1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-05 12:31:50 +01:00

gpg: Emit an ERROR status as hint for a bad passphrase.

* g10/mainproc.c (proc_symkey_enc): Issue new error code.
(proc_encrypted): Ditto.
--

This allows GPGME to return a better error message than "bad session
key" to the user.  Technically we could get run into these errors also
in other cases but this more unlikley.  For the command line use we
don't do anything to not change the expected output of the command
line interface.

GnuPG-bug-id: 5943
This commit is contained in:
Werner Koch 2022-04-25 11:18:40 +02:00
parent 2fc91e15c6
commit 0f8623d518
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B

View File

@ -437,6 +437,11 @@ proc_symkey_enc (CTX c, PACKET *pkt)
&& gpg_err_code (err) != GPG_ERR_CHECKSUM) && gpg_err_code (err) != GPG_ERR_CHECKSUM)
log_fatal ("process terminated to be bug compatible" log_fatal ("process terminated to be bug compatible"
" with GnuPG <= 2.2\n"); " with GnuPG <= 2.2\n");
else
write_status_text (STATUS_ERROR,
"symkey_decrypt.maybe_error"
" 11_BAD_PASSPHRASE");
if (c->dek->s2k_cacheid[0]) if (c->dek->s2k_cacheid[0])
{ {
if (opt.debug) if (opt.debug)
@ -805,16 +810,23 @@ proc_encrypted (CTX c, PACKET *pkt)
} }
else else
{ {
if ((gpg_err_code (result) == GPG_ERR_BAD_KEY if (gpg_err_code (result) == GPG_ERR_BAD_KEY
|| gpg_err_code (result) == GPG_ERR_CHECKSUM || gpg_err_code (result) == GPG_ERR_CHECKSUM
|| gpg_err_code (result) == GPG_ERR_CIPHER_ALGO) || gpg_err_code (result) == GPG_ERR_CIPHER_ALGO)
&& c->dek && *c->dek->s2k_cacheid != '\0') {
if (c->symkeys)
write_status_text (STATUS_ERROR,
"symkey_decrypt.maybe_error"
" 11_BAD_PASSPHRASE");
if (c->dek && *c->dek->s2k_cacheid != '\0')
{ {
if (opt.debug) if (opt.debug)
log_debug ("cleared passphrase cached with ID: %s\n", log_debug ("cleared passphrase cached with ID: %s\n",
c->dek->s2k_cacheid); c->dek->s2k_cacheid);
passphrase_clear_cache (c->dek->s2k_cacheid); passphrase_clear_cache (c->dek->s2k_cacheid);
} }
}
glo_ctrl.lasterr = result; glo_ctrl.lasterr = result;
write_status (STATUS_DECRYPTION_FAILED); write_status (STATUS_DECRYPTION_FAILED);
log_error (_("decryption failed: %s\n"), gpg_strerror (result)); log_error (_("decryption failed: %s\n"), gpg_strerror (result));