security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-11 21:48:50 +01:00
Code Activity

* keyedit.c (keyedit_menu): Prompt for subkey removal for both secret and

Browse Source 
public subkeys.

* keylist.c (list_keyblock_print), keyedit.c (show_key_with_all_names):
Show the revocation date of a key/subkey, and general formatting work.

* packet.h, getkey.c (merge_selfsigs_main, merge_selfsigs_subkey,
merge_selfsigs): Keep track of the revocation date of a key.

* keydb.h, keyid.c (revokestr_from_pk): New function to print the
revocation date of a key.
This commit is contained in:
David Shaw 2004-02-11 04:32:52 +00:00
parent 9842d84da0
commit 7198879ca8
7 changed files with 73 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
g10/ChangeLog
View File

@ -1,5 +1,18 @@
2004-02-10 David Shaw <dshaw@jabberwocky.com> 2004-02-10 David Shaw <dshaw@jabberwocky.com>
* keyedit.c (keyedit_menu): Prompt for subkey removal for both
secret and public subkeys.
* keylist.c (list_keyblock_print), keyedit.c
(show_key_with_all_names): Show the revocation date of a
key/subkey, and general formatting work.
* packet.h, getkey.c (merge_selfsigs_main, merge_selfsigs_subkey,
merge_selfsigs): Keep track of the revocation date of a key.
* keydb.h, keyid.c (revokestr_from_pk): New function to print the
revocation date of a key.
* keygen.c (keygen_set_std_prefs): Build the default preferences * keygen.c (keygen_set_std_prefs): Build the default preferences
list at runtime as it properly handles algorithms disabled at list at runtime as it properly handles algorithms disabled at
build or run time. build or run time.

14
g10/getkey.c
View File

@ -1360,7 +1360,7 @@ fixup_uidnode ( KBNODE uidnode, KBNODE signode, u32 keycreated )
} }
static void static void
merge_selfsigs_main( KBNODE keyblock, int *r_revoked ) merge_selfsigs_main( KBNODE keyblock, int *r_revoked, u32 *r_revokedate )
{ {
PKT_public_key *pk = NULL; PKT_public_key *pk = NULL;
KBNODE k; KBNODE k;
@ -1375,6 +1375,7 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked )
byte sigversion = 0; byte sigversion = 0;
*r_revoked = 0; *r_revoked = 0;
*r_revokedate = 0;
if ( keyblock->pkt->pkttype != PKT_PUBLIC_KEY ) if ( keyblock->pkt->pkttype != PKT_PUBLIC_KEY )
BUG (); BUG ();
pk = keyblock->pkt->pkt.public_key; pk = keyblock->pkt->pkt.public_key;
@ -1420,6 +1421,7 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked )
* that key. * that key.
*/ */
*r_revoked = 1; *r_revoked = 1;
*r_revokedate = sig->timestamp;
} }
else if ( IS_KEY_SIG (sig) ) { else if ( IS_KEY_SIG (sig) ) {
/* Add any revocation keys onto the pk. This is /* Add any revocation keys onto the pk. This is
@ -1537,6 +1539,7 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked )
if(rc==0) if(rc==0)
{ {
*r_revoked=2; *r_revoked=2;
*r_revokedate=sig->timestamp;
/* don't continue checking since we can't be any /* don't continue checking since we can't be any
more revoked than this */ more revoked than this */
break; break;
@ -1875,6 +1878,7 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
problem is in the distribution. Plus, PGP (7) problem is in the distribution. Plus, PGP (7)
does this the same way. */ does this the same way. */
subpk->is_revoked = 1; subpk->is_revoked = 1;
subpk->revokedate = sig->timestamp;
/* although we could stop now, we continue to /* although we could stop now, we continue to
* figure out other information like the old expiration * figure out other information like the old expiration
* time */ * time */
@ -1946,6 +1950,7 @@ merge_selfsigs( KBNODE keyblock )
{ {
KBNODE k; KBNODE k;
int revoked; int revoked;
u32 revokedate;
PKT_public_key *main_pk; PKT_public_key *main_pk;
prefitem_t *prefs; prefitem_t *prefs;
int mdc_feature; int mdc_feature;
@ -1962,7 +1967,7 @@ merge_selfsigs( KBNODE keyblock )
BUG (); BUG ();
} }
merge_selfsigs_main ( keyblock, &revoked ); merge_selfsigs_main ( keyblock, &revoked, &revokedate );
/* now merge in the data from each of the subkeys */ /* now merge in the data from each of the subkeys */
for(k=keyblock; k; k = k->next ) { for(k=keyblock; k; k = k->next ) {
@ -1983,7 +1988,10 @@ merge_selfsigs( KBNODE keyblock )
if(!main_pk->is_valid) if(!main_pk->is_valid)
pk->is_valid = 0; pk->is_valid = 0;
if(revoked && !pk->is_revoked) if(revoked && !pk->is_revoked)
pk->is_revoked = revoked; {
pk->is_revoked = revoked;
pk->revokedate = revokedate;
}
if(main_pk->has_expired) if(main_pk->has_expired)
pk->has_expired = main_pk->has_expired; pk->has_expired = main_pk->has_expired;
} }

4
g10/keydb.h
View File

@ -1,5 +1,6 @@
/* keydb.h - Key database /* keydb.h - Key database
* Copyright (C) 1998, 1999, 2000, 2001, 2003 Free Software Foundation, Inc. * Copyright (C) 1998, 1999, 2000, 2001, 2003,
* 2004 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -251,6 +252,7 @@ const char *datestr_from_sig( PKT_signature *sig );
const char *expirestr_from_pk( PKT_public_key *pk ); const char *expirestr_from_pk( PKT_public_key *pk );
const char *expirestr_from_sk( PKT_secret_key *sk ); const char *expirestr_from_sk( PKT_secret_key *sk );
const char *expirestr_from_sig( PKT_signature *sig ); const char *expirestr_from_sig( PKT_signature *sig );
const char *revokestr_from_pk( PKT_public_key *pk );
const char *colon_strtime (u32 t); const char *colon_strtime (u32 t);
const char *colon_datestr_from_pk (PKT_public_key *pk); const char *colon_datestr_from_pk (PKT_public_key *pk);
const char *colon_datestr_from_sk (PKT_secret_key *sk); const char *colon_datestr_from_sk (PKT_secret_key *sk);

23
g10/keyedit.c
View File

@ -1468,8 +1468,7 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
if( !(n1=count_selected_keys( keyblock )) ) if( !(n1=count_selected_keys( keyblock )) )
tty_printf(_("You must select at least one key.\n")); tty_printf(_("You must select at least one key.\n"));
else if( sec_keyblock && !cpr_get_answer_is_yes( else if( !cpr_get_answer_is_yes( "keyedit.remove.subkey.okay",
"keyedit.remove.subkey.okay",
n1 > 1? n1 > 1?
_("Do you really want to delete the selected keys? "): _("Do you really want to delete the selected keys? "):
_("Do you really want to delete this key? ") _("Do you really want to delete this key? ")
@ -2076,9 +2075,14 @@ show_key_with_all_names( KBNODE keyblock, int only_marked, int with_revoker,
tty_printf("%08lX",(ulong)pk->keyid[0]); tty_printf("%08lX",(ulong)pk->keyid[0]);
tty_printf("%08lX ",(ulong)pk->keyid[1]); tty_printf("%08lX ",(ulong)pk->keyid[1]);
tty_printf(_("created: %s expires: %s"), tty_printf(_("created: %s"),datestr_from_pk(pk));
datestr_from_pk(pk), tty_printf(" ");
expirestr_from_pk(pk) ); if(pk->is_revoked)
tty_printf(_("revoked: %s"),revokestr_from_pk(pk));
else if(pk->has_expired)
tty_printf(_("expired: %s"),expirestr_from_pk(pk));
else
tty_printf(_("expires: %s"),expirestr_from_pk(pk));
tty_printf("\n"); tty_printf("\n");
if( node->pkt->pkttype == PKT_PUBLIC_KEY ) if( node->pkt->pkttype == PKT_PUBLIC_KEY )
@ -2091,7 +2095,14 @@ show_key_with_all_names( KBNODE keyblock, int only_marked, int with_revoker,
/* Ownertrust is only meaningful for the PGP or /* Ownertrust is only meaningful for the PGP or
classic trust models */ classic trust models */
if(opt.trust_model==TM_PGP || opt.trust_model==TM_CLASSIC) if(opt.trust_model==TM_PGP || opt.trust_model==TM_CLASSIC)
tty_printf(_("trust: %-13s"), otrust); {
int width=14-strlen(otrust);
if(width<=0)
width=1;
tty_printf(_("trust: %s"), otrust);
tty_printf("%*s",width,"");
}
tty_printf(_("validity: %s"), trust ); tty_printf(_("validity: %s"), trust );
tty_printf("\n"); tty_printf("\n");
} }

15
g10/keyid.c
View File

@ -1,5 +1,6 @@
/* keyid.c - key ID and fingerprint handling /* keyid.c - key ID and fingerprint handling
* Copyright (C) 1998, 1999, 2000, 2001, 2003 Free Software Foundation, Inc. * Copyright (C) 1998, 1999, 2000, 2001, 2003,
* 2004 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -395,6 +396,18 @@ expirestr_from_sig( PKT_signature *sig )
return mk_datestr (buffer, atime); return mk_datestr (buffer, atime);
} }
const char *
revokestr_from_pk( PKT_public_key *pk )
{
static char buffer[11+5];
time_t atime;
if(!pk->revokedate)
return _("never ");
atime=pk->revokedate;
return mk_datestr (buffer, atime);
}
const char * const char *
colon_strtime (u32 t) colon_strtime (u32 t)
{ {

24
g10/keylist.c
View File

@ -662,8 +662,15 @@ list_keyblock_print ( KBNODE keyblock, int secret, int fpr, void *opaque )
/* We didn't include this before in the key listing, but there /* We didn't include this before in the key listing, but there
is room in the new format, so why not? */ is room in the new format, so why not? */
if(newformat && pk->expiredate) if(newformat)
printf(_(" [expires: %s]"), expirestr_from_pk( pk ) ); {
if(pk->is_revoked)
printf(_(" [revoked: %s]"), revokestr_from_pk( pk ) );
else if(pk->has_expired)
printf(_(" [expired: %s]"), expirestr_from_pk( pk ) );
else if(pk->expiredate)
printf(_(" [expires: %s]"), expirestr_from_pk( pk ) );
}
#if 0 #if 0
/* I need to think about this some more. It's easy enough to /* I need to think about this some more. It's easy enough to
@ -697,7 +704,7 @@ list_keyblock_print ( KBNODE keyblock, int secret, int fpr, void *opaque )
if(uid->is_revoked || uid->is_expired) if(uid->is_revoked || uid->is_expired)
printf("uid%*s[%s] ", printf("uid%*s[%s] ",
(opt.list_options&LIST_SHOW_LONG_KEYIDS)?16:8,"", (opt.list_options&LIST_SHOW_LONG_KEYIDS)?16:8,"",
uid->is_revoked?"revoked":"expired"); uid->is_revoked?_("revoked"):_("expired"));
else if((opt.list_options&LIST_SHOW_VALIDITY) && pk) else if((opt.list_options&LIST_SHOW_VALIDITY) && pk)
{ {
const char *validity= const char *validity=
@ -750,14 +757,11 @@ list_keyblock_print ( KBNODE keyblock, int secret, int fpr, void *opaque )
else else
printf("%08lX",(ulong)keyid2[1]); printf("%08lX",(ulong)keyid2[1]);
printf(" %s",datestr_from_pk(pk2)); printf(" %s",datestr_from_pk(pk2));
/* Yes, this is an odd way to print the revoked string,
but we already have translations for "[revoked] " (with
the trailing space) and this is a simple way to take
advantage of it. In devel, this will be done rather
more elegantly. */
if( pk2->is_revoked ) if( pk2->is_revoked )
printf(" %s",_("[revoked] ")); printf(_(" [revoked: %s]"), revokestr_from_pk(pk2));
else if( pk2->expiredate ) else if( pk2->has_expired )
printf(_(" [expired: %s]"), expirestr_from_pk( pk2 ) );
else if( pk2->expiredate )
printf(_(" [expires: %s]"), expirestr_from_pk( pk2 ) ); printf(_(" [expires: %s]"), expirestr_from_pk( pk2 ) );
putchar('\n'); putchar('\n');
if( fpr > 1 ) if( fpr > 1 )

1
g10/packet.h
View File

@ -196,6 +196,7 @@ typedef struct {
u32 timestamp; /* key made */ u32 timestamp; /* key made */
u32 expiredate; /* expires at this date or 0 if not at all */ u32 expiredate; /* expires at this date or 0 if not at all */
u32 max_expiredate; /* must not expire past this date */ u32 max_expiredate; /* must not expire past this date */
u32 revokedate; /* revoked at this date */
byte hdrbytes; /* number of header bytes */ byte hdrbytes; /* number of header bytes */
byte version; byte version;
byte selfsigversion; /* highest version of all of the self-sigs */ byte selfsigversion; /* highest version of all of the self-sigs */