diff options
| author | Werner Koch <[email protected]> | 2014-09-17 13:12:08 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2014-09-17 13:12:08 +0000 |
| commit | 457bce5cd39146df047e4740162125c32c738789 (patch) | |
| tree | 915fe264027c168e0c0610c983ef9d72c6e90a72 /common/exechelp-posix.c | |
| parent | gpg: Use algorithm id 22 for EdDSA. (diff) | |
| download | gnupg-457bce5cd39146df047e4740162125c32c738789.tar.gz gnupg-457bce5cd39146df047e4740162125c32c738789.zip | |
gpg: Improve passphrase caching.
* agent/cache.c (last_stored_cache_key): New.
(agent_get_cache): Allow NULL for KEY.
(agent_store_cache_hit): New.
* agent/findkey.c (unprotect): Call new function and try to use the
last stored key.
* g10/revoke.c (create_revocation): Add arg CACHE_NONCE and pass to
make_keysig_packet.
(gen_standard_revoke): Add arg CACHE_NONCE and pass to
create_revocation.
* g10/keygen.c (do_generate_keypair): Call gen_standard_revoke with
cache nonce.
--
This patch adds two features:
1. The key for the last passphrase successfully used for unprotecting
a key is stored away. On a cache miss the stored away passphrase is
tried as well. This helps for the common GPG use case of having a
signing and encryption (sub)key with the same passphrase. See the
code for more comments.
2. The now auto-generated revocation certificate does not anymore
popup a passphrase prompt. Thus for standard key generation the
passphrase needs to be given only once (well, two with the
confirmation).
Diffstat (limited to 'common/exechelp-posix.c')
0 files changed, 0 insertions, 0 deletions