aboutsummaryrefslogtreecommitdiffstats
path: root/g10
diff options
context:
space:
mode:
Diffstat (limited to 'g10')
-rw-r--r--g10/ChangeLog20
-rw-r--r--g10/g10.c11
-rw-r--r--g10/main.h1
-rw-r--r--g10/pkclist.c83
-rw-r--r--g10/seckey-cert.c2
-rw-r--r--g10/sign.c78
-rw-r--r--g10/trustdb.c11
7 files changed, 190 insertions, 16 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog
index 56c825119..3e295ccc0 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,23 @@
+Mon Mar 2 21:23:48 1998 Werner Koch ([email protected])
+
+ * pkc_list.c (build_pkc_list): Add interactive input of user ID.
+
+Mon Mar 2 20:54:05 1998 Werner Koch ([email protected])
+
+ * pkclist.c (do_we_trust_pre): New.
+ (add_ownertrust): Add message.
+ * trustdb.c (enum_trust_web): Quick fix.
+
+Mon Mar 2 13:50:53 1998 Werner Koch ([email protected])
+
+ * g10.c (main): New action aDeleteKey
+ * sign.c (delete_key): New.
+
+Sun Mar 1 16:38:58 1998 Werner Koch ([email protected])
+
+ * trustdb.c (do_check): No returns TRUST_UNDEFINED instead of
+ eof error.
+
Fri Feb 27 18:14:03 1998 Werner Koch ([email protected])
* armor.c (find_header): Removed trailing CR on headers.
diff --git a/g10/g10.c b/g10/g10.c
index 867bb5a43..0fddeedbb 100644
--- a/g10/g10.c
+++ b/g10/g10.c
@@ -120,7 +120,7 @@ static ARGPARSE_OPTS opts[] = {
enum cmd_values { aNull = 0,
aSym, aStore, aEncr, aKeygen, aSign, aSignEncr,
- aSignKey, aClearsign, aListPackets, aEditSig,
+ aSignKey, aClearsign, aListPackets, aEditSig, aDeleteKey,
aKMode, aKModeC, aChangePass, aImport,
aExport, aCheckKeys, aGenRevoke,
aNOP };
@@ -416,6 +416,7 @@ main( int argc, char **argv )
case 501: opt.answer_yes = 1; break;
case 502: opt.answer_no = 1; break;
case 503: set_cmd( &cmd, aKeygen); break;
+ case 505: set_cmd( &cmd, aDeleteKey); break;
case 506: set_cmd( &cmd, aSignKey); break;
case 507: set_cmd( &cmd, aStore); break;
case 508: set_cmd( &cmd, aCheckKeys);
@@ -612,6 +613,14 @@ main( int argc, char **argv )
log_error("%s: edit signature failed: %s\n", fname_print, g10_errstr(rc) );
break;
+ case aDeleteKey:
+ if( argc != 1 )
+ wrong_args(_("--delete-key username"));
+ /* note: fname is the user id! */
+ if( (rc = delete_key(fname)) )
+ log_error("%s: delete key failed: %s\n", fname_print, g10_errstr(rc) );
+ break;
+
case aChangePass: /* Chnage the passphrase */
if( argc > 1 ) /* no arg: use default, 1 arg use this one */
wrong_args(_("--change-passphrase [username]"));
diff --git a/g10/main.h b/g10/main.h
index 4b57cfe6b..ef8180f06 100644
--- a/g10/main.h
+++ b/g10/main.h
@@ -53,6 +53,7 @@ int sign_file( STRLIST filenames, int detached, STRLIST locusr,
int clearsign_file( const char *fname, STRLIST locusr, const char *outfile );
int sign_key( const char *username, STRLIST locusr );
int edit_keysigs( const char *username );
+int delete_key( const char *username );
int change_passphrase( const char *username );
/*-- sig-check.c --*/
diff --git a/g10/pkclist.c b/g10/pkclist.c
index 5312c565a..a47747f0b 100644
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@@ -153,11 +153,12 @@ _("Could not find a valid trust path to the key. Lets see, wether we\n"
rc = 0;
enum_trust_web( &context, NULL ); /* close */
+ if( !any )
+ tty_printf(_("No ownertrust values changed.\n\n") );
return rc? rc : any? 0:-1;
}
-
/****************
* Check wether we can trust this pkc which has a trustlevel of TRUSTLEVEL
* Returns: true if we trust.
@@ -218,7 +219,7 @@ do_we_trust( PKT_public_cert *pkc, int trustlevel )
return do_we_trust( pkc, trustlevel );
}
}
- return 0; /* no */
+ return 0; /* no FIXME: add "Proceed anyway?" */
case TRUST_NEVER:
log_info("We do NOT trust this key\n");
@@ -250,6 +251,32 @@ do_we_trust( PKT_public_cert *pkc, int trustlevel )
}
+/****************
+ * wrapper arounf do_we_trust, so we can ask wether to use the
+ * key anyway.
+ */
+static int
+do_we_trust_pre( PKT_public_cert *pkc, int trustlevel )
+{
+ int rc = do_we_trust( pkc, trustlevel );
+
+ if( !opt.batch && !rc ) {
+ char *answer;
+
+ tty_printf(_(
+"It is NOT certain, that the key belongs to his owner.\n"
+"If you *really* know what you are doing, you may answer\n"
+"the next question with yes\n\n") );
+
+ answer = tty_get("Use this key anyway? ");
+ tty_kill_prompt();
+ if( answer_is_yes(answer) )
+ rc = 1;
+ m_free(answer);
+ }
+ return rc;
+}
+
void
release_pkc_list( PKC_LIST pkc_list )
@@ -267,14 +294,56 @@ int
build_pkc_list( STRLIST remusr, PKC_LIST *ret_pkc_list )
{
PKC_LIST pkc_list = NULL;
- int rc;
+ PKT_public_cert *pkc=NULL;
+ int rc=0;
+
+ if( !remusr && !opt.batch ) { /* ask */
+ char *answer=NULL;
+
+ tty_printf(_(
+ "You did not specify a user ID. (you may use \"-r\")\n\n"));
+ for(;;) {
+ rc = 0;
+ m_free(answer);
+ answer = tty_get(_("Enter the user ID: "));
+ trim_spaces(answer);
+ tty_kill_prompt();
+ if( !*answer )
+ break;
+ if( pkc )
+ free_public_cert( pkc );
+ pkc = m_alloc_clear( sizeof *pkc );
+ rc = get_pubkey_byname( pkc, answer );
+ if( rc )
+ tty_printf("No such user ID.\n");
+ else if( !(rc=check_pubkey_algo(pkc->pubkey_algo)) ) {
+ int trustlevel;
- if( !remusr ) { /* ask!!! */
- log_bug("ask for public key nyi\n");
+ rc = check_trust( pkc, &trustlevel );
+ if( rc ) {
+ log_error("error checking pkc of '%s': %s\n",
+ answer, g10_errstr(rc) );
+ }
+ else if( do_we_trust_pre( pkc, trustlevel ) ) {
+ PKC_LIST r;
+
+ r = m_alloc( sizeof *r );
+ r->pkc = pkc; pkc = NULL;
+ r->next = pkc_list;
+ r->mark = 0;
+ pkc_list = r;
+ break;
+ }
+ }
+ }
+ m_free(answer);
+ if( pkc ) {
+ free_public_cert( pkc );
+ pkc = NULL;
+ }
}
else {
for(; remusr; remusr = remusr->next ) {
- PKT_public_cert *pkc;
pkc = m_alloc_clear( sizeof *pkc );
if( (rc = get_pubkey_byname( pkc, remusr->d )) ) {
@@ -290,7 +359,7 @@ build_pkc_list( STRLIST remusr, PKC_LIST *ret_pkc_list )
log_error("error checking pkc of '%s': %s\n",
remusr->d, g10_errstr(rc) );
}
- else if( do_we_trust( pkc, trustlevel ) ) {
+ else if( do_we_trust_pre( pkc, trustlevel ) ) {
/* note: do_we_trust may have changed the trustlevel */
PKC_LIST r;
diff --git a/g10/seckey-cert.c b/g10/seckey-cert.c
index f963fd63f..85b0ed7af 100644
--- a/g10/seckey-cert.c
+++ b/g10/seckey-cert.c
@@ -195,7 +195,7 @@ check_rsa( PKT_secret_cert *cert )
case CIPHER_ALGO_NONE: BUG(); break;
case CIPHER_ALGO_BLOWFISH:
keyid_from_skc( cert, keyid );
- dek = get_passphrase_hash( keyid, NULL );
+ dek = get_passphrase_hash( keyid, NULL, NULL );
blowfish_ctx = m_alloc_secure( sizeof *blowfish_ctx );
blowfish_setkey( blowfish_ctx, dek->key, dek->keylen );
m_free(dek); /* pw is in secure memory, so m_free() burns it */
diff --git a/g10/sign.c b/g10/sign.c
index e3af619e2..55e5fbdd7 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -854,6 +854,84 @@ edit_keysigs( const char *username )
}
+/****************
+ * Eine public key aus dem keyring entfernen.
+ */
+int
+delete_key( const char *username )
+{
+ int rc = 0;
+ KBNODE keyblock = NULL;
+ KBNODE node;
+ KBPOS kbpos;
+ PKT_public_cert *pkc;
+ u32 pkc_keyid[2];
+ int okay=0;
+
+ /* search the userid */
+ rc = find_keyblock_byname( &kbpos, username );
+ if( rc ) {
+ log_error("%s: user not found\n", username );
+ goto leave;
+ }
+
+ /* read the keyblock */
+ rc = read_keyblock( &kbpos, &keyblock );
+ if( rc ) {
+ log_error("%s: certificate read problem: %s\n", username, g10_errstr(rc) );
+ goto leave;
+ }
+
+ /* get the keyid from the keyblock */
+ node = find_kbnode( keyblock, PKT_PUBLIC_CERT );
+ if( !node ) {
+ log_error("Oops; public key not found anymore!\n");
+ rc = G10ERR_GENERAL;
+ goto leave;
+ }
+
+ pkc = node->pkt->pkt.public_cert;
+ keyid_from_pkc( pkc, pkc_keyid );
+
+ if( opt.batch && opt.answer_yes )
+ okay++;
+ else if( opt.batch )
+ log_error("can't do that in batch-mode without \"--yes\"\n");
+ else {
+ char *p;
+ size_t n;
+
+ tty_printf("pub %4u%c/%08lX %s ",
+ nbits_from_pkc( pkc ),
+ pubkey_letter( pkc->pubkey_algo ),
+ pkc_keyid[1], datestr_from_pkc(pkc) );
+ p = get_user_id( pkc_keyid, &n );
+ tty_print_string( p, n );
+ m_free(p);
+ tty_printf("\n\n");
+
+ p = tty_get("Delete this key from the keyring? ");
+ tty_kill_prompt();
+ if( answer_is_yes(p) )
+ okay++;
+ m_free(p);
+ }
+
+
+ if( okay ) {
+ rc = delete_keyblock( &kbpos );
+ if( rc ) {
+ log_error("delete_keyblock failed: %s\n", g10_errstr(rc) );
+ goto leave;
+ }
+ }
+
+ leave:
+ release_kbnode( keyblock );
+ return rc;
+}
+
+
int
change_passphrase( const char *username )
{
diff --git a/g10/trustdb.c b/g10/trustdb.c
index 3554c6e5a..9f06bca92 100644
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@@ -1421,12 +1421,9 @@ do_check( ulong pubkeyid, TRUSTREC *dr, unsigned *trustlevel )
if( !rc && !dr->r.dir.sigrec ) {
/* See wether this is our own key */
- if( !qry_lid_table_flag( ultikey_table, pubkeyid, NULL ) ) {
+ if( !qry_lid_table_flag( ultikey_table, pubkeyid, NULL ) )
*trustlevel = tflags | TRUST_ULTIMATE;
- return 0;
- }
- else
- rc = -1;
+ return 0;
}
if( rc )
return rc; /* error while looking for sigrec or building sigrecs */
@@ -1774,8 +1771,8 @@ enum_trust_web( void **context, ulong *lid )
if( !c ) { /* make a new context */
c = m_alloc_clear( sizeof *c );
*context = c;
- if( *lid != last_trust_web_key )
- log_bug("enum_trust_web: nyi\n");
+ if( *lid != last_trust_web_key && last_trust_web_key )
+ log_bug("enum_trust_web: nyi\n"); /* <--- FIXME */
c->tsl = last_trust_web_tslist;
c->index = 1;
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-18 00:28:10 +0000