1 /* keylist.c - Print information about OpenPGP keys
2 * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006,
3 * 2008, 2010, 2012 Free Software Foundation, Inc.
4 * Copyright (C) 2013, 2014 Werner Koch
6 * This file is part of GnuPG.
8 * GnuPG is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
13 * GnuPG is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, see <http://www.gnu.org/licenses/>.
28 #ifdef HAVE_DOSISH_SYSTEM
29 #include <fcntl.h> /* for setmode() */
44 #include "call-agent.h"
45 #include "mbox-util.h"
48 static void list_all (int, int);
49 static void list_one (strlist_t names, int secret, int mark_secret);
50 static void locate_one (ctrl_t ctrl, strlist_t names);
51 static void print_card_serialno (const char *serialno);
53 struct keylist_context
55 int check_sigs; /* If set signatures shall be verified. */
56 int good_sigs; /* Counter used if CHECK_SIGS is set. */
57 int inv_sigs; /* Counter used if CHECK_SIGS is set. */
58 int no_key; /* Counter used if CHECK_SIGS is set. */
59 int oth_err; /* Counter used if CHECK_SIGS is set. */
63 static void list_keyblock (kbnode_t keyblock, int secret, int has_secret,
64 int fpr, struct keylist_context *listctx);
67 /* The stream used to write attribute packets to. */
68 static estream_t attrib_fp;
71 /* Release resources from a keylist context. */
73 keylist_context_release (struct keylist_context *listctx)
75 (void)listctx; /* Nothing to release. */
79 /* List the keys. If list is NULL, all available keys are listed.
80 With LOCATE_MODE set the locate algorithm is used to find a
83 public_key_list (ctrl_t ctrl, strlist_t list, int locate_mode)
85 #ifndef NO_TRUST_MODELS
88 byte trust_model, marginals, completes, cert_depth, min_cert_level;
89 ulong created, nextcheck;
91 read_trust_options (&trust_model, &created, &nextcheck,
92 &marginals, &completes, &cert_depth, &min_cert_level);
94 es_fprintf (es_stdout, "tru:");
96 if (nextcheck && nextcheck <= make_timestamp ())
97 es_fprintf (es_stdout, "o");
98 if (trust_model != opt.trust_model)
99 es_fprintf (es_stdout, "t");
100 if (opt.trust_model == TM_PGP || opt.trust_model == TM_CLASSIC)
102 if (marginals != opt.marginals_needed)
103 es_fprintf (es_stdout, "m");
104 if (completes != opt.completes_needed)
105 es_fprintf (es_stdout, "c");
106 if (cert_depth != opt.max_cert_depth)
107 es_fprintf (es_stdout, "d");
108 if (min_cert_level != opt.min_cert_level)
109 es_fprintf (es_stdout, "l");
112 es_fprintf (es_stdout, ":%d:%lu:%lu", trust_model, created, nextcheck);
114 /* Only show marginals, completes, and cert_depth in the classic
115 or PGP trust models since they are not meaningful
118 if (trust_model == TM_PGP || trust_model == TM_CLASSIC)
119 es_fprintf (es_stdout, ":%d:%d:%d", marginals, completes, cert_depth);
120 es_fprintf (es_stdout, "\n");
122 #endif /*!NO_TRUST_MODELS*/
124 /* We need to do the stale check right here because it might need to
125 update the keyring while we already have the keyring open. This
126 is very bad for W32 because of a sharing violation. For real OSes
127 it might lead to false results if we are later listing a keyring
128 which is associated with the inode of a deleted file. */
129 check_trustdb_stale ();
132 locate_one (ctrl, list);
134 list_all (0, opt.with_secret);
136 list_one (list, 0, opt.with_secret);
141 secret_key_list (ctrl_t ctrl, strlist_t list)
145 check_trustdb_stale ();
149 else /* List by user id */
150 list_one (list, 1, 0);
154 print_seckey_info (PKT_public_key *pk)
158 char pkstrbuf[PUBKEY_STRING_SIZE];
160 keyid_from_pk (pk, keyid);
161 p = get_user_id_native (keyid);
163 tty_printf ("\nsec %s/%s %s %s\n",
164 pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
165 keystr (keyid), datestr_from_pk (pk), p);
170 /* Print information about the public key. With FP passed as NULL,
171 the tty output interface is used, otherwise output is directted to
174 print_pubkey_info (estream_t fp, PKT_public_key *pk)
178 char pkstrbuf[PUBKEY_STRING_SIZE];
180 keyid_from_pk (pk, keyid);
182 /* If the pk was chosen by a particular user ID, that is the one to
185 p = utf8_to_native (pk->user_id->name, pk->user_id->len, 0);
187 p = get_user_id_native (keyid);
191 tty_fprintf (fp, "%s %s/%s %s %s\n",
192 pk->flags.primary? "pub":"sub",
193 pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
194 keystr (keyid), datestr_from_pk (pk), p);
199 /* Print basic information of a secret key including the card serial
200 number information. */
201 #ifdef ENABLE_CARD_SUPPORT
203 print_card_key_info (estream_t fp, kbnode_t keyblock)
209 char pkstrbuf[PUBKEY_STRING_SIZE];
212 for (node = keyblock; node; node = node->next)
214 if (node->pkt->pkttype == PKT_PUBLIC_KEY
215 || node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
218 PKT_public_key *pk = node->pkt->pkt.public_key;
221 rc = hexkeygrip_from_pk (pk, &hexgrip);
224 log_error ("error computing a keygrip: %s\n", gpg_strerror (rc));
227 else if (!agent_get_keyinfo (NULL, hexgrip, &serialno))
228 s2k_char = serialno? '>':' ';
230 s2k_char = '#'; /* Key not found. */
232 tty_fprintf (fp, "%s%c %s/%s %n",
233 node->pkt->pkttype == PKT_PUBLIC_KEY ? "sec" : "ssb",
235 pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
238 tty_fprintf (fp, _("created: %s"), datestr_from_pk (pk));
239 tty_fprintf (fp, " ");
240 tty_fprintf (fp, _("expires: %s"), expirestr_from_pk (pk));
243 tty_fprintf (fp, "\n%*s%s", indent, "", _("card-no: "));
244 if (strlen (serialno) == 32
245 && !strncmp (serialno, "D27600012401", 12))
247 /* This is an OpenPGP card. Print the relevant part. */
248 /* Example: D2760001240101010001000003470000 */
250 tty_fprintf (fp, "%.*s %.*s", 4, serialno+16, 8, serialno+20);
253 tty_fprintf (fp, "%s", serialno);
255 tty_fprintf (fp, "\n");
261 #endif /*ENABLE_CARD_SUPPORT*/
264 /* Flags = 0x01 hashed 0x02 critical. */
266 status_one_subpacket (sigsubpkttype_t type, size_t len, int flags,
271 /* Don't print these. */
275 snprintf (status, sizeof status,
276 "%d %u %u ", type, flags, (unsigned int) len);
278 write_status_text_and_buffer (STATUS_SIG_SUBPACKET, status, buf, len, 0);
282 /* Print a policy URL. Allowed values for MODE are:
283 * 0 - print to stdout.
284 * 1 - use log_info and emit status messages.
285 * 2 - emit only status messages.
288 show_policy_url (PKT_signature * sig, int indent, int mode)
293 estream_t fp = mode ? log_get_stream () : es_stdout;
296 enum_sig_subpkt (sig->hashed, SIGSUBPKT_POLICY, &len, &seq, &crit)))
303 for (i = 0; i < indent; i++)
307 str = _("Critical signature policy: ");
309 str = _("Signature policy: ");
311 log_info ("%s", str);
313 es_fprintf (fp, "%s", str);
314 print_utf8_buffer (fp, p, len);
315 es_fprintf (fp, "\n");
319 write_status_buffer (STATUS_POLICY_URL, p, len, 0);
326 mode=1 for log_info + status messages
327 mode=2 for status messages only
331 show_keyserver_url (PKT_signature * sig, int indent, int mode)
336 estream_t fp = mode ? log_get_stream () : es_stdout;
339 enum_sig_subpkt (sig->hashed, SIGSUBPKT_PREF_KS, &len, &seq,
347 for (i = 0; i < indent; i++)
348 es_putc (' ', es_stdout);
351 str = _("Critical preferred keyserver: ");
353 str = _("Preferred keyserver: ");
355 log_info ("%s", str);
357 es_fprintf (es_stdout, "%s", str);
358 print_utf8_buffer (fp, p, len);
359 es_fprintf (fp, "\n");
363 status_one_subpacket (SIGSUBPKT_PREF_KS, len,
364 (crit ? 0x02 : 0) | 0x01, p);
370 mode=1 for log_info + status messages
371 mode=2 for status messages only
373 Defined bits in WHICH:
374 1 == standard notations
378 show_notation (PKT_signature * sig, int indent, int mode, int which)
380 estream_t fp = mode ? log_get_stream () : es_stdout;
381 struct notation *nd, *notations;
386 notations = sig_to_notation (sig);
388 /* There may be multiple notations in the same sig. */
389 for (nd = notations; nd; nd = nd->next)
393 int has_at = !!strchr (nd->name, '@');
395 if ((which & 1 && !has_at) || (which & 2 && has_at))
400 for (i = 0; i < indent; i++)
401 es_putc (' ', es_stdout);
403 if (nd->flags.critical)
404 str = _("Critical signature notation: ");
406 str = _("Signature notation: ");
408 log_info ("%s", str);
410 es_fprintf (es_stdout, "%s", str);
411 /* This is all UTF8 */
412 print_utf8_buffer (fp, nd->name, strlen (nd->name));
413 es_fprintf (fp, "=");
414 print_utf8_buffer (fp, nd->value, strlen (nd->value));
415 /* (We need to use log_printf so that the next call to a
416 log function does not insert an extra LF.) */
426 write_status_buffer (STATUS_NOTATION_NAME,
427 nd->name, strlen (nd->name), 0);
428 write_status_buffer (STATUS_NOTATION_DATA,
429 nd->value, strlen (nd->value), 50);
433 free_notation (notations);
438 print_signature_stats (struct keylist_context *s)
441 return; /* Signature checking was not requested. */
443 if (s->good_sigs == 1)
444 log_info (_("1 good signature\n"));
445 else if (s->good_sigs)
446 log_info (_("%d good signatures\n"), s->good_sigs);
448 if (s->inv_sigs == 1)
449 log_info (_("1 bad signature\n"));
450 else if (s->inv_sigs)
451 log_info (_("%d bad signatures\n"), s->inv_sigs);
454 log_info (_("1 signature not checked due to a missing key\n"));
456 log_info (_("%d signatures not checked due to missing keys\n"), s->no_key);
459 log_info (_("1 signature not checked due to an error\n"));
461 log_info (_("%d signatures not checked due to errors\n"), s->oth_err);
465 /* List all keys. If SECRET is true only secret keys are listed. If
466 MARK_SECRET is true secret keys are indicated in a public key
469 list_all (int secret, int mark_secret)
472 KBNODE keyblock = NULL;
475 const char *lastresname, *resname;
476 struct keylist_context listctx;
478 memset (&listctx, 0, sizeof (listctx));
480 listctx.check_sigs = 1;
484 rc = gpg_error (GPG_ERR_GENERAL);
486 rc = keydb_search_first (hd);
489 if (gpg_err_code (rc) != GPG_ERR_NOT_FOUND)
490 log_error ("keydb_search_first failed: %s\n", gpg_strerror (rc));
497 rc = keydb_get_keyblock (hd, &keyblock);
500 if (gpg_err_code (rc) == GPG_ERR_LEGACY_KEY)
501 continue; /* Skip legacy keys. */
502 log_error ("keydb_get_keyblock failed: %s\n", gpg_strerror (rc));
506 if (secret || mark_secret)
507 any_secret = !agent_probe_any_secret_key (NULL, keyblock);
511 if (secret && !any_secret)
512 ; /* Secret key listing requested but this isn't one. */
515 if (!opt.with_colons)
517 resname = keydb_get_resource_name (hd);
518 if (lastresname != resname)
522 es_fprintf (es_stdout, "%s\n", resname);
523 for (i = strlen (resname); i; i--)
524 es_putc ('-', es_stdout);
525 es_putc ('\n', es_stdout);
526 lastresname = resname;
529 merge_keys_and_selfsig (keyblock);
530 list_keyblock (keyblock, secret, any_secret, opt.fingerprint,
533 release_kbnode (keyblock);
536 while (!(rc = keydb_search_next (hd)));
537 es_fflush (es_stdout);
538 if (rc && gpg_err_code (rc) != GPG_ERR_NOT_FOUND)
539 log_error ("keydb_search_next failed: %s\n", gpg_strerror (rc));
540 if (keydb_get_skipped_counter (hd))
541 log_info (_("Warning: %lu key(s) skipped due to their large size\n"),
542 keydb_get_skipped_counter (hd));
544 if (opt.check_sigs && !opt.with_colons)
545 print_signature_stats (&listctx);
548 keylist_context_release (&listctx);
549 release_kbnode (keyblock);
555 list_one (strlist_t names, int secret, int mark_secret)
558 KBNODE keyblock = NULL;
561 const char *keyring_str = _("Keyring");
563 struct keylist_context listctx;
565 memset (&listctx, 0, sizeof (listctx));
566 if (!secret && opt.check_sigs)
567 listctx.check_sigs = 1;
569 /* fixme: using the bynames function has the disadvantage that we
570 * don't know wether one of the names given was not found. OTOH,
571 * this function has the advantage to list the names in the
572 * sequence as defined by the keyDB and does not duplicate
573 * outputs. A solution could be do test whether all given have
574 * been listed (this needs a way to use the keyDB search
575 * functions) or to have the search function return indicators for
576 * found names. Yet another way is to use the keydb search
577 * facilities directly. */
578 rc = getkey_bynames (&ctx, NULL, names, secret, &keyblock);
581 log_error ("error reading key: %s\n", gpg_strerror (rc));
582 get_pubkey_end (ctx);
588 if ((opt.list_options & LIST_SHOW_KEYRING) && !opt.with_colons)
590 resname = keydb_get_resource_name (get_ctx_handle (ctx));
591 es_fprintf (es_stdout, "%s: %s\n", keyring_str, resname);
592 for (i = strlen (resname) + strlen (keyring_str) + 2; i; i--)
593 es_putc ('-', es_stdout);
594 es_putc ('\n', es_stdout);
596 list_keyblock (keyblock, secret, mark_secret, opt.fingerprint, &listctx);
597 release_kbnode (keyblock);
599 while (!getkey_next (ctx, NULL, &keyblock));
602 if (opt.check_sigs && !opt.with_colons)
603 print_signature_stats (&listctx);
605 keylist_context_release (&listctx);
610 locate_one (ctrl_t ctrl, strlist_t names)
614 GETKEY_CTX ctx = NULL;
615 KBNODE keyblock = NULL;
616 struct keylist_context listctx;
618 memset (&listctx, 0, sizeof (listctx));
620 listctx.check_sigs = 1;
622 for (sl = names; sl; sl = sl->next)
624 rc = get_pubkey_byname (ctrl, &ctx, NULL, sl->d, &keyblock, NULL, 1, 0);
627 if (gpg_err_code (rc) != GPG_ERR_NO_PUBKEY)
628 log_error ("error reading key: %s\n", gpg_strerror (rc));
629 else if (opt.verbose)
630 log_info (_("key \"%s\" not found: %s\n"),
631 sl->d, gpg_strerror (rc));
637 list_keyblock (keyblock, 0, 0, opt.fingerprint, &listctx);
638 release_kbnode (keyblock);
640 while (ctx && !get_pubkey_next (ctx, NULL, &keyblock));
641 get_pubkey_end (ctx);
646 if (opt.check_sigs && !opt.with_colons)
647 print_signature_stats (&listctx);
649 keylist_context_release (&listctx);
654 print_key_data (PKT_public_key * pk)
656 int n = pk ? pubkey_get_npkey (pk->pubkey_algo) : 0;
659 for (i = 0; i < n; i++)
661 es_fprintf (es_stdout, "pkd:%d:%u:", i, mpi_get_nbits (pk->pkey[i]));
662 mpi_print (es_stdout, pk->pkey[i], 1);
663 es_putc (':', es_stdout);
664 es_putc ('\n', es_stdout);
669 print_capabilities (PKT_public_key *pk, KBNODE keyblock)
671 unsigned int use = pk->pubkey_usage;
674 if (use & PUBKEY_USAGE_ENC)
675 es_putc ('e', es_stdout);
677 if (use & PUBKEY_USAGE_SIG)
679 es_putc ('s', es_stdout);
680 if (pk->flags.primary)
682 es_putc ('c', es_stdout);
683 /* The PUBKEY_USAGE_CERT flag was introduced later and we
684 used to always print 'c' for a primary key. To avoid any
685 regression here we better track whether we printed 'c'
691 if ((use & PUBKEY_USAGE_CERT) && !c_printed)
692 es_putc ('c', es_stdout);
694 if ((use & PUBKEY_USAGE_AUTH))
695 es_putc ('a', es_stdout);
697 if ((use & PUBKEY_USAGE_UNKNOWN))
698 es_putc ('?', es_stdout);
702 /* Figure out the usable capabilities. */
704 int enc = 0, sign = 0, cert = 0, auth = 0, disabled = 0;
706 for (k = keyblock; k; k = k->next)
708 if (k->pkt->pkttype == PKT_PUBLIC_KEY
709 || k->pkt->pkttype == PKT_PUBLIC_SUBKEY)
711 pk = k->pkt->pkt.public_key;
713 if (pk->flags.primary)
714 disabled = pk_is_disabled (pk);
716 if (pk->flags.valid && !pk->flags.revoked && !pk->has_expired)
718 if (pk->pubkey_usage & PUBKEY_USAGE_ENC)
720 if (pk->pubkey_usage & PUBKEY_USAGE_SIG)
723 if (pk->flags.primary)
726 if (pk->pubkey_usage & PUBKEY_USAGE_CERT)
728 if ((pk->pubkey_usage & PUBKEY_USAGE_AUTH))
734 es_putc ('E', es_stdout);
736 es_putc ('S', es_stdout);
738 es_putc ('C', es_stdout);
740 es_putc ('A', es_stdout);
742 es_putc ('D', es_stdout);
745 es_putc (':', es_stdout);
749 /* FLAGS: 0x01 hashed
752 print_one_subpacket (sigsubpkttype_t type, size_t len, int flags,
757 es_fprintf (es_stdout, "spk:%d:%u:%u:", type, flags, (unsigned int) len);
759 for (i = 0; i < len; i++)
761 /* printable ascii other than : and % */
762 if (buf[i] >= 32 && buf[i] <= 126 && buf[i] != ':' && buf[i] != '%')
763 es_fprintf (es_stdout, "%c", buf[i]);
765 es_fprintf (es_stdout, "%%%02X", buf[i]);
768 es_fprintf (es_stdout, "\n");
773 print_subpackets_colon (PKT_signature * sig)
777 assert (opt.show_subpackets);
779 for (i = opt.show_subpackets; *i; i++)
787 while ((p = enum_sig_subpkt (sig->hashed, *i, &len, &seq, &crit)))
788 print_one_subpacket (*i, len, 0x01 | (crit ? 0x02 : 0), p);
792 while ((p = enum_sig_subpkt (sig->unhashed, *i, &len, &seq, &crit)))
793 print_one_subpacket (*i, len, 0x00 | (crit ? 0x02 : 0), p);
799 dump_attribs (const PKT_user_id *uid, PKT_public_key *pk)
806 for (i = 0; i < uid->numattribs; i++)
808 if (is_status_enabled ())
810 byte array[MAX_FINGERPRINT_LEN], *p;
811 char buf[(MAX_FINGERPRINT_LEN * 2) + 90];
816 fingerprint_from_pk (pk, array, &n);
819 for (j = 0; j < n; j++, p++)
820 sprintf (buf + 2 * j, "%02X", *p);
822 sprintf (buf + strlen (buf), " %lu %u %u %u %lu %lu %u",
823 (ulong) uid->attribs[i].len, uid->attribs[i].type, i + 1,
824 uid->numattribs, (ulong) uid->created,
825 (ulong) uid->expiredate,
826 ((uid->is_primary ? 0x01 : 0) | (uid->
827 is_revoked ? 0x02 : 0) |
828 (uid->is_expired ? 0x04 : 0)));
829 write_status_text (STATUS_ATTRIBUTE, buf);
832 es_fwrite (uid->attribs[i].data, uid->attribs[i].len, 1, attrib_fp);
833 es_fflush (attrib_fp);
838 /* Print IPGP cert records instead of a standard key listing. */
840 list_keyblock_pka (kbnode_t keyblock)
845 char pkstrbuf[PUBKEY_STRING_SIZE];
848 /* Get the keyid from the keyblock. */
849 node = find_kbnode (keyblock, PKT_PUBLIC_KEY);
852 log_error ("Oops; key lost!\n");
853 dump_kbnode (keyblock);
857 pk = node->pkt->pkt.public_key;
859 es_fprintf (es_stdout, ";; pub %s/%s %s\n;; ",
860 pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
861 keystr_from_pk (pk), datestr_from_pk (pk));
862 print_fingerprint (NULL, pk, 10);
863 hexfpr = hexfingerprint (pk);
865 for (kbctx = NULL; (node = walk_kbnode (keyblock, &kbctx, 0));)
867 if (node->pkt->pkttype == PKT_USER_ID)
869 PKT_user_id *uid = node->pkt->pkt.user_id;
873 if (pk && (uid->is_expired || uid->is_revoked)
874 && !(opt.list_options & LIST_SHOW_UNUSABLE_UIDS))
877 es_fputs (";; uid ", es_stdout);
878 print_utf8_buffer (es_stdout, uid->name, uid->len);
879 es_putc ('\n', es_stdout);
880 mbox = mailbox_from_userid (uid->name);
881 if (mbox && (p = strchr (mbox, '@')))
888 es_fprintf (es_stdout, "$ORIGIN _pka.%s.\n", p);
889 gcry_md_hash_buffer (GCRY_MD_SHA1, hashbuf, mbox, strlen (mbox));
890 hash = zb32_encode (hashbuf, 8*20);
893 len = strlen (hexfpr)/2;
894 es_fprintf (es_stdout,
895 "%s TYPE37 \\# %u 0006 0000 00 %02X %s\n",
896 hash, 6 + len, len, hexfpr);
904 es_putc ('\n', es_stdout);
911 list_keyblock_print (KBNODE keyblock, int secret, int fpr,
912 struct keylist_context *listctx)
920 char *hexgrip = NULL;
921 char *serialno = NULL;
922 char pkstrbuf[PUBKEY_STRING_SIZE];
924 /* Get the keyid from the keyblock. */
925 node = find_kbnode (keyblock, PKT_PUBLIC_KEY);
928 log_error ("Oops; key lost!\n");
929 dump_kbnode (keyblock);
933 pk = node->pkt->pkt.public_key;
935 if (secret || opt.with_keygrip)
937 rc = hexkeygrip_from_pk (pk, &hexgrip);
939 log_error ("error computing a keygrip: %s\n", gpg_strerror (rc));
944 if (!agent_get_keyinfo (NULL, hexgrip, &serialno))
945 s2k_char = serialno? '>':' ';
947 s2k_char = '#'; /* Key not found. */
952 check_trustdb_stale ();
955 es_fprintf (es_stdout, "%s%c %s/%s %s",
958 pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
959 keystr_from_pk (pk), datestr_from_pk (pk));
961 if ((opt.list_options & LIST_SHOW_USAGE))
963 es_fprintf (es_stdout, " [%s]", usagestr_from_pk (pk, 0));
965 if (pk->flags.revoked)
967 es_fprintf (es_stdout, " [");
968 es_fprintf (es_stdout, _("revoked: %s"), revokestr_from_pk (pk));
969 es_fprintf (es_stdout, "]");
971 else if (pk->has_expired)
973 es_fprintf (es_stdout, " [");
974 es_fprintf (es_stdout, _("expired: %s"), expirestr_from_pk (pk));
975 es_fprintf (es_stdout, "]");
977 else if (pk->expiredate)
979 es_fprintf (es_stdout, " [");
980 es_fprintf (es_stdout, _("expires: %s"), expirestr_from_pk (pk));
981 es_fprintf (es_stdout, "]");
985 /* I need to think about this some more. It's easy enough to
986 include, but it looks sort of confusing in the listing... */
987 if (opt.list_options & LIST_SHOW_VALIDITY)
989 int validity = get_validity (pk, NULL);
990 es_fprintf (es_stdout, " [%s]", trust_value_to_string (validity));
994 if (pk->pubkey_algo >= 100)
995 es_fprintf (es_stdout, " [experimental algorithm %d]", pk->pubkey_algo);
997 es_fprintf (es_stdout, "\n");
1000 print_fingerprint (NULL, pk, 0);
1002 if (opt.with_keygrip && hexgrip)
1003 es_fprintf (es_stdout, " Keygrip = %s\n", hexgrip);
1006 print_card_serialno (serialno);
1008 if (opt.with_key_data)
1009 print_key_data (pk);
1011 for (kbctx = NULL; (node = walk_kbnode (keyblock, &kbctx, 0));)
1013 if (node->pkt->pkttype == PKT_USER_ID)
1015 PKT_user_id *uid = node->pkt->pkt.user_id;
1017 if ((uid->is_expired || uid->is_revoked)
1018 && !(opt.list_options & LIST_SHOW_UNUSABLE_UIDS))
1026 if (attrib_fp && uid->attrib_data != NULL)
1027 dump_attribs (uid, pk);
1029 if ((uid->is_revoked || uid->is_expired)
1030 || (opt.list_options & LIST_SHOW_UID_VALIDITY))
1032 const char *validity;
1035 validity = uid_trust_string_fixed (pk, uid);
1037 (keystrlen () + (opt.legacy_list_mode? 9:11)) -
1038 atoi (uid_trust_string_fixed (NULL, NULL));
1040 if (indent < 0 || indent > 40)
1043 es_fprintf (es_stdout, "uid%*s%s ", indent, "", validity);
1046 es_fprintf (es_stdout, "uid%*s",
1047 (int) keystrlen () + (opt.legacy_list_mode? 10:12), "");
1049 print_utf8_buffer (es_stdout, uid->name, uid->len);
1050 es_putc ('\n', es_stdout);
1052 if ((opt.list_options & LIST_SHOW_PHOTOS) && uid->attribs != NULL)
1053 show_photos (uid->attribs, uid->numattribs, pk, uid);
1055 else if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
1057 PKT_public_key *pk2 = node->pkt->pkt.public_key;
1059 if ((pk2->flags.revoked || pk2->has_expired)
1060 && !(opt.list_options & LIST_SHOW_UNUSABLE_SUBKEYS))
1068 xfree (serialno); serialno = NULL;
1069 xfree (hexgrip); hexgrip = NULL;
1070 if (secret || opt.with_keygrip)
1072 rc = hexkeygrip_from_pk (pk2, &hexgrip);
1074 log_error ("error computing a keygrip: %s\n",
1079 if (!agent_get_keyinfo (NULL, hexgrip, &serialno))
1080 s2k_char = serialno? '>':' ';
1082 s2k_char = '#'; /* Key not found. */
1087 es_fprintf (es_stdout, "%s%c %s/%s %s",
1088 secret? "ssb":"sub",
1090 pubkey_string (pk2, pkstrbuf, sizeof pkstrbuf),
1091 keystr_from_pk (pk2), datestr_from_pk (pk2));
1093 if ((opt.list_options & LIST_SHOW_USAGE))
1095 es_fprintf (es_stdout, " [%s]", usagestr_from_pk (pk2, 0));
1097 if (pk2->flags.revoked)
1099 es_fprintf (es_stdout, " [");
1100 es_fprintf (es_stdout, _("revoked: %s"), revokestr_from_pk (pk2));
1101 es_fprintf (es_stdout, "]");
1103 else if (pk2->has_expired)
1105 es_fprintf (es_stdout, " [");
1106 es_fprintf (es_stdout, _("expired: %s"), expirestr_from_pk (pk2));
1107 es_fprintf (es_stdout, "]");
1109 else if (pk2->expiredate)
1111 es_fprintf (es_stdout, " [");
1112 es_fprintf (es_stdout, _("expires: %s"), expirestr_from_pk (pk2));
1113 es_fprintf (es_stdout, "]");
1115 es_putc ('\n', es_stdout);
1118 print_fingerprint (NULL, pk2, 0);
1120 print_card_serialno (serialno);
1122 if (opt.with_keygrip && hexgrip)
1123 es_fprintf (es_stdout, " Keygrip = %s\n", hexgrip);
1124 if (opt.with_key_data)
1125 print_key_data (pk2);
1127 else if (opt.list_sigs
1128 && node->pkt->pkttype == PKT_SIGNATURE && !skip_sigs)
1130 PKT_signature *sig = node->pkt->pkt.signature;
1134 if (listctx->check_sigs)
1136 rc = check_key_signature (keyblock, node, NULL);
1137 switch (gpg_err_code (rc))
1140 listctx->good_sigs++;
1143 case GPG_ERR_BAD_SIGNATURE:
1144 listctx->inv_sigs++;
1147 case GPG_ERR_NO_PUBKEY:
1148 case GPG_ERR_UNUSABLE_PUBKEY:
1157 /* TODO: Make sure a cached sig record here still has
1158 the pk that issued it. See also
1159 keyedit.c:print_and_check_one_sig */
1167 if (sig->sig_class == 0x20 || sig->sig_class == 0x28
1168 || sig->sig_class == 0x30)
1170 else if ((sig->sig_class & ~3) == 0x10)
1172 else if (sig->sig_class == 0x18)
1174 else if (sig->sig_class == 0x1F)
1178 es_fprintf (es_stdout, "sig "
1179 "[unexpected signature class 0x%02x]\n",
1184 es_fputs (sigstr, es_stdout);
1185 es_fprintf (es_stdout, "%c%c %c%c%c%c%c%c %s %s",
1186 sigrc, (sig->sig_class - 0x10 > 0 &&
1187 sig->sig_class - 0x10 <
1188 4) ? '0' + sig->sig_class - 0x10 : ' ',
1189 sig->flags.exportable ? ' ' : 'L',
1190 sig->flags.revocable ? ' ' : 'R',
1191 sig->flags.policy_url ? 'P' : ' ',
1192 sig->flags.notation ? 'N' : ' ',
1193 sig->flags.expired ? 'X' : ' ',
1194 (sig->trust_depth > 9) ? 'T' : (sig->trust_depth >
1196 sig->trust_depth : ' ', keystr (sig->keyid),
1197 datestr_from_sig (sig));
1198 if (opt.list_options & LIST_SHOW_SIG_EXPIRE)
1199 es_fprintf (es_stdout, " %s", expirestr_from_sig (sig));
1200 es_fprintf (es_stdout, " ");
1202 es_fprintf (es_stdout, "[%s] ", gpg_strerror (rc));
1203 else if (sigrc == '?')
1205 else if (!opt.fast_list_mode)
1208 char *p = get_user_id (sig->keyid, &n);
1209 print_utf8_buffer (es_stdout, p, n);
1212 es_putc ('\n', es_stdout);
1214 if (sig->flags.policy_url
1215 && (opt.list_options & LIST_SHOW_POLICY_URLS))
1216 show_policy_url (sig, 3, 0);
1218 if (sig->flags.notation && (opt.list_options & LIST_SHOW_NOTATIONS))
1219 show_notation (sig, 3, 0,
1221 list_options & LIST_SHOW_STD_NOTATIONS) ? 1 : 0)
1224 list_options & LIST_SHOW_USER_NOTATIONS) ? 2 :
1227 if (sig->flags.pref_ks
1228 && (opt.list_options & LIST_SHOW_KEYSERVER_URLS))
1229 show_keyserver_url (sig, 3, 0);
1231 /* fixme: check or list other sigs here */
1234 es_putc ('\n', es_stdout);
1240 print_revokers (estream_t fp, PKT_public_key * pk)
1242 /* print the revoker record */
1243 if (!pk->revkey && pk->numrevkeys)
1249 for (i = 0; i < pk->numrevkeys; i++)
1253 es_fprintf (fp, "rvk:::%d::::::", pk->revkey[i].algid);
1254 p = pk->revkey[i].fpr;
1255 for (j = 0; j < 20; j++, p++)
1256 es_fprintf (fp, "%02X", *p);
1257 es_fprintf (fp, ":%02x%s:\n",
1258 pk->revkey[i].class,
1259 (pk->revkey[i].class & 0x40) ? "s" : "");
1265 /* List a key in colon mode. If SECRET is true this is a secret key
1266 record (i.e. requested via --list-secret-key). If HAS_SECRET a
1267 secret key is available even if SECRET is not set. */
1269 list_keyblock_colon (KBNODE keyblock, int secret, int has_secret, int fpr)
1276 int trustletter = 0;
1280 char *hexgrip = NULL;
1281 char *serialno = NULL;
1284 /* Get the keyid from the keyblock. */
1285 node = find_kbnode (keyblock, PKT_PUBLIC_KEY);
1288 log_error ("Oops; key lost!\n");
1289 dump_kbnode (keyblock);
1293 pk = node->pkt->pkt.public_key;
1294 if (secret || has_secret || opt.with_keygrip || opt.with_key_data)
1296 rc = hexkeygrip_from_pk (pk, &hexgrip);
1298 log_error ("error computing a keygrip: %s\n", gpg_strerror (rc));
1301 if ((secret||has_secret) && agent_get_keyinfo (NULL, hexgrip, &serialno))
1302 stubkey = 1; /* Key not found. */
1304 keyid_from_pk (pk, keyid);
1305 es_fputs (secret? "sec:":"pub:", es_stdout);
1306 if (!pk->flags.valid)
1307 es_putc ('i', es_stdout);
1308 else if (pk->flags.revoked)
1309 es_putc ('r', es_stdout);
1310 else if (pk->has_expired)
1311 es_putc ('e', es_stdout);
1312 else if (opt.fast_list_mode || opt.no_expensive_trust_checks)
1316 trustletter = get_validity_info (pk, NULL);
1317 if (trustletter == 'u')
1319 es_putc (trustletter, es_stdout);
1322 es_fprintf (es_stdout, ":%u:%d:%08lX%08lX:%s:%s::",
1325 (ulong) keyid[0], (ulong) keyid[1],
1326 colon_datestr_from_pk (pk), colon_strtime (pk->expiredate));
1328 if (!opt.fast_list_mode && !opt.no_expensive_trust_checks)
1329 es_putc (get_ownertrust_info (pk), es_stdout);
1330 es_putc (':', es_stdout);
1332 es_putc (':', es_stdout);
1333 es_putc (':', es_stdout);
1334 print_capabilities (pk, keyblock);
1335 es_putc (':', es_stdout); /* End of field 13. */
1336 es_putc (':', es_stdout); /* End of field 14. */
1337 if (secret || has_secret)
1340 es_putc ('#', es_stdout);
1342 es_fputs (serialno, es_stdout);
1343 else if (has_secret)
1344 es_putc ('+', es_stdout);
1346 es_putc (':', es_stdout); /* End of field 15. */
1347 es_putc (':', es_stdout); /* End of field 16. */
1348 if (pk->pubkey_algo == PUBKEY_ALGO_ECDSA
1349 || pk->pubkey_algo == PUBKEY_ALGO_EDDSA
1350 || pk->pubkey_algo == PUBKEY_ALGO_ECDH)
1352 char *curve = openpgp_oid_to_str (pk->pkey[0]);
1353 const char *name = openpgp_oid_to_curve (curve, 0);
1356 es_fputs (name, es_stdout);
1359 es_putc (':', es_stdout); /* End of field 17. */
1360 es_putc ('\n', es_stdout);
1362 print_revokers (es_stdout, pk);
1364 print_fingerprint (NULL, pk, 0);
1365 if (opt.with_key_data || opt.with_keygrip)
1368 es_fprintf (es_stdout, "grp:::::::::%s:\n", hexgrip);
1369 if (opt.with_key_data)
1370 print_key_data (pk);
1373 for (kbctx = NULL; (node = walk_kbnode (keyblock, &kbctx, 0));)
1375 if (node->pkt->pkttype == PKT_USER_ID)
1378 PKT_user_id *uid = node->pkt->pkt.user_id;
1380 if (attrib_fp && node->pkt->pkt.user_id->attrib_data != NULL)
1381 dump_attribs (node->pkt->pkt.user_id, pk);
1383 * Fixme: We need a valid flag here too
1385 str = uid->attrib_data ? "uat" : "uid";
1386 if (uid->is_revoked)
1387 es_fprintf (es_stdout, "%s:r::::", str);
1388 else if (uid->is_expired)
1389 es_fprintf (es_stdout, "%s:e::::", str);
1390 else if (opt.no_expensive_trust_checks)
1391 es_fprintf (es_stdout, "%s:::::", str);
1397 uid_validity = get_validity_info (pk, uid);
1400 es_fprintf (es_stdout, "%s:%c::::", str, uid_validity);
1403 es_fprintf (es_stdout, "%s:", colon_strtime (uid->created));
1404 es_fprintf (es_stdout, "%s:", colon_strtime (uid->expiredate));
1406 namehash_from_uid (uid);
1408 for (i = 0; i < 20; i++)
1409 es_fprintf (es_stdout, "%02X", uid->namehash[i]);
1411 es_fprintf (es_stdout, "::");
1413 if (uid->attrib_data)
1414 es_fprintf (es_stdout, "%u %lu", uid->numattribs, uid->attrib_len);
1416 es_write_sanitized (es_stdout, uid->name, uid->len, ":", NULL);
1417 es_putc (':', es_stdout);
1418 es_putc ('\n', es_stdout);
1420 else if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
1423 PKT_public_key *pk2;
1425 pk2 = node->pkt->pkt.public_key;
1426 xfree (hexgrip); hexgrip = NULL;
1427 xfree (serialno); serialno = NULL;
1428 if (secret || has_secret || opt.with_keygrip || opt.with_key_data)
1430 rc = hexkeygrip_from_pk (pk2, &hexgrip);
1432 log_error ("error computing a keygrip: %s\n",
1436 if ((secret||has_secret)
1437 && agent_get_keyinfo (NULL, hexgrip, &serialno))
1438 stubkey = 1; /* Key not found. */
1440 keyid_from_pk (pk2, keyid2);
1441 es_fputs (secret? "ssb:":"sub:", es_stdout);
1442 if (!pk2->flags.valid)
1443 es_putc ('i', es_stdout);
1444 else if (pk2->flags.revoked)
1445 es_putc ('r', es_stdout);
1446 else if (pk2->has_expired)
1447 es_putc ('e', es_stdout);
1448 else if (opt.fast_list_mode || opt.no_expensive_trust_checks)
1452 /* TRUSTLETTER should always be defined here. */
1454 es_fprintf (es_stdout, "%c", trustletter);
1456 es_fprintf (es_stdout, ":%u:%d:%08lX%08lX:%s:%s:::::",
1457 nbits_from_pk (pk2),
1459 (ulong) keyid2[0], (ulong) keyid2[1],
1460 colon_datestr_from_pk (pk2), colon_strtime (pk2->expiredate)
1461 /* fixme: add LID and ownertrust here */
1463 print_capabilities (pk2, NULL);
1464 es_putc (':', es_stdout); /* End of field 13. */
1465 es_putc (':', es_stdout); /* End of field 14. */
1466 if (secret || has_secret)
1469 es_putc ('#', es_stdout);
1471 es_fputs (serialno, es_stdout);
1472 else if (has_secret)
1473 es_putc ('+', es_stdout);
1475 es_putc (':', es_stdout); /* End of field 15. */
1476 es_putc (':', es_stdout); /* End of field 16. */
1477 if (pk->pubkey_algo == PUBKEY_ALGO_ECDSA
1478 || pk->pubkey_algo == PUBKEY_ALGO_EDDSA
1479 || pk->pubkey_algo == PUBKEY_ALGO_ECDH)
1481 char *curve = openpgp_oid_to_str (pk->pkey[0]);
1482 const char *name = openpgp_oid_to_curve (curve, 0);
1485 es_fputs (name, es_stdout);
1488 es_putc (':', es_stdout); /* End of field 17. */
1489 es_putc ('\n', es_stdout);
1491 print_fingerprint (NULL, pk2, 0);
1492 if (opt.with_key_data || opt.with_keygrip)
1495 es_fprintf (es_stdout, "grp:::::::::%s:\n", hexgrip);
1496 if (opt.with_key_data)
1497 print_key_data (pk2);
1500 else if (opt.list_sigs && node->pkt->pkttype == PKT_SIGNATURE)
1502 PKT_signature *sig = node->pkt->pkt.signature;
1503 int sigrc, fprokay = 0;
1506 byte fparray[MAX_FINGERPRINT_LEN];
1508 if (sig->sig_class == 0x20 || sig->sig_class == 0x28
1509 || sig->sig_class == 0x30)
1511 else if ((sig->sig_class & ~3) == 0x10)
1513 else if (sig->sig_class == 0x18)
1515 else if (sig->sig_class == 0x1F)
1519 es_fprintf (es_stdout, "sig::::::::::%02x%c:\n",
1520 sig->sig_class, sig->flags.exportable ? 'x' : 'l');
1526 PKT_public_key *signer_pk = NULL;
1529 if (opt.no_sig_cache)
1530 signer_pk = xmalloc_clear (sizeof (PKT_public_key));
1532 rc = check_key_signature2 (keyblock, node, NULL, signer_pk,
1534 switch (gpg_err_code (rc))
1539 case GPG_ERR_BAD_SIGNATURE:
1542 case GPG_ERR_NO_PUBKEY:
1543 case GPG_ERR_UNUSABLE_PUBKEY:
1551 if (opt.no_sig_cache)
1555 fingerprint_from_pk (signer_pk, fparray, &fplen);
1558 free_public_key (signer_pk);
1566 es_fputs (sigstr, es_stdout);
1567 es_putc (':', es_stdout);
1569 es_putc (sigrc, es_stdout);
1570 es_fprintf (es_stdout, "::%d:%08lX%08lX:%s:%s:", sig->pubkey_algo,
1571 (ulong) sig->keyid[0], (ulong) sig->keyid[1],
1572 colon_datestr_from_sig (sig),
1573 colon_expirestr_from_sig (sig));
1575 if (sig->trust_depth || sig->trust_value)
1576 es_fprintf (es_stdout, "%d %d", sig->trust_depth, sig->trust_value);
1577 es_fprintf (es_stdout, ":");
1579 if (sig->trust_regexp)
1580 es_write_sanitized (es_stdout, sig->trust_regexp,
1581 strlen (sig->trust_regexp), ":", NULL);
1582 es_fprintf (es_stdout, ":");
1585 es_fprintf (es_stdout, "[%s] ", gpg_strerror (rc));
1586 else if (sigrc == '?')
1588 else if (!opt.fast_list_mode)
1591 p = get_user_id (sig->keyid, &n);
1592 es_write_sanitized (es_stdout, p, n, ":", NULL);
1595 es_fprintf (es_stdout, ":%02x%c::", sig->sig_class,
1596 sig->flags.exportable ? 'x' : 'l');
1598 if (opt.no_sig_cache && opt.check_sigs && fprokay)
1600 for (i = 0; i < fplen; i++)
1601 es_fprintf (es_stdout, "%02X", fparray[i]);
1604 es_fprintf (es_stdout, ":::%d:\n", sig->digest_algo);
1606 if (opt.show_subpackets)
1607 print_subpackets_colon (sig);
1609 /* fixme: check or list other sigs here */
1618 * Reorder the keyblock so that the primary user ID (and not attribute
1619 * packet) comes first. Fixme: Replace this by a generic sort
1622 do_reorder_keyblock (KBNODE keyblock, int attr)
1624 KBNODE primary = NULL, primary0 = NULL, primary2 = NULL;
1627 for (node = keyblock; node; primary0 = node, node = node->next)
1629 if (node->pkt->pkttype == PKT_USER_ID &&
1630 ((attr && node->pkt->pkt.user_id->attrib_data) ||
1631 (!attr && !node->pkt->pkt.user_id->attrib_data)) &&
1632 node->pkt->pkt.user_id->is_primary)
1634 primary = primary2 = node;
1635 for (node = node->next; node; primary2 = node, node = node->next)
1637 if (node->pkt->pkttype == PKT_USER_ID
1638 || node->pkt->pkttype == PKT_PUBLIC_SUBKEY
1639 || node->pkt->pkttype == PKT_SECRET_SUBKEY)
1648 return; /* No primary key flag found (should not happen). */
1650 for (last = NULL, node = keyblock; node; last = node, node = node->next)
1652 if (node->pkt->pkttype == PKT_USER_ID)
1656 assert (last); /* The user ID is never the first packet. */
1657 assert (primary0); /* Ditto (this is the node before primary). */
1658 if (node == primary)
1659 return; /* Already the first one. */
1661 last->next = primary;
1662 primary0->next = primary2->next;
1663 primary2->next = node;
1667 reorder_keyblock (KBNODE keyblock)
1669 do_reorder_keyblock (keyblock, 1);
1670 do_reorder_keyblock (keyblock, 0);
1674 list_keyblock (KBNODE keyblock, int secret, int has_secret, int fpr,
1675 struct keylist_context *listctx)
1677 reorder_keyblock (keyblock);
1678 if (opt.print_pka_records)
1679 list_keyblock_pka (keyblock);
1680 else if (opt.with_colons)
1681 list_keyblock_colon (keyblock, secret, has_secret, fpr);
1683 list_keyblock_print (keyblock, secret, fpr, listctx);
1685 es_fflush (es_stdout);
1689 /* Public function used by keygen to list a keyblock. */
1691 list_keyblock_direct (kbnode_t keyblock, int secret, int has_secret, int fpr)
1693 struct keylist_context listctx;
1695 memset (&listctx, 0, sizeof (listctx));
1696 list_keyblock (keyblock, secret, has_secret, fpr, &listctx);
1697 keylist_context_release (&listctx);
1701 /* Print an hex digit in ICAO spelling. */
1703 print_icao_hexdigit (estream_t fp, int c)
1705 static const char *list[16] = {
1706 "Zero", "One", "Two", "Three", "Four", "Five", "Six", "Seven",
1707 "Eight", "Niner", "Alfa", "Bravo", "Charlie", "Delta", "Echo", "Foxtrot"
1710 tty_fprintf (fp, "%s", list[c&15]);
1715 * Function to print the finperprint.
1716 * mode 0: as used in key listings, opt.with_colons is honored
1717 * 1: print using log_info ()
1718 * 2: direct use of tty
1719 * 3: direct use of tty but only primary key.
1720 * 4: direct use of tty but only subkey.
1721 * 10: Same as 0 but with_colons etc is ignored.
1723 * Modes 1 and 2 will try and print both subkey and primary key
1724 * fingerprints. A MODE with bit 7 set is used internally. If
1725 * OVERRIDE_FP is not NULL that stream will be used in 0 instead
1726 * of es_stdout or instead of the TTY in modes 2 and 3.
1729 print_fingerprint (estream_t override_fp, PKT_public_key *pk, int mode)
1731 byte array[MAX_FINGERPRINT_LEN], *p;
1736 int with_colons = opt.with_colons;
1737 int with_icao = opt.with_icao_spelling;
1746 if (pk->main_keyid[0] == pk->keyid[0]
1747 && pk->main_keyid[1] == pk->keyid[1])
1750 /* Just to be safe */
1751 if ((mode & 0x80) && !primary)
1753 log_error ("primary key is not really primary!\n");
1759 if (!primary && (mode == 1 || mode == 2))
1761 PKT_public_key *primary_pk = xmalloc_clear (sizeof (*primary_pk));
1762 get_pubkey (primary_pk, pk->main_keyid);
1763 print_fingerprint (override_fp, primary_pk, (mode | 0x80));
1764 free_public_key (primary_pk);
1769 fp = log_get_stream ();
1771 text = _("Primary key fingerprint:");
1773 text = _(" Subkey fingerprint:");
1777 fp = override_fp; /* Use tty or given stream. */
1779 /* TRANSLATORS: this should fit into 24 bytes so that the
1780 * fingerprint data is properly aligned with the user ID */
1781 text = _(" Primary key fingerprint:");
1783 text = _(" Subkey fingerprint:");
1787 fp = override_fp; /* Use tty or given stream. */
1788 text = _(" Key fingerprint =");
1792 fp = override_fp; /* Use tty or given stream. */
1793 text = _(" Subkey fingerprint:");
1797 fp = override_fp? override_fp : es_stdout;
1798 text = _(" Key fingerprint =");
1801 fingerprint_from_pk (pk, array, &n);
1803 if (with_colons && !mode)
1805 es_fprintf (fp, "fpr:::::::::");
1806 for (i = 0; i < n; i++, p++)
1807 es_fprintf (fp, "%02X", *p);
1812 tty_fprintf (fp, "%s", text);
1815 for (i = 0; i < n; i++, i++, p += 2)
1816 tty_fprintf (fp, "%s %02X%02X", i==10? " ":"", *p, p[1]);
1820 for (i = 0; i < n; i++, p++)
1821 tty_fprintf (fp, "%s %02X", (i && !(i % 8))? " ":"", *p);
1824 tty_fprintf (fp, "\n");
1825 if (!with_colons && with_icao)
1828 tty_fprintf (fp, "%*s\"", (int)strlen(text)+1, "");
1829 for (i = 0; i < n; i++, p++)
1834 tty_fprintf (fp, "\n%*s ", (int)strlen(text)+1, "");
1836 tty_fprintf (fp, " ");
1838 tty_fprintf (fp, " ");
1839 print_icao_hexdigit (fp, *p >> 4);
1840 tty_fprintf (fp, " ");
1841 print_icao_hexdigit (fp, *p & 15);
1843 tty_fprintf (fp, "\"\n");
1847 /* Print the serial number of an OpenPGP card if available. */
1849 print_card_serialno (const char *serialno)
1853 if (opt.with_colons)
1854 return; /* Handled elsewhere. */
1856 es_fputs (_(" Card serial no. ="), es_stdout);
1857 es_putc (' ', es_stdout);
1858 if (strlen (serialno) == 32 && !strncmp (serialno, "D27600012401", 12))
1860 /* This is an OpenPGP card. Print the relevant part. */
1861 /* Example: D2760001240101010001000003470000 */
1863 es_fprintf (es_stdout, "%.*s %.*s", 4, serialno+16, 8, serialno+20);
1866 es_fputs (serialno, es_stdout);
1867 es_putc ('\n', es_stdout);
1873 set_attrib_fd (int fd)
1875 static int last_fd = -1;
1877 if (fd != -1 && last_fd == fd)
1880 /* Fixme: Do we need to check for the log stream here? */
1881 if (attrib_fp && attrib_fp != log_get_stream ())
1882 es_fclose (attrib_fp);
1887 #ifdef HAVE_DOSISH_SYSTEM
1888 setmode (fd, O_BINARY);
1891 attrib_fp = es_stdout;
1893 attrib_fp = es_stderr;
1895 attrib_fp = es_fdopen (fd, "wb");
1898 log_fatal ("can't open fd %d for attribute output: %s\n",
1899 fd, strerror (errno));