[git] GnuPG - branch, master, updated. gnupg-2.1.10-42-g72eaff1
by NIIBE Yutaka
cvs at cvs.gnupg.org
Fri Dec 18 02:26:20 CET 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 72eaff1aa610f3c89a755f212760157e1932d847 (commit)
via b30c15bf7c5336c4abb1f9dcd974cd77ba6c61a7 (commit)
from e644aa7f5943174e3f7ba9408af71531fd125a0b (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 72eaff1aa610f3c89a755f212760157e1932d847
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Fri Dec 18 10:18:22 2015 +0900
g10: Remove deprecated internal functions.
* g10/keygen.c (do_ask_passphrase, generate_raw_key)
(gen_card_key_with_backup, save_unprotected_key_to_card): Remove.
--
Now, key generation is done by gpg-agent. Asking passphrase is done
through pinentry invoked by gpg-agent. It is done by
new internal function of card_store_key_with_backup.
diff --git a/g10/keygen.c b/g10/keygen.c
index 9259ff3..c50e04d 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -2701,56 +2701,6 @@ ask_user_id (int mode, int full, KBNODE keyblock)
}
-/* MODE 0 - standard
- 1 - Ask for passphrase of the card backup key. */
-#if 0
-static DEK *
-do_ask_passphrase (STRING2KEY **ret_s2k, int mode, int *r_canceled)
-{
- DEK *dek = NULL;
- STRING2KEY *s2k;
- const char *errtext = NULL;
- const char *custdesc = NULL;
-
- tty_printf(_("You need a Passphrase to protect your secret key.\n\n") );
-
- if (mode == 1)
- custdesc = _("Please enter a passphrase to protect the off-card "
- "backup of the new encryption key.");
-
- s2k = xmalloc_secure( sizeof *s2k );
- for(;;) {
- s2k->mode = opt.s2k_mode;
- s2k->hash_algo = S2K_DIGEST_ALGO;
- dek = passphrase_to_dek_ext (NULL, 0, opt.s2k_cipher_algo, s2k, 2,
- errtext, custdesc, NULL, r_canceled);
- if (!dek && *r_canceled) {
- xfree(dek); dek = NULL;
- xfree(s2k); s2k = NULL;
- break;
- }
- else if( !dek ) {
- errtext = N_("passphrase not correctly repeated; try again");
- tty_printf(_("%s.\n"), _(errtext));
- }
- else if( !dek->keylen ) {
- xfree(dek); dek = NULL;
- xfree(s2k); s2k = NULL;
- tty_printf(_(
- "You don't want a passphrase - this is probably a *bad* idea!\n"
- "I will do it anyway. You can change your passphrase at any time,\n"
- "using this program with the option \"--edit-key\".\n\n"));
- break;
- }
- else
- break; /* okay */
- }
- *ret_s2k = s2k;
- return dek;
-}
-#endif /* 0 */
-
-
/* Basic key generation. Here we divert to the actual generation
routines based on the requested algorithm. */
static int
@@ -3850,104 +3800,6 @@ generate_keypair (ctrl_t ctrl, int full, const char *fname,
}
-#if 0 /* not required */
-/* Generate a raw key and return it as a secret key packet. The
- function will ask for the passphrase and return a protected as well
- as an unprotected copy of a new secret key packet. 0 is returned
- on success and the caller must then free the returned values. */
-static int
-generate_raw_key (int algo, unsigned int nbits, u32 created_at,
- PKT_secret_key **r_sk_unprotected,
- PKT_secret_key **r_sk_protected)
-{
- int rc;
- DEK *dek = NULL;
- STRING2KEY *s2k = NULL;
- PKT_secret_key *sk = NULL;
- int i;
- size_t nskey, npkey;
- gcry_sexp_t s_parms, s_key;
- int canceled;
-
- npkey = pubkey_get_npkey (algo);
- nskey = pubkey_get_nskey (algo);
- assert (nskey <= PUBKEY_MAX_NSKEY && npkey < nskey);
-
- if (nbits < 512)
- {
- nbits = 512;
- log_info (_("keysize invalid; using %u bits\n"), nbits );
- }
-
- if ((nbits % 32))
- {
- nbits = ((nbits + 31) / 32) * 32;
- log_info(_("keysize rounded up to %u bits\n"), nbits );
- }
-
- dek = do_ask_passphrase (&s2k, 1, &canceled);
- if (canceled)
- {
- rc = gpg_error (GPG_ERR_CANCELED);
- goto leave;
- }
-
- sk = xmalloc_clear (sizeof *sk);
- sk->timestamp = created_at;
- sk->version = 4;
- sk->pubkey_algo = algo;
-
- if ( !is_RSA (algo) )
- {
- log_error ("only RSA is supported for offline generated keys\n");
- rc = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
- goto leave;
- }
- rc = gcry_sexp_build (&s_parms, NULL,
- "(genkey(rsa(nbits %d)))",
- (int)nbits);
- if (rc)
- log_bug ("gcry_sexp_build failed: %s\n", gpg_strerror (rc));
- rc = gcry_pk_genkey (&s_key, s_parms);
- gcry_sexp_release (s_parms);
- if (rc)
- {
- log_error ("gcry_pk_genkey failed: %s\n", gpg_strerror (rc) );
- goto leave;
- }
- rc = key_from_sexp (sk->skey, s_key, "private-key", "nedpqu");
- gcry_sexp_release (s_key);
- if (rc)
- {
- log_error ("key_from_sexp failed: %s\n", gpg_strerror (rc) );
- goto leave;
- }
-
- for (i=npkey; i < nskey; i++)
- sk->csum += checksum_mpi (sk->skey[i]);
-
- if (r_sk_unprotected)
- *r_sk_unprotected = copy_secret_key (NULL, sk);
-
- rc = genhelp_protect (dek, s2k, sk);
- if (rc)
- goto leave;
-
- if (r_sk_protected)
- {
- *r_sk_protected = sk;
- sk = NULL;
- }
-
- leave:
- if (sk)
- free_secret_key (sk);
- xfree (dek);
- xfree (s2k);
- return rc;
-}
-#endif /* ENABLE_CARD_SUPPORT */
-
/* Create and delete a dummy packet to start off a list of kbnodes. */
static void
start_tree(KBNODE *tree)
@@ -4724,259 +4576,3 @@ gen_card_key (int algo, int keyno, int is_primary, kbnode_t pub_root,
return gpg_error (GPG_ERR_NOT_SUPPORTED);
#endif /*!ENABLE_CARD_SUPPORT*/
}
-
-
-
-static int
-gen_card_key_with_backup (int algo, int keyno, int is_primary,
- KBNODE pub_root, u32 timestamp,
- u32 expireval, struct para_data_s *para)
-{
-#if ENABLE_CARD_SUPPORT && 0
- /* FIXME: Move this to gpg-agent. */
- int rc;
- const char *s;
- PACKET *pkt;
- PKT_secret_key *sk, *sk_unprotected = NULL, *sk_protected = NULL;
- PKT_public_key *pk;
- size_t n;
- int i;
- unsigned int nbits;
-
- /* Get the size of the key directly from the card. */
- {
- struct agent_card_info_s info;
-
- memset (&info, 0, sizeof info);
- if (!agent_scd_getattr ("KEY-ATTR", &info)
- && info.key_attr[1].algo)
- nbits = info.key_attr[1].nbits;
- else
- nbits = 1024; /* All pre-v2.0 cards. */
- agent_release_card_info (&info);
- }
-
- /* Create a key of this size in memory. */
- rc = generate_raw_key (algo, nbits, timestamp,
- &sk_unprotected, &sk_protected);
- if (rc)
- return rc;
-
- /* Store the key to the card. */
- rc = save_unprotected_key_to_card (sk_unprotected, keyno);
- if (rc)
- {
- log_error (_("storing key onto card failed: %s\n"), gpg_strerror (rc));
- free_secret_key (sk_unprotected);
- free_secret_key (sk_protected);
- write_status_errcode ("save_key_to_card", rc);
- return rc;
- }
-
- /* Get rid of the secret key parameters and store the serial numer. */
- sk = sk_unprotected;
- n = pubkey_get_nskey (sk->pubkey_algo);
- for (i=pubkey_get_npkey (sk->pubkey_algo); i < n; i++)
- {
- gcry_mpi_release (sk->skey[i]);
- sk->skey[i] = NULL;
- }
- i = pubkey_get_npkey (sk->pubkey_algo);
- sk->skey[i] = gcry_mpi_set_opaque (NULL, xstrdup ("dummydata"), 10*8);
- sk->is_protected = 1;
- sk->protect.s2k.mode = 1002;
- s = get_parameter_value (para, pSERIALNO);
- assert (s);
- for (sk->protect.ivlen=0; sk->protect.ivlen < 16 && *s && s[1];
- sk->protect.ivlen++, s += 2)
- sk->protect.iv[sk->protect.ivlen] = xtoi_2 (s);
-
- /* Now write the *protected* secret key to the file. */
- {
- char name_buffer[50];
- char *fname;
- IOBUF fp;
- mode_t oldmask;
-
- keyid_from_sk (sk, NULL);
- snprintf (name_buffer, sizeof name_buffer, "sk_%08lX%08lX.gpg",
- (ulong)sk->keyid[0], (ulong)sk->keyid[1]);
-
- fname = make_filename (backup_dir, name_buffer, NULL);
- /* Note that the umask call is not anymore needed because
- iobuf_create now takes care of it. However, it does not harm
- and thus we keep it. */
- oldmask = umask (077);
- if (is_secured_filename (fname))
- {
- fp = NULL;
- gpg_err_set_errno (EPERM);
- }
- else
- fp = iobuf_create (fname, 1);
- umask (oldmask);
- if (!fp)
- {
- rc = gpg_error_from_syserror ();
- log_error (_("can't create backup file '%s': %s\n"),
- fname, strerror(errno) );
- xfree (fname);
- free_secret_key (sk_unprotected);
- free_secret_key (sk_protected);
- return rc;
- }
-
- pkt = xcalloc (1, sizeof *pkt);
- pkt->pkttype = PKT_SECRET_KEY;
- pkt->pkt.secret_key = sk_protected;
- sk_protected = NULL;
-
- rc = build_packet (fp, pkt);
- if (rc)
- {
- log_error("build packet failed: %s\n", gpg_strerror (rc));
- iobuf_cancel (fp);
- }
- else
- {
- unsigned char array[MAX_FINGERPRINT_LEN];
- char *fprbuf, *p;
-
- iobuf_close (fp);
- iobuf_ioctl (NULL, IOBUF_IOCTL_INVALIDATE_CACHE, 0, (char*)fname);
- log_info (_("Note: backup of card key saved to '%s'\n"), fname);
-
- fingerprint_from_sk (sk, array, &n);
- p = fprbuf = xmalloc (MAX_FINGERPRINT_LEN*2 + 1 + 1);
- for (i=0; i < n ; i++, p += 2)
- sprintf (p, "%02X", array[i]);
- *p++ = ' ';
- *p = 0;
-
- write_status_text_and_buffer (STATUS_BACKUP_KEY_CREATED,
- fprbuf,
- fname, strlen (fname),
- 0);
- xfree (fprbuf);
- }
- free_packet (pkt);
- xfree (pkt);
- xfree (fname);
- if (rc)
- {
- free_secret_key (sk_unprotected);
- return rc;
- }
- }
-
- /* Create the public key from the secret key. */
- pk = xcalloc (1, sizeof *pk );
- pk->timestamp = sk->timestamp;
- pk->version = sk->version;
- if (expireval)
- pk->expiredate = sk->expiredate = sk->timestamp + expireval;
- pk->pubkey_algo = sk->pubkey_algo;
- n = pubkey_get_npkey (sk->pubkey_algo);
- for (i=0; i < n; i++)
- pk->pkey[i] = mpi_copy (sk->skey[i]);
-
- /* Build packets and add them to the node lists. */
- pkt = xcalloc (1,sizeof *pkt);
- pkt->pkttype = is_primary ? PKT_PUBLIC_KEY : PKT_PUBLIC_SUBKEY;
- pkt->pkt.public_key = pk;
- add_kbnode(pub_root, new_kbnode( pkt ));
-
- pkt = xcalloc (1,sizeof *pkt);
- pkt->pkttype = is_primary ? PKT_SECRET_KEY : PKT_SECRET_SUBKEY;
- pkt->pkt.secret_key = sk;
- add_kbnode(sec_root, new_kbnode( pkt ));
-
- return 0;
-#else
-# if __GCC__ && ENABLE_CARD_SUPPORT
-# warning Card support still missing
-# endif
- (void)algo;
- (void)keyno;
- (void)is_primary;
- (void)pub_root;
- (void)timestamp;
- (void)expireval;
- (void)para;
- return gpg_error (GPG_ERR_NOT_SUPPORTED);
-#endif /*!ENABLE_CARD_SUPPORT*/
-}
-
-
-#if 0
-int
-save_unprotected_key_to_card (PKT_public_key *sk, int keyno)
-{
- int rc;
- unsigned char *rsa_n = NULL;
- unsigned char *rsa_e = NULL;
- unsigned char *rsa_p = NULL;
- unsigned char *rsa_q = NULL;
- size_t rsa_n_len, rsa_e_len, rsa_p_len, rsa_q_len;
- unsigned char *sexp = NULL;
- unsigned char *p;
- char numbuf[55], numbuf2[50];
-
- assert (is_RSA (sk->pubkey_algo));
- assert (!sk->is_protected);
-
- /* Copy the parameters into straight buffers. */
- gcry_mpi_aprint (GCRYMPI_FMT_USG, &rsa_n, &rsa_n_len, sk->skey[0]);
- gcry_mpi_aprint (GCRYMPI_FMT_USG, &rsa_e, &rsa_e_len, sk->skey[1]);
- gcry_mpi_aprint (GCRYMPI_FMT_USG, &rsa_p, &rsa_p_len, sk->skey[3]);
- gcry_mpi_aprint (GCRYMPI_FMT_USG, &rsa_q, &rsa_q_len, sk->skey[4]);
- if (!rsa_n || !rsa_e || !rsa_p || !rsa_q)
- {
- rc = GPG_ERR_INV_ARG;
- goto leave;
- }
-
- /* Put the key into an S-expression. */
- sexp = p = xmalloc_secure (30
- + rsa_n_len + rsa_e_len + rsa_p_len + rsa_q_len
- + 4*sizeof (numbuf) + 25 + sizeof(numbuf) + 20);
-
- p = stpcpy (p,"(11:private-key(3:rsa(1:n");
- sprintf (numbuf, "%u:", (unsigned int)rsa_n_len);
- p = stpcpy (p, numbuf);
- memcpy (p, rsa_n, rsa_n_len);
- p += rsa_n_len;
-
- sprintf (numbuf, ")(1:e%u:", (unsigned int)rsa_e_len);
- p = stpcpy (p, numbuf);
- memcpy (p, rsa_e, rsa_e_len);
- p += rsa_e_len;
-
- sprintf (numbuf, ")(1:p%u:", (unsigned int)rsa_p_len);
- p = stpcpy (p, numbuf);
- memcpy (p, rsa_p, rsa_p_len);
- p += rsa_p_len;
-
- sprintf (numbuf, ")(1:q%u:", (unsigned int)rsa_q_len);
- p = stpcpy (p, numbuf);
- memcpy (p, rsa_q, rsa_q_len);
- p += rsa_q_len;
-
- p = stpcpy (p,"))(10:created-at");
- sprintf (numbuf2, "%lu", (unsigned long)sk->timestamp);
- sprintf (numbuf, "%lu:", (unsigned long)strlen (numbuf2));
- p = stpcpy (stpcpy (stpcpy (p, numbuf), numbuf2), "))");
-
- /* Fixme: Unfortunately we don't have the serialnumber available -
- thus we can't pass it down to the agent. */
- rc = agent_scd_writekey (keyno, NULL, sexp, p - sexp);
-
- leave:
- xfree (sexp);
- xfree (rsa_n);
- xfree (rsa_e);
- xfree (rsa_p);
- xfree (rsa_q);
- return rc;
-}
-#endif /*ENABLE_CARD_SUPPORT*/
commit b30c15bf7c5336c4abb1f9dcd974cd77ba6c61a7
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Fri Dec 18 10:02:38 2015 +0900
g10: Fix a regression for generating card key with backup.
* g10/main.h (receive_seckey_from_agent): Declare.
* g10/keygen.c (card_write_key_to_backup_file): New.
(card_store_key_with_backup): New.
(do_generate_keypair): Create a key on host for encryption key when
backup is requested. Then, call card_store_key_with_backup.
--
GnuPG-bug-id: 2169
diff --git a/g10/keygen.c b/g10/keygen.c
index a1f449e..9259ff3 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -141,9 +141,6 @@ static int write_keyblock (iobuf_t out, kbnode_t node);
static gpg_error_t gen_card_key (int algo, int keyno, int is_primary,
kbnode_t pub_root,
u32 *timestamp, u32 expireval);
-static int gen_card_key_with_backup (int algo, int keyno, int is_primary,
- kbnode_t pub_root, u32 timestamp,
- u32 expireval, struct para_data_s *para);
static void
@@ -3964,6 +3961,166 @@ start_tree(KBNODE *tree)
}
+/* Write the *protected* secret key to the file. */
+static gpg_error_t
+card_write_key_to_backup_file (PKT_public_key *sk, const char *backup_dir)
+{
+ gpg_error_t err = 0;
+ int rc;
+ char name_buffer[50];
+ char *fname;
+ IOBUF fp;
+ mode_t oldmask;
+ PACKET *pkt = NULL;
+
+ keyid_from_pk (sk, NULL);
+ snprintf (name_buffer, sizeof name_buffer, "sk_%08lX%08lX.gpg",
+ (ulong)sk->keyid[0], (ulong)sk->keyid[1]);
+
+ fname = make_filename (backup_dir, name_buffer, NULL);
+ /* Note that the umask call is not anymore needed because
+ iobuf_create now takes care of it. However, it does not harm
+ and thus we keep it. */
+ oldmask = umask (077);
+ if (is_secured_filename (fname))
+ {
+ fp = NULL;
+ gpg_err_set_errno (EPERM);
+ }
+ else
+ fp = iobuf_create (fname, 1);
+ umask (oldmask);
+ if (!fp)
+ {
+ err = gpg_error_from_syserror ();
+ log_error (_("can't create backup file '%s': %s\n"), fname, strerror (errno) );
+ goto leave;
+ }
+
+ pkt = xcalloc (1, sizeof *pkt);
+ pkt->pkttype = PKT_SECRET_KEY;
+ pkt->pkt.secret_key = sk;
+
+ rc = build_packet (fp, pkt);
+ if (rc)
+ {
+ log_error ("build packet failed: %s\n", gpg_strerror (rc));
+ iobuf_cancel (fp);
+ }
+ else
+ {
+ unsigned char array[MAX_FINGERPRINT_LEN];
+ char *fprbuf, *p;
+ int n;
+ int i;
+
+ iobuf_close (fp);
+ iobuf_ioctl (NULL, IOBUF_IOCTL_INVALIDATE_CACHE, 0, (char*)fname);
+ log_info (_("Note: backup of card key saved to '%s'\n"), fname);
+
+ fingerprint_from_pk (sk, array, &n);
+ p = fprbuf = xmalloc (MAX_FINGERPRINT_LEN*2 + 1 + 1);
+ if (!p)
+ {
+ err = gpg_error_from_syserror ();
+ goto leave;
+ }
+
+ for (i=0; i < n ; i++, p += 2)
+ sprintf (p, "%02X", array[i]);
+ *p++ = ' ';
+ *p = 0;
+
+ write_status_text_and_buffer (STATUS_BACKUP_KEY_CREATED, fprbuf,
+ fname, strlen (fname), 0);
+ xfree (fprbuf);
+ }
+
+ leave:
+ xfree (pkt);
+ xfree (fname);
+ return err;
+}
+
+
+/* Store key to card and make a backup file in OpenPGP format. */
+static gpg_error_t
+card_store_key_with_backup (ctrl_t ctrl, PKT_public_key *sub_psk,
+ const char *backup_dir)
+{
+ PKT_public_key *sk;
+ gnupg_isotime_t timestamp;
+ gpg_error_t err;
+ char *hexgrip;
+ int rc;
+ struct agent_card_info_s info;
+ gcry_cipher_hd_t cipherhd = NULL;
+ char *cache_nonce = NULL;
+ void *kek = NULL;
+ size_t keklen;
+
+ sk = copy_public_key (NULL, sub_psk);
+ if (!sk)
+ return gpg_error_from_syserror ();
+
+ epoch2isotime (timestamp, (time_t)sk->timestamp);
+ err = hexkeygrip_from_pk (sk, &hexgrip);
+ if (err)
+ return err;
+
+ memset(&info, 0, sizeof (info));
+ rc = agent_scd_getattr ("SERIALNO", &info);
+ if (rc)
+ return (gpg_error_t)rc;
+
+ rc = agent_keytocard (hexgrip, 2, 1, info.serialno, timestamp);
+ xfree (info.serialno);
+ if (rc)
+ {
+ err = (gpg_error_t)rc;
+ goto leave;
+ }
+
+ err = agent_keywrap_key (ctrl, 1, &kek, &keklen);
+ if (err)
+ {
+ log_error ("error getting the KEK: %s\n", gpg_strerror (err));
+ goto leave;
+ }
+
+ err = gcry_cipher_open (&cipherhd, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_AESWRAP, 0);
+ if (!err)
+ err = gcry_cipher_setkey (cipherhd, kek, keklen);
+ if (err)
+ {
+ log_error ("error setting up an encryption context: %s\n", gpg_strerror (err));
+ goto leave;
+ }
+
+ err = receive_seckey_from_agent (ctrl, cipherhd, &cache_nonce, hexgrip, sk);
+ if (err)
+ {
+ log_error ("error getting secret key from agent: %s\n", gpg_strerror (err));
+ goto leave;
+ }
+
+ err = card_write_key_to_backup_file (sk, backup_dir);
+ if (err)
+ log_error ("writing card key to backup file: %s\n", gpg_strerror (err));
+ else
+ /* Remove secret key data in agent side. */
+ agent_scd_learn (NULL, 1);
+
+ leave:
+ xfree (cache_nonce);
+ gcry_cipher_close (cipherhd);
+ xfree (kek);
+ xfree (hexgrip);
+ free_public_key (sk);
+ return err;
+}
+
+
static void
do_generate_keypair (ctrl_t ctrl, struct para_data_s *para,
struct output_control_s *outctrl, int card)
@@ -4095,7 +4252,7 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para,
if (!err && get_parameter (para, pSUBKEYTYPE))
{
sub_psk = NULL;
- if (!card)
+ if (!card || (s = get_parameter_value (para, pCARDBACKUPKEY)))
{
err = do_create (get_parameter_algo (para, pSUBKEYTYPE, NULL),
get_parameter_uint (para, pSUBKEYLENGTH),
@@ -4103,7 +4260,7 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para,
pub_root,
timestamp,
get_parameter_u32 (para, pSUBKEYEXPIRE), 1,
- outctrl->keygen_flags,
+ s ? KEYGEN_FLAG_NO_PROTECTION : outctrl->keygen_flags,
get_parameter_passphrase (para),
&cache_nonce);
/* Get the pointer to the generated public subkey packet. */
@@ -4115,25 +4272,15 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para,
if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
sub_psk = node->pkt->pkt.public_key;
assert (sub_psk);
+
+ if (s)
+ err = card_store_key_with_backup (ctrl, sub_psk, opt.homedir);
}
}
else
{
- if ((s = get_parameter_value (para, pCARDBACKUPKEY)))
- {
- /* A backup of the encryption key has been requested.
- Generate the key in software and import it then to
- the card. Write a backup file. */
- err = gen_card_key_with_backup
- (PUBKEY_ALGO_RSA, 2, 0, pub_root, timestamp,
- get_parameter_u32 (para, pKEYEXPIRE), para);
- }
- else
- {
- err = gen_card_key (PUBKEY_ALGO_RSA, 2, 0, pub_root,
- ×tamp,
- get_parameter_u32 (para, pKEYEXPIRE));
- }
+ err = gen_card_key (PUBKEY_ALGO_RSA, 2, 0, pub_root, ×tamp,
+ get_parameter_u32 (para, pKEYEXPIRE));
}
if (!err)
diff --git a/g10/keygen.c b/g10/keygen.c.~HEAD~
similarity index 100%
copy from g10/keygen.c
copy to g10/keygen.c.~HEAD~
diff --git a/g10/main.h b/g10/main.h
index e4c6e8f..60bbd24 100644
--- a/g10/main.h
+++ b/g10/main.h
@@ -363,6 +363,10 @@ gpg_error_t export_pubkey_buffer (ctrl_t ctrl, const char *keyspec,
kbnode_t *r_keyblock,
void **r_data, size_t *r_datalen);
+gpg_error_t receive_seckey_from_agent (ctrl_t ctrl, gcry_cipher_hd_t cipherhd,
+ char **cache_nonce_addr, const char *hexgrip,
+ PKT_public_key *pk);
+
/*-- dearmor.c --*/
int dearmor_file( const char *fname );
int enarmor_file( const char *fname );
-----------------------------------------------------------------------
Summary of changes:
g10/keygen.c | 557 ++++++++++----------------------------
g10/{keygen.c => keygen.c.~HEAD~} | 0
g10/main.h | 4 +
3 files changed, 154 insertions(+), 407 deletions(-)
copy g10/{keygen.c => keygen.c.~HEAD~} (100%)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list