[svn] GnuPG - r4075 - in branches/GNUPG-1-9-BRANCH: . doc scd

svn author wk cvs at cvs.gnupg.org
Tue Mar 21 13:48:52 CET 2006 

Author: wk
Date: 2006-03-21 13:48:51 +0100 (Tue, 21 Mar 2006)
New Revision: 4075

Modified:
   branches/GNUPG-1-9-BRANCH/NEWS
   branches/GNUPG-1-9-BRANCH/TODO
   branches/GNUPG-1-9-BRANCH/doc/scdaemon.texi
   branches/GNUPG-1-9-BRANCH/scd/ChangeLog
   branches/GNUPG-1-9-BRANCH/scd/command.c
Log:
Allo RMD160 signatures


Modified: branches/GNUPG-1-9-BRANCH/NEWS
===================================================================
--- branches/GNUPG-1-9-BRANCH/NEWS	2006-03-21 09:56:47 UTC (rev 4074)
+++ branches/GNUPG-1-9-BRANCH/NEWS	2006-03-21 12:48:51 UTC (rev 4075)
@@ -11,7 +11,9 @@
  * [gpgsm] Kludge to allow use of Bundesnetzagentur issued
    certificates.
 
+ * [scdaemon] Added --hash=xxx option to the PKSIGN command.
 
+
 Noteworthy changes in version 1.9.20 (2005-12-20)
 -------------------------------------------------
 

Modified: branches/GNUPG-1-9-BRANCH/TODO
===================================================================
--- branches/GNUPG-1-9-BRANCH/TODO	2006-03-21 09:56:47 UTC (rev 4074)
+++ branches/GNUPG-1-9-BRANCH/TODO	2006-03-21 12:48:51 UTC (rev 4075)
@@ -3,6 +3,7 @@
 * src/base64
 ** Make parsing more robust
 Currently we don't cope with overlong lines in the best way.
+** Check that we really release the ksba reader/writer objects.
 
 * sm/call-agent.c
 ** The protocol uses an incomplete S-expression

Modified: branches/GNUPG-1-9-BRANCH/doc/scdaemon.texi
===================================================================
--- branches/GNUPG-1-9-BRANCH/doc/scdaemon.texi	2006-03-21 09:56:47 UTC (rev 4074)
+++ branches/GNUPG-1-9-BRANCH/doc/scdaemon.texi	2006-03-21 12:48:51 UTC (rev 4075)
@@ -444,9 +444,16 @@
 @end example
 
 where @var{keyid} is the hexified ID of the key to be used.  The key id
-may have been retrieved using the command @code{LEARN}.
+may have been retrieved using the command @code{LEARN}.  If another
+hash algorithm than SHA-1 is used, that algorithm may be given like:
 
+ at example
+  PKSIGN --hash=@var{algoname} @var{keyid}
+ at end example
 
+With @var{algoname} are one of @code{sha1}, @code{rmd160} or @code{md5}.
+
+
 @node Scdaemon PKDECRYPT
 @subsection Decrypting data with a Smartcard
 

Modified: branches/GNUPG-1-9-BRANCH/scd/ChangeLog
===================================================================
--- branches/GNUPG-1-9-BRANCH/scd/ChangeLog	2006-03-21 09:56:47 UTC (rev 4074)
+++ branches/GNUPG-1-9-BRANCH/scd/ChangeLog	2006-03-21 12:48:51 UTC (rev 4075)
@@ -1,3 +1,7 @@
+2006-03-21  Werner Koch  <wk at g10code.com>
+
+	* command.c (cmd_pksign): Add --hash option.
+
 2006-03-01  Werner Koch  <wk at g10code.com>
 
 	* command.c (status_file_update_lock): New.

Modified: branches/GNUPG-1-9-BRANCH/scd/command.c
===================================================================
--- branches/GNUPG-1-9-BRANCH/scd/command.c	2006-03-21 09:56:47 UTC (rev 4074)
+++ branches/GNUPG-1-9-BRANCH/scd/command.c	2006-03-21 12:48:51 UTC (rev 4075)
@@ -708,8 +708,10 @@
 }
 
 
-/* PKSIGN <hexified_id>
+/* PKSIGN [--hash=[rmd160|sha1|md5]] <hexified_id>
 
+   The --hash option is optional; the default is SHA1.
+
  */
 static int
 cmd_pksign (assuan_context_t ctx, char *line)
@@ -719,7 +721,27 @@
   unsigned char *outdata;
   size_t outdatalen;
   char *keyidstr;
+  int hash_algo;
 
+  if (has_option (line, "--hash=rmd160"))
+    hash_algo = GCRY_MD_RMD160;
+  else if (has_option (line, "--hash=sha1"))
+    hash_algo = GCRY_MD_SHA1;
+  else if (has_option (line, "--hash=md5"))
+    hash_algo = GCRY_MD_MD5;
+  else if (!strstr (line, "--"))
+    hash_algo = GCRY_MD_SHA1; 
+  else
+    return set_error (Parameter_Error, "invalid hash algorithm");
+  /* Skip over options. */
+  while ( *line == '-' && line[1] == '-' )
+    {
+      while (*line && !spacep (line))
+        line++;
+      while (spacep (line))
+        line++;
+    }
+
   if ( IS_LOCKED (ctrl) )
     return gpg_error (GPG_ERR_LOCKED);
 
@@ -734,7 +756,7 @@
     return ASSUAN_Out_Of_Core;
   
   rc = app_sign (ctrl->app_ctx,
-                 keyidstr, GCRY_MD_SHA1,
+                 keyidstr, hash_algo,
                  pin_cb, ctx,
                  ctrl->in_data.value, ctrl->in_data.valuelen,
                  &outdata, &outdatalen);
@@ -777,7 +799,7 @@
   if (!ctrl->app_ctx)
     return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
 
-  /* We have to use a copy of the key ID because the function may use
+ /* We have to use a copy of the key ID because the function may use
      the pin_cb which in turn uses the assuan line buffer and thus
      overwriting the original line with the keyid */
   keyidstr = xtrystrdup (line);

More information about the Gnupg-commits mailing list