[PATCH v2 2/4] g10: add openpgp_protected flag to agent secret key export functions

Daniel Kahn Gillmor dkg at fifthhorseman.net
Fri Jun 10 22:15:34 CEST 2016 

* g10/call-agent.c, g10/call-agent.h (agent_export_key): add
  openpgp_protected flag.
* g10/export.c (receive_seckey_from_agent): request openpgp_protected
  secret keys from agent.
* agent/command.c (hlp_export_key): EXPORT_KEY help text: add a
  brief description of the effect of --openpgp.

The --openpgp flag for gpg-agent's EXPORT_KEY actually forces
encryption in a certain (RFC 4880-compatible format).  This changeset
exposes that functionality in internal functions, and clarifies
functionality in the agent's help text.

--

Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
---
 agent/command.c  |  7 ++++++-
 g10/call-agent.c | 15 +++++++++------
 g10/call-agent.h |  3 ++-
 g10/export.c     |  2 +-
 4 files changed, 18 insertions(+), 9 deletions(-)

diff --git a/agent/command.c b/agent/command.c
index 1898d6c..de5b184 100644
--- a/agent/command.c
+++ b/agent/command.c
@@ -2210,7 +2210,12 @@ static const char hlp_export_key[] =
   "Export a secret key from the key store.  The key will be encrypted\n"
   "using the current session's key wrapping key (cf. command KEYWRAP_KEY)\n"
   "using the AESWRAP-128 algorithm.  The caller needs to retrieve that key\n"
-  "prior to using this command.  The function takes the keygrip as argument.\n";
+  "prior to using this command.  The function takes the keygrip as argument.\n"
+  "\n"
+  "If --openpgp is used, the secret key material will be exported in RFC 4880\n"
+  "compatible passphrase-protected form.  Without --openpgp, the secret key\n"
+  "material will be exported in the clear (after prompting the user to unlock\n"
+  "it, if needed).\n";
 static gpg_error_t
 cmd_export_key (assuan_context_t ctx, char *line)
 {
diff --git a/g10/call-agent.c b/g10/call-agent.c
index 470fa16..06a2d86 100644
--- a/g10/call-agent.c
+++ b/g10/call-agent.c
@@ -2315,13 +2315,15 @@ agent_import_key (ctrl_t ctrl, const char *desc, char **cache_nonce_addr,
 
 /* Receive a secret key from the agent.  HEXKEYGRIP is the hexified
    keygrip, DESC a prompt to be displayed with the agent's passphrase
-   question (needs to be plus+percent escaped).  If CACHE_NONCE_ADDR
-   is not NULL the agent is advised to first try a passphrase
-   associated with that nonce.  On success the key is stored as a
-   canonical S-expression at R_RESULT and R_RESULTLEN.  */
+   question (needs to be plus+percent escaped).  if OPENPGP_PROTECTED
+   is not zero, ensure that the key material is returned in RFC
+   4880-compatible passphrased-protected form.  If CACHE_NONCE_ADDR is
+   not NULL the agent is advised to first try a passphrase associated
+   with that nonce.  On success the key is stored as a canonical
+   S-expression at R_RESULT and R_RESULTLEN.  */
 gpg_error_t
 agent_export_key (ctrl_t ctrl, const char *hexkeygrip, const char *desc,
-                  char **cache_nonce_addr,
+                  int openpgp_protected, char **cache_nonce_addr,
                   unsigned char **r_result, size_t *r_resultlen)
 {
   gpg_error_t err;
@@ -2351,7 +2353,8 @@ agent_export_key (ctrl_t ctrl, const char *hexkeygrip, const char *desc,
         return err;
     }
 
-  snprintf (line, DIM(line)-1, "EXPORT_KEY --openpgp %s%s %s",
+  snprintf (line, DIM(line)-1, "EXPORT_KEY %s%s%s %s",
+            openpgp_protected ? "--openpgp ":"",
             cache_nonce_addr && *cache_nonce_addr? "--cache-nonce=":"",
             cache_nonce_addr && *cache_nonce_addr? *cache_nonce_addr:"",
             hexkeygrip);
diff --git a/g10/call-agent.h b/g10/call-agent.h
index a5d01e6..d85a6fd 100644
--- a/g10/call-agent.h
+++ b/g10/call-agent.h
@@ -192,7 +192,8 @@ gpg_error_t agent_import_key (ctrl_t ctrl, const char *desc,
 
 /* Receive a key from the agent.  */
 gpg_error_t agent_export_key (ctrl_t ctrl, const char *keygrip,
-                              const char *desc, char **cache_nonce_addr,
+                              const char *desc, int openpgp_protected,
+                              char **cache_nonce_addr,
                               unsigned char **r_result, size_t *r_resultlen);
 
 /* Delete a key from the agent.  */
diff --git a/g10/export.c b/g10/export.c
index d47c27d..5b161ae 100644
--- a/g10/export.c
+++ b/g10/export.c
@@ -852,7 +852,7 @@ receive_seckey_from_agent (ctrl_t ctrl, gcry_cipher_hd_t cipherhd,
     log_info ("key %s: asking agent for the secret parts\n", hexgrip);
 
   prompt = gpg_format_keydesc (pk, FORMAT_KEYDESC_EXPORT,1);
-  err = agent_export_key (ctrl, hexgrip, prompt, cache_nonce_addr,
+  err = agent_export_key (ctrl, hexgrip, prompt, 1, cache_nonce_addr,
                           &wrappedkey, &wrappedkeylen);
   xfree (prompt);
 
-- 
2.8.1

More information about the Gnupg-devel mailing list