Confused about sub-keys.

Alfred M. Szmidt ams@kemisten.nu
Tue Oct 1 18:01:02 2002


This is an silly, ugly hack to suit my needs nothing else, and I do
not recommend anyone to use it either, anyone who does cannot blame me
for anything that goes wrong (like gpg sending your secret key and
password to some evil three letter agency, etc.).  Oh, and it is
completely untested!

This patch will add "***" to the beginning of the key listing of
--list-secret-keys indicate that the secret key is absent.  I don't
know how much one can trust that sk->protect.s2k.mode will be 1001
when the master key is absent, but it works right now... 

$ gpg --list-secret-keys
/home/ams/.gnupg/secring.gpg
---------------------------------
*** sec  1024D/870BB9D7 2002-10-01 test test <test@tes>
ssb  1024D/2E38558B 2002-10-01

--- keylist.c.~1~	Fri Sep 20 09:40:22 2002
+++ keylist.c	Tue Oct  1 17:52:10 2002
@@ -406,9 +406,13 @@
     }
 
     if( secret ) {
	pk = NULL;
 	sk = node->pkt->pkt.secret_key;
 	keyid_from_sk( sk, keyid );
+
+        if (sk->protect.s2k.mode == 1001)
+          printf ("*** ");
+
         printf("sec  %4u%c/%08lX %s ", nbits_from_sk( sk ),
 				       pubkey_letter( sk->pubkey_algo ),
 				       (ulong)keyid[1],

-- 
Alfred M. Szmidt