security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-03 22:56:33 +02:00
Code Activity

gpg: Fix leftover unprotected card backup key.

Browse source 
* agent/command.c (cmd_learn): Add option --reallyforce.
* agent/findkey.c (agent_write_private_key): Implement reallyforce.
Also add arg reallyforce and pass it along the call chain.

* g10/call-agent.c (agent_scd_learn): Pass --reallyforce with a
special force value.
* g10/keygen.c (card_store_key_with_backup): Use that force value.
--

This was a regression in 2.2.42.  We took the easy path to fix it by
getting the behaviour back to what we did prior to 2.2.42.  With GnuPG
2.4.4 we use an entire different and safer approach by introducing an
ephemeral private key store.

GnuPG-bug-id: 6944
This commit is contained in:
Werner Koch 2024-01-24 11:29:24 +01:00
parent 9938e8d3f4
commit 3b69d8bf71
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
10 changed files with 51 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

12
agent/command.c
View file

@ -1042,7 +1042,7 @@ cmd_readkey (assuan_context_t ctx, char *line)
/* Shadow-key is or is not available in our key storage. In
* any case we need to check whether we need to update with
* a new display-s/n or whatever. */
rc = agent_write_shadow_key (grip, serialno, keyid, pkbuf, 0,
rc = agent_write_shadow_key (grip, serialno, keyid, pkbuf, 0, 0,
dispserialno);
if (rc)
goto leave;
@ -1855,16 +1855,18 @@ cmd_learn (assuan_context_t ctx, char *line)
{
ctrl_t ctrl = assuan_get_pointer (ctx);
gpg_error_t err;
int send, sendinfo, force;
int send, sendinfo, force, reallyforce;
send = has_option (line, "--send");
sendinfo = send? 1 : has_option (line, "--sendinfo");
force = has_option (line, "--force");
reallyforce = has_option (line, "--reallyforce");
if (ctrl->restricted)
return leave_cmd (ctx, gpg_error (GPG_ERR_FORBIDDEN));
err = agent_handle_learn (ctrl, send, sendinfo? ctx : NULL, force);
err = agent_handle_learn (ctrl, send, sendinfo? ctx : NULL,
force, reallyforce);
return leave_cmd (ctx, err);
}
@ -2427,11 +2429,11 @@ cmd_import_key (assuan_context_t ctx, char *line)
err = agent_protect (key, passphrase, &finalkey, &finalkeylen,
ctrl->s2k_count);
if (!err)
err = agent_write_private_key (grip, finalkey, finalkeylen, force,
err = agent_write_private_key (grip, finalkey, finalkeylen, force, 0,
NULL, NULL, NULL, opt_timestamp);
}
else
err = agent_write_private_key (grip, key, realkeylen, force,
err = agent_write_private_key (grip, key, realkeylen, force, 0,
NULL, NULL, NULL, opt_timestamp);
leave: