[PATCH 2/4] clarify gpgkey2ssh usage

Daniel Kahn Gillmor dkg at fifthhorseman.net
Tue Oct 27 22:09:41 CET 2015


 * tools/gpgkey2ssh.c: (main) improve gpgkey2ssh usage and error
   reporting

--

This update makes the tool marginally more intelligible to a normal
user, without changing its behavior.

Signed-Off-By: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
---
 tools/gpgkey2ssh.c | 43 ++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 40 insertions(+), 3 deletions(-)

diff --git a/tools/gpgkey2ssh.c b/tools/gpgkey2ssh.c
index d22c5ac..3b4b076 100644
--- a/tools/gpgkey2ssh.c
+++ b/tools/gpgkey2ssh.c
@@ -34,10 +34,13 @@
 #include <assert.h>
 #include <stdio.h>
 #include <errno.h>
+#include <ctype.h>
 
 #include "util.h"
 #include "sysutils.h"
 
+#define PGM "gpgkey2ssh"
+
 
 
 typedef struct pkdbuf
@@ -75,7 +78,7 @@ retrieve_key_material (FILE *fp, const char *hexkeyid, int *algorithm_id,
   id = 0;
 
   /* Loop over all records until we have found the subkey
-     corresponsing to the fingerprint. Inm general the first record
+     corresponding to the fingerprint. In general the first record
      should be the pub record, but we don't rely on that.  Given that
      we only need to look at one key, it is sufficient to compare the
      keyid so that we don't need to look at "fpr" records. */
@@ -242,6 +245,16 @@ key_to_blob (unsigned char **blob, size_t *blob_n, const char *identifier, ...)
 }
 
 int
+gpgkey2ssh_usage (int n, FILE* f)
+{
+  fprintf(f, "Usage: " PGM " KEYID\n");
+  fprintf(f, "   KEYID must be a 16 hex-digit OpenPGP long key ID\n");
+  fprintf(f, "   an OpenSSH-style public key line produced\n");
+  fprintf(f, "   (only RSA and DSA keys are supported)\n");
+  return n;
+}
+
+int
 main (int argc, char **argv)
 {
   const char *keyid;
@@ -256,6 +269,8 @@ main (int argc, char **argv)
   size_t blob_n;
   struct b64state b64_state;
   const char *identifier;
+  off_t n;
+  size_t arglen;
 
   pkdbuf = NULL;
   pkdbuf_n = 0;
@@ -263,10 +278,19 @@ main (int argc, char **argv)
   algorithm_id = 0;  /* (avoid cc warning) */
   identifier = NULL; /* (avoid cc warning) */
 
-  assert (argc == 2);
+  if (argc != 2)
+    return gpgkey2ssh_usage(1, stderr);
 
   keyid = argv[1];
 
+  arglen = strlen(keyid);
+  if (arglen != 16)
+    return gpgkey2ssh_usage(1, stderr);
+
+  for (n = 0; n < arglen; n++)
+    if (!isxdigit(keyid[n]))
+      return gpgkey2ssh_usage(1, stderr);
+
   ret = asprintf (&command,
 		  "gpg --list-keys --with-colons --with-key-data '%s'",
 		  keyid);
@@ -277,7 +301,20 @@ main (int argc, char **argv)
 
   err = retrieve_key_material (fp, keyid, &algorithm_id, &pkdbuf, &pkdbuf_n);
   assert (! err);
-  assert ((algorithm_id == 1) || (algorithm_id == 17));
+
+  if (algorithm_id == 0)
+    {
+      fprintf(stderr, PGM ": no key found matching keyid %s.\n", keyid);
+      return 1;
+    }
+  
+  if (!((algorithm_id == 1) || (algorithm_id == 17)))
+    {
+      fprintf(stderr, PGM ": The key %s is algorithm %d,"
+              "which is neither RSA (1) nor DSA (17).\n",
+              keyid, algorithm_id);
+      return 1;
+    }
 
   if (algorithm_id == 1)
     {
-- 
2.6.1




More information about the Gnupg-devel mailing list