* gpgsm.c (main): Set the prefixes for assuan logging.

* sign.c (gpgsm_sign): Add validation checks for the default
certificate.

* gpgsm.c: Add -k as alias for --list-keys and -K for
--list-secret-keys.

4 files changed, 30 insertions, 6 deletions

diff --git a/sm/ChangeLog b/sm/ChangeLog
index 2363eb91b..d19e5761d 100644
--- a/sm/ChangeLog
+++ b/sm/ChangeLog
@@ -1,3 +1,13 @@
+2003-12-16  Werner Koch  <[email protected]>
+
+	* gpgsm.c (main): Set the prefixes for assuan logging.
+
+	* sign.c (gpgsm_sign): Add validation checks for the default
+	certificate.
+
+	* gpgsm.c: Add -k as alias for --list-keys and -K for
+	--list-secret-keys.
+
 2003-12-15  Werner Koch  <[email protected]>
 
 	* encrypt.c (init_dek): Use gry_create_nonce for the IV; there is
diff --git a/sm/certlist.c b/sm/certlist.c
index 0dfe50e04..9eb3e7cfa 100644
--- a/sm/certlist.c
+++ b/sm/certlist.c
@@ -135,7 +135,7 @@ same_subject_issuer (const char *subject, const char *issuer, KsbaCert cert)
 
 /* Add a certificate to a list of certificate and make sure that it is
    a valid certificate.  With SECRET set to true a secret key must be
-   avaibale for the certificate. */
+   available for the certificate. */
 int
 gpgsm_add_to_certlist (CTRL ctrl, const char *name, int secret,
                        CERTLIST *listaddr)
@@ -190,7 +190,7 @@ gpgsm_add_to_certlist (CTRL ctrl, const char *name, int secret,
 
                 }
             }
-          /* we want the error code from the first match in this case */
+          /* We want the error code from the first match in this case. */
           if (rc && wrong_usage)
             rc = wrong_usage;
           
diff --git a/sm/gpgsm.c b/sm/gpgsm.c
index d3180adee..95f61132d 100644
--- a/sm/gpgsm.c
+++ b/sm/gpgsm.c
@@ -44,7 +44,8 @@ enum cmd_and_opt_values {
   aDecrypt	= 'd',
   aEncr	        = 'e',
   oInteractive  = 'i',
-  oKOption	= 'k',
+  aListKeys	= 'k',
+  aListSecretKeys = 'K',
   oDryRun	= 'n',
   oOutput	= 'o',
   oQuiet	= 'q',
@@ -68,10 +69,8 @@ enum cmd_and_opt_values {
   aImport,
   aVerify,
   aVerifyFiles,
-  aListKeys,
   aListExternalKeys,
   aListSigs,
-  aListSecretKeys,
   aSendKeys,
   aRecvKeys,
   aExport,
@@ -695,7 +694,11 @@ main ( int argc, char **argv)
   */
 
   ksba_set_malloc_hooks (gcry_malloc, gcry_realloc, gcry_free );
+
   assuan_set_malloc_hooks (gcry_malloc, gcry_realloc, gcry_free);
+  assuan_set_assuan_log_stream (log_get_stream ());
+  assuan_set_assuan_log_prefix (log_get_prefix (NULL));
+
   keybox_set_malloc_hooks (gcry_malloc, gcry_realloc, gcry_free);
 
   /* Setup a default control structure for command line mode */
diff --git a/sm/sign.c b/sm/sign.c
index 95ce8d5dd..38d8ca9ed 100644
--- a/sm/sign.c
+++ b/sm/sign.c
@@ -124,7 +124,7 @@ hash_and_copy_data (int fd, gcry_md_hd_t md, KsbaWriter writer)
 
 
 /* Get the default certificate which is defined as the first one our
-   keyDB retruns and has a secret key available */
+   keyDB returns and has a secret key available. */
 int
 gpgsm_get_default_cert (KsbaCert *r_cert)
 {
@@ -364,6 +364,17 @@ gpgsm_sign (CTRL ctrl, CERTLIST signerlist,
           rc = gpg_error (GPG_ERR_GENERAL);
           goto leave;
         }
+
+      /* Although we don't check for ambigious specification we will
+         check that the signer's certificate is is usable and
+         valid. */
+      rc = gpgsm_cert_use_sign_p (cert);
+      if (!rc)
+        rc = gpgsm_validate_chain (ctrl, cert, NULL);
+      if (rc)
+        goto leave;
+
+      /* That one is fine - create signerlist. */
       signerlist = xtrycalloc (1, sizeof *signerlist);
       if (!signerlist)
         {