diff options
| author | Werner Koch <[email protected]> | 2014-09-17 13:12:08 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2014-09-17 13:12:08 +0000 |
| commit | 457bce5cd39146df047e4740162125c32c738789 (patch) | |
| tree | 915fe264027c168e0c0610c983ef9d72c6e90a72 /agent/agent.h | |
| parent | gpg: Use algorithm id 22 for EdDSA. (diff) | |
| download | gnupg-457bce5cd39146df047e4740162125c32c738789.tar.gz gnupg-457bce5cd39146df047e4740162125c32c738789.zip | |
gpg: Improve passphrase caching.
* agent/cache.c (last_stored_cache_key): New.
(agent_get_cache): Allow NULL for KEY.
(agent_store_cache_hit): New.
* agent/findkey.c (unprotect): Call new function and try to use the
last stored key.
* g10/revoke.c (create_revocation): Add arg CACHE_NONCE and pass to
make_keysig_packet.
(gen_standard_revoke): Add arg CACHE_NONCE and pass to
create_revocation.
* g10/keygen.c (do_generate_keypair): Call gen_standard_revoke with
cache nonce.
--
This patch adds two features:
1. The key for the last passphrase successfully used for unprotecting
a key is stored away. On a cache miss the stored away passphrase is
tried as well. This helps for the common GPG use case of having a
signing and encryption (sub)key with the same passphrase. See the
code for more comments.
2. The now auto-generated revocation certificate does not anymore
popup a passphrase prompt. Thus for standard key generation the
passphrase needs to be given only once (well, two with the
confirmation).
Diffstat (limited to '')
| -rw-r--r-- | agent/agent.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/agent/agent.h b/agent/agent.h index 4ed8c7fe6..a420baed9 100644 --- a/agent/agent.h +++ b/agent/agent.h @@ -364,6 +364,7 @@ void agent_flush_cache (void); int agent_put_cache (const char *key, cache_mode_t cache_mode, const char *data, int ttl); char *agent_get_cache (const char *key, cache_mode_t cache_mode); +void agent_store_cache_hit (const char *key); /*-- pksign.c --*/ |