scd: Extend an internal function to also return the algo.

* scd/app-help.c (app_help_get_keygrip_string_pk): Add optional arg r_algo. Change all callers. (app_help_get_keygrip_string): Ditto. Signed-off-by: Werner Koch <wk@gnupg.org>
2025-02-01 16:33:02 +01:00 · 2020-05-05 08:07:11 +02:00 · 2020-05-05 08:07:11 +02:00 · 314859d7e7
commit 314859d7e7
parent 1e72a1a218
8 changed files with 24 additions and 17 deletions
--- a/scd/app-common.h
+++ b/scd/app-common.h
@ -217,9 +217,10 @@ app_get_slot (app_t app)
 unsigned int app_help_count_bits (const unsigned char *a, size_t len);
 gpg_error_t app_help_get_keygrip_string_pk (const void *pk, size_t pklen,
                                            char *hexkeygrip,
-                                            gcry_sexp_t *r_pkey);
+                                            gcry_sexp_t *r_pkey,
+                                            int *r_algo);
 gpg_error_t app_help_get_keygrip_string (ksba_cert_t cert, char *hexkeygrip,
-                                         gcry_sexp_t *r_pkey);
+                                         gcry_sexp_t *r_pkey, int *r_algo);
 gpg_error_t app_help_pubkey_from_cert (const void *cert, size_t certlen,
                                       unsigned char **r_pk, size_t *r_pklen);
 size_t app_help_read_length_of_cert (int slot, int fid, size_t *r_certoff);
--- a/scd/app-dinsig.c
+++ b/scd/app-dinsig.c
@ -137,7 +137,7 @@ do_learn_status (app_t app, ctrl_t ctrl, unsigned int flags)
      ksba_cert_release (cert);
      return err;
    }
-  err = app_help_get_keygrip_string (cert, hexkeygrip, NULL);
+  err = app_help_get_keygrip_string (cert, hexkeygrip, NULL, NULL);
  if (err)
    {
      log_error ("failed to calculate the keygrip for FID 0x%04X\n", fid);
--- a/scd/app-help.c
+++ b/scd/app-help.c
@ -54,12 +54,13 @@ app_help_count_bits (const unsigned char *a, size_t len)
 /* Return the KEYGRIP for the canonical encoded public key (PK,PKLEN)
 * as an hex encoded string in the user provided buffer HEXKEYGRIP
 * which must be of at least 41 bytes.  If R_PKEY is not NULL and the
- * function succeeded, the S-expression representing the key is
- * stored there.  The caller needs to call gcry_sexp_release on
- * that.  */
+ * function succeeded, the S-expression representing the key is stored
+ * there.  The caller needs to call gcry_sexp_release on that.  If
+ * R_ALGO is not NULL the public key algorithm id of Libgcrypt is
+ * stored there.  */
 gpg_error_t
 app_help_get_keygrip_string_pk (const void *pk, size_t pklen, char *hexkeygrip,
-                                gcry_sexp_t *r_pkey)
+                                gcry_sexp_t *r_pkey, int *r_algo)
 {
  gpg_error_t err;
  gcry_sexp_t s_pkey;
@ -77,6 +78,9 @@ app_help_get_keygrip_string_pk (const void *pk, size_t pklen, char *hexkeygrip,
      return gpg_error (GPG_ERR_GENERAL); /* Failed to calculate the keygrip.*/
    }

+  if (r_algo)
+    *r_algo = get_pk_algo_from_key (s_pkey);
+
  if (r_pkey)
    *r_pkey = s_pkey;
  else
@ -92,10 +96,11 @@ app_help_get_keygrip_string_pk (const void *pk, size_t pklen, char *hexkeygrip,
 * string in the user provided buffer HEXKEYGRIP which must be of at
 * least 41 bytes.  If R_PKEY is not NULL and the function succeeded,
 * the S-expression representing the key is stored there.  The caller
- * needs to call gcry_sexp_release on that. */
+ * needs to call gcry_sexp_release on that.  If R_ALGO is not NULL the
+ * public key algorithm id of Libgcrypt is stored there. */
 gpg_error_t
 app_help_get_keygrip_string (ksba_cert_t cert, char *hexkeygrip,
-                             gcry_sexp_t *r_pkey)
+                             gcry_sexp_t *r_pkey, int *r_algo)
 {
  gpg_error_t err;
  ksba_sexp_t p;
@ -110,7 +115,8 @@ app_help_get_keygrip_string (ksba_cert_t cert, char *hexkeygrip,
  n = gcry_sexp_canon_len (p, 0, NULL, NULL);
  if (!n)
    return gpg_error (GPG_ERR_INV_SEXP);
-  err = app_help_get_keygrip_string_pk ((void*)p, n, hexkeygrip, r_pkey);
+  err = app_help_get_keygrip_string_pk ((void*)p, n, hexkeygrip,
+                                        r_pkey, r_algo);
  ksba_free (p);
  return err;
 }
--- a/scd/app-nks.c
+++ b/scd/app-nks.c
@ -251,7 +251,7 @@ keygripstr_from_pk_file (app_t app, int pkfid, int cfid, char *r_gripstr)
          return err;
        }

-      err = app_help_get_keygrip_string_pk (pk, pklen, r_gripstr, NULL);
+      err = app_help_get_keygrip_string_pk (pk, pklen, r_gripstr, NULL, NULL);
      xfree (pk);
      if (err)
        log_error ("nks: error getting keygrip for certificate %04X: %s\n",
--- a/scd/app-p15.c
+++ b/scd/app-p15.c
@ -2694,7 +2694,7 @@ keygrip_from_prkdf (app_t app, prkdf_object_t prkdf)
    err = ksba_cert_init_from_mem (cert, der, derlen);
  xfree (der);
  if (!err)
-    err = app_help_get_keygrip_string (cert, prkdf->keygrip, &s_pkey);
+    err = app_help_get_keygrip_string (cert, prkdf->keygrip, &s_pkey, NULL);
  if (!err)
    {
      /* Try to get the CN and the SerialNumber from the certificate;
--- a/scd/app-piv.c
+++ b/scd/app-piv.c
@ -526,7 +526,7 @@ add_tlv (unsigned char *buffer, unsigned int tag, size_t length)
 }


-/* Function to build a list of TLV and return the result in a mallcoed
+/* Function to build a list of TLV and return the result in a malloced
 * buffer.  The varargs are tuples of (int,size_t,void) each with the
 * tag, the length and the actual data.  A (0,0,NULL) tuple terminates
 * the list.  Up to 10 tuples are supported.  If SECMEM is true the
@ -1331,7 +1331,7 @@ get_keygrip_by_tag (app_t app, unsigned int tag,
      err = ksba_cert_init_from_mem (cert, certbuf, certbuflen);
      if (err)
        goto leave;
-      err = app_help_get_keygrip_string (cert, *r_keygripstr, NULL);
+      err = app_help_get_keygrip_string (cert, *r_keygripstr, NULL, NULL);
    }

 leave:
@ -1539,7 +1539,7 @@ do_readkey (app_t app, ctrl_t ctrl, const char *keyrefstr, unsigned int flags,
      char idbuf[50];
      const char *usage;

-      err = app_help_get_keygrip_string_pk (pk, pklen, keygripstr, NULL);
+      err = app_help_get_keygrip_string_pk (pk, pklen, keygripstr, NULL, NULL);
      if (err)
        {
          log_error ("app_help_get_keygrip_string_pk failed: %s\n",
--- a/scd/app-sc-hsm.c
+++ b/scd/app-sc-hsm.c
@ -1355,7 +1355,7 @@ keygripstr_from_prkdf (app_t app, prkdf_object_t prkdf, char *r_gripstr)
    err = ksba_cert_init_from_mem (cert, der, derlen);
  xfree (der);
  if (!err)
-    err = app_help_get_keygrip_string (cert, r_gripstr, NULL);
+    err = app_help_get_keygrip_string (cert, r_gripstr, NULL, NULL);
  ksba_cert_release (cert);

  return err;
--- a/scd/command.c
+++ b/scd/command.c
@ -651,7 +651,7 @@ do_readkey (card_t card, ctrl_t ctrl, const char *line,
          char keygripstr[KEYGRIP_LEN*2+1];

          rc = app_help_get_keygrip_string_pk (*pk_p, *pklen_p,
-                                               keygripstr, NULL);
+                                               keygripstr, NULL, NULL);
          if (rc)
            {
              log_error ("app_help_get_keygrip_string failed: %s\n",