diff --git a/g10/ChangeLog b/g10/ChangeLog index 9bae16aa8..45464c9a8 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,5 +1,14 @@ 2004-03-04 David Shaw + * revoke.c (export_minimal_pk), export.c (do_export_stream), + passphrase.c (passphrase_to_dek), keyserver.c (print_keyrec): A + few more places to use --keyid-format. + + * options.h, g10.c (main), export.c (parse_export_options, + do_export_stream): Remove --export-all and the "include-non-rfc" + export-option as they are no longer meaningful with the removal of + v3 Elgamal keys. + * armor.c (fake_packet, armor_filter): Use the 2440 partial length encoding for the faked plaintext packet. diff --git a/g10/export.c b/g10/export.c index 069c8e108..9ac12e111 100644 --- a/g10/export.c +++ b/g10/export.c @@ -1,6 +1,6 @@ /* export.c - * Copyright (C) 1998, 1999, 2000, 2001, 2002 - * 2003 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, + * 2004 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -45,7 +45,6 @@ parse_export_options(char *str,unsigned int *options,int noisy) { struct parse_options export_opts[]= { - {"include-non-rfc",EXPORT_INCLUDE_NON_RFC,NULL}, {"include-local-sigs",EXPORT_INCLUDE_LOCAL_SIGS,NULL}, {"include-attributes",EXPORT_INCLUDE_ATTRIBUTES,NULL}, {"include-sensitive-revkeys",EXPORT_INCLUDE_SENSITIVE_REVKEYS,NULL}, @@ -186,17 +185,6 @@ do_export_stream( IOBUF out, STRLIST users, int secret, goto leave; } - /* do not export keys which are incompatible with rfc2440 */ - if( !(options&EXPORT_INCLUDE_NON_RFC) && - (node = find_kbnode( keyblock, PKT_PUBLIC_KEY )) ) { - PKT_public_key *pk = node->pkt->pkt.public_key; - if( pk->version == 3 && pk->pubkey_algo > 3 ) { - log_info(_("key %08lX: not a rfc2440 key - skipped\n"), - (ulong)keyid_from_pk( pk, NULL) ); - continue; - } - } - node=find_kbnode( keyblock, PKT_SECRET_KEY ); if(node) { @@ -207,16 +195,16 @@ do_export_stream( IOBUF out, STRLIST users, int secret, /* we can't apply GNU mode 1001 on an unprotected key */ if( secret == 2 && !sk->is_protected ) { - log_info(_("key %08lX: not protected - skipped\n"), - (ulong)sk_keyid[1]); + log_info(_("key %s: not protected - skipped\n"), + keystr(sk_keyid)); continue; } /* no v3 keys with GNU mode 1001 */ if( secret == 2 && sk->version == 3 ) { - log_info(_("key %08lX: PGP 2.x style key - skipped\n"), - (ulong)sk_keyid[1]); + log_info(_("key %s: PGP 2.x style key - skipped\n"), + keystr(sk_keyid)); continue; } } @@ -341,7 +329,8 @@ do_export_stream( IOBUF out, STRLIST users, int secret, continue; } - if( secret == 2 && node->pkt->pkttype == PKT_SECRET_KEY ) { + if( secret == 2 && node->pkt->pkttype == PKT_SECRET_KEY ) + { /* we don't want to export the secret parts of the * primary key, this is done by using GNU protection mode 1001 */ @@ -349,25 +338,26 @@ do_export_stream( IOBUF out, STRLIST users, int secret, node->pkt->pkt.secret_key->protect.s2k.mode = 1001; rc = build_packet( out, node->pkt ); node->pkt->pkt.secret_key->protect.s2k.mode = save_mode; - } - else { - /* Warn the user if the secret key or any of the secret - subkeys are protected with SHA1 and we have - simple_sk_checksum set. */ - if(!sha1_warned && opt.simple_sk_checksum && - (node->pkt->pkttype==PKT_SECRET_KEY || - node->pkt->pkttype==PKT_SECRET_SUBKEY) && - node->pkt->pkt.secret_key->protect.sha1chk) - { - /* I hope this warning doesn't confuse people. */ - log_info(_("WARNING: secret key %08lX does not have a " - "simple SK checksum\n"),(ulong)sk_keyid[1]); + } + else + { + /* Warn the user if the secret key or any of the secret + subkeys are protected with SHA1 and we have + simple_sk_checksum set. */ + if(!sha1_warned && opt.simple_sk_checksum && + (node->pkt->pkttype==PKT_SECRET_KEY || + node->pkt->pkttype==PKT_SECRET_SUBKEY) && + node->pkt->pkt.secret_key->protect.sha1chk) + { + /* I hope this warning doesn't confuse people. */ + log_info(_("WARNING: secret key %s does not have a " + "simple SK checksum\n"),keystr(sk_keyid)); - sha1_warned=1; - } + sha1_warned=1; + } rc = build_packet( out, node->pkt ); - } + } if( rc ) { log_error("build_packet(%d) failed: %s\n", diff --git a/g10/g10.c b/g10/g10.c index 815cb345f..3e5dd2950 100644 --- a/g10/g10.c +++ b/g10/g10.c @@ -113,7 +113,6 @@ enum cmd_and_opt_values aRecvKeys, aSearchKeys, aExport, - aExportAll, aExportSecret, aExportSecretSub, aCheckKeys, @@ -385,7 +384,6 @@ static ARGPARSE_OPTS opts[] = { N_("search for keys on a key server") }, { aRefreshKeys, "refresh-keys", 256, N_("update all keys from a keyserver")}, - { aExportAll, "export-all" , 256, "@" }, { aExportSecret, "export-secret-keys" , 256, "@" }, { aExportSecretSub, "export-secret-subkeys" , 256, "@" }, { aImport, "import", 256 , N_("import/merge keys")}, @@ -1435,11 +1433,9 @@ main( int argc, char **argv ) opt.force_v3_sigs = 1; opt.escape_from = 1; opt.import_options=IMPORT_SK2PK; - opt.export_options= - EXPORT_INCLUDE_NON_RFC|EXPORT_INCLUDE_ATTRIBUTES; + opt.export_options=EXPORT_INCLUDE_ATTRIBUTES; opt.keyserver_options.import_options=IMPORT_REPAIR_PKS_SUBKEY_BUG; - opt.keyserver_options.export_options= - EXPORT_INCLUDE_NON_RFC|EXPORT_INCLUDE_ATTRIBUTES; + opt.keyserver_options.export_options=EXPORT_INCLUDE_ATTRIBUTES; opt.keyserver_options.include_subkeys=1; opt.keyserver_options.include_revoked=1; opt.keyserver_options.try_dns_srv=1; @@ -1636,10 +1632,6 @@ main( int argc, char **argv ) case aSearchKeys: set_cmd( &cmd, aSearchKeys); break; case aRefreshKeys: set_cmd( &cmd, aRefreshKeys); break; case aExport: set_cmd( &cmd, aExport); break; - case aExportAll: - opt.export_options|=EXPORT_INCLUDE_NON_RFC; - set_cmd(&cmd,aExport); - break; case aListKeys: set_cmd( &cmd, aListKeys); break; case aListSigs: set_cmd( &cmd, aListSigs); break; case aExportSecret: set_cmd( &cmd, aExportSecret); break; diff --git a/g10/keyserver.c b/g10/keyserver.c index 98b5d0c58..e2224d3a0 100644 --- a/g10/keyserver.c +++ b/g10/keyserver.c @@ -276,13 +276,20 @@ print_keyrec(int number,struct keyrec *keyrec) switch(keyrec->desc.mode) { + /* If the keyserver helper gave us a short keyid, we have no + choice but to use it. Do check --keyid-format to add a 0x if + needed. */ case KEYDB_SEARCH_MODE_SHORT_KID: - printf("key %08lX",(ulong)keyrec->desc.u.kid[1]); + printf("key %s%08lX", + (opt.keyid_format==KF_0xSHORT + || opt.keyid_format==KF_0xLONG)?"0x":"", + (ulong)keyrec->desc.u.kid[1]); break; + /* However, if it gave us a long keyid, we can honor + --keyid-format */ case KEYDB_SEARCH_MODE_LONG_KID: - printf("key %08lX%08lX",(ulong)keyrec->desc.u.kid[0], - (ulong)keyrec->desc.u.kid[1]); + printf("key %s",keystr(keyrec->desc.u.kid)); break; case KEYDB_SEARCH_MODE_FPR16: diff --git a/g10/options.h b/g10/options.h index ee76a29e1..e948a1d53 100644 --- a/g10/options.h +++ b/g10/options.h @@ -242,10 +242,9 @@ struct #define IMPORT_SK2PK (1<<3) #define IMPORT_MERGE_ONLY (1<<4) -#define EXPORT_INCLUDE_NON_RFC (1<<0) -#define EXPORT_INCLUDE_LOCAL_SIGS (1<<1) -#define EXPORT_INCLUDE_ATTRIBUTES (1<<2) -#define EXPORT_INCLUDE_SENSITIVE_REVKEYS (1<<3) +#define EXPORT_INCLUDE_LOCAL_SIGS (1<<0) +#define EXPORT_INCLUDE_ATTRIBUTES (1<<1) +#define EXPORT_INCLUDE_SENSITIVE_REVKEYS (1<<2) #define LIST_SHOW_PHOTOS (1<<0) #define LIST_SHOW_POLICY_URLS (1<<1) diff --git a/g10/passphrase.c b/g10/passphrase.c index d3989bbe0..870ad9770 100644 --- a/g10/passphrase.c +++ b/g10/passphrase.c @@ -1,5 +1,6 @@ /* passphrase.c - Get a passphrase - * Copyright (C) 1998,1999,2000,2001,2002,2003 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, + * 2004 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -1124,12 +1125,21 @@ passphrase_to_dek( u32 *keyid, int pubkey_algo, if( !get_pubkey( pk, keyid ) ) { const char *s = pubkey_algo_to_string( pk->pubkey_algo ); - tty_printf( _("%u-bit %s key, ID %08lX, created %s"), - nbits_from_pk( pk ), s?s:"?", (ulong)keyid[1], + tty_printf( _("%u-bit %s key, ID %s, created %s"), + nbits_from_pk( pk ), s?s:"?", keystr(keyid), strtimestamp(pk->timestamp) ); if( keyid[2] && keyid[3] && keyid[0] != keyid[2] && keyid[1] != keyid[3] ) - tty_printf( _(" (main key ID %08lX)"), (ulong)keyid[3] ); + { + if(keystrlen()>10) + { + tty_printf("\n"); + tty_printf(_(" (main key ID %s)"), + keystr(&keyid[2]) ); + } + else + tty_printf( _(" (main key ID %s)"), keystr(&keyid[2]) ); + } tty_printf("\n"); } diff --git a/g10/revoke.c b/g10/revoke.c index d33e2f4b7..b973ff6cc 100644 --- a/g10/revoke.c +++ b/g10/revoke.c @@ -1,5 +1,6 @@ /* revoke.c - * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, + * 2004 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -89,7 +90,7 @@ export_minimal_pk(IOBUF out,KBNODE keyblock, node=find_kbnode(keyblock,PKT_PUBLIC_KEY); if(!node) { - log_error(_("key incomplete\n")); + log_error("key incomplete\n"); return G10ERR_GENERAL; } @@ -142,7 +143,7 @@ export_minimal_pk(IOBUF out,KBNODE keyblock, break; else { - log_error(_("key %08lX incomplete\n"),(ulong)keyid[1]); + log_error(_("key %s has no user IDs\n"),keystr(keyid)); return G10ERR_GENERAL; } }