Allow to export private keys.

Using a workaround that validates passphrase for a secret key. With GnuPG 2.2.23 and GpgME 1.1.15, a secret key can be exported when the right passphrase is provided. With a bad passphrase, application crashes. See https://dev.gnupg.org/T5151 Application may validate a passphrase before invoking engine. Until it is hopefully fixed in upstream and available in mainstream.
2020-11-24 22:15:46 +01:00
parent b761c366f7
commit b68bee813d
4 changed files with 62 additions and 6 deletions
--- a/GpgMEWorker.cpp
+++ b/GpgMEWorker.cpp
@@ -11,6 +11,7 @@
 #include <gpgme++/keylistresult.h>
 #include <gpgme++/importresult.h>
 #include <gpgme++/keygenerationresult.h>
+#include <gpgme++/signingresult.h>
 #include <locale>
 #include <iostream>
 #include <gpgme++/data.h>
@@ -346,6 +347,32 @@ const Error GpgMEWorker::CreateSubKey(GpgME::Key& k,
    return e;
 }

+const Error GpgMEWorker::CheckPassphrase(const char* fpr,
+                                         const string& passphrase)
+{
+    Error e;
+    Context * ctx = Context::createForProtocol(Protocol::OpenPGP);
+    LoopbackPassphraseProvider * ppp = new LoopbackPassphraseProvider(passphrase);
+    ctx->setPinentryMode(Context::PinentryMode::PinentryLoopback);
+    ctx->setPassphraseProvider(ppp);
+
+    Key k = FindKey(fpr, e, true);
+    if (e.code() != 0)
+        return e;
+    e = ctx->addSigningKey(k);
+    if (e.code() != 0)
+        return e;
+    Data plain("dummy");
+    Data signature;
+    SigningResult result = ctx->sign(plain, signature, SignatureMode::Detached);
+    e = result.error();
+
+    delete ppp;
+    delete ctx;
+    
+    return e;
+}
+
 const Error GpgMEWorker::ExportPrivateKey(const char * pattern, string& buffer,
                                          const string& passphrase)
 {