core: New export mode to export secret subkeys.

* src/gpgme.h.in (GPGME_EXPORT_MODE_SECRET_SUBKEY): New. * src/export.c (check_mode): Allow new mode and check for invalid combinations. (export_keys_start): Return error if new mode flag is set. * src/engine-gpg.c (export_common): Implement. * src/gpgme-tool.c (cmd_export): New option --secret-subkey. * tests/run-export.c (main): New option --secret-subkey. -- This adds support for exporting secret subkeys (via gpg's --export-secret-subkeys) to gpgme_op_export[_ext][_start]. The flag is not supported by gpgme_op_export_keys[_start] because there is no way to specify which subkey(s) to export with these functions. GnuPG-bug-id: 5757
author: Ingo Klöcker <[email protected]> 2022-01-03 15:25:40 +0000
committer: Ingo Klöcker <[email protected]> 2022-01-04 08:23:40 +0000
commit: 0e19c4879193ed7fa61ad5d488f237b2b5b5d1d7 (patch)
tree: 597edbb9f50c2a2f874d9b1f56592ab7bb4c900e /src
parent: doc: Remove documentation of obsolete export mode flag (diff)
download: gpgme-0e19c4879193ed7fa61ad5d488f237b2b5b5d1d7.tar.gz
gpgme-0e19c4879193ed7fa61ad5d488f237b2b5b5d1d7.zip
4 files changed, 23 insertions, 4 deletions
diff --git a/src/engine-gpg.c b/src/engine-gpg.c
index fd39ad76..f619a646 100644
--- a/src/engine-gpg.c
+++ b/src/engine-gpg.c
@@ -2354,7 +2354,8 @@ export_common (engine_gpg_t gpg, gpgme_export_mode_t mode,
   if ((mode & ~(GPGME_EXPORT_MODE_EXTERN
                 |GPGME_EXPORT_MODE_MINIMAL
                 |GPGME_EXPORT_MODE_SSH
-                |GPGME_EXPORT_MODE_SECRET)))
+                |GPGME_EXPORT_MODE_SECRET
+                |GPGME_EXPORT_MODE_SECRET_SUBKEY)))
     return gpg_error (GPG_ERR_NOT_SUPPORTED);
 
   if ((mode & GPGME_EXPORT_MODE_MINIMAL))
@@ -2379,7 +2380,9 @@ export_common (engine_gpg_t gpg, gpgme_export_mode_t mode,
     }
   else
     {
-      if ((mode & GPGME_EXPORT_MODE_SECRET))
+      if ((mode & GPGME_EXPORT_MODE_SECRET_SUBKEY))
+        err = add_arg (gpg, "--export-secret-subkeys");
+      else if ((mode & GPGME_EXPORT_MODE_SECRET))
         err = add_arg (gpg, "--export-secret-keys");
       else
         err = add_arg (gpg, "--export");
diff --git a/src/export.c b/src/export.c
index 637badf9..c5bcca6e 100644
--- a/src/export.c
+++ b/src/export.c
@@ -125,7 +125,8 @@ check_mode (gpgme_export_mode_t mode, gpgme_protocol_t protocol,
                 |GPGME_EXPORT_MODE_SECRET
                 |GPGME_EXPORT_MODE_SSH
                 |GPGME_EXPORT_MODE_RAW
-                |GPGME_EXPORT_MODE_PKCS12)))
+                |GPGME_EXPORT_MODE_PKCS12
+                |GPGME_EXPORT_MODE_SECRET_SUBKEY)))
     return gpg_error (GPG_ERR_INV_VALUE); /* Invalid flags in MODE.  */
 
   if ((mode & GPGME_EXPORT_MODE_SSH))
@@ -134,7 +135,8 @@ check_mode (gpgme_export_mode_t mode, gpgme_protocol_t protocol,
                     |GPGME_EXPORT_MODE_MINIMAL
                     |GPGME_EXPORT_MODE_SECRET
                     |GPGME_EXPORT_MODE_RAW
-                    |GPGME_EXPORT_MODE_PKCS12)))
+                    |GPGME_EXPORT_MODE_PKCS12
+                    |GPGME_EXPORT_MODE_SECRET_SUBKEY)))
           return gpg_error (GPG_ERR_INV_FLAG);  /* Combination not allowed. */
     }
 
@@ -151,6 +153,12 @@ check_mode (gpgme_export_mode_t mode, gpgme_protocol_t protocol,
         return gpg_error (GPG_ERR_INV_FLAG);  /* Only supported for X.509.  */
     }
 
+  if ((mode & GPGME_EXPORT_MODE_SECRET_SUBKEY))
+    {
+      if ((mode & GPGME_EXPORT_MODE_EXTERN))
+        return gpg_error (GPG_ERR_INV_FLAG);  /* Combination not allowed. */
+    }
+
   if ((mode & GPGME_EXPORT_MODE_EXTERN))
     {
       if (keydata)
@@ -369,6 +377,11 @@ export_keys_start (gpgme_ctx_t ctx, int synchronous, gpgme_key_t keys[],
   if (!keys)
     return gpg_error (GPG_ERR_INV_VALUE);
 
+  if ((mode & GPGME_EXPORT_MODE_SECRET_SUBKEY))
+    {
+      return gpg_error (GPG_ERR_INV_FLAG);
+    }
+
   /* Create a list of pattern from the keys.  */
   for (idx=nkeys=0; keys[idx]; idx++)
     if (keys[idx]->protocol == ctx->protocol)
diff --git a/src/gpgme-tool.c b/src/gpgme-tool.c
index 0dbc4a9e..b05664e3 100644
--- a/src/gpgme-tool.c
+++ b/src/gpgme-tool.c
@@ -2688,6 +2688,8 @@ cmd_export (assuan_context_t ctx, char *line)
     mode |= GPGME_EXPORT_MODE_MINIMAL;
   if (has_option (line, "--secret"))
     mode |= GPGME_EXPORT_MODE_SECRET;
+  if (has_option (line, "--secret-subkey"))
+    mode |= GPGME_EXPORT_MODE_SECRET_SUBKEY;
   if (has_option (line, "--raw"))
     mode |= GPGME_EXPORT_MODE_RAW;
   if (has_option (line, "--pkcs12"))
diff --git a/src/gpgme.h.in b/src/gpgme.h.in
index 5c74afd6..8a9cd259 100644
--- a/src/gpgme.h.in
+++ b/src/gpgme.h.in
@@ -407,6 +407,7 @@ gpgme_pinentry_mode_t;
 #define GPGME_EXPORT_MODE_RAW                  32
 #define GPGME_EXPORT_MODE_PKCS12               64
 #define GPGME_EXPORT_MODE_SSH                 256
+#define GPGME_EXPORT_MODE_SECRET_SUBKEY       512
 
 typedef unsigned int gpgme_export_mode_t;
author	Ingo Klöcker <[email protected]>	2022-01-03 15:25:40 +0000
committer	Ingo Klöcker <[email protected]>	2022-01-04 08:23:40 +0000
commit	0e19c4879193ed7fa61ad5d488f237b2b5b5d1d7 (patch)
tree	597edbb9f50c2a2f874d9b1f56592ab7bb4c900e /src
parent	doc: Remove documentation of obsolete export mode flag (diff)
download	gpgme-0e19c4879193ed7fa61ad5d488f237b2b5b5d1d7.tar.gz gpgme-0e19c4879193ed7fa61ad5d488f237b2b5b5d1d7.zip