diff --git a/doc/gpg.texi b/doc/gpg.texi index c617e1971..25065f8e4 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -968,7 +968,8 @@ signing. --version} to get a list of available algorithms. Note that while you can change the preferences on an attribute user ID (aka "photo ID"), GnuPG does not select keys via attribute user IDs so these preferences - will not be used by GnuPG. + will not be used by GnuPG. Note that an unattended version of this + command is available as @option{--quick-update-pref}. When setting preferences, you should list the algorithms in the order which you'd like to see them used by someone else when encrypting a @@ -1196,6 +1197,16 @@ user ID which shall be flagged as the primary user ID. The primary user ID flag is removed from all other user ids and the timestamp of all affected self-signatures is set one second ahead. +@item --quick-update-pref @var{user-id} +@opindex quick-update-pref +This command updates the preference list of the key to the current +default value (either built-in or set via +@option{--default-preference-list}). This is the unattended version +of of using "setpref" in the @option{--key-edit} menu without giving a +list. Note that you can show the preferences in a key listing by +using @option{--list-options show-pref} or @option{--list-options +show-pref-verbose}. You should also re-distribute updated keys to +your peers. @item --change-passphrase @var{user-id} @opindex change-passphrase diff --git a/g10/encrypt.c b/g10/encrypt.c index 33a5126d0..1151fd9a0 100644 --- a/g10/encrypt.c +++ b/g10/encrypt.c @@ -351,7 +351,7 @@ use_aead (pk_list_t pk_list, int algo) { if (!can_use) { - log_info ("Warning: request to use AEAD ignored for cipher '%s'\n", + log_info ("Warning: request to use OCB ignored for cipher '%s'\n", openpgp_cipher_algo_name (algo)); return 0; } @@ -470,7 +470,7 @@ encrypt_simple (const char *filename, int mode, int use_seskey) if (use_seskey && s2k->mode != 1 && s2k->mode != 3) { use_seskey = 0; - log_info (_("can't use a symmetric ESK packet " + log_info (_("can't use a SKESK packet" "due to the S2K mode\n")); } diff --git a/g10/gpg.c b/g10/gpg.c index 37533bce5..1514254b9 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -1,7 +1,7 @@ /* gpg.c - The GnuPG OpenPGP tool * Copyright (C) 1998-2020 Free Software Foundation, Inc. * Copyright (C) 1997-2019 Werner Koch - * Copyright (C) 2015-2021 g10 Code GmbH + * Copyright (C) 2015-2022 g10 Code GmbH * * This file is part of GnuPG. * @@ -133,6 +133,7 @@ enum cmd_and_opt_values aQuickRevUid, aQuickSetExpire, aQuickSetPrimaryUid, + aQuickUpdatePref, aListConfig, aListGcryptConfig, aGPGConfList, @@ -489,6 +490,7 @@ static gpgrt_opt_t opts[] = { ARGPARSE_c (aQuickSetExpire, "quick-set-expire", N_("quickly set a new expiration date")), ARGPARSE_c (aQuickSetPrimaryUid, "quick-set-primary-uid", "@"), + ARGPARSE_c (aQuickUpdatePref, "quick-update-pref", "@"), ARGPARSE_c (aFullKeygen, "full-generate-key" , N_("full featured key pair generation")), ARGPARSE_c (aFullKeygen, "full-gen-key", "@"), @@ -2677,6 +2679,7 @@ main (int argc, char **argv) case aQuickRevUid: case aQuickSetExpire: case aQuickSetPrimaryUid: + case aQuickUpdatePref: case aExportOwnerTrust: case aImportOwnerTrust: case aRebuildKeydbCaches: @@ -4280,6 +4283,7 @@ main (int argc, char **argv) case aQuickAddKey: case aQuickRevUid: case aQuickSetPrimaryUid: + case aQuickUpdatePref: case aFullKeygen: case aKeygen: case aImport: @@ -4780,6 +4784,14 @@ main (int argc, char **argv) } break; + case aQuickUpdatePref: + { + if (argc != 1) + wrong_args ("--quick-update-pref USER-ID"); + keyedit_quick_update_pref (ctrl, *argv); + } + break; + case aFastImport: opt.import_options |= IMPORT_FAST; /* fall through */ case aImport: diff --git a/g10/keyedit.c b/g10/keyedit.c index ed2732850..83c20b846 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -1,7 +1,7 @@ /* keyedit.c - Edit properties of a key * Copyright (C) 1998-2010 Free Software Foundation, Inc. * Copyright (C) 1998-2017 Werner Koch - * Copyright (C) 2015, 2016 g10 Code GmbH + * Copyright (C) 2015, 2016, 2022 g10 Code GmbH * * This file is part of GnuPG. * @@ -78,7 +78,8 @@ static gpg_error_t menu_expire (ctrl_t ctrl, kbnode_t pub_keyblock, static int menu_changeusage (ctrl_t ctrl, kbnode_t keyblock); static int menu_backsign (ctrl_t ctrl, kbnode_t pub_keyblock); static int menu_set_primary_uid (ctrl_t ctrl, kbnode_t pub_keyblock); -static int menu_set_preferences (ctrl_t ctrl, kbnode_t pub_keyblock); +static int menu_set_preferences (ctrl_t ctrl, kbnode_t pub_keyblock, + int unattended); static int menu_set_keyserver_url (ctrl_t ctrl, const char *url, kbnode_t pub_keyblock); static int menu_set_notation (ctrl_t ctrl, @@ -2157,7 +2158,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, " for the selected user IDs? (y/N) ") : _("Really update the preferences? (y/N) "))) { - if (menu_set_preferences (ctrl, keyblock)) + if (menu_set_preferences (ctrl, keyblock, 0)) { merge_keys_and_selfsig (ctrl, keyblock); modified = 1; @@ -2654,6 +2655,45 @@ keyedit_quick_set_primary (ctrl_t ctrl, const char *username, } +/* Unattended updating of the preference tro the standard preferences. + * USERNAME specifies the key. This is basically the same as + * gpg --edit-key < updpref save + */ +void +keyedit_quick_update_pref (ctrl_t ctrl, const char *username) +{ + gpg_error_t err; + KEYDB_HANDLE kdbhd = NULL; + kbnode_t keyblock = NULL; + +#ifdef HAVE_W32_SYSTEM + /* See keyedit_menu for why we need this. */ + check_trustdb_stale (ctrl); +#endif + + err = quick_find_keyblock (ctrl, username, 1, &kdbhd, &keyblock); + if (err) + goto leave; + + if (menu_set_preferences (ctrl, keyblock, 1)) + { + merge_keys_and_selfsig (ctrl, keyblock); + err = keydb_update_keyblock (ctrl, kdbhd, keyblock); + if (err) + { + log_error (_("update failed: %s\n"), gpg_strerror (err)); + goto leave; + } + } + + leave: + if (err) + write_status_error ("keyedit.updpref", err); + release_kbnode (keyblock); + keydb_release (kdbhd); +} + + /* Find a keyblock by fingerprint because only this uniquely * identifies a key and may thus be used to select a key for * unattended subkey creation os key signing. */ @@ -5112,10 +5152,11 @@ menu_set_primary_uid (ctrl_t ctrl, kbnode_t pub_keyblock) /* - * Set preferences to new values for the selected user IDs + * Set preferences to new values for the selected user IDs. + * --quick-update-pred calls this with UNATTENDED set. */ static int -menu_set_preferences (ctrl_t ctrl, kbnode_t pub_keyblock) +menu_set_preferences (ctrl_t ctrl, kbnode_t pub_keyblock, int unattended) { PKT_public_key *main_pk; PKT_user_id *uid; @@ -5124,9 +5165,10 @@ menu_set_preferences (ctrl_t ctrl, kbnode_t pub_keyblock) int selected, select_all; int modified = 0; - no_primary_warning (pub_keyblock); + if (!unattended) + no_primary_warning (pub_keyblock); - select_all = !count_selected_uids (pub_keyblock); + select_all = unattended? 1 : !count_selected_uids (pub_keyblock); /* Now we can actually change the self signature(s) */ main_pk = NULL; diff --git a/g10/keyedit.h b/g10/keyedit.h index b6e5b58b9..ea4fd253c 100644 --- a/g10/keyedit.h +++ b/g10/keyedit.h @@ -55,6 +55,7 @@ void keyedit_quick_set_expire (ctrl_t ctrl, char **subkeyfprs); void keyedit_quick_set_primary (ctrl_t ctrl, const char *username, const char *primaryuid); +void keyedit_quick_update_pref (ctrl_t ctrl, const char *username); void show_basic_key_info (ctrl_t ctrl, kbnode_t keyblock, int print_sec); int keyedit_print_one_sig (ctrl_t ctrl, estream_t fp, int rc, kbnode_t keyblock,