From 97a2394ecafaa6f58e4a1f70ecfd04408dc15606 Mon Sep 17 00:00:00 2001 From: NIIBE Yutaka Date: Thu, 27 Apr 2017 10:33:58 +0900 Subject: [PATCH] g10: For signing, prefer available card key when no -u option. * g10/skclist.c (build_sk_list): Ask gpg-agent if card is available. Then, use the card key if any. -- GnuPG-bug-id: 1983 Signed-off-by: NIIBE Yutaka --- g10/skclist.c | 30 ++++++++++++++++++++++++++++-- 1 file changed, 28 insertions(+), 2 deletions(-) diff --git a/g10/skclist.c b/g10/skclist.c index a016b621f..489277ca5 100644 --- a/g10/skclist.c +++ b/g10/skclist.c @@ -31,6 +31,7 @@ #include "keydb.h" #include "../common/util.h" #include "../common/i18n.h" +#include "call-agent.h" /* Return true if Libgcrypt's RNG is in faked mode. */ @@ -126,13 +127,38 @@ build_sk_list (ctrl_t ctrl, select the best key. If a key specification is ambiguous and we are in batch mode, die. */ - if (!locusr) /* No user ids given - use the default key. */ + if (!locusr) /* No user ids given - use the card key or the default key. */ { + struct agent_card_info_s info; PKT_public_key *pk; + char *serialno; + memset (&info, 0, sizeof(info)); pk = xmalloc_clear (sizeof *pk); pk->req_usage = use; - if ((err = getkey_byname (ctrl, NULL, pk, NULL, 1, NULL))) + + /* Check if a card is available. If any, use it. */ + err = agent_scd_serialno (&serialno, NULL); + if (!err) + { + xfree (serialno); + err = agent_scd_getattr ("KEY-FPR", &info); + if (err) + log_error ("error retrieving key fingerprint from card: %s\n", + gpg_strerror (err)); + else if (info.fpr1valid) + { + if ((err = get_pubkey_byfprint (ctrl, pk, NULL, info.fpr1, 20))) + { + info.fpr1valid = 0; + log_error ("error on card key to sign: %s, try default\n", + gpg_strerror (err)); + } + } + } + + if (!info.fpr1valid + && (err = getkey_byname (ctrl, NULL, pk, NULL, 1, NULL))) { free_public_key (pk); pk = NULL;