[PATCH] Bug fix of keytocard and support ECC key attributes

NIIBE Yutaka gniibe at fsij.org
Fri Feb 22 03:27:08 CET 2013 

Now, I am testing ECDSA authentication with Gnuk.

It is highly experimental, but current development version of Gnuk (in
the repository) works for me, with OpenSSH by ECDSA authentication.

We need to change GnuPG for supporting ECC card/token.  I'd like to
apply patches incrementally, from easy parts to difficult parts.

I won't apply changes where we haven't got answers yet, such as the
things related to modifications of OpenPGPcard specification.

This patch is for "gpg --card-status" to show ECDSA/ECDH key attributes
and "keytocard" bug fix.

Other changes needed are agent/ and scd/app-openpgp.c.

I think that we have consensus about showing ECDSA/ECDH key attributes.
I'll apply and push this changes to master.


diff --git a/g10/call-agent.c b/g10/call-agent.c
index 85a3f28..e3250fe 100644
--- a/g10/call-agent.c
+++ b/g10/call-agent.c
@@ -606,6 +606,10 @@ agent_keytocard (const char *hexgrip, int keyno, int force,
 {
   int rc;
   char line[ASSUAN_LINELENGTH];
+  struct default_inq_parm_s parm;
+
+  memset (&parm, 0, sizeof parm);
+  parm.ctx = agent_ctx;
 
   snprintf (line, DIM(line)-1, "KEYTOCARD %s%s %s OPENPGP.%d %s",
             force?"--force ": "", hexgrip, serialno, keyno, timestamp);
@@ -615,8 +619,8 @@ agent_keytocard (const char *hexgrip, int keyno, int force,
   if (rc)
     return rc;
 
-  rc = assuan_transact (agent_ctx, line, NULL, NULL, default_inq_cb,
-                        NULL, NULL, NULL);
+  rc = assuan_transact (agent_ctx, line, NULL, NULL, default_inq_cb, &parm,
+                        NULL, NULL);
   if (rc)
     return rc;
 
diff --git a/g10/card-util.c b/g10/card-util.c
index 75208cc..add8eed 100644
--- a/g10/card-util.c
+++ b/g10/card-util.c
@@ -550,7 +550,9 @@ card_status (estream_t fp, char *serialno, size_t serialnobuflen)
             tty_fprintf (fp, " %u%c",
                          info.key_attr[i].nbits,
                          info.key_attr[i].algo == 1? 'R':
-                         info.key_attr[i].algo == 17? 'D': '?');
+                         info.key_attr[i].algo == 17? 'D':
+                         info.key_attr[i].algo == 18? 'e':
+                         info.key_attr[i].algo == 19? 'E': '?');
           tty_fprintf (fp, "\n");
         }
       tty_fprintf (fp,    "Max. PIN lengths .: %d %d %d\n",
@@ -1560,7 +1562,7 @@ card_store_subkey (KBNODE node, int use)
 
   nbits = nbits_from_pk (pk);
 
-  if (!is_RSA (pk->pubkey_algo) || (!info.is_v2 && nbits != 1024) )
+  if (!info.is_v2 && nbits != 1024)
     {
       tty_printf ("You may only store a 1024 bit RSA key on the card\n");
       tty_printf ("\n");
--

More information about the Gnupg-devel mailing list