[git] GnuPG - branch, master, updated. gnupg-2.2.7-367-g0328976
by Werner Koch
cvs at cvs.gnupg.org
Fri Feb 8 12:35:52 CET 2019
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 0328976c94adc2c518c7a7763a35319a0000c5e2 (commit)
via 03bf8e967adb2dd13329ba1089deb419d49e55c0 (commit)
from a1cb4a940f308ba21ecc002b044efccf0c547784 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 0328976c94adc2c518c7a7763a35319a0000c5e2
Author: Werner Koch <wk at gnupg.org>
Date: Fri Feb 8 12:35:26 2019 +0100
sm: In --gen-key with "key from card" show also the algorithm.
* sm/certreqgen-ui.c (gpgsm_gencertreq_tty): Get and show algo.
--
This extends the prompt to show something like
Serial number of the card: FF020001008A77F6
Available keys:
(1) 4130F84FA3704F4645924AEC3FFA48AD26D33656 PIV.9A nistp384
(2) AB2988FB8C227BCD5175BF92F66AA3A95AE83214 PIV.9E rsa2048
(3) DB7DDAEAA88534BA45CCD7A9B761425103EA2090 PIV.9C rsa2048
(4) BABB48C3D80ACCF9839F101DF2910966C8B988DF PIV.9D nistp256
Your selection? 1
Having the algorithm here is helpful in particular because right now
we support only RSA with X.509. Take care: PIV card based certificate
creation does not yet work.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/sm/certreqgen-ui.c b/sm/certreqgen-ui.c
index f64baf3..70e5739 100644
--- a/sm/certreqgen-ui.c
+++ b/sm/certreqgen-ui.c
@@ -244,7 +244,27 @@ gpgsm_gencertreq_tty (ctrl_t ctrl, estream_t output_stream)
{
tty_printf (_("Available keys:\n"));
for (count=1,sl=keypairlist; sl; sl = sl->next, count++)
- tty_printf (" (%d) %s\n", count, sl->d);
+ {
+ ksba_sexp_t pkey;
+ gcry_sexp_t s_pkey;
+ char *algostr = NULL;
+ const char *keyref;
+
+ keyref = strchr (sl->d, ' ');
+ if (keyref)
+ {
+ keyref++;
+ if (!gpgsm_agent_readkey (ctrl, 1, keyref, &pkey))
+ {
+ if (!gcry_sexp_new (&s_pkey, pkey, 0, 0))
+ algostr = pubkey_algo_string (s_pkey);
+ gcry_sexp_release (s_pkey);
+ }
+ xfree (pkey);
+ }
+ tty_printf (" (%d) %s %s\n", count, sl->d, algostr);
+ xfree (algostr);
+ }
xfree (answer);
answer = tty_get (_("Your selection? "));
tty_kill_prompt ();
commit 03bf8e967adb2dd13329ba1089deb419d49e55c0
Author: Werner Koch <wk at gnupg.org>
Date: Fri Feb 8 12:10:45 2019 +0100
common: Provide function to get public key algo names in our format.
* tools/card-tool-misc.c (pubkey_algo_string): Move to ...
* common/sexputil.c (pubkey_algo_string): here.
--
The new gpg format for public key algorithms is useful at other places
as well. Thus we make this new function available. Note that the
code we use in gpg is not based on s-expressions and thus a new
function was required.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/common/sexputil.c b/common/sexputil.c
index 02e52d0..d3020e1 100644
--- a/common/sexputil.c
+++ b/common/sexputil.c
@@ -577,3 +577,61 @@ get_pk_algo_from_canon_sexp (const unsigned char *keydata, size_t keydatalen)
gcry_sexp_release (sexp);
return algo;
}
+
+
+/* Given the public key S_PKEY, return a new buffer with a descriptive
+ * string for its algorithm. This function may return NULL on memory
+ * error. */
+char *
+pubkey_algo_string (gcry_sexp_t s_pkey)
+{
+ const char *prefix;
+ gcry_sexp_t l1;
+ char *algoname;
+ int algo;
+ char *result;
+
+ l1 = gcry_sexp_find_token (s_pkey, "public-key", 0);
+ if (!l1)
+ return xtrystrdup ("E_no_key");
+ {
+ gcry_sexp_t l_tmp = gcry_sexp_cadr (l1);
+ gcry_sexp_release (l1);
+ l1 = l_tmp;
+ }
+ algoname = gcry_sexp_nth_string (l1, 0);
+ gcry_sexp_release (l1);
+ if (!algoname)
+ return xtrystrdup ("E_no_algo");
+
+ algo = gcry_pk_map_name (algoname);
+ switch (algo)
+ {
+ case GCRY_PK_RSA: prefix = "rsa"; break;
+ case GCRY_PK_ELG: prefix = "elg"; break;
+ case GCRY_PK_DSA: prefix = "dsa"; break;
+ case GCRY_PK_ECC: prefix = ""; break;
+ default: prefix = NULL; break;
+ }
+
+ if (prefix && *prefix)
+ result = xtryasprintf ("%s%u", prefix, gcry_pk_get_nbits (s_pkey));
+ else if (prefix)
+ {
+ const char *curve = gcry_pk_get_curve (s_pkey, 0, NULL);
+ const char *name = openpgp_oid_to_curve
+ (openpgp_curve_to_oid (curve, NULL), 0);
+
+ if (name)
+ result = xtrystrdup (name);
+ else if (curve)
+ result = xtryasprintf ("X_%s", curve);
+ else
+ result = xtrystrdup ("E_unknown");
+ }
+ else
+ result = xtryasprintf ("X_algo_%d", algo);
+
+ xfree (algoname);
+ return result;
+}
diff --git a/common/util.h b/common/util.h
index 863f9e3..d5bb225 100644
--- a/common/util.h
+++ b/common/util.h
@@ -189,6 +189,7 @@ gpg_error_t get_rsa_pk_from_canon_sexp (const unsigned char *keydata,
int get_pk_algo_from_key (gcry_sexp_t key);
int get_pk_algo_from_canon_sexp (const unsigned char *keydata,
size_t keydatalen);
+char *pubkey_algo_string (gcry_sexp_t s_pkey);
/*-- convert.c --*/
int hex2bin (const char *string, void *buffer, size_t length);
diff --git a/tools/card-tool-misc.c b/tools/card-tool-misc.c
index 5e0461c..06fcb67 100644
--- a/tools/card-tool-misc.c
+++ b/tools/card-tool-misc.c
@@ -77,61 +77,3 @@ hex_to_buffer (const char *string, size_t *r_length)
*r_length = n;
return buffer;
}
-
-
-
-/* Given the public key S_PKEY, return a new buffer with a descriptive
- * string for its algorithm. This function always returns a string. */
-char *
-pubkey_algo_string (gcry_sexp_t s_pkey)
-{
- const char *prefix;
- gcry_sexp_t l1;
- char *algoname;
- int algo;
- char *result;
-
- l1 = gcry_sexp_find_token (s_pkey, "public-key", 0);
- if (!l1)
- return xstrdup ("E_no_key");
- {
- gcry_sexp_t l_tmp = gcry_sexp_cadr (l1);
- gcry_sexp_release (l1);
- l1 = l_tmp;
- }
- algoname = gcry_sexp_nth_string (l1, 0);
- gcry_sexp_release (l1);
- if (!algoname)
- return xstrdup ("E_no_algo");
-
- algo = gcry_pk_map_name (algoname);
- switch (algo)
- {
- case GCRY_PK_RSA: prefix = "rsa"; break;
- case GCRY_PK_ELG: prefix = "elg"; break;
- case GCRY_PK_DSA: prefix = "dsa"; break;
- case GCRY_PK_ECC: prefix = ""; break;
- default: prefix = NULL; break;
- }
-
- if (prefix && *prefix)
- result = xasprintf ("%s%u", prefix, gcry_pk_get_nbits (s_pkey));
- else if (prefix)
- {
- const char *curve = gcry_pk_get_curve (s_pkey, 0, NULL);
- const char *name = openpgp_oid_to_curve
- (openpgp_curve_to_oid (curve, NULL), 0);
-
- if (name)
- result = xstrdup (name);
- else if (curve)
- result = xasprintf ("X_%s", curve);
- else
- result = xstrdup ("E_unknown");
- }
- else
- result = xasprintf ("X_algo_%d", algo);
-
- xfree (algoname);
- return result;
-}
diff --git a/tools/card-tool.h b/tools/card-tool.h
index 9daf7e4..f49f253 100644
--- a/tools/card-tool.h
+++ b/tools/card-tool.h
@@ -192,8 +192,6 @@ gpg_error_t test_get_matching_keys (const char *hexgrip);
/*-- card-tool-misc.c --*/
key_info_t find_kinfo (card_info_t info, const char *keyref);
void *hex_to_buffer (const char *string, size_t *r_length);
-char *pubkey_algo_string (gcry_sexp_t s_pkey);
-
/*-- card-call-scd.c --*/
void release_card_info (card_info_t info);
-----------------------------------------------------------------------
Summary of changes:
common/sexputil.c | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++
common/util.h | 1 +
sm/certreqgen-ui.c | 22 ++++++++++++++++++-
tools/card-tool-misc.c | 58 --------------------------------------------------
tools/card-tool.h | 2 --
5 files changed, 80 insertions(+), 61 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list