diff options
| author | Werner Koch <[email protected]> | 2014-11-02 16:51:30 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2014-11-02 16:51:30 +0000 |
| commit | f8c993fbe28bf02f1d7aadec823a9dfc935398fa (patch) | |
| tree | 25df6f48fa9dc581b98f0d0a33d0506cf9c71e32 /agent/command.c | |
| parent | gpg: Fix endless loop in keylisting with fingerprint. (diff) | |
| download | gnupg-f8c993fbe28bf02f1d7aadec823a9dfc935398fa.tar.gz gnupg-f8c993fbe28bf02f1d7aadec823a9dfc935398fa.zip | |
gpg: Avoid extra pinentries for each subkey in --export-secret-keys.
* agent/command.c (cmd_export_key): Actually implement the cache_nonce
feature.
* g10/export.c (do_export_stream): Make use of a cache_nonce.
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to 'agent/command.c')
| -rw-r--r-- | agent/command.c | 30 |
1 files changed, 26 insertions, 4 deletions
diff --git a/agent/command.c b/agent/command.c index 8c6849840..7f8759d22 100644 --- a/agent/command.c +++ b/agent/command.c @@ -2127,16 +2127,19 @@ cmd_export_key (assuan_context_t ctx, char *line) char *cache_nonce; char *passphrase = NULL; unsigned char *shadow_info = NULL; + char *pend; + int c; openpgp = has_option (line, "--openpgp"); cache_nonce = option_value (line, "--cache-nonce"); if (cache_nonce) { - for (; *line && !spacep (line); line++) + for (pend = cache_nonce; *pend && !spacep (pend); pend++) ; - if (*line) - *line++ = '\0'; + c = *pend; + *pend = '\0'; cache_nonce = xtrystrdup (cache_nonce); + *pend = c; if (!cache_nonce) { err = gpg_error_from_syserror (); @@ -2163,7 +2166,8 @@ cmd_export_key (assuan_context_t ctx, char *line) /* Get the key from the file. With the openpgp flag we also ask for the passphrase so that we can use it to re-encrypt it. */ - err = agent_key_from_file (ctrl, NULL, ctrl->server_local->keydesc, grip, + err = agent_key_from_file (ctrl, cache_nonce, + ctrl->server_local->keydesc, grip, &shadow_info, CACHE_MODE_IGNORE, NULL, &s_skey, openpgp ? &passphrase : NULL); if (err) @@ -2190,6 +2194,24 @@ cmd_export_key (assuan_context_t ctx, char *line) goto leave; } err = convert_to_openpgp (ctrl, s_skey, passphrase, &key, &keylen); + if (!err && passphrase) + { + if (!cache_nonce) + { + char buf[12]; + gcry_create_nonce (buf, 12); + cache_nonce = bin2hex (buf, 12, NULL); + } + if (cache_nonce + && !agent_put_cache (cache_nonce, CACHE_MODE_NONCE, + passphrase, CACHE_TTL_NONCE)) + { + assuan_write_status (ctx, "CACHE_NONCE", cache_nonce); + xfree (ctrl->server_local->last_cache_nonce); + ctrl->server_local->last_cache_nonce = cache_nonce; + cache_nonce = NULL; + } + } } else { |