[Help-gnutls] Re: Failure to import an OpenPGP private key

Simon Josefsson simon at josefsson.org
Thu Dec 28 09:29:56 CET 2006

ludovic.courtes at laas.fr (Ludovic Courtès) writes:

> Hi,
> I'm finally getting back to this issue...
> Simon Josefsson <jas at extundo.com> writes:
>> ludovic.courtes at laas.fr (Ludovic Courtès) writes:
>>> This can be seen as a GnuTLS bug since the FORMAT argument of
>>> `gnutls_openpgp_privkey_import' is not honored.  Does CDK provide a way
>>> to import ASCII-armored private keys?  Otherwise, `privkey_import'
>>> should return `UNIMPLEMENTED_FEATURE' when FORMAT is not `RAW'.
>> I agree.  There is code in OpenCDK to decode ASCII-armored data, so I
>> suspect there is some minor bug that prevents this from working.
> Below is a patch (against HEAD) that allows the import of ASCII-armored
> OpenPGP private keys.

Hi!  Thanks for working on this.

However, your patch changes the external API/ABI, which is something
we _really_ don't want to do unless we can avoid it.

It seems a better patch would be to have
_gnutls_openpgp_raw_privkey_to_gkey be able to figure out the format
of the input automatically -- that seems possible to implement.  Just
go over the input and look for non-ASCII characters (or just some
specific non-ASCII character like \0, which I assume is guaranteed to
always be present in OpenPGP binary keys, to avoid problems with
non-ASCII characters in a Comment: field or similar), and set the
armor flag accordingly.  What do you think?  If you agree, I'd
appreciate if you could suggest a specific patch to implement this.

Btw, to be able to use your patch, we'd might need a copyright
assignment, if the patch is large..  would that be a problem?  I can
send you the forms offline.


More information about the Gnutls-help mailing list