diff options
| author | Werner Koch <wk@gnupg.org> | 2017-07-28 17:46:43 +0200 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2017-07-28 17:46:43 +0200 |
| commit | efe187e8a2b583defdcd9d4b96e3dc83f95bef0d (patch) | |
| tree | 2de5ecaa06fb5e45c0a3c3b11f9962cd186140ac /sm | |
| parent | agent: For OCB key files return Bad Passprase instead of Checksum Error. (diff) | |
| download | gnupg2-efe187e8a2b583defdcd9d4b96e3dc83f95bef0d.tar.xz gnupg2-efe187e8a2b583defdcd9d4b96e3dc83f95bef0d.zip | |
gpg,sm: String changes for compliance diagnostics.
Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'sm')
| -rw-r--r-- | sm/decrypt.c | 6 | ||||
| -rw-r--r-- | sm/encrypt.c | 3 | ||||
| -rw-r--r-- | sm/gpgsm.c | 9 | ||||
| -rw-r--r-- | sm/sign.c | 12 | ||||
| -rw-r--r-- | sm/verify.c | 12 |
5 files changed, 21 insertions, 21 deletions
diff --git a/sm/decrypt.c b/sm/decrypt.c index 3de742a25..cdce1d434 100644 --- a/sm/decrypt.c +++ b/sm/decrypt.c @@ -361,8 +361,8 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp) /* Check compliance. */ if (! gnupg_cipher_is_allowed (opt.compliance, 0, algo, mode)) { - log_error (_("you may not use cipher algorithm '%s'" - " while in %s mode\n"), + log_error (_("cipher algorithm '%s'" + " may not be used in %s mode\n"), gcry_cipher_algo_name (algo), gnupg_compliance_option_string (opt.compliance)); rc = gpg_error (GPG_ERR_CIPHER_ALGO); @@ -489,7 +489,7 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp) snprintf (kidstr, sizeof kidstr, "0x%08lX", gpgsm_get_short_fingerprint (cert, NULL)); log_info - (_("Note: key %s was not suitable for encryption" + (_("Note: key %s is not suitable for encryption" " in %s mode\n"), kidstr, gnupg_compliance_option_string (opt.compliance)); diff --git a/sm/encrypt.c b/sm/encrypt.c index 0225476e7..6213a6604 100644 --- a/sm/encrypt.c +++ b/sm/encrypt.c @@ -412,8 +412,7 @@ gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, estream_t out_fp) (opt.compliance, 1, gcry_cipher_map_name (opt.def_cipher_algoid), gcry_cipher_mode_from_oid (opt.def_cipher_algoid))) { - log_error (_("you may not use cipher algorithm '%s'" - " while in %s mode\n"), + log_error (_("cipher algorithm '%s' may not be used in %s mode\n"), opt.def_cipher_algoid, gnupg_compliance_option_string (opt.compliance)); rc = gpg_error (GPG_ERR_CIPHER_ALGO); diff --git a/sm/gpgsm.c b/sm/gpgsm.c index 4e337fe8c..10eff0a84 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -1628,8 +1628,7 @@ main ( int argc, char **argv) gcry_cipher_mode_from_oid (opt.def_cipher_algoid), GCRY_CIPHER_MODE_NONE)) - log_error (_("you may not use cipher algorithm '%s'" - " while in %s mode\n"), + log_error (_("cipher algorithm '%s' may not be used in %s mode\n"), opt.def_cipher_algoid, gnupg_compliance_option_string (opt.compliance)); @@ -1639,8 +1638,7 @@ main ( int argc, char **argv) || cmd == aSignEncr || cmd == aClearsign, opt.forced_digest_algo)) - log_error (_("you may not use digest algorithm '%s'" - " while in %s mode\n"), + log_error (_("digest algorithm '%s' may not be used in %s mode\n"), forced_digest_algo, gnupg_compliance_option_string (opt.compliance)); @@ -1650,8 +1648,7 @@ main ( int argc, char **argv) || cmd == aSignEncr || cmd == aClearsign, opt.extra_digest_algo)) - log_error (_("you may not use digest algorithm '%s'" - " while in %s mode\n"), + log_error (_("digest algorithm '%s' may not be used in %s mode\n"), forced_digest_algo, gnupg_compliance_option_string (opt.compliance)); @@ -475,8 +475,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist, /* Check compliance. */ if (! gnupg_digest_is_allowed (opt.compliance, 1, cl->hash_algo)) { - log_error (_("you may not use digest algorithm '%s'" - " while in %s mode\n"), + log_error (_("digest algorithm '%s' may not be used in %s mode\n"), gcry_md_algo_name (cl->hash_algo), gnupg_compliance_option_string (opt.compliance)); err = gpg_error (GPG_ERR_DIGEST_ALGO); @@ -490,9 +489,12 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist, if (! gnupg_pk_is_allowed (opt.compliance, PK_USE_SIGNING, pk_algo, NULL, nbits, NULL)) { - log_error ("certificate ID 0x%08lX not suitable for " - "signing while in %s mode\n", - gpgsm_get_short_fingerprint (cl->cert, NULL), + char kidstr[10+1]; + + snprintf (kidstr, sizeof kidstr, "0x%08lX", + gpgsm_get_short_fingerprint (cl->cert, NULL)); + log_error (_("key %s may not be used for signing in %s mode\n"), + kidstr, gnupg_compliance_option_string (opt.compliance)); err = gpg_error (GPG_ERR_PUBKEY_ALGO); goto leave; diff --git a/sm/verify.c b/sm/verify.c index f79c0aeb8..10b3f4378 100644 --- a/sm/verify.c +++ b/sm/verify.c @@ -458,17 +458,19 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp) if (! gnupg_pk_is_allowed (opt.compliance, PK_USE_VERIFICATION, pk_algo, NULL, nbits, NULL)) { - log_error ("certificate ID 0x%08lX not suitable for " - "verification while in %s mode\n", - gpgsm_get_short_fingerprint (cert, NULL), + char kidstr[10+1]; + + snprintf (kidstr, sizeof kidstr, "0x%08lX", + gpgsm_get_short_fingerprint (cert, NULL)); + log_error (_("key %s may not be used for signing in %s mode\n"), + kidstr, gnupg_compliance_option_string (opt.compliance)); goto next_signer; } if (! gnupg_digest_is_allowed (opt.compliance, 0, sigval_hash_algo)) { - log_error (_("you may not use digest algorithm '%s'" - " while in %s mode\n"), + log_error (_("digest algorithm '%s' may not be used in %s mode\n"), gcry_md_algo_name (sigval_hash_algo), gnupg_compliance_option_string (opt.compliance)); goto next_signer; |