mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
gpg: Improve the code to decrypt using PIV cards.
* g10/call-agent.c (agent_scd_keypairinfo): Add arg 'keyref'. * g10/keygen.c (ask_algo): Adjust. * g10/skclist.c (enum_secret_keys): Request the keyref directly. -- This improves commit ec6a6779236a89d4784a6bb7de0def9cc0f9e8a4 to avoid looping over all keypairinfos. This way scdaemon does not need to compute all the keypairinfos for all keys of a card. This patch is possible due the enhanced READKEY command in scdaemon. Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
parent
679b8f1c04
commit
2c9b68f28d
@ -824,13 +824,15 @@ scd_keypairinfo_status_cb (void *opaque, const char *line)
|
|||||||
/* Read the keypairinfo lines of the current card directly from
|
/* Read the keypairinfo lines of the current card directly from
|
||||||
* scdaemon. The list is returned as a string made up of the keygrip,
|
* scdaemon. The list is returned as a string made up of the keygrip,
|
||||||
* a space and the keyref. The flags of the string carry the usage
|
* a space and the keyref. The flags of the string carry the usage
|
||||||
* bits. */
|
* bits. If KEYREF is not NULL, only a single string is returned
|
||||||
|
* which matches the given keyref. */
|
||||||
gpg_error_t
|
gpg_error_t
|
||||||
agent_scd_keypairinfo (ctrl_t ctrl, strlist_t *r_list)
|
agent_scd_keypairinfo (ctrl_t ctrl, const char *keyref, strlist_t *r_list)
|
||||||
{
|
{
|
||||||
gpg_error_t err;
|
gpg_error_t err;
|
||||||
strlist_t list = NULL;
|
strlist_t list = NULL;
|
||||||
struct default_inq_parm_s inq_parm;
|
struct default_inq_parm_s inq_parm;
|
||||||
|
char line[ASSUAN_LINELENGTH];
|
||||||
|
|
||||||
*r_list = NULL;
|
*r_list = NULL;
|
||||||
err= start_agent (ctrl, 1);
|
err= start_agent (ctrl, 1);
|
||||||
@ -839,7 +841,12 @@ agent_scd_keypairinfo (ctrl_t ctrl, strlist_t *r_list)
|
|||||||
memset (&inq_parm, 0, sizeof inq_parm);
|
memset (&inq_parm, 0, sizeof inq_parm);
|
||||||
inq_parm.ctx = agent_ctx;
|
inq_parm.ctx = agent_ctx;
|
||||||
|
|
||||||
err = assuan_transact (agent_ctx, "SCD LEARN --keypairinfo",
|
if (keyref)
|
||||||
|
snprintf (line, DIM(line), "SCD READKEY --info-only %s", keyref);
|
||||||
|
else
|
||||||
|
snprintf (line, DIM(line), "SCD LEARN --keypairinfo");
|
||||||
|
|
||||||
|
err = assuan_transact (agent_ctx, line,
|
||||||
NULL, NULL,
|
NULL, NULL,
|
||||||
default_inq_cb, &inq_parm,
|
default_inq_cb, &inq_parm,
|
||||||
scd_keypairinfo_status_cb, &list);
|
scd_keypairinfo_status_cb, &list);
|
||||||
|
@ -85,7 +85,8 @@ void agent_release_card_info (struct agent_card_info_s *info);
|
|||||||
int agent_scd_learn (struct agent_card_info_s *info, int force);
|
int agent_scd_learn (struct agent_card_info_s *info, int force);
|
||||||
|
|
||||||
/* Get the keypariinfo directly from scdaemon. */
|
/* Get the keypariinfo directly from scdaemon. */
|
||||||
gpg_error_t agent_scd_keypairinfo (ctrl_t ctrl, strlist_t *r_list);
|
gpg_error_t agent_scd_keypairinfo (ctrl_t ctrl, const char *keyref,
|
||||||
|
strlist_t *r_list);
|
||||||
|
|
||||||
/* Return list of cards. */
|
/* Return list of cards. */
|
||||||
int agent_scd_cardlist (strlist_t *result);
|
int agent_scd_cardlist (strlist_t *result);
|
||||||
|
@ -2254,7 +2254,7 @@ ask_algo (ctrl_t ctrl, int addmode, int *r_subkey_algo, unsigned int *r_usage,
|
|||||||
tty_printf (_("Serial number of the card: %s\n"), serialno);
|
tty_printf (_("Serial number of the card: %s\n"), serialno);
|
||||||
xfree (serialno);
|
xfree (serialno);
|
||||||
|
|
||||||
err = agent_scd_keypairinfo (ctrl, &keypairlist);
|
err = agent_scd_keypairinfo (ctrl, NULL, &keypairlist);
|
||||||
if (err)
|
if (err)
|
||||||
{
|
{
|
||||||
tty_printf (_("error reading the card: %s\n"),
|
tty_printf (_("error reading the card: %s\n"),
|
||||||
|
@ -450,38 +450,31 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk)
|
|||||||
/* KEY-FPR not supported by the card - get
|
/* KEY-FPR not supported by the card - get
|
||||||
* the key using the keygrip. */
|
* the key using the keygrip. */
|
||||||
char *keyref;
|
char *keyref;
|
||||||
strlist_t kplist, sl;
|
strlist_t kplist;
|
||||||
const char *s;
|
const char *s;
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
err = agent_scd_getattr_one ("$ENCRKEYID", &keyref);
|
err = agent_scd_getattr_one ("$ENCRKEYID", &keyref);
|
||||||
if (!err)
|
if (!err)
|
||||||
{
|
{
|
||||||
err = agent_scd_keypairinfo (ctrl, &kplist);
|
err = agent_scd_keypairinfo (ctrl, keyref,
|
||||||
|
&kplist);
|
||||||
if (!err)
|
if (!err)
|
||||||
{
|
|
||||||
for (sl = kplist; sl; sl = sl->next)
|
|
||||||
if ((s = strchr (sl->d, ' '))
|
|
||||||
&& !strcmp (s+1, keyref))
|
|
||||||
break;
|
|
||||||
if (sl)
|
|
||||||
{
|
{
|
||||||
c->fpr2[0] = '&';
|
c->fpr2[0] = '&';
|
||||||
for (i=1, s=sl->d;
|
for (i=1, s=kplist->d;
|
||||||
(*s && *s != ' '
|
(*s && *s != ' '
|
||||||
&& i < sizeof c->fpr2 - 3);
|
&& i < sizeof c->fpr2 - 3);
|
||||||
s++, i++)
|
s++, i++)
|
||||||
c->fpr2[i] = *s;
|
c->fpr2[i] = *s;
|
||||||
c->fpr2[i] = 0;
|
c->fpr2[i] = 0;
|
||||||
name = c->fpr2;
|
name = c->fpr2;
|
||||||
}
|
|
||||||
else /* Restore error. */
|
|
||||||
err = gpg_error (GPG_ERR_INV_NAME);
|
|
||||||
free_strlist (kplist);
|
free_strlist (kplist);
|
||||||
}
|
}
|
||||||
}
|
|
||||||
xfree (keyref);
|
xfree (keyref);
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if (err)
|
if (err)
|
||||||
log_error ("error retrieving key from card: %s\n",
|
log_error ("error retrieving key from card: %s\n",
|
||||||
gpg_strerror (err));
|
gpg_strerror (err));
|
||||||
|
Loading…
x
Reference in New Issue
Block a user