security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

agent: Create and use Token entries to track the display s/n.

Browse source 
* agent/divert-scd.c (linefeed_to_percent0A): New.
(ask_for_card): Add arg grip.  Read Token and Label items and use
them.
(divert_pksign, divert_pkdecrypt): Pass down grip.
* agent/findkey.c (write_extended_private_key): Add args serialno,
keyref, and dispserialno.  Writen Token item.
(agent_write_private_key): Add args serialno, keyref, and
dispserialno.
(read_key_file): Add arg r_keymeta.
(agent_keymeta_from_file): New.
(agent_write_shadow_key): Remove leading spaces from serialno and keyid.
* agent/protect-tool.c (agent_write_private_key): Ditto.
* agent/learncard.c (agent_handle_learn): Get DISPSERIALNO and pass to
agent_write_shadow_key.
* agent/command-ssh.c (card_key_available): Ditto.
--

GnuPG-bug-id: 6135

This patch backports some changes from master but also adds the
Display-S/N tracking.
This commit is contained in:
Werner Koch 2022-08-15 12:49:56 +02:00
parent 706adf6691
commit dc9b242628
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
10 changed files with 272 additions and 36 deletions
Download patch file Download diff file Expand all files Collapse all files

11
agent/command.c
View file

@ -1040,7 +1040,12 @@ cmd_readkey (assuan_context_t ctx, char *line)
if (agent_key_available (grip))
{
/* (Shadow)-key is not available in our key storage. */
rc = agent_write_shadow_key (grip, serialno, keyid, pkbuf, 0);
char *dispserialno;
agent_card_getattr (ctrl, "$DISPSERIALNO", &dispserialno);
rc = agent_write_shadow_key (grip, serialno, keyid, pkbuf, 0,
dispserialno);
xfree (dispserialno);
if (rc)
goto leave;
}
@ -2425,11 +2430,11 @@ cmd_import_key (assuan_context_t ctx, char *line)
ctrl->s2k_count, -1);
if (!err)
err = agent_write_private_key (grip, finalkey, finalkeylen, force,
opt_timestamp);
opt_timestamp, NULL, NULL, NULL);
}
else
err = agent_write_private_key (grip, key, realkeylen, force,
opt_timestamp);
opt_timestamp, NULL, NULL, NULL);
leave:
gcry_sexp_release (openpgp_sexp);