g10/delkey.c

   1 /* delkey.c - delete keys
   2  * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2004,
   3  *               2005, 2006 Free Software Foundation, Inc.
   4  *
   5  * This file is part of GnuPG.
   6  *
   7  * GnuPG is free software; you can redistribute it and/or modify
   8  * it under the terms of the GNU General Public License as published by
   9  * the Free Software Foundation; either version 3 of the License, or
  10  * (at your option) any later version.
  11  *
  12  * GnuPG is distributed in the hope that it will be useful,
  13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  * GNU General Public License for more details.
  16  *
  17  * You should have received a copy of the GNU General Public License
  18  * along with this program; if not, see <http://www.gnu.org/licenses/>.
  19  */
  20
  21 #include <config.h>
  22 #include <stdio.h>
  23 #include <stdlib.h>
  24 #include <string.h>
  25 #include <errno.h>
  26 #include <assert.h>
  27 #include <ctype.h>
  28
  29 #include "gpg.h"
  30 #include "options.h"
  31 #include "packet.h"
  32 #include "status.h"
  33 #include "iobuf.h"
  34 #include "keydb.h"
  35 #include "util.h"
  36 #include "main.h"
  37 #include "trustdb.h"
  38 #include "filter.h"
  39 #include "ttyio.h"
  40 #include "status.h"
  41 #include "i18n.h"
  42
  43
  44 /****************
  45  * Delete a public or secret key from a keyring.
  46  * r_sec_avail will be set if a secret key is available and the public
  47  * key can't be deleted for that reason.
  48  */
  49 static int
  50 do_delete_key( const char *username, int secret, int force, int *r_sec_avail )
  51 {
  52     int rc = 0;
  53     KBNODE keyblock = NULL;
  54     KBNODE node;
  55     KEYDB_HANDLE hd = keydb_new (secret);
  56     PKT_public_key *pk = NULL;
  57     PKT_secret_key *sk = NULL;
  58     u32 keyid[2];
  59     int okay=0;
  60     int yes;
  61     KEYDB_SEARCH_DESC desc;
  62     int exactmatch;
  63
  64     *r_sec_avail = 0;
  65
  66     /* search the userid */
  67     classify_user_id (username, &desc);
  68     exactmatch = (desc.mode == KEYDB_SEARCH_MODE_FPR
  69                   || desc.mode == KEYDB_SEARCH_MODE_FPR16
  70                   || desc.mode == KEYDB_SEARCH_MODE_FPR20);
  71     rc = desc.mode? keydb_search (hd, &desc, 1):G10ERR_INV_USER_ID;
  72     if (rc) {
  73         log_error (_("key \"%s\" not found: %s\n"), username, g10_errstr (rc));
  74         write_status_text( STATUS_DELETE_PROBLEM, "1" );
  75         goto leave;
  76     }
  77
  78     /* read the keyblock */
  79     rc = keydb_get_keyblock (hd, &keyblock );
  80     if (rc) {
  81         log_error (_("error reading keyblock: %s\n"), g10_errstr(rc) );
  82         goto leave;
  83     }
  84
  85     /* get the keyid from the keyblock */
  86     node = find_kbnode( keyblock, secret? PKT_SECRET_KEY:PKT_PUBLIC_KEY );
  87     if( !node ) {
  88         log_error("Oops; key not found anymore!\n");
  89         rc = G10ERR_GENERAL;
  90         goto leave;
  91     }
  92
  93     if( secret )
  94       {
  95         sk = node->pkt->pkt.secret_key;
  96         keyid_from_sk( sk, keyid );
  97       }
  98     else
  99       {
 100         /* public */
 101         pk = node->pkt->pkt.public_key;
 102         keyid_from_pk( pk, keyid );
 103
 104         if(!force)
 105           {
 106             rc = seckey_available( keyid );
 107             if( !rc )
 108               {
 109                 *r_sec_avail = 1;
 110                 rc = -1;
 111                 goto leave;
 112               }
 113             else if( rc != G10ERR_NO_SECKEY )
 114               log_error("%s: get secret key: %s\n", username, g10_errstr(rc) );
 115             else
 116               rc = 0;
 117           }
 118       }
 119
 120     if( rc )
 121         rc = 0;
 122     else if (opt.batch && exactmatch)
 123         okay++;
 124     else if( opt.batch && secret )
 125       {
 126         log_error(_("can't do this in batch mode\n"));
 127         log_info (_("(unless you specify the key by fingerprint)\n"));
 128       }
 129     else if( opt.batch && opt.answer_yes )
 130         okay++;
 131     else if( opt.batch )
 132       {
 133         log_error(_("can't do this in batch mode without \"--yes\"\n"));
 134         log_info (_("(unless you specify the key by fingerprint)\n"));
 135       }
 136     else {
 137         if( secret )
 138             print_seckey_info( sk );
 139         else
 140             print_pubkey_info(NULL, pk );
 141         tty_printf( "\n" );
 142
 143         yes = cpr_get_answer_is_yes( secret? "delete_key.secret.okay"
 144                                            : "delete_key.okay",
 145                               _("Delete this key from the keyring? (y/N) "));
 146         if( !cpr_enabled() && secret && yes ) {
 147             /* I think it is not required to check a passphrase; if
 148              * the user is so stupid as to let others access his secret keyring
 149              * (and has no backup) - it is up him to read some very
 150              * basic texts about security.
 151              */
 152             yes = cpr_get_answer_is_yes("delete_key.secret.okay",
 153                          _("This is a secret key! - really delete? (y/N) "));
 154         }
 155         if( yes )
 156             okay++;
 157     }
 158
 159
 160     if( okay ) {
 161         rc = keydb_delete_keyblock (hd);
 162         if (rc) {
 163             log_error (_("deleting keyblock failed: %s\n"), g10_errstr(rc) );
 164             goto leave;
 165         }
 166
 167         /* Note that the ownertrust being cleared will trigger a
 168            revalidation_mark().  This makes sense - only deleting keys
 169            that have ownertrust set should trigger this. */
 170
 171         if (!secret && pk && clear_ownertrusts (pk)) {
 172           if (opt.verbose)
 173             log_info (_("ownertrust information cleared\n"));
 174         }
 175     }
 176
 177   leave:
 178     keydb_release (hd);
 179     release_kbnode (keyblock);
 180     return rc;
 181 }
 182
 183 /****************
 184  * Delete a public or secret key from a keyring.
 185  */
 186 int
 187 delete_keys( strlist_t names, int secret, int allow_both )
 188 {
 189     int rc, avail, force=(!allow_both && !secret && opt.expert);
 190
 191     /* Force allows us to delete a public key even if a secret key
 192        exists. */
 193
 194     for(;names;names=names->next) {
 195        rc = do_delete_key (names->d, secret, force, &avail );
 196        if ( rc && avail ) {
 197          if ( allow_both ) {
 198            rc = do_delete_key (names->d, 1, 0, &avail );
 199            if ( !rc )
 200              rc = do_delete_key (names->d, 0, 0, &avail );
 201          }
 202          else {
 203            log_error(_(
 204               "there is a secret key for public key \"%s\"!\n"),names->d);
 205            log_info(_(
 206               "use option \"--delete-secret-keys\" to delete it first.\n"));
 207            write_status_text( STATUS_DELETE_PROBLEM, "2" );
 208            return rc;
 209          }
 210        }
 211
 212        if(rc) {
 213          log_error("%s: delete key failed: %s\n", names->d, g10_errstr(rc) );
 214          return rc;
 215        }
 216     }
 217
 218     return 0;
 219 }