From 45ed901c466bd72118c2844069f566e190d847d6 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Tue, 10 Jun 2014 14:54:55 +0200
Subject: [PATCH] gpg: Use more specific reason codes for INV_RECP.

* g10/pkclist.c (find_and_check_key, build_pk_list): Use more specific
reasons codes for INV_RECP.
--

GnuPG-bug-id: 1650
---
 doc/DETAILS   |  2 ++
 g10/pkclist.c | 22 +++++++++++++++-------
 2 files changed, 17 insertions(+), 7 deletions(-)

diff --git a/doc/DETAILS b/doc/DETAILS
index 17c417e18..311dfe3a4 100644
--- a/doc/DETAILS
+++ b/doc/DETAILS
@@ -583,6 +583,8 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
        - 10 :: Key not trusted
        - 11 :: Missing certificate
        - 12 :: Missing issuer certificate
+       - 13 :: Key disabled
+       - 14 :: Syntax error in specification
 
     Note that for historical reasons the INV_RECP status is also used
     for gpgsm's SIGNER command where it relates to signer's of course.
diff --git a/g10/pkclist.c b/g10/pkclist.c
index 49cd30926..e783ae419 100644
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@@ -802,9 +802,18 @@ find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use,
   rc = get_pubkey_byname (ctrl, NULL, pk, name, NULL, NULL, 0, 0);
   if (rc)
     {
+      int code;
+
       /* Key not found or other error. */
       log_error (_("%s: skipped: %s\n"), name, g10_errstr(rc) );
-      send_status_inv_recp (0, name);
+      switch (gpg_err_code (rc))
+        {
+        case GPG_ERR_NO_SECKEY:
+        case GPG_ERR_NO_PUBKEY:   code =  1; break;
+        case GPG_ERR_INV_USER_ID: code = 14; break;
+        default: code = 0; break;
+        }
+      send_status_inv_recp (code, name);
       free_public_key (pk);
       return rc;
     }
@@ -813,7 +822,7 @@ find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use,
   if (rc)
     {
       /* Key found but not usable for us (e.g. sign-only key). */
-      send_status_inv_recp (0, name);
+      send_status_inv_recp (3, name); /* Wrong key usage */
       log_error (_("%s: skipped: %s\n"), name, g10_errstr(rc) );
       free_public_key (pk);
       return rc;
@@ -824,7 +833,7 @@ find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use,
   if ( (trustlevel & TRUST_FLAG_DISABLED) )
     {
       /* Key has been disabled. */
-      send_status_inv_recp (0, name);
+      send_status_inv_recp (13, name);
       log_info (_("%s: skipped: public key is disabled\n"), name);
       free_public_key (pk);
       return G10ERR_UNU_PUBKEY;
@@ -936,7 +945,7 @@ build_pk_list (ctrl_t ctrl,
           pk->req_usage = use;
 
           /* We explicitly allow encrypt-to to an disabled key; thus
-             we pass 1for the second last argument and 1 as the last
+             we pass 1 for the second last argument and 1 as the last
              argument to disable AKL. */
           if ( (rc = get_pubkey_byname (ctrl,
                                         NULL, pk, rov->d, NULL, NULL, 1, 1)) )
@@ -981,11 +990,10 @@ build_pk_list (ctrl_t ctrl,
             }
           else
             {
-              /* The public key is not usable for encryption or not
-                 available. */
+              /* The public key is not usable for encryption. */
               free_public_key( pk ); pk = NULL;
               log_error(_("%s: skipped: %s\n"), rov->d, g10_errstr(rc) );
-              send_status_inv_recp (0, rov->d);
+              send_status_inv_recp (3, rov->d); /* Wrong key usage */
               goto fail;
             }
         }