[Help-gnutls] Re: Failure to import an OpenPGP private key
Simon Josefsson
simon at josefsson.org
Thu Dec 28 09:29:56 CET 2006
ludovic.courtes at laas.fr (Ludovic Courtès) writes:
> Hi,
>
> I'm finally getting back to this issue...
>
> Simon Josefsson <jas at extundo.com> writes:
>
>> ludovic.courtes at laas.fr (Ludovic Courtès) writes:
>>
>>> This can be seen as a GnuTLS bug since the FORMAT argument of
>>> `gnutls_openpgp_privkey_import' is not honored. Does CDK provide a way
>>> to import ASCII-armored private keys? Otherwise, `privkey_import'
>>> should return `UNIMPLEMENTED_FEATURE' when FORMAT is not `RAW'.
>>
>> I agree. There is code in OpenCDK to decode ASCII-armored data, so I
>> suspect there is some minor bug that prevents this from working.
>
> Below is a patch (against HEAD) that allows the import of ASCII-armored
> OpenPGP private keys.
Hi! Thanks for working on this.
However, your patch changes the external API/ABI, which is something
we _really_ don't want to do unless we can avoid it.
It seems a better patch would be to have
_gnutls_openpgp_raw_privkey_to_gkey be able to figure out the format
of the input automatically -- that seems possible to implement. Just
go over the input and look for non-ASCII characters (or just some
specific non-ASCII character like \0, which I assume is guaranteed to
always be present in OpenPGP binary keys, to avoid problems with
non-ASCII characters in a Comment: field or similar), and set the
armor flag accordingly. What do you think? If you agree, I'd
appreciate if you could suggest a specific patch to implement this.
Btw, to be able to use your patch, we'd might need a copyright
assignment, if the patch is large.. would that be a problem? I can
send you the forms offline.
Thanks,
Simon
More information about the Gnutls-help
mailing list