gpg: Improve passphrase caching.

* agent/cache.c (last_stored_cache_key): New. (agent_get_cache): Allow NULL for KEY. (agent_store_cache_hit): New. * agent/findkey.c (unprotect): Call new function and try to use the last stored key. * g10/revoke.c (create_revocation): Add arg CACHE_NONCE and pass to make_keysig_packet. (gen_standard_revoke): Add arg CACHE_NONCE and pass to create_revocation. * g10/keygen.c (do_generate_keypair): Call gen_standard_revoke with cache nonce. -- This patch adds two features: 1. The key for the last passphrase successfully used for unprotecting a key is stored away. On a cache miss the stored away passphrase is tried as well. This helps for the common GPG use case of having a signing and encryption (sub)key with the same passphrase. See the code for more comments. 2. The now auto-generated revocation certificate does not anymore popup a passphrase prompt. Thus for standard key generation the passphrase needs to be given only once (well, two with the confirmation).
2025-07-02 22:46:30 +02:00 · 2014-09-17 15:12:08 +02:00 · 2014-09-17 15:12:08 +02:00 · 457bce5cd3
commit 457bce5cd3
parent 83c2d2396c
6 changed files with 81 additions and 9 deletions
--- a/g10/revoke.c
+++ b/g10/revoke.c
@ -443,7 +443,8 @@ create_revocation (const char *filename,
                   struct revocation_reason_info *reason,
                   PKT_public_key *psk,
                   kbnode_t keyblock,
-                   const char *leadintext, int suffix)
+                   const char *leadintext, int suffix,
+                   const char *cache_nonce)
 {
  int rc;
  iobuf_t out = NULL;
@ -466,7 +467,7 @@ create_revocation (const char *filename,
  rc = make_keysig_packet (&sig, psk, NULL, NULL, psk, 0x20, 0,
                           opt.force_v4_certs? 4:0,
                           0, 0,
-                           revocation_reason_build_cb, reason, NULL);
+                           revocation_reason_build_cb, reason, cache_nonce);
  if (rc)
    {
      log_error (_("make_keysig_packet failed: %s\n"), g10_errstr (rc));
@ -511,9 +512,10 @@ create_revocation (const char *filename,
   by gpg's interactive key generation function.  The certificate is
   stored at a dedicated place in a slightly modified form to avoid an
   accidental import.  PSK is the primary key; a corresponding secret
-   key must be available.  */
+   key must be available.  CACHE_NONCE is optional but can be used to
+   help gpg-agent to avoid an extra passphrase prompt. */
 int
-gen_standard_revoke (PKT_public_key *psk)
+gen_standard_revoke (PKT_public_key *psk, const char *cache_nonce)
 {
  int rc;
  estream_t memfp;
@ -573,7 +575,7 @@ gen_standard_revoke (PKT_public_key *psk)

  reason.code = 0x00; /* No particular reason.  */
  reason.desc = NULL;
-  rc = create_revocation (fname, &reason, psk, NULL, leadin, 3);
+  rc = create_revocation (fname, &reason, psk, NULL, leadin, 3, cache_nonce);
  xfree (leadin);
  xfree (fname);

@ -662,7 +664,7 @@ gen_revoke (const char *uname)
  if (!opt.armor)
    tty_printf (_("ASCII armored output forced.\n"));

-  rc = create_revocation (NULL, reason, psk, keyblock, NULL, 0);
+  rc = create_revocation (NULL, reason, psk, keyblock, NULL, 0, NULL);
  if (rc)
    goto leave;