1 /* delkey.c - delete keys
2 * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2004,
3 * 2005, 2006 Free Software Foundation, Inc.
4 * Copyright (C) 2014 Werner Koch
6 * This file is part of GnuPG.
8 * GnuPG is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
13 * GnuPG is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, see <https://www.gnu.org/licenses/>.
42 #include "call-agent.h"
46 * Delete a public or secret key from a keyring.
47 * r_sec_avail will be set if a secret key is available and the public
48 * key can't be deleted for that reason.
51 do_delete_key( const char *username, int secret, int force, int *r_sec_avail )
54 kbnode_t keyblock = NULL;
57 PKT_public_key *pk = NULL;
61 KEYDB_SEARCH_DESC desc;
68 return gpg_error_from_syserror ();
70 /* Search the userid. */
71 err = classify_user_id (username, &desc, 1);
72 exactmatch = (desc.mode == KEYDB_SEARCH_MODE_FPR
73 || desc.mode == KEYDB_SEARCH_MODE_FPR16
74 || desc.mode == KEYDB_SEARCH_MODE_FPR20);
76 err = keydb_search (hd, &desc, 1, NULL);
79 log_error (_("key \"%s\" not found: %s\n"), username, gpg_strerror (err));
80 write_status_text (STATUS_DELETE_PROBLEM, "1");
84 /* Read the keyblock. */
85 err = keydb_get_keyblock (hd, &keyblock);
88 log_error (_("error reading keyblock: %s\n"), gpg_strerror (err) );
92 /* Get the keyid from the keyblock. */
93 node = find_kbnode( keyblock, PKT_PUBLIC_KEY );
96 log_error ("Oops; key not found anymore!\n");
97 err = gpg_error (GPG_ERR_GENERAL);
100 pk = node->pkt->pkt.public_key;
101 keyid_from_pk (pk, keyid);
103 if (!secret && !force)
105 if (have_secret_key_with_kid (keyid))
108 err = gpg_error (GPG_ERR_EOF);
115 if (secret && !have_secret_key_with_kid (keyid))
117 err = gpg_error (GPG_ERR_NOT_FOUND);
118 log_error (_("key \"%s\" not found\n"), username);
119 write_status_text (STATUS_DELETE_PROBLEM, "1");
124 if (opt.batch && exactmatch)
126 else if (opt.batch && secret)
128 log_error(_("can't do this in batch mode\n"));
129 log_info (_("(unless you specify the key by fingerprint)\n"));
131 else if (opt.batch && opt.answer_yes)
135 log_error(_("can't do this in batch mode without \"--yes\"\n"));
136 log_info (_("(unless you specify the key by fingerprint)\n"));
141 print_seckey_info (pk);
143 print_pubkey_info (NULL, pk );
146 yes = cpr_get_answer_is_yes
147 (secret? "delete_key.secret.okay": "delete_key.okay",
148 _("Delete this key from the keyring? (y/N) "));
150 if (!cpr_enabled() && secret && yes)
152 /* I think it is not required to check a passphrase; if the
153 * user is so stupid as to let others access his secret
154 * keyring (and has no backup) - it is up him to read some
155 * very basic texts about security. */
156 yes = cpr_get_answer_is_yes
157 ("delete_key.secret.okay",
158 _("This is a secret key! - really delete? (y/N) "));
171 gpg_error_t firsterr = 0;
174 setup_main_keyids (keyblock);
175 for (kbctx=NULL; (node = walk_kbnode (keyblock, &kbctx, 0)); )
177 if (!(node->pkt->pkttype == PKT_PUBLIC_KEY
178 || node->pkt->pkttype == PKT_PUBLIC_SUBKEY))
181 if (agent_probe_secret_key (NULL, node->pkt->pkt.public_key))
182 continue; /* No secret key for that public (sub)key. */
184 prompt = gpg_format_keydesc (node->pkt->pkt.public_key,
185 FORMAT_KEYDESC_DELKEY, 1);
186 err = hexkeygrip_from_pk (node->pkt->pkt.public_key, &hexgrip);
187 /* NB: We require --yes to advise the agent not to
188 * request a confirmation. The rationale for this extra
189 * pre-caution is that since 2.1 the secret key may also
190 * be used for other protocols and thus deleting it from
191 * the gpg would also delete the key for other tools. */
193 err = agent_delete_key (NULL, hexgrip, prompt,
199 if (gpg_err_code (err) == GPG_ERR_KEY_ON_CARD)
200 write_status_text (STATUS_DELETE_PROBLEM, "1");
201 log_error (_("deleting secret %s failed: %s\n"),
202 (node->pkt->pkttype == PKT_PUBLIC_KEY
203 ? _("key"):_("subkey")),
207 if (gpg_err_code (err) == GPG_ERR_CANCELED
208 || gpg_err_code (err) == GPG_ERR_FULLY_CANCELED)
210 write_status_error ("delete_key.secret", err);
223 err = keydb_delete_keyblock (hd);
226 log_error (_("deleting keyblock failed: %s\n"),
232 /* Note that the ownertrust being cleared will trigger a
233 revalidation_mark(). This makes sense - only deleting keys
234 that have ownertrust set should trigger this. */
236 if (!secret && pk && clear_ownertrusts (pk))
239 log_info (_("ownertrust information cleared\n"));
245 release_kbnode (keyblock);
250 * Delete a public or secret key from a keyring.
253 delete_keys (strlist_t names, int secret, int allow_both)
257 int force = (!allow_both && !secret && opt.expert);
259 /* Force allows us to delete a public key even if a secret key
262 for ( ;names ; names=names->next )
264 err = do_delete_key (names->d, secret, force, &avail);
269 err = do_delete_key (names->d, 1, 0, &avail);
271 err = do_delete_key (names->d, 0, 0, &avail);
275 log_error (_("there is a secret key for public key \"%s\"!\n"),
277 log_info(_("use option \"--delete-secret-keys\" to delete"
279 write_status_text (STATUS_DELETE_PROBLEM, "2");
286 log_error ("%s: delete key failed: %s\n",
287 names->d, gpg_strerror (err));