diff options
| author | Werner Koch <wk@gnupg.org> | 2017-02-14 10:55:13 +0100 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2017-02-14 10:55:13 +0100 |
| commit | b456e5be91dc064fc9509ea86edab113721ed299 (patch) | |
| tree | 1321c5f9494ae8ffb896388e0ce11ea78341deb0 /g10/export.c | |
| parent | dirmngr: Do a DNS lookup even if it is missing from nsswitch.conf. (diff) | |
| download | gnupg2-b456e5be91dc064fc9509ea86edab113721ed299.tar.xz gnupg2-b456e5be91dc064fc9509ea86edab113721ed299.zip | |
gpg: Make --export-ssh-key work for the primary key.
* g10/export.c (export_ssh_key): Also check the primary key.
--
If no suitable subkey was found for export, we now check whether the
primary key is suitable for export and export this one. Without this
change it was only possible to export the primary key by using the '!'
suffix in the key specification.
Also added a sample key for testing this.
GnuPG-bug-id: 2957
Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'g10/export.c')
| -rw-r--r-- | g10/export.c | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/g10/export.c b/g10/export.c index f354ca0f6..86681264d 100644 --- a/g10/export.c +++ b/g10/export.c @@ -2208,6 +2208,48 @@ export_ssh_key (ctrl_t ctrl, const char *userid) latest_key = node; } } + + /* If no subkey was suitable check the primary key. */ + if (!latest_key + && (node = keyblock) && node->pkt->pkttype == PKT_PUBLIC_KEY) + { + pk = node->pkt->pkt.public_key; + if (DBG_LOOKUP) + log_debug ("\tchecking primary key %08lX\n", + (ulong) keyid_from_pk (pk, NULL)); + if (!(pk->pubkey_usage & PUBKEY_USAGE_AUTH)) + { + if (DBG_LOOKUP) + log_debug ("\tprimary key not usable for authentication\n"); + } + else if (!pk->flags.valid) + { + if (DBG_LOOKUP) + log_debug ("\tprimary key not valid\n"); + } + else if (pk->flags.revoked) + { + if (DBG_LOOKUP) + log_debug ("\tprimary key has been revoked\n"); + } + else if (pk->has_expired) + { + if (DBG_LOOKUP) + log_debug ("\tprimary key has expired\n"); + } + else if (pk->timestamp > curtime && !opt.ignore_valid_from) + { + if (DBG_LOOKUP) + log_debug ("\tprimary key not yet valid\n"); + } + else + { + if (DBG_LOOKUP) + log_debug ("\tprimary key is fine\n"); + latest_date = pk->timestamp; + latest_key = node; + } + } } if (!latest_key) |