diff --git a/g10/ChangeLog b/g10/ChangeLog index 6c0b23362..47243443b 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,5 +1,18 @@ 2004-10-06 David Shaw + * helptext.c, pkclist.c (do_we_trust): It is not possible to get + here with a revoked or expired key, so BUG() that case. Remove + question about overriding revoked/expired. Also + --keyid-format-ify. + (do_we_trust_pre): Use print_pubkey_info() instead of printing the + info ourselves. + + * passphrase.c (passphrase_to_dek): Improve translatability of + user ID prompts. + + * keylist.c (print_pubkey_info): Use the user ID the pk was + selected by, if any. + * keyedit.c (sign_uids, ask_revoke_sig): Improve translatability of user ID prompts. (ask_revoke_sig, menu_revsig): Try and use common strings for diff --git a/g10/helptext.c b/g10/helptext.c index ebaa48501..820f1b182 100644 --- a/g10/helptext.c +++ b/g10/helptext.c @@ -57,10 +57,6 @@ static struct helptexts { const char *key; const char *help; } helptexts[] = { "ultimately trusted\n" )}, -{ "revoked_key.override", N_( -"If you want to use this revoked key anyway, answer \"yes\"." -)}, - { "untrusted_key.override", N_( "If you want to use this untrusted key anyway, answer \"yes\"." )}, diff --git a/g10/keylist.c b/g10/keylist.c index ec19d9b54..f5578c28e 100644 --- a/g10/keylist.c +++ b/g10/keylist.c @@ -119,7 +119,7 @@ print_seckey_info (PKT_secret_key *sk) keyid_from_sk (sk, keyid); p=get_user_id_native(keyid); - tty_printf ("\nsec %4u%c/%s %s %s\n", + tty_printf ("\nsec %4u%c/%s %s %s\n", nbits_from_sk (sk), pubkey_letter (sk->pubkey_algo), keystr(keyid), datestr_from_sk (sk), p); @@ -137,15 +137,21 @@ print_pubkey_info (FILE *fp, PKT_public_key *pk) char *p; keyid_from_pk (pk, keyid); - p=get_user_id_native(keyid); + + /* If the pk was chosen by a particular user ID, that is the one to + print. */ + if(pk->user_id) + p=utf8_to_native(pk->user_id->name,pk->user_id->len,0); + else + p=get_user_id_native(keyid); if (fp) - fprintf (fp, "pub %4u%c/%s %s %s\n", + fprintf (fp, "pub %4u%c/%s %s %s\n", nbits_from_pk (pk), pubkey_letter (pk->pubkey_algo), keystr(keyid), datestr_from_pk (pk), p); else - tty_printf ("\npub %4u%c/%s %s %s\n", + tty_printf ("\npub %4u%c/%s %s %s\n", nbits_from_pk (pk), pubkey_letter (pk->pubkey_algo), keystr(keyid), datestr_from_pk (pk), p); diff --git a/g10/passphrase.c b/g10/passphrase.c index 4302075b7..37977fcf3 100644 --- a/g10/passphrase.c +++ b/g10/passphrase.c @@ -1133,15 +1133,13 @@ passphrase_to_dek( u32 *keyid, int pubkey_algo, information on that key. */ if( keyid && !opt.batch && !next_pw && mode!=1 ) { PKT_public_key *pk = m_alloc_clear( sizeof *pk ); - size_t n; char *p; - tty_printf(_("\nYou need a passphrase to unlock the secret key for\n" - "user: \"") ); - p = get_user_id( keyid, &n ); - tty_print_utf8_string( p, n ); + p=get_user_id_native(keyid); + tty_printf("\n"); + tty_printf(_("You need a passphrase to unlock the secret key for\n" + "user: \"%s\"\n"),p); m_free(p); - tty_printf("\"\n"); if( !get_pubkey( pk, keyid ) ) { const char *s = pubkey_algo_to_string( pk->pubkey_algo ); diff --git a/g10/pkclist.c b/g10/pkclist.c index 45b1c1485..5f4e30436 100644 --- a/g10/pkclist.c +++ b/g10/pkclist.c @@ -371,93 +371,54 @@ edit_ownertrust (PKT_public_key *pk, int mode ) * Returns: true if we trust. */ static int -do_we_trust( PKT_public_key *pk, unsigned int *trustlevel ) +do_we_trust( PKT_public_key *pk, unsigned int trustlevel ) { - unsigned int trustmask = 0; + /* We should not be able to get here with a revoked or expired + key */ + if(trustlevel & TRUST_FLAG_REVOKED + || trustlevel & TRUST_FLAG_SUB_REVOKED + || (trustlevel & TRUST_MASK) == TRUST_EXPIRED) + BUG(); - /* FIXME: get_pubkey_byname already checks the validity and won't - * return keys which are either expired or revoked - so these - * question here won't get triggered. We have to find a solution - * for this. It might make sense to have a function in getkey.c - * which does only the basic checks and returns even revoked and - * expired keys. This fnction could then also returhn a list of - * keys if the speicified name is ambiguous - */ - if( (*trustlevel & TRUST_FLAG_REVOKED) ) { - log_info(_("key %08lX: key has been revoked!\n"), - (ulong)keyid_from_pk( pk, NULL) ); - show_revocation_reason( pk, 0 ); - if( opt.batch ) - return 0; /* no */ - - if( !cpr_get_answer_is_yes("revoked_key.override", - _("Use this key anyway? ")) ) - return 0; /* no */ - trustmask |= TRUST_FLAG_REVOKED; - } - if( (*trustlevel & TRUST_FLAG_SUB_REVOKED) ) { - log_info(_("key %08lX: subkey has been revoked!\n"), - (ulong)keyid_from_pk( pk, NULL) ); - show_revocation_reason( pk, 0 ); - if( opt.batch ) - return 0; - - if( !cpr_get_answer_is_yes("revoked_key.override", - _("Use this key anyway? ")) ) - return 0; - trustmask |= TRUST_FLAG_SUB_REVOKED; - } - *trustlevel &= ~trustmask; - - if( opt.trust_model==TM_ALWAYS ) { - if( opt.verbose ) - log_info("No trust check due to --trust-model always option\n"); - return 1; + if( opt.trust_model==TM_ALWAYS ) + { + if( opt.verbose ) + log_info("No trust check due to `--trust-model always' option\n"); + return 1; } - switch( (*trustlevel & TRUST_MASK) ) { - case TRUST_EXPIRED: - log_info(_("%08lX: key has expired\n"), - (ulong)keyid_from_pk( pk, NULL) ); - return 0; /* no */ + switch(trustlevel & TRUST_MASK) + { + default: + log_error ("invalid trustlevel %u returned from validation layer\n", + trustlevel); + /* fall thru */ + case TRUST_UNKNOWN: + case TRUST_UNDEFINED: + log_info(_("%s: There is no assurance this key belongs" + " to the named user\n"),keystr_from_pk(pk)); + return 0; /* no */ - default: - log_error ("invalid trustlevel %u returned from validation layer\n", - *trustlevel); - /* fall thru */ - case TRUST_UNKNOWN: - case TRUST_UNDEFINED: - log_info(_("%08lX: There is no assurance this key belongs " - "to the named user\n"),(ulong)keyid_from_pk( pk, NULL) ); - return 0; /* no */ + case TRUST_MARGINAL: + log_info(_("%s: There is limited assurance this key belongs" + " to the named user\n"),keystr_from_pk(pk)); + return 1; /* yes */ - /* No way to get here? */ - case TRUST_NEVER: - log_info(_("%08lX: We do NOT trust this key\n"), - (ulong)keyid_from_pk( pk, NULL) ); - return 0; /* no */ + case TRUST_FULLY: + if( opt.verbose ) + log_info(_("This key probably belongs to the named user\n")); + return 1; /* yes */ - case TRUST_MARGINAL: - log_info(_("%08lX: There is limited assurance this key belongs " - "to the named user\n"),(ulong)keyid_from_pk(pk,NULL)); - return 1; /* yes */ - - case TRUST_FULLY: - if( opt.verbose ) - log_info(_("This key probably belongs to the named user\n")); - return 1; /* yes */ - - case TRUST_ULTIMATE: - if( opt.verbose ) - log_info(_("This key belongs to us\n")); - return 1; /* yes */ + case TRUST_ULTIMATE: + if( opt.verbose ) + log_info(_("This key belongs to us\n")); + return 1; /* yes */ } - return 1; /* yes */ + return 1; /* yes */ } - /**************** * wrapper around do_we_trust, so we can ask whether to use the * key anyway. @@ -465,58 +426,34 @@ do_we_trust( PKT_public_key *pk, unsigned int *trustlevel ) static int do_we_trust_pre( PKT_public_key *pk, unsigned int trustlevel ) { - int rc; + int rc; - rc = do_we_trust( pk, &trustlevel ); + rc = do_we_trust( pk, trustlevel ); - if( (trustlevel & TRUST_FLAG_REVOKED) && !rc ) - return 0; - if( (trustlevel & TRUST_FLAG_SUB_REVOKED) && !rc ) - return 0; + if( !opt.batch && !rc ) + { + print_pubkey_info(NULL,pk); + print_fingerprint (pk, NULL, 2); + tty_printf("\n"); - if( !opt.batch && !rc ) { - u32 keyid[2]; + tty_printf( + _("It is NOT certain that the key belongs to the person named\n" + "in the user ID. If you *really* know what you are doing,\n" + "you may answer the next question with yes.\n")); - keyid_from_pk( pk, keyid); - tty_printf( "%4u%c/%08lX %s \"", - nbits_from_pk( pk ), pubkey_letter( pk->pubkey_algo ), - (ulong)keyid[1], datestr_from_pk( pk ) ); - /* If the pk was chosen by a particular user ID, this is the - one to ask about. */ - if(pk->user_id) - tty_print_utf8_string(pk->user_id->name,pk->user_id->len); - else - { - size_t n; - char *p = get_user_id( keyid, &n ); - tty_print_utf8_string( p, n ); - m_free(p); - } - tty_printf("\"\n"); - print_fingerprint (pk, NULL, 2); - tty_printf("\n"); + tty_printf("\n"); - tty_printf(_( -"It is NOT certain that the key belongs to the person named\n" -"in the user ID. If you *really* know what you are doing,\n" -"you may answer the next question with yes\n\n")); - - if( cpr_get_answer_is_yes("untrusted_key.override", - _("Use this key anyway? ")) ) - rc = 1; - - /* Hmmm: Should we set a flag to tell the user about - * his decision the next time he encrypts for this recipient? - */ - } - else if( opt.trust_model==TM_ALWAYS && !rc ) { - if( !opt.quiet ) - log_info(_("WARNING: Using untrusted key!\n")); + if( cpr_get_answer_is_yes("untrusted_key.override", + _("Use this key anyway? ")) ) rc = 1; - } - return rc; -} + /* Hmmm: Should we set a flag to tell the user about + * his decision the next time he encrypts for this recipient? + */ + } + + return rc; +} /****************