LCOV - code coverage report
Current view: top level - g10 - delkey.c (source / functions) Hit Total Coverage
Test: coverage.info Lines: 49 120 40.8 %
Date: 2016-09-12 13:01:59 Functions: 2 2 100.0 %

          Line data    Source code
       1             : /* delkey.c - delete keys
       2             :  * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2004,
       3             :  *               2005, 2006 Free Software Foundation, Inc.
       4             :  * Copyright (C) 2014 Werner Koch
       5             :  *
       6             :  * This file is part of GnuPG.
       7             :  *
       8             :  * GnuPG is free software; you can redistribute it and/or modify
       9             :  * it under the terms of the GNU General Public License as published by
      10             :  * the Free Software Foundation; either version 3 of the License, or
      11             :  * (at your option) any later version.
      12             :  *
      13             :  * GnuPG is distributed in the hope that it will be useful,
      14             :  * but WITHOUT ANY WARRANTY; without even the implied warranty of
      15             :  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      16             :  * GNU General Public License for more details.
      17             :  *
      18             :  * You should have received a copy of the GNU General Public License
      19             :  * along with this program; if not, see <http://www.gnu.org/licenses/>.
      20             :  */
      21             : 
      22             : #include <config.h>
      23             : #include <stdio.h>
      24             : #include <stdlib.h>
      25             : #include <string.h>
      26             : #include <errno.h>
      27             : #include <ctype.h>
      28             : 
      29             : #include "gpg.h"
      30             : #include "options.h"
      31             : #include "packet.h"
      32             : #include "status.h"
      33             : #include "iobuf.h"
      34             : #include "keydb.h"
      35             : #include "util.h"
      36             : #include "main.h"
      37             : #include "trustdb.h"
      38             : #include "filter.h"
      39             : #include "ttyio.h"
      40             : #include "status.h"
      41             : #include "i18n.h"
      42             : #include "call-agent.h"
      43             : 
      44             : 
      45             : /****************
      46             :  * Delete a public or secret key from a keyring.
      47             :  * r_sec_avail will be set if a secret key is available and the public
      48             :  * key can't be deleted for that reason.
      49             :  */
      50             : static gpg_error_t
      51           8 : do_delete_key( const char *username, int secret, int force, int *r_sec_avail )
      52             : {
      53             :   gpg_error_t err;
      54           8 :   kbnode_t keyblock = NULL;
      55             :   kbnode_t node, kbctx;
      56             :   KEYDB_HANDLE hd;
      57           8 :   PKT_public_key *pk = NULL;
      58             :   u32 keyid[2];
      59           8 :   int okay=0;
      60             :   int yes;
      61             :   KEYDB_SEARCH_DESC desc;
      62             :   int exactmatch;
      63             : 
      64           8 :   *r_sec_avail = 0;
      65             : 
      66           8 :   hd = keydb_new ();
      67           8 :   if (!hd)
      68           0 :     return gpg_error_from_syserror ();
      69             : 
      70             :   /* Search the userid.  */
      71           8 :   err = classify_user_id (username, &desc, 1);
      72          16 :   exactmatch = (desc.mode == KEYDB_SEARCH_MODE_FPR
      73           8 :                 || desc.mode == KEYDB_SEARCH_MODE_FPR16
      74          16 :                 || desc.mode == KEYDB_SEARCH_MODE_FPR20);
      75           8 :   if (!err)
      76           8 :     err = keydb_search (hd, &desc, 1, NULL);
      77           8 :   if (err)
      78             :     {
      79           5 :       log_error (_("key \"%s\" not found: %s\n"), username, gpg_strerror (err));
      80           5 :       write_status_text (STATUS_DELETE_PROBLEM, "1");
      81           5 :       goto leave;
      82             :     }
      83             : 
      84             :   /* Read the keyblock.  */
      85           3 :   err = keydb_get_keyblock (hd, &keyblock);
      86           3 :   if (err)
      87             :     {
      88           0 :       log_error (_("error reading keyblock: %s\n"), gpg_strerror (err) );
      89           0 :       goto leave;
      90             :     }
      91             : 
      92             :   /* Get the keyid from the keyblock.  */
      93           3 :   node = find_kbnode( keyblock, PKT_PUBLIC_KEY );
      94           3 :   if (!node)
      95             :     {
      96           0 :       log_error ("Oops; key not found anymore!\n");
      97           0 :       err = gpg_error (GPG_ERR_GENERAL);
      98           0 :       goto leave;
      99             :     }
     100           3 :   pk = node->pkt->pkt.public_key;
     101           3 :   keyid_from_pk (pk, keyid);
     102             : 
     103           3 :   if (!secret && !force)
     104             :     {
     105           3 :       if (have_secret_key_with_kid (keyid))
     106             :         {
     107           0 :           *r_sec_avail = 1;
     108           0 :           err = gpg_error (GPG_ERR_EOF);
     109           0 :           goto leave;
     110             :         }
     111             :       else
     112           3 :         err = 0;
     113             :     }
     114             : 
     115           3 :   if (secret && !have_secret_key_with_kid (keyid))
     116             :     {
     117           0 :       err = gpg_error (GPG_ERR_NOT_FOUND);
     118           0 :       log_error (_("key \"%s\" not found\n"), username);
     119           0 :       write_status_text (STATUS_DELETE_PROBLEM, "1");
     120           0 :       goto leave;
     121             :     }
     122             : 
     123             : 
     124           3 :   if (opt.batch && exactmatch)
     125           0 :     okay++;
     126           3 :   else if (opt.batch && secret)
     127             :     {
     128           0 :       log_error(_("can't do this in batch mode\n"));
     129           0 :       log_info (_("(unless you specify the key by fingerprint)\n"));
     130             :     }
     131           3 :   else if (opt.batch && opt.answer_yes)
     132           3 :     okay++;
     133           0 :   else if (opt.batch)
     134             :     {
     135           0 :       log_error(_("can't do this in batch mode without \"--yes\"\n"));
     136           0 :       log_info (_("(unless you specify the key by fingerprint)\n"));
     137             :     }
     138             :   else
     139             :     {
     140           0 :       if (secret)
     141           0 :         print_seckey_info (pk);
     142             :       else
     143           0 :         print_pubkey_info (NULL, pk );
     144           0 :       tty_printf( "\n" );
     145             : 
     146           0 :       yes = cpr_get_answer_is_yes
     147             :         (secret? "delete_key.secret.okay": "delete_key.okay",
     148           0 :          _("Delete this key from the keyring? (y/N) "));
     149             : 
     150           0 :       if (!cpr_enabled() && secret && yes)
     151             :         {
     152             :           /* I think it is not required to check a passphrase; if the
     153             :            * user is so stupid as to let others access his secret
     154             :            * keyring (and has no backup) - it is up him to read some
     155             :            * very basic texts about security.  */
     156           0 :           yes = cpr_get_answer_is_yes
     157             :             ("delete_key.secret.okay",
     158           0 :              _("This is a secret key! - really delete? (y/N) "));
     159             :         }
     160             : 
     161           0 :       if (yes)
     162           0 :         okay++;
     163             :     }
     164             : 
     165             : 
     166           3 :   if (okay)
     167             :     {
     168           3 :       if (secret)
     169             :         {
     170             :           char *prompt;
     171           0 :           gpg_error_t firsterr = 0;
     172             :           char *hexgrip;
     173             : 
     174           0 :           setup_main_keyids (keyblock);
     175           0 :           for (kbctx=NULL; (node = walk_kbnode (keyblock, &kbctx, 0)); )
     176             :             {
     177           0 :               if (!(node->pkt->pkttype == PKT_PUBLIC_KEY
     178           0 :                     || node->pkt->pkttype == PKT_PUBLIC_SUBKEY))
     179           0 :                 continue;
     180             : 
     181           0 :               if (agent_probe_secret_key (NULL, node->pkt->pkt.public_key))
     182           0 :                 continue;  /* No secret key for that public (sub)key.  */
     183             : 
     184           0 :               prompt = gpg_format_keydesc (node->pkt->pkt.public_key,
     185             :                                            FORMAT_KEYDESC_DELKEY, 1);
     186           0 :               err = hexkeygrip_from_pk (node->pkt->pkt.public_key, &hexgrip);
     187             :               /* NB: We require --yes to advise the agent not to
     188             :                * request a confirmation.  The rationale for this extra
     189             :                * pre-caution is that since 2.1 the secret key may also
     190             :                * be used for other protocols and thus deleting it from
     191             :                * the gpg would also delete the key for other tools. */
     192           0 :               if (!err)
     193           0 :                 err = agent_delete_key (NULL, hexgrip, prompt,
     194             :                                         opt.answer_yes);
     195           0 :               xfree (prompt);
     196           0 :               xfree (hexgrip);
     197           0 :               if (err)
     198             :                 {
     199           0 :                   if (gpg_err_code (err) == GPG_ERR_KEY_ON_CARD)
     200           0 :                     write_status_text (STATUS_DELETE_PROBLEM, "1");
     201           0 :                   log_error (_("deleting secret %s failed: %s\n"),
     202           0 :                              (node->pkt->pkttype == PKT_PUBLIC_KEY
     203             :                               ? _("key"):_("subkey")),
     204             :                              gpg_strerror (err));
     205           0 :                   if (!firsterr)
     206           0 :                     firsterr = err;
     207           0 :                   if (gpg_err_code (err) == GPG_ERR_CANCELED
     208           0 :                       || gpg_err_code (err) == GPG_ERR_FULLY_CANCELED)
     209             :                     {
     210           0 :                       write_status_error ("delete_key.secret", err);
     211           0 :                       break;
     212             :                     }
     213             :                 }
     214             : 
     215             :             }
     216             : 
     217           0 :           err = firsterr;
     218           0 :           if (firsterr)
     219           0 :             goto leave;
     220             :         }
     221             :       else
     222             :         {
     223           3 :           err = keydb_delete_keyblock (hd);
     224           3 :           if (err)
     225             :             {
     226           0 :               log_error (_("deleting keyblock failed: %s\n"),
     227             :                          gpg_strerror (err));
     228           0 :               goto leave;
     229             :             }
     230             :         }
     231             : 
     232             :       /* Note that the ownertrust being cleared will trigger a
     233             :          revalidation_mark().  This makes sense - only deleting keys
     234             :          that have ownertrust set should trigger this. */
     235             : 
     236           3 :       if (!secret && pk && clear_ownertrusts (pk))
     237             :         {
     238           0 :           if (opt.verbose)
     239           0 :             log_info (_("ownertrust information cleared\n"));
     240             :         }
     241             :     }
     242             : 
     243             :  leave:
     244           8 :   keydb_release (hd);
     245           8 :   release_kbnode (keyblock);
     246           8 :   return err;
     247             : }
     248             : 
     249             : /****************
     250             :  * Delete a public or secret key from a keyring.
     251             :  */
     252             : gpg_error_t
     253           8 : delete_keys (strlist_t names, int secret, int allow_both)
     254             : {
     255             :   gpg_error_t err;
     256             :   int avail;
     257           8 :   int force = (!allow_both && !secret && opt.expert);
     258             : 
     259             :   /* Force allows us to delete a public key even if a secret key
     260             :      exists. */
     261             : 
     262          11 :   for ( ;names ; names=names->next )
     263             :     {
     264           8 :       err = do_delete_key (names->d, secret, force, &avail);
     265           8 :       if (err && avail)
     266             :         {
     267           0 :           if (allow_both)
     268             :             {
     269           0 :               err = do_delete_key (names->d, 1, 0, &avail);
     270           0 :               if (!err)
     271           0 :                 err = do_delete_key (names->d, 0, 0, &avail);
     272             :             }
     273             :           else
     274             :             {
     275           0 :               log_error (_("there is a secret key for public key \"%s\"!\n"),
     276           0 :                          names->d);
     277           0 :               log_info(_("use option \"--delete-secret-keys\" to delete"
     278             :                          " it first.\n"));
     279           0 :               write_status_text (STATUS_DELETE_PROBLEM, "2");
     280           0 :               return err;
     281             :             }
     282             :         }
     283             : 
     284           8 :       if (err)
     285             :         {
     286          10 :           log_error ("%s: delete key failed: %s\n",
     287           5 :                      names->d, gpg_strerror (err));
     288           5 :           return err;
     289             :         }
     290             :     }
     291             : 
     292           3 :   return 0;
     293             : }

Generated by: LCOV version 1.11