From 5205512fc092c53c0a52c8379ef2a129ce6e58a9 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Mon, 18 Mar 2019 13:07:14 +0100 Subject: gpg: Allow import of PGP desktop exported secret keys. * g10/import.c (NODE_TRANSFER_SECKEY): New. (import): Add attic kludge. (transfer_secret_keys): Add arg only_marked. (resync_sec_with_pub_keyblock): Return removed seckeys via new arg r_removedsecs. (import_secret_one): New arg r_secattic. Change to take ownership of arg keyblock. Implement extra secret key import logic. Factor some code out to ... (do_transfer): New. (import_matching_seckeys): New. -- The PGP desktops exported secret keys are really stupid. And they even a have kind of exception in rfc4880 which does not rule that out (section 11.2): [...] Implementations SHOULD include self-signatures on any user IDs and subkeys, as this allows for a complete public key to be automatically extracted from the transferable secret key. Implementations MAY choose to omit the self-signatures, especially if a transferable public key accompanies the transferable secret key. Now if they would only put the public key before the secret key. Anyway we now have a workaround for that ugliness. GnuPG-bug-id: 4392 Signed-off-by: Werner Koch --- g10/keyedit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'g10/keyedit.c') diff --git a/g10/keyedit.c b/g10/keyedit.c index 4ec6ce503..c28a565b1 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -1894,7 +1894,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, node = new_kbnode (pkt); /* Transfer it to gpg-agent which handles secret keys. */ - err = transfer_secret_keys (ctrl, NULL, node, 1, 1); + err = transfer_secret_keys (ctrl, NULL, node, 1, 1, 0); /* Treat the pkt as a public key. */ pkt->pkttype = PKT_PUBLIC_KEY; -- cgit v1.2.3