diff options
Diffstat (limited to 'g10')
| -rw-r--r-- | g10/call-agent.c | 23 | ||||
| -rw-r--r-- | g10/call-agent.h | 1 | ||||
| -rw-r--r-- | g10/keygen.c | 49 |
3 files changed, 46 insertions, 27 deletions
diff --git a/g10/call-agent.c b/g10/call-agent.c index a98a177ad..dc9d1575a 100644 --- a/g10/call-agent.c +++ b/g10/call-agent.c @@ -1,7 +1,6 @@ /* call-agent.c - Divert GPG operations to the agent. - * Copyright (C) 2001, 2002, 2003, 2006, 2007, 2008, 2009, - * 2010, 2011, 2013 Free Software Foundation, Inc. - * Copyright (C) 2013, 2014 Werner Koch + * Copyright (C) 2001-2003, 2006-2011, 2013 Free Software Foundation, Inc. + * Copyright (C) 2013-2015 Werner Koch * * This file is part of GnuPG. * @@ -90,6 +89,7 @@ struct genkey_parm_s { struct default_inq_parm_s *dflt; const char *keyparms; + const char *passphrase; }; struct import_key_parm_s @@ -1737,6 +1737,11 @@ inq_genkey_parms (void *opaque, const char *line) err = assuan_send_data (parm->dflt->ctx, parm->keyparms, strlen (parm->keyparms)); } + else if (has_leading_keyword (line, "NEWPASSWD") && parm->passphrase) + { + err = assuan_send_data (parm->dflt->ctx, + parm->passphrase, strlen (parm->passphrase)); + } else err = default_inq_cb (parm->dflt, line); @@ -1747,10 +1752,13 @@ inq_genkey_parms (void *opaque, const char *line) /* Call the agent to generate a new key. KEYPARMS is the usual S-expression giving the parameters of the key. gpg-agent passes it gcry_pk_genkey. If NO_PROTECTION is true the agent is advised not - to protect the generated key. */ + to protect the generated key. If NO_PROTECTION is not set and + PASSPHRASE is not NULL the agent is requested to protect the key + with that passphrase instead of asking for one. */ gpg_error_t agent_genkey (ctrl_t ctrl, char **cache_nonce_addr, - const char *keyparms, int no_protection, gcry_sexp_t *r_pubkey) + const char *keyparms, int no_protection, + const char *passphrase, gcry_sexp_t *r_pubkey) { gpg_error_t err; struct genkey_parm_s gk_parm; @@ -1778,8 +1786,11 @@ agent_genkey (ctrl_t ctrl, char **cache_nonce_addr, init_membuf (&data, 1024); gk_parm.dflt = &dfltparm; gk_parm.keyparms = keyparms; + gk_parm.passphrase = passphrase; snprintf (line, sizeof line, "GENKEY%s%s%s", - no_protection? " --no-protection":"", + no_protection? " --no-protection" : + passphrase ? " --inq-passwd" : + /* */ "", cache_nonce_addr && *cache_nonce_addr? " ":"", cache_nonce_addr && *cache_nonce_addr? *cache_nonce_addr:""); cn_parm.cache_nonce_addr = cache_nonce_addr; diff --git a/g10/call-agent.h b/g10/call-agent.h index bcb5ae9f5..9c104e88e 100644 --- a/g10/call-agent.h +++ b/g10/call-agent.h @@ -154,6 +154,7 @@ gpg_error_t agent_get_keyinfo (ctrl_t ctrl, const char *hexkeygrip, /* Generate a new key. */ gpg_error_t agent_genkey (ctrl_t ctrl, char **cache_nonce_addr, const char *keyparms, int no_protection, + const char *passphrase, gcry_sexp_t *r_pubkey); /* Read a public key. */ diff --git a/g10/keygen.c b/g10/keygen.c index fa466a8b8..a3dbed8db 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -1,7 +1,6 @@ /* keygen.c - generate a key pair - * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006 - * 2007, 2009, 2010, 2011 Free Software Foundation, Inc. - * Copyright (C) 2014 Werner Koch + * Copyright (C) 1998-2007, 2009-2011 Free Software Foundation, Inc. + * Copyright (C) 2014, 2015 Werner Koch * * This file is part of GnuPG. * @@ -1287,7 +1286,7 @@ do_create_from_keygrip (ctrl_t ctrl, int algo, const char *hexkeygrip, static int common_gen (const char *keyparms, int algo, const char *algoelem, kbnode_t pub_root, u32 timestamp, u32 expireval, int is_subkey, - int keygen_flags, char **cache_nonce_addr) + int keygen_flags, const char *passphrase, char **cache_nonce_addr) { int err; PACKET *pkt; @@ -1295,7 +1294,9 @@ common_gen (const char *keyparms, int algo, const char *algoelem, gcry_sexp_t s_key; err = agent_genkey (NULL, cache_nonce_addr, keyparms, - !!(keygen_flags & KEYGEN_FLAG_NO_PROTECTION), &s_key); + !!(keygen_flags & KEYGEN_FLAG_NO_PROTECTION), + passphrase, + &s_key); if (err) { log_error ("agent_genkey failed: %s\n", gpg_strerror (err) ); @@ -1353,7 +1354,7 @@ common_gen (const char *keyparms, int algo, const char *algoelem, static int gen_elg (int algo, unsigned int nbits, KBNODE pub_root, u32 timestamp, u32 expireval, int is_subkey, - int keygen_flags, char **cache_nonce_addr) + int keygen_flags, const char *passphrase, char **cache_nonce_addr) { int err; char *keyparms; @@ -1394,7 +1395,7 @@ gen_elg (int algo, unsigned int nbits, KBNODE pub_root, { err = common_gen (keyparms, algo, "pgy", pub_root, timestamp, expireval, is_subkey, - keygen_flags, cache_nonce_addr); + keygen_flags, passphrase, cache_nonce_addr); xfree (keyparms); } @@ -1408,7 +1409,7 @@ gen_elg (int algo, unsigned int nbits, KBNODE pub_root, static gpg_error_t gen_dsa (unsigned int nbits, KBNODE pub_root, u32 timestamp, u32 expireval, int is_subkey, - int keygen_flags, char **cache_nonce_addr) + int keygen_flags, const char *passphrase, char **cache_nonce_addr) { int err; unsigned int qbits; @@ -1481,7 +1482,7 @@ gen_dsa (unsigned int nbits, KBNODE pub_root, { err = common_gen (keyparms, PUBKEY_ALGO_DSA, "pqgy", pub_root, timestamp, expireval, is_subkey, - keygen_flags, cache_nonce_addr); + keygen_flags, passphrase, cache_nonce_addr); xfree (keyparms); } @@ -1496,7 +1497,7 @@ gen_dsa (unsigned int nbits, KBNODE pub_root, static gpg_error_t gen_ecc (int algo, const char *curve, kbnode_t pub_root, u32 timestamp, u32 expireval, int is_subkey, - int keygen_flags, char **cache_nonce_addr) + int keygen_flags, const char *passphrase, char **cache_nonce_addr) { gpg_error_t err; char *keyparms; @@ -1531,7 +1532,7 @@ gen_ecc (int algo, const char *curve, kbnode_t pub_root, { err = common_gen (keyparms, algo, "", pub_root, timestamp, expireval, is_subkey, - keygen_flags, cache_nonce_addr); + keygen_flags, passphrase, cache_nonce_addr); xfree (keyparms); } @@ -1545,7 +1546,7 @@ gen_ecc (int algo, const char *curve, kbnode_t pub_root, static int gen_rsa (int algo, unsigned int nbits, KBNODE pub_root, u32 timestamp, u32 expireval, int is_subkey, - int keygen_flags, char **cache_nonce_addr) + int keygen_flags, const char *passphrase, char **cache_nonce_addr) { int err; char *keyparms; @@ -1586,7 +1587,7 @@ gen_rsa (int algo, unsigned int nbits, KBNODE pub_root, { err = common_gen (keyparms, algo, "ne", pub_root, timestamp, expireval, is_subkey, - keygen_flags, cache_nonce_addr); + keygen_flags, passphrase, cache_nonce_addr); xfree (keyparms); } @@ -2724,7 +2725,7 @@ do_ask_passphrase (STRING2KEY **ret_s2k, int mode, int *r_canceled) static int do_create (int algo, unsigned int nbits, const char *curve, KBNODE pub_root, u32 timestamp, u32 expiredate, int is_subkey, - int keygen_flags, char **cache_nonce_addr) + int keygen_flags, const char *passphrase, char **cache_nonce_addr) { gpg_error_t err; @@ -2739,18 +2740,18 @@ do_create (int algo, unsigned int nbits, const char *curve, KBNODE pub_root, if (algo == PUBKEY_ALGO_ELGAMAL_E) err = gen_elg (algo, nbits, pub_root, timestamp, expiredate, is_subkey, - keygen_flags, cache_nonce_addr); + keygen_flags, passphrase, cache_nonce_addr); else if (algo == PUBKEY_ALGO_DSA) err = gen_dsa (nbits, pub_root, timestamp, expiredate, is_subkey, - keygen_flags, cache_nonce_addr); + keygen_flags, passphrase, cache_nonce_addr); else if (algo == PUBKEY_ALGO_ECDSA || algo == PUBKEY_ALGO_EDDSA || algo == PUBKEY_ALGO_ECDH) err = gen_ecc (algo, curve, pub_root, timestamp, expiredate, is_subkey, - keygen_flags, cache_nonce_addr); + keygen_flags, passphrase, cache_nonce_addr); else if (algo == PUBKEY_ALGO_RSA) err = gen_rsa (algo, nbits, pub_root, timestamp, expiredate, is_subkey, - keygen_flags, cache_nonce_addr); + keygen_flags, passphrase, cache_nonce_addr); else BUG(); @@ -2792,6 +2793,8 @@ release_parameter_list (struct para_data_s *r) for (; r ; r = r2) { r2 = r->next; + if (r->key == pPASSPHRASE && *r->u.value) + wipememory (r->u.value, strlen (r->u.value)); xfree (r); } } @@ -3966,7 +3969,9 @@ do_generate_keypair (struct para_data_s *para, pub_root, timestamp, get_parameter_u32( para, pKEYEXPIRE ), 0, - outctrl->keygen_flags, &cache_nonce); + outctrl->keygen_flags, + get_parameter_value (para, pPASSPHRASE), + &cache_nonce); else err = gen_card_key (PUBKEY_ALGO_RSA, 1, 1, pub_root, ×tamp, @@ -4018,7 +4023,9 @@ do_generate_keypair (struct para_data_s *para, pub_root, timestamp, get_parameter_u32 (para, pSUBKEYEXPIRE), 1, - outctrl->keygen_flags, &cache_nonce); + outctrl->keygen_flags, + get_parameter_value (para, pPASSPHRASE), + &cache_nonce); /* Get the pointer to the generated public subkey packet. */ if (!err) { @@ -4241,7 +4248,7 @@ generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock) keyblock, cur_time, expire, 1); else err = do_create (algo, nbits, curve, - keyblock, cur_time, expire, 1, 0, NULL); + keyblock, cur_time, expire, 1, 0, NULL, NULL); if (err) goto leave; |