Home GnuPG
Diffusion GnuPG 457bce5cd391

gpg: Improve passphrase caching.
457bce5cd391Unpublished
Actions

Unpublished Commit · Learn More

Not On Permanent Ref: This commit is not an ancestor of any permanent ref.

Description

gpg: Improve passphrase caching.

* agent/cache.c (last_stored_cache_key): New.
(agent_get_cache): Allow NULL for KEY.
(agent_store_cache_hit): New.
* agent/findkey.c (unprotect): Call new function and try to use the
last stored key.
* g10/revoke.c (create_revocation): Add arg CACHE_NONCE and pass to
make_keysig_packet.
(gen_standard_revoke): Add arg CACHE_NONCE and pass to
create_revocation.
* g10/keygen.c (do_generate_keypair): Call gen_standard_revoke with
cache nonce.

This patch adds two features:

  1. The key for the last passphrase successfully used for unprotecting

a key is stored away. On a cache miss the stored away passphrase is
tried as well. This helps for the common GPG use case of having a
signing and encryption (sub)key with the same passphrase. See the
code for more comments.

  1. The now auto-generated revocation certificate does not anymore

popup a passphrase prompt. Thus for standard key generation the
passphrase needs to be given only once (well, two with the
confirmation).

Details

Provenance
wernerAuthored on Sep 17 2014, 3:12 PM
Parents
rG83c2d2396cc9: gpg: Use algorithm id 22 for EdDSA.
Branches
Unknown
Tags
Unknown

Event Timeline

Werner Koch <wk@gnupg.org> committed rG457bce5cd391: gpg: Improve passphrase caching. (authored by Werner Koch <wk@gnupg.org>).Sep 17 2014, 3:12 PM

Changes (6)

PathSize
agent/
g10/

rG457bce5cd391

View Options

agent/agent.h

Loading...
View Options

agent/cache.c

Loading...
View Options

agent/findkey.c

Loading...
View Options

g10/keygen.c

Loading...
View Options

g10/main.h

Loading...
View Options

g10/revoke.c

Loading...