From 7de74320767d15d915942a98ff47c00175a078ed Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Fri, 10 Jun 2016 16:15:34 -0400 Subject: g10: Add openpgp_protected flag to agent secret key export functions * g10/call-agent.c, g10/call-agent.h (agent_export_key): Add openpgp_protected flag. * g10/export.c (receive_seckey_from_agent): Request openpgp_protected secret keys from agent. * agent/command.c (hlp_export_key): EXPORT_KEY help text: add a brief description of the effect of --openpgp. -- The --openpgp flag for gpg-agent's EXPORT_KEY actually forces encryption in a certain (RFC 4880-compatible format). This changeset exposes that functionality in internal functions, and clarifies functionality in the agent's help text. Signed-off-by: Daniel Kahn Gillmor --- agent/command.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'agent') diff --git a/agent/command.c b/agent/command.c index 1898d6cf7..de5b1846c 100644 --- a/agent/command.c +++ b/agent/command.c @@ -2210,7 +2210,12 @@ static const char hlp_export_key[] = "Export a secret key from the key store. The key will be encrypted\n" "using the current session's key wrapping key (cf. command KEYWRAP_KEY)\n" "using the AESWRAP-128 algorithm. The caller needs to retrieve that key\n" - "prior to using this command. The function takes the keygrip as argument.\n"; + "prior to using this command. The function takes the keygrip as argument.\n" + "\n" + "If --openpgp is used, the secret key material will be exported in RFC 4880\n" + "compatible passphrase-protected form. Without --openpgp, the secret key\n" + "material will be exported in the clear (after prompting the user to unlock\n" + "it, if needed).\n"; static gpg_error_t cmd_export_key (assuan_context_t ctx, char *line) { -- cgit v1.2.3