More stuff for the audit-log.

2025-07-02 22:46:30 +02:00 · 2009-12-02 18:33:59 +00:00 · 2009-12-02 18:33:59 +00:00 · 9e83404751
commit 9e83404751
parent e1172f00be
11 changed files with 406 additions and 62 deletions
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@ -1143,11 +1143,11 @@ change_passphrase( KBNODE keyblock )
 	break;
      default:
 	if( sk->protect.s2k.mode == 1001 ) {
-	    tty_printf(_("Secret parts of primary key are not available.\n"));
+	    tty_printf(_("Secret parts of key are not available.\n"));
 	    no_primary_secrets = 1;
 	}
 	else if( sk->protect.s2k.mode == 1002 ) {
-	    tty_printf(_("Secret parts of primary key are stored on-card.\n"));
+	    tty_printf(_("Secret parts of key are stored on-card.\n"));
 	    no_primary_secrets = 1;
 	}
 	else {
@ -1365,8 +1365,8 @@ enum cmdids
    cmdADDREVOKER, cmdTOGGLE, cmdSELKEY, cmdPASSWD, cmdTRUST, cmdPREF,
    cmdEXPIRE, cmdBACKSIGN, cmdENABLEKEY, cmdDISABLEKEY, cmdSHOWPREF,
    cmdSETPREF, cmdPREFKS, cmdNOTATION, cmdINVCMD, cmdSHOWPHOTO, cmdUPDTRUST,
-    cmdCHKTRUST, cmdADDCARDKEY, cmdKEYTOCARD, cmdBKUPTOCARD, cmdCLEAN,
-    cmdMINIMIZE, cmdNOP
+    cmdCHKTRUST, cmdADDCARDKEY, cmdKEYTOCARD, cmdBKUPTOCARD, cmdCHECKBKUPKEY,
+    cmdCLEAN, cmdMINIMIZE, cmdNOP
  };

 static struct
@ -1423,6 +1423,8 @@ static struct
      N_("move a key to a smartcard")},
    { "bkuptocard", cmdBKUPTOCARD , KEYEDIT_NEED_SK|KEYEDIT_ONLY_SK, 
      N_("move a backup key to a smartcard")},
+    { "checkbkupkey", cmdCHECKBKUPKEY, KEYEDIT_NEED_SK|KEYEDIT_ONLY_SK, 
+      NULL},
 #endif /*ENABLE_CARD_SUPPORT*/

    { "delkey"  , cmdDELKEY    , KEYEDIT_NOT_SK,
@ -1940,6 +1942,7 @@ keyedit_menu( const char *username, strlist_t locusr,
          break;

        case cmdBKUPTOCARD:
+        case cmdCHECKBKUPKEY:
 	  {
            /* Ask for a filename, check whether this is really a
               backup key as generated by the card generation, parse
@ -1991,11 +1994,35 @@ keyedit_menu( const char *username, strlist_t locusr,
              }
            node = new_kbnode (pkt);

-            /* Store it.  */
-            if (card_store_subkey (node, 0))
+            if (cmd == cmdCHECKBKUPKEY)
              {
-                redisplay = 1;
-                sec_modified = 1;
+                PKT_secret_key *sk = node->pkt->pkt.secret_key;
+                switch (is_secret_key_protected (sk) )
+                  {
+                  case 0: /* Not protected. */
+                    tty_printf (_("This key is not protected.\n"));
+                    break;
+                  case -1:
+                    log_error (_("unknown key protection algorithm\n"));
+                    break;
+                  default:
+                    if (sk->protect.s2k.mode == 1001)
+                      tty_printf (_("Secret parts of key"
+                                    " are not available.\n"));
+                    if (sk->protect.s2k.mode == 1002)
+                      tty_printf (_("Secret parts of key"
+                                    " are stored on-card.\n"));
+                    else
+                      check_secret_key (sk, 0);
+                  }
+              }
+            else /* Store it.  */
+              {
+                if (card_store_subkey (node, 0))
+                  {
+                    redisplay = 1;
+                    sec_modified = 1;
+                  }
              }
            release_kbnode (node);
 	  }