security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity
gnupg/agent/cvt-openpgp.h

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

38 lines
1.7 KiB
C
Raw Permalink Normal View History

Import OpenPGP keys into the agent.
2010-08-31 17:58:39 +02:00
/* cvt-openpgp.h - Convert an OpenPGP key to our internal format.
* Copyright (C) 2010 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
Change all http://www.gnu.org in license notices to https:// --
2016-11-05 12:02:19 +01:00
* along with this program; if not, see <https://www.gnu.org/licenses/>.
Import OpenPGP keys into the agent.
2010-08-31 17:58:39 +02:00
*/
#ifndef GNUPG_AGENT_CVT_OPENPGP_H
#define GNUPG_AGENT_CVT_OPENPGP_H
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
gpg_error_t convert_from_openpgp (ctrl_t ctrl, gcry_sexp_t s_pgp,
agent: IMPORT_KEY with --force option fix. * agent/cvt-openpgp.c (convert_from_openpgp_main): Add an option not to check existing key. (convert_from_openpgp): Ditto. (convert_from_openpgp_native): Call convert_from_openpgp_main with dontcare_exist=0. * agent/command.c (cmd_import_key): Call with dontcare_exist=force.
2015-12-24 06:19:53 +01:00
int dontcare_exist,
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
unsigned char *grip, const char *prompt,
const char *cache_nonce,
unsigned char **r_key, char **r_passphrase);
Implement unattended OpenPGP secret key import. * agent/command.c (cmd_import_key): Add option --unattended. * agent/cvt-openpgp.c (convert_transfer_key): New. (do_unprotect): Factor some code out to ... (prepare_unprotect): new function. (convert_from_openpgp): Factor all code out to ... (convert_from_openpgp_main): this. Add arg 'passphrase'. Implement openpgp-native protection modes. (convert_from_openpgp_native): New. * agent/t-protect.c (convert_from_openpgp_native): New dummy fucntion * agent/protect-tool.c (convert_from_openpgp_native): Ditto. * agent/protect.c (agent_unprotect): Add arg CTRL. Adjust all callers. Support openpgp-native protection. * g10/call-agent.c (agent_import_key): Add arg 'unattended'. * g10/import.c (transfer_secret_keys): Use unattended in batch mode. -- With the gpg-agent taking care of the secret keys, the user needs to migrate existing keys from secring.gpg to the agent. This and also the standard import of secret keys required the user to unprotect the secret keys first, so that gpg-agent was able to re-protected them using its own scheme. With many secret keys this is quite some usability hurdle. In particular if a passphrase is not instantly available. To make this migration smoother, this patch implements an unattended key import/migration which delays the conversion to the gpg-agent format until the key is actually used. For example: gpg2 --batch --import mysecretkey.gpg works without any user interaction due to the use of --batch. Now if a key is used (e.g. "gpg2 -su USERID_FROM_MYSECRETKEY foo"), gpg-agent has to ask for the passphrase anyway, converts the key from the openpgp format to the internal format, signs, re-encrypts the key and tries to store it in the gpg-agent format to the disk. The next time, the internal format of the key is used. This patch has only been tested with the old demo keys, more tests with other protection formats and no protection are needed. Signed-off-by: Werner Koch <wk@gnupg.org>
2013-05-22 10:50:12 +02:00
gpg_error_t convert_from_openpgp_native (ctrl_t ctrl,
gcry_sexp_t s_pgp,
const char *passphrase,
unsigned char **r_key);
Import OpenPGP keys into the agent.
2010-08-31 17:58:39 +02:00
Nuked almost all trailing white space. We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
2011-02-04 12:57:53 +01:00
gpg_error_t convert_to_openpgp (ctrl_t ctrl, gcry_sexp_t s_key,
Exporting secret keys via gpg-agent is now basically supported. A couple of forward ported changes. Doc updates.
2010-10-01 22:33:53 +02:00
const char *passphrase,
unsigned char **r_transferkey,
size_t *r_transferkeylen);
Import OpenPGP keys into the agent.
2010-08-31 17:58:39 +02:00
#endif /*GNUPG_AGENT_CVT_OPENPGP_H*/