gpgsm: Allow CSR generation with an unprotected key.

* sm/call-agent.c (gpgsm_agent_genkey): Add arg no_protection. * sm/certreqgen.c (struct reqgen_ctrl_s): Add field no_protection. (read_parameters): Add keyword "%no-protection". (proc_parameters): Pass no_protection to gpgsm_agent_genkey.
2025-07-03 22:56:33 +02:00 · 2025-01-29 16:32:03 +01:00 · 2025-01-29 16:32:03 +01:00 · 89055f24f4
commit 89055f24f4
parent 2469dc5aae
4 changed files with 15 additions and 6 deletions
--- a/sm/certreqgen.c
+++ b/sm/certreqgen.c
@ -111,6 +111,7 @@ struct reqgen_ctrl_s
 {
  int lnr;
  int dryrun;
+  int no_protection;
 };


@ -302,6 +303,8 @@ read_parameters (ctrl_t ctrl, estream_t fp, estream_t out_fp)
            log_info ("%s\n", value);
          else if (!ascii_strcasecmp (keyword, "%dry-run"))
            outctrl.dryrun = 1;
+          else if (!ascii_strcasecmp (keyword, "%no-protection"))
+            outctrl.no_protection = 1;
          else if (!ascii_strcasecmp( keyword, "%commit"))
            {
              rc = proc_parameters (ctrl, para, out_fp, &outctrl);
@ -760,7 +763,7 @@ proc_parameters (ctrl_t ctrl, struct para_data_s *para,
          xfree (cardkeyid);
          return gpg_error (GPG_ERR_INV_PARAMETER);
        }
-      rc = gpgsm_agent_genkey (ctrl, keyparms, &public);
+      rc = gpgsm_agent_genkey (ctrl, outctrl->no_protection, keyparms, &public);
      if (rc)
        {
          r = get_parameter (para, pKEYTYPE, 0);