security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-03 22:56:33 +02:00
Code Activity

gpg: New option --show-only-session-key

Browse source 
* g10/options.h (opt): Add show_only_session_key and turn
show_session_key into a bit flag.
* g10/gpg.c (oShowOnlySessionKey): New.
(opts): Add "show-only-session-key".
(main): Set flag.
* g10/mainproc.c (proc_encrypted): Handle the new option.

* g10/decrypt-data.c (decrypt_data): Ditto.  Add compliance error flag
to the DECRYPTION_INFO status line.
--

This new option is somehow related to
GnuPG-bug-id: 1825
This commit is contained in:
Werner Koch 2024-06-24 16:31:24 +02:00
parent 4c65dfeb28
commit 1695cf267e
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
6 changed files with 42 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

16
g10/decrypt-data.c
View file

@ -263,11 +263,13 @@ decrypt_data (ctrl_t ctrl, void *procctx, PKT_encrypted *ed, DEK *dek,
/* Check compliance. */
if (!gnupg_cipher_is_allowed (opt.compliance, 0, dek->algo, ciphermode))
{
log_error (_("cipher algorithm '%s' may not be used in %s mode\n"),
gpgrt_log (opt.show_only_session_key? GPGRT_LOGLVL_INFO
/* */: GPGRT_LOGLVL_ERROR,
_("cipher algorithm '%s' may not be used in %s mode\n"),
openpgp_cipher_algo_mode_name (dek->algo,ed->aead_algo),
gnupg_compliance_option_string (opt.compliance));
*compliance_error = 1;
if (opt.flags.require_compliance)
if (opt.flags.require_compliance && !opt.show_only_session_key)
{
/* We fail early in this case because it does not make sense
* to first decrypt everything. */
@ -276,8 +278,9 @@ decrypt_data (ctrl_t ctrl, void *procctx, PKT_encrypted *ed, DEK *dek,
}
}
write_status_printf (STATUS_DECRYPTION_INFO, "%d %d %d",
ed->mdc_method, dek->algo, ed->aead_algo);
write_status_printf (STATUS_DECRYPTION_INFO, "%d %d %d %d",
ed->mdc_method, dek->algo, ed->aead_algo,
*compliance_error);
if (opt.show_session_key)
{
@ -297,6 +300,11 @@ decrypt_data (ctrl_t ctrl, void *procctx, PKT_encrypted *ed, DEK *dek,
log_info ("session key: '%s%s'\n", numbuf, hexbuf);
write_status_strings (STATUS_SESSION_KEY, numbuf, hexbuf, NULL);
xfree (hexbuf);
if (opt.show_only_session_key)
{
rc = 0;
goto leave;
}
}
rc = openpgp_cipher_test_algo (dek->algo);