gpg: Support dual keygrips.

* g10/keyid.c (keygrip_from_pk): Add arg get_second to support dual algos. Implement for Kyber. (hexkeygrip_from_pk): Extend for dual algos. * g10/call-agent.c (agent_keytotpm): Bail out for dual algos. (agent_keytocard): Ditto. (agent_probe_secret_key): Handle dual algos. (agent_probe_any_secret_key): Ditto. (agent_get_keyinfo): Allow for dual algos but take only the first key. * g10/export.c (do_export_one_keyblock): Bail out for dual algos. -- This also adds some fixmes which we eventually need to address. GnuPG-bug-id: 6815
2025-07-02 22:46:30 +02:00 · 2024-04-05 12:02:32 +02:00 · 2024-04-05 12:02:32 +02:00 · 53c6b1e858
commit 53c6b1e858
parent ce8b25270b
10 changed files with 181 additions and 46 deletions
--- a/g10/sign.c
+++ b/g10/sign.c
@ -495,6 +495,7 @@ do_sign (ctrl_t ctrl, PKT_public_key *pksk, PKT_signature *sig,
      gcry_sexp_t s_sigval;

      desc = gpg_format_keydesc (ctrl, pksk, FORMAT_KEYDESC_NORMAL, 1);
+      /* FIXME: Eventually support dual keys.  */
      err = agent_pksign (NULL/*ctrl*/, cache_nonce, hexgrip, desc,
                          pksk->keyid, pksk->main_keyid, pksk->pubkey_algo,
                          dp, gcry_md_get_algo_dlen (mdalgo), mdalgo,
@ -580,6 +581,7 @@ openpgp_card_v1_p (PKT_public_key *pk)
    {
      char *hexgrip;

+      /* Note: No need to care about dual keys for non-RSA keys.  */
      err = hexkeygrip_from_pk (pk, &hexgrip);
      if (err)
        {