mirror of
git://git.gnupg.org/gnupg.git
synced 2024-10-31 20:08:43 +01:00
gpg: Remove a mostly duplicated function.
* g10/export.c (receive_seckey_from_agent): Add arg r_key. (do_export_one_keyblock): Pass NULL for new arg. (receive_raw_seckey_from_agent): Remove. (export_secret_ssh_key): Use receive_seckey_from_agent. * g10/keygen.c (card_store_key_with_backup): Pass NULL for new arg.
This commit is contained in:
parent
0a93b5b96a
commit
1d88e14de7
113
g10/export.c
113
g10/export.c
@ -1249,28 +1249,45 @@ print_status_exported (PKT_public_key *pk)
|
|||||||
* clear.
|
* clear.
|
||||||
*
|
*
|
||||||
* CACHE_NONCE_ADDR is used to share nonce for multiple key retrievals.
|
* CACHE_NONCE_ADDR is used to share nonce for multiple key retrievals.
|
||||||
|
*
|
||||||
|
* If PK is NULL, the raw key is returned (e.g. for ssh export) at
|
||||||
|
* R_KEY. CLEARTEXT and CACHE_NONCE_ADDR ared ignored in this case.
|
||||||
*/
|
*/
|
||||||
gpg_error_t
|
gpg_error_t
|
||||||
receive_seckey_from_agent (ctrl_t ctrl, gcry_cipher_hd_t cipherhd,
|
receive_seckey_from_agent (ctrl_t ctrl, gcry_cipher_hd_t cipherhd,
|
||||||
int cleartext,
|
int cleartext,
|
||||||
char **cache_nonce_addr, const char *hexgrip,
|
char **cache_nonce_addr, const char *hexgrip,
|
||||||
PKT_public_key *pk)
|
PKT_public_key *pk, gcry_sexp_t *r_key)
|
||||||
{
|
{
|
||||||
gpg_error_t err = 0;
|
gpg_error_t err = 0;
|
||||||
unsigned char *wrappedkey = NULL;
|
unsigned char *wrappedkey = NULL;
|
||||||
size_t wrappedkeylen;
|
size_t wrappedkeylen;
|
||||||
unsigned char *key = NULL;
|
unsigned char *key = NULL;
|
||||||
size_t keylen, realkeylen;
|
size_t keylen, realkeylen;
|
||||||
gcry_sexp_t s_skey;
|
gcry_sexp_t s_skey = NULL;
|
||||||
char *prompt;
|
char *prompt;
|
||||||
|
|
||||||
|
if (r_key)
|
||||||
|
*r_key = NULL;
|
||||||
if (opt.verbose)
|
if (opt.verbose)
|
||||||
log_info ("key %s: asking agent for the secret parts\n", hexgrip);
|
log_info ("key %s: asking agent for the secret parts\n", hexgrip);
|
||||||
|
|
||||||
prompt = gpg_format_keydesc (ctrl, pk, FORMAT_KEYDESC_EXPORT,1);
|
if (pk)
|
||||||
err = agent_export_key (ctrl, hexgrip, prompt, !cleartext, cache_nonce_addr,
|
{
|
||||||
&wrappedkey, &wrappedkeylen,
|
prompt = gpg_format_keydesc (ctrl, pk, FORMAT_KEYDESC_EXPORT, 1);
|
||||||
pk->keyid, pk->main_keyid, pk->pubkey_algo);
|
err = agent_export_key (ctrl, hexgrip, prompt, !cleartext,
|
||||||
|
cache_nonce_addr,
|
||||||
|
&wrappedkey, &wrappedkeylen,
|
||||||
|
pk->keyid, pk->main_keyid, pk->pubkey_algo);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
prompt = gpg_format_keydesc (ctrl, NULL, FORMAT_KEYDESC_KEYGRIP, 1);
|
||||||
|
err = agent_export_key (ctrl, hexgrip, prompt, 0,
|
||||||
|
NULL,
|
||||||
|
&wrappedkey, &wrappedkeylen,
|
||||||
|
NULL, NULL, 0);
|
||||||
|
}
|
||||||
xfree (prompt);
|
xfree (prompt);
|
||||||
|
|
||||||
if (err)
|
if (err)
|
||||||
@ -1297,14 +1314,19 @@ receive_seckey_from_agent (ctrl_t ctrl, gcry_cipher_hd_t cipherhd,
|
|||||||
err = gcry_sexp_sscan (&s_skey, NULL, key, realkeylen);
|
err = gcry_sexp_sscan (&s_skey, NULL, key, realkeylen);
|
||||||
if (!err)
|
if (!err)
|
||||||
{
|
{
|
||||||
if (cleartext)
|
if (pk && cleartext)
|
||||||
err = cleartext_secret_key_to_openpgp (s_skey, pk);
|
err = cleartext_secret_key_to_openpgp (s_skey, pk);
|
||||||
else
|
else if (pk)
|
||||||
err = transfer_format_to_openpgp (s_skey, pk);
|
err = transfer_format_to_openpgp (s_skey, pk);
|
||||||
gcry_sexp_release (s_skey);
|
else if (r_key)
|
||||||
|
{
|
||||||
|
*r_key = s_skey;
|
||||||
|
s_skey = NULL;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
unwraperror:
|
unwraperror:
|
||||||
|
gcry_sexp_release (s_skey);
|
||||||
xfree (key);
|
xfree (key);
|
||||||
xfree (wrappedkey);
|
xfree (wrappedkey);
|
||||||
if (err)
|
if (err)
|
||||||
@ -1811,7 +1833,7 @@ do_export_one_keyblock (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid,
|
|||||||
{
|
{
|
||||||
err = receive_seckey_from_agent (ctrl, cipherhd,
|
err = receive_seckey_from_agent (ctrl, cipherhd,
|
||||||
cleartext, &cache_nonce,
|
cleartext, &cache_nonce,
|
||||||
hexgrip, pk);
|
hexgrip, pk, NULL);
|
||||||
if (err)
|
if (err)
|
||||||
{
|
{
|
||||||
if (gpg_err_code (err) == GPG_ERR_FULLY_CANCELED)
|
if (gpg_err_code (err) == GPG_ERR_FULLY_CANCELED)
|
||||||
@ -2714,74 +2736,6 @@ export_ssh_key (ctrl_t ctrl, const char *userid)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/* Simplified version of receive_seckey_from_agent used to get the raw
|
|
||||||
* key. */
|
|
||||||
gpg_error_t
|
|
||||||
receive_raw_seckey_from_agent (ctrl_t ctrl, gcry_cipher_hd_t cipherhd,
|
|
||||||
const char *hexgrip, gcry_sexp_t *r_key)
|
|
||||||
{
|
|
||||||
gpg_error_t err = 0;
|
|
||||||
unsigned char *wrappedkey = NULL;
|
|
||||||
size_t wrappedkeylen;
|
|
||||||
unsigned char *key = NULL;
|
|
||||||
size_t keylen, realkeylen;
|
|
||||||
gcry_sexp_t s_skey = NULL;
|
|
||||||
|
|
||||||
*r_key = NULL;
|
|
||||||
if (opt.verbose)
|
|
||||||
log_info ("key %s: asking agent for the secret parts\n", hexgrip);
|
|
||||||
|
|
||||||
{
|
|
||||||
char * prompt = gpg_format_keydesc (ctrl, NULL, FORMAT_KEYDESC_KEYGRIP, 1);
|
|
||||||
err = agent_export_key (ctrl, hexgrip, prompt, 0, NULL,
|
|
||||||
&wrappedkey, &wrappedkeylen,
|
|
||||||
NULL, NULL, 0);
|
|
||||||
xfree (prompt);
|
|
||||||
}
|
|
||||||
if (err)
|
|
||||||
goto leave;
|
|
||||||
|
|
||||||
if (wrappedkeylen < 24)
|
|
||||||
{
|
|
||||||
err = gpg_error (GPG_ERR_INV_LENGTH);
|
|
||||||
goto leave;
|
|
||||||
}
|
|
||||||
keylen = wrappedkeylen - 8;
|
|
||||||
key = xtrymalloc_secure (keylen);
|
|
||||||
if (!key)
|
|
||||||
{
|
|
||||||
err = gpg_error_from_syserror ();
|
|
||||||
goto leave;
|
|
||||||
}
|
|
||||||
err = gcry_cipher_decrypt (cipherhd, key, keylen, wrappedkey, wrappedkeylen);
|
|
||||||
if (err)
|
|
||||||
goto leave;
|
|
||||||
realkeylen = gcry_sexp_canon_len (key, keylen, NULL, &err);
|
|
||||||
if (!realkeylen)
|
|
||||||
goto leave; /* Invalid csexp. */
|
|
||||||
|
|
||||||
err = gcry_sexp_sscan (&s_skey, NULL, key, realkeylen);
|
|
||||||
if (!err)
|
|
||||||
{
|
|
||||||
gcry_log_debugsxp ("skey", s_skey);
|
|
||||||
*r_key = s_skey;
|
|
||||||
s_skey = NULL;
|
|
||||||
}
|
|
||||||
|
|
||||||
leave:
|
|
||||||
gcry_sexp_release (s_skey);
|
|
||||||
xfree (key);
|
|
||||||
xfree (wrappedkey);
|
|
||||||
if (err)
|
|
||||||
{
|
|
||||||
log_error ("key %s: error receiving key from agent:"
|
|
||||||
" %s%s\n", hexgrip, gpg_strerror (err),
|
|
||||||
"");
|
|
||||||
}
|
|
||||||
return err;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
/* Export the key identified by USERID in the SSH secret key format.
|
/* Export the key identified by USERID in the SSH secret key format.
|
||||||
* The USERID must be given in keygrip format (prefixed with a '&')
|
* The USERID must be given in keygrip format (prefixed with a '&')
|
||||||
* and thus no OpenPGP key is required. The exported key is not
|
* and thus no OpenPGP key is required. The exported key is not
|
||||||
@ -2827,7 +2781,8 @@ export_secret_ssh_key (ctrl_t ctrl, const char *userid)
|
|||||||
if ((err = get_keywrap_key (ctrl, &cipherhd)))
|
if ((err = get_keywrap_key (ctrl, &cipherhd)))
|
||||||
goto leave;
|
goto leave;
|
||||||
|
|
||||||
err = receive_raw_seckey_from_agent (ctrl, cipherhd, hexgrip, &skey);
|
err = receive_seckey_from_agent (ctrl, cipherhd, 0, NULL, hexgrip, NULL,
|
||||||
|
&skey);
|
||||||
if (err)
|
if (err)
|
||||||
goto leave;
|
goto leave;
|
||||||
|
|
||||||
|
@ -5287,7 +5287,7 @@ card_store_key_with_backup (ctrl_t ctrl, PKT_public_key *sub_psk,
|
|||||||
}
|
}
|
||||||
|
|
||||||
err = receive_seckey_from_agent (ctrl, cipherhd, 0,
|
err = receive_seckey_from_agent (ctrl, cipherhd, 0,
|
||||||
&cache_nonce, hexgrip, sk);
|
&cache_nonce, hexgrip, sk, NULL);
|
||||||
if (err)
|
if (err)
|
||||||
{
|
{
|
||||||
log_error ("error getting secret key from agent: %s\n",
|
log_error ("error getting secret key from agent: %s\n",
|
||||||
|
@ -434,7 +434,7 @@ gpg_error_t receive_seckey_from_agent (ctrl_t ctrl, gcry_cipher_hd_t cipherhd,
|
|||||||
int cleartext,
|
int cleartext,
|
||||||
char **cache_nonce_addr,
|
char **cache_nonce_addr,
|
||||||
const char *hexgrip,
|
const char *hexgrip,
|
||||||
PKT_public_key *pk);
|
PKT_public_key *pk, gcry_sexp_t *r_key);
|
||||||
|
|
||||||
gpg_error_t write_keyblock_to_output (kbnode_t keyblock,
|
gpg_error_t write_keyblock_to_output (kbnode_t keyblock,
|
||||||
int with_armor, unsigned int options);
|
int with_armor, unsigned int options);
|
||||||
|
Loading…
Reference in New Issue
Block a user