kbx/

* keybox.h (KEYBOX_FLAG_BLOB_SECRET, KEYBOX_FLAG_BLOB_EPHEMERAL):
	New.
	* keybox-update.c (keybox_compress): Use it here instead of a
	magic constant.
sm/
	* fingerprint.c (gpgsm_get_fingerprint): Add caching.
	(gpgsm_get_fingerprint_string): Use bin2hexcolon().
	(gpgsm_get_fingerprint_hexstring): Use bin2hex and allocate only
	as much memory as required.
	(gpgsm_get_keygrip_hexstring): Use bin2hex.

	* certchain.c (gpgsm_validate_chain): Keep track of the
	certificate chain and reset the ephemeral flags.
	* keydb.c (keydb_set_cert_flags): New args EPHEMERAL and MASK.
	Changed caller to use a mask of ~0.  Return a proper error code if
	the certificate is not available.

kbx/ChangeLog

@@ -1,3 +1,10 @@
+2007-03-20  Werner Koch  <wk@g10code.com>
+
+	* keybox.h (KEYBOX_FLAG_BLOB_SECRET, KEYBOX_FLAG_BLOB_EPHEMERAL):
+	New.
+	* keybox-update.c (keybox_compress): Use it here instead of a
+	magic constant.
+
 2007-01-31  Werner Koch  <wk@g10code.com>
 
 	* Makefile.am (kbxutil_LDADD): Use GPG_ERROR_LIBS instead of -l.

kbx/keybox-blob.c

@@ -23,7 +23,7 @@
 /* The keybox data formats
 
 The KeyBox uses an augmented OpenPGP/X.509 key format.  This makes
-random access to a keyblock/Certificate easier and also gives the
+random access to a keyblock/certificate easier and also gives the
 opportunity to store additional information (e.g. the fingerprint)
 along with the key.  All integers are stored in network byte order,
 offsets are counted from the beginning of the Blob.

kbx/keybox-search.c

@@ -828,7 +828,7 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc)
 
       blobflags = blob_get_blob_flags (blob);
       if (!hd->ephemeral && (blobflags & 2))
-        continue; /* not in ephemeral mode but blob is flagged ephemeral */
+        continue; /* Not in ephemeral mode but blob is flagged ephemeral.  */
 
       for (n=0; n < ndesc; n++) 
         {

kbx/keybox-update.c

@@ -452,7 +452,7 @@ keybox_set_flags (KEYBOX_HANDLE hd, int what, int idx, unsigned int value)
   ec = _keybox_get_flag_location (buffer, length, what, &flag_pos, &flag_size);
   if (ec)
     return gpg_error (ec);
-
+  
   off += flag_pos;
 
   if (hd->fp)
@@ -631,7 +631,7 @@ keybox_compress (KEYBOX_HANDLE hd)
 
   
   /* Processing loop.  By reading using _keybox_read_blob we
-     automagically skip and blobs flagged as deleted.  Thus what we
+     automagically skip any blobs flagged as deleted.  Thus what we
      only have to do is to check all ephemeral flagged blocks whether
      their time has come and write out all other blobs. */
   cut_time = time(NULL) - 86400;
@@ -682,7 +682,7 @@ keybox_compress (KEYBOX_HANDLE hd)
           break;
         }
       blobflags = ((buffer[pos] << 8) | (buffer[pos+1]));
-      if ((blobflags & 2))
+      if ((blobflags & KEYBOX_FLAG_BLOB_EPHEMERAL))
         {
           /* This is an ephemeral blob. */
           if (_keybox_get_flag_location (buffer, length, 

kbx/keybox.h

@@ -58,6 +58,11 @@ typedef enum
     KEYBOX_FLAG_CREATED_AT  /* The date the block was created. */
   } keybox_flag_t;
 
+/* Flag values used with KEYBOX_FLAG_BLOB.  */
+#define KEYBOX_FLAG_BLOB_SECRET     1
+#define KEYBOX_FLAG_BLOB_EPHEMERAL  2
+
+
 
 /*-- keybox-init.c --*/
 void *keybox_register_file (const char *fname, int secret);