gpg: Let --card--status create a shadow key (card key stub).

* agent/command.c (cmd_learn): Add option --sendinfo. * agent/learncard.c (agent_handle_learn): Add arg "send" andsend certifciate only if that is set. * g10/call-agent.c (agent_scd_learn): Use --sendinfo. Make INFO optional. (agent_learn): Remove. * g10/keygen.c (gen_card_key): Replace agent_learn by agent_scd_learn. -- The requirement of using --card-status on the first use of card on a new box is a bit annoying but the alternative of always checking whether a card is available before a decryption starts does not sound promising either. Signed-off-by: Werner Koch <wk@gnupg.org>
2024-06-15 00:29:49 +02:00 · 2014-12-12 12:35:45 +01:00 · 2014-12-12 12:35:45 +01:00 · f3f9f9b284
commit f3f9f9b284
parent 193815030d
6 changed files with 26 additions and 40 deletions
--- a/agent/agent.h
+++ b/agent/agent.h
@ -492,7 +492,7 @@ int agent_card_scd (ctrl_t ctrl, const char *cmdline,
 /*-- learncard.c --*/
-int agent_handle_learn (ctrl_t ctrl, void *assuan_context);
+int agent_handle_learn (ctrl_t ctrl, int send, void *assuan_context);
 #endif /*AGENT_H*/
--- a/agent/command.c
+++ b/agent/command.c
@ -1619,21 +1619,26 @@ cmd_get_confirmation (assuan_context_t ctx, char *line)
 static const char hlp_learn[] =
-  "LEARN [--send]\n"
+  "LEARN [--send][--sendinfo]\n"
  "\n"
  "Learn something about the currently inserted smartcard.  With\n"
-  "--send the new certificates are send back.";
+  "--sendinfo information about the card is returned; with --send\n"
  "the available certificates are returned as D lines.";
 static gpg_error_t
 cmd_learn (assuan_context_t ctx, char *line)
 {
  ctrl_t ctrl = assuan_get_pointer (ctx);
-  int rc;
+  gpg_error_t err;
  int send, sendinfo;
  send = has_option (line, "--send");
  sendinfo = send? 1 : has_option (line, "--sendinfo");
  if (ctrl->restricted)
    return leave_cmd (ctx, gpg_error (GPG_ERR_FORBIDDEN));
-  rc = agent_handle_learn (ctrl, has_option (line, "--send")? ctx : NULL);
+  err = agent_handle_learn (ctrl, send, sendinfo? ctx : NULL);
-  return leave_cmd (ctx, rc);
+  return leave_cmd (ctx, err);
 }
--- a/agent/learncard.c
+++ b/agent/learncard.c
@ -296,10 +296,10 @@ send_cert_back (ctrl_t ctrl, const char *id, void *assuan_context)
  return 0;
 }
-/* Perform the learn operation.  If ASSUAN_CONTEXT is not NULL all new
+/* Perform the learn operation.  If ASSUAN_CONTEXT is not NULL and
-   certificates are send back via Assuan.  */
+   SEND is true all new certificates are send back via Assuan.  */
 int
-agent_handle_learn (ctrl_t ctrl, void *assuan_context)
+agent_handle_learn (ctrl_t ctrl, int send, void *assuan_context)
 {
  int rc;
@ -369,7 +369,7 @@ agent_handle_learn (ctrl_t ctrl, void *assuan_context)
            log_info ("          id: %s    (type=%d)\n",
                      citem->id, citem->type);
-          if (assuan_context)
+          if (assuan_context && send)
            {
              rc = send_cert_back (ctrl, citem->id, assuan_context);
              if (rc)
@ -439,9 +439,9 @@ agent_handle_learn (ctrl_t ctrl, void *assuan_context)
        }
      if (opt.verbose)
-        log_info ("stored\n");
+        log_info ("          id: %s - shadow key created\n", item->id);
-      if (assuan_context)
+      if (assuan_context && send)
        {
          CERTINFO citem;
--- a/g10/call-agent.c
+++ b/g10/call-agent.c
@ -655,6 +655,7 @@ agent_scd_learn (struct agent_card_info_s *info)
 {
  int rc;
  struct default_inq_parm_s parm;
  struct agent_card_info_s dummyinfo;
  memset (&parm, 0, sizeof parm);
@ -674,42 +675,25 @@ agent_scd_learn (struct agent_card_info_s *info)
  if (rc)
    return rc;
  if (!info)
    info = &dummyinfo;
  parm.ctx = agent_ctx;
  memset (info, 0, sizeof *info);
-  rc = assuan_transact (agent_ctx, "SCD LEARN --force",
+  rc = assuan_transact (agent_ctx, "LEARN --sendinfo",
                        dummy_data_cb, NULL, default_inq_cb, &parm,
                        learn_status_cb, info);
  /* Also try to get the key attributes.  */
  if (!rc)
    agent_scd_getattr ("KEY-ATTR", info);
  if (info == &dummyinfo)
    agent_release_card_info (info);
  return rc;
 }
 /* Call the agent to learn about the current smartcard.  This is
   currently only used to have the agent create the shadow key.  */
 gpg_error_t
 agent_learn (void)
 {
  gpg_error_t err;
  struct default_inq_parm_s parm;
  memset (&parm, 0, sizeof parm);
  err = start_agent (NULL, 1);
  if (err)
    return err;
  parm.ctx = agent_ctx;
  err = assuan_transact (agent_ctx, "LEARN",
                         dummy_data_cb, NULL, default_inq_cb, &parm,
                         NULL, NULL);
  return err;
 }
 int
 agent_keytocard (const char *hexgrip, int keyno, int force,
                 const char *serialno, const char *timestamp)
--- a/g10/call-agent.h
+++ b/g10/call-agent.h
@ -78,9 +78,6 @@ void agent_release_card_info (struct agent_card_info_s *info);
 /* Return card info. */
 int agent_scd_learn (struct agent_card_info_s *info);
 /* Let the agent learn about the current card.  */
 gpg_error_t agent_learn (void);
 /* Update INFO with the attribute NAME. */
 int agent_scd_getattr (const char *name, struct agent_card_info_s *info);
--- a/g10/keygen.c
+++ b/g10/keygen.c
@ -4447,7 +4447,7 @@ gen_card_key (int algo, int keyno, int is_primary, kbnode_t pub_root,
  /* Send the learn command so that the agent creates a shadow key for
     card key.  We need to do that now so that we are able to create
     the self-signatures. */
-  err = agent_learn ();
+  err = agent_scd_learn (NULL);
  if (err)
    {
      /* Oops: Card removed during generation.  */