Line data Source code
1 : /* keylist.c - Print information about OpenPGP keys
2 : * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006,
3 : * 2008, 2010, 2012 Free Software Foundation, Inc.
4 : * Copyright (C) 2013, 2014 Werner Koch
5 : *
6 : * This file is part of GnuPG.
7 : *
8 : * GnuPG is free software; you can redistribute it and/or modify
9 : * it under the terms of the GNU General Public License as published by
10 : * the Free Software Foundation; either version 3 of the License, or
11 : * (at your option) any later version.
12 : *
13 : * GnuPG is distributed in the hope that it will be useful,
14 : * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 : * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 : * GNU General Public License for more details.
17 : *
18 : * You should have received a copy of the GNU General Public License
19 : * along with this program; if not, see <https://www.gnu.org/licenses/>.
20 : */
21 :
22 : #include <config.h>
23 : #include <stdio.h>
24 : #include <stdlib.h>
25 : #include <string.h>
26 : #include <errno.h>
27 : #ifdef HAVE_DOSISH_SYSTEM
28 : # include <fcntl.h> /* for setmode() */
29 : #endif
30 :
31 : #include "gpg.h"
32 : #include "options.h"
33 : #include "packet.h"
34 : #include "status.h"
35 : #include "keydb.h"
36 : #include "photoid.h"
37 : #include "util.h"
38 : #include "ttyio.h"
39 : #include "trustdb.h"
40 : #include "main.h"
41 : #include "i18n.h"
42 : #include "status.h"
43 : #include "call-agent.h"
44 : #include "mbox-util.h"
45 : #include "zb32.h"
46 : #include "tofu.h"
47 :
48 :
49 : static void list_all (ctrl_t, int, int);
50 : static void list_one (ctrl_t ctrl,
51 : strlist_t names, int secret, int mark_secret);
52 : static void locate_one (ctrl_t ctrl, strlist_t names);
53 : static void print_card_serialno (const char *serialno);
54 :
55 : struct keylist_context
56 : {
57 : int check_sigs; /* If set signatures shall be verified. */
58 : int good_sigs; /* Counter used if CHECK_SIGS is set. */
59 : int inv_sigs; /* Counter used if CHECK_SIGS is set. */
60 : int no_key; /* Counter used if CHECK_SIGS is set. */
61 : int oth_err; /* Counter used if CHECK_SIGS is set. */
62 : int no_validity; /* Do not show validity. */
63 : };
64 :
65 :
66 : static void list_keyblock (ctrl_t ctrl,
67 : kbnode_t keyblock, int secret, int has_secret,
68 : int fpr, struct keylist_context *listctx);
69 :
70 :
71 : /* The stream used to write attribute packets to. */
72 : static estream_t attrib_fp;
73 :
74 :
75 : /* Release resources from a keylist context. */
76 : static void
77 117 : keylist_context_release (struct keylist_context *listctx)
78 : {
79 : (void)listctx; /* Nothing to release. */
80 117 : }
81 :
82 :
83 : /* List the keys. If list is NULL, all available keys are listed.
84 : With LOCATE_MODE set the locate algorithm is used to find a
85 : key. */
86 : void
87 99 : public_key_list (ctrl_t ctrl, strlist_t list, int locate_mode)
88 : {
89 : #ifndef NO_TRUST_MODELS
90 99 : if (opt.with_colons)
91 : {
92 : byte trust_model, marginals, completes, cert_depth, min_cert_level;
93 : ulong created, nextcheck;
94 :
95 95 : read_trust_options (&trust_model, &created, &nextcheck,
96 : &marginals, &completes, &cert_depth, &min_cert_level);
97 :
98 95 : es_fprintf (es_stdout, "tru:");
99 :
100 95 : if (nextcheck && nextcheck <= make_timestamp ())
101 18 : es_fprintf (es_stdout, "o");
102 95 : if (trust_model != opt.trust_model)
103 93 : es_fprintf (es_stdout, "t");
104 95 : if (opt.trust_model == TM_PGP || opt.trust_model == TM_CLASSIC
105 93 : || opt.trust_model == TM_TOFU_PGP)
106 : {
107 2 : if (marginals != opt.marginals_needed)
108 0 : es_fprintf (es_stdout, "m");
109 2 : if (completes != opt.completes_needed)
110 0 : es_fprintf (es_stdout, "c");
111 2 : if (cert_depth != opt.max_cert_depth)
112 0 : es_fprintf (es_stdout, "d");
113 2 : if (min_cert_level != opt.min_cert_level)
114 0 : es_fprintf (es_stdout, "l");
115 : }
116 :
117 95 : es_fprintf (es_stdout, ":%d:%lu:%lu", trust_model, created, nextcheck);
118 :
119 : /* Only show marginals, completes, and cert_depth in the classic
120 : or PGP trust models since they are not meaningful
121 : otherwise. */
122 :
123 95 : if (trust_model == TM_PGP || trust_model == TM_CLASSIC)
124 95 : es_fprintf (es_stdout, ":%d:%d:%d", marginals, completes, cert_depth);
125 95 : es_fprintf (es_stdout, "\n");
126 : }
127 : #endif /*!NO_TRUST_MODELS*/
128 :
129 : /* We need to do the stale check right here because it might need to
130 : update the keyring while we already have the keyring open. This
131 : is very bad for W32 because of a sharing violation. For real OSes
132 : it might lead to false results if we are later listing a keyring
133 : which is associated with the inode of a deleted file. */
134 99 : check_trustdb_stale (ctrl);
135 :
136 : #ifdef USE_TOFU
137 99 : tofu_begin_batch_update (ctrl);
138 : #endif
139 :
140 99 : if (locate_mode)
141 31 : locate_one (ctrl, list);
142 68 : else if (!list)
143 0 : list_all (ctrl, 0, opt.with_secret);
144 : else
145 68 : list_one (ctrl, list, 0, opt.with_secret);
146 :
147 : #ifdef USE_TOFU
148 99 : tofu_end_batch_update (ctrl);
149 : #endif
150 99 : }
151 :
152 :
153 : void
154 18 : secret_key_list (ctrl_t ctrl, strlist_t list)
155 : {
156 : (void)ctrl;
157 :
158 18 : check_trustdb_stale (ctrl);
159 :
160 18 : if (!list)
161 3 : list_all (ctrl, 1, 0);
162 : else /* List by user id */
163 15 : list_one (ctrl, list, 1, 0);
164 18 : }
165 :
166 : char *
167 0 : format_seckey_info (PKT_public_key *pk)
168 : {
169 : u32 keyid[2];
170 : char *p;
171 : char pkstrbuf[PUBKEY_STRING_SIZE];
172 : char *info;
173 :
174 0 : keyid_from_pk (pk, keyid);
175 0 : p = get_user_id_native (keyid);
176 :
177 0 : info = xtryasprintf ("sec %s/%s %s %s",
178 : pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
179 : keystr (keyid), datestr_from_pk (pk), p);
180 :
181 0 : xfree (p);
182 :
183 0 : return info;
184 : }
185 :
186 : void
187 0 : print_seckey_info (PKT_public_key *pk)
188 : {
189 0 : char *p = format_seckey_info (pk);
190 0 : tty_printf ("\n%s\n", p);
191 0 : xfree (p);
192 0 : }
193 :
194 : /* Print information about the public key. With FP passed as NULL,
195 : the tty output interface is used, otherwise output is directted to
196 : the given stream. */
197 : void
198 0 : print_pubkey_info (estream_t fp, PKT_public_key *pk)
199 : {
200 : u32 keyid[2];
201 : char *p;
202 : char pkstrbuf[PUBKEY_STRING_SIZE];
203 :
204 0 : keyid_from_pk (pk, keyid);
205 :
206 : /* If the pk was chosen by a particular user ID, that is the one to
207 : print. */
208 0 : if (pk->user_id)
209 0 : p = utf8_to_native (pk->user_id->name, pk->user_id->len, 0);
210 : else
211 0 : p = get_user_id_native (keyid);
212 :
213 0 : if (fp)
214 0 : tty_printf ("\n");
215 0 : tty_fprintf (fp, "%s %s/%s %s %s\n",
216 0 : pk->flags.primary? "pub":"sub",
217 : pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
218 : keystr (keyid), datestr_from_pk (pk), p);
219 0 : xfree (p);
220 0 : }
221 :
222 :
223 : /* Print basic information of a secret key including the card serial
224 : number information. */
225 : #ifdef ENABLE_CARD_SUPPORT
226 : void
227 0 : print_card_key_info (estream_t fp, kbnode_t keyblock)
228 : {
229 : kbnode_t node;
230 : char *hexgrip;
231 : char *serialno;
232 : int s2k_char;
233 : char pkstrbuf[PUBKEY_STRING_SIZE];
234 : int indent;
235 :
236 0 : for (node = keyblock; node; node = node->next)
237 : {
238 0 : if (node->pkt->pkttype == PKT_PUBLIC_KEY
239 0 : || node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
240 : {
241 : int rc;
242 0 : PKT_public_key *pk = node->pkt->pkt.public_key;
243 :
244 0 : serialno = NULL;
245 0 : rc = hexkeygrip_from_pk (pk, &hexgrip);
246 0 : if (rc)
247 : {
248 0 : log_error ("error computing a keygrip: %s\n", gpg_strerror (rc));
249 0 : s2k_char = '?';
250 : }
251 0 : else if (!agent_get_keyinfo (NULL, hexgrip, &serialno, NULL))
252 0 : s2k_char = serialno? '>':' ';
253 : else
254 0 : s2k_char = '#'; /* Key not found. */
255 :
256 0 : tty_fprintf (fp, "%s%c %s/%s %n",
257 0 : node->pkt->pkttype == PKT_PUBLIC_KEY ? "sec" : "ssb",
258 : s2k_char,
259 : pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
260 : keystr_from_pk (pk),
261 : &indent);
262 0 : tty_fprintf (fp, _("created: %s"), datestr_from_pk (pk));
263 0 : tty_fprintf (fp, " ");
264 0 : tty_fprintf (fp, _("expires: %s"), expirestr_from_pk (pk));
265 0 : if (serialno)
266 : {
267 0 : tty_fprintf (fp, "\n%*s%s", indent, "", _("card-no: "));
268 0 : if (strlen (serialno) == 32
269 0 : && !strncmp (serialno, "D27600012401", 12))
270 : {
271 : /* This is an OpenPGP card. Print the relevant part. */
272 : /* Example: D2760001240101010001000003470000 */
273 : /* xxxxyyyyyyyy */
274 0 : tty_fprintf (fp, "%.*s %.*s", 4, serialno+16, 8, serialno+20);
275 : }
276 : else
277 0 : tty_fprintf (fp, "%s", serialno);
278 : }
279 0 : tty_fprintf (fp, "\n");
280 0 : xfree (hexgrip);
281 0 : xfree (serialno);
282 : }
283 : }
284 0 : }
285 : #endif /*ENABLE_CARD_SUPPORT*/
286 :
287 :
288 : /* Flags = 0x01 hashed 0x02 critical. */
289 : static void
290 0 : status_one_subpacket (sigsubpkttype_t type, size_t len, int flags,
291 : const byte * buf)
292 : {
293 : char status[40];
294 :
295 : /* Don't print these. */
296 0 : if (len > 256)
297 0 : return;
298 :
299 0 : snprintf (status, sizeof status,
300 : "%d %u %u ", type, flags, (unsigned int) len);
301 :
302 0 : write_status_text_and_buffer (STATUS_SIG_SUBPACKET, status, buf, len, 0);
303 : }
304 :
305 :
306 : /* Print a policy URL. Allowed values for MODE are:
307 : * 0 - print to stdout.
308 : * 1 - use log_info and emit status messages.
309 : * 2 - emit only status messages.
310 : */
311 : void
312 183 : show_policy_url (PKT_signature * sig, int indent, int mode)
313 : {
314 : const byte *p;
315 : size_t len;
316 183 : int seq = 0, crit;
317 183 : estream_t fp = mode ? log_get_stream () : es_stdout;
318 :
319 366 : while ((p =
320 183 : enum_sig_subpkt (sig->hashed, SIGSUBPKT_POLICY, &len, &seq, &crit)))
321 : {
322 0 : if (mode != 2)
323 : {
324 : int i;
325 : const char *str;
326 :
327 0 : for (i = 0; i < indent; i++)
328 0 : es_putc (' ', fp);
329 :
330 0 : if (crit)
331 0 : str = _("Critical signature policy: ");
332 : else
333 0 : str = _("Signature policy: ");
334 0 : if (mode)
335 0 : log_info ("%s", str);
336 : else
337 0 : es_fprintf (fp, "%s", str);
338 0 : print_utf8_buffer (fp, p, len);
339 0 : es_fprintf (fp, "\n");
340 : }
341 :
342 0 : if (mode)
343 0 : write_status_buffer (STATUS_POLICY_URL, p, len, 0);
344 : }
345 183 : }
346 :
347 :
348 : /*
349 : mode=0 for stdout.
350 : mode=1 for log_info + status messages
351 : mode=2 for status messages only
352 : */
353 : /* TODO: use this */
354 : void
355 183 : show_keyserver_url (PKT_signature * sig, int indent, int mode)
356 : {
357 : const byte *p;
358 : size_t len;
359 183 : int seq = 0, crit;
360 183 : estream_t fp = mode ? log_get_stream () : es_stdout;
361 :
362 366 : while ((p =
363 183 : enum_sig_subpkt (sig->hashed, SIGSUBPKT_PREF_KS, &len, &seq,
364 : &crit)))
365 : {
366 0 : if (mode != 2)
367 : {
368 : int i;
369 : const char *str;
370 :
371 0 : for (i = 0; i < indent; i++)
372 0 : es_putc (' ', es_stdout);
373 :
374 0 : if (crit)
375 0 : str = _("Critical preferred keyserver: ");
376 : else
377 0 : str = _("Preferred keyserver: ");
378 0 : if (mode)
379 0 : log_info ("%s", str);
380 : else
381 0 : es_fprintf (es_stdout, "%s", str);
382 0 : print_utf8_buffer (fp, p, len);
383 0 : es_fprintf (fp, "\n");
384 : }
385 :
386 0 : if (mode)
387 0 : status_one_subpacket (SIGSUBPKT_PREF_KS, len,
388 0 : (crit ? 0x02 : 0) | 0x01, p);
389 : }
390 183 : }
391 :
392 : /*
393 : mode=0 for stdout.
394 : mode=1 for log_info + status messages
395 : mode=2 for status messages only
396 :
397 : Defined bits in WHICH:
398 : 1 == standard notations
399 : 2 == user notations
400 : */
401 : void
402 183 : show_notation (PKT_signature * sig, int indent, int mode, int which)
403 : {
404 183 : estream_t fp = mode ? log_get_stream () : es_stdout;
405 : notation_t nd, notations;
406 :
407 183 : if (which == 0)
408 0 : which = 3;
409 :
410 183 : notations = sig_to_notation (sig);
411 :
412 : /* There may be multiple notations in the same sig. */
413 183 : for (nd = notations; nd; nd = nd->next)
414 : {
415 0 : if (mode != 2)
416 : {
417 0 : int has_at = !!strchr (nd->name, '@');
418 :
419 0 : if ((which & 1 && !has_at) || (which & 2 && has_at))
420 : {
421 : int i;
422 : const char *str;
423 :
424 0 : for (i = 0; i < indent; i++)
425 0 : es_putc (' ', es_stdout);
426 :
427 0 : if (nd->flags.critical)
428 0 : str = _("Critical signature notation: ");
429 : else
430 0 : str = _("Signature notation: ");
431 0 : if (mode)
432 0 : log_info ("%s", str);
433 : else
434 0 : es_fprintf (es_stdout, "%s", str);
435 : /* This is all UTF8 */
436 0 : print_utf8_buffer (fp, nd->name, strlen (nd->name));
437 0 : es_fprintf (fp, "=");
438 0 : print_utf8_buffer (fp, nd->value, strlen (nd->value));
439 : /* (We need to use log_printf so that the next call to a
440 : log function does not insert an extra LF.) */
441 0 : if (mode)
442 0 : log_printf ("\n");
443 : else
444 0 : es_putc ('\n', fp);
445 : }
446 : }
447 :
448 0 : if (mode)
449 : {
450 0 : write_status_buffer (STATUS_NOTATION_NAME,
451 0 : nd->name, strlen (nd->name), 0);
452 0 : if (nd->flags.critical || nd->flags.human)
453 0 : write_status_text (STATUS_NOTATION_FLAGS,
454 0 : nd->flags.critical && nd->flags.human? "1 1" :
455 0 : nd->flags.critical? "1 0" : "0 1");
456 0 : write_status_buffer (STATUS_NOTATION_DATA,
457 0 : nd->value, strlen (nd->value), 50);
458 : }
459 : }
460 :
461 183 : free_notation (notations);
462 183 : }
463 :
464 :
465 : static void
466 0 : print_signature_stats (struct keylist_context *s)
467 : {
468 0 : if (!s->check_sigs)
469 0 : return; /* Signature checking was not requested. */
470 :
471 0 : if (s->good_sigs)
472 0 : log_info (ngettext("%d good signature\n",
473 0 : "%d good signatures\n", s->good_sigs), s->good_sigs);
474 :
475 0 : if (s->inv_sigs)
476 0 : log_info (ngettext("%d bad signature\n",
477 0 : "%d bad signatures\n", s->inv_sigs), s->inv_sigs);
478 :
479 0 : if (s->no_key)
480 0 : log_info (ngettext("%d signature not checked due to a missing key\n",
481 : "%d signatures not checked due to missing keys\n",
482 0 : s->no_key), s->no_key);
483 :
484 0 : if (s->oth_err)
485 0 : log_info (ngettext("%d signature not checked due to an error\n",
486 : "%d signatures not checked due to errors\n",
487 0 : s->oth_err), s->oth_err);
488 : }
489 :
490 :
491 : /* List all keys. If SECRET is true only secret keys are listed. If
492 : MARK_SECRET is true secret keys are indicated in a public key
493 : listing. */
494 : static void
495 3 : list_all (ctrl_t ctrl, int secret, int mark_secret)
496 : {
497 : KEYDB_HANDLE hd;
498 3 : KBNODE keyblock = NULL;
499 3 : int rc = 0;
500 : int any_secret;
501 : const char *lastresname, *resname;
502 : struct keylist_context listctx;
503 :
504 3 : memset (&listctx, 0, sizeof (listctx));
505 3 : if (opt.check_sigs)
506 0 : listctx.check_sigs = 1;
507 :
508 3 : hd = keydb_new ();
509 3 : if (!hd)
510 0 : rc = gpg_error_from_syserror ();
511 : else
512 3 : rc = keydb_search_first (hd);
513 3 : if (rc)
514 : {
515 0 : if (gpg_err_code (rc) != GPG_ERR_NOT_FOUND)
516 0 : log_error ("keydb_search_first failed: %s\n", gpg_strerror (rc));
517 0 : goto leave;
518 : }
519 :
520 3 : lastresname = NULL;
521 : do
522 : {
523 9 : rc = keydb_get_keyblock (hd, &keyblock);
524 9 : if (rc)
525 : {
526 0 : if (gpg_err_code (rc) == GPG_ERR_LEGACY_KEY)
527 0 : continue; /* Skip legacy keys. */
528 0 : log_error ("keydb_get_keyblock failed: %s\n", gpg_strerror (rc));
529 0 : goto leave;
530 : }
531 :
532 9 : if (secret || mark_secret)
533 9 : any_secret = !agent_probe_any_secret_key (NULL, keyblock);
534 : else
535 0 : any_secret = 0;
536 :
537 9 : if (secret && !any_secret)
538 : ; /* Secret key listing requested but this isn't one. */
539 : else
540 : {
541 9 : if (!opt.with_colons)
542 : {
543 9 : resname = keydb_get_resource_name (hd);
544 9 : if (lastresname != resname)
545 : {
546 : int i;
547 :
548 3 : es_fprintf (es_stdout, "%s\n", resname);
549 180 : for (i = strlen (resname); i; i--)
550 177 : es_putc ('-', es_stdout);
551 3 : es_putc ('\n', es_stdout);
552 3 : lastresname = resname;
553 : }
554 : }
555 9 : merge_keys_and_selfsig (keyblock);
556 9 : list_keyblock (ctrl, keyblock, secret, any_secret, opt.fingerprint,
557 : &listctx);
558 : }
559 9 : release_kbnode (keyblock);
560 9 : keyblock = NULL;
561 : }
562 9 : while (!(rc = keydb_search_next (hd)));
563 3 : es_fflush (es_stdout);
564 3 : if (rc && gpg_err_code (rc) != GPG_ERR_NOT_FOUND)
565 0 : log_error ("keydb_search_next failed: %s\n", gpg_strerror (rc));
566 3 : if (keydb_get_skipped_counter (hd))
567 0 : log_info (ngettext("Warning: %lu key skipped due to its large size\n",
568 : "Warning: %lu keys skipped due to their large sizes\n",
569 : keydb_get_skipped_counter (hd)),
570 : keydb_get_skipped_counter (hd));
571 :
572 3 : if (opt.check_sigs && !opt.with_colons)
573 0 : print_signature_stats (&listctx);
574 :
575 : leave:
576 3 : keylist_context_release (&listctx);
577 3 : release_kbnode (keyblock);
578 3 : keydb_release (hd);
579 3 : }
580 :
581 :
582 : static void
583 83 : list_one (ctrl_t ctrl, strlist_t names, int secret, int mark_secret)
584 : {
585 83 : int rc = 0;
586 83 : KBNODE keyblock = NULL;
587 : GETKEY_CTX ctx;
588 : const char *resname;
589 83 : const char *keyring_str = _("Keyring");
590 : int i;
591 : struct keylist_context listctx;
592 :
593 83 : memset (&listctx, 0, sizeof (listctx));
594 83 : if (!secret && opt.check_sigs)
595 0 : listctx.check_sigs = 1;
596 :
597 : /* fixme: using the bynames function has the disadvantage that we
598 : * don't know wether one of the names given was not found. OTOH,
599 : * this function has the advantage to list the names in the
600 : * sequence as defined by the keyDB and does not duplicate
601 : * outputs. A solution could be do test whether all given have
602 : * been listed (this needs a way to use the keyDB search
603 : * functions) or to have the search function return indicators for
604 : * found names. Yet another way is to use the keydb search
605 : * facilities directly. */
606 83 : rc = getkey_bynames (&ctx, NULL, names, secret, &keyblock);
607 83 : if (rc)
608 : {
609 0 : log_error ("error reading key: %s\n", gpg_strerror (rc));
610 0 : getkey_end (ctx);
611 83 : return;
612 : }
613 :
614 : do
615 : {
616 84 : if ((opt.list_options & LIST_SHOW_KEYRING) && !opt.with_colons)
617 : {
618 0 : resname = keydb_get_resource_name (get_ctx_handle (ctx));
619 0 : es_fprintf (es_stdout, "%s: %s\n", keyring_str, resname);
620 0 : for (i = strlen (resname) + strlen (keyring_str) + 2; i; i--)
621 0 : es_putc ('-', es_stdout);
622 0 : es_putc ('\n', es_stdout);
623 : }
624 84 : list_keyblock (ctrl,
625 : keyblock, secret, mark_secret, opt.fingerprint, &listctx);
626 84 : release_kbnode (keyblock);
627 : }
628 84 : while (!getkey_next (ctx, NULL, &keyblock));
629 83 : getkey_end (ctx);
630 :
631 83 : if (opt.check_sigs && !opt.with_colons)
632 0 : print_signature_stats (&listctx);
633 :
634 83 : keylist_context_release (&listctx);
635 : }
636 :
637 :
638 : static void
639 31 : locate_one (ctrl_t ctrl, strlist_t names)
640 : {
641 31 : int rc = 0;
642 : strlist_t sl;
643 31 : GETKEY_CTX ctx = NULL;
644 31 : KBNODE keyblock = NULL;
645 : struct keylist_context listctx;
646 :
647 31 : memset (&listctx, 0, sizeof (listctx));
648 31 : if (opt.check_sigs)
649 0 : listctx.check_sigs = 1;
650 :
651 62 : for (sl = names; sl; sl = sl->next)
652 : {
653 31 : rc = get_best_pubkey_byname (ctrl, &ctx, NULL, sl->d, &keyblock, 1, 0);
654 31 : if (rc)
655 : {
656 0 : if (gpg_err_code (rc) != GPG_ERR_NO_PUBKEY)
657 0 : log_error ("error reading key: %s\n", gpg_strerror (rc));
658 0 : else if (opt.verbose)
659 0 : log_info (_("key \"%s\" not found: %s\n"),
660 0 : sl->d, gpg_strerror (rc));
661 : }
662 : else
663 : {
664 : do
665 : {
666 31 : list_keyblock (ctrl, keyblock, 0, 0, opt.fingerprint, &listctx);
667 31 : release_kbnode (keyblock);
668 : }
669 31 : while (ctx && !getkey_next (ctx, NULL, &keyblock));
670 31 : getkey_end (ctx);
671 31 : ctx = NULL;
672 : }
673 : }
674 :
675 31 : if (opt.check_sigs && !opt.with_colons)
676 0 : print_signature_stats (&listctx);
677 :
678 31 : keylist_context_release (&listctx);
679 31 : }
680 :
681 :
682 : static void
683 0 : print_key_data (PKT_public_key * pk)
684 : {
685 0 : int n = pk ? pubkey_get_npkey (pk->pubkey_algo) : 0;
686 : int i;
687 :
688 0 : for (i = 0; i < n; i++)
689 : {
690 0 : es_fprintf (es_stdout, "pkd:%d:%u:", i, mpi_get_nbits (pk->pkey[i]));
691 0 : mpi_print (es_stdout, pk->pkey[i], 1);
692 0 : es_putc (':', es_stdout);
693 0 : es_putc ('\n', es_stdout);
694 : }
695 0 : }
696 :
697 : static void
698 212 : print_capabilities (PKT_public_key *pk, KBNODE keyblock)
699 : {
700 212 : unsigned int use = pk->pubkey_usage;
701 212 : int c_printed = 0;
702 :
703 212 : if (use & PUBKEY_USAGE_ENC)
704 112 : es_putc ('e', es_stdout);
705 :
706 212 : if (use & PUBKEY_USAGE_SIG)
707 : {
708 100 : es_putc ('s', es_stdout);
709 100 : if (pk->flags.primary)
710 : {
711 100 : es_putc ('c', es_stdout);
712 : /* The PUBKEY_USAGE_CERT flag was introduced later and we
713 : used to always print 'c' for a primary key. To avoid any
714 : regression here we better track whether we printed 'c'
715 : already. */
716 100 : c_printed = 1;
717 : }
718 : }
719 :
720 212 : if ((use & PUBKEY_USAGE_CERT) && !c_printed)
721 0 : es_putc ('c', es_stdout);
722 :
723 212 : if ((use & PUBKEY_USAGE_AUTH))
724 0 : es_putc ('a', es_stdout);
725 :
726 212 : if ((use & PUBKEY_USAGE_UNKNOWN))
727 0 : es_putc ('?', es_stdout);
728 :
729 212 : if (keyblock)
730 : {
731 : /* Figure out the usable capabilities. */
732 : KBNODE k;
733 100 : int enc = 0, sign = 0, cert = 0, auth = 0, disabled = 0;
734 :
735 658 : for (k = keyblock; k; k = k->next)
736 : {
737 558 : if (k->pkt->pkttype == PKT_PUBLIC_KEY
738 458 : || k->pkt->pkttype == PKT_PUBLIC_SUBKEY)
739 : {
740 212 : pk = k->pkt->pkt.public_key;
741 :
742 212 : if (pk->flags.primary)
743 100 : disabled = pk_is_disabled (pk);
744 :
745 212 : if (pk->flags.valid && !pk->flags.revoked && !pk->has_expired)
746 : {
747 207 : if (pk->pubkey_usage & PUBKEY_USAGE_ENC)
748 110 : enc = 1;
749 207 : if (pk->pubkey_usage & PUBKEY_USAGE_SIG)
750 : {
751 97 : sign = 1;
752 97 : if (pk->flags.primary)
753 97 : cert = 1;
754 : }
755 207 : if (pk->pubkey_usage & PUBKEY_USAGE_CERT)
756 97 : cert = 1;
757 207 : if ((pk->pubkey_usage & PUBKEY_USAGE_AUTH))
758 0 : auth = 1;
759 : }
760 : }
761 : }
762 100 : if (enc)
763 94 : es_putc ('E', es_stdout);
764 100 : if (sign)
765 97 : es_putc ('S', es_stdout);
766 100 : if (cert)
767 97 : es_putc ('C', es_stdout);
768 100 : if (auth)
769 0 : es_putc ('A', es_stdout);
770 100 : if (disabled)
771 0 : es_putc ('D', es_stdout);
772 : }
773 :
774 212 : es_putc (':', es_stdout);
775 212 : }
776 :
777 :
778 : /* FLAGS: 0x01 hashed
779 : 0x02 critical */
780 : static void
781 0 : print_one_subpacket (sigsubpkttype_t type, size_t len, int flags,
782 : const byte * buf)
783 : {
784 : size_t i;
785 :
786 0 : es_fprintf (es_stdout, "spk:%d:%u:%u:", type, flags, (unsigned int) len);
787 :
788 0 : for (i = 0; i < len; i++)
789 : {
790 : /* printable ascii other than : and % */
791 0 : if (buf[i] >= 32 && buf[i] <= 126 && buf[i] != ':' && buf[i] != '%')
792 0 : es_fprintf (es_stdout, "%c", buf[i]);
793 : else
794 0 : es_fprintf (es_stdout, "%%%02X", buf[i]);
795 : }
796 :
797 0 : es_fprintf (es_stdout, "\n");
798 0 : }
799 :
800 :
801 : void
802 0 : print_subpackets_colon (PKT_signature * sig)
803 : {
804 : byte *i;
805 :
806 0 : log_assert (opt.show_subpackets);
807 :
808 0 : for (i = opt.show_subpackets; *i; i++)
809 : {
810 : const byte *p;
811 : size_t len;
812 : int seq, crit;
813 :
814 0 : seq = 0;
815 :
816 0 : while ((p = enum_sig_subpkt (sig->hashed, *i, &len, &seq, &crit)))
817 0 : print_one_subpacket (*i, len, 0x01 | (crit ? 0x02 : 0), p);
818 :
819 0 : seq = 0;
820 :
821 0 : while ((p = enum_sig_subpkt (sig->unhashed, *i, &len, &seq, &crit)))
822 0 : print_one_subpacket (*i, len, 0x00 | (crit ? 0x02 : 0), p);
823 : }
824 0 : }
825 :
826 :
827 : void
828 0 : dump_attribs (const PKT_user_id *uid, PKT_public_key *pk)
829 : {
830 : int i;
831 :
832 0 : if (!attrib_fp)
833 0 : return;
834 :
835 0 : for (i = 0; i < uid->numattribs; i++)
836 : {
837 0 : if (is_status_enabled ())
838 : {
839 : byte array[MAX_FINGERPRINT_LEN], *p;
840 : char buf[(MAX_FINGERPRINT_LEN * 2) + 90];
841 : size_t j, n;
842 :
843 0 : if (!pk)
844 0 : BUG ();
845 0 : fingerprint_from_pk (pk, array, &n);
846 :
847 0 : p = array;
848 0 : for (j = 0; j < n; j++, p++)
849 0 : sprintf (buf + 2 * j, "%02X", *p);
850 :
851 0 : sprintf (buf + strlen (buf), " %lu %u %u %u %lu %lu %u",
852 0 : (ulong) uid->attribs[i].len, uid->attribs[i].type, i + 1,
853 0 : uid->numattribs, (ulong) uid->created,
854 0 : (ulong) uid->expiredate,
855 0 : ((uid->is_primary ? 0x01 : 0) | (uid->
856 0 : is_revoked ? 0x02 : 0) |
857 0 : (uid->is_expired ? 0x04 : 0)));
858 0 : write_status_text (STATUS_ATTRIBUTE, buf);
859 : }
860 :
861 0 : es_fwrite (uid->attribs[i].data, uid->attribs[i].len, 1, attrib_fp);
862 0 : es_fflush (attrib_fp);
863 : }
864 : }
865 :
866 :
867 : static void
868 24 : list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr,
869 : struct keylist_context *listctx)
870 : {
871 : int rc;
872 : KBNODE kbctx;
873 : KBNODE node;
874 : PKT_public_key *pk;
875 24 : int skip_sigs = 0;
876 24 : char *hexgrip = NULL;
877 24 : char *serialno = NULL;
878 :
879 : /* Get the keyid from the keyblock. */
880 24 : node = find_kbnode (keyblock, PKT_PUBLIC_KEY);
881 24 : if (!node)
882 : {
883 0 : log_error ("Oops; key lost!\n");
884 0 : dump_kbnode (keyblock);
885 24 : return;
886 : }
887 :
888 24 : pk = node->pkt->pkt.public_key;
889 :
890 24 : if (secret || opt.with_keygrip)
891 : {
892 20 : rc = hexkeygrip_from_pk (pk, &hexgrip);
893 20 : if (rc)
894 0 : log_error ("error computing a keygrip: %s\n", gpg_strerror (rc));
895 : }
896 :
897 24 : if (secret)
898 : {
899 : /* Encode some info about the secret key in SECRET. */
900 20 : if (!agent_get_keyinfo (NULL, hexgrip, &serialno, NULL))
901 20 : secret = serialno? 3 : 1;
902 : else
903 0 : secret = 2; /* Key not found. */
904 : }
905 :
906 24 : if (!listctx->no_validity)
907 24 : check_trustdb_stale (ctrl);
908 :
909 : /* Print the "pub" line and in KF_NONE mode the fingerprint. */
910 24 : print_key_line (es_stdout, pk, secret);
911 :
912 24 : if (fpr)
913 0 : print_fingerprint (NULL, pk, 0);
914 :
915 24 : if (opt.with_keygrip && hexgrip)
916 0 : es_fprintf (es_stdout, " Keygrip = %s\n", hexgrip);
917 :
918 24 : if (serialno)
919 0 : print_card_serialno (serialno);
920 :
921 24 : if (opt.with_key_data)
922 0 : print_key_data (pk);
923 :
924 165 : for (kbctx = NULL; (node = walk_kbnode (keyblock, &kbctx, 0));)
925 : {
926 117 : if (node->pkt->pkttype == PKT_USER_ID)
927 : {
928 26 : PKT_user_id *uid = node->pkt->pkt.user_id;
929 : int indent;
930 26 : int kl = opt.keyid_format == KF_NONE? 10 : keystrlen ();
931 :
932 26 : if ((uid->is_expired || uid->is_revoked)
933 0 : && !(opt.list_options & LIST_SHOW_UNUSABLE_UIDS))
934 : {
935 0 : skip_sigs = 1;
936 0 : continue;
937 : }
938 : else
939 26 : skip_sigs = 0;
940 :
941 26 : if (attrib_fp && uid->attrib_data != NULL)
942 0 : dump_attribs (uid, pk);
943 :
944 26 : if ((uid->is_revoked || uid->is_expired)
945 26 : || ((opt.list_options & LIST_SHOW_UID_VALIDITY)
946 26 : && !listctx->no_validity))
947 26 : {
948 : const char *validity;
949 :
950 26 : validity = uid_trust_string_fixed (ctrl, pk, uid);
951 52 : indent = ((kl + (opt.legacy_list_mode? 9:11))
952 26 : - atoi (uid_trust_string_fixed (ctrl, NULL, NULL)));
953 26 : if (indent < 0 || indent > 40)
954 0 : indent = 0;
955 :
956 26 : es_fprintf (es_stdout, "uid%*s%s ", indent, "", validity);
957 : }
958 : else
959 : {
960 0 : indent = kl + (opt.legacy_list_mode? 10:12);
961 0 : es_fprintf (es_stdout, "uid%*s", indent, "");
962 : }
963 :
964 26 : print_utf8_buffer (es_stdout, uid->name, uid->len);
965 26 : es_putc ('\n', es_stdout);
966 :
967 26 : if (opt.with_wkd_hash)
968 : {
969 : char *mbox, *hash, *p;
970 : char hashbuf[32];
971 :
972 0 : mbox = mailbox_from_userid (uid->name);
973 0 : if (mbox && (p = strchr (mbox, '@')))
974 : {
975 0 : *p++ = 0;
976 0 : gcry_md_hash_buffer (GCRY_MD_SHA1, hashbuf,
977 : mbox, strlen (mbox));
978 0 : hash = zb32_encode (hashbuf, 8*20);
979 0 : if (hash)
980 : {
981 0 : es_fprintf (es_stdout, " %*s%s@%s\n",
982 : indent, "", hash, p);
983 0 : xfree (hash);
984 : }
985 : }
986 0 : xfree (mbox);
987 : }
988 :
989 26 : if ((opt.list_options & LIST_SHOW_PHOTOS) && uid->attribs != NULL)
990 0 : show_photos (ctrl, uid->attribs, uid->numattribs, pk, uid);
991 : }
992 91 : else if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
993 : {
994 17 : PKT_public_key *pk2 = node->pkt->pkt.public_key;
995 :
996 17 : if ((pk2->flags.revoked || pk2->has_expired)
997 0 : && !(opt.list_options & LIST_SHOW_UNUSABLE_SUBKEYS))
998 : {
999 0 : skip_sigs = 1;
1000 0 : continue;
1001 : }
1002 : else
1003 17 : skip_sigs = 0;
1004 :
1005 17 : xfree (serialno); serialno = NULL;
1006 17 : xfree (hexgrip); hexgrip = NULL;
1007 17 : if (secret || opt.with_keygrip)
1008 : {
1009 13 : rc = hexkeygrip_from_pk (pk2, &hexgrip);
1010 13 : if (rc)
1011 0 : log_error ("error computing a keygrip: %s\n",
1012 : gpg_strerror (rc));
1013 : }
1014 17 : if (secret)
1015 : {
1016 13 : if (!agent_get_keyinfo (NULL, hexgrip, &serialno, NULL))
1017 13 : secret = serialno? 3 : 1;
1018 : else
1019 0 : secret = '2'; /* Key not found. */
1020 : }
1021 :
1022 : /* Print the "sub" line. */
1023 17 : print_key_line (es_stdout, pk2, secret);
1024 17 : if (fpr > 1 || opt.with_subkey_fingerprint)
1025 : {
1026 0 : print_fingerprint (NULL, pk2, 0);
1027 0 : if (serialno)
1028 0 : print_card_serialno (serialno);
1029 : }
1030 17 : if (opt.with_keygrip && hexgrip)
1031 0 : es_fprintf (es_stdout, " Keygrip = %s\n", hexgrip);
1032 17 : if (opt.with_key_data)
1033 0 : print_key_data (pk2);
1034 : }
1035 74 : else if (opt.list_sigs
1036 0 : && node->pkt->pkttype == PKT_SIGNATURE && !skip_sigs)
1037 : {
1038 0 : PKT_signature *sig = node->pkt->pkt.signature;
1039 : int sigrc;
1040 : char *sigstr;
1041 :
1042 0 : if (listctx->check_sigs)
1043 : {
1044 0 : rc = check_key_signature (keyblock, node, NULL);
1045 0 : switch (gpg_err_code (rc))
1046 : {
1047 : case 0:
1048 0 : listctx->good_sigs++;
1049 0 : sigrc = '!';
1050 0 : break;
1051 : case GPG_ERR_BAD_SIGNATURE:
1052 0 : listctx->inv_sigs++;
1053 0 : sigrc = '-';
1054 0 : break;
1055 : case GPG_ERR_NO_PUBKEY:
1056 : case GPG_ERR_UNUSABLE_PUBKEY:
1057 0 : listctx->no_key++;
1058 0 : continue;
1059 : default:
1060 0 : listctx->oth_err++;
1061 0 : sigrc = '%';
1062 0 : break;
1063 : }
1064 :
1065 : /* TODO: Make sure a cached sig record here still has
1066 : the pk that issued it. See also
1067 : keyedit.c:print_and_check_one_sig */
1068 : }
1069 : else
1070 : {
1071 0 : rc = 0;
1072 0 : sigrc = ' ';
1073 : }
1074 :
1075 0 : if (sig->sig_class == 0x20 || sig->sig_class == 0x28
1076 0 : || sig->sig_class == 0x30)
1077 0 : sigstr = "rev";
1078 0 : else if ((sig->sig_class & ~3) == 0x10)
1079 0 : sigstr = "sig";
1080 0 : else if (sig->sig_class == 0x18)
1081 0 : sigstr = "sig";
1082 0 : else if (sig->sig_class == 0x1F)
1083 0 : sigstr = "sig";
1084 : else
1085 : {
1086 0 : es_fprintf (es_stdout, "sig "
1087 : "[unexpected signature class 0x%02x]\n",
1088 0 : sig->sig_class);
1089 0 : continue;
1090 : }
1091 :
1092 0 : es_fputs (sigstr, es_stdout);
1093 0 : es_fprintf (es_stdout, "%c%c %c%c%c%c%c%c %s %s",
1094 0 : sigrc, (sig->sig_class - 0x10 > 0 &&
1095 0 : sig->sig_class - 0x10 <
1096 0 : 4) ? '0' + sig->sig_class - 0x10 : ' ',
1097 0 : sig->flags.exportable ? ' ' : 'L',
1098 0 : sig->flags.revocable ? ' ' : 'R',
1099 0 : sig->flags.policy_url ? 'P' : ' ',
1100 0 : sig->flags.notation ? 'N' : ' ',
1101 0 : sig->flags.expired ? 'X' : ' ',
1102 0 : (sig->trust_depth > 9) ? 'T' : (sig->trust_depth >
1103 0 : 0) ? '0' +
1104 0 : sig->trust_depth : ' ', keystr (sig->keyid),
1105 : datestr_from_sig (sig));
1106 0 : if (opt.list_options & LIST_SHOW_SIG_EXPIRE)
1107 0 : es_fprintf (es_stdout, " %s", expirestr_from_sig (sig));
1108 0 : es_fprintf (es_stdout, " ");
1109 0 : if (sigrc == '%')
1110 0 : es_fprintf (es_stdout, "[%s] ", gpg_strerror (rc));
1111 0 : else if (sigrc == '?')
1112 : ;
1113 0 : else if (!opt.fast_list_mode)
1114 : {
1115 : size_t n;
1116 0 : char *p = get_user_id (sig->keyid, &n);
1117 0 : print_utf8_buffer (es_stdout, p, n);
1118 0 : xfree (p);
1119 : }
1120 0 : es_putc ('\n', es_stdout);
1121 :
1122 0 : if (sig->flags.policy_url
1123 0 : && (opt.list_options & LIST_SHOW_POLICY_URLS))
1124 0 : show_policy_url (sig, 3, 0);
1125 :
1126 0 : if (sig->flags.notation && (opt.list_options & LIST_SHOW_NOTATIONS))
1127 0 : show_notation (sig, 3, 0,
1128 0 : ((opt.
1129 0 : list_options & LIST_SHOW_STD_NOTATIONS) ? 1 : 0)
1130 : +
1131 0 : ((opt.
1132 0 : list_options & LIST_SHOW_USER_NOTATIONS) ? 2 :
1133 : 0));
1134 :
1135 0 : if (sig->flags.pref_ks
1136 0 : && (opt.list_options & LIST_SHOW_KEYSERVER_URLS))
1137 0 : show_keyserver_url (sig, 3, 0);
1138 :
1139 : /* fixme: check or list other sigs here */
1140 : }
1141 : }
1142 24 : es_putc ('\n', es_stdout);
1143 24 : xfree (serialno);
1144 24 : xfree (hexgrip);
1145 : }
1146 :
1147 : void
1148 100 : print_revokers (estream_t fp, PKT_public_key * pk)
1149 : {
1150 : /* print the revoker record */
1151 100 : if (!pk->revkey && pk->numrevkeys)
1152 0 : BUG ();
1153 : else
1154 : {
1155 : int i, j;
1156 :
1157 101 : for (i = 0; i < pk->numrevkeys; i++)
1158 : {
1159 : byte *p;
1160 :
1161 1 : es_fprintf (fp, "rvk:::%d::::::", pk->revkey[i].algid);
1162 1 : p = pk->revkey[i].fpr;
1163 21 : for (j = 0; j < 20; j++, p++)
1164 20 : es_fprintf (fp, "%02X", *p);
1165 2 : es_fprintf (fp, ":%02x%s:\n",
1166 1 : pk->revkey[i].class,
1167 1 : (pk->revkey[i].class & 0x40) ? "s" : "");
1168 : }
1169 : }
1170 100 : }
1171 :
1172 :
1173 : /* List a key in colon mode. If SECRET is true this is a secret key
1174 : record (i.e. requested via --list-secret-key). If HAS_SECRET a
1175 : secret key is available even if SECRET is not set. */
1176 : static void
1177 100 : list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
1178 : int secret, int has_secret)
1179 : {
1180 : int rc;
1181 : KBNODE kbctx;
1182 : KBNODE node;
1183 : PKT_public_key *pk;
1184 : u32 keyid[2];
1185 100 : int trustletter = 0;
1186 : int trustletter_print;
1187 : int ownertrust_print;
1188 100 : int ulti_hack = 0;
1189 : int i;
1190 100 : char *hexgrip_buffer = NULL;
1191 100 : const char *hexgrip = NULL;
1192 100 : char *serialno = NULL;
1193 : int stubkey;
1194 :
1195 : /* Get the keyid from the keyblock. */
1196 100 : node = find_kbnode (keyblock, PKT_PUBLIC_KEY);
1197 100 : if (!node)
1198 : {
1199 0 : log_error ("Oops; key lost!\n");
1200 0 : dump_kbnode (keyblock);
1201 100 : return;
1202 : }
1203 :
1204 100 : pk = node->pkt->pkt.public_key;
1205 100 : if (secret || has_secret || opt.with_keygrip || opt.with_key_data)
1206 : {
1207 4 : rc = hexkeygrip_from_pk (pk, &hexgrip_buffer);
1208 4 : if (rc)
1209 0 : log_error ("error computing a keygrip: %s\n", gpg_strerror (rc));
1210 : /* In the error case we print an empty string so that we have a
1211 : * "grp" record for each and subkey - even if it is empty. This
1212 : * may help to prevent sync problems. */
1213 4 : hexgrip = hexgrip_buffer? hexgrip_buffer : "";
1214 : }
1215 100 : stubkey = 0;
1216 100 : if ((secret || has_secret)
1217 4 : && agent_get_keyinfo (NULL, hexgrip, &serialno, NULL))
1218 0 : stubkey = 1; /* Key not found. */
1219 :
1220 100 : keyid_from_pk (pk, keyid);
1221 100 : if (!pk->flags.valid)
1222 0 : trustletter_print = 'i';
1223 100 : else if (pk->flags.revoked)
1224 0 : trustletter_print = 'r';
1225 100 : else if (pk->has_expired)
1226 3 : trustletter_print = 'e';
1227 97 : else if (opt.fast_list_mode || opt.no_expensive_trust_checks)
1228 0 : trustletter_print = 0;
1229 : else
1230 : {
1231 97 : trustletter = get_validity_info (ctrl, keyblock, pk, NULL);
1232 97 : if (trustletter == 'u')
1233 9 : ulti_hack = 1;
1234 97 : trustletter_print = trustletter;
1235 : }
1236 :
1237 100 : if (!opt.fast_list_mode && !opt.no_expensive_trust_checks)
1238 100 : ownertrust_print = get_ownertrust_info (pk);
1239 : else
1240 0 : ownertrust_print = 0;
1241 :
1242 100 : es_fputs (secret? "sec:":"pub:", es_stdout);
1243 100 : if (trustletter_print)
1244 100 : es_putc (trustletter_print, es_stdout);
1245 400 : es_fprintf (es_stdout, ":%u:%d:%08lX%08lX:%s:%s::",
1246 : nbits_from_pk (pk),
1247 100 : pk->pubkey_algo,
1248 200 : (ulong) keyid[0], (ulong) keyid[1],
1249 : colon_datestr_from_pk (pk), colon_strtime (pk->expiredate));
1250 :
1251 100 : if (ownertrust_print)
1252 100 : es_putc (ownertrust_print, es_stdout);
1253 100 : es_putc (':', es_stdout);
1254 :
1255 100 : es_putc (':', es_stdout);
1256 100 : es_putc (':', es_stdout);
1257 100 : print_capabilities (pk, keyblock);
1258 100 : es_putc (':', es_stdout); /* End of field 13. */
1259 100 : es_putc (':', es_stdout); /* End of field 14. */
1260 100 : if (secret || has_secret)
1261 : {
1262 4 : if (stubkey)
1263 0 : es_putc ('#', es_stdout);
1264 4 : else if (serialno)
1265 0 : es_fputs (serialno, es_stdout);
1266 4 : else if (has_secret)
1267 0 : es_putc ('+', es_stdout);
1268 : }
1269 100 : es_putc (':', es_stdout); /* End of field 15. */
1270 100 : es_putc (':', es_stdout); /* End of field 16. */
1271 100 : if (pk->pubkey_algo == PUBKEY_ALGO_ECDSA
1272 100 : || pk->pubkey_algo == PUBKEY_ALGO_EDDSA
1273 100 : || pk->pubkey_algo == PUBKEY_ALGO_ECDH)
1274 : {
1275 0 : char *curve = openpgp_oid_to_str (pk->pkey[0]);
1276 0 : const char *name = openpgp_oid_to_curve (curve, 0);
1277 0 : if (!name)
1278 0 : name = curve;
1279 0 : es_fputs (name, es_stdout);
1280 0 : xfree (curve);
1281 : }
1282 100 : es_putc (':', es_stdout); /* End of field 17. */
1283 100 : es_putc (':', es_stdout); /* End of field 18. */
1284 100 : es_putc ('\n', es_stdout);
1285 :
1286 100 : print_revokers (es_stdout, pk);
1287 100 : print_fingerprint (NULL, pk, 0);
1288 100 : if (hexgrip)
1289 4 : es_fprintf (es_stdout, "grp:::::::::%s:\n", hexgrip);
1290 100 : if (opt.with_key_data)
1291 0 : print_key_data (pk);
1292 :
1293 758 : for (kbctx = NULL; (node = walk_kbnode (keyblock, &kbctx, 0));)
1294 : {
1295 558 : if (node->pkt->pkttype == PKT_USER_ID)
1296 : {
1297 108 : PKT_user_id *uid = node->pkt->pkt.user_id;
1298 : int uid_validity;
1299 :
1300 108 : if (attrib_fp && uid->attrib_data != NULL)
1301 0 : dump_attribs (uid, pk);
1302 :
1303 108 : if (uid->is_revoked)
1304 1 : uid_validity = 'r';
1305 107 : else if (uid->is_expired)
1306 0 : uid_validity = 'e';
1307 107 : else if (opt.no_expensive_trust_checks)
1308 0 : uid_validity = 0;
1309 107 : else if (ulti_hack)
1310 12 : uid_validity = 'u';
1311 : else
1312 95 : uid_validity = get_validity_info (ctrl, keyblock, pk, uid);
1313 :
1314 108 : es_fputs (uid->attrib_data? "uat:":"uid:", es_stdout);
1315 108 : if (uid_validity)
1316 108 : es_putc (uid_validity, es_stdout);
1317 108 : es_fputs ("::::", es_stdout);
1318 :
1319 108 : es_fprintf (es_stdout, "%s:", colon_strtime (uid->created));
1320 108 : es_fprintf (es_stdout, "%s:", colon_strtime (uid->expiredate));
1321 :
1322 108 : namehash_from_uid (uid);
1323 :
1324 2268 : for (i = 0; i < 20; i++)
1325 2160 : es_fprintf (es_stdout, "%02X", uid->namehash[i]);
1326 :
1327 108 : es_fprintf (es_stdout, "::");
1328 :
1329 108 : if (uid->attrib_data)
1330 0 : es_fprintf (es_stdout, "%u %lu", uid->numattribs, uid->attrib_len);
1331 : else
1332 108 : es_write_sanitized (es_stdout, uid->name, uid->len, ":", NULL);
1333 108 : es_putc (':', es_stdout);
1334 108 : es_putc ('\n', es_stdout);
1335 : #ifdef USE_TOFU
1336 108 : if (!uid->attrib_data && opt.with_tofu_info
1337 45 : && (opt.trust_model == TM_TOFU || opt.trust_model == TM_TOFU_PGP))
1338 : {
1339 : /* Print a "tfs" record. */
1340 45 : tofu_write_tfs_record (ctrl, es_stdout, pk, uid->name);
1341 : }
1342 : #endif /*USE_TOFU*/
1343 : }
1344 450 : else if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
1345 : {
1346 : u32 keyid2[2];
1347 : PKT_public_key *pk2;
1348 112 : int need_hexgrip = !!hexgrip;
1349 :
1350 112 : pk2 = node->pkt->pkt.public_key;
1351 112 : xfree (hexgrip_buffer); hexgrip_buffer = NULL; hexgrip = NULL;
1352 112 : xfree (serialno); serialno = NULL;
1353 112 : if (need_hexgrip
1354 108 : || secret || has_secret || opt.with_keygrip || opt.with_key_data)
1355 : {
1356 4 : rc = hexkeygrip_from_pk (pk2, &hexgrip_buffer);
1357 4 : if (rc)
1358 0 : log_error ("error computing a keygrip: %s\n",
1359 : gpg_strerror (rc));
1360 4 : hexgrip = hexgrip_buffer? hexgrip_buffer : "";
1361 : }
1362 112 : stubkey = 0;
1363 112 : if ((secret||has_secret)
1364 4 : && agent_get_keyinfo (NULL, hexgrip, &serialno, NULL))
1365 0 : stubkey = 1; /* Key not found. */
1366 :
1367 112 : keyid_from_pk (pk2, keyid2);
1368 112 : es_fputs (secret? "ssb:":"sub:", es_stdout);
1369 112 : if (!pk2->flags.valid)
1370 0 : es_putc ('i', es_stdout);
1371 112 : else if (pk2->flags.revoked)
1372 0 : es_putc ('r', es_stdout);
1373 112 : else if (pk2->has_expired)
1374 2 : es_putc ('e', es_stdout);
1375 110 : else if (opt.fast_list_mode || opt.no_expensive_trust_checks)
1376 : ;
1377 : else
1378 : {
1379 : /* TRUSTLETTER should always be defined here. */
1380 110 : if (trustletter)
1381 110 : es_fprintf (es_stdout, "%c", trustletter);
1382 : }
1383 448 : es_fprintf (es_stdout, ":%u:%d:%08lX%08lX:%s:%s:::::",
1384 : nbits_from_pk (pk2),
1385 112 : pk2->pubkey_algo,
1386 224 : (ulong) keyid2[0], (ulong) keyid2[1],
1387 : colon_datestr_from_pk (pk2), colon_strtime (pk2->expiredate)
1388 : /* fixme: add LID and ownertrust here */
1389 : );
1390 112 : print_capabilities (pk2, NULL);
1391 112 : es_putc (':', es_stdout); /* End of field 13. */
1392 112 : es_putc (':', es_stdout); /* End of field 14. */
1393 112 : if (secret || has_secret)
1394 : {
1395 4 : if (stubkey)
1396 0 : es_putc ('#', es_stdout);
1397 4 : else if (serialno)
1398 0 : es_fputs (serialno, es_stdout);
1399 4 : else if (has_secret)
1400 0 : es_putc ('+', es_stdout);
1401 : }
1402 112 : es_putc (':', es_stdout); /* End of field 15. */
1403 112 : es_putc (':', es_stdout); /* End of field 16. */
1404 112 : if (pk2->pubkey_algo == PUBKEY_ALGO_ECDSA
1405 112 : || pk2->pubkey_algo == PUBKEY_ALGO_EDDSA
1406 112 : || pk2->pubkey_algo == PUBKEY_ALGO_ECDH)
1407 : {
1408 0 : char *curve = openpgp_oid_to_str (pk2->pkey[0]);
1409 0 : const char *name = openpgp_oid_to_curve (curve, 0);
1410 0 : if (!name)
1411 0 : name = curve;
1412 0 : es_fputs (name, es_stdout);
1413 0 : xfree (curve);
1414 : }
1415 112 : es_putc (':', es_stdout); /* End of field 17. */
1416 112 : es_putc ('\n', es_stdout);
1417 112 : print_fingerprint (NULL, pk2, 0);
1418 112 : if (hexgrip)
1419 4 : es_fprintf (es_stdout, "grp:::::::::%s:\n", hexgrip);
1420 112 : if (opt.with_key_data)
1421 0 : print_key_data (pk2);
1422 : }
1423 338 : else if (opt.list_sigs && node->pkt->pkttype == PKT_SIGNATURE)
1424 : {
1425 0 : PKT_signature *sig = node->pkt->pkt.signature;
1426 0 : int sigrc, fprokay = 0;
1427 : char *sigstr;
1428 : size_t fplen;
1429 : byte fparray[MAX_FINGERPRINT_LEN];
1430 : char *siguid;
1431 : size_t siguidlen;
1432 :
1433 0 : if (sig->sig_class == 0x20 || sig->sig_class == 0x28
1434 0 : || sig->sig_class == 0x30)
1435 0 : sigstr = "rev";
1436 0 : else if ((sig->sig_class & ~3) == 0x10)
1437 0 : sigstr = "sig";
1438 0 : else if (sig->sig_class == 0x18)
1439 0 : sigstr = "sig";
1440 0 : else if (sig->sig_class == 0x1F)
1441 0 : sigstr = "sig";
1442 : else
1443 : {
1444 0 : es_fprintf (es_stdout, "sig::::::::::%02x%c:\n",
1445 0 : sig->sig_class, sig->flags.exportable ? 'x' : 'l');
1446 0 : continue;
1447 : }
1448 :
1449 0 : if (opt.check_sigs)
1450 : {
1451 0 : PKT_public_key *signer_pk = NULL;
1452 :
1453 0 : fflush (stdout);
1454 0 : if (opt.no_sig_cache)
1455 0 : signer_pk = xmalloc_clear (sizeof (PKT_public_key));
1456 :
1457 0 : rc = check_key_signature2 (keyblock, node, NULL, signer_pk,
1458 : NULL, NULL, NULL);
1459 0 : switch (gpg_err_code (rc))
1460 : {
1461 : case 0:
1462 0 : sigrc = '!';
1463 0 : break;
1464 : case GPG_ERR_BAD_SIGNATURE:
1465 0 : sigrc = '-';
1466 0 : break;
1467 : case GPG_ERR_NO_PUBKEY:
1468 : case GPG_ERR_UNUSABLE_PUBKEY:
1469 0 : sigrc = '?';
1470 0 : break;
1471 : default:
1472 0 : sigrc = '%';
1473 0 : break;
1474 : }
1475 :
1476 0 : if (opt.no_sig_cache)
1477 : {
1478 0 : if (!rc)
1479 : {
1480 0 : fingerprint_from_pk (signer_pk, fparray, &fplen);
1481 0 : fprokay = 1;
1482 : }
1483 0 : free_public_key (signer_pk);
1484 : }
1485 : }
1486 : else
1487 : {
1488 0 : rc = 0;
1489 0 : sigrc = ' ';
1490 : }
1491 :
1492 0 : if (sigrc != '%' && sigrc != '?' && !opt.fast_list_mode)
1493 0 : siguid = get_user_id (sig->keyid, &siguidlen);
1494 : else
1495 : {
1496 0 : siguid = NULL;
1497 0 : siguidlen = 0;
1498 : }
1499 :
1500 :
1501 0 : es_fputs (sigstr, es_stdout);
1502 0 : es_putc (':', es_stdout);
1503 0 : if (sigrc != ' ')
1504 0 : es_putc (sigrc, es_stdout);
1505 0 : es_fprintf (es_stdout, "::%d:%08lX%08lX:%s:%s:", sig->pubkey_algo,
1506 0 : (ulong) sig->keyid[0], (ulong) sig->keyid[1],
1507 : colon_datestr_from_sig (sig),
1508 : colon_expirestr_from_sig (sig));
1509 :
1510 0 : if (sig->trust_depth || sig->trust_value)
1511 0 : es_fprintf (es_stdout, "%d %d", sig->trust_depth, sig->trust_value);
1512 0 : es_fprintf (es_stdout, ":");
1513 :
1514 0 : if (sig->trust_regexp)
1515 0 : es_write_sanitized (es_stdout, sig->trust_regexp,
1516 0 : strlen (sig->trust_regexp), ":", NULL);
1517 0 : es_fprintf (es_stdout, ":");
1518 :
1519 0 : if (sigrc == '%')
1520 0 : es_fprintf (es_stdout, "[%s] ", gpg_strerror (rc));
1521 0 : else if (siguid)
1522 0 : es_write_sanitized (es_stdout, siguid, siguidlen, ":", NULL);
1523 :
1524 0 : es_fprintf (es_stdout, ":%02x%c::", sig->sig_class,
1525 0 : sig->flags.exportable ? 'x' : 'l');
1526 :
1527 0 : if (opt.no_sig_cache && opt.check_sigs && fprokay)
1528 : {
1529 0 : for (i = 0; i < fplen; i++)
1530 0 : es_fprintf (es_stdout, "%02X", fparray[i]);
1531 : }
1532 :
1533 0 : es_fprintf (es_stdout, ":::%d:\n", sig->digest_algo);
1534 :
1535 0 : if (opt.show_subpackets)
1536 0 : print_subpackets_colon (sig);
1537 :
1538 : /* fixme: check or list other sigs here */
1539 0 : xfree (siguid);
1540 : }
1541 : }
1542 :
1543 100 : xfree (hexgrip_buffer);
1544 100 : xfree (serialno);
1545 : }
1546 :
1547 : /*
1548 : * Reorder the keyblock so that the primary user ID (and not attribute
1549 : * packet) comes first. Fixme: Replace this by a generic sort
1550 : * function. */
1551 : static void
1552 252 : do_reorder_keyblock (KBNODE keyblock, int attr)
1553 : {
1554 252 : KBNODE primary = NULL, primary0 = NULL, primary2 = NULL;
1555 : KBNODE last, node;
1556 :
1557 1102 : for (node = keyblock; node; primary0 = node, node = node->next)
1558 : {
1559 974 : if (node->pkt->pkttype == PKT_USER_ID &&
1560 137 : ((attr && node->pkt->pkt.user_id->attrib_data) ||
1561 274 : (!attr && !node->pkt->pkt.user_id->attrib_data)) &&
1562 137 : node->pkt->pkt.user_id->is_primary)
1563 : {
1564 124 : primary = primary2 = node;
1565 266 : for (node = node->next; node; primary2 = node, node = node->next)
1566 : {
1567 255 : if (node->pkt->pkttype == PKT_USER_ID
1568 255 : || node->pkt->pkttype == PKT_PUBLIC_SUBKEY
1569 142 : || node->pkt->pkttype == PKT_SECRET_SUBKEY)
1570 : {
1571 : break;
1572 : }
1573 : }
1574 124 : break;
1575 : }
1576 : }
1577 252 : if (!primary)
1578 128 : return; /* No primary key flag found (should not happen). */
1579 :
1580 249 : for (last = NULL, node = keyblock; node; last = node, node = node->next)
1581 : {
1582 249 : if (node->pkt->pkttype == PKT_USER_ID)
1583 124 : break;
1584 : }
1585 124 : log_assert (node);
1586 124 : log_assert (last); /* The user ID is never the first packet. */
1587 124 : log_assert (primary0); /* Ditto (this is the node before primary). */
1588 124 : if (node == primary)
1589 115 : return; /* Already the first one. */
1590 :
1591 9 : last->next = primary;
1592 9 : primary0->next = primary2->next;
1593 9 : primary2->next = node;
1594 : }
1595 :
1596 : void
1597 126 : reorder_keyblock (KBNODE keyblock)
1598 : {
1599 126 : do_reorder_keyblock (keyblock, 1);
1600 126 : do_reorder_keyblock (keyblock, 0);
1601 126 : }
1602 :
1603 : static void
1604 124 : list_keyblock (ctrl_t ctrl,
1605 : KBNODE keyblock, int secret, int has_secret, int fpr,
1606 : struct keylist_context *listctx)
1607 : {
1608 124 : reorder_keyblock (keyblock);
1609 :
1610 124 : if (opt.with_colons)
1611 100 : list_keyblock_colon (ctrl, keyblock, secret, has_secret);
1612 : else
1613 24 : list_keyblock_print (ctrl, keyblock, secret, fpr, listctx);
1614 :
1615 124 : if (secret)
1616 24 : es_fflush (es_stdout);
1617 124 : }
1618 :
1619 :
1620 : /* Public function used by keygen to list a keyblock. If NO_VALIDITY
1621 : * is set the validity of a key is never shown. */
1622 : void
1623 0 : list_keyblock_direct (ctrl_t ctrl,
1624 : kbnode_t keyblock, int secret, int has_secret, int fpr,
1625 : int no_validity)
1626 : {
1627 : struct keylist_context listctx;
1628 :
1629 0 : memset (&listctx, 0, sizeof (listctx));
1630 0 : listctx.no_validity = !!no_validity;
1631 0 : list_keyblock (ctrl, keyblock, secret, has_secret, fpr, &listctx);
1632 0 : keylist_context_release (&listctx);
1633 0 : }
1634 :
1635 :
1636 : /* Print an hex digit in ICAO spelling. */
1637 : static void
1638 0 : print_icao_hexdigit (estream_t fp, int c)
1639 : {
1640 : static const char *list[16] = {
1641 : "Zero", "One", "Two", "Three", "Four", "Five", "Six", "Seven",
1642 : "Eight", "Niner", "Alfa", "Bravo", "Charlie", "Delta", "Echo", "Foxtrot"
1643 : };
1644 :
1645 0 : tty_fprintf (fp, "%s", list[c&15]);
1646 0 : }
1647 :
1648 :
1649 : /*
1650 : * Function to print the finperprint.
1651 : * mode 0: as used in key listings, opt.with_colons is honored
1652 : * 1: print using log_info ()
1653 : * 2: direct use of tty
1654 : * 3: direct use of tty but only primary key.
1655 : * 4: direct use of tty but only subkey.
1656 : * 10: Same as 0 but with_colons etc is ignored.
1657 : * 20: Same as 0 but using a compact format.
1658 : *
1659 : * Modes 1 and 2 will try and print both subkey and primary key
1660 : * fingerprints. A MODE with bit 7 set is used internally. If
1661 : * OVERRIDE_FP is not NULL that stream will be used in 0 instead
1662 : * of es_stdout or instead of the TTY in modes 2 and 3.
1663 : */
1664 : void
1665 263 : print_fingerprint (estream_t override_fp, PKT_public_key *pk, int mode)
1666 : {
1667 : char hexfpr[2*MAX_FINGERPRINT_LEN+1];
1668 : char *p;
1669 : size_t i;
1670 : estream_t fp;
1671 : const char *text;
1672 263 : int primary = 0;
1673 263 : int with_colons = opt.with_colons;
1674 263 : int with_icao = opt.with_icao_spelling;
1675 263 : int compact = 0;
1676 :
1677 263 : if (mode == 10)
1678 : {
1679 0 : mode = 0;
1680 0 : with_colons = 0;
1681 0 : with_icao = 0;
1682 : }
1683 263 : else if (mode == 20)
1684 : {
1685 27 : mode = 0;
1686 27 : with_colons = 0;
1687 27 : compact = 1;
1688 : }
1689 :
1690 263 : if (!opt.fingerprint && !opt.with_fingerprint
1691 255 : && opt.with_subkey_fingerprint)
1692 0 : compact = 1;
1693 :
1694 263 : if (pk->main_keyid[0] == pk->keyid[0]
1695 151 : && pk->main_keyid[1] == pk->keyid[1])
1696 151 : primary = 1;
1697 :
1698 : /* Just to be safe */
1699 263 : if ((mode & 0x80) && !primary)
1700 : {
1701 0 : log_error ("primary key is not really primary!\n");
1702 263 : return;
1703 : }
1704 :
1705 263 : mode &= ~0x80;
1706 :
1707 263 : if (!primary && (mode == 1 || mode == 2))
1708 : {
1709 0 : PKT_public_key *primary_pk = xmalloc_clear (sizeof (*primary_pk));
1710 0 : get_pubkey (primary_pk, pk->main_keyid);
1711 0 : print_fingerprint (override_fp, primary_pk, (mode | 0x80));
1712 0 : free_public_key (primary_pk);
1713 : }
1714 :
1715 263 : if (mode == 1)
1716 : {
1717 24 : fp = log_get_stream ();
1718 24 : if (primary)
1719 24 : text = _("Primary key fingerprint:");
1720 : else
1721 0 : text = _(" Subkey fingerprint:");
1722 : }
1723 239 : else if (mode == 2)
1724 : {
1725 0 : fp = override_fp; /* Use tty or given stream. */
1726 0 : if (primary)
1727 : /* TRANSLATORS: this should fit into 24 bytes so that the
1728 : * fingerprint data is properly aligned with the user ID */
1729 0 : text = _(" Primary key fingerprint:");
1730 : else
1731 0 : text = _(" Subkey fingerprint:");
1732 : }
1733 239 : else if (mode == 3)
1734 : {
1735 0 : fp = override_fp; /* Use tty or given stream. */
1736 0 : text = _(" Key fingerprint =");
1737 : }
1738 239 : else if (mode == 4)
1739 : {
1740 0 : fp = override_fp; /* Use tty or given stream. */
1741 0 : text = _(" Subkey fingerprint:");
1742 : }
1743 : else
1744 : {
1745 239 : fp = override_fp? override_fp : es_stdout;
1746 239 : if (opt.keyid_format == KF_NONE)
1747 : {
1748 239 : text = " "; /* To indent ICAO spelling. */
1749 239 : compact = 1;
1750 : }
1751 : else
1752 0 : text = _(" Key fingerprint =");
1753 : }
1754 :
1755 263 : hexfingerprint (pk, hexfpr, sizeof hexfpr);
1756 263 : if (with_colons && !mode)
1757 : {
1758 212 : es_fprintf (fp, "fpr:::::::::%s:", hexfpr);
1759 : }
1760 51 : else if (compact && !opt.fingerprint && !opt.with_fingerprint)
1761 : {
1762 27 : tty_fprintf (fp, "%*s%s", 6, "", hexfpr);
1763 : }
1764 : else
1765 : {
1766 : char fmtfpr[MAX_FORMATTED_FINGERPRINT_LEN + 1];
1767 24 : format_hexfingerprint (hexfpr, fmtfpr, sizeof fmtfpr);
1768 24 : if (compact)
1769 0 : tty_fprintf (fp, "%*s%s", 6, "", fmtfpr);
1770 : else
1771 24 : tty_fprintf (fp, "%s %s", text, fmtfpr);
1772 : }
1773 263 : tty_fprintf (fp, "\n");
1774 263 : if (!with_colons && with_icao)
1775 : {
1776 : ;
1777 0 : tty_fprintf (fp, "%*s\"", (int)strlen(text)+1, "");
1778 0 : for (i = 0, p = hexfpr; *p; i++, p++)
1779 : {
1780 0 : if (!i)
1781 : ;
1782 0 : else if (!(i%8))
1783 0 : tty_fprintf (fp, "\n%*s ", (int)strlen(text)+1, "");
1784 0 : else if (!(i%4))
1785 0 : tty_fprintf (fp, " ");
1786 : else
1787 0 : tty_fprintf (fp, " ");
1788 0 : print_icao_hexdigit (fp, xtoi_1 (p));
1789 : }
1790 0 : tty_fprintf (fp, "\"\n");
1791 : }
1792 : }
1793 :
1794 : /* Print the serial number of an OpenPGP card if available. */
1795 : static void
1796 0 : print_card_serialno (const char *serialno)
1797 : {
1798 0 : if (!serialno)
1799 0 : return;
1800 0 : if (opt.with_colons)
1801 0 : return; /* Handled elsewhere. */
1802 :
1803 0 : es_fputs (_(" Card serial no. ="), es_stdout);
1804 0 : es_putc (' ', es_stdout);
1805 0 : if (strlen (serialno) == 32 && !strncmp (serialno, "D27600012401", 12))
1806 : {
1807 : /* This is an OpenPGP card. Print the relevant part. */
1808 : /* Example: D2760001240101010001000003470000 */
1809 : /* xxxxyyyyyyyy */
1810 0 : es_fprintf (es_stdout, "%.*s %.*s", 4, serialno+16, 8, serialno+20);
1811 : }
1812 : else
1813 0 : es_fputs (serialno, es_stdout);
1814 0 : es_putc ('\n', es_stdout);
1815 : }
1816 :
1817 :
1818 : /* Print a public or secret (sub)key line. Example:
1819 : *
1820 : * pub dsa2048 2007-12-31 [SC] [expires: 2018-12-31]
1821 : * 80615870F5BAD690333686D0F2AD85AC1E42B367
1822 : *
1823 : * Some global options may result in a different output format. If
1824 : * SECRET is set, "sec" or "ssb" is used instead of "pub" or "sub" and
1825 : * depending on the value a flag character is shown:
1826 : *
1827 : * 1 := ' ' Regular secret key
1828 : * 2 := '#' Stub secret key
1829 : * 3 := '>' Secret key is on a token.
1830 : */
1831 : void
1832 44 : print_key_line (estream_t fp, PKT_public_key *pk, int secret)
1833 : {
1834 : char pkstrbuf[PUBKEY_STRING_SIZE];
1835 :
1836 176 : tty_fprintf (fp, "%s%c %s",
1837 71 : pk->flags.primary? (secret? "sec":"pub")
1838 17 : /**/ : (secret? "ssb":"sub"),
1839 44 : secret == 2? '#' : secret == 3? '>' : ' ',
1840 : pubkey_string (pk, pkstrbuf, sizeof pkstrbuf));
1841 44 : if (opt.keyid_format != KF_NONE)
1842 0 : tty_fprintf (fp, "/%s", keystr_from_pk (pk));
1843 44 : tty_fprintf (fp, " %s", datestr_from_pk (pk));
1844 :
1845 44 : if ((opt.list_options & LIST_SHOW_USAGE))
1846 : {
1847 44 : tty_fprintf (fp, " [%s]", usagestr_from_pk (pk, 0));
1848 : }
1849 44 : if (pk->flags.revoked)
1850 : {
1851 0 : tty_fprintf (fp, " [");
1852 0 : tty_fprintf (fp, _("revoked: %s"), revokestr_from_pk (pk));
1853 0 : tty_fprintf (fp, "]");
1854 : }
1855 44 : else if (pk->has_expired)
1856 : {
1857 0 : tty_fprintf (fp, " [");
1858 0 : tty_fprintf (fp, _("expired: %s"), expirestr_from_pk (pk));
1859 0 : tty_fprintf (fp, "]");
1860 : }
1861 44 : else if (pk->expiredate)
1862 : {
1863 8 : tty_fprintf (fp, " [");
1864 8 : tty_fprintf (fp, _("expires: %s"), expirestr_from_pk (pk));
1865 8 : tty_fprintf (fp, "]");
1866 : }
1867 :
1868 : #if 0
1869 : /* I need to think about this some more. It's easy enough to
1870 : include, but it looks sort of confusing in the listing... */
1871 : if (opt.list_options & LIST_SHOW_VALIDITY)
1872 : {
1873 : int validity = get_validity (ctrl, pk, NULL, NULL, 0);
1874 : tty_fprintf (fp, " [%s]", trust_value_to_string (validity));
1875 : }
1876 : #endif
1877 :
1878 44 : if (pk->pubkey_algo >= 100)
1879 0 : tty_fprintf (fp, " [experimental algorithm %d]", pk->pubkey_algo);
1880 :
1881 44 : tty_fprintf (fp, "\n");
1882 :
1883 : /* if the user hasn't explicitly asked for human-readable
1884 : fingerprints, show compact fpr of primary key: */
1885 71 : if (pk->flags.primary &&
1886 54 : !opt.fingerprint && !opt.with_fingerprint)
1887 27 : print_fingerprint (fp, pk, 20);
1888 44 : }
1889 :
1890 :
1891 : void
1892 0 : set_attrib_fd (int fd)
1893 : {
1894 : static int last_fd = -1;
1895 :
1896 0 : if (fd != -1 && last_fd == fd)
1897 0 : return;
1898 :
1899 : /* Fixme: Do we need to check for the log stream here? */
1900 0 : if (attrib_fp && attrib_fp != log_get_stream ())
1901 0 : es_fclose (attrib_fp);
1902 0 : attrib_fp = NULL;
1903 0 : if (fd == -1)
1904 0 : return;
1905 :
1906 : #ifdef HAVE_DOSISH_SYSTEM
1907 : setmode (fd, O_BINARY);
1908 : #endif
1909 0 : if (fd == 1)
1910 0 : attrib_fp = es_stdout;
1911 0 : else if (fd == 2)
1912 0 : attrib_fp = es_stderr;
1913 : else
1914 0 : attrib_fp = es_fdopen (fd, "wb");
1915 0 : if (!attrib_fp)
1916 : {
1917 0 : log_fatal ("can't open fd %d for attribute output: %s\n",
1918 0 : fd, strerror (errno));
1919 : }
1920 :
1921 0 : last_fd = fd;
1922 : }
|
