card: Remove command "key-attr" and hack on "generate".

* tools/gpg-card.h (struct key_attr): Remove. (struct key_info_s): Remove key_attr. Add keyalgo and keyalgo_id. * tools/card-call-scd.c (learn_status_cb): Rework the key-attr info. * tools/gpg-card.c (list_one_kinfo): Always show the algorithm; if there is no key show the key attributes instead. (list_openpgp): Do not print the "Key attributes". (generate_key): Factor the repalce key pormpt out to ... (ask_replace_keys): new. (generate_openpgp): Rename to generate_all_openpgp_card_keys and add an algo parameter. (generate_generic): Rename to generate_key. Prepare generation of a single OpenPGP key. (cmd_generate): Revamp. (ask_card_rsa_keysize): Remove. (ask_card_keyattr): Remove. (do_change_keyattr): Remove. (cmd_keyattr): Remove. (enum cmdids): Remove cmdKEYATTR. (cmds): Ditto. (dispatch_command): Ditto. (interactive_loop): Ditto. -- This change shows the key attributes of an OpenPGP card instead of the key's algorithm if no key exists. It also remove the key-attr command because for uniformity it is better to do this directly in scd/app-openpgp.c At least for this new gpg-card tool. There a couple of other changes but to the generate command but they are not yet ready. Signed-off-by: Werner Koch <wk@gnupg.org>
2025-07-02 22:46:30 +02:00 · 2020-02-10 14:12:36 +01:00 · 2020-02-10 14:12:36 +01:00 · 438b7881ba
commit 438b7881ba
parent fb6ff7ead7
3 changed files with 203 additions and 398 deletions
--- a/tools/card-call-scd.c
+++ b/tools/card-call-scd.c
@ -817,25 +817,54 @@ learn_status_cb (void *opaque, const char *line)
        }
      else if (!memcmp (keyword, "KEY-ATTR", keywordlen))
        {
-          int keyno = 0;
-          int algo = GCRY_PK_RSA;
-          int n = 0;
+          char keyrefbuf[20];
+          int keyno, algo, n;
+          const char *curve;
+          unsigned int nbits;

+          /* To prepare for future changes we allow for a full OpenPGP
+           * keyref here.  */
+          if (!ascii_strncasecmp (line, "OPENPGP.", 8))
+            line += 8;
+
+          /* Note that KEY-ATTR returns OpenPGP algorithm numbers but
+           * we want to use the Gcrypt numbers here.  A compatible
+           * change would be to add another paramater along with a
+           * magic algo number to indicate that.  */
+          algo = PUBKEY_ALGO_RSA;
+          keyno = n = 0;
          sscanf (line, "%d %d %n", &keyno, &algo, &n);
-          keyno--;
-          if (keyno < 0 || keyno >= DIM (parm->key_attr))
+          algo = map_openpgp_pk_to_gcry (algo);
+          if (keyno < 1 || keyno > 3)
            ; /* Out of range - ignore.  */
          else
            {
-              parm->key_attr[keyno].algo = algo;
-              if (algo == PUBKEY_ALGO_RSA)
-                parm->key_attr[keyno].nbits = strtoul (line+n+3, NULL, 10);
-              else if (algo == PUBKEY_ALGO_ECDH || algo == PUBKEY_ALGO_ECDSA
-                       || algo == PUBKEY_ALGO_EDDSA)
+              snprintf (keyrefbuf, sizeof keyrefbuf, "OPENPGP.%d", keyno);
+              keyref = keyrefbuf;
+
+              kinfo = find_kinfo (parm, keyref);
+              if (!kinfo)  /* No: new entry.  */
+                kinfo = create_kinfo (parm, keyref);
+
+              /* Although we could use the the value at %n directly as
+               * keyalgo string, we want to use the standard
+               * keyalgo_string function and thus we reconstruct it
+               * here to make sure the displayed form of the curve
+               * names is used.  */
+              nbits = 0;
+              curve = NULL;
+              if (algo == GCRY_PK_ECDH || algo == GCRY_PK_ECDSA
+                  || algo == GCRY_PK_EDDSA || algo == GCRY_PK_ECC)
                {
-                  parm->key_attr[keyno].curve =
-                    openpgp_is_curve_supported (line + n, NULL, NULL);
+                  curve = openpgp_is_curve_supported (line + n, NULL, NULL);
                }
+              else /* For rsa we see here for example "rsa2048".  */
+                {
+                  if (line[n] && line[n+1] && line[n+2])
+                    nbits = strtoul (line+n+3, NULL, 10);
+                }
+              kinfo->keyalgo = get_keyalgo_string (algo, nbits, curve);
+              kinfo->keyalgo_id = algo;
            }
        }
      break;
@ -1267,11 +1296,11 @@ scd_genkey_cb (void *opaque, const char *line)
  return 0;
 }

+
 /* Send a GENKEY command to the SCdaemon.  If *CREATETIME is not 0,
 * the value will be passed to SCDAEMON with --timestamp option so that
 * the key is created with this.  Otherwise, timestamp was generated by
- * SCDEAMON.  On success, creation time is stored back to
- * CREATETIME.  */
+ * SCDAEMON.  On success, creation time is stored back to CREATETIME.  */
 gpg_error_t
 scd_genkey (const char *keyref, int force, const char *algo, u32 *createtime)
 {