
1691
0
      else if (digitp (answer))
1692
0
  {
1693
0
    cmd = cmdSELUID;
1694
0
    arg_number = atoi (answer);
1695
0
  }
1696
0
      else
1697
0
  {
1698
0
    if ((p = strchr (answer, ' ')))
1699
0
      {
1700
0
        *p++ = 0;
1701
0
        trim_spaces (answer);
1702
0
        trim_spaces (p);
1703
0
        arg_number = atoi (p);
1704
0
        arg_string = p;
1705
0
      }
1706
1707
0
    for (i = 0; cmds[i].name; i++)
1708
0
      {
1709
0
        if (cmds[i].flags & KEYEDIT_TAIL_MATCH)
1710
0
    {
1711
0
      size_t l = strlen (cmds[i].name);
1712
0
      size_t a = strlen (answer);
1713
0
      if (a >= l)
1714
0
        {
1715
0
          if (!ascii_strcasecmp (&answer[a - l], cmds[i].name))
1716
0
      {
1717
0
        answer[a - l] = '\0';
1718
0
        break;
1719
0
      }
1720
0
        }
1721
0
    }
1722
0
        else if (!ascii_strcasecmp (answer, cmds[i].name))
1723
0
    break;
1724
0
      }
1725
0
    if ((cmds[i].flags & (KEYEDIT_NEED_SK|KEYEDIT_NEED_SUBSK))
1726
0
              && !(((cmds[i].flags & KEYEDIT_NEED_SK) && have_seckey)
1727
0
                   || ((cmds[i].flags & KEYEDIT_NEED_SUBSK) && have_anyseckey)))
1728
0
      {
1729
0
        tty_printf (_("Need the secret key to do this.\n"));
1730
0
        cmd = cmdNOP;
1731
0
      }
1732
0
          else
1733
0
      cmd = cmds[i].id;
1734
0
  }
1735
1736
      /* Dispatch the command.  */
1737
0
      switch (cmd)
1738
0
  {
1739
0
  case cmdHELP:
1740
0
    for (i = 0; cmds[i].name; i++)
1741
0
      {
1742
0
              if ((cmds[i].flags & (KEYEDIT_NEED_SK|KEYEDIT_NEED_SUBSK))
1743
0
                  && !(((cmds[i].flags & KEYEDIT_NEED_SK) && have_seckey)
1744
0
                       ||((cmds[i].flags&KEYEDIT_NEED_SUBSK)&&have_anyseckey)))
1745
0
    ; /* Skip those item if we do not have the secret key.  */
1746
0
        else if (cmds[i].desc)
1747
0
    tty_printf ("%-11s %s\n", cmds[i].name, _(cmds[i].desc));
1748
0
      }
1749
1750
0
    tty_printf ("\n");
1751
0
    tty_printf
1752
0
            (_("* The 'sign' command may be prefixed with an 'l' for local "
1753
0
               "signatures (lsign),\n"
1754
0
               "  a 't' for trust signatures (tsign), an 'nr' for "
1755
0
               "non-revocable signatures\n"
1756
0
               "  (nrsign), or any combination thereof (ltsign, "
1757
0
               "tnrsign, etc.).\n"));
1758
0
    break;
1759
1760
0
  case cmdLIST:
1761
0
    redisplay = 1;
1762
0
    break;
1763
1764
0
  case cmdFPR:
1765
0
    show_key_and_fingerprint
1766
0
            (ctrl,
1767
0
             keyblock, (*arg_string == '*'
1768
0
                        && (!arg_string[1] || spacep (arg_string + 1))));
1769
0
    break;
1770
1771
0
  case cmdGRIP:
1772
0
    show_key_and_grip (keyblock);
1773
0
    break;
1774
1775
0
  case cmdSELUID:
1776
0
    if (strlen (arg_string) == NAMEHASH_LEN * 2)
1777
0
      redisplay = menu_select_uid_namehash (keyblock, arg_string);
1778
0
    else
1779
0
      {
1780
0
        if (*arg_string == '*'
1781
0
      && (!arg_string[1] || spacep (arg_string + 1)))
1782
0
    arg_number = -1; /* Select all. */
1783
0
        redisplay = menu_select_uid (keyblock, arg_number);
1784
0
      }
1785
0
    break;
1786
1787
0
  case cmdSELKEY:
1788
0
    {
1789
0
      if (*arg_string == '*'
1790
0
    && (!arg_string[1] || spacep (arg_string + 1)))
1791
0
        arg_number = -1; /* Select all. */
1792
0
      if (menu_select_key (keyblock, arg_number, p))
1793
0
        redisplay = 1;
1794
0
    }
1795
0
    break;
1796
1797
0
  case cmdCHECK:
1798
0
    if (key_check_all_keysigs (ctrl, -1, keyblock,
1799
0
             count_selected_uids (keyblock),
1800
0
             !strcmp (arg_string, "selfsig")))
1801
0
            modified = 1;
1802
0
    break;
1803
1804
0
  case cmdSIGN:
1805
0
    {
1806
0
            unsigned int myflags = 0;
1807
0
            int my_modified = 0;
1808
1809
0
      if (pk->flags.revoked)
1810
0
        {
1811
0
    tty_printf (_("Key is revoked."));
1812
1813
0
    if (opt.expert)
1814
0
      {
1815
0
        tty_printf ("  ");
1816
0
        if (!cpr_get_answer_is_yes
1817
0
                        ("keyedit.sign_revoked.okay",
1818
0
                         _("Are you sure you still want to sign it? (y/N) ")))
1819
0
          break;
1820
0
      }
1821
0
    else
1822
0
      {
1823
0
        tty_printf (_("  Unable to sign.\n"));
1824
0
        break;
1825
0
      }
1826
0
        }
1827
1828
0
      if (count_uids (keyblock) > 1 && !count_selected_uids (keyblock))
1829
0
              {
1830
0
                int result;
1831
0
                if (opt.only_sign_text_ids)
1832
0
                  result = cpr_get_answer_is_yes
1833
0
                    ("keyedit.sign_all.okay",
1834
0
                     _("Really sign all text user IDs? (y/N) "));
1835
0
                else
1836
0
                  result = cpr_get_answer_is_yes
1837
0
                    ("keyedit.sign_all.okay",
1838
0
                     _("Really sign all user IDs? (y/N) "));
1839
1840
0
                if (! result)
1841
0
                  {
1842
0
                    if (opt.interactive)
1843
0
                      myflags |= SIGN_UIDS_INTERACTIVE;
1844
0
                    else
1845
0
                      {
1846
0
                        tty_printf (_("Hint: Select the user IDs to sign\n"));
1847
0
                        have_commands = 0;
1848
0
                        break;
1849
0
                      }
1850
1851
0
                  }
1852
0
              }
1853
1854
      /* What sort of signing are we doing? */
1855
0
      if (!parse_sign_type (answer, &myflags))
1856
0
        {
1857
0
    tty_printf (_("Unknown signature type '%s'\n"), answer);
1858
0
    break;
1859
0
        }
1860
1861
0
      sign_uids (ctrl, NULL, keyblock, locusr, myflags,
1862
0
                       NULL, &my_modified);
1863
0
            if (my_modified)  /* sign_uids modified the keyblock      */
1864
0
              modified = 1;   /* thus set the general modified flag.  */
1865
0
            if (my_modified && !(myflags & SIGN_UIDS_LOCAL))
1866
0
              upload = 1;     /* exportable signature -> mark uploadable.  */
1867
0
    }
1868
0
    break;
1869
1870
0
  case cmdDEBUG:
1871
0
    dump_kbnode (keyblock);
1872
0
    break;
1873
1874
0
  case cmdTOGGLE:
1875
          /* The toggle command is a leftover from old gpg versions
1876
             where we worked with a secret and a public keyring.  It
1877
             is not necessary anymore but we keep this command for the
1878
             sake of scripts using it.  */
1879
0
    redisplay = 1;
1880
0
    break;
1881
1882
0
  case cmdADDPHOTO:
1883
0
    if (RFC2440)
1884
0
      {
1885
0
        tty_printf (_("This command is not allowed while in %s mode.\n"),
1886
0
        gnupg_compliance_option_string (opt.compliance));
1887
0
        break;
1888
0
      }
1889
0
    photo = 1;
1890
    /* fall through */
1891
0
  case cmdADDUID:
1892
0
    if (menu_adduid (ctrl, keyblock, photo, arg_string, NULL))
1893
0
      {
1894
0
        update_trust = 1;
1895
0
        redisplay = 1;
1896
0
        modified = 1;
1897
0
              upload = 1;
1898
0
        merge_keys_and_selfsig (ctrl, keyblock);
1899
0
      }
1900
0
    break;
1901
1902
0
  case cmdDELUID:
1903
0
    {
1904
0
      int n1;
1905
1906
0
      if (!(n1 = count_selected_uids (keyblock)))
1907
0
              {
1908
0
                tty_printf (_("You must select at least one user ID.\n"));
1909
0
                if (!opt.expert)
1910
0
                  tty_printf (_("(Use the '%s' command.)\n"), "uid");
1911
0
              }
1912
0
      else if (real_uids_left (keyblock) < 1)
1913
0
        tty_printf (_("You can't delete the last user ID!\n"));
1914
0
      else if (cpr_get_answer_is_yes
1915
0
                     ("keyedit.remove.uid.okay",
1916
0
                      n1 > 1 ? _("Really remove all selected user IDs? (y/N) ")
1917
0
                      :        _("Really remove this user ID? (y/N) ")))
1918
0
        {
1919
0
    menu_deluid (keyblock);
1920
0
    redisplay = 1;
1921
0
    modified = 1;
1922
                /* upload does not make sense here.  Eventually we may
1923
                 * decide to delete a key from the keyserver.*/
1924
0
        }
1925
0
    }
1926
0
    break;
1927
1928
0
  case cmdDELSIG:
1929
0
    {
1930
0
      int n1;
1931
1932
0
      if (!(n1 = count_selected_uids (keyblock)))
1933
0
              {
1934
0
                tty_printf (_("You must select at least one user ID.\n"));
1935
0
                if (!opt.expert)
1936
0
                  tty_printf (_("(Use the '%s' command.)\n"), "uid");
1937
0
              }
1938
0
      else if (menu_delsig (ctrl, keyblock))
1939
0
        {
1940
    /* No redisplay here, because it may scroll away some
1941
     * of the status output of this command.  */
1942
0
    modified = 1;
1943
0
        }
1944
0
    }
1945
0
    break;
1946
1947
0
  case cmdADDKEY:
1948
0
    if (!generate_subkeypair (ctrl, keyblock, NULL, NULL, NULL))
1949
0
      {
1950
0
        redisplay = 1;
1951
0
        modified = 1;
1952
0
              upload = 1;
1953
0
        merge_keys_and_selfsig (ctrl, keyblock);
1954
0
      }
1955
0
    break;
1956
1957
#ifdef ENABLE_CARD_SUPPORT
1958
  case cmdADDCARDKEY:
1959
    if (!card_generate_subkey (ctrl, keyblock))
1960
      {
1961
        redisplay = 1;
1962
        modified = 1;
1963
              upload = 1;
1964
        merge_keys_and_selfsig (ctrl, keyblock);
1965
      }
1966
    break;
1967
1968
  case cmdKEYTOTPM:
1969
    /* FIXME need to store the key and not commit until later */
1970
    {
1971
      kbnode_t node = NULL;
1972
      switch (count_selected_keys (keyblock))
1973
        {
1974
        case 0:
1975
    if (cpr_get_answer_is_yes
1976
                    ("keyedit.keytocard.use_primary",
1977
                     /* TRANSLATORS: Please take care: This is about
1978
                        moving the key and not about removing it.  */
1979
                     _("Really move the primary key? (y/N) ")))
1980
      node = keyblock;
1981
    break;
1982
        case 1:
1983
    for (node = keyblock; node; node = node->next)
1984
      {
1985
        if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY
1986
      && node->flag & NODFLG_SELKEY)
1987
          break;
1988
      }
1989
    break;
1990
        default:
1991
    tty_printf (_("You must select exactly one key.\n"));
1992
    break;
1993
        }
1994
      if (node)
1995
        {
1996
    PKT_public_key *xxpk = node->pkt->pkt.public_key;
1997
    char *hexgrip;
1998
1999
    hexkeygrip_from_pk (xxpk, &hexgrip);
2000
    if (!agent_keytotpm (ctrl, hexgrip))
2001
      {
2002
        redisplay = 1;
2003
      }
2004
    xfree (hexgrip);
2005
        }
2006
    }
2007
    break;
2008
2009
  case cmdKEYTOCARD:
2010
    {
2011
      KBNODE node = NULL;
2012
      switch (count_selected_keys (keyblock))
2013
        {
2014
        case 0:
2015
    if (cpr_get_answer_is_yes
2016
                    ("keyedit.keytocard.use_primary",
2017
                     /* TRANSLATORS: Please take care: This is about
2018
                        moving the key and not about removing it.  */
2019
                     _("Really move the primary key? (y/N) ")))
2020
      node = keyblock;
2021
    break;
2022
        case 1:
2023
    for (node = keyblock; node; node = node->next)
2024
      {
2025
        if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY
2026
      && node->flag & NODFLG_SELKEY)
2027
          break;
2028
      }
2029
    break;
2030
        default:
2031
    tty_printf (_("You must select exactly one key.\n"));
2032
    break;
2033
        }
2034
      if (node)
2035
        {
2036
    PKT_public_key *xxpk = node->pkt->pkt.public_key;
2037
    if (card_store_subkey (node, xxpk ? xxpk->pubkey_usage : 0,
2038
                                       &delseckey_list, NULL))
2039
      {
2040
        redisplay = 1;
2041
        sec_shadowing = 1;
2042
                    delseckey_list_warn = 1;
2043
      }
2044
        }
2045
    }
2046
    break;
2047
2048
  case cmdBKUPTOCARD:
2049
    {
2050
      /* Ask for a filename, check whether this is really a
2051
         backup key as generated by the card generation, parse
2052
         that key and store it on card. */
2053
      kbnode_t node;
2054
      char *fname;
2055
      PACKET *pkt;
2056
      IOBUF a;
2057
            struct parse_packet_ctx_s parsectx;
2058
            int lastmode, used_use;
2059
2060
            if (!*arg_string)
2061
        {
2062
    tty_printf (_("Command expects a filename argument\n"));
2063
    break;
2064
        }
2065
2066
            if (*arg_string == DIRSEP_C)
2067
              fname = xstrdup (arg_string);
2068
            else if (*arg_string == '~')
2069
              fname = make_filename (arg_string, NULL);
2070
            else
2071
              fname = make_filename (gnupg_homedir (), arg_string, NULL);
2072
2073
      /* Open that file.  */
2074
      a = iobuf_open (fname);
2075
      if (a && is_secured_file (iobuf_get_fd (a)))
2076
        {
2077
    iobuf_close (a);
2078
    a = NULL;
2079
    gpg_err_set_errno (EPERM);
2080
        }
2081
            if (!a)
2082
              {
2083
                tty_printf (_("Can't open '%s': %s\n"),
2084
                            fname, strerror (errno));
2085
                xfree (fname);
2086
                break;
2087
              }
2088
2089
      /* Parse and check that file.  */
2090
      pkt = xmalloc (sizeof *pkt);
2091
      init_packet (pkt);
2092
            init_parse_packet (&parsectx, a);
2093
      err = parse_packet (&parsectx, pkt);
2094
      deinit_parse_packet (&parsectx);
2095
            iobuf_close (a);
2096
      iobuf_ioctl (NULL, IOBUF_IOCTL_INVALIDATE_CACHE, 0, (char *) fname);
2097
      if (!err && pkt->pkttype != PKT_SECRET_KEY
2098
    && pkt->pkttype != PKT_SECRET_SUBKEY)
2099
        err = GPG_ERR_NO_SECKEY;
2100
            if (err)
2101
              {
2102
                tty_printf (_("Error reading backup key from '%s': %s\n"),
2103
                            fname, gpg_strerror (err));
2104
                xfree (fname);
2105
                free_packet (pkt, NULL);
2106
                xfree (pkt);
2107
                break;
2108
              }
2109
2110
      xfree (fname);
2111
      node = new_kbnode (pkt);
2112
2113
            err = agent_set_ephemeral_mode (ctrl, 1, &lastmode);
2114
            if (err)
2115
              log_error ("error switching to ephemeral mode: %s\n",
2116
                         gpg_strerror (err));
2117
            else
2118
              {
2119
                /* Transfer it to gpg-agent which handles secret keys.  */
2120
                err = transfer_secret_keys (ctrl, NULL, node, 1, 1, 0);
2121
                if (!err)
2122
                  {
2123
                    /* Treat the pkt as a public key.  */
2124
                    pkt->pkttype = PKT_PUBLIC_KEY;
2125
2126
                    /* Ask gpg-agent to store the secret key to card.  */
2127
                    if (card_store_subkey (node, 0, NULL, &used_use))
2128
                      {
2129
                        /* Success: the key is now on the card.  */
2130
                        redisplay = 1;
2131
                        sec_shadowing = 1;
2132
                        /* We now have to add the public key to the
2133
                         * keyblock.  This will always be a subkey.  */
2134
                        err = append_subkey_to_keyblock (ctrl, keyblock,
2135
                                                         pkt->pkt.public_key,
2136
                                                         used_use);
2137
                        if (!err || gpg_err_code (err) == GPG_ERR_EEXIST)
2138
                          {
2139
                            err = 0;
2140
                            merge_keys_and_selfsig (ctrl, keyblock);
2141
                            modified = 1;
2142
                          }
2143
                      }
2144
                  }
2145
                if (!lastmode && agent_set_ephemeral_mode (ctrl, 0, NULL))
2146
                  log_error ("error clearing the ephemeral mode\n");
2147
              }
2148
            release_kbnode (node);
2149
          }
2150
          break;
2151
2152
#endif /* ENABLE_CARD_SUPPORT */
2153
2154
0
  case cmdDELKEY:
2155
0
    {
2156
0
      int n1;
2157
2158
0
      if (!(n1 = count_selected_keys (keyblock)))
2159
0
              {
2160
0
                tty_printf (_("You must select at least one key.\n"));
2161
0
                if (!opt.expert)
2162
0
                  tty_printf (_("(Use the '%s' command.)\n"), "key");
2163
0
              }
2164
0
      else if (!cpr_get_answer_is_yes
2165
0
                     ("keyedit.remove.subkey.okay",
2166
0
                      n1 > 1 ? _("Do you really want to delete the "
2167
0
                                 "selected keys? (y/N) ")
2168
0
                      :  _("Do you really want to delete this key? (y/N) ")))
2169
0
        ;
2170
0
      else
2171
0
        {
2172
0
    menu_delkey (keyblock);
2173
0
    redisplay = 1;
2174
0
    modified = 1;
2175
                /* upload does not make sense. */
2176
0
        }
2177
0
    }
2178
0
    break;
2179
2180
0
  case cmdADDREVOKER:
2181
0
    {
2182
0
      int sensitive = 0;
2183
2184
0
      if (ascii_strcasecmp (arg_string, "sensitive") == 0)
2185
0
        sensitive = 1;
2186
0
      if (menu_addrevoker (ctrl, keyblock, sensitive))
2187
0
        {
2188
0
    redisplay = 1;
2189
0
    modified = 1;
2190
0
                upload = 1;
2191
0
    merge_keys_and_selfsig (ctrl, keyblock);
2192
0
        }
2193
0
    }
2194
0
    break;
2195
2196
0
  case cmdADDADSK:
2197
0
          if (menu_addadsk (ctrl, keyblock, NULL))
2198
0
            {
2199
0
              redisplay = 1;
2200
0
              modified = 1;
2201
0
              upload = 1;
2202
0
              merge_keys_and_selfsig (ctrl, keyblock);
2203
0
            }
2204
0
    break;
2205
2206
0
  case cmdREVUID:
2207
0
    {
2208
0
      int n1;
2209
2210
0
      if (!(n1 = count_selected_uids (keyblock)))
2211
0
              {
2212
0
                tty_printf (_("You must select at least one user ID.\n"));
2213
0
                if (!opt.expert)
2214
0
                  tty_printf (_("(Use the '%s' command.)\n"), "uid");
2215
0
              }
2216
0
      else if (cpr_get_answer_is_yes
2217
0
                     ("keyedit.revoke.uid.okay",
2218
0
                      n1 > 1 ? _("Really revoke all selected user IDs? (y/N) ")
2219
0
          :        _("Really revoke this user ID? (y/N) ")))
2220
0
        {
2221
0
    if (menu_revuid (ctrl, keyblock))
2222
0
      {
2223
0
        modified = 1;
2224
0
        redisplay = 1;
2225
0
                    upload = 1;
2226
0
      }
2227
0
        }
2228
0
    }
2229
0
    break;
2230
2231
0
  case cmdREVKEY:
2232
0
    {
2233
0
      int n1;
2234
2235
0
      if (!(n1 = count_selected_keys (keyblock)))
2236
0
        {
2237
0
    if (cpr_get_answer_is_yes ("keyedit.revoke.subkey.okay",
2238
0
             _("Do you really want to revoke"
2239
0
               " the entire key? (y/N) ")))
2240
0
      {
2241
0
        if (menu_revkey (ctrl, keyblock))
2242
0
                      {
2243
0
                        modified = 1;
2244
0
                        upload = 1;
2245
0
                      }
2246
2247
0
        redisplay = 1;
2248
0
      }
2249
0
        }
2250
0
      else if (cpr_get_answer_is_yes ("keyedit.revoke.subkey.okay",
2251
0
              n1 > 1 ?
2252
0
              _("Do you really want to revoke"
2253
0
                " the selected subkeys? (y/N) ")
2254
0
              : _("Do you really want to revoke"
2255
0
            " this subkey? (y/N) ")))
2256
0
        {
2257
0
    if (menu_revsubkey (ctrl, keyblock))
2258
0
                  {
2259
0
                    modified = 1;
2260
0
                    upload = 1;
2261
0
                  }
2262
2263
0
    redisplay = 1;
2264
0
        }
2265
2266
0
      if (modified)
2267
0
        merge_keys_and_selfsig (ctrl, keyblock);
2268
0
    }
2269
0
    break;
2270
2271
0
  case cmdEXPIRE:
2272
0
    if (gpg_err_code (menu_expire (ctrl, keyblock, 0, 0)) == GPG_ERR_TRUE)
2273
0
      {
2274
0
        merge_keys_and_selfsig (ctrl, keyblock);
2275
0
              run_subkey_warnings = 1;
2276
0
        modified = 1;
2277
0
              upload = 1;
2278
0
        redisplay = 1;
2279
0
      }
2280
0
    break;
2281
2282
0
  case cmdCHANGEUSAGE:
2283
0
    if (menu_changeusage (ctrl, keyblock))
2284
0
      {
2285
0
        merge_keys_and_selfsig (ctrl, keyblock);
2286
0
        modified = 1;
2287
0
              upload = 1;
2288
0
        redisplay = 1;
2289
0
      }
2290
0
    break;
2291
2292
0
  case cmdBACKSIGN:
2293
0
    if (menu_backsign (ctrl, keyblock))
2294
0
      {
2295
0
        modified = 1;
2296
0
              upload = 1;
2297
0
        redisplay = 1;
2298
0
      }
2299
0
    break;
2300
2301
0
  case cmdPRIMARY:
2302
0
    if (menu_set_primary_uid (ctrl, keyblock))
2303
0
      {
2304
0
        merge_keys_and_selfsig (ctrl, keyblock);
2305
0
        modified = 1;
2306
0
              upload = 1;
2307
0
        redisplay = 1;
2308
0
      }
2309
0
    break;
2310
2311
0
  case cmdPASSWD:
2312
0
    change_passphrase (ctrl, keyblock);
2313
0
    break;
2314
2315
0
#ifndef NO_TRUST_MODELS
2316
0
  case cmdTRUST:
2317
0
    if (opt.trust_model == TM_EXTERNAL)
2318
0
      {
2319
0
        tty_printf (_("Owner trust may not be set while "
2320
0
          "using a user provided trust database\n"));
2321
0
        break;
2322
0
      }
2323
2324
0
    show_key_with_all_names (ctrl, NULL, keyblock, 0, 0, 0, 1, 0, 0);
2325
0
    tty_printf ("\n");
2326
0
    if (edit_ownertrust (ctrl, find_kbnode (keyblock,
2327
0
              PKT_PUBLIC_KEY)->pkt->pkt.
2328
0
             public_key, 1))
2329
0
      {
2330
0
        redisplay = 1;
2331
        /* No real need to set update_trust here as
2332
           edit_ownertrust() calls revalidation_mark()
2333
           anyway. */
2334
0
        update_trust = 1;
2335
0
      }
2336
0
    break;
2337
0
#endif /*!NO_TRUST_MODELS*/
2338
2339
0
  case cmdPREF:
2340
0
    {
2341
0
      int count = count_selected_uids (keyblock);
2342
0
      log_assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY);
2343
0
      show_names (ctrl, NULL, keyblock, keyblock->pkt->pkt.public_key,
2344
0
      count ? NODFLG_SELUID : 0, 1);
2345
0
    }
2346
0
    break;
2347
2348
0
  case cmdSHOWPREF:
2349
0
    {
2350
0
      int count = count_selected_uids (keyblock);
2351
0
      log_assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY);
2352
0
      show_names (ctrl, NULL, keyblock, keyblock->pkt->pkt.public_key,
2353
0
      count ? NODFLG_SELUID : 0, 2);
2354
0
    }
2355
0
    break;
2356
2357
0
  case cmdSETPREF:
2358
0
    {
2359
0
      PKT_user_id *tempuid;
2360
2361
0
      keygen_set_std_prefs (!*arg_string ? "default" : arg_string, 0);
2362
2363
0
      tempuid = keygen_get_std_prefs ();
2364
0
      tty_printf (_("Set preference list to:\n"));
2365
0
      show_prefs (tempuid, NULL, 1);
2366
0
      free_user_id (tempuid);
2367
2368
0
      if (cpr_get_answer_is_yes
2369
0
                ("keyedit.setpref.okay",
2370
0
                 count_selected_uids (keyblock) ?
2371
0
                 _("Really update the preferences"
2372
0
                   " for the selected user IDs? (y/N) ")
2373
0
                 : _("Really update the preferences? (y/N) ")))
2374
0
        {
2375
0
    if (menu_set_preferences (ctrl, keyblock, 0))
2376
0
      {
2377
0
        merge_keys_and_selfsig (ctrl, keyblock);
2378
0
        modified = 1;
2379
0
                    upload = 1;
2380
0
        redisplay = 1;
2381
0
      }
2382
0
        }
2383
0
    }
2384
0
    break;
2385
2386
0
  case cmdPREFKS:
2387
0
    if (menu_set_keyserver_url (ctrl, *arg_string ? arg_string : NULL,
2388
0
              keyblock))
2389
0
      {
2390
0
        merge_keys_and_selfsig (ctrl, keyblock);
2391
0
        modified = 1;
2392
0
              upload = 1;
2393
0
        redisplay = 1;
2394
0
      }
2395
0
    break;
2396
2397
0
  case cmdNOTATION:
2398
0
    if (menu_set_notation (ctrl, *arg_string ? arg_string : NULL,
2399
0
         keyblock))
2400
0
      {
2401
0
        merge_keys_and_selfsig (ctrl, keyblock);
2402
0
        modified = 1;
2403
0
              upload = 1;
2404
0
        redisplay = 1;
2405
0
      }
2406
0
    break;
2407
2408
0
  case cmdNOP:
2409
0
    break;
2410
2411
0
  case cmdREVSIG:
2412
0
    if (menu_revsig (ctrl, keyblock))
2413
0
      {
2414
0
        redisplay = 1;
2415
0
        modified = 1;
2416
0
              upload = 1;
2417
0
      }
2418
0
    break;
2419
2420
0
#ifndef NO_TRUST_MODELS
2421
0
  case cmdENABLEKEY:
2422
0
  case cmdDISABLEKEY:
2423
0
    if (enable_disable_key (ctrl, keyblock, cmd == cmdDISABLEKEY))
2424
0
      {
2425
0
        redisplay = 1;
2426
0
        modified = 1;
2427
0
      }
2428
0
    break;
2429
0
#endif /*!NO_TRUST_MODELS*/
2430
2431
0
  case cmdSHOWPHOTO:
2432
0
    menu_showphoto (ctrl, keyblock);
2433
0
    break;
2434
2435
0
  case cmdCLEAN:
2436
0
    if (menu_clean (ctrl, keyblock, 0))
2437
0
      redisplay = modified = 1;
2438
0
    break;
2439
2440
0
  case cmdMINIMIZE:
2441
0
    if (menu_clean (ctrl, keyblock, EXPORT_MINIMAL))
2442
0
      redisplay = modified = 1;
2443
0
    break;
2444
2445
0
  case cmdQUIT:
2446
0
    if (have_commands)
2447
0
      goto leave;
2448
0
    if (!modified && !sec_shadowing)
2449
0
      goto leave;
2450
0
    if (!cpr_get_answer_is_yes ("keyedit.save.okay",
2451
0
              _("Save changes? (y/N) ")))
2452
0
      {
2453
0
        if (cpr_enabled ()
2454
0
      || cpr_get_answer_is_yes ("keyedit.cancel.okay",
2455
0
              _("Quit without saving? (y/N) ")))
2456
0
    goto leave;
2457
0
        break;
2458
0
      }
2459
    /* fall through */
2460
0
  case cmdSAVE:
2461
0
    if (modified)
2462
0
      {
2463
0
              err = keydb_update_keyblock (ctrl, kdbhd, keyblock);
2464
0
              if (err)
2465
0
                {
2466
0
                  log_error (_("update failed: %s\n"), gpg_strerror (err));
2467
0
                  break;
2468
0
                }
2469
0
              if (upload)
2470
0
                {
2471
0
                  maybe_upload_key (ctrl, keyblock);
2472
0
                  upload = 0;
2473
0
                }
2474
0
      }
2475
2476
0
          if (delseckey_list)
2477
0
            {
2478
0
              strlist_t sl;
2479
0
              for (err = 0, sl = delseckey_list; sl; sl = sl->next)
2480
0
                {
2481
0
                  if (*sl->d)
2482
0
                    {
2483
0
                      err = agent_delete_key (ctrl, sl->d, NULL, 1/*force*/);
2484
0
                      if (err)
2485
0
                        break;
2486
0
                      *sl->d = 0;  /* Mark deleted.  */
2487
0
                    }
2488
0
                }
2489
0
              if (err)
2490
0
                {
2491
0
                  log_error (_("deleting copy of secret key failed: %s\n"),
2492
0
                             gpg_strerror (err));
2493
0
                  break; /* the "save".  */
2494
0
                }
2495
0
            }
2496
2497
0
    if (sec_shadowing)
2498
0
      {
2499
0
        err = agent_scd_learn (NULL, 1);
2500
0
        if (err)
2501
0
                {
2502
0
                  log_error (_("update failed: %s\n"), gpg_strerror (err));
2503
0
                  break;
2504
0
                }
2505
0
      }
2506
2507
0
    if (!modified && !sec_shadowing)
2508
0
      tty_printf (_("Key not changed so no update needed.\n"));
2509
2510
0
    if (update_trust)
2511
0
      {
2512
0
        revalidation_mark (ctrl);
2513
0
        update_trust = 0;
2514
0
      }
2515
0
    goto leave;
2516
2517
0
  case cmdINVCMD:
2518
0
  default:
2519
0
    tty_printf ("\n");
2520
0
    tty_printf (_("Invalid command  (try \"help\")\n"));
2521
0
    break;
2522
0
  }
2523
0
    } /* End of the main command loop.  */
2524
2525
0
 leave:
2526
0
  free_strlist (delseckey_list);
2527
0
  release_kbnode (keyblock);
2528
0
  keydb_release (kdbhd);
2529
0
  xfree (answer);
2530
0
}
2531
2532
2533
/* Helper to upload a key to an LDAP server if configured.  */
2534
static void
2535
maybe_upload_key (ctrl_t ctrl, kbnode_t keyblock)
2536
0
{
2537
0
  unsigned int saved_options;
2538
2539
0
  if (!opt.flags.auto_key_upload)
2540
0
    return;
2541
2542
0
  saved_options = opt.keyserver_options.options;
2543
0
  opt.keyserver_options.options |= KEYSERVER_LDAP_ONLY;
2544
0
  opt.keyserver_options.options |= KEYSERVER_WARN_ONLY;
2545
0
  keyserver_export_pubkey (ctrl, keyblock->pkt->pkt.public_key, 0);
2546
0
  opt.keyserver_options.options = saved_options;
2547
0
}
2548
2549
2550
/* Change the passphrase of the secret key identified by USERNAME.  */
2551
void
2552
keyedit_passwd (ctrl_t ctrl, const char *username)
2553
0
{
2554
0
  gpg_error_t err;
2555
0
  PKT_public_key *pk;
2556
0
  kbnode_t keyblock = NULL;
2557
2558
0
  pk = xtrycalloc (1, sizeof *pk);
2559
0
  if (!pk)
2560
0
    {
2561
0
      err = gpg_error_from_syserror ();
2562
0
      goto leave;
2563
0
    }
2564
0
  err = getkey_byname (ctrl, NULL, pk, username, 1, &keyblock);
2565
0
  if (err)
2566
0
    goto leave;
2567
2568
0
  err = change_passphrase (ctrl, keyblock);
2569
2570
0
leave:
2571
0
  release_kbnode (keyblock);
2572
0
  free_public_key (pk);
2573
0
  if (err)
2574
0
    {
2575
0
      log_info ("error changing the passphrase for '%s': %s\n",
2576
0
    username, gpg_strerror (err));
2577
0
      write_status_error ("keyedit.passwd", err);
2578
0
    }
2579
0
  else
2580
0
    write_status_text (STATUS_SUCCESS, "keyedit.passwd");
2581
0
}
2582
2583
2584
/* Helper for quick commands to find the keyblock for USERNAME.
2585
 * Returns on success the key database handle at R_KDBHD and the
2586
 * keyblock at R_KEYBLOCK.  */
2587
static gpg_error_t
2588
quick_find_keyblock (ctrl_t ctrl, const char *username, int want_secret,
2589
                     KEYDB_HANDLE *r_kdbhd, kbnode_t *r_keyblock)
2590
0
{
2591
0
  gpg_error_t err;
2592
0
  KEYDB_HANDLE kdbhd = NULL;
2593
0
  kbnode_t keyblock = NULL;
2594
0
  KEYDB_SEARCH_DESC desc;
2595
0
  kbnode_t node;
2596
2597
0
  *r_kdbhd = NULL;
2598
0
  *r_keyblock = NULL;
2599
2600
  /* Search the key; we don't want the whole getkey stuff here.  */
2601
0
  kdbhd = keydb_new (ctrl);
2602
0
  if (!kdbhd)
2603
0
    {
2604
      /* Note that keydb_new has already used log_error.  */
2605
0
      err = gpg_error_from_syserror ();
2606
0
      goto leave;
2607
0
    }
2608
0
  err = keydb_lock (kdbhd);
2609
0
  if (err)
2610
0
    goto leave;
2611
2612
0
  err = classify_user_id (username, &desc, 1);
2613
0
  if (!err)
2614
0
    err = keydb_search (kdbhd, &desc, 1, NULL);
2615
0
  if (!err)
2616
0
    {
2617
0
      err = keydb_get_keyblock (kdbhd, &keyblock);
2618
0
      if (err)
2619
0
        {
2620
0
          log_error (_("error reading keyblock: %s\n"), gpg_strerror (err));
2621
0
          goto leave;
2622
0
        }
2623
      /* Now with the keyblock retrieved, search again to detect an
2624
         ambiguous specification.  We need to save the found state so
2625
         that we can do an update later.  */
2626
0
      keydb_push_found_state (kdbhd);
2627
0
      err = keydb_search (kdbhd, &desc, 1, NULL);
2628
0
      if (!err)
2629
0
        err = gpg_error (GPG_ERR_AMBIGUOUS_NAME);
2630
0
      else if (gpg_err_code (err) == GPG_ERR_NOT_FOUND)
2631
0
        err = 0;
2632
0
      keydb_pop_found_state (kdbhd);
2633
2634
0
      if (!err && want_secret)
2635
0
        {
2636
          /* We require the secret primary key to set the primary UID.  */
2637
0
          node = find_kbnode (keyblock, PKT_PUBLIC_KEY);
2638
0
          log_assert (node);
2639
0
          if (!agent_probe_secret_key (ctrl, node->pkt->pkt.public_key))
2640
0
            err = gpg_error (GPG_ERR_NO_SECKEY);
2641
0
        }
2642
0
    }
2643
0
  else if (gpg_err_code (err) == GPG_ERR_NOT_FOUND)
2644
0
    err = gpg_error (GPG_ERR_NO_PUBKEY);
2645
2646
0
  if (err)
2647
0
    {
2648
0
      log_error (_("key \"%s\" not found: %s\n"),
2649
0
                 username, gpg_strerror (err));
2650
0
      goto leave;
2651
0
    }
2652
2653
0
  fix_keyblock (ctrl, &keyblock);
2654
0
  merge_keys_and_selfsig (ctrl, keyblock);
2655
2656
0
  *r_keyblock = keyblock;
2657
0
  keyblock = NULL;
2658
0
  *r_kdbhd = kdbhd;
2659
0
  kdbhd = NULL;
2660
2661
0
 leave:
2662
0
  release_kbnode (keyblock);
2663
0
  keydb_release (kdbhd);
2664
0
  return err;
2665
0
}
2666
2667
2668
/* Unattended adding of a new keyid.  USERNAME specifies the
2669
   key. NEWUID is the new user id to add to the key.  */
2670
void
2671
keyedit_quick_adduid (ctrl_t ctrl, const char *username, const char *newuid)
2672
0
{
2673
0
  gpg_error_t err;
2674
0
  KEYDB_HANDLE kdbhd = NULL;
2675
0
  kbnode_t keyblock = NULL;
2676
0
  char *uidstring = NULL;
2677
2678
0
  uidstring = xstrdup (newuid);
2679
0
  trim_spaces (uidstring);
2680
0
  if (!*uidstring)
2681
0
    {
2682
0
      log_error ("%s\n", gpg_strerror (GPG_ERR_INV_USER_ID));
2683
0
      goto leave;
2684
0
    }
2685
2686
#ifdef HAVE_W32_SYSTEM
2687
  /* See keyedit_menu for why we need this.  */
2688
  check_trustdb_stale (ctrl);
2689
#endif
2690
2691
  /* Search the key; we don't want the whole getkey stuff here.  */
2692
0
  err = quick_find_keyblock (ctrl, username, 1, &kdbhd, &keyblock);
2693
0
  if (err)
2694
0
    goto leave;
2695
2696
0
  if (menu_adduid (ctrl, keyblock, 0, NULL, uidstring))
2697
0
    {
2698
0
      err = keydb_update_keyblock (ctrl, kdbhd, keyblock);
2699
0
      if (err)
2700
0
        {
2701
0
          log_error (_("update failed: %s\n"), gpg_strerror (err));
2702
0
          goto leave;
2703
0
        }
2704
0
      maybe_upload_key (ctrl, keyblock);
2705
0
      if (update_trust)
2706
0
        revalidation_mark (ctrl);
2707
0
    }
2708
2709
0
 leave:
2710
0
  xfree (uidstring);
2711
0
  release_kbnode (keyblock);
2712
0
  keydb_release (kdbhd);
2713
0
}
2714
2715
2716
/* Helper to find the UID node for namehash.  On success, returns the UID node.
2717
   Otherwise, return NULL. */
2718
kbnode_t
2719
find_userid_by_namehash (kbnode_t keyblock, const char *namehash, int want_valid)
2720
0
{
2721
0
  byte hash[NAMEHASH_LEN];
2722
0
  kbnode_t node = NULL;
2723
2724
0
  if (!namehash)
2725
0
    goto leave;
2726
2727
0
  if (strlen (namehash) != NAMEHASH_LEN * 2)
2728
0
    goto leave;
2729
2730
0
  if (hex2bin (namehash, hash, NAMEHASH_LEN) < 0)
2731
0
    goto leave;
2732
2733
0
  for (node = keyblock; node; node = node->next)
2734
0
    {
2735
0
      if (node->pkt->pkttype == PKT_USER_ID
2736
0
          && (!want_valid || (!node->pkt->pkt.user_id->flags.revoked
2737
0
                              && !node->pkt->pkt.user_id->flags.expired)))
2738
0
  {
2739
0
    namehash_from_uid (node->pkt->pkt.user_id);
2740
0
    if (!memcmp (node->pkt->pkt.user_id->namehash, hash, NAMEHASH_LEN))
2741
0
      break;
2742
0
        }
2743
0
    }
2744
2745
0
 leave:
2746
0
  return node;
2747
0
}
2748
2749
2750
/* Helper to find the UID node for uid.  On success, returns the UID node.
2751
   Otherwise, return NULL. */
2752
kbnode_t
2753
find_userid (kbnode_t keyblock, const char *uid, int want_valid)
2754
0
{
2755
0
  kbnode_t node = NULL;
2756
0
  size_t uidlen;
2757
2758
0
  if (!keyblock || !uid)
2759
0
    goto leave;
2760
2761
  /* First try to find UID by namehash. */
2762
0
  node = find_userid_by_namehash (keyblock, uid, want_valid);
2763
0
  if (node)
2764
0
    goto leave;
2765
2766
0
  uidlen = strlen (uid);
2767
0
  for (node = keyblock; node; node = node->next)
2768
0
    {
2769
0
      if (node->pkt->pkttype == PKT_USER_ID
2770
0
          && (!want_valid || (!node->pkt->pkt.user_id->flags.revoked
2771
0
                              && !node->pkt->pkt.user_id->flags.expired))
2772
0
          && uidlen == node->pkt->pkt.user_id->len
2773
0
          && !memcmp (node->pkt->pkt.user_id->name, uid, uidlen))
2774
0
        break;
2775
0
    }
2776
2777
0
 leave:
2778
0
  return node;
2779
0
}
2780
2781
2782
/* Unattended revocation of a keyid.  USERNAME specifies the
2783
   key. UIDTOREV is the user id revoke from the key.  */
2784
void
2785
keyedit_quick_revuid (ctrl_t ctrl, const char *username, const char *uidtorev)
2786
0
{
2787
0
  gpg_error_t err;
2788
0
  KEYDB_HANDLE kdbhd = NULL;
2789
0
  kbnode_t keyblock = NULL;
2790
0
  kbnode_t node;
2791
0
  int modified = 0;
2792
0
  size_t valid_uids;
2793
2794
#ifdef HAVE_W32_SYSTEM
2795
  /* See keyedit_menu for why we need this.  */
2796
  check_trustdb_stale (ctrl);
2797
#endif
2798
2799
  /* Search the key; we don't want the whole getkey stuff here.  */
2800
0
  err = quick_find_keyblock (ctrl, username, 1, &kdbhd, &keyblock);
2801
0
  if (err)
2802
0
    goto leave;
2803
2804
  /* To make sure that we do not revoke the last valid UID, we first
2805
     count how many valid UIDs there are.  */
2806
0
  valid_uids = 0;
2807
0
  for (node = keyblock; node; node = node->next)
2808
0
    valid_uids += (node->pkt->pkttype == PKT_USER_ID
2809
0
                   && !node->pkt->pkt.user_id->flags.revoked
2810
0
                   && !node->pkt->pkt.user_id->flags.expired);
2811
2812
  /* Find the right UID. */
2813
0
  node = find_userid (keyblock, uidtorev, 0);
2814
0
  if (node)
2815
0
    {
2816
0
      struct revocation_reason_info *reason;
2817
2818
      /* Make sure that we do not revoke the last valid UID.  */
2819
0
      if (valid_uids == 1
2820
0
          && ! node->pkt->pkt.user_id->flags.revoked
2821
0
          && ! node->pkt->pkt.user_id->flags.expired)
2822
0
        {
2823
0
          log_error (_("cannot revoke the last valid user ID.\n"));
2824
0
          err = gpg_error (GPG_ERR_INV_USER_ID);
2825
0
          goto leave;
2826
0
        }
2827
2828
0
      reason = get_default_uid_revocation_reason ();
2829
0
      err = core_revuid (ctrl, keyblock, node, reason, &modified);
2830
0
      release_revocation_reason_info (reason);
2831
0
      if (err)
2832
0
        goto leave;
2833
0
      err = keydb_update_keyblock (ctrl, kdbhd, keyblock);
2834
0
      if (err)
2835
0
        {
2836
0
          log_error (_("update failed: %s\n"), gpg_strerror (err));
2837
0
          goto leave;
2838
0
        }
2839
0
      maybe_upload_key (ctrl, keyblock);
2840
0
      revalidation_mark (ctrl);
2841
0
      goto leave;
2842
0
    }
2843
0
  err = gpg_error (GPG_ERR_NO_USER_ID);
2844
2845
2846
0
 leave:
2847
0
  if (err)
2848
0
    {
2849
0
      log_error (_("revoking the user ID failed: %s\n"), gpg_strerror (err));
2850
0
      write_status_error ("keyedit.revoke.uid", err);
2851
0
    }
2852
0
  release_kbnode (keyblock);
2853
0
  keydb_release (kdbhd);
2854
0
}
2855
2856
2857
/* Unattended setting of the primary uid.  USERNAME specifies the key.
2858
   PRIMARYUID is the user id which shall be primary.  */
2859
void
2860
keyedit_quick_set_primary (ctrl_t ctrl, const char *username,
2861
                           const char *primaryuid)
2862
0
{
2863
0
  gpg_error_t err;
2864
0
  KEYDB_HANDLE kdbhd = NULL;
2865
0
  kbnode_t keyblock = NULL;
2866
0
  kbnode_t primarynode;
2867
0
  kbnode_t node;
2868
2869
#ifdef HAVE_W32_SYSTEM
2870
  /* See keyedit_menu for why we need this.  */
2871
  check_trustdb_stale (ctrl);
2872
#endif
2873
2874
0
  err = quick_find_keyblock (ctrl, username, 1, &kdbhd, &keyblock);
2875
0
  if (err)
2876
0
    {
2877
0
      write_status_error ("keyedit.primary", err);
2878
0
      goto leave;
2879
0
    }
2880
2881
  /* Find the first matching UID that is valid */
2882
0
  primarynode = find_userid (keyblock, primaryuid, 1);
2883
2884
  /* and mark it. */
2885
0
  if (primarynode)
2886
0
    for (node = keyblock; node; node = node->next)
2887
0
      {
2888
0
        if (node == primarynode)
2889
0
          node->flag |= NODFLG_SELUID;
2890
0
        else
2891
0
          node->flag &= ~NODFLG_SELUID;
2892
0
      }
2893
2894
0
  if (!primarynode)
2895
0
    err = gpg_error (GPG_ERR_NO_USER_ID);
2896
0
  else if (menu_set_primary_uid (ctrl, keyblock))
2897
0
    {
2898
0
      merge_keys_and_selfsig (ctrl, keyblock);
2899
0
      err = keydb_update_keyblock (ctrl, kdbhd, keyblock);
2900
0
      if (err)
2901
0
        {
2902
0
          log_error (_("update failed: %s\n"), gpg_strerror (err));
2903
0
          goto leave;
2904
0
        }
2905
0
      maybe_upload_key (ctrl, keyblock);
2906
0
      revalidation_mark (ctrl);
2907
0
    }
2908
0
  else
2909
0
    err = gpg_error (GPG_ERR_GENERAL);
2910
2911
0
  if (err)
2912
0
    {
2913
0
      log_error (_("setting the primary user ID failed: %s\n"),
2914
0
                gpg_strerror (err));
2915
0
      write_status_error ("keyedit.primary", err);
2916
0
    }
2917
2918
0
 leave:
2919
0
  release_kbnode (keyblock);
2920
0
  keydb_release (kdbhd);
2921
0
}
2922
2923
2924
/* Unattended updating of the preference tro the standard preferences.
2925
 * USERNAME specifies the key.  This is basically the same as
2926
 *      gpg --edit-key <<userif> updpref save
2927
 */
2928
void
2929
keyedit_quick_update_pref (ctrl_t ctrl, const char *username)
2930
0
{
2931
0
  gpg_error_t err;
2932
0
  KEYDB_HANDLE kdbhd = NULL;
2933
0
  kbnode_t keyblock = NULL;
2934
2935
#ifdef HAVE_W32_SYSTEM
2936
  /* See keyedit_menu for why we need this.  */
2937
  check_trustdb_stale (ctrl);
2938
#endif
2939
2940
0
  err = quick_find_keyblock (ctrl, username, 1, &kdbhd, &keyblock);
2941
0
  if (err)
2942
0
    goto leave;
2943
2944
0
  if (menu_set_preferences (ctrl, keyblock, 1))
2945
0
    {
2946
0
      merge_keys_and_selfsig (ctrl, keyblock);
2947
0
      err = keydb_update_keyblock (ctrl, kdbhd, keyblock);
2948
0
      if (err)
2949
0
        {
2950
0
          log_error (_("update failed: %s\n"), gpg_strerror (err));
2951
0
          goto leave;
2952
0
        }
2953
0
      maybe_upload_key (ctrl, keyblock);
2954
0
    }
2955
2956
0
 leave:
2957
0
  if (err)
2958
0
    write_status_error ("keyedit.updpref", err);
2959
0
  release_kbnode (keyblock);
2960
0
  keydb_release (kdbhd);
2961
0
}
2962
2963
2964
/* Unattended updating of the ownertrust or disable/enable state of a key
2965
 * USERNAME specifies the key.  This is somewhat similar to
2966
 *      gpg --edit-key <userid> trust save
2967
 *      gpg --edit-key <userid> disable save
2968
 *
2969
 * VALUE is the new trust value which is one of:
2970
 *    "undefined"  - Ownertrust is set to undefined
2971
 *    "never"      - Ownertrust is set to never trust
2972
 *    "marginal"   - Ownertrust is set to marginal trust
2973
 *    "full"       - Ownertrust is set to full trust
2974
 *    "ultimate"   - Ownertrust is set to ultimate trust
2975
 *    "enable"     - The key is re-enabled.
2976
 *    "disable"    - The key is disabled.
2977
 * Trust settings do not change the ebable/disable state.
2978
 */
2979
void
2980
keyedit_quick_set_ownertrust (ctrl_t ctrl, const char *username,
2981
                              const char *value)
2982
0
{
2983
0
  gpg_error_t err;
2984
0
  KEYDB_HANDLE kdbhd = NULL;
2985
0
  kbnode_t keyblock = NULL;
2986
0
  PKT_public_key *pk;
2987
0
  unsigned int trust, newtrust;
2988
0
  int x;
2989
0
  int maybe_update_trust = 0;
2990
2991
#ifdef HAVE_W32_SYSTEM
2992
  /* See keyedit_menu for why we need this.  */
2993
  check_trustdb_stale (ctrl);
2994
#endif
2995
2996
  /* Search the key; we don't want the whole getkey stuff here.  Note
2997
   * that we are looking for the public key here.  */
2998
0
  err = quick_find_keyblock (ctrl, username, 0, &kdbhd, &keyblock);
2999
0
  if (err)
3000
0
    goto leave;
3001
0
  log_assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY
3002
0
              || keyblock->pkt->pkttype == PKT_SECRET_KEY);
3003
0
  pk = keyblock->pkt->pkt.public_key;
3004
3005
0
  trust = newtrust = get_ownertrust (ctrl, pk);
3006
3007
0
  if (!ascii_strcasecmp (value, "enable"))
3008
0
    newtrust &= ~TRUST_FLAG_DISABLED;
3009
0
  else if (!ascii_strcasecmp (value, "disable"))
3010
0
    newtrust |= TRUST_FLAG_DISABLED;
3011
0
  else if ((x = string_to_trust_value (value)) >= 0)
3012
0
    {
3013
0
      newtrust = x;
3014
0
      newtrust &= TRUST_MASK;
3015
0
      newtrust |= (trust & ~TRUST_MASK);
3016
0
      maybe_update_trust = 1;
3017
0
    }
3018
0
  else
3019
0
    {
3020
0
      err = gpg_error (GPG_ERR_INV_ARG);
3021
0
      goto leave;
3022
0
    }
3023
3024
0
  if (trust != newtrust)
3025
0
    {
3026
0
      update_ownertrust (ctrl, pk, newtrust);
3027
0
      if (maybe_update_trust)
3028
0
        revalidation_mark (ctrl);
3029
0
    }
3030
0
  else if (opt.verbose)
3031
0
    log_info (_("Key not changed so no update needed.\n"));
3032
3033
0
 leave:
3034
0
  if (err)
3035
0
    {
3036
0
      log_error (_("setting the ownertrust to '%s' failed: %s\n"),
3037
0
                 value, gpg_strerror (err));
3038
0
      write_status_error ("keyedit.setownertrust", err);
3039
0
    }
3040
0
  release_kbnode (keyblock);
3041
0
  keydb_release (kdbhd);
3042
0
}
3043
3044
3045
/* Find a keyblock by fingerprint because only this uniquely
3046
 * identifies a key and may thus be used to select a key for
3047
 * unattended subkey creation os key signing.  */
3048
static gpg_error_t
3049
find_by_primary_fpr (ctrl_t ctrl, const char *fpr,
3050
                     kbnode_t *r_keyblock, KEYDB_HANDLE *r_kdbhd)
3051
0
{
3052
0
  gpg_error_t err;
3053
0
  kbnode_t keyblock = NULL;
3054
0
  KEYDB_HANDLE kdbhd = NULL;
3055
0
  KEYDB_SEARCH_DESC desc;
3056
0
  byte fprbin[MAX_FINGERPRINT_LEN];
3057
0
  size_t fprlen;
3058
3059
0
  *r_keyblock = NULL;
3060
0
  *r_kdbhd = NULL;
3061
3062
0
  if (classify_user_id (fpr, &desc, 1)
3063
0
      || desc.mode != KEYDB_SEARCH_MODE_FPR)
3064
0
    {
3065
0
      log_error (_("\"%s\" is not a fingerprint\n"), fpr);
3066
0
      err = gpg_error (GPG_ERR_INV_NAME);
3067
0
      goto leave;
3068
0
    }
3069
0
  err = get_pubkey_byname (ctrl, GET_PUBKEY_NO_AKL,
3070
0
                           NULL, NULL, fpr, &keyblock, &kdbhd, 1);
3071
0
  if (err)
3072
0
    {
3073
0
      log_error (_("key \"%s\" not found: %s\n"), fpr, gpg_strerror (err));
3074
0
      goto leave;
3075
0
    }
3076
3077
  /* Check that the primary fingerprint has been given. */
3078
0
  fingerprint_from_pk (keyblock->pkt->pkt.public_key, fprbin, &fprlen);
3079
0
  if (desc.mode == KEYDB_SEARCH_MODE_FPR
3080
0
      && fprlen == desc.fprlen
3081
0
      && !memcmp (fprbin, desc.u.fpr, fprlen))
3082
0
    ;
3083
0
  else
3084
0
    {
3085
0
      log_error (_("\"%s\" is not the primary fingerprint\n"), fpr);
3086
0
      err = gpg_error (GPG_ERR_INV_NAME);
3087
0
      goto leave;
3088
0
    }
3089
3090
0
  *r_keyblock = keyblock;
3091
0
  keyblock = NULL;
3092
0
  *r_kdbhd = kdbhd;
3093
0
  kdbhd = NULL;
3094
0
  err = 0;
3095
3096
0
 leave:
3097
0
  release_kbnode (keyblock);
3098
0
  keydb_release (kdbhd);
3099
0
  return err;
3100
0
}
3101
3102
3103
/* Unattended key signing function.  If the key specified by FPR is
3104
   available and FPR is the primary fingerprint all user ids of the
3105
   key are signed using the default signing key.  If UIDS is an empty
3106
   list all usable UIDs are signed, if it is not empty, only those
3107
   user ids matching one of the entries of the list are signed.  With
3108
   LOCAL being true the signatures are marked as non-exportable.  If
3109
   TRUSTSIG is given a trust signature is created; see
3110
   parse_trustsig_string(). */
3111
void
3112
keyedit_quick_sign (ctrl_t ctrl, const char *fpr, strlist_t uids,
3113
                    strlist_t locusr, const char *trustsig, int local)
3114
0
{
3115
0
  gpg_error_t err = 0;
3116
0
  kbnode_t keyblock = NULL;
3117
0
  KEYDB_HANDLE kdbhd = NULL;
3118
0
  int modified = 0;
3119
0
  PKT_public_key *pk;
3120
0
  kbnode_t node;
3121
0
  strlist_t sl;
3122
0
  int any;
3123
3124
#ifdef HAVE_W32_SYSTEM
3125
  /* See keyedit_menu for why we need this.  */
3126
  check_trustdb_stale (ctrl);
3127
#endif
3128
3129
  /* Do an early check on an arg for an immediate error message.  */
3130
0
  if (trustsig)
3131
0
    {
3132
0
      byte trust_depth, trust_value;
3133
0
      char *trust_regexp;
3134
0
      err = parse_trustsig_string (trustsig, &trust_value,
3135
0
                                   &trust_depth, &trust_regexp);
3136
0
      xfree (trust_regexp);
3137
0
      (void)trust_depth;
3138
0
      (void)trust_value;
3139
0
      if (err)
3140
0
        goto leave;
3141
0
    }
3142
3143
  /* We require a fingerprint because only this uniquely identifies a
3144
     key and may thus be used to select a key for unattended key
3145
     signing.  */
3146
0
  if (find_by_primary_fpr (ctrl, fpr, &keyblock, &kdbhd))
3147
0
    goto leave;
3148
3149
0
  if (fix_keyblock (ctrl, &keyblock))
3150
0
    modified++;
3151
3152
  /* Give some info in verbose.  */
3153
0
  if (opt.verbose)
3154
0
    {
3155
0
      show_key_with_all_names (ctrl, es_stdout, keyblock, 0,
3156
0
                               1/*with_revoker*/, 1/*with_fingerprint*/,
3157
0
                               0, 0, 1);
3158
0
      es_fflush (es_stdout);
3159
0
    }
3160
3161
0
  pk = keyblock->pkt->pkt.public_key;
3162
0
  if (pk->flags.revoked)
3163
0
    {
3164
0
      if (!opt.verbose)
3165
0
        show_key_with_all_names (ctrl, es_stdout, keyblock, 0, 0, 0, 0, 0, 1);
3166
0
      log_error ("%s%s", _("Key is revoked."), _("  Unable to sign.\n"));
3167
0
      err = gpg_error (GPG_ERR_CERT_REVOKED);
3168
0
      goto leave;
3169
0
    }
3170
3171
  /* Set the flags according to the UIDS list.  Fixme: We may want to
3172
     use classify_user_id along with dedicated compare functions so
3173
     that we match the same way as in the key lookup. */
3174
0
  any = 0;
3175
0
  menu_select_uid (keyblock, 0);   /* Better clear the flags first. */
3176
0
  for (sl=uids; sl; sl = sl->next)
3177
0
    {
3178
0
      const char *name = sl->d;
3179
0
      int count = 0;
3180
3181
0
      sl->flags &= ~(1|2);  /* Clear flags used for error reporting.  */
3182
3183
0
      for (node = keyblock; node; node = node->next)
3184
0
        {
3185
0
          if (node->pkt->pkttype == PKT_USER_ID)
3186
0
            {
3187
0
              PKT_user_id *uid = node->pkt->pkt.user_id;
3188
3189
0
              if (uid->attrib_data)
3190
0
                ;
3191
0
              else if (*name == '='
3192
0
                       && strlen (name+1) == uid->len
3193
0
                       && !memcmp (uid->name, name + 1, uid->len))
3194
0
                { /* Exact match - we don't do a check for ambiguity
3195
                   * in this case.  */
3196
0
                  node->flag |= NODFLG_SELUID;
3197
0
                  if (any != -1)
3198
0
                    {
3199
0
                      sl->flags |= 1;  /* Report as found.  */
3200
0
                      any = 1;
3201
0
                    }
3202
0
                }
3203
0
              else if (ascii_memistr (uid->name, uid->len,
3204
0
                                      *name == '*'? name+1:name))
3205
0
                {
3206
0
                  node->flag |= NODFLG_SELUID;
3207
0
                  if (any != -1)
3208
0
                    {
3209
0
                      sl->flags |= 1;  /* Report as found.  */
3210
0
                      any = 1;
3211
0
                    }
3212
0
                  count++;
3213
0
                }
3214
0
            }
3215
0
        }
3216
3217
0
      if (count > 1)
3218
0
        {
3219
0
          any = -1;        /* Force failure at end.  */
3220
0
          sl->flags |= 2;  /* Report as ambiguous.  */
3221
0
        }
3222
0
    }
3223
3224
  /* Check whether all given user ids were found.  */
3225
0
  for (sl=uids; sl; sl = sl->next)
3226
0
    if (!(sl->flags & 1))
3227
0
      any = -1;  /* That user id was not found.  */
3228
3229
  /* Print an error if there was a problem with the user ids.  */
3230
0
  if (uids && any < 1)
3231
0
    {
3232
0
      if (!opt.verbose)
3233
0
        show_key_with_all_names (ctrl, es_stdout, keyblock, 0, 0, 0, 0, 0, 1);
3234
0
      es_fflush (es_stdout);
3235
0
      for (sl=uids; sl; sl = sl->next)
3236
0
        {
3237
0
          if ((sl->flags & 2))
3238
0
            log_info (_("Invalid user ID '%s': %s\n"),
3239
0
                      sl->d, gpg_strerror (GPG_ERR_AMBIGUOUS_NAME));
3240
0
          else if (!(sl->flags & 1))
3241
0
            log_info (_("Invalid user ID '%s': %s\n"),
3242
0
                      sl->d, gpg_strerror (GPG_ERR_NOT_FOUND));
3243
0
        }
3244
0
      log_error ("%s  %s", _("No matching user IDs."), _("Nothing to sign.\n"));
3245
0
      err = gpg_error (GPG_ERR_NO_USER_ID);
3246
0
      goto leave;
3247
0
    }
3248
3249
  /* Sign. */
3250
0
  err = sign_uids (ctrl, es_stdout, keyblock, locusr,
3251
0
                   (SIGN_UIDS_QUICK
3252
0
                    | (local? SIGN_UIDS_LOCAL : 0)
3253
0
                    | (trustsig? SIGN_UIDS_TRUSTSIG : 0)),
3254
0
                   trustsig, &modified);
3255
0
  es_fflush (es_stdout);
3256
0
  if (err)
3257
0
    goto leave;
3258
3259
0
  if (modified)
3260
0
    {
3261
0
      err = keydb_update_keyblock (ctrl, kdbhd, keyblock);
3262
0
      if (err)
3263
0
        {
3264
0
          log_error (_("update failed: %s\n"), gpg_strerror (err));
3265
0
          goto leave;
3266
0
        }
3267
0
      if (!local) /* No need to upload new non-expotable sigs.  */
3268
0
        maybe_upload_key (ctrl, keyblock);
3269
0
    }
3270
0
  else
3271
0
    log_info (_("Key not changed so no update needed.\n"));
3272
3273
0
  if (update_trust)
3274
0
    revalidation_mark (ctrl);
3275
3276
0
 leave:
3277
0
  if (err)
3278
0
    {
3279
0
      log_error (_("creating key signature failed: %s\n"), gpg_strerror (err));
3280
0
      write_status_error ("keyedit.sign-key", err);
3281
0
    }
3282
0
  release_kbnode (keyblock);
3283
0
  keydb_release (kdbhd);
3284
0
}
3285
3286
3287
/* Unattended revocation of a key signatures.  USERNAME specifies the
3288
 * key; this should best be a fingerprint. SIGTOREV is the user-id of
3289
 * the key for which the key signature shall be removed.  Only
3290
 * non-self-signatures can be removed with this functions.  If
3291
 * AFFECTED_UIDS is not NULL only the key signatures on these user-ids
3292
 * are revoked. */
3293
void
3294
keyedit_quick_revsig (ctrl_t ctrl, const char *username, const char *sigtorev,
3295
                      strlist_t affected_uids)
3296
0
{
3297
0
  gpg_error_t err = 0;
3298
0
  int no_signing_key = 0;
3299
0
  KEYDB_HANDLE kdbhd = NULL;
3300
0
  kbnode_t keyblock = NULL;
3301
0
  PKT_public_key *primarypk;  /* Points into KEYBLOCK.  */
3302
0
  u32 *primarykid;
3303
0
  PKT_public_key *pksigtorev = NULL;
3304
0
  u32 *pksigtorevkid;
3305
0
  kbnode_t node, n;
3306
0
  int skip_remaining;
3307
0
  int consider_sig;
3308
0
  strlist_t sl;
3309
0
  struct sign_attrib attrib = { 0 };
3310
3311
#ifdef HAVE_W32_SYSTEM
3312
  /* See keyedit_menu for why we need this.  */
3313
  check_trustdb_stale (ctrl);
3314
#endif
3315
3316
  /* Search the key; we don't want the whole getkey stuff here.  Note
3317
   * that we are looking for the public key here.  */
3318
0
  err = quick_find_keyblock (ctrl, username, 0, &kdbhd, &keyblock);
3319
0
  if (err)
3320
0
    goto leave;
3321
0
  log_assert (keyblock && (keyblock->pkt->pkttype == PKT_PUBLIC_KEY
3322
0
              || keyblock->pkt->pkttype == PKT_SECRET_KEY));
3323
0
  primarypk = keyblock->pkt->pkt.public_key;
3324
0
  primarykid = pk_keyid (primarypk);
3325
3326
  /* Get the signing key we want to revoke.  This must be one of our
3327
   * signing keys.  We will compare only the keyid because we don't
3328
   * assume that we have duplicated keyids on our own secret keys.  If
3329
   * a there is a duplicated one we will notice this when creating the
3330
   * revocation.  */
3331
0
  pksigtorev = xtrycalloc (1, sizeof *pksigtorev);
3332
0
  if (!pksigtorev)
3333
0
    {
3334
0
      err = gpg_error_from_syserror ();
3335
0
      goto leave;
3336
0
    }
3337
0
  pksigtorev->req_usage = PUBKEY_USAGE_CERT;
3338
0
  err = getkey_byname (ctrl, NULL, pksigtorev, sigtorev, 1, NULL);
3339
0
  if (err)
3340
0
    {
3341
0
      no_signing_key = 1;
3342
0
      goto leave;
3343
0
    }
3344
0
  pksigtorevkid = pk_keyid (pksigtorev);
3345
3346
  /* Find the signatures we want to revoke and set a mark.  */
3347
0
  skip_remaining = consider_sig = 0;
3348
0
  for (node = keyblock; node; node = node->next)
3349
0
    {
3350
0
      node->flag &= ~NODFLG_MARK_A;
3351
0
      if (skip_remaining)
3352
0
        ;
3353
0
      else if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
3354
0
        skip_remaining = 1;
3355
0
      else if (node->pkt->pkttype == PKT_USER_ID)
3356
0
  {
3357
0
          PKT_user_id *uid = node->pkt->pkt.user_id;
3358
3359
0
          consider_sig = !affected_uids;
3360
0
          for (sl = affected_uids; !consider_sig && sl; sl = sl->next)
3361
0
            {
3362
0
              const char *name = sl->d;
3363
3364
0
              if (uid->attrib_data)
3365
0
                ;
3366
0
              else if (*name == '='
3367
0
                       && strlen (name+1) == uid->len
3368
0
                       && !memcmp (uid->name, name + 1, uid->len))
3369
0
                { /* Exact match.  */
3370
0
                  consider_sig = 1;
3371
0
                }
3372
0
              else if (ascii_memistr (uid->name, uid->len,
3373
0
                                      *name == '*'? name+1:name))
3374
0
                { /* Case-insensitive substring match.  */
3375
0
                  consider_sig = 1;
3376
0
                }
3377
0
            }
3378
0
  }
3379
0
      else if (node->pkt->pkttype == PKT_SIGNATURE)
3380
0
  {
3381
          /* We need to sort the signatures so that we can figure out
3382
           * whether the key signature has been revoked or the
3383
           * revocation has been superseded by a new key
3384
           * signature.  */
3385
0
          PKT_signature *sig;
3386
0
          unsigned int sigcount = 0;
3387
0
          kbnode_t *sigarray;
3388
3389
          /* Allocate an array large enough for all signatures.  */
3390
0
          for (n=node; n && n->pkt->pkttype == PKT_SIGNATURE; n = n->next)
3391
0
            sigcount++;
3392
0
          sigarray = xtrycalloc (sigcount, sizeof *sigarray);
3393
0
          if (!sigarray)
3394
0
            {
3395
0
              err = gpg_error_from_syserror ();
3396
0
              goto leave;
3397
0
            }
3398
3399
          /* Now fill the array with signatures we are interested in.
3400
           * We also move NODE forward to the end.  */
3401
0
          sigcount = 0;
3402
0
          for (n=node; n && n->pkt->pkttype == PKT_SIGNATURE; node=n, n=n->next)
3403
0
            {
3404
0
              sig = n->pkt->pkt.signature;
3405
0
              if (!keyid_cmp (primarykid, sig->keyid))
3406
0
                continue;  /* Ignore self-signatures.  */
3407
3408
0
              if (keyid_cmp (pksigtorevkid, sig->keyid))
3409
0
                continue; /* Ignore non-matching signatures.  */
3410
3411
0
              n->flag &= ~NODFLG_MARK_B; /* Clear flag used by cm_signode. */
3412
0
              sigarray[sigcount++] = n;
3413
0
            }
3414
3415
0
          if (sigcount)
3416
0
            {
3417
0
              qsort (sigarray, sigcount, sizeof *sigarray, cmp_signodes);
3418
3419
              /* log_debug ("Sorted signatures:\n"); */
3420
              /* for (idx=0; idx < sigcount; idx++) */
3421
              /*   { */
3422
              /*     sig = sigarray[idx]->pkt->pkt.signature; */
3423
              /*     log_debug ("%s 0x%02x %s\n", keystr (sig->keyid), */
3424
              /*                sig->sig_class, datestr_from_sig (sig)); */
3425
              /*   } */
3426
0
              sig = sigarray[sigcount-1]->pkt->pkt.signature;
3427
0
              if ((consider_sig || !affected_uids) && IS_UID_REV (sig))
3428
0
                {
3429
0
                  if (!opt.quiet)
3430
0
                    log_info ("sig by %s already revoked at %s\n",
3431
0
                              keystr (sig->keyid), datestr_from_sig (sig));
3432
0
                }
3433
0
              else if ((consider_sig && IS_UID_SIG (sig))
3434
0
                       || (!affected_uids && IS_KEY_SIG (sig)))
3435
0
                node->flag |= NODFLG_MARK_A;  /* Select signature.  */
3436
0
            }
3437
3438
0
          xfree (sigarray);
3439
0
  }
3440
0
    }
3441
3442
  /* Check whether any signatures were done by the given key.  We do
3443
   * not return an error if none were found.  */
3444
0
  for (node = keyblock; node; node = node->next)
3445
0
    if ((node->flag & NODFLG_MARK_A))
3446
0
      break;
3447
0
  if (!node)
3448
0
    {
3449
0
      if (opt.verbose)
3450
0
        log_info (_("Not signed by you.\n"));
3451
0
      err = 0;
3452
0
      goto leave;
3453
0
    }
3454
3455
  /* Revoke all marked signatures.  */
3456
0
  attrib.reason = get_default_sig_revocation_reason ();
3457
3458
0
 reloop: /* (we must repeat because we are modifying the list) */
3459
0
  for (node = keyblock; node; node = node->next)
3460
0
    {
3461
0
      kbnode_t unode;
3462
0
      PKT_signature *sig;
3463
0
      PACKET *pkt;
3464
3465
0
      if (!(node->flag & NODFLG_MARK_A))
3466
0
  continue;
3467
0
      node->flag &= ~NODFLG_MARK_A;
3468
3469
0
      if (IS_KEY_SIG (node->pkt->pkt.signature))
3470
0
        unode = NULL;
3471
0
      else
3472
0
        {
3473
0
          unode = find_prev_kbnode (keyblock, node, PKT_USER_ID);
3474
0
          log_assert (unode);
3475
0
        }
3476
3477
0
      attrib.non_exportable = !node->pkt->pkt.signature->flags.exportable;
3478
3479
0
      err = make_keysig_packet (ctrl, &sig, primarypk,
3480
0
                                unode? unode->pkt->pkt.user_id : NULL,
3481
0
                                NULL, pksigtorev, 0x30, 0, 0,
3482
0
                                sign_mk_attrib, &attrib, NULL);
3483
0
      if (err)
3484
0
        {
3485
0
          log_error ("signing failed: %s\n", gpg_strerror (err));
3486
0
          goto leave;
3487
0
        }
3488
3489
0
      pkt = xmalloc_clear (sizeof *pkt);
3490
0
      pkt->pkttype = PKT_SIGNATURE;
3491
0
      pkt->pkt.signature = sig;
3492
0
      if (unode)
3493
0
        insert_kbnode (unode, new_kbnode (pkt), 0);
3494
0
      goto reloop;
3495
0
    }
3496
3497
0
  err = keydb_update_keyblock (ctrl, kdbhd, keyblock);
3498
0
  if (err)
3499
0
    {
3500
0
      log_error (_("update failed: %s\n"), gpg_strerror (err));
3501
0
      goto leave;
3502
0
    }
3503
0
  maybe_upload_key (ctrl, keyblock);
3504
0
  revalidation_mark (ctrl);
3505
3506
0
 leave:
3507
0
  if (err)
3508
0
    {
3509
0
      log_error (_("revoking the key signature failed: %s\n"),
3510
0
                 gpg_strerror (err));
3511
0
      if (no_signing_key)
3512
0
        print_further_info ("error getting key used to make the key signature");
3513
0
      write_status_error ("keyedit.revoke.sig", err);
3514
0
    }
3515
0
  release_revocation_reason_info (attrib.reason);
3516
0
  free_public_key (pksigtorev);
3517
0
  release_kbnode (keyblock);
3518
0
  keydb_release (kdbhd);
3519
0
}
3520
3521
3522
/* Unattended subkey creation function.
3523
 *
3524
 */
3525
void
3526
keyedit_quick_addkey (ctrl_t ctrl, const char *fpr, const char *algostr,
3527
                      const char *usagestr, const char *expirestr)
3528
0
{
3529
0
  gpg_error_t err;
3530
0
  kbnode_t keyblock;
3531
0
  KEYDB_HANDLE kdbhd;
3532
0
  int modified = 0;
3533
0
  PKT_public_key *pk;
3534
3535
#ifdef HAVE_W32_SYSTEM
3536
  /* See keyedit_menu for why we need this.  */
3537
  check_trustdb_stale (ctrl);
3538
#endif
3539
3540
  /* We require a fingerprint because only this uniquely identifies a
3541
   * key and may thus be used to select a key for unattended subkey
3542
   * creation.  */
3543
0
  if ((err=find_by_primary_fpr (ctrl, fpr, &keyblock, &kdbhd)))
3544
0
    goto leave;
3545
3546
0
  if (fix_keyblock (ctrl, &keyblock))
3547
0
    modified++;
3548
3549
0
  pk = keyblock->pkt->pkt.public_key;
3550
0
  if (pk->flags.revoked)
3551
0
    {
3552
0
      if (!opt.verbose)
3553
0
        show_key_with_all_names (ctrl, es_stdout, keyblock, 0, 0, 0, 0, 0, 1);
3554
0
      log_error ("%s%s", _("Key is revoked."), "\n");
3555
0
      err = gpg_error (GPG_ERR_CERT_REVOKED);
3556
0
      goto leave;
3557
0
    }
3558
3559
  /* Create the subkey.  Note that the called function already prints
3560
   * an error message. */
3561
0
  if (!generate_subkeypair (ctrl, keyblock, algostr, usagestr, expirestr))
3562
0
    modified = 1;
3563
0
  es_fflush (es_stdout);
3564
3565
  /* Store.  */
3566
0
  if (modified)
3567
0
    {
3568
0
      err = keydb_update_keyblock (ctrl, kdbhd, keyblock);
3569
0
      if (err)
3570
0
        {
3571
0
          log_error (_("update failed: %s\n"), gpg_strerror (err));
3572
0
          goto leave;
3573
0
        }
3574
0
      maybe_upload_key (ctrl, keyblock);
3575
0
    }
3576
0
  else
3577
0
    log_info (_("Key not changed so no update needed.\n"));
3578
3579
0
 leave:
3580
0
  if (err)
3581
0
    write_status_error ("keyedit.addkey", err);
3582
0
  release_kbnode (keyblock);
3583
0
  keydb_release (kdbhd);
3584
0
}
3585
3586
3587
/* Unattended ADSK setup function.
3588
 *
3589
 * FPR is the fingerprint of our key.  ADSKFPR is the fingerprint of
3590
 * another subkey which we want to add as ADSK to our key.
3591
 */
3592
void
3593
keyedit_quick_addadsk (ctrl_t ctrl, const char *fpr, const char *adskfpr)
3594
0
{
3595
0
  gpg_error_t err;
3596
0
  kbnode_t keyblock;
3597
0
  KEYDB_HANDLE kdbhd;
3598
0
  int modified = 0;
3599
0
  PKT_public_key *pk;
3600
3601
#ifdef HAVE_W32_SYSTEM
3602
  /* See keyedit_menu for why we need this.  */
3603
  check_trustdb_stale (ctrl);
3604
#endif
3605
3606
  /* We require a fingerprint because only this uniquely identifies a
3607
   * key and may thus be used to select a key for unattended adsk
3608
   * adding. */
3609
0
  if ((err = find_by_primary_fpr (ctrl, fpr, &keyblock, &kdbhd)))
3610
0
    goto leave;
3611
3612
0
  if (fix_keyblock (ctrl, &keyblock))
3613
0
    modified++;
3614
3615
0
  pk = keyblock->pkt->pkt.public_key;
3616
0
  if (pk->flags.revoked)
3617
0
    {
3618
0
      if (!opt.verbose)
3619
0
        show_key_with_all_names (ctrl, es_stdout, keyblock, 0, 0, 0, 0, 0, 1);
3620
0
      log_error ("%s%s", _("Key is revoked."), "\n");
3621
0
      err = gpg_error (GPG_ERR_CERT_REVOKED);
3622
0
      goto leave;
3623
0
    }
3624
3625
  /* Locate and add the ADSK.  Note that the called function already
3626
   * prints error messages. */
3627
0
  if (adskfpr && !ascii_strcasecmp (adskfpr, "default"))
3628
0
    {
3629
0
      err = append_all_default_adsks (ctrl, keyblock);
3630
0
      if (!err)
3631
0
        modified = 1;
3632
0
      else if (gpg_err_code (err) == GPG_ERR_FALSE)
3633
0
        err = 0;
3634
0
    }
3635
0
  else if (menu_addadsk (ctrl, keyblock, adskfpr))
3636
0
    modified = 1;
3637
0
  else
3638
0
    log_inc_errorcount ();  /* (We use log_info in menu_adsk) */
3639
3640
0
  es_fflush (es_stdout);
3641
3642
  /* Store.  */
3643
0
  if (modified)
3644
0
    {
3645
0
      err = keydb_update_keyblock (ctrl, kdbhd, keyblock);
3646
0
      if (err)
3647
0
        {
3648
0
          log_error (_("update failed: %s\n"), gpg_strerror (err));
3649
0
          goto leave;
3650
0
        }
3651
0
      maybe_upload_key (ctrl, keyblock);
3652
0
    }
3653
3654
0
 leave:
3655
0
  if (err)
3656
0
    write_status_error ("keyedit.addadsk", err);
3657
0
  release_kbnode (keyblock);
3658
0
  keydb_release (kdbhd);
3659
0
}
3660
3661
3662
/* Unattended expiration setting function for the main key.  If
3663
 * SUBKEYFPRS is not NULL and SUBKEYSFPRS[0] is neither NULL, it is
3664
 * expected to be an array of fingerprints for subkeys to change. It
3665
 * may also be an array with only the item "*" to indicate that all
3666
 * keys shall be set to that expiration date.
3667
 */
3668
void
3669
keyedit_quick_set_expire (ctrl_t ctrl, const char *fpr, const char *expirestr,
3670
                          char **subkeyfprs)
3671
0
{
3672
0
  gpg_error_t err;
3673
0
  kbnode_t keyblock, node;
3674
0
  KEYDB_HANDLE kdbhd;
3675
0
  int modified = 0;
3676
0
  PKT_public_key *pk;
3677
0
  u32 expire;
3678
0
  int primary_only = 0;
3679
0
  int idx;
3680
3681
#ifdef HAVE_W32_SYSTEM
3682
  /* See keyedit_menu for why we need this.  */
3683
  check_trustdb_stale (ctrl);
3684
#endif
3685
3686
  /* We require a fingerprint because only this uniquely identifies a
3687
   * key and may thus be used to select a key for unattended
3688
   * expiration setting.  */
3689
0
  err = find_by_primary_fpr (ctrl, fpr, &keyblock, &kdbhd);
3690
0
  if (err)
3691
0
    goto leave;
3692
3693
0
  if (fix_keyblock (ctrl, &keyblock))
3694
0
    modified++;
3695
3696
0
  pk = keyblock->pkt->pkt.public_key;
3697
0
  if (pk->flags.revoked)
3698
0
    {
3699
0
      if (!opt.verbose)
3700
0
        show_key_with_all_names (ctrl, es_stdout, keyblock, 0, 0, 0, 0, 0, 1);
3701
0
      log_error ("%s%s", _("Key is revoked."), "\n");
3702
0
      err = gpg_error (GPG_ERR_CERT_REVOKED);
3703
0
      goto leave;
3704
0
    }
3705
3706
0
  expire = parse_expire_string (expirestr);
3707
0
  if (expire == (u32)-1 )
3708
0
    {
3709
0
      log_error (_("'%s' is not a valid expiration time\n"), expirestr);
3710
0
      err = gpg_error (GPG_ERR_INV_VALUE);
3711
0
      goto leave;
3712
0
    }
3713
0
  if (expire)
3714
0
    expire += make_timestamp ();
3715
3716
  /* Check whether a subkey's expiration time shall be changed or the
3717
   * expiration time of all keys.  */
3718
0
  if (!subkeyfprs || !subkeyfprs[0])
3719
0
    primary_only = 1;
3720
0
  else if ( !strcmp (subkeyfprs[0], "*") && !subkeyfprs[1])
3721
0
    {
3722
      /* Change all subkeys keys which have not been revoked and are
3723
       * not yet expired.  */
3724
0
      merge_keys_and_selfsig (ctrl, keyblock);
3725
0
      for (node = keyblock; node; node = node->next)
3726
0
        {
3727
0
          if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY
3728
0
              && (pk = node->pkt->pkt.public_key)
3729
0
              && !pk->flags.revoked
3730
0
              && !pk->has_expired)
3731
0
            node->flag |= NODFLG_SELKEY;
3732
0
        }
3733
0
    }
3734
0
  else
3735
0
    {
3736
      /* Change specified subkeys.  */
3737
0
      KEYDB_SEARCH_DESC desc;
3738
0
      byte fprbin[MAX_FINGERPRINT_LEN];
3739
0
      size_t fprlen;
3740
3741
0
      err = 0;
3742
0
      merge_keys_and_selfsig (ctrl, keyblock);
3743
0
      for (idx=0; subkeyfprs[idx]; idx++)
3744
0
        {
3745
0
          int any = 0;
3746
3747
          /* Parse the fingerprint.  */
3748
0
          if (classify_user_id (subkeyfprs[idx], &desc, 1)
3749
0
              || desc.mode != KEYDB_SEARCH_MODE_FPR)
3750
0
            {
3751
0
              log_error (_("\"%s\" is not a proper fingerprint\n"),
3752
0
                         subkeyfprs[idx] );
3753
0
              if (!err)
3754
0
                err = gpg_error (GPG_ERR_INV_NAME);
3755
0
              continue;
3756
0
            }
3757
3758
          /* Set the flag for the matching non revoked subkey.  */
3759
0
          for (node = keyblock; node; node = node->next)
3760
0
            {
3761
0
              if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY
3762
0
                  && (pk = node->pkt->pkt.public_key)
3763
0
                  && !pk->flags.revoked )
3764
0
                {
3765
0
                  fingerprint_from_pk (pk, fprbin, &fprlen);
3766
0
                  if (fprlen == desc.fprlen && !memcmp (fprbin, desc.u.fpr, fprlen))
3767
0
                    {
3768
0
                      node->flag |= NODFLG_SELKEY;
3769
0
                      any = 1;
3770
0
                    }
3771
0
                }
3772
0
            }
3773
0
          if (!any)
3774
0
            {
3775
0
              log_error (_("subkey \"%s\" not found\n"), subkeyfprs[idx]);
3776
0
              if (!err)
3777
0
                err = gpg_error (GPG_ERR_NOT_FOUND);
3778
0
            }
3779
0
        }
3780
3781
0
      if (err)
3782
0
        goto leave;
3783
0
    }
3784
3785
  /* Set the new expiration date.  */
3786
0
  err = menu_expire (ctrl, keyblock, primary_only? 1 : 2, expire);
3787
0
  if (gpg_err_code (err) == GPG_ERR_TRUE)
3788
0
    modified = 1;
3789
0
  else if (err)
3790
0
    goto leave;
3791
0
  es_fflush (es_stdout);
3792
3793
  /* Store.  */
3794
0
  if (modified)
3795
0
    {
3796
0
      err = keydb_update_keyblock (ctrl, kdbhd, keyblock);
3797
0
      if (err)
3798
0
        {
3799
0
          log_error (_("update failed: %s\n"), gpg_strerror (err));
3800
0
          goto leave;
3801
0
        }
3802
0
      maybe_upload_key (ctrl, keyblock);
3803
0
      if (update_trust)
3804
0
        revalidation_mark (ctrl);
3805
0
    }
3806
0
  else
3807
0
    log_info (_("Key not changed so no update needed.\n"));
3808
3809
0
 leave:
3810
0
  release_kbnode (keyblock);
3811
0
  keydb_release (kdbhd);
3812
0
  if (err)
3813
0
    write_status_error ("set_expire", err);
3814
0
}
3815
3816
3817

3818
static void
3819
tty_print_notations (int indent, PKT_signature * sig)
3820
0
{
3821
0
  int first = 1;
3822
0
  struct notation *notation, *nd;
3823
3824
0
  if (indent < 0)
3825
0
    {
3826
0
      first = 0;
3827
0
      indent = -indent;
3828
0
    }
3829
3830
0
  notation = sig_to_notation (sig);
3831
3832
0
  for (nd = notation; nd; nd = nd->next)
3833
0
    {
3834
0
      if (!first)
3835
0
  tty_printf ("%*s", indent, "");
3836
0
      else
3837
0
  first = 0;
3838
3839
0
      tty_print_utf8_string (nd->name, strlen (nd->name));
3840
0
      tty_printf ("=");
3841
0
      tty_print_utf8_string (nd->value, strlen (nd->value));
3842
0
      tty_printf ("\n");
3843
0
    }
3844
3845
0
  free_notation (notation);
3846
0
}
3847
3848
3849
/*
3850
 * Show preferences of a public keyblock.
3851
 */
3852
static void
3853
show_prefs (PKT_user_id * uid, PKT_signature * selfsig, int verbose)
3854
0
{
3855
0
  if (!uid)
3856
0
    return;
3857
3858
0
  if (verbose)
3859
0
    {
3860
0
      show_preferences (uid, 4, -1, 1);
3861
3862
0
      if (selfsig)
3863
0
  {
3864
0
    const byte *pref_ks;
3865
0
    size_t pref_ks_len;
3866
3867
0
    pref_ks = parse_sig_subpkt (selfsig, 1,
3868
0
                                      SIGSUBPKT_PREF_KS, &pref_ks_len);
3869
0
    if (pref_ks && pref_ks_len)
3870
0
      {
3871
0
        tty_printf ("     ");
3872
0
        tty_printf (_("Preferred keyserver: "));
3873
0
        tty_print_utf8_string (pref_ks, pref_ks_len);
3874
0
        tty_printf ("\n");
3875
0
      }
3876
3877
0
    if (selfsig->flags.notation)
3878
0
      {
3879
0
        tty_printf ("     ");
3880
0
        tty_printf (_("Notations: "));
3881
0
        tty_print_notations (5 + strlen (_("Notations: ")), selfsig);
3882
0
      }
3883
0
  }
3884
0
    }
3885
0
  else
3886
0
    {
3887
0
      show_preferences (uid, 4, -1, 0);
3888
0
    }
3889
0
}
3890
3891
3892
/* This is the version of show_key_with_all_names used when
3893
   opt.with_colons is used.  It prints all available data in a easy to
3894
   parse format and does not translate utf8 */
3895
static void
3896
show_key_with_all_names_colon (ctrl_t ctrl, estream_t fp, kbnode_t keyblock)
3897
0
{
3898
0
  KBNODE node;
3899
0
  int i, j, ulti_hack = 0;
3900
0
  byte pk_version = 0;
3901
0
  PKT_public_key *primary = NULL;
3902
0
  int have_seckey;
3903
3904
0
  if (!fp)
3905
0
    fp = es_stdout;
3906
3907
  /* the keys */
3908
0
  for (node = keyblock; node; node = node->next)
3909
0
    {
3910
0
      if (node->pkt->pkttype == PKT_PUBLIC_KEY
3911
0
    || (node->pkt->pkttype == PKT_PUBLIC_SUBKEY))
3912
0
  {
3913
0
    PKT_public_key *pk = node->pkt->pkt.public_key;
3914
0
    u32 keyid[2];
3915
3916
0
    if (node->pkt->pkttype == PKT_PUBLIC_KEY)
3917
0
      {
3918
0
        pk_version = pk->version;
3919
0
        primary = pk;
3920
0
      }
3921
3922
0
    keyid_from_pk (pk, keyid);
3923
0
          have_seckey = agent_probe_secret_key (ctrl, pk);
3924
3925
0
          if (node->pkt->pkttype == PKT_PUBLIC_KEY)
3926
0
            es_fputs (have_seckey? "sec:" : "pub:", fp);
3927
0
          else
3928
0
            es_fputs (have_seckey? "ssb:" : "sub:", fp);
3929
3930
0
    if (!pk->flags.valid)
3931
0
      es_putc ('i', fp);
3932
0
    else if (pk->flags.revoked)
3933
0
      es_putc ('r', fp);
3934
0
    else if (pk->has_expired)
3935
0
      es_putc ('e', fp);
3936
0
    else if (!(opt.fast_list_mode || opt.no_expensive_trust_checks))
3937
0
      {
3938
0
        int trust = get_validity_info (ctrl, keyblock, pk, NULL);
3939
0
        if (trust == 'u')
3940
0
    ulti_hack = 1;
3941
0
        es_putc (trust, fp);
3942
0
      }
3943
3944
0
    es_fprintf (fp, ":%u:%d:%08lX%08lX:%lu:%lu::",
3945
0
                      nbits_from_pk (pk),
3946
0
                      pk->pubkey_algo,
3947
0
                      (ulong) keyid[0], (ulong) keyid[1],
3948
0
                      (ulong) pk->timestamp, (ulong) pk->expiredate);
3949
0
    if (node->pkt->pkttype == PKT_PUBLIC_KEY
3950
0
        && !(opt.fast_list_mode || opt.no_expensive_trust_checks))
3951
0
      es_putc (get_ownertrust_info (ctrl, pk, 0), fp);
3952
0
    es_putc (':', fp);
3953
0
    es_putc (':', fp);
3954
0
    es_putc (':', fp);
3955
    /* Print capabilities.  */
3956
0
    if ((pk->pubkey_usage & PUBKEY_USAGE_ENC))
3957
0
      es_putc ('e', fp);
3958
0
    if ((pk->pubkey_usage & PUBKEY_USAGE_SIG))
3959
0
      es_putc ('s', fp);
3960
0
    if ((pk->pubkey_usage & PUBKEY_USAGE_CERT))
3961
0
      es_putc ('c', fp);
3962
0
    if ((pk->pubkey_usage & PUBKEY_USAGE_AUTH))
3963
0
      es_putc ('a', fp);
3964
0
    if ((pk->pubkey_usage & PUBKEY_USAGE_RENC))
3965
0
      es_putc ('r', fp);
3966
0
    if ((pk->pubkey_usage & PUBKEY_USAGE_TIME))
3967
0
      es_putc ('t', fp);
3968
0
    if ((pk->pubkey_usage & PUBKEY_USAGE_GROUP))
3969
0
      es_putc ('g', fp);
3970
0
    es_putc ('\n', fp);
3971
3972
0
    print_fingerprint (ctrl, fp, pk, 0);
3973
0
    print_revokers (fp, 1, pk);
3974
0
  }
3975
0
    }
3976
3977
  /* the user ids */
3978
0
  i = 0;
3979
0
  for (node = keyblock; node; node = node->next)
3980
0
    {
3981
0
      if (node->pkt->pkttype == PKT_USER_ID)
3982
0
  {
3983
0
    PKT_user_id *uid = node->pkt->pkt.user_id;
3984
3985
0
    ++i;
3986
3987
0
    if (uid->attrib_data)
3988
0
      es_fputs ("uat:", fp);
3989
0
    else
3990
0
      es_fputs ("uid:", fp);
3991
3992
0
    if (uid->flags.revoked)
3993
0
      es_fputs ("r::::::::", fp);
3994
0
    else if (uid->flags.expired)
3995
0
      es_fputs ("e::::::::", fp);
3996
0
    else if (opt.fast_list_mode || opt.no_expensive_trust_checks)
3997
0
      es_fputs ("::::::::", fp);
3998
0
    else
3999
0
      {
4000
0
        int uid_validity;
4001
4002
0
        if (primary && !ulti_hack)
4003
0
    uid_validity = get_validity_info (ctrl, keyblock, primary, uid);
4004
0
        else
4005
0
    uid_validity = 'u';
4006
0
        es_fprintf (fp, "%c::::::::", uid_validity);
4007
0
      }
4008
4009
0
    if (uid->attrib_data)
4010
0
      es_fprintf (fp, "%u %lu", uid->numattribs, uid->attrib_len);
4011
0
    else
4012
0
      es_write_sanitized (fp, uid->name, uid->len, ":", NULL);
4013
4014
0
    es_putc (':', fp);
4015
    /* signature class */
4016
0
    es_putc (':', fp);
4017
    /* capabilities */
4018
0
    es_putc (':', fp);
4019
    /* preferences */
4020
0
    if (pk_version > 3 || uid->selfsigversion > 3)
4021
0
      {
4022
0
        const prefitem_t *prefs = uid->prefs;
4023
4024
0
        for (j = 0; prefs && prefs[j].type; j++)
4025
0
    {
4026
0
      if (j)
4027
0
        es_putc (' ', fp);
4028
0
      es_fprintf (fp,
4029
0
                              "%c%d", prefs[j].type == PREFTYPE_SYM ? 'S' :
4030
0
                              prefs[j].type == PREFTYPE_HASH ? 'H' :
4031
0
                              prefs[j].type == PREFTYPE_ZIP ? 'Z' : '?',
4032
0
                              prefs[j].value);
4033
0
    }
4034
0
        if (uid->flags.mdc)
4035
0
    es_fputs (",mdc", fp);
4036
0
        if (uid->flags.aead)
4037
0
    es_fputs (",aead", fp);
4038
0
        if (!uid->flags.ks_modify)
4039
0
    es_fputs (",no-ks-modify", fp);
4040
0
      }
4041
0
    es_putc (':', fp);
4042
    /* flags */
4043
0
    es_fprintf (fp, "%d,", i);
4044
0
    if (uid->flags.primary)
4045
0
      es_putc ('p', fp);
4046
0
    if (uid->flags.revoked)
4047
0
      es_putc ('r', fp);
4048
0
    if (uid->flags.expired)
4049
0
      es_putc ('e', fp);
4050
0
    if ((node->flag & NODFLG_SELUID))
4051
0
      es_putc ('s', fp);
4052
0
    if ((node->flag & NODFLG_MARK_A))
4053
0
      es_putc ('m', fp);
4054
0
    es_putc (':', fp);
4055
0
    if (opt.trust_model == TM_TOFU || opt.trust_model == TM_TOFU_PGP)
4056
0
      {
4057
#ifdef USE_TOFU
4058
        enum tofu_policy policy;
4059
        if (! tofu_get_policy (ctrl, primary, uid, &policy)
4060
      && policy != TOFU_POLICY_NONE)
4061
    es_fprintf (fp, "%s", tofu_policy_str (policy));
4062
#endif /*USE_TOFU*/
4063
0
      }
4064
0
    es_putc (':', fp);
4065
0
    es_putc ('\n', fp);
4066
0
  }
4067
0
    }
4068
0
}
4069
4070
4071
static void
4072
show_names (ctrl_t ctrl, estream_t fp,
4073
            kbnode_t keyblock, PKT_public_key * pk, unsigned int flag,
4074
      int with_prefs)
4075
0
{
4076
0
  KBNODE node;
4077
0
  int i = 0;
4078
4079
0
  for (node = keyblock; node; node = node->next)
4080
0
    {
4081
0
      if (node->pkt->pkttype == PKT_USER_ID && !is_deleted_kbnode (node))
4082
0
  {
4083
0
    PKT_user_id *uid = node->pkt->pkt.user_id;
4084
0
    ++i;
4085
0
    if (!flag || (flag && (node->flag & flag)))
4086
0
      {
4087
0
        if (!(flag & NODFLG_MARK_A) && pk)
4088
0
    tty_fprintf (fp, "%s ", uid_trust_string_fixed (ctrl, pk, uid));
4089
4090
0
        if (flag & NODFLG_MARK_A)
4091
0
    tty_fprintf (fp, "     ");
4092
0
        else if (node->flag & NODFLG_SELUID)
4093
0
    tty_fprintf (fp, "(%d)* ", i);
4094
0
        else if (uid->flags.primary)
4095
0
    tty_fprintf (fp, "(%d). ", i);
4096
0
        else
4097
0
    tty_fprintf (fp, "(%d)  ", i);
4098
0
        tty_print_utf8_string2 (fp, uid->name, uid->len, 0);
4099
0
        tty_fprintf (fp, "\n");
4100
0
        if (with_prefs && pk)
4101
0
    {
4102
0
      if (pk->version > 3 || uid->selfsigversion > 3)
4103
0
        {
4104
0
          PKT_signature *selfsig = NULL;
4105
0
          KBNODE signode;
4106
4107
0
          for (signode = node->next;
4108
0
         signode && signode->pkt->pkttype == PKT_SIGNATURE;
4109
0
         signode = signode->next)
4110
0
      {
4111
0
        if (signode->pkt->pkt.signature->
4112
0
            flags.chosen_selfsig)
4113
0
          {
4114
0
            selfsig = signode->pkt->pkt.signature;
4115
0
            break;
4116
0
          }
4117
0
      }
4118
4119
0
          show_prefs (uid, selfsig, with_prefs == 2);
4120
0
        }
4121
0
      else
4122
0
        tty_fprintf (fp, _("There are no preferences on a"
4123
0
                                       " PGP 2.x-style user ID.\n"));
4124
0
    }
4125
0
      }
4126
0
  }
4127
0
    }
4128
0
}
4129
4130
4131
/*
4132
 * Display the key a the user ids, if only_marked is true, do only so
4133
 * for user ids with mark A flag set and do not display the index
4134
 * number.  If FP is not NULL print to the given stream and not to the
4135
 * tty (ignored in with-colons mode).
4136
 */
4137
static void
4138
show_key_with_all_names (ctrl_t ctrl, estream_t fp,
4139
                         KBNODE keyblock, int only_marked, int with_revoker,
4140
       int with_fpr, int with_subkeys, int with_prefs,
4141
                         int nowarn)
4142
0
{
4143
0
  gpg_error_t err;
4144
0
  kbnode_t node;
4145
0
  int i;
4146
0
  int do_warn = 0;
4147
0
  int have_seckey = 0;
4148
0
  char *serialno = NULL;
4149
0
  PKT_public_key *primary = NULL;
4150
0
  char pkstrbuf[PUBKEY_STRING_SIZE];
4151
4152
0
  if (opt.with_colons)
4153
0
    {
4154
0
      show_key_with_all_names_colon (ctrl, fp, keyblock);
4155
0
      return;
4156
0
    }
4157
4158
  /* the keys */
4159
0
  for (node = keyblock; node; node = node->next)
4160
0
    {
4161
0
      if (node->pkt->pkttype == PKT_PUBLIC_KEY
4162
0
    || (with_subkeys && node->pkt->pkttype == PKT_PUBLIC_SUBKEY
4163
0
        && !is_deleted_kbnode (node)))
4164
0
  {
4165
0
    PKT_public_key *pk = node->pkt->pkt.public_key;
4166
0
    const char *otrust = "err";
4167
0
    const char *trust = "err";
4168
4169
0
    if (node->pkt->pkttype == PKT_PUBLIC_KEY)
4170
0
      {
4171
        /* do it here, so that debug messages don't clutter the
4172
         * output */
4173
0
        static int did_warn = 0;
4174
4175
0
        trust = get_validity_string (ctrl, pk, NULL);
4176
0
        otrust = get_ownertrust_string (ctrl, pk, 0);
4177
4178
        /* Show a warning once */
4179
0
        if (!did_warn
4180
0
      && (get_validity (ctrl, keyblock, pk, NULL, NULL, 0)
4181
0
          & TRUST_FLAG_PENDING_CHECK))
4182
0
    {
4183
0
      did_warn = 1;
4184
0
      do_warn = 1;
4185
0
    }
4186
4187
0
        primary = pk;
4188
0
      }
4189
4190
0
    if (pk->flags.revoked)
4191
0
      {
4192
0
        char *user = get_user_id_string_native (ctrl, pk->revoked.keyid);
4193
0
              tty_fprintf (fp,
4194
0
                           _("The following key was revoked on"
4195
0
                            " %s by %s key %s\n"),
4196
0
        revokestr_from_pk (pk),
4197
0
                          openpgp_pk_algo_name (pk->revoked.algo), user);
4198
0
        xfree (user);
4199
0
      }
4200
4201
0
    if (with_revoker)
4202
0
      {
4203
0
        if (!pk->revkey && pk->numrevkeys)
4204
0
    BUG ();
4205
0
        else
4206
0
    for (i = 0; i < pk->numrevkeys; i++)
4207
0
      {
4208
0
        u32 r_keyid[2];
4209
0
        char *user;
4210
0
        const char *algo;
4211
4212
0
        algo = openpgp_pk_algo_name (pk->revkey[i].algid);
4213
0
        keyid_from_fingerprint (ctrl, pk->revkey[i].fpr,
4214
0
              pk->revkey[i].fprlen, r_keyid);
4215
4216
0
        user = get_user_id_string_native (ctrl, r_keyid);
4217
0
        tty_fprintf (fp,
4218
0
                                 _("This key may be revoked by %s key %s"),
4219
0
                                 algo, user);
4220
4221
0
        if (pk->revkey[i].class & 0x40)
4222
0
          {
4223
0
      tty_fprintf (fp, " ");
4224
0
      tty_fprintf (fp, _("(sensitive)"));
4225
0
          }
4226
4227
0
        tty_fprintf (fp, "\n");
4228
0
        xfree (user);
4229
0
      }
4230
0
      }
4231
4232
0
    keyid_from_pk (pk, NULL);
4233
4234
0
          xfree (serialno);
4235
0
          serialno = NULL;
4236
0
          {
4237
0
            char *hexgrip;
4238
4239
0
            err = hexkeygrip_from_pk (pk, &hexgrip);
4240
0
            if (err)
4241
0
              {
4242
0
                log_error ("error computing a keygrip: %s\n",
4243
0
                           gpg_strerror (err));
4244
0
                have_seckey = 0;
4245
0
              }
4246
0
            else
4247
0
              have_seckey = !agent_get_keyinfo (ctrl, hexgrip, &serialno, NULL);
4248
0
            xfree (hexgrip);
4249
0
          }
4250
4251
0
    tty_fprintf
4252
0
            (fp, "%s%c %s/%s",
4253
0
             node->pkt->pkttype == PKT_PUBLIC_KEY && have_seckey? "sec" :
4254
0
             node->pkt->pkttype == PKT_PUBLIC_KEY ?               "pub" :
4255
0
             have_seckey ?                                        "ssb" :
4256
0
                                                                  "sub",
4257
0
             (node->flag & NODFLG_SELKEY) ? '*' : ' ',
4258
0
             pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
4259
0
             keystr (pk->keyid));
4260
4261
0
          if (opt.legacy_list_mode)
4262
0
            tty_fprintf (fp, "  ");
4263
0
          else
4264
0
            tty_fprintf (fp, "\n     ");
4265
4266
0
          tty_fprintf (fp, _("created: %s"), datestr_from_pk (pk));
4267
0
    tty_fprintf (fp, "  ");
4268
0
    if (pk->flags.revoked)
4269
0
      tty_fprintf (fp, _("revoked: %s"), revokestr_from_pk (pk));
4270
0
    else if (pk->has_expired)
4271
0
      tty_fprintf (fp, _("expired: %s"), expirestr_from_pk (pk));
4272
0
    else
4273
0
      tty_fprintf (fp, _("expires: %s"), expirestr_from_pk (pk));
4274
0
    tty_fprintf (fp, "  ");
4275
0
    tty_fprintf (fp, _("usage: %s"), usagestr_from_pk (pk, 1));
4276
0
    tty_fprintf (fp, "\n");
4277
4278
0
          if (serialno)
4279
0
            {
4280
              /* The agent told us that a secret key is available and
4281
                 that it has been stored on a card.  */
4282
0
        tty_fprintf (fp, "%*s%s", opt.legacy_list_mode? 21:5, "",
4283
0
                           _("card-no: "));
4284
0
              if (strlen (serialno) == 32
4285
0
                  && !strncmp (serialno, "D27600012401", 12))
4286
0
                {
4287
                  /* This is an OpenPGP card.  Print the relevant part.  */
4288
                  /* Example: D2760001240101010001000003470000 */
4289
                  /*                          xxxxyyyyyyyy     */
4290
0
                  tty_fprintf (fp, "%.*s %.*s\n",
4291
0
                               4, serialno+16, 8, serialno+20);
4292
0
                }
4293
0
              else
4294
0
                tty_fprintf (fp, "%s\n", serialno);
4295
4296
0
            }
4297
0
    else if (pk->seckey_info
4298
0
              && pk->seckey_info->is_protected
4299
0
              && pk->seckey_info->s2k.mode == 1002)
4300
0
      {
4301
              /* FIXME: Check whether this code path is still used.  */
4302
0
        tty_fprintf (fp, "%*s%s", opt.legacy_list_mode? 21:5, "",
4303
0
                           _("card-no: "));
4304
0
        if (pk->seckey_info->ivlen == 16
4305
0
      && !memcmp (pk->seckey_info->iv,
4306
0
                              "\xD2\x76\x00\x01\x24\x01", 6))
4307
0
    {
4308
                  /* This is an OpenPGP card. */
4309
0
      for (i = 8; i < 14; i++)
4310
0
        {
4311
0
          if (i == 10)
4312
0
      tty_fprintf (fp, " ");
4313
0
          tty_fprintf (fp, "%02X", pk->seckey_info->iv[i]);
4314
0
        }
4315
0
    }
4316
0
        else
4317
0
    {
4318
                  /* Unknown card: Print all. */
4319
0
      for (i = 0; i < pk->seckey_info->ivlen; i++)
4320
0
        tty_fprintf (fp, "%02X", pk->seckey_info->iv[i]);
4321
0
    }
4322
0
        tty_fprintf (fp, "\n");
4323
0
      }
4324
4325
0
    if (node->pkt->pkttype == PKT_PUBLIC_KEY
4326
0
              || node->pkt->pkttype == PKT_SECRET_KEY)
4327
0
      {
4328
0
        if (opt.trust_model != TM_ALWAYS)
4329
0
    {
4330
0
      tty_fprintf (fp, "%*s",
4331
0
                               opt.legacy_list_mode?
4332
0
                               ((int) keystrlen () + 13):5, "");
4333
      /* Ownertrust is only meaningful for the PGP or
4334
         classic trust models, or PGP combined with TOFU */
4335
0
      if (opt.trust_model == TM_PGP
4336
0
          || opt.trust_model == TM_CLASSIC
4337
0
          || opt.trust_model == TM_TOFU_PGP)
4338
0
        {
4339
0
          int width = 14 - strlen (otrust);
4340
0
          if (width <= 0)
4341
0
      width = 1;
4342
0
          tty_fprintf (fp, _("trust: %s"), otrust);
4343
0
          tty_fprintf (fp, "%*s", width, "");
4344
0
        }
4345
4346
0
      tty_fprintf (fp, _("validity: %s"), trust);
4347
0
      tty_fprintf (fp, "\n");
4348
0
    }
4349
0
        if (node->pkt->pkttype == PKT_PUBLIC_KEY
4350
0
      && (get_ownertrust (ctrl, pk) & TRUST_FLAG_DISABLED))
4351
0
    {
4352
0
      tty_fprintf (fp, "*** ");
4353
0
      tty_fprintf (fp, _("This key has been disabled"));
4354
0
      tty_fprintf (fp, "\n");
4355
0
    }
4356
0
      }
4357
4358
0
    if ((node->pkt->pkttype == PKT_PUBLIC_KEY
4359
0
               || node->pkt->pkttype == PKT_SECRET_KEY) && with_fpr)
4360
0
      {
4361
0
              print_fingerprint (ctrl, fp, pk, 2);
4362
0
        tty_fprintf (fp, "\n");
4363
0
      }
4364
0
  }
4365
0
    }
4366
4367
0
  show_names (ctrl, fp,
4368
0
              keyblock, primary, only_marked ? NODFLG_MARK_A : 0, with_prefs);
4369
4370
0
  if (do_warn && !nowarn)
4371
0
    tty_fprintf (fp, _("Please note that the shown key validity"
4372
0
                       " is not necessarily correct\n"
4373
0
                       "unless you restart the program.\n"));
4374
4375
0
  xfree (serialno);
4376
0
}
4377
4378
4379
/* Display basic key information.  This function is suitable to show
4380
 * information on the key without any dependencies on the trustdb or
4381
 * any other internal GnuPG stuff.  KEYBLOCK may either be a public or
4382
 * a secret key.  This function may be called with KEYBLOCK containing
4383
 * secret keys and thus the printing of "pub" vs. "sec" does only
4384
 * depend on the packet type and not by checking with gpg-agent.  If
4385
 * PRINT_SEC is set "sec" is printed instead of "pub".  */
4386
void
4387
show_basic_key_info (ctrl_t ctrl, kbnode_t keyblock, int print_sec)
4388
0
{
4389
0
  KBNODE node;
4390
0
  int i;
4391
0
  char pkstrbuf[PUBKEY_STRING_SIZE];
4392
4393
  /* The primary key */
4394
0
  for (node = keyblock; node; node = node->next)
4395
0
    {
4396
0
      if (node->pkt->pkttype == PKT_PUBLIC_KEY
4397
0
          || node->pkt->pkttype == PKT_SECRET_KEY)
4398
0
  {
4399
0
    PKT_public_key *pk = node->pkt->pkt.public_key;
4400
0
          const char *tag;
4401
4402
0
          if (node->pkt->pkttype == PKT_SECRET_KEY || print_sec)
4403
0
            tag = "sec";
4404
0
          else
4405
0
            tag = "pub";
4406
4407
    /* Note, we use the same format string as in other show
4408
       functions to make the translation job easier. */
4409
0
    tty_printf ("%s  %s/%s  ",
4410
0
                      tag,
4411
0
                      pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
4412
0
          keystr_from_pk (pk));
4413
0
    tty_printf (_("created: %s"), datestr_from_pk (pk));
4414
0
    tty_printf ("  ");
4415
0
    tty_printf (_("expires: %s"), expirestr_from_pk (pk));
4416
0
    tty_printf ("\n");
4417
0
    print_fingerprint (ctrl, NULL, pk, 3);
4418
0
    tty_printf ("\n");
4419
0
  }
4420
0
    }
4421
4422
  /* The user IDs. */
4423
0
  (void)i; /* Counting User IDs */
4424
0
  for (i = 0, node = keyblock; node; node = node->next)
4425
0
    {
4426
0
      if (node->pkt->pkttype == PKT_USER_ID)
4427
0
  {
4428
0
    PKT_user_id *uid = node->pkt->pkt.user_id;
4429
0
    ++i;
4430
4431
0
    tty_printf ("     ");
4432
0
    if (uid->flags.revoked)
4433
0
      tty_printf ("[%s] ", _("revoked"));
4434
0
    else if (uid->flags.expired)
4435
0
      tty_printf ("[%s] ", _("expired"));
4436
0
    tty_print_utf8_string (uid->name, uid->len);
4437
0
    tty_printf ("\n");
4438
0
  }
4439
0
    }
4440
0
}
4441
4442
4443
static void
4444
show_key_and_fingerprint (ctrl_t ctrl, kbnode_t keyblock, int with_subkeys)
4445
0
{
4446
0
  kbnode_t node;
4447
0
  PKT_public_key *pk = NULL;
4448
0
  char pkstrbuf[PUBKEY_STRING_SIZE];
4449
4450
0
  for (node = keyblock; node; node = node->next)
4451
0
    {
4452
0
      if (node->pkt->pkttype == PKT_PUBLIC_KEY)
4453
0
  {
4454
0
    pk = node->pkt->pkt.public_key;
4455
0
    tty_printf ("pub   %s/%s %s ",
4456
0
                      pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
4457
0
                      keystr_from_pk(pk),
4458
0
                      datestr_from_pk (pk));
4459
0
  }
4460
0
      else if (node->pkt->pkttype == PKT_USER_ID)
4461
0
  {
4462
0
    PKT_user_id *uid = node->pkt->pkt.user_id;
4463
0
    tty_print_utf8_string (uid->name, uid->len);
4464
0
    break;
4465
0
  }
4466
0
    }
4467
0
  tty_printf ("\n");
4468
0
  if (pk)
4469
0
    print_fingerprint (ctrl, NULL, pk, 2);
4470
0
  if (with_subkeys)
4471
0
    {
4472
0
      for (node = keyblock; node; node = node->next)
4473
0
        {
4474
0
          if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
4475
0
            {
4476
0
              pk = node->pkt->pkt.public_key;
4477
0
              tty_printf ("sub   %s/%s %s [%s]\n",
4478
0
                          pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
4479
0
                          keystr_from_pk(pk),
4480
0
                          datestr_from_pk (pk),
4481
0
                          usagestr_from_pk (pk, 0));
4482
4483
0
              print_fingerprint (ctrl, NULL, pk, 4);
4484
0
            }
4485
0
        }
4486
0
    }
4487
0
}
4488
4489
4490
/* Show a listing of the primary and its subkeys along with their
4491
   keygrips.  */
4492
static void
4493
show_key_and_grip (kbnode_t keyblock)
4494
0
{
4495
0
  kbnode_t node;
4496
0
  PKT_public_key *pk = NULL;
4497
0
  char pkstrbuf[PUBKEY_STRING_SIZE];
4498
0
  char *hexgrip;
4499
4500
0
  for (node = keyblock; node; node = node->next)
4501
0
    {
4502
0
      if (node->pkt->pkttype == PKT_PUBLIC_KEY
4503
0
          || node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
4504
0
        {
4505
0
          pk = node->pkt->pkt.public_key;
4506
0
          tty_printf ("%s   %s/%s %s [%s]\n",
4507
0
                      node->pkt->pkttype == PKT_PUBLIC_KEY? "pub":"sub",
4508
0
                      pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
4509
0
                      keystr_from_pk(pk),
4510
0
                      datestr_from_pk (pk),
4511
0
                      usagestr_from_pk (pk, 0));
4512
4513
0
          if (!hexkeygrip_from_pk (pk, &hexgrip))
4514
0
            {
4515
0
              tty_printf ("      Keygrip: %s\n", hexgrip);
4516
0
              xfree (hexgrip);
4517
0
            }
4518
0
        }
4519
0
    }
4520
0
}
4521
4522
4523
/* Show a warning if no uids on the key have the primary uid flag
4524
   set. */
4525
static void
4526
no_primary_warning (KBNODE keyblock)
4527
0
{
4528
0
  KBNODE node;
4529
0
  int have_primary = 0, uid_count = 0;
4530
4531
  /* TODO: if we ever start behaving differently with a primary or
4532
     non-primary attribute ID, we will need to check for attributes
4533
     here as well. */
4534
4535
0
  for (node = keyblock; node; node = node->next)
4536
0
    {
4537
0
      if (node->pkt->pkttype == PKT_USER_ID
4538
0
    && node->pkt->pkt.user_id->attrib_data == NULL)
4539
0
  {
4540
0
    uid_count++;
4541
4542
0
    if (node->pkt->pkt.user_id->flags.primary == 2)
4543
0
      {
4544
0
        have_primary = 1;
4545
0
        break;
4546
0
      }
4547
0
  }
4548
0
    }
4549
4550
0
  if (uid_count > 1 && !have_primary)
4551
0
    log_info (_
4552
0
        ("WARNING: no user ID has been marked as primary.  This command"
4553
0
         " may\n              cause a different user ID to become"
4554
0
         " the assumed primary.\n"));
4555
0
}
4556
4557
4558
/* Print a warning if the latest encryption subkey expires soon.  This
4559
   function is called after the expire data of the primary key has
4560
   been changed.  */
4561
static void
4562
subkey_expire_warning (kbnode_t keyblock)
4563
0
{
4564
0
  u32 curtime = make_timestamp ();
4565
0
  kbnode_t node;
4566
0
  PKT_public_key *pk;
4567
  /* u32 mainexpire = 0; */
4568
0
  u32 subexpire = 0;
4569
0
  u32 latest_date = 0;
4570
4571
0
  for (node = keyblock; node; node = node->next)
4572
0
    {
4573
      /* if (node->pkt->pkttype == PKT_PUBLIC_KEY) */
4574
      /*   { */
4575
      /*     pk = node->pkt->pkt.public_key; */
4576
      /*     mainexpire = pk->expiredate; */
4577
      /*   } */
4578
4579
0
      if (node->pkt->pkttype != PKT_PUBLIC_SUBKEY)
4580
0
        continue;
4581
0
      pk = node->pkt->pkt.public_key;
4582
4583
0
      if (!pk->flags.valid)
4584
0
        continue;
4585
0
      if (pk->flags.revoked)
4586
0
        continue;
4587
0
      if (pk->timestamp > curtime)
4588
0
        continue; /* Ignore future keys.  */
4589
0
      if (!(pk->pubkey_usage & PUBKEY_USAGE_ENC))
4590
0
        continue; /* Not an encryption key.  */
4591
4592
0
      if (pk->timestamp > latest_date || (!pk->timestamp && !latest_date))
4593
0
        {
4594
0
          latest_date = pk->timestamp;
4595
0
          subexpire = pk->expiredate;
4596
0
        }
4597
0
    }
4598
4599
0
  if (!subexpire)
4600
0
    return;  /* No valid subkey with an expiration time.  */
4601
4602
0
  if (curtime + (10*86400) > subexpire)
4603
0
    {
4604
0
      log_info (_("WARNING: Your encryption subkey expires soon.\n"));
4605
0
      log_info (_("You may want to change its expiration date too.\n"));
4606
0
    }
4607
0
}
4608
4609
4610
/* Print a warning if all encryption (sub|primary)keys are expired.
4611
 * The warning is not printed if there is no encryption
4612
 * (sub|primary)key at all.  This function is called after the expire
4613
 * data of the primary key has been changed.  */
4614
void
4615
no_usable_encr_subkeys_warning (kbnode_t keyblock)
4616
0
{
4617
0
  kbnode_t node;
4618
0
  PKT_public_key *pk;
4619
0
  int any_encr_key = 0;
4620
4621
0
  for (node = keyblock; node; node = node->next)
4622
0
    {
4623
0
      if (node->pkt->pkttype == PKT_PUBLIC_KEY
4624
0
          || node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
4625
0
        {
4626
0
          pk = node->pkt->pkt.public_key;
4627
0
          if ((pk->pubkey_usage & PUBKEY_USAGE_ENC))
4628
0
            {
4629
0
              any_encr_key = 1;
4630
0
              if (pk->flags.valid && !pk->has_expired && !pk->flags.revoked
4631
0
                  && !pk->flags.disabled)
4632
0
                {
4633
0
                  return; /* Key is usable for encryption  */
4634
0
                }
4635
0
            }
4636
0
        }
4637
0
    }
4638
4639
0
  if (any_encr_key && !opt.quiet)
4640
0
    log_info (_("WARNING: No valid encryption subkey left over.\n"));
4641
0
}
4642
4643
4644
/*
4645
 * Ask for a new user id, add the self-signature, and update the
4646
 * keyblock.  If UIDSTRING is not NULL the user ID is generated
4647
 * unattended using that string.  UIDSTRING is expected to be utf-8
4648
 * encoded and white space trimmed.  Returns true if there is a new
4649
 * user id.
4650
 */
4651
static int
4652
menu_adduid (ctrl_t ctrl, kbnode_t pub_keyblock,
4653
             int photo, const char *photo_name, const char *uidstring)
4654
0
{
4655
0
  PKT_user_id *uid;
4656
0
  PKT_public_key *pk = NULL;
4657
0
  PKT_signature *sig = NULL;
4658
0
  PACKET *pkt;
4659
0
  KBNODE node;
4660
0
  KBNODE pub_where = NULL;
4661
0
  gpg_error_t err;
4662
4663
0
  if (photo && uidstring)
4664
0
    return 0;  /* Not allowed.  */
4665
4666
0
  for (node = pub_keyblock; node; pub_where = node, node = node->next)
4667
0
    {
4668
0
      if (node->pkt->pkttype == PKT_PUBLIC_KEY)
4669
0
  pk = node->pkt->pkt.public_key;
4670
0
      else if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
4671
0
  break;
4672
0
    }
4673
0
  if (!node) /* No subkey.  */
4674
0
    pub_where = NULL;
4675
0
  log_assert (pk);
4676
4677
0
  if (photo)
4678
0
    {
4679
0
      int hasattrib = 0;
4680
4681
0
      for (node = pub_keyblock; node; node = node->next)
4682
0
  if (node->pkt->pkttype == PKT_USER_ID &&
4683
0
      node->pkt->pkt.user_id->attrib_data != NULL)
4684
0
    {
4685
0
      hasattrib = 1;
4686
0
      break;
4687
0
    }
4688
4689
      /* It is legal but bad for compatibility to add a photo ID to a
4690
         v3 key as it means that PGP2 will not be able to use that key
4691
         anymore.  Also, PGP may not expect a photo on a v3 key.
4692
         Don't bother to ask this if the key already has a photo - any
4693
         damage has already been done at that point. -dms */
4694
0
      if (pk->version == 3 && !hasattrib)
4695
0
  {
4696
0
    if (opt.expert)
4697
0
      {
4698
0
        tty_printf (_("WARNING: This is a PGP2-style key.  "
4699
0
          "Adding a photo ID may cause some versions\n"
4700
0
          "         of PGP to reject this key.\n"));
4701
4702
0
        if (!cpr_get_answer_is_yes ("keyedit.v3_photo.okay",
4703
0
            _("Are you sure you still want "
4704
0
              "to add it? (y/N) ")))
4705
0
    return 0;
4706
0
      }
4707
0
    else
4708
0
      {
4709
0
        tty_printf (_("You may not add a photo ID to "
4710
0
          "a PGP2-style key.\n"));
4711
0
        return 0;
4712
0
      }
4713
0
  }
4714
4715
0
      uid = generate_photo_id (ctrl, pk, photo_name);
4716
0
    }
4717
0
  else
4718
0
    uid = generate_user_id (pub_keyblock, uidstring);
4719
0
  if (!uid)
4720
0
    {
4721
0
      if (uidstring)
4722
0
        {
4723
0
          write_status_error ("adduid", gpg_error (304));
4724
0
          log_error ("%s\n", _("Such a user ID already exists on this key!"));
4725
0
        }
4726
0
      return 0;
4727
0
    }
4728
4729
0
  err = make_keysig_packet (ctrl, &sig, pk, uid, NULL, pk, 0x13, 0, 0,
4730
0
                            keygen_add_std_prefs, pk, NULL);
4731
0
  if (err)
4732
0
    {
4733
0
      write_status_error ("keysig", err);
4734
0
      log_error ("signing failed: %s\n", gpg_strerror (err));
4735
0
      free_user_id (uid);
4736
0
      return 0;
4737
0
    }
4738
4739
  /* Insert/append to public keyblock */
4740
0
  pkt = xmalloc_clear (sizeof *pkt);
4741
0
  pkt->pkttype = PKT_USER_ID;
4742
0
  pkt->pkt.user_id = uid;
4743
0
  node = new_kbnode (pkt);
4744
0
  if (pub_where)
4745
0
    insert_kbnode (pub_where, node, 0);
4746
0
  else
4747
0
    add_kbnode (pub_keyblock, node);
4748
0
  pkt = xmalloc_clear (sizeof *pkt);
4749
0
  pkt->pkttype = PKT_SIGNATURE;
4750
0
  pkt->pkt.signature = sig;
4751
0
  if (pub_where)
4752
0
    insert_kbnode (node, new_kbnode (pkt), 0);
4753
0
  else
4754
0
    add_kbnode (pub_keyblock, new_kbnode (pkt));
4755
0
  return 1;
4756
0
}
4757
4758
4759
/*
4760
 * Remove all selected userids from the keyring
4761
 */
4762
static void
4763
menu_deluid (KBNODE pub_keyblock)
4764
0
{
4765
0
  KBNODE node;
4766
0
  int selected = 0;
4767
4768
0
  for (node = pub_keyblock; node; node = node->next)
4769
0
    {
4770
0
      if (node->pkt->pkttype == PKT_USER_ID)
4771
0
  {
4772
0
    selected = node->flag & NODFLG_SELUID;
4773
0
    if (selected)
4774
0
      {
4775
        /* Only cause a trust update if we delete a
4776
           non-revoked user id */
4777
0
        if (!node->pkt->pkt.user_id->flags.revoked)
4778
0
    update_trust = 1;
4779
0
        delete_kbnode (node);
4780
0
      }
4781
0
  }
4782
0
      else if (selected && node->pkt->pkttype == PKT_SIGNATURE)
4783
0
  delete_kbnode (node);
4784
0
      else if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
4785
0
  selected = 0;
4786
0
    }
4787
0
  commit_kbnode (&pub_keyblock);
4788
0
}
4789
4790
4791
static int
4792
menu_delsig (ctrl_t ctrl, kbnode_t pub_keyblock)
4793
0
{
4794
0
  KBNODE node;
4795
0
  PKT_user_id *uid = NULL;
4796
0
  int changed = 0;
4797
4798
0
  for (node = pub_keyblock; node; node = node->next)
4799
0
    {
4800
0
      if (node->pkt->pkttype == PKT_USER_ID)
4801
0
  {
4802
0
    uid = (node->flag & NODFLG_SELUID) ? node->pkt->pkt.user_id : NULL;
4803
0
  }
4804
0
      else if (uid && node->pkt->pkttype == PKT_SIGNATURE)
4805
0
  {
4806
0
    int okay, valid, selfsig, inv_sig, no_key, other_err;
4807
4808
0
    tty_printf ("uid  ");
4809
0
    tty_print_utf8_string (uid->name, uid->len);
4810
0
    tty_printf ("\n");
4811
4812
0
    okay = inv_sig = no_key = other_err = 0;
4813
0
    if (opt.with_colons)
4814
0
      valid = print_and_check_one_sig_colon (ctrl, pub_keyblock, node,
4815
0
               &inv_sig, &no_key,
4816
0
               &other_err, &selfsig, 1);
4817
0
    else
4818
0
      valid = print_and_check_one_sig (ctrl, pub_keyblock, node,
4819
0
               &inv_sig, &no_key, &other_err,
4820
0
               &selfsig, 1, 0);
4821
4822
0
    if (valid)
4823
0
      {
4824
0
        okay = cpr_get_answer_yes_no_quit
4825
0
                ("keyedit.delsig.valid",
4826
0
                 _("Delete this good signature? (y/N/q)"));
4827
4828
        /* Only update trust if we delete a good signature.
4829
           The other two cases do not affect trust. */
4830
0
        if (okay)
4831
0
    update_trust = 1;
4832
0
      }
4833
0
    else if (inv_sig || other_err)
4834
0
      okay = cpr_get_answer_yes_no_quit
4835
0
              ("keyedit.delsig.invalid",
4836
0
               _("Delete this invalid signature? (y/N/q)"));
4837
0
    else if (no_key)
4838
0
      okay = cpr_get_answer_yes_no_quit
4839
0
              ("keyedit.delsig.unknown",
4840
0
               _("Delete this unknown signature? (y/N/q)"));
4841
4842
0
    if (okay == -1)
4843
0
      break;
4844
0
    if (okay && selfsig
4845
0
        && !cpr_get_answer_is_yes
4846
0
              ("keyedit.delsig.selfsig",
4847
0
               _("Really delete this self-signature? (y/N)")))
4848
0
      okay = 0;
4849
0
    if (okay)
4850
0
      {
4851
0
        delete_kbnode (node);
4852
0
        changed++;
4853
0
      }
4854
4855
0
  }
4856
0
      else if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
4857
0
  uid = NULL;
4858
0
    }
4859
4860
0
  if (changed)
4861
0
    {
4862
0
      commit_kbnode (&pub_keyblock);
4863
0
      tty_printf (ngettext("Deleted %d signature.\n",
4864
0
                           "Deleted %d signatures.\n", changed), changed);
4865
0
    }
4866
0
  else
4867
0
    tty_printf (_("Nothing deleted.\n"));
4868
4869
0
  return changed;
4870
0
}
4871
4872
4873
/* Note: OPTIONS are from the EXPORT_* set. */
4874
static int
4875
menu_clean (ctrl_t ctrl, kbnode_t keyblock, unsigned int options)
4876
0
{
4877
0
  KBNODE uidnode;
4878
0
  int modified = 0;
4879
0
  int select_all = !count_selected_uids (keyblock);
4880
4881
0
  for (uidnode = keyblock->next;
4882
0
       uidnode && uidnode->pkt->pkttype != PKT_PUBLIC_SUBKEY;
4883
0
       uidnode = uidnode->next)
4884
0
    {
4885
0
      if (uidnode->pkt->pkttype == PKT_USER_ID
4886
0
    && (uidnode->flag & NODFLG_SELUID || select_all))
4887
0
  {
4888
0
    int uids = 0, sigs = 0;
4889
0
    char *user = utf8_to_native (uidnode->pkt->pkt.user_id->name,
4890
0
               uidnode->pkt->pkt.user_id->len,
4891
0
               0);
4892
4893
0
    clean_one_uid (ctrl, keyblock, uidnode, opt.verbose, options,
4894
0
                         &uids, &sigs);
4895
0
    if (uids)
4896
0
      {
4897
0
        const char *reason;
4898
4899
0
        if (uidnode->pkt->pkt.user_id->flags.revoked)
4900
0
    reason = _("revoked");
4901
0
        else if (uidnode->pkt->pkt.user_id->flags.expired)
4902
0
    reason = _("expired");
4903
0
        else
4904
0
    reason = _("invalid");
4905
4906
0
        tty_printf (_("User ID \"%s\" compacted: %s\n"), user, reason);
4907
4908
0
        modified = 1;
4909
0
      }
4910
0
    else if (sigs)
4911
0
      {
4912
0
        tty_printf (ngettext("User ID \"%s\": %d signature removed\n",
4913
0
                                   "User ID \"%s\": %d signatures removed\n",
4914
0
                                   sigs), user, sigs);
4915
0
        modified = 1;
4916
0
      }
4917
0
    else
4918
0
      {
4919
0
        tty_printf ((options & EXPORT_MINIMAL)?
4920
0
        _("User ID \"%s\": already minimized\n") :
4921
0
        _("User ID \"%s\": already clean\n"), user);
4922
0
      }
4923
4924
0
    xfree (user);
4925
0
  }
4926
0
    }
4927
4928
0
  return modified;
4929
0
}
4930
4931
4932
/*
4933
 * Remove some of the secondary keys
4934
 */
4935
static void
4936
menu_delkey (KBNODE pub_keyblock)
4937
0
{
4938
0
  KBNODE node;
4939
0
  int selected = 0;
4940
4941
0
  for (node = pub_keyblock; node; node = node->next)
4942
0
    {
4943
0
      if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
4944
0
  {
4945
0
    selected = node->flag & NODFLG_SELKEY;
4946
0
    if (selected)
4947
0
            delete_kbnode (node);
4948
0
  }
4949
0
      else if (selected && node->pkt->pkttype == PKT_SIGNATURE)
4950
0
  delete_kbnode (node);
4951
0
      else
4952
0
  selected = 0;
4953
0
    }
4954
0
  commit_kbnode (&pub_keyblock);
4955
4956
  /* No need to set update_trust here since signing keys are no
4957
     longer used to certify other keys, so there is no change in
4958
     trust when revoking/removing them.   */
4959
0
}
4960
4961
4962
/*
4963
 * Ask for a new revoker, create the self-signature and put it into
4964
 * the keyblock.  Returns true if there is a new revoker.
4965
 */
4966
static int
4967
menu_addrevoker (ctrl_t ctrl, kbnode_t pub_keyblock, int sensitive)
4968
0
{
4969
0
  PKT_public_key *pk = NULL;
4970
0
  PKT_public_key *revoker_pk = NULL;
4971
0
  PKT_signature *sig = NULL;
4972
0
  PACKET *pkt;
4973
0
  struct revocation_key revkey;
4974
0
  size_t fprlen;
4975
0
  int rc;
4976
4977
0
  log_assert (pub_keyblock->pkt->pkttype == PKT_PUBLIC_KEY);
4978
4979
0
  pk = pub_keyblock->pkt->pkt.public_key;
4980
4981
0
  if (pk->numrevkeys == 0 && pk->version == 3)
4982
0
    {
4983
      /* It is legal but bad for compatibility to add a revoker to a
4984
         v3 key as it means that PGP2 will not be able to use that key
4985
         anymore.  Also, PGP may not expect a revoker on a v3 key.
4986
         Don't bother to ask this if the key already has a revoker -
4987
         any damage has already been done at that point. -dms */
4988
0
      if (opt.expert)
4989
0
  {
4990
0
    tty_printf (_("WARNING: This is a PGP 2.x-style key.  "
4991
0
      "Adding a designated revoker may cause\n"
4992
0
      "         some versions of PGP to reject this key.\n"));
4993
4994
0
    if (!cpr_get_answer_is_yes ("keyedit.v3_revoker.okay",
4995
0
              _("Are you sure you still want "
4996
0
          "to add it? (y/N) ")))
4997
0
      return 0;
4998
0
  }
4999
0
      else
5000
0
  {
5001
0
    tty_printf (_("You may not add a designated revoker to "
5002
0
      "a PGP 2.x-style key.\n"));
5003
0
    return 0;
5004
0
  }
5005
0
    }
5006
5007
0
  for (;;)
5008
0
    {
5009
0
      char *answer;
5010
5011
0
      free_public_key (revoker_pk);
5012
0
      revoker_pk = xmalloc_clear (sizeof (*revoker_pk));
5013
5014
0
      tty_printf ("\n");
5015
5016
0
      answer = cpr_get_utf8
5017
0
        ("keyedit.add_revoker",
5018
0
         _("Enter the user ID of the designated revoker: "));
5019
0
      if (answer[0] == '\0' || answer[0] == CONTROL_D)
5020
0
  {
5021
0
    xfree (answer);
5022
0
    goto fail;
5023
0
  }
5024
5025
      /* Note that I'm requesting CERT here, which usually implies
5026
         primary keys only, but some casual testing shows that PGP and
5027
         GnuPG both can handle a designated revocation from a subkey. */
5028
0
      revoker_pk->req_usage = PUBKEY_USAGE_CERT;
5029
0
      rc = get_pubkey_byname (ctrl, GET_PUBKEY_NO_AKL,
5030
0
                              NULL, revoker_pk, answer, NULL, NULL, 1);
5031
0
      if (rc)
5032
0
  {
5033
0
    log_error (_("key \"%s\" not found: %s\n"), answer,
5034
0
         gpg_strerror (rc));
5035
0
    xfree (answer);
5036
0
    continue;
5037
0
  }
5038
5039
0
      xfree (answer);
5040
5041
0
      fingerprint_from_pk (revoker_pk, revkey.fpr, &fprlen);
5042
0
      if (fprlen != 20 && fprlen != 32)
5043
0
  {
5044
0
    log_error (_("cannot appoint a PGP 2.x style key as a "
5045
0
           "designated revoker\n"));
5046
0
    continue;
5047
0
  }
5048
5049
0
      revkey.fprlen = fprlen;
5050
0
      revkey.class = 0x80;
5051
0
      if (sensitive)
5052
0
  revkey.class |= 0x40;
5053
0
      revkey.algid = revoker_pk->pubkey_algo;
5054
5055
0
      if (cmp_public_keys (revoker_pk, pk) == 0)
5056
0
  {
5057
    /* This actually causes no harm (after all, a key that
5058
       designates itself as a revoker is the same as a
5059
       regular key), but it's easy enough to check. */
5060
0
    log_error (_("you cannot appoint a key as its own "
5061
0
           "designated revoker\n"));
5062
5063
0
    continue;
5064
0
  }
5065
5066
0
      keyid_from_pk (pk, NULL);
5067
5068
      /* Does this revkey already exist? */
5069
0
      if (!pk->revkey && pk->numrevkeys)
5070
0
  BUG ();
5071
0
      else
5072
0
  {
5073
0
    int i;
5074
5075
0
    for (i = 0; i < pk->numrevkeys; i++)
5076
0
      {
5077
0
        if (memcmp (&pk->revkey[i], &revkey,
5078
0
        sizeof (struct revocation_key)) == 0)
5079
0
    {
5080
0
      char buf[50];
5081
5082
0
      log_error (_("this key has already been designated "
5083
0
             "as a revoker\n"));
5084
5085
0
                  format_keyid (pk_keyid (pk), KF_LONG, buf, sizeof (buf));
5086
0
      write_status_text (STATUS_ALREADY_SIGNED, buf);
5087
5088
0
      break;
5089
0
    }
5090
0
      }
5091
5092
0
    if (i < pk->numrevkeys)
5093
0
      continue;
5094
0
  }
5095
5096
0
      print_key_info (ctrl, NULL, 0, revoker_pk, 0);
5097
0
      print_fingerprint (ctrl, NULL, revoker_pk, 2);
5098
0
      tty_printf ("\n");
5099
5100
0
      tty_printf (_("WARNING: appointing a key as a designated revoker "
5101
0
        "cannot be undone!\n"));
5102
5103
0
      tty_printf ("\n");
5104
5105
0
      if (!cpr_get_answer_is_yes ("keyedit.add_revoker.okay",
5106
0
          _("Are you sure you want to appoint this "
5107
0
            "key as a designated revoker? (y/N) ")))
5108
0
  continue;
5109
5110
0
      free_public_key (revoker_pk);
5111
0
      revoker_pk = NULL;
5112
0
      break;
5113
0
    }
5114
5115
0
  rc = make_keysig_packet (ctrl, &sig, pk, NULL, NULL, pk, 0x1F, 0, 0,
5116
0
         keygen_add_revkey, &revkey, NULL);
5117
0
  if (rc)
5118
0
    {
5119
0
      write_status_error ("keysig", rc);
5120
0
      log_error ("signing failed: %s\n", gpg_strerror (rc));
5121
0
      goto fail;
5122
0
    }
5123
5124
  /* Insert into public keyblock.  */
5125
0
  pkt = xmalloc_clear (sizeof *pkt);
5126
0
  pkt->pkttype = PKT_SIGNATURE;
5127
0
  pkt->pkt.signature = sig;
5128
0
  insert_kbnode (pub_keyblock, new_kbnode (pkt), PKT_SIGNATURE);
5129
5130
0
  return 1;
5131
5132
0
fail:
5133
0
  if (sig)
5134
0
    free_seckey_enc (sig);
5135
0
  free_public_key (revoker_pk);
5136
5137
0
  return 0;
5138
0
}
5139
5140
5141
/* Core function to add an ADSK to the KEYBLOCK.  Returns 0 on success
5142
 * or an error code.  If SIGTIMESTAMP is not 0 it is used for the key
5143
 * binding signature creation time; if not given the current time is
5144
 * used.  CACHE_NONCE can be used to avoid a second Pinetry pop-up for
5145
 * appending the ADSK. */
5146
gpg_error_t
5147
append_adsk_to_key (ctrl_t ctrl, kbnode_t keyblock, PKT_public_key *adsk,
5148
                    u32 sigtimestamp, const char *cache_nonce)
5149
0
{
5150
0
  gpg_error_t err;
5151
0
  PKT_public_key *main_pk;  /* The primary key.  */
5152
0
  PKT_signature *sig = NULL;
5153
0
  kbnode_t adsknode = NULL;
5154
0
  PACKET *pkt;  /* (temp. use; will be put into a kbnode_t)  */
5155
5156
  /* First get a copy.  */
5157
0
  adsk = copy_public_key_basics (NULL, adsk);
5158
5159
  /* Check compliance.  */
5160
0
  if (!gnupg_pk_is_compliant (opt.compliance, adsk->pubkey_algo, 0,
5161
0
                              adsk->pkey, nbits_from_pk (adsk), NULL))
5162
0
    {
5163
0
      char pkhex[MAX_FINGERPRINT_LEN*2+1];
5164
5165
0
      hexfingerprint (adsk, pkhex, sizeof pkhex);
5166
0
      log_error (_("WARNING: key %s is not suitable for encryption"
5167
0
                   " in %s mode\n"),
5168
0
                 pkhex, gnupg_compliance_option_string (opt.compliance));
5169
0
      err = gpg_error (GPG_ERR_FORBIDDEN);
5170
0
      goto leave;
5171
0
    }
5172
5173
  /* Get the primary key.  */
5174
0
  log_assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY);
5175
0
  main_pk = keyblock->pkt->pkt.public_key;
5176
5177
  /* Prepare and append the adsk.  */
5178
0
  keyid_from_pk (main_pk, adsk->main_keyid); /* Fixup main keyid.  */
5179
0
  log_assert ((adsk->pubkey_usage & PUBKEY_USAGE_XENC_MASK));
5180
0
  adsk->pubkey_usage = PUBKEY_USAGE_RENC;    /* 'e' or 'r' -> 'r'  */
5181
0
  pkt = xtrycalloc (1, sizeof *pkt);
5182
0
  if (!pkt)
5183
0
    {
5184
0
      err = gpg_error_from_syserror ();
5185
0
      goto leave;
5186
0
    }
5187
0
  pkt->pkttype = PKT_PUBLIC_SUBKEY;    /* Make sure it is a subkey.  */
5188
0
  pkt->pkt.public_key = adsk;
5189
0
  adsknode = new_kbnode (pkt);
5190
5191
  /* Make the signature.  */
5192
0
  err = make_keysig_packet (ctrl, &sig, main_pk, NULL, adsk, main_pk, 0x18,
5193
0
                            sigtimestamp, 0,
5194
0
                            keygen_add_key_flags_and_expire, adsk, cache_nonce);
5195
0
  adsk = NULL; /* (owned by adsknode - avoid double free.)  */
5196
0
  if (err)
5197
0
    {
5198
0
      write_status_error ("keysig", err);
5199
0
      log_error ("creating key binding failed: %s\n", gpg_strerror (err));
5200
0
      goto leave;
5201
0
    }
5202
5203
  /* Append the subkey packet and the binding signature.  */
5204
0
  add_kbnode (keyblock, adsknode);
5205
0
  adsknode = NULL;
5206
0
  pkt = xtrycalloc (1, sizeof *pkt);
5207
0
  if (!pkt)
5208
0
    {
5209
0
      err = gpg_error_from_syserror ();
5210
0
      goto leave;
5211
0
    }
5212
0
  pkt->pkttype = PKT_SIGNATURE;
5213
0
  pkt->pkt.signature = sig;
5214
0
  add_kbnode (keyblock, new_kbnode (pkt));
5215
5216
0
 leave:
5217
0
  release_kbnode (adsknode);
5218
0
  free_public_key (adsk);  /* Release our copy.  */
5219
0
  return err;
5220
0
}
5221
5222
5223
/*
5224
 * Ask for a new additional decryption subkey and add it to the key
5225
 * block.  Returns true if the keyblock was changed and false
5226
 * otherwise.  If ADSKFPR is not NULL, this function has been called
5227
 * by quick_addadsk and gives the fingerprint of the to be added key.
5228
 */
5229
static int
5230
menu_addadsk (ctrl_t ctrl, kbnode_t pub_keyblock, const char *adskfpr)
5231
0
{
5232
0
  PKT_public_key *pk;
5233
0
  PKT_public_key *adsk_pk = NULL;
5234
0
  kbnode_t adsk_keyblock = NULL;
5235
0
  char *answer = NULL;
5236
0
  gpg_error_t err;
5237
0
  KEYDB_SEARCH_DESC desc;
5238
0
  byte fpr[MAX_FINGERPRINT_LEN];
5239
0
  size_t fprlen;
5240
0
  kbnode_t node;
5241
0
  u32 sigtimestamp = make_timestamp ();
5242
5243
0
  log_assert (pub_keyblock->pkt->pkttype == PKT_PUBLIC_KEY);
5244
5245
0
  for (;;)
5246
0
    {
5247
0
      xfree (answer);
5248
0
      if (adskfpr)
5249
0
        answer = xstrdup (adskfpr);
5250
0
      else
5251
0
        {
5252
0
          answer = cpr_get_utf8
5253
0
            ("keyedit.addadsk",
5254
0
             _("Enter the fingerprint of the additional decryption subkey: "));
5255
0
          if (answer[0] == '\0' || answer[0] == CONTROL_D)
5256
0
            {
5257
0
              err = gpg_error (GPG_ERR_CANCELED);
5258
0
              goto leave;
5259
0
            }
5260
0
        }
5261
0
      if (classify_user_id (answer, &desc, 1)
5262
0
          || desc.mode != KEYDB_SEARCH_MODE_FPR)
5263
0
        {
5264
0
          log_info (_("\"%s\" is not a fingerprint\n"), answer);
5265
0
          err = gpg_error (GPG_ERR_INV_USER_ID);
5266
0
          if (adskfpr)
5267
0
            goto leave;
5268
0
          continue;
5269
0
        }
5270
5271
      /* Force searching for that exact fingerprint and for any key
5272
       * which has a key with that fingerprint.  */
5273
0
      if (!strchr (answer, '!'))
5274
0
        {
5275
0
          char *tmpstr = xstrconcat (answer, "!", NULL);
5276
0
          xfree (answer);
5277
0
          answer = tmpstr;
5278
0
        }
5279
5280
0
      free_public_key (adsk_pk);
5281
0
      adsk_pk = xcalloc (1, sizeof *adsk_pk);
5282
0
      adsk_pk->req_usage = PUBKEY_USAGE_ENC;
5283
0
      release_kbnode (adsk_keyblock);
5284
0
      adsk_keyblock = NULL;
5285
0
      err = get_pubkey_byname (ctrl, GET_PUBKEY_NO_AKL,
5286
0
                               NULL, adsk_pk, answer, &adsk_keyblock, NULL, 1);
5287
0
      if (err)
5288
0
        {
5289
0
          write_status_error ("add_adsk", err);
5290
0
          log_info (_("key \"%s\" not found: %s\n"), answer,
5291
0
                    gpg_strerror (err));
5292
0
          if ((!opt.batch || adskfpr) && !opt.quiet
5293
0
              && gpg_err_code (err) == GPG_ERR_UNUSABLE_PUBKEY)
5294
0
            log_info (_("Did you specify the fingerprint of a subkey?\n"));
5295
0
          if (adskfpr)
5296
0
            goto leave;
5297
0
    continue;
5298
0
  }
5299
5300
0
      for (node = adsk_keyblock; node; node = node->next)
5301
0
        {
5302
0
          if (node->pkt->pkttype == PKT_PUBLIC_KEY
5303
0
              || node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
5304
0
            {
5305
0
              pk = node->pkt->pkt.public_key;
5306
0
              fingerprint_from_pk (pk, fpr, &fprlen);
5307
0
              if (fprlen == desc.fprlen
5308
0
                  && !memcmp (fpr, desc.u.fpr, fprlen)
5309
0
                  && (pk->pubkey_usage & PUBKEY_USAGE_ENC))
5310
0
                break;
5311
0
            }
5312
0
        }
5313
0
      if (!node)
5314
0
        {
5315
0
          write_status_error ("add_adsk", err);
5316
0
          err = gpg_error (GPG_ERR_WRONG_KEY_USAGE);
5317
0
          log_info (_("key \"%s\" not found: %s\n"), answer,
5318
0
                    gpg_strerror (err));
5319
0
          if ((!opt.batch || adskfpr) && !opt.quiet)
5320
0
            log_info (_("Did you specify the fingerprint of a subkey?\n"));
5321
0
          if (adskfpr)
5322
0
            goto leave;
5323
0
    continue;
5324
0
        }
5325
5326
      /* Check that the selected subkey is not yet on our keyblock.  */
5327
0
      err = has_key_with_fingerprint (pub_keyblock, desc.u.fpr, desc.fprlen);
5328
0
      if (err)
5329
0
        {
5330
0
          log_info (_("key \"%s\" is already on this keyblock\n"), answer);
5331
0
          if (adskfpr)
5332
0
            goto leave;
5333
0
          continue;
5334
0
        }
5335
5336
0
      break;
5337
0
    }
5338
5339
  /* Append the subkey.  */
5340
0
  log_assert (node->pkt->pkttype == PKT_PUBLIC_KEY
5341
0
              || node->pkt->pkttype == PKT_PUBLIC_SUBKEY);
5342
0
  err = append_adsk_to_key (ctrl, pub_keyblock, node->pkt->pkt.public_key,
5343
0
                            sigtimestamp, NULL);
5344
5345
5346
0
 leave:
5347
0
  xfree (answer);
5348
0
  free_public_key (adsk_pk);
5349
0
  release_kbnode (adsk_keyblock);
5350
0
  if (!err)
5351
0
    return 1; /* The keyblock was modified.  */
5352
0
  else
5353
0
    return 0; /* Not modified.  */
5354
5355
0
}
5356
5357
5358
/* With FORCE_MAINKEY cleared this function handles the interactive
5359
 * menu option "expire".  With UNATTENDED set to 1 this function only
5360
 * sets the expiration date of the primary key to NEWEXPIRATION and
5361
 * avoid all interactivity; with a value of 2 only the flagged subkeys
5362
 * are set to NEWEXPIRATION.  Returns 0 if nothing was done,
5363
 * GPG_ERR_TRUE if the key was modified, or any other error code. */
5364
static gpg_error_t
5365
menu_expire (ctrl_t ctrl, kbnode_t pub_keyblock,
5366
             int unattended, u32 newexpiration)
5367
0
{
5368
0
  int signumber, rc;
5369
0
  u32 expiredate;
5370
0
  int only_mainkey;  /* Set if only the mainkey is to be updated.  */
5371
0
  PKT_public_key *main_pk, *sub_pk;
5372
0
  PKT_user_id *uid;
5373
0
  kbnode_t node;
5374
0
  u32 keyid[2];
5375
5376
0
  (void)signumber;
5377
0
  if (unattended)
5378
0
    {
5379
0
      only_mainkey = (unattended == 1);
5380
0
      expiredate = newexpiration;
5381
0
    }
5382
0
  else
5383
0
    {
5384
0
      int n1;
5385
5386
0
      only_mainkey = 0;
5387
0
      n1 = count_selected_keys (pub_keyblock);
5388
0
      if (n1 > 1)
5389
0
        {
5390
0
          if (!cpr_get_answer_is_yes
5391
0
              ("keyedit.expire_multiple_subkeys.okay",
5392
0
               _("Are you sure you want to change the"
5393
0
                 " expiration time for multiple subkeys? (y/N) ")))
5394
0
            return gpg_error (GPG_ERR_CANCELED);;
5395
0
        }
5396
0
      else if (n1)
5397
0
        tty_printf (_("Changing expiration time for a subkey.\n"));
5398
0
      else
5399
0
        {
5400
0
          tty_printf (_("Changing expiration time for the primary key.\n"));
5401
0
          only_mainkey = 1;
5402
0
          no_primary_warning (pub_keyblock);
5403
0
        }
5404
5405
0
      expiredate = ask_expiredate ();
5406
0
    }
5407
5408
5409
  /* Now we can actually change the self-signature(s) */
5410
0
  main_pk = sub_pk = NULL;
5411
0
  uid = NULL;
5412
0
  signumber = 0;
5413
0
  for (node = pub_keyblock; node; node = node->next)
5414
0
    {
5415
0
      if (node->pkt->pkttype == PKT_PUBLIC_KEY)
5416
0
  {
5417
0
    main_pk = node->pkt->pkt.public_key;
5418
0
    keyid_from_pk (main_pk, keyid);
5419
0
    main_pk->expiredate = expiredate;
5420
0
  }
5421
0
      else if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
5422
0
  {
5423
0
          if ((node->flag & NODFLG_SELKEY) && unattended != 1)
5424
0
            {
5425
              /* The flag is set and we do not want to set the
5426
               * expiration date only for the main key.  */
5427
0
              sub_pk = node->pkt->pkt.public_key;
5428
0
              sub_pk->expiredate = expiredate;
5429
0
            }
5430
0
          else
5431
0
            sub_pk = NULL;
5432
0
  }
5433
0
      else if (node->pkt->pkttype == PKT_USER_ID)
5434
0
  uid = node->pkt->pkt.user_id;
5435
0
      else if (main_pk && node->pkt->pkttype == PKT_SIGNATURE
5436
0
         && (only_mainkey || sub_pk))
5437
0
  {
5438
0
    PKT_signature *sig = node->pkt->pkt.signature;
5439
5440
0
    if (keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
5441
0
        && ((only_mainkey && uid
5442
0
       && uid->created && (sig->sig_class & ~3) == 0x10)
5443
0
      || (!only_mainkey && sig->sig_class == 0x18))
5444
0
        && sig->flags.chosen_selfsig)
5445
0
      {
5446
        /* This is a self-signature which is to be replaced.  */
5447
0
        PKT_signature *newsig;
5448
0
        PACKET *newpkt;
5449
5450
0
        signumber++;
5451
5452
0
        if ((only_mainkey && main_pk->version < 4)
5453
0
      || (!only_mainkey && sub_pk->version < 4))
5454
0
    {
5455
0
      log_info
5456
0
                    (_("You can't change the expiration date of a v3 key\n"));
5457
0
      return gpg_error (GPG_ERR_LEGACY_KEY);
5458
0
    }
5459
5460
0
        if (only_mainkey)
5461
0
    rc = update_keysig_packet (ctrl,
5462
0
                                           &newsig, sig, main_pk, uid, NULL,
5463
0
             main_pk, keygen_add_key_expire,
5464
0
             main_pk);
5465
0
        else
5466
0
    rc =
5467
0
      update_keysig_packet (ctrl,
5468
0
                                        &newsig, sig, main_pk, NULL, sub_pk,
5469
0
          main_pk, keygen_add_key_expire, sub_pk);
5470
0
        if (rc)
5471
0
    {
5472
0
      log_error ("make_keysig_packet failed: %s\n",
5473
0
           gpg_strerror (rc));
5474
0
                  if (gpg_err_code (rc) == GPG_ERR_TRUE)
5475
0
                    rc = GPG_ERR_GENERAL;
5476
0
      return rc;
5477
0
    }
5478
5479
        /* Replace the packet.  */
5480
0
        newpkt = xmalloc_clear (sizeof *newpkt);
5481
0
        newpkt->pkttype = PKT_SIGNATURE;
5482
0
        newpkt->pkt.signature = newsig;
5483
0
        free_packet (node->pkt, NULL);
5484
0
        xfree (node->pkt);
5485
0
        node->pkt = newpkt;
5486
0
        sub_pk = NULL;
5487
0
      }
5488
0
  }
5489
0
    }
5490
5491
0
  update_trust = 1;
5492
0
  return gpg_error (GPG_ERR_TRUE);
5493
0
}
5494
5495
5496
/* Change the capability of a selected key.  This command should only
5497
 * be used to rectify badly created keys and as such is not suggested
5498
 * for general use.  */
5499
static int
5500
menu_changeusage (ctrl_t ctrl, kbnode_t keyblock)
5501
0
{
5502
0
  int n1, rc;
5503
0
  int mainkey = 0;
5504
0
  PKT_public_key *main_pk, *sub_pk;
5505
0
  PKT_user_id *uid;
5506
0
  kbnode_t node;
5507
0
  u32 keyid[2];
5508
5509
0
  n1 = count_selected_keys (keyblock);
5510
0
  if (n1 > 1)
5511
0
    {
5512
0
      tty_printf (_("You must select exactly one key.\n"));
5513
0
      return 0;
5514
0
    }
5515
0
  else if (n1)
5516
0
    tty_printf (_("Changing usage of a subkey.\n"));
5517
0
  else
5518
0
    {
5519
0
      tty_printf (_("Changing usage of the primary key.\n"));
5520
0
      mainkey = 1;
5521
0
    }
5522
5523
  /* Now we can actually change the self-signature(s) */
5524
0
  main_pk = sub_pk = NULL;
5525
0
  uid = NULL;
5526
0
  for (node = keyblock; node; node = node->next)
5527
0
    {
5528
0
      if (node->pkt->pkttype == PKT_PUBLIC_KEY)
5529
0
  {
5530
0
    main_pk = node->pkt->pkt.public_key;
5531
0
    keyid_from_pk (main_pk, keyid);
5532
0
  }
5533
0
      else if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
5534
0
  {
5535
0
          if (node->flag & NODFLG_SELKEY)
5536
0
            sub_pk = node->pkt->pkt.public_key;
5537
0
          else
5538
0
            sub_pk = NULL;
5539
0
  }
5540
0
      else if (node->pkt->pkttype == PKT_USER_ID)
5541
0
  uid = node->pkt->pkt.user_id;
5542
0
      else if (main_pk && node->pkt->pkttype == PKT_SIGNATURE
5543
0
         && (mainkey || sub_pk))
5544
0
  {
5545
0
    PKT_signature *sig = node->pkt->pkt.signature;
5546
0
    if (keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
5547
0
        && ((mainkey && uid
5548
0
       && uid->created && (sig->sig_class & ~3) == 0x10)
5549
0
      || (!mainkey && sig->sig_class == 0x18))
5550
0
        && sig->flags.chosen_selfsig)
5551
0
      {
5552
        /* This is the self-signature which is to be replaced.  */
5553
0
        PKT_signature *newsig;
5554
0
        PACKET *newpkt;
5555
5556
0
        if ((mainkey && main_pk->version < 4)
5557
0
      || (!mainkey && sub_pk->version < 4))
5558
0
    {
5559
                  /* Note: This won't happen because we don't support
5560
                   * v3 keys anymore.  */
5561
0
      log_info ("You can't change the capabilities of a v3 key\n");
5562
0
      return 0;
5563
0
    }
5564
5565
0
              if (mainkey)
5566
0
                main_pk->pubkey_usage = ask_key_flags (main_pk->pubkey_algo, 0,
5567
0
                                                       main_pk->pubkey_usage);
5568
0
              else
5569
0
                sub_pk->pubkey_usage  = ask_key_flags (sub_pk->pubkey_algo, 1,
5570
0
                                                       sub_pk->pubkey_usage);
5571
5572
0
        if (mainkey)
5573
0
    rc = update_keysig_packet (ctrl,
5574
0
                                           &newsig, sig, main_pk, uid, NULL,
5575
0
             main_pk, keygen_add_key_flags,
5576
0
             main_pk);
5577
0
        else
5578
0
    rc =
5579
0
      update_keysig_packet (ctrl,
5580
0
                                        &newsig, sig, main_pk, NULL, sub_pk,
5581
0
          main_pk, keygen_add_key_flags, sub_pk);
5582
0
        if (rc)
5583
0
    {
5584
0
      log_error ("make_keysig_packet failed: %s\n",
5585
0
                             gpg_strerror (rc));
5586
0
      return 0;
5587
0
    }
5588
5589
        /* Replace the packet.  */
5590
0
        newpkt = xmalloc_clear (sizeof *newpkt);
5591
0
        newpkt->pkttype = PKT_SIGNATURE;
5592
0
        newpkt->pkt.signature = newsig;
5593
0
        free_packet (node->pkt, NULL);
5594
0
        xfree (node->pkt);
5595
0
        node->pkt = newpkt;
5596
0
        sub_pk = NULL;
5597
0
              break;
5598
0
      }
5599
0
  }
5600
0
    }
5601
5602
0
  return 1;
5603
0
}
5604
5605
5606
static int
5607
menu_backsign (ctrl_t ctrl, kbnode_t pub_keyblock)
5608
0
{
5609
0
  int rc, modified = 0;
5610
0
  PKT_public_key *main_pk;
5611
0
  KBNODE node;
5612
0
  u32 timestamp;
5613
5614
0
  log_assert (pub_keyblock->pkt->pkttype == PKT_PUBLIC_KEY);
5615
5616
0
  merge_keys_and_selfsig (ctrl, pub_keyblock);
5617
0
  main_pk = pub_keyblock->pkt->pkt.public_key;
5618
0
  keyid_from_pk (main_pk, NULL);
5619
5620
  /* We use the same timestamp for all backsigs so that we don't
5621
     reveal information about the used machine.  */
5622
0
  timestamp = make_timestamp ();
5623
5624
0
  for (node = pub_keyblock; node; node = node->next)
5625
0
    {
5626
0
      PKT_public_key *sub_pk = NULL;
5627
0
      KBNODE node2, sig_pk = NULL /*,sig_sk = NULL*/;
5628
      /* char *passphrase; */
5629
5630
      /* Find a signing subkey with no backsig */
5631
0
      if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
5632
0
  {
5633
0
    if (node->pkt->pkt.public_key->pubkey_usage & PUBKEY_USAGE_SIG)
5634
0
      {
5635
0
        if (node->pkt->pkt.public_key->flags.backsig)
5636
0
    tty_printf (_
5637
0
          ("signing subkey %s is already cross-certified\n"),
5638
0
          keystr_from_pk (node->pkt->pkt.public_key));
5639
0
        else
5640
0
    sub_pk = node->pkt->pkt.public_key;
5641
0
      }
5642
0
    else
5643
0
      tty_printf (_("subkey %s does not sign and so does"
5644
0
        " not need to be cross-certified\n"),
5645
0
      keystr_from_pk (node->pkt->pkt.public_key));
5646
0
  }
5647
5648
0
      if (!sub_pk)
5649
0
  continue;
5650
5651
      /* Find the selected selfsig on this subkey */
5652
0
      for (node2 = node->next;
5653
0
     node2 && node2->pkt->pkttype == PKT_SIGNATURE; node2 = node2->next)
5654
0
  if (node2->pkt->pkt.signature->version >= 4
5655
0
      && node2->pkt->pkt.signature->flags.chosen_selfsig)
5656
0
    {
5657
0
      sig_pk = node2;
5658
0
      break;
5659
0
    }
5660
5661
0
      if (!sig_pk)
5662
0
  continue;
5663
5664
      /* Find the secret subkey that matches the public subkey */
5665
0
      log_debug ("FIXME: Check whether a secret subkey is available.\n");
5666
      /* if (!sub_sk) */
5667
      /*   { */
5668
      /*     tty_printf (_("no secret subkey for public subkey %s - ignoring\n"), */
5669
      /*          keystr_from_pk (sub_pk)); */
5670
      /*     continue; */
5671
      /*   } */
5672
5673
5674
      /* Now we can get to work.  */
5675
5676
0
      rc = make_backsig (ctrl,
5677
0
                         sig_pk->pkt->pkt.signature, main_pk, sub_pk, sub_pk,
5678
0
       timestamp, NULL);
5679
0
      if (!rc)
5680
0
  {
5681
0
    PKT_signature *newsig;
5682
0
    PACKET *newpkt;
5683
5684
0
    rc = update_keysig_packet (ctrl,
5685
0
                                     &newsig, sig_pk->pkt->pkt.signature,
5686
0
                                     main_pk, NULL, sub_pk, main_pk,
5687
0
                                     NULL, NULL);
5688
0
    if (!rc)
5689
0
      {
5690
        /* Put the new sig into place on the pubkey */
5691
0
        newpkt = xmalloc_clear (sizeof (*newpkt));
5692
0
        newpkt->pkttype = PKT_SIGNATURE;
5693
0
        newpkt->pkt.signature = newsig;
5694
0
        free_packet (sig_pk->pkt, NULL);
5695
0
        xfree (sig_pk->pkt);
5696
0
        sig_pk->pkt = newpkt;
5697
5698
0
        modified = 1;
5699
0
      }
5700
0
    else
5701
0
      {
5702
0
        log_error ("update_keysig_packet failed: %s\n",
5703
0
       gpg_strerror (rc));
5704
0
        break;
5705
0
      }
5706
0
  }
5707
0
      else
5708
0
  {
5709
0
    log_error ("make_backsig failed: %s\n", gpg_strerror (rc));
5710
0
    break;
5711
0
  }
5712
0
    }
5713
5714
0
  return modified;
5715
0
}
5716
5717
5718
static int
5719
change_primary_uid_cb (PKT_signature * sig, void *opaque)
5720
0
{
5721
0
  byte buf[1];
5722
5723
  /* first clear all primary uid flags so that we are sure none are
5724
   * lingering around */
5725
0
  delete_sig_subpkt (sig->hashed, SIGSUBPKT_PRIMARY_UID);
5726
0
  delete_sig_subpkt (sig->unhashed, SIGSUBPKT_PRIMARY_UID);
5727
5728
  /* if opaque is set,we want to set the primary id */
5729
0
  if (opaque)
5730
0
    {
5731
0
      buf[0] = 1;
5732
0
      build_sig_subpkt (sig, SIGSUBPKT_PRIMARY_UID, buf, 1);
5733
0
    }
5734
5735
0
  return 0;
5736
0
}
5737
5738
5739
/*
5740
 * Set the primary uid flag for the selected UID.  We will also reset
5741
 * all other primary uid flags.  For this to work we have to update
5742
 * all the signature timestamps.  If we would do this with the current
5743
 * time, we lose quite a lot of information, so we use a kludge to
5744
 * do this: Just increment the timestamp by one second which is
5745
 * sufficient to updated a signature during import.
5746
 */
5747
static int
5748
menu_set_primary_uid (ctrl_t ctrl, kbnode_t pub_keyblock)
5749
0
{
5750
0
  PKT_public_key *main_pk;
5751
0
  PKT_user_id *uid;
5752
0
  KBNODE node;
5753
0
  u32 keyid[2];
5754
0
  int selected;
5755
0
  int attribute = 0;
5756
0
  int modified = 0;
5757
5758
0
  if (count_selected_uids (pub_keyblock) != 1)
5759
0
    {
5760
0
      tty_printf (_("Please select exactly one user ID.\n"));
5761
0
      return 0;
5762
0
    }
5763
5764
0
  main_pk = NULL;
5765
0
  uid = NULL;
5766
0
  selected = 0;
5767
5768
  /* Is our selected uid an attribute packet? */
5769
0
  for (node = pub_keyblock; node; node = node->next)
5770
0
    if (node->pkt->pkttype == PKT_USER_ID && node->flag & NODFLG_SELUID)
5771
0
      attribute = (node->pkt->pkt.user_id->attrib_data != NULL);
5772
5773
0
  for (node = pub_keyblock; node; node = node->next)
5774
0
    {
5775
0
      if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
5776
0
  break; /* No more user ids expected - ready.  */
5777
5778
0
      if (node->pkt->pkttype == PKT_PUBLIC_KEY)
5779
0
  {
5780
0
    main_pk = node->pkt->pkt.public_key;
5781
0
    keyid_from_pk (main_pk, keyid);
5782
0
  }
5783
0
      else if (node->pkt->pkttype == PKT_USER_ID)
5784
0
  {
5785
0
    uid = node->pkt->pkt.user_id;
5786
0
    selected = node->flag & NODFLG_SELUID;
5787
0
  }
5788
0
      else if (main_pk && uid && node->pkt->pkttype == PKT_SIGNATURE)
5789
0
  {
5790
0
    PKT_signature *sig = node->pkt->pkt.signature;
5791
0
    if (keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
5792
0
        && (uid && (sig->sig_class & ~3) == 0x10)
5793
0
        && attribute == (uid->attrib_data != NULL)
5794
0
        && sig->flags.chosen_selfsig)
5795
0
      {
5796
0
        if (sig->version < 4)
5797
0
    {
5798
0
      char *user =
5799
0
        utf8_to_native (uid->name, strlen (uid->name), 0);
5800
5801
0
      log_info (_("skipping v3 self-signature on user ID \"%s\"\n"),
5802
0
                            user);
5803
0
      xfree (user);
5804
0
    }
5805
0
        else
5806
0
    {
5807
      /* This is a selfsignature which is to be replaced.
5808
         We can just ignore v3 signatures because they are
5809
         not able to carry the primary ID flag.  We also
5810
         ignore self-sigs on user IDs that are not of the
5811
         same type that we are making primary.  That is, if
5812
         we are making a user ID primary, we alter user IDs.
5813
         If we are making an attribute packet primary, we
5814
         alter attribute packets. */
5815
5816
      /* FIXME: We must make sure that we only have one
5817
         self-signature per user ID here (not counting
5818
         revocations) */
5819
0
      PKT_signature *newsig;
5820
0
      PACKET *newpkt;
5821
0
      const byte *p;
5822
0
      int action;
5823
5824
      /* See whether this signature has the primary UID flag.  */
5825
0
      p = parse_sig_subpkt (sig, 1,
5826
0
          SIGSUBPKT_PRIMARY_UID, NULL);
5827
0
      if (!p)
5828
0
        p = parse_sig_subpkt (sig, 0,
5829
0
            SIGSUBPKT_PRIMARY_UID, NULL);
5830
0
      if (p && *p) /* yes */
5831
0
        action = selected ? 0 : -1;
5832
0
      else    /* no */
5833
0
        action = selected ? 1 : 0;
5834
5835
0
      if (action)
5836
0
        {
5837
0
          int rc = update_keysig_packet (ctrl, &newsig, sig,
5838
0
                 main_pk, uid, NULL,
5839
0
                 main_pk,
5840
0
                 change_primary_uid_cb,
5841
0
                 action > 0 ? "x" : NULL);
5842
0
          if (rc)
5843
0
      {
5844
0
        log_error ("update_keysig_packet failed: %s\n",
5845
0
             gpg_strerror (rc));
5846
0
        return 0;
5847
0
      }
5848
          /* replace the packet */
5849
0
          newpkt = xmalloc_clear (sizeof *newpkt);
5850
0
          newpkt->pkttype = PKT_SIGNATURE;
5851
0
          newpkt->pkt.signature = newsig;
5852
0
          free_packet (node->pkt, NULL);
5853
0
          xfree (node->pkt);
5854
0
          node->pkt = newpkt;
5855
0
          modified = 1;
5856
0
        }
5857
0
    }
5858
0
      }
5859
0
  }
5860
0
    }
5861
5862
0
  return modified;
5863
0
}
5864
5865
5866
/*
5867
 * Set preferences to new values for the selected user IDs.
5868
 * --quick-update-pred calls this with UNATTENDED set.
5869
 */
5870
static int
5871
menu_set_preferences (ctrl_t ctrl, kbnode_t pub_keyblock, int unattended)
5872
0
{
5873
0
  PKT_public_key *main_pk;
5874
0
  PKT_user_id *uid;
5875
0
  KBNODE node;
5876
0
  u32 keyid[2];
5877
0
  int selected, select_all;
5878
0
  int modified = 0;
5879
5880
0
  if (!unattended)
5881
0
    no_primary_warning (pub_keyblock);
5882
5883
0
  select_all = unattended? 1 : !count_selected_uids (pub_keyblock);
5884
5885
  /* Now we can actually change the self signature(s) */
5886
0
  main_pk = NULL;
5887
0
  uid = NULL;
5888
0
  selected = 0;
5889
0
  for (node = pub_keyblock; node; node = node->next)
5890
0
    {
5891
0
      if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
5892
0
  break; /* No more user-ids expected - ready.  */
5893
5894
0
      if (node->pkt->pkttype == PKT_PUBLIC_KEY)
5895
0
  {
5896
0
    main_pk = node->pkt->pkt.public_key;
5897
0
    keyid_from_pk (main_pk, keyid);
5898
0
  }
5899
0
      else if (node->pkt->pkttype == PKT_USER_ID)
5900
0
  {
5901
0
    uid = node->pkt->pkt.user_id;
5902
0
    selected = select_all || (node->flag & NODFLG_SELUID);
5903
0
  }
5904
0
      else if (main_pk && uid && selected
5905
0
         && node->pkt->pkttype == PKT_SIGNATURE)
5906
0
  {
5907
0
    PKT_signature *sig = node->pkt->pkt.signature;
5908
0
    if (keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
5909
0
        && (uid && (sig->sig_class & ~3) == 0x10)
5910
0
        && sig->flags.chosen_selfsig)
5911
0
      {
5912
0
        if (sig->version < 4)
5913
0
    {
5914
0
      char *user =
5915
0
        utf8_to_native (uid->name, strlen (uid->name), 0);
5916
5917
0
      log_info (_("skipping v3 self-signature on user ID \"%s\"\n"),
5918
0
          user);
5919
0
      xfree (user);
5920
0
    }
5921
0
        else
5922
0
    {
5923
      /* This is a selfsignature which is to be replaced
5924
       * We have to ignore v3 signatures because they are
5925
       * not able to carry the preferences.  */
5926
0
      PKT_signature *newsig;
5927
0
      PACKET *newpkt;
5928
0
      int rc;
5929
5930
0
      rc = update_keysig_packet (ctrl, &newsig, sig,
5931
0
               main_pk, uid, NULL, main_pk,
5932
0
                                             keygen_upd_std_prefs, NULL);
5933
0
      if (rc)
5934
0
        {
5935
0
          log_error ("update_keysig_packet failed: %s\n",
5936
0
         gpg_strerror (rc));
5937
0
          return 0;
5938
0
        }
5939
      /* replace the packet */
5940
0
      newpkt = xmalloc_clear (sizeof *newpkt);
5941
0
      newpkt->pkttype = PKT_SIGNATURE;
5942
0
      newpkt->pkt.signature = newsig;
5943
0
      free_packet (node->pkt, NULL);
5944
0
      xfree (node->pkt);
5945
0
      node->pkt = newpkt;
5946
0
      modified = 1;
5947
0
    }
5948
0
      }
5949
0
  }
5950
0
    }
5951
5952
0
  return modified;
5953
0
}
5954
5955
5956
static int
5957
menu_set_keyserver_url (ctrl_t ctrl, const char *url, kbnode_t pub_keyblock)
5958
0
{
5959
0
  PKT_public_key *main_pk;
5960
0
  PKT_user_id *uid;
5961
0
  KBNODE node;
5962
0
  u32 keyid[2];
5963
0
  int selected, select_all;
5964
0
  int modified = 0;
5965
0
  char *answer, *uri;
5966
5967
0
  no_primary_warning (pub_keyblock);
5968
5969
0
  if (url)
5970
0
    answer = xstrdup (url);
5971
0
  else
5972
0
    {
5973
0
      answer = cpr_get_utf8 ("keyedit.add_keyserver",
5974
0
           _("Enter your preferred keyserver URL: "));
5975
0
      if (answer[0] == '\0' || answer[0] == CONTROL_D)
5976
0
  {
5977
0
    xfree (answer);
5978
0
    return 0;
5979
0
  }
5980
0
    }
5981
5982
0
  if (!ascii_strcasecmp (answer, "none"))
5983
0
    {
5984
0
      xfree (answer);
5985
0
      uri = NULL;
5986
0
    }
5987
0
  else
5988
0
    {
5989
0
      struct keyserver_spec *keyserver = NULL;
5990
      /* Sanity check the format */
5991
0
      keyserver = parse_keyserver_uri (answer, 1);
5992
0
      xfree (answer);
5993
0
      if (!keyserver)
5994
0
  {
5995
0
    log_info (_("could not parse keyserver URL\n"));
5996
0
    return 0;
5997
0
  }
5998
0
      uri = xstrdup (keyserver->uri);
5999
0
      free_keyserver_spec (keyserver);
6000
0
    }
6001
6002
0
  select_all = !count_selected_uids (pub_keyblock);
6003
6004
  /* Now we can actually change the self signature(s) */
6005
0
  main_pk = NULL;
6006
0
  uid = NULL;
6007
0
  selected = 0;
6008
0
  for (node = pub_keyblock; node; node = node->next)
6009
0
    {
6010
0
      if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
6011
0
  break; /* ready */
6012
6013
0
      if (node->pkt->pkttype == PKT_PUBLIC_KEY)
6014
0
  {
6015
0
    main_pk = node->pkt->pkt.public_key;
6016
0
    keyid_from_pk (main_pk, keyid);
6017
0
  }
6018
0
      else if (node->pkt->pkttype == PKT_USER_ID)
6019
0
  {
6020
0
    uid = node->pkt->pkt.user_id;
6021
0
    selected = select_all || (node->flag & NODFLG_SELUID);
6022
0
  }
6023
0
      else if (main_pk && uid && selected
6024
0
         && node->pkt->pkttype == PKT_SIGNATURE)
6025
0
  {
6026
0
    PKT_signature *sig = node->pkt->pkt.signature;
6027
0
    if (keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
6028
0
        && (uid && (sig->sig_class & ~3) == 0x10)
6029
0
        && sig->flags.chosen_selfsig)
6030
0
      {
6031
0
        char *user = utf8_to_native (uid->name, strlen (uid->name), 0);
6032
0
        if (sig->version < 4)
6033
0
    log_info (_("skipping v3 self-signature on user ID \"%s\"\n"),
6034
0
        user);
6035
0
        else
6036
0
    {
6037
      /* This is a selfsignature which is to be replaced
6038
       * We have to ignore v3 signatures because they are
6039
       * not able to carry the subpacket. */
6040
0
      PKT_signature *newsig;
6041
0
      PACKET *newpkt;
6042
0
      int rc;
6043
0
      const byte *p;
6044
0
      size_t plen;
6045
6046
0
      p = parse_sig_subpkt (sig, 1, SIGSUBPKT_PREF_KS, &plen);
6047
0
      if (p && plen)
6048
0
        {
6049
0
          tty_printf ("Current preferred keyserver for user"
6050
0
          " ID \"%s\": ", user);
6051
0
          tty_print_utf8_string (p, plen);
6052
0
          tty_printf ("\n");
6053
0
          if (!cpr_get_answer_is_yes
6054
0
                          ("keyedit.confirm_keyserver",
6055
0
                           uri
6056
0
                           ? _("Are you sure you want to replace it? (y/N) ")
6057
0
                           : _("Are you sure you want to delete it? (y/N) ")))
6058
0
            {
6059
0
        xfree (user);
6060
0
        continue;
6061
0
            }
6062
0
        }
6063
0
      else if (uri == NULL)
6064
0
        {
6065
          /* There is no current keyserver URL, so there
6066
             is no point in trying to un-set it. */
6067
0
                      xfree (user);
6068
0
          continue;
6069
0
        }
6070
6071
0
      rc = update_keysig_packet (ctrl, &newsig, sig,
6072
0
               main_pk, uid, NULL,
6073
0
               main_pk,
6074
0
               keygen_add_keyserver_url, uri);
6075
0
      if (rc)
6076
0
        {
6077
0
          log_error ("update_keysig_packet failed: %s\n",
6078
0
         gpg_strerror (rc));
6079
0
          xfree (uri);
6080
0
                xfree (user);
6081
0
          return 0;
6082
0
        }
6083
      /* replace the packet */
6084
0
      newpkt = xmalloc_clear (sizeof *newpkt);
6085
0
      newpkt->pkttype = PKT_SIGNATURE;
6086
0
      newpkt->pkt.signature = newsig;
6087
0
      free_packet (node->pkt, NULL);
6088
0
      xfree (node->pkt);
6089
0
      node->pkt = newpkt;
6090
0
      modified = 1;
6091
0
    }
6092
6093
0
        xfree (user);
6094
0
      }
6095
0
  }
6096
0
    }
6097
6098
0
  xfree (uri);
6099
0
  return modified;
6100
0
}
6101
6102
6103
static int
6104
menu_set_notation (ctrl_t ctrl, const char *string, KBNODE pub_keyblock)
6105
0
{
6106
0
  PKT_public_key *main_pk;
6107
0
  PKT_user_id *uid;
6108
0
  KBNODE node;
6109
0
  u32 keyid[2];
6110
0
  int selected, select_all;
6111
0
  int modified = 0;
6112
0
  char *answer;
6113
0
  struct notation *notation;
6114
6115
0
  no_primary_warning (pub_keyblock);
6116
6117
0
  if (string)
6118
0
    answer = xstrdup (string);
6119
0
  else
6120
0
    {
6121
0
      answer = cpr_get_utf8 ("keyedit.add_notation",
6122
0
           _("Enter the notation: "));
6123
0
      if (answer[0] == '\0' || answer[0] == CONTROL_D)
6124
0
  {
6125
0
    xfree (answer);
6126
0
    return 0;
6127
0
  }
6128
0
    }
6129
6130
0
  if (!ascii_strcasecmp (answer, "none")
6131
0
      || !ascii_strcasecmp (answer, "-"))
6132
0
    notation = NULL; /* Delete them all.  */
6133
0
  else
6134
0
    {
6135
0
      notation = string_to_notation (answer, 0);
6136
0
      if (!notation)
6137
0
  {
6138
0
    xfree (answer);
6139
0
    return 0;
6140
0
  }
6141
0
    }
6142
6143
0
  xfree (answer);
6144
6145
0
  select_all = !count_selected_uids (pub_keyblock);
6146
6147
  /* Now we can actually change the self signature(s) */
6148
0
  main_pk = NULL;
6149
0
  uid = NULL;
6150
0
  selected = 0;
6151
0
  for (node = pub_keyblock; node; node = node->next)
6152
0
    {
6153
0
      if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
6154
0
  break; /* ready */
6155
6156
0
      if (node->pkt->pkttype == PKT_PUBLIC_KEY)
6157
0
  {
6158
0
    main_pk = node->pkt->pkt.public_key;
6159
0
    keyid_from_pk (main_pk, keyid);
6160
0
  }
6161
0
      else if (node->pkt->pkttype == PKT_USER_ID)
6162
0
  {
6163
0
    uid = node->pkt->pkt.user_id;
6164
0
    selected = select_all || (node->flag & NODFLG_SELUID);
6165
0
  }
6166
0
      else if (main_pk && uid && selected
6167
0
         && node->pkt->pkttype == PKT_SIGNATURE)
6168
0
  {
6169
0
    PKT_signature *sig = node->pkt->pkt.signature;
6170
0
    if (keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
6171
0
        && (uid && (sig->sig_class & ~3) == 0x10)
6172
0
        && sig->flags.chosen_selfsig)
6173
0
      {
6174
0
        char *user = utf8_to_native (uid->name, strlen (uid->name), 0);
6175
0
        if (sig->version < 4)
6176
0
    log_info (_("skipping v3 self-signature on user ID \"%s\"\n"),
6177
0
        user);
6178
0
        else
6179
0
    {
6180
0
      PKT_signature *newsig;
6181
0
      PACKET *newpkt;
6182
0
      int rc, skip = 0, addonly = 1;
6183
6184
0
      if (sig->flags.notation)
6185
0
        {
6186
0
          tty_printf ("Current notations for user ID \"%s\":\n",
6187
0
          user);
6188
0
          tty_print_notations (-9, sig);
6189
0
        }
6190
0
      else
6191
0
        {
6192
0
          tty_printf ("No notations on user ID \"%s\"\n", user);
6193
0
          if (notation == NULL)
6194
0
      {
6195
        /* There are no current notations, so there
6196
           is no point in trying to un-set them. */
6197
0
        continue;
6198
0
      }
6199
0
        }
6200
6201
0
      if (notation)
6202
0
        {
6203
0
          struct notation *n;
6204
0
          int deleting = 0;
6205
6206
0
          notation->next = sig_to_notation (sig);
6207
6208
0
          for (n = notation->next; n; n = n->next)
6209
0
      if (strcmp (n->name, notation->name) == 0)
6210
0
        {
6211
0
          if (notation->value)
6212
0
            {
6213
0
        if (strcmp (n->value, notation->value) == 0)
6214
0
          {
6215
0
            if (notation->flags.ignore)
6216
0
              {
6217
          /* Value match with a delete
6218
             flag. */
6219
0
          n->flags.ignore = 1;
6220
0
          deleting = 1;
6221
0
              }
6222
0
            else
6223
0
              {
6224
          /* Adding the same notation
6225
             twice, so don't add it at
6226
             all. */
6227
0
          skip = 1;
6228
0
          tty_printf ("Skipping notation:"
6229
0
                " %s=%s\n",
6230
0
                notation->name,
6231
0
                notation->value);
6232
0
          break;
6233
0
              }
6234
0
          }
6235
0
            }
6236
0
          else
6237
0
            {
6238
        /* No value, so it means delete. */
6239
0
        n->flags.ignore = 1;
6240
0
        deleting = 1;
6241
0
            }
6242
6243
0
          if (n->flags.ignore)
6244
0
            {
6245
0
        tty_printf ("Removing notation: %s=%s\n",
6246
0
              n->name, n->value);
6247
0
        addonly = 0;
6248
0
            }
6249
0
        }
6250
6251
0
          if (!notation->flags.ignore && !skip)
6252
0
      tty_printf ("Adding notation: %s=%s\n",
6253
0
            notation->name, notation->value);
6254
6255
          /* We tried to delete, but had no matches.  */
6256
0
          if (notation->flags.ignore && !deleting)
6257
0
      continue;
6258
0
        }
6259
0
      else
6260
0
        {
6261
0
          tty_printf ("Removing all notations\n");
6262
0
          addonly = 0;
6263
0
        }
6264
6265
0
      if (skip
6266
0
          || (!addonly
6267
0
        &&
6268
0
        !cpr_get_answer_is_yes ("keyedit.confirm_notation",
6269
0
              _("Proceed? (y/N) "))))
6270
0
        continue;
6271
6272
0
      rc = update_keysig_packet (ctrl, &newsig, sig,
6273
0
               main_pk, uid, NULL,
6274
0
               main_pk,
6275
0
               keygen_add_notations, notation);
6276
0
      if (rc)
6277
0
        {
6278
0
          log_error ("update_keysig_packet failed: %s\n",
6279
0
         gpg_strerror (rc));
6280
0
          free_notation (notation);
6281
0
          xfree (user);
6282
0
          return 0;
6283
0
        }
6284
6285
      /* replace the packet */
6286
0
      newpkt = xmalloc_clear (sizeof *newpkt);
6287
0
      newpkt->pkttype = PKT_SIGNATURE;
6288
0
      newpkt->pkt.signature = newsig;
6289
0
      free_packet (node->pkt, NULL);
6290
0
      xfree (node->pkt);
6291
0
      node->pkt = newpkt;
6292
0
      modified = 1;
6293
6294
0
      if (notation)
6295
0
        {
6296
          /* Snip off the notation list from the sig */
6297
0
          free_notation (notation->next);
6298
0
          notation->next = NULL;
6299
0
        }
6300
6301
0
      xfree (user);
6302
0
    }
6303
0
      }
6304
0
  }
6305
0
    }
6306
6307
0
  free_notation (notation);
6308
0
  return modified;
6309
0
}
6310
6311
6312
/*
6313
 * Select one user id or remove all selection if IDX is 0 or select
6314
 * all if IDX is -1.  Returns: True if the selection changed.
6315
 */
6316
static int
6317
menu_select_uid (KBNODE keyblock, int idx)
6318
0
{
6319
0
  KBNODE node;
6320
0
  int i;
6321
6322
0
  if (idx == -1)   /* Select all. */
6323
0
    {
6324
0
      for (node = keyblock; node; node = node->next)
6325
0
  if (node->pkt->pkttype == PKT_USER_ID)
6326
0
    node->flag |= NODFLG_SELUID;
6327
0
      return 1;
6328
0
    }
6329
0
  else if (idx)     /* Toggle.  */
6330
0
    {
6331
0
      for (i = 0, node = keyblock; node; node = node->next)
6332
0
  {
6333
0
    if (node->pkt->pkttype == PKT_USER_ID)
6334
0
      if (++i == idx)
6335
0
        break;
6336
0
  }
6337
0
      if (!node)
6338
0
  {
6339
0
    tty_printf (_("No user ID with index %d\n"), idx);
6340
0
    return 0;
6341
0
  }
6342
6343
0
      for (i = 0, node = keyblock; node; node = node->next)
6344
0
  {
6345
0
    if (node->pkt->pkttype == PKT_USER_ID)
6346
0
      {
6347
0
        if (++i == idx)
6348
0
    {
6349
0
      if ((node->flag & NODFLG_SELUID))
6350
0
        node->flag &= ~NODFLG_SELUID;
6351
0
      else
6352
0
        node->flag |= NODFLG_SELUID;
6353
0
    }
6354
0
      }
6355
0
  }
6356
0
    }
6357
0
  else        /* Unselect all */
6358
0
    {
6359
0
      for (node = keyblock; node; node = node->next)
6360
0
  if (node->pkt->pkttype == PKT_USER_ID)
6361
0
    node->flag &= ~NODFLG_SELUID;
6362
0
    }
6363
6364
0
  return 1;
6365
0
}
6366
6367
6368
/* Search in the keyblock for a uid that matches namehash */
6369
static int
6370
menu_select_uid_namehash (KBNODE keyblock, const char *namehash)
6371
0
{
6372
0
  byte hash[NAMEHASH_LEN];
6373
0
  KBNODE node;
6374
0
  int i;
6375
6376
0
  log_assert (strlen (namehash) == NAMEHASH_LEN * 2);
6377
6378
0
  for (i = 0; i < NAMEHASH_LEN; i++)
6379
0
    hash[i] = hextobyte (&namehash[i * 2]);
6380
6381
0
  for (node = keyblock->next; node; node = node->next)
6382
0
    {
6383
0
      if (node->pkt->pkttype == PKT_USER_ID)
6384
0
  {
6385
0
    namehash_from_uid (node->pkt->pkt.user_id);
6386
0
    if (memcmp (node->pkt->pkt.user_id->namehash, hash, NAMEHASH_LEN) ==
6387
0
        0)
6388
0
      {
6389
0
        if (node->flag & NODFLG_SELUID)
6390
0
    node->flag &= ~NODFLG_SELUID;
6391
0
        else
6392
0
    node->flag |= NODFLG_SELUID;
6393
6394
0
        break;
6395
0
      }
6396
0
  }
6397
0
    }
6398
6399
0
  if (!node)
6400
0
    {
6401
0
      tty_printf (_("No user ID with hash %s\n"), namehash);
6402
0
      return 0;
6403
0
    }
6404
6405
0
  return 1;
6406
0
}
6407
6408
6409
/*
6410
 * Select secondary keys
6411
 * Returns: True if the selection changed.
6412
 */
6413
static int
6414
menu_select_key (KBNODE keyblock, int idx, char *p)
6415
0
{
6416
0
  KBNODE node;
6417
0
  int i, j;
6418
0
  int is_hex_digits;
6419
6420
0
  is_hex_digits = p && strlen (p) >= 8;
6421
0
  if (is_hex_digits)
6422
0
    {
6423
      /* Skip initial spaces.  */
6424
0
      while (spacep (p))
6425
0
        p ++;
6426
      /* If the id starts with 0x accept and ignore it.  */
6427
0
      if (p[0] == '0' && p[1] == 'x')
6428
0
        p += 2;
6429
6430
0
      for (i = 0, j = 0; p[i]; i ++)
6431
0
        if (hexdigitp (&p[i]))
6432
0
          {
6433
0
            p[j] = toupper (p[i]);
6434
0
            j ++;
6435
0
          }
6436
0
        else if (spacep (&p[i]))
6437
          /* Skip spaces.  */
6438
0
          {
6439
0
          }
6440
0
        else
6441
0
          {
6442
0
            is_hex_digits = 0;
6443
0
            break;
6444
0
          }
6445
0
      if (is_hex_digits)
6446
        /* In case we skipped some spaces, add a new NUL terminator.  */
6447
0
        {
6448
0
          p[j] = 0;
6449
          /* If we skipped some spaces, make sure that we still have
6450
             at least 8 characters.  */
6451
0
          is_hex_digits = (/* Short keyid.  */
6452
0
                           strlen (p) == 8
6453
                           /* Long keyid.  */
6454
0
                           || strlen (p) == 16
6455
                           /* Fingerprints are (currently) 32 or 40
6456
                              characters.  */
6457
0
                           || strlen (p) >= 32);
6458
0
        }
6459
0
    }
6460
6461
0
  if (is_hex_digits)
6462
0
    {
6463
0
      int found_one = 0;
6464
0
      for (node = keyblock; node; node = node->next)
6465
0
  if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY
6466
0
      || node->pkt->pkttype == PKT_SECRET_SUBKEY)
6467
0
          {
6468
0
            int match = 0;
6469
0
            if (strlen (p) == 8 || strlen (p) == 16)
6470
0
              {
6471
0
                u32 kid[2];
6472
0
                char kid_str[17];
6473
0
                keyid_from_pk (node->pkt->pkt.public_key, kid);
6474
0
                format_keyid (kid, strlen (p) == 8 ? KF_SHORT : KF_LONG,
6475
0
                              kid_str, sizeof (kid_str));
6476
6477
0
                if (strcmp (p, kid_str) == 0)
6478
0
                  match = 1;
6479
0
              }
6480
0
            else
6481
0
              {
6482
0
                char fp[2*MAX_FINGERPRINT_LEN + 1];
6483
0
                hexfingerprint (node->pkt->pkt.public_key, fp, sizeof (fp));
6484
0
                if (strcmp (fp, p) == 0)
6485
0
                  match = 1;
6486
0
              }
6487
6488
0
            if (match)
6489
0
              {
6490
0
                if ((node->flag & NODFLG_SELKEY))
6491
0
                  node->flag &= ~NODFLG_SELKEY;
6492
0
                else
6493
0
                  node->flag |= NODFLG_SELKEY;
6494
6495
0
                found_one = 1;
6496
0
              }
6497
0
          }
6498
6499
0
      if (found_one)
6500
0
        return 1;
6501
6502
0
      tty_printf (_("No subkey with key ID '%s'.\n"), p);
6503
0
      return 0;
6504
0
    }
6505
6506
0
  if (idx == -1)   /* Select all.  */
6507
0
    {
6508
0
      for (node = keyblock; node; node = node->next)
6509
0
  if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY
6510
0
      || node->pkt->pkttype == PKT_SECRET_SUBKEY)
6511
0
    node->flag |= NODFLG_SELKEY;
6512
0
    }
6513
0
  else if (idx)     /* Toggle selection.  */
6514
0
    {
6515
0
      for (i = 0, node = keyblock; node; node = node->next)
6516
0
  {
6517
0
    if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY
6518
0
        || node->pkt->pkttype == PKT_SECRET_SUBKEY)
6519
0
      if (++i == idx)
6520
0
        break;
6521
0
  }
6522
0
      if (!node)
6523
0
  {
6524
0
    tty_printf (_("No subkey with index %d\n"), idx);
6525
0
    return 0;
6526
0
  }
6527
6528
0
      for (i = 0, node = keyblock; node; node = node->next)
6529
0
  {
6530
0
    if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY
6531
0
        || node->pkt->pkttype == PKT_SECRET_SUBKEY)
6532
0
      if (++i == idx)
6533
0
        {
6534
0
    if ((node->flag & NODFLG_SELKEY))
6535
0
      node->flag &= ~NODFLG_SELKEY;
6536
0
    else
6537
0
      node->flag |= NODFLG_SELKEY;
6538
0
        }
6539
0
  }
6540
0
    }
6541
0
  else        /* Unselect all. */
6542
0
    {
6543
0
      for (node = keyblock; node; node = node->next)
6544
0
  if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY
6545
0
      || node->pkt->pkttype == PKT_SECRET_SUBKEY)
6546
0
    node->flag &= ~NODFLG_SELKEY;
6547
0
    }
6548
6549
0
  return 1;
6550
0
}
6551
6552
6553
static int
6554
count_uids_with_flag (KBNODE keyblock, unsigned flag)
6555
0
{
6556
0
  KBNODE node;
6557
0
  int i = 0;
6558
6559
0
  for (node = keyblock; node; node = node->next)
6560
0
    if (node->pkt->pkttype == PKT_USER_ID && (node->flag & flag))
6561
0
      i++;
6562
0
  return i;
6563
0
}
6564
6565
6566
static int
6567
count_keys_with_flag (KBNODE keyblock, unsigned flag)
6568
0
{
6569
0
  KBNODE node;
6570
0
  int i = 0;
6571
6572
0
  for (node = keyblock; node; node = node->next)
6573
0
    if ((node->pkt->pkttype == PKT_PUBLIC_SUBKEY
6574
0
   || node->pkt->pkttype == PKT_SECRET_SUBKEY) && (node->flag & flag))
6575
0
      i++;
6576
0
  return i;
6577
0
}
6578
6579
6580
static int
6581
count_uids (KBNODE keyblock)
6582
0
{
6583
0
  KBNODE node;
6584
0
  int i = 0;
6585
6586
0
  for (node = keyblock; node; node = node->next)
6587
0
    if (node->pkt->pkttype == PKT_USER_ID)
6588
0
      i++;
6589
0
  return i;
6590
0
}
6591
6592
6593
/*
6594
 * Returns true if there is at least one selected user id
6595
 */
6596
static int
6597
count_selected_uids (KBNODE keyblock)
6598
0
{
6599
0
  return count_uids_with_flag (keyblock, NODFLG_SELUID);
6600
0
}
6601
6602
6603
static int
6604
count_selected_keys (KBNODE keyblock)
6605
0
{
6606
0
  return count_keys_with_flag (keyblock, NODFLG_SELKEY);
6607
0
}
6608
6609
6610
/* Returns how many real (i.e. not attribute) uids are unmarked.  */
6611
static int
6612
real_uids_left (KBNODE keyblock)
6613
0
{
6614
0
  KBNODE node;
6615
0
  int real = 0;
6616
6617
0
  for (node = keyblock; node; node = node->next)
6618
0
    if (node->pkt->pkttype == PKT_USER_ID && !(node->flag & NODFLG_SELUID) &&
6619
0
  !node->pkt->pkt.user_id->attrib_data)
6620
0
      real++;
6621
6622
0
  return real;
6623
0
}
6624
6625
6626
/*
6627
 * Ask whether the signature should be revoked.  If the user commits this,
6628
 * flag bit MARK_A is set on the signature and the user ID.
6629
 */
6630
static void
6631
ask_revoke_sig (ctrl_t ctrl, kbnode_t keyblock, kbnode_t node)
6632
0
{
6633
0
  int doit = 0;
6634
0
  PKT_user_id *uid;
6635
0
  PKT_signature *sig = node->pkt->pkt.signature;
6636
0
  KBNODE unode = find_prev_kbnode (keyblock, node, PKT_USER_ID);
6637
6638
0
  if (!unode)
6639
0
    {
6640
0
      log_error ("Oops: no user ID for signature\n");
6641
0
      return;
6642
0
    }
6643
6644
0
  uid = unode->pkt->pkt.user_id;
6645
6646
0
  if (opt.with_colons)
6647
0
    {
6648
0
      if (uid->attrib_data)
6649
0
  printf ("uat:::::::::%u %lu", uid->numattribs, uid->attrib_len);
6650
0
      else
6651
0
  {
6652
0
    es_printf ("uid:::::::::");
6653
0
    es_write_sanitized (es_stdout, uid->name, uid->len, ":", NULL);
6654
0
  }
6655
6656
0
      es_printf ("\n");
6657
6658
0
      print_and_check_one_sig_colon (ctrl, keyblock, node,
6659
0
                                     NULL, NULL, NULL, NULL, 1);
6660
0
    }
6661
0
  else
6662
0
    {
6663
0
      char *p = utf8_to_native (unode->pkt->pkt.user_id->name,
6664
0
        unode->pkt->pkt.user_id->len, 0);
6665
0
      tty_printf (_("user ID: \"%s\"\n"), p);
6666
0
      xfree (p);
6667
6668
0
      tty_printf (_("signed by your key %s on %s%s%s\n"),
6669
0
      keystr (sig->keyid), datestr_from_sig (sig),
6670
0
      sig->flags.exportable ? "" : _(" (non-exportable)"), "");
6671
0
    }
6672
0
  if (sig->flags.expired)
6673
0
    {
6674
0
      tty_printf (_("This signature expired on %s.\n"),
6675
0
      expirestr_from_sig (sig));
6676
      /* Use a different question so we can have different help text */
6677
0
      doit = cpr_get_answer_is_yes
6678
0
        ("ask_revoke_sig.expired",
6679
0
         _("Are you sure you still want to revoke it? (y/N) "));
6680
0
    }
6681
0
  else
6682
0
    doit = cpr_get_answer_is_yes
6683
0
      ("ask_revoke_sig.one",
6684
0
       _("Create a revocation certificate for this signature? (y/N) "));
6685
6686
0
  if (doit)
6687
0
    {
6688
0
      node->flag |= NODFLG_MARK_A;
6689
0
      unode->flag |= NODFLG_MARK_A;
6690
0
    }
6691
0
}
6692
6693
6694
/*
6695
 * Display all user ids of the current public key together with signatures
6696
 * done by one of our keys.  Then walk over all this sigs and ask the user
6697
 * whether he wants to revoke this signature.
6698
 * Return: True when the keyblock has changed.
6699
 */
6700
static int
6701
menu_revsig (ctrl_t ctrl, kbnode_t keyblock)
6702
0
{
6703
0
  PKT_signature *sig;
6704
0
  PKT_public_key *primary_pk;
6705
0
  KBNODE node;
6706
0
  int changed = 0;
6707
0
  int rc, any, skip = 1, all = !count_selected_uids (keyblock);
6708
0
  struct revocation_reason_info *reason = NULL;
6709
6710
0
  log_assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY);
6711
6712
  /* First check whether we have any signatures at all.  */
6713
0
  any = 0;
6714
0
  for (node = keyblock; node; node = node->next)
6715
0
    {
6716
0
      node->flag &= ~(NODFLG_SELSIG | NODFLG_MARK_A);
6717
0
      if (node->pkt->pkttype == PKT_USER_ID)
6718
0
  {
6719
0
    if (node->flag & NODFLG_SELUID || all)
6720
0
      skip = 0;
6721
0
    else
6722
0
      skip = 1;
6723
0
  }
6724
0
      else if (!skip && node->pkt->pkttype == PKT_SIGNATURE
6725
0
         && ((sig = node->pkt->pkt.signature),
6726
0
       have_secret_key_with_kid (ctrl, sig->keyid)))
6727
0
  {
6728
0
    if ((sig->sig_class & ~3) == 0x10)
6729
0
      {
6730
0
        any = 1;
6731
0
        break;
6732
0
      }
6733
0
  }
6734
0
    }
6735
6736
0
  if (!any)
6737
0
    {
6738
0
      tty_printf (_("Not signed by you.\n"));
6739
0
      return 0;
6740
0
    }
6741
6742
6743
  /* FIXME: detect duplicates here  */
6744
0
  tty_printf (_("You have signed these user IDs on key %s:\n"),
6745
0
        keystr_from_pk (keyblock->pkt->pkt.public_key));
6746
0
  for (node = keyblock; node; node = node->next)
6747
0
    {
6748
0
      node->flag &= ~(NODFLG_SELSIG | NODFLG_MARK_A);
6749
0
      if (node->pkt->pkttype == PKT_USER_ID)
6750
0
  {
6751
0
    if (node->flag & NODFLG_SELUID || all)
6752
0
      {
6753
0
        PKT_user_id *uid = node->pkt->pkt.user_id;
6754
        /* Hmmm: Should we show only UIDs with a signature? */
6755
0
        tty_printf ("     ");
6756
0
        tty_print_utf8_string (uid->name, uid->len);
6757
0
        tty_printf ("\n");
6758
0
        skip = 0;
6759
0
      }
6760
0
    else
6761
0
      skip = 1;
6762
0
  }
6763
0
      else if (!skip && node->pkt->pkttype == PKT_SIGNATURE
6764
0
         && ((sig = node->pkt->pkt.signature),
6765
0
       have_secret_key_with_kid (ctrl, sig->keyid)))
6766
0
  {
6767
0
    if ((sig->sig_class & ~3) == 0x10)
6768
0
      {
6769
0
        tty_printf ("   ");
6770
0
        tty_printf (_("signed by your key %s on %s%s%s\n"),
6771
0
        keystr (sig->keyid), datestr_from_sig (sig),
6772
0
        sig->flags.exportable ? "" : _(" (non-exportable)"),
6773
0
        sig->flags.revocable ? "" : _(" (non-revocable)"));
6774
0
        if (sig->flags.revocable)
6775
0
    node->flag |= NODFLG_SELSIG;
6776
0
      }
6777
0
    else if (sig->sig_class == 0x30)
6778
0
      {
6779
0
        tty_printf ("   ");
6780
0
        tty_printf (_("revoked by your key %s on %s\n"),
6781
0
        keystr (sig->keyid), datestr_from_sig (sig));
6782
0
      }
6783
0
  }
6784
0
    }
6785
6786
0
  tty_printf ("\n");
6787
6788
  /* ask */
6789
0
  for (node = keyblock; node; node = node->next)
6790
0
    {
6791
0
      if (!(node->flag & NODFLG_SELSIG))
6792
0
  continue;
6793
0
      ask_revoke_sig (ctrl, keyblock, node);
6794
0
    }
6795
6796
  /* present selected */
6797
0
  any = 0;
6798
0
  for (node = keyblock; node; node = node->next)
6799
0
    {
6800
0
      if (!(node->flag & NODFLG_MARK_A))
6801
0
  continue;
6802
0
      if (!any)
6803
0
  {
6804
0
    any = 1;
6805
0
    tty_printf (_("You are about to revoke these signatures:\n"));
6806
0
  }
6807
0
      if (node->pkt->pkttype == PKT_USER_ID)
6808
0
  {
6809
0
    PKT_user_id *uid = node->pkt->pkt.user_id;
6810
0
    tty_printf ("     ");
6811
0
    tty_print_utf8_string (uid->name, uid->len);
6812
0
    tty_printf ("\n");
6813
0
  }
6814
0
      else if (node->pkt->pkttype == PKT_SIGNATURE)
6815
0
  {
6816
0
    sig = node->pkt->pkt.signature;
6817
0
    tty_printf ("   ");
6818
0
    tty_printf (_("signed by your key %s on %s%s%s\n"),
6819
0
          keystr (sig->keyid), datestr_from_sig (sig), "",
6820
0
          sig->flags.exportable ? "" : _(" (non-exportable)"));
6821
0
  }
6822
0
    }
6823
0
  if (!any)
6824
0
    return 0;     /* none selected */
6825
6826
0
  if (!cpr_get_answer_is_yes
6827
0
      ("ask_revoke_sig.okay",
6828
0
       _("Really create the revocation certificates? (y/N) ")))
6829
0
    return 0;     /* forget it */
6830
6831
0
  reason = ask_revocation_reason (0, 1, 0);
6832
0
  if (!reason)
6833
0
    {       /* user decided to cancel */
6834
0
      return 0;
6835
0
    }
6836
6837
  /* now we can sign the user ids */
6838
0
reloop:     /* (must use this, because we are modifying the list) */
6839
0
  primary_pk = keyblock->pkt->pkt.public_key;
6840
0
  for (node = keyblock; node; node = node->next)
6841
0
    {
6842
0
      KBNODE unode;
6843
0
      PACKET *pkt;
6844
0
      struct sign_attrib attrib;
6845
0
      PKT_public_key *signerkey;
6846
6847
0
      if (!(node->flag & NODFLG_MARK_A)
6848
0
    || node->pkt->pkttype != PKT_SIGNATURE)
6849
0
  continue;
6850
0
      unode = find_prev_kbnode (keyblock, node, PKT_USER_ID);
6851
0
      log_assert (unode); /* we already checked this */
6852
6853
0
      memset (&attrib, 0, sizeof attrib);
6854
0
      attrib.reason = reason;
6855
0
      attrib.non_exportable = !node->pkt->pkt.signature->flags.exportable;
6856
6857
0
      node->flag &= ~NODFLG_MARK_A;
6858
0
      signerkey = xmalloc_secure_clear (sizeof *signerkey);
6859
0
      if (get_seckey (ctrl, signerkey, node->pkt->pkt.signature->keyid))
6860
0
  {
6861
0
    log_info (_("no secret key\n"));
6862
0
          free_public_key (signerkey);
6863
0
    continue;
6864
0
  }
6865
0
      rc = make_keysig_packet (ctrl, &sig, primary_pk,
6866
0
             unode->pkt->pkt.user_id,
6867
0
             NULL, signerkey, 0x30, 0, 0,
6868
0
                               sign_mk_attrib, &attrib, NULL);
6869
0
      free_public_key (signerkey);
6870
0
      if (rc)
6871
0
  {
6872
0
          write_status_error ("keysig", rc);
6873
0
    log_error (_("signing failed: %s\n"), gpg_strerror (rc));
6874
0
    release_revocation_reason_info (reason);
6875
0
    return changed;
6876
0
  }
6877
0
      changed = 1;    /* we changed the keyblock */
6878
0
      update_trust = 1;
6879
      /* Are we revoking our own uid? */
6880
0
      if (primary_pk->keyid[0] == sig->keyid[0] &&
6881
0
    primary_pk->keyid[1] == sig->keyid[1])
6882
0
  unode->pkt->pkt.user_id->flags.revoked = 1;
6883
0
      pkt = xmalloc_clear (sizeof *pkt);
6884
0
      pkt->pkttype = PKT_SIGNATURE;
6885
0
      pkt->pkt.signature = sig;
6886
0
      insert_kbnode (unode, new_kbnode (pkt), 0);
6887
0
      goto reloop;
6888
0
    }
6889
6890
0
  release_revocation_reason_info (reason);
6891
0
  return changed;
6892
0
}
6893
6894
6895
/* return 0 if revocation of NODE (which must be a User ID) was
6896
   successful, non-zero if there was an error.  *modified will be set
6897
   to 1 if a change was made. */
6898
static int
6899
core_revuid (ctrl_t ctrl, kbnode_t keyblock, KBNODE node,
6900
             const struct revocation_reason_info *reason, int *modified)
6901
0
{
6902
0
  PKT_public_key *pk = keyblock->pkt->pkt.public_key;
6903
0
  gpg_error_t rc;
6904
6905
0
  if (node->pkt->pkttype != PKT_USER_ID)
6906
0
    {
6907
0
      rc = gpg_error (GPG_ERR_NO_USER_ID);
6908
0
      write_status_error ("keysig", rc);
6909
0
      log_error (_("tried to revoke a non-user ID: %s\n"), gpg_strerror (rc));
6910
0
      return 1;
6911
0
    }
6912
0
  else
6913
0
    {
6914
0
      PKT_user_id *uid = node->pkt->pkt.user_id;
6915
6916
0
      if (uid->flags.revoked)
6917
0
        {
6918
0
          char *user = utf8_to_native (uid->name, uid->len, 0);
6919
0
          log_info (_("user ID \"%s\" is already revoked\n"), user);
6920
0
          xfree (user);
6921
0
        }
6922
0
      else
6923
0
        {
6924
0
          PACKET *pkt;
6925
0
          PKT_signature *sig;
6926
0
          struct sign_attrib attrib;
6927
0
          u32 timestamp = make_timestamp ();
6928
6929
0
          if (uid->created >= timestamp)
6930
0
            {
6931
              /* Okay, this is a problem.  The user ID selfsig was
6932
                 created in the future, so we need to warn the user and
6933
                 set our revocation timestamp one second after that so
6934
                 everything comes out clean. */
6935
6936
0
              log_info (_("WARNING: a user ID signature is dated %d"
6937
0
                          " seconds in the future\n"),
6938
0
                        uid->created - timestamp);
6939
6940
0
              timestamp = uid->created + 1;
6941
0
            }
6942
6943
0
          memset (&attrib, 0, sizeof attrib);
6944
          /* should not need to cast away const here; but
6945
             revocation_reason_build_cb needs to take a non-const
6946
             void* in order to meet the function signature for the
6947
             mksubpkt argument to make_keysig_packet */
6948
0
          attrib.reason = (struct revocation_reason_info *)reason;
6949
6950
0
          rc = make_keysig_packet (ctrl, &sig, pk, uid, NULL, pk, 0x30,
6951
0
                                   timestamp, 0,
6952
0
                                   sign_mk_attrib, &attrib, NULL);
6953
0
          if (rc)
6954
0
            {
6955
0
              write_status_error ("keysig", rc);
6956
0
              log_error (_("signing failed: %s\n"), gpg_strerror (rc));
6957
0
              return 1;
6958
0
            }
6959
0
          else
6960
0
            {
6961
0
              pkt = xmalloc_clear (sizeof *pkt);
6962
0
              pkt->pkttype = PKT_SIGNATURE;
6963
0
              pkt->pkt.signature = sig;
6964
0
              insert_kbnode (node, new_kbnode (pkt), 0);
6965
6966
0
#ifndef NO_TRUST_MODELS
6967
              /* If the trustdb has an entry for this key+uid then the
6968
                 trustdb needs an update. */
6969
0
              if (!update_trust
6970
0
                  && ((get_validity (ctrl, keyblock, pk, uid, NULL, 0)
6971
0
                       & TRUST_MASK)
6972
0
                      >= TRUST_UNDEFINED))
6973
0
                update_trust = 1;
6974
0
#endif /*!NO_TRUST_MODELS*/
6975
6976
0
              node->pkt->pkt.user_id->flags.revoked = 1;
6977
0
              if (modified)
6978
0
                *modified = 1;
6979
0
            }
6980
0
        }
6981
0
      return 0;
6982
0
    }
6983
0
}
6984
6985
/* Revoke a user ID (i.e. revoke a user ID selfsig).  Return true if
6986
   keyblock changed.  */
6987
static int
6988
menu_revuid (ctrl_t ctrl, kbnode_t pub_keyblock)
6989
0
{
6990
0
  PKT_public_key *pk = pub_keyblock->pkt->pkt.public_key;
6991
0
  KBNODE node;
6992
0
  int changed = 0;
6993
0
  int rc;
6994
0
  struct revocation_reason_info *reason = NULL;
6995
0
  size_t valid_uids;
6996
6997
  /* Note that this is correct as per the RFCs, but nevertheless
6998
     somewhat meaningless in the real world.  1991 did define the 0x30
6999
     sig class, but PGP 2.x did not actually implement it, so it would
7000
     probably be safe to use v4 revocations everywhere. -ds */
7001
7002
0
  for (node = pub_keyblock; node; node = node->next)
7003
0
    if (pk->version > 3 || (node->pkt->pkttype == PKT_USER_ID &&
7004
0
          node->pkt->pkt.user_id->selfsigversion > 3))
7005
0
      {
7006
0
  if ((reason = ask_revocation_reason (0, 1, 4)))
7007
0
    break;
7008
0
  else
7009
0
    goto leave;
7010
0
      }
7011
7012
  /* Too make sure that we do not revoke the last valid UID, we first
7013
     count how many valid UIDs there are.  */
7014
0
  valid_uids = 0;
7015
0
  for (node = pub_keyblock; node; node = node->next)
7016
0
    valid_uids +=
7017
0
      node->pkt->pkttype == PKT_USER_ID
7018
0
      && ! node->pkt->pkt.user_id->flags.revoked
7019
0
      && ! node->pkt->pkt.user_id->flags.expired;
7020
7021
0
 reloop: /* (better this way because we are modifying the keyring) */
7022
0
  for (node = pub_keyblock; node; node = node->next)
7023
0
    if (node->pkt->pkttype == PKT_USER_ID && (node->flag & NODFLG_SELUID))
7024
0
      {
7025
0
        int modified = 0;
7026
7027
        /* Make sure that we do not revoke the last valid UID.  */
7028
0
        if (valid_uids == 1
7029
0
            && ! node->pkt->pkt.user_id->flags.revoked
7030
0
            && ! node->pkt->pkt.user_id->flags.expired)
7031
0
          {
7032
0
            log_error (_("Cannot revoke the last valid user ID.\n"));
7033
0
            goto leave;
7034
0
          }
7035
7036
0
        rc = core_revuid (ctrl, pub_keyblock, node, reason, &modified);
7037
0
        if (rc)
7038
0
          goto leave;
7039
0
        if (modified)
7040
0
          {
7041
0
      node->flag &= ~NODFLG_SELUID;
7042
0
            changed = 1;
7043
0
            goto reloop;
7044
0
          }
7045
0
      }
7046
7047
0
  if (changed)
7048
0
    commit_kbnode (&pub_keyblock);
7049
7050
0
leave:
7051
0
  release_revocation_reason_info (reason);
7052
0
  return changed;
7053
0
}
7054
7055
7056
/*
7057
 * Revoke the whole key.
7058
 */
7059
static int
7060
menu_revkey (ctrl_t ctrl, kbnode_t pub_keyblock)
7061
0
{
7062
0
  PKT_public_key *pk = pub_keyblock->pkt->pkt.public_key;
7063
0
  int rc, changed = 0;
7064
0
  struct revocation_reason_info *reason;
7065
0
  PACKET *pkt;
7066
0
  PKT_signature *sig;
7067
7068
0
  if (pk->flags.revoked)
7069
0
    {
7070
0
      tty_printf (_("Key %s is already revoked.\n"), keystr_from_pk (pk));
7071
0
      return 0;
7072
0
    }
7073
7074
0
  reason = ask_revocation_reason (1, 0, 0);
7075
  /* user decided to cancel */
7076
0
  if (!reason)
7077
0
    return 0;
7078
7079
0
  rc = make_keysig_packet (ctrl, &sig, pk, NULL, NULL, pk,
7080
0
         0x20, 0, 0,
7081
0
         revocation_reason_build_cb, reason, NULL);
7082
0
  if (rc)
7083
0
    {
7084
0
      write_status_error ("keysig", rc);
7085
0
      log_error (_("signing failed: %s\n"), gpg_strerror (rc));
7086
0
      goto scram;
7087
0
    }
7088
7089
0
  changed = 1;      /* we changed the keyblock */
7090
7091
0
  pkt = xmalloc_clear (sizeof *pkt);
7092
0
  pkt->pkttype = PKT_SIGNATURE;
7093
0
  pkt->pkt.signature = sig;
7094
0
  insert_kbnode (pub_keyblock, new_kbnode (pkt), 0);
7095
0
  commit_kbnode (&pub_keyblock);
7096
7097
0
  update_trust = 1;
7098
7099
0
 scram:
7100
0
  release_revocation_reason_info (reason);
7101
0
  return changed;
7102
0
}
7103
7104
7105
static int
7106
menu_revsubkey (ctrl_t ctrl, kbnode_t pub_keyblock)
7107
0
{
7108
0
  PKT_public_key *mainpk;
7109
0
  KBNODE node;
7110
0
  int changed = 0;
7111
0
  int rc;
7112
0
  struct revocation_reason_info *reason = NULL;
7113
7114
0
  reason = ask_revocation_reason (1, 0, 0);
7115
0
  if (!reason)
7116
0
      return 0; /* User decided to cancel.  */
7117
7118
0
 reloop: /* (better this way because we are modifying the keyring) */
7119
0
  mainpk = pub_keyblock->pkt->pkt.public_key;
7120
0
  for (node = pub_keyblock; node; node = node->next)
7121
0
    {
7122
0
      if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY
7123
0
    && (node->flag & NODFLG_SELKEY))
7124
0
  {
7125
0
    PACKET *pkt;
7126
0
    PKT_signature *sig;
7127
0
    PKT_public_key *subpk = node->pkt->pkt.public_key;
7128
0
    struct sign_attrib attrib;
7129
7130
0
    if (subpk->flags.revoked)
7131
0
      {
7132
0
        tty_printf (_("Subkey %s is already revoked.\n"),
7133
0
        keystr_from_pk (subpk));
7134
0
        continue;
7135
0
      }
7136
7137
0
    memset (&attrib, 0, sizeof attrib);
7138
0
    attrib.reason = reason;
7139
7140
0
    node->flag &= ~NODFLG_SELKEY;
7141
0
    rc = make_keysig_packet (ctrl, &sig, mainpk, NULL, subpk, mainpk,
7142
0
           0x28, 0, 0, sign_mk_attrib, &attrib,
7143
0
                                   NULL);
7144
0
    if (rc)
7145
0
      {
7146
0
              write_status_error ("keysig", rc);
7147
0
        log_error (_("signing failed: %s\n"), gpg_strerror (rc));
7148
0
        release_revocation_reason_info (reason);
7149
0
        return changed;
7150
0
      }
7151
0
    changed = 1;    /* we changed the keyblock */
7152
7153
0
    pkt = xmalloc_clear (sizeof *pkt);
7154
0
    pkt->pkttype = PKT_SIGNATURE;
7155
0
    pkt->pkt.signature = sig;
7156
0
    insert_kbnode (node, new_kbnode (pkt), 0);
7157
0
    goto reloop;
7158
0
  }
7159
0
    }
7160
0
  commit_kbnode (&pub_keyblock);
7161
7162
  /* No need to set update_trust here since signing keys no longer
7163
     are used to certify other keys, so there is no change in trust
7164
     when revoking/removing them */
7165
7166
0
  release_revocation_reason_info (reason);
7167
0
  return changed;
7168
0
}
7169
7170
7171
/* Note that update_ownertrust is going to mark the trustdb dirty when
7172
   enabling or disabling a key.  This is arguably sub-optimal as
7173
   disabled keys are still counted in the web of trust, but perhaps
7174
   not worth adding extra complexity to change. -ds */
7175
#ifndef NO_TRUST_MODELS
7176
static int
7177
enable_disable_key (ctrl_t ctrl, kbnode_t keyblock, int disable)
7178
0
{
7179
0
  PKT_public_key *pk =
7180
0
    find_kbnode (keyblock, PKT_PUBLIC_KEY)->pkt->pkt.public_key;
7181
0
  unsigned int trust, newtrust;
7182
7183
0
  trust = newtrust = get_ownertrust (ctrl, pk);
7184
0
  newtrust &= ~TRUST_FLAG_DISABLED;
7185
0
  if (disable)
7186
0
    newtrust |= TRUST_FLAG_DISABLED;
7187
0
  if (trust == newtrust)
7188
0
    return 0;     /* already in that state */
7189
0
  update_ownertrust (ctrl, pk, newtrust);
7190
0
  return 0;
7191
0
}
7192
#endif /*!NO_TRUST_MODELS*/
7193
7194
7195
static void
7196
menu_showphoto (ctrl_t ctrl, kbnode_t keyblock)
7197
0
{
7198
0
  KBNODE node;
7199
0
  int select_all = !count_selected_uids (keyblock);
7200
0
  int count = 0;
7201
0
  PKT_public_key *pk = NULL;
7202
7203
  /* Look for the public key first.  We have to be really, really,
7204
     explicit as to which photo this is, and what key it is a UID on
7205
     since people may want to sign it. */
7206
7207
0
  for (node = keyblock; node; node = node->next)
7208
0
    {
7209
0
      if (node->pkt->pkttype == PKT_PUBLIC_KEY)
7210
0
  pk = node->pkt->pkt.public_key;
7211
0
      else if (node->pkt->pkttype == PKT_USER_ID)
7212
0
  {
7213
0
    PKT_user_id *uid = node->pkt->pkt.user_id;
7214
0
    count++;
7215
7216
0
    if ((select_all || (node->flag & NODFLG_SELUID)) &&
7217
0
        uid->attribs != NULL)
7218
0
      {
7219
0
        int i;
7220
7221
0
        for (i = 0; i < uid->numattribs; i++)
7222
0
    {
7223
0
      byte type;
7224
0
      u32 size;
7225
7226
0
      if (uid->attribs[i].type == ATTRIB_IMAGE &&
7227
0
          parse_image_header (&uid->attribs[i], &type, &size))
7228
0
        {
7229
0
          tty_printf (_("Displaying %s photo ID of size %ld for "
7230
0
            "key %s (uid %d)\n"),
7231
0
          image_type_to_string (type, 1),
7232
0
          (ulong) size, keystr_from_pk (pk), count);
7233
0
          show_photos (ctrl, &uid->attribs[i], 1, pk, uid);
7234
0
        }
7235
0
    }
7236
0
      }
7237
0
  }
7238
0
    }
7239
0
}