gpg: Change --show-session-key to print the session key earlier.

* g10/cpr.c (write_status_strings): New. (write_status_text): Replace code by a call to write_status_strings. * g10/mainproc.c (proc_encrypted): Remove show_session_key code. * g10/decrypt-data.c (decrypt_data): Add new show_session_key code. -- This feature can be used to return the session key for just a part of a file. For example to downloading just the first 32k of a huge file, decrypting that incomplete part and while ignoring all the errors break out the session key. The session key may then be used on the server to decrypt the entire file without the need to have the private key on the server. GnuPG-bug-id: 1389 Signed-off-by: Werner Koch <wk@gnupg.org> (cherry picked from commit 101a54add351ff62793cbfbf3877787c4791f833) Resolved Conflicts: doc/DETAILS - removed g10/cpr.c - replace estream fucntion by stdio. g10/mainproc.c - Adjust for changed calling convention.
2025-01-25 15:27:03 +01:00 · 2013-12-11 10:20:15 +01:00 · 2013-12-11 10:20:15 +01:00 · 3ae90ff28c
commit 3ae90ff28c
parent d04399a6a8
4 changed files with 82 additions and 50 deletions
--- a/g10/cpr.c
+++ b/g10/cpr.c
@ -132,28 +132,50 @@ write_status ( int no )
    write_status_text( no, NULL );
 }

-void
-write_status_text ( int no, const char *text)
-{
-    if( !statusfp || !status_currently_allowed (no) )
-	return;  /* Not enabled or allowed. */

-    fputs ( "[GNUPG:] ", statusfp );
-    fputs ( get_status_string (no), statusfp );
-    if( text ) {
-        putc ( ' ', statusfp );
-        for (; *text; text++) {
-            if (*text == '\n')
-                fputs ( "\\n", statusfp );
-            else if (*text == '\r')
-                fputs ( "\\r", statusfp );
-            else 
-                putc ( *(const byte *)text,  statusfp );
+/* Write a status line with code NO followed by the string TEXT and
+   directly followed by the remaining strings up to a NULL. */
+void
+write_status_strings (int no, const char *text, ...)
+{
+  va_list arg_ptr;
+  const char *s;
+
+  if (!statusfp || !status_currently_allowed (no) )
+    return;  /* Not enabled or allowed. */
+
+  fputs ("[GNUPG:] ", statusfp);
+  fputs (get_status_string (no), statusfp);
+  if ( text )
+    {
+      putc ( ' ', statusfp);
+      va_start (arg_ptr, text);
+      s = text;
+      do
+        {
+          for (; *s; s++)
+            {
+              if (*s == '\n')
+                fputs ("\\n", statusfp);
+              else if (*s == '\r')
+                fputs ("\\r", statusfp);
+              else
+                fputc (*(const byte *)s, statusfp);
+            }
        }
+      while ((s = va_arg (arg_ptr, const char*)));
+      va_end (arg_ptr);
    }
-    putc ('\n',statusfp);
-    if ( fflush (statusfp) && opt.exit_on_status_write_error )
-      g10_exit (0);
+  putc ('\n', statusfp);
+  if (fflush (statusfp) && opt.exit_on_status_write_error)
+    g10_exit (0);
+}
+
+
+void
+write_status_text (int no, const char *text)
+{
+  write_status_strings (no, text, NULL);
 }


--- a/g10/encr-data.c
+++ b/g10/encr-data.c
@ -104,6 +104,23 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
    write_status_text (STATUS_DECRYPTION_INFO, buf);
  }

+  if (opt.show_session_key)
+    {
+      char numbuf[25];
+      char *hexbuf;
+
+      snprintf (numbuf, sizeof numbuf, "%d:", dek->algo);
+      hexbuf = bin2hex (dek->key, dek->keylen, NULL);
+      if (!hexbuf)
+        {
+          rc = gpg_error_from_syserror ();
+          goto leave;
+        }
+      log_info ("session key: '%s%s'\n", numbuf, hexbuf);
+      write_status_strings (STATUS_SESSION_KEY, numbuf, hexbuf, NULL);
+      xfree (hexbuf);
+    }
+
  rc = openpgp_cipher_test_algo (dek->algo);
  if (rc)
    goto leave;
--- a/g10/main.h
+++ b/g10/main.h
@ -160,6 +160,8 @@ int  is_status_enabled ( void );
 void write_status ( int no );
 void write_status_error (const char *where, int errcode);
 void write_status_text ( int no, const char *text );
+void write_status_strings (int no, const char *text,
+                           ...) GNUPG_GCC_A_SENTINEL(0);
 void write_status_buffer ( int no,
                           const char *buffer, size_t len, int wrap );
 void write_status_text_and_buffer ( int no, const char *text,
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@ -569,6 +569,7 @@ proc_encrypted( CTX c, PACKET *pkt )
    }
    else if( !c->dek )
 	result = G10ERR_NO_SECKEY;
+
    if( !result )
 	result = decrypt_data( c, pkt->pkt.encrypted, c->dek );

@ -583,16 +584,6 @@ proc_encrypted( CTX c, PACKET *pkt )
 	    write_status( STATUS_GOODMDC );
 	else if(!opt.no_mdc_warn)
 	    log_info (_("WARNING: message was not integrity protected\n"));
-	if(opt.show_session_key)
-	  {
-	    int i;
-	    char *buf = xmalloc ( c->dek->keylen*2 + 20 );
-	    sprintf ( buf, "%d:", c->dek->algo );
-	    for(i=0; i < c->dek->keylen; i++ )
-	      sprintf(buf+strlen(buf), "%02X", c->dek->key[i] );
-	    log_info( "session key: `%s'\n", buf );
-	    write_status_text ( STATUS_SESSION_KEY, buf );
-	  }
    }
    else if( result == G10ERR_BAD_SIGN ) {
 	log_error(_("WARNING: encrypted message has been manipulated!\n"));