From 873b2b0da1086f9c493527a46815f68f5dac1bcd Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Wed, 18 Oct 2023 15:43:22 +0200 Subject: doc: Minor typo fixes. -- --- sm/keylist.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'sm/keylist.c') diff --git a/sm/keylist.c b/sm/keylist.c index fabd82224..d6eccfc45 100644 --- a/sm/keylist.c +++ b/sm/keylist.c @@ -54,7 +54,7 @@ struct list_external_parm_s #define OID_FLAG_SKIP 1 /* The extension is a simple UTF8String and should be printed. */ #define OID_FLAG_UTF8 2 -/* The extension can be trnted as a hex string. */ +/* The extension can be printed as a hex string. */ #define OID_FLAG_HEX 4 /* Define if this specififies a key purpose. */ #define OID_FLAG_KP 8 @@ -208,6 +208,8 @@ static struct { "1.3.6.1.4.1.311.21.6", "ms-keyRecovery", OID_FLAG_KP }, { "1.3.6.1.4.1.311.21.19", "ms-dsEmailReplication", OID_FLAG_KP }, + /* BSI policies. */ + /* Other vendor extensions. */ { "1.3.6.1.4.1.30205.13.1.1", "trusted-disk", OID_FLAG_KP }, { "1.2.840.113583.1.1.5", "pdfAuthenticDocumentsTrust", OID_FLAG_KP }, -- cgit v1.2.3 From 97708e2ac72253fa1ddbcde63b23095ac2d1604f Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Tue, 24 Oct 2023 14:22:05 +0200 Subject: sm: Flag Brainpool curves as compliant. * sm/keylist.c (print_compliance_flags): Add arg curve. (list_cert_colon): Pass curve to the compliance check. -- GnuPG-bug-id: 6253 --- sm/keylist.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'sm/keylist.c') diff --git a/sm/keylist.c b/sm/keylist.c index d6eccfc45..e84eb31d3 100644 --- a/sm/keylist.c +++ b/sm/keylist.c @@ -430,7 +430,7 @@ email_kludge (const char *name) * number. NBITS is the length of the key in bits. */ static void print_compliance_flags (ksba_cert_t cert, int algo, unsigned int nbits, - estream_t fp) + const char *curvename, estream_t fp) { int indent = 0; int hashalgo; @@ -438,7 +438,7 @@ print_compliance_flags (ksba_cert_t cert, int algo, unsigned int nbits, /* Note that we do not need to test for PK_ALGO_FLAG_RSAPSS because * that is not a property of the key but one of the created * signature. */ - if (gnupg_pk_is_compliant (CO_DE_VS, algo, 0, NULL, nbits, NULL)) + if (gnupg_pk_is_compliant (CO_DE_VS, algo, 0, NULL, nbits, curvename)) { hashalgo = gcry_md_map_name (ksba_cert_get_digest_algo (cert)); if (gnupg_digest_is_compliant (CO_DE_VS, hashalgo)) @@ -629,7 +629,7 @@ list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity, if (curve) es_fputs (curve, fp); es_putc (':', fp); /* End of field 17. */ - print_compliance_flags (cert, algo, nbits, fp); + print_compliance_flags (cert, algo, nbits, curve, fp); es_putc (':', fp); /* End of field 18. */ es_putc ('\n', fp); -- cgit v1.2.3 From 2c3c049fd8a001dc9937e5ac3884831b6e25d2da Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Tue, 24 Oct 2023 14:51:16 +0200 Subject: sm: Flag Brainpool curves as compliant for all other operations. * sm/fingerprint.c (gpgsm_get_key_algo_info2): Rename to (gpgsm_get_key_algo_info): this. Remove the old wrapper. Adjust all callers. * sm/decrypt.c (gpgsm_decrypt): Pass the curve to the compliance checker. * sm/encrypt.c (gpgsm_encrypt): Ditto. * sm/sign.c (gpgsm_sign): Ditto. * sm/verify.c (gpgsm_verify): Ditto. -- GnuPG-bug-id: 6253 --- sm/keylist.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'sm/keylist.c') diff --git a/sm/keylist.c b/sm/keylist.c index e84eb31d3..ed1b74729 100644 --- a/sm/keylist.c +++ b/sm/keylist.c @@ -562,7 +562,7 @@ list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity, if (*truststring) es_fputs (truststring, fp); - algo = gpgsm_get_key_algo_info2 (cert, &nbits, &curve); + algo = gpgsm_get_key_algo_info (cert, &nbits, &curve); es_fprintf (fp, ":%u:%d:%s:", nbits, algo, fpr+24); ksba_cert_get_validity (cert, 0, t); -- cgit v1.2.3