diff options
Diffstat (limited to 'agent')
| -rw-r--r-- | agent/ChangeLog | 1 | ||||
| -rw-r--r-- | agent/findkey.c | 24 |
2 files changed, 23 insertions, 2 deletions
diff --git a/agent/ChangeLog b/agent/ChangeLog index 87c026b6a..59d1b31f2 100644 --- a/agent/ChangeLog +++ b/agent/ChangeLog @@ -13,6 +13,7 @@ * agent.h (CACHE_MODE_NONCE): New. * pksign.c (agent_pksign_do, agent_pksign): Add arg CACHE_NONCE. * findkey.c (agent_key_from_file): Ditto. + (unprotect): Implement it. 2010-08-31 Werner Koch <[email protected]> diff --git a/agent/findkey.c b/agent/findkey.c index c3336620b..5f98d59d6 100644 --- a/agent/findkey.c +++ b/agent/findkey.c @@ -275,7 +275,7 @@ modify_description (const char *in, const char *comment, char **result) description used for the pinentry. If LOOKUP_TTL is given this function is used to lookup the default ttl. */ static int -unprotect (ctrl_t ctrl, const char *desc_text, +unprotect (ctrl_t ctrl, const char *cache_nonce, const char *desc_text, unsigned char **keybuf, const unsigned char *grip, cache_mode_t cache_mode, lookup_ttl_t lookup_ttl) { @@ -288,6 +288,26 @@ unprotect (ctrl_t ctrl, const char *desc_text, bin2hex (grip, 20, hexgrip); + /* Initially try to get it using a cache nonce. */ + if (cache_nonce) + { + void *cache_marker; + const char *pw; + + pw = agent_get_cache (cache_nonce, CACHE_MODE_NONCE, &cache_marker); + if (pw) + { + rc = agent_unprotect (*keybuf, pw, NULL, &result, &resultlen); + agent_unlock_cache_entry (&cache_marker); + if (!rc) + { + xfree (*keybuf); + *keybuf = result; + return 0; + } + } + } + /* First try to get it from the cache - if there is none or we can't unprotect it, we fall back to ask the user */ if (cache_mode != CACHE_MODE_IGNORE) @@ -560,7 +580,7 @@ agent_key_from_file (ctrl_t ctrl, const char *cache_nonce, if (!rc) { - rc = unprotect (ctrl, desc_text_final, &buf, grip, + rc = unprotect (ctrl, cache_nonce, desc_text_final, &buf, grip, cache_mode, lookup_ttl); if (rc) log_error ("failed to unprotect the secret key: %s\n", |