diff options
| author | Werner Koch <[email protected]> | 2019-04-03 15:31:09 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2019-04-03 15:31:39 +0000 |
| commit | 679b8f1c045476bd6e0a1f1565379263143994ee (patch) | |
| tree | 8d8ead53669ed3a151a391a6767d654d40eef87d /scd/app-help.c | |
| parent | gpg: Allow decryption using PIV cards. (diff) | |
| download | gnupg-679b8f1c045476bd6e0a1f1565379263143994ee.tar.gz gnupg-679b8f1c045476bd6e0a1f1565379263143994ee.zip | |
scd: New options --info and --info-only for READKEY.
* scd/command.c (cmd_readkey): New options --info and --info-only.
* scd/app.c (app_readkey): New arg 'flags'.
* scd/app-common.h (APP_READKEY_FLAG_INFO): New.
(struct app_ctx_s): New args 'ctrl' and 'flags' for member readkey.
Change all implementers.
* scd/app-nks.c (do_readkey): Stub implementation of
APP_READKEY_FLAG_INFO.
* scd/app-openpgp.c (do_readkey): Implement APP_READKEY_FLAG_INFO.
* scd/app-piv.c (do_readkey): Ditto.
--
This feature allows to quickly get the keygrip and in most cases also
the usage flags for one specific keyref. Example:
<- readkey --info-only PIV.9D
-> S KEYPAIRINFO FC6061FB457224370B85C6F34DD56CD29E669620 PIV.9D e
-> OK
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to 'scd/app-help.c')
| -rw-r--r-- | scd/app-help.c | 45 |
1 files changed, 29 insertions, 16 deletions
diff --git a/scd/app-help.c b/scd/app-help.c index f0f551c55..59221ea9c 100644 --- a/scd/app-help.c +++ b/scd/app-help.c @@ -52,26 +52,17 @@ app_help_count_bits (const unsigned char *a, size_t len) } -/* Return the KEYGRIP for the certificate CERT as an hex encoded - string in the user provided buffer HEXKEYGRIP which must be of at - least 41 bytes. */ +/* Return the KEYGRIP for the canonical encoded public key (PK,PKLEN) + * as an hex encoded string in the user provided buffer HEXKEYGRIP + * which must be of at least 41 bytes. */ gpg_error_t -app_help_get_keygrip_string (ksba_cert_t cert, char *hexkeygrip) +app_help_get_keygrip_string_pk (const void *pk, size_t pklen, char *hexkeygrip) { gpg_error_t err; gcry_sexp_t s_pkey; - ksba_sexp_t p; - size_t n; - unsigned char array[20]; + unsigned char array[KEYGRIP_LEN]; - p = ksba_cert_get_public_key (cert); - if (!p) - return gpg_error (GPG_ERR_BUG); - n = gcry_sexp_canon_len (p, 0, NULL, NULL); - if (!n) - return gpg_error (GPG_ERR_INV_SEXP); - err = gcry_sexp_sscan (&s_pkey, NULL, (char*)p, n); - xfree (p); + err = gcry_sexp_sscan (&s_pkey, NULL, pk, pklen); if (err) return err; /* Can't parse that S-expression. */ if (!gcry_pk_get_keygrip (s_pkey, array)) @@ -81,12 +72,34 @@ app_help_get_keygrip_string (ksba_cert_t cert, char *hexkeygrip) } gcry_sexp_release (s_pkey); - bin2hex (array, 20, hexkeygrip); + bin2hex (array, KEYGRIP_LEN, hexkeygrip); return 0; } +/* Return the KEYGRIP for the certificate CERT as an hex encoded + string in the user provided buffer HEXKEYGRIP which must be of at + least 41 bytes. */ +gpg_error_t +app_help_get_keygrip_string (ksba_cert_t cert, char *hexkeygrip) +{ + gpg_error_t err; + ksba_sexp_t p; + size_t n; + + p = ksba_cert_get_public_key (cert); + if (!p) + return gpg_error (GPG_ERR_BUG); + n = gcry_sexp_canon_len (p, 0, NULL, NULL); + if (!n) + return gpg_error (GPG_ERR_INV_SEXP); + err = app_help_get_keygrip_string_pk ((void*)p, n, hexkeygrip); + ksba_free (p); + return err; +} + + gpg_error_t app_help_pubkey_from_cert (const void *cert, size_t certlen, unsigned char **r_pk, size_t *r_pklen) |