mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-03 12:11:33 +01:00
sm: Let --dump-cert --show-cert also print an OpenPGP fingerprint.
* sm/keylist.c (list_cert_raw): Print the OpenPGP fpr. -- This is useful for debugging for example if an OpenPGP key is used to create an X.509 cert. Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch
parent
98c52aeb31
commit
52bbdc731f
52
sm/keylist.c
52
sm/keylist.c
@ -792,6 +792,8 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd,
|
|||||||
ksba_name_t name, name2;
|
ksba_name_t name, name2;
|
||||||
unsigned int reason;
|
unsigned int reason;
|
||||||
const unsigned char *cert_der = NULL;
|
const unsigned char *cert_der = NULL;
|
||||||
|
char *algostr;
|
||||||
|
int algoid;
|
||||||
|
|
||||||
(void)have_secret;
|
(void)have_secret;
|
||||||
|
|
||||||
@ -845,6 +847,47 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd,
|
|||||||
es_fprintf (fp, " md5_fpr: %s\n", dn?dn:"error");
|
es_fprintf (fp, " md5_fpr: %s\n", dn?dn:"error");
|
||||||
xfree (dn);
|
xfree (dn);
|
||||||
|
|
||||||
|
algoid = 0;
|
||||||
|
algostr = gpgsm_pubkey_algo_string (cert, &algoid);
|
||||||
|
|
||||||
|
/* For RSA we support printing an OpenPGP v4 fingerprint under the
|
||||||
|
* assumption that the not-before date would be used as the OpenPGP
|
||||||
|
* key creation date. */
|
||||||
|
if (algoid == GCRY_PK_RSA)
|
||||||
|
{
|
||||||
|
ksba_sexp_t pk;
|
||||||
|
size_t pklen;
|
||||||
|
const unsigned char *m, *e;
|
||||||
|
size_t mlen, elen;
|
||||||
|
unsigned char fpr20[20];
|
||||||
|
time_t tmpt;
|
||||||
|
unsigned long keytime;
|
||||||
|
|
||||||
|
pk = ksba_cert_get_public_key (cert);
|
||||||
|
if (pk)
|
||||||
|
{
|
||||||
|
ksba_cert_get_validity (cert, 0, t);
|
||||||
|
tmpt = isotime2epoch (t);
|
||||||
|
keytime = (tmpt == (time_t)(-1))? 0 : (u32)tmpt;
|
||||||
|
|
||||||
|
pklen = gcry_sexp_canon_len (pk, 0, NULL, NULL);
|
||||||
|
if (!pklen)
|
||||||
|
log_error ("libksba did not return a proper S-Exp\n");
|
||||||
|
else if (!get_rsa_pk_from_canon_sexp (pk, pklen,
|
||||||
|
&m, &mlen, &e, &elen)
|
||||||
|
&& !compute_openpgp_fpr_rsa (4,
|
||||||
|
keytime,
|
||||||
|
m, mlen, e, elen,
|
||||||
|
fpr20, NULL))
|
||||||
|
{
|
||||||
|
char *fpr = bin2hex (fpr20, 20, NULL);
|
||||||
|
es_fprintf (fp, " pgp_fpr: %s\n", fpr);
|
||||||
|
xfree (fpr);
|
||||||
|
}
|
||||||
|
ksba_free (pk);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
dn = gpgsm_get_certid (cert);
|
dn = gpgsm_get_certid (cert);
|
||||||
es_fprintf (fp, " certid: %s\n", dn?dn:"error");
|
es_fprintf (fp, " certid: %s\n", dn?dn:"error");
|
||||||
xfree (dn);
|
xfree (dn);
|
||||||
@ -866,13 +909,7 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd,
|
|||||||
s = get_oid_desc (oid, 0, NULL);
|
s = get_oid_desc (oid, 0, NULL);
|
||||||
es_fprintf (fp, " hashAlgo: %s%s%s%s\n", oid, s?" (":"",s?s:"",s?")":"");
|
es_fprintf (fp, " hashAlgo: %s%s%s%s\n", oid, s?" (":"",s?s:"",s?")":"");
|
||||||
|
|
||||||
{
|
es_fprintf (fp, " keyType: %s\n", algostr? algostr : "[error]");
|
||||||
char *algostr;
|
|
||||||
|
|
||||||
algostr = gpgsm_pubkey_algo_string (cert, NULL);
|
|
||||||
es_fprintf (fp, " keyType: %s\n", algostr? algostr : "[error]");
|
|
||||||
xfree (algostr);
|
|
||||||
}
|
|
||||||
|
|
||||||
/* subjectKeyIdentifier */
|
/* subjectKeyIdentifier */
|
||||||
es_fputs (" subjKeyId: ", fp);
|
es_fputs (" subjKeyId: ", fp);
|
||||||
@ -1154,6 +1191,7 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd,
|
|||||||
es_fprintf (fp, " [stored as ephemeral]\n");
|
es_fprintf (fp, " [stored as ephemeral]\n");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
xfree (algostr);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user