gpg: avoid deletion of keys not specified by user
Needs ReviewPublic

Authored by matheusmoreira on Tue, Apr 30, 1:40 PM.
This revision needs review, but there are no reviewers specified.

Details

Summary
  • g10/delkey.c (should_skip): New.

(do_delete_key): Skip keys other than the exact key specified by user.

When the user tries to delete a specific secret subkey
by using an exact search specification (trailing "!"),
gpg deletes the primary key and all other subkeys as well.

The new should_skip static function allows the key deletion routine
to determine when to skip keys. In this case, keys are skipped when
they are not the exact key specified by the user.

Signed-off-by: Matheus Afonso Martins Moreira <matheus.a.m.moreira@gmail.com>

Test Plan

Given a temporary gpg home with primary and subordinate keys:

$ agent/gpg-agent --daemon --homedir $XDG_RUNTIME_DIR/gnupg-git
$ g10/gpg --homedir $XDG_RUNTIME_DIR/gnupg-git --batch --passphrase '' --default-new-key-algo 'rsa1024/cert+rsa1024/sign' --quick-gen-key test
$ SUBKEY=$(g10/gpg --homedir $XDG_RUNTIME_DIR/gnupg-git -K --with-subkey-fingerprint --with-colons | awk -F: '/fpr/ { print $10 }' | tail -1)

Deleting just the secret subkey should leave the primary key intact:

$ g10/gpg --homedir $XDG_RUNTIME_DIR/gnupg-git --batch --yes --delete-secret-keys $SUBKEY!
$ g10/gpg --homedir $XDG_RUNTIME_DIR/gnupg-git -K
sec   rsa1024 2019-05-02 [C] [expires: 2021-05-01]
uid           [ultimate] test
ssb#  rsa1024 2019-05-02 [S]

Diff Detail

Repository
rG GnuPG
Lint
Lint Skipped
Unit
Unit Tests Skipped
matheusmoreira created this revision.Tue, Apr 30, 1:40 PM
matheusmoreira retitled this revision from Improve secret key deletion to Don't delete secret keys not specified by user.Tue, Apr 30, 2:02 PM
matheusmoreira edited the summary of this revision. (Show Details)
matheusmoreira retitled this revision from Don't delete secret keys not specified by user to gpg: avoid deletion of keys not specified by user.Thu, May 2, 3:41 AM
matheusmoreira edited the summary of this revision. (Show Details)
matheusmoreira edited the test plan for this revision. (Show Details)

Rebased on top of master: 4c7d63cd5b02