[prev in list] [next in list] [prev in thread] [next in thread] 

List:       gnupg-devel
Subject:    Re: using main key ID as cache key?
From:       Daiki Ueno <ueno () unixuser ! org>
Date:       2012-11-16 9:01:35
Message-ID: m3vcd5c45s.fsf-ueno () unixuser ! org
[Download RAW message or body]

Hauke Laging <mailinglisten@hauke-laging.de> writes:

>> Is there a way to set different passphrases to the primary and subkeys?
>
> Yes but it's not the pleasant one...
>
> http://atom.smasher.org/gpg/gpg-passwords.txt

Thanks, but it is indeed complicated... Isn't it easier to modify the
GnuPG source code?

Regards,
-- 
Daiki Ueno

[Attachment #3 (text/x-patch)]

>From 5019fe9c48705ee8a279784eba8476c2480f5514 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@unixuser.org>
Date: Fri, 16 Nov 2012 17:36:36 +0900
Subject: [PATCH] Allow users to specify different passphrases for subkeys

* g10/keyedit.c (change_passphrase): If any of subkeys are selected,
only change the passphrases of them.
---
 g10/keyedit.c | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/g10/keyedit.c b/g10/keyedit.c
index 08b71d8..f1f7741 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -1096,7 +1096,8 @@ leave:
 
 
 /*
- * Change the passphrase of the primary and all secondary keys.  Note
+ * Change the passphrase of selected keys.  If no keys are selected,
+ * change the passphrase of the primary and all secondary keys.  Note
  * that it is common to use only one passphrase for the primary and
  * all subkeys.  However, this is now (since GnuPG 2.1) all up to the
  * gpg-agent.  Returns 0 on success or an error code.
@@ -1112,6 +1113,7 @@ change_passphrase (ctrl_t ctrl, kbnode_t keyblock)
   char *hexgrip = NULL;
   char *cache_nonce = NULL;
   char *passwd_nonce = NULL;
+  int all = !count_selected_keys (keyblock);
 
   node = find_kbnode (keyblock, PKT_PUBLIC_KEY);
   if (!node)
@@ -1160,7 +1162,15 @@ change_passphrase (ctrl_t ctrl, kbnode_t keyblock)
       goto leave;
     }
 
-  /* Change the passphrase for all keys.  */
+  if (!all)
+    {
+      all = !cpr_get_answer_is_yes
+        ("keyedit.passwd_selected.okay",
+         _("Do you really want to change the passphrase of "
+           "only selected subkeys? (y/N) "));
+    }
+
+  /* Change the passphrase for all (or selected) keys.  */
   for (any = 0, node = keyblock; node; node = node->next)
     {
       if (node->pkt->pkttype == PKT_PUBLIC_KEY
@@ -1168,6 +1178,9 @@ change_passphrase (ctrl_t ctrl, kbnode_t keyblock)
         {
           char *desc;
 
+          if (!all && !(node->flag & NODFLG_SELKEY))
+            continue;
+
           pk = node->pkt->pkt.public_key;
           keyid_from_pk (pk, subid);
 
-- 
1.7.11.7



_______________________________________________
Gnupg-devel mailing list
Gnupg-devel@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-devel


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic