From 0e73214dd208fca4df26ac796416c6f25b3ae50d Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Mon, 18 Mar 2019 13:07:14 +0100 Subject: gpg: Allow import of PGP desktop exported secret keys. * g10/import.c (NODE_TRANSFER_SECKEY): New. (import): Add attic kludge. (transfer_secret_keys): Add arg only_marked. (resync_sec_with_pub_keyblock): Return removed seckeys via new arg r_removedsecs. (import_secret_one): New arg r_secattic. Change to take ownership of arg keyblock. Implement extra secret key import logic. Factor some code out to ... (do_transfer): New. (import_matching_seckeys): New. -- The PGP desktops exported secret keys are really stupid. And they even a have kind of exception in rfc4880 which does not rule that out (section 11.2): [...] Implementations SHOULD include self-signatures on any user IDs and subkeys, as this allows for a complete public key to be automatically extracted from the transferable secret key. Implementations MAY choose to omit the self-signatures, especially if a transferable public key accompanies the transferable secret key. Now if they would only put the public key before the secret key. Anyway we now have a workaround for that ugliness. GnuPG-bug-id: 4392 Signed-off-by: Werner Koch (cherry picked from commit 5205512fc092c53c0a52c8379ef2a129ce6e58a9) --- g10/main.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'g10/main.h') diff --git a/g10/main.h b/g10/main.h index 389a557fc..e538e0715 100644 --- a/g10/main.h +++ b/g10/main.h @@ -374,7 +374,8 @@ struct impex_filter_parm_s const char *impex_filter_getval (void *cookie, const char *propname); gpg_error_t transfer_secret_keys (ctrl_t ctrl, struct import_stats_s *stats, - kbnode_t sec_keyblock, int batch, int force); + kbnode_t sec_keyblock, int batch, int force, + int only_marked); int collapse_uids( KBNODE *keyblock ); -- cgit v1.2.3