See ChangeLog: Wed Apr 28 13:03:03 CEST 1999 Werner Koch

2025-07-02 22:46:30 +02:00 · 1999-04-28 11:06:52 +00:00 · 1999-04-28 11:06:52 +00:00 · dbb6174399
commit dbb6174399
parent bbf86c6e59
13 changed files with 133 additions and 25 deletions
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@ -57,6 +57,7 @@ static int count_keys_with_flag( KBNODE keyblock, unsigned flag );
 static int count_selected_uids( KBNODE keyblock );
 static int count_selected_keys( KBNODE keyblock );
 static int menu_revsig( KBNODE keyblock );
+static int menu_revkey( KBNODE pub_keyblock, KBNODE sec_keyblock );

 #define CONTROL_D ('D' - 'A' + 1)

@ -523,7 +524,7 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands )
 {
    enum cmdids { cmdNONE = 0,
 	   cmdQUIT, cmdHELP, cmdFPR, cmdLIST, cmdSELUID, cmdCHECK, cmdSIGN,
-	   cmdLSIGN, cmdREVSIG,
+	   cmdLSIGN, cmdREVSIG, cmdREVKEY,
 	   cmdDEBUG, cmdSAVE, cmdADDUID, cmdDELUID, cmdADDKEY, cmdDELKEY,
 	   cmdTOGGLE, cmdSELKEY, cmdPASSWD, cmdTRUST, cmdPREF, cmdEXPIRE,
 	   cmdNOP };
@ -560,6 +561,7 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands )
 	{ N_("passwd")  , cmdPASSWD , 1, N_("change the passphrase") },
 	{ N_("trust")   , cmdTRUST , 0, N_("change the ownertrust") },
 	{ N_("revsig")  , cmdREVSIG , 0, N_("revoke signatures") },
+	{ N_("revkey")  , cmdREVKEY , 1, N_("revoke a secondary key") },

    { NULL, cmdNONE } };
    enum cmdids cmd;
@ -830,6 +832,28 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands )
 	    }
 	    break;

+	  case cmdREVKEY: {
+		int n1;
+
+		if( !(n1=count_selected_keys( keyblock )) )
+		    tty_printf(_("You must select at least one key.\n"));
+		else if( sec_keyblock && !cpr_get_answer_is_yes(
+			    "keyedit.revoke.subkey.okay",
+		       n1 > 1?
+			_("Do you really want to revoke the selected keys? "):
+			_("Do you really want to revoke this key? ")
+		       ))
+		    ;
+		else {
+		    if( menu_revkey( keyblock, sec_keyblock ) ) {
+			modified = 1;
+			/*sec_modified = 1;*/
+		    }
+		    redisplay = 1;
+		}
+	    }
+	    break;
+
 	  case cmdEXPIRE:
 	    if( menu_expire( keyblock, sec_keyblock ) ) {
 		merge_keys_and_selfsig( sec_keyblock );
@ -1663,4 +1687,56 @@ menu_revsig( KBNODE keyblock )
    return changed;
 }

+/****************
+ * Revoke some of the secondary keys.
+ * Hmmm: Should we add a revocation to the secret keyring too?
+ *	 Does its all make sense to duplicate most of the information?
+ */
+static int
+menu_revkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
+{
+    PKT_public_key *mainpk;
+    KBNODE node;
+    int changed = 0;
+    int upd_trust = 0;
+    int rc;
+
+  reloop: /* (better this way becuase we are modifing the keyring) */
+    mainpk = pub_keyblock->pkt->pkt.public_key;
+    for( node = pub_keyblock; node; node = node->next ) {
+	if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY
+	    && (node->flag & NODFLG_SELKEY) ) {
+	    PACKET *pkt;
+	    PKT_signature *sig;
+	    PKT_secret_key *sk;
+	    PKT_public_key *subpk = node->pkt->pkt.public_key;
+
+	    node->flag &= ~NODFLG_SELKEY;
+	    sk = copy_secret_key( NULL, sec_keyblock->pkt->pkt.secret_key );
+	    rc = make_keysig_packet( &sig, mainpk, NULL, subpk, sk, 0x28, 0,
+				     NULL, NULL );
+	    free_secret_key(sk);
+	    if( rc ) {
+		log_error(_("signing failed: %s\n"), g10_errstr(rc));
+		return changed;
+	    }
+	    changed = 1; /* we changed the keyblock */
+	    upd_trust = 1;
+
+	    pkt = m_alloc_clear( sizeof *pkt );
+	    pkt->pkttype = PKT_SIGNATURE;
+	    pkt->pkt.signature = sig;
+	    insert_kbnode( node, new_kbnode(pkt), PKT_SIGNATURE );
+	    goto reloop;
+	}
+    }
+    commit_kbnode( &pub_keyblock );
+    /*commit_kbnode( &sec_keyblock );*/
+
+    if( upd_trust )
+	clear_trust_checked_flag( mainpk );
+
+    return changed;
+}
+