LCOV - code coverage report
Current view: top level - g10 - delkey.c (source / functions) Hit Total Coverage
Test: coverage.info Lines: 48 116 41.4 %
Date: 2015-11-05 17:10:59 Functions: 2 2 100.0 %

          Line data    Source code
       1             : /* delkey.c - delete keys
       2             :  * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2004,
       3             :  *               2005, 2006 Free Software Foundation, Inc.
       4             :  * Copyright (C) 2014 Werner Koch
       5             :  *
       6             :  * This file is part of GnuPG.
       7             :  *
       8             :  * GnuPG is free software; you can redistribute it and/or modify
       9             :  * it under the terms of the GNU General Public License as published by
      10             :  * the Free Software Foundation; either version 3 of the License, or
      11             :  * (at your option) any later version.
      12             :  *
      13             :  * GnuPG is distributed in the hope that it will be useful,
      14             :  * but WITHOUT ANY WARRANTY; without even the implied warranty of
      15             :  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      16             :  * GNU General Public License for more details.
      17             :  *
      18             :  * You should have received a copy of the GNU General Public License
      19             :  * along with this program; if not, see <http://www.gnu.org/licenses/>.
      20             :  */
      21             : 
      22             : #include <config.h>
      23             : #include <stdio.h>
      24             : #include <stdlib.h>
      25             : #include <string.h>
      26             : #include <errno.h>
      27             : #include <assert.h>
      28             : #include <ctype.h>
      29             : 
      30             : #include "gpg.h"
      31             : #include "options.h"
      32             : #include "packet.h"
      33             : #include "status.h"
      34             : #include "iobuf.h"
      35             : #include "keydb.h"
      36             : #include "util.h"
      37             : #include "main.h"
      38             : #include "trustdb.h"
      39             : #include "filter.h"
      40             : #include "ttyio.h"
      41             : #include "status.h"
      42             : #include "i18n.h"
      43             : #include "call-agent.h"
      44             : 
      45             : 
      46             : /****************
      47             :  * Delete a public or secret key from a keyring.
      48             :  * r_sec_avail will be set if a secret key is available and the public
      49             :  * key can't be deleted for that reason.
      50             :  */
      51             : static gpg_error_t
      52           8 : do_delete_key( const char *username, int secret, int force, int *r_sec_avail )
      53             : {
      54             :   gpg_error_t err;
      55           8 :   kbnode_t keyblock = NULL;
      56             :   kbnode_t node, kbctx;
      57             :   KEYDB_HANDLE hd;
      58           8 :   PKT_public_key *pk = NULL;
      59             :   u32 keyid[2];
      60           8 :   int okay=0;
      61             :   int yes;
      62             :   KEYDB_SEARCH_DESC desc;
      63             :   int exactmatch;
      64             : 
      65           8 :   *r_sec_avail = 0;
      66             : 
      67           8 :   hd = keydb_new ();
      68             : 
      69             :   /* Search the userid.  */
      70           8 :   err = classify_user_id (username, &desc, 1);
      71          16 :   exactmatch = (desc.mode == KEYDB_SEARCH_MODE_FPR
      72           8 :                 || desc.mode == KEYDB_SEARCH_MODE_FPR16
      73          16 :                 || desc.mode == KEYDB_SEARCH_MODE_FPR20);
      74           8 :   if (!err)
      75           8 :     err = keydb_search (hd, &desc, 1, NULL);
      76           8 :   if (err)
      77             :     {
      78           5 :       log_error (_("key \"%s\" not found: %s\n"), username, gpg_strerror (err));
      79           5 :       write_status_text (STATUS_DELETE_PROBLEM, "1");
      80           5 :       goto leave;
      81             :     }
      82             : 
      83             :   /* Read the keyblock.  */
      84           3 :   err = keydb_get_keyblock (hd, &keyblock);
      85           3 :   if (err)
      86             :     {
      87           0 :       log_error (_("error reading keyblock: %s\n"), gpg_strerror (err) );
      88           0 :       goto leave;
      89             :     }
      90             : 
      91             :   /* Get the keyid from the keyblock.  */
      92           3 :   node = find_kbnode( keyblock, PKT_PUBLIC_KEY );
      93           3 :   if (!node)
      94             :     {
      95           0 :       log_error ("Oops; key not found anymore!\n");
      96           0 :       err = gpg_error (GPG_ERR_GENERAL);
      97           0 :       goto leave;
      98             :     }
      99           3 :   pk = node->pkt->pkt.public_key;
     100           3 :   keyid_from_pk (pk, keyid);
     101             : 
     102           3 :   if (!secret && !force)
     103             :     {
     104           3 :       if (have_secret_key_with_kid (keyid))
     105             :         {
     106           0 :           *r_sec_avail = 1;
     107           0 :           err = gpg_error (GPG_ERR_EOF);
     108           0 :           goto leave;
     109             :         }
     110             :       else
     111           3 :         err = 0;
     112             :     }
     113             : 
     114           3 :   if (secret && !have_secret_key_with_kid (keyid))
     115             :     {
     116           0 :       err = gpg_error (GPG_ERR_NOT_FOUND);
     117           0 :       log_error (_("key \"%s\" not found: %s\n"), username, gpg_strerror (err));
     118           0 :       write_status_text (STATUS_DELETE_PROBLEM, "1");
     119           0 :       goto leave;
     120             :     }
     121             : 
     122             : 
     123           3 :   if (opt.batch && exactmatch)
     124           0 :     okay++;
     125           3 :   else if (opt.batch && secret)
     126             :     {
     127           0 :       log_error(_("can't do this in batch mode\n"));
     128           0 :       log_info (_("(unless you specify the key by fingerprint)\n"));
     129             :     }
     130           3 :   else if (opt.batch && opt.answer_yes)
     131           3 :     okay++;
     132           0 :   else if (opt.batch)
     133             :     {
     134           0 :       log_error(_("can't do this in batch mode without \"--yes\"\n"));
     135           0 :       log_info (_("(unless you specify the key by fingerprint)\n"));
     136             :     }
     137             :   else
     138             :     {
     139           0 :       if (secret)
     140           0 :         print_seckey_info (pk);
     141             :       else
     142           0 :         print_pubkey_info (NULL, pk );
     143           0 :       tty_printf( "\n" );
     144             : 
     145           0 :       yes = cpr_get_answer_is_yes
     146             :         (secret? "delete_key.secret.okay": "delete_key.okay",
     147           0 :          _("Delete this key from the keyring? (y/N) "));
     148             : 
     149           0 :       if (!cpr_enabled() && secret && yes)
     150             :         {
     151             :           /* I think it is not required to check a passphrase; if the
     152             :            * user is so stupid as to let others access his secret
     153             :            * keyring (and has no backup) - it is up him to read some
     154             :            * very basic texts about security.  */
     155           0 :           yes = cpr_get_answer_is_yes
     156             :             ("delete_key.secret.okay",
     157           0 :              _("This is a secret key! - really delete? (y/N) "));
     158             :         }
     159             : 
     160           0 :       if (yes)
     161           0 :         okay++;
     162             :     }
     163             : 
     164             : 
     165           3 :   if (okay)
     166             :     {
     167           3 :       if (secret)
     168             :         {
     169             :           char *prompt;
     170           0 :           gpg_error_t firsterr = 0;
     171             :           char *hexgrip;
     172             : 
     173           0 :           setup_main_keyids (keyblock);
     174           0 :           for (kbctx=NULL; (node = walk_kbnode (keyblock, &kbctx, 0)); )
     175             :             {
     176           0 :               if (!(node->pkt->pkttype == PKT_PUBLIC_KEY
     177           0 :                     || node->pkt->pkttype == PKT_PUBLIC_SUBKEY))
     178           0 :                 continue;
     179             : 
     180           0 :               if (agent_probe_secret_key (NULL, node->pkt->pkt.public_key))
     181           0 :                 continue;  /* No secret key for that public (sub)key.  */
     182             : 
     183           0 :               prompt = gpg_format_keydesc (node->pkt->pkt.public_key,
     184             :                                            FORMAT_KEYDESC_DELKEY, 1);
     185           0 :               err = hexkeygrip_from_pk (node->pkt->pkt.public_key, &hexgrip);
     186           0 :               if (!err)
     187           0 :                 err = agent_delete_key (NULL, hexgrip, prompt);
     188           0 :               xfree (prompt);
     189           0 :               xfree (hexgrip);
     190           0 :               if (err)
     191             :                 {
     192           0 :                   if (gpg_err_code (err) == GPG_ERR_KEY_ON_CARD)
     193           0 :                     write_status_text (STATUS_DELETE_PROBLEM, "1");
     194           0 :                   log_error (_("deleting secret %s failed: %s\n"),
     195           0 :                              (node->pkt->pkttype == PKT_PUBLIC_KEY
     196             :                               ? _("key"):_("subkey")),
     197             :                              gpg_strerror (err));
     198           0 :                   if (!firsterr)
     199           0 :                     firsterr = err;
     200           0 :                   if (gpg_err_code (err) == GPG_ERR_CANCELED
     201           0 :                       || gpg_err_code (err) == GPG_ERR_FULLY_CANCELED)
     202             :                     break;
     203             :                 }
     204             : 
     205             :             }
     206             : 
     207           0 :           err = firsterr;
     208           0 :           if (firsterr)
     209           0 :             goto leave;
     210             :         }
     211             :       else
     212             :         {
     213           3 :           err = keydb_delete_keyblock (hd);
     214           3 :           if (err)
     215             :             {
     216           0 :               log_error (_("deleting keyblock failed: %s\n"),
     217             :                          gpg_strerror (err));
     218           0 :               goto leave;
     219             :             }
     220             :         }
     221             : 
     222             :       /* Note that the ownertrust being cleared will trigger a
     223             :          revalidation_mark().  This makes sense - only deleting keys
     224             :          that have ownertrust set should trigger this. */
     225             : 
     226           3 :       if (!secret && pk && clear_ownertrusts (pk))
     227             :         {
     228           0 :           if (opt.verbose)
     229           0 :             log_info (_("ownertrust information cleared\n"));
     230             :         }
     231             :     }
     232             : 
     233             :  leave:
     234           8 :   keydb_release (hd);
     235           8 :   release_kbnode (keyblock);
     236           8 :   return err;
     237             : }
     238             : 
     239             : /****************
     240             :  * Delete a public or secret key from a keyring.
     241             :  */
     242             : gpg_error_t
     243           8 : delete_keys (strlist_t names, int secret, int allow_both)
     244             : {
     245             :   gpg_error_t err;
     246             :   int avail;
     247           8 :   int force = (!allow_both && !secret && opt.expert);
     248             : 
     249             :   /* Force allows us to delete a public key even if a secret key
     250             :      exists. */
     251             : 
     252          11 :   for ( ;names ; names=names->next )
     253             :     {
     254           8 :       err = do_delete_key (names->d, secret, force, &avail);
     255           8 :       if (err && avail)
     256             :         {
     257           0 :           if (allow_both)
     258             :             {
     259           0 :               err = do_delete_key (names->d, 1, 0, &avail);
     260           0 :               if (!err)
     261           0 :                 err = do_delete_key (names->d, 0, 0, &avail);
     262             :             }
     263             :           else
     264             :             {
     265           0 :               log_error (_("there is a secret key for public key \"%s\"!\n"),
     266           0 :                          names->d);
     267           0 :               log_info(_("use option \"--delete-secret-keys\" to delete"
     268             :                          " it first.\n"));
     269           0 :               write_status_text (STATUS_DELETE_PROBLEM, "2");
     270           0 :               return err;
     271             :             }
     272             :         }
     273             : 
     274           8 :       if (err)
     275             :         {
     276          10 :           log_error ("%s: delete key failed: %s\n",
     277           5 :                      names->d, gpg_strerror (err));
     278           5 :           return err;
     279             :         }
     280             :     }
     281             : 
     282           3 :   return 0;
     283             : }

Generated by: LCOV version 1.11