[git] GnuPG - branch, master, updated. gnupg-2.1.2-77-gf82c4a6
by NIIBE Yutaka
cvs at cvs.gnupg.org
Fri Apr 3 10:51:21 CEST 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via f82c4a6d0d76e716b6a7b22ca964fa2da1f962a0 (commit)
via 4ffadb74b3ada8a5d69ef8d87f4326df9bd97e97 (commit)
from d0ff2ee04187fbedacbe4d3884ee75d957a0b8c6 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit f82c4a6d0d76e716b6a7b22ca964fa2da1f962a0
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Fri Apr 3 17:39:59 2015 +0900
g10: Fix keytocard.
g10/call-agent.h (agent_scd_learn): Add FORCE option.
g10/call-agent.c (agent_scd_learn): Implement FORCE option.
g10/keygen.c (gen_card_key): Follow the change of option.
g10/card-util.c (change_pin, card_status, factory_reset): Likewise.
g10/keyedit.c (keyedit_menu): Update private key storage by
agent_scd_learn.
--
This is not a perfect solution since there is a possibility user
unplug card before quitting 'gpg --keyedit' session. Usually,
it works well.
GnuPG-bug-id: 1846
diff --git a/g10/call-agent.c b/g10/call-agent.c
index 4bac8a0..2a80f22 100644
--- a/g10/call-agent.c
+++ b/g10/call-agent.c
@@ -673,7 +673,7 @@ learn_status_cb (void *opaque, const char *line)
/* Call the scdaemon to learn about a smartcard */
int
-agent_scd_learn (struct agent_card_info_s *info)
+agent_scd_learn (struct agent_card_info_s *info, int force)
{
int rc;
struct default_inq_parm_s parm;
@@ -701,7 +701,8 @@ agent_scd_learn (struct agent_card_info_s *info)
return rc;
parm.ctx = agent_ctx;
- rc = assuan_transact (agent_ctx, "LEARN --sendinfo",
+ rc = assuan_transact (agent_ctx,
+ force ? "LEARN --sendinfo --force" : "LEARN --sendinfo",
dummy_data_cb, NULL, default_inq_cb, &parm,
learn_status_cb, info);
/* Also try to get the key attributes. */
diff --git a/g10/call-agent.h b/g10/call-agent.h
index 9c104e8..df570a4 100644
--- a/g10/call-agent.h
+++ b/g10/call-agent.h
@@ -77,7 +77,7 @@ struct agent_card_genkey_s {
void agent_release_card_info (struct agent_card_info_s *info);
/* Return card info. */
-int agent_scd_learn (struct agent_card_info_s *info);
+int agent_scd_learn (struct agent_card_info_s *info, int force);
/* Send an APDU to the card. */
gpg_error_t agent_scd_apdu (const char *hexapdu, unsigned int *r_sw);
diff --git a/g10/card-util.c b/g10/card-util.c
index 4b584bf..a291a07 100644
--- a/g10/card-util.c
+++ b/g10/card-util.c
@@ -81,7 +81,7 @@ change_pin (int unblock_v2, int allow_admin)
struct agent_card_info_s info;
int rc;
- rc = agent_scd_learn (&info);
+ rc = agent_scd_learn (&info, 0);
if (rc)
{
log_error (_("OpenPGP card not available: %s\n"),
@@ -374,7 +374,7 @@ card_status (estream_t fp, char *serialno, size_t serialnobuflen)
if (serialno && serialnobuflen)
*serialno = 0;
- rc = agent_scd_learn (&info);
+ rc = agent_scd_learn (&info, 0);
if (rc)
{
if (opt.with_colons)
@@ -1702,7 +1702,7 @@ factory_reset (void)
but tries to find out something about the card first.
*/
- err = agent_scd_learn (&info);
+ err = agent_scd_learn (&info, 0);
if (gpg_err_code (err) == GPG_ERR_OBJ_TERM_STATE
&& gpg_err_source (err) == GPG_ERR_SOURCE_SCD)
termstate = 1;
diff --git a/g10/keyedit.c b/g10/keyedit.c
index 91f5dae..2f9469f 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -1450,6 +1450,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
char *answer = NULL;
int redisplay = 1;
int modified = 0;
+ int sec_shadowing = 0;
int run_subkey_warnings = 0;
int toggle;
int have_commands = !!commands;
@@ -1836,8 +1837,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
if (card_store_subkey (node, xxpk ? xxpk->pubkey_usage : 0))
{
redisplay = 1;
- /* Only the secret key has been modified; thus
- there is no need to set the modified flag. */
+ sec_shadowing = 1;
}
}
}
@@ -1923,7 +1923,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
if (card_store_subkey (node, 0))
{
redisplay = 1;
- /* FIXME:sec_modified = 1;*/
+ sec_shadowing = 1;
}
}
release_kbnode (node);
@@ -2182,7 +2182,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
case cmdQUIT:
if (have_commands)
goto leave;
- if (!modified)
+ if (!modified && !sec_shadowing)
goto leave;
if (!cpr_get_answer_is_yes ("keyedit.save.okay",
_("Save changes? (y/N) ")))
@@ -2204,7 +2204,18 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
break;
}
}
- else
+
+ if (sec_shadowing)
+ {
+ err = agent_scd_learn (NULL, 1);
+ if (err)
+ {
+ log_error (_("update failed: %s\n"), gpg_strerror (err));
+ break;
+ }
+ }
+
+ if (!modified && !sec_shadowing)
tty_printf (_("Key not changed so no update needed.\n"));
if (update_trust)
diff --git a/g10/keygen.c b/g10/keygen.c
index 769e193..4b0398a 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -4487,7 +4487,7 @@ gen_card_key (int algo, int keyno, int is_primary, kbnode_t pub_root,
/* Send the learn command so that the agent creates a shadow key for
card key. We need to do that now so that we are able to create
the self-signatures. */
- err = agent_scd_learn (NULL);
+ err = agent_scd_learn (NULL, 0);
if (err)
{
/* Oops: Card removed during generation. */
commit 4ffadb74b3ada8a5d69ef8d87f4326df9bd97e97
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Fri Apr 3 17:33:11 2015 +0900
agent: Add --force option for LEARN.
* agent/command.c (cmd_learn): Handle --force option.
(cmd_keytocard): Don't update key storage file.
* agent/agent.h (agent_handle_learn): Add FORCE.
* agent/learncard.c (agent_handle_learn): Implement FORCE to update
key stroage file.
--
diff --git a/agent/agent.h b/agent/agent.h
index f60061e..d61e634 100644
--- a/agent/agent.h
+++ b/agent/agent.h
@@ -495,7 +495,7 @@ int agent_card_scd (ctrl_t ctrl, const char *cmdline,
/*-- learncard.c --*/
-int agent_handle_learn (ctrl_t ctrl, int send, void *assuan_context);
+int agent_handle_learn (ctrl_t ctrl, int send, void *assuan_context, int force);
/*-- cvt-openpgp.c --*/
diff --git a/agent/command.c b/agent/command.c
index 96fbf19..3188bbd 100644
--- a/agent/command.c
+++ b/agent/command.c
@@ -1655,25 +1655,27 @@ cmd_get_confirmation (assuan_context_t ctx, char *line)
static const char hlp_learn[] =
- "LEARN [--send][--sendinfo]\n"
+ "LEARN [--send] [--sendinfo] [--force]\n"
"\n"
"Learn something about the currently inserted smartcard. With\n"
"--sendinfo information about the card is returned; with --send\n"
- "the available certificates are returned as D lines.";
+ "the available certificates are returned as D lines; with --force\n"
+ "private key storage will be updated by the result.";
static gpg_error_t
cmd_learn (assuan_context_t ctx, char *line)
{
ctrl_t ctrl = assuan_get_pointer (ctx);
gpg_error_t err;
- int send, sendinfo;
+ int send, sendinfo, force;
send = has_option (line, "--send");
sendinfo = send? 1 : has_option (line, "--sendinfo");
+ force = has_option (line, "--force");
if (ctrl->restricted)
return leave_cmd (ctx, gpg_error (GPG_ERR_FORBIDDEN));
- err = agent_handle_learn (ctrl, send, sendinfo? ctx : NULL);
+ err = agent_handle_learn (ctrl, send, sendinfo? ctx : NULL, force);
return leave_cmd (ctx, err);
}
@@ -2409,12 +2411,10 @@ cmd_keytocard (assuan_context_t ctx, char *line)
gpg_error_t err = 0;
unsigned char grip[20];
gcry_sexp_t s_skey = NULL;
- gcry_sexp_t s_pkey = NULL;
unsigned char *keydata;
size_t keydatalen, timestamplen;
const char *serialno, *timestamp_str, *id;
unsigned char *shadow_info = NULL;
- unsigned char *shdkey;
time_t timestamp;
if (ctrl->restricted)
@@ -2492,48 +2492,8 @@ cmd_keytocard (assuan_context_t ctx, char *line)
snprintf (keydata+keydatalen-1, 30, "(10:created-at10:%010lu))", timestamp);
keydatalen += 10 + 19 - 1;
err = divert_writekey (ctrl, force, serialno, id, keydata, keydatalen);
- if (err)
- {
- xfree (keydata);
- goto leave;
- }
- xfree (keydata);
-
- err = agent_public_key_from_file (ctrl, grip, &s_pkey);
- if (err)
- goto leave;
-
- shadow_info = make_shadow_info (serialno, id);
- if (!shadow_info)
- {
- err = gpg_error (GPG_ERR_ENOMEM);
- gcry_sexp_release (s_pkey);
- goto leave;
- }
- keydatalen = gcry_sexp_sprint (s_pkey, GCRYSEXP_FMT_CANON, NULL, 0);
- keydata = xtrymalloc (keydatalen);
- if (keydata == NULL)
- {
- err = gpg_error_from_syserror ();
- gcry_sexp_release (s_pkey);
- goto leave;
- }
- gcry_sexp_sprint (s_pkey, GCRYSEXP_FMT_CANON, keydata, keydatalen);
- gcry_sexp_release (s_pkey);
- err = agent_shadow_key (keydata, shadow_info, &shdkey);
xfree (keydata);
- xfree (shadow_info);
- if (err)
- {
- log_error ("shadowing the key failed: %s\n", gpg_strerror (err));
- goto leave;
- }
-
- keydatalen = gcry_sexp_canon_len (shdkey, 0, NULL, NULL);
- err = agent_write_private_key (grip, shdkey, keydatalen, 1);
- xfree (shdkey);
- leave:
return leave_cmd (ctx, err);
}
diff --git a/agent/learncard.c b/agent/learncard.c
index 62569ce..e0f2340 100644
--- a/agent/learncard.c
+++ b/agent/learncard.c
@@ -299,7 +299,7 @@ send_cert_back (ctrl_t ctrl, const char *id, void *assuan_context)
/* Perform the learn operation. If ASSUAN_CONTEXT is not NULL and
SEND is true all new certificates are send back via Assuan. */
int
-agent_handle_learn (ctrl_t ctrl, int send, void *assuan_context)
+agent_handle_learn (ctrl_t ctrl, int send, void *assuan_context, int force)
{
int rc;
@@ -399,7 +399,7 @@ agent_handle_learn (ctrl_t ctrl, int send, void *assuan_context)
for (p=item->hexgrip, i=0; i < 20; p += 2, i++)
grip[i] = xtoi_2 (p);
- if (!agent_key_available (grip))
+ if (!force && !agent_key_available (grip))
continue; /* The key is already available. */
/* Unknown key - store it. */
@@ -430,7 +430,7 @@ agent_handle_learn (ctrl_t ctrl, int send, void *assuan_context)
n = gcry_sexp_canon_len (shdkey, 0, NULL, NULL);
assert (n);
- rc = agent_write_private_key (grip, shdkey, n, 0);
+ rc = agent_write_private_key (grip, shdkey, n, force);
xfree (shdkey);
if (rc)
{
-----------------------------------------------------------------------
Summary of changes:
agent/agent.h | 2 +-
agent/command.c | 52 ++++++----------------------------------------------
agent/learncard.c | 6 +++---
g10/call-agent.c | 5 +++--
g10/call-agent.h | 2 +-
g10/card-util.c | 6 +++---
g10/keyedit.c | 21 ++++++++++++++++-----
g10/keygen.c | 2 +-
8 files changed, 34 insertions(+), 62 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list