LCOV - code coverage report
Current view: top level - g10 - pkclist.c (source / functions) Hit Total Coverage
Test: coverage.info Lines: 204 738 27.6 %
Date: 2016-11-29 15:00:56 Functions: 11 21 52.4 %

          Line data    Source code
       1             : /* pkclist.c - create a list of public keys
       2             :  * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
       3             :  *               2008, 2009, 2010 Free Software Foundation, Inc.
       4             :  *
       5             :  * This file is part of GnuPG.
       6             :  *
       7             :  * GnuPG is free software; you can redistribute it and/or modify
       8             :  * it under the terms of the GNU General Public License as published by
       9             :  * the Free Software Foundation; either version 3 of the License, or
      10             :  * (at your option) any later version.
      11             :  *
      12             :  * GnuPG is distributed in the hope that it will be useful,
      13             :  * but WITHOUT ANY WARRANTY; without even the implied warranty of
      14             :  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      15             :  * GNU General Public License for more details.
      16             :  *
      17             :  * You should have received a copy of the GNU General Public License
      18             :  * along with this program; if not, see <https://www.gnu.org/licenses/>.
      19             :  */
      20             : 
      21             : #include <config.h>
      22             : #include <stdio.h>
      23             : #include <stdlib.h>
      24             : #include <string.h>
      25             : #include <errno.h>
      26             : 
      27             : #include "gpg.h"
      28             : #include "options.h"
      29             : #include "packet.h"
      30             : #include "status.h"
      31             : #include "keydb.h"
      32             : #include "util.h"
      33             : #include "main.h"
      34             : #include "trustdb.h"
      35             : #include "ttyio.h"
      36             : #include "status.h"
      37             : #include "photoid.h"
      38             : #include "i18n.h"
      39             : #include "tofu.h"
      40             : 
      41             : #define CONTROL_D ('D' - 'A' + 1)
      42             : 
      43             : static void
      44           0 : send_status_inv_recp (int reason, const char *name)
      45             : {
      46             :   char buf[40];
      47             : 
      48           0 :   snprintf (buf, sizeof buf, "%d ", reason);
      49           0 :   write_status_text_and_buffer (STATUS_INV_RECP, buf,
      50             :                                 name, strlen (name),
      51             :                                 -1);
      52           0 : }
      53             : 
      54             : 
      55             : /****************
      56             :  * Show the revocation reason as it is stored with the given signature
      57             :  */
      58             : static void
      59           0 : do_show_revocation_reason( PKT_signature *sig )
      60             : {
      61             :     size_t n, nn;
      62             :     const byte *p, *pp;
      63           0 :     int seq = 0;
      64             :     const char *text;
      65             : 
      66           0 :     while( (p = enum_sig_subpkt (sig->hashed, SIGSUBPKT_REVOC_REASON,
      67             :                                  &n, &seq, NULL )) ) {
      68           0 :         if( !n )
      69           0 :             continue; /* invalid - just skip it */
      70             : 
      71           0 :         if( *p == 0 )
      72           0 :             text = _("No reason specified");
      73           0 :         else if( *p == 0x01 )
      74           0 :             text = _("Key is superseded");
      75           0 :         else if( *p == 0x02 )
      76           0 :             text = _("Key has been compromised");
      77           0 :         else if( *p == 0x03 )
      78           0 :             text = _("Key is no longer used");
      79           0 :         else if( *p == 0x20 )
      80           0 :             text = _("User ID is no longer valid");
      81             :         else
      82           0 :             text = NULL;
      83             : 
      84           0 :         log_info ( _("reason for revocation: "));
      85           0 :         if (text)
      86           0 :           log_printf ("%s\n", text);
      87             :         else
      88           0 :           log_printf ("code=%02x\n", *p );
      89           0 :         n--; p++;
      90           0 :         pp = NULL;
      91             :         do {
      92             :             /* We don't want any empty lines, so skip them */
      93           0 :             while( n && *p == '\n' ) {
      94           0 :                 p++;
      95           0 :                 n--;
      96             :             }
      97           0 :             if( n ) {
      98           0 :                 pp = memchr( p, '\n', n );
      99           0 :                 nn = pp? pp - p : n;
     100           0 :                 log_info ( _("revocation comment: ") );
     101           0 :                 es_write_sanitized (log_get_stream(), p, nn, NULL, NULL);
     102           0 :                 log_printf ("\n");
     103           0 :                 p += nn; n -= nn;
     104             :             }
     105           0 :         } while( pp );
     106             :     }
     107           0 : }
     108             : 
     109             : /* Mode 0: try and find the revocation based on the pk (i.e. check
     110             :    subkeys, etc.)  Mode 1: use only the revocation on the main pk */
     111             : 
     112             : void
     113           0 : show_revocation_reason( PKT_public_key *pk, int mode )
     114             : {
     115             :     /* Hmmm, this is not so easy because we have to duplicate the code
     116             :      * used in the trustbd to calculate the keyflags.  We need to find
     117             :      * a clean way to check revocation certificates on keys and
     118             :      * signatures.  And there should be no duplicate code.  Because we
     119             :      * enter this function only when the trustdb told us that we have
     120             :      * a revoked key, we could simply look for a revocation cert and
     121             :      * display this one, when there is only one. Let's try to do this
     122             :      * until we have a better solution.  */
     123           0 :     KBNODE node, keyblock = NULL;
     124             :     byte fingerprint[MAX_FINGERPRINT_LEN];
     125             :     size_t fingerlen;
     126             :     int rc;
     127             : 
     128             :     /* get the keyblock */
     129           0 :     fingerprint_from_pk( pk, fingerprint, &fingerlen );
     130           0 :     rc = get_pubkey_byfprint(NULL, &keyblock, fingerprint, fingerlen);
     131           0 :     if( rc ) { /* that should never happen */
     132           0 :         log_debug( "failed to get the keyblock\n");
     133           0 :         return;
     134             :     }
     135             : 
     136           0 :     for( node=keyblock; node; node = node->next ) {
     137           0 :         if( (mode && node->pkt->pkttype == PKT_PUBLIC_KEY) ||
     138           0 :           ( ( node->pkt->pkttype == PKT_PUBLIC_KEY
     139           0 :               || node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
     140           0 :             && !cmp_public_keys( node->pkt->pkt.public_key, pk ) ) )
     141             :             break;
     142             :     }
     143           0 :     if( !node ) {
     144           0 :         log_debug("Oops, PK not in keyblock\n");
     145           0 :         release_kbnode( keyblock );
     146           0 :         return;
     147             :     }
     148             :     /* now find the revocation certificate */
     149           0 :     for( node = node->next; node ; node = node->next ) {
     150           0 :         if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
     151           0 :             break;
     152           0 :         if( node->pkt->pkttype == PKT_SIGNATURE
     153           0 :             && (node->pkt->pkt.signature->sig_class == 0x20
     154           0 :                 || node->pkt->pkt.signature->sig_class == 0x28 ) ) {
     155             :                 /* FIXME: we should check the signature here */
     156           0 :                 do_show_revocation_reason ( node->pkt->pkt.signature );
     157           0 :                 break;
     158             :         }
     159             :     }
     160             : 
     161             :     /* We didn't find it, so check if the whole key is revoked */
     162           0 :     if(!node && !mode)
     163           0 :       show_revocation_reason(pk,1);
     164             : 
     165           0 :     release_kbnode( keyblock );
     166             : }
     167             : 
     168             : 
     169             : /****************
     170             :  * mode: 0 = standard
     171             :  *       1 = Without key info and additional menu option 'm'
     172             :  *           this does also add an option to set the key to ultimately trusted.
     173             :  * Returns:
     174             :  *      -2 = nothing changed - caller should show some additional info
     175             :  *      -1 = quit operation
     176             :  *       0 = nothing changed
     177             :  *       1 = new ownertrust now in new_trust
     178             :  */
     179             : #ifndef NO_TRUST_MODELS
     180             : static int
     181           0 : do_edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode,
     182             :                     unsigned *new_trust, int defer_help )
     183             : {
     184             :   char *p;
     185             :   u32 keyid[2];
     186           0 :   int changed=0;
     187           0 :   int quit=0;
     188           0 :   int show=0;
     189             :   int min_num;
     190           0 :   int did_help=defer_help;
     191           0 :   unsigned int minimum = tdb_get_min_ownertrust (pk);
     192             : 
     193           0 :   switch(minimum)
     194             :     {
     195             :     default:
     196           0 :     case TRUST_UNDEFINED: min_num=1; break;
     197           0 :     case TRUST_NEVER:     min_num=2; break;
     198           0 :     case TRUST_MARGINAL:  min_num=3; break;
     199           0 :     case TRUST_FULLY:     min_num=4; break;
     200             :     }
     201             : 
     202           0 :   keyid_from_pk (pk, keyid);
     203             :   for(;;) {
     204             :     /* A string with valid answers.
     205             : 
     206             :        TRANSLATORS: These are the allowed answers in lower and
     207             :        uppercase.  Below you will find the matching strings which
     208             :        should be translated accordingly and the letter changed to
     209             :        match the one in the answer string.
     210             : 
     211             :          i = please show me more information
     212             :          m = back to the main menu
     213             :          s = skip this key
     214             :          q = quit
     215             :     */
     216           0 :     const char *ans = _("iImMqQsS");
     217             : 
     218           0 :     if( !did_help )
     219             :       {
     220           0 :         if( !mode )
     221             :           {
     222             :             KBNODE keyblock, un;
     223             : 
     224           0 :             tty_printf (_("No trust value assigned to:\n"));
     225           0 :             print_key_line (NULL, pk, 0);
     226             : 
     227           0 :             p = get_user_id_native(keyid);
     228           0 :             tty_printf (_("      \"%s\"\n"),p);
     229           0 :             xfree (p);
     230             : 
     231           0 :             keyblock = get_pubkeyblock (keyid);
     232           0 :             if (!keyblock)
     233           0 :                 BUG ();
     234           0 :             for (un=keyblock; un; un = un->next)
     235             :               {
     236           0 :                 if (un->pkt->pkttype != PKT_USER_ID )
     237           0 :                   continue;
     238           0 :                 if (un->pkt->pkt.user_id->is_revoked )
     239           0 :                   continue;
     240           0 :                 if (un->pkt->pkt.user_id->is_expired )
     241           0 :                   continue;
     242             :                 /* Only skip textual primaries */
     243           0 :                 if (un->pkt->pkt.user_id->is_primary
     244           0 :                     && !un->pkt->pkt.user_id->attrib_data )
     245           0 :                   continue;
     246             : 
     247           0 :                 if((opt.verify_options&VERIFY_SHOW_PHOTOS)
     248           0 :                    && un->pkt->pkt.user_id->attrib_data)
     249           0 :                   show_photos (ctrl,
     250           0 :                                un->pkt->pkt.user_id->attribs,
     251           0 :                                un->pkt->pkt.user_id->numattribs, pk,
     252           0 :                                un->pkt->pkt.user_id);
     253             : 
     254           0 :                 p=utf8_to_native(un->pkt->pkt.user_id->name,
     255           0 :                                  un->pkt->pkt.user_id->len,0);
     256             : 
     257           0 :                 tty_printf(_("  aka \"%s\"\n"),p);
     258             :               }
     259             : 
     260           0 :             print_fingerprint (NULL, pk, 2);
     261           0 :             tty_printf("\n");
     262           0 :             release_kbnode (keyblock);
     263             :           }
     264             : 
     265           0 :         if(opt.trust_model==TM_DIRECT)
     266             :           {
     267           0 :             tty_printf(_("How much do you trust that this key actually "
     268             :                          "belongs to the named user?\n"));
     269           0 :             tty_printf("\n");
     270             :           }
     271             :         else
     272             :           {
     273             :             /* This string also used in keyedit.c:trustsig_prompt */
     274           0 :             tty_printf(_("Please decide how far you trust this user to"
     275             :                          " correctly verify other users' keys\n"
     276             :                          "(by looking at passports, checking fingerprints from"
     277             :                          " different sources, etc.)\n"));
     278           0 :             tty_printf("\n");
     279             :           }
     280             : 
     281           0 :         if(min_num<=1)
     282           0 :           tty_printf (_("  %d = I don't know or won't say\n"), 1);
     283           0 :         if(min_num<=2)
     284           0 :           tty_printf (_("  %d = I do NOT trust\n"), 2);
     285           0 :         if(min_num<=3)
     286           0 :           tty_printf (_("  %d = I trust marginally\n"), 3);
     287           0 :         if(min_num<=4)
     288           0 :           tty_printf (_("  %d = I trust fully\n"), 4);
     289           0 :         if (mode)
     290           0 :           tty_printf (_("  %d = I trust ultimately\n"), 5);
     291             : #if 0
     292             :         /* not yet implemented */
     293             :         tty_printf ("  i = please show me more information\n");
     294             : #endif
     295           0 :         if( mode )
     296           0 :           tty_printf(_("  m = back to the main menu\n"));
     297             :         else
     298             :           {
     299           0 :             tty_printf(_("  s = skip this key\n"));
     300           0 :             tty_printf(_("  q = quit\n"));
     301             :           }
     302           0 :         tty_printf("\n");
     303           0 :         if(minimum)
     304           0 :           tty_printf(_("The minimum trust level for this key is: %s\n\n"),
     305             :                      trust_value_to_string(minimum));
     306           0 :         did_help = 1;
     307             :       }
     308           0 :     if( strlen(ans) != 8 )
     309           0 :       BUG();
     310           0 :     p = cpr_get("edit_ownertrust.value",_("Your decision? "));
     311           0 :     trim_spaces(p);
     312           0 :     cpr_kill_prompt();
     313           0 :     if( !*p )
     314           0 :       did_help = 0;
     315           0 :     else if( *p && p[1] )
     316             :       ;
     317           0 :     else if( !p[1] && ((*p >= '0'+min_num) && *p <= (mode?'5':'4')) )
     318           0 :       {
     319             :         unsigned int trust;
     320           0 :         switch( *p )
     321             :           {
     322           0 :           case '1': trust = TRUST_UNDEFINED; break;
     323           0 :           case '2': trust = TRUST_NEVER    ; break;
     324           0 :           case '3': trust = TRUST_MARGINAL ; break;
     325           0 :           case '4': trust = TRUST_FULLY    ; break;
     326           0 :           case '5': trust = TRUST_ULTIMATE ; break;
     327           0 :           default: BUG();
     328             :           }
     329           0 :         if (trust == TRUST_ULTIMATE
     330           0 :             && !cpr_get_answer_is_yes ("edit_ownertrust.set_ultimate.okay",
     331           0 :                                        _("Do you really want to set this key"
     332             :                                          " to ultimate trust? (y/N) ")))
     333             :           ; /* no */
     334             :         else
     335             :           {
     336           0 :             *new_trust = trust;
     337           0 :             changed = 1;
     338           0 :             break;
     339             :           }
     340             :       }
     341             : #if 0
     342             :     /* not yet implemented */
     343             :     else if( *p == ans[0] || *p == ans[1] )
     344             :       {
     345             :         tty_printf(_("Certificates leading to an ultimately trusted key:\n"));
     346             :         show = 1;
     347             :         break;
     348             :       }
     349             : #endif
     350           0 :     else if( mode && (*p == ans[2] || *p == ans[3] || *p == CONTROL_D ) )
     351             :       {
     352             :         break ; /* back to the menu */
     353             :       }
     354           0 :     else if( !mode && (*p == ans[6] || *p == ans[7] ) )
     355             :       {
     356             :         break; /* skip */
     357             :       }
     358           0 :     else if( !mode && (*p == ans[4] || *p == ans[5] ) )
     359             :       {
     360           0 :         quit = 1;
     361           0 :         break ; /* back to the menu */
     362             :       }
     363           0 :     xfree(p); p = NULL;
     364           0 :   }
     365           0 :   xfree(p);
     366           0 :   return show? -2: quit? -1 : changed;
     367             : }
     368             : #endif /*!NO_TRUST_MODELS*/
     369             : 
     370             : 
     371             : /*
     372             :  * Display a menu to change the ownertrust of the key PK (which should
     373             :  * be a primary key).
     374             :  * For mode values see do_edit_ownertrust ()
     375             :  */
     376             : #ifndef NO_TRUST_MODELS
     377             : int
     378           0 : edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode )
     379             : {
     380           0 :   unsigned int trust = 0;
     381           0 :   int no_help = 0;
     382             : 
     383             :   for(;;)
     384             :     {
     385           0 :       switch ( do_edit_ownertrust (ctrl, pk, mode, &trust, no_help ) )
     386             :         {
     387             :         case -1: /* quit */
     388           0 :           return -1;
     389             :         case -2: /* show info */
     390           0 :           no_help = 1;
     391           0 :           break;
     392             :         case 1: /* trust value set */
     393           0 :           trust &= ~TRUST_FLAG_DISABLED;
     394           0 :           trust |= get_ownertrust (pk) & TRUST_FLAG_DISABLED;
     395           0 :           update_ownertrust (pk, trust );
     396           0 :           return 1;
     397             :         default:
     398           0 :           return 0;
     399             :         }
     400           0 :     }
     401             : }
     402             : #endif /*!NO_TRUST_MODELS*/
     403             : 
     404             : 
     405             : /****************
     406             :  * Check whether we can trust this pk which has a trustlevel of TRUSTLEVEL
     407             :  * Returns: true if we trust.
     408             :  */
     409             : static int
     410         244 : do_we_trust( PKT_public_key *pk, unsigned int trustlevel )
     411             : {
     412             :   /* We should not be able to get here with a revoked or expired
     413             :      key */
     414         244 :   if(trustlevel & TRUST_FLAG_REVOKED
     415         244 :      || trustlevel & TRUST_FLAG_SUB_REVOKED
     416         244 :      || (trustlevel & TRUST_MASK) == TRUST_EXPIRED)
     417           0 :     BUG();
     418             : 
     419         244 :   if( opt.trust_model==TM_ALWAYS )
     420             :     {
     421         244 :       if( opt.verbose )
     422           0 :         log_info("No trust check due to '--trust-model always' option\n");
     423         244 :       return 1;
     424             :     }
     425             : 
     426           0 :   switch(trustlevel & TRUST_MASK)
     427             :     {
     428             :     default:
     429           0 :       log_error ("invalid trustlevel %u returned from validation layer\n",
     430             :                  trustlevel);
     431             :       /* fall through */
     432             :     case TRUST_UNKNOWN:
     433             :     case TRUST_UNDEFINED:
     434           0 :       log_info(_("%s: There is no assurance this key belongs"
     435             :                  " to the named user\n"),keystr_from_pk(pk));
     436           0 :       return 0; /* no */
     437             : 
     438             :     case TRUST_MARGINAL:
     439           0 :       log_info(_("%s: There is limited assurance this key belongs"
     440             :                  " to the named user\n"),keystr_from_pk(pk));
     441           0 :       return 1; /* yes */
     442             : 
     443             :     case TRUST_FULLY:
     444           0 :       if( opt.verbose )
     445           0 :         log_info(_("This key probably belongs to the named user\n"));
     446           0 :       return 1; /* yes */
     447             : 
     448             :     case TRUST_ULTIMATE:
     449           0 :       if( opt.verbose )
     450           0 :         log_info(_("This key belongs to us\n"));
     451           0 :       return 1; /* yes */
     452             : 
     453             :     case TRUST_NEVER:
     454             :       /* This can be returned by TOFU, which can return negative
     455             :          assertions.  */
     456           0 :       log_info(_("%s: This key is bad!  It has been marked as untrusted!\n"),
     457             :                keystr_from_pk(pk));
     458           0 :       return 0; /* no */
     459             :     }
     460             : 
     461             :   return 1; /*NOTREACHED*/
     462             : }
     463             : 
     464             : 
     465             : /****************
     466             :  * wrapper around do_we_trust, so we can ask whether to use the
     467             :  * key anyway.
     468             :  */
     469             : static int
     470         244 : do_we_trust_pre( PKT_public_key *pk, unsigned int trustlevel )
     471             : {
     472             :   int rc;
     473             : 
     474         244 :   rc = do_we_trust( pk, trustlevel );
     475             : 
     476         244 :   if( !opt.batch && !rc )
     477             :     {
     478           0 :       print_pubkey_info(NULL,pk);
     479           0 :       print_fingerprint (NULL, pk, 2);
     480           0 :       tty_printf("\n");
     481             : 
     482           0 :       if ((trustlevel & TRUST_MASK) == TRUST_NEVER)
     483           0 :         tty_printf(
     484           0 :           _("This key has is bad!  It has been marked as untrusted!  If you\n"
     485             :             "*really* know what you are doing, you may answer the next\n"
     486             :             "question with yes.\n"));
     487             :       else
     488           0 :         tty_printf(
     489           0 :           _("It is NOT certain that the key belongs to the person named\n"
     490             :             "in the user ID.  If you *really* know what you are doing,\n"
     491             :             "you may answer the next question with yes.\n"));
     492             : 
     493           0 :       tty_printf("\n");
     494             : 
     495             : 
     496           0 :       if (is_status_enabled ())
     497             :         {
     498             :           u32 kid[2];
     499             :           char *hint_str;
     500             : 
     501           0 :           keyid_from_pk (pk, kid);
     502           0 :           hint_str = get_long_user_id_string ( kid );
     503           0 :           write_status_text ( STATUS_USERID_HINT, hint_str );
     504           0 :           xfree (hint_str);
     505             :         }
     506             : 
     507           0 :       if( cpr_get_answer_is_yes("untrusted_key.override",
     508           0 :                                 _("Use this key anyway? (y/N) "))  )
     509           0 :         rc = 1;
     510             : 
     511             :       /* Hmmm: Should we set a flag to tell the user about
     512             :        *         his decision the next time he encrypts for this recipient?
     513             :        */
     514             :     }
     515             : 
     516         244 :   return rc;
     517             : }
     518             : 
     519             : 
     520             : /* Write a TRUST_foo status line inclduing the validation model.  */
     521             : static void
     522          32 : write_trust_status (int statuscode, int trustlevel)
     523             : {
     524             : #ifdef NO_TRUST_MODELS
     525             :   write_status (statuscode);
     526             : #else /* NO_TRUST_MODELS */
     527             :   int tm;
     528             : 
     529             :   /* For the combined tofu+pgp method, we return the trust model which
     530             :    * was responsible for the trustlevel.  */
     531          32 :   if (opt.trust_model == TM_TOFU_PGP)
     532           0 :     tm = (trustlevel & TRUST_FLAG_TOFU_BASED)? TM_TOFU : TM_PGP;
     533             :   else
     534          32 :     tm = opt.trust_model;
     535          32 :   write_status_strings (statuscode, "0 ", trust_model_string (tm), NULL);
     536             : #endif /* NO_TRUST_MODELS */
     537          32 : }
     538             : 
     539             : 
     540             : /****************
     541             :  * Check whether we can trust this signature.
     542             :  * Returns an error code if we should not trust this signature.
     543             :  */
     544             : int
     545         183 : check_signatures_trust (ctrl_t ctrl, PKT_signature *sig)
     546             : {
     547         183 :   PKT_public_key *pk = xmalloc_clear( sizeof *pk );
     548         183 :   unsigned int trustlevel = TRUST_UNKNOWN;
     549         183 :   int rc=0;
     550             : 
     551         183 :   rc = get_pubkey( pk, sig->keyid );
     552         183 :   if (rc)
     553             :     { /* this should not happen */
     554           0 :       log_error("Ooops; the key vanished  - can't check the trust\n");
     555           0 :       rc = GPG_ERR_NO_PUBKEY;
     556           0 :       goto leave;
     557             :     }
     558             : 
     559         183 :   if ( opt.trust_model==TM_ALWAYS )
     560             :     {
     561         151 :       if( !opt.quiet )
     562         151 :         log_info(_("WARNING: Using untrusted key!\n"));
     563         151 :       if (opt.with_fingerprint)
     564           0 :         print_fingerprint (NULL, pk, 1);
     565         151 :       goto leave;
     566             :     }
     567             : 
     568          32 :   if(pk->flags.maybe_revoked && !pk->flags.revoked)
     569           0 :     log_info(_("WARNING: this key might be revoked (revocation key"
     570             :                " not present)\n"));
     571             : 
     572          32 :   trustlevel = get_validity (ctrl, NULL, pk, NULL, sig, 1);
     573             : 
     574          32 :   if ( (trustlevel & TRUST_FLAG_REVOKED) )
     575             :     {
     576           0 :       write_status( STATUS_KEYREVOKED );
     577           0 :       if(pk->flags.revoked == 2)
     578           0 :         log_info(_("WARNING: This key has been revoked by its"
     579             :                    " designated revoker!\n"));
     580             :       else
     581           0 :         log_info(_("WARNING: This key has been revoked by its owner!\n"));
     582           0 :       log_info(_("         This could mean that the signature is forged.\n"));
     583           0 :       show_revocation_reason( pk, 0 );
     584             :     }
     585          32 :   else if ((trustlevel & TRUST_FLAG_SUB_REVOKED) )
     586             :     {
     587           0 :       write_status( STATUS_KEYREVOKED );
     588           0 :       log_info(_("WARNING: This subkey has been revoked by its owner!\n"));
     589           0 :       show_revocation_reason( pk, 0 );
     590             :     }
     591             : 
     592          32 :   if ((trustlevel & TRUST_FLAG_DISABLED))
     593           0 :     log_info (_("Note: This key has been disabled.\n"));
     594             : 
     595             :   /* If we have PKA information adjust the trustlevel. */
     596          32 :   if (sig->pka_info && sig->pka_info->valid)
     597             :     {
     598             :       unsigned char fpr[MAX_FINGERPRINT_LEN];
     599             :       PKT_public_key *primary_pk;
     600             :       size_t fprlen;
     601             :       int okay;
     602             : 
     603             : 
     604           0 :       primary_pk = xmalloc_clear (sizeof *primary_pk);
     605           0 :       get_pubkey (primary_pk, pk->main_keyid);
     606           0 :       fingerprint_from_pk (primary_pk, fpr, &fprlen);
     607           0 :       free_public_key (primary_pk);
     608             : 
     609           0 :       if ( fprlen == 20 && !memcmp (sig->pka_info->fpr, fpr, 20) )
     610             :         {
     611           0 :           okay = 1;
     612           0 :           write_status_text (STATUS_PKA_TRUST_GOOD, sig->pka_info->email);
     613           0 :           log_info (_("Note: Verified signer's address is '%s'\n"),
     614           0 :                     sig->pka_info->email);
     615             :         }
     616             :       else
     617             :         {
     618           0 :           okay = 0;
     619           0 :           write_status_text (STATUS_PKA_TRUST_BAD, sig->pka_info->email);
     620           0 :           log_info (_("Note: Signer's address '%s' "
     621           0 :                       "does not match DNS entry\n"), sig->pka_info->email);
     622             :         }
     623             : 
     624           0 :       switch ( (trustlevel & TRUST_MASK) )
     625             :         {
     626             :         case TRUST_UNKNOWN:
     627             :         case TRUST_UNDEFINED:
     628             :         case TRUST_MARGINAL:
     629           0 :           if (okay && opt.verify_options&VERIFY_PKA_TRUST_INCREASE)
     630             :             {
     631           0 :               trustlevel = ((trustlevel & ~TRUST_MASK) | TRUST_FULLY);
     632           0 :               log_info (_("trustlevel adjusted to FULL"
     633             :                           " due to valid PKA info\n"));
     634             :             }
     635             :           /* (fall through) */
     636             :         case TRUST_FULLY:
     637           0 :           if (!okay)
     638             :             {
     639           0 :               trustlevel = ((trustlevel & ~TRUST_MASK) | TRUST_NEVER);
     640           0 :               log_info (_("trustlevel adjusted to NEVER"
     641             :                           " due to bad PKA info\n"));
     642             :             }
     643           0 :           break;
     644             :         }
     645             :     }
     646             : 
     647             :   /* Now let the user know what up with the trustlevel. */
     648          32 :   switch ( (trustlevel & TRUST_MASK) )
     649             :     {
     650             :     case TRUST_EXPIRED:
     651           0 :       log_info(_("Note: This key has expired!\n"));
     652           0 :       print_fingerprint (NULL, pk, 1);
     653           0 :       break;
     654             : 
     655             :     default:
     656           0 :       log_error ("invalid trustlevel %u returned from validation layer\n",
     657             :                  trustlevel);
     658             :       /* fall through */
     659             :     case TRUST_UNKNOWN:
     660             :     case TRUST_UNDEFINED:
     661           7 :       write_trust_status (STATUS_TRUST_UNDEFINED, trustlevel);
     662           7 :       log_info(_("WARNING: This key is not certified with"
     663             :                  " a trusted signature!\n"));
     664           7 :       log_info(_("         There is no indication that the "
     665             :                  "signature belongs to the owner.\n" ));
     666           7 :       print_fingerprint (NULL, pk, 1);
     667           7 :       break;
     668             : 
     669             :     case TRUST_NEVER:
     670             :       /* This level can be returned by TOFU, which supports negative
     671             :        * assertions.  */
     672           0 :       write_trust_status (STATUS_TRUST_NEVER, trustlevel);
     673           0 :       log_info(_("WARNING: We do NOT trust this key!\n"));
     674           0 :       log_info(_("         The signature is probably a FORGERY.\n"));
     675           0 :       if (opt.with_fingerprint)
     676           0 :         print_fingerprint (NULL, pk, 1);
     677           0 :       rc = gpg_error (GPG_ERR_BAD_SIGNATURE);
     678           0 :       break;
     679             : 
     680             :     case TRUST_MARGINAL:
     681          17 :       write_trust_status (STATUS_TRUST_MARGINAL, trustlevel);
     682          17 :       log_info(_("WARNING: This key is not certified with"
     683             :                  " sufficiently trusted signatures!\n"));
     684          17 :       log_info(_("         It is not certain that the"
     685             :                  " signature belongs to the owner.\n" ));
     686          17 :       print_fingerprint (NULL, pk, 1);
     687          17 :       break;
     688             : 
     689             :     case TRUST_FULLY:
     690           4 :       write_trust_status (STATUS_TRUST_FULLY, trustlevel);
     691           4 :       if (opt.with_fingerprint)
     692           0 :         print_fingerprint (NULL, pk, 1);
     693           4 :       break;
     694             : 
     695             :     case TRUST_ULTIMATE:
     696           4 :       write_trust_status (STATUS_TRUST_ULTIMATE, trustlevel);
     697           4 :       if (opt.with_fingerprint)
     698           0 :         print_fingerprint (NULL, pk, 1);
     699           4 :       break;
     700             :     }
     701             : 
     702             :  leave:
     703         183 :   free_public_key( pk );
     704         183 :   return rc;
     705             : }
     706             : 
     707             : 
     708             : void
     709         333 : release_pk_list (pk_list_t pk_list)
     710             : {
     711             :   PK_LIST pk_rover;
     712             : 
     713         588 :   for ( ; pk_list; pk_list = pk_rover)
     714             :     {
     715         255 :       pk_rover = pk_list->next;
     716         255 :       free_public_key ( pk_list->pk );
     717         255 :       xfree ( pk_list );
     718             :     }
     719         333 : }
     720             : 
     721             : 
     722             : static int
     723         250 : key_present_in_pk_list(PK_LIST pk_list, PKT_public_key *pk)
     724             : {
     725         258 :     for( ; pk_list; pk_list = pk_list->next)
     726           8 :         if (cmp_public_keys(pk_list->pk, pk) == 0)
     727           0 :             return 0;
     728             : 
     729         250 :     return -1;
     730             : }
     731             : 
     732             : 
     733             : /****************
     734             :  * Return a malloced string with a default recipient if there is any
     735             :  */
     736             : static char *
     737           0 : default_recipient(ctrl_t ctrl)
     738             : {
     739             :     PKT_public_key *pk;
     740             :     byte fpr[MAX_FINGERPRINT_LEN+1];
     741             :     size_t n;
     742             :     char *p;
     743             :     int i;
     744             : 
     745           0 :     if( opt.def_recipient )
     746           0 :         return xstrdup( opt.def_recipient );
     747           0 :     if( !opt.def_recipient_self )
     748           0 :         return NULL;
     749           0 :     pk = xmalloc_clear( sizeof *pk );
     750           0 :     i = get_seckey_default (ctrl, pk);
     751           0 :     if( i ) {
     752           0 :         free_public_key( pk );
     753           0 :         return NULL;
     754             :     }
     755           0 :     n = MAX_FINGERPRINT_LEN;
     756           0 :     fingerprint_from_pk( pk, fpr, &n );
     757           0 :     free_public_key( pk );
     758           0 :     p = xmalloc( 2*n+3 );
     759           0 :     *p++ = '0';
     760           0 :     *p++ = 'x';
     761           0 :     for(i=0; i < n; i++ )
     762           0 :         sprintf( p+2*i, "%02X", fpr[i] );
     763           0 :     p -= 2;
     764           0 :     return p;
     765             : }
     766             : 
     767             : static int
     768           0 : expand_id(const char *id,strlist_t *into,unsigned int flags)
     769             : {
     770             :   struct groupitem *groups;
     771           0 :   int count=0;
     772             : 
     773           0 :   for(groups=opt.grouplist;groups;groups=groups->next)
     774             :     {
     775             :       /* need strcasecmp() here, as this should be localized */
     776           0 :       if(strcasecmp(groups->name,id)==0)
     777             :         {
     778             :           strlist_t each,sl;
     779             : 
     780             :           /* this maintains the current utf8-ness */
     781           0 :           for(each=groups->values;each;each=each->next)
     782             :             {
     783           0 :               sl=add_to_strlist(into,each->d);
     784           0 :               sl->flags=flags;
     785           0 :               count++;
     786             :             }
     787             : 
     788           0 :           break;
     789             :         }
     790             :     }
     791             : 
     792           0 :   return count;
     793             : }
     794             : 
     795             : /* For simplicity, and to avoid potential loops, we only expand once -
     796             :  * you can't make an alias that points to an alias.  */
     797             : static strlist_t
     798           0 : expand_group (strlist_t input)
     799             : {
     800           0 :   strlist_t output = NULL;
     801             :   strlist_t sl, rover;
     802             : 
     803           0 :   for (rover = input; rover; rover = rover->next)
     804           0 :     if (!(rover->flags & PK_LIST_FROM_FILE)
     805           0 :         && !expand_id(rover->d,&output,rover->flags))
     806             :       {
     807             :         /* Didn't find any groups, so use the existing string */
     808           0 :         sl=add_to_strlist(&output,rover->d);
     809           0 :         sl->flags=rover->flags;
     810             :       }
     811             : 
     812           0 :   return output;
     813             : }
     814             : 
     815             : 
     816             : /* Helper for build_pk_list to find and check one key.  This helper is
     817             :  * also used directly in server mode by the RECIPIENTS command.  On
     818             :  * success the new key is added to PK_LIST_ADDR.  NAME is the user id
     819             :  * of the key.  USE the requested usage and a set MARK_HIDDEN will
     820             :  * mark the key in the updated list as a hidden recipient.  If
     821             :  * FROM_FILE is true, NAME is is not a user ID but the name of a file
     822             :  * holding a key. */
     823             : gpg_error_t
     824         250 : find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use,
     825             :                     int mark_hidden, int from_file, pk_list_t *pk_list_addr)
     826             : {
     827             :   int rc;
     828             :   PKT_public_key *pk;
     829             : 
     830         250 :   if (!name || !*name)
     831           0 :     return gpg_error (GPG_ERR_INV_USER_ID);
     832             : 
     833         250 :   pk = xtrycalloc (1, sizeof *pk);
     834         250 :   if (!pk)
     835           0 :     return gpg_error_from_syserror ();
     836         250 :   pk->req_usage = use;
     837             : 
     838         250 :   if (from_file)
     839           6 :     rc = get_pubkey_fromfile (ctrl, pk, name);
     840             :   else
     841         244 :     rc = get_best_pubkey_byname (ctrl, NULL, pk, name, NULL, 0, 0);
     842         250 :   if (rc)
     843             :     {
     844             :       int code;
     845             : 
     846             :       /* Key not found or other error. */
     847           0 :       log_error (_("%s: skipped: %s\n"), name, gpg_strerror (rc) );
     848           0 :       switch (gpg_err_code (rc))
     849             :         {
     850             :         case GPG_ERR_NO_SECKEY:
     851           0 :         case GPG_ERR_NO_PUBKEY:   code =  1; break;
     852           0 :         case GPG_ERR_INV_USER_ID: code = 14; break;
     853           0 :         default: code = 0; break;
     854             :         }
     855           0 :       send_status_inv_recp (code, name);
     856           0 :       free_public_key (pk);
     857           0 :       return rc;
     858             :     }
     859             : 
     860         250 :   rc = openpgp_pk_test_algo2 (pk->pubkey_algo, use);
     861         250 :   if (rc)
     862             :     {
     863             :       /* Key found but not usable for us (e.g. sign-only key). */
     864           0 :       send_status_inv_recp (3, name); /* Wrong key usage */
     865           0 :       log_error (_("%s: skipped: %s\n"), name, gpg_strerror (rc) );
     866           0 :       free_public_key (pk);
     867           0 :       return rc;
     868             :     }
     869             : 
     870             :   /* Key found and usable.  Check validity. */
     871         250 :   if (!from_file)
     872             :     {
     873             :       int trustlevel;
     874             : 
     875         244 :       trustlevel = get_validity (ctrl, NULL, pk, pk->user_id, NULL, 1);
     876         244 :       if ( (trustlevel & TRUST_FLAG_DISABLED) )
     877             :         {
     878             :           /* Key has been disabled. */
     879           0 :           send_status_inv_recp (13, name);
     880           0 :           log_info (_("%s: skipped: public key is disabled\n"), name);
     881           0 :           free_public_key (pk);
     882           0 :           return GPG_ERR_UNUSABLE_PUBKEY;
     883             :         }
     884             : 
     885         244 :       if ( !do_we_trust_pre (pk, trustlevel) )
     886             :         {
     887             :           /* We don't trust this key.  */
     888           0 :           send_status_inv_recp (10, name);
     889           0 :           free_public_key (pk);
     890           0 :           return GPG_ERR_UNUSABLE_PUBKEY;
     891             :         }
     892             :     }
     893             : 
     894             :   /* Skip the actual key if the key is already present in the
     895             :      list.  */
     896         250 :   if (!key_present_in_pk_list (*pk_list_addr, pk))
     897             :     {
     898           0 :       if (!opt.quiet)
     899           0 :         log_info (_("%s: skipped: public key already present\n"), name);
     900           0 :       free_public_key (pk);
     901             :     }
     902             :   else
     903             :     {
     904             :       pk_list_t r;
     905             : 
     906         250 :       r = xtrymalloc (sizeof *r);
     907         250 :       if (!r)
     908             :         {
     909           0 :           rc = gpg_error_from_syserror ();
     910           0 :           free_public_key (pk);
     911           0 :           return rc;
     912             :         }
     913         250 :       r->pk = pk;
     914         250 :       r->next = *pk_list_addr;
     915         250 :       r->flags = mark_hidden? 1:0;
     916         250 :       *pk_list_addr = r;
     917             :     }
     918             : 
     919         250 :   return 0;
     920             : }
     921             : 
     922             : 
     923             : 
     924             : /* This is the central function to collect the keys for recipients.
     925             :  * It is thus used to prepare a public key encryption. encrypt-to
     926             :  * keys, default keys and the keys for the actual recipients are all
     927             :  * collected here.  When not in batch mode and no recipient has been
     928             :  * passed on the commandline, the function will also ask for
     929             :  * recipients.
     930             :  *
     931             :  * RCPTS is a string list with the recipients; NULL is an allowed
     932             :  * value but not very useful.  Group expansion is done on these names;
     933             :  * they may be in any of the user Id formats we can handle.  The flags
     934             :  * bits for each string in the string list are used for:
     935             :  *
     936             :  * - PK_LIST_ENCRYPT_TO :: This is an encrypt-to recipient.
     937             :  * - PK_LIST_HIDDEN     :: This is a hidden recipient.
     938             :  * - PK_LIST_FROM_FILE  :: The argument is a file with a key.
     939             :  *
     940             :  * On success a list of keys is stored at the address RET_PK_LIST; the
     941             :  * caller must free this list.  On error the value at this address is
     942             :  * not changed.
     943             :  */
     944             : int
     945         247 : build_pk_list (ctrl_t ctrl, strlist_t rcpts, PK_LIST *ret_pk_list)
     946             : {
     947         247 :   PK_LIST pk_list = NULL;
     948         247 :   PKT_public_key *pk=NULL;
     949         247 :   int rc=0;
     950         247 :   int any_recipients=0;
     951             :   strlist_t rov,remusr;
     952         247 :   char *def_rec = NULL;
     953             :   char pkstrbuf[PUBKEY_STRING_SIZE];
     954             : 
     955             :   /* Try to expand groups if any have been defined. */
     956         247 :   if (opt.grouplist)
     957           0 :     remusr = expand_group (rcpts);
     958             :   else
     959         247 :     remusr = rcpts;
     960             : 
     961             :   /* XXX: Change this function to use get_pubkeys instead of
     962             :      get_pubkey_byname to detect ambiguous key specifications and warn
     963             :      about duplicate keyblocks.  For ambiguous key specifications on
     964             :      the command line or provided interactively, prompt the user to
     965             :      select the best key.  If a key specification is ambiguous and we
     966             :      are in batch mode, die.  */
     967             : 
     968         247 :   if (opt.encrypt_to_default_key)
     969             :     {
     970             :       static int warned;
     971             : 
     972           5 :       const char *default_key = parse_def_secret_key (ctrl);
     973           5 :       if (default_key)
     974             :         {
     975           5 :           PK_LIST r = xmalloc_clear (sizeof *r);
     976             : 
     977           5 :           r->pk = xmalloc_clear (sizeof *r->pk);
     978           5 :           r->pk->req_usage = PUBKEY_USAGE_ENC;
     979             : 
     980           5 :           rc = get_pubkey_byname (ctrl, NULL, r->pk, default_key,
     981             :                                    NULL, NULL, 0, 1);
     982           5 :           if (rc)
     983             :             {
     984           0 :               xfree (r->pk);
     985           0 :               xfree (r);
     986             : 
     987           0 :               log_error (_("can't encrypt to '%s'\n"), default_key);
     988           0 :               if (!opt.quiet)
     989           0 :                 log_info (_("(check argument of option '%s')\n"),
     990             :                           "--default-key");
     991             :             }
     992             :           else
     993             :             {
     994           5 :               r->next = pk_list;
     995           5 :               r->flags = 0;
     996           5 :               pk_list = r;
     997             :             }
     998             :         }
     999           0 :       else if (opt.def_secret_key)
    1000             :         {
    1001           0 :           if (! warned)
    1002           0 :             log_info (_("option '%s' given, but no valid default keys given\n"),
    1003             :                       "--encrypt-to-default-key");
    1004           0 :           warned = 1;
    1005             :         }
    1006             :       else
    1007             :         {
    1008           0 :           if (! warned)
    1009           0 :             log_info (_("option '%s' given, but option '%s' not given\n"),
    1010             :                       "--encrypt-to-default-key", "--default-key");
    1011           0 :           warned = 1;
    1012             :         }
    1013             :     }
    1014             : 
    1015             :   /* Check whether there are any recipients in the list and build the
    1016             :    * list of the encrypt-to ones (we always trust them). */
    1017         497 :   for ( rov = remusr; rov; rov = rov->next )
    1018             :     {
    1019         250 :       if ( !(rov->flags & PK_LIST_ENCRYPT_TO) )
    1020             :         {
    1021             :           /* This is a regular recipient; i.e. not an encrypt-to
    1022             :              one. */
    1023         250 :           any_recipients = 1;
    1024             : 
    1025             :           /* Hidden recipients are not allowed while in PGP mode,
    1026             :              issue a warning and switch into GnuPG mode. */
    1027         250 :           if ((rov->flags & PK_LIST_HIDDEN) && (PGP6 || PGP7 || PGP8))
    1028             :             {
    1029           0 :               log_info(_("you may not use %s while in %s mode\n"),
    1030             :                        "--hidden-recipient",
    1031             :                        compliance_option_string());
    1032             : 
    1033           0 :               compliance_failure();
    1034             :             }
    1035             :         }
    1036           0 :       else if (!opt.no_encrypt_to)
    1037             :         {
    1038             :           /* --encrypt-to has not been disabled.  Check this
    1039             :              encrypt-to key. */
    1040           0 :           pk = xmalloc_clear( sizeof *pk );
    1041           0 :           pk->req_usage = PUBKEY_USAGE_ENC;
    1042             : 
    1043             :           /* We explicitly allow encrypt-to to an disabled key; thus
    1044             :              we pass 1 for the second last argument and 1 as the last
    1045             :              argument to disable AKL. */
    1046           0 :           if ( (rc = get_pubkey_byname (ctrl,
    1047           0 :                                         NULL, pk, rov->d, NULL, NULL, 1, 1)) )
    1048             :             {
    1049           0 :               free_public_key ( pk ); pk = NULL;
    1050           0 :               log_error (_("%s: skipped: %s\n"), rov->d, gpg_strerror (rc) );
    1051           0 :               send_status_inv_recp (0, rov->d);
    1052           0 :               goto fail;
    1053             :             }
    1054           0 :           else if ( !(rc=openpgp_pk_test_algo2 (pk->pubkey_algo,
    1055             :                                                 PUBKEY_USAGE_ENC)) )
    1056             :             {
    1057             :               /* Skip the actual key if the key is already present
    1058             :                * in the list.  Add it to our list if not. */
    1059           0 :               if (key_present_in_pk_list(pk_list, pk) == 0)
    1060             :                 {
    1061           0 :                   free_public_key (pk); pk = NULL;
    1062           0 :                   if (!opt.quiet)
    1063           0 :                     log_info (_("%s: skipped: public key already present\n"),
    1064           0 :                               rov->d);
    1065             :                 }
    1066             :               else
    1067             :                 {
    1068             :                   PK_LIST r;
    1069           0 :                   r = xmalloc( sizeof *r );
    1070           0 :                   r->pk = pk; pk = NULL;
    1071           0 :                   r->next = pk_list;
    1072           0 :                   r->flags = (rov->flags&PK_LIST_HIDDEN)?1:0;
    1073           0 :                   pk_list = r;
    1074             : 
    1075             :                   /* Hidden encrypt-to recipients are not allowed while
    1076             :                      in PGP mode, issue a warning and switch into
    1077             :                      GnuPG mode. */
    1078           0 :                   if ((r->flags&PK_LIST_ENCRYPT_TO) && (PGP6 || PGP7 || PGP8))
    1079             :                     {
    1080           0 :                       log_info(_("you may not use %s while in %s mode\n"),
    1081             :                                "--hidden-encrypt-to",
    1082             :                                compliance_option_string());
    1083             : 
    1084           0 :                       compliance_failure();
    1085             :                     }
    1086             :                 }
    1087             :             }
    1088             :           else
    1089             :             {
    1090             :               /* The public key is not usable for encryption. */
    1091           0 :               free_public_key( pk ); pk = NULL;
    1092           0 :               log_error(_("%s: skipped: %s\n"), rov->d, gpg_strerror (rc) );
    1093           0 :               send_status_inv_recp (3, rov->d); /* Wrong key usage */
    1094           0 :               goto fail;
    1095             :             }
    1096             :         }
    1097             :     }
    1098             : 
    1099             :   /* If we don't have any recipients yet and we are not in batch mode
    1100             :      drop into interactive selection mode. */
    1101         247 :   if ( !any_recipients && !opt.batch )
    1102           0 :     {
    1103             :       int have_def_rec;
    1104           0 :       char *answer = NULL;
    1105           0 :       strlist_t backlog = NULL;
    1106             : 
    1107           0 :       if (pk_list)
    1108           0 :         any_recipients = 1;
    1109           0 :       def_rec = default_recipient(ctrl);
    1110           0 :       have_def_rec = !!def_rec;
    1111           0 :       if ( !have_def_rec )
    1112           0 :         tty_printf(_("You did not specify a user ID. (you may use \"-r\")\n"));
    1113             : 
    1114             :       for (;;)
    1115             :         {
    1116           0 :           rc = 0;
    1117           0 :           xfree(answer);
    1118           0 :           if ( have_def_rec )
    1119             :             {
    1120             :               /* A default recipient is taken as the first entry. */
    1121           0 :               answer = def_rec;
    1122           0 :               def_rec = NULL;
    1123             :             }
    1124           0 :           else if (backlog)
    1125             :             {
    1126             :               /* This is part of our trick to expand and display groups. */
    1127           0 :               answer = strlist_pop (&backlog);
    1128             :             }
    1129             :           else
    1130             :             {
    1131             :               /* Show the list of already collected recipients and ask
    1132             :                  for more. */
    1133             :               PK_LIST iter;
    1134             : 
    1135           0 :               tty_printf("\n");
    1136           0 :               tty_printf(_("Current recipients:\n"));
    1137           0 :               for (iter=pk_list;iter;iter=iter->next)
    1138             :                 {
    1139             :                   u32 keyid[2];
    1140             : 
    1141           0 :                   keyid_from_pk(iter->pk,keyid);
    1142           0 :                   tty_printf ("%s/%s %s \"",
    1143             :                               pubkey_string (iter->pk,
    1144             :                                              pkstrbuf, sizeof pkstrbuf),
    1145             :                               keystr(keyid),
    1146             :                               datestr_from_pk (iter->pk));
    1147             : 
    1148           0 :                   if (iter->pk->user_id)
    1149           0 :                     tty_print_utf8_string(iter->pk->user_id->name,
    1150           0 :                                           iter->pk->user_id->len);
    1151             :                   else
    1152             :                     {
    1153             :                       size_t n;
    1154           0 :                       char *p = get_user_id( keyid, &n );
    1155           0 :                       tty_print_utf8_string( p, n );
    1156           0 :                       xfree(p);
    1157             :                     }
    1158           0 :                   tty_printf("\"\n");
    1159             :                 }
    1160             : 
    1161           0 :               answer = cpr_get_utf8("pklist.user_id.enter",
    1162           0 :                                     _("\nEnter the user ID.  "
    1163             :                                       "End with an empty line: "));
    1164           0 :               trim_spaces(answer);
    1165           0 :               cpr_kill_prompt();
    1166             :             }
    1167             : 
    1168           0 :           if ( !answer || !*answer )
    1169             :             {
    1170           0 :               xfree(answer);
    1171           0 :               break;  /* No more recipients entered - get out of loop. */
    1172             :             }
    1173             : 
    1174             :           /* Do group expand here too.  The trick here is to continue
    1175             :              the loop if any expansion occurred.  The code above will
    1176             :              then list all expanded keys. */
    1177           0 :           if (expand_id(answer,&backlog,0))
    1178           0 :             continue;
    1179             : 
    1180             :           /* Get and check key for the current name. */
    1181           0 :           free_public_key (pk);
    1182           0 :           pk = xmalloc_clear( sizeof *pk );
    1183           0 :           pk->req_usage = PUBKEY_USAGE_ENC;
    1184           0 :           rc = get_pubkey_byname (ctrl, NULL, pk, answer, NULL, NULL, 0, 0 );
    1185           0 :           if (rc)
    1186           0 :             tty_printf(_("No such user ID.\n"));
    1187           0 :           else if ( !(rc=openpgp_pk_test_algo2 (pk->pubkey_algo,
    1188             :                                                 PUBKEY_USAGE_ENC)) )
    1189             :             {
    1190           0 :               if ( have_def_rec )
    1191             :                 {
    1192             :                   /* No validation for a default recipient. */
    1193           0 :                   if (!key_present_in_pk_list(pk_list, pk))
    1194             :                     {
    1195           0 :                       free_public_key (pk);
    1196           0 :                       pk = NULL;
    1197           0 :                       log_info (_("skipped: public key "
    1198             :                                   "already set as default recipient\n") );
    1199             :                     }
    1200             :                   else
    1201             :                     {
    1202           0 :                       PK_LIST r = xmalloc (sizeof *r);
    1203           0 :                       r->pk = pk; pk = NULL;
    1204           0 :                       r->next = pk_list;
    1205           0 :                       r->flags = 0; /* No throwing default ids. */
    1206           0 :                       pk_list = r;
    1207             :                     }
    1208           0 :                   any_recipients = 1;
    1209           0 :                   continue;
    1210             :                 }
    1211             :               else
    1212             :                 { /* Check validity of this key. */
    1213             :                   int trustlevel;
    1214             : 
    1215           0 :                   trustlevel =
    1216           0 :                     get_validity (ctrl, NULL, pk, pk->user_id, NULL, 1);
    1217           0 :                   if ( (trustlevel & TRUST_FLAG_DISABLED) )
    1218             :                     {
    1219           0 :                       tty_printf (_("Public key is disabled.\n") );
    1220             :                     }
    1221           0 :                   else if ( do_we_trust_pre (pk, trustlevel) )
    1222             :                     {
    1223             :                       /* Skip the actual key if the key is already
    1224             :                        * present in the list */
    1225           0 :                       if (!key_present_in_pk_list(pk_list, pk))
    1226             :                         {
    1227           0 :                           free_public_key (pk);
    1228           0 :                           pk = NULL;
    1229           0 :                           log_info(_("skipped: public key already set\n") );
    1230             :                         }
    1231             :                       else
    1232             :                         {
    1233             :                           PK_LIST r;
    1234           0 :                           r = xmalloc( sizeof *r );
    1235           0 :                           r->pk = pk; pk = NULL;
    1236           0 :                           r->next = pk_list;
    1237           0 :                           r->flags = 0; /* No throwing interactive ids. */
    1238           0 :                           pk_list = r;
    1239             :                         }
    1240           0 :                       any_recipients = 1;
    1241           0 :                       continue;
    1242             :                     }
    1243             :                 }
    1244             :             }
    1245           0 :           xfree(def_rec); def_rec = NULL;
    1246           0 :           have_def_rec = 0;
    1247           0 :         }
    1248           0 :       if ( pk )
    1249             :         {
    1250           0 :           free_public_key( pk );
    1251           0 :           pk = NULL;
    1252             :         }
    1253             :     }
    1254         247 :   else if ( !any_recipients && (def_rec = default_recipient(ctrl)) )
    1255             :     {
    1256             :       /* We are in batch mode and have only a default recipient. */
    1257           0 :       pk = xmalloc_clear( sizeof *pk );
    1258           0 :       pk->req_usage = PUBKEY_USAGE_ENC;
    1259             : 
    1260             :       /* The default recipient is allowed to be disabled; thus pass 1
    1261             :          as second last argument.  We also don't want an AKL. */
    1262           0 :       rc = get_pubkey_byname (ctrl, NULL, pk, def_rec, NULL, NULL, 1, 1);
    1263           0 :       if (rc)
    1264           0 :         log_error(_("unknown default recipient \"%s\"\n"), def_rec );
    1265           0 :       else if ( !(rc=openpgp_pk_test_algo2(pk->pubkey_algo,
    1266             :                                            PUBKEY_USAGE_ENC)) )
    1267             :         {
    1268             :           /* Mark any_recipients here since the default recipient
    1269             :              would have been used if it wasn't already there.  It
    1270             :              doesn't really matter if we got this key from the default
    1271             :              recipient or an encrypt-to. */
    1272           0 :           any_recipients = 1;
    1273           0 :           if (!key_present_in_pk_list(pk_list, pk))
    1274           0 :             log_info (_("skipped: public key already set "
    1275             :                         "as default recipient\n"));
    1276             :           else
    1277             :             {
    1278           0 :               PK_LIST r = xmalloc( sizeof *r );
    1279           0 :               r->pk = pk; pk = NULL;
    1280           0 :               r->next = pk_list;
    1281           0 :               r->flags = 0; /* No throwing default ids. */
    1282           0 :               pk_list = r;
    1283             :             }
    1284             :         }
    1285           0 :       if ( pk )
    1286             :         {
    1287           0 :           free_public_key( pk );
    1288           0 :           pk = NULL;
    1289             :         }
    1290           0 :       xfree(def_rec); def_rec = NULL;
    1291             :     }
    1292             :   else
    1293             :     {
    1294             :       /* General case: Check all keys. */
    1295         247 :       any_recipients = 0;
    1296         497 :       for (; remusr; remusr = remusr->next )
    1297             :         {
    1298         250 :           if ( (remusr->flags & PK_LIST_ENCRYPT_TO) )
    1299           0 :             continue; /* encrypt-to keys are already handled. */
    1300             : 
    1301         500 :           rc = find_and_check_key (ctrl, remusr->d, PUBKEY_USAGE_ENC,
    1302         250 :                                    !!(remusr->flags&PK_LIST_HIDDEN),
    1303         250 :                                    !!(remusr->flags&PK_LIST_FROM_FILE),
    1304             :                                    &pk_list);
    1305         250 :           if (rc)
    1306           0 :             goto fail;
    1307         250 :           any_recipients = 1;
    1308             :         }
    1309             :     }
    1310             : 
    1311         247 :   if ( !rc && !any_recipients )
    1312             :     {
    1313           0 :       log_error(_("no valid addressees\n"));
    1314           0 :       write_status_text (STATUS_NO_RECP, "0");
    1315           0 :       rc = GPG_ERR_NO_USER_ID;
    1316             :     }
    1317             : 
    1318             : #ifdef USE_TOFU
    1319         247 :   if (! rc && (opt.trust_model == TM_TOFU_PGP || opt.trust_model == TM_TOFU))
    1320             :     {
    1321             :       PK_LIST iter;
    1322           0 :       for (iter = pk_list; iter; iter = iter->next)
    1323             :         {
    1324             :           int rc2;
    1325             : 
    1326             :           /* Note: we already resolved any conflict when looking up
    1327             :              the key.  Don't annoy the user again if she selected
    1328             :              accept once.  */
    1329           0 :           rc2 = tofu_register_encryption (ctrl, iter->pk, NULL, 0);
    1330           0 :           if (rc2)
    1331           0 :             log_info ("WARNING: Failed to register encryption to %s"
    1332             :                       " with TOFU engine\n",
    1333             :                       keystr (pk_main_keyid (iter->pk)));
    1334           0 :           else if (DBG_TRUST)
    1335           0 :             log_debug ("Registered encryption to %s with TOFU DB.\n",
    1336             :                       keystr (pk_main_keyid (iter->pk)));
    1337             :         }
    1338             :     }
    1339             : #endif /*USE_TOFU*/
    1340             : 
    1341             :  fail:
    1342             : 
    1343         247 :   if ( rc )
    1344           0 :     release_pk_list( pk_list );
    1345             :   else
    1346         247 :     *ret_pk_list = pk_list;
    1347         247 :   if (opt.grouplist)
    1348           0 :     free_strlist(remusr);
    1349         247 :   return rc;
    1350             : }
    1351             : 
    1352             : 
    1353             : /* In pgp6 mode, disallow all ciphers except IDEA (1), 3DES (2), and
    1354             :    CAST5 (3), all hashes except MD5 (1), SHA1 (2), and RIPEMD160 (3),
    1355             :    and all compressions except none (0) and ZIP (1).  pgp7 and pgp8
    1356             :    mode expands the cipher list to include AES128 (7), AES192 (8),
    1357             :    AES256 (9), and TWOFISH (10).  pgp8 adds the SHA-256 hash (8).  For
    1358             :    a true PGP key all of this is unneeded as they are the only items
    1359             :    present in the preferences subpacket, but checking here covers the
    1360             :    weird case of encrypting to a key that had preferences from a
    1361             :    different implementation which was then used with PGP.  I am not
    1362             :    completely comfortable with this as the right thing to do, as it
    1363             :    slightly alters the list of what the user is supposedly requesting.
    1364             :    It is not against the RFC however, as the preference chosen will
    1365             :    never be one that the user didn't specify somewhere ("The
    1366             :    implementation may use any mechanism to pick an algorithm in the
    1367             :    intersection"), and PGP has no mechanism to fix such a broken
    1368             :    preference list, so I'm including it. -dms */
    1369             : 
    1370             : int
    1371        2259 : algo_available( preftype_t preftype, int algo, const union pref_hint *hint)
    1372             : {
    1373        2259 :   if( preftype == PREFTYPE_SYM )
    1374             :     {
    1375        1602 :       if(PGP6 && (algo != CIPHER_ALGO_IDEA
    1376           0 :                   && algo != CIPHER_ALGO_3DES
    1377           0 :                   && algo != CIPHER_ALGO_CAST5))
    1378           0 :         return 0;
    1379             : 
    1380        1602 :       if(PGP7 && (algo != CIPHER_ALGO_IDEA
    1381           0 :                   && algo != CIPHER_ALGO_3DES
    1382           0 :                   && algo != CIPHER_ALGO_CAST5
    1383           0 :                   && algo != CIPHER_ALGO_AES
    1384           0 :                   && algo != CIPHER_ALGO_AES192
    1385           0 :                   && algo != CIPHER_ALGO_AES256
    1386           0 :                   && algo != CIPHER_ALGO_TWOFISH))
    1387           0 :         return 0;
    1388             : 
    1389             :       /* PGP8 supports all the ciphers we do.. */
    1390             : 
    1391        1602 :       return algo && !openpgp_cipher_test_algo ( algo );
    1392             :     }
    1393         657 :   else if( preftype == PREFTYPE_HASH )
    1394             :     {
    1395          28 :       if (hint && hint->digest_length)
    1396             :         {
    1397          24 :           if (hint->digest_length!=20 || opt.flags.dsa2)
    1398             :             {
    1399             :               /* If --enable-dsa2 is set or the hash isn't 160 bits
    1400             :                  (which implies DSA2), then we'll accept a hash that
    1401             :                  is larger than we need.  Otherwise we won't accept
    1402             :                  any hash that isn't exactly the right size. */
    1403           0 :               if (hint->digest_length > gcry_md_get_algo_dlen (algo))
    1404           0 :                 return 0;
    1405             :             }
    1406          24 :           else if (hint->digest_length != gcry_md_get_algo_dlen (algo))
    1407           0 :             return 0;
    1408             :         }
    1409             : 
    1410          28 :       if((PGP6 || PGP7) && (algo != DIGEST_ALGO_MD5
    1411           0 :                             && algo != DIGEST_ALGO_SHA1
    1412           0 :                             && algo != DIGEST_ALGO_RMD160))
    1413           0 :         return 0;
    1414             : 
    1415             : 
    1416          28 :       if(PGP8 && (algo != DIGEST_ALGO_MD5
    1417           0 :                   && algo != DIGEST_ALGO_SHA1
    1418           0 :                   && algo != DIGEST_ALGO_RMD160
    1419           0 :                   && algo != DIGEST_ALGO_SHA256))
    1420           0 :         return 0;
    1421             : 
    1422          28 :       return algo && !openpgp_md_test_algo (algo);
    1423             :     }
    1424         629 :   else if( preftype == PREFTYPE_ZIP )
    1425             :     {
    1426         629 :       if((PGP6 || PGP7) && (algo != COMPRESS_ALGO_NONE
    1427           0 :                             && algo != COMPRESS_ALGO_ZIP))
    1428           0 :         return 0;
    1429             : 
    1430             :       /* PGP8 supports all the compression algos we do */
    1431             : 
    1432         629 :       return !check_compress_algo( algo );
    1433             :     }
    1434             :   else
    1435           0 :     return 0;
    1436             : }
    1437             : 
    1438             : /****************
    1439             :  * Return -1 if we could not find an algorithm.
    1440             :  */
    1441             : int
    1442        1116 : select_algo_from_prefs(PK_LIST pk_list, int preftype,
    1443             :                        int request, const union pref_hint *hint)
    1444             : {
    1445             :   PK_LIST pkr;
    1446             :   u32 bits[8];
    1447             :   const prefitem_t *prefs;
    1448        1116 :   int result=-1,i;
    1449             :   u16 scores[256];
    1450             : 
    1451        1116 :   if( !pk_list )
    1452         202 :     return -1;
    1453             : 
    1454         914 :   memset(bits,0xFF,sizeof(bits));
    1455         914 :   memset(scores,0,sizeof(scores));
    1456             : 
    1457        1864 :   for( pkr = pk_list; pkr; pkr = pkr->next )
    1458             :     {
    1459             :       u32 mask[8];
    1460         950 :       int rank=1,implicit=-1;
    1461             : 
    1462         950 :       memset(mask,0,sizeof(mask));
    1463             : 
    1464         950 :       switch(preftype)
    1465             :         {
    1466             :         case PREFTYPE_SYM:
    1467             :           /* IDEA is implicitly there for v3 keys with v3 selfsigs if
    1468             :              --pgp2 mode is on.  This was a 2440 thing that was
    1469             :              dropped from 4880 but is still relevant to GPG's 1991
    1470             :              support.  All this doesn't mean IDEA is actually
    1471             :              available, of course. */
    1472         667 :           implicit=CIPHER_ALGO_3DES;
    1473             : 
    1474         667 :           break;
    1475             : 
    1476             :         case PREFTYPE_HASH:
    1477             :           /* While I am including this code for completeness, note
    1478             :              that currently --pgp2 mode locks the hash at MD5, so this
    1479             :              code will never even be called.  Even if the hash wasn't
    1480             :              locked at MD5, we don't support sign+encrypt in --pgp2
    1481             :              mode, and that's the only time PREFTYPE_HASH is used
    1482             :              anyway. -dms */
    1483             : 
    1484          28 :           implicit=DIGEST_ALGO_SHA1;
    1485             : 
    1486          28 :           break;
    1487             : 
    1488             :         case PREFTYPE_ZIP:
    1489             :           /* Uncompressed is always an option. */
    1490         255 :           implicit=COMPRESS_ALGO_NONE;
    1491             :         }
    1492             : 
    1493         950 :       if (pkr->pk->user_id) /* selected by user ID */
    1494         269 :         prefs = pkr->pk->user_id->prefs;
    1495             :       else
    1496         681 :         prefs = pkr->pk->prefs;
    1497             : 
    1498         950 :       if( prefs )
    1499             :         {
    1500        6373 :           for (i=0; prefs[i].type; i++ )
    1501             :             {
    1502        5423 :               if( prefs[i].type == preftype )
    1503             :                 {
    1504             :                   /* Make sure all scores don't add up past 0xFFFF
    1505             :                      (and roll around) */
    1506        2827 :                   if(rank+scores[prefs[i].value]<=0xFFFF)
    1507        2827 :                     scores[prefs[i].value]+=rank;
    1508             :                   else
    1509           0 :                     scores[prefs[i].value]=0xFFFF;
    1510             : 
    1511        2827 :                   mask[prefs[i].value/32] |= 1<<(prefs[i].value%32);
    1512             : 
    1513        2827 :                   rank++;
    1514             : 
    1515             :                   /* We saw the implicit algorithm, so we don't need
    1516             :                      tack it on the end ourselves. */
    1517        2827 :                   if(implicit==prefs[i].value)
    1518         672 :                     implicit=-1;
    1519             :                 }
    1520             :             }
    1521             :         }
    1522             : 
    1523         950 :       if(rank==1 && preftype==PREFTYPE_ZIP)
    1524             :         {
    1525             :           /* If the compression preferences are not present, they are
    1526             :              assumed to be ZIP, Uncompressed (RFC4880:13.3.1) */
    1527          98 :           scores[1]=1; /* ZIP is first choice */
    1528          98 :           scores[0]=2; /* Uncompressed is second choice */
    1529          98 :           mask[0]|=3;
    1530             :         }
    1531             : 
    1532             :       /* If the key didn't have the implicit algorithm listed
    1533             :          explicitly, add it here at the tail of the list. */
    1534         950 :       if(implicit>-1)
    1535             :         {
    1536         278 :           scores[implicit]+=rank;
    1537         278 :           mask[implicit/32] |= 1<<(implicit%32);
    1538             :         }
    1539             : 
    1540        8550 :       for(i=0;i<8;i++)
    1541        7600 :         bits[i]&=mask[i];
    1542             :     }
    1543             : 
    1544             :   /* We've now scored all of the algorithms, and the usable ones have
    1545             :      bits set.  Let's pick the winner. */
    1546             : 
    1547             :   /* The caller passed us a request.  Can we use it? */
    1548         978 :   if(request>-1 && (bits[request/32] & (1<<(request%32))) &&
    1549          64 :      algo_available(preftype,request,hint))
    1550          64 :     result=request;
    1551             : 
    1552         914 :   if(result==-1)
    1553             :     {
    1554             :       /* If we have personal prefs set, use them. */
    1555         850 :       prefs=NULL;
    1556         850 :       if(preftype==PREFTYPE_SYM && opt.personal_cipher_prefs)
    1557           0 :         prefs=opt.personal_cipher_prefs;
    1558         850 :       else if(preftype==PREFTYPE_HASH && opt.personal_digest_prefs)
    1559           0 :         prefs=opt.personal_digest_prefs;
    1560         850 :       else if(preftype==PREFTYPE_ZIP && opt.personal_compress_prefs)
    1561           0 :         prefs=opt.personal_compress_prefs;
    1562             : 
    1563         850 :       if( prefs )
    1564           0 :         for(i=0; prefs[i].type; i++ )
    1565             :           {
    1566           0 :             if(bits[prefs[i].value/32] & (1<<(prefs[i].value%32))
    1567           0 :                && algo_available( preftype, prefs[i].value, hint))
    1568             :               {
    1569           0 :                 result = prefs[i].value;
    1570           0 :                 break;
    1571             :               }
    1572             :           }
    1573             :     }
    1574             : 
    1575         914 :   if(result==-1)
    1576             :     {
    1577         850 :       unsigned int best=-1;
    1578             : 
    1579             :       /* At this point, we have not selected an algorithm due to a
    1580             :          special request or via personal prefs.  Pick the highest
    1581             :          ranked algorithm (i.e. the one with the lowest score). */
    1582             : 
    1583         850 :       if(preftype==PREFTYPE_HASH && scores[DIGEST_ALGO_MD5])
    1584             :         {
    1585             :           /* "If you are building an authentication system, the recipient
    1586             :              may specify a preferred signing algorithm. However, the
    1587             :              signer would be foolish to use a weak algorithm simply
    1588             :              because the recipient requests it." (RFC4880:14).  If any
    1589             :              other hash algorithm is available, pretend that MD5 isn't.
    1590             :              Note that if the user intentionally chose MD5 by putting it
    1591             :              in their personal prefs, then we do what the user said (as we
    1592             :              never reach this code). */
    1593             : 
    1594           0 :           for(i=DIGEST_ALGO_MD5+1;i<256;i++)
    1595           0 :             if(scores[i])
    1596             :               {
    1597           0 :                 scores[DIGEST_ALGO_MD5]=0;
    1598           0 :                 break;
    1599             :               }
    1600             :         }
    1601             : 
    1602      218450 :       for(i=0;i<256;i++)
    1603             :         {
    1604             :           /* Note the '<' here.  This means in case of a tie, we will
    1605             :              favor the lower algorithm number.  We have a choice
    1606             :              between the lower number (probably an older algorithm
    1607             :              with more time in use), or the higher number (probably a
    1608             :              newer algorithm with less time in use).  Older is
    1609             :              probably safer here, even though the newer algorithms
    1610             :              tend to be "stronger". */
    1611      217600 :           if(scores[i] && scores[i]<best
    1612        2280 :              && (bits[i/32] & (1<<(i%32)))
    1613        2195 :              && algo_available(preftype,i,hint))
    1614             :             {
    1615        2195 :               best=scores[i];
    1616        2195 :               result=i;
    1617             :             }
    1618             :         }
    1619             :     }
    1620             : 
    1621         914 :   return result;
    1622             : }
    1623             : 
    1624             : /*
    1625             :  * Select the MDC flag from the pk_list.  We can only use MDC if all
    1626             :  * recipients support this feature.
    1627             :  */
    1628             : int
    1629         280 : select_mdc_from_pklist (PK_LIST pk_list)
    1630             : {
    1631             :   PK_LIST pkr;
    1632             : 
    1633         280 :   if ( !pk_list )
    1634          33 :     return 0;
    1635             : 
    1636         399 :   for (pkr = pk_list; pkr; pkr = pkr->next)
    1637             :     {
    1638             :       int mdc;
    1639             : 
    1640         250 :       if (pkr->pk->user_id) /* selected by user ID */
    1641         125 :         mdc = pkr->pk->user_id->flags.mdc;
    1642             :       else
    1643         125 :         mdc = pkr->pk->flags.mdc;
    1644         250 :       if (!mdc)
    1645          98 :         return 0;  /* At least one recipient does not support it. */
    1646             :     }
    1647         149 :   return 1; /* Can be used. */
    1648             : }
    1649             : 
    1650             : 
    1651             : /* Print a warning for all keys in PK_LIST missing the MDC feature. */
    1652             : void
    1653           0 : warn_missing_mdc_from_pklist (PK_LIST pk_list)
    1654             : {
    1655             :   PK_LIST pkr;
    1656             : 
    1657           0 :   for (pkr = pk_list; pkr; pkr = pkr->next)
    1658             :     {
    1659             :       int mdc;
    1660             : 
    1661           0 :       if (pkr->pk->user_id) /* selected by user ID */
    1662           0 :         mdc = pkr->pk->user_id->flags.mdc;
    1663             :       else
    1664           0 :         mdc = pkr->pk->flags.mdc;
    1665           0 :       if (!mdc)
    1666           0 :         log_info (_("Note: key %s has no %s feature\n"),
    1667             :                   keystr_from_pk (pkr->pk), "MDC");
    1668             :     }
    1669           0 : }
    1670             : 
    1671             : void
    1672           0 : warn_missing_aes_from_pklist (PK_LIST pk_list)
    1673             : {
    1674             :   PK_LIST pkr;
    1675             : 
    1676           0 :   for (pkr = pk_list; pkr; pkr = pkr->next)
    1677             :     {
    1678             :       const prefitem_t *prefs;
    1679             :       int i;
    1680           0 :       int gotit = 0;
    1681             : 
    1682           0 :       prefs = pkr->pk->user_id? pkr->pk->user_id->prefs : pkr->pk->prefs;
    1683           0 :       if (prefs)
    1684             :         {
    1685           0 :           for (i=0; !gotit && prefs[i].type; i++ )
    1686           0 :             if (prefs[i].type == PREFTYPE_SYM
    1687           0 :                 && prefs[i].value == CIPHER_ALGO_AES)
    1688           0 :               gotit++;
    1689             :         }
    1690           0 :       if (!gotit)
    1691           0 :         log_info (_("Note: key %s has no preference for %s\n"),
    1692             :                   keystr_from_pk (pkr->pk), "AES");
    1693             :     }
    1694           0 : }

Generated by: LCOV version 1.11