Diffusion GnuPG ce5a7fb72b59

scd: Use a scdaemon internal key to protect the PIN cache IPC.

Authored by werner on Jan 9 2020, 12:00 PM.

Description

scd: Use a scdaemon internal key to protect the PIN cache IPC.

* agent/call-scd.c (handle_pincache_put): Do not decrypt.
(handle_pincache_get): New.
(inq_needpin): Call it.
* scd/command.c (set_key_for_pincache): New.
(pincache_put): Restructure and set key.
(pincache_get): Ditto.

This change does away with encrypting and decrypting the cached PIN in
the agent. There is no need for this we can simply cache the
cryptogram and let scdaemon decrypt after retrieving it from the
agent. This way we do not need to share a key between gpg-agent and
scdaemon and further the cached content is invalid after the scdaemon
process has been replaced.

  • Signed-off-by: Werner Koch <wk@gnupg.org>

Details

Committed
wernerJan 9 2020, 12:00 PM
Parents
rG57b8ed61ab93: agent: SSH: SCD KEYINFO to list available keys.
Branches
Unknown
Tags
Unknown