mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
* sign.c (gpgsm_sign): Include the error source in the final error
message. * decrypt.c (gpgsm_decrypt): Ditto. * fingerprint.c (gpgsm_get_key_algo_info): New. * sign.c (gpgsm_sign): Don't assume RSA in the status line. * keylist.c (list_cert_colon): Really print the algorithm and key length. (list_cert_raw, list_cert_std): Ditto. * gpgsm.h (opt): Add member CONFIG_FILENAME. * gpgsm.c (main): Use it here instead of the local var.
This commit is contained in:
parent
ac791c0a9a
commit
fdb1933917
10
sm/ChangeLog
10
sm/ChangeLog
@ -1,5 +1,15 @@
|
|||||||
2004-05-11 Werner Koch <wk@gnupg.org>
|
2004-05-11 Werner Koch <wk@gnupg.org>
|
||||||
|
|
||||||
|
* sign.c (gpgsm_sign): Include the error source in the final error
|
||||||
|
message.
|
||||||
|
* decrypt.c (gpgsm_decrypt): Ditto.
|
||||||
|
|
||||||
|
* fingerprint.c (gpgsm_get_key_algo_info): New.
|
||||||
|
* sign.c (gpgsm_sign): Don't assume RSA in the status line.
|
||||||
|
* keylist.c (list_cert_colon): Really print the algorithm and key
|
||||||
|
length.
|
||||||
|
(list_cert_raw, list_cert_std): Ditto.
|
||||||
|
|
||||||
* gpgsm.c: New option --debug-allow-core-dump.
|
* gpgsm.c: New option --debug-allow-core-dump.
|
||||||
|
|
||||||
* gpgsm.h (opt): Add member CONFIG_FILENAME.
|
* gpgsm.h (opt): Add member CONFIG_FILENAME.
|
||||||
|
@ -495,7 +495,8 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, FILE *out_fp)
|
|||||||
if (rc)
|
if (rc)
|
||||||
{
|
{
|
||||||
gpgsm_status (ctrl, STATUS_DECRYPTION_FAILED, NULL);
|
gpgsm_status (ctrl, STATUS_DECRYPTION_FAILED, NULL);
|
||||||
log_error ("message decryption failed: %s\n", gpg_strerror (rc));
|
log_error ("message decryption failed: %s <%s>\n",
|
||||||
|
gpg_strerror (rc), gpg_strsource (rc));
|
||||||
}
|
}
|
||||||
ksba_cms_release (cms);
|
ksba_cms_release (cms);
|
||||||
gpgsm_destroy_reader (b64reader);
|
gpgsm_destroy_reader (b64reader);
|
||||||
|
@ -198,6 +198,66 @@ gpgsm_get_keygrip_hexstring (ksba_cert_t cert)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/* Return the PK algorithm used by CERT as well as the length in bits
|
||||||
|
of the public key at NBITS. */
|
||||||
|
int
|
||||||
|
gpgsm_get_key_algo_info (ksba_cert_t cert, unsigned int *nbits)
|
||||||
|
{
|
||||||
|
gcry_sexp_t s_pkey;
|
||||||
|
int rc;
|
||||||
|
ksba_sexp_t p;
|
||||||
|
size_t n;
|
||||||
|
gcry_sexp_t l1, l2;
|
||||||
|
const char *name;
|
||||||
|
char namebuf[128];
|
||||||
|
|
||||||
|
if (nbits)
|
||||||
|
*nbits = 0;
|
||||||
|
|
||||||
|
p = ksba_cert_get_public_key (cert);
|
||||||
|
if (!p)
|
||||||
|
return 0;
|
||||||
|
n = gcry_sexp_canon_len (p, 0, NULL, NULL);
|
||||||
|
if (!n)
|
||||||
|
{
|
||||||
|
xfree (p);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
rc = gcry_sexp_sscan (&s_pkey, NULL, p, n);
|
||||||
|
xfree (p);
|
||||||
|
if (rc)
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
if (nbits)
|
||||||
|
*nbits = gcry_pk_get_nbits (s_pkey);
|
||||||
|
|
||||||
|
/* Breaking the algorithm out of the S-exp is a bit of a challenge ... */
|
||||||
|
l1 = gcry_sexp_find_token (s_pkey, "public-key", 0);
|
||||||
|
if (!l1)
|
||||||
|
{
|
||||||
|
gcry_sexp_release (s_pkey);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
l2 = gcry_sexp_cadr (l1);
|
||||||
|
gcry_sexp_release (l1);
|
||||||
|
l1 = l2;
|
||||||
|
name = gcry_sexp_nth_data (l1, 0, &n);
|
||||||
|
if (name)
|
||||||
|
{
|
||||||
|
if (n > sizeof namebuf -1)
|
||||||
|
n = sizeof namebuf -1;
|
||||||
|
memcpy (namebuf, name, n);
|
||||||
|
namebuf[n] = 0;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
*namebuf = 0;
|
||||||
|
gcry_sexp_release (l1);
|
||||||
|
gcry_sexp_release (s_pkey);
|
||||||
|
return gcry_pk_map_name (namebuf);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/* For certain purposes we need a certificate id which has an upper
|
/* For certain purposes we need a certificate id which has an upper
|
||||||
limit of the size. We use the hash of the issuer name and the
|
limit of the size. We use the hash of the issuer name and the
|
||||||
|
@ -179,6 +179,7 @@ char *gpgsm_get_fingerprint_hexstring (ksba_cert_t cert, int algo);
|
|||||||
unsigned long gpgsm_get_short_fingerprint (ksba_cert_t cert);
|
unsigned long gpgsm_get_short_fingerprint (ksba_cert_t cert);
|
||||||
char *gpgsm_get_keygrip (ksba_cert_t cert, char *array);
|
char *gpgsm_get_keygrip (ksba_cert_t cert, char *array);
|
||||||
char *gpgsm_get_keygrip_hexstring (ksba_cert_t cert);
|
char *gpgsm_get_keygrip_hexstring (ksba_cert_t cert);
|
||||||
|
int gpgsm_get_key_algo_info (ksba_cert_t cert, unsigned int *nbits);
|
||||||
char *gpgsm_get_certid (ksba_cert_t cert);
|
char *gpgsm_get_certid (ksba_cert_t cert);
|
||||||
|
|
||||||
|
|
||||||
|
26
sm/keylist.c
26
sm/keylist.c
@ -296,6 +296,8 @@ list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity,
|
|||||||
char *fpr;
|
char *fpr;
|
||||||
ksba_isotime_t t;
|
ksba_isotime_t t;
|
||||||
gpg_error_t valerr;
|
gpg_error_t valerr;
|
||||||
|
int algo;
|
||||||
|
unsigned int nbits;
|
||||||
|
|
||||||
if (ctrl->with_validation)
|
if (ctrl->with_validation)
|
||||||
valerr = gpgsm_validate_chain (ctrl, cert, NULL, 1, NULL, 0);
|
valerr = gpgsm_validate_chain (ctrl, cert, NULL, 1, NULL, 0);
|
||||||
@ -330,10 +332,8 @@ list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity,
|
|||||||
fputs (truststring, fp);
|
fputs (truststring, fp);
|
||||||
|
|
||||||
fpr = gpgsm_get_fingerprint_hexstring (cert, GCRY_MD_SHA1);
|
fpr = gpgsm_get_fingerprint_hexstring (cert, GCRY_MD_SHA1);
|
||||||
fprintf (fp, ":%u:%d:%s:",
|
algo = gpgsm_get_key_algo_info (cert, &nbits);
|
||||||
/*keylen_of_cert (cert)*/1024,
|
fprintf (fp, ":%u:%d:%s:", nbits, algo, fpr+24);
|
||||||
/* pubkey_algo_of_cert (cert)*/1,
|
|
||||||
fpr+24);
|
|
||||||
|
|
||||||
/* We assume --fixed-list-mode for gpgsm */
|
/* We assume --fixed-list-mode for gpgsm */
|
||||||
ksba_cert_get_validity (cert, 0, t);
|
ksba_cert_get_validity (cert, 0, t);
|
||||||
@ -547,6 +547,14 @@ list_cert_raw (ctrl_t ctrl, ksba_cert_t cert, FILE *fp, int have_secret,
|
|||||||
s = get_oid_desc (oid, NULL);
|
s = get_oid_desc (oid, NULL);
|
||||||
fprintf (fp, " hashAlgo: %s%s%s%s\n", oid, s?" (":"",s?s:"",s?")":"");
|
fprintf (fp, " hashAlgo: %s%s%s%s\n", oid, s?" (":"",s?s:"",s?")":"");
|
||||||
|
|
||||||
|
{
|
||||||
|
const char *algoname;
|
||||||
|
unsigned int nbits;
|
||||||
|
|
||||||
|
algoname = gcry_pk_algo_name (gpgsm_get_key_algo_info (cert, &nbits));
|
||||||
|
fprintf (fp, " keyType: %u bit %s\n", nbits, algoname? algoname:"?");
|
||||||
|
}
|
||||||
|
|
||||||
/* authorityKeyIdentifier */
|
/* authorityKeyIdentifier */
|
||||||
fputs (" authKeyId: ", fp);
|
fputs (" authKeyId: ", fp);
|
||||||
err = ksba_cert_get_auth_key_id (cert, NULL, &name, &sexp);
|
err = ksba_cert_get_auth_key_id (cert, NULL, &name, &sexp);
|
||||||
@ -829,6 +837,16 @@ list_cert_std (ctrl_t ctrl, ksba_cert_t cert, FILE *fp, int have_secret,
|
|||||||
gpgsm_print_time (fp, t);
|
gpgsm_print_time (fp, t);
|
||||||
putc ('\n', fp);
|
putc ('\n', fp);
|
||||||
|
|
||||||
|
|
||||||
|
{
|
||||||
|
const char *algoname;
|
||||||
|
unsigned int nbits;
|
||||||
|
|
||||||
|
algoname = gcry_pk_algo_name (gpgsm_get_key_algo_info (cert, &nbits));
|
||||||
|
fprintf (fp, " key type: %u bit %s\n", nbits, algoname? algoname:"?");
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
err = ksba_cert_get_key_usage (cert, &kusage);
|
err = ksba_cert_get_key_usage (cert, &kusage);
|
||||||
if (gpg_err_code (err) != GPG_ERR_NO_DATA)
|
if (gpg_err_code (err) != GPG_ERR_NO_DATA)
|
||||||
{
|
{
|
||||||
|
@ -616,12 +616,15 @@ gpgsm_sign (CTRL ctrl, CERTLIST signerlist,
|
|||||||
gcry_md_close (md);
|
gcry_md_close (md);
|
||||||
goto leave;
|
goto leave;
|
||||||
}
|
}
|
||||||
|
{
|
||||||
|
int pkalgo = gpgsm_get_key_algo_info (cl->cert, NULL);
|
||||||
rc = asprintf (&buf, "%c %d %d 00 %s %s",
|
rc = asprintf (&buf, "%c %d %d 00 %s %s",
|
||||||
detached? 'D':'S',
|
detached? 'D':'S',
|
||||||
GCRY_PK_RSA, /* FIXME: get pk algo from cert */
|
pkalgo,
|
||||||
algo,
|
algo,
|
||||||
signed_at,
|
signed_at,
|
||||||
fpr);
|
fpr);
|
||||||
|
}
|
||||||
xfree (fpr);
|
xfree (fpr);
|
||||||
if (rc < 0)
|
if (rc < 0)
|
||||||
{
|
{
|
||||||
@ -651,7 +654,8 @@ gpgsm_sign (CTRL ctrl, CERTLIST signerlist,
|
|||||||
|
|
||||||
leave:
|
leave:
|
||||||
if (rc)
|
if (rc)
|
||||||
log_error ("error creating signature: %s\n", gpg_strerror (rc));
|
log_error ("error creating signature: %s <%s>\n",
|
||||||
|
gpg_strerror (rc), gpg_strsource (rc) );
|
||||||
if (release_signerlist)
|
if (release_signerlist)
|
||||||
gpgsm_release_certlist (signerlist);
|
gpgsm_release_certlist (signerlist);
|
||||||
ksba_cms_release (cms);
|
ksba_cms_release (cms);
|
||||||
|
Loading…
x
Reference in New Issue
Block a user