diff options
| author | Werner Koch <[email protected]> | 2019-03-18 12:07:14 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2019-03-18 12:16:51 +0000 |
| commit | 0e73214dd208fca4df26ac796416c6f25b3ae50d (patch) | |
| tree | d824b88bf549cd00de578b653995cd0ff32f55d5 /g10/parse-packet.c | |
| parent | gpg: Avoid importing secret keys if the keyblock is not valid. (diff) | |
| download | gnupg-0e73214dd208fca4df26ac796416c6f25b3ae50d.tar.gz gnupg-0e73214dd208fca4df26ac796416c6f25b3ae50d.zip | |
gpg: Allow import of PGP desktop exported secret keys.
* g10/import.c (NODE_TRANSFER_SECKEY): New.
(import): Add attic kludge.
(transfer_secret_keys): Add arg only_marked.
(resync_sec_with_pub_keyblock): Return removed seckeys via new arg
r_removedsecs.
(import_secret_one): New arg r_secattic. Change to take ownership of
arg keyblock. Implement extra secret key import logic. Factor some
code out to ...
(do_transfer): New.
(import_matching_seckeys): New.
--
The PGP desktops exported secret keys are really stupid. And they
even a have kind of exception in rfc4880 which does not rule that
out (section 11.2):
[...] Implementations SHOULD include self-signatures on any user
IDs and subkeys, as this allows for a complete public key to be
automatically extracted from the transferable secret key.
Implementations MAY choose to omit the self-signatures, especially
if a transferable public key accompanies the transferable secret
key.
Now if they would only put the public key before the secret
key. Anyway we now have a workaround for that ugliness.
GnuPG-bug-id: 4392
Signed-off-by: Werner Koch <[email protected]>
(cherry picked from commit 5205512fc092c53c0a52c8379ef2a129ce6e58a9)
Diffstat (limited to 'g10/parse-packet.c')
0 files changed, 0 insertions, 0 deletions