mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-08 12:44:23 +01:00
scd: Return USAGE information for KEYINFO command.
* scd/command.c (hlp_keyinfo): Update. (send_keyinfo): Add a USAGE argument. * scd/scdaemon.h (send_keyinfo): Add a USAGE argument. * scd/app-nks.c (set_usage_string): New. (do_learn_status_core, do_readkey): Use set_usage_string. (do_with_keygrip): Add USAGE to call send_keyinfo, using set_usage_string. * scd/app-openpgp.c (get_usage_string): New. (send_keypair_info): Use get_usage_string. (send_keyinfo_if_available): Add USAGE to call send_keyinfo, using get_usage_string. * scd/app-p15.c (set_usage_string): New. (send_keypairinfo): Use set_usage_string. (do_with_keygrip): Add USAGE to call send_keyinfo, using set_usage_string. * scd/app-piv.c (do_with_keygrip): Add USAGE to call send_keyinfo. -- Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
parent
64c8786105
commit
5264d3f58e
@ -814,6 +814,21 @@ get_nks_tag (app_t app, int nks_app_id)
|
|||||||
return tag;
|
return tag;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
set_usage_string (char usagebuf[5], int i)
|
||||||
|
{
|
||||||
|
int usageidx = 0;
|
||||||
|
if (filelist[i].issignkey)
|
||||||
|
usagebuf[usageidx++] = 's';
|
||||||
|
if (filelist[i].isauthkey)
|
||||||
|
usagebuf[usageidx++] = 'a';
|
||||||
|
if (filelist[i].isencrkey)
|
||||||
|
usagebuf[usageidx++] = 'e';
|
||||||
|
if (!usageidx)
|
||||||
|
usagebuf[usageidx++] = '-';
|
||||||
|
usagebuf[usageidx] = 0;
|
||||||
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
do_learn_status_core (app_t app, ctrl_t ctrl, unsigned int flags,
|
do_learn_status_core (app_t app, ctrl_t ctrl, unsigned int flags,
|
||||||
int nks_app_id)
|
int nks_app_id)
|
||||||
@ -856,7 +871,6 @@ do_learn_status_core (app_t app, ctrl_t ctrl, unsigned int flags,
|
|||||||
{
|
{
|
||||||
char gripstr[40+1];
|
char gripstr[40+1];
|
||||||
char usagebuf[5];
|
char usagebuf[5];
|
||||||
int usageidx = 0;
|
|
||||||
char *algostr = NULL;
|
char *algostr = NULL;
|
||||||
|
|
||||||
err = keygripstr_from_pk_file (app, filelist[i].fid,
|
err = keygripstr_from_pk_file (app, filelist[i].fid,
|
||||||
@ -869,15 +883,7 @@ do_learn_status_core (app_t app, ctrl_t ctrl, unsigned int flags,
|
|||||||
{
|
{
|
||||||
snprintf (id_buf, sizeof id_buf, "NKS-%s.%04X",
|
snprintf (id_buf, sizeof id_buf, "NKS-%s.%04X",
|
||||||
tag, filelist[i].fid);
|
tag, filelist[i].fid);
|
||||||
if (filelist[i].issignkey)
|
set_usage_string (usagebuf, i);
|
||||||
usagebuf[usageidx++] = 's';
|
|
||||||
if (filelist[i].isauthkey)
|
|
||||||
usagebuf[usageidx++] = 'a';
|
|
||||||
if (filelist[i].isencrkey)
|
|
||||||
usagebuf[usageidx++] = 'e';
|
|
||||||
if (!usageidx)
|
|
||||||
usagebuf[usageidx++] = '-';
|
|
||||||
usagebuf[usageidx] = 0;
|
|
||||||
send_status_info (ctrl, "KEYPAIRINFO",
|
send_status_info (ctrl, "KEYPAIRINFO",
|
||||||
gripstr, 40,
|
gripstr, 40,
|
||||||
id_buf, strlen (id_buf),
|
id_buf, strlen (id_buf),
|
||||||
@ -1280,7 +1286,6 @@ do_readkey (app_t app, ctrl_t ctrl, const char *keyid, unsigned int flags,
|
|||||||
{
|
{
|
||||||
char *algostr;
|
char *algostr;
|
||||||
char usagebuf[5];
|
char usagebuf[5];
|
||||||
int usageidx = 0;
|
|
||||||
char id_buf[100];
|
char id_buf[100];
|
||||||
|
|
||||||
if (app_help_get_keygrip_string_pk (*pk, *pklen, NULL, NULL, NULL,
|
if (app_help_get_keygrip_string_pk (*pk, *pklen, NULL, NULL, NULL,
|
||||||
@ -1290,15 +1295,7 @@ do_readkey (app_t app, ctrl_t ctrl, const char *keyid, unsigned int flags,
|
|||||||
snprintf (id_buf, sizeof id_buf, "NKS-%s.%04X",
|
snprintf (id_buf, sizeof id_buf, "NKS-%s.%04X",
|
||||||
get_nks_tag (app, filelist[i].nks_app_id),
|
get_nks_tag (app, filelist[i].nks_app_id),
|
||||||
filelist[i].fid);
|
filelist[i].fid);
|
||||||
if (filelist[i].issignkey)
|
set_usage_string (usagebuf, i);
|
||||||
usagebuf[usageidx++] = 's';
|
|
||||||
if (filelist[i].isauthkey)
|
|
||||||
usagebuf[usageidx++] = 'a';
|
|
||||||
if (filelist[i].isencrkey)
|
|
||||||
usagebuf[usageidx++] = 'e';
|
|
||||||
if (!usageidx)
|
|
||||||
usagebuf[usageidx++] = '-';
|
|
||||||
usagebuf[usageidx] = 0;
|
|
||||||
send_status_info (ctrl, "KEYPAIRINFO",
|
send_status_info (ctrl, "KEYPAIRINFO",
|
||||||
keygripstr, strlen (keygripstr),
|
keygripstr, strlen (keygripstr),
|
||||||
id_buf, strlen (id_buf),
|
id_buf, strlen (id_buf),
|
||||||
@ -2334,6 +2331,7 @@ do_with_keygrip (app_t app, ctrl_t ctrl, int action,
|
|||||||
{
|
{
|
||||||
char idbuf[20];
|
char idbuf[20];
|
||||||
const char *tagstr;
|
const char *tagstr;
|
||||||
|
char usagebuf[5];
|
||||||
|
|
||||||
if (app->app_local->active_nks_app == NKS_APP_ESIGN)
|
if (app->app_local->active_nks_app == NKS_APP_ESIGN)
|
||||||
tagstr = "ESIGN";
|
tagstr = "ESIGN";
|
||||||
@ -2348,7 +2346,8 @@ do_with_keygrip (app_t app, ctrl_t ctrl, int action,
|
|||||||
|
|
||||||
snprintf (idbuf, sizeof idbuf, "NKS-%s.%04X",
|
snprintf (idbuf, sizeof idbuf, "NKS-%s.%04X",
|
||||||
tagstr, filelist[idx].fid);
|
tagstr, filelist[idx].fid);
|
||||||
send_keyinfo (ctrl, data, keygripstr, serialno, idbuf);
|
set_usage_string (usagebuf, idx);
|
||||||
|
send_keyinfo (ctrl, data, keygripstr, serialno, idbuf, usagebuf);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -2043,6 +2043,21 @@ get_public_key (app_t app, int keyno)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static const char *
|
||||||
|
get_usage_string (int keyno)
|
||||||
|
{
|
||||||
|
const char *usage;
|
||||||
|
switch (keyno)
|
||||||
|
{
|
||||||
|
case 0: usage = "sc"; break;
|
||||||
|
case 1: usage = "e"; break;
|
||||||
|
case 2: usage = "sa"; break;
|
||||||
|
default: usage = "-"; break;
|
||||||
|
}
|
||||||
|
return usage;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/* Send the KEYPAIRINFO back. KEY needs to be in the range [1,3].
|
/* Send the KEYPAIRINFO back. KEY needs to be in the range [1,3].
|
||||||
This is used by the LEARN command. */
|
This is used by the LEARN command. */
|
||||||
static gpg_error_t
|
static gpg_error_t
|
||||||
@ -2062,13 +2077,7 @@ send_keypair_info (app_t app, ctrl_t ctrl, int key)
|
|||||||
if (!app->app_local->pk[keyno].key)
|
if (!app->app_local->pk[keyno].key)
|
||||||
goto leave; /* No such key - ignore. */
|
goto leave; /* No such key - ignore. */
|
||||||
|
|
||||||
switch (keyno)
|
usage = get_usage_string (keyno);
|
||||||
{
|
|
||||||
case 0: usage = "sc"; break;
|
|
||||||
case 1: usage = "e"; break;
|
|
||||||
case 2: usage = "sa"; break;
|
|
||||||
default: usage = "-"; break;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (retrieve_fprtime_from_card (app, keyno, &fprtime))
|
if (retrieve_fprtime_from_card (app, keyno, &fprtime))
|
||||||
fprtime = 0;
|
fprtime = 0;
|
||||||
@ -5920,12 +5929,13 @@ send_keyinfo_if_available (app_t app, ctrl_t ctrl, char *serial,
|
|||||||
int data, int i)
|
int data, int i)
|
||||||
{
|
{
|
||||||
char idbuf[50];
|
char idbuf[50];
|
||||||
|
const char *usage = get_usage_string (i);
|
||||||
|
|
||||||
if (app->app_local->pk[i].read_done)
|
if (app->app_local->pk[i].read_done)
|
||||||
{
|
{
|
||||||
sprintf (idbuf, "OPENPGP.%d", i+1);
|
sprintf (idbuf, "OPENPGP.%d", i+1);
|
||||||
send_keyinfo (ctrl, data,
|
send_keyinfo (ctrl, data,
|
||||||
app->app_local->pk[i].keygrip_str, serial, idbuf);
|
app->app_local->pk[i].keygrip_str, serial, idbuf, usage);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -4110,6 +4110,47 @@ keyref_from_prkdf (app_t app, prkdf_object_t prkdf)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static void
|
||||||
|
set_usage_string (char usage[5], prkdf_object_t prkdf)
|
||||||
|
{
|
||||||
|
size_t usagelen = 0;
|
||||||
|
if (prkdf->gpgusage.any)
|
||||||
|
{
|
||||||
|
if (prkdf->gpgusage.sign)
|
||||||
|
usage[usagelen++] = 's';
|
||||||
|
if (prkdf->gpgusage.cert)
|
||||||
|
usage[usagelen++] = 'c';
|
||||||
|
if (prkdf->gpgusage.encr)
|
||||||
|
usage[usagelen++] = 'e';
|
||||||
|
if (prkdf->gpgusage.auth)
|
||||||
|
usage[usagelen++] = 'a';
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if ((prkdf->usageflags.sign
|
||||||
|
|| prkdf->usageflags.sign_recover
|
||||||
|
|| prkdf->usageflags.non_repudiation)
|
||||||
|
&& (!prkdf->extusage.valid
|
||||||
|
|| prkdf->extusage.sign))
|
||||||
|
usage[usagelen++] = 's';
|
||||||
|
if ((prkdf->usageflags.sign
|
||||||
|
|| prkdf->usageflags.sign_recover)
|
||||||
|
&& (!prkdf->extusage.valid || prkdf->extusage.sign))
|
||||||
|
usage[usagelen++] = 'c';
|
||||||
|
if ((prkdf->usageflags.decrypt
|
||||||
|
|| prkdf->usageflags.unwrap)
|
||||||
|
&& (!prkdf->extusage.valid || prkdf->extusage.encr))
|
||||||
|
usage[usagelen++] = 'e';
|
||||||
|
if ((prkdf->usageflags.sign
|
||||||
|
|| prkdf->usageflags.sign_recover)
|
||||||
|
&& (!prkdf->extusage.valid || prkdf->extusage.auth))
|
||||||
|
usage[usagelen++] = 'a';
|
||||||
|
}
|
||||||
|
if (!usagelen)
|
||||||
|
usage[usagelen++] = '-';
|
||||||
|
usage[usagelen++] = 0;
|
||||||
|
}
|
||||||
|
|
||||||
/* Helper to do_learn_status: Send information about all known
|
/* Helper to do_learn_status: Send information about all known
|
||||||
keypairs back. FIXME: much code duplication from
|
keypairs back. FIXME: much code duplication from
|
||||||
send_certinfo(). */
|
send_certinfo(). */
|
||||||
@ -4140,40 +4181,6 @@ send_keypairinfo (app_t app, ctrl_t ctrl, prkdf_object_t prkdf)
|
|||||||
char usage[5];
|
char usage[5];
|
||||||
char keytime[20];
|
char keytime[20];
|
||||||
const char *algostr;
|
const char *algostr;
|
||||||
size_t usagelen = 0;
|
|
||||||
|
|
||||||
if (prkdf->gpgusage.any)
|
|
||||||
{
|
|
||||||
if (prkdf->gpgusage.sign)
|
|
||||||
usage[usagelen++] = 's';
|
|
||||||
if (prkdf->gpgusage.cert)
|
|
||||||
usage[usagelen++] = 'c';
|
|
||||||
if (prkdf->gpgusage.encr)
|
|
||||||
usage[usagelen++] = 'e';
|
|
||||||
if (prkdf->gpgusage.auth)
|
|
||||||
usage[usagelen++] = 'a';
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
if ((prkdf->usageflags.sign
|
|
||||||
|| prkdf->usageflags.sign_recover
|
|
||||||
|| prkdf->usageflags.non_repudiation)
|
|
||||||
&& (!prkdf->extusage.valid
|
|
||||||
|| prkdf->extusage.sign))
|
|
||||||
usage[usagelen++] = 's';
|
|
||||||
if ((prkdf->usageflags.sign
|
|
||||||
|| prkdf->usageflags.sign_recover)
|
|
||||||
&& (!prkdf->extusage.valid || prkdf->extusage.sign))
|
|
||||||
usage[usagelen++] = 'c';
|
|
||||||
if ((prkdf->usageflags.decrypt
|
|
||||||
|| prkdf->usageflags.unwrap)
|
|
||||||
&& (!prkdf->extusage.valid || prkdf->extusage.encr))
|
|
||||||
usage[usagelen++] = 'e';
|
|
||||||
if ((prkdf->usageflags.sign
|
|
||||||
|| prkdf->usageflags.sign_recover)
|
|
||||||
&& (!prkdf->extusage.valid || prkdf->extusage.auth))
|
|
||||||
usage[usagelen++] = 'a';
|
|
||||||
}
|
|
||||||
|
|
||||||
log_assert (strlen (prkdf->keygrip) == 40);
|
log_assert (strlen (prkdf->keygrip) == 40);
|
||||||
if (prkdf->keytime && prkdf->have_keytime)
|
if (prkdf->keytime && prkdf->have_keytime)
|
||||||
@ -4184,10 +4191,11 @@ send_keypairinfo (app_t app, ctrl_t ctrl, prkdf_object_t prkdf)
|
|||||||
|
|
||||||
algostr = prkdf->keyalgostr;
|
algostr = prkdf->keyalgostr;
|
||||||
|
|
||||||
|
set_usage_string (usage, prkdf);
|
||||||
send_status_info (ctrl, "KEYPAIRINFO",
|
send_status_info (ctrl, "KEYPAIRINFO",
|
||||||
prkdf->keygrip, 2*KEYGRIP_LEN,
|
prkdf->keygrip, 2*KEYGRIP_LEN,
|
||||||
buf, strlen (buf),
|
buf, strlen (buf),
|
||||||
usage, usagelen,
|
usage, strlen (usage),
|
||||||
keytime, strlen (keytime),
|
keytime, strlen (keytime),
|
||||||
algostr, strlen (algostr?algostr:""),
|
algostr, strlen (algostr?algostr:""),
|
||||||
NULL, (size_t)0);
|
NULL, (size_t)0);
|
||||||
@ -6017,6 +6025,7 @@ do_with_keygrip (app_t app, ctrl_t ctrl, int action,
|
|||||||
else if (!want_keygripstr || !strcmp (prkdf->keygrip, want_keygripstr))
|
else if (!want_keygripstr || !strcmp (prkdf->keygrip, want_keygripstr))
|
||||||
{
|
{
|
||||||
char *keyref;
|
char *keyref;
|
||||||
|
char usage[5];
|
||||||
|
|
||||||
if (capability == GCRY_PK_USAGE_SIGN)
|
if (capability == GCRY_PK_USAGE_SIGN)
|
||||||
{
|
{
|
||||||
@ -6042,7 +6051,8 @@ do_with_keygrip (app_t app, ctrl_t ctrl, int action,
|
|||||||
goto leave;
|
goto leave;
|
||||||
}
|
}
|
||||||
|
|
||||||
send_keyinfo (ctrl, as_data, prkdf->keygrip, serialno, keyref);
|
set_usage_string (usage, prkdf);
|
||||||
|
send_keyinfo (ctrl, as_data, prkdf->keygrip, serialno, keyref, usage);
|
||||||
xfree (keyref);
|
xfree (keyref);
|
||||||
if (want_keygripstr)
|
if (want_keygripstr)
|
||||||
{
|
{
|
||||||
|
@ -3529,6 +3529,13 @@ do_with_keygrip (app_t app, ctrl_t ctrl, int action,
|
|||||||
}
|
}
|
||||||
else if (!want_keygripstr || !strcmp (keygripstr, want_keygripstr))
|
else if (!want_keygripstr || !strcmp (keygripstr, want_keygripstr))
|
||||||
{
|
{
|
||||||
|
const char *usage;
|
||||||
|
|
||||||
|
if (data_objects[i].usage)
|
||||||
|
usage = data_objects[i].usage;
|
||||||
|
else
|
||||||
|
usage = "-";
|
||||||
|
|
||||||
if (capability == GCRY_PK_USAGE_SIGN)
|
if (capability == GCRY_PK_USAGE_SIGN)
|
||||||
{
|
{
|
||||||
if (strcmp (data_objects[i].keyref, "9C"))
|
if (strcmp (data_objects[i].keyref, "9C"))
|
||||||
@ -3546,7 +3553,7 @@ do_with_keygrip (app_t app, ctrl_t ctrl, int action,
|
|||||||
}
|
}
|
||||||
|
|
||||||
snprintf (idbuf, sizeof idbuf, "PIV.%s", data_objects[i].keyref);
|
snprintf (idbuf, sizeof idbuf, "PIV.%s", data_objects[i].keyref);
|
||||||
send_keyinfo (ctrl, data, keygripstr, serialno, idbuf);
|
send_keyinfo (ctrl, data, keygripstr, serialno, idbuf, usage);
|
||||||
if (want_keygripstr)
|
if (want_keygripstr)
|
||||||
{
|
{
|
||||||
err = 0; /* Found */
|
err = 0; /* Found */
|
||||||
|
@ -2235,7 +2235,7 @@ static const char hlp_keyinfo[] =
|
|||||||
"Unless --data is given, the\n"
|
"Unless --data is given, the\n"
|
||||||
"information is returned as a status line using the format:\n"
|
"information is returned as a status line using the format:\n"
|
||||||
"\n"
|
"\n"
|
||||||
" KEYINFO <keygrip> T <serialno> <idstr>\n"
|
" KEYINFO <keygrip> T <serialno> <idstr> <usage>\n"
|
||||||
"\n"
|
"\n"
|
||||||
"KEYGRIP is the keygrip.\n"
|
"KEYGRIP is the keygrip.\n"
|
||||||
"\n"
|
"\n"
|
||||||
@ -2243,9 +2243,13 @@ static const char hlp_keyinfo[] =
|
|||||||
" smartcard. If the serial number is not known a single\n"
|
" smartcard. If the serial number is not known a single\n"
|
||||||
" dash '-' is used instead.\n"
|
" dash '-' is used instead.\n"
|
||||||
"\n"
|
"\n"
|
||||||
"IDSTR is the IDSTR used to distinguish keys on a smartcard. If it\n"
|
"IDSTR is a string used to distinguish keys on a smartcard. If it\n"
|
||||||
" is not known a dash is used instead.\n"
|
" is not known a dash is used instead.\n"
|
||||||
"\n"
|
"\n"
|
||||||
|
"USAGE is a string of capabilities of the key, 's' for sign, \n"
|
||||||
|
"'e' for encryption, 'a' for auth, and 'c' for cert. If it is not\n"
|
||||||
|
"known a dash is used instead.\n"
|
||||||
|
"\n"
|
||||||
"More information may be added in the future.";
|
"More information may be added in the future.";
|
||||||
static gpg_error_t
|
static gpg_error_t
|
||||||
cmd_keyinfo (assuan_context_t ctx, char *line)
|
cmd_keyinfo (assuan_context_t ctx, char *line)
|
||||||
@ -2290,14 +2294,15 @@ cmd_keyinfo (assuan_context_t ctx, char *line)
|
|||||||
* line. */
|
* line. */
|
||||||
void
|
void
|
||||||
send_keyinfo (ctrl_t ctrl, int data, const char *keygrip_str,
|
send_keyinfo (ctrl_t ctrl, int data, const char *keygrip_str,
|
||||||
const char *serialno, const char *idstr)
|
const char *serialno, const char *idstr, const char *usage)
|
||||||
{
|
{
|
||||||
char *string;
|
char *string;
|
||||||
assuan_context_t ctx = ctrl->server_local->assuan_ctx;
|
assuan_context_t ctx = ctrl->server_local->assuan_ctx;
|
||||||
|
|
||||||
string = xtryasprintf ("%s T %s %s%s", keygrip_str,
|
string = xtryasprintf ("%s T %s %s %s%s", keygrip_str,
|
||||||
serialno? serialno : "-",
|
serialno? serialno : "-",
|
||||||
idstr? idstr : "-",
|
idstr? idstr : "-",
|
||||||
|
usage? usage : "-",
|
||||||
data? "\n" : "");
|
data? "\n" : "");
|
||||||
|
|
||||||
if (!string)
|
if (!string)
|
||||||
|
@ -140,7 +140,8 @@ gpg_error_t send_status_direct (ctrl_t ctrl,
|
|||||||
gpg_error_t send_status_printf (ctrl_t ctrl, const char *keyword,
|
gpg_error_t send_status_printf (ctrl_t ctrl, const char *keyword,
|
||||||
const char *format, ...) GPGRT_ATTR_PRINTF(3,4);
|
const char *format, ...) GPGRT_ATTR_PRINTF(3,4);
|
||||||
void send_keyinfo (ctrl_t ctrl, int data, const char *keygrip_str,
|
void send_keyinfo (ctrl_t ctrl, int data, const char *keygrip_str,
|
||||||
const char *serialno, const char *idstr);
|
const char *serialno, const char *idstr,
|
||||||
|
const char *usage);
|
||||||
|
|
||||||
void pincache_put (ctrl_t ctrl, int slot, const char *appname,
|
void pincache_put (ctrl_t ctrl, int slot, const char *appname,
|
||||||
const char *pinref, const char *pin, unsigned int pinlen);
|
const char *pinref, const char *pin, unsigned int pinlen);
|
||||||
|
Loading…
x
Reference in New Issue
Block a user