gpg: Change --show-session-key to print the session key earlier.

* g10/cpr.c (write_status_strings): New.
(write_status_text): Replace code by a call to write_status_strings.
* g10/mainproc.c (proc_encrypted): Remove show_session_key code.
* g10/decrypt-data.c (decrypt_data): Add new show_session_key code.
--

This feature can be used to return the session key for just a part of
a file.  For example to downloading just the first 32k of a huge file,
decrypting that incomplete part and while ignoring all the errors
break out the session key.  The session key may then be used on the
server to decrypt the entire file without the need to have the private
key on the server.

GnuPG-bug-id: 1389
Signed-off-by: Werner Koch <wk@gnupg.org>

doc/DETAILS

@@ -459,9 +459,10 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
 
 *** SESSION_KEY <algo>:<hexdigits>
     The session key used to decrypt the message.  This message will
-    only be emitted when the special option --show-session-key is
-    used.  The format is suitable to be passed to the option
-    --override-session-key
+    only be emitted if the option --show-session-key is used.  The
+    format is suitable to be passed as value for the option
+    --override-session-key.  It is not an indication that the
+    decryption will or has succeeded.
 
 *** BEGIN_ENCRYPTION  <mdc_method> <sym_algo>
     Mark the start of the actual encryption process.

g10/cpr.c

@@ -139,9 +139,14 @@ write_status ( int no )
 }
 
 
+/* Write a status line with code NO followed by the string TEXT and
+   directly followed by the remaining strings up to a NULL. */
 void
-write_status_text (int no, const char *text)
+write_status_strings (int no, const char *text, ...)
 {
+  va_list arg_ptr;
+  const char *s;
+
   if (!statusfp || !status_currently_allowed (no) )
     return;  /* Not enabled or allowed. */
 
@@ -150,15 +155,22 @@ write_status_text (int no, const char *text)
   if ( text )
     {
       es_putc ( ' ', statusfp);
-      for (; *text; text++)
+      va_start (arg_ptr, text);
+      s = text;
+      do
         {
-          if (*text == '\n')
-            es_fputs ("\\n", statusfp);
-          else if (*text == '\r')
-            es_fputs ("\\r", statusfp);
-          else
-            es_fputc ( *(const byte *)text, statusfp);
+          for (; *s; s++)
+            {
+              if (*s == '\n')
+                es_fputs ("\\n", statusfp);
+              else if (*s == '\r')
+                es_fputs ("\\r", statusfp);
+              else
+                es_fputc (*(const byte *)s, statusfp);
+            }
         }
+      while ((s = va_arg (arg_ptr, const char*)));
+      va_end (arg_ptr);
     }
   es_putc ('\n', statusfp);
   if (es_fflush (statusfp) && opt.exit_on_status_write_error)
@@ -166,6 +178,12 @@ write_status_text (int no, const char *text)
 }
 
 
+void
+write_status_text (int no, const char *text)
+{
+  write_status_strings (no, text, NULL);
+}
+
 /* Wrte an ERROR status line using a full gpg-error error value.  */
 void
 write_status_error (const char *where, gpg_error_t err)

g10/decrypt-data.c

@@ -106,6 +106,23 @@ decrypt_data (ctrl_t ctrl, void *procctx, PKT_encrypted *ed, DEK *dek)
     write_status_text (STATUS_DECRYPTION_INFO, buf);
   }
 
+  if (opt.show_session_key)
+    {
+      char numbuf[25];
+      char *hexbuf;
+
+      snprintf (numbuf, sizeof numbuf, "%d:", dek->algo);
+      hexbuf = bin2hex (dek->key, dek->keylen, NULL);
+      if (!hexbuf)
+        {
+          rc = gpg_error_from_syserror ();
+          goto leave;
+        }
+      log_info ("session key: '%s%s'\n", numbuf, hexbuf);
+      write_status_strings (STATUS_SESSION_KEY, numbuf, hexbuf, NULL);
+      xfree (hexbuf);
+    }
+
   rc = openpgp_cipher_test_algo (dek->algo);
   if (rc)
     goto leave;

g10/main.h

@@ -167,6 +167,8 @@ void write_status ( int no );
 void write_status_error (const char *where, gpg_error_t err);
 void write_status_errcode (const char *where, int errcode);
 void write_status_text ( int no, const char *text );
+void write_status_strings (int no, const char *text,
+                           ...) GNUPG_GCC_A_SENTINEL(0);
 void write_status_buffer ( int no,
                            const char *buffer, size_t len, int wrap );
 void write_status_text_and_buffer ( int no, const char *text,

g10/mainproc.c

@@ -570,6 +570,7 @@ proc_encrypted( CTX c, PACKET *pkt )
     }
     else if( !c->dek )
 	result = G10ERR_NO_SECKEY;
+
     if (!result)
       result = decrypt_data (c->ctrl, c, pkt->pkt.encrypted, c->dek );
 
@@ -584,16 +585,6 @@ proc_encrypted( CTX c, PACKET *pkt )
 	    write_status( STATUS_GOODMDC );
 	else if(!opt.no_mdc_warn)
 	    log_info (_("WARNING: message was not integrity protected\n"));
-	if(opt.show_session_key)
-	  {
-	    int i;
-	    char *buf = xmalloc ( c->dek->keylen*2 + 20 );
-	    sprintf ( buf, "%d:", c->dek->algo );
-	    for(i=0; i < c->dek->keylen; i++ )
-	      sprintf(buf+strlen(buf), "%02X", c->dek->key[i] );
-	    log_info( "session key: '%s'\n", buf );
-	    write_status_text ( STATUS_SESSION_KEY, buf );
-	  }
     }
     else if( result == G10ERR_BAD_SIGN ) {
         glo_ctrl.lasterr = result;