From d1bee9d1efa28fa9d35b7eed1e616c6362fd044e Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Fri, 8 Feb 2019 12:35:26 +0100 Subject: [PATCH] sm: In --gen-key with "key from card" show also the algorithm. * sm/certreqgen-ui.c (gpgsm_gencertreq_tty): Get and show algo. -- This extends the prompt to show something like Serial number of the card: FF020001008A77F6 Available keys: (1) 4130F84FA3704F4645924AEC3FFA48AD26D33656 PIV.9A nistp384 (2) AB2988FB8C227BCD5175BF92F66AA3A95AE83214 PIV.9E rsa2048 (3) DB7DDAEAA88534BA45CCD7A9B761425103EA2090 PIV.9C rsa2048 (4) BABB48C3D80ACCF9839F101DF2910966C8B988DF PIV.9D nistp256 Your selection? 1 Having the algorithm here is helpful in particular because right now we support only RSA with X.509. Take care: PIV card based certificate creation does not yet work. Signed-off-by: Werner Koch (cherry picked from commit 0328976c94adc2c518c7a7763a35319a0000c5e2) Note that 2.2 does not support PIV cards, but the feature also works also with other cards. --- sm/certreqgen-ui.c | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/sm/certreqgen-ui.c b/sm/certreqgen-ui.c index 9772a3baf..b131d7db5 100644 --- a/sm/certreqgen-ui.c +++ b/sm/certreqgen-ui.c @@ -244,7 +244,27 @@ gpgsm_gencertreq_tty (ctrl_t ctrl, estream_t output_stream) { tty_printf (_("Available keys:\n")); for (count=1,sl=keypairlist; sl; sl = sl->next, count++) - tty_printf (" (%d) %s\n", count, sl->d); + { + ksba_sexp_t pkey; + gcry_sexp_t s_pkey; + char *algostr = NULL; + const char *keyref; + + keyref = strchr (sl->d, ' '); + if (keyref) + { + keyref++; + if (!gpgsm_agent_readkey (ctrl, 1, keyref, &pkey)) + { + if (!gcry_sexp_new (&s_pkey, pkey, 0, 0)) + algostr = pubkey_algo_string (s_pkey); + gcry_sexp_release (s_pkey); + } + xfree (pkey); + } + tty_printf (" (%d) %s %s\n", count, sl->d, algostr); + xfree (algostr); + } xfree (answer); answer = tty_get (_("Your selection? ")); tty_kill_prompt ();