security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-02-22 19:58:29 +01:00
Code Activity

Fixed the new key selection code

Browse Source
This commit is contained in:
Werner Koch 2001-03-03 16:17:55 +00:00
parent 2473b7e2f0
commit fbbcb797c5
20 changed files with 211 additions and 94 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
TODO
View File

@ -1,10 +1,13 @@
* check whether we can remove all the expire stuff in trustdb because this
is now done getkey.
* ask for alternate filename?
* Can we output things like the preferences? * Can we output things like the preferences?
* Add Dave's UTS patches * Add Dave's UTS patches
* Fix revoked subkey problem - see key 621cc013
** Check whether the use of -u and --clearsign created 2 signatures. ** Check whether the use of -u and --clearsign created 2 signatures.
removed dups from the skclist. removed dups from the skclist.
@ -43,6 +46,7 @@
* Add a way to show the fingerprint of an key signator's keys * Add a way to show the fingerprint of an key signator's keys
* New option --file-remove path-to-wipe-program ?
Scheduled for 1.1 Scheduled for 1.1
----------------- -----------------

5
checks/ChangeLog
View File

@ -1,3 +1,8 @@
2001-02-12 Werner Koch <wk@gnupg.org>
* multisig.test: new
* Makefile.am (TESTS): Added.
2000-10-18 Werner Koch <wk@gnupg.org> 2000-10-18 Werner Koch <wk@gnupg.org>
* conventional-mdc.test: Add Rijndael and fix for empty plain texts. * conventional-mdc.test: Add Rijndael and fix for empty plain texts.

1
checks/run-gpg.patterns
View File

@ -11,3 +11,4 @@ gpg: NOTE: signature key expired
NOTE: this is a development version! NOTE: this is a development version!
gpg: encrypted with gpg: encrypted with
"test two (no pp) <two@test.nowhere.nil>" "test two (no pp) <two@test.nowhere.nil>"
gpg: using secondary key

4
doc/ChangeLog
View File

@ -1,3 +1,7 @@
2001-03-03 Werner Koch <wk@gnupg.org>
* gpg.sgml: Tell something about the 0x12345678! key ID syntax.
2001-01-18 Werner Koch <wk@gnupg.org> 2001-01-18 Werner Koch <wk@gnupg.org>
* README.W32: Changed building instructions for MinGW32/CPD 0.3 * README.W32: Changed building instructions for MinGW32/CPD 0.3

5
doc/DETAILS
View File

@ -67,6 +67,9 @@ more arguments in future versions.
GOODSIG <long keyid> <username> GOODSIG <long keyid> <username>
The signature with the keyid is good. The signature with the keyid is good.
For each signature only one of the three codes GOODSIG, BADSIG
or ERRSIG will be emitted and they may be used as a marker for
a new signature.
BADSIG <long keyid> <username> BADSIG <long keyid> <username>
The signature with the keyid has not been verified okay. The signature with the keyid has not been verified okay.
@ -82,7 +85,7 @@ more arguments in future versions.
VALIDSIG <fingerprint in hex> <sig_creation_date> <sig-timestamp> VALIDSIG <fingerprint in hex> <sig_creation_date> <sig-timestamp>
The signature with the keyid is good. This is the same The signature with the keyid is good. This is the same
as GOODSIG but has the fingerprint as the argument. Both as GOODSIG but has the fingerprint as the argument. Both
status lines ere emitted for a good signature. status lines are emitted for a good signature.
sig-timestamp is the signature creation time in seconds after sig-timestamp is the signature creation time in seconds after
the epoch. the epoch.

7
doc/gpg.sgml
View File

@ -1532,6 +1532,13 @@ in front.
</variablelist> </variablelist>
<para>
Note that you can append an exclamation mark to key IDs or
fingerprints. This flag which tells GnuPG to use exactly
that primary or secondary key and don't try to figure out which
secondary or primary key to use.
</para>
</refsect1> </refsect1>

28
g10/ChangeLog
View File

@ -1,3 +1,29 @@
2001-03-03 Werner Koch <wk@gnupg.org>
* getkey.c: Introduced a new lookup context flag "exact" and used
it in all place where we once used primary.
(classify_user_id2): Replaced the old function and add an extra
argument to return whether an exact keyID has been requested.
(key_byname): Removed the unused ctx.primary flag
(get_seckey_byname2): Ditto.
(finish_lookup): Changed debugging output.
2001-03-02 Werner Koch <wk@gnupg.org>
* keylist.c (list_one): Remove the merge key calls.
2001-03-01 Werner Koch <wk@gnupg.org>
* getkey.c (finish_lookup): Don't use it if we no specific usage
has been requested.
(merge_selfsigs_main): fix UID only if we have an signature.
(lookup): Return UNU_PUBKEY etc. instead of NO_PUBKEY if we found
a key but the requested usage does not allow this key.
* import.c (import_one): Take UNU_PUBKEY into account.
* mainproc.c (list_node): Ditto.
* keylist.c (list_keyblock): Ditto.
* keyedit.c (print_and_check_one_sig): Ditto.
2001-02-09 Werner Koch <wk@gnupg.org> 2001-02-09 Werner Koch <wk@gnupg.org>
* delkey.c (delete_key): Removed that silly assert which rendered * delkey.c (delete_key): Removed that silly assert which rendered
@ -121,7 +147,7 @@
* g10.c: New option --allow-secret-key-import. * g10.c: New option --allow-secret-key-import.
* import.c (import_keys,import_keys_stream): Honor this option. * import.c (import_keys,import_keys_stream): Honor this option.
(import): New arg allow_secret and pass that arg down to ... (import): New arg allow_secret and pass that arg down to ...
(import_secret_one): to this and print a warnign if secret key (import_secret_one): to this and print a warning if secret key
importing is not allowed. importing is not allowed.
2000-12-05 Werner Koch <wk@gnupg.org> 2000-12-05 Werner Koch <wk@gnupg.org>

115
g10/getkey.c
View File

@ -97,8 +97,7 @@ typedef struct {
} getkey_item_t; } getkey_item_t;
struct getkey_ctx_s { struct getkey_ctx_s {
/* make an array or a linked list from dome fields */ int exact;
int primary;
KBNODE keyblock; KBNODE keyblock;
KBPOS kbpos; KBPOS kbpos;
KBNODE found_key; /* pointer into some keyblock */ KBNODE found_key; /* pointer into some keyblock */
@ -418,6 +417,7 @@ get_pubkey( PKT_public_key *pk, u32 *keyid )
{ struct getkey_ctx_s ctx; { struct getkey_ctx_s ctx;
KBNODE kb = NULL; KBNODE kb = NULL;
memset( &ctx, 0, sizeof ctx ); memset( &ctx, 0, sizeof ctx );
ctx.exact = 1; /* use the key ID exactly as given */
ctx.not_allocated = 1; ctx.not_allocated = 1;
ctx.nitems = 1; ctx.nitems = 1;
ctx.items[0].mode = 11; ctx.items[0].mode = 11;
@ -473,6 +473,7 @@ get_pubkeyblock( u32 *keyid )
KBNODE keyblock = NULL; KBNODE keyblock = NULL;
memset( &ctx, 0, sizeof ctx ); memset( &ctx, 0, sizeof ctx );
/* co need to set exact here because we want the entire block */
ctx.not_allocated = 1; ctx.not_allocated = 1;
ctx.nitems = 1; ctx.nitems = 1;
ctx.items[0].mode = 11; ctx.items[0].mode = 11;
@ -498,6 +499,7 @@ get_seckey( PKT_secret_key *sk, u32 *keyid )
KBNODE kb = NULL; KBNODE kb = NULL;
memset( &ctx, 0, sizeof ctx ); memset( &ctx, 0, sizeof ctx );
ctx.exact = 1; /* use the key ID exactly as given */
ctx.not_allocated = 1; ctx.not_allocated = 1;
ctx.nitems = 1; ctx.nitems = 1;
ctx.items[0].mode = 11; ctx.items[0].mode = 11;
@ -536,6 +538,7 @@ seckey_available( u32 *keyid )
KBNODE kb = NULL; KBNODE kb = NULL;
memset( &ctx, 0, sizeof ctx ); memset( &ctx, 0, sizeof ctx );
ctx.exact = 1; /* use the key ID exactly as given */
ctx.not_allocated = 1; ctx.not_allocated = 1;
ctx.nitems = 1; ctx.nitems = 1;
ctx.items[0].mode = 11; ctx.items[0].mode = 11;
@ -620,15 +623,16 @@ hextobyte( const byte *s )
* is not case sensitive. * is not case sensitive.
*/ */
int static int
classify_user_id( const char *name, u32 *keyid, byte *fprint, classify_user_id2( const char *name, u32 *keyid, byte *fprint,
const char **retstr, size_t *retlen ) const char **retstr, size_t *retlen, int *force_exact )
{ {
const char * s; const char * s;
int mode = 0; int mode = 0;
int hexprefix = 0; int hexprefix = 0;
int hexlength; int hexlength;
*force_exact = 0;
/* skip leading spaces. FIXME: what is with leading spaces? */ /* skip leading spaces. FIXME: what is with leading spaces? */
for(s = name; *s && isspace(*s); s++ ) for(s = name; *s && isspace(*s); s++ )
; ;
@ -707,6 +711,10 @@ classify_user_id( const char *name, u32 *keyid, byte *fprint,
} }
hexlength = strspn(s, "0123456789abcdefABCDEF"); hexlength = strspn(s, "0123456789abcdefABCDEF");
if (hexlength >= 8 && s[hexlength] =='!') {
*force_exact = 1;
hexlength++; /* just for the following check */
}
/* check if a hexadecimal number is terminated by EOS or blank */ /* check if a hexadecimal number is terminated by EOS or blank */
if (hexlength && s[hexlength] && !isspace(s[hexlength])) { if (hexlength && s[hexlength] && !isspace(s[hexlength])) {
@ -716,6 +724,9 @@ classify_user_id( const char *name, u32 *keyid, byte *fprint,
hexlength = 0; /* a hex number, but really were not. */ hexlength = 0; /* a hex number, but really were not. */
} }
if (*force_exact)
hexlength--;
if (hexlength == 8 if (hexlength == 8
|| (!hexprefix && hexlength == 9 && *s == '0')){ || (!hexprefix && hexlength == 9 && *s == '0')){
/* short keyid */ /* short keyid */
@ -775,6 +786,7 @@ classify_user_id( const char *name, u32 *keyid, byte *fprint,
if (hexprefix) /* This was a hex number with a prefix */ if (hexprefix) /* This was a hex number with a prefix */
return 0; /* and a wrong length */ return 0; /* and a wrong length */
*force_exact = 0;
mode = 2; /* Default is case insensitive substring search */ mode = 2; /* Default is case insensitive substring search */
} }
} }
@ -787,14 +799,20 @@ classify_user_id( const char *name, u32 *keyid, byte *fprint,
return mode; return mode;
} }
int
classify_user_id( const char *name, u32 *keyid, byte *fprint,
const char **retstr, size_t *retlen )
{
int dummy;
return classify_user_id2 (name, keyid, fprint, retstr, retlen, &dummy);
}
/**************** /****************
* Try to get the pubkey by the userid. This function looks for the * Try to get the pubkey by the userid. This function looks for the
* first pubkey certificate which has the given name in a user_id. * first pubkey certificate which has the given name in a user_id.
* if pk/sk has the pubkey algo set, the function will only return * if pk/sk has the pubkey algo set, the function will only return
* a pubkey with that algo. * a pubkey with that algo.
* The caller must provide provide storage for either the pk or the sk. * The caller must provide storage for either the pk or the sk.
* If ret_kb is not NULL the funtion will return the keyblock there. * If ret_kb is not NULL the funtion will return the keyblock there.
*/ */
@ -807,6 +825,7 @@ key_byname( GETKEY_CTX *retctx, STRLIST namelist,
STRLIST r; STRLIST r;
GETKEY_CTX ctx; GETKEY_CTX ctx;
KBNODE help_kb = NULL; KBNODE help_kb = NULL;
int exact;
if( retctx ) /* reset the returned context in case of error */ if( retctx ) /* reset the returned context in case of error */
*retctx = NULL; *retctx = NULL;
@ -820,18 +839,14 @@ key_byname( GETKEY_CTX *retctx, STRLIST namelist,
ctx->nitems = n; ctx->nitems = n;
for(n=0, r=namelist; r; r = r->next, n++ ) { for(n=0, r=namelist; r; r = r->next, n++ ) {
int mode = classify_user_id( r->d, int mode = classify_user_id2 ( r->d,
ctx->items[n].keyid, ctx->items[n].keyid,
ctx->items[n].fprint, ctx->items[n].fprint,
&ctx->items[n].name, &ctx->items[n].name,
NULL ); NULL, &exact );
/* if we don't use one of the exact key specifications, we assume that
* the primary key is requested */
if ( mode != 10 && mode != 11
&& mode != 16 && mode == 20 && mode != 21 )
ctx->primary = 1;
if ( exact )
ctx->exact = 1;
ctx->items[n].mode = mode; ctx->items[n].mode = mode;
if( !ctx->items[n].mode ) { if( !ctx->items[n].mode ) {
m_free( ctx ); m_free( ctx );
@ -951,6 +966,7 @@ get_pubkey_byfprint( PKT_public_key *pk,
KBNODE kb = NULL; KBNODE kb = NULL;
memset( &ctx, 0, sizeof ctx ); memset( &ctx, 0, sizeof ctx );
ctx.exact = 1 ;
ctx.not_allocated = 1; ctx.not_allocated = 1;
ctx.nitems = 1; ctx.nitems = 1;
ctx.items[0].mode = fprint_len; ctx.items[0].mode = fprint_len;
@ -1008,6 +1024,7 @@ get_keyblock_bylid( KBNODE *ret_keyblock, ulong lid )
if( keyid_from_lid( lid, kid ) ) if( keyid_from_lid( lid, kid ) )
kid[0] = kid[1] = 0; kid[0] = kid[1] = 0;
memset( &ctx, 0, sizeof ctx ); memset( &ctx, 0, sizeof ctx );
ctx.exact = 1;
ctx.not_allocated = 1; ctx.not_allocated = 1;
ctx.nitems = 1; ctx.nitems = 1;
ctx.items[0].mode = 12; ctx.items[0].mode = 12;
@ -1047,7 +1064,6 @@ get_seckey_byname2( GETKEY_CTX *retctx,
assert (!retblock); assert (!retblock);
memset( &ctx, 0, sizeof ctx ); memset( &ctx, 0, sizeof ctx );
ctx.not_allocated = 1; ctx.not_allocated = 1;
ctx.primary = 1;
ctx.nitems = 1; ctx.nitems = 1;
ctx.items[0].mode = 15; ctx.items[0].mode = 15;
rc = lookup( &ctx, &kb, 1 ); rc = lookup( &ctx, &kb, 1 );
@ -1255,7 +1271,11 @@ compare_name( const char *uid, size_t uidlen, const char *name, int mode )
/**************** /****************
* merge all selfsignatures with the keys. * merge all selfsignatures with the keys.
* FIXME: replace this at least for the public key parts * FIXME: replace this at least for the public key parts
* by merge_selfsigs * by merge_selfsigs.
* It is still used in keyedit.c and
* at 2 or 3 other places - check whether it is really needed.
* It might be needed by the key edit and import stuff because
* the keylock is changed.
*/ */
void void
merge_keys_and_selfsig( KBNODE keyblock ) merge_keys_and_selfsig( KBNODE keyblock )
@ -1516,7 +1536,7 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked )
} }
} }
} }
if ( uidnode ) { if ( uidnode && signode ) {
fixup_uidnode ( uidnode, signode ); fixup_uidnode ( uidnode, signode );
pk->is_valid = 1; pk->is_valid = 1;
} }
@ -1961,14 +1981,14 @@ find_by_fpr( KBNODE keyblock, const char *name, int mode )
/* See see whether the key fits /* See see whether the key fits
* our requirements and in case we do not * our requirements and in case we do not
* request a the primary key, we should select * request the primary key, we should select
* a suitable subkey. * a suitable subkey.
* FIXME: Check against PGP 7 whether we still need a kludge * FIXME: Check against PGP 7 whether we still need a kludge
* to favor type 16 keys over type 20 keys when type 20 * to favor type 16 keys over type 20 keys when type 20
* has not been explitely requested. * has not been explitely requested.
* Returns: True when a suitable key has been found. * Returns: True when a suitable key has been found.
* *
* We have to distinguish four cases: * We have to distinguish four cases: FIXME!
* 1. No usage and no primary key requested * 1. No usage and no primary key requested
* Examples for this case are that we have a keyID to be used * Examples for this case are that we have a keyID to be used
* for decrytion or verification. * for decrytion or verification.
@ -1980,7 +2000,12 @@ find_by_fpr( KBNODE keyblock, const char *name, int mode )
* 4. Usage but no primary key requested * 4. Usage but no primary key requested
* FIXME * FIXME
* FIXME: Tell what is going to happen here and something about the rationale * FIXME: Tell what is going to happen here and something about the rationale
* Note: We don't use this function if no specific usage is requested;
* This way the getkey functions can be used for plain key listings.
* *
* CTX ist the keyblock we are investigating, if FOUNDK is not NULL this
* is the key we actually found by looking at the keyid or a fingerprint and
* may eitehr point to the primary or one of the subkeys.
*/ */
static int static int
@ -1999,16 +2024,28 @@ finish_lookup( GETKEY_CTX ctx, KBNODE foundk )
ctx->found_key = NULL; ctx->found_key = NULL;
if (!ctx->exact)
foundk = NULL;
if ( DBG_CACHE ) if ( DBG_CACHE )
log_debug( "finish_lookup: checking %s (req_usage=%x)\n", log_debug( "finish_lookup: checking key %08lX (%s)(req_usage=%x)\n",
foundk? "one key":"all keys", req_usage); (ulong)keyid_from_pk( keyblock->pkt->pkt.public_key, NULL),
foundk? "one":"all", req_usage);
if (!req_usage) {
latest_key = foundk? foundk:keyblock;
goto found;
}
if (!req_usage) {
ctx->found_key = foundk;
cache_user_id( keyblock );
return 1; /* found */
}
latest_date = 0; latest_date = 0;
latest_key = NULL; latest_key = NULL;
/* We do check the subkeys only if we either have requested a specific if ( !foundk || foundk->pkt->pkttype == PKT_PUBLIC_SUBKEY ) {
* usage or have not requested to get the primary key. */
if ( (req_usage || !ctx->primary)
&& (!foundk || foundk->pkt->pkttype == PKT_PUBLIC_SUBKEY) ) {
KBNODE nextk; KBNODE nextk;
/* either start a loop or check just this one subkey */ /* either start a loop or check just this one subkey */
for (k=foundk?foundk:keyblock; k; k = nextk ) { for (k=foundk?foundk:keyblock; k; k = nextk ) {
@ -2019,6 +2056,9 @@ finish_lookup( GETKEY_CTX ctx, KBNODE foundk )
if ( foundk ) if ( foundk )
nextk = NULL; /* what a hack */ nextk = NULL; /* what a hack */
pk = k->pkt->pkt.public_key; pk = k->pkt->pkt.public_key;
if (DBG_CACHE)
log_debug( "\tchecking subkey %08lX\n",
(ulong)keyid_from_pk( pk, NULL));
if ( !pk->is_valid ) { if ( !pk->is_valid ) {
if (DBG_CACHE) if (DBG_CACHE)
log_debug( "\tsubkey not valid\n"); log_debug( "\tsubkey not valid\n");
@ -2035,8 +2075,7 @@ finish_lookup( GETKEY_CTX ctx, KBNODE foundk )
continue; continue;
} }
if ( req_usage && if ( !((pk->pubkey_usage&USAGE_MASK) & req_usage) ) {
!((pk->pubkey_usage&USAGE_MASK) & req_usage) ) {
if (DBG_CACHE) if (DBG_CACHE)
log_debug( "\tusage does not match: want=%x have=%x\n", log_debug( "\tusage does not match: want=%x have=%x\n",
req_usage, pk->pubkey_usage ); req_usage, pk->pubkey_usage );
@ -2044,8 +2083,7 @@ finish_lookup( GETKEY_CTX ctx, KBNODE foundk )
} }
if (DBG_CACHE) if (DBG_CACHE)
log_debug( "\tconsidering key %08lX\n", log_debug( "\tsubkey looks fine\n");
(ulong)keyid_from_pk( pk, NULL));
if ( pk->created > latest_date ) { if ( pk->created > latest_date ) {
latest_date = pk->created; latest_date = pk->created;
latest_key = k; latest_key = k;
@ -2053,7 +2091,9 @@ finish_lookup( GETKEY_CTX ctx, KBNODE foundk )
} }
} }
if ( !latest_key ) { /* Okay now try the primary key unless we have want an exact
* key ID match on a subkey */
if ( !latest_key && !(ctx->exact && foundk != keyblock) ) {
PKT_public_key *pk; PKT_public_key *pk;
if (DBG_CACHE && !foundk ) if (DBG_CACHE && !foundk )
log_debug( "\tno suitable subkeys found - trying primary\n"); log_debug( "\tno suitable subkeys found - trying primary\n");
@ -2070,10 +2110,10 @@ finish_lookup( GETKEY_CTX ctx, KBNODE foundk )
if (DBG_CACHE) if (DBG_CACHE)
log_debug( "\tprimary key has expired\n"); log_debug( "\tprimary key has expired\n");
} }
else if ( req_usage else if ( !((pk->pubkey_usage&USAGE_MASK) & req_usage) ) {
&& !((pk->pubkey_usage&USAGE_MASK) & req_usage) ) {
if (DBG_CACHE) if (DBG_CACHE)
log_debug( "\tusage does not match: want=%x have=%x\n", log_debug( "\tprimary key usage does not match: "
"want=%x have=%x\n",
req_usage, pk->pubkey_usage ); req_usage, pk->pubkey_usage );
} }
else { /* okay */ else { /* okay */
@ -2090,6 +2130,7 @@ finish_lookup( GETKEY_CTX ctx, KBNODE foundk )
return 0; return 0;
} }
found:
if (DBG_CACHE) if (DBG_CACHE)
log_debug( "\tusing key %08lX\n", log_debug( "\tusing key %08lX\n",
(ulong)keyid_from_pk( latest_key->pkt->pkt.public_key, NULL) ); (ulong)keyid_from_pk( latest_key->pkt->pkt.public_key, NULL) );
@ -2117,6 +2158,7 @@ lookup( GETKEY_CTX ctx, KBNODE *ret_keyblock, int secmode )
byte namehash[20]; byte namehash[20];
int use_namehash=0; int use_namehash=0;
KBNODE secblock = NULL; /* helper */ KBNODE secblock = NULL; /* helper */
int no_suitable_key = 0;
if( !ctx->count ) /* first time */ if( !ctx->count ) /* first time */
rc = enum_keyblocks( secmode? 5:0, &ctx->kbpos, NULL ); rc = enum_keyblocks( secmode? 5:0, &ctx->kbpos, NULL );
@ -2180,6 +2222,7 @@ lookup( GETKEY_CTX ctx, KBNODE *ret_keyblock, int secmode )
/* this keyblock looks fine - do further investigation */ /* this keyblock looks fine - do further investigation */
merge_selfsigs ( ctx->keyblock ); merge_selfsigs ( ctx->keyblock );
if ( finish_lookup( ctx, k ) ) { if ( finish_lookup( ctx, k ) ) {
no_suitable_key = 0;
if ( secmode ) { if ( secmode ) {
merge_public_with_secret ( ctx->keyblock, merge_public_with_secret ( ctx->keyblock,
secblock); secblock);
@ -2188,6 +2231,8 @@ lookup( GETKEY_CTX ctx, KBNODE *ret_keyblock, int secmode )
} }
goto found; goto found;
} }
else
no_suitable_key = 1;
} }
} }
skip: skip:
@ -2209,6 +2254,8 @@ lookup( GETKEY_CTX ctx, KBNODE *ret_keyblock, int secmode )
*ret_keyblock = ctx->keyblock; /* return the keyblock */ *ret_keyblock = ctx->keyblock; /* return the keyblock */
ctx->keyblock = NULL; ctx->keyblock = NULL;
} }
else if (rc == -1 && no_suitable_key)
rc = secmode ? G10ERR_UNU_SECKEY : G10ERR_UNU_PUBKEY;
else if( rc == -1 ) else if( rc == -1 )
rc = secmode ? G10ERR_NO_SECKEY : G10ERR_NO_PUBKEY; rc = secmode ? G10ERR_NO_SECKEY : G10ERR_NO_PUBKEY;

2
g10/import.c
View File

@ -414,7 +414,7 @@ import_one( const char *fname, KBNODE keyblock, int fast )
/* do we have this key already in one of our pubrings ? */ /* do we have this key already in one of our pubrings ? */
pk_orig = m_alloc_clear( sizeof *pk_orig ); pk_orig = m_alloc_clear( sizeof *pk_orig );
rc = get_pubkey( pk_orig, keyid ); rc = get_pubkey( pk_orig, keyid );
if( rc && rc != G10ERR_NO_PUBKEY ) { if( rc && rc != G10ERR_NO_PUBKEY && rc != G10ERR_UNU_PUBKEY ) {
log_error( _("key %08lX: public key not found: %s\n"), log_error( _("key %08lX: public key not found: %s\n"),
(ulong)keyid[1], g10_errstr(rc)); (ulong)keyid[1], g10_errstr(rc));
} }

1
g10/keyedit.c
View File

@ -131,6 +131,7 @@ print_and_check_one_sig( KBNODE keyblock, KBNODE node,
++*inv_sigs; ++*inv_sigs;
break; break;
case G10ERR_NO_PUBKEY: case G10ERR_NO_PUBKEY:
case G10ERR_UNU_PUBKEY:
node->flag = NODFLG_NOKEY; node->flag = NODFLG_NOKEY;
sigrc = '?'; sigrc = '?';
if( no_key ) if( no_key )

5
g10/keylist.c
View File

@ -199,7 +199,6 @@ list_one( STRLIST names, int secret )
return; return;
} }
do { do {
merge_keys_and_selfsig( keyblock );
list_keyblock( keyblock, 1 ); list_keyblock( keyblock, 1 );
release_kbnode( keyblock ); release_kbnode( keyblock );
} while( !get_seckey_next( ctx, NULL, &keyblock ) ); } while( !get_seckey_next( ctx, NULL, &keyblock ) );
@ -213,7 +212,6 @@ list_one( STRLIST names, int secret )
return; return;
} }
do { do {
merge_keys_and_selfsig( keyblock );
list_keyblock( keyblock, 0 ); list_keyblock( keyblock, 0 );
release_kbnode( keyblock ); release_kbnode( keyblock );
} while( !get_pubkey_next( ctx, NULL, &keyblock ) ); } while( !get_pubkey_next( ctx, NULL, &keyblock ) );
@ -480,7 +478,8 @@ list_keyblock( KBNODE keyblock, int secret )
switch( rc ) { switch( rc ) {
case 0: sigrc = '!'; break; case 0: sigrc = '!'; break;
case G10ERR_BAD_SIGN: sigrc = '-'; break; case G10ERR_BAD_SIGN: sigrc = '-'; break;
case G10ERR_NO_PUBKEY: sigrc = '?'; break; case G10ERR_NO_PUBKEY:
case G10ERR_UNU_PUBKEY: sigrc = '?'; break;
default: sigrc = '%'; break; default: sigrc = '%'; break;
} }
} }

3
g10/mainproc.c
View File

@ -926,7 +926,8 @@ list_node( CTX c, KBNODE node )
switch( (rc2=do_check_sig( c, node, &is_selfsig )) ) { switch( (rc2=do_check_sig( c, node, &is_selfsig )) ) {
case 0: sigrc = '!'; break; case 0: sigrc = '!'; break;
case G10ERR_BAD_SIGN: sigrc = '-'; break; case G10ERR_BAD_SIGN: sigrc = '-'; break;
case G10ERR_NO_PUBKEY: sigrc = '?'; break; case G10ERR_NO_PUBKEY:
case G10ERR_UNU_PUBKEY: sigrc = '?'; break;
default: sigrc = '%'; break; default: sigrc = '%'; break;
} }
} }

1
g10/pkclist.c
View File

@ -819,7 +819,6 @@ build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned use )
log_error(_("%s: skipped: %s\n"), rov->d, g10_errstr(rc) ); log_error(_("%s: skipped: %s\n"), rov->d, g10_errstr(rc) );
} }
else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use )) ) { else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use )) ) {
/* Skip the actual key if the key is already present /* Skip the actual key if the key is already present
* in the list */ * in the list */
if (key_present_in_pk_list(pk_list, pk) == 0) { if (key_present_in_pk_list(pk_list, pk) == 0) {

4
include/ChangeLog
View File

@ -1,3 +1,7 @@
2001-03-01 Werner Koch <wk@gnupg.org>
* errors.h (G10ERR_UNU_SECKEY,G10ERR_UNU_PUBKEY): New
2000-11-30 Werner Koch <wk@gnupg.org> 2000-11-30 Werner Koch <wk@gnupg.org>
* iobuf.h (iobuf_translate_file_handle): Add prototype. * iobuf.h (iobuf_translate_file_handle): Add prototype.

3
include/errors.h
View File

@ -72,6 +72,9 @@
#define G10ERR_SELFTEST_FAILED 50 #define G10ERR_SELFTEST_FAILED 50
#define G10ERR_NOT_ENCRYPTED 51 #define G10ERR_NOT_ENCRYPTED 51
#define G10ERR_NOT_PROCESSED 52 #define G10ERR_NOT_PROCESSED 52
#define G10ERR_UNU_PUBKEY 53
#define G10ERR_UNU_SECKEY 54
#ifndef HAVE_STRERROR #ifndef HAVE_STRERROR
char *strerror( int n ); char *strerror( int n );

4
po/ChangeLog
View File

@ -1,3 +1,7 @@
2001-02-22 Werner Koch <wk@gnupg.org>
* de.po, de.glo: Updated.
2001-01-23 Werner Koch <wk@gnupg.org> 2001-01-23 Werner Koch <wk@gnupg.org>
* de.po: Removed superfluous \r. * de.po: Removed superfluous \r.

74
po/de.po
View File

@ -1,8 +1,16 @@
# GnuPG german translation # GnuPG german translation
# Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc. # Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
# Walter Koch <koch@hsp.de>, 1998, 1999, 2000 # Walter Koch <koch@hsp.de>, 1998, 1999, 2000, 2001
msgid "" msgid ""
msgstr "POT-Creation-Date: 2001-02-07 16:46+0100\n" msgstr ""
"Project-Id-Version: gnupg-1.0.4\n"
"POT-Creation-Date: 2001-02-17 02:26+0000\n"
"PO-Revision-Date: 2001-02-20 21:20+0200\n"
"Last-Translator: Walter Koch <koch@hsp.de>\n"
"Language-Team: German <de@li.org>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=iso-8859-1\n"
"Content-Transfer-Encoding: 8bit\n"
#: util/secmem.c:79 #: util/secmem.c:79
msgid "Warning: using insecure memory!\n" msgid "Warning: using insecure memory!\n"
@ -830,9 +838,8 @@ msgid "--delete-key user-id"
msgstr "--delete-key User-ID" msgstr "--delete-key User-ID"
#: g10/g10.c:1295 #: g10/g10.c:1295
#, fuzzy
msgid "--delete-secret-and-public-key user-id" msgid "--delete-secret-and-public-key user-id"
msgstr "--delete-secret-key User-ID" msgstr "--delete-secret-and-public-key User-ID"
#: g10/encode.c:268 g10/g10.c:1332 g10/sign.c:393 #: g10/encode.c:268 g10/g10.c:1332 g10/sign.c:393
#, c-format #, c-format
@ -1230,7 +1237,7 @@ msgid ""
"You did not specify a user ID. (you may use \"-r\")\n" "You did not specify a user ID. (you may use \"-r\")\n"
"\n" "\n"
msgstr "" msgstr ""
"Sie gaben keine User-ID angegeben (Benutzen Sie die Option \"-r\").\n" "Sie haben keine User-ID angegeben (Benutzen Sie die Option \"-r\").\n"
"\n" "\n"
#: g10/pkclist.c:864 #: g10/pkclist.c:864
@ -1687,29 +1694,24 @@ msgstr "WARNUNG: Nichts exportiert\n"
msgid "too many entries in pk cache - disabled\n" msgid "too many entries in pk cache - disabled\n"
msgstr "zu viele Einträge im pk-Lager - abgeschaltet\n" msgstr "zu viele Einträge im pk-Lager - abgeschaltet\n"
#: g10/getkey.c:350 #: g10/getkey.c:445
msgid "too many entries in unk cache - disabled\n" msgid "too many entries in unk cache - disabled\n"
msgstr "zu viele Einträge im unk-Lager - abgeschaltet\n" msgstr "zu viele Einträge im unk-Lager - abgeschaltet\n"
#: g10/getkey.c:1308 g10/getkey.c:1347 #: g10/getkey.c:2100
msgid "RSA key cannot be used in this version\n"
msgstr "RSA-Schlüssel können in dieser Version nicht verwendet werden\n"
#: g10/getkey.c:1310 g10/getkey.c:1349
msgid "No key for user ID\n"
msgstr "Kein Schlüssel für User-ID\n"
#: g10/getkey.c:1388 g10/getkey.c:1428
msgid "No user ID for key\n"
msgstr "Keine User-ID für Schlüssel\n"
#: g10/getkey.c:1628 g10/getkey.c:1675 g10/getkey.c:1731
#, c-format #, c-format
msgid "using secondary key %08lX instead of primary key %08lX\n" msgid "using secondary key %08lX instead of primary key %08lX\n"
msgstr "" msgstr ""
"der Zweitschlüssel %08lX wird anstelle des Hauptschlüssels %08lX verwendet\n" "der Zweitschlüssel %08lX wird anstelle des Hauptschlüssels %08lX verwendet\n"
#: g10/getkey.c:2050 #: g10/getkey.c:2141 g10/trustdb.c:577
#, c-format
msgid "key %08lX: secret key without public key - skipped\n"
msgstr ""
"Schlüssel %08lX: geheimer Schlüssel, aber ohne öffentlichen Schlüssel - "
"übersprungen\n"
#: g10/getkey.c:2424
msgid "[User id not found]" msgid "[User id not found]"
msgstr "[User-ID nicht gefunden]" msgstr "[User-ID nicht gefunden]"
@ -2711,7 +2713,6 @@ msgid "Experimental algorithms should not be used!\n"
msgstr "Experimentiermethoden sollten nicht benutzt werden!\n" msgstr "Experimentiermethoden sollten nicht benutzt werden!\n"
#: g10/misc.c:237 #: g10/misc.c:237
#, fuzzy
msgid "this cipher algorithm is deprecated; please use a more standard one!x\n" msgid "this cipher algorithm is deprecated; please use a more standard one!x\n"
msgstr "Es ist davon abzuraten, diese Verschlüsselungsmethode zu benutzen!\n" msgstr "Es ist davon abzuraten, diese Verschlüsselungsmethode zu benutzen!\n"
@ -2720,7 +2721,7 @@ msgstr "Es ist davon abzuraten, diese Verschl
msgid "can't handle public key algorithm %d\n" msgid "can't handle public key algorithm %d\n"
msgstr "dieses Public-Key Verfahren %d kann nicht benutzt werden\n" msgstr "dieses Public-Key Verfahren %d kann nicht benutzt werden\n"
#: g10/parse-packet.c:990 #: g10/parse-packet.c:998
#, c-format #, c-format
msgid "subpacket of type %d has critical bit set\n" msgid "subpacket of type %d has critical bit set\n"
msgstr "Im Unterpaket des Typs %d ist das \"critical bit\" gesetzt\n" msgstr "Im Unterpaket des Typs %d ist das \"critical bit\" gesetzt\n"
@ -2903,11 +2904,11 @@ msgstr "Teile des geheimen Schl
msgid "protection algorithm %d is not supported\n" msgid "protection algorithm %d is not supported\n"
msgstr "Schutzverfahren %d wird nicht unterstützt\n" msgstr "Schutzverfahren %d wird nicht unterstützt\n"
#: g10/seckey-cert.c:186 #: g10/seckey-cert.c:184
msgid "Invalid passphrase; please try again ...\n" msgid "Invalid passphrase; please try again ...\n"
msgstr "Ungültiges Mantra; versuchen Sie's doch noch einmal ...\n" msgstr "Ungültiges Mantra; versuchen Sie's doch noch einmal ...\n"
#: g10/seckey-cert.c:242 #: g10/seckey-cert.c:240
msgid "WARNING: Weak key detected - please change passphrase again.\n" msgid "WARNING: Weak key detected - please change passphrase again.\n"
msgstr "" msgstr ""
"WARNUNG: Unsicherer Schlüssel entdeckt -\n" "WARNUNG: Unsicherer Schlüssel entdeckt -\n"
@ -3174,7 +3175,7 @@ msgid "key %08lX: accepted as trusted key.\n"
msgstr "Schlüssel %08lX: Akzeptiert als vertrauenswürdiger Schlüssel.\n" msgstr "Schlüssel %08lX: Akzeptiert als vertrauenswürdiger Schlüssel.\n"
#: g10/trustdb.c:546 #: g10/trustdb.c:546
#, fuzzy, c-format #, c-format
msgid "key %08lX: no public key for trusted key - skipped\n" msgid "key %08lX: no public key for trusted key - skipped\n"
msgstr "" msgstr ""
"Schlüssel %08lX: kein öffentlicher Schlüssel für den vertrauenswürdigen " "Schlüssel %08lX: kein öffentlicher Schlüssel für den vertrauenswürdigen "
@ -3185,13 +3186,6 @@ msgstr ""
msgid "NOTE: secret key %08lX is NOT protected.\n" msgid "NOTE: secret key %08lX is NOT protected.\n"
msgstr "HINWEIS: Geheimer Schlüssel %08lX ist NICHT geschützt.\n" msgstr "HINWEIS: Geheimer Schlüssel %08lX ist NICHT geschützt.\n"
#: g10/trustdb.c:577
#, c-format
msgid "key %08lX: secret key without public key - skipped\n"
msgstr ""
"Schlüssel %08lX: geheimer Schlüssel, aber ohne öffentlichen Schlüssel - "
"übersprungen\n"
#: g10/trustdb.c:584 #: g10/trustdb.c:584
#, c-format #, c-format
msgid "key %08lX: secret and public key don't match\n" msgid "key %08lX: secret and public key don't match\n"
@ -3532,9 +3526,8 @@ msgstr ""
"Warnung: Botschaft wurde mit einem unsicheren Schlüssel verschlüsselt.\n" "Warnung: Botschaft wurde mit einem unsicheren Schlüssel verschlüsselt.\n"
#: g10/encr-data.c:97 #: g10/encr-data.c:97
#, fuzzy
msgid "problem handling encrypted packet\n" msgid "problem handling encrypted packet\n"
msgstr "Entferne Empfänger-ID verschlüsselter Pakete" msgstr "Problem beim Bearbeiten des verschlüsselten Pakets\n"
#: g10/seskey.c:52 #: g10/seskey.c:52
msgid "weak key created - retrying\n" msgid "weak key created - retrying\n"
@ -3559,11 +3552,11 @@ msgstr "Diesen Schl
msgid "This is a secret key! - really delete? " msgid "This is a secret key! - really delete? "
msgstr "Dies ist ein privater Schlüssel! - Wirklich löschen? " msgstr "Dies ist ein privater Schlüssel! - Wirklich löschen? "
#: g10/delkey.c:182 #: g10/delkey.c:181
msgid "there is a secret key for this public key!\n" msgid "there is a secret key for this public key!\n"
msgstr "Es gibt einen privaten Schlüssel zu diesem öffentlichen Schlüssel!\n" msgstr "Es gibt einen privaten Schlüssel zu diesem öffentlichen Schlüssel!\n"
#: g10/delkey.c:184 #: g10/delkey.c:183
msgid "use option \"--delete-secret-key\" to delete it first.\n" msgid "use option \"--delete-secret-key\" to delete it first.\n"
msgstr "" msgstr ""
"Benutzen Sie das Kommando \"--delete-secret-key\", um ihn vorab zu " "Benutzen Sie das Kommando \"--delete-secret-key\", um ihn vorab zu "
@ -3862,6 +3855,15 @@ msgstr "Keine Hilfe vorhanden."
msgid "No help available for `%s'" msgid "No help available for `%s'"
msgstr "Keine Hilfe für '%s' vorhanden." msgstr "Keine Hilfe für '%s' vorhanden."
#~ msgid "RSA key cannot be used in this version\n"
#~ msgstr "RSA-Schlüssel können in dieser Version nicht verwendet werden\n"
#~ msgid "No key for user ID\n"
#~ msgstr "Kein Schlüssel für User-ID\n"
#~ msgid "No user ID for key\n"
#~ msgstr "Keine User-ID für Schlüssel\n"
#~ msgid "no secret key for decryption available\n" #~ msgid "no secret key for decryption available\n"
#~ msgstr "kein geheimer Schlüssel zur Entschlüsselung vorhanden\n" #~ msgstr "kein geheimer Schlüssel zur Entschlüsselung vorhanden\n"

8
tools/ring-a-party
View File

@ -54,20 +54,20 @@ $1 == "sub" { if( $4 != 17 && $4 != 3 ) signencrypt=1 }
function myflush() function myflush()
{ {
# fixme: take lines to print here into account # fixme: take lines to print here into account
if( lines > 50 || lines == -1 ) { if( lines > 45 || lines == -1 ) {
if( lines != -1 ) printf "\f"; if( lines != -1 ) printf "\f";
page++; page++;
printf "%s %-50.50s Page %d\n\n", now, KEYRING, page ; printf "%s %-50.50s Page %d\n\n", now, KEYRING, page ;
printf "Type Bits KeyID Created Expires Algorithm Use\n"; printf " Type Bits KeyID Created Expires Algorithm Use\n\n";
lines = 1; lines = 1;
} }
printf "pub %04d 0x%s %10s %10s %-10s %15s\n", printf "[ ] pub %04d 0x%s %10s %10s %-10s %15s\n",
nbits, keyid, created, expires == ""? "----------":expires, algostr, nbits, keyid, created, expires == ""? "----------":expires, algostr,
signencrypt == 1? "Sign & Encrypt":"Sign only"; signencrypt == 1? "Sign & Encrypt":"Sign only";
length(fpr) == 40 ? printfpr20( fpr ) : printfpr16( fpr ); length(fpr) == 40 ? printfpr20( fpr ) : printfpr16( fpr );
lnes += 2; lnes += 2;
for( i=0; i < uidcount; i++ ) { for( i=0; i < uidcount; i++ ) {
printf "uid %s\n", uids[i]; printf "( ) uid %s\n", uids[i];
lines++; lines++;
} }
printf "\n\n"; printf "\n\n";

4
util/ChangeLog
View File

@ -1,3 +1,7 @@
2001-03-01 Werner Koch <wk@gnupg.org>
* errors.c (g10_errstr): New codes UNU_SECKEY and UNU_PUBKEY.
2000-12-28 Werner Koch <wk@gnupg.org> 2000-12-28 Werner Koch <wk@gnupg.org>
* dotlock.c: Made all_lockfiles volatile. * dotlock.c: Made all_lockfiles volatile.

3
util/errors.c
View File

@ -101,6 +101,9 @@ g10_errstr( int err )
X(SELFTEST_FAILED,"selftest failed") X(SELFTEST_FAILED,"selftest failed")
X(NOT_ENCRYPTED ,N_("not encrypted")) X(NOT_ENCRYPTED ,N_("not encrypted"))
X(NOT_PROCESSED ,N_("not processed")) X(NOT_PROCESSED ,N_("not processed"))
/* the key cannot be used for a specific usage */
X(UNU_PUBKEY ,N_("unusable public key"))
X(UNU_SECKEY ,N_("unusable secret key"))
default: p = buf; sprintf(buf, "g10err=%d", err); break; default: p = buf; sprintf(buf, "g10err=%d", err); break;
} }
#undef X #undef X