summaryrefslogtreecommitdiffstats
path: root/sm
diff options
context:
space:
mode:
authorWerner Koch <wk@gnupg.org>2001-11-24 23:20:38 +0100
committerWerner Koch <wk@gnupg.org>2001-11-24 23:20:38 +0100
commitf60dc501d2958a1d80de7a114d2f4eedc267f2d7 (patch)
treee457130952fc760aceec51a6d3d0d4566faccc42 /sm
parentAdd a copyright note to the bottom (diff)
downloadgnupg2-f60dc501d2958a1d80de7a114d2f4eedc267f2d7.tar.xz
gnupg2-f60dc501d2958a1d80de7a114d2f4eedc267f2d7.zip
Introduced the keygrip
Diffstat (limited to 'sm')
-rw-r--r--sm/fingerprint.c57
-rw-r--r--sm/gpgsm.h3
-rw-r--r--sm/keylist.c3
3 files changed, 63 insertions, 0 deletions
diff --git a/sm/fingerprint.c b/sm/fingerprint.c
index c6571ab14..29023c2ce 100644
--- a/sm/fingerprint.c
+++ b/sm/fingerprint.c
@@ -124,4 +124,61 @@ gpgsm_get_fingerprint_hexstring (KsbaCert cert, int algo)
return buf;
}
+
+/* Return the sop called KEYGRIP which is the SHA-1 hash of the public
+ key parameters expressed as an canoncial encoded S-Exp. array must
+ be 20 bytes long. returns the array or a newly allocated one if the
+ passed one was NULL */
+char *
+gpgsm_get_keygrip (KsbaCert cert, char *array)
+{
+ GCRY_SEXP s_pkey;
+ int rc, len;
+ char *buf, *p;
+
+ p = ksba_cert_get_public_key (cert);
+ if (!p)
+ return NULL; /* oops */
+
+ if (DBG_X509)
+ log_debug ("get_keygrip, public key: %s\n", p);
+ rc = gcry_sexp_sscan ( &s_pkey, NULL, p, strlen(p));
+ if (rc)
+ {
+ log_error ("gcry_sexp_scan failed: %s\n", gcry_strerror (rc));
+ return NULL;
+ }
+ /* and now convert it into canoncial form - fixme: we should modify
+ libksba to return it in this form */
+ len = gcry_sexp_sprint (s_pkey, GCRYSEXP_FMT_CANON, NULL, 0);
+ assert (len);
+ buf = xmalloc (len);
+ len = gcry_sexp_sprint (s_pkey, GCRYSEXP_FMT_CANON, buf, len);
+ assert (len);
+
+ if (!array)
+ array = xmalloc (20);
+
+ gcry_md_hash_buffer (GCRY_MD_SHA1, array, buf, len);
+ xfree (buf);
+
+ return array;
+}
+
+/* Return an allocated buffer with the keygrip of CERT in from of an
+ hexstring. NULL is returned in case of error */
+char *
+gpgsm_get_keygrip_hexstring (KsbaCert cert)
+{
+ unsigned char grip[20];
+ char *buf, *p;
+ int i;
+
+ gpgsm_get_keygrip (cert, grip);
+ buf = p = xmalloc (20*2+1);
+ for (i=0; i < 20; i++, p += 2 )
+ sprintf (p, "%02X", grip[i]);
+ return buf;
+}
+
diff --git a/sm/gpgsm.h b/sm/gpgsm.h
index f1d4fca4d..178607169 100644
--- a/sm/gpgsm.h
+++ b/sm/gpgsm.h
@@ -101,6 +101,9 @@ void gpgsm_status (CTRL ctrl, int no, const char *text);
char *gpgsm_get_fingerprint (KsbaCert cert, int algo, char *array, int *r_len);
char *gpgsm_get_fingerprint_string (KsbaCert cert, int algo);
char *gpgsm_get_fingerprint_hexstring (KsbaCert cert, int algo);
+char *gpgsm_get_keygrip (KsbaCert cert, char *array);
+char *gpgsm_get_keygrip_hexstring (KsbaCert cert);
+
/*-- certdump.c --*/
void gpgsm_dump_cert (const char *text, KsbaCert cert);
diff --git a/sm/keylist.c b/sm/keylist.c
index f47a0b79e..19bc9dd40 100644
--- a/sm/keylist.c
+++ b/sm/keylist.c
@@ -104,6 +104,9 @@ list_cert_colon (KsbaCert cert, FILE *fp)
p = gpgsm_get_fingerprint_hexstring (cert, GCRY_MD_SHA1);
fprintf (fp, "fpr:::::::::%s:\n", p);
xfree (p);
+ p = gpgsm_get_keygrip_hexstring (cert);
+ fprintf (fp, "grp:::::::::%s:\n", p?p:"");
+ xfree (p);
if (opt.with_key_data)
print_key_data (cert, fp);