gpg: New command --quick-add-adsk

* g10/gpg.c (enum cmd_and_opt_values): Add aQuickAddADSK. (opts): Add --quick-add-adsk. (main): Call the actual function. * g10/keyedit.c (keyedit_quick_addadsk): New. (menu_addadsk): Add arg adskfpr and change caller. -- GnuPG-bug-id: 6395
author: Werner Koch <[email protected]> 2023-03-21 15:30:18 +0000
committer: Werner Koch <[email protected]> 2023-03-21 15:30:18 +0000
commit: 9f27e448bf1f825906f3c53e3428087d34bbd8fc (patch)
tree: d9df55b3cce7fe31401e9a22d13fa524b99a311b /g10/keyedit.c
parent: po: Fix German translation regarding the caching of PINs. (diff)
download: gnupg-9f27e448bf1f825906f3c53e3428087d34bbd8fc.tar.gz
gnupg-9f27e448bf1f825906f3c53e3428087d34bbd8fc.zip
1 files changed, 95 insertions, 14 deletions
diff --git a/g10/keyedit.c b/g10/keyedit.c
index d21064a21..a91cc4447 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -73,7 +73,8 @@ static int menu_delsig (ctrl_t ctrl, kbnode_t pub_keyblock);
 static int menu_clean (ctrl_t ctrl, kbnode_t keyblock, int self_only);
 static void menu_delkey (KBNODE pub_keyblock);
 static int menu_addrevoker (ctrl_t ctrl, kbnode_t pub_keyblock, int sensitive);
-static int menu_addadsk (ctrl_t ctrl, kbnode_t pub_keyblock);
+static int menu_addadsk (ctrl_t ctrl, kbnode_t pub_keyblock,
+                         const char *adskfpr);
 static gpg_error_t menu_expire (ctrl_t ctrl, kbnode_t pub_keyblock,
                                 int unattended, u32 newexpiration);
 static int menu_changeusage (ctrl_t ctrl, kbnode_t keyblock);
@@ -1310,7 +1311,7 @@ static struct
   { "addrevoker", cmdADDREVOKER,  KEYEDIT_NEED_SK,
     N_("add a revocation key")},
   { "addadsk", cmdADDADSK,  KEYEDIT_NEED_SK,
-    N_("add additional decryption subkeys")},
+    N_("add an additional decryption subkey")},
   { "delsig", cmdDELSIG, 0,
     N_("delete signatures from the selected user IDs")},
   { "expire", cmdEXPIRE,  KEYEDIT_NEED_SK | KEYEDIT_NEED_SUBSK,
@@ -2016,7 +2017,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
 	  break;
 
 	case cmdADDADSK:
-          if (menu_addadsk (ctrl, keyblock))
+          if (menu_addadsk (ctrl, keyblock, NULL))
             {
               redisplay = 1;
               modified = 1;
@@ -3247,6 +3248,69 @@ keyedit_quick_addkey (ctrl_t ctrl, const char *fpr, const char *algostr,
 }
 
 
+/* Unattended ADSK setup function.
+ *
+ * FPR is the fingerprint of our key.  ADSKFPR is the fingerprint of
+ * another subkey which we want to add as ADSK to our key.
+ */
+void
+keyedit_quick_addadsk (ctrl_t ctrl, const char *fpr, const char *adskfpr)
+{
+  gpg_error_t err;
+  kbnode_t keyblock;
+  KEYDB_HANDLE kdbhd;
+  int modified = 0;
+  PKT_public_key *pk;
+
+#ifdef HAVE_W32_SYSTEM
+  /* See keyedit_menu for why we need this.  */
+  check_trustdb_stale (ctrl);
+#endif
+
+  /* We require a fingerprint because only this uniquely identifies a
+   * key and may thus be used to select a key for unattended adsk
+   * adding. */
+  if (find_by_primary_fpr (ctrl, fpr, &keyblock, &kdbhd))
+    goto leave;
+
+  if (fix_keyblock (ctrl, &keyblock))
+    modified++;
+
+  pk = keyblock->pkt->pkt.public_key;
+  if (pk->flags.revoked)
+    {
+      if (!opt.verbose)
+        show_key_with_all_names (ctrl, es_stdout, keyblock, 0, 0, 0, 0, 0, 1);
+      log_error ("%s%s", _("Key is revoked."), "\n");
+      goto leave;
+    }
+
+  /* Locate and add the ADSK.  Note that the called function already
+   * prints error messages. */
+  if (menu_addadsk (ctrl, keyblock, adskfpr))
+    modified = 1;
+  else
+    log_inc_errorcount ();  /* (We use log_info in menu_adsk) */
+
+  es_fflush (es_stdout);
+
+  /* Store.  */
+  if (modified)
+    {
+      err = keydb_update_keyblock (ctrl, kdbhd, keyblock);
+      if (err)
+        {
+          log_error (_("update failed: %s\n"), gpg_strerror (err));
+          goto leave;
+        }
+    }
+
+ leave:
+  release_kbnode (keyblock);
+  keydb_release (kdbhd);
+}
+
+
 /* Unattended expiration setting function for the main key.  If
  * SUBKEYFPRS is not NULL and SUBKEYSFPRS[0] is neither NULL, it is
  * expected to be an array of fingerprints for subkeys to change. It
@@ -4691,11 +4755,12 @@ fail:
 
 /*
  * Ask for a new additional decryption subkey and add it to the key
- * block.  Returns true if the keybloxk was changed and false
- * otherwise.
+ * block.  Returns true if the keyblock was changed and false
+ * otherwise.  If ADSKFPR is not NULL, this fucntion has been called
+ * by quick_addadsk and gives the fingerprint of the to be added key.
  */
 static int
-menu_addadsk (ctrl_t ctrl, kbnode_t pub_keyblock)
+menu_addadsk (ctrl_t ctrl, kbnode_t pub_keyblock, const char *adskfpr)
 {
   PKT_public_key *pk;
   PKT_public_key *sub_pk;
@@ -4718,18 +4783,26 @@ menu_addadsk (ctrl_t ctrl, kbnode_t pub_keyblock)
   for (;;)
     {
       xfree (answer);
-      answer = cpr_get_utf8
-        ("keyedit.addadsk",
-         _("Enter the fingerprint of the additional decryption subkey: "));
-      if (answer[0] == '\0' || answer[0] == CONTROL_D)
+      if (adskfpr)
+        answer = xstrdup (adskfpr);
+      else
         {
-          err = gpg_error (GPG_ERR_CANCELED);
-          goto leave;
+          answer = cpr_get_utf8
+            ("keyedit.addadsk",
+             _("Enter the fingerprint of the additional decryption subkey: "));
+          if (answer[0] == '\0' || answer[0] == CONTROL_D)
+            {
+              err = gpg_error (GPG_ERR_CANCELED);
+              goto leave;
+            }
         }
       if (classify_user_id (answer, &desc, 1)
           || desc.mode != KEYDB_SEARCH_MODE_FPR)
         {
           log_info (_("\"%s\" is not a fingerprint\n"), answer);
+          err = gpg_error (GPG_ERR_INV_USER_ID);
+          if (adskfpr)
+            goto leave;
           continue;
         }
 
@@ -4744,8 +4817,11 @@ menu_addadsk (ctrl_t ctrl, kbnode_t pub_keyblock)
         {
           log_info (_("key \"%s\" not found: %s\n"), answer,
                     gpg_strerror (err));
-          if (!opt.batch && gpg_err_code (err) == GPG_ERR_UNUSABLE_PUBKEY)
+          if ((!opt.batch || adskfpr) && !opt.quiet
+              && gpg_err_code (err) == GPG_ERR_UNUSABLE_PUBKEY)
             log_info (_("Did you specify the fingerprint of a subkey?\n"));
+          if (adskfpr)
+            goto leave;
 	  continue;
 	}
 
@@ -4767,8 +4843,10 @@ menu_addadsk (ctrl_t ctrl, kbnode_t pub_keyblock)
           err = gpg_error (GPG_ERR_WRONG_KEY_USAGE);
           log_info (_("key \"%s\" not found: %s\n"), answer,
                     gpg_strerror (err));
-          if (!opt.batch)
+          if ((!opt.batch || adskfpr) && !opt.quiet)
             log_info (_("Did you specify the fingerprint of a subkey?\n"));
+          if (adskfpr)
+            goto leave;
 	  continue;
         }
 
@@ -4788,6 +4866,9 @@ menu_addadsk (ctrl_t ctrl, kbnode_t pub_keyblock)
       if (node2)
         {
           log_info (_("key \"%s\" is already on this keyblock\n"), answer);
+          err = gpg_error (GPG_ERR_DUP_KEY);
+          if (adskfpr)
+            goto leave;
           continue;
         }
author	Werner Koch <[email protected]>	2023-03-21 15:30:18 +0000
committer	Werner Koch <[email protected]>	2023-03-21 15:30:18 +0000
commit	9f27e448bf1f825906f3c53e3428087d34bbd8fc (patch)
tree	d9df55b3cce7fe31401e9a22d13fa524b99a311b /g10/keyedit.c
parent	po: Fix German translation regarding the caching of PINs. (diff)
download	gnupg-9f27e448bf1f825906f3c53e3428087d34bbd8fc.tar.gz gnupg-9f27e448bf1f825906f3c53e3428087d34bbd8fc.zip