g10: Allow receiving cleartext secret keys from agent

* g10/export.c (match_curve_skey_pk): New function, testing whether an OpenPGP public key and an S-expression use the same curve. * g10/export.c (cleartext_secret_key_to_openpgp): New function, filling in the secret key parameters of a PKT_public_key object from a corresponding cleartext S-expression. * g10/export.c, g10/main.h (receive_seckey_from_agent): Add cleartext parameter, enabling retrieval of the secret key, unlocked. * g10/export.c (do_export_stream): Send cleartext as 0, keeping current behavior. * g10/keygen.c (card_store_key_with_backup): Use cleartext=0 to ensure that smartcard backups are all passphrase-locked. -- This sets up internal functionality to be capable of exporting cleartext secret keys, but does not change any existing behavior. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2025-07-02 22:46:30 +02:00 · 2016-06-10 16:15:35 -04:00 · 2016-06-10 16:15:35 -04:00 · a3cb72af79
commit a3cb72af79
parent 7de7432076
3 changed files with 223 additions and 4 deletions
--- a/g10/keygen.c
+++ b/g10/keygen.c
@ -4075,7 +4075,7 @@ card_store_key_with_backup (ctrl_t ctrl, PKT_public_key *sub_psk,
      goto leave;
    }

-  err = receive_seckey_from_agent (ctrl, cipherhd, &cache_nonce, hexgrip, sk);
+  err = receive_seckey_from_agent (ctrl, cipherhd, 0, &cache_nonce, hexgrip, sk);
  if (err)
    {
      log_error ("error getting secret key from agent: %s\n", gpg_strerror (err));