diff options
| author | Werner Koch <[email protected]> | 2025-11-16 16:49:52 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2025-11-16 16:57:14 +0000 |
| commit | 47bab26daf035ffdce97e4957bdb6ad12dbea506 (patch) | |
| tree | efb6029844d8de1169d206730cee85af50fb2760 /g10/call-agent.c | |
| parent | gpg: Change the mode1003 format for composite keys. (diff) | |
| download | gnupg-47bab26daf035ffdce97e4957bdb6ad12dbea506.tar.gz gnupg-47bab26daf035ffdce97e4957bdb6ad12dbea506.zip | |
gpg: Allow the import of Kyber secret keys.
* g10/import.c (transfer_secret_keys): Handle mode 1003.
* g10/call-agent.c (agent_import_key): Add arg mode1003.
* common/sexputil.c (make_canon_sexp): Create in secmem when the input
was in secmem.
* agent/findkey.c (agent_write_private_key): Add arg 'linkattr' and
change all callers.
* agent/command.c (cmd_import_key): Add option '--mode1003'.
Reorganize code and implement support for composite keys.
--
GnuPG-bug-id: 7315
Diffstat (limited to 'g10/call-agent.c')
| -rw-r--r-- | g10/call-agent.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/g10/call-agent.c b/g10/call-agent.c index bba6fa833..a1a48c75c 100644 --- a/g10/call-agent.c +++ b/g10/call-agent.c @@ -3106,7 +3106,8 @@ inq_import_key_parms (void *opaque, const char *line) /* Call the agent to import a key into the agent. */ gpg_error_t -agent_import_key (ctrl_t ctrl, const char *desc, char **cache_nonce_addr, +agent_import_key (ctrl_t ctrl, const char *desc, int mode1003, + char **cache_nonce_addr, const void *key, size_t keylen, int unattended, int force, u32 *keyid, u32 *mainkeyid, int pubkey_algo, u32 timestamp) { @@ -3128,6 +3129,12 @@ agent_import_key (ctrl_t ctrl, const char *desc, char **cache_nonce_addr, return err; dfltparm.ctx = agent_ctx; + /* Check that the gpg-agent supports the --mode1003 option. */ + if (mode1003 && assuan_transact (agent_ctx, + "GETINFO cmd_has_option IMPORT_KEY mode1003", + NULL, NULL, NULL, NULL, NULL, NULL)) + return gpg_error (GPG_ERR_NOT_SUPPORTED); + /* Do not use our cache of secret keygrips anymore - this command * would otherwise requiring to update that cache. */ if (ctrl && ctrl->secret_keygrips) @@ -3157,9 +3164,10 @@ agent_import_key (ctrl_t ctrl, const char *desc, char **cache_nonce_addr, parm.key = key; parm.keylen = keylen; - snprintf (line, sizeof line, "IMPORT_KEY%s%s%s%s%s", + snprintf (line, sizeof line, "IMPORT_KEY%s%s%s%s%s%s", *timestamparg? timestamparg : "", unattended? " --unattended":"", + mode1003? " --mode1003":"", force? " --force":"", cache_nonce_addr && *cache_nonce_addr? " ":"", cache_nonce_addr && *cache_nonce_addr? *cache_nonce_addr:""); |