scd: Format change to specify "rsa2048" for KEY-ATTR.

NIIBE Yutaka gniibe at fsij.org
Thu Jul 23 07:17:59 CEST 2015 

Hello,

While new OpenPGPcard supports keys other than RSA, here is
a kind of clean up.  I'm going to push this.

More will come soon.

    * g10/card-util.c (do_change_keysize): Put "rsa".
    * scd/app-openpgp.c (change_keyattr, change_keyattr_from_string):
    Change the command format.
    (rsa_writekey): Check key type.
    (do_writekey): Remove "ecdh" and "ecdsa" support which was available
    in experimental libgcrypt before 1.6.0.

diff --git a/g10/card-util.c b/g10/card-util.c
index dbd530e..890bf2d 100644
--- a/g10/card-util.c
+++ b/g10/card-util.c
@@ -1332,7 +1332,7 @@ do_change_keysize (int keyno, unsigned int nbits)
   gpg_error_t err;
   char args[100];

-  snprintf (args, sizeof args, "--force %d 1 %u", keyno+1, nbits);
+  snprintf (args, sizeof args, "--force %d 1 rsa%u", keyno+1, nbits);
   err = agent_scd_setattr ("KEY-ATTR", args, strlen (args), NULL);
   if (err)
     log_error (_("error changing size of key %d to %u bits: %s\n"),
diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c
index 5ca526c..81b4923 100644
--- a/scd/app-openpgp.c
+++ b/scd/app-openpgp.c
@@ -2848,7 +2848,7 @@ change_keyattr (app_t app, int keyno, const unsigned char *buf, size_t buflen,

 /* Helper to process an setattr command for name KEY-ATTR.
    In (VALUE,VALUELEN), it expects following string:
-        RSA: "--force <keyno> <algo> <nbits>"
+        RSA: "--force <keyno> <algo> rsa<nbits>"
         ECC: "--force <keyno> <algo> <curvename>"
   */
 static gpg_error_t
@@ -2887,7 +2887,7 @@ change_keyattr_from_string (app_t app,
       unsigned int nbits;

       errno = 0;
-      nbits = strtoul (string+n, NULL, 10);
+      nbits = strtoul (string+n+3, NULL, 10);
       if (errno)
         err = gpg_error (GPG_ERR_INV_DATA);
       else if (nbits < 1024)
@@ -2985,6 +2985,13 @@ rsa_writekey (app_t app, gpg_error_t (*pincb)(void*, const char *, char **),
   unsigned char fprbuf[20];
   u32 created_at = 0;

+  if (app->app_local->keyattr[keyno].key_type != KEY_TYPE_RSA)
+    {
+      log_error (_("unsupported algorithm: %s"), "RSA");
+      err = gpg_error (GPG_ERR_INV_VALUE);
+      goto leave;
+    }
+
   last_depth1 = depth;
   while (!(err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen))
          && depth && depth >= last_depth1)
@@ -3519,10 +3526,7 @@ do_writekey (app_t app, ctrl_t ctrl,
     goto leave;
   if (tok && toklen == 3 && memcmp ("rsa", tok, toklen) == 0)
     err = rsa_writekey (app, pincb, pincb_arg, keyno, buf, buflen, depth);
-  else if (tok
-           && ((toklen == 3 && memcmp ("ecc", tok, toklen) == 0)
-               || (toklen == 4 && memcmp ("ecdh", tok, toklen) == 0)
-               || (toklen == 5 && memcmp ("ecdsa", tok, toklen) == 0)))
+  else if (tok && toklen == 3 && memcmp ("ecc", tok, toklen) == 0)
     err = ecc_writekey (app, pincb, pincb_arg, keyno, buf, buflen, depth);
   else
     {
--

More information about the Gnupg-devel mailing list