Home GnuPG
Diffusion GnuPG 48251cf9a7d3

gpg: Improve generation of keys stored on card (brainpool,cv25519).
48251cf9a7d3
Actions

Description

gpg: Improve generation of keys stored on card (brainpool,cv25519).

* g10/keygen.c (ask_key_flags_with_mask): Allow more than ECDH for
legacy curves.
(ask_algo): Tweak mapping of ECC to OpenPGP algos
(parse_key_parameter_part): Ditto.
(generate_subkeypair): Create the subkey with the time stored on the
card.

This fixes two problems with generating keys from a card:

  1. The key usage is now set correctly for brainpool curves.
  1. The add-key and --quick-add-key commands now also take the creation time from the time stored on the card. Without that we would need to update the creation time and fingerprint already stored on the card which is a no-go if another key has already been created using that on-card key.

Note: To create a key on a card without an OpenPGP keyblock use
gpg-card.

  • Signed-off-by: Werner Koch <wk@gnupg.org>

Details

Provenance
wernerAuthored on Jun 3 2020, 4:22 PM
Parents
rG7558128e16d7: sm: Fix recently introduced regression in CSR creation.
Branches
Unknown
Tags
Unknown

Changes (1)

PathSize
g10/

rG48251cf9a7d3

View Options

g10/keygen.c

Loading...