security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

agent: Make --disable-extended-key-format a dummy option.

Browse source 
* agent/agent.h (opt): Remove enable_extended_key_format.
* agent/gpg-agent.c (enum cmd_and_opt_values): Turn
oDisableExtendedKeyFormat and oEnableExtendedKeyFormat into dummy
options.

* agent/protect.c (do_encryption): Remove arg use_ocb and
corresponding code.
(agent_protect): Ditto.  Change all callers.

* agent/command.c (cmd_readkey): Do not test for key availability here
but defer that agent_write_shadow_key.

* agent/findkey.c (agent_write_private_key): Simplify due to the
removal of disable-extended-key-format.
(write_extended_private_key): Fold into agent_write_private_key.
Remove the maybe_update arg.
(agent_write_shadow_key): Ditto.  Simplify.
--

GnuPG-bug-id: 6386
Backported-from-master: 6d792ae2eb
But with large changes to get 2.2 more aligned with master again.  This
is not finished; in particular the bug is not fixed; this comes wit
the next patch.
This commit is contained in:
Werner Koch 2023-03-13 08:49:49 +01:00
parent db73f17f0c
commit 4f754caad8
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
12 changed files with 227 additions and 449 deletions
Download patch file Download diff file Expand all files Collapse all files

14
doc/gpg-agent.texi
View file

@ -632,16 +632,10 @@ remote machine.
@itemx --disable-extended-key-format
@opindex enable-extended-key-format
@opindex disable-extended-key-format
Since version 2.2.22 keys are created in the extended private key
format by default. Changing the passphrase of a key will also convert
the key to that new format. This key format is supported since GnuPG
version 2.1.12 and thus there should be no need to disable it.
Anyway, the disable option still allows to revert to the old behavior
for new keys; be aware that keys are never migrated back to the old
format. If the enable option has been used the disable option won't
have an effect. The advantage of the extended private key format is
that it is text based and can carry additional meta data. In extended
key format the OCB mode is used for key protection.
These options are obsolete and have no effect. The extended key format
is used for years now and has been supported since 2.1.12. Existing
keys in the old format are migrated to the new format as soon as they
are touched.
@anchor{option --enable-ssh-support}
@item --enable-ssh-support