diff options
Diffstat (limited to 'g10/keyedit.c')
| -rw-r--r-- | g10/keyedit.c | 35 |
1 files changed, 30 insertions, 5 deletions
diff --git a/g10/keyedit.c b/g10/keyedit.c index 9387a762e..6f9c1c7c1 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -212,6 +212,7 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified ) int rc = 0; SK_LIST sk_list = NULL; SK_LIST sk_rover = NULL; + PKT_secret_key *sk = NULL; KBNODE node, uidnode; PKT_public_key *primary_pk; int select_all = !count_selected_uids(keyblock); @@ -228,7 +229,14 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified ) size_t n; char *p; - keyid_from_sk( sk_rover->sk, sk_keyid ); + /* we have to use a copy of the sk, because make_keysig_packet + * may remove the protection from sk and if we did other + * changes to the secret key, we would save the unprotected + * version */ + if( sk ) + free_secret_key(sk); + sk = copy_secret_key( NULL, sk_rover->sk ); + keyid_from_sk( sk, sk_keyid ); /* set mark A for all selected user ids */ for( node=keyblock; node; node = node->next ) { if( select_all || (node->flag & NODFLG_SELUID) ) @@ -261,6 +269,7 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified ) /* Ask whether we really should sign these user id(s) */ tty_printf("\n"); show_key_with_all_names( keyblock, 1, 1, 0, 0 ); + tty_printf("\n"); tty_printf(_( "Are you really sure that you want to sign this key\n" "with your key: \"")); @@ -287,7 +296,7 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified ) rc = make_keysig_packet( &sig, primary_pk, node->pkt->pkt.user_id, NULL, - sk_rover->sk, + sk, 0x10, 0, NULL, NULL ); if( rc ) { log_error(_("signing failed: %s\n"), g10_errstr(rc)); @@ -311,6 +320,8 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified ) leave: release_sk_list( sk_list ); + if( sk ) + free_secret_key(sk); return rc; } @@ -587,10 +598,13 @@ keyedit_menu( const char *username, STRLIST locusr ) break; } } - /* FIXME: UPDATE/INVALIDATE trustdb !! */ } else tty_printf(_("Key not changed so no update needed.\n")); + rc = update_trust_record( keyblock ); + if( rc ) + log_error(_("update of trust db failed: %s\n"), + g10_errstr(rc) ); goto leave; case cmdLIST: @@ -643,6 +657,14 @@ keyedit_menu( const char *username, STRLIST locusr ) if( menu_adduid( keyblock, sec_keyblock ) ) { redisplay = 1; sec_modified = modified = 1; + /* must update the trustdb already here, so that preferences + * get listed correctly */ + rc = update_trust_record( keyblock ); + if( rc ) { + log_error(_("update of trust db failed: %s\n"), + g10_errstr(rc) ); + rc = 0; + } } break; @@ -808,8 +830,10 @@ show_key_with_all_names( KBNODE keyblock, int only_marked, expirestr_from_pk(pk) ); if( node->pkt->pkttype == PKT_PUBLIC_KEY ) { tty_printf(" trust: %c/%c", otrust, trust ); - if( with_fpr ) + if( with_fpr ) { + tty_printf("\n"); show_fingerprint( pk ); + } } tty_printf("\n"); } @@ -933,7 +957,7 @@ menu_adduid( KBNODE pub_keyblock, KBNODE sec_keyblock ) pub_where = NULL; for( node = sec_keyblock; node; sec_where = node, node = node->next ) { if( node->pkt->pkttype == PKT_SECRET_KEY ) - sk = node->pkt->pkt.secret_key; + sk = copy_secret_key( NULL, node->pkt->pkt.secret_key); else if( node->pkt->pkttype == PKT_SECRET_SUBKEY ) break; } @@ -943,6 +967,7 @@ menu_adduid( KBNODE pub_keyblock, KBNODE sec_keyblock ) rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x13, 0, keygen_add_std_prefs, sk ); + free_secret_key( sk ); if( rc ) { log_error("signing failed: %s\n", g10_errstr(rc) ); free_user_id(uid); |