From bf2724880fe54d0dbf34bfa9fef2f31fa6809f55 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Mon, 20 May 2019 15:06:57 -0400 Subject: gpg-agent: add new CACHE_MODE_EXPORT * agent/agent.h: define CACHE_MODE_EXPORT * agent/call-pinentry.c (agent_askpin, agent_get_passphrase): use "e/" as the prefix for SETKEYINFO when in CACHE_MODE_EXPORT. (agent_clear_passphrase): allow clearing the export cache. * agent/command.c (cmd_clear_passphrase): add --mode=export. (cmd_export_key): use CACHE_MODE_EXPORT. * tests/openpgp/export.scm: no need to feed passphrases during export, already cached. ---- We don't want secret keys to be able to be exported automatically based on the same system passphrase cache used by standard decryption or signing operations. So we introduce a "export" cache mode which can be used by EXPORT_KEY. I confess i don't fully understand the changes made to tests/openpgp/export.scm -- i'm not sure why the passphrase is already supplied in this case. Gnupg-Bug-Id: 4522 Signed-off-by: Daniel Kahn Gillmor --- agent/command.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'agent/command.c') diff --git a/agent/command.c b/agent/command.c index c056eb3f0..a86c9fff5 100644 --- a/agent/command.c +++ b/agent/command.c @@ -1611,7 +1611,8 @@ static const char hlp_clear_passphrase[] = "function returns with OK even when there is no cached passphrase.\n" "The --mode=normal option is used to clear an entry for a cacheid\n" "added by the agent. The --mode=ssh option is used for a cacheid\n" - "added for ssh.\n"; + "added for ssh. The --mode=export option is used for a cacheid\n" + "added for secret key export.\n"; static gpg_error_t cmd_clear_passphrase (assuan_context_t ctx, char *line) { @@ -1627,6 +1628,8 @@ cmd_clear_passphrase (assuan_context_t ctx, char *line) cache_mode = CACHE_MODE_NORMAL; else if (has_option (line, "--mode=ssh")) cache_mode = CACHE_MODE_SSH; + else if (has_option (line, "--mode=export")) + cache_mode = CACHE_MODE_EXPORT; line = skip_options (line); @@ -2347,7 +2350,7 @@ cmd_export_key (assuan_context_t ctx, char *line) the passphrase so that we can use it to re-encrypt it. */ err = agent_key_from_file (ctrl, cache_nonce, ctrl->server_local->keydesc, grip, - &shadow_info, CACHE_MODE_IGNORE, NULL, &s_skey, + &shadow_info, CACHE_MODE_EXPORT, NULL, &s_skey, openpgp ? &passphrase : NULL); if (err) goto leave; -- cgit v1.2.3