sm: Print algorithm infos in data decryption mode.

* common/sexputil.c (cipher_mode_to_string): New. * sm/decrypt.c (prepare_decryption): Show cipher algo and mode. (gpgsm_decrypt): Show key algo and fingerprint Signed-off-by: Werner Koch <wk@gnupg.org>
2020-05-08 15:21:51 +02:00 · 2020-05-08 15:21:51 +02:00 · 439c9b5cb5
parent 34b628db46
commit 439c9b5cb5
3 changed files with 30 additions and 0 deletions
--- a/common/sexputil.c
+++ b/common/sexputil.c
@ -698,3 +698,19 @@ hash_algo_to_string (int algo)
      return hashnames[i].name;
  return "?";
 }
+
+
+/* Map cipher modes to a string.  */
+const char *
+cipher_mode_to_string (int mode)
+{
+  switch (mode)
+    {
+    case GCRY_CIPHER_MODE_CFB: return "CFB";
+    case GCRY_CIPHER_MODE_CBC: return "CBC";
+    case GCRY_CIPHER_MODE_GCM: return "GCM";
+    case GCRY_CIPHER_MODE_OCB: return "OCB";
+    case 14:                   return "EAX";  /* Only in gcrypt 1.9 */
+    default: return "[?]";
+    }
+}
--- a/common/util.h
+++ b/common/util.h
@ -204,6 +204,7 @@ int get_pk_algo_from_canon_sexp (const unsigned char *keydata,
 char *pubkey_algo_string (gcry_sexp_t s_pkey, enum gcry_pk_algos *r_algoid);
 const char *pubkey_algo_to_string (int algo);
 const char *hash_algo_to_string (int algo);
+const char *cipher_mode_to_string (int mode);

 /*-- convert.c --*/
 int hex2bin (const char *string, void *buffer, size_t length);
--- a/sm/decrypt.c
+++ b/sm/decrypt.c
@ -455,6 +455,11 @@ prepare_decryption (ctrl_t ctrl, const char *hexkeygrip,
  if (DBG_CRYPTO)
    log_printhex (seskey+n, seskeylen-n, "CEK .....:");

+  if (opt.verbose)
+    log_info (_("%s.%s encrypted data\n"),
+              gcry_cipher_algo_name (parm->algo),
+              cipher_mode_to_string (parm->mode));
+
  rc = gcry_cipher_open (&parm->hd, parm->algo, parm->mode, 0);
  if (rc)
    {
@ -733,6 +738,8 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp)
              ksba_sexp_t serial;
              ksba_sexp_t enc_val;
              char *hexkeygrip = NULL;
+              char *pkalgostr = NULL;
+              char *pkfpr = NULL;
              char *desc = NULL;
              char kidbuf[16+1];
              int tmp_rc;
@ -819,7 +826,11 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp)
                  hexkeygrip = gpgsm_get_keygrip_hexstring (cert);
                  desc = gpgsm_format_keydesc (cert);

+                  pkfpr = gpgsm_get_fingerprint_hexstring (cert, GCRY_MD_SHA1);
+                  pkalgostr = gpgsm_pubkey_algo_string (cert, NULL);
                  pk_algo = gpgsm_get_key_algo_info (cert, &nbits);
+                  if (!opt.quiet)
+                    log_info (_("encrypted to %s key %s\n"), pkalgostr, pkfpr);

                  /* Check compliance.  */
                  if (!gnupg_pk_is_allowed (opt.compliance,
@ -886,6 +897,8 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp)
                    }
                  audit_log_ok (ctrl->audit, AUDIT_RECP_RESULT, rc);
                }
+              xfree (pkalgostr);
+              xfree (pkfpr);
              xfree (hexkeygrip);
              xfree (desc);
            }