scd:openpgp: Return key creation time as part of KEYPARIINFO.

* scd/app-openpgp.c (send_keypair_info): Reaturn the key creation time as part of a KEYPAIRINFO. (do_readkey): Do not return the KEY-TIME anymore. -- Sending the KEY_TIME status as part of a READKEY command was only recently added. It is better to merge that into the KEYPAIRINFO line. Another patch with chnage this for the consumers of that info. Signed-off-by: Werner Koch <wk@gnupg.org>
author: Werner Koch <wk@gnupg.org> 2020-02-13 11:51:54 +0100
committer: Werner Koch <wk@gnupg.org> 2020-02-13 11:52:10 +0100
commit: 1ad84aabb410e56bea074b82a06fe32b2897b660 (patch)
tree: b6971a32bbff825bdf53f8ab09c5b36c37fa0f4f
parent: agent: Allow signing with card key even without a stub key. (diff)
download: gnupg2-1ad84aabb410e56bea074b82a06fe32b2897b660.tar.xz
gnupg2-1ad84aabb410e56bea074b82a06fe32b2897b660.zip
3 files changed, 25 insertions, 18 deletions
diff --git a/doc/DETAILS b/doc/DETAILS
index bd00006e9..eb8abe4b4 100644
--- a/doc/DETAILS
+++ b/doc/DETAILS
@@ -1157,6 +1157,20 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
     that the keyboxd SEARCH command can be used to lookup the public
     key using the <ubid> prefixed with a caret (^).
 
+*** KEYPAIRINFO <grip> <keyref> [<usage>] [<keytime>]
+    This status is emitted by scdaemon and gpg-agent to convey brief
+    information about keypairs stored on tokens.  <grip> is the
+    hexified keygrip of the key or, if no key is stored, an "X".
+    <keyref> is the ID of a card's key; for example "OPENPGP.2" for
+    the second key slot of an OpenPGP card.  <usage> is optional and
+    returns technically possible key usages, this is a string of
+    single letters describing the usage ('c' for certify, 'e' for
+    encryption, 's' for signing, 'a' for authentication). A '-' can be
+    used to tell that usage flags are not conveyed.  <keytime> is used
+    by OpenPGP cards for the stored key creation time.  A '-' means no
+    info available.  The format is the usual ISO string are a number
+    with the seconds since Epoch.
+
 * Format of the --attribute-fd output
 
   When --attribute-fd is set, during key listings (--list-keys,
diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c
index 283202366..c13830541 100644
--- a/scd/app-openpgp.c
+++ b/scd/app-openpgp.c
@@ -1881,8 +1881,8 @@ send_keypair_info (app_t app, ctrl_t ctrl, int key)
 {
   int keyno = key - 1;
   gpg_error_t err = 0;
-  char idbuf[50];
   const char *usage;
+  u32 fprtime;
 
   err = get_public_key (app, keyno);
   if (err)
@@ -1897,15 +1897,15 @@ send_keypair_info (app_t app, ctrl_t ctrl, int key)
     case 0: usage = "sc"; break;
     case 1: usage = "e";  break;
     case 2: usage = "sa"; break;
-    default: usage = "";  break;
+    default: usage = "-";  break;
     }
 
-  sprintf (idbuf, "OPENPGP.%d", keyno+1);
-  send_status_info (ctrl, "KEYPAIRINFO",
-                    app->app_local->pk[keyno].keygrip_str, 40,
-                    idbuf, strlen (idbuf),
-                    usage, strlen (usage),
-                    NULL, (size_t)0);
+  if (retrieve_fprtime_from_card (app, keyno, &fprtime))
+    fprtime = 0;
+
+  err = send_status_printf (ctrl, "KEYPAIRINFO", "%s OPENPGP.%d %s %lu",
+                            app->app_local->pk[keyno].keygrip_str,
+                            keyno+1, usage, (unsigned long)fprtime);
 
  leave:
   return err;
@@ -1968,7 +1968,6 @@ do_readkey (app_t app, ctrl_t ctrl, const char *keyid, unsigned int flags,
   gpg_error_t err;
   int keyno;
   unsigned char *buf;
-  u32 fprtime;
 
   if (strlen (keyid) == 40)
     {
@@ -2006,13 +2005,6 @@ do_readkey (app_t app, ctrl_t ctrl, const char *keyid, unsigned int flags,
       err = send_keypair_info (app, ctrl, keyno+1);
       if (err)
         return err;
-      if (!retrieve_fprtime_from_card (app, keyno, &fprtime))
-        {
-          err = send_status_printf (ctrl, "KEY-TIME", "OPENPGP.%d %lu",
-                                    keyno+1, (unsigned long)fprtime);
-          if (err)
-            return err;
-        }
     }
 
   if (pk && pklen)
diff --git a/scd/command.c b/scd/command.c
index 1b8a0aa7e..c3ca93846 100644
--- a/scd/command.c
+++ b/scd/command.c
@@ -452,8 +452,9 @@ static const char hlp_learn[] =
   "  S KEYPAIRINFO <hexstring_with_keygrip> <hexstring_with_id> [<usage>]\n"
   "\n"
   "If there is no certificate yet stored on the card a single 'X' is\n"
-  "returned as the keygrip.  In addition to the keypair info, information\n"
-  "about all certificates stored on the card is also returned:\n"
+  "returned as the keygrip.  For more info see doc/DETAILS.  In addition\n"
+  "to the keypair info, information about all certificates stored on the\n"
+  "card is also returned:\n"
   "\n"
   "  S CERTINFO <certtype> <hexstring_with_id>\n"
   "\n"
author	Werner Koch <wk@gnupg.org>	2020-02-13 11:51:54 +0100
committer	Werner Koch <wk@gnupg.org>	2020-02-13 11:52:10 +0100
commit	1ad84aabb410e56bea074b82a06fe32b2897b660 (patch)
tree	b6971a32bbff825bdf53f8ab09c5b36c37fa0f4f
parent	agent: Allow signing with card key even without a stub key. (diff)
download	gnupg2-1ad84aabb410e56bea074b82a06fe32b2897b660.tar.xz gnupg2-1ad84aabb410e56bea074b82a06fe32b2897b660.zip