search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fixed some card related problems.
[gnupg.git] / g10 / keyedit.c
blobfd9f23b204af992bc2f177842632c8e26b0292bf
1 /* keyedit.c - keyedit stuff
2 * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
3 * 2008 Free Software Foundation, Inc.
4 *
5 * This file is part of GnuPG.
6 *
7 * GnuPG is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 3 of the License, or
10 * (at your option) any later version.
11 *
12 * GnuPG is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, see <http://www.gnu.org/licenses/>.
19 */
20
21 #include <config.h>
22 #include <stdio.h>
23 #include <stdlib.h>
24 #include <string.h>
25 #include <errno.h>
26 #include <assert.h>
27 #include <ctype.h>
28 #ifdef HAVE_LIBREADLINE
29 #define GNUPG_LIBREADLINE_H_INCLUDED
30 #include <readline/readline.h>
31 #endif
32
33 #include "gpg.h"
34 #include "options.h"
35 #include "packet.h"
36 #include "status.h"
37 #include "iobuf.h"
38 #include "keydb.h"
39 #include "photoid.h"
40 #include "util.h"
41 #include "main.h"
42 #include "trustdb.h"
43 #include "filter.h"
44 #include "ttyio.h"
45 #include "status.h"
46 #include "i18n.h"
47 #include "keyserver-internal.h"
48
49 static void show_prefs( PKT_user_id *uid, PKT_signature *selfsig, int verbose);
50 static void show_names(KBNODE keyblock,PKT_public_key *pk,
51 unsigned int flag,int with_prefs);
52 static void show_key_with_all_names( KBNODE keyblock, int only_marked,
53 int with_revoker, int with_fpr, int with_subkeys, int with_prefs );
54 static void show_key_and_fingerprint( KBNODE keyblock );
55 static int menu_adduid( KBNODE keyblock, KBNODE sec_keyblock,
56 int photo, const char *photo_name );
57 static void menu_deluid( KBNODE pub_keyblock, KBNODE sec_keyblock );
58 static int menu_delsig( KBNODE pub_keyblock );
59 static int menu_clean(KBNODE keyblock,int self_only);
60 static void menu_delkey( KBNODE pub_keyblock, KBNODE sec_keyblock );
61 static int menu_addrevoker( KBNODE pub_keyblock,
62 KBNODE sec_keyblock, int sensitive );
63 static int menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock );
64 static int menu_backsign(KBNODE pub_keyblock,KBNODE sec_keyblock);
65 static int menu_set_primary_uid( KBNODE pub_keyblock, KBNODE sec_keyblock );
66 static int menu_set_preferences( KBNODE pub_keyblock, KBNODE sec_keyblock );
67 static int menu_set_keyserver_url (const char *url,
68 KBNODE pub_keyblock, KBNODE sec_keyblock );
69 static int menu_set_notation(const char *string,
70 KBNODE pub_keyblock,KBNODE sec_keyblock);
71 static int menu_select_uid( KBNODE keyblock, int idx );
72 static int menu_select_uid_namehash( KBNODE keyblock, const char *namehash );
73 static int menu_select_key( KBNODE keyblock, int idx );
74 static int count_uids( KBNODE keyblock );
75 static int count_uids_with_flag( KBNODE keyblock, unsigned flag );
76 static int count_keys_with_flag( KBNODE keyblock, unsigned flag );
77 static int count_selected_uids( KBNODE keyblock );
78 static int real_uids_left( KBNODE keyblock );
79 static int count_selected_keys( KBNODE keyblock );
80 static int menu_revsig( KBNODE keyblock );
81 static int menu_revuid( KBNODE keyblock, KBNODE sec_keyblock );
82 static int menu_revkey( KBNODE pub_keyblock, KBNODE sec_keyblock );
83 static int menu_revsubkey( KBNODE pub_keyblock, KBNODE sec_keyblock );
84 static int enable_disable_key( KBNODE keyblock, int disable );
85 static void menu_showphoto( KBNODE keyblock );
86
87 static int update_trust=0;
88
89 #define CONTROL_D ('D' - 'A' + 1)
90
91 #define NODFLG_BADSIG (1<<0) /* bad signature */
92 #define NODFLG_NOKEY (1<<1) /* no public key */
93 #define NODFLG_SIGERR (1<<2) /* other sig error */
94
95 #define NODFLG_MARK_A (1<<4) /* temporary mark */
96 #define NODFLG_DELSIG (1<<5) /* to be deleted */
97
98 #define NODFLG_SELUID (1<<8) /* indicate the selected userid */
99 #define NODFLG_SELKEY (1<<9) /* indicate the selected key */
100 #define NODFLG_SELSIG (1<<10) /* indicate a selected signature */
101
102 struct sign_attrib {
103 int non_exportable,non_revocable;
104 struct revocation_reason_info *reason;
105 byte trust_depth,trust_value;
106 char *trust_regexp;
107 };
108
109
110 #ifdef ENABLE_CARD_SUPPORT
111 /* Given a node SEC_NODE with a secret key or subkey, locate the
112 corresponding public key from pub_keyblock. */
113 static PKT_public_key *
114 find_pk_from_sknode (KBNODE pub_keyblock, KBNODE sec_node)
115 {
116 KBNODE node = pub_keyblock;
117 PKT_secret_key *sk;
118 PKT_public_key *pk;
119
120 if (sec_node->pkt->pkttype == PKT_SECRET_KEY
121 && node->pkt->pkttype == PKT_PUBLIC_KEY)
122 return node->pkt->pkt.public_key;
123 if (sec_node->pkt->pkttype != PKT_SECRET_SUBKEY)
124 return NULL;
125 sk = sec_node->pkt->pkt.secret_key;
126 for (; node; node = node->next)
127 if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
128 {
129 pk = node->pkt->pkt.public_key;
130 if (pk->keyid[0] == sk->keyid[0] && pk->keyid[1] == sk->keyid[1])
131 return pk;
132 }
133
134 return NULL;
135 }
136 #endif /* ENABLE_CARD_SUPPORT */
137
138
139 /* TODO: Fix duplicated code between here and the check-sigs/list-sigs
140 code in keylist.c. */
141 static int
142 print_and_check_one_sig_colon( KBNODE keyblock, KBNODE node,
143 int *inv_sigs, int *no_key, int *oth_err,
144 int *is_selfsig, int print_without_key )
145 {
146 PKT_signature *sig = node->pkt->pkt.signature;
147 int rc, sigrc;
148
149 /* TODO: Make sure a cached sig record here still has the pk that
150 issued it. See also keylist.c:list_keyblock_print */
151
152 switch((rc=check_key_signature(keyblock,node,is_selfsig)))
153 {
154 case 0:
155 node->flag &= ~(NODFLG_BADSIG|NODFLG_NOKEY|NODFLG_SIGERR);
156 sigrc = '!';
157 break;
158 case G10ERR_BAD_SIGN:
159 node->flag = NODFLG_BADSIG;
160 sigrc = '-';
161 if( inv_sigs )
162 ++*inv_sigs;
163 break;
164 case G10ERR_NO_PUBKEY:
165 case G10ERR_UNU_PUBKEY:
166 node->flag = NODFLG_NOKEY;
167 sigrc = '?';
168 if( no_key )
169 ++*no_key;
170 break;
171 default:
172 node->flag = NODFLG_SIGERR;
173 sigrc = '%';
174 if( oth_err )
175 ++*oth_err;
176 break;
177 }
178
179 if( sigrc != '?' || print_without_key )
180 {
181 printf("sig:%c::%d:%08lX%08lX:%lu:%lu:",
182 sigrc,sig->pubkey_algo,(ulong)sig->keyid[0],(ulong)sig->keyid[1],
183 (ulong)sig->timestamp,(ulong)sig->expiredate);
184
185 if(sig->trust_depth || sig->trust_value)
186 printf("%d %d",sig->trust_depth,sig->trust_value);
187
188 printf(":");
189
190 if(sig->trust_regexp)
191 print_string(stdout,sig->trust_regexp,strlen(sig->trust_regexp),':');
192
193 printf("::%02x%c\n",sig->sig_class,sig->flags.exportable?'x':'l');
194
195 if(opt.show_subpackets)
196 print_subpackets_colon(sig);
197 }
198
199 return (sigrc == '!');
200 }
201
202
203 /****************
204 * Print information about a signature, check it and return true
205 * if the signature is okay. NODE must be a signature packet.
206 */
207 static int
208 print_and_check_one_sig( KBNODE keyblock, KBNODE node,
209 int *inv_sigs, int *no_key, int *oth_err,
210 int *is_selfsig, int print_without_key )
211 {
212 PKT_signature *sig = node->pkt->pkt.signature;
213 int rc, sigrc;
214 int is_rev = sig->sig_class == 0x30;
215
216 /* TODO: Make sure a cached sig record here still has the pk that
217 issued it. See also keylist.c:list_keyblock_print */
218
219 switch( (rc = check_key_signature( keyblock, node, is_selfsig)) ) {
220 case 0:
221 node->flag &= ~(NODFLG_BADSIG|NODFLG_NOKEY|NODFLG_SIGERR);
222 sigrc = '!';
223 break;
224 case G10ERR_BAD_SIGN:
225 node->flag = NODFLG_BADSIG;
226 sigrc = '-';
227 if( inv_sigs )
228 ++*inv_sigs;
229 break;
230 case G10ERR_NO_PUBKEY:
231 case G10ERR_UNU_PUBKEY:
232 node->flag = NODFLG_NOKEY;
233 sigrc = '?';
234 if( no_key )
235 ++*no_key;
236 break;
237 default:
238 node->flag = NODFLG_SIGERR;
239 sigrc = '%';
240 if( oth_err )
241 ++*oth_err;
242 break;
243 }
244 if( sigrc != '?' || print_without_key ) {
245 tty_printf("%s%c%c %c%c%c%c%c%c %s %s",
246 is_rev? "rev":"sig",sigrc,
247 (sig->sig_class-0x10>0 &&
248 sig->sig_class-0x10<4)?'0'+sig->sig_class-0x10:' ',
249 sig->flags.exportable?' ':'L',
250 sig->flags.revocable?' ':'R',
251 sig->flags.policy_url?'P':' ',
252 sig->flags.notation?'N':' ',
253 sig->flags.expired?'X':' ',
254 (sig->trust_depth>9)?'T':
255 (sig->trust_depth>0)?'0'+sig->trust_depth:' ',
256 keystr(sig->keyid),datestr_from_sig(sig));
257 if(opt.list_options&LIST_SHOW_SIG_EXPIRE)
258 tty_printf(" %s",expirestr_from_sig(sig));
259 tty_printf(" ");
260 if( sigrc == '%' )
261 tty_printf("[%s] ", g10_errstr(rc) );
262 else if( sigrc == '?' )
263 ;
264 else if( *is_selfsig ) {
265 tty_printf( is_rev? _("[revocation]")
266 : _("[self-signature]") );
267 }
268 else
269 {
270 size_t n;
271 char *p = get_user_id( sig->keyid, &n );
272 tty_print_utf8_string2(p, n, opt.screen_columns-keystrlen()-26-
273 ((opt.list_options&LIST_SHOW_SIG_EXPIRE)?11:0));
274 xfree(p);
275 }
276 tty_printf("\n");
277
278 if(sig->flags.policy_url && (opt.list_options&LIST_SHOW_POLICY_URLS))
279 show_policy_url(sig,3,0);
280
281 if(sig->flags.notation && (opt.list_options&LIST_SHOW_NOTATIONS))
282 show_notation(sig,3,0,
283 ((opt.list_options&LIST_SHOW_STD_NOTATIONS)?1:0)+
284 ((opt.list_options&LIST_SHOW_USER_NOTATIONS)?2:0));
285
286 if(sig->flags.pref_ks && (opt.list_options&LIST_SHOW_KEYSERVER_URLS))
287 show_keyserver_url(sig,3,0);
288 }
289
290 return (sigrc == '!');
291 }
292
293
294
295 /****************
296 * Check the keysigs and set the flags to indicate errors.
297 * Returns true if error found.
298 */
299 static int
300 check_all_keysigs( KBNODE keyblock, int only_selected )
301 {
302 KBNODE kbctx;
303 KBNODE node;
304 int inv_sigs = 0;
305 int no_key = 0;
306 int oth_err = 0;
307 int has_selfsig = 0;
308 int mis_selfsig = 0;
309 int selected = !only_selected;
310 int anyuid = 0;
311
312 for( kbctx=NULL; (node=walk_kbnode( keyblock, &kbctx, 0)) ; ) {
313 if( node->pkt->pkttype == PKT_USER_ID ) {
314 PKT_user_id *uid = node->pkt->pkt.user_id;
315
316 if( only_selected )
317 selected = (node->flag & NODFLG_SELUID);
318 if( selected ) {
319 tty_printf("uid ");
320 tty_print_utf8_string( uid->name, uid->len );
321 tty_printf("\n");
322 if( anyuid && !has_selfsig )
323 mis_selfsig++;
324 has_selfsig = 0;
325 anyuid = 1;
326 }
327 }
328 else if( selected && node->pkt->pkttype == PKT_SIGNATURE
329 && ( (node->pkt->pkt.signature->sig_class&~3) == 0x10
330 || node->pkt->pkt.signature->sig_class == 0x30 ) ) {
331 int selfsig;
332
333 if( print_and_check_one_sig( keyblock, node, &inv_sigs,
334 &no_key, &oth_err, &selfsig, 0 ) ) {
335 if( selfsig )
336 has_selfsig = 1;
337 }
338 /* Hmmm: should we update the trustdb here? */
339 }
340 }
341 if( !has_selfsig )
342 mis_selfsig++;
343 if( inv_sigs == 1 )
344 tty_printf(_("1 bad signature\n") );
345 else if( inv_sigs )
346 tty_printf(_("%d bad signatures\n"), inv_sigs );
347 if( no_key == 1 )
348 tty_printf(_("1 signature not checked due to a missing key\n") );
349 else if( no_key )
350 tty_printf(_("%d signatures not checked due to missing keys\n"), no_key );
351 if( oth_err == 1 )
352 tty_printf(_("1 signature not checked due to an error\n") );
353 else if( oth_err )
354 tty_printf(_("%d signatures not checked due to errors\n"), oth_err );
355 if( mis_selfsig == 1 )
356 tty_printf(_("1 user ID without valid self-signature detected\n"));
357 else if( mis_selfsig )
358 tty_printf(_("%d user IDs without valid self-signatures detected\n"),
359 mis_selfsig);
360
361 return inv_sigs || no_key || oth_err || mis_selfsig;
362 }
363
364
365 static int
366 sign_mk_attrib( PKT_signature *sig, void *opaque )
367 {
368 struct sign_attrib *attrib = opaque;
369 byte buf[8];
370
371 if( attrib->non_exportable ) {
372 buf[0] = 0; /* not exportable */
373 build_sig_subpkt( sig, SIGSUBPKT_EXPORTABLE, buf, 1 );
374 }
375
376 if( attrib->non_revocable ) {
377 buf[0] = 0; /* not revocable */
378 build_sig_subpkt( sig, SIGSUBPKT_REVOCABLE, buf, 1 );
379 }
380
381 if( attrib->reason )
382 revocation_reason_build_cb( sig, attrib->reason );
383
384 if(attrib->trust_depth)
385 {
386 /* Not critical. If someone doesn't understand trust sigs,
387 this can still be a valid regular signature. */
388 buf[0] = attrib->trust_depth;
389 buf[1] = attrib->trust_value;
390 build_sig_subpkt(sig,SIGSUBPKT_TRUST,buf,2);
391
392 /* Critical. If someone doesn't understands regexps, this
393 whole sig should be invalid. Note the +1 for the length -
394 regexps are null terminated. */
395 if(attrib->trust_regexp)
396 build_sig_subpkt(sig,SIGSUBPKT_FLAG_CRITICAL|SIGSUBPKT_REGEXP,
397 attrib->trust_regexp,
398 strlen(attrib->trust_regexp)+1);
399 }
400
401 return 0;
402 }
403
404 static void
405 trustsig_prompt(byte *trust_value,byte *trust_depth,char **regexp)
406 {
407 char *p;
408
409 *trust_value=0;
410 *trust_depth=0;
411 *regexp=NULL;
412
413 /* Same string as pkclist.c:do_edit_ownertrust */
414 tty_printf(_("Please decide how far you trust this user to correctly verify"
415 " other users' keys\n(by looking at passports, checking"
416 " fingerprints from different sources, etc.)\n"));
417 tty_printf("\n");
418 tty_printf (_(" %d = I trust marginally\n"), 1);
419 tty_printf (_(" %d = I trust fully\n"), 2);
420 tty_printf("\n");
421
422 while(*trust_value==0)
423 {
424 p = cpr_get("trustsig_prompt.trust_value",_("Your selection? "));
425 trim_spaces(p);
426 cpr_kill_prompt();
427 /* 60 and 120 are as per RFC2440 */
428 if(p[0]=='1' && !p[1])
429 *trust_value=60;
430 else if(p[0]=='2' && !p[1])
431 *trust_value=120;
432 xfree(p);
433 }
434
435 tty_printf("\n");
436
437 tty_printf(_(
438 "Please enter the depth of this trust signature.\n"
439 "A depth greater than 1 allows the key you are signing to make\n"
440 "trust signatures on your behalf.\n"));
441 tty_printf("\n");
442
443 while(*trust_depth==0)
444 {
445 p = cpr_get("trustsig_prompt.trust_depth",_("Your selection? "));
446 trim_spaces(p);
447 cpr_kill_prompt();
448 *trust_depth=atoi(p);
449 xfree(p);
450 }
451
452 tty_printf("\n");
453
454 tty_printf(_("Please enter a domain to restrict this signature, "
455 "or enter for none.\n"));
456
457 tty_printf("\n");
458
459 p=cpr_get("trustsig_prompt.trust_regexp",_("Your selection? "));
460 trim_spaces(p);
461 cpr_kill_prompt();
462
463 if(strlen(p)>0)
464 {
465 char *q=p;
466 int regexplen=100,ind;
467
468 *regexp=xmalloc(regexplen);
469
470 /* Now mangle the domain the user entered into a regexp. To do
471 this, \-escape everything that isn't alphanumeric, and attach
472 "<[^>]+[@.]" to the front, and ">$" to the end. */
473
474 strcpy(*regexp,"<[^>]+[@.]");
475 ind=strlen(*regexp);
476
477 while(*q)
478 {
479 if(!((*q>='A' && *q<='Z')
480 || (*q>='a' && *q<='z') || (*q>='0' && *q<='9')))
481 (*regexp)[ind++]='\\';
482
483 (*regexp)[ind++]=*q;
484
485 if((regexplen-ind)<3)
486 {
487 regexplen+=100;
488 *regexp=xrealloc(*regexp,regexplen);
489 }
490
491 q++;
492 }
493
494 (*regexp)[ind]='\0';
495 strcat(*regexp,">$");
496 }
497
498 xfree(p);
499 tty_printf("\n");
500 }
501
502 /****************
503 * Loop over all locusr and and sign the uids after asking.
504 * If no user id is marked, all user ids will be signed;
505 * if some user_ids are marked those will be signed.
506 */
507 static int
508 sign_uids( KBNODE keyblock, strlist_t locusr, int *ret_modified,
509 int local, int nonrevocable, int trust, int interactive )
510 {
511 int rc = 0;
512 SK_LIST sk_list = NULL;
513 SK_LIST sk_rover = NULL;
514 PKT_secret_key *sk = NULL;
515 KBNODE node, uidnode;
516 PKT_public_key *primary_pk=NULL;
517 int select_all = !count_selected_uids(keyblock) || interactive;
518 int all_v3=1;
519
520 /* Are there any non-v3 sigs on this key already? */
521 if(PGP2)
522 for(node=keyblock;node;node=node->next)
523 if(node->pkt->pkttype==PKT_SIGNATURE &&
524 node->pkt->pkt.signature->version>3)
525 {
526 all_v3=0;
527 break;
528 }
529
530 /* build a list of all signators.
531 *
532 * We use the CERT flag to request the primary which must always
533 * be one which is capable of signing keys. I can't see a reason
534 * why to sign keys using a subkey. Implementation of USAGE_CERT
535 * is just a hack in getkey.c and does not mean that a subkey
536 * marked as certification capable will be used. */
537 rc=build_sk_list( locusr, &sk_list, 0, PUBKEY_USAGE_CERT);
538 if( rc )
539 goto leave;
540
541 /* loop over all signators */
542 for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
543 u32 sk_keyid[2],pk_keyid[2];
544 char *p,*trust_regexp=NULL;
545 int force_v4=0,class=0,selfsig=0;
546 u32 duration=0,timestamp=0;
547 byte trust_depth=0,trust_value=0;
548
549 if(local || nonrevocable || trust ||
550 opt.cert_policy_url || opt.cert_notations)
551 force_v4=1;
552
553 /* we have to use a copy of the sk, because make_keysig_packet
554 * may remove the protection from sk and if we did other
555 * changes to the secret key, we would save the unprotected
556 * version */
557 if( sk )
558 free_secret_key(sk);
559 sk = copy_secret_key( NULL, sk_rover->sk );
560 keyid_from_sk( sk, sk_keyid );
561 /* set mark A for all selected user ids */
562 for( node=keyblock; node; node = node->next ) {
563 if( select_all || (node->flag & NODFLG_SELUID) )
564 node->flag |= NODFLG_MARK_A;
565 else
566 node->flag &= ~NODFLG_MARK_A;
567 }
568 /* reset mark for uids which are already signed */
569 uidnode = NULL;
570 for( node=keyblock; node; node = node->next ) {
571 if( node->pkt->pkttype == PKT_PUBLIC_KEY ) {
572 primary_pk=node->pkt->pkt.public_key;
573 keyid_from_pk( primary_pk, pk_keyid );
574
575 /* Is this a self-sig? */
576 if(pk_keyid[0]==sk_keyid[0] && pk_keyid[1]==sk_keyid[1])
577 {
578 selfsig=1;
579 /* Do not force a v4 sig here, otherwise it would
580 be difficult to remake a v3 selfsig. If this
581 is a v3->v4 promotion case, then we set
582 force_v4 later anyway. */
583 force_v4=0;
584 }
585 }
586 else if( node->pkt->pkttype == PKT_USER_ID )
587 {
588 uidnode = (node->flag & NODFLG_MARK_A)? node : NULL;
589 if(uidnode)
590 {
591 int yesreally=0;
592 char *user=utf8_to_native(uidnode->pkt->pkt.user_id->name,
593 uidnode->pkt->pkt.user_id->len,
594 0);
595
596 if(uidnode->pkt->pkt.user_id->is_revoked)
597 {
598 tty_printf(_("User ID \"%s\" is revoked."),user);
599
600 if(selfsig)
601 tty_printf("\n");
602 else if(opt.expert)
603 {
604 tty_printf("\n");
605 /* No, so remove the mark and continue */
606 if(!cpr_get_answer_is_yes("sign_uid.revoke_okay",
607 _("Are you sure you "
608 "still want to sign "
609 "it? (y/N) ")))
610 {
611 uidnode->flag &= ~NODFLG_MARK_A;
612 uidnode=NULL;
613 }
614 else if(interactive)
615 yesreally=1;
616 }
617 else
618 {
619 uidnode->flag &= ~NODFLG_MARK_A;
620 uidnode=NULL;
621 tty_printf(_(" Unable to sign.\n"));
622 }
623 }
624 else if(uidnode->pkt->pkt.user_id->is_expired)
625 {
626 tty_printf(_("User ID \"%s\" is expired."),user);
627
628 if(selfsig)
629 tty_printf("\n");
630 else if(opt.expert)
631 {
632 tty_printf("\n");
633 /* No, so remove the mark and continue */
634 if(!cpr_get_answer_is_yes("sign_uid.expire_okay",
635 _("Are you sure you "
636 "still want to sign "
637 "it? (y/N) ")))
638 {
639 uidnode->flag &= ~NODFLG_MARK_A;
640 uidnode=NULL;
641 }
642 else if(interactive)
643 yesreally=1;
644 }
645 else
646 {
647 uidnode->flag &= ~NODFLG_MARK_A;
648 uidnode=NULL;
649 tty_printf(_(" Unable to sign.\n"));
650 }
651 }
652 else if(!uidnode->pkt->pkt.user_id->created && !selfsig)
653 {
654 tty_printf(_("User ID \"%s\" is not self-signed."),
655 user);
656
657 if(opt.expert)
658 {
659 tty_printf("\n");
660 /* No, so remove the mark and continue */
661 if(!cpr_get_answer_is_yes("sign_uid.nosig_okay",
662 _("Are you sure you "
663 "still want to sign "
664 "it? (y/N) ")))
665 {
666 uidnode->flag &= ~NODFLG_MARK_A;
667 uidnode=NULL;
668 }
669 else if(interactive)
670 yesreally=1;
671 }
672 else
673 {
674 uidnode->flag &= ~NODFLG_MARK_A;
675 uidnode=NULL;
676 tty_printf(_(" Unable to sign.\n"));
677 }
678 }
679
680 if(uidnode && interactive && !yesreally)
681 {
682 tty_printf(_("User ID \"%s\" is signable. "),user);
683 if(!cpr_get_answer_is_yes("sign_uid.sign_okay",
684 _("Sign it? (y/N) ")))
685 {
686 uidnode->flag &= ~NODFLG_MARK_A;
687 uidnode=NULL;
688 }
689 }
690
691 xfree(user);
692 }
693 }
694 else if( uidnode && node->pkt->pkttype == PKT_SIGNATURE
695 && (node->pkt->pkt.signature->sig_class&~3) == 0x10 ) {
696 if( sk_keyid[0] == node->pkt->pkt.signature->keyid[0]
697 && sk_keyid[1] == node->pkt->pkt.signature->keyid[1] ) {
698 char buf[50];
699 char *user=utf8_to_native(uidnode->pkt->pkt.user_id->name,
700 uidnode->pkt->pkt.user_id->len,
701 0);
702
703 /* It's a v3 self-sig. Make it into a v4 self-sig? */
704 if(node->pkt->pkt.signature->version<4 && selfsig)
705 {
706 tty_printf(_("The self-signature on \"%s\"\n"
707 "is a PGP 2.x-style signature.\n"),user);
708
709 /* Note that the regular PGP2 warning below
710 still applies if there are no v4 sigs on
711 this key at all. */
712
713 if(opt.expert)
714 if(cpr_get_answer_is_yes("sign_uid.v4_promote_okay",
715 _("Do you want to promote "
716 "it to an OpenPGP self-"
717 "signature? (y/N) ")))
718 {
719 force_v4=1;
720 node->flag|=NODFLG_DELSIG;
721 xfree(user);
722 continue;
723 }
724 }
725
726 /* Is the current signature expired? */
727 if(node->pkt->pkt.signature->flags.expired)
728 {
729 tty_printf(_("Your current signature on \"%s\"\n"
730 "has expired.\n"),user);
731
732 if(cpr_get_answer_is_yes("sign_uid.replace_expired_okay",
733 _("Do you want to issue a "
734 "new signature to replace "
735 "the expired one? (y/N) ")))
736 {
737 /* Mark these for later deletion. We
738 don't want to delete them here, just in
739 case the replacement signature doesn't
740 happen for some reason. We only delete
741 these after the replacement is already
742 in place. */
743
744 node->flag|=NODFLG_DELSIG;
745 xfree(user);
746 continue;
747 }
748 }
749
750 if(!node->pkt->pkt.signature->flags.exportable && !local)
751 {
752 /* It's a local sig, and we want to make a
753 exportable sig. */
754 tty_printf(_("Your current signature on \"%s\"\n"
755 "is a local signature.\n"),user);
756
757 if(cpr_get_answer_is_yes("sign_uid.local_promote_okay",
758 _("Do you want to promote "
759 "it to a full exportable "
760 "signature? (y/N) ")))
761 {
762 /* Mark these for later deletion. We
763 don't want to delete them here, just in
764 case the replacement signature doesn't
765 happen for some reason. We only delete
766 these after the replacement is already
767 in place. */
768
769 node->flag|=NODFLG_DELSIG;
770 xfree(user);
771 continue;
772 }
773 }
774
775 /* Fixme: see whether there is a revocation in which
776 * case we should allow to sign it again. */
777 if (!node->pkt->pkt.signature->flags.exportable && local)
778 tty_printf(_(
779 "\"%s\" was already locally signed by key %s\n"),
780 user,keystr_from_sk(sk));
781 else
782 tty_printf(_("\"%s\" was already signed by key %s\n"),
783 user,keystr_from_sk(sk));
784
785 if(opt.expert
786 && cpr_get_answer_is_yes("sign_uid.dupe_okay",
787 _("Do you want to sign it "
788 "again anyway? (y/N) ")))
789 {
790 /* Don't delete the old sig here since this is
791 an --expert thing. */
792 xfree(user);
793 continue;
794 }
795
796 sprintf (buf, "%08lX%08lX",
797 (ulong)sk->keyid[0], (ulong)sk->keyid[1] );
798 write_status_text (STATUS_ALREADY_SIGNED, buf);
799 uidnode->flag &= ~NODFLG_MARK_A; /* remove mark */
800
801 xfree(user);
802 }
803 }
804 }
805
806 /* check whether any uids are left for signing */
807 if( !count_uids_with_flag(keyblock, NODFLG_MARK_A) )
808 {
809 tty_printf(_("Nothing to sign with key %s\n"),keystr_from_sk(sk));
810 continue;
811 }
812
813 /* Ask whether we really should sign these user id(s) */
814 tty_printf("\n");
815 show_key_with_all_names( keyblock, 1, 0, 1, 0, 0 );
816 tty_printf("\n");
817
818 if(primary_pk->expiredate && !selfsig)
819 {
820 u32 now=make_timestamp();
821
822 if(primary_pk->expiredate<=now)
823 {
824 tty_printf(_("This key has expired!"));
825
826 if(opt.expert)
827 {
828 tty_printf(" ");
829 if(!cpr_get_answer_is_yes("sign_uid.expired_okay",
830 _("Are you sure you still "
831 "want to sign it? (y/N) ")))
832 continue;
833 }
834 else
835 {
836 tty_printf(_(" Unable to sign.\n"));
837 continue;
838 }
839 }
840 else
841 {
842 tty_printf(_("This key is due to expire on %s.\n"),
843 expirestr_from_pk(primary_pk));
844
845 if(opt.ask_cert_expire)
846 {
847 char *answer=cpr_get("sign_uid.expire",
848 _("Do you want your signature to "
849 "expire at the same time? (Y/n) "));
850 if(answer_is_yes_no_default(answer,1))
851 {
852 /* This fixes the signature timestamp we're
853 going to make as now. This is so the
854 expiration date is exactly correct, and not
855 a few seconds off (due to the time it takes
856 to answer the questions, enter the
857 passphrase, etc). */
858 timestamp=now;
859 duration=primary_pk->expiredate-now;
860 force_v4=1;
861 }
862
863 cpr_kill_prompt();
864 xfree(answer);
865 }
866 }
867 }
868
869 /* Only ask for duration if we haven't already set it to match
870 the expiration of the pk */
871 if(!duration && !selfsig)
872 {
873 if(opt.ask_cert_expire)
874 duration=ask_expire_interval(1,opt.def_cert_expire);
875 else
876 duration=parse_expire_string(opt.def_cert_expire);
877 }
878
879 if(duration)
880 force_v4=1;
881
882 /* Is --pgp2 on, it's a v3 key, all the sigs on the key are
883 currently v3 and we're about to sign it with a v4 sig? If
884 so, danger! */
885 if(PGP2 && all_v3 &&
886 (sk->version>3 || force_v4) && primary_pk->version<=3)
887 {
888 tty_printf(_("You may not make an OpenPGP signature on a "
889 "PGP 2.x key while in --pgp2 mode.\n"));
890 tty_printf(_("This would make the key unusable in PGP 2.x.\n"));
891
892 if(opt.expert)
893 {
894 if(!cpr_get_answer_is_yes("sign_uid.v4_on_v3_okay",
895 _("Are you sure you still "
896 "want to sign it? (y/N) ")))
897 continue;
898
899 all_v3=0;
900 }
901 else
902 continue;
903 }
904
905 if(selfsig)
906 ;
907 else
908 {
909 if(opt.batch || !opt.ask_cert_level)
910 class=0x10+opt.def_cert_level;
911 else
912 {
913 char *answer;
914
915 tty_printf(_("How carefully have you verified the key you are "
916 "about to sign actually belongs\nto the person "
917 "named above? If you don't know what to "
918 "answer, enter \"0\".\n"));
919 tty_printf("\n");
920 tty_printf(_(" (0) I will not answer.%s\n"),
921 opt.def_cert_level==0?" (default)":"");
922 tty_printf(_(" (1) I have not checked at all.%s\n"),
923 opt.def_cert_level==1?" (default)":"");
924 tty_printf(_(" (2) I have done casual checking.%s\n"),
925 opt.def_cert_level==2?" (default)":"");
926 tty_printf(_(" (3) I have done very careful checking.%s\n"),
927 opt.def_cert_level==3?" (default)":"");
928 tty_printf("\n");
929
930 while(class==0)
931 {
932 answer = cpr_get("sign_uid.class",_("Your selection? "
933 "(enter `?' for more information): "));
934 if(answer[0]=='\0')
935 class=0x10+opt.def_cert_level; /* Default */
936 else if(ascii_strcasecmp(answer,"0")==0)
937 class=0x10; /* Generic */
938 else if(ascii_strcasecmp(answer,"1")==0)
939 class=0x11; /* Persona */
940 else if(ascii_strcasecmp(answer,"2")==0)
941 class=0x12; /* Casual */
942 else if(ascii_strcasecmp(answer,"3")==0)
943 class=0x13; /* Positive */
944 else
945 tty_printf(_("Invalid selection.\n"));
946
947 xfree(answer);
948 }
949 }
950
951 if(trust)
952 trustsig_prompt(&trust_value,&trust_depth,&trust_regexp);
953 }
954
955 p=get_user_id_native(sk_keyid);
956 tty_printf(_("Are you sure that you want to sign this key with your\n"
957 "key \"%s\" (%s)\n"),p,keystr_from_sk(sk));
958 xfree(p);
959
960 if(selfsig)
961 {
962 tty_printf("\n");
963 tty_printf(_("This will be a self-signature.\n"));
964
965 if( local )
966 {
967 tty_printf("\n");
968 tty_printf(
969 _("WARNING: the signature will not be marked "
970 "as non-exportable.\n"));
971 }
972
973 if( nonrevocable )
974 {
975 tty_printf("\n");
976 tty_printf(
977 _("WARNING: the signature will not be marked "
978 "as non-revocable.\n"));
979 }
980 }
981 else
982 {
983 if( local )
984 {
985 tty_printf("\n");
986 tty_printf(
987 _("The signature will be marked as non-exportable.\n"));
988 }
989
990 if( nonrevocable )
991 {
992 tty_printf("\n");
993 tty_printf(
994 _("The signature will be marked as non-revocable.\n"));
995 }
996
997 switch(class)
998 {
999 case 0x11:
1000 tty_printf("\n");
1001 tty_printf(_("I have not checked this key at all.\n"));
1002 break;
1003
1004 case 0x12:
1005 tty_printf("\n");
1006 tty_printf(_("I have checked this key casually.\n"));
1007 break;
1008
1009 case 0x13:
1010 tty_printf("\n");
1011 tty_printf(_("I have checked this key very carefully.\n"));
1012 break;
1013 }
1014 }
1015
1016 tty_printf("\n");
1017
1018 if( opt.batch && opt.answer_yes )
1019 ;
1020 else if( !cpr_get_answer_is_yes("sign_uid.okay",
1021 _("Really sign? (y/N) ")) )
1022 continue;
1023
1024 /* now we can sign the user ids */
1025 reloop: /* (must use this, because we are modifing the list) */
1026 primary_pk = NULL;
1027 for( node=keyblock; node; node = node->next ) {
1028 if( node->pkt->pkttype == PKT_PUBLIC_KEY )
1029 primary_pk = node->pkt->pkt.public_key;
1030 else if( node->pkt->pkttype == PKT_USER_ID
1031 && (node->flag & NODFLG_MARK_A) ) {
1032 PACKET *pkt;
1033 PKT_signature *sig;
1034 struct sign_attrib attrib;
1035
1036 assert( primary_pk );
1037 memset( &attrib, 0, sizeof attrib );
1038 attrib.non_exportable = local;
1039 attrib.non_revocable = nonrevocable;
1040 attrib.trust_depth = trust_depth;
1041 attrib.trust_value = trust_value;
1042 attrib.trust_regexp = trust_regexp;
1043 node->flag &= ~NODFLG_MARK_A;
1044
1045 /* we force creation of a v4 signature for local
1046 * signatures, otherwise we would not generate the
1047 * subpacket with v3 keys and the signature becomes
1048 * exportable */
1049
1050 if(selfsig)
1051 rc = make_keysig_packet( &sig, primary_pk,
1052 node->pkt->pkt.user_id,
1053 NULL,
1054 sk,
1055 0x13, 0, force_v4?4:0, 0, 0,
1056 keygen_add_std_prefs, primary_pk);
1057 else
1058 rc = make_keysig_packet( &sig, primary_pk,
1059 node->pkt->pkt.user_id,
1060 NULL,
1061 sk,
1062 class, 0, force_v4?4:0,
1063 timestamp, duration,
1064 sign_mk_attrib, &attrib );
1065 if( rc ) {
1066 log_error(_("signing failed: %s\n"), g10_errstr(rc));
1067 goto leave;
1068 }
1069
1070 *ret_modified = 1; /* we changed the keyblock */
1071 update_trust = 1;
1072
1073 pkt = xmalloc_clear( sizeof *pkt );
1074 pkt->pkttype = PKT_SIGNATURE;
1075 pkt->pkt.signature = sig;
1076 insert_kbnode( node, new_kbnode(pkt), PKT_SIGNATURE );
1077 goto reloop;
1078 }
1079 }
1080
1081 /* Delete any sigs that got promoted */
1082 for( node=keyblock; node; node = node->next )
1083 if( node->flag & NODFLG_DELSIG)
1084 delete_kbnode(node);
1085 } /* end loop over signators */
1086
1087 leave:
1088 release_sk_list( sk_list );
1089 if( sk )
1090 free_secret_key(sk);
1091 return rc;
1092 }
1093
1094
1095
1096 /****************
1097 * Change the passphrase of the primary and all secondary keys.
1098 * We use only one passphrase for all keys.
1099 */
1100 static int
1101 change_passphrase( KBNODE keyblock )
1102 {
1103 int rc = 0;
1104 int changed=0;
1105 KBNODE node;
1106 PKT_secret_key *sk;
1107 char *passphrase = NULL;
1108 int no_primary_secrets = 0;
1109 int any;
1110
1111 node = find_kbnode( keyblock, PKT_SECRET_KEY );
1112 if( !node ) {
1113 log_error("Oops; secret key not found anymore!\n");
1114 goto leave;
1115 }
1116 sk = node->pkt->pkt.secret_key;
1117
1118 for (any = 0, node=keyblock; node; node = node->next) {
1119 if (node->pkt->pkttype == PKT_SECRET_KEY
1120 || node->pkt->pkttype == PKT_SECRET_SUBKEY) {
1121 PKT_secret_key *tmpsk = node->pkt->pkt.secret_key;
1122 if (!(tmpsk->is_protected
1123 && (tmpsk->protect.s2k.mode == 1001
1124 || tmpsk->protect.s2k.mode == 1002))) {
1125 any = 1;
1126 break;
1127 }
1128 }
1129 }
1130 if (!any) {
1131 tty_printf (_("Key has only stub or on-card key items - "
1132 "no passphrase to change.\n"));
1133 goto leave;
1134 }
1135
1136 /* See how to handle this key. */
1137 switch( is_secret_key_protected( sk ) ) {
1138 case -1:
1139 rc = G10ERR_PUBKEY_ALGO;
1140 break;
1141 case 0:
1142 tty_printf(_("This key is not protected.\n"));
1143 break;
1144 default:
1145 if( sk->protect.s2k.mode == 1001 ) {
1146 tty_printf(_("Secret parts of primary key are not available.\n"));
1147 no_primary_secrets = 1;
1148 }
1149 else if( sk->protect.s2k.mode == 1002 ) {
1150 tty_printf(_("Secret parts of primary key are stored on-card.\n"));
1151 no_primary_secrets = 1;
1152 }
1153 else {
1154 u32 keyid[2];
1155
1156 tty_printf(_("Key is protected.\n"));
1157
1158 /* Clear the passphrase cache so that the user is required
1159 to enter the old passphrase. */
1160 keyid_from_sk (sk, keyid);
1161 passphrase_clear_cache (keyid, NULL, 0);
1162
1163 rc = check_secret_key( sk, 0 );
1164 if( !rc )
1165 passphrase = get_last_passphrase();
1166 }
1167 break;
1168 }
1169
1170 /* Unprotect all subkeys (use the supplied passphrase or ask)*/
1171 for(node=keyblock; !rc && node; node = node->next ) {
1172 if( node->pkt->pkttype == PKT_SECRET_SUBKEY ) {
1173 PKT_secret_key *subsk = node->pkt->pkt.secret_key;
1174 if ( !(subsk->is_protected
1175 && (subsk->protect.s2k.mode == 1001
1176 || subsk->protect.s2k.mode == 1002))) {
1177 set_next_passphrase( passphrase );
1178 rc = check_secret_key( subsk, 0 );
1179 if( !rc && !passphrase )
1180 passphrase = get_last_passphrase();
1181 }
1182 }
1183 }
1184
1185 if( rc )
1186 tty_printf(_("Can't edit this key: %s\n"), g10_errstr(rc));
1187 else {
1188 DEK *dek = NULL;
1189 STRING2KEY *s2k = xmalloc_secure( sizeof *s2k );
1190 const char *errtext = NULL;
1191
1192 tty_printf(_("Enter the new passphrase for this secret key.\n\n") );
1193
1194 set_next_passphrase( NULL );
1195 for(;;) {
1196 int canceled;
1197
1198 s2k->mode = opt.s2k_mode;
1199 s2k->hash_algo = S2K_DIGEST_ALGO;
1200 dek = passphrase_to_dek( NULL, 0, opt.s2k_cipher_algo,
1201 s2k, 2, errtext, &canceled);
1202 if (!dek && canceled) {
1203 rc = GPG_ERR_CANCELED;
1204 break;
1205 }
1206 else if( !dek ) {
1207 errtext = N_("passphrase not correctly repeated; try again");
1208 tty_printf ("%s.\n", _(errtext));
1209 }
1210 else if( !dek->keylen ) {
1211 rc = 0;
1212 tty_printf(_( "You don't want a passphrase -"
1213 " this is probably a *bad* idea!\n\n"));
1214 if( cpr_get_answer_is_yes("change_passwd.empty.okay",
1215 _("Do you really want to do this? (y/N) ")))
1216 {
1217 changed++;
1218 break;
1219 }
1220 }
1221 else { /* okay */
1222 rc = 0;
1223 if( !no_primary_secrets ) {
1224 sk->protect.algo = dek->algo;
1225 sk->protect.s2k = *s2k;
1226 rc = protect_secret_key( sk, dek );
1227 }
1228 for(node=keyblock; !rc && node; node = node->next ) {
1229 if( node->pkt->pkttype == PKT_SECRET_SUBKEY ) {
1230 PKT_secret_key *subsk = node->pkt->pkt.secret_key;
1231 if ( !(subsk->is_protected
1232 && (subsk->protect.s2k.mode == 1001
1233 || subsk->protect.s2k.mode == 1002))) {
1234 subsk->protect.algo = dek->algo;
1235 subsk->protect.s2k = *s2k;
1236 rc = protect_secret_key( subsk, dek );
1237 }
1238 }
1239 }
1240 if( rc )
1241 log_error("protect_secret_key failed: %s\n",
1242 g10_errstr(rc) );
1243 else
1244 {
1245 u32 keyid[2];
1246
1247 /* Clear the cahce again so that the user is
1248 required to enter the new passphrase at the
1249 next operation. */
1250 keyid_from_sk (sk, keyid);
1251 passphrase_clear_cache (keyid, NULL, 0);
1252
1253 changed++;
1254 }
1255 break;
1256 }
1257 }
1258 xfree(s2k);
1259 xfree(dek);
1260 }
1261
1262 leave:
1263 xfree( passphrase );
1264 set_next_passphrase( NULL );
1265 return changed && !rc;
1266 }
1267
1268
1269 /****************
1270 * There are some keys out (due to a bug in gnupg), where the sequence
1271 * of the packets is wrong. This function fixes that.
1272 * Returns: true if the keyblock has been fixed.
1273 *
1274 * Note: This function does not work if there is more than one user ID.
1275 */
1276 static int
1277 fix_keyblock( KBNODE keyblock )
1278 {
1279 KBNODE node, last, subkey;
1280 int fixed=0;
1281
1282 /* locate key signatures of class 0x10..0x13 behind sub key packets */
1283 for( subkey=last=NULL, node = keyblock; node;
1284 last=node, node = node->next ) {
1285 switch( node->pkt->pkttype ) {
1286 case PKT_PUBLIC_SUBKEY:
1287 case PKT_SECRET_SUBKEY:
1288 if( !subkey )
1289 subkey = last; /* actually it is the one before the subkey */
1290 break;
1291 case PKT_SIGNATURE:
1292 if( subkey ) {
1293 PKT_signature *sig = node->pkt->pkt.signature;
1294 if( sig->sig_class >= 0x10 && sig->sig_class <= 0x13 ) {
1295 log_info(_(
1296 "moving a key signature to the correct place\n"));
1297 last->next = node->next;
1298 node->next = subkey->next;
1299 subkey->next = node;
1300 node = last;
1301 fixed=1;
1302 }
1303 }
1304 break;
1305 default: break;
1306 }
1307 }
1308
1309 return fixed;
1310 }
1311
1312 static int
1313 parse_sign_type(const char *str,int *localsig,int *nonrevokesig,int *trustsig)
1314 {
1315 const char *p=str;
1316
1317 while(*p)
1318 {
1319 if(ascii_strncasecmp(p,"l",1)==0)
1320 {
1321 *localsig=1;
1322 p++;
1323 }
1324 else if(ascii_strncasecmp(p,"nr",2)==0)
1325 {
1326 *nonrevokesig=1;
1327 p+=2;
1328 }
1329 else if(ascii_strncasecmp(p,"t",1)==0)
1330 {
1331 *trustsig=1;
1332 p++;
1333 }
1334 else
1335 return 0;
1336 }
1337
1338 return 1;
1339 }
1340
1341 \f
1342 /****************
1343 * Menu driven key editor. If seckey_check is true, then a secret key
1344 * that matches username will be looked for. If it is false, not all
1345 * commands will be available.
1346 *
1347 * Note: to keep track of some selection we use node->mark MARKBIT_xxxx.
1348 */
1349
1350 /* Need an SK for this command */
1351 #define KEYEDIT_NEED_SK 1
1352 /* Cannot be viewing the SK for this command */
1353 #define KEYEDIT_NOT_SK 2
1354 /* Must be viewing the SK for this command */
1355 #define KEYEDIT_ONLY_SK 4
1356 /* Match the tail of the string */
1357 #define KEYEDIT_TAIL_MATCH 8
1358
1359 enum cmdids
1360 {
1361 cmdNONE = 0,
1362 cmdQUIT, cmdHELP, cmdFPR, cmdLIST, cmdSELUID, cmdCHECK, cmdSIGN,
1363 cmdREVSIG, cmdREVKEY, cmdREVUID, cmdDELSIG, cmdPRIMARY, cmdDEBUG,
1364 cmdSAVE, cmdADDUID, cmdADDPHOTO, cmdDELUID, cmdADDKEY, cmdDELKEY,
1365 cmdADDREVOKER, cmdTOGGLE, cmdSELKEY, cmdPASSWD, cmdTRUST, cmdPREF,
1366 cmdEXPIRE, cmdBACKSIGN, cmdENABLEKEY, cmdDISABLEKEY, cmdSHOWPREF,
1367 cmdSETPREF, cmdPREFKS, cmdNOTATION, cmdINVCMD, cmdSHOWPHOTO, cmdUPDTRUST,
1368 cmdCHKTRUST, cmdADDCARDKEY, cmdKEYTOCARD, cmdBKUPTOCARD, cmdCLEAN,
1369 cmdMINIMIZE, cmdNOP
1370 };
1371
1372 static struct
1373 {
1374 const char *name;
1375 enum cmdids id;
1376 int flags;
1377 const char *desc;
1378 } cmds[] =
1379 {
1380 { "quit" , cmdQUIT , 0, N_("quit this menu") },
1381 { "q" , cmdQUIT , 0, NULL },
1382 { "save" , cmdSAVE , 0, N_("save and quit") },
1383 { "help" , cmdHELP , 0, N_("show this help") },
1384 { "?" , cmdHELP , 0, NULL },
1385 { "fpr" , cmdFPR , 0, N_("show key fingerprint") },
1386 { "list" , cmdLIST , 0, N_("list key and user IDs") },
1387 { "l" , cmdLIST , 0, NULL },
1388 { "uid" , cmdSELUID , 0, N_("select user ID N") },
1389 { "key" , cmdSELKEY , 0, N_("select subkey N") },
1390 { "check" , cmdCHECK , 0, N_("check signatures") },
1391 { "c" , cmdCHECK , 0, NULL },
1392 { "cross-certify", cmdBACKSIGN , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK, NULL },
1393 { "backsign", cmdBACKSIGN , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK, NULL },
1394 { "sign" , cmdSIGN , KEYEDIT_NOT_SK|KEYEDIT_TAIL_MATCH,
1395 N_("sign selected user IDs [* see below for related commands]") },
1396 { "s" , cmdSIGN , KEYEDIT_NOT_SK, NULL },
1397 /* "lsign" and friends will never match since "sign" comes first
1398 and it is a tail match. They are just here so they show up in
1399 the help menu. */
1400 { "lsign" , cmdNOP , 0, N_("sign selected user IDs locally") },
1401 { "tsign" , cmdNOP , 0,
1402 N_("sign selected user IDs with a trust signature") },
1403 { "nrsign" , cmdNOP , 0,
1404 N_("sign selected user IDs with a non-revocable signature") },
1405
1406 { "debug" , cmdDEBUG , 0, NULL },
1407 { "adduid" , cmdADDUID , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1408 N_("add a user ID") },
1409 { "addphoto", cmdADDPHOTO , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1410 N_("add a photo ID") },
1411 { "deluid" , cmdDELUID , KEYEDIT_NOT_SK,
1412 N_("delete selected user IDs") },
1413 /* delphoto is really deluid in disguise */
1414 { "delphoto", cmdDELUID , KEYEDIT_NOT_SK, NULL },
1415
1416 { "addkey" , cmdADDKEY , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1417 N_("add a subkey") },
1418
1419 #ifdef ENABLE_CARD_SUPPORT
1420 { "addcardkey", cmdADDCARDKEY , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1421 N_("add a key to a smartcard") },
1422 { "keytocard", cmdKEYTOCARD , KEYEDIT_NEED_SK|KEYEDIT_ONLY_SK,
1423 N_("move a key to a smartcard")},
1424 { "bkuptocard", cmdBKUPTOCARD , KEYEDIT_NEED_SK|KEYEDIT_ONLY_SK,
1425 N_("move a backup key to a smartcard")},
1426 #endif /*ENABLE_CARD_SUPPORT*/
1427
1428 { "delkey" , cmdDELKEY , KEYEDIT_NOT_SK,
1429 N_("delete selected subkeys") },
1430 { "addrevoker",cmdADDREVOKER,KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1431 N_("add a revocation key") },
1432 { "delsig" , cmdDELSIG , KEYEDIT_NOT_SK,
1433 N_("delete signatures from the selected user IDs") },
1434 { "expire" , cmdEXPIRE , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1435 N_("change the expiration date for the key or selected subkeys") },
1436 { "primary" , cmdPRIMARY , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1437 N_("flag the selected user ID as primary")},
1438 { "toggle" , cmdTOGGLE , KEYEDIT_NEED_SK,
1439 N_("toggle between the secret and public key listings") },
1440 { "t" , cmdTOGGLE , KEYEDIT_NEED_SK, NULL },
1441 { "pref" , cmdPREF , KEYEDIT_NOT_SK,
1442 N_("list preferences (expert)")},
1443 { "showpref", cmdSHOWPREF , KEYEDIT_NOT_SK,
1444 N_("list preferences (verbose)") },
1445 { "setpref" , cmdSETPREF , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1446 N_("set preference list for the selected user IDs") },
1447 /* Alias */
1448 { "updpref" , cmdSETPREF , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK, NULL },
1449
1450 { "keyserver",cmdPREFKS , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1451 N_("set the preferred keyserver URL for the selected user IDs")},
1452 { "notation", cmdNOTATION , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1453 N_("set a notation for the selected user IDs")},
1454 { "passwd" , cmdPASSWD , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1455 N_("change the passphrase") },
1456 /* Alias */
1457 { "password", cmdPASSWD , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK, NULL },
1458
1459 { "trust" , cmdTRUST , KEYEDIT_NOT_SK, N_("change the ownertrust") },
1460 { "revsig" , cmdREVSIG , KEYEDIT_NOT_SK,
1461 N_("revoke signatures on the selected user IDs") },
1462 { "revuid" , cmdREVUID , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1463 N_("revoke selected user IDs") },
1464 /* Alias */
1465 { "revphoto", cmdREVUID , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK, NULL },
1466
1467 { "revkey" , cmdREVKEY , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1468 N_("revoke key or selected subkeys") },
1469 { "enable" , cmdENABLEKEY , KEYEDIT_NOT_SK, N_("enable key") },
1470 { "disable" , cmdDISABLEKEY, KEYEDIT_NOT_SK, N_("disable key") },
1471 { "showphoto",cmdSHOWPHOTO , 0, N_("show selected photo IDs") },
1472 { "clean", cmdCLEAN , KEYEDIT_NOT_SK,
1473 N_("compact unusable user IDs and remove unusable signatures from key")},
1474 { "minimize", cmdMINIMIZE , KEYEDIT_NOT_SK,
1475 N_("compact unusable user IDs and remove all signatures from key") },
1476 { NULL, cmdNONE, 0, NULL }
1477 };
1478
1479 #ifdef HAVE_LIBREADLINE
1480
1481 /* These two functions are used by readline for command completion. */
1482
1483 static char *
1484 command_generator(const char *text,int state)
1485 {
1486 static int list_index,len;
1487 const char *name;
1488
1489 /* If this is a new word to complete, initialize now. This includes
1490 saving the length of TEXT for efficiency, and initializing the
1491 index variable to 0. */
1492 if(!state)
1493 {
1494 list_index=0;
1495 len=strlen(text);
1496 }
1497
1498 /* Return the next partial match */
1499 while((name=cmds[list_index].name))
1500 {
1501 /* Only complete commands that have help text */
1502 if(cmds[list_index++].desc && strncmp(name,text,len)==0)
1503 return strdup(name);
1504 }
1505
1506 return NULL;
1507 }
1508
1509 static char **
1510 keyedit_completion(const char *text, int start, int end)
1511 {
1512 /* If we are at the start of a line, we try and command-complete.
1513 If not, just do nothing for now. */
1514
1515 (void)end;
1516
1517 if(start==0)
1518 return rl_completion_matches(text,command_generator);
1519
1520 rl_attempted_completion_over=1;
1521
1522 return NULL;
1523 }
1524 #endif /* HAVE_LIBREADLINE */
1525
1526
1527 void
1528 keyedit_menu( const char *username, strlist_t locusr,
1529 strlist_t commands, int quiet, int seckey_check )
1530 {
1531 enum cmdids cmd = 0;
1532 int rc = 0;
1533 KBNODE keyblock = NULL;
1534 KEYDB_HANDLE kdbhd = NULL;
1535 KBNODE sec_keyblock = NULL;
1536 KEYDB_HANDLE sec_kdbhd = NULL;
1537 KBNODE cur_keyblock;
1538 char *answer = NULL;
1539 int redisplay = 1;
1540 int modified = 0;
1541 int sec_modified = 0;
1542 int toggle;
1543 int have_commands = !!commands;
1544
1545 if ( opt.command_fd != -1 )
1546 ;
1547 else if( opt.batch && !have_commands )
1548 {
1549 log_error(_("can't do this in batch mode\n"));
1550 goto leave;
1551 }
1552
1553 #ifdef HAVE_W32_SYSTEM
1554 /* Due to Windows peculiarities we need to make sure that the
1555 trustdb stale check is done before we open another file
1556 (i.e. by searching for a key). In theory we could make sure
1557 that the files are closed after use but the open/close caches
1558 inhibits that and flushing the cache right before the stale
1559 check is not easy to implement. Thus we take the easy way out
1560 and run the stale check as early as possible. Note, that for
1561 non- W32 platforms it is run indirectly trough a call to
1562 get_validity (). */
1563 check_trustdb_stale ();
1564 #endif
1565
1566 /* Get the public key */
1567 rc = get_pubkey_byname (NULL, NULL, username, &keyblock, &kdbhd, 1, 1);
1568 if( rc )
1569 goto leave;
1570 if( fix_keyblock( keyblock ) )
1571 modified++;
1572 if( collapse_uids( &keyblock ) )
1573 modified++;
1574 reorder_keyblock(keyblock);
1575 /* We modified the keyblock, so let's make sure the flags are
1576 right. */
1577 if (modified)
1578 merge_keys_and_selfsig (keyblock);
1579
1580 if(seckey_check)
1581 {/* see whether we have a matching secret key */
1582 PKT_public_key *pk = keyblock->pkt->pkt.public_key;
1583
1584 sec_kdbhd = keydb_new (1);
1585 {
1586 byte afp[MAX_FINGERPRINT_LEN];
1587 size_t an;
1588
1589 fingerprint_from_pk (pk, afp, &an);
1590 while (an < MAX_FINGERPRINT_LEN)
1591 afp[an++] = 0;
1592 rc = keydb_search_fpr (sec_kdbhd, afp);
1593 }
1594 if (!rc)
1595 {
1596 rc = keydb_get_keyblock (sec_kdbhd, &sec_keyblock);
1597 if (rc)
1598 {
1599 log_error (_("error reading secret keyblock \"%s\": %s\n"),
1600 username, g10_errstr(rc));
1601 }
1602 else
1603 {
1604 merge_keys_and_selfsig( sec_keyblock );
1605 if( fix_keyblock( sec_keyblock ) )
1606 sec_modified++;
1607 }
1608 }
1609
1610 if (rc) {
1611 sec_keyblock = NULL;
1612 keydb_release (sec_kdbhd); sec_kdbhd = NULL;
1613 rc = 0;
1614 }
1615
1616 if( sec_keyblock && !quiet )
1617 tty_printf(_("Secret key is available.\n"));
1618 }
1619
1620 toggle = 0;
1621 cur_keyblock = keyblock;
1622 for(;;) { /* main loop */
1623 int i, arg_number, photo;
1624 const char *arg_string = "";
1625 char *p;
1626 PKT_public_key *pk=keyblock->pkt->pkt.public_key;
1627
1628 tty_printf("\n");
1629
1630 if( redisplay && !quiet )
1631 {
1632 show_key_with_all_names( cur_keyblock, 0, 1, 0, 1, 0 );
1633 tty_printf("\n");
1634 redisplay = 0;
1635 }
1636 do {
1637 xfree(answer);
1638 if( have_commands ) {
1639 if( commands ) {
1640 answer = xstrdup( commands->d );
1641 commands = commands->next;
1642 }
1643 else if( opt.batch ) {
1644 answer = xstrdup("quit");
1645 }
1646 else
1647 have_commands = 0;
1648 }
1649 if( !have_commands )
1650 {
1651 #ifdef HAVE_LIBREADLINE
1652 tty_enable_completion(keyedit_completion);
1653 #endif
1654 answer = cpr_get_no_help("keyedit.prompt", _("Command> "));
1655 cpr_kill_prompt();
1656 tty_disable_completion();
1657 }
1658 trim_spaces(answer);
1659 } while( *answer == '#' );
1660
1661 arg_number = 0; /* Yes, here is the init which egcc complains about */
1662 photo = 0; /* This too */
1663 if( !*answer )
1664 cmd = cmdLIST;
1665 else if( *answer == CONTROL_D )
1666 cmd = cmdQUIT;
1667 else if( digitp(answer ) ) {
1668 cmd = cmdSELUID;
1669 arg_number = atoi(answer);
1670 }
1671 else {
1672 if( (p=strchr(answer,' ')) ) {
1673 *p++ = 0;
1674 trim_spaces(answer);
1675 trim_spaces(p);
1676 arg_number = atoi(p);
1677 arg_string = p;
1678 }
1679
1680 for(i=0; cmds[i].name; i++ )
1681 {
1682 if(cmds[i].flags & KEYEDIT_TAIL_MATCH)
1683 {
1684 size_t l=strlen(cmds[i].name);
1685 size_t a=strlen(answer);
1686 if(a>=l)
1687 {
1688 if(ascii_strcasecmp(&answer[a-l],cmds[i].name)==0)
1689 {
1690 answer[a-l]='\0';
1691 break;
1692 }
1693 }
1694 }
1695 else if( !ascii_strcasecmp( answer, cmds[i].name ) )
1696 break;
1697 }
1698 if((cmds[i].flags & KEYEDIT_NEED_SK) && !sec_keyblock )
1699 {
1700 tty_printf(_("Need the secret key to do this.\n"));
1701 cmd = cmdNOP;
1702 }
1703 else if(((cmds[i].flags & KEYEDIT_NOT_SK) && sec_keyblock
1704 && toggle)
1705 ||((cmds[i].flags & KEYEDIT_ONLY_SK) && sec_keyblock
1706 && !toggle))
1707 {
1708 tty_printf(_("Please use the command \"toggle\" first.\n"));
1709 cmd = cmdNOP;
1710 }
1711 else
1712 cmd = cmds[i].id;
1713 }
1714 switch( cmd )
1715 {
1716 case cmdHELP:
1717 for(i=0; cmds[i].name; i++ )
1718 {
1719 if((cmds[i].flags & KEYEDIT_NEED_SK) && !sec_keyblock )
1720 ; /* skip if we do not have the secret key */
1721 else if( cmds[i].desc )
1722 tty_printf("%-11s %s\n", cmds[i].name, _(cmds[i].desc) );
1723 }
1724
1725 tty_printf("\n");
1726 tty_printf(_(
1727 "* The `sign' command may be prefixed with an `l' for local "
1728 "signatures (lsign),\n"
1729 " a `t' for trust signatures (tsign), an `nr' for non-revocable signatures\n"
1730 " (nrsign), or any combination thereof (ltsign, tnrsign, etc.).\n"));
1731
1732 break;
1733
1734 case cmdLIST:
1735 redisplay = 1;
1736 break;
1737
1738 case cmdFPR:
1739 show_key_and_fingerprint( keyblock );
1740 break;
1741
1742 case cmdSELUID:
1743 if(strlen(arg_string)==NAMEHASH_LEN*2)
1744 redisplay=menu_select_uid_namehash(cur_keyblock,arg_string);
1745 else
1746 redisplay=menu_select_uid(cur_keyblock,arg_number);
1747 break;
1748
1749 case cmdSELKEY:
1750 if( menu_select_key( cur_keyblock, arg_number ) )
1751 redisplay = 1;
1752 break;
1753
1754 case cmdCHECK:
1755 /* we can only do this with the public key becuase the
1756 * check functions can't cope with secret keys and it
1757 * is questionable whether this would make sense at all */
1758 check_all_keysigs( keyblock, count_selected_uids(keyblock) );
1759 break;
1760
1761 case cmdSIGN: /* sign (only the public key) */
1762 {
1763 int localsig=0,nonrevokesig=0,trustsig=0,interactive=0;
1764
1765 if( pk->is_revoked )
1766 {
1767 tty_printf(_("Key is revoked."));
1768
1769 if(opt.expert)
1770 {
1771 tty_printf(" ");
1772 if(!cpr_get_answer_is_yes("keyedit.sign_revoked.okay",
1773 _("Are you sure you still want"
1774 " to sign it? (y/N) ")))
1775 break;
1776 }
1777 else
1778 {
1779 tty_printf(_(" Unable to sign.\n"));
1780 break;
1781 }
1782 }
1783
1784 if(count_uids(keyblock) > 1 && !count_selected_uids(keyblock)
1785 && !cpr_get_answer_is_yes("keyedit.sign_all.okay",
1786 _("Really sign all user IDs?"
1787 " (y/N) ")))
1788 {
1789 if(opt.interactive)
1790 interactive=1;
1791 else
1792 {
1793 tty_printf(_("Hint: Select the user IDs to sign\n"));
1794 have_commands = 0;
1795 break;
1796 }
1797
1798 }
1799 /* What sort of signing are we doing? */
1800 if(!parse_sign_type(answer,&localsig,&nonrevokesig,&trustsig))
1801 {
1802 tty_printf(_("Unknown signature type `%s'\n"),answer);
1803 break;
1804 }
1805
1806 sign_uids(keyblock, locusr, &modified,
1807 localsig, nonrevokesig, trustsig, interactive);
1808 }
1809 break;
1810
1811 case cmdDEBUG:
1812 dump_kbnode( cur_keyblock );
1813 break;
1814
1815 case cmdTOGGLE:
1816 toggle = !toggle;
1817 cur_keyblock = toggle? sec_keyblock : keyblock;
1818 redisplay = 1;
1819 break;
1820
1821 case cmdADDPHOTO:
1822 if (RFC2440 || RFC1991 || PGP2)
1823 {
1824 tty_printf(
1825 _("This command is not allowed while in %s mode.\n"),
1826 compliance_option_string());
1827 break;
1828 }
1829 photo=1;
1830 /* fall through */
1831
1832 case cmdADDUID:
1833 if( menu_adduid( keyblock, sec_keyblock, photo, arg_string ) )
1834 {
1835 update_trust = 1;
1836 redisplay = 1;
1837 sec_modified = modified = 1;
1838 merge_keys_and_selfsig( sec_keyblock );
1839 merge_keys_and_selfsig( keyblock );
1840 }
1841 break;
1842
1843 case cmdDELUID: {
1844 int n1;
1845
1846 if( !(n1=count_selected_uids(keyblock)) )
1847 tty_printf(_("You must select at least one user ID.\n"));
1848 else if( real_uids_left(keyblock) < 1 )
1849 tty_printf(_("You can't delete the last user ID!\n"));
1850 else if( cpr_get_answer_is_yes("keyedit.remove.uid.okay",
1851 n1 > 1? _("Really remove all selected user IDs? (y/N) ")
1852 : _("Really remove this user ID? (y/N) ")
1853 ) ) {
1854 menu_deluid( keyblock, sec_keyblock );
1855 redisplay = 1;
1856 modified = 1;
1857 if( sec_keyblock )
1858 sec_modified = 1;
1859 }
1860 }
1861 break;
1862
1863 case cmdDELSIG: {
1864 int n1;
1865
1866 if( !(n1=count_selected_uids(keyblock)) )
1867 tty_printf(_("You must select at least one user ID.\n"));
1868 else if( menu_delsig( keyblock ) ) {
1869 /* no redisplay here, because it may scroll away some
1870 * status output of delsig */
1871 modified = 1;
1872 }
1873 }
1874 break;
1875
1876 case cmdADDKEY:
1877 if( generate_subkeypair( keyblock, sec_keyblock ) ) {
1878 redisplay = 1;
1879 sec_modified = modified = 1;
1880 merge_keys_and_selfsig( sec_keyblock );
1881 merge_keys_and_selfsig( keyblock );
1882 }
1883 break;
1884
1885 #ifdef ENABLE_CARD_SUPPORT
1886 case cmdADDCARDKEY:
1887 if (card_generate_subkey (keyblock, sec_keyblock)) {
1888 redisplay = 1;
1889 sec_modified = modified = 1;
1890 merge_keys_and_selfsig( sec_keyblock );
1891 merge_keys_and_selfsig( keyblock );
1892 }
1893 break;
1894
1895 case cmdKEYTOCARD:
1896 {
1897 KBNODE node=NULL;
1898 switch ( count_selected_keys (sec_keyblock) )
1899 {
1900 case 0:
1901 if (cpr_get_answer_is_yes("keyedit.keytocard.use_primary",
1902 _("Really move the primary key? (y/N) ")))
1903 node = sec_keyblock;
1904 break;
1905 case 1:
1906 for (node = sec_keyblock; node; node = node->next )
1907 {
1908 if (node->pkt->pkttype == PKT_SECRET_SUBKEY
1909 && node->flag & NODFLG_SELKEY)
1910 break;
1911 }
1912 break;
1913 default:
1914 tty_printf(_("You must select exactly one key.\n"));
1915 break;
1916 }
1917 if (node)
1918 {
1919 PKT_public_key *xxpk = find_pk_from_sknode (keyblock, node);
1920 if (card_store_subkey (node, xxpk?xxpk->pubkey_usage:0))
1921 {
1922 redisplay = 1;
1923 sec_modified = 1;
1924 }
1925 }
1926 }
1927 break;
1928
1929 case cmdBKUPTOCARD:
1930 {
1931 /* Ask for a filename, check whether this is really a
1932 backup key as generated by the card generation, parse
1933 that key and store it on card. */
1934 KBNODE node;
1935 const char *fname;
1936 PACKET *pkt;
1937 IOBUF a;
1938
1939 fname = arg_string;
1940 if (!*fname)
1941 {
1942 tty_printf (_("Command expects a filename argument\n"));
1943 break;
1944 }
1945
1946 /* Open that file. */
1947 a = iobuf_open (fname);
1948 if (a && is_secured_file (iobuf_get_fd (a)))
1949 {
1950 iobuf_close (a);
1951 a = NULL;
1952 errno = EPERM;
1953 }
1954 if (!a)
1955 {
1956 tty_printf (_("Can't open `%s': %s\n"),
1957 fname, strerror(errno));
1958 break;
1959 }
1960
1961 /* Parse and check that file. */
1962 pkt = xmalloc (sizeof *pkt);
1963 init_packet (pkt);
1964 rc = parse_packet (a, pkt);
1965 iobuf_close (a);
1966 iobuf_ioctl (NULL, 2, 0, (char*)fname); /* (invalidate cache). */
1967 if (!rc
1968 && pkt->pkttype != PKT_SECRET_KEY
1969 && pkt->pkttype != PKT_SECRET_SUBKEY)
1970 rc = G10ERR_NO_SECKEY;
1971 if (rc)
1972 {
1973 tty_printf(_("Error reading backup key from `%s': %s\n"),
1974 fname, g10_errstr (rc));
1975 free_packet (pkt);
1976 xfree (pkt);
1977 break;
1978 }
1979 node = new_kbnode (pkt);
1980
1981 /* Store it. */
1982 if (card_store_subkey (node, 0))
1983 {
1984 redisplay = 1;
1985 sec_modified = 1;
1986 }
1987 release_kbnode (node);
1988 }
1989 break;
1990
1991 #endif /* ENABLE_CARD_SUPPORT */
1992
1993 case cmdDELKEY: {
1994 int n1;
1995
1996 if( !(n1=count_selected_keys( keyblock )) )
1997 tty_printf(_("You must select at least one key.\n"));
1998 else if( !cpr_get_answer_is_yes( "keyedit.remove.subkey.okay",
1999 n1 > 1?
2000 _("Do you really want to delete the selected keys? (y/N) "):
2001 _("Do you really want to delete this key? (y/N) ")
2002 ))
2003 ;
2004 else {
2005 menu_delkey( keyblock, sec_keyblock );
2006 redisplay = 1;
2007 modified = 1;
2008 if( sec_keyblock )
2009 sec_modified = 1;
2010 }
2011 }
2012 break;
2013
2014 case cmdADDREVOKER:
2015 {
2016 int sensitive=0;
2017
2018 if(ascii_strcasecmp(arg_string,"sensitive")==0)
2019 sensitive=1;
2020 if( menu_addrevoker( keyblock, sec_keyblock, sensitive ) ) {
2021 redisplay = 1;
2022 sec_modified = modified = 1;
2023 merge_keys_and_selfsig( sec_keyblock );
2024 merge_keys_and_selfsig( keyblock );
2025 }
2026 }
2027 break;
2028
2029 case cmdREVUID: {
2030 int n1;
2031
2032 if( !(n1=count_selected_uids(keyblock)) )
2033 tty_printf(_("You must select at least one user ID.\n"));
2034 else if( cpr_get_answer_is_yes(
2035 "keyedit.revoke.uid.okay",
2036 n1 > 1? _("Really revoke all selected user IDs? (y/N) ")
2037 : _("Really revoke this user ID? (y/N) ")
2038 ) ) {
2039 if(menu_revuid(keyblock,sec_keyblock))
2040 {
2041 modified=1;
2042 redisplay=1;
2043 }
2044 }
2045 }
2046 break;
2047
2048 case cmdREVKEY:
2049 {
2050 int n1;
2051
2052 if( !(n1=count_selected_keys( keyblock )) )
2053 {
2054 if(cpr_get_answer_is_yes("keyedit.revoke.subkey.okay",
2055 _("Do you really want to revoke"
2056 " the entire key? (y/N) ")))
2057 {
2058 if(menu_revkey(keyblock,sec_keyblock))
2059 modified=1;
2060
2061 redisplay=1;
2062 }
2063 }
2064 else if(cpr_get_answer_is_yes("keyedit.revoke.subkey.okay",
2065 n1 > 1?
2066 _("Do you really want to revoke"
2067 " the selected subkeys? (y/N) "):
2068 _("Do you really want to revoke"
2069 " this subkey? (y/N) ")))
2070 {
2071 if( menu_revsubkey( keyblock, sec_keyblock ) )
2072 modified = 1;
2073
2074 redisplay = 1;
2075 }
2076
2077 if(modified)
2078 merge_keys_and_selfsig( keyblock );
2079 }
2080 break;
2081
2082 case cmdEXPIRE:
2083 if( menu_expire( keyblock, sec_keyblock ) )
2084 {
2085 merge_keys_and_selfsig( sec_keyblock );
2086 merge_keys_and_selfsig( keyblock );
2087 sec_modified = 1;
2088 modified = 1;
2089 redisplay = 1;
2090 }
2091 break;
2092
2093 case cmdBACKSIGN:
2094 if(menu_backsign(keyblock,sec_keyblock))
2095 {
2096 sec_modified = 1;
2097 modified = 1;
2098 redisplay = 1;
2099 }
2100 break;
2101
2102 case cmdPRIMARY:
2103 if( menu_set_primary_uid ( keyblock, sec_keyblock ) ) {
2104 merge_keys_and_selfsig( keyblock );
2105 modified = 1;
2106 redisplay = 1;
2107 }
2108 break;
2109
2110 case cmdPASSWD:
2111 if( change_passphrase( sec_keyblock ) )
2112 sec_modified = 1;
2113 break;
2114
2115 case cmdTRUST:
2116 if(opt.trust_model==TM_EXTERNAL)
2117 {
2118 tty_printf (_("Owner trust may not be set while "
2119 "using a user provided trust database\n"));
2120 break;
2121 }
2122
2123 show_key_with_all_names( keyblock, 0, 0, 0, 1, 0 );
2124 tty_printf("\n");
2125 if( edit_ownertrust( find_kbnode( keyblock,
2126 PKT_PUBLIC_KEY )->pkt->pkt.public_key, 1 ) ) {
2127 redisplay = 1;
2128 /* No real need to set update_trust here as
2129 edit_ownertrust() calls revalidation_mark()
2130 anyway. */
2131 update_trust=1;
2132 }
2133 break;
2134
2135 case cmdPREF:
2136 {
2137 int count=count_selected_uids(keyblock);
2138 assert(keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
2139 show_names(keyblock,keyblock->pkt->pkt.public_key,
2140 count?NODFLG_SELUID:0,1);
2141 }
2142 break;
2143
2144 case cmdSHOWPREF:
2145 {
2146 int count=count_selected_uids(keyblock);
2147 assert(keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
2148 show_names(keyblock,keyblock->pkt->pkt.public_key,
2149 count?NODFLG_SELUID:0,2);
2150 }
2151 break;
2152
2153 case cmdSETPREF:
2154 {
2155 PKT_user_id *tempuid;
2156
2157 keygen_set_std_prefs(!*arg_string?"default" : arg_string, 0);
2158
2159 tempuid=keygen_get_std_prefs();
2160 tty_printf(_("Set preference list to:\n"));
2161 show_prefs(tempuid,NULL,1);
2162 free_user_id(tempuid);
2163
2164 if(cpr_get_answer_is_yes("keyedit.setpref.okay",
2165 count_selected_uids (keyblock)?
2166 _("Really update the preferences"
2167 " for the selected user IDs? (y/N) "):
2168 _("Really update the preferences? (y/N) ")))
2169 {
2170 if ( menu_set_preferences (keyblock, sec_keyblock) )
2171 {
2172 merge_keys_and_selfsig (keyblock);
2173 modified = 1;
2174 redisplay = 1;
2175 }
2176 }
2177 }
2178 break;
2179
2180 case cmdPREFKS:
2181 if( menu_set_keyserver_url ( *arg_string?arg_string:NULL,
2182 keyblock, sec_keyblock ) )
2183 {
2184 merge_keys_and_selfsig( keyblock );
2185 modified = 1;
2186 redisplay = 1;
2187 }
2188 break;
2189
2190 case cmdNOTATION:
2191 if( menu_set_notation ( *arg_string?arg_string:NULL,
2192 keyblock, sec_keyblock ) )
2193 {
2194 merge_keys_and_selfsig( keyblock );
2195 modified = 1;
2196 redisplay = 1;
2197 }
2198 break;
2199
2200 case cmdNOP:
2201 break;
2202
2203 case cmdREVSIG:
2204 if( menu_revsig( keyblock ) ) {
2205 redisplay = 1;
2206 modified = 1;
2207 }
2208 break;
2209
2210 case cmdENABLEKEY:
2211 case cmdDISABLEKEY:
2212 if( enable_disable_key( keyblock, cmd == cmdDISABLEKEY ) ) {
2213 redisplay = 1;
2214 modified = 1;
2215 }
2216 break;
2217
2218 case cmdSHOWPHOTO:
2219 menu_showphoto(keyblock);
2220 break;
2221
2222 case cmdCLEAN:
2223 if(menu_clean(keyblock,0))
2224 redisplay=modified=1;
2225 break;
2226
2227 case cmdMINIMIZE:
2228 if(menu_clean(keyblock,1))
2229 redisplay=modified=1;
2230 break;
2231
2232 case cmdQUIT:
2233 if( have_commands )
2234 goto leave;
2235 if( !modified && !sec_modified )
2236 goto leave;
2237 if( !cpr_get_answer_is_yes("keyedit.save.okay",
2238 _("Save changes? (y/N) ")) ) {
2239 if( cpr_enabled()
2240 || cpr_get_answer_is_yes("keyedit.cancel.okay",
2241 _("Quit without saving? (y/N) ")))
2242 goto leave;
2243 break;
2244 }
2245 /* fall thru */
2246 case cmdSAVE:
2247 if( modified || sec_modified ) {
2248 if( modified ) {
2249 rc = keydb_update_keyblock (kdbhd, keyblock);
2250 if( rc ) {
2251 log_error(_("update failed: %s\n"), g10_errstr(rc) );
2252 break;
2253 }
2254 }
2255 if( sec_modified ) {
2256 rc = keydb_update_keyblock (sec_kdbhd, sec_keyblock );
2257 if( rc ) {
2258 log_error( _("update secret failed: %s\n"),
2259 g10_errstr(rc) );
2260 break;
2261 }
2262 }
2263 }
2264 else
2265 tty_printf(_("Key not changed so no update needed.\n"));
2266
2267 if( update_trust )
2268 {
2269 revalidation_mark ();
2270 update_trust=0;
2271 }
2272 goto leave;
2273
2274 case cmdINVCMD:
2275 default:
2276 tty_printf("\n");
2277 tty_printf(_("Invalid command (try \"help\")\n"));
2278 break;
2279 }
2280 } /* end main loop */
2281
2282 leave:
2283 release_kbnode( keyblock );
2284 release_kbnode( sec_keyblock );
2285 keydb_release (kdbhd);
2286 xfree(answer);
2287 }
2288
2289 static void
2290 tty_print_notations(int indent,PKT_signature *sig)
2291 {
2292 int first=1;
2293 struct notation *notation,*nd;
2294
2295 if(indent<0)
2296 {
2297 first=0;
2298 indent=-indent;
2299 }
2300
2301 notation=sig_to_notation(sig);
2302
2303 for(nd=notation;nd;nd=nd->next)
2304 {
2305 if(!first)
2306 tty_printf("%*s",indent,"");
2307 else
2308 first=0;
2309
2310 tty_print_utf8_string(nd->name,strlen(nd->name));
2311 tty_printf("=");
2312 tty_print_utf8_string(nd->value,strlen(nd->value));
2313 tty_printf("\n");
2314 }
2315
2316 free_notation(notation);
2317 }
2318
2319 /****************
2320 * show preferences of a public keyblock.
2321 */
2322 static void
2323 show_prefs (PKT_user_id *uid, PKT_signature *selfsig, int verbose)
2324 {
2325 const prefitem_t fake={0,0};
2326 const prefitem_t *prefs;
2327 int i;
2328
2329 if( !uid )
2330 return;
2331
2332 if( uid->prefs )
2333 prefs=uid->prefs;
2334 else if(verbose)
2335 prefs=&fake;
2336 else
2337 return;
2338
2339 if (verbose) {
2340 int any, des_seen=0, sha1_seen=0, uncomp_seen=0;
2341
2342 tty_printf (" ");
2343 tty_printf (_("Cipher: "));
2344 for(i=any=0; prefs[i].type; i++ ) {
2345 if( prefs[i].type == PREFTYPE_SYM ) {
2346 if (any)
2347 tty_printf (", ");
2348 any = 1;
2349 /* We don't want to display strings for experimental algos */
2350 if (!openpgp_cipher_test_algo (prefs[i].value)
2351 && prefs[i].value < 100 )
2352 tty_printf ("%s",
2353 openpgp_cipher_algo_name (prefs[i].value));
2354 else
2355 tty_printf ("[%d]", prefs[i].value);
2356 if (prefs[i].value == CIPHER_ALGO_3DES )
2357 des_seen = 1;
2358 }
2359 }
2360 if (!des_seen) {
2361 if (any)
2362 tty_printf (", ");
2363 tty_printf ("%s", openpgp_cipher_algo_name (CIPHER_ALGO_3DES));
2364 }
2365 tty_printf ("\n ");
2366 tty_printf (_("Digest: "));
2367 for(i=any=0; prefs[i].type; i++ ) {
2368 if( prefs[i].type == PREFTYPE_HASH ) {
2369 if (any)
2370 tty_printf (", ");
2371 any = 1;
2372 /* We don't want to display strings for experimental algos */
2373 if (!gcry_md_test_algo (prefs[i].value)
2374 && prefs[i].value < 100 )
2375 tty_printf ("%s", gcry_md_algo_name (prefs[i].value) );
2376 else
2377 tty_printf ("[%d]", prefs[i].value);
2378 if (prefs[i].value == DIGEST_ALGO_SHA1 )
2379 sha1_seen = 1;
2380 }
2381 }
2382 if (!sha1_seen) {
2383 if (any)
2384 tty_printf (", ");
2385 tty_printf ("%s", gcry_md_algo_name (DIGEST_ALGO_SHA1));
2386 }
2387 tty_printf ("\n ");
2388 tty_printf (_("Compression: "));
2389 for(i=any=0; prefs[i].type; i++ ) {
2390 if( prefs[i].type == PREFTYPE_ZIP ) {
2391 const char *s=compress_algo_to_string(prefs[i].value);
2392
2393 if (any)
2394 tty_printf (", ");
2395 any = 1;
2396 /* We don't want to display strings for experimental algos */
2397 if (s && prefs[i].value < 100 )
2398 tty_printf ("%s", s );
2399 else
2400 tty_printf ("[%d]", prefs[i].value);
2401 if (prefs[i].value == COMPRESS_ALGO_NONE )
2402 uncomp_seen = 1;
2403 }
2404 }
2405 if (!uncomp_seen) {
2406 if (any)
2407 tty_printf (", ");
2408 else {
2409 tty_printf ("%s",compress_algo_to_string(COMPRESS_ALGO_ZIP));
2410 tty_printf (", ");
2411 }
2412 tty_printf ("%s",compress_algo_to_string(COMPRESS_ALGO_NONE));
2413 }
2414 if(uid->flags.mdc || !uid->flags.ks_modify)
2415 {
2416 tty_printf ("\n ");
2417 tty_printf (_("Features: "));
2418 any=0;
2419 if(uid->flags.mdc)
2420 {
2421 tty_printf ("MDC");
2422 any=1;
2423 }
2424 if(!uid->flags.ks_modify)
2425 {
2426 if(any)
2427 tty_printf (", ");
2428 tty_printf (_("Keyserver no-modify"));
2429 }
2430 }
2431 tty_printf("\n");
2432
2433 if(selfsig)
2434 {
2435 const byte *pref_ks;
2436 size_t pref_ks_len;
2437
2438 pref_ks=parse_sig_subpkt(selfsig->hashed,
2439 SIGSUBPKT_PREF_KS,&pref_ks_len);
2440 if(pref_ks && pref_ks_len)
2441 {
2442 tty_printf (" ");
2443 tty_printf(_("Preferred keyserver: "));
2444 tty_print_utf8_string(pref_ks,pref_ks_len);
2445 tty_printf("\n");
2446 }
2447
2448 if(selfsig->flags.notation)
2449 {
2450 tty_printf (" ");
2451 tty_printf(_("Notations: "));
2452 tty_print_notations(5+strlen(_("Notations: ")),selfsig);
2453 }
2454 }
2455 }
2456 else {
2457 tty_printf(" ");
2458 for(i=0; prefs[i].type; i++ ) {
2459 tty_printf( " %c%d", prefs[i].type == PREFTYPE_SYM ? 'S' :
2460 prefs[i].type == PREFTYPE_HASH ? 'H' :
2461 prefs[i].type == PREFTYPE_ZIP ? 'Z':'?',
2462 prefs[i].value);
2463 }
2464 if (uid->flags.mdc)
2465 tty_printf (" [mdc]");
2466 if (!uid->flags.ks_modify)
2467 tty_printf (" [no-ks-modify]");
2468 tty_printf("\n");
2469 }
2470 }
2471
2472 /* This is the version of show_key_with_all_names used when
2473 opt.with_colons is used. It prints all available data in a easy to
2474 parse format and does not translate utf8 */
2475 static void
2476 show_key_with_all_names_colon (KBNODE keyblock)
2477 {
2478 KBNODE node;
2479 int i, j, ulti_hack=0;
2480 byte pk_version=0;
2481 PKT_public_key *primary=NULL;
2482
2483 /* the keys */
2484 for ( node = keyblock; node; node = node->next )
2485 {
2486 if (node->pkt->pkttype == PKT_PUBLIC_KEY
2487 || (node->pkt->pkttype == PKT_PUBLIC_SUBKEY) )
2488 {
2489 PKT_public_key *pk = node->pkt->pkt.public_key;
2490 u32 keyid[2];
2491
2492 if (node->pkt->pkttype == PKT_PUBLIC_KEY)
2493 {
2494 pk_version = pk->version;
2495 primary=pk;
2496 }
2497
2498 keyid_from_pk (pk, keyid);
2499
2500 fputs (node->pkt->pkttype == PKT_PUBLIC_KEY?"pub:":"sub:", stdout);
2501 if (!pk->is_valid)
2502 putchar ('i');
2503 else if (pk->is_revoked)
2504 putchar ('r');
2505 else if (pk->has_expired)
2506 putchar ('e');
2507 else if (!(opt.fast_list_mode || opt.no_expensive_trust_checks ))
2508 {
2509 int trust = get_validity_info (pk, NULL);
2510 if(trust=='u')
2511 ulti_hack=1;
2512 putchar (trust);
2513 }
2514
2515 printf (":%u:%d:%08lX%08lX:%lu:%lu::",
2516 nbits_from_pk (pk),
2517 pk->pubkey_algo,
2518 (ulong)keyid[0], (ulong)keyid[1],
2519 (ulong)pk->timestamp,
2520 (ulong)pk->expiredate );
2521 if (node->pkt->pkttype==PKT_PUBLIC_KEY
2522 && !(opt.fast_list_mode || opt.no_expensive_trust_checks ))
2523 putchar(get_ownertrust_info (pk));
2524 putchar(':');
2525 putchar('\n');
2526
2527 print_fingerprint (pk, NULL, 0);
2528 print_revokers(pk);
2529 }
2530 }
2531
2532 /* the user ids */
2533 i = 0;
2534 for (node = keyblock; node; node = node->next)
2535 {
2536 if ( node->pkt->pkttype == PKT_USER_ID )
2537 {
2538 PKT_user_id *uid = node->pkt->pkt.user_id;
2539
2540 ++i;
2541
2542 if(uid->attrib_data)
2543 printf("uat:");
2544 else
2545 printf("uid:");
2546
2547 if ( uid->is_revoked )
2548 printf("r::::::::");
2549 else if ( uid->is_expired )
2550 printf("e::::::::");
2551 else if ( opt.fast_list_mode || opt.no_expensive_trust_checks )
2552 printf("::::::::");
2553 else
2554 {
2555 int uid_validity;
2556
2557 if( primary && !ulti_hack )
2558 uid_validity = get_validity_info( primary, uid );
2559 else
2560 uid_validity = 'u';
2561 printf("%c::::::::",uid_validity);
2562 }
2563
2564 if(uid->attrib_data)
2565 printf ("%u %lu",uid->numattribs,uid->attrib_len);
2566 else
2567 print_string (stdout, uid->name, uid->len, ':');
2568
2569 putchar (':');
2570 /* signature class */
2571 putchar (':');
2572 /* capabilities */
2573 putchar (':');
2574 /* preferences */
2575 if (pk_version>3 || uid->selfsigversion>3)
2576 {
2577 const prefitem_t *prefs = uid->prefs;
2578
2579 for (j=0; prefs && prefs[j].type; j++)
2580 {
2581 if (j)
2582 putchar (' ');
2583 printf ("%c%d", prefs[j].type == PREFTYPE_SYM ? 'S' :
2584 prefs[j].type == PREFTYPE_HASH ? 'H' :
2585 prefs[j].type == PREFTYPE_ZIP ? 'Z':'?',
2586 prefs[j].value);
2587 }
2588 if (uid->flags.mdc)
2589 printf (",mdc");
2590 if (!uid->flags.ks_modify)
2591 printf (",no-ks-modify");
2592 }
2593 putchar (':');
2594 /* flags */
2595 printf ("%d,", i);
2596 if (uid->is_primary)
2597 putchar ('p');
2598 if (uid->is_revoked)
2599 putchar ('r');
2600 if (uid->is_expired)
2601 putchar ('e');
2602 if ((node->flag & NODFLG_SELUID))
2603 putchar ('s');
2604 if ((node->flag & NODFLG_MARK_A))
2605 putchar ('m');
2606 putchar (':');
2607 putchar('\n');
2608 }
2609 }
2610 }
2611
2612 static void
2613 show_names(KBNODE keyblock,PKT_public_key *pk,unsigned int flag,int with_prefs)
2614 {
2615 KBNODE node;
2616 int i=0;
2617
2618 for( node = keyblock; node; node = node->next )
2619 {
2620 if( node->pkt->pkttype == PKT_USER_ID
2621 && !is_deleted_kbnode(node))
2622 {
2623 PKT_user_id *uid = node->pkt->pkt.user_id;
2624 ++i;
2625 if(!flag || (flag && (node->flag & flag)))
2626 {
2627 if(!(flag&NODFLG_MARK_A) && pk)
2628 tty_printf("%s ",uid_trust_string_fixed(pk,uid));
2629
2630 if( flag & NODFLG_MARK_A )
2631 tty_printf(" ");
2632 else if( node->flag & NODFLG_SELUID )
2633 tty_printf("(%d)* ", i);
2634 else if( uid->is_primary )
2635 tty_printf("(%d). ", i);
2636 else
2637 tty_printf("(%d) ", i);
2638 tty_print_utf8_string( uid->name, uid->len );
2639 tty_printf("\n");
2640 if(with_prefs && pk)
2641 {
2642 if(pk->version>3 || uid->selfsigversion>3)
2643 {
2644 PKT_signature *selfsig=NULL;
2645 KBNODE signode;
2646
2647 for(signode=node->next;
2648 signode && signode->pkt->pkttype==PKT_SIGNATURE;
2649 signode=signode->next)
2650 {
2651 if(signode->pkt->pkt.signature->
2652 flags.chosen_selfsig)
2653 {
2654 selfsig=signode->pkt->pkt.signature;
2655 break;
2656 }
2657 }
2658
2659 show_prefs (uid, selfsig, with_prefs == 2);
2660 }
2661 else
2662 tty_printf(_("There are no preferences on a"
2663 " PGP 2.x-style user ID.\n"));
2664 }
2665 }
2666 }
2667 }
2668 }
2669
2670 /****************
2671 * Display the key a the user ids, if only_marked is true, do only
2672 * so for user ids with mark A flag set and dont display the index number
2673 */
2674 static void
2675 show_key_with_all_names( KBNODE keyblock, int only_marked, int with_revoker,
2676 int with_fpr, int with_subkeys, int with_prefs )
2677 {
2678 KBNODE node;
2679 int i;
2680 int do_warn = 0;
2681 byte pk_version=0;
2682 PKT_public_key *primary=NULL;
2683
2684 if (opt.with_colons)
2685 {
2686 show_key_with_all_names_colon (keyblock);
2687 return;
2688 }
2689
2690 /* the keys */
2691 for( node = keyblock; node; node = node->next ) {
2692 if( node->pkt->pkttype == PKT_PUBLIC_KEY
2693 || (with_subkeys && node->pkt->pkttype == PKT_PUBLIC_SUBKEY
2694 && !is_deleted_kbnode(node)) ) {
2695 PKT_public_key *pk = node->pkt->pkt.public_key;
2696 const char *otrust="err",*trust="err";
2697
2698 if( node->pkt->pkttype == PKT_PUBLIC_KEY ) {
2699 /* do it here, so that debug messages don't clutter the
2700 * output */
2701 static int did_warn = 0;
2702
2703 trust = get_validity_string (pk, NULL);
2704 otrust = get_ownertrust_string (pk);
2705
2706 /* Show a warning once */
2707 if (!did_warn
2708 && (get_validity (pk, NULL) & TRUST_FLAG_PENDING_CHECK)) {
2709 did_warn = 1;
2710 do_warn = 1;
2711 }
2712
2713 pk_version=pk->version;
2714 primary=pk;
2715 }
2716
2717 if(pk->is_revoked)
2718 {
2719 char *user=get_user_id_string_native(pk->revoked.keyid);
2720 const char *algo = gcry_pk_algo_name (pk->revoked.algo);
2721 tty_printf(_("This key was revoked on %s by %s key %s\n"),
2722 revokestr_from_pk(pk),algo?algo:"?",user);
2723 xfree(user);
2724 }
2725
2726 if(with_revoker)
2727 {
2728 if( !pk->revkey && pk->numrevkeys )
2729 BUG();
2730 else
2731 for(i=0;i<pk->numrevkeys;i++)
2732 {
2733 u32 r_keyid[2];
2734 char *user;
2735 const char *algo;
2736
2737 algo = gcry_pk_algo_name (pk->revkey[i].algid);
2738 keyid_from_fingerprint(pk->revkey[i].fpr,
2739 MAX_FINGERPRINT_LEN,r_keyid);
2740
2741 user=get_user_id_string_native(r_keyid);
2742 tty_printf(_("This key may be revoked by %s key %s"),
2743 algo?algo:"?",user);
2744
2745 if(pk->revkey[i].class&0x40)
2746 {
2747 tty_printf(" ");
2748 tty_printf(_("(sensitive)"));
2749 }
2750
2751 tty_printf ("\n");
2752 xfree(user);
2753 }
2754 }
2755
2756 keyid_from_pk(pk,NULL);
2757 tty_printf("%s%c %4u%c/%s ",
2758 node->pkt->pkttype == PKT_PUBLIC_KEY? "pub":"sub",
2759 (node->flag & NODFLG_SELKEY)? '*':' ',
2760 nbits_from_pk( pk ),
2761 pubkey_letter( pk->pubkey_algo ),
2762 keystr(pk->keyid));
2763
2764 tty_printf(_("created: %s"),datestr_from_pk(pk));
2765 tty_printf(" ");
2766 if(pk->is_revoked)
2767 tty_printf(_("revoked: %s"),revokestr_from_pk(pk));
2768 else if(pk->has_expired)
2769 tty_printf(_("expired: %s"),expirestr_from_pk(pk));
2770 else
2771 tty_printf(_("expires: %s"),expirestr_from_pk(pk));
2772 tty_printf(" ");
2773 tty_printf(_("usage: %s"),usagestr_from_pk(pk));
2774 tty_printf("\n");
2775
2776 if( node->pkt->pkttype == PKT_PUBLIC_KEY )
2777 {
2778 if(opt.trust_model!=TM_ALWAYS)
2779 {
2780 tty_printf("%*s", (int)keystrlen()+13,"");
2781 /* Ownertrust is only meaningful for the PGP or
2782 classic trust models */
2783 if(opt.trust_model==TM_PGP || opt.trust_model==TM_CLASSIC)
2784 {
2785 int width=14-strlen(otrust);
2786 if(width<=0)
2787 width=1;
2788 tty_printf(_("trust: %s"), otrust);
2789 tty_printf("%*s",width,"");
2790 }
2791
2792 tty_printf(_("validity: %s"), trust );
2793 tty_printf("\n");
2794 }
2795 if( node->pkt->pkttype == PKT_PUBLIC_KEY
2796 && (get_ownertrust (pk)&TRUST_FLAG_DISABLED))
2797 {
2798 tty_printf("*** ");
2799 tty_printf(_("This key has been disabled"));
2800 tty_printf("\n");
2801 }
2802 }
2803
2804 if( node->pkt->pkttype == PKT_PUBLIC_KEY && with_fpr )
2805 {
2806 print_fingerprint ( pk, NULL, 2 );
2807 tty_printf("\n");
2808 }
2809 }
2810 else if( node->pkt->pkttype == PKT_SECRET_KEY
2811 || (with_subkeys && node->pkt->pkttype == PKT_SECRET_SUBKEY) )
2812 {
2813 PKT_secret_key *sk = node->pkt->pkt.secret_key;
2814 tty_printf("%s%c %4u%c/%s ",
2815 node->pkt->pkttype == PKT_SECRET_KEY? "sec":"ssb",
2816 (node->flag & NODFLG_SELKEY)? '*':' ',
2817 nbits_from_sk( sk ),
2818 pubkey_letter( sk->pubkey_algo ),
2819 keystr_from_sk(sk));
2820 tty_printf(_("created: %s"),datestr_from_sk(sk));
2821 tty_printf(" ");
2822 tty_printf(_("expires: %s"),expirestr_from_sk(sk));
2823 tty_printf("\n");
2824 if (sk->is_protected && sk->protect.s2k.mode == 1002)
2825 {
2826 tty_printf(" ");
2827 tty_printf(_("card-no: "));
2828 if (sk->protect.ivlen == 16
2829 && !memcmp (sk->protect.iv, "\xD2\x76\x00\x01\x24\x01", 6))
2830 { /* This is an OpenPGP card. */
2831 for (i=8; i < 14; i++)
2832 {
2833 if (i == 10)
2834 tty_printf (" ");
2835 tty_printf ("%02X", sk->protect.iv[i]);
2836 }
2837 }
2838 else
2839 { /* Something is wrong: Print all. */
2840 for (i=0; i < sk->protect.ivlen; i++)
2841 tty_printf ("%02X", sk->protect.iv[i]);
2842 }
2843 tty_printf ("\n");
2844 }
2845 }
2846 }
2847
2848 show_names(keyblock,primary,only_marked?NODFLG_MARK_A:0,with_prefs);
2849
2850 if (do_warn)
2851 tty_printf (_("Please note that the shown key validity"
2852 " is not necessarily correct\n"
2853 "unless you restart the program.\n"));
2854 }
2855
2856
2857 /* Display basic key information. This function is suitable to show
2858 information on the key without any dependencies on the trustdb or
2859 any other internal GnuPG stuff. KEYBLOCK may either be a public or
2860 a secret key.*/
2861 void
2862 show_basic_key_info ( KBNODE keyblock )
2863 {
2864 KBNODE node;
2865 int i;
2866
2867 /* The primary key */
2868 for (node = keyblock; node; node = node->next)
2869 {
2870 if (node->pkt->pkttype == PKT_PUBLIC_KEY)
2871 {
2872 PKT_public_key *pk = node->pkt->pkt.public_key;
2873
2874 /* Note, we use the same format string as in other show
2875 functions to make the translation job easier. */
2876 tty_printf ("%s %4u%c/%s ",
2877 node->pkt->pkttype == PKT_PUBLIC_KEY? "pub":"sub",
2878 nbits_from_pk( pk ),
2879 pubkey_letter( pk->pubkey_algo ),
2880 keystr_from_pk(pk));
2881 tty_printf(_("created: %s"),datestr_from_pk(pk));
2882 tty_printf(" ");
2883 tty_printf(_("expires: %s"),expirestr_from_pk(pk));
2884 tty_printf("\n");
2885 print_fingerprint ( pk, NULL, 3 );
2886 tty_printf("\n");
2887 }
2888 else if (node->pkt->pkttype == PKT_SECRET_KEY)
2889 {
2890 PKT_secret_key *sk = node->pkt->pkt.secret_key;
2891 tty_printf("%s %4u%c/%s",
2892 node->pkt->pkttype == PKT_SECRET_KEY? "sec":"ssb",
2893 nbits_from_sk( sk ),
2894 pubkey_letter( sk->pubkey_algo ),
2895 keystr_from_sk(sk));
2896 tty_printf(_("created: %s"),datestr_from_sk(sk));
2897 tty_printf(" ");
2898 tty_printf(_("expires: %s"),expirestr_from_sk(sk));
2899 tty_printf("\n");
2900 print_fingerprint (NULL, sk, 3 );
2901 tty_printf("\n");
2902 }
2903 }
2904
2905 /* The user IDs. */
2906 for (i=0, node = keyblock; node; node = node->next)
2907 {
2908 if (node->pkt->pkttype == PKT_USER_ID)
2909 {
2910 PKT_user_id *uid = node->pkt->pkt.user_id;
2911 ++i;
2912
2913 tty_printf (" ");
2914 if (uid->is_revoked)
2915 tty_printf("[%s] ",_("revoked"));
2916 else if ( uid->is_expired )
2917 tty_printf("[%s] ",_("expired"));
2918 tty_print_utf8_string (uid->name, uid->len);
2919 tty_printf ("\n");
2920 }
2921 }
2922 }
2923
2924 static void
2925 show_key_and_fingerprint( KBNODE keyblock )
2926 {
2927 KBNODE node;
2928 PKT_public_key *pk = NULL;
2929
2930 for( node = keyblock; node; node = node->next )
2931 {
2932 if( node->pkt->pkttype == PKT_PUBLIC_KEY )
2933 {
2934 pk = node->pkt->pkt.public_key;
2935 tty_printf("pub %4u%c/%s %s ",
2936 nbits_from_pk( pk ),
2937 pubkey_letter( pk->pubkey_algo ),
2938 keystr_from_pk(pk),
2939 datestr_from_pk(pk) );
2940 }
2941 else if( node->pkt->pkttype == PKT_USER_ID )
2942 {
2943 PKT_user_id *uid = node->pkt->pkt.user_id;
2944 tty_print_utf8_string( uid->name, uid->len );
2945 break;
2946 }
2947 }
2948 tty_printf("\n");
2949 if( pk )
2950 print_fingerprint( pk, NULL, 2 );
2951 }
2952
2953
2954 /* Show a warning if no uids on the key have the primary uid flag
2955 set. */
2956 static void
2957 no_primary_warning(KBNODE keyblock)
2958 {
2959 KBNODE node;
2960 int have_primary=0,uid_count=0;
2961
2962 /* TODO: if we ever start behaving differently with a primary or
2963 non-primary attribute ID, we will need to check for attributes
2964 here as well. */
2965
2966 for(node=keyblock; node; node = node->next)
2967 {
2968 if(node->pkt->pkttype==PKT_USER_ID
2969 && node->pkt->pkt.user_id->attrib_data==NULL)
2970 {
2971 uid_count++;
2972
2973 if(node->pkt->pkt.user_id->is_primary==2)
2974 {
2975 have_primary=1;
2976 break;
2977 }
2978 }
2979 }
2980
2981 if(uid_count>1 && !have_primary)
2982 log_info(_("WARNING: no user ID has been marked as primary. This command"
2983 " may\n cause a different user ID to become"
2984 " the assumed primary.\n"));
2985 }
2986
2987 /****************
2988 * Ask for a new user id, do the selfsignature and put it into
2989 * both keyblocks.
2990 * Return true if there is a new user id
2991 */
2992 static int
2993 menu_adduid( KBNODE pub_keyblock, KBNODE sec_keyblock,
2994 int photo, const char *photo_name)
2995 {
2996 PKT_user_id *uid;
2997 PKT_public_key *pk=NULL;
2998 PKT_secret_key *sk=NULL;
2999 PKT_signature *sig=NULL;
3000 PACKET *pkt;
3001 KBNODE node;
3002 KBNODE pub_where=NULL, sec_where=NULL;
3003 int rc;
3004
3005 for( node = pub_keyblock; node; pub_where = node, node = node->next ) {
3006 if( node->pkt->pkttype == PKT_PUBLIC_KEY )
3007 pk = node->pkt->pkt.public_key;
3008 else if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
3009 break;
3010 }
3011 if( !node ) /* no subkey */
3012 pub_where = NULL;
3013 for( node = sec_keyblock; node; sec_where = node, node = node->next ) {
3014 if( node->pkt->pkttype == PKT_SECRET_KEY )
3015 sk = copy_secret_key( NULL, node->pkt->pkt.secret_key);
3016 else if( node->pkt->pkttype == PKT_SECRET_SUBKEY )
3017 break;
3018 }
3019 if( !node ) /* no subkey */
3020 sec_where = NULL;
3021 assert(pk && sk);
3022
3023 if(photo) {
3024 int hasattrib=0;
3025
3026 for( node = pub_keyblock; node; node = node->next )
3027 if( node->pkt->pkttype == PKT_USER_ID &&
3028 node->pkt->pkt.user_id->attrib_data!=NULL)
3029 {
3030 hasattrib=1;
3031 break;
3032 }
3033
3034 /* It is legal but bad for compatibility to add a photo ID to a
3035 v3 key as it means that PGP2 will not be able to use that key
3036 anymore. Also, PGP may not expect a photo on a v3 key.
3037 Don't bother to ask this if the key already has a photo - any
3038 damage has already been done at that point. -dms */
3039 if(pk->version==3 && !hasattrib)
3040 {
3041 if(opt.expert)
3042 {
3043 tty_printf(_("WARNING: This is a PGP2-style key. "
3044 "Adding a photo ID may cause some versions\n"
3045 " of PGP to reject this key.\n"));
3046
3047 if(!cpr_get_answer_is_yes("keyedit.v3_photo.okay",
3048 _("Are you sure you still want "
3049 "to add it? (y/N) ")))
3050 return 0;
3051 }
3052 else
3053 {
3054 tty_printf(_("You may not add a photo ID to "
3055 "a PGP2-style key.\n"));
3056 return 0;
3057 }
3058 }
3059
3060 uid = generate_photo_id(pk,photo_name);
3061 } else
3062 uid = generate_user_id();
3063 if( !uid )
3064 return 0;
3065
3066 rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x13, 0, 0, 0, 0,
3067 keygen_add_std_prefs, pk );
3068 free_secret_key( sk );
3069 if( rc ) {
3070 log_error("signing failed: %s\n", g10_errstr(rc) );
3071 free_user_id(uid);
3072 return 0;
3073 }
3074
3075 /* insert/append to secret keyblock */
3076 pkt = xmalloc_clear( sizeof *pkt );
3077 pkt->pkttype = PKT_USER_ID;
3078 pkt->pkt.user_id = scopy_user_id(uid);
3079 node = new_kbnode(pkt);
3080 if( sec_where )
3081 insert_kbnode( sec_where, node, 0 );
3082 else
3083 add_kbnode( sec_keyblock, node );
3084 pkt = xmalloc_clear( sizeof *pkt );
3085 pkt->pkttype = PKT_SIGNATURE;
3086 pkt->pkt.signature = copy_signature(NULL, sig);
3087 if( sec_where )
3088 insert_kbnode( node, new_kbnode(pkt), 0 );
3089 else
3090 add_kbnode( sec_keyblock, new_kbnode(pkt) );
3091 /* insert/append to public keyblock */
3092 pkt = xmalloc_clear( sizeof *pkt );
3093 pkt->pkttype = PKT_USER_ID;
3094 pkt->pkt.user_id = uid;
3095 node = new_kbnode(pkt);
3096 if( pub_where )
3097 insert_kbnode( pub_where, node, 0 );
3098 else
3099 add_kbnode( pub_keyblock, node );
3100 pkt = xmalloc_clear( sizeof *pkt );
3101 pkt->pkttype = PKT_SIGNATURE;
3102 pkt->pkt.signature = copy_signature(NULL, sig);
3103 if( pub_where )
3104 insert_kbnode( node, new_kbnode(pkt), 0 );
3105 else
3106 add_kbnode( pub_keyblock, new_kbnode(pkt) );
3107 return 1;
3108 }
3109
3110
3111 /****************
3112 * Remove all selected userids from the keyrings
3113 */
3114 static void
3115 menu_deluid( KBNODE pub_keyblock, KBNODE sec_keyblock )
3116 {
3117 KBNODE node;
3118 int selected=0;
3119
3120 for( node = pub_keyblock; node; node = node->next ) {
3121 if( node->pkt->pkttype == PKT_USER_ID ) {
3122 selected = node->flag & NODFLG_SELUID;
3123 if( selected ) {
3124 /* Only cause a trust update if we delete a
3125 non-revoked user id */
3126 if(!node->pkt->pkt.user_id->is_revoked)
3127 update_trust=1;
3128 delete_kbnode( node );
3129 if( sec_keyblock ) {
3130 KBNODE snode;
3131 int s_selected = 0;
3132 PKT_user_id *uid = node->pkt->pkt.user_id;
3133 for( snode = sec_keyblock; snode; snode = snode->next ) {
3134 if( snode->pkt->pkttype == PKT_USER_ID ) {
3135 PKT_user_id *suid = snode->pkt->pkt.user_id;
3136
3137 s_selected =
3138 (uid->len == suid->len
3139 && !memcmp( uid->name, suid->name, uid->len));
3140 if( s_selected )
3141 delete_kbnode( snode );
3142 }
3143 else if( s_selected
3144 && snode->pkt->pkttype == PKT_SIGNATURE )
3145 delete_kbnode( snode );
3146 else if( snode->pkt->pkttype == PKT_SECRET_SUBKEY )
3147 s_selected = 0;
3148 }
3149 }
3150 }
3151 }
3152 else if( selected && node->pkt->pkttype == PKT_SIGNATURE )
3153 delete_kbnode( node );
3154 else if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
3155 selected = 0;
3156 }
3157 commit_kbnode( &pub_keyblock );
3158 if( sec_keyblock )
3159 commit_kbnode( &sec_keyblock );
3160 }
3161
3162
3163 static int
3164 menu_delsig( KBNODE pub_keyblock )
3165 {
3166 KBNODE node;
3167 PKT_user_id *uid = NULL;
3168 int changed=0;
3169
3170 for( node = pub_keyblock; node; node = node->next ) {
3171 if( node->pkt->pkttype == PKT_USER_ID ) {
3172 uid = (node->flag & NODFLG_SELUID)? node->pkt->pkt.user_id : NULL;
3173 }
3174 else if( uid && node->pkt->pkttype == PKT_SIGNATURE ) {
3175 int okay, valid, selfsig, inv_sig, no_key, other_err;
3176
3177 tty_printf("uid ");
3178 tty_print_utf8_string( uid->name, uid->len );
3179 tty_printf("\n");
3180
3181 okay = inv_sig = no_key = other_err = 0;
3182 if(opt.with_colons)
3183 valid = print_and_check_one_sig_colon( pub_keyblock, node,
3184 &inv_sig, &no_key, &other_err,
3185 &selfsig, 1 );
3186 else
3187 valid = print_and_check_one_sig( pub_keyblock, node,
3188 &inv_sig, &no_key, &other_err,
3189 &selfsig, 1 );
3190
3191 if( valid ) {
3192 okay = cpr_get_answer_yes_no_quit(
3193 "keyedit.delsig.valid",
3194 _("Delete this good signature? (y/N/q)"));
3195
3196 /* Only update trust if we delete a good signature.
3197 The other two cases do not affect trust. */
3198 if(okay)
3199 update_trust=1;
3200 }
3201 else if( inv_sig || other_err )
3202 okay = cpr_get_answer_yes_no_quit(
3203 "keyedit.delsig.invalid",
3204 _("Delete this invalid signature? (y/N/q)"));
3205 else if( no_key )
3206 okay = cpr_get_answer_yes_no_quit(
3207 "keyedit.delsig.unknown",
3208 _("Delete this unknown signature? (y/N/q)"));
3209
3210 if( okay == -1 )
3211 break;
3212 if( okay && selfsig && !cpr_get_answer_is_yes(
3213 "keyedit.delsig.selfsig",
3214 _("Really delete this self-signature? (y/N)") ))
3215 okay = 0;
3216 if( okay ) {
3217 delete_kbnode( node );
3218 changed++;
3219 }
3220
3221 }
3222 else if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
3223 uid = NULL;
3224 }
3225
3226 if( changed ) {
3227 commit_kbnode( &pub_keyblock );
3228 tty_printf( changed == 1? _("Deleted %d signature.\n")
3229 : _("Deleted %d signatures.\n"), changed );
3230 }
3231 else
3232 tty_printf( _("Nothing deleted.\n") );
3233
3234 return changed;
3235 }
3236
3237 static int
3238 menu_clean(KBNODE keyblock,int self_only)
3239 {
3240 KBNODE uidnode;
3241 int modified=0,select_all=!count_selected_uids(keyblock);
3242
3243 for(uidnode=keyblock->next;
3244 uidnode && uidnode->pkt->pkttype!=PKT_PUBLIC_SUBKEY;
3245 uidnode=uidnode->next)
3246 {
3247 if(uidnode->pkt->pkttype==PKT_USER_ID
3248 && (uidnode->flag&NODFLG_SELUID || select_all))
3249 {
3250 int uids=0,sigs=0;
3251 char *user=utf8_to_native(uidnode->pkt->pkt.user_id->name,
3252 uidnode->pkt->pkt.user_id->len,
3253 0);
3254
3255 clean_one_uid(keyblock,uidnode,opt.verbose,self_only,&uids,&sigs);
3256 if(uids)
3257 {
3258 const char *reason;
3259
3260 if(uidnode->pkt->pkt.user_id->is_revoked)
3261 reason=_("revoked");
3262 else if(uidnode->pkt->pkt.user_id->is_expired)
3263 reason=_("expired");
3264 else
3265 reason=_("invalid");
3266
3267 tty_printf (_("User ID \"%s\" compacted: %s\n"), user, reason);
3268
3269 modified=1;
3270 }
3271 else if(sigs)
3272 {
3273 tty_printf(sigs==1?
3274 _("User ID \"%s\": %d signature removed\n") :
3275 _("User ID \"%s\": %d signatures removed\n"),
3276 user,sigs);
3277
3278 modified=1;
3279 }
3280 else
3281 {
3282 tty_printf (self_only==1?
3283 _("User ID \"%s\": already minimized\n") :
3284 _("User ID \"%s\": already clean\n"),
3285 user);
3286 }
3287
3288 xfree(user);
3289 }
3290 }
3291
3292 return modified;
3293 }
3294
3295 /****************
3296 * Remove some of the secondary keys
3297 */
3298 static void
3299 menu_delkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
3300 {
3301 KBNODE node;
3302 int selected=0;
3303
3304 for( node = pub_keyblock; node; node = node->next ) {
3305 if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
3306 selected = node->flag & NODFLG_SELKEY;
3307 if( selected ) {
3308 delete_kbnode( node );
3309 if( sec_keyblock ) {
3310 KBNODE snode;
3311 int s_selected = 0;
3312 u32 ki[2];
3313
3314 keyid_from_pk( node->pkt->pkt.public_key, ki );
3315 for( snode = sec_keyblock; snode; snode = snode->next ) {
3316 if( snode->pkt->pkttype == PKT_SECRET_SUBKEY ) {
3317 u32 ki2[2];
3318
3319 keyid_from_sk( snode->pkt->pkt.secret_key, ki2 );
3320 s_selected = (ki[0] == ki2[0] && ki[1] == ki2[1]);
3321 if( s_selected )
3322 delete_kbnode( snode );
3323 }
3324 else if( s_selected
3325 && snode->pkt->pkttype == PKT_SIGNATURE )
3326 delete_kbnode( snode );
3327 else
3328 s_selected = 0;
3329 }
3330 }
3331 }
3332 }
3333 else if( selected && node->pkt->pkttype == PKT_SIGNATURE )
3334 delete_kbnode( node );
3335 else
3336 selected = 0;
3337 }
3338 commit_kbnode( &pub_keyblock );
3339 if( sec_keyblock )
3340 commit_kbnode( &sec_keyblock );
3341
3342 /* No need to set update_trust here since signing keys are no
3343 longer used to certify other keys, so there is no change in
3344 trust when revoking/removing them */
3345 }
3346
3347
3348 /****************
3349 * Ask for a new revoker, do the selfsignature and put it into
3350 * both keyblocks.
3351 * Return true if there is a new revoker
3352 */
3353 static int
3354 menu_addrevoker( KBNODE pub_keyblock, KBNODE sec_keyblock, int sensitive )
3355 {
3356 PKT_public_key *pk=NULL,*revoker_pk=NULL;
3357 PKT_secret_key *sk=NULL;
3358 PKT_signature *sig=NULL;
3359 PACKET *pkt;
3360 struct revocation_key revkey;
3361 size_t fprlen;
3362 int rc;
3363
3364 assert(pub_keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
3365 assert(sec_keyblock->pkt->pkttype==PKT_SECRET_KEY);
3366
3367 pk=pub_keyblock->pkt->pkt.public_key;
3368
3369 if(pk->numrevkeys==0 && pk->version==3)
3370 {
3371 /* It is legal but bad for compatibility to add a revoker to a
3372 v3 key as it means that PGP2 will not be able to use that key
3373 anymore. Also, PGP may not expect a revoker on a v3 key.
3374 Don't bother to ask this if the key already has a revoker -
3375 any damage has already been done at that point. -dms */
3376 if(opt.expert)
3377 {
3378 tty_printf(_("WARNING: This is a PGP 2.x-style key. "
3379 "Adding a designated revoker may cause\n"
3380 " some versions of PGP to reject this key.\n"));
3381
3382 if(!cpr_get_answer_is_yes("keyedit.v3_revoker.okay",
3383 _("Are you sure you still want "
3384 "to add it? (y/N) ")))
3385 return 0;
3386 }
3387 else
3388 {
3389 tty_printf(_("You may not add a designated revoker to "
3390 "a PGP 2.x-style key.\n"));
3391 return 0;
3392 }
3393 }
3394
3395 sk=copy_secret_key(NULL,sec_keyblock->pkt->pkt.secret_key);
3396
3397 for(;;)
3398 {
3399 char *answer;
3400
3401 if(revoker_pk)
3402 free_public_key(revoker_pk);
3403
3404 revoker_pk=xmalloc_clear(sizeof(*revoker_pk));
3405
3406 tty_printf("\n");
3407
3408 answer=cpr_get_utf8("keyedit.add_revoker",
3409 _("Enter the user ID of the designated revoker: "));
3410 if(answer[0]=='\0' || answer[0]=='\004')
3411 {
3412 xfree(answer);
3413 goto fail;
3414 }
3415
3416 /* Note that I'm requesting CERT here, which usually implies
3417 primary keys only, but some casual testing shows that PGP and
3418 GnuPG both can handle a designated revokation from a
3419 subkey. */
3420 revoker_pk->req_usage=PUBKEY_USAGE_CERT;
3421 rc=get_pubkey_byname (NULL, revoker_pk,answer,NULL,NULL,1, 1);
3422 if(rc)
3423 {
3424 log_error (_("key \"%s\" not found: %s\n"),answer,g10_errstr(rc));
3425 xfree(answer);
3426 continue;
3427 }
3428
3429 xfree(answer);
3430
3431 fingerprint_from_pk(revoker_pk,revkey.fpr,&fprlen);
3432 if(fprlen!=20)
3433 {
3434 log_error(_("cannot appoint a PGP 2.x style key as a "
3435 "designated revoker\n"));
3436 continue;
3437 }
3438
3439 revkey.class=0x80;
3440 if(sensitive)
3441 revkey.class|=0x40;
3442 revkey.algid=revoker_pk->pubkey_algo;
3443
3444 if(cmp_public_keys(revoker_pk,pk)==0)
3445 {
3446 /* This actually causes no harm (after all, a key that
3447 designates itself as a revoker is the same as a
3448 regular key), but it's easy enough to check. */
3449 log_error(_("you cannot appoint a key as its own "
3450 "designated revoker\n"));
3451
3452 continue;
3453 }
3454
3455 keyid_from_pk(pk,NULL);
3456
3457 /* Does this revkey already exist? */
3458 if(!pk->revkey && pk->numrevkeys)
3459 BUG();
3460 else
3461 {
3462 int i;
3463
3464 for(i=0;i<pk->numrevkeys;i++)
3465 {
3466 if(memcmp(&pk->revkey[i],&revkey,
3467 sizeof(struct revocation_key))==0)
3468 {
3469 char buf[50];
3470
3471 log_error(_("this key has already been designated "
3472 "as a revoker\n"));
3473
3474 sprintf(buf,"%08lX%08lX",
3475 (ulong)pk->keyid[0],(ulong)pk->keyid[1]);
3476 write_status_text(STATUS_ALREADY_SIGNED,buf);
3477
3478 break;
3479 }
3480 }
3481
3482 if(i<pk->numrevkeys)
3483 continue;
3484 }
3485
3486 print_pubkey_info(NULL,revoker_pk);
3487 print_fingerprint(revoker_pk,NULL,2);
3488 tty_printf("\n");
3489
3490 tty_printf(_("WARNING: appointing a key as a designated revoker "
3491 "cannot be undone!\n"));
3492
3493 tty_printf("\n");
3494
3495 if(!cpr_get_answer_is_yes("keyedit.add_revoker.okay",
3496 _("Are you sure you want to appoint this "
3497 "key as a designated revoker? (y/N) ")))
3498 continue;
3499
3500 free_public_key(revoker_pk);
3501 revoker_pk=NULL;
3502 break;
3503 }
3504
3505 /* The 1F signature must be at least v4 to carry the revocation key
3506 subpacket. */
3507 rc = make_keysig_packet( &sig, pk, NULL, NULL, sk, 0x1F, 0, 4, 0, 0,
3508 keygen_add_revkey,&revkey );
3509 if( rc )
3510 {
3511 log_error("signing failed: %s\n", g10_errstr(rc) );
3512 goto fail;
3513 }
3514
3515 free_secret_key(sk);
3516 sk=NULL;
3517
3518 /* insert into secret keyblock */
3519 pkt = xmalloc_clear( sizeof *pkt );
3520 pkt->pkttype = PKT_SIGNATURE;
3521 pkt->pkt.signature = copy_signature(NULL, sig);
3522 insert_kbnode( sec_keyblock, new_kbnode(pkt), PKT_SIGNATURE );
3523
3524 /* insert into public keyblock */
3525 pkt = xmalloc_clear( sizeof *pkt );
3526 pkt->pkttype = PKT_SIGNATURE;
3527 pkt->pkt.signature = sig;
3528 insert_kbnode( pub_keyblock, new_kbnode(pkt), PKT_SIGNATURE );
3529
3530 return 1;
3531
3532 fail:
3533 if(sk)
3534 free_secret_key(sk);
3535 if(sig)
3536 free_seckey_enc(sig);
3537 if(revoker_pk)
3538 free_public_key(revoker_pk);
3539
3540 return 0;
3541 }
3542
3543
3544 static int
3545 menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock )
3546 {
3547 int n1, signumber, rc;
3548 u32 expiredate;
3549 int mainkey=0;
3550 PKT_secret_key *sk; /* copy of the main sk */
3551 PKT_public_key *main_pk, *sub_pk;
3552 PKT_user_id *uid;
3553 KBNODE node;
3554 u32 keyid[2];
3555
3556 if( count_selected_keys( sec_keyblock ) ) {
3557 tty_printf(_("Please remove selections from the secret keys.\n"));
3558 return 0;
3559 }
3560
3561 n1 = count_selected_keys( pub_keyblock );
3562 if( n1 > 1 ) {
3563 tty_printf(_("Please select at most one subkey.\n"));
3564 return 0;
3565 }
3566 else if( n1 )
3567 tty_printf(_("Changing expiration time for a subkey.\n"));
3568 else
3569 {
3570 tty_printf(_("Changing expiration time for the primary key.\n"));
3571 mainkey=1;
3572 no_primary_warning(pub_keyblock);
3573 }
3574
3575 expiredate = ask_expiredate();
3576 node = find_kbnode( sec_keyblock, PKT_SECRET_KEY );
3577 sk = copy_secret_key( NULL, node->pkt->pkt.secret_key);
3578
3579 /* Now we can actually change the self signature(s) */
3580 main_pk = sub_pk = NULL;
3581 uid = NULL;
3582 signumber = 0;
3583 for( node=pub_keyblock; node; node = node->next ) {
3584 if( node->pkt->pkttype == PKT_PUBLIC_KEY ) {
3585 main_pk = node->pkt->pkt.public_key;
3586 keyid_from_pk( main_pk, keyid );
3587 main_pk->expiredate = expiredate;
3588 }
3589 else if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY
3590 && (node->flag & NODFLG_SELKEY ) ) {
3591 sub_pk = node->pkt->pkt.public_key;
3592 sub_pk->expiredate = expiredate;
3593 }
3594 else if( node->pkt->pkttype == PKT_USER_ID )
3595 uid = node->pkt->pkt.user_id;
3596 else if( main_pk && node->pkt->pkttype == PKT_SIGNATURE
3597 && ( mainkey || sub_pk ) ) {
3598 PKT_signature *sig = node->pkt->pkt.signature;
3599 if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
3600 && ( (mainkey && uid
3601 && uid->created && (sig->sig_class&~3) == 0x10)
3602 || (!mainkey && sig->sig_class == 0x18) )
3603 && sig->flags.chosen_selfsig )
3604 {
3605 /* this is a selfsignature which is to be replaced */
3606 PKT_signature *newsig;
3607 PACKET *newpkt;
3608 KBNODE sn;
3609 int signumber2 = 0;
3610
3611 signumber++;
3612
3613 if( (mainkey && main_pk->version < 4)
3614 || (!mainkey && sub_pk->version < 4 ) ) {
3615 log_info(_(
3616 "You can't change the expiration date of a v3 key\n"));
3617 free_secret_key( sk );
3618 return 0;
3619 }
3620
3621 /* find the corresponding secret self-signature */
3622 for( sn=sec_keyblock; sn; sn = sn->next ) {
3623 if( sn->pkt->pkttype == PKT_SIGNATURE ) {
3624 PKT_signature *b = sn->pkt->pkt.signature;
3625 if( keyid[0] == b->keyid[0] && keyid[1] == b->keyid[1]
3626 && sig->sig_class == b->sig_class
3627 && ++signumber2 == signumber )
3628 break;
3629 }
3630 }
3631 if( !sn )
3632 log_info(_("No corresponding signature in secret ring\n"));
3633
3634 if( mainkey )
3635 rc = update_keysig_packet(&newsig, sig, main_pk, uid, NULL,
3636 sk, keygen_add_key_expire, main_pk);
3637 else
3638 rc = update_keysig_packet(&newsig, sig, main_pk, NULL, sub_pk,
3639 sk, keygen_add_key_expire, sub_pk );
3640 if( rc ) {
3641 log_error("make_keysig_packet failed: %s\n",
3642 g10_errstr(rc));
3643 free_secret_key( sk );
3644 return 0;
3645 }
3646 /* replace the packet */
3647 newpkt = xmalloc_clear( sizeof *newpkt );
3648 newpkt->pkttype = PKT_SIGNATURE;
3649 newpkt->pkt.signature = newsig;
3650 free_packet( node->pkt );
3651 xfree( node->pkt );
3652 node->pkt = newpkt;
3653 if( sn ) {
3654 newpkt = xmalloc_clear( sizeof *newpkt );
3655 newpkt->pkttype = PKT_SIGNATURE;
3656 newpkt->pkt.signature = copy_signature( NULL, newsig );
3657 free_packet( sn->pkt );
3658 xfree( sn->pkt );
3659 sn->pkt = newpkt;
3660 }
3661 sub_pk = NULL;
3662 }
3663 }
3664 }
3665
3666 free_secret_key( sk );
3667 update_trust=1;
3668 return 1;
3669 }
3670
3671 static int
3672 menu_backsign(KBNODE pub_keyblock,KBNODE sec_keyblock)
3673 {
3674 int rc,modified=0;
3675 PKT_public_key *main_pk;
3676 PKT_secret_key *main_sk,*sub_sk=NULL;
3677 KBNODE node;
3678 u32 timestamp;
3679
3680 assert(pub_keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
3681 assert(sec_keyblock->pkt->pkttype==PKT_SECRET_KEY);
3682
3683 merge_keys_and_selfsig(pub_keyblock);
3684 main_pk=pub_keyblock->pkt->pkt.public_key;
3685 main_sk=copy_secret_key(NULL,sec_keyblock->pkt->pkt.secret_key);
3686 keyid_from_pk(main_pk,NULL);
3687
3688 /* We use the same timestamp for all backsigs so that we don't
3689 reveal information about the used machine. */
3690 timestamp = make_timestamp ();
3691
3692 for(node=pub_keyblock;node;node=node->next)
3693 {
3694 PKT_public_key *sub_pk=NULL;
3695 KBNODE node2,sig_pk=NULL,sig_sk=NULL;
3696 char *passphrase;
3697
3698 if(sub_sk)
3699 {
3700 free_secret_key(sub_sk);
3701 sub_sk=NULL;
3702 }
3703
3704 /* Find a signing subkey with no backsig */
3705 if(node->pkt->pkttype==PKT_PUBLIC_SUBKEY)
3706 {
3707 if(node->pkt->pkt.public_key->pubkey_usage&PUBKEY_USAGE_SIG)
3708 {
3709 if(node->pkt->pkt.public_key->backsig)
3710 tty_printf(_("signing subkey %s is already cross-certified\n"),
3711 keystr_from_pk(node->pkt->pkt.public_key));
3712 else
3713 sub_pk=node->pkt->pkt.public_key;
3714 }
3715 else
3716 tty_printf(_("subkey %s does not sign and so does"
3717 " not need to be cross-certified\n"),
3718 keystr_from_pk(node->pkt->pkt.public_key));
3719 }
3720
3721 if(!sub_pk)
3722 continue;
3723
3724 /* Find the selected selfsig on this subkey */
3725 for(node2=node->next;
3726 node2 && node2->pkt->pkttype==PKT_SIGNATURE;
3727 node2=node2->next)
3728 if(node2->pkt->pkt.signature->version>=4
3729 && node2->pkt->pkt.signature->flags.chosen_selfsig)
3730 {
3731 sig_pk=node2;
3732 break;
3733 }
3734
3735 if(!sig_pk)
3736 continue;
3737
3738 /* Find the secret subkey that matches the public subkey */
3739 for(node2=sec_keyblock;node2;node2=node2->next)
3740 if(node2->pkt->pkttype==PKT_SECRET_SUBKEY
3741 && !cmp_public_secret_key(sub_pk,node2->pkt->pkt.secret_key))
3742 {
3743 sub_sk=copy_secret_key(NULL,node2->pkt->pkt.secret_key);
3744 break;
3745 }
3746
3747 if(!sub_sk)
3748 {
3749 tty_printf(_("no secret subkey for public subkey %s - ignoring\n"),
3750 keystr_from_pk(sub_pk));
3751 continue;
3752 }
3753
3754 /* Now finally find the matching selfsig on the secret subkey.
3755 We can't use chosen_selfsig here (it's not set for secret
3756 keys), so we just pick the selfsig with the right class.
3757 This is what menu_expire does as well. */
3758 for(node2=node2->next;
3759 node2 && node2->pkt->pkttype!=PKT_SECRET_SUBKEY;
3760 node2=node2->next)
3761 if(node2->pkt->pkttype==PKT_SIGNATURE
3762 && node2->pkt->pkt.signature->version>=4
3763 && node2->pkt->pkt.signature->keyid[0]==sig_pk->pkt->pkt.signature->keyid[0]
3764 && node2->pkt->pkt.signature->keyid[1]==sig_pk->pkt->pkt.signature->keyid[1]
3765 && node2->pkt->pkt.signature->sig_class==sig_pk->pkt->pkt.signature->sig_class)
3766 {
3767 sig_sk=node2;
3768 break;
3769 }
3770
3771 /* Now we can get to work. We have a main key and secret part,
3772 a signing subkey with signature and secret part possibly with
3773 signature. */
3774
3775 passphrase=get_last_passphrase();
3776 set_next_passphrase(passphrase);
3777 xfree(passphrase);
3778
3779 rc = make_backsig (sig_pk->pkt->pkt.signature, main_pk, sub_pk, sub_sk,
3780 timestamp);
3781 if(rc==0)
3782 {
3783 PKT_signature *newsig;
3784 PACKET *newpkt;
3785
3786 passphrase=get_last_passphrase();
3787 set_next_passphrase(passphrase);
3788 xfree(passphrase);
3789
3790 rc=update_keysig_packet(&newsig,sig_pk->pkt->pkt.signature,main_pk,
3791 NULL,sub_pk,main_sk,NULL,NULL);
3792 if(rc==0)
3793 {
3794 /* Put the new sig into place on the pubkey */
3795 newpkt=xmalloc_clear(sizeof(*newpkt));
3796 newpkt->pkttype=PKT_SIGNATURE;
3797 newpkt->pkt.signature=newsig;
3798 free_packet(sig_pk->pkt);
3799 xfree(sig_pk->pkt);
3800 sig_pk->pkt=newpkt;
3801
3802 if(sig_sk)
3803 {
3804 /* Put the new sig into place on the seckey */
3805 newpkt=xmalloc_clear(sizeof(*newpkt));
3806 newpkt->pkttype=PKT_SIGNATURE;
3807 newpkt->pkt.signature=copy_signature(NULL,newsig);
3808 free_packet(sig_sk->pkt);
3809 xfree(sig_sk->pkt);
3810 sig_sk->pkt=newpkt;
3811 }
3812
3813 modified=1;
3814 }
3815 else
3816 {
3817 log_error("update_keysig_packet failed: %s\n",g10_errstr(rc));
3818 break;
3819 }
3820 }
3821 else
3822 {
3823 log_error("make_backsig failed: %s\n",g10_errstr(rc));
3824 break;
3825 }
3826 }
3827
3828 set_next_passphrase(NULL);
3829
3830 free_secret_key(main_sk);
3831 if(sub_sk)
3832 free_secret_key(sub_sk);
3833
3834 return modified;
3835 }
3836
3837
3838 static int
3839 change_primary_uid_cb ( PKT_signature *sig, void *opaque )
3840 {
3841 byte buf[1];
3842
3843 /* first clear all primary uid flags so that we are sure none are
3844 * lingering around */
3845 delete_sig_subpkt (sig->hashed, SIGSUBPKT_PRIMARY_UID);
3846 delete_sig_subpkt (sig->unhashed, SIGSUBPKT_PRIMARY_UID);
3847
3848 /* if opaque is set,we want to set the primary id */
3849 if (opaque) {
3850 buf[0] = 1;
3851 build_sig_subpkt (sig, SIGSUBPKT_PRIMARY_UID, buf, 1 );
3852 }
3853
3854 return 0;
3855 }
3856
3857
3858 /*
3859 * Set the primary uid flag for the selected UID. We will also reset
3860 * all other primary uid flags. For this to work with have to update
3861 * all the signature timestamps. If we would do this with the current
3862 * time, we lose quite a lot of information, so we use a a kludge to
3863 * do this: Just increment the timestamp by one second which is
3864 * sufficient to updated a signature during import.
3865 */
3866 static int
3867 menu_set_primary_uid ( KBNODE pub_keyblock, KBNODE sec_keyblock )
3868 {
3869 PKT_secret_key *sk; /* copy of the main sk */
3870 PKT_public_key *main_pk;
3871 PKT_user_id *uid;
3872 KBNODE node;
3873 u32 keyid[2];
3874 int selected;
3875 int attribute = 0;
3876 int modified = 0;
3877
3878 if ( count_selected_uids (pub_keyblock) != 1 ) {
3879 tty_printf(_("Please select exactly one user ID.\n"));
3880 return 0;
3881 }
3882
3883 node = find_kbnode( sec_keyblock, PKT_SECRET_KEY );
3884 sk = copy_secret_key( NULL, node->pkt->pkt.secret_key);
3885
3886 /* Now we can actually change the self signature(s) */
3887 main_pk = NULL;
3888 uid = NULL;
3889 selected = 0;
3890
3891 /* Is our selected uid an attribute packet? */
3892 for ( node=pub_keyblock; node; node = node->next )
3893 if (node->pkt->pkttype == PKT_USER_ID && node->flag & NODFLG_SELUID)
3894 attribute = (node->pkt->pkt.user_id->attrib_data!=NULL);
3895
3896 for ( node=pub_keyblock; node; node = node->next ) {
3897 if ( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
3898 break; /* ready */
3899
3900 if ( node->pkt->pkttype == PKT_PUBLIC_KEY ) {
3901 main_pk = node->pkt->pkt.public_key;
3902 keyid_from_pk( main_pk, keyid );
3903 }
3904 else if ( node->pkt->pkttype == PKT_USER_ID ) {
3905 uid = node->pkt->pkt.user_id;
3906 selected = node->flag & NODFLG_SELUID;
3907 }
3908 else if ( main_pk && uid && node->pkt->pkttype == PKT_SIGNATURE ) {
3909 PKT_signature *sig = node->pkt->pkt.signature;
3910 if ( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
3911 && (uid && (sig->sig_class&~3) == 0x10)
3912 && attribute == (uid->attrib_data!=NULL)
3913 && sig->flags.chosen_selfsig )
3914 {
3915 if(sig->version < 4) {
3916 char *user=utf8_to_native(uid->name,strlen(uid->name),0);
3917
3918 log_info(_("skipping v3 self-signature on user ID \"%s\"\n"),
3919 user);
3920 xfree(user);
3921 }
3922 else {
3923 /* This is a selfsignature which is to be replaced.
3924 We can just ignore v3 signatures because they are
3925 not able to carry the primary ID flag. We also
3926 ignore self-sigs on user IDs that are not of the
3927 same type that we are making primary. That is, if
3928 we are making a user ID primary, we alter user IDs.
3929 If we are making an attribute packet primary, we
3930 alter attribute packets. */
3931
3932 /* FIXME: We must make sure that we only have one
3933 self-signature per user ID here (not counting
3934 revocations) */
3935 PKT_signature *newsig;
3936 PACKET *newpkt;
3937 const byte *p;
3938 int action;
3939
3940 /* see whether this signature has the primary UID flag */
3941 p = parse_sig_subpkt (sig->hashed,
3942 SIGSUBPKT_PRIMARY_UID, NULL );
3943 if ( !p )
3944 p = parse_sig_subpkt (sig->unhashed,
3945 SIGSUBPKT_PRIMARY_UID, NULL );
3946 if ( p && *p ) /* yes */
3947 action = selected? 0 : -1;
3948 else /* no */
3949 action = selected? 1 : 0;
3950
3951 if (action) {
3952 int rc = update_keysig_packet (&newsig, sig,
3953 main_pk, uid, NULL,
3954 sk,
3955 change_primary_uid_cb,
3956 action > 0? "x":NULL );
3957 if( rc ) {
3958 log_error ("update_keysig_packet failed: %s\n",
3959 g10_errstr(rc));
3960 free_secret_key( sk );
3961 return 0;
3962 }
3963 /* replace the packet */
3964 newpkt = xmalloc_clear( sizeof *newpkt );
3965 newpkt->pkttype = PKT_SIGNATURE;
3966 newpkt->pkt.signature = newsig;
3967 free_packet( node->pkt );
3968 xfree( node->pkt );
3969 node->pkt = newpkt;
3970 modified = 1;
3971 }
3972 }
3973 }
3974 }
3975 }
3976
3977 free_secret_key( sk );
3978 return modified;
3979 }
3980
3981
3982 /*
3983 * Set preferences to new values for the selected user IDs
3984 */
3985 static int
3986 menu_set_preferences (KBNODE pub_keyblock, KBNODE sec_keyblock )
3987 {
3988 PKT_secret_key *sk; /* copy of the main sk */
3989 PKT_public_key *main_pk;
3990 PKT_user_id *uid;
3991 KBNODE node;
3992 u32 keyid[2];
3993 int selected, select_all;
3994 int modified = 0;
3995
3996 no_primary_warning(pub_keyblock);
3997
3998 select_all = !count_selected_uids (pub_keyblock);
3999
4000 node = find_kbnode( sec_keyblock, PKT_SECRET_KEY );
4001 sk = copy_secret_key( NULL, node->pkt->pkt.secret_key);
4002
4003 /* Now we can actually change the self signature(s) */
4004 main_pk = NULL;
4005 uid = NULL;
4006 selected = 0;
4007 for ( node=pub_keyblock; node; node = node->next ) {
4008 if ( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
4009 break; /* ready */
4010
4011 if ( node->pkt->pkttype == PKT_PUBLIC_KEY ) {
4012 main_pk = node->pkt->pkt.public_key;
4013 keyid_from_pk( main_pk, keyid );
4014 }
4015 else if ( node->pkt->pkttype == PKT_USER_ID ) {
4016 uid = node->pkt->pkt.user_id;
4017 selected = select_all || (node->flag & NODFLG_SELUID);
4018 }
4019 else if ( main_pk && uid && selected
4020 && node->pkt->pkttype == PKT_SIGNATURE ) {
4021 PKT_signature *sig = node->pkt->pkt.signature;
4022 if ( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
4023 && (uid && (sig->sig_class&~3) == 0x10)
4024 && sig->flags.chosen_selfsig ) {
4025 if( sig->version < 4 ) {
4026 char *user=utf8_to_native(uid->name,strlen(uid->name),0);
4027
4028 log_info(_("skipping v3 self-signature on user ID \"%s\"\n"),
4029 user);
4030 xfree(user);
4031 }
4032 else {
4033 /* This is a selfsignature which is to be replaced
4034 * We have to ignore v3 signatures because they are
4035 * not able to carry the preferences */
4036 PKT_signature *newsig;
4037 PACKET *newpkt;
4038 int rc;
4039
4040 rc = update_keysig_packet (&newsig, sig,
4041 main_pk, uid, NULL,
4042 sk,
4043 keygen_upd_std_prefs,
4044 NULL );
4045 if( rc ) {
4046 log_error ("update_keysig_packet failed: %s\n",
4047 g10_errstr(rc));
4048 free_secret_key( sk );
4049 return 0;
4050 }
4051 /* replace the packet */
4052 newpkt = xmalloc_clear( sizeof *newpkt );
4053 newpkt->pkttype = PKT_SIGNATURE;
4054 newpkt->pkt.signature = newsig;
4055 free_packet( node->pkt );
4056 xfree( node->pkt );
4057 node->pkt = newpkt;
4058 modified = 1;
4059 }
4060 }
4061 }
4062 }
4063
4064 free_secret_key( sk );
4065 return modified;
4066 }
4067
4068
4069 static int
4070 menu_set_keyserver_url (const char *url,
4071 KBNODE pub_keyblock, KBNODE sec_keyblock )
4072 {
4073 PKT_secret_key *sk; /* copy of the main sk */
4074 PKT_public_key *main_pk;
4075 PKT_user_id *uid;
4076 KBNODE node;
4077 u32 keyid[2];
4078 int selected, select_all;
4079 int modified = 0;
4080 char *answer,*uri;
4081
4082 no_primary_warning(pub_keyblock);
4083
4084 if(url)
4085 answer=xstrdup(url);
4086 else
4087 {
4088 answer=cpr_get_utf8("keyedit.add_keyserver",
4089 _("Enter your preferred keyserver URL: "));
4090 if(answer[0]=='\0' || answer[0]=='\004')
4091 {
4092 xfree(answer);
4093 return 0;
4094 }
4095 }
4096
4097 if(ascii_strcasecmp(answer,"none")==0)
4098 uri=NULL;
4099 else
4100 {
4101 struct keyserver_spec *keyserver=NULL;
4102 /* Sanity check the format */
4103 keyserver=parse_keyserver_uri(answer,1,NULL,0);
4104 xfree(answer);
4105 if(!keyserver)
4106 {
4107 log_info(_("could not parse keyserver URL\n"));
4108 return 0;
4109 }
4110 uri=xstrdup(keyserver->uri);
4111 free_keyserver_spec(keyserver);
4112 }
4113
4114 select_all = !count_selected_uids (pub_keyblock);
4115
4116 node = find_kbnode( sec_keyblock, PKT_SECRET_KEY );
4117 sk = copy_secret_key( NULL, node->pkt->pkt.secret_key);
4118
4119 /* Now we can actually change the self signature(s) */
4120 main_pk = NULL;
4121 uid = NULL;
4122 selected = 0;
4123 for ( node=pub_keyblock; node; node = node->next )
4124 {
4125 if ( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
4126 break; /* ready */
4127
4128 if ( node->pkt->pkttype == PKT_PUBLIC_KEY )
4129 {
4130 main_pk = node->pkt->pkt.public_key;
4131 keyid_from_pk( main_pk, keyid );
4132 }
4133 else if ( node->pkt->pkttype == PKT_USER_ID )
4134 {
4135 uid = node->pkt->pkt.user_id;
4136 selected = select_all || (node->flag & NODFLG_SELUID);
4137 }
4138 else if ( main_pk && uid && selected
4139 && node->pkt->pkttype == PKT_SIGNATURE )
4140 {
4141 PKT_signature *sig = node->pkt->pkt.signature;
4142 if ( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
4143 && (uid && (sig->sig_class&~3) == 0x10)
4144 && sig->flags.chosen_selfsig)
4145 {
4146 char *user=utf8_to_native(uid->name,strlen(uid->name),0);
4147 if( sig->version < 4 )
4148 log_info(_("skipping v3 self-signature on user ID \"%s\"\n"),
4149 user);
4150 else
4151 {
4152 /* This is a selfsignature which is to be replaced
4153 * We have to ignore v3 signatures because they are
4154 * not able to carry the subpacket. */
4155 PKT_signature *newsig;
4156 PACKET *newpkt;
4157 int rc;
4158 const byte *p;
4159 size_t plen;
4160
4161 p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_PREF_KS,&plen);
4162 if(p && plen)
4163 {
4164 tty_printf("Current preferred keyserver for user"
4165 " ID \"%s\": ",user);
4166 tty_print_utf8_string(p,plen);
4167 tty_printf("\n");
4168 if(!cpr_get_answer_is_yes("keyedit.confirm_keyserver",
4169 uri?_("Are you sure you want to replace it? (y/N) "):
4170 _("Are you sure you want to delete it? (y/N) ")))
4171 continue;
4172 }
4173 else if(uri==NULL)
4174 {
4175 /* There is no current keyserver URL, so there
4176 is no point in trying to un-set it. */
4177 continue;
4178 }
4179
4180 rc = update_keysig_packet (&newsig, sig,
4181 main_pk, uid, NULL,
4182 sk,
4183 keygen_add_keyserver_url, uri );
4184 if( rc )
4185 {
4186 log_error ("update_keysig_packet failed: %s\n",
4187 g10_errstr(rc));
4188 free_secret_key( sk );
4189 xfree(uri);
4190 return 0;
4191 }
4192 /* replace the packet */
4193 newpkt = xmalloc_clear( sizeof *newpkt );
4194 newpkt->pkttype = PKT_SIGNATURE;
4195 newpkt->pkt.signature = newsig;
4196 free_packet( node->pkt );
4197 xfree( node->pkt );
4198 node->pkt = newpkt;
4199 modified = 1;
4200 }
4201
4202 xfree(user);
4203 }
4204 }
4205 }
4206
4207 xfree(uri);
4208 free_secret_key( sk );
4209 return modified;
4210 }
4211
4212 static int
4213 menu_set_notation(const char *string,KBNODE pub_keyblock,KBNODE sec_keyblock)
4214 {
4215 PKT_secret_key *sk; /* copy of the main sk */
4216 PKT_public_key *main_pk;
4217 PKT_user_id *uid;
4218 KBNODE node;
4219 u32 keyid[2];
4220 int selected, select_all;
4221 int modified = 0;
4222 char *answer;
4223 struct notation *notation;
4224
4225 no_primary_warning(pub_keyblock);
4226
4227 if(string)
4228 answer=xstrdup(string);
4229 else
4230 {
4231 answer=cpr_get_utf8("keyedit.add_notation",
4232 _("Enter the notation: "));
4233 if(answer[0]=='\0' || answer[0]=='\004')
4234 {
4235 xfree(answer);
4236 return 0;
4237 }
4238 }
4239
4240 if(ascii_strcasecmp(answer,"none")==0
4241 || ascii_strcasecmp(answer,"-")==0)
4242 notation=NULL; /* delete them all */
4243 else
4244 {
4245 notation=string_to_notation(answer,0);
4246 if(!notation)
4247 {
4248 xfree(answer);
4249 return 0;
4250 }
4251 }
4252
4253 xfree(answer);
4254
4255 select_all = !count_selected_uids (pub_keyblock);
4256
4257 node = find_kbnode( sec_keyblock, PKT_SECRET_KEY );
4258 sk = copy_secret_key( NULL, node->pkt->pkt.secret_key);
4259
4260 /* Now we can actually change the self signature(s) */
4261 main_pk = NULL;
4262 uid = NULL;
4263 selected = 0;
4264 for ( node=pub_keyblock; node; node = node->next )
4265 {
4266 if ( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
4267 break; /* ready */
4268
4269 if ( node->pkt->pkttype == PKT_PUBLIC_KEY )
4270 {
4271 main_pk = node->pkt->pkt.public_key;
4272 keyid_from_pk( main_pk, keyid );
4273 }
4274 else if ( node->pkt->pkttype == PKT_USER_ID )
4275 {
4276 uid = node->pkt->pkt.user_id;
4277 selected = select_all || (node->flag & NODFLG_SELUID);
4278 }
4279 else if ( main_pk && uid && selected
4280 && node->pkt->pkttype == PKT_SIGNATURE )
4281 {
4282 PKT_signature *sig = node->pkt->pkt.signature;
4283 if ( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
4284 && (uid && (sig->sig_class&~3) == 0x10)
4285 && sig->flags.chosen_selfsig)
4286 {
4287 char *user=utf8_to_native(uid->name,strlen(uid->name),0);
4288 if( sig->version < 4 )
4289 log_info(_("skipping v3 self-signature on user ID \"%s\"\n"),
4290 user);
4291 else
4292 {
4293 PKT_signature *newsig;
4294 PACKET *newpkt;
4295 int rc,skip=0,addonly=1;
4296
4297 if(sig->flags.notation)
4298 {
4299 tty_printf("Current notations for user ID \"%s\":\n",
4300 user);
4301 tty_print_notations(-9,sig);
4302 }
4303 else
4304 {
4305 tty_printf("No notations on user ID \"%s\"\n",user);
4306 if(notation==NULL)
4307 {
4308 /* There are no current notations, so there
4309 is no point in trying to un-set them. */
4310 continue;
4311 }
4312 }
4313
4314 if(notation)
4315 {
4316 struct notation *n;
4317 int deleting=0;
4318
4319 notation->next=sig_to_notation(sig);
4320
4321 for(n=notation->next;n;n=n->next)
4322 if(strcmp(n->name,notation->name)==0)
4323 {
4324 if(notation->value)
4325 {
4326 if(strcmp(n->value,notation->value)==0)
4327 {
4328 if(notation->flags.ignore)
4329 {
4330 /* Value match with a delete
4331 flag. */
4332 n->flags.ignore=1;
4333 deleting=1;
4334 }
4335 else
4336 {
4337 /* Adding the same notation
4338 twice, so don't add it at
4339 all. */
4340 skip=1;
4341 tty_printf("Skipping notation:"
4342 " %s=%s\n",
4343 notation->name,
4344 notation->value);
4345 break;
4346 }
4347 }
4348 }
4349 else
4350 {
4351 /* No value, so it means delete. */
4352 n->flags.ignore=1;
4353 deleting=1;
4354 }
4355
4356 if(n->flags.ignore)
4357 {
4358 tty_printf("Removing notation: %s=%s\n",
4359 n->name,n->value);
4360 addonly=0;
4361 }
4362 }
4363
4364 if(!notation->flags.ignore && !skip)
4365 tty_printf("Adding notation: %s=%s\n",
4366 notation->name,notation->value);
4367
4368 /* We tried to delete, but had no matches */
4369 if(notation->flags.ignore && !deleting)
4370 continue;
4371 }
4372 else
4373 {
4374 tty_printf("Removing all notations\n");
4375 addonly=0;
4376 }
4377
4378 if(skip
4379 || (!addonly
4380 && !cpr_get_answer_is_yes("keyedit.confirm_notation",
4381 _("Proceed? (y/N) "))))
4382 continue;
4383
4384 rc = update_keysig_packet (&newsig, sig,
4385 main_pk, uid, NULL,
4386 sk,
4387 keygen_add_notations, notation );
4388 if( rc )
4389 {
4390 log_error ("update_keysig_packet failed: %s\n",
4391 g10_errstr(rc));
4392 free_secret_key( sk );
4393 free_notation(notation);
4394 xfree(user);
4395 return 0;
4396 }
4397
4398 /* replace the packet */
4399 newpkt = xmalloc_clear( sizeof *newpkt );
4400 newpkt->pkttype = PKT_SIGNATURE;
4401 newpkt->pkt.signature = newsig;
4402 free_packet( node->pkt );
4403 xfree( node->pkt );
4404 node->pkt = newpkt;
4405 modified = 1;
4406
4407 if(notation)
4408 {
4409 /* Snip off the notation list from the sig */
4410 free_notation(notation->next);
4411 notation->next=NULL;
4412 }
4413
4414 xfree(user);
4415 }
4416 }
4417 }
4418 }
4419
4420 free_notation(notation);
4421 free_secret_key( sk );
4422 return modified;
4423 }
4424
4425
4426 /****************
4427 * Select one user id or remove all selection if index is 0.
4428 * Returns: True if the selection changed;
4429 */
4430 static int
4431 menu_select_uid( KBNODE keyblock, int idx )
4432 {
4433 KBNODE node;
4434 int i;
4435
4436 /* first check that the index is valid */
4437 if( idx ) {
4438 for( i=0, node = keyblock; node; node = node->next ) {
4439 if( node->pkt->pkttype == PKT_USER_ID ) {
4440 if( ++i == idx )
4441 break;
4442 }
4443 }
4444 if( !node ) {
4445 tty_printf(_("No user ID with index %d\n"), idx );
4446 return 0;
4447 }
4448 }
4449 else { /* reset all */
4450 for( i=0, node = keyblock; node; node = node->next ) {
4451 if( node->pkt->pkttype == PKT_USER_ID )
4452 node->flag &= ~NODFLG_SELUID;
4453 }
4454 return 1;
4455 }
4456 /* and toggle the new index */
4457 for( i=0, node = keyblock; node; node = node->next ) {
4458 if( node->pkt->pkttype == PKT_USER_ID ) {
4459 if( ++i == idx ) {
4460 if( (node->flag & NODFLG_SELUID) )
4461 node->flag &= ~NODFLG_SELUID;
4462 else
4463 node->flag |= NODFLG_SELUID;
4464 }
4465 }
4466 }
4467
4468 return 1;
4469 }
4470
4471 /* Search in the keyblock for a uid that matches namehash */
4472 static int
4473 menu_select_uid_namehash( KBNODE keyblock, const char *namehash )
4474 {
4475 byte hash[NAMEHASH_LEN];
4476 KBNODE node;
4477 int i;
4478
4479 assert(strlen(namehash)==NAMEHASH_LEN*2);
4480
4481 for(i=0;i<NAMEHASH_LEN;i++)
4482 hash[i]=hextobyte(&namehash[i*2]);
4483
4484 for(node=keyblock->next;node;node=node->next)
4485 {
4486 if(node->pkt->pkttype==PKT_USER_ID)
4487 {
4488 namehash_from_uid(node->pkt->pkt.user_id);
4489 if(memcmp(node->pkt->pkt.user_id->namehash,hash,NAMEHASH_LEN)==0)
4490 {
4491 if(node->flag&NODFLG_SELUID)
4492 node->flag &= ~NODFLG_SELUID;
4493 else
4494 node->flag |= NODFLG_SELUID;
4495
4496 break;
4497 }
4498 }
4499 }
4500
4501 if(!node)
4502 {
4503 tty_printf(_("No user ID with hash %s\n"),namehash);
4504 return 0;
4505 }
4506
4507 return 1;
4508 }
4509
4510 /****************
4511 * Select secondary keys
4512 * Returns: True if the selection changed;
4513 */
4514 static int
4515 menu_select_key( KBNODE keyblock, int idx )
4516 {
4517 KBNODE node;
4518 int i;
4519
4520 /* first check that the index is valid */
4521 if( idx ) {
4522 for( i=0, node = keyblock; node; node = node->next ) {
4523 if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY
4524 || node->pkt->pkttype == PKT_SECRET_SUBKEY ) {
4525 if( ++i == idx )
4526 break;
4527 }
4528 }
4529 if( !node ) {
4530 tty_printf(_("No subkey with index %d\n"), idx );
4531 return 0;
4532 }
4533 }
4534 else { /* reset all */
4535 for( i=0, node = keyblock; node; node = node->next ) {
4536 if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY
4537 || node->pkt->pkttype == PKT_SECRET_SUBKEY )
4538 node->flag &= ~NODFLG_SELKEY;
4539 }
4540 return 1;
4541 }
4542 /* and set the new index */
4543 for( i=0, node = keyblock; node; node = node->next ) {
4544 if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY
4545 || node->pkt->pkttype == PKT_SECRET_SUBKEY ) {
4546 if( ++i == idx ) {
4547 if( (node->flag & NODFLG_SELKEY) )
4548 node->flag &= ~NODFLG_SELKEY;
4549 else
4550 node->flag |= NODFLG_SELKEY;
4551 }
4552 }
4553 }
4554
4555 return 1;
4556 }
4557
4558
4559 static int
4560 count_uids_with_flag( KBNODE keyblock, unsigned flag )
4561 {
4562 KBNODE node;
4563 int i=0;
4564
4565 for( node = keyblock; node; node = node->next )
4566 if( node->pkt->pkttype == PKT_USER_ID && (node->flag & flag) )
4567 i++;
4568 return i;
4569 }
4570
4571 static int
4572 count_keys_with_flag( KBNODE keyblock, unsigned flag )
4573 {
4574 KBNODE node;
4575 int i=0;
4576
4577 for( node = keyblock; node; node = node->next )
4578 if( ( node->pkt->pkttype == PKT_PUBLIC_SUBKEY
4579 || node->pkt->pkttype == PKT_SECRET_SUBKEY)
4580 && (node->flag & flag) )
4581 i++;
4582 return i;
4583 }
4584
4585 static int
4586 count_uids( KBNODE keyblock )
4587 {
4588 KBNODE node;
4589 int i=0;
4590
4591 for( node = keyblock; node; node = node->next )
4592 if( node->pkt->pkttype == PKT_USER_ID )
4593 i++;
4594 return i;
4595 }
4596
4597
4598 /****************
4599 * Returns true if there is at least one selected user id
4600 */
4601 static int
4602 count_selected_uids( KBNODE keyblock )
4603 {
4604 return count_uids_with_flag( keyblock, NODFLG_SELUID);
4605 }
4606
4607 static int
4608 count_selected_keys( KBNODE keyblock )
4609 {
4610 return count_keys_with_flag( keyblock, NODFLG_SELKEY);
4611 }
4612
4613 /* returns how many real (i.e. not attribute) uids are unmarked */
4614 static int
4615 real_uids_left( KBNODE keyblock )
4616 {
4617 KBNODE node;
4618 int real=0;
4619
4620 for(node=keyblock;node;node=node->next)
4621 if(node->pkt->pkttype==PKT_USER_ID && !(node->flag&NODFLG_SELUID) &&
4622 !node->pkt->pkt.user_id->attrib_data)
4623 real++;
4624
4625 return real;
4626 }
4627
4628 /*
4629 * Ask whether the signature should be revoked. If the user commits this,
4630 * flag bit MARK_A is set on the signature and the user ID.
4631 */
4632 static void
4633 ask_revoke_sig( KBNODE keyblock, KBNODE node )
4634 {
4635 int doit=0;
4636 PKT_user_id *uid;
4637 PKT_signature *sig = node->pkt->pkt.signature;
4638 KBNODE unode = find_prev_kbnode( keyblock, node, PKT_USER_ID );
4639
4640 if( !unode ) {
4641 log_error("Oops: no user ID for signature\n");
4642 return;
4643 }
4644
4645 uid=unode->pkt->pkt.user_id;
4646
4647 if(opt.with_colons)
4648 {
4649 if(uid->attrib_data)
4650 printf("uat:::::::::%u %lu",uid->numattribs,uid->attrib_len);
4651 else
4652 {
4653 printf("uid:::::::::");
4654 print_string (stdout, uid->name, uid->len, ':');
4655 }
4656
4657 printf("\n");
4658
4659 print_and_check_one_sig_colon(keyblock,node,NULL,NULL,NULL,NULL,1);
4660 }
4661 else
4662 {
4663 char *p=utf8_to_native(unode->pkt->pkt.user_id->name,
4664 unode->pkt->pkt.user_id->len,0);
4665 tty_printf(_("user ID: \"%s\"\n"),p);
4666 xfree(p);
4667
4668 tty_printf(_("signed by your key %s on %s%s%s\n"),
4669 keystr(sig->keyid),datestr_from_sig(sig),
4670 sig->flags.exportable?"":_(" (non-exportable)"),"");
4671 }
4672 if(sig->flags.expired)
4673 {
4674 tty_printf(_("This signature expired on %s.\n"),
4675 expirestr_from_sig(sig));
4676 /* Use a different question so we can have different help text */
4677 doit=cpr_get_answer_is_yes("ask_revoke_sig.expired",
4678 _("Are you sure you still want to revoke it? (y/N) "));
4679 }
4680 else
4681 doit=cpr_get_answer_is_yes("ask_revoke_sig.one",
4682 _("Create a revocation certificate for this signature? (y/N) "));
4683
4684 if(doit) {
4685 node->flag |= NODFLG_MARK_A;
4686 unode->flag |= NODFLG_MARK_A;
4687 }
4688 }
4689
4690 /****************
4691 * Display all user ids of the current public key together with signatures
4692 * done by one of our keys. Then walk over all this sigs and ask the user
4693 * whether he wants to revoke this signature.
4694 * Return: True when the keyblock has changed.
4695 */
4696 static int
4697 menu_revsig( KBNODE keyblock )
4698 {
4699 PKT_signature *sig;
4700 PKT_public_key *primary_pk;
4701 KBNODE node;
4702 int changed = 0;
4703 int rc, any, skip=1, all=!count_selected_uids(keyblock);
4704 struct revocation_reason_info *reason = NULL;
4705
4706 assert(keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
4707
4708 /* FIXME: detect duplicates here */
4709 tty_printf(_("You have signed these user IDs on key %s:\n"),
4710 keystr_from_pk(keyblock->pkt->pkt.public_key));
4711 for( node = keyblock; node; node = node->next ) {
4712 node->flag &= ~(NODFLG_SELSIG | NODFLG_MARK_A);
4713 if( node->pkt->pkttype == PKT_USER_ID ) {
4714 if( node->flag&NODFLG_SELUID || all ) {
4715 PKT_user_id *uid = node->pkt->pkt.user_id;
4716 /* Hmmm: Should we show only UIDs with a signature? */
4717 tty_printf(" ");
4718 tty_print_utf8_string( uid->name, uid->len );
4719 tty_printf("\n");
4720 skip=0;
4721 }
4722 else
4723 skip=1;
4724 }
4725 else if( !skip && node->pkt->pkttype == PKT_SIGNATURE
4726 && ((sig = node->pkt->pkt.signature),
4727 !seckey_available(sig->keyid) ) )
4728 {
4729 if( (sig->sig_class&~3) == 0x10 )
4730 {
4731 tty_printf(" ");
4732 tty_printf(_("signed by your key %s on %s%s%s\n"),
4733 keystr(sig->keyid), datestr_from_sig(sig),
4734 sig->flags.exportable?"":_(" (non-exportable)"),
4735 sig->flags.revocable?"":_(" (non-revocable)"));
4736 if(sig->flags.revocable)
4737 node->flag |= NODFLG_SELSIG;
4738 }
4739 else if( sig->sig_class == 0x30 )
4740 {
4741 tty_printf(" ");
4742 tty_printf(_("revoked by your key %s on %s\n"),
4743 keystr(sig->keyid),datestr_from_sig(sig));
4744 }
4745 }
4746 }
4747
4748 tty_printf("\n");
4749
4750 /* ask */
4751 for( node = keyblock; node; node = node->next ) {
4752 if( !(node->flag & NODFLG_SELSIG) )
4753 continue;
4754 ask_revoke_sig( keyblock, node );
4755 }
4756
4757 /* present selected */
4758 any = 0;
4759 for( node = keyblock; node; node = node->next ) {
4760 if( !(node->flag & NODFLG_MARK_A) )
4761 continue;
4762 if( !any ) {
4763 any = 1;
4764 tty_printf(_("You are about to revoke these signatures:\n"));
4765 }
4766 if( node->pkt->pkttype == PKT_USER_ID ) {
4767 PKT_user_id *uid = node->pkt->pkt.user_id;
4768 tty_printf(" ");
4769 tty_print_utf8_string( uid->name, uid->len );
4770 tty_printf("\n");
4771 }
4772 else if( node->pkt->pkttype == PKT_SIGNATURE ) {
4773 sig = node->pkt->pkt.signature;
4774 tty_printf(" ");
4775 tty_printf(_("signed by your key %s on %s%s%s\n"),
4776 keystr(sig->keyid), datestr_from_sig(sig),"",
4777 sig->flags.exportable?"":_(" (non-exportable)") );
4778 }
4779 }
4780 if( !any )
4781 return 0; /* none selected */
4782
4783 if( !cpr_get_answer_is_yes("ask_revoke_sig.okay",
4784 _("Really create the revocation certificates? (y/N) ")) )
4785 return 0; /* forget it */
4786
4787 reason = ask_revocation_reason( 0, 1, 0 );
4788 if( !reason ) { /* user decided to cancel */
4789 return 0;
4790 }
4791
4792 /* now we can sign the user ids */
4793 reloop: /* (must use this, because we are modifing the list) */
4794 primary_pk = keyblock->pkt->pkt.public_key;
4795 for( node=keyblock; node; node = node->next ) {
4796 KBNODE unode;
4797 PACKET *pkt;
4798 struct sign_attrib attrib;
4799 PKT_secret_key *sk;
4800
4801 if( !(node->flag & NODFLG_MARK_A)
4802 || node->pkt->pkttype != PKT_SIGNATURE )
4803 continue;
4804 unode = find_prev_kbnode( keyblock, node, PKT_USER_ID );
4805 assert( unode ); /* we already checked this */
4806
4807 memset( &attrib, 0, sizeof attrib );
4808 attrib.reason = reason;
4809 attrib.non_exportable=!node->pkt->pkt.signature->flags.exportable;
4810
4811 node->flag &= ~NODFLG_MARK_A;
4812 sk = xmalloc_secure_clear( sizeof *sk );
4813 if( get_seckey( sk, node->pkt->pkt.signature->keyid ) ) {
4814 log_info(_("no secret key\n"));
4815 continue;
4816 }
4817 rc = make_keysig_packet( &sig, primary_pk,
4818 unode->pkt->pkt.user_id,
4819 NULL,
4820 sk,
4821 0x30, 0, 0, 0, 0,
4822 sign_mk_attrib,
4823 &attrib );
4824 free_secret_key(sk);
4825 if( rc ) {
4826 log_error(_("signing failed: %s\n"), g10_errstr(rc));
4827 release_revocation_reason_info( reason );
4828 return changed;
4829 }
4830 changed = 1; /* we changed the keyblock */
4831 update_trust = 1;
4832 /* Are we revoking our own uid? */
4833 if(primary_pk->keyid[0]==sig->keyid[0] &&
4834 primary_pk->keyid[1]==sig->keyid[1])
4835 unode->pkt->pkt.user_id->is_revoked=1;
4836 pkt = xmalloc_clear( sizeof *pkt );
4837 pkt->pkttype = PKT_SIGNATURE;
4838 pkt->pkt.signature = sig;
4839 insert_kbnode( unode, new_kbnode(pkt), 0 );
4840 goto reloop;
4841 }
4842
4843 release_revocation_reason_info( reason );
4844 return changed;
4845 }
4846
4847 /* Revoke a user ID (i.e. revoke a user ID selfsig). Return true if
4848 keyblock changed. */
4849 static int
4850 menu_revuid( KBNODE pub_keyblock, KBNODE sec_keyblock )
4851 {
4852 PKT_public_key *pk = pub_keyblock->pkt->pkt.public_key;
4853 PKT_secret_key *sk = copy_secret_key( NULL,
4854 sec_keyblock->pkt->pkt.secret_key );
4855 KBNODE node;
4856 int changed = 0;
4857 int rc;
4858 struct revocation_reason_info *reason = NULL;
4859
4860 /* Note that this is correct as per the RFCs, but nevertheless
4861 somewhat meaningless in the real world. 1991 did define the 0x30
4862 sig class, but PGP 2.x did not actually implement it, so it would
4863 probably be safe to use v4 revocations everywhere. -ds */
4864
4865 for( node = pub_keyblock; node; node = node->next )
4866 if(pk->version>3 || (node->pkt->pkttype==PKT_USER_ID &&
4867 node->pkt->pkt.user_id->selfsigversion>3))
4868 {
4869 if((reason = ask_revocation_reason( 0, 1, 4 )))
4870 break;
4871 else
4872 goto leave;
4873 }
4874
4875 reloop: /* (better this way because we are modifing the keyring) */
4876 for( node = pub_keyblock; node; node = node->next )
4877 if(node->pkt->pkttype == PKT_USER_ID && (node->flag & NODFLG_SELUID))
4878 {
4879 PKT_user_id *uid=node->pkt->pkt.user_id;
4880
4881 if(uid->is_revoked)
4882 {
4883 char *user=utf8_to_native(uid->name,uid->len,0);
4884 log_info(_("user ID \"%s\" is already revoked\n"),user);
4885 xfree(user);
4886 }
4887 else
4888 {
4889 PACKET *pkt;
4890 PKT_signature *sig;
4891 struct sign_attrib attrib;
4892 u32 timestamp=make_timestamp();
4893
4894 if(uid->created>=timestamp)
4895 {
4896 /* Okay, this is a problem. The user ID selfsig was
4897 created in the future, so we need to warn the user and
4898 set our revocation timestamp one second after that so
4899 everything comes out clean. */
4900
4901 log_info(_("WARNING: a user ID signature is dated %d"
4902 " seconds in the future\n"),uid->created-timestamp);
4903
4904 timestamp=uid->created+1;
4905 }
4906
4907 memset( &attrib, 0, sizeof attrib );
4908 attrib.reason = reason;
4909
4910 node->flag &= ~NODFLG_SELUID;
4911
4912 rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x30, 0,
4913 (reason==NULL)?3:0, timestamp, 0,
4914 sign_mk_attrib, &attrib );
4915 if( rc )
4916 {
4917 log_error(_("signing failed: %s\n"), g10_errstr(rc));
4918 goto leave;
4919 }
4920 else
4921 {
4922 pkt = xmalloc_clear( sizeof *pkt );
4923 pkt->pkttype = PKT_SIGNATURE;
4924 pkt->pkt.signature = sig;
4925 insert_kbnode( node, new_kbnode(pkt), 0 );
4926
4927 /* If the trustdb has an entry for this key+uid then the
4928 trustdb needs an update. */
4929 if(!update_trust
4930 && (get_validity(pk,uid)&TRUST_MASK)>=TRUST_UNDEFINED)
4931 update_trust=1;
4932
4933 changed = 1;
4934 node->pkt->pkt.user_id->is_revoked=1;
4935
4936 goto reloop;
4937 }
4938 }
4939 }
4940
4941 if(changed)
4942 commit_kbnode( &pub_keyblock );
4943
4944 leave:
4945 free_secret_key(sk);
4946 release_revocation_reason_info( reason );
4947 return changed;
4948 }
4949
4950 /****************
4951 * Revoke the whole key.
4952 */
4953 static int
4954 menu_revkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
4955 {
4956 PKT_public_key *pk=pub_keyblock->pkt->pkt.public_key;
4957 PKT_secret_key *sk;
4958 int rc,changed = 0;
4959 struct revocation_reason_info *reason;
4960 PACKET *pkt;
4961 PKT_signature *sig;
4962
4963 if(pk->is_revoked)
4964 {
4965 tty_printf(_("Key %s is already revoked.\n"),keystr_from_pk(pk));
4966 return 0;
4967 }
4968
4969 reason = ask_revocation_reason( 1, 0, 0 );
4970 /* user decided to cancel */
4971 if( !reason )
4972 return 0;
4973
4974 sk = copy_secret_key( NULL, sec_keyblock->pkt->pkt.secret_key );
4975 rc = make_keysig_packet( &sig, pk, NULL, NULL, sk,
4976 0x20, 0, opt.force_v4_certs?4:0, 0, 0,
4977 revocation_reason_build_cb, reason );
4978 free_secret_key(sk);
4979 if( rc )
4980 {
4981 log_error(_("signing failed: %s\n"), g10_errstr(rc));
4982 goto scram;
4983 }
4984
4985 changed = 1; /* we changed the keyblock */
4986
4987 pkt = xmalloc_clear( sizeof *pkt );
4988 pkt->pkttype = PKT_SIGNATURE;
4989 pkt->pkt.signature = sig;
4990 insert_kbnode( pub_keyblock, new_kbnode(pkt), 0 );
4991 commit_kbnode( &pub_keyblock );
4992
4993 update_trust=1;
4994
4995 scram:
4996 release_revocation_reason_info( reason );
4997 return changed;
4998 }
4999
5000 static int
5001 menu_revsubkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
5002 {
5003 PKT_public_key *mainpk;
5004 KBNODE node;
5005 int changed = 0;
5006 int rc;
5007 struct revocation_reason_info *reason = NULL;
5008
5009 reason = ask_revocation_reason( 1, 0, 0 );
5010 if( !reason ) { /* user decided to cancel */
5011 return 0;
5012 }
5013
5014 reloop: /* (better this way because we are modifing the keyring) */
5015 mainpk = pub_keyblock->pkt->pkt.public_key;
5016 for( node = pub_keyblock; node; node = node->next ) {
5017 if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY
5018 && (node->flag & NODFLG_SELKEY) ) {
5019 PACKET *pkt;
5020 PKT_signature *sig;
5021 PKT_secret_key *sk;
5022 PKT_public_key *subpk = node->pkt->pkt.public_key;
5023 struct sign_attrib attrib;
5024
5025 if(subpk->is_revoked)
5026 {
5027 tty_printf(_("Subkey %s is already revoked.\n"),
5028 keystr_from_pk(subpk));
5029 continue;
5030 }
5031
5032 memset( &attrib, 0, sizeof attrib );
5033 attrib.reason = reason;
5034
5035 node->flag &= ~NODFLG_SELKEY;
5036 sk = copy_secret_key( NULL, sec_keyblock->pkt->pkt.secret_key );
5037 rc = make_keysig_packet( &sig, mainpk, NULL, subpk, sk,
5038 0x28, 0, 0, 0, 0,
5039 sign_mk_attrib, &attrib );
5040 free_secret_key(sk);
5041 if( rc ) {
5042 log_error(_("signing failed: %s\n"), g10_errstr(rc));
5043 release_revocation_reason_info( reason );
5044 return changed;
5045 }
5046 changed = 1; /* we changed the keyblock */
5047
5048 pkt = xmalloc_clear( sizeof *pkt );
5049 pkt->pkttype = PKT_SIGNATURE;
5050 pkt->pkt.signature = sig;
5051 insert_kbnode( node, new_kbnode(pkt), 0 );
5052 goto reloop;
5053 }
5054 }
5055 commit_kbnode( &pub_keyblock );
5056 /*commit_kbnode( &sec_keyblock );*/
5057
5058 /* No need to set update_trust here since signing keys no longer
5059 are used to certify other keys, so there is no change in trust
5060 when revoking/removing them */
5061
5062 release_revocation_reason_info( reason );
5063 return changed;
5064 }
5065
5066 /* Note that update_ownertrust is going to mark the trustdb dirty when
5067 enabling or disabling a key. This is arguably sub-optimal as
5068 disabled keys are still counted in the web of trust, but perhaps
5069 not worth adding extra complexity to change. -ds */
5070 static int
5071 enable_disable_key( KBNODE keyblock, int disable )
5072 {
5073 PKT_public_key *pk = find_kbnode( keyblock, PKT_PUBLIC_KEY )
5074 ->pkt->pkt.public_key;
5075 unsigned int trust, newtrust;
5076
5077 trust = newtrust = get_ownertrust (pk);
5078 newtrust &= ~TRUST_FLAG_DISABLED;
5079 if( disable )
5080 newtrust |= TRUST_FLAG_DISABLED;
5081 if( trust == newtrust )
5082 return 0; /* already in that state */
5083 update_ownertrust(pk, newtrust );
5084 return 0;
5085 }
5086
5087
5088 static void
5089 menu_showphoto( KBNODE keyblock )
5090 {
5091 KBNODE node;
5092 int select_all = !count_selected_uids(keyblock);
5093 int count=0;
5094 PKT_public_key *pk=NULL;
5095
5096 /* Look for the public key first. We have to be really, really,
5097 explicit as to which photo this is, and what key it is a UID on
5098 since people may want to sign it. */
5099
5100 for( node = keyblock; node; node = node->next )
5101 {
5102 if( node->pkt->pkttype == PKT_PUBLIC_KEY )
5103 pk = node->pkt->pkt.public_key;
5104 else if( node->pkt->pkttype == PKT_USER_ID )
5105 {
5106 PKT_user_id *uid = node->pkt->pkt.user_id;
5107 count++;
5108
5109 if((select_all || (node->flag & NODFLG_SELUID)) &&
5110 uid->attribs!=NULL)
5111 {
5112 int i;
5113
5114 for(i=0;i<uid->numattribs;i++)
5115 {
5116 byte type;
5117 u32 size;
5118
5119 if(uid->attribs[i].type==ATTRIB_IMAGE &&
5120 parse_image_header(&uid->attribs[i],&type,&size))
5121 {
5122 tty_printf(_("Displaying %s photo ID of size %ld for "
5123 "key %s (uid %d)\n"),
5124 image_type_to_string(type,1),
5125 (ulong)size,keystr_from_pk(pk),count);
5126 show_photos(&uid->attribs[i],1,pk,NULL,uid);
5127 }
5128 }
5129 }
5130 }
5131 }
5132 }
gnupg svn clone