[prev in list] [next in list] [prev in thread] [next in thread]
List: gnupg-devel
Subject: Re: using main key ID as cache key?
From: Daiki Ueno <ueno () unixuser ! org>
Date: 2012-11-16 9:01:35
Message-ID: m3vcd5c45s.fsf-ueno () unixuser ! org
[Download RAW message or body]
Hauke Laging <mailinglisten@hauke-laging.de> writes:
>> Is there a way to set different passphrases to the primary and subkeys?
>
> Yes but it's not the pleasant one...
>
> http://atom.smasher.org/gpg/gpg-passwords.txt
Thanks, but it is indeed complicated... Isn't it easier to modify the
GnuPG source code?
Regards,
--
Daiki Ueno
[Attachment #3 (text/x-patch)]
>From 5019fe9c48705ee8a279784eba8476c2480f5514 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@unixuser.org>
Date: Fri, 16 Nov 2012 17:36:36 +0900
Subject: [PATCH] Allow users to specify different passphrases for subkeys
* g10/keyedit.c (change_passphrase): If any of subkeys are selected,
only change the passphrases of them.
---
g10/keyedit.c | 17 +++++++++++++++--
1 file changed, 15 insertions(+), 2 deletions(-)
diff --git a/g10/keyedit.c b/g10/keyedit.c
index 08b71d8..f1f7741 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -1096,7 +1096,8 @@ leave:
/*
- * Change the passphrase of the primary and all secondary keys. Note
+ * Change the passphrase of selected keys. If no keys are selected,
+ * change the passphrase of the primary and all secondary keys. Note
* that it is common to use only one passphrase for the primary and
* all subkeys. However, this is now (since GnuPG 2.1) all up to the
* gpg-agent. Returns 0 on success or an error code.
@@ -1112,6 +1113,7 @@ change_passphrase (ctrl_t ctrl, kbnode_t keyblock)
char *hexgrip = NULL;
char *cache_nonce = NULL;
char *passwd_nonce = NULL;
+ int all = !count_selected_keys (keyblock);
node = find_kbnode (keyblock, PKT_PUBLIC_KEY);
if (!node)
@@ -1160,7 +1162,15 @@ change_passphrase (ctrl_t ctrl, kbnode_t keyblock)
goto leave;
}
- /* Change the passphrase for all keys. */
+ if (!all)
+ {
+ all = !cpr_get_answer_is_yes
+ ("keyedit.passwd_selected.okay",
+ _("Do you really want to change the passphrase of "
+ "only selected subkeys? (y/N) "));
+ }
+
+ /* Change the passphrase for all (or selected) keys. */
for (any = 0, node = keyblock; node; node = node->next)
{
if (node->pkt->pkttype == PKT_PUBLIC_KEY
@@ -1168,6 +1178,9 @@ change_passphrase (ctrl_t ctrl, kbnode_t keyblock)
{
char *desc;
+ if (!all && !(node->flag & NODFLG_SELKEY))
+ continue;
+
pk = node->pkt->pkt.public_key;
keyid_from_pk (pk, subid);
--
1.7.11.7
_______________________________________________
Gnupg-devel mailing list
Gnupg-devel@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic