2 files changed, 29 insertions, 11 deletions

diff --git a/gpgmeplug/cryptplug.h b/gpgmeplug/cryptplug.h
index db2d8c07..c3a09792 100644
--- a/gpgmeplug/cryptplug.h
+++ b/gpgmeplug/cryptplug.h
@@ -1600,9 +1600,11 @@ const char* requestCertificateDialog( void );
 
 /*! \ingroup groupCertAct
    \brief Generates a prototype certificate with the data provided
-        in the four parameter.
+        in the four parameter. The memory returned in \a generatedKey
+        must be freed with free() by the caller.
 */
-bool requestDecentralCertificate( const char* certparms, char** generatedKey );
+bool requestDecentralCertificate( const char* certparms, 
+                                  char** generatedKey, int* keyLength );
 
 /*! \ingroup groupCertAct
    \brief Requests a certificate in a PSE from the CA
diff --git a/gpgmeplug/gpgmeplug.c b/gpgmeplug/gpgmeplug.c
index 65276b71..63bd83e0 100644
--- a/gpgmeplug/gpgmeplug.c
+++ b/gpgmeplug/gpgmeplug.c
@@ -1530,23 +1530,39 @@ bool decryptAndCheckMessage( const char* ciphertext,
 
 const char* requestCertificateDialog(){ return 0; }
 
-bool requestDecentralCertificate( const char* certparms, char** generatedKey )
+bool requestDecentralCertificate( const char* certparms, 
+                                  char** generatedKey, int* length )
 {
+    GpgmeError err;
     GpgmeCtx ctx;
-    GpgmeError err = gpgme_new (&ctx);
+    GpgmeData pub, result;
+    int len;
+
+    err = gpgme_data_new (&pub);
     if( err != GPGME_No_Error )
         return false;
 
-    gpgme_set_protocol (ctx, GPGMEPLUG_PROTOCOL);
-
-    gpgme_set_armor (ctx, __GPGMEPLUG_SIGNATURE_CODE_IS_BINARY ? 0 : 1);
+    err = gpgme_new (&ctx);
+    if( err != GPGME_No_Error ) {
+        gpgme_data_release( pub );
+        return false;
+    }
 
-    if( gpgme_op_genkey( ctx, certparms, NULL, NULL ) == GPGME_No_Error )
-        return true;
-    else
+    gpgme_set_protocol (ctx, GPGME_PROTOCOL_CMS);
+    /* We want binary, so comment this: gpgme_set_armor (ctx, 1); */
+    err = gpgme_op_genkey (ctx, certparms, pub, NULL );
+    if( err != GPGME_No_Error ) {
+        gpgme_data_release( pub );
+        gpgme_release( ctx );
         return false;
+    }
+
+    gpgme_release (ctx);
+    *generatedKey = gpgme_data_release_and_get_mem (pub, &len);
+    *length = len;
 
-    gpgme_release( ctx );
+    /* The buffer generatedKey contains the LEN bytes you want */
+    // Caller is responsible for freeing
 }
 
 bool requestCentralCertificateAndPSE( const char* name,