diff options
| author | Werner Koch <wk@gnupg.org> | 2020-02-11 20:51:33 +0100 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2020-02-11 20:51:33 +0100 |
| commit | 9c719c9c1ff34cc06a0fef2bfe29cfd7182753eb (patch) | |
| tree | 747fcf6be3254cbf593b92f9492104af3afd7dbf /g10/call-agent.h | |
| parent | scd:openpgp: Send a KEY-TIME status with READKEY (diff) | |
| download | gnupg2-9c719c9c1ff34cc06a0fef2bfe29cfd7182753eb.tar.xz gnupg2-9c719c9c1ff34cc06a0fef2bfe29cfd7182753eb.zip | |
gpg: Improve key creation direct from the card.
* g10/call-agent.c (readkey_status_cb): New.
(agent_scd_readkey): Add new arg r_keytime and allow NULL for
r_result. Change all callers.
(agent_readkey): Minor code reformatting.
* g10/keygen.c (pCARDKEY): New.
(struct para_data_s): Add u.bool.
(get_parameter_bool): New.
(do_create_from_keygrip): Add arg cardkey and make use of it.
(ask_algo): Add args r_cardkey and r_keytime. Read the keytime of the
selected card key and return it.
(generate_keypair): Store CARDKEY and KEYTIME.
(do_generate_keypair): Pass CARDKEY to do_create_from_keygrip.
(generate_subkeypair): Ditto.
--
This allows to first create keys on the card (e.g. using gpg-card)
even without having any public key for OpenPGP. Then the key
generation option 14 (cardkey) can be used to create a primary OpenPGP
key from the key on the card.
There are still a couple of problems related to the agent which
creates the stub key and may run into problems if creating a second
key from the card. This will be fixed in a future patch.
Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'g10/call-agent.h')
| -rw-r--r-- | g10/call-agent.h | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/g10/call-agent.h b/g10/call-agent.h index 9d865b90f..5d0fc5e7e 100644 --- a/g10/call-agent.h +++ b/g10/call-agent.h @@ -137,7 +137,8 @@ int agent_scd_readcert (const char *certidstr, void **r_buf, size_t *r_buflen); /* Send a READKEY command to the SCdaemon. */ -gpg_error_t agent_scd_readkey (const char *keyrefstr, gcry_sexp_t *r_result); +gpg_error_t agent_scd_readkey (const char *keyrefstr, + gcry_sexp_t *r_result, u32 *r_keytime); /* Change the PIN of an OpenPGP card or reset the retry counter. */ int agent_scd_change_pin (int chvno, const char *serialno); @@ -183,7 +184,7 @@ gpg_error_t agent_genkey (ctrl_t ctrl, const char *passphrase, gcry_sexp_t *r_pubkey); -/* Read a public key. */ +/* Read a public key. FROMCARD may be 0, 1, or 2. */ gpg_error_t agent_readkey (ctrl_t ctrl, int fromcard, const char *hexkeygrip, unsigned char **r_pubkey); |