From 4ffadb74b3ada8a5d69ef8d87f4326df9bd97e97 Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Fri, 3 Apr 2015 17:33:11 +0900
Subject: [PATCH] agent: Add --force option for LEARN.

* agent/command.c (cmd_learn): Handle --force option.
(cmd_keytocard): Don't update key storage file.
* agent/agent.h (agent_handle_learn): Add FORCE.
* agent/learncard.c (agent_handle_learn): Implement FORCE to update
key stroage file.
--
---
 agent/agent.h     |  2 +-
 agent/command.c   | 52 ++++++-----------------------------------------
 agent/learncard.c |  6 +++---
 3 files changed, 10 insertions(+), 50 deletions(-)

diff --git a/agent/agent.h b/agent/agent.h
index f60061e6f..d61e6346e 100644
--- a/agent/agent.h
+++ b/agent/agent.h
@@ -495,7 +495,7 @@ int agent_card_scd (ctrl_t ctrl, const char *cmdline,
 
 
 /*-- learncard.c --*/
-int agent_handle_learn (ctrl_t ctrl, int send, void *assuan_context);
+int agent_handle_learn (ctrl_t ctrl, int send, void *assuan_context, int force);
 
 
 /*-- cvt-openpgp.c --*/
diff --git a/agent/command.c b/agent/command.c
index 96fbf19ce..3188bbd0e 100644
--- a/agent/command.c
+++ b/agent/command.c
@@ -1655,25 +1655,27 @@ cmd_get_confirmation (assuan_context_t ctx, char *line)
 
 
 static const char hlp_learn[] =
-  "LEARN [--send][--sendinfo]\n"
+  "LEARN [--send] [--sendinfo] [--force]\n"
   "\n"
   "Learn something about the currently inserted smartcard.  With\n"
   "--sendinfo information about the card is returned; with --send\n"
-  "the available certificates are returned as D lines.";
+  "the available certificates are returned as D lines; with --force\n"
+  "private key storage will be updated by the result.";
 static gpg_error_t
 cmd_learn (assuan_context_t ctx, char *line)
 {
   ctrl_t ctrl = assuan_get_pointer (ctx);
   gpg_error_t err;
-  int send, sendinfo;
+  int send, sendinfo, force;
 
   send = has_option (line, "--send");
   sendinfo = send? 1 : has_option (line, "--sendinfo");
+  force = has_option (line, "--force");
 
   if (ctrl->restricted)
     return leave_cmd (ctx, gpg_error (GPG_ERR_FORBIDDEN));
 
-  err = agent_handle_learn (ctrl, send, sendinfo? ctx : NULL);
+  err = agent_handle_learn (ctrl, send, sendinfo? ctx : NULL, force);
   return leave_cmd (ctx, err);
 }
 
@@ -2409,12 +2411,10 @@ cmd_keytocard (assuan_context_t ctx, char *line)
   gpg_error_t err = 0;
   unsigned char grip[20];
   gcry_sexp_t s_skey = NULL;
-  gcry_sexp_t s_pkey = NULL;
   unsigned char *keydata;
   size_t keydatalen, timestamplen;
   const char *serialno, *timestamp_str, *id;
   unsigned char *shadow_info = NULL;
-  unsigned char *shdkey;
   time_t timestamp;
 
   if (ctrl->restricted)
@@ -2492,48 +2492,8 @@ cmd_keytocard (assuan_context_t ctx, char *line)
   snprintf (keydata+keydatalen-1, 30, "(10:created-at10:%010lu))", timestamp);
   keydatalen += 10 + 19 - 1;
   err = divert_writekey (ctrl, force, serialno, id, keydata, keydatalen);
-  if (err)
-    {
-      xfree (keydata);
-      goto leave;
-    }
   xfree (keydata);
 
-  err = agent_public_key_from_file (ctrl, grip, &s_pkey);
-  if (err)
-    goto leave;
-
-  shadow_info = make_shadow_info (serialno, id);
-  if (!shadow_info)
-    {
-      err = gpg_error (GPG_ERR_ENOMEM);
-      gcry_sexp_release (s_pkey);
-      goto leave;
-    }
-  keydatalen = gcry_sexp_sprint (s_pkey, GCRYSEXP_FMT_CANON, NULL, 0);
-  keydata = xtrymalloc (keydatalen);
-  if (keydata == NULL)
-    {
-      err = gpg_error_from_syserror ();
-      gcry_sexp_release (s_pkey);
-      goto leave;
-    }
-  gcry_sexp_sprint (s_pkey, GCRYSEXP_FMT_CANON, keydata, keydatalen);
-  gcry_sexp_release (s_pkey);
-  err = agent_shadow_key (keydata, shadow_info, &shdkey);
-  xfree (keydata);
-  xfree (shadow_info);
-  if (err)
-    {
-      log_error ("shadowing the key failed: %s\n", gpg_strerror (err));
-      goto leave;
-    }
-
-  keydatalen = gcry_sexp_canon_len (shdkey, 0, NULL, NULL);
-  err = agent_write_private_key (grip, shdkey, keydatalen, 1);
-  xfree (shdkey);
-
- leave:
   return leave_cmd (ctx, err);
 }
 
diff --git a/agent/learncard.c b/agent/learncard.c
index 62569ceff..e0f23400d 100644
--- a/agent/learncard.c
+++ b/agent/learncard.c
@@ -299,7 +299,7 @@ send_cert_back (ctrl_t ctrl, const char *id, void *assuan_context)
 /* Perform the learn operation.  If ASSUAN_CONTEXT is not NULL and
    SEND is true all new certificates are send back via Assuan.  */
 int
-agent_handle_learn (ctrl_t ctrl, int send, void *assuan_context)
+agent_handle_learn (ctrl_t ctrl, int send, void *assuan_context, int force)
 {
   int rc;
 
@@ -399,7 +399,7 @@ agent_handle_learn (ctrl_t ctrl, int send, void *assuan_context)
       for (p=item->hexgrip, i=0; i < 20; p += 2, i++)
         grip[i] = xtoi_2 (p);
 
-      if (!agent_key_available (grip))
+      if (!force && !agent_key_available (grip))
         continue; /* The key is already available. */
 
       /* Unknown key - store it. */
@@ -430,7 +430,7 @@ agent_handle_learn (ctrl_t ctrl, int send, void *assuan_context)
       n = gcry_sexp_canon_len (shdkey, 0, NULL, NULL);
       assert (n);
 
-      rc = agent_write_private_key (grip, shdkey, n, 0);
+      rc = agent_write_private_key (grip, shdkey, n, force);
       xfree (shdkey);
       if (rc)
         {