From d70a7987f74ba26089f020b2ea17d1a231761934 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Wed, 8 Jan 2025 14:04:23 +0100 Subject: [PATCH] gpg: Print a warning if the card backup key could not be written. * g10/keygen.c (card_write_key_to_backup_file): Fix error handing by removing the RC variable. Add warning note. -- GnuPG-bug-id: 2169 --- g10/keygen.c | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/g10/keygen.c b/g10/keygen.c index 077023f57..f30a74a22 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -5560,7 +5560,6 @@ static gpg_error_t card_write_key_to_backup_file (PKT_public_key *sk, const char *backup_dir) { gpg_error_t err = 0; - int rc; char keyid_buffer[2 * 8 + 1]; char name_buffer[50]; char *fname; @@ -5595,10 +5594,10 @@ card_write_key_to_backup_file (PKT_public_key *sk, const char *backup_dir) pkt->pkttype = PKT_SECRET_KEY; pkt->pkt.secret_key = sk; - rc = build_packet (fp, pkt); - if (rc) + err = build_packet (fp, pkt); + if (err) { - log_error ("build packet failed: %s\n", gpg_strerror (rc)); + log_error ("build packet failed: %s\n", gpg_strerror (err)); iobuf_cancel (fp); } else @@ -5642,6 +5641,7 @@ card_store_key_with_backup (ctrl_t ctrl, PKT_public_key *sub_psk, void *kek = NULL; size_t keklen; char *ecdh_param_str = NULL; + int key_is_on_card = 0; memset (&info, 0, sizeof (info)); @@ -5676,6 +5676,7 @@ card_store_key_with_backup (ctrl_t ctrl, PKT_public_key *sub_psk, if (err) goto leave; + key_is_on_card = 1; err = agent_keywrap_key (ctrl, 1, &kek, &keklen); if (err) { @@ -5713,6 +5714,15 @@ card_store_key_with_backup (ctrl_t ctrl, PKT_public_key *sub_psk, } leave: + if (err && key_is_on_card) + { + tty_printf (_( + "Warning: Although the key has been written to the card, a backup file was\n" + " not properly written to the disk. You may want to repeat the\n" + " entire operation or just create a new encryption key on the card.\n" + )); + } + xfree (info.serialno); xfree (ecdh_param_str); xfree (cache_nonce);