* keyedit.c (menu_revuid): Properly handle a nonselfsigned uid on a v4 key

(treat as a v4 revocation).

* keyedit.c (keyedit_menu, menu_revuid): Backport "revuid" from devel.

* import.c (print_import_check): Do not re-utf8 convert user IDs.

* status.h, status.c (get_status_string), import.c (import_one,
print_import_check): Backport Timo's IMPORT_CHECK status message from
devel.

5 files changed, 170 insertions, 6 deletions

diff --git a/g10/ChangeLog b/g10/ChangeLog
index 2c99a23de..9d96dccda 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,17 @@
+2003-02-02  David Shaw  <[email protected]>
+
+	* keyedit.c (menu_revuid): Properly handle a nonselfsigned uid on
+	a v4 key (treat as a v4 revocation).
+
+	* keyedit.c (keyedit_menu, menu_revuid): Backport "revuid" from
+	devel.
+
+	* import.c (print_import_check): Do not re-utf8 convert user IDs.
+
+	* status.h, status.c (get_status_string), import.c (import_one,
+	print_import_check): Backport Timo's IMPORT_CHECK status message
+	from devel.
+
 2003-01-16  David Shaw  <[email protected]>
 
 	* g10.c (add_group): Trim whitespace after a group name so it does
diff --git a/g10/import.c b/g10/import.c
index 336d4aaf1..46162e973 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -543,6 +543,29 @@ print_import_ok (PKT_public_key *pk, PKT_secret_key *sk, unsigned int reason)
 }
 
 
+void
+print_import_check (PKT_public_key * pk, PKT_user_id * id)
+{
+    char * buf;
+    byte fpr[24];
+    u32 keyid[2];
+    size_t i, pos = 0, n;
+
+    buf = m_alloc (17+41+id->len+32);
+    keyid_from_pk (pk, keyid);
+    sprintf (buf, "%08X%08X ", keyid[0], keyid[1]);
+    pos = 17;
+    fingerprint_from_pk (pk, fpr, &n);
+    for (i = 0; i < n; i++, pos += 2)
+        sprintf (buf+pos, "%02X", fpr[i]);
+    strcat (buf, " ");
+    pos += 1;
+    strcat (buf, id->name);
+    write_status_text (STATUS_IMPORT_CHECK, buf);
+    m_free (buf);
+}
+
+
 /****************
  * Try to import one keyblock.	Return an error only in serious cases, but
  * never for an invalid keyblock.  It uses log_error to increase the
@@ -591,7 +614,9 @@ import_one( const char *fname, KBNODE keyblock, int fast,
     }
     
     if (opt.interactive) {
-        merge_keys_and_selfsig (keyblock);
+        if(is_status_enabled())
+	  print_import_check (pk, uidnode->pkt->pkt.user_id);
+	merge_keys_and_selfsig (keyblock);
         tty_printf ("\n");
         show_basic_key_info (keyblock);
         tty_printf ("\n");
diff --git a/g10/keyedit.c b/g10/keyedit.c
index afbda995d..413df0d4f 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -63,6 +63,7 @@ static int count_selected_uids( KBNODE keyblock );
 static int real_uids_left( KBNODE keyblock );
 static int count_selected_keys( KBNODE keyblock );
 static int menu_revsig( KBNODE keyblock );
+static int menu_revuid( KBNODE keyblock, KBNODE sec_keyblock );
 static int menu_revkey( KBNODE pub_keyblock, KBNODE sec_keyblock );
 static int enable_disable_key( KBNODE keyblock, int disable );
 static void menu_showphoto( KBNODE keyblock );
@@ -885,10 +886,10 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
 {
     enum cmdids { cmdNONE = 0,
 	   cmdQUIT, cmdHELP, cmdFPR, cmdLIST, cmdSELUID, cmdCHECK, cmdSIGN,
-           cmdLSIGN, cmdNRSIGN, cmdNRLSIGN, cmdREVSIG, cmdREVKEY, cmdDELSIG,
-	   cmdPRIMARY, cmdDEBUG, cmdSAVE, cmdADDUID, cmdADDPHOTO, cmdDELUID,
-           cmdADDKEY, cmdDELKEY, cmdADDREVOKER, cmdTOGGLE, cmdSELKEY,
-	   cmdPASSWD, cmdTRUST, cmdPREF, cmdEXPIRE, cmdENABLEKEY,
+           cmdLSIGN, cmdNRSIGN, cmdNRLSIGN, cmdREVSIG, cmdREVKEY, cmdREVUID,
+	   cmdDELSIG, cmdPRIMARY, cmdDEBUG, cmdSAVE, cmdADDUID, cmdADDPHOTO,
+	   cmdDELUID, cmdADDKEY, cmdDELKEY, cmdADDREVOKER, cmdTOGGLE,
+	   cmdSELKEY, cmdPASSWD, cmdTRUST, cmdPREF, cmdEXPIRE, cmdENABLEKEY,
 	   cmdDISABLEKEY, cmdSHOWPREF, cmdSETPREF, cmdUPDPREF, cmdINVCMD,
            cmdSHOWPHOTO, cmdUPDTRUST, cmdCHKTRUST, cmdNOP };
     static struct { const char *name;
@@ -937,6 +938,7 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
 	{ N_("passwd")  , cmdPASSWD    , 1,1,0, N_("change the passphrase") },
 	{ N_("trust")   , cmdTRUST     , 0,1,0, N_("change the ownertrust") },
 	{ N_("revsig")  , cmdREVSIG    , 0,1,0, N_("revoke signatures") },
+	{ N_("revuid")  , cmdREVUID    , 1,1,0, N_("revoke a user ID") },
 	{ N_("revkey")  , cmdREVKEY    , 1,1,0, N_("revoke a secondary key") },
 	{ N_("disable") , cmdDISABLEKEY, 0,1,0, N_("disable a key") },
 	{ N_("enable")  , cmdENABLEKEY , 0,1,0, N_("enable a key") },
@@ -1274,6 +1276,25 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
 	    }
 	    break;
 
+	  case cmdREVUID: {
+		int n1;
+
+		if( !(n1=count_selected_uids(keyblock)) )
+		    tty_printf(_("You must select at least one user ID.\n"));
+		else if( cpr_get_answer_is_yes(
+			    "keyedit.revoke.uid.okay",
+			n1 > 1? _("Really revoke all selected user IDs? ")
+			      : _("Really revoke this user ID? ")
+		       ) ) {
+		  if(menu_revuid(keyblock,sec_keyblock))
+		    {
+		      modified=1;
+		      redisplay=1;
+		    }
+		}
+	    }
+	    break;
+
 	  case cmdREVKEY: {
 		int n1;
 
@@ -3135,6 +3156,109 @@ menu_revsig( KBNODE keyblock )
     return changed;
 }
 
+/* Revoke a user ID (i.e. revoke a user ID selfsig).  Return true if
+   keyblock changed. */
+static int
+menu_revuid( KBNODE pub_keyblock, KBNODE sec_keyblock )
+{
+  PKT_public_key *pk = pub_keyblock->pkt->pkt.public_key;
+  PKT_secret_key *sk = copy_secret_key( NULL,
+					sec_keyblock->pkt->pkt.secret_key );
+  KBNODE node;
+  int changed = 0;
+  int rc;
+  struct revocation_reason_info *reason = NULL;
+
+  /* Note that this is correct as per the RFCs, but nevertheless
+     somewhat meaningless in the real world.  1991 did define the 0x30
+     sig class, but PGP 2.x did not actually implement it, so it would
+     probably be safe to use v4 revocations everywhere. -ds */
+
+  for( node = pub_keyblock; node; node = node->next )
+    if(pk->version>3 || (node->pkt->pkttype==PKT_USER_ID &&
+			 node->pkt->pkt.user_id->selfsigversion>3))
+      {
+	if((reason = ask_revocation_reason( 0, 1, 4 )))
+	  break;
+	else
+	  goto leave;
+      }
+
+ reloop: /* (better this way because we are modifing the keyring) */
+  for( node = pub_keyblock; node; node = node->next )
+    if(node->pkt->pkttype == PKT_USER_ID && (node->flag & NODFLG_SELUID))
+      {
+	PKT_user_id *uid=node->pkt->pkt.user_id;
+
+	if(uid->is_revoked)
+	  {
+	    char *user=utf8_to_native(uid->name,uid->len,0);
+	    log_info(_("user ID \"%s\" is already revoked\n"),user);
+	    m_free(user);
+	  }
+	else
+	  {
+	    PACKET *pkt;
+	    PKT_signature *sig;
+	    struct sign_attrib attrib;
+	    u32 timestamp=make_timestamp();
+
+	    if(uid->created>=timestamp)
+	      {
+		/* Okay, this is a problem.  The user ID selfsig was
+		   created in the future, so we need to warn the user and
+		   set our revocation timestamp one second after that so
+		   everything comes out clean. */
+
+		log_info(_("WARNING: a user ID signature is dated %d"
+			   " seconds in the future\n"),uid->created-timestamp);
+
+		timestamp=uid->created+1;
+	      }
+
+	    memset( &attrib, 0, sizeof attrib );
+	    attrib.reason = reason;
+
+	    node->flag &= ~NODFLG_SELUID;
+
+	    rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x30, 0,
+				     (reason==NULL)?3:0, timestamp, 0,
+				     sign_mk_attrib, &attrib );
+	    if( rc )
+	      {
+		log_error(_("signing failed: %s\n"), g10_errstr(rc));
+		goto leave;
+	      }
+	    else
+	      {
+		pkt = m_alloc_clear( sizeof *pkt );
+		pkt->pkttype = PKT_SIGNATURE;
+		pkt->pkt.signature = sig;
+		insert_kbnode( node, new_kbnode(pkt), 0 );
+
+		/* If the trustdb has an entry for this key+uid then the
+		   trustdb needs an update. */
+		if(!update_trust
+		   && (get_validity(pk,uid)&TRUST_MASK)>=TRUST_UNDEFINED)
+		  update_trust=1;
+
+		changed = 1;
+		node->pkt->pkt.user_id->is_revoked=1;
+
+		goto reloop;
+	      }
+	  }
+      }
+
+  if(changed)
+    commit_kbnode( &pub_keyblock );
+
+ leave:
+  free_secret_key(sk);
+  release_revocation_reason_info( reason );
+  return changed;
+}
+
 /****************
  * Revoke some of the secondary keys.
  * Hmmm: Should we add a revocation to the secret keyring too?
@@ -3154,7 +3278,6 @@ menu_revkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
 	return 0;
     }
 
-
   reloop: /* (better this way because we are modifing the keyring) */
     mainpk = pub_keyblock->pkt->pkt.public_key;
     for( node = pub_keyblock; node; node = node->next ) {
diff --git a/g10/status.c b/g10/status.c
index 799b42edc..b665968f0 100644
--- a/g10/status.c
+++ b/g10/status.c
@@ -121,6 +121,7 @@ get_status_string ( int no )
       case STATUS_ERRMDC	 : s = "ERRMDC"; break;
       case STATUS_IMPORTED	 : s = "IMPORTED"; break;
       case STATUS_IMPORT_OK	 : s = "IMPORT_OK"; break;
+      case STATUS_IMPORT_CHECK   : s = "IMPORT_CHECK"; break;
       case STATUS_IMPORT_RES	 : s = "IMPORT_RES"; break;
       case STATUS_FILE_START	 : s = "FILE_START"; break;
       case STATUS_FILE_DONE	 : s = "FILE_DONE"; break;
diff --git a/g10/status.h b/g10/status.h
index dd913b4bd..44a7d6d32 100644
--- a/g10/status.h
+++ b/g10/status.h
@@ -98,6 +98,7 @@
 #define STATUS_EXPKEYSIG        66
 #define STATUS_ATTRIBUTE        67
 #define STATUS_IMPORT_OK 	68
+#define STATUS_IMPORT_CHECK     69
 
 /*-- status.c --*/
 void set_status_fd ( int fd );