security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00
Code Activity

card: Tweak the checkcmds sub-command.

Browse Source 
* tools/gpg-card.c (cmd_checkkeys): Skip not found keys.
This commit is contained in:
Werner Koch 2024-01-25 10:00:13 +01:00
parent 6481d410ec
commit 2a4180812a
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
2 changed files with 42 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
doc/gpg-card.texi
View File

@ -316,6 +316,40 @@ Write a private key object identified by @var{keygrip} to the card
under the id @var{keyref}. Option @option{--force} allows overwriting under the id @var{keyref}. Option @option{--force} allows overwriting
an existing key. an existing key.
@item CHECKKEYS [--ondisk] [--delete-clear-copy] [--delete-protected-copy]
@opindex checkkeys
Print a list of keys noticed on all inserted cards. With
@option{--ondisk} only smartcard keys with a copy on disk are listed.
With @option{--delete-clear-copy} copies of smartcard keys stored on
disk without any protection will be deleted. With
@option{--delete-protected-copy} password protected copies of
smartcard keys stored on disk will be deleted.
This command creates missing shadow keys. The delete options print
the status of the keys before they are deleted.
The format of the output is:
@table @var
@item Serial number
A hex-string with the serial number of the card.
@item Type
This gives the type of the card's application. For example "OpenPGP"
or "PIV".
@item Keygrip
A hex-string identifying a key.
@item Keyref
The application slot where the key is stored on the card. For example
"OpenPGP.1"
@item Status
The status of the key. The most common value is "shadowed" for a key
where only the public key along with the card's serial number is
stored on the disk. The value "clear" indicates that a copy of the
card's key is stored unprotected on disk. The value "protected"
indicated that a copy of the car's key is stored on disk but is
protected by a password. The value "error" may also be shown if there
was a problem reading information from the card.
@end table
@item YUBIKEY @var{cmd} @var{args} @item YUBIKEY @var{cmd} @var{args}
@opindex yubikey @opindex yubikey
Various commands pertaining to Yubikey tokens with @var{cmd} being: Various commands pertaining to Yubikey tokens with @var{cmd} being:

13
tools/gpg-card.c
View File

@ -1397,11 +1397,12 @@ cmd_checkkeys (card_info_t callerinfo, char *argstr)
if (!callerinfo) if (!callerinfo)
return print_help return print_help
("CHECKKEYS [--ondisk] [--delete-clear-copy]\n\n" ("CHECKKEYS [--ondisk] [--delete-clear-copy] [--delete-protected-copy]"
"\n\n"
"Print a list of keys on all inserted cards. With --ondisk only\n" "Print a list of keys on all inserted cards. With --ondisk only\n"
"keys are listed which also have a copy on disk. Missing shadow\n" "keys are listed which also have a copy on disk. Missing shadow\n"
"keys are created. With --delete-clear, copies of keys also stored\n" "keys are created. With --delete-clear-copy, copies of keys also\n"
"on disk without any protection will be deleted.\n" "stored on disk without any protection will be deleted.\n"
, 0); , 0);
@ -1461,11 +1462,13 @@ cmd_checkkeys (card_info_t callerinfo, char *argstr)
scd_readkey (kinfo->keyref, 1, NULL); scd_readkey (kinfo->keyref, 1, NULL);
err = scd_havekey_info (kinfo->grip, &infostr); err = scd_havekey_info (kinfo->grip, &infostr);
} }
if (err) if (err && gpg_err_code (err) != GPG_ERR_NOT_FOUND)
log_error ("Error getting infos for a key: %s\n", log_error ("Error getting infos for a key: %s\n",
gpg_strerror (err)); gpg_strerror (err));
if (opt_ondisk && infostr && !strcmp (infostr, "shadowed")) if (gpg_err_code (err) == GPG_ERR_NOT_FOUND)
; /* does not make sense to show this. */
else if (opt_ondisk && infostr && !strcmp (infostr, "shadowed"))
; /* Don't print this one. */ ; /* Don't print this one. */
else else
{ {