diff options
Diffstat (limited to 'g10')
| -rw-r--r-- | g10/call-agent.c | 6 | ||||
| -rw-r--r-- | g10/keygen.c | 7 |
2 files changed, 11 insertions, 2 deletions
diff --git a/g10/call-agent.c b/g10/call-agent.c index 20235d2ad..486b7d95f 100644 --- a/g10/call-agent.c +++ b/g10/call-agent.c @@ -745,6 +745,11 @@ learn_status_cb (void *opaque, const char *line) * card-util.c * keyedit_menu * card_store_key_with_backup (Woth force to remove secret key data) + * + * If force has the value 2 the --reallyforce option is also used. + * This is to make sure the sshadow key overwrites the private key. + * Note that this option is gnupg 2.2 specific because since 2.4.4 an + * ephemeral private key store is used instead. */ int agent_scd_learn (struct agent_card_info_s *info, int force) @@ -764,6 +769,7 @@ agent_scd_learn (struct agent_card_info_s *info, int force) parm.ctx = agent_ctx; rc = assuan_transact (agent_ctx, + force == 2? "LEARN --sendinfo --force --reallyforce" : force ? "LEARN --sendinfo --force" : "LEARN --sendinfo", dummy_data_cb, NULL, default_inq_cb, &parm, learn_status_cb, info); diff --git a/g10/keygen.c b/g10/keygen.c index 08e546954..c8487be0a 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -5201,8 +5201,11 @@ card_store_key_with_backup (ctrl_t ctrl, PKT_public_key *sub_psk, if (err) log_error ("writing card key to backup file: %s\n", gpg_strerror (err)); else - /* Remove secret key data in agent side. */ - agent_scd_learn (NULL, 1); + { + /* Remove secret key data in agent side. We use force 2 here to + * allow overwriting of the temporary private key. */ + agent_scd_learn (NULL, 2); + } leave: xfree (ecdh_param_str); |