1 /* keylist.c - Print information about OpenPGP keys
2 * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006,
3 * 2008, 2010, 2012 Free Software Foundation, Inc.
4 * Copyright (C) 2013, 2014 Werner Koch
6 * This file is part of GnuPG.
8 * GnuPG is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
13 * GnuPG is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, see <http://www.gnu.org/licenses/>.
28 #ifdef HAVE_DOSISH_SYSTEM
29 #include <fcntl.h> /* for setmode() */
44 #include "call-agent.h"
45 #include "mbox-util.h"
48 static void list_all (int, int);
49 static void list_one (strlist_t names, int secret, int mark_secret);
50 static void locate_one (ctrl_t ctrl, strlist_t names);
51 static void print_card_serialno (const char *serialno);
53 struct keylist_context
55 int check_sigs; /* If set signatures shall be verified. */
56 int good_sigs; /* Counter used if CHECK_SIGS is set. */
57 int inv_sigs; /* Counter used if CHECK_SIGS is set. */
58 int no_key; /* Counter used if CHECK_SIGS is set. */
59 int oth_err; /* Counter used if CHECK_SIGS is set. */
63 static void list_keyblock (kbnode_t keyblock, int secret, int has_secret,
64 int fpr, struct keylist_context *listctx);
67 /* The stream used to write attribute packets to. */
68 static estream_t attrib_fp;
71 /* Release resources from a keylist context. */
73 keylist_context_release (struct keylist_context *listctx)
75 (void)listctx; /* Nothing to release. */
79 /* List the keys. If list is NULL, all available keys are listed.
80 With LOCATE_MODE set the locate algorithm is used to find a
83 public_key_list (ctrl_t ctrl, strlist_t list, int locate_mode)
85 #ifndef NO_TRUST_MODELS
88 byte trust_model, marginals, completes, cert_depth, min_cert_level;
89 ulong created, nextcheck;
91 read_trust_options (&trust_model, &created, &nextcheck,
92 &marginals, &completes, &cert_depth, &min_cert_level);
94 es_fprintf (es_stdout, "tru:");
96 if (nextcheck && nextcheck <= make_timestamp ())
97 es_fprintf (es_stdout, "o");
98 if (trust_model != opt.trust_model)
99 es_fprintf (es_stdout, "t");
100 if (opt.trust_model == TM_PGP || opt.trust_model == TM_CLASSIC)
102 if (marginals != opt.marginals_needed)
103 es_fprintf (es_stdout, "m");
104 if (completes != opt.completes_needed)
105 es_fprintf (es_stdout, "c");
106 if (cert_depth != opt.max_cert_depth)
107 es_fprintf (es_stdout, "d");
108 if (min_cert_level != opt.min_cert_level)
109 es_fprintf (es_stdout, "l");
112 es_fprintf (es_stdout, ":%d:%lu:%lu", trust_model, created, nextcheck);
114 /* Only show marginals, completes, and cert_depth in the classic
115 or PGP trust models since they are not meaningful
118 if (trust_model == TM_PGP || trust_model == TM_CLASSIC)
119 es_fprintf (es_stdout, ":%d:%d:%d", marginals, completes, cert_depth);
120 es_fprintf (es_stdout, "\n");
122 #endif /*!NO_TRUST_MODELS*/
124 /* We need to do the stale check right here because it might need to
125 update the keyring while we already have the keyring open. This
126 is very bad for W32 because of a sharing violation. For real OSes
127 it might lead to false results if we are later listing a keyring
128 which is associated with the inode of a deleted file. */
129 check_trustdb_stale ();
132 locate_one (ctrl, list);
134 list_all (0, opt.with_secret);
136 list_one (list, 0, opt.with_secret);
141 secret_key_list (ctrl_t ctrl, strlist_t list)
145 check_trustdb_stale ();
149 else /* List by user id */
150 list_one (list, 1, 0);
154 print_seckey_info (PKT_public_key *pk)
158 char pkstrbuf[PUBKEY_STRING_SIZE];
160 keyid_from_pk (pk, keyid);
161 p = get_user_id_native (keyid);
163 tty_printf ("\nsec %s/%s %s %s\n",
164 pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
165 keystr (keyid), datestr_from_pk (pk), p);
170 /* Print information about the public key. With FP passed as NULL,
171 the tty output interface is used, otherwise output is directted to
174 print_pubkey_info (estream_t fp, PKT_public_key *pk)
178 char pkstrbuf[PUBKEY_STRING_SIZE];
180 keyid_from_pk (pk, keyid);
182 /* If the pk was chosen by a particular user ID, that is the one to
185 p = utf8_to_native (pk->user_id->name, pk->user_id->len, 0);
187 p = get_user_id_native (keyid);
191 tty_fprintf (fp, "%s %s/%s %s %s\n",
192 pk->flags.primary? "pub":"sub",
193 pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
194 keystr (keyid), datestr_from_pk (pk), p);
199 /* Print basic information of a secret key including the card serial
200 number information. */
201 #ifdef ENABLE_CARD_SUPPORT
203 print_card_key_info (estream_t fp, kbnode_t keyblock)
209 char pkstrbuf[PUBKEY_STRING_SIZE];
212 for (node = keyblock; node; node = node->next)
214 if (node->pkt->pkttype == PKT_PUBLIC_KEY
215 || node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
218 PKT_public_key *pk = node->pkt->pkt.public_key;
221 rc = hexkeygrip_from_pk (pk, &hexgrip);
224 log_error ("error computing a keygrip: %s\n", gpg_strerror (rc));
227 else if (!agent_get_keyinfo (NULL, hexgrip, &serialno))
228 s2k_char = serialno? '>':' ';
230 s2k_char = '#'; /* Key not found. */
232 tty_fprintf (fp, "%s%c %s/%s %n",
233 node->pkt->pkttype == PKT_PUBLIC_KEY ? "sec" : "ssb",
235 pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
238 tty_fprintf (fp, _("created: %s"), datestr_from_pk (pk));
239 tty_fprintf (fp, " ");
240 tty_fprintf (fp, _("expires: %s"), expirestr_from_pk (pk));
243 tty_fprintf (fp, "\n%*s%s", indent, "", _("card-no: "));
244 if (strlen (serialno) == 32
245 && !strncmp (serialno, "D27600012401", 12))
247 /* This is an OpenPGP card. Print the relevant part. */
248 /* Example: D2760001240101010001000003470000 */
250 tty_fprintf (fp, "%.*s %.*s", 4, serialno+16, 8, serialno+20);
253 tty_fprintf (fp, "%s", serialno);
255 tty_fprintf (fp, "\n");
261 #endif /*ENABLE_CARD_SUPPORT*/
264 /* Flags = 0x01 hashed 0x02 critical. */
266 status_one_subpacket (sigsubpkttype_t type, size_t len, int flags,
271 /* Don't print these. */
275 snprintf (status, sizeof status,
276 "%d %u %u ", type, flags, (unsigned int) len);
278 write_status_text_and_buffer (STATUS_SIG_SUBPACKET, status, buf, len, 0);
282 /* Print a policy URL. Allowed values for MODE are:
283 * 0 - print to stdout.
284 * 1 - use log_info and emit status messages.
285 * 2 - emit only status messages.
288 show_policy_url (PKT_signature * sig, int indent, int mode)
293 estream_t fp = mode ? log_get_stream () : es_stdout;
296 enum_sig_subpkt (sig->hashed, SIGSUBPKT_POLICY, &len, &seq, &crit)))
303 for (i = 0; i < indent; i++)
307 str = _("Critical signature policy: ");
309 str = _("Signature policy: ");
311 log_info ("%s", str);
313 es_fprintf (fp, "%s", str);
314 print_utf8_buffer (fp, p, len);
315 es_fprintf (fp, "\n");
319 write_status_buffer (STATUS_POLICY_URL, p, len, 0);
326 mode=1 for log_info + status messages
327 mode=2 for status messages only
331 show_keyserver_url (PKT_signature * sig, int indent, int mode)
336 estream_t fp = mode ? log_get_stream () : es_stdout;
339 enum_sig_subpkt (sig->hashed, SIGSUBPKT_PREF_KS, &len, &seq,
347 for (i = 0; i < indent; i++)
348 es_putc (' ', es_stdout);
351 str = _("Critical preferred keyserver: ");
353 str = _("Preferred keyserver: ");
355 log_info ("%s", str);
357 es_fprintf (es_stdout, "%s", str);
358 print_utf8_buffer (fp, p, len);
359 es_fprintf (fp, "\n");
363 status_one_subpacket (SIGSUBPKT_PREF_KS, len,
364 (crit ? 0x02 : 0) | 0x01, p);
370 mode=1 for log_info + status messages
371 mode=2 for status messages only
373 Defined bits in WHICH:
374 1 == standard notations
378 show_notation (PKT_signature * sig, int indent, int mode, int which)
380 estream_t fp = mode ? log_get_stream () : es_stdout;
381 struct notation *nd, *notations;
386 notations = sig_to_notation (sig);
388 /* There may be multiple notations in the same sig. */
389 for (nd = notations; nd; nd = nd->next)
393 int has_at = !!strchr (nd->name, '@');
395 if ((which & 1 && !has_at) || (which & 2 && has_at))
400 for (i = 0; i < indent; i++)
401 es_putc (' ', es_stdout);
403 if (nd->flags.critical)
404 str = _("Critical signature notation: ");
406 str = _("Signature notation: ");
408 log_info ("%s", str);
410 es_fprintf (es_stdout, "%s", str);
411 /* This is all UTF8 */
412 print_utf8_buffer (fp, nd->name, strlen (nd->name));
413 es_fprintf (fp, "=");
414 print_utf8_buffer (fp, nd->value, strlen (nd->value));
415 /* (We need to use log_printf so that the next call to a
416 log function does not insert an extra LF.) */
426 write_status_buffer (STATUS_NOTATION_NAME,
427 nd->name, strlen (nd->name), 0);
428 write_status_buffer (STATUS_NOTATION_DATA,
429 nd->value, strlen (nd->value), 50);
433 free_notation (notations);
438 print_signature_stats (struct keylist_context *s)
441 return; /* Signature checking was not requested. */
443 if (s->good_sigs == 1)
444 log_info (_("1 good signature\n"));
445 else if (s->good_sigs)
446 log_info (_("%d good signatures\n"), s->good_sigs);
448 if (s->inv_sigs == 1)
449 log_info (_("1 bad signature\n"));
450 else if (s->inv_sigs)
451 log_info (_("%d bad signatures\n"), s->inv_sigs);
454 log_info (_("1 signature not checked due to a missing key\n"));
456 log_info (_("%d signatures not checked due to missing keys\n"), s->no_key);
459 log_info (_("1 signature not checked due to an error\n"));
461 log_info (_("%d signatures not checked due to errors\n"), s->oth_err);
465 /* List all keys. If SECRET is true only secret keys are listed. If
466 MARK_SECRET is true secret keys are indicated in a public key
469 list_all (int secret, int mark_secret)
472 KBNODE keyblock = NULL;
475 const char *lastresname, *resname;
476 struct keylist_context listctx;
478 memset (&listctx, 0, sizeof (listctx));
480 listctx.check_sigs = 1;
484 rc = gpg_error (GPG_ERR_GENERAL);
486 rc = keydb_search_first (hd);
489 if (gpg_err_code (rc) != GPG_ERR_NOT_FOUND)
490 log_error ("keydb_search_first failed: %s\n", gpg_strerror (rc));
497 rc = keydb_get_keyblock (hd, &keyblock);
500 if (gpg_err_code (rc) == GPG_ERR_LEGACY_KEY)
501 continue; /* Skip legacy keys. */
502 log_error ("keydb_get_keyblock failed: %s\n", gpg_strerror (rc));
506 if (secret || mark_secret)
507 any_secret = !agent_probe_any_secret_key (NULL, keyblock);
511 if (secret && !any_secret)
512 ; /* Secret key listing requested but this isn't one. */
515 if (!opt.with_colons)
517 resname = keydb_get_resource_name (hd);
518 if (lastresname != resname)
522 es_fprintf (es_stdout, "%s\n", resname);
523 for (i = strlen (resname); i; i--)
524 es_putc ('-', es_stdout);
525 es_putc ('\n', es_stdout);
526 lastresname = resname;
529 merge_keys_and_selfsig (keyblock);
530 list_keyblock (keyblock, secret, any_secret, opt.fingerprint,
533 release_kbnode (keyblock);
536 while (!(rc = keydb_search_next (hd)));
537 es_fflush (es_stdout);
538 if (rc && gpg_err_code (rc) != GPG_ERR_NOT_FOUND)
539 log_error ("keydb_search_next failed: %s\n", gpg_strerror (rc));
540 if (keydb_get_skipped_counter (hd))
541 log_info (_("Warning: %lu key(s) skipped due to their large size\n"),
542 keydb_get_skipped_counter (hd));
544 if (opt.check_sigs && !opt.with_colons)
545 print_signature_stats (&listctx);
548 keylist_context_release (&listctx);
549 release_kbnode (keyblock);
555 list_one (strlist_t names, int secret, int mark_secret)
558 KBNODE keyblock = NULL;
561 const char *keyring_str = _("Keyring");
563 struct keylist_context listctx;
565 memset (&listctx, 0, sizeof (listctx));
566 if (!secret && opt.check_sigs)
567 listctx.check_sigs = 1;
569 /* fixme: using the bynames function has the disadvantage that we
570 * don't know wether one of the names given was not found. OTOH,
571 * this function has the advantage to list the names in the
572 * sequence as defined by the keyDB and does not duplicate
573 * outputs. A solution could be do test whether all given have
574 * been listed (this needs a way to use the keyDB search
575 * functions) or to have the search function return indicators for
576 * found names. Yet another way is to use the keydb search
577 * facilities directly. */
578 rc = getkey_bynames (&ctx, NULL, names, secret, &keyblock);
581 log_error ("error reading key: %s\n", gpg_strerror (rc));
582 get_pubkey_end (ctx);
588 if ((opt.list_options & LIST_SHOW_KEYRING) && !opt.with_colons)
590 resname = keydb_get_resource_name (get_ctx_handle (ctx));
591 es_fprintf (es_stdout, "%s: %s\n", keyring_str, resname);
592 for (i = strlen (resname) + strlen (keyring_str) + 2; i; i--)
593 es_putc ('-', es_stdout);
594 es_putc ('\n', es_stdout);
596 list_keyblock (keyblock, secret, mark_secret, opt.fingerprint, &listctx);
597 release_kbnode (keyblock);
599 while (!getkey_next (ctx, NULL, &keyblock));
602 if (opt.check_sigs && !opt.with_colons)
603 print_signature_stats (&listctx);
605 keylist_context_release (&listctx);
610 locate_one (ctrl_t ctrl, strlist_t names)
614 GETKEY_CTX ctx = NULL;
615 KBNODE keyblock = NULL;
616 struct keylist_context listctx;
618 memset (&listctx, 0, sizeof (listctx));
620 listctx.check_sigs = 1;
622 for (sl = names; sl; sl = sl->next)
624 rc = get_pubkey_byname (ctrl, &ctx, NULL, sl->d, &keyblock, NULL, 1, 0);
627 if (gpg_err_code (rc) != GPG_ERR_NO_PUBKEY)
628 log_error ("error reading key: %s\n", gpg_strerror (rc));
634 list_keyblock (keyblock, 0, 0, opt.fingerprint, &listctx);
635 release_kbnode (keyblock);
637 while (ctx && !get_pubkey_next (ctx, NULL, &keyblock));
638 get_pubkey_end (ctx);
643 if (opt.check_sigs && !opt.with_colons)
644 print_signature_stats (&listctx);
646 keylist_context_release (&listctx);
651 print_key_data (PKT_public_key * pk)
653 int n = pk ? pubkey_get_npkey (pk->pubkey_algo) : 0;
656 for (i = 0; i < n; i++)
658 es_fprintf (es_stdout, "pkd:%d:%u:", i, mpi_get_nbits (pk->pkey[i]));
659 mpi_print (es_stdout, pk->pkey[i], 1);
660 es_putc (':', es_stdout);
661 es_putc ('\n', es_stdout);
666 print_capabilities (PKT_public_key *pk, KBNODE keyblock)
668 unsigned int use = pk->pubkey_usage;
671 if (use & PUBKEY_USAGE_ENC)
672 es_putc ('e', es_stdout);
674 if (use & PUBKEY_USAGE_SIG)
676 es_putc ('s', es_stdout);
677 if (pk->flags.primary)
679 es_putc ('c', es_stdout);
680 /* The PUBKEY_USAGE_CERT flag was introduced later and we
681 used to always print 'c' for a primary key. To avoid any
682 regression here we better track whether we printed 'c'
688 if ((use & PUBKEY_USAGE_CERT) && !c_printed)
689 es_putc ('c', es_stdout);
691 if ((use & PUBKEY_USAGE_AUTH))
692 es_putc ('a', es_stdout);
694 if ((use & PUBKEY_USAGE_UNKNOWN))
695 es_putc ('?', es_stdout);
699 /* Figure out the usable capabilities. */
701 int enc = 0, sign = 0, cert = 0, auth = 0, disabled = 0;
703 for (k = keyblock; k; k = k->next)
705 if (k->pkt->pkttype == PKT_PUBLIC_KEY
706 || k->pkt->pkttype == PKT_PUBLIC_SUBKEY)
708 pk = k->pkt->pkt.public_key;
710 if (pk->flags.primary)
711 disabled = pk_is_disabled (pk);
713 if (pk->flags.valid && !pk->flags.revoked && !pk->has_expired)
715 if (pk->pubkey_usage & PUBKEY_USAGE_ENC)
717 if (pk->pubkey_usage & PUBKEY_USAGE_SIG)
720 if (pk->flags.primary)
723 if (pk->pubkey_usage & PUBKEY_USAGE_CERT)
725 if ((pk->pubkey_usage & PUBKEY_USAGE_AUTH))
731 es_putc ('E', es_stdout);
733 es_putc ('S', es_stdout);
735 es_putc ('C', es_stdout);
737 es_putc ('A', es_stdout);
739 es_putc ('D', es_stdout);
742 es_putc (':', es_stdout);
746 /* FLAGS: 0x01 hashed
749 print_one_subpacket (sigsubpkttype_t type, size_t len, int flags,
754 es_fprintf (es_stdout, "spk:%d:%u:%u:", type, flags, (unsigned int) len);
756 for (i = 0; i < len; i++)
758 /* printable ascii other than : and % */
759 if (buf[i] >= 32 && buf[i] <= 126 && buf[i] != ':' && buf[i] != '%')
760 es_fprintf (es_stdout, "%c", buf[i]);
762 es_fprintf (es_stdout, "%%%02X", buf[i]);
765 es_fprintf (es_stdout, "\n");
770 print_subpackets_colon (PKT_signature * sig)
774 assert (opt.show_subpackets);
776 for (i = opt.show_subpackets; *i; i++)
784 while ((p = enum_sig_subpkt (sig->hashed, *i, &len, &seq, &crit)))
785 print_one_subpacket (*i, len, 0x01 | (crit ? 0x02 : 0), p);
789 while ((p = enum_sig_subpkt (sig->unhashed, *i, &len, &seq, &crit)))
790 print_one_subpacket (*i, len, 0x00 | (crit ? 0x02 : 0), p);
796 dump_attribs (const PKT_user_id *uid, PKT_public_key *pk)
803 for (i = 0; i < uid->numattribs; i++)
805 if (is_status_enabled ())
807 byte array[MAX_FINGERPRINT_LEN], *p;
808 char buf[(MAX_FINGERPRINT_LEN * 2) + 90];
813 fingerprint_from_pk (pk, array, &n);
816 for (j = 0; j < n; j++, p++)
817 sprintf (buf + 2 * j, "%02X", *p);
819 sprintf (buf + strlen (buf), " %lu %u %u %u %lu %lu %u",
820 (ulong) uid->attribs[i].len, uid->attribs[i].type, i + 1,
821 uid->numattribs, (ulong) uid->created,
822 (ulong) uid->expiredate,
823 ((uid->is_primary ? 0x01 : 0) | (uid->
824 is_revoked ? 0x02 : 0) |
825 (uid->is_expired ? 0x04 : 0)));
826 write_status_text (STATUS_ATTRIBUTE, buf);
829 es_fwrite (uid->attribs[i].data, uid->attribs[i].len, 1, attrib_fp);
830 es_fflush (attrib_fp);
835 /* Print IPGP cert records instead of a standard key listing. */
837 list_keyblock_pka (kbnode_t keyblock)
842 char pkstrbuf[PUBKEY_STRING_SIZE];
845 /* Get the keyid from the keyblock. */
846 node = find_kbnode (keyblock, PKT_PUBLIC_KEY);
849 log_error ("Oops; key lost!\n");
850 dump_kbnode (keyblock);
854 pk = node->pkt->pkt.public_key;
856 es_fprintf (es_stdout, ";; pub %s/%s %s\n;; ",
857 pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
858 keystr_from_pk (pk), datestr_from_pk (pk));
859 print_fingerprint (NULL, pk, 10);
860 hexfpr = hexfingerprint (pk);
862 for (kbctx = NULL; (node = walk_kbnode (keyblock, &kbctx, 0));)
864 if (node->pkt->pkttype == PKT_USER_ID)
866 PKT_user_id *uid = node->pkt->pkt.user_id;
870 if (pk && (uid->is_expired || uid->is_revoked)
871 && !(opt.list_options & LIST_SHOW_UNUSABLE_UIDS))
874 es_fputs (";; uid ", es_stdout);
875 print_utf8_buffer (es_stdout, uid->name, uid->len);
876 es_putc ('\n', es_stdout);
877 mbox = mailbox_from_userid (uid->name);
878 if (mbox && (p = strchr (mbox, '@')))
885 es_fprintf (es_stdout, "$ORIGIN _pka.%s.\n", p);
886 gcry_md_hash_buffer (GCRY_MD_SHA1, hashbuf, mbox, strlen (mbox));
887 hash = zb32_encode (hashbuf, 8*20);
890 len = strlen (hexfpr)/2;
891 es_fprintf (es_stdout,
892 "%s TYPE37 \\# %u 0006 0000 00 %02X %s\n",
893 hash, 6 + len, len, hexfpr);
901 es_putc ('\n', es_stdout);
908 list_keyblock_print (KBNODE keyblock, int secret, int fpr,
909 struct keylist_context *listctx)
917 char *hexgrip = NULL;
918 char *serialno = NULL;
919 char pkstrbuf[PUBKEY_STRING_SIZE];
921 /* Get the keyid from the keyblock. */
922 node = find_kbnode (keyblock, PKT_PUBLIC_KEY);
925 log_error ("Oops; key lost!\n");
926 dump_kbnode (keyblock);
930 pk = node->pkt->pkt.public_key;
932 if (secret || opt.with_keygrip)
934 rc = hexkeygrip_from_pk (pk, &hexgrip);
936 log_error ("error computing a keygrip: %s\n", gpg_strerror (rc));
941 if (!agent_get_keyinfo (NULL, hexgrip, &serialno))
942 s2k_char = serialno? '>':' ';
944 s2k_char = '#'; /* Key not found. */
949 check_trustdb_stale ();
952 es_fprintf (es_stdout, "%s%c %s/%s %s",
955 pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
956 keystr_from_pk (pk), datestr_from_pk (pk));
958 if ((opt.list_options & LIST_SHOW_USAGE))
960 es_fprintf (es_stdout, " [%s]", usagestr_from_pk (pk, 0));
962 if (pk->flags.revoked)
964 es_fprintf (es_stdout, " [");
965 es_fprintf (es_stdout, _("revoked: %s"), revokestr_from_pk (pk));
966 es_fprintf (es_stdout, "]");
968 else if (pk->has_expired)
970 es_fprintf (es_stdout, " [");
971 es_fprintf (es_stdout, _("expired: %s"), expirestr_from_pk (pk));
972 es_fprintf (es_stdout, "]");
974 else if (pk->expiredate)
976 es_fprintf (es_stdout, " [");
977 es_fprintf (es_stdout, _("expires: %s"), expirestr_from_pk (pk));
978 es_fprintf (es_stdout, "]");
982 /* I need to think about this some more. It's easy enough to
983 include, but it looks sort of confusing in the listing... */
984 if (opt.list_options & LIST_SHOW_VALIDITY)
986 int validity = get_validity (pk, NULL);
987 es_fprintf (es_stdout, " [%s]", trust_value_to_string (validity));
991 if (pk->pubkey_algo >= 100)
992 es_fprintf (es_stdout, " [experimental algorithm %d]", pk->pubkey_algo);
994 es_fprintf (es_stdout, "\n");
997 print_fingerprint (NULL, pk, 0);
999 if (opt.with_keygrip && hexgrip)
1000 es_fprintf (es_stdout, " Keygrip = %s\n", hexgrip);
1003 print_card_serialno (serialno);
1005 if (opt.with_key_data)
1006 print_key_data (pk);
1008 for (kbctx = NULL; (node = walk_kbnode (keyblock, &kbctx, 0));)
1010 if (node->pkt->pkttype == PKT_USER_ID)
1012 PKT_user_id *uid = node->pkt->pkt.user_id;
1014 if ((uid->is_expired || uid->is_revoked)
1015 && !(opt.list_options & LIST_SHOW_UNUSABLE_UIDS))
1023 if (attrib_fp && uid->attrib_data != NULL)
1024 dump_attribs (uid, pk);
1026 if ((uid->is_revoked || uid->is_expired)
1027 || (opt.list_options & LIST_SHOW_UID_VALIDITY))
1029 const char *validity;
1032 validity = uid_trust_string_fixed (pk, uid);
1034 (keystrlen () + (opt.legacy_list_mode? 9:11)) -
1035 atoi (uid_trust_string_fixed (NULL, NULL));
1037 if (indent < 0 || indent > 40)
1040 es_fprintf (es_stdout, "uid%*s%s ", indent, "", validity);
1043 es_fprintf (es_stdout, "uid%*s",
1044 (int) keystrlen () + (opt.legacy_list_mode? 10:12), "");
1046 print_utf8_buffer (es_stdout, uid->name, uid->len);
1047 es_putc ('\n', es_stdout);
1049 if ((opt.list_options & LIST_SHOW_PHOTOS) && uid->attribs != NULL)
1050 show_photos (uid->attribs, uid->numattribs, pk, uid);
1052 else if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
1054 PKT_public_key *pk2 = node->pkt->pkt.public_key;
1056 if ((pk2->flags.revoked || pk2->has_expired)
1057 && !(opt.list_options & LIST_SHOW_UNUSABLE_SUBKEYS))
1065 xfree (serialno); serialno = NULL;
1066 xfree (hexgrip); hexgrip = NULL;
1067 if (secret || opt.with_keygrip)
1069 rc = hexkeygrip_from_pk (pk2, &hexgrip);
1071 log_error ("error computing a keygrip: %s\n",
1076 if (!agent_get_keyinfo (NULL, hexgrip, &serialno))
1077 s2k_char = serialno? '>':' ';
1079 s2k_char = '#'; /* Key not found. */
1084 es_fprintf (es_stdout, "%s%c %s/%s %s",
1085 secret? "ssb":"sub",
1087 pubkey_string (pk2, pkstrbuf, sizeof pkstrbuf),
1088 keystr_from_pk (pk2), datestr_from_pk (pk2));
1090 if ((opt.list_options & LIST_SHOW_USAGE))
1092 es_fprintf (es_stdout, " [%s]", usagestr_from_pk (pk2, 0));
1094 if (pk2->flags.revoked)
1096 es_fprintf (es_stdout, " [");
1097 es_fprintf (es_stdout, _("revoked: %s"), revokestr_from_pk (pk2));
1098 es_fprintf (es_stdout, "]");
1100 else if (pk2->has_expired)
1102 es_fprintf (es_stdout, " [");
1103 es_fprintf (es_stdout, _("expired: %s"), expirestr_from_pk (pk2));
1104 es_fprintf (es_stdout, "]");
1106 else if (pk2->expiredate)
1108 es_fprintf (es_stdout, " [");
1109 es_fprintf (es_stdout, _("expires: %s"), expirestr_from_pk (pk2));
1110 es_fprintf (es_stdout, "]");
1112 es_putc ('\n', es_stdout);
1115 print_fingerprint (NULL, pk2, 0);
1117 print_card_serialno (serialno);
1119 if (opt.with_keygrip && hexgrip)
1120 es_fprintf (es_stdout, " Keygrip = %s\n", hexgrip);
1121 if (opt.with_key_data)
1122 print_key_data (pk2);
1124 else if (opt.list_sigs
1125 && node->pkt->pkttype == PKT_SIGNATURE && !skip_sigs)
1127 PKT_signature *sig = node->pkt->pkt.signature;
1131 if (listctx->check_sigs)
1133 rc = check_key_signature (keyblock, node, NULL);
1134 switch (gpg_err_code (rc))
1137 listctx->good_sigs++;
1140 case GPG_ERR_BAD_SIGNATURE:
1141 listctx->inv_sigs++;
1144 case GPG_ERR_NO_PUBKEY:
1145 case GPG_ERR_UNUSABLE_PUBKEY:
1154 /* TODO: Make sure a cached sig record here still has
1155 the pk that issued it. See also
1156 keyedit.c:print_and_check_one_sig */
1164 if (sig->sig_class == 0x20 || sig->sig_class == 0x28
1165 || sig->sig_class == 0x30)
1167 else if ((sig->sig_class & ~3) == 0x10)
1169 else if (sig->sig_class == 0x18)
1171 else if (sig->sig_class == 0x1F)
1175 es_fprintf (es_stdout, "sig "
1176 "[unexpected signature class 0x%02x]\n",
1181 es_fputs (sigstr, es_stdout);
1182 es_fprintf (es_stdout, "%c%c %c%c%c%c%c%c %s %s",
1183 sigrc, (sig->sig_class - 0x10 > 0 &&
1184 sig->sig_class - 0x10 <
1185 4) ? '0' + sig->sig_class - 0x10 : ' ',
1186 sig->flags.exportable ? ' ' : 'L',
1187 sig->flags.revocable ? ' ' : 'R',
1188 sig->flags.policy_url ? 'P' : ' ',
1189 sig->flags.notation ? 'N' : ' ',
1190 sig->flags.expired ? 'X' : ' ',
1191 (sig->trust_depth > 9) ? 'T' : (sig->trust_depth >
1193 sig->trust_depth : ' ', keystr (sig->keyid),
1194 datestr_from_sig (sig));
1195 if (opt.list_options & LIST_SHOW_SIG_EXPIRE)
1196 es_fprintf (es_stdout, " %s", expirestr_from_sig (sig));
1197 es_fprintf (es_stdout, " ");
1199 es_fprintf (es_stdout, "[%s] ", gpg_strerror (rc));
1200 else if (sigrc == '?')
1202 else if (!opt.fast_list_mode)
1205 char *p = get_user_id (sig->keyid, &n);
1206 print_utf8_buffer (es_stdout, p, n);
1209 es_putc ('\n', es_stdout);
1211 if (sig->flags.policy_url
1212 && (opt.list_options & LIST_SHOW_POLICY_URLS))
1213 show_policy_url (sig, 3, 0);
1215 if (sig->flags.notation && (opt.list_options & LIST_SHOW_NOTATIONS))
1216 show_notation (sig, 3, 0,
1218 list_options & LIST_SHOW_STD_NOTATIONS) ? 1 : 0)
1221 list_options & LIST_SHOW_USER_NOTATIONS) ? 2 :
1224 if (sig->flags.pref_ks
1225 && (opt.list_options & LIST_SHOW_KEYSERVER_URLS))
1226 show_keyserver_url (sig, 3, 0);
1228 /* fixme: check or list other sigs here */
1231 es_putc ('\n', es_stdout);
1237 print_revokers (estream_t fp, PKT_public_key * pk)
1239 /* print the revoker record */
1240 if (!pk->revkey && pk->numrevkeys)
1246 for (i = 0; i < pk->numrevkeys; i++)
1250 es_fprintf (fp, "rvk:::%d::::::", pk->revkey[i].algid);
1251 p = pk->revkey[i].fpr;
1252 for (j = 0; j < 20; j++, p++)
1253 es_fprintf (fp, "%02X", *p);
1254 es_fprintf (fp, ":%02x%s:\n",
1255 pk->revkey[i].class,
1256 (pk->revkey[i].class & 0x40) ? "s" : "");
1262 /* List a key in colon mode. If SECRET is true this is a secret key
1263 record (i.e. requested via --list-secret-key). If HAS_SECRET a
1264 secret key is available even if SECRET is not set. */
1266 list_keyblock_colon (KBNODE keyblock, int secret, int has_secret, int fpr)
1273 int trustletter = 0;
1277 char *hexgrip = NULL;
1278 char *serialno = NULL;
1281 /* Get the keyid from the keyblock. */
1282 node = find_kbnode (keyblock, PKT_PUBLIC_KEY);
1285 log_error ("Oops; key lost!\n");
1286 dump_kbnode (keyblock);
1290 pk = node->pkt->pkt.public_key;
1291 if (secret || has_secret || opt.with_keygrip || opt.with_key_data)
1293 rc = hexkeygrip_from_pk (pk, &hexgrip);
1295 log_error ("error computing a keygrip: %s\n", gpg_strerror (rc));
1298 if ((secret||has_secret) && agent_get_keyinfo (NULL, hexgrip, &serialno))
1299 stubkey = 1; /* Key not found. */
1301 keyid_from_pk (pk, keyid);
1302 es_fputs (secret? "sec:":"pub:", es_stdout);
1303 if (!pk->flags.valid)
1304 es_putc ('i', es_stdout);
1305 else if (pk->flags.revoked)
1306 es_putc ('r', es_stdout);
1307 else if (pk->has_expired)
1308 es_putc ('e', es_stdout);
1309 else if (opt.fast_list_mode || opt.no_expensive_trust_checks)
1313 trustletter = get_validity_info (pk, NULL);
1314 if (trustletter == 'u')
1316 es_putc (trustletter, es_stdout);
1319 es_fprintf (es_stdout, ":%u:%d:%08lX%08lX:%s:%s::",
1322 (ulong) keyid[0], (ulong) keyid[1],
1323 colon_datestr_from_pk (pk), colon_strtime (pk->expiredate));
1325 if (!opt.fast_list_mode && !opt.no_expensive_trust_checks)
1326 es_putc (get_ownertrust_info (pk), es_stdout);
1327 es_putc (':', es_stdout);
1329 es_putc (':', es_stdout);
1330 es_putc (':', es_stdout);
1331 print_capabilities (pk, keyblock);
1332 es_putc (':', es_stdout); /* End of field 13. */
1333 es_putc (':', es_stdout); /* End of field 14. */
1334 if (secret || has_secret)
1337 es_putc ('#', es_stdout);
1339 es_fputs (serialno, es_stdout);
1340 else if (has_secret)
1341 es_putc ('+', es_stdout);
1343 es_putc (':', es_stdout); /* End of field 15. */
1344 es_putc (':', es_stdout); /* End of field 16. */
1345 if (pk->pubkey_algo == PUBKEY_ALGO_ECDSA
1346 || pk->pubkey_algo == PUBKEY_ALGO_EDDSA
1347 || pk->pubkey_algo == PUBKEY_ALGO_ECDH)
1349 char *curve = openpgp_oid_to_str (pk->pkey[0]);
1350 const char *name = openpgp_oid_to_curve (curve, 0);
1353 es_fputs (name, es_stdout);
1356 es_putc (':', es_stdout); /* End of field 17. */
1357 es_putc ('\n', es_stdout);
1359 print_revokers (es_stdout, pk);
1361 print_fingerprint (NULL, pk, 0);
1362 if (opt.with_key_data || opt.with_keygrip)
1365 es_fprintf (es_stdout, "grp:::::::::%s:\n", hexgrip);
1366 if (opt.with_key_data)
1367 print_key_data (pk);
1370 for (kbctx = NULL; (node = walk_kbnode (keyblock, &kbctx, 0));)
1372 if (node->pkt->pkttype == PKT_USER_ID)
1375 PKT_user_id *uid = node->pkt->pkt.user_id;
1377 if (attrib_fp && node->pkt->pkt.user_id->attrib_data != NULL)
1378 dump_attribs (node->pkt->pkt.user_id, pk);
1380 * Fixme: We need a valid flag here too
1382 str = uid->attrib_data ? "uat" : "uid";
1383 if (uid->is_revoked)
1384 es_fprintf (es_stdout, "%s:r::::", str);
1385 else if (uid->is_expired)
1386 es_fprintf (es_stdout, "%s:e::::", str);
1387 else if (opt.no_expensive_trust_checks)
1388 es_fprintf (es_stdout, "%s:::::", str);
1394 uid_validity = get_validity_info (pk, uid);
1397 es_fprintf (es_stdout, "%s:%c::::", str, uid_validity);
1400 es_fprintf (es_stdout, "%s:", colon_strtime (uid->created));
1401 es_fprintf (es_stdout, "%s:", colon_strtime (uid->expiredate));
1403 namehash_from_uid (uid);
1405 for (i = 0; i < 20; i++)
1406 es_fprintf (es_stdout, "%02X", uid->namehash[i]);
1408 es_fprintf (es_stdout, "::");
1410 if (uid->attrib_data)
1411 es_fprintf (es_stdout, "%u %lu", uid->numattribs, uid->attrib_len);
1413 es_write_sanitized (es_stdout, uid->name, uid->len, ":", NULL);
1414 es_putc (':', es_stdout);
1415 es_putc ('\n', es_stdout);
1417 else if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
1420 PKT_public_key *pk2;
1422 pk2 = node->pkt->pkt.public_key;
1423 xfree (hexgrip); hexgrip = NULL;
1424 xfree (serialno); serialno = NULL;
1425 if (secret || has_secret || opt.with_keygrip || opt.with_key_data)
1427 rc = hexkeygrip_from_pk (pk2, &hexgrip);
1429 log_error ("error computing a keygrip: %s\n",
1433 if ((secret||has_secret)
1434 && agent_get_keyinfo (NULL, hexgrip, &serialno))
1435 stubkey = 1; /* Key not found. */
1437 keyid_from_pk (pk2, keyid2);
1438 es_fputs (secret? "ssb:":"sub:", es_stdout);
1439 if (!pk2->flags.valid)
1440 es_putc ('i', es_stdout);
1441 else if (pk2->flags.revoked)
1442 es_putc ('r', es_stdout);
1443 else if (pk2->has_expired)
1444 es_putc ('e', es_stdout);
1445 else if (opt.fast_list_mode || opt.no_expensive_trust_checks)
1449 /* TRUSTLETTER should always be defined here. */
1451 es_fprintf (es_stdout, "%c", trustletter);
1453 es_fprintf (es_stdout, ":%u:%d:%08lX%08lX:%s:%s:::::",
1454 nbits_from_pk (pk2),
1456 (ulong) keyid2[0], (ulong) keyid2[1],
1457 colon_datestr_from_pk (pk2), colon_strtime (pk2->expiredate)
1458 /* fixme: add LID and ownertrust here */
1460 print_capabilities (pk2, NULL);
1461 es_putc (':', es_stdout); /* End of field 13. */
1462 es_putc (':', es_stdout); /* End of field 14. */
1463 if (secret || has_secret)
1466 es_putc ('#', es_stdout);
1468 es_fputs (serialno, es_stdout);
1469 else if (has_secret)
1470 es_putc ('+', es_stdout);
1472 es_putc (':', es_stdout); /* End of field 15. */
1473 es_putc (':', es_stdout); /* End of field 16. */
1474 if (pk->pubkey_algo == PUBKEY_ALGO_ECDSA
1475 || pk->pubkey_algo == PUBKEY_ALGO_EDDSA
1476 || pk->pubkey_algo == PUBKEY_ALGO_ECDH)
1478 char *curve = openpgp_oid_to_str (pk->pkey[0]);
1479 const char *name = openpgp_oid_to_curve (curve, 0);
1482 es_fputs (name, es_stdout);
1485 es_putc (':', es_stdout); /* End of field 17. */
1486 es_putc ('\n', es_stdout);
1488 print_fingerprint (NULL, pk2, 0);
1489 if (opt.with_key_data || opt.with_keygrip)
1492 es_fprintf (es_stdout, "grp:::::::::%s:\n", hexgrip);
1493 if (opt.with_key_data)
1494 print_key_data (pk2);
1497 else if (opt.list_sigs && node->pkt->pkttype == PKT_SIGNATURE)
1499 PKT_signature *sig = node->pkt->pkt.signature;
1500 int sigrc, fprokay = 0;
1503 byte fparray[MAX_FINGERPRINT_LEN];
1505 if (sig->sig_class == 0x20 || sig->sig_class == 0x28
1506 || sig->sig_class == 0x30)
1508 else if ((sig->sig_class & ~3) == 0x10)
1510 else if (sig->sig_class == 0x18)
1512 else if (sig->sig_class == 0x1F)
1516 es_fprintf (es_stdout, "sig::::::::::%02x%c:\n",
1517 sig->sig_class, sig->flags.exportable ? 'x' : 'l');
1523 PKT_public_key *signer_pk = NULL;
1526 if (opt.no_sig_cache)
1527 signer_pk = xmalloc_clear (sizeof (PKT_public_key));
1529 rc = check_key_signature2 (keyblock, node, NULL, signer_pk,
1531 switch (gpg_err_code (rc))
1536 case GPG_ERR_BAD_SIGNATURE:
1539 case GPG_ERR_NO_PUBKEY:
1540 case GPG_ERR_UNUSABLE_PUBKEY:
1548 if (opt.no_sig_cache)
1552 fingerprint_from_pk (signer_pk, fparray, &fplen);
1555 free_public_key (signer_pk);
1563 es_fputs (sigstr, es_stdout);
1564 es_putc (':', es_stdout);
1566 es_putc (sigrc, es_stdout);
1567 es_fprintf (es_stdout, "::%d:%08lX%08lX:%s:%s:", sig->pubkey_algo,
1568 (ulong) sig->keyid[0], (ulong) sig->keyid[1],
1569 colon_datestr_from_sig (sig),
1570 colon_expirestr_from_sig (sig));
1572 if (sig->trust_depth || sig->trust_value)
1573 es_fprintf (es_stdout, "%d %d", sig->trust_depth, sig->trust_value);
1574 es_fprintf (es_stdout, ":");
1576 if (sig->trust_regexp)
1577 es_write_sanitized (es_stdout, sig->trust_regexp,
1578 strlen (sig->trust_regexp), ":", NULL);
1579 es_fprintf (es_stdout, ":");
1582 es_fprintf (es_stdout, "[%s] ", gpg_strerror (rc));
1583 else if (sigrc == '?')
1585 else if (!opt.fast_list_mode)
1588 p = get_user_id (sig->keyid, &n);
1589 es_write_sanitized (es_stdout, p, n, ":", NULL);
1592 es_fprintf (es_stdout, ":%02x%c::", sig->sig_class,
1593 sig->flags.exportable ? 'x' : 'l');
1595 if (opt.no_sig_cache && opt.check_sigs && fprokay)
1597 for (i = 0; i < fplen; i++)
1598 es_fprintf (es_stdout, "%02X", fparray[i]);
1601 es_fprintf (es_stdout, ":::%d:\n", sig->digest_algo);
1603 if (opt.show_subpackets)
1604 print_subpackets_colon (sig);
1606 /* fixme: check or list other sigs here */
1615 * Reorder the keyblock so that the primary user ID (and not attribute
1616 * packet) comes first. Fixme: Replace this by a generic sort
1619 do_reorder_keyblock (KBNODE keyblock, int attr)
1621 KBNODE primary = NULL, primary0 = NULL, primary2 = NULL;
1624 for (node = keyblock; node; primary0 = node, node = node->next)
1626 if (node->pkt->pkttype == PKT_USER_ID &&
1627 ((attr && node->pkt->pkt.user_id->attrib_data) ||
1628 (!attr && !node->pkt->pkt.user_id->attrib_data)) &&
1629 node->pkt->pkt.user_id->is_primary)
1631 primary = primary2 = node;
1632 for (node = node->next; node; primary2 = node, node = node->next)
1634 if (node->pkt->pkttype == PKT_USER_ID
1635 || node->pkt->pkttype == PKT_PUBLIC_SUBKEY
1636 || node->pkt->pkttype == PKT_SECRET_SUBKEY)
1645 return; /* No primary key flag found (should not happen). */
1647 for (last = NULL, node = keyblock; node; last = node, node = node->next)
1649 if (node->pkt->pkttype == PKT_USER_ID)
1653 assert (last); /* The user ID is never the first packet. */
1654 assert (primary0); /* Ditto (this is the node before primary). */
1655 if (node == primary)
1656 return; /* Already the first one. */
1658 last->next = primary;
1659 primary0->next = primary2->next;
1660 primary2->next = node;
1664 reorder_keyblock (KBNODE keyblock)
1666 do_reorder_keyblock (keyblock, 1);
1667 do_reorder_keyblock (keyblock, 0);
1671 list_keyblock (KBNODE keyblock, int secret, int has_secret, int fpr,
1672 struct keylist_context *listctx)
1674 reorder_keyblock (keyblock);
1675 if (opt.print_pka_records)
1676 list_keyblock_pka (keyblock);
1677 else if (opt.with_colons)
1678 list_keyblock_colon (keyblock, secret, has_secret, fpr);
1680 list_keyblock_print (keyblock, secret, fpr, listctx);
1682 es_fflush (es_stdout);
1686 /* Public function used by keygen to list a keyblock. */
1688 list_keyblock_direct (kbnode_t keyblock, int secret, int has_secret, int fpr)
1690 struct keylist_context listctx;
1692 memset (&listctx, 0, sizeof (listctx));
1693 list_keyblock (keyblock, secret, has_secret, fpr, &listctx);
1694 keylist_context_release (&listctx);
1698 /* Print an hex digit in ICAO spelling. */
1700 print_icao_hexdigit (estream_t fp, int c)
1702 static const char *list[16] = {
1703 "Zero", "One", "Two", "Three", "Four", "Five", "Six", "Seven",
1704 "Eight", "Niner", "Alfa", "Bravo", "Charlie", "Delta", "Echo", "Foxtrot"
1707 tty_fprintf (fp, "%s", list[c&15]);
1712 * Function to print the finperprint.
1713 * mode 0: as used in key listings, opt.with_colons is honored
1714 * 1: print using log_info ()
1715 * 2: direct use of tty
1716 * 3: direct use of tty but only primary key.
1717 * 4: direct use of tty but only subkey.
1718 * 10: Same as 0 but with_colons etc is ignored.
1720 * Modes 1 and 2 will try and print both subkey and primary key
1721 * fingerprints. A MODE with bit 7 set is used internally. If
1722 * OVERRIDE_FP is not NULL that stream will be used in 0 instead
1723 * of es_stdout or instead of the TTY in modes 2 and 3.
1726 print_fingerprint (estream_t override_fp, PKT_public_key *pk, int mode)
1728 byte array[MAX_FINGERPRINT_LEN], *p;
1733 int with_colons = opt.with_colons;
1734 int with_icao = opt.with_icao_spelling;
1743 if (pk->main_keyid[0] == pk->keyid[0]
1744 && pk->main_keyid[1] == pk->keyid[1])
1747 /* Just to be safe */
1748 if ((mode & 0x80) && !primary)
1750 log_error ("primary key is not really primary!\n");
1756 if (!primary && (mode == 1 || mode == 2))
1758 PKT_public_key *primary_pk = xmalloc_clear (sizeof (*primary_pk));
1759 get_pubkey (primary_pk, pk->main_keyid);
1760 print_fingerprint (override_fp, primary_pk, (mode | 0x80));
1761 free_public_key (primary_pk);
1766 fp = log_get_stream ();
1768 text = _("Primary key fingerprint:");
1770 text = _(" Subkey fingerprint:");
1774 fp = override_fp; /* Use tty or given stream. */
1776 /* TRANSLATORS: this should fit into 24 bytes so that the
1777 * fingerprint data is properly aligned with the user ID */
1778 text = _(" Primary key fingerprint:");
1780 text = _(" Subkey fingerprint:");
1784 fp = override_fp; /* Use tty or given stream. */
1785 text = _(" Key fingerprint =");
1789 fp = override_fp; /* Use tty or given stream. */
1790 text = _(" Subkey fingerprint:");
1794 fp = override_fp? override_fp : es_stdout;
1795 text = _(" Key fingerprint =");
1798 fingerprint_from_pk (pk, array, &n);
1800 if (with_colons && !mode)
1802 es_fprintf (fp, "fpr:::::::::");
1803 for (i = 0; i < n; i++, p++)
1804 es_fprintf (fp, "%02X", *p);
1809 tty_fprintf (fp, "%s", text);
1812 for (i = 0; i < n; i++, i++, p += 2)
1813 tty_fprintf (fp, "%s %02X%02X", i==10? " ":"", *p, p[1]);
1817 for (i = 0; i < n; i++, p++)
1818 tty_fprintf (fp, "%s %02X", (i && !(i % 8))? " ":"", *p);
1821 tty_fprintf (fp, "\n");
1822 if (!with_colons && with_icao)
1825 tty_fprintf (fp, "%*s\"", (int)strlen(text)+1, "");
1826 for (i = 0; i < n; i++, p++)
1831 tty_fprintf (fp, "\n%*s ", (int)strlen(text)+1, "");
1833 tty_fprintf (fp, " ");
1835 tty_fprintf (fp, " ");
1836 print_icao_hexdigit (fp, *p >> 4);
1837 tty_fprintf (fp, " ");
1838 print_icao_hexdigit (fp, *p & 15);
1840 tty_fprintf (fp, "\"\n");
1844 /* Print the serial number of an OpenPGP card if available. */
1846 print_card_serialno (const char *serialno)
1850 if (opt.with_colons)
1851 return; /* Handled elsewhere. */
1853 es_fputs (_(" Card serial no. ="), es_stdout);
1854 es_putc (' ', es_stdout);
1855 if (strlen (serialno) == 32 && !strncmp (serialno, "D27600012401", 12))
1857 /* This is an OpenPGP card. Print the relevant part. */
1858 /* Example: D2760001240101010001000003470000 */
1860 es_fprintf (es_stdout, "%.*s %.*s", 4, serialno+16, 8, serialno+20);
1863 es_fputs (serialno, es_stdout);
1864 es_putc ('\n', es_stdout);
1870 set_attrib_fd (int fd)
1872 static int last_fd = -1;
1874 if (fd != -1 && last_fd == fd)
1877 /* Fixme: Do we need to check for the log stream here? */
1878 if (attrib_fp && attrib_fp != log_get_stream ())
1879 es_fclose (attrib_fp);
1884 #ifdef HAVE_DOSISH_SYSTEM
1885 setmode (fd, O_BINARY);
1888 attrib_fp = es_stdout;
1890 attrib_fp = es_stderr;
1892 attrib_fp = es_fdopen (fd, "wb");
1895 log_fatal ("can't open fd %d for attribute output: %s\n",
1896 fd, strerror (errno));