diff options
| author | NIIBE Yutaka <[email protected]> | 2021-10-27 06:33:06 +0000 |
|---|---|---|
| committer | NIIBE Yutaka <[email protected]> | 2021-10-27 06:33:06 +0000 |
| commit | 0683e88d30c85b0ce1681a1d7d3f64caec798213 (patch) | |
| tree | 4254ed0adb4487f3932c418d034c3606715f065c | |
| parent | experiment: Support exporting new 448 key (public/secret). (diff) | |
| download | gnupg-0683e88d30c85b0ce1681a1d7d3f64caec798213.tar.gz gnupg-0683e88d30c85b0ce1681a1d7d3f64caec798213.zip | |
experiment: Fix importing new448 secret key.
--
Because secret key may be encrypted one, it can be only fixed up
(removing the prefix) at gpg-agent side.
Signed-off-by: NIIBE Yutaka <[email protected]>
| -rw-r--r-- | agent/cvt-openpgp.c | 7 | ||||
| -rw-r--r-- | g10/export.c | 2 | ||||
| -rw-r--r-- | g10/import.c | 6 |
3 files changed, 8 insertions, 7 deletions
diff --git a/agent/cvt-openpgp.c b/agent/cvt-openpgp.c index efddb84af..939b1d837 100644 --- a/agent/cvt-openpgp.c +++ b/agent/cvt-openpgp.c @@ -498,6 +498,10 @@ do_unprotect (const char *passphrase, actual_csum += (nbits >> 8); actual_csum += (nbits & 0xff); actual_csum += checksum (buffer, nbytes); + + tmpmpi = skey[i]; + skey[i] = openpgp_ecc_parse_key (pubkey_algo, curve, tmpmpi); + gcry_mpi_release (tmpmpi); } else { @@ -638,7 +642,8 @@ do_unprotect (const char *passphrase, { if (scan_pgp_format (&tmpmpi, pubkey_algo, p, ndata, &nbytes)) break; - skey[i] = tmpmpi; + skey[i] = openpgp_ecc_parse_key (pubkey_algo, curve, tmpmpi); + gcry_mpi_release (tmpmpi); ndata -= nbytes; p += nbytes; } diff --git a/g10/export.c b/g10/export.c index 9453c603a..faec87c1b 100644 --- a/g10/export.c +++ b/g10/export.c @@ -753,7 +753,7 @@ cleartext_secret_key_to_openpgp (gcry_sexp_t s_key, PKT_public_key *pk) break; case GCRY_PK_ECC: - err = match_curve_skey_pk (key, pk, is_448); + err = match_curve_skey_pk (key, pk, &is_448); if (err) goto leave; else diff --git a/g10/import.c b/g10/import.c index f9c0cc27c..02e7d1007 100644 --- a/g10/import.c +++ b/g10/import.c @@ -2494,7 +2494,6 @@ transfer_secret_keys (ctrl_t ctrl, struct import_stats_s *stats, while ((node = walk_kbnode (sec_keyblock, &ctx, 0))) { gcry_mpi_t ecc_pubkey = NULL; - gcry_mpi_t ecc_seckey = NULL; if (node->pkt->pkttype != PKT_SECRET_KEY && node->pkt->pkttype != PKT_SECRET_SUBKEY) @@ -2586,9 +2585,7 @@ transfer_secret_keys (ctrl_t ctrl, struct import_stats_s *stats, put_membuf_str (&mbuf, " e %m"); else put_membuf_str (&mbuf, " _ %m"); - ecc_seckey = openpgp_ecc_parse_key (pk->pubkey_algo, - curvename, pk->pkey[i]); - format_args[j++] = &ecc_seckey; + format_args[j++] = pk->pkey + i; /* Simple hack to print a warning for an invalid key * in case of cv25519. We have only opaque MPIs here. */ @@ -2638,7 +2635,6 @@ transfer_secret_keys (ctrl_t ctrl, struct import_stats_s *stats, xfree (format); } gcry_mpi_release (ecc_pubkey); - gcry_mpi_release (ecc_seckey); if (err) { log_error ("error building skey array: %s\n", gpg_strerror (err)); |