security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-02-13 18:33:03 +01:00
Code Activity

gpg: Store Link attributes for composite keys.

Browse Source 
* g10/call-agent.c (agent_crosslink_keys): New.
* g10/keygen.c (common_gen): Store the Link attribute.
--

The Link attribute may be useful to quickly find the other part of a
composite private key.

GnuPG-bug-id: 6638
This commit is contained in:
Werner Koch 2025-02-07 11:10:09 +01:00
parent 00c31f8b04
commit 3738b0a99a
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
3 changed files with 57 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
g10/call-agent.c
View File

@ -2673,6 +2673,30 @@ agent_genkey (ctrl_t ctrl, char **cache_nonce_addr, char **passwd_nonce_addr,
} }
/* Add the Link attribute to both given keys. */
gpg_error_t
agent_crosslink_keys (ctrl_t ctrl, const char *hexgrip1, const char *hexgrip2)
{
gpg_error_t err;
char line[ASSUAN_LINELENGTH];
err = start_agent (ctrl, 0);
if (err)
goto leave;
snprintf (line, sizeof line, "KEYATTR %s Link: %s", hexgrip1, hexgrip2);
err = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
if (err)
goto leave;
snprintf (line, sizeof line, "KEYATTR %s Link: %s", hexgrip2, hexgrip1);
err = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
leave:
return err;
}
/* Call the agent to read the public key part for a given keygrip. /* Call the agent to read the public key part for a given keygrip.
* Values from FROMCARD: * Values from FROMCARD:

4
g10/call-agent.h
View File

@ -202,6 +202,10 @@ gpg_error_t agent_genkey (ctrl_t ctrl,
const char *passphrase, time_t timestamp, const char *passphrase, time_t timestamp,
gcry_sexp_t *r_pubkey); gcry_sexp_t *r_pubkey);
/* Apply the Link attributes. */
gpg_error_t agent_crosslink_keys (ctrl_t ctrl,
const char *hexgrip1, const char *hexgrip2);
/* Read a public key. FROMCARD may be 0, 1, or 2. */ /* Read a public key. FROMCARD may be 0, 1, or 2. */
gpg_error_t agent_readkey (ctrl_t ctrl, int fromcard, const char *hexkeygrip, gpg_error_t agent_readkey (ctrl_t ctrl, int fromcard, const char *hexkeygrip,
unsigned char **r_pubkey); unsigned char **r_pubkey);

29
g10/keygen.c
View File

@ -1859,6 +1859,10 @@ common_gen (const char *keyparms, const char *keyparms2,
if (keyparms2) if (keyparms2)
{ {
unsigned char tmpgrip[KEYGRIP_LEN];
char hexgrip1[2*KEYGRIP_LEN+1];
char hexgrip2[2*KEYGRIP_LEN+1];
err = agent_genkey (NULL, NULL, NULL, keyparms2, err = agent_genkey (NULL, NULL, NULL, keyparms2,
1 /* No protection */, 1 /* No protection */,
NULL, timestamp, NULL, timestamp,
@ -1870,6 +1874,31 @@ common_gen (const char *keyparms, const char *keyparms2,
gcry_sexp_release (s_key); gcry_sexp_release (s_key);
return err; return err;
} }
if (!gcry_pk_get_keygrip (s_key, tmpgrip))
{
log_error ("error computing keygrip for generated key\n");
gcry_sexp_release (s_key);
gcry_sexp_release (s_key2);
return gpg_error (GPG_ERR_GENERAL);
}
bin2hex (tmpgrip, KEYGRIP_LEN, hexgrip1);
if (!gcry_pk_get_keygrip (s_key2, tmpgrip))
{
log_error ("error computing keygrip for generated key\n");
gcry_sexp_release (s_key);
gcry_sexp_release (s_key2);
return gpg_error (GPG_ERR_GENERAL);
}
bin2hex (tmpgrip, KEYGRIP_LEN, hexgrip2);
err = agent_crosslink_keys (NULL, hexgrip1, hexgrip2);
if (err)
{
log_error ("error setting link attributes for generated keys\n");
gcry_sexp_release (s_key);
gcry_sexp_release (s_key2);
return gpg_error (GPG_ERR_GENERAL);
}
} }
if (common_gen_cb && common_gen_cb_parm) if (common_gen_cb && common_gen_cb_parm)