security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-21 14:47:03 +01:00
Code Activity

gpg: Make card key generation work again.

Browse Source 
* g10/call-agent.c (agent_scd_learn): Rename from agent_learn.
(agent_learn): New.
* g10/keygen.c (gen_card_key): Call new agent-learn.
--

Without a shadow key we can't create the self-signatures.  Thus we
need to issue the learn command after each key generation.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2014-10-19 14:09:04 +02:00
parent 6d9491842d
commit 1b8decc476
4 changed files with 44 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
g10/call-agent.c
View File

@ -639,9 +639,9 @@ learn_status_cb (void *opaque, const char *line)
return 0; return 0;
} }
/* Call the agent to learn about a smartcard */ /* Call the scdaemon to learn about a smartcard */
int int
agent_learn (struct agent_card_info_s *info) agent_scd_learn (struct agent_card_info_s *info)
{ {
int rc; int rc;
struct default_inq_parm_s parm; struct default_inq_parm_s parm;
@ -677,6 +677,29 @@ agent_learn (struct agent_card_info_s *info)
} }
/* Call the agent to learn about the current smartcard. This is
currently only used to have the agent create the shadow key. */
gpg_error_t
agent_learn (void)
{
gpg_error_t err;
struct default_inq_parm_s parm;
memset (&parm, 0, sizeof parm);
err = start_agent (NULL, 1);
if (err)
return err;
parm.ctx = agent_ctx;
err = assuan_transact (agent_ctx, "LEARN",
dummy_data_cb, NULL, default_inq_cb, &parm,
NULL, NULL);
return err;
}
int int
agent_keytocard (const char *hexgrip, int keyno, int force, agent_keytocard (const char *hexgrip, int keyno, int force,
const char *serialno, const char *timestamp) const char *serialno, const char *timestamp)

5
g10/call-agent.h
View File

@ -76,7 +76,10 @@ struct agent_card_genkey_s {
void agent_release_card_info (struct agent_card_info_s *info); void agent_release_card_info (struct agent_card_info_s *info);
/* Return card info. */ /* Return card info. */
int agent_learn (struct agent_card_info_s *info); int agent_scd_learn (struct agent_card_info_s *info);
/* Let the agent learn about the current card. */
gpg_error_t agent_learn (void);
/* Update INFO with the attribute NAME. */ /* Update INFO with the attribute NAME. */
int agent_scd_getattr (const char *name, struct agent_card_info_s *info); int agent_scd_getattr (const char *name, struct agent_card_info_s *info);

4
g10/card-util.c
View File

@ -80,7 +80,7 @@ change_pin (int unblock_v2, int allow_admin)
struct agent_card_info_s info; struct agent_card_info_s info;
int rc; int rc;
rc = agent_learn (&info); rc = agent_scd_learn (&info);
if (rc) if (rc)
{ {
log_error (_("OpenPGP card not available: %s\n"), log_error (_("OpenPGP card not available: %s\n"),
@ -370,7 +370,7 @@ card_status (estream_t fp, char *serialno, size_t serialnobuflen)
if (serialno && serialnobuflen) if (serialno && serialnobuflen)
*serialno = 0; *serialno = 0;
rc = agent_learn (&info); rc = agent_scd_learn (&info);
if (rc) if (rc)
{ {
if (opt.with_colons) if (opt.with_colons)

13
g10/keygen.c
View File

@ -4510,6 +4510,19 @@ gen_card_key (int algo, int keyno, int is_primary, kbnode_t pub_root,
return err; return err;
} }
/* Send the learn command so that the agent creates a shadow key for
card key. We need to do that now so that we are able to create
the self-signatures. */
err = agent_learn ();
if (err)
{
/* Oops: Card removed during generation. */
log_error (_("OpenPGP card not available: %s\n"), gpg_strerror (err));
xfree (pkt);
xfree (pk);
return err;
}
if (*timestamp != info.created_at) if (*timestamp != info.created_at)
log_info ("NOTE: the key does not use the suggested creation date\n"); log_info ("NOTE: the key does not use the suggested creation date\n");
*timestamp = info.created_at; *timestamp = info.created_at;