diff options
| author | Werner Koch <[email protected]> | 2020-02-11 13:58:17 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2020-02-11 13:58:17 +0000 |
| commit | 6bc7318ef55017e1aca6e52899fd0b223da7cfc1 (patch) | |
| tree | e45cd5ff46fc26def8b6744fb0cc4f93b2023168 | |
| parent | scd:openpgp: Optional allow for lowercase keyrefs. (diff) | |
| download | gnupg-6bc7318ef55017e1aca6e52899fd0b223da7cfc1.tar.gz gnupg-6bc7318ef55017e1aca6e52899fd0b223da7cfc1.zip | |
card: First code to actually create openpgp keys.
* tools/gpg-card.c (generate_all_openpgp_card_keys): Add demo key
generation.
(generate_key): Allow generatiing one OpenPGP key.
--
This does now allows to create a single OpenPGP key optioanlly with a
specified parameter. For example to create an auth key:
gpg-card generate --algo=ed25519 OPENPGP.3
Using option --force will overwrite and already existing key.
scdaemon does here take care of swicthing the key attributes before
generating the key.
TODO: We need to add some more stuff to app-openpgp so that the user
is not annoyed by beeing asked to enter the Admin-PIN twice (change
the key attributes clear the verification state). gpg's key
generation also needs some tweaks for using an existing card key which
has no key stub in private-keys-v1.d.
Signed-off-by: Werner Koch <[email protected]>
| -rw-r--r-- | tools/gpg-card.c | 18 | ||||
| -rw-r--r-- | tools/gpg-card.h | 2 |
2 files changed, 3 insertions, 17 deletions
diff --git a/tools/gpg-card.c b/tools/gpg-card.c index 3d87e2ef2..902c4932a 100644 --- a/tools/gpg-card.c +++ b/tools/gpg-card.c @@ -2140,7 +2140,7 @@ generate_all_openpgp_card_keys (card_info_t info, char **algos) * tell gpg to use them to create the OpenPGP keyblock. */ /* generate_keypair (ctrl, 1, NULL, info.serialno, want_backup); */ (void)want_backup; - err = gpg_error (GPG_ERR_NOT_IMPLEMENTED); + err = scd_genkey ("OPENPGP.1", 1, NULL, NULL); leave: restore_forced_chv1 (&forced_chv1); @@ -2172,22 +2172,8 @@ generate_key (card_info_t info, const char *keyref, int force, err = ask_replace_keys (NULL); if (err) goto leave; + force = 1; } - - log_debug ("current algo is: %s\n", kinfo->keyalgo); - if (algo) - { - log_debug ("setting algo to: %s\n", algo); - /* OpenPGP cards require us to set the key attributes prior - * to generation because the generate command does not take - * key attributes. Actually this should be hidden by - * scd/app-openpgp but that is not the case. */ - - - - } - goto leave; - /* err = generate_openpgp (info); */ } err = scd_genkey (keyref, force, algo, NULL); diff --git a/tools/gpg-card.h b/tools/gpg-card.h index 5d75c2bb9..391241686 100644 --- a/tools/gpg-card.h +++ b/tools/gpg-card.h @@ -1,5 +1,5 @@ /* gpg-card.h - Common definitions for the gpg-card-tool - * Copyright (C) 2019 g10 Code GmbH + * Copyright (C) 2019, 2020 g10 Code GmbH * * This file is part of GnuPG. * |