diff options
| author | Werner Koch <[email protected]> | 2014-11-02 16:51:30 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2014-11-02 16:51:30 +0000 |
| commit | f8c993fbe28bf02f1d7aadec823a9dfc935398fa (patch) | |
| tree | 25df6f48fa9dc581b98f0d0a33d0506cf9c71e32 /g10 | |
| parent | gpg: Fix endless loop in keylisting with fingerprint. (diff) | |
| download | gnupg-f8c993fbe28bf02f1d7aadec823a9dfc935398fa.tar.gz gnupg-f8c993fbe28bf02f1d7aadec823a9dfc935398fa.zip | |
gpg: Avoid extra pinentries for each subkey in --export-secret-keys.
* agent/command.c (cmd_export_key): Actually implement the cache_nonce
feature.
* g10/export.c (do_export_stream): Make use of a cache_nonce.
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to 'g10')
| -rw-r--r-- | g10/call-agent.c | 6 | ||||
| -rw-r--r-- | g10/export.c | 6 |
2 files changed, 9 insertions, 3 deletions
diff --git a/g10/call-agent.c b/g10/call-agent.c index cadc02c6f..bacb9d5e0 100644 --- a/g10/call-agent.c +++ b/g10/call-agent.c @@ -2152,8 +2152,10 @@ agent_import_key (ctrl_t ctrl, const char *desc, char **cache_nonce_addr, /* Receive a secret key from the agent. HEXKEYGRIP is the hexified keygrip, DESC a prompt to be displayed with the agent's passphrase - question (needs to be plus+percent escaped). On success the key is - stored as a canonical S-expression at R_RESULT and R_RESULTLEN. */ + question (needs to be plus+percent escaped). If CACHE_NONCE_ADDR + is not NULL the agent is advised to first try a passphrase + associated with that nonce. On success the key is stored as a + canonical S-expression at R_RESULT and R_RESULTLEN. */ gpg_error_t agent_export_key (ctrl_t ctrl, const char *hexkeygrip, const char *desc, char **cache_nonce_addr, diff --git a/g10/export.c b/g10/export.c index b4f1a2e4d..a92eace12 100644 --- a/g10/export.c +++ b/g10/export.c @@ -777,6 +777,7 @@ do_export_stream (ctrl_t ctrl, iobuf_t out, strlist_t users, int secret, strlist_t sl; int indent = 0; gcry_cipher_hd_t cipherhd = NULL; + char *cache_nonce = NULL; *any = 0; init_packet (&pkt); @@ -914,6 +915,8 @@ do_export_stream (ctrl_t ctrl, iobuf_t out, strlist_t users, int secret, clean_key (keyblock, opt.verbose, (options&EXPORT_MINIMAL), NULL, NULL); /* And write it. */ + xfree (cache_nonce); + cache_nonce = NULL; for (kbctx=NULL; (node = walk_kbnode (keyblock, &kbctx, 0)); ) { if (skip_until_subkey) @@ -1124,7 +1127,7 @@ do_export_stream (ctrl_t ctrl, iobuf_t out, strlist_t users, int secret, { char *prompt = gpg_format_keydesc (pk, FORMAT_KEYDESC_EXPORT,1); - err = agent_export_key (ctrl, hexgrip, prompt, NULL, + err = agent_export_key (ctrl, hexgrip, prompt, &cache_nonce, &wrappedkey, &wrappedkeylen); xfree (prompt); } @@ -1246,6 +1249,7 @@ do_export_stream (ctrl_t ctrl, iobuf_t out, strlist_t users, int secret, keydb_release (kdbhd); if (err || !keyblock_out) release_kbnode( keyblock ); + xfree (cache_nonce); if( !*any ) log_info(_("WARNING: nothing exported\n")); return err; |