3 files changed, 56 insertions, 21 deletions

diff --git a/tools/ChangeLog b/tools/ChangeLog
index 0de5f3336..c29689bde 100644
--- a/tools/ChangeLog
+++ b/tools/ChangeLog
@@ -1,3 +1,11 @@
+2006-10-23  Werner Koch  <[email protected]>
+
+	* gpgconf-comp.c <gpgsm>: Add --cipher-algo.
+
+2006-10-20  Werner Koch  <[email protected]>
+
+	* gpgsm-gencert.sh: Enhanced the main menu. 
+
 2006-10-12  Werner Koch  <[email protected]>
 
 	* Makefile.am (gpg-zip, gpgsplit): Do not install due to a
diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c
index 04a61a193..65cdc0a82 100644
--- a/tools/gpgconf-comp.c
+++ b/tools/gpgconf-comp.c
@@ -676,6 +676,9 @@ static gc_option_t gc_options_gpgsm[] =
    { "auto-issuer-key-retrieve", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
      "gnupg", "fetch missing issuer certificates",
      GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
+   { "cipher-algo", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
+     "gnupg", "|NAME|use cipher algorithm NAME",
+     GC_ARG_TYPE_STRING, GC_BACKEND_GPGSM },
 
    GC_OPTION_NULL
  };
diff --git a/tools/gpgsm-gencert.sh b/tools/gpgsm-gencert.sh
index 19e961f03..ea96bb2e9 100755
--- a/tools/gpgsm-gencert.sh
+++ b/tools/gpgsm-gencert.sh
@@ -84,29 +84,53 @@ query_user_menu()
     echo "You selected: $ANSWER" >&2
 }
 
-query_user_menu "Key type" "RSA" "existing key" "OPENPGP.1" "OPENPGP.3"
-case "$ANSWER" in
-  RSA)
-    KEY_TYPE=$ANSWER
-    query_user_menu "Key length" "1024" "2048"
-    KEY_LENGTH=$ANSWER
-    KEY_GRIP=
-    ;;
-  existing*)
-    # User requested to use an existing key; need to set some dummy defaults
-    KEY_TYPE=RSA 
-    KEY_LENGTH=1024
-    query_user "Keygrip "
-    KEY_GRIP=$ANSWER
-    ;;
-  *) 
-    KEY_TYPE="card:$ANSWER"
-    KEY_LENGTH=
-    KEY_GRIP=
-    ;;
-esac
 
 
+KEY_TYPE=""
+while [ -z "$KEY_TYPE" ]; do
+  query_user_menu "Key type" "RSA" "Existing key" "Direct from card"
+  case "$ANSWER" in
+    RSA)
+      KEY_TYPE=$ANSWER
+      query_user_menu "Key length" "1024" "2048"
+      KEY_LENGTH=$ANSWER
+      KEY_GRIP=
+      ;;
+    Existing*)
+      # User requested to use an existing key; need to set some dummy defaults
+      query_user "Keygrip "
+      if [ -n "$ANSWER" ]; then
+        KEY_TYPE=RSA 
+        KEY_LENGTH=1024
+        KEY_GRIP=$ANSWER
+      fi
+      ;;
+    Direct*)
+      tmp=$(echo 'SCD SERIALNO' | gpg-connect-agent | \
+            awk '$2 == "SERIALNO" {print $3}') 
+      if [ -z "$tmp" ]; then
+          echo "No card found" >&2
+      else
+        echo "Card with S/N $tmp found" >&2
+        tmp=$(echo 'SCD LEARN --force' | gpg-connect-agent | \
+              awk '$2 == "KEYPAIRINFO" {printf " %s", $4}')
+        sshid=$(echo 'SCD GETATTR $AUTHKEYID' | gpg-connect-agent | \
+                awk '$2 == "$AUTHKEYID" {print $3}') 
+        [ -n "$sshid" ] && echo "gpg-agent uses $sshid as ssh key" >&2
+        query_user_menu "Select key " $tmp "back"
+        if [ "$ANSWER" != "back" ]; then
+          KEY_TYPE="card:$ANSWER"
+          KEY_LENGTH=
+          KEY_GRIP=
+        fi
+      fi
+      ;;
+    *)
+      exit 1
+      ;;   
+  esac
+done
+
 query_user_menu "Key usage" "sign, encrypt" "sign" "encrypt"
 KEY_USAGE=$ANSWER