search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Post release version bumb
[gnupg.git] / g10 / keyedit.c
blobbc79e8fa842131eade99e4da7303788b93f321b0
1 /* keyedit.c - keyedit stuff
2 * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
3 * 2008, 2009 Free Software Foundation, Inc.
4 *
5 * This file is part of GnuPG.
6 *
7 * GnuPG is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 3 of the License, or
10 * (at your option) any later version.
11 *
12 * GnuPG is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, see <http://www.gnu.org/licenses/>.
19 */
20
21 #include <config.h>
22 #include <stdio.h>
23 #include <stdlib.h>
24 #include <string.h>
25 #include <errno.h>
26 #include <assert.h>
27 #include <ctype.h>
28 #ifdef HAVE_LIBREADLINE
29 #define GNUPG_LIBREADLINE_H_INCLUDED
30 #include <readline/readline.h>
31 #endif
32
33 #include "gpg.h"
34 #include "options.h"
35 #include "packet.h"
36 #include "status.h"
37 #include "iobuf.h"
38 #include "keydb.h"
39 #include "photoid.h"
40 #include "util.h"
41 #include "main.h"
42 #include "trustdb.h"
43 #include "filter.h"
44 #include "ttyio.h"
45 #include "status.h"
46 #include "i18n.h"
47 #include "keyserver-internal.h"
48
49 static void show_prefs( PKT_user_id *uid, PKT_signature *selfsig, int verbose);
50 static void show_names(KBNODE keyblock,PKT_public_key *pk,
51 unsigned int flag,int with_prefs);
52 static void show_key_with_all_names( KBNODE keyblock, int only_marked,
53 int with_revoker, int with_fpr, int with_subkeys, int with_prefs );
54 static void show_key_and_fingerprint( KBNODE keyblock );
55 static int menu_adduid( KBNODE keyblock, KBNODE sec_keyblock,
56 int photo, const char *photo_name );
57 static void menu_deluid( KBNODE pub_keyblock, KBNODE sec_keyblock );
58 static int menu_delsig( KBNODE pub_keyblock );
59 static int menu_clean(KBNODE keyblock,int self_only);
60 static void menu_delkey( KBNODE pub_keyblock, KBNODE sec_keyblock );
61 static int menu_addrevoker( KBNODE pub_keyblock,
62 KBNODE sec_keyblock, int sensitive );
63 static int menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock );
64 static int menu_backsign(KBNODE pub_keyblock,KBNODE sec_keyblock);
65 static int menu_set_primary_uid( KBNODE pub_keyblock, KBNODE sec_keyblock );
66 static int menu_set_preferences( KBNODE pub_keyblock, KBNODE sec_keyblock );
67 static int menu_set_keyserver_url (const char *url,
68 KBNODE pub_keyblock, KBNODE sec_keyblock );
69 static int menu_set_notation(const char *string,
70 KBNODE pub_keyblock,KBNODE sec_keyblock);
71 static int menu_select_uid( KBNODE keyblock, int idx );
72 static int menu_select_uid_namehash( KBNODE keyblock, const char *namehash );
73 static int menu_select_key( KBNODE keyblock, int idx );
74 static int count_uids( KBNODE keyblock );
75 static int count_uids_with_flag( KBNODE keyblock, unsigned flag );
76 static int count_keys_with_flag( KBNODE keyblock, unsigned flag );
77 static int count_selected_uids( KBNODE keyblock );
78 static int real_uids_left( KBNODE keyblock );
79 static int count_selected_keys( KBNODE keyblock );
80 static int menu_revsig( KBNODE keyblock );
81 static int menu_revuid( KBNODE keyblock, KBNODE sec_keyblock );
82 static int menu_revkey( KBNODE pub_keyblock, KBNODE sec_keyblock );
83 static int menu_revsubkey( KBNODE pub_keyblock, KBNODE sec_keyblock );
84 static int enable_disable_key( KBNODE keyblock, int disable );
85 static void menu_showphoto( KBNODE keyblock );
86
87 static int update_trust=0;
88
89 #define CONTROL_D ('D' - 'A' + 1)
90
91 #define NODFLG_BADSIG (1<<0) /* bad signature */
92 #define NODFLG_NOKEY (1<<1) /* no public key */
93 #define NODFLG_SIGERR (1<<2) /* other sig error */
94
95 #define NODFLG_MARK_A (1<<4) /* temporary mark */
96 #define NODFLG_DELSIG (1<<5) /* to be deleted */
97
98 #define NODFLG_SELUID (1<<8) /* indicate the selected userid */
99 #define NODFLG_SELKEY (1<<9) /* indicate the selected key */
100 #define NODFLG_SELSIG (1<<10) /* indicate a selected signature */
101
102 struct sign_attrib {
103 int non_exportable,non_revocable;
104 struct revocation_reason_info *reason;
105 byte trust_depth,trust_value;
106 char *trust_regexp;
107 };
108
109
110 #ifdef ENABLE_CARD_SUPPORT
111 /* Given a node SEC_NODE with a secret key or subkey, locate the
112 corresponding public key from pub_keyblock. */
113 static PKT_public_key *
114 find_pk_from_sknode (KBNODE pub_keyblock, KBNODE sec_node)
115 {
116 KBNODE node = pub_keyblock;
117 PKT_secret_key *sk;
118 PKT_public_key *pk;
119
120 if (sec_node->pkt->pkttype == PKT_SECRET_KEY
121 && node->pkt->pkttype == PKT_PUBLIC_KEY)
122 return node->pkt->pkt.public_key;
123 if (sec_node->pkt->pkttype != PKT_SECRET_SUBKEY)
124 return NULL;
125 sk = sec_node->pkt->pkt.secret_key;
126 for (; node; node = node->next)
127 if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
128 {
129 pk = node->pkt->pkt.public_key;
130 if (pk->keyid[0] == sk->keyid[0] && pk->keyid[1] == sk->keyid[1])
131 return pk;
132 }
133
134 return NULL;
135 }
136 #endif /* ENABLE_CARD_SUPPORT */
137
138
139 /* TODO: Fix duplicated code between here and the check-sigs/list-sigs
140 code in keylist.c. */
141 static int
142 print_and_check_one_sig_colon( KBNODE keyblock, KBNODE node,
143 int *inv_sigs, int *no_key, int *oth_err,
144 int *is_selfsig, int print_without_key )
145 {
146 PKT_signature *sig = node->pkt->pkt.signature;
147 int rc, sigrc;
148
149 /* TODO: Make sure a cached sig record here still has the pk that
150 issued it. See also keylist.c:list_keyblock_print */
151
152 switch((rc=check_key_signature(keyblock,node,is_selfsig)))
153 {
154 case 0:
155 node->flag &= ~(NODFLG_BADSIG|NODFLG_NOKEY|NODFLG_SIGERR);
156 sigrc = '!';
157 break;
158 case G10ERR_BAD_SIGN:
159 node->flag = NODFLG_BADSIG;
160 sigrc = '-';
161 if( inv_sigs )
162 ++*inv_sigs;
163 break;
164 case G10ERR_NO_PUBKEY:
165 case G10ERR_UNU_PUBKEY:
166 node->flag = NODFLG_NOKEY;
167 sigrc = '?';
168 if( no_key )
169 ++*no_key;
170 break;
171 default:
172 node->flag = NODFLG_SIGERR;
173 sigrc = '%';
174 if( oth_err )
175 ++*oth_err;
176 break;
177 }
178
179 if( sigrc != '?' || print_without_key )
180 {
181 printf("sig:%c::%d:%08lX%08lX:%lu:%lu:",
182 sigrc,sig->pubkey_algo,(ulong)sig->keyid[0],(ulong)sig->keyid[1],
183 (ulong)sig->timestamp,(ulong)sig->expiredate);
184
185 if(sig->trust_depth || sig->trust_value)
186 printf("%d %d",sig->trust_depth,sig->trust_value);
187
188 printf(":");
189
190 if(sig->trust_regexp)
191 print_string(stdout,sig->trust_regexp,strlen(sig->trust_regexp),':');
192
193 printf("::%02x%c\n",sig->sig_class,sig->flags.exportable?'x':'l');
194
195 if(opt.show_subpackets)
196 print_subpackets_colon(sig);
197 }
198
199 return (sigrc == '!');
200 }
201
202
203 /****************
204 * Print information about a signature, check it and return true
205 * if the signature is okay. NODE must be a signature packet.
206 */
207 static int
208 print_and_check_one_sig( KBNODE keyblock, KBNODE node,
209 int *inv_sigs, int *no_key, int *oth_err,
210 int *is_selfsig, int print_without_key )
211 {
212 PKT_signature *sig = node->pkt->pkt.signature;
213 int rc, sigrc;
214 int is_rev = sig->sig_class == 0x30;
215
216 /* TODO: Make sure a cached sig record here still has the pk that
217 issued it. See also keylist.c:list_keyblock_print */
218
219 switch( (rc = check_key_signature( keyblock, node, is_selfsig)) ) {
220 case 0:
221 node->flag &= ~(NODFLG_BADSIG|NODFLG_NOKEY|NODFLG_SIGERR);
222 sigrc = '!';
223 break;
224 case G10ERR_BAD_SIGN:
225 node->flag = NODFLG_BADSIG;
226 sigrc = '-';
227 if( inv_sigs )
228 ++*inv_sigs;
229 break;
230 case G10ERR_NO_PUBKEY:
231 case G10ERR_UNU_PUBKEY:
232 node->flag = NODFLG_NOKEY;
233 sigrc = '?';
234 if( no_key )
235 ++*no_key;
236 break;
237 default:
238 node->flag = NODFLG_SIGERR;
239 sigrc = '%';
240 if( oth_err )
241 ++*oth_err;
242 break;
243 }
244 if( sigrc != '?' || print_without_key ) {
245 tty_printf("%s%c%c %c%c%c%c%c%c %s %s",
246 is_rev? "rev":"sig",sigrc,
247 (sig->sig_class-0x10>0 &&
248 sig->sig_class-0x10<4)?'0'+sig->sig_class-0x10:' ',
249 sig->flags.exportable?' ':'L',
250 sig->flags.revocable?' ':'R',
251 sig->flags.policy_url?'P':' ',
252 sig->flags.notation?'N':' ',
253 sig->flags.expired?'X':' ',
254 (sig->trust_depth>9)?'T':
255 (sig->trust_depth>0)?'0'+sig->trust_depth:' ',
256 keystr(sig->keyid),datestr_from_sig(sig));
257 if(opt.list_options&LIST_SHOW_SIG_EXPIRE)
258 tty_printf(" %s",expirestr_from_sig(sig));
259 tty_printf(" ");
260 if( sigrc == '%' )
261 tty_printf("[%s] ", g10_errstr(rc) );
262 else if( sigrc == '?' )
263 ;
264 else if( *is_selfsig ) {
265 tty_printf( is_rev? _("[revocation]")
266 : _("[self-signature]") );
267 }
268 else
269 {
270 size_t n;
271 char *p = get_user_id( sig->keyid, &n );
272 tty_print_utf8_string2(p, n, opt.screen_columns-keystrlen()-26-
273 ((opt.list_options&LIST_SHOW_SIG_EXPIRE)?11:0));
274 xfree(p);
275 }
276 tty_printf("\n");
277
278 if(sig->flags.policy_url && (opt.list_options&LIST_SHOW_POLICY_URLS))
279 show_policy_url(sig,3,0);
280
281 if(sig->flags.notation && (opt.list_options&LIST_SHOW_NOTATIONS))
282 show_notation(sig,3,0,
283 ((opt.list_options&LIST_SHOW_STD_NOTATIONS)?1:0)+
284 ((opt.list_options&LIST_SHOW_USER_NOTATIONS)?2:0));
285
286 if(sig->flags.pref_ks && (opt.list_options&LIST_SHOW_KEYSERVER_URLS))
287 show_keyserver_url(sig,3,0);
288 }
289
290 return (sigrc == '!');
291 }
292
293
294
295 /****************
296 * Check the keysigs and set the flags to indicate errors.
297 * Returns true if error found.
298 */
299 static int
300 check_all_keysigs( KBNODE keyblock, int only_selected )
301 {
302 KBNODE kbctx;
303 KBNODE node;
304 int inv_sigs = 0;
305 int no_key = 0;
306 int oth_err = 0;
307 int has_selfsig = 0;
308 int mis_selfsig = 0;
309 int selected = !only_selected;
310 int anyuid = 0;
311
312 for( kbctx=NULL; (node=walk_kbnode( keyblock, &kbctx, 0)) ; ) {
313 if( node->pkt->pkttype == PKT_USER_ID ) {
314 PKT_user_id *uid = node->pkt->pkt.user_id;
315
316 if( only_selected )
317 selected = (node->flag & NODFLG_SELUID);
318 if( selected ) {
319 tty_printf("uid ");
320 tty_print_utf8_string( uid->name, uid->len );
321 tty_printf("\n");
322 if( anyuid && !has_selfsig )
323 mis_selfsig++;
324 has_selfsig = 0;
325 anyuid = 1;
326 }
327 }
328 else if( selected && node->pkt->pkttype == PKT_SIGNATURE
329 && ( (node->pkt->pkt.signature->sig_class&~3) == 0x10
330 || node->pkt->pkt.signature->sig_class == 0x30 ) ) {
331 int selfsig;
332
333 if( print_and_check_one_sig( keyblock, node, &inv_sigs,
334 &no_key, &oth_err, &selfsig, 0 ) ) {
335 if( selfsig )
336 has_selfsig = 1;
337 }
338 /* Hmmm: should we update the trustdb here? */
339 }
340 }
341 if( !has_selfsig )
342 mis_selfsig++;
343 if( inv_sigs == 1 )
344 tty_printf(_("1 bad signature\n") );
345 else if( inv_sigs )
346 tty_printf(_("%d bad signatures\n"), inv_sigs );
347 if( no_key == 1 )
348 tty_printf(_("1 signature not checked due to a missing key\n") );
349 else if( no_key )
350 tty_printf(_("%d signatures not checked due to missing keys\n"), no_key );
351 if( oth_err == 1 )
352 tty_printf(_("1 signature not checked due to an error\n") );
353 else if( oth_err )
354 tty_printf(_("%d signatures not checked due to errors\n"), oth_err );
355 if( mis_selfsig == 1 )
356 tty_printf(_("1 user ID without valid self-signature detected\n"));
357 else if( mis_selfsig )
358 tty_printf(_("%d user IDs without valid self-signatures detected\n"),
359 mis_selfsig);
360
361 return inv_sigs || no_key || oth_err || mis_selfsig;
362 }
363
364
365 static int
366 sign_mk_attrib( PKT_signature *sig, void *opaque )
367 {
368 struct sign_attrib *attrib = opaque;
369 byte buf[8];
370
371 if( attrib->non_exportable ) {
372 buf[0] = 0; /* not exportable */
373 build_sig_subpkt( sig, SIGSUBPKT_EXPORTABLE, buf, 1 );
374 }
375
376 if( attrib->non_revocable ) {
377 buf[0] = 0; /* not revocable */
378 build_sig_subpkt( sig, SIGSUBPKT_REVOCABLE, buf, 1 );
379 }
380
381 if( attrib->reason )
382 revocation_reason_build_cb( sig, attrib->reason );
383
384 if(attrib->trust_depth)
385 {
386 /* Not critical. If someone doesn't understand trust sigs,
387 this can still be a valid regular signature. */
388 buf[0] = attrib->trust_depth;
389 buf[1] = attrib->trust_value;
390 build_sig_subpkt(sig,SIGSUBPKT_TRUST,buf,2);
391
392 /* Critical. If someone doesn't understands regexps, this
393 whole sig should be invalid. Note the +1 for the length -
394 regexps are null terminated. */
395 if(attrib->trust_regexp)
396 build_sig_subpkt(sig,SIGSUBPKT_FLAG_CRITICAL|SIGSUBPKT_REGEXP,
397 attrib->trust_regexp,
398 strlen(attrib->trust_regexp)+1);
399 }
400
401 return 0;
402 }
403
404 static void
405 trustsig_prompt(byte *trust_value,byte *trust_depth,char **regexp)
406 {
407 char *p;
408
409 *trust_value=0;
410 *trust_depth=0;
411 *regexp=NULL;
412
413 /* Same string as pkclist.c:do_edit_ownertrust */
414 tty_printf(_("Please decide how far you trust this user to correctly verify"
415 " other users' keys\n(by looking at passports, checking"
416 " fingerprints from different sources, etc.)\n"));
417 tty_printf("\n");
418 tty_printf (_(" %d = I trust marginally\n"), 1);
419 tty_printf (_(" %d = I trust fully\n"), 2);
420 tty_printf("\n");
421
422 while(*trust_value==0)
423 {
424 p = cpr_get("trustsig_prompt.trust_value",_("Your selection? "));
425 trim_spaces(p);
426 cpr_kill_prompt();
427 /* 60 and 120 are as per RFC2440 */
428 if(p[0]=='1' && !p[1])
429 *trust_value=60;
430 else if(p[0]=='2' && !p[1])
431 *trust_value=120;
432 xfree(p);
433 }
434
435 tty_printf("\n");
436
437 tty_printf(_(
438 "Please enter the depth of this trust signature.\n"
439 "A depth greater than 1 allows the key you are signing to make\n"
440 "trust signatures on your behalf.\n"));
441 tty_printf("\n");
442
443 while(*trust_depth==0)
444 {
445 p = cpr_get("trustsig_prompt.trust_depth",_("Your selection? "));
446 trim_spaces(p);
447 cpr_kill_prompt();
448 *trust_depth=atoi(p);
449 xfree(p);
450 }
451
452 tty_printf("\n");
453
454 tty_printf(_("Please enter a domain to restrict this signature, "
455 "or enter for none.\n"));
456
457 tty_printf("\n");
458
459 p=cpr_get("trustsig_prompt.trust_regexp",_("Your selection? "));
460 trim_spaces(p);
461 cpr_kill_prompt();
462
463 if(strlen(p)>0)
464 {
465 char *q=p;
466 int regexplen=100,ind;
467
468 *regexp=xmalloc(regexplen);
469
470 /* Now mangle the domain the user entered into a regexp. To do
471 this, \-escape everything that isn't alphanumeric, and attach
472 "<[^>]+[@.]" to the front, and ">$" to the end. */
473
474 strcpy(*regexp,"<[^>]+[@.]");
475 ind=strlen(*regexp);
476
477 while(*q)
478 {
479 if(!((*q>='A' && *q<='Z')
480 || (*q>='a' && *q<='z') || (*q>='0' && *q<='9')))
481 (*regexp)[ind++]='\\';
482
483 (*regexp)[ind++]=*q;
484
485 if((regexplen-ind)<3)
486 {
487 regexplen+=100;
488 *regexp=xrealloc(*regexp,regexplen);
489 }
490
491 q++;
492 }
493
494 (*regexp)[ind]='\0';
495 strcat(*regexp,">$");
496 }
497
498 xfree(p);
499 tty_printf("\n");
500 }
501
502 /****************
503 * Loop over all locusr and and sign the uids after asking.
504 * If no user id is marked, all user ids will be signed;
505 * if some user_ids are marked those will be signed.
506 */
507 static int
508 sign_uids( KBNODE keyblock, strlist_t locusr, int *ret_modified,
509 int local, int nonrevocable, int trust, int interactive )
510 {
511 int rc = 0;
512 SK_LIST sk_list = NULL;
513 SK_LIST sk_rover = NULL;
514 PKT_secret_key *sk = NULL;
515 KBNODE node, uidnode;
516 PKT_public_key *primary_pk=NULL;
517 int select_all = !count_selected_uids(keyblock) || interactive;
518 int all_v3=1;
519
520 /* Are there any non-v3 sigs on this key already? */
521 if(PGP2)
522 for(node=keyblock;node;node=node->next)
523 if(node->pkt->pkttype==PKT_SIGNATURE &&
524 node->pkt->pkt.signature->version>3)
525 {
526 all_v3=0;
527 break;
528 }
529
530 /* build a list of all signators.
531 *
532 * We use the CERT flag to request the primary which must always
533 * be one which is capable of signing keys. I can't see a reason
534 * why to sign keys using a subkey. Implementation of USAGE_CERT
535 * is just a hack in getkey.c and does not mean that a subkey
536 * marked as certification capable will be used. */
537 rc=build_sk_list( locusr, &sk_list, 0, PUBKEY_USAGE_CERT);
538 if( rc )
539 goto leave;
540
541 /* loop over all signators */
542 for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) {
543 u32 sk_keyid[2],pk_keyid[2];
544 char *p,*trust_regexp=NULL;
545 int force_v4=0,class=0,selfsig=0;
546 u32 duration=0,timestamp=0;
547 byte trust_depth=0,trust_value=0;
548
549 if(local || nonrevocable || trust ||
550 opt.cert_policy_url || opt.cert_notations)
551 force_v4=1;
552
553 /* we have to use a copy of the sk, because make_keysig_packet
554 * may remove the protection from sk and if we did other
555 * changes to the secret key, we would save the unprotected
556 * version */
557 if( sk )
558 free_secret_key(sk);
559 sk = copy_secret_key( NULL, sk_rover->sk );
560 keyid_from_sk( sk, sk_keyid );
561 /* set mark A for all selected user ids */
562 for( node=keyblock; node; node = node->next ) {
563 if( select_all || (node->flag & NODFLG_SELUID) )
564 node->flag |= NODFLG_MARK_A;
565 else
566 node->flag &= ~NODFLG_MARK_A;
567 }
568 /* reset mark for uids which are already signed */
569 uidnode = NULL;
570 for( node=keyblock; node; node = node->next ) {
571 if( node->pkt->pkttype == PKT_PUBLIC_KEY ) {
572 primary_pk=node->pkt->pkt.public_key;
573 keyid_from_pk( primary_pk, pk_keyid );
574
575 /* Is this a self-sig? */
576 if(pk_keyid[0]==sk_keyid[0] && pk_keyid[1]==sk_keyid[1])
577 {
578 selfsig=1;
579 /* Do not force a v4 sig here, otherwise it would
580 be difficult to remake a v3 selfsig. If this
581 is a v3->v4 promotion case, then we set
582 force_v4 later anyway. */
583 force_v4=0;
584 }
585 }
586 else if( node->pkt->pkttype == PKT_USER_ID )
587 {
588 uidnode = (node->flag & NODFLG_MARK_A)? node : NULL;
589 if(uidnode)
590 {
591 int yesreally=0;
592 char *user=utf8_to_native(uidnode->pkt->pkt.user_id->name,
593 uidnode->pkt->pkt.user_id->len,
594 0);
595
596 if(uidnode->pkt->pkt.user_id->is_revoked)
597 {
598 tty_printf(_("User ID \"%s\" is revoked."),user);
599
600 if(selfsig)
601 tty_printf("\n");
602 else if(opt.expert)
603 {
604 tty_printf("\n");
605 /* No, so remove the mark and continue */
606 if(!cpr_get_answer_is_yes("sign_uid.revoke_okay",
607 _("Are you sure you "
608 "still want to sign "
609 "it? (y/N) ")))
610 {
611 uidnode->flag &= ~NODFLG_MARK_A;
612 uidnode=NULL;
613 }
614 else if(interactive)
615 yesreally=1;
616 }
617 else
618 {
619 uidnode->flag &= ~NODFLG_MARK_A;
620 uidnode=NULL;
621 tty_printf(_(" Unable to sign.\n"));
622 }
623 }
624 else if(uidnode->pkt->pkt.user_id->is_expired)
625 {
626 tty_printf(_("User ID \"%s\" is expired."),user);
627
628 if(selfsig)
629 tty_printf("\n");
630 else if(opt.expert)
631 {
632 tty_printf("\n");
633 /* No, so remove the mark and continue */
634 if(!cpr_get_answer_is_yes("sign_uid.expire_okay",
635 _("Are you sure you "
636 "still want to sign "
637 "it? (y/N) ")))
638 {
639 uidnode->flag &= ~NODFLG_MARK_A;
640 uidnode=NULL;
641 }
642 else if(interactive)
643 yesreally=1;
644 }
645 else
646 {
647 uidnode->flag &= ~NODFLG_MARK_A;
648 uidnode=NULL;
649 tty_printf(_(" Unable to sign.\n"));
650 }
651 }
652 else if(!uidnode->pkt->pkt.user_id->created && !selfsig)
653 {
654 tty_printf(_("User ID \"%s\" is not self-signed."),
655 user);
656
657 if(opt.expert)
658 {
659 tty_printf("\n");
660 /* No, so remove the mark and continue */
661 if(!cpr_get_answer_is_yes("sign_uid.nosig_okay",
662 _("Are you sure you "
663 "still want to sign "
664 "it? (y/N) ")))
665 {
666 uidnode->flag &= ~NODFLG_MARK_A;
667 uidnode=NULL;
668 }
669 else if(interactive)
670 yesreally=1;
671 }
672 else
673 {
674 uidnode->flag &= ~NODFLG_MARK_A;
675 uidnode=NULL;
676 tty_printf(_(" Unable to sign.\n"));
677 }
678 }
679
680 if(uidnode && interactive && !yesreally)
681 {
682 tty_printf(_("User ID \"%s\" is signable. "),user);
683 if(!cpr_get_answer_is_yes("sign_uid.sign_okay",
684 _("Sign it? (y/N) ")))
685 {
686 uidnode->flag &= ~NODFLG_MARK_A;
687 uidnode=NULL;
688 }
689 }
690
691 xfree(user);
692 }
693 }
694 else if( uidnode && node->pkt->pkttype == PKT_SIGNATURE
695 && (node->pkt->pkt.signature->sig_class&~3) == 0x10 ) {
696 if( sk_keyid[0] == node->pkt->pkt.signature->keyid[0]
697 && sk_keyid[1] == node->pkt->pkt.signature->keyid[1] ) {
698 char buf[50];
699 char *user=utf8_to_native(uidnode->pkt->pkt.user_id->name,
700 uidnode->pkt->pkt.user_id->len,
701 0);
702
703 /* It's a v3 self-sig. Make it into a v4 self-sig? */
704 if(node->pkt->pkt.signature->version<4 && selfsig)
705 {
706 tty_printf(_("The self-signature on \"%s\"\n"
707 "is a PGP 2.x-style signature.\n"),user);
708
709 /* Note that the regular PGP2 warning below
710 still applies if there are no v4 sigs on
711 this key at all. */
712
713 if(opt.expert)
714 if(cpr_get_answer_is_yes("sign_uid.v4_promote_okay",
715 _("Do you want to promote "
716 "it to an OpenPGP self-"
717 "signature? (y/N) ")))
718 {
719 force_v4=1;
720 node->flag|=NODFLG_DELSIG;
721 xfree(user);
722 continue;
723 }
724 }
725
726 /* Is the current signature expired? */
727 if(node->pkt->pkt.signature->flags.expired)
728 {
729 tty_printf(_("Your current signature on \"%s\"\n"
730 "has expired.\n"),user);
731
732 if(cpr_get_answer_is_yes("sign_uid.replace_expired_okay",
733 _("Do you want to issue a "
734 "new signature to replace "
735 "the expired one? (y/N) ")))
736 {
737 /* Mark these for later deletion. We
738 don't want to delete them here, just in
739 case the replacement signature doesn't
740 happen for some reason. We only delete
741 these after the replacement is already
742 in place. */
743
744 node->flag|=NODFLG_DELSIG;
745 xfree(user);
746 continue;
747 }
748 }
749
750 if(!node->pkt->pkt.signature->flags.exportable && !local)
751 {
752 /* It's a local sig, and we want to make a
753 exportable sig. */
754 tty_printf(_("Your current signature on \"%s\"\n"
755 "is a local signature.\n"),user);
756
757 if(cpr_get_answer_is_yes("sign_uid.local_promote_okay",
758 _("Do you want to promote "
759 "it to a full exportable "
760 "signature? (y/N) ")))
761 {
762 /* Mark these for later deletion. We
763 don't want to delete them here, just in
764 case the replacement signature doesn't
765 happen for some reason. We only delete
766 these after the replacement is already
767 in place. */
768
769 node->flag|=NODFLG_DELSIG;
770 xfree(user);
771 continue;
772 }
773 }
774
775 /* Fixme: see whether there is a revocation in which
776 * case we should allow to sign it again. */
777 if (!node->pkt->pkt.signature->flags.exportable && local)
778 tty_printf(_(
779 "\"%s\" was already locally signed by key %s\n"),
780 user,keystr_from_sk(sk));
781 else
782 tty_printf(_("\"%s\" was already signed by key %s\n"),
783 user,keystr_from_sk(sk));
784
785 if(opt.expert
786 && cpr_get_answer_is_yes("sign_uid.dupe_okay",
787 _("Do you want to sign it "
788 "again anyway? (y/N) ")))
789 {
790 /* Don't delete the old sig here since this is
791 an --expert thing. */
792 xfree(user);
793 continue;
794 }
795
796 sprintf (buf, "%08lX%08lX",
797 (ulong)sk->keyid[0], (ulong)sk->keyid[1] );
798 write_status_text (STATUS_ALREADY_SIGNED, buf);
799 uidnode->flag &= ~NODFLG_MARK_A; /* remove mark */
800
801 xfree(user);
802 }
803 }
804 }
805
806 /* check whether any uids are left for signing */
807 if( !count_uids_with_flag(keyblock, NODFLG_MARK_A) )
808 {
809 tty_printf(_("Nothing to sign with key %s\n"),keystr_from_sk(sk));
810 continue;
811 }
812
813 /* Ask whether we really should sign these user id(s) */
814 tty_printf("\n");
815 show_key_with_all_names( keyblock, 1, 0, 1, 0, 0 );
816 tty_printf("\n");
817
818 if(primary_pk->expiredate && !selfsig)
819 {
820 u32 now=make_timestamp();
821
822 if(primary_pk->expiredate<=now)
823 {
824 tty_printf(_("This key has expired!"));
825
826 if(opt.expert)
827 {
828 tty_printf(" ");
829 if(!cpr_get_answer_is_yes("sign_uid.expired_okay",
830 _("Are you sure you still "
831 "want to sign it? (y/N) ")))
832 continue;
833 }
834 else
835 {
836 tty_printf(_(" Unable to sign.\n"));
837 continue;
838 }
839 }
840 else
841 {
842 tty_printf(_("This key is due to expire on %s.\n"),
843 expirestr_from_pk(primary_pk));
844
845 if(opt.ask_cert_expire)
846 {
847 char *answer=cpr_get("sign_uid.expire",
848 _("Do you want your signature to "
849 "expire at the same time? (Y/n) "));
850 if(answer_is_yes_no_default(answer,1))
851 {
852 /* This fixes the signature timestamp we're
853 going to make as now. This is so the
854 expiration date is exactly correct, and not
855 a few seconds off (due to the time it takes
856 to answer the questions, enter the
857 passphrase, etc). */
858 timestamp=now;
859 duration=primary_pk->expiredate-now;
860 force_v4=1;
861 }
862
863 cpr_kill_prompt();
864 xfree(answer);
865 }
866 }
867 }
868
869 /* Only ask for duration if we haven't already set it to match
870 the expiration of the pk */
871 if(!duration && !selfsig)
872 {
873 if(opt.ask_cert_expire)
874 duration=ask_expire_interval(1,opt.def_cert_expire);
875 else
876 duration=parse_expire_string(opt.def_cert_expire);
877 }
878
879 if(duration)
880 force_v4=1;
881
882 /* Is --pgp2 on, it's a v3 key, all the sigs on the key are
883 currently v3 and we're about to sign it with a v4 sig? If
884 so, danger! */
885 if(PGP2 && all_v3 &&
886 (sk->version>3 || force_v4) && primary_pk->version<=3)
887 {
888 tty_printf(_("You may not make an OpenPGP signature on a "
889 "PGP 2.x key while in --pgp2 mode.\n"));
890 tty_printf(_("This would make the key unusable in PGP 2.x.\n"));
891
892 if(opt.expert)
893 {
894 if(!cpr_get_answer_is_yes("sign_uid.v4_on_v3_okay",
895 _("Are you sure you still "
896 "want to sign it? (y/N) ")))
897 continue;
898
899 all_v3=0;
900 }
901 else
902 continue;
903 }
904
905 if(selfsig)
906 ;
907 else
908 {
909 if(opt.batch || !opt.ask_cert_level)
910 class=0x10+opt.def_cert_level;
911 else
912 {
913 char *answer;
914
915 tty_printf(_("How carefully have you verified the key you are "
916 "about to sign actually belongs\nto the person "
917 "named above? If you don't know what to "
918 "answer, enter \"0\".\n"));
919 tty_printf("\n");
920 tty_printf(_(" (0) I will not answer.%s\n"),
921 opt.def_cert_level==0?" (default)":"");
922 tty_printf(_(" (1) I have not checked at all.%s\n"),
923 opt.def_cert_level==1?" (default)":"");
924 tty_printf(_(" (2) I have done casual checking.%s\n"),
925 opt.def_cert_level==2?" (default)":"");
926 tty_printf(_(" (3) I have done very careful checking.%s\n"),
927 opt.def_cert_level==3?" (default)":"");
928 tty_printf("\n");
929
930 while(class==0)
931 {
932 answer = cpr_get("sign_uid.class",_("Your selection? "
933 "(enter `?' for more information): "));
934 if(answer[0]=='\0')
935 class=0x10+opt.def_cert_level; /* Default */
936 else if(ascii_strcasecmp(answer,"0")==0)
937 class=0x10; /* Generic */
938 else if(ascii_strcasecmp(answer,"1")==0)
939 class=0x11; /* Persona */
940 else if(ascii_strcasecmp(answer,"2")==0)
941 class=0x12; /* Casual */
942 else if(ascii_strcasecmp(answer,"3")==0)
943 class=0x13; /* Positive */
944 else
945 tty_printf(_("Invalid selection.\n"));
946
947 xfree(answer);
948 }
949 }
950
951 if(trust)
952 trustsig_prompt(&trust_value,&trust_depth,&trust_regexp);
953 }
954
955 p=get_user_id_native(sk_keyid);
956 tty_printf(_("Are you sure that you want to sign this key with your\n"
957 "key \"%s\" (%s)\n"),p,keystr_from_sk(sk));
958 xfree(p);
959
960 if(selfsig)
961 {
962 tty_printf("\n");
963 tty_printf(_("This will be a self-signature.\n"));
964
965 if( local )
966 {
967 tty_printf("\n");
968 tty_printf(
969 _("WARNING: the signature will not be marked "
970 "as non-exportable.\n"));
971 }
972
973 if( nonrevocable )
974 {
975 tty_printf("\n");
976 tty_printf(
977 _("WARNING: the signature will not be marked "
978 "as non-revocable.\n"));
979 }
980 }
981 else
982 {
983 if( local )
984 {
985 tty_printf("\n");
986 tty_printf(
987 _("The signature will be marked as non-exportable.\n"));
988 }
989
990 if( nonrevocable )
991 {
992 tty_printf("\n");
993 tty_printf(
994 _("The signature will be marked as non-revocable.\n"));
995 }
996
997 switch(class)
998 {
999 case 0x11:
1000 tty_printf("\n");
1001 tty_printf(_("I have not checked this key at all.\n"));
1002 break;
1003
1004 case 0x12:
1005 tty_printf("\n");
1006 tty_printf(_("I have checked this key casually.\n"));
1007 break;
1008
1009 case 0x13:
1010 tty_printf("\n");
1011 tty_printf(_("I have checked this key very carefully.\n"));
1012 break;
1013 }
1014 }
1015
1016 tty_printf("\n");
1017
1018 if( opt.batch && opt.answer_yes )
1019 ;
1020 else if( !cpr_get_answer_is_yes("sign_uid.okay",
1021 _("Really sign? (y/N) ")) )
1022 continue;
1023
1024 /* now we can sign the user ids */
1025 reloop: /* (must use this, because we are modifing the list) */
1026 primary_pk = NULL;
1027 for( node=keyblock; node; node = node->next ) {
1028 if( node->pkt->pkttype == PKT_PUBLIC_KEY )
1029 primary_pk = node->pkt->pkt.public_key;
1030 else if( node->pkt->pkttype == PKT_USER_ID
1031 && (node->flag & NODFLG_MARK_A) ) {
1032 PACKET *pkt;
1033 PKT_signature *sig;
1034 struct sign_attrib attrib;
1035
1036 assert( primary_pk );
1037 memset( &attrib, 0, sizeof attrib );
1038 attrib.non_exportable = local;
1039 attrib.non_revocable = nonrevocable;
1040 attrib.trust_depth = trust_depth;
1041 attrib.trust_value = trust_value;
1042 attrib.trust_regexp = trust_regexp;
1043 node->flag &= ~NODFLG_MARK_A;
1044
1045 /* we force creation of a v4 signature for local
1046 * signatures, otherwise we would not generate the
1047 * subpacket with v3 keys and the signature becomes
1048 * exportable */
1049
1050 if(selfsig)
1051 rc = make_keysig_packet( &sig, primary_pk,
1052 node->pkt->pkt.user_id,
1053 NULL,
1054 sk,
1055 0x13, 0, force_v4?4:0, 0, 0,
1056 keygen_add_std_prefs, primary_pk);
1057 else
1058 rc = make_keysig_packet( &sig, primary_pk,
1059 node->pkt->pkt.user_id,
1060 NULL,
1061 sk,
1062 class, 0, force_v4?4:0,
1063 timestamp, duration,
1064 sign_mk_attrib, &attrib );
1065 if( rc ) {
1066 log_error(_("signing failed: %s\n"), g10_errstr(rc));
1067 goto leave;
1068 }
1069
1070 *ret_modified = 1; /* we changed the keyblock */
1071 update_trust = 1;
1072
1073 pkt = xmalloc_clear( sizeof *pkt );
1074 pkt->pkttype = PKT_SIGNATURE;
1075 pkt->pkt.signature = sig;
1076 insert_kbnode( node, new_kbnode(pkt), PKT_SIGNATURE );
1077 goto reloop;
1078 }
1079 }
1080
1081 /* Delete any sigs that got promoted */
1082 for( node=keyblock; node; node = node->next )
1083 if( node->flag & NODFLG_DELSIG)
1084 delete_kbnode(node);
1085 } /* end loop over signators */
1086
1087 leave:
1088 release_sk_list( sk_list );
1089 if( sk )
1090 free_secret_key(sk);
1091 return rc;
1092 }
1093
1094
1095
1096 /****************
1097 * Change the passphrase of the primary and all secondary keys.
1098 * We use only one passphrase for all keys.
1099 */
1100 static int
1101 change_passphrase( KBNODE keyblock )
1102 {
1103 int rc = 0;
1104 int changed=0;
1105 KBNODE node;
1106 PKT_secret_key *sk;
1107 char *passphrase = NULL;
1108 int no_primary_secrets = 0;
1109 int any;
1110
1111 node = find_kbnode( keyblock, PKT_SECRET_KEY );
1112 if( !node ) {
1113 log_error("Oops; secret key not found anymore!\n");
1114 goto leave;
1115 }
1116 sk = node->pkt->pkt.secret_key;
1117
1118 for (any = 0, node=keyblock; node; node = node->next) {
1119 if (node->pkt->pkttype == PKT_SECRET_KEY
1120 || node->pkt->pkttype == PKT_SECRET_SUBKEY) {
1121 PKT_secret_key *tmpsk = node->pkt->pkt.secret_key;
1122 if (!(tmpsk->is_protected
1123 && (tmpsk->protect.s2k.mode == 1001
1124 || tmpsk->protect.s2k.mode == 1002))) {
1125 any = 1;
1126 break;
1127 }
1128 }
1129 }
1130 if (!any) {
1131 tty_printf (_("Key has only stub or on-card key items - "
1132 "no passphrase to change.\n"));
1133 goto leave;
1134 }
1135
1136 /* See how to handle this key. */
1137 switch( is_secret_key_protected( sk ) ) {
1138 case -1:
1139 rc = G10ERR_PUBKEY_ALGO;
1140 break;
1141 case 0:
1142 tty_printf(_("This key is not protected.\n"));
1143 break;
1144 default:
1145 if( sk->protect.s2k.mode == 1001 ) {
1146 tty_printf(_("Secret parts of primary key are not available.\n"));
1147 no_primary_secrets = 1;
1148 }
1149 else if( sk->protect.s2k.mode == 1002 ) {
1150 tty_printf(_("Secret parts of primary key are stored on-card.\n"));
1151 no_primary_secrets = 1;
1152 }
1153 else {
1154 u32 keyid[2];
1155
1156 tty_printf(_("Key is protected.\n"));
1157
1158 /* Clear the passphrase cache so that the user is required
1159 to enter the old passphrase. */
1160 keyid_from_sk (sk, keyid);
1161 passphrase_clear_cache (keyid, NULL, 0);
1162
1163 rc = check_secret_key( sk, 0 );
1164 if( !rc )
1165 passphrase = get_last_passphrase();
1166 }
1167 break;
1168 }
1169
1170 /* Unprotect all subkeys (use the supplied passphrase or ask)*/
1171 for(node=keyblock; !rc && node; node = node->next ) {
1172 if( node->pkt->pkttype == PKT_SECRET_SUBKEY ) {
1173 PKT_secret_key *subsk = node->pkt->pkt.secret_key;
1174 if ( !(subsk->is_protected
1175 && (subsk->protect.s2k.mode == 1001
1176 || subsk->protect.s2k.mode == 1002))) {
1177 set_next_passphrase( passphrase );
1178 rc = check_secret_key( subsk, 0 );
1179 if( !rc && !passphrase )
1180 passphrase = get_last_passphrase();
1181 }
1182 }
1183 }
1184
1185 if( rc )
1186 tty_printf(_("Can't edit this key: %s\n"), g10_errstr(rc));
1187 else {
1188 DEK *dek = NULL;
1189 STRING2KEY *s2k = xmalloc_secure( sizeof *s2k );
1190 const char *errtext = NULL;
1191
1192 tty_printf(_("Enter the new passphrase for this secret key.\n\n") );
1193
1194 set_next_passphrase( NULL );
1195 for(;;) {
1196 int canceled;
1197
1198 s2k->mode = opt.s2k_mode;
1199 s2k->hash_algo = S2K_DIGEST_ALGO;
1200 dek = passphrase_to_dek( NULL, 0, opt.s2k_cipher_algo,
1201 s2k, 2, errtext, &canceled);
1202 if (!dek && canceled) {
1203 rc = GPG_ERR_CANCELED;
1204 break;
1205 }
1206 else if( !dek ) {
1207 errtext = N_("passphrase not correctly repeated; try again");
1208 tty_printf ("%s.\n", _(errtext));
1209 }
1210 else if( !dek->keylen ) {
1211 rc = 0;
1212 tty_printf(_( "You don't want a passphrase -"
1213 " this is probably a *bad* idea!\n\n"));
1214 if( cpr_get_answer_is_yes("change_passwd.empty.okay",
1215 _("Do you really want to do this? (y/N) ")))
1216 {
1217 changed++;
1218 break;
1219 }
1220 }
1221 else { /* okay */
1222 rc = 0;
1223 if( !no_primary_secrets ) {
1224 sk->protect.algo = dek->algo;
1225 sk->protect.s2k = *s2k;
1226 rc = protect_secret_key( sk, dek );
1227 }
1228 for(node=keyblock; !rc && node; node = node->next ) {
1229 if( node->pkt->pkttype == PKT_SECRET_SUBKEY ) {
1230 PKT_secret_key *subsk = node->pkt->pkt.secret_key;
1231 if ( !(subsk->is_protected
1232 && (subsk->protect.s2k.mode == 1001
1233 || subsk->protect.s2k.mode == 1002))) {
1234 subsk->protect.algo = dek->algo;
1235 subsk->protect.s2k = *s2k;
1236 rc = protect_secret_key( subsk, dek );
1237 }
1238 }
1239 }
1240 if( rc )
1241 log_error("protect_secret_key failed: %s\n",
1242 g10_errstr(rc) );
1243 else
1244 {
1245 u32 keyid[2];
1246
1247 /* Clear the cahce again so that the user is
1248 required to enter the new passphrase at the
1249 next operation. */
1250 keyid_from_sk (sk, keyid);
1251 passphrase_clear_cache (keyid, NULL, 0);
1252
1253 changed++;
1254 }
1255 break;
1256 }
1257 }
1258 xfree(s2k);
1259 xfree(dek);
1260 }
1261
1262 leave:
1263 xfree( passphrase );
1264 set_next_passphrase( NULL );
1265 return changed && !rc;
1266 }
1267
1268
1269 /****************
1270 * There are some keys out (due to a bug in gnupg), where the sequence
1271 * of the packets is wrong. This function fixes that.
1272 * Returns: true if the keyblock has been fixed.
1273 *
1274 * Note: This function does not work if there is more than one user ID.
1275 */
1276 static int
1277 fix_keyblock( KBNODE keyblock )
1278 {
1279 KBNODE node, last, subkey;
1280 int fixed=0;
1281
1282 /* locate key signatures of class 0x10..0x13 behind sub key packets */
1283 for( subkey=last=NULL, node = keyblock; node;
1284 last=node, node = node->next ) {
1285 switch( node->pkt->pkttype ) {
1286 case PKT_PUBLIC_SUBKEY:
1287 case PKT_SECRET_SUBKEY:
1288 if( !subkey )
1289 subkey = last; /* actually it is the one before the subkey */
1290 break;
1291 case PKT_SIGNATURE:
1292 if( subkey ) {
1293 PKT_signature *sig = node->pkt->pkt.signature;
1294 if( sig->sig_class >= 0x10 && sig->sig_class <= 0x13 ) {
1295 log_info(_(
1296 "moving a key signature to the correct place\n"));
1297 last->next = node->next;
1298 node->next = subkey->next;
1299 subkey->next = node;
1300 node = last;
1301 fixed=1;
1302 }
1303 }
1304 break;
1305 default: break;
1306 }
1307 }
1308
1309 return fixed;
1310 }
1311
1312 static int
1313 parse_sign_type(const char *str,int *localsig,int *nonrevokesig,int *trustsig)
1314 {
1315 const char *p=str;
1316
1317 while(*p)
1318 {
1319 if(ascii_strncasecmp(p,"l",1)==0)
1320 {
1321 *localsig=1;
1322 p++;
1323 }
1324 else if(ascii_strncasecmp(p,"nr",2)==0)
1325 {
1326 *nonrevokesig=1;
1327 p+=2;
1328 }
1329 else if(ascii_strncasecmp(p,"t",1)==0)
1330 {
1331 *trustsig=1;
1332 p++;
1333 }
1334 else
1335 return 0;
1336 }
1337
1338 return 1;
1339 }
1340
1341 \f
1342 /****************
1343 * Menu driven key editor. If seckey_check is true, then a secret key
1344 * that matches username will be looked for. If it is false, not all
1345 * commands will be available.
1346 *
1347 * Note: to keep track of some selection we use node->mark MARKBIT_xxxx.
1348 */
1349
1350 /* Need an SK for this command */
1351 #define KEYEDIT_NEED_SK 1
1352 /* Cannot be viewing the SK for this command */
1353 #define KEYEDIT_NOT_SK 2
1354 /* Must be viewing the SK for this command */
1355 #define KEYEDIT_ONLY_SK 4
1356 /* Match the tail of the string */
1357 #define KEYEDIT_TAIL_MATCH 8
1358
1359 enum cmdids
1360 {
1361 cmdNONE = 0,
1362 cmdQUIT, cmdHELP, cmdFPR, cmdLIST, cmdSELUID, cmdCHECK, cmdSIGN,
1363 cmdREVSIG, cmdREVKEY, cmdREVUID, cmdDELSIG, cmdPRIMARY, cmdDEBUG,
1364 cmdSAVE, cmdADDUID, cmdADDPHOTO, cmdDELUID, cmdADDKEY, cmdDELKEY,
1365 cmdADDREVOKER, cmdTOGGLE, cmdSELKEY, cmdPASSWD, cmdTRUST, cmdPREF,
1366 cmdEXPIRE, cmdBACKSIGN, cmdENABLEKEY, cmdDISABLEKEY, cmdSHOWPREF,
1367 cmdSETPREF, cmdPREFKS, cmdNOTATION, cmdINVCMD, cmdSHOWPHOTO, cmdUPDTRUST,
1368 cmdCHKTRUST, cmdADDCARDKEY, cmdKEYTOCARD, cmdBKUPTOCARD, cmdCLEAN,
1369 cmdMINIMIZE, cmdNOP
1370 };
1371
1372 static struct
1373 {
1374 const char *name;
1375 enum cmdids id;
1376 int flags;
1377 const char *desc;
1378 } cmds[] =
1379 {
1380 { "quit" , cmdQUIT , 0, N_("quit this menu") },
1381 { "q" , cmdQUIT , 0, NULL },
1382 { "save" , cmdSAVE , 0, N_("save and quit") },
1383 { "help" , cmdHELP , 0, N_("show this help") },
1384 { "?" , cmdHELP , 0, NULL },
1385 { "fpr" , cmdFPR , 0, N_("show key fingerprint") },
1386 { "list" , cmdLIST , 0, N_("list key and user IDs") },
1387 { "l" , cmdLIST , 0, NULL },
1388 { "uid" , cmdSELUID , 0, N_("select user ID N") },
1389 { "key" , cmdSELKEY , 0, N_("select subkey N") },
1390 { "check" , cmdCHECK , 0, N_("check signatures") },
1391 { "c" , cmdCHECK , 0, NULL },
1392 { "cross-certify", cmdBACKSIGN , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK, NULL },
1393 { "backsign", cmdBACKSIGN , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK, NULL },
1394 { "sign" , cmdSIGN , KEYEDIT_NOT_SK|KEYEDIT_TAIL_MATCH,
1395 N_("sign selected user IDs [* see below for related commands]") },
1396 { "s" , cmdSIGN , KEYEDIT_NOT_SK, NULL },
1397 /* "lsign" and friends will never match since "sign" comes first
1398 and it is a tail match. They are just here so they show up in
1399 the help menu. */
1400 { "lsign" , cmdNOP , 0, N_("sign selected user IDs locally") },
1401 { "tsign" , cmdNOP , 0,
1402 N_("sign selected user IDs with a trust signature") },
1403 { "nrsign" , cmdNOP , 0,
1404 N_("sign selected user IDs with a non-revocable signature") },
1405
1406 { "debug" , cmdDEBUG , 0, NULL },
1407 { "adduid" , cmdADDUID , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1408 N_("add a user ID") },
1409 { "addphoto", cmdADDPHOTO , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1410 N_("add a photo ID") },
1411 { "deluid" , cmdDELUID , KEYEDIT_NOT_SK,
1412 N_("delete selected user IDs") },
1413 /* delphoto is really deluid in disguise */
1414 { "delphoto", cmdDELUID , KEYEDIT_NOT_SK, NULL },
1415
1416 { "addkey" , cmdADDKEY , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1417 N_("add a subkey") },
1418
1419 #ifdef ENABLE_CARD_SUPPORT
1420 { "addcardkey", cmdADDCARDKEY , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1421 N_("add a key to a smartcard") },
1422 { "keytocard", cmdKEYTOCARD , KEYEDIT_NEED_SK|KEYEDIT_ONLY_SK,
1423 N_("move a key to a smartcard")},
1424 { "bkuptocard", cmdBKUPTOCARD , KEYEDIT_NEED_SK|KEYEDIT_ONLY_SK,
1425 N_("move a backup key to a smartcard")},
1426 #endif /*ENABLE_CARD_SUPPORT*/
1427
1428 { "delkey" , cmdDELKEY , KEYEDIT_NOT_SK,
1429 N_("delete selected subkeys") },
1430 { "addrevoker",cmdADDREVOKER,KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1431 N_("add a revocation key") },
1432 { "delsig" , cmdDELSIG , KEYEDIT_NOT_SK,
1433 N_("delete signatures from the selected user IDs") },
1434 { "expire" , cmdEXPIRE , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1435 N_("change the expiration date for the key or selected subkeys") },
1436 { "primary" , cmdPRIMARY , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1437 N_("flag the selected user ID as primary")},
1438 { "toggle" , cmdTOGGLE , KEYEDIT_NEED_SK,
1439 N_("toggle between the secret and public key listings") },
1440 { "t" , cmdTOGGLE , KEYEDIT_NEED_SK, NULL },
1441 { "pref" , cmdPREF , KEYEDIT_NOT_SK,
1442 N_("list preferences (expert)")},
1443 { "showpref", cmdSHOWPREF , KEYEDIT_NOT_SK,
1444 N_("list preferences (verbose)") },
1445 { "setpref" , cmdSETPREF , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1446 N_("set preference list for the selected user IDs") },
1447 /* Alias */
1448 { "updpref" , cmdSETPREF , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK, NULL },
1449
1450 { "keyserver",cmdPREFKS , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1451 N_("set the preferred keyserver URL for the selected user IDs")},
1452 { "notation", cmdNOTATION , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1453 N_("set a notation for the selected user IDs")},
1454 { "passwd" , cmdPASSWD , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1455 N_("change the passphrase") },
1456 /* Alias */
1457 { "password", cmdPASSWD , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK, NULL },
1458
1459 { "trust" , cmdTRUST , KEYEDIT_NOT_SK, N_("change the ownertrust") },
1460 { "revsig" , cmdREVSIG , KEYEDIT_NOT_SK,
1461 N_("revoke signatures on the selected user IDs") },
1462 { "revuid" , cmdREVUID , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1463 N_("revoke selected user IDs") },
1464 /* Alias */
1465 { "revphoto", cmdREVUID , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK, NULL },
1466
1467 { "revkey" , cmdREVKEY , KEYEDIT_NOT_SK|KEYEDIT_NEED_SK,
1468 N_("revoke key or selected subkeys") },
1469 { "enable" , cmdENABLEKEY , KEYEDIT_NOT_SK, N_("enable key") },
1470 { "disable" , cmdDISABLEKEY, KEYEDIT_NOT_SK, N_("disable key") },
1471 { "showphoto",cmdSHOWPHOTO , 0, N_("show selected photo IDs") },
1472 { "clean", cmdCLEAN , KEYEDIT_NOT_SK,
1473 N_("compact unusable user IDs and remove unusable signatures from key")},
1474 { "minimize", cmdMINIMIZE , KEYEDIT_NOT_SK,
1475 N_("compact unusable user IDs and remove all signatures from key") },
1476 { NULL, cmdNONE, 0, NULL }
1477 };
1478
1479 #ifdef HAVE_LIBREADLINE
1480
1481 /* These two functions are used by readline for command completion. */
1482
1483 static char *
1484 command_generator(const char *text,int state)
1485 {
1486 static int list_index,len;
1487 const char *name;
1488
1489 /* If this is a new word to complete, initialize now. This includes
1490 saving the length of TEXT for efficiency, and initializing the
1491 index variable to 0. */
1492 if(!state)
1493 {
1494 list_index=0;
1495 len=strlen(text);
1496 }
1497
1498 /* Return the next partial match */
1499 while((name=cmds[list_index].name))
1500 {
1501 /* Only complete commands that have help text */
1502 if(cmds[list_index++].desc && strncmp(name,text,len)==0)
1503 return strdup(name);
1504 }
1505
1506 return NULL;
1507 }
1508
1509 static char **
1510 keyedit_completion(const char *text, int start, int end)
1511 {
1512 /* If we are at the start of a line, we try and command-complete.
1513 If not, just do nothing for now. */
1514
1515 (void)end;
1516
1517 if(start==0)
1518 return rl_completion_matches(text,command_generator);
1519
1520 rl_attempted_completion_over=1;
1521
1522 return NULL;
1523 }
1524 #endif /* HAVE_LIBREADLINE */
1525
1526
1527 void
1528 keyedit_menu( const char *username, strlist_t locusr,
1529 strlist_t commands, int quiet, int seckey_check )
1530 {
1531 enum cmdids cmd = 0;
1532 int rc = 0;
1533 KBNODE keyblock = NULL;
1534 KEYDB_HANDLE kdbhd = NULL;
1535 KBNODE sec_keyblock = NULL;
1536 KEYDB_HANDLE sec_kdbhd = NULL;
1537 KBNODE cur_keyblock;
1538 char *answer = NULL;
1539 int redisplay = 1;
1540 int modified = 0;
1541 int sec_modified = 0;
1542 int toggle;
1543 int have_commands = !!commands;
1544
1545 if ( opt.command_fd != -1 )
1546 ;
1547 else if( opt.batch && !have_commands )
1548 {
1549 log_error(_("can't do this in batch mode\n"));
1550 goto leave;
1551 }
1552
1553 #ifdef HAVE_W32_SYSTEM
1554 /* Due to Windows peculiarities we need to make sure that the
1555 trustdb stale check is done before we open another file
1556 (i.e. by searching for a key). In theory we could make sure
1557 that the files are closed after use but the open/close caches
1558 inhibits that and flushing the cache right before the stale
1559 check is not easy to implement. Thus we take the easy way out
1560 and run the stale check as early as possible. Note, that for
1561 non- W32 platforms it is run indirectly trough a call to
1562 get_validity (). */
1563 check_trustdb_stale ();
1564 #endif
1565
1566 /* Get the public key */
1567 rc = get_pubkey_byname (NULL, NULL, username, &keyblock, &kdbhd, 1, 1);
1568 if( rc )
1569 goto leave;
1570 if( fix_keyblock( keyblock ) )
1571 modified++;
1572 if( collapse_uids( &keyblock ) )
1573 modified++;
1574 reorder_keyblock(keyblock);
1575 /* We modified the keyblock, so let's make sure the flags are
1576 right. */
1577 if (modified)
1578 merge_keys_and_selfsig (keyblock);
1579
1580 if(seckey_check)
1581 {/* see whether we have a matching secret key */
1582 PKT_public_key *pk = keyblock->pkt->pkt.public_key;
1583
1584 sec_kdbhd = keydb_new (1);
1585 {
1586 byte afp[MAX_FINGERPRINT_LEN];
1587 size_t an;
1588
1589 fingerprint_from_pk (pk, afp, &an);
1590 while (an < MAX_FINGERPRINT_LEN)
1591 afp[an++] = 0;
1592 rc = keydb_search_fpr (sec_kdbhd, afp);
1593 }
1594 if (!rc)
1595 {
1596 rc = keydb_get_keyblock (sec_kdbhd, &sec_keyblock);
1597 if (rc)
1598 {
1599 log_error (_("error reading secret keyblock \"%s\": %s\n"),
1600 username, g10_errstr(rc));
1601 }
1602 else
1603 {
1604 merge_keys_and_selfsig( sec_keyblock );
1605 if( fix_keyblock( sec_keyblock ) )
1606 sec_modified++;
1607 }
1608 }
1609
1610 if (rc) {
1611 sec_keyblock = NULL;
1612 keydb_release (sec_kdbhd); sec_kdbhd = NULL;
1613 rc = 0;
1614 }
1615
1616 if( sec_keyblock && !quiet )
1617 tty_printf(_("Secret key is available.\n"));
1618 }
1619
1620 toggle = 0;
1621 cur_keyblock = keyblock;
1622 for(;;) { /* main loop */
1623 int i, arg_number, photo;
1624 const char *arg_string = "";
1625 char *p;
1626 PKT_public_key *pk=keyblock->pkt->pkt.public_key;
1627
1628 tty_printf("\n");
1629
1630 if( redisplay && !quiet )
1631 {
1632 show_key_with_all_names( cur_keyblock, 0, 1, 0, 1, 0 );
1633 tty_printf("\n");
1634 redisplay = 0;
1635 }
1636 do {
1637 xfree(answer);
1638 if( have_commands ) {
1639 if( commands ) {
1640 answer = xstrdup( commands->d );
1641 commands = commands->next;
1642 }
1643 else if( opt.batch ) {
1644 answer = xstrdup("quit");
1645 }
1646 else
1647 have_commands = 0;
1648 }
1649 if( !have_commands )
1650 {
1651 #ifdef HAVE_LIBREADLINE
1652 tty_enable_completion(keyedit_completion);
1653 #endif
1654 answer = cpr_get_no_help("keyedit.prompt", _("Command> "));
1655 cpr_kill_prompt();
1656 tty_disable_completion();
1657 }
1658 trim_spaces(answer);
1659 } while( *answer == '#' );
1660
1661 arg_number = 0; /* Yes, here is the init which egcc complains about */
1662 photo = 0; /* This too */
1663 if( !*answer )
1664 cmd = cmdLIST;
1665 else if( *answer == CONTROL_D )
1666 cmd = cmdQUIT;
1667 else if( digitp(answer ) ) {
1668 cmd = cmdSELUID;
1669 arg_number = atoi(answer);
1670 }
1671 else {
1672 if( (p=strchr(answer,' ')) ) {
1673 *p++ = 0;
1674 trim_spaces(answer);
1675 trim_spaces(p);
1676 arg_number = atoi(p);
1677 arg_string = p;
1678 }
1679
1680 for(i=0; cmds[i].name; i++ )
1681 {
1682 if(cmds[i].flags & KEYEDIT_TAIL_MATCH)
1683 {
1684 size_t l=strlen(cmds[i].name);
1685 size_t a=strlen(answer);
1686 if(a>=l)
1687 {
1688 if(ascii_strcasecmp(&answer[a-l],cmds[i].name)==0)
1689 {
1690 answer[a-l]='\0';
1691 break;
1692 }
1693 }
1694 }
1695 else if( !ascii_strcasecmp( answer, cmds[i].name ) )
1696 break;
1697 }
1698 if((cmds[i].flags & KEYEDIT_NEED_SK) && !sec_keyblock )
1699 {
1700 tty_printf(_("Need the secret key to do this.\n"));
1701 cmd = cmdNOP;
1702 }
1703 else if(((cmds[i].flags & KEYEDIT_NOT_SK) && sec_keyblock
1704 && toggle)
1705 ||((cmds[i].flags & KEYEDIT_ONLY_SK) && sec_keyblock
1706 && !toggle))
1707 {
1708 tty_printf(_("Please use the command \"toggle\" first.\n"));
1709 cmd = cmdNOP;
1710 }
1711 else
1712 cmd = cmds[i].id;
1713 }
1714 switch( cmd )
1715 {
1716 case cmdHELP:
1717 for(i=0; cmds[i].name; i++ )
1718 {
1719 if((cmds[i].flags & KEYEDIT_NEED_SK) && !sec_keyblock )
1720 ; /* skip if we do not have the secret key */
1721 else if( cmds[i].desc )
1722 tty_printf("%-11s %s\n", cmds[i].name, _(cmds[i].desc) );
1723 }
1724
1725 tty_printf("\n");
1726 tty_printf(_(
1727 "* The `sign' command may be prefixed with an `l' for local "
1728 "signatures (lsign),\n"
1729 " a `t' for trust signatures (tsign), an `nr' for non-revocable signatures\n"
1730 " (nrsign), or any combination thereof (ltsign, tnrsign, etc.).\n"));
1731
1732 break;
1733
1734 case cmdLIST:
1735 redisplay = 1;
1736 break;
1737
1738 case cmdFPR:
1739 show_key_and_fingerprint( keyblock );
1740 break;
1741
1742 case cmdSELUID:
1743 if(strlen(arg_string)==NAMEHASH_LEN*2)
1744 redisplay=menu_select_uid_namehash(cur_keyblock,arg_string);
1745 else
1746 {
1747 if (*arg_string == '*'
1748 && (!arg_string[1] || spacep (arg_string+1)))
1749 arg_number = -1; /* Select all. */
1750 redisplay = menu_select_uid (cur_keyblock, arg_number);
1751 }
1752 break;
1753
1754 case cmdSELKEY:
1755 {
1756 if (*arg_string == '*'
1757 && (!arg_string[1] || spacep (arg_string+1)))
1758 arg_number = -1; /* Select all. */
1759 if (menu_select_key( cur_keyblock, arg_number))
1760 redisplay = 1;
1761 }
1762 break;
1763
1764 case cmdCHECK:
1765 /* we can only do this with the public key becuase the
1766 * check functions can't cope with secret keys and it
1767 * is questionable whether this would make sense at all */
1768 check_all_keysigs( keyblock, count_selected_uids(keyblock) );
1769 break;
1770
1771 case cmdSIGN: /* sign (only the public key) */
1772 {
1773 int localsig=0,nonrevokesig=0,trustsig=0,interactive=0;
1774
1775 if( pk->is_revoked )
1776 {
1777 tty_printf(_("Key is revoked."));
1778
1779 if(opt.expert)
1780 {
1781 tty_printf(" ");
1782 if(!cpr_get_answer_is_yes("keyedit.sign_revoked.okay",
1783 _("Are you sure you still want"
1784 " to sign it? (y/N) ")))
1785 break;
1786 }
1787 else
1788 {
1789 tty_printf(_(" Unable to sign.\n"));
1790 break;
1791 }
1792 }
1793
1794 if(count_uids(keyblock) > 1 && !count_selected_uids(keyblock)
1795 && !cpr_get_answer_is_yes("keyedit.sign_all.okay",
1796 _("Really sign all user IDs?"
1797 " (y/N) ")))
1798 {
1799 if(opt.interactive)
1800 interactive=1;
1801 else
1802 {
1803 tty_printf(_("Hint: Select the user IDs to sign\n"));
1804 have_commands = 0;
1805 break;
1806 }
1807
1808 }
1809 /* What sort of signing are we doing? */
1810 if(!parse_sign_type(answer,&localsig,&nonrevokesig,&trustsig))
1811 {
1812 tty_printf(_("Unknown signature type `%s'\n"),answer);
1813 break;
1814 }
1815
1816 sign_uids(keyblock, locusr, &modified,
1817 localsig, nonrevokesig, trustsig, interactive);
1818 }
1819 break;
1820
1821 case cmdDEBUG:
1822 dump_kbnode( cur_keyblock );
1823 break;
1824
1825 case cmdTOGGLE:
1826 toggle = !toggle;
1827 cur_keyblock = toggle? sec_keyblock : keyblock;
1828 redisplay = 1;
1829 break;
1830
1831 case cmdADDPHOTO:
1832 if (RFC2440 || RFC1991 || PGP2)
1833 {
1834 tty_printf(
1835 _("This command is not allowed while in %s mode.\n"),
1836 compliance_option_string());
1837 break;
1838 }
1839 photo=1;
1840 /* fall through */
1841
1842 case cmdADDUID:
1843 if( menu_adduid( keyblock, sec_keyblock, photo, arg_string ) )
1844 {
1845 update_trust = 1;
1846 redisplay = 1;
1847 sec_modified = modified = 1;
1848 merge_keys_and_selfsig( sec_keyblock );
1849 merge_keys_and_selfsig( keyblock );
1850 }
1851 break;
1852
1853 case cmdDELUID: {
1854 int n1;
1855
1856 if( !(n1=count_selected_uids(keyblock)) )
1857 tty_printf(_("You must select at least one user ID.\n"));
1858 else if( real_uids_left(keyblock) < 1 )
1859 tty_printf(_("You can't delete the last user ID!\n"));
1860 else if( cpr_get_answer_is_yes("keyedit.remove.uid.okay",
1861 n1 > 1? _("Really remove all selected user IDs? (y/N) ")
1862 : _("Really remove this user ID? (y/N) ")
1863 ) ) {
1864 menu_deluid( keyblock, sec_keyblock );
1865 redisplay = 1;
1866 modified = 1;
1867 if( sec_keyblock )
1868 sec_modified = 1;
1869 }
1870 }
1871 break;
1872
1873 case cmdDELSIG: {
1874 int n1;
1875
1876 if( !(n1=count_selected_uids(keyblock)) )
1877 tty_printf(_("You must select at least one user ID.\n"));
1878 else if( menu_delsig( keyblock ) ) {
1879 /* no redisplay here, because it may scroll away some
1880 * status output of delsig */
1881 modified = 1;
1882 }
1883 }
1884 break;
1885
1886 case cmdADDKEY:
1887 if( generate_subkeypair( keyblock, sec_keyblock ) ) {
1888 redisplay = 1;
1889 sec_modified = modified = 1;
1890 merge_keys_and_selfsig( sec_keyblock );
1891 merge_keys_and_selfsig( keyblock );
1892 }
1893 break;
1894
1895 #ifdef ENABLE_CARD_SUPPORT
1896 case cmdADDCARDKEY:
1897 if (card_generate_subkey (keyblock, sec_keyblock)) {
1898 redisplay = 1;
1899 sec_modified = modified = 1;
1900 merge_keys_and_selfsig( sec_keyblock );
1901 merge_keys_and_selfsig( keyblock );
1902 }
1903 break;
1904
1905 case cmdKEYTOCARD:
1906 {
1907 KBNODE node=NULL;
1908 switch ( count_selected_keys (sec_keyblock) )
1909 {
1910 case 0:
1911 if (cpr_get_answer_is_yes
1912 ("keyedit.keytocard.use_primary",
1913 /* TRANSLATORS: Please take care: This is about
1914 moving the key and not about removing it. */
1915 _("Really move the primary key? (y/N) ")))
1916 node = sec_keyblock;
1917 break;
1918 case 1:
1919 for (node = sec_keyblock; node; node = node->next )
1920 {
1921 if (node->pkt->pkttype == PKT_SECRET_SUBKEY
1922 && node->flag & NODFLG_SELKEY)
1923 break;
1924 }
1925 break;
1926 default:
1927 tty_printf(_("You must select exactly one key.\n"));
1928 break;
1929 }
1930 if (node)
1931 {
1932 PKT_public_key *xxpk = find_pk_from_sknode (keyblock, node);
1933 if (card_store_subkey (node, xxpk?xxpk->pubkey_usage:0))
1934 {
1935 redisplay = 1;
1936 sec_modified = 1;
1937 }
1938 }
1939 }
1940 break;
1941
1942 case cmdBKUPTOCARD:
1943 {
1944 /* Ask for a filename, check whether this is really a
1945 backup key as generated by the card generation, parse
1946 that key and store it on card. */
1947 KBNODE node;
1948 const char *fname;
1949 PACKET *pkt;
1950 IOBUF a;
1951
1952 fname = arg_string;
1953 if (!*fname)
1954 {
1955 tty_printf (_("Command expects a filename argument\n"));
1956 break;
1957 }
1958
1959 /* Open that file. */
1960 a = iobuf_open (fname);
1961 if (a && is_secured_file (iobuf_get_fd (a)))
1962 {
1963 iobuf_close (a);
1964 a = NULL;
1965 errno = EPERM;
1966 }
1967 if (!a)
1968 {
1969 tty_printf (_("Can't open `%s': %s\n"),
1970 fname, strerror(errno));
1971 break;
1972 }
1973
1974 /* Parse and check that file. */
1975 pkt = xmalloc (sizeof *pkt);
1976 init_packet (pkt);
1977 rc = parse_packet (a, pkt);
1978 iobuf_close (a);
1979 iobuf_ioctl (NULL, 2, 0, (char*)fname); /* (invalidate cache). */
1980 if (!rc
1981 && pkt->pkttype != PKT_SECRET_KEY
1982 && pkt->pkttype != PKT_SECRET_SUBKEY)
1983 rc = G10ERR_NO_SECKEY;
1984 if (rc)
1985 {
1986 tty_printf(_("Error reading backup key from `%s': %s\n"),
1987 fname, g10_errstr (rc));
1988 free_packet (pkt);
1989 xfree (pkt);
1990 break;
1991 }
1992 node = new_kbnode (pkt);
1993
1994 /* Store it. */
1995 if (card_store_subkey (node, 0))
1996 {
1997 redisplay = 1;
1998 sec_modified = 1;
1999 }
2000 release_kbnode (node);
2001 }
2002 break;
2003
2004 #endif /* ENABLE_CARD_SUPPORT */
2005
2006 case cmdDELKEY: {
2007 int n1;
2008
2009 if( !(n1=count_selected_keys( keyblock )) )
2010 tty_printf(_("You must select at least one key.\n"));
2011 else if( !cpr_get_answer_is_yes( "keyedit.remove.subkey.okay",
2012 n1 > 1?
2013 _("Do you really want to delete the selected keys? (y/N) "):
2014 _("Do you really want to delete this key? (y/N) ")
2015 ))
2016 ;
2017 else {
2018 menu_delkey( keyblock, sec_keyblock );
2019 redisplay = 1;
2020 modified = 1;
2021 if( sec_keyblock )
2022 sec_modified = 1;
2023 }
2024 }
2025 break;
2026
2027 case cmdADDREVOKER:
2028 {
2029 int sensitive=0;
2030
2031 if(ascii_strcasecmp(arg_string,"sensitive")==0)
2032 sensitive=1;
2033 if( menu_addrevoker( keyblock, sec_keyblock, sensitive ) ) {
2034 redisplay = 1;
2035 sec_modified = modified = 1;
2036 merge_keys_and_selfsig( sec_keyblock );
2037 merge_keys_and_selfsig( keyblock );
2038 }
2039 }
2040 break;
2041
2042 case cmdREVUID: {
2043 int n1;
2044
2045 if( !(n1=count_selected_uids(keyblock)) )
2046 tty_printf(_("You must select at least one user ID.\n"));
2047 else if( cpr_get_answer_is_yes(
2048 "keyedit.revoke.uid.okay",
2049 n1 > 1? _("Really revoke all selected user IDs? (y/N) ")
2050 : _("Really revoke this user ID? (y/N) ")
2051 ) ) {
2052 if(menu_revuid(keyblock,sec_keyblock))
2053 {
2054 modified=1;
2055 redisplay=1;
2056 }
2057 }
2058 }
2059 break;
2060
2061 case cmdREVKEY:
2062 {
2063 int n1;
2064
2065 if( !(n1=count_selected_keys( keyblock )) )
2066 {
2067 if(cpr_get_answer_is_yes("keyedit.revoke.subkey.okay",
2068 _("Do you really want to revoke"
2069 " the entire key? (y/N) ")))
2070 {
2071 if(menu_revkey(keyblock,sec_keyblock))
2072 modified=1;
2073
2074 redisplay=1;
2075 }
2076 }
2077 else if(cpr_get_answer_is_yes("keyedit.revoke.subkey.okay",
2078 n1 > 1?
2079 _("Do you really want to revoke"
2080 " the selected subkeys? (y/N) "):
2081 _("Do you really want to revoke"
2082 " this subkey? (y/N) ")))
2083 {
2084 if( menu_revsubkey( keyblock, sec_keyblock ) )
2085 modified = 1;
2086
2087 redisplay = 1;
2088 }
2089
2090 if(modified)
2091 merge_keys_and_selfsig( keyblock );
2092 }
2093 break;
2094
2095 case cmdEXPIRE:
2096 if( menu_expire( keyblock, sec_keyblock ) )
2097 {
2098 merge_keys_and_selfsig( sec_keyblock );
2099 merge_keys_and_selfsig( keyblock );
2100 sec_modified = 1;
2101 modified = 1;
2102 redisplay = 1;
2103 }
2104 break;
2105
2106 case cmdBACKSIGN:
2107 if(menu_backsign(keyblock,sec_keyblock))
2108 {
2109 sec_modified = 1;
2110 modified = 1;
2111 redisplay = 1;
2112 }
2113 break;
2114
2115 case cmdPRIMARY:
2116 if( menu_set_primary_uid ( keyblock, sec_keyblock ) ) {
2117 merge_keys_and_selfsig( keyblock );
2118 modified = 1;
2119 redisplay = 1;
2120 }
2121 break;
2122
2123 case cmdPASSWD:
2124 if( change_passphrase( sec_keyblock ) )
2125 sec_modified = 1;
2126 break;
2127
2128 case cmdTRUST:
2129 if(opt.trust_model==TM_EXTERNAL)
2130 {
2131 tty_printf (_("Owner trust may not be set while "
2132 "using a user provided trust database\n"));
2133 break;
2134 }
2135
2136 show_key_with_all_names( keyblock, 0, 0, 0, 1, 0 );
2137 tty_printf("\n");
2138 if( edit_ownertrust( find_kbnode( keyblock,
2139 PKT_PUBLIC_KEY )->pkt->pkt.public_key, 1 ) ) {
2140 redisplay = 1;
2141 /* No real need to set update_trust here as
2142 edit_ownertrust() calls revalidation_mark()
2143 anyway. */
2144 update_trust=1;
2145 }
2146 break;
2147
2148 case cmdPREF:
2149 {
2150 int count=count_selected_uids(keyblock);
2151 assert(keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
2152 show_names(keyblock,keyblock->pkt->pkt.public_key,
2153 count?NODFLG_SELUID:0,1);
2154 }
2155 break;
2156
2157 case cmdSHOWPREF:
2158 {
2159 int count=count_selected_uids(keyblock);
2160 assert(keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
2161 show_names(keyblock,keyblock->pkt->pkt.public_key,
2162 count?NODFLG_SELUID:0,2);
2163 }
2164 break;
2165
2166 case cmdSETPREF:
2167 {
2168 PKT_user_id *tempuid;
2169
2170 keygen_set_std_prefs(!*arg_string?"default" : arg_string, 0);
2171
2172 tempuid=keygen_get_std_prefs();
2173 tty_printf(_("Set preference list to:\n"));
2174 show_prefs(tempuid,NULL,1);
2175 free_user_id(tempuid);
2176
2177 if(cpr_get_answer_is_yes("keyedit.setpref.okay",
2178 count_selected_uids (keyblock)?
2179 _("Really update the preferences"
2180 " for the selected user IDs? (y/N) "):
2181 _("Really update the preferences? (y/N) ")))
2182 {
2183 if ( menu_set_preferences (keyblock, sec_keyblock) )
2184 {
2185 merge_keys_and_selfsig (keyblock);
2186 modified = 1;
2187 redisplay = 1;
2188 }
2189 }
2190 }
2191 break;
2192
2193 case cmdPREFKS:
2194 if( menu_set_keyserver_url ( *arg_string?arg_string:NULL,
2195 keyblock, sec_keyblock ) )
2196 {
2197 merge_keys_and_selfsig( keyblock );
2198 modified = 1;
2199 redisplay = 1;
2200 }
2201 break;
2202
2203 case cmdNOTATION:
2204 if( menu_set_notation ( *arg_string?arg_string:NULL,
2205 keyblock, sec_keyblock ) )
2206 {
2207 merge_keys_and_selfsig( keyblock );
2208 modified = 1;
2209 redisplay = 1;
2210 }
2211 break;
2212
2213 case cmdNOP:
2214 break;
2215
2216 case cmdREVSIG:
2217 if( menu_revsig( keyblock ) ) {
2218 redisplay = 1;
2219 modified = 1;
2220 }
2221 break;
2222
2223 case cmdENABLEKEY:
2224 case cmdDISABLEKEY:
2225 if( enable_disable_key( keyblock, cmd == cmdDISABLEKEY ) ) {
2226 redisplay = 1;
2227 modified = 1;
2228 }
2229 break;
2230
2231 case cmdSHOWPHOTO:
2232 menu_showphoto(keyblock);
2233 break;
2234
2235 case cmdCLEAN:
2236 if(menu_clean(keyblock,0))
2237 redisplay=modified=1;
2238 break;
2239
2240 case cmdMINIMIZE:
2241 if(menu_clean(keyblock,1))
2242 redisplay=modified=1;
2243 break;
2244
2245 case cmdQUIT:
2246 if( have_commands )
2247 goto leave;
2248 if( !modified && !sec_modified )
2249 goto leave;
2250 if( !cpr_get_answer_is_yes("keyedit.save.okay",
2251 _("Save changes? (y/N) ")) ) {
2252 if( cpr_enabled()
2253 || cpr_get_answer_is_yes("keyedit.cancel.okay",
2254 _("Quit without saving? (y/N) ")))
2255 goto leave;
2256 break;
2257 }
2258 /* fall thru */
2259 case cmdSAVE:
2260 if( modified || sec_modified ) {
2261 if( modified ) {
2262 rc = keydb_update_keyblock (kdbhd, keyblock);
2263 if( rc ) {
2264 log_error(_("update failed: %s\n"), g10_errstr(rc) );
2265 break;
2266 }
2267 }
2268 if( sec_modified ) {
2269 rc = keydb_update_keyblock (sec_kdbhd, sec_keyblock );
2270 if( rc ) {
2271 log_error( _("update secret failed: %s\n"),
2272 g10_errstr(rc) );
2273 break;
2274 }
2275 }
2276 }
2277 else
2278 tty_printf(_("Key not changed so no update needed.\n"));
2279
2280 if( update_trust )
2281 {
2282 revalidation_mark ();
2283 update_trust=0;
2284 }
2285 goto leave;
2286
2287 case cmdINVCMD:
2288 default:
2289 tty_printf("\n");
2290 tty_printf(_("Invalid command (try \"help\")\n"));
2291 break;
2292 }
2293 } /* end main loop */
2294
2295 leave:
2296 release_kbnode( keyblock );
2297 release_kbnode( sec_keyblock );
2298 keydb_release (kdbhd);
2299 xfree(answer);
2300 }
2301
2302 static void
2303 tty_print_notations(int indent,PKT_signature *sig)
2304 {
2305 int first=1;
2306 struct notation *notation,*nd;
2307
2308 if(indent<0)
2309 {
2310 first=0;
2311 indent=-indent;
2312 }
2313
2314 notation=sig_to_notation(sig);
2315
2316 for(nd=notation;nd;nd=nd->next)
2317 {
2318 if(!first)
2319 tty_printf("%*s",indent,"");
2320 else
2321 first=0;
2322
2323 tty_print_utf8_string(nd->name,strlen(nd->name));
2324 tty_printf("=");
2325 tty_print_utf8_string(nd->value,strlen(nd->value));
2326 tty_printf("\n");
2327 }
2328
2329 free_notation(notation);
2330 }
2331
2332 /****************
2333 * show preferences of a public keyblock.
2334 */
2335 static void
2336 show_prefs (PKT_user_id *uid, PKT_signature *selfsig, int verbose)
2337 {
2338 const prefitem_t fake={0,0};
2339 const prefitem_t *prefs;
2340 int i;
2341
2342 if( !uid )
2343 return;
2344
2345 if( uid->prefs )
2346 prefs=uid->prefs;
2347 else if(verbose)
2348 prefs=&fake;
2349 else
2350 return;
2351
2352 if (verbose) {
2353 int any, des_seen=0, sha1_seen=0, uncomp_seen=0;
2354
2355 tty_printf (" ");
2356 tty_printf (_("Cipher: "));
2357 for(i=any=0; prefs[i].type; i++ ) {
2358 if( prefs[i].type == PREFTYPE_SYM ) {
2359 if (any)
2360 tty_printf (", ");
2361 any = 1;
2362 /* We don't want to display strings for experimental algos */
2363 if (!openpgp_cipher_test_algo (prefs[i].value)
2364 && prefs[i].value < 100 )
2365 tty_printf ("%s",
2366 openpgp_cipher_algo_name (prefs[i].value));
2367 else
2368 tty_printf ("[%d]", prefs[i].value);
2369 if (prefs[i].value == CIPHER_ALGO_3DES )
2370 des_seen = 1;
2371 }
2372 }
2373 if (!des_seen) {
2374 if (any)
2375 tty_printf (", ");
2376 tty_printf ("%s", openpgp_cipher_algo_name (CIPHER_ALGO_3DES));
2377 }
2378 tty_printf ("\n ");
2379 tty_printf (_("Digest: "));
2380 for(i=any=0; prefs[i].type; i++ ) {
2381 if( prefs[i].type == PREFTYPE_HASH ) {
2382 if (any)
2383 tty_printf (", ");
2384 any = 1;
2385 /* We don't want to display strings for experimental algos */
2386 if (!gcry_md_test_algo (prefs[i].value)
2387 && prefs[i].value < 100 )
2388 tty_printf ("%s", gcry_md_algo_name (prefs[i].value) );
2389 else
2390 tty_printf ("[%d]", prefs[i].value);
2391 if (prefs[i].value == DIGEST_ALGO_SHA1 )
2392 sha1_seen = 1;
2393 }
2394 }
2395 if (!sha1_seen) {
2396 if (any)
2397 tty_printf (", ");
2398 tty_printf ("%s", gcry_md_algo_name (DIGEST_ALGO_SHA1));
2399 }
2400 tty_printf ("\n ");
2401 tty_printf (_("Compression: "));
2402 for(i=any=0; prefs[i].type; i++ ) {
2403 if( prefs[i].type == PREFTYPE_ZIP ) {
2404 const char *s=compress_algo_to_string(prefs[i].value);
2405
2406 if (any)
2407 tty_printf (", ");
2408 any = 1;
2409 /* We don't want to display strings for experimental algos */
2410 if (s && prefs[i].value < 100 )
2411 tty_printf ("%s", s );
2412 else
2413 tty_printf ("[%d]", prefs[i].value);
2414 if (prefs[i].value == COMPRESS_ALGO_NONE )
2415 uncomp_seen = 1;
2416 }
2417 }
2418 if (!uncomp_seen) {
2419 if (any)
2420 tty_printf (", ");
2421 else {
2422 tty_printf ("%s",compress_algo_to_string(COMPRESS_ALGO_ZIP));
2423 tty_printf (", ");
2424 }
2425 tty_printf ("%s",compress_algo_to_string(COMPRESS_ALGO_NONE));
2426 }
2427 if(uid->flags.mdc || !uid->flags.ks_modify)
2428 {
2429 tty_printf ("\n ");
2430 tty_printf (_("Features: "));
2431 any=0;
2432 if(uid->flags.mdc)
2433 {
2434 tty_printf ("MDC");
2435 any=1;
2436 }
2437 if(!uid->flags.ks_modify)
2438 {
2439 if(any)
2440 tty_printf (", ");
2441 tty_printf (_("Keyserver no-modify"));
2442 }
2443 }
2444 tty_printf("\n");
2445
2446 if(selfsig)
2447 {
2448 const byte *pref_ks;
2449 size_t pref_ks_len;
2450
2451 pref_ks=parse_sig_subpkt(selfsig->hashed,
2452 SIGSUBPKT_PREF_KS,&pref_ks_len);
2453 if(pref_ks && pref_ks_len)
2454 {
2455 tty_printf (" ");
2456 tty_printf(_("Preferred keyserver: "));
2457 tty_print_utf8_string(pref_ks,pref_ks_len);
2458 tty_printf("\n");
2459 }
2460
2461 if(selfsig->flags.notation)
2462 {
2463 tty_printf (" ");
2464 tty_printf(_("Notations: "));
2465 tty_print_notations(5+strlen(_("Notations: ")),selfsig);
2466 }
2467 }
2468 }
2469 else {
2470 tty_printf(" ");
2471 for(i=0; prefs[i].type; i++ ) {
2472 tty_printf( " %c%d", prefs[i].type == PREFTYPE_SYM ? 'S' :
2473 prefs[i].type == PREFTYPE_HASH ? 'H' :
2474 prefs[i].type == PREFTYPE_ZIP ? 'Z':'?',
2475 prefs[i].value);
2476 }
2477 if (uid->flags.mdc)
2478 tty_printf (" [mdc]");
2479 if (!uid->flags.ks_modify)
2480 tty_printf (" [no-ks-modify]");
2481 tty_printf("\n");
2482 }
2483 }
2484
2485 /* This is the version of show_key_with_all_names used when
2486 opt.with_colons is used. It prints all available data in a easy to
2487 parse format and does not translate utf8 */
2488 static void
2489 show_key_with_all_names_colon (KBNODE keyblock)
2490 {
2491 KBNODE node;
2492 int i, j, ulti_hack=0;
2493 byte pk_version=0;
2494 PKT_public_key *primary=NULL;
2495
2496 /* the keys */
2497 for ( node = keyblock; node; node = node->next )
2498 {
2499 if (node->pkt->pkttype == PKT_PUBLIC_KEY
2500 || (node->pkt->pkttype == PKT_PUBLIC_SUBKEY) )
2501 {
2502 PKT_public_key *pk = node->pkt->pkt.public_key;
2503 u32 keyid[2];
2504
2505 if (node->pkt->pkttype == PKT_PUBLIC_KEY)
2506 {
2507 pk_version = pk->version;
2508 primary=pk;
2509 }
2510
2511 keyid_from_pk (pk, keyid);
2512
2513 fputs (node->pkt->pkttype == PKT_PUBLIC_KEY?"pub:":"sub:", stdout);
2514 if (!pk->is_valid)
2515 putchar ('i');
2516 else if (pk->is_revoked)
2517 putchar ('r');
2518 else if (pk->has_expired)
2519 putchar ('e');
2520 else if (!(opt.fast_list_mode || opt.no_expensive_trust_checks ))
2521 {
2522 int trust = get_validity_info (pk, NULL);
2523 if(trust=='u')
2524 ulti_hack=1;
2525 putchar (trust);
2526 }
2527
2528 printf (":%u:%d:%08lX%08lX:%lu:%lu::",
2529 nbits_from_pk (pk),
2530 pk->pubkey_algo,
2531 (ulong)keyid[0], (ulong)keyid[1],
2532 (ulong)pk->timestamp,
2533 (ulong)pk->expiredate );
2534 if (node->pkt->pkttype==PKT_PUBLIC_KEY
2535 && !(opt.fast_list_mode || opt.no_expensive_trust_checks ))
2536 putchar(get_ownertrust_info (pk));
2537 putchar(':');
2538 putchar (':');
2539 putchar (':');
2540 /* Print capabilities. */
2541 if ( (pk->pubkey_usage & PUBKEY_USAGE_ENC) )
2542 putchar ('e');
2543 if ( (pk->pubkey_usage & PUBKEY_USAGE_SIG) )
2544 putchar ('s');
2545 if ( (pk->pubkey_usage & PUBKEY_USAGE_CERT) )
2546 putchar ('c');
2547 if ( (pk->pubkey_usage & PUBKEY_USAGE_AUTH) )
2548 putchar ('a');
2549 putchar('\n');
2550
2551 print_fingerprint (pk, NULL, 0);
2552 print_revokers(pk);
2553 }
2554 }
2555
2556 /* the user ids */
2557 i = 0;
2558 for (node = keyblock; node; node = node->next)
2559 {
2560 if ( node->pkt->pkttype == PKT_USER_ID )
2561 {
2562 PKT_user_id *uid = node->pkt->pkt.user_id;
2563
2564 ++i;
2565
2566 if(uid->attrib_data)
2567 printf("uat:");
2568 else
2569 printf("uid:");
2570
2571 if ( uid->is_revoked )
2572 printf("r::::::::");
2573 else if ( uid->is_expired )
2574 printf("e::::::::");
2575 else if ( opt.fast_list_mode || opt.no_expensive_trust_checks )
2576 printf("::::::::");
2577 else
2578 {
2579 int uid_validity;
2580
2581 if( primary && !ulti_hack )
2582 uid_validity = get_validity_info( primary, uid );
2583 else
2584 uid_validity = 'u';
2585 printf("%c::::::::",uid_validity);
2586 }
2587
2588 if(uid->attrib_data)
2589 printf ("%u %lu",uid->numattribs,uid->attrib_len);
2590 else
2591 print_string (stdout, uid->name, uid->len, ':');
2592
2593 putchar (':');
2594 /* signature class */
2595 putchar (':');
2596 /* capabilities */
2597 putchar (':');
2598 /* preferences */
2599 if (pk_version>3 || uid->selfsigversion>3)
2600 {
2601 const prefitem_t *prefs = uid->prefs;
2602
2603 for (j=0; prefs && prefs[j].type; j++)
2604 {
2605 if (j)
2606 putchar (' ');
2607 printf ("%c%d", prefs[j].type == PREFTYPE_SYM ? 'S' :
2608 prefs[j].type == PREFTYPE_HASH ? 'H' :
2609 prefs[j].type == PREFTYPE_ZIP ? 'Z':'?',
2610 prefs[j].value);
2611 }
2612 if (uid->flags.mdc)
2613 printf (",mdc");
2614 if (!uid->flags.ks_modify)
2615 printf (",no-ks-modify");
2616 }
2617 putchar (':');
2618 /* flags */
2619 printf ("%d,", i);
2620 if (uid->is_primary)
2621 putchar ('p');
2622 if (uid->is_revoked)
2623 putchar ('r');
2624 if (uid->is_expired)
2625 putchar ('e');
2626 if ((node->flag & NODFLG_SELUID))
2627 putchar ('s');
2628 if ((node->flag & NODFLG_MARK_A))
2629 putchar ('m');
2630 putchar (':');
2631 putchar('\n');
2632 }
2633 }
2634 }
2635
2636 static void
2637 show_names(KBNODE keyblock,PKT_public_key *pk,unsigned int flag,int with_prefs)
2638 {
2639 KBNODE node;
2640 int i=0;
2641
2642 for( node = keyblock; node; node = node->next )
2643 {
2644 if( node->pkt->pkttype == PKT_USER_ID
2645 && !is_deleted_kbnode(node))
2646 {
2647 PKT_user_id *uid = node->pkt->pkt.user_id;
2648 ++i;
2649 if(!flag || (flag && (node->flag & flag)))
2650 {
2651 if(!(flag&NODFLG_MARK_A) && pk)
2652 tty_printf("%s ",uid_trust_string_fixed(pk,uid));
2653
2654 if( flag & NODFLG_MARK_A )
2655 tty_printf(" ");
2656 else if( node->flag & NODFLG_SELUID )
2657 tty_printf("(%d)* ", i);
2658 else if( uid->is_primary )
2659 tty_printf("(%d). ", i);
2660 else
2661 tty_printf("(%d) ", i);
2662 tty_print_utf8_string( uid->name, uid->len );
2663 tty_printf("\n");
2664 if(with_prefs && pk)
2665 {
2666 if(pk->version>3 || uid->selfsigversion>3)
2667 {
2668 PKT_signature *selfsig=NULL;
2669 KBNODE signode;
2670
2671 for(signode=node->next;
2672 signode && signode->pkt->pkttype==PKT_SIGNATURE;
2673 signode=signode->next)
2674 {
2675 if(signode->pkt->pkt.signature->
2676 flags.chosen_selfsig)
2677 {
2678 selfsig=signode->pkt->pkt.signature;
2679 break;
2680 }
2681 }
2682
2683 show_prefs (uid, selfsig, with_prefs == 2);
2684 }
2685 else
2686 tty_printf(_("There are no preferences on a"
2687 " PGP 2.x-style user ID.\n"));
2688 }
2689 }
2690 }
2691 }
2692 }
2693
2694 /****************
2695 * Display the key a the user ids, if only_marked is true, do only
2696 * so for user ids with mark A flag set and dont display the index number
2697 */
2698 static void
2699 show_key_with_all_names( KBNODE keyblock, int only_marked, int with_revoker,
2700 int with_fpr, int with_subkeys, int with_prefs )
2701 {
2702 KBNODE node;
2703 int i;
2704 int do_warn = 0;
2705 byte pk_version=0;
2706 PKT_public_key *primary=NULL;
2707
2708 if (opt.with_colons)
2709 {
2710 show_key_with_all_names_colon (keyblock);
2711 return;
2712 }
2713
2714 /* the keys */
2715 for( node = keyblock; node; node = node->next ) {
2716 if( node->pkt->pkttype == PKT_PUBLIC_KEY
2717 || (with_subkeys && node->pkt->pkttype == PKT_PUBLIC_SUBKEY
2718 && !is_deleted_kbnode(node)) ) {
2719 PKT_public_key *pk = node->pkt->pkt.public_key;
2720 const char *otrust="err",*trust="err";
2721
2722 if( node->pkt->pkttype == PKT_PUBLIC_KEY ) {
2723 /* do it here, so that debug messages don't clutter the
2724 * output */
2725 static int did_warn = 0;
2726
2727 trust = get_validity_string (pk, NULL);
2728 otrust = get_ownertrust_string (pk);
2729
2730 /* Show a warning once */
2731 if (!did_warn
2732 && (get_validity (pk, NULL) & TRUST_FLAG_PENDING_CHECK)) {
2733 did_warn = 1;
2734 do_warn = 1;
2735 }
2736
2737 pk_version=pk->version;
2738 primary=pk;
2739 }
2740
2741 if(pk->is_revoked)
2742 {
2743 char *user=get_user_id_string_native(pk->revoked.keyid);
2744 const char *algo = gcry_pk_algo_name (pk->revoked.algo);
2745 tty_printf(_("This key was revoked on %s by %s key %s\n"),
2746 revokestr_from_pk(pk),algo?algo:"?",user);
2747 xfree(user);
2748 }
2749
2750 if(with_revoker)
2751 {
2752 if( !pk->revkey && pk->numrevkeys )
2753 BUG();
2754 else
2755 for(i=0;i<pk->numrevkeys;i++)
2756 {
2757 u32 r_keyid[2];
2758 char *user;
2759 const char *algo;
2760
2761 algo = gcry_pk_algo_name (pk->revkey[i].algid);
2762 keyid_from_fingerprint(pk->revkey[i].fpr,
2763 MAX_FINGERPRINT_LEN,r_keyid);
2764
2765 user=get_user_id_string_native(r_keyid);
2766 tty_printf(_("This key may be revoked by %s key %s"),
2767 algo?algo:"?",user);
2768
2769 if(pk->revkey[i].class&0x40)
2770 {
2771 tty_printf(" ");
2772 tty_printf(_("(sensitive)"));
2773 }
2774
2775 tty_printf ("\n");
2776 xfree(user);
2777 }
2778 }
2779
2780 keyid_from_pk(pk,NULL);
2781 tty_printf("%s%c %4u%c/%s ",
2782 node->pkt->pkttype == PKT_PUBLIC_KEY? "pub":"sub",
2783 (node->flag & NODFLG_SELKEY)? '*':' ',
2784 nbits_from_pk( pk ),
2785 pubkey_letter( pk->pubkey_algo ),
2786 keystr(pk->keyid));
2787
2788 tty_printf(_("created: %s"),datestr_from_pk(pk));
2789 tty_printf(" ");
2790 if(pk->is_revoked)
2791 tty_printf(_("revoked: %s"),revokestr_from_pk(pk));
2792 else if(pk->has_expired)
2793 tty_printf(_("expired: %s"),expirestr_from_pk(pk));
2794 else
2795 tty_printf(_("expires: %s"),expirestr_from_pk(pk));
2796 tty_printf(" ");
2797 tty_printf(_("usage: %s"),usagestr_from_pk(pk));
2798 tty_printf("\n");
2799
2800 if( node->pkt->pkttype == PKT_PUBLIC_KEY )
2801 {
2802 if(opt.trust_model!=TM_ALWAYS)
2803 {
2804 tty_printf("%*s", (int)keystrlen()+13,"");
2805 /* Ownertrust is only meaningful for the PGP or
2806 classic trust models */
2807 if(opt.trust_model==TM_PGP || opt.trust_model==TM_CLASSIC)
2808 {
2809 int width=14-strlen(otrust);
2810 if(width<=0)
2811 width=1;
2812 tty_printf(_("trust: %s"), otrust);
2813 tty_printf("%*s",width,"");
2814 }
2815
2816 tty_printf(_("validity: %s"), trust );
2817 tty_printf("\n");
2818 }
2819 if( node->pkt->pkttype == PKT_PUBLIC_KEY
2820 && (get_ownertrust (pk)&TRUST_FLAG_DISABLED))
2821 {
2822 tty_printf("*** ");
2823 tty_printf(_("This key has been disabled"));
2824 tty_printf("\n");
2825 }
2826 }
2827
2828 if( node->pkt->pkttype == PKT_PUBLIC_KEY && with_fpr )
2829 {
2830 print_fingerprint ( pk, NULL, 2 );
2831 tty_printf("\n");
2832 }
2833 }
2834 else if( node->pkt->pkttype == PKT_SECRET_KEY
2835 || (with_subkeys && node->pkt->pkttype == PKT_SECRET_SUBKEY) )
2836 {
2837 PKT_secret_key *sk = node->pkt->pkt.secret_key;
2838 tty_printf("%s%c %4u%c/%s ",
2839 node->pkt->pkttype == PKT_SECRET_KEY? "sec":"ssb",
2840 (node->flag & NODFLG_SELKEY)? '*':' ',
2841 nbits_from_sk( sk ),
2842 pubkey_letter( sk->pubkey_algo ),
2843 keystr_from_sk(sk));
2844 tty_printf(_("created: %s"),datestr_from_sk(sk));
2845 tty_printf(" ");
2846 tty_printf(_("expires: %s"),expirestr_from_sk(sk));
2847 tty_printf("\n");
2848 if (sk->is_protected && sk->protect.s2k.mode == 1002)
2849 {
2850 tty_printf(" ");
2851 tty_printf(_("card-no: "));
2852 if (sk->protect.ivlen == 16
2853 && !memcmp (sk->protect.iv, "\xD2\x76\x00\x01\x24\x01", 6))
2854 { /* This is an OpenPGP card. */
2855 for (i=8; i < 14; i++)
2856 {
2857 if (i == 10)
2858 tty_printf (" ");
2859 tty_printf ("%02X", sk->protect.iv[i]);
2860 }
2861 }
2862 else
2863 { /* Something is wrong: Print all. */
2864 for (i=0; i < sk->protect.ivlen; i++)
2865 tty_printf ("%02X", sk->protect.iv[i]);
2866 }
2867 tty_printf ("\n");
2868 }
2869 }
2870 }
2871
2872 show_names(keyblock,primary,only_marked?NODFLG_MARK_A:0,with_prefs);
2873
2874 if (do_warn)
2875 tty_printf (_("Please note that the shown key validity"
2876 " is not necessarily correct\n"
2877 "unless you restart the program.\n"));
2878 }
2879
2880
2881 /* Display basic key information. This function is suitable to show
2882 information on the key without any dependencies on the trustdb or
2883 any other internal GnuPG stuff. KEYBLOCK may either be a public or
2884 a secret key.*/
2885 void
2886 show_basic_key_info ( KBNODE keyblock )
2887 {
2888 KBNODE node;
2889 int i;
2890
2891 /* The primary key */
2892 for (node = keyblock; node; node = node->next)
2893 {
2894 if (node->pkt->pkttype == PKT_PUBLIC_KEY)
2895 {
2896 PKT_public_key *pk = node->pkt->pkt.public_key;
2897
2898 /* Note, we use the same format string as in other show
2899 functions to make the translation job easier. */
2900 tty_printf ("%s %4u%c/%s ",
2901 node->pkt->pkttype == PKT_PUBLIC_KEY? "pub":"sub",
2902 nbits_from_pk( pk ),
2903 pubkey_letter( pk->pubkey_algo ),
2904 keystr_from_pk(pk));
2905 tty_printf(_("created: %s"),datestr_from_pk(pk));
2906 tty_printf(" ");
2907 tty_printf(_("expires: %s"),expirestr_from_pk(pk));
2908 tty_printf("\n");
2909 print_fingerprint ( pk, NULL, 3 );
2910 tty_printf("\n");
2911 }
2912 else if (node->pkt->pkttype == PKT_SECRET_KEY)
2913 {
2914 PKT_secret_key *sk = node->pkt->pkt.secret_key;
2915 tty_printf("%s %4u%c/%s",
2916 node->pkt->pkttype == PKT_SECRET_KEY? "sec":"ssb",
2917 nbits_from_sk( sk ),
2918 pubkey_letter( sk->pubkey_algo ),
2919 keystr_from_sk(sk));
2920 tty_printf(_("created: %s"),datestr_from_sk(sk));
2921 tty_printf(" ");
2922 tty_printf(_("expires: %s"),expirestr_from_sk(sk));
2923 tty_printf("\n");
2924 print_fingerprint (NULL, sk, 3 );
2925 tty_printf("\n");
2926 }
2927 }
2928
2929 /* The user IDs. */
2930 for (i=0, node = keyblock; node; node = node->next)
2931 {
2932 if (node->pkt->pkttype == PKT_USER_ID)
2933 {
2934 PKT_user_id *uid = node->pkt->pkt.user_id;
2935 ++i;
2936
2937 tty_printf (" ");
2938 if (uid->is_revoked)
2939 tty_printf("[%s] ",_("revoked"));
2940 else if ( uid->is_expired )
2941 tty_printf("[%s] ",_("expired"));
2942 tty_print_utf8_string (uid->name, uid->len);
2943 tty_printf ("\n");
2944 }
2945 }
2946 }
2947
2948 static void
2949 show_key_and_fingerprint( KBNODE keyblock )
2950 {
2951 KBNODE node;
2952 PKT_public_key *pk = NULL;
2953
2954 for( node = keyblock; node; node = node->next )
2955 {
2956 if( node->pkt->pkttype == PKT_PUBLIC_KEY )
2957 {
2958 pk = node->pkt->pkt.public_key;
2959 tty_printf("pub %4u%c/%s %s ",
2960 nbits_from_pk( pk ),
2961 pubkey_letter( pk->pubkey_algo ),
2962 keystr_from_pk(pk),
2963 datestr_from_pk(pk) );
2964 }
2965 else if( node->pkt->pkttype == PKT_USER_ID )
2966 {
2967 PKT_user_id *uid = node->pkt->pkt.user_id;
2968 tty_print_utf8_string( uid->name, uid->len );
2969 break;
2970 }
2971 }
2972 tty_printf("\n");
2973 if( pk )
2974 print_fingerprint( pk, NULL, 2 );
2975 }
2976
2977
2978 /* Show a warning if no uids on the key have the primary uid flag
2979 set. */
2980 static void
2981 no_primary_warning(KBNODE keyblock)
2982 {
2983 KBNODE node;
2984 int have_primary=0,uid_count=0;
2985
2986 /* TODO: if we ever start behaving differently with a primary or
2987 non-primary attribute ID, we will need to check for attributes
2988 here as well. */
2989
2990 for(node=keyblock; node; node = node->next)
2991 {
2992 if(node->pkt->pkttype==PKT_USER_ID
2993 && node->pkt->pkt.user_id->attrib_data==NULL)
2994 {
2995 uid_count++;
2996
2997 if(node->pkt->pkt.user_id->is_primary==2)
2998 {
2999 have_primary=1;
3000 break;
3001 }
3002 }
3003 }
3004
3005 if(uid_count>1 && !have_primary)
3006 log_info(_("WARNING: no user ID has been marked as primary. This command"
3007 " may\n cause a different user ID to become"
3008 " the assumed primary.\n"));
3009 }
3010
3011 /****************
3012 * Ask for a new user id, do the selfsignature and put it into
3013 * both keyblocks.
3014 * Return true if there is a new user id
3015 */
3016 static int
3017 menu_adduid( KBNODE pub_keyblock, KBNODE sec_keyblock,
3018 int photo, const char *photo_name)
3019 {
3020 PKT_user_id *uid;
3021 PKT_public_key *pk=NULL;
3022 PKT_secret_key *sk=NULL;
3023 PKT_signature *sig=NULL;
3024 PACKET *pkt;
3025 KBNODE node;
3026 KBNODE pub_where=NULL, sec_where=NULL;
3027 int rc;
3028
3029 for( node = pub_keyblock; node; pub_where = node, node = node->next ) {
3030 if( node->pkt->pkttype == PKT_PUBLIC_KEY )
3031 pk = node->pkt->pkt.public_key;
3032 else if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
3033 break;
3034 }
3035 if( !node ) /* no subkey */
3036 pub_where = NULL;
3037 for( node = sec_keyblock; node; sec_where = node, node = node->next ) {
3038 if( node->pkt->pkttype == PKT_SECRET_KEY )
3039 sk = copy_secret_key( NULL, node->pkt->pkt.secret_key);
3040 else if( node->pkt->pkttype == PKT_SECRET_SUBKEY )
3041 break;
3042 }
3043 if( !node ) /* no subkey */
3044 sec_where = NULL;
3045 assert(pk && sk);
3046
3047 if(photo) {
3048 int hasattrib=0;
3049
3050 for( node = pub_keyblock; node; node = node->next )
3051 if( node->pkt->pkttype == PKT_USER_ID &&
3052 node->pkt->pkt.user_id->attrib_data!=NULL)
3053 {
3054 hasattrib=1;
3055 break;
3056 }
3057
3058 /* It is legal but bad for compatibility to add a photo ID to a
3059 v3 key as it means that PGP2 will not be able to use that key
3060 anymore. Also, PGP may not expect a photo on a v3 key.
3061 Don't bother to ask this if the key already has a photo - any
3062 damage has already been done at that point. -dms */
3063 if(pk->version==3 && !hasattrib)
3064 {
3065 if(opt.expert)
3066 {
3067 tty_printf(_("WARNING: This is a PGP2-style key. "
3068 "Adding a photo ID may cause some versions\n"
3069 " of PGP to reject this key.\n"));
3070
3071 if(!cpr_get_answer_is_yes("keyedit.v3_photo.okay",
3072 _("Are you sure you still want "
3073 "to add it? (y/N) ")))
3074 return 0;
3075 }
3076 else
3077 {
3078 tty_printf(_("You may not add a photo ID to "
3079 "a PGP2-style key.\n"));
3080 return 0;
3081 }
3082 }
3083
3084 uid = generate_photo_id(pk,photo_name);
3085 } else
3086 uid = generate_user_id (pub_keyblock);
3087 if( !uid )
3088 return 0;
3089
3090 rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x13, 0, 0, 0, 0,
3091 keygen_add_std_prefs, pk );
3092 free_secret_key( sk );
3093 if( rc ) {
3094 log_error("signing failed: %s\n", g10_errstr(rc) );
3095 free_user_id(uid);
3096 return 0;
3097 }
3098
3099 /* insert/append to secret keyblock */
3100 pkt = xmalloc_clear( sizeof *pkt );
3101 pkt->pkttype = PKT_USER_ID;
3102 pkt->pkt.user_id = scopy_user_id(uid);
3103 node = new_kbnode(pkt);
3104 if( sec_where )
3105 insert_kbnode( sec_where, node, 0 );
3106 else
3107 add_kbnode( sec_keyblock, node );
3108 pkt = xmalloc_clear( sizeof *pkt );
3109 pkt->pkttype = PKT_SIGNATURE;
3110 pkt->pkt.signature = copy_signature(NULL, sig);
3111 if( sec_where )
3112 insert_kbnode( node, new_kbnode(pkt), 0 );
3113 else
3114 add_kbnode( sec_keyblock, new_kbnode(pkt) );
3115 /* insert/append to public keyblock */
3116 pkt = xmalloc_clear( sizeof *pkt );
3117 pkt->pkttype = PKT_USER_ID;
3118 pkt->pkt.user_id = uid;
3119 node = new_kbnode(pkt);
3120 if( pub_where )
3121 insert_kbnode( pub_where, node, 0 );
3122 else
3123 add_kbnode( pub_keyblock, node );
3124 pkt = xmalloc_clear( sizeof *pkt );
3125 pkt->pkttype = PKT_SIGNATURE;
3126 pkt->pkt.signature = copy_signature(NULL, sig);
3127 if( pub_where )
3128 insert_kbnode( node, new_kbnode(pkt), 0 );
3129 else
3130 add_kbnode( pub_keyblock, new_kbnode(pkt) );
3131 return 1;
3132 }
3133
3134
3135 /****************
3136 * Remove all selected userids from the keyrings
3137 */
3138 static void
3139 menu_deluid( KBNODE pub_keyblock, KBNODE sec_keyblock )
3140 {
3141 KBNODE node;
3142 int selected=0;
3143
3144 for( node = pub_keyblock; node; node = node->next ) {
3145 if( node->pkt->pkttype == PKT_USER_ID ) {
3146 selected = node->flag & NODFLG_SELUID;
3147 if( selected ) {
3148 /* Only cause a trust update if we delete a
3149 non-revoked user id */
3150 if(!node->pkt->pkt.user_id->is_revoked)
3151 update_trust=1;
3152 delete_kbnode( node );
3153 if( sec_keyblock ) {
3154 KBNODE snode;
3155 int s_selected = 0;
3156 PKT_user_id *uid = node->pkt->pkt.user_id;
3157 for( snode = sec_keyblock; snode; snode = snode->next ) {
3158 if( snode->pkt->pkttype == PKT_USER_ID ) {
3159 PKT_user_id *suid = snode->pkt->pkt.user_id;
3160
3161 s_selected =
3162 (uid->len == suid->len
3163 && !memcmp( uid->name, suid->name, uid->len));
3164 if( s_selected )
3165 delete_kbnode( snode );
3166 }
3167 else if( s_selected
3168 && snode->pkt->pkttype == PKT_SIGNATURE )
3169 delete_kbnode( snode );
3170 else if( snode->pkt->pkttype == PKT_SECRET_SUBKEY )
3171 s_selected = 0;
3172 }
3173 }
3174 }
3175 }
3176 else if( selected && node->pkt->pkttype == PKT_SIGNATURE )
3177 delete_kbnode( node );
3178 else if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
3179 selected = 0;
3180 }
3181 commit_kbnode( &pub_keyblock );
3182 if( sec_keyblock )
3183 commit_kbnode( &sec_keyblock );
3184 }
3185
3186
3187 static int
3188 menu_delsig( KBNODE pub_keyblock )
3189 {
3190 KBNODE node;
3191 PKT_user_id *uid = NULL;
3192 int changed=0;
3193
3194 for( node = pub_keyblock; node; node = node->next ) {
3195 if( node->pkt->pkttype == PKT_USER_ID ) {
3196 uid = (node->flag & NODFLG_SELUID)? node->pkt->pkt.user_id : NULL;
3197 }
3198 else if( uid && node->pkt->pkttype == PKT_SIGNATURE ) {
3199 int okay, valid, selfsig, inv_sig, no_key, other_err;
3200
3201 tty_printf("uid ");
3202 tty_print_utf8_string( uid->name, uid->len );
3203 tty_printf("\n");
3204
3205 okay = inv_sig = no_key = other_err = 0;
3206 if(opt.with_colons)
3207 valid = print_and_check_one_sig_colon( pub_keyblock, node,
3208 &inv_sig, &no_key, &other_err,
3209 &selfsig, 1 );
3210 else
3211 valid = print_and_check_one_sig( pub_keyblock, node,
3212 &inv_sig, &no_key, &other_err,
3213 &selfsig, 1 );
3214
3215 if( valid ) {
3216 okay = cpr_get_answer_yes_no_quit(
3217 "keyedit.delsig.valid",
3218 _("Delete this good signature? (y/N/q)"));
3219
3220 /* Only update trust if we delete a good signature.
3221 The other two cases do not affect trust. */
3222 if(okay)
3223 update_trust=1;
3224 }
3225 else if( inv_sig || other_err )
3226 okay = cpr_get_answer_yes_no_quit(
3227 "keyedit.delsig.invalid",
3228 _("Delete this invalid signature? (y/N/q)"));
3229 else if( no_key )
3230 okay = cpr_get_answer_yes_no_quit(
3231 "keyedit.delsig.unknown",
3232 _("Delete this unknown signature? (y/N/q)"));
3233
3234 if( okay == -1 )
3235 break;
3236 if( okay && selfsig && !cpr_get_answer_is_yes(
3237 "keyedit.delsig.selfsig",
3238 _("Really delete this self-signature? (y/N)") ))
3239 okay = 0;
3240 if( okay ) {
3241 delete_kbnode( node );
3242 changed++;
3243 }
3244
3245 }
3246 else if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
3247 uid = NULL;
3248 }
3249
3250 if( changed ) {
3251 commit_kbnode( &pub_keyblock );
3252 tty_printf( changed == 1? _("Deleted %d signature.\n")
3253 : _("Deleted %d signatures.\n"), changed );
3254 }
3255 else
3256 tty_printf( _("Nothing deleted.\n") );
3257
3258 return changed;
3259 }
3260
3261 static int
3262 menu_clean(KBNODE keyblock,int self_only)
3263 {
3264 KBNODE uidnode;
3265 int modified=0,select_all=!count_selected_uids(keyblock);
3266
3267 for(uidnode=keyblock->next;
3268 uidnode && uidnode->pkt->pkttype!=PKT_PUBLIC_SUBKEY;
3269 uidnode=uidnode->next)
3270 {
3271 if(uidnode->pkt->pkttype==PKT_USER_ID
3272 && (uidnode->flag&NODFLG_SELUID || select_all))
3273 {
3274 int uids=0,sigs=0;
3275 char *user=utf8_to_native(uidnode->pkt->pkt.user_id->name,
3276 uidnode->pkt->pkt.user_id->len,
3277 0);
3278
3279 clean_one_uid(keyblock,uidnode,opt.verbose,self_only,&uids,&sigs);
3280 if(uids)
3281 {
3282 const char *reason;
3283
3284 if(uidnode->pkt->pkt.user_id->is_revoked)
3285 reason=_("revoked");
3286 else if(uidnode->pkt->pkt.user_id->is_expired)
3287 reason=_("expired");
3288 else
3289 reason=_("invalid");
3290
3291 tty_printf (_("User ID \"%s\" compacted: %s\n"), user, reason);
3292
3293 modified=1;
3294 }
3295 else if(sigs)
3296 {
3297 tty_printf(sigs==1?
3298 _("User ID \"%s\": %d signature removed\n") :
3299 _("User ID \"%s\": %d signatures removed\n"),
3300 user,sigs);
3301
3302 modified=1;
3303 }
3304 else
3305 {
3306 tty_printf (self_only==1?
3307 _("User ID \"%s\": already minimized\n") :
3308 _("User ID \"%s\": already clean\n"),
3309 user);
3310 }
3311
3312 xfree(user);
3313 }
3314 }
3315
3316 return modified;
3317 }
3318
3319 /****************
3320 * Remove some of the secondary keys
3321 */
3322 static void
3323 menu_delkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
3324 {
3325 KBNODE node;
3326 int selected=0;
3327
3328 for( node = pub_keyblock; node; node = node->next ) {
3329 if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
3330 selected = node->flag & NODFLG_SELKEY;
3331 if( selected ) {
3332 delete_kbnode( node );
3333 if( sec_keyblock ) {
3334 KBNODE snode;
3335 int s_selected = 0;
3336 u32 ki[2];
3337
3338 keyid_from_pk( node->pkt->pkt.public_key, ki );
3339 for( snode = sec_keyblock; snode; snode = snode->next ) {
3340 if( snode->pkt->pkttype == PKT_SECRET_SUBKEY ) {
3341 u32 ki2[2];
3342
3343 keyid_from_sk( snode->pkt->pkt.secret_key, ki2 );
3344 s_selected = (ki[0] == ki2[0] && ki[1] == ki2[1]);
3345 if( s_selected )
3346 delete_kbnode( snode );
3347 }
3348 else if( s_selected
3349 && snode->pkt->pkttype == PKT_SIGNATURE )
3350 delete_kbnode( snode );
3351 else
3352 s_selected = 0;
3353 }
3354 }
3355 }
3356 }
3357 else if( selected && node->pkt->pkttype == PKT_SIGNATURE )
3358 delete_kbnode( node );
3359 else
3360 selected = 0;
3361 }
3362 commit_kbnode( &pub_keyblock );
3363 if( sec_keyblock )
3364 commit_kbnode( &sec_keyblock );
3365
3366 /* No need to set update_trust here since signing keys are no
3367 longer used to certify other keys, so there is no change in
3368 trust when revoking/removing them */
3369 }
3370
3371
3372 /****************
3373 * Ask for a new revoker, do the selfsignature and put it into
3374 * both keyblocks.
3375 * Return true if there is a new revoker
3376 */
3377 static int
3378 menu_addrevoker( KBNODE pub_keyblock, KBNODE sec_keyblock, int sensitive )
3379 {
3380 PKT_public_key *pk=NULL,*revoker_pk=NULL;
3381 PKT_secret_key *sk=NULL;
3382 PKT_signature *sig=NULL;
3383 PACKET *pkt;
3384 struct revocation_key revkey;
3385 size_t fprlen;
3386 int rc;
3387
3388 assert(pub_keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
3389 assert(sec_keyblock->pkt->pkttype==PKT_SECRET_KEY);
3390
3391 pk=pub_keyblock->pkt->pkt.public_key;
3392
3393 if(pk->numrevkeys==0 && pk->version==3)
3394 {
3395 /* It is legal but bad for compatibility to add a revoker to a
3396 v3 key as it means that PGP2 will not be able to use that key
3397 anymore. Also, PGP may not expect a revoker on a v3 key.
3398 Don't bother to ask this if the key already has a revoker -
3399 any damage has already been done at that point. -dms */
3400 if(opt.expert)
3401 {
3402 tty_printf(_("WARNING: This is a PGP 2.x-style key. "
3403 "Adding a designated revoker may cause\n"
3404 " some versions of PGP to reject this key.\n"));
3405
3406 if(!cpr_get_answer_is_yes("keyedit.v3_revoker.okay",
3407 _("Are you sure you still want "
3408 "to add it? (y/N) ")))
3409 return 0;
3410 }
3411 else
3412 {
3413 tty_printf(_("You may not add a designated revoker to "
3414 "a PGP 2.x-style key.\n"));
3415 return 0;
3416 }
3417 }
3418
3419 sk=copy_secret_key(NULL,sec_keyblock->pkt->pkt.secret_key);
3420
3421 for(;;)
3422 {
3423 char *answer;
3424
3425 if(revoker_pk)
3426 free_public_key(revoker_pk);
3427
3428 revoker_pk=xmalloc_clear(sizeof(*revoker_pk));
3429
3430 tty_printf("\n");
3431
3432 answer=cpr_get_utf8("keyedit.add_revoker",
3433 _("Enter the user ID of the designated revoker: "));
3434 if(answer[0]=='\0' || answer[0]=='\004')
3435 {
3436 xfree(answer);
3437 goto fail;
3438 }
3439
3440 /* Note that I'm requesting CERT here, which usually implies
3441 primary keys only, but some casual testing shows that PGP and
3442 GnuPG both can handle a designated revokation from a
3443 subkey. */
3444 revoker_pk->req_usage=PUBKEY_USAGE_CERT;
3445 rc=get_pubkey_byname (NULL, revoker_pk,answer,NULL,NULL,1, 1);
3446 if(rc)
3447 {
3448 log_error (_("key \"%s\" not found: %s\n"),answer,g10_errstr(rc));
3449 xfree(answer);
3450 continue;
3451 }
3452
3453 xfree(answer);
3454
3455 fingerprint_from_pk(revoker_pk,revkey.fpr,&fprlen);
3456 if(fprlen!=20)
3457 {
3458 log_error(_("cannot appoint a PGP 2.x style key as a "
3459 "designated revoker\n"));
3460 continue;
3461 }
3462
3463 revkey.class=0x80;
3464 if(sensitive)
3465 revkey.class|=0x40;
3466 revkey.algid=revoker_pk->pubkey_algo;
3467
3468 if(cmp_public_keys(revoker_pk,pk)==0)
3469 {
3470 /* This actually causes no harm (after all, a key that
3471 designates itself as a revoker is the same as a
3472 regular key), but it's easy enough to check. */
3473 log_error(_("you cannot appoint a key as its own "
3474 "designated revoker\n"));
3475
3476 continue;
3477 }
3478
3479 keyid_from_pk(pk,NULL);
3480
3481 /* Does this revkey already exist? */
3482 if(!pk->revkey && pk->numrevkeys)
3483 BUG();
3484 else
3485 {
3486 int i;
3487
3488 for(i=0;i<pk->numrevkeys;i++)
3489 {
3490 if(memcmp(&pk->revkey[i],&revkey,
3491 sizeof(struct revocation_key))==0)
3492 {
3493 char buf[50];
3494
3495 log_error(_("this key has already been designated "
3496 "as a revoker\n"));
3497
3498 sprintf(buf,"%08lX%08lX",
3499 (ulong)pk->keyid[0],(ulong)pk->keyid[1]);
3500 write_status_text(STATUS_ALREADY_SIGNED,buf);
3501
3502 break;
3503 }
3504 }
3505
3506 if(i<pk->numrevkeys)
3507 continue;
3508 }
3509
3510 print_pubkey_info(NULL,revoker_pk);
3511 print_fingerprint(revoker_pk,NULL,2);
3512 tty_printf("\n");
3513
3514 tty_printf(_("WARNING: appointing a key as a designated revoker "
3515 "cannot be undone!\n"));
3516
3517 tty_printf("\n");
3518
3519 if(!cpr_get_answer_is_yes("keyedit.add_revoker.okay",
3520 _("Are you sure you want to appoint this "
3521 "key as a designated revoker? (y/N) ")))
3522 continue;
3523
3524 free_public_key(revoker_pk);
3525 revoker_pk=NULL;
3526 break;
3527 }
3528
3529 /* The 1F signature must be at least v4 to carry the revocation key
3530 subpacket. */
3531 rc = make_keysig_packet( &sig, pk, NULL, NULL, sk, 0x1F, 0, 4, 0, 0,
3532 keygen_add_revkey,&revkey );
3533 if( rc )
3534 {
3535 log_error("signing failed: %s\n", g10_errstr(rc) );
3536 goto fail;
3537 }
3538
3539 free_secret_key(sk);
3540 sk=NULL;
3541
3542 /* insert into secret keyblock */
3543 pkt = xmalloc_clear( sizeof *pkt );
3544 pkt->pkttype = PKT_SIGNATURE;
3545 pkt->pkt.signature = copy_signature(NULL, sig);
3546 insert_kbnode( sec_keyblock, new_kbnode(pkt), PKT_SIGNATURE );
3547
3548 /* insert into public keyblock */
3549 pkt = xmalloc_clear( sizeof *pkt );
3550 pkt->pkttype = PKT_SIGNATURE;
3551 pkt->pkt.signature = sig;
3552 insert_kbnode( pub_keyblock, new_kbnode(pkt), PKT_SIGNATURE );
3553
3554 return 1;
3555
3556 fail:
3557 if(sk)
3558 free_secret_key(sk);
3559 if(sig)
3560 free_seckey_enc(sig);
3561 if(revoker_pk)
3562 free_public_key(revoker_pk);
3563
3564 return 0;
3565 }
3566
3567
3568 static int
3569 menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock )
3570 {
3571 int n1, signumber, rc;
3572 u32 expiredate;
3573 int mainkey=0;
3574 PKT_secret_key *sk; /* copy of the main sk */
3575 PKT_public_key *main_pk, *sub_pk;
3576 PKT_user_id *uid;
3577 KBNODE node;
3578 u32 keyid[2];
3579
3580 if( count_selected_keys( sec_keyblock ) ) {
3581 tty_printf(_("Please remove selections from the secret keys.\n"));
3582 return 0;
3583 }
3584
3585 n1 = count_selected_keys( pub_keyblock );
3586 if( n1 > 1 ) {
3587 tty_printf(_("Please select at most one subkey.\n"));
3588 return 0;
3589 }
3590 else if( n1 )
3591 tty_printf(_("Changing expiration time for a subkey.\n"));
3592 else
3593 {
3594 tty_printf(_("Changing expiration time for the primary key.\n"));
3595 mainkey=1;
3596 no_primary_warning(pub_keyblock);
3597 }
3598
3599 expiredate = ask_expiredate();
3600 node = find_kbnode( sec_keyblock, PKT_SECRET_KEY );
3601 sk = copy_secret_key( NULL, node->pkt->pkt.secret_key);
3602
3603 /* Now we can actually change the self signature(s) */
3604 main_pk = sub_pk = NULL;
3605 uid = NULL;
3606 signumber = 0;
3607 for( node=pub_keyblock; node; node = node->next ) {
3608 if( node->pkt->pkttype == PKT_PUBLIC_KEY ) {
3609 main_pk = node->pkt->pkt.public_key;
3610 keyid_from_pk( main_pk, keyid );
3611 main_pk->expiredate = expiredate;
3612 }
3613 else if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY
3614 && (node->flag & NODFLG_SELKEY ) ) {
3615 sub_pk = node->pkt->pkt.public_key;
3616 sub_pk->expiredate = expiredate;
3617 }
3618 else if( node->pkt->pkttype == PKT_USER_ID )
3619 uid = node->pkt->pkt.user_id;
3620 else if( main_pk && node->pkt->pkttype == PKT_SIGNATURE
3621 && ( mainkey || sub_pk ) ) {
3622 PKT_signature *sig = node->pkt->pkt.signature;
3623 if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
3624 && ( (mainkey && uid
3625 && uid->created && (sig->sig_class&~3) == 0x10)
3626 || (!mainkey && sig->sig_class == 0x18) )
3627 && sig->flags.chosen_selfsig )
3628 {
3629 /* this is a selfsignature which is to be replaced */
3630 PKT_signature *newsig;
3631 PACKET *newpkt;
3632 KBNODE sn;
3633 int signumber2 = 0;
3634
3635 signumber++;
3636
3637 if( (mainkey && main_pk->version < 4)
3638 || (!mainkey && sub_pk->version < 4 ) ) {
3639 log_info(_(
3640 "You can't change the expiration date of a v3 key\n"));
3641 free_secret_key( sk );
3642 return 0;
3643 }
3644
3645 /* find the corresponding secret self-signature */
3646 for( sn=sec_keyblock; sn; sn = sn->next ) {
3647 if( sn->pkt->pkttype == PKT_SIGNATURE ) {
3648 PKT_signature *b = sn->pkt->pkt.signature;
3649 if( keyid[0] == b->keyid[0] && keyid[1] == b->keyid[1]
3650 && sig->sig_class == b->sig_class
3651 && ++signumber2 == signumber )
3652 break;
3653 }
3654 }
3655 if( !sn )
3656 log_info(_("No corresponding signature in secret ring\n"));
3657
3658 if( mainkey )
3659 rc = update_keysig_packet(&newsig, sig, main_pk, uid, NULL,
3660 sk, keygen_add_key_expire, main_pk);
3661 else
3662 rc = update_keysig_packet(&newsig, sig, main_pk, NULL, sub_pk,
3663 sk, keygen_add_key_expire, sub_pk );
3664 if( rc ) {
3665 log_error("make_keysig_packet failed: %s\n",
3666 g10_errstr(rc));
3667 free_secret_key( sk );
3668 return 0;
3669 }
3670 /* replace the packet */
3671 newpkt = xmalloc_clear( sizeof *newpkt );
3672 newpkt->pkttype = PKT_SIGNATURE;
3673 newpkt->pkt.signature = newsig;
3674 free_packet( node->pkt );
3675 xfree( node->pkt );
3676 node->pkt = newpkt;
3677 if( sn ) {
3678 newpkt = xmalloc_clear( sizeof *newpkt );
3679 newpkt->pkttype = PKT_SIGNATURE;
3680 newpkt->pkt.signature = copy_signature( NULL, newsig );
3681 free_packet( sn->pkt );
3682 xfree( sn->pkt );
3683 sn->pkt = newpkt;
3684 }
3685 sub_pk = NULL;
3686 }
3687 }
3688 }
3689
3690 free_secret_key( sk );
3691 update_trust=1;
3692 return 1;
3693 }
3694
3695 static int
3696 menu_backsign(KBNODE pub_keyblock,KBNODE sec_keyblock)
3697 {
3698 int rc,modified=0;
3699 PKT_public_key *main_pk;
3700 PKT_secret_key *main_sk,*sub_sk=NULL;
3701 KBNODE node;
3702 u32 timestamp;
3703
3704 assert(pub_keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
3705 assert(sec_keyblock->pkt->pkttype==PKT_SECRET_KEY);
3706
3707 merge_keys_and_selfsig(pub_keyblock);
3708 main_pk=pub_keyblock->pkt->pkt.public_key;
3709 main_sk=copy_secret_key(NULL,sec_keyblock->pkt->pkt.secret_key);
3710 keyid_from_pk(main_pk,NULL);
3711
3712 /* We use the same timestamp for all backsigs so that we don't
3713 reveal information about the used machine. */
3714 timestamp = make_timestamp ();
3715
3716 for(node=pub_keyblock;node;node=node->next)
3717 {
3718 PKT_public_key *sub_pk=NULL;
3719 KBNODE node2,sig_pk=NULL,sig_sk=NULL;
3720 char *passphrase;
3721
3722 if(sub_sk)
3723 {
3724 free_secret_key(sub_sk);
3725 sub_sk=NULL;
3726 }
3727
3728 /* Find a signing subkey with no backsig */
3729 if(node->pkt->pkttype==PKT_PUBLIC_SUBKEY)
3730 {
3731 if(node->pkt->pkt.public_key->pubkey_usage&PUBKEY_USAGE_SIG)
3732 {
3733 if(node->pkt->pkt.public_key->backsig)
3734 tty_printf(_("signing subkey %s is already cross-certified\n"),
3735 keystr_from_pk(node->pkt->pkt.public_key));
3736 else
3737 sub_pk=node->pkt->pkt.public_key;
3738 }
3739 else
3740 tty_printf(_("subkey %s does not sign and so does"
3741 " not need to be cross-certified\n"),
3742 keystr_from_pk(node->pkt->pkt.public_key));
3743 }
3744
3745 if(!sub_pk)
3746 continue;
3747
3748 /* Find the selected selfsig on this subkey */
3749 for(node2=node->next;
3750 node2 && node2->pkt->pkttype==PKT_SIGNATURE;
3751 node2=node2->next)
3752 if(node2->pkt->pkt.signature->version>=4
3753 && node2->pkt->pkt.signature->flags.chosen_selfsig)
3754 {
3755 sig_pk=node2;
3756 break;
3757 }
3758
3759 if(!sig_pk)
3760 continue;
3761
3762 /* Find the secret subkey that matches the public subkey */
3763 for(node2=sec_keyblock;node2;node2=node2->next)
3764 if(node2->pkt->pkttype==PKT_SECRET_SUBKEY
3765 && !cmp_public_secret_key(sub_pk,node2->pkt->pkt.secret_key))
3766 {
3767 sub_sk=copy_secret_key(NULL,node2->pkt->pkt.secret_key);
3768 break;
3769 }
3770
3771 if(!sub_sk)
3772 {
3773 tty_printf(_("no secret subkey for public subkey %s - ignoring\n"),
3774 keystr_from_pk(sub_pk));
3775 continue;
3776 }
3777
3778 /* Now finally find the matching selfsig on the secret subkey.
3779 We can't use chosen_selfsig here (it's not set for secret
3780 keys), so we just pick the selfsig with the right class.
3781 This is what menu_expire does as well. */
3782 for(node2=node2->next;
3783 node2 && node2->pkt->pkttype!=PKT_SECRET_SUBKEY;
3784 node2=node2->next)
3785 if(node2->pkt->pkttype==PKT_SIGNATURE
3786 && node2->pkt->pkt.signature->version>=4
3787 && node2->pkt->pkt.signature->keyid[0]==sig_pk->pkt->pkt.signature->keyid[0]
3788 && node2->pkt->pkt.signature->keyid[1]==sig_pk->pkt->pkt.signature->keyid[1]
3789 && node2->pkt->pkt.signature->sig_class==sig_pk->pkt->pkt.signature->sig_class)
3790 {
3791 sig_sk=node2;
3792 break;
3793 }
3794
3795 /* Now we can get to work. We have a main key and secret part,
3796 a signing subkey with signature and secret part possibly with
3797 signature. */
3798
3799 passphrase=get_last_passphrase();
3800 set_next_passphrase(passphrase);
3801 xfree(passphrase);
3802
3803 rc = make_backsig (sig_pk->pkt->pkt.signature, main_pk, sub_pk, sub_sk,
3804 timestamp);
3805 if(rc==0)
3806 {
3807 PKT_signature *newsig;
3808 PACKET *newpkt;
3809
3810 passphrase=get_last_passphrase();
3811 set_next_passphrase(passphrase);
3812 xfree(passphrase);
3813
3814 rc=update_keysig_packet(&newsig,sig_pk->pkt->pkt.signature,main_pk,
3815 NULL,sub_pk,main_sk,NULL,NULL);
3816 if(rc==0)
3817 {
3818 /* Put the new sig into place on the pubkey */
3819 newpkt=xmalloc_clear(sizeof(*newpkt));
3820 newpkt->pkttype=PKT_SIGNATURE;
3821 newpkt->pkt.signature=newsig;
3822 free_packet(sig_pk->pkt);
3823 xfree(sig_pk->pkt);
3824 sig_pk->pkt=newpkt;
3825
3826 if(sig_sk)
3827 {
3828 /* Put the new sig into place on the seckey */
3829 newpkt=xmalloc_clear(sizeof(*newpkt));
3830 newpkt->pkttype=PKT_SIGNATURE;
3831 newpkt->pkt.signature=copy_signature(NULL,newsig);
3832 free_packet(sig_sk->pkt);
3833 xfree(sig_sk->pkt);
3834 sig_sk->pkt=newpkt;
3835 }
3836
3837 modified=1;
3838 }
3839 else
3840 {
3841 log_error("update_keysig_packet failed: %s\n",g10_errstr(rc));
3842 break;
3843 }
3844 }
3845 else
3846 {
3847 log_error("make_backsig failed: %s\n",g10_errstr(rc));
3848 break;
3849 }
3850 }
3851
3852 set_next_passphrase(NULL);
3853
3854 free_secret_key(main_sk);
3855 if(sub_sk)
3856 free_secret_key(sub_sk);
3857
3858 return modified;
3859 }
3860
3861
3862 static int
3863 change_primary_uid_cb ( PKT_signature *sig, void *opaque )
3864 {
3865 byte buf[1];
3866
3867 /* first clear all primary uid flags so that we are sure none are
3868 * lingering around */
3869 delete_sig_subpkt (sig->hashed, SIGSUBPKT_PRIMARY_UID);
3870 delete_sig_subpkt (sig->unhashed, SIGSUBPKT_PRIMARY_UID);
3871
3872 /* if opaque is set,we want to set the primary id */
3873 if (opaque) {
3874 buf[0] = 1;
3875 build_sig_subpkt (sig, SIGSUBPKT_PRIMARY_UID, buf, 1 );
3876 }
3877
3878 return 0;
3879 }
3880
3881
3882 /*
3883 * Set the primary uid flag for the selected UID. We will also reset
3884 * all other primary uid flags. For this to work with have to update
3885 * all the signature timestamps. If we would do this with the current
3886 * time, we lose quite a lot of information, so we use a a kludge to
3887 * do this: Just increment the timestamp by one second which is
3888 * sufficient to updated a signature during import.
3889 */
3890 static int
3891 menu_set_primary_uid ( KBNODE pub_keyblock, KBNODE sec_keyblock )
3892 {
3893 PKT_secret_key *sk; /* copy of the main sk */
3894 PKT_public_key *main_pk;
3895 PKT_user_id *uid;
3896 KBNODE node;
3897 u32 keyid[2];
3898 int selected;
3899 int attribute = 0;
3900 int modified = 0;
3901
3902 if ( count_selected_uids (pub_keyblock) != 1 ) {
3903 tty_printf(_("Please select exactly one user ID.\n"));
3904 return 0;
3905 }
3906
3907 node = find_kbnode( sec_keyblock, PKT_SECRET_KEY );
3908 sk = copy_secret_key( NULL, node->pkt->pkt.secret_key);
3909
3910 /* Now we can actually change the self signature(s) */
3911 main_pk = NULL;
3912 uid = NULL;
3913 selected = 0;
3914
3915 /* Is our selected uid an attribute packet? */
3916 for ( node=pub_keyblock; node; node = node->next )
3917 if (node->pkt->pkttype == PKT_USER_ID && node->flag & NODFLG_SELUID)
3918 attribute = (node->pkt->pkt.user_id->attrib_data!=NULL);
3919
3920 for ( node=pub_keyblock; node; node = node->next ) {
3921 if ( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
3922 break; /* ready */
3923
3924 if ( node->pkt->pkttype == PKT_PUBLIC_KEY ) {
3925 main_pk = node->pkt->pkt.public_key;
3926 keyid_from_pk( main_pk, keyid );
3927 }
3928 else if ( node->pkt->pkttype == PKT_USER_ID ) {
3929 uid = node->pkt->pkt.user_id;
3930 selected = node->flag & NODFLG_SELUID;
3931 }
3932 else if ( main_pk && uid && node->pkt->pkttype == PKT_SIGNATURE ) {
3933 PKT_signature *sig = node->pkt->pkt.signature;
3934 if ( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
3935 && (uid && (sig->sig_class&~3) == 0x10)
3936 && attribute == (uid->attrib_data!=NULL)
3937 && sig->flags.chosen_selfsig )
3938 {
3939 if(sig->version < 4) {
3940 char *user=utf8_to_native(uid->name,strlen(uid->name),0);
3941
3942 log_info(_("skipping v3 self-signature on user ID \"%s\"\n"),
3943 user);
3944 xfree(user);
3945 }
3946 else {
3947 /* This is a selfsignature which is to be replaced.
3948 We can just ignore v3 signatures because they are
3949 not able to carry the primary ID flag. We also
3950 ignore self-sigs on user IDs that are not of the
3951 same type that we are making primary. That is, if
3952 we are making a user ID primary, we alter user IDs.
3953 If we are making an attribute packet primary, we
3954 alter attribute packets. */
3955
3956 /* FIXME: We must make sure that we only have one
3957 self-signature per user ID here (not counting
3958 revocations) */
3959 PKT_signature *newsig;
3960 PACKET *newpkt;
3961 const byte *p;
3962 int action;
3963
3964 /* see whether this signature has the primary UID flag */
3965 p = parse_sig_subpkt (sig->hashed,
3966 SIGSUBPKT_PRIMARY_UID, NULL );
3967 if ( !p )
3968 p = parse_sig_subpkt (sig->unhashed,
3969 SIGSUBPKT_PRIMARY_UID, NULL );
3970 if ( p && *p ) /* yes */
3971 action = selected? 0 : -1;
3972 else /* no */
3973 action = selected? 1 : 0;
3974
3975 if (action) {
3976 int rc = update_keysig_packet (&newsig, sig,
3977 main_pk, uid, NULL,
3978 sk,
3979 change_primary_uid_cb,
3980 action > 0? "x":NULL );
3981 if( rc ) {
3982 log_error ("update_keysig_packet failed: %s\n",
3983 g10_errstr(rc));
3984 free_secret_key( sk );
3985 return 0;
3986 }
3987 /* replace the packet */
3988 newpkt = xmalloc_clear( sizeof *newpkt );
3989 newpkt->pkttype = PKT_SIGNATURE;
3990 newpkt->pkt.signature = newsig;
3991 free_packet( node->pkt );
3992 xfree( node->pkt );
3993 node->pkt = newpkt;
3994 modified = 1;
3995 }
3996 }
3997 }
3998 }
3999 }
4000
4001 free_secret_key( sk );
4002 return modified;
4003 }
4004
4005
4006 /*
4007 * Set preferences to new values for the selected user IDs
4008 */
4009 static int
4010 menu_set_preferences (KBNODE pub_keyblock, KBNODE sec_keyblock )
4011 {
4012 PKT_secret_key *sk; /* copy of the main sk */
4013 PKT_public_key *main_pk;
4014 PKT_user_id *uid;
4015 KBNODE node;
4016 u32 keyid[2];
4017 int selected, select_all;
4018 int modified = 0;
4019
4020 no_primary_warning(pub_keyblock);
4021
4022 select_all = !count_selected_uids (pub_keyblock);
4023
4024 node = find_kbnode( sec_keyblock, PKT_SECRET_KEY );
4025 sk = copy_secret_key( NULL, node->pkt->pkt.secret_key);
4026
4027 /* Now we can actually change the self signature(s) */
4028 main_pk = NULL;
4029 uid = NULL;
4030 selected = 0;
4031 for ( node=pub_keyblock; node; node = node->next ) {
4032 if ( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
4033 break; /* ready */
4034
4035 if ( node->pkt->pkttype == PKT_PUBLIC_KEY ) {
4036 main_pk = node->pkt->pkt.public_key;
4037 keyid_from_pk( main_pk, keyid );
4038 }
4039 else if ( node->pkt->pkttype == PKT_USER_ID ) {
4040 uid = node->pkt->pkt.user_id;
4041 selected = select_all || (node->flag & NODFLG_SELUID);
4042 }
4043 else if ( main_pk && uid && selected
4044 && node->pkt->pkttype == PKT_SIGNATURE ) {
4045 PKT_signature *sig = node->pkt->pkt.signature;
4046 if ( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
4047 && (uid && (sig->sig_class&~3) == 0x10)
4048 && sig->flags.chosen_selfsig ) {
4049 if( sig->version < 4 ) {
4050 char *user=utf8_to_native(uid->name,strlen(uid->name),0);
4051
4052 log_info(_("skipping v3 self-signature on user ID \"%s\"\n"),
4053 user);
4054 xfree(user);
4055 }
4056 else {
4057 /* This is a selfsignature which is to be replaced
4058 * We have to ignore v3 signatures because they are
4059 * not able to carry the preferences */
4060 PKT_signature *newsig;
4061 PACKET *newpkt;
4062 int rc;
4063
4064 rc = update_keysig_packet (&newsig, sig,
4065 main_pk, uid, NULL,
4066 sk,
4067 keygen_upd_std_prefs,
4068 NULL );
4069 if( rc ) {
4070 log_error ("update_keysig_packet failed: %s\n",
4071 g10_errstr(rc));
4072 free_secret_key( sk );
4073 return 0;
4074 }
4075 /* replace the packet */
4076 newpkt = xmalloc_clear( sizeof *newpkt );
4077 newpkt->pkttype = PKT_SIGNATURE;
4078 newpkt->pkt.signature = newsig;
4079 free_packet( node->pkt );
4080 xfree( node->pkt );
4081 node->pkt = newpkt;
4082 modified = 1;
4083 }
4084 }
4085 }
4086 }
4087
4088 free_secret_key( sk );
4089 return modified;
4090 }
4091
4092
4093 static int
4094 menu_set_keyserver_url (const char *url,
4095 KBNODE pub_keyblock, KBNODE sec_keyblock )
4096 {
4097 PKT_secret_key *sk; /* copy of the main sk */
4098 PKT_public_key *main_pk;
4099 PKT_user_id *uid;
4100 KBNODE node;
4101 u32 keyid[2];
4102 int selected, select_all;
4103 int modified = 0;
4104 char *answer,*uri;
4105
4106 no_primary_warning(pub_keyblock);
4107
4108 if(url)
4109 answer=xstrdup(url);
4110 else
4111 {
4112 answer=cpr_get_utf8("keyedit.add_keyserver",
4113 _("Enter your preferred keyserver URL: "));
4114 if(answer[0]=='\0' || answer[0]=='\004')
4115 {
4116 xfree(answer);
4117 return 0;
4118 }
4119 }
4120
4121 if(ascii_strcasecmp(answer,"none")==0)
4122 uri=NULL;
4123 else
4124 {
4125 struct keyserver_spec *keyserver=NULL;
4126 /* Sanity check the format */
4127 keyserver=parse_keyserver_uri(answer,1,NULL,0);
4128 xfree(answer);
4129 if(!keyserver)
4130 {
4131 log_info(_("could not parse keyserver URL\n"));
4132 return 0;
4133 }
4134 uri=xstrdup(keyserver->uri);
4135 free_keyserver_spec(keyserver);
4136 }
4137
4138 select_all = !count_selected_uids (pub_keyblock);
4139
4140 node = find_kbnode( sec_keyblock, PKT_SECRET_KEY );
4141 sk = copy_secret_key( NULL, node->pkt->pkt.secret_key);
4142
4143 /* Now we can actually change the self signature(s) */
4144 main_pk = NULL;
4145 uid = NULL;
4146 selected = 0;
4147 for ( node=pub_keyblock; node; node = node->next )
4148 {
4149 if ( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
4150 break; /* ready */
4151
4152 if ( node->pkt->pkttype == PKT_PUBLIC_KEY )
4153 {
4154 main_pk = node->pkt->pkt.public_key;
4155 keyid_from_pk( main_pk, keyid );
4156 }
4157 else if ( node->pkt->pkttype == PKT_USER_ID )
4158 {
4159 uid = node->pkt->pkt.user_id;
4160 selected = select_all || (node->flag & NODFLG_SELUID);
4161 }
4162 else if ( main_pk && uid && selected
4163 && node->pkt->pkttype == PKT_SIGNATURE )
4164 {
4165 PKT_signature *sig = node->pkt->pkt.signature;
4166 if ( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
4167 && (uid && (sig->sig_class&~3) == 0x10)
4168 && sig->flags.chosen_selfsig)
4169 {
4170 char *user=utf8_to_native(uid->name,strlen(uid->name),0);
4171 if( sig->version < 4 )
4172 log_info(_("skipping v3 self-signature on user ID \"%s\"\n"),
4173 user);
4174 else
4175 {
4176 /* This is a selfsignature which is to be replaced
4177 * We have to ignore v3 signatures because they are
4178 * not able to carry the subpacket. */
4179 PKT_signature *newsig;
4180 PACKET *newpkt;
4181 int rc;
4182 const byte *p;
4183 size_t plen;
4184
4185 p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_PREF_KS,&plen);
4186 if(p && plen)
4187 {
4188 tty_printf("Current preferred keyserver for user"
4189 " ID \"%s\": ",user);
4190 tty_print_utf8_string(p,plen);
4191 tty_printf("\n");
4192 if(!cpr_get_answer_is_yes("keyedit.confirm_keyserver",
4193 uri?_("Are you sure you want to replace it? (y/N) "):
4194 _("Are you sure you want to delete it? (y/N) ")))
4195 continue;
4196 }
4197 else if(uri==NULL)
4198 {
4199 /* There is no current keyserver URL, so there
4200 is no point in trying to un-set it. */
4201 continue;
4202 }
4203
4204 rc = update_keysig_packet (&newsig, sig,
4205 main_pk, uid, NULL,
4206 sk,
4207 keygen_add_keyserver_url, uri );
4208 if( rc )
4209 {
4210 log_error ("update_keysig_packet failed: %s\n",
4211 g10_errstr(rc));
4212 free_secret_key( sk );
4213 xfree(uri);
4214 return 0;
4215 }
4216 /* replace the packet */
4217 newpkt = xmalloc_clear( sizeof *newpkt );
4218 newpkt->pkttype = PKT_SIGNATURE;
4219 newpkt->pkt.signature = newsig;
4220 free_packet( node->pkt );
4221 xfree( node->pkt );
4222 node->pkt = newpkt;
4223 modified = 1;
4224 }
4225
4226 xfree(user);
4227 }
4228 }
4229 }
4230
4231 xfree(uri);
4232 free_secret_key( sk );
4233 return modified;
4234 }
4235
4236 static int
4237 menu_set_notation(const char *string,KBNODE pub_keyblock,KBNODE sec_keyblock)
4238 {
4239 PKT_secret_key *sk; /* copy of the main sk */
4240 PKT_public_key *main_pk;
4241 PKT_user_id *uid;
4242 KBNODE node;
4243 u32 keyid[2];
4244 int selected, select_all;
4245 int modified = 0;
4246 char *answer;
4247 struct notation *notation;
4248
4249 no_primary_warning(pub_keyblock);
4250
4251 if(string)
4252 answer=xstrdup(string);
4253 else
4254 {
4255 answer=cpr_get_utf8("keyedit.add_notation",
4256 _("Enter the notation: "));
4257 if(answer[0]=='\0' || answer[0]=='\004')
4258 {
4259 xfree(answer);
4260 return 0;
4261 }
4262 }
4263
4264 if(ascii_strcasecmp(answer,"none")==0
4265 || ascii_strcasecmp(answer,"-")==0)
4266 notation=NULL; /* delete them all */
4267 else
4268 {
4269 notation=string_to_notation(answer,0);
4270 if(!notation)
4271 {
4272 xfree(answer);
4273 return 0;
4274 }
4275 }
4276
4277 xfree(answer);
4278
4279 select_all = !count_selected_uids (pub_keyblock);
4280
4281 node = find_kbnode( sec_keyblock, PKT_SECRET_KEY );
4282 sk = copy_secret_key( NULL, node->pkt->pkt.secret_key);
4283
4284 /* Now we can actually change the self signature(s) */
4285 main_pk = NULL;
4286 uid = NULL;
4287 selected = 0;
4288 for ( node=pub_keyblock; node; node = node->next )
4289 {
4290 if ( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
4291 break; /* ready */
4292
4293 if ( node->pkt->pkttype == PKT_PUBLIC_KEY )
4294 {
4295 main_pk = node->pkt->pkt.public_key;
4296 keyid_from_pk( main_pk, keyid );
4297 }
4298 else if ( node->pkt->pkttype == PKT_USER_ID )
4299 {
4300 uid = node->pkt->pkt.user_id;
4301 selected = select_all || (node->flag & NODFLG_SELUID);
4302 }
4303 else if ( main_pk && uid && selected
4304 && node->pkt->pkttype == PKT_SIGNATURE )
4305 {
4306 PKT_signature *sig = node->pkt->pkt.signature;
4307 if ( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
4308 && (uid && (sig->sig_class&~3) == 0x10)
4309 && sig->flags.chosen_selfsig)
4310 {
4311 char *user=utf8_to_native(uid->name,strlen(uid->name),0);
4312 if( sig->version < 4 )
4313 log_info(_("skipping v3 self-signature on user ID \"%s\"\n"),
4314 user);
4315 else
4316 {
4317 PKT_signature *newsig;
4318 PACKET *newpkt;
4319 int rc,skip=0,addonly=1;
4320
4321 if(sig->flags.notation)
4322 {
4323 tty_printf("Current notations for user ID \"%s\":\n",
4324 user);
4325 tty_print_notations(-9,sig);
4326 }
4327 else
4328 {
4329 tty_printf("No notations on user ID \"%s\"\n",user);
4330 if(notation==NULL)
4331 {
4332 /* There are no current notations, so there
4333 is no point in trying to un-set them. */
4334 continue;
4335 }
4336 }
4337
4338 if(notation)
4339 {
4340 struct notation *n;
4341 int deleting=0;
4342
4343 notation->next=sig_to_notation(sig);
4344
4345 for(n=notation->next;n;n=n->next)
4346 if(strcmp(n->name,notation->name)==0)
4347 {
4348 if(notation->value)
4349 {
4350 if(strcmp(n->value,notation->value)==0)
4351 {
4352 if(notation->flags.ignore)
4353 {
4354 /* Value match with a delete
4355 flag. */
4356 n->flags.ignore=1;
4357 deleting=1;
4358 }
4359 else
4360 {
4361 /* Adding the same notation
4362 twice, so don't add it at
4363 all. */
4364 skip=1;
4365 tty_printf("Skipping notation:"
4366 " %s=%s\n",
4367 notation->name,
4368 notation->value);
4369 break;
4370 }
4371 }
4372 }
4373 else
4374 {
4375 /* No value, so it means delete. */
4376 n->flags.ignore=1;
4377 deleting=1;
4378 }
4379
4380 if(n->flags.ignore)
4381 {
4382 tty_printf("Removing notation: %s=%s\n",
4383 n->name,n->value);
4384 addonly=0;
4385 }
4386 }
4387
4388 if(!notation->flags.ignore && !skip)
4389 tty_printf("Adding notation: %s=%s\n",
4390 notation->name,notation->value);
4391
4392 /* We tried to delete, but had no matches */
4393 if(notation->flags.ignore && !deleting)
4394 continue;
4395 }
4396 else
4397 {
4398 tty_printf("Removing all notations\n");
4399 addonly=0;
4400 }
4401
4402 if(skip
4403 || (!addonly
4404 && !cpr_get_answer_is_yes("keyedit.confirm_notation",
4405 _("Proceed? (y/N) "))))
4406 continue;
4407
4408 rc = update_keysig_packet (&newsig, sig,
4409 main_pk, uid, NULL,
4410 sk,
4411 keygen_add_notations, notation );
4412 if( rc )
4413 {
4414 log_error ("update_keysig_packet failed: %s\n",
4415 g10_errstr(rc));
4416 free_secret_key( sk );
4417 free_notation(notation);
4418 xfree(user);
4419 return 0;
4420 }
4421
4422 /* replace the packet */
4423 newpkt = xmalloc_clear( sizeof *newpkt );
4424 newpkt->pkttype = PKT_SIGNATURE;
4425 newpkt->pkt.signature = newsig;
4426 free_packet( node->pkt );
4427 xfree( node->pkt );
4428 node->pkt = newpkt;
4429 modified = 1;
4430
4431 if(notation)
4432 {
4433 /* Snip off the notation list from the sig */
4434 free_notation(notation->next);
4435 notation->next=NULL;
4436 }
4437
4438 xfree(user);
4439 }
4440 }
4441 }
4442 }
4443
4444 free_notation(notation);
4445 free_secret_key( sk );
4446 return modified;
4447 }
4448
4449
4450 /*
4451 * Select one user id or remove all selection if IDX is 0 or select
4452 * all if IDX is -1. Returns: True if the selection changed.
4453 */
4454 static int
4455 menu_select_uid (KBNODE keyblock, int idx)
4456 {
4457 KBNODE node;
4458 int i;
4459
4460 if (idx == -1) /* Select all. */
4461 {
4462 for (node = keyblock; node; node = node->next)
4463 if (node->pkt->pkttype == PKT_USER_ID)
4464 node->flag |= NODFLG_SELUID;
4465 return 1;
4466 }
4467 else if (idx) /* Toggle. */
4468 {
4469 for (i=0, node = keyblock; node; node = node->next)
4470 {
4471 if (node->pkt->pkttype == PKT_USER_ID)
4472 if (++i == idx)
4473 break;
4474 }
4475 if (!node)
4476 {
4477 tty_printf (_("No user ID with index %d\n"), idx );
4478 return 0;
4479 }
4480
4481 for (i=0, node = keyblock; node; node = node->next)
4482 {
4483 if (node->pkt->pkttype == PKT_USER_ID)
4484 {
4485 if (++i == idx)
4486 {
4487 if ((node->flag & NODFLG_SELUID))
4488 node->flag &= ~NODFLG_SELUID;
4489 else
4490 node->flag |= NODFLG_SELUID;
4491 }
4492 }
4493 }
4494 }
4495 else /* Unselect all */
4496 {
4497 for (node = keyblock; node; node = node->next)
4498 if (node->pkt->pkttype == PKT_USER_ID)
4499 node->flag &= ~NODFLG_SELUID;
4500 }
4501
4502 return 1;
4503 }
4504
4505
4506 /* Search in the keyblock for a uid that matches namehash */
4507 static int
4508 menu_select_uid_namehash( KBNODE keyblock, const char *namehash )
4509 {
4510 byte hash[NAMEHASH_LEN];
4511 KBNODE node;
4512 int i;
4513
4514 assert(strlen(namehash)==NAMEHASH_LEN*2);
4515
4516 for(i=0;i<NAMEHASH_LEN;i++)
4517 hash[i]=hextobyte(&namehash[i*2]);
4518
4519 for(node=keyblock->next;node;node=node->next)
4520 {
4521 if(node->pkt->pkttype==PKT_USER_ID)
4522 {
4523 namehash_from_uid(node->pkt->pkt.user_id);
4524 if(memcmp(node->pkt->pkt.user_id->namehash,hash,NAMEHASH_LEN)==0)
4525 {
4526 if(node->flag&NODFLG_SELUID)
4527 node->flag &= ~NODFLG_SELUID;
4528 else
4529 node->flag |= NODFLG_SELUID;
4530
4531 break;
4532 }
4533 }
4534 }
4535
4536 if(!node)
4537 {
4538 tty_printf(_("No user ID with hash %s\n"),namehash);
4539 return 0;
4540 }
4541
4542 return 1;
4543 }
4544
4545 /****************
4546 * Select secondary keys
4547 * Returns: True if the selection changed.
4548 */
4549 static int
4550 menu_select_key (KBNODE keyblock, int idx)
4551 {
4552 KBNODE node;
4553 int i;
4554
4555 if (idx == -1) /* Select all. */
4556 {
4557 for (node = keyblock; node; node = node->next)
4558 if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY
4559 || node->pkt->pkttype == PKT_SECRET_SUBKEY)
4560 node->flag |= NODFLG_SELKEY;
4561 }
4562 else if (idx) /* Toggle selection. */
4563 {
4564 for (i=0, node = keyblock; node; node = node->next)
4565 {
4566 if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY
4567 || node->pkt->pkttype == PKT_SECRET_SUBKEY)
4568 if (++i == idx)
4569 break;
4570 }
4571 if (!node)
4572 {
4573 tty_printf (_("No subkey with index %d\n"), idx );
4574 return 0;
4575 }
4576
4577 for (i=0, node = keyblock; node; node = node->next)
4578 {
4579 if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY
4580 || node->pkt->pkttype == PKT_SECRET_SUBKEY )
4581 if (++i == idx)
4582 {
4583 if ((node->flag & NODFLG_SELKEY))
4584 node->flag &= ~NODFLG_SELKEY;
4585 else
4586 node->flag |= NODFLG_SELKEY;
4587 }
4588 }
4589 }
4590 else /* Unselect all. */
4591 {
4592 for (node = keyblock; node; node = node->next)
4593 if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY
4594 || node->pkt->pkttype == PKT_SECRET_SUBKEY)
4595 node->flag &= ~NODFLG_SELKEY;
4596 }
4597
4598 return 1;
4599 }
4600
4601
4602 static int
4603 count_uids_with_flag( KBNODE keyblock, unsigned flag )
4604 {
4605 KBNODE node;
4606 int i=0;
4607
4608 for( node = keyblock; node; node = node->next )
4609 if( node->pkt->pkttype == PKT_USER_ID && (node->flag & flag) )
4610 i++;
4611 return i;
4612 }
4613
4614 static int
4615 count_keys_with_flag( KBNODE keyblock, unsigned flag )
4616 {
4617 KBNODE node;
4618 int i=0;
4619
4620 for( node = keyblock; node; node = node->next )
4621 if( ( node->pkt->pkttype == PKT_PUBLIC_SUBKEY
4622 || node->pkt->pkttype == PKT_SECRET_SUBKEY)
4623 && (node->flag & flag) )
4624 i++;
4625 return i;
4626 }
4627
4628 static int
4629 count_uids( KBNODE keyblock )
4630 {
4631 KBNODE node;
4632 int i=0;
4633
4634 for( node = keyblock; node; node = node->next )
4635 if( node->pkt->pkttype == PKT_USER_ID )
4636 i++;
4637 return i;
4638 }
4639
4640
4641 /****************
4642 * Returns true if there is at least one selected user id
4643 */
4644 static int
4645 count_selected_uids( KBNODE keyblock )
4646 {
4647 return count_uids_with_flag( keyblock, NODFLG_SELUID);
4648 }
4649
4650 static int
4651 count_selected_keys( KBNODE keyblock )
4652 {
4653 return count_keys_with_flag( keyblock, NODFLG_SELKEY);
4654 }
4655
4656 /* returns how many real (i.e. not attribute) uids are unmarked */
4657 static int
4658 real_uids_left( KBNODE keyblock )
4659 {
4660 KBNODE node;
4661 int real=0;
4662
4663 for(node=keyblock;node;node=node->next)
4664 if(node->pkt->pkttype==PKT_USER_ID && !(node->flag&NODFLG_SELUID) &&
4665 !node->pkt->pkt.user_id->attrib_data)
4666 real++;
4667
4668 return real;
4669 }
4670
4671 /*
4672 * Ask whether the signature should be revoked. If the user commits this,
4673 * flag bit MARK_A is set on the signature and the user ID.
4674 */
4675 static void
4676 ask_revoke_sig( KBNODE keyblock, KBNODE node )
4677 {
4678 int doit=0;
4679 PKT_user_id *uid;
4680 PKT_signature *sig = node->pkt->pkt.signature;
4681 KBNODE unode = find_prev_kbnode( keyblock, node, PKT_USER_ID );
4682
4683 if( !unode ) {
4684 log_error("Oops: no user ID for signature\n");
4685 return;
4686 }
4687
4688 uid=unode->pkt->pkt.user_id;
4689
4690 if(opt.with_colons)
4691 {
4692 if(uid->attrib_data)
4693 printf("uat:::::::::%u %lu",uid->numattribs,uid->attrib_len);
4694 else
4695 {
4696 printf("uid:::::::::");
4697 print_string (stdout, uid->name, uid->len, ':');
4698 }
4699
4700 printf("\n");
4701
4702 print_and_check_one_sig_colon(keyblock,node,NULL,NULL,NULL,NULL,1);
4703 }
4704 else
4705 {
4706 char *p=utf8_to_native(unode->pkt->pkt.user_id->name,
4707 unode->pkt->pkt.user_id->len,0);
4708 tty_printf(_("user ID: \"%s\"\n"),p);
4709 xfree(p);
4710
4711 tty_printf(_("signed by your key %s on %s%s%s\n"),
4712 keystr(sig->keyid),datestr_from_sig(sig),
4713 sig->flags.exportable?"":_(" (non-exportable)"),"");
4714 }
4715 if(sig->flags.expired)
4716 {
4717 tty_printf(_("This signature expired on %s.\n"),
4718 expirestr_from_sig(sig));
4719 /* Use a different question so we can have different help text */
4720 doit=cpr_get_answer_is_yes("ask_revoke_sig.expired",
4721 _("Are you sure you still want to revoke it? (y/N) "));
4722 }
4723 else
4724 doit=cpr_get_answer_is_yes("ask_revoke_sig.one",
4725 _("Create a revocation certificate for this signature? (y/N) "));
4726
4727 if(doit) {
4728 node->flag |= NODFLG_MARK_A;
4729 unode->flag |= NODFLG_MARK_A;
4730 }
4731 }
4732
4733 /****************
4734 * Display all user ids of the current public key together with signatures
4735 * done by one of our keys. Then walk over all this sigs and ask the user
4736 * whether he wants to revoke this signature.
4737 * Return: True when the keyblock has changed.
4738 */
4739 static int
4740 menu_revsig( KBNODE keyblock )
4741 {
4742 PKT_signature *sig;
4743 PKT_public_key *primary_pk;
4744 KBNODE node;
4745 int changed = 0;
4746 int rc, any, skip=1, all=!count_selected_uids(keyblock);
4747 struct revocation_reason_info *reason = NULL;
4748
4749 assert(keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
4750
4751 /* First check whether we have any signatures at all. */
4752 any = 0;
4753 for (node = keyblock; node; node = node->next )
4754 {
4755 node->flag &= ~(NODFLG_SELSIG | NODFLG_MARK_A);
4756 if (node->pkt->pkttype == PKT_USER_ID) {
4757 if (node->flag&NODFLG_SELUID || all)
4758 skip = 0;
4759 else
4760 skip = 1;
4761 }
4762 else if (!skip && node->pkt->pkttype == PKT_SIGNATURE
4763 && ((sig = node->pkt->pkt.signature),
4764 !seckey_available(sig->keyid) ))
4765 {
4766 if ((sig->sig_class&~3) == 0x10)
4767 {
4768 any = 1;
4769 break;
4770 }
4771 }
4772 }
4773
4774 if (!any)
4775 {
4776 tty_printf (_("Not signed by you.\n"));
4777 return 0;
4778 }
4779
4780
4781 /* FIXME: detect duplicates here */
4782 tty_printf(_("You have signed these user IDs on key %s:\n"),
4783 keystr_from_pk(keyblock->pkt->pkt.public_key));
4784 for( node = keyblock; node; node = node->next ) {
4785 node->flag &= ~(NODFLG_SELSIG | NODFLG_MARK_A);
4786 if( node->pkt->pkttype == PKT_USER_ID ) {
4787 if( node->flag&NODFLG_SELUID || all ) {
4788 PKT_user_id *uid = node->pkt->pkt.user_id;
4789 /* Hmmm: Should we show only UIDs with a signature? */
4790 tty_printf(" ");
4791 tty_print_utf8_string( uid->name, uid->len );
4792 tty_printf("\n");
4793 skip=0;
4794 }
4795 else
4796 skip=1;
4797 }
4798 else if( !skip && node->pkt->pkttype == PKT_SIGNATURE
4799 && ((sig = node->pkt->pkt.signature),
4800 !seckey_available(sig->keyid) ) )
4801 {
4802 if( (sig->sig_class&~3) == 0x10 )
4803 {
4804 tty_printf(" ");
4805 tty_printf(_("signed by your key %s on %s%s%s\n"),
4806 keystr(sig->keyid), datestr_from_sig(sig),
4807 sig->flags.exportable?"":_(" (non-exportable)"),
4808 sig->flags.revocable?"":_(" (non-revocable)"));
4809 if(sig->flags.revocable)
4810 node->flag |= NODFLG_SELSIG;
4811 }
4812 else if( sig->sig_class == 0x30 )
4813 {
4814 tty_printf(" ");
4815 tty_printf(_("revoked by your key %s on %s\n"),
4816 keystr(sig->keyid),datestr_from_sig(sig));
4817 }
4818 }
4819 }
4820
4821 tty_printf("\n");
4822
4823 /* ask */
4824 for( node = keyblock; node; node = node->next ) {
4825 if( !(node->flag & NODFLG_SELSIG) )
4826 continue;
4827 ask_revoke_sig( keyblock, node );
4828 }
4829
4830 /* present selected */
4831 any = 0;
4832 for( node = keyblock; node; node = node->next ) {
4833 if( !(node->flag & NODFLG_MARK_A) )
4834 continue;
4835 if( !any ) {
4836 any = 1;
4837 tty_printf(_("You are about to revoke these signatures:\n"));
4838 }
4839 if( node->pkt->pkttype == PKT_USER_ID ) {
4840 PKT_user_id *uid = node->pkt->pkt.user_id;
4841 tty_printf(" ");
4842 tty_print_utf8_string( uid->name, uid->len );
4843 tty_printf("\n");
4844 }
4845 else if( node->pkt->pkttype == PKT_SIGNATURE ) {
4846 sig = node->pkt->pkt.signature;
4847 tty_printf(" ");
4848 tty_printf(_("signed by your key %s on %s%s%s\n"),
4849 keystr(sig->keyid), datestr_from_sig(sig),"",
4850 sig->flags.exportable?"":_(" (non-exportable)") );
4851 }
4852 }
4853 if( !any )
4854 return 0; /* none selected */
4855
4856 if( !cpr_get_answer_is_yes("ask_revoke_sig.okay",
4857 _("Really create the revocation certificates? (y/N) ")) )
4858 return 0; /* forget it */
4859
4860 reason = ask_revocation_reason( 0, 1, 0 );
4861 if( !reason ) { /* user decided to cancel */
4862 return 0;
4863 }
4864
4865 /* now we can sign the user ids */
4866 reloop: /* (must use this, because we are modifing the list) */
4867 primary_pk = keyblock->pkt->pkt.public_key;
4868 for( node=keyblock; node; node = node->next ) {
4869 KBNODE unode;
4870 PACKET *pkt;
4871 struct sign_attrib attrib;
4872 PKT_secret_key *sk;
4873
4874 if( !(node->flag & NODFLG_MARK_A)
4875 || node->pkt->pkttype != PKT_SIGNATURE )
4876 continue;
4877 unode = find_prev_kbnode( keyblock, node, PKT_USER_ID );
4878 assert( unode ); /* we already checked this */
4879
4880 memset( &attrib, 0, sizeof attrib );
4881 attrib.reason = reason;
4882 attrib.non_exportable=!node->pkt->pkt.signature->flags.exportable;
4883
4884 node->flag &= ~NODFLG_MARK_A;
4885 sk = xmalloc_secure_clear( sizeof *sk );
4886 if( get_seckey( sk, node->pkt->pkt.signature->keyid ) ) {
4887 log_info(_("no secret key\n"));
4888 continue;
4889 }
4890 rc = make_keysig_packet( &sig, primary_pk,
4891 unode->pkt->pkt.user_id,
4892 NULL,
4893 sk,
4894 0x30, 0, 0, 0, 0,
4895 sign_mk_attrib,
4896 &attrib );
4897 free_secret_key(sk);
4898 if( rc ) {
4899 log_error(_("signing failed: %s\n"), g10_errstr(rc));
4900 release_revocation_reason_info( reason );
4901 return changed;
4902 }
4903 changed = 1; /* we changed the keyblock */
4904 update_trust = 1;
4905 /* Are we revoking our own uid? */
4906 if(primary_pk->keyid[0]==sig->keyid[0] &&
4907 primary_pk->keyid[1]==sig->keyid[1])
4908 unode->pkt->pkt.user_id->is_revoked=1;
4909 pkt = xmalloc_clear( sizeof *pkt );
4910 pkt->pkttype = PKT_SIGNATURE;
4911 pkt->pkt.signature = sig;
4912 insert_kbnode( unode, new_kbnode(pkt), 0 );
4913 goto reloop;
4914 }
4915
4916 release_revocation_reason_info( reason );
4917 return changed;
4918 }
4919
4920 /* Revoke a user ID (i.e. revoke a user ID selfsig). Return true if
4921 keyblock changed. */
4922 static int
4923 menu_revuid( KBNODE pub_keyblock, KBNODE sec_keyblock )
4924 {
4925 PKT_public_key *pk = pub_keyblock->pkt->pkt.public_key;
4926 PKT_secret_key *sk = copy_secret_key( NULL,
4927 sec_keyblock->pkt->pkt.secret_key );
4928 KBNODE node;
4929 int changed = 0;
4930 int rc;
4931 struct revocation_reason_info *reason = NULL;
4932
4933 /* Note that this is correct as per the RFCs, but nevertheless
4934 somewhat meaningless in the real world. 1991 did define the 0x30
4935 sig class, but PGP 2.x did not actually implement it, so it would
4936 probably be safe to use v4 revocations everywhere. -ds */
4937
4938 for( node = pub_keyblock; node; node = node->next )
4939 if(pk->version>3 || (node->pkt->pkttype==PKT_USER_ID &&
4940 node->pkt->pkt.user_id->selfsigversion>3))
4941 {
4942 if((reason = ask_revocation_reason( 0, 1, 4 )))
4943 break;
4944 else
4945 goto leave;
4946 }
4947
4948 reloop: /* (better this way because we are modifing the keyring) */
4949 for( node = pub_keyblock; node; node = node->next )
4950 if(node->pkt->pkttype == PKT_USER_ID && (node->flag & NODFLG_SELUID))
4951 {
4952 PKT_user_id *uid=node->pkt->pkt.user_id;
4953
4954 if(uid->is_revoked)
4955 {
4956 char *user=utf8_to_native(uid->name,uid->len,0);
4957 log_info(_("user ID \"%s\" is already revoked\n"),user);
4958 xfree(user);
4959 }
4960 else
4961 {
4962 PACKET *pkt;
4963 PKT_signature *sig;
4964 struct sign_attrib attrib;
4965 u32 timestamp=make_timestamp();
4966
4967 if(uid->created>=timestamp)
4968 {
4969 /* Okay, this is a problem. The user ID selfsig was
4970 created in the future, so we need to warn the user and
4971 set our revocation timestamp one second after that so
4972 everything comes out clean. */
4973
4974 log_info(_("WARNING: a user ID signature is dated %d"
4975 " seconds in the future\n"),uid->created-timestamp);
4976
4977 timestamp=uid->created+1;
4978 }
4979
4980 memset( &attrib, 0, sizeof attrib );
4981 attrib.reason = reason;
4982
4983 node->flag &= ~NODFLG_SELUID;
4984
4985 rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x30, 0,
4986 (reason==NULL)?3:0, timestamp, 0,
4987 sign_mk_attrib, &attrib );
4988 if( rc )
4989 {
4990 log_error(_("signing failed: %s\n"), g10_errstr(rc));
4991 goto leave;
4992 }
4993 else
4994 {
4995 pkt = xmalloc_clear( sizeof *pkt );
4996 pkt->pkttype = PKT_SIGNATURE;
4997 pkt->pkt.signature = sig;
4998 insert_kbnode( node, new_kbnode(pkt), 0 );
4999
5000 /* If the trustdb has an entry for this key+uid then the
5001 trustdb needs an update. */
5002 if(!update_trust
5003 && (get_validity(pk,uid)&TRUST_MASK)>=TRUST_UNDEFINED)
5004 update_trust=1;
5005
5006 changed = 1;
5007 node->pkt->pkt.user_id->is_revoked=1;
5008
5009 goto reloop;
5010 }
5011 }
5012 }
5013
5014 if(changed)
5015 commit_kbnode( &pub_keyblock );
5016
5017 leave:
5018 free_secret_key(sk);
5019 release_revocation_reason_info( reason );
5020 return changed;
5021 }
5022
5023 /****************
5024 * Revoke the whole key.
5025 */
5026 static int
5027 menu_revkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
5028 {
5029 PKT_public_key *pk=pub_keyblock->pkt->pkt.public_key;
5030 PKT_secret_key *sk;
5031 int rc,changed = 0;
5032 struct revocation_reason_info *reason;
5033 PACKET *pkt;
5034 PKT_signature *sig;
5035
5036 if(pk->is_revoked)
5037 {
5038 tty_printf(_("Key %s is already revoked.\n"),keystr_from_pk(pk));
5039 return 0;
5040 }
5041
5042 reason = ask_revocation_reason( 1, 0, 0 );
5043 /* user decided to cancel */
5044 if( !reason )
5045 return 0;
5046
5047 sk = copy_secret_key( NULL, sec_keyblock->pkt->pkt.secret_key );
5048 rc = make_keysig_packet( &sig, pk, NULL, NULL, sk,
5049 0x20, 0, opt.force_v4_certs?4:0, 0, 0,
5050 revocation_reason_build_cb, reason );
5051 free_secret_key(sk);
5052 if( rc )
5053 {
5054 log_error(_("signing failed: %s\n"), g10_errstr(rc));
5055 goto scram;
5056 }
5057
5058 changed = 1; /* we changed the keyblock */
5059
5060 pkt = xmalloc_clear( sizeof *pkt );
5061 pkt->pkttype = PKT_SIGNATURE;
5062 pkt->pkt.signature = sig;
5063 insert_kbnode( pub_keyblock, new_kbnode(pkt), 0 );
5064 commit_kbnode( &pub_keyblock );
5065
5066 update_trust=1;
5067
5068 scram:
5069 release_revocation_reason_info( reason );
5070 return changed;
5071 }
5072
5073 static int
5074 menu_revsubkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
5075 {
5076 PKT_public_key *mainpk;
5077 KBNODE node;
5078 int changed = 0;
5079 int rc;
5080 struct revocation_reason_info *reason = NULL;
5081
5082 reason = ask_revocation_reason( 1, 0, 0 );
5083 if( !reason ) { /* user decided to cancel */
5084 return 0;
5085 }
5086
5087 reloop: /* (better this way because we are modifing the keyring) */
5088 mainpk = pub_keyblock->pkt->pkt.public_key;
5089 for( node = pub_keyblock; node; node = node->next ) {
5090 if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY
5091 && (node->flag & NODFLG_SELKEY) ) {
5092 PACKET *pkt;
5093 PKT_signature *sig;
5094 PKT_secret_key *sk;
5095 PKT_public_key *subpk = node->pkt->pkt.public_key;
5096 struct sign_attrib attrib;
5097
5098 if(subpk->is_revoked)
5099 {
5100 tty_printf(_("Subkey %s is already revoked.\n"),
5101 keystr_from_pk(subpk));
5102 continue;
5103 }
5104
5105 memset( &attrib, 0, sizeof attrib );
5106 attrib.reason = reason;
5107
5108 node->flag &= ~NODFLG_SELKEY;
5109 sk = copy_secret_key( NULL, sec_keyblock->pkt->pkt.secret_key );
5110 rc = make_keysig_packet( &sig, mainpk, NULL, subpk, sk,
5111 0x28, 0, 0, 0, 0,
5112 sign_mk_attrib, &attrib );
5113 free_secret_key(sk);
5114 if( rc ) {
5115 log_error(_("signing failed: %s\n"), g10_errstr(rc));
5116 release_revocation_reason_info( reason );
5117 return changed;
5118 }
5119 changed = 1; /* we changed the keyblock */
5120
5121 pkt = xmalloc_clear( sizeof *pkt );
5122 pkt->pkttype = PKT_SIGNATURE;
5123 pkt->pkt.signature = sig;
5124 insert_kbnode( node, new_kbnode(pkt), 0 );
5125 goto reloop;
5126 }
5127 }
5128 commit_kbnode( &pub_keyblock );
5129 /*commit_kbnode( &sec_keyblock );*/
5130
5131 /* No need to set update_trust here since signing keys no longer
5132 are used to certify other keys, so there is no change in trust
5133 when revoking/removing them */
5134
5135 release_revocation_reason_info( reason );
5136 return changed;
5137 }
5138
5139 /* Note that update_ownertrust is going to mark the trustdb dirty when
5140 enabling or disabling a key. This is arguably sub-optimal as
5141 disabled keys are still counted in the web of trust, but perhaps
5142 not worth adding extra complexity to change. -ds */
5143 static int
5144 enable_disable_key( KBNODE keyblock, int disable )
5145 {
5146 PKT_public_key *pk = find_kbnode( keyblock, PKT_PUBLIC_KEY )
5147 ->pkt->pkt.public_key;
5148 unsigned int trust, newtrust;
5149
5150 trust = newtrust = get_ownertrust (pk);
5151 newtrust &= ~TRUST_FLAG_DISABLED;
5152 if( disable )
5153 newtrust |= TRUST_FLAG_DISABLED;
5154 if( trust == newtrust )
5155 return 0; /* already in that state */
5156 update_ownertrust(pk, newtrust );
5157 return 0;
5158 }
5159
5160
5161 static void
5162 menu_showphoto( KBNODE keyblock )
5163 {
5164 KBNODE node;
5165 int select_all = !count_selected_uids(keyblock);
5166 int count=0;
5167 PKT_public_key *pk=NULL;
5168
5169 /* Look for the public key first. We have to be really, really,
5170 explicit as to which photo this is, and what key it is a UID on
5171 since people may want to sign it. */
5172
5173 for( node = keyblock; node; node = node->next )
5174 {
5175 if( node->pkt->pkttype == PKT_PUBLIC_KEY )
5176 pk = node->pkt->pkt.public_key;
5177 else if( node->pkt->pkttype == PKT_USER_ID )
5178 {
5179 PKT_user_id *uid = node->pkt->pkt.user_id;
5180 count++;
5181
5182 if((select_all || (node->flag & NODFLG_SELUID)) &&
5183 uid->attribs!=NULL)
5184 {
5185 int i;
5186
5187 for(i=0;i<uid->numattribs;i++)
5188 {
5189 byte type;
5190 u32 size;
5191
5192 if(uid->attribs[i].type==ATTRIB_IMAGE &&
5193 parse_image_header(&uid->attribs[i],&type,&size))
5194 {
5195 tty_printf(_("Displaying %s photo ID of size %ld for "
5196 "key %s (uid %d)\n"),
5197 image_type_to_string(type,1),
5198 (ulong)size,keystr_from_pk(pk),count);
5199 show_photos(&uid->attribs[i],1,pk,NULL,uid);
5200 }
5201 }
5202 }
5203 }
5204 }
5205 }
gnupg svn clone