agent: Add "ephemeral" Assuan option.

* agent/agent.h (struct ephemeral_private_key_s): New. (struct server_control_s): Add ephemeral_mode and ephemeral_keys. (GENKEY_FLAG_NO_PROTECTION, GENKEY_FLAG_PRESET): New. * agent/genkey.c (clear_ephemeral_keys): New. (store_key): Add arg ctrl and implement ephemeral_mode. Change all callers. (agent_genkey): Replace args no_protection and preset by a generic new flags arg. * agent/findkey.c (wipe_and_fclose): New. (agent_write_private_key): Add arg ctrl and implement ephemeral_mode. Change all callers. (agent_update_private_key): Ditto (read_key_file): Ditto. (agent_key_available): Ditto. * agent/command-ssh.c (card_key_available): Do not update display s/n in ephemeral mode. This is however enver triggred. * agent/gpg-agent.c (agent_deinit_default_ctrl): Cleanup ephemeral keys. * agent/command.c (cmd_genkey): Use the new flags instead of separate vars. (cmd_readkey): Create a shadow key only in non-ephemeral_mode. (cmd_getinfo): Add sub-command "ephemeral". (option_handler): Add option "ephemeral". -- The idea here that a session can be switched in an ephemeral mode which does not store or read keys from disk but keeps them local to the session. GnuPG-bug-id: 6944
2025-07-03 22:56:33 +02:00 · 2024-01-22 13:22:44 +01:00 · 2024-01-22 13:22:44 +01:00 · 434a641d40
commit 434a641d40
parent 18320d692c
11 changed files with 496 additions and 206 deletions
--- a/agent/learncard.c
+++ b/agent/learncard.c
@ -397,7 +397,7 @@ agent_handle_learn (ctrl_t ctrl, int send, void *assuan_context, int force)
      for (p=item->hexgrip, i=0; i < 20; p += 2, i++)
        grip[i] = xtoi_2 (p);

-      if (!force && !agent_key_available (grip))
+      if (!force && !agent_key_available (ctrl, grip))
        continue; /* The key is already available. */

      /* Unknown key - store it. */
@ -408,15 +408,17 @@ agent_handle_learn (ctrl_t ctrl, int send, void *assuan_context, int force)
          goto leave;
        }

-      {
-        char *dispserialno;
+      if (!ctrl->ephemeral_mode)
+        {
+          char *dispserialno;

-        agent_card_getattr (ctrl, "$DISPSERIALNO", &dispserialno,
-                            item->hexgrip);
-        rc = agent_write_shadow_key (grip, serialno, item->id, pubkey, force,
-                                     dispserialno);
-        xfree (dispserialno);
-      }
+          agent_card_getattr (ctrl, "$DISPSERIALNO", &dispserialno,
+                              item->hexgrip);
+          rc = agent_write_shadow_key (ctrl,
+                                       grip, serialno, item->id, pubkey, force,
+                                       dispserialno);
+          xfree (dispserialno);
+        }
      xfree (pubkey);
      if (rc)
        goto leave;