diff options
| author | Werner Koch <wk@gnupg.org> | 2023-05-08 13:10:47 +0200 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2023-05-08 13:10:47 +0200 |
| commit | ef2c3d50fa8cbc2413645a56d9d060c0ec31e62f (patch) | |
| tree | 7d71b53294739b6880d8a86cc11b8fdb07cb3e2c /g10 | |
| parent | kbx: For non-Windows use 64k buffers by default instead of 128k. (diff) | |
| download | gnupg2-ef2c3d50fa8cbc2413645a56d9d060c0ec31e62f.tar.xz gnupg2-ef2c3d50fa8cbc2413645a56d9d060c0ec31e62f.zip | |
gpg: Print a warning if no more encryption subkey was left over.
* g10/keyedit.c (no_usable_encr_subkeys_warning): New.
(keyedit_menu): Call it after running an expire command.
* g10/import.c (import_one_real): Call it in the show_key case.
--
Diffstat (limited to 'g10')
| -rw-r--r-- | g10/import.c | 1 | ||||
| -rw-r--r-- | g10/keyedit.c | 35 | ||||
| -rw-r--r-- | g10/keyedit.h | 1 |
3 files changed, 37 insertions, 0 deletions
diff --git a/g10/import.c b/g10/import.c index 5e44942e7..987fef3cd 100644 --- a/g10/import.c +++ b/g10/import.c @@ -2136,6 +2136,7 @@ import_one_real (ctrl_t ctrl, list_keyblock_direct (ctrl, keyblock, from_sk, 0, opt.fingerprint || opt.with_fingerprint, 1); es_fflush (es_stdout); + no_usable_encr_subkeys_warning (keyblock); } /* Write the keyblock to the output and do not actually import. */ diff --git a/g10/keyedit.c b/g10/keyedit.c index a91cc4447..4b767aed6 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -1501,6 +1501,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, run_subkey_warnings = 0; if (!count_selected_keys (keyblock)) subkey_expire_warning (keyblock); + no_usable_encr_subkeys_warning (keyblock); } if (delseckey_list_warn) @@ -4258,6 +4259,40 @@ subkey_expire_warning (kbnode_t keyblock) } +/* Print a warning if all encryption (sub|primary)keys are expired. + * The warning is not printed if there is no encryption + * (sub|primary)key at all. This function is called after the expire + * data of the primary key has been changed. */ +void +no_usable_encr_subkeys_warning (kbnode_t keyblock) +{ + kbnode_t node; + PKT_public_key *pk; + int any_encr_key = 0; + + for (node = keyblock; node; node = node->next) + { + if (node->pkt->pkttype == PKT_PUBLIC_KEY + || node->pkt->pkttype == PKT_PUBLIC_SUBKEY) + { + pk = node->pkt->pkt.public_key; + if ((pk->pubkey_usage & PUBKEY_USAGE_ENC)) + { + any_encr_key = 1; + if (pk->flags.valid && !pk->has_expired && !pk->flags.revoked + && !pk->flags.disabled) + { + return; /* Key is usable for encryption */ + } + } + } + } + + if (any_encr_key && !opt.quiet) + log_info (_("WARNING: No valid encryption subkey left over.\n")); +} + + /* * Ask for a new user id, add the self-signature, and update the * keyblock. If UIDSTRING is not NULL the user ID is generated diff --git a/g10/keyedit.h b/g10/keyedit.h index 3ed0d0fea..abf7314af 100644 --- a/g10/keyedit.h +++ b/g10/keyedit.h @@ -63,5 +63,6 @@ int keyedit_print_one_sig (ctrl_t ctrl, estream_t fp, kbnode_t node, int *inv_sigs, int *no_key, int *oth_err, int is_selfsig, int print_without_key, int extended); +void no_usable_encr_subkeys_warning (kbnode_t keyblock); #endif /* GNUPG_G10_KEYEDIT_H */ |