1 /* keyedit.c - keyedit stuff
2 * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
3 * 2008, 2009, 2010 Free Software Foundation, Inc.
5 * This file is part of GnuPG.
7 * GnuPG is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 3 of the License, or
10 * (at your option) any later version.
12 * GnuPG is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, see <http://www.gnu.org/licenses/>.
28 #ifdef HAVE_LIBREADLINE
29 # define GNUPG_LIBREADLINE_H_INCLUDED
30 # include <readline/readline.h>
33 #define JNLIB_NEED_LOG_LOGV
48 #include "keyserver-internal.h"
49 #include "call-agent.h"
51 static void show_prefs (PKT_user_id * uid, PKT_signature * selfsig,
53 static void show_names (KBNODE keyblock, PKT_public_key * pk,
54 unsigned int flag, int with_prefs);
55 static void show_key_with_all_names (KBNODE keyblock, int only_marked,
56 int with_revoker, int with_fpr,
57 int with_subkeys, int with_prefs);
58 static void show_key_and_fingerprint (KBNODE keyblock);
59 static int menu_adduid (KBNODE keyblock, int photo, const char *photo_name);
60 static void menu_deluid (KBNODE pub_keyblock);
61 static int menu_delsig (KBNODE pub_keyblock);
62 static int menu_clean (KBNODE keyblock, int self_only);
63 static void menu_delkey (KBNODE pub_keyblock);
64 static int menu_addrevoker (ctrl_t ctrl, kbnode_t pub_keyblock, int sensitive);
65 static int menu_expire (KBNODE pub_keyblock);
66 static int menu_backsign (KBNODE pub_keyblock);
67 static int menu_set_primary_uid (KBNODE pub_keyblock);
68 static int menu_set_preferences (KBNODE pub_keyblock);
69 static int menu_set_keyserver_url (const char *url, KBNODE pub_keyblock);
70 static int menu_set_notation (const char *string, KBNODE pub_keyblock);
71 static int menu_select_uid (KBNODE keyblock, int idx);
72 static int menu_select_uid_namehash (KBNODE keyblock, const char *namehash);
73 static int menu_select_key (KBNODE keyblock, int idx);
74 static int count_uids (KBNODE keyblock);
75 static int count_uids_with_flag (KBNODE keyblock, unsigned flag);
76 static int count_keys_with_flag (KBNODE keyblock, unsigned flag);
77 static int count_selected_uids (KBNODE keyblock);
78 static int real_uids_left (KBNODE keyblock);
79 static int count_selected_keys (KBNODE keyblock);
80 static int menu_revsig (KBNODE keyblock);
81 static int menu_revuid (KBNODE keyblock);
82 static int menu_revkey (KBNODE pub_keyblock);
83 static int menu_revsubkey (KBNODE pub_keyblock);
84 static int enable_disable_key (KBNODE keyblock, int disable);
85 static void menu_showphoto (KBNODE keyblock);
87 static int update_trust = 0;
89 #define CONTROL_D ('D' - 'A' + 1)
91 #define NODFLG_BADSIG (1<<0) /* Bad signature. */
92 #define NODFLG_NOKEY (1<<1) /* No public key. */
93 #define NODFLG_SIGERR (1<<2) /* Other sig error. */
95 #define NODFLG_MARK_A (1<<4) /* Temporary mark. */
96 #define NODFLG_DELSIG (1<<5) /* To be deleted. */
98 #define NODFLG_SELUID (1<<8) /* Indicate the selected userid. */
99 #define NODFLG_SELKEY (1<<9) /* Indicate the selected key. */
100 #define NODFLG_SELSIG (1<<10) /* Indicate a selected signature. */
104 int non_exportable, non_revocable;
105 struct revocation_reason_info *reason;
106 byte trust_depth, trust_value;
112 /* TODO: Fix duplicated code between here and the check-sigs/list-sigs
113 code in keylist.c. */
115 print_and_check_one_sig_colon (KBNODE keyblock, KBNODE node,
116 int *inv_sigs, int *no_key, int *oth_err,
117 int *is_selfsig, int print_without_key)
119 PKT_signature *sig = node->pkt->pkt.signature;
122 /* TODO: Make sure a cached sig record here still has the pk that
123 issued it. See also keylist.c:list_keyblock_print */
125 switch ((rc = check_key_signature (keyblock, node, is_selfsig)))
128 node->flag &= ~(NODFLG_BADSIG | NODFLG_NOKEY | NODFLG_SIGERR);
131 case G10ERR_BAD_SIGN:
132 node->flag = NODFLG_BADSIG;
137 case G10ERR_NO_PUBKEY:
138 case G10ERR_UNU_PUBKEY:
139 node->flag = NODFLG_NOKEY;
145 node->flag = NODFLG_SIGERR;
152 if (sigrc != '?' || print_without_key)
154 printf ("sig:%c::%d:%08lX%08lX:%lu:%lu:",
155 sigrc, sig->pubkey_algo, (ulong) sig->keyid[0],
156 (ulong) sig->keyid[1], (ulong) sig->timestamp,
157 (ulong) sig->expiredate);
159 if (sig->trust_depth || sig->trust_value)
160 printf ("%d %d", sig->trust_depth, sig->trust_value);
164 if (sig->trust_regexp)
165 es_write_sanitized (es_stdout,
166 sig->trust_regexp, strlen (sig->trust_regexp),
169 printf ("::%02x%c\n", sig->sig_class,
170 sig->flags.exportable ? 'x' : 'l');
172 if (opt.show_subpackets)
173 print_subpackets_colon (sig);
176 return (sigrc == '!');
181 * Print information about a signature, check it and return true
182 * if the signature is okay. NODE must be a signature packet.
185 print_and_check_one_sig (KBNODE keyblock, KBNODE node,
186 int *inv_sigs, int *no_key, int *oth_err,
187 int *is_selfsig, int print_without_key)
189 PKT_signature *sig = node->pkt->pkt.signature;
191 int is_rev = sig->sig_class == 0x30;
193 /* TODO: Make sure a cached sig record here still has the pk that
194 issued it. See also keylist.c:list_keyblock_print */
196 switch ((rc = check_key_signature (keyblock, node, is_selfsig)))
199 node->flag &= ~(NODFLG_BADSIG | NODFLG_NOKEY | NODFLG_SIGERR);
202 case G10ERR_BAD_SIGN:
203 node->flag = NODFLG_BADSIG;
208 case G10ERR_NO_PUBKEY:
209 case G10ERR_UNU_PUBKEY:
210 node->flag = NODFLG_NOKEY;
216 node->flag = NODFLG_SIGERR;
222 if (sigrc != '?' || print_without_key)
224 tty_printf ("%s%c%c %c%c%c%c%c%c %s %s",
225 is_rev ? "rev" : "sig", sigrc,
226 (sig->sig_class - 0x10 > 0 &&
227 sig->sig_class - 0x10 <
228 4) ? '0' + sig->sig_class - 0x10 : ' ',
229 sig->flags.exportable ? ' ' : 'L',
230 sig->flags.revocable ? ' ' : 'R',
231 sig->flags.policy_url ? 'P' : ' ',
232 sig->flags.notation ? 'N' : ' ',
233 sig->flags.expired ? 'X' : ' ',
234 (sig->trust_depth > 9) ? 'T' : (sig->trust_depth >
236 sig->trust_depth : ' ', keystr (sig->keyid),
237 datestr_from_sig (sig));
238 if (opt.list_options & LIST_SHOW_SIG_EXPIRE)
239 tty_printf (" %s", expirestr_from_sig (sig));
242 tty_printf ("[%s] ", g10_errstr (rc));
243 else if (sigrc == '?')
245 else if (*is_selfsig)
247 tty_printf (is_rev ? _("[revocation]") : _("[self-signature]"));
252 char *p = get_user_id (sig->keyid, &n);
253 tty_print_utf8_string2 (p, n,
254 opt.screen_columns - keystrlen () - 26 -
256 list_options & LIST_SHOW_SIG_EXPIRE) ? 11
262 if (sig->flags.policy_url && (opt.list_options & LIST_SHOW_POLICY_URLS))
263 show_policy_url (sig, 3, 0);
265 if (sig->flags.notation && (opt.list_options & LIST_SHOW_NOTATIONS))
266 show_notation (sig, 3, 0,
268 list_options & LIST_SHOW_STD_NOTATIONS) ? 1 : 0) +
270 list_options & LIST_SHOW_USER_NOTATIONS) ? 2 : 0));
272 if (sig->flags.pref_ks && (opt.list_options & LIST_SHOW_KEYSERVER_URLS))
273 show_keyserver_url (sig, 3, 0);
276 return (sigrc == '!');
282 * Check the keysigs and set the flags to indicate errors.
283 * Returns true if error found.
286 check_all_keysigs (KBNODE keyblock, int only_selected)
295 int selected = !only_selected;
298 for (kbctx = NULL; (node = walk_kbnode (keyblock, &kbctx, 0));)
300 if (node->pkt->pkttype == PKT_USER_ID)
302 PKT_user_id *uid = node->pkt->pkt.user_id;
305 selected = (node->flag & NODFLG_SELUID);
309 tty_print_utf8_string (uid->name, uid->len);
311 if (anyuid && !has_selfsig)
317 else if (selected && node->pkt->pkttype == PKT_SIGNATURE
318 && ((node->pkt->pkt.signature->sig_class & ~3) == 0x10
319 || node->pkt->pkt.signature->sig_class == 0x30))
323 if (print_and_check_one_sig (keyblock, node, &inv_sigs,
324 &no_key, &oth_err, &selfsig, 0))
329 /* Hmmm: should we update the trustdb here? */
335 tty_printf (_("1 bad signature\n"));
337 tty_printf (_("%d bad signatures\n"), inv_sigs);
339 tty_printf (_("1 signature not checked due to a missing key\n"));
341 tty_printf (_("%d signatures not checked due to missing keys\n"), no_key);
343 tty_printf (_("1 signature not checked due to an error\n"));
345 tty_printf (_("%d signatures not checked due to errors\n"), oth_err);
346 if (mis_selfsig == 1)
347 tty_printf (_("1 user ID without valid self-signature detected\n"));
348 else if (mis_selfsig)
349 tty_printf (_("%d user IDs without valid self-signatures detected\n"),
352 return inv_sigs || no_key || oth_err || mis_selfsig;
357 sign_mk_attrib (PKT_signature * sig, void *opaque)
359 struct sign_attrib *attrib = opaque;
362 if (attrib->non_exportable)
364 buf[0] = 0; /* not exportable */
365 build_sig_subpkt (sig, SIGSUBPKT_EXPORTABLE, buf, 1);
368 if (attrib->non_revocable)
370 buf[0] = 0; /* not revocable */
371 build_sig_subpkt (sig, SIGSUBPKT_REVOCABLE, buf, 1);
375 revocation_reason_build_cb (sig, attrib->reason);
377 if (attrib->trust_depth)
379 /* Not critical. If someone doesn't understand trust sigs,
380 this can still be a valid regular signature. */
381 buf[0] = attrib->trust_depth;
382 buf[1] = attrib->trust_value;
383 build_sig_subpkt (sig, SIGSUBPKT_TRUST, buf, 2);
385 /* Critical. If someone doesn't understands regexps, this
386 whole sig should be invalid. Note the +1 for the length -
387 regexps are null terminated. */
388 if (attrib->trust_regexp)
389 build_sig_subpkt (sig, SIGSUBPKT_FLAG_CRITICAL | SIGSUBPKT_REGEXP,
390 attrib->trust_regexp,
391 strlen (attrib->trust_regexp) + 1);
399 trustsig_prompt (byte * trust_value, byte * trust_depth, char **regexp)
407 /* Same string as pkclist.c:do_edit_ownertrust */
409 ("Please decide how far you trust this user to correctly verify"
410 " other users' keys\n(by looking at passports, checking"
411 " fingerprints from different sources, etc.)\n"));
413 tty_printf (_(" %d = I trust marginally\n"), 1);
414 tty_printf (_(" %d = I trust fully\n"), 2);
417 while (*trust_value == 0)
419 p = cpr_get ("trustsig_prompt.trust_value", _("Your selection? "));
422 /* 60 and 120 are as per RFC2440 */
423 if (p[0] == '1' && !p[1])
425 else if (p[0] == '2' && !p[1])
432 tty_printf (_("Please enter the depth of this trust signature.\n"
433 "A depth greater than 1 allows the key you are signing to make\n"
434 "trust signatures on your behalf.\n"));
437 while (*trust_depth == 0)
439 p = cpr_get ("trustsig_prompt.trust_depth", _("Your selection? "));
442 *trust_depth = atoi (p);
448 tty_printf (_("Please enter a domain to restrict this signature, "
449 "or enter for none.\n"));
453 p = cpr_get ("trustsig_prompt.trust_regexp", _("Your selection? "));
460 int regexplen = 100, ind;
462 *regexp = xmalloc (regexplen);
464 /* Now mangle the domain the user entered into a regexp. To do
465 this, \-escape everything that isn't alphanumeric, and attach
466 "<[^>]+[@.]" to the front, and ">$" to the end. */
468 strcpy (*regexp, "<[^>]+[@.]");
469 ind = strlen (*regexp);
473 if (!((*q >= 'A' && *q <= 'Z')
474 || (*q >= 'a' && *q <= 'z') || (*q >= '0' && *q <= '9')))
475 (*regexp)[ind++] = '\\';
477 (*regexp)[ind++] = *q;
479 if ((regexplen - ind) < 3)
482 *regexp = xrealloc (*regexp, regexplen);
488 (*regexp)[ind] = '\0';
489 strcat (*regexp, ">$");
498 * Loop over all LOCUSR and and sign the uids after asking.
499 * If no user id is marked, all user ids will be signed;
500 * if some user_ids are marked those will be signed.
503 sign_uids (KBNODE keyblock, strlist_t locusr, int *ret_modified,
504 int local, int nonrevocable, int trust, int interactive)
507 SK_LIST sk_list = NULL;
508 SK_LIST sk_rover = NULL;
509 PKT_public_key *pk = NULL;
510 KBNODE node, uidnode;
511 PKT_public_key *primary_pk = NULL;
512 int select_all = !count_selected_uids (keyblock) || interactive;
515 /* Are there any non-v3 sigs on this key already? */
517 for (node = keyblock; node; node = node->next)
518 if (node->pkt->pkttype == PKT_SIGNATURE &&
519 node->pkt->pkt.signature->version > 3)
525 /* Build a list of all signators.
527 * We use the CERT flag to request the primary which must always
528 * be one which is capable of signing keys. I can't see a reason
529 * why to sign keys using a subkey. Implementation of USAGE_CERT
530 * is just a hack in getkey.c and does not mean that a subkey
531 * marked as certification capable will be used. */
532 rc = build_sk_list (locusr, &sk_list, PUBKEY_USAGE_CERT);
536 /* Loop over all signators. */
537 for (sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next)
539 u32 sk_keyid[2], pk_keyid[2];
540 char *p, *trust_regexp = NULL;
541 int force_v4 = 0, class = 0, selfsig = 0;
542 u32 duration = 0, timestamp = 0;
543 byte trust_depth = 0, trust_value = 0;
545 if (local || nonrevocable || trust
546 || opt.cert_policy_url || opt.cert_notations)
550 keyid_from_pk (pk, sk_keyid);
552 /* Set mark A for all selected user ids. */
553 for (node = keyblock; node; node = node->next)
555 if (select_all || (node->flag & NODFLG_SELUID))
556 node->flag |= NODFLG_MARK_A;
558 node->flag &= ~NODFLG_MARK_A;
561 /* Reset mark for uids which are already signed. */
563 for (node = keyblock; node; node = node->next)
565 if (node->pkt->pkttype == PKT_PUBLIC_KEY)
567 primary_pk = node->pkt->pkt.public_key;
568 keyid_from_pk (primary_pk, pk_keyid);
570 /* Is this a self-sig? */
571 if (pk_keyid[0] == sk_keyid[0] && pk_keyid[1] == sk_keyid[1])
574 /* Do not force a v4 sig here, otherwise it would
575 be difficult to remake a v3 selfsig. If this
576 is a v3->v4 promotion case, then we set
577 force_v4 later anyway. */
581 else if (node->pkt->pkttype == PKT_USER_ID)
583 uidnode = (node->flag & NODFLG_MARK_A) ? node : NULL;
589 user = utf8_to_native (uidnode->pkt->pkt.user_id->name,
590 uidnode->pkt->pkt.user_id->len, 0);
592 if (uidnode->pkt->pkt.user_id->is_revoked)
594 tty_printf (_("User ID \"%s\" is revoked."), user);
601 /* No, so remove the mark and continue */
602 if (!cpr_get_answer_is_yes ("sign_uid.revoke_okay",
603 _("Are you sure you "
604 "still want to sign "
607 uidnode->flag &= ~NODFLG_MARK_A;
610 else if (interactive)
615 uidnode->flag &= ~NODFLG_MARK_A;
617 tty_printf (_(" Unable to sign.\n"));
620 else if (uidnode->pkt->pkt.user_id->is_expired)
622 tty_printf (_("User ID \"%s\" is expired."), user);
629 /* No, so remove the mark and continue */
630 if (!cpr_get_answer_is_yes ("sign_uid.expire_okay",
631 _("Are you sure you "
632 "still want to sign "
635 uidnode->flag &= ~NODFLG_MARK_A;
638 else if (interactive)
643 uidnode->flag &= ~NODFLG_MARK_A;
645 tty_printf (_(" Unable to sign.\n"));
648 else if (!uidnode->pkt->pkt.user_id->created && !selfsig)
650 tty_printf (_("User ID \"%s\" is not self-signed."),
656 /* No, so remove the mark and continue */
657 if (!cpr_get_answer_is_yes ("sign_uid.nosig_okay",
658 _("Are you sure you "
659 "still want to sign "
662 uidnode->flag &= ~NODFLG_MARK_A;
665 else if (interactive)
670 uidnode->flag &= ~NODFLG_MARK_A;
672 tty_printf (_(" Unable to sign.\n"));
676 if (uidnode && interactive && !yesreally)
678 tty_printf (_("User ID \"%s\" is signable. "), user);
679 if (!cpr_get_answer_is_yes ("sign_uid.sign_okay",
680 _("Sign it? (y/N) ")))
682 uidnode->flag &= ~NODFLG_MARK_A;
690 else if (uidnode && node->pkt->pkttype == PKT_SIGNATURE
691 && (node->pkt->pkt.signature->sig_class & ~3) == 0x10)
693 if (sk_keyid[0] == node->pkt->pkt.signature->keyid[0]
694 && sk_keyid[1] == node->pkt->pkt.signature->keyid[1])
699 user = utf8_to_native (uidnode->pkt->pkt.user_id->name,
700 uidnode->pkt->pkt.user_id->len, 0);
702 /* It's a v3 self-sig. Make it into a v4 self-sig? */
703 if (node->pkt->pkt.signature->version < 4 && selfsig)
705 tty_printf (_("The self-signature on \"%s\"\n"
706 "is a PGP 2.x-style signature.\n"), user);
708 /* Note that the regular PGP2 warning below
709 still applies if there are no v4 sigs on
713 if (cpr_get_answer_is_yes ("sign_uid.v4_promote_okay",
714 _("Do you want to promote "
715 "it to an OpenPGP self-"
716 "signature? (y/N) ")))
719 node->flag |= NODFLG_DELSIG;
725 /* Is the current signature expired? */
726 if (node->pkt->pkt.signature->flags.expired)
728 tty_printf (_("Your current signature on \"%s\"\n"
729 "has expired.\n"), user);
731 if (cpr_get_answer_is_yes
732 ("sign_uid.replace_expired_okay",
733 _("Do you want to issue a "
734 "new signature to replace "
735 "the expired one? (y/N) ")))
737 /* Mark these for later deletion. We
738 don't want to delete them here, just in
739 case the replacement signature doesn't
740 happen for some reason. We only delete
741 these after the replacement is already
744 node->flag |= NODFLG_DELSIG;
750 if (!node->pkt->pkt.signature->flags.exportable && !local)
752 /* It's a local sig, and we want to make a
754 tty_printf (_("Your current signature on \"%s\"\n"
755 "is a local signature.\n"), user);
757 if (cpr_get_answer_is_yes
758 ("sign_uid.local_promote_okay",
759 _("Do you want to promote "
760 "it to a full exportable " "signature? (y/N) ")))
762 /* Mark these for later deletion. We
763 don't want to delete them here, just in
764 case the replacement signature doesn't
765 happen for some reason. We only delete
766 these after the replacement is already
769 node->flag |= NODFLG_DELSIG;
775 /* Fixme: see whether there is a revocation in which
776 * case we should allow to sign it again. */
777 if (!node->pkt->pkt.signature->flags.exportable && local)
779 (_("\"%s\" was already locally signed by key %s\n"),
780 user, keystr_from_pk (pk));
782 tty_printf (_("\"%s\" was already signed by key %s\n"),
783 user, keystr_from_pk (pk));
786 && cpr_get_answer_is_yes ("sign_uid.dupe_okay",
787 _("Do you want to sign it "
788 "again anyway? (y/N) ")))
790 /* Don't delete the old sig here since this is
791 an --expert thing. */
796 snprintf (buf, sizeof buf, "%08lX%08lX",
797 (ulong) pk->keyid[0], (ulong) pk->keyid[1]);
798 write_status_text (STATUS_ALREADY_SIGNED, buf);
799 uidnode->flag &= ~NODFLG_MARK_A; /* remove mark */
806 /* Check whether any uids are left for signing. */
807 if (!count_uids_with_flag (keyblock, NODFLG_MARK_A))
809 tty_printf (_("Nothing to sign with key %s\n"),
810 keystr_from_pk (pk));
814 /* Ask whether we really should sign these user id(s). */
816 show_key_with_all_names (keyblock, 1, 0, 1, 0, 0);
819 if (primary_pk->expiredate && !selfsig)
821 u32 now = make_timestamp ();
823 if (primary_pk->expiredate <= now)
825 tty_printf (_("This key has expired!"));
830 if (!cpr_get_answer_is_yes ("sign_uid.expired_okay",
831 _("Are you sure you still "
832 "want to sign it? (y/N) ")))
837 tty_printf (_(" Unable to sign.\n"));
843 tty_printf (_("This key is due to expire on %s.\n"),
844 expirestr_from_pk (primary_pk));
846 if (opt.ask_cert_expire)
848 char *answer = cpr_get ("sign_uid.expire",
849 _("Do you want your signature to "
850 "expire at the same time? (Y/n) "));
851 if (answer_is_yes_no_default (answer, 1))
853 /* This fixes the signature timestamp we're
854 going to make as now. This is so the
855 expiration date is exactly correct, and not
856 a few seconds off (due to the time it takes
857 to answer the questions, enter the
860 duration = primary_pk->expiredate - now;
870 /* Only ask for duration if we haven't already set it to match
871 the expiration of the pk */
872 if (!duration && !selfsig)
874 if (opt.ask_cert_expire)
875 duration = ask_expire_interval (1, opt.def_cert_expire);
877 duration = parse_expire_string (opt.def_cert_expire);
883 /* Is --pgp2 on, it's a v3 key, all the sigs on the key are
884 currently v3 and we're about to sign it with a v4 sig? If
886 if (PGP2 && all_v3 &&
887 (pk->version > 3 || force_v4) && primary_pk->version <= 3)
889 tty_printf (_("You may not make an OpenPGP signature on a "
890 "PGP 2.x key while in --pgp2 mode.\n"));
891 tty_printf (_("This would make the key unusable in PGP 2.x.\n"));
895 if (!cpr_get_answer_is_yes ("sign_uid.v4_on_v3_okay",
896 _("Are you sure you still "
897 "want to sign it? (y/N) ")))
910 if (opt.batch || !opt.ask_cert_level)
911 class = 0x10 + opt.def_cert_level;
916 tty_printf (_("How carefully have you verified the key you are "
917 "about to sign actually belongs\nto the person "
918 "named above? If you don't know what to "
919 "answer, enter \"0\".\n"));
921 tty_printf (_(" (0) I will not answer.%s\n"),
922 opt.def_cert_level == 0 ? " (default)" : "");
923 tty_printf (_(" (1) I have not checked at all.%s\n"),
924 opt.def_cert_level == 1 ? " (default)" : "");
925 tty_printf (_(" (2) I have done casual checking.%s\n"),
926 opt.def_cert_level == 2 ? " (default)" : "");
927 tty_printf (_(" (3) I have done very careful checking.%s\n"),
928 opt.def_cert_level == 3 ? " (default)" : "");
933 answer = cpr_get ("sign_uid.class",
935 "(enter '?' for more information): "));
936 if (answer[0] == '\0')
937 class = 0x10 + opt.def_cert_level; /* Default */
938 else if (ascii_strcasecmp (answer, "0") == 0)
939 class = 0x10; /* Generic */
940 else if (ascii_strcasecmp (answer, "1") == 0)
941 class = 0x11; /* Persona */
942 else if (ascii_strcasecmp (answer, "2") == 0)
943 class = 0x12; /* Casual */
944 else if (ascii_strcasecmp (answer, "3") == 0)
945 class = 0x13; /* Positive */
947 tty_printf (_("Invalid selection.\n"));
954 trustsig_prompt (&trust_value, &trust_depth, &trust_regexp);
957 p = get_user_id_native (sk_keyid);
958 tty_printf (_("Are you sure that you want to sign this key with your\n"
959 "key \"%s\" (%s)\n"), p, keystr_from_pk (pk));
965 tty_printf (_("This will be a self-signature.\n"));
970 tty_printf (_("WARNING: the signature will not be marked "
971 "as non-exportable.\n"));
977 tty_printf (_("WARNING: the signature will not be marked "
978 "as non-revocable.\n"));
987 (_("The signature will be marked as non-exportable.\n"));
994 (_("The signature will be marked as non-revocable.\n"));
1001 tty_printf (_("I have not checked this key at all.\n"));
1006 tty_printf (_("I have checked this key casually.\n"));
1011 tty_printf (_("I have checked this key very carefully.\n"));
1018 if (opt.batch && opt.answer_yes)
1020 else if (!cpr_get_answer_is_yes ("sign_uid.okay",
1021 _("Really sign? (y/N) ")))
1024 /* Now we can sign the user ids. */
1025 reloop: /* (Must use this, because we are modifing the list.) */
1027 for (node = keyblock; node; node = node->next)
1029 if (node->pkt->pkttype == PKT_PUBLIC_KEY)
1030 primary_pk = node->pkt->pkt.public_key;
1031 else if (node->pkt->pkttype == PKT_USER_ID
1032 && (node->flag & NODFLG_MARK_A))
1036 struct sign_attrib attrib;
1038 assert (primary_pk);
1039 memset (&attrib, 0, sizeof attrib);
1040 attrib.non_exportable = local;
1041 attrib.non_revocable = nonrevocable;
1042 attrib.trust_depth = trust_depth;
1043 attrib.trust_value = trust_value;
1044 attrib.trust_regexp = trust_regexp;
1045 node->flag &= ~NODFLG_MARK_A;
1047 /* We force creation of a v4 signature for local
1048 * signatures, otherwise we would not generate the
1049 * subpacket with v3 keys and the signature becomes
1053 rc = make_keysig_packet (&sig, primary_pk,
1054 node->pkt->pkt.user_id,
1057 0x13, 0, force_v4 ? 4 : 0, 0, 0,
1058 keygen_add_std_prefs, primary_pk,
1061 rc = make_keysig_packet (&sig, primary_pk,
1062 node->pkt->pkt.user_id,
1065 class, 0, force_v4 ? 4 : 0,
1066 timestamp, duration,
1067 sign_mk_attrib, &attrib,
1071 log_error (_("signing failed: %s\n"), g10_errstr (rc));
1075 *ret_modified = 1; /* We changed the keyblock. */
1078 pkt = xmalloc_clear (sizeof *pkt);
1079 pkt->pkttype = PKT_SIGNATURE;
1080 pkt->pkt.signature = sig;
1081 insert_kbnode (node, new_kbnode (pkt), PKT_SIGNATURE);
1086 /* Delete any sigs that got promoted */
1087 for (node = keyblock; node; node = node->next)
1088 if (node->flag & NODFLG_DELSIG)
1089 delete_kbnode (node);
1090 } /* End loop over signators. */
1093 release_sk_list (sk_list);
1099 * Change the passphrase of the primary and all secondary keys. Note
1100 * that it is common to use only one passphrase for the primary and
1101 * all subkeys. However, this is now (since GnuPG 2.1) all up to the
1102 * gpg-agent. Returns 0 on success or an error code.
1105 change_passphrase (ctrl_t ctrl, kbnode_t keyblock)
1111 u32 keyid[2], subid[2];
1112 char *hexgrip = NULL;
1113 char *cache_nonce = NULL;
1114 char *passwd_nonce = NULL;
1116 node = find_kbnode (keyblock, PKT_PUBLIC_KEY);
1119 log_error ("Oops; public key missing!\n");
1120 err = gpg_error (GPG_ERR_INTERNAL);
1123 pk = node->pkt->pkt.public_key;
1124 keyid_from_pk (pk, keyid);
1126 /* Check whether it is likely that we will be able to change the
1127 passphrase for any subkey. */
1128 for (any = 0, node = keyblock; node; node = node->next)
1130 if (node->pkt->pkttype == PKT_PUBLIC_KEY
1131 || node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
1135 pk = node->pkt->pkt.public_key;
1136 keyid_from_pk (pk, subid);
1139 err = hexkeygrip_from_pk (pk, &hexgrip);
1142 err = agent_get_keyinfo (ctrl, hexgrip, &serialno);
1143 if (!err && serialno)
1144 ; /* Key on card. */
1145 else if (gpg_err_code (err) == GPG_ERR_NOT_FOUND)
1146 ; /* Maybe stub key. */
1148 any = 1; /* Key is known. */
1150 log_error ("key %s: error getting keyinfo from agent: %s\n",
1151 keystr_with_sub (keyid, subid), gpg_strerror (err));
1158 tty_printf (_("Key has only stub or on-card key items - "
1159 "no passphrase to change.\n"));
1163 /* Change the passphrase for all keys. */
1164 for (any = 0, node = keyblock; node; node = node->next)
1166 if (node->pkt->pkttype == PKT_PUBLIC_KEY
1167 || node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
1171 pk = node->pkt->pkt.public_key;
1172 keyid_from_pk (pk, subid);
1175 err = hexkeygrip_from_pk (pk, &hexgrip);
1179 desc = gpg_format_keydesc (pk, 0, 1);
1180 err = agent_passwd (ctrl, hexgrip, desc, &cache_nonce, &passwd_nonce);
1184 log_log ((gpg_err_code (err) == GPG_ERR_CANCELED
1185 || gpg_err_code (err) == GPG_ERR_FULLY_CANCELED)
1186 ? JNLIB_LOG_INFO : JNLIB_LOG_ERROR,
1187 _("key %s: error changing passphrase: %s\n"),
1188 keystr_with_sub (keyid, subid),
1189 gpg_strerror (err));
1190 if (gpg_err_code (err) == GPG_ERR_FULLY_CANCELED)
1197 xfree (cache_nonce);
1198 xfree (passwd_nonce);
1205 * There are some keys out (due to a bug in gnupg), where the sequence
1206 * of the packets is wrong. This function fixes that.
1207 * Returns: true if the keyblock has been fixed.
1209 * Note: This function does not work if there is more than one user ID.
1212 fix_keyblock (KBNODE keyblock)
1214 KBNODE node, last, subkey;
1217 /* Locate key signatures of class 0x10..0x13 behind sub key packets. */
1218 for (subkey = last = NULL, node = keyblock; node;
1219 last = node, node = node->next)
1221 switch (node->pkt->pkttype)
1223 case PKT_PUBLIC_SUBKEY:
1224 case PKT_SECRET_SUBKEY:
1226 subkey = last; /* Actually it is the one before the subkey. */
1231 PKT_signature *sig = node->pkt->pkt.signature;
1232 if (sig->sig_class >= 0x10 && sig->sig_class <= 0x13)
1234 log_info (_("moving a key signature to the correct place\n"));
1235 last->next = node->next;
1236 node->next = subkey->next;
1237 subkey->next = node;
1253 parse_sign_type (const char *str, int *localsig, int *nonrevokesig,
1256 const char *p = str;
1260 if (ascii_strncasecmp (p, "l", 1) == 0)
1265 else if (ascii_strncasecmp (p, "nr", 2) == 0)
1270 else if (ascii_strncasecmp (p, "t", 1) == 0)
1285 * Menu driven key editor. If seckey_check is true, then a secret key
1286 * that matches username will be looked for. If it is false, not all
1287 * commands will be available.
1289 * Note: to keep track of certain selections we use node->mark MARKBIT_xxxx.
1292 /* Need an SK for this command */
1293 #define KEYEDIT_NEED_SK 1
1294 /* Cannot be viewing the SK for this command */
1295 #define KEYEDIT_NOT_SK 2
1296 /* Must be viewing the SK for this command */
1297 #define KEYEDIT_ONLY_SK 4
1298 /* Match the tail of the string */
1299 #define KEYEDIT_TAIL_MATCH 8
1304 cmdQUIT, cmdHELP, cmdFPR, cmdLIST, cmdSELUID, cmdCHECK, cmdSIGN,
1305 cmdREVSIG, cmdREVKEY, cmdREVUID, cmdDELSIG, cmdPRIMARY, cmdDEBUG,
1306 cmdSAVE, cmdADDUID, cmdADDPHOTO, cmdDELUID, cmdADDKEY, cmdDELKEY,
1307 cmdADDREVOKER, cmdTOGGLE, cmdSELKEY, cmdPASSWD, cmdTRUST, cmdPREF,
1308 cmdEXPIRE, cmdBACKSIGN, cmdENABLEKEY, cmdDISABLEKEY, cmdSHOWPREF,
1309 cmdSETPREF, cmdPREFKS, cmdNOTATION, cmdINVCMD, cmdSHOWPHOTO, cmdUPDTRUST,
1310 cmdCHKTRUST, cmdADDCARDKEY, cmdKEYTOCARD, cmdBKUPTOCARD, cmdCHECKBKUPKEY,
1311 cmdCLEAN, cmdMINIMIZE, cmdNOP
1322 { "quit", cmdQUIT, 0, N_("quit this menu")},
1323 { "q", cmdQUIT, 0, NULL},
1324 { "save", cmdSAVE, 0, N_("save and quit")},
1325 { "help", cmdHELP, 0, N_("show this help")},
1326 { "?", cmdHELP, 0, NULL},
1327 { "fpr", cmdFPR, 0, N_("show key fingerprint")},
1328 { "list", cmdLIST, 0, N_("list key and user IDs")},
1329 { "l", cmdLIST, 0, NULL},
1330 { "uid", cmdSELUID, 0, N_("select user ID N")},
1331 { "key", cmdSELKEY, 0, N_("select subkey N")},
1332 { "check", cmdCHECK, 0, N_("check signatures")},
1333 { "c", cmdCHECK, 0, NULL},
1334 { "cross-certify", cmdBACKSIGN, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK, NULL},
1335 { "backsign", cmdBACKSIGN, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK, NULL},
1336 { "sign", cmdSIGN, KEYEDIT_NOT_SK | KEYEDIT_TAIL_MATCH,
1337 N_("sign selected user IDs [* see below for related commands]")},
1338 { "s", cmdSIGN, KEYEDIT_NOT_SK, NULL},
1339 /* "lsign" and friends will never match since "sign" comes first
1340 and it is a tail match. They are just here so they show up in
1342 { "lsign", cmdNOP, 0, N_("sign selected user IDs locally")},
1343 { "tsign", cmdNOP, 0, N_("sign selected user IDs with a trust signature")},
1344 { "nrsign", cmdNOP, 0,
1345 N_("sign selected user IDs with a non-revocable signature")},
1346 { "debug", cmdDEBUG, 0, NULL},
1347 { "adduid", cmdADDUID, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK, N_("add a user ID")},
1348 { "addphoto", cmdADDPHOTO, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
1349 N_("add a photo ID")},
1350 { "deluid", cmdDELUID, KEYEDIT_NOT_SK, N_("delete selected user IDs")},
1351 /* delphoto is really deluid in disguise */
1352 { "delphoto", cmdDELUID, KEYEDIT_NOT_SK, NULL},
1353 { "addkey", cmdADDKEY, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK, N_("add a subkey")},
1354 #ifdef ENABLE_CARD_SUPPORT
1355 { "addcardkey", cmdADDCARDKEY, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
1356 N_("add a key to a smartcard")},
1357 { "keytocard", cmdKEYTOCARD, KEYEDIT_NEED_SK | KEYEDIT_ONLY_SK,
1358 N_("move a key to a smartcard")},
1359 { "bkuptocard", cmdBKUPTOCARD, KEYEDIT_NEED_SK | KEYEDIT_ONLY_SK,
1360 N_("move a backup key to a smartcard")},
1361 { "checkbkupkey", cmdCHECKBKUPKEY, KEYEDIT_NEED_SK | KEYEDIT_ONLY_SK, NULL},
1362 #endif /*ENABLE_CARD_SUPPORT */
1363 { "delkey", cmdDELKEY, KEYEDIT_NOT_SK, N_("delete selected subkeys")},
1364 { "addrevoker", cmdADDREVOKER, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
1365 N_("add a revocation key")},
1366 { "delsig", cmdDELSIG, KEYEDIT_NOT_SK,
1367 N_("delete signatures from the selected user IDs")},
1368 { "expire", cmdEXPIRE, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
1369 N_("change the expiration date for the key or selected subkeys")},
1370 { "primary", cmdPRIMARY, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
1371 N_("flag the selected user ID as primary")},
1372 { "toggle", cmdTOGGLE, KEYEDIT_NEED_SK,
1373 N_("toggle between the secret and public key listings")},
1374 { "t", cmdTOGGLE, KEYEDIT_NEED_SK, NULL},
1375 { "pref", cmdPREF, KEYEDIT_NOT_SK, N_("list preferences (expert)")},
1376 { "showpref", cmdSHOWPREF, KEYEDIT_NOT_SK, N_("list preferences (verbose)")},
1377 { "setpref", cmdSETPREF, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
1378 N_("set preference list for the selected user IDs")},
1379 { "updpref", cmdSETPREF, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK, NULL},
1380 { "keyserver", cmdPREFKS, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
1381 N_("set the preferred keyserver URL for the selected user IDs")},
1382 { "notation", cmdNOTATION, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
1383 N_("set a notation for the selected user IDs")},
1384 { "passwd", cmdPASSWD, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
1385 N_("change the passphrase")},
1386 { "password", cmdPASSWD, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK, NULL},
1387 { "trust", cmdTRUST, KEYEDIT_NOT_SK, N_("change the ownertrust")},
1388 { "revsig", cmdREVSIG, KEYEDIT_NOT_SK,
1389 N_("revoke signatures on the selected user IDs")},
1390 { "revuid", cmdREVUID, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
1391 N_("revoke selected user IDs")},
1392 { "revphoto", cmdREVUID, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK, NULL},
1393 { "revkey", cmdREVKEY, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
1394 N_("revoke key or selected subkeys")},
1395 { "enable", cmdENABLEKEY, KEYEDIT_NOT_SK, N_("enable key")},
1396 { "disable", cmdDISABLEKEY, KEYEDIT_NOT_SK, N_("disable key")},
1397 { "showphoto", cmdSHOWPHOTO, 0, N_("show selected photo IDs")},
1398 { "clean", cmdCLEAN, KEYEDIT_NOT_SK,
1399 N_("compact unusable user IDs and remove unusable signatures from key")},
1400 { "minimize", cmdMINIMIZE, KEYEDIT_NOT_SK,
1401 N_("compact unusable user IDs and remove all signatures from key")},
1403 { NULL, cmdNONE, 0, NULL}
1408 #ifdef HAVE_LIBREADLINE
1411 These two functions are used by readline for command completion.
1415 command_generator (const char *text, int state)
1417 static int list_index, len;
1420 /* If this is a new word to complete, initialize now. This includes
1421 saving the length of TEXT for efficiency, and initializing the
1422 index variable to 0. */
1426 len = strlen (text);
1429 /* Return the next partial match */
1430 while ((name = cmds[list_index].name))
1432 /* Only complete commands that have help text */
1433 if (cmds[list_index++].desc && strncmp (name, text, len) == 0)
1434 return strdup (name);
1441 keyedit_completion (const char *text, int start, int end)
1443 /* If we are at the start of a line, we try and command-complete.
1444 If not, just do nothing for now. */
1449 return rl_completion_matches (text, command_generator);
1451 rl_attempted_completion_over = 1;
1455 #endif /* HAVE_LIBREADLINE */
1459 /* Main function of the menu driven key editor. */
1461 keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
1462 strlist_t commands, int quiet, int seckey_check)
1464 enum cmdids cmd = 0;
1465 gpg_error_t err = 0;
1466 KBNODE keyblock = NULL;
1467 KEYDB_HANDLE kdbhd = NULL;
1468 int have_seckey = 0;
1469 char *answer = NULL;
1473 int have_commands = !!commands;
1475 if (opt.command_fd != -1)
1477 else if (opt.batch && !have_commands)
1479 log_error (_("can't do this in batch mode\n"));
1483 #ifdef HAVE_W32_SYSTEM
1484 /* Due to Windows peculiarities we need to make sure that the
1485 trustdb stale check is done before we open another file
1486 (i.e. by searching for a key). In theory we could make sure
1487 that the files are closed after use but the open/close caches
1488 inhibits that and flushing the cache right before the stale
1489 check is not easy to implement. Thus we take the easy way out
1490 and run the stale check as early as possible. Note, that for
1491 non- W32 platforms it is run indirectly trough a call to
1493 check_trustdb_stale ();
1496 /* Get the public key */
1497 err = get_pubkey_byname (ctrl, NULL, NULL, username, &keyblock, &kdbhd, 1, 1);
1500 if (fix_keyblock (keyblock))
1502 if (collapse_uids (&keyblock))
1504 reorder_keyblock (keyblock);
1505 /* We modified the keyblock, so let's make sure the flags are
1508 merge_keys_and_selfsig (keyblock);
1510 /* See whether we have a matching secret key. */
1513 have_seckey = !agent_probe_any_secret_key (ctrl, keyblock);
1514 if (have_seckey && !quiet)
1515 tty_printf (_("Secret key is available.\n"));
1520 /* Main command loop. */
1523 int i, arg_number, photo;
1524 const char *arg_string = "";
1526 PKT_public_key *pk = keyblock->pkt->pkt.public_key;
1530 if (redisplay && !quiet)
1532 show_key_with_all_names (keyblock, 0, 1, 0, 1, 0);
1543 answer = xstrdup (commands->d);
1544 commands = commands->next;
1548 answer = xstrdup ("quit");
1555 #ifdef HAVE_LIBREADLINE
1556 tty_enable_completion (keyedit_completion);
1558 answer = cpr_get_no_help ("keyedit.prompt", "gpg> ");
1560 tty_disable_completion ();
1562 trim_spaces (answer);
1564 while (*answer == '#');
1566 arg_number = 0; /* Here is the init which egcc complains about. */
1567 photo = 0; /* Same here. */
1570 else if (*answer == CONTROL_D)
1572 else if (digitp (answer))
1575 arg_number = atoi (answer);
1579 if ((p = strchr (answer, ' ')))
1582 trim_spaces (answer);
1584 arg_number = atoi (p);
1588 for (i = 0; cmds[i].name; i++)
1590 if (cmds[i].flags & KEYEDIT_TAIL_MATCH)
1592 size_t l = strlen (cmds[i].name);
1593 size_t a = strlen (answer);
1596 if (!ascii_strcasecmp (&answer[a - l], cmds[i].name))
1598 answer[a - l] = '\0';
1603 else if (!ascii_strcasecmp (answer, cmds[i].name))
1606 if ((cmds[i].flags & KEYEDIT_NEED_SK) && !have_seckey)
1608 tty_printf (_("Need the secret key to do this.\n"));
1611 else if (((cmds[i].flags & KEYEDIT_NOT_SK) && have_seckey && toggle)
1612 || ((cmds[i].flags & KEYEDIT_ONLY_SK) && have_seckey
1615 tty_printf (_("Please use the command \"toggle\" first.\n"));
1622 /* Dispatch the command. */
1626 for (i = 0; cmds[i].name; i++)
1628 if ((cmds[i].flags & KEYEDIT_NEED_SK) && !have_seckey)
1629 ; /* Skip those item if we do not have the secret key. */
1630 else if (cmds[i].desc)
1631 tty_printf ("%-11s %s\n", cmds[i].name, _(cmds[i].desc));
1636 (_("* The 'sign' command may be prefixed with an 'l' for local "
1637 "signatures (lsign),\n"
1638 " a 't' for trust signatures (tsign), an 'nr' for "
1639 "non-revocable signatures\n"
1640 " (nrsign), or any combination thereof (ltsign, "
1641 "tnrsign, etc.).\n"));
1649 show_key_and_fingerprint (keyblock);
1653 if (strlen (arg_string) == NAMEHASH_LEN * 2)
1654 redisplay = menu_select_uid_namehash (keyblock, arg_string);
1657 if (*arg_string == '*'
1658 && (!arg_string[1] || spacep (arg_string + 1)))
1659 arg_number = -1; /* Select all. */
1660 redisplay = menu_select_uid (keyblock, arg_number);
1666 if (*arg_string == '*'
1667 && (!arg_string[1] || spacep (arg_string + 1)))
1668 arg_number = -1; /* Select all. */
1669 if (menu_select_key (keyblock, arg_number))
1675 check_all_keysigs (keyblock, count_selected_uids (keyblock));
1680 int localsig = 0, nonrevokesig = 0, trustsig = 0, interactive = 0;
1682 if (pk->flags.revoked)
1684 tty_printf (_("Key is revoked."));
1689 if (!cpr_get_answer_is_yes
1690 ("keyedit.sign_revoked.okay",
1691 _("Are you sure you still want to sign it? (y/N) ")))
1696 tty_printf (_(" Unable to sign.\n"));
1701 if (count_uids (keyblock) > 1 && !count_selected_uids (keyblock)
1702 && !cpr_get_answer_is_yes ("keyedit.sign_all.okay",
1703 _("Really sign all user IDs?"
1706 if (opt.interactive)
1710 tty_printf (_("Hint: Select the user IDs to sign\n"));
1716 /* What sort of signing are we doing? */
1717 if (!parse_sign_type
1718 (answer, &localsig, &nonrevokesig, &trustsig))
1720 tty_printf (_("Unknown signature type '%s'\n"), answer);
1724 sign_uids (keyblock, locusr, &modified,
1725 localsig, nonrevokesig, trustsig, interactive);
1730 dump_kbnode (keyblock);
1734 /* The toggle command is a leftover from old gpg versions
1735 where we worked with a secret and a public keyring. It
1736 is not necessary anymore but we keep this command for the
1737 sake of scripts using it. */
1743 if (RFC2440 || RFC1991 || PGP2)
1745 tty_printf (_("This command is not allowed while in %s mode.\n"),
1746 compliance_option_string ());
1752 if (menu_adduid (keyblock, photo, arg_string))
1757 merge_keys_and_selfsig (keyblock);
1765 if (!(n1 = count_selected_uids (keyblock)))
1766 tty_printf (_("You must select at least one user ID.\n"));
1767 else if (real_uids_left (keyblock) < 1)
1768 tty_printf (_("You can't delete the last user ID!\n"));
1769 else if (cpr_get_answer_is_yes
1770 ("keyedit.remove.uid.okay",
1771 n1 > 1 ? _("Really remove all selected user IDs? (y/N) ")
1772 : _("Really remove this user ID? (y/N) ")))
1774 menu_deluid (keyblock);
1785 if (!(n1 = count_selected_uids (keyblock)))
1786 tty_printf (_("You must select at least one user ID.\n"));
1787 else if (menu_delsig (keyblock))
1789 /* No redisplay here, because it may scroll away some
1790 * of the status output of this command. */
1797 if (!generate_subkeypair (ctrl, keyblock))
1801 merge_keys_and_selfsig (keyblock);
1805 #ifdef ENABLE_CARD_SUPPORT
1807 if (!card_generate_subkey (keyblock))
1811 merge_keys_and_selfsig (keyblock);
1818 switch (count_selected_keys (keyblock))
1821 if (cpr_get_answer_is_yes
1822 ("keyedit.keytocard.use_primary",
1823 /* TRANSLATORS: Please take care: This is about
1824 moving the key and not about removing it. */
1825 _("Really move the primary key? (y/N) ")))
1829 for (node = keyblock; node; node = node->next)
1831 if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY
1832 && node->flag & NODFLG_SELKEY)
1837 tty_printf (_("You must select exactly one key.\n"));
1842 PKT_public_key *xxpk = node->pkt->pkt.public_key;
1843 if (card_store_subkey (node, xxpk ? xxpk->pubkey_usage : 0))
1846 /* Only the secret key has been modified; thus
1847 there is no need to set the modified flag. */
1854 case cmdCHECKBKUPKEY:
1855 log_debug ("FIXME: This needs to be changed\n");
1857 /* Ask for a filename, check whether this is really a
1858 backup key as generated by the card generation, parse
1859 that key and store it on card. */
1868 tty_printf (_("Command expects a filename argument\n"));
1872 /* Open that file. */
1873 a = iobuf_open (fname);
1874 if (a && is_secured_file (iobuf_get_fd (a)))
1878 gpg_err_set_errno (EPERM);
1882 tty_printf (_("Can't open '%s': %s\n"),
1883 fname, strerror (errno));
1887 /* Parse and check that file. */
1888 pkt = xmalloc (sizeof *pkt);
1890 err = parse_packet (a, pkt);
1892 iobuf_ioctl (NULL, IOBUF_IOCTL_INVALIDATE_CACHE, 0, (char *) fname);
1893 if (!err && pkt->pkttype != PKT_SECRET_KEY
1894 && pkt->pkttype != PKT_SECRET_SUBKEY)
1895 err = G10ERR_NO_SECKEY;
1898 tty_printf (_("Error reading backup key from '%s': %s\n"),
1899 fname, g10_errstr (err));
1904 node = new_kbnode (pkt);
1906 if (cmd == cmdCHECKBKUPKEY)
1908 /* PKT_public_key *sk = node->pkt->pkt.secret_key; */
1909 /* switch (is_secret_key_protected (sk)) */
1911 /* case 0: /\* Not protected. *\/ */
1912 /* tty_printf (_("This key is not protected.\n")); */
1915 /* log_error (_("unknown key protection algorithm\n")); */
1918 /* if (sk->protect.s2k.mode == 1001) */
1919 /* tty_printf (_("Secret parts of key" */
1920 /* " are not available.\n")); */
1921 /* if (sk->protect.s2k.mode == 1002) */
1922 /* tty_printf (_("Secret parts of key" */
1923 /* " are stored on-card.\n")); */
1925 /* check_secret_key (sk, 0); */
1928 else /* Store it. */
1930 if (card_store_subkey (node, 0))
1933 /* FIXME:sec_modified = 1;*/
1936 release_kbnode (node);
1940 #endif /* ENABLE_CARD_SUPPORT */
1946 if (!(n1 = count_selected_keys (keyblock)))
1947 tty_printf (_("You must select at least one key.\n"));
1948 else if (!cpr_get_answer_is_yes
1949 ("keyedit.remove.subkey.okay",
1950 n1 > 1 ? _("Do you really want to delete the "
1951 "selected keys? (y/N) ")
1952 : _("Do you really want to delete this key? (y/N) ")))
1956 menu_delkey (keyblock);
1967 if (ascii_strcasecmp (arg_string, "sensitive") == 0)
1969 if (menu_addrevoker (ctrl, keyblock, sensitive))
1973 merge_keys_and_selfsig (keyblock);
1982 if (!(n1 = count_selected_uids (keyblock)))
1983 tty_printf (_("You must select at least one user ID.\n"));
1984 else if (cpr_get_answer_is_yes
1985 ("keyedit.revoke.uid.okay",
1986 n1 > 1 ? _("Really revoke all selected user IDs? (y/N) ")
1987 : _("Really revoke this user ID? (y/N) ")))
1989 if (menu_revuid (keyblock))
2002 if (!(n1 = count_selected_keys (keyblock)))
2004 if (cpr_get_answer_is_yes ("keyedit.revoke.subkey.okay",
2005 _("Do you really want to revoke"
2006 " the entire key? (y/N) ")))
2008 if (menu_revkey (keyblock))
2014 else if (cpr_get_answer_is_yes ("keyedit.revoke.subkey.okay",
2016 _("Do you really want to revoke"
2017 " the selected subkeys? (y/N) ")
2018 : _("Do you really want to revoke"
2019 " this subkey? (y/N) ")))
2021 if (menu_revsubkey (keyblock))
2028 merge_keys_and_selfsig (keyblock);
2033 if (menu_expire (keyblock))
2035 merge_keys_and_selfsig (keyblock);
2042 if (menu_backsign (keyblock))
2050 if (menu_set_primary_uid (keyblock))
2052 merge_keys_and_selfsig (keyblock);
2059 change_passphrase (ctrl, keyblock);
2063 if (opt.trust_model == TM_EXTERNAL)
2065 tty_printf (_("Owner trust may not be set while "
2066 "using a user provided trust database\n"));
2070 show_key_with_all_names (keyblock, 0, 0, 0, 1, 0);
2072 if (edit_ownertrust (find_kbnode (keyblock,
2073 PKT_PUBLIC_KEY)->pkt->pkt.
2077 /* No real need to set update_trust here as
2078 edit_ownertrust() calls revalidation_mark()
2086 int count = count_selected_uids (keyblock);
2087 assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY);
2088 show_names (keyblock, keyblock->pkt->pkt.public_key,
2089 count ? NODFLG_SELUID : 0, 1);
2095 int count = count_selected_uids (keyblock);
2096 assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY);
2097 show_names (keyblock, keyblock->pkt->pkt.public_key,
2098 count ? NODFLG_SELUID : 0, 2);
2104 PKT_user_id *tempuid;
2106 keygen_set_std_prefs (!*arg_string ? "default" : arg_string, 0);
2108 tempuid = keygen_get_std_prefs ();
2109 tty_printf (_("Set preference list to:\n"));
2110 show_prefs (tempuid, NULL, 1);
2111 free_user_id (tempuid);
2113 if (cpr_get_answer_is_yes
2114 ("keyedit.setpref.okay",
2115 count_selected_uids (keyblock) ?
2116 _("Really update the preferences"
2117 " for the selected user IDs? (y/N) ")
2118 : _("Really update the preferences? (y/N) ")))
2120 if (menu_set_preferences (keyblock))
2122 merge_keys_and_selfsig (keyblock);
2131 if (menu_set_keyserver_url (*arg_string ? arg_string : NULL,
2134 merge_keys_and_selfsig (keyblock);
2141 if (menu_set_notation (*arg_string ? arg_string : NULL,
2144 merge_keys_and_selfsig (keyblock);
2154 if (menu_revsig (keyblock))
2163 if (enable_disable_key (keyblock, cmd == cmdDISABLEKEY))
2171 menu_showphoto (keyblock);
2175 if (menu_clean (keyblock, 0))
2176 redisplay = modified = 1;
2180 if (menu_clean (keyblock, 1))
2181 redisplay = modified = 1;
2189 if (!cpr_get_answer_is_yes ("keyedit.save.okay",
2190 _("Save changes? (y/N) ")))
2193 || cpr_get_answer_is_yes ("keyedit.cancel.okay",
2194 _("Quit without saving? (y/N) ")))
2202 err = keydb_update_keyblock (kdbhd, keyblock);
2205 log_error (_("update failed: %s\n"), g10_errstr (err));
2210 tty_printf (_("Key not changed so no update needed.\n"));
2214 revalidation_mark ();
2222 tty_printf (_("Invalid command (try \"help\")\n"));
2225 } /* End of the main command loop. */
2228 release_kbnode (keyblock);
2229 keydb_release (kdbhd);
2234 /* Change the passphrase of the secret key identified by USERNAME. */
2236 keyedit_passwd (ctrl_t ctrl, const char *username)
2240 kbnode_t keyblock = NULL;
2242 pk = xtrycalloc (1, sizeof *pk);
2245 err = gpg_error_from_syserror ();
2248 err = getkey_byname (NULL, pk, username, 1, &keyblock);
2252 err = change_passphrase (ctrl, keyblock);
2255 release_kbnode (keyblock);
2256 free_public_key (pk);
2259 log_info ("error changing the passphrase for '%s': %s\n",
2260 username, gpg_strerror (err));
2261 write_status_error ("keyedit.passwd", err);
2264 write_status_text (STATUS_SUCCESS, "keyedit.passwd");
2269 tty_print_notations (int indent, PKT_signature * sig)
2272 struct notation *notation, *nd;
2280 notation = sig_to_notation (sig);
2282 for (nd = notation; nd; nd = nd->next)
2285 tty_printf ("%*s", indent, "");
2289 tty_print_utf8_string (nd->name, strlen (nd->name));
2291 tty_print_utf8_string (nd->value, strlen (nd->value));
2295 free_notation (notation);
2300 * Show preferences of a public keyblock.
2303 show_prefs (PKT_user_id * uid, PKT_signature * selfsig, int verbose)
2305 const prefitem_t fake = { 0, 0 };
2306 const prefitem_t *prefs;
2321 int any, des_seen = 0, sha1_seen = 0, uncomp_seen = 0;
2324 tty_printf (_("Cipher: "));
2325 for (i = any = 0; prefs[i].type; i++)
2327 if (prefs[i].type == PREFTYPE_SYM)
2332 /* We don't want to display strings for experimental algos */
2333 if (!openpgp_cipher_test_algo (prefs[i].value)
2334 && prefs[i].value < 100)
2335 tty_printf ("%s", openpgp_cipher_algo_name (prefs[i].value));
2337 tty_printf ("[%d]", prefs[i].value);
2338 if (prefs[i].value == CIPHER_ALGO_3DES)
2346 tty_printf ("%s", openpgp_cipher_algo_name (CIPHER_ALGO_3DES));
2349 tty_printf (_("Digest: "));
2350 for (i = any = 0; prefs[i].type; i++)
2352 if (prefs[i].type == PREFTYPE_HASH)
2357 /* We don't want to display strings for experimental algos */
2358 if (!gcry_md_test_algo (prefs[i].value) && prefs[i].value < 100)
2359 tty_printf ("%s", gcry_md_algo_name (prefs[i].value));
2361 tty_printf ("[%d]", prefs[i].value);
2362 if (prefs[i].value == DIGEST_ALGO_SHA1)
2370 tty_printf ("%s", gcry_md_algo_name (DIGEST_ALGO_SHA1));
2373 tty_printf (_("Compression: "));
2374 for (i = any = 0; prefs[i].type; i++)
2376 if (prefs[i].type == PREFTYPE_ZIP)
2378 const char *s = compress_algo_to_string (prefs[i].value);
2383 /* We don't want to display strings for experimental algos */
2384 if (s && prefs[i].value < 100)
2385 tty_printf ("%s", s);
2387 tty_printf ("[%d]", prefs[i].value);
2388 if (prefs[i].value == COMPRESS_ALGO_NONE)
2398 tty_printf ("%s", compress_algo_to_string (COMPRESS_ALGO_ZIP));
2401 tty_printf ("%s", compress_algo_to_string (COMPRESS_ALGO_NONE));
2403 if (uid->flags.mdc || !uid->flags.ks_modify)
2406 tty_printf (_("Features: "));
2413 if (!uid->flags.ks_modify)
2417 tty_printf (_("Keyserver no-modify"));
2424 const byte *pref_ks;
2427 pref_ks = parse_sig_subpkt (selfsig->hashed,
2428 SIGSUBPKT_PREF_KS, &pref_ks_len);
2429 if (pref_ks && pref_ks_len)
2432 tty_printf (_("Preferred keyserver: "));
2433 tty_print_utf8_string (pref_ks, pref_ks_len);
2437 if (selfsig->flags.notation)
2440 tty_printf (_("Notations: "));
2441 tty_print_notations (5 + strlen (_("Notations: ")), selfsig);
2448 for (i = 0; prefs[i].type; i++)
2450 tty_printf (" %c%d", prefs[i].type == PREFTYPE_SYM ? 'S' :
2451 prefs[i].type == PREFTYPE_HASH ? 'H' :
2452 prefs[i].type == PREFTYPE_ZIP ? 'Z' : '?',
2456 tty_printf (" [mdc]");
2457 if (!uid->flags.ks_modify)
2458 tty_printf (" [no-ks-modify]");
2464 /* This is the version of show_key_with_all_names used when
2465 opt.with_colons is used. It prints all available data in a easy to
2466 parse format and does not translate utf8 */
2468 show_key_with_all_names_colon (KBNODE keyblock)
2471 int i, j, ulti_hack = 0;
2472 byte pk_version = 0;
2473 PKT_public_key *primary = NULL;
2476 for (node = keyblock; node; node = node->next)
2478 if (node->pkt->pkttype == PKT_PUBLIC_KEY
2479 || (node->pkt->pkttype == PKT_PUBLIC_SUBKEY))
2481 PKT_public_key *pk = node->pkt->pkt.public_key;
2484 if (node->pkt->pkttype == PKT_PUBLIC_KEY)
2486 pk_version = pk->version;
2490 keyid_from_pk (pk, keyid);
2492 fputs (node->pkt->pkttype == PKT_PUBLIC_KEY ? "pub:" : "sub:",
2494 if (!pk->flags.valid)
2496 else if (pk->flags.revoked)
2498 else if (pk->has_expired)
2500 else if (!(opt.fast_list_mode || opt.no_expensive_trust_checks))
2502 int trust = get_validity_info (pk, NULL);
2508 printf (":%u:%d:%08lX%08lX:%lu:%lu::",
2511 (ulong) keyid[0], (ulong) keyid[1],
2512 (ulong) pk->timestamp, (ulong) pk->expiredate);
2513 if (node->pkt->pkttype == PKT_PUBLIC_KEY
2514 && !(opt.fast_list_mode || opt.no_expensive_trust_checks))
2515 putchar (get_ownertrust_info (pk));
2519 /* Print capabilities. */
2520 if ((pk->pubkey_usage & PUBKEY_USAGE_ENC))
2522 if ((pk->pubkey_usage & PUBKEY_USAGE_SIG))
2524 if ((pk->pubkey_usage & PUBKEY_USAGE_CERT))
2526 if ((pk->pubkey_usage & PUBKEY_USAGE_AUTH))
2530 print_fingerprint (pk, 0);
2531 print_revokers (pk);
2537 for (node = keyblock; node; node = node->next)
2539 if (node->pkt->pkttype == PKT_USER_ID)
2541 PKT_user_id *uid = node->pkt->pkt.user_id;
2545 if (uid->attrib_data)
2550 if (uid->is_revoked)
2551 printf ("r::::::::");
2552 else if (uid->is_expired)
2553 printf ("e::::::::");
2554 else if (opt.fast_list_mode || opt.no_expensive_trust_checks)
2555 printf ("::::::::");
2560 if (primary && !ulti_hack)
2561 uid_validity = get_validity_info (primary, uid);
2564 printf ("%c::::::::", uid_validity);
2567 if (uid->attrib_data)
2568 printf ("%u %lu", uid->numattribs, uid->attrib_len);
2570 es_write_sanitized (es_stdout, uid->name, uid->len, ":", NULL);
2573 /* signature class */
2578 if (pk_version > 3 || uid->selfsigversion > 3)
2580 const prefitem_t *prefs = uid->prefs;
2582 for (j = 0; prefs && prefs[j].type; j++)
2586 printf ("%c%d", prefs[j].type == PREFTYPE_SYM ? 'S' :
2587 prefs[j].type == PREFTYPE_HASH ? 'H' :
2588 prefs[j].type == PREFTYPE_ZIP ? 'Z' : '?',
2593 if (!uid->flags.ks_modify)
2594 printf (",no-ks-modify");
2599 if (uid->is_primary)
2601 if (uid->is_revoked)
2603 if (uid->is_expired)
2605 if ((node->flag & NODFLG_SELUID))
2607 if ((node->flag & NODFLG_MARK_A))
2616 show_names (KBNODE keyblock, PKT_public_key * pk, unsigned int flag,
2622 for (node = keyblock; node; node = node->next)
2624 if (node->pkt->pkttype == PKT_USER_ID && !is_deleted_kbnode (node))
2626 PKT_user_id *uid = node->pkt->pkt.user_id;
2628 if (!flag || (flag && (node->flag & flag)))
2630 if (!(flag & NODFLG_MARK_A) && pk)
2631 tty_printf ("%s ", uid_trust_string_fixed (pk, uid));
2633 if (flag & NODFLG_MARK_A)
2635 else if (node->flag & NODFLG_SELUID)
2636 tty_printf ("(%d)* ", i);
2637 else if (uid->is_primary)
2638 tty_printf ("(%d). ", i);
2640 tty_printf ("(%d) ", i);
2641 tty_print_utf8_string (uid->name, uid->len);
2643 if (with_prefs && pk)
2645 if (pk->version > 3 || uid->selfsigversion > 3)
2647 PKT_signature *selfsig = NULL;
2650 for (signode = node->next;
2651 signode && signode->pkt->pkttype == PKT_SIGNATURE;
2652 signode = signode->next)
2654 if (signode->pkt->pkt.signature->
2655 flags.chosen_selfsig)
2657 selfsig = signode->pkt->pkt.signature;
2662 show_prefs (uid, selfsig, with_prefs == 2);
2665 tty_printf (_("There are no preferences on a"
2666 " PGP 2.x-style user ID.\n"));
2675 * Display the key a the user ids, if only_marked is true, do only
2676 * so for user ids with mark A flag set and dont display the index number
2679 show_key_with_all_names (KBNODE keyblock, int only_marked, int with_revoker,
2680 int with_fpr, int with_subkeys, int with_prefs)
2685 PKT_public_key *primary = NULL;
2687 if (opt.with_colons)
2689 show_key_with_all_names_colon (keyblock);
2694 for (node = keyblock; node; node = node->next)
2696 if (node->pkt->pkttype == PKT_PUBLIC_KEY
2697 || (with_subkeys && node->pkt->pkttype == PKT_PUBLIC_SUBKEY
2698 && !is_deleted_kbnode (node)))
2700 PKT_public_key *pk = node->pkt->pkt.public_key;
2701 const char *otrust = "err", *trust = "err";
2703 if (node->pkt->pkttype == PKT_PUBLIC_KEY)
2705 /* do it here, so that debug messages don't clutter the
2707 static int did_warn = 0;
2709 trust = get_validity_string (pk, NULL);
2710 otrust = get_ownertrust_string (pk);
2712 /* Show a warning once */
2714 && (get_validity (pk, NULL) & TRUST_FLAG_PENDING_CHECK))
2723 if (pk->flags.revoked)
2725 char *user = get_user_id_string_native (pk->revoked.keyid);
2726 tty_printf (_("The following key was revoked on"
2727 " %s by %s key %s\n"),
2728 revokestr_from_pk (pk),
2729 gcry_pk_algo_name (pk->revoked.algo), user);
2735 if (!pk->revkey && pk->numrevkeys)
2738 for (i = 0; i < pk->numrevkeys; i++)
2744 algo = gcry_pk_algo_name (pk->revkey[i].algid);
2745 keyid_from_fingerprint (pk->revkey[i].fpr,
2746 MAX_FINGERPRINT_LEN, r_keyid);
2748 user = get_user_id_string_native (r_keyid);
2749 tty_printf (_("This key may be revoked by %s key %s"),
2750 algo ? algo : "?", user);
2752 if (pk->revkey[i].class & 0x40)
2755 tty_printf (_("(sensitive)"));
2763 keyid_from_pk (pk, NULL);
2764 tty_printf ("%s%c %4u%c/%s ",
2765 node->pkt->pkttype == PKT_PUBLIC_KEY ? "pub" :
2766 node->pkt->pkttype == PKT_PUBLIC_SUBKEY ? "sub" :
2767 node->pkt->pkttype == PKT_SECRET_KEY ? "sec" : "ssb",
2768 (node->flag & NODFLG_SELKEY) ? '*' : ' ',
2770 pubkey_letter (pk->pubkey_algo), keystr (pk->keyid));
2772 tty_printf (_("created: %s"), datestr_from_pk (pk));
2774 if (pk->flags.revoked)
2775 tty_printf (_("revoked: %s"), revokestr_from_pk (pk));
2776 else if (pk->has_expired)
2777 tty_printf (_("expired: %s"), expirestr_from_pk (pk));
2779 tty_printf (_("expires: %s"), expirestr_from_pk (pk));
2781 tty_printf (_("usage: %s"), usagestr_from_pk (pk));
2785 && pk->seckey_info->is_protected
2786 && pk->seckey_info->s2k.mode == 1002)
2789 tty_printf (_("card-no: "));
2790 if (pk->seckey_info->ivlen == 16
2791 && !memcmp (pk->seckey_info->iv,
2792 "\xD2\x76\x00\x01\x24\x01", 6))
2794 /* This is an OpenPGP card. */
2795 for (i = 8; i < 14; i++)
2799 tty_printf ("%02X", pk->seckey_info->iv[i]);
2804 /* Unknown card: Print all. */
2805 for (i = 0; i < pk->seckey_info->ivlen; i++)
2806 tty_printf ("%02X", pk->seckey_info->iv[i]);
2811 if (node->pkt->pkttype == PKT_PUBLIC_KEY
2812 || node->pkt->pkttype == PKT_SECRET_KEY)
2814 if (opt.trust_model != TM_ALWAYS)
2816 tty_printf ("%*s", (int) keystrlen () + 13, "");
2817 /* Ownertrust is only meaningful for the PGP or
2818 classic trust models */
2819 if (opt.trust_model == TM_PGP
2820 || opt.trust_model == TM_CLASSIC)
2822 int width = 14 - strlen (otrust);
2825 tty_printf (_("trust: %s"), otrust);
2826 tty_printf ("%*s", width, "");
2829 tty_printf (_("validity: %s"), trust);
2832 if (node->pkt->pkttype == PKT_PUBLIC_KEY
2833 && (get_ownertrust (pk) & TRUST_FLAG_DISABLED))
2835 tty_printf ("*** ");
2836 tty_printf (_("This key has been disabled"));
2841 if ((node->pkt->pkttype == PKT_PUBLIC_KEY
2842 || node->pkt->pkttype == PKT_SECRET_KEY) && with_fpr)
2844 print_fingerprint (pk, 2);
2850 show_names (keyblock, primary, only_marked ? NODFLG_MARK_A : 0, with_prefs);
2853 tty_printf (_("Please note that the shown key validity"
2854 " is not necessarily correct\n"
2855 "unless you restart the program.\n"));
2859 /* Display basic key information. This function is suitable to show
2860 information on the key without any dependencies on the trustdb or
2861 any other internal GnuPG stuff. KEYBLOCK may either be a public or
2864 show_basic_key_info (KBNODE keyblock)
2869 /* The primary key */
2870 for (node = keyblock; node; node = node->next)
2872 if (node->pkt->pkttype == PKT_PUBLIC_KEY
2873 || node->pkt->pkttype == PKT_SECRET_KEY)
2875 PKT_public_key *pk = node->pkt->pkt.public_key;
2877 /* Note, we use the same format string as in other show
2878 functions to make the translation job easier. */
2879 tty_printf ("%s %4u%c/%s ",
2880 node->pkt->pkttype == PKT_PUBLIC_KEY ? "pub" :
2881 node->pkt->pkttype == PKT_PUBLIC_SUBKEY ? "sub" :
2882 node->pkt->pkttype == PKT_SECRET_KEY ? "sec" :"ssb",
2884 pubkey_letter (pk->pubkey_algo), keystr_from_pk (pk));
2885 tty_printf (_("created: %s"), datestr_from_pk (pk));
2887 tty_printf (_("expires: %s"), expirestr_from_pk (pk));
2889 print_fingerprint (pk, 3);
2895 for (i = 0, node = keyblock; node; node = node->next)
2897 if (node->pkt->pkttype == PKT_USER_ID)
2899 PKT_user_id *uid = node->pkt->pkt.user_id;
2903 if (uid->is_revoked)
2904 tty_printf ("[%s] ", _("revoked"));
2905 else if (uid->is_expired)
2906 tty_printf ("[%s] ", _("expired"));
2907 tty_print_utf8_string (uid->name, uid->len);
2914 show_key_and_fingerprint (KBNODE keyblock)
2917 PKT_public_key *pk = NULL;
2919 for (node = keyblock; node; node = node->next)
2921 if (node->pkt->pkttype == PKT_PUBLIC_KEY)
2923 pk = node->pkt->pkt.public_key;
2924 tty_printf ("pub %4u%c/%s %s ",
2926 pubkey_letter (pk->pubkey_algo),
2927 keystr_from_pk (pk), datestr_from_pk (pk));
2929 else if (node->pkt->pkttype == PKT_USER_ID)
2931 PKT_user_id *uid = node->pkt->pkt.user_id;
2932 tty_print_utf8_string (uid->name, uid->len);
2938 print_fingerprint (pk, 2);
2942 /* Show a warning if no uids on the key have the primary uid flag
2945 no_primary_warning (KBNODE keyblock)
2948 int have_primary = 0, uid_count = 0;
2950 /* TODO: if we ever start behaving differently with a primary or
2951 non-primary attribute ID, we will need to check for attributes
2954 for (node = keyblock; node; node = node->next)
2956 if (node->pkt->pkttype == PKT_USER_ID
2957 && node->pkt->pkt.user_id->attrib_data == NULL)
2961 if (node->pkt->pkt.user_id->is_primary == 2)
2969 if (uid_count > 1 && !have_primary)
2971 ("WARNING: no user ID has been marked as primary. This command"
2972 " may\n cause a different user ID to become"
2973 " the assumed primary.\n"));
2978 * Ask for a new user id, add the self-signature and update the keyblock.
2979 * Return true if there is a new user id
2982 menu_adduid (KBNODE pub_keyblock, int photo, const char *photo_name)
2985 PKT_public_key *pk = NULL;
2986 PKT_signature *sig = NULL;
2989 KBNODE pub_where = NULL;
2992 for (node = pub_keyblock; node; pub_where = node, node = node->next)
2994 if (node->pkt->pkttype == PKT_PUBLIC_KEY)
2995 pk = node->pkt->pkt.public_key;
2996 else if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
2999 if (!node) /* No subkey. */
3007 for (node = pub_keyblock; node; node = node->next)
3008 if (node->pkt->pkttype == PKT_USER_ID &&
3009 node->pkt->pkt.user_id->attrib_data != NULL)
3015 /* It is legal but bad for compatibility to add a photo ID to a
3016 v3 key as it means that PGP2 will not be able to use that key
3017 anymore. Also, PGP may not expect a photo on a v3 key.
3018 Don't bother to ask this if the key already has a photo - any
3019 damage has already been done at that point. -dms */
3020 if (pk->version == 3 && !hasattrib)
3024 tty_printf (_("WARNING: This is a PGP2-style key. "
3025 "Adding a photo ID may cause some versions\n"
3026 " of PGP to reject this key.\n"));
3028 if (!cpr_get_answer_is_yes ("keyedit.v3_photo.okay",
3029 _("Are you sure you still want "
3030 "to add it? (y/N) ")))
3035 tty_printf (_("You may not add a photo ID to "
3036 "a PGP2-style key.\n"));
3041 uid = generate_photo_id (pk, photo_name);
3044 uid = generate_user_id (pub_keyblock);
3048 err = make_keysig_packet (&sig, pk, uid, NULL, pk, 0x13, 0, 0, 0, 0,
3049 keygen_add_std_prefs, pk, NULL);
3052 log_error ("signing failed: %s\n", g10_errstr (err));
3057 /* Insert/append to public keyblock */
3058 pkt = xmalloc_clear (sizeof *pkt);
3059 pkt->pkttype = PKT_USER_ID;
3060 pkt->pkt.user_id = uid;
3061 node = new_kbnode (pkt);
3063 insert_kbnode (pub_where, node, 0);
3065 add_kbnode (pub_keyblock, node);
3066 pkt = xmalloc_clear (sizeof *pkt);
3067 pkt->pkttype = PKT_SIGNATURE;
3068 pkt->pkt.signature = copy_signature (NULL, sig);
3070 insert_kbnode (node, new_kbnode (pkt), 0);
3072 add_kbnode (pub_keyblock, new_kbnode (pkt));
3078 * Remove all selected userids from the keyring
3081 menu_deluid (KBNODE pub_keyblock)
3086 for (node = pub_keyblock; node; node = node->next)
3088 if (node->pkt->pkttype == PKT_USER_ID)
3090 selected = node->flag & NODFLG_SELUID;
3093 /* Only cause a trust update if we delete a
3094 non-revoked user id */
3095 if (!node->pkt->pkt.user_id->is_revoked)
3097 delete_kbnode (node);
3100 else if (selected && node->pkt->pkttype == PKT_SIGNATURE)
3101 delete_kbnode (node);
3102 else if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
3105 commit_kbnode (&pub_keyblock);
3110 menu_delsig (KBNODE pub_keyblock)
3113 PKT_user_id *uid = NULL;
3116 for (node = pub_keyblock; node; node = node->next)
3118 if (node->pkt->pkttype == PKT_USER_ID)
3120 uid = (node->flag & NODFLG_SELUID) ? node->pkt->pkt.user_id : NULL;
3122 else if (uid && node->pkt->pkttype == PKT_SIGNATURE)
3124 int okay, valid, selfsig, inv_sig, no_key, other_err;
3126 tty_printf ("uid ");
3127 tty_print_utf8_string (uid->name, uid->len);
3130 okay = inv_sig = no_key = other_err = 0;
3131 if (opt.with_colons)
3132 valid = print_and_check_one_sig_colon (pub_keyblock, node,
3134 &other_err, &selfsig, 1);
3136 valid = print_and_check_one_sig (pub_keyblock, node,
3137 &inv_sig, &no_key, &other_err,
3142 okay = cpr_get_answer_yes_no_quit
3143 ("keyedit.delsig.valid",
3144 _("Delete this good signature? (y/N/q)"));
3146 /* Only update trust if we delete a good signature.
3147 The other two cases do not affect trust. */
3151 else if (inv_sig || other_err)
3152 okay = cpr_get_answer_yes_no_quit
3153 ("keyedit.delsig.invalid",
3154 _("Delete this invalid signature? (y/N/q)"));
3156 okay = cpr_get_answer_yes_no_quit
3157 ("keyedit.delsig.unknown",
3158 _("Delete this unknown signature? (y/N/q)"));
3163 && !cpr_get_answer_is_yes
3164 ("keyedit.delsig.selfsig",
3165 _("Really delete this self-signature? (y/N)")))
3169 delete_kbnode (node);
3174 else if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
3180 commit_kbnode (&pub_keyblock);
3181 tty_printf (changed == 1 ? _("Deleted %d signature.\n")
3182 : _("Deleted %d signatures.\n"), changed);
3185 tty_printf (_("Nothing deleted.\n"));
3192 menu_clean (KBNODE keyblock, int self_only)
3195 int modified = 0, select_all = !count_selected_uids (keyblock);
3197 for (uidnode = keyblock->next;
3198 uidnode && uidnode->pkt->pkttype != PKT_PUBLIC_SUBKEY;
3199 uidnode = uidnode->next)
3201 if (uidnode->pkt->pkttype == PKT_USER_ID
3202 && (uidnode->flag & NODFLG_SELUID || select_all))
3204 int uids = 0, sigs = 0;
3205 char *user = utf8_to_native (uidnode->pkt->pkt.user_id->name,
3206 uidnode->pkt->pkt.user_id->len,
3209 clean_one_uid (keyblock, uidnode, opt.verbose, self_only, &uids,
3215 if (uidnode->pkt->pkt.user_id->is_revoked)
3216 reason = _("revoked");
3217 else if (uidnode->pkt->pkt.user_id->is_expired)
3218 reason = _("expired");
3220 reason = _("invalid");
3222 tty_printf (_("User ID \"%s\" compacted: %s\n"), user, reason);
3228 tty_printf (sigs == 1 ?
3229 _("User ID \"%s\": %d signature removed\n") :
3230 _("User ID \"%s\": %d signatures removed\n"),
3237 tty_printf (self_only == 1 ?
3238 _("User ID \"%s\": already minimized\n") :
3239 _("User ID \"%s\": already clean\n"), user);
3251 * Remove some of the secondary keys
3254 menu_delkey (KBNODE pub_keyblock)
3259 for (node = pub_keyblock; node; node = node->next)
3261 if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
3263 selected = node->flag & NODFLG_SELKEY;
3265 delete_kbnode (node);
3267 else if (selected && node->pkt->pkttype == PKT_SIGNATURE)
3268 delete_kbnode (node);
3272 commit_kbnode (&pub_keyblock);
3274 /* No need to set update_trust here since signing keys are no
3275 longer used to certify other keys, so there is no change in
3276 trust when revoking/removing them. */
3281 * Ask for a new revoker, create the self-signature and put it into
3282 * the keyblock. Returns true if there is a new revoker.
3285 menu_addrevoker (ctrl_t ctrl, kbnode_t pub_keyblock, int sensitive)
3287 PKT_public_key *pk = NULL;
3288 PKT_public_key *revoker_pk = NULL;
3289 PKT_signature *sig = NULL;
3291 struct revocation_key revkey;
3295 assert (pub_keyblock->pkt->pkttype == PKT_PUBLIC_KEY);
3297 pk = pub_keyblock->pkt->pkt.public_key;
3299 if (pk->numrevkeys == 0 && pk->version == 3)
3301 /* It is legal but bad for compatibility to add a revoker to a
3302 v3 key as it means that PGP2 will not be able to use that key
3303 anymore. Also, PGP may not expect a revoker on a v3 key.
3304 Don't bother to ask this if the key already has a revoker -
3305 any damage has already been done at that point. -dms */
3308 tty_printf (_("WARNING: This is a PGP 2.x-style key. "
3309 "Adding a designated revoker may cause\n"
3310 " some versions of PGP to reject this key.\n"));
3312 if (!cpr_get_answer_is_yes ("keyedit.v3_revoker.okay",
3313 _("Are you sure you still want "
3314 "to add it? (y/N) ")))
3319 tty_printf (_("You may not add a designated revoker to "
3320 "a PGP 2.x-style key.\n"));
3329 free_public_key (revoker_pk);
3330 revoker_pk = xmalloc_clear (sizeof (*revoker_pk));
3334 answer = cpr_get_utf8
3335 ("keyedit.add_revoker",
3336 _("Enter the user ID of the designated revoker: "));
3337 if (answer[0] == '\0' || answer[0] == CONTROL_D)
3343 /* Note that I'm requesting CERT here, which usually implies
3344 primary keys only, but some casual testing shows that PGP and
3345 GnuPG both can handle a designated revocation from a subkey. */
3346 revoker_pk->req_usage = PUBKEY_USAGE_CERT;
3347 rc = get_pubkey_byname (ctrl, NULL, revoker_pk, answer, NULL, NULL, 1, 1);
projects / gnupg.git / blob