gpg: Improve the code to decrypt using PIV cards.

* g10/call-agent.c (agent_scd_keypairinfo): Add arg 'keyref'. * g10/keygen.c (ask_algo): Adjust. * g10/skclist.c (enum_secret_keys): Request the keyref directly. -- This improves commit ec6a677923 to avoid looping over all keypairinfos. This way scdaemon does not need to compute all the keypairinfos for all keys of a card. This patch is possible due the enhanced READKEY command in scdaemon. Signed-off-by: Werner Koch <wk@gnupg.org>
2025-07-03 22:56:33 +02:00 · 2019-04-03 17:45:35 +02:00 · 2019-04-03 17:45:35 +02:00 · 2c9b68f28d
commit 2c9b68f28d
parent 679b8f1c04
4 changed files with 26 additions and 25 deletions
--- a/g10/call-agent.c
+++ b/g10/call-agent.c
@ -824,13 +824,15 @@ scd_keypairinfo_status_cb (void *opaque, const char *line)
 /* Read the keypairinfo lines of the current card directly from
 * scdaemon.  The list is returned as a string made up of the keygrip,
 * a space and the keyref.  The flags of the string carry the usage
- * bits. */
+ * bits.  If KEYREF is not NULL, only a single string is returned
+ * which matches the given keyref. */
 gpg_error_t
-agent_scd_keypairinfo (ctrl_t ctrl, strlist_t *r_list)
+agent_scd_keypairinfo (ctrl_t ctrl, const char *keyref, strlist_t *r_list)
 {
  gpg_error_t err;
  strlist_t list = NULL;
  struct default_inq_parm_s inq_parm;
+  char line[ASSUAN_LINELENGTH];

  *r_list = NULL;
  err= start_agent (ctrl, 1);
@ -839,7 +841,12 @@ agent_scd_keypairinfo (ctrl_t ctrl, strlist_t *r_list)
  memset (&inq_parm, 0, sizeof inq_parm);
  inq_parm.ctx = agent_ctx;

-  err = assuan_transact (agent_ctx, "SCD LEARN --keypairinfo",
+  if (keyref)
+    snprintf (line, DIM(line), "SCD READKEY --info-only %s", keyref);
+  else
+    snprintf (line, DIM(line), "SCD LEARN --keypairinfo");
+
+  err = assuan_transact (agent_ctx, line,
                         NULL, NULL,
                         default_inq_cb, &inq_parm,
                         scd_keypairinfo_status_cb, &list);