v0.2.11

2025-07-02 22:46:30 +02:00 · 1998-03-03 08:43:28 +00:00 · 1998-03-03 08:43:28 +00:00 · 0eb5aa6cfd
commit 0eb5aa6cfd
parent b13e238a19
19 changed files with 226 additions and 264 deletions
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,23 @@
+Mon Mar  2 21:23:48 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+	* pkc_list.c (build_pkc_list): Add interactive input of user ID.
+
+Mon Mar  2 20:54:05 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+	* pkclist.c (do_we_trust_pre): New.
+	(add_ownertrust): Add message.
+	* trustdb.c (enum_trust_web): Quick fix.
+
+Mon Mar  2 13:50:53 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+	* g10.c (main): New action aDeleteKey
+	* sign.c (delete_key): New.
+
+Sun Mar  1 16:38:58 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+	* trustdb.c (do_check): No returns TRUST_UNDEFINED instead of
+	eof error.
+
 Fri Feb 27 18:14:03 1998  Werner Koch  (wk@isil.d.shuttle.de)

 	* armor.c (find_header): Removed trailing CR on headers.
--- a/g10/g10.c
+++ b/g10/g10.c
@ -120,7 +120,7 @@ static ARGPARSE_OPTS opts[] = {

 enum cmd_values { aNull = 0,
    aSym, aStore, aEncr, aKeygen, aSign, aSignEncr,
-    aSignKey, aClearsign, aListPackets, aEditSig,
+    aSignKey, aClearsign, aListPackets, aEditSig, aDeleteKey,
    aKMode, aKModeC, aChangePass, aImport,
    aExport, aCheckKeys, aGenRevoke,
 aNOP };
@ -416,6 +416,7 @@ main( int argc, char **argv )
 	  case 501: opt.answer_yes = 1; break;
 	  case 502: opt.answer_no = 1; break;
 	  case 503: set_cmd( &cmd, aKeygen); break;
+	  case 505: set_cmd( &cmd, aDeleteKey); break;
 	  case 506: set_cmd( &cmd, aSignKey); break;
 	  case 507: set_cmd( &cmd, aStore); break;
 	  case 508: set_cmd( &cmd, aCheckKeys);
@ -612,6 +613,14 @@ main( int argc, char **argv )
 	    log_error("%s: edit signature failed: %s\n", fname_print, g10_errstr(rc) );
 	break;

+      case aDeleteKey:
+	if( argc != 1 )
+	    wrong_args(_("--delete-key username"));
+	/* note: fname is the user id! */
+	if( (rc = delete_key(fname)) )
+	    log_error("%s: delete key failed: %s\n", fname_print, g10_errstr(rc) );
+	break;
+
      case aChangePass: /* Chnage the passphrase */
 	if( argc > 1 ) /* no arg: use default, 1 arg use this one */
 	    wrong_args(_("--change-passphrase [username]"));
--- a/g10/main.h
+++ b/g10/main.h
@ -53,6 +53,7 @@ int sign_file( STRLIST filenames, int detached, STRLIST locusr,
 int clearsign_file( const char *fname, STRLIST locusr, const char *outfile );
 int sign_key( const char *username, STRLIST locusr );
 int edit_keysigs( const char *username );
+int delete_key( const char *username );
 int change_passphrase( const char *username );

 /*-- sig-check.c --*/
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@ -153,11 +153,12 @@ _("Could not find a valid trust path to the key.  Lets see, wether we\n"
 	rc = 0;
    enum_trust_web( &context, NULL ); /* close */

+    if( !any )
+	tty_printf(_("No ownertrust values changed.\n\n") );

    return rc? rc : any? 0:-1;
 }

-
 /****************
 * Check wether we can trust this pkc which has a trustlevel of TRUSTLEVEL
 * Returns: true if we trust.
@ -218,7 +219,7 @@ do_we_trust( PKT_public_cert *pkc, int trustlevel )
 		return do_we_trust( pkc, trustlevel );
 	    }
 	}
-	return 0; /* no */
+	return 0; /* no FIXME: add "Proceed anyway?" */

      case TRUST_NEVER:
 	log_info("We do NOT trust this key\n");
@ -250,6 +251,32 @@ do_we_trust( PKT_public_cert *pkc, int trustlevel )
 }


+/****************
+ * wrapper arounf do_we_trust, so we can ask wether to use the
+ * key anyway.
+ */
+static int
+do_we_trust_pre( PKT_public_cert *pkc, int trustlevel )
+{
+    int rc = do_we_trust( pkc, trustlevel );
+
+    if( !opt.batch && !rc ) {
+	char *answer;
+
+	tty_printf(_(
+"It is NOT certain, that the key belongs to his owner.\n"
+"If you *really* know what you are doing, you may answer\n"
+"the next question with yes\n\n") );
+
+	answer = tty_get("Use this key anyway? ");
+	tty_kill_prompt();
+	if( answer_is_yes(answer) )
+	    rc = 1;
+	m_free(answer);
+    }
+    return rc;
+}
+

 void
 release_pkc_list( PKC_LIST pkc_list )
@ -267,14 +294,56 @@ int
 build_pkc_list( STRLIST remusr, PKC_LIST *ret_pkc_list )
 {
    PKC_LIST pkc_list = NULL;
-    int rc;
+    PKT_public_cert *pkc=NULL;
+    int rc=0;

-    if( !remusr ) { /* ask!!! */
-	log_bug("ask for public key nyi\n");
+    if( !remusr && !opt.batch ) { /* ask */
+	char *answer=NULL;
+
+	tty_printf(_(
+		"You did not specify a user ID. (you may use \"-r\")\n\n"));
+	for(;;) {
+	    rc = 0;
+	    m_free(answer);
+	    answer = tty_get(_("Enter the user ID: "));
+	    trim_spaces(answer);
+	    tty_kill_prompt();
+	    if( !*answer )
+		break;
+	    if( pkc )
+		free_public_cert( pkc );
+	    pkc = m_alloc_clear( sizeof *pkc );
+	    rc = get_pubkey_byname( pkc, answer );
+	    if( rc )
+		tty_printf("No such user ID.\n");
+	    else if( !(rc=check_pubkey_algo(pkc->pubkey_algo)) ) {
+		int trustlevel;
+
+		rc = check_trust( pkc, &trustlevel );
+		if( rc ) {
+		    log_error("error checking pkc of '%s': %s\n",
+						      answer, g10_errstr(rc) );
+		}
+		else if( do_we_trust_pre( pkc, trustlevel ) ) {
+		    PKC_LIST r;
+
+		    r = m_alloc( sizeof *r );
+		    r->pkc = pkc; pkc = NULL;
+		    r->next = pkc_list;
+		    r->mark = 0;
+		    pkc_list = r;
+		    break;
+		}
+	    }
+	}
+	m_free(answer);
+	if( pkc ) {
+	    free_public_cert( pkc );
+	    pkc = NULL;
+	}
    }
    else {
 	for(; remusr; remusr = remusr->next ) {
-	    PKT_public_cert *pkc;

 	    pkc = m_alloc_clear( sizeof *pkc );
 	    if( (rc = get_pubkey_byname( pkc, remusr->d )) ) {
@ -290,7 +359,7 @@ build_pkc_list( STRLIST remusr, PKC_LIST *ret_pkc_list )
 		    log_error("error checking pkc of '%s': %s\n",
 						      remusr->d, g10_errstr(rc) );
 		}
-		else if( do_we_trust( pkc, trustlevel ) ) {
+		else if( do_we_trust_pre( pkc, trustlevel ) ) {
 		    /* note: do_we_trust may have changed the trustlevel */
 		    PKC_LIST r;

--- a/g10/seckey-cert.c
+++ b/g10/seckey-cert.c
@ -195,7 +195,7 @@ check_rsa( PKT_secret_cert *cert )
 	  case CIPHER_ALGO_NONE: BUG(); break;
 	  case CIPHER_ALGO_BLOWFISH:
 	    keyid_from_skc( cert, keyid );
-	    dek = get_passphrase_hash( keyid, NULL );
+	    dek = get_passphrase_hash( keyid, NULL, NULL );
 	    blowfish_ctx = m_alloc_secure( sizeof *blowfish_ctx );
 	    blowfish_setkey( blowfish_ctx, dek->key, dek->keylen );
 	    m_free(dek); /* pw is in secure memory, so m_free() burns it */
--- a/g10/sign.c
+++ b/g10/sign.c
@ -854,6 +854,84 @@ edit_keysigs( const char *username )
 }


+/****************
+ * Eine public key aus dem keyring entfernen.
+ */
+int
+delete_key( const char *username )
+{
+    int rc = 0;
+    KBNODE keyblock = NULL;
+    KBNODE node;
+    KBPOS kbpos;
+    PKT_public_cert *pkc;
+    u32 pkc_keyid[2];
+    int okay=0;
+
+    /* search the userid */
+    rc = find_keyblock_byname( &kbpos, username );
+    if( rc ) {
+	log_error("%s: user not found\n", username );
+	goto leave;
+    }
+
+    /* read the keyblock */
+    rc = read_keyblock( &kbpos, &keyblock );
+    if( rc ) {
+	log_error("%s: certificate read problem: %s\n", username, g10_errstr(rc) );
+	goto leave;
+    }
+
+    /* get the keyid from the keyblock */
+    node = find_kbnode( keyblock, PKT_PUBLIC_CERT );
+    if( !node ) {
+	log_error("Oops; public key not found anymore!\n");
+	rc = G10ERR_GENERAL;
+	goto leave;
+    }
+
+    pkc = node->pkt->pkt.public_cert;
+    keyid_from_pkc( pkc, pkc_keyid );
+
+    if( opt.batch && opt.answer_yes )
+	okay++;
+    else if( opt.batch )
+	log_error("can't do that in batch-mode without \"--yes\"\n");
+    else {
+	char *p;
+	size_t n;
+
+	tty_printf("pub  %4u%c/%08lX %s   ",
+		  nbits_from_pkc( pkc ),
+		  pubkey_letter( pkc->pubkey_algo ),
+		  pkc_keyid[1], datestr_from_pkc(pkc) );
+	p = get_user_id( pkc_keyid, &n );
+	tty_print_string( p, n );
+	m_free(p);
+	tty_printf("\n\n");
+
+	p = tty_get("Delete this key from the keyring? ");
+	tty_kill_prompt();
+	if( answer_is_yes(p) )
+	    okay++;
+	m_free(p);
+    }
+
+
+    if( okay ) {
+	rc = delete_keyblock( &kbpos );
+	if( rc ) {
+	    log_error("delete_keyblock failed: %s\n", g10_errstr(rc) );
+	    goto leave;
+	}
+    }
+
+  leave:
+    release_kbnode( keyblock );
+    return rc;
+}
+
+
 int
 change_passphrase( const char *username )
 {
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@ -1421,12 +1421,9 @@ do_check( ulong pubkeyid, TRUSTREC *dr, unsigned *trustlevel )

    if( !rc && !dr->r.dir.sigrec ) {
 	/* See wether this is our own key */
-	if( !qry_lid_table_flag( ultikey_table, pubkeyid, NULL ) ) {
+	if( !qry_lid_table_flag( ultikey_table, pubkeyid, NULL ) )
 	    *trustlevel = tflags | TRUST_ULTIMATE;
-	    return 0;
-	}
-	else
-	    rc = -1;
+	return 0;
    }
    if( rc )
 	return rc;  /* error while looking for sigrec or building sigrecs */
@ -1774,8 +1771,8 @@ enum_trust_web( void **context, ulong *lid )
    if( !c ) { /* make a new context */
 	c = m_alloc_clear( sizeof *c );
 	*context = c;
-	if( *lid != last_trust_web_key )
-	    log_bug("enum_trust_web: nyi\n");
+	if( *lid != last_trust_web_key && last_trust_web_key )
+	    log_bug("enum_trust_web: nyi\n"); /* <--- FIXME */
 	c->tsl = last_trust_web_tslist;
 	c->index = 1;
    }