[Pkg-gnupg-commit] [gnupg2] 76/124: agent: New option --stub-only for DELETE_KEY

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Apr 5 15:55:34 UTC 2017 

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch experimental
in repository gnupg2.

commit 6fab7bba879d7794e32112cf3eddd8d87130a5d7
Author: Werner Koch <wk at gnupg.org>
Date:   Fri Mar 24 09:02:02 2017 +0100

    agent: New option --stub-only for DELETE_KEY
    
    * agent/findkey.c (agent_delete_key): Add arg 'only_stubs'.
    * agent/command.c (cmd_delete_key): Add option --stub-only.
    --
    
    This option can be used to savely remove stub keys.
---
 agent/agent.h   |  3 ++-
 agent/command.c | 11 +++++++----
 agent/findkey.c | 32 +++++++++++++++++++++-----------
 3 files changed, 30 insertions(+), 16 deletions(-)

diff --git a/agent/agent.h b/agent/agent.h
index e98a246..3b53ba4 100644
--- a/agent/agent.h
+++ b/agent/agent.h
@@ -406,7 +406,8 @@ gpg_error_t agent_key_info_from_file (ctrl_t ctrl, const unsigned char *grip,
                                       int *r_keytype,
                                       unsigned char **r_shadow_info);
 gpg_error_t agent_delete_key (ctrl_t ctrl, const char *desc_text,
-                              const unsigned char *grip, int force);
+                              const unsigned char *grip,
+                              int force, int only_stubs);
 
 /*-- call-pinentry.c --*/
 void initialize_module_call_pinentry (void);
diff --git a/agent/command.c b/agent/command.c
index 79fb0ce..1f8f7c2 100644
--- a/agent/command.c
+++ b/agent/command.c
@@ -2433,23 +2433,25 @@ cmd_export_key (assuan_context_t ctx, char *line)
 
 

 static const char hlp_delete_key[] =
-  "DELETE_KEY [--force] <hexstring_with_keygrip>\n"
+  "DELETE_KEY [--force|--stub-only] <hexstring_with_keygrip>\n"
   "\n"
   "Delete a secret key from the key store.  If --force is used\n"
   "and a loopback pinentry is allowed, the agent will not ask\n"
-  "the user for confirmation.";
+  "the user for confirmation.  If --stub-only is used the key will\n"
+  "only be deleted if it is a reference to a token.";
 static gpg_error_t
 cmd_delete_key (assuan_context_t ctx, char *line)
 {
   ctrl_t ctrl = assuan_get_pointer (ctx);
   gpg_error_t err;
-  int force;
+  int force, stub_only;
   unsigned char grip[20];
 
   if (ctrl->restricted)
     return leave_cmd (ctx, gpg_error (GPG_ERR_FORBIDDEN));
 
   force = has_option (line, "--force");
+  stub_only = has_option (line, "--stub-only");
   line = skip_options (line);
 
   /* If the use of a loopback pinentry has been disabled, we assume
@@ -2461,7 +2463,8 @@ cmd_delete_key (assuan_context_t ctx, char *line)
   if (err)
     goto leave;
 
-  err = agent_delete_key (ctrl, ctrl->server_local->keydesc, grip, force );
+  err = agent_delete_key (ctrl, ctrl->server_local->keydesc, grip,
+                          force, stub_only);
   if (err)
     goto leave;
 
diff --git a/agent/findkey.c b/agent/findkey.c
index a196fdc..4429b7a 100644
--- a/agent/findkey.c
+++ b/agent/findkey.c
@@ -1413,18 +1413,20 @@ agent_key_info_from_file (ctrl_t ctrl, const unsigned char *grip,
 
 

 /* Delete the key with GRIP from the disk after having asked for
-   confirmation using DESC_TEXT.  If FORCE is set the function won't
-   require a confirmation via Pinentry or warns if the key is also
-   used by ssh.
-
-   Common error codes are:
-     GPG_ERR_NO_SECKEY
-     GPG_ERR_KEY_ON_CARD
-     GPG_ERR_NOT_CONFIRMED
-*/
+ * confirmation using DESC_TEXT.  If FORCE is set the function won't
+ * require a confirmation via Pinentry or warns if the key is also
+ * used by ssh.  If ONLY_STUBS is set only stub keys (references to
+ * smartcards) will be affected.
+ *
+ * Common error codes are:
+ *   GPG_ERR_NO_SECKEY
+ *   GPG_ERR_KEY_ON_CARD
+ *   GPG_ERR_NOT_CONFIRMED
+ *   GPG_ERR_FORBIDDEN     - Not a stub key and ONLY_STUBS requested.
+ */
 gpg_error_t
 agent_delete_key (ctrl_t ctrl, const char *desc_text,
-                  const unsigned char *grip, int force)
+                  const unsigned char *grip, int force, int only_stubs)
 {
   gpg_error_t err;
   gcry_sexp_t s_skey = NULL;
@@ -1435,6 +1437,7 @@ agent_delete_key (ctrl_t ctrl, const char *desc_text,
   ssh_control_file_t cf = NULL;
   char hexgrip[40+4+1];
   char *default_desc = NULL;
+  int key_type;
 
   err = read_key_file (grip, &s_skey);
   if (gpg_err_code (err) == GPG_ERR_ENOENT)
@@ -1446,7 +1449,14 @@ agent_delete_key (ctrl_t ctrl, const char *desc_text,
   if (err)
     goto leave;
 
-  switch (agent_private_key_type (buf))
+  key_type = agent_private_key_type (buf);
+  if (only_stubs && key_type != PRIVATE_KEY_SHADOWED)
+    {
+      err  = gpg_error (GPG_ERR_FORBIDDEN);
+      goto leave;
+    }
+
+  switch (key_type)
     {
     case PRIVATE_KEY_CLEAR:
     case PRIVATE_KEY_OPENPGP_NONE:

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git

More information about the Pkg-gnupg-commit mailing list