2 files changed, 22 insertions, 0 deletions

diff --git a/g10/ChangeLog b/g10/ChangeLog
index b9a984913..130ebd511 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,7 @@
+2008-10-24  Werner Koch  <[email protected]>
+
+	* keyedit.c (change_passphrase): Clear passphrase cache.
+
 2008-10-20  Werner Koch  <[email protected]>
 
 	* gpgv.c: Mark all args of the stub fucntions as unused.
diff --git a/g10/keyedit.c b/g10/keyedit.c
index cbb9d79bc..fd9f23b20 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -1151,7 +1151,15 @@ change_passphrase( KBNODE keyblock )
 	    no_primary_secrets = 1;
 	}
 	else {
+            u32 keyid[2];
+
 	    tty_printf(_("Key is protected.\n"));
+            
+            /* Clear the passphrase cache so that the user is required
+               to enter the old passphrase.  */
+            keyid_from_sk (sk, keyid);
+            passphrase_clear_cache (keyid, NULL, 0);
+
 	    rc = check_secret_key( sk, 0 );
 	    if( !rc )
 		passphrase = get_last_passphrase();
@@ -1233,7 +1241,17 @@ change_passphrase( KBNODE keyblock )
 		    log_error("protect_secret_key failed: %s\n",
                               g10_errstr(rc) );
 		else
+                  {
+                    u32 keyid[2];
+                    
+                    /* Clear the cahce again so that the user is
+                       required to enter the new passphrase at the
+                       next operation.  */
+                    keyid_from_sk (sk, keyid);
+                    passphrase_clear_cache (keyid, NULL, 0);
+
 		    changed++;
+                  }
 		break;
 	    }
 	}