diff options
| -rw-r--r-- | g10/call-agent.c | 31 | ||||
| -rw-r--r-- | g10/call-agent.h | 5 | ||||
| -rw-r--r-- | g10/import.c | 3 | ||||
| -rw-r--r-- | g10/keygen.c | 2 | ||||
| -rw-r--r-- | sm/call-agent.c | 14 |
5 files changed, 43 insertions, 12 deletions
diff --git a/g10/call-agent.c b/g10/call-agent.c index 86040edc7..806475de9 100644 --- a/g10/call-agent.c +++ b/g10/call-agent.c @@ -2334,11 +2334,12 @@ inq_genkey_parms (void *opaque, const char *line) gcry_pk_genkey. If NO_PROTECTION is true the agent is advised not to protect the generated key. If NO_PROTECTION is not set and PASSPHRASE is not NULL the agent is requested to protect the key - with that passphrase instead of asking for one. */ + with that passphrase instead of asking for one. TIMESTAMP is the + creation time of the key or zero. */ gpg_error_t agent_genkey (ctrl_t ctrl, char **cache_nonce_addr, char **passwd_nonce_addr, const char *keyparms, int no_protection, - const char *passphrase, gcry_sexp_t *r_pubkey) + const char *passphrase, time_t timestamp, gcry_sexp_t *r_pubkey) { gpg_error_t err; struct genkey_parm_s gk_parm; @@ -2347,6 +2348,7 @@ agent_genkey (ctrl_t ctrl, char **cache_nonce_addr, char **passwd_nonce_addr, membuf_t data; size_t len; unsigned char *buf; + char timestamparg[16 + 16]; /* The 2nd 16 is sizeof(gnupg_isotime_t) */ char line[ASSUAN_LINELENGTH]; memset (&dfltparm, 0, sizeof dfltparm); @@ -2358,6 +2360,14 @@ agent_genkey (ctrl_t ctrl, char **cache_nonce_addr, char **passwd_nonce_addr, return err; dfltparm.ctx = agent_ctx; + if (timestamp) + { + strcpy (timestamparg, " --timestamp="); + epoch2isotime (timestamparg+13, timestamp); + } + else + *timestamparg = 0; + if (passwd_nonce_addr && *passwd_nonce_addr) ; /* A RESET would flush the passwd nonce cache. */ else @@ -2372,7 +2382,8 @@ agent_genkey (ctrl_t ctrl, char **cache_nonce_addr, char **passwd_nonce_addr, gk_parm.dflt = &dfltparm; gk_parm.keyparms = keyparms; gk_parm.passphrase = passphrase; - snprintf (line, sizeof line, "GENKEY%s%s%s%s%s", + snprintf (line, sizeof line, "GENKEY%s%s%s%s%s%s", + *timestamparg? timestamparg : "", no_protection? " --no-protection" : passphrase ? " --inq-passwd" : /* */ "", @@ -2786,11 +2797,12 @@ inq_import_key_parms (void *opaque, const char *line) gpg_error_t agent_import_key (ctrl_t ctrl, const char *desc, char **cache_nonce_addr, const void *key, size_t keylen, int unattended, int force, - u32 *keyid, u32 *mainkeyid, int pubkey_algo) + u32 *keyid, u32 *mainkeyid, int pubkey_algo, u32 timestamp) { gpg_error_t err; struct import_key_parm_s parm; struct cache_nonce_parm_s cn_parm; + char timestamparg[16 + 16]; /* The 2nd 16 is sizeof(gnupg_isotime_t) */ char line[ASSUAN_LINELENGTH]; struct default_inq_parm_s dfltparm; @@ -2805,6 +2817,14 @@ agent_import_key (ctrl_t ctrl, const char *desc, char **cache_nonce_addr, return err; dfltparm.ctx = agent_ctx; + if (timestamp) + { + strcpy (timestamparg, " --timestamp="); + epoch2isotime (timestamparg+13, timestamp); + } + else + *timestamparg = 0; + if (desc) { snprintf (line, DIM(line), "SETKEYDESC %s", desc); @@ -2818,7 +2838,8 @@ agent_import_key (ctrl_t ctrl, const char *desc, char **cache_nonce_addr, parm.key = key; parm.keylen = keylen; - snprintf (line, sizeof line, "IMPORT_KEY%s%s%s%s", + snprintf (line, sizeof line, "IMPORT_KEY%s%s%s%s%s", + *timestamparg? timestamparg : "", unattended? " --unattended":"", force? " --force":"", cache_nonce_addr && *cache_nonce_addr? " ":"", diff --git a/g10/call-agent.h b/g10/call-agent.h index 2305f33e0..8f929be27 100644 --- a/g10/call-agent.h +++ b/g10/call-agent.h @@ -190,7 +190,7 @@ gpg_error_t agent_get_keyinfo (ctrl_t ctrl, const char *hexkeygrip, gpg_error_t agent_genkey (ctrl_t ctrl, char **cache_nonce_addr, char **passwd_nonce_addr, const char *keyparms, int no_protection, - const char *passphrase, + const char *passphrase, time_t timestamp, gcry_sexp_t *r_pubkey); /* Read a public key. FROMCARD may be 0, 1, or 2. */ @@ -220,7 +220,8 @@ gpg_error_t agent_keywrap_key (ctrl_t ctrl, int forexport, gpg_error_t agent_import_key (ctrl_t ctrl, const char *desc, char **cache_nonce_addr, const void *key, size_t keylen, int unattended, int force, - u32 *keyid, u32 *mainkeyid, int pubkey_algo); + u32 *keyid, u32 *mainkeyid, int pubkey_algo, + u32 timestamp); /* Receive a key from the agent. */ gpg_error_t agent_export_key (ctrl_t ctrl, const char *keygrip, diff --git a/g10/import.c b/g10/import.c index b7101a9bf..1e9532d38 100644 --- a/g10/import.c +++ b/g10/import.c @@ -2667,7 +2667,8 @@ transfer_secret_keys (ctrl_t ctrl, struct import_stats_s *stats, char *desc = gpg_format_keydesc (ctrl, pk, FORMAT_KEYDESC_IMPORT, 1); err = agent_import_key (ctrl, desc, &cache_nonce, wrappedkey, wrappedkeylen, batch, force, - pk->keyid, pk->main_keyid, pk->pubkey_algo); + pk->keyid, pk->main_keyid, pk->pubkey_algo, + pk->timestamp); xfree (desc); } if (!err) diff --git a/g10/keygen.c b/g10/keygen.c index 776896228..cf34d8f99 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -1523,7 +1523,7 @@ common_gen (const char *keyparms, int algo, const char *algoelem, err = agent_genkey (NULL, cache_nonce_addr, passwd_nonce_addr, keyparms, !!(keygen_flags & KEYGEN_FLAG_NO_PROTECTION), - passphrase, + passphrase, timestamp, &s_key); if (err) { diff --git a/sm/call-agent.c b/sm/call-agent.c index 5f0e8ed61..0b556a7e5 100644 --- a/sm/call-agent.c +++ b/sm/call-agent.c @@ -639,7 +639,7 @@ inq_genkey_parms (void *opaque, const char *line) -/* Call the agent to generate a newkey */ +/* Call the agent to generate a new key */ int gpgsm_agent_genkey (ctrl_t ctrl, ksba_const_sexp_t keyparms, ksba_sexp_t *r_pubkey) @@ -649,6 +649,8 @@ gpgsm_agent_genkey (ctrl_t ctrl, membuf_t data; size_t len; unsigned char *buf; + gnupg_isotime_t timebuf; + char line[ASSUAN_LINELENGTH]; *r_pubkey = NULL; rc = start_agent (ctrl); @@ -666,7 +668,9 @@ gpgsm_agent_genkey (ctrl_t ctrl, gk_parm.sexplen = gcry_sexp_canon_len (keyparms, 0, NULL, NULL); if (!gk_parm.sexplen) return gpg_error (GPG_ERR_INV_VALUE); - rc = assuan_transact (agent_ctx, "GENKEY", + gnupg_get_isotime (timebuf); + snprintf (line, sizeof line, "GENKEY --timestamp=%s", timebuf); + rc = assuan_transact (agent_ctx, line, put_membuf_cb, &data, inq_genkey_parms, &gk_parm, NULL, NULL); if (rc) @@ -1418,6 +1422,8 @@ gpgsm_agent_import_key (ctrl_t ctrl, const void *key, size_t keylen) { gpg_error_t err; struct import_key_parm_s parm; + gnupg_isotime_t timebuf; + char line[ASSUAN_LINELENGTH]; err = start_agent (ctrl); if (err) @@ -1428,7 +1434,9 @@ gpgsm_agent_import_key (ctrl_t ctrl, const void *key, size_t keylen) parm.key = key; parm.keylen = keylen; - err = assuan_transact (agent_ctx, "IMPORT_KEY", + gnupg_get_isotime (timebuf); + snprintf (line, sizeof line, "IMPORT_KEY --timestamp=%s", timebuf); + err = assuan_transact (agent_ctx, line, NULL, NULL, inq_import_key_parms, &parm, NULL, NULL); return err; } |