gpg: Remove a mostly duplicated function.

* g10/export.c (receive_seckey_from_agent): Add arg r_key. (do_export_one_keyblock): Pass NULL for new arg. (receive_raw_seckey_from_agent): Remove. (export_secret_ssh_key): Use receive_seckey_from_agent. * g10/keygen.c (card_store_key_with_backup): Pass NULL for new arg.
author: Werner Koch <wk@gnupg.org> 2022-12-01 12:28:15 +0100
committer: Werner Koch <wk@gnupg.org> 2022-12-02 10:09:58 +0100
commit: 1d88e14de751b19ae5637c4f6b0a1882c2f3b554 (patch)
tree: dd759c6716d8b268e294ad56742b6072b4ab5520 /g10
parent: tests: Simplify fake-pinentry to use the option only. (diff)
download: gnupg2-1d88e14de751b19ae5637c4f6b0a1882c2f3b554.tar.xz
gnupg2-1d88e14de751b19ae5637c4f6b0a1882c2f3b554.zip
3 files changed, 36 insertions, 81 deletions
diff --git a/g10/export.c b/g10/export.c
index 0187788f0..3d4413068 100644
--- a/g10/export.c
+++ b/g10/export.c
@@ -1249,28 +1249,45 @@ print_status_exported (PKT_public_key *pk)
  * clear.
  *
  * CACHE_NONCE_ADDR is used to share nonce for multiple key retrievals.
+ *
+ * If PK is NULL, the raw key is returned (e.g. for ssh export) at
+ * R_KEY.  CLEARTEXT and CACHE_NONCE_ADDR ared ignored in this case.
  */
 gpg_error_t
 receive_seckey_from_agent (ctrl_t ctrl, gcry_cipher_hd_t cipherhd,
                            int cleartext,
                            char **cache_nonce_addr, const char *hexgrip,
-                           PKT_public_key *pk)
+                           PKT_public_key *pk, gcry_sexp_t *r_key)
 {
   gpg_error_t err = 0;
   unsigned char *wrappedkey = NULL;
   size_t wrappedkeylen;
   unsigned char *key = NULL;
   size_t keylen, realkeylen;
-  gcry_sexp_t s_skey;
+  gcry_sexp_t s_skey = NULL;
   char *prompt;
 
+  if (r_key)
+    *r_key = NULL;
   if (opt.verbose)
     log_info ("key %s: asking agent for the secret parts\n", hexgrip);
 
-  prompt = gpg_format_keydesc (ctrl, pk, FORMAT_KEYDESC_EXPORT,1);
-  err = agent_export_key (ctrl, hexgrip, prompt, !cleartext, cache_nonce_addr,
-                          &wrappedkey, &wrappedkeylen,
-			  pk->keyid, pk->main_keyid, pk->pubkey_algo);
+  if (pk)
+    {
+      prompt = gpg_format_keydesc (ctrl, pk, FORMAT_KEYDESC_EXPORT, 1);
+      err = agent_export_key (ctrl, hexgrip, prompt, !cleartext,
+                              cache_nonce_addr,
+                              &wrappedkey, &wrappedkeylen,
+                              pk->keyid, pk->main_keyid, pk->pubkey_algo);
+    }
+  else
+    {
+      prompt = gpg_format_keydesc (ctrl, NULL, FORMAT_KEYDESC_KEYGRIP, 1);
+      err = agent_export_key (ctrl, hexgrip, prompt, 0,
+                              NULL,
+                              &wrappedkey, &wrappedkeylen,
+                              NULL, NULL, 0);
+    }
   xfree (prompt);
 
   if (err)
@@ -1297,14 +1314,19 @@ receive_seckey_from_agent (ctrl_t ctrl, gcry_cipher_hd_t cipherhd,
   err = gcry_sexp_sscan (&s_skey, NULL, key, realkeylen);
   if (!err)
     {
-      if (cleartext)
+      if (pk && cleartext)
         err = cleartext_secret_key_to_openpgp (s_skey, pk);
-      else
+      else if (pk)
         err = transfer_format_to_openpgp (s_skey, pk);
-      gcry_sexp_release (s_skey);
+      else if (r_key)
+        {
+          *r_key = s_skey;
+          s_skey = NULL;
+        }
     }
 
  unwraperror:
+  gcry_sexp_release (s_skey);
   xfree (key);
   xfree (wrappedkey);
   if (err)
@@ -1811,7 +1833,7 @@ do_export_one_keyblock (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid,
             {
               err = receive_seckey_from_agent (ctrl, cipherhd,
                                                cleartext, &cache_nonce,
-                                               hexgrip, pk);
+                                               hexgrip, pk, NULL);
               if (err)
                 {
                   if (gpg_err_code (err) == GPG_ERR_FULLY_CANCELED)
@@ -2714,74 +2736,6 @@ export_ssh_key (ctrl_t ctrl, const char *userid)
 }
 
 
-/* Simplified version of receive_seckey_from_agent used to get the raw
- * key.  */
-gpg_error_t
-receive_raw_seckey_from_agent (ctrl_t ctrl, gcry_cipher_hd_t cipherhd,
-                               const char *hexgrip, gcry_sexp_t *r_key)
-{
-  gpg_error_t err = 0;
-  unsigned char *wrappedkey = NULL;
-  size_t wrappedkeylen;
-  unsigned char *key = NULL;
-  size_t keylen, realkeylen;
-  gcry_sexp_t s_skey = NULL;
-
-  *r_key = NULL;
-  if (opt.verbose)
-    log_info ("key %s: asking agent for the secret parts\n", hexgrip);
-
-  {
-    char * prompt = gpg_format_keydesc (ctrl, NULL, FORMAT_KEYDESC_KEYGRIP, 1);
-    err = agent_export_key (ctrl, hexgrip, prompt, 0, NULL,
-                            &wrappedkey, &wrappedkeylen,
-                            NULL, NULL, 0);
-    xfree (prompt);
-  }
-  if (err)
-    goto leave;
-
-  if (wrappedkeylen < 24)
-    {
-      err = gpg_error (GPG_ERR_INV_LENGTH);
-      goto leave;
-    }
-  keylen = wrappedkeylen - 8;
-  key = xtrymalloc_secure (keylen);
-  if (!key)
-    {
-      err = gpg_error_from_syserror ();
-      goto leave;
-    }
-  err = gcry_cipher_decrypt (cipherhd, key, keylen, wrappedkey, wrappedkeylen);
-  if (err)
-    goto leave;
-  realkeylen = gcry_sexp_canon_len (key, keylen, NULL, &err);
-  if (!realkeylen)
-    goto leave; /* Invalid csexp.  */
-
-  err = gcry_sexp_sscan (&s_skey, NULL, key, realkeylen);
-  if (!err)
-    {
-      gcry_log_debugsxp ("skey", s_skey);
-      *r_key = s_skey;
-      s_skey = NULL;
-    }
-
- leave:
-  gcry_sexp_release (s_skey);
-  xfree (key);
-  xfree (wrappedkey);
-  if (err)
-    {
-      log_error ("key %s: error receiving key from agent:"
-                 " %s%s\n", hexgrip, gpg_strerror (err),
-                 "");
-    }
-  return err;
-}
-
-
 /* Export the key identified by USERID in the SSH secret key format.
  * The USERID must be given in keygrip format (prefixed with a '&')
  * and thus no OpenPGP key is required.  The exported key is not
@@ -2827,7 +2781,8 @@ export_secret_ssh_key (ctrl_t ctrl, const char *userid)
   if ((err = get_keywrap_key (ctrl, &cipherhd)))
     goto leave;
 
-  err = receive_raw_seckey_from_agent (ctrl, cipherhd, hexgrip, &skey);
+  err = receive_seckey_from_agent (ctrl, cipherhd, 0, NULL, hexgrip, NULL,
+                                   &skey);
   if (err)
     goto leave;
 
diff --git a/g10/keygen.c b/g10/keygen.c
index c2f2dcc9d..8e2c092fc 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -5287,7 +5287,7 @@ card_store_key_with_backup (ctrl_t ctrl, PKT_public_key *sub_psk,
     }
 
   err = receive_seckey_from_agent (ctrl, cipherhd, 0,
-                                   &cache_nonce, hexgrip, sk);
+                                   &cache_nonce, hexgrip, sk, NULL);
   if (err)
     {
       log_error ("error getting secret key from agent: %s\n",
diff --git a/g10/main.h b/g10/main.h
index 6d5ba77ac..968465ebd 100644
--- a/g10/main.h
+++ b/g10/main.h
@@ -434,7 +434,7 @@ gpg_error_t receive_seckey_from_agent (ctrl_t ctrl, gcry_cipher_hd_t cipherhd,
                                        int cleartext,
                                        char **cache_nonce_addr,
                                        const char *hexgrip,
-                                       PKT_public_key *pk);
+                                       PKT_public_key *pk, gcry_sexp_t *r_key);
 
 gpg_error_t write_keyblock_to_output (kbnode_t keyblock,
                                       int with_armor, unsigned int options);
author	Werner Koch <wk@gnupg.org>	2022-12-01 12:28:15 +0100
committer	Werner Koch <wk@gnupg.org>	2022-12-02 10:09:58 +0100
commit	1d88e14de751b19ae5637c4f6b0a1882c2f3b554 (patch)
tree	dd759c6716d8b268e294ad56742b6072b4ab5520 /g10
parent	tests: Simplify fake-pinentry to use the option only. (diff)
download	gnupg2-1d88e14de751b19ae5637c4f6b0a1882c2f3b554.tar.xz gnupg2-1d88e14de751b19ae5637c4f6b0a1882c2f3b554.zip