1 /* keyedit.c - keyedit stuff
2 * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
3 * 2008, 2009, 2010 Free Software Foundation, Inc.
5 * This file is part of GnuPG.
7 * GnuPG is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 3 of the License, or
10 * (at your option) any later version.
12 * GnuPG is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, see <http://www.gnu.org/licenses/>.
28 #ifdef HAVE_LIBREADLINE
29 #define GNUPG_LIBREADLINE_H_INCLUDED
30 #include <readline/readline.h>
47 #include "keyserver-internal.h"
49 static void show_prefs( PKT_user_id *uid, PKT_signature *selfsig, int verbose);
50 static void show_names(KBNODE keyblock,PKT_public_key *pk,
51 unsigned int flag,int with_prefs);
52 static void show_key_with_all_names( KBNODE keyblock, int only_marked,
53 int with_revoker, int with_fpr, int with_subkeys, int with_prefs );
54 static void show_key_and_fingerprint( KBNODE keyblock );
55 static int menu_adduid( KBNODE keyblock, KBNODE sec_keyblock,
56 int photo, const char *photo_name );
57 static void menu_deluid( KBNODE pub_keyblock, KBNODE sec_keyblock );
58 static int menu_delsig( KBNODE pub_keyblock );
59 static int menu_clean(KBNODE keyblock,int self_only);
60 static void menu_delkey( KBNODE pub_keyblock, KBNODE sec_keyblock );
61 static int menu_addrevoker( KBNODE pub_keyblock,
62 KBNODE sec_keyblock, int sensitive );
63 static int menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock );
64 static int menu_backsign(KBNODE pub_keyblock,KBNODE sec_keyblock);
65 static int menu_set_primary_uid( KBNODE pub_keyblock, KBNODE sec_keyblock );
66 static int menu_set_preferences( KBNODE pub_keyblock, KBNODE sec_keyblock );
67 static int menu_set_keyserver_url (const char *url,
68 KBNODE pub_keyblock, KBNODE sec_keyblock );
69 static int menu_set_notation(const char *string,
70 KBNODE pub_keyblock,KBNODE sec_keyblock);
71 static int menu_select_uid( KBNODE keyblock, int idx );
72 static int menu_select_uid_namehash( KBNODE keyblock, const char *namehash );
73 static int menu_select_key( KBNODE keyblock, int idx );
74 static int count_uids( KBNODE keyblock );
75 static int count_uids_with_flag( KBNODE keyblock, unsigned flag );
76 static int count_keys_with_flag( KBNODE keyblock, unsigned flag );
77 static int count_selected_uids( KBNODE keyblock );
78 static int real_uids_left( KBNODE keyblock );
79 static int count_selected_keys( KBNODE keyblock );
80 static int menu_revsig( KBNODE keyblock );
81 static int menu_revuid( KBNODE keyblock, KBNODE sec_keyblock );
82 static int menu_revkey( KBNODE pub_keyblock, KBNODE sec_keyblock );
83 static int menu_revsubkey( KBNODE pub_keyblock, KBNODE sec_keyblock );
84 static int enable_disable_key( KBNODE keyblock, int disable );
85 static void menu_showphoto( KBNODE keyblock );
87 static int update_trust=0;
89 #define CONTROL_D ('D' - 'A' + 1)
91 #define NODFLG_BADSIG (1<<0) /* bad signature */
92 #define NODFLG_NOKEY (1<<1) /* no public key */
93 #define NODFLG_SIGERR (1<<2) /* other sig error */
95 #define NODFLG_MARK_A (1<<4) /* temporary mark */
96 #define NODFLG_DELSIG (1<<5) /* to be deleted */
98 #define NODFLG_SELUID (1<<8) /* indicate the selected userid */
99 #define NODFLG_SELKEY (1<<9) /* indicate the selected key */
100 #define NODFLG_SELSIG (1<<10) /* indicate a selected signature */
103 int non_exportable,non_revocable;
104 struct revocation_reason_info *reason;
105 byte trust_depth,trust_value;
110 #ifdef ENABLE_CARD_SUPPORT
111 /* Given a node SEC_NODE with a secret key or subkey, locate the
112 corresponding public key from pub_keyblock. */
113 static PKT_public_key *
114 find_pk_from_sknode (KBNODE pub_keyblock, KBNODE sec_node)
116 KBNODE node = pub_keyblock;
120 if (sec_node->pkt->pkttype == PKT_SECRET_KEY
121 && node->pkt->pkttype == PKT_PUBLIC_KEY)
122 return node->pkt->pkt.public_key;
123 if (sec_node->pkt->pkttype != PKT_SECRET_SUBKEY)
125 sk = sec_node->pkt->pkt.secret_key;
126 for (; node; node = node->next)
127 if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
129 pk = node->pkt->pkt.public_key;
130 if (pk->keyid[0] == sk->keyid[0] && pk->keyid[1] == sk->keyid[1])
136 #endif /* ENABLE_CARD_SUPPORT */
139 /* TODO: Fix duplicated code between here and the check-sigs/list-sigs
140 code in keylist.c. */
142 print_and_check_one_sig_colon( KBNODE keyblock, KBNODE node,
143 int *inv_sigs, int *no_key, int *oth_err,
144 int *is_selfsig, int print_without_key )
146 PKT_signature *sig = node->pkt->pkt.signature;
149 /* TODO: Make sure a cached sig record here still has the pk that
150 issued it. See also keylist.c:list_keyblock_print */
152 switch((rc=check_key_signature(keyblock,node,is_selfsig)))
155 node->flag &= ~(NODFLG_BADSIG|NODFLG_NOKEY|NODFLG_SIGERR);
158 case G10ERR_BAD_SIGN:
159 node->flag = NODFLG_BADSIG;
164 case G10ERR_NO_PUBKEY:
165 case G10ERR_UNU_PUBKEY:
166 node->flag = NODFLG_NOKEY;
172 node->flag = NODFLG_SIGERR;
179 if( sigrc != '?' || print_without_key )
181 printf("sig:%c::%d:%08lX%08lX:%lu:%lu:",
182 sigrc,sig->pubkey_algo,(ulong)sig->keyid[0],(ulong)sig->keyid[1],
183 (ulong)sig->timestamp,(ulong)sig->expiredate);
185 if(sig->trust_depth || sig->trust_value)
186 printf("%d %d",sig->trust_depth,sig->trust_value);
190 if(sig->trust_regexp)
191 print_string(stdout,sig->trust_regexp,strlen(sig->trust_regexp),':');
193 printf("::%02x%c\n",sig->sig_class,sig->flags.exportable?'x':'l');
195 if(opt.show_subpackets)
196 print_subpackets_colon(sig);
199 return (sigrc == '!');
204 * Print information about a signature, check it and return true
205 * if the signature is okay. NODE must be a signature packet.
208 print_and_check_one_sig( KBNODE keyblock, KBNODE node,
209 int *inv_sigs, int *no_key, int *oth_err,
210 int *is_selfsig, int print_without_key )
212 PKT_signature *sig = node->pkt->pkt.signature;
214 int is_rev = sig->sig_class == 0x30;
216 /* TODO: Make sure a cached sig record here still has the pk that
217 issued it. See also keylist.c:list_keyblock_print */
219 switch( (rc = check_key_signature( keyblock, node, is_selfsig)) ) {
221 node->flag &= ~(NODFLG_BADSIG|NODFLG_NOKEY|NODFLG_SIGERR);
224 case G10ERR_BAD_SIGN:
225 node->flag = NODFLG_BADSIG;
230 case G10ERR_NO_PUBKEY:
231 case G10ERR_UNU_PUBKEY:
232 node->flag = NODFLG_NOKEY;
238 node->flag = NODFLG_SIGERR;
244 if( sigrc != '?' || print_without_key ) {
245 tty_printf("%s%c%c %c%c%c%c%c%c %s %s",
246 is_rev? "rev":"sig",sigrc,
247 (sig->sig_class-0x10>0 &&
248 sig->sig_class-0x10<4)?'0'+sig->sig_class-0x10:' ',
249 sig->flags.exportable?' ':'L',
250 sig->flags.revocable?' ':'R',
251 sig->flags.policy_url?'P':' ',
252 sig->flags.notation?'N':' ',
253 sig->flags.expired?'X':' ',
254 (sig->trust_depth>9)?'T':
255 (sig->trust_depth>0)?'0'+sig->trust_depth:' ',
256 keystr(sig->keyid),datestr_from_sig(sig));
257 if(opt.list_options&LIST_SHOW_SIG_EXPIRE)
258 tty_printf(" %s",expirestr_from_sig(sig));
261 tty_printf("[%s] ", g10_errstr(rc) );
262 else if( sigrc == '?' )
264 else if( *is_selfsig ) {
265 tty_printf( is_rev? _("[revocation]")
266 : _("[self-signature]") );
271 char *p = get_user_id( sig->keyid, &n );
272 tty_print_utf8_string2(p, n, opt.screen_columns-keystrlen()-26-
273 ((opt.list_options&LIST_SHOW_SIG_EXPIRE)?11:0));
278 if(sig->flags.policy_url && (opt.list_options&LIST_SHOW_POLICY_URLS))
279 show_policy_url(sig,3,0);
281 if(sig->flags.notation && (opt.list_options&LIST_SHOW_NOTATIONS))
282 show_notation(sig,3,0,
283 ((opt.list_options&LIST_SHOW_STD_NOTATIONS)?1:0)+
284 ((opt.list_options&LIST_SHOW_USER_NOTATIONS)?2:0));
286 if(sig->flags.pref_ks && (opt.list_options&LIST_SHOW_KEYSERVER_URLS))
287 show_keyserver_url(sig,3,0);
290 return (sigrc == '!');
296 * Check the keysigs and set the flags to indicate errors.
297 * Returns true if error found.
300 check_all_keysigs( KBNODE keyblock, int only_selected )
309 int selected = !only_selected;
312 for( kbctx=NULL; (node=walk_kbnode( keyblock, &kbctx, 0)) ; ) {
313 if( node->pkt->pkttype == PKT_USER_ID ) {
314 PKT_user_id *uid = node->pkt->pkt.user_id;
317 selected = (node->flag & NODFLG_SELUID);
320 tty_print_utf8_string( uid->name, uid->len );
322 if( anyuid && !has_selfsig )
328 else if( selected && node->pkt->pkttype == PKT_SIGNATURE
329 && ( (node->pkt->pkt.signature->sig_class&~3) == 0x10
330 || node->pkt->pkt.signature->sig_class == 0x30 ) ) {
333 if( print_and_check_one_sig( keyblock, node, &inv_sigs,
334 &no_key, &oth_err, &selfsig, 0 ) ) {
338 /* Hmmm: should we update the trustdb here? */
344 tty_printf(_("1 bad signature\n") );
346 tty_printf(_("%d bad signatures\n"), inv_sigs );
348 tty_printf(_("1 signature not checked due to a missing key\n") );
350 tty_printf(_("%d signatures not checked due to missing keys\n"), no_key );
352 tty_printf(_("1 signature not checked due to an error\n") );
354 tty_printf(_("%d signatures not checked due to errors\n"), oth_err );
355 if( mis_selfsig == 1 )
356 tty_printf(_("1 user ID without valid self-signature detected\n"));
357 else if( mis_selfsig )
358 tty_printf(_("%d user IDs without valid self-signatures detected\n"),
361 return inv_sigs || no_key || oth_err || mis_selfsig;
366 sign_mk_attrib( PKT_signature *sig, void *opaque )
368 struct sign_attrib *attrib = opaque;
371 if( attrib->non_exportable ) {
372 buf[0] = 0; /* not exportable */
373 build_sig_subpkt( sig, SIGSUBPKT_EXPORTABLE, buf, 1 );
376 if( attrib->non_revocable ) {
377 buf[0] = 0; /* not revocable */
378 build_sig_subpkt( sig, SIGSUBPKT_REVOCABLE, buf, 1 );
382 revocation_reason_build_cb( sig, attrib->reason );
384 if(attrib->trust_depth)
386 /* Not critical. If someone doesn't understand trust sigs,
387 this can still be a valid regular signature. */
388 buf[0] = attrib->trust_depth;
389 buf[1] = attrib->trust_value;
390 build_sig_subpkt(sig,SIGSUBPKT_TRUST,buf,2);
392 /* Critical. If someone doesn't understands regexps, this
393 whole sig should be invalid. Note the +1 for the length -
394 regexps are null terminated. */
395 if(attrib->trust_regexp)
396 build_sig_subpkt(sig,SIGSUBPKT_FLAG_CRITICAL|SIGSUBPKT_REGEXP,
397 attrib->trust_regexp,
398 strlen(attrib->trust_regexp)+1);
405 trustsig_prompt(byte *trust_value,byte *trust_depth,char **regexp)
413 /* Same string as pkclist.c:do_edit_ownertrust */
414 tty_printf(_("Please decide how far you trust this user to correctly verify"
415 " other users' keys\n(by looking at passports, checking"
416 " fingerprints from different sources, etc.)\n"));
418 tty_printf (_(" %d = I trust marginally\n"), 1);
419 tty_printf (_(" %d = I trust fully\n"), 2);
422 while(*trust_value==0)
424 p = cpr_get("trustsig_prompt.trust_value",_("Your selection? "));
427 /* 60 and 120 are as per RFC2440 */
428 if(p[0]=='1' && !p[1])
430 else if(p[0]=='2' && !p[1])
438 "Please enter the depth of this trust signature.\n"
439 "A depth greater than 1 allows the key you are signing to make\n"
440 "trust signatures on your behalf.\n"));
443 while(*trust_depth==0)
445 p = cpr_get("trustsig_prompt.trust_depth",_("Your selection? "));
448 *trust_depth=atoi(p);
454 tty_printf(_("Please enter a domain to restrict this signature, "
455 "or enter for none.\n"));
459 p=cpr_get("trustsig_prompt.trust_regexp",_("Your selection? "));
466 int regexplen=100,ind;
468 *regexp=xmalloc(regexplen);
470 /* Now mangle the domain the user entered into a regexp. To do
471 this, \-escape everything that isn't alphanumeric, and attach
472 "<[^>]+[@.]" to the front, and ">$" to the end. */
474 strcpy(*regexp,"<[^>]+[@.]");
479 if(!((*q>='A' && *q<='Z')
480 || (*q>='a' && *q<='z') || (*q>='0' && *q<='9')))
481 (*regexp)[ind++]='\\';
485 if((regexplen-ind)<3)
488 *regexp=xrealloc(*regexp,regexplen);
495 strcat(*regexp,">$");
503 * Loop over all locusr and and sign the uids after asking.
504 * If no user id is marked, all user ids will be signed;
505 * if some user_ids are marked those will be signed.
508 sign_uids( KBNODE keyblock, strlist_t locusr, int *ret_modified,
509 int local, int nonrevocable, int trust, int interactive )
512 SK_LIST sk_list = NULL;
513 SK_LIST sk_rover = NULL;
514 PKT_secret_key *sk = NULL;
515 KBNODE node, uidnode;
516 PKT_public_key *primary_pk=NULL;
517 int select_all = !count_selected_uids(keyblock) || interactive;
520 /* Are there any non-v3 sigs on this key already? */
522 for(node=keyblock;node;node=node->next)
523 if(node->pkt->pkttype==PKT_SIGNATURE &&
524 node->pkt->pkt.signature->version>3)
530 /* build a list of all signators.
532 * We use the CERT flag to request the primary which must always
533 * be one which is capable of signing keys. I can't see a reason
534 * why to sign keys using a subkey. Implementation of USAGE_CERT
535 * is just a hack in getkey.c and does not mean that a subkey
536 * marked as certification capable will be used. */
537 rc=build_sk_list( locusr, &sk_list, 0, PUBKEY_USAGE_CERT);
541 /* loop over all signators */
542 for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
543 u32 sk_keyid[2],pk_keyid[2];
544 char *p,*trust_regexp=NULL;
545 int force_v4=0,class=0,selfsig=0;
546 u32 duration=0,timestamp=0;
547 byte trust_depth=0,trust_value=0;
549 if(local || nonrevocable || trust ||
550 opt.cert_policy_url || opt.cert_notations)
553 /* we have to use a copy of the sk, because make_keysig_packet
554 * may remove the protection from sk and if we did other
555 * changes to the secret key, we would save the unprotected
559 sk = copy_secret_key( NULL, sk_rover->sk );
560 keyid_from_sk( sk, sk_keyid );
561 /* set mark A for all selected user ids */
562 for( node=keyblock; node; node = node->next ) {
563 if( select_all || (node->flag & NODFLG_SELUID) )
564 node->flag |= NODFLG_MARK_A;
566 node->flag &= ~NODFLG_MARK_A;
568 /* reset mark for uids which are already signed */
570 for( node=keyblock; node; node = node->next ) {
571 if( node->pkt->pkttype == PKT_PUBLIC_KEY ) {
572 primary_pk=node->pkt->pkt.public_key;
573 keyid_from_pk( primary_pk, pk_keyid );
575 /* Is this a self-sig? */
576 if(pk_keyid[0]==sk_keyid[0] && pk_keyid[1]==sk_keyid[1])
579 /* Do not force a v4 sig here, otherwise it would
580 be difficult to remake a v3 selfsig. If this
581 is a v3->v4 promotion case, then we set
582 force_v4 later anyway. */
586 else if( node->pkt->pkttype == PKT_USER_ID )
588 uidnode = (node->flag & NODFLG_MARK_A)? node : NULL;
592 char *user=utf8_to_native(uidnode->pkt->pkt.user_id->name,
593 uidnode->pkt->pkt.user_id->len,
596 if(uidnode->pkt->pkt.user_id->is_revoked)
598 tty_printf(_("User ID \"%s\" is revoked."),user);
605 /* No, so remove the mark and continue */
606 if(!cpr_get_answer_is_yes("sign_uid.revoke_okay",
607 _("Are you sure you "
608 "still want to sign "
611 uidnode->flag &= ~NODFLG_MARK_A;
619 uidnode->flag &= ~NODFLG_MARK_A;
621 tty_printf(_(" Unable to sign.\n"));
624 else if(uidnode->pkt->pkt.user_id->is_expired)
626 tty_printf(_("User ID \"%s\" is expired."),user);
633 /* No, so remove the mark and continue */
634 if(!cpr_get_answer_is_yes("sign_uid.expire_okay",
635 _("Are you sure you "
636 "still want to sign "
639 uidnode->flag &= ~NODFLG_MARK_A;
647 uidnode->flag &= ~NODFLG_MARK_A;
649 tty_printf(_(" Unable to sign.\n"));
652 else if(!uidnode->pkt->pkt.user_id->created && !selfsig)
654 tty_printf(_("User ID \"%s\" is not self-signed."),
660 /* No, so remove the mark and continue */
661 if(!cpr_get_answer_is_yes("sign_uid.nosig_okay",
662 _("Are you sure you "
663 "still want to sign "
666 uidnode->flag &= ~NODFLG_MARK_A;
674 uidnode->flag &= ~NODFLG_MARK_A;
676 tty_printf(_(" Unable to sign.\n"));
680 if(uidnode && interactive && !yesreally)
682 tty_printf(_("User ID \"%s\" is signable. "),user);
683 if(!cpr_get_answer_is_yes("sign_uid.sign_okay",
684 _("Sign it? (y/N) ")))
686 uidnode->flag &= ~NODFLG_MARK_A;
694 else if( uidnode && node->pkt->pkttype == PKT_SIGNATURE
695 && (node->pkt->pkt.signature->sig_class&~3) == 0x10 ) {
696 if( sk_keyid[0] == node->pkt->pkt.signature->keyid[0]
697 && sk_keyid[1] == node->pkt->pkt.signature->keyid[1] ) {
699 char *user=utf8_to_native(uidnode->pkt->pkt.user_id->name,
700 uidnode->pkt->pkt.user_id->len,
703 /* It's a v3 self-sig. Make it into a v4 self-sig? */
704 if(node->pkt->pkt.signature->version<4 && selfsig)
706 tty_printf(_("The self-signature on \"%s\"\n"
707 "is a PGP 2.x-style signature.\n"),user);
709 /* Note that the regular PGP2 warning below
710 still applies if there are no v4 sigs on
714 if(cpr_get_answer_is_yes("sign_uid.v4_promote_okay",
715 _("Do you want to promote "
716 "it to an OpenPGP self-"
717 "signature? (y/N) ")))
720 node->flag|=NODFLG_DELSIG;
726 /* Is the current signature expired? */
727 if(node->pkt->pkt.signature->flags.expired)
729 tty_printf(_("Your current signature on \"%s\"\n"
730 "has expired.\n"),user);
732 if(cpr_get_answer_is_yes("sign_uid.replace_expired_okay",
733 _("Do you want to issue a "
734 "new signature to replace "
735 "the expired one? (y/N) ")))
737 /* Mark these for later deletion. We
738 don't want to delete them here, just in
739 case the replacement signature doesn't
740 happen for some reason. We only delete
741 these after the replacement is already
744 node->flag|=NODFLG_DELSIG;
750 if(!node->pkt->pkt.signature->flags.exportable && !local)
752 /* It's a local sig, and we want to make a
754 tty_printf(_("Your current signature on \"%s\"\n"
755 "is a local signature.\n"),user);
757 if(cpr_get_answer_is_yes("sign_uid.local_promote_okay",
758 _("Do you want to promote "
759 "it to a full exportable "
760 "signature? (y/N) ")))
762 /* Mark these for later deletion. We
763 don't want to delete them here, just in
764 case the replacement signature doesn't
765 happen for some reason. We only delete
766 these after the replacement is already
769 node->flag|=NODFLG_DELSIG;
775 /* Fixme: see whether there is a revocation in which
776 * case we should allow to sign it again. */
777 if (!node->pkt->pkt.signature->flags.exportable && local)
779 "\"%s\" was already locally signed by key %s\n"),
780 user,keystr_from_sk(sk));
782 tty_printf(_("\"%s\" was already signed by key %s\n"),
783 user,keystr_from_sk(sk));
786 && cpr_get_answer_is_yes("sign_uid.dupe_okay",
787 _("Do you want to sign it "
788 "again anyway? (y/N) ")))
790 /* Don't delete the old sig here since this is
791 an --expert thing. */
796 sprintf (buf, "%08lX%08lX",
797 (ulong)sk->keyid[0], (ulong)sk->keyid[1] );
798 write_status_text (STATUS_ALREADY_SIGNED, buf);
799 uidnode->flag &= ~NODFLG_MARK_A; /* remove mark */
806 /* check whether any uids are left for signing */
807 if( !count_uids_with_flag(keyblock, NODFLG_MARK_A) )
809 tty_printf(_("Nothing to sign with key %s\n"),keystr_from_sk(sk));
813 /* Ask whether we really should sign these user id(s) */
815 show_key_with_all_names( keyblock, 1, 0, 1, 0, 0 );
818 if(primary_pk->expiredate && !selfsig)
820 u32 now=make_timestamp();
822 if(primary_pk->expiredate<=now)
824 tty_printf(_("This key has expired!"));
829 if(!cpr_get_answer_is_yes("sign_uid.expired_okay",
830 _("Are you sure you still "
831 "want to sign it? (y/N) ")))
836 tty_printf(_(" Unable to sign.\n"));
842 tty_printf(_("This key is due to expire on %s.\n"),
843 expirestr_from_pk(primary_pk));
845 if(opt.ask_cert_expire)
847 char *answer=cpr_get("sign_uid.expire",
848 _("Do you want your signature to "
849 "expire at the same time? (Y/n) "));
850 if(answer_is_yes_no_default(answer,1))
852 /* This fixes the signature timestamp we're
853 going to make as now. This is so the
854 expiration date is exactly correct, and not
855 a few seconds off (due to the time it takes
856 to answer the questions, enter the
859 duration=primary_pk->expiredate-now;
869 /* Only ask for duration if we haven't already set it to match
870 the expiration of the pk */
871 if(!duration && !selfsig)
873 if(opt.ask_cert_expire)
874 duration=ask_expire_interval(1,opt.def_cert_expire);
876 duration=parse_expire_string(opt.def_cert_expire);
882 /* Is --pgp2 on, it's a v3 key, all the sigs on the key are
883 currently v3 and we're about to sign it with a v4 sig? If
886 (sk->version>3 || force_v4) && primary_pk->version<=3)
888 tty_printf(_("You may not make an OpenPGP signature on a "
889 "PGP 2.x key while in --pgp2 mode.\n"));
890 tty_printf(_("This would make the key unusable in PGP 2.x.\n"));
894 if(!cpr_get_answer_is_yes("sign_uid.v4_on_v3_okay",
895 _("Are you sure you still "
896 "want to sign it? (y/N) ")))
909 if(opt.batch || !opt.ask_cert_level)
910 class=0x10+opt.def_cert_level;
915 tty_printf(_("How carefully have you verified the key you are "
916 "about to sign actually belongs\nto the person "
917 "named above? If you don't know what to "
918 "answer, enter \"0\".\n"));
920 tty_printf(_(" (0) I will not answer.%s\n"),
921 opt.def_cert_level==0?" (default)":"");
922 tty_printf(_(" (1) I have not checked at all.%s\n"),
923 opt.def_cert_level==1?" (default)":"");
924 tty_printf(_(" (2) I have done casual checking.%s\n"),
925 opt.def_cert_level==2?" (default)":"");
926 tty_printf(_(" (3) I have done very careful checking.%s\n"),
927 opt.def_cert_level==3?" (default)":"");
932 answer = cpr_get("sign_uid.class",_("Your selection? "
933 "(enter `?' for more information): "));
935 class=0x10+opt.def_cert_level; /* Default */
936 else if(ascii_strcasecmp(answer,"0")==0)
937 class=0x10; /* Generic */
938 else if(ascii_strcasecmp(answer,"1")==0)
939 class=0x11; /* Persona */
940 else if(ascii_strcasecmp(answer,"2")==0)
941 class=0x12; /* Casual */
942 else if(ascii_strcasecmp(answer,"3")==0)
943 class=0x13; /* Positive */
945 tty_printf(_("Invalid selection.\n"));
952 trustsig_prompt(&trust_value,&trust_depth,&trust_regexp);
955 p=get_user_id_native(sk_keyid);
956 tty_printf(_("Are you sure that you want to sign this key with your\n"
957 "key \"%s\" (%s)\n"),p,keystr_from_sk(sk));
963 tty_printf(_("This will be a self-signature.\n"));
969 _("WARNING: the signature will not be marked "
970 "as non-exportable.\n"));
977 _("WARNING: the signature will not be marked "
978 "as non-revocable.\n"));
987 _("The signature will be marked as non-exportable.\n"));
994 _("The signature will be marked as non-revocable.\n"));
1001 tty_printf(_("I have not checked this key at all.\n"));
1006 tty_printf(_("I have checked this key casually.\n"));
1011 tty_printf(_("I have checked this key very carefully.\n"));
1018 if( opt.batch && opt.answer_yes )
1020 else if( !cpr_get_answer_is_yes("sign_uid.okay",
1021 _("Really sign? (y/N) ")) )
1024 /* now we can sign the user ids */
1025 reloop: /* (must use this, because we are modifing the list) */
1027 for( node=keyblock; node; node = node->next ) {
1028 if( node->pkt->pkttype == PKT_PUBLIC_KEY )
1029 primary_pk = node->pkt->pkt.public_key;
1030 else if( node->pkt->pkttype == PKT_USER_ID
1031 && (node->flag & NODFLG_MARK_A) ) {
1034 struct sign_attrib attrib;
1036 assert( primary_pk );
1037 memset( &attrib, 0, sizeof attrib );
1038 attrib.non_exportable = local;
1039 attrib.non_revocable = nonrevocable;
1040 attrib.trust_depth = trust_depth;
1041 attrib.trust_value = trust_value;
1042 attrib.trust_regexp = trust_regexp;
1043 node->flag &= ~NODFLG_MARK_A;
1045 /* we force creation of a v4 signature for local
1046 * signatures, otherwise we would not generate the
1047 * subpacket with v3 keys and the signature becomes
1051 rc = make_keysig_packet( &sig, primary_pk,
1052 node->pkt->pkt.user_id,
1055 0x13, 0, force_v4?4:0, 0, 0,
1056 keygen_add_std_prefs, primary_pk);
1058 rc = make_keysig_packet( &sig, primary_pk,
1059 node->pkt->pkt.user_id,
1062 class, 0, force_v4?4:0,
1063 timestamp, duration,
1064 sign_mk_attrib, &attrib );
1066 log_error(_("signing failed: %s\n"), g10_errstr(rc));
1070 *ret_modified = 1; /* we changed the keyblock */
1073 pkt = xmalloc_clear( sizeof *pkt );
1074 pkt->pkttype = PKT_SIGNATURE;
1075 pkt->pkt.signature = sig;
1076 insert_kbnode( node, new_kbnode(pkt), PKT_SIGNATURE );
1081 /* Delete any sigs that got promoted */
1082 for( node=keyblock; node; node = node->next )
1083 if( node->flag & NODFLG_DELSIG)
1084 delete_kbnode(node);
1085 } /* end loop over signators */
1088 release_sk_list( sk_list );
1090 free_secret_key(sk);
1097 * Change the passphrase of the primary and all secondary keys.
1098 * We use only one passphrase for all keys.
1101 change_passphrase (KBNODE keyblock, int *r_err)
1107 char *passphrase = NULL;
1108 int no_primary_secrets = 0;
1111 node = find_kbnode( keyblock, PKT_SECRET_KEY );
1113 log_error("Oops; secret key not found anymore!\n");
1116 sk = node->pkt->pkt.secret_key;
1118 for (any = 0, node=keyblock; node; node = node->next) {
1119 if (node->pkt->pkttype == PKT_SECRET_KEY
1120 || node->pkt->pkttype == PKT_SECRET_SUBKEY) {
1121 PKT_secret_key *tmpsk = node->pkt->pkt.secret_key;
1122 if (!(tmpsk->is_protected
1123 && (tmpsk->protect.s2k.mode == 1001
1124 || tmpsk->protect.s2k.mode == 1002))) {
1131 tty_printf (_("Key has only stub or on-card key items - "
1132 "no passphrase to change.\n"));
1136 /* See how to handle this key. */
1137 switch( is_secret_key_protected( sk ) ) {
1139 rc = G10ERR_PUBKEY_ALGO;
1142 tty_printf(_("This key is not protected.\n"));
1145 if( sk->protect.s2k.mode == 1001 ) {
1146 tty_printf(_("Secret parts of primary key are not available.\n"));
1147 no_primary_secrets = 1;
1149 else if( sk->protect.s2k.mode == 1002 ) {
1150 tty_printf(_("Secret parts of primary key are stored on-card.\n"));
1151 no_primary_secrets = 1;
1156 tty_printf(_("Key is protected.\n"));
1158 /* Clear the passphrase cache so that the user is required
1159 to enter the old passphrase. */
1160 keyid_from_sk (sk, keyid);
1161 passphrase_clear_cache (keyid, NULL, 0);
1163 rc = check_secret_key( sk, 0 );
1165 passphrase = get_last_passphrase();
1170 /* Unprotect all subkeys (use the supplied passphrase or ask)*/
1171 for(node=keyblock; !rc && node; node = node->next ) {
1172 if( node->pkt->pkttype == PKT_SECRET_SUBKEY ) {
1173 PKT_secret_key *subsk = node->pkt->pkt.secret_key;
1174 if ( !(subsk->is_protected
1175 && (subsk->protect.s2k.mode == 1001
1176 || subsk->protect.s2k.mode == 1002))) {
1177 set_next_passphrase( passphrase );
1178 rc = check_secret_key( subsk, 0 );
1179 if( !rc && !passphrase )
1180 passphrase = get_last_passphrase();
1186 tty_printf(_("Can't edit this key: %s\n"), g10_errstr(rc));
1189 STRING2KEY *s2k = xmalloc_secure( sizeof *s2k );
1190 const char *errtext = NULL;
1192 tty_printf(_("Enter the new passphrase for this secret key.\n\n") );
1194 set_next_passphrase( NULL );
1198 s2k->mode = opt.s2k_mode;
1199 s2k->hash_algo = S2K_DIGEST_ALGO;
1200 dek = passphrase_to_dek( NULL, 0, opt.s2k_cipher_algo,
1201 s2k, 2, errtext, &canceled);
1202 if (!dek && canceled) {
1203 rc = GPG_ERR_CANCELED;
1207 errtext = N_("passphrase not correctly repeated; try again");
1208 tty_printf ("%s.\n", _(errtext));
1210 else if( !dek->keylen ) {
1212 tty_printf(_( "You don't want a passphrase -"
1213 " this is probably a *bad* idea!\n\n"));
1214 if( cpr_get_answer_is_yes("change_passwd.empty.okay",
1215 _("Do you really want to do this? (y/N) ")))
1223 if( !no_primary_secrets ) {
1224 sk->protect.algo = dek->algo;
1225 sk->protect.s2k = *s2k;
1226 rc = protect_secret_key( sk, dek );
1228 for(node=keyblock; !rc && node; node = node->next ) {
1229 if( node->pkt->pkttype == PKT_SECRET_SUBKEY ) {
1230 PKT_secret_key *subsk = node->pkt->pkt.secret_key;
1231 if ( !(subsk->is_protected
1232 && (subsk->protect.s2k.mode == 1001
1233 || subsk->protect.s2k.mode == 1002))) {
1234 subsk->protect.algo = dek->algo;
1235 subsk->protect.s2k = *s2k;
1236 rc = protect_secret_key( subsk, dek );
1241 log_error("protect_secret_key failed: %s\n",
1247 /* Clear the cahce again so that the user is
1248 required to enter the new passphrase at the
1250 keyid_from_sk (sk, keyid);
1251 passphrase_clear_cache (keyid, NULL, 0);
1263 xfree( passphrase );
1264 set_next_passphrase( NULL );
1267 return changed && !rc;
1272 * There are some keys out (due to a bug in gnupg), where the sequence
1273 * of the packets is wrong. This function fixes that.
1274 * Returns: true if the keyblock has been fixed.
1276 * Note: This function does not work if there is more than one user ID.
1279 fix_keyblock( KBNODE keyblock )
1281 KBNODE node, last, subkey;
1284 /* locate key signatures of class 0x10..0x13 behind sub key packets */
1285 for( subkey=last=NULL, node = keyblock; node;
1286 last=node, node = node->next ) {
1287 switch( node->pkt->pkttype ) {
1288 case PKT_PUBLIC_SUBKEY:
1289 case PKT_SECRET_SUBKEY:
1291 subkey = last; /* actually it is the one before the subkey */
1295 PKT_signature *sig = node->pkt->pkt.signature;
1296 if( sig->sig_class >= 0x10 && sig->sig_class <= 0x13 ) {
1298 "moving a key signature to the correct place\n"));
1299 last->next = node->next;
1300 node->next = subkey->next;
1301 subkey->next = node;
1315 parse_sign_type(const char *str,int *localsig,int *nonrevokesig,int *trustsig)
1321 if(ascii_strncasecmp(p,"l",1)==0)
1326 else if(ascii_strncasecmp(p,"nr",2)==0)
1331 else if(ascii_strncasecmp(p,"t",1)==0)
1345 * Menu driven key editor. If seckey_check is true, then a secret key
1346 * that matches username will be looked for. If it is false, not all
1347 * commands will be available.
1349 * Note: to keep track of some selection we use node->mark MARKBIT_xxxx.
1352 /* Need an SK for this command */
1353 #define KEYEDIT_NEED_SK 1
1354 /* Cannot be viewing the SK for this command */
1355 #define KEYEDIT_NOT_SK 2
1356 /* Must be viewing the SK for this command */
1357 #define KEYEDIT_ONLY_SK 4
1358 /* Match the tail of the string */
1359 #define KEYEDIT_TAIL_MATCH 8
1364 cmdQUIT, cmdHELP, cmdFPR, cmdLIST, cmdSELUID, cmdCHECK, cmdSIGN,
1365 cmdREVSIG, cmdREVKEY, cmdREVUID, cmdDELSIG, cmdPRIMARY, cmdDEBUG,
1366 cmdSAVE, cmdADDUID, cmdADDPHOTO, cmdDELUID, cmdADDKEY, cmdDELKEY,
1367 cmdADDREVOKER, cmdTOGGLE, cmdSELKEY, cmdPASSWD, cmdTRUST, cmdPREF,
1368 cmdEXPIRE, cmdBACKSIGN, cmdENABLEKEY, cmdDISABLEKEY, cmdSHOWPREF,
1369 cmdSETPREF, cmdPREFKS, cmdNOTATION, cmdINVCMD, cmdSHOWPHOTO, cmdUPDTRUST,
1370 cmdCHKTRUST, cmdADDCARDKEY, cmdKEYTOCARD, cmdBKUPTOCARD, cmdCLEAN,
1382 { "quit" , cmdQUIT , 0, N_("quit this menu") },
1383 { "q" , cmdQUIT , 0, NULL },
1384 { "save" , cmdSAVE , 0, N_("save and quit") },
1385 { "help" , cmdHELP , 0, N_("show this help") },
1386 { "?" , cmdHELP , 0, NULL },
1387 { "fpr" , cmdFPR , 0, N_("show key fingerprint") },
1388 { "list" , cmdLIST , 0, N_("list key and user IDs") },
1389 { "l" , cmdLIST , 0, NULL },
1390 { "uid" , cmdSELUID , 0, N_("select user ID N") },
1391 { "key" , cmdSELKEY , 0, N_("select subkey N") },
1392 { "check" , cmdCHECK , 0, N_("check signatures") },
1393 { "c" , cmdCHECK , 0, NULL },
1394 { "cross-certify", cmdBACKSIGN , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK, NULL },
1395 { "backsign", cmdBACKSIGN , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK, NULL },
1396 { "sign" , cmdSIGN , KEYEDIT_NOT_SK|KEYEDIT_TAIL_MATCH,
1397 N_("sign selected user IDs [* see below for related commands]") },
1398 { "s" , cmdSIGN , KEYEDIT_NOT_SK, NULL },
1399 /* "lsign" and friends will never match since "sign" comes first
1400 and it is a tail match. They are just here so they show up in
1402 { "lsign" , cmdNOP , 0, N_("sign selected user IDs locally") },
1403 { "tsign" , cmdNOP , 0,
1404 N_("sign selected user IDs with a trust signature") },
1405 { "nrsign" , cmdNOP , 0,
1406 N_("sign selected user IDs with a non-revocable signature") },
1408 { "debug" , cmdDEBUG , 0, NULL },
1409 { "adduid" , cmdADDUID , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1410 N_("add a user ID") },
1411 { "addphoto", cmdADDPHOTO , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1412 N_("add a photo ID") },
1413 { "deluid" , cmdDELUID , KEYEDIT_NOT_SK,
1414 N_("delete selected user IDs") },
1415 /* delphoto is really deluid in disguise */
1416 { "delphoto", cmdDELUID , KEYEDIT_NOT_SK, NULL },
1418 { "addkey" , cmdADDKEY , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1419 N_("add a subkey") },
1421 #ifdef ENABLE_CARD_SUPPORT
1422 { "addcardkey", cmdADDCARDKEY , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1423 N_("add a key to a smartcard") },
1424 { "keytocard", cmdKEYTOCARD , KEYEDIT_NEED_SK|KEYEDIT_ONLY_SK,
1425 N_("move a key to a smartcard")},
1426 { "bkuptocard", cmdBKUPTOCARD , KEYEDIT_NEED_SK|KEYEDIT_ONLY_SK,
1427 N_("move a backup key to a smartcard")},
1428 #endif /*ENABLE_CARD_SUPPORT*/
1430 { "delkey" , cmdDELKEY , KEYEDIT_NOT_SK,
1431 N_("delete selected subkeys") },
1432 { "addrevoker",cmdADDREVOKER,KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1433 N_("add a revocation key") },
1434 { "delsig" , cmdDELSIG , KEYEDIT_NOT_SK,
1435 N_("delete signatures from the selected user IDs") },
1436 { "expire" , cmdEXPIRE , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1437 N_("change the expiration date for the key or selected subkeys") },
1438 { "primary" , cmdPRIMARY , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1439 N_("flag the selected user ID as primary")},
1440 { "toggle" , cmdTOGGLE , KEYEDIT_NEED_SK,
1441 N_("toggle between the secret and public key listings") },
1442 { "t" , cmdTOGGLE , KEYEDIT_NEED_SK, NULL },
1443 { "pref" , cmdPREF , KEYEDIT_NOT_SK,
1444 N_("list preferences (expert)")},
1445 { "showpref", cmdSHOWPREF , KEYEDIT_NOT_SK,
1446 N_("list preferences (verbose)") },
1447 { "setpref" , cmdSETPREF , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1448 N_("set preference list for the selected user IDs") },
1450 { "updpref" , cmdSETPREF , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK, NULL },
1452 { "keyserver",cmdPREFKS , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1453 N_("set the preferred keyserver URL for the selected user IDs")},
1454 { "notation", cmdNOTATION , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1455 N_("set a notation for the selected user IDs")},
1456 { "passwd" , cmdPASSWD , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1457 N_("change the passphrase") },
1459 { "password", cmdPASSWD , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK, NULL },
1461 { "trust" , cmdTRUST , KEYEDIT_NOT_SK, N_("change the ownertrust") },
1462 { "revsig" , cmdREVSIG , KEYEDIT_NOT_SK,
1463 N_("revoke signatures on the selected user IDs") },
1464 { "revuid" , cmdREVUID , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1465 N_("revoke selected user IDs") },
1467 { "revphoto", cmdREVUID , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK, NULL },
1469 { "revkey" , cmdREVKEY , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1470 N_("revoke key or selected subkeys") },
1471 { "enable" , cmdENABLEKEY , KEYEDIT_NOT_SK, N_("enable key") },
1472 { "disable" , cmdDISABLEKEY, KEYEDIT_NOT_SK, N_("disable key") },
1473 { "showphoto",cmdSHOWPHOTO , 0, N_("show selected photo IDs") },
1474 { "clean", cmdCLEAN , KEYEDIT_NOT_SK,
1475 N_("compact unusable user IDs and remove unusable signatures from key")},
1476 { "minimize", cmdMINIMIZE , KEYEDIT_NOT_SK,
1477 N_("compact unusable user IDs and remove all signatures from key") },
1478 { NULL, cmdNONE, 0, NULL }
1481 #ifdef HAVE_LIBREADLINE
1483 /* These two functions are used by readline for command completion. */
1486 command_generator(const char *text,int state)
1488 static int list_index,len;
1491 /* If this is a new word to complete, initialize now. This includes
1492 saving the length of TEXT for efficiency, and initializing the
1493 index variable to 0. */
1500 /* Return the next partial match */
1501 while((name=cmds[list_index].name))
1503 /* Only complete commands that have help text */
1504 if(cmds[list_index++].desc && strncmp(name,text,len)==0)
1505 return strdup(name);
1512 keyedit_completion(const char *text, int start, int end)
1514 /* If we are at the start of a line, we try and command-complete.
1515 If not, just do nothing for now. */
1520 return rl_completion_matches(text,command_generator);
1522 rl_attempted_completion_over=1;
1526 #endif /* HAVE_LIBREADLINE */
1530 keyedit_menu( const char *username, strlist_t locusr,
1531 strlist_t commands, int quiet, int seckey_check )
1533 enum cmdids cmd = 0;
1535 KBNODE keyblock = NULL;
1536 KEYDB_HANDLE kdbhd = NULL;
1537 KBNODE sec_keyblock = NULL;
1538 KEYDB_HANDLE sec_kdbhd = NULL;
1539 KBNODE cur_keyblock;
1540 char *answer = NULL;
1543 int sec_modified = 0;
1545 int have_commands = !!commands;
1547 if ( opt.command_fd != -1 )
1549 else if( opt.batch && !have_commands )
1551 log_error(_("can't do this in batch mode\n"));
1555 #ifdef HAVE_W32_SYSTEM
1556 /* Due to Windows peculiarities we need to make sure that the
1557 trustdb stale check is done before we open another file
1558 (i.e. by searching for a key). In theory we could make sure
1559 that the files are closed after use but the open/close caches
1560 inhibits that and flushing the cache right before the stale
1561 check is not easy to implement. Thus we take the easy way out
1562 and run the stale check as early as possible. Note, that for
1563 non- W32 platforms it is run indirectly trough a call to
1565 check_trustdb_stale ();
1568 /* Get the public key */
1569 rc = get_pubkey_byname (NULL, NULL, username, &keyblock, &kdbhd, 1, 1);
1572 log_error (_("key \"%s\" not found: %s\n"), username, g10_errstr (rc));
1576 if( fix_keyblock( keyblock ) )
1578 if( collapse_uids( &keyblock ) )
1580 reorder_keyblock(keyblock);
1581 /* We modified the keyblock, so let's make sure the flags are
1584 merge_keys_and_selfsig (keyblock);
1587 {/* see whether we have a matching secret key */
1588 PKT_public_key *pk = keyblock->pkt->pkt.public_key;
1590 sec_kdbhd = keydb_new (1);
1592 byte afp[MAX_FINGERPRINT_LEN];
1595 fingerprint_from_pk (pk, afp, &an);
1596 while (an < MAX_FINGERPRINT_LEN)
1598 rc = keydb_search_fpr (sec_kdbhd, afp);
1602 rc = keydb_get_keyblock (sec_kdbhd, &sec_keyblock);
1605 log_error (_("error reading secret keyblock \"%s\": %s\n"),
1606 username, g10_errstr(rc));
1610 merge_keys_and_selfsig( sec_keyblock );
1611 if( fix_keyblock( sec_keyblock ) )
1617 sec_keyblock = NULL;
1618 keydb_release (sec_kdbhd); sec_kdbhd = NULL;
1622 if( sec_keyblock && !quiet )
1623 tty_printf(_("Secret key is available.\n"));
1627 cur_keyblock = keyblock;
1628 for(;;) { /* main loop */
1629 int i, arg_number, photo;
1630 const char *arg_string = "";
1632 PKT_public_key *pk=keyblock->pkt->pkt.public_key;
1636 if( redisplay && !quiet )
1638 show_key_with_all_names( cur_keyblock, 0, 1, 0, 1, 0 );
1644 if( have_commands ) {
1646 answer = xstrdup( commands->d );
1647 commands = commands->next;
1649 else if( opt.batch ) {
1650 answer = xstrdup("quit");
1655 if( !have_commands )
1657 #ifdef HAVE_LIBREADLINE
1658 tty_enable_completion(keyedit_completion);
1660 answer = cpr_get_no_help("keyedit.prompt", "gpg> ");
1662 tty_disable_completion();
1664 trim_spaces(answer);
1665 } while( *answer == '#' );
1667 arg_number = 0; /* Yes, here is the init which egcc complains about */
1668 photo = 0; /* This too */
1671 else if( *answer == CONTROL_D )
1673 else if( digitp(answer ) ) {
1675 arg_number = atoi(answer);
1678 if( (p=strchr(answer,' ')) ) {
1680 trim_spaces(answer);
1682 arg_number = atoi(p);
1686 for(i=0; cmds[i].name; i++ )
1688 if(cmds[i].flags & KEYEDIT_TAIL_MATCH)
1690 size_t l=strlen(cmds[i].name);
1691 size_t a=strlen(answer);
1694 if(ascii_strcasecmp(&answer[a-l],cmds[i].name)==0)
1701 else if( !ascii_strcasecmp( answer, cmds[i].name ) )
1704 if((cmds[i].flags & KEYEDIT_NEED_SK) && !sec_keyblock )
1706 tty_printf(_("Need the secret key to do this.\n"));
1709 else if(((cmds[i].flags & KEYEDIT_NOT_SK) && sec_keyblock
1711 ||((cmds[i].flags & KEYEDIT_ONLY_SK) && sec_keyblock
1714 tty_printf(_("Please use the command \"toggle\" first.\n"));
1723 for(i=0; cmds[i].name; i++ )
1725 if((cmds[i].flags & KEYEDIT_NEED_SK) && !sec_keyblock )
1726 ; /* skip if we do not have the secret key */
1727 else if( cmds[i].desc )
1728 tty_printf("%-11s %s\n", cmds[i].name, _(cmds[i].desc) );
1733 "* The `sign' command may be prefixed with an `l' for local "
1734 "signatures (lsign),\n"
1735 " a `t' for trust signatures (tsign), an `nr' for non-revocable signatures\n"
1736 " (nrsign), or any combination thereof (ltsign, tnrsign, etc.).\n"));
1745 show_key_and_fingerprint( keyblock );
1749 if(strlen(arg_string)==NAMEHASH_LEN*2)
1750 redisplay=menu_select_uid_namehash(cur_keyblock,arg_string);
1753 if (*arg_string == '*'
1754 && (!arg_string[1] || spacep (arg_string+1)))
1755 arg_number = -1; /* Select all. */
1756 redisplay = menu_select_uid (cur_keyblock, arg_number);
1762 if (*arg_string == '*'
1763 && (!arg_string[1] || spacep (arg_string+1)))
1764 arg_number = -1; /* Select all. */
1765 if (menu_select_key( cur_keyblock, arg_number))
1771 /* we can only do this with the public key becuase the
1772 * check functions can't cope with secret keys and it
1773 * is questionable whether this would make sense at all */
1774 check_all_keysigs( keyblock, count_selected_uids(keyblock) );
1777 case cmdSIGN: /* sign (only the public key) */
1779 int localsig=0,nonrevokesig=0,trustsig=0,interactive=0;
1781 if( pk->is_revoked )
1783 tty_printf(_("Key is revoked."));
1788 if(!cpr_get_answer_is_yes("keyedit.sign_revoked.okay",
1789 _("Are you sure you still want"
1790 " to sign it? (y/N) ")))
1795 tty_printf(_(" Unable to sign.\n"));
1800 if(count_uids(keyblock) > 1 && !count_selected_uids(keyblock)
1801 && !cpr_get_answer_is_yes("keyedit.sign_all.okay",
1802 _("Really sign all user IDs?"
1809 tty_printf(_("Hint: Select the user IDs to sign\n"));
1815 /* What sort of signing are we doing? */
1816 if(!parse_sign_type(answer,&localsig,&nonrevokesig,&trustsig))
1818 tty_printf(_("Unknown signature type `%s'\n"),answer);
1822 sign_uids(keyblock, locusr, &modified,
1823 localsig, nonrevokesig, trustsig, interactive);
1828 dump_kbnode( cur_keyblock );
1833 cur_keyblock = toggle? sec_keyblock : keyblock;
1838 if (RFC2440 || RFC1991 || PGP2)
1841 _("This command is not allowed while in %s mode.\n"),
1842 compliance_option_string());
1849 if( menu_adduid( keyblock, sec_keyblock, photo, arg_string ) )
1853 sec_modified = modified = 1;
1854 merge_keys_and_selfsig( sec_keyblock );
1855 merge_keys_and_selfsig( keyblock );
1862 if( !(n1=count_selected_uids(keyblock)) )
1863 tty_printf(_("You must select at least one user ID.\n"));
1864 else if( real_uids_left(keyblock) < 1 )
1865 tty_printf(_("You can't delete the last user ID!\n"));
1866 else if( cpr_get_answer_is_yes("keyedit.remove.uid.okay",
1867 n1 > 1? _("Really remove all selected user IDs? (y/N) ")
1868 : _("Really remove this user ID? (y/N) ")
1870 menu_deluid( keyblock, sec_keyblock );
1882 if( !(n1=count_selected_uids(keyblock)) )
1883 tty_printf(_("You must select at least one user ID.\n"));
1884 else if( menu_delsig( keyblock ) ) {
1885 /* no redisplay here, because it may scroll away some
1886 * status output of delsig */
1893 if( generate_subkeypair( keyblock, sec_keyblock ) ) {
1895 sec_modified = modified = 1;
1896 merge_keys_and_selfsig( sec_keyblock );
1897 merge_keys_and_selfsig( keyblock );
1901 #ifdef ENABLE_CARD_SUPPORT
1903 if (card_generate_subkey (keyblock, sec_keyblock)) {
1905 sec_modified = modified = 1;
1906 merge_keys_and_selfsig( sec_keyblock );
1907 merge_keys_and_selfsig( keyblock );
1914 switch ( count_selected_keys (sec_keyblock) )
1917 if (cpr_get_answer_is_yes
1918 ("keyedit.keytocard.use_primary",
1919 /* TRANSLATORS: Please take care: This is about
1920 moving the key and not about removing it. */
1921 _("Really move the primary key? (y/N) ")))
1922 node = sec_keyblock;
1925 for (node = sec_keyblock; node; node = node->next )
1927 if (node->pkt->pkttype == PKT_SECRET_SUBKEY
1928 && node->flag & NODFLG_SELKEY)
1933 tty_printf(_("You must select exactly one key.\n"));
1938 PKT_public_key *xxpk = find_pk_from_sknode (keyblock, node);
1939 if (card_store_subkey (node, xxpk?xxpk->pubkey_usage:0))
1950 /* Ask for a filename, check whether this is really a
1951 backup key as generated by the card generation, parse
1952 that key and store it on card. */
1961 tty_printf (_("Command expects a filename argument\n"));
1965 /* Open that file. */
1966 a = iobuf_open (fname);
1967 if (a && is_secured_file (iobuf_get_fd (a)))
1975 tty_printf (_("Can't open `%s': %s\n"),
1976 fname, strerror(errno));
1980 /* Parse and check that file. */
1981 pkt = xmalloc (sizeof *pkt);
1983 rc = parse_packet (a, pkt);
1985 iobuf_ioctl (NULL, 2, 0, (char*)fname); /* (invalidate cache). */
1987 && pkt->pkttype != PKT_SECRET_KEY
1988 && pkt->pkttype != PKT_SECRET_SUBKEY)
1989 rc = G10ERR_NO_SECKEY;
1992 tty_printf(_("Error reading backup key from `%s': %s\n"),
1993 fname, g10_errstr (rc));
1998 node = new_kbnode (pkt);
2001 if (card_store_subkey (node, 0))
2006 release_kbnode (node);
2010 #endif /* ENABLE_CARD_SUPPORT */
2015 if( !(n1=count_selected_keys( keyblock )) )
2016 tty_printf(_("You must select at least one key.\n"));
2017 else if( !cpr_get_answer_is_yes( "keyedit.remove.subkey.okay",
2019 _("Do you really want to delete the selected keys? (y/N) "):
2020 _("Do you really want to delete this key? (y/N) ")
2024 menu_delkey( keyblock, sec_keyblock );
2037 if(ascii_strcasecmp(arg_string,"sensitive")==0)
2039 if( menu_addrevoker( keyblock, sec_keyblock, sensitive ) ) {
2041 sec_modified = modified = 1;
2042 merge_keys_and_selfsig( sec_keyblock );
2043 merge_keys_and_selfsig( keyblock );
2051 if( !(n1=count_selected_uids(keyblock)) )
2052 tty_printf(_("You must select at least one user ID.\n"));
2053 else if( cpr_get_answer_is_yes(
2054 "keyedit.revoke.uid.okay",
2055 n1 > 1? _("Really revoke all selected user IDs? (y/N) ")
2056 : _("Really revoke this user ID? (y/N) ")
2058 if(menu_revuid(keyblock,sec_keyblock))
2071 if( !(n1=count_selected_keys( keyblock )) )
2073 if(cpr_get_answer_is_yes("keyedit.revoke.subkey.okay",
2074 _("Do you really want to revoke"
2075 " the entire key? (y/N) ")))
2077 if(menu_revkey(keyblock,sec_keyblock))
2083 else if(cpr_get_answer_is_yes("keyedit.revoke.subkey.okay",
2085 _("Do you really want to revoke"
2086 " the selected subkeys? (y/N) "):
2087 _("Do you really want to revoke"
2088 " this subkey? (y/N) ")))
2090 if( menu_revsubkey( keyblock, sec_keyblock ) )
2097 merge_keys_and_selfsig( keyblock );
2102 if( menu_expire( keyblock, sec_keyblock ) )
2104 merge_keys_and_selfsig( sec_keyblock );
2105 merge_keys_and_selfsig( keyblock );
2113 if(menu_backsign(keyblock,sec_keyblock))
2122 if( menu_set_primary_uid ( keyblock, sec_keyblock ) ) {
2123 merge_keys_and_selfsig( keyblock );
2130 if (change_passphrase (sec_keyblock, NULL))
2135 if(opt.trust_model==TM_EXTERNAL)
2137 tty_printf (_("Owner trust may not be set while "
2138 "using a user provided trust database\n"));
2142 show_key_with_all_names( keyblock, 0, 0, 0, 1, 0 );
2144 if( edit_ownertrust( find_kbnode( keyblock,
2145 PKT_PUBLIC_KEY )->pkt->pkt.public_key, 1 ) ) {
2147 /* No real need to set update_trust here as
2148 edit_ownertrust() calls revalidation_mark()
2156 int count=count_selected_uids(keyblock);
2157 assert(keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
2158 show_names(keyblock,keyblock->pkt->pkt.public_key,
2159 count?NODFLG_SELUID:0,1);
2165 int count=count_selected_uids(keyblock);
2166 assert(keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
2167 show_names(keyblock,keyblock->pkt->pkt.public_key,
2168 count?NODFLG_SELUID:0,2);
2174 PKT_user_id *tempuid;
2176 keygen_set_std_prefs(!*arg_string?"default" : arg_string, 0);
2178 tempuid=keygen_get_std_prefs();
2179 tty_printf(_("Set preference list to:\n"));
2180 show_prefs(tempuid,NULL,1);
2181 free_user_id(tempuid);
2183 if(cpr_get_answer_is_yes("keyedit.setpref.okay",
2184 count_selected_uids (keyblock)?
2185 _("Really update the preferences"
2186 " for the selected user IDs? (y/N) "):
2187 _("Really update the preferences? (y/N) ")))
2189 if ( menu_set_preferences (keyblock, sec_keyblock) )
2191 merge_keys_and_selfsig (keyblock);
2200 if( menu_set_keyserver_url ( *arg_string?arg_string:NULL,
2201 keyblock, sec_keyblock ) )
2203 merge_keys_and_selfsig( keyblock );
2210 if( menu_set_notation ( *arg_string?arg_string:NULL,
2211 keyblock, sec_keyblock ) )
2213 merge_keys_and_selfsig( keyblock );
2223 if( menu_revsig( keyblock ) ) {
2231 if( enable_disable_key( keyblock, cmd == cmdDISABLEKEY ) ) {
2238 menu_showphoto(keyblock);
2242 if(menu_clean(keyblock,0))
2243 redisplay=modified=1;
2247 if(menu_clean(keyblock,1))
2248 redisplay=modified=1;
2254 if( !modified && !sec_modified )
2256 if( !cpr_get_answer_is_yes("keyedit.save.okay",
2257 _("Save changes? (y/N) ")) ) {
2259 || cpr_get_answer_is_yes("keyedit.cancel.okay",
2260 _("Quit without saving? (y/N) ")))
2266 if( modified || sec_modified ) {
2268 rc = keydb_update_keyblock (kdbhd, keyblock);
2270 log_error(_("update failed: %s\n"), g10_errstr(rc) );
2274 if( sec_modified ) {
2275 rc = keydb_update_keyblock (sec_kdbhd, sec_keyblock );
2277 log_error( _("update secret failed: %s\n"),
2284 tty_printf(_("Key not changed so no update needed.\n"));
2288 revalidation_mark ();
2296 tty_printf(_("Invalid command (try \"help\")\n"));
2299 } /* end main loop */
2302 release_kbnode( keyblock );
2303 release_kbnode( sec_keyblock );
2304 keydb_release (kdbhd);
2309 /* Change the passphrase of the secret key identified by USERNAME. */
2311 keyedit_passwd (const char *username)
2315 unsigned char fpr[MAX_FINGERPRINT_LEN];
2317 KEYDB_HANDLE kdh = NULL;
2318 KBNODE keyblock = NULL;
2320 pk = xtrycalloc (1, sizeof *pk);
2323 err = gpg_error_from_syserror ();
2326 err = get_pubkey_byname (NULL, pk, username, NULL, NULL, 1, 1);
2329 fingerprint_from_pk (pk, fpr, &fprlen);
2330 while (fprlen < MAX_FINGERPRINT_LEN)
2333 kdh = keydb_new (1);
2336 err = gpg_error (GPG_ERR_GENERAL);
2340 err = keydb_search_fpr (kdh, fpr);
2341 if (err == -1 || gpg_err_code (err) == GPG_ERR_EOF)
2342 err = gpg_error (GPG_ERR_NO_SECKEY);
2346 err = keydb_get_keyblock (kdh, &keyblock);
2350 if (!change_passphrase (keyblock, &err))
2353 err = keydb_update_keyblock (kdh, keyblock);
2355 log_error( _("update secret failed: %s\n"), gpg_strerror (err));
2358 release_kbnode (keyblock);
2360 free_public_key (pk);
2361 keydb_release (kdh);
2364 log_info ("error changing the passphrase for `%s': %s\n",
2365 username, gpg_strerror (err));
2366 write_status_error ("keyedit.passwd", gpg_err_code (err));
2369 write_status_text (STATUS_SUCCESS, "keyedit.passwd");
2374 tty_print_notations(int indent,PKT_signature *sig)
2377 struct notation *notation,*nd;
2385 notation=sig_to_notation(sig);
2387 for(nd=notation;nd;nd=nd->next)
2390 tty_printf("%*s",indent,"");
2394 tty_print_utf8_string(nd->name,strlen(nd->name));
2396 tty_print_utf8_string(nd->value,strlen(nd->value));
2400 free_notation(notation);
2404 * show preferences of a public keyblock.
2407 show_prefs (PKT_user_id *uid, PKT_signature *selfsig, int verbose)
2409 const prefitem_t fake={0,0};
2410 const prefitem_t *prefs;
2424 int any, des_seen=0, sha1_seen=0, uncomp_seen=0;
2427 tty_printf (_("Cipher: "));
2428 for(i=any=0; prefs[i].type; i++ ) {
2429 if( prefs[i].type == PREFTYPE_SYM ) {
2433 /* We don't want to display strings for experimental algos */
2434 if (!openpgp_cipher_test_algo (prefs[i].value)
2435 && prefs[i].value < 100 )
2437 openpgp_cipher_algo_name (prefs[i].value));
2439 tty_printf ("[%d]", prefs[i].value);
2440 if (prefs[i].value == CIPHER_ALGO_3DES )
2447 tty_printf ("%s", openpgp_cipher_algo_name (CIPHER_ALGO_3DES));
2450 tty_printf (_("Digest: "));
2451 for(i=any=0; prefs[i].type; i++ ) {
2452 if( prefs[i].type == PREFTYPE_HASH ) {
2456 /* We don't want to display strings for experimental algos */
2457 if (!gcry_md_test_algo (prefs[i].value)
2458 && prefs[i].value < 100 )
2459 tty_printf ("%s", gcry_md_algo_name (prefs[i].value) );
2461 tty_printf ("[%d]", prefs[i].value);
2462 if (prefs[i].value == DIGEST_ALGO_SHA1 )
2469 tty_printf ("%s", gcry_md_algo_name (DIGEST_ALGO_SHA1));
2472 tty_printf (_("Compression: "));
2473 for(i=any=0; prefs[i].type; i++ ) {
2474 if( prefs[i].type == PREFTYPE_ZIP ) {
2475 const char *s=compress_algo_to_string(prefs[i].value);
2480 /* We don't want to display strings for experimental algos */
2481 if (s && prefs[i].value < 100 )
2482 tty_printf ("%s", s );
2484 tty_printf ("[%d]", prefs[i].value);
2485 if (prefs[i].value == COMPRESS_ALGO_NONE )
2493 tty_printf ("%s",compress_algo_to_string(COMPRESS_ALGO_ZIP));
2496 tty_printf ("%s",compress_algo_to_string(COMPRESS_ALGO_NONE));
2498 if(uid->flags.mdc || !uid->flags.ks_modify)
2501 tty_printf (_("Features: "));
2508 if(!uid->flags.ks_modify)
2512 tty_printf (_("Keyserver no-modify"));
2519 const byte *pref_ks;
2522 pref_ks=parse_sig_subpkt(selfsig->hashed,
2523 SIGSUBPKT_PREF_KS,&pref_ks_len);
2524 if(pref_ks && pref_ks_len)
2527 tty_printf(_("Preferred keyserver: "));
2528 tty_print_utf8_string(pref_ks,pref_ks_len);
2532 if(selfsig->flags.notation)
2535 tty_printf(_("Notations: "));
2536 tty_print_notations(5+strlen(_("Notations: ")),selfsig);
2542 for(i=0; prefs[i].type; i++ ) {
2543 tty_printf( " %c%d", prefs[i].type == PREFTYPE_SYM ? 'S' :
2544 prefs[i].type == PREFTYPE_HASH ? 'H' :
2545 prefs[i].type == PREFTYPE_ZIP ? 'Z':'?',
2549 tty_printf (" [mdc]");
2550 if (!uid->flags.ks_modify)
2551 tty_printf (" [no-ks-modify]");
2556 /* This is the version of show_key_with_all_names used when
2557 opt.with_colons is used. It prints all available data in a easy to
2558 parse format and does not translate utf8 */
2560 show_key_with_all_names_colon (KBNODE keyblock)
2563 int i, j, ulti_hack=0;
2565 PKT_public_key *primary=NULL;
2568 for ( node = keyblock; node; node = node->next )
2570 if (node->pkt->pkttype == PKT_PUBLIC_KEY
2571 || (node->pkt->pkttype == PKT_PUBLIC_SUBKEY) )
2573 PKT_public_key *pk = node->pkt->pkt.public_key;
2576 if (node->pkt->pkttype == PKT_PUBLIC_KEY)
2578 pk_version = pk->version;
2582 keyid_from_pk (pk, keyid);
2584 fputs (node->pkt->pkttype == PKT_PUBLIC_KEY?"pub:":"sub:", stdout);
2587 else if (pk->is_revoked)
2589 else if (pk->has_expired)
2591 else if (!(opt.fast_list_mode || opt.no_expensive_trust_checks ))
2593 int trust = get_validity_info (pk, NULL);
2599 printf (":%u:%d:%08lX%08lX:%lu:%lu::",
2602 (ulong)keyid[0], (ulong)keyid[1],
2603 (ulong)pk->timestamp,
2604 (ulong)pk->expiredate );
2605 if (node->pkt->pkttype==PKT_PUBLIC_KEY
2606 && !(opt.fast_list_mode || opt.no_expensive_trust_checks ))
2607 putchar(get_ownertrust_info (pk));
2611 /* Print capabilities. */
2612 if ( (pk->pubkey_usage & PUBKEY_USAGE_ENC) )
2614 if ( (pk->pubkey_usage & PUBKEY_USAGE_SIG) )
2616 if ( (pk->pubkey_usage & PUBKEY_USAGE_CERT) )
2618 if ( (pk->pubkey_usage & PUBKEY_USAGE_AUTH) )
2622 print_fingerprint (pk, NULL, 0);
2629 for (node = keyblock; node; node = node->next)
2631 if ( node->pkt->pkttype == PKT_USER_ID )
2633 PKT_user_id *uid = node->pkt->pkt.user_id;
2637 if(uid->attrib_data)
2642 if ( uid->is_revoked )
2643 printf("r::::::::");
2644 else if ( uid->is_expired )
2645 printf("e::::::::");
2646 else if ( opt.fast_list_mode || opt.no_expensive_trust_checks )
2652 if( primary && !ulti_hack )
2653 uid_validity = get_validity_info( primary, uid );
2656 printf("%c::::::::",uid_validity);
2659 if(uid->attrib_data)
2660 printf ("%u %lu",uid->numattribs,uid->attrib_len);
2662 print_string (stdout, uid->name, uid->len, ':');
2665 /* signature class */
2670 if (pk_version>3 || uid->selfsigversion>3)
2672 const prefitem_t *prefs = uid->prefs;
2674 for (j=0; prefs && prefs[j].type; j++)
2678 printf ("%c%d", prefs[j].type == PREFTYPE_SYM ? 'S' :
2679 prefs[j].type == PREFTYPE_HASH ? 'H' :
2680 prefs[j].type == PREFTYPE_ZIP ? 'Z':'?',
2685 if (!uid->flags.ks_modify)
2686 printf (",no-ks-modify");
2691 if (uid->is_primary)
2693 if (uid->is_revoked)
2695 if (uid->is_expired)
2697 if ((node->flag & NODFLG_SELUID))
2699 if ((node->flag & NODFLG_MARK_A))
2708 show_names(KBNODE keyblock,PKT_public_key *pk,unsigned int flag,int with_prefs)
2713 for( node = keyblock; node; node = node->next )
2715 if( node->pkt->pkttype == PKT_USER_ID
2716 && !is_deleted_kbnode(node))
2718 PKT_user_id *uid = node->pkt->pkt.user_id;
2720 if(!flag || (flag && (node->flag & flag)))
2722 if(!(flag&NODFLG_MARK_A) && pk)
2723 tty_printf("%s ",uid_trust_string_fixed(pk,uid));
2725 if( flag & NODFLG_MARK_A )
2727 else if( node->flag & NODFLG_SELUID )
2728 tty_printf("(%d)* ", i);
2729 else if( uid->is_primary )
2730 tty_printf("(%d). ", i);
2732 tty_printf("(%d) ", i);
2733 tty_print_utf8_string( uid->name, uid->len );
2735 if(with_prefs && pk)
2737 if(pk->version>3 || uid->selfsigversion>3)
2739 PKT_signature *selfsig=NULL;
2742 for(signode=node->next;
2743 signode && signode->pkt->pkttype==PKT_SIGNATURE;
2744 signode=signode->next)
2746 if(signode->pkt->pkt.signature->
2747 flags.chosen_selfsig)
2749 selfsig=signode->pkt->pkt.signature;
2754 show_prefs (uid, selfsig, with_prefs == 2);
2757 tty_printf(_("There are no preferences on a"
2758 " PGP 2.x-style user ID.\n"));
2766 * Display the key a the user ids, if only_marked is true, do only
2767 * so for user ids with mark A flag set and dont display the index number
2770 show_key_with_all_names( KBNODE keyblock, int only_marked, int with_revoker,
2771 int with_fpr, int with_subkeys, int with_prefs )
2776 PKT_public_key *primary=NULL;
2778 if (opt.with_colons)
2780 show_key_with_all_names_colon (keyblock);
2785 for( node = keyblock; node; node = node->next ) {
2786 if( node->pkt->pkttype == PKT_PUBLIC_KEY
2787 || (with_subkeys && node->pkt->pkttype == PKT_PUBLIC_SUBKEY
2788 && !is_deleted_kbnode(node)) ) {
2789 PKT_public_key *pk = node->pkt->pkt.public_key;
2790 const char *otrust="err",*trust="err";
2792 if( node->pkt->pkttype == PKT_PUBLIC_KEY ) {
2793 /* do it here, so that debug messages don't clutter the
2795 static int did_warn = 0;
2797 trust = get_validity_string (pk, NULL);
2798 otrust = get_ownertrust_string (pk);
2800 /* Show a warning once */
2802 && (get_validity (pk, NULL) & TRUST_FLAG_PENDING_CHECK)) {
2812 char *user=get_user_id_string_native(pk->revoked.keyid);
2813 const char *algo = openpgp_pk_algo_name (pk->revoked.algo);
2814 tty_printf (_("The following key was revoked on"
2815 " %s by %s key %s\n"),
2816 revokestr_from_pk(pk),algo?algo:"?",user);
2822 if( !pk->revkey && pk->numrevkeys )
2825 for(i=0;i<pk->numrevkeys;i++)
2831 algo = openpgp_pk_algo_name (pk->revkey[i].algid);
2832 keyid_from_fingerprint(pk->revkey[i].fpr,
2833 MAX_FINGERPRINT_LEN,r_keyid);
2835 user=get_user_id_string_native(r_keyid);
2836 tty_printf(_("This key may be revoked by %s key %s"),
2837 algo?algo:"?",user);
2839 if(pk->revkey[i].class&0x40)
2842 tty_printf(_("(sensitive)"));
2850 keyid_from_pk(pk,NULL);
2851 tty_printf("%s%c %4u%c/%s ",
2852 node->pkt->pkttype == PKT_PUBLIC_KEY? "pub":"sub",
2853 (node->flag & NODFLG_SELKEY)? '*':' ',
2854 nbits_from_pk( pk ),
2855 pubkey_letter( pk->pubkey_algo ),
2858 tty_printf(_("created: %s"),datestr_from_pk(pk));
2861 tty_printf(_("revoked: %s"),revokestr_from_pk(pk));
2862 else if(pk->has_expired)
2863 tty_printf(_("expired: %s"),expirestr_from_pk(pk));
2865 tty_printf(_("expires: %s"),expirestr_from_pk(pk));
2867 tty_printf(_("usage: %s"),usagestr_from_pk(pk));
2870 if( node->pkt->pkttype == PKT_PUBLIC_KEY )
2872 if(opt.trust_model!=TM_ALWAYS)
2874 tty_printf("%*s", (int)keystrlen()+13,"");
2875 /* Ownertrust is only meaningful for the PGP or
2876 classic trust models */
2877 if(opt.trust_model==TM_PGP || opt.trust_model==TM_CLASSIC)
2879 int width=14-strlen(otrust);
2882 tty_printf(_("trust: %s"), otrust);
2883 tty_printf("%*s",width,"");
2886 tty_printf(_("validity: %s"), trust );
2889 if( node->pkt->pkttype == PKT_PUBLIC_KEY
2890 && (get_ownertrust (pk)&TRUST_FLAG_DISABLED))
2893 tty_printf(_("This key has been disabled"));
2898 if( node->pkt->pkttype == PKT_PUBLIC_KEY && with_fpr )
2900 print_fingerprint ( pk, NULL, 2 );
2904 else if( node->pkt->pkttype == PKT_SECRET_KEY
2905 || (with_subkeys && node->pkt->pkttype == PKT_SECRET_SUBKEY) )
2907 PKT_secret_key *sk = node->pkt->pkt.secret_key;
2908 tty_printf("%s%c %4u%c/%s ",
2909 node->pkt->pkttype == PKT_SECRET_KEY? "sec":"ssb",
2910 (node->flag & NODFLG_SELKEY)? '*':' ',
2911 nbits_from_sk( sk ),
2912 pubkey_letter( sk->pubkey_algo ),
2913 keystr_from_sk(sk));
2914 tty_printf(_("created: %s"),datestr_from_sk(sk));
2916 tty_printf(_("expires: %s"),expirestr_from_sk(sk));
2918 if (sk->is_protected && sk->protect.s2k.mode == 1002)
2921 tty_printf(_("card-no: "));
2922 if (sk->protect.ivlen == 16
2923 && !memcmp (sk->protect.iv, "\xD2\x76\x00\x01\x24\x01", 6))
2924 { /* This is an OpenPGP card. */
2925 for (i=8; i < 14; i++)
2929 tty_printf ("%02X", sk->protect.iv[i]);
2933 { /* Something is wrong: Print all. */
2934 for (i=0; i < sk->protect.ivlen; i++)
2935 tty_printf ("%02X", sk->protect.iv[i]);
2942 show_names(keyblock,primary,only_marked?NODFLG_MARK_A:0,with_prefs);
2945 tty_printf (_("Please note that the shown key validity"
2946 " is not necessarily correct\n"
2947 "unless you restart the program.\n"));
2951 /* Display basic key information. This function is suitable to show
2952 information on the key without any dependencies on the trustdb or
2953 any other internal GnuPG stuff. KEYBLOCK may either be a public or
2956 show_basic_key_info ( KBNODE keyblock )
2961 /* The primary key */
2962 for (node = keyblock; node; node = node->next)
2964 if (node->pkt->pkttype == PKT_PUBLIC_KEY)
2966 PKT_public_key *pk = node->pkt->pkt.public_key;
2968 /* Note, we use the same format string as in other show
2969 functions to make the translation job easier. */
2970 tty_printf ("%s %4u%c/%s ",
2971 node->pkt->pkttype == PKT_PUBLIC_KEY? "pub":"sub",
2972 nbits_from_pk( pk ),
2973 pubkey_letter( pk->pubkey_algo ),
2974 keystr_from_pk(pk));
2975 tty_printf(_("created: %s"),datestr_from_pk(pk));
2977 tty_printf(_("expires: %s"),expirestr_from_pk(pk));
2979 print_fingerprint ( pk, NULL, 3 );
2982 else if (node->pkt->pkttype == PKT_SECRET_KEY)
2984 PKT_secret_key *sk = node->pkt->pkt.secret_key;
2985 tty_printf("%s %4u%c/%s",
2986 node->pkt->pkttype == PKT_SECRET_KEY? "sec":"ssb",
2987 nbits_from_sk( sk ),
2988 pubkey_letter( sk->pubkey_algo ),
2989 keystr_from_sk(sk));
2990 tty_printf(_("created: %s"),datestr_from_sk(sk));
2992 tty_printf(_("expires: %s"),expirestr_from_sk(sk));
2994 print_fingerprint (NULL, sk, 3 );
3000 for (i=0, node = keyblock; node; node = node->next)
3002 if (node->pkt->pkttype == PKT_USER_ID)
3004 PKT_user_id *uid = node->pkt->pkt.user_id;
3008 if (uid->is_revoked)
3009 tty_printf("[%s] ",_("revoked"));
3010 else if ( uid->is_expired )
3011 tty_printf("[%s] ",_("expired"));
3012 tty_print_utf8_string (uid->name, uid->len);
3019 show_key_and_fingerprint( KBNODE keyblock )
3022 PKT_public_key *pk = NULL;
3024 for( node = keyblock; node; node = node->next )
3026 if( node->pkt->pkttype == PKT_PUBLIC_KEY )
3028 pk = node->pkt->pkt.public_key;
3029 tty_printf("pub %4u%c/%s %s ",
3030 nbits_from_pk( pk ),
3031 pubkey_letter( pk->pubkey_algo ),
3033 datestr_from_pk(pk) );
3035 else if( node->pkt->pkttype == PKT_USER_ID )
3037 PKT_user_id *uid = node->pkt->pkt.user_id;
3038 tty_print_utf8_string( uid->name, uid->len );
3044 print_fingerprint( pk, NULL, 2 );
3048 /* Show a warning if no uids on the key have the primary uid flag
3051 no_primary_warning(KBNODE keyblock)
3054 int have_primary=0,uid_count=0;
3056 /* TODO: if we ever start behaving differently with a primary or
3057 non-primary attribute ID, we will need to check for attributes
3060 for(node=keyblock; node; node = node->next)
3062 if(node->pkt->pkttype==PKT_USER_ID
3063 && node->pkt->pkt.user_id->attrib_data==NULL)
3067 if(node->pkt->pkt.user_id->is_primary==2)
3075 if(uid_count>1 && !have_primary)
3076 log_info(_("WARNING: no user ID has been marked as primary. This command"
3077 " may\n cause a different user ID to become"
3078 " the assumed primary.\n"));
3082 * Ask for a new user id, do the selfsignature and put it into
3084 * Return true if there is a new user id
3087 menu_adduid( KBNODE pub_keyblock, KBNODE sec_keyblock,
3088 int photo, const char *photo_name)
3091 PKT_public_key *pk=NULL;
3092 PKT_secret_key *sk=NULL;
3093 PKT_signature *sig=NULL;
3096 KBNODE pub_where=NULL, sec_where=NULL;
3099 for( node = pub_keyblock; node; pub_where = node, node = node->next ) {
3100 if( node->pkt->pkttype == PKT_PUBLIC_KEY )
3101 pk = node->pkt->pkt.public_key;
3102 else if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
3105 if( !node ) /* no subkey */
3107 for( node = sec_keyblock; node; sec_where = node, node = node->next ) {
3108 if( node->pkt->pkttype == PKT_SECRET_KEY )
3109 sk = copy_secret_key( NULL, node->pkt->pkt.secret_key);
3110 else if( node->pkt->pkttype == PKT_SECRET_SUBKEY )
3113 if( !node ) /* no subkey */
3120 for( node = pub_keyblock; node; node = node->next )
3121 if( node->pkt->pkttype == PKT_USER_ID &&
3122 node->pkt->pkt.user_id->attrib_data!=NULL)
3128 /* It is legal but bad for compatibility to add a photo ID to a
3129 v3 key as it means that PGP2 will not be able to use that key
3130 anymore. Also, PGP may not expect a photo on a v3 key.
3131 Don't bother to ask this if the key already has a photo - any
3132 damage has already been done at that point. -dms */
3133 if(pk->version==3 && !hasattrib)
3137 tty_printf(_("WARNING: This is a PGP2-style key. "
3138 "Adding a photo ID may cause some versions\n"
3139 " of PGP to reject this key.\n"));
3141 if(!cpr_get_answer_is_yes("keyedit.v3_photo.okay",
3142 _("Are you sure you still want "
3143 "to add it? (y/N) ")))
3148 tty_printf(_("You may not add a photo ID to "
3149 "a PGP2-style key.\n"));
3154 uid = generate_photo_id(pk,photo_name);
3156 uid = generate_user_id (pub_keyblock);
3160 rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x13, 0, 0, 0, 0,
3161 keygen_add_std_prefs, pk );
3162 free_secret_key( sk );
3164 log_error("signing failed: %s\n", g10_errstr(rc) );
3169 /* insert/append to secret keyblock */
3170 pkt = xmalloc_clear( sizeof *pkt );
3171 pkt->pkttype = PKT_USER_ID;
3172 pkt->pkt.user_id = scopy_user_id(uid);
3173 node = new_kbnode(pkt);
3175 insert_kbnode( sec_where, node, 0 );
3177 add_kbnode( sec_keyblock, node );
3178 pkt = xmalloc_clear( sizeof *pkt );
3179 pkt->pkttype = PKT_SIGNATURE;
3180 pkt->pkt.signature = copy_signature(NULL, sig);
3182 insert_kbnode( node, new_kbnode(pkt), 0 );
3184 add_kbnode( sec_keyblock, new_kbnode(pkt) );
3185 /* insert/append to public keyblock */
3186 pkt = xmalloc_clear( sizeof *pkt );
3187 pkt->pkttype = PKT_USER_ID;
3188 pkt->pkt.user_id = uid;
3189 node = new_kbnode(pkt);
3191 insert_kbnode( pub_where, node, 0 );
3193 add_kbnode( pub_keyblock, node );
3194 pkt = xmalloc_clear( sizeof *pkt );
3195 pkt->pkttype = PKT_SIGNATURE;
3196 pkt->pkt.signature = copy_signature(NULL, sig);
3198 insert_kbnode( node, new_kbnode(pkt), 0 );
3200 add_kbnode( pub_keyblock, new_kbnode(pkt) );
3206 * Remove all selected userids from the keyrings
3209 menu_deluid( KBNODE pub_keyblock, KBNODE sec_keyblock )
3214 for( node = pub_keyblock; node; node = node->next ) {
3215 if( node->pkt->pkttype == PKT_USER_ID ) {
3216 selected = node->flag & NODFLG_SELUID;
3218 /* Only cause a trust update if we delete a
3219 non-revoked user id */
3220 if(!node->pkt->pkt.user_id->is_revoked)
3222 delete_kbnode( node );
3223 if( sec_keyblock ) {
3226 PKT_user_id *uid = node->pkt->pkt.user_id;
3227 for( snode = sec_keyblock; snode; snode = snode->next ) {
3228 if( snode->pkt->pkttype == PKT_USER_ID ) {
3229 PKT_user_id *suid = snode->pkt->pkt.user_id;
3232 (uid->len == suid->len
3233 && !memcmp( uid->name, suid->name, uid->len));
3235 delete_kbnode( snode );
3238 && snode->pkt->pkttype == PKT_SIGNATURE )
3239 delete_kbnode( snode );
3240 else if( snode->pkt->pkttype == PKT_SECRET_SUBKEY )
3246 else if( selected && node->pkt->pkttype == PKT_SIGNATURE )
3247 delete_kbnode( node );
3248 else if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
3251 commit_kbnode( &pub_keyblock );
3253 commit_kbnode( &sec_keyblock );
3258 menu_delsig( KBNODE pub_keyblock )
3261 PKT_user_id *uid = NULL;
3264 for( node = pub_keyblock; node; node = node->next ) {
3265 if( node->pkt->pkttype == PKT_USER_ID ) {
3266 uid = (node->flag & NODFLG_SELUID)? node->pkt->pkt.user_id : NULL;
3268 else if( uid && node->pkt->pkttype == PKT_SIGNATURE ) {
3269 int okay, valid, selfsig, inv_sig, no_key, other_err;
3272 tty_print_utf8_string( uid->name, uid->len );
3275 okay = inv_sig = no_key = other_err = 0;
3277 valid = print_and_check_one_sig_colon( pub_keyblock, node,
3278 &inv_sig, &no_key, &other_err,
3281 valid = print_and_check_one_sig( pub_keyblock, node,
3282 &inv_sig, &no_key, &other_err,
3286 okay = cpr_get_answer_yes_no_quit(
3287 "keyedit.delsig.valid",
3288 _("Delete this good signature? (y/N/q)"));
3290 /* Only update trust if we delete a good signature.
3291 The other two cases do not affect trust. */
3295 else if( inv_sig || other_err )
3296 okay = cpr_get_answer_yes_no_quit(
3297 "keyedit.delsig.invalid",
3298 _("Delete this invalid signature? (y/N/q)"));
3300 okay = cpr_get_answer_yes_no_quit(
3301 "keyedit.delsig.unknown",
3302 _("Delete this unknown signature? (y/N/q)"));
3306 if( okay && selfsig && !cpr_get_answer_is_yes(
3307 "keyedit.delsig.selfsig",
3308 _("Really delete this self-signature? (y/N)") ))
3311 delete_kbnode( node );
3316 else if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
3321 commit_kbnode( &pub_keyblock );
3322 tty_printf( changed == 1? _("Deleted %d signature.\n")
3323 : _("Deleted %d signatures.\n"), changed );
3326 tty_printf( _("Nothing deleted.\n") );
3332 menu_clean(KBNODE keyblock,int self_only)
3335 int modified=0,select_all=!count_selected_uids(keyblock);
3337 for(uidnode=keyblock->next;
3338 uidnode && uidnode->pkt->pkttype!=PKT_PUBLIC_SUBKEY;
3339 uidnode=uidnode->next)
3341 if(uidnode->pkt->pkttype==PKT_USER_ID
3342 && (uidnode->flag&NODFLG_SELUID || select_all))
3345 char *user=utf8_to_native(uidnode->pkt->pkt.user_id->name,
3346 uidnode->pkt->pkt.user_id->len,
3349 clean_one_uid(keyblock,uidnode,opt.verbose,self_only,&uids,&sigs);
3354 if(uidnode->pkt->pkt.user_id->is_revoked)
3355 reason=_("revoked");
3356 else if(uidnode->pkt->pkt.user_id->is_expired)
3357 reason=_("expired");
3359 reason=_("invalid");
3361 tty_printf (_("User ID \"%s\" compacted: %s\n"), user, reason);
3368 _("User ID \"%s\": %d signature removed\n") :
3369 _("User ID \"%s\": %d signatures removed\n"),
3376 tty_printf (self_only==1?
3377 _("User ID \"%s\": already minimized\n") :
3378 _("User ID \"%s\": already clean\n"),
3390 * Remove some of the secondary keys
3393 menu_delkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
3398 for( node = pub_keyblock; node; node = node->next ) {
3399 if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
3400 selected = node->flag & NODFLG_SELKEY;
3402 delete_kbnode( node );
3403 if( sec_keyblock ) {
3408 keyid_from_pk( node->pkt->pkt.public_key, ki );
3409 for( snode = sec_keyblock; snode; snode = snode->next ) {
3410 if( snode->pkt->pkttype == PKT_SECRET_SUBKEY ) {
3413 keyid_from_sk( snode->pkt->pkt.secret_key, ki2 );
3414 s_selected = (ki[0] == ki2[0] && ki[1] == ki2[1]);
3416 delete_kbnode( snode );
3419 && snode->pkt->pkttype == PKT_SIGNATURE )
3420 delete_kbnode( snode );
3427 else if( selected && node->pkt->pkttype == PKT_SIGNATURE )
3428 delete_kbnode( node );
3432 commit_kbnode( &pub_keyblock );
3434 commit_kbnode( &sec_keyblock );
3436 /* No need to set update_trust here since signing keys are no
3437 longer used to certify other keys, so there is no change in
3438 trust when revoking/removing them */
3443 * Ask for a new revoker, do the selfsignature and put it into
3445 * Return true if there is a new revoker
3448 menu_addrevoker( KBNODE pub_keyblock, KBNODE sec_keyblock, int sensitive )
3450 PKT_public_key *pk=NULL,*revoker_pk=NULL;
3451 PKT_secret_key *sk=NULL;
3452 PKT_signature *sig=NULL;
3454 struct revocation_key revkey;
3458 assert(pub_keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
3459 assert(sec_keyblock->pkt->pkttype==PKT_SECRET_KEY);
3461 pk=pub_keyblock->pkt->pkt.public_key;
3463 if(pk->numrevkeys==0 && pk->version==3)
3465 /* It is legal but bad for compatibility to add a revoker to a
3466 v3 key as it means that PGP2 will not be able to use that key
3467 anymore. Also, PGP may not expect a revoker on a v3 key.
3468 Don't bother to ask this if the key already has a revoker -
3469 any damage has already been done at that point. -dms */
3472 tty_printf(_("WARNING: This is a PGP 2.x-style key. "
3473 "Adding a designated revoker may cause\n"
3474 " some versions of PGP to reject this key.\n"));
3476 if(!cpr_get_answer_is_yes("keyedit.v3_revoker.okay",
3477 _("Are you sure you still want "
3478 "to add it? (y/N) ")))
3483 tty_printf(_("You may not add a designated revoker to "
3484 "a PGP 2.x-style key.\n"));
3489 sk=copy_secret_key(NULL,sec_keyblock->pkt->pkt.secret_key);
3496 free_public_key(revoker_pk);
3498 revoker_pk=xmalloc_clear(sizeof(*revoker_pk));
3502 answer=cpr_get_utf8("keyedit.add_revoker",
3503 _("Enter the user ID of the designated revoker: "));
3504 if(answer[0]=='\0' || answer[0]=='\004')
3510 /* Note that I'm requesting CERT here, which usually implies
3511 primary keys only, but some casual testing shows that PGP and
3512 GnuPG both can handle a designated revokation from a
3514 revoker_pk->req_usage=PUBKEY_USAGE_CERT;
3515 rc=get_pubkey_byname (NULL, revoker_pk,answer,NULL,NULL,1, 1);
3518 log_error (_("key \"%s\" not found: %s\n"),answer,g10_errstr(rc));
3525 fingerprint_from_pk(revoker_pk,revkey.fpr,&fprlen);
3528 log_error(_("cannot appoint a PGP 2.x style key as a "
3529 "designated revoker\n"));
3536 revkey.algid=revoker_pk->pubkey_algo;
3538 if(cmp_public_keys(revoker_pk,pk)==0)
3540 /* This actually causes no harm (after all, a key that
3541 designates itself as a revoker is the same as a
3542 regular key), but it's easy enough to check. */
3543 log_error(_("you cannot appoint a key as its own "
3544 "designated revoker\n"));
3549 keyid_from_pk(pk,NULL);
3551 /* Does this revkey already exist? */
3552 if(!pk->revkey && pk->numrevkeys)
3558 for(i=0;i<pk->numrevkeys;i++)
3560 if(memcmp(&pk->revkey[i],&revkey,
3561 sizeof(struct revocation_key))==0)
3565 log_error(_("this key has already been designated "
3568 sprintf(buf,"%08lX%08lX",
3569 (ulong)pk->keyid[0],(ulong)pk->keyid[1]);
3570 write_status_text(STATUS_ALREADY_SIGNED,buf);
3576 if(i<pk->numrevkeys)
3580 print_pubkey_info(NULL,revoker_pk);
3581 print_fingerprint(revoker_pk,NULL,2);
3584 tty_printf(_("WARNING: appointing a key as a designated revoker "
3585 "cannot be undone!\n"));
3589 if(!cpr_get_answer_is_yes("keyedit.add_revoker.okay",
3590 _("Are you sure you want to appoint this "
3591 "key as a designated revoker? (y/N) ")))
3594 free_public_key(revoker_pk);
3599 /* The 1F signature must be at least v4 to carry the revocation key
3601 rc = make_keysig_packet( &sig, pk, NULL, NULL, sk, 0x1F, 0, 4, 0, 0,
3602 keygen_add_revkey,&revkey );
3605 log_error("signing failed: %s\n", g10_errstr(rc) );
3609 free_secret_key(sk);
3612 /* insert into secret keyblock */
3613 pkt = xmalloc_clear( sizeof *pkt );
3614 pkt->pkttype = PKT_SIGNATURE;
3615 pkt->pkt.signature = copy_signature(NULL, sig);
3616 insert_kbnode( sec_keyblock, new_kbnode(pkt), PKT_SIGNATURE );
3618 /* insert into public keyblock */
3619 pkt = xmalloc_clear( sizeof *pkt );
3620 pkt->pkttype = PKT_SIGNATURE;
3621 pkt->pkt.signature = sig;
3622 insert_kbnode( pub_keyblock, new_kbnode(pkt), PKT_SIGNATURE );
3628 free_secret_key(sk);
3630 free_seckey_enc(sig);
3632 free_public_key(revoker_pk);
3639 menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock )
3641 int n1, signumber, rc;
3644 PKT_secret_key *sk; /* copy of the main sk */
3645 PKT_public_key *main_pk, *sub_pk;
3650 if( count_selected_keys( sec_keyblock ) ) {
3651 tty_printf(_("Please remove selections from the secret keys.\n"));
3655 n1 = count_selected_keys( pub_keyblock );
3657 tty_printf(_("Please select at most one subkey.\n"));
3661 tty_printf(_("Changing expiration time for a subkey.\n"));
3664 tty_printf(_("Changing expiration time for the primary key.\n"));
3666 no_primary_warning(pub_keyblock);
3669 expiredate = ask_expiredate();
3670 node = find_kbnode( sec_keyblock, PKT_SECRET_KEY );
3671 sk = copy_secret_key( NULL, node->pkt->pkt.secret_key);
3673 /* Now we can actually change the self signature(s) */
3674 main_pk = sub_pk = NULL;
3677 for( node=pub_keyblock; node; node = node->next ) {
3678 if( node->pkt->pkttype == PKT_PUBLIC_KEY ) {
3679 main_pk = node->pkt->pkt.public_key;
3680 keyid_from_pk( main_pk, keyid );
3681 main_pk->expiredate = expiredate;
3683 else if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY
3684 && (node->flag & NODFLG_SELKEY ) ) {
3685 sub_pk = node->pkt->pkt.public_key;
3686 sub_pk->expiredate = expiredate;
3688 else if( node->pkt->pkttype == PKT_USER_ID )
3689 uid = node->pkt->pkt.user_id;
3690 else if( main_pk && node->pkt->pkttype == PKT_SIGNATURE
3691 && ( mainkey || sub_pk ) ) {
3692 PKT_signature *sig = node->pkt->pkt.signature;
3693 if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
3694 && ( (mainkey && uid
3695 && uid->created && (sig->sig_class&~3) == 0x10)
3696 || (!mainkey && sig->sig_class == 0x18) )
3697 && sig->flags.chosen_selfsig )
3699 /* this is a selfsignature which is to be replaced */
3700 PKT_signature *newsig;
3707 if( (mainkey && main_pk->version < 4)
3708 || (!mainkey && sub_pk->version < 4 ) ) {
3710 "You can't change the expiration date of a v3 key\n"));
3711 free_secret_key( sk );
3715 /* find the corresponding secret self-signature */
3716 for( sn=sec_keyblock; sn; sn = sn->next ) {
3717 if( sn->pkt->pkttype == PKT_SIGNATURE ) {
3718 PKT_signature *b = sn->pkt->pkt.signature;
3719 if( keyid[0] == b->keyid[0] && keyid[1] == b->keyid[1]
3720 && sig->sig_class == b->sig_class
3721 && ++signumber2 == signumber )
3726 log_info(_("No corresponding signature in secret ring\n"));
3729 rc = update_keysig_packet(&newsig, sig, main_pk, uid, NULL,
3730 sk, keygen_add_key_expire, main_pk);
3732 rc = update_keysig_packet(&newsig, sig, main_pk, NULL, sub_pk,
3733 sk, keygen_add_key_expire, sub_pk );
3735 log_error("make_keysig_packet failed: %s\n",
3737 free_secret_key( sk );
3740 /* replace the packet */
3741 newpkt = xmalloc_clear( sizeof *newpkt );
3742 newpkt->pkttype = PKT_SIGNATURE;
3743 newpkt->pkt.signature = newsig;
3744 free_packet( node->pkt );
3748 newpkt = xmalloc_clear( sizeof *newpkt );
3749 newpkt->pkttype = PKT_SIGNATURE;
3750 newpkt->pkt.signature = copy_signature( NULL, newsig );
3751 free_packet( sn->pkt );
3760 free_secret_key( sk );
3766 menu_backsign(KBNODE pub_keyblock,KBNODE sec_keyblock)
3769 PKT_public_key *main_pk;
3770 PKT_secret_key *main_sk,*sub_sk=NULL;
3774 assert(pub_keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
3775 assert(sec_keyblock->pkt->pkttype==PKT_SECRET_KEY);
3777 merge_keys_and_selfsig(pub_keyblock);
3778 main_pk=pub_keyblock->pkt->pkt.public_key;
3779 main_sk=copy_secret_key(NULL,sec_keyblock->pkt->pkt.secret_key);
3780 keyid_from_pk(main_pk,NULL);
3782 /* We use the same timestamp for all backsigs so that we don't
3783 reveal information about the used machine. */
3784 timestamp = make_timestamp ();
3786 for(node=pub_keyblock;node;node=node->next)
3788 PKT_public_key *sub_pk=NULL;
3789 KBNODE node2,sig_pk=NULL,sig_sk=NULL;
3794 free_secret_key(sub_sk);
3798 /* Find a signing subkey with no backsig */
3799 if(node->pkt->pkttype==PKT_PUBLIC_SUBKEY)
3801 if(node->pkt->pkt.public_key->pubkey_usage&PUBKEY_USAGE_SIG)
3803 if(node->pkt->pkt.public_key->backsig)
3804 tty_printf(_("signing subkey %s is already cross-certified\n"),
3805 keystr_from_pk(node->pkt->pkt.public_key));
3807 sub_pk=node->pkt->pkt.public_key;
3810 tty_printf(_("subkey %s does not sign and so does"
3811 " not need to be cross-certified\n"),
3812 keystr_from_pk(node->pkt->pkt.public_key));
3818 /* Find the selected selfsig on this subkey */
3819 for(node2=node->next;
3820 node2 && node2->pkt->pkttype==PKT_SIGNATURE;
3822 if(node2->pkt->pkt.signature->version>=4
3823 && node2->pkt->pkt.signature->flags.chosen_selfsig)
3832 /* Find the secret subkey that matches the public subkey */
3833 for(node2=sec_keyblock;node2;node2=node2->next)
3834 if(node2->pkt->pkttype==PKT_SECRET_SUBKEY
3835 && !cmp_public_secret_key(sub_pk,node2->pkt->pkt.secret_key))
3837 sub_sk=copy_secret_key(NULL,node2->pkt->pkt.secret_key);
3843 tty_printf(_("no secret subkey for public subkey %s - ignoring\n"),
3844 keystr_from_pk(sub_pk));
3848 /* Now finally find the matching selfsig on the secret subkey.
3849 We can't use chosen_selfsig here (it's not set for secret
3850 keys), so we just pick the selfsig with the right class.
3851 This is what menu_expire does as well. */
3852 for(node2=node2->next;
3853 node2 && node2->pkt->pkttype!=PKT_SECRET_SUBKEY;
3855 if(node2->pkt->pkttype==PKT_SIGNATURE
3856 && node2->pkt->pkt.signature->version>=4
3857 && node2->pkt->pkt.signature->keyid[0]==sig_pk->pkt->pkt.signature->keyid[0]
3858 && node2->pkt->pkt.signature->keyid[1]==sig_pk->pkt->pkt.signature->keyid[1]
3859 && node2->pkt->pkt.signature->sig_class==sig_pk->pkt->pkt.signature->sig_class)
3865 /* Now we can get to work. We have a main key and secret part,
3866 a signing subkey with signature and secret part possibly with
3869 passphrase=get_last_passphrase();
3870 set_next_passphrase(passphrase);
3873 rc = make_backsig (sig_pk->pkt->pkt.signature, main_pk, sub_pk, sub_sk,
3877 PKT_signature *newsig;
3880 passphrase=get_last_passphrase();
3881 set_next_passphrase(passphrase);
3884 rc=update_keysig_packet(&newsig,sig_pk->pkt->pkt.signature,main_pk,
3885 NULL,sub_pk,main_sk,NULL,NULL);
3888 /* Put the new sig into place on the pubkey */
3889 newpkt=xmalloc_clear(sizeof(*newpkt));
3890 newpkt->pkttype=PKT_SIGNATURE;
3891 newpkt->pkt.signature=newsig;
3892 free_packet(sig_pk->pkt);
3898 /* Put the new sig into place on the seckey */
3899 newpkt=xmalloc_clear(sizeof(*newpkt));
3900 newpkt->pkttype=PKT_SIGNATURE;
3901 newpkt->pkt.signature=copy_signature(NULL,newsig);
3902 free_packet(sig_sk->pkt);
3911 log_error("update_keysig_packet failed: %s\n",g10_errstr(rc));
3917 log_error("make_backsig failed: %s\n",g10_errstr(rc));
3922 set_next_passphrase(NULL);
3924 free_secret_key(main_sk);
3926 free_secret_key(sub_sk);
3933 change_primary_uid_cb ( PKT_signature *sig, void *opaque )
3937 /* first clear all primary uid flags so that we are sure none are
3938 * lingering around */
3939 delete_sig_subpkt (sig->hashed, SIGSUBPKT_PRIMARY_UID);
3940 delete_sig_subpkt (sig->unhashed, SIGSUBPKT_PRIMARY_UID);
3942 /* if opaque is set,we want to set the primary id */
3945 build_sig_subpkt (sig, SIGSUBPKT_PRIMARY_UID, buf, 1 );
3953 * Set the primary uid flag for the selected UID. We will also reset
3954 * all other primary uid flags. For this to work with have to update
3955 * all the signature timestamps. If we would do this with the current
3956 * time, we lose quite a lot of information, so we use a a kludge to
3957 * do this: Just increment the timestamp by one second which is
3958 * sufficient to updated a signature during import.
3961 menu_set_primary_uid ( KBNODE pub_keyblock, KBNODE sec_keyblock )
3963 PKT_secret_key *sk; /* copy of the main sk */
3964 PKT_public_key *main_pk;
3972 if ( count_selected_uids (pub_keyblock) != 1 ) {
3973 tty_printf(_("Please select exactly one user ID.\n"));
3977 node = find_kbnode( sec_keyblock, PKT_SECRET_KEY );
3978 sk = copy_secret_key( NULL, node->pkt->pkt.secret_key);
3980 /* Now we can actually change the self signature(s) */
3985 /* Is our selected uid an attribute packet? */
3986 for ( node=pub_keyblock; node; node = node->next )
3987 if (node->pkt->pkttype == PKT_USER_ID && node->flag & NODFLG_SELUID)
3988 attribute = (node->pkt->pkt.user_id->attrib_data!=NULL);
3990 for ( node=pub_keyblock; node; node = node->next ) {
3991 if ( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
3994 if ( node->pkt->pkttype == PKT_PUBLIC_KEY ) {
3995 main_pk = node->pkt->pkt.public_key;
3996 keyid_from_pk( main_pk, keyid );
3998 else if ( node->pkt->pkttype == PKT_USER_ID ) {
3999 uid = node->pkt->pkt.user_id;
4000 selected = node->flag & NODFLG_SELUID;
4002 else if ( main_pk && uid && node->pkt->pkttype == PKT_SIGNATURE ) {
4003 PKT_signature *sig = node->pkt->pkt.signature;
4004 if ( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
4005 && (uid && (sig->sig_class&~3) == 0x10)
4006 && attribute == (uid->attrib_data!=NULL)
4007 && sig->flags.chosen_selfsig )
4009 if(sig->version < 4) {
4010 char *user=utf8_to_native(uid->name,strlen(uid->name),0);
4012 log_info(_("skipping v3 self-signature on user ID \"%s\"\n"),
4017 /* This is a selfsignature which is to be replaced.
4018 We can just ignore v3 signatures because they are
4019 not able to carry the primary ID flag. We also
4020 ignore self-sigs on user IDs that are not of the
4021 same type that we are making primary. That is, if
4022 we are making a user ID primary, we alter user IDs.
4023 If we are making an attribute packet primary, we
4024 alter attribute packets. */
4026 /* FIXME: We must make sure that we only have one
4027 self-signature per user ID here (not counting
4029 PKT_signature *newsig;
4034 /* see whether this signature has the primary UID flag */
4035 p = parse_sig_subpkt (sig->hashed,
4036 SIGSUBPKT_PRIMARY_UID, NULL );
4038 p = parse_sig_subpkt (sig->unhashed,
4039 SIGSUBPKT_PRIMARY_UID, NULL );
4040 if ( p && *p ) /* yes */
4041 action = selected? 0 : -1;
4043 action = selected? 1 : 0;
4046 int rc = update_keysig_packet (&newsig, sig,
4049 change_primary_uid_cb,
4050 action > 0? "x":NULL );
4052 log_error ("update_keysig_packet failed: %s\n",
4054 free_secret_key( sk );
4057 /* replace the packet */
4058 newpkt = xmalloc_clear( sizeof *newpkt );
4059 newpkt->pkttype = PKT_SIGNATURE;
4060 newpkt->pkt.signature = newsig;
4061 free_packet( node->pkt );
4071 free_secret_key( sk );
4077 * Set preferences to new values for the selected user IDs
4080 menu_set_preferences (KBNODE pub_keyblock, KBNODE sec_keyblock )
4082 PKT_secret_key *sk; /* copy of the main sk */
4083 PKT_public_key *main_pk;
4087 int selected, select_all;
4090 no_primary_warning(pub_keyblock);
4092 select_all = !count_selected_uids (pub_keyblock);
4094 node = find_kbnode( sec_keyblock, PKT_SECRET_KEY );
4095 sk = copy_secret_key( NULL, node->pkt->pkt.secret_key);
4097 /* Now we can actually change the self signature(s) */
4101 for ( node=pub_keyblock; node; node = node->next ) {
4102 if ( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
4105 if ( node->pkt->pkttype == PKT_PUBLIC_KEY ) {
4106 main_pk = node->pkt->pkt.public_key;
4107 keyid_from_pk( main_pk, keyid );
4109 else if ( node->pkt->pkttype == PKT_USER_ID ) {
4110 uid = node->pkt->pkt.user_id;
4111 selected = select_all || (node->flag & NODFLG_SELUID);
4113 else if ( main_pk && uid && selected
4114 && node->pkt->pkttype == PKT_SIGNATURE ) {
4115 PKT_signature *sig = node->pkt->pkt.signature;
4116 if ( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
4117 && (uid && (sig->sig_class&~3) == 0x10)
4118 && sig->flags.chosen_selfsig ) {
4119 if( sig->version < 4 ) {
4120 char *user=utf8_to_native(uid->name,strlen(uid->name),0);
4122 log_info(_("skipping v3 self-signature on user ID \"%s\"\n"),
4127 /* This is a selfsignature which is to be replaced
4128 * We have to ignore v3 signatures because they are
4129 * not able to carry the preferences */
4130 PKT_signature *newsig;
4134 rc = update_keysig_packet (&newsig, sig,
4137 keygen_upd_std_prefs,
4140 log_error ("update_keysig_packet failed: %s\n",
4142 free_secret_key( sk );
4145 /* replace the packet */
4146 newpkt = xmalloc_clear( sizeof *newpkt );
4147 newpkt->pkttype = PKT_SIGNATURE;
4148 newpkt->pkt.signature = newsig;
4149 free_packet( node->pkt );
4158 free_secret_key( sk );
4164 menu_set_keyserver_url (const char *url,
4165 KBNODE pub_keyblock, KBNODE sec_keyblock )
4167 PKT_secret_key *sk; /* copy of the main sk */
4168 PKT_public_key *main_pk;
4172 int selected, select_all;
4176 no_primary_warning(pub_keyblock);
4179 answer=xstrdup(url);
4182 answer=cpr_get_utf8("keyedit.add_keyserver",
4183 _("Enter your preferred keyserver URL: "));
4184 if(answer[0]=='\0' || answer[0]=='\004')
4191 if(ascii_strcasecmp(answer,"none")==0)
4195 struct keyserver_spec *keyserver=NULL;
4196 /* Sanity check the format */
4197 keyserver=parse_keyserver_uri(answer,1,NULL,0);
4201 log_info(_("could not parse keyserver URL\n"));
4204 uri=xstrdup(keyserver->uri);
4205 free_keyserver_spec(keyserver);
4208 select_all = !count_selected_uids (pub_keyblock);
4210 node = find_kbnode( sec_keyblock, PKT_SECRET_KEY );
4211 sk = copy_secret_key( NULL, node->pkt->pkt.secret_key);
4213 /* Now we can actually change the self signature(s) */
4217 for ( node=pub_keyblock; node; node = node->next )
4219 if ( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
4222 if ( node->pkt->pkttype == PKT_PUBLIC_KEY )
4224 main_pk = node->pkt->pkt.public_key;
4225 keyid_from_pk( main_pk, keyid );
4227 else if ( node->pkt->pkttype == PKT_USER_ID )
4229 uid = node->pkt->pkt.user_id;
4230 selected = select_all || (node->flag & NODFLG_SELUID);
4232 else if ( main_pk && uid && selected
4233 && node->pkt->pkttype == PKT_SIGNATURE )
4235 PKT_signature *sig = node->pkt->pkt.signature;
4236 if ( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
4237 && (uid && (sig->sig_class&~3) == 0x10)
4238 && sig->flags.chosen_selfsig)
4240 char *user=utf8_to_native(uid->name,strlen(uid->name),0);
4241 if( sig->version < 4 )
4242 log_info(_("skipping v3 self-signature on user ID \"%s\"\n"),
4246 /* This is a selfsignature which is to be replaced
4247 * We have to ignore v3 signatures because they are
4248 * not able to carry the subpacket. */
4249 PKT_signature *newsig;
4255 p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_PREF_KS,&plen);
4258 tty_printf("Current preferred keyserver for user"
4259 " ID \"%s\": ",user);
4260 tty_print_utf8_string(p,plen);
4262 if(!cpr_get_answer_is_yes("keyedit.confirm_keyserver",
4263 uri?_("Are you sure you want to replace it? (y/N) "):
4264 _("Are you sure you want to delete it? (y/N) ")))
4269 /* There is no current keyserver URL, so there
4270 is no point in trying to un-set it. */
4274 rc = update_keysig_packet (&newsig, sig,
4277 keygen_add_keyserver_url, uri );
4280 log_error ("update_keysig_packet failed: %s\n",
4282 free_secret_key( sk );
4286 /* replace the packet */
4287 newpkt = xmalloc_clear( sizeof *newpkt );
4288 newpkt->pkttype = PKT_SIGNATURE;
4289 newpkt->pkt.signature = newsig;
4290 free_packet( node->pkt );
4302 free_secret_key( sk );
4307 menu_set_notation(const char *string,KBNODE pub_keyblock,KBNODE sec_keyblock)
4309 PKT_secret_key *sk; /* copy of the main sk */
4310 PKT_public_key *main_pk;
4314 int selected, select_all;
4317 struct notation *notation;
4319 no_primary_warning(pub_keyblock);
4322 answer=xstrdup(string);
4325 answer=cpr_get_utf8("keyedit.add_notation",
4326 _("Enter the notation: "));
4327 if(answer[0]=='\0' || answer[0]=='\004')
4334 if(ascii_strcasecmp(answer,"none")==0
4335 || ascii_strcasecmp(answer,"-")==0)
4336 notation=NULL; /* delete them all */
4339 notation=string_to_notation(answer,0);
4349 select_all = !count_selected_uids (pub_keyblock);
4351 node = find_kbnode( sec_keyblock, PKT_SECRET_KEY );
4352 sk = copy_secret_key( NULL, node->pkt->pkt.secret_key);
4354 /* Now we can actually change the self signature(s) */
4358 for ( node=pub_keyblock; node; node = node->next )
4360 if ( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
4363 if ( node->pkt->pkttype == PKT_PUBLIC_KEY )
4365 main_pk = node->pkt->pkt.public_key;
4366 keyid_from_pk( main_pk, keyid );
4368 else if ( node->pkt->pkttype == PKT_USER_ID )
4370 uid = node->pkt->pkt.user_id;
4371 selected = select_all || (node->flag & NODFLG_SELUID);
4373 else if ( main_pk && uid && selected
4374 && node->pkt->pkttype == PKT_SIGNATURE )
4376 PKT_signature *sig = node->pkt->pkt.signature;
4377 if ( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
4378 && (uid && (sig->sig_class&~3) == 0x10)
4379 && sig->flags.chosen_selfsig)
4381 char *user=utf8_to_native(uid->name,strlen(uid->name),0);
4382 if( sig->version < 4 )
4383 log_info(_("skipping v3 self-signature on user ID \"%s\"\n"),
4387 PKT_signature *newsig;
4389 int rc,skip=0,addonly=1;
4391 if(sig->flags.notation)
4393 tty_printf("Current notations for user ID \"%s\":\n",
4395 tty_print_notations(-9,sig);
4399 tty_printf("No notations on user ID \"%s\"\n",user);
4402 /* There are no current notations, so there
4403 is no point in trying to un-set them. */
4413 notation->next=sig_to_notation(sig);
4415 for(n=notation->next;n;n=n->next)
4416 if(strcmp(n->name,notation->name)==0)
4420 if(strcmp(n->value,notation->value)==0)
4422 if(notation->flags.ignore)
4424 /* Value match with a delete
4431 /* Adding the same notation
4432 twice, so don't add it at
4435 tty_printf("Skipping notation:"
4445 /* No value, so it means delete. */
4452 tty_printf("Removing notation: %s=%s\n",
4458 if(!notation->flags.ignore && !skip)
4459 tty_printf("Adding notation: %s=%s\n",
4460 notation->name,notation->value);
4462 /* We tried to delete, but had no matches */
4463 if(notation->flags.ignore && !deleting)
4468 tty_printf("Removing all notations\n");
4474 && !cpr_get_answer_is_yes("keyedit.confirm_notation",
4475 _("Proceed? (y/N) "))))
4478 rc = update_keysig_packet (&newsig, sig,
4481 keygen_add_notations, notation );
4484 log_error ("update_keysig_packet failed: %s\n",
4486 free_secret_key( sk );
4487 free_notation(notation);
4492 /* replace the packet */
4493 newpkt = xmalloc_clear( sizeof *newpkt );
4494 newpkt->pkttype = PKT_SIGNATURE;
4495 newpkt->pkt.signature = newsig;
4496 free_packet( node->pkt );
4503 /* Snip off the notation list from the sig */
4504 free_notation(notation->next);
4505 notation->next=NULL;
4514 free_notation(notation);
4515 free_secret_key( sk );
4521 * Select one user id or remove all selection if IDX is 0 or select
4522 * all if IDX is -1. Returns: True if the selection changed.
4525 menu_select_uid (KBNODE keyblock, int idx)
4530 if (idx == -1) /* Select all. */
4532 for (node = keyblock; node; node = node->next)
4533 if (node->pkt->pkttype == PKT_USER_ID)
4534 node->flag |= NODFLG_SELUID;
4537 else if (idx) /* Toggle. */
4539 for (i=0, node = keyblock; node; node = node->next)
4541 if (node->pkt->pkttype == PKT_USER_ID)
4547 tty_printf (_("No user ID with index %d\n"), idx );
4551 for (i=0, node = keyblock; node; node = node->next)
4553 if (node->pkt->pkttype == PKT_USER_ID)
4557 if ((node->flag & NODFLG_SELUID))
4558 node->flag &= ~NODFLG_SELUID;
4560 node->flag |= NODFLG_SELUID;
4565 else /* Unselect all */
4567 for (node = keyblock; node; node = node->next)
4568 if (node->pkt->pkttype == PKT_USER_ID)
4569 node->flag &= ~NODFLG_SELUID;
4576 /* Search in the keyblock for a uid that matches namehash */
4578 menu_select_uid_namehash( KBNODE keyblock, const char *namehash )
4580 byte hash[NAMEHASH_LEN];
4584 assert(strlen(namehash)==NAMEHASH_LEN*2);
4586 for(i=0;i<NAMEHASH_LEN;i++)
4587 hash[i]=hextobyte(&namehash[i*2]);
4589 for(node=keyblock->next;node;node=node->next)
4591 if(node->pkt->pkttype==PKT_USER_ID)
4593 namehash_from_uid(node->pkt->pkt.user_id);
4594 if(memcmp(node->pkt->pkt.user_id->namehash,hash,NAMEHASH_LEN)==0)
4596 if(node->flag&NODFLG_SELUID)
4597 node->flag &= ~NODFLG_SELUID;
4599 node->flag |= NODFLG_SELUID;
4608 tty_printf(_("No user ID with hash %s\n"),namehash);
4616 * Select secondary keys
4617 * Returns: True if the selection changed.
4620 menu_select_key (KBNODE keyblock, int idx)
4625 if (idx == -1) /* Select all. */
4627 for (node = keyblock; node; node = node->next)
4628 if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY
4629 || node->pkt->pkttype == PKT_SECRET_SUBKEY)
4630 node->flag |= NODFLG_SELKEY;
4632 else if (idx) /* Toggle selection. */
4634 for (i=0, node = keyblock; node; node = node->next)
4636 if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY
4637 || node->pkt->pkttype == PKT_SECRET_SUBKEY)
4643 tty_printf (_("No subkey with index %d\n"), idx );
4647 for (i=0, node = keyblock; node; node = node->next)
4649 if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY
4650 || node->pkt->pkttype == PKT_SECRET_SUBKEY )
4653 if ((node->flag & NODFLG_SELKEY))
4654 node->flag &= ~NODFLG_SELKEY;
4656 node->flag |= NODFLG_SELKEY;
4660 else /* Unselect all. */
4662 for (node = keyblock; node; node = node->next)
4663 if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY
4664 || node->pkt->pkttype == PKT_SECRET_SUBKEY)
4665 node->flag &= ~NODFLG_SELKEY;
4673 count_uids_with_flag( KBNODE keyblock, unsigned flag )
4678 for( node = keyblock; node; node = node->next )
4679 if( node->pkt->pkttype == PKT_USER_ID && (node->flag & flag) )
4685 count_keys_with_flag( KBNODE keyblock, unsigned flag )
4690 for( node = keyblock; node; node = node->next )
4691 if( ( node->pkt->pkttype == PKT_PUBLIC_SUBKEY
4692 || node->pkt->pkttype == PKT_SECRET_SUBKEY)
4693 && (node->flag & flag) )
4699 count_uids( KBNODE keyblock )
4704 for( node = keyblock; node; node = node->next )
4705 if( node->pkt->pkttype == PKT_USER_ID )
4712 * Returns true if there is at least one selected user id
4715 count_selected_uids( KBNODE keyblock )
4717 return count_uids_with_flag( keyblock, NODFLG_SELUID);
4721 count_selected_keys( KBNODE keyblock )
4723 return count_keys_with_flag( keyblock, NODFLG_SELKEY);
4726 /* returns how many real (i.e. not attribute) uids are unmarked */
4728 real_uids_left( KBNODE keyblock )
4733 for(node=keyblock;node;node=node->next)
4734 if(node->pkt->pkttype==PKT_USER_ID && !(node->flag&NODFLG_SELUID) &&
4735 !node->pkt->pkt.user_id->attrib_data)
4742 * Ask whether the signature should be revoked. If the user commits this,
4743 * flag bit MARK_A is set on the signature and the user ID.
4746 ask_revoke_sig( KBNODE keyblock, KBNODE node )
4750 PKT_signature *sig = node->pkt->pkt.signature;
4751 KBNODE unode = find_prev_kbnode( keyblock, node, PKT_USER_ID );
4754 log_error("Oops: no user ID for signature\n");
4758 uid=unode->pkt->pkt.user_id;
4762 if(uid->attrib_data)
4763 printf("uat:::::::::%u %lu",uid->numattribs,uid->attrib_len);
4766 printf("uid:::::::::");
4767 print_string (stdout, uid->name, uid->len, ':');
4772 print_and_check_one_sig_colon(keyblock,node,NULL,NULL,NULL,NULL,1);
4776 char *p=utf8_to_native(unode->pkt->pkt.user_id->name,
4777 unode->pkt->pkt.user_id->len,0);
4778 tty_printf(_("user ID: \"%s\"\n"),p);
4781 tty_printf(_("signed by your key %s on %s%s%s\n"),
4782 keystr(sig->keyid),datestr_from_sig(sig),
4783 sig->flags.exportable?"":_(" (non-exportable)"),"");
4785 if(sig->flags.expired)
4787 tty_printf(_("This signature expired on %s.\n"),
4788 expirestr_from_sig(sig));
4789 /* Use a different question so we can have different help text */
4790 doit=cpr_get_answer_is_yes("ask_revoke_sig.expired",
4791 _("Are you sure you still want to revoke it? (y/N) "));
4794 doit=cpr_get_answer_is_yes("ask_revoke_sig.one",
4795 _("Create a revocation certificate for this signature? (y/N) "));
4798 node->flag |= NODFLG_MARK_A;
4799 unode->flag |= NODFLG_MARK_A;
4804 * Display all user ids of the current public key together with signatures
4805 * done by one of our keys. Then walk over all this sigs and ask the user
4806 * whether he wants to revoke this signature.
4807 * Return: True when the keyblock has changed.
4810 menu_revsig( KBNODE keyblock )
4813 PKT_public_key *primary_pk;
4816 int rc, any, skip=1, all=!count_selected_uids(keyblock);
4817 struct revocation_reason_info *reason = NULL;
4819 assert(keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
4821 /* First check whether we have any signatures at all. */
4823 for (node = keyblock; node; node = node->next )
4825 node->flag &= ~(NODFLG_SELSIG | NODFLG_MARK_A);
4826 if (node->pkt->pkttype == PKT_USER_ID) {
4827 if (node->flag&NODFLG_SELUID || all)
4832 else if (!skip && node->pkt->pkttype == PKT_SIGNATURE
4833 && ((sig = node->pkt->pkt.signature),
4834 !seckey_available(sig->keyid) ))
4836 if ((sig->sig_class&~3) == 0x10)
4846 tty_printf (_("Not signed by you.\n"));
4851 /* FIXME: detect duplicates here */
4852 tty_printf(_("You have signed these user IDs on key %s:\n"),
4853 keystr_from_pk(keyblock->pkt->pkt.public_key));
4854 for( node = keyblock; node; node = node->next ) {
4855 node->flag &= ~(NODFLG_SELSIG | NODFLG_MARK_A);
4856 if( node->pkt->pkttype == PKT_USER_ID ) {
4857 if( node->flag&NODFLG_SELUID || all ) {
4858 PKT_user_id *uid = node->pkt->pkt.user_id;
4859 /* Hmmm: Should we show only UIDs with a signature? */
4861 tty_print_utf8_string( uid->name, uid->len );
4868 else if( !skip && node->pkt->pkttype == PKT_SIGNATURE
4869 && ((sig = node->pkt->pkt.signature),
4870 !seckey_available(sig->keyid) ) )
4872 if( (sig->sig_class&~3) == 0x10 )
4875 tty_printf(_("signed by your key %s on %s%s%s\n"),
4876 keystr(sig->keyid), datestr_from_sig(sig),
4877 sig->flags.exportable?"":_(" (non-exportable)"),
4878 sig->flags.revocable?"":_(" (non-revocable)"));
4879 if(sig->flags.revocable)
4880 node->flag |= NODFLG_SELSIG;
4882 else if( sig->sig_class == 0x30 )
4885 tty_printf(_("revoked by your key %s on %s\n"),
4886 keystr(sig->keyid),datestr_from_sig(sig));
4894 for( node = keyblock; node; node = node->next ) {
4895 if( !(node->flag & NODFLG_SELSIG) )
4897 ask_revoke_sig( keyblock, node );
4900 /* present selected */
4902 for( node = keyblock; node; node = node->next ) {
4903 if( !(node->flag & NODFLG_MARK_A) )
4907 tty_printf(_("You are about to revoke these signatures:\n"));
4909 if( node->pkt->pkttype == PKT_USER_ID ) {
4910 PKT_user_id *uid = node->pkt->pkt.user_id;
4912 tty_print_utf8_string( uid->name, uid->len );
4915 else if( node->pkt->pkttype == PKT_SIGNATURE ) {
4916 sig = node->pkt->pkt.signature;
4918 tty_printf(_("signed by your key %s on %s%s%s\n"),
4919 keystr(sig->keyid), datestr_from_sig(sig),"",
4920 sig->flags.exportable?"":_(" (non-exportable)") );
4924 return 0; /* none selected */
4926 if( !cpr_get_answer_is_yes("ask_revoke_sig.okay",
4927 _("Really create the revocation certificates? (y/N) ")) )
4928 return 0; /* forget it */
4930 reason = ask_revocation_reason( 0, 1, 0 );
4931 if( !reason ) { /* user decided to cancel */
4935 /* now we can sign the user ids */
4936 reloop: /* (must use this, because we are modifing the list) */
4937 primary_pk = keyblock->pkt->pkt.public_key;
4938 for( node=keyblock; node; node = node->next ) {
4941 struct sign_attrib attrib;
4944 if( !(node->flag & NODFLG_MARK_A)
4945 || node->pkt->pkttype != PKT_SIGNATURE )
4947 unode = find_prev_kbnode( keyblock, node, PKT_USER_ID );
4948 assert( unode ); /* we already checked this */
4950 memset( &attrib, 0, sizeof attrib );
4951 attrib.reason = reason;
4952 attrib.non_exportable=!node->pkt->pkt.signature->flags.exportable;
4954 node->flag &= ~NODFLG_MARK_A;
4955 sk = xmalloc_secure_clear( sizeof *sk );
4956 if( get_seckey( sk, node->pkt->pkt.signature->keyid ) ) {
4957 log_info(_("no secret key\n"));
4960 rc = make_keysig_packet( &sig, primary_pk,
4961 unode->pkt->pkt.user_id,
4967 free_secret_key(sk);
4969 log_error(_("signing failed: %s\n"), g10_errstr(rc));
4970 release_revocation_reason_info( reason );
4973 changed = 1; /* we changed the keyblock */
4975 /* Are we revoking our own uid? */
4976 if(primary_pk->keyid[0]==sig->keyid[0] &&
4977 primary_pk->keyid[1]==sig->keyid[1])
4978 unode->pkt->pkt.user_id->is_revoked=1;
4979 pkt = xmalloc_clear( sizeof *pkt );
4980 pkt->pkttype = PKT_SIGNATURE;
4981 pkt->pkt.signature = sig;
4982 insert_kbnode( unode, new_kbnode(pkt), 0 );
4986 release_revocation_reason_info( reason );
4990 /* Revoke a user ID (i.e. revoke a user ID selfsig). Return true if
4991 keyblock changed. */
4993 menu_revuid( KBNODE pub_keyblock, KBNODE sec_keyblock )
4995 PKT_public_key *pk = pub_keyblock->pkt->pkt.public_key;
4996 PKT_secret_key *sk = copy_secret_key( NULL,
4997 sec_keyblock->pkt->pkt.secret_key );
5001 struct revocation_reason_info *reason = NULL;
5003 /* Note that this is correct as per the RFCs, but nevertheless
5004 somewhat meaningless in the real world. 1991 did define the 0x30
5005 sig class, but PGP 2.x did not actually implement it, so it would
5006 probably be safe to use v4 revocations everywhere. -ds */
5008 for( node = pub_keyblock; node; node = node->next )
5009 if(pk->version>3 || (node->pkt->pkttype==PKT_USER_ID &&
5010 node->pkt->pkt.user_id->selfsigversion>3))
5012 if((reason = ask_revocation_reason( 0, 1, 4 )))
5018 reloop: /* (better this way because we are modifing the keyring) */
5019 for( node = pub_keyblock; node; node = node->next )
5020 if(node->pkt->pkttype == PKT_USER_ID && (node->flag & NODFLG_SELUID))
5022 PKT_user_id *uid=node->pkt->pkt.user_id;
5026 char *user=utf8_to_native(uid->name,uid->len,0);
5027 log_info(_("user ID \"%s\" is already revoked\n"),user);
5034 struct sign_attrib attrib;
5035 u32 timestamp=make_timestamp();
5037 if(uid->created>=timestamp)
5039 /* Okay, this is a problem. The user ID selfsig was
5040 created in the future, so we need to warn the user and
5041 set our revocation timestamp one second after that so
5042 everything comes out clean. */
5044 log_info(_("WARNING: a user ID signature is dated %d"
5045 " seconds in the future\n"),uid->created-timestamp);
5047 timestamp=uid->created+1;
5050 memset( &attrib, 0, sizeof attrib );
5051 attrib.reason = reason;
5053 node->flag &= ~NODFLG_SELUID;
5055 rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x30, 0,
5056 (reason==NULL)?3:0, timestamp, 0,
5057 sign_mk_attrib, &attrib );
5060 log_error(_("signing failed: %s\n"), g10_errstr(rc));
5065 pkt = xmalloc_clear( sizeof *pkt );
5066 pkt->pkttype = PKT_SIGNATURE;
5067 pkt->pkt.signature = sig;
5068 insert_kbnode( node, new_kbnode(pkt), 0 );
5070 /* If the trustdb has an entry for this key+uid then the
5071 trustdb needs an update. */
5073 && (get_validity(pk,uid)&TRUST_MASK)>=TRUST_UNDEFINED)
5077 node->pkt->pkt.user_id->is_revoked=1;
5085 commit_kbnode( &pub_keyblock );
5088 free_secret_key(sk);
5089 release_revocation_reason_info( reason );
5094 * Revoke the whole key.
5097 menu_revkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
5099 PKT_public_key *pk=pub_keyblock->pkt->pkt.public_key;
5102 struct revocation_reason_info *reason;
5108 tty_printf(_("Key %s is already revoked.\n"),keystr_from_pk(pk));
5112 reason = ask_revocation_reason( 1, 0, 0 );
5113 /* user decided to cancel */
5117 sk = copy_secret_key( NULL, sec_keyblock->pkt->pkt.secret_key );
5118 rc = make_keysig_packet( &sig, pk, NULL, NULL, sk,
5119 0x20, 0, opt.force_v4_certs?4:0, 0, 0,
5120 revocation_reason_build_cb, reason );
5121 free_secret_key(sk);
5124 log_error(_("signing failed: %s\n"), g10_errstr(rc));
5128 changed = 1; /* we changed the keyblock */
5130 pkt = xmalloc_clear( sizeof *pkt );
5131 pkt->pkttype = PKT_SIGNATURE;
5132 pkt->pkt.signature = sig;
5133 insert_kbnode( pub_keyblock, new_kbnode(pkt), 0 );
5134 commit_kbnode( &pub_keyblock );
5139 release_revocation_reason_info( reason );
5144 menu_revsubkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
5146 PKT_public_key *mainpk;
5150 struct revocation_reason_info *reason = NULL;
5152 reason = ask_revocation_reason( 1, 0, 0 );
5153 if( !reason ) { /* user decided to cancel */
5157 reloop: /* (better this way because we are modifing the keyring) */
5158 mainpk = pub_keyblock->pkt->pkt.public_key;
5159 for( node = pub_keyblock; node; node = node->next ) {
5160 if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY
5161 && (node->flag & NODFLG_SELKEY) ) {
5165 PKT_public_key *subpk = node->pkt->pkt.public_key;
5166 struct sign_attrib attrib;
5168 if(subpk->is_revoked)
5170 tty_printf(_("Subkey %s is already revoked.\n"),
5171 keystr_from_pk(subpk));
5175 memset( &attrib, 0, sizeof attrib );
5176 attrib.reason = reason;
5178 node->flag &= ~NODFLG_SELKEY;
5179 sk = copy_secret_key( NULL, sec_keyblock->pkt->pkt.secret_key );
5180 rc = make_keysig_packet( &sig, mainpk, NULL, subpk, sk,
5182 sign_mk_attrib, &attrib );
5183 free_secret_key(sk);
5185 log_error(_("signing failed: %s\n"), g10_errstr(rc));
5186 release_revocation_reason_info( reason );
5189 changed = 1; /* we changed the keyblock */
5191 pkt = xmalloc_clear( sizeof *pkt );
5192 pkt->pkttype = PKT_SIGNATURE;
5193 pkt->pkt.signature = sig;
5194 insert_kbnode( node, new_kbnode(pkt), 0 );
5198 commit_kbnode( &pub_keyblock );
5199 /*commit_kbnode( &sec_keyblock );*/
5201 /* No need to set update_trust here since signing keys no longer
5202 are used to certify other keys, so there is no change in trust
5203 when revoking/removing them */
5205 release_revocation_reason_info( reason );
5209 /* Note that update_ownertrust is going to mark the trustdb dirty when
5210 enabling or disabling a key. This is arguably sub-optimal as
5211 disabled keys are still counted in the web of trust, but perhaps
5212 not worth adding extra complexity to change. -ds */
5214 enable_disable_key( KBNODE keyblock, int disable )
5216 PKT_public_key *pk = find_kbnode( keyblock, PKT_PUBLIC_KEY )
5217 ->pkt->pkt.public_key;
5218 unsigned int trust, newtrust;
5220 trust = newtrust = get_ownertrust (pk);
5221 newtrust &= ~TRUST_FLAG_DISABLED;
5223 newtrust |= TRUST_FLAG_DISABLED;
5224 if( trust == newtrust )
5225 return 0; /* already in that state */
5226 update_ownertrust(pk, newtrust );
5232 menu_showphoto( KBNODE keyblock )
5235 int select_all = !count_selected_uids(keyblock);
5237 PKT_public_key *pk=NULL;
5239 /* Look for the public key first. We have to be really, really,
5240 explicit as to which photo this is, and what key it is a UID on
5241 since people may want to sign it. */
5243 for( node = keyblock; node; node = node->next )
5245 if( node->pkt->pkttype == PKT_PUBLIC_KEY )
5246 pk = node->pkt->pkt.public_key;
5247 else if( node->pkt->pkttype == PKT_USER_ID )
5249 PKT_user_id *uid = node->pkt->pkt.user_id;
5252 if((select_all || (node->flag & NODFLG_SELUID)) &&
5257 for(i=0;i<uid->numattribs;i++)
5262 if(uid->attribs[i].type==ATTRIB_IMAGE &&
5263 parse_image_header(&uid->attribs[i],&type,&size))
5265 tty_printf(_("Displaying %s photo ID of size %ld for "
5266 "key %s (uid %d)\n"),
5267 image_type_to_string(type,1),
5268 (ulong)size,keystr_from_pk(pk),count);
5269 show_photos(&uid->attribs[i],1,pk,NULL,uid);