diff options
| author | Werner Koch <[email protected]> | 2023-11-07 19:07:45 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2023-11-07 19:38:27 +0000 |
| commit | 387ee7dcbd77d19687af967901ed4818cbdb8b3c (patch) | |
| tree | 3fc63cd303b2d07454794064e4e6528df2dbf42c /sm/keylist.c | |
| parent | doc: Use the em dash to mark a break in a sentence. (diff) | |
| parent | w32: Use utf8 for the asctimestamp function. (diff) | |
| download | gnupg-387ee7dcbd77d19687af967901ed4818cbdb8b3c.tar.gz gnupg-387ee7dcbd77d19687af967901ed4818cbdb8b3c.zip | |
Merge branch 'STABLE-BRANCH-2-4'
* common/b64dec.c (b64decode): Move to ...
* common/miscellaneous.c: here.
* common/t-b64.c: Re-inroduce and keep only the b64decode test code.
Diffstat (limited to 'sm/keylist.c')
| -rw-r--r-- | sm/keylist.c | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/sm/keylist.c b/sm/keylist.c index fabd82224..ed1b74729 100644 --- a/sm/keylist.c +++ b/sm/keylist.c @@ -54,7 +54,7 @@ struct list_external_parm_s #define OID_FLAG_SKIP 1 /* The extension is a simple UTF8String and should be printed. */ #define OID_FLAG_UTF8 2 -/* The extension can be trnted as a hex string. */ +/* The extension can be printed as a hex string. */ #define OID_FLAG_HEX 4 /* Define if this specififies a key purpose. */ #define OID_FLAG_KP 8 @@ -208,6 +208,8 @@ static struct { "1.3.6.1.4.1.311.21.6", "ms-keyRecovery", OID_FLAG_KP }, { "1.3.6.1.4.1.311.21.19", "ms-dsEmailReplication", OID_FLAG_KP }, + /* BSI policies. */ + /* Other vendor extensions. */ { "1.3.6.1.4.1.30205.13.1.1", "trusted-disk", OID_FLAG_KP }, { "1.2.840.113583.1.1.5", "pdfAuthenticDocumentsTrust", OID_FLAG_KP }, @@ -428,7 +430,7 @@ email_kludge (const char *name) * number. NBITS is the length of the key in bits. */ static void print_compliance_flags (ksba_cert_t cert, int algo, unsigned int nbits, - estream_t fp) + const char *curvename, estream_t fp) { int indent = 0; int hashalgo; @@ -436,7 +438,7 @@ print_compliance_flags (ksba_cert_t cert, int algo, unsigned int nbits, /* Note that we do not need to test for PK_ALGO_FLAG_RSAPSS because * that is not a property of the key but one of the created * signature. */ - if (gnupg_pk_is_compliant (CO_DE_VS, algo, 0, NULL, nbits, NULL)) + if (gnupg_pk_is_compliant (CO_DE_VS, algo, 0, NULL, nbits, curvename)) { hashalgo = gcry_md_map_name (ksba_cert_get_digest_algo (cert)); if (gnupg_digest_is_compliant (CO_DE_VS, hashalgo)) @@ -560,7 +562,7 @@ list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity, if (*truststring) es_fputs (truststring, fp); - algo = gpgsm_get_key_algo_info2 (cert, &nbits, &curve); + algo = gpgsm_get_key_algo_info (cert, &nbits, &curve); es_fprintf (fp, ":%u:%d:%s:", nbits, algo, fpr+24); ksba_cert_get_validity (cert, 0, t); @@ -627,7 +629,7 @@ list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity, if (curve) es_fputs (curve, fp); es_putc (':', fp); /* End of field 17. */ - print_compliance_flags (cert, algo, nbits, fp); + print_compliance_flags (cert, algo, nbits, curve, fp); es_putc (':', fp); /* End of field 18. */ es_putc ('\n', fp); |