Give sensible error messages when trying to delete secret key.

2025-01-03 12:11:33 +01:00 · 2011-04-29 12:01:52 +02:00 · 2011-04-29 12:01:52 +02:00 · a286e95f3a
commit a286e95f3a
parent 25f292ed89
2 changed files with 26 additions and 11 deletions
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,9 @@
+2011-04-29  Marcus Brinkmann  <marcus@g10code.com>
+
+	* delkey.c (do_delete_key): Access public keyblock even for secret
+	key operations.  But deleting secret key is not supported yet, so
+	give an error.  Limit secret-key-exists error case to public keys.
+
 2011-04-28  Werner Koch  <wk@g10code.com>

 	* ecdh.c (pk_ecdh_encrypt_with_shared_point): Remove memory leak
--- a/g10/delkey.c
+++ b/g10/delkey.c
@ -83,7 +83,7 @@ do_delete_key( const char *username, int secret, int force, int *r_sec_avail )
    }

    /* get the keyid from the keyblock */
-    node = find_kbnode( keyblock, secret? PKT_SECRET_KEY:PKT_PUBLIC_KEY );
+    node = find_kbnode( keyblock, PKT_PUBLIC_KEY );
    if( !node ) {
 	log_error("Oops; key not found anymore!\n");
 	rc = G10ERR_GENERAL;
@ -93,7 +93,7 @@ do_delete_key( const char *username, int secret, int force, int *r_sec_avail )
    pk = node->pkt->pkt.public_key;
    keyid_from_pk( pk, keyid );

-    if (!force)
+    if (!secret && !force)
      {
        if (have_secret_key_with_kid (keyid))
          {
@ -146,20 +146,29 @@ do_delete_key( const char *username, int secret, int force, int *r_sec_avail )


    if( okay ) {
-	rc = keydb_delete_keyblock (hd);
-	if (rc) {
+      if (secret)
+	{
+	  log_error (_("deleting secret key not implemented\n"));
+	  rc = gpg_error (GPG_ERR_NOT_IMPLEMENTED); /* FIXME */
+	  goto leave;
+	}
+      else
+	{
+	  rc = keydb_delete_keyblock (hd);
+	  if (rc) {
 	    log_error (_("deleting keyblock failed: %s\n"), g10_errstr(rc) );
 	    goto leave;
+	  }
 	}

-	/* Note that the ownertrust being cleared will trigger a
-           revalidation_mark().  This makes sense - only deleting keys
-           that have ownertrust set should trigger this. */
+      /* Note that the ownertrust being cleared will trigger a
+	 revalidation_mark().  This makes sense - only deleting keys
+	 that have ownertrust set should trigger this. */

-        if (!secret && pk && clear_ownertrusts (pk)) {
-          if (opt.verbose)
-            log_info (_("ownertrust information cleared\n"));
-        }
+      if (!secret && pk && clear_ownertrusts (pk)) {
+	if (opt.verbose)
+	  log_info (_("ownertrust information cleared\n"));
+      }
    }

  leave: