Home GnuPG
Diffusion GnuPG bf2724880fe5

gpg-agent: add new CACHE_MODE_EXPORT
bf2724880fe5Unpublished
Actions

Unpublished Commit ยท Learn More

Not On Permanent Ref: This commit is not an ancestor of any permanent ref.

Description

gpg-agent: add new CACHE_MODE_EXPORT

* agent/agent.h: define CACHE_MODE_EXPORT
* agent/call-pinentry.c (agent_askpin, agent_get_passphrase): use "e/"
as the prefix for SETKEYINFO when in CACHE_MODE_EXPORT.
(agent_clear_passphrase): allow clearing the export cache.
* agent/command.c (cmd_clear_passphrase): add --mode=export.
(cmd_export_key): use CACHE_MODE_EXPORT.
* tests/openpgp/export.scm: no need to feed passphrases during export,
already cached.

We don't want secret keys to be able to be exported automatically
based on the same system passphrase cache used by standard decryption
or signing operations.

So we introduce a "export" cache mode which can be used by EXPORT_KEY.

I confess i don't fully understand the changes made to
tests/openpgp/export.scm -- i'm not sure why the passphrase is already
supplied in this case.

  • Gnupg-Bug-Id: T4522
  • Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Details

Provenance
dkgAuthored on May 20 2019, 9:06 PM
Parents
rG110a4550179f: gpg: Do not delete any keys if --dry-run is passed.
Branches
Unknown
Tags
Unknown
References
dkg/fix-T4522

Changes (4)

PathSize
agent/
tests/
openpgp/

rGbf2724880fe5

View Options

agent/agent.h

Loading...
View Options

agent/call-pinentry.c

Loading...
View Options

agent/command.c

Loading...
View Options

tests/openpgp/export.scm

Loading...