X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;ds=sidebyside;f=gpg2ssh%2Fgpg2ssh.c;h=c99f03fe25fbc20ca4fe490791a4b8bac2416cc8;hb=ec76b3cef0014c6aa68ec8982101892c74958b99;hp=a1e94df7998a55a56c88a97e9342abfe14153def;hpb=c9b6d9a5b7b53766bc70f5dd381fb0db5769bd30;p=monkeysphere.git diff --git a/gpg2ssh/gpg2ssh.c b/gpg2ssh/gpg2ssh.c index a1e94df..c99f03f 100644 --- a/gpg2ssh/gpg2ssh.c +++ b/gpg2ssh/gpg2ssh.c @@ -116,8 +116,9 @@ int main(int argc, char* argv[]) { err("failed to get the usage flags for the primary key (error: %d)\n", ret); return ret; } - if (usage & GNUTLS_KEY_KEY_AGREEMENT) { - err("the primary key can be used for authentication\n"); + if (usage & GNUTLS_KEY_KEY_AGREEMENT && + usage & GNUTLS_KEY_KEY_ENCIPHERMENT) { + err("the primary key can be used for authentication and communication encryption!\n"); algo = gnutls_openpgp_crt_get_pk_algorithm(openpgp_crt, &bits); if (algo < 0) { @@ -144,10 +145,10 @@ int main(int argc, char* argv[]) { } } else { - err("primary key is only good for: 0x%08x. Trying subkeys...\n", usage); + err("primary key is not good for authentication and communication encryption. Trying subkeys...\n"); if (ret = gnutls_openpgp_crt_get_auth_subkey(openpgp_crt, keyid, 0), ret) { - err("failed to find a subkey capable of authentication (error: %d)\n", ret); + err("failed to find a subkey capable of authentication and communication encryption (error: %d)\n", ret); return ret; } make_keyid_printable(p_keyid, keyid); @@ -169,8 +170,9 @@ int main(int argc, char* argv[]) { err("could not figure out usage of subkey %.16s (error: %d)\n", p_keyid, ret); return ret; } - if ((usage & GNUTLS_KEY_KEY_AGREEMENT) == 0) { - err("could not find a subkey with authentication privileges.\n"); + if ((usage & GNUTLS_KEY_KEY_AGREEMENT) == 0 && + usage & GNUTLS_KEY_KEY_ENCIPHERMENT) { + err("could not find a subkey with authentication and communication encryption.\n"); return 1; }