search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
2005-04-15 Marcus Brinkmann <marcus@g10code.de>
[gnupg.git] / g10 / delkey.c
blob6263dec4736105bd47a366226ba41cbd390ef0e0
1 /* delkey.c - delete keys
2 * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
3 *
4 * This file is part of GnuPG.
5 *
6 * GnuPG is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * GnuPG is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
19 */
20
21 #include <config.h>
22 #include <stdio.h>
23 #include <stdlib.h>
24 #include <string.h>
25 #include <errno.h>
26 #include <assert.h>
27 #include <ctype.h>
28
29 #include "options.h"
30 #include "packet.h"
31 #include "errors.h"
32 #include "iobuf.h"
33 #include "keydb.h"
34 #include "memory.h"
35 #include "util.h"
36 #include "main.h"
37 #include "trustdb.h"
38 #include "filter.h"
39 #include "ttyio.h"
40 #include "status.h"
41 #include "i18n.h"
42
43
44 /****************
45 * Delete a public or secret key from a keyring.
46 * r_sec_avail will be set if a secret key is available and the public
47 * key can't be deleted for that reason.
48 */
49 static int
50 do_delete_key( const char *username, int secret, int *r_sec_avail )
51 {
52 int rc = 0;
53 KBNODE keyblock = NULL;
54 KBNODE node;
55 KEYDB_HANDLE hd = keydb_new (secret);
56 PKT_public_key *pk = NULL;
57 PKT_secret_key *sk = NULL;
58 u32 keyid[2];
59 int okay=0;
60 int yes;
61 KEYDB_SEARCH_DESC desc;
62 int exactmatch;
63
64 *r_sec_avail = 0;
65
66 /* search the userid */
67 classify_user_id (username, &desc);
68 exactmatch = (desc.mode == KEYDB_SEARCH_MODE_FPR
69 || desc.mode == KEYDB_SEARCH_MODE_FPR16
70 || desc.mode == KEYDB_SEARCH_MODE_FPR20);
71 rc = desc.mode? keydb_search (hd, &desc, 1):GPG_ERR_INV_USER_ID;
72 if (rc) {
73 log_error (_("key `%s' not found: %s\n"), username, gpg_strerror (rc));
74 write_status_text( STATUS_DELETE_PROBLEM, "1" );
75 goto leave;
76 }
77
78 /* read the keyblock */
79 rc = keydb_get_keyblock (hd, &keyblock );
80 if (rc) {
81 log_error (_("error reading keyblock: %s\n"), gpg_strerror (rc) );
82 goto leave;
83 }
84
85 /* get the keyid from the keyblock */
86 node = find_kbnode( keyblock, secret? PKT_SECRET_KEY:PKT_PUBLIC_KEY );
87 if( !node ) {
88 log_error("Oops; key not found anymore!\n");
89 rc = GPG_ERR_GENERAL;
90 goto leave;
91 }
92
93 if( secret ) {
94 sk = node->pkt->pkt.secret_key;
95 keyid_from_sk( sk, keyid );
96 }
97 else {
98 pk = node->pkt->pkt.public_key;
99 keyid_from_pk( pk, keyid );
100 rc = seckey_available( keyid );
101 if( !rc ) {
102 *r_sec_avail = 1;
103 rc = -1;
104 goto leave;
105 }
106 else if( rc != GPG_ERR_NO_SECKEY ) {
107 log_error("%s: get secret key: %s\n", username, gpg_strerror (rc) );
108 }
109 else
110 rc = 0;
111 }
112
113 if( rc )
114 rc = 0;
115 else if (opt.batch && exactmatch)
116 okay++;
117 else if( opt.batch && secret )
118 {
119 log_error(_("can't do that in batchmode\n"));
120 log_info (_("(unless you specify the key by fingerprint)\n"));
121 }
122 else if( opt.batch && opt.answer_yes )
123 okay++;
124 else if( opt.batch )
125 {
126 log_error(_("can't do that in batchmode without \"--yes\"\n"));
127 log_info (_("(unless you specify the key by fingerprint)\n"));
128 }
129 else {
130 if( secret )
131 print_seckey_info( sk );
132 else
133 print_pubkey_info (NULL, pk );
134 tty_printf( "\n" );
135
136 yes = cpr_get_answer_is_yes( secret? "delete_key.secret.okay"
137 : "delete_key.okay",
138 _("Delete this key from the keyring? "));
139 if( !cpr_enabled() && secret && yes ) {
140 /* I think it is not required to check a passphrase; if
141 * the user is so stupid as to let others access his secret keyring
142 * (and has no backup) - it is up him to read some very
143 * basic texts about security.
144 */
145 yes = cpr_get_answer_is_yes("delete_key.secret.okay",
146 _("This is a secret key! - really delete? "));
147 }
148 if( yes )
149 okay++;
150 }
151
152
153 if( okay ) {
154 rc = keydb_delete_keyblock (hd);
155 if (rc) {
156 log_error (_("deleting keyblock failed: %s\n"), gpg_strerror (rc) );
157 goto leave;
158 }
159
160 /* Note that the ownertrust being cleared will trigger a
161 revalidation_mark(). This makes sense - only deleting keys
162 that have ownertrust set should trigger this. */
163
164 if (!secret && pk && clear_ownertrusts (pk)) {
165 if (opt.verbose)
166 log_info (_("ownertrust information cleared\n"));
167 }
168 }
169
170 leave:
171 keydb_release (hd);
172 release_kbnode (keyblock);
173 return rc;
174 }
175
176 /****************
177 * Delete a public or secret key from a keyring.
178 */
179 int
180 delete_keys( STRLIST names, int secret, int allow_both )
181 {
182 int rc, avail;
183
184 for(;names;names=names->next) {
185 rc = do_delete_key (names->d, secret, &avail );
186 if ( rc && avail ) {
187 if ( allow_both ) {
188 rc = do_delete_key (names->d, 1, &avail );
189 if ( !rc )
190 rc = do_delete_key (names->d, 0, &avail );
191 }
192 else {
193 log_error(_(
194 "there is a secret key for public key \"%s\"!\n"),names->d);
195 log_info(_(
196 "use option \"--delete-secret-keys\" to delete it first.\n"));
197 write_status_text( STATUS_DELETE_PROBLEM, "2" );
198 return rc;
199 }
200 }
201
202 if(rc) {
203 log_error("%s: delete key failed: %s\n", names->d, gpg_strerror (rc) );
204 return rc;
205 }
206 }
207
208 return 0;
209 }
gnupg svn clone