gpg: avoid deletion of keys not specified by user
AbandonedPublic
Actions

Authored by matheusmoreira on Apr 30 2019, 1:40 PM.

Details

Reviewers: None
Maniphest Tasks: T4457: Improve deletion of secret subkeys (don't delete primary key when subkey deletion is requested)
Commits: rKLEOPATRA5e9d402be380: Yet another place with deprecated API

Summary

g10/delkey.c (should_skip): New.

(do_delete_key): Skip keys other than the exact key specified by user.

When the user tries to delete a specific secret subkey
by using an exact search specification (trailing "!"),
gpg deletes the primary key and all other subkeys as well.

The new should_skip static function allows the key deletion routine
to determine when to skip keys. In this case, keys are skipped when
they are not the exact key specified by the user.

Signed-off-by: Matheus Afonso Martins Moreira <matheus.a.m.moreira@gmail.com>

Test Plan

Given a temporary gpg home with primary and subordinate keys:

$ agent/gpg-agent --daemon --homedir $XDG_RUNTIME_DIR/gnupg-git
$ g10/gpg --homedir $XDG_RUNTIME_DIR/gnupg-git --batch --passphrase '' --default-new-key-algo 'rsa1024/cert+rsa1024/sign' --quick-gen-key test
$ SUBKEY=$(g10/gpg --homedir $XDG_RUNTIME_DIR/gnupg-git -K --with-subkey-fingerprint --with-colons | awk -F: '/fpr/ { print $10 }' | tail -1)

Deleting just the secret subkey should leave the primary key intact:

$ g10/gpg --homedir $XDG_RUNTIME_DIR/gnupg-git --batch --yes --delete-secret-keys $SUBKEY!
$ g10/gpg --homedir $XDG_RUNTIME_DIR/gnupg-git -K
sec   rsa1024 2019-05-02 [C] [expires: 2021-05-01]
uid           [ultimate] test
ssb#  rsa1024 2019-05-02 [S]

Diff Detail

Repository

rG GnuPG

Lint

Lint Skipped

Unit

Unit Tests Skipped

Event Timeline

matheusmoreira created this revision.Apr 30 2019, 1:40 PM

matheusmoreira mentioned this in T4457: Improve deletion of secret subkeys (don't delete primary key when subkey deletion is requested).Apr 30 2019, 1:43 PM

matheusmoreira retitled this revision from Improve secret key deletion to Don't delete secret keys not specified by user.Apr 30 2019, 2:02 PM

matheusmoreira edited the summary of this revision. (Show Details)

matheusmoreira added a child revision: D480: gpg: factor out secret key deletion function.Apr 30 2019, 3:18 PM

matheusmoreira retitled this revision from Don't delete secret keys not specified by user to gpg: avoid deletion of keys not specified by user.May 2 2019, 3:41 AM

matheusmoreira edited the summary of this revision. (Show Details)

matheusmoreira edited the test plan for this revision. (Show Details)

matheusmoreira added a task: T4457: Improve deletion of secret subkeys (don't delete primary key when subkey deletion is requested).May 3 2019, 8:58 PM

Rebased on top of master: 4c7d63cd5b02

A better solution has been commited: cc6069ac6ecd

Reuses exact_subkey_match_p instead of defining a new static function
Uses keyblock node API
Handles exact public key deletion
Explains to the user the nature of the operations that are about to be performed
Adds documentation

matheusmoreira removed a child revision: D480: gpg: factor out secret key deletion function.May 28 2019, 5:56 PM

• Fred23 added a commit: rKLEOPATRA5e9d402be380: Yet another place with deprecated API.Jun 20 2021, 6:09 PM

Revision Contents
Changeset List

Path

Size

g10/

delkey.c

51 lines

Diff 1363

View Options

gpg: avoid deletion of keys not specified by userAbandonedPublicActions