security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

agent: Allow to pass a timestamp to genkey and import.

Browse source 
* agent/command.c (cmd_genkey): Add option --timestamp.
(cmd_import_key): Ditto.
* agent/genkey.c (store_key): Add arg timestamp and change callers.
(agent_genkey): Ditto.
* agent/findkey.c (write_extended_private_key): Add args timestamp and
newkey to write a Created line.
(agent_write_private_key): Add arg timestamp.
(agent_write_shadow_key): Ditto.
* agent/protect-tool.c (agent_write_private_key): Ditto as dummy arg.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
Backported-from-master: 0da923a124
Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2020-08-17 14:21:00 +02:00
parent 5b927b7b27
commit 051830d7b4
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
8 changed files with 138 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

36
agent/findkey.c
View file

@ -54,8 +54,8 @@ struct try_unprotect_arg_s
/* Note: Ownership of FNAME and FP are moved to this function. */
static gpg_error_t
write_extended_private_key (char *fname, estream_t fp, int update,
const void *buf, size_t len)
write_extended_private_key (char *fname, estream_t fp, int update, int newkey,
const void *buf, size_t len, time_t timestamp)
{
gpg_error_t err;
nvc_t pk = NULL;
@ -93,6 +93,19 @@ write_extended_private_key (char *fname, estream_t fp, int update,
if (err)
goto leave;
/* If a timestamp has been supplied and the key is new write a
* creation timestamp. (We double check that there is no Created
* item yet.)*/
if (timestamp && newkey && !nvc_lookup (pk, "Created:"))
{
gnupg_isotime_t timebuf;
epoch2isotime (timebuf, timestamp);
err = nvc_add (pk, "Created:", timebuf);
if (err)
goto leave;
}
err = es_fseek (fp, 0, SEEK_SET);
if (err)
goto leave;
@ -136,11 +149,13 @@ write_extended_private_key (char *fname, estream_t fp, int update,
}
/* Write an S-expression formatted key to our key storage. With FORCE
passed as true an existing key with the given GRIP will get
overwritten. */
* passed as true an existing key with the given GRIP will get
* overwritten. If TIMESTAMP is not zero and the key does not yet
* exists it will be recorded as creation date. */
int
agent_write_private_key (const unsigned char *grip,
const void *buffer, size_t length, int force)
const void *buffer, size_t length,
int force, time_t timestamp)
{
char *fname;
estream_t fp;
@ -208,17 +223,20 @@ agent_write_private_key (const unsigned char *grip,
if (first != '(')
{
/* Key is already in the extended format. */
return write_extended_private_key (fname, fp, 1, buffer, length);
return write_extended_private_key (fname, fp, 1, 0, buffer, length,
timestamp);
}
if (first == '(' && opt.enable_extended_key_format)
{
/* Key is in the old format - but we want the extended format. */
return write_extended_private_key (fname, fp, 0, buffer, length);
return write_extended_private_key (fname, fp, 0, 0, buffer, length,
timestamp);
}
}
if (opt.enable_extended_key_format)
return write_extended_private_key (fname, fp, 0, buffer, length);
return write_extended_private_key (fname, fp, 0, 1, buffer, length,
timestamp);
if (es_fwrite (buffer, length, 1, fp) != 1)
{
@ -1596,7 +1614,7 @@ agent_write_shadow_key (const unsigned char *grip,
}
len = gcry_sexp_canon_len (shdkey, 0, NULL, NULL);
err = agent_write_private_key (grip, shdkey, len, force);
err = agent_write_private_key (grip, shdkey, len, force, 0);
xfree (shdkey);
if (err)
log_error ("error writing key: %s\n", gpg_strerror (err));