security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-03 22:56:33 +02:00
Code Activity

g10: Export cleartext keys as cleartext

Browse source 
* g10/export.c (do_export_stream): If a key is stored by the agent in
cleartext, then try to export it as cleartext.
* tests/openpgp/export.test: For secret keys that are stored in
cleartext, test should try to export without pinentry interaction.
--

This restores the behavior of GnuPG 2.0 and 1.4 when exporting
passphraseless secret keys, and fixes the test suite accordingly.

GnuPG-bug-id: 2070, 2324
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
This commit is contained in:
Daniel Kahn Gillmor 2016-06-10 16:15:36 -04:00 committed by Werner Koch
parent a3cb72af79
commit c41c46fa84
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
2 changed files with 7 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

28
tests/openpgp/export.test
View file

@ -61,8 +61,6 @@ assert_passphrases_consumed()
rm -f -- $logfile
}
# XXX: Currently, gpg does not allow one to export private keys
# without a passphrase (issue2070, issue2324).
export PINENTRY_USER_DATA="--logfile=$logfile --passphrasefile=$ppfile"
info "Checking key export."
@ -78,23 +76,13 @@ do
check_armored_public_key $KEY.public
rm $KEY.public
# test without --armor:
if [ $KEY = D74C5F22 ]; then
# Key D74C5F22 is protected by a passphrase. Prepare this
# one. Currently, GnuPG does not ask for an export passphrase
# in this case.
prepare_passphrase "$usrpass1"
else
# We use a weak passphrase which we'll have to confirm.
prepare_passphrase "export passphrase"
prepare_passphrase_confirm
prepare_passphrase "export passphrase"
# Key C40FDECF has a subkey.
if [ $KEY = C40FDECF ]; then
prepare_passphrase "export passphrase"
prepare_passphrase_confirm
prepare_passphrase "export passphrase"
fi
fi
$GPG --export-secret-keys $KEY >$KEY.private
@ -103,21 +91,13 @@ do
assert_passphrases_consumed
# test with --armor:
if [ $KEY = D74C5F22 ]; then
# Key D74C5F22 is protected by a passphrase. Prepare this
# one. Currently, GnuPG does not ask for an export passphrase
# in this case.
prepare_passphrase "$usrpass1"
else
# We use a stronger passphrase here.
prepare_passphrase "strong export passphrase H0LHWCHPkNa36A"
prepare_passphrase "strong export passphrase H0LHWCHPkNa36A"
# Key C40FDECF has a subkey.
if [ $KEY = C40FDECF ]; then
prepare_passphrase "strong export passphrase H0LHWCHPkNa36A"
prepare_passphrase "strong export passphrase H0LHWCHPkNa36A"
fi
fi
$GPG --armor --export-secret-keys $KEY >$KEY.private