* build-packet.c (build_sig_subpkt): Delete subpackets from both hashed

and unhashed area on update.  (find_subpkt): No longer needed.

* keyedit.c (sign_uids): With --pgp2 on, refuse to sign a v3 key with a v4
signature.  As usual, --expert overrides.  Try to tweak some strings to a
closer match so they can all be translated in one place.  Use different
helptext keys to allow different help text for different questions.

* keygen.c (keygen_upd_std_prefs): Remove preferences from both hashed and
unhashed areas if they are not going to be used.

4 files changed, 101 insertions, 114 deletions

diff --git a/g10/ChangeLog b/g10/ChangeLog
index d45c5e38a..ac331f078 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,18 @@
+2002-04-11  David Shaw  <[email protected]>
+
+	* build-packet.c (build_sig_subpkt): Delete subpackets from both
+	hashed and unhashed area on update.  (find_subpkt): No longer
+	needed.
+
+	* keyedit.c (sign_uids): With --pgp2 on, refuse to sign a v3 key
+	with a v4 signature.  As usual, --expert overrides.  Try to tweak
+	some strings to a closer match so they can all be translated in
+	one place.  Use different helptext keys to allow different help
+	text for different questions.
+
+	* keygen.c (keygen_upd_std_prefs): Remove preferences from both
+	hashed and unhashed areas if they are not going to be used.
+
 2002-04-10  David Shaw  <[email protected]>
 
 	* misc.c (pct_expando), options.skel: Use %t to indicate type of a
diff --git a/g10/build-packet.c b/g10/build-packet.c
index 55c923f15..4bc06f138 100644
--- a/g10/build-packet.c
+++ b/g10/build-packet.c
@@ -616,68 +616,6 @@ do_compressed( IOBUF out, int ctb, PKT_compressed *cd )
 }
 
 
-
-/****************
- * Find a subpacket of type REQTYPE in AREA and a return a pointer
- * to the first byte of that subpacket data.
- * And return the length of the packet in RET_N and the number of
- * header bytes in RET_HLEN (length header and type byte).
- */
-static byte *
-find_subpkt (subpktarea_t *area, sigsubpkttype_t reqtype,
-	     size_t *ret_hlen, size_t *ret_n )
-{
-    byte *buffer;
-    int buflen;
-    sigsubpkttype_t type;
-    byte *bufstart;
-    size_t n;
-
-    if( !area )
-	return NULL;
-    buflen = area->len;
-    buffer = area->data;
-    for(;;) {
-	if( !buflen )
-	    return NULL; /* end of packets; not found */
-	bufstart = buffer;
-	n = *buffer++; buflen--;
-	if( n == 255 ) {
-	    if( buflen < 4 )
-		break;
-	    n = (buffer[0] << 24) | (buffer[1] << 16)
-                | (buffer[2] << 8) | buffer[3];
-	    buffer += 4;
-	    buflen -= 4;
-	}
-	else if( n >= 192 ) {
-	    if( buflen < 2 )
-		break;
-	    n = (( n - 192 ) << 8) + *buffer + 192;
-	    buffer++;
-	    buflen--;
-	}
-	if( buflen < n )
-	    break;
-	type = *buffer & 0x7f;
-	if( type == reqtype ) {
-	    buffer++;
-	    n--;
-	    if( n > buflen )
-		break;
-	    if( ret_hlen )
-		*ret_hlen = buffer - bufstart;
-	    if( ret_n )
-		*ret_n = n;
-	    return buffer;
-	}
-	buffer += n; buflen -=n;
-    }
-
-    log_error("find_subpkt: buffer shorter than subpacket\n");
-    return NULL;
-}
-
 /****************
  * Delete all subpackets of type REQTYPE and return a bool whether a packet
  * was deleted.
@@ -767,33 +705,19 @@ build_sig_subpkt (PKT_signature *sig, sigsubpkttype_t type,
 
     critical = (type & SIGSUBPKT_FLAG_CRITICAL);
     type &= ~SIGSUBPKT_FLAG_CRITICAL;
-    
-    if( type == SIGSUBPKT_NOTATION )
-	; /* we allow multiple packets */
-    else if (find_subpkt (sig->hashed, type, NULL, NULL) ) {
-        switch (type) {
-          case SIGSUBPKT_SIG_CREATED:
-          case SIGSUBPKT_PREF_SYM:
-          case SIGSUBPKT_PREF_HASH:
-          case SIGSUBPKT_PREF_COMPR:
-          case SIGSUBPKT_FEATURES:
-          case SIGSUBPKT_SIG_EXPIRE:
-            delete_sig_subpkt (sig->hashed, type);
-            break;
-          default:
-            log_bug("build_sig_packet: update of hashed type %d nyi\n", type);
-        }
-    }
-    else if (find_subpkt (sig->unhashed, type, NULL, NULL)) {
-        switch (type) {
-          case SIGSUBPKT_PRIV_VERIFY_CACHE:
-          case SIGSUBPKT_ISSUER:
-            delete_sig_subpkt (sig->unhashed, type);
-            break;
-          default:
-            log_bug("build_sig_packet: update of unhashed type %d nyi\n",type);
-        }
-    }
+
+    switch(type)
+      {
+      case SIGSUBPKT_NOTATION:
+	/* we do allow multiple subpackets */
+	break;
+
+      default:
+	/* we don't allow multiple subpackets */
+	delete_sig_subpkt(sig->hashed,type);
+	delete_sig_subpkt(sig->unhashed,type);
+	break;
+      }
 
     if( (buflen+1) >= 8384 )
 	nlen = 5; /* write 5 byte length header */
diff --git a/g10/keyedit.c b/g10/keyedit.c
index c29a385e7..5d6b11d14 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -273,7 +273,14 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
     KBNODE node, uidnode;
     PKT_public_key *primary_pk=NULL;
     int select_all = !count_selected_uids(keyblock);
-    int upd_trust = 0, force_v4=0;
+    int upd_trust = 0, force_v4=0, all_v3=1;
+
+    /* Are there any non-v3 sigs on this key already? */
+    if(opt.pgp2)
+      for(node=keyblock;node;node=node->next)
+	if(node->pkt->pkttype==PKT_SIGNATURE &&
+	   node->pkt->pkt.signature->version>3)
+	  all_v3=0;
 
     if(local || opt.cert_policy_url || opt.notation_data)
       force_v4=1;
@@ -322,21 +329,23 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
 		uidnode = (node->flag & NODFLG_MARK_A)? node : NULL;
 		if(uidnode && uidnode->pkt->pkt.user_id->is_revoked)
 		  {
-		    tty_printf(_("User ID \"%s\" is revoked.\n"),
+		    tty_printf(_("User ID \"%s\" is revoked."),
 			       uidnode->pkt->pkt.user_id->name);
 
 		    if(opt.expert)
 		      {
-			tty_printf(_("Are you sure you still "
-				     "want to sign it?\n"));
-
+			tty_printf("\n");
 			/* No, so remove the mark and continue */
-			if(!cpr_get_answer_is_yes("sign_uid.okay",
-						  _("Really sign? ")))
+			if(!cpr_get_answer_is_yes("sign_uid.revoke_okay",
+						 _("Are you sure you still "
+						   "want to sign it? (y/N) ")))
 			  uidnode->flag &= ~NODFLG_MARK_A;
 		      }
 		    else
-		      uidnode->flag &= ~NODFLG_MARK_A;
+		      {
+			uidnode->flag &= ~NODFLG_MARK_A;
+			tty_printf(_("  Unable to sign.\n"));
+		      }
 		  }
 	    }
 	    else if( uidnode && node->pkt->pkttype == PKT_SIGNATURE
@@ -350,12 +359,12 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
 			/* It's a local sig, and we want to make a
                            exportable sig. */
 			tty_printf(_("Your current signature on \"%s\"\n"
-				     "is a local signature.\n\n"
-				     "Do you want to promote it to a full "
-				     "exportable signature?\n"),
+				     "is a local signature.\n"),
 				   uidnode->pkt->pkt.user_id->name);
-			if(cpr_get_answer_is_yes("sign_uid.promote",
-						 "Promote? (y/N) "))
+			if(cpr_get_answer_is_yes("sign_uid.promote_okay",
+						 _("Do you want to promote "
+						   "it to a full exportable "
+						   "signature? (y/N) ")))
 			  {
 			    /* Mark these for later deletion.  We
                                don't want to delete them here, just in
@@ -409,15 +418,15 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
 
 		if(opt.expert)
 		  {
-		    tty_printf(_("  Are you sure you still "
-				 "want to sign it?\n"));
-		    if(!cpr_get_answer_is_yes("sign_uid.okay",
-					      _("Really sign? (y/N) ")))
+		    tty_printf("  ");
+		    if(!cpr_get_answer_is_yes("sign_uid.expired_okay",
+					      _("Are you sure you still "
+						"want to sign it? (y/N) ")))
 		      continue;
 		  }
 		else
 		  {
-		    tty_printf("\n");
+		    tty_printf(_("  Unable to sign.\n"));
 		    continue;
 		  }
 	      }
@@ -426,7 +435,9 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
 		tty_printf(_("This key is due to expire on %s.\n"),
 			   expirestr_from_pk(primary_pk));
 		/* Should this default to yes? -ds */
-		if(cpr_get_answer_is_yes("sign_uid.expire",_("Do you want your signature to expire at the same time? (y/N) ")))
+		if(cpr_get_answer_is_yes("sign_uid.expire",
+					 _("Do you want your signature to "
+					   "expire at the same time? (y/N) ")))
 		  {
 		    /* This fixes the signature timestamp we're going
 		       to make as now.  This is so the expiration date
@@ -448,6 +459,29 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
 	if(duration)
 	  force_v4=1;
 
+	/* Is --pgp2 on, it's a v3 key, all the sigs on the key are
+	   currently v3 and we're about to sign it with a v4 sig?  If
+	   so, danger! */
+	if(opt.pgp2 && all_v3 &&
+	   (sk->version>3 || force_v4) && primary_pk->version<=3)
+	  {
+	    tty_printf(_("You may not make an OpenPGP signature on a "
+			 "PGP 2.x key while in --pgp2 mode.\n"));
+	    tty_printf(_("This would make the key unusable in PGP 2.x.\n"));
+
+	    if(opt.expert)
+	      {
+		if(!cpr_get_answer_is_yes("sign_uid.v4_on_v3_okay",
+					  _("Are you sure you still "
+					    "want to sign it? (y/N) ")))
+		  continue;
+
+		all_v3=0;
+	      }
+	    else
+	      continue;
+	  }
+
 	if(opt.batch)
 	  class=0x10+opt.def_check_level;
 	else
@@ -1004,18 +1038,21 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
 	  case cmdNRLSIGN: /* sign (only the public key) */
 	    if( pk->is_revoked )
 	      {
-		tty_printf(_("Key is revoked.\n"));
+		tty_printf(_("Key is revoked."));
 
 		if(opt.expert)
 		  {
-		    tty_printf(_("Are you sure you still want to sign it?\n"));
-
+		    tty_printf("  ");
 		    if(!cpr_get_answer_is_yes("keyedit.sign_revoked.okay",
-					      _("Really sign? ")))
+					      _("Are you sure you still want "
+						"to sign it? (y/N) ")))
 		      break;
 		  }
 		else
-		  break;
+		  {
+		    tty_printf("\n");
+		    break;
+		  }
 	      }
 
 	    if( count_uids(keyblock) > 1 && !count_selected_uids(keyblock) ) {
diff --git a/g10/keygen.c b/g10/keygen.c
index 9c1bae7f1..8cc8b91ab 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -328,15 +328,26 @@ keygen_upd_std_prefs( PKT_signature *sig, void *opaque )
     if (nsym_prefs) 
         build_sig_subpkt (sig, SIGSUBPKT_PREF_SYM, sym_prefs, nsym_prefs);
     else
+      {
         delete_sig_subpkt (sig->hashed, SIGSUBPKT_PREF_SYM);
+        delete_sig_subpkt (sig->unhashed, SIGSUBPKT_PREF_SYM);
+      }
+
     if (nhash_prefs)
         build_sig_subpkt (sig, SIGSUBPKT_PREF_HASH, hash_prefs, nhash_prefs);
     else
-        delete_sig_subpkt (sig->hashed, SIGSUBPKT_PREF_HASH);
+      {
+	delete_sig_subpkt (sig->hashed, SIGSUBPKT_PREF_HASH);
+	delete_sig_subpkt (sig->unhashed, SIGSUBPKT_PREF_HASH);
+      }
+
     if (nzip_prefs)
         build_sig_subpkt (sig, SIGSUBPKT_PREF_COMPR, zip_prefs, nzip_prefs);
     else
+      {
         delete_sig_subpkt (sig->hashed, SIGSUBPKT_PREF_COMPR);
+        delete_sig_subpkt (sig->unhashed, SIGSUBPKT_PREF_COMPR);
+      }
 
     /* Make sure that the MDC feature flag is set */
     add_feature_mdc (sig);