security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-03 22:56:33 +02:00
Code Activity

gpg: New option --show-only-session-key

Browse source 
* g10/options.h (opt): Add show_only_session_key and turn
show_session_key into a bit flag.
* g10/gpg.c (oShowOnlySessionKey): New.
(opts): Add "show-only-session-key".
(main): Set flag.
* g10/mainproc.c (proc_encrypted): Handle the new option.

* g10/decrypt-data.c (decrypt_data): Ditto.  Add compliance error flag
to the DECRYPTION_INFO status line.
--

This new option is somehow related to
GnuPG-bug-id: 1825
This commit is contained in:
Werner Koch 2024-06-24 16:31:24 +02:00
parent 4c65dfeb28
commit 1695cf267e
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
6 changed files with 42 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

8
doc/DETAILS
View file

@ -569,11 +569,13 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
actual key used for decryption. <fpr2> is the fingerprint of the
primary key. <otrust> is the letter with the ownertrust; this is
in general a 'u' which stands for ultimately trusted.
*** DECRYPTION_INFO <mdc_method> <sym_algo> [<aead_algo>]
*** DECRYPTION_INFO <mdc_method> <sym_algo> [<aead_algo> <complerr>]
Print information about the symmetric encryption algorithm and the
MDC method. This will be emitted even if the decryption fails.
For an AEAD algorithm AEAD_ALGO is not 0. GPGSM currently does
not print such a status.
For an AEAD algorithm AEAD_ALGO is not 0. COMPLERR is set to a
non-zero integer if a compliance check for the cipher failed.
GPGSM currently prints only the first two items and thus they are
marked as optional
*** DECRYPTION_FAILED
The symmetric decryption failed - one reason could be a wrong

4
doc/gpg.texi
View file

@ -3794,9 +3794,13 @@ This is not for normal use. Use the source to see for what it might be useful.
This is not for normal use. Use the source to see for what it might be useful.
@item --show-session-key
@itemx --show-only-session-key
@opindex show-session-key
@opindex show-only-session-key
Display the session key used for one message. See
@option{--override-session-key} for the counterpart of this option.
The variant @option{--show-only-session-key} does not actually use the
session key but stops processing after having printed the session key.
We think that Key Escrow is a Bad Thing; however the user should have
the freedom to decide whether to go to prison or to reveal the content