gnupg/g10 (ChangeLog keygen.c)

Tue Feb 1 06:17:21 CET 2005

Date: Tuesday, February 1, 2005 @ 06:26:25
  Author: dshaw
    Path: /cvs/gnupg/gnupg/g10

Modified: ChangeLog keygen.c

* keygen.c (do_generate_keypair): Write the auth key to the card
before the encryption key.  This is a partial workaround for a PGP bug
(as of this writing, all versions including 8.1), that causes it to
try and encrypt to the most recent subkey regardless of whether that
subkey is actually an encryption type.  In this case, the auth key is
an RSA key so it succeeds.


-----------+
 ChangeLog |    9 +++++++++
 keygen.c  |   29 ++++++++++++++++++-----------
 2 files changed, 27 insertions(+), 11 deletions(-)


Index: gnupg/g10/ChangeLog
diff -u gnupg/g10/ChangeLog:1.691 gnupg/g10/ChangeLog:1.692

--- gnupg/g10/ChangeLog:1.691	Fri Jan 28 01:50:10 2005
+++ gnupg/g10/ChangeLog	Tue Feb  1 06:26:25 2005
@@ -1,3 +1,12 @@
+2005-01-31  David Shaw  <dshaw at jabberwocky.com>
+
+	* keygen.c (do_generate_keypair): Write the auth key to the card
+	before the encryption key.  This is a partial workaround for a PGP
+	bug (as of this writing, all versions including 8.1), that causes
+	it to try and encrypt to the most recent subkey regardless of
+	whether that subkey is actually an encryption type.  In this case,
+	the auth key is an RSA key so it succeeds.
+
 2005-01-27  David Shaw  <dshaw at jabberwocky.com>
 
 	* keyid.c (keyid_from_sk, keyid_from_pk): Use 0xFFFFFFFFFFFFFFFF
Index: gnupg/g10/keygen.c
diff -u gnupg/g10/keygen.c:1.144 gnupg/g10/keygen.c:1.145
--- gnupg/g10/keygen.c:1.144	Fri Jan 28 01:50:10 2005
+++ gnupg/g10/keygen.c	Tue Feb  1 06:26:25 2005
@@ -2820,6 +2820,24 @@
                                get_parameter_uint (para, pKEYUSAGE));
     }
 
+    /* Write the auth key to the card before the encryption key.  This
+       is a partial workaround for a PGP bug (as of this writing, all
+       versions including 8.1), that causes it to try and encrypt to
+       the most recent subkey regardless of whether that subkey is
+       actually an encryption type.  In this case, the auth key is an
+       RSA key so it succeeds. */
+
+    if (!rc && card && get_parameter (para, pAUTHKEYTYPE))
+      {
+        rc = gen_card_key (PUBKEY_ALGO_RSA, 3, 0, pub_root, sec_root,
+                           get_parameter_u32 (para, pKEYEXPIRE), para);
+        
+        if (!rc)
+          rc = write_keybinding (pub_root, pub_root, pri_sk, sub_sk, PUBKEY_USAGE_AUTH);
+        if (!rc)
+          rc = write_keybinding (sec_root, pub_root, pri_sk, sub_sk, PUBKEY_USAGE_AUTH);
+      }
+
     if( !rc && get_parameter( para, pSUBKEYTYPE ) )
       {
         if (!card)
@@ -2859,17 +2877,6 @@
         did_sub = 1;
       }
 
-    if (!rc && card && get_parameter (para, pAUTHKEYTYPE))
-      {
-        rc = gen_card_key (PUBKEY_ALGO_RSA, 3, 0, pub_root, sec_root,
-                           get_parameter_u32 (para, pKEYEXPIRE), para);
-        
-        if (!rc)
-          rc = write_keybinding (pub_root, pub_root, pri_sk, sub_sk, PUBKEY_USAGE_AUTH);
-        if (!rc)
-          rc = write_keybinding (sec_root, pub_root, pri_sk, sub_sk, PUBKEY_USAGE_AUTH);
-      }
-    
     if( !rc && outctrl->use_files ) { /* direct write to specified files */
 	rc = write_keyblock( outctrl->pub.stream, pub_root );
 	if( rc )


