gpg: Avoid second Pinentry pop-up for a configured ADSK during keygen.

* g10/keyedit.c (append_adsk_to_key): Add arg cache_nonce and pass on
to make_keysig_packet.
* g10/keygen.c (do_generate_keypair): Pass cache_nonce to
append_adsk_to_key.
--

GnuPG-bug-id: 7491

4 files changed, 11 insertions, 8 deletions

diff --git a/g10/keyedit.c b/g10/keyedit.c
index 1afaad6a9..0a5064a25 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -5053,9 +5053,11 @@ fail:
 
 
 /* Core function to add an ADSK to the KEYBLOCK.  Returns 0 on success
- * or an error code.  */
+ * or an error code.  CACHE_NONCE can be used to avoid a second
+ * Pinetry pop-up for appending the ADSK. */
 gpg_error_t
-append_adsk_to_key (ctrl_t ctrl, kbnode_t keyblock, PKT_public_key *adsk)
+append_adsk_to_key (ctrl_t ctrl, kbnode_t keyblock, PKT_public_key *adsk,
+                    const char *cache_nonce)
 {
   gpg_error_t err;
   PKT_public_key *main_pk;  /* The primary key.  */
@@ -5101,7 +5103,7 @@ append_adsk_to_key (ctrl_t ctrl, kbnode_t keyblock, PKT_public_key *adsk)
   /* Make the signature.  */
   err = make_keysig_packet (ctrl, &sig, main_pk, NULL, adsk, main_pk, 0x18,
                             adsk->timestamp, 0,
-                            keygen_add_key_flags_and_expire, adsk, NULL);
+                            keygen_add_key_flags_and_expire, adsk, cache_nonce);
   adsk = NULL; /* (owned by adsknode - avoid double free.)  */
   if (err)
     {
@@ -5248,7 +5250,8 @@ menu_addadsk (ctrl_t ctrl, kbnode_t pub_keyblock, const char *adskfpr)
   /* Append the subkey.  */
   log_assert (node->pkt->pkttype == PKT_PUBLIC_KEY
               || node->pkt->pkttype == PKT_PUBLIC_SUBKEY);
-  err = append_adsk_to_key (ctrl, pub_keyblock, node->pkt->pkt.public_key);
+  err = append_adsk_to_key (ctrl, pub_keyblock, node->pkt->pkt.public_key,
+                            NULL);
 
 
  leave:
diff --git a/g10/keyedit.h b/g10/keyedit.h
index 7edda9a0b..5d8be078e 100644
--- a/g10/keyedit.h
+++ b/g10/keyedit.h
@@ -61,7 +61,7 @@ void keyedit_quick_update_pref (ctrl_t ctrl, const char *username);
 void keyedit_quick_set_ownertrust (ctrl_t ctrl, const char *username,
                                    const char *value);
 gpg_error_t append_adsk_to_key (ctrl_t ctrl, kbnode_t keyblock,
-                                PKT_public_key *adsk);
+                                PKT_public_key *adsk, const char *cache_nonce);
 void show_basic_key_info (ctrl_t ctrl, kbnode_t keyblock, int print_sec);
 int keyedit_print_one_sig (ctrl_t ctrl, estream_t fp,
                            int rc, kbnode_t keyblock,
diff --git a/g10/keygen.c b/g10/keygen.c
index 189127d28..349149b8a 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -1275,7 +1275,7 @@ append_all_default_adsks (ctrl_t ctrl, kbnode_t keyblock)
           fingerprint_from_pk (para->u.adsk, adskfpr, &adskfprlen);
           if (!has_key_with_fingerprint (keyblock, adskfpr, adskfprlen))
             {
-              err = append_adsk_to_key (ctrl, keyblock, para->u.adsk);
+              err = append_adsk_to_key (ctrl, keyblock, para->u.adsk, NULL);
               if (!err)
                 any_done = 1;
             }
@@ -6629,7 +6629,7 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para,
 
       for (idx=0; (adsk = get_parameter_adsk (para, idx)); idx++)
         {
-          err = append_adsk_to_key (ctrl, pub_root, adsk);
+          err = append_adsk_to_key (ctrl, pub_root, adsk, cache_nonce);
           if (err)
             break;
           any_adsk++;
diff --git a/g10/sign.c b/g10/sign.c
index 2ba30f09c..f0bf9b671 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -1817,7 +1817,7 @@ sign_symencrypt_file (ctrl_t ctrl, const char *fname, strlist_t locusr)
  * expires.
  *
  * If CACHED_NONCE is not NULL the agent may use it to avoid
- * additional pinnetry popups for the same keyblock.
+ * additional Pinentry popups for the same keyblock.
  *
  * This function creates the following subpackets: issuer, created,
  * and expire (if duration is not 0).  Additional subpackets can be