mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
scd:p15: Make $SIGNKEY et al determination more fault tolerant.
* scd/app-p15.c (do_getattr): Change how we use gpgUsage to figure out the keys to use.
This commit is contained in:
parent
c56926f773
commit
964363e788
@ -4118,10 +4118,10 @@ do_getattr (app_t app, ctrl_t ctrl, const char *name)
|
|||||||
char *buf;
|
char *buf;
|
||||||
|
|
||||||
/* We return the ID of the first private key capable of the
|
/* We return the ID of the first private key capable of the
|
||||||
* requested action. IF any gpgusage flag has been set for the
|
* requested action. If any gpgusage flag has been set for the
|
||||||
* card we use the key only if both the P15 usage and the
|
* card we consult the gpgusage flags and not the regualr usage
|
||||||
* gpgusage are set. This allows allows to single out the keys
|
* flags.
|
||||||
* dedicated to OpenPGP. */
|
*/
|
||||||
/* FIXME: This changed: Note that we do not yet return
|
/* FIXME: This changed: Note that we do not yet return
|
||||||
* non_repudiation keys for $SIGNKEYID because our D-Trust
|
* non_repudiation keys for $SIGNKEYID because our D-Trust
|
||||||
* testcard uses rsaPSS, which is not supported by gpgsm and not
|
* testcard uses rsaPSS, which is not supported by gpgsm and not
|
||||||
@ -4129,19 +4129,24 @@ do_getattr (app_t app, ctrl_t ctrl, const char *name)
|
|||||||
for (prkdf = app->app_local->private_key_info; prkdf;
|
for (prkdf = app->app_local->private_key_info; prkdf;
|
||||||
prkdf = prkdf->next)
|
prkdf = prkdf->next)
|
||||||
{
|
{
|
||||||
if (name[1] == 'A' && (prkdf->usageflags.sign
|
if (app->app_local->any_gpgusage)
|
||||||
|| prkdf->usageflags.sign_recover)
|
{
|
||||||
&& (!app->app_local->any_gpgusage || prkdf->gpgusage.auth))
|
if ((name[1] == 'A' && prkdf->gpgusage.auth)
|
||||||
|
|| (name[1] == 'E' && prkdf->gpgusage.encr)
|
||||||
|
|| (name[1] == 'S' && prkdf->gpgusage.sign))
|
||||||
break;
|
break;
|
||||||
else if (name[1] == 'E' && (prkdf->usageflags.decrypt
|
}
|
||||||
|| prkdf->usageflags.unwrap)
|
else
|
||||||
&& (!app->app_local->any_gpgusage || prkdf->gpgusage.encr))
|
{
|
||||||
break;
|
if ((name[1] == 'A' && (prkdf->usageflags.sign
|
||||||
else if (name[1] == 'S' && (prkdf->usageflags.sign
|
|| prkdf->usageflags.sign_recover))
|
||||||
|| prkdf->usageflags.sign_recover)
|
|| (name[1] == 'E' && (prkdf->usageflags.decrypt
|
||||||
&& (!app->app_local->any_gpgusage || prkdf->gpgusage.sign))
|
|| prkdf->usageflags.unwrap))
|
||||||
|
|| (name[1] == 'S' && (prkdf->usageflags.sign
|
||||||
|
|| prkdf->usageflags.sign_recover)))
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
}
|
||||||
if (prkdf)
|
if (prkdf)
|
||||||
{
|
{
|
||||||
buf = keyref_from_prkdf (app, prkdf);
|
buf = keyref_from_prkdf (app, prkdf);
|
||||||
|
Loading…
x
Reference in New Issue
Block a user