summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--gpg2ssh/Makefile6
-rw-r--r--gpg2ssh/gpg2ssh.c14
2 files changed, 12 insertions, 8 deletions
diff --git a/gpg2ssh/Makefile b/gpg2ssh/Makefile
index aa18aaa..a0b7241 100644
--- a/gpg2ssh/Makefile
+++ b/gpg2ssh/Makefile
@@ -1,3 +1,5 @@
+all: monkeysphere gpg2ssh
+
monkeysphere: main.c gnutls-helpers.o
gcc -g -Wall --pedantic -o monkeysphere main.c `libgnutls-config --libs --cflags` -lgnutls-extra gnutls-helpers.o
@@ -11,6 +13,6 @@ ssh2gpg: ssh2gpg.c gnutls-helpers.o
gcc -g -Wall --pedantic -o $@ -c $<
clean:
- rm -f monkeysphere *.o
+ rm -f monkeysphere gpg2ssh *.o
-.PHONY: clean
+.PHONY: clean all
diff --git a/gpg2ssh/gpg2ssh.c b/gpg2ssh/gpg2ssh.c
index a1e94df..c99f03f 100644
--- a/gpg2ssh/gpg2ssh.c
+++ b/gpg2ssh/gpg2ssh.c
@@ -116,8 +116,9 @@ int main(int argc, char* argv[]) {
err("failed to get the usage flags for the primary key (error: %d)\n", ret);
return ret;
}
- if (usage & GNUTLS_KEY_KEY_AGREEMENT) {
- err("the primary key can be used for authentication\n");
+ if (usage & GNUTLS_KEY_KEY_AGREEMENT &&
+ usage & GNUTLS_KEY_KEY_ENCIPHERMENT) {
+ err("the primary key can be used for authentication and communication encryption!\n");
algo = gnutls_openpgp_crt_get_pk_algorithm(openpgp_crt, &bits);
if (algo < 0) {
@@ -144,10 +145,10 @@ int main(int argc, char* argv[]) {
}
} else {
- err("primary key is only good for: 0x%08x. Trying subkeys...\n", usage);
+ err("primary key is not good for authentication and communication encryption. Trying subkeys...\n");
if (ret = gnutls_openpgp_crt_get_auth_subkey(openpgp_crt, keyid, 0), ret) {
- err("failed to find a subkey capable of authentication (error: %d)\n", ret);
+ err("failed to find a subkey capable of authentication and communication encryption (error: %d)\n", ret);
return ret;
}
make_keyid_printable(p_keyid, keyid);
@@ -169,8 +170,9 @@ int main(int argc, char* argv[]) {
err("could not figure out usage of subkey %.16s (error: %d)\n", p_keyid, ret);
return ret;
}
- if ((usage & GNUTLS_KEY_KEY_AGREEMENT) == 0) {
- err("could not find a subkey with authentication privileges.\n");
+ if ((usage & GNUTLS_KEY_KEY_AGREEMENT) == 0 &&
+ usage & GNUTLS_KEY_KEY_ENCIPHERMENT) {
+ err("could not find a subkey with authentication and communication encryption.\n");
return 1;
}