gpgsm: Allow unattended PKCS#12 export without passphrase.

* sm/gpgsm.c (oNoProtection): New.
(opts): Add "--no-protection".
(main): PArse it.
* sm/gpgsm.h (struct server_control_s): Add field no_protection.
* sm/server.c (option_handler): Add option "no-protection".
(reset_notify): Clear option.
* sm/export.c (export_p12): Use empty passphrase if option is set.

doc/gpgsm.texi

@@ -271,7 +271,8 @@ Export the private key and the certificate identified by @var{key-id}
 using the PKCS#12 format.  When used with the @code{--armor} option a few
 informational lines are prepended to the output.  Note, that the PKCS#12
 format is not very secure and proper transport security should be used
-to convey the exported key.  (@xref{option --p12-charset}.)
+to convey the exported key.  The option @code{--no-protection} can be
+used to export without passphrase protection.  (@xref{option --p12-charset}.)
 
 @item --export-secret-key-p8 @var{key-id}
 @itemx --export-secret-key-raw @var{key-id}
@@ -887,6 +888,13 @@ are:
   Pinentry the user is not prompted again if he enters a bad password.
 @end table
 
+@item --no-protection
+@opindex no-protection
+When exporting a private key in the PKCS#12 format do not use a
+passphrase to protect the key.  Please use this option only along with
+a PKCS#12 export becuase it may eventually also have an effect for
+other commands.
+
 @item --request-origin @var{origin}
 @opindex request-origin
 Tell gpgsm to assume that the operation ultimately originated at
@@ -1784,6 +1792,11 @@ encrypt operation.  Note that this option is ignored if
 @item input-size-hint
 This is the same as the @option{--input-size-hint} command line option.
 
+@item no-protection
+If @var{value} is true exported keys are not protected by a
+passphrase.  This can be reset with a value of 0 or a RESET command.
+This is the same as the command line option @option{--no-protection}.
+
 @end table
 
 @mansect see also

sm/export.c

@@ -316,11 +316,12 @@ gpgsm_export (ctrl_t ctrl, strlist_t names, estream_t stream)
 
 
 /* Export a certificate and its private key.  RAWMODE controls the
-   actual output:
+ * actual output:
-       0 - Private key and certificate in PKCS#12 format
+ *     0 - Private key and certificate in PKCS#12 format
-       1 - Only unencrypted private key in PKCS#8 format
+ *         (With --no-protection no PKSC#12 passphrase is used)
-       2 - Only unencrypted private key in PKCS#1 format
+ *     1 - Only unencrypted private key in PKCS#8 format
-    */
+ *     2 - Only unencrypted private key in PKCS#1 format
+ */
 void
 gpgsm_p12_export (ctrl_t ctrl, const char *name, estream_t stream, int rawmode)
 {
@@ -714,22 +715,27 @@ export_p12 (ctrl_t ctrl, const unsigned char *certimg, size_t certimglen,
 
   if (rawmode)
     {
-      /* Export in raw mode, that is only the pkcs#1/#8 private key. */
+      /* Export in raw mode, that is only the pkcs#1/#8 unprotected
+       * private key. */
       result = p12_raw_build (kparms, rawmode, &resultlen);
       if (!result)
         err = gpg_error (GPG_ERR_GENERAL);
     }
   else
     {
-      err = gpgsm_agent_ask_passphrase
+      if (!ctrl->no_protection)
-        (ctrl,
+        {
-         i18n_utf8 (N_("Please enter the passphrase to protect the "
+          err = gpgsm_agent_ask_passphrase
-                       "new PKCS#12 object.")),
+            (ctrl,
-         1, &passphrase);
+             i18n_utf8 (N_("Please enter the passphrase to protect the "
-      if (err)
+                           "new PKCS#12 object.")),
-        goto leave;
+             1, &passphrase);
+          if (err)
+            goto leave;
+        }
 
-      result = p12_build (kparms, certimg, certimglen, passphrase,
+      result = p12_build (kparms, certimg, certimglen,
+                          ctrl->no_protection? "" : passphrase,
                           opt.p12_charset, &resultlen);
       xfree (passphrase);
       passphrase = NULL;

sm/gpgsm.c

@@ -135,6 +135,7 @@ enum cmd_and_opt_values {
 
   oPassphraseFD,
   oPinentryMode,
+  oNoProtection,
   oRequestOrigin,
 
   oAssumeArmor,
@@ -436,6 +437,7 @@ static gpgrt_opt_t opts[] = {
   ARGPARSE_s_n (oDisableFdTranslation, "disable-fd-translation", "@"),
   ARGPARSE_s_i (oPassphraseFD,    "passphrase-fd", "@"),
   ARGPARSE_s_s (oPinentryMode,    "pinentry-mode", "@"),
+  ARGPARSE_s_n (oNoProtection,    "no-protection", "@"),
 
 
   ARGPARSE_header (NULL, N_("Other options")),
@@ -1178,6 +1180,10 @@ main ( int argc, char **argv)
             log_error (_("invalid pinentry mode '%s'\n"), pargs.r.ret_str);
 	  break;
 
+        case oNoProtection:
+          ctrl.no_protection = 1;
+          break;
+
         case oRequestOrigin:
           opt.request_origin = parse_request_origin (pargs.r.ret_str);
           if (opt.request_origin == -1)

sm/gpgsm.h

@@ -284,6 +284,8 @@ struct server_control_s
    * progress info and to decide on how to allocate buffers.  */
   uint64_t input_size_hint;
 
+  int no_protection;  /* No passphrase for PKCS#12 export.  */
+
   int create_base64;  /* Create base64 encoded output */
   int create_pem;     /* create PEM output */
   const char *pem_name; /* PEM name to use */

sm/server.c

@@ -318,6 +318,11 @@ option_handler (assuan_context_t ctx, const char *key, const char *value)
     {
       ctrl->input_size_hint = string_to_u64 (value);
     }
+  else if (!strcmp (key, "no-protection"))
+    {
+      int i = *value? atoi (value) : 0;
+      ctrl->no_protection = !!i;
+    }
   else
     err = gpg_error (GPG_ERR_UNKNOWN_OPTION);
 
@@ -338,6 +343,7 @@ reset_notify (assuan_context_t ctx, char *line)
   ctrl->server_local->recplist = NULL;
   ctrl->server_local->signerlist = NULL;
   ctrl->always_trust = 0;
+  ctrl->no_protection = 0;
   close_message_fp (ctrl);
   assuan_close_input_fd (ctx);
   assuan_close_output_fd (ctx);