Home GnuPG
Diffusion GnuPG ce5a7fb72b59

scd: Use a scdaemon internal key to protect the PIN cache IPC.
ce5a7fb72b59
Actions

Description

scd: Use a scdaemon internal key to protect the PIN cache IPC.

* agent/call-scd.c (handle_pincache_put): Do not decrypt.
(handle_pincache_get): New.
(inq_needpin): Call it.
* scd/command.c (set_key_for_pincache): New.
(pincache_put): Restructure and set key.
(pincache_get): Ditto.

This change does away with encrypting and decrypting the cached PIN in
the agent. There is no need for this we can simply cache the
cryptogram and let scdaemon decrypt after retrieving it from the
agent. This way we do not need to share a key between gpg-agent and
scdaemon and further the cached content is invalid after the scdaemon
process has been replaced.

  • Signed-off-by: Werner Koch <wk@gnupg.org>

Details

Provenance
wernerAuthored on Jan 9 2020, 12:00 PM
Parents
rG57b8ed61ab93: agent: SSH: SCD KEYINFO to list available keys.
Branches
Unknown
Tags
Unknown

Changes (4)

PathSize
agent/
common/
scd/

rGce5a7fb72b59

View Options

agent/cache.c

Loading...
View Options

agent/call-scd.c

Loading...
View Options

common/convert.c

Loading...
View Options

scd/command.c

Loading...