From 6cc4119ec03be61c78189a0bec99372035289b91 Mon Sep 17 00:00:00 2001 From: NIIBE Yutaka Date: Fri, 5 Jul 2019 15:16:08 +0900 Subject: [PATCH] gpg: Return the last error for pubkey decryption. * g10/mainproc.c (proc_encrypted): Check ->result against -1. When c->dek == NULL, put GPG_ERR_NO_SECKEY only when not set. * g10/pubkey-enc.c (get_session_key): Set k->result by the result of get_it. When no secret key is available for some reasons, return the last specific error, if any. GnuPG-bug-id: 4561 Signed-off-by: NIIBE Yutaka --- g10/mainproc.c | 7 +++++-- g10/pubkey-enc.c | 36 ++++++++++++++++++++---------------- 2 files changed, 25 insertions(+), 18 deletions(-) diff --git a/g10/mainproc.c b/g10/mainproc.c index d99ac4386..ba03de660 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -583,7 +583,7 @@ proc_encrypted (CTX c, PACKET *pkt) struct pubkey_enc_list *list; for (list = c->pkenc_list; list; list = list->next) - if (list->result == GPG_ERR_NO_SECKEY) + if (list->result != -1) { char buf[20]; snprintf (buf, sizeof buf, "%08lX%08lX", @@ -668,7 +668,10 @@ proc_encrypted (CTX c, PACKET *pkt) } } else if (!c->dek) - result = GPG_ERR_NO_SECKEY; + { + if (!result) + result = GPG_ERR_NO_SECKEY; + } /* Compute compliance with CO_DE_VS. */ if (!result && is_status_enabled () diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c index f61fa7abe..fb1b17143 100644 --- a/g10/pubkey-enc.c +++ b/g10/pubkey-enc.c @@ -75,25 +75,21 @@ gpg_error_t get_session_key (ctrl_t ctrl, struct pubkey_enc_list *list, DEK *dek) { PKT_public_key *sk = NULL; - int rc; + gpg_error_t err; void *enum_context = NULL; u32 keyid[2]; int search_for_secret_keys = 1; + struct pubkey_enc_list *k; if (DBG_CLOCK) log_clock ("get_session_key enter"); while (search_for_secret_keys) { - struct pubkey_enc_list *k; - sk = xmalloc_clear (sizeof *sk); - rc = enum_secret_keys (ctrl, &enum_context, sk); - if (rc) - { - rc = GPG_ERR_NO_SECKEY; - break; - } + err = enum_secret_keys (ctrl, &enum_context, sk); + if (err) + break; if (!(sk->pubkey_usage & PUBKEY_USAGE_ENC)) continue; @@ -132,8 +128,6 @@ get_session_key (ctrl_t ctrl, struct pubkey_enc_list *list, DEK *dek) if (openpgp_pk_test_algo2 (k->pubkey_algo, PUBKEY_USAGE_ENC)) continue; - k->result = GPG_ERR_NO_SECKEY; - if (sk->pubkey_algo != k->pubkey_algo) continue; @@ -154,16 +148,16 @@ get_session_key (ctrl_t ctrl, struct pubkey_enc_list *list, DEK *dek) else continue; - rc = get_it (ctrl, k, dek, sk, keyid); - if (!rc) + err = get_it (ctrl, k, dek, sk, keyid); + k->result = err; + if (!err) { - k->result = 0; if (!opt.quiet && !k->keyid[0] && !k->keyid[1]) log_info (_("okay, we are the anonymous recipient.\n")); search_for_secret_keys = 0; break; } - else if (gpg_err_code (rc) == GPG_ERR_FULLY_CANCELED) + else if (gpg_err_code (err) == GPG_ERR_FULLY_CANCELED) { search_for_secret_keys = 0; break; /* Don't try any more secret keys. */ @@ -172,9 +166,19 @@ get_session_key (ctrl_t ctrl, struct pubkey_enc_list *list, DEK *dek) } enum_secret_keys (ctrl, &enum_context, NULL); /* free context */ + if (gpg_err_code (err) == GPG_ERR_EOF) + { + err = gpg_error (GPG_ERR_NO_SECKEY); + + /* Return the last specific error, if any. */ + for (k = list; k; k = k->next) + if (k->result != -1) + err = k->result; + } + if (DBG_CLOCK) log_clock ("get_session_key leave"); - return rc; + return err; }