* findkey.c (agent_public_key_from_file): Fixed array assignment.

This was the cause for random segvs. * call-agent.c (gpgsm_agent_readkey): New.
2025-07-02 22:46:30 +02:00 · 2005-07-25 14:35:04 +00:00 · 2005-07-25 14:35:04 +00:00 · a2d1673d66
commit a2d1673d66
parent 99f403b015
8 changed files with 91 additions and 24 deletions
--- a/sm/call-agent.c
+++ b/sm/call-agent.c
@ -1,5 +1,5 @@
 /* call-agent.c - divert operations to the agent
- *	Copyright (C) 2001, 2002, 2003 Free Software Foundation, Inc.
+ *	Copyright (C) 2001, 2002, 2003, 2005 Free Software Foundation, Inc.
 *
 * This file is part of GnuPG.
 *
@ -432,6 +432,51 @@ gpgsm_agent_genkey (ctrl_t ctrl,
  return 0;
 }

+
+/* Call the agent to read the public key part for a given keygrip.  */
+int
+gpgsm_agent_readkey (ctrl_t ctrl, const char *hexkeygrip,
+                     ksba_sexp_t *r_pubkey)
+{
+  int rc;
+  membuf_t data;
+  size_t len;
+  unsigned char *buf;
+  char line[ASSUAN_LINELENGTH];
+
+  *r_pubkey = NULL;
+  rc = start_agent (ctrl);
+  if (rc)
+    return rc;
+
+  rc = assuan_transact (agent_ctx, "RESET",NULL, NULL, NULL, NULL, NULL, NULL);
+  if (rc)
+    return map_assuan_err (rc);
+
+  snprintf (line, DIM(line)-1, "READKEY %s", hexkeygrip);
+  line[DIM(line)-1] = 0;
+
+  init_membuf (&data, 1024);
+  rc = assuan_transact (agent_ctx, line,
+                        membuf_data_cb, &data, 
+                        NULL, NULL, NULL, NULL);
+  if (rc)
+    {
+      xfree (get_membuf (&data, &len));
+      return map_assuan_err (rc);
+    }
+  buf = get_membuf (&data, &len);
+  if (!buf)
+    return gpg_error (GPG_ERR_ENOMEM);
+  if (!gcry_sexp_canon_len (buf, len, NULL, NULL))
+    {
+      xfree (buf);
+      return gpg_error (GPG_ERR_INV_SEXP);
+    }
+  *r_pubkey = buf;
+  return 0;
+}
+

 /* Ask the agent whether the certificate is in the list of trusted
   keys */
--- a/sm/certreqgen.c
+++ b/sm/certreqgen.c
@ -63,6 +63,9 @@ The format of the native parameter file is follows:
        algorithm is "rsa".
     Key-Length: <length-in-bits>
 	Length of the key in bits.  Default is 1024.
+     Key-Grip: hexstring
+        This is optional and used to generate a request for an already
+        existsing key.  Key-Length will be ignored when given,
     Key-Usage: <usage-list>
        Space or comma delimited list of key usage, allowed values are
        "encrypt" and "sign".  This is used to generate the KeyUsage extension.
@ -111,6 +114,7 @@ EOF
 enum para_name {
  pKEYTYPE,
  pKEYLENGTH,
+  pKEYGRIP,
  pKEYUSAGE,
  pNAMEDN,
  pNAMEEMAIL,
@ -252,6 +256,7 @@ read_parameters (ctrl_t ctrl, FILE *fp, ksba_writer_t writer)
  } keywords[] = {
    { "Key-Type",       pKEYTYPE},
    { "Key-Length",     pKEYLENGTH },
+    { "Key-Grip",       pKEYGRIP },
    { "Key-Usage",      pKEYUSAGE },
    { "Name-DN",        pNAMEDN },
    { "Name-Email",     pNAMEEMAIL, 1 },
@ -502,16 +507,32 @@ proc_parameters (ctrl_t ctrl,
        }
    }

-  sprintf (numbuf, "%u", nbits);
-  snprintf ((char*)keyparms, DIM (keyparms)-1, 
-            "(6:genkey(3:rsa(5:nbits%d:%s)))", (int)strlen (numbuf), numbuf);
-  rc = gpgsm_agent_genkey (ctrl, keyparms, &public);
-  if (rc)
+  s = get_parameter_value (para, pKEYGRIP, 0);
+  if (s) /* Use existing key.  */
    {
-      r = get_parameter (para, pKEYTYPE, 0);
-      log_error (_("line %d: key generation failed: %s\n"),
-                 r->lnr, gpg_strerror (rc));
-      return rc;
+      rc = gpgsm_agent_readkey (ctrl, s, &public);
+      if (rc)
+        {
+          r = get_parameter (para, pKEYTYPE, 0);
+          log_error (_("line %d: error getting key by keygrip `%s': %s\n"),
+                     r->lnr, s, gpg_strerror (rc));
+          return rc;
+        }
+    }
+  else /* Generate new key.  */
+    {
+      sprintf (numbuf, "%u", nbits);
+      snprintf ((char*)keyparms, DIM (keyparms)-1, 
+                "(6:genkey(3:rsa(5:nbits%d:%s)))",
+                (int)strlen (numbuf), numbuf);
+      rc = gpgsm_agent_genkey (ctrl, keyparms, &public);
+      if (rc)
+        {
+          r = get_parameter (para, pKEYTYPE, 0);
+          log_error (_("line %d: key generation failed: %s\n"),
+                     r->lnr, gpg_strerror (rc));
+          return rc;
+        }
    }

  rc = create_request (ctrl, para, public, outctrl);
--- a/sm/gpgsm.h
+++ b/sm/gpgsm.h
@ -299,6 +299,8 @@ int gpgsm_agent_pkdecrypt (ctrl_t ctrl, const char *keygrip, const char *desc,
                           char **r_buf, size_t *r_buflen);
 int gpgsm_agent_genkey (ctrl_t ctrl,
                        ksba_const_sexp_t keyparms, ksba_sexp_t *r_pubkey);
+int gpgsm_agent_readkey (ctrl_t ctrl, const char *hexkeygrip,
+                         ksba_sexp_t *r_pubkey);
 int gpgsm_agent_istrusted (ctrl_t ctrl, ksba_cert_t cert);
 int gpgsm_agent_havekey (ctrl_t ctrl, const char *hexkeygrip);
 int gpgsm_agent_marktrusted (ctrl_t ctrl, ksba_cert_t cert);